From 31f1e9c17ffae440059e8cc532fa26b92d534f7b Mon Sep 17 00:00:00 2001 From: Stanislav Sedov Date: Thu, 29 Sep 2011 05:23:57 +0000 Subject: - Flatten the vendor heimdal tree. --- crypto/heimdal/ChangeLog | 1356 - crypto/heimdal/ChangeLog.1998 | 3201 -- crypto/heimdal/ChangeLog.1999 | 2194 - crypto/heimdal/ChangeLog.2000 | 1320 - crypto/heimdal/ChangeLog.2001 | 1122 - crypto/heimdal/ChangeLog.2002 | 726 - crypto/heimdal/ChangeLog.2003 | 1795 - crypto/heimdal/ChangeLog.2004 | 1485 - crypto/heimdal/ChangeLog.2005 | 2004 - crypto/heimdal/ChangeLog.2006 | 2047 - crypto/heimdal/LICENSE | 30 - crypto/heimdal/Makefile.am | 50 - crypto/heimdal/Makefile.am.common | 4 - crypto/heimdal/Makefile.in | 982 - crypto/heimdal/NEWS | 802 - crypto/heimdal/README | 19 - crypto/heimdal/acinclude.m4 | 9 - crypto/heimdal/aclocal.m4 | 7102 --- crypto/heimdal/admin/ChangeLog | 70 - crypto/heimdal/admin/Makefile.am | 44 - crypto/heimdal/admin/Makefile.in | 867 - crypto/heimdal/admin/add.c | 157 - crypto/heimdal/admin/change.c | 252 - crypto/heimdal/admin/copy.c | 175 - crypto/heimdal/admin/get.c | 238 - crypto/heimdal/admin/ktutil-commands.in | 266 - crypto/heimdal/admin/ktutil.8 | 196 - crypto/heimdal/admin/ktutil.c | 174 - crypto/heimdal/admin/ktutil_locl.h | 75 - crypto/heimdal/admin/list.c | 157 - crypto/heimdal/admin/purge.c | 172 - crypto/heimdal/admin/remove.c | 93 - crypto/heimdal/admin/rename.c | 111 - crypto/heimdal/appl/Makefile.am | 27 - crypto/heimdal/appl/Makefile.in | 835 - crypto/heimdal/appl/afsutil/ChangeLog | 125 - crypto/heimdal/appl/afsutil/Makefile.am | 22 - crypto/heimdal/appl/afsutil/Makefile.in | 851 - crypto/heimdal/appl/afsutil/afslog.1 | 153 - crypto/heimdal/appl/afsutil/afslog.c | 322 - crypto/heimdal/appl/afsutil/pagsh.1 | 92 - crypto/heimdal/appl/afsutil/pagsh.c | 239 - crypto/heimdal/appl/ftp/ChangeLog | 1022 - crypto/heimdal/appl/ftp/Makefile.am | 5 - crypto/heimdal/appl/ftp/Makefile.in | 815 - crypto/heimdal/appl/ftp/common/Makefile.am | 12 - crypto/heimdal/appl/ftp/common/Makefile.in | 751 - crypto/heimdal/appl/ftp/common/buffer.c | 69 - crypto/heimdal/appl/ftp/common/common.h | 60 - crypto/heimdal/appl/ftp/common/sockbuf.c | 56 - crypto/heimdal/appl/ftp/ftp/Makefile.am | 49 - crypto/heimdal/appl/ftp/ftp/Makefile.in | 869 - crypto/heimdal/appl/ftp/ftp/cmds.c | 2143 - crypto/heimdal/appl/ftp/ftp/cmdtab.c | 217 - crypto/heimdal/appl/ftp/ftp/domacro.c | 148 - crypto/heimdal/appl/ftp/ftp/extern.h | 174 - crypto/heimdal/appl/ftp/ftp/ftp.1 | 1211 - crypto/heimdal/appl/ftp/ftp/ftp.c | 1780 - crypto/heimdal/appl/ftp/ftp/ftp_locl.h | 141 - crypto/heimdal/appl/ftp/ftp/ftp_var.h | 130 - crypto/heimdal/appl/ftp/ftp/globals.c | 79 - crypto/heimdal/appl/ftp/ftp/gssapi.c | 528 - crypto/heimdal/appl/ftp/ftp/kauth.c | 193 - crypto/heimdal/appl/ftp/ftp/krb4.c | 340 - crypto/heimdal/appl/ftp/ftp/main.c | 591 - crypto/heimdal/appl/ftp/ftp/pathnames.h | 44 - crypto/heimdal/appl/ftp/ftp/ruserpass.c | 313 - crypto/heimdal/appl/ftp/ftp/security.c | 883 - crypto/heimdal/appl/ftp/ftp/security.h | 140 - crypto/heimdal/appl/ftp/ftpd/Makefile.am | 59 - crypto/heimdal/appl/ftp/ftpd/Makefile.in | 939 - crypto/heimdal/appl/ftp/ftpd/extern.h | 148 - crypto/heimdal/appl/ftp/ftpd/ftpcmd.c | 3551 -- crypto/heimdal/appl/ftp/ftpd/ftpcmd.y | 1496 - crypto/heimdal/appl/ftp/ftpd/ftpd.8 | 503 - crypto/heimdal/appl/ftp/ftpd/ftpd.c | 2393 - crypto/heimdal/appl/ftp/ftpd/ftpd_locl.h | 175 - crypto/heimdal/appl/ftp/ftpd/ftpusers.5 | 37 - crypto/heimdal/appl/ftp/ftpd/gss_userok.c | 155 - crypto/heimdal/appl/ftp/ftpd/gssapi.c | 528 - crypto/heimdal/appl/ftp/ftpd/kauth.c | 360 - crypto/heimdal/appl/ftp/ftpd/klist.c | 178 - crypto/heimdal/appl/ftp/ftpd/krb4.c | 340 - crypto/heimdal/appl/ftp/ftpd/logwtmp.c | 138 - crypto/heimdal/appl/ftp/ftpd/ls.c | 891 - crypto/heimdal/appl/ftp/ftpd/pathnames.h | 63 - crypto/heimdal/appl/ftp/ftpd/popen.c | 238 - crypto/heimdal/appl/ftp/ftpd/security.c | 883 - crypto/heimdal/appl/gssmask/Makefile.am | 12 - crypto/heimdal/appl/gssmask/Makefile.in | 760 - crypto/heimdal/appl/gssmask/common.c | 97 - crypto/heimdal/appl/gssmask/common.h | 112 - crypto/heimdal/appl/gssmask/gssmaestro.c | 851 - crypto/heimdal/appl/gssmask/gssmask.c | 1092 - crypto/heimdal/appl/gssmask/protocol.h | 286 - crypto/heimdal/appl/kf/Makefile.am | 20 - crypto/heimdal/appl/kf/Makefile.in | 925 - crypto/heimdal/appl/kf/kf.1 | 112 - crypto/heimdal/appl/kf/kf.c | 335 - crypto/heimdal/appl/kf/kf_locl.h | 81 - crypto/heimdal/appl/kf/kfd.8 | 85 - crypto/heimdal/appl/kf/kfd.c | 308 - crypto/heimdal/appl/login/ChangeLog | 355 - crypto/heimdal/appl/login/Makefile.am | 43 - crypto/heimdal/appl/login/Makefile.in | 915 - crypto/heimdal/appl/login/conf.c | 55 - crypto/heimdal/appl/login/env.c | 98 - crypto/heimdal/appl/login/limits_conf.c | 214 - crypto/heimdal/appl/login/login.1 | 253 - crypto/heimdal/appl/login/login.access.5 | 56 - crypto/heimdal/appl/login/login.c | 887 - crypto/heimdal/appl/login/login_access.c | 277 - crypto/heimdal/appl/login/login_locl.h | 150 - crypto/heimdal/appl/login/login_protos.h | 91 - crypto/heimdal/appl/login/loginpaths.h | 52 - crypto/heimdal/appl/login/osfc2.c | 79 - crypto/heimdal/appl/login/read_string.c | 137 - crypto/heimdal/appl/login/shadow.c | 95 - crypto/heimdal/appl/login/stty_default.c | 100 - crypto/heimdal/appl/login/tty.c | 70 - crypto/heimdal/appl/login/utmp_login.c | 162 - crypto/heimdal/appl/login/utmpx_login.c | 105 - crypto/heimdal/appl/push/ChangeLog | 200 - crypto/heimdal/appl/push/Makefile.am | 27 - crypto/heimdal/appl/push/Makefile.in | 915 - crypto/heimdal/appl/push/pfrom.1 | 55 - crypto/heimdal/appl/push/pfrom.in | 6 - crypto/heimdal/appl/push/push.8 | 138 - crypto/heimdal/appl/push/push.c | 844 - crypto/heimdal/appl/push/push_locl.h | 98 - crypto/heimdal/appl/rcp/ChangeLog | 125 - crypto/heimdal/appl/rcp/Makefile.am | 15 - crypto/heimdal/appl/rcp/Makefile.in | 829 - crypto/heimdal/appl/rcp/extern.h | 51 - crypto/heimdal/appl/rcp/rcp.1 | 67 - crypto/heimdal/appl/rcp/rcp.c | 802 - crypto/heimdal/appl/rcp/rcp_locl.h | 67 - crypto/heimdal/appl/rcp/util.c | 172 - crypto/heimdal/appl/rsh/ChangeLog | 549 - crypto/heimdal/appl/rsh/Makefile.am | 29 - crypto/heimdal/appl/rsh/Makefile.in | 936 - crypto/heimdal/appl/rsh/common.c | 180 - crypto/heimdal/appl/rsh/limits_conf.c | 214 - crypto/heimdal/appl/rsh/login_access.c | 277 - crypto/heimdal/appl/rsh/rsh.1 | 295 - crypto/heimdal/appl/rsh/rsh.c | 1124 - crypto/heimdal/appl/rsh/rsh_locl.h | 169 - crypto/heimdal/appl/rsh/rshd.8 | 162 - crypto/heimdal/appl/rsh/rshd.c | 1063 - crypto/heimdal/appl/su/ChangeLog | 123 - crypto/heimdal/appl/su/Makefile.am | 19 - crypto/heimdal/appl/su/Makefile.in | 841 - crypto/heimdal/appl/su/su.1 | 123 - crypto/heimdal/appl/su/su.c | 622 - crypto/heimdal/appl/su/supaths.h | 51 - crypto/heimdal/appl/telnet/ChangeLog | 804 - crypto/heimdal/appl/telnet/Makefile.am | 11 - crypto/heimdal/appl/telnet/Makefile.in | 820 - crypto/heimdal/appl/telnet/README.ORIG | 743 - crypto/heimdal/appl/telnet/arpa/telnet.h | 323 - crypto/heimdal/appl/telnet/libtelnet/Makefile.am | 24 - crypto/heimdal/appl/telnet/libtelnet/Makefile.in | 764 - crypto/heimdal/appl/telnet/libtelnet/auth-proto.h | 124 - crypto/heimdal/appl/telnet/libtelnet/auth.c | 660 - crypto/heimdal/appl/telnet/libtelnet/auth.h | 81 - crypto/heimdal/appl/telnet/libtelnet/enc-proto.h | 133 - crypto/heimdal/appl/telnet/libtelnet/enc_des.c | 674 - crypto/heimdal/appl/telnet/libtelnet/encrypt.c | 1002 - crypto/heimdal/appl/telnet/libtelnet/encrypt.h | 103 - crypto/heimdal/appl/telnet/libtelnet/genget.c | 103 - crypto/heimdal/appl/telnet/libtelnet/kerberos.c | 723 - crypto/heimdal/appl/telnet/libtelnet/kerberos5.c | 895 - crypto/heimdal/appl/telnet/libtelnet/krb4encpwd.c | 436 - crypto/heimdal/appl/telnet/libtelnet/misc-proto.h | 79 - crypto/heimdal/appl/telnet/libtelnet/misc.c | 95 - crypto/heimdal/appl/telnet/libtelnet/misc.h | 42 - crypto/heimdal/appl/telnet/libtelnet/rsaencpwd.c | 487 - crypto/heimdal/appl/telnet/libtelnet/spx.c | 586 - crypto/heimdal/appl/telnet/telnet.state | 80 - crypto/heimdal/appl/telnet/telnet/Makefile.am | 25 - crypto/heimdal/appl/telnet/telnet/Makefile.in | 845 - crypto/heimdal/appl/telnet/telnet/authenc.c | 99 - crypto/heimdal/appl/telnet/telnet/commands.c | 2696 - crypto/heimdal/appl/telnet/telnet/defines.h | 60 - crypto/heimdal/appl/telnet/telnet/externs.h | 444 - crypto/heimdal/appl/telnet/telnet/main.c | 370 - crypto/heimdal/appl/telnet/telnet/network.c | 173 - crypto/heimdal/appl/telnet/telnet/ring.c | 321 - crypto/heimdal/appl/telnet/telnet/ring.h | 99 - crypto/heimdal/appl/telnet/telnet/sys_bsd.c | 979 - crypto/heimdal/appl/telnet/telnet/telnet.1 | 1369 - crypto/heimdal/appl/telnet/telnet/telnet.c | 2420 - crypto/heimdal/appl/telnet/telnet/telnet_locl.h | 181 - crypto/heimdal/appl/telnet/telnet/terminal.c | 221 - crypto/heimdal/appl/telnet/telnet/types.h | 52 - crypto/heimdal/appl/telnet/telnet/utilities.c | 864 - crypto/heimdal/appl/telnet/telnetd/Makefile.am | 28 - crypto/heimdal/appl/telnet/telnetd/Makefile.in | 850 - crypto/heimdal/appl/telnet/telnetd/authenc.c | 80 - crypto/heimdal/appl/telnet/telnetd/defs.h | 190 - crypto/heimdal/appl/telnet/telnetd/ext.h | 208 - crypto/heimdal/appl/telnet/telnetd/global.c | 107 - crypto/heimdal/appl/telnet/telnetd/slc.c | 57 - crypto/heimdal/appl/telnet/telnetd/state.c | 1360 - crypto/heimdal/appl/telnet/telnetd/sys_term.c | 1899 - crypto/heimdal/appl/telnet/telnetd/telnetd.8 | 536 - crypto/heimdal/appl/telnet/telnetd/telnetd.c | 1401 - crypto/heimdal/appl/telnet/telnetd/telnetd.h | 251 - crypto/heimdal/appl/telnet/telnetd/termstat.c | 138 - crypto/heimdal/appl/telnet/telnetd/utility.c | 1163 - crypto/heimdal/appl/test/Makefile.am | 42 - crypto/heimdal/appl/test/Makefile.in | 856 - crypto/heimdal/appl/test/common.c | 174 - crypto/heimdal/appl/test/gss_common.c | 152 - crypto/heimdal/appl/test/gss_common.h | 49 - crypto/heimdal/appl/test/gssapi_client.c | 248 - crypto/heimdal/appl/test/gssapi_server.c | 334 - crypto/heimdal/appl/test/http_client.c | 504 - crypto/heimdal/appl/test/nt_gss_client.c | 167 - crypto/heimdal/appl/test/nt_gss_common.c | 131 - crypto/heimdal/appl/test/nt_gss_common.h | 45 - crypto/heimdal/appl/test/nt_gss_server.c | 247 - crypto/heimdal/appl/test/tcp_client.c | 132 - crypto/heimdal/appl/test/tcp_server.c | 168 - crypto/heimdal/appl/test/test_locl.h | 88 - crypto/heimdal/appl/test/uu_client.c | 193 - crypto/heimdal/appl/test/uu_server.c | 210 - crypto/heimdal/autogen.sh | 5 - crypto/heimdal/cf/ChangeLog | 1232 - crypto/heimdal/cf/Makefile.am.common | 249 - crypto/heimdal/cf/aix.m4 | 57 - crypto/heimdal/cf/auth-modules.m4 | 45 - crypto/heimdal/cf/autobuild.m4 | 34 - crypto/heimdal/cf/broken-getaddrinfo.m4 | 26 - crypto/heimdal/cf/broken-getnameinfo.m4 | 28 - crypto/heimdal/cf/broken-glob.m4 | 29 - crypto/heimdal/cf/broken-realloc.m4 | 25 - crypto/heimdal/cf/broken-snprintf.m4 | 63 - crypto/heimdal/cf/broken.m4 | 12 - crypto/heimdal/cf/broken2.m4 | 25 - crypto/heimdal/cf/c-attribute.m4 | 28 - crypto/heimdal/cf/c-function.m4 | 33 - crypto/heimdal/cf/capabilities.m4 | 14 - crypto/heimdal/cf/check-compile-et.m4 | 109 - crypto/heimdal/cf/check-declaration.m4 | 25 - crypto/heimdal/cf/check-getpwnam_r-posix.m4 | 25 - crypto/heimdal/cf/check-man.m4 | 58 - crypto/heimdal/cf/check-netinet-ip-and-tcp.m4 | 33 - crypto/heimdal/cf/check-type-extra.m4 | 23 - crypto/heimdal/cf/check-var.m4 | 27 - crypto/heimdal/cf/check-x.m4 | 53 - crypto/heimdal/cf/check-xau.m4 | 64 - crypto/heimdal/cf/crypto.m4 | 177 - crypto/heimdal/cf/db.m4 | 211 - crypto/heimdal/cf/destdirs.m4 | 18 - crypto/heimdal/cf/dlopen.m4 | 11 - crypto/heimdal/cf/find-func-no-libs.m4 | 9 - crypto/heimdal/cf/find-func-no-libs2.m4 | 63 - crypto/heimdal/cf/find-func.m4 | 9 - crypto/heimdal/cf/find-if-not-broken.m4 | 12 - crypto/heimdal/cf/framework-security.m4 | 31 - crypto/heimdal/cf/have-pragma-weak.m4 | 37 - crypto/heimdal/cf/have-struct-field.m4 | 21 - crypto/heimdal/cf/have-type.m4 | 30 - crypto/heimdal/cf/have-types.m4 | 12 - crypto/heimdal/cf/install-catman.sh | 72 - crypto/heimdal/cf/irix.m4 | 26 - crypto/heimdal/cf/krb-bigendian.m4 | 62 - crypto/heimdal/cf/krb-func-getcwd-broken.m4 | 41 - crypto/heimdal/cf/krb-func-getlogin.m4 | 22 - crypto/heimdal/cf/krb-ipv6.m4 | 149 - crypto/heimdal/cf/krb-prog-ln-s.m4 | 28 - crypto/heimdal/cf/krb-prog-ranlib.m4 | 8 - crypto/heimdal/cf/krb-prog-yacc.m4 | 12 - crypto/heimdal/cf/krb-readline.m4 | 39 - crypto/heimdal/cf/krb-struct-spwd.m4 | 21 - crypto/heimdal/cf/krb-struct-winsize.m4 | 25 - crypto/heimdal/cf/krb-sys-aix.m4 | 15 - crypto/heimdal/cf/krb-sys-nextstep.m4 | 18 - crypto/heimdal/cf/krb-version.m4 | 24 - crypto/heimdal/cf/largefile.m4 | 16 - crypto/heimdal/cf/make-proto.pl | 337 - crypto/heimdal/cf/mips-abi.m4 | 87 - crypto/heimdal/cf/misc.m4 | 15 - crypto/heimdal/cf/need-proto.m4 | 22 - crypto/heimdal/cf/osfc2.m4 | 14 - crypto/heimdal/cf/otp.m4 | 27 - crypto/heimdal/cf/proto-compat.m4 | 21 - crypto/heimdal/cf/pthreads.m4 | 75 - crypto/heimdal/cf/resolv.m4 | 109 - crypto/heimdal/cf/retsigtype.m4 | 18 - crypto/heimdal/cf/roken-frag.m4 | 655 - crypto/heimdal/cf/roken.m4 | 64 - crypto/heimdal/cf/socket-wrapper.m4 | 16 - crypto/heimdal/cf/sunos.m4 | 25 - crypto/heimdal/cf/telnet.m4 | 78 - crypto/heimdal/cf/test-package.m4 | 133 - crypto/heimdal/cf/valgrind-suppressions | 84 - crypto/heimdal/cf/vararray.m4 | 16 - crypto/heimdal/cf/version-script.m4 | 40 - crypto/heimdal/cf/wflags.m4 | 28 - crypto/heimdal/cf/win32.m4 | 12 - crypto/heimdal/cf/with-all.m4 | 42 - crypto/heimdal/compile | 142 - crypto/heimdal/config.guess | 1500 - crypto/heimdal/config.sub | 1616 - crypto/heimdal/configure | 54327 ------------------- crypto/heimdal/configure.in | 543 - crypto/heimdal/doc/Makefile.am | 85 - crypto/heimdal/doc/Makefile.in | 982 - crypto/heimdal/doc/ack.texi | 72 - crypto/heimdal/doc/apps.texi | 244 - crypto/heimdal/doc/doxytmpl.dxy | 257 - crypto/heimdal/doc/hcrypto.din | 15 - crypto/heimdal/doc/heimdal.css | 53 - crypto/heimdal/doc/heimdal.texi | 370 - crypto/heimdal/doc/hx509.din | 15 - crypto/heimdal/doc/hx509.texi | 633 - crypto/heimdal/doc/init-creds | 374 - crypto/heimdal/doc/install.texi | 107 - crypto/heimdal/doc/intro.texi | 99 - crypto/heimdal/doc/kerberos4.texi | 226 - crypto/heimdal/doc/krb5.din | 16 - crypto/heimdal/doc/latin1.tex | 95 - crypto/heimdal/doc/layman.asc | 1855 - crypto/heimdal/doc/mdate-sh | 92 - crypto/heimdal/doc/migration.texi | 43 - crypto/heimdal/doc/misc.texi | 58 - crypto/heimdal/doc/ntlm.din | 15 - crypto/heimdal/doc/programming.texi | 642 - crypto/heimdal/doc/setup.texi | 1455 - crypto/heimdal/doc/vars.texi | 7 - crypto/heimdal/doc/vars.tin | 7 - crypto/heimdal/doc/whatis.texi | 161 - crypto/heimdal/doc/win2k.texi | 306 - crypto/heimdal/etc/Makefile.am | 5 - crypto/heimdal/etc/Makefile.in | 658 - crypto/heimdal/etc/services.append | 29 - crypto/heimdal/include/Makefile.am | 87 - crypto/heimdal/include/Makefile.in | 996 - crypto/heimdal/include/bits.c | 240 - crypto/heimdal/include/config.h.in | 1472 - crypto/heimdal/include/gssapi/Makefile.am | 6 - crypto/heimdal/include/gssapi/Makefile.in | 659 - crypto/heimdal/include/hcrypto/Makefile.am | 23 - crypto/heimdal/include/hcrypto/Makefile.in | 678 - crypto/heimdal/include/kadm5/Makefile.am | 5 - crypto/heimdal/include/kadm5/Makefile.in | 659 - crypto/heimdal/include/make_crypto.c | 111 - crypto/heimdal/install-sh | 507 - crypto/heimdal/kadmin/ChangeLog | 1044 - crypto/heimdal/kadmin/Makefile.am | 94 - crypto/heimdal/kadmin/Makefile.in | 1069 - crypto/heimdal/kadmin/add-random-users.c | 185 - crypto/heimdal/kadmin/add_enctype.c | 164 - crypto/heimdal/kadmin/ank.c | 266 - crypto/heimdal/kadmin/check.c | 238 - crypto/heimdal/kadmin/cpw.c | 184 - crypto/heimdal/kadmin/del.c | 57 - crypto/heimdal/kadmin/del_enctype.c | 123 - crypto/heimdal/kadmin/dump.c | 79 - crypto/heimdal/kadmin/ext.c | 139 - crypto/heimdal/kadmin/get.c | 498 - crypto/heimdal/kadmin/init.c | 248 - crypto/heimdal/kadmin/kadm_conn.c | 284 - crypto/heimdal/kadmin/kadmin-commands.in | 420 - crypto/heimdal/kadmin/kadmin.8 | 414 - crypto/heimdal/kadmin/kadmin.c | 284 - crypto/heimdal/kadmin/kadmin_locl.h | 157 - crypto/heimdal/kadmin/kadmind.8 | 178 - crypto/heimdal/kadmin/kadmind.c | 187 - crypto/heimdal/kadmin/load.c | 569 - crypto/heimdal/kadmin/mod.c | 261 - crypto/heimdal/kadmin/pw_quality.c | 62 - crypto/heimdal/kadmin/random_password.c | 163 - crypto/heimdal/kadmin/rename.c | 63 - crypto/heimdal/kadmin/server.c | 577 - crypto/heimdal/kadmin/stash.c | 140 - crypto/heimdal/kadmin/test_util.c | 92 - crypto/heimdal/kadmin/util.c | 664 - crypto/heimdal/kadmin/version4.c | 1016 - crypto/heimdal/kcm/Makefile.am | 44 - crypto/heimdal/kcm/Makefile.in | 868 - crypto/heimdal/kcm/acl.c | 180 - crypto/heimdal/kcm/acquire.c | 531 - crypto/heimdal/kcm/cache.c | 636 - crypto/heimdal/kcm/client.c | 185 - crypto/heimdal/kcm/config.c | 390 - crypto/heimdal/kcm/connect.c | 688 - crypto/heimdal/kcm/cursor.c | 151 - crypto/heimdal/kcm/events.c | 440 - crypto/heimdal/kcm/glue.c | 279 - crypto/heimdal/kcm/headers.h | 89 - crypto/heimdal/kcm/kcm.8 | 224 - crypto/heimdal/kcm/kcm_locl.h | 173 - crypto/heimdal/kcm/kcm_protos.h | 288 - crypto/heimdal/kcm/log.c | 85 - crypto/heimdal/kcm/main.c | 107 - crypto/heimdal/kcm/protocol.c | 1046 - crypto/heimdal/kcm/renew.c | 124 - crypto/heimdal/kdc/524.c | 400 - crypto/heimdal/kdc/Makefile.am | 122 - crypto/heimdal/kdc/Makefile.in | 1151 - crypto/heimdal/kdc/config.c | 322 - crypto/heimdal/kdc/connect.c | 900 - crypto/heimdal/kdc/default_config.c | 285 - crypto/heimdal/kdc/digest.c | 1456 - crypto/heimdal/kdc/headers.h | 109 - crypto/heimdal/kdc/hprop.8 | 190 - crypto/heimdal/kdc/hprop.c | 807 - crypto/heimdal/kdc/hprop.h | 75 - crypto/heimdal/kdc/hpropd.8 | 107 - crypto/heimdal/kdc/hpropd.c | 271 - crypto/heimdal/kdc/kadb.h | 84 - crypto/heimdal/kdc/kaserver.c | 951 - crypto/heimdal/kdc/kdc-private.h | 286 - crypto/heimdal/kdc/kdc-protos.h | 92 - crypto/heimdal/kdc/kdc-replay.c | 197 - crypto/heimdal/kdc/kdc.8 | 262 - crypto/heimdal/kdc/kdc.h | 96 - crypto/heimdal/kdc/kdc_locl.h | 72 - crypto/heimdal/kdc/kerberos4.c | 805 - crypto/heimdal/kdc/kerberos5.c | 1852 - crypto/heimdal/kdc/krb5tgs.c | 1914 - crypto/heimdal/kdc/kstash.8 | 104 - crypto/heimdal/kdc/kstash.c | 165 - crypto/heimdal/kdc/kx509.c | 460 - crypto/heimdal/kdc/log.c | 93 - crypto/heimdal/kdc/main.c | 99 - crypto/heimdal/kdc/misc.c | 122 - crypto/heimdal/kdc/mit_dump.c | 373 - crypto/heimdal/kdc/pkinit.c | 1673 - crypto/heimdal/kdc/process.c | 219 - crypto/heimdal/kdc/rx.h | 79 - crypto/heimdal/kdc/set_dbinfo.c | 100 - crypto/heimdal/kdc/string2key.8 | 110 - crypto/heimdal/kdc/string2key.c | 201 - crypto/heimdal/kdc/v4_dump.c | 143 - crypto/heimdal/kdc/version-script.map | 18 - crypto/heimdal/kdc/windc.c | 109 - crypto/heimdal/kdc/windc_plugin.h | 82 - crypto/heimdal/kpasswd/Makefile.am | 33 - crypto/heimdal/kpasswd/Makefile.in | 956 - crypto/heimdal/kpasswd/kpasswd-generator.c | 202 - crypto/heimdal/kpasswd/kpasswd.1 | 68 - crypto/heimdal/kpasswd/kpasswd.c | 247 - crypto/heimdal/kpasswd/kpasswd_locl.h | 104 - crypto/heimdal/kpasswd/kpasswdd.8 | 96 - crypto/heimdal/kpasswd/kpasswdd.c | 859 - crypto/heimdal/krb5.conf | 26 - crypto/heimdal/kuser/Makefile.am | 64 - crypto/heimdal/kuser/Makefile.in | 1002 - crypto/heimdal/kuser/copy_cred_cache.1 | 97 - crypto/heimdal/kuser/copy_cred_cache.c | 215 - crypto/heimdal/kuser/generate-requests.c | 161 - crypto/heimdal/kuser/kauth_options.c | 40 - crypto/heimdal/kuser/kdecode_ticket.c | 162 - crypto/heimdal/kuser/kdestroy.1 | 71 - crypto/heimdal/kuser/kdestroy.c | 150 - crypto/heimdal/kuser/kdigest-commands.in | 280 - crypto/heimdal/kuser/kdigest.c | 551 - crypto/heimdal/kuser/kgetcred.1 | 91 - crypto/heimdal/kuser/kgetcred.c | 228 - crypto/heimdal/kuser/kimpersonate.1 | 152 - crypto/heimdal/kuser/kimpersonate.c | 330 - crypto/heimdal/kuser/kinit.1 | 291 - crypto/heimdal/kuser/kinit.c | 852 - crypto/heimdal/kuser/kinit_options.c | 40 - crypto/heimdal/kuser/klist.1 | 154 - crypto/heimdal/kuser/klist.c | 639 - crypto/heimdal/kuser/kuser_locl.h | 87 - crypto/heimdal/kuser/kverify.c | 128 - crypto/heimdal/lib/45/45_locl.h | 52 - crypto/heimdal/lib/45/Makefile.am | 11 - crypto/heimdal/lib/45/Makefile.in | 787 - crypto/heimdal/lib/45/get_ad_tkt.c | 116 - crypto/heimdal/lib/45/mk_req.c | 139 - crypto/heimdal/lib/Makefile.am | 22 - crypto/heimdal/lib/Makefile.in | 823 - crypto/heimdal/lib/asn1/CMS.asn1 | 157 - crypto/heimdal/lib/asn1/ChangeLog | 1649 - crypto/heimdal/lib/asn1/Makefile.am | 610 - crypto/heimdal/lib/asn1/Makefile.in | 1801 - crypto/heimdal/lib/asn1/asn1-common.h | 66 - crypto/heimdal/lib/asn1/asn1_err.et | 25 - crypto/heimdal/lib/asn1/asn1_gen.c | 187 - crypto/heimdal/lib/asn1/asn1_print.c | 304 - crypto/heimdal/lib/asn1/asn1_queue.h | 167 - crypto/heimdal/lib/asn1/canthandle.asn1 | 34 - crypto/heimdal/lib/asn1/check-common.c | 376 - crypto/heimdal/lib/asn1/check-common.h | 70 - crypto/heimdal/lib/asn1/check-der.c | 1089 - crypto/heimdal/lib/asn1/check-gen.c | 955 - crypto/heimdal/lib/asn1/check-timegm.c | 72 - crypto/heimdal/lib/asn1/der-protos.h | 567 - crypto/heimdal/lib/asn1/der.c | 142 - crypto/heimdal/lib/asn1/der.h | 103 - crypto/heimdal/lib/asn1/der_cmp.c | 102 - crypto/heimdal/lib/asn1/der_copy.c | 145 - crypto/heimdal/lib/asn1/der_format.c | 170 - crypto/heimdal/lib/asn1/der_free.c | 119 - crypto/heimdal/lib/asn1/der_get.c | 546 - crypto/heimdal/lib/asn1/der_length.c | 232 - crypto/heimdal/lib/asn1/der_locl.h | 60 - crypto/heimdal/lib/asn1/der_put.c | 483 - crypto/heimdal/lib/asn1/digest.asn1 | 164 - crypto/heimdal/lib/asn1/extra.c | 155 - crypto/heimdal/lib/asn1/gen.c | 797 - crypto/heimdal/lib/asn1/gen.h | 38 - crypto/heimdal/lib/asn1/gen_copy.c | 249 - crypto/heimdal/lib/asn1/gen_decode.c | 720 - crypto/heimdal/lib/asn1/gen_encode.c | 557 - crypto/heimdal/lib/asn1/gen_free.c | 194 - crypto/heimdal/lib/asn1/gen_glue.c | 140 - crypto/heimdal/lib/asn1/gen_length.c | 283 - crypto/heimdal/lib/asn1/gen_locl.h | 89 - crypto/heimdal/lib/asn1/gen_seq.c | 119 - crypto/heimdal/lib/asn1/hash.c | 206 - crypto/heimdal/lib/asn1/hash.h | 87 - crypto/heimdal/lib/asn1/heim_asn1.h | 52 - crypto/heimdal/lib/asn1/k5.asn1 | 659 - crypto/heimdal/lib/asn1/kx509.asn1 | 20 - crypto/heimdal/lib/asn1/lex.c | 2693 - crypto/heimdal/lib/asn1/lex.h | 42 - crypto/heimdal/lib/asn1/lex.l | 300 - crypto/heimdal/lib/asn1/main.c | 133 - crypto/heimdal/lib/asn1/parse.c | 2831 - crypto/heimdal/lib/asn1/parse.h | 249 - crypto/heimdal/lib/asn1/parse.y | 1015 - crypto/heimdal/lib/asn1/pkcs12.asn1 | 81 - crypto/heimdal/lib/asn1/pkcs8.asn1 | 30 - crypto/heimdal/lib/asn1/pkcs9.asn1 | 28 - crypto/heimdal/lib/asn1/pkinit.asn1 | 182 - crypto/heimdal/lib/asn1/rfc2459.asn1 | 506 - crypto/heimdal/lib/asn1/setchgpw2.asn1 | 193 - crypto/heimdal/lib/asn1/symbol.c | 110 - crypto/heimdal/lib/asn1/symbol.h | 161 - crypto/heimdal/lib/asn1/test.asn1 | 95 - crypto/heimdal/lib/asn1/test.gen | 14 - crypto/heimdal/lib/asn1/timegm.c | 86 - crypto/heimdal/lib/asn1/x509.asn1 | 23 - crypto/heimdal/lib/auth/ChangeLog | 206 - crypto/heimdal/lib/auth/Makefile.am | 6 - crypto/heimdal/lib/auth/Makefile.in | 815 - crypto/heimdal/lib/auth/afskauthlib/Makefile.am | 51 - crypto/heimdal/lib/auth/afskauthlib/Makefile.in | 723 - crypto/heimdal/lib/auth/afskauthlib/verify.c | 307 - crypto/heimdal/lib/auth/pam/Makefile.am | 69 - crypto/heimdal/lib/auth/pam/Makefile.in | 733 - crypto/heimdal/lib/auth/pam/pam.c | 443 - crypto/heimdal/lib/auth/pam/pam.conf.add | 97 - crypto/heimdal/lib/auth/sia/Makefile.am | 116 - crypto/heimdal/lib/auth/sia/Makefile.in | 778 - crypto/heimdal/lib/auth/sia/krb4+c2_matrix.conf | 58 - crypto/heimdal/lib/auth/sia/krb4_matrix.conf | 59 - crypto/heimdal/lib/auth/sia/krb5+c2_matrix.conf | 27 - crypto/heimdal/lib/auth/sia/krb5_matrix.conf | 27 - crypto/heimdal/lib/auth/sia/make-rpath | 34 - crypto/heimdal/lib/auth/sia/posix_getpw.c | 78 - crypto/heimdal/lib/auth/sia/security.patch | 11 - crypto/heimdal/lib/auth/sia/sia.c | 703 - crypto/heimdal/lib/auth/sia/sia_locl.h | 93 - crypto/heimdal/lib/com_err/ChangeLog | 235 - crypto/heimdal/lib/com_err/Makefile.am | 39 - crypto/heimdal/lib/com_err/Makefile.in | 910 - crypto/heimdal/lib/com_err/com_err.c | 172 - crypto/heimdal/lib/com_err/com_err.h | 66 - crypto/heimdal/lib/com_err/com_right.h | 58 - crypto/heimdal/lib/com_err/compile_et.c | 236 - crypto/heimdal/lib/com_err/compile_et.h | 80 - crypto/heimdal/lib/com_err/error.c | 91 - crypto/heimdal/lib/com_err/lex.c | 1896 - crypto/heimdal/lib/com_err/lex.h | 39 - crypto/heimdal/lib/com_err/lex.l | 128 - crypto/heimdal/lib/com_err/parse.c | 1716 - crypto/heimdal/lib/com_err/parse.h | 81 - crypto/heimdal/lib/com_err/parse.y | 173 - crypto/heimdal/lib/com_err/roken_rename.h | 62 - crypto/heimdal/lib/com_err/version-script.map | 18 - crypto/heimdal/lib/gssapi/8003.c | 251 - crypto/heimdal/lib/gssapi/ChangeLog | 2863 - crypto/heimdal/lib/gssapi/Makefile.am | 313 - crypto/heimdal/lib/gssapi/Makefile.in | 1960 - crypto/heimdal/lib/gssapi/accept_sec_context.c | 445 - crypto/heimdal/lib/gssapi/acquire_cred.c | 309 - crypto/heimdal/lib/gssapi/add_cred.c | 234 - crypto/heimdal/lib/gssapi/add_oid_set_member.c | 69 - crypto/heimdal/lib/gssapi/address_to_krb5addr.c | 76 - crypto/heimdal/lib/gssapi/arcfour.c | 623 - crypto/heimdal/lib/gssapi/arcfour.h | 98 - crypto/heimdal/lib/gssapi/canonicalize_name.c | 46 - crypto/heimdal/lib/gssapi/compare_name.c | 51 - crypto/heimdal/lib/gssapi/compat.c | 113 - crypto/heimdal/lib/gssapi/context_time.c | 85 - crypto/heimdal/lib/gssapi/copy_ccache.c | 58 - crypto/heimdal/lib/gssapi/create_emtpy_oid_set.c | 52 - crypto/heimdal/lib/gssapi/decapsulate.c | 184 - crypto/heimdal/lib/gssapi/delete_sec_context.c | 69 - crypto/heimdal/lib/gssapi/display_name.c | 73 - crypto/heimdal/lib/gssapi/display_status.c | 187 - crypto/heimdal/lib/gssapi/duplicate_name.c | 59 - crypto/heimdal/lib/gssapi/encapsulate.c | 122 - crypto/heimdal/lib/gssapi/export_name.c | 94 - crypto/heimdal/lib/gssapi/export_sec_context.c | 223 - crypto/heimdal/lib/gssapi/external.c | 235 - crypto/heimdal/lib/gssapi/get_mic.c | 295 - crypto/heimdal/lib/gssapi/gss-commands.in | 46 - crypto/heimdal/lib/gssapi/gss.c | 205 - crypto/heimdal/lib/gssapi/gss_acquire_cred.3 | 688 - crypto/heimdal/lib/gssapi/gssapi.3 | 177 - crypto/heimdal/lib/gssapi/gssapi.h | 41 - crypto/heimdal/lib/gssapi/gssapi/gssapi.h | 809 - crypto/heimdal/lib/gssapi/gssapi/gssapi_krb5.h | 220 - crypto/heimdal/lib/gssapi/gssapi/gssapi_spnego.h | 58 - crypto/heimdal/lib/gssapi/gssapi_locl.h | 179 - crypto/heimdal/lib/gssapi/gssapi_mech.h | 359 - crypto/heimdal/lib/gssapi/import_name.c | 229 - crypto/heimdal/lib/gssapi/import_sec_context.c | 212 - crypto/heimdal/lib/gssapi/indicate_mechs.c | 55 - crypto/heimdal/lib/gssapi/init.c | 44 - crypto/heimdal/lib/gssapi/init_sec_context.c | 578 - crypto/heimdal/lib/gssapi/inquire_context.c | 85 - crypto/heimdal/lib/gssapi/inquire_cred.c | 97 - crypto/heimdal/lib/gssapi/inquire_cred_by_mech.c | 80 - crypto/heimdal/lib/gssapi/inquire_mechs_for_name.c | 57 - crypto/heimdal/lib/gssapi/inquire_names_for_mech.c | 80 - crypto/heimdal/lib/gssapi/krb5/8003.c | 248 - .../heimdal/lib/gssapi/krb5/accept_sec_context.c | 801 - crypto/heimdal/lib/gssapi/krb5/acquire_cred.c | 398 - crypto/heimdal/lib/gssapi/krb5/add_cred.c | 252 - .../heimdal/lib/gssapi/krb5/address_to_krb5addr.c | 77 - crypto/heimdal/lib/gssapi/krb5/arcfour.c | 760 - crypto/heimdal/lib/gssapi/krb5/canonicalize_name.c | 46 - crypto/heimdal/lib/gssapi/krb5/ccache_name.c | 79 - crypto/heimdal/lib/gssapi/krb5/cfx.c | 878 - crypto/heimdal/lib/gssapi/krb5/cfx.h | 65 - crypto/heimdal/lib/gssapi/krb5/compare_name.c | 55 - crypto/heimdal/lib/gssapi/krb5/compat.c | 128 - crypto/heimdal/lib/gssapi/krb5/context_time.c | 95 - crypto/heimdal/lib/gssapi/krb5/copy_ccache.c | 195 - crypto/heimdal/lib/gssapi/krb5/decapsulate.c | 209 - .../heimdal/lib/gssapi/krb5/delete_sec_context.c | 81 - crypto/heimdal/lib/gssapi/krb5/display_name.c | 74 - crypto/heimdal/lib/gssapi/krb5/display_status.c | 200 - crypto/heimdal/lib/gssapi/krb5/duplicate_name.c | 59 - crypto/heimdal/lib/gssapi/krb5/encapsulate.c | 155 - crypto/heimdal/lib/gssapi/krb5/export_name.c | 94 - .../heimdal/lib/gssapi/krb5/export_sec_context.c | 240 - crypto/heimdal/lib/gssapi/krb5/external.c | 425 - crypto/heimdal/lib/gssapi/krb5/get_mic.c | 317 - crypto/heimdal/lib/gssapi/krb5/gkrb5_err.et | 31 - crypto/heimdal/lib/gssapi/krb5/gsskrb5-private.h | 703 - crypto/heimdal/lib/gssapi/krb5/gsskrb5_locl.h | 134 - crypto/heimdal/lib/gssapi/krb5/import_name.c | 225 - .../heimdal/lib/gssapi/krb5/import_sec_context.c | 229 - crypto/heimdal/lib/gssapi/krb5/indicate_mechs.c | 57 - crypto/heimdal/lib/gssapi/krb5/init.c | 83 - crypto/heimdal/lib/gssapi/krb5/init_sec_context.c | 811 - crypto/heimdal/lib/gssapi/krb5/inquire_context.c | 112 - crypto/heimdal/lib/gssapi/krb5/inquire_cred.c | 182 - .../heimdal/lib/gssapi/krb5/inquire_cred_by_mech.c | 76 - .../heimdal/lib/gssapi/krb5/inquire_cred_by_oid.c | 83 - .../lib/gssapi/krb5/inquire_mechs_for_name.c | 57 - .../lib/gssapi/krb5/inquire_names_for_mech.c | 80 - .../lib/gssapi/krb5/inquire_sec_context_by_oid.c | 557 - crypto/heimdal/lib/gssapi/krb5/prf.c | 143 - .../lib/gssapi/krb5/process_context_token.c | 70 - crypto/heimdal/lib/gssapi/krb5/release_buffer.c | 48 - crypto/heimdal/lib/gssapi/krb5/release_cred.c | 80 - crypto/heimdal/lib/gssapi/krb5/release_name.c | 55 - crypto/heimdal/lib/gssapi/krb5/sequence.c | 294 - crypto/heimdal/lib/gssapi/krb5/set_cred_option.c | 229 - .../lib/gssapi/krb5/set_sec_context_option.c | 192 - crypto/heimdal/lib/gssapi/krb5/test_cfx.c | 159 - crypto/heimdal/lib/gssapi/krb5/ticket_flags.c | 60 - crypto/heimdal/lib/gssapi/krb5/unwrap.c | 413 - crypto/heimdal/lib/gssapi/krb5/v1.c | 104 - crypto/heimdal/lib/gssapi/krb5/verify_mic.c | 344 - crypto/heimdal/lib/gssapi/krb5/wrap.c | 551 - .../heimdal/lib/gssapi/ntlm/accept_sec_context.c | 257 - crypto/heimdal/lib/gssapi/ntlm/acquire_cred.c | 94 - crypto/heimdal/lib/gssapi/ntlm/add_cred.c | 62 - crypto/heimdal/lib/gssapi/ntlm/canonicalize_name.c | 46 - crypto/heimdal/lib/gssapi/ntlm/compare_name.c | 47 - crypto/heimdal/lib/gssapi/ntlm/context_time.c | 47 - crypto/heimdal/lib/gssapi/ntlm/crypto.c | 595 - .../heimdal/lib/gssapi/ntlm/delete_sec_context.c | 65 - crypto/heimdal/lib/gssapi/ntlm/digest.c | 435 - crypto/heimdal/lib/gssapi/ntlm/display_name.c | 72 - crypto/heimdal/lib/gssapi/ntlm/display_status.c | 55 - crypto/heimdal/lib/gssapi/ntlm/duplicate_name.c | 49 - crypto/heimdal/lib/gssapi/ntlm/export_name.c | 51 - .../heimdal/lib/gssapi/ntlm/export_sec_context.c | 52 - crypto/heimdal/lib/gssapi/ntlm/external.c | 82 - crypto/heimdal/lib/gssapi/ntlm/import_name.c | 102 - .../heimdal/lib/gssapi/ntlm/import_sec_context.c | 50 - crypto/heimdal/lib/gssapi/ntlm/indicate_mechs.c | 48 - crypto/heimdal/lib/gssapi/ntlm/init_sec_context.c | 508 - crypto/heimdal/lib/gssapi/ntlm/inquire_context.c | 69 - crypto/heimdal/lib/gssapi/ntlm/inquire_cred.c | 78 - .../heimdal/lib/gssapi/ntlm/inquire_cred_by_mech.c | 59 - .../lib/gssapi/ntlm/inquire_mechs_for_name.c | 49 - .../lib/gssapi/ntlm/inquire_names_for_mech.c | 53 - crypto/heimdal/lib/gssapi/ntlm/ntlm-private.h | 264 - crypto/heimdal/lib/gssapi/ntlm/ntlm.h | 139 - .../lib/gssapi/ntlm/process_context_token.c | 46 - crypto/heimdal/lib/gssapi/ntlm/release_cred.c | 65 - crypto/heimdal/lib/gssapi/ntlm/release_name.c | 53 - crypto/heimdal/lib/gssapi/process_context_token.c | 65 - crypto/heimdal/lib/gssapi/release_buffer.c | 48 - crypto/heimdal/lib/gssapi/release_cred.c | 68 - crypto/heimdal/lib/gssapi/release_name.c | 50 - crypto/heimdal/lib/gssapi/release_oid_set.c | 49 - .../heimdal/lib/gssapi/spnego/accept_sec_context.c | 1024 - crypto/heimdal/lib/gssapi/spnego/compat.c | 322 - crypto/heimdal/lib/gssapi/spnego/context_stubs.c | 903 - crypto/heimdal/lib/gssapi/spnego/cred_stubs.c | 336 - crypto/heimdal/lib/gssapi/spnego/external.c | 89 - .../heimdal/lib/gssapi/spnego/init_sec_context.c | 663 - crypto/heimdal/lib/gssapi/spnego/spnego-private.h | 330 - crypto/heimdal/lib/gssapi/spnego/spnego.asn1 | 63 - crypto/heimdal/lib/gssapi/spnego/spnego_locl.h | 115 - crypto/heimdal/lib/gssapi/test_acquire_cred.c | 253 - crypto/heimdal/lib/gssapi/test_common.c | 74 - crypto/heimdal/lib/gssapi/test_common.h | 36 - crypto/heimdal/lib/gssapi/test_context.c | 542 - crypto/heimdal/lib/gssapi/test_cred.c | 229 - crypto/heimdal/lib/gssapi/test_kcred.c | 186 - crypto/heimdal/lib/gssapi/test_names.c | 233 - crypto/heimdal/lib/gssapi/test_ntlm.c | 339 - crypto/heimdal/lib/gssapi/test_oid.c | 71 - crypto/heimdal/lib/gssapi/test_oid_set_member.c | 55 - crypto/heimdal/lib/gssapi/unwrap.c | 422 - crypto/heimdal/lib/gssapi/v1.c | 104 - crypto/heimdal/lib/gssapi/verify_mic.c | 322 - crypto/heimdal/lib/gssapi/version-script.map | 97 - crypto/heimdal/lib/gssapi/wrap.c | 454 - crypto/heimdal/lib/hdb/Makefile.am | 115 - crypto/heimdal/lib/hdb/Makefile.in | 1060 - crypto/heimdal/lib/hdb/common.c | 283 - crypto/heimdal/lib/hdb/convert_db.c | 213 - crypto/heimdal/lib/hdb/db.c | 337 - crypto/heimdal/lib/hdb/db3.c | 358 - crypto/heimdal/lib/hdb/dbinfo.c | 266 - crypto/heimdal/lib/hdb/ext.c | 418 - crypto/heimdal/lib/hdb/hdb-ldap.c | 1829 - crypto/heimdal/lib/hdb/hdb-private.h | 54 - crypto/heimdal/lib/hdb/hdb-protos.h | 400 - crypto/heimdal/lib/hdb/hdb.asn1 | 127 - crypto/heimdal/lib/hdb/hdb.c | 412 - crypto/heimdal/lib/hdb/hdb.h | 144 - crypto/heimdal/lib/hdb/hdb.schema | 139 - crypto/heimdal/lib/hdb/hdb_err.et | 28 - crypto/heimdal/lib/hdb/hdb_locl.h | 70 - crypto/heimdal/lib/hdb/keys.c | 398 - crypto/heimdal/lib/hdb/keytab.c | 272 - crypto/heimdal/lib/hdb/mkey.c | 603 - crypto/heimdal/lib/hdb/ndbm.c | 370 - crypto/heimdal/lib/hdb/print.c | 294 - crypto/heimdal/lib/hdb/test_dbinfo.c | 91 - crypto/heimdal/lib/hx509/ChangeLog | 2641 - crypto/heimdal/lib/hx509/Makefile.am | 388 - crypto/heimdal/lib/hx509/Makefile.in | 1530 - crypto/heimdal/lib/hx509/ca.c | 1518 - crypto/heimdal/lib/hx509/cert.c | 3108 -- crypto/heimdal/lib/hx509/cms.c | 1426 - crypto/heimdal/lib/hx509/collector.c | 329 - crypto/heimdal/lib/hx509/crmf.asn1 | 113 - crypto/heimdal/lib/hx509/crypto.c | 2706 - .../heimdal/lib/hx509/data/bleichenbacher-bad.pem | 12 - .../heimdal/lib/hx509/data/bleichenbacher-good.pem | 12 - .../hx509/data/bleichenbacher-sf-pad-correct.pem | 16 - crypto/heimdal/lib/hx509/data/ca.crt | 15 - crypto/heimdal/lib/hx509/data/ca.key | 15 - crypto/heimdal/lib/hx509/data/crl1.crl | 8 - crypto/heimdal/lib/hx509/data/crl1.der | Bin 264 -> 0 bytes crypto/heimdal/lib/hx509/data/gen-req.sh | 316 - crypto/heimdal/lib/hx509/data/j.pem | 26 - crypto/heimdal/lib/hx509/data/kdc.crt | 59 - crypto/heimdal/lib/hx509/data/kdc.key | 15 - crypto/heimdal/lib/hx509/data/key.der | Bin 609 -> 0 bytes crypto/heimdal/lib/hx509/data/key2.der | Bin 610 -> 0 bytes crypto/heimdal/lib/hx509/data/nist-data | 91 - crypto/heimdal/lib/hx509/data/nist-data2 | 291 - crypto/heimdal/lib/hx509/data/no-proxy-test.crt | 13 - crypto/heimdal/lib/hx509/data/no-proxy-test.key | 15 - crypto/heimdal/lib/hx509/data/ocsp-req1.der | Bin 105 -> 0 bytes crypto/heimdal/lib/hx509/data/ocsp-req2.der | Bin 105 -> 0 bytes crypto/heimdal/lib/hx509/data/ocsp-resp1-2.der | Bin 999 -> 0 bytes crypto/heimdal/lib/hx509/data/ocsp-resp1-3.der | Bin 363 -> 0 bytes crypto/heimdal/lib/hx509/data/ocsp-resp1-ca.der | Bin 999 -> 0 bytes .../heimdal/lib/hx509/data/ocsp-resp1-keyhash.der | Bin 900 -> 0 bytes .../lib/hx509/data/ocsp-resp1-ocsp-no-cert.der | Bin 363 -> 0 bytes crypto/heimdal/lib/hx509/data/ocsp-resp1-ocsp.der | Bin 918 -> 0 bytes crypto/heimdal/lib/hx509/data/ocsp-resp1.der | Bin 918 -> 0 bytes crypto/heimdal/lib/hx509/data/ocsp-resp2.der | Bin 935 -> 0 bytes crypto/heimdal/lib/hx509/data/ocsp-responder.crt | 56 - crypto/heimdal/lib/hx509/data/ocsp-responder.key | 15 - crypto/heimdal/lib/hx509/data/openssl.cnf | 182 - .../heimdal/lib/hx509/data/pkinit-proxy-chain.crt | 70 - crypto/heimdal/lib/hx509/data/pkinit-proxy.crt | 14 - crypto/heimdal/lib/hx509/data/pkinit-proxy.key | 15 - crypto/heimdal/lib/hx509/data/pkinit-pw.key | 18 - crypto/heimdal/lib/hx509/data/pkinit.crt | 56 - crypto/heimdal/lib/hx509/data/pkinit.key | 15 - crypto/heimdal/lib/hx509/data/proxy-level-test.crt | 15 - crypto/heimdal/lib/hx509/data/proxy-level-test.key | 15 - crypto/heimdal/lib/hx509/data/proxy-test.crt | 14 - crypto/heimdal/lib/hx509/data/proxy-test.key | 15 - .../lib/hx509/data/proxy10-child-child-test.crt | 16 - .../lib/hx509/data/proxy10-child-child-test.key | 15 - .../heimdal/lib/hx509/data/proxy10-child-test.crt | 15 - .../heimdal/lib/hx509/data/proxy10-child-test.key | 15 - crypto/heimdal/lib/hx509/data/proxy10-test.crt | 14 - crypto/heimdal/lib/hx509/data/proxy10-test.key | 15 - crypto/heimdal/lib/hx509/data/revoke.crt | 53 - crypto/heimdal/lib/hx509/data/revoke.key | 15 - crypto/heimdal/lib/hx509/data/sf-class2-root.pem | 24 - crypto/heimdal/lib/hx509/data/static-file | 84 - crypto/heimdal/lib/hx509/data/sub-ca.crt | 60 - crypto/heimdal/lib/hx509/data/sub-ca.key | 15 - crypto/heimdal/lib/hx509/data/sub-cert.crt | 53 - crypto/heimdal/lib/hx509/data/sub-cert.key | 15 - crypto/heimdal/lib/hx509/data/sub-cert.p12 | Bin 3008 -> 0 bytes crypto/heimdal/lib/hx509/data/test-ds-only.crt | 53 - crypto/heimdal/lib/hx509/data/test-ds-only.key | 15 - .../heimdal/lib/hx509/data/test-enveloped-aes-128 | Bin 3160 -> 0 bytes .../heimdal/lib/hx509/data/test-enveloped-aes-256 | Bin 3160 -> 0 bytes crypto/heimdal/lib/hx509/data/test-enveloped-des | Bin 3140 -> 0 bytes .../heimdal/lib/hx509/data/test-enveloped-des-ede3 | Bin 3143 -> 0 bytes .../heimdal/lib/hx509/data/test-enveloped-rc2-128 | Bin 3148 -> 0 bytes .../heimdal/lib/hx509/data/test-enveloped-rc2-40 | Bin 3149 -> 0 bytes .../heimdal/lib/hx509/data/test-enveloped-rc2-64 | Bin 3148 -> 0 bytes crypto/heimdal/lib/hx509/data/test-ke-only.crt | 53 - crypto/heimdal/lib/hx509/data/test-ke-only.key | 15 - crypto/heimdal/lib/hx509/data/test-nopw.p12 | Bin 2223 -> 0 bytes crypto/heimdal/lib/hx509/data/test-pw.key | 18 - crypto/heimdal/lib/hx509/data/test-signed-data | Bin 3838 -> 0 bytes .../heimdal/lib/hx509/data/test-signed-data-noattr | Bin 3656 -> 0 bytes .../lib/hx509/data/test-signed-data-noattr-nocerts | Bin 3142 -> 0 bytes crypto/heimdal/lib/hx509/data/test.combined.crt | 68 - crypto/heimdal/lib/hx509/data/test.crt | 53 - crypto/heimdal/lib/hx509/data/test.key | 15 - crypto/heimdal/lib/hx509/data/test.p12 | Bin 2320 -> 0 bytes .../lib/hx509/data/yutaka-pad-broken-ca.pem | 16 - .../lib/hx509/data/yutaka-pad-broken-cert.pem | 18 - crypto/heimdal/lib/hx509/data/yutaka-pad-ok-ca.pem | 16 - .../heimdal/lib/hx509/data/yutaka-pad-ok-cert.pem | 18 - crypto/heimdal/lib/hx509/data/yutaka-pad.key | 15 - crypto/heimdal/lib/hx509/doxygen.c | 85 - crypto/heimdal/lib/hx509/env.c | 161 - crypto/heimdal/lib/hx509/error.c | 223 - crypto/heimdal/lib/hx509/file.c | 376 - crypto/heimdal/lib/hx509/hx509-private.h | 529 - crypto/heimdal/lib/hx509/hx509-protos.h | 1049 - crypto/heimdal/lib/hx509/hx509.h | 148 - crypto/heimdal/lib/hx509/hx509_err.et | 101 - crypto/heimdal/lib/hx509/hx_locl.h | 199 - crypto/heimdal/lib/hx509/hxtool-commands.in | 707 - crypto/heimdal/lib/hx509/hxtool.c | 1986 - crypto/heimdal/lib/hx509/keyset.c | 677 - crypto/heimdal/lib/hx509/ks_dir.c | 223 - crypto/heimdal/lib/hx509/ks_file.c | 643 - crypto/heimdal/lib/hx509/ks_keychain.c | 548 - crypto/heimdal/lib/hx509/ks_mem.c | 224 - crypto/heimdal/lib/hx509/ks_null.c | 98 - crypto/heimdal/lib/hx509/ks_p11.c | 1192 - crypto/heimdal/lib/hx509/ks_p12.c | 704 - crypto/heimdal/lib/hx509/lock.c | 248 - crypto/heimdal/lib/hx509/name.c | 918 - crypto/heimdal/lib/hx509/ocsp.asn1 | 113 - crypto/heimdal/lib/hx509/peer.c | 202 - crypto/heimdal/lib/hx509/pkcs10.asn1 | 25 - crypto/heimdal/lib/hx509/print.c | 990 - crypto/heimdal/lib/hx509/ref/pkcs11.h | 1357 - crypto/heimdal/lib/hx509/req.c | 325 - crypto/heimdal/lib/hx509/revoke.c | 1525 - crypto/heimdal/lib/hx509/softp11.c | 1740 - crypto/heimdal/lib/hx509/test_ca.in | 424 - crypto/heimdal/lib/hx509/test_cert.in | 69 - crypto/heimdal/lib/hx509/test_chain.in | 242 - crypto/heimdal/lib/hx509/test_cms.in | 377 - crypto/heimdal/lib/hx509/test_crypto.in | 187 - crypto/heimdal/lib/hx509/test_java_pkcs11.in | 73 - crypto/heimdal/lib/hx509/test_name.c | 132 - crypto/heimdal/lib/hx509/test_nist.in | 116 - crypto/heimdal/lib/hx509/test_nist2.in | 118 - crypto/heimdal/lib/hx509/test_nist_cert.in | 68 - crypto/heimdal/lib/hx509/test_nist_pkcs12.in | 77 - crypto/heimdal/lib/hx509/test_pkcs11.in | 62 - crypto/heimdal/lib/hx509/test_query.in | 146 - crypto/heimdal/lib/hx509/test_req.in | 63 - crypto/heimdal/lib/hx509/test_soft_pkcs11.c | 228 - crypto/heimdal/lib/hx509/test_windows.in | 89 - crypto/heimdal/lib/hx509/tst-crypto-available1 | 13 - crypto/heimdal/lib/hx509/tst-crypto-available2 | 4 - crypto/heimdal/lib/hx509/tst-crypto-available3 | 6 - crypto/heimdal/lib/hx509/tst-crypto-select | 1 - crypto/heimdal/lib/hx509/tst-crypto-select1 | 1 - crypto/heimdal/lib/hx509/tst-crypto-select2 | 1 - crypto/heimdal/lib/hx509/tst-crypto-select3 | 1 - crypto/heimdal/lib/hx509/tst-crypto-select4 | 1 - crypto/heimdal/lib/hx509/tst-crypto-select5 | 1 - crypto/heimdal/lib/hx509/tst-crypto-select6 | 1 - crypto/heimdal/lib/hx509/tst-crypto-select7 | 1 - crypto/heimdal/lib/hx509/version-script.map | 227 - crypto/heimdal/lib/kadm5/ChangeLog | 1383 - crypto/heimdal/lib/kadm5/Makefile.am | 192 - crypto/heimdal/lib/kadm5/Makefile.in | 1293 - crypto/heimdal/lib/kadm5/acl.c | 216 - crypto/heimdal/lib/kadm5/ad.c | 1449 - crypto/heimdal/lib/kadm5/admin.h | 258 - crypto/heimdal/lib/kadm5/bump_pw_expire.c | 59 - crypto/heimdal/lib/kadm5/check-cracklib.pl | 106 - crypto/heimdal/lib/kadm5/chpass_c.c | 124 - crypto/heimdal/lib/kadm5/chpass_s.c | 192 - crypto/heimdal/lib/kadm5/client_glue.c | 150 - crypto/heimdal/lib/kadm5/common_glue.c | 134 - crypto/heimdal/lib/kadm5/context_s.c | 174 - crypto/heimdal/lib/kadm5/create_c.c | 81 - crypto/heimdal/lib/kadm5/create_s.c | 193 - crypto/heimdal/lib/kadm5/default_keys.c | 120 - crypto/heimdal/lib/kadm5/delete_c.c | 77 - crypto/heimdal/lib/kadm5/delete_s.c | 75 - crypto/heimdal/lib/kadm5/destroy_c.c | 55 - crypto/heimdal/lib/kadm5/destroy_s.c | 81 - crypto/heimdal/lib/kadm5/dump_log.c | 273 - crypto/heimdal/lib/kadm5/ent_setup.c | 206 - crypto/heimdal/lib/kadm5/error.c | 48 - crypto/heimdal/lib/kadm5/flush.c | 48 - crypto/heimdal/lib/kadm5/flush_c.c | 41 - crypto/heimdal/lib/kadm5/flush_s.c | 41 - crypto/heimdal/lib/kadm5/free.c | 91 - crypto/heimdal/lib/kadm5/get_c.c | 84 - crypto/heimdal/lib/kadm5/get_princs_c.c | 90 - crypto/heimdal/lib/kadm5/get_princs_s.c | 113 - crypto/heimdal/lib/kadm5/get_s.c | 284 - crypto/heimdal/lib/kadm5/init_c.c | 783 - crypto/heimdal/lib/kadm5/init_s.c | 238 - crypto/heimdal/lib/kadm5/iprop-commands.in | 130 - crypto/heimdal/lib/kadm5/iprop-log.8 | 170 - crypto/heimdal/lib/kadm5/iprop-log.c | 486 - crypto/heimdal/lib/kadm5/iprop.8 | 223 - crypto/heimdal/lib/kadm5/iprop.h | 70 - crypto/heimdal/lib/kadm5/ipropd_common.c | 69 - crypto/heimdal/lib/kadm5/ipropd_master.c | 937 - crypto/heimdal/lib/kadm5/ipropd_slave.c | 632 - crypto/heimdal/lib/kadm5/kadm5-private.h | 503 - crypto/heimdal/lib/kadm5/kadm5-protos.h | 244 - crypto/heimdal/lib/kadm5/kadm5-pwcheck.h | 73 - crypto/heimdal/lib/kadm5/kadm5_err.et | 59 - crypto/heimdal/lib/kadm5/kadm5_locl.h | 85 - crypto/heimdal/lib/kadm5/kadm5_pwcheck.3 | 146 - crypto/heimdal/lib/kadm5/keys.c | 100 - crypto/heimdal/lib/kadm5/log.c | 982 - crypto/heimdal/lib/kadm5/marshall.c | 336 - crypto/heimdal/lib/kadm5/modify_c.c | 81 - crypto/heimdal/lib/kadm5/modify_s.c | 98 - crypto/heimdal/lib/kadm5/password_quality.c | 512 - crypto/heimdal/lib/kadm5/private.h | 144 - crypto/heimdal/lib/kadm5/privs_c.c | 82 - crypto/heimdal/lib/kadm5/privs_s.c | 44 - crypto/heimdal/lib/kadm5/randkey_c.c | 97 - crypto/heimdal/lib/kadm5/randkey_s.c | 107 - crypto/heimdal/lib/kadm5/rename_c.c | 77 - crypto/heimdal/lib/kadm5/rename_s.c | 110 - crypto/heimdal/lib/kadm5/replay_log.c | 129 - crypto/heimdal/lib/kadm5/sample_passwd_check.c | 87 - crypto/heimdal/lib/kadm5/send_recv.c | 101 - crypto/heimdal/lib/kadm5/server_glue.c | 150 - crypto/heimdal/lib/kadm5/set_keys.c | 273 - crypto/heimdal/lib/kadm5/set_modifier.c | 54 - crypto/heimdal/lib/kadm5/test_pw_quality.c | 95 - crypto/heimdal/lib/kadm5/truncate_log.c | 89 - crypto/heimdal/lib/kadm5/version-script.map | 66 - crypto/heimdal/lib/kafs/ChangeLog | 562 - crypto/heimdal/lib/kafs/Makefile.am | 107 - crypto/heimdal/lib/kafs/Makefile.in | 956 - crypto/heimdal/lib/kafs/README.dlfcn | 246 - crypto/heimdal/lib/kafs/afskrb.c | 217 - crypto/heimdal/lib/kafs/afskrb5.c | 338 - crypto/heimdal/lib/kafs/afsl.exp | 6 - crypto/heimdal/lib/kafs/afslib.c | 55 - crypto/heimdal/lib/kafs/afslib.exp | 3 - crypto/heimdal/lib/kafs/afssys.c | 562 - crypto/heimdal/lib/kafs/afssysdefs.h | 113 - crypto/heimdal/lib/kafs/common.c | 492 - crypto/heimdal/lib/kafs/dlfcn.c | 581 - crypto/heimdal/lib/kafs/dlfcn.h | 46 - crypto/heimdal/lib/kafs/kafs.3 | 284 - crypto/heimdal/lib/kafs/kafs.h | 213 - crypto/heimdal/lib/kafs/kafs_locl.h | 160 - crypto/heimdal/lib/kafs/roken_rename.h | 64 - crypto/heimdal/lib/krb5/Makefile.am | 298 - crypto/heimdal/lib/krb5/Makefile.in | 2021 - crypto/heimdal/lib/krb5/acache.c | 961 - crypto/heimdal/lib/krb5/acl.c | 293 - crypto/heimdal/lib/krb5/add_et_list.c | 50 - crypto/heimdal/lib/krb5/addr_families.c | 1463 - crypto/heimdal/lib/krb5/aes-test.c | 778 - crypto/heimdal/lib/krb5/aname_to_localname.c | 92 - crypto/heimdal/lib/krb5/appdefault.c | 142 - crypto/heimdal/lib/krb5/asn1_glue.c | 64 - crypto/heimdal/lib/krb5/auth_context.c | 519 - crypto/heimdal/lib/krb5/build_ap_req.c | 76 - crypto/heimdal/lib/krb5/build_auth.c | 202 - crypto/heimdal/lib/krb5/cache.c | 1073 - crypto/heimdal/lib/krb5/changepw.c | 823 - crypto/heimdal/lib/krb5/codec.c | 196 - crypto/heimdal/lib/krb5/config_file.c | 771 - crypto/heimdal/lib/krb5/config_file_netinfo.c | 180 - crypto/heimdal/lib/krb5/constants.c | 43 - crypto/heimdal/lib/krb5/context.c | 1033 - crypto/heimdal/lib/krb5/convert_creds.c | 204 - crypto/heimdal/lib/krb5/copy_host_realm.c | 78 - crypto/heimdal/lib/krb5/crc.c | 71 - crypto/heimdal/lib/krb5/creds.c | 269 - crypto/heimdal/lib/krb5/crypto.c | 4192 -- crypto/heimdal/lib/krb5/data.c | 224 - crypto/heimdal/lib/krb5/derived-key-test.c | 123 - crypto/heimdal/lib/krb5/digest.c | 1199 - crypto/heimdal/lib/krb5/doxygen.c | 67 - crypto/heimdal/lib/krb5/dump_config.c | 71 - crypto/heimdal/lib/krb5/eai_to_heim_errno.c | 114 - crypto/heimdal/lib/krb5/error_string.c | 155 - crypto/heimdal/lib/krb5/expand_hostname.c | 160 - crypto/heimdal/lib/krb5/fcache.c | 881 - crypto/heimdal/lib/krb5/free.c | 53 - crypto/heimdal/lib/krb5/free_host_realm.c | 54 - crypto/heimdal/lib/krb5/generate_seq_number.c | 62 - crypto/heimdal/lib/krb5/generate_subkey.c | 72 - crypto/heimdal/lib/krb5/get_addrs.c | 291 - crypto/heimdal/lib/krb5/get_cred.c | 1277 - crypto/heimdal/lib/krb5/get_default_principal.c | 115 - crypto/heimdal/lib/krb5/get_default_realm.c | 84 - crypto/heimdal/lib/krb5/get_for_creds.c | 460 - crypto/heimdal/lib/krb5/get_host_realm.c | 257 - crypto/heimdal/lib/krb5/get_in_tkt.c | 834 - crypto/heimdal/lib/krb5/get_in_tkt_pw.c | 90 - crypto/heimdal/lib/krb5/get_in_tkt_with_keytab.c | 99 - crypto/heimdal/lib/krb5/get_in_tkt_with_skey.c | 82 - crypto/heimdal/lib/krb5/get_port.c | 54 - crypto/heimdal/lib/krb5/heim_err.et | 44 - crypto/heimdal/lib/krb5/heim_threads.h | 175 - crypto/heimdal/lib/krb5/init_creds.c | 442 - crypto/heimdal/lib/krb5/init_creds_pw.c | 1658 - crypto/heimdal/lib/krb5/k524_err.et | 20 - crypto/heimdal/lib/krb5/kcm.c | 1122 - crypto/heimdal/lib/krb5/kcm.h | 69 - crypto/heimdal/lib/krb5/kerberos.8 | 107 - crypto/heimdal/lib/krb5/keyblock.c | 133 - crypto/heimdal/lib/krb5/keytab.c | 528 - crypto/heimdal/lib/krb5/keytab_any.c | 255 - crypto/heimdal/lib/krb5/keytab_file.c | 696 - crypto/heimdal/lib/krb5/keytab_keyfile.c | 420 - crypto/heimdal/lib/krb5/keytab_krb4.c | 448 - crypto/heimdal/lib/krb5/keytab_memory.c | 234 - crypto/heimdal/lib/krb5/krb5-private.h | 447 - crypto/heimdal/lib/krb5/krb5-protos.h | 4114 -- crypto/heimdal/lib/krb5/krb5-v4compat.h | 132 - crypto/heimdal/lib/krb5/krb5.3 | 526 - crypto/heimdal/lib/krb5/krb5.conf.5 | 530 - crypto/heimdal/lib/krb5/krb5.h | 780 - crypto/heimdal/lib/krb5/krb5.moduli | 3 - crypto/heimdal/lib/krb5/krb524_convert_creds_kdc.3 | 86 - crypto/heimdal/lib/krb5/krb5_425_conv_principal.3 | 224 - crypto/heimdal/lib/krb5/krb5_acl_match_file.3 | 111 - crypto/heimdal/lib/krb5/krb5_address.3 | 359 - crypto/heimdal/lib/krb5/krb5_aname_to_localname.3 | 80 - crypto/heimdal/lib/krb5/krb5_appdefault.3 | 88 - crypto/heimdal/lib/krb5/krb5_auth_context.3 | 395 - crypto/heimdal/lib/krb5/krb5_build_principal.3 | 101 - crypto/heimdal/lib/krb5/krb5_c_make_checksum.3 | 297 - crypto/heimdal/lib/krb5/krb5_ccache.3 | 517 - crypto/heimdal/lib/krb5/krb5_ccapi.h | 230 - crypto/heimdal/lib/krb5/krb5_check_transited.3 | 106 - crypto/heimdal/lib/krb5/krb5_compare_creds.3 | 104 - crypto/heimdal/lib/krb5/krb5_config.3 | 307 - crypto/heimdal/lib/krb5/krb5_context.3 | 56 - crypto/heimdal/lib/krb5/krb5_create_checksum.3 | 226 - crypto/heimdal/lib/krb5/krb5_creds.3 | 119 - crypto/heimdal/lib/krb5/krb5_crypto_init.3 | 67 - crypto/heimdal/lib/krb5/krb5_data.3 | 159 - crypto/heimdal/lib/krb5/krb5_digest.3 | 260 - crypto/heimdal/lib/krb5/krb5_eai_to_heim_errno.3 | 68 - crypto/heimdal/lib/krb5/krb5_encrypt.3 | 278 - crypto/heimdal/lib/krb5/krb5_err.et | 266 - crypto/heimdal/lib/krb5/krb5_expand_hostname.3 | 93 - crypto/heimdal/lib/krb5/krb5_find_padata.3 | 87 - crypto/heimdal/lib/krb5/krb5_free_addresses.3 | 53 - crypto/heimdal/lib/krb5/krb5_free_principal.3 | 58 - .../heimdal/lib/krb5/krb5_generate_random_block.3 | 57 - .../heimdal/lib/krb5/krb5_get_all_client_addrs.3 | 74 - crypto/heimdal/lib/krb5/krb5_get_credentials.3 | 208 - crypto/heimdal/lib/krb5/krb5_get_creds.3 | 173 - crypto/heimdal/lib/krb5/krb5_get_forwarded_creds.3 | 79 - crypto/heimdal/lib/krb5/krb5_get_in_cred.3 | 274 - crypto/heimdal/lib/krb5/krb5_get_init_creds.3 | 398 - crypto/heimdal/lib/krb5/krb5_get_krbhst.3 | 86 - crypto/heimdal/lib/krb5/krb5_getportbyname.3 | 67 - crypto/heimdal/lib/krb5/krb5_init_context.3 | 308 - crypto/heimdal/lib/krb5/krb5_is_thread_safe.3 | 58 - crypto/heimdal/lib/krb5/krb5_keyblock.3 | 218 - crypto/heimdal/lib/krb5/krb5_keytab.3 | 482 - crypto/heimdal/lib/krb5/krb5_krbhst_init.3 | 174 - crypto/heimdal/lib/krb5/krb5_kuserok.3 | 103 - crypto/heimdal/lib/krb5/krb5_locl.h | 267 - crypto/heimdal/lib/krb5/krb5_mk_req.3 | 187 - crypto/heimdal/lib/krb5/krb5_mk_safe.3 | 82 - crypto/heimdal/lib/krb5/krb5_openlog.3 | 242 - crypto/heimdal/lib/krb5/krb5_parse_name.3 | 68 - crypto/heimdal/lib/krb5/krb5_principal.3 | 384 - crypto/heimdal/lib/krb5/krb5_principal_get_realm.3 | 81 - crypto/heimdal/lib/krb5/krb5_rcache.3 | 163 - crypto/heimdal/lib/krb5/krb5_rd_error.3 | 98 - crypto/heimdal/lib/krb5/krb5_rd_safe.3 | 81 - crypto/heimdal/lib/krb5/krb5_set_default_realm.3 | 164 - crypto/heimdal/lib/krb5/krb5_set_password.3 | 143 - crypto/heimdal/lib/krb5/krb5_sname_to_principal.3 | 85 - crypto/heimdal/lib/krb5/krb5_storage.3 | 427 - crypto/heimdal/lib/krb5/krb5_string_to_key.3 | 156 - crypto/heimdal/lib/krb5/krb5_ticket.3 | 137 - crypto/heimdal/lib/krb5/krb5_timeofday.3 | 118 - crypto/heimdal/lib/krb5/krb5_unparse_name.3 | 62 - crypto/heimdal/lib/krb5/krb5_verify_init_creds.3 | 103 - crypto/heimdal/lib/krb5/krb5_verify_user.3 | 241 - crypto/heimdal/lib/krb5/krb5_warn.3 | 233 - crypto/heimdal/lib/krb5/krb_err.et | 63 - crypto/heimdal/lib/krb5/krbhst-test.c | 104 - crypto/heimdal/lib/krb5/krbhst.c | 1010 - crypto/heimdal/lib/krb5/kuserok.c | 262 - crypto/heimdal/lib/krb5/locate_plugin.h | 64 - crypto/heimdal/lib/krb5/log.c | 471 - crypto/heimdal/lib/krb5/mcache.c | 477 - crypto/heimdal/lib/krb5/misc.c | 86 - crypto/heimdal/lib/krb5/mit_glue.c | 369 - crypto/heimdal/lib/krb5/mk_error.c | 92 - crypto/heimdal/lib/krb5/mk_priv.c | 155 - crypto/heimdal/lib/krb5/mk_rep.c | 126 - crypto/heimdal/lib/krb5/mk_req.c | 116 - crypto/heimdal/lib/krb5/mk_req_ext.c | 165 - crypto/heimdal/lib/krb5/mk_safe.c | 141 - crypto/heimdal/lib/krb5/n-fold-test.c | 121 - crypto/heimdal/lib/krb5/n-fold.c | 137 - crypto/heimdal/lib/krb5/name-45-test.c | 294 - crypto/heimdal/lib/krb5/net_read.c | 47 - crypto/heimdal/lib/krb5/net_write.c | 105 - crypto/heimdal/lib/krb5/pac.c | 1041 - crypto/heimdal/lib/krb5/padata.c | 66 - crypto/heimdal/lib/krb5/parse-name-test.c | 194 - crypto/heimdal/lib/krb5/pkinit.c | 2070 - crypto/heimdal/lib/krb5/plugin.c | 264 - crypto/heimdal/lib/krb5/principal.c | 1254 - crypto/heimdal/lib/krb5/prog_setup.c | 66 - crypto/heimdal/lib/krb5/prompter_posix.c | 74 - crypto/heimdal/lib/krb5/rd_cred.c | 340 - crypto/heimdal/lib/krb5/rd_error.c | 123 - crypto/heimdal/lib/krb5/rd_priv.c | 185 - crypto/heimdal/lib/krb5/rd_rep.c | 124 - crypto/heimdal/lib/krb5/rd_req.c | 892 - crypto/heimdal/lib/krb5/rd_safe.c | 213 - crypto/heimdal/lib/krb5/read_message.c | 106 - crypto/heimdal/lib/krb5/recvauth.c | 211 - crypto/heimdal/lib/krb5/replay.c | 312 - crypto/heimdal/lib/krb5/send_to_kdc.c | 604 - crypto/heimdal/lib/krb5/sendauth.c | 233 - crypto/heimdal/lib/krb5/set_default_realm.c | 90 - crypto/heimdal/lib/krb5/sock_principal.c | 70 - crypto/heimdal/lib/krb5/store-int.h | 47 - crypto/heimdal/lib/krb5/store-test.c | 118 - crypto/heimdal/lib/krb5/store.c | 1035 - crypto/heimdal/lib/krb5/store_emem.c | 143 - crypto/heimdal/lib/krb5/store_fd.c | 98 - crypto/heimdal/lib/krb5/store_mem.c | 150 - crypto/heimdal/lib/krb5/string-to-key-test.c | 140 - crypto/heimdal/lib/krb5/test_acl.c | 113 - crypto/heimdal/lib/krb5/test_addr.c | 202 - crypto/heimdal/lib/krb5/test_alname.c | 156 - crypto/heimdal/lib/krb5/test_cc.c | 532 - crypto/heimdal/lib/krb5/test_config.c | 124 - crypto/heimdal/lib/krb5/test_crypto.c | 215 - crypto/heimdal/lib/krb5/test_crypto_wrapping.c | 164 - crypto/heimdal/lib/krb5/test_forward.c | 136 - crypto/heimdal/lib/krb5/test_get_addrs.c | 116 - crypto/heimdal/lib/krb5/test_hostname.c | 152 - crypto/heimdal/lib/krb5/test_keytab.c | 191 - crypto/heimdal/lib/krb5/test_kuserok.c | 106 - crypto/heimdal/lib/krb5/test_mem.c | 73 - crypto/heimdal/lib/krb5/test_pac.c | 295 - crypto/heimdal/lib/krb5/test_pkinit_dh2key.c | 218 - crypto/heimdal/lib/krb5/test_plugin.c | 126 - crypto/heimdal/lib/krb5/test_prf.c | 102 - crypto/heimdal/lib/krb5/test_princ.c | 366 - crypto/heimdal/lib/krb5/test_renew.c | 122 - crypto/heimdal/lib/krb5/test_store.c | 252 - crypto/heimdal/lib/krb5/test_time.c | 87 - crypto/heimdal/lib/krb5/ticket.c | 272 - crypto/heimdal/lib/krb5/time.c | 114 - crypto/heimdal/lib/krb5/transited.c | 503 - crypto/heimdal/lib/krb5/v4_glue.c | 939 - crypto/heimdal/lib/krb5/verify_init.c | 199 - crypto/heimdal/lib/krb5/verify_krb5_conf.8 | 95 - crypto/heimdal/lib/krb5/verify_krb5_conf.c | 676 - crypto/heimdal/lib/krb5/verify_user.c | 265 - crypto/heimdal/lib/krb5/version-script.map | 722 - crypto/heimdal/lib/krb5/version.c | 43 - crypto/heimdal/lib/krb5/warn.c | 211 - crypto/heimdal/lib/krb5/write_message.c | 89 - crypto/heimdal/lib/ntlm/ChangeLog | 112 - crypto/heimdal/lib/ntlm/Makefile.am | 34 - crypto/heimdal/lib/ntlm/Makefile.in | 909 - crypto/heimdal/lib/ntlm/heimntlm-protos.h | 131 - crypto/heimdal/lib/ntlm/heimntlm.h | 124 - crypto/heimdal/lib/ntlm/ntlm.c | 1364 - crypto/heimdal/lib/ntlm/test_ntlm.c | 339 - crypto/heimdal/lib/ntlm/version-script.map | 27 - crypto/heimdal/lib/roken/ChangeLog | 2196 - crypto/heimdal/lib/roken/Makefile.am | 194 - crypto/heimdal/lib/roken/Makefile.in | 1426 - crypto/heimdal/lib/roken/acconfig.h | 36 - crypto/heimdal/lib/roken/acinclude.m4 | 9 - crypto/heimdal/lib/roken/base64-test.c | 99 - crypto/heimdal/lib/roken/base64.c | 136 - crypto/heimdal/lib/roken/base64.h | 53 - crypto/heimdal/lib/roken/bswap.c | 61 - crypto/heimdal/lib/roken/chown.c | 45 - crypto/heimdal/lib/roken/closefrom.c | 60 - crypto/heimdal/lib/roken/concat.c | 112 - crypto/heimdal/lib/roken/copyhostent.c | 102 - crypto/heimdal/lib/roken/daemon.c | 84 - crypto/heimdal/lib/roken/dumpdata.c | 57 - crypto/heimdal/lib/roken/ecalloc.3 | 84 - crypto/heimdal/lib/roken/ecalloc.c | 56 - crypto/heimdal/lib/roken/emalloc.c | 56 - crypto/heimdal/lib/roken/environment.c | 156 - crypto/heimdal/lib/roken/eread.c | 57 - crypto/heimdal/lib/roken/erealloc.c | 56 - crypto/heimdal/lib/roken/err.c | 48 - crypto/heimdal/lib/roken/err.hin | 88 - crypto/heimdal/lib/roken/errx.c | 48 - crypto/heimdal/lib/roken/esetenv.c | 48 - crypto/heimdal/lib/roken/estrdup.c | 56 - crypto/heimdal/lib/roken/ewrite.c | 57 - crypto/heimdal/lib/roken/fchown.c | 45 - crypto/heimdal/lib/roken/flock.c | 87 - crypto/heimdal/lib/roken/fnmatch.c | 169 - crypto/heimdal/lib/roken/fnmatch.hin | 64 - crypto/heimdal/lib/roken/freeaddrinfo.c | 57 - crypto/heimdal/lib/roken/freehostent.c | 62 - crypto/heimdal/lib/roken/gai_strerror.c | 77 - crypto/heimdal/lib/roken/get_default_username.c | 80 - crypto/heimdal/lib/roken/get_window_size.c | 102 - crypto/heimdal/lib/roken/getaddrinfo-test.c | 144 - crypto/heimdal/lib/roken/getaddrinfo.c | 417 - crypto/heimdal/lib/roken/getaddrinfo_hostspec.c | 104 - crypto/heimdal/lib/roken/getarg.3 | 341 - crypto/heimdal/lib/roken/getarg.c | 595 - crypto/heimdal/lib/roken/getarg.h | 102 - crypto/heimdal/lib/roken/getcap.c | 1122 - crypto/heimdal/lib/roken/getcwd.c | 57 - crypto/heimdal/lib/roken/getdtablesize.c | 102 - crypto/heimdal/lib/roken/getegid.c | 49 - crypto/heimdal/lib/roken/geteuid.c | 49 - crypto/heimdal/lib/roken/getgid.c | 49 - crypto/heimdal/lib/roken/gethostname.c | 72 - crypto/heimdal/lib/roken/getifaddrs.c | 1250 - crypto/heimdal/lib/roken/getipnodebyaddr.c | 74 - crypto/heimdal/lib/roken/getipnodebyname.c | 86 - crypto/heimdal/lib/roken/getnameinfo.c | 127 - crypto/heimdal/lib/roken/getnameinfo_verified.c | 92 - crypto/heimdal/lib/roken/getopt.c | 124 - crypto/heimdal/lib/roken/getprogname.c | 51 - crypto/heimdal/lib/roken/gettimeofday.c | 55 - crypto/heimdal/lib/roken/getuid.c | 49 - crypto/heimdal/lib/roken/getusershell.c | 189 - crypto/heimdal/lib/roken/glob.c | 850 - crypto/heimdal/lib/roken/glob.hin | 104 - crypto/heimdal/lib/roken/h_errno.c | 41 - crypto/heimdal/lib/roken/hex-test.c | 110 - crypto/heimdal/lib/roken/hex.c | 103 - crypto/heimdal/lib/roken/hex.h | 55 - crypto/heimdal/lib/roken/hostent_find_fqdn.c | 59 - crypto/heimdal/lib/roken/hstrerror.c | 81 - crypto/heimdal/lib/roken/ifaddrs.hin | 77 - crypto/heimdal/lib/roken/inet_aton.c | 49 - crypto/heimdal/lib/roken/inet_ntop.c | 133 - crypto/heimdal/lib/roken/inet_pton.c | 49 - crypto/heimdal/lib/roken/initgroups.c | 45 - crypto/heimdal/lib/roken/innetgr.c | 49 - crypto/heimdal/lib/roken/install-sh | 251 - crypto/heimdal/lib/roken/iruserok.c | 284 - crypto/heimdal/lib/roken/issuid.c | 59 - crypto/heimdal/lib/roken/k_getpwnam.c | 64 - crypto/heimdal/lib/roken/k_getpwuid.c | 64 - crypto/heimdal/lib/roken/localtime_r.c | 57 - crypto/heimdal/lib/roken/lstat.c | 45 - crypto/heimdal/lib/roken/memmove.c | 65 - crypto/heimdal/lib/roken/mini_inetd.c | 148 - crypto/heimdal/lib/roken/missing | 190 - crypto/heimdal/lib/roken/mkinstalldirs | 40 - crypto/heimdal/lib/roken/mkstemp.c | 84 - crypto/heimdal/lib/roken/ndbm_wrap.c | 221 - crypto/heimdal/lib/roken/ndbm_wrap.h | 91 - crypto/heimdal/lib/roken/net_read.c | 74 - crypto/heimdal/lib/roken/net_write.c | 72 - crypto/heimdal/lib/roken/parse_bytes-test.c | 92 - crypto/heimdal/lib/roken/parse_bytes.c | 78 - crypto/heimdal/lib/roken/parse_bytes.h | 56 - crypto/heimdal/lib/roken/parse_reply-test.c | 129 - crypto/heimdal/lib/roken/parse_time-test.c | 118 - crypto/heimdal/lib/roken/parse_time.3 | 173 - crypto/heimdal/lib/roken/parse_time.c | 78 - crypto/heimdal/lib/roken/parse_time.h | 59 - crypto/heimdal/lib/roken/parse_units.c | 330 - crypto/heimdal/lib/roken/parse_units.h | 79 - crypto/heimdal/lib/roken/print_version.c | 78 - crypto/heimdal/lib/roken/putenv.c | 80 - crypto/heimdal/lib/roken/rcmd.c | 52 - crypto/heimdal/lib/roken/readv.c | 67 - crypto/heimdal/lib/roken/realloc.c | 50 - crypto/heimdal/lib/roken/recvmsg.c | 69 - crypto/heimdal/lib/roken/resolve-test.c | 179 - crypto/heimdal/lib/roken/resolve.c | 711 - crypto/heimdal/lib/roken/resolve.h | 298 - crypto/heimdal/lib/roken/resource.h | 15 - crypto/heimdal/lib/roken/roken-common.h | 405 - crypto/heimdal/lib/roken/roken.awk | 40 - crypto/heimdal/lib/roken/roken.h.in | 706 - crypto/heimdal/lib/roken/roken_gethostby.c | 274 - crypto/heimdal/lib/roken/rtbl.3 | 201 - crypto/heimdal/lib/roken/rtbl.c | 489 - crypto/heimdal/lib/roken/rtbl.h | 118 - crypto/heimdal/lib/roken/sendmsg.c | 65 - crypto/heimdal/lib/roken/setegid.c | 57 - crypto/heimdal/lib/roken/setenv.c | 66 - crypto/heimdal/lib/roken/seteuid.c | 57 - crypto/heimdal/lib/roken/setprogname.c | 61 - crypto/heimdal/lib/roken/signal.c | 80 - crypto/heimdal/lib/roken/simple_exec.c | 331 - crypto/heimdal/lib/roken/snprintf-test.c | 269 - crypto/heimdal/lib/roken/snprintf-test.h | 52 - crypto/heimdal/lib/roken/snprintf.c | 702 - crypto/heimdal/lib/roken/socket.c | 302 - crypto/heimdal/lib/roken/socket_wrapper.c | 1913 - crypto/heimdal/lib/roken/socket_wrapper.h | 146 - crypto/heimdal/lib/roken/strcasecmp.c | 58 - crypto/heimdal/lib/roken/strcollect.c | 96 - crypto/heimdal/lib/roken/strdup.c | 50 - crypto/heimdal/lib/roken/strerror.c | 57 - crypto/heimdal/lib/roken/strftime.c | 401 - crypto/heimdal/lib/roken/strlcat.c | 56 - crypto/heimdal/lib/roken/strlcpy.c | 60 - crypto/heimdal/lib/roken/strlwr.c | 53 - crypto/heimdal/lib/roken/strncasecmp.c | 62 - crypto/heimdal/lib/roken/strndup.c | 56 - crypto/heimdal/lib/roken/strnlen.c | 49 - crypto/heimdal/lib/roken/strpftime-test.c | 299 - crypto/heimdal/lib/roken/strpftime-test.h | 48 - crypto/heimdal/lib/roken/strpool.c | 110 - crypto/heimdal/lib/roken/strptime.c | 453 - crypto/heimdal/lib/roken/strsep.c | 61 - crypto/heimdal/lib/roken/strsep_copy.c | 69 - crypto/heimdal/lib/roken/strtok_r.c | 65 - crypto/heimdal/lib/roken/strupr.c | 53 - crypto/heimdal/lib/roken/swab.c | 54 - crypto/heimdal/lib/roken/test-mem.c | 199 - crypto/heimdal/lib/roken/test-mem.h | 39 - crypto/heimdal/lib/roken/test-readenv.c | 118 - crypto/heimdal/lib/roken/timegm.c | 88 - crypto/heimdal/lib/roken/timeval.c | 84 - crypto/heimdal/lib/roken/tm2time.c | 61 - crypto/heimdal/lib/roken/unsetenv.c | 70 - crypto/heimdal/lib/roken/unvis.c | 286 - crypto/heimdal/lib/roken/verify.c | 62 - crypto/heimdal/lib/roken/verr.c | 47 - crypto/heimdal/lib/roken/verrx.c | 47 - crypto/heimdal/lib/roken/vis.c | 335 - crypto/heimdal/lib/roken/vis.h | 115 - crypto/heimdal/lib/roken/vis.hin | 115 - crypto/heimdal/lib/roken/vsyslog.c | 115 - crypto/heimdal/lib/roken/vwarn.c | 46 - crypto/heimdal/lib/roken/vwarnx.c | 47 - crypto/heimdal/lib/roken/warn.c | 48 - crypto/heimdal/lib/roken/warnerr.c | 61 - crypto/heimdal/lib/roken/warnx.c | 48 - crypto/heimdal/lib/roken/write_pid.c | 99 - crypto/heimdal/lib/roken/writev.c | 64 - crypto/heimdal/lib/roken/xdbm.h | 52 - crypto/heimdal/lib/sl/ChangeLog | 325 - crypto/heimdal/lib/sl/Makefile.am | 63 - crypto/heimdal/lib/sl/Makefile.in | 1064 - crypto/heimdal/lib/sl/lex.c | 1880 - crypto/heimdal/lib/sl/lex.l | 119 - crypto/heimdal/lib/sl/make_cmds.c | 239 - crypto/heimdal/lib/sl/make_cmds.h | 76 - crypto/heimdal/lib/sl/parse.c | 1724 - crypto/heimdal/lib/sl/parse.h | 78 - crypto/heimdal/lib/sl/parse.y | 169 - crypto/heimdal/lib/sl/roken_rename.h | 67 - crypto/heimdal/lib/sl/sl.c | 396 - crypto/heimdal/lib/sl/sl.h | 69 - crypto/heimdal/lib/sl/sl_locl.h | 47 - crypto/heimdal/lib/sl/slc-gram.c | 2275 - crypto/heimdal/lib/sl/slc-gram.h | 69 - crypto/heimdal/lib/sl/slc-gram.y | 764 - crypto/heimdal/lib/sl/slc-lex.c | 1877 - crypto/heimdal/lib/sl/slc-lex.l | 164 - crypto/heimdal/lib/sl/slc.h | 55 - crypto/heimdal/lib/sl/ss.c | 162 - crypto/heimdal/lib/sl/ss.h | 57 - crypto/heimdal/lib/sl/test_sl.c | 97 - crypto/heimdal/lib/vers/ChangeLog | 74 - crypto/heimdal/lib/vers/Makefile.am | 32 - crypto/heimdal/lib/vers/Makefile.in | 781 - crypto/heimdal/lib/vers/make-print-version.c | 76 - crypto/heimdal/lib/vers/print_version.c | 55 - crypto/heimdal/lib/vers/vers.h | 41 - crypto/heimdal/ltconfig | 2797 - crypto/heimdal/ltmain.sh | 6863 --- crypto/heimdal/missing | 367 - crypto/heimdal/mkinstalldirs | 150 - crypto/heimdal/packages/ChangeLog | 26 - crypto/heimdal/packages/Makefile.am | 6 - crypto/heimdal/packages/Makefile.in | 815 - crypto/heimdal/packages/debian/Makefile.am | 91 - crypto/heimdal/packages/debian/Makefile.in | 745 - crypto/heimdal/packages/debian/README | 15 - crypto/heimdal/packages/debian/README.Debian | 120 - crypto/heimdal/packages/debian/changelog | 1168 - crypto/heimdal/packages/debian/compat | 1 - crypto/heimdal/packages/debian/control | 276 - crypto/heimdal/packages/debian/copyright | 195 - crypto/heimdal/packages/debian/extras/default | 17 - crypto/heimdal/packages/debian/extras/kadmind.acl | 1 - crypto/heimdal/packages/debian/extras/kdc.conf | 91 - .../packages/debian/heimdal-clients-x.install | 10 - .../packages/debian/heimdal-clients.install | 43 - .../packages/debian/heimdal-clients.postinst | 10 - .../heimdal/packages/debian/heimdal-clients.prerm | 13 - crypto/heimdal/packages/debian/heimdal-dev.install | 8 - .../heimdal/packages/debian/heimdal-docs.install | 2 - crypto/heimdal/packages/debian/heimdal-kcm.init | 69 - crypto/heimdal/packages/debian/heimdal-kcm.install | 2 - crypto/heimdal/packages/debian/heimdal-kdc.dirs | 5 - .../heimdal/packages/debian/heimdal-kdc.examples | 2 - crypto/heimdal/packages/debian/heimdal-kdc.init | 124 - crypto/heimdal/packages/debian/heimdal-kdc.install | 20 - .../heimdal/packages/debian/heimdal-kdc.logrotate | 5 - .../heimdal/packages/debian/heimdal-kdc.postinst | 98 - crypto/heimdal/packages/debian/heimdal-kdc.postrm | 32 - .../heimdal/packages/debian/heimdal-kdc.templates | 12 - .../heimdal/packages/debian/heimdal-servers-x.dirs | 1 - .../packages/debian/heimdal-servers-x.install | 2 - .../packages/debian/heimdal-servers-x.postinst | 34 - .../packages/debian/heimdal-servers-x.postrm | 23 - .../packages/debian/heimdal-servers-x.prerm | 11 - .../heimdal/packages/debian/heimdal-servers.dirs | 1 - .../packages/debian/heimdal-servers.install | 12 - .../packages/debian/heimdal-servers.postinst | 47 - .../heimdal/packages/debian/heimdal-servers.postrm | 26 - .../heimdal/packages/debian/heimdal-servers.prerm | 14 - .../packages/debian/libasn1-8-heimdal.install | 2 - .../debian/libasn1-8-heimdal.postinst.debhelper | 5 - .../debian/libasn1-8-heimdal.postrm.debhelper | 5 - .../packages/debian/libasn1-8-heimdal.substvars | 1 - .../packages/debian/libgssapi2-heimdal.install | 2 - .../debian/libgssapi2-heimdal.postinst.debhelper | 5 - .../debian/libgssapi2-heimdal.postrm.debhelper | 5 - .../packages/debian/libgssapi2-heimdal.substvars | 1 - .../packages/debian/libhdb9-heimdal.install | 3 - .../debian/libhdb9-heimdal.postinst.debhelper | 5 - .../debian/libhdb9-heimdal.postrm.debhelper | 5 - .../packages/debian/libhdb9-heimdal.substvars | 1 - .../packages/debian/libkadm5clnt7-heimdal.install | 3 - .../libkadm5clnt7-heimdal.postinst.debhelper | 5 - .../debian/libkadm5clnt7-heimdal.postrm.debhelper | 5 - .../debian/libkadm5clnt7-heimdal.substvars | 1 - .../packages/debian/libkadm5srv7-heimdal.install | 2 - .../packages/debian/libkadm5srv8-heimdal.install | 3 - .../packages/debian/libkafs0-heimdal.install | 2 - .../packages/debian/libkrb5-22-heimdal.install | 3 - .../debian/libkrb5-22-heimdal.postinst.debhelper | 5 - .../debian/libkrb5-22-heimdal.postrm.debhelper | 5 - .../packages/debian/libkrb5-22-heimdal.substvars | 1 - .../packages/debian/libotp0-heimdal.install | 1 - .../packages/debian/libroken18-heimdal.install | 2 - .../debian/libroken18-heimdal.postinst.debhelper | 5 - .../debian/libroken18-heimdal.postrm.debhelper | 5 - .../packages/debian/libroken18-heimdal.substvars | 1 - .../heimdal/packages/debian/libsl0-heimdal.install | 2 - crypto/heimdal/packages/debian/patches/021_debian | 204 - .../packages/debian/patches/022_ftp-roken-glob | 270 - crypto/heimdal/packages/debian/patches/022_openafs | 15 - .../heimdal/packages/debian/patches/025_pthreads | 13 - .../heimdal/packages/debian/patches/026_posix_max | 293 - crypto/heimdal/packages/debian/po/POTFILES.in | 1 - crypto/heimdal/packages/debian/po/templates.pot | 54 - crypto/heimdal/packages/debian/rules | 62 - .../heimdal/packages/debian/scripts/convert_source | 17 - crypto/heimdal/packages/mac/Info.plist | 36 - crypto/heimdal/packages/mac/Makefile.am | 9 - crypto/heimdal/packages/mac/Makefile.in | 663 - .../packages/mac/Resources/Description.plist | 10 - .../mac/Resources/English.lproj/Welcome.rtf | 8 - crypto/heimdal/packages/mac/mac.sh | 52 - crypto/heimdal/tests/ChangeLog | 742 - crypto/heimdal/tests/Makefile.am | 11 - crypto/heimdal/tests/Makefile.in | 816 - crypto/heimdal/tests/can/Makefile.am | 56 - crypto/heimdal/tests/can/Makefile.in | 781 - crypto/heimdal/tests/can/apple-10.4.kadm | 4 - crypto/heimdal/tests/can/apple-10.4.req | Bin 1199 -> 0 bytes crypto/heimdal/tests/can/check-can.in | 47 - crypto/heimdal/tests/can/heim-0.8.kadm | 4 - crypto/heimdal/tests/can/heim-0.8.req | Bin 1177 -> 0 bytes crypto/heimdal/tests/can/krb5.conf.in | 24 - .../heimdal/tests/can/mit-pkinit-20070607.ca.crt | 23 - crypto/heimdal/tests/can/mit-pkinit-20070607.kadm | 3 - crypto/heimdal/tests/can/mit-pkinit-20070607.req | Bin 2352 -> 0 bytes crypto/heimdal/tests/can/mit-pkinit-20070607.xf | 28 - crypto/heimdal/tests/can/test_can.in | 79 - crypto/heimdal/tests/db/Makefile.am | 66 - crypto/heimdal/tests/db/Makefile.in | 793 - crypto/heimdal/tests/db/add-modify-delete.in | 137 - crypto/heimdal/tests/db/check-dbinfo.in | 45 - crypto/heimdal/tests/db/have-db.in | 60 - crypto/heimdal/tests/db/krb5.conf.in | 28 - crypto/heimdal/tests/db/loaddump-db.in | 132 - crypto/heimdal/tests/db/text-dump-0.7 | 7 - crypto/heimdal/tests/db/text-dump-known-ext | 7 - crypto/heimdal/tests/db/text-dump-no-ext | 7 - crypto/heimdal/tests/db/text-dump-unknown-ext | 7 - crypto/heimdal/tests/gss/Makefile.am | 78 - crypto/heimdal/tests/gss/Makefile.in | 804 - crypto/heimdal/tests/gss/check-basic.in | 156 - crypto/heimdal/tests/gss/check-context.in | 188 - crypto/heimdal/tests/gss/check-gss.in | 45 - crypto/heimdal/tests/gss/check-gssmask.in | 133 - crypto/heimdal/tests/gss/check-ntlm.in | 170 - crypto/heimdal/tests/gss/check-spnego.in | 209 - crypto/heimdal/tests/gss/krb5.conf.in | 33 - crypto/heimdal/tests/gss/ntlm-user-file.txt | 2 - crypto/heimdal/tests/java/KerberosInit.java | 95 - crypto/heimdal/tests/java/Makefile.am | 44 - crypto/heimdal/tests/java/Makefile.in | 768 - crypto/heimdal/tests/java/check-kinit.in | 101 - crypto/heimdal/tests/java/have-java.sh | 58 - crypto/heimdal/tests/java/jaas.conf | 5 - crypto/heimdal/tests/java/krb5.conf.in | 30 - crypto/heimdal/tests/kdc/Makefile.am | 159 - crypto/heimdal/tests/kdc/Makefile.in | 971 - crypto/heimdal/tests/kdc/ap-req.c | 221 - crypto/heimdal/tests/kdc/check-digest.in | 295 - crypto/heimdal/tests/kdc/check-iprop.in | 248 - crypto/heimdal/tests/kdc/check-kadmin.in | 151 - crypto/heimdal/tests/kdc/check-kdc.in | 413 - crypto/heimdal/tests/kdc/check-keys.in | 101 - crypto/heimdal/tests/kdc/check-pkinit.in | 273 - crypto/heimdal/tests/kdc/check-referral.in | 200 - crypto/heimdal/tests/kdc/check-uu.in | 138 - crypto/heimdal/tests/kdc/donotexists.txt | 1 - crypto/heimdal/tests/kdc/heimdal.acl | 3 - crypto/heimdal/tests/kdc/iprop-acl | 1 - crypto/heimdal/tests/kdc/krb5-pkinit.conf.in | 33 - crypto/heimdal/tests/kdc/krb5.conf.in | 56 - crypto/heimdal/tests/kdc/krb5.conf.keys.in | 13 - crypto/heimdal/tests/kdc/ntlm-user-file.txt | 2 - crypto/heimdal/tests/kdc/pki-mapping | 3 - crypto/heimdal/tests/kdc/uuserver.txt | 4 - crypto/heimdal/tests/kdc/wait-kdc.sh | 66 - crypto/heimdal/tests/ldap/Makefile.am | 52 - crypto/heimdal/tests/ldap/Makefile.in | 779 - crypto/heimdal/tests/ldap/check-ldap.in | 143 - crypto/heimdal/tests/ldap/init.ldif | 44 - crypto/heimdal/tests/ldap/krb5.conf.in | 21 - crypto/heimdal/tests/ldap/samba.schema | 554 - crypto/heimdal/tests/ldap/slapd-init.in | 39 - crypto/heimdal/tests/ldap/slapd-stop | 18 - crypto/heimdal/tests/ldap/slapd.conf | 28 - crypto/heimdal/tests/plugin/Makefile.am | 43 - crypto/heimdal/tests/plugin/Makefile.in | 890 - crypto/heimdal/tests/plugin/check-pac.in | 147 - crypto/heimdal/tests/plugin/krb5.conf.in | 29 - crypto/heimdal/tests/plugin/windc.c | 77 - crypto/heimdal/tools/Makefile.am | 53 - crypto/heimdal/tools/Makefile.in | 805 - crypto/heimdal/tools/build.sh | 212 - crypto/heimdal/tools/heimdal-build.sh | 295 - crypto/heimdal/tools/heimdal-gssapi.pc.in | 14 - crypto/heimdal/tools/kdc-log-analyze.pl | 549 - crypto/heimdal/tools/krb5-config.1 | 90 - crypto/heimdal/tools/krb5-config.in | 118 - 1592 files changed, 515730 deletions(-) delete mode 100644 crypto/heimdal/ChangeLog delete mode 100644 crypto/heimdal/ChangeLog.1998 delete mode 100644 crypto/heimdal/ChangeLog.1999 delete mode 100644 crypto/heimdal/ChangeLog.2000 delete mode 100644 crypto/heimdal/ChangeLog.2001 delete mode 100644 crypto/heimdal/ChangeLog.2002 delete mode 100644 crypto/heimdal/ChangeLog.2003 delete mode 100644 crypto/heimdal/ChangeLog.2004 delete mode 100644 crypto/heimdal/ChangeLog.2005 delete mode 100644 crypto/heimdal/ChangeLog.2006 delete mode 100644 crypto/heimdal/LICENSE delete mode 100644 crypto/heimdal/Makefile.am delete mode 100644 crypto/heimdal/Makefile.am.common delete mode 100644 crypto/heimdal/Makefile.in delete mode 100644 crypto/heimdal/NEWS delete mode 100644 crypto/heimdal/README delete mode 100644 crypto/heimdal/acinclude.m4 delete mode 100644 crypto/heimdal/aclocal.m4 delete mode 100644 crypto/heimdal/admin/ChangeLog delete mode 100644 crypto/heimdal/admin/Makefile.am delete mode 100644 crypto/heimdal/admin/Makefile.in delete mode 100644 crypto/heimdal/admin/add.c delete mode 100644 crypto/heimdal/admin/change.c delete mode 100644 crypto/heimdal/admin/copy.c delete mode 100644 crypto/heimdal/admin/get.c delete mode 100644 crypto/heimdal/admin/ktutil-commands.in delete mode 100644 crypto/heimdal/admin/ktutil.8 delete mode 100644 crypto/heimdal/admin/ktutil.c delete mode 100644 crypto/heimdal/admin/ktutil_locl.h delete mode 100644 crypto/heimdal/admin/list.c delete mode 100644 crypto/heimdal/admin/purge.c delete mode 100644 crypto/heimdal/admin/remove.c delete mode 100644 crypto/heimdal/admin/rename.c delete mode 100644 crypto/heimdal/appl/Makefile.am delete mode 100644 crypto/heimdal/appl/Makefile.in delete mode 100644 crypto/heimdal/appl/afsutil/ChangeLog delete mode 100644 crypto/heimdal/appl/afsutil/Makefile.am delete mode 100644 crypto/heimdal/appl/afsutil/Makefile.in delete mode 100644 crypto/heimdal/appl/afsutil/afslog.1 delete mode 100644 crypto/heimdal/appl/afsutil/afslog.c delete mode 100644 crypto/heimdal/appl/afsutil/pagsh.1 delete mode 100644 crypto/heimdal/appl/afsutil/pagsh.c delete mode 100644 crypto/heimdal/appl/ftp/ChangeLog delete mode 100644 crypto/heimdal/appl/ftp/Makefile.am delete mode 100644 crypto/heimdal/appl/ftp/Makefile.in delete mode 100644 crypto/heimdal/appl/ftp/common/Makefile.am delete mode 100644 crypto/heimdal/appl/ftp/common/Makefile.in delete mode 100644 crypto/heimdal/appl/ftp/common/buffer.c delete mode 100644 crypto/heimdal/appl/ftp/common/common.h delete mode 100644 crypto/heimdal/appl/ftp/common/sockbuf.c delete mode 100644 crypto/heimdal/appl/ftp/ftp/Makefile.am delete mode 100644 crypto/heimdal/appl/ftp/ftp/Makefile.in delete mode 100644 crypto/heimdal/appl/ftp/ftp/cmds.c delete mode 100644 crypto/heimdal/appl/ftp/ftp/cmdtab.c delete mode 100644 crypto/heimdal/appl/ftp/ftp/domacro.c delete mode 100644 crypto/heimdal/appl/ftp/ftp/extern.h delete mode 100644 crypto/heimdal/appl/ftp/ftp/ftp.1 delete mode 100644 crypto/heimdal/appl/ftp/ftp/ftp.c delete mode 100644 crypto/heimdal/appl/ftp/ftp/ftp_locl.h delete mode 100644 crypto/heimdal/appl/ftp/ftp/ftp_var.h delete mode 100644 crypto/heimdal/appl/ftp/ftp/globals.c delete mode 100644 crypto/heimdal/appl/ftp/ftp/gssapi.c delete mode 100644 crypto/heimdal/appl/ftp/ftp/kauth.c delete mode 100644 crypto/heimdal/appl/ftp/ftp/krb4.c delete mode 100644 crypto/heimdal/appl/ftp/ftp/main.c delete mode 100644 crypto/heimdal/appl/ftp/ftp/pathnames.h delete mode 100644 crypto/heimdal/appl/ftp/ftp/ruserpass.c delete mode 100644 crypto/heimdal/appl/ftp/ftp/security.c delete mode 100644 crypto/heimdal/appl/ftp/ftp/security.h delete mode 100644 crypto/heimdal/appl/ftp/ftpd/Makefile.am delete mode 100644 crypto/heimdal/appl/ftp/ftpd/Makefile.in delete mode 100644 crypto/heimdal/appl/ftp/ftpd/extern.h delete mode 100644 crypto/heimdal/appl/ftp/ftpd/ftpcmd.c delete mode 100644 crypto/heimdal/appl/ftp/ftpd/ftpcmd.y delete mode 100644 crypto/heimdal/appl/ftp/ftpd/ftpd.8 delete mode 100644 crypto/heimdal/appl/ftp/ftpd/ftpd.c delete mode 100644 crypto/heimdal/appl/ftp/ftpd/ftpd_locl.h delete mode 100644 crypto/heimdal/appl/ftp/ftpd/ftpusers.5 delete mode 100644 crypto/heimdal/appl/ftp/ftpd/gss_userok.c delete mode 100644 crypto/heimdal/appl/ftp/ftpd/gssapi.c delete mode 100644 crypto/heimdal/appl/ftp/ftpd/kauth.c delete mode 100644 crypto/heimdal/appl/ftp/ftpd/klist.c delete mode 100644 crypto/heimdal/appl/ftp/ftpd/krb4.c delete mode 100644 crypto/heimdal/appl/ftp/ftpd/logwtmp.c delete mode 100644 crypto/heimdal/appl/ftp/ftpd/ls.c delete mode 100644 crypto/heimdal/appl/ftp/ftpd/pathnames.h delete mode 100644 crypto/heimdal/appl/ftp/ftpd/popen.c delete mode 100644 crypto/heimdal/appl/ftp/ftpd/security.c delete mode 100644 crypto/heimdal/appl/gssmask/Makefile.am delete mode 100644 crypto/heimdal/appl/gssmask/Makefile.in delete mode 100644 crypto/heimdal/appl/gssmask/common.c delete mode 100644 crypto/heimdal/appl/gssmask/common.h delete mode 100644 crypto/heimdal/appl/gssmask/gssmaestro.c delete mode 100644 crypto/heimdal/appl/gssmask/gssmask.c delete mode 100644 crypto/heimdal/appl/gssmask/protocol.h delete mode 100644 crypto/heimdal/appl/kf/Makefile.am delete mode 100644 crypto/heimdal/appl/kf/Makefile.in delete mode 100644 crypto/heimdal/appl/kf/kf.1 delete mode 100644 crypto/heimdal/appl/kf/kf.c delete mode 100644 crypto/heimdal/appl/kf/kf_locl.h delete mode 100644 crypto/heimdal/appl/kf/kfd.8 delete mode 100644 crypto/heimdal/appl/kf/kfd.c delete mode 100644 crypto/heimdal/appl/login/ChangeLog delete mode 100644 crypto/heimdal/appl/login/Makefile.am delete mode 100644 crypto/heimdal/appl/login/Makefile.in delete mode 100644 crypto/heimdal/appl/login/conf.c delete mode 100644 crypto/heimdal/appl/login/env.c delete mode 100644 crypto/heimdal/appl/login/limits_conf.c delete mode 100644 crypto/heimdal/appl/login/login.1 delete mode 100644 crypto/heimdal/appl/login/login.access.5 delete mode 100644 crypto/heimdal/appl/login/login.c delete mode 100644 crypto/heimdal/appl/login/login_access.c delete mode 100644 crypto/heimdal/appl/login/login_locl.h delete mode 100644 crypto/heimdal/appl/login/login_protos.h delete mode 100644 crypto/heimdal/appl/login/loginpaths.h delete mode 100644 crypto/heimdal/appl/login/osfc2.c delete mode 100644 crypto/heimdal/appl/login/read_string.c delete mode 100644 crypto/heimdal/appl/login/shadow.c delete mode 100644 crypto/heimdal/appl/login/stty_default.c delete mode 100644 crypto/heimdal/appl/login/tty.c delete mode 100644 crypto/heimdal/appl/login/utmp_login.c delete mode 100644 crypto/heimdal/appl/login/utmpx_login.c delete mode 100644 crypto/heimdal/appl/push/ChangeLog delete mode 100644 crypto/heimdal/appl/push/Makefile.am delete mode 100644 crypto/heimdal/appl/push/Makefile.in delete mode 100644 crypto/heimdal/appl/push/pfrom.1 delete mode 100644 crypto/heimdal/appl/push/pfrom.in delete mode 100644 crypto/heimdal/appl/push/push.8 delete mode 100644 crypto/heimdal/appl/push/push.c delete mode 100644 crypto/heimdal/appl/push/push_locl.h delete mode 100644 crypto/heimdal/appl/rcp/ChangeLog delete mode 100644 crypto/heimdal/appl/rcp/Makefile.am delete mode 100644 crypto/heimdal/appl/rcp/Makefile.in delete mode 100644 crypto/heimdal/appl/rcp/extern.h delete mode 100644 crypto/heimdal/appl/rcp/rcp.1 delete mode 100644 crypto/heimdal/appl/rcp/rcp.c delete mode 100644 crypto/heimdal/appl/rcp/rcp_locl.h delete mode 100644 crypto/heimdal/appl/rcp/util.c delete mode 100644 crypto/heimdal/appl/rsh/ChangeLog delete mode 100644 crypto/heimdal/appl/rsh/Makefile.am delete mode 100644 crypto/heimdal/appl/rsh/Makefile.in delete mode 100644 crypto/heimdal/appl/rsh/common.c delete mode 100644 crypto/heimdal/appl/rsh/limits_conf.c delete mode 100644 crypto/heimdal/appl/rsh/login_access.c delete mode 100644 crypto/heimdal/appl/rsh/rsh.1 delete mode 100644 crypto/heimdal/appl/rsh/rsh.c delete mode 100644 crypto/heimdal/appl/rsh/rsh_locl.h delete mode 100644 crypto/heimdal/appl/rsh/rshd.8 delete mode 100644 crypto/heimdal/appl/rsh/rshd.c delete mode 100644 crypto/heimdal/appl/su/ChangeLog delete mode 100644 crypto/heimdal/appl/su/Makefile.am delete mode 100644 crypto/heimdal/appl/su/Makefile.in delete mode 100644 crypto/heimdal/appl/su/su.1 delete mode 100644 crypto/heimdal/appl/su/su.c delete mode 100644 crypto/heimdal/appl/su/supaths.h delete mode 100644 crypto/heimdal/appl/telnet/ChangeLog delete mode 100644 crypto/heimdal/appl/telnet/Makefile.am delete mode 100644 crypto/heimdal/appl/telnet/Makefile.in delete mode 100644 crypto/heimdal/appl/telnet/README.ORIG delete mode 100644 crypto/heimdal/appl/telnet/arpa/telnet.h delete mode 100644 crypto/heimdal/appl/telnet/libtelnet/Makefile.am delete mode 100644 crypto/heimdal/appl/telnet/libtelnet/Makefile.in delete mode 100644 crypto/heimdal/appl/telnet/libtelnet/auth-proto.h delete mode 100644 crypto/heimdal/appl/telnet/libtelnet/auth.c delete mode 100644 crypto/heimdal/appl/telnet/libtelnet/auth.h delete mode 100644 crypto/heimdal/appl/telnet/libtelnet/enc-proto.h delete mode 100644 crypto/heimdal/appl/telnet/libtelnet/enc_des.c delete mode 100644 crypto/heimdal/appl/telnet/libtelnet/encrypt.c delete mode 100644 crypto/heimdal/appl/telnet/libtelnet/encrypt.h delete mode 100644 crypto/heimdal/appl/telnet/libtelnet/genget.c delete mode 100644 crypto/heimdal/appl/telnet/libtelnet/kerberos.c delete mode 100644 crypto/heimdal/appl/telnet/libtelnet/kerberos5.c delete mode 100644 crypto/heimdal/appl/telnet/libtelnet/krb4encpwd.c delete mode 100644 crypto/heimdal/appl/telnet/libtelnet/misc-proto.h delete mode 100644 crypto/heimdal/appl/telnet/libtelnet/misc.c delete mode 100644 crypto/heimdal/appl/telnet/libtelnet/misc.h delete mode 100644 crypto/heimdal/appl/telnet/libtelnet/rsaencpwd.c delete mode 100644 crypto/heimdal/appl/telnet/libtelnet/spx.c delete mode 100644 crypto/heimdal/appl/telnet/telnet.state delete mode 100644 crypto/heimdal/appl/telnet/telnet/Makefile.am delete mode 100644 crypto/heimdal/appl/telnet/telnet/Makefile.in delete mode 100644 crypto/heimdal/appl/telnet/telnet/authenc.c delete mode 100644 crypto/heimdal/appl/telnet/telnet/commands.c delete mode 100644 crypto/heimdal/appl/telnet/telnet/defines.h delete mode 100644 crypto/heimdal/appl/telnet/telnet/externs.h delete mode 100644 crypto/heimdal/appl/telnet/telnet/main.c delete mode 100644 crypto/heimdal/appl/telnet/telnet/network.c delete mode 100644 crypto/heimdal/appl/telnet/telnet/ring.c delete mode 100644 crypto/heimdal/appl/telnet/telnet/ring.h delete mode 100644 crypto/heimdal/appl/telnet/telnet/sys_bsd.c delete mode 100644 crypto/heimdal/appl/telnet/telnet/telnet.1 delete mode 100644 crypto/heimdal/appl/telnet/telnet/telnet.c delete mode 100644 crypto/heimdal/appl/telnet/telnet/telnet_locl.h delete mode 100644 crypto/heimdal/appl/telnet/telnet/terminal.c delete mode 100644 crypto/heimdal/appl/telnet/telnet/types.h delete mode 100644 crypto/heimdal/appl/telnet/telnet/utilities.c delete mode 100644 crypto/heimdal/appl/telnet/telnetd/Makefile.am delete mode 100644 crypto/heimdal/appl/telnet/telnetd/Makefile.in delete mode 100644 crypto/heimdal/appl/telnet/telnetd/authenc.c delete mode 100644 crypto/heimdal/appl/telnet/telnetd/defs.h delete mode 100644 crypto/heimdal/appl/telnet/telnetd/ext.h delete mode 100644 crypto/heimdal/appl/telnet/telnetd/global.c delete mode 100644 crypto/heimdal/appl/telnet/telnetd/slc.c delete mode 100644 crypto/heimdal/appl/telnet/telnetd/state.c delete mode 100644 crypto/heimdal/appl/telnet/telnetd/sys_term.c delete mode 100644 crypto/heimdal/appl/telnet/telnetd/telnetd.8 delete mode 100644 crypto/heimdal/appl/telnet/telnetd/telnetd.c delete mode 100644 crypto/heimdal/appl/telnet/telnetd/telnetd.h delete mode 100644 crypto/heimdal/appl/telnet/telnetd/termstat.c delete mode 100644 crypto/heimdal/appl/telnet/telnetd/utility.c delete mode 100644 crypto/heimdal/appl/test/Makefile.am delete mode 100644 crypto/heimdal/appl/test/Makefile.in delete mode 100644 crypto/heimdal/appl/test/common.c delete mode 100644 crypto/heimdal/appl/test/gss_common.c delete mode 100644 crypto/heimdal/appl/test/gss_common.h delete mode 100644 crypto/heimdal/appl/test/gssapi_client.c delete mode 100644 crypto/heimdal/appl/test/gssapi_server.c delete mode 100644 crypto/heimdal/appl/test/http_client.c delete mode 100644 crypto/heimdal/appl/test/nt_gss_client.c delete mode 100644 crypto/heimdal/appl/test/nt_gss_common.c delete mode 100644 crypto/heimdal/appl/test/nt_gss_common.h delete mode 100644 crypto/heimdal/appl/test/nt_gss_server.c delete mode 100644 crypto/heimdal/appl/test/tcp_client.c delete mode 100644 crypto/heimdal/appl/test/tcp_server.c delete mode 100644 crypto/heimdal/appl/test/test_locl.h delete mode 100644 crypto/heimdal/appl/test/uu_client.c delete mode 100644 crypto/heimdal/appl/test/uu_server.c delete mode 100644 crypto/heimdal/autogen.sh delete mode 100644 crypto/heimdal/cf/ChangeLog delete mode 100644 crypto/heimdal/cf/Makefile.am.common delete mode 100644 crypto/heimdal/cf/aix.m4 delete mode 100644 crypto/heimdal/cf/auth-modules.m4 delete mode 100644 crypto/heimdal/cf/autobuild.m4 delete mode 100644 crypto/heimdal/cf/broken-getaddrinfo.m4 delete mode 100644 crypto/heimdal/cf/broken-getnameinfo.m4 delete mode 100644 crypto/heimdal/cf/broken-glob.m4 delete mode 100644 crypto/heimdal/cf/broken-realloc.m4 delete mode 100644 crypto/heimdal/cf/broken-snprintf.m4 delete mode 100644 crypto/heimdal/cf/broken.m4 delete mode 100644 crypto/heimdal/cf/broken2.m4 delete mode 100644 crypto/heimdal/cf/c-attribute.m4 delete mode 100644 crypto/heimdal/cf/c-function.m4 delete mode 100644 crypto/heimdal/cf/capabilities.m4 delete mode 100644 crypto/heimdal/cf/check-compile-et.m4 delete mode 100644 crypto/heimdal/cf/check-declaration.m4 delete mode 100644 crypto/heimdal/cf/check-getpwnam_r-posix.m4 delete mode 100644 crypto/heimdal/cf/check-man.m4 delete mode 100644 crypto/heimdal/cf/check-netinet-ip-and-tcp.m4 delete mode 100644 crypto/heimdal/cf/check-type-extra.m4 delete mode 100644 crypto/heimdal/cf/check-var.m4 delete mode 100644 crypto/heimdal/cf/check-x.m4 delete mode 100644 crypto/heimdal/cf/check-xau.m4 delete mode 100644 crypto/heimdal/cf/crypto.m4 delete mode 100644 crypto/heimdal/cf/db.m4 delete mode 100644 crypto/heimdal/cf/destdirs.m4 delete mode 100644 crypto/heimdal/cf/dlopen.m4 delete mode 100644 crypto/heimdal/cf/find-func-no-libs.m4 delete mode 100644 crypto/heimdal/cf/find-func-no-libs2.m4 delete mode 100644 crypto/heimdal/cf/find-func.m4 delete mode 100644 crypto/heimdal/cf/find-if-not-broken.m4 delete mode 100644 crypto/heimdal/cf/framework-security.m4 delete mode 100644 crypto/heimdal/cf/have-pragma-weak.m4 delete mode 100644 crypto/heimdal/cf/have-struct-field.m4 delete mode 100644 crypto/heimdal/cf/have-type.m4 delete mode 100644 crypto/heimdal/cf/have-types.m4 delete mode 100755 crypto/heimdal/cf/install-catman.sh delete mode 100644 crypto/heimdal/cf/irix.m4 delete mode 100644 crypto/heimdal/cf/krb-bigendian.m4 delete mode 100644 crypto/heimdal/cf/krb-func-getcwd-broken.m4 delete mode 100644 crypto/heimdal/cf/krb-func-getlogin.m4 delete mode 100644 crypto/heimdal/cf/krb-ipv6.m4 delete mode 100644 crypto/heimdal/cf/krb-prog-ln-s.m4 delete mode 100644 crypto/heimdal/cf/krb-prog-ranlib.m4 delete mode 100644 crypto/heimdal/cf/krb-prog-yacc.m4 delete mode 100644 crypto/heimdal/cf/krb-readline.m4 delete mode 100644 crypto/heimdal/cf/krb-struct-spwd.m4 delete mode 100644 crypto/heimdal/cf/krb-struct-winsize.m4 delete mode 100644 crypto/heimdal/cf/krb-sys-aix.m4 delete mode 100644 crypto/heimdal/cf/krb-sys-nextstep.m4 delete mode 100644 crypto/heimdal/cf/krb-version.m4 delete mode 100644 crypto/heimdal/cf/largefile.m4 delete mode 100644 crypto/heimdal/cf/make-proto.pl delete mode 100644 crypto/heimdal/cf/mips-abi.m4 delete mode 100644 crypto/heimdal/cf/misc.m4 delete mode 100644 crypto/heimdal/cf/need-proto.m4 delete mode 100644 crypto/heimdal/cf/osfc2.m4 delete mode 100644 crypto/heimdal/cf/otp.m4 delete mode 100644 crypto/heimdal/cf/proto-compat.m4 delete mode 100644 crypto/heimdal/cf/pthreads.m4 delete mode 100644 crypto/heimdal/cf/resolv.m4 delete mode 100644 crypto/heimdal/cf/retsigtype.m4 delete mode 100644 crypto/heimdal/cf/roken-frag.m4 delete mode 100644 crypto/heimdal/cf/roken.m4 delete mode 100644 crypto/heimdal/cf/socket-wrapper.m4 delete mode 100644 crypto/heimdal/cf/sunos.m4 delete mode 100644 crypto/heimdal/cf/telnet.m4 delete mode 100644 crypto/heimdal/cf/test-package.m4 delete mode 100644 crypto/heimdal/cf/valgrind-suppressions delete mode 100644 crypto/heimdal/cf/vararray.m4 delete mode 100644 crypto/heimdal/cf/version-script.m4 delete mode 100644 crypto/heimdal/cf/wflags.m4 delete mode 100644 crypto/heimdal/cf/win32.m4 delete mode 100644 crypto/heimdal/cf/with-all.m4 delete mode 100755 crypto/heimdal/compile delete mode 100755 crypto/heimdal/config.guess delete mode 100755 crypto/heimdal/config.sub delete mode 100755 crypto/heimdal/configure delete mode 100644 crypto/heimdal/configure.in delete mode 100644 crypto/heimdal/doc/Makefile.am delete mode 100644 crypto/heimdal/doc/Makefile.in delete mode 100644 crypto/heimdal/doc/ack.texi delete mode 100644 crypto/heimdal/doc/apps.texi delete mode 100644 crypto/heimdal/doc/doxytmpl.dxy delete mode 100644 crypto/heimdal/doc/hcrypto.din delete mode 100644 crypto/heimdal/doc/heimdal.css delete mode 100644 crypto/heimdal/doc/heimdal.texi delete mode 100644 crypto/heimdal/doc/hx509.din delete mode 100644 crypto/heimdal/doc/hx509.texi delete mode 100644 crypto/heimdal/doc/init-creds delete mode 100644 crypto/heimdal/doc/install.texi delete mode 100644 crypto/heimdal/doc/intro.texi delete mode 100644 crypto/heimdal/doc/kerberos4.texi delete mode 100644 crypto/heimdal/doc/krb5.din delete mode 100644 crypto/heimdal/doc/latin1.tex delete mode 100644 crypto/heimdal/doc/layman.asc delete mode 100755 crypto/heimdal/doc/mdate-sh delete mode 100644 crypto/heimdal/doc/migration.texi delete mode 100644 crypto/heimdal/doc/misc.texi delete mode 100644 crypto/heimdal/doc/ntlm.din delete mode 100644 crypto/heimdal/doc/programming.texi delete mode 100644 crypto/heimdal/doc/setup.texi delete mode 100755 crypto/heimdal/doc/vars.texi delete mode 100644 crypto/heimdal/doc/vars.tin delete mode 100644 crypto/heimdal/doc/whatis.texi delete mode 100644 crypto/heimdal/doc/win2k.texi delete mode 100644 crypto/heimdal/etc/Makefile.am delete mode 100644 crypto/heimdal/etc/Makefile.in delete mode 100644 crypto/heimdal/etc/services.append delete mode 100644 crypto/heimdal/include/Makefile.am delete mode 100644 crypto/heimdal/include/Makefile.in delete mode 100644 crypto/heimdal/include/bits.c delete mode 100644 crypto/heimdal/include/config.h.in delete mode 100644 crypto/heimdal/include/gssapi/Makefile.am delete mode 100644 crypto/heimdal/include/gssapi/Makefile.in delete mode 100644 crypto/heimdal/include/hcrypto/Makefile.am delete mode 100644 crypto/heimdal/include/hcrypto/Makefile.in delete mode 100644 crypto/heimdal/include/kadm5/Makefile.am delete mode 100644 crypto/heimdal/include/kadm5/Makefile.in delete mode 100644 crypto/heimdal/include/make_crypto.c delete mode 100755 crypto/heimdal/install-sh delete mode 100644 crypto/heimdal/kadmin/ChangeLog delete mode 100644 crypto/heimdal/kadmin/Makefile.am delete mode 100644 crypto/heimdal/kadmin/Makefile.in delete mode 100644 crypto/heimdal/kadmin/add-random-users.c delete mode 100644 crypto/heimdal/kadmin/add_enctype.c delete mode 100644 crypto/heimdal/kadmin/ank.c delete mode 100644 crypto/heimdal/kadmin/check.c delete mode 100644 crypto/heimdal/kadmin/cpw.c delete mode 100644 crypto/heimdal/kadmin/del.c delete mode 100644 crypto/heimdal/kadmin/del_enctype.c delete mode 100644 crypto/heimdal/kadmin/dump.c delete mode 100644 crypto/heimdal/kadmin/ext.c delete mode 100644 crypto/heimdal/kadmin/get.c delete mode 100644 crypto/heimdal/kadmin/init.c delete mode 100644 crypto/heimdal/kadmin/kadm_conn.c delete mode 100644 crypto/heimdal/kadmin/kadmin-commands.in delete mode 100644 crypto/heimdal/kadmin/kadmin.8 delete mode 100644 crypto/heimdal/kadmin/kadmin.c delete mode 100644 crypto/heimdal/kadmin/kadmin_locl.h delete mode 100644 crypto/heimdal/kadmin/kadmind.8 delete mode 100644 crypto/heimdal/kadmin/kadmind.c delete mode 100644 crypto/heimdal/kadmin/load.c delete mode 100644 crypto/heimdal/kadmin/mod.c delete mode 100644 crypto/heimdal/kadmin/pw_quality.c delete mode 100644 crypto/heimdal/kadmin/random_password.c delete mode 100644 crypto/heimdal/kadmin/rename.c delete mode 100644 crypto/heimdal/kadmin/server.c delete mode 100644 crypto/heimdal/kadmin/stash.c delete mode 100644 crypto/heimdal/kadmin/test_util.c delete mode 100644 crypto/heimdal/kadmin/util.c delete mode 100644 crypto/heimdal/kadmin/version4.c delete mode 100644 crypto/heimdal/kcm/Makefile.am delete mode 100644 crypto/heimdal/kcm/Makefile.in delete mode 100644 crypto/heimdal/kcm/acl.c delete mode 100644 crypto/heimdal/kcm/acquire.c delete mode 100644 crypto/heimdal/kcm/cache.c delete mode 100644 crypto/heimdal/kcm/client.c delete mode 100644 crypto/heimdal/kcm/config.c delete mode 100644 crypto/heimdal/kcm/connect.c delete mode 100644 crypto/heimdal/kcm/cursor.c delete mode 100644 crypto/heimdal/kcm/events.c delete mode 100644 crypto/heimdal/kcm/glue.c delete mode 100644 crypto/heimdal/kcm/headers.h delete mode 100644 crypto/heimdal/kcm/kcm.8 delete mode 100644 crypto/heimdal/kcm/kcm_locl.h delete mode 100644 crypto/heimdal/kcm/kcm_protos.h delete mode 100644 crypto/heimdal/kcm/log.c delete mode 100644 crypto/heimdal/kcm/main.c delete mode 100644 crypto/heimdal/kcm/protocol.c delete mode 100644 crypto/heimdal/kcm/renew.c delete mode 100644 crypto/heimdal/kdc/524.c delete mode 100644 crypto/heimdal/kdc/Makefile.am delete mode 100644 crypto/heimdal/kdc/Makefile.in delete mode 100644 crypto/heimdal/kdc/config.c delete mode 100644 crypto/heimdal/kdc/connect.c delete mode 100644 crypto/heimdal/kdc/default_config.c delete mode 100644 crypto/heimdal/kdc/digest.c delete mode 100644 crypto/heimdal/kdc/headers.h delete mode 100644 crypto/heimdal/kdc/hprop.8 delete mode 100644 crypto/heimdal/kdc/hprop.c delete mode 100644 crypto/heimdal/kdc/hprop.h delete mode 100644 crypto/heimdal/kdc/hpropd.8 delete mode 100644 crypto/heimdal/kdc/hpropd.c delete mode 100644 crypto/heimdal/kdc/kadb.h delete mode 100644 crypto/heimdal/kdc/kaserver.c delete mode 100644 crypto/heimdal/kdc/kdc-private.h delete mode 100644 crypto/heimdal/kdc/kdc-protos.h delete mode 100644 crypto/heimdal/kdc/kdc-replay.c delete mode 100644 crypto/heimdal/kdc/kdc.8 delete mode 100644 crypto/heimdal/kdc/kdc.h delete mode 100644 crypto/heimdal/kdc/kdc_locl.h delete mode 100644 crypto/heimdal/kdc/kerberos4.c delete mode 100644 crypto/heimdal/kdc/kerberos5.c delete mode 100644 crypto/heimdal/kdc/krb5tgs.c delete mode 100644 crypto/heimdal/kdc/kstash.8 delete mode 100644 crypto/heimdal/kdc/kstash.c delete mode 100644 crypto/heimdal/kdc/kx509.c delete mode 100644 crypto/heimdal/kdc/log.c delete mode 100644 crypto/heimdal/kdc/main.c delete mode 100644 crypto/heimdal/kdc/misc.c delete mode 100644 crypto/heimdal/kdc/mit_dump.c delete mode 100644 crypto/heimdal/kdc/pkinit.c delete mode 100644 crypto/heimdal/kdc/process.c delete mode 100644 crypto/heimdal/kdc/rx.h delete mode 100644 crypto/heimdal/kdc/set_dbinfo.c delete mode 100644 crypto/heimdal/kdc/string2key.8 delete mode 100644 crypto/heimdal/kdc/string2key.c delete mode 100644 crypto/heimdal/kdc/v4_dump.c delete mode 100644 crypto/heimdal/kdc/version-script.map delete mode 100644 crypto/heimdal/kdc/windc.c delete mode 100644 crypto/heimdal/kdc/windc_plugin.h delete mode 100644 crypto/heimdal/kpasswd/Makefile.am delete mode 100644 crypto/heimdal/kpasswd/Makefile.in delete mode 100644 crypto/heimdal/kpasswd/kpasswd-generator.c delete mode 100644 crypto/heimdal/kpasswd/kpasswd.1 delete mode 100644 crypto/heimdal/kpasswd/kpasswd.c delete mode 100644 crypto/heimdal/kpasswd/kpasswd_locl.h delete mode 100644 crypto/heimdal/kpasswd/kpasswdd.8 delete mode 100644 crypto/heimdal/kpasswd/kpasswdd.c delete mode 100644 crypto/heimdal/krb5.conf delete mode 100644 crypto/heimdal/kuser/Makefile.am delete mode 100644 crypto/heimdal/kuser/Makefile.in delete mode 100644 crypto/heimdal/kuser/copy_cred_cache.1 delete mode 100644 crypto/heimdal/kuser/copy_cred_cache.c delete mode 100644 crypto/heimdal/kuser/generate-requests.c delete mode 100644 crypto/heimdal/kuser/kauth_options.c delete mode 100644 crypto/heimdal/kuser/kdecode_ticket.c delete mode 100644 crypto/heimdal/kuser/kdestroy.1 delete mode 100644 crypto/heimdal/kuser/kdestroy.c delete mode 100644 crypto/heimdal/kuser/kdigest-commands.in delete mode 100644 crypto/heimdal/kuser/kdigest.c delete mode 100644 crypto/heimdal/kuser/kgetcred.1 delete mode 100644 crypto/heimdal/kuser/kgetcred.c delete mode 100644 crypto/heimdal/kuser/kimpersonate.1 delete mode 100644 crypto/heimdal/kuser/kimpersonate.c delete mode 100644 crypto/heimdal/kuser/kinit.1 delete mode 100644 crypto/heimdal/kuser/kinit.c delete mode 100644 crypto/heimdal/kuser/kinit_options.c delete mode 100644 crypto/heimdal/kuser/klist.1 delete mode 100644 crypto/heimdal/kuser/klist.c delete mode 100644 crypto/heimdal/kuser/kuser_locl.h delete mode 100644 crypto/heimdal/kuser/kverify.c delete mode 100644 crypto/heimdal/lib/45/45_locl.h delete mode 100644 crypto/heimdal/lib/45/Makefile.am delete mode 100644 crypto/heimdal/lib/45/Makefile.in delete mode 100644 crypto/heimdal/lib/45/get_ad_tkt.c delete mode 100644 crypto/heimdal/lib/45/mk_req.c delete mode 100644 crypto/heimdal/lib/Makefile.am delete mode 100644 crypto/heimdal/lib/Makefile.in delete mode 100644 crypto/heimdal/lib/asn1/CMS.asn1 delete mode 100644 crypto/heimdal/lib/asn1/ChangeLog delete mode 100644 crypto/heimdal/lib/asn1/Makefile.am delete mode 100644 crypto/heimdal/lib/asn1/Makefile.in delete mode 100644 crypto/heimdal/lib/asn1/asn1-common.h delete mode 100644 crypto/heimdal/lib/asn1/asn1_err.et delete mode 100644 crypto/heimdal/lib/asn1/asn1_gen.c delete mode 100644 crypto/heimdal/lib/asn1/asn1_print.c delete mode 100644 crypto/heimdal/lib/asn1/asn1_queue.h delete mode 100644 crypto/heimdal/lib/asn1/canthandle.asn1 delete mode 100644 crypto/heimdal/lib/asn1/check-common.c delete mode 100644 crypto/heimdal/lib/asn1/check-common.h delete mode 100644 crypto/heimdal/lib/asn1/check-der.c delete mode 100644 crypto/heimdal/lib/asn1/check-gen.c delete mode 100644 crypto/heimdal/lib/asn1/check-timegm.c delete mode 100644 crypto/heimdal/lib/asn1/der-protos.h delete mode 100644 crypto/heimdal/lib/asn1/der.c delete mode 100644 crypto/heimdal/lib/asn1/der.h delete mode 100644 crypto/heimdal/lib/asn1/der_cmp.c delete mode 100644 crypto/heimdal/lib/asn1/der_copy.c delete mode 100644 crypto/heimdal/lib/asn1/der_format.c delete mode 100644 crypto/heimdal/lib/asn1/der_free.c delete mode 100644 crypto/heimdal/lib/asn1/der_get.c delete mode 100644 crypto/heimdal/lib/asn1/der_length.c delete mode 100644 crypto/heimdal/lib/asn1/der_locl.h delete mode 100644 crypto/heimdal/lib/asn1/der_put.c delete mode 100644 crypto/heimdal/lib/asn1/digest.asn1 delete mode 100644 crypto/heimdal/lib/asn1/extra.c delete mode 100644 crypto/heimdal/lib/asn1/gen.c delete mode 100644 crypto/heimdal/lib/asn1/gen.h delete mode 100644 crypto/heimdal/lib/asn1/gen_copy.c delete mode 100644 crypto/heimdal/lib/asn1/gen_decode.c delete mode 100644 crypto/heimdal/lib/asn1/gen_encode.c delete mode 100644 crypto/heimdal/lib/asn1/gen_free.c delete mode 100644 crypto/heimdal/lib/asn1/gen_glue.c delete mode 100644 crypto/heimdal/lib/asn1/gen_length.c delete mode 100644 crypto/heimdal/lib/asn1/gen_locl.h delete mode 100644 crypto/heimdal/lib/asn1/gen_seq.c delete mode 100644 crypto/heimdal/lib/asn1/hash.c delete mode 100644 crypto/heimdal/lib/asn1/hash.h delete mode 100644 crypto/heimdal/lib/asn1/heim_asn1.h delete mode 100644 crypto/heimdal/lib/asn1/k5.asn1 delete mode 100644 crypto/heimdal/lib/asn1/kx509.asn1 delete mode 100644 crypto/heimdal/lib/asn1/lex.c delete mode 100644 crypto/heimdal/lib/asn1/lex.h delete mode 100644 crypto/heimdal/lib/asn1/lex.l delete mode 100644 crypto/heimdal/lib/asn1/main.c delete mode 100644 crypto/heimdal/lib/asn1/parse.c delete mode 100644 crypto/heimdal/lib/asn1/parse.h delete mode 100644 crypto/heimdal/lib/asn1/parse.y delete mode 100644 crypto/heimdal/lib/asn1/pkcs12.asn1 delete mode 100644 crypto/heimdal/lib/asn1/pkcs8.asn1 delete mode 100644 crypto/heimdal/lib/asn1/pkcs9.asn1 delete mode 100644 crypto/heimdal/lib/asn1/pkinit.asn1 delete mode 100644 crypto/heimdal/lib/asn1/rfc2459.asn1 delete mode 100644 crypto/heimdal/lib/asn1/setchgpw2.asn1 delete mode 100644 crypto/heimdal/lib/asn1/symbol.c delete mode 100644 crypto/heimdal/lib/asn1/symbol.h delete mode 100644 crypto/heimdal/lib/asn1/test.asn1 delete mode 100644 crypto/heimdal/lib/asn1/test.gen delete mode 100644 crypto/heimdal/lib/asn1/timegm.c delete mode 100644 crypto/heimdal/lib/asn1/x509.asn1 delete mode 100644 crypto/heimdal/lib/auth/ChangeLog delete mode 100644 crypto/heimdal/lib/auth/Makefile.am delete mode 100644 crypto/heimdal/lib/auth/Makefile.in delete mode 100644 crypto/heimdal/lib/auth/afskauthlib/Makefile.am delete mode 100644 crypto/heimdal/lib/auth/afskauthlib/Makefile.in delete mode 100644 crypto/heimdal/lib/auth/afskauthlib/verify.c delete mode 100644 crypto/heimdal/lib/auth/pam/Makefile.am delete mode 100644 crypto/heimdal/lib/auth/pam/Makefile.in delete mode 100644 crypto/heimdal/lib/auth/pam/pam.c delete mode 100644 crypto/heimdal/lib/auth/pam/pam.conf.add delete mode 100644 crypto/heimdal/lib/auth/sia/Makefile.am delete mode 100644 crypto/heimdal/lib/auth/sia/Makefile.in delete mode 100644 crypto/heimdal/lib/auth/sia/krb4+c2_matrix.conf delete mode 100644 crypto/heimdal/lib/auth/sia/krb4_matrix.conf delete mode 100644 crypto/heimdal/lib/auth/sia/krb5+c2_matrix.conf delete mode 100644 crypto/heimdal/lib/auth/sia/krb5_matrix.conf delete mode 100755 crypto/heimdal/lib/auth/sia/make-rpath delete mode 100644 crypto/heimdal/lib/auth/sia/posix_getpw.c delete mode 100644 crypto/heimdal/lib/auth/sia/security.patch delete mode 100644 crypto/heimdal/lib/auth/sia/sia.c delete mode 100644 crypto/heimdal/lib/auth/sia/sia_locl.h delete mode 100644 crypto/heimdal/lib/com_err/ChangeLog delete mode 100644 crypto/heimdal/lib/com_err/Makefile.am delete mode 100644 crypto/heimdal/lib/com_err/Makefile.in delete mode 100644 crypto/heimdal/lib/com_err/com_err.c delete mode 100644 crypto/heimdal/lib/com_err/com_err.h delete mode 100644 crypto/heimdal/lib/com_err/com_right.h delete mode 100644 crypto/heimdal/lib/com_err/compile_et.c delete mode 100644 crypto/heimdal/lib/com_err/compile_et.h delete mode 100644 crypto/heimdal/lib/com_err/error.c delete mode 100644 crypto/heimdal/lib/com_err/lex.c delete mode 100644 crypto/heimdal/lib/com_err/lex.h delete mode 100644 crypto/heimdal/lib/com_err/lex.l delete mode 100644 crypto/heimdal/lib/com_err/parse.c delete mode 100644 crypto/heimdal/lib/com_err/parse.h delete mode 100644 crypto/heimdal/lib/com_err/parse.y delete mode 100644 crypto/heimdal/lib/com_err/roken_rename.h delete mode 100644 crypto/heimdal/lib/com_err/version-script.map delete mode 100644 crypto/heimdal/lib/gssapi/8003.c delete mode 100644 crypto/heimdal/lib/gssapi/ChangeLog delete mode 100644 crypto/heimdal/lib/gssapi/Makefile.am delete mode 100644 crypto/heimdal/lib/gssapi/Makefile.in delete mode 100644 crypto/heimdal/lib/gssapi/accept_sec_context.c delete mode 100644 crypto/heimdal/lib/gssapi/acquire_cred.c delete mode 100644 crypto/heimdal/lib/gssapi/add_cred.c delete mode 100644 crypto/heimdal/lib/gssapi/add_oid_set_member.c delete mode 100644 crypto/heimdal/lib/gssapi/address_to_krb5addr.c delete mode 100644 crypto/heimdal/lib/gssapi/arcfour.c delete mode 100644 crypto/heimdal/lib/gssapi/arcfour.h delete mode 100644 crypto/heimdal/lib/gssapi/canonicalize_name.c delete mode 100644 crypto/heimdal/lib/gssapi/compare_name.c delete mode 100644 crypto/heimdal/lib/gssapi/compat.c delete mode 100644 crypto/heimdal/lib/gssapi/context_time.c delete mode 100644 crypto/heimdal/lib/gssapi/copy_ccache.c delete mode 100644 crypto/heimdal/lib/gssapi/create_emtpy_oid_set.c delete mode 100644 crypto/heimdal/lib/gssapi/decapsulate.c delete mode 100644 crypto/heimdal/lib/gssapi/delete_sec_context.c delete mode 100644 crypto/heimdal/lib/gssapi/display_name.c delete mode 100644 crypto/heimdal/lib/gssapi/display_status.c delete mode 100644 crypto/heimdal/lib/gssapi/duplicate_name.c delete mode 100644 crypto/heimdal/lib/gssapi/encapsulate.c delete mode 100644 crypto/heimdal/lib/gssapi/export_name.c delete mode 100644 crypto/heimdal/lib/gssapi/export_sec_context.c delete mode 100644 crypto/heimdal/lib/gssapi/external.c delete mode 100644 crypto/heimdal/lib/gssapi/get_mic.c delete mode 100644 crypto/heimdal/lib/gssapi/gss-commands.in delete mode 100644 crypto/heimdal/lib/gssapi/gss.c delete mode 100644 crypto/heimdal/lib/gssapi/gss_acquire_cred.3 delete mode 100644 crypto/heimdal/lib/gssapi/gssapi.3 delete mode 100644 crypto/heimdal/lib/gssapi/gssapi.h delete mode 100644 crypto/heimdal/lib/gssapi/gssapi/gssapi.h delete mode 100644 crypto/heimdal/lib/gssapi/gssapi/gssapi_krb5.h delete mode 100644 crypto/heimdal/lib/gssapi/gssapi/gssapi_spnego.h delete mode 100644 crypto/heimdal/lib/gssapi/gssapi_locl.h delete mode 100644 crypto/heimdal/lib/gssapi/gssapi_mech.h delete mode 100644 crypto/heimdal/lib/gssapi/import_name.c delete mode 100644 crypto/heimdal/lib/gssapi/import_sec_context.c delete mode 100644 crypto/heimdal/lib/gssapi/indicate_mechs.c delete mode 100644 crypto/heimdal/lib/gssapi/init.c delete mode 100644 crypto/heimdal/lib/gssapi/init_sec_context.c delete mode 100644 crypto/heimdal/lib/gssapi/inquire_context.c delete mode 100644 crypto/heimdal/lib/gssapi/inquire_cred.c delete mode 100644 crypto/heimdal/lib/gssapi/inquire_cred_by_mech.c delete mode 100644 crypto/heimdal/lib/gssapi/inquire_mechs_for_name.c delete mode 100644 crypto/heimdal/lib/gssapi/inquire_names_for_mech.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/8003.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/accept_sec_context.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/acquire_cred.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/add_cred.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/address_to_krb5addr.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/arcfour.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/canonicalize_name.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/ccache_name.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/cfx.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/cfx.h delete mode 100644 crypto/heimdal/lib/gssapi/krb5/compare_name.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/compat.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/context_time.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/copy_ccache.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/decapsulate.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/delete_sec_context.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/display_name.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/display_status.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/duplicate_name.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/encapsulate.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/export_name.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/export_sec_context.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/external.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/get_mic.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/gkrb5_err.et delete mode 100644 crypto/heimdal/lib/gssapi/krb5/gsskrb5-private.h delete mode 100644 crypto/heimdal/lib/gssapi/krb5/gsskrb5_locl.h delete mode 100644 crypto/heimdal/lib/gssapi/krb5/import_name.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/import_sec_context.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/indicate_mechs.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/init.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/init_sec_context.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/inquire_context.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/inquire_cred.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/inquire_cred_by_mech.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/inquire_cred_by_oid.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/inquire_mechs_for_name.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/inquire_names_for_mech.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/inquire_sec_context_by_oid.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/prf.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/process_context_token.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/release_buffer.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/release_cred.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/release_name.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/sequence.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/set_cred_option.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/set_sec_context_option.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/test_cfx.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/ticket_flags.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/unwrap.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/v1.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/verify_mic.c delete mode 100644 crypto/heimdal/lib/gssapi/krb5/wrap.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/accept_sec_context.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/acquire_cred.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/add_cred.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/canonicalize_name.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/compare_name.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/context_time.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/crypto.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/delete_sec_context.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/digest.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/display_name.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/display_status.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/duplicate_name.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/export_name.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/export_sec_context.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/external.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/import_name.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/import_sec_context.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/indicate_mechs.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/init_sec_context.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/inquire_context.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/inquire_cred.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/inquire_cred_by_mech.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/inquire_mechs_for_name.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/inquire_names_for_mech.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/ntlm-private.h delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/ntlm.h delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/process_context_token.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/release_cred.c delete mode 100644 crypto/heimdal/lib/gssapi/ntlm/release_name.c delete mode 100644 crypto/heimdal/lib/gssapi/process_context_token.c delete mode 100644 crypto/heimdal/lib/gssapi/release_buffer.c delete mode 100644 crypto/heimdal/lib/gssapi/release_cred.c delete mode 100644 crypto/heimdal/lib/gssapi/release_name.c delete mode 100644 crypto/heimdal/lib/gssapi/release_oid_set.c delete mode 100644 crypto/heimdal/lib/gssapi/spnego/accept_sec_context.c delete mode 100644 crypto/heimdal/lib/gssapi/spnego/compat.c delete mode 100644 crypto/heimdal/lib/gssapi/spnego/context_stubs.c delete mode 100644 crypto/heimdal/lib/gssapi/spnego/cred_stubs.c delete mode 100644 crypto/heimdal/lib/gssapi/spnego/external.c delete mode 100644 crypto/heimdal/lib/gssapi/spnego/init_sec_context.c delete mode 100644 crypto/heimdal/lib/gssapi/spnego/spnego-private.h delete mode 100644 crypto/heimdal/lib/gssapi/spnego/spnego.asn1 delete mode 100644 crypto/heimdal/lib/gssapi/spnego/spnego_locl.h delete mode 100644 crypto/heimdal/lib/gssapi/test_acquire_cred.c delete mode 100644 crypto/heimdal/lib/gssapi/test_common.c delete mode 100644 crypto/heimdal/lib/gssapi/test_common.h delete mode 100644 crypto/heimdal/lib/gssapi/test_context.c delete mode 100644 crypto/heimdal/lib/gssapi/test_cred.c delete mode 100644 crypto/heimdal/lib/gssapi/test_kcred.c delete mode 100644 crypto/heimdal/lib/gssapi/test_names.c delete mode 100644 crypto/heimdal/lib/gssapi/test_ntlm.c delete mode 100644 crypto/heimdal/lib/gssapi/test_oid.c delete mode 100644 crypto/heimdal/lib/gssapi/test_oid_set_member.c delete mode 100644 crypto/heimdal/lib/gssapi/unwrap.c delete mode 100644 crypto/heimdal/lib/gssapi/v1.c delete mode 100644 crypto/heimdal/lib/gssapi/verify_mic.c delete mode 100644 crypto/heimdal/lib/gssapi/version-script.map delete mode 100644 crypto/heimdal/lib/gssapi/wrap.c delete mode 100644 crypto/heimdal/lib/hdb/Makefile.am delete mode 100644 crypto/heimdal/lib/hdb/Makefile.in delete mode 100644 crypto/heimdal/lib/hdb/common.c delete mode 100644 crypto/heimdal/lib/hdb/convert_db.c delete mode 100644 crypto/heimdal/lib/hdb/db.c delete mode 100644 crypto/heimdal/lib/hdb/db3.c delete mode 100644 crypto/heimdal/lib/hdb/dbinfo.c delete mode 100644 crypto/heimdal/lib/hdb/ext.c delete mode 100644 crypto/heimdal/lib/hdb/hdb-ldap.c delete mode 100644 crypto/heimdal/lib/hdb/hdb-private.h delete mode 100644 crypto/heimdal/lib/hdb/hdb-protos.h delete mode 100644 crypto/heimdal/lib/hdb/hdb.asn1 delete mode 100644 crypto/heimdal/lib/hdb/hdb.c delete mode 100644 crypto/heimdal/lib/hdb/hdb.h delete mode 100644 crypto/heimdal/lib/hdb/hdb.schema delete mode 100644 crypto/heimdal/lib/hdb/hdb_err.et delete mode 100644 crypto/heimdal/lib/hdb/hdb_locl.h delete mode 100644 crypto/heimdal/lib/hdb/keys.c delete mode 100644 crypto/heimdal/lib/hdb/keytab.c delete mode 100644 crypto/heimdal/lib/hdb/mkey.c delete mode 100644 crypto/heimdal/lib/hdb/ndbm.c delete mode 100644 crypto/heimdal/lib/hdb/print.c delete mode 100644 crypto/heimdal/lib/hdb/test_dbinfo.c delete mode 100644 crypto/heimdal/lib/hx509/ChangeLog delete mode 100644 crypto/heimdal/lib/hx509/Makefile.am delete mode 100644 crypto/heimdal/lib/hx509/Makefile.in delete mode 100644 crypto/heimdal/lib/hx509/ca.c delete mode 100644 crypto/heimdal/lib/hx509/cert.c delete mode 100644 crypto/heimdal/lib/hx509/cms.c delete mode 100644 crypto/heimdal/lib/hx509/collector.c delete mode 100644 crypto/heimdal/lib/hx509/crmf.asn1 delete mode 100644 crypto/heimdal/lib/hx509/crypto.c delete mode 100644 crypto/heimdal/lib/hx509/data/bleichenbacher-bad.pem delete mode 100644 crypto/heimdal/lib/hx509/data/bleichenbacher-good.pem delete mode 100644 crypto/heimdal/lib/hx509/data/bleichenbacher-sf-pad-correct.pem delete mode 100644 crypto/heimdal/lib/hx509/data/ca.crt delete mode 100644 crypto/heimdal/lib/hx509/data/ca.key delete mode 100644 crypto/heimdal/lib/hx509/data/crl1.crl delete mode 100644 crypto/heimdal/lib/hx509/data/crl1.der delete mode 100644 crypto/heimdal/lib/hx509/data/gen-req.sh delete mode 100644 crypto/heimdal/lib/hx509/data/j.pem delete mode 100644 crypto/heimdal/lib/hx509/data/kdc.crt delete mode 100644 crypto/heimdal/lib/hx509/data/kdc.key delete mode 100644 crypto/heimdal/lib/hx509/data/key.der delete mode 100644 crypto/heimdal/lib/hx509/data/key2.der delete mode 100644 crypto/heimdal/lib/hx509/data/nist-data delete mode 100644 crypto/heimdal/lib/hx509/data/nist-data2 delete mode 100644 crypto/heimdal/lib/hx509/data/no-proxy-test.crt delete mode 100644 crypto/heimdal/lib/hx509/data/no-proxy-test.key delete mode 100644 crypto/heimdal/lib/hx509/data/ocsp-req1.der delete mode 100644 crypto/heimdal/lib/hx509/data/ocsp-req2.der delete mode 100644 crypto/heimdal/lib/hx509/data/ocsp-resp1-2.der delete mode 100644 crypto/heimdal/lib/hx509/data/ocsp-resp1-3.der delete mode 100644 crypto/heimdal/lib/hx509/data/ocsp-resp1-ca.der delete mode 100644 crypto/heimdal/lib/hx509/data/ocsp-resp1-keyhash.der delete mode 100644 crypto/heimdal/lib/hx509/data/ocsp-resp1-ocsp-no-cert.der delete mode 100644 crypto/heimdal/lib/hx509/data/ocsp-resp1-ocsp.der delete mode 100644 crypto/heimdal/lib/hx509/data/ocsp-resp1.der delete mode 100644 crypto/heimdal/lib/hx509/data/ocsp-resp2.der delete mode 100644 crypto/heimdal/lib/hx509/data/ocsp-responder.crt delete mode 100644 crypto/heimdal/lib/hx509/data/ocsp-responder.key delete mode 100644 crypto/heimdal/lib/hx509/data/openssl.cnf delete mode 100644 crypto/heimdal/lib/hx509/data/pkinit-proxy-chain.crt delete mode 100644 crypto/heimdal/lib/hx509/data/pkinit-proxy.crt delete mode 100644 crypto/heimdal/lib/hx509/data/pkinit-proxy.key delete mode 100644 crypto/heimdal/lib/hx509/data/pkinit-pw.key delete mode 100644 crypto/heimdal/lib/hx509/data/pkinit.crt delete mode 100644 crypto/heimdal/lib/hx509/data/pkinit.key delete mode 100644 crypto/heimdal/lib/hx509/data/proxy-level-test.crt delete mode 100644 crypto/heimdal/lib/hx509/data/proxy-level-test.key delete mode 100644 crypto/heimdal/lib/hx509/data/proxy-test.crt delete mode 100644 crypto/heimdal/lib/hx509/data/proxy-test.key delete mode 100644 crypto/heimdal/lib/hx509/data/proxy10-child-child-test.crt delete mode 100644 crypto/heimdal/lib/hx509/data/proxy10-child-child-test.key delete mode 100644 crypto/heimdal/lib/hx509/data/proxy10-child-test.crt delete mode 100644 crypto/heimdal/lib/hx509/data/proxy10-child-test.key delete mode 100644 crypto/heimdal/lib/hx509/data/proxy10-test.crt delete mode 100644 crypto/heimdal/lib/hx509/data/proxy10-test.key delete mode 100644 crypto/heimdal/lib/hx509/data/revoke.crt delete mode 100644 crypto/heimdal/lib/hx509/data/revoke.key delete mode 100644 crypto/heimdal/lib/hx509/data/sf-class2-root.pem delete mode 100644 crypto/heimdal/lib/hx509/data/static-file delete mode 100644 crypto/heimdal/lib/hx509/data/sub-ca.crt delete mode 100644 crypto/heimdal/lib/hx509/data/sub-ca.key delete mode 100644 crypto/heimdal/lib/hx509/data/sub-cert.crt delete mode 100644 crypto/heimdal/lib/hx509/data/sub-cert.key delete mode 100644 crypto/heimdal/lib/hx509/data/sub-cert.p12 delete mode 100644 crypto/heimdal/lib/hx509/data/test-ds-only.crt delete mode 100644 crypto/heimdal/lib/hx509/data/test-ds-only.key delete mode 100644 crypto/heimdal/lib/hx509/data/test-enveloped-aes-128 delete mode 100644 crypto/heimdal/lib/hx509/data/test-enveloped-aes-256 delete mode 100644 crypto/heimdal/lib/hx509/data/test-enveloped-des delete mode 100644 crypto/heimdal/lib/hx509/data/test-enveloped-des-ede3 delete mode 100644 crypto/heimdal/lib/hx509/data/test-enveloped-rc2-128 delete mode 100644 crypto/heimdal/lib/hx509/data/test-enveloped-rc2-40 delete mode 100644 crypto/heimdal/lib/hx509/data/test-enveloped-rc2-64 delete mode 100644 crypto/heimdal/lib/hx509/data/test-ke-only.crt delete mode 100644 crypto/heimdal/lib/hx509/data/test-ke-only.key delete mode 100644 crypto/heimdal/lib/hx509/data/test-nopw.p12 delete mode 100644 crypto/heimdal/lib/hx509/data/test-pw.key delete mode 100644 crypto/heimdal/lib/hx509/data/test-signed-data delete mode 100644 crypto/heimdal/lib/hx509/data/test-signed-data-noattr delete mode 100644 crypto/heimdal/lib/hx509/data/test-signed-data-noattr-nocerts delete mode 100644 crypto/heimdal/lib/hx509/data/test.combined.crt delete mode 100644 crypto/heimdal/lib/hx509/data/test.crt delete mode 100644 crypto/heimdal/lib/hx509/data/test.key delete mode 100644 crypto/heimdal/lib/hx509/data/test.p12 delete mode 100644 crypto/heimdal/lib/hx509/data/yutaka-pad-broken-ca.pem delete mode 100644 crypto/heimdal/lib/hx509/data/yutaka-pad-broken-cert.pem delete mode 100644 crypto/heimdal/lib/hx509/data/yutaka-pad-ok-ca.pem delete mode 100644 crypto/heimdal/lib/hx509/data/yutaka-pad-ok-cert.pem delete mode 100644 crypto/heimdal/lib/hx509/data/yutaka-pad.key delete mode 100644 crypto/heimdal/lib/hx509/doxygen.c delete mode 100644 crypto/heimdal/lib/hx509/env.c delete mode 100644 crypto/heimdal/lib/hx509/error.c delete mode 100644 crypto/heimdal/lib/hx509/file.c delete mode 100644 crypto/heimdal/lib/hx509/hx509-private.h delete mode 100644 crypto/heimdal/lib/hx509/hx509-protos.h delete mode 100644 crypto/heimdal/lib/hx509/hx509.h delete mode 100644 crypto/heimdal/lib/hx509/hx509_err.et delete mode 100644 crypto/heimdal/lib/hx509/hx_locl.h delete mode 100644 crypto/heimdal/lib/hx509/hxtool-commands.in delete mode 100644 crypto/heimdal/lib/hx509/hxtool.c delete mode 100644 crypto/heimdal/lib/hx509/keyset.c delete mode 100644 crypto/heimdal/lib/hx509/ks_dir.c delete mode 100644 crypto/heimdal/lib/hx509/ks_file.c delete mode 100644 crypto/heimdal/lib/hx509/ks_keychain.c delete mode 100644 crypto/heimdal/lib/hx509/ks_mem.c delete mode 100644 crypto/heimdal/lib/hx509/ks_null.c delete mode 100644 crypto/heimdal/lib/hx509/ks_p11.c delete mode 100644 crypto/heimdal/lib/hx509/ks_p12.c delete mode 100644 crypto/heimdal/lib/hx509/lock.c delete mode 100644 crypto/heimdal/lib/hx509/name.c delete mode 100644 crypto/heimdal/lib/hx509/ocsp.asn1 delete mode 100644 crypto/heimdal/lib/hx509/peer.c delete mode 100644 crypto/heimdal/lib/hx509/pkcs10.asn1 delete mode 100644 crypto/heimdal/lib/hx509/print.c delete mode 100644 crypto/heimdal/lib/hx509/ref/pkcs11.h delete mode 100644 crypto/heimdal/lib/hx509/req.c delete mode 100644 crypto/heimdal/lib/hx509/revoke.c delete mode 100644 crypto/heimdal/lib/hx509/softp11.c delete mode 100644 crypto/heimdal/lib/hx509/test_ca.in delete mode 100644 crypto/heimdal/lib/hx509/test_cert.in delete mode 100644 crypto/heimdal/lib/hx509/test_chain.in delete mode 100644 crypto/heimdal/lib/hx509/test_cms.in delete mode 100644 crypto/heimdal/lib/hx509/test_crypto.in delete mode 100644 crypto/heimdal/lib/hx509/test_java_pkcs11.in delete mode 100644 crypto/heimdal/lib/hx509/test_name.c delete mode 100644 crypto/heimdal/lib/hx509/test_nist.in delete mode 100644 crypto/heimdal/lib/hx509/test_nist2.in delete mode 100644 crypto/heimdal/lib/hx509/test_nist_cert.in delete mode 100644 crypto/heimdal/lib/hx509/test_nist_pkcs12.in delete mode 100644 crypto/heimdal/lib/hx509/test_pkcs11.in delete mode 100644 crypto/heimdal/lib/hx509/test_query.in delete mode 100644 crypto/heimdal/lib/hx509/test_req.in delete mode 100644 crypto/heimdal/lib/hx509/test_soft_pkcs11.c delete mode 100644 crypto/heimdal/lib/hx509/test_windows.in delete mode 100644 crypto/heimdal/lib/hx509/tst-crypto-available1 delete mode 100644 crypto/heimdal/lib/hx509/tst-crypto-available2 delete mode 100644 crypto/heimdal/lib/hx509/tst-crypto-available3 delete mode 100644 crypto/heimdal/lib/hx509/tst-crypto-select delete mode 100644 crypto/heimdal/lib/hx509/tst-crypto-select1 delete mode 100644 crypto/heimdal/lib/hx509/tst-crypto-select2 delete mode 100644 crypto/heimdal/lib/hx509/tst-crypto-select3 delete mode 100644 crypto/heimdal/lib/hx509/tst-crypto-select4 delete mode 100644 crypto/heimdal/lib/hx509/tst-crypto-select5 delete mode 100644 crypto/heimdal/lib/hx509/tst-crypto-select6 delete mode 100644 crypto/heimdal/lib/hx509/tst-crypto-select7 delete mode 100644 crypto/heimdal/lib/hx509/version-script.map delete mode 100644 crypto/heimdal/lib/kadm5/ChangeLog delete mode 100644 crypto/heimdal/lib/kadm5/Makefile.am delete mode 100644 crypto/heimdal/lib/kadm5/Makefile.in delete mode 100644 crypto/heimdal/lib/kadm5/acl.c delete mode 100644 crypto/heimdal/lib/kadm5/ad.c delete mode 100644 crypto/heimdal/lib/kadm5/admin.h delete mode 100644 crypto/heimdal/lib/kadm5/bump_pw_expire.c delete mode 100755 crypto/heimdal/lib/kadm5/check-cracklib.pl delete mode 100644 crypto/heimdal/lib/kadm5/chpass_c.c delete mode 100644 crypto/heimdal/lib/kadm5/chpass_s.c delete mode 100644 crypto/heimdal/lib/kadm5/client_glue.c delete mode 100644 crypto/heimdal/lib/kadm5/common_glue.c delete mode 100644 crypto/heimdal/lib/kadm5/context_s.c delete mode 100644 crypto/heimdal/lib/kadm5/create_c.c delete mode 100644 crypto/heimdal/lib/kadm5/create_s.c delete mode 100644 crypto/heimdal/lib/kadm5/default_keys.c delete mode 100644 crypto/heimdal/lib/kadm5/delete_c.c delete mode 100644 crypto/heimdal/lib/kadm5/delete_s.c delete mode 100644 crypto/heimdal/lib/kadm5/destroy_c.c delete mode 100644 crypto/heimdal/lib/kadm5/destroy_s.c delete mode 100644 crypto/heimdal/lib/kadm5/dump_log.c delete mode 100644 crypto/heimdal/lib/kadm5/ent_setup.c delete mode 100644 crypto/heimdal/lib/kadm5/error.c delete mode 100644 crypto/heimdal/lib/kadm5/flush.c delete mode 100644 crypto/heimdal/lib/kadm5/flush_c.c delete mode 100644 crypto/heimdal/lib/kadm5/flush_s.c delete mode 100644 crypto/heimdal/lib/kadm5/free.c delete mode 100644 crypto/heimdal/lib/kadm5/get_c.c delete mode 100644 crypto/heimdal/lib/kadm5/get_princs_c.c delete mode 100644 crypto/heimdal/lib/kadm5/get_princs_s.c delete mode 100644 crypto/heimdal/lib/kadm5/get_s.c delete mode 100644 crypto/heimdal/lib/kadm5/init_c.c delete mode 100644 crypto/heimdal/lib/kadm5/init_s.c delete mode 100644 crypto/heimdal/lib/kadm5/iprop-commands.in delete mode 100644 crypto/heimdal/lib/kadm5/iprop-log.8 delete mode 100644 crypto/heimdal/lib/kadm5/iprop-log.c delete mode 100644 crypto/heimdal/lib/kadm5/iprop.8 delete mode 100644 crypto/heimdal/lib/kadm5/iprop.h delete mode 100644 crypto/heimdal/lib/kadm5/ipropd_common.c delete mode 100644 crypto/heimdal/lib/kadm5/ipropd_master.c delete mode 100644 crypto/heimdal/lib/kadm5/ipropd_slave.c delete mode 100644 crypto/heimdal/lib/kadm5/kadm5-private.h delete mode 100644 crypto/heimdal/lib/kadm5/kadm5-protos.h delete mode 100644 crypto/heimdal/lib/kadm5/kadm5-pwcheck.h delete mode 100644 crypto/heimdal/lib/kadm5/kadm5_err.et delete mode 100644 crypto/heimdal/lib/kadm5/kadm5_locl.h delete mode 100644 crypto/heimdal/lib/kadm5/kadm5_pwcheck.3 delete mode 100644 crypto/heimdal/lib/kadm5/keys.c delete mode 100644 crypto/heimdal/lib/kadm5/log.c delete mode 100644 crypto/heimdal/lib/kadm5/marshall.c delete mode 100644 crypto/heimdal/lib/kadm5/modify_c.c delete mode 100644 crypto/heimdal/lib/kadm5/modify_s.c delete mode 100644 crypto/heimdal/lib/kadm5/password_quality.c delete mode 100644 crypto/heimdal/lib/kadm5/private.h delete mode 100644 crypto/heimdal/lib/kadm5/privs_c.c delete mode 100644 crypto/heimdal/lib/kadm5/privs_s.c delete mode 100644 crypto/heimdal/lib/kadm5/randkey_c.c delete mode 100644 crypto/heimdal/lib/kadm5/randkey_s.c delete mode 100644 crypto/heimdal/lib/kadm5/rename_c.c delete mode 100644 crypto/heimdal/lib/kadm5/rename_s.c delete mode 100644 crypto/heimdal/lib/kadm5/replay_log.c delete mode 100644 crypto/heimdal/lib/kadm5/sample_passwd_check.c delete mode 100644 crypto/heimdal/lib/kadm5/send_recv.c delete mode 100644 crypto/heimdal/lib/kadm5/server_glue.c delete mode 100644 crypto/heimdal/lib/kadm5/set_keys.c delete mode 100644 crypto/heimdal/lib/kadm5/set_modifier.c delete mode 100644 crypto/heimdal/lib/kadm5/test_pw_quality.c delete mode 100644 crypto/heimdal/lib/kadm5/truncate_log.c delete mode 100644 crypto/heimdal/lib/kadm5/version-script.map delete mode 100644 crypto/heimdal/lib/kafs/ChangeLog delete mode 100644 crypto/heimdal/lib/kafs/Makefile.am delete mode 100644 crypto/heimdal/lib/kafs/Makefile.in delete mode 100644 crypto/heimdal/lib/kafs/README.dlfcn delete mode 100644 crypto/heimdal/lib/kafs/afskrb.c delete mode 100644 crypto/heimdal/lib/kafs/afskrb5.c delete mode 100644 crypto/heimdal/lib/kafs/afsl.exp delete mode 100644 crypto/heimdal/lib/kafs/afslib.c delete mode 100644 crypto/heimdal/lib/kafs/afslib.exp delete mode 100644 crypto/heimdal/lib/kafs/afssys.c delete mode 100644 crypto/heimdal/lib/kafs/afssysdefs.h delete mode 100644 crypto/heimdal/lib/kafs/common.c delete mode 100644 crypto/heimdal/lib/kafs/dlfcn.c delete mode 100644 crypto/heimdal/lib/kafs/dlfcn.h delete mode 100644 crypto/heimdal/lib/kafs/kafs.3 delete mode 100644 crypto/heimdal/lib/kafs/kafs.h delete mode 100644 crypto/heimdal/lib/kafs/kafs_locl.h delete mode 100644 crypto/heimdal/lib/kafs/roken_rename.h delete mode 100644 crypto/heimdal/lib/krb5/Makefile.am delete mode 100644 crypto/heimdal/lib/krb5/Makefile.in delete mode 100644 crypto/heimdal/lib/krb5/acache.c delete mode 100644 crypto/heimdal/lib/krb5/acl.c delete mode 100644 crypto/heimdal/lib/krb5/add_et_list.c delete mode 100644 crypto/heimdal/lib/krb5/addr_families.c delete mode 100644 crypto/heimdal/lib/krb5/aes-test.c delete mode 100644 crypto/heimdal/lib/krb5/aname_to_localname.c delete mode 100644 crypto/heimdal/lib/krb5/appdefault.c delete mode 100644 crypto/heimdal/lib/krb5/asn1_glue.c delete mode 100644 crypto/heimdal/lib/krb5/auth_context.c delete mode 100644 crypto/heimdal/lib/krb5/build_ap_req.c delete mode 100644 crypto/heimdal/lib/krb5/build_auth.c delete mode 100644 crypto/heimdal/lib/krb5/cache.c delete mode 100644 crypto/heimdal/lib/krb5/changepw.c delete mode 100644 crypto/heimdal/lib/krb5/codec.c delete mode 100644 crypto/heimdal/lib/krb5/config_file.c delete mode 100644 crypto/heimdal/lib/krb5/config_file_netinfo.c delete mode 100644 crypto/heimdal/lib/krb5/constants.c delete mode 100644 crypto/heimdal/lib/krb5/context.c delete mode 100644 crypto/heimdal/lib/krb5/convert_creds.c delete mode 100644 crypto/heimdal/lib/krb5/copy_host_realm.c delete mode 100644 crypto/heimdal/lib/krb5/crc.c delete mode 100644 crypto/heimdal/lib/krb5/creds.c delete mode 100644 crypto/heimdal/lib/krb5/crypto.c delete mode 100644 crypto/heimdal/lib/krb5/data.c delete mode 100644 crypto/heimdal/lib/krb5/derived-key-test.c delete mode 100644 crypto/heimdal/lib/krb5/digest.c delete mode 100644 crypto/heimdal/lib/krb5/doxygen.c delete mode 100644 crypto/heimdal/lib/krb5/dump_config.c delete mode 100644 crypto/heimdal/lib/krb5/eai_to_heim_errno.c delete mode 100644 crypto/heimdal/lib/krb5/error_string.c delete mode 100644 crypto/heimdal/lib/krb5/expand_hostname.c delete mode 100644 crypto/heimdal/lib/krb5/fcache.c delete mode 100644 crypto/heimdal/lib/krb5/free.c delete mode 100644 crypto/heimdal/lib/krb5/free_host_realm.c delete mode 100644 crypto/heimdal/lib/krb5/generate_seq_number.c delete mode 100644 crypto/heimdal/lib/krb5/generate_subkey.c delete mode 100644 crypto/heimdal/lib/krb5/get_addrs.c delete mode 100644 crypto/heimdal/lib/krb5/get_cred.c delete mode 100644 crypto/heimdal/lib/krb5/get_default_principal.c delete mode 100644 crypto/heimdal/lib/krb5/get_default_realm.c delete mode 100644 crypto/heimdal/lib/krb5/get_for_creds.c delete mode 100644 crypto/heimdal/lib/krb5/get_host_realm.c delete mode 100644 crypto/heimdal/lib/krb5/get_in_tkt.c delete mode 100644 crypto/heimdal/lib/krb5/get_in_tkt_pw.c delete mode 100644 crypto/heimdal/lib/krb5/get_in_tkt_with_keytab.c delete mode 100644 crypto/heimdal/lib/krb5/get_in_tkt_with_skey.c delete mode 100644 crypto/heimdal/lib/krb5/get_port.c delete mode 100644 crypto/heimdal/lib/krb5/heim_err.et delete mode 100644 crypto/heimdal/lib/krb5/heim_threads.h delete mode 100644 crypto/heimdal/lib/krb5/init_creds.c delete mode 100644 crypto/heimdal/lib/krb5/init_creds_pw.c delete mode 100644 crypto/heimdal/lib/krb5/k524_err.et delete mode 100644 crypto/heimdal/lib/krb5/kcm.c delete mode 100644 crypto/heimdal/lib/krb5/kcm.h delete mode 100644 crypto/heimdal/lib/krb5/kerberos.8 delete mode 100644 crypto/heimdal/lib/krb5/keyblock.c delete mode 100644 crypto/heimdal/lib/krb5/keytab.c delete mode 100644 crypto/heimdal/lib/krb5/keytab_any.c delete mode 100644 crypto/heimdal/lib/krb5/keytab_file.c delete mode 100644 crypto/heimdal/lib/krb5/keytab_keyfile.c delete mode 100644 crypto/heimdal/lib/krb5/keytab_krb4.c delete mode 100644 crypto/heimdal/lib/krb5/keytab_memory.c delete mode 100644 crypto/heimdal/lib/krb5/krb5-private.h delete mode 100644 crypto/heimdal/lib/krb5/krb5-protos.h delete mode 100644 crypto/heimdal/lib/krb5/krb5-v4compat.h delete mode 100644 crypto/heimdal/lib/krb5/krb5.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5.conf.5 delete mode 100644 crypto/heimdal/lib/krb5/krb5.h delete mode 100644 crypto/heimdal/lib/krb5/krb5.moduli delete mode 100644 crypto/heimdal/lib/krb5/krb524_convert_creds_kdc.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_425_conv_principal.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_acl_match_file.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_address.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_aname_to_localname.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_appdefault.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_auth_context.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_build_principal.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_c_make_checksum.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_ccache.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_ccapi.h delete mode 100644 crypto/heimdal/lib/krb5/krb5_check_transited.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_compare_creds.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_config.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_context.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_create_checksum.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_creds.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_crypto_init.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_data.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_digest.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_eai_to_heim_errno.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_encrypt.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_err.et delete mode 100644 crypto/heimdal/lib/krb5/krb5_expand_hostname.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_find_padata.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_free_addresses.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_free_principal.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_generate_random_block.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_get_all_client_addrs.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_get_credentials.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_get_creds.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_get_forwarded_creds.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_get_in_cred.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_get_init_creds.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_get_krbhst.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_getportbyname.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_init_context.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_is_thread_safe.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_keyblock.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_keytab.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_krbhst_init.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_kuserok.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_locl.h delete mode 100644 crypto/heimdal/lib/krb5/krb5_mk_req.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_mk_safe.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_openlog.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_parse_name.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_principal.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_principal_get_realm.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_rcache.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_rd_error.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_rd_safe.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_set_default_realm.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_set_password.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_sname_to_principal.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_storage.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_string_to_key.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_ticket.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_timeofday.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_unparse_name.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_verify_init_creds.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_verify_user.3 delete mode 100644 crypto/heimdal/lib/krb5/krb5_warn.3 delete mode 100644 crypto/heimdal/lib/krb5/krb_err.et delete mode 100644 crypto/heimdal/lib/krb5/krbhst-test.c delete mode 100644 crypto/heimdal/lib/krb5/krbhst.c delete mode 100644 crypto/heimdal/lib/krb5/kuserok.c delete mode 100644 crypto/heimdal/lib/krb5/locate_plugin.h delete mode 100644 crypto/heimdal/lib/krb5/log.c delete mode 100644 crypto/heimdal/lib/krb5/mcache.c delete mode 100644 crypto/heimdal/lib/krb5/misc.c delete mode 100644 crypto/heimdal/lib/krb5/mit_glue.c delete mode 100644 crypto/heimdal/lib/krb5/mk_error.c delete mode 100644 crypto/heimdal/lib/krb5/mk_priv.c delete mode 100644 crypto/heimdal/lib/krb5/mk_rep.c delete mode 100644 crypto/heimdal/lib/krb5/mk_req.c delete mode 100644 crypto/heimdal/lib/krb5/mk_req_ext.c delete mode 100644 crypto/heimdal/lib/krb5/mk_safe.c delete mode 100644 crypto/heimdal/lib/krb5/n-fold-test.c delete mode 100644 crypto/heimdal/lib/krb5/n-fold.c delete mode 100644 crypto/heimdal/lib/krb5/name-45-test.c delete mode 100644 crypto/heimdal/lib/krb5/net_read.c delete mode 100644 crypto/heimdal/lib/krb5/net_write.c delete mode 100644 crypto/heimdal/lib/krb5/pac.c delete mode 100644 crypto/heimdal/lib/krb5/padata.c delete mode 100644 crypto/heimdal/lib/krb5/parse-name-test.c delete mode 100644 crypto/heimdal/lib/krb5/pkinit.c delete mode 100644 crypto/heimdal/lib/krb5/plugin.c delete mode 100644 crypto/heimdal/lib/krb5/principal.c delete mode 100644 crypto/heimdal/lib/krb5/prog_setup.c delete mode 100644 crypto/heimdal/lib/krb5/prompter_posix.c delete mode 100644 crypto/heimdal/lib/krb5/rd_cred.c delete mode 100644 crypto/heimdal/lib/krb5/rd_error.c delete mode 100644 crypto/heimdal/lib/krb5/rd_priv.c delete mode 100644 crypto/heimdal/lib/krb5/rd_rep.c delete mode 100644 crypto/heimdal/lib/krb5/rd_req.c delete mode 100644 crypto/heimdal/lib/krb5/rd_safe.c delete mode 100644 crypto/heimdal/lib/krb5/read_message.c delete mode 100644 crypto/heimdal/lib/krb5/recvauth.c delete mode 100644 crypto/heimdal/lib/krb5/replay.c delete mode 100644 crypto/heimdal/lib/krb5/send_to_kdc.c delete mode 100644 crypto/heimdal/lib/krb5/sendauth.c delete mode 100644 crypto/heimdal/lib/krb5/set_default_realm.c delete mode 100644 crypto/heimdal/lib/krb5/sock_principal.c delete mode 100644 crypto/heimdal/lib/krb5/store-int.h delete mode 100644 crypto/heimdal/lib/krb5/store-test.c delete mode 100644 crypto/heimdal/lib/krb5/store.c delete mode 100644 crypto/heimdal/lib/krb5/store_emem.c delete mode 100644 crypto/heimdal/lib/krb5/store_fd.c delete mode 100644 crypto/heimdal/lib/krb5/store_mem.c delete mode 100644 crypto/heimdal/lib/krb5/string-to-key-test.c delete mode 100644 crypto/heimdal/lib/krb5/test_acl.c delete mode 100644 crypto/heimdal/lib/krb5/test_addr.c delete mode 100644 crypto/heimdal/lib/krb5/test_alname.c delete mode 100644 crypto/heimdal/lib/krb5/test_cc.c delete mode 100644 crypto/heimdal/lib/krb5/test_config.c delete mode 100644 crypto/heimdal/lib/krb5/test_crypto.c delete mode 100644 crypto/heimdal/lib/krb5/test_crypto_wrapping.c delete mode 100644 crypto/heimdal/lib/krb5/test_forward.c delete mode 100644 crypto/heimdal/lib/krb5/test_get_addrs.c delete mode 100644 crypto/heimdal/lib/krb5/test_hostname.c delete mode 100644 crypto/heimdal/lib/krb5/test_keytab.c delete mode 100644 crypto/heimdal/lib/krb5/test_kuserok.c delete mode 100644 crypto/heimdal/lib/krb5/test_mem.c delete mode 100644 crypto/heimdal/lib/krb5/test_pac.c delete mode 100644 crypto/heimdal/lib/krb5/test_pkinit_dh2key.c delete mode 100644 crypto/heimdal/lib/krb5/test_plugin.c delete mode 100644 crypto/heimdal/lib/krb5/test_prf.c delete mode 100644 crypto/heimdal/lib/krb5/test_princ.c delete mode 100644 crypto/heimdal/lib/krb5/test_renew.c delete mode 100644 crypto/heimdal/lib/krb5/test_store.c delete mode 100644 crypto/heimdal/lib/krb5/test_time.c delete mode 100644 crypto/heimdal/lib/krb5/ticket.c delete mode 100644 crypto/heimdal/lib/krb5/time.c delete mode 100644 crypto/heimdal/lib/krb5/transited.c delete mode 100644 crypto/heimdal/lib/krb5/v4_glue.c delete mode 100644 crypto/heimdal/lib/krb5/verify_init.c delete mode 100644 crypto/heimdal/lib/krb5/verify_krb5_conf.8 delete mode 100644 crypto/heimdal/lib/krb5/verify_krb5_conf.c delete mode 100644 crypto/heimdal/lib/krb5/verify_user.c delete mode 100644 crypto/heimdal/lib/krb5/version-script.map delete mode 100644 crypto/heimdal/lib/krb5/version.c delete mode 100644 crypto/heimdal/lib/krb5/warn.c delete mode 100644 crypto/heimdal/lib/krb5/write_message.c delete mode 100644 crypto/heimdal/lib/ntlm/ChangeLog delete mode 100644 crypto/heimdal/lib/ntlm/Makefile.am delete mode 100644 crypto/heimdal/lib/ntlm/Makefile.in delete mode 100644 crypto/heimdal/lib/ntlm/heimntlm-protos.h delete mode 100644 crypto/heimdal/lib/ntlm/heimntlm.h delete mode 100644 crypto/heimdal/lib/ntlm/ntlm.c delete mode 100644 crypto/heimdal/lib/ntlm/test_ntlm.c delete mode 100644 crypto/heimdal/lib/ntlm/version-script.map delete mode 100644 crypto/heimdal/lib/roken/ChangeLog delete mode 100644 crypto/heimdal/lib/roken/Makefile.am delete mode 100644 crypto/heimdal/lib/roken/Makefile.in delete mode 100644 crypto/heimdal/lib/roken/acconfig.h delete mode 100644 crypto/heimdal/lib/roken/acinclude.m4 delete mode 100644 crypto/heimdal/lib/roken/base64-test.c delete mode 100644 crypto/heimdal/lib/roken/base64.c delete mode 100644 crypto/heimdal/lib/roken/base64.h delete mode 100644 crypto/heimdal/lib/roken/bswap.c delete mode 100644 crypto/heimdal/lib/roken/chown.c delete mode 100644 crypto/heimdal/lib/roken/closefrom.c delete mode 100644 crypto/heimdal/lib/roken/concat.c delete mode 100644 crypto/heimdal/lib/roken/copyhostent.c delete mode 100644 crypto/heimdal/lib/roken/daemon.c delete mode 100644 crypto/heimdal/lib/roken/dumpdata.c delete mode 100644 crypto/heimdal/lib/roken/ecalloc.3 delete mode 100644 crypto/heimdal/lib/roken/ecalloc.c delete mode 100644 crypto/heimdal/lib/roken/emalloc.c delete mode 100644 crypto/heimdal/lib/roken/environment.c delete mode 100644 crypto/heimdal/lib/roken/eread.c delete mode 100644 crypto/heimdal/lib/roken/erealloc.c delete mode 100644 crypto/heimdal/lib/roken/err.c delete mode 100644 crypto/heimdal/lib/roken/err.hin delete mode 100644 crypto/heimdal/lib/roken/errx.c delete mode 100644 crypto/heimdal/lib/roken/esetenv.c delete mode 100644 crypto/heimdal/lib/roken/estrdup.c delete mode 100644 crypto/heimdal/lib/roken/ewrite.c delete mode 100644 crypto/heimdal/lib/roken/fchown.c delete mode 100644 crypto/heimdal/lib/roken/flock.c delete mode 100644 crypto/heimdal/lib/roken/fnmatch.c delete mode 100644 crypto/heimdal/lib/roken/fnmatch.hin delete mode 100644 crypto/heimdal/lib/roken/freeaddrinfo.c delete mode 100644 crypto/heimdal/lib/roken/freehostent.c delete mode 100644 crypto/heimdal/lib/roken/gai_strerror.c delete mode 100644 crypto/heimdal/lib/roken/get_default_username.c delete mode 100644 crypto/heimdal/lib/roken/get_window_size.c delete mode 100644 crypto/heimdal/lib/roken/getaddrinfo-test.c delete mode 100644 crypto/heimdal/lib/roken/getaddrinfo.c delete mode 100644 crypto/heimdal/lib/roken/getaddrinfo_hostspec.c delete mode 100644 crypto/heimdal/lib/roken/getarg.3 delete mode 100644 crypto/heimdal/lib/roken/getarg.c delete mode 100644 crypto/heimdal/lib/roken/getarg.h delete mode 100644 crypto/heimdal/lib/roken/getcap.c delete mode 100644 crypto/heimdal/lib/roken/getcwd.c delete mode 100644 crypto/heimdal/lib/roken/getdtablesize.c delete mode 100644 crypto/heimdal/lib/roken/getegid.c delete mode 100644 crypto/heimdal/lib/roken/geteuid.c delete mode 100644 crypto/heimdal/lib/roken/getgid.c delete mode 100644 crypto/heimdal/lib/roken/gethostname.c delete mode 100644 crypto/heimdal/lib/roken/getifaddrs.c delete mode 100644 crypto/heimdal/lib/roken/getipnodebyaddr.c delete mode 100644 crypto/heimdal/lib/roken/getipnodebyname.c delete mode 100644 crypto/heimdal/lib/roken/getnameinfo.c delete mode 100644 crypto/heimdal/lib/roken/getnameinfo_verified.c delete mode 100644 crypto/heimdal/lib/roken/getopt.c delete mode 100644 crypto/heimdal/lib/roken/getprogname.c delete mode 100644 crypto/heimdal/lib/roken/gettimeofday.c delete mode 100644 crypto/heimdal/lib/roken/getuid.c delete mode 100644 crypto/heimdal/lib/roken/getusershell.c delete mode 100644 crypto/heimdal/lib/roken/glob.c delete mode 100644 crypto/heimdal/lib/roken/glob.hin delete mode 100644 crypto/heimdal/lib/roken/h_errno.c delete mode 100644 crypto/heimdal/lib/roken/hex-test.c delete mode 100644 crypto/heimdal/lib/roken/hex.c delete mode 100644 crypto/heimdal/lib/roken/hex.h delete mode 100644 crypto/heimdal/lib/roken/hostent_find_fqdn.c delete mode 100644 crypto/heimdal/lib/roken/hstrerror.c delete mode 100644 crypto/heimdal/lib/roken/ifaddrs.hin delete mode 100644 crypto/heimdal/lib/roken/inet_aton.c delete mode 100644 crypto/heimdal/lib/roken/inet_ntop.c delete mode 100644 crypto/heimdal/lib/roken/inet_pton.c delete mode 100644 crypto/heimdal/lib/roken/initgroups.c delete mode 100644 crypto/heimdal/lib/roken/innetgr.c delete mode 100755 crypto/heimdal/lib/roken/install-sh delete mode 100644 crypto/heimdal/lib/roken/iruserok.c delete mode 100644 crypto/heimdal/lib/roken/issuid.c delete mode 100644 crypto/heimdal/lib/roken/k_getpwnam.c delete mode 100644 crypto/heimdal/lib/roken/k_getpwuid.c delete mode 100644 crypto/heimdal/lib/roken/localtime_r.c delete mode 100644 crypto/heimdal/lib/roken/lstat.c delete mode 100644 crypto/heimdal/lib/roken/memmove.c delete mode 100644 crypto/heimdal/lib/roken/mini_inetd.c delete mode 100755 crypto/heimdal/lib/roken/missing delete mode 100755 crypto/heimdal/lib/roken/mkinstalldirs delete mode 100644 crypto/heimdal/lib/roken/mkstemp.c delete mode 100644 crypto/heimdal/lib/roken/ndbm_wrap.c delete mode 100644 crypto/heimdal/lib/roken/ndbm_wrap.h delete mode 100644 crypto/heimdal/lib/roken/net_read.c delete mode 100644 crypto/heimdal/lib/roken/net_write.c delete mode 100644 crypto/heimdal/lib/roken/parse_bytes-test.c delete mode 100644 crypto/heimdal/lib/roken/parse_bytes.c delete mode 100644 crypto/heimdal/lib/roken/parse_bytes.h delete mode 100644 crypto/heimdal/lib/roken/parse_reply-test.c delete mode 100644 crypto/heimdal/lib/roken/parse_time-test.c delete mode 100644 crypto/heimdal/lib/roken/parse_time.3 delete mode 100644 crypto/heimdal/lib/roken/parse_time.c delete mode 100644 crypto/heimdal/lib/roken/parse_time.h delete mode 100644 crypto/heimdal/lib/roken/parse_units.c delete mode 100644 crypto/heimdal/lib/roken/parse_units.h delete mode 100644 crypto/heimdal/lib/roken/print_version.c delete mode 100644 crypto/heimdal/lib/roken/putenv.c delete mode 100644 crypto/heimdal/lib/roken/rcmd.c delete mode 100644 crypto/heimdal/lib/roken/readv.c delete mode 100644 crypto/heimdal/lib/roken/realloc.c delete mode 100644 crypto/heimdal/lib/roken/recvmsg.c delete mode 100644 crypto/heimdal/lib/roken/resolve-test.c delete mode 100644 crypto/heimdal/lib/roken/resolve.c delete mode 100644 crypto/heimdal/lib/roken/resolve.h delete mode 100644 crypto/heimdal/lib/roken/resource.h delete mode 100644 crypto/heimdal/lib/roken/roken-common.h delete mode 100644 crypto/heimdal/lib/roken/roken.awk delete mode 100644 crypto/heimdal/lib/roken/roken.h.in delete mode 100644 crypto/heimdal/lib/roken/roken_gethostby.c delete mode 100644 crypto/heimdal/lib/roken/rtbl.3 delete mode 100644 crypto/heimdal/lib/roken/rtbl.c delete mode 100644 crypto/heimdal/lib/roken/rtbl.h delete mode 100644 crypto/heimdal/lib/roken/sendmsg.c delete mode 100644 crypto/heimdal/lib/roken/setegid.c delete mode 100644 crypto/heimdal/lib/roken/setenv.c delete mode 100644 crypto/heimdal/lib/roken/seteuid.c delete mode 100644 crypto/heimdal/lib/roken/setprogname.c delete mode 100644 crypto/heimdal/lib/roken/signal.c delete mode 100644 crypto/heimdal/lib/roken/simple_exec.c delete mode 100644 crypto/heimdal/lib/roken/snprintf-test.c delete mode 100644 crypto/heimdal/lib/roken/snprintf-test.h delete mode 100644 crypto/heimdal/lib/roken/snprintf.c delete mode 100644 crypto/heimdal/lib/roken/socket.c delete mode 100644 crypto/heimdal/lib/roken/socket_wrapper.c delete mode 100644 crypto/heimdal/lib/roken/socket_wrapper.h delete mode 100644 crypto/heimdal/lib/roken/strcasecmp.c delete mode 100644 crypto/heimdal/lib/roken/strcollect.c delete mode 100644 crypto/heimdal/lib/roken/strdup.c delete mode 100644 crypto/heimdal/lib/roken/strerror.c delete mode 100644 crypto/heimdal/lib/roken/strftime.c delete mode 100644 crypto/heimdal/lib/roken/strlcat.c delete mode 100644 crypto/heimdal/lib/roken/strlcpy.c delete mode 100644 crypto/heimdal/lib/roken/strlwr.c delete mode 100644 crypto/heimdal/lib/roken/strncasecmp.c delete mode 100644 crypto/heimdal/lib/roken/strndup.c delete mode 100644 crypto/heimdal/lib/roken/strnlen.c delete mode 100644 crypto/heimdal/lib/roken/strpftime-test.c delete mode 100644 crypto/heimdal/lib/roken/strpftime-test.h delete mode 100644 crypto/heimdal/lib/roken/strpool.c delete mode 100644 crypto/heimdal/lib/roken/strptime.c delete mode 100644 crypto/heimdal/lib/roken/strsep.c delete mode 100644 crypto/heimdal/lib/roken/strsep_copy.c delete mode 100644 crypto/heimdal/lib/roken/strtok_r.c delete mode 100644 crypto/heimdal/lib/roken/strupr.c delete mode 100644 crypto/heimdal/lib/roken/swab.c delete mode 100644 crypto/heimdal/lib/roken/test-mem.c delete mode 100644 crypto/heimdal/lib/roken/test-mem.h delete mode 100644 crypto/heimdal/lib/roken/test-readenv.c delete mode 100644 crypto/heimdal/lib/roken/timegm.c delete mode 100644 crypto/heimdal/lib/roken/timeval.c delete mode 100644 crypto/heimdal/lib/roken/tm2time.c delete mode 100644 crypto/heimdal/lib/roken/unsetenv.c delete mode 100644 crypto/heimdal/lib/roken/unvis.c delete mode 100644 crypto/heimdal/lib/roken/verify.c delete mode 100644 crypto/heimdal/lib/roken/verr.c delete mode 100644 crypto/heimdal/lib/roken/verrx.c delete mode 100644 crypto/heimdal/lib/roken/vis.c delete mode 100644 crypto/heimdal/lib/roken/vis.h delete mode 100644 crypto/heimdal/lib/roken/vis.hin delete mode 100644 crypto/heimdal/lib/roken/vsyslog.c delete mode 100644 crypto/heimdal/lib/roken/vwarn.c delete mode 100644 crypto/heimdal/lib/roken/vwarnx.c delete mode 100644 crypto/heimdal/lib/roken/warn.c delete mode 100644 crypto/heimdal/lib/roken/warnerr.c delete mode 100644 crypto/heimdal/lib/roken/warnx.c delete mode 100644 crypto/heimdal/lib/roken/write_pid.c delete mode 100644 crypto/heimdal/lib/roken/writev.c delete mode 100644 crypto/heimdal/lib/roken/xdbm.h delete mode 100644 crypto/heimdal/lib/sl/ChangeLog delete mode 100644 crypto/heimdal/lib/sl/Makefile.am delete mode 100644 crypto/heimdal/lib/sl/Makefile.in delete mode 100644 crypto/heimdal/lib/sl/lex.c delete mode 100644 crypto/heimdal/lib/sl/lex.l delete mode 100644 crypto/heimdal/lib/sl/make_cmds.c delete mode 100644 crypto/heimdal/lib/sl/make_cmds.h delete mode 100644 crypto/heimdal/lib/sl/parse.c delete mode 100644 crypto/heimdal/lib/sl/parse.h delete mode 100644 crypto/heimdal/lib/sl/parse.y delete mode 100644 crypto/heimdal/lib/sl/roken_rename.h delete mode 100644 crypto/heimdal/lib/sl/sl.c delete mode 100644 crypto/heimdal/lib/sl/sl.h delete mode 100644 crypto/heimdal/lib/sl/sl_locl.h delete mode 100644 crypto/heimdal/lib/sl/slc-gram.c delete mode 100644 crypto/heimdal/lib/sl/slc-gram.h delete mode 100644 crypto/heimdal/lib/sl/slc-gram.y delete mode 100644 crypto/heimdal/lib/sl/slc-lex.c delete mode 100644 crypto/heimdal/lib/sl/slc-lex.l delete mode 100644 crypto/heimdal/lib/sl/slc.h delete mode 100644 crypto/heimdal/lib/sl/ss.c delete mode 100644 crypto/heimdal/lib/sl/ss.h delete mode 100644 crypto/heimdal/lib/sl/test_sl.c delete mode 100644 crypto/heimdal/lib/vers/ChangeLog delete mode 100644 crypto/heimdal/lib/vers/Makefile.am delete mode 100644 crypto/heimdal/lib/vers/Makefile.in delete mode 100644 crypto/heimdal/lib/vers/make-print-version.c delete mode 100644 crypto/heimdal/lib/vers/print_version.c delete mode 100644 crypto/heimdal/lib/vers/vers.h delete mode 100755 crypto/heimdal/ltconfig delete mode 100644 crypto/heimdal/ltmain.sh delete mode 100644 crypto/heimdal/missing delete mode 100755 crypto/heimdal/mkinstalldirs delete mode 100644 crypto/heimdal/packages/ChangeLog delete mode 100644 crypto/heimdal/packages/Makefile.am delete mode 100644 crypto/heimdal/packages/Makefile.in delete mode 100644 crypto/heimdal/packages/debian/Makefile.am delete mode 100644 crypto/heimdal/packages/debian/Makefile.in delete mode 100644 crypto/heimdal/packages/debian/README delete mode 100644 crypto/heimdal/packages/debian/README.Debian delete mode 100644 crypto/heimdal/packages/debian/changelog delete mode 100644 crypto/heimdal/packages/debian/compat delete mode 100644 crypto/heimdal/packages/debian/control delete mode 100644 crypto/heimdal/packages/debian/copyright delete mode 100644 crypto/heimdal/packages/debian/extras/default delete mode 100644 crypto/heimdal/packages/debian/extras/kadmind.acl delete mode 100644 crypto/heimdal/packages/debian/extras/kdc.conf delete mode 100644 crypto/heimdal/packages/debian/heimdal-clients-x.install delete mode 100644 crypto/heimdal/packages/debian/heimdal-clients.install delete mode 100644 crypto/heimdal/packages/debian/heimdal-clients.postinst delete mode 100644 crypto/heimdal/packages/debian/heimdal-clients.prerm delete mode 100644 crypto/heimdal/packages/debian/heimdal-dev.install delete mode 100644 crypto/heimdal/packages/debian/heimdal-docs.install delete mode 100644 crypto/heimdal/packages/debian/heimdal-kcm.init delete mode 100644 crypto/heimdal/packages/debian/heimdal-kcm.install delete mode 100644 crypto/heimdal/packages/debian/heimdal-kdc.dirs delete mode 100644 crypto/heimdal/packages/debian/heimdal-kdc.examples delete mode 100644 crypto/heimdal/packages/debian/heimdal-kdc.init delete mode 100644 crypto/heimdal/packages/debian/heimdal-kdc.install delete mode 100644 crypto/heimdal/packages/debian/heimdal-kdc.logrotate delete mode 100644 crypto/heimdal/packages/debian/heimdal-kdc.postinst delete mode 100644 crypto/heimdal/packages/debian/heimdal-kdc.postrm delete mode 100644 crypto/heimdal/packages/debian/heimdal-kdc.templates delete mode 100644 crypto/heimdal/packages/debian/heimdal-servers-x.dirs delete mode 100644 crypto/heimdal/packages/debian/heimdal-servers-x.install delete mode 100644 crypto/heimdal/packages/debian/heimdal-servers-x.postinst delete mode 100644 crypto/heimdal/packages/debian/heimdal-servers-x.postrm delete mode 100644 crypto/heimdal/packages/debian/heimdal-servers-x.prerm delete mode 100644 crypto/heimdal/packages/debian/heimdal-servers.dirs delete mode 100644 crypto/heimdal/packages/debian/heimdal-servers.install delete mode 100644 crypto/heimdal/packages/debian/heimdal-servers.postinst delete mode 100644 crypto/heimdal/packages/debian/heimdal-servers.postrm delete mode 100644 crypto/heimdal/packages/debian/heimdal-servers.prerm delete mode 100644 crypto/heimdal/packages/debian/libasn1-8-heimdal.install delete mode 100644 crypto/heimdal/packages/debian/libasn1-8-heimdal.postinst.debhelper delete mode 100644 crypto/heimdal/packages/debian/libasn1-8-heimdal.postrm.debhelper delete mode 100644 crypto/heimdal/packages/debian/libasn1-8-heimdal.substvars delete mode 100644 crypto/heimdal/packages/debian/libgssapi2-heimdal.install delete mode 100644 crypto/heimdal/packages/debian/libgssapi2-heimdal.postinst.debhelper delete mode 100644 crypto/heimdal/packages/debian/libgssapi2-heimdal.postrm.debhelper delete mode 100644 crypto/heimdal/packages/debian/libgssapi2-heimdal.substvars delete mode 100644 crypto/heimdal/packages/debian/libhdb9-heimdal.install delete mode 100644 crypto/heimdal/packages/debian/libhdb9-heimdal.postinst.debhelper delete mode 100644 crypto/heimdal/packages/debian/libhdb9-heimdal.postrm.debhelper delete mode 100644 crypto/heimdal/packages/debian/libhdb9-heimdal.substvars delete mode 100644 crypto/heimdal/packages/debian/libkadm5clnt7-heimdal.install delete mode 100644 crypto/heimdal/packages/debian/libkadm5clnt7-heimdal.postinst.debhelper delete mode 100644 crypto/heimdal/packages/debian/libkadm5clnt7-heimdal.postrm.debhelper delete mode 100644 crypto/heimdal/packages/debian/libkadm5clnt7-heimdal.substvars delete mode 100644 crypto/heimdal/packages/debian/libkadm5srv7-heimdal.install delete mode 100644 crypto/heimdal/packages/debian/libkadm5srv8-heimdal.install delete mode 100644 crypto/heimdal/packages/debian/libkafs0-heimdal.install delete mode 100644 crypto/heimdal/packages/debian/libkrb5-22-heimdal.install delete mode 100644 crypto/heimdal/packages/debian/libkrb5-22-heimdal.postinst.debhelper delete mode 100644 crypto/heimdal/packages/debian/libkrb5-22-heimdal.postrm.debhelper delete mode 100644 crypto/heimdal/packages/debian/libkrb5-22-heimdal.substvars delete mode 100644 crypto/heimdal/packages/debian/libotp0-heimdal.install delete mode 100644 crypto/heimdal/packages/debian/libroken18-heimdal.install delete mode 100644 crypto/heimdal/packages/debian/libroken18-heimdal.postinst.debhelper delete mode 100644 crypto/heimdal/packages/debian/libroken18-heimdal.postrm.debhelper delete mode 100644 crypto/heimdal/packages/debian/libroken18-heimdal.substvars delete mode 100644 crypto/heimdal/packages/debian/libsl0-heimdal.install delete mode 100644 crypto/heimdal/packages/debian/patches/021_debian delete mode 100644 crypto/heimdal/packages/debian/patches/022_ftp-roken-glob delete mode 100644 crypto/heimdal/packages/debian/patches/022_openafs delete mode 100644 crypto/heimdal/packages/debian/patches/025_pthreads delete mode 100644 crypto/heimdal/packages/debian/patches/026_posix_max delete mode 100644 crypto/heimdal/packages/debian/po/POTFILES.in delete mode 100644 crypto/heimdal/packages/debian/po/templates.pot delete mode 100755 crypto/heimdal/packages/debian/rules delete mode 100644 crypto/heimdal/packages/debian/scripts/convert_source delete mode 100644 crypto/heimdal/packages/mac/Info.plist delete mode 100644 crypto/heimdal/packages/mac/Makefile.am delete mode 100644 crypto/heimdal/packages/mac/Makefile.in delete mode 100644 crypto/heimdal/packages/mac/Resources/Description.plist delete mode 100644 crypto/heimdal/packages/mac/Resources/English.lproj/Welcome.rtf delete mode 100644 crypto/heimdal/packages/mac/mac.sh delete mode 100644 crypto/heimdal/tests/ChangeLog delete mode 100644 crypto/heimdal/tests/Makefile.am delete mode 100644 crypto/heimdal/tests/Makefile.in delete mode 100644 crypto/heimdal/tests/can/Makefile.am delete mode 100644 crypto/heimdal/tests/can/Makefile.in delete mode 100644 crypto/heimdal/tests/can/apple-10.4.kadm delete mode 100644 crypto/heimdal/tests/can/apple-10.4.req delete mode 100644 crypto/heimdal/tests/can/check-can.in delete mode 100644 crypto/heimdal/tests/can/heim-0.8.kadm delete mode 100644 crypto/heimdal/tests/can/heim-0.8.req delete mode 100644 crypto/heimdal/tests/can/krb5.conf.in delete mode 100644 crypto/heimdal/tests/can/mit-pkinit-20070607.ca.crt delete mode 100644 crypto/heimdal/tests/can/mit-pkinit-20070607.kadm delete mode 100644 crypto/heimdal/tests/can/mit-pkinit-20070607.req delete mode 100644 crypto/heimdal/tests/can/mit-pkinit-20070607.xf delete mode 100644 crypto/heimdal/tests/can/test_can.in delete mode 100644 crypto/heimdal/tests/db/Makefile.am delete mode 100644 crypto/heimdal/tests/db/Makefile.in delete mode 100644 crypto/heimdal/tests/db/add-modify-delete.in delete mode 100644 crypto/heimdal/tests/db/check-dbinfo.in delete mode 100644 crypto/heimdal/tests/db/have-db.in delete mode 100644 crypto/heimdal/tests/db/krb5.conf.in delete mode 100644 crypto/heimdal/tests/db/loaddump-db.in delete mode 100644 crypto/heimdal/tests/db/text-dump-0.7 delete mode 100644 crypto/heimdal/tests/db/text-dump-known-ext delete mode 100644 crypto/heimdal/tests/db/text-dump-no-ext delete mode 100644 crypto/heimdal/tests/db/text-dump-unknown-ext delete mode 100644 crypto/heimdal/tests/gss/Makefile.am delete mode 100644 crypto/heimdal/tests/gss/Makefile.in delete mode 100644 crypto/heimdal/tests/gss/check-basic.in delete mode 100644 crypto/heimdal/tests/gss/check-context.in delete mode 100644 crypto/heimdal/tests/gss/check-gss.in delete mode 100644 crypto/heimdal/tests/gss/check-gssmask.in delete mode 100644 crypto/heimdal/tests/gss/check-ntlm.in delete mode 100644 crypto/heimdal/tests/gss/check-spnego.in delete mode 100644 crypto/heimdal/tests/gss/krb5.conf.in delete mode 100644 crypto/heimdal/tests/gss/ntlm-user-file.txt delete mode 100644 crypto/heimdal/tests/java/KerberosInit.java delete mode 100644 crypto/heimdal/tests/java/Makefile.am delete mode 100644 crypto/heimdal/tests/java/Makefile.in delete mode 100644 crypto/heimdal/tests/java/check-kinit.in delete mode 100644 crypto/heimdal/tests/java/have-java.sh delete mode 100644 crypto/heimdal/tests/java/jaas.conf delete mode 100644 crypto/heimdal/tests/java/krb5.conf.in delete mode 100644 crypto/heimdal/tests/kdc/Makefile.am delete mode 100644 crypto/heimdal/tests/kdc/Makefile.in delete mode 100644 crypto/heimdal/tests/kdc/ap-req.c delete mode 100644 crypto/heimdal/tests/kdc/check-digest.in delete mode 100644 crypto/heimdal/tests/kdc/check-iprop.in delete mode 100644 crypto/heimdal/tests/kdc/check-kadmin.in delete mode 100644 crypto/heimdal/tests/kdc/check-kdc.in delete mode 100644 crypto/heimdal/tests/kdc/check-keys.in delete mode 100644 crypto/heimdal/tests/kdc/check-pkinit.in delete mode 100644 crypto/heimdal/tests/kdc/check-referral.in delete mode 100644 crypto/heimdal/tests/kdc/check-uu.in delete mode 100644 crypto/heimdal/tests/kdc/donotexists.txt delete mode 100644 crypto/heimdal/tests/kdc/heimdal.acl delete mode 100644 crypto/heimdal/tests/kdc/iprop-acl delete mode 100644 crypto/heimdal/tests/kdc/krb5-pkinit.conf.in delete mode 100644 crypto/heimdal/tests/kdc/krb5.conf.in delete mode 100644 crypto/heimdal/tests/kdc/krb5.conf.keys.in delete mode 100644 crypto/heimdal/tests/kdc/ntlm-user-file.txt delete mode 100644 crypto/heimdal/tests/kdc/pki-mapping delete mode 100644 crypto/heimdal/tests/kdc/uuserver.txt delete mode 100644 crypto/heimdal/tests/kdc/wait-kdc.sh delete mode 100644 crypto/heimdal/tests/ldap/Makefile.am delete mode 100644 crypto/heimdal/tests/ldap/Makefile.in delete mode 100644 crypto/heimdal/tests/ldap/check-ldap.in delete mode 100644 crypto/heimdal/tests/ldap/init.ldif delete mode 100644 crypto/heimdal/tests/ldap/krb5.conf.in delete mode 100644 crypto/heimdal/tests/ldap/samba.schema delete mode 100644 crypto/heimdal/tests/ldap/slapd-init.in delete mode 100644 crypto/heimdal/tests/ldap/slapd-stop delete mode 100644 crypto/heimdal/tests/ldap/slapd.conf delete mode 100644 crypto/heimdal/tests/plugin/Makefile.am delete mode 100644 crypto/heimdal/tests/plugin/Makefile.in delete mode 100644 crypto/heimdal/tests/plugin/check-pac.in delete mode 100644 crypto/heimdal/tests/plugin/krb5.conf.in delete mode 100644 crypto/heimdal/tests/plugin/windc.c delete mode 100644 crypto/heimdal/tools/Makefile.am delete mode 100644 crypto/heimdal/tools/Makefile.in delete mode 100755 crypto/heimdal/tools/build.sh delete mode 100644 crypto/heimdal/tools/heimdal-build.sh delete mode 100644 crypto/heimdal/tools/heimdal-gssapi.pc.in delete mode 100755 crypto/heimdal/tools/kdc-log-analyze.pl delete mode 100644 crypto/heimdal/tools/krb5-config.1 delete mode 100755 crypto/heimdal/tools/krb5-config.in (limited to 'crypto/heimdal') diff --git a/crypto/heimdal/ChangeLog b/crypto/heimdal/ChangeLog deleted file mode 100644 index e167b09a8957..000000000000 --- a/crypto/heimdal/ChangeLog +++ /dev/null @@ -1,1356 +0,0 @@ -2008-01-24 Love Hörnquist Åstrand - - * Release 1.1 - -2008-01-21 Love Hörnquist Åstrand - - * lib/krb5/get_for_creds.c: Use on variable less. - - * lib/krb5/get_for_creds.c: Try to handle ticket full and - ticketless tickets better. Add doxygen comments while here. - - * lib/krb5/test_forward.c: Used for testing - krb5_get_forwarded_creds(). - - * lib/krb5/Makefile.am: noinst_PROGRAMS += test_forward - - * lib/krb5/Makefile.am: drop CHECK_SYMBOLS - - * lib/hdb/Makefile.am: drop CHECK_SYMBOLS - - * kdc/Makefile.am: drop CHECK_SYMBOLS - -2008-01-18 Love Hörnquist Åstrand - - * lib/krb5/version-script.map: Add krb5_digest_probe. - -2008-01-13 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: Replace hx509_name_to_der_name with - hx509_name_binary. - -2008-01-12 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am: add missing files - -2007-12-28 Love Hörnquist Åstrand - - * kdc/digest.c: Log probe message, add NTLM_TARGET_DOMAIN to the - type2 message. - -2007-12-14 Love Hörnquist Åstrand - - * lib/hdb/dbinfo.c: Add hdb_default_db(). - - * Makefile.am: Add some extra cf/*. - -2007-12-12 Love Hörnquist Åstrand - - * kuser/kgetcred.c: Fix type of name-type. From Andy Polyakov. - -2007-12-09 Love Hörnquist Åstrand - - * kdc/log.c: Use hdb_db_dir(). - - * kpasswd/kpasswdd.c: Use hdb_db_dir(). - -2007-12-08 Love Hörnquist Åstrand - - * kdc/config.c: Use hdb_db_dir(). - - * kdc/kdc_locl.h: add KDC_LOG_FILE - - * kdc/hpropd.c: Use hdb_default_db(). - - * kdc/kstash.c: Use hdb_db_dir(). - - * kdc/pkinit.c: Adapt to hx509 changes, use hdb_db_dir(). - - * lib/krb5/rd_req.c: Document krb5_rd_req_in_set_pac_check. - - * lib/krb5/verify_krb5_conf.c: Check check_pac. - - * lib/krb5/rd_req.c: use KRB5_CTX_F_CHECK_PAC to init check_pac - field in the krb5_rd_req_in_ctx - - * lib/krb5/expand_hostname.c: Adapt to changing - dns_canonicalize_hostname into flags field. - - * lib/krb5/context.c: Adapt to changing dns_canonicalize_hostname - into flags field, add check-pac as an libdefaults option. - - * lib/krb5/pkinit.c: Adapt to changes in hx509 interface. - - * doc: add doxygen documentation to hcrypto - - * doc/doxytmpl.dxy: generate links - -2007-12-07 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am: build_HEADERZ += heim_threads.h - - * lib/hdb/dbinfo.c (hdb_db_dir): Return the directory where the - hdb database resides. - - * configure.in: Add --with-hdbdir to specify where the database is - stored. - - * lib/krb5/crypto.c: revert previous patch, the problem is located - in the RAND_file_name() function that will cause recursive nss - lookups, can't fix that here. - -2007-12-06 Love Hörnquist Åstrand - - * lib/krb5/crypto.c (krb5_generate_random_block): try to avoid the - dead-lock in by not holding the lock while running - RAND_file_name. Prompted by Hai Zaar. - - * lib/krb5/n-fold.c: spelling - -2007-12-04 Love Hörnquist Åstrand - - * kuser/kdigest.c (digest-probe): implement command. - - * kuser/kdigest-commands.in (digest-probe): new command - - * kdc/digest.c: Implement supportedMechs request. - - * lib/krb5/error_string.c: Make krb5_get_error_string return an - allocated string to make the function indempotent. From - Zeqing (Fred) Xia. - -2007-12-03 Love Hörnquist Åstrand - - * lib/krb5/krb5_locl.h (krb5_context_data): Flag if - default_cc_name was set by the user. - - * lib/krb5/fcache.c (fcc_move): make sure ->version is uptodate. - - * kcm/acquire.c: use krb5_free_cred_contents - - * kuser/kimpersonate.c: use krb5_free_cred_contents - - * kuser/kinit.c: Use krb5_cc_move to make an atomic switch of the - cred cache. - - * lib/krb5/cache.c: Put back code that was needed, move gen_new - into new_unique. - - * lib/krb5/mcache.c (mcc_default_name): Remove const - - * lib/krb5/krb5_locl.h: Add KRB5_DEFAULT_CCNAME_KCM, redefine - KRB5_DEFAULT_CCNAME to KRB5_DEFAULT_CCTYPE - - * lib/krb5/cache.c: Use krb5_cc_ops->default_name to get the - default name. - - * lib/krb5/kcm.c: Implement krb5_cc_ops->default_name. - - * lib/krb5/mcache.c: Implement krb5_cc_ops->default_name. - - * lib/krb5/fcache.c: Implement krb5_cc_ops->default_name. - - * lib/krb5/krb5.h: Add krb5_cc_ops->default_name. - - * lib/krb5/acache.c: Free context when done, implement - krb5_cc_ops->default_name. - - * lib/krb5/kcm.c: implement dummy kcm_move - - * lib/krb5/mcache.c: Implement the move operation. - - * lib/krb5/version-script.map: export krb5_cc_move - - * lib/krb5/cache.c: New function krb5_cc_move(). - - * lib/krb5/fcache.c: Implement the move operation. - - * lib/krb5/krb5.h: Add move to the krb5_cc_ops, causes major - version bump. - - * lib/krb5/acache.c: Implement the move operation. Avoid using - cc_set_principal() since it broken on Mac OS X 10.5.0. - -2007-12-02 Love Hörnquist Åstrand - - * lib/krb5/krb5_ccapi.h: Drop variable names to avoid -Wshadow. - -2007-11-14 Love Hörnquist Åstrand - - * kdc/krb5tgs.c: Should pass different key usage constants - depending on whether or not optional sub-session key was passed by - the client for the check of authorization data. The constant is - used to derive "specific key" and its values are specified in - 7.5.1 of RFC4120. - - Patch from Andy Polyakov. - - * kdc/krb5tgs.c: Don't send auth data in referrals, microsoft - clients have started to not like that. Thanks to Andy Polyakov for - excellent research. - -2007-11-11 Love Hörnquist Åstrand - - * lib/krb5/creds.c: use krb5_data_cmp - - * lib/krb5/acache.c: use krb5_free_cred_contents - - * lib/krb5/test_renew.c: use krb5_free_cred_contents - -2007-11-10 Love Hörnquist Åstrand - - * lib/krb5/acl.c: doxygen documentation - - * lib/krb5/addr_families.c: doxygen documentation - - * doc: add doxygen - - * lib/krb5/plugin.c: doxygen documentation - - * lib/krb5/kcm.c: doxygen documentation - - * lib/krb5/fcache.c: doxygen documentation - - * lib/krb5/cache.c: doxygen documentations - - * lib/krb5/doxygen.c: doxygen introduction - - * lib/krb5/error_string.c: Doxygen documentation. - -2007-11-03 Love Hörnquist Åstrand - - * lib/krb5/test_plugin.c: expose krb5_plugin_register - - * lib/krb5/plugin.c: expose krb5_plugin_register - - * lib/krb5/version-script.map: sort, expose krb5_plugin_register - -2007-10-24 Love Hörnquist Åstrand - - * kdc/kerberos5.c: Adding same enctype is enough one time. From - Andy Polyakov and Bjorn Sandell. - -2007-10-18 Love - - * lib/krb5/cache.c (krb5_cc_retrieve_cred): check return value - from krb5_cc_start_seq_get. From Zeqing (Fred) Xia - - * lib/krb5/fcache.c (init_fcc): provide better error codes - - * kdc/kerberos5.c (get_pa_etype_info2): more paranoia, avoid - sending warning about pruned etypes. - - * kdc/kerberos5.c (older_enctype): old windows enctypes (arcfour - based) "old", this to support windows 2000 clients (unjoined to a - domain). From Andy Polyakov. - -2007-10-07 Love Hörnquist Åstrand - - * doc/setup.texi: Spelling, from Mark Peoples via Bjorn Sandell. - -2007-10-04 Love Hörnquist Åstrand - - * kdc/krb5tgs.c: More prettier printing of enctype, from KAMADA - Ken'ichi. - - * lib/krb5/crypto.c (krb5_enctype_to_string): make sure string is - NULL on failure. - -2007-10-03 Love Hörnquist Åstrand - - * kdc/kdc-replay.c: Catch KRB5_PROG_ATYPE_NOSUPP from - krb5_addr2sockaddr and igore thte test is that case. - -2007-09-29 Love Hörnquist Åstrand - - * lib/krb5/context.c (krb5_free_context): free - default_cc_name_env, from Gunther Deschner. - -2007-08-27 Love Hörnquist Åstrand - - * lib/krb5/{krb5.h,pac.c,test_pac.c,send_to_kdc.c,rd_req.c}: Make - work with c++, reported by Hai Zaar - - * lib/krb5/{digest.c,krb5.h}: Make work with c++, reported by Hai Zaar - -2007-08-20 Love Hörnquist Åstrand - - * lib/hdb/Makefile.am: EXTRA_DIST += hdb.schema - -2007-07-31 Love Hörnquist Åstrand - - * check return value of alloc functions, from Charles Longeau - - * lib/krb5/principal.c: spelling. - - * kadmin/kadmin.8: spelling - - * lib/krb5/crypto.c: Check return values from alloc - functions. Prompted by patch of Charles Longeau. - - * lib/krb5/n-fold.c: Make _krb5_n_fold return a error - code. Prompted by patch of Charles Longeau. - -2007-07-27 Love Hörnquist Åstrand - - * lib/krb5/init_creds.c: Always set the ticket options, use - KRB5_ADDRESSLESS_DEFAULT as the default value, this make the unset - tri-state not so useful. - -2007-07-24 Love Hörnquist Åstrand - - * tools/heimdal-gssapi.pc.in: Add LIB_pkinit to the list of - libraries. - - * tools/heimdal-gssapi.pc.in: pkg-config file for libgssapi in - heimdal. - - * tools/Makefile.am: Add heimdal-gssapi.pc and install it into - $(libdir)/pkgconfig - -2007-07-23 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: Add RFC3526 modp group14 as a default. - -2007-07-22 Love Hörnquist Åstrand - - * lib/hdb/dbinfo.c (get_dbinfo): use dbname instead of realm as - key if the entry is a correct entry. - - * lib/krb5/get_cred.c: Make krb5_get_renewed_creds work, from - Gunther Deschner. - - * lib/krb5/Makefile.am: Add test_renew to noinst_PROGRAMS. - - * lib/krb5/test_renew.c: Test for krb5_get_renewed_creds. - -2007-07-21 Love Hörnquist Åstrand - - * lib/hdb/keys.c: Make parse_key_set handle key set string "v5", - from Peter Meinecke. - - * kdc/kaserver.c: Don't ovewrite the error code, from Peter - Meinecke. - -2007-07-18 Love Hörnquist Åstrand - - * TODO-1.0: remove - - * Makefile.am: remove TODO-1.0 - -2007-07-17 Love Hörnquist Åstrand - - * Heimdal 1.0 release branch cut here - - * doc/hx509.texi: use version.texi - - * doc/heimdal.texi: use version.texi - - * doc/version.texi: version.texi - - * lib/hdb/db3.c: avoid type-punned pointer warning. - - * kdc/kx509.c: Use unsigned char * as argument to HMAC_Update to - please OpenSSL and gcc. - - * kdc/digest.c: Use unsigned char * as argument to MD5_Update to - please OpenSSL and gcc. - -2007-07-16 Love Hörnquist Åstrand - - * include/Makefile.am: Add krb_err.h. - - * kdc/set_dbinfo.c: Print acl file too. - - * kdc/kerberos4.c: Error codes are just fine, remove XXX now. - - * lib/krb5/krb5-v4compat.h: Drop duplicate error codes. - - * kdc/kerberos4.c: switch to ET errors. - - * lib/krb5/Makefile.am: Add krb_err.h to build_HEADERZ. - - * lib/krb5/v4_glue.c: If its a Kerberos 4 error-code, remove the - et BASE. - -2007-07-15 Love Hörnquist Åstrand - - * lib/krb5/krb5-v4compat.h: Include "krb_err.h". - - * lib/krb5/v4_glue.c: return more interesting error codes. - - * lib/krb5/plugin.c: Prefix enum plugin_type. - - * lib/krb5/krb5_locl.h: Expose plugin structures. - - * lib/krb5/krb5.h: Add plugin structures. - - * lib/krb5/krb_err.et: V4 errors. - - * lib/krb5/version-script.map: First version of version script. - -2007-07-13 Love Hörnquist Åstrand - - * kdc/kerberos5.c: Java 1.6 expects the name to be the same type, - lets allow that for uncomplicated name-types. - -2007-07-12 Love Hörnquist Åstrand - - * lib/krb5/v4_glue.c (_krb5_krb_rd_req): if ticket contains - address 0, its ticket less and don't really care about - from_addr. return better error codes. - - * kpasswd/kpasswdd.c: Fix pointer vs strict alias rules. - -2007-07-11 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c: When using sambaNTPassword, avoid adding - more then one enctype 23 to krb5EncryptionType. - - * lib/krb5/cache.c: Spelling. - - * kdc/kerberos5.c: Don't send newer enctypes in ETYPE-INFO. - (get_pa_etype_info2): return the enctypes as sorted in the - database - -2007-07-10 Love Hörnquist Åstrand - - * kuser/kinit.c: krb5-v4compat.h defines prototypes for - v4 (semiprivate functions) in libkrb5, don't include - krb5-private.h any longer. - - * lib/krb5/krbhst.c: Set error string when there is no KDC for a - realm. - - * lib/krb5/Makefile.am: New library version. - - * kdc/Makefile.am: New library version. - - * lib/krb5/krb5_locl.h: Add default_cc_name_env. - - * lib/krb5/cache.c (enviroment_changed): return non-zero if - enviroment that will determine default krb5cc name has changed. - (krb5_cc_default_name): also check if cached value is uptodate. - - * lib/krb5/krb5_locl.h: Drop pkinit_flags. - -2007-07-05 Love Hörnquist Åstrand - - * configure.in: add tests/java/Makefile - - * lib/hdb/dbinfo.c: Add hdb_dbinfo_get_log_file. - -2007-07-04 Love Hörnquist Åstrand - - * kdc/kerberos5.c: Improve the default salt detection to avoid - returning v4 password salting to java that doesn't look at the - returning padata for salting. - - * kdc: Split out krb5_kdc_set_dbinfo, From Andrew Bartlett - -2007-07-02 Love Hörnquist Åstrand - - * kdc/digest.c: Try harder to provide better error message for - digest messages. - - * lib/krb5/Makefile.am: verify_krb5_conf_OBJECTS depends on - krb5-pr*.h, make -j finds this. - -2007-06-28 Love Hörnquist Åstrand - - * kdc/digest.c: On success, print username, not ip-adress. - -2007-06-26 Love Hörnquist Åstrand - - * lib/krb5/get_cred.c: Add krb5_get_renewed_creds. - - * lib/krb5/krb5_get_credentials.3: add krb5_get_renewed_creds - - * lib/krb5/pkinit.c: Use hx509_cms_unwrap_ContentInfo. - -2007-06-25 Love Hörnquist Åstrand - - * doc/setup.texi: Add example for pkinit_win2k_require_binding - in [kdc] section. - - * kdc/default_config.c: Rename require_binding to - win2k_require_binding to match client configuration. - - * kdc/default_config.c: Add [kdc]pkinit_require_binding option. - - * kdc/pkinit.c (pk_mk_pa_reply_enckey): only allow non-bound reply - if its not required. - - * kdc/default_config.c: rename pkinit_princ_in_cert and add - pkinit_require_binding - - * kdc/kdc.h: rename pkinit_princ_in_cert and add - pkinit_require_binding - - * kdc/pkinit.c: rename pkinit_princ_in_cert - -2007-06-24 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: Adapt to hx509_verify_hostname change. - -2007-06-21 Love Hörnquist Åstrand - - * kdc/krb5tgs.c: Drop unused variable. - - * kdc/krb5tgs.c: disable anonyous tgs requests - - * kdc/krb5tgs.c: Don't check PAC on cross realm for now. - - * kuser/kgetcred.c: Set KRB5_GC_CONSTRAINED_DELEGATION and parse - nametypes. - - * lib/krb5/krb5_principal.3: Document krb5_parse_nametype. - - * lib/krb5/principal.c (krb5_parse_nametype): parse nametype and - return their integer values. - - * lib/krb5/krb5.h (krb5_get_creds): Add - KRB5_GC_CONSTRAINED_DELEGATION. - - * lib/krb5/get_cred.c (krb5_get_creds): if - KRB5_GC_CONSTRAINED_DELEGATION is set, set both request_anonymous - and constrained_delegation. - -2007-06-20 Love Hörnquist Åstrand - - * kdc/digest.c: Return an error message instead of dropping the - packet for more failure cases. - - * lib/krb5/krb5_principal.3: Add KRB5_PRINCIPAL_UNPARSE_DISPLAY. - - * appl/gssmask/gssmask.c (AcquirePKInitCreds): fail more - gracefully - -2007-06-18 Love Hörnquist Åstrand - - * lib/krb5/pac.c: make compile. - - * lib/krb5/pac.c (verify_checksum): memset cksum to avoid using - pointer from stack. - - * lib/krb5/plugin.c: Don't expose free pointer. - - * lib/krb5/pkinit.c (_krb5_pk_load_id): fail directoy for first - calloc. - - * lib/krb5/pkinit.c (get_reply_key*): don't expose freed memory - - * lib/krb5/krbhst.c: Host is static memory, don't free. - - * lib/krb5/crypto.c (decrypt_internal_derived): make sure length - is longer then confounder + checksum. - - * kdc: export get_dbinfo as krb5_kdc_set_dbinfo and call from - users. This to allows libkdc users to to specify their own - databases - - * lib/krb5/pkinit.c (pk_rd_pa_reply_enckey): simplify handling of - content data (and avoid leaking memory). - - * kdc/misc.c (_kdc_db_fetch): set error string for failures. - -2007-06-15 Love Hörnquist Åstrand - - * kdc/pkinit.c: Use KRB5_AUTHDATA_INITIAL_VERIFIED_CAS. - -2007-06-13 Love Hörnquist Åstrand - - * kdc/pkinit.c: tell user when they got a pk-init request with - pkinit disabled. - -2007-06-12 Love Hörnquist Åstrand - - * lib/krb5/principal.c: Rename UNPARSE_NO_QUOTE to - UNPARSE_DISPLAY. - - * lib/krb5/krb5.h: Rename UNPARSE_NO_QUOTE to UNPARSE_DISPLAY. - - * lib/krb5/principal.c: Make no-quote mean replace strange chars - with space. - - * lib/krb5/principal.c: Support KRB5_PRINCIPAL_UNPARSE_NO_QUOTE. - - * lib/krb5/krb5.h: Add KRB5_PRINCIPAL_UNPARSE_NO_QUOTE. - - * lib/krb5/test_princ.c: Test quoteing. - - * lib/krb5/pkinit.c: update (c) - - * lib/krb5/get_cred.c: use krb5_sendto_context to talk to the KDC. - - * lib/krb5/send_to_kdc.c (_krb5_kdc_retry): check if the whole - process needs to restart or just skip this KDC. - - * lib/krb5/init_creds_pw.c: Use krb5_sendto_context to talk to - KDC. - - * lib/krb5/krb5.h: Add sendto hooks and opaque structure. - - * lib/krb5/krb5_rd_error.3: Update prototype. - - * lib/krb5/send_to_kdc.c: Add hooks for processing the reply from - the server. - -2007-06-11 Love Hörnquist Åstrand - - * lib/krb5/krb5_err.et: Some new error codes from RFC 4120. - -2007-06-09 Love Hörnquist Åstrand - - * kdc/krb5tgs.c: Constify. - - * kdc/kerberos5.c: Constify. - - * kdc/pkinit.c: Check for KRB5-PADATA-PK-AS-09-BINDING. Constify. - -2007-06-08 Love Hörnquist Åstrand - - * include/Makefile.am: Make krb5-types.h nodist_include_HEADERS. - - * kdc/Makefile.am: EXTRA_DIST += version-script.map. - -2007-06-07 Love Hörnquist Åstrand - - * Makefile.am (print-distdir): print name of dist - - * kdc/pkinit.c: Break out loading of mappings file to a separate - function and remove warning that it can't open the mapping file, - there are now mappings in the db, maybe the users uses that - instead... - - * lib/krb5/crypto.c: Require the raw key have the correct size and - do away with the minsize. Minsize was a thing that originated - from RC2, but since RC2 is done in the x509/cms subsystem now - there is no need to keep that around. - - * lib/hdb/dbinfo.c: If there is no default dbname, also check for - unset mkey_file and set it default mkey name, make backward compat - stuff work. - - * kdc/version-script.map: add new symbols - - * kdc/kdc-replay.c: Also update krb5_context view of what the time - is. - - * configure.in: add tests/can/Makefile - - * kdc/kdc-replay.c: Add --[version|help]. - - * kdc/pkinit.c: Push down the kdc time into the x509 library. - - * kdc/connect.c: Move up krb5_kdc_save_request so we can catch the - reply data too. - - * kdc/kdc-replay.c: verify reply by checking asn1 class, type and - tag of the reply if there is one. - - * kdc/process.c: Save asn1 class, type and tag of the reply if - there is one. Used to verify the reply in kdc-replay. - -2007-06-06 Love Hörnquist Åstrand - - * kdc/kdc_locl.h: extern for request_log. - - * kdc/Makefile.am: Add kdc-replay. - - * kdc/kdc-replay.c: Replay kdc messages to the KDC library. - - * kdc/config.c: Pick up request_log from [kdc]kdc-request-log. - - * kdc/connect.c: Option to save the request to disk. - - * kdc/process.c (krb5_kdc_save_request): save request to file. - - * kdc/process.c (krb5_kdc_process*): dont update _kdc_time - automagicly. - (krb5_kdc_update_time): set or get current kdc-time. - - * kdc/pkinit.c (_kdc_pk_rd_padata): accept both pkcs-7 and - pkauthdata as the signeddata oid - - * kdc/pkinit.c (_kdc_pk_rd_padata): Try to log what went wrong. - -2007-06-05 Love Hörnquist Åstrand - - * kdc/pkinit.c: Use oid_id_pkcs7_data for pkinit-9 encKey reply to - match windows DC behavior better. - -2007-06-04 Love Hörnquist Åstrand - - * configure.in: use test for -framework Security - - * appl/test/uu_server.c: Print status to stdout. - - * kdc/digest.c (digest ntlm): provide log entires by setting ret - to an error. - -2007-06-03 Love Hörnquist Åstrand - - * doc/hx509.texi: Indent crl-sign. - - * doc/hx509.texi: One more crl-sign example. - - * lib/krb5/test_princ.c: plug memory leaks. - - * lib/krb5/pac.c: plug memory leaks. - - * lib/krb5/test_pac.c: plug memory leaks. - - * lib/krb5/test_prf.c: plug memory leak. - - * lib/krb5/test_cc.c: plug memory leaks. - - * doc/hx509.texi: Simple blob about publishing CRLs. - - * doc/win2k.texi: drop text about enctypes. - -2007-06-02 Love Hörnquist Åstrand - - * kdc/pkinit.c: In case of OCSP verification failure, referash - every 5 min. In case of success, refreash 2 min before expiring or - faster. - -2007-05-31 Love Hörnquist Åstrand - - * lib/krb5/krb5_err.et: add error 68, WRONG_REALM - - * kdc/pkinit.c: Handle the ms san in a propper way, still cheat - with the realm name. - - * kdc/kerberos5.c: If _kdc_pk_check_client failes, bail out - directly and hand the error back to the client. - - * lib/krb5/krb5_err.et: Add missing REVOCATION_STATUS_UNAVAILABLE - and fix error message for CLIENT_NAME_MISMATCH. - - * kdc/pkinit.c: More logging for pk-init client mismatch. - - * kdc/kerberos5.c: Also add a KRB5_PADATA_PK_AS_REQ_WIN for - windows pk-init (-9) to make MIT clients happy. - -2007-05-30 Love Hörnquist Åstrand - - * kdc/pkinit.c: Force des3 for win2k. - - * kdc/pkinit.c: Add wrapping to ContentInfo wrapping to - COMPAT_WIN2K. - - * lib/krb5/keytab_keyfile.c: Spelling. - - * kdc/pkinit.c: Allow matching by MS UPN SAN, note that this delta - doesn't deal with case of realm. - -2007-05-16 Love Hörnquist Åstrand - - * lib/krb5/crypto.c (krb5_crypto_overhead): return static overhead - of encryption. - -2007-05-10 Dave Love - - * doc/win2k.texi: Update some URLs. - -2007-05-13 Love Hörnquist Åstrand - - * kuser/kimpersonate.c: Fix version number of ticket, it should be - 5 not the kvno. - -2007-05-08 Love Hörnquist Åstrand - - * doc/setup.texi: Salting is really Encryption types and salting. - -2007-05-07 Love Hörnquist Åstrand - - * doc/setup.texi: spelling, from Ronny Blomme - - * doc/win2k.texi: Fix ksetup /SetComputerPassword, from Ronny - Blomme - -2007-05-02 Love Hörnquist Åstrand - - * lib/hdb/dbinfo.c (hdb_get_dbinfo) If there are no database - specified, create one and let it use the defaults. - -2007-04-27 Love Hörnquist Åstrand - - * lib/hdb/test_dbinfo.c: test acl file - - * lib/hdb/test_dbinfo.c: test acl file - - * lib/hdb/dbinfo.c: add acl file - - * etc: ignore Makefile.in - - * Makefile.am: SUBDIRS += etc - - * configure.in: Add etc/Makefile. - - * etc/Makefile.am: make sure services.append is distributed - -2007-04-24 Love Hörnquist Åstrand - - * kdc: rename windc_init to krb5_kdc_windc_init - - * kdc/version-script.map: version script for libkdc - - * kdc/Makefile.am: version script for libkdc - -2007-04-23 Love Hörnquist Åstrand - - * lib/krb5/init_creds.c (krb5_get_init_creds_opt_get_error): - correct the order of the arguments. - - * lib/hdb/Makefile.am: Add and test dbinfo. - - * lib/hdb/hdb.h: Forward declaration for struct hdb_dbinfo; - - * kdc/config.c: Use krb5_kdc_get_config and just fill in what the - users wanted differently. - - * kdc/default_config.c: Make the default configuration fetch info - from the krb5.conf. - -2007-04-22 Love Hörnquist Åstrand - - * lib/krb5/store.c (krb5_store_creds_tag): use session.keytype to - determine if to send the session-key, for the second place in the - function. - - * tools/krb5-config.in: rename des to hcrypto - - * kuser/Makefile.am: depend on libheimntlm - - * kuser/kinit.c: Add --ntlm-domain that store the ntlm cred for - this domain if the Kerberos password auth worked. - - * kuser/klist.c: add new option --hidden that doesn't display - principal that starts with @ - - * tools/krb5-config.in: Add heimntlm when we use gssapi. - - * lib/krb5/krb5_ccache.3 (krb5_cc_retrieve_cred): document what to - free 'cred' with. - - * lib/krb5/cache.c (krb5_cc_retrieve_cred): document what to free - 'cred' with. - -2007-04-21 Love Hörnquist Åstrand - - * lib/krb5/store.c (krb5_store_creds_tag): use session.keytype to - determine if to send the session-key. - - * kcm/client.c (kcm_ccache_new_client): make root be able to pass - the name constraints, not the opposite. From Bryan Jacobs. - -2007-04-20 Love Hörnquist Åstrand - - * kcm/acl.c: make compile again. - - * kcm/client.c: fix warning. - - * kcm: First, it allows root to ignore the naming conventions. - Second, it allows root to always perform any operation on any - ccache. Note that root could do this anyway with FILE ccaches. - From Bryan Jacobs. - - * Rename libdes to libhcrypto. - -2007-04-19 Love Hörnquist Åstrand - - * kinit: remove code that depend on kerberos 4 library - - * kdc: remove code that depend on kerberos 4 library - - * configure.in: Drop kerberos 4 support. - - * kdc/hpropd.c (main): free the message when done with it. - - * lib/krb5/pkinit.c (_krb5_get_init_creds_opt_free_pkinit): - remember to free memory too. - - * lib/krb5/pkinit.c (pk_rd_pa_reply_dh): free content-type when - done. - - * configure.in: test rk_VERSIONSCRIPT - -2007-04-18 Love Hörnquist Åstrand - - * fix-export: remove, all done by make dist now - -2007-04-15 Love Hörnquist Åstrand - - * lib/krb5/krb5_get_credentials.3: spelling, from Jason McIntyre - -2007-04-11 Love Hörnquist Åstrand - - * kdc/kstash.8: Spelling, from raga - via Bjorn Sandell. - - * lib/krb5/store_mem.c: indent. - - * lib/krb5/recvauth.c: Set error string. - - * lib/krb5/rd_req.c: clear error strings. - - * lib/krb5/rd_cred.c: clear error string. - - * lib/krb5/pkinit.c: Set error strings. - - * lib/krb5/get_cred.c: Tell what principal we are not finding for - all KRB5_CC_NOTFOUND. - -2007-02-22 Love Hörnquist Åstrand - - * kdc/kerberos5.c: Return the same error codes as a windows KDC. - - * kuser/kinit.c: KRB5KDC_ERR_PREAUTH_FAILED is also a password - failed. - - * kdc/kerberos5.c: Make handling of replying e_data more generic, - from metze. - - * kdc/kerberos5.c: Fix (string const and shadow) warnings, from - metze. - - * lib/krb5/pac.c: Create the PAC element in the same order as - w2k3, maybe there's some broken code in windows which relies on - this... From metze. - - * kdc/kerberos5.c: Select a session enctype from the list of the - crypto systems supported enctype, is supported by the client and - is one of the enctype of the enctype of the krbtgt. - - The later is used as a hint what enctype all KDC are supporting to - make sure a newer version of KDC wont generate a session enctype - that and older version of a KDC in the same realm can't decrypt. - - But if the KDC admin is paranoid and doesn't want to have "no the - best" enctypes on the krbtgt, lets save the best pick from the - client list and hope that that will work for any other KDCs. - - Reported by metze. - - * kdc/hprop.c (propagate_database): on any failure, drop the - connection to the peer and try next one. - -2007-02-18 Love Hörnquist Åstrand - - * lib/krb5/krb5_get_init_creds.3: document new options. - - * kdc/krb5tgs.c: Only check service key for cross realm PACs. - - * lib/krb5/init_creds.c: use the new merged flags field. - (krb5_get_init_creds_opt_set_win2k): new function, turn on all w2k - compat flags. - - * lib/krb5/init_creds_pw.c: use the new merged flags field. - - * lib/krb5/krb5_locl.h: merge all flags into one entity - -2007-02-11 Dave Love - - * lib/krb5/krb5_aname_to_localname.3: Small fixes - - * lib/krb5/krb5_digest.3: Small fixes - - * kuser/kimpersonate.1: Small fixes - -2007-02-17 Love Hörnquist Åstrand - - * lib/krb5/init_creds_pw.c (find_pa_data): if there is no list, - there is no entry. - - * kdc/krb5tgs.c: Don't check PACs on cross realm requests. - - * lib/krb5/krb5.h: add KRB5_KU_CANONICALIZED_NAMES. - - * lib/krb5/init_creds_pw.c: Verify client referral data. - - * kdc/kerberos5.c: switch some "return ret" to "goto out". - - * kdc/kerberos5.c: Pass down canonicalize request to hdb layer, - sign client referrals. - - * lib/hdb/hdb.h: Add HDB_F_CANON. - - * lib/hdb: add simple alias support to the database backends - -2007-02-16 Love Hörnquist Åstrand - - * kuser/kinit.c: Add canonicalize flag. - - * lib/krb5/init_creds_pw.c: Use EXTRACT_TICKET_* flags, support - canonicalize. - - * lib/krb5/init_creds.c (krb5_get_init_creds_opt_set_canonicalize): - new function. - - * lib/krb5/get_cred.c: Use EXTRACT_TICKET_* flags. - - * lib/krb5/get_in_tkt.c: Use EXTRACT_TICKET_* flags. - - * lib/krb5/krb5_locl.h: Add EXTRACT_TICKET_* flags. - -2007-02-15 Love Hörnquist Åstrand - - * lib/krb5/test_princ.c: test parsing enterprise-names. - - * lib/krb5/principal.c: Add support for parsing enterprise-names. - - * lib/krb5/krb5.h: Add KRB5_PRINCIPAL_PARSE_ENTERPRISE. - - * lib/hdb/hdb-ldap.c: Make work again. - -2007-02-11 Dave Love - - * kcm/client.c (kcm_ccache_new_client): Cast snprintf'ed value. - -2007-02-10 Love Hörnquist Åstrand - - * doc/setup.texi: prune trailing space - - * lib/hdb/db.c: Be better at setting and clearing error string. - - * lib/hdb/hdb.c: Be better at setting and clearing error string. - -2007-02-09 Love Hörnquist Åstrand - - * lib/krb5/keytab.c (krb5_kt_get_entry): Use krb5_kt_get_full_name - to print out the keytab name. - - * doc/setup.texi: Spelling, from Guido Guenther - -2007-02-08 Love Hörnquist Åstrand - - * lib/krb5/rd_cred.c: Plug memory leak, from Michael B Allen. - -2007-02-06 Love Hörnquist Åstrand - - * lib/krb5/test_store.c (test_uint16): unsigned ints can't be - negative - -2007-02-03 Love Hörnquist Åstrand - - * kdc/pkinit.c: pass extra flags for detached signatures. - - * lib/krb5/pkinit.c: pass extra flags for detached signatures. - - * kdc/digest.c: Remove debug output. - - * kuser/kdigest.c: Add support for ms-chap-v2 client. - -2007-02-02 Love Hörnquist Åstrand - - * kdc/digest.c: Fix ms-chap-v2 get_masterkey - - * kdc/digest.c: Fix ms-chap-v2 mutual response auth code. - - * kuser/kdigest.c: Print session key if there is one. - - * lib/krb5/digest.c: rename hash-a1 to session key - - * kdc/digest.c: Add get_master from RFC 3079 3.4 for MS-CHAP-V2 - - * kuser/kdigest.c: print rsp if there is one, from Klas. - - * kdc/digest.c: Use right size, from Klas Lindfors. - - * kuser/kdigest.c: Set client nonce if avaible, from Klas. - - * kdc/digest.c: First version from kllin. - - * kuser/kdigest.c: Don't restrict the type. - -2007-02-01 Love Hörnquist Åstrand - - * kuser/kdigest-commands.in: add --client-response - - * kuser/kdigest.c: Print status instead of response. - - * kdc/digest.c: Better logging and return status = FALSE when - checksum doesn't match. - - * kdc/digest.c: Check the digest response in the KDC. - - * lib/krb5/digest.c: New functions to send in requestResponse to - KDC and get status of the request. - - * kdc/digest.c: Add support for MS-CHAP v2. - - * lib/hdb/hdb-ldap.c: Set hdb->hdb_db for ldap. - -2007-01-31 Love Hörnquist Åstrand - - * fix-export: Make hx509.info too - - * kdc/digest.c: don't verify identifier in CHAP, its the client - that chooses it. - -2007-01-23 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am: Basic test of prf. - - * lib/krb5/test_prf.c: Basic test of prf. - - * lib/krb5/mit_glue.c: Add MIT glue for Kerberos RFC 3961 PRF - functions. - - * lib/krb5/crypto.c: Add Kerberos RFC 3961 PRF functions. - - * lib/krb5/krb5_data.3: Document krb5_data_cmp. - - * lib/krb5/data.c: Add krb5_data_cmp. - -2007-01-20 Love Hörnquist Åstrand - - * kdc/kx509.c: Don't use C99 syntax. - -2007-01-17 Love Hörnquist Åstrand - - * configure.in: its LIBADD_roken (and shouldn't really exist, our - libtool usage it broken) - - * configure.in: Add an extra variable for roken, LIBADD, that - should be used for library depencies. - - * lib/krb5/send_to_kdc.c (krb5_sendto): zero out receive buffer. - - * lib/krb5/krb5_init_context.3: fix mdoc errors - - * Heimdal 0.8 branch cut today - - * doc/hx509.texi: Spelling and more about proxy certificates. - - * configure.in: check for arc4random - -2007-01-16 Love Hörnquist Åstrand - - * lib/krb5/send_to_kdc.c (krb5_sendto): zero receive krb5_data - before starting - - * tools/heimdal-build.sh: make cvs keep quiet - - * kuser/kverify.c: Use argument as principal if passed an - argument. Bug report from Douglas E. Engert - -2007-01-15 Love Hörnquist Åstrand - - * lib/krb5/rd_req.c (krb5_rd_req_ctx): The code failed to consider - the enc_tkt_in_skey case, from Douglas E. Engert. - - * kdc/kx509.c: Issue certificates. - - * kdc/config.c: Parse kx509/kca configuration. - - * kdc/kdc.h: add kx509 config - -2007-01-14 Love Hörnquist Åstrand - - * kdc/kerberos5.c (_kdc_find_padata): if there is not padata, - there is nothing find. - - * doc/hx509.texi: Examples for pk-init. - - * doc/hx509.texi: About extending ca lifetime and sub cas. - -2007-01-13 Love Hörnquist Åstrand - - * doc/hx509.texi: More about certificates. - -2007-01-12 Love Hörnquist Åstrand - - * doc/hx509.texi: add Application requirements and write about - xmpp/jabber. - -2007-01-11 Love Hörnquist Åstrand - - * doc/hx509.texi: More about issuing certificates. - - * doc/hx509.texi: Start of a x.509 manual. - - * include/Makefile.am: remove install headerfiles - - * lib/krb5/test_pac.c: Use more interesting data to cause more - errors. - - * include/Makefile.am: remove install headerfiles - - * lib/krb5/mcache.c: MCC_CURSOR not used, remove. - - * lib/krb5/crypto.c: macro kcrypto_oid_enc now longer used - - * lib/krb5/rd_safe.c (krb5_rd_safe): set length before trying to - allocate data - -2007-01-10 Love Hörnquist Åstrand - - * doc/setup.texi: Hint about hxtool validate. - - * appl/test/uu_server.c: print both "server" and "client" - - * kdc/krb5tgs.c: Rename keys to be more obvious what they do. - - * kdc/kerberos5.c: Use other keys to sign PAC with. From Andrew - Bartlett - - * kdc/windc.c: ident, spelling. - - * kdc/windc_plugin.h: indent. - - * kdc/krb5tgs.c: Pass down server entry to verify_pac function. - from Andrew Bartlett - - * kdc/windc.c: pass down server entry to verify_pac function, from - Andrew Bartlett - - * kdc/windc_plugin.h: pass down server entry to verify_pac - function, from Andrew Bartlett - - * configure.in: Provide a automake symbol ENABLE_SHARED if shared - libraries are built. - - * lib/krb5/rd_req.c (krb5_rd_req_ctx): Use the correct keyblock - when verifying the PAC. From Andrew Bartlett. - -2007-01-09 Love Hörnquist Åstrand - - * lib/krb5/test_pac.c: move around to code test on real PAC. - - * lib/krb5/pac.c: A tiny 2 char diffrence that make the code work - for real. - - * lib/krb5/test_pac.c: Test more PAC (note that the values used in - this test is wrong, they have to be fixed when the pac code is - fixed). - - * doc/setup.texi: Update to new hxtool issue-certificate usage - - * lib/krb5/init_creds_pw.c: Make sure we don't sent both ENC-TS - and PK-INIT pa data, no need to expose our password protecting our - PKCS12 key. - - * kuser/klist.c (print_cred_verbose): include ticket length in the - verbose output - -2007-01-08 Love Hörnquist Åstrand - - * lib/krb5/acache.c (loadlib): pass RTLD_LAZY to dlopen, without - it linux is unhappy. - - * lib/krb5/plugin.c (loadlib): pass RTLD_LAZY to dlopen, without - it linux is unhappy. - - * lib/krb5/name-45-test.c: One of the hosts I sometimes uses is - named "bar.domain", this make one of the tests pass when it - shouldn't. - -2007-01-05 Love Hörnquist Åstrand - - * doc/setup.texi: Change --key argument to --out-key. - - * kuser/kimpersonate.1: mangle my name - -2007-01-04 Love Hörnquist Åstrand - - * doc/setup.texi: describe how to use hx509 to create - certificates. - - * tools/heimdal-build.sh: Add --distcheck. - - * kdc/kerberos5.c: Check for KRB5_PADATA_PA_PAC_REQUEST to check - if we should include the PAC in the krbtgt. - - * kdc/pkinit.c (_kdc_as_rep): check if - krb5_generate_random_keyblock failes. - - * kdc/kerberos5.c (_kdc_as_rep): check if - krb5_generate_random_keyblock failes. - - * kdc/krb5tgs.c (tgs_build_reply): check if - krb5_generate_random_keyblock failes. - - * kdc/krb5tgs.c: Scope etype. - - * lib/krb5/rd_req.c: Make it possible to turn off PAC check, its - default on. - - * lib/krb5/rd_req.c (krb5_rd_req_ctx): If there is a PAC, verify - its server signature. - - * kdc/kerberos5.c (_kdc_as_rep): call windc client access hook. - (_kdc_tkt_add_if_relevant_ad): constify in data argument. - - * kdc/windc_plugin.h: More comments add a client_access hook. - - * kdc/windc.c: Add _kdc_windc_client_access. - - * kdc/krb5tgs.c: rename functions after export some more pac - functions. - - * lib/krb5/test_pac.c: export some more pac functions. - - * lib/krb5/pac.c: export some more pac functions. - - * kdc/krb5tgs.c: Resign the PAC in tgsreq if we have a PAC. - - * configure.in: add tests/plugin/Makefile - -2007-01-03 Love Hörnquist Åstrand - - * kdc/krb5tgs.c: Get right key for PAC krbtgt verification. - - * kdc/config.c: spelling - - * lib/krb5/krb5.h: typedef for krb5_pac. - - * kdc/headers.h: Include . - - * kdc/Makefile.am: Include windc.c and use windc_plugin.h - - * kdc/krb5tgs.c: Call callbacks for emulating a Windows Domain - Controller. - - * kdc/kerberos5.c: Call callbacks for emulating a Windows Domain - Controller. Move the some of the log related stuff to its own - function. - - * kdc/config.c: Init callbacks for emulating a Windows Domain - Controller. - - * kdc/windc.c: Rename the init function to windc instead of pac. - - * kdc/windc.c: Callbacks specific to emulating a Windows Domain - Controller. - - * kdc/windc_plugin.h: Callbacks specific to emulating a Windows - Domain Controller. - - * lib/krb5/Makefile.am: add krb5_HEADERS to build_HEADERZ - - * lib/krb5/pac.c: Support all keyed checksum types. - -2007-01-02 Love Hörnquist Åstrand - - * lib/krb5/pac.c (krb5_pac_get_types): Return list of types. - - * lib/krb5/test_pac.c: test krb5_pac_get_types - - * lib/krb5/krbhst.c: Add KRB5_KRBHST_KCA. - - * lib/krb5/krbhst.c: Add KRB5_KRBHST_KCA. - - * lib/krb5/krb5.h: Add KRB5_KRBHST_KCA. - - * lib/krb5/test_pac.c: test Add/remove pac buffer functions. - - * lib/krb5/pac.c: Add/remove pac buffer functions. - - * lib/krb5/pac.c: sprinkle const - - * lib/krb5/pac.c: rename DCHECK to CHECK - - * Happy New Year. diff --git a/crypto/heimdal/ChangeLog.1998 b/crypto/heimdal/ChangeLog.1998 deleted file mode 100644 index f26dba777ed2..000000000000 --- a/crypto/heimdal/ChangeLog.1998 +++ /dev/null @@ -1,3201 +0,0 @@ -Sat Dec 5 19:49:34 1998 Johan Danielsson - - * lib/krb5/context.c: remove ktype_is_etype - - * lib/krb5/crypto.c, lib/krb5/krb5.h, acconfig.h: NEW_DES3_CODE - - * configure.in: fix for AIX install; better tests for AIX dynamic - AFS libs; `--enable-new-des3-code' - -Tue Dec 1 14:44:44 1998 Johan Danielsson - - * appl/afsutil/Makefile.am: link with extra libs for aix - - * kuser/Makefile.am: link with extra libs for aix - -Sun Nov 29 01:56:21 1998 Assar Westerlund - - * lib/krb5/get_addrs.c (krb5_get_all_server_addrs): add. almost - the same as krb5_get_all_client_addrs except that it includes - loopback addresses - - * kdc/connect.c (init_socket): bind to a particular address - (init_sockets): get all local addresses and bind to them all - - * lib/krb5/addr_families.c (addr2sockaddr, print_addr): new - methods - (find_af, find_atype): new functions. use them. - - * configure.in: add hesiod - -Wed Nov 25 11:37:48 1998 Johan Danielsson - - * lib/krb5/krb5_err.et: add some codes from kerberos-revisions-03 - -Mon Nov 23 12:53:48 1998 Assar Westerlund - - * lib/kadm5/log.c: rename delete -> remove - - * lib/kadm5/delete_s.c: rename delete -> remove - - * lib/hdb/common.c: rename delete -> remove - -Sun Nov 22 12:26:26 1998 Assar Westerlund - - * configure.in: check for environ and `struct spwd' - -Sun Nov 22 11:42:45 1998 Johan Danielsson - - * kdc/kerberos5.c (as_rep): set keytype to sess_ktype if - ktype_is_etype - - * lib/krb5/encrypt.c (krb5_keytype_to_etypes): zero terminate - etypes - (em): sort entries - -Sun Nov 22 06:54:48 1998 Assar Westerlund - - * lib/krb5/init_creds_pw.c: more type correctness - - * lib/krb5/get_cred.c: re-structure code. remove limits on ASN1 - generated bits. - -Sun Nov 22 01:49:50 1998 Johan Danielsson - - * kdc/hprop.c (v4_prop): fix bogus indexing - -Sat Nov 21 21:39:20 1998 Assar Westerlund - - * lib/krb5/verify_init.c (fail_verify_is_ok): new function - (krb5_verify_init_creds): if we cannot get a ticket for - host/`hostname` and fail_verify_is_ok just return. use - krb5_rd_req - -Sat Nov 21 23:12:27 1998 Assar Westerlund - - * lib/krb5/free.c (krb5_xfree): new function - - * lib/krb5/creds.c (krb5_free_creds_contents): new function - - * lib/krb5/context.c: more type correctness - - * lib/krb5/checksum.c: more type correctness - - * lib/krb5/auth_context.c (krb5_auth_con_init): more type - correctness - - * lib/asn1/der_get.c (der_get_length): fix test of len - (der_get_tag): more type correctness - - * kuser/klist.c (usage): void-ize - - * admin/ktutil.c (kt_remove): some more type correctness. - -Sat Nov 21 16:49:20 1998 Johan Danielsson - - * kuser/klist.c: try to list enctypes as keytypes - - * kuser/kinit.c: remove extra `--cache' option, add `--enctypes' - to set list of enctypes to use - - * kadmin/load.c: load strings as hex - - * kadmin/dump.c: dump hex as string is possible - - * admin/ktutil.c: use print_version() - - * configure.in, acconfig.h: test for hesiod - -Sun Nov 15 17:28:19 1998 Johan Danielsson - - * lib/krb5/crypto.c: add some crypto debug code - - * lib/krb5/get_in_tkt.c (_krb5_extract_ticket): don't use fixed - buffer when encoding ticket - - * lib/krb5/auth_context.c (re-)implement `krb5_auth_setenctype' - - * kdc/kerberos5.c: allow mis-match of tgt session key, and service - session key - - * admin/ktutil.c: keytype -> enctype - -Fri Nov 13 05:35:48 1998 Assar Westerlund - - * lib/krb5/krb5.h (KRB5_TGS_NAME, KRB5_TGS_NAME_SIZE): added - -Sat Nov 7 19:56:31 1998 Assar Westerlund - - * lib/krb5/get_cred.c (add_cred): add termination NULL pointer - -Mon Nov 2 01:15:06 1998 Assar Westerlund - - * lib/krb5/rd_req.c: adapt to new crypto api - - * lib/krb5/rd_rep.c: adapt to new crypto api - - * lib/krb5/rd_priv.c: adopt to new crypto api - - * lib/krb5/rd_cred.c: adopt to new crypto api - - * lib/krb5/principal.c: ENOMEM -> ERANGE - - * lib/krb5/mk_safe.c: cleanup and adopt to new crypto api - - * lib/krb5/mk_req_ext.c: adopt to new crypto api - - * lib/krb5/mk_req.c: get enctype from auth_context keyblock - - * lib/krb5/mk_rep.c: cleanup and adopt to new crypto api - - * lib/krb5/mk_priv.c: adopt to new crypto api - - * lib/krb5/keytab.c: adopt to new crypto api - - * lib/krb5/get_in_tkt_with_skey.c: adopt to new crypto api - - * lib/krb5/get_in_tkt_with_keytab.c: adopt to new crypto api - - * lib/krb5/get_in_tkt_pw.c: adopt to new crypto api - - * lib/krb5/get_in_tkt.c: adopt to new crypto api - - * lib/krb5/get_cred.c: adopt to new crypto api - - * lib/krb5/generate_subkey.c: use new crypto api - - * lib/krb5/context.c: rename etype functions to enctype ditto - - * lib/krb5/build_auth.c: use new crypto api - - * lib/krb5/auth_context.c: remove enctype and cksumtype from - auth_context - -Mon Nov 2 01:15:06 1998 Assar Westerlund - - * kdc/connect.c (handle_udp, handle_tcp): correct type of `n' - -Tue Sep 15 18:41:38 1998 Johan Danielsson - - * admin/ktutil.c: fix printing of unrecognized keytypes - -Tue Sep 15 17:02:33 1998 Johan Danielsson - - * lib/kadm5/set_keys.c: add KEYTYPE_USE_AFS3_SALT to keytype if - using AFS3 salt - -Tue Aug 25 23:30:52 1998 Assar Westerlund - - * lib/krb5/send_to_kdc.c (krb5_sendto_kdc): care about - `use_admin_kdc' - - * lib/krb5/changepw.c (get_kdc_address): use - krb5_get_krb_admin_hst - - * lib/krb5/krbhst.c (krb5_get_krb_admin_hst): new function - - * lib/krb5/krb5.h (krb5_context_data): add `use_admin_kdc' - - * lib/krb5/context.c (krb5_get_use_admin_kdc, - krb5_set_use_admin_kdc): new functions - -Tue Aug 18 22:24:12 1998 Johan Danielsson - - * lib/krb5/crypto.c: remove all calls to abort(); check return - value from _key_schedule; - (RSA_MD[45]_DES_verify): zero tmp and res; - (RSA_MD5_DES3_{verify,checksum}): implement - -Mon Aug 17 20:18:46 1998 Assar Westerlund - - * kdc/kerberos4.c (swap32): conditionalize - - * lib/krb5/mk_req_ext.c (krb5_mk_req_internal): new function - - * lib/krb5/get_host_realm.c (krb5_get_host_realm): if the hostname - returned from gethostby*() isn't a FQDN, try with the original - hostname - - * lib/krb5/get_cred.c (make_pa_tgs_req): use krb5_mk_req_internal - and correct key usage - - * lib/krb5/crypto.c (verify_checksum): make static - - * admin/ktutil.c (kt_list): use krb5_enctype_to_string - -Sun Aug 16 20:57:56 1998 Assar Westerlund - - * kadmin/cpw.c (do_cpw_entry): use asprintf for the prompt - - * kadmin/ank.c (ank): print principal name in prompt - - * lib/krb5/crypto.c (hmac): always allocate space for checksum. - never trust c.checksum.length - (_get_derived_key): try to return the derived key - -Sun Aug 16 19:48:42 1998 Johan Danielsson - - * lib/krb5/crypto.c (hmac): fix some peculiarities and bugs - (get_checksum_key): assume usage is `formatted' - (create_checksum,verify_checksum): moved the guts of the krb5_* - functions here, both take `formatted' key-usages - (encrypt_internal_derived): fix various bogosities - (derive_key): drop key_type parameter (already given by the - encryption_type) - - * kdc/kerberos5.c (check_flags): handle case where client is NULL - - * kdc/connect.c (process_request): return zero after processing - kerberos 4 request - -Sun Aug 16 18:38:15 1998 Johan Danielsson - - * lib/krb5/crypto.c: merge x-*.[ch] into one file - - * lib/krb5/cache.c: remove residual from krb5_ccache_data - -Fri Aug 14 16:28:23 1998 Johan Danielsson - - * lib/krb5/x-crypto.c (derive_key): move DES3 specific code to - separate function (will eventually end up someplace else) - - * lib/krb5/x-crypto.c (krb5_string_to_key_derived): allocate key - - * configure.in, acconfig.h: test for four valued krb_put_int - -Thu Aug 13 23:46:29 1998 Assar Westerlund - - * Release 0.0t - -Thu Aug 13 22:40:17 1998 Assar Westerlund - - * lib/krb5/config_file.c (parse_binding): remove trailing - whitespace - -Wed Aug 12 20:15:11 1998 Johan Danielsson - - * lib/krb5/x-checksum.c (krb5_verify_checksum): pass checksum type - to krb5_create_checksum - - * lib/krb5/x-key.c: implement DES3_string_to_key_derived; fix a - few typos - -Wed Aug 5 12:39:54 1998 Assar Westerlund - - * Release 0.0s - -Thu Jul 30 23:12:17 1998 Assar Westerlund - - * lib/krb5/mk_error.c (krb5_mk_error): realloc until you die - -Thu Jul 23 19:49:03 1998 Johan Danielsson - - * kdc/kdc_locl.h: proto for `get_des_key' - - * configure.in: test for four valued el_init - - * kuser/klist.c: keytype -> enctype - - * kpasswd/kpasswdd.c (change): use new `krb5_string_to_key*' - - * kdc/hprop.c (v4_prop, ka_convert): convert to a set of keys - - * kdc/kaserver.c: use `get_des_key' - - * kdc/524.c: use new crypto api - - * kdc/kerberos4.c: use new crypto api - - * kdc/kerberos5.c: always treat keytypes as enctypes; use new - crypto api - - * kdc/kstash.c: adapt to new crypto api - - * kdc/string2key.c: adapt to new crypto api - - * admin/srvconvert.c: add keys for all possible enctypes - - * admin/ktutil.c: keytype -> enctype - - * lib/gssapi/init_sec_context.c: get enctype from auth_context - keyblock - - * lib/hdb/hdb.c: remove hdb_*_keytype2key - - * lib/kadm5/set_keys.c: adapt to new crypto api - - * lib/kadm5/rename_s.c: adapt to new crypto api - - * lib/kadm5/get_s.c: adapt to new crypto api - - * lib/kadm5/create_s.c: add keys for des-cbc-crc, des-cbc-md4, - des-cbc-md5, and des3-cbc-sha1 - - * lib/krb5/heim_err.et: error message for unsupported salt - - * lib/krb5/codec.c: short-circuit these functions, since they are - not needed any more - - * lib/krb5/rd_safe.c: cleanup and adapt to new crypto api - -Mon Jul 13 23:00:59 1998 Assar Westerlund - - * lib/krb5/send_to_kdc.c (krb5_sendto_kdc): don't advance - hostent->h_addr_list, use a copy instead - -Mon Jul 13 15:00:31 1998 Johan Danielsson - - * lib/krb5/config_file.c (parse_binding, parse_section): make sure - everything is ok before adding to linked list - - * lib/krb5/config_file.c: skip ws before checking for comment - -Wed Jul 8 10:45:45 1998 Johan Danielsson - - * lib/asn1/k5.asn1: hmac-sha1-des3 = 12 - -Tue Jun 30 18:08:05 1998 Assar Westerlund - - * lib/krb5/send_to_kdc.c (krb5_sendto_kdc): do not close the - unopened file - - * lib/krb5/mk_priv.c: realloc correctly - - * lib/krb5/get_addrs.c (find_all_addresses): init j - - * lib/krb5/context.c (krb5_init_context): print error if parsing - of config file produced an error. - - * lib/krb5/config_file.c (parse_list, krb5_config_parse_file): - ignore more spaces - - * lib/krb5/codec.c (krb5_encode_EncKrbCredPart, - krb5_encode_ETYPE_INFO): initialize `ret' - - * lib/krb5/build_auth.c (krb5_build_authenticator): realloc - correctly - - * lib/kadm5/set_keys.c (_kadm5_set_keys): initialize `ret' - - * lib/kadm5/init_c.c (get_cred_cache): try to do the right thing - with default_client - - * kuser/kinit.c (main): initialize `ticket_life' - - * kdc/kerberos5.c (get_pa_etype_info): initialize `ret' - (tgs_rep2): initialize `krbtgt' - - * kdc/connect.c (do_request): check for errors from `sendto' - - * kdc/524.c (do_524): initialize `ret' - - * kadmin/util.c (foreach_principal): don't clobber `ret' - - * kadmin/del.c (del_entry): don't apply on zeroth argument - - * kadmin/cpw.c (do_cpw_entry): initialize `ret' - -Sat Jun 13 04:14:01 1998 Assar Westerlund - - * Release 0.0r - -Sun Jun 7 04:13:14 1998 Assar Westerlund - - * lib/krb5/addr_families.c: fall-back definition of - IN6_ADDR_V6_TO_V4 - - * configure.in: only set CFLAGS if it wasn't set look for - dn_expand and res_search - -Mon Jun 1 21:28:07 1998 Assar Westerlund - - * configure.in: remove duplicate seteuid - -Sat May 30 00:19:51 1998 Johan Danielsson - - * lib/krb5/convert_creds.c: import _krb_time_to_life, to avoid - runtime dependencies on libkrb with some shared library - implementations - -Fri May 29 00:09:02 1998 Johan Danielsson - - * kuser/kinit_options.c: Default options for kinit. - - * kuser/kauth_options.c: Default options for kauth. - - * kuser/kinit.c: Implement lots a new options. - - * kdc/kerberos5.c (check_tgs_flags): make sure kdc-req-body->rtime - is not NULL; set endtime to min of new starttime + old_life, and - requested endtime - - * lib/krb5/init_creds_pw.c (get_init_creds_common): if the - forwardable or proxiable flags are set in options, set the - kdc-flags to the value specified, and not always to one - -Thu May 28 21:28:06 1998 Johan Danielsson - - * kdc/kerberos5.c: Optionally compare client address to addresses - in ticket. - - * kdc/connect.c: Pass client address to as_rep() and tgs_rep(). - - * kdc/config.c: Add check_ticket_addresses, and - allow_null_ticket_addresses variables. - -Tue May 26 14:03:42 1998 Johan Danielsson - - * lib/kadm5/create_s.c: possibly make DES keys version 4 salted - - * lib/kadm5/set_keys.c: check config file for kadmin/use_v4_salt - before zapping version 4 salts - -Sun May 24 05:22:17 1998 Assar Westerlund - - * Release 0.0q - - * lib/krb5/aname_to_localname.c: new file - - * lib/gssapi/init_sec_context.c (repl_mutual): no output token - - * lib/gssapi/display_name.c (gss_display_name): zero terminate - output. - -Sat May 23 19:11:07 1998 Assar Westerlund - - * lib/gssapi/display_status.c: new file - - * Makefile.am: send -I to aclocal - - * configure.in: remove duplicate setenv - -Sat May 23 04:55:19 1998 Johan Danielsson - - * kadmin/util.c (foreach_principal): Check for expression before - wading through the whole database. - - * kadmin/kadmin.c: Pass NULL password to - kadm5_*_init_with_password. - - * lib/kadm5/init_c.c: Implement init_with_{skey,creds}*. Make use - of `password' parameter to init_with_password. - - * lib/kadm5/init_s.c: implement init_with_{skey,creds}* - - * lib/kadm5/server.c: Better arguments for - kadm5_init_with_password. - -Sat May 16 07:10:36 1998 Assar Westerlund - - * kdc/hprop.c: conditionalize ka-server reading support on - KASERVER_DB - - * configure.in: new option `--enable-kaserver-db' - -Fri May 15 19:39:18 1998 Johan Danielsson - - * lib/krb5/get_cred.c: Better error if local tgt couldn't be - found. - -Tue May 12 21:11:02 1998 Assar Westerlund - - * Release 0.0p - - * lib/krb5/mk_req_ext.c (krb5_mk_req_extended): only set - encryption type in auth_context if it's compatible with the type - of the session key - -Mon May 11 21:11:14 1998 Johan Danielsson - - * kdc/hprop.c: add support for ka-server databases - - * appl/ftp/ftpd: link with -lcrypt, if needed - -Fri May 1 07:29:52 1998 Assar Westerlund - - * configure.in: don't test for winsock.h - -Sat Apr 18 21:43:11 1998 Johan Danielsson - - * Release 0.0o - -Sat Apr 18 00:31:11 1998 Johan Danielsson - - * lib/krb5/sock_principal.c: Save hostname. - -Sun Apr 5 11:29:45 1998 Johan Danielsson - - * lib/krb5/mk_req_ext.c: Use same enctype as in ticket. - - * kdc/hprop.c (v4_prop): Check for null key. - -Fri Apr 3 03:54:54 1998 Johan Danielsson - - * lib/krb5/str2key.c: Fix DES3 string-to-key. - - * lib/krb5/keytab.c: Get default keytab name from context. - - * lib/krb5/context.c: Get `default_keytab_name' value. - - * kadmin/util.c (foreach_principal): Print error message if - `kadm5_get_principals' fails. - - * kadmin/kadmind.c: Use `kadmind_loop'. - - * lib/kadm5/server.c: Replace several other functions with - `kadmind_loop'. - -Sat Mar 28 09:49:18 1998 Assar Westerlund - - * lib/krb5/keytab.c (fkt_add_entry): use an explicit seek instead - of O_APPEND - - * configure.in: generate ftp Makefiles - - * kuser/klist.c (print_cred_verbose): print IPv4-address in a - portable way. - - * admin/srvconvert.c (srvconv): return 0 if successful - -Tue Mar 24 00:40:33 1998 Johan Danielsson - - * lib/krb5/keytab.c: MIT compatible changes: add and use sizes to - keytab entries, and change default keytab to `/etc/krb5.keytab'. - -Mon Mar 23 23:43:59 1998 Johan Danielsson - - * lib/gssapi/wrap.c: Use `gss_krb5_getsomekey'. - - * lib/gssapi/unwrap.c: Implement and use `gss_krb5_getsomekey'. - Fix bug in checking of pad. - - * lib/gssapi/{un,}wrap.c: Add support for just integrity - protecting data. - - * lib/gssapi/accept_sec_context.c: Use - `gssapi_krb5_verify_8003_checksum'. - - * lib/gssapi/8003.c: Implement `gssapi_krb5_verify_8003_checksum'. - - * lib/gssapi/init_sec_context.c: Zero cred, and store session key - properly in auth-context. - -Sun Mar 22 00:47:22 1998 Johan Danielsson - - * lib/kadm5/delete_s.c: Check immutable bit. - - * kadmin/kadmin.c: Pass client name to kadm5_init. - - * lib/kadm5/init_c.c: Get creds for client name passed in. - - * kdc/hprop.c (v4_prop): Check for `changepw.kerberos'. - -Sat Mar 21 22:57:13 1998 Johan Danielsson - - * lib/krb5/mk_error.c: Verify that error_code is in the range - [0,127]. - - * kdc/kerberos5.c: Move checking of principal flags to new - function `check_flags'. - -Sat Mar 21 14:38:51 1998 Assar Westerlund - - * lib/kadm5/get_s.c (kadm5_s_get_principal): handle an empty salt - - * configure.in: define SunOS if running solaris - -Sat Mar 21 00:26:34 1998 Johan Danielsson - - * lib/kadm5/server.c: Unifdef test for same principal when - changing password. - - * kadmin/util.c: If kadm5_get_principals failes, we might still be - able to perform the requested opreration (for instance someone if - trying to change his own password). - - * lib/kadm5/init_c.c: Try to get ticket via initial request, if - not possible via tgt. - - * lib/kadm5/server.c: Check for principals changing their own - passwords. - - * kdc/kerberos5.c (tgs_rep2): check for interesting flags on - involved principals. - - * kadmin/util.c: Fix order of flags. - -Thu Mar 19 16:54:10 1998 Johan Danielsson - - * kdc/kerberos4.c: Return sane error code if krb_rd_req fails. - -Wed Mar 18 17:11:47 1998 Assar Westerlund - - * acconfig.h: rename HAVE_STRUCT_SOCKADDR_IN6 to HAVE_IPV6 - -Wed Mar 18 09:58:18 1998 Johan Danielsson - - * lib/krb5/get_in_tkt_with_keytab.c (krb5_keytab_key_proc): don't - free keyseed; use correct keytab - -Tue Mar 10 09:56:16 1998 Assar Westerlund - - * acinclude.m4 (AC_KRB_IPV6): rewrote to avoid false positives - -Mon Mar 16 23:58:23 1998 Johan Danielsson - - * Release 0.0n - -Fri Mar 6 00:41:30 1998 Johan Danielsson - - * lib/gssapi/{accept_sec_context,release_cred}.c: Use - krb5_kt_close/krb5_kt_resolve. - - * lib/krb5/principal.c (krb5_425_conv_principal_ext): Use resolver - to lookup hosts, so CNAMEs can be ignored. - - * lib/krb5/send_to_kdc.c (krb5_sendto_kdc, send_and_recv_http): - Add support for using proxy. - - * lib/krb5/context.c: Initialize `http_proxy' from - `libdefaults/http_proxy'. - - * lib/krb5/krb5.h: Add `http_proxy' to context. - - * lib/krb5/send_to_kdc.c: Recognize `http/' and `udp/' as protocol - specifications. - -Wed Mar 4 01:47:29 1998 Johan Danielsson - - * admin/ktutil.c: Implement `add' and `remove' functions. Make - `--keytab' a global option. - - * lib/krb5/keytab.c: Implement remove with files. Add memory - operations. - -Tue Mar 3 20:09:59 1998 Johan Danielsson - - * lib/krb5/keytab.c: Use function pointers. - - * admin: Remove kdb_edit. - -Sun Mar 1 03:28:42 1998 Assar Westerlund - - * lib/kadm5/dump_log.c: print operation names - -Sun Mar 1 03:04:12 1998 Assar Westerlund - - * configure.in: add X-tests, and {bin,...}dir appl/{kx,kauth} - - * lib/krb5/build_auth.c,mk_priv.c,rd_safe.c,mk_safe.c,mk_rep.c: - remove arbitrary limit - - * kdc/hprop-common.c: use krb5_{read,write}_message - - * lib/kadm5/ipropd_master.c (send_diffs): more careful use - krb5_{write,read}_message - - * lib/kadm5/ipropd_slave.c (get_creds): get credentials for - `iprop/master' directly. - (main): use `krb5_read_message' - -Sun Mar 1 02:05:11 1998 Johan Danielsson - - * kadmin/kadmin.c: Cleanup commands list, and add help strings. - - * kadmin/get.c: Add long, short, and terse (equivalent to `list') - output formats. Short is the default. - - * kadmin/util.c: Add `include_time' flag to timeval2str. - - * kadmin/init.c: Max-life and max-renew can, infact, be zero. - - * kadmin/{cpw,del,ext,get}.c: Use `foreach_principal'. - - * kadmin/util.c: Add function `foreach_principal', that loops over - all principals matching an expression. - - * kadmin/kadmin.c: Add usage string to `privileges'. - - * lib/kadm5/get_princs_s.c: Also try to match aganist the - expression appended with `@default-realm'. - - * lib/krb5/principal.c: Add `krb5_unparse_name_fixed_short', that - excludes the realm if it's the same as the default realm. - -Fri Feb 27 05:02:21 1998 Assar Westerlund - - * configure.in: more WFLAGS and WFLAGS_NOUNUSED added missing - headers and functions error -> com_err - - (krb5_get_init_creds_keytab): use krb5_keytab_key_proc - - * lib/krb5/get_in_tkt_with_keytab.c: make `krb5_keytab_key_proc' - global - - * lib/kadm5/marshall.c (ret_principal_ent): set `n_tl_data' - - * lib/hdb/ndbm.c: use `struct ndbm_db' everywhere. - -Fri Feb 27 04:49:24 1998 Assar Westerlund - - * lib/krb5/mk_priv.c (krb5_mk_priv): bump static limit to 10240. - This should be fixed the correct way. - - * lib/kadm5/ipropd_master.c (check_acl:) truncate buf correctly - (send_diffs): compare versions correctly - (main): reorder handling of events - - * lib/kadm5/log.c (kadm5_log_previous): avoid bad type conversion - -Thu Feb 26 02:22:35 1998 Assar Westerlund - - * lib/kadm5/ipropd_{slave,master}.c: new files - - * lib/kadm5/log.c (kadm5_log_get_version): take an `fd' as - argument - - * lib/krb5/krb5.h (krb5_context_data): `et_list' should be `struct - et_list *' - - * aux/make-proto.pl: Should work with perl4 - -Mon Feb 16 17:20:22 1998 Johan Danielsson - - * lib/krb5/krb5_locl.h: Remove (it gets included via - {asn1,krb5}_err.h). - -Thu Feb 12 03:28:40 1998 Assar Westerlund - - * lib/krb5/get_in_tkt.c (_krb5_extract_ticket): if time difference - is larger than max_skew, return KRB5KRB_AP_ERR_SKEW - - * lib/kadm5/log.c (get_version): globalize - - * lib/kadm5/kadm5_locl.h: include - - * lib/asn1/Makefile.am: add PA_KEY_INFO and PA_KEY_INFO_ENTRY - - * kdc/kerberos5.c (get_pa_etype_info): remove gcc-ism of - initializing local struct in declaration. - -Sat Jan 31 17:28:58 1998 Johan Danielsson - - * kdc/524.c: Use krb5_decode_EncTicketPart. - - * kdc/kerberos5.c: Check at runtime whether to use enctypes - instead of keytypes. If so use the same value to encrypt ticket, - and kdc-rep as well as `keytype' for session key. Fix some obvious - bugs with the handling of additional tickets. - - * lib/krb5/rd_req.c: Use krb5_decode_EncTicketPart, and - krb5_decode_Authenticator. - - * lib/krb5/rd_rep.c: Use krb5_decode_EncAPRepPart. - - * lib/krb5/rd_cred.c: Use krb5_decode_EncKrbCredPart. - - * lib/krb5/mk_rep.c: Make sure enc_part.etype is an encryption - type, and not a key type. Use krb5_encode_EncAPRepPart. - - * lib/krb5/init_creds_pw.c: Use krb5_decode_PA_KEY_INFO. - - * lib/krb5/get_in_tkt.c: Use krb5_decode_Enc{AS,TGS}RepPart. - - * lib/krb5/get_for_creds.c: Use krb5_encode_EncKrbCredPart. - - * lib/krb5/get_cred.c: Use krb5_decode_Enc{AS,TGS}RepPart. - - * lib/krb5/build_auth.c: Use krb5_encode_Authenticator. - - * lib/krb5/codec.c: Enctype conversion stuff. - - * lib/krb5/context.c: Ignore KRB5_CONFIG if *not* running - setuid. Get configuration for libdefaults ktype_is_etype, and - default_etypes. - - * lib/krb5/encrypt.c: Add krb5_string_to_etype, rename - krb5_convert_etype to krb5_decode_keytype, and add - krb5_decode_keyblock. - -Fri Jan 23 00:32:09 1998 Johan Danielsson - - * lib/krb5/{get_in_tkt,rd_req}.c: Use krb5_convert_etype. - - * lib/krb5/encrypt.c: Add krb5_convert_etype function - converts - from protocol keytypes (that really are enctypes) to internal - representation. - -Thu Jan 22 21:24:36 1998 Johan Danielsson - - * lib/asn1/k5.asn1: Add PA-KEY-INFO structure to hold information - on keys in the database; and also a new `pa-key-info' padata-type. - - * kdc/kerberos5.c: If pre-authentication fails, return a list of - keytypes, salttypes, and salts. - - * lib/krb5/init_creds_pw.c: Add better support for - pre-authentication, by looking at hints from the KDC. - - * lib/krb5/get_in_tkt.c: Add better support for specifying what - pre-authentication to use. - - * lib/krb5/str2key.c: Merge entries for KEYTYPE_DES and - KEYTYPE_DES_AFS3. - - * lib/krb5/krb5.h: Add pre-authentication structures. - - * kdc/connect.c: Don't fail if realloc(X, 0) returns NULL. - -Wed Jan 21 06:20:40 1998 Assar Westerlund - - * lib/kadm5/init_s.c (kadm5_s_init_with_password_ctx): initialize - `log_context.socket_name' and `log_context.socket_fd' - - * lib/kadm5/log.c (kadm5_log_flush): send a unix domain datagram - to inform the possible running ipropd of an update. - -Wed Jan 21 01:34:09 1998 Johan Danielsson - - * lib/krb5/get_in_tkt.c: Return error-packet to caller. - - * lib/krb5/free.c (krb5_free_kdc_rep): Free krb5_kdc_rep->error. - - * kdc/kerberos5.c: Add some support for using enctypes instead of - keytypes. - - * lib/krb5/get_cred.c: Fixes to send authorization-data to the - KDC. - - * lib/krb5/build_auth.c: Only generate local subkey if there is - none. - - * lib/krb5/krb5.h: Add krb5_authdata type. - - * lib/krb5/auth_context.c: Add - krb5_auth_con_set{,localsub,remotesub}key. - - * lib/krb5/init_creds_pw.c: Return some error if prompter - functions return failure. - -Wed Jan 21 01:16:13 1998 Assar Westerlund - - * kpasswd/kpasswd.c: detect bad password. use krb5_err. - - * kadmin/util.c (edit_entry): remove unused variables - -Tue Jan 20 22:58:31 1998 Assar Westerlund - - * kuser/kinit.c: rename `-s' to `-S' to be MIT-compatible. - - * lib/kadm5/kadm5_locl.h: add kadm5_log_context and - kadm5_log*-functions - - * lib/kadm5/create_s.c (kadm5_s_create_principal): add change to - log - - * lib/kadm5/rename_s.c (kadm5_s_rename_principal): add change to - log - - * lib/kadm5/init_s.c (kadm5_s_init_with_password_ctx): initialize - log_context - - * lib/kadm5/delete_s.c (kadm5_s_delete_principal): add change to - log - - * lib/kadm5/modify_s.c (kadm5_s_modify_principal): add change to - log - - * lib/kadm5/randkey_s.c (kadm5_s_randkey_principal): add change to - log - - * lib/kadm5/chpass_s.c (kadm5_s_chpass_principal): add change to - log - - * lib/kadm5/Makefile.am: add log.c, dump_log and replay_log - - * lib/kadm5/replay_log.c: new file - - * lib/kadm5/dump_log.c: new file - - * lib/kadm5/log.c: new file - - * lib/krb5/str2key.c (get_str): initialize pad space to zero - - * lib/krb5/config_file.c (krb5_config_vget_next): handle c == NULL - - * kpasswd/kpasswdd.c: rewritten to use the kadm5 API - - * kpasswd/Makefile.am: link with kadm5srv - - * kdc/kerberos5.c (tgs_rep): initialize `i' - - * kadmin/kadmind.c (main): use kadm5_server_{send,recv}_sp - - * include/Makefile.am: added admin.h - -Sun Jan 18 01:41:34 1998 Johan Danielsson - - * lib/asn1/gen_copy.c: Don't return ENOMEM if allocating 0 bytes. - - * lib/krb5/mcache.c (mcc_store_cred): restore linked list if - copy_creds fails. - -Tue Jan 6 04:17:56 1998 Assar Westerlund - - * lib/kadm5/server.c: add kadm5_server_{send,recv}{,_sp} - - * lib/kadm5/marshall.c: add kadm5_{store,ret}_principal_ent_mask. - - * lib/kadm5/init_c.c (kadm5_c_init_with_password_ctx): use - krb5_getportbyname - - * kadmin/kadmind.c (main): htons correctly. - moved kadm5_server_{recv,send} - - * kadmin/kadmin.c (main): only set admin_server if explicitly - given - -Mon Jan 5 23:34:44 1998 Johan Danielsson - - * lib/hdb/ndbm.c: Implement locking of database. - - * kdc/kerberos5.c: Process AuthorizationData. - -Sat Jan 3 22:07:07 1998 Johan Danielsson - - * kdc/string2key.c: Use AFS string-to-key from libkrb5. - - * lib/krb5/get_in_tkt.c: Handle pa-afs3-salt case. - - * lib/krb5/krb5.h: Add value for AFS salts. - - * lib/krb5/str2key.c: Add support for AFS string-to-key. - - * lib/kadm5/rename_s.c: Use correct salt. - - * lib/kadm5/ent_setup.c: Always enable client. Only set max-life - and max-renew if != 0. - - * lib/krb5/config_file.c: Add context to all krb5_config_*get_*. - -Thu Dec 25 17:03:25 1997 Assar Westerlund - - * kadmin/ank.c (ank): don't zero password if --random-key was - given. - -Tue Dec 23 01:56:45 1997 Assar Westerlund - - * Release 0.0m - - * lib/kadm5/ent_setup.c (attr_to_flags): try to set `client' - - * kadmin/util.c (edit_time): only set mask if != 0 - (edit_attributes): only set mask if != 0 - - * kadmin/init.c (init): create `default' - -Sun Dec 21 09:44:05 1997 Assar Westerlund - - * kadmin/util.c (str2deltat, str2attr, get_deltat): return value - as pointer and have return value indicate success. - - (get_response): check NULL from fgets - - (edit_time, edit_attributes): new functions for reading values and - offering list of answers on '?' - - (edit_entry): use edit_time and edit_attributes - - * kadmin/ank.c (add_new_key): test the return value of - `krb5_parse_name' - - * kdc/kerberos5.c (tgs_check_authenticator): RFC1510 doesn't say - that the checksum has to be keyed, even though later drafts do. - Accept unkeyed checksums to be compatible with MIT. - - * kadmin/kadmin_locl.h: add some prototypes. - - * kadmin/util.c (edit_entry): return a value - - * appl/afsutil/afslog.c (main): return a exit code. - - * lib/krb5/get_cred.c (init_tgs_req): use krb5_keytype_to_enctypes - - * lib/krb5/encrypt.c (krb5_keytype_to_enctypes): new function. - - * lib/krb5/build_auth.c (krb5_build_authenticator): use - krb5_{free,copy}_keyblock instead of the _contents versions - -Fri Dec 12 14:20:58 1997 Johan Danielsson - - * lib/krb5/{mk,rd}_priv.c: fix check for local/remote subkey - -Mon Dec 8 08:48:09 1997 Johan Danielsson - - * lib/krb5/context.c: don't look at KRB5_CONFIG if running setuid - -Sat Dec 6 10:09:40 1997 Johan Danielsson - - * lib/krb5/keyblock.c (krb5_free_keyblock): check for NULL - keyblock - -Sat Dec 6 08:26:10 1997 Assar Westerlund - - * Release 0.0l - -Thu Dec 4 03:38:12 1997 Johan Danielsson - - * lib/krb5/send_to_kdc.c: Add TCP client support. - - * lib/krb5/store.c: Add k_{put,get}_int. - - * kadmin/ank.c: Set initial kvno to 1. - - * kdc/connect.c: Send version 5 TCP-reply as length+data. - -Sat Nov 29 07:10:11 1997 Assar Westerlund - - * lib/krb5/rd_req.c (krb5_rd_req): fixed obvious bug - - * kdc/kaserver.c (create_reply_ticket): use a random nonce in the - reply packet. - - * kdc/connect.c (init_sockets): less reallocing. - - * **/*.c: changed `struct fd_set' to `fd_set' - -Sat Nov 29 05:12:01 1997 Johan Danielsson - - * lib/krb5/get_default_principal.c: More guessing. - -Thu Nov 20 02:55:09 1997 Johan Danielsson - - * lib/krb5/rd_req.c: Use principal from ticket if no server is - given. - -Tue Nov 18 02:58:02 1997 Johan Danielsson - - * kuser/klist.c: Use krb5_err*(). - -Sun Nov 16 11:57:43 1997 Johan Danielsson - - * kadmin/kadmin.c: Add local `init', `load', `dump', and `merge' - commands. - -Sun Nov 16 02:52:20 1997 Assar Westerlund - - * lib/krb5/mk_req_ext.c (krb5_mk_req_ext): figure out the correct - `enctype' - - * lib/krb5/mk_req.c (krb5_mk_req): use `(*auth_context)->enctype' - if set. - - * lib/krb5/get_cred.c: handle the case of a specific keytype - - * lib/krb5/build_auth.c (krb5_build_authenticator): enctype as a - parameter instead of guessing it. - - * lib/krb5/build_ap_req.c (krb5_build_ap_req): new parameter - `enctype' - - * appl/test/common.c (common_setup): don't use `optarg' - - * lib/krb5/keytab.c (krb5_kt_copy_entry_contents): new function - (krb5_kt_get_entry): retrieve the latest version if kvno == 0 - - * lib/krb5/krb5.h: define KRB5_TC_MATCH_KEYTYPE - - * lib/krb5/creds.c (krb5_compare_creds): check for - KRB5_TC_MATCH_KEYTYPE - - * lib/gssapi/8003.c (gssapi_krb5_create_8003_checksum): remove - unused variable - - * lib/krb5/creds.c (krb5_copy_creds_contents): only free the - contents if we fail. - -Sun Nov 16 00:32:48 1997 Johan Danielsson - - * kpasswd/kpasswdd.c: Get password expiration time from config - file. - - * lib/asn1/{der_get,gen_decode}.c: Allow passing NULL size. - -Wed Nov 12 02:35:57 1997 Assar Westerlund - - * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): - restructured and fixed. - - * lib/krb5/addr_families.c (krb5_h_addr2addr): new function. - -Wed Nov 12 01:36:01 1997 Johan Danielsson - - * lib/krb5/get_addrs.c: Fall back to hostname's addresses if other - methods fail. - -Tue Nov 11 22:22:12 1997 Johan Danielsson - - * kadmin/kadmin.c: Add `-l' flag to use local database. - - * lib/kadm5/acl.c: Use KADM5_PRIV_ALL. - - * lib/kadm5: Use function pointer trampoline for easier dual use - (without radiation-hardening capability). - -Tue Nov 11 05:15:22 1997 Assar Westerlund - - * lib/krb5/encrypt.c (krb5_etype_valid): new function - - * lib/krb5/creds.c (krb5_copy_creds_contents): zero target - - * lib/krb5/context.c (valid_etype): remove - - * lib/krb5/checksum.c: remove dead code - - * lib/krb5/changepw.c (send_request): free memory on error. - - * lib/krb5/build_ap_req.c (krb5_build_ap_req): check return value - from malloc. - - * lib/krb5/auth_context.c (krb5_auth_con_init): free memory on - failure correctly. - (krb5_auth_con_setaddrs_from_fd): return error correctly. - - * lib/krb5/get_in_tkt_with_{keytab,skey}.c: new files - -Tue Nov 11 02:53:19 1997 Johan Danielsson - - * lib/krb5/auth_context.c: Implement auth_con_setuserkey. - - * lib/gssapi/init_sec_context.c: Use krb5_auth_con_getkey. - - * lib/krb5/keyblock.c: Rename krb5_free_keyblock to - krb5_free_keyblock_contents, and reimplement krb5_free_keyblock. - - * lib/krb5/rd_req.c: Use auth_context->keyblock if - ap_options.use_session_key. - -Tue Nov 11 02:35:17 1997 Assar Westerlund - - * lib/krb5/net_{read,write}.c: change `int fd' to `void *p_fd'. - fix callers. - - * lib/krb5/krb5_locl.h: include and - - * include/Makefile.am: add xdbm.h - -Tue Nov 11 01:58:22 1997 Johan Danielsson - - * lib/krb5/get_cred.c: Implement krb5_get_cred_from_kdc. - -Mon Nov 10 22:41:53 1997 Johan Danielsson - - * lib/krb5/ticket.c: Implement copy_ticket. - - * lib/krb5/get_in_tkt.c: Make `options' parameter MIT-compatible. - - * lib/krb5/data.c: Implement free_data and copy_data. - -Sun Nov 9 02:17:27 1997 Johan Danielsson - - * lib/kadm5: Implement kadm5_get_privs, and kadm5_get_principals. - - * kadmin/kadmin.c: Add get_privileges function. - - * lib/kadm5: Rename KADM5_ACL_* -> KADM5_PRIV_* to conform with - specification. - - * kdc/connect.c: Exit if no sockets could be bound. - - * kadmin/kadmind.c: Check return value from krb5_net_read(). - - * lib/kadm5,kadmin: Fix memory leaks. - -Fri Nov 7 02:45:26 1997 Johan Danielsson - - * lib/kadm5/create_s.c: Get some default values from `default' - principal. - - * lib/kadm5/ent_setup.c: Add optional default entry to get some - values from. - -Thu Nov 6 00:20:41 1997 Johan Danielsson - - * lib/error/compile_et.awk: Remove generated destroy_*_error_table - prototype - - * kadmin/kadmind.c: Crude admin server. - - * kadmin/kadmin.c: Update to use remote protocol. - - * kadmin/get.c: Fix principal formatting. - - * lib/kadm5: Add client support. - - * lib/kadm5/error.c: Error code mapping. - - * lib/kadm5/server.c: Kadmind support function. - - * lib/kadm5/marshall.c: Kadm5 marshalling. - - * lib/kadm5/acl.c: Simple acl system. - - * lib/kadm5/kadm5_locl.h: Add client stuff. - - * lib/kadm5/init_s.c: Initialize acl. - - * lib/kadm5/*: Return values. - - * lib/kadm5/create_s.c: Correct kvno. - -Wed Nov 5 22:06:50 1997 Johan Danielsson - - * lib/krb5/log.c: Fix parsing of log destinations. - -Mon Nov 3 20:33:55 1997 Johan Danielsson - - * lib/krb5/principal.c: Reduce number of reallocs in unparse_name. - -Sat Nov 1 01:40:53 1997 Johan Danielsson - - * kadmin: Simple kadmin utility. - - * admin/ktutil.c: Print keytype. - - * lib/kadm5/get_s.c: Set correct n_key_data. - - * lib/kadm5/init_s.c: Add kadm5_s_init_with_password_ctx. Use - master key. - - * lib/kadm5/destroy_s.c: Check for allocated context. - - * lib/kadm5/{create,chpass}_s.c: Use _kadm5_set_keys(). - -Sat Nov 1 00:21:00 1997 Assar Westerlund - - * configure.in: test for readv, writev - -Wed Oct 29 23:41:26 1997 Assar Westerlund - - * lib/krb5/warn.c (_warnerr): handle the case of an illegal error - code - - * kdc/kerberos5.c (encode_reply): return success - -Wed Oct 29 18:01:59 1997 Johan Danielsson - - * kdc/kerberos5.c (find_etype) Return correct index of selected - etype. - -Wed Oct 29 04:07:06 1997 Assar Westerlund - - * Release 0.0k - - * lib/krb5/context.c (krb5_init_context): support `KRB5_CONFIG' - environment variable - - * *: use the roken_get*-macros from roken.h for the benefit of - Crays. - - * configure.in: add --{enable,disable}-otp. check for compatible - prototypes for gethostbyname, gethostbyaddr, getservbyname, and - openlog (they have strange prototypes on Crays) - - * acinclude.m4: new macro `AC_PROTO_COMPAT' - -Tue Oct 28 00:11:22 1997 Johan Danielsson - - * kdc/connect.c: Log bad requests. - - * kdc/kerberos5.c: Move stuff that's in common between as_rep and - tgs_rep to separate functions. - - * kdc/kerberos5.c: Fix user-to-user authentication. - - * lib/krb5/get_cred.c: Some restructuring of krb5_get_credentials: - - add a kdc-options argument to krb5_get_credentials, and rename - it to krb5_get_credentials_with_flags - - honour the KRB5_GC_CACHED, and KRB5_GC_USER_USER options - - add some more user-to-user glue - - * lib/krb5/rd_req.c: Move parts of krb5_verify_ap_req into a new - function, krb5_decrypt_ticket, so it is easier to decrypt and - check a ticket without having an ap-req. - - * lib/krb5/krb5.h: Add KRB5_GC_CACHED, and KRB5_GC_USER_USER - flags. - - * lib/krb5/crc.c (crc_init_table): Check if table is already - inited. - -Sun Oct 26 04:51:02 1997 Johan Danielsson - - * lib/asn1/der_get.c (der_get_length, fix_dce): Special-case - indefinite encoding. - - * lib/asn1/gen_glue.c (generate_units): Check for empty - member-list. - -Sat Oct 25 07:24:57 1997 Johan Danielsson - - * lib/error/compile_et.awk: Allow specifying table-base. - -Tue Oct 21 20:21:40 1997 Johan Danielsson - - * kdc/kerberos5.c: Check version number of krbtgt. - -Mon Oct 20 01:14:53 1997 Assar Westerlund - - * lib/krb5/prompter_posix.c (krb5_prompter_posix): implement the - case of unhidden prompts. - - * lib/krb5/str2key.c (string_to_key_internal): return error - instead of aborting. always free memory - - * admin/ktutil.c: add `help' command - - * admin/kdb_edit.c: implement new commands: add_random_key(ark), - change_password(cpw), change_random_key(crk) - -Thu Oct 16 05:16:36 1997 Assar Westerlund - - * kpasswd/kpasswdd.c: change all the keys in the database - - * kdc: removed all unsealing, now done by the hdb layer - - * lib/hdb/hdb.c: new functions `hdb_create', `hdb_set_master_key' - and `hdb_clear_master_key' - - * admin/misc.c: removed - -Wed Oct 15 22:47:31 1997 Assar Westerlund - - * kuser/klist.c: print year as YYYY iff verbose - -Wed Oct 15 20:02:13 1997 Johan Danielsson - - * kuser/klist.c: print etype from ticket - -Mon Oct 13 17:18:57 1997 Johan Danielsson - - * Release 0.0j - - * lib/krb5/get_cred.c: Get the subkey from mk_req so it can be - used to decrypt the reply from DCE secds. - - * lib/krb5/auth_context.c: Add {get,set}enctype. - - * lib/krb5/get_cred.c: Fix for DCE secd. - - * lib/krb5/store.c: Store keytype twice, as MIT does. - - * lib/krb5/get_in_tkt.c: Use etype from reply. - -Fri Oct 10 00:39:48 1997 Johan Danielsson - - * kdc/connect.c: check for leading '/' in http request - -Tue Sep 30 21:50:18 1997 Assar Westerlund - - * Release 0.0i - -Mon Sep 29 15:58:43 1997 Assar Westerlund - - * lib/krb5/rd_req.c (krb5_rd_req): redone because we don't know - the kvno or keytype before receiving the AP-REQ - - * lib/krb5/mk_safe.c (krb5_mk_safe): figure out what cksumtype to - use from the keytype. - - * lib/krb5/mk_req_ext.c (krb5_mk_req_extended): figure out what - cksumtype to use from the keytype. - - * lib/krb5/mk_priv.c (krb5_mk_priv): figure out what etype to use - from the keytype. - - * lib/krb5/keytab.c (krb5_kt_get_entry): check the keytype - - * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): figure out - what etype to use from the keytype. - - * lib/krb5/generate_seq_number.c (krb5_generate_seq_number): - handle other key types than DES - - * lib/krb5/encrypt.c (key_type): add `best_cksumtype' - (krb5_keytype_to_cksumtype): new function - - * lib/krb5/build_auth.c (krb5_build_authenticator): figure out - what etype to use from the keytype. - - * lib/krb5/auth_context.c (krb5_auth_con_init): set `cksumtype' - and `enctype' to 0 - - * admin/extkeytab.c (ext_keytab): extract all keys - - * appl/telnet/telnet/commands.c: INET6_ADDRSTRLEN kludge - - * configure.in: check for . check for -linet6 - -Tue Sep 23 03:00:53 1997 Assar Westerlund - - * lib/krb5/encrypt.c: fix checksumtype for des3-cbc-sha1 - - * lib/krb5/rd_safe.c: fix check for keyed and collision-proof - checksum - - * lib/krb5/context.c (valid_etype): remove hard-coded constants - (default_etypes): include DES3 - - * kdc/kerberos5.c: fix check for keyed and collision-proof - checksum - - * admin/util.c (init_des_key, set_password): DES3 keys also - - * lib/krb/send_to_kdc.c (krb5_sendto_kdc): no data returned means - no contact? - - * lib/krb5/addr_families.c: fix typo in `ipv6_anyaddr' - -Mon Sep 22 11:44:27 1997 Johan Danielsson - - * kdc/kerberos5.c: Somewhat fix the etype usage. The list sent by - the client is used to select wich key to encrypt the kdc rep with - (in case of as-req), and with the server info to select the - session key type. The server key the ticket is encrypted is based - purely on the keys in the database. - - * kdc/string2key.c: Add keytype support. Default to version 5 - keys. - - * lib/krb5/get_in_tkt.c: Fix a lot of etype/keytype misuse. - - * lib/krb5/encrypt.c: Add des3-cbc-md5, and des3-cbc-sha1. Add - many *_to_* functions. - - * lib/krb5/str2key.c: Add des3 string-to-key. Add ktype argument - to krb5_string_to_key(). - - * lib/krb5/checksum.c: Some cleanup, and added: - - rsa-md5-des3 - - hmac-sha1-des3 - - keyed and collision proof flags to each checksum method - - checksum<->string functions. - - * lib/krb5/generate_subkey.c: Use krb5_generate_random_keyblock. - -Sun Sep 21 15:19:23 1997 Assar Westerlund - - * kdc/connect.c: use new addr_families functions - - * kpasswd/kpasswdd.c: use new addr_families functions. Now works - over IPv6 - - * kuser/klist.c: use correct symbols for address families - - * lib/krb5/sock_principal.c: use new addr_families functions - - * lib/krb5/send_to_kdc.c: use new addr_families functions - - * lib/krb5/krb5.h: add KRB5_ADDRESS_INET6 - - * lib/krb5/get_addrs.c: use new addr_families functions - - * lib/krb5/changepw.c: use new addr_families functions. Now works - over IPv6 - - * lib/krb5/auth_context.c: use new addr_families functions - - * lib/krb5/addr_families.c: new file - - * acconfig.h: AC_SOCKADDR_IN6 -> AC_STRUCT_SOCKADDR_IN6. Updated - uses. - - * acinclude.m4: new macro `AC_KRB_IPV6'. Use it. - -Sat Sep 13 23:04:23 1997 Johan Danielsson - - * kdc/hprop.c: Don't encrypt twice. Complain on non-convertable - principals. - -Sat Sep 13 00:59:36 1997 Assar Westerlund - - * Release 0.0h - - * appl/telnet/telnet/commands.c: AF_INET6 support - - * admin/misc.c: new file - - * lib/krb5/context.c: new configuration variable `max_retries' - - * lib/krb5/get_addrs.c: fixes and better #ifdef's - - * lib/krb5/config_file.c: implement krb5_config_get_int - - * lib/krb5/auth_context.c, send_to_kdc.c, sock_principal.c: - AF_INET6 support - - * kuser/klist.c: support for printing IPv6-addresses - - * kdc/connect.c: support AF_INET6 - - * configure.in: test for gethostbyname2 and struct sockaddr_in6 - -Thu Sep 11 07:25:28 1997 Assar Westerlund - - * lib/asn1/k5.asn1: Use `METHOD-DATA' instead of `SEQUENCE OF - PA-DATA' - -Wed Sep 10 21:20:17 1997 Johan Danielsson - - * kdc/kerberos5.c: Fixes for cross-realm, including (but not - limited to): - - allow client to be non-existant (should probably check for - "local realm") - - if server isn't found and it is a request for a krbtgt, try to - find a realm on the way to the requested realm - - update the transited encoding iff - client-realm != server-realm != tgt-realm - - * lib/krb5/get_cred.c: Several fixes for cross-realm. - -Tue Sep 9 15:59:20 1997 Johan Danielsson - - * kdc/string2key.c: Fix password handling. - - * lib/krb5/encrypt.c: krb5_key_to_string - -Tue Sep 9 07:46:05 1997 Assar Westerlund - - * lib/krb5/get_addrs.c: rewrote. Now should be able to handle - aliases and IPv6 addresses - - * kuser/klist.c: try printing IPv6 addresses - - * kdc/kerberos5.c: increase the arbitrary limit from 1024 to 8192 - - * configure.in: check for - -Mon Sep 8 02:57:14 1997 Assar Westerlund - - * doc: fixes - - * admin/util.c (init_des_key): increase kvno - (set_password): return -1 if `des_read_pw_string' failed - - * admin/mod.c (doit2): check the return value from `set_password' - - * admin/ank.c (doit): don't add a new entry if `set_password' - failed - -Mon Sep 8 02:20:16 1997 Johan Danielsson - - * lib/krb5/verify_init.c: fix ap_req_nofail semantics - - * lib/krb5/transited.c: something that might resemble - domain-x500-compress - -Mon Sep 8 01:24:42 1997 Assar Westerlund - - * kdc/hpropd.c (main): check number of arguments - - * appl/popper/pop_init.c (pop_init): check number of arguments - - * kpasswd/kpasswd.c (main): check number of arguments - - * kdc/string2key.c (main): check number of arguments - - * kuser/kdestroy.c (main): check number of arguments - - * kuser/kinit.c (main): check number of arguments - - * kpasswd/kpasswdd.c (main): use sigaction without SA_RESTART to - break out of select when a signal arrives - - * kdc/main.c (main): use sigaction without SA_RESTART to break out - of select when a signal arrives - - * kdc/kstash.c: default to HDB_DB_DIR "/m-key" - - * kdc/config.c (configure): add `--version'. Check the number of - arguments. Handle the case of there being no specification of port - numbers. - - * admin/util.c: seal and unseal key at appropriate places - - * admin/kdb_edit.c (main): parse arguments, config file and read - master key iff there's one. - - * admin/extkeytab.c (ext_keytab): unseal key while extracting - -Sun Sep 7 20:41:01 1997 Assar Westerlund - - * lib/roken/roken.h: include - - * kdc/kerberos5.c (set_salt_padata): new function - - * appl/telnet/telnetd/telnetd.c: Rename some variables that - conflict with cpp symbols on HP-UX 10.20 - - * change all calls of `gethostbyaddr' to cast argument 1 to `const - char *' - - * acconfig.h: only use SGTTY on nextstep - -Sun Sep 7 14:33:50 1997 Johan Danielsson - - * kdc/kerberos5.c: Check invalid flag. - -Fri Sep 5 14:19:38 1997 Johan Danielsson - - * lib/krb5/verify_user.c: Use get_init_creds/verify_init_creds. - - * lib/kafs: Move functions common to krb/krb5 modules to new file, - and make things more modular. - - * lib/krb5/krb5.h: rename STRING -> krb5_config_string, and LIST - -> krb5_config_list - -Thu Sep 4 23:39:43 1997 Johan Danielsson - - * lib/krb5/get_addrs.c: Fix loopback test. - -Thu Sep 4 04:45:49 1997 Assar Westerlund - - * lib/roken/roken.h: fallback definition of `O_ACCMODE' - - * lib/krb5/get_in_tkt.c (krb5_get_in_cred): be more careful when - checking for a v4 reply - -Wed Sep 3 18:20:14 1997 Johan Danielsson - - * kdc/hprop.c: Add `--decrypt' and `--encrypt' flags. - - * lib/hdb/hdb.c: new {seal,unseal}_keys functions - - * kdc/{hprop,hpropd}.c: Add support to dump database to stdout. - - * kdc/hprop.c: Don't use same master key as version 4. - - * admin/util.c: Don't dump core if no `default' is found. - -Wed Sep 3 16:01:07 1997 Johan Danielsson - - * kdc/connect.c: Allow run time port specification. - - * kdc/config.c: Add flags for http support, and port - specifications. - -Tue Sep 2 02:00:03 1997 Assar Westerlund - - * include/bits.c: Don't generate ifndef's in bits.h. Instead, use - them when building the program. This makes it possible to include - bits.h without having defined all HAVE_INT17_T symbols. - - * configure.in: test for sigaction - - * doc: updated documentation. - -Tue Sep 2 00:20:31 1997 Johan Danielsson - - * Release 0.0g - -Mon Sep 1 17:42:14 1997 Johan Danielsson - - * lib/krb5/data.c: don't return ENOMEM if len == 0 - -Sun Aug 31 17:15:49 1997 Johan Danielsson - - * lib/hdb/hdb.asn1: Include salt type in salt. - - * kdc/hprop.h: Change port to 754. - - * kdc/hpropd.c: Verify who tries to transmit a database. - - * appl/popper: Use getarg and krb5_log. - - * lib/krb5/get_port.c: Add context parameter. Now takes port in - host byte order. - -Sat Aug 30 18:48:19 1997 Johan Danielsson - - * kdc/connect.c: Add timeout to select, and log about expired tcp - connections. - - * kdc/config.c: Add `database' option. - - * kdc/hpropd.c: Log about duplicate entries. - - * lib/hdb/{db,ndbm}.c: Use common routines. - - * lib/hdb/common.c: Implement more generic fetch/store/delete - functions. - - * lib/hdb/hdb.h: Add `replace' parameter to store. - - * kdc/connect.c: Set filedecriptor to -1 on allocated decriptor - entries. - -Fri Aug 29 03:13:23 1997 Assar Westerlund - - * lib/krb5/get_in_tkt.c: extract_ticket -> _krb5_extract_ticket - - * aux/make-proto.pl: fix __P for stone age mode - -Fri Aug 29 02:45:46 1997 Johan Danielsson - - * lib/45/mk_req.c: implementation of krb_mk_req that uses 524 - protocol - - * lib/krb5/init_creds_pw.c: make change_password and - get_init_creds_common static - - * lib/krb5/krb5.h: Merge stuff from removed headerfiles. - - * lib/krb5/fcache.c: fcc_ops -> krb5_fcc_ops - - * lib/krb5/mcache.c: mcc_ops -> krb5_mcc_ops - -Fri Aug 29 01:45:25 1997 Johan Danielsson - - * lib/krb5/krb5.h: Remove all prototypes. - - * lib/krb5/convert_creds.c: Use `struct credentials' instead of - `CREDENTIALS'. - -Fri Aug 29 00:08:18 1997 Assar Westerlund - - * lib/asn1/gen_glue.c: new file. generates 2int and int2 functions - and units for bit strings. - - * admin/util.c: flags2int, int2flags, and flag_units are now - generated by asn1_compile - - * lib/roken/parse_units.c: generalised `parse_units' and - `unparse_units' and added new functions `parse_flags' and - `unparse_flags' that use these - - * lib/krb5/krb5_locl.h: moved krb5_data* functions to krb5.h - - * admin/util.c: Use {un,}parse_flags for printing and parsing - hdbflags. - -Thu Aug 28 03:26:12 1997 Assar Westerlund - - * lib/krb5/get_addrs.c: restructured - - * lib/krb5/warn.c (_warnerr): leak less memory - - * lib/hdb/hdb.c (hdb_free_entry): zero keys - (hdb_check_db_format): leak less memory - - * lib/hdb/ndbm.c (NDBM_seq): check for valid hdb_entries implement - NDBM__get, NDBM__put - - * lib/hdb/db.c (DB_seq): check for valid hdb_entries - -Thu Aug 28 02:06:58 1997 Johan Danielsson - - * lib/krb5/send_to_kdc.c: Don't use sendto on connected sockets. - -Thu Aug 28 01:13:17 1997 Assar Westerlund - - * kuser/kinit.1, klist.1, kdestroy.1: new man pages - - * kpasswd/kpasswd.1, kpasswdd.8: new man pages - - * kdc/kstash.8, hprop.8, hpropd.8: new man pages - - * admin/ktutil.8, admin/kdb_edit.8: new man pages - - * admin/mod.c: new file - - * admin/life.c: renamed gettime and puttime to getlife and putlife - and moved them to life.c - - * admin/util.c: add print_flags, parse_flags, init_entry, - set_created_by, set_modified_by, edit_entry, set_password. Use - them. - - * admin/get.c: use print_flags - - * admin: removed unused stuff. use krb5_{warn,err}* - - * admin/ank.c: re-organized and abstracted. - - * admin/gettime.c: removed - -Thu Aug 28 00:37:39 1997 Johan Danielsson - - * lib/krb5/{get_cred,get_in_tkt}.c: Check for v4 reply. - - * lib/roken/base64.c: Add base64 functions. - - * kdc/connect.c lib/krb5/send_to_kdc.c: Add http support. - -Wed Aug 27 00:29:20 1997 Johan Danielsson - - * include/Makefile.am: Don't make links to built files. - - * admin/kdb_edit.c: Add command to set the database path. - - * lib/hdb: Include version number in database. - -Tue Aug 26 20:14:54 1997 Johan Danielsson - - * admin/ktutil: Merged v4 srvtab conversion. - -Mon Aug 25 23:02:18 1997 Assar Westerlund - - * lib/roken/roken.h: add F_OK - - * lib/gssapi/acquire_creds.c: fix typo - - * configure.in: call AC_TYPE_MODE_T - - * acinclude.m4: Add AC_TYPE_MODE_T - -Sun Aug 24 16:46:53 1997 Assar Westerlund - - * Release 0.0f - -Sun Aug 24 08:06:54 1997 Assar Westerlund - - * appl/popper/pop_pass.c: log poppers - - * kdc/kaserver.c: some more checks - - * kpasswd/kpasswd.c: removed `-p' - - * kuser/kinit.c: removed `-p' - - * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): If - KDC_ERR_PREUATH_REQUIRED, add preauthentication and try again. - - * lib/krb5/get_in_tkt.c (krb5_get_in_cred): don't print out - krb-error text - - * lib/gssapi/import_name.c (input_name): more names types. - - * admin/load.c (parse_keys): handle the case of an empty salt - - * kdc/kaserver.c: fix up memory deallocation - - * kdc/kaserver.c: quick hack at talking kaserver protocol - - * kdc/kerberos4.c: Make `db-fetch4' global - - * configure.in: add --enable-kaserver - - * kdc/rx.h, kdc/kerberos4.h: new header files - - * lib/krb5/principal.c: fix krb5_build_principal_ext & c:o - -Sun Aug 24 03:52:44 1997 Johan Danielsson - - * lib/krb5/{get_in_tkt,mk_safe,mk_priv}.c: Fix some Cray specific - type conflicts. - - * lib/krb5/{get_cred,get_in_tkt}.c: Mask nonce to 32 bits. - - * lib/des/{md4,md5,sha}.c: Now works on Crays. - -Sat Aug 23 18:15:01 1997 Johan Danielsson - - * appl/afsutil/afslog.c: If no cells or files specified, get - tokens for all local cells. Better test for files. - -Thu Aug 21 23:33:38 1997 Assar Westerlund - - * lib/gssapi/v1.c: new file with v1 compatibility functions. - -Thu Aug 21 20:36:13 1997 Johan Danielsson - - * lib/kafs/afskrb5.c: Don't check ticket file for afs ticket. - - * kdc/kerberos4.c: Check database when converting v4 principals. - - * kdc/kerberos5.c: Include kvno in Ticket. - - * lib/krb5/encrypt.c: Add kvno parameter to encrypt_EncryptedData. - - * kuser/klist.c: Print version number of ticket, include more - flags. - -Wed Aug 20 21:26:58 1997 Johan Danielsson - - * lib/kafs/afskrb5.c (get_cred): Check cached afs tickets for - expiration. - -Wed Aug 20 17:40:31 1997 Assar Westerlund - - * lib/krb5/recvauth.c (krb5_recvauth): Send a KRB-ERROR iff - there's an error. - - * lib/krb5/sendauth.c (krb5_sendauth): correct the protocol - documentation and process KRB-ERROR's - -Tue Aug 19 20:41:30 1997 Johan Danielsson - - * kdc/kerberos4.c: Fix memory leak in v4 protocol handler. - -Mon Aug 18 05:15:09 1997 Assar Westerlund - - * lib/gssapi/accept_sec_context.c: Added - `gsskrb5_register_acceptor_identity' - -Sun Aug 17 01:40:20 1997 Assar Westerlund - - * lib/gssapi/accept_sec_context.c (gss_accept_sec_context): don't - always pass server == NULL to krb5_rd_req. - - * lib/gssapi: new files: canonicalize_name.c export_name.c - context_time.c compare_name.c release_cred.c acquire_cred.c - inquire_cred.c, from Luke Howard - - * lib/krb5/config_file.c: Add netinfo support from Luke Howard - - - * lib/editline/sysunix.c: sgtty-support from Luke Howard - - - * lib/krb5/principal.c: krb5_sname_to_principal fix from Luke - Howard - -Sat Aug 16 00:44:47 1997 Assar Westerlund - - * Release 0.0e - -Sat Aug 16 00:23:46 1997 Johan Danielsson - - * appl/afsutil/afslog.c: Use new libkafs. - - * lib/kafs/afskrb5.c: Get AFS tokens via 524 protocol. - - * lib/krb5/warn.c: Fix format string for *x type. - -Fri Aug 15 22:15:01 1997 Assar Westerlund - - * admin/get.c (get_entry): print more information about the entry - - * lib/des/Makefile.am: build destest, mdtest, des, rpw, speed - - * lib/krb5/config_file.c: new functions `krb5_config_get_time' and - `krb5_config_vget_time'. Use them. - -Fri Aug 15 00:09:37 1997 Johan Danielsson - - * admin/ktutil.c: Keytab manipulation program. - - * lib/krb5/keytab.c: Return sane values from resolve and - start_seq_get. - - * kdc/kerberos5.c: Fix for old clients passing 0 for `no endtime'. - - * lib/45/get_ad_tkt.c: Kerberos 4 get_ad_tkt using - krb524_convert_creds_kdc. - - * lib/krb5/convert_creds.c: Implementation of - krb524_convert_creds_kdc. - - * lib/asn1/k5.asn1: Make kdc-req-body.till OPTIONAL - - * kdc/524.c: A somewhat working 524-protocol module. - - * kdc/kerberos4.c: Add version 4 ticket encoding and encryption - functions. - - * lib/krb5/context.c: Fix kdc_timeout. - - * lib/hdb/{ndbm,db}.c: Free name in close. - - * kdc/kerberos5.c (tgs_check_autenticator): Return error code - -Thu Aug 14 21:29:03 1997 Johan Danielsson - - * kdc/kerberos5.c (tgs_make_reply): Fix endtime in reply. - - * lib/krb5/store_emem.c: Fix reallocation bug. - -Tue Aug 12 01:29:46 1997 Assar Westerlund - - * appl/telnet/libtelnet/kerberos5.c, appl/popper/pop_init.c: Use - `krb5_sock_to_principal'. Send server parameter to - krb5_rd_req/krb5_recvauth. Set addresses in auth_context. - - * lib/krb5/recvauth.c: Set addresses in auth_context if there - aren't any - - * lib/krb5/auth_context.c: New function - `krb5_auth_con_setaddrs_from_fd' - - * lib/krb5/sock_principal.c: new function - `krb5_sock_to_principal' - - * lib/krb5/time.c: new file with `krb5_timeofday' and - `krb5_us_timeofday'. Use these functions. - - * kuser/klist.c: print KDC offset iff verbose - - * lib/krb5/get_in_tkt.c: implement KDC time offset and use it if - [libdefaults]kdc_timesync is set. - - * lib/krb5/fcache.c: Implement version 4 of the ccache format. - -Mon Aug 11 05:34:43 1997 Assar Westerlund - - * lib/krb5/rd_rep.c (krb5_free_ap_rep_enc_part): free all memory - - * lib/krb5/principal.c (krb5_unparse_name): allocate memory - properly - - * kpasswd/kpasswd.c: Use `krb5_change_password' - - * lib/krb5/init_creds_pw.c (init_cred): set realm of server - correctly. - - * lib/krb5/init_creds_pw.c: support changing of password when it - has expired - - * lib/krb5/changepw.c: new file - - * kuser/klist.c: use getarg - - * admin/init.c (init): add `kadmin/changepw' - -Mon Aug 11 04:30:47 1997 Johan Danielsson - - * lib/krb5/get_cred.c: Make get_credentials handle cross-realm. - -Mon Aug 11 00:03:24 1997 Assar Westerlund - - * lib/krb5/config_file.c: implement support for #-comments - -Sat Aug 9 02:21:46 1997 Johan Danielsson - - * kdc/hprop*.c: Add database propagation programs. - - * kdc/connect.c: Max request size. - -Sat Aug 9 00:47:28 1997 Assar Westerlund - - * lib/otp: resurrected from krb4 - - * appl/push: new program for fetching mail with POP. - - * appl/popper/popper.h: new include files. new fields in `POP' - - * appl/popper/pop_pass.c: Implement both v4 and v5. - - * appl/popper/pop_init.c: Implement both v4 and v5. - - * appl/popper/pop_debug.c: use getarg. Talk both v4 and v5 - - * appl/popper: Popper from krb4. - - * configure.in: check for inline and generate - files in appl/popper, appl/push, and lib/otp - -Fri Aug 8 05:51:02 1997 Assar Westerlund - - * lib/krb5/get_cred.c: clean-up and try to free memory even when - there're errors - - * lib/krb5/get_cred.c: adapt to new `extract_ticket' - - * lib/krb5/get_in_tkt.c: reorganize. check everything and try to - return memory even if there are errors. - - * kuser/kverify.c: new file - - * lib/krb5/free_host_realm.c: new file - - * lib/krb5/principal.c (krb5_sname_to_principal): implement - different nametypes. Also free memory. - - * lib/krb5/verify_init.c: more functionality - - * lib/krb5/mk_req_ext.c (krb5_mk_req_extended): free the checksum - - * lib/krb5/get_in_tkt.c (extract_ticket): don't copy over the - principals in creds. Should also compare them with that received - from the KDC - - * lib/krb5/cache.c (krb5_cc_gen_new): copy the newly allocated - krb5_ccache - (krb5_cc_destroy): call krb5_cc_close - (krb5_cc_retrieve_cred): delete the unused creds - -Fri Aug 8 02:30:40 1997 Johan Danielsson - - * lib/krb5/log.c: Allow better control of destinations of logging - (like passing explicit destinations, and log-functions). - -Fri Aug 8 01:20:39 1997 Assar Westerlund - - * lib/krb5/get_default_principal.c: new file - - * kpasswd/kpasswdd.c: use krb5_log* - -Fri Aug 8 00:37:47 1997 Johan Danielsson - - * lib/krb5/init_creds_pw.c: Implement krb5_get_init_creds_keytab. - -Fri Aug 8 00:37:17 1997 Assar Westerlund - - * lib/krb5/init_creds_pw.c: Use `krb5_get_default_principal'. - Print password expire information. - - * kdc/config.c: new variable `kdc_warn_pwexpire' - - * kpasswd/kpasswd.c: converted to getarg and get_init_creds - -Thu Aug 7 22:17:09 1997 Assar Westerlund - - * lib/krb5/mcache.c: new file - - * admin/gettime.c: new function puttime. Use it. - - * lib/krb5/keyblock.c: Added krb5_free_keyblock and - krb5_copy_keyblock - - * lib/krb5/init_creds_pw.c: more functionality - - * lib/krb5/creds.c: Added krb5_free_creds_contents and - krb5_copy_creds. Changed callers. - - * lib/krb5/config_file.c: new functions krb5_config_get and - krb5_config_vget - - * lib/krb5/cache.c: cleanup added mcache - - * kdc/kerberos5.c: include last-req's of type 6 and 7, if - applicable - -Wed Aug 6 20:38:23 1997 Johan Danielsson - - * lib/krb5/log.c: New parameter `log-level'. Default to `SYSLOG'. - -Tue Aug 5 22:53:54 1997 Assar Westerlund - - * lib/krb5/verify_init.c, init_creds_pw.c, init_creds.c, - prompter_posix.c: the beginning of an implementation of the cygnus - initial-ticket API. - - * lib/krb5/get_in_tkt_pw.c: make `krb5_password_key_proc' global - - * lib/krb5/get_in_tkt.c (krb5_get_in_cred): new function that is - almost krb5_get_in_tkt but doesn't write the creds to the ccache. - Small fixes in krb5_get_in_tkt - - * lib/krb5/get_addrs.c (krb5_get_all_client_addrs): don't include - loopback. - -Mon Aug 4 20:20:48 1997 Johan Danielsson - - * kdc: Make context global. - -Fri Aug 1 17:23:56 1997 Assar Westerlund - - * Release 0.0d - - * lib/roken/flock.c: new file - - * kuser/kinit.c: check for and print expiry information in the - `kdc_rep' - - * lib/krb5/get_in_tkt.c: Set `ret_as_reply' if != NULL - - * kdc/kerberos5.c: Check the valid times on client and server. - Check the password expiration. - Check the require_preauth flag. - Send an lr_type == 6 with pw_end. - Set key.expiration to min(valid_end, pw_end) - - * lib/hdb/hdb.asn1: new flags `require_preauth' and `change_pw' - - * admin/util.c, admin/load.c: handle the new flags. - -Fri Aug 1 16:56:12 1997 Johan Danielsson - - * lib/hdb: Add some simple locking. - -Sun Jul 27 04:44:31 1997 Johan Danielsson - - * lib/krb5/log.c: Add some general logging functions. - - * kdc/kerberos4.c: Add version 4 protocol handler. The requrement - for this to work is that all involved principals has a des key in - the database, and that the client has a version 4 (un-)salted - key. Furthermore krb5_425_conv_principal has to do it's job, as - present it's not very clever. - - * lib/krb5/principal.c: Quick patch to make 425_conv work - somewhat. - - * lib/hdb/hdb.c: Add keytype->key and next key functions. - -Fri Jul 25 17:32:12 1997 Assar Westerlund - - * lib/krb5/build_auth.c (krb5_build_authenticator): don't free - `cksum'. It's allocated and freed by the caller - - * lib/krb5/get_cred.c (krb5_get_kdc_cred): Don't free `addresses'. - - * kdc/kerberos5.c (tgs_rep2): make sure we also have an defined - `client' to return as part of the KRB-ERROR - -Thu Jul 24 08:13:59 1997 Johan Danielsson - - * kdc/kerberos5.c: Unseal keys from database before use. - - * kdc/misc.c: New functions set_master_key, unseal_key and - free_key. - - * lib/roken/getarg.c: Handle `-f arg' correctly. - -Thu Jul 24 01:54:43 1997 Assar Westerlund - - * kuser/kinit.c: implement `-l' aka `--lifetime' - - * lib/roken/parse_units.c, parse_time.c: new files - - * admin/gettime.c (gettime): use `parse_time' - - * kdc/kerberos5.c (as_rep): Use `METHOD-DATA' when sending - KRB5KDC_ERR_PREAUTH_REQUIRED, not PA-DATA. - - * kpasswd/kpasswdd.c: fix freeing bug use sequence numbers set - addresses in auth_context bind one socket per interface. - - * kpasswd/kpasswd.c: use sequence numbers - - * lib/krb5/rd_req.c (krb5_verify_ap_req): do abs when verifying - the timestamps - - * lib/krb5/rd_priv.c (krb5_rd_priv): Fetch the correct session key - from auth_context - - * lib/krb5/mk_priv.c (krb5_mk_priv): Fetch the correct session key - from auth_context - - * lib/krb5/mk_error.c (krb5_mk_error): return an error number and - not a comerr'd number. - - * lib/krb5/get_in_tkt.c (krb5_get_in_tkt): interpret the error - number in KRB-ERROR correctly. - - * lib/krb5/get_cred.c (krb5_get_kdc_cred): interpret the error - number in KRB-ERROR correctly. - - * lib/asn1/k5.asn1: Add `METHOD-DATA' - - * removed some memory leaks. - -Wed Jul 23 07:53:18 1997 Assar Westerlund - - * Release 0.0c - - * lib/krb5/rd_cred.c, get_for_creds.c: new files - - * lib/krb5/get_host_realm.c: try default realm as last chance - - * kpasswd/kpasswdd.c: updated to hdb changes - - * appl/telnet/libtelnet/kerberos5.c: Implement forwarding - - * appl/telnet/libtelnet: removed totally unused files - - * admin/ank.c: fix prompts and generation of random keys - -Wed Jul 23 04:02:32 1997 Johan Danielsson - - * admin/dump.c: Include salt in dump. - - * admin: Mostly updated for new db-format. - - * kdc/kerberos5.c: Update to use new db format. Better checking of - flags and such. More logging. - - * lib/hdb/hdb.c: Use generated encode and decode functions. - - * lib/hdb/hdb.h: Get hdb_entry from ASN.1 generated code. - - * lib/krb5/get_cred.c: Get addresses from krbtgt if there are none - in the reply. - -Sun Jul 20 16:22:30 1997 Assar Westerlund - - * kuser/kinit.c: break if des_read_pw_string() != 0 - - * kpasswd/kpasswdd.c: send a reply - - * kpasswd/kpasswd.c: restructured code. better report on - krb-error break if des_read_pw_string() != 0 - - * kdc/kerberos5.c: Check `require_enc_timestamp' malloc space for - starttime and renew_till - - * appl/telnet/libtelnet/kerberos5.c (kerberos5_is): Send a - keyblock to krb5_verify_chekcsum - -Sun Jul 20 06:35:46 1997 Johan Danielsson - - * Release 0.0b - - * kpasswd/kpasswd.c: Avoid using non-standard struct names. - -Sat Jul 19 19:26:23 1997 Assar Westerlund - - * lib/krb5/keytab.c (krb5_kt_get_entry): check return from - `krb5_kt_start_seq_get'. From - -Sat Jul 19 04:07:39 1997 Johan Danielsson - - * lib/asn1/k5.asn1: Update with more pa-data types from - draft-ietf-cat-kerberos-revisions-00.txt - - * admin/load.c: Update to match current db-format. - - * kdc/kerberos5.c (as_rep): Try all valid pa-datas before giving - up. Send back an empty pa-data if the client has the v4 flag set. - - * lib/krb5/get_in_tkt.c: Pass both version5 and version4 salted - pa-data. DTRT if there is any pa-data in the reply. - - * lib/krb5/str2key.c: XOR with some sane value. - - * lib/hdb/hdb.h: Add `version 4 salted key' flag. - - * kuser/kinit.c: Ask for password before calling get_in_tkt. This - makes it possible to call key_proc more than once. - - * kdc/string2key.c: Add flags to output version 5 (DES only), - version 4, and AFS string-to-key of a password. - - * lib/asn1/gen_copy.c: copy_* functions now returns an int (0 or - ENOMEM). - -Fri Jul 18 02:54:58 1997 Assar Westerlund - - * lib/krb5/get_host_realm.c (krb5_get_host_realm): do the - name2name thing - - * kdc/misc.c: check result of hdb_open - - * admin/kdb_edit: updated to new sl - - * lib/sl: sl_func now returns an int. != 0 means to exit. - - * kpasswd/kpasswdd: A crude (but somewhat working) implementation - of `draft-ietf-cat-kerb-chg-password-00.txt' - -Fri Jul 18 00:55:39 1997 Johan Danielsson - - * kuser/krenew.c: Crude ticket renewing program. - - * kdc/kerberos5.c: Rewritten flags parsing, it now might work to - get forwarded and renewed tickets. - - * kuser/kinit.c: Add `-r' flag. - - * lib/krb5/get_cred.c: Move most of contents of get_creds to new - function get_kdc_cred, that always contacts the kdc and doesn't - save in the cache. This is a hack. - - * lib/krb5/get_in_tkt.c: Pass starttime and renew_till in request - (a bit kludgy). - - * lib/krb5/mk_req_ext.c: Make an auth_context if none passed in. - - * lib/krb5/send_to_kdc.c: Get timeout from context. - - * lib/krb5/context.c: Add kdc_timeout to context struct. - -Thu Jul 17 20:35:45 1997 Johan Danielsson - - * kuser/klist.c: Print start time of ticket if available. - - * lib/krb5/get_host_realm.c: Return error if no realm was found. - -Thu Jul 17 20:28:21 1997 Assar Westerlund - - * kpasswd: non-working kpasswd added - -Thu Jul 17 00:21:22 1997 Johan Danielsson - - * Release 0.0a - - * kdc/main.c: Add -p flag to disable pa-enc-timestamp requirement. - -Wed Jul 16 03:37:41 1997 Johan Danielsson - - * kdc/kerberos5.c (tgs_rep2): Free ticket and ap_req. - - * lib/krb5/auth_context.c (krb5_auth_con_free): Free remote - subkey. - - * lib/krb5/principal.c (krb5_free_principal): Check for NULL. - - * lib/krb5/send_to_kdc.c: Check for NULL return from - gethostbyname. - - * lib/krb5/set_default_realm.c: Try to get realm of local host if - no default realm is available. - - * Remove non ASN.1 principal code. - -Wed Jul 16 03:17:30 1997 Johan Danielsson - - * kdc/kerberos5.c: Split tgs_rep in smaller functions. Add better - error handing. Do some logging. - - * kdc/log.c: Some simple logging facilities. - - * kdc/misc.c (db_fetch): Take a krb5_principal. - - * kdc/connect.c: Pass address of request to as_rep and - tgs_rep. Send KRB-ERROR. - - * lib/krb5/mk_error.c: Add more fields. - - * lib/krb5/get_cred.c: Print normal error code if no e_text is - available. - -Wed Jul 16 03:07:50 1997 Assar Westerlund - - * lib/krb5/get_in_tkt.c: implement `krb5_init_etype'. - Change encryption type of pa_enc_timestamp to DES-CBC-MD5 - - * lib/krb5/context.c: recognize all encryption types actually - implemented - - * lib/krb5/auth_context.c (krb5_auth_con_init): Change default - encryption type to `DES_CBC_MD5' - - * lib/krb5/read_message.c, write_message.c: new files - -Tue Jul 15 17:14:21 1997 Assar Westerlund - - * lib/asn1: replaced asn1_locl.h by `der_locl.h' and `gen_locl.h'. - - * lib/error/compile_et.awk: generate a prototype for the - `destroy_foo_error_table' function. - -Mon Jul 14 12:24:40 1997 Assar Westerlund - - * lib/krb5/krbhst.c (krb5_get_krbhst): Get all kdc's and try also - with `kerberos.REALM' - - * kdc/kerberos5.c, lib/krb5/rd_priv.c, lib/krb5/rd_safe.c: use - `max_skew' - - * lib/krb5/rd_req.c (krb5_verify_ap_req): record authenticator - subkey - - * lib/krb5/build_auth.c (krb5_build_authenticator): always - generate a subkey. - - * lib/krb5/address.c: implement `krb5_address_order' - - * lib/gssapi/import_name.c: Implement `gss_import_name' - - * lib/gssapi/external.c: Use new OID - - * lib/gssapi/encapsulate.c: New functions - `gssapi_krb5_encap_length' and `gssapi_krb5_make_header'. Changed - callers. - - * lib/gssapi/decapsulate.c: New function - `gssaspi_krb5_verify_header'. Changed callers. - - * lib/asn1/gen*.c: Give tags to generated structs. - Use `err' and `asprintf' - - * appl/test/gss_common.c: new file - - * appl/test/gssapi_server.c: removed all krb5 calls - - * appl/telnet/libtelnet/kerberos5.c: Add support for genering and - verifying checksums. Also start using session subkeys. - -Mon Jul 14 12:08:25 1997 Johan Danielsson - - * lib/krb5/rd_req.c (krb5_rd_req_with_keyblock): Split up. - -Sun Jul 13 03:07:44 1997 Assar Westerlund - - * lib/krb5/rd_safe.c, mk_safe.c: made bug-compatible with MIT - - * lib/krb5/encrypt.c: new functions `DES_encrypt_null_ivec' and - `DES_encrypt_key_ivec' - - * lib/krb5/checksum.c: implement rsa-md4-des and rsa-md5-des - - * kdc/kerberos5.c (tgs_rep): support keyed checksums - - * lib/krb5/creds.c: new file - - * lib/krb5/get_in_tkt.c: better freeing - - * lib/krb5/context.c (krb5_free_context): more freeing - - * lib/krb5/config_file.c: New function `krb5_config_file_free' - - * lib/error/compile_et.awk: Generate a `destroy_' function. - - * kuser/kinit.c, klist.c: Don't leak memory. - -Sun Jul 13 02:46:27 1997 Johan Danielsson - - * kdc/connect.c: Check filedescriptor in select. - - * kdc/kerberos5.c: Remove most of the most common memory leaks. - - * lib/krb5/rd_req.c: Free allocated data. - - * lib/krb5/auth_context.c (krb5_auth_con_free): Free a lot of - fields. - -Sun Jul 13 00:32:16 1997 Assar Westerlund - - * appl/telnet: Conditionalize the krb4-support. - - * configure.in: Test for krb4 - -Sat Jul 12 17:14:12 1997 Assar Westerlund - - * kdc/kerberos5.c: check if the pre-auth was decrypted properly. - set the `pre_authent' flag - - * lib/krb5/get_cred.c, lib/krb5/get_in_tkt.c: generate a random nonce. - - * lib/krb5/encrypt.c: Made `generate_random_block' global. - - * appl/test: Added gssapi_client and gssapi_server. - - * lib/krb5/data.c: Add `krb5_data_zero' - - * appl/test/tcp_client.c: try `mk_safe' and `mk_priv' - - * appl/test/tcp_server.c: try `rd_safe' and `rd_priv' - -Sat Jul 12 16:45:58 1997 Johan Danielsson - - * lib/krb5/get_addrs.c: Fix for systems that has sa_len, but - returns zero length from SIOCGIFCONF. - -Sat Jul 12 16:38:34 1997 Assar Westerlund - - * appl/test: new programs - - * lib/krb5/rd_req.c: add address compare - - * lib/krb5/mk_req_ext.c: allow no checksum - - * lib/krb5/keytab.c (krb5_kt_ret_string): 0-terminate string - - * lib/krb5/address.c: fix `krb5_address_compare' - -Sat Jul 12 15:03:16 1997 Johan Danielsson - - * lib/krb5/get_addrs.c: Fix ip4 address extraction. - - * kuser/klist.c: Add verbose flag, and split main into smaller - pieces. - - * lib/krb5/fcache.c: Save ticket flags. - - * lib/krb5/get_in_tkt.c (extract_ticket): Extract addresses and - flags. - - * lib/krb5/krb5.h: Add ticket_flags to krb5_creds. - -Sat Jul 12 13:12:48 1997 Assar Westerlund - - * configure.in: Call `AC_KRB_PROG_LN_S' - - * acinclude.m4: Add `AC_KRB_PROG_LN_S' from krb4 - -Sat Jul 12 00:57:01 1997 Johan Danielsson - - * lib/krb5/get_in_tkt.c: Use union of krb5_flags and KDCOptions to - pass options. - -Fri Jul 11 15:04:22 1997 Assar Westerlund - - * appl/telnet: telnet & telnetd seems to be working. - - * lib/krb5/config_file.c: Added krb5_config_v?get_list Fixed - krb5_config_vget_next - - * appl/telnet/libtelnet/kerberos5.c: update to current API - -Thu Jul 10 14:54:39 1997 Assar Westerlund - - * appl/telnet/libtelnet/kerberos5.c (kerberos5_status): call - `krb5_kuserok' - - * appl/telnet: Added. - -Thu Jul 10 05:09:25 1997 Johan Danielsson - - * lib/error/compile_et.awk: Remove usage of sub, gsub, and - functions for compatibility with awk. - - * include/bits.c: Must use signed char. - - * lib/krb5/context.c: Move krb5_get_err_text, and krb5_init_ets - here. - - * lib/error/error.c: Replace krb5_get_err_text with new function - com_right. - - * lib/error/compile_et.awk: Avoid using static variables. - - * lib/error/error.c: Don't use krb5_locl.h - - * lib/error/error.h: Move definitions of error_table and - error_list from krb5.h. - - * lib/error: Moved from lib/krb5. - -Wed Jul 9 07:42:04 1997 Johan Danielsson - - * lib/krb5/encrypt.c: Temporary hack to avoid des_rand_data. - -Wed Jul 9 06:58:00 1997 Assar Westerlund - - * lib/krb5/{rd,mk}_{*}.c: more checking for addresses and stuff - according to pseudocode from 1510 - -Wed Jul 9 06:06:06 1997 Johan Danielsson - - * lib/hdb/hdb.c: Add hdb_etype2key. - - * kdc/kerberos5.c: Check authenticator. Use more general etype - functions. - -Wed Jul 9 03:51:12 1997 Assar Westerlund - - * lib/asn1/k5.asn1: Made all `s_address' OPTIONAL according to - draft-ietf-cat-kerberos-r-00.txt - - * lib/krb5/principal.c (krb5_parse_name): default to local realm - if none given - - * kuser/kinit.c: New option `-p' and prompt - -Wed Jul 9 02:30:06 1997 Johan Danielsson - - * lib/krb5/keyblock.c: Keyblock generation functions. - - * lib/krb5/encrypt.c: Use functions from checksum.c. - - * lib/krb5/checksum.c: Move checksum functions here. Add - krb5_cksumsize function. - -Wed Jul 9 01:15:38 1997 Assar Westerlund - - * lib/krb5/get_host_realm.c: implemented - - * lib/krb5/config_file.c: Redid part. New functions: - krb5_config_v?get_next - - * kuser/kdestroy.c: new program - - * kuser/kinit.c: new flag `-f' - - * lib/asn1/k5.asn1: Made HostAddresses = SEQUENCE OF HostAddress - - * acinclude.m4: Added AC_KRB_STRUCT_SOCKADDR_SA_LEN - - * lib/krb5/krb5.h: krb5_addresses == HostAddresses. Changed all - users. - - * lib/krb5/get_addrs.c: figure out all local addresses, possibly - even IPv6! - - * lib/krb5/checksum.c: table-driven checksum - -Mon Jul 7 21:13:28 1997 Johan Danielsson - - * lib/krb5/encrypt.c: Make krb5_decrypt use the same struct as - krb5_encrypt. - -Mon Jul 7 11:15:51 1997 Assar Westerlund - - * lib/roken/vsyslog.c: new file - - * lib/krb5/encrypt.c: add des-cbc-md4. - adjust krb5_encrypt and krb5_decrypt to reality - -Mon Jul 7 02:46:31 1997 Johan Danielsson - - * lib/krb5/encrypt.c: Implement as a vector of function pointers. - - * lib/krb5/{decrypt,encrypt}.c: Implement des-cbc-crc, and - des-cbc-md5 in separate functions. - - * lib/krb5/krb5.h: Add more checksum and encryption types. - - * lib/krb5/krb5_locl.h: Add etype to krb5_decrypt. - -Sun Jul 6 23:02:59 1997 Assar Westerlund - - * lib/krb5/[gs]et_default_realm.c, kuserok.c: new files - - * lib/krb5/config_file.[ch]: new c-based configuration reading - stuff - -Wed Jul 2 23:12:56 1997 Assar Westerlund - - * configure.in: Set WFLAGS if using gcc - -Wed Jul 2 17:47:03 1997 Johan Danielsson - - * lib/asn1/der_put.c (der_put_int): Return size correctly. - - * admin/ank.c: Be compatible with the asn1 principal format. - -Wed Jul 1 23:52:20 1997 Johan Danielsson - - * lib/asn1: Now all decode_* and encode_* functions now take a - final size_t* argument, that they return the size in. Return - values are zero for success, and anything else (such as some - ASN1_* constant) for error. - -Mon Jun 30 06:08:14 1997 Assar Westerlund - - * lib/krb5/keytab.c (krb5_kt_add_entry): change open mode to - O_WRONLY | O_APPEND - - * lib/krb5/get_cred.c: removed stale prototype for - `extract_ticket' and corrected call. - - * lib/asn1/gen_length.c (length_type): Make the length functions - for SequenceOf non-destructive - - * admin/ank.c (doit): Fix reading of `y/n'. - -Mon Jun 16 05:41:43 1997 Assar Westerlund - - * lib/gssapi/wrap.c, unwrap.c: do encrypt and add sequence number - - * lib/gssapi/get_mic.c, verify_mic.c: Add sequence number. - - * lib/gssapi/accept_sec_context.c (gss_accept_sec_context): Set - KRB5_AUTH_CONTEXT_DO_SEQUENCE. Verify 8003 checksum. - - * lib/gssapi/8003.c: New file. - - * lib/krb/krb5.h: Define a `krb_authenticator' as an ASN.1 - Authenticator. - - * lib/krb5/auth_context.c: New functions - `krb5_auth_setlocalseqnumber' and `krb5_auth_setremoteseqnumber' - -Tue Jun 10 00:35:54 1997 Johan Danielsson - - * lib/krb5: Preapre for use of some asn1-types. - - * lib/asn1/*.c (copy_*): Constness. - - * lib/krb5/krb5.h: Include asn1.h; krb5_data is now an - octet_string. - - * lib/asn1/der*,gen.c: krb5_data -> octet_string, char * -> - general_string - - * lib/asn1/libasn1.h: Moved stuff from asn1_locl.h that doesn't - have anything to do with asn1_compile. - - * lib/asn1/asn1_locl.h: Remove der.h. Add some prototypes. - -Sun Jun 8 03:51:55 1997 Assar Westerlund - - * kdc/kerberos5.c: Fix PA-ENC-TS-ENC - - * kdc/connect.c(process_request): Set `new' - - * lib/krb5/get_in_tkt.c: Do PA-ENC-TS-ENC the correct way. - - * lib: Added editline,sl,roken. - -Mon Jun 2 00:37:48 1997 Johan Danielsson - - * lib/krb5/fcache.c: Move file cache from cache.c. - - * lib/krb5/cache.c: Allow more than one cache type. - -Sun Jun 1 23:45:33 1997 Johan Danielsson - - * admin/extkeytab.c: Merged with kdb_edit. - -Sun Jun 1 23:23:08 1997 Assar Westerlund - - * kdc/kdc.c: more support for ENC-TS-ENC - - * lib/krb5/get_in_tkt.c: redone to enable pre-authentication - -Sun Jun 1 22:45:11 1997 Johan Danielsson - - * lib/hdb/db.c: Merge fetch and store. - - * admin: Merge to one program. - - * lib/krb5/str2key.c: Fill in keytype and length. - -Sun Jun 1 16:31:23 1997 Assar Westerlund - - * lib/krb5/rd_safe.c, lib/krb5/rd_priv.c, lib/krb5/mk_rep.c, - lib/krb5/mk_priv.c, lib/krb5/build_auth.c: Some support for - KRB5_AUTH_CONTEXT_DO_SEQUENCE - - * lib/krb5/get_in_tkt.c (get_in_tkt): be prepared to parse an - KRB_ERROR. Some support for PA_ENC_TS_ENC. - - * lib/krb5/auth_context.c: implemented seq_number functions - - * lib/krb5/generate_subkey.c, generate_seq_number.c: new files - - * lib/gssapi/gssapi.h: avoid including - - * lib/asn1/Makefile.am: SUFFIXES as a variable to make automake - happy - - * kdc/kdc.c: preliminary PREAUTH_ENC_TIMESTAMP - - * configure.in: adapted to automake 1.1p - -Mon May 26 22:26:21 1997 Johan Danielsson - - * lib/krb5/principal.c: Add contexts to many functions. - -Thu May 15 20:25:37 1997 Johan Danielsson - - * lib/krb5/verify_user.c: First stab at a verify user. - - * lib/auth/sia/sia5.c: SIA module for Kerberos 5. - -Mon Apr 14 00:09:03 1997 Assar Westerlund - - * lib/gssapi: Enough of a gssapi-over-krb5 implementation to be - able to (mostly) run gss-client and gss-server. - - * lib/krb5/keytab.c: implemented krb5_kt_add_entry, - krb5_kt_store_principal, krb5_kt_store_keyblock - - * lib/des/md5.[ch], sha.[ch]: new files - - * lib/asn1/der_get.c (generalizedtime2time): use `timegm' - - * lib/asn1/timegm.c: new file - - * admin/extkeytab.c: new program - - * admin/admin_locl.h: new file - - * admin/Makefile.am: Added extkeytab - - * configure.in: moved config to include - removed timezone garbage - added lib/gssapi and admin - - * Makefile.am: Added admin - -Mon Mar 17 11:34:05 1997 Johan Danielsson - - * kdc/kdc.c: Use new copying functions, and free some data. - - * lib/asn1/Makefile.am: Try to not always rebuild generated files. - - * lib/asn1/der_put.c: Add fix_dce(). - - * lib/asn1/der_{get,length,put}.c: Fix include files. - - * lib/asn1/der_free.c: Remove unused functions. - - * lib/asn1/gen.c: Split into gen_encode, gen_decode, gen_free, - gen_length, and gen_copy. - -Sun Mar 16 18:13:52 1997 Assar Westerlund - - * lib/krb5/sendauth.c: implemented functionality - - * lib/krb5/rd_rep.c: Use `krb5_decrypt' - - * lib/krb5/cache.c (krb5_cc_get_name): return default if `id' == - NULL - - * lib/krb5/principal.c (krb5_free_principal): added `context' - argument. Changed all callers. - - (krb5_sname_to_principal): new function - - * lib/krb5/auth_context.c (krb5_free_authenticator): add `context' - argument. Changed all callers - - * lib/krb5/{net_write.c,net_read.c,recvauth.c}: new files - - * lib/asn1/gen.c: Fix encoding and decoding of BitStrings - -Fri Mar 14 11:29:00 1997 Assar Westerlund - - * configure.in: look for *dbm? - - * lib/asn1/gen.c: Fix filename in generated files. Check fopens. - Put trailing newline in asn1_files. - -Fri Mar 14 05:06:44 1997 Johan Danielsson - - * lib/krb5/get_in_tkt.c: Fix some memory leaks. - - * lib/krb5/krbhst.c: Properly free hostlist. - - * lib/krb5/decrypt.c: CRCs are 32 bits. - -Fri Mar 14 04:39:15 1997 Johan Danielsson - - * lib/asn1/gen.c: Generate one file for each type. - -Fri Mar 14 04:13:47 1997 Assar Westerlund - - * lib/asn1/gen.c: Generate `length_FOO' functions - - * lib/asn1/der_length.c: new file - - * kuser/klist.c: renamed stime -> printable_time to avoid conflict - on HP/UX - -Fri Mar 14 03:37:23 1997 Johan Danielsson - - * lib/hdb/ndbm.c: Return NOENTRY if fetch fails. Don't free - datums. Don't add .db to filename. - -Fri Mar 14 02:49:51 1997 Johan Danielsson - - * kdc/dump.c: Database dump program. - - * kdc/ank.c: Trivial database editing program. - - * kdc/{kdc.c, load.c}: Use libhdb. - - * lib/hdb: New database routine library. - - * lib/krb5/error/Makefile.am: Add hdb_err. - -Wed Mar 12 17:41:14 1997 Johan Danielsson - - * kdc/kdc.c: Rewritten AS, and somewhat more working TGS support. - - * lib/asn1/gen.c: Generate free functions. - - * Some specific free functions. - -Wed Mar 12 12:30:13 1997 Assar Westerlund - - * lib/krb5/krb5_mk_req_ext.c: new file - - * lib/asn1/gen.c: optimize the case with a simple type - - * lib/krb5/get_cred.c (krb5_get_credentials): Use - `mk_req_extended' and remove old code. - - * lib/krb5/get_in_tkt.c (decrypt_tkt): First try with an - EncASRepPart, then with an EncTGSRepPart. - -Wed Mar 12 08:26:04 1997 Johan Danielsson - - * lib/krb5/store_emem.c: New resizable memory storage. - - * lib/krb5/{store.c, store_fd.c, store_mem.c}: Split of store.c - - * lib/krb5/krb5.h: Add free entry to krb5_storage. - - * lib/krb5/decrypt.c: Make keyblock const. - -Tue Mar 11 20:22:17 1997 Johan Danielsson - - * lib/krb5/krb5.h: Add EncTicketPart to krb5_ticket. - - * lib/krb5/rd_req.c: Return whole asn.1 ticket in - krb5_ticket->tkt. - - * lib/krb5/get_in_tkt.c: TGS -> AS - - * kuser/kfoo.c: Print error string rather than number. - - * kdc/kdc.c: Some kind of non-working TGS support. - -Mon Mar 10 01:43:22 1997 Assar Westerlund - - * lib/asn1/gen.c: reduced generated code by 1/5 - - * lib/asn1/der_put.c: (der_put_length_and_tag): new function - - * lib/asn1/der_get.c (der_match_tag_and_length): new function - - * lib/asn1/der.h: added prototypes - -Mon Mar 10 01:15:43 1997 Johan Danielsson - - * lib/krb5/krb5.h: Include . Add prototype for - krb5_rd_req_with_keyblock. - - * lib/krb5/rd_req.c: Add function krb5_rd_req_with_keyblock that - takes a precomputed keyblock. - - * lib/krb5/get_cred.c: Use krb5_mk_req rather than inlined code. - - * lib/krb5/mk_req.c: Calculate checksum of in_data. - -Sun Mar 9 21:17:58 1997 Johan Danielsson - - * lib/krb5/error/compile_et.awk: Add a declaration of struct - error_list, and multiple inclusion block to header files. - -Sun Mar 9 21:01:12 1997 Assar Westerlund - - * lib/krb5/rd_req.c: do some checks on times - - * lib/krb/{mk_priv.c, rd_priv.c, sendauth.c, decrypt.c, - address.c}: new files - - * lib/krb5/auth_context.c: more code - - * configure.in: try to figure out timezone - -Sat Mar 8 11:41:07 1997 Johan Danielsson - - * lib/krb5/error/error.c: Try strerror if error code wasn't found. - - * lib/krb5/get_in_tkt.c: Remove realm parameter from - krb5_get_salt. - - * lib/krb5/context.c: Initialize error table. - - * kdc: The beginnings of a kdc. - -Sat Mar 8 08:16:28 1997 Assar Westerlund - - * lib/krb5/rd_safe.c: new file - - * lib/krb5/checksum.c (krb5_verify_checksum): New function - - * lib/krb5/get_cred.c: use krb5_create_checksum - - * lib/krb5/checksum.c: new file - - * lib/krb5/store.c: no more arithmetic with void* - - * lib/krb5/cache.c: now seems to work again - -Sat Mar 8 06:58:09 1997 Johan Danielsson - - * lib/krb5/Makefile.am: Add asn1_glue.c and error/*.c to libkrb5. - - * lib/krb5/get_in_tkt.c: Moved some functions to asn1_glue.c. - - * lib/krb5/asn1_glue.c: Moved some asn1-stuff here. - - * lib/krb5/{cache,keytab}.c: Use new storage functions. - - * lib/krb5/krb5.h: Protypes for new storage functions. - - * lib/krb5/krb5.h: Make krb5_{ret,store}_* functions able to write - data to more than file descriptors. - -Sat Mar 8 01:01:17 1997 Assar Westerlund - - * lib/krb5/encrypt.c: New file. - - * lib/krb5/Makefile.am: More -I - - * configure.in: Test for big endian, random, rand, setitimer - - * lib/asn1/gen.c: perhaps even decodes bitstrings - -Thu Mar 6 19:05:29 1997 Johan Danielsson - - * lib/krb5/config_file.y: Better return values on error. - -Sat Feb 8 15:59:56 1997 Assar Westerlund - - * lib/asn1/parse.y: ifdef HAVE_STRDUP - - * lib/asn1/lex.l: ifdef strdup - brange-dead version of list of special characters to make stupid - lex accept it. - - * lib/asn1/gen.c: A DER integer should really be a `unsigned' - - * lib/asn1/der_put.c: A DER integer should really be a `unsigned' - - * lib/asn1/der_get.c: A DER integer should really be a `unsigned' - - * lib/krb5/error/Makefile.am: It seems "$(SHELL) ./compile_et" is - needed. - - * lib/krb/mk_rep.c, lib/krb/rd_req.c, lib/krb/store.c, - lib/krb/store.h: new files. - - * lib/krb5/keytab.c: now even with some functionality. - - * lib/asn1/gen.c: changed paramater from void * to Foo * - - * lib/asn1/der_get.c (der_get_octet_string): Fixed bug with empty - string. - -Sun Jan 19 06:17:39 1997 Assar Westerlund - - * lib/krb5/get_cred.c (krb5_get_credentials): Check for creds in - cc before getting new ones. - - * lib/krb5/krb5.h (krb5_free_keyblock): Fix prototype. - - * lib/krb5/build_auth.c (krb5_build_authenticator): It seems the - CRC should be stored LSW first. (?) - - * lib/krb5/auth_context.c: Implement `krb5_auth_con_getkey' and - `krb5_free_keyblock' - - * lib/**/Makefile.am: Rename foo libfoo.a - - * include/Makefile.in: Use test instead of [ - -e does not work with /bin/sh on psoriasis - - * configure.in: Search for awk - create lib/krb/error/compile_et - -Tue Jan 14 03:46:26 1997 Assar Westerlund - - * lib/krb5/Makefile.am: replaced mit-crc.c by crc.c - -Wed Dec 18 00:53:55 1996 Johan Danielsson - - * kuser/kinit.c: Guess principal. - - * lib/krb5/error/compile_et.awk: Don't include krb5.h. Fix some - warnings. - - * lib/krb5/error/asn1_err.et: Add ASN.1 error messages. - - * lib/krb5/mk_req.c: Get client from cache. - - * lib/krb5/cache.c: Add better error checking some useful return - values. - - * lib/krb5/krb5.h: Fix krb5_auth_context. - - * lib/asn1/der.h: Make krb5_data compatible with krb5.h - -Tue Dec 17 01:32:36 1996 Johan Danielsson - - * lib/krb5/error: Add primitive error library. - -Mon Dec 16 16:30:20 1996 Johan Danielsson - - * lib/krb5/cache.c: Get correct address type from cache. - - * lib/krb5/krb5.h: Change int16 to int to be compatible with asn1. - diff --git a/crypto/heimdal/ChangeLog.1999 b/crypto/heimdal/ChangeLog.1999 deleted file mode 100644 index e022b9682465..000000000000 --- a/crypto/heimdal/ChangeLog.1999 +++ /dev/null @@ -1,2194 +0,0 @@ -1999-12-30 Assar Westerlund - - * configure.in (krb4): use `-ldes' in tests - -1999-12-26 Assar Westerlund - - * lib/hdb/print.c (event2string): handle events without principal. - From Luke Howard - -1999-12-25 Assar Westerlund - - * Release 0.2j - -Tue Dec 21 18:03:17 1999 Assar Westerlund - - * lib/hdb/Makefile.am (asn1_files): add $(EXEEXT) for cygwin and - related systems - - * lib/asn1/Makefile.am (asn1_files): add $(EXEEXT) for cygwin and - related systems - - * include/Makefile.am (krb5-types.h): add $(EXEEXT) for cygwin and - related systems - -1999-12-20 Assar Westerlund - - * Release 0.2i - -1999-12-20 Assar Westerlund - - * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): bump version to 6:3:1 - - * lib/krb5/send_to_kdc.c (send_via_proxy): free data - * lib/krb5/send_to_kdc.c (send_via_proxy): new function use - getaddrinfo instead of gethostbyname{,2} - * lib/krb5/get_for_creds.c: use getaddrinfo instead of - getnodebyname{,2} - -1999-12-17 Assar Westerlund - - * Release 0.2h - -1999-12-17 Assar Westerlund - - * Release 0.2g - -1999-12-16 Assar Westerlund - - * lib/krb5/Makefile.am: bump version to 6:2:1 - - * lib/krb5/principal.c (krb5_sname_to_principal): handle - ai_canonname not being set - * lib/krb5/expand_hostname.c (krb5_expand_hostname): handle - ai_canonname not being set - - * appl/test/uu_server.c: print messages to stderr - * appl/test/tcp_server.c: print messages to stderr - * appl/test/nt_gss_server.c: print messages to stderr - * appl/test/gssapi_server.c: print messages to stderr - - * appl/test/tcp_client.c (proto): remove shadowing `context' - * appl/test/common.c (client_doit): add forgotten ntohs - -1999-12-13 Assar Westerlund - - * configure.in (VERISON): bump to 0.2g-pre - -1999-12-12 Assar Westerlund - - * lib/krb5/principal.c (krb5_425_conv_principal_ext): be more - robust and handle extra dot at the beginning of default_domain - -1999-12-12 Assar Westerlund - - * Release 0.2f - -1999-12-12 Assar Westerlund - - * lib/krb5/Makefile.am: bump version to 6:1:1 - - * lib/krb5/changepw.c (get_kdc_address): use - `krb5_get_krb_changepw_hst' - - * lib/krb5/krbhst.c (krb5_get_krb_changepw_hst): add - - * lib/krb5/get_host_realm.c: add support for _kerberos.domain - (according to draft-ietf-cat-krb-dns-locate-01.txt) - -1999-12-06 Assar Westerlund - - * Release 0.2e - -1999-12-06 Assar Westerlund - - * lib/krb5/changepw.c (krb5_change_password): use the correct - address - - * lib/krb5/Makefile.am: bump version to 6:0:1 - - * lib/asn1/Makefile.am: bump version to 1:4:0 - -1999-12-04 Assar Westerlund - - * configure.in: move AC_KRB_IPv6 to make sure it's performed - before AC_BROKEN - (el_init): use new feature of AC_FIND_FUNC_NO_LIBS - - * appl/test/uu_client.c: use client_doit - * appl/test/test_locl.h (client_doit): add prototype - * appl/test/tcp_client.c: use client_doit - * appl/test/nt_gss_client.c: use client_doit - * appl/test/gssapi_client.c: use client_doit - * appl/test/common.c (client_doit): move identical code here and - start using getaddrinfo - - * appl/kf/kf.c (doit): rewrite to use getaddrinfo - * kdc/hprop.c: re-write to use getaddrinfo - * lib/krb5/principal.c (krb5_sname_to_principal): use getaddrinfo - * lib/krb5/expand_hostname.c (krb5_expand_hostname): use - getaddrinfo - * lib/krb5/changepw.c: re-write to use getaddrinfo - * lib/krb5/addr_families.c (krb5_parse_address): use getaddrinfo - -1999-12-03 Assar Westerlund - - * configure.in (BROKEN): check for freeaddrinfo, getaddrinfo, - getnameinfo, gai_strerror - (socklen_t): check for - -1999-12-02 Johan Danielsson - - * lib/krb5/crypto.c: ARCFOUR_set_key -> RC4_set_key - -1999-11-23 Assar Westerlund - - * lib/krb5/crypto.c (ARCFOUR_string_to_key): change order of bytes - within unicode characters. this should probably be done in some - arbitrarly complex way to do it properly and you would have to - know what character encoding was used for the password and salt - string. - - * lib/krb5/addr_families.c (ipv4_uninteresting): ignore 0.0.0.0 - (INADDR_ANY) - (ipv6_uninteresting): remove unused macro - -1999-11-22 Johan Danielsson - - * lib/krb5/krb5.h: rc4->arcfour - - * lib/krb5/crypto.c: rc4->arcfour - -1999-11-17 Assar Westerlund - - * lib/krb5/krb5_locl.h: add - * lib/krb5/krb5.h (krb5_keytype): add KEYTYPE_RC4 - * lib/krb5/crypto.c: some code for doing RC4/MD5/HMAC which might - not be totally different from some small company up in the - north-west corner of the US - - * lib/krb5/get_addrs.c (find_all_addresses): change code to - actually increment buf_size - -1999-11-14 Assar Westerlund - - * lib/krb5/krb5.h (krb5_context_data): add `scan_interfaces' - * lib/krb5/get_addrs.c (krb5_get_all_client_addrs): make interaces - scanning optional - * lib/krb5/context.c (init_context_from_config_file): set - `scan_interfaces' - - * lib/krb5/Makefile.am (libkrb5_la_SOURCES): add add_et_list.c - * lib/krb5/add_et_list.c (krb5_add_et_list): new function - -1999-11-12 Assar Westerlund - - * lib/krb5/get_default_realm.c (krb5_get_default_realm, - krb5_get_default_realms): set realms if they were unset - * lib/krb5/context.c (init_context_from_config_file): don't - initialize default realms here. it's done lazily instead. - - * lib/krb5/krb5.h (KRB5_TC_*): make constants unsigned - * lib/asn1/gen_glue.c (generate_2int, generate_units): make sure - bit constants are unsigned - * lib/asn1/gen.c (define_type): make length in sequences be - unsigned. - - * configure.in: remove duplicate test for setsockopt test for - struct tm.tm_isdst - - * lib/krb5/get_in_tkt.c (krb5_get_in_cred): generate - preauthentication information if we get back ERR_PREAUTH_REQUIRED - * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): remove - preauthentication generation code. it's now in krb5_get_in_cred - - * configure.in (AC_BROKEN_SNPRINTF): add strptime check for struct - tm.tm_gmtoff and timezone - -1999-11-11 Johan Danielsson - - * kdc/main.c: make this work with multi-db - - * kdc/kdc_locl.h: make this work with multi-db - - * kdc/config.c: make this work with multi-db - -1999-11-09 Johan Danielsson - - * kdc/misc.c: update for multi-database code - - * kdc/main.c: update for multi-database code - - * kdc/kdc_locl.h: update - - * kdc/config.c: allow us to have more than one database - -1999-11-04 Assar Westerlund - - * Release 0.2d - - * lib/krb5/Makefile.am: bump version to 5:0:0 to be safe - (krb5_context_data has changed and some code do (might) access - fields directly) - - * lib/krb5/krb5.h (krb5_context_data): add `etypes_des' - - * lib/krb5/get_cred.c (init_tgs_req): use - krb5_keytype_to_enctypes_default - - * lib/krb5/crypto.c (krb5_keytype_to_enctypes_default): new - function - - * lib/krb5/context.c (set_etypes): new function - (init_context_from_config_file): set both `etypes' and `etypes_des' - -1999-11-02 Assar Westerlund - - * configure.in (VERSION): bump to 0.2d-pre - -1999-10-29 Assar Westerlund - - * lib/krb5/principal.c (krb5_parse_name): check memory allocations - -1999-10-28 Assar Westerlund - - * Release 0.2c - - * lib/krb5/dump_config.c (print_tree): check for empty tree - - * lib/krb5/string-to-key-test.c (tests): update the test cases - with empty principals so that they actually use an empty realm and - not the default. use the correct etype for 3DES - - * lib/krb5/Makefile.am: bump version to 4:1:0 - - * kdc/config.c (configure): more careful with the port string - -1999-10-26 Assar Westerlund - - * Release 0.2b - -1999-10-20 Assar Westerlund - - * lib/krb5/Makefile.am: bump version to 4:0:0 - (krb524_convert_creds_kdc and potentially some other functions - have changed prototypes) - - * lib/hdb/Makefile.am: bump version to 4:0:1 - - * lib/asn1/Makefile.am: bump version to 1:3:0 - - * configure.in (LIB_roken): add dbopen. getcap in roken - references dbopen and with shared libraries we need to add this - dependency. - - * lib/krb5/verify_krb5_conf.c (main): support speicifying the - configuration file to test on the command line - - * lib/krb5/config_file.c (parse_binding): handle line with no - whitespace before = - (krb5_config_parse_file_debug): set lineno earlier so that we don't - use it unitialized - - * configure.in (AM_INIT_AUTOMAKE): bump to 0.2b-pre opt*: need - more include files for these tests - - * lib/krb5/set_default_realm.c (krb5_set_default_realm): use - krb5_config_get_strings, which means that your configuration file - should look like: - - [libdefaults] - default_realm = realm1 realm2 realm3 - - * lib/krb5/set_default_realm.c (config_binding_to_list): fix - copy-o. From Michal Vocu - - * kdc/config.c (configure): add a missing strdup. From Michal - Vocu - -1999-10-17 Assar Westerlund - - * Release 0.2a - - * configure.in: only test for db.h with using berkeley_db. remember - to link with LIB_tgetent when checking for el_init. add xnlock - - * appl/Makefile.am: add xnlock - - * kdc/kerberos5.c (find_etype): support null keys - - * kdc/kerberos4.c (get_des_key): support null keys - - * lib/krb5/crypto.c (krb5_get_wrapped_length): more correct - calculation - -1999-10-16 Johan Danielsson - - * kuser/kinit.c (main): pass ccache to krb524_convert_creds_kdc - -1999-10-12 Johan Danielsson - - * lib/krb5/crypto.c (krb5_enctype_to_keytype): remove warning - -1999-10-10 Assar Westerlund - - * lib/krb5/mk_req.c (krb5_mk_req): use krb5_free_host_realm - - * lib/krb5/krb5.h (krb5_ccache_data): make `ops' const - - * lib/krb5/crypto.c (krb5_string_to_salttype): new function - - * **/*.[ch]: const-ize - -1999-10-06 Assar Westerlund - - * lib/krb5/creds.c (krb5_compare_creds): const-ify - - * lib/krb5/cache.c: clean-up and comment-up - - * lib/krb5/copy_host_realm.c (krb5_copy_host_realm): copy all the - strings - - * lib/krb5/verify_user.c (krb5_verify_user_lrealm): free the - correct realm part - - * kdc/connect.c (handle_tcp): things work much better when ret is - initialized - -1999-10-03 Assar Westerlund - - * lib/krb5/convert_creds.c (krb524_convert_creds_kdc): look at the - type of the session key - - * lib/krb5/crypto.c (krb5_enctypes_compatible_keys): spell - correctly - - * lib/krb5/creds.c (krb5_compare_creds): fix spelling of - krb5_enctypes_compatible_keys - - * lib/krb5/convert_creds.c (krb524_convert_creds_kdc): get new - credentials from the KDC if the existing one doesn't have a DES - session key. - - * lib/45/get_ad_tkt.c (get_ad_tkt): update to new - krb524_convert_creds_kdc - -1999-10-03 Johan Danielsson - - * lib/krb5/keytab_keyfile.c: make krb5_akf_ops const - - * lib/krb5/keytab_memory.c: make krb5_mkt_ops const - - * lib/krb5/keytab_file.c: make krb5_fkt_ops const - -1999-10-01 Assar Westerlund - - * lib/krb5/config_file.c: rewritten to allow error messages - - * lib/krb5/Makefile.am (bin_PROGRAMS): add verify_krb5_conf - (libkrb5_la_SOURCES): add config_file_netinfo.c - - * lib/krb5/verify_krb5_conf.c: new program for verifying that - krb5.conf is corret - - * lib/krb5/config_file_netinfo.c: moved netinfo code here from - config_file.c - -1999-09-28 Assar Westerlund - - * kdc/hpropd.c (dump_krb4): kludge default_realm - - * lib/asn1/check-der.c: add test cases for Generalized time and - make sure we return the correct value - - * lib/asn1/der_put.c: simplify by using der_put_length_and_tag - - * lib/krb5/verify_user.c (krb5_verify_user_lrealm): ariant of - krb5_verify_user that tries in all the local realms - - * lib/krb5/set_default_realm.c: add support for having several - default realms - - * lib/krb5/kuserok.c (krb5_kuserok): use `krb5_get_default_realms' - - * lib/krb5/get_default_realm.c (krb5_get_default_realms): add - - * lib/krb5/krb5.h (krb5_context_data): change `default_realm' to - `default_realms' - - * lib/krb5/context.c: change from `default_realm' to - `default_realms' - - * lib/krb5/aname_to_localname.c (krb5_aname_to_localname): use - krb5_get_default_realms - - * lib/krb5/Makefile.am (libkrb5_la_SOURCES): add copy_host_realm.c - - * lib/krb5/copy_host_realm.c: new file - -1999-09-27 Johan Danielsson - - * lib/asn1/der_put.c (encode_generalized_time): encode length - - * lib/krb5/recvauth.c: new function `krb5_recvauth_match_version' - that allows more intelligent matching of the application version - -1999-09-26 Assar Westerlund - - * lib/asn1/asn1_print.c: add err.h - - * kdc/config.c (configure): use parse_bytes - - * appl/test/nt_gss_common.c: use the correct header file - -1999-09-24 Johan Danielsson - - * kuser/klist.c: add a `--cache' flag - - * kuser/kinit.c (main): only get default value for `get_v4_tgt' if - it's explicitly set in krb5.conf - -1999-09-23 Assar Westerlund - - * lib/asn1/asn1_print.c (tag_names); add another univeral tag - - * lib/asn1/der.h: update universal tags - -1999-09-22 Assar Westerlund - - * lib/asn1/asn1_print.c (loop): print length of octet string - -1999-09-21 Johan Danielsson - - * admin/ktutil.c (kt_get): add `--help' - -1999-09-21 Assar Westerlund - - * kuser/Makefile.am: add kdecode_ticket - - * kuser/kdecode_ticket.c: new debug program - - * appl/test/nt_gss_server.c: new program to test against `Sample * - SSPI Code' in Windows 2000 RC1 SDK. - - * appl/test/Makefile.am: add nt_gss_client and nt_gss_server - - * lib/asn1/der_get.c (decode_general_string): remember to advance - ret over the length-len - - * lib/asn1/Makefile.am: add asn1_print - - * lib/asn1/asn1_print.c: new program for printing DER-structures - - * lib/asn1/der_put.c: make functions more consistent - - * lib/asn1/der_get.c: make functions more consistent - -1999-09-20 Johan Danielsson - - * kdc/kerberos5.c: be more informative in pa-data error messages - -1999-09-16 Assar Westerlund - - * configure.in: test for strlcpy, strlcat - -1999-09-14 Assar Westerlund - - * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): return - KRB5_LIBOS_PWDINTR when interrupted - - * lib/krb5/get_in_tkt_pw.c (krb5_password_key_proc): check return - value from des_read_pw_string - - * kuser/kinit.c (main): don't print any error if reading the - password was interrupted - - * kpasswd/kpasswd.c (main): don't print any error if reading the - password was interrupted - - * kdc/string2key.c (main): check the return value from fgets - - * kdc/kstash.c (main): check return value from des_read_pw_string - - * admin/ktutil.c (kt_add): check the return-value from fgets and - overwrite the password for paranoid reasons - - * lib/krb5/keytab_keyfile.c (get_cell_and_realm): only remove the - newline if it's there - -1999-09-13 Assar Westerlund - - * kdc/hpropd.c (main): remove bogus error with `--print'. remove - sysloging of number of principals transferred - - * kdc/hprop.c (ka_convert): set flags correctly for krbtgt/CELL - principals - (main): get rid of bogus opening of hdb database when propagating - ka-server database - -1999-09-12 Assar Westerlund - - * lib/krb5/krb5_locl.h (O_BINARY): add fallback definition - - * lib/krb5/krb5.h (krb5_context_data): add keytab types - - * configure.in: revert back awk test, not worked around in - roken.awk - - * lib/krb5/keytab_krb4.c: remove O_BINARY - - * lib/krb5/keytab_keyfile.c: some support for AFS KeyFile's. From - Love - - * lib/krb5/keytab_file.c: remove O_BINARY - - * lib/krb5/keytab.c: move the list of keytab types to the context - - * lib/krb5/fcache.c: remove O_BINARY - - * lib/krb5/context.c (init_context_from_config_file): register all - standard cache and keytab types - (krb5_free_context): free `kt_types' - - * lib/krb5/cache.c (krb5_cc_resolve): move the registration of the - standard types of credential caches to context - - * lib/krb5/Makefile.am (libkrb5_la_SOURCES): add keytab_keyfile.c - -1999-09-10 Assar Westerlund - - * lib/krb5/keytab.c: add comments and clean-up - - * admin/ktutil.c: add `ktutil copy' - - * lib/krb5/keytab_krb4.c: new file - - * lib/krb5/krb5.h (krb5_kt_cursor): add a `data' field - - * lib/krb5/Makefile.am: add keytab_krb4.c - - * lib/krb5/keytab.c: add krb4 and correct some if's - - * admin/srvconvert.c (srvconv): move common code - - * lib/krb5/krb5.h (krb5_fkt_ops, krb5_mkt_ops): new variables - - * lib/krb5/keytab.c: move out file and memory functions - - * lib/krb5/Makefile.am (libkrb5_la_SOURCES): add keytab_file.c, - keytab_memory.c - - * lib/krb5/keytab_memory.c: new file - - * lib/krb5/keytab_file.c: new file - - * kpasswd/kpasswdd.c: move out password quality functions - -1999-09-07 Assar Westerlund - - * lib/hdb/Makefile.am (libhdb_la_SOURCES): add keytab.c. From - Love - - * lib/krb5/convert_creds.c (krb524_convert_creds_kdc): check - return value from `krb5_sendto_kdc' - -1999-09-06 Assar Westerlund - - * lib/krb5/send_to_kdc.c (send_and_recv): rename to recv_loop and - remove the sending of data. add a parameter `limit'. let callers - send the date themselves (and preferably with net_write on tcp - sockets) - (send_and_recv_tcp): read first the length field and then only that - many bytes - -1999-09-05 Assar Westerlund - - * kdc/connect.c (handle_tcp): try to print warning `TCP data of - strange type' less often - - * lib/krb5/send_to_kdc.c (send_and_recv): handle EINTR properly. - return on EOF. always free data. check return value from - realloc. - (send_and_recv_tcp, send_and_recv_http): check advertised length - against actual length - -1999-09-01 Johan Danielsson - - * configure.in: check for sgi capabilities - -1999-08-27 Johan Danielsson - - * lib/krb5/get_addrs.c: krb5_get_all_server_addrs shouldn't return - extra addresses - - * kpasswd/kpasswdd.c: use HDB keytabs; change some error messages; - add --realm flag - - * lib/krb5/address.c (krb5_append_addresses): remove duplicates - -1999-08-26 Johan Danielsson - - * lib/hdb/keytab.c: HDB keytab backend - -1999-08-25 Johan Danielsson - - * lib/krb5/keytab.c - (krb5_kt_{start_seq_get,next_entry,end_seq_get}): check for NULL - pointer - -1999-08-24 Johan Danielsson - - * kpasswd/kpasswdd.c: add `--keytab' flag - -1999-08-23 Assar Westerlund - - * lib/krb5/addr_families.c (IN6_ADDR_V6_TO_V4): use `s6_addr' - instead of the non-standard `s6_addr32'. From Yoshinobu Inoue - by way of the KAME repository - -1999-08-18 Assar Westerlund - - * configure.in (--enable-new-des3-code): remove check for `struct - addrinfo' - - * lib/krb5/crypto.c (etypes): remove NEW_DES3_CODE, enable - des3-cbc-sha1 and keep old-des3-cbc-sha1 for backwards - compatability - - * lib/krb5/krb5.h (krb5_enctype): des3-cbc-sha1 (with key - derivation) just got assigned etype 16 by . keep the - old etype at 7. - -1999-08-16 Assar Westerlund - - * lib/krb5/sendauth.c (krb5_sendauth): only look at errno if - krb5_net_read actually returns -1 - - * lib/krb5/recvauth.c (krb5_recvauth): only look at errno if - krb5_net_read actually returns -1 - - * appl/kf/kf.c (proto): don't trust errno if krb5_net_read hasn't - returned -1 - - * appl/test/tcp_server.c (proto): only trust errno if - krb5_net_read actually returns -1 - - * appl/kf/kfd.c (proto): be more careful with the return value - from krb5_net_read - -1999-08-13 Assar Westerlund - - * lib/krb5/get_addrs.c (get_addrs_int): try the different ways - sequentially instead of just one. this helps if your heimdal was - built with v6-support but your kernel doesn't have it, for - example. - -1999-08-12 Assar Westerlund - - * kdc/hpropd.c: add inetd flag. default means try to figure out - if stdin is a socket or not. - - * Makefile.am (ACLOCAL): just use `cf', this variable is only used - when the current directory is $(top_srcdir) anyways and having - $(top_srcdir) there breaks if it's a relative path - -1999-08-09 Johan Danielsson - - * configure.in: check for setproctitle - -1999-08-05 Assar Westerlund - - * lib/krb5/principal.c (krb5_sname_to_principal): remember to call - freehostent - - * appl/test/tcp_client.c: call freehostent - - * appl/kf/kf.c (doit): call freehostent - - * appl/kf/kf.c: make v6 friendly and simplify - - * appl/kf/kfd.c: make v6 friendly and simplify - - * appl/test/tcp_server.c: simplify by using krb5_err instead of - errx - - * appl/test/tcp_client.c: simplify by using krb5_err instead of - errx - - * appl/test/tcp_server.c: make v6 friendly and simplify - - * appl/test/tcp_client.c: make v6 friendly and simplify - -1999-08-04 Assar Westerlund - - * Release 0.1m - -1999-08-04 Assar Westerlund - - * kuser/kinit.c (main): some more KRB4-conditionalizing - - * lib/krb5/get_in_tkt.c: type correctness - - * lib/krb5/get_for_creds.c (krb5_fwd_tgs_creds): set forwarded in - flags. From Miroslav Ruda - - * kuser/kinit.c (main): add config file support for forwardable - and krb4 support. From Miroslav Ruda - - * kdc/kerberos5.c (as_rep): add an empty X500-compress string as - transited. - (fix_transited_encoding): check length. - From Miroslav Ruda - - * kdc/hpropd.c (dump_krb4): check the realm so that we don't dump - principals in some other realm. From Miroslav Ruda - - (main): rename sa_len -> sin_len, sa_lan is a define on some - platforms. - - * appl/kf/kfd.c: add regpag support. From Miroslav Ruda - - - * appl/kf/kf.c: add `-G' and forwardable option in krb5.conf. - From Miroslav Ruda - - * lib/krb5/config_file.c (parse_list): don't run past end of line - - * appl/test/gss_common.h: new prototypes - - * appl/test/gssapi_client.c: use gss_err instead of abort - - * appl/test/gss_common.c (gss_verr, gss_err): add - -1999-08-03 Assar Westerlund - - * lib/krb5/Makefile.am (n_fold_test_LDADD): need to set this - otherwise it doesn't build with shared libraries - - * kdc/hpropd.c: v6-ify - - * kdc/hprop.c: v6-ify - -1999-08-01 Assar Westerlund - - * lib/krb5/mk_req.c (krb5_mk_req): use krb5_expand_hostname - -1999-07-31 Assar Westerlund - - * lib/krb5/get_host_realm.c (krb5_get_host_realm_int): new - function that takes a FQDN - - * lib/krb5/Makefile.am (libkrb5_la_SOURCES): add exapnd_hostname.c - - * lib/krb5/expand_hostname.c: new file - -1999-07-28 Assar Westerlund - - * Release 0.1l - -1999-07-28 Assar Westerlund - - * lib/asn1/Makefile.am: bump version to 1:2:0 - - * lib/krb5/Makefile.am: bump version to 3:1:0 - - * configure.in: more inet_pton to roken - - * lib/krb5/principal.c (krb5_sname_to_principal): use - getipnodebyname - -1999-07-26 Assar Westerlund - - * Release 0.1k - -1999-07-26 Johan Danielsson - - * lib/krb5/Makefile.am: bump version number (changed function - signatures) - - * lib/hdb/Makefile.am: bump version number (changes to some - function signatures) - -1999-07-26 Assar Westerlund - - * lib/krb5/Makefile.am: bump version to 3:0:2 - - * lib/hdb/Makefile.am: bump version to 2:1:0 - - * lib/asn1/Makefile.am: bump version to 1:1:0 - -1999-07-26 Assar Westerlund - - * Release 0.1j - -1999-07-26 Assar Westerlund - - * configure.in: rokenize inet_ntop - - * lib/krb5/store_fd.c: lots of changes from size_t to ssize_t - - * lib/krb5/store_mem.c: lots of changes from size_t to ssize_t - - * lib/krb5/store_emem.c: lots of changes from size_t to ssize_t - - * lib/krb5/store.c: lots of changes from size_t to ssize_t - (krb5_ret_stringz): check return value from realloc - - * lib/krb5/mk_safe.c: some type correctness - - * lib/krb5/mk_priv.c: some type correctness - - * lib/krb5/krb5.h (krb5_storage): change return values of - functions from size_t to ssize_t - -1999-07-24 Assar Westerlund - - * Release 0.1i - - * configure.in (AC_PROG_AWK): disable. mawk seems to mishandle \# - in lib/roken/roken.awk - - * lib/krb5/get_addrs.c (find_all_addresses): try to use SA_LEN to - step over addresses if there's no `sa_lan' field - - * lib/krb5/sock_principal.c (krb5_sock_to_principal): simplify by - using `struct sockaddr_storage' - - * lib/krb5/send_to_kdc.c (krb5_sendto_kdc): simplify by using - `struct sockaddr_storage' - - * lib/krb5/changepw.c (krb5_change_password): simplify by using - `struct sockaddr_storage' - - * lib/krb5/auth_context.c (krb5_auth_con_setaddrs_from_fd): - simplify by using `struct sockaddr_storage' - - * kpasswd/kpasswdd.c (*): simplify by using `struct - sockaddr_storage' - - * kdc/connect.c (*): simplify by using `struct sockaddr_storage' - - * configure.in (sa_family_t): just test for existence - (sockaddr_storage): also specify include file - - * configure.in (AM_INIT_AUTOMAKE): bump version to 0.1i - (sa_family_t): test for - (struct sockaddr_storage): test for - - * kdc/hprop.c (propagate_database): typo, NULL should be - auth_context - - * lib/krb5/get_addrs.c: conditionalize on HAVE_IPV6 instead of - AF_INET6 - - * appl/kf/kf.c (main): use warnx - - * appl/kf/kf.c (proto): remove shadowing context - - * lib/krb5/get_addrs.c (find_all_addresses): try to handle the - case of getting back an `sockaddr_in6' address when sizeof(struct - sockaddr_in6) > sizeof(struct sockaddr) and we have no sa_len to - tell us how large the address is. This obviously doesn't work - with unknown protocol types. - -1999-07-24 Assar Westerlund - - * Release 0.1h - -1999-07-23 Assar Westerlund - - * appl/kf/kfd.c: clean-up and more paranoia - - * etc/services.append: add kf - - * appl/kf/kf.c: rename tk_file to ccache for consistency. clean-up - -1999-07-22 Assar Westerlund - - * lib/krb5/n-fold-test.c (main): print the correct data - - * appl/Makefile.am (SUBDIRS): add kf - - * appl/kf: new program. From Miroslav Ruda - - * kdc/hprop.c: declare some variables unconditionally to simplify - things - - * kpasswd/kpasswdd.c: initialize kadm5 connection for every change - (otherwise the modifier in the database doesn't get set) - - * kdc/hpropd.c: clean-up and re-organize - - * kdc/hprop.c: clean-up and re-organize - - * configure.in (SunOS): define to xy for SunOS x.y - -1999-07-19 Assar Westerlund - - * configure.in (AC_BROKEN): test for copyhostent, freehostent, - getipnodebyaddr, getipnodebyname - -1999-07-15 Assar Westerlund - - * lib/asn1/check-der.c: more test cases for integers - - * lib/asn1/der_length.c (length_int): handle the case of the - largest negative integer by not calling abs - -1999-07-14 Assar Westerlund - - * lib/asn1/check-der.c (generic_test): check malloc return value - properly - - * lib/krb5/Makefile.am: add string_to_key_test - - * lib/krb5/prog_setup.c (krb5_program_setup): always initialize - the context - - * lib/krb5/n-fold-test.c (main): return a relevant return value - - * lib/krb5/krbhst.c: do SRV lookups for admin server as well. - some clean-up. - -1999-07-12 Assar Westerlund - - * configure.in: handle not building X programs - -1999-07-06 Assar Westerlund - - * lib/krb5/addr_families.c (ipv6_parse_addr): remove duplicate - variable - (ipv6_sockaddr2port): fix typo - - * etc/services.append: beginning of a file with services - - * lib/krb5/cache.c (krb5_cc_resolve): fall-back to files if - there's no prefix. also clean-up a little bit. - - * kdc/hprop.c (--kaspecials): new flag for handling special KA - server entries. From "Brandon S. Allbery KF8NH" - - -1999-07-05 Assar Westerlund - - * kdc/connect.c (handle_tcp): make sure we have data before - starting to look for HTTP - - * kdc/connect.c (handle_tcp): always do getpeername, we can't - trust recvfrom to return anything sensible - -1999-07-04 Assar Westerlund - - * lib/krb5/get_in_tkt.c (add_padat): encrypt pre-auth data with - all enctypes - - * kpasswd/kpasswdd.c (change): fetch the salt-type from the entry - - * admin/srvconvert.c (srvconv): better error messages - -1999-07-03 Assar Westerlund - - * lib/krb5/principal.c (unparse_name): error check malloc properly - - * lib/krb5/get_in_tkt.c (krb5_init_etype): error check malloc - properly - - * lib/krb5/crypto.c (*): do some malloc return-value checks - properly - - * lib/hdb/hdb.c (hdb_process_master_key): simplify by using - krb5_data_alloc - - * lib/hdb/hdb.c (hdb_process_master_key): check return value from - malloc - - * lib/asn1/gen_decode.c (decode_type): fix generation of decoding - information for TSequenceOf. - - * kdc/kerberos5.c (get_pa_etype_info): check return value from - malloc - -1999-07-02 Assar Westerlund - - * lib/asn1/der_copy.c (copy_octet_string): don't fail if length == - 0 and malloc returns NULL - -1999-06-29 Assar Westerlund - - * lib/krb5/addr_families.c (ipv6_parse_addr): implement - -1999-06-24 Assar Westerlund - - * lib/krb5/rd_cred.c (krb5_rd_cred): compare the sender's address - as an addrport one - - * lib/krb5/krb5.h (KRB5_ADDRESS_ADDRPORT, KRB5_ADDRESS_IPPORT): - add - (krb5_auth_context): add local and remote port - - * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): get the - local and remote address and add them to the krb-cred packet - - * lib/krb5/auth_context.c: save the local and remove ports in the - auth_context - - * lib/krb5/address.c (krb5_make_addrport): create an address of - type KRB5_ADDRESS_ADDRPORT from (addr, port) - - * lib/krb5/addr_families.c (krb5_sockaddr2port): new function for - grabbing the port number out of the sockaddr - -1999-06-23 Assar Westerlund - - * admin/srvcreate.c (srvcreate): always take the DES-CBC-MD5 key. - increase possible verbosity. - - * lib/krb5/config_file.c (parse_list): handle blank lines at - another place - - * kdc/connect.c (add_port_string): don't return a value - - * lib/kadm5/init_c.c (get_cred_cache): you cannot reuse the cred - cache if the principals are different. close and NULL the old one - so that we create a new one. - - * configure.in: move around cgywin et al - (LIB_kdb): set at the end of krb4-block - (krb4): test for krb_enable_debug and krb_disable_debug - -1999-06-16 Assar Westerlund - - * kuser/kdestroy.c (main): try to destroy v4 ticket even if the - destruction of the v5 one fails - - * lib/krb5/crypto.c (DES3_postproc): new version that does the - right thing - (*): don't put and recover length in 3DES encoding - other small fixes - -1999-06-15 Assar Westerlund - - * lib/krb5/get_default_principal.c: rewrite to use - get_default_username - - * lib/krb5/Makefile.am: add n-fold-test - - * kdc/connect.c: add fallbacks for all lookups by service name - (handle_tcp): break-up and clean-up - -1999-06-09 Assar Westerlund - - * lib/krb5/addr_families.c (ipv6_uninteresting): don't consider - the loopback address as uninteresting - - * lib/krb5/get_addrs.c: new magic flag to get loopback address if - there are no other addresses. - (krb5_get_all_client_addrs): use that flag - -1999-06-04 Assar Westerlund - - * lib/krb5/crypto.c (HMAC_SHA1_DES3_checksum): don't include the - length - (checksum_sha1, checksum_hmac_sha1_des3): blocksize should be 64 - (encrypt_internal_derived): don't include the length and don't - decrease by the checksum size twice - (_get_derived_key): the constant should be 5 bytes - -1999-06-02 Johan Danielsson - - * configure.in: use KRB_CHECK_X - - * configure.in: check for netinet/ip.h - -1999-05-31 Assar Westerlund - - * kpasswd/kpasswdd.c (setup_passwd_quality_check): conditionalize - on RTLD_NOW - -1999-05-23 Assar Westerlund - - * appl/test/uu_server.c: removed unused stuff - - * appl/test/uu_client.c: removed unused stuff - -1999-05-21 Assar Westerlund - - * kuser/kgetcred.c (main): correct error message - - * lib/krb5/crypto.c (verify_checksum): call (*ct->checksum) - directly, avoiding redundant lookups and memory leaks - - * lib/krb5/auth_context.c (krb5_auth_con_setaddrs_from_fd): free - local and remote addresses - - * lib/krb5/get_default_principal.c (get_logname): also try - $USERNAME - - * lib/asn1/Makefile.am (asn1_files): add $(EXEEXT) - - * lib/krb5/principal.c (USE_RESOLVER): try to define only if we - have a libresolv (currently by checking for res_search) - -1999-05-18 Johan Danielsson - - * kdc/connect.c (handle_tcp): remove %-escapes in request - -1999-05-14 Assar Westerlund - - * Release 0.1g - - * admin/ktutil.c (kt_remove): -t should be -e - - * configure.in (CHECK_NETINET_IP_AND_TCP): use - - * kdc/hpropd.c: support for dumping to krb4. From Miroslav Ruda - - - * admin/ktutil.c (kt_add): new option `--no-salt'. From Miroslav - Ruda - - * configure.in: add cygwin and DOS tests replace sendmsg, recvmsg, - and innetgr with roken versions - - * kuser/kgetcred.c: new program - -Tue May 11 14:09:33 1999 Johan Danielsson - - * lib/krb5/mcache.c: fix paste-o - -1999-05-10 Johan Danielsson - - * configure.in: don't use uname - -1999-05-10 Assar Westerlund - - * acconfig.h (KRB_PUT_INT): if we don't have KRB4 use four - arguments :-) - - * appl/test/uu_server.c (setsockopt): cast to get rid of a warning - - * appl/test/tcp_server.c (setsockopt): cast to get rid of a - warning - - * appl/test/tcp_client.c (proto): call krb5_sendauth with ccache - == NULL - - * appl/test/gssapi_server.c (setsockopt): cast to get rid of a - warning - - * lib/krb5/sendauth.c (krb5_sendauth): handle ccache == NULL by - setting the default ccache. - - * configure.in (getsockopt, setsockopt): test for - (AM_INIT_AUTOMAKE): bump version to 0.1g - - * appl/Makefile.am (SUBDIRS): add kx - - * lib/hdb/convert_db.c (main): handle the case of no master key - -1999-05-09 Assar Westerlund - - * Release 0.1f - - * kuser/kinit.c: add --noaddresses - - * lib/krb5/get_in_tkt.c (init_as_req): interpret `addrs' being an - empty sit of list as to not ask for any addresses. - -1999-05-08 Assar Westerlund - - * acconfig.h (_GNU_SOURCE): define this to enable (used) - extensions on glibc-based systems such as linux - -1999-05-03 Assar Westerlund - - * lib/krb5/get_cred.c (get_cred_from_kdc_flags): allocate and free - `*out_creds' properly - - * lib/krb5/creds.c (krb5_compare_creds): just verify that the - keytypes/enctypes are compatible, not that they are the same - - * kuser/kdestroy.c (cache): const-correctness - -1999-05-03 Johan Danielsson - - * lib/hdb/hdb.c (hdb_set_master_key): initialise master key - version - - * lib/hdb/convert_db.c: add support for upgrading database - versions - - * kdc/misc.c: add flags to fetch - - * kdc/kstash.c: unlink keyfile on failure, chmod to 400 - - * kdc/hpropd.c: add --print option - - * kdc/hprop.c: pass flags to hdb_foreach - - * lib/hdb/convert_db.c: add some flags - - * lib/hdb/Makefile.am: remove extra LDFLAGS, update version to 2; - build prototype headers - - * lib/hdb/hdb_locl.h: update prototypes - - * lib/hdb/print.c: move printable version of entry from kadmin - - * lib/hdb/hdb.c: change hdb_{seal,unseal}_* to check if the key is - sealed or not; add flags to hdb_foreach - - * lib/hdb/ndbm.c: add flags to NDBM_seq, NDBM_firstkey, and - NDBM_nextkey - - * lib/hdb/db.c: add flags to DB_seq, DB_firstkey, and DB_nextkey - - * lib/hdb/common.c: add flags to _hdb_{fetch,store} - - * lib/hdb/hdb.h: add master_key_version to struct hdb, update - prototypes - - * lib/hdb/hdb.asn1: make mkvno optional, update version to 2 - - * configure.in: --enable-netinfo - - * lib/krb5/config_file.c: HAVE_NETINFO_NI_H -> HAVE_NETINFO - - * config.sub: fix for crays - - * config.guess: new version from automake 1.4 - - * config.sub: new version from automake 1.4 - -Wed Apr 28 00:21:17 1999 Assar Westerlund - - * Release 0.1e - - * lib/krb5/mcache.c (mcc_get_next): get the current cursor - correctly - - * acconfig.h: correct definition of KRB_PUT_INT for old krb4 code. - From Ake Sandgren - -1999-04-27 Johan Danielsson - - * kdc/kerberos5.c: fix arguments to decrypt_ticket - -1999-04-25 Assar Westerlund - - * lib/krb5/mk_req_ext.c (krb5_mk_req_internal): try to handle old - DCE secd's that are not able to handle MD5 checksums by defaulting - to MD4 if the keytype was DES-CBC-CRC - - * lib/krb5/mk_req.c (krb5_mk_req): use auth_context->keytype - - * lib/krb5/krb5.h (krb5_auth_context_data): add `keytype' and - `cksumtype' - - * lib/krb5/get_cred.c (make_pa_tgs_req): remove old kludge for - secd - (init_tgs_req): add all supported enctypes for the keytype in - `in_creds->session.keytype' if it's set - - * lib/krb5/crypto.c (F_PSEUDO): new flag for non-protocol - encryption types - (do_checksum): new function - (verify_checksum): take the checksum to use from the checksum message - and not from the crypto struct - (etypes): add F_PSEUDO flags - (krb5_keytype_to_enctypes): new function - - * lib/krb5/auth_context.c (krb5_auth_con_init): initalize keytype - and cksumtype - (krb5_auth_setcksumtype, krb5_auth_getcksumtype): implement - (krb5_auth_setkeytype, krb5_auth_getkeytype): implement - (krb5_auth_setenctype): comment out, it's rather bogus anyway - -Sun Apr 25 16:55:50 1999 Johan Danielsson - - * lib/krb5/krb5_locl.h: fix for stupid aix warnings - - * lib/krb5/fcache.c (erase_file): don't malloc - -Sat Apr 24 18:35:21 1999 Johan Danielsson - - * kdc/config.c: pass context to krb5_config_file_free - - * kuser/kinit.c: add `--fcache-version' to set cache version to - create - - * kuser/klist.c: print cache version if verbose - - * lib/krb5/transited.c (krb5_domain_x500_decode): don't abort - - * lib/krb5/principal.c: abort -> krb5_abortx - - * lib/krb5/mk_rep.c: abort -> krb5_abortx - - * lib/krb5/config_file.c: abort -> krb5_abortx - - * lib/krb5/context.c (init_context_from_config_file): init - fcache_version; add krb5_{get,set}_fcache_version - - * lib/krb5/keytab.c: add support for reading (and writing?) old - version keytabs - - * lib/krb5/cache.c: add krb5_cc_get_version - - * lib/krb5/fcache.c: add support for reading and writing old - version cache files - - * lib/krb5/store_mem.c (krb5_storage_from_mem): zero flags - - * lib/krb5/store_emem.c (krb5_storage_emem): zero flags - - * lib/krb5/store_fd.c (krb5_storage_from_fd): zero flags - - * lib/krb5/store.c: add flags to change how various fields are - stored, used for old cache version support - - * lib/krb5/krb5.h: add support for reading and writing old version - cache files, and keytabs - -Wed Apr 21 00:09:26 1999 Assar Westerlund - - * configure.in: fix test for readline.h remember to link with - $LIB_tgetent when trying linking with readline - - * lib/krb5/init_creds_pw.c (get_init_creds_common): if start_time - is given, request a postdated ticket. - - * lib/krb5/data.c (krb5_data_free): free data as long as it's not - NULL - -Tue Apr 20 20:18:14 1999 Assar Westerlund - - * kpasswd/Makefile.am (kpasswdd_LDADD): add LIB_dlopen - - * lib/krb5/krb5.h (KRB5_VERIFY_AP_REQ_IGNORE_INVALID): add - - * lib/krb5/rd_req.c (krb5_decrypt_ticket): add `flags` and - KRB5_VERIFY_AP_REQ_IGNORE_INVALID for ignoring that the ticket is - invalid - -Tue Apr 20 12:42:08 1999 Johan Danielsson - - * kpasswd/kpasswdd.c: don't try to load library by default; get - library and function name from krb5.conf - - * kpasswd/sample_passwd_check.c: sample password checking - functions - -Mon Apr 19 22:22:19 1999 Assar Westerlund - - * lib/krb5/store.c (krb5_storage_to_data, krb5_ret_data): use - krb5_data_alloc and be careful with checking allocation and sizes. - - * kuser/klist.c (--tokens): conditionalize on KRB4 - - * kuser/kinit.c (renew_validate): set all flags - (main): fix cut-n-paste error when setting start-time - - * kdc/kerberos5.c (check_tgs_flags): starttime of a validate - ticket should be > than current time - (*): send flags to krb5_verify_ap_req and krb5_decrypt_ticket - - * kuser/kinit.c (renew_validate): use the client realm instead of - the local realm when renewing tickets. - - * lib/krb5/get_for_creds.c (krb5_fwd_tgs_creds): compat function - (krb5_get_forwarded_creds): correct freeing of out_creds - - * kuser/kinit.c (renew_validate): hopefully fix up freeing of - memory - - * configure.in: do all the krb4 tests with "$krb4" != "no" - - * lib/krb5/keyblock.c (krb5_free_keyblock_contents): don't zero - keyvalue if it's NULL. noticed by Ake Sandgren - - * lib/krb5/get_in_tkt.c (add_padata): loop over all enctypes - instead of just taking the first one. fix all callers. From - "Brandon S. Allbery KF8NH" - - * kdc/kdc_locl.h (enable_kaserver): declaration - - * kdc/hprop.c (ka_convert): print the failing principal. AFS 3.4a - creates krbtgt.REALMOFCELL as NOTGS+NOSEAL, work around. From - "Brandon S. Allbery KF8NH" - - * kdc/hpropd.c (open_socket): stupid cast to get rid of a warning - - * kdc/connect.c (add_standard_ports, process_request): look at - enable_kaserver. From "Brandon S. Allbery KF8NH" - - - * kdc/config.c: new flag --kaserver and config file option - enable-kaserver. From "Brandon S. Allbery KF8NH" - - -Mon Apr 19 12:32:04 1999 Johan Danielsson - - * configure.in: check for dlopen, and dlfcn.h - - * kpasswd/kpasswdd.c: add support for dlopen:ing password quality - check library - - * configure.in: add appl/su - -Sun Apr 18 15:46:53 1999 Johan Danielsson - - * lib/krb5/cache.c: add krb5_cc_get_type that returns type of a - cache - -Fri Apr 16 17:58:51 1999 Assar Westerlund - - * configure.in: LIB_kdb: -L should be before -lkdb - test for prototype of strsep - -Thu Apr 15 11:34:38 1999 Johan Danielsson - - * lib/krb5/Makefile.am: update version - - * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): use - ALLOC_SEQ - - * lib/krb5/fcache.c: add some support for reading and writing old - cache formats; - (fcc_store_cred): use krb5_store_creds; (fcc_read_cred): use - krb5_ret_creds - - * lib/krb5/store_mem.c (krb5_storage_from_mem): check malloc, - initialize host_byteorder - - * lib/krb5/store_fd.c (krb5_storage_from_fd): initialize - host_byteorder - - * lib/krb5/store_emem.c (krb5_storage_emem): initialize - host_byteorder - - * lib/krb5/store.c (krb5_storage_set_host_byteorder): add; - (krb5_store_int32,krb5_ret_int32,krb5_store_int16,krb5_ret_int16): - check host_byteorder flag; (krb5_store_creds): add; - (krb5_ret_creds): add - - * lib/krb5/krb5.h (krb5_storage): add `host_byteorder' flag for - storage of numbers - - * lib/krb5/heim_err.et: add `host not found' error - - * kdc/connect.c: don't use data after clearing decriptor - - * lib/krb5/auth_context.c: abort -> krb5_abortx - - * lib/krb5/warn.c: add __attribute__; add *abort functions - - * configure.in: check for __attribute__ - - * kdc/connect.c: log bogus requests - -Tue Apr 13 18:38:05 1999 Johan Danielsson - - * lib/kadm5/create_s.c (kadm5_s_create_principal): create v4 salts - for all DES keys - -1999-04-12 Assar Westerlund - - * lib/krb5/get_cred.c (init_tgs_req): re-structure a little bit - - * lib/krb5/get_cred.c (init_tgs_req): some more error checking - - * lib/krb5/generate_subkey.c (krb5_generate_subkey): check return - value from malloc - -Sun Apr 11 03:47:23 1999 Johan Danielsson - - * lib/krb5/krb5.conf.5: update to reality - - * lib/krb5/krb5_425_conv_principal.3: update to reality - -1999-04-11 Assar Westerlund - - * lib/krb5/get_host_realm.c: handle more than one realm for a host - - * kpasswd/kpasswd.c (main): use krb5_program_setup and - print_version - - * kdc/string2key.c (main): use krb5_program_setup and - print_version - -Sun Apr 11 02:35:58 1999 Johan Danielsson - - * lib/krb5/principal.c (krb5_524_conv_principal): make it actually - work, and check built-in list of host-type first-components - - * lib/krb5/krbhst.c: lookup SRV-records to find a kdc for a realm - - * lib/krb5/context.c: add srv_* flags to context - - * lib/krb5/principal.c: add default v4_name_convert entries - - * lib/krb5/krb5.h: add srv_* flags to context - -Sat Apr 10 22:52:28 1999 Johan Danielsson - - * kadmin/kadmin.c: complain about un-recognised commands - - * admin/ktutil.c: complain about un-recognised commands - -Sat Apr 10 15:41:49 1999 Assar Westerlund - - * kadmin/load.c (doit): fix error message - - * lib/krb5/crypto.c (encrypt_internal): free checksum if lengths - fail to match. - (krb5_get_wrapped_length): new function - - * configure.in: security/pam_modules.h: check for - - * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): kludge - around `ret_as_reply' semantics by only freeing it when ret == 0 - -Fri Apr 9 20:24:04 1999 Assar Westerlund - - * kuser/klist.c (print_cred_verbose): handle the case of a bad - enctype - - * configure.in: test for more header files - (LIB_roken): set - -Thu Apr 8 15:01:59 1999 Johan Danielsson - - * configure.in: fixes for building w/o krb4 - - * ltmain.sh: update to libtool 1.2d - - * ltconfig: update to libtool 1.2d - -Wed Apr 7 23:37:26 1999 Assar Westerlund - - * kdc/hpropd.c: fix some error messages to be more understandable. - - * kdc/hprop.c (ka_dump): remove unused variables - - * appl/test/tcp_server.c: remove unused variables - - * appl/test/gssapi_server.c: remove unused variables - - * appl/test/gssapi_client.c: remove unused variables - -Wed Apr 7 14:05:15 1999 Johan Danielsson - - * lib/krb5/context.c (krb5_get_err_text): long -> krb5_error_code - - * kuser/klist.c: make it compile w/o krb4 - - * kuser/kdestroy.c: make it compile w/o krb4 - - * admin/ktutil.c: fix {srv,key}2{srv,key}tab confusion; add help - strings - -Mon Apr 5 16:13:46 1999 Johan Danielsson - - * configure.in: test for MIPS ABI; new test_package - -Thu Apr 1 11:00:40 1999 Johan Danielsson - - * include/Makefile.am: clean krb5-private.h - - * Release 0.1d - - * kpasswd/kpasswdd.c (doit): pass context to - krb5_get_all_client_addrs - - * kdc/connect.c (init_sockets): pass context to - krb5_get_all_server_addrs - - * lib/krb5/get_in_tkt.c (init_as_req): pass context to - krb5_get_all_client_addrs - - * lib/krb5/get_cred.c (get_cred_kdc_la): pass context to - krb5_get_all_client_addrs - - * lib/krb5/get_addrs.c (get_addrs_int): add extra host addresses - - * lib/krb5/krb5.h: add support for adding an extra set of - addresses - - * lib/krb5/context.c: add support for adding an extra set of - addresses - - * lib/krb5/addr_families.c: add krb5_parse_address - - * lib/krb5/address.c: krb5_append_addresses - - * lib/krb5/config_file.c (parse_binding): don't zap everything - after first whitespace - - * kuser/kinit.c (renew_validate): don't allocate out - - * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): don't - allocate out_creds - - * lib/krb5/get_cred.c (get_cred_kdc, get_cred_kdc_la): make - out_creds pointer; - (krb5_get_kdc_cred): allocate out_creds; (get_cred_from_kdc_flags): - free more memory - - * lib/krb5/crypto.c (encrypt_internal): free checksum - - * lib/krb5/convert_creds.c (krb524_convert_creds_kdc): free reply, - and ticket - - * kuser/Makefile.am: remove kfoo - - * lib/Makefile.am: add auth - - * lib/kadm5/iprop.h: getarg.h - - * lib/kadm5/replay_log.c: use getarg - - * lib/kadm5/ipropd_slave.c: use getarg - - * lib/kadm5/ipropd_master.c: use getarg - - * lib/kadm5/dump_log.c: use getarg - - * kpasswd/kpasswdd.c: use getarg - - * Makefile.am.common: make a more working check-local target - - * lib/asn1/main.c: use getargs - -Mon Mar 29 20:19:57 1999 Johan Danielsson - - * kuser/klist.c (print_cred_verbose): use krb5_print_address - - * lib/kadm5/server.c: k_{put,get}_int -> _krb5_{put,get}_int - - * lib/krb5/addr_families.c (krb5_print_address): handle unknown - address types; (ipv6_print_addr): print in 16-bit groups (as it - should) - - * lib/krb5/crc.c: crc_{init_table,update} -> - _krb5_crc_{init_table,update} - - * lib/krb5/crypto.c: k_{put,get}_int -> _krb5_{put,get}_int - crc_{init_table,update} -> _krb5_crc_{init_table,update} - - * lib/krb5/send_to_kdc.c: k_{put,get}_int -> _krb5_{put,get}_int - - * lib/krb5/store.c: k_{put,get}_int -> _krb5_{put,get}_int - - * lib/krb5/krb5_locl.h: include krb5-private.h - - * kdc/connect.c (addr_to_string): use krb5_print_address - - * lib/krb5/addr_families.c (krb5_print_address): int -> size_t - - * lib/krb5/addr_families.c: add support for printing ipv6 - addresses, either with inet_ntop, or ugly for-loop - - * kdc/524.c: check that the ticket came from a valid address; use - the address of the connection as the address to put in the v4 - ticket (if this address is AF_INET) - - * kdc/connect.c: pass addr to do_524 - - * kdc/kdc_locl.h: prototype for do_524 - -Sat Mar 27 17:48:31 1999 Johan Danielsson - - * configure.in: check for OSF C2; bind/bitypes.h, getudbnam, - setlim; check for auth modules; siad.h, getpwnam_r; - lib/auth/Makefile, lib/auth/sia/Makefile - - * lib/krb5/crypto.c: n_fold -> _krb5_n_fold - - * lib/krb5/n-fold.c: n_fold -> _krb5_n_fold - -Thu Mar 25 04:35:21 1999 Assar Westerlund - - * lib/kadm5/set_keys.c (_kadm5_set_keys): free salt when zapping - it - - * lib/kadm5/free.c (kadm5_free_principal_ent): free `key_data' - - * lib/hdb/ndbm.c (NDBM_destroy): clear master key - - * lib/hdb/db.c (DB_destroy): clear master key - (DB_open): check malloc - - * kdc/connect.c (init_sockets): free addresses - - * kadmin/kadmin.c (main): make code more consistent. always free - configuration information. - - * kadmin/init.c (create_random_entry): free the entry - -Wed Mar 24 04:02:03 1999 Assar Westerlund - - * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): - re-organize the code to always free `kdc_reply' - - * lib/krb5/get_in_tkt.c (krb5_get_in_cred): be more careful about - freeing memory - - * lib/krb5/fcache.c (fcc_destroy): don't call fcc_close - - * lib/krb5/crypto.c (krb5_crypto_destroy): free `crypto' - - * lib/hdb/hdb_locl.h: try db_185.h first in case db.h is a DB 2.0 - header - - * configure.in (db_185.h): check for - - * admin/srvcreate.c: new file. contributed by Daniel Kouril - - - * admin/ktutil.c: srvcreate: new command - - * kuser/klist.c: add support for printing AFS tokens - - * kuser/kdestroy.c: add support for destroying v4 tickets and AFS - tokens. based on code by Love - - * kuser/Makefile.am (kdestroy_LDADD, klist_LDADD): more libraries - - * configure.in: sys/ioccom.h: test for - - * kuser/klist.c (main): don't print `no ticket file' with --test. - From: Love - - * kpasswd/kpasswdd.c (doit): more braces to make gcc happy - - * kdc/connect.c (init_socket): get rid of a stupid warning - - * include/bits.c (my_strupr): cast away some stupid warnings - -Tue Mar 23 14:34:44 1999 Johan Danielsson - - * lib/krb5/get_host_realm.c (krb5_get_host_realm): no infinite - loops, please - -Tue Mar 23 00:00:45 1999 Assar Westerlund - - * lib/kadm5/Makefile.am (install_build_headers): recover from make - rewriting the names of the headers kludge to help solaris make - - * lib/krb5/Makefile.am: kludge to help solaris make - - * lib/hdb/Makefile.am: kludge to help solaris make - - * configure.in (LIB_kdb): make sure there's a -L option in here by - adding $(LIB_krb4) - - * lib/asn1/gen_glue.c (generate_2int, generate_int2): int -> - unsigned - - * configure.in (SunOS): set to a number KRB4, KRB5 conditionals: - remove the `dnl' to work around an automake flaw - -Sun Mar 21 15:08:49 1999 Johan Danielsson - - * lib/krb5/get_default_realm.c: char* -> krb5_realm - -Sun Mar 21 14:08:30 1999 Johan Danielsson - - * include/bits.c: - - * lib/krb5/Makefile.am: create krb5-private.h - -Sat Mar 20 00:08:59 1999 Assar Westerlund - - * configure.in (gethostname): remove duplicate - -Fri Mar 19 14:48:03 1999 Johan Danielsson - - * lib/hdb/Makefile.am: add version-info - - * lib/gssapi/Makefile.am: add version-info - - * lib/asn1/Makefile.am: use $(x:y=z) make syntax; move check-der - to check_PROGRAMS - - * lib/Makefile.am: add 45 - - * lib/kadm5/Makefile.am: split in client and server libraries - (breaks shared libraries otherwise) - -Thu Mar 18 11:33:30 1999 Johan Danielsson - - * include/kadm5/Makefile.am: clean a lot of header files (since - automake lacks a clean-hook) - - * include/Makefile.am: clean a lot of header files (since automake - lacks a clean-hook) - - * lib/kadm5/Makefile.am: fix build-installation of headers - - * lib/krb5/Makefile.am: remove include_dir hack - - * lib/hdb/Makefile.am: remove include_dir hack - - * lib/asn1/Makefile.am: remove include_dir hack - - * include/Makefile.am: remove include_dir hack - - * doc/whatis.texi: define sub for html - - * configure.in: LIB_kdb, have_err_h, have_fnmatch_h, have_glob_h - - * lib/asn1/Makefile.am: der.h - - * kpasswd/kpasswdd.c: admin.h -> kadm5/admin.h - - * kdc/Makefile.am: remove junk - - * kadmin/Makefile.am: sl.a -> sl.la - - * appl/afsutil/Makefile.am: remove EXTRA_bin_PROGRAMS - - * admin/Makefile.am: sl.a -> sl.la - - * configure.in: condition KRB5; AC_CHECK_XAU - - * Makefile.am: include Makefile.am.common - - * include/kadm5/Makefile.am: include Makefile.am.common; don't - install headers from here - - * include/Makefile.am: include Makefile.am.common; don't install - headers from here - - * doc/Makefile.am: include Makefile.am.common - - * lib/krb5/Makefile.am: include Makefile.am.common - - * lib/kadm5/Makefile.am: include Makefile.am.common - - * lib/hdb/Makefile.am: include Makefile.am.common - - * lib/gssapi/Makefile.am: include Makefile.am.common - - * lib/asn1/Makefile.am: include Makefile.am.common - - * lib/Makefile.am: include Makefile.am.common - - * lib/45/Makefile.am: include Makefile.am.common - - * kuser/Makefile.am: include Makefile.am.common - - * kpasswd/Makefile.am: include Makefile.am.common - - * kdc/Makefile.am: include Makefile.am.common - - * kadmin/Makefile.am: include Makefile.am.common - - * appl/test/Makefile.am: include Makefile.am.common - - * appl/afsutil/Makefile.am: include Makefile.am.common - - * appl/Makefile.am: include Makefile.am.common - - * admin/Makefile.am: include Makefile.am.common - -Wed Mar 17 03:04:38 1999 Assar Westerlund - - * lib/krb5/store.c (krb5_store_stringz): braces fix - - * lib/kadm5/get_s.c (kadm5_s_get_principal): braces fix - - * lib/kadm5/ent_setup.c (_kadm5_setup_entry): braces fix - - * kdc/connect.c (loop): braces fix - - * lib/krb5/config_file.c: cast to unsigned char to make is* happy - - * lib/krb5/log.c (krb5_addlog_dest): more braces to make gcc happy - - * lib/krb5/crypto.c (krb5_verify_checksum): rename C -> cksum to - be consistent - - * kadmin/util.c (timeval2str): more braces to make gcc happy - - * kadmin/load.c: cast in is* to get rid of stupid warning - - * kadmin/dump.c (append_hex): cast in isalnum to get rid of stupid - warning - - * kdc/kaserver.c: malloc checks and fixes - - * lib/krb5/get_host_realm.c (krb5_get_host_realm): include leading - dot (if any) when looking up realms. - -Fri Mar 12 13:57:56 1999 Johan Danielsson - - * lib/krb5/get_host_realm.c: add dns support - - * lib/krb5/set_default_realm.c: use krb5_free_host_realm - - * lib/krb5/free_host_realm.c: check for NULL realmlist - - * lib/krb5/context.c: don't print warning if there is no krb5.conf - -Wed Mar 10 19:29:46 1999 Johan Danielsson - - * configure.in: use AC_WFLAGS - -Mon Mar 8 11:49:43 1999 Johan Danielsson - - * Release 0.1c - - * kuser/klist.c: use print_version - - * kuser/kdestroy.c: use print_version - - * kdc/hpropd.c: use print_version - - * kdc/hprop.c: use print_version - - * kdc/config.c: use print_version - - * kadmin/kadmind.c: use print_version - - * kadmin/kadmin.c: use print_version - - * appl/test/common.c: use print_version - - * appl/afsutil/afslog.c: use print_version - -Mon Mar 1 10:49:14 1999 Johan Danielsson - - * lib/krb5/get_addrs.c: SOCKADDR_HAS_SA_LEN -> - HAVE_STRUCT_SOCKADDR_SA_LEN - - * configure.in, acconfig.h, cf/*: update to automake 1.4/autoconf 2.13 - -Sun Feb 28 18:19:20 1999 Johan Danielsson - - * lib/asn1/gen.c: make `BIT STRING's unsigned - - * lib/asn1/{symbol.h,gen.c}: add TUInteger type - - * lib/krb5/verify_user.c (krb5_verify_user): pass prompter to - krb5_get_init_creds_password - - * lib/krb5/fcache.c (fcc_gen_new): implement - -Sat Feb 27 22:41:23 1999 Johan Danielsson - - * doc/install.texi: krb4 is now automatically detected - - * doc/misc.texi: update procedure to set supported encryption - types - - * doc/setup.texi: change some silly wordings - -Sat Feb 27 22:17:30 1999 Johan Danielsson - - * lib/krb5/keytab.c (fkt_remove_entry): make this work - - * admin/ktutil.c: add minimally working `get' command - -Sat Feb 27 19:44:49 1999 Johan Danielsson - - * lib/hdb/convert_db.c: more typos - - * include/Makefile.am: remove EXTRA_DATA (as of autoconf - 2.13/automake 1.4) - - * appl/Makefile.am: OTP_dir - -Fri Feb 26 17:37:00 1999 Johan Danielsson - - * doc/setup.texi: add kadmin section - - * lib/asn1/check-der.c: fix printf warnings - -Thu Feb 25 11:16:49 1999 Johan Danielsson - - * configure.in: -O does not belong in WFLAGS - -Thu Feb 25 11:05:57 1999 Johan Danielsson - - * lib/asn1/der_put.c: fix der_put_int - -Tue Feb 23 20:35:12 1999 Johan Danielsson - - * configure.in: use AC_BROKEN_GLOB - -Mon Feb 22 15:12:44 1999 Johan Danielsson - - * configure.in: check for glob - -Mon Feb 22 11:32:42 1999 Johan Danielsson - - * Release 0.1b - -Sat Feb 20 15:48:06 1999 Johan Danielsson - - * lib/hdb/convert_db.c: convert DES3 keys to des3-cbc-sha1, and - des3-cbc-md5 - - * lib/krb5/crypto.c (DES3_string_to_key): make this actually do - what the draft said it should - - * lib/hdb/convert_db.c: little program for database conversion - - * lib/hdb/db.c (DB_open): try to open database w/o .db extension - - * lib/hdb/ndbm.c (NDBM_open): add test for database format - - * lib/hdb/db.c (DB_open): add test for database format - - * lib/asn1/gen_glue.c (generate_2int): don't depend on flags being - unsigned - - * lib/hdb/hdb.c: change `hdb_set_master_key' to take an - EncryptionKey, and add a new function `hdb_set_master_keyfile' to - do what `hdb_set_master_key' used to do - - * kdc/kstash.c: add `--convert-file' option to change keytype of - existing master key file - -Fri Feb 19 07:04:14 1999 Assar Westerlund - - * Release 0.1a - -Sat Feb 13 17:12:53 1999 Assar Westerlund - - * lib/krb5/mk_safe.c (krb5_mk_safe): sizeof(buf) -> buf_size, buf - is now a `u_char *' - - * lib/krb5/get_in_tkt.c (krb5_init_etype): etypes are now `int' - - * lib/krb5/get_host_realm.c (krb5_get_host_realm): constize - orig_host - - (krb5_salttype_to_string): new function (RSA_MD5_DES_verify, - RSA_MD5_DES3_verify): initialize ret - - * lib/gssapi/init_sec_context.c (init_auth): remove unnecessary - gssapi_krb5_init. ask for KEYTYPE_DES credentials - - * kadmin/get.c (print_entry_long): print the keytypes and salts - available for the principal - - * configure.in (WFLAGS): add `-O' to catch unitialized variables - and such - (gethostname, mkstemp, getusershell, inet_aton): more tests - - * lib/hdb/hdb.h: update prototypes - - * configure.in: homogenize broken detection with krb4 - - * lib/kadm5/init_c.c (kadm5_c_init_with_context): remove unused - `error' - - * lib/asn1/Makefile.am (check-der): add - - * lib/asn1/gen.c (define_type): map ASN1 Integer to `int' instead - of `unsigned' - - * lib/asn1/der_length.c (length_unsigned): new function - (length_int): handle signed integers - - * lib/asn1/der_put.c (der_put_unsigned): new function - (der_put_int): handle signed integers - - * lib/asn1/der_get.c (der_get_unsigned): new function - (der_get_int): handle signed integers - - * lib/asn1/der.h: all integer functions take `int' instead of - `unsigned' - - * lib/asn1/lex.l (filename): unused. remove. - - * lib/asn1/check-der.c: new test program for der encoding and - decoding. - -Mon Feb 1 04:09:06 1999 Assar Westerlund - - * lib/krb5/send_to_kdc.c (krb5_sendto_kdc): only call - gethostbyname2 with AF_INET6 if we actually have IPv6. From - "Brandon S. Allbery KF8NH" - - * lib/krb5/changepw.c (get_kdc_address): dito - -Sun Jan 31 06:26:36 1999 Assar Westerlund - - * kdc/connect.c (parse_prots): always bind to AF_INET, there are - v6-implementations without support for `mapped V4 addresses'. - From Jun-ichiro itojun Hagino - -Sat Jan 30 22:38:27 1999 Assar Westerlund - - * Release 0.0u - -Sat Jan 30 13:43:02 1999 Assar Westerlund - - * lib/krb5/Makefile.am: explicit rules for *.et files - - * lib/kadm5/init_c.c (get_kadm_ticket): only remove creds if - krb5_get_credentials was succesful. - (get_new_cache): return better error codes and return earlier. - (get_cred_cache): only delete default_client if it's different - from client - (kadm5_c_init_with_context): return a more descriptive error. - - * kdc/kerberos5.c (check_flags): handle NULL client or server - - * lib/krb5/sendauth.c (krb5_sendauth): return the error in - `ret_error' iff != NULL - - * lib/krb5/rd_error.c (krb5_free_error, krb5_free_error_contents): - new functions - - * lib/krb5/mk_req_ext.c (krb5_mk_req_extended): more - type-correctness - - * lib/krb5/krb5.h (krb5_error): typedef to KRB_ERROR - - * lib/krb5/init_creds_pw.c: KRB5_TGS_NAME: use - - * lib/krb5/get_cred.c: KRB5_TGS_NAME: use - - * lib/kafs/afskrb5.c (afslog_uid_int): update to changes - - * lib/kadm5/rename_s.c (kadm5_s_rename_principal): call remove - instead of rename, but shouldn't this just call rename? - - * lib/kadm5/get_s.c (kadm5_s_get_principal): always return an - error if the principal wasn't found. - - * lib/hdb/ndbm.c (NDBM_seq): unseal key - - * lib/hdb/db.c (DB_seq): unseal key - - * lib/asn1/Makefile.am: added explicit rules for asn1_err.[ch] - - * kdc/hprop.c (v4_prop): add krbtgt/THISREALM@OTHERREALM when - finding cross-realm tgts in the v4 database - - * kadmin/mod.c (mod_entry): check the number of arguments. check - that kadm5_get_principal worked. - - * lib/krb5/keytab.c (fkt_remove_entry): remove KRB5_KT_NOTFOUND if - we weren't able to remove it. - - * admin/ktutil.c: less drive-by-deleting. From Love - - - * kdc/connect.c (parse_ports): copy the string before mishandling - it with strtok_r - - * kdc/kerberos5.c (tgs_rep2): print the principal with mismatching - kvnos - - * kadmin/kadmind.c (main): convert `debug_port' to network byte - order - - * kadmin/kadmin.c: allow specification of port number. - - * lib/kadm5/kadm5_locl.h (kadm5_client_context): add - `kadmind_port'. - - * lib/kadm5/init_c.c (_kadm5_c_init_context): move up - initalize_kadm5_error_table_r. - allow specification of port number. - - From Love - - * kuser/klist.c: add option -t | --test - diff --git a/crypto/heimdal/ChangeLog.2000 b/crypto/heimdal/ChangeLog.2000 deleted file mode 100644 index a1cb687f550e..000000000000 --- a/crypto/heimdal/ChangeLog.2000 +++ /dev/null @@ -1,1320 +0,0 @@ -2000-12-31 Assar Westerlund - - * lib/krb5/test_get_addrs.c (main): handle krb5_init_context - failure consistently - * lib/krb5/string-to-key-test.c (main): handle krb5_init_context - failure consistently - * lib/krb5/prog_setup.c (krb5_program_setup): handle - krb5_init_context failure consistently - * lib/hdb/convert_db.c (main): handle krb5_init_context failure - consistently - * kuser/kverify.c (main): handle krb5_init_context failure - consistently - * kuser/klist.c (main): handle krb5_init_context failure - consistently - * kuser/kinit.c (main): handle krb5_init_context failure - consistently - * kuser/kgetcred.c (main): handle krb5_init_context failure - consistently - * kuser/kdestroy.c (main): handle krb5_init_context failure - consistently - * kuser/kdecode_ticket.c (main): handle krb5_init_context failure - consistently - * kuser/generate-requests.c (generate_requests): handle - krb5_init_context failure consistently - * kpasswd/kpasswd.c (main): handle krb5_init_context failure - consistently - * kpasswd/kpasswd-generator.c (generate_requests): handle - krb5_init_context failure consistently - * kdc/main.c (main): handle krb5_init_context failure consistently - * appl/test/uu_client.c (proto): handle krb5_init_context failure - consistently - * appl/kf/kf.c (main): handle krb5_init_context failure - consistently - * admin/ktutil.c (main): handle krb5_init_context failure - consistently - - * admin/get.c (kt_get): more error checking - -2000-12-29 Assar Westerlund - - * lib/asn1/asn1_print.c (loop): check for length longer than data. - inspired by lha@stacken.kth.se - -2000-12-16 Johan Danielsson - - * admin/ktutil.8: reflect recent changes - - * admin/copy.c: don't copy an entry that already exists in the - keytab, and warn if the keyblock differs - -2000-12-15 Johan Danielsson - - * admin/Makefile.am: merge srvconvert and srvcreate with copy - - * admin/copy.c: merge srvconvert and srvcreate with copy - - * lib/krb5/Makefile.am: always build keytab_krb4.c - - * lib/krb5/context.c: always register the krb4 keytab functions - - * lib/krb5/krb5.h: declare krb4_ftk_ops - - * lib/krb5/keytab_krb4.c: We don't really need to include krb.h - here, since we only use the principal size macros, so define these - here. Theoretically someone could have a krb4 system where these - values are != 40, but this is unlikely, and - krb5_524_conv_principal also assume they are 40. - -2000-12-13 Johan Danielsson - - * lib/krb5/krb5.h: s/krb5_donot_reply/krb5_donot_replay/ - - * lib/krb5/replay.c: fix query-replace-o from MD5 API change, and - the struct is called krb5_donot_replay - -2000-12-12 Assar Westerlund - - * admin/srvconvert.c (srvconvert): do not use data after free:ing - it - -2000-12-11 Assar Westerlund - - * Release 0.3d - -2000-12-11 Assar Westerlund - - * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): set version to 14:0:0 - * lib/hdb/Makefile.am (libhdb_la_LDFLAGS): update to 6:3:0 - * lib/krb5/Makefile.am (libkrb5_la_LIBADD): add library - dependencies - -2000-12-10 Johan Danielsson - - * lib/krb5/auth_context.c: implement krb5_auth_con_{get,set}rcache - -2000-12-08 Assar Westerlund - - * lib/krb5/krb5.h (krb5_enctype): add ETYPE_DES3_CBC_NONE_IVEC as - a new pseudo-type - - * lib/krb5/crypto.c (DES_AFS3_CMU_string_to_key): always treat - cell names as lower case - (krb5_encrypt_ivec, krb5_decrypt_ivec): new functions that allow an - explicit ivec to be specified. fix all sub-functions. - (DES3_CBC_encrypt_ivec): new function that takes an explicit ivec - -2000-12-06 Johan Danielsson - - * lib/krb5/Makefile.am: actually build replay cache code - - * lib/krb5/replay.c: implement krb5_get_server_rcache - - * kpasswd/kpasswdd.c: de-pointerise auth_context parameter to - krb5_mk_rep - - * lib/krb5/recvauth.c: de-pointerise auth_context parameter to - krb5_mk_rep - - * lib/krb5/mk_rep.c: auth_context should not be a pointer - - * lib/krb5/auth_context.c: implement krb5_auth_con_genaddrs, and - make setaddrs_from_fd use that - - * lib/krb5/krb5.h: add some more KRB5_AUTH_CONTEXT_* flags - -2000-12-05 Johan Danielsson - - * lib/krb5/Makefile.am: add kerberos.8 manpage - - * lib/krb5/cache.c: check for NULL remove_cred function - - * lib/krb5/fcache.c: pretend that empty files are non-existant - - * lib/krb5/get_addrs.c (find_all_addresses): use getifaddrs, from - Jason Thorpe - -2000-12-01 Assar Westerlund - - * configure.in: remove configure-time generation of krb5-config - * tools/Makefile.am: add generation of krb5-config at make-time - instead of configure-time - - * tools/krb5-config.in: add --prefix and --exec-prefix - -2000-11-30 Assar Westerlund - - * tools/Makefile.am: add krb5-config.1 - * tools/krb5-config.in: add kadm-client and kadm5-server as - libraries - -2000-11-29 Assar Westerlund - - * tools/krb5-config.in: add --prefix, --exec-prefix and gssapi - -2000-11-29 Johan Danielsson - - * configure.in: add roken/Makefile here, since it can't live in - rk_ROKEN - -2000-11-16 Assar Westerlund - - * configure.in: use the libtool -rpath, do not rely on ld - understanding -rpath - - * configure.in: fix the -Wl stuff for krb4 linking add some - gratuitous extra options when linking with an existing libdes - -2000-11-15 Assar Westerlund - - * lib/hdb/hdb.c (hdb_next_enctype2key): const-ize a little bit - * lib/Makefile.am (SUBDIRS): try to only build des when needed - * kuser/klist.c: print key versions numbers of v4 tickets in - verbose mode - - * kdc/kerberos5.c (tgs_rep2): adapt to new krb5_verify_ap_req2 - * appl/test/gss_common.c (read_token): remove unused variable - - * configure.in (krb4): add -Wl - (MD4Init et al): look for these in more libraries - (getmsg): only run test if we have the function - (AC_OUTPUT): create tools/krb5-config - - * tools/krb5-config.in: new script for storing flags to use - * Makefile.am (SUBDIRS): add tools - - * lib/krb5/get_cred.c (make_pa_tgs_req): update to new - krb5_mk_req_internal - * lib/krb5/mk_req_ext.c (krb5_mk_req_internal): allow different - usages for the encryption. change callers - * lib/krb5/rd_req.c (decrypt_authenticator): add an encryption - `usage'. also try the old - (and wrong) usage of KRB5_KU_AP_REQ_AUTH for backwards compatibility - (krb5_verify_ap_req2): new function for specifying the usage different - from the default (KRB5_KU_AP_REQ_AUTH) - * lib/krb5/build_auth.c (krb5_build_authenticator): add a `usage' - parameter to permit the generation of authenticators with - different crypto usage - - * lib/krb5/mk_req.c (krb5_mk_req_exact): new function that takes a - krb5_principal - (krb5_mk_req): use krb5_mk_req_exact - - * lib/krb5/mcache.c (mcc_close): free data - (mcc_destroy): don't free data - -2000-11-13 Assar Westerlund - - * lib/hdb/ndbm.c: handle both ndbm.h and gdbm/ndbm.h - * lib/hdb/hdb.c: handle both ndbm.h and gdbm/ndbm.h - -2000-11-12 Johan Danielsson - - * kdc/hpropd.8: remove extra .Xc - -2000-10-27 Johan Danielsson - - * kuser/kinit.c: fix v4 fallback lifetime calculation - -2000-10-10 Johan Danielsson - - * kdc/524.c: fix log messge - -2000-10-08 Assar Westerlund - - * lib/krb5/changepw.c (krb5_change_password): check for fd's being - too large to select on - * kpasswd/kpasswdd.c (add_new_tcp): check for the socket fd being - too large to select on - * kdc/connect.c (add_new_tcp): check for the socket fd being too - large to selct on - * kdc/connect.c (loop): check that the socket fd is not too large - to select on - * lib/krb5/send_to_kdc.c (recv_loop): check `fd' for being too - large to be able to select on - - * kdc/kaserver.c (do_authenticate): check for time skew - -2000-10-01 Assar Westerlund - - * kdc/524.c (set_address): allocate memory for storing addresses - in if the original request had an empty set of addresses - * kdc/524.c (set_address): fix bad return of pointer to automatic - data - - * config.sub: update to version 2000-09-11 (aka 1.181) from - subversions.gnu.org - - * config.guess: update to version 2000-09-05 (aka 1.156) from - subversions.gnu.org plus some minor tweaks - -2000-09-20 Assar Westerlund - - * Release 0.3c - -2000-09-19 Assar Westerlund - - * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): bump version to - 13:1:0 - - * lib/hdb/Makefile.am (libhdb_la_LDFLAGS): bump version to 6:2:0 - -2000-09-17 Assar Westerlund - - * lib/krb5/rd_req.c (krb5_decrypt_ticket): plug some memory leak - (krb5_rd_req): try not to return an allocated auth_context on error - - * lib/krb5/log.c (krb5_vlog_msg): fix const-ness - -2000-09-10 Assar Westerlund - - * kdc/524.c: re-organize - * kdc/kerberos5.c (tgs_rep2): try to avoid leaking auth_context - * kdc/kerberos4.c (valid_princ): check return value of functions - (encode_v4_ticket): add some const - * kdc/misc.c (db_fetch): check malloc - (free_ent): new function - - * lib/krb5/log.c (krb5_vlog_msg): log just the format string it we - fail to allocate the actual string to log, should at least provide - some hint as to where things went wrong - -2000-09-10 Johan Danielsson - - * kdc/log.c: use DEFAULT_LOG_DEST - - * kdc/config.c: use _PATH_KDC_CONF - - * kdc/kdc_locl.h: add macro constants for kdc.conf, and kdc.log - -2000-09-09 Assar Westerlund - - * lib/krb5/crypto.c (_key_schedule): re-use an existing schedule - -2000-09-06 Johan Danielsson - - * configure.in: fix dpagaix test - -2000-09-05 Assar Westerlund - - * configure.in: with_dce -> enable_dce. noticed by Ake Sandgren - - -2000-09-01 Johan Danielsson - - * kdc/kstash.8: update manual page - - * kdc/kstash.c: fix typo, and remove unused option - - * lib/krb5/kerberos.7: short kerberos intro page - -2000-08-27 Assar Westerlund - - * include/bits.c: add __attribute__ for gcc's pleasure - * lib/hdb/keytab.c: re-write to delay the opening of the database - till it's known which principal is being sought, thereby allowing - the usage of multiple databases, however they need to be specified - in /etc/krb5.conf since all the programs using this keytab do not - read kdc.conf - - * appl/test/test_locl.h (keytab): add - * appl/test/common.c: add --keytab - * lib/krb5/crypto.c: remove trailing commas - (KRB5_KU_USAGE_SEQ): renamed from KRB5_KU_USAGE_MIC - -2000-08-26 Assar Westerlund - - * lib/krb5/send_to_kdc.c (send_via_proxy): handle `http://' at the - beginning of the proxy specification. use getaddrinfo correctly - (krb5_sendto): always return a return code - - * lib/krb5/krb5.h (KRB5_KU_USAGE_MIC): rename to KRB5_KU_USAGE_SEQ - * lib/krb5/auth_context.c (krb5_auth_con_free): handle - auth_context == NULL - -2000-08-23 Assar Westerlund - - * kdc/kerberos5.c (find_type): make sure of always setting - `ret_etype' correctly. clean-up structure some - -2000-08-23 Johan Danielsson - - * lib/krb5/mcache.c: implement resolve - -2000-08-18 Assar Westerlund - - * kuser/kdecode_ticket.c: check return value from krb5_crypto_init - * kdc/kerberos5.c, kdc/524.c: check return value from krb5_crypto_init - * lib/krb5/*.c: check return value from krb5_crypto_init - -2000-08-16 Assar Westerlund - - * Release 0.3b - -2000-08-16 Assar Westerlund - - * lib/krb5/Makefile.am: bump version to 13:0:0 - - * lib/hdb/Makefile.am: set version to 6:1:0 - - * configure.in: do getmsg testing the same way as in krb4 - - * lib/krb5/config_file.c (krb5_config_parse_file_debug): make sure - of closing the file on error - - * lib/krb5/crypto.c (encrypt_internal_derived): free the checksum - after use - - * lib/krb5/warn.c (_warnerr): initialize args to make third, - purify et al happy - -2000-08-13 Assar Westerlund - - * kdc/kerberos5.c: re-write search for keys code. loop over all - supported enctypes in order, looping over all keys of each type, - and picking the one with the v5 default salt preferably - -2000-08-10 Assar Westerlund - - * appl/test/gss_common.c (enet_read): add and use - * lib/krb5/krb5.h (heimdal_version, heimdal_long_version): make - const - - * lib/krb5/mk_req_ext.c (krb5_mk_req_internal): add comment on - checksum type selection - - * lib/krb5/context.c (krb5_init_context): do not leak memory on - failure - (default_etypes): prefer arcfour-hmac-md5 to des-cbc-md5 - - * lib/krb5/principal.c: add fnmatch.h - -2000-08-09 Assar Westerlund - - * configure.in: call AC_PROG_CC and AC_PROG_CPP to make sure later - checks that should require them don't fail - * acconfig.h: add HAVE_UINT17_T - -2000-08-09 Johan Danielsson - - * kdc/mit_dump.c: handle all sorts of weird MIT salt types - -2000-08-08 Johan Danielsson - - * doc/setup.texi: port 212 -> 2121 - - * lib/krb5/principal.c: krb5_principal_match - -2000-08-04 Johan Danielsson - - * lib/asn1/der_get.c: add comment on *why* DCE sometimes used BER - encoding - - * kpasswd/Makefile.am: link with pidfile library - - * kpasswd/kpasswdd.c: write a pid file - - * kpasswd/kpasswd_locl.h: util.h - - * kdc/Makefile.am: link with pidfile library - - * kdc/main.c: write a pid file - - * kdc/headers.h: util.h - -2000-08-04 Assar Westerlund - - * lib/krb5/principal.c (krb5_425_conv_principal_ext): always put - hostnames in lower case - (default_v4_name_convert): add imap - -2000-08-03 Assar Westerlund - - * lib/krb5/crc.c (_krb5_crc_update): const-ize (finally) - -2000-07-31 Johan Danielsson - - * configure.in: check for uint*_t - * include/bits.c: define uint*_t - -2000-07-29 Assar Westerlund - - * kdc/kerberos5.c (check_tgs_flags): set endtime correctly when - renewing, From Derrick J Brashear - -2000-07-28 Assar Westerlund - - * Release 0.3a - -2000-07-27 Assar Westerlund - - * kdc/hprop.c (dump_database): write an empty message to signal - end of dump - -2000-07-26 Assar Westerlund - - * lib/krb5/changepw.c (krb5_change_password): try to be more - careful when not to resend - - * lib/hdb/db3.c: always create a cursor with db3. From Derrick J - Brashear - -2000-07-25 Johan Danielsson - - * lib/hdb/Makefile.am: bump version to 6:0:0 - - * lib/asn1/Makefile.am: bump version to 3:0:1 - - * lib/krb5/Makefile.am: bump version to 12:0:1 - - * lib/krb5/krb5_config.3: manpage - - * lib/krb5/krb5_appdefault.3: manpage - - * lib/krb5/appdefault.c: implementation of the krb5_appdefault set - of functions - -2000-07-23 Assar Westerlund - - * lib/krb5/init_creds_pw.c (change_password): reset forwardable - and proxiable. copy preauthentication list correctly from - supplied options - - * kdc/hpropd.c (main): check that the ticket was for `hprop/' for - paranoid reasons - - * lib/krb5/sock_principal.c (krb5_sock_to_principal): look in - aliases for the real name - -2000-07-22 Johan Danielsson - - * doc/setup.texi: say something about starting kadmind from the - command line - -2000-07-22 Assar Westerlund - - * kpasswd/kpasswdd.c: use kadm5_s_chpass_principal_cond instead of - mis-doing it here - - * lib/krb5/changepw.c (krb5_change_password): make timeout 1 + - 2^{0,1,...}. also keep track if we got an old packet back and - then just wait without sending a new packet - * lib/krb5/changepw.c: use a datagram socket and remove the - sequence numbers - * lib/krb5/changepw.c (krb5_change_password): clarify an - expression, avoiding a warning - -2000-07-22 Johan Danielsson - - * kuser/klist.c: make -a and -n aliases for -v - - * lib/krb5/write_message.c: ws - - * kdc/hprop-common.c: nuke extra definitions of - krb5_read_priv_message et.al - - * lib/krb5/read_message.c (krb5_read_message): return error if EOF - -2000-07-20 Assar Westerlund - - * kpasswd/kpasswd.c: print usage consistently - * kdc/hprop.h (HPROP_KEYTAB): use HDB for the keytab - * kdc/hpropd.c: add --keytab - * kdc/hpropd.c: don't care what principal we recvauth as - - * lib/krb5/get_cred.c: be more careful of not returning creds at - all when an error is returned - * lib/krb5/fcache.c (fcc_gen_new): do mkstemp correctly - -2000-07-19 Johan Danielsson - - * fix-export: use autoreconf - - * configure.in: remove stuff that belong in roken, and remove some - obsolete constructs - -2000-07-18 Johan Danielsson - - * configure.in: fix some typos - - * appl/Makefile.am: dceutil*s* - - * missing: update to missing from automake 1.4a - -2000-07-17 Johan Danielsson - - * configure.in: try to get xlc flags from ibmcxx.cfg use - conditional for X use readline cf macro - - * configure.in: subst AIX compiler flags - -2000-07-15 Johan Danielsson - - * configure.in: pass sixth parameter to test-package; use some - newer autoconf constructs - - * ltmain.sh: update to libtool 1.3c - - * ltconfig: update to libtool 1.3c - - * configure.in: update this to newer auto*/libtool - - * appl/Makefile.am: use conditional for dce - - * lib/Makefile.am: use conditional for dce - -2000-07-11 Johan Danielsson - - * lib/krb5/write_message.c: krb5_write_{priv,save}_message - * lib/krb5/read_message.c: krb5_read_{priv,save}_message - * lib/krb5/convert_creds.c: try port kerberos/88 if no response on - krb524/4444 - - * lib/krb5/convert_creds.c: use krb5_sendto - - * lib/krb5/send_to_kdc.c: add more generic krb5_sendto that send - to a port at arbitrary list of hosts - -2000-07-10 Johan Danielsson - - * doc/misc.texi: language; say something about kadmin del_enctype - -2000-07-10 Assar Westerlund - - * appl/kf/Makefile.am: actually install - -2000-07-08 Assar Westerlund - - * configure.in (AM_INIT_AUTOMAKE): bump to 0.3a-pre - (AC_ROKEN): roken is now at 10 - - * lib/krb5/string-to-key-test.c: add a arcfour-hmac-md5 test case - * kdc/Makefile.am (INCLUDES): add ../lib/krb5 - * configure.in: update for standalone roken - * lib/Makefile.am (SUBDIRS): make roken conditional - * kdc/hprop.c: update to new hdb_seal_keys_mkey - * lib/hdb/mkey.c (_hdb_unseal_keys_int, _hdb_seal_keys_int): - rename and export them - - * kdc/headers.h: add krb5_locl.h (since we just use some stuff - from there) - -2000-07-08 Johan Danielsson - - * kuser/klist.1: update for -f and add some more text for -v - - * kuser/klist.c: use rtbl to format cred listing, add -f and -s - - * lib/krb5/crypto.c: fix type in des3-cbc-none - - * lib/hdb/mkey.c: add key usage - - * kdc/kstash.c: remove writing of old keyfile, and treat - --convert-file as just reading and writing the keyfile without - asking for a new key - - * lib/hdb/mkey.c (read_master_encryptionkey): handle old keytype - based files, and convert the key to cfb64 - - * lib/hdb/mkey.c (hdb_read_master_key): set mkey to NULL before - doing anything else - - * lib/krb5/send_to_kdc.c: use krb5_eai_to_heim_errno - - * lib/krb5/get_for_creds.c: use krb5_eai_to_heim_errno - - * lib/krb5/changepw.c: use krb5_eai_to_heim_errno - - * lib/krb5/addr_families.c: use krb5_eai_to_heim_errno - - * lib/krb5/eai_to_heim_errno.c: convert getaddrinfo error codes to - something that can be passed to get_err_text - -2000-07-07 Assar Westerlund - - * lib/hdb/hdb.c (hdb_next_enctype2key): make sure of skipping - `*key' - - * kdc/kerberos4.c (get_des_key): rewrite some, be more careful - -2000-07-06 Assar Westerlund - - * kdc/kerberos5.c (as_rep): be careful as to now overflowing when - calculating the end of lifetime of a ticket. - - * lib/krb5/context.c (default_etypes): add ETYPE_ARCFOUR_HMAC_MD5 - - * lib/hdb/db3.c: only use a cursor when needed, from Derrick J - Brashear - - * lib/krb5/crypto.c: introduce the `special' encryption methods - that are not like all other encryption methods and implement - arcfour-hmac-md5 - -2000-07-05 Johan Danielsson - - * kdc/mit_dump.c: set initial master key version number to 0 - instead of 1; if we lated bump the mkvno we don't risk using the - wrong key to decrypt - - * kdc/hprop.c: only get master key if we're actually going to use - it; enable reading of MIT krb5 dump files - - * kdc/mit_dump.c: read MIT krb5 dump files - - * lib/hdb/mkey.c (read_master_mit): fix this - - * kdc/kstash.c: make this work with the new mkey code - - * lib/hdb/Makefile.am: add mkey.c, and bump version number - - * lib/hdb/hdb.h: rewrite master key handling - - * lib/hdb/mkey.c: rewrite master key handling - - * lib/krb5/crypto.c: add some more pseudo crypto types - - * lib/krb5/krb5.h: change some funny etypes to use negative - numbers, and add some more - -2000-07-04 Assar Westerlund - - * lib/krb5/krbhst.c (get_krbhst): only try SRV lookup if there are - none in the configuration file - -2000-07-02 Assar Westerlund - - * lib/krb5/keytab_keyfile.c (akf_add_entry): remove unused - variable - - * kpasswd/kpasswd-generator.c: new test program - * kpasswd/Makefile.am: add kpasswd-generator - - * include/Makefile.am (CLEANFILES): add rc4.h - - * kuser/generate-requests.c: new test program - * kuser/Makefile.am (noinst_PROGRAMS): add generate-requests - -2000-07-01 Assar Westerlund - - * configure.in: add --enable-dce and related stuff - * appl/Makefile.am (SUBDIRS): add $(APPL_dce) - -2000-06-29 Assar Westerlund - - * kdc/kerberos4.c (get_des_key): fix thinkos/typos - -2000-06-29 Johan Danielsson - - * admin/purge.c: use parse_time to parse age - - * lib/krb5/log.c (krb5_vlog_msg): use krb5_format_time - - * admin/list.c: add printing of timestamp and key data; some - cleanup - - * lib/krb5/time.c (krb5_format_time): new function to format time - - * lib/krb5/context.c (init_context_from_config_file): init - date_fmt, also do some cleanup - - * lib/krb5/krb5.h: add date_fmt to context - -2000-06-28 Johan Danielsson - - * kdc/{kerberos4,kaserver,524}.c (get_des_key): change to return - v4 or afs keys if possible - -2000-06-25 Johan Danielsson - - * kdc/hprop.c (ka_convert): allow using null salt, and treat 0 - pw_expire as never (from Derrick Brashear) - -2000-06-24 Johan Danielsson - - * kdc/connect.c (add_standard_ports): only listen to port 750 if - serving v4 requests - -2000-06-22 Assar Westerlund - - * lib/asn1/lex.l: fix includes, and lex stuff - * lib/asn1/lex.h (error_message): update prototype - (yylex): add - * lib/asn1/gen_length.c (length_type): fail on malloc error - * lib/asn1/gen_decode.c (decode_type): fail on malloc error - -2000-06-21 Assar Westerlund - - * lib/krb5/get_for_creds.c: be more compatible with MIT code. - From Daniel Kouril - * lib/krb5/rd_cred.c: be more compatible with MIT code. From - Daniel Kouril - * kdc/kerberos5.c (get_pa_etype_info): do not set salttype if it's - vanilla pw-salt, that keeps win2k happy. also do the malloc check - correctly. From Daniel Kouril - -2000-06-21 Johan Danielsson - - * kdc/hprop.c: add hdb keytabs - -2000-06-20 Johan Danielsson - - * lib/krb5/principal.c: back out rev. 1.64 - -2000-06-19 Johan Danielsson - - * kdc/kerberos5.c: pa_* -> KRB5_PADATA_* - - * kdc/hpropd.c: add realm override flag - - * kdc/v4_dump.c: code for reading krb4 dump files - - * kdc/hprop.c: generalize source database handing, add support for - non-standard local realms (from by Daniel Kouril - and Miroslav Ruda ), and - support for using different ports (requested by the Czechs, but - implemented differently) - - * lib/krb5/get_cred.c: pa_* -> KRB5_PADATA_* - - * lib/krb5/get_in_tkt.c: pa_* -> KRB5_PADATA_* - - * lib/krb5/krb5.h: use some definitions from asn1.h - - * lib/hdb/hdb.asn1: use new import syntax - - * lib/asn1/k5.asn1: use distinguished value integers - - * lib/asn1/gen_length.c: support for distinguished value integers - - * lib/asn1/gen_encode.c: support for distinguished value integers - - * lib/asn1/gen_decode.c: support for distinguished value integers - - * lib/asn1/gen.c: support for distinguished value integers - - * lib/asn1/lex.l: add support for more standards like import - statements - - * lib/asn1/parse.y: add support for more standards like import - statements, and distinguished value integers - -2000-06-11 Assar Westerlund - - * lib/krb5/get_for_creds.c (add_addrs): ignore addresses of - unknown type - * lib/krb5/get_for_creds.c (add_addrs): zero memory before - starting to copy memory - -2000-06-10 Assar Westerlund - - * lib/krb5/test_get_addrs.c: test program for get_addrs - * lib/krb5/get_addrs.c (find_all_addresses): remember to add in - the size of ifr->ifr_name when using SA_LEN. noticed by Ken - Raeburn - -2000-06-07 Assar Westerlund - - * configure.in: add db3 detection stuff do not use streamsptys on - HP-UX 11 - * lib/hdb/hdb.h (HDB): add dbc for db3 - * kdc/connect.c (add_standard_ports): also listen on krb524 aka - 4444 - * etc/services.append (krb524): add - * lib/hdb/db3.c: add berkeley db3 interface. contributed by - Derrick J Brashear - * lib/hdb/hdb.h (struct HDB): add - -2000-06-07 Johan Danielsson - - * kdc/524.c: if 524 is not enabled, just generate error reply and - exit - - * kdc/kerberos4.c: if v4 is not enabled, just generate error reply - and exit - - * kdc/connect.c: only listen to port 4444 if 524 is enabled - - * kdc/config.c: add options to enable/disable v4 and 524 requests - -2000-06-06 Johan Danielsson - - * kdc/524.c: handle non-existant server principals (from Daniel - Kouril) - -2000-06-03 Assar Westerlund - - * admin/ktutil.c: print name when failing to open keytab - - * kuser/kinit.c: try also to fallback to v4 when no KDC is found - -2000-05-28 Assar Westerlund - - * kuser/klist.c: continue even we have no v5 ccache. make showing - your krb4 tickets the default (if build with krb4 support) - * kuser/kinit.c: add a fallback that tries to get a v4 ticket if - built with krb4 support and we got back a version error from the - KDC - -2000-05-23 Johan Danielsson - - * lib/krb5/keytab_keyfile.c: make this actually work - -2000-05-19 Assar Westerlund - - * lib/krb5/store_emem.c (emem_store): make it write-compatible - * lib/krb5/store_fd.c (fd_store): make it write-compatible - * lib/krb5/store_mem.c (mem_store): make it write-compatible - * lib/krb5/krb5.h (krb5_storage): make store write-compatible - -2000-05-18 Assar Westerlund - - * configure.in: add stdio.h in dbopen test - -2000-05-16 Assar Westerlund - - * Release 0.2t - -2000-05-16 Assar Westerlund - - * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): set version to 11:1:0 - * lib/krb5/fcache.c: fix second lseek - * lib/krb5/principal.c (krb5_524_conv_principal): fix typo - -2000-05-15 Assar Westerlund - - * Release 0.2s - -2000-05-15 Assar Westerlund - - * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): set version to 11:0:0 - * lib/hdb/Makefile.am (libhdb_la_LDFLAGS): set version to 4:2:1 - * lib/asn1/Makefile.am (libasn1_la_LDFLAGS): bump to 2:0:0 - * lib/krb5/principal.c (krb5_524_conv_principal): comment-ize, and - simplify string copying - -2000-05-12 Assar Westerlund - - * lib/krb5/fcache.c (scrub_file): new function - (erase_file): re-write, use scrub_file - * lib/krb5/krb5.h (KRB5_DEFAULT_CCFILE_ROOT): add - - * configure.in (dbopen): add header files - - * lib/krb5/krb5.h (krb5_key_usage): add some more - * lib/krb5/fcache.c (erase_file): try to detect symlink games. - also call revoke. - * lib/krb5/changepw.c (krb5_change_password): remember to close - the socket on error - - * kdc/main.c (main): also call sigterm on SIGTERM - -2000-05-06 Assar Westerlund - - * lib/krb5/config_file.c (krb5_config_vget_string_default, - krb5_config_get_string_default): add - -2000-04-25 Assar Westerlund - - * lib/krb5/fcache.c (fcc_initialize): just forget about - over-writing the old cred cache. it's too much of a hazzle trying - to do this safely. - -2000-04-11 Assar Westerlund - - * lib/krb5/crypto.c (krb5_get_wrapped_length): rewrite into - different parts for the derived and non-derived cases - * lib/krb5/crypto.c (krb5_get_wrapped_length): the padding should - be done after having added confounder and checksum - -2000-04-09 Assar Westerlund - - * lib/krb5/get_addrs.c (find_all_addresses): apperently solaris - can return EINVAL when the buffer is too small. cope. - * lib/asn1/Makefile.am (gen_files): add asn1_UNSIGNED.x - * lib/asn1/gen_locl.h (filename): add prototype - (init_generate): const-ize - * lib/asn1/gen.c (filename): new function clean-up a little bit. - * lib/asn1/parse.y: be more tolerant in ranges - * lib/asn1/lex.l: count lines correctly. - (error_message): print filename in messages - -2000-04-08 Assar Westerlund - - * lib/krb5/rd_safe.c (krb5_rd_safe): increment sequence number - after comparing - * lib/krb5/rd_priv.c (krb5_rd_priv): increment sequence number - after comparing - * lib/krb5/mk_safe.c (krb5_mk_safe): make `tmp_seq' unsigned - * lib/krb5/mk_priv.c (krb5_mk_priv): make `tmp_seq' unsigned - * lib/krb5/generate_seq_number.c (krb5_generate_seq_number): make - `seqno' be unsigned - * lib/krb5/mk_safe.c (krb5_mk_safe): increment local sequence - number after the fact and only increment it if we were successful - * lib/krb5/mk_priv.c (krb5_mk_priv): increment local sequence - number after the fact and only increment it if we were successful - * lib/krb5/krb5.h (krb5_auth_context_data): make sequence number - unsigned - - * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): - `in_tkt_service' can be NULL - -2000-04-06 Assar Westerlund - - * lib/asn1/parse.y: regonize INTEGER (0..UNIT_MAX). - (DOTDOT): add - * lib/asn1/lex.l (DOTDOT): add - * lib/asn1/k5.asn1 (UNSIGNED): add. use UNSIGNED for all sequence - numbers. - * lib/asn1/gen_length.c (length_type): add TUInteger - * lib/asn1/gen_free.c (free_type): add TUInteger - * lib/asn1/gen_encode.c (encode_type, generate_type_encode): add - TUInteger - * lib/asn1/gen_decode.c (decode_type, generate_type_decode): add - TUInteger - * lib/asn1/gen_copy.c (copy_type): add TUInteger - * lib/asn1/gen.c (define_asn1): add TUInteger - * lib/asn1/der_put.c (encode_unsigned): add - * lib/asn1/der_length.c (length_unsigned): add - * lib/asn1/der_get.c (decode_unsigned): add - * lib/asn1/der.h (decode_unsigned, encode_unsigned, - length_unsigned): add prototypes - - * lib/asn1/k5.asn1: update pre-authentication types - * lib/krb5/krb5_err.et: add some error codes from pkinit - -2000-04-05 Assar Westerlund - - * lib/hdb/hdb.c: add support for hdb methods (aka back-ends). - include ldap. - * lib/hdb/hdb-ldap.c: tweak the ifdef to OPENLDAP - * lib/hdb/Makefile.am: add hdb-ldap.c and openldap - * kdc/Makefile.am, kpasswd/Makefile.am, kadmin/Makefile.am: add - * configure.in: bump version to 0.2s-pre add options and testing - for (open)ldap - -2000-04-04 Assar Westerlund - - * configure.in (krb4): fix the krb_mk_req test - -2000-04-03 Assar Westerlund - - * configure.in (krb4): add test for const arguments to krb_mk_req - * lib/45/mk_req.c (krb_mk_req): conditionalize const-ness of - arguments - -2000-04-03 Assar Westerlund - - * Release 0.2r - -2000-04-03 Assar Westerlund - - * lib/krb5/Makefile.am: set version to 10:0:0 - * lib/45/mk_req.c (krb_mk_req): const-ize the arguments - -2000-03-30 Assar Westerlund - - * lib/krb5/principal.c (krb5_425_conv_principal_ext): add some - comments. add fall-back on adding the realm name in lower case. - -2000-03-29 Assar Westerlund - - * kdc/connect.c: remember to repoint all descr->sa to _ss after - realloc as this might have moved the memory around. problem - discovered and diagnosed by Brandon S. Allbery - -2000-03-27 Assar Westerlund - - * configure.in: recognize solaris 2.8 - * config.guess, config.sub: update to current version from - :pserver:anoncvs@subversions.gnu.org:/home/cvs - - * lib/krb5/init_creds_pw.c (print_expire): do not assume anything - about the size of time_t, i.e. make it 64-bit happy - -2000-03-13 Assar Westerlund - - * kuser/klist.c: add support for display v4 tickets - -2000-03-11 Assar Westerlund - - * kdc/kaserver.c (do_authenticate, do_getticket): call check_flags - * kdc/kerberos4.c (do_version4): call check_flags. - * kdc/kerberos5.c (check_flags): make global - -2000-03-10 Assar Westerlund - - * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): evil - hack to avoid recursion - -2000-03-04 Assar Westerlund - - * kuser/kinit.c: add `krb4_get_tickets' per realm. add --anonymous - * lib/krb5/krb5.h (krb5_get_init_creds_opt): add `anonymous' and - KRB5_GET_INIT_CREDS_OPT_ANONYMOUS - * lib/krb5/init_creds_pw.c (get_init_creds_common): set - request_anonymous flag appropriatly - * lib/krb5/init_creds.c (krb5_get_init_creds_opt_set_anonymous): - add - - * lib/krb5/get_in_tkt.c (_krb5_extract_ticket): new parameter to - determine whetever to ignore client name of not. always copy - client name from kdc. fix callers. - - * kdc: add support for anonymous tickets - - * kdc/string2key.8: add man-page for string2key - -2000-03-03 Assar Westerlund - - * kdc/hpropd.c (dump_krb4): get expiration date from `valid_end' - and not `pw_end' - - * kdc/kadb.h (ka_entry): fix name pw_end -> valid_end. add some - more fields - - * kdc/hprop.c (v4_prop): set the `valid_end' from the v4 - expiration date instead of the `pw_expire' - (ka_convert): set `valid_end' from ka expiration data and `pw_expire' - from pw_change + pw_expire - (main): add a default database for ka dumping - -2000-02-28 Assar Westerlund - - * lib/krb5/context.c (init_context_from_config_file): change - rfc2052 default to no. 2782 says that underscore should be used. - -2000-02-24 Assar Westerlund - - * lib/krb5/fcache.c (fcc_initialize, fcc_store_cred): verify that - stores and close succeed - * lib/krb5/store.c (krb5_store_creds): check to see that the - stores are succesful. - -2000-02-23 Assar Westerlund - - * Release 0.2q - -2000-02-22 Assar Westerlund - - * lib/krb5/Makefile.am: set version to 9:2:0 - - * lib/krb5/expand_hostname.c (krb5_expand_hostname_realms): copy - the correct hostname - - * kdc/connect.c (add_new_tcp): use the correct entries in the - descriptor table - * kdc/connect.c: initialize `descr' uniformly and correctly - -2000-02-20 Assar Westerlund - - * Release 0.2p - -2000-02-19 Assar Westerlund - - * lib/krb5/Makefile.am: set version to 9:1:0 - - * lib/krb5/expand_hostname.c (krb5_expand_hostname): make sure - that realms is filled in even when getaddrinfo fails or does not - return any canonical name - - * kdc/connect.c (descr): add sockaddr and string representation - (*): re-write to use the above mentioned - -2000-02-16 Assar Westerlund - - * lib/krb5/addr_families.c (krb5_parse_address): use - krb5_sockaddr2address to copy the result from getaddrinfo. - -2000-02-14 Assar Westerlund - - * Release 0.2o - -2000-02-13 Assar Westerlund - - * lib/krb5/Makefile.am: set version to 9:0:0 - - * kdc/kaserver.c (do_authenticate): return the kvno of the server - and not the client. Thanks to Brandon S. Allbery KF8NH - and Chaskiel M Grundman - for debugging. - - * kdc/kerberos4.c (do_version4): if an tgs-req is received with an - old kvno, return an error reply and write a message in the log. - -2000-02-12 Assar Westerlund - - * appl/test/gssapi_server.c (proto): with `--fork', create a child - and send over/receive creds with export/import_sec_context - * appl/test/gssapi_client.c (proto): with `--fork', create a child - and send over/receive creds with export/import_sec_context - * appl/test/common.c: add `--fork' / `-f' (only used by gssapi) - -2000-02-11 Assar Westerlund - - * kdc/kdc_locl.h: remove keyfile add explicit_addresses - * kdc/connect.c (init_sockets): pay attention to - explicit_addresses some more comments. better error messages. - * kdc/config.c: add some comments. - remove --key-file. - add --addresses. - - * lib/krb5/context.c (krb5_set_extra_addresses): const-ize and use - proper abstraction - -2000-02-07 Johan Danielsson - - * lib/krb5/changepw.c: use roken_getaddrinfo_hostspec - -2000-02-07 Assar Westerlund - - * Release 0.2n - -2000-02-07 Assar Westerlund - - * lib/krb5/Makefile.am: set version to 8:0:0 - * lib/krb5/keytab.c (krb5_kt_default_name): use strlcpy - (krb5_kt_add_entry): set timestamp - -2000-02-06 Assar Westerlund - - * lib/krb5/krb5.h: add macros for accessing krb5_realm - * lib/krb5/time.c (krb5_timeofday): use `krb5_timestamp' instead - of `int32_t' - - * lib/krb5/replay.c (checksum_authenticator): update to new API - for md5 - - * lib/krb5/krb5.h: remove des.h, it's not needed and applications - should not have to make sure to find it. - -2000-02-03 Assar Westerlund - - * lib/krb5/rd_req.c (get_key_from_keytab): rename parameter to - `out_key' to avoid conflicting with label. reported by Sean Doran - - -2000-02-02 Assar Westerlund - - * lib/krb5/expand_hostname.c: remember to lower-case host names. - bug reported by - - * kdc/kerberos4.c (do_version4): look at check_ticket_addresses - and emulate that by setting krb_ignore_ip_address (not a great - interface but it doesn't seem like the time to go around fixing - libkrb stuff now) - -2000-02-01 Johan Danielsson - - * kuser/kinit.c: change --noaddresses into --no-addresses - -2000-01-28 Assar Westerlund - - * kpasswd/kpasswd.c (main): make sure the ticket is not - forwardable and not proxiable - -2000-01-26 Assar Westerlund - - * lib/krb5/crypto.c: update to pseudo-standard APIs for - md4,md5,sha. some changes to libdes calls to make them more - portable. - -2000-01-21 Assar Westerlund - - * lib/krb5/verify_init.c (krb5_verify_init_creds): make sure to - clean up the correct creds. - -2000-01-16 Assar Westerlund - - * lib/krb5/principal.c (append_component): change parameter to - `const char *'. check malloc - * lib/krb5/principal.c (append_component, va_ext_princ, va_princ): - const-ize - * lib/krb5/mk_req.c (krb5_mk_req): make `service' and `hostname' - const - * lib/krb5/principal.c (replace_chars): also add space here - * lib/krb5/principal.c: (quotable_chars): add space - -2000-01-12 Assar Westerlund - - * kdc/kerberos4.c (do_version4): check if preauth was required and - bail-out if so since there's no way that could be done in v4. - Return NULL_KEY as an error to the client (which is non-obvious, - but what can you do?) - -2000-01-09 Assar Westerlund - - * lib/krb5/principal.c (krb5_sname_to_principal): use - krb5_expand_hostname_realms - * lib/krb5/mk_req.c (krb5_km_req): use krb5_expand_hostname_realms - * lib/krb5/expand_hostname.c (krb5_expand_hostname_realms): new - variant of krb5_expand_hostname that tries until it expands into - something that's digestable by krb5_get_host_realm, returning also - the result from that function. - -2000-01-08 Assar Westerlund - - * Release 0.2m - -2000-01-08 Assar Westerlund - - * configure.in: replace AC_C_BIGENDIAN with KRB_C_BIGENDIAN - - * lib/krb5/Makefile.am: bump version to 7:1:0 - - * lib/krb5/principal.c (krb5_sname_to_principal): use - krb5_expand_hostname - * lib/krb5/expand_hostname.c (krb5_expand_hostname): handle - ai_canonname being set in any of the addresses returnedby - getaddrinfo. glibc apparently returns the reverse lookup of every - address in ai_canonname. - -2000-01-06 Assar Westerlund - - * Release 0.2l - -2000-01-06 Assar Westerlund - - * lib/krb5/Makefile.am: set version to 7:0:0 - * lib/krb5/principal.c (krb5_sname_to_principal): remove `hp' - - * lib/hdb/Makefile.am: set version to 4:1:1 - - * kdc/hpropd.c (dump_krb4): use `krb5_get_default_realms' - * lib/krb5/get_in_tkt.c (add_padata): change types to make - everything work out - (krb5_get_in_cred): remove const to make types match - * lib/krb5/crypto.c (ARCFOUR_string_to_key): correct signature - * lib/krb5/principal.c (krb5_sname_to_principal): handle not - getting back a canonname - -2000-01-06 Assar Westerlund - - * Release 0.2k - -2000-01-06 Assar Westerlund - - * lib/krb5/send_to_kdc.c (krb5_sendto_kdc): advance colon so that - we actually parse the port number. based on a patch from Leif - Johansson - -2000-01-02 Assar Westerlund - - * admin/purge.c: remove all non-current and old entries from a - keytab - - * admin: break up ktutil.c into files - - * admin/ktutil.c (list): support --verbose (also listning time - stamps) - (kt_add, kt_get): set timestamp in newly created entries - (kt_change): add `change' command - - * admin/srvconvert.c (srvconv): set timestamp in newly created - entries - * lib/krb5/keytab_keyfile.c (akf_next_entry): set timetsamp, - always go the a predicatble position on error - * lib/krb5/keytab.c (krb5_kt_copy_entry_contents): copy timestamp - * lib/krb5/keytab_file.c (fkt_add_entry): store timestamp - (fkt_next_entry_int): return timestamp - * lib/krb5/krb5.h (krb5_keytab_entry): add timestamp diff --git a/crypto/heimdal/ChangeLog.2001 b/crypto/heimdal/ChangeLog.2001 deleted file mode 100644 index b048488f8d4b..000000000000 --- a/crypto/heimdal/ChangeLog.2001 +++ /dev/null @@ -1,1122 +0,0 @@ -2001-12-20 Johan Danielsson - - * lib/krb5/crypto.c: use our own des string-to-key function, since - the one from openssl sometimes generates wrong output - -2001-12-05 Jacques Vidrine - - * lib/hdb/mkey.c: fix a bug in which kstash would crash if - there were no /etc/krb5.conf - -2001-11-09 Johan Danielsson - - * lib/krb5/krb5_verify_user.3: sort references (from Thomas - Klausner) - - * lib/krb5/krb5_principal_get_realm.3: add section to reference - (from Thomas Klausner) - - * lib/krb5/krb5_krbhst_init.3: sort references (from Thomas - Klausner) - - * lib/krb5/krb5_keytab.3: white space fixes (from Thomas Klausner) - - * lib/krb5/krb5_get_krbhst.3: remove extra white space (from - Thomas Klausner) - - * lib/krb5/krb5_get_all_client_addrs.3: add section to reference - (from Thomas Klausner) - -2001-10-29 Jacques Vidrine - - * admin/get.c: fix a bug in which a reference to a data - structure on the stack was being kept after the containing - function's lifetime, resulting in a segfault during `ktutil - get'. - -2001-10-22 Assar Westerlund - - * lib/krb5/crypto.c: make all high-level encrypting and decrypting - functions check the return value of the underlying function and - handle errors more consistently. noted by Sam Hartman - - -2001-10-21 Assar Westerlund - - * lib/krb5/crypto.c (enctype_arcfour_hmac_md5): actually use a - non-keyed checksum when it should be non-keyed - -2001-09-29 Assar Westerlund - - * kuser/kinit.1: add the kauth alias - * kuser/kinit.c: allow specification of afslog in krb5.conf, noted - by jhutz@cs.cmu.edu - -2001-09-27 Assar Westerlund - - * lib/asn1/gen.c: remove the need for libasn1.h, also make - generated files include all files from IMPORTed modules - - * lib/krb5/krb5.h (KRB5_KPASSWD_*): set correct values - * kpasswd/kpasswd.c: improve error message printing - * lib/krb5/changepw.c (krb5_passwd_result_to_string): add change - to use sequence numbers connect the udp socket so that we can - figure out the local address - -2001-09-25 Assar Westerlund - - * lib/asn1: implement OBJECT IDENTIFIER and ENUMERATED - -2001-09-20 Johan Danielsson - - * lib/krb5/principal.c (krb5_425_conv_principal_ext): try using - lower case realm as domain, but only when given a verification - function - -2001-09-20 Assar Westerlund - - * lib/asn1/der_put.c (der_put_length): do not even try writing - anything when len == 0 - -2001-09-18 Johan Danielsson - - * kdc/hpropd.c: add realm override option - - * lib/krb5/set_default_realm.c (krb5_set_default_realm): make - realm parameter const - - * kdc/hprop.c: more free's - - * lib/krb5/init_creds_pw.c (krb5_get_init_creds_keytab): free key - proc data - - * lib/krb5/expand_hostname.c (krb5_expand_hostname_realms): free - addrinfo - - * lib/hdb/mkey.c (hdb_set_master_keyfile): clear error string when - not returning error - -2001-09-16 Assar Westerlund - - * lib/krb5/appdefault.c (krb5_appdefault_{boolean,string,time): - make realm const - - * lib/krb5/crypto.c: use des functions to avoid generating - warnings with openssl's prototypes - -2001-09-05 Johan Danielsson - - * configure.in: check for termcap.h - - * lib/asn1/lex.l: add another undef ECHO to keep AIX lex happy - -2001-09-03 Assar Westerlund - - * lib/krb5/addr_families.c (krb5_print_address): handle snprintf - returning < 0. noticed by hin@stacken.kth.se - -2001-09-03 Assar Westerlund - - * Release 0.4e - -2001-09-02 Johan Danielsson - - * kuser/Makefile.am: install kauth as a symlink to kinit - - * kuser/kinit.c: get v4_tickets by default - - * lib/asn1/Makefile.am: fix for broken automake - -2001-08-31 Johan Danielsson - - * lib/hdb/hdb-ldap.c: some pretty much untested changes from Luke - Howard - - * kuser/kinit.1: remove references to kauth - - * kuser/Makefile.am: kauth is no more - - * kuser/kinit.c: use appdefaults for everything. defaults are now - as in kauth. - - * lib/krb5/appdefault.c: also check libdefaults, and realms/realm - - * lib/krb5/context.c (krb5_free_context): free more stuff - -2001-08-30 Johan Danielsson - - * lib/krb5/verify_krb5_conf.c: do some checks of the values in the - file - - * lib/krb5/krb5.conf.5: remove srv_try_txt, fix spelling - - * lib/krb5/context.c: don't init srv_try_txt, since it isn't used - anymore - -2001-08-29 Jacques Vidrine - - * configure.in: Check for already-installed com_err. - -2001-08-28 Assar Westerlund - - * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): set versoin to 18:2:1 - -2001-08-24 Assar Westerlund - - * kuser/Makefile.am: remove CHECK_LOCAL - non bin programs require - no special treatment now - - * kuser/generate-requests.c: parse arguments in a useful way - * kuser/kverify.c: add --help/--verify - -2001-08-22 Assar Westerlund - - * configure.in: bump prereq to 2.52 remove unused test_LIB_KRB4 - - * configure.in: re-write the handling of crypto libraries. try to - use the one of openssl's libcrypto or krb4's libdes that has all - the required functionality (md4, md5, sha1, des, rc4). if there - is no such library, the included lib/des is built. - - * kdc/headers.h: include libutil.h if it exists - * kpasswd/kpasswd_locl.h: include libutil.h if it exists - * kdc/kerberos4.c (get_des_key): check for null keys even if - is_server - -2001-08-21 Assar Westerlund - - * lib/asn1/asn1_print.c: print some size_t correctly - * configure.in: remove extra space after -L check for libutil.h - -2001-08-17 Johan Danielsson - - * kdc/kdc_locl.h: fix prototype for get_des_key - - * kdc/kaserver.c: fix call to get_des_key - - * kdc/524.c: fix call to get_des_key - - * kdc/kerberos4.c (get_des_key): if getting a key for a server, - return any des-key not just keys that can be string-to-keyed by - the client - -2001-08-10 Assar Westerlund - - * Release 0.4d - -2001-08-10 Assar Westerlund - - * configure.in: check for openpty - * lib/hdb/Makefile.am (libhdb_la_LDFLAGS): update to 7:4:0 - -2001-08-08 Assar Westerlund - - * configure.in: just add -L (if required) from krb4 when testing - for libdes/libcrypto - -2001-08-04 Assar Westerlund - - * lib/krb5/Makefile.am (man_MANS): add some missing man pages - * fix-export: fix the sed expression for finding the man pages - -2001-07-31 Assar Westerlund - - * kpasswd/kpasswd-generator.c (main): implement --version and - --help - - * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): update version to - 18:1:1 - -2001-07-27 Assar Westerlund - - * lib/krb5/context.c (init_context_from_config_file): check - parsing of addresses - -2001-07-26 Assar Westerlund - - * lib/krb5/sock_principal.c (krb5_sock_to_principal): rename - sa_len -> salen to avoid the macro that's defined on irix. noted - by "Jacques A. Vidrine" - -2001-07-24 Johan Danielsson - - * lib/krb5/addr_families.c: add support for type - KRB5_ADDRESS_ADDRPORT - - * lib/krb5/addr_families.c (krb5_address_order): complain about - unsuppored address types - -2001-07-23 Johan Danielsson - - * admin/get.c: don't open connection to server until we loop over - the principals, at that time we know the realm of the (first) - principal and we can default to that admin server - - * admin: add a rename command - -2001-07-19 Assar Westerlund - - * kdc/hprop.c (usage): clarify a tiny bit - -2001-07-19 Assar Westerlund - - * Release 0.4c - -2001-07-19 Assar Westerlund - - * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): bump version to - 18:0:1 - - * lib/krb5/get_for_creds.c (krb5_fwd_tgt_creds): make it behave - the same way as the MIT function - - * lib/hdb/Makefile.am (libhdb_la_LDFLAGS): update to 7:3:0 - * lib/krb5/sock_principal.c (krb5_sock_to_principal): use - getnameinfo - - * lib/krb5/krbhst.c (srv_find_realm): handle port numbers - consistenly in local byte order - - * lib/krb5/get_default_realm.c (krb5_get_default_realm): set an - error string - - * kuser/kinit.c (renew_validate): invert condition correctly. get - v4 tickets if we succeed renewing - * lib/krb5/principal.c (krb5_principal_get_type): add - (default_v4_name_convert): add "smtp" - -2001-07-13 Assar Westerlund - - * configure.in: remove make-print-version from LIBOBJS, it's no - longer in lib/roken but always built in lib/vers - -2001-07-12 Johan Danielsson - - * lib/hdb/mkey.c: more set_error_string - -2001-07-12 Assar Westerlund - - * lib/hdb/Makefile.am (libhdb_la_LIBADD): add required library - dependencies - - * lib/asn1/Makefile.am (libasn1_la_LIBADD): add required library - dependencies - -2001-07-11 Johan Danielsson - - * kdc/hprop.c: remove v4 master key handling; remove old v4-db and - ka-db flags; add defaults for v4_realm and afs_cell - -2001-07-09 Assar Westerlund - - * lib/krb5/sock_principal.c (krb5_sock_to_principal): copy hname - before calling krb5_sname_to_principal. from "Jacques A. Vidrine" - - -2001-07-08 Johan Danielsson - - * lib/krb5/context.c: use krb5_copy_addresses instead of - copy_HostAddresses - -2001-07-06 Assar Westerlund - - * configure.in (LIB_des_a, LIB_des_so): add these so that they can - be used by lib/auth/sia - - * kuser/kinit.c: re-do some of the v4 fallbacks: look at - get-tokens flag do not print extra errors do not try to do 524 if - we got tickets from a v4 server - -2001-07-03 Assar Westerlund - - * lib/krb5/replay.c (krb5_get_server_rcache): cast argument to - printf - - * lib/krb5/get_addrs.c (find_all_addresses): call free_addresses - on ignore_addresses correctly - * lib/krb5/init_creds.c - (krb5_get_init_creds_opt_set_default_flags): change to take a - const realm - - * lib/krb5/principal.c (krb5_425_conv_principal_ext): if the - instance is the first component of the local hostname, the - converted host should be the long hostname. from - - -2001-07-02 Johan Danielsson - - * lib/krb5/Makefile.am: address.c is no more; add a couple of - manpages - - * lib/krb5/krb5_timeofday.3: new manpage - - * lib/krb5/krb5_get_all_client_addrs.3: new manpage - - * lib/krb5/get_in_tkt.c (init_as_req): treat no addresses as - wildcard - - * lib/krb5/get_cred.c (get_cred_kdc_la): treat no addresses as - wildcard - - * lib/krb5/get_addrs.c: don't include client addresses that match - ignore_addresses - - * lib/krb5/context.c: initialise ignore_addresses - - * lib/krb5/addr_families.c: add new `arange' fake address type, - that matches more than one address; this required some internal - changes to many functions, so all of address.c got moved here - (wasn't much left there) - - * lib/krb5/krb5.h: add list of ignored addresses to context - -2001-07-03 Assar Westerlund - - * Release 0.4b - -2001-07-03 Assar Westerlund - - * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): set version to 17:0:0 - * lib/hdb/Makefile.am (libhdb_la_LDFLAGS): set version to 7:2:0 - -2001-07-03 Assar Westerlund - - * Release 0.4a - -2001-07-02 Johan Danielsson - - * kuser/kinit.c: make this compile without krb4 support - - * lib/krb5/write_message.c: remove priv parameter from - write_safe_message; don't know why it was there in the first place - - * doc/install.texi: remove kaserver switches, it's always compiled - in now - - * kdc/hprop.c: always include kadb support - - * kdc/kaserver.c: always include kaserver support - -2001-07-02 Assar Westerlund - - * kpasswd/kpasswdd.c (doit): make failing to bind a socket a - non-fatal error, and abort if no sockets were bound - -2001-07-01 Assar Westerlund - - * lib/krb5/krbhst.c: remember the real port number when falling - back from kpasswd -> kadmin, and krb524 -> kdc - -2001-06-29 Assar Westerlund - - * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): if - no_addresses is set, do not add any local addresses to KRB_CRED - - * kuser/kinit.c: remove extra clearing of password and some - redundant code - -2001-06-29 Johan Danielsson - - * kuser/kinit.c: move ticket conversion code to separate function, - and call that from a couple of places, like when renewing a - ticket; also add a flag for just converting a ticket - - * lib/krb5/init_creds_pw.c: set renew-life to some sane value - - * kdc/524.c: don't send more data than required - -2001-06-24 Assar Westerlund - - * lib/krb5/store_fd.c (krb5_storage_from_fd): check malloc returns - - * lib/krb5/keytab_any.c (any_resolve); improving parsing of ANY: - (any_start_seq_get): remove a double free - (any_next_entry): iterate over all (sub) keytabs and avoid leave data - around to be freed again - - * kdc/kdc_locl.h: add a define for des_new_random_key when using - openssl's libcrypto - - * configure.in: move v6 tests down - - * lib/krb5/krb5.h (krb5_context_data): remove srv_try_rfc2052 - - * update to libtool 1.4 and autoconf 2.50 - -2001-06-22 Johan Danielsson - - * lib/hdb/hdb.c: use krb5_add_et_list - -2001-06-21 Johan Danielsson - - * lib/hdb/Makefile.am: add generation number - * lib/hdb/common.c: add generation number code - * lib/hdb/hdb.asn1: add generation number - * lib/hdb/print.c: use krb5_storage to make it more dynamic - -2001-06-21 Assar Westerlund - - * lib/krb5/krb5.conf.5: update to changed names used by - krb5_get_init_creds_opt_set_default_flags - * lib/krb5/init_creds.c - (krb5_get_init_creds_opt_set_default_flags): make the appdefault - keywords have the same names - - * configure.in: only add -L and -R to the krb4 libdir if we are - actually using it - - * lib/krb5/krbhst.c (fallback_get_hosts): do not copy trailing - dot of hostname add some comments - * lib/krb5/krbhst.c: use getaddrinfo instead of dns_lookup when - testing for kerberos.REALM. this allows reusing that information - when actually contacting the server and thus avoids one DNS lookup - -2001-06-20 Johan Danielsson - - * lib/krb5/krb5.h: include k524_err.h - - * lib/krb5/convert_creds.c (krb524_convert_creds_kdc): don't test - for keytype, the server will do this for us if it has anything to - complain about - - * lib/krb5/context.c: add protocol compatible krb524 error codes - - * lib/krb5/Makefile.am: add protocol compatible krb524 error codes - - * lib/krb5/k524_err.et: add protocol compatible krb524 error codes - - * lib/krb5/krb5_principal_get_realm.3: manpage - - * lib/krb5/principal.c: add functions `krb5_principal_get_realm' - and `krb5_principal_get_comp_string' that returns parts of a - principal; this is a replacement for the internal - `krb5_princ_realm' and `krb5_princ_component' macros that everyone - seem to use - -2001-06-19 Assar Westerlund - - * kuser/kinit.c (main): dereference result from krb5_princ_realm. - from Thomas Nystrom - -2001-06-18 Johan Danielsson - - * lib/krb5/mk_req.c (krb5_mk_req_exact): free creds when done - * lib/krb5/crypto.c (krb5_string_to_key_derived): fix memory leak - * lib/krb5/krbhst.c (config_get_hosts): free hostlist - * kuser/kinit.c: free principal - -2001-06-18 Assar Westerlund - - * lib/krb5/send_to_kdc.c (krb5_sendto): remove an extra - freeaddrinfo - - * lib/krb5/convert_creds.c (krb524_convert_creds_kdc_ccache): - remove some unused variables - - * lib/krb5/krbhst.c (admin_get_next): spell kerberos correctly - * kdc/kerberos5.c: update to new krb5_auth_con* names - * kdc/hpropd.c: update to new krb5_auth_con* names - * lib/krb5/rd_req.c (krb5_rd_req): use krb5_auth_con* functions - and remove some comments - * lib/krb5/rd_safe.c (krb5_rd_safe): pick the keys in the right - order: remote - local - session - * lib/krb5/rd_rep.c (krb5_rd_rep): save the remote sub key in the - auth_context - * lib/krb5/rd_priv.c (krb5_rd_priv): pick keys in the correct - order: remote - local - session - * lib/krb5/mk_safe.c (krb5_mk_safe): pick keys in the right order, - local - remote - session - -2001-06-18 Johan Danielsson - - * lib/krb5/convert_creds.c: use starttime instead of authtime, - from Chris Chiappa - - * lib/krb5/convert_creds.c: make krb524_convert_creds_kdc match - the MIT function by the same name; add - krb524_convert_creds_kdc_ccache that does what the old version did - - * admin/list.c (do_list): make sure list of keys is NULL - terminated; similar to patch sent by Chris Chiappa - -2001-06-18 Assar Westerlund - - * lib/krb5/mcache.c (mcc_remove_cred): use - krb5_free_creds_contents - - * lib/krb5/auth_context.c: name function krb5_auth_con more - consistenly - * lib/krb5/rd_req.c (krb5_verify_authenticator_checksum): use - renamed krb5_auth_con_getauthenticator - - * lib/krb5/convert_creds.c (krb524_convert_creds_kdc): update to - use krb5_krbhst API - * lib/krb5/changepw.c (krb5_change_password): update to use - krb5_krbhst API - * lib/krb5/send_to_kdc.c: update to use krb5_krbhst API - * lib/krb5/krbhst.c (krb5_krbhst_get_addrinfo): add set def_port - in krb5_krbhst_info - (krb5_krbhst_free): free everything - - * lib/krb5/krb5.h (KRB5_VERIFY_NO_ADDRESSES): add - (krb5_krbhst_info): add def_port (default port for this service) - - * lib/krb5/krbhst-test.c: make it more verbose and useful - * lib/krb5/krbhst.c: remove some more memory leaks do not try any - dns operations if there is local configuration admin: fallback to - kerberos.REALM 524: fallback to kdcs kpasswd: fallback to admin - add some comments - - * configure.in: remove initstate and setstate, they should be in - cf/roken-frag.m4 - - * lib/krb5/Makefile.am (noinst_PROGRAMS): add krbhst-test - * lib/krb5/krbhst-test.c: new program for testing krbhst - * lib/krb5/krbhst.c (common_init): remove memory leak - (main): move test program into krbhst-test - -2001-06-17 Johan Danielsson - - * lib/krb5/krb5_krbhst_init.3: manpage - - * lib/krb5/krb5_get_krbhst.3: manpage - -2001-06-16 Johan Danielsson - - * lib/krb5/krb5.h: add opaque krb5_krbhst_handle type - - * lib/krb5/krbhst.c: change void* to krb5_krbhst_handle - - * lib/krb5/krb5.h: types for new krbhst api - - * lib/krb5/krbhst.c: implement a new api that looks up one host at - a time, instead of making a list of hosts - -2001-06-09 Johan Danielsson - - * configure.in: test for initstate and setstate - - * lib/krb5/krbhst.c: remove rfc2052 support - -2001-06-08 Johan Danielsson - - * fix some manpages for broken mdoc.old grog test - -2001-05-28 Assar Westerlund - - * lib/krb5/krb5.conf.5: add [appdefaults] - * lib/krb5/init_creds_pw.c: remove configuration reading that is - now done in krb5_get_init_creds_opt_set_default_flags - * lib/krb5/init_creds.c - (krb5_get_init_creds_opt_set_default_flags): add reading of - libdefaults versions of these and add no_addresses - - * lib/krb5/get_in_tkt.c (krb5_get_in_cred): clear error string - when preauth was required and we retry - -2001-05-25 Assar Westerlund - - * lib/krb5/convert_creds.c (krb524_convert_creds_kdc): call - krb5_get_krb524hst - * lib/krb5/krbhst.c (krb5_get_krb524hst): add and restructure the - support functions - -2001-05-22 Assar Westerlund - - * kdc/kerberos5.c (tgs_rep2): alloc and free csec and cusec - properly - -2001-05-17 Assar Westerlund - - * Release 0.3f - -2001-05-17 Assar Westerlund - - * lib/krb5/Makefile.am: bump version to 16:0:0 - * lib/hdb/Makefile.am: bump version to 7:1:0 - * lib/asn1/Makefile.am: bump version to 5:0:0 - * lib/krb5/keytab_krb4.c: add SRVTAB as an alias for krb4 - * lib/krb5/codec.c: remove dead code - -2001-05-17 Johan Danielsson - - * kdc/config.c: actually check the ticket addresses - -2001-05-15 Assar Westerlund - - * lib/krb5/rd_error.c (krb5_error_from_rd_error): use correct - parenthesis - - * lib/krb5/eai_to_heim_errno.c (krb5_eai_to_heim_errno): add - `errno' (called system_error) to allow callers to make sure they - pass the current and relevant value. update callers - -2001-05-14 Johan Danielsson - - * lib/krb5/verify_user.c: krb5_verify_user_opt - - * lib/krb5/krb5.h: verify_opt - - * kdc/kerberos5.c: pass context to krb5_domain_x500_decode - -2001-05-14 Assar Westerlund - - * kpasswd/kpasswdd.c: adapt to new address functions - * kdc/kerberos5.c: adapt to changing address functions use LR_TYPE - * kdc/connect.c: adapt to changing address functions - * kdc/config.c: new krb5_config_parse_file - * kdc/524.c: new krb5_sockaddr2address - * lib/krb5/*: add some krb5_{set,clear}_error_string - - * lib/asn1/k5.asn1 (LR_TYPE): add - * lib/asn1/Makefile.am (gen_files): add asn1_LR_TYPE.x - -2001-05-11 Assar Westerlund - - * kdc/kerberos5.c (tsg_rep): fix typo in variable name - - * kpasswd/kpasswd-generator.c (nop_prompter): update prototype - * lib/krb5/init_creds_pw.c: update to new prompter, use prompter - types and send two prompts at once when changning password - * lib/krb5/prompter_posix.c (krb5_prompter_posix): add name - * lib/krb5/krb5.h (krb5_prompt): add type - (krb5_prompter_fct): add anem - - * lib/krb5/cache.c (krb5_cc_next_cred): transpose last two - paramaters to krb5_cc_next_cred (as MIT does, and not as they - document). From "Jacques A. Vidrine" - -2001-05-11 Johan Danielsson - - * lib/krb5/Makefile.am: store-test - - * lib/krb5/store-test.c: simple bit storage test - - * lib/krb5/store.c: add more byteorder storage flags - - * lib/krb5/krb5.h: add more byteorder storage flags - - * kdc/kerberos5.c: don't use NULL where we mean 0 - - * kdc/kerberos5.c: put referral test code in separate function, - and test for KRB5_NT_SRV_INST - -2001-05-10 Assar Westerlund - - * admin/list.c (do_list): do not close the keytab if opening it - failed - * admin/list.c (do_list): always print complete names. print - everything to stdout. - * admin/list.c: print both v5 and v4 list by default - * admin/remove.c (kt_remove): reorganize some. open the keytab - (defaulting to the modify one). - * admin/purge.c (kt_purge): reorganize some. open the keytab - (defaulting to the modify one). correct usage strings - * admin/list.c (kt_list): reorganize some. open the keytab - * admin/get.c (kt_get): reorganize some. open the keytab - (defaulting to the modify one) - * admin/copy.c (kt_copy): default to modify key name. re-organise - * admin/change.c (kt_change): reorganize some. open the keytab - (defaulting to the modify one) - * admin/add.c (kt_add): reorganize some. open the keytab - (defaulting to the modify one) - * admin/ktutil.c (main): do not open the keytab, let every - sub-function handle it - - * kdc/config.c (configure): call free_getarg_strings - - * lib/krb5/get_in_tkt.c (krb5_get_in_cred): set error strings for - a few more errors - - * lib/krb5/get_host_realm.c (krb5_get_host_realm_int): make - `use_dns' parameter boolean - - * lib/krb5/krb5.h (krb5_context_data): add default_keytab_modify - * lib/krb5/context.c (init_context_from_config_file): set - default_keytab_modify - * lib/krb5/krb5_locl.h (KEYTAB_DEFAULT): change to - ANY:FILE:/etc/krb5.keytab,krb4:/etc/srvtab - (KEYTAB_DEFAULT_MODIFY): add - * lib/krb5/keytab.c (krb5_kt_default_modify_name): add - (krb5_kt_resolve): set error string for failed keytab type - -2001-05-08 Assar Westerlund - - * lib/krb5/crypto.c (encryption_type): make field names more - consistent - (create_checksum): separate usage and type - (krb5_create_checksum): add a separate type parameter - (encrypt_internal): only free once on mismatched checksum length - - * lib/krb5/send_to_kdc.c (krb5_sendto_kdc2): try to tell what - realm we didn't manage to reach any KDC for in the error string - - * lib/krb5/generate_seq_number.c (krb5_generate_seq_number): free - the entire subkey. from - -2001-05-07 Johan Danielsson - - * lib/krb5/keytab_keyfile.c (akf_start_seq_get): return - KT_NOTFOUND if the file is empty - -2001-05-07 Assar Westerlund - - * lib/krb5/fcache.c: call krb5_set_error_string when open fails - fatally - * lib/krb5/keytab_file.c: call krb5_set_error_string when open - fails fatally - - * lib/krb5/warn.c (_warnerr): print error_string in context in - preference to error string derived from error code - * kuser/kinit.c (main): try to print the error string - * lib/krb5/get_in_tkt.c (krb5_get_in_cred): set some sensible - error strings for errors - - * lib/krb5/krb5.h (krb5_context_data): add error_string and - error_buf - * lib/krb5/Makefile.am (libkrb5_la_SOURCES): add error_string.c - * lib/krb5/error_string.c: new file - -2001-05-02 Johan Danielsson - - * lib/krb5/time.c: krb5_string_to_deltat - - * lib/krb5/sock_principal.c: one less data copy - - * lib/krb5/eai_to_heim_errno.c: conversion function for h_errno's - - * lib/krb5/get_default_principal.c: change this slightly - - * lib/krb5/crypto.c: make checksum_types into an array of pointers - - * lib/krb5/convert_creds.c: make sure we always use a des-cbc-crc - ticket - -2001-04-29 Assar Westerlund - - * kdc/kerberos5.c (tgs_rep2): return a reference to a krbtgt for - the right realm if we fail to find a non-krbtgt service in the - database and the second component does a succesful non-dns lookup - to get the real realm (which has to be different from the - originally-supplied realm). this should help windows 2000 clients - that always start their lookups in `their' realm and do not have - any idea of how to map hostnames into realms - * kdc/kerberos5.c (is_krbtgt): rename to get_krbtgt_realm - -2001-04-27 Johan Danielsson - - * lib/krb5/get_host_realm.c (krb5_get_host_realm_int): add extra - parameter to request use of dns or not - -2001-04-25 Assar Westerlund - - * admin/get.c (kt_get): allow specification of encryption types - * lib/krb5/verify_init.c (krb5_verify_init_creds): do not try to - close an unopened ccache, noted by - - * lib/krb5/krb5.h (krb5_any_ops): add declaration - * lib/krb5/context.c (init_context_from_config_file): register - krb5_any_ops - - * lib/krb5/keytab_any.c: new file, implementing union of keytabs - * lib/krb5/Makefile.am (libkrb5_la_SOURCES): add keytab_any.c - - * lib/krb5/init_creds_pw.c (get_init_creds_common): handle options - == NULL. noted by - -2001-04-19 Johan Danielsson - - * lib/krb5/rd_cred.c: set ret_creds to NULL before doing anything - else, from Jacques Vidrine - -2001-04-18 Johan Danielsson - - * lib/hdb/libasn1.h: asn1.h -> krb5_asn1.h - - * lib/asn1/Makefile.am: add asn1_ENCTYPE.x - - * lib/krb5/krb5.h: adapt to asn1 changes - - * lib/asn1/k5.asn1: move enctypes here - - * lib/asn1/libasn1.h: rename asn1.h to krb5_asn1.h to avoid - conflicts - - * lib/asn1/Makefile.am: rename asn1.h to krb5_asn1.h to avoid - conflicts - - * lib/asn1/lex.l: use strtol to parse constants - -2001-04-06 Johan Danielsson - - * kuser/kinit.c: add simple support for running commands - -2001-03-26 Assar Westerlund - - * lib/hdb/hdb-ldap.c: change order of includes to allow it to work - with more versions of openldap - - * kdc/kerberos5.c (tgs_rep2): try to set sec and usec in error - replies - (*): update callers of krb5_km_error - (check_tgs_flags): handle renews requesting non-renewable tickets - - * lib/krb5/mk_error.c (krb5_mk_error): allow specifying both ctime - and cusec - - * lib/krb5/krb5.h (krb5_checksum, krb5_keyusage): add - compatibility names - - * lib/krb5/crypto.c (create_checksum): change so that `type == 0' - means pick from the `crypto' (context) and otherwise use that - type. this is not a large change in practice and allows callers - to specify the exact checksum algorithm to use - -2001-03-13 Assar Westerlund - - * lib/krb5/get_cred.c (get_cred_kdc): add support for falling back - to KRB5_KU_AP_REQ_AUTH when KRB5_KU_TGS_REQ_AUTH gives `bad - integrity'. this helps for talking to old (pre 0.3d) KDCs - -2001-03-12 Assar Westerlund - - * lib/krb5/crypto.c (krb5_derive_key): new function, used by - derived-key-test.c - * lib/krb5/string-to-key-test.c: add new test vectors posted by - Ken Raeburn in to - ietf-krb-wg@anl.gov - * lib/krb5/n-fold-test.c: more test vectors from same source - * lib/krb5/derived-key-test.c: more tests from same source - -2001-03-06 Assar Westerlund - - * acconfig.h: include roken_rename.h when appropriate - -2001-03-06 Assar Westerlund - - * lib/krb5/krb5.h (krb5_enctype): remove trailing comma - -2001-03-04 Assar Westerlund - - * lib/krb5/krb5.h (krb5_enctype): add ENCTYPE_* aliases for - compatibility with MIT krb5 - -2001-03-02 Assar Westerlund - - * kuser/kinit.c (main): only request a renewable ticket when - explicitly requested. it still gets a renewable one if the renew - life is specified - * kuser/kinit.c (renew_validate): treat -1 as flags not being set - -2001-02-28 Johan Danielsson - - * lib/krb5/context.c (krb5_init_ets): use krb5_add_et_list - -2001-02-27 Johan Danielsson - - * lib/krb5/get_cred.c: implement krb5_get_cred_from_kdc_opt - -2001-02-25 Assar Westerlund - - * configure.in: do not use -R when testing for des functions - -2001-02-14 Assar Westerlund - - * configure.in: test for lber.h when trying to link against - openldap to handle openldap v1, from Sumit Bose - - -2001-02-19 Assar Westerlund - - * lib/asn1/libasn1.h: add string.h (for memset) - -2001-02-15 Assar Westerlund - - * lib/krb5/warn.c (_warnerr): add printf attributes - * lib/krb5/send_to_kdc.c (krb5_sendto): loop over all address - returned by getaddrinfo before trying the next kdc. from - thorpej@netbsd.org - - * lib/krb5/krb5.conf.5: fix default_realm in example - - * kdc/connect.c: fix a few kdc_log format types - - * configure.in: try to handle libdes/libcrypto ont requiring -L - -2001-02-10 Assar Westerlund - - * lib/asn1/gen_decode.c (generate_type_decode): zero the data at - the beginning of the generated function, and add a label `fail' - that the code jumps to in case of errors that frees all allocated - data - -2001-02-07 Assar Westerlund - - * configure.in: aix dce: fix misquotes, from Ake Sandgren - - - * configure.in (dpagaix_LDFLAGS): try to add export file - -2001-02-05 Assar Westerlund - - * lib/krb5/krb5_keytab.3: new man page, contributed by - - - * kdc/kaserver.c: update to new db_fetch4 - -2001-02-05 Assar Westerlund - - * Release 0.3e - -2001-01-30 Assar Westerlund - - * kdc/hprop.c (v4_get_masterkey): check kdb_verify_master_key - properly - (kdb_prop): decrypt key properly - * kdc/hprop.c: handle building with KRB4 always try to decrypt v4 - data with the master key leave it up to the v5 how to encrypt with - that master key - - * kdc/kstash.c: include file name in error messages - * kdc/hprop.c: fix a typo and check some more return values - * lib/hdb/hdb-ldap.c (LDAP__lookup_princ): call ldap_search_s - correctly. From Jacques Vidrine - * kdc/misc.c (db_fetch): HDB_ERR_NOENTRY makes more sense than - ENOENT - - * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): bump version to - 15:0:0 - * lib/hdb/Makefile.am (libhdb_la_LDFLAGS): bump version to 7:0:0 - * lib/asn1/Makefile.am (libasn1_la_LDFLAGS): bump version to 4:0:2 - * kdc/misc.c (db_fetch): return an error code. change callers to - look at this and try to print it in log messages - - * lib/krb5/crypto.c (decrypt_internal_derived): check that there's - enough data - -2001-01-29 Assar Westerlund - - * kdc/hprop.c (realm_buf): move it so it becomes properly - conditional on KRB4 - - * lib/hdb/mkey.c (hdb_unseal_keys_mkey, hdb_seal_keys_mkey, - hdb_unseal_keys, hdb_seal_keys): check that we have the correct - master key and that we manage to decrypt the key properly, - returning an error code. fix all callers to check return value. - - * tools/krb5-config.in: use @LIB_des_appl@ - * tools/Makefile.am (krb5-config): add LIB_des_appl - * configure.in (LIB_des): set correctly - (LIB_des_appl): add for the use by krb5-config.in - - * lib/krb5/store_fd.c (fd_fetch, fd_store): use net_{read,write} - to make sure of not dropping data when doing it over a socket. - (this might break when used with ordinary files on win32) - - * lib/hdb/hdb_err.et (NO_MKEY): add - - * kdc/kerberos5.c (as_rep): be paranoid and check - krb5_enctype_to_string for failure, noted by - - * lib/krb5/krb5_init_context.3, lib/krb5/krb5_context.3, - lib/krb5/krb5_auth_context.3: add new man pages, contributed by - - - * use the openssl api for md4/md5/sha and handle openssl/*.h - - * kdc/kaserver.c (do_getticket): check length of ticket. noted by - - -2001-01-28 Assar Westerlund - - * configure.in: send -R instead of -rpath to libtool to set - runtime library paths - - * lib/krb5/Makefile.am: remove all dependencies on libkrb - -2001-01-27 Assar Westerlund - - * appl/rcp: add port of bsd rcp changed to use existing rsh, - contributed by Richard Nyberg - -2001-01-27 Johan Danielsson - - * lib/krb5/get_port.c: don't warn if the port name can't be found, - nobody cares anyway - -2001-01-26 Johan Danielsson - - * kdc/hprop.c: make it possible to convert a v4 dump file without - having any v4 libraries; the kdb backend still require them - - * kdc/v4_dump.c: include shadow definition of kdb Principal, so we - don't have to depend on any v4 libraries - - * kdc/hprop.h: include shadow definition of kdb Principal, so we - don't have to depend on any v4 libraries - - * lib/hdb/print.c: reduce number of memory allocations - - * lib/hdb/mkey.c: add support for reading krb4 /.k files - -2001-01-19 Assar Westerlund - - * lib/krb5/krb5.conf.5: document admin_server and kpasswd_server - for realms document capath better - - * lib/krb5/krbhst.c (krb5_get_krb_changepw_hst): preferably look - at kpasswd_server before admin_server - - * lib/krb5/get_cred.c (get_cred_from_kdc_flags): look in - [libdefaults]capath for better hint of realm to send request to. - this allows the client to specify `realm routing information' in - case it cannot be done at the server (which is preferred) - - * lib/krb5/rd_priv.c (krb5_rd_priv): handle no sequence number as - zero when we were expecting a sequence number. MIT krb5 cannot - generate a sequence number of zero, instead generating no sequence - number - * lib/krb5/rd_safe.c (krb5_rd_safe): dito - -2001-01-11 Assar Westerlund - - * kpasswd/kpasswdd.c: add --port option - -2001-01-10 Assar Westerlund - - * lib/krb5/appdefault.c (krb5_appdefault_string): fix condition - just before returning - -2001-01-09 Assar Westerlund - - * appl/kf/kfd.c (proto): use krb5_rd_cred2 instead of krb5_rd_cred - -2001-01-05 Johan Danielsson - - * kuser/kinit.c: call a time `time', and not `seconds' - - * lib/krb5/init_creds.c: not much point in setting the anonymous - flag here - - * lib/krb5/krb5_appdefault.3: document appdefault_time - -2001-01-04 Johan Danielsson - - * lib/krb5/verify_user.c: use - krb5_get_init_creds_opt_set_default_flags - - * kuser/kinit.c: use krb5_get_init_creds_opt_set_default_flags - - * lib/krb5/init_creds.c: new function - krb5_get_init_creds_opt_set_default_flags to set options from - krb5.conf - - * lib/krb5/rd_cred.c: make this match the MIT function - - * lib/krb5/appdefault.c (krb5_appdefault_string): handle NULL - def_val - (krb5_appdefault_time): new function - -2001-01-03 Assar Westerlund - - * kdc/hpropd.c (main): handle EOF when reading from stdin diff --git a/crypto/heimdal/ChangeLog.2002 b/crypto/heimdal/ChangeLog.2002 deleted file mode 100644 index 37fda2e4940a..000000000000 --- a/crypto/heimdal/ChangeLog.2002 +++ /dev/null @@ -1,726 +0,0 @@ -2002-12-19 Johan Danielsson - - * lib/krb5/mk_rep.c: free allocated storage; reported by Howard - Chu - -2002-12-08 Johan Danielsson - - * kdc/kdc_locl.h: remove old encrypt_v4_ticket prototype - -2002-12-02 Johan Danielsson - - * kpasswd/kpasswdd.c (doit): initialise sa_size to size of - sockaddr_storage - - * kdc/connect.c (init_socket): initialise sa_size to size of - sockaddr_storage - -2002-11-15 Johan Danielsson - - * lib/krb5/krb5.h: remove trailing comma in enum - -2002-11-07 Johan Danielsson - - * kdc/524.c: implement crude b2 style (non-)conversion for use - with afs - - * kdc/kerberos4.c: move encrypt_v4_ticket to 524.c, since that's - where it's used - -2002-10-21 Johan Danielsson - - * lib/krb5/keytab_keyfile.c: more strcspn - - * lib/krb5/store_emem.c (emem_store): limit how much we allocate - (from Olaf Kirch) - - * lib/krb5/principal.c: don't allow trailing backslashes in - components - - * kdc/connect.c: check that %-quotes are followed by two hex - digits - - * lib/krb5/keytab_any.c: properly close the open keytabs (from - Larry Greenfield) - - * kdc/kaserver.c: make sure life is positive (from John Godehn) - -2002-10-17 Johan Danielsson - - * kuser/klist.c (display_tokens): allow tokens up to size of - buffer (from Magnus Holmberg) - -2002-09-29 Johan Danielsson - - * lib/krb5/changepw.c (process_reply): fix reply length check - calculation (reported by various people) - -2002-09-24 Johan Danielsson - - * lib/krb5/keytab_file.c (fkt_remove_entry): check return value - from start_seq_get (from Wynn Wilkes) - -2002-09-19 Johan Danielsson - - * lib/krb5/context.c (krb5_set_config_files): return ENXIO instead - of ENOENT when "unconfigured" - -2002-09-16 Jacques Vidrine - - * lib/krb5/kuserok.c, lib/krb5/prompter_posix.c: use strcspn - to convert the newline to NUL in fgets results. - -2002-09-13 Johan Danielsson - - * kuser/kinit.1: remove unneeded Ns - - * lib/krb5/krb5_appdefault.3: remove extra "application" - - * fix-export: remove autom4ate.cache - -2002-09-10 Johan Danielsson - - * include/make_crypto.c: don't use function macros if possible - - * lib/krb5/krb5_locl.h: get limits.h for UINT_MAX - - * include/Makefile.am: use make_crypto to create crypto-headers.h - - * include/make_crypto.c: crypto header generation tool - - * configure.in: move crypto test to just after testing for krb4, - and move roken tests to after both, this speeds up various failure - cases with krb4 - - * lib/krb5/config_file.c: don't use NULL when we mean 0 - - * configure.in: we don't set package_libdir anymore, so no point - in testing for it - - * tools/Makefile.am: subst INCLUDE_des - - * tools/krb5-config.in: add INCLUDE_des to cflags - - * configure.in: use AC_CONFIG_SRCDIR - - * fix-export: remove some unneeded stuff - - * kuser/kinit.c (do_524init): free principals - -2002-09-09 Jacques Vidrine - - * kdc/kerberos5.c (get_pa_etype_info, fix_transited_encoding), - kdc/kaserver.c (krb5_ret_xdr_data), - lib/krb5/transited.c (krb5_domain_x500_decode): Validate some - counts: Check that they are non-negative, and that they are small - enough to avoid integer overflow when used in memory allocation - calculations. Potential problem areas pointed out by - Sebastian Krahmer . - - * lib/krb5/keytab_keyfile.c (akf_add_entry): Use O_EXCL when - creating a new keyfile. - -2002-09-09 Johan Danielsson - - * configure.in: don't try to build pam module - -2002-09-05 Johan Danielsson - - * appl/kf/kf.c: fix warning string - - * lib/krb5/log.c (krb5_vlog_msg): delay message formating till we - know we need it - -2002-09-04 Assar Westerlund - - * kdc/kerberos5.c (encode_reply): correct error logging - -2002-09-04 Johan Danielsson - - * lib/krb5/sendauth.c: close ccache if we opened it - - * appl/kf/kf.c: handle new protocol - - * appl/kf/kfd.c: use krb5_err instead of sysloging directly, - handle the new protocol, and bail out if an old client tries to - connect - - * appl/kf/kf_locl.h: we need a protocol version string - - * lib/hdb/hdb-ldap.c: use ASN1_MALLOC_ENCODE - - * kdc/kerberos5.c: use ASN1_MALLOC_ENCODE - - * kdc/hprop.c: set AP_OPTS_USE_SUBKEY - - * lib/hdb/common.c: use ASN1_MALLOC_ENCODE - - * lib/asn1/gen.c: add convenience macro that allocates a buffer - and encoded into that - - * lib/krb5/get_cred.c (init_tgs_req): use - in_creds->session.keytype literally instead of trying to convert - to a list of enctypes (it should already be an enctype) - - * lib/krb5/get_cred.c (init_tgs_req): init ret - -2002-09-03 Johan Danielsson - - * lib/asn1/k5.asn1: remove ETYPE_DES3_CBC_NONE_IVEC - - * lib/krb5/krb5.h: remove ENCTYPE_DES3_CBC_NONE_IVEC - - * lib/krb5/crypto.c: get rid of DES3_CBC_encrypt_ivec, just use - zero ivec in DES3_CBC_encrypt if passed ivec is NULL - - * lib/krb5/Makefile.am: back out 1.144, since it will re-create - krb5-protos.h at build-time, which requires perl, which is bad - - * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): don't - blindly use the local subkey - - * lib/krb5/crypto.c: add function krb5_crypto_getblocksize that - extracts the required blocksize from a crypto context - - * lib/krb5/build_auth.c: just get the length of the encoded - authenticator instead of trying to grow a buffer - -2002-09-03 Assar Westerlund - - * configure.in: add --disable-mmap option, and tests for - sys/mman.h and mmap - -2002-09-03 Jacques Vidrine - - * lib/krb5/changepw.c: verify lengths in response - - * lib/asn1/der_get.c (decode_integer, decode_unsigned): check for - truncated integers - -2002-09-02 Johan Danielsson - - * lib/krb5/mk_req_ext.c: generate a local subkey if - AP_OPTS_USE_SUBKEY is set - - * lib/krb5/build_auth.c: we don't have enough information about - whether to generate a local subkey here, so don't try to - - * lib/krb5/auth_context.c: new function - krb5_auth_con_generatelocalsubkey - - * lib/krb5/get_in_tkt.c: only set kdc_sec_offset if looking at an - initial ticket - - * lib/krb5/context.c (init_context_from_config_file): simplify - initialisation of srv_lookup - - * lib/krb5/changepw.c (send_request): set AP_OPTS_USE_SUBKEY - - * lib/krb5/krb5.h: add AP_OPTS_USE_SUBKEY - -2002-08-30 Assar Westerlund - - * lib/krb5/name-45-test.c: also test krb5_524_conv_principal - * lib/krb5/Makefile.am (TESTS): add name-45-test - * lib/krb5/name-45-test.c: add testcases for - krb5_425_conv_principal - -2002-08-29 Assar Westerlund - - * lib/krb5/parse-name-test.c: also test unparse_short functions - * lib/asn1/asn1_print.c: use com_err/error_message API - * lib/krb5/Makefile.am: add parse-name-test - * lib/krb5/parse-name-test.c: add a program for testing parsing - and unparsing principal names - -2002-08-28 Assar Westerlund - - * kdc/config.c: add missing ifdef DAEMON - -2002-08-28 Johan Danielsson - - * configure.in: use rk_SUNOS - - * kdc/config.c: add detach options - - * kdc/main.c: maybe detach from console? - - * kdc/kdc.8: markup changes - - * configure.in: AC_TEST_PACKAGE_NEW -> rk_TEST_PACKAGE - - * configure.in: use rk_TELNET, rename some other macros, and don't - add -ldes to krb4 link command - - * kuser/kinit.1: whitespace fix (from NetBSD) - - * include/bits.c: we may need unistd.h for ssize_t - -2002-08-26 Assar Westerlund - - * lib/krb5/principal.c (krb5_425_conv_principal_ext): lookup AAAA - rrs before A ones when using the resolver to verify a mapping, - also use getaddrinfo when resolver is not available - - * lib/hdb/keytab.c (find_db): const-correctness in parameters to - krb5_config_get_next - - * lib/asn1/gen.c: include in the generated files (for - memset) - -2002-08-22 Assar Westerlund - - * lib/krb5/test_get_addrs.c, lib/krb5/krbhst-test.c: make it use - getarg so that it can handle --help and --version (and thus make - check can pass) - - * lib/asn1/check-der.c: make this build again - -2002-08-22 Assar Westerlund - - * lib/asn1/der_get.c (der_get_int): handle len == 0. based on a - patch from Love - -2002-08-22 Johan Danielsson - - * lib/krb5/krb5.h: we seem to call KRB5KDC_ERR_KEY_EXP - KRB5KDC_ERR_KEY_EXPIRED, so define the former to the latter - - * kdc/kdc.8: add blurb about adding and removing addresses; update - kdc.conf section to match reality - - * configure.in: KRB_SENDAUTH_VLEN seems to always have existed, so - don't define it - -2002-08-21 Assar Westerlund - - * lib/asn1/asn1_print.c: print OIDs too, based on a patch from - Love - -2002-08-21 Johan Danielsson - - * kuser/kinit.c (do_v4_fallback): don't use krb_get_pw_in_tkt2 - since it might not exist, and we don't actually care about the key - -2002-08-20 Johan Danielsson - - * lib/krb5/krb5.conf.5: correct documentation for - verify_ap_req_nofail - - * lib/krb5/log.c: rename syslog_data to avoid name conflicts (from - Mattias Amnefelt) - - * kuser/klist.c (display_tokens): increase token buffer size, and - add more checks of the kernel data (from Love) - -2002-08-19 Johan Danielsson - - * fix-export: use make to parse Makefile.am instead of perl - - * configure.in: use argument-less AM_INIT_AUTOMAKE, now that it - groks AC_INIT with package name etc. - - * kpasswd/kpasswdd.c: include - - * lib/asn1/asn1_print.c: include com_right.h - - * lib/krb5/addr_families.c: socklen_t -> krb5_socklen_t - - * include/bits.c: define krb5_socklen_t type; this should really - go someplace else, but this was easy - - * lib/krb5/verify_krb5_conf.c: don't bail out if parsing of a file - fails, just warn about it - - * kdc/log.c (kdc_openlog): no need for a config_file parameter - - * kdc/config.c: just treat kdc.conf like any other config file - - * lib/krb5/context.c (krb5_get_default_config_files): ignore - duplicate files - -2002-08-16 Johan Danielsson - - * lib/krb5/krb5.h: turn strings into pointers, so we can assign to - them - - * lib/krb5/constants.c: turn strings into pointers, so we can - assign to them - - * lib/krb5/get_addrs.c (get_addrs_int): initialise res if - SCAN_INTERFACES is not set - - * lib/krb5/context.c: fix various borked stuff in previous commits - -2002-08-16 Jacques Vidrine - - * lib/krb5/krbhst.c (kpasswd_get_next): if we fall back to using - the `admin_server' entry for kpasswd, override the `proto' result - to be UDP. - -2002-08-15 Johan Danielsson - - * lib/krb5/auth_context.c: check return value of - krb5_sockaddr2address - - * lib/krb5/addr_families.c: check return value of - krb5_sockaddr2address - - * lib/krb5/context.c: get the default keytab from KRB5_KTNAME - -2002-08-14 Johan Danielsson - - * lib/krb5/verify_krb5_conf.c: allow parsing of more than one file - - * lib/krb5/context.c: allow changing config files with the - function krb5_set_config_files, there are also related functions - krb5_get_default_config_files and krb5_free_config_files; these - should work similar to their MIT counterparts - - * lib/krb5/config_file.c: allow the use of more than one config - file by using the new function krb5_config_parse_file_multi - -2002-08-12 Johan Danielsson - - * use sysconfdir instead of /etc - - * configure.in: require autoconf 2.53; rename dpagaix_LDFLAGS etc - to appease automake; force sysconfdir and localstatedir to /etc - and /var/heimdal for now - - * kdc/connect.c (addr_to_string): check return value of - sockaddr2address - -2002-08-09 Johan Danielsson - - * lib/krb5/rd_cred.c: if the remote address isn't an addrport, - don't try comparing to one; this should make old clients work with - new servers - - * lib/asn1/gen_decode.c: remove unused variable - -2002-07-31 Johan Danielsson - - * kdc/{kerberos5,524}.c: ENOENT -> HDB_ERR_NOENTRY (from Derrick - Brashear) - - * lib/krb5/principal.c: actually lower case the lower case - instance name (spotted by Derrick Brashear) - -2002-07-24 Johan Danielsson - - * fix-export: if DATEDVERSION is set, change the version to - current date - - * configure.in: don't use AC_PROG_RANLIB, and use magic foo to set - LTLIBOBJS - -2002-07-04 Johan Danielsson - - * kdc/connect.c: add some cache-control-foo to the http responses - (from Gombas Gabor) - - * lib/krb5/addr_families.c (krb5_print_address): don't copy size - if ret_len == NULL - -2002-06-28 Johan Danielsson - - * kuser/klist.c (display_tokens): don't bail out before we get - EDOM (signaling the end of the tokens), the kernel can also return - ENOTCONN, meaning that the index does not exist anymore (for - example if the token has expired) - -2002-06-06 Johan Danielsson - - * lib/krb5/changepw.c: make sure we return an error if there are - no changepw hosts found; from Wynn Wilkes - -2002-05-29 Johan Danielsson - - * lib/krb5/cache.c (krb5_cc_register): break out of loop when the - same type is found; spotted by Wynn Wilkes - -2002-05-28 Johan Danielsson - - * lib/krb5/keytab_file.c: check size of entry before trying to - read 32-bit kvno; also fix typo in previous - -2002-05-24 Johan Danielsson - - * include/Makefile.am: only add to INCLUDES - - * lib/45/mk_req.c: fix for storage change - - * lib/hdb/print.c: fix for storage change - -2002-05-15 Johan Danielsson - - * kdc/kerberos5.c: don't free encrypted padata until we're really - done with it - -2002-05-07 Johan Danielsson - - * kdc/kerberos5.c: when decrypting pa-data, try all keys matching - enctype - - * kuser/kinit.1: document -a - - * kuser/kinit.c: add command line switch for extra addresses - -2002-04-30 Johan Danielsson - - * configure.in: remove some duplicate tests - - * configure.in: use AC_HELP_STRING - -2002-04-29 Johan Danielsson - - * lib/krb5/crypto.c (usage2arcfour): don't abort if the usage is - unknown - -2002-04-25 Johan Danielsson - - * configure.in: use rk_DESTDIRS - -2002-04-22 Johan Danielsson - - * lib/krb5/krb5_verify_user.3: make it clear that _lrealm modifies - the principal - -2002-04-19 Johan Danielsson - - * lib/krb5/verify_init.c: fix typo in error string - -2002-04-18 Johan Danielsson - - * acconfig.h: remove some stuff that is defined elsewhere - - * lib/krb5/krb5_locl.h: include - - * lib/krb5/acl.c: rename acl_string parameter - - * lib/krb5/Makefile.am: remove __P from protos, and put parameter - names in comments - - * kuser/klist.c: better align some headers - - * kdc/kerberos4.c: storage tweaks - - * kdc/kaserver.c: storage tweaks - - * kdc/524.c: storage tweaks - - * lib/krb5/keytab_krb4.c: storage tweaks - - * lib/krb5/keytab_keyfile.c: storage tweaks - - * lib/krb5/keytab_file.c: storage tweaks; also try to handle zero - sized keytab files - - * lib/krb5/keytab_any.c: use KRB5_KT_END instead of KRB5_CC_END - - * lib/krb5/fcache.c: storage tweaks - - * lib/krb5/store_mem.c: make the krb5_storage opaque, and add - function wrappers for store/fetch/seek, and also make the eof-code - configurable - - * lib/krb5/store_fd.c: make the krb5_storage opaque, and add - function wrappers for store/fetch/seek, and also make the eof-code - configurable - - * lib/krb5/store_emem.c: make the krb5_storage opaque, and add - function wrappers for store/fetch/seek, and also make the eof-code - configurable - - * lib/krb5/store.c: make the krb5_storage opaque, and add function - wrappers for store/fetch/seek, and also make the eof-code - configurable - - * lib/krb5/store-int.h: make the krb5_storage opaque, and add - function wrappers for store/fetch/seek, and also make the eof-code - configurable - - * lib/krb5/krb5.h: make the krb5_storage opaque, and add function - wrappers for store/fetch/seek, and also make the eof-code - configurable - - * include/bits.c: include to get socklen_t - - * kdc/kerberos5.c (get_pa_etype_info): sort ETYPE-INFOs by - requested KDC-REQ etypes - - * kdc/hpropd.c: constify - - * kdc/hprop.c: constify - - * kdc/string2key.c: constify - - * kdc/kdc_locl.h: make port_str const - - * kdc/config.c: constify - - * lib/krb5/config_file.c: constify - - * kdc/kstash.c: constify - - * lib/krb5/verify_user.c: remove unnecessary cast - - * lib/krb5/recvauth.c: constify - - * lib/krb5/principal.c (krb5_parse_name): const qualify - - * lib/krb5/mcache.c (mcc_get_name): constify return type - - * lib/krb5/context.c (krb5_free_context): don't try to free the - ccache prefix - - * lib/krb5/cache.c (krb5_cc_register): don't make a copy of the - prefix - - * lib/krb5/krb5.h: constify some struct members - - * lib/krb5/log.c: constify - - * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): const - qualify - - * lib/krb5/get_in_tkt.c (krb5_init_etype): constify - - * lib/krb5/crypto.c: constify some - - * lib/krb5/config_file.c: constify - - * lib/krb5/aname_to_localname.c (krb5_aname_to_localname): - constify local variable - - * lib/krb5/addr_families.c (ipv4_sockaddr2port): constify - -2002-04-17 Johan Danielsson - - * lib/krb5/verify_krb5_conf.c: add some log checking - - * lib/krb5/log.c (krb5_addlog_dest): reorganise syslog parsing - -2002-04-16 Johan Danielsson - - * lib/krb5/crypto.c (krb5_crypto_init): check that the key size - matches the expected length - -2002-03-27 Johan Danielsson - - * lib/krb5/send_to_kdc.c: rename send parameter to send_data - - * lib/krb5/mk_error.c: rename ctime parameter to client_time - -2002-03-22 Johan Danielsson - - * kdc/kerberos5.c (find_etype): unsigned -> krb5_enctype (from - Reinoud Zandijk) - -2002-03-18 Johan Danielsson - - * lib/asn1/k5.asn1: add the GSS-API checksum type here - -2002-03-11 Assar Westerlund - - * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): bump version to - 18:3:1 - * lib/hdb/Makefile.am (libhdb_la_LDFLAGS): bump version to 7:5:0 - * lib/asn1/Makefile.am (libasn1_la_LDFLAGS): bump version to 6:0:0 - -2002-03-10 Assar Westerlund - - * lib/krb5/rd_cred.c: handle addresses with port numbers - - * lib/krb5/keytab_file.c, lib/krb5/keytab.c: - store the kvno % 256 as the byte and the complete 32 bit kvno after - the end of the current keytab entry - - * lib/krb5/init_creds_pw.c: - handle LR_PW_EXPTIME and LR_ACCT_EXPTIME in the same way - - * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): - handle ports giving for the remote address - - * lib/krb5/get_cred.c: - get a ticket with no addresses if no-addresses is set - - * lib/krb5/crypto.c: - rename functions DES_* to krb5_* to avoid colliding with modern - openssl - - * lib/krb5/addr_families.c: - make all functions taking 'struct sockaddr' actually take a socklen_t - instead of int and that acts as an in-out parameter (indicating the - maximum length of the sockaddr to be written) - - * kdc/kerberos4.c: - make the kvno's in the krb4 universe by the real one % 256, since they - cannot only be 8 bit, and the v5 ones are actually 32 bits - -2002-02-15 Johan Danielsson - - * lib/krb5/keytab_keyfile.c (akf_add_entry): don't create the file - before we need to write to it - (from Åke Sandgren) - -2002-02-14 Johan Danielsson - - * configure.in: rk_RETSIGTYPE and rk_BROKEN_REALLOC are called via - rk_ROKEN (from Gombas Gabor); find inttypes by CHECK_TYPES - directly - - * lib/krb5/rd_safe.c: actually use the correct key (from Daniel - Kouril) - -2002-02-12 Johan Danielsson - - * lib/krb5/context.c (krb5_get_err_text): protect against NULL - context - -2002-02-11 Johan Danielsson - - * admin/ktutil.c: no need to use the "modify" keytab anymore - - * lib/krb5/keytab_any.c: implement add and remove - - * lib/krb5/keytab_krb4.c: implement add and remove - - * lib/krb5/store_emem.c (emem_free): clear memory before freeing - (this should perhaps be selectable with a flag) - -2002-02-04 Johan Danielsson - - * kdc/config.c (get_dbinfo): if there are database specifications - in the config file, don't automatically try to use the default - values (from Gombas Gabor) - - * lib/krb5/log.c (krb5_closelog): don't pass pointer to pointer - (from Gombas Gabor) - -2002-01-30 Johan Danielsson - - * admin/list.c: get the default keytab from krb5.conf, and list - all parts of an ANY type keytab - - * lib/krb5/context.c: default default_keytab_modify to NULL - - * lib/krb5/keytab.c (krb5_kt_default_modify_name): if no modify - name is specified take it from the first component of the default - keytab name - -2002-01-29 Johan Danielsson - - * lib/krb5/keytab.c: compare keytab types case insensitively - -2002-01-07 Assar Westerlund - - * lib/krb5/crypto.c (create_checksum): make usage `unsigned' (it's - not really a krb5_key_usage). From Ben Harris - * lib/krb5/get_in_tkt.c: use krb5_enctype consistently. From Ben - Harris - * lib/krb5/crypto.c: use krb5_enctype consistently. From Ben - Harris - * kdc/kerberos5.c: use krb5_enctype consistently. From Ben Harris - diff --git a/crypto/heimdal/ChangeLog.2003 b/crypto/heimdal/ChangeLog.2003 deleted file mode 100644 index 82233515246e..000000000000 --- a/crypto/heimdal/ChangeLog.2003 +++ /dev/null @@ -1,1795 +0,0 @@ -2003-12-19 Love Hörnquist Åstrand - - * lib/krb5/error_string.c: protect error_string with mutex - - * lib/krb5/context.c: allocate and destroy mutex in krb5_context - - * lib/krb5/krb5.h (krb5_context_data): add mutex for error_string - -2003-12-18 Love Hörnquist Åstrand - - * kuser/kinit.c: make -9 work again - -2003-12-17 Love Hörnquist Åstrand - - * lib/krb5/init_creds_pw.c: try handle ts preauth better, still - not good, but at least it work with older heimdal releases that - doesn't send back KRB5KDC_ERR_PREAUTH_REQUIRED when preauth was - sent - -2003-12-16 Love Hörnquist Åstrand - - * lib/hdb/hdb.asn1: remove enforce-transited-policy, its no longer - used - -2003-12-11 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c (_krb5_pk_create_sign): fill in NULL as - parameters, required by CMS - -2003-12-07 Love Hörnquist Åstrand - - * lib/krb5/get_in_tkt_with_keytab.c (krb5_get_in_tkt_with_keytab): - avoid memory leak that snuck in when krb5_keytab_key_proc was - exported, pointed out by Panases Inc - - * lib/krb5/keytab_file.c: do locking, found to be a problem for - Panasas Inc - - * lib/krb5/fcache.c: internally export x{,un}lock and thus prefix - them with _krb5_ - - * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): use - KRB5_AUTH_CONTEXT_DO_TIME if we want timestamp in forwarded - krb-cred - - * lib/krb5/krb5_auth_context.3: some text about - krb5_auth_con_{add,remove}flags - - * lib/krb5/auth_context.c: add krb5_auth_con_addflags and - krb5_auth_con_removeflags - -2003-12-03 Love Hörnquist Åstrand - - * lib/krb5/crypto.c (decrypt_internal_derived): move up padsize to - avoid memory leak - -2003-12-02 Love Hörnquist Åstrand - - * lib/krb5/crypto.c: require cipher-text to be padded to padsize - - * lib/krb5/eai_to_heim_errno.c: EAI_ADDRFAMILY and EAI_NODATA is - deprecated in RFC3493 - - * lib/krb5/verify_krb5_conf.c (check_host): don't check for - EAI_NODATA, because its depricated in RFC3493 Pointed out by - Hajimu UMEMOTO on heimdal-discuss - -2003-12-01 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am: move test_crypto to noinst_PROGRAMS - - * lib/krb5/test_crypto.c: add --version,--help - - * kuser/kinit.c (main): return the return value from simple_execvp - -2003-11-26 Love Hörnquist Åstrand - - * kuser/kinit.c: don't use PKINIT DH per default since its too - slow - - * lib/krb5/pkinit.c: tweek to make pkinit work with the fact the - asn1_compile can't generate code for context tagless optionals - - * kdc/pkinit.c: add support for KDC side of DH PKINIT - - * lib/krb5/pkinit.c: clean up error handling, make enc-type work - again - -2003-11-25 Love Hörnquist Åstrand - - * kuser/kinit.c: add flag to make it work with pkinit dh - - * lib/krb5/pkinit.c: make PKINIT DH support work - -2003-11-24 Love Hörnquist Åstrand - - * lib/hdb/Makefile.am (LDADD): link with LIB_dlopen - - * kdc/pkinit.c: clean up - - * lib/krb5/krb5.h: make pkinit_win2k_compatible into a flag field - - * lib/krb5/pkinit.c: remove most compile depencies clean up - - * kdc/pkinit.c: print an error and turn of pkinit if openssl - failed to load - - * kdc/config.c: read pkinit (pki-mumble) configuration options - - * kdc/kerberos5.c: add pkinit support - - * kdc/kdc_locl.h: add prototypes for pkinit - - * kdc/pkinit.c: PKINIT patch from Daniel Kouril and Petr Holub, I - removed the dependency on valicert asn1 parser, remove smartcard - and globus support (for now). Work to be done on this: DH support, - Globus support, Smartcard support, windows support (MS implements - -09 of the draft), make it conform to the new draft - - * lib/krb5/pkinit.c: fix bugs, improve error reporting - -2003-11-23 Love Hörnquist Åstrand - - * kuser/kinit.c: add some "struct foo;" glue for pkinit - structures that isn't used - - * lib/krb5/pkinit.c: clean up, make remove depenency on openssl's - api - - * lib/krb5/krb5_locl.h: add some glue for pkinit add reference - counter to _krb5_get_init_creds_opt_private - - * lib/krb5/init_creds.c: reference count krb5_get_init_creds_opt - private component to avoid copy all the data in it - - * lib/krb5/crypto.c (AES_string_to_key): fix memory leak - - * lib/krb5/init_creds_pw.c (init_cred_loop): fix memory leak - - * lib/krb5/heim_threads.h: include pthread.h in the pthread case - -2003-11-18 Love Hörnquist Åstrand - - * kpasswd/kpasswdd.c (main): parse kdc.conf - From: Jeffrey Hutzelman - -2003-11-15 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am (TESTS): add test_crypto - - * lib/krb5/test_crypto.c: time crypto operations - -2003-11-14 Love Hörnquist Åstrand - - * doc/init-creds: spelling, Bruno Rohee - -2003-11-09 Love Hörnquist Åstrand - - * lib/krb5/rd_req.c (krb5_verify_ap_req2): krb5_free_ticket free - the ticket now, rewrite error handling to handle that - - * kpasswd/kpasswdd.c (process): don't free ticket, - krb5_free_ticket does that now - - * kdc/kerberos5.c (tgs_rep2): don't free ticket, krb5_free_ticket - does that now - - * lib/krb5/ticket.c (krb5_free_ticket): free the ticket itself to - match mit behavior, pointed out by Derrick Brashear - - * lib/krb5/krb5_ticket.3: krb5_free_ticket free the whole ticket - -2003-11-08 Love Hörnquist Åstrand - - * lib/krb5/padata.c: add krb5_padata_add - - * lib/krb5/krb5.h: krb5_context_data.pkinit_win2k_compatible - - * lib/krb5/Makefile.am: add pkinit.c - - * kuser/kinit.c: add pkinit support - - * lib/krb5/init_creds_pw.c: add support for pkinit - - * lib/krb5/krb5_locl.h: add the opaque krb5_pk_init_ctx to - _krb5_get_init_creds_opt_private - - * lib/krb5/pkinit.c: rename krb5_pk_init_openssl_ctx to - krb5_pk_init_ctx fix win2k error handling - - * lib/krb5/pkinit.c: PKINIT patch from Daniel Kouril and Petr - Holub, I removed the dependency on valicert asn1 parser, remove - smartcard and globus support (for now). Work to be done on this: - DH support, Globus support, Smartcard support, windows support (MS - implements -09 of the draft), verify that it conforms the new - draft - -2003-11-07 Love Hörnquist Åstrand - - * lib/asn1/der_copy.c (copy_oid): copy all components - -2003-10-27 Johan Danielsson - - * lib/krb5/krb5.conf.5: document capaths section - -2003-10-22 Johan Danielsson - - * kdc/kerberos5.c: make sure that the server realm and the krbtgt - second component are identical; get rpath from the capaths section - - * kdc/kerberos5.c: change logic for when to check transited policy - to a tri-state model involving per principal flags (to be - implemented) - - * kdc/kdc_locl.h: change enforce_transited_policy to a tri-state - variable - - * kdc/config.c: change enforce_transited_policy to a tri-state - variable - -2003-10-22 Love Hörnquist Åstrand - - * lib/krb5/transited.c (krb5_domain_x500_encode): always zero out - encoding to make sure it have a defined value on failure - - * lib/krb5/transited.c (krb5_domain_x500_encode): - if num_realms ==0, set encoding and return (avoids malloc(0)), - check return value for malloc - -2003-10-21 Johan Danielsson - - * kdc/kerberos5.c (fix_transited_encoding): always print - cross-realm information - -2003-10-21 Love Hörnquist Åstrand - - * doc/setup.texi: spelling, From: Tracy Di Marco White - - * kdc/kerberos5.c (fix_transited_encoding): set transited type - -2003-10-21 Johan Danielsson - - * kdc/kdc.8: document enforce-transited-policy - - * kdc/kerberos5.c: always check transited policy if flag set - either globally or on principal - - * kdc/config.c: add flag to always check transited policy - - * lib/hdb/hdb.asn1: add flag to enforce transited policy - -2003-10-21 Love Hörnquist Åstrand - - * lib/krb5/transited.c (krb5_domain_x500_decode): set *num_realms - to zero not num_realms - - * kuser/kgetcred.1: add --no-transit-check - - * kuser/kgetcred.c: add --no-transit-check - - * doc/setup.texi: describe Transit policy - -2003-10-20 Johan Danielsson - - * kdc/kerberos5.c (fix_transited_encoding): also verify with - policy, unless asked not to - - * lib/krb5/rd_req.c (krb5_decrypt_ticket): try to verify transited - realms, unless the transited-policy-checked flag is set - - * lib/krb5/transited.c (krb5_domain_x500_decode): handle zero - length tr data; - (krb5_check_transited): new function that does more useful stuff - - * lib/krb5/get_cred.c: get capath info from [capaths] section - -2003-10-16 Johan Danielsson - - * lib/krb5/fcache.c: Sleep forever waiting for lock. Previous - method doesn't work well with a large number of clients accessing - the cache at the same time, and there is no simple way to add a - timeout to the lock. - -2003-10-13 Love Hörnquist Åstrand - - * lib/krb5/verify_krb5_conf.c: print the error value - krb5_init_context failed with - - * lib/krb5/config_file.c (krb5_config_parse_file_debug): punt if - there is binding before a section declaration. Bug found by - Arkadiusz Miskiewicz - -2003-10-13 Johan Danielsson - - * lib/krb5/fcache.c (erase_file): revert a change in previous; if - the ccache is a symlink, kdestroy should remove it - - * lib/krb5/fcache.c: implement locking - -2003-10-12 Johan Danielsson - - * kuser/klist.c (print_tickets): bail out if krb5_cc_next_cred - returns error other than KRB5_CC_END - -2003-10-07 Love Hörnquist Åstrand - - * lib/krb5/init_creds_pw.c: add some help function that is common - between ENC_TS and SAM2, free the etype{,2}-infos on failure, move - the pa counter into krb5_get_init_creds_ctx - -2003-10-06 Love Hörnquist Åstrand - - * kdc/kaserver.c (do_getticket): if times data is shorter then 8 - byte, request is malformed. - - * kdc/kaserver.c (do_authenticate): if request length is less then - 8 byte, its a bad request and fail. Pointed out by Marco Foglia - - - * lib/krb5/verify_krb5_conf.c: add flag --warn-mit-syntax that - warns for mit syntax is used and just ignore the mit syntax when - its used - - * lib/krb5/verify_krb5_conf.c: parse [kdc]use_2b and [gssapi] - -2003-10-04 Love Hörnquist Åstrand - - * lib/asn1/lex.l: add BOOLEAN - - * lib/asn1/parse.y: add BOOLEAN - -2003-10-03 Love Hörnquist Åstrand - - * kuser/kinit.c: When running kinit in "fork mode" do pagsh - independent of krb4, also always do krb4 setup of cc. Always try - to destroy the v4 cc. - - add boolean --{,no-}request-pac that will request pac or not - - * kuser/klist.c (check_for_tgt): set client as part of the - pattern/match cred - - * lib/krb5/convert_creds.c (_krb5_krb_dest_tkt): unlink v4 token - (get_krb4_cc_name): move out from _krb5_krb_tf_setup - (_krb5_krb_tf_setup): adapt to allocated filename instead of - static filename - - * lib/krb5/krb5-v4compat.h: add _krb5_krb_dest_tkt and TKT_ROOT - - * lib/krb5/init_creds_pw.c (*) send PA_PAC_REQUEST when the user - have requested either use PAC or not use PAC, if the option not - set from the user, leave it up to the kdc to decide. - (init_creds_loop): clear error string on success - - * lib/krb5/init_creds.c: add - krb5_get_init_creds_opt_set_paq_request break out common part of - extended opt functions to require_ext_opt - - * lib/krb5/krb5_locl.h: add enum krb5_get_init_creds_req_pac and - use it in struct _krb5_get_init_creds_opt_private - - * tools/kdc-log-analyze.pl: handle some more failure lines - - * doc/programming.texi: some diffrences between Heimdal and MIT - Kerberos in the API - - * doc/setup.texi: add Setting up DNS - - * lib/krb5/rd_req.c (krb5_rd_req): always free keyblock since its - alway used - - * lib/asn1/Makefile.am: add SAM types and PAC_REQUEST - - * lib/asn1/k5.asn1: add more preauth types, add PA-PAC-REQUEST - - * lib/asn1: add boolean support - -2003-10-02 Love Hörnquist Åstrand - - * lib/krb5/changepw.c (setpw_send_request): free ap_req_data on - failure - -2003-09-30 Love Hörnquist Åstrand - - * appl/test/http_client.c (do_connect): use ai_protocol 0 - - * lib/krb5/init_creds_pw.c (init_cred_loop): handle - KRB5KRB_ERR_RESPONSE_TOO_BIG and loop again, this time requesting - LARGE_MSG from send to kdc, and if this is the second time bail - out; try to free memory - - * lib/krb5/send_to_kdc.c (krb5_sendto_kdc_flags): new function, - and then implement the order krb5_sendto_kdc* function with this - function. - - * lib/krb5/krbhst.c (krb5_krbhst_init_flags): new function, use it - and adapt callers - (krbhst_get_default_proto): new function, returns udp, or in case - large_msg was requested for the krb5_krbhst_data, use tcp. - (*): if the flag KD_LARGE_MSG was set on the krb5_krbhst_data, avoid - using udp, use krbhst_get_default_proto - - * lib/krb5/krb5.h: flags for krb5_krbhst_init_flags (and - krb5_send_to_kdc_flags) - -2003-09-23 Love Hörnquist Åstrand - - * lib/krb5/rd_req.c (krb5_rd_req): if we have a keyblock in auth - context, use that - - * appl/test/uu_client.c: print authorization data if there are any - - * lib/asn1/asn1_print.c: decode IA5Stringa and UTF8String - -2003-09-21 Love Hörnquist Åstrand - - * lib/krb5/init_creds_pw.c: use _krb5_get_init_creds_opt_copy - * lib/krb5/init_creds.c: don't export krb5_get_init_creds_opt_copy - - * lib/hdb/Makefile.am: libhdb might depend on LIB_dlopen - - * kuser/kinit.c: don't get v4 tickets by default - -2003-09-20 Love Hörnquist Åstrand - - * kpasswd/kpasswdd.c (process): remove a abort() - - * doc/win2k.texi: add some text about netdom.exe and trusts - - * TODO-1.0: gssapi rc4 done - - * kpasswd/kpasswdd.c: add support for Set password protocol as - defined by RFC3244 -- Microsoft Windows 2000 Kerberos Change - Password and Set Password Protocols - -2003-09-19 Love Hörnquist Åstrand - - * lib/hdb/db3.c: improve readability of ->open ifdef, check if - version >= 4.1 - - * lib/krb5/init_creds.c (krb5_get_init_creds_opt_copy): add - - * lib/krb5/rd_req.c (krb5_rd_req): allow caller to pass in a key - in the auth_context, they way processes that doesn't use the - keytab can still pass in the key of the service (matches behavior - of MIT Kerberos). - -2003-09-18 Love Hörnquist Åstrand - - * lib/krb5/init_creds_pw.c: collect all init_creds context into a - structure so it can easier be passed around, also, while here, - change nonce for every request - - * lib/krb5/get_in_tkt.c (init_as_req): don't realloc data before - the loop, add_padata() will handle that itself - - * lib/krb5/get_for_creds.c (add_addrs): don't increase addr->len - until in contains interesting data, use right iteration counter - when clearing the addresses - - * lib/krb5/log.c (log_realloc): increase len after realloc returns - sucessfully - -2003-09-12 Love Hörnquist Åstrand - - * lib/krb5/config_file.c: fix prototypes - From: Fredrik Ljungberg - -2003-09-10 Love Hörnquist Åstrand - - * appl/test/http_client.c: close socket when we are done, don't - allow the server to restart gssapi negotiation - - * lib/hdb/hdb_locl.h: include for ULONG_MAX noted by - Wissler Magnus on heimdal-discuss - - * appl/test/gssapi_client.c (proto): use select_mech - - * appl/test/http_client.c: use getarg - - * appl/test/gss_common.h: prototype for select_mech - - * appl/test/gss_common.c (select_mech): return the gss_OID from a - mech name - - * appl/test/http_client.c: print both source and target - - * appl/test/Makefile.am: build http_client - -2003-09-09 Love Hörnquist Åstrand - - * lib/asn1/asn1_print.c: add support for printing Enumerated - - * appl/test/gssapi_client.c: allow user to select mech; krb5, - spnego, and no-oid - - * appl/test/test_locl.h: add mech - - * appl/test/common.c: add --mech,-m argument - - * appl/test/gssapi_server.c: print the mech that was used - - * kdc/kerberos5.c (only_older_enctype_p): check request if the - client only supports old enctypes, before it used the database - -2003-09-08 Love Hörnquist Åstrand - - * **/*.c: add context argument to krb5_get_init_creds_opt_alloc - - * lib/krb5/init_creds.c (krb5_get_init_creds_opt_alloc): add - context argument - - * lib/krb5/krb5_get_init_creds.3: spelling - -2003-09-04 Love Hörnquist Åstrand - - * lib/krb5/context.c (add_file): make len argument an pointer to - an integer - - * lib/asn1/k5.asn1: add SAM types - - * lib/krb5/init_creds_pw.c: break out the encrypt timestamp - preauth to its function break out the pa_data_to_key_plain to its - own function make more variables const - -2003-09-04 Johan Danielsson - - * lib/krb5/krb5.conf.5: document appdefaults/{forward,encrypt} - -2003-09-03 Love Hörnquist Åstrand - - * lib/krb5/krb5.h: Add key usage for encryption of the - SAM-NONCE-OR-SAD field. - - * include/make_crypto.c: include in the openssl - case - - * kdc/hprop.h: use new DES_ api - - * lib/krb5/krb5-v4compat.h: assume session key is a char array of - length 8 - - * lib/krb5/prompter_posix.c: - s/des_read_pw_string/UI_UTIL_read_pw_string/ - - * kuser/kinit.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ - - * kdc/string2key.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ - - * kdc/kstash.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ - - * admin/add.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ - - * lib/krb5/crypto.c: switch from the des_ to the DES_ api - - * kdc/hprop.c: use DES_KEY_SZ instead of sizeof(des_block) - - * kuser/kverify.c: use - krb5_get_init_creds_opt_alloc/krb5_get_init_creds_opt_free - - * kpasswd/kpasswd-generator.c: use - krb5_get_init_creds_opt_alloc/krb5_get_init_creds_opt_free - - * kdc/hprop.c: use - krb5_get_init_creds_opt_alloc/krb5_get_init_creds_opt_free compare - a uint32_t with 0xffffffff instead of -1 - - * lib/krb5/krb5_425_conv_principal.3: fix [Gt] - - * kuser/kinit.c: use - krb5_get_init_creds_opt_alloc/krb5_get_init_creds_opt_free - - * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): handle - password passed in though context - - * lib/krb5/Makefile.am (TESTS): += test_config - - * lib/krb5/aes-test.c: move variable thats used within a #ifdef to - be defined within that #ifdef - - * lib/krb5/data.c (krb5_data_free): reset whole krb5_data when - freeing it - - * lib/krb5/keyblock.c (krb5_keyblock_zero): new function, zeros - out a keyblock - - * lib/krb5/init_creds_pw.c: rewrite/implement - krb5_get_init_creds_password with new preauth handing, still it - can only work with krb5-pa-enc-timestamp for preauth, but now it - can handle etype-info2 - - * lib/krb5/init_creds.c (krb5_get_init_creds_opt_alloc): allocate - a opt structure - (krb5_get_init_creds_opt_free): free a opt structure - (krb5_get_init_creds_opt_set_pa_password): set preauth info for - enc-timestamp - - * lib/krb5/krb5_locl.h: add struct - _krb5_get_init_creds_opt_private - -2003-09-02 Love Hörnquist Åstrand - - * lib/krb5/krb5.h: add SAM keyusage numbers, add s2k proc typedef, - add a pointer to a private part of krb5_get_init_creds_opt - - * kdc/string2key.c (main): avoid const warning by using a extra - variable - -2003-08-31 Love Hörnquist Åstrand - - * lib/krb5/ticket.c (krb5_ticket_get_authorization_data_type): - reindent - - * lib/krb5/ticket.c (krb5_copy_ticket): free all data when - failing, copy data to right memory, the later pointed out by Luke - Howard. - -2003-08-30 Love Hörnquist Åstrand - - * lib/krb5/krb5.h: cfx-01 use diffrent usage numbers - -2003-08-29 Love Hörnquist Åstrand - - * lib/hdb/db3.c: try to include more db headers - - * lib/hdb/db3.c: patch for working with DB4 on heimdal-discuss - From: Luke Howard - -2003-08-28 Love Hörnquist Åstrand - - * lib/krb5/krb5.h: add KEYTYPE_ARCFOUR_56 - - * appl/test/gssapi_client.c: send both INT and CONF wrapped token - - * appl/test/gssapi_server.c: recv both INT and CONF wrapped token - - * lib/asn1/k5.asn1: add KRB5_NT_SMTP_NAME and KRB5_NT_ENTERPRISE - -2003-08-27 Love Hörnquist Åstrand - - * appl/test/uu_client.c (proto): fill in client in the match cred - -2003-08-26 Love Hörnquist Åstrand - - * lib/krb5/krb5.h: CFX uses slightly diffrent usage numbers - - * lib/krb5/crypto.c (usage2arcfour): simplify, only include - special cases From: Luke Howard - -2003-08-25 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c: code rewrite from Luke Howard - - - * lib/krb5/crypto.c (arcfour_checksum_p): return true when is - arcfour, not when its not pointed out by Luke Howard - - * doc/ack.texi: update Luke Howard email address - -2003-08-24 Love Hörnquist Åstrand - - * lib/krb5/krb5_encrypt.3: document: - krb5_crypto_getconfoundersize, krb5_crypto_getblocksize - krb5_crypto_getenctype, krb5_crypto_getpadsize - - * lib/krb5/crypto.c (krb5_crypto_getpadsize, - krb5_crypto_getconfoundersize): added From: Luke Howard - - -2003-08-23 Love Hörnquist Åstrand - - * kdc/connect.c (handle_tcp): handle recvfrom returning 0 - (connection closed) - - * kdc/connect.c (grow_descr): increment the size after we succeed - to allocate the space - - * lib/krb5/krb5_create_checksum.3: text about when - krb5_crypto_get_checksum_type is useful - - * lib/krb5/crypto.c (krb5_crypto_get_checksum_type): fix format - string - - * lib/krb5/krb5_create_checksum.3: document - krb5_crypto_get_checksum_type - - * lib/krb5/crypto.c: add krb5_crypto_get_checksum_type - From: Luke Howard - - * lib/asn1/gen.c: s/UTF8String/heim_utf8_string/ in generated code - From: Luke Howard - -2003-08-21 Love Hörnquist Åstrand - - * include/make_crypto.c: include aes.h inc in the local libdes - case too - -2003-08-20 Johan Danielsson - - * lib/asn1/der_free.c: set free'd poiners to NULL - - * lib/asn1/gen_free.c: set free'd poiners to NULL - -2003-08-20 Love Hörnquist Åstrand - - * lib/krb5/heim_threads.h: XXX don't use "plain" pthread support - on netbsd - - * lib/krb5/crypto.c: Do the arcfour checksum mapping for - krb5_create_checksum and krb5_verify_checksum, From: Luke Howard - - -2003-08-18 Love Hörnquist Åstrand - - * lib/krb5/test_config.c: check krb5_prepend_config_files_default - and krb5_prepend_config_files - - * lib/krb5/context.c: add krb5_prepend_config_files and - krb5_prepend_config_files_default - -2003-08-17 Love Hörnquist Åstrand - - * lib/hdb/mkey.c (read_master_mit): krb5_ret_int16 takes a int16_t - as argument - - * lib/krb5/parse-name-test.c: please lint (and me) - - * kdc/config.c (configure): remove only set variable 'e' - - * kdc/connect.c (init_socket): sockaddr size argument to - krb5_addr2sockaddr is a krb5_addr2sockaddr * - - * kdc/kerberos5.c (as_rep): remove usused variable - (tgs_rep2): don't use a temporary ret-variable, ret is reset later - - * lib/krb5/krb5_get_in_cred.3: these function will be deprecated - - * lib/krb5/Makefile.am: man_MANS += krb5_get_init_creds.3 - - * lib/krb5/krb5_get_init_creds.3: begining of documentation of - krb5_get_init_creds - - * lib/krb5/get_in_tkt.c (krb5_get_in_tkt): for compatibility with - with the mit implemtation, don't free `creds' argument when done, - its up the the caller to do that, also allow a NULL ccache. - -2003-08-16 Love Hörnquist Åstrand - - * lib/krb5/krb5.conf.5: document tgs_require_subkey - - * lib/asn1/Makefile.am: remove trance of generate tests files, its - not really for consumption yet - - * lib/hdb/Makefile.am: split generated source from non generated - source we make-proto.pl can generate prototypes for non - generate-source only (make-proto.pl dies on asn1compile's .c - files) - - * lib/krb5/get_cred.c (init_tgs_req): make generation of subkey - optional on configuration parameter - [realms]realm={tgs_require_subkey=bool} - defaults to off. The RFC1510 weakly defines the correct behavior, - so old DCE secd apparently required the subkey to be there, and MS - will use it when its there. But the request isn't encrypted in the - subkey, so you get to choose if you want to talk to a MS mdc or a - old DCE secd. - - * kdc/kerberos5.c (*): handle krb5_unparse_name returning non-zero - -2003-08-15 Love Hörnquist Åstrand - - * lib/krb5/principal.c (unparse_name): len can't be zero, so, - don't check for that - -2003-08-13 Love Hörnquist Åstrand - - * lib/krb5/principal.c (unparse_name): make sure there are space - for a NUL, set *name to NULL when there is a failure (so caller - can't get hold of a freed pointer) - -2003-07-26 Love Hörnquist Åstrand - - * lib/krb5/kerberos.8: remove duplicate manual, from - cjep@netbsd.org - -2003-07-25 Love Hörnquist Åstrand - - * lib/krb5/cache.c: indent - - * lib/krb5/cache.c (krb5_cc_set_default_name): only read - KRB5CCNAME when not suid - -2003-07-24 Love Hörnquist Åstrand - - * lib/krb5/keytab_krb4.c (read_v4_entry): the des key is 8 bytes, - use a char array instead of des_cblock - -2003-07-23 Love Hörnquist Åstrand - - * kdc/kerberos5.c: add support for KRB5_PADATA_ETYPE_INFO2 - - * lib/krb5/crypto.c (hmac): make it return an error when out of - memory, update callsites to either return error or use krb5_abortx - (krb5_hmac): expose hmac - -2003-07-22 Love Hörnquist Åstrand - - * lib/krb5/keyblock.c (krb5_keyblock_get_enctype): return enctype - of keyblock - - * lib/krb5/Makefile.am (man_MANS): += krb5_keyblock.3 - - * lib/krb5/krb5_keyblock.3: some information about krb5_keyblock - and related functions - - * lib/krb5/heim_threads.h: make the non-debug version of the mutex - macros "use" the "mutex" integer so the compile wont complain - about defined unused variables - - * lib/krb5/heim_threads.h: make thread local storage macros take a - "return" argument so no functions need to be created for the - no-pthread case - - * lib/krb5/heim_threads.h: adding RWLOCKS and [sg]etspecific - - * configure.in: use KRB_PTHREADS - - * lib/asn1/Makefile.am (gen_files): add asn1_KerberosString and - sort - - * lib/asn1/k5.asn1 (ETYPE-INFO2-ENTRY): salt is a KerberosString - - * lib/krb5/krb5.3: add ticket access functions - * lib/krb5/krb5_ticket.3: ditto - * lib/krb5/ticket.c: ditto - * lib/krb5/Makefile.am: ditto - - * lib/krb5/mit_glue.c: add some more krb5_c functions - - * lib/krb5/krb5_c_make_checksum.3: add some more krb5_c functions - - * lib/krb5/crypto.c (krb5_cksumtype_valid): check is checksum type - is a valid one - - * lib/krb5/crypto.c (krb5_checksum_is_keyed): only set extented - error string when there is a context - (krb5_checksum_is_collision_proof): ditto - -2003-07-21 Love Hörnquist Åstrand - - * lib/krb5/mit_glue.c (krb5_c_get_checksum): make type and data - argument optional - (krb5_c_{encrypt,decrypt}): return "better" error codes for - invalid ivec length - - * lib/krb5/krb5_c_make_checksum.3: update krb5_c_get_checksum - usage - - * lib/krb5/crypto.c (krb5_crypto_getenctype): new function - - * include/make_crypto.c: avoid redefining - OPENSSL_DES_LIBDES_COMPATIBILITY - - * lib/krb5/krb5.h: add krb5_enc_data - -2003-07-19 Love Hörnquist Åstrand - - * lib/krb5/krb5.3: add krb5_c_ functions - - * lib/krb5/mit_glue.c: support passing in NULL as the - cipher_state/ivec - - * lib/krb5/aes-test.c: add test for krb5_c_encrypt_length and - krb5_c_decrypt - - * lib/krb5/krb5_c_make_checksum.3: krb5_c encryption glue - - * lib/krb5/crypto.c (wrapped_length/wrapped_length_derived): when - calculating the length of the encrypted data, use the keyed - checksum length if the enctype supports a keyed checksum. This - only matter for aes, for all other enctypes the key and unkeyed - checksum have the same length. - -2003-07-18 Love Hörnquist Åstrand - - * lib/krb5/mit_glue.c: first version of krb5_c encryption glue - - * doc/install.texi: update pointer to luke ldap documentation - - * lib/hdb/hdb.c (hdb_create): check for dynamic backend after - static to avoid warning from dynamic backend when using a known - static backend - -2003-07-16 Love Hörnquist Åstrand - - * lib/krb5/cache.c: don't return value in void function - -2003-07-15 Love Hörnquist Åstrand - - * lib/krb5/creds.c (krb5_compare_creds): if client is specified in - the mcreds, check that too - - * lib/krb5/{keytab_file.c,principal.c,mk_error.c,krb5.h,get_cred.c}: - prefix libasn1 types with heim_ - - * lib/asn1: prefix typedefs and structs with heim_ - -2003-07-13 Love Hörnquist Åstrand - - * lib/hdb/hdb.c: avoid unnecessary setting of variable - -2003-07-07 Love Hörnquist Åstrand - - * kuser/klist.c (check_for_tgt): use krb5_cc_clear_mcred - - * appl/test/uu_client.c (proto): use krb5_cc_clear_mcred - - * lib/krb5/get_cred.c (init_tgs_req): in case of error, don't free - in the req_body addresses since they where pass in by caller - (find_cred): use krb5_cc_clear_mcred - - * lib/krb5/krb5_ccache.3: document krb5_cc_clear_mcred - - * lib/krb5/cache.c (krb5_cc_clear_mcred): new function, clear a - krb5_creds to use with krb5_cc_retrieve_cred - -2003-06-30 Love Hörnquist Åstrand - - * lib/hdb/hdb.c (find_dynamic_method): if there isn't a prefix, - don't load anything - -2003-06-29 Love Hörnquist Åstrand - - * lib/hdb/hdb.c: Dynamic backend loading, based on patch from Luke - Howard - - * lib/hdb/hdb.h: add struct hdb_so_method and - HDB_INTERFACE_VERSION - -2003-06-28 Love Hörnquist Åstrand - - * lib/krb5/mk_req_ext.c (krb5_mk_req_internal): when using - arcfour-hmac-md5, use an unkeyed checksum (rsa-md5), since - Microsoft calculates the keyed checksum with the subkey of the - authenticator. - - * kuser/kinit.c: write out v4 credential caches with - _krb5_krb_tf_setup - - * lib/krb5/krb5-v4compat.h: add _krb5_krb_tf_setup - - * lib/krb5/convert_creds.c (_krb5_krb_tf_setup): create/append v4 - credential to a new krb4 ticket file - -2003-06-27 Johan Danielsson - - * lib/krb5/krb5_kuserok.3: put Nd argument in double quotes since - it contains more than 9 words; from wiz - -2003-06-25 Love Hörnquist Åstrand - - * lib/krb5/verify_krb5_conf.c: add missing " within #if 0, from - stefan sokoll - -2003-06-24 Love Hörnquist Åstrand - - * lib/krb5/krb5_timeofday.3: improve krb5_set_real_time text - - * lib/krb5/time.c: improve comment for krb5_set_real_time - -2003-06-23 Johan Danielsson - - * kuser/kinit.1: document -A - - * kuser/kinit.c: add -A as an alias for --no-addresses - -2003-06-22 Love Hörnquist Åstrand - - * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): pass in a - krb5_timestamp to krb5_us_timeofday - - * lib/krb5/mk_error.c (krb5_mk_error): pass in a krb5_timestamp to - krb5_us_timeofday - - * lib/krb5/time.c (krb5_set_real_time): fix comment and make it - work - - * lib/krb5/time.c, lib/krb5/krb5_timeofday.3, - lib/krb5/Makefile.am lib/krb5/test_time.c: - - implement krb5_set_real_time, used by SAMBA, requested by Luke - Howard - - * lib/asn1/k5.asn1: make the aes and sha1 checksum types match - draft-ietf-krb-wg-crypto-05 - -2003-06-21 Love Hörnquist Åstrand - - * lib/krb5/aes-test.c: add a test for aes kcrypto encrypted data - - * lib/krb5/crypto.c: clean up AES code to use a structure instead - of a key array - (_krb5_AES_string_to_default_iterator): set to 4096 as described in - aes draft -04 - (derive_key): always remove the key->schedule since its - will contain the wrong (parent key) info - -2003-06-18 Love Hörnquist Åstrand - - * lib/krb5/aes-test.c: add aes256 test vectors from Ken Raeburn - * doc/setup.texi: add more kdc's to the example - -2003-06-17 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c: use int2HDBFlags/HDBFlags2int From: Alberto - Patino , Luke Howard - Pointed out by Andrew Bartlett of Samba - - * lib/krb5/heim_threads.h: remove freebsd comment, don't use debug - pthread stubs by default - - * lib/krb5/Makefile.am (man_MANS): drop krb5_free_addresses.3 - - * lib/krb5/krb5_free_addresses.3: removed file, functions are - documented in krb5_address.3 - - * lib/krb5/codec.c: add krb5_{de,en}code_ETYPE_INFO2 - - * lib/krb5/crypto.c: add _krb5_AES_string_to_default_iterator add - krb5_string_to_key_salt_opaque() fix keylengh for keytype_aes256 - -2003-06-06 Love Hörnquist Åstrand - - * doc/setup.texi: Point out that slave needs /var/heimdal - directory and masterkey From: Mans Nilsson , - Fix spelling while here - -2003-06-02 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am, krb5_get_in_cred.3, krb5.3: - add manpage for: krb5_get_in_cred, krb5_get_in_tkt, - krb5_get_in_tkt_with_keytab, krb5_get_in_tkt_with_password, - krb5_get_in_tkt_with_skey - -2003-05-28 Assar Westerlund - - * lib/krb5/heim_threads.h: Fix unlock/destroy macros for the - non-threaded cases to work. Fix typo. - -2003-05-27 Johan Danielsson - - * lib/asn1/{der_put.c,der_length.c,check-der.c}: Fix encoding of - "unsigned" integers. If MSB is set, we need to pad with a zero - byte. - -2003-05-27 Love Hörnquist Åstrand - - * lib/krb5/krb5_c_make_checksum.3: some more mdoc fixes - - * lib/hdb/hdb-ldap.c (LDAP__connect): bind sasl "EXTERNAL" to ldap - connection - (LDAP_store): remove superfluous argument to asprintf - - From Alberto Patino - -2003-05-26 Love Hörnquist Åstrand - - * lib/krb5/*.[0-9]: pacify mdoclink - - * lib/krb5/krb5_ccache.3: document diffrences between mit and - heimdal krb5_cc_gen_new ccache -> credential cache s/[\t ]+$// - -2003-05-21 Love Hörnquist Åstrand - - * appl/test/gssapi_server.c (proto): start to use - gss_krb5_copy_ccache - - * appl/test/nt_gss_server.c (proto): comment out gss_ctx_id_t - groveling for now - -2003-05-20 Love Hörnquist Åstrand - - * lib/asn1: - - add parser/generate glue for UTF8String and NULL - (DER primitive encode/decode functions missing) - - handle parsing of DEFAULT and, ... - -2003-05-16 Love Hörnquist Åstrand - - * lib/krb5/heim_threads.h: add missing argument to mutex_init - - * lib/krb5/crypto.c: protect the random initiator with a mutex - - * lib/krb5/mcache.c: protect the mcc_head with a mutex - - * lib/krb5/krb5_locl.h: include heim_threads.h - - * lib/krb5/heim_threads.h: wrapper macros for thread - synchronization primitives - -2003-05-15 Love Hörnquist Åstrand - - * lib/krb5/krb5_principal.3 - lib/krb5/Makefile.am: - Add all Kerberos principal function to one manpage, add a few more - principal function to it, remove old now dup manpages - - * lib/krb5/krb5_build_principal.3: remove file - * lib/krb5/krb5_free_principal.3: remove file - * lib/krb5/krb5_sname_to_principal.3: remove file - * lib/krb5/krb5_principal_get_realm.3: remove file - -2003-05-14 Love Hörnquist Åstrand - - * lib/krb5/verify_krb5_conf.8: sort sections, from netbsd - - * lib/krb5/krb5_verify_user.3: .Sh EXAMPLE -> .Sh EXAMPLES, from - netbsd - - * lib/krb5/krb5_openlog.3: .Sh EXAMPLE -> .Sh EXAMPLES, sort - sections, from netbsd - - * lib/krb5/krb5_keytab.3: .Sh EXAMPLE -> .Sh EXAMPLES, mdoc fixes, - from netbsd - - * lib/krb5/krb5_get_krbhst.3: .Sh EXAMPLE -> .Sh EXAMPLES, from - netbsd - - * lib/krb5/krb5_get_all_client_addrs.3: add .Os, from NetBSD - - * lib/krb5/krb5_build_principal.3: sort sections, from NetBSD - - * lib/krb5/krb5.conf.5: .Sh EXAMPLE -> .Sh EXAMPLES, from netbsd - - * lib/krb5/get_default_realm.c: compatability -> compatibility, - from netbsd - - * lib/krb5/krb5_warn.3: add copyright/license - - * lib/krb5/krb5_context.3: add SYNOPSIS and LIBRARY - - * lib/krb5/krb5.3: add RCSID - - * kdc/hprop.8: fix mdoc problem, from netbsd - - * lib/krb5/krb5_krbhst_init.3: uppercase url, from Thomas Klausner - - - * kuser/kinit.1: setup -> set up, new sentence, new line from - Thomas Klausner - -2003-05-13 Love Hörnquist Åstrand - - * kpasswd/kpasswd.1: handle setting passwords for multiple - principals at the same time - - * kpasswd/kpasswd.c: handle setting passwords for multiple - principals at the same time - - * lib/krb5/changepw.c: draft-ietf-cat-kerb-chg-password-02 and - rfc3244 share the response packet sure more constants now that - they exists - -2003-05-12 Love Hörnquist Åstrand - - * lib/krb5/krb5.h: some define for rfc3244 - - * lib/krb5/krb5.3: add krb5_change_password and krb5_set_password - - * kpasswd/kpasswd.1: document --admin-principal - - * kpasswd/kpasswd.c: use krb5_set_password - - * lib/krb5/krb5_set_password.3: document krb5_change_password and - krb5_set_password - - * lib/krb5/changepw.c: implement rfc3244, partly from - shadow@dementia.org - - * lib/asn1/Makefile.am (gen_files): asn1_ChangePasswdDataMS.x for - RFC3244 - - * lib/asn1/k5.asn1: add ChangePasswdDataMS, for - RFC3244 - -2003-05-08 Love Hörnquist Åstrand - - * kuser/kdestroy.c: destroy tokens even if there isn't v4 support - - * kuser/kinit.c: get token even if there isn't v4 support - - * kuser/klist.c: print tokens even if there isn't v4 support - -2003-05-06 Johan Danielsson - - * lib/krb5/name-45-test.c: need to use empty krb5.conf for some - tests - - * lib/asn1/check-gen.c: there is no \e escape sequence; replace - everything with hex-codes, and cast to unsigned char* to make some - compilers happy - -2003-05-06 Love Hörnquist Åstrand - - * lib/krb5/get_in_tkt.c (make_pa_enc_timestamp): make sure first - argument to krb5_us_timeofday have correct type - -2003-05-05 Assar Westerlund - - * include/make_crypto.c (main): include aes.h if ENABLE_AES - -2003-05-05 Love Hörnquist Åstrand - - * make-release: when fixing a valid cvs tag from release name - replace all number. to number- for all non-overlapping matches - -2003-05-04 Love Hörnquist Åstrand - - * lib/asn1/Makefile.am: gen_files += asn1_ETYPE_INFO2.x and - asn1_ETYPE_INFO2_ENTRY.x - (libasn1_la_LDFLAGS): set version to 6:1:1 - - * doc/Makefile.am: add apps.texi - - * doc/setup.texi: add move forward link to applications - - * doc/heimdal.texi: add applications - - * doc/misc.texi: move afs stuff to applications add link to - applications - - * doc/apps.texi: text about applications using kerberos - move afs text here - -2003-05-03 Love Hörnquist Åstrand - - * doc/setup.texi: add cross realm text - -2003-04-29 Love Hörnquist Åstrand - - * lib/krb5/krb5_crypto_init.3: document krb5_enctype_to_string and - krb5_string_to_enctype - -2003-04-28 Love Hörnquist Åstrand - - * kdc/v4_dump.c (v4_prop_dump): limit strings length, from openbsd - -2003-04-26 Love Hörnquist Åstrand - - * lib/krb5/aes-test.c: use _krb5_PKCS5_PBKDF2 - * lib/krb5/crypto.c: unexport krb5_PKCS5_PBKDF2 - -2003-04-25 Johan Danielsson - - * lib/krb5/build_auth.c (krb5_build_authenticator): if the local - sequence number is non-zero, don't generate a new one - - * lib/krb5/mk_rep.c (krb5_mk_rep): if the local sequence number is - non-zero, don't generate a new one - - * lib/krb5/time.c (krb5_us_timeofday): make the sec parameter a - krb5_timestamp - - * lib/krb5/mk_priv.c lib/krb5/mk_safe.c lib/krb5/rd_priv.c - lib/krb5/rd_safe.c lib/krb5/rd_cred.c: implement RET_SEQUENCE and - RET_TIME - - * lib/krb5/krb5.h (krb5_replay_data): make usec signed (matching - asn1) - -2003-04-24 Love Hörnquist Åstrand - - * doc/programming.texi: s/managment/management/, from jmc - - -2003-04-23 Love Hörnquist Åstrand - - * lib/krb5/context.c (default_etypes): also advertise that we - handle aes encryption types - - * lib/krb5/Makefile.am: add krb5_c_ checksum related functions - - * lib/krb5/krb5_c_make_checksum.3: document krb5_c_ checksum - related functions - - * lib/krb5/mit_glue.c: add compat mit krb5_c checksum related - functions - - * lib/asn1/k5.asn1: add ETYPE-INFO2 and ETYPE-INFO2-ENTRY - -2003-04-22 Love Hörnquist Åstrand - - * lib/krb5/krbhst.c: copy NUL too, from janj@wenf.org via openbsd - -2003-04-17 Love Hörnquist Åstrand - - * lib/asn1/der_copy.c (copy_general_string): use strdup - * lib/asn1/der_put.c: remove sprintf - * lib/asn1/gen.c: remove strcpy/sprintf - - * lib/krb5/name-45-test.c: use a more unique name then ratatosk so - that other (me) have such hosts in the local domain and the tests - fails, to take hokkigai.pdc.kth.se instead - - * lib/krb5/test_alname.c: add --version and --help - -2003-04-16 Love Hörnquist Åstrand - - * lib/krb5/krb5_warn.3: add krb5_get_err_text - - * lib/krb5/transited.c: use strlcat/strlcpy, from openbsd - * lib/krb5/krbhst.c (srv_find_realm): use strlcpy, from openbsd - * lib/krb5/aname_to_localname.c (krb5_aname_to_localname): use - strlcpy, from openbsd - * kdc/hpropd.c: s/strcat/strlcat/, inspired from openbsd - * appl/kf/kfd.c: use strlcpy, from openbsd - -2003-04-16 Johan Danielsson - - * configure.in: fix for large file support in AIX, _LARGE_FILES - needs to be defined on the command line, since lex likes to - include stdio.h before we get to config.h - -2003-04-16 Love Hörnquist Åstrand - - * lib/krb5/*.3: Change .Fd #include to .In header.h, - from Thomas Klausner - - * lib/krb5/krb5.conf.5: spelling, from Thomas Klausner - - -2003-04-15 Love Hörnquist Åstrand - - * kdc/kerberos5.c: fix some more memory leaks - -2003-04-11 Love Hörnquist Åstrand - - * appl/kf/kf.1: spelling, from jmc - -2003-04-08 Love Hörnquist Åstrand - - * admin/ktutil.8: typos, from jmc - -2003-04-06 Love Hörnquist Åstrand - - * lib/krb5/krb5.3: s/kerberos/Kerberos/ - * lib/krb5/krb5_data.3: s/kerberos/Kerberos/ - * lib/krb5/krb5_address.3: s/kerberos/Kerberos/ - * lib/krb5/krb5_ccache.3: s/kerberos/Kerberos/ - * lib/krb5/krb5.conf.5: s/kerberos/Kerberos/ - * kuser/kinit.1: s/kerberos/Kerberos/ - * kdc/kdc.8: s/kerberos/Kerberos/ - -2003-04-01 Love Hörnquist Åstrand - - * lib/krb5/test_alname.c: more krb5_aname_to_localname tests - - * lib/krb5/aname_to_localname.c (krb5_aname_to_localname): when - converting too root, make sure user is ok according to - krb5_kuserok before allowing it. - - * lib/krb5/Makefile.am (noinst_PROGRAMS): += test_alname - - * lib/krb5/test_alname.c: add test for krb5_aname_to_localname - - * lib/krb5/crypto.c (krb5_DES_AFS3_CMU_string_to_key): used p1 - instead of the "illegal" salt #~, same change as kth-krb did - 1999. Problems occur with crypt() that behaves like AT&T crypt - (openssl does this). Pointed out by Marcus Watts. - - * admin/change.c (kt_change): collect all principals we are going - to change, and pick the highest kvno and use that to guess what - kvno the resulting kvno is going to be. Now two ktutil change in a - row works. XXX fix the protocol to pass the kvno back. - -2003-03-31 Love Hörnquist Åstrand - - * appl/kf/kf.1: afs->AFS, from jmc - -2003-03-30 Love Hörnquist Åstrand - - * doc/setup.texi: add description on how to turn on v4, 524 and - kaserver support - -2003-03-29 Love Hörnquist Åstrand - - * lib/krb5/verify_krb5_conf.c (appdefaults_entries): add afslog - and afs-use-524 - -2003-03-28 Love Hörnquist Åstrand - - * kdc/kerberos5.c (as_rep): when the second enctype_to_string - failes, remember to free memory from the first enctype_to_string - - * lib/krb5/crypto.c (usage2arcfour): map KRB5_KU_TICKET to 2, - from Harald Joerg - (enctype_arcfour_hmac_md5): disable checksum_hmac_md5_enc - - * lib/hdb/mkey.c (hdb_unseal_keys_mkey): truncate key to the key - length when key is longer then expected length, its probably - longer since the encrypted data was padded, reported by Aidan - Cully - - * lib/krb5/crypto.c (krb5_enctype_keysize): return key size of - encyption type, inspired by Aidan Cully - -2003-03-27 Love Hörnquist Åstrand - - * lib/krb5/keytab.c (krb5_kt_get_entry): avoid printing 0 - (wildcard kvno) after principal when the keytab entry isn't found, - reported by Chris Chiappa - -2003-03-26 Love Hörnquist Åstrand - - * doc/misc.texi: update 2b example to match reality (from - mattiasa@e.kth.se) - - * doc/misc.texi: spelling and add `Configuring AFS clients' - subsection - -2003-03-25 Love Hörnquist Åstrand - - * lib/krb5/krb5.3: add krb5_free_data_contents.3 - - * lib/krb5/data.c: add krb5_free_data_contents for compat with MIT - API - - * lib/krb5/krb5_data.3: add krb5_free_data_contents for compat - with MIT API - - * lib/krb5/krb5_verify_user.3: write more about how the ccache - argument should be inited when used - -2003-03-25 Johan Danielsson - - * lib/krb5/addr_families.c (krb5_print_address): make sure - print_addr is defined for the given address type; make addrports - printable - - * kdc/string2key.c: print the used enctype for kerberos 5 keys - -2003-03-25 Love Hörnquist Åstrand - - * lib/krb5/aes-test.c: add another arcfour test - -2003-03-22 Love Hörnquist Åstrand - - * lib/krb5/aes-test.c: sneek in a test for arcfour-hmac-md5 - -2003-03-20 Love Hörnquist Åstrand - - * lib/krb5/krb5_ccache.3: update .Dd - - * lib/krb5/krb5.3: sort in krb5_data functions - - * lib/krb5/Makefile.am (man_MANS): += krb5_data.3 - - * lib/krb5/krb5_data.3: document krb5_data - - * lib/krb5/init_creds_pw.c (krb5_get_init_creds_password): if - prompter is NULL, don't try to ask for a password to - change. reported by Iain Moffat @ ufl.edu via Howard Chu - - -2003-03-19 Love Hörnquist Åstrand - - * lib/krb5/krb5_keytab.3: spelling, from - - - * lib/krb5/krb5.conf.5: . means new line - - * lib/krb5/krb5.conf.5: spelling, from - - - * lib/krb5/krb5_auth_context.3: spelling, from - - -2003-03-18 Love Hörnquist Åstrand - - * kuser/Makefile.am: INCLUDES: -I$(srcdir)/../lib/krb5 - - * lib/krb5/convert_creds.c: add _krb5_krb_life_to_time - - * lib/krb5/krb5-v4compat.h: add _krb5_krb_life_to_time - - * kdc/kdc_locl.h: 524 is independent of kerberos 4, so move out - #ifdef KRB4 from enable_v4_cross_realm since 524 needs it - - * kdc/config.c: 524 is independent of kerberos 4, so move out - enable_v4_cross_realm from #ifdef KRB4 since 524 needs it - -2003-03-17 Assar Westerlund - - * kdc/kdc.8: document --kerberos4-cross-realm - * kdc/kerberos4.c: pay attention to enable_v4_cross_realm - * kdc/kdc_locl.h (enable_v4_cross_realm): add - * kdc/524.c (encode_524_response): check the enable_v4_cross_realm - flag before giving out v4 tickets for foreign v5 principals - * kdc/config.c: add --enable-kerberos4-cross-realm option (default - to off) - -2003-03-17 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am (man_MANS) += krb5_aname_to_localname.3 - - * lib/krb5/krb5_aname_to_localname.3: manpage for - krb5_aname_to_localname - - * lib/krb5/krb5_kuserok.3: s/KRB5_USEROK/KRB5_KUSEROK/ - -2003-03-16 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am (man_MANS): add krb5_set_default_realm.3 - - * lib/krb5/krb5.3: add manpages from krb5_set_default_realm.3 - - * lib/krb5/krb5_set_default_realm.3: Manpage for - krb5_free_host_realm, krb5_get_default_realm, - krb5_get_default_realms, krb5_get_host_realm, and - krb5_set_default_realm. - - * admin/ktutil.8: s/entype/enctype/, from Igor Sobrado - via NetBSD - - * lib/krb5/krb5_keytab.3: add documention for krb5_kt_get_type - - * lib/krb5/keytab.c (krb5_kt_get_type): get prefix/type of keytab - - * lib/krb5/krb5.h (KRB5_KT_PREFIX_MAX_LEN): max length of prefix - - * lib/krb5/krb5_ccache.3: document krb5_cc_get_ops, add more - types, add krb5_fcc_ops and krb5_mcc_ops - - * lib/krb5/cache.c (krb5_cc_get_ops): new function, return ops for - a id - -2003-03-15 Love Hörnquist Åstrand - - * doc/intro.texi: add reference to source code, binaries and the - manual - - * lib/krb5/krb5.3: krb5.h isn't in krb5 directory in heimdal - -2003-03-14 Love Hörnquist Åstrand - - * kdc/kdc.8: better/difrent english - - * kdc/kdc.8: . -> .\n, copyright/license - - * kdc/kdc.8: changed configuration file -> restart kdc - - * kdc/kerberos4.c: add krb4 into the most error messages written - to the logfile - - * lib/krb5/krb5_ccache.3: add missing name of argument - (krb5_context) to most functions - -2003-03-13 Love Hörnquist Åstrand - - * lib/krb5/kuserok.c (krb5_kuserok): preserve old behviour of - function and return FALSE when there isn't a local account for - `luser'. - - * lib/krb5/krb5_kuserok.3: fix prototype, spelling and more text - describing the function - -2003-03-12 Love Hörnquist Åstrand - - * lib/krb5/cache.c (krb5_cc_default): if krb5_cc_default_name - returned memory, don't return ENOMEM - -2003-03-11 Love Hörnquist Åstrand - - * lib/krb5/krb5.3: add krb5_address stuff and sort - - * lib/krb5/krb5_address.3: fix krb5_addr2sockaddr description - - * lib/krb5/Makefile.am (man_MANS): += krb5_address.3 - - * lib/krb5/krb5_address.3: document types krb5_address and - krb5_addresses and their helper functions - -2003-03-10 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am (man_MANS): += krb5_kuserok.3 - - * lib/krb5/krb5_kuserok.3: spelling, from cizzi@it.su.se - - * lib/krb5/Makefile.am (man_MANS): += krb5_ccache.3 - - * lib/krb5/krb5_ccache.3: spelling, from cizzi@it.su.se - - * lib/krb5/krb5.3: add more functions - - * lib/krb5/krb5_ccache.3: document krb5_ccache and krb5_cc - functions - - * lib/krb5/krb5_kuserok.3: document krb5_kuserok - - * lib/krb5/krb5_verify_user.3: document - krb5_verify_opt_set_flags(opt, KRB5_VERIFY_LREALMS) behavior - - * lib/krb5/krb5_verify_user.3: document krb5_verify_opt* and - krb5_verify_user_opt - - * lib/krb5/*.[0-9]: add copyright/licenses on more manpages - - * kuser/kdestroy.c (main): handle that krb5_cc_default_name can - return NULL - - * lib/krb5/Makefile.am (libkrb5_la_LDFLAGS): bump minor - (TESTS): add test_cc - - * lib/krb5/test_cc.c: test some - krb5_cc_default_name/krb5_cc_set_default_name combinations - - * lib/krb5/context.c (init_context_from_config_file): set - default_cc_name to NULL - (krb5_free_context): free default_cc_name if set - - * lib/krb5/cache.c (krb5_cc_set_default_name): new function - (krb5_cc_default_name): use krb5_cc_set_default_name - - * lib/krb5/krb5.h (krb5_context_data): add default_cc_name - -2003-02-25 Love Hörnquist Åstrand - - * appl/kf/kf.1: s/securly/securely/ from NetBSD - -2003-02-18 Love Hörnquist Åstrand - - * kdc/connect.c: s/intialize/initialize, from - - -2003-02-17 Love Hörnquist Åstrand - - * configure.in: add AM_MAINTAINER_MODE - -2003-02-16 Love Hörnquist Åstrand - - * **/*.[0-9]: add copyright/licenses on all manpages - -2003-14-16 Jacques Vidrine - - * lib/krb5/get_in_tkt.c (init_as_req): Send only a single - PA-ENC-TIMESTAMP in the AS-REQ, using the first encryption - type specified by the KDC. - -2003-02-15 Love Hörnquist Åstrand - - * fix-export: some autoconf put their version number in - autom4te.cache, so remove autom4te*.cache - - * fix-export: make sure $1 is a directory - -2003-02-04 Love Hörnquist Åstrand - - * kpasswd/kpasswdd.8: spelling, from jmc - - * kdc/kdc.8: spelling, from jmc - -2003-01-31 Love Hörnquist Åstrand - - * kdc/hpropd.8: s/databases/a database/ s/Not/not/ - - * kdc/hprop.8: add missing . - -2003-01-30 Love Hörnquist Åstrand - - * lib/krb5/krb5.conf.5: documentation for of boolean, etypes, - address, write out encryption type in sentences, s/Host/host - -2003-01-26 Love Hörnquist Åstrand - - * lib/asn1/check-gen.c: add checks for Authenticator too - -2003-01-25 Love Hörnquist Åstrand - - * doc/setup.texi: in the hprop example, use hprop and the first - component, not host - - * lib/krb5/get_addrs.c (find_all_addresses): address-less - point-to-point might not have an address, just ignore - those. Reported by Harald Barth. - -2003-01-23 Love Hörnquist Åstrand - - * lib/krb5/verify_krb5_conf.c (check_section): when key isn't - found, don't print out all known keys - - * lib/krb5/verify_krb5_conf.c (syslogvals): mark up where severity - and facility start resp - (check_log): find_value() returns -1 when key isn't found - - * lib/krb5/crypto.c (_krb5_aes_cts_encrypt): make key argument a - 'const void *' to avoid AES_KEY being exposed in krb5-private.h - - * lib/krb5/krb5.conf.5: add [kdc]use_2b - - * kdc/524.c (encode_524_response): its 2b not b2 - - * doc/misc.texi: quote @ where missing - - * lib/asn1/Makefile.am: add check-gen - - * lib/asn1/check-gen.c: add Principal check - - * lib/asn1/check-common.h: move generic asn1/der functions from - check-der.c to here - - * lib/asn1/check-common.c: move generic asn1/der functions from - check-der.c to here - - * lib/asn1/check-der.c: move out the generic asn1/der functions to - a common file - -2003-01-22 Love Hörnquist Åstrand - - * doc/misc.texi: more text about afs, how to get get your KeyFile, - and how to start use 2b tokens - - * lib/krb5/krb5.conf.5: spelling, from Jason McIntyre - - -2003-01-21 Jacques Vidrine - - * kuser/kuser_locl.h: include crypto-headers.h for - des_read_pw_string prototype - -2003-01-16 Love Hörnquist Åstrand - - * admin/ktutil.8: document -v, --verbose - - * admin/get.c (kt_get): make getarg usage consistent with other - other parts of ktutil - - * admin/copy.c (kt_copy): remove adding verbose_flag to args - struct, since it will overrun the args array (from Sumit Bose) - -2003-01-15 Love Hörnquist Åstrand - - * lib/krb5/krb5.conf.5: write more about [realms] REALM = { kdc = - ... } - - * lib/krb5/aes-test.c: test vectors in aes-draft - - * lib/krb5/Makefile.am: add aes-test.c - - * lib/krb5/crypto.c: Add support for AES - (draft-raeburn-krb-rijndael-krb-02), not enabled by default. - (HMAC_SHA1_DES3_checksum): rename to SP_HMAC_SHA1_checksum and modify - to support checksumtype that are have a shorter wireformat then - their output block size. - - * lib/krb5/crypto.c (struct encryption_type): split the blocksize - into blocksize and padsize, padsize is the minimum padding - size. they are the same for now - (enctype_*): add padsize - (encrypt_internal): use padsize - (encrypt_internal_derived): use padsize - (wrapped_length): use padsize - (wrapped_length_dervied): use padsize - - * lib/krb5/crypto.c: add extra `opaque' argument to string_to_key - function for each enctype in preparation enctypes that uses - `Encryption and Checksum Specifications for Kerberos 5' draft - - * lib/asn1/k5.asn1: add checksum and enctype for AES from - draft-raeburn-krb-rijndael-krb-02.txt - - * lib/krb5/krb5.h (krb5_keytype): add KEYTYPE_AES128, - KEYTYPE_AES256 - -2003-01-14 Love Hörnquist Åstrand - - * lib/hdb/common.c (_hdb_fetch): handle error code from - hdb_value2entry - - * kdc/Makefile.am: always include kerberos4.c and 524.c in - kdc_SOURCES to support 524 - - * kdc/524.c: always compile in support for 524 - - * kdc/kdc_locl.h: move out krb/524 protos from under #ifdef KRB4 - - * kdc/config.c: always compile in support for 524 - - * kdc/connect.c: always compile in support for 524 - - * kdc/kerberos4.c: export encode_v4_ticket() and get_des_key() - even when we build without kerberos 4, 524 needs them - - * lib/krb5/convert_creds.c, lib/krb5/krb5-v4compat.h: Split out - Kerberos 4 help functions/structures so other parts of the source - tree can use it (like the KDC) - diff --git a/crypto/heimdal/ChangeLog.2004 b/crypto/heimdal/ChangeLog.2004 deleted file mode 100644 index 5e3934256828..000000000000 --- a/crypto/heimdal/ChangeLog.2004 +++ /dev/null @@ -1,1485 +0,0 @@ -2004-12-30 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am (CHECK_SYMBOLS): add heim_ and pkcs7_ for - now (used in pkinit) - -2004-12-29 Love Hörnquist Åstrand - - * lib/hdb/Makefile.am: add CHECK_SYMBOLS - - * lib/hdb/keys.c: make all_etypes static - - * lib/krb5/Makefile.am: add CHECK_SYMBOLS, approve of: -com_err - -version krb5_ _krb5_ __heimdal krb524_ krb4_fkt_ops - - * kdc/kerberos5.c: use private version of principalname - - * kdc/kerberos4.c: use private version of principalname - - * kdc/hpropd.c: use private version of principalname - - * kdc/524.c: use private version of principalname - - * lib/krb5/rd_req.c: use private version of principalname - - * lib/krb5/rd_cred.c: use private version of principalname - - * lib/krb5/init_creds_pw.c: use private version of principalname - - * lib/krb5/get_in_tkt.c: use private version of principalname - - * lib/krb5/asn1_glue.c: make principalname functions private - - * lib/krb5/krb5.h: add key usage for server referrals - -2004-12-29 Love Hörnquist Åstrand - - * lib/krb5/principal.c: make default_v4_name_convert static - - * lib/krb5/crypto.c: make lots of crypto related variables static - - * lib/krb5/acache.c: make default_acc_name static - -2004-12-28 Love Hörnquist Åstrand - - * doc/setup.texi: add some text about samba, use example.com - - * lib/hdb/hdb-ldap.c: Add account expiration for samba from James - F. Hranicky . - Add LDAP_addmod_integer and use it. - -2004-12-27 Love Hörnquist Åstrand - - * doc/{Makefile.am,setup.texi,win2k.texi}: spelling and text - fixes, from Dave Love - -2004-12-18 Love Hörnquist Åstrand - - * lib/krb5/heim_threads.h: NetBSD 2.99.11 (any maybe 2.1) just - needs pthread.h, threadlib is dead - -2004-12-17 Love Hörnquist Åstrand - - * kdc/config.c (configure): check for deprecated - enforce-transited-policy is set and fail if it is - - * lib/asn1/asn1_print.c: don't print garabage for octet strings - -2004-12-13 Love Hörnquist Åstrand - - * kdc/main.c (main): catch sigpipe, we don't bother select()ing - for errors - - * kdc/connect.c (handle_http_tcp): handle error from write(2) - - * doc/setup.texi: clarify credentials refreshing stuff - - * doc/setup.texi: add new node: Providing Kerberos credentials to - servers and programs - - * doc/whatis.texi: fix spurious cross-reference makeinfo warning - - * lib/hdb/hdb-ldap.c (pos): uppercase in character - -2004-12-12 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c (LDAP__bytes2hex,LDAP__hex2bytes): encode - nibbels in the other order - - * lib/hdb/hdb-ldap.c: s/objectclass/objectClass/ check if - attribute exists before we try to delete it LDAP__bytes2hex - encodes in strange byte order, is this really right ? - -2004-12-11 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c (LDAP_firstkey): When iterating over all - entries, search for samba accounts too, From: "James F. Hranicky" - - - * lib/hdb/hdb-ldap.c (krb5kdcentry_attrs): ask for attribute uid - too - - * lib/hdb/hdb-ldap.c (LDAP_message2entry): if the entry is missing - both krb5PrincipalName and uid, it must be broken, ignore it and - return it doesn't exists. - -2004-12-10 Love Hörnquist Åstrand - - * kdc/hpropd.8: spelling, from OpenBSD - - * kdc/kdc.8: use keeps for options, From OpenBSD k - -2004-12-09 Love Hörnquist Åstrand - - * doc/setup.texi: document --random-key and the need to do backup - of the master key - - * kdc/kstash.8: add --random-key - - * kdc/kstash.c: add --random-key - -2004-12-08 Love Hörnquist Åstrand - - * lib/krb5/verify_krb5_conf.8: spelling, from openbsd - - * lib/krb5/krb5_init_context.3: spelling, from openbsd - - * lib/krb5/krb5.conf.5: spelling, from openbsd - - * kuser/kdestroy.1: use keeps around options, spelling, from - openbsd - - * kpasswd/kpasswdd.8: use ., use keeps around options, from OpenBSD - - * kdc/hpropd.8: use keeps around options, from OpenBSD - - * kdc/hprop.8: use keeps around options, from OpenBSD - -2004-11-30 Love Hörnquist Åstrand - - * lib/krb5/context.c (krb5_free_context): clear error string - before destroying mutex - (krb5_init_context): don't call krb5_free_context before there is a - mutex initialized - -2004-11-18 Love Hörnquist Åstrand - - * kuser/kinit.c (get_new_tickets): only complain about ticket - renewable lifetime when the user asked for a specific renewable - lifetime - -2004-11-15 Love Hörnquist Åstrand - - * kdc/kerberos5.c (find_keys): log what principal is missing - enctypes - -2004-11-13 Love Hörnquist Åstrand - - * lib/krb5/get_in_tkt.c (krb5_get_in_cred): clear pointer after - freeing data - - * lib/krb5/init_creds_pw.c (change_password): handle old_options - being NULL From Guenther Deschner on samba-technical. - -2004-11-12 Love Hörnquist Åstrand - - * lib/krb5/krb5_get_init_creds.3: add more text describing the - krb5_get_init_creds functions - -2004-11-11 Love Hörnquist Åstrand - - * lib/krb5/init_creds_pw.c: make krb5_get_init_creds_keytab work - again - -2004-11-10 Love Hörnquist Åstrand - - * lib/hdb/hdb.asn1: use constrained integers - -2004-11-09 Love Hörnquist Åstrand - - * lib/krb5/krb5_get_init_creds.3: add description for opt_init, - opt_alloc, opt_free - - * lib/krb5/pkinit.c: unexport krb5_get_init_creds_opt_free_pkinit - - * lib/krb5/init_creds.c: unexport - krb5_get_init_creds_opt_free_pkinit - - * lib/krb5/init_creds_pw.c: fold init_init_creds_ctx into - get_init_creds_common - - * lib/krb5/init_creds.c (_krb5_get_init_creds_opt_copy): if the in - options NULL, just make a clean copy - -2004-11-01 Love Hörnquist Åstrand - - * lib/krb5/sendauth.c (krb5_rd_rep): free ap_rep message earlier - so we don't leak it on error - -2004-10-31 Love Hörnquist Åstrand - - * lib/krb5/krb5.conf.5: unbreak 2b entry - - * lib/krb5/acache.c (make_cred_from_ccred): the address isn't a - sockaddr but rather a kerberos address, deal with that. Based on - bug report from Jakob Schlyter . - -2004-10-30 Love Hörnquist Åstrand - - * kdc/connect.c: Make sure argument passed to ctype isn't signed - char - -2004-10-14 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: match new error names - - * lib/krb5/krb5_err.et: make error messages sane again - -2004-10-13 Love Hörnquist Åstrand - - * lib/krb5/keytab.c: use KRB5_KT_BADNAME - - * lib/krb5/krb5_err.et: sync with mit krb5_err.et (require major - version bump) add KRB5_DELTAT_BADFORMAT - - * lib/krb5/krb5.conf.5: time defaults to "s" - - * lib/krb5/time.c (krb5_string_to_deltat): default to "s" again, - MIT's behavior was actually that it failed to parse the number - (and thus used the default). Even better, ticket_lifetime (that - was a consumer supposed a of the interface) was documented but - never implemented, when it was implemented, people configuraiton - files started to fail. Also, use KRB5_DELTAT_BADFORMAT as a - failure code. - - * lib/asn1/k5.asn1: sync enctypes with pkinit branch - - * lib/asn1/parse.y (readd) support negative numbers - - * lib/asn1/lex.l: support hex numbers - -2004-10-12 Love Hörnquist Åstrand - - * kdc/pkinit.c: use ETYPE_DES3_CBC_NONE_CMS - - * lib/krb5/crypto.c: add enctype_des3_cbc_none_cms add cms padding - for rc2 don't to padding for blocksize 1 - - * lib/hdb/{keys.c,Makefile.am},lib/kadm5/{keys,set_keys}.c: - Move keyset parsing and password based keyset generation into hdb. - Requested by Andrew Bartlett for hdb-ldb - backend. - -2004-10-07 Love Hörnquist Åstrand - - * kuser/kinit.c: adapt to new signature of - krb5_get_init_creds_opt_set_pkinit - - * lib/krb5/pkinit.c: free openssl engine deal with - RecipientIdentifier -> CMSIdentifier and heim_any -> name change - improve error messages - - * kdc/pkinit.c: free openssl engine deal with RecipientIdentifier - -> CMSIdentifier and heim_any -> name change - -2004-10-04 Johan Danielsson - - * kuser/klist.c: use rtbl_set_separator - -2004-10-03 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: filter out dup openssl engine keys, parse - user options first - - * lib/krb5/pkinit.c: stop using AlgorithmIdentifierNonOpt, add - openssl engine support for private key - - * lib/krb5/crypto.c: support padding as its done in CMS - - * kdc/pkinit.c: improve error logging - - * kdc/pkinit.c: stop using AlgorithmIdentifierNonOpt - -2004-09-30 Love Hörnquist Åstrand - - * lib/krb5/krb5.conf.5: assume minutes for time - - * lib/krb5/config_file.c (krb5_config_vget_time_default): use - krb5_string_to_deltat - - * lib/krb5/appdefault.c (krb5_appdefault_time): use - krb5_string_to_deltat - - * lib/krb5/time.c (krb5_string_to_deltat): set default unit to - minute for compatibility with MIT Kerberos. - - -2004-09-28 Love Hörnquist Åstrand - - * lib/krb5/get_cred.c (get_cred_kdc_usage): retry using "large - message safe" transport if we get back - KRB5KRB_ERR_RESPONSE_TOO_BIG error. Idea from Guenther Deschner - - -2004-09-23 Johan Danielsson - - * admin/list.c: use rtbl - - * admin/ktutil-commands.in: slc source file - - * lib/krb5/constants.c: check - /Library/Preferences/edu.mit.Kerberos on OSX - -2004-09-21 Johan Danielsson - - * lib/krb5/time.c (krb5_format_time): check return value from - localtime and strftime - -2004-09-14 Johan Danielsson - - * kuser/kinit.c: make sure we don't always get renewable creds - -2004-09-11 Love Hörnquist Åstrand - - * lib/krb5/acache.c: use krb5_ccapi.h - - * lib/krb5/krb5_ccapi.h: break out krb5 api definitions to - separate (not installed) file - - * lib/krb5/Makefile.am: add AM_CPPFLAGS to libkrb5_la_CPPFLAGS - since AM_CPPFLAGS overridden by target specific _CPPFLAGS - -2004-09-08 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: make variable shorter, make error messages - from pkinit, make freeing easier - -2004-09-06 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am: link libkrb5 with LIB_dlopen - - * lib/krb5/crypto.c (seed_something): avoid poking at memory that - is uninitialized, make valgrind unhappy. Pointd out by - abartlet@samba.org. While where, plug the fd leak. - -2004-09-05 Love Hörnquist Åstrand - - * lib/asn1/der_get.c (decode_*): name all tag-length variables the - same - (decode_enumerated): check that the tag-length is not longer the length - - * lib/asn1/der_get.c (decode_boolean): fail if length of tag is - larger then len - -2004-08-31 Love Hörnquist Åstrand - - * lib/krb5/init_creds_pw.c (krb5_get_init_creds): kdc_reply can be - set in case of failure too, free unconditionally on exit to avoid - memory leak - -2004-08-23 Love Hörnquist Åstrand - - * lib/krb5/get_cred.c (set_auth_data): set pointer to NULL after - free - -2004-08-20 Love Hörnquist Åstrand - - * lib/krb5/context.c (krb5_get_err_text): if neither of com_right - nor strerror finds the error-code, return Unknown error. - -2004-08-19 Johan Danielsson - - * lib/krb5/krb5_kuserok.3: update to reality - - * lib/krb5/kuserok.c: if a .k5login file exist, don't give - implicit rights to anyone; also check owner/mode of .k5login - -2004-08-15 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am: man_MANS = krb5_getportbyname.3 - - * lib/krb5/krb5_getportbyname.3: manpage for krb5_getportbyname - - * lib/krb5/krb5.3: add krb5_getportbyname - - * lib/krb5/krb5.3: krb5_free_salt and krb5_enctype_valid - - * lib/krb5/krb5_encrypt.3: document krb5_enctype_valid - -2004-08-13 Love Hörnquist Åstrand - - * kdc/kerberos5.c (get_pa_etype_info{,2}): check for dup enctypes - from the client and filter them out. - - * lib/krb5/krb5_string_to_key.3: document krb5_free_salt - -2004-08-12 Love Hörnquist Åstrand - - * lib/krb5/krb5_ticket.3: data needs to be freed when using - krb5_ticket_get_authorization_data_type - -2004-08-11 Love Hörnquist Åstrand - - * lib/krb5/test_cc.c: test variables in default_cc_name - - * lib/krb5/krb5.conf.5: explain support for varibles in - [libdefaults]default_cc_name - - * lib/krb5/cache.c: drop ${time}, its not very useful - - * lib/krb5/cache.c: Add _krb5_expand_default_cc_name that expand - variables in the default cc name. Supported variables now are: - ${time},${uid} and ${null} - - * lib/krb5/krb5.conf.5: document default_cc_name - - * lib/krb5/cache.c (krb5_cc_set_default_name): - s/libdefault/libdefaults/ - -2004-08-06 Love Hörnquist Åstrand - - * lib/krb5/acache.c: replace magic 3 with ccapi_version_3 - - * lib/krb5/Makefile.am: libkrb5_la_SOURCES += acache.c - - * lib/krb5/krb5.h: add krb5_acc_ops - - * lib/krb5/acache.c: CCAPI v3 implementation, the read only - support was from Magnus Ahltorp and then extended by me to support - all other operations. Tested with MIT kerberos cc cache - implementation on MacOS 10.3.3 - - * lib/krb5/cache.c (krb5_cc_set_default_name): allow setting the - default cc name, this is not very useful for general purpose glue - since its not possible to glue in user information (like uid), but - for CCAPI it works just fine - -2004-08-05 Love Hörnquist Åstrand - - * kuser/kgetcred.1: document --cache/-c - - * kuser/kgetcred.c: allow to specify what credential cache to use - -2004-08-03 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am: add krb5_eai_to_heim_errno.3 - - * lib/krb5/krb5_eai_to_heim_errno.3: document - krb5_eai_to_heim_errno, krb5_h_errno_to_heim_errno - - * lib/krb5/krb5.3: add krb5_eai_to_heim_errno, - krb5_h_errno_to_heim_errno - -2004-07-26 Love Hörnquist Åstrand - - * lib/krb5/krb5_expand_hostname.3: krb5_expand_hostname_realms - result should be free with krb5_free_host_realm drop - krb5_get_host_realm text - - * lib/krb5/krb5_set_default_realm.3: krb5_get_host_realm result - should be free with krb5_free_host_realm - - * lib/krb5/krb5_get_in_cred.3: document krb5_free_kdc_rep - - * lib/krb5/krb5_get_init_creds.3: remove dup krb5_get_init_creds - - * lib/krb5/krb5_auth_context.3: sort, add krb5_free_authenticator - - * lib/krb5/Makefile.am: man_MANS += krb5_rd_error - - * lib/krb5/krb5_rd_error.3: krb5_rd_error and friends - - * lib/krb5/krb5_warn.3: clarify on what string - krb5_free_error_string should operate on - - * lib/krb5/krb5_get_credentials.3: add krb5_get_kdc_cred - - * lib/krb5/Makefile.am: krb5_get_credentials, - krb5_get_forwarded_creds and friends - - * lib/krb5/krb5_get_forwarded_creds.3: krb5_get_forwarded_creds - and friends - - * lib/krb5/krb5_get_credentials.3: krb5_get_credentials and - friends - -2004-07-23 Love Hörnquist Åstrand - - * kuser/klist.c (print_cred_verbose): keytypes are no longer, use - enctype - -2004-07-22 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c (LDAP_entry2mods): allow for pre-c99 - compilers, From metze at samba.org - -2004-07-20 Love Hörnquist Åstrand - - * lib/krb5/test_cc.c: more cc tests - - * lib/krb5/krb5_check_transited.3: document krb5_check_transited - -2004-07-19 Love Hörnquist Åstrand - - * kdc/pkinit.c (pk_principal_from_X509): reverse test, makes - principal in cert work From: Mayur Patel - -2004-07-18 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am: add krb5_verify_init_creds.3 - - * lib/krb5/krb5_verify_init_creds.3: add krb5_verify_init_creds - -2004-07-15 Love Hörnquist Åstrand - - * lib/krb5/krb5_set_password.3: spelling from wiz@netbsd.org - description for krb5_passwd_result_to_string - -2004-07-14 Love Hörnquist Åstrand - - * lib/krb5/krb5_set_password.3: Remove superfluous comma; grammar - fixes; split sentence in two for better understanding. From - wiz@NetBSD.org. Describe krb5_set_password_using_ccache while here. - - * lib/krb5/krb5_set_password.3: nroff and spelling, from Jonathan - Stone - - * lib/krb5/changepw.c (process_reply): cast ssize_t to long and - print that From NetBSD via Havard Eidnes. - -2004-07-09 Love Hörnquist Åstrand - - * configure.in: fix helpstring for hdb-openldap-module - - * lib/krb5/test_cc.c: don't use krb5_err on error code 0 - -2004-07-08 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c (LDAP_seq): try handling errors better - -2004-07-02 Love Hörnquist Åstrand - - * lib/krb5/get_in_tkt.c (set_ptypes): make ptypes const - -2004-07-01 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c (LDAP__connect): call ldap_initialize with - right argument - -2004-06-27 Johan Danielsson - - * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): if the - krbtgt is without addresses, default to not sending our own - addrport - - * lib/asn1/lex.l: add support for /* */ and partial line -- - comments - - * kuser/Makefile.am: don't install copy_cred_cache manpage - -2004-06-24 Johan Danielsson - - * lib/krb5/init_creds.c (_krb5_get_init_creds_opt_copy): if - copying a static opt, make sure to allocate the "private" field - -2004-06-24 Love - - * kdc/config.c: add enable_pkinit_princ_in_cert - - * kdc/kdc_locl.h: enable_pkinit_princ_in_cert - - * kdc/pkinit.c: Check certificate for Kerberos Principal in - OtherName of subjectAltName Based on patch from Mayur Patel - - -2004-06-21 Love Hörnquist Åstrand - - * lib/krb5/get_cred.c (init_tgs_req): if subkey not avaible, use - session key for authorization-data - -2004-06-15 Love Hörnquist Åstrand - - * kdc/connect.c (handle_tcp): note who is what that closed the - connection on us - -2004-06-09 Love Hörnquist Åstrand - - * admin/get.c (kt_get): catch errors from krb5_parse_name - -2004-06-05 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c: if its the entry just contains the - structural object (no samba nor heimdal object), add an aux - heimdal object on to it. - -2004-06-02 Love Hörnquist Åstrand - - * kpasswd/kpasswd.c: use krb5_set_password_using_ccache - - * lib/krb5/krb5_set_password.3: add krb5_set_password_using_ccache - - * lib/krb5/changepw.c: implement krb5_set_password_using_ccache - - * lib/hdb/hdb-ldap.c: Allow the objectClass to be - "sambaSamAccount" or structural_object when searching for uid - entries. - - * lib/krb5/krb5.conf.5: document [kdc]hdb-ldap-create-base - - * lib/hdb/hdb-ldap.c: add creation base that defaults to the - search base - - * lib/hdb/hdb-ldap.c: indent like the rest of the code - -2004-06-01 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c: check return values from ldap operations and - close it we get back LDAP_SERVER_DOWN. stupid ldap client lib, you - should retry by yourself. - - * lib/hdb/hdb-ldap.c: require search base to be configured, create - local context structure - -2004-05-31 Love Hörnquist Åstrand - - * doc/setup.texi: more ldap text, partly from Tarjei Huse - - -2004-05-28 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c: clean, indent - - * lib/hdb/hdb-ldap.c (LDAP_entry2mods): make sure - krb5KeyVersionNumber is added on new entires - -2004-05-27 Love Hörnquist Åstrand - - * doc/setup.texi: minor fixes, partly from Tarjei Huse - - - * lib/krb5/krb5.conf.5: some text about dbname and realm - - * lib/krb5/krb5.conf.5: default value for - hdb-ldap-structural-object is account - -2004-05-26 Love Hörnquist Åstrand - - * tools/Makefile.am: use ! instead of , as sed delimiter - -2004-05-25 Love Hörnquist Åstrand - - * lib/krb5/*.c: add KRB5_LIB_FUNCTION to all exported functions - -2004-05-23 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c: make samba_forwardable a krb5_boolean - - * lib/hdb/hdb-ldap.c: make samba forwarding a runtime configure - option - - * lib/hdb/hdb-ldap.c (LDAP_message2entry): fix [] test From: - Andrew Bartlett - - * lib/hdb/hdb-ldap.c (LDAP_message2entry): remove bogus length - check From: Andrew Bartlett - - * lib/hdb/hdb-ldap.c (LDAP_message2entry): in the sambaNTPassword - case, make sure ent->etypes are allocated, From: Andrew Bartlett - - -2004-05-14 Love Hörnquist Åstrand - - * kuser/kinit.c: move "setpag if (argc < 1)" to common path - -2004-05-12 Love Hörnquist Åstrand - - * lib/krb5/verify_krb5_conf.c: pacify pre c99 compilers - - * fix-export: use right argument for -E - -2004-05-06 Johan Danielsson - - * kuser/kinit.c: print some diagnostics if the exec fails - -2004-04-29 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c (pk_rd_pa_reply_dh): use krb5_random_to_key - From: Luke Howard - - * lib/krb5/rd_req.c (krb5_verify_ap_req2): clear the whole ticket, - not just a pointer size of it From: Luke Howard - -2004-04-28 Love Hörnquist Åstrand - - * fix-export: add -E flag where needed to make-proto - -2004-04-26 Love Hörnquist Åstrand - - * lib/krb5/crypto.c: add set_param for RC2 - - * lib/krb5/pkinit.c: use krb5_oid_to_enctype and remove all oids - that are no longer needed - - * kdc/pkinit.c: use krb5_enctype_to_oid - - * lib/krb5/crypto.c (krb5_oid_to_enctype): make sure oid exists - before we compare with it - - * lib/krb5/crypto.c (krb5_crypto_get_params): check ivec length - before returning it add aes-oids - - * lib/krb5/crypto.c: add krb5_enctype_to_oid and - krb5_oid_to_enctype - - * kdc/pkinit.c: use krb5_crypto_set_params - - * lib/krb5/crypto.c: add krb5_crypto_set_params, add aes-NNN-cbc-none - - * lib/krb5/krb5.h: add KEYTYPE_AES192 - - * lib/krb5/pkinit.c: use krb5_crypto_get_params to implement - kcrypto RC2 support - - * lib/asn1/k5.asn1: add CMS symmetrical parameters here, enctype - rc2-cbc XXX RC2CBCParameter is wrong because the compiler is - broken - - * lib/krb5/krb5.h: add KEYTYPE_RC2 - - * lib/krb5/crypto.c: add partial CMS parameter handling, this is - needed for RC2 - - * lib/asn1/der_cmp.c: add heim_oid_cmp and heim_octet_string_cmp - - * lib/asn1/Makefile.am (libasn1_la_SOURCES) += der_cmp.c - - * lib/asn1/der.h: add heim_oid_cmp and heim_octet_string_cmp - - * lib/asn1/k5.asn1: add ETYPE_AESNNN_CBC_NONE - - * lib/asn1/k5.asn1: add CMS symmetrical parameters here, enctype - rc2-cbc, XXX RC2CBCParameter is wrong because the compiler is broken - -2004-04-26 Johan Danielsson - - * lib/krb5/config_file.c: allow parsing directly from strings with - krb5_config_parse_string_multi - - * lib/krb5/verify_krb5_conf.c: try to resolve hostnames - -2004-04-25 Johan Danielsson - - * lib/krb5/store_fd.c (krb5_storage_from_fd): dup the file - descriptor so we don't have to keep track of it in two places - - * kuser/copy_cred_cache.c: krb5_cc_copy_cache_match now lives in - libkrb5 - - * lib/krb5/krb5_{,compare_}creds.3: move krb5_compare_creds to its - own manpage - - * replace krb5_free_creds_contents by krb5_free_cred_contents - - * lib/krb5/cache.c: add krb5_cc_next_cred_match() and - krb5_cc_copy_cred_match() - - * lib/krb5/creds.c (krb5_compare_creds): add more matching options - - * lib/krb5/krb5.h: add more creds match flags - - * kuser/copy_cred_cache: add --valid-for option - - * lib/krb5/store.c (krb5_store_creds): set is_skey flag if length - of second ticket is > 0 - -2004-04-25 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: use the right oid for pkauthdata - - * lib/krb5/pkinit.c: always send both win2k compat version and the - ietf draft one, this is possible since microsoft use - wrong/diffrent PA number. Make the configuration flag boolean - configuring if NOT to send the win2k compat glue. - - * lib/krb5/krb5_encrypt.3: document krb5_{de,en}crypt_ivec - - * kuser/copy_cred_cache.1: pacify mdoclint - - * kdc/pkinit.c: use IV for envelopeddata encryption, patch - originally from Luke Howard , tweeked by me. - - * lib/krb5/krb5_storage.3: document - KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER - - * lib/krb5/krb5_data.3: document that krb5_data_free cleans the - structure too - - * lib/krb5/pkinit.c: use IV for envelopeddata encryption, patch - originally from Luke Howard , tweeked by me. - -2004-04-24 Johan Danielsson - - * kuser/copy_cred_cache.{c,1}: add cred cache copy tool - - * configure.in: use rk_SYS_LARGEFILE - - * lib/krb5/{krb5.h,store.c,fcache.c}: Fix the cache flags bitorder - issue with a storage flag instead of a separate function. - -2004-04-24 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: move out the oid check from get_reply_key - - * lib/krb5/pkinit.c: uniquify error messages - - * lib/krb5/init_creds_pw.c: make the pkinit nonce same os the - plain nonce for now - - * lib/krb5/pkinit.c: more w2k compat from Luke Howard - add RC2 support, clean up error messages - - * lib/krb5/pkinit.c: remove more dependency on - krb5_config->pkinit_flags - - * lib/krb5/pkinit.c (_krb5_pk_convert_rep): convert microsoft - style answer to IETF, From Luke Howard - (_krb5_pk_create_sign): ms handles NULL in param, so always send it - (_krb5_pk_mk_padata): look for [realms]REALM = { win2k_pkinit = bool } - - * lib/krb5/pkinit.c (_krb5_pk_create_sign): always set the - digestAlgorithm to sha1 (both for SignerInfo and SignedData, add - new function _set_digest_alg to set it - -2004-04-23 Love Hörnquist Åstrand - - * include/make_crypto.c: include rc2.h, and when I'm here, make - aes mandatory - - * lib/krb5/krb5.h: add ENCTYPE_ARCFOUR_HMAC as compat glue for MIT - kerberos - - * lib/krb5/crypto.c (krb5_crypto_init): clear return pointer on - failure - - * lib/krb5/crypto.c (DES3_random_to_key): make it produce the - right result - (DES3_postproc): use DES3_random_to_key - (krb5_random_to_key): check the required number of bits (not the size - of the key) - - * lib/krb5/aes-test.c: test random to key function - - * lib/krb5/string-to-key-test.c: comment out the "@"/"" test for - now - -2004-04-22 Love Hörnquist Åstrand - - * lib/krb5/krb5_string_to_key.3: document that - krb5_string_to_key_derived is broken for non 3des enctypes and - thus deprecated - - * kdc/pkinit.c (generate_dh_keyblock): use the new function - krb5_random_to_key - - * lib/krb5/crypto.c: add des and DES3 random_to_key hooks, they - need special processing - - * lib/krb5/crypto.c (krb5_random_to_key): new function - - * lib/krb5/krb5_keyblock.3: document krb5_random_to_key - -2004-04-21 Love Hörnquist Åstrand - - * kdc/pkinit.c: use the first proposed enable enctype - - * lib/krb5/context.c (krb5_set_default_in_tkt_etypes): use the - return from krb5_enctype_valid - - * kdc/pkinit.c: at least try to handle diffrent enveloped enctypes - -2004-04-21 Love Hörnquist Åstrand - - * lib/asn1/der_get.c: 1.28.2.16: (der_get_oid): handle all oid - components being smaller then 127 and allocate one extra element - since first byte is split to to elements. - -2004-04-20 Love Hörnquist Åstrand - - * lib/asn1/k5.asn1: ETYPE_DIGEST_MD5_NONE, ETYPE_CRAM_MD5_NONE: - private use, lukeh@padl.com - -2004-04-19 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c (build_auth_pack): use heim_integer to encode - DH public key - -2004-04-18 Love Hörnquist Åstrand - - * lib/krb5/krb5_init_context.3: add krb5_context to so its added - as manpage-link too - -2004-04-17 Love Hörnquist Åstrand - - * lib/krb5/fcache.c (fcc_remove_cred): simplistic implementation, - XXX add locking - - * kuser/kdestroy.c: add --credential argument that just remove one - credential entry out of the cache specified - - * kdc/pkinit.c: replace the krb5.conf configuration option that - describes the mapping between principals and subject names with a - file, default /var/heimdal/pki-mapping. XXX this should be pushed - into HDB. XXX should add issuer too - - * kdc/config.c: merge certificate/private_key to a user_id - -2004-04-16 Love Hörnquist Åstrand - - * kdc/kdc_locl.h: update prototype for pk_initialize - - * kuser/kinit.c: merge certificate/private_key to a user_id - - * kdc/pkinit.c: adapt to heim_integer changes - - * lib/krb5/pkinit.c: merge certificate/private_key to a user_id - - * kdc/pkinit.c: adapt to heim_integer changes, - merge certificate/private_key to a user_id - -2004-04-15 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: use KRB5_PADATA_PK_AS_REQ_WIN free X509_STORE - -2004-04-13 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am: define BUILD_KRB5_LIB when building - libkrb5.la, add KRB5_LIB_FUNCTION proto - - * lib/krb5/add_et_list.c: add KRB5_LIB_FUNCTION - - * configure.in: export KRB5_LIB_FUNCTION when building with - BUILD_KRB5_LIB - - * lib/krb5/ticket.c (krb5_ticket_get_authorization_data_type): add - error strings - - * lib/krb5/prompter_posix.c (krb5_prompter_posix): if some thing - is printed on stderr, fflush it - - * lib/krb5/krb5_keyblock.3: free functions also zeros out the key - - * lib/krb5/krb5_get_init_creds.3: some text about - krb5_prompter_posix - - * lib/krb5/krb5.conf.5: document hdb-ldap-structural-object - - * lib/krb5/cache.c: add krb5_cc_get_prefix_ops - - * lib/krb5/krb5_ccache.3: add krb5_cc_get_prefix_ops - -2004-04-05 Love Hörnquist Åstrand - - * appl/test/http_client.c: support GSS_C_DELEG_FLAG and - GSS_C_MUTUAL_FLAG - - * appl/test/http_client.c: verbose logging - -2004-04-02 Love Hörnquist Åstrand - - * kdc/connect.c: case size_t to unsigned long for LP64 platforms - -2004-04-01 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c (hdb_ldap_create): allow configuration of - default structural object - - * tools/Makefile.am: handle sed expression breaking - -2004-03-31 Love Hörnquist Åstrand - - * lib/krb5/krbhst.c: also lookup _kpasswd._tcp SRV-rr - - * lib/krb5/changepw.c: add tcp support to the set protocol, should - be cleaned up to enable sharing code with krb5_sendto - - * kpasswd/kpasswd.c (change_password): remove extra free - - * lib/krb5/krb5_acl_match_file.3: try to pacify mdoc macros on - osf/1 - -2004-03-30 Love Hörnquist Åstrand - - * lib/krb5/init_creds_pw.c (pa_data_add_pac_request): don't - increase md->len, krb5_padata_add already does that - - * lib/krb5/init_creds.c: its PAC not PAQ - - * kuser/kinit.c: its PAC not PAQ - - * kdc/kerberos4.c: stop the client from renewing tickets into the - future From: Jeffrey Hutzelman - -2004-03-29 Love Hörnquist Åstrand - - * configure.in: try to handle sys/strtty.h needing sys/stream.h - -2004-03-23 Love Hörnquist Åstrand - - * lib/krb5/send_to_kdc.c: remove function krb5_sendto_kdc2, its no - longer used - - * kdc/kerberos5.c: s/krb5_get_host_realm_int/_&/ - - * lib/krb5/get_host_realm.c: unexport krb5_get_host_realm_int to - external users by prefixing it with _ - - * lib/krb5/get_cred.c: s/krb5_mk_req_internal/_&/ - - * lib/krb5/mk_req_ext.c: unexport krb5_mk_req_internal to external - users by prefixing it with _ - -2004-03-22 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: add missing } - -2004-03-21 Love Hörnquist Åstrand - - * kdc/pkinit.c: adapt to change of signature of - _krb5_pk_load_openssl_id - - * lib/krb5/pkinit.c: (krb5_get_init_creds_opt_set_pkinit): add - prompter argument and use it - - * kuser/kinit.c: adapt to signature change of - krb5_get_init_creds_opt_set_pkinit - - * lib/krb5/krb5.3: add more stuff, 105 functions to go - - * lib/krb5/krb5_rcache.3: add krb5_get_server_rcache - - * lib/krb5/krb5_rcache.3: framework for replay cache manpage - - * lib/krb5/krb5_string_to_key.3: document string to key functions - - * lib/krb5/Makefile.am: man_MANS += krb5_expand_hostname.3 - krb5_find_padata.3 krb5_generate_random_block.3 - - * lib/krb5/krb5_encrypt.3: document krb5_get_wrapped_length - - * lib/krb5/krb5.3: add some more, 137 to go - - * lib/krb5/krb5_principal.3: document krb5_get_default_principal - - * lib/krb5/krb5_keyblock.3: document krb5_generate_subkey - - * lib/krb5/krb5_generate_random_block.3: document - krb5_generate_random_block - - * lib/krb5/krb5_find_padata.3: document padata functions - - * lib/krb5/krb5.3: add some more, 142 to go - - * lib/krb5/krb5_creds.3: drop .Pp before .Sh - - * lib/krb5/krb5_set_default_realm.3: document krb5_copy_host_realm - - * lib/krb5/krb5_expand_hostname.3: document krb5_expand_hostname - and krb5_expand_hostname_realms - - * lib/krb5/krb5.3: add more functions, 147 to go - - * lib/krb5/krb5_creds.3: document krb5_creds - - * lib/krb5/krb5_get_init_creds.3: add more functions, some more - text - - * lib/krb5/krb5_ticket.3: document - krb5_ticket_get_authorization_data_type - -2004-03-20 Love Hörnquist Åstrand - - * lib/krb5/aes-test.c: remove #if 0'ed code - - * lib/krb5/krb5.3: add keyblock functions, 177 functions to go - - * lib/krb5/krb5_verify_user.3: add krb5_verify_opt_set_ccache - - * lib/krb5/krb5_encrypt.3: document krb5_decrypt_ticket - - * lib/krb5/krb5_config.3: document krb5_config_free_strings and - krb5_config_file_free - - * lib/krb5/krb5_create_checksum.3: add krb5_hmac - - * lib/krb5/krb5.3: add keyblock functions, 190 functions to go - - * lib/krb5/krb5_keyblock.3: update .Dd - - * lib/krb5/krb5_keyblock.3: document krb5_copy_keyblock and - krb5_generate_random_keyblock - - * lib/krb5/krb5_init_context.3: add krb5_init_ets - - * lib/krb5/krb5_config.3: add more krb5_config_ functions and - prototypes - - * lib/krb5/krb5_init_context.3: document context modifcation - functions: address list, config file, use admin kdc, fcc version - - * lib/krb5/krb5_storage.3: document krb5_storage and related - functions - - * lib/krb5/Makefile.am: add acl and krb524_convert_creds_kdc - manpages and test_acl test program - - * lib/krb5/krb5.3: add error string functions and sort - - * lib/krb5/krb5_warn.3: document krb5_abort and error string - functions - - * lib/krb5/krb5.3: add missing functions, only 285 left to - document - - * lib/krb5/krb5_crypto_init.3: remove various enctype related - function - - * lib/krb5/krb5_encrypt.3: add various enctype related function - here - - * lib/krb5/krb5_create_checksum.3: add krb5_cksumtype_valid - krb5_cksumtype_valid - - * lib/krb5/crypto.c: real return values for - krb5_{enctype,cksumtype}_valid - - * lib/krb5/krb5_create_checksum.3: add some functions and - descriptions - - * lib/krb5/krb5_c_make_checksum.3: move out non krb5_c functions - - * lib/krb5/krb5_auth_context.3: document - krb5_auth_con_generatelocalsubkey - - * lib/krb5/krb5_krbhst_init.3: document krb5_krbhst_init_flags - - * lib/krb5/krb5_keytab.3: document krb5_kt_default_modify_name - - * lib/krb5/krb5_init_context.3: document krb5_add_et_list - - * lib/krb5/krb524_convert_creds_kdc.3: document - krb524_convert_creds_kdc, krb524_convert_creds_kdc_ccache - - * lib/krb5/krb5_acl_match_file.3: document krb5_acl_match_* - - * lib/krb5/test_acl.c: test for generic acl code - - * lib/krb5/acl.c: plug memory leak on file matching, - make it not fall over when no non matching acl, - make fnmatch matching useful by switching arguments - -2004-03-19 Love Hörnquist Åstrand - - * kdc/config.c: add --builtin-hdb command - - * lib/hdb/hdb.c (hdb_list_builtin): return a list of builtin - backends - - * doc/setup.texi: include Luke Howard of PADL.COM ldap hdb - documentation - - * doc/win2k.texi: fix bugs in examples, add more restrictions, use - example.com as an example. From: Pavel Ferdan - - -2004-03-18 Johan Danielsson - - * lib/krb5/krb5.conf.5: add a bunch of Li and document [kadmin] - password_lifetime; from Henry B. Hotz - -2004-03-14 Love Hörnquist Åstrand - - * lib/krb5/mk_rep.c (krb5_mk_rep): if KRB5_AUTH_CONTEXT_USE_SUBKEY - is set send subkey - (generate if needed) - - * lib/krb5/krb5.h: add KRB5_AUTH_CONTEXT_USE_SUBKEY - -2004-03-14 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c: clean up error handling, plug memory leaks, - and free memory in error path, assume realloc(NULL, ...) works, - factor out common code, indent - -2004-03-12 Love Hörnquist Åstrand - - * lib/krb5/verify_krb5_conf.c: understand [password_quality] - spelling - - * kuser/kgetcred.1: document --canonicalize - - * kuser/kgetcred.c: add --canonicalize - -2004-03-10 Love Hörnquist Åstrand - - * lib/krb5/fcache.c (fcc_store_cred): NULL terminate - krb5_config_get_bool_default' arglist - -2004-03-09 Love Hörnquist Åstrand - - * kdc/kerberos5.c: add missing req argument to pk_mk_pa_reply - - * kdc/pkinit.c (pk_mk_pa_reply): add hdb_entry - - * kdc/pkinit.c: pass client hdb_entry to pk_check_client - - * kdc/kdc_locl.h: pass client hdb_entry to pk_check_client - - * kuser/kinit.c: rename ca_dir to pkinit/x509_anchors since its - more like that language in RFC3280 - - * lib/krb5/pkinit.c: rename ca_dir to pkinit/x509_anchors since - its more like that language in RFC3280 - - * lib/krb5/krb5.conf.5: document - [libdefaults]fcc-mit-ticketflags=boolean - - * lib/krb5/fcache.c (fcc_store_cred): use - [libdefaults]fcc-mit-ticketflags=boolean to decide what format to - write the fcc in. Default to mit version (aka heimdal 0.7) - - * lib/krb5/store.c: add _krb5_store_creds_heimdal_0_7 and - _krb5_store_creds_heimdal_pre_0_7 that store the creds in just - that format make krb5_store_creds default to mit format - - * lib/krb5/store.c (krb5_ret_creds): Runtime detect the what is - the higher bits of the bitfield - -2004-03-08 Love Hörnquist Åstrand - - * lib/krb5/store.c (krb5_store_creds): add disabled code that - store the ticket flags in reverse order - (bitswap32): new function - - * lib/krb5/store.c (krb5_ret_creds): if the higher ticket flags - are set, its a mit cache, reverse the bits, bug pointed out by - Sergio Gelato - -2004-03-07 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c: use macro for HDB * -> LDAP * - - * kuser/kinit.c: when running kinit with a subprocess, fetch new - tickets after half the tickets lifetime - - * lib/hdb/hdb.c: spelling - - * lib/hdb/hdb-ldap.c: Intergrate Heimdal's hdb-ldap and the Samba - password database. From: Andrew Bartlett - - * kdc/config.c: add --disable-DES - - * kdc/kdc.8: document --detach and --disable-DES - - * kdc/kerberos5.c: check if enctype is disabled before using it - - * lib/krb5/crypto.c: add support for disabling checksum/encryption - types - - * tools/kdc-log-analyze.pl: add more cases - - * kdc/connect.c: on strange tcp error; log local port number and - socket type - - * lib/asn1/der.h: fix prototype of encode_utf8string - - * lib/asn1/gen.c: catch CHOICE and generate dummy placeholder - - * lib/asn1/lex.l: added dummy parsing of CHOICE - - * lib/asn1/parse.y: added dummy parsing of CHOICE - - * lib/asn1/k5.asn1: drop SMTP_NAME - -2004-03-06 Love Hörnquist Åstrand - - * lib/hdb/Makefile.am: support building ldap backend as module - sort asn1 hdb files - - * lib/hdb/hdb.c: when building ldap as a shared module, don't - include it in the list - - * configure.in: add --enable-hdb-openldap-module - - * lib/hdb/hdb-ldap.c: make ldap possible to build as a shared - module - - * lib/hdb/mkey.c: add hdb_{,un}seal_key{,_mkey} from Andrew - Bartlett - - * lib/krb5/crypto.c (decrypt_internal_special): do not not modify - the original data test case from Ronnie Sahlberg - - -2004-03-03 Love Hörnquist Åstrand - - * lib/krb5/test_cc.c: more cc tests, mostly related to mcc - behavior - - * lib/krb5/mcache.c (mcc_get_principal): also check for - primary_principal == NULL now that that isn't used as dead flag - - * lib/krb5/mcache.c: don't overload the primary_principal == NULL - as dead since that doesn't always work. Based on patch from - Jeffrey Hutzelman , tweeked by me - -2004-02-22 Love Hörnquist Åstrand - - * kdc/pkinit.c: adapt to rename of oid_cmp to heim_oid_cmp - - * lib/krb5/pkinit.c: adapt to rename of oid_cmp to heim_oid_cmp - - * lib/hdb/db3.c: fix all db >= 4.1 cases - - * doc/setup.texi: add text about hostname to realm mapping using - DNS - -2004-02-20 Love Hörnquist Åstrand - - * kdc/pkinit.c: update error codes - - * lib/krb5/krb5_err.et: prefix pkinit error codes with KRB5_ - - * lib/krb5/pkinit.c: update error codes - -2004-02-19 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: indent, use krb5_abortx() instead of abort() - - * lib/krb5/init_creds_pw.c (process_pa_data_to_key): spelling - - * lib/krb5/store.c: handle memory allocate errors - - * lib/krb5/fcache.c (_krb5_xlock): handle that everything was ok, - and don't put an error in the error strings then - -2004-02-13 Love Hörnquist Åstrand - - * kdc/pkinit.c: s/heim_big_integer/heim_integer/ - - * lib/krb5/pkinit.c: s/heim_big_integer/heim_integer/ - - * kdc/pkinit.c: adapt to asn1 bignum code, use HEIM_PKINIT errors - - * lib/krb5/pkinit.c: adapt to asn1 bignum code, use HEIM_PKINIT - errors - - * lib/krb5/heim_err.et: add HEIM_PKINIT specific errors - -2004-02-12 Love Hörnquist Åstrand - - * configure.in: rename AC_WFLAGS to rk_WFLAGS - - * acinclude.m4: use m4_define, over-quote string - -2004-02-11 Love Hörnquist Åstrand - - * lib/krb5/init_creds_pw.c (change_password): handle that - printf("%.*s", 0, (void*)NULL); doesn't work on solaris - -2004-02-10 Love Hörnquist Åstrand - - * kpasswd/kpasswd.c (change_password): handle that printf("%.*s", - 0, (void*)NULL); doesn't work on solaris - - * lib/krb5/krb5.conf.5: don't use path's in first .Nm, it confuses - some locate.updatedb, use FILES section to describe where the file - is instead. - -2004-02-07 Love Hörnquist Åstrand - - * lib/asn1/check-der.c: test for "der_length.c: Fix len_unsigned - for certain negative integers, it got the length wrong" , from - Panasas, Inc. - - * lib/asn1/der_length.c: Fix len_unsigned for certain negative - integers, it got the length wrong, fix from Panasas, Inc. - - rename len_int and len_unsigned to _heim_\& - - * lib/asn1/der_locl.h: add _heim_len_unsigned, _heim_len_int - -2004-02-06 Dave Love - - * configure.in: Check for sys/socket.h, net/if.h. Modify term.h, - security/pam_appl.h tests. - -2004-02-03 Love Hörnquist Åstrand - - * lib/asn1/check-gen.c: test for: (length_type): TSequenceOf: add - up the size of all the elements, don't use just the size of the - last element. - - * lib/krb5/aes-test.c: add "next iv" test for aes128, check - decryption case too - - * lib/krb5/crypto.c (_krb5_aes_cts_encrypt): out iv is the iv of - the next to last block, fix decryption case too - - * lib/krb5/aes-test.c: add "next iv" test for aes128 - - * lib/krb5/crypto.c (_krb5_aes_cts_encrypt): out iv is the iv of - the next to last block - - * lib/krb5/mk_rep.c (krb5_mk_rep): abort on internal asn1 encode - error - - * lib/krb5/mk_rep.c (krb5_mk_rep): abort on internal asn1 encode - error - - * lib/krb5/get_in_tkt.c (krb5_get_in_cred): abort on internal asn1 - encode error - - * lib/krb5/mk_priv.c (krb5_mk_priv): abort on internal asn1 encode - error - - * lib/krb5/get_cred.c (make_pa_tgs_req): abort on internal asn1 - encode error - - * lib/krb5/build_auth.c (krb5_build_authenticator): abort on - internal asn1 encode error - - * lib/krb5/build_ap_req.c (krb5_build_ap_req): abort on internal - asn1 encode error - -2004-01-30 Love Hörnquist Åstrand - - * doc/setup.texi: some text about order of [capaths] realms - -2004-01-25 Love Hörnquist Åstrand - - * lib/krb5/context.c: register WRFILE ops - - * lib/krb5/keytab_file.c: add krb5_wrfkt_ops/WRFILE (same as FILE) - - * lib/krb5/krb5.h: add krb5_wrfkt_ops - - * kpasswd/kpasswdd.c (change): use the right password when - changing the password - -2004-01-21 Love Hörnquist Åstrand - - * lib/krb5/fcache.c (_krb5_xlock): catch EINVAL and assume that it - means that the filesystem doesn't support locking - - * lib/krb5/keytab.c: remove #if 0 out file locking code - -2004-01-19 Love Hörnquist Åstrand - - * lib/asn1/gen_length.c (length_type): TSequenceOf: add up the - size of all the elements, don't use just the size of the last - element. - -2004-01-13 Love Hörnquist Åstrand - - * kuser/kinit.c (renew_validate): if renewable_flag and not time - specifed, use "1 month" - -2004-01-08 Love Hörnquist Åstrand - - * lib/krb5/krb5_keyblock.3: add prototypes, describe - krb5_keyblock_zero - -2004-01-05 Love Hörnquist Åstrand - - * lib/krb5/get_for_creds.c (add_addrs): don't add same address - multiple times - - * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): try to - handle errors better for previous commit - - * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): If tickets - are address-less, forward address-less tickets. - - * lib/krb5/get_cred.c: rename get_krbtgt to _krb5_get_krbtgt and - export it - diff --git a/crypto/heimdal/ChangeLog.2005 b/crypto/heimdal/ChangeLog.2005 deleted file mode 100644 index 8c84b1c5c385..000000000000 --- a/crypto/heimdal/ChangeLog.2005 +++ /dev/null @@ -1,2004 +0,0 @@ -2005-12-15 Love Hörnquist Åstrand - - * kdc/kerberos5.c (tgs_make_reply): less const on hdb_entry_ex to - make samba happy - - * fix-export: Build kdc-private.h. - -2005-12-14 Love Hörnquist Åstrand - - * kdc/kerberos5.c (tgs_rep2): also print the principal for which - the enctype was missing - -2005-12-13 Love Hörnquist Åstrand - - * kdc/kaserver.c: Finish up transition from hdb_entry to - hdb_entry_ex. - - * kdc/kerberos4.c: Finish up transition from hdb_entry to - hdb_entry_ex. - - * kdc/524.c: Finish up transition from hdb_entry to hdb_entry_ex. - - * kdc/kerberos5.c: Finish up transition from hdb_entry with - hdb_entry_ex. - - * lib/krb5/cache.c (krb5_cc_set_default_name): use - KRB5_DEFAULT_CCNAME. - - * lib/krb5/krb5_locl.h: Add KRB5_DEFAULT_CCNAME, pointer to - default credential cache. - - * lib/hdb/ndbm.c: memset hdb_entry_ex before use - - * lib/hdb/db3.c: memset hdb_entry_ex before use - - * lib/hdb/db.c: memset hdb_entry_ex before use - -2005-12-12 Love Hörnquist Åstrand - - * lib/krb5/krb5.3: Add some more entrypoints. - - * lib/krb5/changepw.c: If there is a target principal, use the - realm of the realm to change the password with, - - * kuser/kinit.c: Default to use DH when fetching keys. - - * lib/hdb, kdc, kadmin/load.c: Wrap hdb_entry with hdb_entry_ex, patch - originally from Andrew Bartlet - - * lib/hdb/hdb-ldap.c: Wrap hdb_entry with hdb_entry_ex, add url - support, add ldapi support. - - * kdc/kerberos5.c (tgs_make_reply): there are no such things a - keytypes any more, just use enctypes. - - * kdc/kdc_locl.h: Remove private prototypes and instead include - . - - * kdc/Makefile.am: Build kdc-private.h and depend on it. - - * kdc/config.c (configure): wrap line - - * doc/kerberos4.texi: KDC 4 support is always compiled in. - - * TODO: Remove some stuff that have been done. - - * Makefile.am: Split long line - - * doc/apps.texi: Spelling, From Måns Nilsson. - - * doc/install.texi: spelling, From Måns Nilsson - -2005-12-11 Love Hörnquist Åstrand - - * lib/krb5/krb5_principal.3: Constify principal argument to on - krb5_principal_get_ functions. - - * lib/krb5/principal.c: Constify principal argument to on - krb5_principal_get_ functions. - -2005-12-08 Love Hörnquist Åstrand - - * lib/hdb: drop convert_db, 0.0 to 0.1 transition was a long long - time ago - -2005-12-05 Love Hörnquist Åstrand - - * lib/krb5/test_keytab.c: more tests, From Andrew Bartlet - - * lib/krb5/keytab_memory.c (mkt_remove_entry): realloc can return - NULL on success in the case 0 entries are allocated, From Andrew - Bartlet - -2005-12-02 Love Hörnquist Åstrand - - * lib/krb5/acl.c (acl_parse_format): tmp needs to be freed too on - failure to parse format specifier. - - * lib/krb5/store-test.c: Free more of the allocated memory. - - * lib/krb5/crypto.c (krb5_derive_key): Free more of the allocated - memory, this function is only used by the test program. - - * lib/krb5/parse-name-test.c: Free more of the allocated memory. - - * lib/krb5/derived-key-test.c: Free more of the allocated memory. - -2005-12-01 Love Hörnquist Åstrand - - * doc/setup.texi: spelling, From Måns Nilsson - - * lib/krb5/krb5_keytab.3: Memory keytab are now named and - refcounted. - - * lib/krb5/test_keytab.c: Test that memory keytab are refcounted. - - * lib/krb5/keytab_memory.c: Index by name and start reference - counting on entries. - -2005-11-30 Love Hörnquist Åstrand - - * lib/krb5/krb5.h (krb5_address_type): add - KRB5_ADDRESS_NETBIOS (20) - - * lib/hdb/hdb.c (find_method): accept relative paths as old db - format too. - - * lib/krb5/aes-test.c: Remove usage of krb5_enctype_to_keytype. - -2005-11-29 Dave Love - - * kcm/connect.c (kcm_loop): Use HAVE_DOOR_CREATE, not HAVE_DOORS. - -2005-11-29 Love Hörnquist Åstrand - - * lib/krb5/verify_krb5_conf.c (libdefaults_entries): add - default_cc_name - - * lib/hdb/hdb.c: Only match db databases on filename starting with - '/'. - - * lib/krb5/rd_req.c (krb5_verify_ap_re2): check timestamp in - authenticator - - * lib/krb5/rd_req.c (check_transited): explain the TR-type 0 - better and why it matters. - - * lib/krb5/test_cc.c: test krb5_cc_get_prefix_ops - - * lib/krb5/cache.c (krb5_cc_get_prefix_ops): change the behavior - to return NULL when its not found, and fcc when the name starts - with a '/'. Almost matches behavior in other parts of the code, - but can't really do that since the name passed in to this function - may only contain the prefix itself without the colon. - - * lib/krb5/cache.c (krb5_cc_get_prefix_ops): if there are not - colon (:) in the name, its a file credential cache - - * lib/hdb/db3.c (hdb_db_create): use calloc to callocate memory - - * lib/hdb/ndbm.c (hdb_ndbm_create): use calloc to allocate memory - - * lib/hdb/db.c (hdb_db_create): use calloc to allocate memory - -2005-11-28 Love Hörnquist Åstrand - - * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): use session - key for delegated credentials - - * kdc/kerberos5.c (_kdc_as_rep): add comment when we send - ETYPE-INFO and ETYPE-INFO2, from Andrew Bartlett - -2005-11-25 Love Hörnquist Åstrand - - * lib/krb5/keytab.c (krb5_kt_get_full_name): new function - -2005-11-24 Love Hörnquist Åstrand - - * lib/krb5/test_crypto.c: Split encryption and s2k iterations to - diffrent counters, 38seconds of aes256 s2k is way too long. - - * lib/krb5/test_crypto.c: Add timing code for s2k function. - -2005-11-07 Love Hörnquist Åstrand - - * kdc/kerberos5.c: Print the time the principal expired, based on - patch from Andrew Bartlett. - -2005-11-01 Love Hörnquist Åstrand - - * lib/krb5/cache.c (krb5_cc_get_full_name): Add - -2005-11-01 Love Hörnquist Åstrand - - * configure.in: Spelling, From Michael Banck - -2005-10-30 Love Hörnquist Åstrand - - * kcm/headers.h: Maybe include . - -2005-10-27 Love Hörnquist Åstrand - - * lib/krb5/ticket.c (krb5_ticket_get_authorization_data_type): - understand KRB5_AUTHDATA_IF_RELEVANT and KRB5_AUTHDATA_AND_OR (but - have KRB5_AUTHDATA_KDC_ISSUED commented out for now) - -2005-10-26 Love Hörnquist Åstrand - - * kuser/klist.c: In the list caches view, rename the Status field - to Expires. - - * lib/krb5/krb5_encrypt.3: Fix mdoc for - krb5_encrypt_EncryptedData, Johnny Lam - -2005-10-25 Love Hörnquist Åstrand - - * appl/test/gssapi_client.c: Check return value from asprintf - instead of string != NULL since it undefined behavior on - Linux. From Björn Sandell - -2005-10-21 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c (_krb5_dh_group_ok): if not enough bits are - generated from the DH groups, fail. - - * kdc/pkinit.c (get_dh_param): Pass down config so this function - can check pkinit_dh_min_bits - - * kdc/config.c: Fill in pkinit_dh_min_bits from configuration - file. - - * kdc/kdc.h: Add pkinit_dh_min_bits to krb5_kdc_configuration. - -2005-10-20 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: Add option to require binding between reply - and response for the win2k version of the protocol. - -2005-10-19 Love Hörnquist Åstrand - - * doc/programming.texi: Text about Kerberos errors. - - * lib/krb5/pkinit.c: Try both ReplyKey and ReplyKey-Win2k for the - Windows case to support the updated -09 protocol (using - asChecksum). Tell KDC we support this by sending - KRB5-PADATA-PK-AS-09-BINDING in the pa-data. - - * lib/krb5/test_cc.c: Test copy FILE -> FILE, and MEMORY -> MEMORY - too. - - * lib/krb5/test_cc.c: Test krb5_cc_copy_cache and - krb5_cc_cache_match. - - * lib/krb5/cache.c (krb5_cc_cache_match): add function that - iterates over all credential caches for a user and returns a - match. - - * lib/krb5/krb5_ccache.3: Add krb5_cc_start_seq_get and an - example. - -2005-10-18 Love Hörnquist Åstrand - - * doc/programming.texi: Try to explain krb5_ccache, krb5_principal - and errors. - -2005-10-13 Love Hörnquist Åstrand - - * lib/krb5/krb5_get_credentials.3: Add example how to use - krb5_get_credentials. - -2005-10-12 Love Hörnquist Åstrand - - * lib/krb5/init_creds.c: Rename private to opt_private. - - * lib/krb5/init_creds_pw.c: Rename private to opt_private. - - * lib/krb5/pkinit.c: rename element private to opt_private to make - c++ picky compilers less upset. - - * lib/krb5/krb5.h (krb5_get_init_creds_opt): rename element - private to opt_private to make c++ picky compilers less upset. - -2005-10-08 Love Hörnquist Åstrand - - * lib/krb5/krbhst.c (_krb5_krbhost_info_move): new function - (_krb5_free_krbhst_info): expose to internal use - - * lib/krb5/init_creds_pw.c: Prepare to pass down a - krb5_krbhst_info into the pre-auth mechs - - * lib/krb5/pkinit.c: Inline short functions, share more code, - rename COMPAT_27 to COMPAT_IETF, pass down a krb5_krbhst_info for - verification of KDC info, and general cleaning up. - -2005-10-07 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am: Install krb5.moduli in sysconfdir. - - * lib/krb5/krb5_locl.h: rename moduli file to SYSCONFDIR - "/krb5.moduli" - - * lib/krb5/krb5_locl.h: Add forward declaration for - krb5_dh_moduli. Add define for MODULI_FILE. - - * kdc/pkinit.c: Removing PK-INIT-19 support. - - * lib/krb5/pkinit.c: Removing PK-INIT-19 support. - - * lib/krb5/pkinit.c (_krb5_dh_group_ok): return DH group name on - success. - (krb5_get_init_creds_opt_set_pkinit): use moduli file if it exists - - * kdc/pkinit.c: Save DH group name and print it on success. - - * lib/krb5/pkinit.c (_krb5_dh_group_ok): if q is zero, ignore it. - - * kdc/pkinit.c: Check dh group parameters from client. - - * lib/krb5/krb5_err.et: Match error code with pk-init-27. - - * lib/krb5/pkinit.c: Update error codes. Add name to group. Change - return value of _krb5_dh_group_ok. - - * lib/krb5/pkinit.c: Add support for reading a moduli-file for DH - parameters. - -2005-10-06 Love Hörnquist Åstrand - - * kuser/klist.1: Document --list-caches - - * kuser/klist.c: Change short flag of --list-caches to -l (-v is - already used). - -2005-10-03 Love Hörnquist Åstrand - - * lib/krb5/kerberos.8: RFC 1510 was obsoleted by 4120. - - * lib/krb5/acache.c (init_ccapi): return kerberos errors, callers - expect it - (acc_get_cache_first): don't leak memory or abort on malloc - failure - -2005-10-02 Love Hörnquist Åstrand - - * lib/krb5/kerberos.8: Update text about Kerberos RFC's. - -2005-10-01 Love Hörnquist Åstrand - - * kuser/klist.c: Add option --list-caches that lists the avaible - caches and their status. - - $ klist --list-caches - Principal Cache name Status - lha@E.KTH.SE 2 Valid - lha@SU.SE 1 Expired - lha/root@SU.SE 0 Expired - lha@N.L.NXS.SE Initial default ccache Expired - -2005-09-30 Love Hörnquist Åstrand - - * lib/krb5/keytab_keyfile.c: Use all DES keys, not just - des-cbc-md5, verify that they all are the same. - - * lib/krb5/mcache.c Implement the cache iteration functions. - - * lib/krb5/acache.c: Implement the cache iteration functions. - - * lib/krb5/test_cc.c: Test the new cache iteration functions. - - * lib/krb5/cache.c: Add cache iteration funcations. Add internal - allocation function for the memory of a krb5_ccache, and use it. - - * lib/krb5/krb5.h (krb5_cc_ops): add cache iteration functions - -2005-09-25 Love Hörnquist Åstrand - - * lib/krb5/krb5_mk_req.3: Remove leftovers, remove extra space. - - * kdc/kerberos5.c: More verbose PK-INIT logging. - - * kdc/pkinit.c: The public DH key is encoded as an INTEGER in - subjectPublicKey. Don't verify OID's for now. - - * lib/krb5/pkinit.c: Support cached DH variable (still need to - store it though), don't check the oid of the DH signedData for - now. - -2005-09-22 Love Hörnquist Åstrand - - * lib/krb5/rd_cred.c (krb5_rd_cred): try both the session key and - the sender subkey. Both RFC1510 and RFC4120 say that you have to - use the session key, Heimdal uses subkey. - -2005-09-21 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: Don't check oid's too closely, they change in - Windows Vista. - -2005-09-20 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: Disable sending -19, fix parsing -27 of the - protocol. - - * kdc/pkinit.c: Support PK-INIT-27 DH (and remove -19) - - * lib/krb5/pkinit.c (pk_verify_chain_standard): set cert to NULL - to make sure its not freed. - -2005-09-19 Love Hörnquist Åstrand - - * lib/krb5/crypto.c (krb5_DES_string_to_key): If the opaque length - it set to 1, and content is 0x01, use the afs3 string-to-key. - - * kdc/kerberos5.c (make_etype_info2_entry): When its a afs3-salted - key, use send the opaque, length 1 (with content set to 0x01) in - ETYPE-INFO2-ENTRY. - - * lib/krb5/kcm.c: Remove signedness warnings. - -2005-09-15 Love Hörnquist Åstrand - - * configure.in: Use libtool's default values for building - shared/static libaries, ie remove AC_ENABLE_SHARED(no), solves - building problems users have on Mac OS X. - -2005-09-08 Love Hörnquist Åstrand - - * lib/krb5/changepw.c: Constify password. - -2005-09-05 Love Hörnquist Åstrand - - * lib/krb5/krb5_mk_req.3: Document krb5_rd_req. - - * lib/krb5/Makefile.am: MAN_mans+= krb5_mk_req.3 - - * lib/krb5/krb5_mk_req.3: Document krb5_mk_req, krb5_mk_req_exact, - krb5_mk_req_extended, krb5_rd_req, krb5_rd_req_with_keyblock, - krb5_mk_rep, krb5_mk_rep_exact, krb5_mk_rep_extended, krb5_rd_rep, - krb5_build_ap_req, krb5_verify_ap_req. - -2005-09-01 Love Hörnquist Åstrand - - * kdc/kerberos5.c (make_etype_info_entry): Dont send salttype at - all, use KRB5-PADATA-AFS3-SALT - -2005-08-31 Love Hörnquist Åstrand - - * kdc/kerberos5.c (log_timestamp): endtime, not endtype - -2005-08-30 Love Hörnquist Åstrand - - * configure.in: Check for . - - * kcm/connect.c (update_client_creds): in case there is no - UCRED_VERSION, skip LOCAL_PEERCRED - - * kcm/headers.h: include - -2005-08-27 Love Hörnquist Åstrand - - * lib/krb5/rd_req.c (check_transited): Allow empty content of type - 0 because that is was Microsoft generates in their TGT. - - * kdc/kerberos5.c (fix_transited_encoding): Allow empty content of - type 0 because that is was Microsoft enerates in their TGT. - -2005-08-26 Love Hörnquist Åstrand - - * doc/intro.texi: RFC 4120 replaces RFC 1510 - -2005-08-25 Love Hörnquist Åstrand - - * configure.in: Add --disable-afs-support. - -2005-08-23 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am: Add test_hostname to check_PROGRAMS but - not TESTS, I have no same dns to use. - - * lib/krb5/test_hostname.c: Testprogram for krb5_expand_hostname() - and krb5_expand_hostname_realms(). - - * configure.in: Build KCM if we have doors or unix sockets. - - * lib/krb5/principal.c (krb5_425_conv_principal_ex2): Remove - shadowing variable. - - * lib/krb5/get_host_realm.c (dns_find_realm): Fix const warnings, - plug memory leak. From: Stefan Metzmacher - - * lib/krb5/krb5_config.3: Document what happens with NULL to - krb5_config_free_strings - (nothing). Mdoc nit. - -2005-08-22 Love Hörnquist Åstrand - - * kuser/klist.c (check_for_tgt): Re-order code so it only free the - credential if one was returned. - - * lib/krb5/test_crypto_wrapping.c: Fix printing of size_t. - -2005-08-19 Love Hörnquist Åstrand - - * lib/hdb/dbinfo.c: provide interface to find databases - - * lib/hdb/mkey.c: hdb_seal_key_mkey): dont double encrypt keys - -2005-08-15 Love Hörnquist Åstrand - - * kdc/kdc_locl.h: Update prototype for _kdc_pk_mk_pa_reply. - -2005-08-13 Love Hörnquist Åstrand - - * lib/krb5/init_creds_pw.c: Save the request buffer so that - pre-auth mechanism that needs it can verify the reply. - -2005-08-12 Love Hörnquist Åstrand - - * lib/krb5/test_mem.c: Rename logf to avoid shadowing. - - * lib/krb5/krb5_keytab.3: Fix the version number for - fcc-mit-ticketflags. - - * lib/krb5/fcache.c: Revert previous, I was confused. - - * lib/krb5/krb5_keytab.3: Document fcc-mit-ticketflags in - COMPATIBILITY section. - - * lib/krb5/fcache.c (fcc_store_cred): default to MIT style ticket - flags. - - * kdc/pkinit.c (pk_mk_pa_reply_enckey): add missing break; - - * lib/krb5/krb5_create_checksum.3: Update prototype for - krb5_create_checksum. - - * kdc/pkinit.c: Make compile. - - * lib/krb5/pkinit.c: Implement verification of asChecksum, now - client side code is using -27 of the pk-init draft. - - * kdc/kdc_locl.h: update prototype for _kdc_as_rep - - * kdc/pkinit.c: Fill in asChecksum, we now implements -27 in the KDC. - - * kdc/process.c: Pass down the request buffer to _kdc_as_rep(). - - * kdc/kerberos5.c (_kdc_as_rep): Pass down the request buffer to - _kdc_pk_mk_pa_reply. - -2005-08-11 Love Hörnquist Åstrand - - * lib/hdb/ext.c: HDB extensions access glue. - - * kcm/acquire.c: Use krb5_set_password instead of - krb5_change_password. - - * configure.in: Add tests/Makefile and tests/db/Makefile. - - * NEWS: New ASN.1 compiler - - * lib/hdb/Makefile.am: Build extensions. - - * lib/hdb/print.c: Print extensions. - - * lib/hdb/hdb_err.et: Add error "Entry contains unknown mandatory - extension". - - * lib/hdb/hdb.h: Update interface version (and indent). - - * lib/hdb/hdb.asn1: Add support for HDB-extension. - -2005-08-10 Love Hörnquist Åstrand - - * lib/krb5/test_pkinit_dh2key.c: add tests vectors from - "Liqiang(Larry) Zhu" - - * lib/hdb/mkey.c: Expose the crypto operations on the master key. - - * lib/krb5/test_pkinit_dh2key.c: even more bits, not done yet - -2005-08-09 Love Hörnquist Åstrand - - * kdc/kerberos5.c (_kdc_as_rep): preserve the error code in the - ENC-TS case. From: Andrew Bartlett - - * kdc/kerberos5.c (tgs_rep2): only needs to log "Failed to verify - authenticator" once, its already done by - tgs_check_authenticator(). - - * kdc/kerberos5.c: Indent strings. - - * kdc/kerberos5.c (log_timestamp): avoid shadow warnings From: - Andrew Bartlett - - * lib/krb5/verify_user.c: Add krb5_verify_opt_alloc and - krb5_verify_opt_free. - - * lib/krb5/krb5_verify_user.3: Document krb5_verify_opt_alloc and - krb5_verify_opt_free. - - * lib/hdb/db3.c (DB_open): catch errors from the d->open calls - instead of letting them slip though to d->cursor. Bug repport from - Andrew Bartlett - -2005-07-29 Love Hörnquist Åstrand - - * kdc/Makefile.am (kdc_LDADD): add LDADD - -2005-07-28 Love Hörnquist Åstrand - - * kdc/kerberos5.c (_kdc_as_rep): log what enctypes was using in - ENC-TS preauth, both for failure and success. - - * kdc/hprop.c: Use the _krb5_krb_life_to_time function from - libkrb5 instead of including our own here too. - - * kdc/kerberos5.c: indent printf strings - - * lib/hdb/mkey.c (hdb_unseal_key_mkey): try to unseal key with - keyusage 0 in case the key was encrypted with MIT Kerberos (old - patch from Johan) - -2005-07-26 Love Hörnquist Åstrand - - * kdc/pkinit.c: update to pkinit-27 - -2005-07-23 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: Adapt to IMPLICIT changes in CMS module. - -2005-07-20 Love Hörnquist Åstrand - - * lib/krb5/test_pkinit_dh2key.c: framework for testing - _krb5_pk_octetstring2key - - * kpasswd/kpasswdd.c (doit): krb5_addr2sockaddr takes a - krb5_socklen_t - - * kdc/connect.c (de_http): sscanf takes a char *, not unsigned - ditto, cast approriately - - * lib/krb5/crypto.c (_krb5_pk_octetstring2key): make sha1 output - unsigned char to match openssl - -2005-07-14 Love Hörnquist Åstrand - - * lib/hdb/common.c: Check encoder lengths from ASN1_MALLOC_ENCODE. - -2005-07-13 Love Hörnquist Åstrand - - * lib/krb5/rd_cred.c (krb5_rd_cred): don't leak memory - - * lib/krb5/get_cred.c (krb5_get_credentials_with_flags): only call - krb5_cc_retrieve_cred once, and plug memory leak. - -2005-07-13 Love Hörnquist Åstrand - - * lib/hdb/Makefile.am: the new asn.1 compiler includes the modules - name in the depend file - - * lib/krb5/keytab_file.c (fkt_start_seq_get_int): check return - value from krb5_storage_from_fd - - * lib/krb5/pkinit.c (pk_rd_pa_reply_dh): client do not contribute - to the DH when the server doesn't support the cached DH request. - - * lib/krb5/crypto.c (_krb5_pk_octetstring2key): fix arguments - -2005-07-12 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: clean up pk-init DH support, not finished - yet; improve error reporting - - * lib/krb5/crypto.c (_krb5_pk_octetstring2key): string2key - function used in pk-init-25 - - * configure.in: Use a configure switch to turn on PK-INIT, not by - detecting existence of the new ASN.1 library. - - * lib/asn1: Much improved ASN.1 compiler from joda-choice-branch. - - Highlighs for the compiler is support for CHOICE and in general better - support for tags. This compiler support most of what is needed for - PK-INIT, LDAP, X.509, PKCS-12 and many other protocols. - -2005-07-10 Love Hörnquist Åstrand - - * lib/asn1: make scope variables unique to avoid shadow warnings - -2005-07-09 Love Hörnquist Åstrand - - * lib/krb5/krb5.h: comment out paramenter name in typedef - functions to avoid shadow warnings - - * lib/krb5/crypto.c: make input data to krb5_encrypt{,_ivec} const - - * kuser/klist.c: If there are no addresses, print addressless - instead of nothing. - - * lib/krb5/Makefile.am (TESTS): add test_crypto_wrapping - - * lib/krb5/crypto.c (wrapped_length): the underived encrypted - types checksum are all unkeyed (matches the code in - encrypt_internal() and encrypt_internal_special()) - - * lib/krb5/test_crypto_wrapping.c: ETYPE_ARCFOUR_HMAC_MD5_56 isn't - not supported - - * lib/krb5/test_crypto_wrapping.c: test encryption wrapping - - * lib/krb5/test_crypto.c (time_encryption): free cleartext buffer - -2005-07-08 Love Hörnquist Åstrand - - * configure.in: run AM_INIT_AUTOMAKE before AM_PROG_CC_C_O - otherwise am_aux_dir will be expanded using ac_aux_dir before the - later is set. - - * configure.in: check for strings.h explicitly instead of - depending on AC_HEADER_STDC to check it for us - -2005-07-07 Assar Westerlund - - * configure.in: add AM_PROG_CC_C_O for automake 1.9 - -2005-07-06 Love Hörnquist Åstrand - - * lib/krb5/keytab.c (krb5_kt_get_entry): clear error string when - returning a new error - - * lib/krb5/keytab.c: krb5_kt_close frees all resources, even on - error. - - * lib/krb5/verify_init.c (krb5_verify_init_creds): `entry' unused, - remove From: "Henry B. Hotz" - -2005-07-05 Love Hörnquist Åstrand - - * doc/win2k.texi: arcfour-hmac-md5 support for windows cross was - added in w2k3-sp1 From David Love - - * doc/setup.texi: document kadmin command password-quality instead - of the not installed test_pw_quality - - * lib/krb5/krb5_get_init_creds.3: Spelling, from David Love - - * fix-export: build kdc-protos.h - -2005-07-01 Love Hörnquist Åstrand - - * kdc: prefix pkinit symbols with _kdc - - * kuser/kinit.c: avoid shadowing variables - - * kuser: s/optind/optidx/ - - * kdc: adapt pkinit code to libkdc split - -2005-06-30 Love Hörnquist Åstrand - - * tools/Makefile.am: add depency on LIB_dlopen and LIB_door_create - - * tools/krb5-config.in: add depency on LIB_dlopen and LIB_door_create - - * kdc/kdc_locl.h: indent, remove dup prototypes - - * kdc/libkdc: don't pollute namespace, generate public headerfile - - * lib/krb5/principal.c: add krb5_425_conv_principal_ext2 that work - just like krb5_425_conv_principal_ext but takes a context variable - for the verification function - - * kdc/Makefile.am: there is no export script, not pretend there is - - * kdc: Merge in the libkdc/kdc configuration split from Andrew - Bartlet - - * lib/krb5/crypto.c: optionally compile in support for afs string2key - - * configure.in: add --disable-afs-string-to-key to allow removal - of support for afs string2key (and dependency on crypt) - -2005-06-29 Love Hörnquist Åstrand - - * kdc/kerberos5.c: Add logging of all timestamps in AS-REQ and - TGS-REQ, for auditing - - * kdc/kerberos5.c (as_req): print the supported encryption types - so its possible to know what clients to update. - (find_rpath): return const char * and update callers. - -2005-06-28 Luke Howard - - * kcm/connect.c: fix arguments to kcm_log() when reporting - sendmsg() error - - * kcm/connect.c: don't send socket address in msghdr, it - returns an already connected error on Linux - -2005-06-24 Love Hörnquist Åstrand - - * kdc/524.c: Always include . - -2005-06-23 Love Hörnquist Åstrand - - * doc/intro.texi: no more libdes, gssapi lib is complete - - * lib/krb5/krb5.conf.5: Documentation for password quality - control. From: "James F. Hranicky" - - * lib/krb5/verify_krb5_conf.c (password_quality_entries): add - min_length and min_classes - - * kdc/kaserver.c: log the kaserver requests, avoid shadowing - variables - - * lib/hdb/db3.c (DB_open): in case of error, close database - - * lib/hdb/ndbm.c (NDBM_open): in case of error, close database - - * lib/hdb/db.c (DB_open): in case of error, close database - -2005-06-20 Love Hörnquist Åstrand - - * kcm/kcm.8: fix example - -2005-06-17 Love Hörnquist Åstrand - - * lib/krb5/rd_rep.c: indent - - * lib/krb5/rd_rep.c (krb5_rd_rep): check if - KRB5_AUTH_CONTEXT_DO_TIME set and use that as a que that timestamp - should be checked, DCE-STYLE gssapi needs to be able to tweek this - - * kdc/string2key.c: rename optind to optidx - - * lib/hdb/convert_db.c: rename optind to optidx - - * lib/hdb/keytab.c: const poison, add a unconst where needed - - * lib/krb5/crypto.c (krb5_string_to_key): unconst password - - * lib/asn1/k5.asn1: rename pvno to krb5-pvno - - * lib/krb5/get_in_tkt_with_keytab.c (krb5_keytab_key_proc): - unconst argument - - * lib/krb5/verify_krb5_conf.c: rename optind to optidx - - * lib/krb5/transited.c: rename the temporary string variable to - `str' - - * lib/krb5/test_crypto.c: rename optind to optidx - - * lib/krb5/test_alname.c: rename optind to optidx - - * lib/krb5/store.c: unconst argument to krb5_store (XXX this - should be fixed, krb5_store doesn't need to modify its argument) - - * lib/krb5/send_to_kdc.c (krb5_sendto): remove shadowing - unnessecery variable ret - - * lib/krb5/rd_cred.c (krb5_rd_cred): remove shadowing unnessecery - variable len - - * lib/krb5/prog_setup.c: rename optind to optidx - - * lib/krb5/padata.c: rename variable index to idx - - * lib/krb5/log.c: rename variable time to timestr to avoid - shadowing - - * lib/krb5/krbhst.c (krb5_krbhst_init_flags): rename variable to - avoid shadowing - - * lib/krb5/krbhst-test.c: rename optind to optidx - - * lib/krb5/kcm.c: unconst argumen to connect, unconst argument to - krb5_store (XXX this should be fixed, krb5_store doesn't need to - modify its argument) - - * lib/krb5/init_creds_pw.c (default_s2k_func): unconst password - - * lib/krb5/crypto.c: rename `encrypt' to avoid shadow warning - -2005-06-16 Love Hörnquist Åstrand - - * lib/krb5/principal.c: rename index to idx - - * lib/krb5/mk_error.c: use rk_UNCONST - - * lib/krb5/fcache.c: rename to avoid shadowing - - * lib/krb5/config_file.c: rename to avoid shadowing - - * lib/krb5/cache.c (_krb5_expand_default_cc_name): just copy the - string instead of losing const - - * lib/krb5/addr_families.c: use rk_UNCONST to silence const - warning - - * lib/krb5/addr_families.c: rename sin to sin4 - - * lib/asn1/asn1_print.c: rename optind to optidx, remove shadowed - variables - - * lib/asn1/main.c: rename optind to optidx - - * lib/asn1/gen_copy.c: rename to avoid shadowing - - * lib/asn1/gen_locl.h: rename function filename to get_filename - - * lib/asn1/lex.l: use get_filename - - * lib/asn1/gen.c: rename function filename to get_filename - - * lib/krb5/acache.c: use HAVE_DLOPEN around cc_handle - - * configure.in: add headers and prototypes to logwtmp, logout and - openpty checks - - * configure.in: include headerfiles and set prototype for tgetent - - * kdc/kerberos5.c (make_etype_info2_entry): NUL terminate the - string - - * kdc/kerberos5.c: replace strndup with inline copy, free data on - failure - - * lib/krb5/cache.c (_krb5_expand_default_cc_name): replace strndup - with inline copy - - * lib/krb5/log.c: rename close and log to avoid shadow warnings - - * lib/krb5/get_in_tkt.c: rename index to i to avoid shadowing - - * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): rename two - of the local `realm' to srealm to avoid shadowing - - * kdc/kerberos5.c (tgs_rep2): rename one of the tkey to uukey to - avoid shadow warning - - * kdc/kerberos5.c (tgs_rep2): rename loop to nloop to avoid shadow - warning - -2005-06-15 Love Hörnquist Åstrand - - * Release 0.7, see branch - -2005-06-14 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am: TESTS += test_mem libkrb5_la_SOURCES += - kcm.h - - * kuser/kinit.c (main): catch KRB5_CONFIG_BADFORMAT from - krb5_init_context - - * kdc/main.c (main): catch KRB5_CONFIG_BADFORMAT from - krb5_init_context - - * lib/krb5/verify_krb5_conf.c (main): catch KRB5_CONFIG_BADFORMAT - from krb5_init_context From: Mathias Feiler - - - * lib/krb5/verify_krb5_conf.c: Add more missig entires, from - Mathias Feiler - -2005-06-11 Love Hörnquist Åstrand - - * kdc/pkinit.c (pk_principal_from_X509): remember to free - KRB5PrincipalName - - * lib/krb5/log.c (krb5_closelog): free all content in - krb5_log_facility - -2005-06-08 Love Hörnquist Åstrand - - * kdc/524.c: init kvno to please gcc - - * kdc/kaserver.c (do_authenticate): check return value from - unparse_auth_args - -2005-06-07 Dave Love - - * doc/setup.texi: Spelling. - - * doc/programming.texi: Spelling. - -2005-06-02 Dave Love - - * kcm/connect.c (kcm_door_server): Make static. - - * kcm/kcm_locl.h (disallow_getting_krbtgt): Declare. - -2005-06-02 Love Hörnquist Åstrand - - * kdc/mit_dump.c (mit_prop_dump): cast argument to - krb5_parse_principal to avoid warning - - * kdc/mit_dump.c: rename KRB5_TL_MOD_PRINC to - mit_KRB5_TL_MOD_PRINC to hint its a constant originating from mit - codebase - -2005-06-01 Love Hörnquist Åstrand - - * lib/krb5/store.c: If we are allocating 0 entires, avoid failing - if ALLOC returns NULL - - * lib/krb5/verify_krb5_conf.c: Check for [kdc]v4-realm - - * lib/krb5/cache.c: When returning a new error code, set error - string. - -2005-05-31 Love Hörnquist Åstrand - - * lib/krb5/keytab_file.c: Adapt to changed signature of - _krb5_xunlock, clear more error string where needed. - - * lib/krb5/fcache.c (_krb5_xunlock): catch the error and turn it - into something sensable - -2005-05-30 Love Hörnquist Åstrand - - * kdc/kerberos5.c (tgs_make_reply): copy ok-as-delegate flag from - server entry to encrypted ticket flags - -2005-05-30 Johan Danielsson - - * kdc/connect.c: rename sendlength to prependlength (which - hopefully better represents its purpose), and change type to - krb5_boolean - - * kdc/connect.c: log signal causing exit - - * kdc/main.c (sigterm): set exit_flag to signal causing exit; - (main): trap SIGXCPU - -2005-05-30 Love Hörnquist Åstrand - - * kcm/kcm.8: document --disallow-getting-krbtgt and --door-path - - * kcm/protocol.c (kcm_op_retrieve): check server for krbtgt, not - client - - * kcm/main.c: ignore SIGPIPE - - * kcm/protocol.c: Add option to disallow getting krbtgt out from - from KCM. KCM will do the fetching part itself. - - * kcm/config.c: Add option to disallow getting krbtgt out from - from KCM. KCM will do the fetching part itself. - -2005-05-30 Luke Howard - - * kcm/events.c: if credentials have expired when attempting - to renew, attempt to reacquire them using initial creds - -2005-05-29 Love Hörnquist Åstrand - - * lib/krb5/krb5_principal.3: Spelling, from Björn Sandell - - * doc/setup.texi: spelling, from Björn Sandell - - * lib/krb5/name-45-test.c: XXX don't run the test unless the - machine is in kth.se or su.se because it depends on local resolver - configuration. - - * lib/hdb/hdb.c: provde RTLD_NOW and RTLD_GLOBAL if they don't - exists - - * kcm/connect.c: fix doors support, fix signedness warnings - - * kcm/config.c: add --door-path= - - * configure.in: comment what the "detect doors on solaris" - fragment tries to do - - * kcm/acquire.c (generate_random_pw): fix signed-ness warnings - - * kcm/connect.c (update_client_creds): fix compile error in the - getpeerucred case - - * lib/krb5/test_cc.c: change format for expantion variables in - default_cc_name to %{variable} to not confuse them with shell - ditto - - * kcm/headers.h: Maybe include . - - * kcm/kcm_locl.h: add extern door_path; - - * configure.in: detect doors using door_create - - * kcm/Makefile.am: add dependcy on kcm_protos.h add lib depency on - LIB_door_create - - * lib/krb5/kcm.h: add _PATH_KCM_DOOR, default path to kcm door - - * lib/krb5/kcm.c: use [libdefaults]kcm_door to find the door to - kcm - - * lib/krb5/Makefile.am: libkrb5_la_LIBADD += LIB_door_create - - * lib/krb5/krb5_locl.h: Maybe include , maybe include - . - - * lib/krb5/kcm.c (kcm_send_request): add support for doing a door - call to kcm - - * lib/asn1: prefix Der_class with ASN1_C_ to avoid problems with - system headerfiles that pollute the name space - - * kcm/kcm.8: change format for expantion variables in - default_cc_name to %{variable} to not confuse them with shell - ditto - - * lib/krb5/krb5.conf.5: change format for expantion variables in - default_cc_name to %{variable} to not confuse them with shell - ditto - - * lib/krb5/cache.c (_krb5_expand_default_cc_name): change format - for expantion variables to %{variable} to not confuse them with - shell ditto - - * kcm/connect.c: add LOCAL_PEERCRED and experimental doors support - -2005-05-27 Love Hörnquist Åstrand - - * appl/kf/kfd.c: case uid_t to unsigned long in printf format - -2005-05-25 Love Hörnquist Åstrand - - * lib/krb5/krb5_auth_context.3: remove trailing space - -2005-05-24 Love Hörnquist Åstrand - - * kcm/connect.c (do_request): use sendmsg to send the reply - - * fix-export: add make_proto for kcm/kcm_protos.h - - * kcm/kcm_locl.h: remove prototypes and add - - * kcm/Makefile.am (kcm_SOURCES): add headerfiles - (kcm_protos.h): generate prototypes - - * kcm/protocol.c: fix error in last commit, use right function - - * kcm/headers.h: include if we have getpeerucred - - * configure.in: check for functions getpeerucred and getpeereid - - * kcm/connect.c (update_client_creds): add support for - getpeerucred and getpeereid - - * lib/krb5/kcm.c (kcm_alloc): allow kcm socket to be configured by - [libdefaults]kcm_socket=/path - -2005-05-24 David Love - - * kcm/kcm.8: KRB5CCNAME needs an literal uid, not ${uid}, spelling - -2005-05-23 Love Hörnquist Åstrand - - * kcm/protocol.c: Merge the description and function jumptables - into one structure. Use the length of the array when checking if - opcode is value, not a constant. - - * kcm/kcm_locl.h: struct kcm_op: jumptable structure - - * kcm/main.c: move declaration of detach_from_console away from - here to kcm_locl.h, Don't test HAVE_DAEMON since roken supplies it. - - * kcm/kcm_locl.h: move declaration of detach_from_console here - - * kdc/config.c: Don't test HAVE_DAEMON since roken supplies it. - -2005-05-23 Dave Love - - * kcm/config.c: Don't test HAVE_DAEMON since roken supplies it. - - * kdc/main.c: Don't test HAVE_DAEMON since roken supplies it. - -2005-05-23 Love Hörnquist Åstrand - - * lib/krb5/krb5_keytab.3: document WRFILE and JAVA14 - -2005-05-20 Love Hörnquist Åstrand - - * lib/krb5/krbhst.c (srv_get_hosts): if srv_get_hosts failes, - return and ignore the error - - * lib/krb5/krbhst.c (srv_find_realm): make sure `res' and `count' - have good values - - * lib/krb5/test_keytab.c: tests all keytab format - -2005-05-19 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c (_krb5_pk_rd_pa_reply): non non asn1 decoding - errors, fail. Make sure we free memory on error. - (pk_verify_chain_standard): make sure we provide good errors. - - * lib/krb5/verify_krb5_conf.c: add missing options, prompted by - James F. Hranicky mail to heimdal-discuss - - * lib/krb5/verify_krb5_conf.c: add pkinit and password quailty - check options - - * lib/krb5/pkinit.c (pk_verify_chain_standard): store better error - message in the context for certificate errors. - - * lib/krb5/keytab.c (krb5_kt_free_entry): zero out content of all - krb5_free_x_content like functions to make sure data doesnt get - reused, idea from Wynn Wilkes - - * configure.in: depend on automake 1.8, we don't test anything - older - - * lib/krb5/init_creds_pw.c (process_pa_data_to_md): add comment - that the caller always free out_md; remove comment about memory, - it doesn't happen. - (init_cred_loop): free ctx->as_req.padata when its reset (From Wynn - Wilkes ), move a comment close the the code - - * lib/krb5/keytab_krb4.c (fkt_remove_entry): need to call - krb5_kt_free_entry after each krb5_kt_next_entry. - - * lib/krb5/keytab_file.c (fkt_remove_entry): need to call - krb5_kt_free_entry after each fkt_next_entry_int. From: Wynn - Wilkes - -2005-05-18 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am: TESTS += test_keytab - - * lib/krb5/keytab_krb4.c (krb4_kt_remove_entry): plug memory leaks, - avoid crashing on empty keytab - - * lib/krb5/krb5_keytab.3: document behavior of - krb5_kt_remove_entry - - * lib/krb5/keytab_memory.c (mkt_remove_entry): check if there - isn't any entries in the keytab before removing any since that - leads to bad pointer arithmetic and crashing. From: Wynn Wilkes - . Make the function return KRB5_KT_NOTFOUND - if the entry wasn't in the keytab (just like the filebased - keytab). - - * lib/krb5/test_keytab.c: test memory corruption in MEMORY keytab - - * lib/krb5{addr_families,context,creds,free,keyblock, - mit_glue,rd_error}.c:zero out content of all krb5_free_x_content - like functions to make sure data doesnt get reused, idea from - Wynn Wilkes - - * lib/krb5/krb5_get_credentials.3: document KRB5_GC_EXPIRED_OK - - * lib/krb5/krb5.3: add krb5_cc_new_unique - -2005-05-17 Love Hörnquist Åstrand - - * lib/krb5/fcache.c (fcc_get_first): check return value from - malloc, memset the structure, make sure cursor doesn't point to - freed memory on failure. From: Wynn Wilkes - - * lib/krb5/krb5_auth_context.3: document - KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED - - * lib/krb5/get_cred.c: Remove expired credentials, based on - patches and comments from Anders Magnusson and Wynn - Wilkes - - * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): honor - KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED and create unencrypted - (ENCTYPE_NULL) credentials. for use with old mit server and java based - ones as they can't handle encrypted KRB-CRED. Note that the option - needs to turned on because if the consumer sends the KRB-CRED in - clear bad things will happen. - - * lib/krb5/context.c (krb5_init_context): register krb5_javakt_ops - - * lib/krb5/krb5.h: KRB5_GC_EXPIRED_OK: expired credentials is ok - to return from krb5_get_credentials. - KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED: make forward credentials - be unencrypted, for compatibility with mit kerberos and java - kerberos. krb5_javakt_ops: export - -2005-05-16 Love Hörnquist Åstrand - - * lib/krb5/keytab_file.c: Add new keytab file format JAVA14 that - doesn't the use extended kvnos, as hinted, this is needed for - Java's Kerberos implementation. - -2005-05-10 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: handle pkinit-9, pkinit-19, and pkinit-25 - enckey, still no DH - - * kdc/pkinit.c: handle pkinit-9, pkinit-19, and pkinit-25 enckey, - still no DH - - * kdc/kerberos5.c (as_rep): search for pkinit-9, pkinit-19, and - pkinit-25 pa-data, return empty pkinit pa-data in the - PREAUTH_REQUIRED krb-error - - * doc/ack.texi: add pkinit people - - * lib/krb5/krb5_storage.3: document krb5_storage_is_flags - - * lib/krb5/{krb5_compare_creds.3,krb5_get_init_creds.3, - krb5_krbhst_init.3,krb5_storage.3}: - make more pretty, from Björn Sandell - -2005-05-09 Dave Love - - * doc/setup.texi: Fix and clarify password quality check examples. - -2005-05-09 Love Hörnquist Åstrand - - * lib/krb5/kuserok.c (krb5_kuserok): use POSIX_GETPWNAM_R instead - of HAVE_GETPWNAM_R From: Dave Love - -2005-05-07 Love Hörnquist Åstrand - - * lib/krb5/addr_families.c (krb5_print_address): catch when the - unknown adress don't fit. From Björn Sandell - -2005-05-05 Dave Love - - * configure.in: fix type right test, include for - sys/strtty.h, not sys/ptyvar.h - -2005-05-05 Love Hörnquist Åstrand - - * lib/krb5/krb5.conf.5: spelling - -2005-05-04 Love Hörnquist Åstrand - - * lib/krb5/krb5.conf.5: expand on what "trailing component" means - -2005-05-04 Johan Danielsson - - * lib/krb5/rd_cred.c: put address comparison in separate function - - * lib/krb5/krb5_kuserok.3: check the user's ~/.k5login.d directory - for access files, all of which is handled like the regular - ~/.k5login - - * lib/krb5/kuserok.c: check the user's ~/.k5login.d directory for - access files, all of which is handled like the regular ~/.k5login - -2005-05-03 Love Hörnquist Åstrand - - * doc/ack.texi: Clearify what version of libdes we are using and - who's code in it we are using. - - * kcm/kcm.8: more text about usage - - * kcm/Makefile.am: man_MANS += kcm.8 - - * kcm/kcm.8: initial manpage - - * configure.in: if we have a $srcdir/lib/asn1/pkcs12.asn1, define - PKINIT - -2005-05-02 Dave Love - - * configure.in: sys/tty.h (for sys/ptyvar.h) might need termios.h. - -2005-05-02 Love Hörnquist Åstrand - - * tools/krb5-config.in: add com_err to required libs - - * lib/krb5/pkinit.c (krb5_ui_method_read_string): use the fill in - length - - * lib/krb5/init_creds_pw.c: Now that we fixed the signed-ness of - nonce for windows, remove the code that removed the signed - bit. Instead add comment that they still need to be the same - (Kerberos protocol nonce and pk-init nonce) for Windows. - -2005-05-02 David Love - - * lib/krb5/crypto.c: Don't declare des_salt &c as static with - incomplete type (invalid in c89, at least). - -2005-05-02 Love Hörnquist Åstrand - - * lib/krb5/krb5_locl.h: include - -2005-05-02 David Love - - * kcm/connect.c (init_socket): rename variable sun to un to avoid - namespace collision. - (handle_stream): Cast arg of krb5_warnx. - -2005-04-30 Love Hörnquist Åstrand - - * lib/krb5/init_creds_pw.c: if we are using PKINIT, strip of the - highest bit to make windows PK-INIT happy. Also make the nonces - the same, again for windows, they are using pk-init-9. - - XXX check if it isn't the that nonce is an unsigned variable so - its just a asn1 mismatch. - - * kdc/pkinit.c: pass a NULL prompter data to _krb5_pk_load_openssl_id - - * kuser/kinit.c: krb5_get_init_creds_opt_set_pkinit - - * lib/krb5/pkinit.c: Pass prompter data to the prompter function, - implement a UI prompter function wrapping the kerberos prompter - function so that the the OpenSSL ENGINE can ask for a password - when loading the private key. From: Douglas E. Engert - - * lib/krb5: add in test programs - - * configure.in: sys/ptyvar.h might need - - * lib/krb5/Makefile.am: use LIB_com_err for libkrb5.la - -2005-04-29 Love Hörnquist Åstrand - - * lib/asn1/Makefile.am: use $(LIB_com_err) - -2005-04-28 Love Hörnquist Åstrand - - * lib/krb5/context.c (krb5_set_config_files): ignore permission - denied on configuration files, user might not be allowed to read - /var/heimdal/kdc.conf - -2005-04-26 Dave Love - - * lib/krb5/krb5_locl.h: define _POSIX_PTHREAD_SEMANTICS so we get - posix getpwnam_r - -2005-04-25 Love Hörnquist Åstrand - - * lib/asn1/gen_glue.c: switch the units variable to a - function. gcc-4.1 needs the size of the structure if its defined - as extern struct units foo_units[] an we don't want to include - in the generate headerfile - -2005-04-25 Love Hörnquist Åstrand - - * lib/hdb/hdb.schema: add EQUALITY rule for krb5ValidStart, - krb5ValidEnd, krb5PasswordEnd From Howard Chu - -2005-04-24 Love Hörnquist Åstrand - - * doc/whatis.texi: comment out docbook stuff for now - - * kuser/klist.c: use strlcpy - - * doc/ack.texi: we no longer use eay libdes, make acknowledgment - still be there, but claim that we no longer use it. Mark editline - to be a modified version as required by the license. - - * lib/krb5/pkinit.c: use the unexported oid_to_enctype function - - * lib/krb5/crypto.c: unexport the oid_to_enctype function, not for - external consumers - - * kdc/Makefile.am: always add kaserver - - * lib/krb5/krb5_ccache.3: document krb5_cc_new_unique - - * lib/krb5/cache.c (krb5_cc_new_unique): new function to create a - new credential cache - - * kdc/headers.h: don't include kerberos 4 headers here - - * kdc/hpropd.c: include kerberos 4 headers here - - * kdc/connect.c: add kaserver support independ of having krb4 - support - - * kdc/config.c: add kaserver support unconditionally, make kdc - only fail to start when there are no v4 realm configured and - krb4/kaserver is turned on - - * kdc/kaserver.c: Use the new Kerberos 4 functions in libkrb5 and - so kaserver support is always compiled in (still default disabled) - - * lib/krb5/v4_glue.c: simplify error handling - - * doc/whatis.texi: add docbook version macro of @sub - - * doc/heimdal.texi: change the wrapping around the Top node to - ifnottex, make html generation work - - * lib/krb5/krb5_krbhst_init.3: spelling, from Björn Sandell - - - * lib/krb5/krb5_get_krbhst.3: spelling, from Björn Sandell - - - * lib/krb5/krb5_data.3: spelling, from Björn Sandell - - - * lib/krb5/krb5_aname_to_localname.3: spelling, from Björn Sandell - - - * lib/krb5/krb5_address.3: spelling, from Björn Sandell - - -2005-04-23 Love Hörnquist Åstrand - - * kdc/config.c: Use the new Kerberos 4 functions in libkrb5 and so - kerberos 4 is always compiled in (still default disabled) - - * kdc/kerberos4.c: Use the new Kerberos 4 functions in libkrb5 and - so kerberos 4 is always compiled in (still default disabled) - - * lib/krb5/krb5_locl.h: forward declaration of _krb5_krb_auth_data - - * lib/krb5/convert_creds.c: Move the kerberos v4 replacement - functions to v4_glue.c - - * lib/krb5/v4_glue.c: Implement enough of kerberos 4 protocol to - be a KDC, move the v4 bits over here - - * lib/krb5/krb5-v4compat.h: add more v4 defines - -2005-04-22 Love Hörnquist Åstrand - - * kpasswd/kpasswdd.c: Support multi-realms databases, requires - that all the realms are configured on the KDC in krb5.conf with - [libdefaults]default_realm stanzas. - -2005-04-21 Love Hörnquist Åstrand - - * kdc/kerberos5.c: spell succeeded correctly, From Sean Chittenden - - * lib/krb5/addr_families.c: catch two more snprintf problems - -2005-04-20 Love Hörnquist Åstrand - - * lib/hdb/Makefile.am: this lib include com_err, add -com_err to - CHECK_SYMBOLS - - * appl/test/http_client.c: cast ssize_t to unsigned long, fix - printf format - -2005-04-19 Love Hörnquist Åstrand - - * lib/krb5/kuserok.c: use asprintf to avoid truncating pathnames - - * lib/krb5/get_host_realm.c: check return value of snprintf - - * lib/krb5/test_addr.c: check address truncation - - * lib/krb5/addr_families.c: check return values from snprintf and - clean up semantics of ret_len - - * lib/krb5/krb5_address.3: clarify what ret_len is in - krb5_print_address - - * lib/krb5/test_kuserok.c: add --version and --help - - * lib/krb5/kuserok.c: use getpwnamn_r if it exists - - * lib/krb5/Makefile.am: noinst_PROGRAMS += test_kuserok - - * lib/krb5/test_kuserok.c: test program for krb5_kuserok - -2005-04-18 Love Hörnquist Åstrand - - * lib/krb5/acache.c (acc_resolve): if open_default_ccache failed - with ccErrCCacheNotFound try again with create_default_ccache, - this fixes the problem where the security server apperenly haven't - started yet on Mac OS X - - * lib/krb5/get_default_principal.c - (_krb5_get_default_principal_local): add, for use of functions - that in ccache layer to avoid recursive calls. - - * lib/hdb/hdb-ldap.c: drop , no longer use any of the is* - macros in this file - - * include/make_crypto.c: cast to unsigned char to make sure its - not negative when passing it to is* functions - -2005-04-15 Love Hörnquist Åstrand - - * doc/programming.texi: remove manpage macro, add some more - references to manpages - - * doc/heimdal.texi: define manpage macro - - * doc/setup.texi: document new password policy code - - * kpasswd/kpasswdd.c: add verifier libraries with - kadm5_add_passwd_quality_verifier - - * lib/krb5/krb5_keyblock.3: document krb5_keyblock_init - -2005-04-14 Love Hörnquist Åstrand - - * kdc/kaserver.c: AUTHENTICATE and AUTHENTICATE_V2 is almost the - same, and clients - (klog) can deal with that the kaserver returns the same thing for - both - - * lib/krb5/keyblock.c: Add krb5_keyblock_init to allocate an fill - in a keyblock from key data. - -2005-04-12 Love Hörnquist Åstrand - - * configure.in: rk_WIN32_EXPORT for roken - -2005-04-10 Love Hörnquist Åstrand - - * appl/test/gssapi_server.c: print out client principla of - delegated credential - -2005-04-07 Love Hörnquist Åstrand - - * lib/krb5/init_creds_pw.c (process_pa_data_to_key): also check - for KRB5_PADATA_PK_AS_REP_19, From: Douglas Engert - -2005-04-07 Love Hörnquist Åstrand - - * .cvsignore: ignore more generate files - -2005-04-04 Love Hörnquist Åstrand - - * lib/asn1/check-der.c: use size_t, print size_t by casting to - unsigned long - - * lib/krb5/test_crypto.c: print size_t by casting to unsigned long - - * lib/krb5/acache.c: Argument to create_new_ccache is a principal, - not a credential cache name. Clean up lossage related to this - problem. - - * lib/hdb/Makefile.am: CHECK_SYMBOLS += HDBFlags2int - - * lib/krb5/addr_families.c - (krb5_address_prefixlen_boundary,krb5_free_address): - use find_atype when we are dealing with a kerberos address type - - * lib/krb5/aes-test.c: size_t vs int + fix printf - - * lib/krb5/pkinit.c: Since the decode can't make out the diffrence - between PA-PK-AS-REP-19 and PA-PK-AS-REQ-Win2k, try harder to - verify both cases - -2005-04-03 Love Hörnquist Åstrand - - * appl/test/uu_client.c: print size_t by casting to unsigned long - -2005-04-01 Johan Danielsson - - * kdc/kerberos4.c (do_version4): check client and server max_life - - * kdc/kaserver.c (do_getticket): check client max_life - -2005-03-31 Love - - * lib/krb5/verify_krb5_conf.c: const poison - - * lib/krb5/test_alname.c: const poison - - * lib/asn1/main.c: const poison - - * lib/krb5/test_addr.c: test parse IPv6 RANGE addresses - - * lib/krb5/addr_families.c: implement mask boundary for IPv6 - - * lib/asn1/gen.c: avoid const string warnings steming from - writeable-string - -2005-03-28 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am: TESTS += test_addr - - * lib/krb5/test_addr.c: simple test for addresses - - * lib/krb5/addr_families.c: make RANGE parse prefixlen style - addresses too, fix printing of RANGE addresses, add - krb5_address_prefixlen_boundary - - * lib/krb5/krb5_keytab.3: stop memory leak in example, expand on - wildcards - -2005-03-26 Love Hörnquist Åstrand - - * lib/krb5/krb5_principal.3: spelling, from Tomas Olsson - - * lib/krb5/krb5_warn.3: spelling, from Tomas Olsson - -2005-03-19 Love Hörnquist Åstrand - - * lib/krb5/acache.c: add mutex for global variables, clean up - returned error codes, implement storing addresses into the ccapi - - * appl/test/gssapi_server.c: free memory, make error strings match - - * appl/test/gssapi_server.c: use print_gss_name, print server name - too - - * appl/test/gss_common.h (print_gss_name): common code for - printing gss name - - * appl/test/gss_common.c (print_gss_name): common code for - printing gss name - - * appl/test/http_client.c: Make constent with rest of the gssapi - test programs - -2005-03-17 Love Hörnquist Åstrand - - * lib/hdb/keys.c: AES is enabled by default, remove ifdefs - - * lib/krb5/crypto.c: AES is enabled by default, remove ifdefs - - * lib/krb5/aes-test.c: use hex encoder from roken AES is enabled - by default, remove ifdefs - - * kdc/kerberos5.c: AES is enabled by default, remove ifdefs - -2005-03-16 Love Hörnquist Åstrand - - * doc/setup.texi: Add some text about modifying the database - -2005-03-15 Love Hörnquist Åstrand - - * kuser/kinit.c: widen lifetime/renewal warning text field, also - make use of unparse_time_approx, no need to be specific to the - second when ticket needs to be renewed or their lifetime. - - * doc/heimdal.texi: copyright maintenance, drop eay, use updated - UCB license - - * lib/krb5/crypto.c: more static and unsigned issues - - * lib/krb5/crypto.c: fix signedness issues, prompted by report of - Magnus Ahltorp - -2005-03-13 Love Hörnquist Åstrand - - * lib/krb5/krb5_keytab.3: more text about how to free returned - resources - -2005-03-10 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: handle the -25 generation path - - * lib/krb5/pkinit.c: use KRB5_PADATA_PK_AS_REQ_19 - - * lib/krb5/pkinit.c: fold in pk-init-25 asn1 changes - -2005-03-09 Love Hörnquist Åstrand - - * kdc/pkinit.c: use generated oid's - - * lib/krb5/pkinit.c: use generated oid's - -2005-03-08 Love Hörnquist Åstrand - - * kdc/pkinit.c: update to the asn1 structures used in -25's - - * lib/krb5/pkinit.c: update to the asn1 structures used in -25's - -2005-03-04 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c: use the newly written hex function from - roken and remove the old implementation - -2005-03-01 Love Hörnquist Åstrand - - * appl/test/http_client.c: allow specifing port to connect to - -2005-02-24 Love Hörnquist Åstrand - - * lib/krb5/Makefile.am: bump version to 21:0:4 - - * lib/hdb/Makefile.am: bump version to 8:0:1 - - * lib/asn1/Makefile.am: bump version to 7:0:1 - -2005-02-23 Love Hörnquist Åstrand - - * lib/krb5/crypto.c (DES_string_to_key_int): must check for weak - keys after doing the DES_cbc_cksum - -2005-02-19 Luke Howard - - * lib/krb5/krbhst.c: set KD_CONFIG after calling - config_get_hosts() in kpasswd_get_next() - From: Wynn Wilkes - -2005-02-15 Love Hörnquist Åstrand - - * lib/hdb/db3.c (DB_open): correct the check for O_RDONLY - From: Chaskiel M Grundman - -2005-02-09 Love Hörnquist Åstrand - - * lib/krb5/crypto.c (krb5_random_to_key): cast size_t to int to - make %d work - -2005-02-08 Love Hörnquist Åstrand - - * lib/krb5/keytab.c (krb5_kt_get_entry): tell what enctype the - caller requested to provide the user with a glue what the caller - was asking for. - -2005-02-05 Luke Howard - - * lib/krb5/kcm.c: add _krb5_kcm_is_running, _krb5_kcm_noop - - * kcm/acquire.c: don't leak salt if keyproc called multiple - times - - * kcm/config.c: allow KCM system ccache to be configured from - krb5.conf, in the system_ccache stanza of [kcm] - -2005-02-03 Love Hörnquist Åstrand - - * kcm/protocol.c: use -1 as the invalid pid number - - * kcm/connect.c: support SCM_CREDS (for NetBSD) - - * kcm/Makefile.am: LDADD += LIB_pidfile - - * kcm/connect.c: make it possible to build on systems without - SO_PEERCRED (still doesn't work) - - * kcm/config.c: cast argument to isdigit to unsigned char - - * lib/krb5/krb5.conf.5: document large_msg_size - - * lib/krb5/context.c (init_context_from_config_file): init - large_msg_size to 6000 - - * lib/krb5/krb5.h (krb5_context_data): add large_msg_size, - threshold where we start to use transport protocols without tiny - max data transport sizes. - - * lib/krb5/kcm.h: drop prototypes, they all live in krb5-private.h - by now - -2005-02-02 Luke Howard - - * configure.in: generate kcm/Makefile - - * Makefile.am: recurse into kcm/ if KCM defined - - * kcm: add KCM daemon - -2005-02-02 Love Hörnquist Åstrand - - * lib/krb5/send_to_kdc.c (send_and_recv_udp): make private again - - * lib/krb5/kcm.c: use AF_UNIX like the rest of the codebase, add - some more error strings - -2005-02-02 Luke Howard - - * configure.in: add --enable-kcm option for Kerberos - Credentials Manager (KCM) - - * lib/krb5/Makefile.am: add kcm.c - - * lib/krb5/cache.c: use cc_retrieve_cred if present rather - than enumerating ccache - - * lib/krb5/context.c: register KCM cc_ops - - * lib/krb5/get_cred.c: pass all options to cc_retrieve_cred - - * lib/krb5/init_creds_pw.c: add krb5_get_init_creds_keyblock - - * lib/krb5/kcm.[ch]: add initial implementation of KCM - client library - - * lib/krb5/krb5.h: fix cc_retrieve prototype, add KCM cc_ops - - * lib/krb5/send_to_kdc.c: add _krb5_send_and_recv_tcp - - * lib/krb5/store.c: add krb5_store_creds_tag, krb5_ret_creds_tag - -2005-01-24 Luke Howard - - * lib/krb5/init_creds_pw.c: allow NULL in_options to be passed - krb5_get_init_creds_password() - - * kdc/kerberos5.c: don't crash when logging no server etype - support if client == NULL - -2005-01-17 Love Hörnquist Åstrand - - * kdc/kstash.c: s/random_key/random_key_flag/, From Dave Love - - -2005-01-12 Love Hörnquist Åstrand - - * doc/apps.texi: Texinfo fixes. Text about irix 6.5 using - PAM. From: Dave Love - -2005-01-08 Love Hörnquist Åstrand - - * lib/krb5/verify_krb5_conf.c: cast argument to isdigit to - unsigned char - - * lib/krb5/keytab_keyfile.c: cast argument to toupper to unsigned - char - - * lib/asn1/hash.c (hashcaseadd): cast argument to toupper to - unsigned char - - * appl/kf/kfd.c (kfd_match_version): cast argument to islower to - unsigned char - - * lib/krb5/krb5.3: drop krb5_{checksum,enctype}_is_disabled - - * lib/krb5/krb5_encrypt.3: drop krb5_enctype_is_disabled, more - text about krb5_enctype_valid - - * lib/krb5/krb5_create_checksum.3: drop - krb5_checksum_is_disabled - - * lib/krb5/crypto.c: drop krb5_{checksum,enctype}_isdisabled - - * lib/krb5/context.c: krb5_enctype_is_disabled is the same thing - as krb5_enctype_valid, so use the later since its older and the - api doesn't really need another entry point - - * lib/krb5/rd_req.c: krb5_enctype_is_disabled is the same thing as - krb5_enctype_valid, so use the later since its older and the api - doesn't really need another entry point - - * kdc/kerberos5.c: krb5_enctype_is_disabled is the same thing as - krb5_enctype_valid, so use the later since its older and the api - doesn't really need another entry point - -2005-01-05 Love Hörnquist Åstrand - - * kpasswd/kpasswdd.8: document --addresses, controls what - addresses kpasswd should listen too - - * kpasswd/kpasswdd.c: add --addresses, controls what addresses - kpasswd should listen too - - * lib/krb5/addr_families.c (krb5_parse_address): filter out dup - addresses from getaddrinfo - - * kpasswd/kpasswd.1: document -c - - * kpasswd/kpasswd.c: allow specifying a credential cache to use - for the admin principal - - * include/bits.c: constify to avoid warning with -Wwrite-string - - * NEWS: add 0.6.2 and 0.6.3 items - - * lib/krb5/krb5_keyblock.3: document krb5_generate_subkey_extended - - * lib/krb5/krb5_is_thread_safe.3: document function - - * lib/krb5/Makefile.am (man_MANS) += krb5_is_thread_safe.3 - - * lib/krb5/context.c (krb5_is_thread_safe): return TRUE is the - library was compiled with multithreading support. If not, - application must global lock the library, it it uses threads that - call kerberos functions at the same time. - -2005-01-05 Luke Howard - - * lib/krb5/auth_context.c: use krb5_generate_subkey_extended() - - * lib/krb5/appdefault.c: remove redundant KRB5_LIB_FUNCTION - - * lib/krb5/build_auth.c: support for enctype negotiation - (client sends EtypeList in Authenticator authz data) - - * lib/krb5/context.c: mutex should be destroyed last in - krb5_free_context() - - * lib/krb5/generate_subkey.c: add krb5_generate_subkey_extended(), - set *subkey to NULL if key geneartion fails - - * lib/krb5/krb5.h: add KRB5_KU_PA_SERVER_REFERRAL_DATA - - * lib/krb5/mk_req_ext.c: support ETYPE_ARCFOUR_HMAC_MD5_56 - - * lib/krb5/rd_req.c: support for enctype negotiation - (client sends EtypeList in Authenticator authz data) - -2005-01-04 Luke Howard - - * lib/asn1/k5.asn1: add authorization data types for enctype - negotiation implementation - -2005-01-04 Love Hörnquist Åstrand - - * lib/krb5/changepw.c (change_password_loop): on failing to find a - kdc, set result_code to KRB5_KPASSWD_HARDERROR - -2005-01-01 Love Hörnquist Åstrand - - * doc/heimdal.texi: Happy New Year - diff --git a/crypto/heimdal/ChangeLog.2006 b/crypto/heimdal/ChangeLog.2006 deleted file mode 100644 index f0e1ce9e966e..000000000000 --- a/crypto/heimdal/ChangeLog.2006 +++ /dev/null @@ -1,2047 +0,0 @@ -2006-12-28 Love Hörnquist Åstrand - - * kdc/process.c: Handle kx509 requests. - - * kdc/connect.c: Listen to 9878 if kca is turned on. - - * kdc/headers.h: Include . - - * kdc/config.c: code to parse [kdc]enable-kx509 - - * kdc/kdc.h: add enable_kx509 - - * kdc/Makefile.am: add kx509.c - - * kdc/kx509.c: Kx509server (external certificate genration). - - * lib/krb5/ticket.c: add krb5_ticket_get_endtime - - * lib/krb5/krb5_ticket.3: Document krb5_ticket_get_endtime - - * kdc/digest.c: Remove , its already included in - headers.h - - * kdc/digest.c: Return session key for the NTLMv2 case too - - * lib/krb5/digest.c (krb5_ntlm_rep_get_sessionkey): return value - is krb5_error_code - -2006-12-27 Love Hörnquist Åstrand - - * lib/krb5/mk_req_ext.c (_krb5_mk_req_internal): use md5 for - des-cbc-md4 and des-cbc-md5. This is for (older) windows that - will be unhappy anything else. From Inna Bort-Shatsky - -2006-12-26 Love Hörnquist Åstrand - - * kdc/digest.c: Prefix internal symbol with _kdc_. - - * kdc/kdc.h: add digests_allowed - - * kdc/digest.c: return NTLM2 targetinfo structure. - - * lib/krb5/digest.c: Add krb5_ntlm_init_get_targetinfo. - - * kdc/config.c: Parse digest acl's - - * kdc/kdc_locl.h: forward decl; - - * kdc/digest.c: Add digest acl's - -2006-12-22 Love Hörnquist Åstrand - - * fix-export: build ntlm-private.h - -2006-12-20 Love Hörnquist Åstrand - - * include/make_crypto.c: Include <.../hmac.h>. - - * kdc/digest.c: reorder to show slot here ntlmv2 code will be - placed. - - * kdc/digest.c: Announce that we support key exchange and add bits - to detect when it wasn't used. - - * kdc/digest.c: Add support for generating NTLM2 session security - answer. - -2006-12-19 Love Hörnquist Åstrand - - * lib/krb5/digest.c: Add sessionkey accessor functions. - -2006-12-18 Love Hörnquist Åstrand - - * kdc/digest.c: Unwrap the NTLM session key and return it to the - server. - -2006-12-17 Love Hörnquist Åstrand - - * lib/krb5/store.c (krb5_ret_principal): Fix a bug in the malloc - failure part, noticed by Arnaud Lacombe in NetBSD coverity scan. - -2006-12-15 Love Hörnquist Åstrand - - * lib/krb5/fcache.c (fcc_get_cache_next): avoid const warning. - - * kdc/digest.c: Support NTLM verification, note that the KDC does - no NTLM packet parsing, its all done by the client side, the KDC - just calculate and verify the digest and return the result to the - service. - - * kuser/kdigest.c: add ntlm-server-init - - * kuser/Makefile.am: kdigest depends on libheimntlm.la - - * kdc/headers.h: Include . - - * kdc/Makefile.am: libkdc needs libheimntlm.la - - * autogen.sh: just run autoreconf -i -f - - * lib/Makefile.am: hook in ntlm - - * configure.in (AC_CONFIG_FILES): add lib/ntlm/Makefile - - * lib/krb5/digest.c: API to authenticate ntlm requests. - - * lib/krb5/fcache.c: Support "iteration" of file credential caches - by giving the user back the default file credential cache and only - that. - - * lib/krb5/krb5_locl.h: Expand the default root for some of the cc - type names. - -2006-12-14 Love Hörnquist Åstrand - - * lib/krb5/init_creds_pw.c (free_paid): free the krb5_data - structure too. Bug report from Stefan Metzmacher. - -2006-12-12 Love Hörnquist Åstrand - - * kuser/kinit.c: Read the appdefault configration before we try to - use the flags. Bug reported by Ingemar Nilsson. - - * kuser/kdigest.c: prefix digest commands with digest_ - - * kuser/kdigest-commands.in: prefix digest commands with digest- - -2006-12-10 Love Hörnquist Åstrand - - * kdc/hprop.c: Return error codes on failure, improve error - reporting. - -2006-12-08 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: sprinkle more _krb5_pk_copy_error - - * lib/krb5/pkinit.c: Copy more hx509 error strings to krb5 error - strings - -2006-12-07 Love Hörnquist Åstrand - - * include/Makefile.am: CLEANFILES += vis.h - -2006-12-06 Love Hörnquist Åstrand - - * kdc/kerberos5.c (_kdc_as_rep): add AD-INITAL-VERIFIED-CAS to the - encrypted ticket - - * kdc/pkinit.c (_kdc_add_inital_verified_cas): new function, adds - an empty (for now) AD_INITIAL_VERIFIED_CAS to tell the clients - that we vouches for the CA. - - * kdc/kerberos5.c (_kdc_tkt_add_if_relevant_ad): new function. - - * lib/Makefile.am: Make the directories test automake conditional - so automake can include directories in make dist step. - - * kdc/pkinit.c (_kdc_pk_rd_padata): leak less memory for - ExternalPrincipalIdentifiers - - * kdc/pkinit.c: Parse and use PA-PK-AS-REQ.trustedCertifiers - - * kdc/pkinit.c: Add comment that the anchors in the signed data - really should be the trust anchors of the client. - - * kuser/generate-requests.c: Use strcspn to remove \n from - string returned by fgets. From Björn Sandell - - * kpasswd/kpasswd-generator.c: Use strcspn to remove \n from - string returned by fgets. From Björn Sandell - -2006-12-05 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c: Clear errno before calling the strtol - functions. From Paul Stoeber to OpenBSD by Ray Lai and Björn - Sandell. - - * lib/krb5/config_file.c: Use strcspn to remove \n from fgets - result. Prompted by change by Ray Lai of OpenBSD via Björn - Sandell. - - * kdc/string2key.c: Use strcspn to remove \n from fgets - result. Prompted by change by Ray Lai of OpenBSD via Björn - Sandell. - -2006-11-30 Love Hörnquist Åstrand - - * lib/krb5/krbhst.c (plugin_get_hosts): be more paranoid and pass - in a NULLed plugin list - -2006-11-29 Love Hörnquist Åstrand - - * lib/krb5/verify_krb5_conf.c: add more pkinit options. - - * lib/krb5/pkinit.c: Store what PK-INIT type we used to know reply - to expect, this avoids overwriting the real PK-INIT error from - just a failed requeat with a Windows PK-INIT error (that always - failes). - - * kdc/Makefile.am: Add LIB_pkinit to pacify AIX - - * lib/hdb/Makefile.am: Add LIB_com_err to pacify AIX - -2006-11-28 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c: Make build again from the hdb_entry - wrapping. Patch from Andreas Hasenack. - - * kdc/pkinit.c: Need better code in the DH parameter rejection - case, add comment to that effect. - -2006-11-27 Love Hörnquist Åstrand - - * kdc/krb5tgs.c: Reply KRB5KRB_ERR_RESPONSE_TOO_BIG for too large - packets when using datagram based transports. - - * kdc/process.c: Pass down datagram_reply to _kdc_tgs_rep. - - * lib/krb5/pkinit.c (build_auth_pack): set supportedCMSTypes. - -2006-11-26 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: Pass down hx509_peer_info. - - * kdc/pkinit.c (_kdc_pk_rd_padata): Pick up supportedCMSTypes and - pass in into hx509_cms_create_signed_1 via hx509_peer_info blob. - - * kdc/pkinit.c (_kdc_pk_rd_padata): Pick up supportedCMSTypes and - pass in into hx509_cms_create_signed_1 via hx509_peer_info blob. - -2006-11-24 Love Hörnquist Åstrand - - * lib/krb5/send_to_kdc.c: Set the large_msg_size to 1400, lets not - fragment packets and avoid stupid linklayers that doesn't allow - fragmented packets (unix dgram sockets on Mac OS X) - -2006-11-23 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c (_krb5_pk_create_sign): stuff down the users - certs in the pool to make sure a path is returned, without this - proxy certificates wont work. - -2006-11-21 Love Hörnquist Åstrand - - * kdc/config.c: Make all pkinit options prefixed with pkinit_ - - * lib/krb5/log.c (krb5_get_warn_dest): return warn_dest from - krb5_context - - * lib/krb5/krb5_warn.3: document krb5_[gs]et_warn_dest - - * lib/krb5/krb5.h: Drop KRB5_KU_TGS_IMPERSONATE. - - * kdc/krb5tgs.c: Use KRB5_KU_OTHER_CKSUM for the impersonate - checksum. - - * lib/krb5/get_cred.c: Use KRB5_KU_OTHER_CKSUM for the impersonate - checksum. - -2006-11-20 Love Hörnquist Åstrand - - * lib/krb5/verify_user.c: Make krb5_get_init_creds_opt_free take a - context argument. - - * lib/krb5/krb5_get_init_creds.3: Make - krb5_get_init_creds_opt_free take a context argument. - - * lib/krb5/init_creds_pw.c: Make krb5_get_init_creds_opt_free take - a context argument. - - * kuser/kinit.c: Make krb5_get_init_creds_opt_free take a context - argument. - - * kpasswd/kpasswd.c: Make krb5_get_init_creds_opt_free take a - context argument. - - * kpasswd/kpasswd-generator.c: Make krb5_get_init_creds_opt_free - take a context argument. - - * kdc/hprop.c: Make krb5_get_init_creds_opt_free take a context - argument. - - * lib/krb5/init_creds.c: Make krb5_get_init_creds_opt_free take a - context argument. - - * appl/gssmask/gssmask.c: Make krb5_get_init_creds_opt_free take a - context argument. - -2006-11-19 Love Hörnquist Åstrand - - * doc/setup.texi: fix pkinit option (s/-/_/) - - * kdc/config.c: revert the enable-pkinit change, and make it - consistant with all other other enable- options - -2006-11-17 Love Hörnquist Åstrand - - * doc/setup.texi: Make all pkinit options prefixed with pkinit_ - - * kdc/config.c: Make all pkinit options prefixed with pkinit_ - - * kdc/pkinit.c: Make app pkinit options prefixed with pkinit_ - - * lib/krb5/pkinit.c: Make app pkinit options prefixed with pkinit_ - - * lib/krb5/mit_glue.c (krb5_c_keylengths): make compile again. - - * lib/krb5/mit_glue.c (krb5_c_keylengths): rename. - - * lib/krb5/mit_glue.c (krb5_c_keylength): mit changed the api, - deal. - -2006-11-13 Love Hörnquist Åstrand - - * lib/krb5/pac.c (fill_zeros): stop using MIN. - - * kuser/kinit.c: Forward decl - - * lib/krb5/test_plugin.c: Use NOTHERE.H5L.SE. - - * lib/krb5/krbhst.c: Fill in hints for picky getaddrinfo()s. - - * lib/krb5/test_plugin.c: Set sin_len if it exists. - - * lib/krb5/krbhst.c: Use plugin for the other realm locate types - too. - -2006-11-12 Love Hörnquist Åstrand - - * lib/krb5/krb5_locl.h: Add plugin api - - * lib/krb5/Makefile.am: Add plugin api. - - * lib/krb5/krbhst.c: Use the resolve plugin interface. - - * lib/krb5/locate_plugin.h: Add plugin interface for resolving - that is API compatible with MITs version. - - * lib/krb5/plugin.c: Add first version of the plugin interface. - - * lib/krb5/test_pac.c: Test signing. - - * lib/krb5/pac.c: Add code to sign PACs, only arcfour for now. - - * lib/krb5/krb5.h: Add struct krb5_pac. - -2006-11-09 Love Hörnquist Åstrand - - * lib/krb5/test_pac.c: PAC testing. - - * lib/krb5/pac.c: Sprinkle error strings. - - * lib/krb5/pac.c: Verify LOGON_NAME. - - * kdc/pkinit.c (_kdc_pk_check_client): drop client_princ as an - argument - - * kdc/kerberos5.c (_kdc_as_rep): drop client_princ from - _kdc_pk_check_client since its not valid in canonicalize case - - * lib/krb5/krb5_c_make_checksum.3: Document krb5_c_keylength. - - * lib/krb5/mit_glue.c: Add krb5_c_keylength. - -2006-11-08 Love Hörnquist Åstrand - - * lib/krb5/pac.c: Almost enough code to do PAC parsing and - verification, missing in the unix2NTTIME and ucs2 corner. The - later will be adressed by finally adding libwind. - - * lib/krb5/krb5_init_context.3: document krb5_[gs]et_max_time_skew - - * kdc/hpropd.c: Remove support dumping to a kerberos 4 database. - -2006-11-07 Love Hörnquist Åstrand - - * lib/krb5/context.c: rename krb5_[gs]et_time_wrap to - krb5_[gs]et_max_time_skew - - * kdc/pkinit.c: Catch error string from hx509_cms_verify_signed. - Check for id-pKKdcEkuOID and warn if its not there. - - * lib/krb5/rd_req.c: Add more krb5_rd_req_out_get functions. - -2006-11-06 Love Hörnquist Åstrand - - * lib/krb5/krb5.h: krb5_rd_req{,_in,_out}_ctx. - - * lib/krb5/rd_req.c (krb5_rd_req_ctx): Add context all singing-all - dancing version of the krb5_rd_req and implement krb5_rd_req and - krb5_rd_req_with_keyblock using it. - -2006-11-04 Love Hörnquist Åstrand - - * kdc/kerberos5.c (_kdc_as_rep): More verbose time skew logging. - -2006-11-03 Love Hörnquist Åstrand - - * lib/krb5/expand_hostname.c: Rename various routines and - constants from canonize to canonicalize. From Andrew Bartlett - - * lib/krb5/context.c: Add krb5_[gs]et_time_wrap - - * lib/krb5/krb5_locl.h: Rename various routines and constants from - canonize to canonicalize. From Andrew Bartlett - - * appl/gssmask/common.c (add_list): fix alloc statement. - From Alex Deiter - -2006-10-25 Love Hörnquist Åstrand - - * include/Makefile.am: Move version.h and version.h.in to - DISTCLEANFILES. - -2006-10-24 Love Hörnquist Åstrand - - * appl/gssmask/gssmask.c: Only log when there are resources left. - - * appl/gssmask/gssmask.c: make compile - - * appl/gssmask/gssmask.c (AcquireCreds): free - krb5_get_init_creds_opt - -2006-10-23 Love Hörnquist Åstrand - - * configure.in: heimdal 0.8-RC1 - -2006-10-22 Love Hörnquist Åstrand - - * lib/krb5/digest.c: Try to not leak memory. - - * kdc/digest.c: Try to not leak memory. - - * Makefile.am: remove valgrind target, it doesn't belong here. - - * kuser/kinit.c: Try to not leak memory. - - * kuser/kgetcred.c: Try to not leak memory. - - * kdc/krb5tgs.c (check_KRB5SignedPath): free KRB5SignedPath on - successful completion too, not just the error cases. - - * fix-export: Make make fix-export less verbose. - - * kuser/kgetcred.c: Try to not leak memory. - - * lib/hdb/keys.c (hdb_generate_key_set): free list of enctype when - done. - - * lib/krb5/crypto.c: Allocate the memory we later use. - - * lib/krb5/test_princ.c: Try to not leak memory. - - * lib/krb5/test_crypto_wrapping.c: Try to not leak memory. - - * lib/krb5/test_cc.c: Try to not leak memory. - - * lib/krb5/addr_families.c (arange_free): Try to not leak memory. - - * lib/krb5/crypto.c (AES_string_to_key): Try to not leak memory. - -2006-10-21 Love Hörnquist Åstrand - - * tools/heimdal-build.sh: Add --test-environment - - * tools/heimdal-build.sh: Add --ccache-dir - - * lib/hdb/Makefile.am: remove dependency on et files covert_db - that now is removed - -2006-10-20 Love Hörnquist Åstrand - - * include/Makefile.am: add gssapi to subdirs - - * lib/hdb/hdb-ldap.c: Make compile. - - * configure.in: add include/gssapi/Makefile. - - * include/Makefile.am: clean more files - - * include/make_crypto.c: Avoid creating a file called --version. - - * include/bits.c: Avoid creating a file called --version. - - * appl/test/Makefile.am: add nt_gss_common.h - - * doc/Makefile.am: Disable TEXI2DVI for now. - - * tools/Makefile.am: more files - - * lib/krb5/context.c (krb5_free_context): free send_to_kdc context - - * doc/heimdal.texi: Put Heimdal in the dircategory Security. - - * lib/krb5/send_to_kdc.c: Add sent_to_kdc hook, from Andrew - Bartlet. - - * lib/krb5/krb5_locl.h: Add send_to_kdc hook. - - * lib/krb5/krb5.h: Add krb5_send_to_kdc_func prototype. - - * kcm/Makefile.am: more files - - * kdc/Makefile.am: more files - - * lib/hdb/Makefile.am: more files - - * lib/krb5/Makefile.am: add more files - -2006-10-19 Love Hörnquist Åstrand - - * tools/Makefile.am: Add heimdal-build.sh to EXTRA_DIST. - - * configure.in: Don't check for timegm, libroken provides it for - us. - - * lib/krb5/acache.c: Does function typecasts instead of void * - type-casts. - - * lib/krb5/krb5.h: Remove bonus , that Love sneeked in. - - * configure.in: make --disable-pk-init help text also negative - -2006-10-18 Love Hörnquist Åstrand - - * kuser/kgetcred.c: Avoid memory leak. - - * tools/heimdal-build.sh: Add more verbose logging, add version of - script and heimdal to the mail. - - * lib/hdb/db3.c: Wrap function call pointer calls in (*func) to - avoid macros rewriting open and close. - - * lib/krb5/Makefile.am: Add test_princ. - - * lib/krb5/principal.c: More error strings, handle realm-less - printing. - - * lib/krb5/test_princ.c: Test principal parsing and unparsing. - -2006-10-17 Love Hörnquist Åstrand - - * lib/krb5/get_host_realm.c (krb5_get_host_realm): make sure we - don't recurse - - * lib/krb5/get_host_realm.c (krb5_get_host_realm): no components - -> no dns. no mapping, try local realm and hope KDC knows better. - - * lib/krb5/krb5.h: Add flags for krb5_unparse_name_flags - - * lib/krb5/krb5_principal.3: Document - krb5_unparse_name{_fixed,}_flags. - - * lib/krb5/principal.c: Add krb5_unparse_name_flags and - krb5_unparse_name_fixed_flags. - - * lib/krb5/krb5_principal.3: Document krb5_parse_name_flags. - - * lib/krb5/principal.c: Add krb5_parse_name_flags. - - * lib/krb5/principal.c: Add krb5_parse_name_flags. - - * lib/krb5/krb5.h: Add krb5_parse_name_flags flags. - - * lib/krb5/krb5_locl.h: Hide krb5_context_data from public - exposure. - - * lib/krb5/krb5.h: Hide krb5_context_data from public exposure. - - * kuser/klist.c: Use krb5_get_kdc_sec_offset. - - * lib/krb5/context.c: Document krb5_get_kdc_sec_offset() - - * lib/krb5/krb5_init_context.3: Add krb5_get_kdc_sec_offset() - - * lib/krb5/krb5_init_context.3: Add krb5_set_dns_canonize_hostname - and krb5_get_dns_canonize_hostname - - * lib/krb5/verify_krb5_conf.c: - add [libdefaults]dns_canonize_hostname - - * lib/krb5/expand_hostname.c: use dns_canonize_hostname to - determin if we should talk to dns to find the canonical name of - the host. - - * lib/krb5/krb5.h (krb5_context): add dns_canonize_hostname. - - * tools/heimdal-build.sh: Set status. - - * appl/gssmask/gssmask.c: handle more bits - - * kdc/kerberos5.c: Prefix asn1 primitives with der_. - -2006-10-16 Love Hörnquist Åstrand - - * fix-export: Build lib/asn1/der-protos.h. - -2006-10-14 Love Hörnquist Åstrand - - * appl/gssmask/Makefile.am: Add explit depenency on libroken. - - * kdc/krb5tgs.c: Prefix der primitives with der_. - - * kdc/pkinit.c: Prefix der primitives with der_. - - * lib/hdb/ext.c: Prefix der primitives with der_. - - * lib/hdb/ext.c: Prefix der primitives with der_. - - * lib/krb5/crypto.c: Remove workaround from when there wasn't - always aes. - - * lib/krb5/ticket.c: Prefix der primitives with der_. - - * lib/krb5/digest.c: Prefix der primitives with der_. - - * lib/krb5/crypto.c: Prefix der primitives with der_. - - * lib/krb5/data.c: Prefix der primitives with der_. - -2006-10-12 Love Hörnquist Åstrand - - * kdc/pkinit.c (pk_mk_pa_reply_enckey): add missing break. From - Olga Kornievskaia. - - * kdc/kdc.8: document max-kdc-datagram-reply-length - - * include/bits.c: Include Xint64 types. - -2006-10-10 Love Hörnquist Åstrand - - * tools/heimdal-build.sh: Add socketwrapper and cputime limit. - - * kdc/connect.c (loop): Log that the kdc have started. - -2006-10-09 Love Hörnquist Åstrand - - * kdc/connect.c (do_request): tell krb5_kdc_process_request if its - a datagram reply or not - - * kdc/kerberos5.c: Reply KRB5KRB_ERR_RESPONSE_TOO_BIG error if its - a datagram reply and the datagram reply length limit is reached. - - * kdc/process.c: Rename krb5_kdc_process_generic_request to - krb5_kdc_process_request Add datagram_reply argument. - - * kdc/config.c: check for [kdc]max-kdc-datagram-reply-length - - * kdc/kdc.h (krb5_kdc_config): Add max_datagram_reply_length. - - * lib/hdb/keytab.c: Change || to |, From metze. - - * lib/hdb/keytab.c: Add back :file to sample format. - - * lib/hdb/keytab.c: Add more HDB_F flags to hdb_fetch. Pointed out - by Andrew Bartlet. - - * kdc/krb5tgs.c (tgs_parse_request): set cusec, not csec from - auth->cusec. - -2006-10-08 Love Hörnquist Åstrand - - * fix-export: dist_-ify libkadm5clnt_la_SOURCES too - - * doc/heimdal.texi: Update (c) years. - - * appl/gssmask/protocol.h: Clarify protocol. - - * kdc/hpropd.c: Adapt to signature change of - _krb5_principalname2krb5_principal. - - * kdc/kerberos4.c: Adapt to signature change of - _krb5_principalname2krb5_principal. - - * kdc/connect.c (handle_vanilla_tcp): shorten length when we - shorten the buffer, this matter im the PK-INIT encKey case where a - checksum is done over the whole packet. Reported by Olga - Kornievskaia - -2006-10-07 Love Hörnquist Åstrand - - * include/Makefile.am: crypto-headers.h is a nodist header - - * lib/krb5/aes-test.c: Make argument to PKCS5_PBKDF2_HMAC_SHA1 - unsigned char to make OpenSSL happy. - - * appl/kf/Makefile.am: Add man_MANS to EXTRA_DIST - - * kuser/Makefile.am: split build files into dist_ and noinst_ - SOURCES - - * lib/hdb/Makefile.am: split build files into dist_ and noinst_ - SOURCES - - * lib/krb5/Makefile.am: split build files into dist_ and noinst_ - SOURCES - - * kdc/kerberos5.c: Adapt to signature change of - _krb5_principalname2krb5_principal. - -2006-10-06 Love Hörnquist Åstrand - - * lib/krb5/krbhst.c (common_init): don't try DNS when there is - realm w/o a dot. - - * kdc/524.c: Adapt to signature change of - _krb5_principalname2krb5_principal. - - * kdc/krb5tgs.c: Adapt to signature change of - _krb5_principalname2krb5_principal. - - * lib/krb5/get_in_tkt.c: Adapt to signature change of - _krb5_principalname2krb5_principal. - - * lib/krb5/rd_cred.c: Adapt to signature change of - _krb5_principalname2krb5_principal. - - * lib/krb5/rd_req.c: Adapt to signature change of - _krb5_principalname2krb5_principal. - - * lib/krb5/asn1_glue.c (_krb5_principalname2krb5_principal): add - krb5_context to signature. - - * kdc/524.c (_krb5_principalname2krb5_principal): adapt to - signature change - - * lib/hdb/keytab.c (hdb_get_entry): close and destroy the database - later, the hdb_entry_ex might still contain links to the database - that it expects to use. - - * kdc/digest.c: Make digest argument o MD5_final unsigned char to - help OpenSSL. - - * kuser/kdigest.c: Make digest argument o MD5_final unsigned char - to help OpenSSL. - - * appl/gssmask/common.h: Maybe include . - -2006-10-05 Love Hörnquist Åstrand - - * appl/gssmask/common.h: disable ENABLE_PTHREAD_SUPPORT and - explain why - - * tools/heimdal-build.sh: Another mail header. - - * tools/heimdal-build.sh: small fixes - - * fix-export: More liberal parsing of AC_INIT - - * tools/heimdal-build.sh: first cut - -2006-10-04 Love Hörnquist Åstrand - - * configure.in: Call AB_INIT. - - * kuser/kinit.c: Add flag --pk-use-enckey. - - * kdc/pkinit.c: Sign the request in the encKey case. Bug reported - by Olga Kornievskaia of Umich. - - * lib/krb5/Makefile.am: man_MANS += krb5_digest.3 - - * lib/krb5/krb5_digest.3: Add all protos - -2006-10-03 Love Hörnquist Åstrand - - * lib/krb5/krb5_digest.3: Basic krb5_digest manpage. - -2006-10-02 Love Hörnquist Åstrand - - * fix-export: build gssapi mech private files - - * lib/krb5/init_creds_pw.c: minimize layering and remove - krb5_kdc_flags - - * lib/krb5/get_in_tkt.c: Always use the kdc_flags in the right bit - order. - - * lib/krb5/init_creds_pw.c: Always use the kdc_flags in the right - bit order. - - * kuser/kdigest.c: Don't require --kerberos-realm. - - * lib/krb5/digest.c (digest_request): if NULL is passed in as - realm, use default realm. - - * fix-export: build gssapi mech private files - -2006-09-26 Love Hörnquist Åstrand - - * appl/gssmask/gssmaestro.c: Handle FIRST_CALL in the context - building, better error handling. - - * appl/gssmask/gssmaestro.c: switch from wrap/unwrap to - encrypt/decrypt - - * appl/gssmask/gssmask.c: Don't announce spn if there is none. - - * appl/gssmask/gssmaestro.c: Check that the pre-wrapped data is - the same as afterward. - -2006-09-25 Love Hörnquist Åstrand - - * appl/gssmask/gssmaestro.c: Remove stray GSS_C_DCE_STYLE. - - * appl/gssmask/gssmaestro.c: Add logsocket support. - -2006-09-22 Love Hörnquist Åstrand - - * appl/gssmask/gssmaestro.c (build_context): print the step the - context exchange. - -2006-09-21 Love Hörnquist Åstrand - - * appl/gssmask/gssmaestro.c: Add GSS_C_INTEG_FLAG|GSS_C_CONF_FLAG - to all context flags - - * appl/gssmask/gssmaestro.c: Add wrap and mic tests for all - elements - - * appl/gssmask/gssmask.c: Add mic tests - - * appl/gssmask/gssmaestro.c: dont exit early then when context - is half built. - - * lib/krb5/rd_req.c: disable ETypeList parsing usage for now, cfx - seems broken and its not good to upgrade to a broken enctype. - -2006-09-20 Love Hörnquist Åstrand - - * appl/gssmask/gssmask.c: Add wrap/unwrap ops - - * appl/gssmask/protocol.h: Add eGetVersionAndCapabilities flags - - * appl/gssmask/common.c: Add permutate_all (and support - functions). - - * appl/gssmask/common.h: Add permutate_all - - * appl/gssmask/gssmask.c: use new flags, return moniker - - * appl/gssmask/gssmaestro.c: test self context building and all - permutation of clients - -2006-09-19 Love Hörnquist Åstrand - - * appl/gssmask/gssmask.c: add --logfile option, use htons() on - port number - - * appl/gssmask/gssmaestro.c: Log port in connection message. - - * configure.in: Make pk-init turned on by default. - -2006-09-18 Love Hörnquist Åstrand - - * fix-export: Build lib/hx509/{hx509-protos.h,hx509-private.h}. - - * kuser/Makefile.am: Add tool for printing tickets. - - * kuser/kimpersonate.1: Add tool for printing tickets. - - * kuser/kimpersonate.c: Add tool for printing tickets. - - * kdc/krb5tgs.c: Check the adtkt in the constrained delegation - case too. - -2006-09-16 Love Hörnquist Åstrand - - * kdc/main.c (sigterm): don't _exit, let loop() catch the signal - instead. - - * lib/krb5/krb5_timeofday.3: Fixes from Björn Sandell. - - * lib/krb5/krb5_get_init_creds.3: Fixes from Björn Sandell. - -2006-09-15 Love Hörnquist Åstrand - - * tools/krb5-config.in: Add "kafs" option. - -2006-09-12 Love Hörnquist Åstrand - - * lib/hdb/db.c: By using full function calling conversion (*func) - we avoid problem when close(fd) is overridden using a macro. - - * lib/krb5/cache.c: By using full function calling - conversion (*func) we avoid problem when close(fd) is overridden - using a macro. - -2006-09-11 Love Hörnquist Åstrand - - * kdc/kerberos5.c: Signing outgoing tickets. - - * kdc/krb5tgs.c: Add signing and checking of tickets to s4u2self - works securely. - - * lib/krb5/pkinit.c: Adapt to new signature of - hx509_cms_unenvelope. - -2006-09-09 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c (pk_verify_host): set errorstrings in a - sensable way - -2006-09-08 Love Hörnquist Åstrand - - * lib/krb5/krb5_init_context.3: Prevent a font generation warning, - from Jason McIntyre. - -2006-09-06 Love Hörnquist Åstrand - - * lib/krb5/context.c (krb5_init_ets): Add the hx errortable - - * lib/krb5/krb5_locl.h: Include hx509_err.h. - - * lib/krb5/pkinit.c (_krb5_pk_verify_sign): catch the error string - from the hx509 lib - -2006-09-04 Love Hörnquist Åstrand - - * lib/krb5/init_creds.c (krb5_get_init_creds_opt_set_default_flags): - fix argument to krb5_get_init_creds_opt_set_addressless. - - * lib/krb5/init_creds_pw.c (init_cred_loop): try to catch the - error when we actually have an error to catch. - - * lib/krb5/init_creds_pw.c: Remove debug printfs. - - * kuser/kinit.c: Remove debug printf - - * lib/krb5/krb5_get_init_creds.3: Document - krb5_get_init_creds_opt_set_addressless. - - * kuser/kinit.c: Use new function - krb5_get_init_creds_opt_set_addressless. - - * lib/krb5/krb5_locl.h: use new addressless, convert pa-pac option - to use the same tri-state option as the new addressless option. - - * lib/krb5/init_creds_pw.c: use new addressless, convert pa-pac - option to use the same tri-state option as the new addressless - option. - - * lib/krb5/init_creds.c (krb5_get_init_creds_opt_set_addressless): - used to control the address-lessness of the initial tickets - instead of passing in the empty set of address into - krb5_get_init_creds_opt_set_addresses. - -2006-09-01 Love Hörnquist Åstrand - - * kuser/kinit.c (renew_validate): inherit the proxiable and - forwardable from the orignal ticket, pointed out by Bernard - Antoine of CERN. - - * doc/setup.texi: More text about the acl_file entry and - hdb-ldap-structural-object. From Rüdiger Ranft. - - * lib/krb5/krbhst.c (fallback_get_hosts): limit the fallback - lookups to 5. Patch from Wesley Craig, umich.edu - - * configure.in: Add special tests for , include test - for sys/param.h and sys/types.h - - * appl/test/tcp_server.c (proto): use keytab for krb5_recvauth - Patch from Ingemar Nilsson - -2006-08-28 Love Hörnquist Åstrand - - * kuser/kdigest.c (help): use sl_slc_help(). - - * kdc/digest.c: Catch more error, add SASL DIGEST MD5. - - * lib/krb5/digest.c: Catch more error. - -2006-08-25 Love Hörnquist Åstrand - - * doc/setup.texi: language. - - * doc/heimdal.texi: Add last updated text. - - * doc/heimdal.css: make box around heimdal title - - * doc/heimdal.css: Inital Heimdal css for the info manual - - * lib/krb5/digest.c: In the case where we get a DigestError back, - save the error string and code. - -2006-08-24 Love Hörnquist Åstrand - - * kdc/kerberos5.c: Remove _kdc_find_etype(), its no longer used. - - * kdc/digest.c: Remove local error label and have just one exit - label, set error strings properly. - - * kdc/digest.c: Simply the disabled-service case. Check the - allow-digest flag in the HDB entry for the client. - - * kdc/process.c (krb5_kdc_process_generic_request): check if we - got a digest request and process it. - - * kdc/main.c: Register hdb keytab operations. - - * kdc/kdc.8: document [kdc]enable-digest=boolean - - * kdc/Makefile.am: add digest to libkdc - - * kdc/digest.c: Make a return a goto to avoid freeing un-inited - memory in cleanup code. - - * kdc/default_config.c (krb5_kdc_default_config): default to all - bits set to zero. - - * kdc/kdc.h (krb5_kdc_configuration): Add enable_digest - - * kdc/headers.h: Include . - - * lib/krb5/context.c (krb5_kerberos_enctypes): new function, - returns the list of Kerberos encryption types sorted in order of - most preferred to least preferred encryption type. - - * kdc/misc.c (_kdc_get_preferred_key): new function, Use the order - list of preferred encryption types and sort the available keys and - return the most preferred key. - - * kdc/krb5tgs.c: Adapt to the new sigature of _kdc_find_keys(). - - * kdc/kerberos5.c: Handle session key etype separately from the - tgt etype, now the krbtgt can be a aes-only key without the need - to support not-as-good etypes for the krbtgt. - -2006-08-23 Love Hörnquist Åstrand - - * kdc/misc.c: Change _kdc_db_fetch() to return the database - pointer to if needed by the consumer. - - * kdc/krb5tgs.c: Change _kdc_db_fetch() to return the database - pointer to if needed by the consumer. - - * kdc/kerberos5.c: Change _kdc_db_fetch() to return the database - pointer to if needed by the consumer. - - * kdc/kerberos4.c: Change _kdc_db_fetch() to return the database - pointer to if needed by the consumer. - - * kdc/kaserver.c: Change _kdc_db_fetch() to return the database - pointer to if needed by the consumer. - - * kdc/524.c: Change _kdc_db_fetch() to return the database pointer - to if needed by the consumer. - - * kuser/kdigest-commands.in: Add --kerberos-realm, add client - request command. - - * lib/krb5/Makefile.am: digest.c - - * lib/krb5/krb5.h: Add digest glue. - - * lib/krb5/digest.c (krb5_digest_set_authentication_user): use - krb5_principal - - * lib/krb5/digest.c: Add digest support to the client side. - -2006-08-21 Love Hörnquist Åstrand - - * lib/krb5/rd_rep.c (krb5_rd_rep): free krb5_ap_rep_enc_part on - error and set return pointer to NULL - (krb5_free_ap_rep_enc_part): permit freeing of NULL - -2006-08-18 Love Hörnquist Åstrand - - * kdc/{Makefile.am,kdigest.c,kdigest-commands.in}: - Frontend for remote digest service in KDC - - * lib/krb5/krb5_storage.3: Document krb5_{ret,store}_stringnl - functions. - - * lib/krb5/store.c: Add krb5_{ret,store}_stringnl functions, - stores/retrieves a \n terminated string. - - * lib/krb5/krb5_locl.h: Default to address-less tickets. - - * lib/krb5/init_creds.c (krb5_get_init_creds_opt_get_error): clear - error string on error. - -2006-07-20 Love Hörnquist Åstrand - - * lib/krb5/crypto.c: remove aes-192 (CMS) - - * lib/krb5/crypto.c: Remove more CMS bits. - - * lib/krb5/crypto.c: Remove CMS symmetric encryption support. - -2006-07-13 Love Hörnquist Åstrand - - * kdc/pkinit.c (_kdc_pk_check_client): make it not crash when - there are no acl - - * kdc/pkinit.c (_kdc_pk_check_client): use the acl in the kerberos - database - - * lib/hdb/hdb.asn1: Rename HDB-Ext-PKINIT-certificate to - HDB-Ext-PKINIT-hash. Add trust anchor to HDB-Ext-PKINIT-acl. - - * lib/hdb/Makefile.am: rename asn1_HDB_Ext_PKINIT_certificate to - asn1_HDB_Ext_PKINIT_hash - - * lib/hdb/ext.c: Add hdb_entry_get_pkinit_hash(). - -2006-07-10 Love Hörnquist Åstrand - - * kuser/kinit.c: If --password-file gets STDIN, read the password - from the standard input. - - * kuser/kinit.1: Document --password-file=STDIN. - - * lib/krb5/krb5_string_to_key.3: Remove duplicate to. - -2006-07-06 Love Hörnquist Åstrand - - * kdc/krb5tgs.c: (tgs_build_reply): when checking for removed - principals, check the second component of the krbtgt, otherwise - cross realm wont work. Prompted by report from Mattias Amnefelt. - -2006-07-05 Love Hörnquist Åstrand - - * kdc/connect.c (handle_vanilla_tcp): use unsigned integer for for - length - (handle_tcp): if the high bit it set in the unknown case, send - back a KRB_ERR_FIELD_TOOLONG - -2006-07-03 Love Hörnquist Åstrand - - * appl/gssmask/gssmaestro.c: Add get_version_capa, cache - target_name. - - * appl/gssmask/gssmask.c: use utname() to find the local hostname - and version of operatingsystem - - * appl/gssmask/common.h: include - - * appl/gssmask/gssmask.c: break out creation of a client and make - handleServer pthread_create compatible - - * appl/gssmask/gssmaestro.c: break out out the build context - function - -2006-07-01 Love Hörnquist Åstrand - - * appl/gssmask/gssmaestro.c: externalize slave handling, add - GetTargetName glue - - * appl/gssmask/gssmaestro.c: externalize principal/password handling - - * lib/krb5/principal.c (krb5_parse_name): set *principal to NULL - the first thing we do, so that on failure its set to a known value - - * appl/gssmask/gssmask.c: AcquireCreds: set principal to NULL to - avoid memory corruption GetTargetName: always send a string, even - though we don't have a targetname - - * appl/gssmask: break out common function; add gssmaestro (that - only tests one context for now) - -2006-06-30 Love Hörnquist Åstrand - - * lib/krb5/store_fd.c (krb5_storage_from_fd): don't leak fd on - malloc failure - - * appl/gssmask/gssmask.c: split out fetching of credentials for - easier reuse for pk-init testing - - * appl/gssmask: maggot replacement, handles context testing - - * lib/krb5/cache.c (krb5_cc_new_unique): use KRB5_DEFAULT_CCNAME - as the default prefix - -2006-06-28 Love Hörnquist Åstrand - - * doc/heimdal.texi: Add Doug Rabson's license - -2006-06-22 Love Hörnquist Åstrand - - * lib/krb5/init_creds.c: Add storing and getting KRB-ERROR in the - krb5_get_init_creds_opt structure. - - * lib/krb5/init_creds_pw.c: Save KRB-ERROR on error. - - * lib/krb5/krb5_locl.h (_krb5_get_init_creds_opt_private): add - KRB-ERROR - -2006-06-21 Love Hörnquist Åstrand - - * doc/setup.texi: section about verify_krb5_conf and kadmin check - -2006-06-15 Love Hörnquist Åstrand - - * lib/krb5/init_creds_pw.c (get_init_creds_common): drop cred - argument, its unused - - * lib/krb5/Makefile.am: install krb5_get_creds.3 - - * lib/krb5/krb5_get_creds.3: new file - -2006-06-14 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c: don't use the sambaNTPassword if there is - ARCFOUR key already. Idea from Andreas Hasenack. While here, set - pw change time using sambaPwdLastSet - - * kdc/kerberos4.c: Use enable_v4_per_principal and check the new - hdb flag. - - * kdc/kdc.h: Add enable_v4_per_principal - -2006-06-12 Love Hörnquist Åstrand - - * kdc/kerberos5.c (_kdc_as_rep): if kdc_time + - config->kdc_warn_pwexpire is past pw_end, add expiration - message. From Bernard Antoine. - - * kdc/default_config.c (krb5_kdc_default_config): set - kdc_warn_pwexpire to 0 - - * kdc/kerberos5.c: indent. - -2006-06-07 Love Hörnquist Åstrand - - * kdc/kerberos5.c: constify - -2006-06-06 Love Hörnquist Åstrand - - * lib/krb5/get_cred.c: Allow setting additional tickets in the - tgs-req - - * kuser/kgetcred.c: add --delegation-credential-cache - - * kdc/krb5tgs.c (tgs_build_reply): add constrained delegation. - - * kdc/krb5tgs.c: Add impersonation. - - * kuser/kgetcred.c: use new krb5_get_creds interface, add - impersonation. - - * lib/krb5/get_cred.c (krb5_get_creds): add - KRB5_GC_NO_TRANSIT_CHECK - - * lib/krb5/misc.c: Add impersonate support functions. - - * lib/krb5/get_cred.c: Add impersonate and new krb5_get_creds interface. - - * lib/hdb/hdb.asn1 (HDBFlags): add trusted-for-delegation - - * lib/krb5/krb5.h: Add krb5_get_creds_opt_data and some more - KRB5_GC flags. - -2006-06-01 Love Hörnquist Åstrand - - * lib/hdb/ext.c (hdb_entry_get_ConstrainedDelegACL): new function. - - * lib/krb5/pkinit.c: Avoid more shadowing. - - * kdc/connect.c (do_request): clean reply with krb5_data_zero - - * kdc/krb5tgs.c: Split up the reverse cross krbtgt check and local - clien must exists test. - - * kdc/krb5tgs.c: Plug old memory leaks, unify all goto's. - - * kdc/krb5tgs.c: Split tgs_rep2 into tgs_parse_request and - tgs_build_reply. - - * kdc/kerberos5.c: split out krb5 tgs req to make it easier to - reorganize the code. - -2006-05-29 Love Hörnquist Åstrand - - * lib/krb5/krb5_get_init_creds.3: spelling Björn Sandell - - * lib/krb5/krb5_get_in_cred.3: spelling Björn Sandell - -2006-05-13 Love Hörnquist Åstrand - - * kpasswd/kpasswdd.c (change): select the realm based on the - target principal From Gabor Gombas - - * lib/krb5/krb5_get_init_creds.3: Add KRB5_PROMPT_TYPE_INFO - - * lib/krb5/krb5.h: Add KRB5_PROMPT_TYPE_INFO - -2006-05-12 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: Hidden field of hx509 prompter is removed. - Fix a warning. - - * doc/setup.texi: Point to more examples, hint that you have to - use openssl 0.9.8a or later. - - * doc/setup.texi: DIR now handles both PEM and DER. - - * kuser/kinit.c: Pass down prompter and password to - krb5_get_init_creds_opt_set_pkinit. - - * lib/krb5/pkinit.c (_krb5_pk_load_id): only use password if its - longer then 0 - - * doc/ack.texi: Add Jason McIntyre. - - * lib/krb5/krb5_acl_match_file.3: Various tweaks, from Jason - McIntyre. - -2006-05-11 Love Hörnquist Åstrand - - * kuser/kinit.c: Move parsing of the PK-INIT configuration file to - the library so application doesn't need to deal with it. - - * lib/krb5/pkinit.c (krb5_get_init_creds_opt_set_pkinit): move - parsing of the configuration file to the library so application - doesn't need to deal with it. - - * lib/krb5/pkinit.c (_krb5_pk_load_id): pass the hx509_lock to - when trying to read the user certificate. - - * lib/krb5/pkinit.c (hx_pass_prompter): return 0 on success and 1 - on failure. Pointed out by Douglas E. Engert. - -2006-05-08 Love Hörnquist Åstrand - - * lib/krb5/crypto.c: Catches both keyed checkout w/o crypto - context cases and doesn't reset the string, and corrects the - grammar. - - * lib/krb5/crypto.c: Drop aes-cbc, rc2 and CMS padding support, - its all containted in libhcrypto and libhx509 now. - -2006-05-07 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c (_krb5_pk_verify_sign): Use - hx509_get_one_cert. - - * lib/krb5/crypto.c (create_checksum): provide a error message - that a key checksum needs a key. From Andew Bartlett. - -2006-05-06 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: Now that hcrypto supports DH, remove check - for hx509 null DH. - - * kdc/pkinit.c: Don't call DH_check_pubkey, it doesn't exists in - older OpenSSL. - - * doc/heimdal.texi: Add blob about imath. - - * doc/ack.texi: Add blob about imath. - - * include/make_crypto.c: Move up evp.h to please OpenSSL, from - Douglas E. Engert. - - * kcm/acl.c: Multicache kcm interation isn't done yet, let wait - with this enum. - -2006-05-05 Love Hörnquist Åstrand - - * lib/krb5/krb5_set_default_realm.3: Spelling/mdoc from Björn - Sandell - - * lib/krb5/krb5_rcache.3: Spelling/mdoc from Björn Sandell - - * lib/krb5/krb5_keytab.3: Spelling/mdoc from Björn Sandell - - * lib/krb5/krb5_get_in_cred.3: Spelling/mdoc from Björn Sandell - - * lib/krb5/krb5_expand_hostname.3: Spelling/mdoc from Björn - Sandell - - * lib/krb5/krb5_c_make_checksum.3: Spelling/mdoc from Björn - Sandell - - * lib/krb5/keytab_file.c (fkt_next_entry_int): read the 32 bit - kvno if the reset of the data is longer then 4 bytes in hope to be - forward compatible. Pointed out by Michael B Allen. - - * doc/programming.texi: Add fileformats. - - * appl/test: Rename u_intXX_t to uintXX_t - - * kuser: Rename u_intXX_t to uintXX_t - - * kdc: Rename u_intXX_t to uintXX_t - - * lib/hdb: Rename u_intXX_t to uintXX_t - - * lib/45]: Rename u_intXX_t to uintXX_t - - * lib/krb5: Rename u_intXX_t to uintXX_t - - * lib/krb5/Makefile.am: Add test_store to TESTS - - * lib/krb5/pkinit.c: Catch using hx509 null DH and print a more - useful error message. - - * lib/krb5/store.c: Rewrite the krb5_ret_u as proposed by Johan. - -2006-05-04 Love Hörnquist Åstrand - - * kdc/kerberos4.c: Use the new unsigned integer storage types. - - * kdc/kaserver.c: Use the new unsigned integer storage - types. Sprinkle some error handling. - - * lib/krb5/krb5_storage.3: Document ret and store function for the - unsigned fixed size integer types. - - * lib/krb5/v4_glue.c: Use the new unsigned integer storage - types. Fail that the address doesn't match, not the reverse. - - * lib/krb5/store.c: Add ret and store function for the unsigned - fixed size integer types. - - * lib/krb5/test_store.c: Test the integer storage types. - -2006-05-03 Love Hörnquist Åstrand - - * lib/krb5/store.c (krb5_store_principal): make it take a - krb5_const_principal, indent - - * lib/krb5/krb5_storage.3: krb5_store_principal takes a - krb5_const_principal - - * lib/krb5/pkinit.c: Deal with that hx509_prompt.reply is no - longer a pointer. - - * kdc/kdc.h (krb5_kdc_configuration): add pkinit_kdc_ocsp_file - - * kdc/config.c: read [kdc]pki-kdc-ocsp - -2006-05-02 Love Hörnquist Åstrand - - * kdc/pkinit.c (_kdc_pk_mk_pa_reply): send back ocsp response if - it seems to be valid, simplfy the pkinit-windows DH case (it - doesn't exists). - -2006-05-01 Love Hörnquist Åstrand - - * lib/krb5/krb5_warn.3: Spelling/mdoc changes, from Björn Sandell. - - * lib/krb5/krb5_verify_user.3: Spelling/mdoc changes, from Björn - Sandell. - - * lib/krb5/krb5_verify_init_creds.3: Spelling/mdoc changes, from - Björn Sandell. - - * lib/krb5/krb5_timeofday.3: Spelling/mdoc changes, from Björn - Sandell. - - * lib/krb5/krb5_ticket.3: Spelling/mdoc changes, from Björn - Sandell. - - * lib/krb5/krb5_rd_safe.3: Spelling/mdoc changes, from Björn - Sandell. - - * lib/krb5/krb5_rcache.3: Spelling/mdoc changes, from Björn - Sandell. - - * lib/krb5/krb5_principal.3: Spelling/mdoc changes, from Björn - Sandell. - - * lib/krb5/krb5_parse_name.3: Spelling/mdoc changes, from Björn - Sandell. - - * lib/krb5/krb5_mk_safe.3: Spelling/mdoc changes, from Björn - Sandell. - - * lib/krb5/krb5_keyblock.3: Spelling/mdoc changes, from Björn - Sandell. - - * lib/krb5/krb5_is_thread_safe.3: Spelling/mdoc changes, from - Björn Sandell. - - * lib/krb5/krb5_generate_random_block.3: Spelling/mdoc changes, - from Björn Sandell. - - * lib/krb5/krb5_generate_random_block.3: Spelling/mdoc changes, - from Björn Sandell. - - * lib/krb5/krb5_expand_hostname.3: Spelling/mdoc changes, from - Björn Sandell. - - * lib/krb5/krb5_check_transited.3: Spelling/mdoc changes, from - Björn Sandell. - - * lib/krb5/krb5_c_make_checksum.3: Spelling/mdoc changes, from - Björn Sandell. - - * lib/krb5/krb5_address.3: Spelling/mdoc changes, from - Björn Sandell. - - * lib/krb5/krb5_acl_match_file.3: Spelling/mdoc changes, from - Björn Sandell. - - * lib/krb5/krb5.3: Spelling, from Björn Sandell. - - * doc/ack.texi: add Björn - -2006-04-30 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c (cert2epi): don't include subject if its null - -2006-04-29 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: Send over what trust anchors the client have - configured. - - * lib/krb5/pkinit.c (pk_verify_host): set better error string, - only check kdc name/address when we got a hostname/address passed - in the the function. - - * kdc/pkinit.c (_kdc_pk_check_client): reorganize and make log - when a SAN matches. - -2006-04-28 Love Hörnquist Åstrand - - * doc/setup.texi: More options and some text about windows - clients, certificate and KDCs. - - * doc/setup.texi: notice about pki-mappings file space sensitive - - * doc/setup.texi: Example pki-mapping file. - - * lib/krb5/pkinit.c (pk_verify_host): verify hostname/address - - * lib/hdb/hdb.h: Bump hdb interface version to 4. - -2006-04-27 Love Hörnquist Åstrand - - * kuser/kdestroy.1: Document --credential=principal. - - * kdc/kerberos5.c (tgs_rep2): check that the client exists in the - kerberos database if its local request. - - * kdc/{misc.c,524.c,kaserver.c,kerberos5.c}: pass down HDB_F_GET_ - flags as appropriate - - * kdc/kerberos4.c (_kdc_db_fetch4): pass down flags though - krb5_425_conv_principal_ext2 - - * kdc/misc.c (_kdc_db_fetch): Break out the that we request from - principal from the entry and pass it in as a seprate argument. - - * lib/hdb/keytab.c (hdb_get_entry): Break out the that we request - from principal from the entry and pass it in as a seprate - argument. - - * lib/hdb/common.c: Break out the that we request from principal - from the entry and pass it in as a seprate argument. - - * lib/hdb/hdb.h: Break out the that we request from principal from - the entry and pass it in as a seprate argument. Add more flags to - ->hdb_get(). Re-indent. - -2006-04-26 Love Hörnquist Åstrand - - * doc/setup.texi: document pki-allow-proxy-certificate - - * kdc/pkinit.c: Add option [kdc]pki-allow-proxy-certificate=bool - to allow using proxy certificate. - - * lib/krb5/pkinit.c (_krb5_pk_allow_proxy_certificates): expose - hx509_verify_set_proxy_certificate - - * kdc/pkinit.c (_kdc_pk_check_client): Use - hx509_cert_get_base_subject to get subject name of the - certificate, needed for proxy certificates. - - * kdc/kerberos5.c: Now that find_keys speaks for it self, remove - extra logging. - - * kdc/kerberos5.c (find_keys): add client_name and server_name - argument and use them, and adapt callers. - -2006-04-25 Love Hörnquist Åstrand - - * kuser/kinit.1: document option password-file - - * kuser/kinit.c: Add option password-file, read password from the - first line of a file. - - * configure.in: make tests/kdc/Makefile - - * kdc/kerberos5.c: Catch the case where the client sends no - encryption types or no pa-types. - - * lib/hdb/ext.c (hdb_replace_extension): set error message on - failure, not success. - - * lib/hdb/keys.c (parse_key_set): handle error case better - (hdb_generate_key_set): return better error - -2006-04-24 Love Hörnquist Åstrand - - * lib/hdb/hdb.c (hdb_create): print out what we don't support - - * lib/krb5/principal.c: Remove a double free introduced in 1.93 - - * lib/krb5/log.c (log_file): reset pointer to freed memory - - * lib/krb5/keytab_keyfile.c (get_cell_and_realm): reset d->cell to - make sure its not refereced - - * tools/krb5-config.in: libhcrypto might depend on libasn1, switch - order - - * lib/krb5/recvauth.c: indent - - * doc/heimdal.texi: Add Setting up PK-INIT to Detailed Node - Listing. - - * lib/krb5/pkinit.c: Pass down realm to pk_verify_host so the - function can verify the certificate is from the right realm. - - * lib/krb5/init_creds_pw.c: Pass down realm to - _krb5_pk_rd_pa_reply - -2006-04-23 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c (pk_verify_host): Add begining of finding - subjectAltName_otherName pk-init-san and verifing it. - - * lib/krb5/sendauth.c: reindent - - * doc/Makefile.am: use --no-split to make one large file, mostly - for html - - * doc/setup.texi: "document" pkinit_require_eku and - pkinit_require_krbtgt_otherName - - * lib/krb5/pkinit.c: Add pkinit_require_eku and - pkinit_require_krbtgt_otherName - - * doc/setup.texi: Add text about pk-init - - * tools/kdc-log-analyze.pl: count v5 cross realms too - -2006-04-22 Love Hörnquist Åstrand - - * kdc/pkinit.c: Adapt to change in hx509_cms_create_signed_1. - - * lib/krb5/pkinit.c: Adapt to change in hx509_cms_create_signed_1. - -2006-04-20 Love Hörnquist Åstrand - - * kdc/pkinit.c (_kdc_pk_rd_padata): use - hx509_cms_unwrap_ContentInfo. - - * kdc/config.c: unbreak - - * lib/krb5/pkinit.c: Handle diffrences between libhcrypto and - libcrypto. - - * kdc/config.c: Rename pki-chain to pki-pool to match rest of - code. - -2006-04-12 Love Hörnquist Åstrand - - * lib/krb5/rd_priv.c: Fix argument to krb5_data_zero. - - * kdc/config.c: Added certificate revoke information from - configuration file. - - * kdc/pkinit.c: Added certificate revoke information. - - * kuser/kinit.c: Added certificate revoke information from - configuration file. - - * lib/krb5/pkinit.c (_krb5_pk_load_id): Added certificate revoke - information, ie CRL's - -2006-04-10 Love Hörnquist Åstrand - - * lib/krb5/replay.c (krb5_rc_resolve_full): make compile again. - - * lib/krb5/keytab_krb4.c (krb4_kt_start_seq_get_int): make compile - again. - - * lib/krb5/transited.c (make_path): make sure we return allocated - memory Coverity, NetBSD CID#1892 - - * lib/krb5/transited.c (make_path): make sure we return allocated - memory Coverity, NetBSD CID#1892 - - * lib/krb5/rd_req.c (krb5_verify_authenticator_checksum): on - protocol failure, avoid leaking memory Coverity, NetBSD CID#1900 - - * lib/krb5/principal.c (krb5_parse_name): remember to free realm - in case of error Coverity, NetBSD CID#1883 - - * lib/krb5/principal.c (krb5_425_conv_principal_ext2): remove - memory leak in case of weird formated dns replys. - Coverity, NetBSD CID#1885 - - * lib/krb5/replay.c (krb5_rc_resolve_full): don't return pointer - to a allocated krb5_rcache in case of error. - - * lib/krb5/log.c (krb5_addlog_dest): free fn in case of error - Coverity, NetBSD CID#1882 - - * lib/krb5/keytab_krb4.c: Fix deref before NULL check, fix error - handling. Coverity, NetBSD CID#2369 - - * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): - in_creds->client should always be set, assume so. - - * lib/krb5/keytab_any.c (any_next_entry): restructure to make it - easier to read Fixes Coverity, NetBSD CID#625 - - * lib/krb5/crypto.c (krb5_string_to_key_derived): deref after NULL - check. Coverity NetBSD CID#2367 - - * lib/krb5/build_auth.c (krb5_build_authenticator): use - calloc. removed check that was never really used. Coverity NetBSD - CID#2370 - -2006-04-09 Love Hörnquist Åstrand - - * lib/krb5/rd_req.c (krb5_verify_ap_req2): make sure `ticket´ - points to NULL in case of error, add error handling, use calloc. - - * kpasswd/kpasswdd.c (doit): when done, close all fd in the - sockets array and free it. Coverity NetBSD CID#1916 - -2006-04-08 Love Hörnquist Åstrand - - * lib/krb5/store.c (krb5_ret_principal): fix memory leak Coverity, - NetBSD CID#1695 - - * kdc/524.c (_kdc_do_524): Handle memory allocation failure - Coverity, NetBSD CID#2752 - -2006-04-07 Love Hörnquist Åstrand - - * lib/krb5/keytab_file.c (krb5_kt_ret_principal): plug a memory - leak Coverity NetBSD CID#1890 - - * kdc/hprop.c (main): make sure type doesn't need to be set - - * kdc/mit_dump.c (mit_prop_dump): close fd when done processing - Coverity NetBSD CID#1955 - - * kdc/string2key.c (tokey): catch warnings, free memory after use. - Based on Coverity NetBSD CID#1894 - - * kdc/hprop.c (main): remove dead code. Coverity NetBSD CID#633 - -2006-04-04 Love Hörnquist Åstrand - - * kpasswd/kpasswd-generator.c (read_words): catch empty file case, - will cause PBE (division by zero) later. From Tobias Stoeckmann. - -2006-04-02 Love Hörnquist Åstrand - - * lib/hdb/keytab.c: Remove a delta from last revision that should - have gone in later. - - * lib/krb5/krbhst.c: fix spelling - - * lib/krb5/send_to_kdc.c (send_and_recv_http): don't expose freed - pointer, found by IBM checker. - - * lib/krb5/rd_cred.c (krb5_rd_cred): don't expose freed pointer, - found by IBM checker. - - * lib/krb5/addr_families.c (krb5_make_addrport): clear return - value on error, found by IBM checker. - - * kdc/kerberos5.c (check_addresses): treat netbios as no addresses - - * kdc/{kerberos4,kaserver}.c: _kdc_check_flags takes hdb_entry_ex - - * kdc/kerberos5.c (_kdc_check_flags): make it take hdb_entry_ex to - avoid ?:'s at callers - - * lib/krb5/v4_glue.c: Avoid using free memory, found by IBM - checker. - - * lib/krb5/transited.c (expand_realm): avoid passing NULL to - strlen, found by IBM checker. - - * lib/krb5/rd_cred.c (krb5_rd_cred): avoid a memory leak on malloc - failure, found by IBM checker. - - * lib/krb5/krbhst.c (_krb5_krbhost_info_move): replace a strcpy - with a memcpy - - * lib/krb5/keytab_keyfile.c (get_cell_and_realm): plug a memory - leak, found by IBM checker. - - * lib/krb5/keytab_file.c (fkt_next_entry_int): remove a - dereferencing NULL pointer, found by IBM checker. - - * lib/krb5/init_creds_pw.c (init_creds_init_as_req): in AS-REQ the - cname must always be given, don't avoid that fact and remove a - cname == NULL case. Plugs a memory leak found by IBM checker. - - * lib/krb5/init_creds_pw.c (default_s2k_func): avoid exposing - free-ed memory on error. Found by IBM checker. - - * lib/krb5/init_creds.c (_krb5_get_init_creds_opt_copy): use - calloc to avoid uninitialized memory problem. - - * lib/krb5/data.c (krb5_copy_data): avoid exposing free-ed memory - on error. Found by IBM checker. - - * lib/krb5/fcache.c (fcc_gen_new): fix a use after free, found by - IBM checker. - - * lib/krb5/config_file.c (krb5_config_vget_strings): IBM checker - thought it found a memory leak, it didn't, but there was another - error in the code, lets fix that instead. - - * lib/krb5/cache.c (_krb5_expand_default_cc_name): plug memory - leak. Found by IBM checker. - - * lib/krb5/cache.c (_krb5_expand_default_cc_name): avoid return - pointer to freed memory in the error case. Found by IBM checker. - - * lib/hdb/keytab.c (hdb_resolve): off by one, found by IBM - checker. - - * lib/hdb/keys.c (hdb_generate_key_set): set ret_key_set before - going into the error clause and freeing key_set. Found by IBM - checker. Make sure ret == 0 after of parse error, we catch the - "no entries parsed" case later. - - * lib/krb5/log.c (krb5_addlog_dest): make string length match - strings in strcasecmp. Found by IBM checker. - -2006-03-30 Love Hörnquist Åstrand - - * lib/hdb/hdb-ldap.c (LDAP_message2entry): in declaration set - variable_name as "hdb_entry_ex" - (hdb_ldap_common): change "arg" in condition (if) to "search_base" - (hdb_ldapi_create): change "serach_base" to "search_base" From - Alex V. Labuta. - - * lib/krb5/pkinit.c (krb5_get_init_creds_opt_set_pkinit); fix - prototype - - * kuser/kinit.c: Add pool of certificates to help certificate path - building for clients sending incomplete path in the signedData. - -2006-03-28 Love Hörnquist Åstrand - - * kdc/pkinit.c: Add pool of certificates to help certificate path - building for clients sending incomplete path in the signedData. - - * lib/krb5/pkinit.c: Add pool of certificates to help certificate - path building for clients sending incomplete path in the - signedData. - -2006-03-27 Love Hörnquist Åstrand - - * kdc/config.c: Allow passing in related certificates used to - build the chain. - - * kdc/pkinit.c: Allow passing in related certificates used to - build the chain. - - * kdc/kerberos5.c (log_patype): Add case for - KRB5_PADATA_PA_PK_OCSP_RESPONSE. - - * tools/Makefile.am: Spelling - - * tools/krb5-config.in: Add hx509 when using PK-INIT. - - * tools/Makefile.am: Add hx509 when using PK-INIT. - -2006-03-26 Love Hörnquist Åstrand - - * lib/krb5/acache.c: Use ticket flags definition, might fix Mac OS - X Kerberos.app problems. - - * lib/krb5/krb5_ccapi.h: Add ticket flags definitions - - * lib/krb5/pkinit.c: Use less openssl, spell chelling. - - * kdc/pkinit.c (pk_mk_pa_reply_dh): encode the DH public key with - asn1 wrapping - - * configure.in (AC_CONFIG_FILES): add lib/hx509/Makefile - - * lib/Makefile.am: Add hx509. - - * lib/krb5/Makefile.am: Add libhx509.la when PKINIT is used. - - * configure.in: define automake PKINIT variable - - * kdc/pkinit.c: Switch to hx509. - - * lib/krb5/pkinit.c: Switch to hx509. - -2006-03-24 Love Hörnquist Åstrand - - * kdc/kerberos5.c (log_patypes): log the patypes requested by the - client - -2006-03-23 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c (_krb5_pk_rd_pa_reply): pass down the - req_buffer in the w2k case too. From Douglas E. Engert. - -2006-03-19 Love Hörnquist Åstrand - - * lib/krb5/mk_req_ext.c (_krb5_mk_req_internal): on failure, goto - error handling. Fixes Coverity NetBSD CID 2591 by catching a - failing krb5_copy_keyblock() - -2006-03-17 Love Hörnquist Åstrand - - * lib/krb5/addr_families.c (krb5_free_addresses): reset val,len in - address when free-ing. Fixes Coverity NetBSD bug #2605 - (krb5_parse_address): reset val,len before possibly return errors - Fixes Coverity NetBSD bug #2605 - -2006-03-07 Love Hörnquist Åstrand - - * lib/krb5/send_to_kdc.c (recv_loop): it should never happen, but - make sure nbytes > 0 - - * lib/krb5/get_for_creds.c (add_addrs): handle the case where - addr->len == 0 and n == 0, then realloc might return NULL. - - * lib/krb5/crypto.c (decrypt_*): handle the case where the - plaintext is 0 bytes long, realloc might then return NULL. - -2006-02-28 Love Hörnquist Åstrand - - * lib/krb5/krb5_string_to_key.3: Drop krb5_string_to_key_derived. - - * lib/krb5/krb5.3: Remove krb5_string_to_key_derived. - - * lib/krb5/crypto.c (AES_string_to_key): drop _krb5_PKCS5_PBKDF2 - and use PKCS5_PBKDF2_HMAC_SHA1 instead. - - * lib/krb5/aes-test.c: reformat, avoid free-ing un-init'd memory - - * lib/krb5/aes-test.c: Only use PKCS5_PBKDF2_HMAC_SHA1. - -2006-02-27 Johan Danielsson - - * doc/setup.texi: remove cartouches - we don't use them anywhere - else, they should be around the example, not inside it, and - probably shouldn't be used in html at all - -2006-02-18 Love Hörnquist Åstrand - - * lib/krb5/krb5_warn.3: Document that applications want to use - krb5_get_error_message, add example. - -2006-02-16 Love Hörnquist Åstrand - - * lib/krb5/crypto.c (krb5_generate_random_block): check return - value from RAND_bytes - - * lib/krb5/error_string.c: Change indentation, update (c) - -2006-02-14 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: Make struct krb5_dh_moduli available when - compiling w/o pkinit. - -2006-02-13 Love Hörnquist Åstrand - - * lib/krb5/pkinit.c: update to new paChecksum definition, update - the dhgroup handling - - * kdc/pkinit.c: update to new paChecksum definition, use - hdb_entry_ex - -2006-02-09 Love Hörnquist Åstrand - - * lib/krb5/krb5_locl.h: Move Configurable options to last in the - file. - - * lib/krb5/krb5_locl.h: Wrap KRB5_ADDRESSLESS_DEFAULT with #ifndef - -2006-02-03 Love Hörnquist Åstrand - - * kpasswd/kpasswdd.c: Send back a better error-message to the - client in case the password change was rejected. - - * lib/krb5/krb5_warn.3: Document krb5_get_error_message. - - * lib/krb5/error_string.c (krb5_get_error_message): new function, - and combination of krb5_get_error_string and krb5_get_err_text - - * lib/krb5/krb5.3: sort, and krb5_get_error_message - - * lib/hdb/hdb-ldap.c: Log the filter string to the error message - when doing searches. - - * lib/krb5/init_creds.c (krb5_get_init_creds_opt_set_default_flags): - Use KRB5_ADDRESSLESS_DEFAULT when - checking [appdefault]no-addresses. - - * lib/krb5/get_cred.c (get_cred_from_kdc_flags): Use - KRB5_ADDRESSLESS_DEFAULT when checking - [appdefault]no-addresses. - - * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): - Use [appdefault]no-addresses before checking if the krbtgt is - address-less, use KRB5_ADDRESSLESS_DEFAULT. - - * lib/krb5/krb5_locl.h: Introduce KRB5_ADDRESSLESS_DEFAULT that - controlls all address-less behavior. Defaults to false. - -2006-02-01 Love Hörnquist Åstrand - - * lib/krb5/n-fold-test.c: main is not a KRB5_LIB_FUNCTION - - * lib/krb5/mk_priv.c (krb5_mk_priv): abort if ASN1_MALLOC_ENCODE - failes to produce the matching lenghts. - -2006-01-27 Love Hörnquist Åstrand - - * kcm/protocol.c (kcm_op_retrieve): remove unused variable - -2006-01-15 Love Hörnquist Åstrand - - * tools/krb5-config.in: Move depenency on @LIB_dbopen@ to - kadm-server, kerberos library doesn't depend on db-library. - -2006-01-13 Love Hörnquist Åstrand - - * include/Makefile.am: Don't clean crypto headers, they now live - in hcrypto/. Add hcrypto to SUBDIRS. - - * include/hcrypto/Makefile.am: clean installed headers - - * include/make_crypto.c: include crypto headers from hcrypto/ - - * include/make_crypto.c: Include more crypto headerfiles. Remove - support for old hash names. - -2006-01-02 Love Hörnquist Åstrand - - * kdc/misc.c (_kdc_db_fetch): use calloc to allocate the entry, - from Andrew Bartlet. - - * Happy New Year. diff --git a/crypto/heimdal/LICENSE b/crypto/heimdal/LICENSE deleted file mode 100644 index d61e65fecdb9..000000000000 --- a/crypto/heimdal/LICENSE +++ /dev/null @@ -1,30 +0,0 @@ -Copyright (c) 1995 - 2007 Kungliga Tekniska Högskolan -(Royal Institute of Technology, Stockholm, Sweden). -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -3. Neither the name of the Institute nor the names of its contributors - may be used to endorse or promote products derived from this software - without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. diff --git a/crypto/heimdal/Makefile.am b/crypto/heimdal/Makefile.am deleted file mode 100644 index 693c23fe10da..000000000000 --- a/crypto/heimdal/Makefile.am +++ /dev/null @@ -1,50 +0,0 @@ -# $Id: Makefile.am 22497 2008-01-21 12:12:23Z lha $ - -include $(top_srcdir)/Makefile.am.common - -if KCM -kcm_dir = kcm -endif - -SUBDIRS= include lib kuser kdc admin kadmin kpasswd -SUBDIRS+= $(kcm_dir) appl doc tools tests packages etc - -## ACLOCAL = @ACLOCAL@ -I cf -ACLOCAL_AMFLAGS = -I cf - -EXTRA_DIST = \ - TODO \ - LICENSE \ - README \ - ChangeLog \ - ChangeLog.1998 \ - ChangeLog.1999 \ - ChangeLog.2000 \ - ChangeLog.2001 \ - ChangeLog.2002 \ - ChangeLog.2003 \ - ChangeLog.2004 \ - ChangeLog.2005 \ - ChangeLog.2006 \ - Makefile.am.common \ - autogen.sh \ - krb5.conf \ - cf/make-proto.pl \ - cf/install-catman.sh \ - cf/ChangeLog \ - cf/c-function.m4 \ - cf/ChangeLog \ - cf/have-pragma-weak.m4 \ - cf/have-types.m4 \ - cf/krb-func-getcwd-broken.m4 \ - cf/krb-prog-ranlib.m4 \ - cf/krb-prog-yacc.m4 \ - cf/krb-sys-aix.m4 \ - cf/krb-sys-nextstep.m4 \ - cf/krb-version.m4 \ - cf/roken.m4 \ - cf/valgrind-suppressions \ - cf/vararray.m4 - -print-distdir: - @echo $(distdir) diff --git a/crypto/heimdal/Makefile.am.common b/crypto/heimdal/Makefile.am.common deleted file mode 100644 index b3bbf45088e4..000000000000 --- a/crypto/heimdal/Makefile.am.common +++ /dev/null @@ -1,4 +0,0 @@ -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -include $(top_srcdir)/cf/Makefile.am.common - diff --git a/crypto/heimdal/Makefile.in b/crypto/heimdal/Makefile.in deleted file mode 100644 index 68a2ddf55e1b..000000000000 --- a/crypto/heimdal/Makefile.in +++ /dev/null @@ -1,982 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22497 2008-01-21 12:12:23Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \ - $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common $(top_srcdir)/configure \ - ChangeLog NEWS TODO compile config.guess config.sub install-sh \ - ltmain.sh missing ylwrap -subdir = . -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ - configure.lineno config.status.lineno -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ - html-recursive info-recursive install-data-recursive \ - install-dvi-recursive install-exec-recursive \ - install-html-recursive install-info-recursive \ - install-pdf-recursive install-ps-recursive install-recursive \ - installcheck-recursive installdirs-recursive pdf-recursive \ - ps-recursive uninstall-recursive -RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ - distclean-recursive maintainer-clean-recursive -ETAGS = etags -CTAGS = ctags -DIST_SUBDIRS = include lib kuser kdc admin kadmin kpasswd kcm appl doc \ - tools tests packages etc -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -distdir = $(PACKAGE)-$(VERSION) -top_distdir = $(distdir) -am__remove_distdir = \ - { test ! -d $(distdir) \ - || { find $(distdir) -type d ! -perm -200 -exec chmod u+w {} ';' \ - && rm -fr $(distdir); }; } -DIST_ARCHIVES = $(distdir).tar.gz -GZIP_ENV = --best -distuninstallcheck_listfiles = find . -type f -print -distcleancheck_listfiles = find . -type f -print -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -@KCM_TRUE@kcm_dir = kcm -SUBDIRS = include lib kuser kdc admin kadmin kpasswd $(kcm_dir) appl \ - doc tools tests packages etc -ACLOCAL_AMFLAGS = -I cf -EXTRA_DIST = \ - TODO \ - LICENSE \ - README \ - ChangeLog \ - ChangeLog.1998 \ - ChangeLog.1999 \ - ChangeLog.2000 \ - ChangeLog.2001 \ - ChangeLog.2002 \ - ChangeLog.2003 \ - ChangeLog.2004 \ - ChangeLog.2005 \ - ChangeLog.2006 \ - Makefile.am.common \ - autogen.sh \ - krb5.conf \ - cf/make-proto.pl \ - cf/install-catman.sh \ - cf/ChangeLog \ - cf/c-function.m4 \ - cf/ChangeLog \ - cf/have-pragma-weak.m4 \ - cf/have-types.m4 \ - cf/krb-func-getcwd-broken.m4 \ - cf/krb-prog-ranlib.m4 \ - cf/krb-prog-yacc.m4 \ - cf/krb-sys-aix.m4 \ - cf/krb-sys-nextstep.m4 \ - cf/krb-version.m4 \ - cf/roken.m4 \ - cf/valgrind-suppressions \ - cf/vararray.m4 - -all: all-recursive - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c -am--refresh: - @: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - echo ' cd $(srcdir) && $(AUTOMAKE) --foreign --ignore-deps'; \ - cd $(srcdir) && $(AUTOMAKE) --foreign --ignore-deps \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - echo ' $(SHELL) ./config.status'; \ - $(SHELL) ./config.status;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - $(SHELL) ./config.status --recheck - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(srcdir) && $(AUTOCONF) -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS) - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -distclean-libtool: - -rm -f libtool - -# This directory's subdirectories are mostly independent; you can cd -# into them and run `make' without going through this Makefile. -# To change the values of `make' variables: instead of editing Makefiles, -# (1) if the variable is set in `config.status', edit `config.status' -# (which will cause the Makefiles to be regenerated when you run `make'); -# (2) otherwise, pass the desired values on the `make' command line. -$(RECURSIVE_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - target=`echo $@ | sed s/-recursive//`; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - dot_seen=yes; \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done; \ - if test "$$dot_seen" = "no"; then \ - $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ - fi; test -z "$$fail" - -$(RECURSIVE_CLEAN_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - case "$@" in \ - distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ - *) list='$(SUBDIRS)' ;; \ - esac; \ - rev=''; for subdir in $$list; do \ - if test "$$subdir" = "."; then :; else \ - rev="$$subdir $$rev"; \ - fi; \ - done; \ - rev="$$rev ."; \ - target=`echo $@ | sed s/-recursive//`; \ - for subdir in $$rev; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done && test -z "$$fail" -tags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ - done -ctags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ - include_option=--etags-include; \ - empty_fix=.; \ - else \ - include_option=--include; \ - empty_fix=; \ - fi; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test ! -f $$subdir/TAGS || \ - tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ - fi; \ - done; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - $(am__remove_distdir) - test -d $(distdir) || mkdir $(distdir) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test -d "$(distdir)/$$subdir" \ - || $(MKDIR_P) "$(distdir)/$$subdir" \ - || exit 1; \ - distdir=`$(am__cd) $(distdir) && pwd`; \ - top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ - (cd $$subdir && \ - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$$top_distdir" \ - distdir="$$distdir/$$subdir" \ - am__remove_distdir=: \ - am__skip_length_check=: \ - distdir) \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook - -find $(distdir) -type d ! -perm -777 -exec chmod a+rwx {} \; -o \ - ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \ - ! -type d ! -perm -400 -exec chmod a+r {} \; -o \ - ! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \ - || chmod -R a+r $(distdir) -dist-gzip: distdir - tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz - $(am__remove_distdir) - -dist-bzip2: distdir - tardir=$(distdir) && $(am__tar) | bzip2 -9 -c >$(distdir).tar.bz2 - $(am__remove_distdir) - -dist-tarZ: distdir - tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z - $(am__remove_distdir) - -dist-shar: distdir - shar $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).shar.gz - $(am__remove_distdir) - -dist-zip: distdir - -rm -f $(distdir).zip - zip -rq $(distdir).zip $(distdir) - $(am__remove_distdir) - -dist dist-all: distdir - tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz - $(am__remove_distdir) - -# This target untars the dist file and tries a VPATH configuration. Then -# it guarantees that the distribution is self-contained by making another -# tarfile. -distcheck: dist - case '$(DIST_ARCHIVES)' in \ - *.tar.gz*) \ - GZIP=$(GZIP_ENV) gunzip -c $(distdir).tar.gz | $(am__untar) ;;\ - *.tar.bz2*) \ - bunzip2 -c $(distdir).tar.bz2 | $(am__untar) ;;\ - *.tar.Z*) \ - uncompress -c $(distdir).tar.Z | $(am__untar) ;;\ - *.shar.gz*) \ - GZIP=$(GZIP_ENV) gunzip -c $(distdir).shar.gz | unshar ;;\ - *.zip*) \ - unzip $(distdir).zip ;;\ - esac - chmod -R a-w $(distdir); chmod a+w $(distdir) - mkdir $(distdir)/_build - mkdir $(distdir)/_inst - chmod a-w $(distdir) - dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \ - && dc_destdir="$${TMPDIR-/tmp}/am-dc-$$$$/" \ - && cd $(distdir)/_build \ - && ../configure --srcdir=.. --prefix="$$dc_install_base" \ - $(DISTCHECK_CONFIGURE_FLAGS) \ - && $(MAKE) $(AM_MAKEFLAGS) \ - && $(MAKE) $(AM_MAKEFLAGS) dvi \ - && $(MAKE) $(AM_MAKEFLAGS) check \ - && $(MAKE) $(AM_MAKEFLAGS) install \ - && $(MAKE) $(AM_MAKEFLAGS) installcheck \ - && $(MAKE) $(AM_MAKEFLAGS) uninstall \ - && $(MAKE) $(AM_MAKEFLAGS) distuninstallcheck_dir="$$dc_install_base" \ - distuninstallcheck \ - && chmod -R a-w "$$dc_install_base" \ - && ({ \ - (cd ../.. && umask 077 && mkdir "$$dc_destdir") \ - && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" install \ - && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" uninstall \ - && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" \ - distuninstallcheck_dir="$$dc_destdir" distuninstallcheck; \ - } || { rm -rf "$$dc_destdir"; exit 1; }) \ - && rm -rf "$$dc_destdir" \ - && $(MAKE) $(AM_MAKEFLAGS) dist \ - && rm -rf $(DIST_ARCHIVES) \ - && $(MAKE) $(AM_MAKEFLAGS) distcleancheck - $(am__remove_distdir) - @(echo "$(distdir) archives ready for distribution: "; \ - list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \ - sed -e 1h -e 1s/./=/g -e 1p -e 1x -e '$$p' -e '$$x' -distuninstallcheck: - @cd $(distuninstallcheck_dir) \ - && test `$(distuninstallcheck_listfiles) | wc -l` -le 1 \ - || { echo "ERROR: files left after uninstall:" ; \ - if test -n "$(DESTDIR)"; then \ - echo " (check DESTDIR support)"; \ - fi ; \ - $(distuninstallcheck_listfiles) ; \ - exit 1; } >&2 -distcleancheck: distclean - @if test '$(srcdir)' = . ; then \ - echo "ERROR: distcleancheck can only run from a VPATH build" ; \ - exit 1 ; \ - fi - @test `$(distcleancheck_listfiles) | wc -l` -eq 0 \ - || { echo "ERROR: files left in build directory after distclean:" ; \ - $(distcleancheck_listfiles) ; \ - exit 1; } >&2 -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-recursive -all-am: Makefile all-local -installdirs: installdirs-recursive -installdirs-am: -install: install-recursive -install-exec: install-exec-recursive -install-data: install-data-recursive -uninstall: uninstall-recursive - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-recursive -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-recursive - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-recursive - -rm -f $(am__CONFIG_DISTCLEAN_FILES) - -rm -f Makefile -distclean-am: clean-am distclean-generic distclean-libtool \ - distclean-tags - -dvi: dvi-recursive - -dvi-am: - -html: html-recursive - -info: info-recursive - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-recursive - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-recursive - -install-info: install-info-recursive - -install-man: - -install-pdf: install-pdf-recursive - -install-ps: install-ps-recursive - -installcheck-am: - -maintainer-clean: maintainer-clean-recursive - -rm -f $(am__CONFIG_DISTCLEAN_FILES) - -rm -rf $(top_srcdir)/autom4te.cache - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-recursive - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-recursive - -pdf-am: - -ps: ps-recursive - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ - install-data-am install-exec-am install-strip uninstall-am - -.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ - all all-am all-local am--refresh check check-am check-local \ - clean clean-generic clean-libtool ctags ctags-recursive dist \ - dist-all dist-bzip2 dist-gzip dist-hook dist-shar dist-tarZ \ - dist-zip distcheck distclean distclean-generic \ - distclean-libtool distclean-tags distcleancheck distdir \ - distuninstallcheck dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am \ - install-data-hook install-dvi install-dvi-am install-exec \ - install-exec-am install-exec-hook install-html install-html-am \ - install-info install-info-am install-man install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs installdirs-am \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags tags-recursive uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -print-distdir: - @echo $(distdir) -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/NEWS b/crypto/heimdal/NEWS deleted file mode 100644 index f0504274042f..000000000000 --- a/crypto/heimdal/NEWS +++ /dev/null @@ -1,802 +0,0 @@ -Changes in release 1.1 - - * Read-only PKCS11 provider built-in to hx509. - - * Documentation for hx509, hcrypto and ntlm libraries improved. - - * Better compatibilty with Windows 2008 Server pre-releases and Vista. - - * Mac OS X 10.5 support for native credential cache. - - * Provide pkg-config file for Heimdal (heimdal-gssapi.pc). - - * Bug fixes. - -Changes in release 1.0.2 - -* Ubuntu packages. - -* Bug fixes. - -Changes in release 1.0.1 - - * Serveral bug fixes to iprop. - - * Make work on platforms without dlopen. - - * Add RFC3526 modp group14 as default. - - * Handle [kdc] database = { } entries without realm = stanzas. - - * Make krb5_get_renewed_creds work. - - * Make kaserver preauth work again. - - * Bug fixes. - -Changes in release 1.0 - - * Add gss_pseudo_random() for mechglue and krb5. - - * Make session key for the krbtgt be selected by the best encryption - type of the client. - - * Better interoperability with other PK-INIT implementations. - - * Inital support for Mac OS X Keychain for hx509. - - * Alias support for inital ticket requests. - - * Add symbol versioning to selected libraries on platforms that uses - GNU link editor: gssapi, hcrypto, heimntlm, hx509, krb5, and libkdc. - - * New version of imath included in hcrypto. - - * Fix memory leaks. - - * Bugs fixes. - -Changes in release 0.8.1 - - * Make ASN.1 library less paranoid to with regard to NUL in string to - make it inter-operate with MIT Kerberos again. - - * Make GSS-API library work again when using gss_acquire_cred - - * Add symbol versioning to libgssapi when using GNU ld. - - * Fix memory leaks - - * Bugs fixes - -Changes in release 0.8 - - * PK-INIT support. - - * HDB extensions support, used by PK-INIT. - - * New ASN.1 compiler. - - * GSS-API mechglue from FreeBSD. - - * Updated SPNEGO to support RFC4178. - - * Support for Cryptosystem Negotiation Extension (RFC 4537). - - * A new X.509 library (hx509) and related crypto functions. - - * A new ntlm library (heimntlm) and related crypto functions. - - * Updated the built-in crypto library with bignum support using - imath, support for RSA and DH and renamed it to libhcrypto. - - * Subsystem in the KDC, digest, that will perform the digest - operation in the KDC, currently supports: CHAP, MS-CHAP-V2, SASL - DIGEST-MD5 NTLMv1 and NTLMv2. - - * KDC will return the "response too big" error to force TCP retries - for large (default 1400 bytes) UDP replies. This is common for - PK-INIT requests. - - * Libkafs defaults to use 2b tokens. - - * Default to use the API cache on Mac OS X. - - * krb5_kuserok() also checks ~/.k5login.d directory for acl files, - see manpage for krb5_kuserok for description. - - * Many, many, other updates to code and info manual and manual pages. - - * Bug fixes - -Changes in release 0.7.2 - -* Fix security problem in rshd that enable an attacker to overwrite - and change ownership of any file that root could write. - -* Fix a DOS in telnetd. The attacker could force the server to crash - in a NULL de-reference before the user logged in, resulting in inetd - turning telnetd off because it forked too fast. - -* Make gss_acquire_cred(GSS_C_ACCEPT) check that the requested name - exists in the keytab before returning success. This allows servers - to check if its even possible to use GSSAPI. - -* Fix receiving end of token delegation for GSS-API. It still wrongly - uses subkey for sending for compatibility reasons, this will change - in 0.8. - -* telnetd, login and rshd are now more verbose in logging failed and - successful logins. - -* Bug fixes - -Changes in release 0.7.1 - -* Bug fixes - -Changes in release 0.7 - - * Support for KCM, a process based credential cache - - * Support CCAPI credential cache - - * SPNEGO support - - * AES (and the gssapi conterpart, CFX) support - - * Adding new and improve old documentation - - * Bug fixes - -Changes in release 0.6.6 - -* Fix security problem in rshd that enable an attacker to overwrite - and change ownership of any file that root could write. - -* Fix a DOS in telnetd. The attacker could force the server to crash - in a NULL de-reference before the user logged in, resulting in inetd - turning telnetd off because it forked too fast. - -Changes in release 0.6.5 - - * fix vulnerabilities in telnetd - - * unbreak Kerberos 4 and kaserver - -Changes in release 0.6.4 - - * fix vulnerabilities in telnet - - * rshd: encryption without a separate error socket should now work - - * telnet now uses appdefaults for the encrypt and forward/forwardable - settings - - * bug fixes - -Changes in release 0.6.3 - - * fix vulnerabilities in ftpd - - * support for linux AFS /proc "syscalls" - - * support for RFC3244 (Windows 2000 Kerberos Change/Set Password) in - kpasswdd - - * fix possible KDC denial of service - - * bug fixes - -Changes in release 0.6.2 - - * Fix possible buffer overrun in v4 kadmin (which now defaults to off) - -Changes in release 0.6.1 - - * Fixed ARCFOUR suppport - - * Cross realm vulnerability - - * kdc: fix denial of service attack - - * kdc: stop clients from renewing tickets into the future - - * bug fixes - -Changes in release 0.6 - -* The DES3 GSS-API mechanism has been changed to inter-operate with - other GSSAPI implementations. See man page for gssapi(3) how to turn - on generation of correct MIC messages. Next major release of heimdal - will generate correct MIC by default. - -* More complete GSS-API support - -* Better AFS support: kdc (524) supports 2b; 524 in kdc and AFS - support in applications no longer requires Kerberos 4 libs - -* Kerberos 4 support in kdc defaults to turned off (includes ka and 524) - -* other bug fixes - -Changes in release 0.5.2 - - * kdc: add option for disabling v4 cross-realm (defaults to off) - - * bug fixes - -Changes in release 0.5.1 - - * kadmind: fix remote exploit - - * kadmind: add option to disable kerberos 4 - - * kdc: make sure kaserver token life is positive - - * telnet: use the session key if there is no subkey - - * fix EPSV parsing in ftp - - * other bug fixes - -Changes in release 0.5 - - * add --detach option to kdc - - * allow setting forward and forwardable option in telnet from - .telnetrc, with override from command line - - * accept addresses with or without ports in krb5_rd_cred - - * make it work with modern openssl - - * use our own string2key function even with openssl (that handles weak - keys incorrectly) - - * more system-specific requirements in login - - * do not use getlogin() to determine root in su - - * telnet: abort if telnetd does not support encryption - - * update autoconf to 2.53 - - * update config.guess, config.sub - - * other bug fixes - -Changes in release 0.4e - - * improve libcrypto and database autoconf tests - - * do not care about salting of server principals when serving v4 requests - - * some improvements to gssapi library - - * test for existing compile_et/libcom_err - - * portability fixes - - * bug fixes - -Changes in release 0.4d - - * fix some problems when using libcrypto from openssl - - * handle /dev/ptmx `unix98' ptys on Linux - - * add some forgotten man pages - - * rsh: clean-up and add man page - - * fix -A and -a in builtin-ls in tpd - - * fix building problem on Irix - - * make `ktutil get' more efficient - - * bug fixes - -Changes in release 0.4c - - * fix buffer overrun in telnetd - - * repair some of the v4 fallback code in kinit - - * add more shared library dependencies - - * simplify and fix hprop handling of v4 databases - - * fix some building problems (osf's sia and osfc2 login) - - * bug fixes - -Changes in release 0.4b - - * update the shared library version numbers correctly - -Changes in release 0.4a - - * corrected key used for checksum in mk_safe, unfortunately this - makes it backwards incompatible - - * update to autoconf 2.50, libtool 1.4 - - * re-write dns/config lookups (krb5_krbhst API) - - * make order of using subkeys consistent - - * add man page links - - * add more man pages - - * remove rfc2052 support, now only rfc2782 is supported - - * always build with kaserver protocol support in the KDC (assuming - KRB4 is enabled) and support for reading kaserver databases in - hprop - -Changes in release 0.3f - - * change default keytab to ANY:FILE:/etc/krb5.keytab,krb4:/etc/srvtab, - the new keytab type that tries both of these in order (SRVTAB is - also an alias for krb4:) - - * improve error reporting and error handling (error messages should - be more detailed and more useful) - - * improve building with openssl - - * add kadmin -K, rcp -F - - * fix two incorrect weak DES keys - - * fix building of kaserver compat in KDC - - * the API is closer to what MIT krb5 is using - - * more compatible with windows 2000 - - * removed some memory leaks - - * bug fixes - -Changes in release 0.3e - - * rcp program included - - * fix buffer overrun in ftpd - - * handle omitted sequence numbers as zeroes to handle MIT krb5 that - cannot generate zero sequence numbers - - * handle v4 /.k files better - - * configure/portability fixes - - * fixes in parsing of options to kadmin (sub-)commands - - * handle errors in kadmin load better - - * bug fixes - -Changes in release 0.3d - - * add krb5-config - - * fix a bug in 3des gss-api mechanism, making it compatible with the - specification and the MIT implementation - - * make telnetd only allow a specific list of environment variables to - stop it from setting `sensitive' variables - - * try to use an existing libdes - - * lib/krb5, kdc: use correct usage type for ap-req messages. This - should improve compatability with MIT krb5 when using 3DES - encryption types - - * kdc: fix memory allocation problem - - * update config.guess and config.sub - - * lib/roken: more stuff implemented - - * bug fixes and portability enhancements - -Changes in release 0.3c - - * lib/krb5: memory caches now support the resolve operation - - * appl/login: set PATH to some sane default - - * kadmind: handle several realms - - * bug fixes (including memory leaks) - -Changes in release 0.3b - - * kdc: prefer default-salted keys on v5 requests - - * kdc: lowercase hostnames in v4 mode - - * hprop: handle more types of MIT salts - - * lib/krb5: fix memory leak - - * bug fixes - -Changes in release 0.3a: - - * implement arcfour-hmac-md5 to interoperate with W2K - - * modularise the handling of the master key, and allow for other - encryption types. This makes it easier to import a database from - some other source without having to re-encrypt all keys. - - * allow for better control over which encryption types are created - - * make kinit fallback to v4 if given a v4 KDC - - * make klist work better with v4 and v5, and add some more MIT - compatibility options - - * make the kdc listen on the krb524 (4444) port for compatibility - with MIT krb5 clients - - * implement more DCE/DFS support, enabled with --enable-dce, see - lib/kdfs and appl/dceutils - - * make the sequence numbers work correctly - - * bug fixes - -Changes in release 0.2t: - - * bug fixes - -Changes in release 0.2s: - - * add OpenLDAP support in hdb - - * login will get v4 tickets when it receives forwarded tickets - - * xnlock supports both v5 and v4 - - * repair source routing for telnet - - * fix building problems with krb4 (krb_mk_req) - - * bug fixes - -Changes in release 0.2r: - - * fix realloc memory corruption bug in kdc - - * `add --key' and `cpw --key' in kadmin - - * klist supports listing v4 tickets - - * update config.guess and config.sub - - * make v4 -> v5 principal name conversion more robust - - * support for anonymous tickets - - * new man-pages - - * telnetd: do not negotiate KERBEROS5 authentication if there's no keytab. - - * use and set expiration and not password expiration when dumping - to/from ka server databases / krb4 databases - - * make the code happier with 64-bit time_t - - * follow RFC2782 and by default do not look for non-underscore SRV names - -Changes in release 0.2q: - - * bug fix in tcp-handling in kdc - - * bug fix in expand_hostname - -Changes in release 0.2p: - - * bug fix in `kadmin load/merge' - - * bug fix in krb5_parse_address - -Changes in release 0.2o: - - * gss_{import,export}_sec_context added to libgssapi - - * new option --addresses to kdc (for listening on an explicit set of - addresses) - - * bug fixes in the krb4 and kaserver emulation part of the kdc - - * other bug fixes - -Changes in release 0.2n: - - * more robust parsing of dump files in kadmin - * changed default timestamp format for log messages to extended ISO - 8601 format (Y-M-DTH:M:S) - * changed md4/md5/sha1 APIes to be de-facto `standard' - * always make hostname into lower-case before creating principal - * small bits of more MIT-compatability - * bug fixes - -Changes in release 0.2m: - - * handle glibc's getaddrinfo() that returns several ai_canonname - - * new endian test - - * man pages fixes - -Changes in release 0.2l: - - * bug fixes - -Changes in release 0.2k: - - * better IPv6 test - - * make struct sockaddr_storage in roken work better on alphas - - * some missing [hn]to[hn]s fixed. - - * allow users to change their own passwords with kadmin (with initial - tickets) - - * fix stupid bug in parsing KDC specification - - * add `ktutil change' and `ktutil purge' - -Changes in release 0.2j: - - * builds on Irix - - * ftpd works in passive mode - - * should build on cygwin - - * work around broken IPv6-code on OpenBSD 2.6, also add configure - option --disable-ipv6 - -Changes in release 0.2i: - - * use getaddrinfo in the missing places. - - * fix SRV lookup for admin server - - * use get{addr,name}info everywhere. and implement it in terms of - getipnodeby{name,addr} (which uses gethostbyname{,2} and - gethostbyaddr) - -Changes in release 0.2h: - - * fix typo in kx (now compiles) - -Changes in release 0.2g: - - * lots of bug fixes: - * push works - * repair appl/test programs - * sockaddr_storage works on solaris (alignment issues) - * works better with non-roken getaddrinfo - * rsh works - * some non standard C constructs removed - -Changes in release 0.2f: - - * support SRV records for kpasswd - * look for both _kerberos and krb5-realm when doing host -> realm mapping - -Changes in release 0.2e: - - * changed copyright notices to remove `advertising'-clause. - * get{addr,name}info added to roken and used in the other code - (this makes things work much better with hosts with both v4 and v6 - addresses, among other things) - * do pre-auth for both password and key-based get_in_tkt - * support for having several databases - * new command `del_enctype' in kadmin - * strptime (and new strftime) add to roken - * more paranoia about finding libdb - * bug fixes - -Changes in release 0.2d: - - * new configuration option [libdefaults]default_etypes_des - * internal ls in ftpd builds without KRB4 - * kx/rsh/push/pop_debug tries v5 and v4 consistenly - * build bug fixes - * other bug fixes - -Changes in release 0.2c: - - * bug fixes (see ChangeLog's for details) - -Changes in release 0.2b: - - * bug fixes - * actually bump shared library versions - -Changes in release 0.2a: - - * a new program verify_krb5_conf for checking your /etc/krb5.conf - * add 3DES keys when changing password - * support null keys in database - * support multiple local realms - * implement a keytab backend for AFS KeyFile's - * implement a keytab backend for v4 srvtabs - * implement `ktutil copy' - * support password quality control in v4 kadmind - * improvements in v4 compat kadmind - * handle the case of having the correct cred in the ccache but with - the wrong encryption type better - * v6-ify the remaining programs. - * internal ls in ftpd - * rename strcpy_truncate/strcat_truncate to strlcpy/strlcat - * add `ank --random-password' and `cpw --random-password' in kadmin - * some programs and documentation for trying to talk to a W2K KDC - * bug fixes - -Changes in release 0.1m: - - * support for getting default from krb5.conf for kinit/kf/rsh/telnet. - From Miroslav Ruda - * v6-ify hprop and hpropd - * support numeric addresses in krb5_mk_req - * shadow support in login and su. From Miroslav Ruda - * make rsh/rshd IPv6-aware - * make the gssapi sample applications better at reporting errors - * lots of bug fixes - * handle systems with v6-aware libc and non-v6 kernels (like Linux - with glibc 2.1) better - * hide failure of ERPT in ftp - * lots of bug fixes - -Changes in release 0.1l: - - * make ftp and ftpd IPv6-aware - * add inet_pton to roken - * more IPv6-awareness - * make mini_inetd v6 aware - -Changes in release 0.1k: - - * bump shared libraries versions - * add roken version of inet_ntop - * merge more changes to rshd - -Changes in release 0.1j: - - * restore back to the `old' 3DES code. This was supposed to be done - in 0.1h and 0.1i but I did a CVS screw-up. - * make telnetd handle v6 connections - -Changes in release 0.1i: - - * start using `struct sockaddr_storage' which simplifies the code - (with a fallback definition if it's not defined) - * bug fixes (including in hprop and kf) - * don't use mawk which seems to mishandle roken.awk - * get_addrs should be able to handle v6 addresses on Linux (with the - required patch to the Linux kernel -- ask within) - * rshd builds with shadow passwords - -Changes in release 0.1h: - - * kf: new program for forwarding credentials - * portability fixes - * make forwarding credentials work with MIT code - * better conversion of ka database - * add etc/services.append - * correct `modified by' from kpasswdd - * lots of bug fixes - -Changes in release 0.1g: - - * kgetcred: new program for explicitly obtaining tickets - * configure fixes - * krb5-aware kx - * bug fixes - -Changes in release 0.1f; - - * experimental support for v4 kadmin protokoll in kadmind - * bug fixes - -Changes in release 0.1e: - - * try to handle old DCE and MIT kdcs - * support for older versions of credential cache files and keytabs - * postdated tickets work - * support for password quality checks in kpasswdd - * new flag --enable-kaserver for kdc - * renew fixes - * prototype su program - * updated (some) manpages - * support for KDC resource records - * should build with --without-krb4 - * bug fixes - -Changes in release 0.1d: - - * Support building with DB2 (uses 1.85-compat API) - * Support krb5-realm.DOMAIN in DNS - * new `ktutil srvcreate' - * v4/kafs support in klist/kdestroy - * bug fixes - -Changes in release 0.1c: - - * fix ASN.1 encoding of signed integers - * somewhat working `ktutil get' - * some documentation updates - * update to Autoconf 2.13 and Automake 1.4 - * the usual bug fixes - -Changes in release 0.1b: - - * some old -> new crypto conversion utils - * bug fixes - -Changes in release 0.1a: - - * new crypto code - * more bug fixes - * make sure we ask for DES keys in gssapi - * support signed ints in ASN1 - * IPv6-bug fixes - -Changes in release 0.0u: - - * lots of bug fixes - -Changes in release 0.0t: - - * more robust parsing of krb5.conf - * include net{read,write} in lib/roken - * bug fixes - -Changes in release 0.0s: - - * kludges for parsing options to rsh - * more robust parsing of krb5.conf - * removed some arbitrary limits - * bug fixes - -Changes in release 0.0r: - - * default options for some programs - * bug fixes - -Changes in release 0.0q: - - * support for building shared libraries with libtool - * bug fixes - -Changes in release 0.0p: - - * keytab moved to /etc/krb5.keytab - * avoid false detection of IPv6 on Linux - * Lots of more functionality in the gssapi-library - * hprop can now read ka-server databases - * bug fixes - -Changes in release 0.0o: - - * FTP with GSSAPI support. - * Bug fixes. - -Changes in release 0.0n: - - * Incremental database propagation. - * Somewhat improved kadmin ui; the stuff in admin is now removed. - * Some support for using enctypes instead of keytypes. - * Lots of other improvement and bug fixes, see ChangeLog for details. diff --git a/crypto/heimdal/README b/crypto/heimdal/README deleted file mode 100644 index 88ab7fd12135..000000000000 --- a/crypto/heimdal/README +++ /dev/null @@ -1,19 +0,0 @@ -$Id: README 8839 2000-07-27 02:33:54Z assar $ - -Heimdal is a Kerberos 5 implementation. - -Please see the manual in doc, by default installed in -/usr/heimdal/info/heimdal.info for information on how to install. -There are also briefer man pages for most of the commands. - -Bug reports and bugs are appreciated, see more under Bug reports in -the manual on how we prefer them. - -For more information see the web-page at - or the mailing lists: - -heimdal-announce@sics.se low-volume announcement -heimdal-discuss@sics.se high-volume discussion - -send a mail to heimdal-announce-request@sics.se and -heimdal-discuss-request@sics.se respectively to subscribe. diff --git a/crypto/heimdal/acinclude.m4 b/crypto/heimdal/acinclude.m4 deleted file mode 100644 index eecf7cfb8bb1..000000000000 --- a/crypto/heimdal/acinclude.m4 +++ /dev/null @@ -1,9 +0,0 @@ -dnl $Id: acinclude.m4 13337 2004-02-12 14:19:16Z lha $ -dnl -dnl Only put things that for some reason can't live in the `cf' -dnl directory in this file. -dnl - -dnl $xId: misc.m4,v 1.1 1997/12/14 15:59:04 joda Exp $ -dnl -m4_define([upcase],`echo $1 | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`)dnl diff --git a/crypto/heimdal/aclocal.m4 b/crypto/heimdal/aclocal.m4 deleted file mode 100644 index e9dcb29715e2..000000000000 --- a/crypto/heimdal/aclocal.m4 +++ /dev/null @@ -1,7102 +0,0 @@ -# generated automatically by aclocal 1.10 -*- Autoconf -*- - -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, -# 2005, 2006 Free Software Foundation, Inc. -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -m4_if(m4_PACKAGE_VERSION, [2.61],, -[m4_fatal([this file was generated for autoconf 2.61. -You have another version of autoconf. If you want to use that, -you should regenerate the build system entirely.], [63])]) - -# libtool.m4 - Configure libtool for the host system. -*-Autoconf-*- - -# serial 48 AC_PROG_LIBTOOL - - -# AC_PROVIDE_IFELSE(MACRO-NAME, IF-PROVIDED, IF-NOT-PROVIDED) -# ----------------------------------------------------------- -# If this macro is not defined by Autoconf, define it here. -m4_ifdef([AC_PROVIDE_IFELSE], - [], - [m4_define([AC_PROVIDE_IFELSE], - [m4_ifdef([AC_PROVIDE_$1], - [$2], [$3])])]) - - -# AC_PROG_LIBTOOL -# --------------- -AC_DEFUN([AC_PROG_LIBTOOL], -[AC_REQUIRE([_AC_PROG_LIBTOOL])dnl -dnl If AC_PROG_CXX has already been expanded, run AC_LIBTOOL_CXX -dnl immediately, otherwise, hook it in at the end of AC_PROG_CXX. - AC_PROVIDE_IFELSE([AC_PROG_CXX], - [AC_LIBTOOL_CXX], - [define([AC_PROG_CXX], defn([AC_PROG_CXX])[AC_LIBTOOL_CXX - ])]) -dnl And a similar setup for Fortran 77 support - AC_PROVIDE_IFELSE([AC_PROG_F77], - [AC_LIBTOOL_F77], - [define([AC_PROG_F77], defn([AC_PROG_F77])[AC_LIBTOOL_F77 -])]) - -dnl Quote A][M_PROG_GCJ so that aclocal doesn't bring it in needlessly. -dnl If either AC_PROG_GCJ or A][M_PROG_GCJ have already been expanded, run -dnl AC_LIBTOOL_GCJ immediately, otherwise, hook it in at the end of both. - AC_PROVIDE_IFELSE([AC_PROG_GCJ], - [AC_LIBTOOL_GCJ], - [AC_PROVIDE_IFELSE([A][M_PROG_GCJ], - [AC_LIBTOOL_GCJ], - [AC_PROVIDE_IFELSE([LT_AC_PROG_GCJ], - [AC_LIBTOOL_GCJ], - [ifdef([AC_PROG_GCJ], - [define([AC_PROG_GCJ], defn([AC_PROG_GCJ])[AC_LIBTOOL_GCJ])]) - ifdef([A][M_PROG_GCJ], - [define([A][M_PROG_GCJ], defn([A][M_PROG_GCJ])[AC_LIBTOOL_GCJ])]) - ifdef([LT_AC_PROG_GCJ], - [define([LT_AC_PROG_GCJ], - defn([LT_AC_PROG_GCJ])[AC_LIBTOOL_GCJ])])])]) -])])# AC_PROG_LIBTOOL - - -# _AC_PROG_LIBTOOL -# ---------------- -AC_DEFUN([_AC_PROG_LIBTOOL], -[AC_REQUIRE([AC_LIBTOOL_SETUP])dnl -AC_BEFORE([$0],[AC_LIBTOOL_CXX])dnl -AC_BEFORE([$0],[AC_LIBTOOL_F77])dnl -AC_BEFORE([$0],[AC_LIBTOOL_GCJ])dnl - -# This can be used to rebuild libtool when needed -LIBTOOL_DEPS="$ac_aux_dir/ltmain.sh" - -# Always use our own libtool. -LIBTOOL='$(SHELL) $(top_builddir)/libtool' -AC_SUBST(LIBTOOL)dnl - -# Prevent multiple expansion -define([AC_PROG_LIBTOOL], []) -])# _AC_PROG_LIBTOOL - - -# AC_LIBTOOL_SETUP -# ---------------- -AC_DEFUN([AC_LIBTOOL_SETUP], -[AC_PREREQ(2.50)dnl -AC_REQUIRE([AC_ENABLE_SHARED])dnl -AC_REQUIRE([AC_ENABLE_STATIC])dnl -AC_REQUIRE([AC_ENABLE_FAST_INSTALL])dnl -AC_REQUIRE([AC_CANONICAL_HOST])dnl -AC_REQUIRE([AC_CANONICAL_BUILD])dnl -AC_REQUIRE([AC_PROG_CC])dnl -AC_REQUIRE([AC_PROG_LD])dnl -AC_REQUIRE([AC_PROG_LD_RELOAD_FLAG])dnl -AC_REQUIRE([AC_PROG_NM])dnl - -AC_REQUIRE([AC_PROG_LN_S])dnl -AC_REQUIRE([AC_DEPLIBS_CHECK_METHOD])dnl -# Autoconf 2.13's AC_OBJEXT and AC_EXEEXT macros only works for C compilers! -AC_REQUIRE([AC_OBJEXT])dnl -AC_REQUIRE([AC_EXEEXT])dnl -dnl - -AC_LIBTOOL_SYS_MAX_CMD_LEN -AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE -AC_LIBTOOL_OBJDIR - -AC_REQUIRE([_LT_AC_SYS_COMPILER])dnl -_LT_AC_PROG_ECHO_BACKSLASH - -case $host_os in -aix3*) - # AIX sometimes has problems with the GCC collect2 program. For some - # reason, if we set the COLLECT_NAMES environment variable, the problems - # vanish in a puff of smoke. - if test "X${COLLECT_NAMES+set}" != Xset; then - COLLECT_NAMES= - export COLLECT_NAMES - fi - ;; -esac - -# Sed substitution that helps us do robust quoting. It backslashifies -# metacharacters that are still active within double-quoted strings. -Xsed='sed -e 1s/^X//' -[sed_quote_subst='s/\([\\"\\`$\\\\]\)/\\\1/g'] - -# Same as above, but do not quote variable references. -[double_quote_subst='s/\([\\"\\`\\\\]\)/\\\1/g'] - -# Sed substitution to delay expansion of an escaped shell variable in a -# double_quote_subst'ed string. -delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g' - -# Sed substitution to avoid accidental globbing in evaled expressions -no_glob_subst='s/\*/\\\*/g' - -# Constants: -rm="rm -f" - -# Global variables: -default_ofile=libtool -can_build_shared=yes - -# All known linkers require a `.a' archive for static linking (except MSVC, -# which needs '.lib'). -libext=a -ltmain="$ac_aux_dir/ltmain.sh" -ofile="$default_ofile" -with_gnu_ld="$lt_cv_prog_gnu_ld" - -AC_CHECK_TOOL(AR, ar, false) -AC_CHECK_TOOL(RANLIB, ranlib, :) -AC_CHECK_TOOL(STRIP, strip, :) - -old_CC="$CC" -old_CFLAGS="$CFLAGS" - -# Set sane defaults for various variables -test -z "$AR" && AR=ar -test -z "$AR_FLAGS" && AR_FLAGS=cru -test -z "$AS" && AS=as -test -z "$CC" && CC=cc -test -z "$LTCC" && LTCC=$CC -test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS -test -z "$DLLTOOL" && DLLTOOL=dlltool -test -z "$LD" && LD=ld -test -z "$LN_S" && LN_S="ln -s" -test -z "$MAGIC_CMD" && MAGIC_CMD=file -test -z "$NM" && NM=nm -test -z "$SED" && SED=sed -test -z "$OBJDUMP" && OBJDUMP=objdump -test -z "$RANLIB" && RANLIB=: -test -z "$STRIP" && STRIP=: -test -z "$ac_objext" && ac_objext=o - -# Determine commands to create old-style static archives. -old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs$old_deplibs' -old_postinstall_cmds='chmod 644 $oldlib' -old_postuninstall_cmds= - -if test -n "$RANLIB"; then - case $host_os in - openbsd*) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib" - ;; - *) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib" - ;; - esac - old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib" -fi - -_LT_CC_BASENAME([$compiler]) - -# Only perform the check for file, if the check method requires it -case $deplibs_check_method in -file_magic*) - if test "$file_magic_cmd" = '$MAGIC_CMD'; then - AC_PATH_MAGIC - fi - ;; -esac - -AC_PROVIDE_IFELSE([AC_LIBTOOL_DLOPEN], enable_dlopen=yes, enable_dlopen=no) -AC_PROVIDE_IFELSE([AC_LIBTOOL_WIN32_DLL], -enable_win32_dll=yes, enable_win32_dll=no) - -AC_ARG_ENABLE([libtool-lock], - [AC_HELP_STRING([--disable-libtool-lock], - [avoid locking (might break parallel builds)])]) -test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes - -AC_ARG_WITH([pic], - [AC_HELP_STRING([--with-pic], - [try to use only PIC/non-PIC objects @<:@default=use both@:>@])], - [pic_mode="$withval"], - [pic_mode=default]) -test -z "$pic_mode" && pic_mode=default - -# Use C for the default configuration in the libtool script -tagname= -AC_LIBTOOL_LANG_C_CONFIG -_LT_AC_TAGCONFIG -])# AC_LIBTOOL_SETUP - - -# _LT_AC_SYS_COMPILER -# ------------------- -AC_DEFUN([_LT_AC_SYS_COMPILER], -[AC_REQUIRE([AC_PROG_CC])dnl - -# If no C compiler was specified, use CC. -LTCC=${LTCC-"$CC"} - -# If no C compiler flags were specified, use CFLAGS. -LTCFLAGS=${LTCFLAGS-"$CFLAGS"} - -# Allow CC to be a program name with arguments. -compiler=$CC -])# _LT_AC_SYS_COMPILER - - -# _LT_CC_BASENAME(CC) -# ------------------- -# Calculate cc_basename. Skip known compiler wrappers and cross-prefix. -AC_DEFUN([_LT_CC_BASENAME], -[for cc_temp in $1""; do - case $cc_temp in - compile | *[[\\/]]compile | ccache | *[[\\/]]ccache ) ;; - distcc | *[[\\/]]distcc | purify | *[[\\/]]purify ) ;; - \-*) ;; - *) break;; - esac -done -cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` -]) - - -# _LT_COMPILER_BOILERPLATE -# ------------------------ -# Check for compiler boilerplate output or warnings with -# the simple compiler test code. -AC_DEFUN([_LT_COMPILER_BOILERPLATE], -[ac_outfile=conftest.$ac_objext -printf "$lt_simple_compile_test_code" >conftest.$ac_ext -eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_compiler_boilerplate=`cat conftest.err` -$rm conftest* -])# _LT_COMPILER_BOILERPLATE - - -# _LT_LINKER_BOILERPLATE -# ---------------------- -# Check for linker boilerplate output or warnings with -# the simple link test code. -AC_DEFUN([_LT_LINKER_BOILERPLATE], -[ac_outfile=conftest.$ac_objext -printf "$lt_simple_link_test_code" >conftest.$ac_ext -eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_linker_boilerplate=`cat conftest.err` -$rm conftest* -])# _LT_LINKER_BOILERPLATE - - -# _LT_AC_SYS_LIBPATH_AIX -# ---------------------- -# Links a minimal program and checks the executable -# for the system default hardcoded library path. In most cases, -# this is /usr/lib:/lib, but when the MPI compilers are used -# the location of the communication and MPI libs are included too. -# If we don't find anything, use the default library path according -# to the aix ld manual. -AC_DEFUN([_LT_AC_SYS_LIBPATH_AIX], -[AC_LINK_IFELSE(AC_LANG_PROGRAM,[ -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'`; fi],[]) -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi -])# _LT_AC_SYS_LIBPATH_AIX - - -# _LT_AC_SHELL_INIT(ARG) -# ---------------------- -AC_DEFUN([_LT_AC_SHELL_INIT], -[ifdef([AC_DIVERSION_NOTICE], - [AC_DIVERT_PUSH(AC_DIVERSION_NOTICE)], - [AC_DIVERT_PUSH(NOTICE)]) -$1 -AC_DIVERT_POP -])# _LT_AC_SHELL_INIT - - -# _LT_AC_PROG_ECHO_BACKSLASH -# -------------------------- -# Add some code to the start of the generated configure script which -# will find an echo command which doesn't interpret backslashes. -AC_DEFUN([_LT_AC_PROG_ECHO_BACKSLASH], -[_LT_AC_SHELL_INIT([ -# Check that we are running under the correct shell. -SHELL=${CONFIG_SHELL-/bin/sh} - -case X$ECHO in -X*--fallback-echo) - # Remove one level of quotation (which was required for Make). - ECHO=`echo "$ECHO" | sed 's,\\\\\[$]\\[$]0,'[$]0','` - ;; -esac - -echo=${ECHO-echo} -if test "X[$]1" = X--no-reexec; then - # Discard the --no-reexec flag, and continue. - shift -elif test "X[$]1" = X--fallback-echo; then - # Avoid inline document here, it may be left over - : -elif test "X`($echo '\t') 2>/dev/null`" = 'X\t' ; then - # Yippee, $echo works! - : -else - # Restart under the correct shell. - exec $SHELL "[$]0" --no-reexec ${1+"[$]@"} -fi - -if test "X[$]1" = X--fallback-echo; then - # used as fallback echo - shift - cat </dev/null 2>&1 && unset CDPATH - -if test -z "$ECHO"; then -if test "X${echo_test_string+set}" != Xset; then -# find a string as large as possible, as long as the shell can cope with it - for cmd in 'sed 50q "[$]0"' 'sed 20q "[$]0"' 'sed 10q "[$]0"' 'sed 2q "[$]0"' 'echo test'; do - # expected sizes: less than 2Kb, 1Kb, 512 bytes, 16 bytes, ... - if (echo_test_string=`eval $cmd`) 2>/dev/null && - echo_test_string=`eval $cmd` && - (test "X$echo_test_string" = "X$echo_test_string") 2>/dev/null - then - break - fi - done -fi - -if test "X`($echo '\t') 2>/dev/null`" = 'X\t' && - echo_testing_string=`($echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - : -else - # The Solaris, AIX, and Digital Unix default echo programs unquote - # backslashes. This makes it impossible to quote backslashes using - # echo "$something" | sed 's/\\/\\\\/g' - # - # So, first we look for a working echo in the user's PATH. - - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - for dir in $PATH /usr/ucb; do - IFS="$lt_save_ifs" - if (test -f $dir/echo || test -f $dir/echo$ac_exeext) && - test "X`($dir/echo '\t') 2>/dev/null`" = 'X\t' && - echo_testing_string=`($dir/echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - echo="$dir/echo" - break - fi - done - IFS="$lt_save_ifs" - - if test "X$echo" = Xecho; then - # We didn't find a better echo, so look for alternatives. - if test "X`(print -r '\t') 2>/dev/null`" = 'X\t' && - echo_testing_string=`(print -r "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - # This shell has a builtin print -r that does the trick. - echo='print -r' - elif (test -f /bin/ksh || test -f /bin/ksh$ac_exeext) && - test "X$CONFIG_SHELL" != X/bin/ksh; then - # If we have ksh, try running configure again with it. - ORIGINAL_CONFIG_SHELL=${CONFIG_SHELL-/bin/sh} - export ORIGINAL_CONFIG_SHELL - CONFIG_SHELL=/bin/ksh - export CONFIG_SHELL - exec $CONFIG_SHELL "[$]0" --no-reexec ${1+"[$]@"} - else - # Try using printf. - echo='printf %s\n' - if test "X`($echo '\t') 2>/dev/null`" = 'X\t' && - echo_testing_string=`($echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - # Cool, printf works - : - elif echo_testing_string=`($ORIGINAL_CONFIG_SHELL "[$]0" --fallback-echo '\t') 2>/dev/null` && - test "X$echo_testing_string" = 'X\t' && - echo_testing_string=`($ORIGINAL_CONFIG_SHELL "[$]0" --fallback-echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - CONFIG_SHELL=$ORIGINAL_CONFIG_SHELL - export CONFIG_SHELL - SHELL="$CONFIG_SHELL" - export SHELL - echo="$CONFIG_SHELL [$]0 --fallback-echo" - elif echo_testing_string=`($CONFIG_SHELL "[$]0" --fallback-echo '\t') 2>/dev/null` && - test "X$echo_testing_string" = 'X\t' && - echo_testing_string=`($CONFIG_SHELL "[$]0" --fallback-echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - echo="$CONFIG_SHELL [$]0 --fallback-echo" - else - # maybe with a smaller string... - prev=: - - for cmd in 'echo test' 'sed 2q "[$]0"' 'sed 10q "[$]0"' 'sed 20q "[$]0"' 'sed 50q "[$]0"'; do - if (test "X$echo_test_string" = "X`eval $cmd`") 2>/dev/null - then - break - fi - prev="$cmd" - done - - if test "$prev" != 'sed 50q "[$]0"'; then - echo_test_string=`eval $prev` - export echo_test_string - exec ${ORIGINAL_CONFIG_SHELL-${CONFIG_SHELL-/bin/sh}} "[$]0" ${1+"[$]@"} - else - # Oops. We lost completely, so just stick with echo. - echo=echo - fi - fi - fi - fi -fi -fi - -# Copy echo and quote the copy suitably for passing to libtool from -# the Makefile, instead of quoting the original, which is used later. -ECHO=$echo -if test "X$ECHO" = "X$CONFIG_SHELL [$]0 --fallback-echo"; then - ECHO="$CONFIG_SHELL \\\$\[$]0 --fallback-echo" -fi - -AC_SUBST(ECHO) -])])# _LT_AC_PROG_ECHO_BACKSLASH - - -# _LT_AC_LOCK -# ----------- -AC_DEFUN([_LT_AC_LOCK], -[AC_ARG_ENABLE([libtool-lock], - [AC_HELP_STRING([--disable-libtool-lock], - [avoid locking (might break parallel builds)])]) -test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes - -# Some flags need to be propagated to the compiler or linker for good -# libtool support. -case $host in -ia64-*-hpux*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if AC_TRY_EVAL(ac_compile); then - case `/usr/bin/file conftest.$ac_objext` in - *ELF-32*) - HPUX_IA64_MODE="32" - ;; - *ELF-64*) - HPUX_IA64_MODE="64" - ;; - esac - fi - rm -rf conftest* - ;; -*-*-irix6*) - # Find out which ABI we are using. - echo '[#]line __oline__ "configure"' > conftest.$ac_ext - if AC_TRY_EVAL(ac_compile); then - if test "$lt_cv_prog_gnu_ld" = yes; then - case `/usr/bin/file conftest.$ac_objext` in - *32-bit*) - LD="${LD-ld} -melf32bsmip" - ;; - *N32*) - LD="${LD-ld} -melf32bmipn32" - ;; - *64-bit*) - LD="${LD-ld} -melf64bmip" - ;; - esac - else - case `/usr/bin/file conftest.$ac_objext` in - *32-bit*) - LD="${LD-ld} -32" - ;; - *N32*) - LD="${LD-ld} -n32" - ;; - *64-bit*) - LD="${LD-ld} -64" - ;; - esac - fi - fi - rm -rf conftest* - ;; - -x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*|s390*-*linux*|sparc*-*linux*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if AC_TRY_EVAL(ac_compile); then - case `/usr/bin/file conftest.o` in - *32-bit*) - case $host in - x86_64-*linux*) - LD="${LD-ld} -m elf_i386" - ;; - ppc64-*linux*|powerpc64-*linux*) - LD="${LD-ld} -m elf32ppclinux" - ;; - s390x-*linux*) - LD="${LD-ld} -m elf_s390" - ;; - sparc64-*linux*) - LD="${LD-ld} -m elf32_sparc" - ;; - esac - ;; - *64-bit*) - case $host in - x86_64-*linux*) - LD="${LD-ld} -m elf_x86_64" - ;; - ppc*-*linux*|powerpc*-*linux*) - LD="${LD-ld} -m elf64ppc" - ;; - s390*-*linux*) - LD="${LD-ld} -m elf64_s390" - ;; - sparc*-*linux*) - LD="${LD-ld} -m elf64_sparc" - ;; - esac - ;; - esac - fi - rm -rf conftest* - ;; - -*-*-sco3.2v5*) - # On SCO OpenServer 5, we need -belf to get full-featured binaries. - SAVE_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -belf" - AC_CACHE_CHECK([whether the C compiler needs -belf], lt_cv_cc_needs_belf, - [AC_LANG_PUSH(C) - AC_TRY_LINK([],[],[lt_cv_cc_needs_belf=yes],[lt_cv_cc_needs_belf=no]) - AC_LANG_POP]) - if test x"$lt_cv_cc_needs_belf" != x"yes"; then - # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf - CFLAGS="$SAVE_CFLAGS" - fi - ;; -sparc*-*solaris*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if AC_TRY_EVAL(ac_compile); then - case `/usr/bin/file conftest.o` in - *64-bit*) - case $lt_cv_prog_gnu_ld in - yes*) LD="${LD-ld} -m elf64_sparc" ;; - *) LD="${LD-ld} -64" ;; - esac - ;; - esac - fi - rm -rf conftest* - ;; - -AC_PROVIDE_IFELSE([AC_LIBTOOL_WIN32_DLL], -[*-*-cygwin* | *-*-mingw* | *-*-pw32*) - AC_CHECK_TOOL(DLLTOOL, dlltool, false) - AC_CHECK_TOOL(AS, as, false) - AC_CHECK_TOOL(OBJDUMP, objdump, false) - ;; - ]) -esac - -need_locks="$enable_libtool_lock" - -])# _LT_AC_LOCK - - -# AC_LIBTOOL_COMPILER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS, -# [OUTPUT-FILE], [ACTION-SUCCESS], [ACTION-FAILURE]) -# ---------------------------------------------------------------- -# Check whether the given compiler option works -AC_DEFUN([AC_LIBTOOL_COMPILER_OPTION], -[AC_REQUIRE([LT_AC_PROG_SED]) -AC_CACHE_CHECK([$1], [$2], - [$2=no - ifelse([$4], , [ac_outfile=conftest.$ac_objext], [ac_outfile=$4]) - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - lt_compiler_flag="$3" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - # The option is referenced via a variable to avoid confusing sed. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:__oline__: $lt_compile\"" >&AS_MESSAGE_LOG_FD) - (eval "$lt_compile" 2>conftest.err) - ac_status=$? - cat conftest.err >&AS_MESSAGE_LOG_FD - echo "$as_me:__oline__: \$? = $ac_status" >&AS_MESSAGE_LOG_FD - if (exit $ac_status) && test -s "$ac_outfile"; then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings other than the usual output. - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then - $2=yes - fi - fi - $rm conftest* -]) - -if test x"[$]$2" = xyes; then - ifelse([$5], , :, [$5]) -else - ifelse([$6], , :, [$6]) -fi -])# AC_LIBTOOL_COMPILER_OPTION - - -# AC_LIBTOOL_LINKER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS, -# [ACTION-SUCCESS], [ACTION-FAILURE]) -# ------------------------------------------------------------ -# Check whether the given compiler option works -AC_DEFUN([AC_LIBTOOL_LINKER_OPTION], -[AC_CACHE_CHECK([$1], [$2], - [$2=no - save_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS $3" - printf "$lt_simple_link_test_code" > conftest.$ac_ext - if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then - # The linker can only warn and ignore the option if not recognized - # So say no if there are warnings - if test -s conftest.err; then - # Append any errors to the config.log. - cat conftest.err 1>&AS_MESSAGE_LOG_FD - $echo "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if diff conftest.exp conftest.er2 >/dev/null; then - $2=yes - fi - else - $2=yes - fi - fi - $rm conftest* - LDFLAGS="$save_LDFLAGS" -]) - -if test x"[$]$2" = xyes; then - ifelse([$4], , :, [$4]) -else - ifelse([$5], , :, [$5]) -fi -])# AC_LIBTOOL_LINKER_OPTION - - -# AC_LIBTOOL_SYS_MAX_CMD_LEN -# -------------------------- -AC_DEFUN([AC_LIBTOOL_SYS_MAX_CMD_LEN], -[# find the maximum length of command line arguments -AC_MSG_CHECKING([the maximum length of command line arguments]) -AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl - i=0 - teststring="ABCD" - - case $build_os in - msdosdjgpp*) - # On DJGPP, this test can blow up pretty badly due to problems in libc - # (any single argument exceeding 2000 bytes causes a buffer overrun - # during glob expansion). Even if it were fixed, the result of this - # check would be larger than it should be. - lt_cv_sys_max_cmd_len=12288; # 12K is about right - ;; - - gnu*) - # Under GNU Hurd, this test is not required because there is - # no limit to the length of command line arguments. - # Libtool will interpret -1 as no limit whatsoever - lt_cv_sys_max_cmd_len=-1; - ;; - - cygwin* | mingw*) - # On Win9x/ME, this test blows up -- it succeeds, but takes - # about 5 minutes as the teststring grows exponentially. - # Worse, since 9x/ME are not pre-emptively multitasking, - # you end up with a "frozen" computer, even though with patience - # the test eventually succeeds (with a max line length of 256k). - # Instead, let's just punt: use the minimum linelength reported by - # all of the supported platforms: 8192 (on NT/2K/XP). - lt_cv_sys_max_cmd_len=8192; - ;; - - amigaos*) - # On AmigaOS with pdksh, this test takes hours, literally. - # So we just punt and use a minimum line length of 8192. - lt_cv_sys_max_cmd_len=8192; - ;; - - netbsd* | freebsd* | openbsd* | darwin* | dragonfly*) - # This has been around since 386BSD, at least. Likely further. - if test -x /sbin/sysctl; then - lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax` - elif test -x /usr/sbin/sysctl; then - lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax` - else - lt_cv_sys_max_cmd_len=65536 # usable default for all BSDs - fi - # And add a safety zone - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` - ;; - - interix*) - # We know the value 262144 and hardcode it with a safety zone (like BSD) - lt_cv_sys_max_cmd_len=196608 - ;; - - osf*) - # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure - # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not - # nice to cause kernel panics so lets avoid the loop below. - # First set a reasonable default. - lt_cv_sys_max_cmd_len=16384 - # - if test -x /sbin/sysconfig; then - case `/sbin/sysconfig -q proc exec_disable_arg_limit` in - *1*) lt_cv_sys_max_cmd_len=-1 ;; - esac - fi - ;; - sco3.2v5*) - lt_cv_sys_max_cmd_len=102400 - ;; - sysv5* | sco5v6* | sysv4.2uw2*) - kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null` - if test -n "$kargmax"; then - lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[[ ]]//'` - else - lt_cv_sys_max_cmd_len=32768 - fi - ;; - *) - # If test is not a shell built-in, we'll probably end up computing a - # maximum length that is only half of the actual maximum length, but - # we can't tell. - SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}} - while (test "X"`$SHELL [$]0 --fallback-echo "X$teststring" 2>/dev/null` \ - = "XX$teststring") >/dev/null 2>&1 && - new_result=`expr "X$teststring" : ".*" 2>&1` && - lt_cv_sys_max_cmd_len=$new_result && - test $i != 17 # 1/2 MB should be enough - do - i=`expr $i + 1` - teststring=$teststring$teststring - done - teststring= - # Add a significant safety factor because C++ compilers can tack on massive - # amounts of additional arguments before passing them to the linker. - # It appears as though 1/2 is a usable value. - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2` - ;; - esac -]) -if test -n $lt_cv_sys_max_cmd_len ; then - AC_MSG_RESULT($lt_cv_sys_max_cmd_len) -else - AC_MSG_RESULT(none) -fi -])# AC_LIBTOOL_SYS_MAX_CMD_LEN - - -# _LT_AC_CHECK_DLFCN -# ------------------ -AC_DEFUN([_LT_AC_CHECK_DLFCN], -[AC_CHECK_HEADERS(dlfcn.h)dnl -])# _LT_AC_CHECK_DLFCN - - -# _LT_AC_TRY_DLOPEN_SELF (ACTION-IF-TRUE, ACTION-IF-TRUE-W-USCORE, -# ACTION-IF-FALSE, ACTION-IF-CROSS-COMPILING) -# --------------------------------------------------------------------- -AC_DEFUN([_LT_AC_TRY_DLOPEN_SELF], -[AC_REQUIRE([_LT_AC_CHECK_DLFCN])dnl -if test "$cross_compiling" = yes; then : - [$4] -else - lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 - lt_status=$lt_dlunknown - cat > conftest.$ac_ext < -#endif - -#include - -#ifdef RTLD_GLOBAL -# define LT_DLGLOBAL RTLD_GLOBAL -#else -# ifdef DL_GLOBAL -# define LT_DLGLOBAL DL_GLOBAL -# else -# define LT_DLGLOBAL 0 -# endif -#endif - -/* We may have to define LT_DLLAZY_OR_NOW in the command line if we - find out it does not work in some platform. */ -#ifndef LT_DLLAZY_OR_NOW -# ifdef RTLD_LAZY -# define LT_DLLAZY_OR_NOW RTLD_LAZY -# else -# ifdef DL_LAZY -# define LT_DLLAZY_OR_NOW DL_LAZY -# else -# ifdef RTLD_NOW -# define LT_DLLAZY_OR_NOW RTLD_NOW -# else -# ifdef DL_NOW -# define LT_DLLAZY_OR_NOW DL_NOW -# else -# define LT_DLLAZY_OR_NOW 0 -# endif -# endif -# endif -# endif -#endif - -#ifdef __cplusplus -extern "C" void exit (int); -#endif - -void fnord() { int i=42;} -int main () -{ - void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW); - int status = $lt_dlunknown; - - if (self) - { - if (dlsym (self,"fnord")) status = $lt_dlno_uscore; - else if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore; - /* dlclose (self); */ - } - else - puts (dlerror ()); - - exit (status); -}] -EOF - if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext} 2>/dev/null; then - (./conftest; exit; ) >&AS_MESSAGE_LOG_FD 2>/dev/null - lt_status=$? - case x$lt_status in - x$lt_dlno_uscore) $1 ;; - x$lt_dlneed_uscore) $2 ;; - x$lt_dlunknown|x*) $3 ;; - esac - else : - # compilation failed - $3 - fi -fi -rm -fr conftest* -])# _LT_AC_TRY_DLOPEN_SELF - - -# AC_LIBTOOL_DLOPEN_SELF -# ---------------------- -AC_DEFUN([AC_LIBTOOL_DLOPEN_SELF], -[AC_REQUIRE([_LT_AC_CHECK_DLFCN])dnl -if test "x$enable_dlopen" != xyes; then - enable_dlopen=unknown - enable_dlopen_self=unknown - enable_dlopen_self_static=unknown -else - lt_cv_dlopen=no - lt_cv_dlopen_libs= - - case $host_os in - beos*) - lt_cv_dlopen="load_add_on" - lt_cv_dlopen_libs= - lt_cv_dlopen_self=yes - ;; - - mingw* | pw32*) - lt_cv_dlopen="LoadLibrary" - lt_cv_dlopen_libs= - ;; - - cygwin*) - lt_cv_dlopen="dlopen" - lt_cv_dlopen_libs= - ;; - - darwin*) - # if libdl is installed we need to link against it - AC_CHECK_LIB([dl], [dlopen], - [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"],[ - lt_cv_dlopen="dyld" - lt_cv_dlopen_libs= - lt_cv_dlopen_self=yes - ]) - ;; - - *) - AC_CHECK_FUNC([shl_load], - [lt_cv_dlopen="shl_load"], - [AC_CHECK_LIB([dld], [shl_load], - [lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-dld"], - [AC_CHECK_FUNC([dlopen], - [lt_cv_dlopen="dlopen"], - [AC_CHECK_LIB([dl], [dlopen], - [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"], - [AC_CHECK_LIB([svld], [dlopen], - [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld"], - [AC_CHECK_LIB([dld], [dld_link], - [lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-dld"]) - ]) - ]) - ]) - ]) - ]) - ;; - esac - - if test "x$lt_cv_dlopen" != xno; then - enable_dlopen=yes - else - enable_dlopen=no - fi - - case $lt_cv_dlopen in - dlopen) - save_CPPFLAGS="$CPPFLAGS" - test "x$ac_cv_header_dlfcn_h" = xyes && CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H" - - save_LDFLAGS="$LDFLAGS" - wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\" - - save_LIBS="$LIBS" - LIBS="$lt_cv_dlopen_libs $LIBS" - - AC_CACHE_CHECK([whether a program can dlopen itself], - lt_cv_dlopen_self, [dnl - _LT_AC_TRY_DLOPEN_SELF( - lt_cv_dlopen_self=yes, lt_cv_dlopen_self=yes, - lt_cv_dlopen_self=no, lt_cv_dlopen_self=cross) - ]) - - if test "x$lt_cv_dlopen_self" = xyes; then - wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\" - AC_CACHE_CHECK([whether a statically linked program can dlopen itself], - lt_cv_dlopen_self_static, [dnl - _LT_AC_TRY_DLOPEN_SELF( - lt_cv_dlopen_self_static=yes, lt_cv_dlopen_self_static=yes, - lt_cv_dlopen_self_static=no, lt_cv_dlopen_self_static=cross) - ]) - fi - - CPPFLAGS="$save_CPPFLAGS" - LDFLAGS="$save_LDFLAGS" - LIBS="$save_LIBS" - ;; - esac - - case $lt_cv_dlopen_self in - yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;; - *) enable_dlopen_self=unknown ;; - esac - - case $lt_cv_dlopen_self_static in - yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;; - *) enable_dlopen_self_static=unknown ;; - esac -fi -])# AC_LIBTOOL_DLOPEN_SELF - - -# AC_LIBTOOL_PROG_CC_C_O([TAGNAME]) -# --------------------------------- -# Check to see if options -c and -o are simultaneously supported by compiler -AC_DEFUN([AC_LIBTOOL_PROG_CC_C_O], -[AC_REQUIRE([_LT_AC_SYS_COMPILER])dnl -AC_CACHE_CHECK([if $compiler supports -c -o file.$ac_objext], - [_LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1)], - [_LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1)=no - $rm -r conftest 2>/dev/null - mkdir conftest - cd conftest - mkdir out - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - - lt_compiler_flag="-o out/conftest2.$ac_objext" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:__oline__: $lt_compile\"" >&AS_MESSAGE_LOG_FD) - (eval "$lt_compile" 2>out/conftest.err) - ac_status=$? - cat out/conftest.err >&AS_MESSAGE_LOG_FD - echo "$as_me:__oline__: \$? = $ac_status" >&AS_MESSAGE_LOG_FD - if (exit $ac_status) && test -s out/conftest2.$ac_objext - then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp - $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2 - if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then - _LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes - fi - fi - chmod u+w . 2>&AS_MESSAGE_LOG_FD - $rm conftest* - # SGI C++ compiler will create directory out/ii_files/ for - # template instantiation - test -d out/ii_files && $rm out/ii_files/* && rmdir out/ii_files - $rm out/* && rmdir out - cd .. - rmdir conftest - $rm conftest* -]) -])# AC_LIBTOOL_PROG_CC_C_O - - -# AC_LIBTOOL_SYS_HARD_LINK_LOCKS([TAGNAME]) -# ----------------------------------------- -# Check to see if we can do hard links to lock some files if needed -AC_DEFUN([AC_LIBTOOL_SYS_HARD_LINK_LOCKS], -[AC_REQUIRE([_LT_AC_LOCK])dnl - -hard_links="nottested" -if test "$_LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1)" = no && test "$need_locks" != no; then - # do not overwrite the value of need_locks provided by the user - AC_MSG_CHECKING([if we can lock with hard links]) - hard_links=yes - $rm conftest* - ln conftest.a conftest.b 2>/dev/null && hard_links=no - touch conftest.a - ln conftest.a conftest.b 2>&5 || hard_links=no - ln conftest.a conftest.b 2>/dev/null && hard_links=no - AC_MSG_RESULT([$hard_links]) - if test "$hard_links" = no; then - AC_MSG_WARN([`$CC' does not support `-c -o', so `make -j' may be unsafe]) - need_locks=warn - fi -else - need_locks=no -fi -])# AC_LIBTOOL_SYS_HARD_LINK_LOCKS - - -# AC_LIBTOOL_OBJDIR -# ----------------- -AC_DEFUN([AC_LIBTOOL_OBJDIR], -[AC_CACHE_CHECK([for objdir], [lt_cv_objdir], -[rm -f .libs 2>/dev/null -mkdir .libs 2>/dev/null -if test -d .libs; then - lt_cv_objdir=.libs -else - # MS-DOS does not allow filenames that begin with a dot. - lt_cv_objdir=_libs -fi -rmdir .libs 2>/dev/null]) -objdir=$lt_cv_objdir -])# AC_LIBTOOL_OBJDIR - - -# AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH([TAGNAME]) -# ---------------------------------------------- -# Check hardcoding attributes. -AC_DEFUN([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH], -[AC_MSG_CHECKING([how to hardcode library paths into programs]) -_LT_AC_TAGVAR(hardcode_action, $1)= -if test -n "$_LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)" || \ - test -n "$_LT_AC_TAGVAR(runpath_var, $1)" || \ - test "X$_LT_AC_TAGVAR(hardcode_automatic, $1)" = "Xyes" ; then - - # We can hardcode non-existant directories. - if test "$_LT_AC_TAGVAR(hardcode_direct, $1)" != no && - # If the only mechanism to avoid hardcoding is shlibpath_var, we - # have to relink, otherwise we might link with an installed library - # when we should be linking with a yet-to-be-installed one - ## test "$_LT_AC_TAGVAR(hardcode_shlibpath_var, $1)" != no && - test "$_LT_AC_TAGVAR(hardcode_minus_L, $1)" != no; then - # Linking always hardcodes the temporary library directory. - _LT_AC_TAGVAR(hardcode_action, $1)=relink - else - # We can link without hardcoding, and we can hardcode nonexisting dirs. - _LT_AC_TAGVAR(hardcode_action, $1)=immediate - fi -else - # We cannot hardcode anything, or else we can only hardcode existing - # directories. - _LT_AC_TAGVAR(hardcode_action, $1)=unsupported -fi -AC_MSG_RESULT([$_LT_AC_TAGVAR(hardcode_action, $1)]) - -if test "$_LT_AC_TAGVAR(hardcode_action, $1)" = relink; then - # Fast installation is not supported - enable_fast_install=no -elif test "$shlibpath_overrides_runpath" = yes || - test "$enable_shared" = no; then - # Fast installation is not necessary - enable_fast_install=needless -fi -])# AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH - - -# AC_LIBTOOL_SYS_LIB_STRIP -# ------------------------ -AC_DEFUN([AC_LIBTOOL_SYS_LIB_STRIP], -[striplib= -old_striplib= -AC_MSG_CHECKING([whether stripping libraries is possible]) -if test -n "$STRIP" && $STRIP -V 2>&1 | grep "GNU strip" >/dev/null; then - test -z "$old_striplib" && old_striplib="$STRIP --strip-debug" - test -z "$striplib" && striplib="$STRIP --strip-unneeded" - AC_MSG_RESULT([yes]) -else -# FIXME - insert some real tests, host_os isn't really good enough - case $host_os in - darwin*) - if test -n "$STRIP" ; then - striplib="$STRIP -x" - AC_MSG_RESULT([yes]) - else - AC_MSG_RESULT([no]) -fi - ;; - *) - AC_MSG_RESULT([no]) - ;; - esac -fi -])# AC_LIBTOOL_SYS_LIB_STRIP - - -# AC_LIBTOOL_SYS_DYNAMIC_LINKER -# ----------------------------- -# PORTME Fill in your ld.so characteristics -AC_DEFUN([AC_LIBTOOL_SYS_DYNAMIC_LINKER], -[AC_MSG_CHECKING([dynamic linker characteristics]) -library_names_spec= -libname_spec='lib$name' -soname_spec= -shrext_cmds=".so" -postinstall_cmds= -postuninstall_cmds= -finish_cmds= -finish_eval= -shlibpath_var= -shlibpath_overrides_runpath=unknown -version_type=none -dynamic_linker="$host_os ld.so" -sys_lib_dlsearch_path_spec="/lib /usr/lib" -if test "$GCC" = yes; then - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"` - if echo "$sys_lib_search_path_spec" | grep ';' >/dev/null ; then - # if the path contains ";" then we assume it to be the separator - # otherwise default to the standard path separator (i.e. ":") - it is - # assumed that no part of a normal pathname contains ";" but that should - # okay in the real world where ";" in dirpaths is itself problematic. - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi -else - sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib" -fi -need_lib_prefix=unknown -hardcode_into_libs=no - -# when you set need_version to no, make sure it does not cause -set_version -# flags to be left without arguments -need_version=unknown - -case $host_os in -aix3*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a' - shlibpath_var=LIBPATH - - # AIX 3 has no versioning support, so we append a major version to the name. - soname_spec='${libname}${release}${shared_ext}$major' - ;; - -aix4* | aix5*) - version_type=linux - need_lib_prefix=no - need_version=no - hardcode_into_libs=yes - if test "$host_cpu" = ia64; then - # AIX 5 supports IA64 - library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - else - # With GCC up to 2.95.x, collect2 would create an import file - # for dependence libraries. The import file would start with - # the line `#! .'. This would cause the generated library to - # depend on `.', always an invalid library. This was fixed in - # development snapshots of GCC prior to 3.0. - case $host_os in - aix4 | aix4.[[01]] | aix4.[[01]].*) - if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)' - echo ' yes ' - echo '#endif'; } | ${CC} -E - | grep yes > /dev/null; then - : - else - can_build_shared=no - fi - ;; - esac - # AIX (on Power*) has no versioning support, so currently we can not hardcode correct - # soname into executable. Probably we can add versioning support to - # collect2, so additional links can be useful in future. - if test "$aix_use_runtimelinking" = yes; then - # If using run time linking (on AIX 4.2 or later) use lib.so - # instead of lib.a to let people know that these are not - # typical AIX shared libraries. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - else - # We preserve .a as extension for shared libraries through AIX4.2 - # and later when we are not doing run time linking. - library_names_spec='${libname}${release}.a $libname.a' - soname_spec='${libname}${release}${shared_ext}$major' - fi - shlibpath_var=LIBPATH - fi - ;; - -amigaos*) - library_names_spec='$libname.ixlibrary $libname.a' - # Create ${libname}_ixlibrary.a entries in /sys/libs. - finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$echo "X$lib" | $Xsed -e '\''s%^.*/\([[^/]]*\)\.ixlibrary$%\1%'\''`; test $rm /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done' - ;; - -beos*) - library_names_spec='${libname}${shared_ext}' - dynamic_linker="$host_os ld.so" - shlibpath_var=LIBRARY_PATH - ;; - -bsdi[[45]]*) - version_type=linux - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib" - sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib" - # the default ld.so.conf also contains /usr/contrib/lib and - # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow - # libtool to hard-code these into programs - ;; - -cygwin* | mingw* | pw32*) - version_type=windows - shrext_cmds=".dll" - need_version=no - need_lib_prefix=no - - case $GCC,$host_os in - yes,cygwin* | yes,mingw* | yes,pw32*) - library_names_spec='$libname.dll.a' - # DLL is installed to $(libdir)/../bin by postinstall_cmds - postinstall_cmds='base_file=`basename \${file}`~ - dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i;echo \$dlname'\''`~ - dldir=$destdir/`dirname \$dlpath`~ - test -d \$dldir || mkdir -p \$dldir~ - $install_prog $dir/$dlname \$dldir/$dlname~ - chmod a+x \$dldir/$dlname' - postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ - dlpath=$dir/\$dldll~ - $rm \$dlpath' - shlibpath_overrides_runpath=yes - - case $host_os in - cygwin*) - # Cygwin DLLs use 'cyg' prefix rather than 'lib' - soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}' - sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib" - ;; - mingw*) - # MinGW DLLs use traditional 'lib' prefix - soname_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}' - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"` - if echo "$sys_lib_search_path_spec" | [grep ';[c-zC-Z]:/' >/dev/null]; then - # It is most probably a Windows format PATH printed by - # mingw gcc, but we are running on Cygwin. Gcc prints its search - # path with ; separators, and with drive letters. We can handle the - # drive letters (cygwin fileutils understands them), so leave them, - # especially as we might pass files found there to a mingw objdump, - # which wouldn't understand a cygwinified path. Ahh. - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi - ;; - pw32*) - # pw32 DLLs use 'pw' prefix rather than 'lib' - library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}' - ;; - esac - ;; - - *) - library_names_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext} $libname.lib' - ;; - esac - dynamic_linker='Win32 ld.exe' - # FIXME: first we should search . and the directory the executable is in - shlibpath_var=PATH - ;; - -darwin* | rhapsody*) - dynamic_linker="$host_os dyld" - version_type=darwin - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext ${libname}${release}${versuffix}$shared_ext' - soname_spec='${libname}${release}${major}$shared_ext' - shlibpath_overrides_runpath=yes - shlibpath_var=DYLD_LIBRARY_PATH - shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`' - # Apple's gcc prints 'gcc -print-search-dirs' doesn't operate the same. - if test "$GCC" = yes; then - sys_lib_search_path_spec=`$CC -print-search-dirs | tr "\n" "$PATH_SEPARATOR" | sed -e 's/libraries:/@libraries:/' | tr "@" "\n" | grep "^libraries:" | sed -e "s/^libraries://" -e "s,=/,/,g" -e "s,$PATH_SEPARATOR, ,g" -e "s,.*,& /lib /usr/lib /usr/local/lib,g"` - else - sys_lib_search_path_spec='/lib /usr/lib /usr/local/lib' - fi - sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib' - ;; - -dgux*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -freebsd1*) - dynamic_linker=no - ;; - -kfreebsd*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='GNU ld.so' - ;; - -freebsd* | dragonfly*) - # DragonFly does not have aout. When/if they implement a new - # versioning mechanism, adjust this. - if test -x /usr/bin/objformat; then - objformat=`/usr/bin/objformat` - else - case $host_os in - freebsd[[123]]*) objformat=aout ;; - *) objformat=elf ;; - esac - fi - version_type=freebsd-$objformat - case $version_type in - freebsd-elf*) - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - need_version=no - need_lib_prefix=no - ;; - freebsd-*) - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix' - need_version=yes - ;; - esac - shlibpath_var=LD_LIBRARY_PATH - case $host_os in - freebsd2*) - shlibpath_overrides_runpath=yes - ;; - freebsd3.[[01]]* | freebsdelf3.[[01]]*) - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - freebsd3.[[2-9]]* | freebsdelf3.[[2-9]]* | \ - freebsd4.[[0-5]] | freebsdelf4.[[0-5]] | freebsd4.1.1 | freebsdelf4.1.1) - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - freebsd*) # from 4.6 on - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - esac - ;; - -gnu*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - ;; - -hpux9* | hpux10* | hpux11*) - # Give a soname corresponding to the major version so that dld.sl refuses to - # link against other versions. - version_type=sunos - need_lib_prefix=no - need_version=no - case $host_cpu in - ia64*) - shrext_cmds='.so' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.so" - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - if test "X$HPUX_IA64_MODE" = X32; then - sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib" - else - sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64" - fi - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - hppa*64*) - shrext_cmds='.sl' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.sl" - shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64" - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - *) - shrext_cmds='.sl' - dynamic_linker="$host_os dld.sl" - shlibpath_var=SHLIB_PATH - shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - ;; - esac - # HP-UX runs *really* slowly unless shared libraries are mode 555. - postinstall_cmds='chmod 555 $lib' - ;; - -interix3*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - -irix5* | irix6* | nonstopux*) - case $host_os in - nonstopux*) version_type=nonstopux ;; - *) - if test "$lt_cv_prog_gnu_ld" = yes; then - version_type=linux - else - version_type=irix - fi ;; - esac - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}' - case $host_os in - irix5* | nonstopux*) - libsuff= shlibsuff= - ;; - *) - case $LD in # libtool.m4 will add one of these switches to LD - *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ") - libsuff= shlibsuff= libmagic=32-bit;; - *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ") - libsuff=32 shlibsuff=N32 libmagic=N32;; - *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ") - libsuff=64 shlibsuff=64 libmagic=64-bit;; - *) libsuff= shlibsuff= libmagic=never-match;; - esac - ;; - esac - shlibpath_var=LD_LIBRARY${shlibsuff}_PATH - shlibpath_overrides_runpath=no - sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}" - sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}" - hardcode_into_libs=yes - ;; - -# No shared lib support for Linux oldld, aout, or coff. -linux*oldld* | linux*aout* | linux*coff*) - dynamic_linker=no - ;; - -# This must be Linux ELF. -linux*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - # This implies no fast_install, which is unacceptable. - # Some rework will be needed to allow for fast_install - # before this can be enabled. - hardcode_into_libs=yes - - # Append ld.so.conf contents to the search path - if test -f /etc/ld.so.conf; then - lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '` - sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" - fi - - # We used to test for /lib/ld.so.1 and disable shared libraries on - # powerpc, because MkLinux only supported shared libraries with the - # GNU dynamic linker. Since this was broken with cross compilers, - # most powerpc-linux boxes support dynamic linking these days and - # people can always --disable-shared, the test was removed, and we - # assume the GNU/Linux dynamic linker is in use. - dynamic_linker='GNU/Linux ld.so' - ;; - -knetbsd*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='GNU ld.so' - ;; - -netbsd*) - version_type=sunos - need_lib_prefix=no - need_version=no - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - dynamic_linker='NetBSD (a.out) ld.so' - else - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='NetBSD ld.elf_so' - fi - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - -newsos6) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -nto-qnx*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -openbsd*) - version_type=sunos - sys_lib_dlsearch_path_spec="/usr/lib" - need_lib_prefix=no - # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs. - case $host_os in - openbsd3.3 | openbsd3.3.*) need_version=yes ;; - *) need_version=no ;; - esac - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - shlibpath_var=LD_LIBRARY_PATH - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - case $host_os in - openbsd2.[[89]] | openbsd2.[[89]].*) - shlibpath_overrides_runpath=no - ;; - *) - shlibpath_overrides_runpath=yes - ;; - esac - else - shlibpath_overrides_runpath=yes - fi - ;; - -os2*) - libname_spec='$name' - shrext_cmds=".dll" - need_lib_prefix=no - library_names_spec='$libname${shared_ext} $libname.a' - dynamic_linker='OS/2 ld.exe' - shlibpath_var=LIBPATH - ;; - -osf3* | osf4* | osf5*) - version_type=osf - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib" - sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec" - ;; - -solaris*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - # ldd complains unless libraries are executable - postinstall_cmds='chmod +x $lib' - ;; - -sunos4*) - version_type=sunos - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - if test "$with_gnu_ld" = yes; then - need_lib_prefix=no - fi - need_version=yes - ;; - -sysv4 | sysv4.3*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - case $host_vendor in - sni) - shlibpath_overrides_runpath=no - need_lib_prefix=no - export_dynamic_flag_spec='${wl}-Blargedynsym' - runpath_var=LD_RUN_PATH - ;; - siemens) - need_lib_prefix=no - ;; - motorola) - need_lib_prefix=no - need_version=no - shlibpath_overrides_runpath=no - sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib' - ;; - esac - ;; - -sysv4*MP*) - if test -d /usr/nec ;then - version_type=linux - library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}' - soname_spec='$libname${shared_ext}.$major' - shlibpath_var=LD_LIBRARY_PATH - fi - ;; - -sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) - version_type=freebsd-elf - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - if test "$with_gnu_ld" = yes; then - sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib' - shlibpath_overrides_runpath=no - else - sys_lib_search_path_spec='/usr/ccs/lib /usr/lib' - shlibpath_overrides_runpath=yes - case $host_os in - sco3.2v5*) - sys_lib_search_path_spec="$sys_lib_search_path_spec /lib" - ;; - esac - fi - sys_lib_dlsearch_path_spec='/usr/lib' - ;; - -uts4*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -*) - dynamic_linker=no - ;; -esac -AC_MSG_RESULT([$dynamic_linker]) -test "$dynamic_linker" = no && can_build_shared=no - -variables_saved_for_relink="PATH $shlibpath_var $runpath_var" -if test "$GCC" = yes; then - variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" -fi -])# AC_LIBTOOL_SYS_DYNAMIC_LINKER - - -# _LT_AC_TAGCONFIG -# ---------------- -AC_DEFUN([_LT_AC_TAGCONFIG], -[AC_ARG_WITH([tags], - [AC_HELP_STRING([--with-tags@<:@=TAGS@:>@], - [include additional configurations @<:@automatic@:>@])], - [tagnames="$withval"]) - -if test -f "$ltmain" && test -n "$tagnames"; then - if test ! -f "${ofile}"; then - AC_MSG_WARN([output file `$ofile' does not exist]) - fi - - if test -z "$LTCC"; then - eval "`$SHELL ${ofile} --config | grep '^LTCC='`" - if test -z "$LTCC"; then - AC_MSG_WARN([output file `$ofile' does not look like a libtool script]) - else - AC_MSG_WARN([using `LTCC=$LTCC', extracted from `$ofile']) - fi - fi - if test -z "$LTCFLAGS"; then - eval "`$SHELL ${ofile} --config | grep '^LTCFLAGS='`" - fi - - # Extract list of available tagged configurations in $ofile. - # Note that this assumes the entire list is on one line. - available_tags=`grep "^available_tags=" "${ofile}" | $SED -e 's/available_tags=\(.*$\)/\1/' -e 's/\"//g'` - - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for tagname in $tagnames; do - IFS="$lt_save_ifs" - # Check whether tagname contains only valid characters - case `$echo "X$tagname" | $Xsed -e 's:[[-_ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890,/]]::g'` in - "") ;; - *) AC_MSG_ERROR([invalid tag name: $tagname]) - ;; - esac - - if grep "^# ### BEGIN LIBTOOL TAG CONFIG: $tagname$" < "${ofile}" > /dev/null - then - AC_MSG_ERROR([tag name \"$tagname\" already exists]) - fi - - # Update the list of available tags. - if test -n "$tagname"; then - echo appending configuration tag \"$tagname\" to $ofile - - case $tagname in - CXX) - if test -n "$CXX" && ( test "X$CXX" != "Xno" && - ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) || - (test "X$CXX" != "Xg++"))) ; then - AC_LIBTOOL_LANG_CXX_CONFIG - else - tagname="" - fi - ;; - - F77) - if test -n "$F77" && test "X$F77" != "Xno"; then - AC_LIBTOOL_LANG_F77_CONFIG - else - tagname="" - fi - ;; - - GCJ) - if test -n "$GCJ" && test "X$GCJ" != "Xno"; then - AC_LIBTOOL_LANG_GCJ_CONFIG - else - tagname="" - fi - ;; - - RC) - AC_LIBTOOL_LANG_RC_CONFIG - ;; - - *) - AC_MSG_ERROR([Unsupported tag name: $tagname]) - ;; - esac - - # Append the new tag name to the list of available tags. - if test -n "$tagname" ; then - available_tags="$available_tags $tagname" - fi - fi - done - IFS="$lt_save_ifs" - - # Now substitute the updated list of available tags. - if eval "sed -e 's/^available_tags=.*\$/available_tags=\"$available_tags\"/' \"$ofile\" > \"${ofile}T\""; then - mv "${ofile}T" "$ofile" - chmod +x "$ofile" - else - rm -f "${ofile}T" - AC_MSG_ERROR([unable to update list of available tagged configurations.]) - fi -fi -])# _LT_AC_TAGCONFIG - - -# AC_LIBTOOL_DLOPEN -# ----------------- -# enable checks for dlopen support -AC_DEFUN([AC_LIBTOOL_DLOPEN], - [AC_BEFORE([$0],[AC_LIBTOOL_SETUP]) -])# AC_LIBTOOL_DLOPEN - - -# AC_LIBTOOL_WIN32_DLL -# -------------------- -# declare package support for building win32 DLLs -AC_DEFUN([AC_LIBTOOL_WIN32_DLL], -[AC_BEFORE([$0], [AC_LIBTOOL_SETUP]) -])# AC_LIBTOOL_WIN32_DLL - - -# AC_ENABLE_SHARED([DEFAULT]) -# --------------------------- -# implement the --enable-shared flag -# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'. -AC_DEFUN([AC_ENABLE_SHARED], -[define([AC_ENABLE_SHARED_DEFAULT], ifelse($1, no, no, yes))dnl -AC_ARG_ENABLE([shared], - [AC_HELP_STRING([--enable-shared@<:@=PKGS@:>@], - [build shared libraries @<:@default=]AC_ENABLE_SHARED_DEFAULT[@:>@])], - [p=${PACKAGE-default} - case $enableval in - yes) enable_shared=yes ;; - no) enable_shared=no ;; - *) - enable_shared=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_shared=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac], - [enable_shared=]AC_ENABLE_SHARED_DEFAULT) -])# AC_ENABLE_SHARED - - -# AC_DISABLE_SHARED -# ----------------- -# set the default shared flag to --disable-shared -AC_DEFUN([AC_DISABLE_SHARED], -[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl -AC_ENABLE_SHARED(no) -])# AC_DISABLE_SHARED - - -# AC_ENABLE_STATIC([DEFAULT]) -# --------------------------- -# implement the --enable-static flag -# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'. -AC_DEFUN([AC_ENABLE_STATIC], -[define([AC_ENABLE_STATIC_DEFAULT], ifelse($1, no, no, yes))dnl -AC_ARG_ENABLE([static], - [AC_HELP_STRING([--enable-static@<:@=PKGS@:>@], - [build static libraries @<:@default=]AC_ENABLE_STATIC_DEFAULT[@:>@])], - [p=${PACKAGE-default} - case $enableval in - yes) enable_static=yes ;; - no) enable_static=no ;; - *) - enable_static=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_static=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac], - [enable_static=]AC_ENABLE_STATIC_DEFAULT) -])# AC_ENABLE_STATIC - - -# AC_DISABLE_STATIC -# ----------------- -# set the default static flag to --disable-static -AC_DEFUN([AC_DISABLE_STATIC], -[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl -AC_ENABLE_STATIC(no) -])# AC_DISABLE_STATIC - - -# AC_ENABLE_FAST_INSTALL([DEFAULT]) -# --------------------------------- -# implement the --enable-fast-install flag -# DEFAULT is either `yes' or `no'. If omitted, it defaults to `yes'. -AC_DEFUN([AC_ENABLE_FAST_INSTALL], -[define([AC_ENABLE_FAST_INSTALL_DEFAULT], ifelse($1, no, no, yes))dnl -AC_ARG_ENABLE([fast-install], - [AC_HELP_STRING([--enable-fast-install@<:@=PKGS@:>@], - [optimize for fast installation @<:@default=]AC_ENABLE_FAST_INSTALL_DEFAULT[@:>@])], - [p=${PACKAGE-default} - case $enableval in - yes) enable_fast_install=yes ;; - no) enable_fast_install=no ;; - *) - enable_fast_install=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_fast_install=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac], - [enable_fast_install=]AC_ENABLE_FAST_INSTALL_DEFAULT) -])# AC_ENABLE_FAST_INSTALL - - -# AC_DISABLE_FAST_INSTALL -# ----------------------- -# set the default to --disable-fast-install -AC_DEFUN([AC_DISABLE_FAST_INSTALL], -[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl -AC_ENABLE_FAST_INSTALL(no) -])# AC_DISABLE_FAST_INSTALL - - -# AC_LIBTOOL_PICMODE([MODE]) -# -------------------------- -# implement the --with-pic flag -# MODE is either `yes' or `no'. If omitted, it defaults to `both'. -AC_DEFUN([AC_LIBTOOL_PICMODE], -[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl -pic_mode=ifelse($#,1,$1,default) -])# AC_LIBTOOL_PICMODE - - -# AC_PROG_EGREP -# ------------- -# This is predefined starting with Autoconf 2.54, so this conditional -# definition can be removed once we require Autoconf 2.54 or later. -m4_ifndef([AC_PROG_EGREP], [AC_DEFUN([AC_PROG_EGREP], -[AC_CACHE_CHECK([for egrep], [ac_cv_prog_egrep], - [if echo a | (grep -E '(a|b)') >/dev/null 2>&1 - then ac_cv_prog_egrep='grep -E' - else ac_cv_prog_egrep='egrep' - fi]) - EGREP=$ac_cv_prog_egrep - AC_SUBST([EGREP]) -])]) - - -# AC_PATH_TOOL_PREFIX -# ------------------- -# find a file program which can recognise shared library -AC_DEFUN([AC_PATH_TOOL_PREFIX], -[AC_REQUIRE([AC_PROG_EGREP])dnl -AC_MSG_CHECKING([for $1]) -AC_CACHE_VAL(lt_cv_path_MAGIC_CMD, -[case $MAGIC_CMD in -[[\\/*] | ?:[\\/]*]) - lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path. - ;; -*) - lt_save_MAGIC_CMD="$MAGIC_CMD" - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR -dnl $ac_dummy forces splitting on constant user-supplied paths. -dnl POSIX.2 word splitting is done only on the output of word expansions, -dnl not every word. This closes a longstanding sh security hole. - ac_dummy="ifelse([$2], , $PATH, [$2])" - for ac_dir in $ac_dummy; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/$1; then - lt_cv_path_MAGIC_CMD="$ac_dir/$1" - if test -n "$file_magic_test_file"; then - case $deplibs_check_method in - "file_magic "*) - file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"` - MAGIC_CMD="$lt_cv_path_MAGIC_CMD" - if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null | - $EGREP "$file_magic_regex" > /dev/null; then - : - else - cat <&2 - -*** Warning: the command libtool uses to detect shared libraries, -*** $file_magic_cmd, produces output that libtool cannot recognize. -*** The result is that libtool may fail to recognize shared libraries -*** as such. This will affect the creation of libtool libraries that -*** depend on shared libraries, but programs linked with such libtool -*** libraries will work regardless of this problem. Nevertheless, you -*** may want to report the problem to your system manager and/or to -*** bug-libtool@gnu.org - -EOF - fi ;; - esac - fi - break - fi - done - IFS="$lt_save_ifs" - MAGIC_CMD="$lt_save_MAGIC_CMD" - ;; -esac]) -MAGIC_CMD="$lt_cv_path_MAGIC_CMD" -if test -n "$MAGIC_CMD"; then - AC_MSG_RESULT($MAGIC_CMD) -else - AC_MSG_RESULT(no) -fi -])# AC_PATH_TOOL_PREFIX - - -# AC_PATH_MAGIC -# ------------- -# find a file program which can recognise a shared library -AC_DEFUN([AC_PATH_MAGIC], -[AC_PATH_TOOL_PREFIX(${ac_tool_prefix}file, /usr/bin$PATH_SEPARATOR$PATH) -if test -z "$lt_cv_path_MAGIC_CMD"; then - if test -n "$ac_tool_prefix"; then - AC_PATH_TOOL_PREFIX(file, /usr/bin$PATH_SEPARATOR$PATH) - else - MAGIC_CMD=: - fi -fi -])# AC_PATH_MAGIC - - -# AC_PROG_LD -# ---------- -# find the pathname to the GNU or non-GNU linker -AC_DEFUN([AC_PROG_LD], -[AC_ARG_WITH([gnu-ld], - [AC_HELP_STRING([--with-gnu-ld], - [assume the C compiler uses GNU ld @<:@default=no@:>@])], - [test "$withval" = no || with_gnu_ld=yes], - [with_gnu_ld=no]) -AC_REQUIRE([LT_AC_PROG_SED])dnl -AC_REQUIRE([AC_PROG_CC])dnl -AC_REQUIRE([AC_CANONICAL_HOST])dnl -AC_REQUIRE([AC_CANONICAL_BUILD])dnl -ac_prog=ld -if test "$GCC" = yes; then - # Check if gcc -print-prog-name=ld gives a path. - AC_MSG_CHECKING([for ld used by $CC]) - case $host in - *-*-mingw*) - # gcc leaves a trailing carriage return which upsets mingw - ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;; - *) - ac_prog=`($CC -print-prog-name=ld) 2>&5` ;; - esac - case $ac_prog in - # Accept absolute paths. - [[\\/]]* | ?:[[\\/]]*) - re_direlt='/[[^/]][[^/]]*/\.\./' - # Canonicalize the pathname of ld - ac_prog=`echo $ac_prog| $SED 's%\\\\%/%g'` - while echo $ac_prog | grep "$re_direlt" > /dev/null 2>&1; do - ac_prog=`echo $ac_prog| $SED "s%$re_direlt%/%"` - done - test -z "$LD" && LD="$ac_prog" - ;; - "") - # If it fails, then pretend we aren't using GCC. - ac_prog=ld - ;; - *) - # If it is relative, then search for the first ld in PATH. - with_gnu_ld=unknown - ;; - esac -elif test "$with_gnu_ld" = yes; then - AC_MSG_CHECKING([for GNU ld]) -else - AC_MSG_CHECKING([for non-GNU ld]) -fi -AC_CACHE_VAL(lt_cv_path_LD, -[if test -z "$LD"; then - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - for ac_dir in $PATH; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then - lt_cv_path_LD="$ac_dir/$ac_prog" - # Check to see if the program is GNU ld. I'd rather use --version, - # but apparently some variants of GNU ld only accept -v. - # Break only if it was the GNU/non-GNU ld that we prefer. - case `"$lt_cv_path_LD" -v 2>&1 &1 /dev/null; then - case $host_cpu in - i*86 ) - # Not sure whether the presence of OpenBSD here was a mistake. - # Let's accept both of them until this is cleared up. - lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[[3-9]]86 (compact )?demand paged shared library' - lt_cv_file_magic_cmd=/usr/bin/file - lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*` - ;; - esac - else - lt_cv_deplibs_check_method=pass_all - fi - ;; - -gnu*) - lt_cv_deplibs_check_method=pass_all - ;; - -hpux10.20* | hpux11*) - lt_cv_file_magic_cmd=/usr/bin/file - case $host_cpu in - ia64*) - lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|ELF-[[0-9]][[0-9]]) shared object file - IA64' - lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so - ;; - hppa*64*) - [lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - PA-RISC [0-9].[0-9]'] - lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl - ;; - *) - lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|PA-RISC[[0-9]].[[0-9]]) shared library' - lt_cv_file_magic_test_file=/usr/lib/libc.sl - ;; - esac - ;; - -interix3*) - # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here - lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|\.a)$' - ;; - -irix5* | irix6* | nonstopux*) - case $LD in - *-32|*"-32 ") libmagic=32-bit;; - *-n32|*"-n32 ") libmagic=N32;; - *-64|*"-64 ") libmagic=64-bit;; - *) libmagic=never-match;; - esac - lt_cv_deplibs_check_method=pass_all - ;; - -# This must be Linux ELF. -linux*) - lt_cv_deplibs_check_method=pass_all - ;; - -netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ > /dev/null; then - lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$' - else - lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|_pic\.a)$' - fi - ;; - -newos6*) - lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (executable|dynamic lib)' - lt_cv_file_magic_cmd=/usr/bin/file - lt_cv_file_magic_test_file=/usr/lib/libnls.so - ;; - -nto-qnx*) - lt_cv_deplibs_check_method=unknown - ;; - -openbsd*) - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|\.so|_pic\.a)$' - else - lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$' - fi - ;; - -osf3* | osf4* | osf5*) - lt_cv_deplibs_check_method=pass_all - ;; - -solaris*) - lt_cv_deplibs_check_method=pass_all - ;; - -sysv4 | sysv4.3*) - case $host_vendor in - motorola) - lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib) M[[0-9]][[0-9]]* Version [[0-9]]' - lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*` - ;; - ncr) - lt_cv_deplibs_check_method=pass_all - ;; - sequent) - lt_cv_file_magic_cmd='/bin/file' - lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB (shared object|dynamic lib )' - ;; - sni) - lt_cv_file_magic_cmd='/bin/file' - lt_cv_deplibs_check_method="file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB dynamic lib" - lt_cv_file_magic_test_file=/lib/libc.so - ;; - siemens) - lt_cv_deplibs_check_method=pass_all - ;; - pc) - lt_cv_deplibs_check_method=pass_all - ;; - esac - ;; - -sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) - lt_cv_deplibs_check_method=pass_all - ;; -esac -]) -file_magic_cmd=$lt_cv_file_magic_cmd -deplibs_check_method=$lt_cv_deplibs_check_method -test -z "$deplibs_check_method" && deplibs_check_method=unknown -])# AC_DEPLIBS_CHECK_METHOD - - -# AC_PROG_NM -# ---------- -# find the pathname to a BSD-compatible name lister -AC_DEFUN([AC_PROG_NM], -[AC_CACHE_CHECK([for BSD-compatible nm], lt_cv_path_NM, -[if test -n "$NM"; then - # Let the user override the test. - lt_cv_path_NM="$NM" -else - lt_nm_to_check="${ac_tool_prefix}nm" - if test -n "$ac_tool_prefix" && test "$build" = "$host"; then - lt_nm_to_check="$lt_nm_to_check nm" - fi - for lt_tmp_nm in $lt_nm_to_check; do - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - tmp_nm="$ac_dir/$lt_tmp_nm" - if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext" ; then - # Check to see if the nm accepts a BSD-compat flag. - # Adding the `sed 1q' prevents false positives on HP-UX, which says: - # nm: unknown option "B" ignored - # Tru64's nm complains that /dev/null is an invalid object file - case `"$tmp_nm" -B /dev/null 2>&1 | sed '1q'` in - */dev/null* | *'Invalid file or object type'*) - lt_cv_path_NM="$tmp_nm -B" - break - ;; - *) - case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in - */dev/null*) - lt_cv_path_NM="$tmp_nm -p" - break - ;; - *) - lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but - continue # so that we can try to find one that supports BSD flags - ;; - esac - ;; - esac - fi - done - IFS="$lt_save_ifs" - done - test -z "$lt_cv_path_NM" && lt_cv_path_NM=nm -fi]) -NM="$lt_cv_path_NM" -])# AC_PROG_NM - - -# AC_CHECK_LIBM -# ------------- -# check for math library -AC_DEFUN([AC_CHECK_LIBM], -[AC_REQUIRE([AC_CANONICAL_HOST])dnl -LIBM= -case $host in -*-*-beos* | *-*-cygwin* | *-*-pw32* | *-*-darwin*) - # These system don't have libm, or don't need it - ;; -*-ncr-sysv4.3*) - AC_CHECK_LIB(mw, _mwvalidcheckl, LIBM="-lmw") - AC_CHECK_LIB(m, cos, LIBM="$LIBM -lm") - ;; -*) - AC_CHECK_LIB(m, cos, LIBM="-lm") - ;; -esac -])# AC_CHECK_LIBM - - -# AC_LIBLTDL_CONVENIENCE([DIRECTORY]) -# ----------------------------------- -# sets LIBLTDL to the link flags for the libltdl convenience library and -# LTDLINCL to the include flags for the libltdl header and adds -# --enable-ltdl-convenience to the configure arguments. Note that -# AC_CONFIG_SUBDIRS is not called here. If DIRECTORY is not provided, -# it is assumed to be `libltdl'. LIBLTDL will be prefixed with -# '${top_builddir}/' and LTDLINCL will be prefixed with '${top_srcdir}/' -# (note the single quotes!). If your package is not flat and you're not -# using automake, define top_builddir and top_srcdir appropriately in -# the Makefiles. -AC_DEFUN([AC_LIBLTDL_CONVENIENCE], -[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl - case $enable_ltdl_convenience in - no) AC_MSG_ERROR([this package needs a convenience libltdl]) ;; - "") enable_ltdl_convenience=yes - ac_configure_args="$ac_configure_args --enable-ltdl-convenience" ;; - esac - LIBLTDL='${top_builddir}/'ifelse($#,1,[$1],['libltdl'])/libltdlc.la - LTDLINCL='-I${top_srcdir}/'ifelse($#,1,[$1],['libltdl']) - # For backwards non-gettext consistent compatibility... - INCLTDL="$LTDLINCL" -])# AC_LIBLTDL_CONVENIENCE - - -# AC_LIBLTDL_INSTALLABLE([DIRECTORY]) -# ----------------------------------- -# sets LIBLTDL to the link flags for the libltdl installable library and -# LTDLINCL to the include flags for the libltdl header and adds -# --enable-ltdl-install to the configure arguments. Note that -# AC_CONFIG_SUBDIRS is not called here. If DIRECTORY is not provided, -# and an installed libltdl is not found, it is assumed to be `libltdl'. -# LIBLTDL will be prefixed with '${top_builddir}/'# and LTDLINCL with -# '${top_srcdir}/' (note the single quotes!). If your package is not -# flat and you're not using automake, define top_builddir and top_srcdir -# appropriately in the Makefiles. -# In the future, this macro may have to be called after AC_PROG_LIBTOOL. -AC_DEFUN([AC_LIBLTDL_INSTALLABLE], -[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl - AC_CHECK_LIB(ltdl, lt_dlinit, - [test x"$enable_ltdl_install" != xyes && enable_ltdl_install=no], - [if test x"$enable_ltdl_install" = xno; then - AC_MSG_WARN([libltdl not installed, but installation disabled]) - else - enable_ltdl_install=yes - fi - ]) - if test x"$enable_ltdl_install" = x"yes"; then - ac_configure_args="$ac_configure_args --enable-ltdl-install" - LIBLTDL='${top_builddir}/'ifelse($#,1,[$1],['libltdl'])/libltdl.la - LTDLINCL='-I${top_srcdir}/'ifelse($#,1,[$1],['libltdl']) - else - ac_configure_args="$ac_configure_args --enable-ltdl-install=no" - LIBLTDL="-lltdl" - LTDLINCL= - fi - # For backwards non-gettext consistent compatibility... - INCLTDL="$LTDLINCL" -])# AC_LIBLTDL_INSTALLABLE - - -# AC_LIBTOOL_CXX -# -------------- -# enable support for C++ libraries -AC_DEFUN([AC_LIBTOOL_CXX], -[AC_REQUIRE([_LT_AC_LANG_CXX]) -])# AC_LIBTOOL_CXX - - -# _LT_AC_LANG_CXX -# --------------- -AC_DEFUN([_LT_AC_LANG_CXX], -[AC_REQUIRE([AC_PROG_CXX]) -AC_REQUIRE([_LT_AC_PROG_CXXCPP]) -_LT_AC_SHELL_INIT([tagnames=${tagnames+${tagnames},}CXX]) -])# _LT_AC_LANG_CXX - -# _LT_AC_PROG_CXXCPP -# ------------------ -AC_DEFUN([_LT_AC_PROG_CXXCPP], -[ -AC_REQUIRE([AC_PROG_CXX]) -if test -n "$CXX" && ( test "X$CXX" != "Xno" && - ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) || - (test "X$CXX" != "Xg++"))) ; then - AC_PROG_CXXCPP -fi -])# _LT_AC_PROG_CXXCPP - -# AC_LIBTOOL_F77 -# -------------- -# enable support for Fortran 77 libraries -AC_DEFUN([AC_LIBTOOL_F77], -[AC_REQUIRE([_LT_AC_LANG_F77]) -])# AC_LIBTOOL_F77 - - -# _LT_AC_LANG_F77 -# --------------- -AC_DEFUN([_LT_AC_LANG_F77], -[AC_REQUIRE([AC_PROG_F77]) -_LT_AC_SHELL_INIT([tagnames=${tagnames+${tagnames},}F77]) -])# _LT_AC_LANG_F77 - - -# AC_LIBTOOL_GCJ -# -------------- -# enable support for GCJ libraries -AC_DEFUN([AC_LIBTOOL_GCJ], -[AC_REQUIRE([_LT_AC_LANG_GCJ]) -])# AC_LIBTOOL_GCJ - - -# _LT_AC_LANG_GCJ -# --------------- -AC_DEFUN([_LT_AC_LANG_GCJ], -[AC_PROVIDE_IFELSE([AC_PROG_GCJ],[], - [AC_PROVIDE_IFELSE([A][M_PROG_GCJ],[], - [AC_PROVIDE_IFELSE([LT_AC_PROG_GCJ],[], - [ifdef([AC_PROG_GCJ],[AC_REQUIRE([AC_PROG_GCJ])], - [ifdef([A][M_PROG_GCJ],[AC_REQUIRE([A][M_PROG_GCJ])], - [AC_REQUIRE([A][C_PROG_GCJ_OR_A][M_PROG_GCJ])])])])])]) -_LT_AC_SHELL_INIT([tagnames=${tagnames+${tagnames},}GCJ]) -])# _LT_AC_LANG_GCJ - - -# AC_LIBTOOL_RC -# ------------- -# enable support for Windows resource files -AC_DEFUN([AC_LIBTOOL_RC], -[AC_REQUIRE([LT_AC_PROG_RC]) -_LT_AC_SHELL_INIT([tagnames=${tagnames+${tagnames},}RC]) -])# AC_LIBTOOL_RC - - -# AC_LIBTOOL_LANG_C_CONFIG -# ------------------------ -# Ensure that the configuration vars for the C compiler are -# suitably defined. Those variables are subsequently used by -# AC_LIBTOOL_CONFIG to write the compiler configuration to `libtool'. -AC_DEFUN([AC_LIBTOOL_LANG_C_CONFIG], [_LT_AC_LANG_C_CONFIG]) -AC_DEFUN([_LT_AC_LANG_C_CONFIG], -[lt_save_CC="$CC" -AC_LANG_PUSH(C) - -# Source file extension for C test sources. -ac_ext=c - -# Object file extension for compiled C test sources. -objext=o -_LT_AC_TAGVAR(objext, $1)=$objext - -# Code to be used in simple compile tests -lt_simple_compile_test_code="int some_variable = 0;\n" - -# Code to be used in simple link tests -lt_simple_link_test_code='int main(){return(0);}\n' - -_LT_AC_SYS_COMPILER - -# save warnings/boilerplate of simple test code -_LT_COMPILER_BOILERPLATE -_LT_LINKER_BOILERPLATE - -AC_LIBTOOL_PROG_COMPILER_NO_RTTI($1) -AC_LIBTOOL_PROG_COMPILER_PIC($1) -AC_LIBTOOL_PROG_CC_C_O($1) -AC_LIBTOOL_SYS_HARD_LINK_LOCKS($1) -AC_LIBTOOL_PROG_LD_SHLIBS($1) -AC_LIBTOOL_SYS_DYNAMIC_LINKER($1) -AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH($1) -AC_LIBTOOL_SYS_LIB_STRIP -AC_LIBTOOL_DLOPEN_SELF - -# Report which library types will actually be built -AC_MSG_CHECKING([if libtool supports shared libraries]) -AC_MSG_RESULT([$can_build_shared]) - -AC_MSG_CHECKING([whether to build shared libraries]) -test "$can_build_shared" = "no" && enable_shared=no - -# On AIX, shared libraries and static libraries use the same namespace, and -# are all built from PIC. -case $host_os in -aix3*) - test "$enable_shared" = yes && enable_static=no - if test -n "$RANLIB"; then - archive_cmds="$archive_cmds~\$RANLIB \$lib" - postinstall_cmds='$RANLIB $lib' - fi - ;; - -aix4* | aix5*) - if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then - test "$enable_shared" = yes && enable_static=no - fi - ;; -esac -AC_MSG_RESULT([$enable_shared]) - -AC_MSG_CHECKING([whether to build static libraries]) -# Make sure either enable_shared or enable_static is yes. -test "$enable_shared" = yes || enable_static=yes -AC_MSG_RESULT([$enable_static]) - -AC_LIBTOOL_CONFIG($1) - -AC_LANG_POP -CC="$lt_save_CC" -])# AC_LIBTOOL_LANG_C_CONFIG - - -# AC_LIBTOOL_LANG_CXX_CONFIG -# -------------------------- -# Ensure that the configuration vars for the C compiler are -# suitably defined. Those variables are subsequently used by -# AC_LIBTOOL_CONFIG to write the compiler configuration to `libtool'. -AC_DEFUN([AC_LIBTOOL_LANG_CXX_CONFIG], [_LT_AC_LANG_CXX_CONFIG(CXX)]) -AC_DEFUN([_LT_AC_LANG_CXX_CONFIG], -[AC_LANG_PUSH(C++) -AC_REQUIRE([AC_PROG_CXX]) -AC_REQUIRE([_LT_AC_PROG_CXXCPP]) - -_LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no -_LT_AC_TAGVAR(allow_undefined_flag, $1)= -_LT_AC_TAGVAR(always_export_symbols, $1)=no -_LT_AC_TAGVAR(archive_expsym_cmds, $1)= -_LT_AC_TAGVAR(export_dynamic_flag_spec, $1)= -_LT_AC_TAGVAR(hardcode_direct, $1)=no -_LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)= -_LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= -_LT_AC_TAGVAR(hardcode_libdir_separator, $1)= -_LT_AC_TAGVAR(hardcode_minus_L, $1)=no -_LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported -_LT_AC_TAGVAR(hardcode_automatic, $1)=no -_LT_AC_TAGVAR(module_cmds, $1)= -_LT_AC_TAGVAR(module_expsym_cmds, $1)= -_LT_AC_TAGVAR(link_all_deplibs, $1)=unknown -_LT_AC_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds -_LT_AC_TAGVAR(no_undefined_flag, $1)= -_LT_AC_TAGVAR(whole_archive_flag_spec, $1)= -_LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=no - -# Dependencies to place before and after the object being linked: -_LT_AC_TAGVAR(predep_objects, $1)= -_LT_AC_TAGVAR(postdep_objects, $1)= -_LT_AC_TAGVAR(predeps, $1)= -_LT_AC_TAGVAR(postdeps, $1)= -_LT_AC_TAGVAR(compiler_lib_search_path, $1)= - -# Source file extension for C++ test sources. -ac_ext=cpp - -# Object file extension for compiled C++ test sources. -objext=o -_LT_AC_TAGVAR(objext, $1)=$objext - -# Code to be used in simple compile tests -lt_simple_compile_test_code="int some_variable = 0;\n" - -# Code to be used in simple link tests -lt_simple_link_test_code='int main(int, char *[[]]) { return(0); }\n' - -# ltmain only uses $CC for tagged configurations so make sure $CC is set. -_LT_AC_SYS_COMPILER - -# save warnings/boilerplate of simple test code -_LT_COMPILER_BOILERPLATE -_LT_LINKER_BOILERPLATE - -# Allow CC to be a program name with arguments. -lt_save_CC=$CC -lt_save_LD=$LD -lt_save_GCC=$GCC -GCC=$GXX -lt_save_with_gnu_ld=$with_gnu_ld -lt_save_path_LD=$lt_cv_path_LD -if test -n "${lt_cv_prog_gnu_ldcxx+set}"; then - lt_cv_prog_gnu_ld=$lt_cv_prog_gnu_ldcxx -else - $as_unset lt_cv_prog_gnu_ld -fi -if test -n "${lt_cv_path_LDCXX+set}"; then - lt_cv_path_LD=$lt_cv_path_LDCXX -else - $as_unset lt_cv_path_LD -fi -test -z "${LDCXX+set}" || LD=$LDCXX -CC=${CXX-"c++"} -compiler=$CC -_LT_AC_TAGVAR(compiler, $1)=$CC -_LT_CC_BASENAME([$compiler]) - -# We don't want -fno-exception wen compiling C++ code, so set the -# no_builtin_flag separately -if test "$GXX" = yes; then - _LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin' -else - _LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)= -fi - -if test "$GXX" = yes; then - # Set up default GNU C++ configuration - - AC_PROG_LD - - # Check if GNU C++ uses GNU ld as the underlying linker, since the - # archiving commands below assume that GNU ld is being used. - if test "$with_gnu_ld" = yes; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath ${wl}$libdir' - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' - - # If archive_cmds runs LD, not CC, wlarc should be empty - # XXX I think wlarc can be eliminated in ltcf-cxx, but I need to - # investigate it a little bit more. (MM) - wlarc='${wl}' - - # ancient GNU ld didn't support --whole-archive et. al. - if eval "`$CC -print-prog-name=ld` --help 2>&1" | \ - grep 'no-whole-archive' > /dev/null; then - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' - else - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)= - fi - else - with_gnu_ld=no - wlarc= - - # A generic and very simple default shared library creation - # command for GNU C++ for the case where it uses the native - # linker, instead of GNU ld. If possible, this setting should - # overridden to take advantage of the native linker features on - # the platform it is being used on. - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib' - fi - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"' - -else - GXX=no - with_gnu_ld=no - wlarc= -fi - -# PORTME: fill in a description of your system's C++ link characteristics -AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries]) -_LT_AC_TAGVAR(ld_shlibs, $1)=yes -case $host_os in - aix3*) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - aix4* | aix5*) - if test "$host_cpu" = ia64; then - # On IA64, the linker does run time linking by default, so we don't - # have to do anything special. - aix_use_runtimelinking=no - exp_sym_flag='-Bexport' - no_entry_flag="" - else - aix_use_runtimelinking=no - - # Test if we are trying to use run time linking or normal - # AIX style linking. If -brtl is somewhere in LDFLAGS, we - # need to do runtime linking. - case $host_os in aix4.[[23]]|aix4.[[23]].*|aix5*) - for ld_flag in $LDFLAGS; do - case $ld_flag in - *-brtl*) - aix_use_runtimelinking=yes - break - ;; - esac - done - ;; - esac - - exp_sym_flag='-bexport' - no_entry_flag='-bnoentry' - fi - - # When large executables or shared objects are built, AIX ld can - # have problems creating the table of contents. If linking a library - # or program results in "error TOC overflow" add -mminimal-toc to - # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not - # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. - - _LT_AC_TAGVAR(archive_cmds, $1)='' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=':' - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - - if test "$GXX" = yes; then - case $host_os in aix4.[[012]]|aix4.[[012]].*) - # We only want to do this on AIX 4.2 and lower, the check - # below for broken collect2 doesn't work under 4.3+ - collect2name=`${CC} -print-prog-name=collect2` - if test -f "$collect2name" && \ - strings "$collect2name" | grep resolve_lib_name >/dev/null - then - # We have reworked collect2 - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - else - # We have old collect2 - _LT_AC_TAGVAR(hardcode_direct, $1)=unsupported - # It fails to find uninstalled libraries when the uninstalled - # path is not listed in the libpath. Setting hardcode_minus_L - # to unsupported forces relinking - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)= - fi - ;; - esac - shared_flag='-shared' - if test "$aix_use_runtimelinking" = yes; then - shared_flag="$shared_flag "'${wl}-G' - fi - else - # not using gcc - if test "$host_cpu" = ia64; then - # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release - # chokes on -Wl,-G. The following line is correct: - shared_flag='-G' - else - if test "$aix_use_runtimelinking" = yes; then - shared_flag='${wl}-G' - else - shared_flag='${wl}-bM:SRE' - fi - fi - fi - - # It seems that -bexpall does not export symbols beginning with - # underscore (_), so it is better to generate a list of symbols to export. - _LT_AC_TAGVAR(always_export_symbols, $1)=yes - if test "$aix_use_runtimelinking" = yes; then - # Warning - without using the other runtime loading flags (-brtl), - # -berok will link without error, but may produce a broken library. - _LT_AC_TAGVAR(allow_undefined_flag, $1)='-berok' - # Determine the default libpath from the value encoded in an empty executable. - _LT_AC_SYS_LIBPATH_AIX - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" - - _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then echo "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" - else - if test "$host_cpu" = ia64; then - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib' - _LT_AC_TAGVAR(allow_undefined_flag, $1)="-z nodefs" - _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols" - else - # Determine the default libpath from the value encoded in an empty executable. - _LT_AC_SYS_LIBPATH_AIX - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" - # Warning - without using the other run time loading flags, - # -berok will link without error, but may produce a broken library. - _LT_AC_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok' - _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok' - # Exported symbols can be pulled into shared objects from archives - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='$convenience' - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=yes - # This is similar to how AIX traditionally builds its shared libraries. - _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname' - fi - fi - ;; - - beos*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported - # Joseph Beckenbach says some releases of gcc - # support --undefined. This deserves some investigation. FIXME - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - else - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - - chorus*) - case $cc_basename in - *) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - esac - ;; - - cygwin* | mingw* | pw32*) - # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless, - # as there is no search path for DLLs. - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported - _LT_AC_TAGVAR(always_export_symbols, $1)=no - _LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=yes - - if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - # If the export-symbols file already is a .def file (1st line - # is EXPORTS), use it as is; otherwise, prepend... - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then - cp $export_symbols $output_objdir/$soname.def; - else - echo EXPORTS > $output_objdir/$soname.def; - cat $export_symbols >> $output_objdir/$soname.def; - fi~ - $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - else - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - darwin* | rhapsody*) - case $host_os in - rhapsody* | darwin1.[[012]]) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}suppress' - ;; - *) # Darwin 1.3 on - if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then - _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - else - case ${MACOSX_DEPLOYMENT_TARGET} in - 10.[[012]]) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - ;; - 10.*) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}dynamic_lookup' - ;; - esac - fi - ;; - esac - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_AC_TAGVAR(hardcode_direct, $1)=no - _LT_AC_TAGVAR(hardcode_automatic, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='' - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - - if test "$GXX" = yes ; then - lt_int_apple_cc_single_mod=no - output_verbose_link_cmd='echo' - if $CC -dumpspecs 2>&1 | $EGREP 'single_module' >/dev/null ; then - lt_int_apple_cc_single_mod=yes - fi - if test "X$lt_int_apple_cc_single_mod" = Xyes ; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - else - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - fi - _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - if test "X$lt_int_apple_cc_single_mod" = Xyes ; then - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - fi - _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - case $cc_basename in - xlc*) - output_verbose_link_cmd='echo' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -qmkshrobj ${wl}-single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring' - _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj ${wl}-single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - ;; - *) - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - esac - fi - ;; - - dgux*) - case $cc_basename in - ec++*) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - ghcx*) - # Green Hills C++ Compiler - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - *) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - esac - ;; - freebsd[[12]]*) - # C++ shared libraries reported to be fairly broken before switch to ELF - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - freebsd-elf*) - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - ;; - freebsd* | kfreebsd*-gnu | dragonfly*) - # FreeBSD 3 and later use GNU C++ and GNU ld with standard ELF - # conventions - _LT_AC_TAGVAR(ld_shlibs, $1)=yes - ;; - gnu*) - ;; - hpux9*) - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH, - # but as the default - # location of the library. - - case $cc_basename in - CC*) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - aCC*) - _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/$soname~$CC -b ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | grep "[[-]]L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - ;; - *) - if test "$GXX" = yes; then - _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/$soname~$CC -shared -nostdlib -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - else - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - esac - ;; - hpux10*|hpux11*) - if test $with_gnu_ld = no; then - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - - case $host_cpu in - hppa*64*|ia64*) - _LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='+b $libdir' - ;; - *) - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - ;; - esac - fi - case $host_cpu in - hppa*64*|ia64*) - _LT_AC_TAGVAR(hardcode_direct, $1)=no - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - *) - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH, - # but as the default - # location of the library. - ;; - esac - - case $cc_basename in - CC*) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - aCC*) - case $host_cpu in - hppa*64*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - ia64*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - *) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - esac - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | grep "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - ;; - *) - if test "$GXX" = yes; then - if test $with_gnu_ld = no; then - case $host_cpu in - hppa*64*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - ia64*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - *) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - esac - fi - else - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - esac - ;; - interix3*) - _LT_AC_TAGVAR(hardcode_direct, $1)=no - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. - # Instead, shared libraries are loaded at an image base (0x10000000 by - # default) and relocated if they conflict, which is a slow very memory - # consuming and fragmenting process. To avoid this, we pick a random, - # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link - # time. Moving up from 0x10000000 also allows more sbrk(2) space. - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - ;; - irix5* | irix6*) - case $cc_basename in - CC*) - # SGI C++ - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -all -multigot $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - - # Archives containing C++ object files must be created using - # "CC -ar", where "CC" is the IRIX C++ compiler. This is - # necessary to make sure instantiated templates are included - # in the archive. - _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -ar -WR,-u -o $oldlib $oldobjs' - ;; - *) - if test "$GXX" = yes; then - if test "$with_gnu_ld" = no; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` -o $lib' - fi - fi - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - ;; - esac - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - ;; - linux*) - case $cc_basename in - KCC*) - # Kuck and Associates, Inc. (KAI) C++ Compiler - - # KCC will only create a shared library if the output file - # ends with ".so" (or ".sl" for HP-UX), so rename the library - # to its proper name (with version) after linking. - _LT_AC_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib ${wl}-retain-symbols-file,$export_symbols; mv \$templib $lib' - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`$CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 | grep "ld"`; rm -f libconftest$shared_ext; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath,$libdir' - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' - - # Archives containing C++ object files must be created using - # "CC -Bstatic", where "CC" is the KAI C++ compiler. - _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs' - ;; - icpc*) - # Intel C++ - with_gnu_ld=yes - # version 8.0 and above of icpc choke on multiply defined symbols - # if we add $predep_objects and $postdep_objects, however 7.1 and - # earlier do not add the objects themselves. - case `$CC -V 2>&1` in - *"Version 7."*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - ;; - *) # Version 8.0 or newer - tmp_idyn= - case $host_cpu in - ia64*) tmp_idyn=' -i_dynamic';; - esac - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - ;; - esac - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive' - ;; - pgCC*) - # Portland Group C++ compiler - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib' - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath ${wl}$libdir' - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive' - ;; - cxx*) - # Compaq C++ - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib ${wl}-retain-symbols-file $wl$export_symbols' - - runpath_var=LD_RUN_PATH - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld .*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - ;; - esac - ;; - lynxos*) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - m88k*) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - mvs*) - case $cc_basename in - cxx*) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - *) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - esac - ;; - netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $predep_objects $libobjs $deplibs $postdep_objects $linker_flags' - wlarc= - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - fi - # Workaround some broken pre-1.5 toolchains - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep conftest.$objext | $SED -e "s:-lgcc -lc -lgcc::"' - ;; - openbsd2*) - # C++ shared libraries are fairly broken - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - openbsd*) - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file,$export_symbols -o $lib' - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' - fi - output_verbose_link_cmd='echo' - ;; - osf3*) - case $cc_basename in - KCC*) - # Kuck and Associates, Inc. (KAI) C++ Compiler - - # KCC will only create a shared library if the output file - # ends with ".so" (or ".sl" for HP-UX), so rename the library - # to its proper name (with version) after linking. - _LT_AC_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib' - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - - # Archives containing C++ object files must be created using - # "CC -Bstatic", where "CC" is the KAI C++ compiler. - _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs' - - ;; - RCC*) - # Rational C++ 2.4.1 - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - cxx*) - _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $soname `test -n "$verstring" && echo ${wl}-set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld" | grep -v "ld:"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - ;; - *) - if test "$GXX" = yes && test "$with_gnu_ld" = no; then - _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"' - - else - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - esac - ;; - osf4* | osf5*) - case $cc_basename in - KCC*) - # Kuck and Associates, Inc. (KAI) C++ Compiler - - # KCC will only create a shared library if the output file - # ends with ".so" (or ".sl" for HP-UX), so rename the library - # to its proper name (with version) after linking. - _LT_AC_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib' - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - - # Archives containing C++ object files must be created using - # the KAI C++ compiler. - _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -o $oldlib $oldobjs' - ;; - RCC*) - # Rational C++ 2.4.1 - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - cxx*) - _LT_AC_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done~ - echo "-hidden">> $lib.exp~ - $CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname -Wl,-input -Wl,$lib.exp `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib~ - $rm $lib.exp' - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld" | grep -v "ld:"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - ;; - *) - if test "$GXX" = yes && test "$with_gnu_ld" = no; then - _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"' - - else - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - esac - ;; - psos*) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - sunos4*) - case $cc_basename in - CC*) - # Sun C++ 4.x - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - lcc*) - # Lucid - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - *) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - esac - ;; - solaris*) - case $cc_basename in - CC*) - # Sun C++ 4.2, 5.x and Centerline C++ - _LT_AC_TAGVAR(archive_cmds_need_lc,$1)=yes - _LT_AC_TAGVAR(no_undefined_flag, $1)=' -zdefs' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $CC -G${allow_undefined_flag} ${wl}-M ${wl}$lib.exp -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp' - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - case $host_os in - solaris2.[[0-5]] | solaris2.[[0-5]].*) ;; - *) - # The C++ compiler is used as linker so we must use $wl - # flag to pass the commands to the underlying system - # linker. We must also pass each convience library through - # to the system linker between allextract/defaultextract. - # The C++ compiler will combine linker options so we - # cannot just pass the convience library names through - # without $wl. - # Supported since Solaris 2.6 (maybe 2.5.1?) - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}-z ${wl}allextract`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}-z ${wl}defaultextract' - ;; - esac - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - - output_verbose_link_cmd='echo' - - # Archives containing C++ object files must be created using - # "CC -xar", where "CC" is the Sun C++ compiler. This is - # necessary to make sure instantiated templates are included - # in the archive. - _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs' - ;; - gcx*) - # Green Hills C++ Compiler - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' - - # The C++ compiler must be used to create the archive. - _LT_AC_TAGVAR(old_archive_cmds, $1)='$CC $LDFLAGS -archive -o $oldlib $oldobjs' - ;; - *) - # GNU C++ compiler with Solaris linker - if test "$GXX" = yes && test "$with_gnu_ld" = no; then - _LT_AC_TAGVAR(no_undefined_flag, $1)=' ${wl}-z ${wl}defs' - if $CC --version | grep -v '^2\.7' > /dev/null; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $CC -shared -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp' - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd="$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep \"\-L\"" - else - # g++ 2.7 appears to require `-G' NOT `-shared' on this - # platform. - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $CC -G -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp' - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd="$CC -G $CFLAGS -v conftest.$objext 2>&1 | grep \"\-L\"" - fi - - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $wl$libdir' - fi - ;; - esac - ;; - sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*) - _LT_AC_TAGVAR(no_undefined_flag, $1)='${wl}-z,text' - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - runpath_var='LD_RUN_PATH' - - case $cc_basename in - CC*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - ;; - sysv5* | sco3.2v5* | sco5v6*) - # Note: We can NOT use -z defs as we might desire, because we do not - # link with -lc, and that would cause any symbols used from libc to - # always be unresolved, which means just about no library would - # ever link correctly. If we're not using GNU ld we use -z text - # though, which does catch some bad symbols but isn't as heavy-handed - # as -z defs. - # For security reasons, it is highly recommended that you always - # use absolute paths for naming shared libraries, and exclude the - # DT_RUNPATH tag from executables and libraries. But doing so - # requires that you compile everything twice, which is a pain. - # So that behaviour is only enabled if SCOABSPATH is set to a - # non-empty value in the environment. Most likely only useful for - # creating official distributions of packages. - # This is a hack until libtool officially supports absolute path - # names for shared libraries. - _LT_AC_TAGVAR(no_undefined_flag, $1)='${wl}-z,text' - _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-z,nodefs' - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=':' - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Bexport' - runpath_var='LD_RUN_PATH' - - case $cc_basename in - CC*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - ;; - tandem*) - case $cc_basename in - NCC*) - # NonStop-UX NCC 3.20 - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - *) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - esac - ;; - vxworks*) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - *) - # FIXME: insert proper C++ library support - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; -esac -AC_MSG_RESULT([$_LT_AC_TAGVAR(ld_shlibs, $1)]) -test "$_LT_AC_TAGVAR(ld_shlibs, $1)" = no && can_build_shared=no - -_LT_AC_TAGVAR(GCC, $1)="$GXX" -_LT_AC_TAGVAR(LD, $1)="$LD" - -AC_LIBTOOL_POSTDEP_PREDEP($1) -AC_LIBTOOL_PROG_COMPILER_PIC($1) -AC_LIBTOOL_PROG_CC_C_O($1) -AC_LIBTOOL_SYS_HARD_LINK_LOCKS($1) -AC_LIBTOOL_PROG_LD_SHLIBS($1) -AC_LIBTOOL_SYS_DYNAMIC_LINKER($1) -AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH($1) - -AC_LIBTOOL_CONFIG($1) - -AC_LANG_POP -CC=$lt_save_CC -LDCXX=$LD -LD=$lt_save_LD -GCC=$lt_save_GCC -with_gnu_ldcxx=$with_gnu_ld -with_gnu_ld=$lt_save_with_gnu_ld -lt_cv_path_LDCXX=$lt_cv_path_LD -lt_cv_path_LD=$lt_save_path_LD -lt_cv_prog_gnu_ldcxx=$lt_cv_prog_gnu_ld -lt_cv_prog_gnu_ld=$lt_save_with_gnu_ld -])# AC_LIBTOOL_LANG_CXX_CONFIG - -# AC_LIBTOOL_POSTDEP_PREDEP([TAGNAME]) -# ------------------------------------ -# Figure out "hidden" library dependencies from verbose -# compiler output when linking a shared library. -# Parse the compiler output and extract the necessary -# objects, libraries and library flags. -AC_DEFUN([AC_LIBTOOL_POSTDEP_PREDEP],[ -dnl we can't use the lt_simple_compile_test_code here, -dnl because it contains code intended for an executable, -dnl not a library. It's possible we should let each -dnl tag define a new lt_????_link_test_code variable, -dnl but it's only used here... -ifelse([$1],[],[cat > conftest.$ac_ext < conftest.$ac_ext < conftest.$ac_ext < conftest.$ac_ext <> "$cfgfile" -ifelse([$1], [], -[#! $SHELL - -# `$echo "$cfgfile" | sed 's%^.*/%%'` - Provide generalized library-building support services. -# Generated automatically by $PROGRAM (GNU $PACKAGE $VERSION$TIMESTAMP) -# NOTE: Changes made to this file will be lost: look at ltmain.sh. -# -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001 -# Free Software Foundation, Inc. -# -# This file is part of GNU Libtool: -# Originally by Gordon Matzigkeit , 1996 -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - -# A sed program that does not truncate output. -SED=$lt_SED - -# Sed that helps us avoid accidentally triggering echo(1) options like -n. -Xsed="$SED -e 1s/^X//" - -# The HP-UX ksh and POSIX shell print the target directory to stdout -# if CDPATH is set. -(unset CDPATH) >/dev/null 2>&1 && unset CDPATH - -# The names of the tagged configurations supported by this script. -available_tags= - -# ### BEGIN LIBTOOL CONFIG], -[# ### BEGIN LIBTOOL TAG CONFIG: $tagname]) - -# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: - -# Shell to use when invoking shell scripts. -SHELL=$lt_SHELL - -# Whether or not to build shared libraries. -build_libtool_libs=$enable_shared - -# Whether or not to build static libraries. -build_old_libs=$enable_static - -# Whether or not to add -lc for building shared libraries. -build_libtool_need_lc=$_LT_AC_TAGVAR(archive_cmds_need_lc, $1) - -# Whether or not to disallow shared libs when runtime libs are static -allow_libtool_libs_with_static_runtimes=$_LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1) - -# Whether or not to optimize for fast installation. -fast_install=$enable_fast_install - -# The host system. -host_alias=$host_alias -host=$host -host_os=$host_os - -# The build system. -build_alias=$build_alias -build=$build -build_os=$build_os - -# An echo program that does not interpret backslashes. -echo=$lt_echo - -# The archiver. -AR=$lt_AR -AR_FLAGS=$lt_AR_FLAGS - -# A C compiler. -LTCC=$lt_LTCC - -# LTCC compiler flags. -LTCFLAGS=$lt_LTCFLAGS - -# A language-specific compiler. -CC=$lt_[]_LT_AC_TAGVAR(compiler, $1) - -# Is the compiler the GNU C compiler? -with_gcc=$_LT_AC_TAGVAR(GCC, $1) - -# An ERE matcher. -EGREP=$lt_EGREP - -# The linker used to build libraries. -LD=$lt_[]_LT_AC_TAGVAR(LD, $1) - -# Whether we need hard or soft links. -LN_S=$lt_LN_S - -# A BSD-compatible nm program. -NM=$lt_NM - -# A symbol stripping program -STRIP=$lt_STRIP - -# Used to examine libraries when file_magic_cmd begins "file" -MAGIC_CMD=$MAGIC_CMD - -# Used on cygwin: DLL creation program. -DLLTOOL="$DLLTOOL" - -# Used on cygwin: object dumper. -OBJDUMP="$OBJDUMP" - -# Used on cygwin: assembler. -AS="$AS" - -# The name of the directory that contains temporary libtool files. -objdir=$objdir - -# How to create reloadable object files. -reload_flag=$lt_reload_flag -reload_cmds=$lt_reload_cmds - -# How to pass a linker flag through the compiler. -wl=$lt_[]_LT_AC_TAGVAR(lt_prog_compiler_wl, $1) - -# Object file suffix (normally "o"). -objext="$ac_objext" - -# Old archive suffix (normally "a"). -libext="$libext" - -# Shared library suffix (normally ".so"). -shrext_cmds='$shrext_cmds' - -# Executable file suffix (normally ""). -exeext="$exeext" - -# Additional compiler flags for building library objects. -pic_flag=$lt_[]_LT_AC_TAGVAR(lt_prog_compiler_pic, $1) -pic_mode=$pic_mode - -# What is the maximum length of a command? -max_cmd_len=$lt_cv_sys_max_cmd_len - -# Does compiler simultaneously support -c and -o options? -compiler_c_o=$lt_[]_LT_AC_TAGVAR(lt_cv_prog_compiler_c_o, $1) - -# Must we lock files when doing compilation? -need_locks=$lt_need_locks - -# Do we need the lib prefix for modules? -need_lib_prefix=$need_lib_prefix - -# Do we need a version for libraries? -need_version=$need_version - -# Whether dlopen is supported. -dlopen_support=$enable_dlopen - -# Whether dlopen of programs is supported. -dlopen_self=$enable_dlopen_self - -# Whether dlopen of statically linked programs is supported. -dlopen_self_static=$enable_dlopen_self_static - -# Compiler flag to prevent dynamic linking. -link_static_flag=$lt_[]_LT_AC_TAGVAR(lt_prog_compiler_static, $1) - -# Compiler flag to turn off builtin functions. -no_builtin_flag=$lt_[]_LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1) - -# Compiler flag to allow reflexive dlopens. -export_dynamic_flag_spec=$lt_[]_LT_AC_TAGVAR(export_dynamic_flag_spec, $1) - -# Compiler flag to generate shared objects directly from archives. -whole_archive_flag_spec=$lt_[]_LT_AC_TAGVAR(whole_archive_flag_spec, $1) - -# Compiler flag to generate thread-safe objects. -thread_safe_flag_spec=$lt_[]_LT_AC_TAGVAR(thread_safe_flag_spec, $1) - -# Library versioning type. -version_type=$version_type - -# Format of library name prefix. -libname_spec=$lt_libname_spec - -# List of archive names. First name is the real one, the rest are links. -# The last name is the one that the linker finds with -lNAME. -library_names_spec=$lt_library_names_spec - -# The coded name of the library, if different from the real name. -soname_spec=$lt_soname_spec - -# Commands used to build and install an old-style archive. -RANLIB=$lt_RANLIB -old_archive_cmds=$lt_[]_LT_AC_TAGVAR(old_archive_cmds, $1) -old_postinstall_cmds=$lt_old_postinstall_cmds -old_postuninstall_cmds=$lt_old_postuninstall_cmds - -# Create an old-style archive from a shared archive. -old_archive_from_new_cmds=$lt_[]_LT_AC_TAGVAR(old_archive_from_new_cmds, $1) - -# Create a temporary old-style archive to link instead of a shared archive. -old_archive_from_expsyms_cmds=$lt_[]_LT_AC_TAGVAR(old_archive_from_expsyms_cmds, $1) - -# Commands used to build and install a shared archive. -archive_cmds=$lt_[]_LT_AC_TAGVAR(archive_cmds, $1) -archive_expsym_cmds=$lt_[]_LT_AC_TAGVAR(archive_expsym_cmds, $1) -postinstall_cmds=$lt_postinstall_cmds -postuninstall_cmds=$lt_postuninstall_cmds - -# Commands used to build a loadable module (assumed same as above if empty) -module_cmds=$lt_[]_LT_AC_TAGVAR(module_cmds, $1) -module_expsym_cmds=$lt_[]_LT_AC_TAGVAR(module_expsym_cmds, $1) - -# Commands to strip libraries. -old_striplib=$lt_old_striplib -striplib=$lt_striplib - -# Dependencies to place before the objects being linked to create a -# shared library. -predep_objects=$lt_[]_LT_AC_TAGVAR(predep_objects, $1) - -# Dependencies to place after the objects being linked to create a -# shared library. -postdep_objects=$lt_[]_LT_AC_TAGVAR(postdep_objects, $1) - -# Dependencies to place before the objects being linked to create a -# shared library. -predeps=$lt_[]_LT_AC_TAGVAR(predeps, $1) - -# Dependencies to place after the objects being linked to create a -# shared library. -postdeps=$lt_[]_LT_AC_TAGVAR(postdeps, $1) - -# The library search path used internally by the compiler when linking -# a shared library. -compiler_lib_search_path=$lt_[]_LT_AC_TAGVAR(compiler_lib_search_path, $1) - -# Method to check whether dependent libraries are shared objects. -deplibs_check_method=$lt_deplibs_check_method - -# Command to use when deplibs_check_method == file_magic. -file_magic_cmd=$lt_file_magic_cmd - -# Flag that allows shared libraries with undefined symbols to be built. -allow_undefined_flag=$lt_[]_LT_AC_TAGVAR(allow_undefined_flag, $1) - -# Flag that forces no undefined symbols. -no_undefined_flag=$lt_[]_LT_AC_TAGVAR(no_undefined_flag, $1) - -# Commands used to finish a libtool library installation in a directory. -finish_cmds=$lt_finish_cmds - -# Same as above, but a single script fragment to be evaled but not shown. -finish_eval=$lt_finish_eval - -# Take the output of nm and produce a listing of raw symbols and C names. -global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe - -# Transform the output of nm in a proper C declaration -global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl - -# Transform the output of nm in a C name address pair -global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address - -# This is the shared library runtime path variable. -runpath_var=$runpath_var - -# This is the shared library path variable. -shlibpath_var=$shlibpath_var - -# Is shlibpath searched before the hard-coded library search path? -shlibpath_overrides_runpath=$shlibpath_overrides_runpath - -# How to hardcode a shared library path into an executable. -hardcode_action=$_LT_AC_TAGVAR(hardcode_action, $1) - -# Whether we should hardcode library paths into libraries. -hardcode_into_libs=$hardcode_into_libs - -# Flag to hardcode \$libdir into a binary during linking. -# This must work even if \$libdir does not exist. -hardcode_libdir_flag_spec=$lt_[]_LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1) - -# If ld is used when linking, flag to hardcode \$libdir into -# a binary during linking. This must work even if \$libdir does -# not exist. -hardcode_libdir_flag_spec_ld=$lt_[]_LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1) - -# Whether we need a single -rpath flag with a separated argument. -hardcode_libdir_separator=$lt_[]_LT_AC_TAGVAR(hardcode_libdir_separator, $1) - -# Set to yes if using DIR/libNAME${shared_ext} during linking hardcodes DIR into the -# resulting binary. -hardcode_direct=$_LT_AC_TAGVAR(hardcode_direct, $1) - -# Set to yes if using the -LDIR flag during linking hardcodes DIR into the -# resulting binary. -hardcode_minus_L=$_LT_AC_TAGVAR(hardcode_minus_L, $1) - -# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into -# the resulting binary. -hardcode_shlibpath_var=$_LT_AC_TAGVAR(hardcode_shlibpath_var, $1) - -# Set to yes if building a shared library automatically hardcodes DIR into the library -# and all subsequent libraries and executables linked against it. -hardcode_automatic=$_LT_AC_TAGVAR(hardcode_automatic, $1) - -# Variables whose values should be saved in libtool wrapper scripts and -# restored at relink time. -variables_saved_for_relink="$variables_saved_for_relink" - -# Whether libtool must link a program against all its dependency libraries. -link_all_deplibs=$_LT_AC_TAGVAR(link_all_deplibs, $1) - -# Compile-time system search path for libraries -sys_lib_search_path_spec=$lt_sys_lib_search_path_spec - -# Run-time system search path for libraries -sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec - -# Fix the shell variable \$srcfile for the compiler. -fix_srcfile_path="$_LT_AC_TAGVAR(fix_srcfile_path, $1)" - -# Set to yes if exported symbols are required. -always_export_symbols=$_LT_AC_TAGVAR(always_export_symbols, $1) - -# The commands to list exported symbols. -export_symbols_cmds=$lt_[]_LT_AC_TAGVAR(export_symbols_cmds, $1) - -# The commands to extract the exported symbol list from a shared archive. -extract_expsyms_cmds=$lt_extract_expsyms_cmds - -# Symbols that should not be listed in the preloaded symbols. -exclude_expsyms=$lt_[]_LT_AC_TAGVAR(exclude_expsyms, $1) - -# Symbols that must always be exported. -include_expsyms=$lt_[]_LT_AC_TAGVAR(include_expsyms, $1) - -ifelse([$1],[], -[# ### END LIBTOOL CONFIG], -[# ### END LIBTOOL TAG CONFIG: $tagname]) - -__EOF__ - -ifelse([$1],[], [ - case $host_os in - aix3*) - cat <<\EOF >> "$cfgfile" - -# AIX sometimes has problems with the GCC collect2 program. For some -# reason, if we set the COLLECT_NAMES environment variable, the problems -# vanish in a puff of smoke. -if test "X${COLLECT_NAMES+set}" != Xset; then - COLLECT_NAMES= - export COLLECT_NAMES -fi -EOF - ;; - esac - - # We use sed instead of cat because bash on DJGPP gets confused if - # if finds mixed CR/LF and LF-only lines. Since sed operates in - # text mode, it properly converts lines to CR/LF. This bash problem - # is reportedly fixed, but why not run on old versions too? - sed '$q' "$ltmain" >> "$cfgfile" || (rm -f "$cfgfile"; exit 1) - - mv -f "$cfgfile" "$ofile" || \ - (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile") - chmod +x "$ofile" -]) -else - # If there is no Makefile yet, we rely on a make rule to execute - # `config.status --recheck' to rerun these tests and create the - # libtool script then. - ltmain_in=`echo $ltmain | sed -e 's/\.sh$/.in/'` - if test -f "$ltmain_in"; then - test -f Makefile && make "$ltmain" - fi -fi -])# AC_LIBTOOL_CONFIG - - -# AC_LIBTOOL_PROG_COMPILER_NO_RTTI([TAGNAME]) -# ------------------------------------------- -AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_NO_RTTI], -[AC_REQUIRE([_LT_AC_SYS_COMPILER])dnl - -_LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)= - -if test "$GCC" = yes; then - _LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin' - - AC_LIBTOOL_COMPILER_OPTION([if $compiler supports -fno-rtti -fno-exceptions], - lt_cv_prog_compiler_rtti_exceptions, - [-fno-rtti -fno-exceptions], [], - [_LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)="$_LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1) -fno-rtti -fno-exceptions"]) -fi -])# AC_LIBTOOL_PROG_COMPILER_NO_RTTI - - -# AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE -# --------------------------------- -AC_DEFUN([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE], -[AC_REQUIRE([AC_CANONICAL_HOST]) -AC_REQUIRE([AC_PROG_NM]) -AC_REQUIRE([AC_OBJEXT]) -# Check for command to grab the raw symbol name followed by C symbol from nm. -AC_MSG_CHECKING([command to parse $NM output from $compiler object]) -AC_CACHE_VAL([lt_cv_sys_global_symbol_pipe], -[ -# These are sane defaults that work on at least a few old systems. -# [They come from Ultrix. What could be older than Ultrix?!! ;)] - -# Character class describing NM global symbol codes. -symcode='[[BCDEGRST]]' - -# Regexp to match symbols that can be accessed directly from C. -sympat='\([[_A-Za-z]][[_A-Za-z0-9]]*\)' - -# Transform an extracted symbol line into a proper C declaration -lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^. .* \(.*\)$/extern int \1;/p'" - -# Transform an extracted symbol line into symbol name and symbol address -lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode \([[^ ]]*\) \([[^ ]]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'" - -# Define system-specific variables. -case $host_os in -aix*) - symcode='[[BCDT]]' - ;; -cygwin* | mingw* | pw32*) - symcode='[[ABCDGISTW]]' - ;; -hpux*) # Its linker distinguishes data from code symbols - if test "$host_cpu" = ia64; then - symcode='[[ABCDEGRST]]' - fi - lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" - lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'" - ;; -linux*) - if test "$host_cpu" = ia64; then - symcode='[[ABCDGIRSTW]]' - lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" - lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'" - fi - ;; -irix* | nonstopux*) - symcode='[[BCDEGRST]]' - ;; -osf*) - symcode='[[BCDEGQRST]]' - ;; -solaris*) - symcode='[[BDRT]]' - ;; -sco3.2v5*) - symcode='[[DT]]' - ;; -sysv4.2uw2*) - symcode='[[DT]]' - ;; -sysv5* | sco5v6* | unixware* | OpenUNIX*) - symcode='[[ABDT]]' - ;; -sysv4) - symcode='[[DFNSTU]]' - ;; -esac - -# Handle CRLF in mingw tool chain -opt_cr= -case $build_os in -mingw*) - opt_cr=`echo 'x\{0,1\}' | tr x '\015'` # option cr in regexp - ;; -esac - -# If we're using GNU nm, then use its standard symbol codes. -case `$NM -V 2>&1` in -*GNU* | *'with BFD'*) - symcode='[[ABCDGIRSTW]]' ;; -esac - -# Try without a prefix undercore, then with it. -for ac_symprfx in "" "_"; do - - # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol. - symxfrm="\\1 $ac_symprfx\\2 \\2" - - # Write the raw and C identifiers. - lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[[ ]]\($symcode$symcode*\)[[ ]][[ ]]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'" - - # Check to see that the pipe works correctly. - pipe_works=no - - rm -f conftest* - cat > conftest.$ac_ext < $nlist) && test -s "$nlist"; then - # Try sorting and uniquifying the output. - if sort "$nlist" | uniq > "$nlist"T; then - mv -f "$nlist"T "$nlist" - else - rm -f "$nlist"T - fi - - # Make sure that we snagged all the symbols we need. - if grep ' nm_test_var$' "$nlist" >/dev/null; then - if grep ' nm_test_func$' "$nlist" >/dev/null; then - cat < conftest.$ac_ext -#ifdef __cplusplus -extern "C" { -#endif - -EOF - # Now generate the symbol file. - eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | grep -v main >> conftest.$ac_ext' - - cat <> conftest.$ac_ext -#if defined (__STDC__) && __STDC__ -# define lt_ptr_t void * -#else -# define lt_ptr_t char * -# define const -#endif - -/* The mapping between symbol names and symbols. */ -const struct { - const char *name; - lt_ptr_t address; -} -lt_preloaded_symbols[[]] = -{ -EOF - $SED "s/^$symcode$symcode* \(.*\) \(.*\)$/ {\"\2\", (lt_ptr_t) \&\2},/" < "$nlist" | grep -v main >> conftest.$ac_ext - cat <<\EOF >> conftest.$ac_ext - {0, (lt_ptr_t) 0} -}; - -#ifdef __cplusplus -} -#endif -EOF - # Now try linking the two files. - mv conftest.$ac_objext conftstm.$ac_objext - lt_save_LIBS="$LIBS" - lt_save_CFLAGS="$CFLAGS" - LIBS="conftstm.$ac_objext" - CFLAGS="$CFLAGS$_LT_AC_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)" - if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext}; then - pipe_works=yes - fi - LIBS="$lt_save_LIBS" - CFLAGS="$lt_save_CFLAGS" - else - echo "cannot find nm_test_func in $nlist" >&AS_MESSAGE_LOG_FD - fi - else - echo "cannot find nm_test_var in $nlist" >&AS_MESSAGE_LOG_FD - fi - else - echo "cannot run $lt_cv_sys_global_symbol_pipe" >&AS_MESSAGE_LOG_FD - fi - else - echo "$progname: failed program was:" >&AS_MESSAGE_LOG_FD - cat conftest.$ac_ext >&5 - fi - rm -f conftest* conftst* - - # Do not use the global_symbol_pipe unless it works. - if test "$pipe_works" = yes; then - break - else - lt_cv_sys_global_symbol_pipe= - fi -done -]) -if test -z "$lt_cv_sys_global_symbol_pipe"; then - lt_cv_sys_global_symbol_to_cdecl= -fi -if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then - AC_MSG_RESULT(failed) -else - AC_MSG_RESULT(ok) -fi -]) # AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE - - -# AC_LIBTOOL_PROG_COMPILER_PIC([TAGNAME]) -# --------------------------------------- -AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_PIC], -[_LT_AC_TAGVAR(lt_prog_compiler_wl, $1)= -_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)= -_LT_AC_TAGVAR(lt_prog_compiler_static, $1)= - -AC_MSG_CHECKING([for $compiler option to produce PIC]) - ifelse([$1],[CXX],[ - # C++ specific cases for pic, static, wl, etc. - if test "$GXX" = yes; then - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-static' - - case $host_os in - aix*) - # All AIX code is PIC. - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - fi - ;; - amigaos*) - # FIXME: we need at least 68020 code to build shared libraries, but - # adding the `-m68020' flag to GCC prevents building anything better, - # like `-m68040'. - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4' - ;; - beos* | cygwin* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) - # PIC is the default for these OSes. - ;; - mingw* | os2* | pw32*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT' - ;; - darwin* | rhapsody*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common' - ;; - *djgpp*) - # DJGPP does not support shared libraries at all - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)= - ;; - interix3*) - # Interix 3.x gcc -fpic/-fPIC options generate broken code. - # Instead, we relocate shared libraries at runtime. - ;; - sysv4*MP*) - if test -d /usr/nec; then - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic - fi - ;; - hpux*) - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - ;; - *) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - ;; - esac - ;; - *) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - ;; - esac - else - case $host_os in - aix4* | aix5*) - # All AIX code is PIC. - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - else - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp' - fi - ;; - chorus*) - case $cc_basename in - cxch68*) - # Green Hills C++ Compiler - # _LT_AC_TAGVAR(lt_prog_compiler_static, $1)="--no_auto_instantiation -u __main -u __premain -u _abort -r $COOL_DIR/lib/libOrb.a $MVME_DIR/lib/CC/libC.a $MVME_DIR/lib/classix/libcx.s.a" - ;; - esac - ;; - darwin*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - case $cc_basename in - xlc*) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-qnocommon' - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - ;; - esac - ;; - dgux*) - case $cc_basename in - ec++*) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - ;; - ghcx*) - # Green Hills C++ Compiler - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-pic' - ;; - *) - ;; - esac - ;; - freebsd* | kfreebsd*-gnu | dragonfly*) - # FreeBSD uses GNU C++ - ;; - hpux9* | hpux10* | hpux11*) - case $cc_basename in - CC*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive' - if test "$host_cpu" != ia64; then - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='+Z' - fi - ;; - aCC*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive' - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='+Z' - ;; - esac - ;; - *) - ;; - esac - ;; - interix*) - # This is c89, which is MS Visual C++ (no shared libs) - # Anyone wants to do a port? - ;; - irix5* | irix6* | nonstopux*) - case $cc_basename in - CC*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' - # CC pic flag -KPIC is the default. - ;; - *) - ;; - esac - ;; - linux*) - case $cc_basename in - KCC*) - # KAI C++ Compiler - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - ;; - icpc* | ecpc*) - # Intel C++ - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-static' - ;; - pgCC*) - # Portland Group C++ compiler. - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fpic' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - cxx*) - # Compaq C++ - # Make sure the PIC flag is empty. It appears that all Alpha - # Linux and Compaq Tru64 Unix objects are PIC. - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)= - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' - ;; - *) - ;; - esac - ;; - lynxos*) - ;; - m88k*) - ;; - mvs*) - case $cc_basename in - cxx*) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-W c,exportall' - ;; - *) - ;; - esac - ;; - netbsd*) - ;; - osf3* | osf4* | osf5*) - case $cc_basename in - KCC*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,' - ;; - RCC*) - # Rational C++ 2.4.1 - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-pic' - ;; - cxx*) - # Digital/Compaq C++ - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - # Make sure the PIC flag is empty. It appears that all Alpha - # Linux and Compaq Tru64 Unix objects are PIC. - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)= - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' - ;; - *) - ;; - esac - ;; - psos*) - ;; - solaris*) - case $cc_basename in - CC*) - # Sun C++ 4.2, 5.x and Centerline C++ - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' - ;; - gcx*) - # Green Hills C++ Compiler - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-PIC' - ;; - *) - ;; - esac - ;; - sunos4*) - case $cc_basename in - CC*) - # Sun C++ 4.x - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-pic' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - lcc*) - # Lucid - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-pic' - ;; - *) - ;; - esac - ;; - tandem*) - case $cc_basename in - NCC*) - # NonStop-UX NCC 3.20 - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - ;; - *) - ;; - esac - ;; - sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) - case $cc_basename in - CC*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - esac - ;; - vxworks*) - ;; - *) - _LT_AC_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no - ;; - esac - fi -], -[ - if test "$GCC" = yes; then - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-static' - - case $host_os in - aix*) - # All AIX code is PIC. - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - fi - ;; - - amigaos*) - # FIXME: we need at least 68020 code to build shared libraries, but - # adding the `-m68020' flag to GCC prevents building anything better, - # like `-m68040'. - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4' - ;; - - beos* | cygwin* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) - # PIC is the default for these OSes. - ;; - - mingw* | pw32* | os2*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT' - ;; - - darwin* | rhapsody*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common' - ;; - - interix3*) - # Interix 3.x gcc -fpic/-fPIC options generate broken code. - # Instead, we relocate shared libraries at runtime. - ;; - - msdosdjgpp*) - # Just because we use GCC doesn't mean we suddenly get shared libraries - # on systems that don't support them. - _LT_AC_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no - enable_shared=no - ;; - - sysv4*MP*) - if test -d /usr/nec; then - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic - fi - ;; - - hpux*) - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - ;; - esac - ;; - - *) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - ;; - esac - else - # PORTME Check for flag to pass linker flags through the system compiler. - case $host_os in - aix*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - else - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp' - fi - ;; - darwin*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - case $cc_basename in - xlc*) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-qnocommon' - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - ;; - esac - ;; - - mingw* | pw32* | os2*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT' - ;; - - hpux9* | hpux10* | hpux11*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='+Z' - ;; - esac - # Is there a better lt_prog_compiler_static that works with the bundled CC? - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive' - ;; - - irix5* | irix6* | nonstopux*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - # PIC (with -KPIC) is the default. - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' - ;; - - newsos6) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - - linux*) - case $cc_basename in - icc* | ecc*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-static' - ;; - pgcc* | pgf77* | pgf90* | pgf95*) - # Portland Group compilers (*not* the Pentium gcc compiler, - # which looks to be a dead project) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fpic' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - ccc*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - # All Alpha code is PIC. - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' - ;; - esac - ;; - - osf3* | osf4* | osf5*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - # All OSF/1 code is PIC. - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' - ;; - - solaris*) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - case $cc_basename in - f77* | f90* | f95*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ';; - *) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,';; - esac - ;; - - sunos4*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-PIC' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - - sysv4 | sysv4.2uw2* | sysv4.3*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - - sysv4*MP*) - if test -d /usr/nec ;then - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-Kconform_pic' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - fi - ;; - - sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - - unicos*) - _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_AC_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no - ;; - - uts4*) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-pic' - _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; - - *) - _LT_AC_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no - ;; - esac - fi -]) -AC_MSG_RESULT([$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)]) - -# -# Check to make sure the PIC flag actually works. -# -if test -n "$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)"; then - AC_LIBTOOL_COMPILER_OPTION([if $compiler PIC flag $_LT_AC_TAGVAR(lt_prog_compiler_pic, $1) works], - _LT_AC_TAGVAR(lt_prog_compiler_pic_works, $1), - [$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)ifelse([$1],[],[ -DPIC],[ifelse([$1],[CXX],[ -DPIC],[])])], [], - [case $_LT_AC_TAGVAR(lt_prog_compiler_pic, $1) in - "" | " "*) ;; - *) _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)=" $_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)" ;; - esac], - [_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)= - _LT_AC_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no]) -fi -case $host_os in - # For platforms which do not support PIC, -DPIC is meaningless: - *djgpp*) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)= - ;; - *) - _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)="$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)ifelse([$1],[],[ -DPIC],[ifelse([$1],[CXX],[ -DPIC],[])])" - ;; -esac - -# -# Check to make sure the static flag actually works. -# -wl=$_LT_AC_TAGVAR(lt_prog_compiler_wl, $1) eval lt_tmp_static_flag=\"$_LT_AC_TAGVAR(lt_prog_compiler_static, $1)\" -AC_LIBTOOL_LINKER_OPTION([if $compiler static flag $lt_tmp_static_flag works], - _LT_AC_TAGVAR(lt_prog_compiler_static_works, $1), - $lt_tmp_static_flag, - [], - [_LT_AC_TAGVAR(lt_prog_compiler_static, $1)=]) -]) - - -# AC_LIBTOOL_PROG_LD_SHLIBS([TAGNAME]) -# ------------------------------------ -# See if the linker supports building shared libraries. -AC_DEFUN([AC_LIBTOOL_PROG_LD_SHLIBS], -[AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries]) -ifelse([$1],[CXX],[ - _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - case $host_os in - aix4* | aix5*) - # If we're using GNU nm, then we don't want the "-C" option. - # -C means demangle to AIX nm, but means don't demangle with GNU nm - if $NM -V 2>&1 | grep 'GNU' > /dev/null; then - _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\[$]2 == "T") || (\[$]2 == "D") || (\[$]2 == "B")) && ([substr](\[$]3,1,1) != ".")) { print \[$]3 } }'\'' | sort -u > $export_symbols' - else - _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\[$]2 == "T") || (\[$]2 == "D") || (\[$]2 == "B")) && ([substr](\[$]3,1,1) != ".")) { print \[$]3 } }'\'' | sort -u > $export_symbols' - fi - ;; - pw32*) - _LT_AC_TAGVAR(export_symbols_cmds, $1)="$ltdll_cmds" - ;; - cygwin* | mingw*) - _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]] /s/.* \([[^ ]]*\)/\1 DATA/;/^.* __nm__/s/^.* __nm__\([[^ ]]*\) [[^ ]]*/\1 DATA/;/^I /d;/^[[AITW]] /s/.* //'\'' | sort | uniq > $export_symbols' - ;; - *) - _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - ;; - esac -],[ - runpath_var= - _LT_AC_TAGVAR(allow_undefined_flag, $1)= - _LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=no - _LT_AC_TAGVAR(archive_cmds, $1)= - _LT_AC_TAGVAR(archive_expsym_cmds, $1)= - _LT_AC_TAGVAR(old_archive_From_new_cmds, $1)= - _LT_AC_TAGVAR(old_archive_from_expsyms_cmds, $1)= - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)= - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)= - _LT_AC_TAGVAR(thread_safe_flag_spec, $1)= - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)= - _LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)= - _LT_AC_TAGVAR(hardcode_direct, $1)=no - _LT_AC_TAGVAR(hardcode_minus_L, $1)=no - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported - _LT_AC_TAGVAR(link_all_deplibs, $1)=unknown - _LT_AC_TAGVAR(hardcode_automatic, $1)=no - _LT_AC_TAGVAR(module_cmds, $1)= - _LT_AC_TAGVAR(module_expsym_cmds, $1)= - _LT_AC_TAGVAR(always_export_symbols, $1)=no - _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - # include_expsyms should be a list of space-separated symbols to be *always* - # included in the symbol list - _LT_AC_TAGVAR(include_expsyms, $1)= - # exclude_expsyms can be an extended regexp of symbols to exclude - # it will be wrapped by ` (' and `)$', so one must not match beginning or - # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc', - # as well as any symbol that contains `d'. - _LT_AC_TAGVAR(exclude_expsyms, $1)="_GLOBAL_OFFSET_TABLE_" - # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out - # platforms (ab)use it in PIC code, but their linkers get confused if - # the symbol is explicitly referenced. Since portable code cannot - # rely on this symbol name, it's probably fine to never include it in - # preloaded symbol tables. - extract_expsyms_cmds= - # Just being paranoid about ensuring that cc_basename is set. - _LT_CC_BASENAME([$compiler]) - case $host_os in - cygwin* | mingw* | pw32*) - # FIXME: the MSVC++ port hasn't been tested in a loooong time - # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. - if test "$GCC" != yes; then - with_gnu_ld=no - fi - ;; - interix*) - # we just hope/assume this is gcc and not c89 (= MSVC++) - with_gnu_ld=yes - ;; - openbsd*) - with_gnu_ld=no - ;; - esac - - _LT_AC_TAGVAR(ld_shlibs, $1)=yes - if test "$with_gnu_ld" = yes; then - # If archive_cmds runs LD, not CC, wlarc should be empty - wlarc='${wl}' - - # Set some defaults for GNU ld with shared library support. These - # are reset later if shared libraries are not supported. Putting them - # here allows them to be overridden if necessary. - runpath_var=LD_RUN_PATH - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath ${wl}$libdir' - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' - # ancient GNU ld didn't support --whole-archive et. al. - if $LD --help 2>&1 | grep 'no-whole-archive' > /dev/null; then - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' - else - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)= - fi - supports_anon_versioning=no - case `$LD -v 2>/dev/null` in - *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.10.*) ;; # catch versions < 2.11 - *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ... - *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ... - *\ 2.11.*) ;; # other 2.11 versions - *) supports_anon_versioning=yes ;; - esac - - # See if GNU ld supports shared libraries. - case $host_os in - aix3* | aix4* | aix5*) - # On AIX/PPC, the GNU linker is very broken - if test "$host_cpu" != ia64; then - _LT_AC_TAGVAR(ld_shlibs, $1)=no - cat <&2 - -*** Warning: the GNU linker, at least up to release 2.9.1, is reported -*** to be unable to reliably create shared libraries on AIX. -*** Therefore, libtool is disabling shared libraries support. If you -*** really care for shared libraries, you may want to modify your PATH -*** so that a non-GNU linker is found, and then restart. - -EOF - fi - ;; - - amigaos*) - _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - - # Samuel A. Falvo II reports - # that the semantics of dynamic libraries on AmigaOS, at least up - # to version 4, is to share data among multiple programs linked - # with the same dynamic library. Since this doesn't match the - # behavior of shared libraries on other platforms, we can't use - # them. - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - - beos*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported - # Joseph Beckenbach says some releases of gcc - # support --undefined. This deserves some investigation. FIXME - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - else - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - - cygwin* | mingw* | pw32*) - # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless, - # as there is no search path for DLLs. - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported - _LT_AC_TAGVAR(always_export_symbols, $1)=no - _LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=yes - _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]] /s/.* \([[^ ]]*\)/\1 DATA/'\'' | $SED -e '\''/^[[AITW]] /s/.* //'\'' | sort | uniq > $export_symbols' - - if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - # If the export-symbols file already is a .def file (1st line - # is EXPORTS), use it as is; otherwise, prepend... - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then - cp $export_symbols $output_objdir/$soname.def; - else - echo EXPORTS > $output_objdir/$soname.def; - cat $export_symbols >> $output_objdir/$soname.def; - fi~ - $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - else - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - - interix3*) - _LT_AC_TAGVAR(hardcode_direct, $1)=no - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. - # Instead, shared libraries are loaded at an image base (0x10000000 by - # default) and relocated if they conflict, which is a slow very memory - # consuming and fragmenting process. To avoid this, we pick a random, - # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link - # time. Moving up from 0x10000000 also allows more sbrk(2) space. - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - ;; - - linux*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - tmp_addflag= - case $cc_basename,$host_cpu in - pgcc*) # Portland Group C compiler - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive' - tmp_addflag=' $pic_flag' - ;; - pgf77* | pgf90* | pgf95*) # Portland Group f77 and f90 compilers - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive' - tmp_addflag=' $pic_flag -Mnomain' ;; - ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64 - tmp_addflag=' -i_dynamic' ;; - efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64 - tmp_addflag=' -i_dynamic -nofor_main' ;; - ifc* | ifort*) # Intel Fortran compiler - tmp_addflag=' -nofor_main' ;; - esac - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - - if test $supports_anon_versioning = yes; then - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ - $echo "local: *; };" >> $output_objdir/$libname.ver~ - $CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' - fi - else - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - - netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' - wlarc= - else - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - fi - ;; - - solaris*) - if $LD -v 2>&1 | grep 'BFD 2\.8' > /dev/null; then - _LT_AC_TAGVAR(ld_shlibs, $1)=no - cat <&2 - -*** Warning: The releases 2.8.* of the GNU linker cannot reliably -*** create shared libraries on Solaris systems. Therefore, libtool -*** is disabling shared libraries support. We urge you to upgrade GNU -*** binutils to release 2.9.1 or newer. Another option is to modify -*** your PATH or compiler configuration so that the native linker is -*** used, and then restart. - -EOF - elif $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - else - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - - sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*) - case `$LD -v 2>&1` in - *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.1[[0-5]].*) - _LT_AC_TAGVAR(ld_shlibs, $1)=no - cat <<_LT_EOF 1>&2 - -*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not -*** reliably create shared libraries on SCO systems. Therefore, libtool -*** is disabling shared libraries support. We urge you to upgrade GNU -*** binutils to release 2.16.91.0.3 or newer. Another option is to modify -*** your PATH or compiler configuration so that the native linker is -*** used, and then restart. - -_LT_EOF - ;; - *) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='`test -z "$SCOABSPATH" && echo ${wl}-rpath,$libdir`' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname,-retain-symbols-file,$export_symbols -o $lib' - else - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - esac - ;; - - sunos4*) - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags' - wlarc= - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - *) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - else - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; - esac - - if test "$_LT_AC_TAGVAR(ld_shlibs, $1)" = no; then - runpath_var= - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)= - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)= - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)= - fi - else - # PORTME fill in a description of your system's linker (not GNU ld) - case $host_os in - aix3*) - _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported - _LT_AC_TAGVAR(always_export_symbols, $1)=yes - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname' - # Note: this linker hardcodes the directories in LIBPATH if there - # are no directories specified by -L. - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then - # Neither direct hardcoding nor static linking is supported with a - # broken collect2. - _LT_AC_TAGVAR(hardcode_direct, $1)=unsupported - fi - ;; - - aix4* | aix5*) - if test "$host_cpu" = ia64; then - # On IA64, the linker does run time linking by default, so we don't - # have to do anything special. - aix_use_runtimelinking=no - exp_sym_flag='-Bexport' - no_entry_flag="" - else - # If we're using GNU nm, then we don't want the "-C" option. - # -C means demangle to AIX nm, but means don't demangle with GNU nm - if $NM -V 2>&1 | grep 'GNU' > /dev/null; then - _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\[$]2 == "T") || (\[$]2 == "D") || (\[$]2 == "B")) && ([substr](\[$]3,1,1) != ".")) { print \[$]3 } }'\'' | sort -u > $export_symbols' - else - _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\[$]2 == "T") || (\[$]2 == "D") || (\[$]2 == "B")) && ([substr](\[$]3,1,1) != ".")) { print \[$]3 } }'\'' | sort -u > $export_symbols' - fi - aix_use_runtimelinking=no - - # Test if we are trying to use run time linking or normal - # AIX style linking. If -brtl is somewhere in LDFLAGS, we - # need to do runtime linking. - case $host_os in aix4.[[23]]|aix4.[[23]].*|aix5*) - for ld_flag in $LDFLAGS; do - if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then - aix_use_runtimelinking=yes - break - fi - done - ;; - esac - - exp_sym_flag='-bexport' - no_entry_flag='-bnoentry' - fi - - # When large executables or shared objects are built, AIX ld can - # have problems creating the table of contents. If linking a library - # or program results in "error TOC overflow" add -mminimal-toc to - # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not - # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. - - _LT_AC_TAGVAR(archive_cmds, $1)='' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=':' - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - - if test "$GCC" = yes; then - case $host_os in aix4.[[012]]|aix4.[[012]].*) - # We only want to do this on AIX 4.2 and lower, the check - # below for broken collect2 doesn't work under 4.3+ - collect2name=`${CC} -print-prog-name=collect2` - if test -f "$collect2name" && \ - strings "$collect2name" | grep resolve_lib_name >/dev/null - then - # We have reworked collect2 - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - else - # We have old collect2 - _LT_AC_TAGVAR(hardcode_direct, $1)=unsupported - # It fails to find uninstalled libraries when the uninstalled - # path is not listed in the libpath. Setting hardcode_minus_L - # to unsupported forces relinking - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)= - fi - ;; - esac - shared_flag='-shared' - if test "$aix_use_runtimelinking" = yes; then - shared_flag="$shared_flag "'${wl}-G' - fi - else - # not using gcc - if test "$host_cpu" = ia64; then - # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release - # chokes on -Wl,-G. The following line is correct: - shared_flag='-G' - else - if test "$aix_use_runtimelinking" = yes; then - shared_flag='${wl}-G' - else - shared_flag='${wl}-bM:SRE' - fi - fi - fi - - # It seems that -bexpall does not export symbols beginning with - # underscore (_), so it is better to generate a list of symbols to export. - _LT_AC_TAGVAR(always_export_symbols, $1)=yes - if test "$aix_use_runtimelinking" = yes; then - # Warning - without using the other runtime loading flags (-brtl), - # -berok will link without error, but may produce a broken library. - _LT_AC_TAGVAR(allow_undefined_flag, $1)='-berok' - # Determine the default libpath from the value encoded in an empty executable. - _LT_AC_SYS_LIBPATH_AIX - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" - _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then echo "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" - else - if test "$host_cpu" = ia64; then - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib' - _LT_AC_TAGVAR(allow_undefined_flag, $1)="-z nodefs" - _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols" - else - # Determine the default libpath from the value encoded in an empty executable. - _LT_AC_SYS_LIBPATH_AIX - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" - # Warning - without using the other run time loading flags, - # -berok will link without error, but may produce a broken library. - _LT_AC_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok' - _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok' - # Exported symbols can be pulled into shared objects from archives - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='$convenience' - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=yes - # This is similar to how AIX traditionally builds its shared libraries. - _LT_AC_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname' - fi - fi - ;; - - amigaos*) - _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - # see comment about different semantics on the GNU ld section - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - - bsdi[[45]]*) - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)=-rdynamic - ;; - - cygwin* | mingw* | pw32*) - # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. - # hardcode_libdir_flag_spec is actually meaningless, as there is - # no search path for DLLs. - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' - _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported - # Tell ltmain to make .lib files, not .a files. - libext=lib - # Tell ltmain to make .dll files, not .so files. - shrext_cmds=".dll" - # FIXME: Setting linknames here is a bad hack. - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -o $lib $libobjs $compiler_flags `echo "$deplibs" | $SED -e '\''s/ -lc$//'\''` -link -dll~linknames=' - # The linker will automatically build a .lib file if we build a DLL. - _LT_AC_TAGVAR(old_archive_From_new_cmds, $1)='true' - # FIXME: Should let the user specify the lib program. - _LT_AC_TAGVAR(old_archive_cmds, $1)='lib /OUT:$oldlib$oldobjs$old_deplibs' - _LT_AC_TAGVAR(fix_srcfile_path, $1)='`cygpath -w "$srcfile"`' - _LT_AC_TAGVAR(enable_shared_with_static_runtimes, $1)=yes - ;; - - darwin* | rhapsody*) - case $host_os in - rhapsody* | darwin1.[[012]]) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}suppress' - ;; - *) # Darwin 1.3 on - if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then - _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - else - case ${MACOSX_DEPLOYMENT_TARGET} in - 10.[[012]]) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - ;; - 10.*) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}dynamic_lookup' - ;; - esac - fi - ;; - esac - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_AC_TAGVAR(hardcode_direct, $1)=no - _LT_AC_TAGVAR(hardcode_automatic, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='' - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - if test "$GCC" = yes ; then - output_verbose_link_cmd='echo' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - case $cc_basename in - xlc*) - output_verbose_link_cmd='echo' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring' - _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - ;; - *) - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - esac - fi - ;; - - dgux*) - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - freebsd1*) - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - - # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor - # support. Future versions do this automatically, but an explicit c++rt0.o - # does not break anything, and helps significantly (at the cost of a little - # extra space). - freebsd2.2*) - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - # Unfortunately, older versions of FreeBSD 2 do not have this feature. - freebsd2*) - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - # FreeBSD 3 and greater uses gcc -shared to do shared libraries. - freebsd* | kfreebsd*-gnu | dragonfly*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - hpux9*) - if test "$GCC" = yes; then - _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/$soname~$CC -shared -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - else - _LT_AC_TAGVAR(archive_cmds, $1)='$rm $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - fi - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - ;; - - hpux10*) - if test "$GCC" = yes -a "$with_gnu_ld" = no; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - else - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags' - fi - if test "$with_gnu_ld" = no; then - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - fi - ;; - - hpux11*) - if test "$GCC" = yes -a "$with_gnu_ld" = no; then - case $host_cpu in - hppa*64*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - ia64*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - else - case $host_cpu in - hppa*64*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - ia64*) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - fi - if test "$with_gnu_ld" = no; then - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - - case $host_cpu in - hppa*64*|ia64*) - _LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='+b $libdir' - _LT_AC_TAGVAR(hardcode_direct, $1)=no - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - *) - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - ;; - esac - fi - ;; - - irix5* | irix6* | nonstopux*) - if test "$GCC" = yes; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='-rpath $libdir' - fi - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - ;; - - netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out - else - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF - fi - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - newsos6) - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - openbsd*) - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' - else - case $host_os in - openbsd[[01]].* | openbsd2.[[0-7]] | openbsd2.[[0-7]].*) - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - ;; - *) - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' - ;; - esac - fi - ;; - - os2*) - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - _LT_AC_TAGVAR(allow_undefined_flag, $1)=unsupported - _LT_AC_TAGVAR(archive_cmds, $1)='$echo "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$echo "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~$echo DATA >> $output_objdir/$libname.def~$echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~$echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def' - _LT_AC_TAGVAR(old_archive_From_new_cmds, $1)='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def' - ;; - - osf3*) - if test "$GCC" = yes; then - _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - _LT_AC_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*' - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - fi - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - ;; - - osf4* | osf5*) # as osf3* with the addition of -msym flag - if test "$GCC" = yes; then - _LT_AC_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' - else - _LT_AC_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*' - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; echo "-hidden">> $lib.exp~ - $LD -shared${allow_undefined_flag} -input $lib.exp $linker_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib~$rm $lib.exp' - - # Both c and cxx compiler support -rpath directly - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir' - fi - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=: - ;; - - solaris*) - _LT_AC_TAGVAR(no_undefined_flag, $1)=' -z text' - if test "$GCC" = yes; then - wlarc='${wl}' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $CC -shared ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$rm $lib.exp' - else - wlarc='' - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$rm $lib.exp' - fi - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - case $host_os in - solaris2.[[0-5]] | solaris2.[[0-5]].*) ;; - *) - # The compiler driver will combine linker options so we - # cannot just pass the convience library names through - # without $wl, iff we do not link with $LD. - # Luckily, gcc supports the same syntax we need for Sun Studio. - # Supported since Solaris 2.6 (maybe 2.5.1?) - case $wlarc in - '') - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract' ;; - *) - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}-z ${wl}allextract`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}-z ${wl}defaultextract' ;; - esac ;; - esac - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - ;; - - sunos4*) - if test "x$host_vendor" = xsequent; then - # Use $CC to link under sequent, because it throws in some extra .o - # files that make .init and .fini sections work. - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags' - else - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags' - fi - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes - _LT_AC_TAGVAR(hardcode_minus_L, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - sysv4) - case $host_vendor in - sni) - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(hardcode_direct, $1)=yes # is this really true??? - ;; - siemens) - ## LD is ld it makes a PLAMLIB - ## CC just makes a GrossModule. - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(reload_cmds, $1)='$CC -r -o $output$reload_objs' - _LT_AC_TAGVAR(hardcode_direct, $1)=no - ;; - motorola) - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(hardcode_direct, $1)=no #Motorola manual says yes, but my tests say they lie - ;; - esac - runpath_var='LD_RUN_PATH' - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - sysv4.3*) - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='-Bexport' - ;; - - sysv4*MP*) - if test -d /usr/nec; then - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - runpath_var=LD_RUN_PATH - hardcode_runpath_var=yes - _LT_AC_TAGVAR(ld_shlibs, $1)=yes - fi - ;; - - sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7*) - _LT_AC_TAGVAR(no_undefined_flag, $1)='${wl}-z,text' - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - runpath_var='LD_RUN_PATH' - - if test "$GCC" = yes; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - else - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - fi - ;; - - sysv5* | sco3.2v5* | sco5v6*) - # Note: We can NOT use -z defs as we might desire, because we do not - # link with -lc, and that would cause any symbols used from libc to - # always be unresolved, which means just about no library would - # ever link correctly. If we're not using GNU ld we use -z text - # though, which does catch some bad symbols but isn't as heavy-handed - # as -z defs. - _LT_AC_TAGVAR(no_undefined_flag, $1)='${wl}-z,text' - _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-z,nodefs' - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`' - _LT_AC_TAGVAR(hardcode_libdir_separator, $1)=':' - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Bexport' - runpath_var='LD_RUN_PATH' - - if test "$GCC" = yes; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - else - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - fi - ;; - - uts4*) - _LT_AC_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no - ;; - - *) - _LT_AC_TAGVAR(ld_shlibs, $1)=no - ;; - esac - fi -]) -AC_MSG_RESULT([$_LT_AC_TAGVAR(ld_shlibs, $1)]) -test "$_LT_AC_TAGVAR(ld_shlibs, $1)" = no && can_build_shared=no - -# -# Do we need to explicitly link libc? -# -case "x$_LT_AC_TAGVAR(archive_cmds_need_lc, $1)" in -x|xyes) - # Assume -lc should be added - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=yes - - if test "$enable_shared" = yes && test "$GCC" = yes; then - case $_LT_AC_TAGVAR(archive_cmds, $1) in - *'~'*) - # FIXME: we may have to deal with multi-command sequences. - ;; - '$CC '*) - # Test whether the compiler implicitly links with -lc since on some - # systems, -lgcc has to come before -lc. If gcc already passes -lc - # to ld, don't add -lc before -lgcc. - AC_MSG_CHECKING([whether -lc should be explicitly linked in]) - $rm conftest* - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - - if AC_TRY_EVAL(ac_compile) 2>conftest.err; then - soname=conftest - lib=conftest - libobjs=conftest.$ac_objext - deplibs= - wl=$_LT_AC_TAGVAR(lt_prog_compiler_wl, $1) - pic_flag=$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1) - compiler_flags=-v - linker_flags=-v - verstring= - output_objdir=. - libname=conftest - lt_save_allow_undefined_flag=$_LT_AC_TAGVAR(allow_undefined_flag, $1) - _LT_AC_TAGVAR(allow_undefined_flag, $1)= - if AC_TRY_EVAL(_LT_AC_TAGVAR(archive_cmds, $1) 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1) - then - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - else - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=yes - fi - _LT_AC_TAGVAR(allow_undefined_flag, $1)=$lt_save_allow_undefined_flag - else - cat conftest.err 1>&5 - fi - $rm conftest* - AC_MSG_RESULT([$_LT_AC_TAGVAR(archive_cmds_need_lc, $1)]) - ;; - esac - fi - ;; -esac -])# AC_LIBTOOL_PROG_LD_SHLIBS - - -# _LT_AC_FILE_LTDLL_C -# ------------------- -# Be careful that the start marker always follows a newline. -AC_DEFUN([_LT_AC_FILE_LTDLL_C], [ -# /* ltdll.c starts here */ -# #define WIN32_LEAN_AND_MEAN -# #include -# #undef WIN32_LEAN_AND_MEAN -# #include -# -# #ifndef __CYGWIN__ -# # ifdef __CYGWIN32__ -# # define __CYGWIN__ __CYGWIN32__ -# # endif -# #endif -# -# #ifdef __cplusplus -# extern "C" { -# #endif -# BOOL APIENTRY DllMain (HINSTANCE hInst, DWORD reason, LPVOID reserved); -# #ifdef __cplusplus -# } -# #endif -# -# #ifdef __CYGWIN__ -# #include -# DECLARE_CYGWIN_DLL( DllMain ); -# #endif -# HINSTANCE __hDllInstance_base; -# -# BOOL APIENTRY -# DllMain (HINSTANCE hInst, DWORD reason, LPVOID reserved) -# { -# __hDllInstance_base = hInst; -# return TRUE; -# } -# /* ltdll.c ends here */ -])# _LT_AC_FILE_LTDLL_C - - -# _LT_AC_TAGVAR(VARNAME, [TAGNAME]) -# --------------------------------- -AC_DEFUN([_LT_AC_TAGVAR], [ifelse([$2], [], [$1], [$1_$2])]) - - -# old names -AC_DEFUN([AM_PROG_LIBTOOL], [AC_PROG_LIBTOOL]) -AC_DEFUN([AM_ENABLE_SHARED], [AC_ENABLE_SHARED($@)]) -AC_DEFUN([AM_ENABLE_STATIC], [AC_ENABLE_STATIC($@)]) -AC_DEFUN([AM_DISABLE_SHARED], [AC_DISABLE_SHARED($@)]) -AC_DEFUN([AM_DISABLE_STATIC], [AC_DISABLE_STATIC($@)]) -AC_DEFUN([AM_PROG_LD], [AC_PROG_LD]) -AC_DEFUN([AM_PROG_NM], [AC_PROG_NM]) - -# This is just to silence aclocal about the macro not being used -ifelse([AC_DISABLE_FAST_INSTALL]) - -AC_DEFUN([LT_AC_PROG_GCJ], -[AC_CHECK_TOOL(GCJ, gcj, no) - test "x${GCJFLAGS+set}" = xset || GCJFLAGS="-g -O2" - AC_SUBST(GCJFLAGS) -]) - -AC_DEFUN([LT_AC_PROG_RC], -[AC_CHECK_TOOL(RC, windres, no) -]) - -# NOTE: This macro has been submitted for inclusion into # -# GNU Autoconf as AC_PROG_SED. When it is available in # -# a released version of Autoconf we should remove this # -# macro and use it instead. # -# LT_AC_PROG_SED -# -------------- -# Check for a fully-functional sed program, that truncates -# as few characters as possible. Prefer GNU sed if found. -AC_DEFUN([LT_AC_PROG_SED], -[AC_MSG_CHECKING([for a sed that does not truncate output]) -AC_CACHE_VAL(lt_cv_path_SED, -[# Loop through the user's path and test for sed and gsed. -# Then use that list of sed's as ones to test for truncation. -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for lt_ac_prog in sed gsed; do - for ac_exec_ext in '' $ac_executable_extensions; do - if $as_executable_p "$as_dir/$lt_ac_prog$ac_exec_ext"; then - lt_ac_sed_list="$lt_ac_sed_list $as_dir/$lt_ac_prog$ac_exec_ext" - fi - done - done -done -lt_ac_max=0 -lt_ac_count=0 -# Add /usr/xpg4/bin/sed as it is typically found on Solaris -# along with /bin/sed that truncates output. -for lt_ac_sed in $lt_ac_sed_list /usr/xpg4/bin/sed; do - test ! -f $lt_ac_sed && continue - cat /dev/null > conftest.in - lt_ac_count=0 - echo $ECHO_N "0123456789$ECHO_C" >conftest.in - # Check for GNU sed and select it if it is found. - if "$lt_ac_sed" --version 2>&1 < /dev/null | grep 'GNU' > /dev/null; then - lt_cv_path_SED=$lt_ac_sed - break - fi - while true; do - cat conftest.in conftest.in >conftest.tmp - mv conftest.tmp conftest.in - cp conftest.in conftest.nl - echo >>conftest.nl - $lt_ac_sed -e 's/a$//' < conftest.nl >conftest.out || break - cmp -s conftest.out conftest.nl || break - # 10000 chars as input seems more than enough - test $lt_ac_count -gt 10 && break - lt_ac_count=`expr $lt_ac_count + 1` - if test $lt_ac_count -gt $lt_ac_max; then - lt_ac_max=$lt_ac_count - lt_cv_path_SED=$lt_ac_sed - fi - done -done -]) -SED=$lt_cv_path_SED -AC_MSG_RESULT([$SED]) -]) - -# Copyright (C) 2002, 2003, 2005, 2006 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# AM_AUTOMAKE_VERSION(VERSION) -# ---------------------------- -# Automake X.Y traces this macro to ensure aclocal.m4 has been -# generated from the m4 files accompanying Automake X.Y. -# (This private macro should not be called outside this file.) -AC_DEFUN([AM_AUTOMAKE_VERSION], -[am__api_version='1.10' -dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to -dnl require some minimum version. Point them to the right macro. -m4_if([$1], [1.10], [], - [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl -]) - -# _AM_AUTOCONF_VERSION(VERSION) -# ----------------------------- -# aclocal traces this macro to find the Autoconf version. -# This is a private macro too. Using m4_define simplifies -# the logic in aclocal, which can simply ignore this definition. -m4_define([_AM_AUTOCONF_VERSION], []) - -# AM_SET_CURRENT_AUTOMAKE_VERSION -# ------------------------------- -# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. -# This function is AC_REQUIREd by AC_INIT_AUTOMAKE. -AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], -[AM_AUTOMAKE_VERSION([1.10])dnl -_AM_AUTOCONF_VERSION(m4_PACKAGE_VERSION)]) - -# AM_AUX_DIR_EXPAND -*- Autoconf -*- - -# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets -# $ac_aux_dir to `$srcdir/foo'. In other projects, it is set to -# `$srcdir', `$srcdir/..', or `$srcdir/../..'. -# -# Of course, Automake must honor this variable whenever it calls a -# tool from the auxiliary directory. The problem is that $srcdir (and -# therefore $ac_aux_dir as well) can be either absolute or relative, -# depending on how configure is run. This is pretty annoying, since -# it makes $ac_aux_dir quite unusable in subdirectories: in the top -# source directory, any form will work fine, but in subdirectories a -# relative path needs to be adjusted first. -# -# $ac_aux_dir/missing -# fails when called from a subdirectory if $ac_aux_dir is relative -# $top_srcdir/$ac_aux_dir/missing -# fails if $ac_aux_dir is absolute, -# fails when called from a subdirectory in a VPATH build with -# a relative $ac_aux_dir -# -# The reason of the latter failure is that $top_srcdir and $ac_aux_dir -# are both prefixed by $srcdir. In an in-source build this is usually -# harmless because $srcdir is `.', but things will broke when you -# start a VPATH build or use an absolute $srcdir. -# -# So we could use something similar to $top_srcdir/$ac_aux_dir/missing, -# iff we strip the leading $srcdir from $ac_aux_dir. That would be: -# am_aux_dir='\$(top_srcdir)/'`expr "$ac_aux_dir" : "$srcdir//*\(.*\)"` -# and then we would define $MISSING as -# MISSING="\${SHELL} $am_aux_dir/missing" -# This will work as long as MISSING is not called from configure, because -# unfortunately $(top_srcdir) has no meaning in configure. -# However there are other variables, like CC, which are often used in -# configure, and could therefore not use this "fixed" $ac_aux_dir. -# -# Another solution, used here, is to always expand $ac_aux_dir to an -# absolute PATH. The drawback is that using absolute paths prevent a -# configured tree to be moved without reconfiguration. - -AC_DEFUN([AM_AUX_DIR_EXPAND], -[dnl Rely on autoconf to set up CDPATH properly. -AC_PREREQ([2.50])dnl -# expand $ac_aux_dir to an absolute path -am_aux_dir=`cd $ac_aux_dir && pwd` -]) - -# AM_CONDITIONAL -*- Autoconf -*- - -# Copyright (C) 1997, 2000, 2001, 2003, 2004, 2005, 2006 -# Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# serial 8 - -# AM_CONDITIONAL(NAME, SHELL-CONDITION) -# ------------------------------------- -# Define a conditional. -AC_DEFUN([AM_CONDITIONAL], -[AC_PREREQ(2.52)dnl - ifelse([$1], [TRUE], [AC_FATAL([$0: invalid condition: $1])], - [$1], [FALSE], [AC_FATAL([$0: invalid condition: $1])])dnl -AC_SUBST([$1_TRUE])dnl -AC_SUBST([$1_FALSE])dnl -_AM_SUBST_NOTMAKE([$1_TRUE])dnl -_AM_SUBST_NOTMAKE([$1_FALSE])dnl -if $2; then - $1_TRUE= - $1_FALSE='#' -else - $1_TRUE='#' - $1_FALSE= -fi -AC_CONFIG_COMMANDS_PRE( -[if test -z "${$1_TRUE}" && test -z "${$1_FALSE}"; then - AC_MSG_ERROR([[conditional "$1" was never defined. -Usually this means the macro was only invoked conditionally.]]) -fi])]) - -# Do all the work for Automake. -*- Autoconf -*- - -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, -# 2005, 2006 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# serial 12 - -# This macro actually does too much. Some checks are only needed if -# your package does certain things. But this isn't really a big deal. - -# AM_INIT_AUTOMAKE(PACKAGE, VERSION, [NO-DEFINE]) -# AM_INIT_AUTOMAKE([OPTIONS]) -# ----------------------------------------------- -# The call with PACKAGE and VERSION arguments is the old style -# call (pre autoconf-2.50), which is being phased out. PACKAGE -# and VERSION should now be passed to AC_INIT and removed from -# the call to AM_INIT_AUTOMAKE. -# We support both call styles for the transition. After -# the next Automake release, Autoconf can make the AC_INIT -# arguments mandatory, and then we can depend on a new Autoconf -# release and drop the old call support. -AC_DEFUN([AM_INIT_AUTOMAKE], -[AC_PREREQ([2.60])dnl -dnl Autoconf wants to disallow AM_ names. We explicitly allow -dnl the ones we care about. -m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl -AC_REQUIRE([AM_SET_CURRENT_AUTOMAKE_VERSION])dnl -AC_REQUIRE([AC_PROG_INSTALL])dnl -if test "`cd $srcdir && pwd`" != "`pwd`"; then - # Use -I$(srcdir) only when $(srcdir) != ., so that make's output - # is not polluted with repeated "-I." - AC_SUBST([am__isrc], [' -I$(srcdir)'])_AM_SUBST_NOTMAKE([am__isrc])dnl - # test to see if srcdir already configured - if test -f $srcdir/config.status; then - AC_MSG_ERROR([source directory already configured; run "make distclean" there first]) - fi -fi - -# test whether we have cygpath -if test -z "$CYGPATH_W"; then - if (cygpath --version) >/dev/null 2>/dev/null; then - CYGPATH_W='cygpath -w' - else - CYGPATH_W=echo - fi -fi -AC_SUBST([CYGPATH_W]) - -# Define the identity of the package. -dnl Distinguish between old-style and new-style calls. -m4_ifval([$2], -[m4_ifval([$3], [_AM_SET_OPTION([no-define])])dnl - AC_SUBST([PACKAGE], [$1])dnl - AC_SUBST([VERSION], [$2])], -[_AM_SET_OPTIONS([$1])dnl -dnl Diagnose old-style AC_INIT with new-style AM_AUTOMAKE_INIT. -m4_if(m4_ifdef([AC_PACKAGE_NAME], 1)m4_ifdef([AC_PACKAGE_VERSION], 1), 11,, - [m4_fatal([AC_INIT should be called with package and version arguments])])dnl - AC_SUBST([PACKAGE], ['AC_PACKAGE_TARNAME'])dnl - AC_SUBST([VERSION], ['AC_PACKAGE_VERSION'])])dnl - -_AM_IF_OPTION([no-define],, -[AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of package]) - AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version number of package])])dnl - -# Some tools Automake needs. -AC_REQUIRE([AM_SANITY_CHECK])dnl -AC_REQUIRE([AC_ARG_PROGRAM])dnl -AM_MISSING_PROG(ACLOCAL, aclocal-${am__api_version}) -AM_MISSING_PROG(AUTOCONF, autoconf) -AM_MISSING_PROG(AUTOMAKE, automake-${am__api_version}) -AM_MISSING_PROG(AUTOHEADER, autoheader) -AM_MISSING_PROG(MAKEINFO, makeinfo) -AM_PROG_INSTALL_SH -AM_PROG_INSTALL_STRIP -AC_REQUIRE([AM_PROG_MKDIR_P])dnl -# We need awk for the "check" target. The system "awk" is bad on -# some platforms. -AC_REQUIRE([AC_PROG_AWK])dnl -AC_REQUIRE([AC_PROG_MAKE_SET])dnl -AC_REQUIRE([AM_SET_LEADING_DOT])dnl -_AM_IF_OPTION([tar-ustar], [_AM_PROG_TAR([ustar])], - [_AM_IF_OPTION([tar-pax], [_AM_PROG_TAR([pax])], - [_AM_PROG_TAR([v7])])]) -_AM_IF_OPTION([no-dependencies],, -[AC_PROVIDE_IFELSE([AC_PROG_CC], - [_AM_DEPENDENCIES(CC)], - [define([AC_PROG_CC], - defn([AC_PROG_CC])[_AM_DEPENDENCIES(CC)])])dnl -AC_PROVIDE_IFELSE([AC_PROG_CXX], - [_AM_DEPENDENCIES(CXX)], - [define([AC_PROG_CXX], - defn([AC_PROG_CXX])[_AM_DEPENDENCIES(CXX)])])dnl -AC_PROVIDE_IFELSE([AC_PROG_OBJC], - [_AM_DEPENDENCIES(OBJC)], - [define([AC_PROG_OBJC], - defn([AC_PROG_OBJC])[_AM_DEPENDENCIES(OBJC)])])dnl -]) -]) - - -# When config.status generates a header, we must update the stamp-h file. -# This file resides in the same directory as the config header -# that is generated. The stamp files are numbered to have different names. - -# Autoconf calls _AC_AM_CONFIG_HEADER_HOOK (when defined) in the -# loop where config.status creates the headers, so we can generate -# our stamp files there. -AC_DEFUN([_AC_AM_CONFIG_HEADER_HOOK], -[# Compute $1's index in $config_headers. -_am_stamp_count=1 -for _am_header in $config_headers :; do - case $_am_header in - $1 | $1:* ) - break ;; - * ) - _am_stamp_count=`expr $_am_stamp_count + 1` ;; - esac -done -echo "timestamp for $1" >`AS_DIRNAME([$1])`/stamp-h[]$_am_stamp_count]) - -# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# AM_PROG_INSTALL_SH -# ------------------ -# Define $install_sh. -AC_DEFUN([AM_PROG_INSTALL_SH], -[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl -install_sh=${install_sh-"\$(SHELL) $am_aux_dir/install-sh"} -AC_SUBST(install_sh)]) - -# Copyright (C) 2003, 2005 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# serial 2 - -# Check whether the underlying file-system supports filenames -# with a leading dot. For instance MS-DOS doesn't. -AC_DEFUN([AM_SET_LEADING_DOT], -[rm -rf .tst 2>/dev/null -mkdir .tst 2>/dev/null -if test -d .tst; then - am__leading_dot=. -else - am__leading_dot=_ -fi -rmdir .tst 2>/dev/null -AC_SUBST([am__leading_dot])]) - -# Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2005 -# Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# serial 5 - -# AM_PROG_LEX -# ----------- -# Autoconf leaves LEX=: if lex or flex can't be found. Change that to a -# "missing" invocation, for better error output. -AC_DEFUN([AM_PROG_LEX], -[AC_PREREQ(2.50)dnl -AC_REQUIRE([AM_MISSING_HAS_RUN])dnl -AC_REQUIRE([AC_PROG_LEX])dnl -if test "$LEX" = :; then - LEX=${am_missing_run}flex -fi]) - -# Add --enable-maintainer-mode option to configure. -*- Autoconf -*- -# From Jim Meyering - -# Copyright (C) 1996, 1998, 2000, 2001, 2002, 2003, 2004, 2005 -# Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# serial 4 - -AC_DEFUN([AM_MAINTAINER_MODE], -[AC_MSG_CHECKING([whether to enable maintainer-specific portions of Makefiles]) - dnl maintainer-mode is disabled by default - AC_ARG_ENABLE(maintainer-mode, -[ --enable-maintainer-mode enable make rules and dependencies not useful - (and sometimes confusing) to the casual installer], - USE_MAINTAINER_MODE=$enableval, - USE_MAINTAINER_MODE=no) - AC_MSG_RESULT([$USE_MAINTAINER_MODE]) - AM_CONDITIONAL(MAINTAINER_MODE, [test $USE_MAINTAINER_MODE = yes]) - MAINT=$MAINTAINER_MODE_TRUE - AC_SUBST(MAINT)dnl -] -) - -AU_DEFUN([jm_MAINTAINER_MODE], [AM_MAINTAINER_MODE]) - -# Copyright (C) 1999, 2000, 2001, 2003, 2004, 2005 -# Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# serial 5 - -# AM_PROG_CC_C_O -# -------------- -# Like AC_PROG_CC_C_O, but changed for automake. -AC_DEFUN([AM_PROG_CC_C_O], -[AC_REQUIRE([AC_PROG_CC_C_O])dnl -AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl -AC_REQUIRE_AUX_FILE([compile])dnl -# FIXME: we rely on the cache variable name because -# there is no other way. -set dummy $CC -ac_cc=`echo $[2] | sed ['s/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/']` -if eval "test \"`echo '$ac_cv_prog_cc_'${ac_cc}_c_o`\" != yes"; then - # Losing compiler, so override with the script. - # FIXME: It is wrong to rewrite CC. - # But if we don't then we get into trouble of one sort or another. - # A longer-term fix would be to have automake use am__CC in this case, - # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)" - CC="$am_aux_dir/compile $CC" -fi -dnl Make sure AC_PROG_CC is never called again, or it will override our -dnl setting of CC. -m4_define([AC_PROG_CC], - [m4_fatal([AC_PROG_CC cannot be called after AM_PROG_CC_C_O])]) -]) - -# Fake the existence of programs that GNU maintainers use. -*- Autoconf -*- - -# Copyright (C) 1997, 1999, 2000, 2001, 2003, 2004, 2005 -# Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# serial 5 - -# AM_MISSING_PROG(NAME, PROGRAM) -# ------------------------------ -AC_DEFUN([AM_MISSING_PROG], -[AC_REQUIRE([AM_MISSING_HAS_RUN]) -$1=${$1-"${am_missing_run}$2"} -AC_SUBST($1)]) - - -# AM_MISSING_HAS_RUN -# ------------------ -# Define MISSING if not defined so far and test if it supports --run. -# If it does, set am_missing_run to use it, otherwise, to nothing. -AC_DEFUN([AM_MISSING_HAS_RUN], -[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl -AC_REQUIRE_AUX_FILE([missing])dnl -test x"${MISSING+set}" = xset || MISSING="\${SHELL} $am_aux_dir/missing" -# Use eval to expand $SHELL -if eval "$MISSING --run true"; then - am_missing_run="$MISSING --run " -else - am_missing_run= - AC_MSG_WARN([`missing' script is too old or missing]) -fi -]) - -# Copyright (C) 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# AM_PROG_MKDIR_P -# --------------- -# Check for `mkdir -p'. -AC_DEFUN([AM_PROG_MKDIR_P], -[AC_PREREQ([2.60])dnl -AC_REQUIRE([AC_PROG_MKDIR_P])dnl -dnl Automake 1.8 to 1.9.6 used to define mkdir_p. We now use MKDIR_P, -dnl while keeping a definition of mkdir_p for backward compatibility. -dnl @MKDIR_P@ is magic: AC_OUTPUT adjusts its value for each Makefile. -dnl However we cannot define mkdir_p as $(MKDIR_P) for the sake of -dnl Makefile.ins that do not define MKDIR_P, so we do our own -dnl adjustment using top_builddir (which is defined more often than -dnl MKDIR_P). -AC_SUBST([mkdir_p], ["$MKDIR_P"])dnl -case $mkdir_p in - [[\\/$]]* | ?:[[\\/]]*) ;; - */*) mkdir_p="\$(top_builddir)/$mkdir_p" ;; -esac -]) - -# Helper functions for option handling. -*- Autoconf -*- - -# Copyright (C) 2001, 2002, 2003, 2005 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# serial 3 - -# _AM_MANGLE_OPTION(NAME) -# ----------------------- -AC_DEFUN([_AM_MANGLE_OPTION], -[[_AM_OPTION_]m4_bpatsubst($1, [[^a-zA-Z0-9_]], [_])]) - -# _AM_SET_OPTION(NAME) -# ------------------------------ -# Set option NAME. Presently that only means defining a flag for this option. -AC_DEFUN([_AM_SET_OPTION], -[m4_define(_AM_MANGLE_OPTION([$1]), 1)]) - -# _AM_SET_OPTIONS(OPTIONS) -# ---------------------------------- -# OPTIONS is a space-separated list of Automake options. -AC_DEFUN([_AM_SET_OPTIONS], -[AC_FOREACH([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])]) - -# _AM_IF_OPTION(OPTION, IF-SET, [IF-NOT-SET]) -# ------------------------------------------- -# Execute IF-SET if OPTION is set, IF-NOT-SET otherwise. -AC_DEFUN([_AM_IF_OPTION], -[m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])]) - -# Check to make sure that the build environment is sane. -*- Autoconf -*- - -# Copyright (C) 1996, 1997, 2000, 2001, 2003, 2005 -# Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# serial 4 - -# AM_SANITY_CHECK -# --------------- -AC_DEFUN([AM_SANITY_CHECK], -[AC_MSG_CHECKING([whether build environment is sane]) -# Just in case -sleep 1 -echo timestamp > conftest.file -# Do `set' in a subshell so we don't clobber the current shell's -# arguments. Must try -L first in case configure is actually a -# symlink; some systems play weird games with the mod time of symlinks -# (eg FreeBSD returns the mod time of the symlink's containing -# directory). -if ( - set X `ls -Lt $srcdir/configure conftest.file 2> /dev/null` - if test "$[*]" = "X"; then - # -L didn't work. - set X `ls -t $srcdir/configure conftest.file` - fi - rm -f conftest.file - if test "$[*]" != "X $srcdir/configure conftest.file" \ - && test "$[*]" != "X conftest.file $srcdir/configure"; then - - # If neither matched, then we have a broken ls. This can happen - # if, for instance, CONFIG_SHELL is bash and it inherits a - # broken ls alias from the environment. This has actually - # happened. Such a system could not be considered "sane". - AC_MSG_ERROR([ls -t appears to fail. Make sure there is not a broken -alias in your environment]) - fi - - test "$[2]" = conftest.file - ) -then - # Ok. - : -else - AC_MSG_ERROR([newly created file is older than distributed files! -Check your system clock]) -fi -AC_MSG_RESULT(yes)]) - -# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# AM_PROG_INSTALL_STRIP -# --------------------- -# One issue with vendor `install' (even GNU) is that you can't -# specify the program used to strip binaries. This is especially -# annoying in cross-compiling environments, where the build's strip -# is unlikely to handle the host's binaries. -# Fortunately install-sh will honor a STRIPPROG variable, so we -# always use install-sh in `make install-strip', and initialize -# STRIPPROG with the value of the STRIP variable (set by the user). -AC_DEFUN([AM_PROG_INSTALL_STRIP], -[AC_REQUIRE([AM_PROG_INSTALL_SH])dnl -# Installed binaries are usually stripped using `strip' when the user -# run `make install-strip'. However `strip' might not be the right -# tool to use in cross-compilation environments, therefore Automake -# will honor the `STRIP' environment variable to overrule this program. -dnl Don't test for $cross_compiling = yes, because it might be `maybe'. -if test "$cross_compiling" != no; then - AC_CHECK_TOOL([STRIP], [strip], :) -fi -INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" -AC_SUBST([INSTALL_STRIP_PROGRAM])]) - -# Copyright (C) 2006 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# _AM_SUBST_NOTMAKE(VARIABLE) -# --------------------------- -# Prevent Automake from outputing VARIABLE = @VARIABLE@ in Makefile.in. -# This macro is traced by Automake. -AC_DEFUN([_AM_SUBST_NOTMAKE]) - -# Check how to create a tarball. -*- Autoconf -*- - -# Copyright (C) 2004, 2005 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# serial 2 - -# _AM_PROG_TAR(FORMAT) -# -------------------- -# Check how to create a tarball in format FORMAT. -# FORMAT should be one of `v7', `ustar', or `pax'. -# -# Substitute a variable $(am__tar) that is a command -# writing to stdout a FORMAT-tarball containing the directory -# $tardir. -# tardir=directory && $(am__tar) > result.tar -# -# Substitute a variable $(am__untar) that extract such -# a tarball read from stdin. -# $(am__untar) < result.tar -AC_DEFUN([_AM_PROG_TAR], -[# Always define AMTAR for backward compatibility. -AM_MISSING_PROG([AMTAR], [tar]) -m4_if([$1], [v7], - [am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -'], - [m4_case([$1], [ustar],, [pax],, - [m4_fatal([Unknown tar format])]) -AC_MSG_CHECKING([how to create a $1 tar archive]) -# Loop over all known methods to create a tar archive until one works. -_am_tools='gnutar m4_if([$1], [ustar], [plaintar]) pax cpio none' -_am_tools=${am_cv_prog_tar_$1-$_am_tools} -# Do not fold the above two line into one, because Tru64 sh and -# Solaris sh will not grok spaces in the rhs of `-'. -for _am_tool in $_am_tools -do - case $_am_tool in - gnutar) - for _am_tar in tar gnutar gtar; - do - AM_RUN_LOG([$_am_tar --version]) && break - done - am__tar="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$$tardir"' - am__tar_="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$tardir"' - am__untar="$_am_tar -xf -" - ;; - plaintar) - # Must skip GNU tar: if it does not support --format= it doesn't create - # ustar tarball either. - (tar --version) >/dev/null 2>&1 && continue - am__tar='tar chf - "$$tardir"' - am__tar_='tar chf - "$tardir"' - am__untar='tar xf -' - ;; - pax) - am__tar='pax -L -x $1 -w "$$tardir"' - am__tar_='pax -L -x $1 -w "$tardir"' - am__untar='pax -r' - ;; - cpio) - am__tar='find "$$tardir" -print | cpio -o -H $1 -L' - am__tar_='find "$tardir" -print | cpio -o -H $1 -L' - am__untar='cpio -i -H $1 -d' - ;; - none) - am__tar=false - am__tar_=false - am__untar=false - ;; - esac - - # If the value was cached, stop now. We just wanted to have am__tar - # and am__untar set. - test -n "${am_cv_prog_tar_$1}" && break - - # tar/untar a dummy directory, and stop if the command works - rm -rf conftest.dir - mkdir conftest.dir - echo GrepMe > conftest.dir/file - AM_RUN_LOG([tardir=conftest.dir && eval $am__tar_ >conftest.tar]) - rm -rf conftest.dir - if test -s conftest.tar; then - AM_RUN_LOG([$am__untar /dev/null 2>&1 && break - fi -done -rm -rf conftest.dir - -AC_CACHE_VAL([am_cv_prog_tar_$1], [am_cv_prog_tar_$1=$_am_tool]) -AC_MSG_RESULT([$am_cv_prog_tar_$1])]) -AC_SUBST([am__tar]) -AC_SUBST([am__untar]) -]) # _AM_PROG_TAR - -m4_include([cf/aix.m4]) -m4_include([cf/auth-modules.m4]) -m4_include([cf/autobuild.m4]) -m4_include([cf/broken-getaddrinfo.m4]) -m4_include([cf/broken-glob.m4]) -m4_include([cf/broken-realloc.m4]) -m4_include([cf/broken-snprintf.m4]) -m4_include([cf/broken.m4]) -m4_include([cf/broken2.m4]) -m4_include([cf/c-attribute.m4]) -m4_include([cf/capabilities.m4]) -m4_include([cf/check-compile-et.m4]) -m4_include([cf/check-getpwnam_r-posix.m4]) -m4_include([cf/check-man.m4]) -m4_include([cf/check-netinet-ip-and-tcp.m4]) -m4_include([cf/check-type-extra.m4]) -m4_include([cf/check-var.m4]) -m4_include([cf/check-x.m4]) -m4_include([cf/check-xau.m4]) -m4_include([cf/crypto.m4]) -m4_include([cf/db.m4]) -m4_include([cf/destdirs.m4]) -m4_include([cf/dlopen.m4]) -m4_include([cf/find-func-no-libs.m4]) -m4_include([cf/find-func-no-libs2.m4]) -m4_include([cf/find-func.m4]) -m4_include([cf/find-if-not-broken.m4]) -m4_include([cf/framework-security.m4]) -m4_include([cf/have-struct-field.m4]) -m4_include([cf/have-type.m4]) -m4_include([cf/irix.m4]) -m4_include([cf/krb-bigendian.m4]) -m4_include([cf/krb-func-getlogin.m4]) -m4_include([cf/krb-ipv6.m4]) -m4_include([cf/krb-prog-ln-s.m4]) -m4_include([cf/krb-readline.m4]) -m4_include([cf/krb-struct-spwd.m4]) -m4_include([cf/krb-struct-winsize.m4]) -m4_include([cf/largefile.m4]) -m4_include([cf/mips-abi.m4]) -m4_include([cf/misc.m4]) -m4_include([cf/need-proto.m4]) -m4_include([cf/osfc2.m4]) -m4_include([cf/otp.m4]) -m4_include([cf/proto-compat.m4]) -m4_include([cf/pthreads.m4]) -m4_include([cf/resolv.m4]) -m4_include([cf/retsigtype.m4]) -m4_include([cf/roken-frag.m4]) -m4_include([cf/socket-wrapper.m4]) -m4_include([cf/sunos.m4]) -m4_include([cf/telnet.m4]) -m4_include([cf/test-package.m4]) -m4_include([cf/version-script.m4]) -m4_include([cf/wflags.m4]) -m4_include([cf/win32.m4]) -m4_include([cf/with-all.m4]) -m4_include([acinclude.m4]) diff --git a/crypto/heimdal/admin/ChangeLog b/crypto/heimdal/admin/ChangeLog deleted file mode 100644 index 6587240f60cd..000000000000 --- a/crypto/heimdal/admin/ChangeLog +++ /dev/null @@ -1,70 +0,0 @@ -2006-10-07 Love Hörnquist Åstrand - - * Makefile.am: Add man_MANS to EXTRA_DIST - - * Makefile.am: split build files into dist_ and noinst_ SOURCES - -2005-07-07 Love Hörnquist Åstrand - - * ktutil.c: rename optind to optidx - - * list.c: make a copy of realm and admin_server to avoid - un-consting avoid shadowing - - * get.c: make a copy of realm and admin_server to avoid - un-consting avoid shadowing - - * change.c (change_entry): just use global context to avoid - shadowing; make a copy of realm and admin_server to avoid - un-consting. - -2005-05-19 Love Hörnquist Åstrand - - * change.c (kt_change): plug memory leak from - krb5_kt_remove_entry, print principal on error. - -2005-05-02 Dave Love - - * ktutil.c (help): Don't use non-constant initializer for `fake'. - -2005-04-15 Love Hörnquist Åstrand - - * ktutil_locl.h: include - -2005-04-14 Love Hörnquist Åstrand - - * add.c: add option -H --hex to the add command - - * ktutil-commands.in: add option -H --hex to the add command - - * ktutil.8: document option -H --hex to the add command - -2004-09-29 Love Hörnquist Åstrand - - * list.c: un c99'ify, from Anders.Magnusson@ltu.se - -2004-09-23 Johan Danielsson - - * purge.c: convert to slc; don't purge keys older that a certain - time, instead purge keys that have newer versions that are at - least a certain age - - * rename.c: convert to slc - - * remove.c: convert to slc - - * get.c: convert to slc; warn if resetting disallow-all-tix - - * copy.c: convert to slc - - * change.c: convert to slc - - * add.c: convert to slc - - * list.c: convert to slc - - * ktutil_locl.h: convert to slc - - * ktutil.c: convert to slc - - * ktutil-commands.in: slc source file diff --git a/crypto/heimdal/admin/Makefile.am b/crypto/heimdal/admin/Makefile.am deleted file mode 100644 index 8c679e1d4635..000000000000 --- a/crypto/heimdal/admin/Makefile.am +++ /dev/null @@ -1,44 +0,0 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_readline) $(INCLUDE_hcrypto) - -SLC = $(top_builddir)/lib/sl/slc - -man_MANS = ktutil.8 - -sbin_PROGRAMS = ktutil - -dist_ktutil_SOURCES = \ - add.c \ - change.c \ - copy.c \ - get.c \ - ktutil.c \ - ktutil_locl.h \ - list.c \ - purge.c \ - remove.c \ - rename.c - -nodist_ktutil_SOURCES = \ - ktutil-commands.c - -$(ktutil_OBJECTS): ktutil-commands.h - -CLEANFILES = ktutil-commands.h ktutil-commands.c - -ktutil-commands.c ktutil-commands.h: ktutil-commands.in - $(SLC) $(srcdir)/ktutil-commands.in - -LDADD = \ - $(top_builddir)/lib/kadm5/libkadm5clnt.la \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(top_builddir)/lib/sl/libsl.la \ - $(LIB_readline) \ - $(LIB_roken) - -EXTRA_DIST = $(man_MANS) ktutil-commands.in diff --git a/crypto/heimdal/admin/Makefile.in b/crypto/heimdal/admin/Makefile.in deleted file mode 100644 index b8fc3fd728a7..000000000000 --- a/crypto/heimdal/admin/Makefile.in +++ /dev/null @@ -1,867 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog -sbin_PROGRAMS = ktutil$(EXEEXT) -subdir = admin -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)" -sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(sbin_PROGRAMS) -dist_ktutil_OBJECTS = add.$(OBJEXT) change.$(OBJEXT) copy.$(OBJEXT) \ - get.$(OBJEXT) ktutil.$(OBJEXT) list.$(OBJEXT) purge.$(OBJEXT) \ - remove.$(OBJEXT) rename.$(OBJEXT) -nodist_ktutil_OBJECTS = ktutil-commands.$(OBJEXT) -ktutil_OBJECTS = $(dist_ktutil_OBJECTS) $(nodist_ktutil_OBJECTS) -ktutil_LDADD = $(LDADD) -am__DEPENDENCIES_1 = -ktutil_DEPENDENCIES = $(top_builddir)/lib/kadm5/libkadm5clnt.la \ - $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(top_builddir)/lib/sl/libsl.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(dist_ktutil_SOURCES) $(nodist_ktutil_SOURCES) -DIST_SOURCES = $(dist_ktutil_SOURCES) -man8dir = $(mandir)/man8 -MANS = $(man_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_readline) $(INCLUDE_hcrypto) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -SLC = $(top_builddir)/lib/sl/slc -man_MANS = ktutil.8 -dist_ktutil_SOURCES = \ - add.c \ - change.c \ - copy.c \ - get.c \ - ktutil.c \ - ktutil_locl.h \ - list.c \ - purge.c \ - remove.c \ - rename.c - -nodist_ktutil_SOURCES = \ - ktutil-commands.c - -CLEANFILES = ktutil-commands.h ktutil-commands.c -LDADD = \ - $(top_builddir)/lib/kadm5/libkadm5clnt.la \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(top_builddir)/lib/sl/libsl.la \ - $(LIB_readline) \ - $(LIB_roken) - -EXTRA_DIST = $(man_MANS) ktutil-commands.in -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps admin/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps admin/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-sbinPROGRAMS: $(sbin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(sbindir)" || $(MKDIR_P) "$(DESTDIR)$(sbindir)" - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-sbinPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(sbindir)/$$f'"; \ - rm -f "$(DESTDIR)$(sbindir)/$$f"; \ - done - -clean-sbinPROGRAMS: - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -ktutil$(EXEEXT): $(ktutil_OBJECTS) $(ktutil_DEPENDENCIES) - @rm -f ktutil$(EXEEXT) - $(LINK) $(ktutil_OBJECTS) $(ktutil_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man8: $(man8_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(PROGRAMS) $(MANS) all-local -installdirs: - for dir in "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool clean-sbinPROGRAMS \ - mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-sbinPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man8 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man uninstall-sbinPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man8 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-generic clean-libtool clean-sbinPROGRAMS ctags \ - dist-hook distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am install-man \ - install-man8 install-pdf install-pdf-am install-ps \ - install-ps-am install-sbinPROGRAMS install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-hook uninstall-man \ - uninstall-man8 uninstall-sbinPROGRAMS - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -$(ktutil_OBJECTS): ktutil-commands.h - -ktutil-commands.c ktutil-commands.h: ktutil-commands.in - $(SLC) $(srcdir)/ktutil-commands.in -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/admin/add.c b/crypto/heimdal/admin/add.c deleted file mode 100644 index 1c2032095149..000000000000 --- a/crypto/heimdal/admin/add.c +++ /dev/null @@ -1,157 +0,0 @@ -/* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ktutil_locl.h" - -RCSID("$Id: add.c 14793 2005-04-14 16:45:14Z lha $"); - -static char * -readstring(const char *prompt, char *buf, size_t len) -{ - printf("%s", prompt); - if (fgets(buf, len, stdin) == NULL) - return NULL; - buf[strcspn(buf, "\r\n")] = '\0'; - return buf; -} - -int -kt_add(struct add_options *opt, int argc, char **argv) -{ - krb5_error_code ret; - krb5_keytab keytab; - krb5_keytab_entry entry; - char buf[1024]; - krb5_enctype enctype; - - if((keytab = ktutil_open_keytab()) == NULL) - return 1; - - memset(&entry, 0, sizeof(entry)); - if(opt->principal_string == NULL) { - if(readstring("Principal: ", buf, sizeof(buf)) == NULL) - return 1; - opt->principal_string = buf; - } - ret = krb5_parse_name(context, opt->principal_string, &entry.principal); - if(ret) { - krb5_warn(context, ret, "%s", opt->principal_string); - goto out; - } - if(opt->enctype_string == NULL) { - if(readstring("Encryption type: ", buf, sizeof(buf)) == NULL) { - ret = 1; - goto out; - } - opt->enctype_string = buf; - } - ret = krb5_string_to_enctype(context, opt->enctype_string, &enctype); - if(ret) { - int t; - if(sscanf(opt->enctype_string, "%d", &t) == 1) - enctype = t; - else { - krb5_warn(context, ret, "%s", opt->enctype_string); - goto out; - } - } - if(opt->kvno_integer == -1) { - if(readstring("Key version: ", buf, sizeof(buf)) == NULL) { - ret = 1; - goto out; - } - if(sscanf(buf, "%u", &opt->kvno_integer) != 1) - goto out; - } - if(opt->password_string == NULL && opt->random_flag == 0) { - if(UI_UTIL_read_pw_string(buf, sizeof(buf), "Password: ", 1)) { - ret = 1; - goto out; - } - opt->password_string = buf; - } - if(opt->password_string) { - if (opt->hex_flag) { - size_t len; - void *data; - - len = (strlen(opt->password_string) + 1) / 2; - - data = malloc(len); - if (data == NULL) { - krb5_warn(context, ENOMEM, "malloc"); - goto out; - } - - if (hex_decode(opt->password_string, data, len) != len) { - free(data); - krb5_warn(context, ENOMEM, "hex decode failed"); - goto out; - } - - ret = krb5_keyblock_init(context, enctype, - data, len, &entry.keyblock); - free(data); - } else if (!opt->salt_flag) { - krb5_salt salt; - krb5_data pw; - - salt.salttype = KRB5_PW_SALT; - salt.saltvalue.data = NULL; - salt.saltvalue.length = 0; - pw.data = (void*)opt->password_string; - pw.length = strlen(opt->password_string); - ret = krb5_string_to_key_data_salt(context, enctype, pw, salt, - &entry.keyblock); - } else { - ret = krb5_string_to_key(context, enctype, opt->password_string, - entry.principal, &entry.keyblock); - } - memset (opt->password_string, 0, strlen(opt->password_string)); - } else { - ret = krb5_generate_random_keyblock(context, enctype, &entry.keyblock); - } - if(ret) { - krb5_warn(context, ret, "add"); - goto out; - } - entry.vno = opt->kvno_integer; - entry.timestamp = time (NULL); - ret = krb5_kt_add_entry(context, keytab, &entry); - if(ret) - krb5_warn(context, ret, "add"); - out: - krb5_kt_free_entry(context, &entry); - krb5_kt_close(context, keytab); - return ret != 0; -} diff --git a/crypto/heimdal/admin/change.c b/crypto/heimdal/admin/change.c deleted file mode 100644 index 01f69c41574c..000000000000 --- a/crypto/heimdal/admin/change.c +++ /dev/null @@ -1,252 +0,0 @@ -/* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ktutil_locl.h" - -RCSID("$Id: change.c 15578 2005-07-07 20:44:48Z lha $"); - -static krb5_error_code -change_entry (krb5_keytab keytab, - krb5_principal principal, krb5_kvno kvno, - const char *realm, const char *admin_server, int server_port) -{ - krb5_error_code ret; - kadm5_config_params conf; - void *kadm_handle; - char *client_name; - krb5_keyblock *keys; - int num_keys; - int i; - - ret = krb5_unparse_name (context, principal, &client_name); - if (ret) { - krb5_warn (context, ret, "krb5_unparse_name"); - return ret; - } - - memset (&conf, 0, sizeof(conf)); - - if(realm == NULL) - realm = krb5_principal_get_realm(context, principal); - conf.realm = strdup(realm); - if (conf.realm == NULL) { - free (client_name); - krb5_set_error_string(context, "malloc failed"); - return ENOMEM; - } - conf.mask |= KADM5_CONFIG_REALM; - - if (admin_server) { - conf.admin_server = strdup(admin_server); - if (conf.admin_server == NULL) { - free(client_name); - free(conf.realm); - krb5_set_error_string(context, "malloc failed"); - return ENOMEM; - } - conf.mask |= KADM5_CONFIG_ADMIN_SERVER; - } - - if (server_port) { - conf.kadmind_port = htons(server_port); - conf.mask |= KADM5_CONFIG_KADMIND_PORT; - } - - ret = kadm5_init_with_skey_ctx (context, - client_name, - keytab_string, - KADM5_ADMIN_SERVICE, - &conf, 0, 0, - &kadm_handle); - free(conf.admin_server); - free(conf.realm); - if (ret) { - krb5_warn (context, ret, - "kadm5_c_init_with_skey_ctx: %s:", client_name); - free (client_name); - return ret; - } - ret = kadm5_randkey_principal (kadm_handle, principal, &keys, &num_keys); - kadm5_destroy (kadm_handle); - if (ret) { - krb5_warn(context, ret, "kadm5_randkey_principal: %s:", client_name); - free (client_name); - return ret; - } - free (client_name); - for (i = 0; i < num_keys; ++i) { - krb5_keytab_entry new_entry; - - new_entry.principal = principal; - new_entry.timestamp = time (NULL); - new_entry.vno = kvno + 1; - new_entry.keyblock = keys[i]; - - ret = krb5_kt_add_entry (context, keytab, &new_entry); - if (ret) - krb5_warn (context, ret, "krb5_kt_add_entry"); - krb5_free_keyblock_contents (context, &keys[i]); - } - return ret; -} - -/* - * loop over all the entries in the keytab (or those given) and change - * their keys, writing the new keys - */ - -struct change_set { - krb5_principal principal; - krb5_kvno kvno; -}; - -int -kt_change (struct change_options *opt, int argc, char **argv) -{ - krb5_error_code ret; - krb5_keytab keytab; - krb5_kt_cursor cursor; - krb5_keytab_entry entry; - int i, j, max; - struct change_set *changeset; - int errors = 0; - - if((keytab = ktutil_open_keytab()) == NULL) - return 1; - - j = 0; - max = 0; - changeset = NULL; - - ret = krb5_kt_start_seq_get(context, keytab, &cursor); - if(ret){ - krb5_warn(context, ret, "%s", keytab_string); - goto out; - } - - while((ret = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0) { - int add = 0; - - for (i = 0; i < j; ++i) { - if (krb5_principal_compare (context, changeset[i].principal, - entry.principal)) { - if (changeset[i].kvno < entry.vno) - changeset[i].kvno = entry.vno; - break; - } - } - if (i < j) { - krb5_kt_free_entry (context, &entry); - continue; - } - - if (argc == 0) { - add = 1; - } else { - for (i = 0; i < argc; ++i) { - krb5_principal princ; - - ret = krb5_parse_name (context, argv[i], &princ); - if (ret) { - krb5_warn (context, ret, "%s", argv[i]); - continue; - } - if (krb5_principal_compare (context, princ, entry.principal)) - add = 1; - - krb5_free_principal (context, princ); - } - } - - if (add) { - if (j >= max) { - void *tmp; - - max = max(max * 2, 1); - tmp = realloc (changeset, max * sizeof(*changeset)); - if (tmp == NULL) { - krb5_kt_free_entry (context, &entry); - krb5_warnx (context, "realloc: out of memory"); - ret = ENOMEM; - break; - } - changeset = tmp; - } - ret = krb5_copy_principal (context, entry.principal, - &changeset[j].principal); - if (ret) { - krb5_warn (context, ret, "krb5_copy_principal"); - krb5_kt_free_entry (context, &entry); - break; - } - changeset[j].kvno = entry.vno; - ++j; - } - krb5_kt_free_entry (context, &entry); - } - krb5_kt_end_seq_get(context, keytab, &cursor); - - if (ret == KRB5_KT_END) { - ret = 0; - for (i = 0; i < j; i++) { - if (verbose_flag) { - char *client_name; - - ret = krb5_unparse_name (context, changeset[i].principal, - &client_name); - if (ret) { - krb5_warn (context, ret, "krb5_unparse_name"); - } else { - printf("Changing %s kvno %d\n", - client_name, changeset[i].kvno); - free(client_name); - } - } - ret = change_entry (keytab, - changeset[i].principal, changeset[i].kvno, - opt->realm_string, - opt->admin_server_string, - opt->server_port_integer); - if (ret != 0) - errors = 1; - } - } else - errors = 1; - for (i = 0; i < j; i++) - krb5_free_principal (context, changeset[i].principal); - free (changeset); - - out: - krb5_kt_close(context, keytab); - return errors; -} diff --git a/crypto/heimdal/admin/copy.c b/crypto/heimdal/admin/copy.c deleted file mode 100644 index 83b65b61a0a3..000000000000 --- a/crypto/heimdal/admin/copy.c +++ /dev/null @@ -1,175 +0,0 @@ -/* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ktutil_locl.h" - -RCSID("$Id: copy.c 14260 2004-09-23 14:45:29Z joda $"); - - -static krb5_boolean -compare_keyblock(const krb5_keyblock *a, const krb5_keyblock *b) -{ - if(a->keytype != b->keytype || - a->keyvalue.length != b->keyvalue.length || - memcmp(a->keyvalue.data, b->keyvalue.data, a->keyvalue.length) != 0) - return FALSE; - return TRUE; -} - -static int -kt_copy_int (const char *from, const char *to) -{ - krb5_error_code ret; - krb5_keytab src_keytab, dst_keytab; - krb5_kt_cursor cursor; - krb5_keytab_entry entry, dummy; - - ret = krb5_kt_resolve (context, from, &src_keytab); - if (ret) { - krb5_warn (context, ret, "resolving src keytab `%s'", from); - return 1; - } - - ret = krb5_kt_resolve (context, to, &dst_keytab); - if (ret) { - krb5_kt_close (context, src_keytab); - krb5_warn (context, ret, "resolving dst keytab `%s'", to); - return 1; - } - - ret = krb5_kt_start_seq_get (context, src_keytab, &cursor); - if (ret) { - krb5_warn (context, ret, "krb5_kt_start_seq_get %s", keytab_string); - goto out; - } - - if (verbose_flag) - fprintf(stderr, "copying %s to %s\n", from, to); - - while((ret = krb5_kt_next_entry(context, src_keytab, - &entry, &cursor)) == 0) { - char *name_str; - char *etype_str; - ret = krb5_unparse_name (context, entry.principal, &name_str); - if(ret) { - krb5_warn(context, ret, "krb5_unparse_name"); - name_str = NULL; /* XXX */ - } - ret = krb5_enctype_to_string(context, entry.keyblock.keytype, &etype_str); - if(ret) { - krb5_warn(context, ret, "krb5_enctype_to_string"); - etype_str = NULL; /* XXX */ - } - ret = krb5_kt_get_entry(context, dst_keytab, - entry.principal, - entry.vno, - entry.keyblock.keytype, - &dummy); - if(ret == 0) { - /* this entry is already in the new keytab, so no need to - copy it; if the keyblocks are not the same, something - is weird, so complain about that */ - if(!compare_keyblock(&entry.keyblock, &dummy.keyblock)) { - krb5_warnx(context, "entry with different keyvalue " - "already exists for %s, keytype %s, kvno %d", - name_str, etype_str, entry.vno); - } - krb5_kt_free_entry(context, &dummy); - krb5_kt_free_entry (context, &entry); - free(name_str); - free(etype_str); - continue; - } else if(ret != KRB5_KT_NOTFOUND) { - krb5_warn (context, ret, "%s: fetching %s/%s/%u", - to, name_str, etype_str, entry.vno); - krb5_kt_free_entry (context, &entry); - free(name_str); - free(etype_str); - break; - } - if (verbose_flag) - fprintf (stderr, "copying %s, keytype %s, kvno %d\n", name_str, - etype_str, entry.vno); - ret = krb5_kt_add_entry (context, dst_keytab, &entry); - krb5_kt_free_entry (context, &entry); - if (ret) { - krb5_warn (context, ret, "%s: adding %s/%s/%u", - to, name_str, etype_str, entry.vno); - free(name_str); - free(etype_str); - break; - } - free(name_str); - free(etype_str); - } - krb5_kt_end_seq_get (context, src_keytab, &cursor); - - out: - krb5_kt_close (context, src_keytab); - krb5_kt_close (context, dst_keytab); - return ret != 0; -} - -int -kt_copy (void *opt, int argc, char **argv) -{ - return kt_copy_int(argv[0], argv[1]); -} - -int -srvconv(struct srvconvert_options *opt, int argc, char **argv) -{ - char kt4[1024], kt5[1024]; - - snprintf(kt4, sizeof(kt4), "krb4:%s", opt->srvtab_string); - - if(keytab_string != NULL) - return kt_copy_int(kt4, keytab_string); - - krb5_kt_default_modify_name(context, kt5, sizeof(kt5)); - return kt_copy_int(kt4, kt5); -} - -int -srvcreate(struct srvcreate_options *opt, int argc, char **argv) -{ - char kt4[1024], kt5[1024]; - - snprintf(kt4, sizeof(kt4), "krb4:%s", opt->srvtab_string); - - if(keytab_string != NULL) - return kt_copy_int(keytab_string, kt4); - - krb5_kt_default_name(context, kt5, sizeof(kt5)); - return kt_copy_int(kt5, kt4); -} diff --git a/crypto/heimdal/admin/get.c b/crypto/heimdal/admin/get.c deleted file mode 100644 index 7ad1fc4bc13f..000000000000 --- a/crypto/heimdal/admin/get.c +++ /dev/null @@ -1,238 +0,0 @@ -/* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ktutil_locl.h" - -RCSID("$Id: get.c 15583 2005-07-07 21:44:37Z lha $"); - -static void* -open_kadmin_connection(char *principal, - const char *realm, - char *admin_server, - int server_port) -{ - static kadm5_config_params conf; - krb5_error_code ret; - void *kadm_handle; - memset(&conf, 0, sizeof(conf)); - - if(realm) { - conf.realm = strdup(realm); - if (conf.realm == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return NULL; - } - conf.mask |= KADM5_CONFIG_REALM; - } - - if (admin_server) { - conf.admin_server = admin_server; - conf.mask |= KADM5_CONFIG_ADMIN_SERVER; - } - - if (server_port) { - conf.kadmind_port = htons(server_port); - conf.mask |= KADM5_CONFIG_KADMIND_PORT; - } - - /* should get realm from each principal, instead of doing - everything with the same (local) realm */ - - ret = kadm5_init_with_password_ctx(context, - principal, - NULL, - KADM5_ADMIN_SERVICE, - &conf, 0, 0, - &kadm_handle); - free(conf.realm); - if(ret) { - krb5_warn(context, ret, "kadm5_init_with_password"); - return NULL; - } - return kadm_handle; -} - -int -kt_get(struct get_options *opt, int argc, char **argv) -{ - krb5_error_code ret = 0; - krb5_keytab keytab; - void *kadm_handle = NULL; - krb5_enctype *etypes = NULL; - size_t netypes = 0; - int i, j; - unsigned int failed = 0; - - if((keytab = ktutil_open_keytab()) == NULL) - return 1; - - if(opt->realm_string) - krb5_set_default_realm(context, opt->realm_string); - - if (opt->enctypes_strings.num_strings != 0) { - - etypes = malloc (opt->enctypes_strings.num_strings * sizeof(*etypes)); - if (etypes == NULL) { - krb5_warnx(context, "malloc failed"); - goto out; - } - netypes = opt->enctypes_strings.num_strings; - for(i = 0; i < netypes; i++) { - ret = krb5_string_to_enctype(context, - opt->enctypes_strings.strings[i], - &etypes[i]); - if(ret) { - krb5_warnx(context, "unrecognized enctype: %s", - opt->enctypes_strings.strings[i]); - goto out; - } - } - } - - - for(i = 0; i < argc; i++){ - krb5_principal princ_ent; - kadm5_principal_ent_rec princ; - int mask = 0; - krb5_keyblock *keys; - int n_keys; - int created = 0; - krb5_keytab_entry entry; - - ret = krb5_parse_name(context, argv[i], &princ_ent); - if (ret) { - krb5_warn(context, ret, "can't parse principal %s", argv[i]); - failed++; - continue; - } - memset(&princ, 0, sizeof(princ)); - princ.principal = princ_ent; - mask |= KADM5_PRINCIPAL; - princ.attributes |= KRB5_KDB_DISALLOW_ALL_TIX; - mask |= KADM5_ATTRIBUTES; - princ.princ_expire_time = 0; - mask |= KADM5_PRINC_EXPIRE_TIME; - - if(kadm_handle == NULL) { - const char *r; - if(opt->realm_string != NULL) - r = opt->realm_string; - else - r = krb5_principal_get_realm(context, princ_ent); - kadm_handle = open_kadmin_connection(opt->principal_string, - r, - opt->admin_server_string, - opt->server_port_integer); - if(kadm_handle == NULL) - break; - } - - ret = kadm5_create_principal(kadm_handle, &princ, mask, "x"); - if(ret == 0) - created = 1; - else if(ret != KADM5_DUP) { - krb5_warn(context, ret, "kadm5_create_principal(%s)", argv[i]); - krb5_free_principal(context, princ_ent); - failed++; - continue; - } - ret = kadm5_randkey_principal(kadm_handle, princ_ent, &keys, &n_keys); - if (ret) { - krb5_warn(context, ret, "kadm5_randkey_principal(%s)", argv[i]); - krb5_free_principal(context, princ_ent); - failed++; - continue; - } - - ret = kadm5_get_principal(kadm_handle, princ_ent, &princ, - KADM5_PRINCIPAL | KADM5_KVNO | KADM5_ATTRIBUTES); - if (ret) { - krb5_warn(context, ret, "kadm5_get_principal(%s)", argv[i]); - for (j = 0; j < n_keys; j++) - krb5_free_keyblock_contents(context, &keys[j]); - krb5_free_principal(context, princ_ent); - failed++; - continue; - } - if(!created && (princ.attributes & KRB5_KDB_DISALLOW_ALL_TIX)) - krb5_warnx(context, "%s: disallow-all-tix flag set - clearing", argv[i]); - princ.attributes &= (~KRB5_KDB_DISALLOW_ALL_TIX); - mask = KADM5_ATTRIBUTES; - if(created) { - princ.kvno = 1; - mask |= KADM5_KVNO; - } - ret = kadm5_modify_principal(kadm_handle, &princ, mask); - if (ret) { - krb5_warn(context, ret, "kadm5_modify_principal(%s)", argv[i]); - for (j = 0; j < n_keys; j++) - krb5_free_keyblock_contents(context, &keys[j]); - krb5_free_principal(context, princ_ent); - failed++; - continue; - } - for(j = 0; j < n_keys; j++) { - int do_add = TRUE; - - if (netypes) { - int k; - - do_add = FALSE; - for (k = 0; k < netypes; ++k) - if (keys[j].keytype == etypes[k]) { - do_add = TRUE; - break; - } - } - if (do_add) { - entry.principal = princ_ent; - entry.vno = princ.kvno; - entry.keyblock = keys[j]; - entry.timestamp = time (NULL); - ret = krb5_kt_add_entry(context, keytab, &entry); - if (ret) - krb5_warn(context, ret, "krb5_kt_add_entry"); - } - krb5_free_keyblock_contents(context, &keys[j]); - } - - kadm5_free_principal_ent(kadm_handle, &princ); - krb5_free_principal(context, princ_ent); - } - out: - free(etypes); - if (kadm_handle) - kadm5_destroy(kadm_handle); - krb5_kt_close(context, keytab); - return ret != 0 || failed > 0; -} diff --git a/crypto/heimdal/admin/ktutil-commands.in b/crypto/heimdal/admin/ktutil-commands.in deleted file mode 100644 index fc5d1bf2e159..000000000000 --- a/crypto/heimdal/admin/ktutil-commands.in +++ /dev/null @@ -1,266 +0,0 @@ -/* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $Id: ktutil-commands.in 14793 2005-04-14 16:45:14Z lha $ */ - -command = { - name = "add" - option = { - long = "principal" - short = "p" - type = "string" - help = "principal to add" - argument = "principal" - default = "" - } - option = { - long = "kvno" - short = "V" - type = "integer" - help = "key version number" - default = "-1" - } - option = { - long = "enctype" - short = "e" - type = "string" - argument = "enctype" - help = "encryption type" - } - option = { - long = "password" - short = "w" - type = "string" - help = "password for key" - } - option = { - long = "salt" - short = "s" - type = "-flag" - help = "use unsalted keys" - default = "1" - } - option = { - long = "random" - short = "r" - type = "flag" - help = "generate random key" - } - option = { - long = "hex" - short = "H" - type = "flag" - help = "password is a hexadecimal string" - } - function = "kt_add" - help = "Adds a key to a keytab." - max_args = "0" -} -command = { - name = "change" - option = { - long = "realm" - short = "r" - type = "string" - argument = "realm" - help = "realm to use" - } - option = { - long = "admin-server" - short = "a" - type = "string" - argument = "host" - help = "server to contact" - } - option = { - long = "server-port" - short = "s" - type = "integer" - argument = "port number" - help = "port number on server" - } - function = "kt_change" - argument = "[principal...]" - help = "Change keys for specified principals (default all)." -} -command = { - name = "copy" - function = "kt_copy" - argument = "source destination" - min_args = "2" - max_args = "2" - help = "Copies one keytab to another." -} -command = { - name = "get" - option = { - long = "principal" - short = "p" - type = "string" - help = "admin principal" - argument = "principal" - } - option = { - long = "enctypes" - short = "e" - type = "strings" - help = "encryption types to use" - argument = "enctype" - } - option = { - long = "realm" - short = "r" - type = "string" - argument = "realm" - help = "realm to use" - } - option = { - long = "admin-server" - short = "a" - type = "string" - argument = "host" - help = "server to contact" - } - option = { - long = "server-port" - short = "s" - type = "integer" - argument = "port number" - help = "port number on server" - } - function = "kt_get" - min_args = "1" - argument = "principal..." - help = "Change keys for specified principals, and add them to the keytab." -} -command = { - name = "list" - option = { - long = "keys" - type = "flag" - help = "show key values" - } - option = { - long = "timestamp" - type = "flag" - help = "show timestamps" - } - max_args = "0" - function = "kt_list" - help = "Show contents of keytab." -} -command = { - name = "purge" - option = { - long = "age" - type = "string" - help = "age to retiere" - default = "1 week"; - argument = "time" - } - max_args = "0" - function = "kt_purge" - help = "Remove superceded keys from keytab." -} -command = { - name = "remove" - name = "delete" - option = { - long = "principal" - short = "p" - type = "string" - help = "principal to remove" - argument = "principal" - } - option = { - long = "kvno" - short = "V" - type = "integer" - help = "key version to remove" - argument = "enctype" - default = "0" - } - option = { - long = "enctype" - short = "e" - type = "string" - help = "enctype to remove" - argument = "enctype" - } - max_args = "0" - function = "kt_remove" - help = "Remove keys from keytab." -} -command = { - name = "rename" - function = "kt_rename" - argument = "from to" - min_args = "2" - max_args = "2" - help = "Renames an entry in the keytab." -} -command = { - name = "srvconvert" - name = "srv2keytab" - option = { - long = "srvtab" - short = "s" - type = "string" - argument = "file" - help = "name of Kerberos 4 srvtab" - default = "/etc/srvtab" - } - max_args = "0" - function = "srvconv" - help = "Convert a Kerberos 4 srvtab to a keytab." -} -command = { - name = "srvcreate" - name = "key2srvtab" - option = { - long = "srvtab" - short = "s" - type = "string" - argument = "file" - help = "name of Kerberos 4 srvtab" - default = "/etc/srvtab" - } - max_args = "0" - function = "srvcreate" - help = "Convert a keytab to a Kerberos 4 srvtab." -} -command = { - name = "help" - argument = "command" - max_args = "1" - function = "help" -} diff --git a/crypto/heimdal/admin/ktutil.8 b/crypto/heimdal/admin/ktutil.8 deleted file mode 100644 index 15523b433721..000000000000 --- a/crypto/heimdal/admin/ktutil.8 +++ /dev/null @@ -1,196 +0,0 @@ -.\" Copyright (c) 1997-2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: ktutil.8 14792 2005-04-14 16:43:57Z lha $ -.\" -.Dd April 14, 2005 -.Dt KTUTIL 8 -.Os HEIMDAL -.Sh NAME -.Nm ktutil -.Nd manage Kerberos keytabs -.Sh SYNOPSIS -.Nm -.Oo Fl k Ar keytab \*(Ba Xo -.Fl -keytab= Ns Ar keytab -.Xc -.Oc -.Op Fl v | Fl -verbose -.Op Fl -version -.Op Fl h | Fl -help -.Ar command -.Op Ar args -.Sh DESCRIPTION -.Nm -is a program for managing keytabs. -Supported options: -.Bl -tag -width Ds -.It Xo -.Fl v , -.Fl -verbose -.Xc -Verbose output. -.El -.Pp -.Ar command -can be one of the following: -.Bl -tag -width srvconvert -.It add Xo -.Op Fl p Ar principal -.Op Fl -principal= Ns Ar principal -.Op Fl V Ar kvno -.Op Fl -kvno= Ns Ar kvno -.Op Fl e Ar enctype -.Op Fl -enctype= Ns Ar enctype -.Op Fl w Ar password -.Op Fl -password= Ns Ar password -.Op Fl r -.Op Fl -random -.Op Fl s -.Op Fl -no-salt -.Op Fl H -.Op Fl -hex -.Xc -Adds a key to the keytab. Options that are not specified will be -prompted for. This requires that you know the password or the hex key of the -principal to add; if what you really want is to add a new principal to -the keytab, you should consider the -.Ar get -command, which talks to the kadmin server. -.It change Xo -.Op Fl r Ar realm -.Op Fl -realm= Ns Ar realm -.Op Fl -a Ar host -.Op Fl -admin-server= Ns Ar host -.Op Fl -s Ar port -.Op Fl -server-port= Ns Ar port -.Xc -Update one or several keys to new versions. By default, use the admin -server for the realm of a keytab entry. Otherwise it will use the -values specified by the options. -.Pp -If no principals are given, all the ones in the keytab are updated. -.It copy Xo -.Ar keytab-src -.Ar keytab-dest -.Xc -Copies all the entries from -.Ar keytab-src -to -.Ar keytab-dest . -.It get Xo -.Op Fl p Ar admin principal -.Op Fl -principal= Ns Ar admin principal -.Op Fl e Ar enctype -.Op Fl -enctypes= Ns Ar enctype -.Op Fl r Ar realm -.Op Fl -realm= Ns Ar realm -.Op Fl a Ar admin server -.Op Fl -admin-server= Ns Ar admin server -.Op Fl s Ar server port -.Op Fl -server-port= Ns Ar server port -.Ar principal ... -.Xc -For each -.Ar principal , -generate a new key for it (creating it if it doesn't already exist), -and put that key in the keytab. -.Pp -If no -.Ar realm -is specified, the realm to operate on is taken from the first -principal. -.It list Xo -.Op Fl -keys -.Op Fl -timestamp -.Xc -List the keys stored in the keytab. -.It remove Xo -.Op Fl p Ar principal -.Op Fl -principal= Ns Ar principal -.Op Fl V kvno -.Op Fl -kvno= Ns Ar kvno -.Op Fl e enctype -.Op Fl -enctype= Ns Ar enctype -.Xc -Removes the specified key or keys. Not specifying a -.Ar kvno -removes keys with any version number. Not specifying an -.Ar enctype -removes keys of any type. -.It rename Xo -.Ar from-principal -.Ar to-principal -.Xc -Renames all entries in the keytab that match the -.Ar from-principal -to -.Ar to-principal . -.It purge Xo -.Op Fl -age= Ns Ar age -.Xc -Removes all old versions of a key for which there is a newer version -that is at least -.Ar age -(default one week) old. -.It srvconvert -.It srv2keytab Xo -.Op Fl s Ar srvtab -.Op Fl -srvtab= Ns Ar srvtab -.Xc -Converts the version 4 srvtab in -.Ar srvtab -to a version 5 keytab and stores it in -.Ar keytab . -Identical to: -.Bd -ragged -offset indent -.Li ktutil copy -.Li krb4: Ns Ar srvtab -.Ar keytab -.Ed -.It srvcreate -.It key2srvtab Xo -.Op Fl s Ar srvtab -.Op Fl -srvtab= Ns Ar srvtab -.Xc -Converts the version 5 keytab in -.Ar keytab -to a version 4 srvtab and stores it in -.Ar srvtab . -Identical to: -.Bd -ragged -offset indent -.Li ktutil copy -.Ar keytab -.Li krb4: Ns Ar srvtab -.Ed -.El -.Sh SEE ALSO -.Xr kadmin 8 diff --git a/crypto/heimdal/admin/ktutil.c b/crypto/heimdal/admin/ktutil.c deleted file mode 100644 index dfcbbfd401fe..000000000000 --- a/crypto/heimdal/admin/ktutil.c +++ /dev/null @@ -1,174 +0,0 @@ -/* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ktutil_locl.h" -#include - -RCSID("$Id: ktutil.c 15585 2005-07-07 21:52:04Z lha $"); - -static int help_flag; -static int version_flag; -int verbose_flag; -char *keytab_string; -static char keytab_buf[256]; - -static struct getargs args[] = { - { - "version", - 0, - arg_flag, - &version_flag, - NULL, - NULL - }, - { - "help", - 'h', - arg_flag, - &help_flag, - NULL, - NULL - }, - { - "keytab", - 'k', - arg_string, - &keytab_string, - "keytab", - "keytab to operate on" - }, - { - "verbose", - 'v', - arg_flag, - &verbose_flag, - "verbose", - "run verbosely" - } -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - -krb5_context context; - -krb5_keytab -ktutil_open_keytab(void) -{ - krb5_error_code ret; - krb5_keytab keytab; - if (keytab_string == NULL) { - ret = krb5_kt_default_name (context, keytab_buf, sizeof(keytab_buf)); - if (ret) { - krb5_warn(context, ret, "krb5_kt_default_name"); - return NULL; - } - keytab_string = keytab_buf; - } - ret = krb5_kt_resolve(context, keytab_string, &keytab); - if (ret) { - krb5_warn(context, ret, "resolving keytab %s", keytab_string); - return NULL; - } - if (verbose_flag) - fprintf (stderr, "Using keytab %s\n", keytab_string); - - return keytab; -} - -int -help(void *opt, int argc, char **argv) -{ - if(argc == 0) { - sl_help(commands, 1, argv - 1 /* XXX */); - } else { - SL_cmd *c = sl_match (commands, argv[0], 0); - if(c == NULL) { - fprintf (stderr, "No such command: %s. " - "Try \"help\" for a list of commands\n", - argv[0]); - } else { - if(c->func) { - char *fake[] = { NULL, "--help", NULL }; - fake[0] = argv[0]; - (*c->func)(2, fake); - fprintf(stderr, "\n"); - } - if(c->help && *c->help) - fprintf (stderr, "%s\n", c->help); - if((++c)->name && c->func == NULL) { - int f = 0; - fprintf (stderr, "Synonyms:"); - while (c->name && c->func == NULL) { - fprintf (stderr, "%s%s", f ? ", " : " ", (c++)->name); - f = 1; - } - fprintf (stderr, "\n"); - } - } - } - return 0; -} - -static void -usage(int status) -{ - arg_printusage(args, num_args, NULL, "command"); - exit(status); -} - -int -main(int argc, char **argv) -{ - int optidx = 0; - krb5_error_code ret; - setprogname(argv[0]); - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - if(getarg(args, num_args, argc, argv, &optidx)) - usage(1); - if(help_flag) - usage(0); - if(version_flag) { - print_version(NULL); - exit(0); - } - argc -= optidx; - argv += optidx; - if(argc == 0) - usage(1); - ret = sl_command(commands, argc, argv); - if(ret == -1) - krb5_warnx (context, "unrecognized command: %s", argv[0]); - return ret; -} diff --git a/crypto/heimdal/admin/ktutil_locl.h b/crypto/heimdal/admin/ktutil_locl.h deleted file mode 100644 index 676f27b5f377..000000000000 --- a/crypto/heimdal/admin/ktutil_locl.h +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * $Id: ktutil_locl.h 14799 2005-04-15 05:02:39Z lha $ - */ - -#ifndef __KTUTIL_LOCL_H__ -#define __KTUTIL_LOCL_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#include -#include - -#include "crypto-headers.h" -#include -#include -#include - -#include -#include -#include - -extern krb5_context context; - -extern int verbose_flag; -extern char *keytab_string; - -krb5_keytab ktutil_open_keytab(void); - -#include "ktutil-commands.h" - -#endif /* __KTUTIL_LOCL_H__ */ diff --git a/crypto/heimdal/admin/list.c b/crypto/heimdal/admin/list.c deleted file mode 100644 index f305ab3a8036..000000000000 --- a/crypto/heimdal/admin/list.c +++ /dev/null @@ -1,157 +0,0 @@ -/* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ktutil_locl.h" -#include - -RCSID("$Id: list.c 21745 2007-07-31 16:11:25Z lha $"); - -static int -do_list(struct list_options *opt, const char *keytab_str) -{ - krb5_error_code ret; - krb5_keytab keytab; - krb5_keytab_entry entry; - krb5_kt_cursor cursor; - rtbl_t table; - - /* XXX specialcase the ANY type */ - if(strncasecmp(keytab_str, "ANY:", 4) == 0) { - int flag = 0; - char buf[1024]; - keytab_str += 4; - ret = 0; - while (strsep_copy((const char**)&keytab_str, ",", - buf, sizeof(buf)) != -1) { - if(flag) - printf("\n"); - if(do_list(opt, buf)) - ret = 1; - flag = 1; - } - return ret; - } - - ret = krb5_kt_resolve(context, keytab_str, &keytab); - if (ret) { - krb5_warn(context, ret, "resolving keytab %s", keytab_str); - return ret; - } - - ret = krb5_kt_start_seq_get(context, keytab, &cursor); - if(ret) { - krb5_warn(context, ret, "krb5_kt_start_seq_get %s", keytab_str); - krb5_kt_close(context, keytab); - return ret; - } - - printf ("%s:\n\n", keytab_str); - - table = rtbl_create(); - rtbl_add_column_by_id(table, 0, "Vno", RTBL_ALIGN_RIGHT); - rtbl_add_column_by_id(table, 1, "Type", 0); - rtbl_add_column_by_id(table, 2, "Principal", 0); - if (opt->timestamp_flag) - rtbl_add_column_by_id(table, 3, "Date", 0); - if(opt->keys_flag) - rtbl_add_column_by_id(table, 4, "Key", 0); - rtbl_set_separator(table, " "); - - while((ret = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0){ - char buf[1024], *s; - - snprintf(buf, sizeof(buf), "%d", entry.vno); - rtbl_add_column_entry_by_id(table, 0, buf); - - ret = krb5_enctype_to_string(context, - entry.keyblock.keytype, &s); - if (ret != 0) { - snprintf(buf, sizeof(buf), "unknown (%d)", entry.keyblock.keytype); - rtbl_add_column_entry_by_id(table, 1, buf); - } else { - rtbl_add_column_entry_by_id(table, 1, s); - free(s); - } - - krb5_unparse_name_fixed(context, entry.principal, buf, sizeof(buf)); - rtbl_add_column_entry_by_id(table, 2, buf); - - if (opt->timestamp_flag) { - krb5_format_time(context, entry.timestamp, buf, - sizeof(buf), FALSE); - rtbl_add_column_entry_by_id(table, 3, buf); - } - if(opt->keys_flag) { - int i; - s = malloc(2 * entry.keyblock.keyvalue.length + 1); - if (s == NULL) { - krb5_warnx(context, "malloc failed"); - ret = ENOMEM; - goto out; - } - for(i = 0; i < entry.keyblock.keyvalue.length; i++) - snprintf(s + 2 * i, 3, "%02x", - ((unsigned char*)entry.keyblock.keyvalue.data)[i]); - rtbl_add_column_entry_by_id(table, 4, s); - free(s); - } - krb5_kt_free_entry(context, &entry); - } - ret = krb5_kt_end_seq_get(context, keytab, &cursor); - rtbl_format(table, stdout); - -out: - rtbl_destroy(table); - - krb5_kt_close(context, keytab); - return ret; -} - -int -kt_list(struct list_options *opt, int argc, char **argv) -{ - krb5_error_code ret; - char kt[1024]; - - if(verbose_flag) - opt->timestamp_flag = 1; - - if (keytab_string == NULL) { - if((ret = krb5_kt_default_name(context, kt, sizeof(kt))) != 0) { - krb5_warn(context, ret, "getting default keytab name"); - return 1; - } - keytab_string = kt; - } - return do_list(opt, keytab_string) != 0; -} diff --git a/crypto/heimdal/admin/purge.c b/crypto/heimdal/admin/purge.c deleted file mode 100644 index e928c3e22d57..000000000000 --- a/crypto/heimdal/admin/purge.c +++ /dev/null @@ -1,172 +0,0 @@ -/* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ktutil_locl.h" - -RCSID("$Id: purge.c 14261 2004-09-23 14:46:43Z joda $"); - -/* - * keep track of the highest version for every principal. - */ - -struct e { - krb5_principal principal; - int max_vno; - time_t timestamp; - struct e *next; -}; - -static struct e * -get_entry (krb5_principal princ, struct e *head) -{ - struct e *e; - - for (e = head; e != NULL; e = e->next) - if (krb5_principal_compare (context, princ, e->principal)) - return e; - return NULL; -} - -static void -add_entry (krb5_principal princ, int vno, time_t timestamp, struct e **head) -{ - krb5_error_code ret; - struct e *e; - - e = get_entry (princ, *head); - if (e != NULL) { - if(e->max_vno < vno) { - e->max_vno = vno; - e->timestamp = timestamp; - } - return; - } - e = malloc (sizeof (*e)); - if (e == NULL) - krb5_errx (context, 1, "malloc: out of memory"); - ret = krb5_copy_principal (context, princ, &e->principal); - if (ret) - krb5_err (context, 1, ret, "krb5_copy_principal"); - e->max_vno = vno; - e->timestamp = timestamp; - e->next = *head; - *head = e; -} - -static void -delete_list (struct e *head) -{ - while (head != NULL) { - struct e *next = head->next; - krb5_free_principal (context, head->principal); - free (head); - head = next; - } -} - -/* - * Remove all entries that have newer versions and that are older - * than `age' - */ - -int -kt_purge(struct purge_options *opt, int argc, char **argv) -{ - krb5_error_code ret = 0; - krb5_kt_cursor cursor; - krb5_keytab keytab; - krb5_keytab_entry entry; - int age; - struct e *head = NULL; - time_t judgement_day; - - age = parse_time(opt->age_string, "s"); - if(age < 0) { - krb5_warnx(context, "unparasable time `%s'", opt->age_string); - return 1; - } - - if((keytab = ktutil_open_keytab()) == NULL) - return 1; - - ret = krb5_kt_start_seq_get(context, keytab, &cursor); - if(ret){ - krb5_warn(context, ret, "%s", keytab_string); - goto out; - } - - while((ret = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0) { - add_entry (entry.principal, entry.vno, entry.timestamp, &head); - krb5_kt_free_entry(context, &entry); - } - ret = krb5_kt_end_seq_get(context, keytab, &cursor); - - judgement_day = time (NULL); - - ret = krb5_kt_start_seq_get(context, keytab, &cursor); - if(ret){ - krb5_warn(context, ret, "%s", keytab_string); - goto out; - } - - while((ret = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0) { - struct e *e = get_entry (entry.principal, head); - - if (e == NULL) { - krb5_warnx (context, "ignoring extra entry"); - continue; - } - - if (entry.vno < e->max_vno - && judgement_day - e->timestamp > age) { - if (verbose_flag) { - char *name_str; - - krb5_unparse_name (context, entry.principal, &name_str); - printf ("removing %s vno %d\n", name_str, entry.vno); - free (name_str); - } - ret = krb5_kt_remove_entry (context, keytab, &entry); - if (ret) - krb5_warn (context, ret, "remove"); - } - krb5_kt_free_entry(context, &entry); - } - ret = krb5_kt_end_seq_get(context, keytab, &cursor); - - delete_list (head); - - out: - krb5_kt_close (context, keytab); - return ret != 0; -} diff --git a/crypto/heimdal/admin/remove.c b/crypto/heimdal/admin/remove.c deleted file mode 100644 index 15f88cfee663..000000000000 --- a/crypto/heimdal/admin/remove.c +++ /dev/null @@ -1,93 +0,0 @@ -/* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ktutil_locl.h" - -RCSID("$Id: remove.c 17004 2006-04-07 13:06:37Z lha $"); - -int -kt_remove(struct remove_options *opt, int argc, char **argv) -{ - krb5_error_code ret = 0; - krb5_keytab_entry entry; - krb5_keytab keytab; - krb5_principal principal = NULL; - krb5_enctype enctype = 0; - - if(opt->principal_string) { - ret = krb5_parse_name(context, opt->principal_string, &principal); - if(ret) { - krb5_warn(context, ret, "%s", opt->principal_string); - return 1; - } - } - if(opt->enctype_string) { - ret = krb5_string_to_enctype(context, opt->enctype_string, &enctype); - if(ret) { - int t; - if(sscanf(opt->enctype_string, "%d", &t) == 1) - enctype = t; - else { - krb5_warn(context, ret, "%s", opt->enctype_string); - if(principal) - krb5_free_principal(context, principal); - return 1; - } - } - } - if (!principal && !enctype && !opt->kvno_integer) { - krb5_warnx(context, - "You must give at least one of " - "principal, enctype or kvno."); - ret = EINVAL; - goto out; - } - - if((keytab = ktutil_open_keytab()) == NULL) { - ret = 1; - goto out; - } - - entry.principal = principal; - entry.keyblock.keytype = enctype; - entry.vno = opt->kvno_integer; - ret = krb5_kt_remove_entry(context, keytab, &entry); - krb5_kt_close(context, keytab); - if(ret) - krb5_warn(context, ret, "remove"); - out: - if(principal) - krb5_free_principal(context, principal); - return ret != 0; -} - diff --git a/crypto/heimdal/admin/rename.c b/crypto/heimdal/admin/rename.c deleted file mode 100644 index aea02b07507a..000000000000 --- a/crypto/heimdal/admin/rename.c +++ /dev/null @@ -1,111 +0,0 @@ -/* - * Copyright (c) 2001-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ktutil_locl.h" - -RCSID("$Id: rename.c 14260 2004-09-23 14:45:29Z joda $"); - -int -kt_rename(void *opt, int argc, char **argv) -{ - krb5_error_code ret = 0; - krb5_keytab_entry entry; - krb5_keytab keytab; - krb5_kt_cursor cursor; - krb5_principal from_princ, to_princ; - - ret = krb5_parse_name(context, argv[0], &from_princ); - if(ret != 0) { - krb5_warn(context, ret, "%s", argv[0]); - return 1; - } - - ret = krb5_parse_name(context, argv[1], &to_princ); - if(ret != 0) { - krb5_free_principal(context, from_princ); - krb5_warn(context, ret, "%s", argv[1]); - return 1; - } - - if((keytab = ktutil_open_keytab()) == NULL) { - krb5_free_principal(context, from_princ); - krb5_free_principal(context, to_princ); - return 1; - } - - ret = krb5_kt_start_seq_get(context, keytab, &cursor); - if(ret) { - krb5_kt_close(context, keytab); - krb5_free_principal(context, from_princ); - krb5_free_principal(context, to_princ); - return 1; - } - while(1) { - ret = krb5_kt_next_entry(context, keytab, &entry, &cursor); - if(ret != 0) { - if(ret != KRB5_CC_END && ret != KRB5_KT_END) - krb5_warn(context, ret, "getting entry from keytab"); - else - ret = 0; - break; - } - if(krb5_principal_compare(context, entry.principal, from_princ)) { - krb5_free_principal(context, entry.principal); - entry.principal = to_princ; - ret = krb5_kt_add_entry(context, keytab, &entry); - if(ret) { - entry.principal = NULL; - krb5_kt_free_entry(context, &entry); - krb5_warn(context, ret, "adding entry"); - break; - } - entry.principal = from_princ; - ret = krb5_kt_remove_entry(context, keytab, &entry); - if(ret) { - entry.principal = NULL; - krb5_kt_free_entry(context, &entry); - krb5_warn(context, ret, "removing entry"); - break; - } - entry.principal = NULL; - } - krb5_kt_free_entry(context, &entry); - } - krb5_kt_end_seq_get(context, keytab, &cursor); - - krb5_free_principal(context, from_princ); - krb5_free_principal(context, to_princ); - - return ret != 0; -} - diff --git a/crypto/heimdal/appl/Makefile.am b/crypto/heimdal/appl/Makefile.am deleted file mode 100644 index 8f2670353e02..000000000000 --- a/crypto/heimdal/appl/Makefile.am +++ /dev/null @@ -1,27 +0,0 @@ -# $Id: Makefile.am 17775 2006-06-30 20:26:15Z lha $ - -include $(top_srcdir)/Makefile.am.common - -if OTP -dir_otp = otp -endif -if DCE -dir_dce = dceutils -endif -SUBDIRS = \ - afsutil \ - ftp \ - login \ - $(dir_otp) \ - gssmask \ - popper \ - push \ - rsh \ - rcp \ - su \ - xnlock \ - telnet \ - test \ - kx \ - kf \ - $(dir_dce) diff --git a/crypto/heimdal/appl/Makefile.in b/crypto/heimdal/appl/Makefile.in deleted file mode 100644 index 52834fa12dd1..000000000000 --- a/crypto/heimdal/appl/Makefile.in +++ /dev/null @@ -1,835 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 17775 2006-06-30 20:26:15Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = appl -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ - html-recursive info-recursive install-data-recursive \ - install-dvi-recursive install-exec-recursive \ - install-html-recursive install-info-recursive \ - install-pdf-recursive install-ps-recursive install-recursive \ - installcheck-recursive installdirs-recursive pdf-recursive \ - ps-recursive uninstall-recursive -RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ - distclean-recursive maintainer-clean-recursive -ETAGS = etags -CTAGS = ctags -DIST_SUBDIRS = afsutil ftp login otp gssmask popper push rsh rcp su \ - xnlock telnet test kx kf dceutils -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -@OTP_TRUE@dir_otp = otp -@DCE_TRUE@dir_dce = dceutils -SUBDIRS = \ - afsutil \ - ftp \ - login \ - $(dir_otp) \ - gssmask \ - popper \ - push \ - rsh \ - rcp \ - su \ - xnlock \ - telnet \ - test \ - kx \ - kf \ - $(dir_dce) - -all: all-recursive - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -# This directory's subdirectories are mostly independent; you can cd -# into them and run `make' without going through this Makefile. -# To change the values of `make' variables: instead of editing Makefiles, -# (1) if the variable is set in `config.status', edit `config.status' -# (which will cause the Makefiles to be regenerated when you run `make'); -# (2) otherwise, pass the desired values on the `make' command line. -$(RECURSIVE_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - target=`echo $@ | sed s/-recursive//`; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - dot_seen=yes; \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done; \ - if test "$$dot_seen" = "no"; then \ - $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ - fi; test -z "$$fail" - -$(RECURSIVE_CLEAN_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - case "$@" in \ - distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ - *) list='$(SUBDIRS)' ;; \ - esac; \ - rev=''; for subdir in $$list; do \ - if test "$$subdir" = "."; then :; else \ - rev="$$subdir $$rev"; \ - fi; \ - done; \ - rev="$$rev ."; \ - target=`echo $@ | sed s/-recursive//`; \ - for subdir in $$rev; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done && test -z "$$fail" -tags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ - done -ctags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ - include_option=--etags-include; \ - empty_fix=.; \ - else \ - include_option=--include; \ - empty_fix=; \ - fi; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test ! -f $$subdir/TAGS || \ - tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ - fi; \ - done; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test -d "$(distdir)/$$subdir" \ - || $(MKDIR_P) "$(distdir)/$$subdir" \ - || exit 1; \ - distdir=`$(am__cd) $(distdir) && pwd`; \ - top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ - (cd $$subdir && \ - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$$top_distdir" \ - distdir="$$distdir/$$subdir" \ - am__remove_distdir=: \ - am__skip_length_check=: \ - distdir) \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-recursive -all-am: Makefile all-local -installdirs: installdirs-recursive -installdirs-am: -install: install-recursive -install-exec: install-exec-recursive -install-data: install-data-recursive -uninstall: uninstall-recursive - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-recursive -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-recursive - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-recursive - -rm -f Makefile -distclean-am: clean-am distclean-generic distclean-tags - -dvi: dvi-recursive - -dvi-am: - -html: html-recursive - -info: info-recursive - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-recursive - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-recursive - -install-info: install-info-recursive - -install-man: - -install-pdf: install-pdf-recursive - -install-ps: install-ps-recursive - -installcheck-am: - -maintainer-clean: maintainer-clean-recursive - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-recursive - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-recursive - -pdf-am: - -ps: ps-recursive - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ - install-data-am install-exec-am install-strip uninstall-am - -.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ - all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool ctags ctags-recursive dist-hook \ - distclean distclean-generic distclean-libtool distclean-tags \ - distdir dvi dvi-am html html-am info info-am install \ - install-am install-data install-data-am install-data-hook \ - install-dvi install-dvi-am install-exec install-exec-am \ - install-exec-hook install-html install-html-am install-info \ - install-info-am install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs installdirs-am maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags tags-recursive \ - uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/appl/afsutil/ChangeLog b/crypto/heimdal/appl/afsutil/ChangeLog deleted file mode 100644 index c6cfd39c04db..000000000000 --- a/crypto/heimdal/appl/afsutil/ChangeLog +++ /dev/null @@ -1,125 +0,0 @@ -2007-04-11 Love Hörnquist Åstrand - - * pagsh.1,afslog.1: - options must be lexicographically ordered; - again, options without arguments must be placed before options - with arguments. - manual page cross references are done using - the macro `.Xr', not the macro `.Nm' (used for command names - instead). - - From Igor Sobrado. - -2006-10-07 Love Hörnquist Åstrand - - * Makefile.am: Add man_MANS to EXTRA_DIST - -2006-01-03 Love Hörnquist Åstrand - - * afslog.1: Document options to allow select principal or - credential cache when doing afslog. - - * afslog.c: Add options to allow select principal or credential - cache when doing afslog. - -2005-02-12 Love Hörnquist Åstrand - - * Makefile.am: man_MANS += pagsh.1 - - * pagsh.c: add --cache-type that allows the user to control the - resulting credential cache type, inherit the type from the - invoking process - - * pagsh.1: manpage for pagsh - -2004-09-03 Love Hörnquist Åstrand - - * afslog.c: use negative string help string for arg_negative_flag - Pointed out by Harald Barth - -2004-07-27 Love Hörnquist Åstrand - - * pagsh.c: use setprogname, if we stripped off -c, try use the - fallback code - -2003-10-14 Johan Danielsson - - * pagsh.c: mkstemp formats must end in exactly six X's - -2003-07-15 Love Hörnquist Åstrand - - * afslog.c (do_afslog): is cell is unset, set it "" - for error printing - - * pagsh.c: unconditionally set KRBTKFILE - -2003-04-23 Love Hörnquist Åstrand - - * afslog.c (log_func): drop the error number - -2003-04-14 Love Hörnquist Åstrand - - * afslog.c: set kafs log function if verbose is turned on - -2003-03-18 Love Hörnquist Åstrand - - * Makefile.am (LDADD): use LIB_kafs - - * afslog.1: --no-v4, --no-v5 - - * Makefile.am: always build afsutils now - - * afslog.c: make build without KRB4 - -2002-11-26 Johan Danielsson - - * afslog.c: remove plural form in help string - - * Makefile.am: add afslog manpage - - * afslog.1: manpage - - * afslog.c: try more files when trying to expand a cell name - - * afslog.c: create a list of cells to get tokens for, before - actually doing anything, and try to get tokens via krb4 if krb5 - fails, and give it a chance to work with krb4-only; also some bug - fixes, partially from Tomas Olsson. - -2002-08-23 Assar Westerlund - - * pagsh.c: make it handle --version/--help - -2001-05-17 Assar Westerlund - - * afslog.c (main): call free_getarg_strings - -2000-12-31 Assar Westerlund - - * afslog.c (main): handle krb5_init_context failure consistently - -2000-12-25 Assar Westerlund - - * afslog.c: clarify usage strings - -1999-08-04 Assar Westerlund - - * pagsh.c (main): use mkstemp to generate temporary file names. - From Miroslav Ruda - -1999-07-04 Assar Westerlund - - * afslog.c (expand_cell_name): terminate on #. From Miroslav Ruda - - -1999-06-27 Assar Westerlund - - * Makefile.am (bin_PROGRAMS): only include pagsh if KRB4 - -1999-06-26 Assar Westerlund - - * Makefile.am: add pagsh - - * pagsh.c: new file. contributed by Miroslav Ruda - -Sat Mar 27 12:49:43 1999 Johan Danielsson - - * afslog.c: cleanup option parsing diff --git a/crypto/heimdal/appl/afsutil/Makefile.am b/crypto/heimdal/appl/afsutil/Makefile.am deleted file mode 100644 index 365897b84c04..000000000000 --- a/crypto/heimdal/appl/afsutil/Makefile.am +++ /dev/null @@ -1,22 +0,0 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_krb4) - -bin_PROGRAMS = afslog pagsh - -afslog_SOURCES = afslog.c - -pagsh_SOURCES = pagsh.c - -man_MANS = afslog.1 pagsh.1 - -LDADD = $(LIB_kafs) \ - $(LIB_krb4) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_hcrypto) \ - $(LIB_roken) - -EXTRA_DIST = $(man_MANS) diff --git a/crypto/heimdal/appl/afsutil/Makefile.in b/crypto/heimdal/appl/afsutil/Makefile.in deleted file mode 100644 index e50ac2ea319c..000000000000 --- a/crypto/heimdal/appl/afsutil/Makefile.in +++ /dev/null @@ -1,851 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog -bin_PROGRAMS = afslog$(EXEEXT) pagsh$(EXEEXT) -subdir = appl/afsutil -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(bin_PROGRAMS) -am_afslog_OBJECTS = afslog.$(OBJEXT) -afslog_OBJECTS = $(am_afslog_OBJECTS) -afslog_LDADD = $(LDADD) -am__DEPENDENCIES_1 = -am__DEPENDENCIES_2 = $(top_builddir)/lib/kafs/libkafs.la \ - $(am__DEPENDENCIES_1) -afslog_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -am_pagsh_OBJECTS = pagsh.$(OBJEXT) -pagsh_OBJECTS = $(am_pagsh_OBJECTS) -pagsh_LDADD = $(LDADD) -pagsh_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(afslog_SOURCES) $(pagsh_SOURCES) -DIST_SOURCES = $(afslog_SOURCES) $(pagsh_SOURCES) -man1dir = $(mandir)/man1 -MANS = $(man_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -afslog_SOURCES = afslog.c -pagsh_SOURCES = pagsh.c -man_MANS = afslog.1 pagsh.1 -LDADD = $(LIB_kafs) \ - $(LIB_krb4) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_hcrypto) \ - $(LIB_roken) - -EXTRA_DIST = $(man_MANS) -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/afsutil/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/afsutil/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-binPROGRAMS: $(bin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-binPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done - -clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -afslog$(EXEEXT): $(afslog_OBJECTS) $(afslog_DEPENDENCIES) - @rm -f afslog$(EXEEXT) - $(LINK) $(afslog_OBJECTS) $(afslog_LDADD) $(LIBS) -pagsh$(EXEEXT): $(pagsh_OBJECTS) $(pagsh_DEPENDENCIES) - @rm -f pagsh$(EXEEXT) - $(LINK) $(pagsh_OBJECTS) $(pagsh_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(PROGRAMS) $(MANS) all-local -installdirs: - for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-binPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man1 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-binPROGRAMS uninstall-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man1 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-binPROGRAMS clean-generic clean-libtool ctags \ - dist-hook distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-binPROGRAMS \ - install-data install-data-am install-data-hook install-dvi \ - install-dvi-am install-exec install-exec-am install-exec-hook \ - install-html install-html-am install-info install-info-am \ - install-man install-man1 install-pdf install-pdf-am install-ps \ - install-ps-am install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \ - uninstall-am uninstall-binPROGRAMS uninstall-hook \ - uninstall-man uninstall-man1 - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/appl/afsutil/afslog.1 b/crypto/heimdal/appl/afsutil/afslog.1 deleted file mode 100644 index aa4b9d685d60..000000000000 --- a/crypto/heimdal/appl/afsutil/afslog.1 +++ /dev/null @@ -1,153 +0,0 @@ -.\" Copyright (c) 2002 - 2007 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: afslog.1 20310 2007-04-11 11:22:23Z lha $ -.\" -.Dd November 26, 2002 -.Dt AFSLOG 1 -.Os HEIMDAL -.Sh NAME -.Nm afslog -.Nd -obtain AFS tokens -.Sh SYNOPSIS -.Nm -.Op Fl h | Fl -help -.Op Fl -no-v4 -.Op Fl -no-v5 -.Op Fl u | Fl -unlog -.Op Fl v | Fl -verbose -.Op Fl -version -.Oo Fl c Ar cell \*(Ba Xo -.Fl -cell= Ns Ar cell -.Xc -.Oc -.Oo Fl k Ar realm \*(Ba Xo -.Fl -realm= Ns Ar realm -.Xc -.Oc -.Oo Fl P Ar principal \*(Ba Xo -.Fl -principal= Ns Ar principal -.Xc -.Oc -.Bk -words -.Oo Fl p Ar path \*(Ba Xo -.Fl -file= Ns Ar path -.Xc -.Oc -.Ek -.Op Ar cell | path ... -.Sh DESCRIPTION -.Nm -obtains AFS tokens for a number of cells. What cells to get tokens for -can either be specified as an explicit list, as file paths to get -tokens for, or be left unspecified, in which case -.Nm -will use whatever magic -.Xr krb_afslog 3 -decides upon. -.Pp -Supported options: -.Bl -tag -width Ds -.It Fl -no-v4 -This makes -.Nm -not try using Kerberos 4. -.It Fl -no-v5 -This makes -.Nm -not try using Kerberos 5. -.It Xo -.Fl P Ar principal , -.Fl -principal Ar principal -.Xc -select what Kerberos 5 principal to use. -.It Fl -cache Ar cache -select what Kerberos 5 credential cache to use. -.Fl -principal -overrides this option. -.It Xo -.Fl u , -.Fl -unlog -.Xc -Destroy tokens instead of obtaining new. If this is specified, all -other options are ignored (except for -.Fl -help -and -.Fl -version ) . -.It Xo -.Fl v , -.Fl -verbose -.Xc -Adds more verbosity for what is actually going on. -.It Xo -.Fl c Ar cell, -.Fl -cell= Ns Ar cell -.Xc -This specified one or more cell names to get tokens for. -.It Xo -.Fl k Ar realm , -.Fl -realm= Ns Ar realm -.Xc -This is the Kerberos realm the AFS servers live in, this should -normally not be specified. -.It Xo -.Fl p Ar path , -.Fl -file= Ns Ar path -.Xc -This specified one or more file paths for which tokens should be -obtained. -.El -.Pp -Instead of using -.Fl c -and -.Fl p , -you may also pass a list of cells and file paths after any other -options. These arguments are considered files if they are either -the strings -.Do . Dc -or -.Dq .. -or they contain a slash, or if there exists a file by that name. -.Sh EXAMPLES -Assuming that there is no file called -.Dq openafs.org -in the current directory, and that -.Pa /afs/openafs.org -points to that cell, the follwing should be identical: -.Bd -literal -offset indent -$ afslog -c openafs.org -$ afslog openafs.org -$ afslog /afs/openafs.org/some/file -.Ed -.Sh SEE ALSO -.Xr krb_afslog 3 diff --git a/crypto/heimdal/appl/afsutil/afslog.c b/crypto/heimdal/appl/afsutil/afslog.c deleted file mode 100644 index 6ca5b2074991..000000000000 --- a/crypto/heimdal/appl/afsutil/afslog.c +++ /dev/null @@ -1,322 +0,0 @@ -/* - * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: afslog.c 16438 2006-01-03 09:27:54Z lha $"); -#endif -#include -#ifdef KRB5 -#include -#endif -#ifdef KRB4 -#include -#endif -#include -#include -#include -#include - -static int help_flag; -static int version_flag; -static getarg_strings cells; -static char *realm; -static getarg_strings files; -static int unlog_flag; -static int verbose; -#ifdef KRB4 -static int use_krb4 = 1; -#endif -#ifdef KRB5 -static char *client_string; -static char *cache_string; -static int use_krb5 = 1; -#endif - -struct getargs args[] = { - { "cell", 'c', arg_strings, &cells, "cells to get tokens for", "cell" }, - { "file", 'p', arg_strings, &files, "files to get tokens for", "path" }, - { "realm", 'k', arg_string, &realm, "realm for afs cell", "realm" }, - { "unlog", 'u', arg_flag, &unlog_flag, "remove tokens" }, -#ifdef KRB4 - { "v4", 0, arg_negative_flag, &use_krb4, "don't use Kerberos 4" }, -#endif -#ifdef KRB5 - { "principal",'P',arg_string,&client_string,"principal to use","principal"}, - { "cache", 0, arg_string, &cache_string, "ccache to use", "cache"}, - { "v5", 0, arg_negative_flag, &use_krb5, "don't use Kerberos 5" }, -#endif - { "verbose",'v', arg_flag, &verbose }, - { "version", 0, arg_flag, &version_flag }, - { "help", 'h', arg_flag, &help_flag }, -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - -#ifdef KRB5 -krb5_context context; -krb5_ccache id; -#endif - -static const char * -expand_one_file(FILE *f, const char *cell) -{ - static char buf[1024]; - char *p; - - while (fgets (buf, sizeof(buf), f) != NULL) { - if(buf[0] == '>') { - for(p = buf; *p && !isspace((unsigned char)*p) && *p != '#'; p++) - ; - *p = '\0'; - if(strncmp(buf + 1, cell, strlen(cell)) == 0) - return buf + 1; - } - buf[0] = '\0'; - } - return NULL; -} - -static const char * -expand_cell_name(const char *cell) -{ - FILE *f; - const char *c; - const char **fn, *files[] = { _PATH_CELLSERVDB, - _PATH_ARLA_CELLSERVDB, - _PATH_OPENAFS_DEBIAN_CELLSERVDB, - _PATH_ARLA_DEBIAN_CELLSERVDB, - NULL }; - for(fn = files; *fn; fn++) { - f = fopen(*fn, "r"); - if(f == NULL) - continue; - c = expand_one_file(f, cell); - fclose(f); - if(c) - return c; - } - return cell; -} - -static void -usage(int ecode) -{ - arg_printusage(args, num_args, NULL, "[cell|path]..."); - exit(ecode); -} - -struct cell_list { - char *cell; - struct cell_list *next; -} *cell_list; - -static int -afslog_cell(const char *cell, int expand) -{ - struct cell_list *p, **q; - const char *c = cell; - if(expand){ - c = expand_cell_name(cell); - if(c == NULL){ - warnx("No cell matching \"%s\" found.", cell); - return -1; - } - if(verbose && strcmp(c, cell) != 0) - warnx("Cell \"%s\" expanded to \"%s\"", cell, c); - } - /* add to list of cells to get tokens for, and also remove - duplicates; the actual afslog takes place later */ - for(p = cell_list, q = &cell_list; p; q = &p->next, p = p->next) - if(strcmp(p->cell, c) == 0) - return 0; - p = malloc(sizeof(*p)); - if(p == NULL) - return -1; - p->cell = strdup(c); - if(p->cell == NULL) { - free(p); - return -1; - } - p->next = NULL; - *q = p; - return 0; -} - -static int -afslog_file(const char *path) -{ - char cell[64]; - if(k_afs_cell_of_file(path, cell, sizeof(cell))){ - warnx("No cell found for file \"%s\".", path); - return -1; - } - if(verbose) - warnx("File \"%s\" lives in cell \"%s\"", path, cell); - return afslog_cell(cell, 0); -} - -static int -do_afslog(const char *cell) -{ - int k5ret, k4ret; - - k5ret = k4ret = 0; - -#ifdef KRB5 - if(context != NULL && id != NULL && use_krb5) { - k5ret = krb5_afslog(context, id, cell, realm); - if(k5ret == 0) - return 0; - } -#endif -#if KRB4 - if (use_krb4) { - k4ret = krb_afslog(cell, realm); - if(k4ret == 0) - return 0; - } -#endif - if (cell == NULL) - cell = ""; -#ifdef KRB5 - if (k5ret) - warnx("krb5_afslog(%s): %s", cell, krb5_get_err_text(context, k5ret)); -#endif -#ifdef KRB4 - if (k4ret) - warnx("krb_afslog(%s): %s", cell, krb_get_err_text(k4ret)); -#endif - if (k5ret || k4ret) - return 1; - return 0; -} - -static void -log_func(void *ctx, const char *str) -{ - fprintf(stderr, "%s\n", str); -} - -int -main(int argc, char **argv) -{ - int optind = 0; - int i; - int num; - int ret = 0; - int failed = 0; - struct cell_list *p; - - setprogname(argv[0]); - - if(getarg(args, num_args, argc, argv, &optind)) - usage(1); - if(help_flag) - usage(0); - if(version_flag) { - print_version(NULL); - exit(0); - } - - if(!k_hasafs()) - errx(1, "AFS does not seem to be present on this machine"); - - if(unlog_flag){ - k_unlog(); - exit(0); - } -#ifdef KRB5 - ret = krb5_init_context(&context); - if (ret) { - context = NULL; - } else { - if (client_string) { - krb5_principal client; - - ret = krb5_parse_name(context, client_string, &client); - if (ret == 0) - ret = krb5_cc_cache_match(context, client, NULL, &id); - if (ret) - id = NULL; - } - if (id == NULL && cache_string) { - if(krb5_cc_resolve(context, cache_string, &id) != 0) { - krb5_warnx(context, "failed to open kerberos 5 cache '%s'", - cache_string); - id = NULL; - } - } - if (id == NULL) - if(krb5_cc_default(context, &id) != 0) - id = NULL; - } -#endif - - if (verbose) - kafs_set_verbose(log_func, NULL); - - num = 0; - for(i = 0; i < files.num_strings; i++){ - afslog_file(files.strings[i]); - num++; - } - free_getarg_strings (&files); - for(i = 0; i < cells.num_strings; i++){ - afslog_cell(cells.strings[i], 1); - num++; - } - free_getarg_strings (&cells); - for(i = optind; i < argc; i++){ - num++; - if(strcmp(argv[i], ".") == 0 || - strcmp(argv[i], "..") == 0 || - strchr(argv[i], '/') || - access(argv[i], F_OK) == 0) - afslog_file(argv[i]); - else - afslog_cell(argv[i], 1); - } - if(num == 0) { - if(do_afslog(NULL)) - failed++; - } else - for(p = cell_list; p; p = p->next) { - if(verbose) - warnx("Getting tokens for cell \"%s\"", p->cell); - if(do_afslog(p->cell)) - failed++; - } - - return failed; -} diff --git a/crypto/heimdal/appl/afsutil/pagsh.1 b/crypto/heimdal/appl/afsutil/pagsh.1 deleted file mode 100644 index c3e93d440e7f..000000000000 --- a/crypto/heimdal/appl/afsutil/pagsh.1 +++ /dev/null @@ -1,92 +0,0 @@ -.\" Copyright (c) 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: pagsh.1 20311 2007-04-11 11:27:51Z lha $ -.\" -.Dd February 12, 2005 -.Dt PAGSH 1 -.Os Heimdal -.Sh NAME -.Nm pagsh -.Nd -creates a new credential cache sandbox -.Sh SYNOPSIS -.Nm -.Op Fl c -.Op Fl h | Fl -help -.Op Fl -version -.Op Fl -cache-type= Ns Ar string -.Ar command [args...] -.Sh DESCRIPTION -Supported options: -.Bl -tag -width Ds -.It Xo -.Fl c -.Xc -.It Xo -.Fl -cache-type= Ns Ar string -.Xc -.It Xo -.Fl h , -.Fl -help -.Xc -.It Xo -.Fl -version -.Xc -.El -.Pp -.Nm -creates a new credential cache sandbox for the user to live in. -If AFS is installed on the computer, the user is put in a newly -created PAG. -.Pp -For Kerberos 5, the credential cache type that is used is the same as -the credential cache type that was used at the time of -.Nm -invocation. -The credential cache type can be controlled by the option -.Fl -cache-type . -.Sh EXAMPLES -Create a new sandbox where new credentials can be used, while the old -credentials can be used by other processes. -.Bd -literal -offset indent -$ klist -Credentials cache: FILE:/tmp/krb5cc_913 - Principal: lha@E.KTH.SE - - Issued Expires Principal -Feb 12 10:08:31 Feb 12 20:06:36 krbtgt/E.KTH.SE@E.KTH.SE -$ pagsh -$ klist -klist: No ticket file: /tmp/krb5cc_03014a -.Ed -.Sh SEE ALSO -.Xr afslog 1 diff --git a/crypto/heimdal/appl/afsutil/pagsh.c b/crypto/heimdal/appl/afsutil/pagsh.c deleted file mode 100644 index d975fad11438..000000000000 --- a/crypto/heimdal/appl/afsutil/pagsh.c +++ /dev/null @@ -1,239 +0,0 @@ -/* - * Copyright (c) 1995 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -RCSID("$Id: pagsh.c 14574 2005-02-12 14:23:28Z lha $"); - -#include -#include -#include -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#include -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_PWD_H -#include -#endif - -#ifdef KRB5 -#include -#endif -#ifdef KRB4 -#include -#endif -#include - -#include -#include -#include - -#ifndef TKT_ROOT -#define TKT_ROOT "/tmp/tkt" -#endif - -static int help_flag; -static int version_flag; -static int c_flag; -#ifdef KRB5 -static char *typename_arg; -#endif - -struct getargs getargs[] = { - { NULL, 'c', arg_flag, &c_flag }, -#ifdef KRB5 - { "cache-type", 0, arg_string, &typename_arg }, -#endif - { "version", 0, arg_flag, &version_flag }, - { "help", 'h', arg_flag, &help_flag }, -}; - -static int num_args = sizeof(getargs) / sizeof(getargs[0]); - -static void -usage(int ecode) -{ - arg_printusage(getargs, num_args, NULL, "command [args...]"); - exit(ecode); -} - -/* - * Run command with a new ticket file / credentials cache / token - */ - -int -main(int argc, char **argv) -{ - int f; - char tf[1024]; - char *p; - - char *path; - char **args; - int i; - int optind = 0; - - setprogname(argv[0]); - if(getarg(getargs, num_args, argc, argv, &optind)) - usage(1); - if(help_flag) - usage(0); - if(version_flag) { - print_version(NULL); - exit(0); - } - - argc -= optind; - argv += optind; - -#ifdef KRB5 - { - const krb5_cc_ops *type; - krb5_error_code ret; - krb5_context context; - krb5_ccache id; - const char *name; - - ret = krb5_init_context(&context); - if (ret) /* XXX should this really call exit ? */ - errx(1, "no kerberos 5 support"); - - if (typename_arg == NULL) { - char *s; - - name = krb5_cc_default_name(context); - if (name == NULL) - krb5_errx(context, 1, "Failed getting default " - "credential cache type"); - - typename_arg = strdup(name); - if (typename_arg == NULL) - errx(1, "strdup"); - - s = strchr(typename_arg, ':'); - if (s) - *s = '\0'; - } - - type = krb5_cc_get_prefix_ops(context, typename_arg); - if (type == NULL) - krb5_err(context, 1, ret, "Failed getting ops for %s " - "credential cache", typename_arg); - - ret = krb5_cc_gen_new(context, type, &id); - if (ret) - krb5_err(context, 1, ret, "Failed generating credential cache"); - - name = krb5_cc_get_name(context, id); - if (name == NULL) - krb5_errx(context, 1, "Generated credential cache have no name"); - - snprintf(tf, sizeof(tf), "%s:%s", typename_arg, name); - - ret = krb5_cc_close(context, id); - if (ret) - krb5_err(context, 1, ret, "Failed closing credential cache"); - - krb5_free_context(context); - - esetenv("KRB5CCNAME", tf, 1); - } -#endif - - snprintf (tf, sizeof(tf), "%s_XXXXXX", TKT_ROOT); - f = mkstemp (tf); - if (f < 0) - err(1, "mkstemp failed"); - close (f); - unlink (tf); - esetenv("KRBTKFILE", tf, 1); - - i = 0; - - args = (char **) malloc((argc + 10)*sizeof(char *)); - if (args == NULL) - errx (1, "Out of memory allocating %lu bytes", - (unsigned long)((argc + 10)*sizeof(char *))); - - if(*argv == NULL) { - path = getenv("SHELL"); - if(path == NULL){ - struct passwd *pw = k_getpwuid(geteuid()); - path = strdup(pw->pw_shell); - } - } else { - path = strdup(*argv++); - } - if (path == NULL) - errx (1, "Out of memory copying path"); - - p=strrchr(path, '/'); - if(p) - args[i] = strdup(p+1); - else - args[i] = strdup(path); - - if (args[i++] == NULL) - errx (1, "Out of memory copying arguments"); - - while(*argv) - args[i++] = *argv++; - - args[i++] = NULL; - - if(k_hasafs()) - k_setpag(); - - unsetenv("PAGPID"); - execvp(path, args); - if (errno == ENOENT || c_flag) { - char **sh_args = malloc ((i + 2) * sizeof(char *)); - int j; - - if (sh_args == NULL) - errx (1, "Out of memory copying sh arguments"); - for (j = 1; j < i; ++j) - sh_args[j + 2] = args[j]; - sh_args[0] = "sh"; - sh_args[1] = "-c"; - sh_args[2] = path; - execv ("/bin/sh", sh_args); - } - err (1, "execvp"); -} diff --git a/crypto/heimdal/appl/ftp/ChangeLog b/crypto/heimdal/appl/ftp/ChangeLog deleted file mode 100644 index 139e193d0541..000000000000 --- a/crypto/heimdal/appl/ftp/ChangeLog +++ /dev/null @@ -1,1022 +0,0 @@ -2007-07-12 Love Hörnquist Åstrand - - * ftp/gssapi.c: Fix pointer vs strict alias rules. - -2007-06-20 Love Hörnquist Åstrand - - * ftp/security.c: if no mech have no session, its ok, just don't - call it. - - * ftp/security.h: provide prototype for sec_userok(). - - * move ksetpag after initgroups to make it work on Linux when its - without syscall hooks to change sys_setgroups preserve the - pag. From Alexsander Boström. - -2007-06-09 Love Hörnquist Åstrand - - * ftpd/Makefile.am: don't clean yacc/lex files in CLEANFILES, - maintainers clean will do that for us. - -2006-10-07 Love Hörnquist Åstrand - - * ftpd/Makefile.am: Add man_MANS to EXTRA_DIST - - * ftp/Makefile.am: Add man_MANS to EXTRA_DIST - -2006-08-08 Love Hörnquist Åstrand - - * ftpd/ftpd.c: Add comment by seteuid call isn't not needed. - - * ftpd/ftpd.c: Check return values from seteuid, prompted by MIT - advisory. Thanks to Tom Yu at MIT, and Michael Calmer and Marcus - Meissner at SUSE. Either of CVE-2006-3083 or CVE-2006-3084. - -2006-06-27 Love Hörnquist Åstrand - - * ftpd/gss_userok.c (gss_userok): create a local krb5_context and - use that instead of the libgssapi context (that might not exist). - -2006-05-05 Love Hörnquist Åstrand - - * Rename u_intXX_t to uintXX_t - -2006-03-23 Love Hörnquist Åstrand - - * ftp/ftp.1: Add undocument flags and spelling, from Ted Percival - - -2006-02-27 Johan Danielsson - - * ftpd/ftpd.8: fix grammar in --no-insecure-oob option (partly - from Thomas Klausner) - -2006-01-24 Love Hörnquist Åstrand - - * ftp/ftp.c: Indent. - -2006-01-12 Johan Danielsson - - * ftpd/ftpd.c (pass): remove unused variable in the !OTP case - -2005-10-22 Love Hörnquist Åstrand - - * ftpd/ls.c: Check return value from asprintf instead of string != - NULL since it undefined behavior on Linux. From Björn Sandell - - * ftpd/gss_userok.c: Check return value from asprintf instead of - string != NULL since it undefined behavior on Linux. From Björn - Sandell - - * ftpd/ftpd.c: Check return value from asprintf instead of string - != NULL since it undefined behavior on Linux. From Björn Sandell - - * ftp/gssapi.c: Check return value from asprintf instead of string - != NULL since it undefined behavior on Linux. From Björn Sandell - -2005-10-12 Johan Danielsson - - * ftp/ftp.1: document -x - - * ftp/security.h: implement cprotect (from MIT) - - * ftp/security.c: add -x (encrypt) option; implement cprotect - (from MIT); make sure we CCC if switching to clear-text command - channel - - * ftp/cmdtab.c: implement cprotect (from MIT) - - * ftp/ruserpass.c: if doing command line encryption (-x), ignore - prot commands in .netrc - - * ftp/ftp_var.h: add -x (encrypt) option - - * ftp/globals.c: add -x (encrypt) option - - * ftp/main.c: add -x (encrypt) option - -2005-07-19 Love Hörnquist Åstrand - - * ftpd/ftpcmd.y: Fix shadow warning. - - * ftp/security.c: Fix shadow warning. - * ftp/security.c: Fix shadow warnings. - - * ftp/ruserpass.c: Fix shadow warnings. - - * ftp/ftp.c: Fix shadow warnings. - - * ftp/cmds.c: fix shadow warnings - - * Add Kerberos 5 klist, old patch from Tomas Nyström (remove krb4 - support). Support klist in client for kerberos 5 clase. - Clean up delegation of gss tokens and do afslog. - -2005-07-13 Love Hörnquist Åstrand - - * ftp/gssapi.c (gss_adat): avoid leaking memory - (gss_auth): always try next kname if there is one, independant of - min_stat - - * ftp/gssapi.c: avoid const warning, use sin4 instead of sin to - avoid shadow warning, free target_name - -2005-07-09 Love Hörnquist Åstrand - - * ftp/security.c: keep track of if CCC was passed - - * ftpd/extern.h: variable to keep track of if CCC was passed - - * ftpd/ftpcmd.y: sprinkel check_secure, check if CCC was passed in - check_secure - -2005-06-02 Love Hörnquist Åstrand - - * ftpd/ftpd.c (filename_check): change signednes of p to avoid - warning, move typecasts - -2005-05-29 Love Hörnquist Åstrand - - * ftpd/ftpd.c: avoid 'unused variable' warnings - -2005-05-10 David Love - - * ftpd/pathnames.h: #ifdef protect _PATH_ISSUE - -2005-04-25 Love Hörnquist Åstrand - - * ftp/domacro.c: handle string trunctions - -2005-04-24 Love Hörnquist Åstrand - - * ftp/security.c: use strlcat - - * ftp/domacro.c: use strlcpy - -2005-04-20 Love Hörnquist Åstrand - - * ftp/security.c: cast size_t to unsigned long - -2005-04-18 Love Hörnquist Åstrand - - * ftpd/ftpd.c (statcmd): cast argument to isdigit to unsigned char - - * ftp/cmds.c (mget): cast char to unsigned char to make sure its - not negative when passing it to tolower - -2005-04-07 Love Hörnquist Åstrand - - * ftp/ftp.c: fix 3 'var' might be used uninitialized warnings - -2005-04-04 Love Hörnquist Åstrand - - * ftp/cmds.c: MacOS is also a unix that doesn't define - __unix__/unix While here, rewrite this part of the function to not - modify that string, but rather take a copy of it and them modify - is, all this just to pacify gcc - -2005-01-09 Love Hörnquist Åstrand - - * ftp/domacro.c: cast argument to is* to unsigned char - - * ftp/ftp.c: cast argument to tolower to unsigned char - -2004-08-20 Love Hörnquist Åstrand - - * ftp/ftp.c: send ABOR protect with security layer if its there - - * ftpd/{ftpd_locl.h, extern.h, ftpcmd.y, ftpd.8, ftpd.c}: - Remove all traces of setjmp/longjmp. - Handle those command that is needed in oobhandler, - those are ABOR, STAT, ENC, CONF, MIC. - add options to turn off insecure OOB handling and document the option - - Changes inspired by openbsd and netbsd changes but quite diffrent is - most places since the code no longer look and is structured the same - way. - -2004-08-16 Johan Danielsson - - * ftp/main.c: reverse help strings for --no-gss-bindings and - --no-gss-delegate - -2004-06-20 Love Hörnquist Åstrand - - * ftpd/ftpcmd.y: make cbuf 64k to handle lager tickets From: - MAAAAA MOOOR - -2004-03-14 Love Hörnquist Åstrand - - * ftpd/ftpd.c (main): setpag if there is krb4 OR krb5 support - -2003-12-19 Love Hörnquist Åstrand - - * ftp/security.h: add ftp_do_gss_delegate - - * ftp/main.c (getargs): negative flag for delegating gss creds - - * ftp/gssapi.c (ftp_do_gss_delegate): delegate creds (default on) - -2003-09-03 Love Hörnquist Åstrand - - * ftp/ftp.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ - - * ftp/cmds.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ - -2003-07-19 Love Hörnquist Åstrand - - * ftp/security.h: add ftp_do_gss_bindings - - * ftp/ftp.1: fix mdoc bug - - * ftp/ftp.1: document --no-gss-bindings - - * ftp/gssapi.c: Optionally support gss bindings, client does it by - default, server not. This is to make it work for clients behind - NAT. - - * ftp/main.c (args): add gss-bindings - (main): set ftp_do_gss_bindings to 1 to make client use them - - * ftpd/ftpd.c (args): add gss-bindings - - * ftpd/ftpd.8: document --gss-bindings - -2003-06-13 Johan Danielsson - - * ftp/gssapi.c (gss_adat): fix name allocation bug - -2003-05-21 Love Hörnquist Åstrand - - * ftpd/gss_userok.c (gss_userok): release delegated cred handle - - * ftp/gssapi.c (gss_adat): remove poking inside the delegated - handle, also fixes problem where to much memory was allocated - - * ftpd/gss_userok.c (gss_userok): remove poking inside the - delegated handle - -2003-05-14 Love Hörnquist Åstrand - - * ftpd/ftpcmd.y: support afslog and afslog when compiled - with krb5 - -2003-05-07 Love Hörnquist Åstrand - - * ftp/cmdtab.c: include afslog in both the krb4 and krb5 case - - * ftp/kauth.c: include afslog in both the krb4 and krb5 case - - * ftp/Makefile.am: always include auth.c - -2003-05-07 Love Hörnquist Åstrand - - * ftpd/Makefile.am: always include auth.c - - * ftpd/kauth.c: do afslog in the krb5 case too - -2003-04-22 Love Hörnquist Åstrand - - * ftp/ftp.1: replace > with \*[Gt] - -2003-04-16 Love Hörnquist Åstrand - - * ftpd/ftpd.c: make sure argument to is* functions are unsigned - -2003-04-06 Love Hörnquist Åstrand - - * ftpd/ftpd.8: s/kerberos/Kerberos/ - -2003-03-23 Assar Westerlund - - * ftpd/pathnames.h (_PATH_FTPUSERS): conditionalize - -2003-03-18 Love Hörnquist Åstrand - - * ftpd/ftpd.c (krb5_verify): always do krb5_afslog, remove setpag - (its done in main) - - * ftpd/gss_userok.c: drop setpag - - * ftpd/ftpd.c (main): set afs PAG - - * ftpd/gss_userok.c: always try krb5_afslog, and while here do a - setpag too - - * ftpd/ftpd_locl.h: always include kafs - -2003-03-16 Love Hörnquist Åstrand - - * ftp/gssapi.c (gss_adat): now that gss_export_name exports a - principal, bandaid with gss_display_name, and check that oid is - GSS_KRB5_NT_PRINCIPAL_NAME, also free memory - -2003-02-25 Love Hörnquist Åstrand - - * ftp/gssapi.c (gss_auth): print out the name we authenticated too - -2003-02-25 Love Hörnquist Åstrand - - * ftpd/ls.c: use readlink with bufsize - 1, From NetBSD - - * ftp/ftp.1: s/utilizes/uses/ from NetBSD - - * ftpd/ftpd.8: s/utilize/use/ from NetBSD - -2003-02-10 Assar Westerlund - - * ftpd/ftpd.c (accept_with_timeout): use socklen_t - -2002-10-29 Johan Danielsson - - * ftp/main.c: reinstate -n flag (from Torbjörn Granlund) - -2002-10-16 Johan Danielsson - - * ftp/ftp.c: fix parsing of epsv ports (from Love) - -2002-09-05 Johan Danielsson - - * ftp/security.c (sec_vfprintf): free encoded data - - * ftp/gssapi.c (gss_decode): release buffer - - * ftp/ftp.c (active_mode): no need to allocate buffer for EPRT - -2002-08-28 Johan Danielsson - - * ftp/ftp.c (command): clean up va_{start,end}ing (from NetBSD) - -2002-08-23 Assar Westerlund - - * ftp/main.c: start using getarg - -2002-08-22 Johan Danielsson - - * ftpd/ls.c: uxp/v lacks _S_IFMT, but has S_IFMT - -2002-08-20 Johan Danielsson - - * ftp/gssapi.c: remove unused variable - -2002-04-24 Johan Danielsson - - * ftp/ftp.c: fix buffer overrun when receiving long replies - -2002-04-02 Johan Danielsson - - * ftpd/popen.c: make sure gl_pathc != 0 before referencing - gl_pathv - -2002-03-15 Johan Danielsson - - * ftp/gssapi.c (gss_adat): if accept_sec_context fails, syslog a - reason and give a temporary error message - -2002-02-28 Johan Danielsson - - * ftpd/ftpd.c: if builtin_ls failes, return error - - * ftpd/ls.c (builtin_ls): return status; also don't print fatal - error messages to the output stream, instead use syslog - -2001-09-14 Johan Danielsson - - * ftpd/ls.c: make sure we don't include . in recursive listings - -2001-09-13 Johan Danielsson - - * ftpd/ftpd.c (dataconn): don't wait forever on accept - -2001-09-04 Assar Westerlund - - * ftp/gssapi.c (gss_adat): leak less memory and check return value - from asprintf - -2001-08-28 Jacques Vidrine - - * ftpd/ftpd.c, ftpd/ftpd.8: On systems with IP_PORTRANGE, have - ftpd use `high-numbered' ports by default. Add a -U option - to get the old behavior. - -2001-08-28 Johan Danielsson - - * ftp/gssapi.c: try using "host" if there's no "ftp" principal - -2001-08-26 Johan Danielsson - - * ftpd/ls.c: implement -R - -2001-08-08 Assar Westerlund - - * ftpd/ls.c: make -a and -A do the same as in ls(1) - -2001-08-05 Assar Westerlund - - * ftpd/ftpcmd.y: add some (unsigned char) casts to is* - * ftp/cmds.c: add some (unsigned char) casts to is* - * ftpd/gss_userok.c (gss_userok): make argument to printf type - correct - -2001-08-05 Assar Westerlund - - * ftp/cmds.c (setpeer): __NetBSD__ is also a unix-like OS - -2001-06-19 Assar Westerlund - - * ftpd/popen.c, ftpd/ftpd.c: try to handle GLOB_MAXPATH (FreeBSD) - -2001-04-19 Johan Danielsson - - * ftpd/ftpd.c (do_store): call closefunc before claiming that - everything went ok, if the close fails the file might not have - been stored properly - -2001-03-26 Assar Westerlund - - * ftpd/ftpd.c, ftpd/popen.c: always use GLOB_LIMIT - * ftpd/popen.c (ftpd_popen): use GLOB_LIMIT if defined - * ftpd/ftpd.c (send_file_list): use GLOB_LIMIT if defined - -2001-02-15 Assar Westerlund - - * ftp/cmds.c (setpeer): handle both service names and port numbers - for the second optional argument. also make parsing more robust - -2001-02-07 Assar Westerlund - - * ftp/security.c (sec_end): only clean app_data if there is any - (*): do realloc consistently - -2001-02-05 Assar Westerlund - - * ftpd/popen.c (ftpd_popen): avoid overwriting the bounds of argv - and gargv - -2001-01-30 Assar Westerlund - - * ftpd/gss_userok.c: use gss_krb5_copy_ccache - -2001-01-29 Assar Westerlund - - * ftpd/Makefile.am: move up LIB_otp so we do not end up picking - one from /usr/athena - -2001-01-25 Johan Danielsson - - * ftpd/ls.c: fix bug in previous; make it easier to build test - version - -2001-01-19 Johan Danielsson - - * ftpd/ls.c (lstat_file): handle case where file lives in `/' - -2001-01-18 Johan Danielsson - - * ftpd/ftpd.c (pasv): close already open passive port - -2000-12-14 Johan Danielsson - - * ftpd/ls.c: reverse time and size sort order (pointed out by - tege) - -2000-12-11 Johan Danielsson - - * ftpd/ftpd.c: make it possible to set list of good filename - characters from command line - -2000-12-10 Johan Danielsson - - * ftpd/ftpd.c: some spec-violating mirror software assumes that - you can do things like `LIST -CF'; don't pass `--' to ls so this - actually works - - * ftpd/ls.c: implement -1CFx flags - -2000-12-08 Assar Westerlund - - * ftpd/gss_userok.c (gss_userok): handle getpwnam failing - * ftp/gssapi.c (gss_auth): be more explicit in error message - -2000-11-29 Johan Danielsson - - * ftpd/ftpd.8: close list - -2000-11-15 Assar Westerlund - - * ftp/main.c: add `-l' for no line-editing - * ftp/globals.c (readline): add - * ftp/ftp_var.h (lineedit): add variable indicated if we should - use readline - -2000-11-09 Johan Danielsson - - * ftp/security.c (sec_read): fix bug in previous (from Jacques A. - Vidrine ) - -2000-11-05 Johan Danielsson - - * ftpd/ftpcmd.y: only allow pasv if logged in - -2000-10-23 Johan Danielsson - - * ftpd/ftpd.c: change bad filename message slightly - - * common/buffer.c: HAVE_ST_BLKSIZE -> HAVE_STRUCT_STAT_ST_BLKSIZE - -2000-10-08 Assar Westerlund - - * ftp/ftp.c (*): check that fds are not too large to select on - * ftp/main.c (cmdscanner): print a newline upon EOF - -2000-09-19 Assar Westerlund - - * ftp/security.h: add some attributes to prototypes of sec* - * ftp/extern.h (command): add attributes - -2000-08-31 Johan Danielsson - - * ftpd/ftpd.c: change redundant password message to something - people can understand - -2000-07-27 Assar Westerlund - - * ftpd/gss_userok.c (gss_userok): only do AFS iff KRB4 - * ftpd/ftpd.c (krb5_verify): only do AFS stuff if KRB4 - -2000-07-07 Assar Westerlund - - * ftpd/ftpd.c: do not call setproctitle with a variable as the - format string - -2000-07-01 Assar Westerlund - - * ftpd/ftpd_locl.h: krb5.h before kafs.h - * ftpd/ftpd.c (krb5_verify): static-ize - * ftpd/ftpd.c (krb5_verify): conditionalize on KRB5 - -2000-06-21 Assar Westerlund - - * ftpd: support for authenticating passwords with krb5, by Daniel - Kouril - -2000-06-06 Johan Danielsson - - * ftpd/ftpcmd.y: change unix test to be negative - -2000-05-18 Assar Westerlund - - * ftpd/ftpd.c (args): should use `debug'. From Onno van der - Linden . - -2000-04-25 Assar Westerlund - - * ftp/ftp.c (login): re-structure code so that we prompt for - password for ftp/anonymous - -2000-04-11 Assar Westerlund - - * ftp/ftp.c (login): initialize tmp before calling fgets - -2000-04-02 Assar Westerlund - - * ftpd/ls.c: rename all st_mtime variables to avoid conflict with - #define. - * ftpd/ftpcmd.y: rename all st_mtime variables to avoid conflict - with #define. - * ftp/cmds.c: rename all st_mtime variables to avoid conflict with - #define. - -2000-03-26 Assar Westerlund - - * ftpd/ls.c, ftpd/ftpcmd.y, ftp/cmds.c: make sure to always call - time, ctime, and gmtime with `time_t's. there were some types - (like in lastlog) that we believed to always be time_t. this has - proven wrong on Solaris 8 in 64-bit mode, where they are stored as - 32-bit quantities but time_t has gone up to 64 bits - -2000-03-09 Johan Danielsson - - * call list_file for broken usages of nlst too - - * ftpd/ftpd.c: call list_file for broken usages of nlst too - -2000-02-07 Assar Westerlund - - * ftp/security.c (sec_read): more paranoia with return value from - sec_get_data - -2000-01-08 Assar Westerlund - - * ftp/ftp.c (hookup): handle ai_canonname being set in any of the - addresses returnedby getaddrinfo. glibc apparently returns the - reverse lookup of every address in ai_canonname. - * ftp/ruserpass.c (guess_domain): dito - -1999-12-21 Assar Westerlund - - * ftpd/ftpd.c: don't use sa_len as a parameter, it's defined on - Irix - -1999-12-21 Johan Danielsson - - * ftpd/ftpd.c (dataconn): make sure from points to actual data - -1999-12-16 Assar Westerlund - - * ftp/ruserpass.c (guess_domain): handle ai_canonname not being - set - * ftp/ftp.c (hookup): handle ai_canonname not being set - -1999-12-06 Assar Westerlund - - * ftp/krb4.c (krb4_auth): the nat-IP address might not be realm - bounded. - -1999-12-05 Assar Westerlund - - * ftpd/ftpd.c (dolog): update prototype - * ftpd/ftpd.c (dolog): use getnameinfo_verified - * ftpd/ftpd.c: replace inaddr2str by getnameinfo - -1999-12-04 Assar Westerlund - - * ftp/ruserpass.c (guess_domain): re-write to use getaddrinfo - * ftp/ftp.c (hookup): re-write to use getaddrinfo - -1999-11-30 Assar Westerlund - - * ftpd/ftpd.c (getdatasock): make sure to keep the port-number of - the outgoing connections. It has to be `ftp-data' or some people - might get upset. - - * ftpd/ftpd.c (args): set correct variable when `-l' so that - logging actually works - -1999-11-29 Assar Westerlund - - * ftp/security.c (sec_login): check return value from realloc - (sec_end): set app_data to NULL - -1999-11-25 Assar Westerlund - - * ftp/krb4.c (krb4_auth): obtain the `local' address when doing - NAT. also turn on passive mode. From - -1999-11-20 Assar Westerlund - - * ftpd/ls.c (make_fileinfo): cast to allow for non-const - prototypes of readlink - -1999-11-12 Assar Westerlund - - * ftpd/ftpd.c (args): use arg_counter for `l' - -1999-11-04 Assar Westerlund - - * ftpd/ls.c (S_ISSOCK, S_ISLNK): fallback definitions for systems - that don't have them (such as ultrix) - -1999-10-29 Assar Westerlund - - * ftpd/ls.c (make_fileinfo): cast uid's and gid's to unsigned in - printf, we don't know what types they might be. - (lstat_file): conditionalize the kafs part on KRB4 - - * ftpd/ftpd_locl.h: is needed for kafs.h - -1999-10-28 Assar Westerlund - - * ftpd/ls.c (lstat_file): don't set st_mode, it should already be - correct - - * ftpd/ls.c: don't use warnx to print errors - - * ftpd/ls.c (builtin_ls): fix typo, 'd' shouldn't imply 'f' - - * ftpd/ls.c (lstat_file): new function for avoiding stating AFS - mount points. From Love - (list_files): use `lstat_file' - - * ftpd/ftpd.c: some const-poisoning - - * ftpd/ftpd.c (args): add `-B' as an alias for `--builtin-ls' to - allow for stupid inetds that only support two arguments. From - Love - -1999-10-26 Assar Westerlund - - * ftpd/ftpcmd.y (help): it's unnecessary to interpret help strings - as printf commands - - * ftpd/ftpd.c (show_issue): don't interpret contents of - /etc/issue* as printf commands. From Brian A May - - -1999-10-21 Johan Danielsson - - * ftpd/kauth.c (kauth): complain if protection level isn't - `private' - - * ftp/krb4.c (krb4_decode): syslog failure reason - - * ftp/kauth.c (kauth): set private level earlier - - * ftp/security.c: get_command_prot; (sec_prot): partially match - `command' and `data' - -1999-10-18 Johan Danielsson - - * ftpd/ftpd.c: change `-l' flag to use arg_collect (this makes - `-ll' work again) - - * ftpd/ftpd.c (list_file): pass filename to ls - -1999-10-04 Johan Danielsson - - * ftpd/ftpcmd.y: FEAT - -1999-10-03 Assar Westerlund - - * ftpd/ls.c: fall-back definitions for constans and casts for - printfs - -1999-10-03 Johan Danielsson - - * ftpd/ftpd.c (main): make this use getarg; add `list_file' - - * ftpd/ftpcmd.y (LIST): call list_file - - * ftpd/ls.c: add simple built-in ls - - * ftp/security.c: add `sec_vfprintf2' and `sec_fprintf2' that - prints to the data stream - - * ftp/kauth.c (kauth): make sure we're using private protection - level - - * ftp/security.c (set_command_prot): set command protection level - - * ftp/security.c: make it possible to set the command protection - level with `prot' - -1999-09-30 Assar Westerlund - - * ftpd/ftpd_locl.h: add prototype for fclose to make sunos happy - -1999-08-19 Johan Danielsson - - * ftpd/ftpd.c (do_login): show issue-file - (send_data): change handling of zero-byte files - -1999-08-18 Assar Westerlund - - * ftp/cmds.c (getit): be more suspicious when parsing the result - of MDTM. Do the comparison of timestamps correctly. - -1999-08-13 Assar Westerlund - - * ftpd/ftpd.c (send_data): avoid calling mmap with `len == 0'. - Some mmap:s rather dislike that (Solaris) and some munmap (Linux) - get grumpy later. - - * ftp/ftp.c (copy_stream): avoid calling mmap with `len == 0'. - Some mmap:s rather dislike that (Solaris) and some munmap (Linux) - get grumpy later. - -1999-08-03 Assar Westerlund - - * ftp/ftp.c (active_mode): hide failure of EPRT by setting verbose - - * ftp/gssapi.c (gss_auth): initialize application_data in bindings - -1999-08-02 Assar Westerlund - - * ftpd/ftpcmd.y: save file names when doing commands that might - get aborted (and longjmp:ed out of) to avoid overwriting them also - remove extra closing brace - -1999-08-01 Johan Danielsson - - * ftpd/ftpcmd.y: change `site find' to `site locate' (to match - what it does, and other implementations) keep find as an alias - -1999-07-28 Assar Westerlund - - * common/socket.c: moved to roken - - * common/socket.c: new file with generic socket functions - - * ftpd/ftpd.c: make it more AF-neutral and v6-capable - - * ftpd/ftpcmd.y: add EPRT and EPSV - - * ftpd/extern.h: update prototypes and variables - - * ftp/krb4.c: update to new types of addresses - - * ftp/gssapi.c: add support for both AF_INET and AF_INET6 - addresses - - * ftp/ftp.c: make it more AF-neutral and v6-capable - - * ftp/extern.h (hookup): change prototype - - * common/common.h: add prototypes for functions in socket.c - - * common/Makefile.am (libcommon_a_SOURCES): add socket.c - - * ftp/gssapi.c (gss_auth): check return value from - `gss_import_name' and print error messages if it fails - -1999-06-15 Assar Westerlund - - * ftp/krb4.c (krb4_auth): type correctness - -1999-06-02 Johan Danielsson - - * ftp/ftp.c (sendrequest): lmode != rmode - -1999-05-21 Assar Westerlund - - * ftp/extern.h (sendrequest): update prototype - - * ftp/cmds.c: update calls to sendrequest and recvrequest to send - "b" when appropriate - - * ftp/ftp.c (sendrequest): add argument for mode to open file in. - -1999-05-08 Assar Westerlund - - * ftpd/ftpcmd.y: rename getline -> ftpd_getline - - * ftp/main.c (makeargv): fill in unused slots with NULL - -Thu Apr 8 15:06:40 1999 Johan Danielsson - - * ftpd/ftpd.c: remove definition of KRB_VERIFY_USER (moved to - config.h) - -Wed Apr 7 16:15:21 1999 Johan Danielsson - - * ftp/gssapi.c (gss_auth): call gss_display_status to get a sane - error message; return AUTH_{CONTINUE,ERROR}, where appropriate - - * ftp/krb4.c: return AUTH_{CONTINUE,ERROR}, where appropriate - - * ftp/security.c (sec_login): if mechanism returns AUTH_CONTINUE, - just continue with the next mechanism, this fixes the case of - having GSSAPI fail because of non-existant of expired tickets - - * ftp/security.h: add AUTH_{OK,CONTINUE,ERROR} - -Thu Apr 1 16:59:04 1999 Johan Danielsson - - * ftpd/Makefile.am: don't run check-local - - * ftp/Makefile.am: don't run check-local - -Mon Mar 22 22:15:18 1999 Assar Westerlund - - * ftpd/ftpd.c (pass): fall-back for KRB_VERIFY_SECURE - - * ftpd/ftpd.c (pass): 1 -> KRB_VERIFY_SECURE - -Thu Mar 18 12:07:09 1999 Johan Danielsson - - * ftpd/Makefile.am: clean ftpcmd.c - - * ftpd/ftpd_locl.h: remove krb5.h (breaks in ftpcmd.y) - - * ftpd/ftpd.c: move include of krb5.h here - - * ftpd/Makefile.am: include Makefile.am.common - - * Makefile.am: include Makefile.am.common - - * ftp/Makefile.am: include Makefile.am.common - - * common/Makefile.am: include Makefile.am.common - -Tue Mar 16 22:28:37 1999 Assar Westerlund - - * ftpd/ftpd_locl.h: add krb5.h to get heimdal_version - - * ftpd/ftpd.c: krb_verify_user_multiple -> krb_verify_user - -Thu Mar 11 14:54:59 1999 Johan Danielsson - - * ftp/Makefile.in: WFLAGS - - * ftp/ruserpass.c: add some if-braces - -Wed Mar 10 20:02:55 1999 Johan Danielsson - - * ftpd/ftpd_locl.h: remove ifdef HAVE_FNMATCH - -Mon Mar 8 21:29:24 1999 Johan Danielsson - - * ftpd/ftpd.c: re-add version in greeting message - -Mon Mar 1 10:49:38 1999 Johan Danielsson - - * ftpd/logwtmp.c: HAVE_UT_* -> HAVE_STRUCT_UTMP*_UT_* - -Mon Feb 22 19:20:51 1999 Johan Danielsson - - * common/Makefile.in: remove glob - -Sat Feb 13 17:19:35 1999 Assar Westerlund - - * ftpd/ftpd.c (match): remove #ifdef HAVE_FNMATCH. We have a - fnmatch implementation in roken and therefore always have it. - - * ftp/ftp.c (copy_stream): initialize `werr' - -Wed Jan 13 23:52:57 1999 Assar Westerlund - - * ftpd/ftpcmd.y: moved all check_login and check_login_no_guest to - the end of the rules to ensure we don't generate several - (independent) error messages. once again, having a yacc-grammar - for FTP with embedded actions doesn't strike me as the most - optimal way of doing it. - -Tue Dec 1 14:44:29 1998 Johan Danielsson - - * ftpd/Makefile.am: link with extra libs for aix - -Sun Nov 22 10:28:20 1998 Assar Westerlund - - * ftpd/ftpd.c (retrying): support on-the-fly decompression - - * ftpd/Makefile.in (WFLAGS): set - - * ftp/ruserpass.c (guess_domain): new function - (ruserpass): use it - - * common/Makefile.in (WFLAGS): set - - * Makefile.in (WFLAGS): set - -Sat Nov 21 23:13:03 1998 Assar Westerlund - - * ftp/security.c: some more type correctness. - - * ftp/gssapi.c (gss_adat): more braces to shut up warnings - -Wed Nov 18 21:47:55 1998 Assar Westerlund - - * ftp/main.c (main): new option `-p' for enable passive mode. - -Mon Nov 2 01:57:49 1998 Assar Westerlund - - * ftp/ftp.c (getreply): remove extra `break' - - * ftp/gssapi.c (gss_auth): fixo typo(copyo?) - - * ftp/security.c (sec_login): fix loop and return value - -Tue Sep 1 16:56:42 1998 Johan Danielsson - - * ftp/cmds.c (quote1): fix % quoting bug - -Fri Aug 14 17:10:06 1998 Johan Danielsson - - * ftp/krb4.c: krb_put_int -> KRB_PUT_INT - -Tue Jun 30 18:07:15 1998 Assar Westerlund - - * ftp/security.c (auth): free `app_data' - (sec_end): only destroy if it was initialized - -Tue Jun 9 21:01:59 1998 Johan Danielsson - - * ftp/krb4.c: pass client address to krb_rd_req - -Sat May 16 00:02:07 1998 Assar Westerlund - - * ftpd/Makefile.am: link with DBLIB - -Tue May 12 14:15:32 1998 Johan Danielsson - - * ftp/gssapi.c: Save client name for userok(). - - * ftpd/gss_userok.c: Userok for gssapi. - -Fri May 1 07:15:01 1998 Assar Westerlund - - * ftp/ftp.c: unifdef -DHAVE_H_ERRNO - -Fri Mar 27 00:46:07 1998 Johan Danielsson - - * Make compile w/o krb4. - -Thu Mar 26 03:49:12 1998 Johan Danielsson - - * ftp/*, ftpd/*: Changes for new framework. - - * ftp/gssapi.c: GSS-API backend for the new security framework. - - * ftp/krb4.c: Updated for new framework. - - * ftp/security.{c,h}: New unified security framework. diff --git a/crypto/heimdal/appl/ftp/Makefile.am b/crypto/heimdal/appl/ftp/Makefile.am deleted file mode 100644 index 44116ee34a8d..000000000000 --- a/crypto/heimdal/appl/ftp/Makefile.am +++ /dev/null @@ -1,5 +0,0 @@ -# $Id: Makefile.am 5652 1999-03-20 13:58:20Z joda $ - -include $(top_srcdir)/Makefile.am.common - -SUBDIRS = common ftp ftpd diff --git a/crypto/heimdal/appl/ftp/Makefile.in b/crypto/heimdal/appl/ftp/Makefile.in deleted file mode 100644 index 3bb9eda715aa..000000000000 --- a/crypto/heimdal/appl/ftp/Makefile.in +++ /dev/null @@ -1,815 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 5652 1999-03-20 13:58:20Z joda $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog -subdir = appl/ftp -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ - html-recursive info-recursive install-data-recursive \ - install-dvi-recursive install-exec-recursive \ - install-html-recursive install-info-recursive \ - install-pdf-recursive install-ps-recursive install-recursive \ - installcheck-recursive installdirs-recursive pdf-recursive \ - ps-recursive uninstall-recursive -RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ - distclean-recursive maintainer-clean-recursive -ETAGS = etags -CTAGS = ctags -DIST_SUBDIRS = $(SUBDIRS) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -SUBDIRS = common ftp ftpd -all: all-recursive - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/ftp/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/ftp/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -# This directory's subdirectories are mostly independent; you can cd -# into them and run `make' without going through this Makefile. -# To change the values of `make' variables: instead of editing Makefiles, -# (1) if the variable is set in `config.status', edit `config.status' -# (which will cause the Makefiles to be regenerated when you run `make'); -# (2) otherwise, pass the desired values on the `make' command line. -$(RECURSIVE_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - target=`echo $@ | sed s/-recursive//`; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - dot_seen=yes; \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done; \ - if test "$$dot_seen" = "no"; then \ - $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ - fi; test -z "$$fail" - -$(RECURSIVE_CLEAN_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - case "$@" in \ - distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ - *) list='$(SUBDIRS)' ;; \ - esac; \ - rev=''; for subdir in $$list; do \ - if test "$$subdir" = "."; then :; else \ - rev="$$subdir $$rev"; \ - fi; \ - done; \ - rev="$$rev ."; \ - target=`echo $@ | sed s/-recursive//`; \ - for subdir in $$rev; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done && test -z "$$fail" -tags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ - done -ctags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ - include_option=--etags-include; \ - empty_fix=.; \ - else \ - include_option=--include; \ - empty_fix=; \ - fi; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test ! -f $$subdir/TAGS || \ - tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ - fi; \ - done; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test -d "$(distdir)/$$subdir" \ - || $(MKDIR_P) "$(distdir)/$$subdir" \ - || exit 1; \ - distdir=`$(am__cd) $(distdir) && pwd`; \ - top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ - (cd $$subdir && \ - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$$top_distdir" \ - distdir="$$distdir/$$subdir" \ - am__remove_distdir=: \ - am__skip_length_check=: \ - distdir) \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-recursive -all-am: Makefile all-local -installdirs: installdirs-recursive -installdirs-am: -install: install-recursive -install-exec: install-exec-recursive -install-data: install-data-recursive -uninstall: uninstall-recursive - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-recursive -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-recursive - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-recursive - -rm -f Makefile -distclean-am: clean-am distclean-generic distclean-tags - -dvi: dvi-recursive - -dvi-am: - -html: html-recursive - -info: info-recursive - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-recursive - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-recursive - -install-info: install-info-recursive - -install-man: - -install-pdf: install-pdf-recursive - -install-ps: install-ps-recursive - -installcheck-am: - -maintainer-clean: maintainer-clean-recursive - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-recursive - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-recursive - -pdf-am: - -ps: ps-recursive - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ - install-data-am install-exec-am install-strip uninstall-am - -.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ - all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool ctags ctags-recursive dist-hook \ - distclean distclean-generic distclean-libtool distclean-tags \ - distdir dvi dvi-am html html-am info info-am install \ - install-am install-data install-data-am install-data-hook \ - install-dvi install-dvi-am install-exec install-exec-am \ - install-exec-hook install-html install-html-am install-info \ - install-info-am install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs installdirs-am maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags tags-recursive \ - uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/appl/ftp/common/Makefile.am b/crypto/heimdal/appl/ftp/common/Makefile.am deleted file mode 100644 index 304fcd15683b..000000000000 --- a/crypto/heimdal/appl/ftp/common/Makefile.am +++ /dev/null @@ -1,12 +0,0 @@ -# $Id: Makefile.am 14164 2004-08-26 11:55:29Z joda $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_krb4) - -noinst_LIBRARIES = libcommon.a - -libcommon_a_SOURCES = \ - sockbuf.c \ - buffer.c \ - common.h diff --git a/crypto/heimdal/appl/ftp/common/Makefile.in b/crypto/heimdal/appl/ftp/common/Makefile.in deleted file mode 100644 index 1c5338a7b8ce..000000000000 --- a/crypto/heimdal/appl/ftp/common/Makefile.in +++ /dev/null @@ -1,751 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 14164 2004-08-26 11:55:29Z joda $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = appl/ftp/common -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) -ARFLAGS = cru -libcommon_a_AR = $(AR) $(ARFLAGS) -libcommon_a_LIBADD = -am_libcommon_a_OBJECTS = sockbuf.$(OBJEXT) buffer.$(OBJEXT) -libcommon_a_OBJECTS = $(am_libcommon_a_OBJECTS) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(libcommon_a_SOURCES) -DIST_SOURCES = $(libcommon_a_SOURCES) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -noinst_LIBRARIES = libcommon.a -libcommon_a_SOURCES = \ - sockbuf.c \ - buffer.c \ - common.h - -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/ftp/common/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/ftp/common/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -clean-noinstLIBRARIES: - -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) -libcommon.a: $(libcommon_a_OBJECTS) $(libcommon_a_DEPENDENCIES) - -rm -f libcommon.a - $(libcommon_a_AR) libcommon.a $(libcommon_a_OBJECTS) $(libcommon_a_LIBADD) - $(RANLIB) libcommon.a - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(LIBRARIES) all-local -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool clean-noinstLIBRARIES \ - mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-generic clean-libtool clean-noinstLIBRARIES ctags \ - dist-hook distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ - pdf pdf-am ps ps-am tags uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/appl/ftp/common/buffer.c b/crypto/heimdal/appl/ftp/common/buffer.c deleted file mode 100644 index 3bca113663ec..000000000000 --- a/crypto/heimdal/appl/ftp/common/buffer.c +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 1995-2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "common.h" -#include -#include -#include "roken.h" - -RCSID("$Id: buffer.c 9129 2000-10-23 04:49:25Z joda $"); - -/* - * Allocate a buffer enough to handle st->st_blksize, if - * there is such a field, otherwise BUFSIZ. - */ - -void * -alloc_buffer (void *oldbuf, size_t *sz, struct stat *st) -{ - size_t new_sz; - - new_sz = BUFSIZ; -#ifdef HAVE_STRUCT_STAT_ST_BLKSIZE - if (st) - new_sz = max(BUFSIZ, st->st_blksize); -#endif - if(new_sz > *sz) { - if (oldbuf) - free (oldbuf); - oldbuf = malloc (new_sz); - if (oldbuf == NULL) { - warn ("malloc"); - *sz = 0; - return NULL; - } - *sz = new_sz; - } - return oldbuf; -} - diff --git a/crypto/heimdal/appl/ftp/common/common.h b/crypto/heimdal/appl/ftp/common/common.h deleted file mode 100644 index 76168596dce4..000000000000 --- a/crypto/heimdal/appl/ftp/common/common.h +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: common.h 7463 1999-12-02 16:58:55Z joda $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#ifndef __COMMON_H__ -#define __COMMON_H__ - -#include "base64.h" - -void set_buffer_size(int, int); - -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif - -void *alloc_buffer (void *oldbuf, size_t *sz, struct stat *st); - -#endif /* __COMMON_H__ */ diff --git a/crypto/heimdal/appl/ftp/common/sockbuf.c b/crypto/heimdal/appl/ftp/common/sockbuf.c deleted file mode 100644 index bb9068afc0b7..000000000000 --- a/crypto/heimdal/appl/ftp/common/sockbuf.c +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "common.h" -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif - -RCSID("$Id: sockbuf.c 7463 1999-12-02 16:58:55Z joda $"); - -void -set_buffer_size(int fd, int read) -{ -#if defined(SO_RCVBUF) && defined(SO_SNDBUF) && defined(HAVE_SETSOCKOPT) - size_t size = 4194304; - while(size >= 131072 && - setsockopt(fd, SOL_SOCKET, read ? SO_RCVBUF : SO_SNDBUF, - (void *)&size, sizeof(size)) < 0) - size /= 2; -#endif -} - - diff --git a/crypto/heimdal/appl/ftp/ftp/Makefile.am b/crypto/heimdal/appl/ftp/ftp/Makefile.am deleted file mode 100644 index 24679dc5599f..000000000000 --- a/crypto/heimdal/appl/ftp/ftp/Makefile.am +++ /dev/null @@ -1,49 +0,0 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += -I$(srcdir)/../common $(INCLUDE_readline) $(INCLUDE_krb4) $(INCLUDE_hcrypto) - -bin_PROGRAMS = ftp - -CHECK_LOCAL = - -if KRB4 -krb4_sources = krb4.c -endif -if KRB5 -krb5_sources = gssapi.c -endif - -ftp_SOURCES = \ - cmds.c \ - cmdtab.c \ - extern.h \ - ftp.c \ - ftp_locl.h \ - ftp_var.h \ - main.c \ - pathnames.h \ - ruserpass.c \ - domacro.c \ - globals.c \ - security.c \ - security.h \ - kauth.c \ - $(krb4_sources) \ - $(krb5_sources) - -EXTRA_ftp_SOURCES = krb4.c gssapi.c - -man_MANS = ftp.1 - -LDADD = \ - ../common/libcommon.a \ - $(LIB_gssapi) \ - $(LIB_krb5) \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(LIB_roken) \ - $(LIB_readline) - -EXTRA_DIST = $(man_MANS) diff --git a/crypto/heimdal/appl/ftp/ftp/Makefile.in b/crypto/heimdal/appl/ftp/ftp/Makefile.in deleted file mode 100644 index 431d087fec78..000000000000 --- a/crypto/heimdal/appl/ftp/ftp/Makefile.in +++ /dev/null @@ -1,869 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -bin_PROGRAMS = ftp$(EXEEXT) -subdir = appl/ftp/ftp -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(bin_PROGRAMS) -am__ftp_SOURCES_DIST = cmds.c cmdtab.c extern.h ftp.c ftp_locl.h \ - ftp_var.h main.c pathnames.h ruserpass.c domacro.c globals.c \ - security.c security.h kauth.c krb4.c gssapi.c -@KRB4_TRUE@am__objects_1 = krb4.$(OBJEXT) -@KRB5_TRUE@am__objects_2 = gssapi.$(OBJEXT) -am_ftp_OBJECTS = cmds.$(OBJEXT) cmdtab.$(OBJEXT) ftp.$(OBJEXT) \ - main.$(OBJEXT) ruserpass.$(OBJEXT) domacro.$(OBJEXT) \ - globals.$(OBJEXT) security.$(OBJEXT) kauth.$(OBJEXT) \ - $(am__objects_1) $(am__objects_2) -ftp_OBJECTS = $(am_ftp_OBJECTS) -ftp_LDADD = $(LDADD) -am__DEPENDENCIES_1 = -ftp_DEPENDENCIES = ../common/libcommon.a $(LIB_gssapi) $(LIB_krb5) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(ftp_SOURCES) $(EXTRA_ftp_SOURCES) -DIST_SOURCES = $(am__ftp_SOURCES_DIST) $(EXTRA_ftp_SOURCES) -man1dir = $(mandir)/man1 -MANS = $(man_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - -I$(srcdir)/../common $(INCLUDE_readline) $(INCLUDE_krb4) \ - $(INCLUDE_hcrypto) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -CHECK_LOCAL = -@KRB4_TRUE@krb4_sources = krb4.c -@KRB5_TRUE@krb5_sources = gssapi.c -ftp_SOURCES = \ - cmds.c \ - cmdtab.c \ - extern.h \ - ftp.c \ - ftp_locl.h \ - ftp_var.h \ - main.c \ - pathnames.h \ - ruserpass.c \ - domacro.c \ - globals.c \ - security.c \ - security.h \ - kauth.c \ - $(krb4_sources) \ - $(krb5_sources) - -EXTRA_ftp_SOURCES = krb4.c gssapi.c -man_MANS = ftp.1 -LDADD = \ - ../common/libcommon.a \ - $(LIB_gssapi) \ - $(LIB_krb5) \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(LIB_roken) \ - $(LIB_readline) - -EXTRA_DIST = $(man_MANS) -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/ftp/ftp/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/ftp/ftp/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-binPROGRAMS: $(bin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-binPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done - -clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -ftp$(EXEEXT): $(ftp_OBJECTS) $(ftp_DEPENDENCIES) - @rm -f ftp$(EXEEXT) - $(LINK) $(ftp_OBJECTS) $(ftp_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(PROGRAMS) $(MANS) all-local -installdirs: - for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-binPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man1 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-binPROGRAMS uninstall-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man1 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-binPROGRAMS clean-generic clean-libtool ctags \ - dist-hook distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-binPROGRAMS \ - install-data install-data-am install-data-hook install-dvi \ - install-dvi-am install-exec install-exec-am install-exec-hook \ - install-html install-html-am install-info install-info-am \ - install-man install-man1 install-pdf install-pdf-am install-ps \ - install-ps-am install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \ - uninstall-am uninstall-binPROGRAMS uninstall-hook \ - uninstall-man uninstall-man1 - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/appl/ftp/ftp/cmds.c b/crypto/heimdal/appl/ftp/ftp/cmds.c deleted file mode 100644 index 86f4ff45a66b..000000000000 --- a/crypto/heimdal/appl/ftp/ftp/cmds.c +++ /dev/null @@ -1,2143 +0,0 @@ -/* - * Copyright (c) 1985, 1989, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * FTP User Program -- Command Routines. - */ - -#include "ftp_locl.h" -RCSID("$Id: cmds.c 15673 2005-07-19 18:19:33Z lha $"); - -typedef void (*sighand)(int); - -jmp_buf jabort; -char *mname; -char *home = "/"; - -/* - * `Another' gets another argument, and stores the new argc and argv. - * It reverts to the top level (via main.c's intr()) on EOF/error. - * - * Returns false if no new arguments have been added. - */ -int -another(int *pargc, char ***pargv, char *prompt) -{ - int len = strlen(line), ret; - - if (len >= sizeof(line) - 3) { - printf("sorry, arguments too long\n"); - intr(0); - } - printf("(%s) ", prompt); - line[len++] = ' '; - if (fgets(&line[len], sizeof(line) - len, stdin) == NULL) - intr(0); - len += strlen(&line[len]); - if (len > 0 && line[len - 1] == '\n') - line[len - 1] = '\0'; - makeargv(); - ret = margc > *pargc; - *pargc = margc; - *pargv = margv; - return (ret); -} - -/* - * Connect to peer server and - * auto-login, if possible. - */ -void -setpeer(int argc, char **argv) -{ - char *host; - u_short port; - struct servent *sp; - - if (connected) { - printf("Already connected to %s, use close first.\n", - hostname); - code = -1; - return; - } - if (argc < 2) - another(&argc, &argv, "to"); - if (argc < 2 || argc > 3) { - printf("usage: %s host-name [port]\n", argv[0]); - code = -1; - return; - } - sp = getservbyname("ftp", "tcp"); - if (sp == NULL) - errx(1, "You bastard. You removed ftp/tcp from services"); - port = sp->s_port; - if (argc > 2) { - sp = getservbyname(argv[2], "tcp"); - if (sp != NULL) { - port = sp->s_port; - } else { - char *ep; - - port = strtol(argv[2], &ep, 0); - if (argv[2] == ep) { - printf("%s: bad port number-- %s\n", - argv[1], argv[2]); - printf ("usage: %s host-name [port]\n", - argv[0]); - code = -1; - return; - } - port = htons(port); - } - } - host = hookup(argv[1], port); - if (host) { - int overbose; - - connected = 1; - /* - * Set up defaults for FTP. - */ - strlcpy(typename, "ascii", sizeof(typename)); - type = TYPE_A; - curtype = TYPE_A; - strlcpy(formname, "non-print", sizeof(formname)); - form = FORM_N; - strlcpy(modename, "stream", sizeof(modename)); - mode = MODE_S; - strlcpy(structname, "file", sizeof(structname)); - stru = STRU_F; - strlcpy(bytename, "8", sizeof(bytename)); - bytesize = 8; - if (autologin) - login(argv[1]); - -#if (defined(unix) || defined(__unix__) || defined(__unix) || defined(_AIX) || defined(_CRAY) || defined(__NetBSD__) || defined(__APPLE__)) && NBBY == 8 -/* - * this ifdef is to keep someone form "porting" this to an incompatible - * system and not checking this out. This way they have to think about it. - */ - overbose = verbose; - if (debug == 0) - verbose = -1; - if (command("SYST") == COMPLETE && overbose && strlen(reply_string) > 4) { - char *cp, *p; - - cp = strdup(reply_string + 4); - if (cp == NULL) - errx(1, "strdup: out of memory"); - p = strchr(cp, ' '); - if (p == NULL) - p = strchr(cp, '\r'); - if (p) { - if (p[-1] == '.') - p--; - *p = '\0'; - } - - printf("Remote system type is %s.\n", cp); - free(cp); - } - if (!strncmp(reply_string, "215 UNIX Type: L8", 17)) { - if (proxy) - unix_proxy = 1; - else - unix_server = 1; - /* - * Set type to 0 (not specified by user), - * meaning binary by default, but don't bother - * telling server. We can use binary - * for text files unless changed by the user. - */ - type = 0; - strlcpy(typename, "binary", sizeof(typename)); - if (overbose) - printf("Using %s mode to transfer files.\n", - typename); - } else { - if (proxy) - unix_proxy = 0; - else - unix_server = 0; - if (overbose && - !strncmp(reply_string, "215 TOPS20", 10)) - printf( -"Remember to set tenex mode when transfering binary files from this machine.\n"); - } - verbose = overbose; -#endif /* unix */ - } -} - -struct types { - char *t_name; - char *t_mode; - int t_type; - char *t_arg; -} types[] = { - { "ascii", "A", TYPE_A, 0 }, - { "binary", "I", TYPE_I, 0 }, - { "image", "I", TYPE_I, 0 }, - { "ebcdic", "E", TYPE_E, 0 }, - { "tenex", "L", TYPE_L, bytename }, - { NULL } -}; - -/* - * Set transfer type. - */ -void -settype(int argc, char **argv) -{ - struct types *p; - int comret; - - if (argc > 2) { - char *sep; - - printf("usage: %s [", argv[0]); - sep = " "; - for (p = types; p->t_name; p++) { - printf("%s%s", sep, p->t_name); - sep = " | "; - } - printf(" ]\n"); - code = -1; - return; - } - if (argc < 2) { - printf("Using %s mode to transfer files.\n", typename); - code = 0; - return; - } - for (p = types; p->t_name; p++) - if (strcmp(argv[1], p->t_name) == 0) - break; - if (p->t_name == 0) { - printf("%s: unknown mode\n", argv[1]); - code = -1; - return; - } - if ((p->t_arg != NULL) && (*(p->t_arg) != '\0')) - comret = command ("TYPE %s %s", p->t_mode, p->t_arg); - else - comret = command("TYPE %s", p->t_mode); - if (comret == COMPLETE) { - strlcpy(typename, p->t_name, sizeof(typename)); - curtype = type = p->t_type; - } -} - -/* - * Internal form of settype; changes current type in use with server - * without changing our notion of the type for data transfers. - * Used to change to and from ascii for listings. - */ -void -changetype(int newtype, int show) -{ - struct types *p; - int comret, oldverbose = verbose; - - if (newtype == 0) - newtype = TYPE_I; - if (newtype == curtype) - return; - if (debug == 0 && show == 0) - verbose = 0; - for (p = types; p->t_name; p++) - if (newtype == p->t_type) - break; - if (p->t_name == 0) { - printf("ftp: internal error: unknown type %d\n", newtype); - return; - } - if (newtype == TYPE_L && bytename[0] != '\0') - comret = command("TYPE %s %s", p->t_mode, bytename); - else - comret = command("TYPE %s", p->t_mode); - if (comret == COMPLETE) - curtype = newtype; - verbose = oldverbose; -} - -char *stype[] = { - "type", - "", - 0 -}; - -/* - * Set binary transfer type. - */ -/*VARARGS*/ -void -setbinary(int argc, char **argv) -{ - - stype[1] = "binary"; - settype(2, stype); -} - -/* - * Set ascii transfer type. - */ -/*VARARGS*/ -void -setascii(int argc, char **argv) -{ - - stype[1] = "ascii"; - settype(2, stype); -} - -/* - * Set tenex transfer type. - */ -/*VARARGS*/ -void -settenex(int argc, char **argv) -{ - - stype[1] = "tenex"; - settype(2, stype); -} - -/* - * Set file transfer mode. - */ -/*ARGSUSED*/ -void -setftmode(int argc, char **argv) -{ - - printf("We only support %s mode, sorry.\n", modename); - code = -1; -} - -/* - * Set file transfer format. - */ -/*ARGSUSED*/ -void -setform(int argc, char **argv) -{ - - printf("We only support %s format, sorry.\n", formname); - code = -1; -} - -/* - * Set file transfer structure. - */ -/*ARGSUSED*/ -void -setstruct(int argc, char **argv) -{ - - printf("We only support %s structure, sorry.\n", structname); - code = -1; -} - -/* - * Send a single file. - */ -void -put(int argc, char **argv) -{ - char *cmd; - int loc = 0; - char *oldargv1, *oldargv2; - - if (argc == 2) { - argc++; - argv[2] = argv[1]; - loc++; - } - if (argc < 2 && !another(&argc, &argv, "local-file")) - goto usage; - if (argc < 3 && !another(&argc, &argv, "remote-file")) { -usage: - printf("usage: %s local-file remote-file\n", argv[0]); - code = -1; - return; - } - oldargv1 = argv[1]; - oldargv2 = argv[2]; - if (!globulize(&argv[1])) { - code = -1; - return; - } - /* - * If "globulize" modifies argv[1], and argv[2] is a copy of - * the old argv[1], make it a copy of the new argv[1]. - */ - if (argv[1] != oldargv1 && argv[2] == oldargv1) { - argv[2] = argv[1]; - } - cmd = (argv[0][0] == 'a') ? "APPE" : ((sunique) ? "STOU" : "STOR"); - if (loc && ntflag) { - argv[2] = dotrans(argv[2]); - } - if (loc && mapflag) { - argv[2] = domap(argv[2]); - } - sendrequest(cmd, argv[1], argv[2], - curtype == TYPE_I ? "rb" : "r", - argv[1] != oldargv1 || argv[2] != oldargv2); -} - -/* ARGSUSED */ -static RETSIGTYPE -mabort(int signo) -{ - int ointer; - - printf("\n"); - fflush(stdout); - if (mflag && fromatty) { - ointer = interactive; - interactive = 1; - if (confirm("Continue with", mname)) { - interactive = ointer; - longjmp(jabort,0); - } - interactive = ointer; - } - mflag = 0; - longjmp(jabort,0); -} - -/* - * Send multiple files. - */ -void -mput(int argc, char **argv) -{ - int i; - RETSIGTYPE (*oldintr)(int); - int ointer; - char *tp; - - if (argc < 2 && !another(&argc, &argv, "local-files")) { - printf("usage: %s local-files\n", argv[0]); - code = -1; - return; - } - mname = argv[0]; - mflag = 1; - oldintr = signal(SIGINT, mabort); - setjmp(jabort); - if (proxy) { - char *cp, *tp2, tmpbuf[MaxPathLen]; - - while ((cp = remglob(argv,0)) != NULL) { - if (*cp == 0) { - mflag = 0; - continue; - } - if (mflag && confirm(argv[0], cp)) { - tp = cp; - if (mcase) { - while (*tp && !islower((unsigned char)*tp)) { - tp++; - } - if (!*tp) { - tp = cp; - tp2 = tmpbuf; - while ((*tp2 = *tp) != '\0') { - if (isupper((unsigned char)*tp2)) { - *tp2 = 'a' + *tp2 - 'A'; - } - tp++; - tp2++; - } - } - tp = tmpbuf; - } - if (ntflag) { - tp = dotrans(tp); - } - if (mapflag) { - tp = domap(tp); - } - sendrequest((sunique) ? "STOU" : "STOR", - cp, tp, - curtype == TYPE_I ? "rb" : "r", - cp != tp || !interactive); - if (!mflag && fromatty) { - ointer = interactive; - interactive = 1; - if (confirm("Continue with","mput")) { - mflag++; - } - interactive = ointer; - } - } - } - signal(SIGINT, oldintr); - mflag = 0; - return; - } - for (i = 1; i < argc; i++) { - char **cpp; - glob_t gl; - int flags; - - if (!doglob) { - if (mflag && confirm(argv[0], argv[i])) { - tp = (ntflag) ? dotrans(argv[i]) : argv[i]; - tp = (mapflag) ? domap(tp) : tp; - sendrequest((sunique) ? "STOU" : "STOR", - argv[i], - curtype == TYPE_I ? "rb" : "r", - tp, tp != argv[i] || !interactive); - if (!mflag && fromatty) { - ointer = interactive; - interactive = 1; - if (confirm("Continue with","mput")) { - mflag++; - } - interactive = ointer; - } - } - continue; - } - - memset(&gl, 0, sizeof(gl)); - flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE; - if (glob(argv[i], flags, NULL, &gl) || gl.gl_pathc == 0) { - warnx("%s: not found", argv[i]); - globfree(&gl); - continue; - } - for (cpp = gl.gl_pathv; cpp && *cpp != NULL; cpp++) { - if (mflag && confirm(argv[0], *cpp)) { - tp = (ntflag) ? dotrans(*cpp) : *cpp; - tp = (mapflag) ? domap(tp) : tp; - sendrequest((sunique) ? "STOU" : "STOR", - *cpp, tp, - curtype == TYPE_I ? "rb" : "r", - *cpp != tp || !interactive); - if (!mflag && fromatty) { - ointer = interactive; - interactive = 1; - if (confirm("Continue with","mput")) { - mflag++; - } - interactive = ointer; - } - } - } - globfree(&gl); - } - signal(SIGINT, oldintr); - mflag = 0; -} - -void -reget(int argc, char **argv) -{ - getit(argc, argv, 1, curtype == TYPE_I ? "r+wb" : "r+w"); -} - -void -get(int argc, char **argv) -{ - char *filemode; - - if (restart_point) { - if (curtype == TYPE_I) - filemode = "r+wb"; - else - filemode = "r+w"; - } else { - if (curtype == TYPE_I) - filemode = "wb"; - else - filemode = "w"; - } - - getit(argc, argv, 0, filemode); -} - -/* - * Receive one file. - */ -int -getit(int argc, char **argv, int restartit, char *filemode) -{ - int loc = 0; - int local_given = 1; - char *oldargv1, *oldargv2; - - if (argc == 2) { - argc++; - local_given = 0; - argv[2] = argv[1]; - loc++; - } - if ((argc < 2 && !another(&argc, &argv, "remote-file")) || - (argc < 3 && !another(&argc, &argv, "local-file"))) { - printf("usage: %s remote-file [ local-file ]\n", argv[0]); - code = -1; - return (0); - } - oldargv1 = argv[1]; - oldargv2 = argv[2]; - if (!globulize(&argv[2])) { - code = -1; - return (0); - } - if (loc && mcase) { - char *tp = argv[1], *tp2, tmpbuf[MaxPathLen]; - - while (*tp && !islower((unsigned char)*tp)) { - tp++; - } - if (!*tp) { - tp = argv[2]; - tp2 = tmpbuf; - while ((*tp2 = *tp) != '\0') { - if (isupper((unsigned char)*tp2)) { - *tp2 = 'a' + *tp2 - 'A'; - } - tp++; - tp2++; - } - argv[2] = tmpbuf; - } - } - if (loc && ntflag) - argv[2] = dotrans(argv[2]); - if (loc && mapflag) - argv[2] = domap(argv[2]); - if (restartit) { - struct stat stbuf; - int ret; - - ret = stat(argv[2], &stbuf); - if (restartit == 1) { - if (ret < 0) { - warn("local: %s", argv[2]); - return (0); - } - restart_point = stbuf.st_size; - } else if (ret == 0) { - int overbose; - int cmdret; - int yy, mo, day, hour, min, sec; - struct tm *tm; - time_t mtime = stbuf.st_mtime; - - overbose = verbose; - if (debug == 0) - verbose = -1; - cmdret = command("MDTM %s", argv[1]); - verbose = overbose; - if (cmdret != COMPLETE) { - printf("%s\n", reply_string); - return (0); - } - if (sscanf(reply_string, - "%*s %04d%02d%02d%02d%02d%02d", - &yy, &mo, &day, &hour, &min, &sec) - != 6) { - printf ("bad MDTM result\n"); - return (0); - } - - tm = gmtime(&mtime); - tm->tm_mon++; - tm->tm_year += 1900; - - if ((tm->tm_year > yy) || - (tm->tm_year == yy && - tm->tm_mon > mo) || - (tm->tm_mon == mo && - tm->tm_mday > day) || - (tm->tm_mday == day && - tm->tm_hour > hour) || - (tm->tm_hour == hour && - tm->tm_min > min) || - (tm->tm_min == min && - tm->tm_sec > sec)) - return (1); - } - } - - recvrequest("RETR", argv[2], argv[1], filemode, - argv[1] != oldargv1 || argv[2] != oldargv2, local_given); - restart_point = 0; - return (0); -} - -static int -suspicious_filename(const char *fn) -{ - return strstr(fn, "../") != NULL || *fn == '/'; -} - -/* - * Get multiple files. - */ -void -mget(int argc, char **argv) -{ - sighand oldintr; - int ch, ointer; - char *cp, *tp, *tp2, tmpbuf[MaxPathLen]; - - if (argc < 2 && !another(&argc, &argv, "remote-files")) { - printf("usage: %s remote-files\n", argv[0]); - code = -1; - return; - } - mname = argv[0]; - mflag = 1; - oldintr = signal(SIGINT, mabort); - setjmp(jabort); - while ((cp = remglob(argv,proxy)) != NULL) { - if (*cp == '\0') { - mflag = 0; - continue; - } - if (mflag && suspicious_filename(cp)) - printf("*** Suspicious filename: %s\n", cp); - if (mflag && confirm(argv[0], cp)) { - tp = cp; - if (mcase) { - for (tp2 = tmpbuf;(ch = (unsigned char)*tp++);) - *tp2++ = tolower(ch); - *tp2 = '\0'; - tp = tmpbuf; - } - if (ntflag) { - tp = dotrans(tp); - } - if (mapflag) { - tp = domap(tp); - } - recvrequest("RETR", tp, cp, - curtype == TYPE_I ? "wb" : "w", - tp != cp || !interactive, 0); - if (!mflag && fromatty) { - ointer = interactive; - interactive = 1; - if (confirm("Continue with","mget")) { - mflag++; - } - interactive = ointer; - } - } - } - signal(SIGINT,oldintr); - mflag = 0; -} - -char * -remglob(char **argv, int doswitch) -{ - char temp[16]; - static char buf[MaxPathLen]; - static FILE *ftemp = NULL; - static char **args; - int oldverbose, oldhash; - char *cp, *filemode; - - if (!mflag) { - if (!doglob) { - args = NULL; - } - else { - if (ftemp) { - fclose(ftemp); - ftemp = NULL; - } - } - return (NULL); - } - if (!doglob) { - if (args == NULL) - args = argv; - if ((cp = *++args) == NULL) - args = NULL; - return (cp); - } - if (ftemp == NULL) { - int fd; - strlcpy(temp, _PATH_TMP_XXX, sizeof(temp)); - fd = mkstemp(temp); - if(fd < 0){ - warn("unable to create temporary file %s", temp); - return NULL; - } - close(fd); - oldverbose = verbose, verbose = 0; - oldhash = hash, hash = 0; - if (doswitch) { - pswitch(!proxy); - } - for (filemode = "w"; *++argv != NULL; filemode = "a") - recvrequest ("NLST", temp, *argv, filemode, 0, 0); - if (doswitch) { - pswitch(!proxy); - } - verbose = oldverbose; hash = oldhash; - ftemp = fopen(temp, "r"); - unlink(temp); - if (ftemp == NULL) { - printf("can't find list of remote files, oops\n"); - return (NULL); - } - } - while(fgets(buf, sizeof (buf), ftemp)) { - if ((cp = strchr(buf, '\n')) != NULL) - *cp = '\0'; - if(!interactive && suspicious_filename(buf)){ - printf("Ignoring remote globbed file `%s'\n", buf); - continue; - } - return buf; - } - fclose(ftemp); - ftemp = NULL; - return (NULL); -} - -char * -onoff(int bool) -{ - - return (bool ? "on" : "off"); -} - -/* - * Show status. - */ -/*ARGSUSED*/ -void -status(int argc, char **argv) -{ - int i; - - if (connected) - printf("Connected to %s.\n", hostname); - else - printf("Not connected.\n"); - if (!proxy) { - pswitch(1); - if (connected) { - printf("Connected for proxy commands to %s.\n", hostname); - } - else { - printf("No proxy connection.\n"); - } - pswitch(0); - } - sec_status(); - printf("Mode: %s; Type: %s; Form: %s; Structure: %s\n", - modename, typename, formname, structname); - printf("Verbose: %s; Bell: %s; Prompting: %s; Globbing: %s\n", - onoff(verbose), onoff(bell), onoff(interactive), - onoff(doglob)); - printf("Store unique: %s; Receive unique: %s\n", onoff(sunique), - onoff(runique)); - printf("Case: %s; CR stripping: %s\n",onoff(mcase),onoff(crflag)); - if (ntflag) { - printf("Ntrans: (in) %s (out) %s\n", ntin,ntout); - } - else { - printf("Ntrans: off\n"); - } - if (mapflag) { - printf("Nmap: (in) %s (out) %s\n", mapin, mapout); - } - else { - printf("Nmap: off\n"); - } - printf("Hash mark printing: %s; Use of PORT cmds: %s\n", - onoff(hash), onoff(sendport)); - if (macnum > 0) { - printf("Macros:\n"); - for (i=0; i 1) { - val = atoi(argv[1]); - if (val < 0) { - printf("%s: bad debugging value.\n", argv[1]); - code = -1; - return; - } - } else - val = !debug; - debug = val; - if (debug) - options |= SO_DEBUG; - else - options &= ~SO_DEBUG; - printf("Debugging %s (debug=%d).\n", onoff(debug), debug); - code = debug > 0; -} - -/* - * Set current working directory - * on remote machine. - */ -void -cd(int argc, char **argv) -{ - - if (argc < 2 && !another(&argc, &argv, "remote-directory")) { - printf("usage: %s remote-directory\n", argv[0]); - code = -1; - return; - } - if (command("CWD %s", argv[1]) == ERROR && code == 500) { - if (verbose) - printf("CWD command not recognized, trying XCWD\n"); - command("XCWD %s", argv[1]); - } -} - -/* - * Set current working directory - * on local machine. - */ -void -lcd(int argc, char **argv) -{ - char buf[MaxPathLen]; - - if (argc < 2) - argc++, argv[1] = home; - if (argc != 2) { - printf("usage: %s local-directory\n", argv[0]); - code = -1; - return; - } - if (!globulize(&argv[1])) { - code = -1; - return; - } - if (chdir(argv[1]) < 0) { - warn("local: %s", argv[1]); - code = -1; - return; - } - if (getcwd(buf, sizeof(buf)) != NULL) - printf("Local directory now %s\n", buf); - else - warnx("getwd: %s", buf); - code = 0; -} - -/* - * Delete a single file. - */ -void -delete(int argc, char **argv) -{ - - if (argc < 2 && !another(&argc, &argv, "remote-file")) { - printf("usage: %s remote-file\n", argv[0]); - code = -1; - return; - } - command("DELE %s", argv[1]); -} - -/* - * Delete multiple files. - */ -void -mdelete(int argc, char **argv) -{ - sighand oldintr; - int ointer; - char *cp; - - if (argc < 2 && !another(&argc, &argv, "remote-files")) { - printf("usage: %s remote-files\n", argv[0]); - code = -1; - return; - } - mname = argv[0]; - mflag = 1; - oldintr = signal(SIGINT, mabort); - setjmp(jabort); - while ((cp = remglob(argv,0)) != NULL) { - if (*cp == '\0') { - mflag = 0; - continue; - } - if (mflag && confirm(argv[0], cp)) { - command("DELE %s", cp); - if (!mflag && fromatty) { - ointer = interactive; - interactive = 1; - if (confirm("Continue with", "mdelete")) { - mflag++; - } - interactive = ointer; - } - } - } - signal(SIGINT, oldintr); - mflag = 0; -} - -/* - * Rename a remote file. - */ -void -renamefile(int argc, char **argv) -{ - - if (argc < 2 && !another(&argc, &argv, "from-name")) - goto usage; - if (argc < 3 && !another(&argc, &argv, "to-name")) { -usage: - printf("%s from-name to-name\n", argv[0]); - code = -1; - return; - } - if (command("RNFR %s", argv[1]) == CONTINUE) - command("RNTO %s", argv[2]); -} - -/* - * Get a directory listing - * of remote files. - */ -void -ls(int argc, char **argv) -{ - char *cmd; - - if (argc < 2) - argc++, argv[1] = NULL; - if (argc < 3) - argc++, argv[2] = "-"; - if (argc > 3) { - printf("usage: %s remote-directory local-file\n", argv[0]); - code = -1; - return; - } - cmd = argv[0][0] == 'n' ? "NLST" : "LIST"; - if (strcmp(argv[2], "-") && !globulize(&argv[2])) { - code = -1; - return; - } - if (strcmp(argv[2], "-") && *argv[2] != '|') - if (!globulize(&argv[2]) || !confirm("output to local-file:", - argv[2])) { - code = -1; - return; - } - recvrequest(cmd, argv[2], argv[1], "w", 0, 1); -} - -/* - * Get a directory listing - * of multiple remote files. - */ -void -mls(int argc, char **argv) -{ - sighand oldintr; - int ointer, i; - char *cmd, filemode[2], *dest; - - if (argc < 2 && !another(&argc, &argv, "remote-files")) - goto usage; - if (argc < 3 && !another(&argc, &argv, "local-file")) { -usage: - printf("usage: %s remote-files local-file\n", argv[0]); - code = -1; - return; - } - dest = argv[argc - 1]; - argv[argc - 1] = NULL; - if (strcmp(dest, "-") && *dest != '|') - if (!globulize(&dest) || - !confirm("output to local-file:", dest)) { - code = -1; - return; - } - cmd = argv[0][1] == 'l' ? "NLST" : "LIST"; - mname = argv[0]; - mflag = 1; - oldintr = signal(SIGINT, mabort); - setjmp(jabort); - filemode[1] = '\0'; - for (i = 1; mflag && i < argc-1; ++i) { - *filemode = (i == 1) ? 'w' : 'a'; - recvrequest(cmd, dest, argv[i], filemode, 0, 1); - if (!mflag && fromatty) { - ointer = interactive; - interactive = 1; - if (confirm("Continue with", argv[0])) { - mflag ++; - } - interactive = ointer; - } - } - signal(SIGINT, oldintr); - mflag = 0; -} - -/* - * Do a shell escape - */ -/*ARGSUSED*/ -void -shell(int argc, char **argv) -{ - pid_t pid; - RETSIGTYPE (*old1)(int), (*old2)(int); - char shellnam[40], *shellpath, *namep; - int waitstatus; - - old1 = signal (SIGINT, SIG_IGN); - old2 = signal (SIGQUIT, SIG_IGN); - if ((pid = fork()) == 0) { - for (pid = 3; pid < 20; pid++) - close(pid); - signal(SIGINT, SIG_DFL); - signal(SIGQUIT, SIG_DFL); - shellpath = getenv("SHELL"); - if (shellpath == NULL) - shellpath = _PATH_BSHELL; - namep = strrchr(shellpath, '/'); - if (namep == NULL) - namep = shellpath; - snprintf (shellnam, sizeof(shellnam), - "-%s", ++namep); - if (strcmp(namep, "sh") != 0) - shellnam[0] = '+'; - if (debug) { - printf ("%s\n", shellpath); - fflush (stdout); - } - if (argc > 1) { - execl(shellpath,shellnam,"-c",altarg,(char *)0); - } - else { - execl(shellpath,shellnam,(char *)0); - } - warn("%s", shellpath); - code = -1; - exit(1); - } - if (pid > 0) - while (waitpid(-1, &waitstatus, 0) != pid) - ; - signal(SIGINT, old1); - signal(SIGQUIT, old2); - if (pid == -1) { - warn("%s", "Try again later"); - code = -1; - } - else { - code = 0; - } -} - -/* - * Send new user information (re-login) - */ -void -user(int argc, char **argv) -{ - char acctstr[80]; - int n, aflag = 0; - char tmp[256]; - - if (argc < 2) - another(&argc, &argv, "username"); - if (argc < 2 || argc > 4) { - printf("usage: %s username [password] [account]\n", argv[0]); - code = -1; - return; - } - n = command("USER %s", argv[1]); - if (n == CONTINUE) { - if (argc < 3 ) { - UI_UTIL_read_pw_string (tmp, - sizeof(tmp), - "Password: ", 0); - argv[2] = tmp; - argc++; - } - n = command("PASS %s", argv[2]); - } - if (n == CONTINUE) { - if (argc < 4) { - printf("Account: "); fflush(stdout); - fgets(acctstr, sizeof(acctstr) - 1, stdin); - acctstr[strcspn(acctstr, "\r\n")] = '\0'; - argv[3] = acctstr; argc++; - } - n = command("ACCT %s", argv[3]); - aflag++; - } - if (n != COMPLETE) { - fprintf(stdout, "Login failed.\n"); - return; - } - if (!aflag && argc == 4) { - command("ACCT %s", argv[3]); - } -} - -/* - * Print working directory. - */ -/*VARARGS*/ -void -pwd(int argc, char **argv) -{ - int oldverbose = verbose; - - /* - * If we aren't verbose, this doesn't do anything! - */ - verbose = 1; - if (command("PWD") == ERROR && code == 500) { - printf("PWD command not recognized, trying XPWD\n"); - command("XPWD"); - } - verbose = oldverbose; -} - -/* - * Make a directory. - */ -void -makedir(int argc, char **argv) -{ - - if (argc < 2 && !another(&argc, &argv, "directory-name")) { - printf("usage: %s directory-name\n", argv[0]); - code = -1; - return; - } - if (command("MKD %s", argv[1]) == ERROR && code == 500) { - if (verbose) - printf("MKD command not recognized, trying XMKD\n"); - command("XMKD %s", argv[1]); - } -} - -/* - * Remove a directory. - */ -void -removedir(int argc, char **argv) -{ - - if (argc < 2 && !another(&argc, &argv, "directory-name")) { - printf("usage: %s directory-name\n", argv[0]); - code = -1; - return; - } - if (command("RMD %s", argv[1]) == ERROR && code == 500) { - if (verbose) - printf("RMD command not recognized, trying XRMD\n"); - command("XRMD %s", argv[1]); - } -} - -/* - * Send a line, verbatim, to the remote machine. - */ -void -quote(int argc, char **argv) -{ - - if (argc < 2 && !another(&argc, &argv, "command line to send")) { - printf("usage: %s line-to-send\n", argv[0]); - code = -1; - return; - } - quote1("", argc, argv); -} - -/* - * Send a SITE command to the remote machine. The line - * is sent verbatim to the remote machine, except that the - * word "SITE" is added at the front. - */ -void -site(int argc, char **argv) -{ - - if (argc < 2 && !another(&argc, &argv, "arguments to SITE command")) { - printf("usage: %s line-to-send\n", argv[0]); - code = -1; - return; - } - quote1("SITE ", argc, argv); -} - -/* - * Turn argv[1..argc) into a space-separated string, then prepend initial text. - * Send the result as a one-line command and get response. - */ -void -quote1(char *initial, int argc, char **argv) -{ - int i; - char buf[BUFSIZ]; /* must be >= sizeof(line) */ - - strlcpy(buf, initial, sizeof(buf)); - for(i = 1; i < argc; i++) { - if(i > 1) - strlcat(buf, " ", sizeof(buf)); - strlcat(buf, argv[i], sizeof(buf)); - } - if (command("%s", buf) == PRELIM) { - while (getreply(0) == PRELIM) - continue; - } -} - -void -do_chmod(int argc, char **argv) -{ - - if (argc < 2 && !another(&argc, &argv, "mode")) - goto usage; - if (argc < 3 && !another(&argc, &argv, "file-name")) { -usage: - printf("usage: %s mode file-name\n", argv[0]); - code = -1; - return; - } - command("SITE CHMOD %s %s", argv[1], argv[2]); -} - -void -do_umask(int argc, char **argv) -{ - int oldverbose = verbose; - - verbose = 1; - command(argc == 1 ? "SITE UMASK" : "SITE UMASK %s", argv[1]); - verbose = oldverbose; -} - -void -ftp_idle(int argc, char **argv) -{ - int oldverbose = verbose; - - verbose = 1; - command(argc == 1 ? "SITE IDLE" : "SITE IDLE %s", argv[1]); - verbose = oldverbose; -} - -/* - * Ask the other side for help. - */ -void -rmthelp(int argc, char **argv) -{ - int oldverbose = verbose; - - verbose = 1; - command(argc == 1 ? "HELP" : "HELP %s", argv[1]); - verbose = oldverbose; -} - -/* - * Terminate session and exit. - */ -/*VARARGS*/ -void -quit(int argc, char **argv) -{ - - if (connected) - disconnect(0, 0); - pswitch(1); - if (connected) { - disconnect(0, 0); - } - exit(0); -} - -/* - * Terminate session, but don't exit. - */ -void -disconnect(int argc, char **argv) -{ - - if (!connected) - return; - command("QUIT"); - if (cout) { - fclose(cout); - } - cout = NULL; - connected = 0; - sec_end(); - data = -1; - if (!proxy) { - macnum = 0; - } -} - -int -confirm(char *cmd, char *file) -{ - char buf[BUFSIZ]; - - if (!interactive) - return (1); - printf("%s %s? ", cmd, file); - fflush(stdout); - if (fgets(buf, sizeof buf, stdin) == NULL) - return (0); - return (*buf == 'y' || *buf == 'Y'); -} - -void -fatal(char *msg) -{ - - errx(1, "%s", msg); -} - -/* - * Glob a local file name specification with - * the expectation of a single return value. - * Can't control multiple values being expanded - * from the expression, we return only the first. - */ -int -globulize(char **cpp) -{ - glob_t gl; - int flags; - - if (!doglob) - return (1); - - flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE; - memset(&gl, 0, sizeof(gl)); - if (glob(*cpp, flags, NULL, &gl) || - gl.gl_pathc == 0) { - warnx("%s: not found", *cpp); - globfree(&gl); - return (0); - } - *cpp = strdup(gl.gl_pathv[0]); /* XXX - wasted memory */ - globfree(&gl); - return (1); -} - -void -account(int argc, char **argv) -{ - char acctstr[50]; - - if (argc > 1) { - ++argv; - --argc; - strlcpy (acctstr, *argv, sizeof(acctstr)); - while (argc > 1) { - --argc; - ++argv; - strlcat(acctstr, *argv, sizeof(acctstr)); - } - } - else { - UI_UTIL_read_pw_string(acctstr, sizeof(acctstr), "Account:", 0); - } - command("ACCT %s", acctstr); -} - -jmp_buf abortprox; - -static RETSIGTYPE -proxabort(int sig) -{ - - if (!proxy) { - pswitch(1); - } - if (connected) { - proxflag = 1; - } - else { - proxflag = 0; - } - pswitch(0); - longjmp(abortprox,1); -} - -void -doproxy(int argc, char **argv) -{ - struct cmd *c; - RETSIGTYPE (*oldintr)(int); - - if (argc < 2 && !another(&argc, &argv, "command")) { - printf("usage: %s command\n", argv[0]); - code = -1; - return; - } - c = getcmd(argv[1]); - if (c == (struct cmd *) -1) { - printf("?Ambiguous command\n"); - fflush(stdout); - code = -1; - return; - } - if (c == 0) { - printf("?Invalid command\n"); - fflush(stdout); - code = -1; - return; - } - if (!c->c_proxy) { - printf("?Invalid proxy command\n"); - fflush(stdout); - code = -1; - return; - } - if (setjmp(abortprox)) { - code = -1; - return; - } - oldintr = signal(SIGINT, proxabort); - pswitch(1); - if (c->c_conn && !connected) { - printf("Not connected\n"); - fflush(stdout); - pswitch(0); - signal(SIGINT, oldintr); - code = -1; - return; - } - (*c->c_handler)(argc-1, argv+1); - if (connected) { - proxflag = 1; - } - else { - proxflag = 0; - } - pswitch(0); - signal(SIGINT, oldintr); -} - -void -setcase(int argc, char **argv) -{ - - mcase = !mcase; - printf("Case mapping %s.\n", onoff(mcase)); - code = mcase; -} - -void -setcr(int argc, char **argv) -{ - - crflag = !crflag; - printf("Carriage Return stripping %s.\n", onoff(crflag)); - code = crflag; -} - -void -setntrans(int argc, char **argv) -{ - if (argc == 1) { - ntflag = 0; - printf("Ntrans off.\n"); - code = ntflag; - return; - } - ntflag++; - code = ntflag; - strlcpy (ntin, argv[1], 17); - if (argc == 2) { - ntout[0] = '\0'; - return; - } - strlcpy (ntout, argv[2], 17); -} - -char * -dotrans(char *name) -{ - static char new[MaxPathLen]; - char *cp1, *cp2 = new; - int i, ostop, found; - - for (ostop = 0; *(ntout + ostop) && ostop < 16; ostop++) - continue; - for (cp1 = name; *cp1; cp1++) { - found = 0; - for (i = 0; *(ntin + i) && i < 16; i++) { - if (*cp1 == *(ntin + i)) { - found++; - if (i < ostop) { - *cp2++ = *(ntout + i); - } - break; - } - } - if (!found) { - *cp2++ = *cp1; - } - } - *cp2 = '\0'; - return (new); -} - -void -setnmap(int argc, char **argv) -{ - char *cp; - - if (argc == 1) { - mapflag = 0; - printf("Nmap off.\n"); - code = mapflag; - return; - } - if (argc < 3 && !another(&argc, &argv, "mapout")) { - printf("Usage: %s [mapin mapout]\n",argv[0]); - code = -1; - return; - } - mapflag = 1; - code = 1; - cp = strchr(altarg, ' '); - if (proxy) { - while(*++cp == ' ') - continue; - altarg = cp; - cp = strchr(altarg, ' '); - } - *cp = '\0'; - strlcpy(mapin, altarg, MaxPathLen); - while (*++cp == ' ') - continue; - strlcpy(mapout, cp, MaxPathLen); -} - -char * -domap(char *name) -{ - static char new[MaxPathLen]; - char *cp1 = name, *cp2 = mapin; - char *tp[9], *te[9]; - int i, toks[9], toknum = 0, match = 1; - - for (i=0; i < 9; ++i) { - toks[i] = 0; - } - while (match && *cp1 && *cp2) { - switch (*cp2) { - case '\\': - if (*++cp2 != *cp1) { - match = 0; - } - break; - case '$': - if (*(cp2+1) >= '1' && (*cp2+1) <= '9') { - if (*cp1 != *(++cp2+1)) { - toks[toknum = *cp2 - '1']++; - tp[toknum] = cp1; - while (*++cp1 && *(cp2+1) - != *cp1); - te[toknum] = cp1; - } - cp2++; - break; - } - /* FALLTHROUGH */ - default: - if (*cp2 != *cp1) { - match = 0; - } - break; - } - if (match && *cp1) { - cp1++; - } - if (match && *cp2) { - cp2++; - } - } - if (!match && *cp1) /* last token mismatch */ - { - toks[toknum] = 0; - } - cp1 = new; - *cp1 = '\0'; - cp2 = mapout; - while (*cp2) { - match = 0; - switch (*cp2) { - case '\\': - if (*(cp2 + 1)) { - *cp1++ = *++cp2; - } - break; - case '[': -LOOP: - if (*++cp2 == '$' && isdigit((unsigned char)*(cp2+1))) { - if (*++cp2 == '0') { - char *cp3 = name; - - while (*cp3) { - *cp1++ = *cp3++; - } - match = 1; - } - else if (toks[toknum = *cp2 - '1']) { - char *cp3 = tp[toknum]; - - while (cp3 != te[toknum]) { - *cp1++ = *cp3++; - } - match = 1; - } - } - else { - while (*cp2 && *cp2 != ',' && - *cp2 != ']') { - if (*cp2 == '\\') { - cp2++; - } - else if (*cp2 == '$' && - isdigit((unsigned char)*(cp2+1))) { - if (*++cp2 == '0') { - char *cp3 = name; - - while (*cp3) { - *cp1++ = *cp3++; - } - } - else if (toks[toknum = - *cp2 - '1']) { - char *cp3=tp[toknum]; - - while (cp3 != - te[toknum]) { - *cp1++ = *cp3++; - } - } - } - else if (*cp2) { - *cp1++ = *cp2++; - } - } - if (!*cp2) { - printf("nmap: unbalanced brackets\n"); - return (name); - } - match = 1; - cp2--; - } - if (match) { - while (*++cp2 && *cp2 != ']') { - if (*cp2 == '\\' && *(cp2 + 1)) { - cp2++; - } - } - if (!*cp2) { - printf("nmap: unbalanced brackets\n"); - return (name); - } - break; - } - switch (*++cp2) { - case ',': - goto LOOP; - case ']': - break; - default: - cp2--; - goto LOOP; - } - break; - case '$': - if (isdigit((unsigned char)*(cp2 + 1))) { - if (*++cp2 == '0') { - char *cp3 = name; - - while (*cp3) { - *cp1++ = *cp3++; - } - } - else if (toks[toknum = *cp2 - '1']) { - char *cp3 = tp[toknum]; - - while (cp3 != te[toknum]) { - *cp1++ = *cp3++; - } - } - break; - } - /* intentional drop through */ - default: - *cp1++ = *cp2; - break; - } - cp2++; - } - *cp1 = '\0'; - if (!*new) { - return (name); - } - return (new); -} - -void -setpassive(int argc, char **argv) -{ - - passivemode = !passivemode; - printf("Passive mode %s.\n", onoff(passivemode)); - code = passivemode; -} - -void -setsunique(int argc, char **argv) -{ - - sunique = !sunique; - printf("Store unique %s.\n", onoff(sunique)); - code = sunique; -} - -void -setrunique(int argc, char **argv) -{ - - runique = !runique; - printf("Receive unique %s.\n", onoff(runique)); - code = runique; -} - -/* change directory to perent directory */ -void -cdup(int argc, char **argv) -{ - - if (command("CDUP") == ERROR && code == 500) { - if (verbose) - printf("CDUP command not recognized, trying XCUP\n"); - command("XCUP"); - } -} - -/* restart transfer at specific point */ -void -restart(int argc, char **argv) -{ - - if (argc != 2) - printf("restart: offset not specified\n"); - else { - restart_point = atol(argv[1]); - printf("restarting at %ld. %s\n", (long)restart_point, - "execute get, put or append to initiate transfer"); - } -} - -/* show remote system type */ -void -syst(int argc, char **argv) -{ - - command("SYST"); -} - -void -macdef(int argc, char **argv) -{ - char *tmp; - int c; - - if (macnum == 16) { - printf("Limit of 16 macros have already been defined\n"); - code = -1; - return; - } - if (argc < 2 && !another(&argc, &argv, "macro name")) { - printf("Usage: %s macro_name\n",argv[0]); - code = -1; - return; - } - if (interactive) { - printf("Enter macro line by line, terminating it with a null line\n"); - } - strlcpy(macros[macnum].mac_name, - argv[1], - sizeof(macros[macnum].mac_name)); - if (macnum == 0) { - macros[macnum].mac_start = macbuf; - } - else { - macros[macnum].mac_start = macros[macnum - 1].mac_end + 1; - } - tmp = macros[macnum].mac_start; - while (tmp != macbuf+4096) { - if ((c = getchar()) == EOF) { - printf("macdef:end of file encountered\n"); - code = -1; - return; - } - if ((*tmp = c) == '\n') { - if (tmp == macros[macnum].mac_start) { - macros[macnum++].mac_end = tmp; - code = 0; - return; - } - if (*(tmp-1) == '\0') { - macros[macnum++].mac_end = tmp - 1; - code = 0; - return; - } - *tmp = '\0'; - } - tmp++; - } - while (1) { - while ((c = getchar()) != '\n' && c != EOF) - /* LOOP */; - if (c == EOF || getchar() == '\n') { - printf("Macro not defined - 4k buffer exceeded\n"); - code = -1; - return; - } - } -} - -/* - * get size of file on remote machine - */ -void -sizecmd(int argc, char **argv) -{ - - if (argc < 2 && !another(&argc, &argv, "filename")) { - printf("usage: %s filename\n", argv[0]); - code = -1; - return; - } - command("SIZE %s", argv[1]); -} - -/* - * get last modification time of file on remote machine - */ -void -modtime(int argc, char **argv) -{ - int overbose; - - if (argc < 2 && !another(&argc, &argv, "filename")) { - printf("usage: %s filename\n", argv[0]); - code = -1; - return; - } - overbose = verbose; - if (debug == 0) - verbose = -1; - if (command("MDTM %s", argv[1]) == COMPLETE) { - int yy, mo, day, hour, min, sec; - sscanf(reply_string, "%*s %04d%02d%02d%02d%02d%02d", &yy, &mo, - &day, &hour, &min, &sec); - /* might want to print this in local time */ - printf("%s\t%02d/%02d/%04d %02d:%02d:%02d GMT\n", argv[1], - mo, day, yy, hour, min, sec); - } else - printf("%s\n", reply_string); - verbose = overbose; -} - -/* - * show status on reomte machine - */ -void -rmtstatus(int argc, char **argv) -{ - - command(argc > 1 ? "STAT %s" : "STAT" , argv[1]); -} - -/* - * get file if modtime is more recent than current file - */ -void -newer(int argc, char **argv) -{ - - if (getit(argc, argv, -1, curtype == TYPE_I ? "wb" : "w")) - printf("Local file \"%s\" is newer than remote file \"%s\"\n", - argv[2], argv[1]); -} - -void -klist(int argc, char **argv) -{ - int ret; - if(argc != 1){ - printf("usage: %s\n", argv[0]); - code = -1; - return; - } - - ret = command("SITE KLIST"); - code = (ret == COMPLETE); -} diff --git a/crypto/heimdal/appl/ftp/ftp/cmdtab.c b/crypto/heimdal/appl/ftp/ftp/cmdtab.c deleted file mode 100644 index 1c65e715895d..000000000000 --- a/crypto/heimdal/appl/ftp/ftp/cmdtab.c +++ /dev/null @@ -1,217 +0,0 @@ -/* - * Copyright (c) 1985, 1989, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ftp_locl.h" - -/* - * User FTP -- Command Tables. - */ - -char accounthelp[] = "send account command to remote server"; -char appendhelp[] = "append to a file"; -char asciihelp[] = "set ascii transfer type"; -char beephelp[] = "beep when command completed"; -char binaryhelp[] = "set binary transfer type"; -char casehelp[] = "toggle mget upper/lower case id mapping"; -char cdhelp[] = "change remote working directory"; -char cduphelp[] = "change remote working directory to parent directory"; -char chmodhelp[] = "change file permissions of remote file"; -char connecthelp[] = "connect to remote tftp"; -char crhelp[] = "toggle carriage return stripping on ascii gets"; -char deletehelp[] = "delete remote file"; -char debughelp[] = "toggle/set debugging mode"; -char dirhelp[] = "list contents of remote directory"; -char disconhelp[] = "terminate ftp session"; -char domachelp[] = "execute macro"; -char formhelp[] = "set file transfer format"; -char globhelp[] = "toggle metacharacter expansion of local file names"; -char hashhelp[] = "toggle printing `#' for each buffer transferred"; -char helphelp[] = "print local help information"; -char idlehelp[] = "get (set) idle timer on remote side"; -char lcdhelp[] = "change local working directory"; -char lshelp[] = "list contents of remote directory"; -char macdefhelp[] = "define a macro"; -char mdeletehelp[] = "delete multiple files"; -char mdirhelp[] = "list contents of multiple remote directories"; -char mgethelp[] = "get multiple files"; -char mkdirhelp[] = "make directory on the remote machine"; -char mlshelp[] = "list contents of multiple remote directories"; -char modtimehelp[] = "show last modification time of remote file"; -char modehelp[] = "set file transfer mode"; -char mputhelp[] = "send multiple files"; -char newerhelp[] = "get file if remote file is newer than local file "; -char nlisthelp[] = "nlist contents of remote directory"; -char nmaphelp[] = "set templates for default file name mapping"; -char ntranshelp[] = "set translation table for default file name mapping"; -char porthelp[] = "toggle use of PORT cmd for each data connection"; -char prompthelp[] = "force interactive prompting on multiple commands"; -char proxyhelp[] = "issue command on alternate connection"; -char pwdhelp[] = "print working directory on remote machine"; -char quithelp[] = "terminate ftp session and exit"; -char quotehelp[] = "send arbitrary ftp command"; -char receivehelp[] = "receive file"; -char regethelp[] = "get file restarting at end of local file"; -char remotehelp[] = "get help from remote server"; -char renamehelp[] = "rename file"; -char restarthelp[]= "restart file transfer at bytecount"; -char rmdirhelp[] = "remove directory on the remote machine"; -char rmtstatushelp[]="show status of remote machine"; -char runiquehelp[] = "toggle store unique for local files"; -char resethelp[] = "clear queued command replies"; -char sendhelp[] = "send one file"; -char passivehelp[] = "enter passive transfer mode"; -char sitehelp[] = "send site specific command to remote server\n\t\tTry \"rhelp site\" or \"site help\" for more information"; -char shellhelp[] = "escape to the shell"; -char sizecmdhelp[] = "show size of remote file"; -char statushelp[] = "show current status"; -char structhelp[] = "set file transfer structure"; -char suniquehelp[] = "toggle store unique on remote machine"; -char systemhelp[] = "show remote system type"; -char tenexhelp[] = "set tenex file transfer type"; -char tracehelp[] = "toggle packet tracing"; -char typehelp[] = "set file transfer type"; -char umaskhelp[] = "get (set) umask on remote side"; -char userhelp[] = "send new user information"; -char verbosehelp[] = "toggle verbose mode"; - -char prothelp[] = "set protection level"; -char prothelp_c[] = "set command protection level"; -#ifdef KRB4 -char kauthhelp[] = "get remote tokens"; -#endif -#if defined(KRB4) || defined(KRB5) -char klisthelp[] = "show remote tickets"; -#endif -#ifdef KRB4 -char kdestroyhelp[] = "destroy remote tickets"; -char krbtkfilehelp[] = "set filename of remote tickets"; -#endif -#if defined(KRB4) || defined(KRB5) -char afsloghelp[] = "obtain remote AFS tokens"; -#endif - -struct cmd cmdtab[] = { - { "!", shellhelp, 0, 0, 0, shell }, - { "$", domachelp, 1, 0, 0, domacro }, - { "account", accounthelp, 0, 1, 1, account}, - { "append", appendhelp, 1, 1, 1, put }, - { "ascii", asciihelp, 0, 1, 1, setascii }, - { "bell", beephelp, 0, 0, 0, setbell }, - { "binary", binaryhelp, 0, 1, 1, setbinary }, - { "bye", quithelp, 0, 0, 0, quit }, - { "case", casehelp, 0, 0, 1, setcase }, - { "cd", cdhelp, 0, 1, 1, cd }, - { "cdup", cduphelp, 0, 1, 1, cdup }, - { "chmod", chmodhelp, 0, 1, 1, do_chmod }, - { "close", disconhelp, 0, 1, 1, disconnect }, - { "cr", crhelp, 0, 0, 0, setcr }, - { "delete", deletehelp, 0, 1, 1, delete }, - { "debug", debughelp, 0, 0, 0, setdebug }, - { "dir", dirhelp, 1, 1, 1, ls }, - { "disconnect", disconhelp, 0, 1, 1, disconnect }, - { "form", formhelp, 0, 1, 1, setform }, - { "get", receivehelp, 1, 1, 1, get }, - { "glob", globhelp, 0, 0, 0, setglob }, - { "hash", hashhelp, 0, 0, 0, sethash }, - { "help", helphelp, 0, 0, 1, help }, - { "idle", idlehelp, 0, 1, 1, ftp_idle }, - { "image", binaryhelp, 0, 1, 1, setbinary }, - { "lcd", lcdhelp, 0, 0, 0, lcd }, - { "ls", lshelp, 1, 1, 1, ls }, - { "macdef", macdefhelp, 0, 0, 0, macdef }, - { "mdelete", mdeletehelp, 1, 1, 1, mdelete }, - { "mdir", mdirhelp, 1, 1, 1, mls }, - { "mget", mgethelp, 1, 1, 1, mget }, - { "mkdir", mkdirhelp, 0, 1, 1, makedir }, - { "mls", mlshelp, 1, 1, 1, mls }, - { "mode", modehelp, 0, 1, 1, setftmode }, - { "modtime", modtimehelp, 0, 1, 1, modtime }, - { "mput", mputhelp, 1, 1, 1, mput }, - { "newer", newerhelp, 1, 1, 1, newer }, - { "nmap", nmaphelp, 0, 0, 1, setnmap }, - { "nlist", nlisthelp, 1, 1, 1, ls }, - { "ntrans", ntranshelp, 0, 0, 1, setntrans }, - { "open", connecthelp, 0, 0, 1, setpeer }, - { "passive", passivehelp, 0, 0, 0, setpassive }, - { "prompt", prompthelp, 0, 0, 0, setprompt }, - { "proxy", proxyhelp, 0, 0, 1, doproxy }, - { "sendport", porthelp, 0, 0, 0, setport }, - { "put", sendhelp, 1, 1, 1, put }, - { "pwd", pwdhelp, 0, 1, 1, pwd }, - { "quit", quithelp, 0, 0, 0, quit }, - { "quote", quotehelp, 1, 1, 1, quote }, - { "recv", receivehelp, 1, 1, 1, get }, - { "reget", regethelp, 1, 1, 1, reget }, - { "rstatus", rmtstatushelp, 0, 1, 1, rmtstatus }, - { "rhelp", remotehelp, 0, 1, 1, rmthelp }, - { "rename", renamehelp, 0, 1, 1, renamefile }, - { "reset", resethelp, 0, 1, 1, reset }, - { "restart", restarthelp, 1, 1, 1, restart }, - { "rmdir", rmdirhelp, 0, 1, 1, removedir }, - { "runique", runiquehelp, 0, 0, 1, setrunique }, - { "send", sendhelp, 1, 1, 1, put }, - { "site", sitehelp, 0, 1, 1, site }, - { "size", sizecmdhelp, 1, 1, 1, sizecmd }, - { "status", statushelp, 0, 0, 1, status }, - { "struct", structhelp, 0, 1, 1, setstruct }, - { "system", systemhelp, 0, 1, 1, syst }, - { "sunique", suniquehelp, 0, 0, 1, setsunique }, - { "tenex", tenexhelp, 0, 1, 1, settenex }, - { "trace", tracehelp, 0, 0, 0, settrace }, - { "type", typehelp, 0, 1, 1, settype }, - { "user", userhelp, 0, 1, 1, user }, - { "umask", umaskhelp, 0, 1, 1, do_umask }, - { "verbose", verbosehelp, 0, 0, 0, setverbose }, - { "?", helphelp, 0, 0, 1, help }, - - { "protect", prothelp, 0, 1, 0, sec_prot }, - /* what MIT uses */ - { "cprotect", prothelp_c, 0, 1, 1, sec_prot_command }, -#ifdef KRB4 - { "kauth", kauthhelp, 0, 1, 0, kauth }, -#endif -#if defined(KRB4) || defined(KRB5) - { "klist", klisthelp, 0, 1, 0, klist }, -#endif -#ifdef KRB4 - { "kdestroy", kdestroyhelp, 0, 1, 0, kdestroy }, - { "krbtkfile", krbtkfilehelp, 0, 1, 0, krbtkfile }, -#endif -#if defined(KRB4) || defined(KRB5) - { "afslog", afsloghelp, 0, 1, 0, afslog }, -#endif - - { 0 }, -}; - -int NCMDS = (sizeof (cmdtab) / sizeof (cmdtab[0])) - 1; diff --git a/crypto/heimdal/appl/ftp/ftp/domacro.c b/crypto/heimdal/appl/ftp/ftp/domacro.c deleted file mode 100644 index f0be87a05311..000000000000 --- a/crypto/heimdal/appl/ftp/ftp/domacro.c +++ /dev/null @@ -1,148 +0,0 @@ -/* - * Copyright (c) 1985, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ftp_locl.h" -RCSID("$Id: domacro.c 14951 2005-04-25 13:09:26Z lha $"); - -void -domacro(int argc, char **argv) -{ - int i, j, count = 2, loopflg = 0; - char *cp1, *cp2, line2[200]; - struct cmd *c; - - if (argc < 2 && !another(&argc, &argv, "macro name")) { - printf("Usage: %s macro_name.\n", argv[0]); - code = -1; - return; - } - for (i = 0; i < macnum; ++i) { - if (!strncmp(argv[1], macros[i].mac_name, 9)) { - break; - } - } - if (i == macnum) { - printf("'%s' macro not found.\n", argv[1]); - code = -1; - return; - } - strlcpy(line2, line, sizeof(line2)); -TOP: - cp1 = macros[i].mac_start; - while (cp1 != macros[i].mac_end) { - while (isspace((unsigned char)*cp1)) { - cp1++; - } - cp2 = line; - while (*cp1 != '\0') { - size_t len; - switch(*cp1) { - case '\\': - if (line + sizeof(line) - 2 < cp2) - goto out; - *cp2++ = *++cp1; - break; - case '$': - if (isdigit((unsigned char)*(cp1+1))) { - j = 0; - while (isdigit((unsigned char)*++cp1)) { - j = 10*j + *cp1 - '0'; - } - cp1--; - if (argc - 2 >= j) { - len = sizeof(line) - (cp2 - line) - 1; - if (strlcpy(cp2, argv[j+1], len) >= len) - goto out; - cp2 += strlen(argv[j+1]); - } - break; - } - if (*(cp1+1) == 'i') { - loopflg = 1; - cp1++; - if (count < argc) { - len = sizeof(line) - (cp2 - line) - 1; - if (strlcpy(cp2, argv[count], len) >= len) - goto out; - cp2 += strlen(argv[count]); - } - break; - } - /* intentional drop through */ - default: - if (line + sizeof(line) - 2 < cp2) - goto out; - *cp2++ = *cp1; - break; - } - if (*cp1 != '\0') { - cp1++; - } - } - out: - *cp2 = '\0'; - makeargv(); - c = getcmd(margv[0]); - if (c == (struct cmd *)-1) { - printf("?Ambiguous command\n"); - code = -1; - } - else if (c == 0) { - printf("?Invalid command\n"); - code = -1; - } - else if (c->c_conn && !connected) { - printf("Not connected.\n"); - code = -1; - } - else { - if (verbose) { - printf("%s\n",line); - } - (*c->c_handler)(margc, margv); - if (bell && c->c_bell) { - putchar('\007'); - } - strlcpy(line, line2, sizeof(line)); - makeargv(); - argc = margc; - argv = margv; - } - if (cp1 != macros[i].mac_end) { - cp1++; - } - } - if (loopflg && ++count < argc) { - goto TOP; - } -} diff --git a/crypto/heimdal/appl/ftp/ftp/extern.h b/crypto/heimdal/appl/ftp/ftp/extern.h deleted file mode 100644 index a38ccd9518d3..000000000000 --- a/crypto/heimdal/appl/ftp/ftp/extern.h +++ /dev/null @@ -1,174 +0,0 @@ -/*- - * Copyright (c) 1994 The Regents of the University of California. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)extern.h 8.3 (Berkeley) 10/9/94 - */ - -/* $Id: extern.h 9075 2000-09-19 13:15:12Z assar $ */ - -#include -#include -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#ifdef HAVE_SYS_SELECT_H -#include -#endif - -void abort_remote (FILE *); -void abortpt (int); -void abortrecv (int); -void account (int, char **); -int another (int *, char ***, char *); -void blkfree (char **); -void cd (int, char **); -void cdup (int, char **); -void changetype (int, int); -void cmdabort (int); -void cmdscanner (int); -int command (char *fmt, ...) - __attribute__ ((format (printf, 1,2))); -int confirm (char *, char *); -FILE *dataconn (const char *); -void delete (int, char **); -void disconnect (int, char **); -void do_chmod (int, char **); -void do_umask (int, char **); -void domacro (int, char **); -char *domap (char *); -void doproxy (int, char **); -char *dotrans (char *); -int empty (fd_set *, int); -void fatal (char *); -void get (int, char **); -struct cmd *getcmd (char *); -int getit (int, char **, int, char *); -int getreply (int); -int globulize (char **); -char *gunique (char *); -void help (int, char **); -char *hookup (const char *, int); -void ftp_idle (int, char **); -int initconn (void); -void intr (int); -void lcd (int, char **); -int login (char *); -RETSIGTYPE lostpeer (int); -void ls (int, char **); -void macdef (int, char **); -void makeargv (void); -void makedir (int, char **); -void mdelete (int, char **); -void mget (int, char **); -void mls (int, char **); -void modtime (int, char **); -void mput (int, char **); -char *onoff (int); -void newer (int, char **); -void proxtrans (char *, char *, char *); -void psabort (int); -void pswitch (int); -void ptransfer (char *, long, struct timeval *, struct timeval *); -void put (int, char **); -void pwd (int, char **); -void quit (int, char **); -void quote (int, char **); -void quote1 (char *, int, char **); -void recvrequest (char *, char *, char *, char *, int, int); -void reget (int, char **); -char *remglob (char **, int); -void removedir (int, char **); -void renamefile (int, char **); -void reset (int, char **); -void restart (int, char **); -void rmthelp (int, char **); -void rmtstatus (int, char **); -int ruserpass (char *, char **, char **, char **); -void sendrequest (char *, char *, char *, char *, int); -void setascii (int, char **); -void setbell (int, char **); -void setbinary (int, char **); -void setcase (int, char **); -void setcr (int, char **); -void setdebug (int, char **); -void setform (int, char **); -void setftmode (int, char **); -void setglob (int, char **); -void sethash (int, char **); -void setnmap (int, char **); -void setntrans (int, char **); -void setpassive (int, char **); -void setpeer (int, char **); -void setport (int, char **); -void setprompt (int, char **); -void setrunique (int, char **); -void setstruct (int, char **); -void setsunique (int, char **); -void settenex (int, char **); -void settrace (int, char **); -void settype (int, char **); -void setverbose (int, char **); -void shell (int, char **); -void site (int, char **); -void sizecmd (int, char **); -char *slurpstring (void); -void status (int, char **); -void syst (int, char **); -void tvsub (struct timeval *, struct timeval *, struct timeval *); -void user (int, char **); - -extern jmp_buf abortprox; -extern int abrtflag; -extern struct cmd cmdtab[]; -extern FILE *cout; -extern int data; -extern char *home; -extern jmp_buf jabort; -extern int proxy; -extern char reply_string[]; -extern off_t restart_point; -extern int NCMDS; - -extern char username[32]; -extern char myhostname[]; -extern char *mydomain; - -void afslog (int, char **); -void kauth (int, char **); -void kdestroy (int, char **); -void klist (int, char **); -void krbtkfile (int, char **); diff --git a/crypto/heimdal/appl/ftp/ftp/ftp.1 b/crypto/heimdal/appl/ftp/ftp/ftp.1 deleted file mode 100644 index 5b8b8f6427cd..000000000000 --- a/crypto/heimdal/appl/ftp/ftp/ftp.1 +++ /dev/null @@ -1,1211 +0,0 @@ -.\" $NetBSD: ftp.1,v 1.11 1995/09/08 01:06:24 tls Exp $ -.\" -.\" Copyright (c) 1985, 1989, 1990, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)ftp.1 8.3 (Berkeley) 10/9/94 -.\" -.Dd March 23, 2006 -.Dt FTP 1 -.Os BSD 4.2 -.Sh NAME -.Nm ftp -.Nd -.Tn ARPANET -file transfer program -.Sh SYNOPSIS -.Nm ftp -.Op Fl K -.Op Fl d -.Op Fl g -.Op Fl i -.Op Fl l -.Op Fl n -.Op Fl p -.Op Fl t -.Op Fl v -.Op Fl x -.Op Fl -no-gss-bindings -.Op Fl -no-gss-delegate -.Op Ar host -.Sh DESCRIPTION -.Nm -is the user interface to the -.Tn ARPANET -standard File Transfer Protocol. -The program allows a user to transfer files to and from a -remote network site. -.Pp -Modifications have been made so that it almost follows the FTP -Security Extensions, RFC 2228. -.Pp -Options may be specified at the command line, or to the -command interpreter. -.Bl -tag -width flag -.It Fl K -Disable Kerberos authentication. -.It Fl t -Enables packet tracing. -.It Fl v -Verbose option forces -.Nm ftp -to show all responses from the remote server, as well -as report on data transfer statistics. -.It Fl n -Restrains -.Nm ftp -from attempting \*(Lqauto-login\*(Rq upon initial connection. -If auto-login is enabled, -.Nm ftp -will check the -.Pa .netrc -(see below) file in the user's home directory for an entry describing -an account on the remote machine. -If no entry exists, -.Nm ftp -will prompt for the remote machine login name (default is the user -identity on the local machine), and, if necessary, prompt for a password -and an account with which to login. -.It Fl i -Turns off interactive prompting during -multiple file transfers. -.It Fl p -Turn on passive mode. -.It Fl d -Enables debugging. -.It Fl g -Disables file name globbing. - .It Fl -no-gss-bindings -Don't use GSS-API bindings when talking to peer. IP addresses will not -be checked to ensure they match. -.It Fl -no-gss-delegate -Disable delegation of GSSAPI credentials. -.It Fl l -Disables command line editing. -.It Fl x -Encrypt command and data channel. -.El -.Pp -The client host with which -.Nm ftp -is to communicate may be specified on the command line. -If this is done, -.Nm ftp -will immediately attempt to establish a connection to an -.Tn FTP -server on that host; otherwise, -.Nm ftp -will enter its command interpreter and await instructions -from the user. -When -.Nm ftp -is awaiting commands from the user the prompt -.Ql ftp\*[Gt] -is provided to the user. -The following commands are recognized -by -.Nm ftp : -.Bl -tag -width Fl -.It Ic \&! Op Ar command Op Ar args -Invoke an interactive shell on the local machine. -If there are arguments, the first is taken to be a command to execute -directly, with the rest of the arguments as its arguments. -.It Ic \&$ Ar macro-name Op Ar args -Execute the macro -.Ar macro-name -that was defined with the -.Ic macdef -command. -Arguments are passed to the macro unglobbed. -.It Ic account Op Ar passwd -Supply a supplemental password required by a remote system for access -to resources once a login has been successfully completed. -If no argument is included, the user will be prompted for an account -password in a non-echoing input mode. -.It Ic append Ar local-file Op Ar remote-file -Append a local file to a file on the remote machine. -If -.Ar remote-file -is left unspecified, the local file name is used in naming the -remote file after being altered by any -.Ic ntrans -or -.Ic nmap -setting. -File transfer uses the current settings for -.Ic type , -.Ic format , -.Ic mode , -and -.Ic structure . -.It Ic ascii -Set the file transfer -.Ic type -to network -.Tn ASCII . -This is the default type. -.It Ic bell -Arrange that a bell be sounded after each file transfer -command is completed. -.It Ic binary -Set the file transfer -.Ic type -to support binary image transfer. -.It Ic bye -Terminate the -.Tn FTP -session with the remote server -and exit -.Nm ftp . -An end of file will also terminate the session and exit. -.It Ic case -Toggle remote computer file name case mapping during -.Ic mget -commands. -When -.Ic case -is on (default is off), remote computer file names with all letters in -upper case are written in the local directory with the letters mapped -to lower case. -.It Ic \&cd Ar remote-directory -Change the working directory on the remote machine -to -.Ar remote-directory . -.It Ic cdup -Change the remote machine working directory to the parent of the -current remote machine working directory. -.It Ic chmod Ar mode file-name -Change the permission modes of the file -.Ar file-name -on the remote -sytem to -.Ar mode . -.It Ic close -Terminate the -.Tn FTP -session with the remote server, and -return to the command interpreter. -Any defined macros are erased. -.It Ic \&cr -Toggle carriage return stripping during -ascii type file retrieval. -Records are denoted by a carriage return/linefeed sequence -during ascii type file transfer. -When -.Ic \&cr -is on (the default), carriage returns are stripped from this -sequence to conform with the -.Ux -single linefeed record -delimiter. -Records on -.Pf non\- Ns Ux -remote systems may contain single linefeeds; -when an ascii type transfer is made, these linefeeds may be -distinguished from a record delimiter only when -.Ic \&cr -is off. -.It Ic delete Ar remote-file -Delete the file -.Ar remote-file -on the remote machine. -.It Ic debug Op Ar debug-value -Toggle debugging mode. -If an optional -.Ar debug-value -is specified it is used to set the debugging level. -When debugging is on, -.Nm ftp -prints each command sent to the remote machine, preceded -by the string -.Ql \-\-\*[Gt] -.It Xo -.Ic dir -.Op Ar remote-directory -.Op Ar local-file -.Xc -Print a listing of the directory contents in the -directory, -.Ar remote-directory , -and, optionally, placing the output in -.Ar local-file . -If interactive prompting is on, -.Nm ftp -will prompt the user to verify that the last argument is indeed the -target local file for receiving -.Ic dir -output. -If no directory is specified, the current working -directory on the remote machine is used. -If no local -file is specified, or -.Ar local-file -is -.Fl , -output comes to the terminal. -.It Ic disconnect -A synonym for -.Ar close . -.It Ic form Ar format -Set the file transfer -.Ic form -to -.Ar format . -The default format is \*(Lqfile\*(Rq. -.It Ic get Ar remote-file Op Ar local-file -Retrieve the -.Ar remote-file -and store it on the local machine. -If the local -file name is not specified, it is given the same -name it has on the remote machine, subject to -alteration by the current -.Ic case , -.Ic ntrans , -and -.Ic nmap -settings. -The current settings for -.Ic type , -.Ic form , -.Ic mode , -and -.Ic structure -are used while transferring the file. -.It Ic glob -Toggle filename expansion for -.Ic mdelete , -.Ic mget -and -.Ic mput . -If globbing is turned off with -.Ic glob , -the file name arguments -are taken literally and not expanded. -Globbing for -.Ic mput -is done as in -.Xr csh 1 . -For -.Ic mdelete -and -.Ic mget , -each remote file name is expanded -separately on the remote machine and the lists are not merged. -Expansion of a directory name is likely to be -different from expansion of the name of an ordinary file: -the exact result depends on the foreign operating system and ftp server, -and can be previewed by doing -.Ql mls remote-files \- . -As a security measure, remotely globbed files that starts with -.Sq / -or contains -.Sq ../ , -will not be automatically received. If you have interactive prompting -turned off, these filenames will be ignored. Note: -.Ic mget -and -.Ic mput -are not meant to transfer -entire directory subtrees of files. -That can be done by -transferring a -.Xr tar 1 -archive of the subtree (in binary mode). -.It Ic hash -Toggle hash-sign (``#'') printing for each data block -transferred. -The size of a data block is 1024 bytes. -.It Ic help Op Ar command -Print an informative message about the meaning of -.Ar command . -If no argument is given, -.Nm ftp -prints a list of the known commands. -.It Ic idle Op Ar seconds -Set the inactivity timer on the remote server to -.Ar seconds -seconds. -If -.Ar seconds -is omitted, the current inactivity timer is printed. -.It Ic lcd Op Ar directory -Change the working directory on the local machine. -If -no -.Ar directory -is specified, the user's home directory is used. -.It Xo -.Ic \&ls -.Op Ar remote-directory -.Op Ar local-file -.Xc -Print a listing of the contents of a -directory on the remote machine. -The listing includes any system-dependent information that the server -chooses to include; for example, most -.Ux -systems will produce -output from the command -.Ql ls \-l . -(See also -.Ic nlist . ) -If -.Ar remote-directory -is left unspecified, the current working directory is used. -If interactive prompting is on, -.Nm ftp -will prompt the user to verify that the last argument is indeed the -target local file for receiving -.Ic \&ls -output. -If no local file is specified, or if -.Ar local-file -is -.Sq Fl , -the output is sent to the terminal. -.It Ic macdef Ar macro-name -Define a macro. -Subsequent lines are stored as the macro -.Ar macro-name ; -a null line (consecutive newline characters -in a file or -carriage returns from the terminal) terminates macro input mode. -There is a limit of 16 macros and 4096 total characters in all -defined macros. -Macros remain defined until a -.Ic close -command is executed. -The macro processor interprets `$' and `\e' as special characters. -A `$' followed by a number (or numbers) is replaced by the -corresponding argument on the macro invocation command line. -A `$' followed by an `i' signals that macro processor that the -executing macro is to be looped. -On the first pass `$i' is -replaced by the first argument on the macro invocation command line, -on the second pass it is replaced by the second argument, and so on. -A `\e' followed by any character is replaced by that character. -Use the `\e' to prevent special treatment of the `$'. -.It Ic mdelete Op Ar remote-files -Delete the -.Ar remote-files -on the remote machine. -.It Ic mdir Ar remote-files local-file -Like -.Ic dir , -except multiple remote files may be specified. -If interactive prompting is on, -.Nm ftp -will prompt the user to verify that the last argument is indeed the -target local file for receiving -.Ic mdir -output. -.It Ic mget Ar remote-files -Expand the -.Ar remote-files -on the remote machine -and do a -.Ic get -for each file name thus produced. -See -.Ic glob -for details on the filename expansion. -Resulting file names will then be processed according to -.Ic case , -.Ic ntrans , -and -.Ic nmap -settings. -Files are transferred into the local working directory, -which can be changed with -.Ql lcd directory ; -new local directories can be created with -.Ql "\&! mkdir directory" . -.It Ic mkdir Ar directory-name -Make a directory on the remote machine. -.It Ic mls Ar remote-files local-file -Like -.Ic nlist , -except multiple remote files may be specified, -and the -.Ar local-file -must be specified. -If interactive prompting is on, -.Nm ftp -will prompt the user to verify that the last argument is indeed the -target local file for receiving -.Ic mls -output. -.It Ic mode Op Ar mode-name -Set the file transfer -.Ic mode -to -.Ar mode-name . -The default mode is \*(Lqstream\*(Rq mode. -.It Ic modtime Ar file-name -Show the last modification time of the file on the remote machine. -.It Ic mput Ar local-files -Expand wild cards in the list of local files given as arguments -and do a -.Ic put -for each file in the resulting list. -See -.Ic glob -for details of filename expansion. -Resulting file names will then be processed according to -.Ic ntrans -and -.Ic nmap -settings. -.It Ic newer Ar file-name -Get the file only if the modification time of the remote file is more -recent that the file on the current system. -If the file does not -exist on the current system, the remote file is considered -.Ic newer . -Otherwise, this command is identical to -.Ar get . -.It Xo -.Ic nlist -.Op Ar remote-directory -.Op Ar local-file -.Xc -Print a list of the files in a -directory on the remote machine. -If -.Ar remote-directory -is left unspecified, the current working directory is used. -If interactive prompting is on, -.Nm ftp -will prompt the user to verify that the last argument is indeed the -target local file for receiving -.Ic nlist -output. -If no local file is specified, or if -.Ar local-file -is -.Fl , -the output is sent to the terminal. -.It Ic nmap Op Ar inpattern outpattern -Set or unset the filename mapping mechanism. -If no arguments are specified, the filename mapping mechanism is unset. -If arguments are specified, remote filenames are mapped during -.Ic mput -commands and -.Ic put -commands issued without a specified remote target filename. -If arguments are specified, local filenames are mapped during -.Ic mget -commands and -.Ic get -commands issued without a specified local target filename. -This command is useful when connecting to a -.No non\- Ns Ux -remote computer -with different file naming conventions or practices. -The mapping follows the pattern set by -.Ar inpattern -and -.Ar outpattern . -.Op Ar Inpattern -is a template for incoming filenames (which may have already been -processed according to the -.Ic ntrans -and -.Ic case -settings). -Variable templating is accomplished by including the -sequences `$1', `$2', ..., `$9' in -.Ar inpattern . -Use `\\' to prevent this special treatment of the `$' character. -All other characters are treated literally, and are used to determine the -.Ic nmap -.Op Ar inpattern -variable values. -For example, given -.Ar inpattern -$1.$2 and the remote file name "mydata.data", $1 would have the value -"mydata", and $2 would have the value "data". -The -.Ar outpattern -determines the resulting mapped filename. -The sequences `$1', `$2', ...., `$9' are replaced by any value resulting -from the -.Ar inpattern -template. -The sequence `$0' is replace by the original filename. -Additionally, the sequence -.Ql Op Ar seq1 , Ar seq2 -is replaced by -.Op Ar seq1 -if -.Ar seq1 -is not a null string; otherwise it is replaced by -.Ar seq2 . -For example, the command -.Pp -.Bd -literal -offset indent -compact -nmap $1.$2.$3 [$1,$2].[$2,file] -.Ed -.Pp -would yield -the output filename "myfile.data" for input filenames "myfile.data" and -"myfile.data.old", "myfile.file" for the input filename "myfile", and -"myfile.myfile" for the input filename ".myfile". -Spaces may be included in -.Ar outpattern , -as in the example: `nmap $1 sed "s/ *$//" \*[Gt] $1' . -Use the `\e' character to prevent special treatment -of the `$','[','[', and `,' characters. -.It Ic ntrans Op Ar inchars Op Ar outchars -Set or unset the filename character translation mechanism. -If no arguments are specified, the filename character -translation mechanism is unset. -If arguments are specified, characters in -remote filenames are translated during -.Ic mput -commands and -.Ic put -commands issued without a specified remote target filename. -If arguments are specified, characters in -local filenames are translated during -.Ic mget -commands and -.Ic get -commands issued without a specified local target filename. -This command is useful when connecting to a -.No non\- Ns Ux -remote computer -with different file naming conventions or practices. -Characters in a filename matching a character in -.Ar inchars -are replaced with the corresponding character in -.Ar outchars . -If the character's position in -.Ar inchars -is longer than the length of -.Ar outchars , -the character is deleted from the file name. -.It Ic open Ar host Op Ar port -Establish a connection to the specified -.Ar host -.Tn FTP -server. -An optional port number may be supplied, -in which case, -.Nm ftp -will attempt to contact an -.Tn FTP -server at that port. -If the -.Ic auto-login -option is on (default), -.Nm ftp -will also attempt to automatically log the user in to -the -.Tn FTP -server (see below). -.It Ic passive -Toggle passive mode. If passive mode is turned on -(default is off), the ftp client will -send a -.Dv PASV -command for all data connections instead of the usual -.Dv PORT -command. The -.Dv PASV -command requests that the remote server open a port for the data connection -and return the address of that port. The remote server listens on that -port and the client connects to it. When using the more traditional -.Dv PORT -command, the client listens on a port and sends that address to the remote -server, who connects back to it. Passive mode is useful when using -.Nm ftp -through a gateway router or host that controls the directionality of -traffic. -(Note that though ftp servers are required to support the -.Dv PASV -command by RFC 1123, some do not.) -.It Ic prompt -Toggle interactive prompting. -Interactive prompting -occurs during multiple file transfers to allow the -user to selectively retrieve or store files. -If prompting is turned off (default is on), any -.Ic mget -or -.Ic mput -will transfer all files, and any -.Ic mdelete -will delete all files. -.It Ic proxy Ar ftp-command -Execute an ftp command on a secondary control connection. -This command allows simultaneous connection to two remote ftp -servers for transferring files between the two servers. -The first -.Ic proxy -command should be an -.Ic open , -to establish the secondary control connection. -Enter the command "proxy ?" to see other ftp commands executable on the -secondary connection. -The following commands behave differently when prefaced by -.Ic proxy : -.Ic open -will not define new macros during the auto-login process, -.Ic close -will not erase existing macro definitions, -.Ic get -and -.Ic mget -transfer files from the host on the primary control connection -to the host on the secondary control connection, and -.Ic put , -.Ic mput , -and -.Ic append -transfer files from the host on the secondary control connection -to the host on the primary control connection. -Third party file transfers depend upon support of the ftp protocol -.Dv PASV -command by the server on the secondary control connection. -.It Ic put Ar local-file Op Ar remote-file -Store a local file on the remote machine. -If -.Ar remote-file -is left unspecified, the local file name is used -after processing according to any -.Ic ntrans -or -.Ic nmap -settings -in naming the remote file. -File transfer uses the -current settings for -.Ic type , -.Ic format , -.Ic mode , -and -.Ic structure . -.It Ic pwd -Print the name of the current working directory on the remote -machine. -.It Ic quit -A synonym for -.Ic bye . -.It Ic quote Ar arg1 arg2 ... -The arguments specified are sent, verbatim, to the remote -.Tn FTP -server. -.It Ic recv Ar remote-file Op Ar local-file -A synonym for get. -.It Ic reget Ar remote-file Op Ar local-file -Reget acts like get, except that if -.Ar local-file -exists and is -smaller than -.Ar remote-file , -.Ar local-file -is presumed to be -a partially transferred copy of -.Ar remote-file -and the transfer -is continued from the apparent point of failure. -This command -is useful when transferring very large files over networks that -are prone to dropping connections. -.It Ic remotehelp Op Ar command-name -Request help from the remote -.Tn FTP -server. -If a -.Ar command-name -is specified it is supplied to the server as well. -.It Ic remotestatus Op Ar file-name -With no arguments, show status of remote machine. -If -.Ar file-name -is specified, show status of -.Ar file-name -on remote machine. -.It Xo -.Ic rename -.Op Ar from -.Op Ar to -.Xc -Rename the file -.Ar from -on the remote machine, to the file -.Ar to . -.It Ic reset -Clear reply queue. -This command re-synchronizes command/reply sequencing with the remote -ftp server. -Resynchronization may be necessary following a violation of the ftp protocol -by the remote server. -.It Ic restart Ar marker -Restart the immediately following -.Ic get -or -.Ic put -at the -indicated -.Ar marker . -On -.Ux -systems, marker is usually a byte -offset into the file. -.It Ic rmdir Ar directory-name -Delete a directory on the remote machine. -.It Ic runique -Toggle storing of files on the local system with unique filenames. -If a file already exists with a name equal to the target -local filename for a -.Ic get -or -.Ic mget -command, a ".1" is appended to the name. -If the resulting name matches another existing file, -a ".2" is appended to the original name. -If this process continues up to ".99", an error -message is printed, and the transfer does not take place. -The generated unique filename will be reported. -Note that -.Ic runique -will not affect local files generated from a shell command -(see below). -The default value is off. -.It Ic send Ar local-file Op Ar remote-file -A synonym for put. -.It Ic sendport -Toggle the use of -.Dv PORT -commands. -By default, -.Nm ftp -will attempt to use a -.Dv PORT -command when establishing -a connection for each data transfer. -The use of -.Dv PORT -commands can prevent delays -when performing multiple file transfers. -If the -.Dv PORT -command fails, -.Nm ftp -will use the default data port. -When the use of -.Dv PORT -commands is disabled, no attempt will be made to use -.Dv PORT -commands for each data transfer. -This is useful -for certain -.Tn FTP -implementations which do ignore -.Dv PORT -commands but, incorrectly, indicate they've been accepted. -.It Ic site Ar arg1 arg2 ... -The arguments specified are sent, verbatim, to the remote -.Tn FTP -server as a -.Dv SITE -command. -.It Ic size Ar file-name -Return size of -.Ar file-name -on remote machine. -.It Ic status -Show the current status of -.Nm ftp . -.It Ic struct Op Ar struct-name -Set the file transfer -.Ar structure -to -.Ar struct-name . -By default \*(Lqstream\*(Rq structure is used. -.It Ic sunique -Toggle storing of files on remote machine under unique file names. -Remote ftp server must support ftp protocol -.Dv STOU -command for -successful completion. -The remote server will report unique name. -Default value is off. -.It Ic system -Show the type of operating system running on the remote machine. -.It Ic tenex -Set the file transfer type to that needed to -talk to -.Tn TENEX -machines. -.It Ic trace -Toggle packet tracing. -.It Ic type Op Ar type-name -Set the file transfer -.Ic type -to -.Ar type-name . -If no type is specified, the current type -is printed. -The default type is network -.Tn ASCII . -.It Ic umask Op Ar newmask -Set the default umask on the remote server to -.Ar newmask . -If -.Ar newmask -is omitted, the current umask is printed. -.It Xo -.Ic user Ar user-name -.Op Ar password -.Op Ar account -.Xc -Identify yourself to the remote -.Tn FTP -server. -If the -.Ar password -is not specified and the server requires it, -.Nm ftp -will prompt the user for it (after disabling local echo). -If an -.Ar account -field is not specified, and the -.Tn FTP -server -requires it, the user will be prompted for it. -If an -.Ar account -field is specified, an account command will -be relayed to the remote server after the login sequence -is completed if the remote server did not require it -for logging in. -Unless -.Nm ftp -is invoked with \*(Lqauto-login\*(Rq disabled, this -process is done automatically on initial connection to -the -.Tn FTP -server. -.It Ic verbose -Toggle verbose mode. -In verbose mode, all responses from -the -.Tn FTP -server are displayed to the user. -In addition, -if verbose is on, when a file transfer completes, statistics -regarding the efficiency of the transfer are reported. -By default, -verbose is on. -.It Ic \&? Op Ar command -A synonym for help. -.El -.Pp -The following command can be used with ftpsec-aware servers. -.Bl -tag -width Fl -.It Xo -.Ic prot -.Ar clear | -.Ar safe | -.Ar confidential | -.Ar private -.Xc -Set the data protection level to the requested level. -.El -.Pp -The following command can be used with ftp servers that has -implemented the KAUTH site command. -.Bl -tag -width Fl -.It Ic kauth Op Ar principal -Obtain remote tickets. -.El -.Pp -Command arguments which have embedded spaces may be quoted with -quote `"' marks. -.Sh ABORTING A FILE TRANSFER -To abort a file transfer, use the terminal interrupt key -(usually Ctrl-C). -Sending transfers will be immediately halted. -Receiving transfers will be halted by sending a ftp protocol -.Dv ABOR -command to the remote server, and discarding any further data received. -The speed at which this is accomplished depends upon the remote -server's support for -.Dv ABOR -processing. -If the remote server does not support the -.Dv ABOR -command, an -.Ql ftp\*[Gt] -prompt will not appear until the remote server has completed -sending the requested file. -.Pp -The terminal interrupt key sequence will be ignored when -.Nm ftp -has completed any local processing and is awaiting a reply -from the remote server. -A long delay in this mode may result from the ABOR processing described -above, or from unexpected behavior by the remote server, including -violations of the ftp protocol. -If the delay results from unexpected remote server behavior, the local -.Nm ftp -program must be killed by hand. -.Sh FILE NAMING CONVENTIONS -Files specified as arguments to -.Nm ftp -commands are processed according to the following rules. -.Bl -enum -.It -If the file name -.Sq Fl -is specified, the -.Ar stdin -(for reading) or -.Ar stdout -(for writing) is used. -.It -If the first character of the file name is -.Sq \&| , -the -remainder of the argument is interpreted as a shell command. -.Nm Ftp -then forks a shell, using -.Xr popen 3 -with the argument supplied, and reads (writes) from the stdout -(stdin). -If the shell command includes spaces, the argument -must be quoted; e.g. -\*(Lq" ls -lt"\*(Rq. -A particularly -useful example of this mechanism is: \*(Lqdir more\*(Rq. -.It -Failing the above checks, if ``globbing'' is enabled, -local file names are expanded -according to the rules used in the -.Xr csh 1 ; -c.f. the -.Ic glob -command. -If the -.Nm ftp -command expects a single local file (.e.g. -.Ic put ) , -only the first filename generated by the "globbing" operation is used. -.It -For -.Ic mget -commands and -.Ic get -commands with unspecified local file names, the local filename is -the remote filename, which may be altered by a -.Ic case , -.Ic ntrans , -or -.Ic nmap -setting. -The resulting filename may then be altered if -.Ic runique -is on. -.It -For -.Ic mput -commands and -.Ic put -commands with unspecified remote file names, the remote filename is -the local filename, which may be altered by a -.Ic ntrans -or -.Ic nmap -setting. -The resulting filename may then be altered by the remote server if -.Ic sunique -is on. -.El -.Sh FILE TRANSFER PARAMETERS -The FTP specification specifies many parameters which may -affect a file transfer. -The -.Ic type -may be one of \*(Lqascii\*(Rq, \*(Lqimage\*(Rq (binary), -\*(Lqebcdic\*(Rq, and \*(Lqlocal byte size\*(Rq (for -.Tn PDP Ns -10's -and -.Tn PDP Ns -20's -mostly). -.Nm Ftp -supports the ascii and image types of file transfer, -plus local byte size 8 for -.Ic tenex -mode transfers. -.Pp -.Nm Ftp -supports only the default values for the remaining -file transfer parameters: -.Ic mode , -.Ic form , -and -.Ic struct . -.Sh THE .netrc FILE -The -.Pa .netrc -file contains login and initialization information -used by the auto-login process. -It resides in the user's home directory. -The following tokens are recognized; they may be separated by spaces, -tabs, or new-lines: -.Bl -tag -width password -.It Ic machine Ar name -Identify a remote machine -.Ar name . -The auto-login process searches the -.Pa .netrc -file for a -.Ic machine -token that matches the remote machine specified on the -.Nm ftp -command line or as an -.Ic open -command argument. -Once a match is made, the subsequent -.Pa .netrc -tokens are processed, -stopping when the end of file is reached or another -.Ic machine -or a -.Ic default -token is encountered. -.It Ic default -This is the same as -.Ic machine -.Ar name -except that -.Ic default -matches any name. -There can be only one -.Ic default -token, and it must be after all -.Ic machine -tokens. -This is normally used as: -.Pp -.Dl default login anonymous password user@site -.Pp -thereby giving the user -.Ar automatic -anonymous ftp login to -machines not specified in -.Pa .netrc . -This can be overridden -by using the -.Fl n -flag to disable auto-login. -.It Ic login Ar name -Identify a user on the remote machine. -If this token is present, the auto-login process will initiate -a login using the specified -.Ar name . -.It Ic password Ar string -Supply a password. -If this token is present, the auto-login process will supply the -specified string if the remote server requires a password as part -of the login process. -Note that if this token is present in the -.Pa .netrc -file for any user other -than -.Ar anonymous , -.Nm ftp -will abort the auto-login process if the -.Pa .netrc -is readable by -anyone besides the user. -.It Ic account Ar string -Supply an additional account password. -If this token is present, the auto-login process will supply the -specified string if the remote server requires an additional -account password, or the auto-login process will initiate an -.Dv ACCT -command if it does not. -.It Ic macdef Ar name -Define a macro. -This token functions like the -.Nm ftp -.Ic macdef -command functions. -A macro is defined with the specified name; its contents begin with the -next -.Pa .netrc -line and continue until a null line (consecutive new-line -characters) is encountered. -If a macro named -.Ic init -is defined, it is automatically executed as the last step in the -auto-login process. -.El -.Sh ENVIRONMENT -.Nm Ftp -uses the following environment variables. -.Bl -tag -width Fl -.It Ev HOME -For default location of a -.Pa .netrc -file, if one exists. -.It Ev SHELL -For default shell. -.El -.Sh SEE ALSO -.Xr ftpd 8 -.Rs -.%T RFC2228 -.Re -.Sh HISTORY -The -.Nm ftp -command appeared in -.Bx 4.2 . -.Sh BUGS -Correct execution of many commands depends upon proper behavior -by the remote server. -.Pp -An error in the treatment of carriage returns -in the -.Bx 4.2 -ascii-mode transfer code -has been corrected. -This correction may result in incorrect transfers of binary files -to and from -.Bx 4.2 -servers using the ascii type. -Avoid this problem by using the binary image type. diff --git a/crypto/heimdal/appl/ftp/ftp/ftp.c b/crypto/heimdal/appl/ftp/ftp/ftp.c deleted file mode 100644 index 0a00bd245667..000000000000 --- a/crypto/heimdal/appl/ftp/ftp/ftp.c +++ /dev/null @@ -1,1780 +0,0 @@ -/* - * Copyright (c) 1985, 1989, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ftp_locl.h" -RCSID ("$Id: ftp.c 16650 2006-01-24 08:16:08Z lha $"); - -struct sockaddr_storage hisctladdr_ss; -struct sockaddr *hisctladdr = (struct sockaddr *)&hisctladdr_ss; -struct sockaddr_storage data_addr_ss; -struct sockaddr *data_addr = (struct sockaddr *)&data_addr_ss; -struct sockaddr_storage myctladdr_ss; -struct sockaddr *myctladdr = (struct sockaddr *)&myctladdr_ss; -int data = -1; -int abrtflag = 0; -jmp_buf ptabort; -int ptabflg; -int ptflag = 0; -off_t restart_point = 0; - - -FILE *cin, *cout; - -typedef void (*sighand) (int); - -char * -hookup (const char *host, int port) -{ - static char hostnamebuf[MaxHostNameLen]; - struct addrinfo *ai, *a; - struct addrinfo hints; - int error; - char portstr[NI_MAXSERV]; - socklen_t len; - int s; - - memset (&hints, 0, sizeof(hints)); - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = IPPROTO_TCP; - hints.ai_flags = AI_CANONNAME; - - snprintf (portstr, sizeof(portstr), "%u", ntohs(port)); - - error = getaddrinfo (host, portstr, &hints, &ai); - if (error) { - warnx ("%s: %s", host, gai_strerror(error)); - code = -1; - return NULL; - } - strlcpy (hostnamebuf, host, sizeof(hostnamebuf)); - hostname = hostnamebuf; - - s = -1; - for (a = ai; a != NULL; a = a->ai_next) { - s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (s < 0) - continue; - - if (a->ai_canonname != NULL) - strlcpy (hostnamebuf, a->ai_canonname, sizeof(hostnamebuf)); - - memcpy (hisctladdr, a->ai_addr, a->ai_addrlen); - - error = connect (s, a->ai_addr, a->ai_addrlen); - if (error < 0) { - char addrstr[256]; - - if (getnameinfo (a->ai_addr, a->ai_addrlen, - addrstr, sizeof(addrstr), - NULL, 0, NI_NUMERICHOST) != 0) - strlcpy (addrstr, "unknown address", sizeof(addrstr)); - - warn ("connect %s", addrstr); - close (s); - s = -1; - continue; - } - break; - } - freeaddrinfo (ai); - if (s < 0) { - warnx ("failed to contact %s", host); - code = -1; - return NULL; - } - - len = sizeof(myctladdr_ss); - if (getsockname (s, myctladdr, &len) < 0) { - warn ("getsockname"); - code = -1; - close (s); - return NULL; - } -#ifdef IPTOS_LOWDELAY - socket_set_tos (s, IPTOS_LOWDELAY); -#endif - cin = fdopen (s, "r"); - cout = fdopen (s, "w"); - if (cin == NULL || cout == NULL) { - warnx ("fdopen failed."); - if (cin) - fclose (cin); - if (cout) - fclose (cout); - code = -1; - goto bad; - } - if (verbose) - printf ("Connected to %s.\n", hostname); - if (getreply (0) > 2) { /* read startup message from server */ - if (cin) - fclose (cin); - if (cout) - fclose (cout); - code = -1; - goto bad; - } -#if defined(SO_OOBINLINE) && defined(HAVE_SETSOCKOPT) - { - int on = 1; - - if (setsockopt (s, SOL_SOCKET, SO_OOBINLINE, (char *) &on, sizeof (on)) - < 0 && debug) { - warn ("setsockopt"); - } - } -#endif /* SO_OOBINLINE */ - - return (hostname); -bad: - close (s); - return NULL; -} - -int -login (char *host) -{ - char tmp[80]; - char defaultpass[128]; - char *userstr, *pass, *acctstr; - int n, aflag = 0; - - char *myname = NULL; - struct passwd *pw = k_getpwuid(getuid()); - - if (pw != NULL) - myname = pw->pw_name; - - userstr = pass = acctstr = 0; - - if(sec_login(host)) - printf("\n*** Using plaintext user and password ***\n\n"); - else{ - printf("Authentication successful.\n\n"); - } - - if (ruserpass (host, &userstr, &pass, &acctstr) < 0) { - code = -1; - return (0); - } - while (userstr == NULL) { - if (myname) - printf ("Name (%s:%s): ", host, myname); - else - printf ("Name (%s): ", host); - *tmp = '\0'; - if (fgets (tmp, sizeof (tmp) - 1, stdin) != NULL) - tmp[strlen (tmp) - 1] = '\0'; - if (*tmp == '\0') - userstr = myname; - else - userstr = tmp; - } - strlcpy(username, userstr, sizeof(username)); - n = command("USER %s", userstr); - if (n == COMPLETE) - n = command("PASS dummy"); /* DK: Compatibility with gssftp daemon */ - else if(n == CONTINUE) { - if (pass == NULL) { - char prompt[128]; - if(myname && - (!strcmp(userstr, "ftp") || !strcmp(userstr, "anonymous"))) { - snprintf(defaultpass, sizeof(defaultpass), - "%s@%s", myname, mydomain); - snprintf(prompt, sizeof(prompt), - "Password (%s): ", defaultpass); - } else if (sec_complete) { - pass = myname; - } else { - *defaultpass = '\0'; - snprintf(prompt, sizeof(prompt), "Password: "); - } - if (pass == NULL) { - pass = defaultpass; - UI_UTIL_read_pw_string (tmp, sizeof (tmp), prompt, 0); - if (tmp[0]) - pass = tmp; - } - } - n = command ("PASS %s", pass); - } - if (n == CONTINUE) { - aflag++; - acctstr = tmp; - UI_UTIL_read_pw_string (acctstr, 128, "Account:", 0); - n = command ("ACCT %s", acctstr); - } - if (n != COMPLETE) { - warnx ("Login failed."); - return (0); - } - if (!aflag && acctstr != NULL) - command ("ACCT %s", acctstr); - if (proxy) - return (1); - for (n = 0; n < macnum; ++n) { - if (!strcmp("init", macros[n].mac_name)) { - strlcpy (line, "$init", sizeof (line)); - makeargv(); - domacro(margc, margv); - break; - } - } - sec_set_protection_level (); - return (1); -} - -void -cmdabort (int sig) -{ - - printf ("\n"); - fflush (stdout); - abrtflag++; - if (ptflag) - longjmp (ptabort, 1); -} - -int -command (char *fmt,...) -{ - va_list ap; - int r; - sighand oldintr; - - abrtflag = 0; - if (cout == NULL) { - warn ("No control connection for command"); - code = -1; - return (0); - } - oldintr = signal(SIGINT, cmdabort); - if(debug){ - printf("---> "); - if (strncmp("PASS ", fmt, 5) == 0) - printf("PASS XXXX"); - else { - va_start(ap, fmt); - vfprintf(stdout, fmt, ap); - va_end(ap); - } - } - va_start(ap, fmt); - sec_vfprintf(cout, fmt, ap); - va_end(ap); - if(debug){ - printf("\n"); - fflush(stdout); - } - fprintf (cout, "\r\n"); - fflush (cout); - cpend = 1; - r = getreply (!strcmp (fmt, "QUIT")); - if (abrtflag && oldintr != SIG_IGN) - (*oldintr) (SIGINT); - signal (SIGINT, oldintr); - return (r); -} - -char reply_string[BUFSIZ]; /* last line of previous reply */ - -int -getreply (int expecteof) -{ - char *p; - char *lead_string; - int c; - struct sigaction sa, osa; - char buf[8192]; - int reply_code; - int long_warn = 0; - - sigemptyset (&sa.sa_mask); - sa.sa_flags = 0; - sa.sa_handler = cmdabort; - sigaction (SIGINT, &sa, &osa); - - p = buf; - - reply_code = 0; - while (1) { - c = getc (cin); - switch (c) { - case EOF: - if (expecteof) { - sigaction (SIGINT, &osa, NULL); - code = 221; - return 0; - } - lostpeer (0); - if (verbose) { - printf ("421 Service not available, " - "remote server has closed connection\n"); - fflush (stdout); - } - code = 421; - return (4); - case IAC: - c = getc (cin); - if (c == WILL || c == WONT) - fprintf (cout, "%c%c%c", IAC, DONT, getc (cin)); - if (c == DO || c == DONT) - fprintf (cout, "%c%c%c", IAC, WONT, getc (cin)); - continue; - case '\n': - *p++ = '\0'; - if(isdigit((unsigned char)buf[0])){ - sscanf(buf, "%d", &code); - if(code == 631){ - code = 0; - sec_read_msg(buf, prot_safe); - sscanf(buf, "%d", &code); - lead_string = "S:"; - } else if(code == 632){ - code = 0; - sec_read_msg(buf, prot_private); - sscanf(buf, "%d", &code); - lead_string = "P:"; - }else if(code == 633){ - code = 0; - sec_read_msg(buf, prot_confidential); - sscanf(buf, "%d", &code); - lead_string = "C:"; - }else if(sec_complete) - lead_string = "!!"; - else - lead_string = ""; - if(code != 0 && reply_code == 0) - reply_code = code; - if (verbose > 0 || (verbose > -1 && code > 499)) - fprintf (stdout, "%s%s\n", lead_string, buf); - if (code == reply_code && buf[3] == ' ') { - strlcpy (reply_string, buf, sizeof(reply_string)); - if (code >= 200) - cpend = 0; - sigaction (SIGINT, &osa, NULL); - if (code == 421) - lostpeer (0); -#if 1 - if (abrtflag && - osa.sa_handler != cmdabort && - osa.sa_handler != SIG_IGN) - osa.sa_handler (SIGINT); -#endif - if (code == 227 || code == 229) { - char *q; - - q = strchr (reply_string, '('); - if (q) { - q++; - strlcpy(pasv, q, sizeof(pasv)); - q = strrchr(pasv, ')'); - if (q) - *q = '\0'; - } - } - return code / 100; - } - }else{ - if(verbose > 0 || (verbose > -1 && code > 499)){ - if(sec_complete) - fprintf(stdout, "!!"); - fprintf(stdout, "%s\n", buf); - } - } - p = buf; - long_warn = 0; - continue; - default: - if(p < buf + sizeof(buf) - 1) - *p++ = c; - else if(long_warn == 0) { - fprintf(stderr, "WARNING: incredibly long line received\n"); - long_warn = 1; - } - } - } - -} - - -#if 0 -int -getreply (int expecteof) -{ - int c, n; - int dig; - int originalcode = 0, continuation = 0; - sighand oldintr; - int pflag = 0; - char *cp, *pt = pasv; - - oldintr = signal (SIGINT, cmdabort); - for (;;) { - dig = n = code = 0; - cp = reply_string; - while ((c = getc (cin)) != '\n') { - if (c == IAC) { /* handle telnet commands */ - switch (c = getc (cin)) { - case WILL: - case WONT: - c = getc (cin); - fprintf (cout, "%c%c%c", IAC, DONT, c); - fflush (cout); - break; - case DO: - case DONT: - c = getc (cin); - fprintf (cout, "%c%c%c", IAC, WONT, c); - fflush (cout); - break; - default: - break; - } - continue; - } - dig++; - if (c == EOF) { - if (expecteof) { - signal (SIGINT, oldintr); - code = 221; - return (0); - } - lostpeer (0); - if (verbose) { - printf ("421 Service not available, remote server has closed connection\n"); - fflush (stdout); - } - code = 421; - return (4); - } - if (c != '\r' && (verbose > 0 || - (verbose > -1 && n == '5' && dig > 4))) { - if (proxflag && - (dig == 1 || dig == 5 && verbose == 0)) - printf ("%s:", hostname); - putchar (c); - } - if (dig < 4 && isdigit (c)) - code = code * 10 + (c - '0'); - if (!pflag && code == 227) - pflag = 1; - if (dig > 4 && pflag == 1 && isdigit (c)) - pflag = 2; - if (pflag == 2) { - if (c != '\r' && c != ')') - *pt++ = c; - else { - *pt = '\0'; - pflag = 3; - } - } - if (dig == 4 && c == '-') { - if (continuation) - code = 0; - continuation++; - } - if (n == 0) - n = c; - if (cp < &reply_string[sizeof (reply_string) - 1]) - *cp++ = c; - } - if (verbose > 0 || verbose > -1 && n == '5') { - putchar (c); - fflush (stdout); - } - if (continuation && code != originalcode) { - if (originalcode == 0) - originalcode = code; - continue; - } - *cp = '\0'; - if(sec_complete){ - if(code == 631) - sec_read_msg(reply_string, prot_safe); - else if(code == 632) - sec_read_msg(reply_string, prot_private); - else if(code == 633) - sec_read_msg(reply_string, prot_confidential); - n = code / 100 + '0'; - } - if (n != '1') - cpend = 0; - signal (SIGINT, oldintr); - if (code == 421 || originalcode == 421) - lostpeer (0); - if (abrtflag && oldintr != cmdabort && oldintr != SIG_IGN) - (*oldintr) (SIGINT); - return (n - '0'); - } -} - -#endif - -int -empty (fd_set * mask, int sec) -{ - struct timeval t; - - t.tv_sec = sec; - t.tv_usec = 0; - return (select (FD_SETSIZE, mask, NULL, NULL, &t)); -} - -jmp_buf sendabort; - -static RETSIGTYPE -abortsend (int sig) -{ - - mflag = 0; - abrtflag = 0; - printf ("\nsend aborted\nwaiting for remote to finish abort\n"); - fflush (stdout); - longjmp (sendabort, 1); -} - -#define HASHBYTES 1024 - -static int -copy_stream (FILE * from, FILE * to) -{ - static size_t bufsize; - static char *buf; - int n; - int bytes = 0; - int werr = 0; - int hashbytes = HASHBYTES; - struct stat st; - -#if defined(HAVE_MMAP) && !defined(NO_MMAP) - void *chunk; - -#ifndef MAP_FAILED -#define MAP_FAILED (-1) -#endif - - if (fstat (fileno (from), &st) == 0 && S_ISREG (st.st_mode)) { - /* - * mmap zero bytes has potential of loosing, don't do it. - */ - if (st.st_size == 0) - return 0; - chunk = mmap (0, st.st_size, PROT_READ, MAP_SHARED, fileno (from), 0); - if (chunk != (void *) MAP_FAILED) { - int res; - - res = sec_write (fileno (to), chunk, st.st_size); - if (munmap (chunk, st.st_size) < 0) - warn ("munmap"); - sec_fflush (to); - return res; - } - } -#endif - - buf = alloc_buffer (buf, &bufsize, - fstat (fileno (from), &st) >= 0 ? &st : NULL); - if (buf == NULL) - return -1; - - while ((n = read (fileno (from), buf, bufsize)) > 0) { - werr = sec_write (fileno (to), buf, n); - if (werr < 0) - break; - bytes += werr; - while (hash && bytes > hashbytes) { - putchar ('#'); - hashbytes += HASHBYTES; - } - } - sec_fflush (to); - if (n < 0) - warn ("local"); - - if (werr < 0) { - if (errno != EPIPE) - warn ("netout"); - bytes = -1; - } - return bytes; -} - -void -sendrequest (char *cmd, char *local, char *remote, char *lmode, int printnames) -{ - struct stat st; - struct timeval start, stop; - int c, d; - FILE *fin, *dout = 0; - int (*closefunc) (FILE *); - RETSIGTYPE (*oldintr)(int), (*oldintp)(int); - long bytes = 0, hashbytes = HASHBYTES; - char *rmode = "w"; - - if (verbose && printnames) { - if (local && strcmp (local, "-") != 0) - printf ("local: %s ", local); - if (remote) - printf ("remote: %s\n", remote); - } - if (proxy) { - proxtrans (cmd, local, remote); - return; - } - if (curtype != type) - changetype (type, 0); - closefunc = NULL; - oldintr = NULL; - oldintp = NULL; - - if (setjmp (sendabort)) { - while (cpend) { - getreply (0); - } - if (data >= 0) { - close (data); - data = -1; - } - if (oldintr) - signal (SIGINT, oldintr); - if (oldintp) - signal (SIGPIPE, oldintp); - code = -1; - return; - } - oldintr = signal (SIGINT, abortsend); - if (strcmp (local, "-") == 0) - fin = stdin; - else if (*local == '|') { - oldintp = signal (SIGPIPE, SIG_IGN); - fin = popen (local + 1, lmode); - if (fin == NULL) { - warn ("%s", local + 1); - signal (SIGINT, oldintr); - signal (SIGPIPE, oldintp); - code = -1; - return; - } - closefunc = pclose; - } else { - fin = fopen (local, lmode); - if (fin == NULL) { - warn ("local: %s", local); - signal (SIGINT, oldintr); - code = -1; - return; - } - closefunc = fclose; - if (fstat (fileno (fin), &st) < 0 || - (st.st_mode & S_IFMT) != S_IFREG) { - fprintf (stdout, "%s: not a plain file.\n", local); - signal (SIGINT, oldintr); - fclose (fin); - code = -1; - return; - } - } - if (initconn ()) { - signal (SIGINT, oldintr); - if (oldintp) - signal (SIGPIPE, oldintp); - code = -1; - if (closefunc != NULL) - (*closefunc) (fin); - return; - } - if (setjmp (sendabort)) - goto abort; - - if (restart_point && - (strcmp (cmd, "STOR") == 0 || strcmp (cmd, "APPE") == 0)) { - int rc; - - switch (curtype) { - case TYPE_A: - rc = fseek (fin, (long) restart_point, SEEK_SET); - break; - case TYPE_I: - case TYPE_L: - rc = lseek (fileno (fin), restart_point, SEEK_SET); - break; - default: - abort(); - } - if (rc < 0) { - warn ("local: %s", local); - restart_point = 0; - if (closefunc != NULL) - (*closefunc) (fin); - return; - } - if (command ("REST %ld", (long) restart_point) - != CONTINUE) { - restart_point = 0; - if (closefunc != NULL) - (*closefunc) (fin); - return; - } - restart_point = 0; - rmode = "r+w"; - } - if (remote) { - if (command ("%s %s", cmd, remote) != PRELIM) { - signal (SIGINT, oldintr); - if (oldintp) - signal (SIGPIPE, oldintp); - if (closefunc != NULL) - (*closefunc) (fin); - return; - } - } else if (command ("%s", cmd) != PRELIM) { - signal(SIGINT, oldintr); - if (oldintp) - signal(SIGPIPE, oldintp); - if (closefunc != NULL) - (*closefunc)(fin); - return; - } - dout = dataconn(rmode); - if (dout == NULL) - goto abort; - set_buffer_size (fileno (dout), 0); - gettimeofday (&start, (struct timezone *) 0); - oldintp = signal (SIGPIPE, SIG_IGN); - switch (curtype) { - - case TYPE_I: - case TYPE_L: - errno = d = c = 0; - bytes = copy_stream (fin, dout); - break; - - case TYPE_A: - while ((c = getc (fin)) != EOF) { - if (c == '\n') { - while (hash && (bytes >= hashbytes)) { - putchar ('#'); - fflush (stdout); - hashbytes += HASHBYTES; - } - if (ferror (dout)) - break; - sec_putc ('\r', dout); - bytes++; - } - sec_putc (c, dout); - bytes++; - } - sec_fflush (dout); - if (hash) { - if (bytes < hashbytes) - putchar ('#'); - putchar ('\n'); - fflush (stdout); - } - if (ferror (fin)) - warn ("local: %s", local); - if (ferror (dout)) { - if (errno != EPIPE) - warn ("netout"); - bytes = -1; - } - break; - } - if (closefunc != NULL) - (*closefunc) (fin); - fclose (dout); - gettimeofday (&stop, (struct timezone *) 0); - getreply (0); - signal (SIGINT, oldintr); - if (oldintp) - signal (SIGPIPE, oldintp); - if (bytes > 0) - ptransfer ("sent", bytes, &start, &stop); - return; -abort: - signal (SIGINT, oldintr); - if (oldintp) - signal (SIGPIPE, oldintp); - if (!cpend) { - code = -1; - return; - } - if (data >= 0) { - close (data); - data = -1; - } - if (dout) - fclose (dout); - getreply (0); - code = -1; - if (closefunc != NULL && fin != NULL) - (*closefunc) (fin); - gettimeofday (&stop, (struct timezone *) 0); - if (bytes > 0) - ptransfer ("sent", bytes, &start, &stop); -} - -jmp_buf recvabort; - -void -abortrecv (int sig) -{ - - mflag = 0; - abrtflag = 0; - printf ("\nreceive aborted\nwaiting for remote to finish abort\n"); - fflush (stdout); - longjmp (recvabort, 1); -} - -void -recvrequest (char *cmd, char *local, char *remote, - char *lmode, int printnames, int local_given) -{ - FILE *fout = NULL, *din = NULL; - int (*closefunc) (FILE *); - sighand oldintr, oldintp; - int c, d, is_retr, tcrflag, bare_lfs = 0; - static size_t bufsize; - static char *buf; - long bytes = 0, hashbytes = HASHBYTES; - struct timeval start, stop; - struct stat st; - - is_retr = strcmp (cmd, "RETR") == 0; - if (is_retr && verbose && printnames) { - if (local && strcmp (local, "-") != 0) - printf ("local: %s ", local); - if (remote) - printf ("remote: %s\n", remote); - } - if (proxy && is_retr) { - proxtrans (cmd, local, remote); - return; - } - closefunc = NULL; - oldintr = NULL; - oldintp = NULL; - tcrflag = !crflag && is_retr; - if (setjmp (recvabort)) { - while (cpend) { - getreply (0); - } - if (data >= 0) { - close (data); - data = -1; - } - if (oldintr) - signal (SIGINT, oldintr); - code = -1; - return; - } - oldintr = signal (SIGINT, abortrecv); - if (!local_given || (strcmp (local, "-") && *local != '|')) { - if (access (local, 2) < 0) { - char *dir = strrchr (local, '/'); - - if (errno != ENOENT && errno != EACCES) { - warn ("local: %s", local); - signal (SIGINT, oldintr); - code = -1; - return; - } - if (dir != NULL) - *dir = 0; - d = access (dir ? local : ".", 2); - if (dir != NULL) - *dir = '/'; - if (d < 0) { - warn ("local: %s", local); - signal (SIGINT, oldintr); - code = -1; - return; - } - if (!runique && errno == EACCES && - chmod (local, 0600) < 0) { - warn ("local: %s", local); - signal (SIGINT, oldintr); - signal (SIGINT, oldintr); - code = -1; - return; - } - if (runique && errno == EACCES && - (local = gunique (local)) == NULL) { - signal (SIGINT, oldintr); - code = -1; - return; - } - } else if (runique && (local = gunique (local)) == NULL) { - signal(SIGINT, oldintr); - code = -1; - return; - } - } - if (!is_retr) { - if (curtype != TYPE_A) - changetype (TYPE_A, 0); - } else if (curtype != type) - changetype (type, 0); - if (initconn ()) { - signal (SIGINT, oldintr); - code = -1; - return; - } - if (setjmp (recvabort)) - goto abort; - if (is_retr && restart_point && - command ("REST %ld", (long) restart_point) != CONTINUE) - return; - if (remote) { - if (command ("%s %s", cmd, remote) != PRELIM) { - signal (SIGINT, oldintr); - return; - } - } else { - if (command ("%s", cmd) != PRELIM) { - signal (SIGINT, oldintr); - return; - } - } - din = dataconn ("r"); - if (din == NULL) - goto abort; - set_buffer_size (fileno (din), 1); - if (local_given && strcmp (local, "-") == 0) - fout = stdout; - else if (local_given && *local == '|') { - oldintp = signal (SIGPIPE, SIG_IGN); - fout = popen (local + 1, "w"); - if (fout == NULL) { - warn ("%s", local + 1); - goto abort; - } - closefunc = pclose; - } else { - fout = fopen (local, lmode); - if (fout == NULL) { - warn ("local: %s", local); - goto abort; - } - closefunc = fclose; - } - buf = alloc_buffer (buf, &bufsize, - fstat (fileno (fout), &st) >= 0 ? &st : NULL); - if (buf == NULL) - goto abort; - - gettimeofday (&start, (struct timezone *) 0); - switch (curtype) { - - case TYPE_I: - case TYPE_L: - if (restart_point && - lseek (fileno (fout), restart_point, SEEK_SET) < 0) { - warn ("local: %s", local); - if (closefunc != NULL) - (*closefunc) (fout); - return; - } - errno = d = 0; - while ((c = sec_read (fileno (din), buf, bufsize)) > 0) { - if ((d = write (fileno (fout), buf, c)) != c) - break; - bytes += c; - if (hash) { - while (bytes >= hashbytes) { - putchar ('#'); - hashbytes += HASHBYTES; - } - fflush (stdout); - } - } - if (hash && bytes > 0) { - if (bytes < HASHBYTES) - putchar ('#'); - putchar ('\n'); - fflush (stdout); - } - if (c < 0) { - if (errno != EPIPE) - warn ("netin"); - bytes = -1; - } - if (d < c) { - if (d < 0) - warn ("local: %s", local); - else - warnx ("%s: short write", local); - } - break; - - case TYPE_A: - if (restart_point) { - int i, n, ch; - - if (fseek (fout, 0L, SEEK_SET) < 0) - goto done; - n = restart_point; - for (i = 0; i++ < n;) { - if ((ch = sec_getc (fout)) == EOF) - goto done; - if (ch == '\n') - i++; - } - if (fseek (fout, 0L, SEEK_CUR) < 0) { - done: - warn ("local: %s", local); - if (closefunc != NULL) - (*closefunc) (fout); - return; - } - } - while ((c = sec_getc(din)) != EOF) { - if (c == '\n') - bare_lfs++; - while (c == '\r') { - while (hash && (bytes >= hashbytes)) { - putchar ('#'); - fflush (stdout); - hashbytes += HASHBYTES; - } - bytes++; - if ((c = sec_getc (din)) != '\n' || tcrflag) { - if (ferror (fout)) - goto break2; - putc ('\r', fout); - if (c == '\0') { - bytes++; - goto contin2; - } - if (c == EOF) - goto contin2; - } - } - putc (c, fout); - bytes++; - contin2:; - } -break2: - if (bare_lfs) { - printf ("WARNING! %d bare linefeeds received in ASCII mode\n", - bare_lfs); - printf ("File may not have transferred correctly.\n"); - } - if (hash) { - if (bytes < hashbytes) - putchar ('#'); - putchar ('\n'); - fflush (stdout); - } - if (ferror (din)) { - if (errno != EPIPE) - warn ("netin"); - bytes = -1; - } - if (ferror (fout)) - warn ("local: %s", local); - break; - } - if (closefunc != NULL) - (*closefunc) (fout); - signal (SIGINT, oldintr); - if (oldintp) - signal (SIGPIPE, oldintp); - fclose (din); - gettimeofday (&stop, (struct timezone *) 0); - getreply (0); - if (bytes > 0 && is_retr) - ptransfer ("received", bytes, &start, &stop); - return; -abort: - - /* abort using RFC959 recommended IP,SYNC sequence */ - - if (oldintp) - signal (SIGPIPE, oldintr); - signal (SIGINT, SIG_IGN); - if (!cpend) { - code = -1; - signal (SIGINT, oldintr); - return; - } - abort_remote(din); - code = -1; - if (data >= 0) { - close (data); - data = -1; - } - if (closefunc != NULL && fout != NULL) - (*closefunc) (fout); - if (din) - fclose (din); - gettimeofday (&stop, (struct timezone *) 0); - if (bytes > 0) - ptransfer ("received", bytes, &start, &stop); - signal (SIGINT, oldintr); -} - -static int -parse_epsv (const char *str) -{ - char sep; - char *end; - int port; - - if (*str == '\0') - return -1; - sep = *str++; - if (sep != *str++) - return -1; - if (sep != *str++) - return -1; - port = strtol (str, &end, 0); - if (str == end) - return -1; - if (end[0] != sep || end[1] != '\0') - return -1; - return htons(port); -} - -static int -parse_pasv (struct sockaddr_in *sin4, const char *str) -{ - int a0, a1, a2, a3, p0, p1; - - /* - * What we've got at this point is a string of comma separated - * one-byte unsigned integer values. The first four are the an IP - * address. The fifth is the MSB of the port number, the sixth is the - * LSB. From that we'll prepare a sockaddr_in. - */ - - if (sscanf (str, "%d,%d,%d,%d,%d,%d", - &a0, &a1, &a2, &a3, &p0, &p1) != 6) { - printf ("Passive mode address scan failure. " - "Shouldn't happen!\n"); - return -1; - } - if (a0 < 0 || a0 > 255 || - a1 < 0 || a1 > 255 || - a2 < 0 || a2 > 255 || - a3 < 0 || a3 > 255 || - p0 < 0 || p0 > 255 || - p1 < 0 || p1 > 255) { - printf ("Can't parse passive mode string.\n"); - return -1; - } - memset (sin4, 0, sizeof(*sin4)); - sin4->sin_family = AF_INET; - sin4->sin_addr.s_addr = htonl ((a0 << 24) | (a1 << 16) | - (a2 << 8) | a3); - sin4->sin_port = htons ((p0 << 8) | p1); - return 0; -} - -static int -passive_mode (void) -{ - int port; - - data = socket (myctladdr->sa_family, SOCK_STREAM, 0); - if (data < 0) { - warn ("socket"); - return (1); - } - if (options & SO_DEBUG) - socket_set_debug (data); - if (command ("EPSV") != COMPLETE) { - if (command ("PASV") != COMPLETE) { - printf ("Passive mode refused.\n"); - goto bad; - } - } - - /* - * Parse the reply to EPSV or PASV - */ - - port = parse_epsv (pasv); - if (port > 0) { - data_addr->sa_family = myctladdr->sa_family; - socket_set_address_and_port (data_addr, - socket_get_address (hisctladdr), - port); - } else { - if (parse_pasv ((struct sockaddr_in *)data_addr, pasv) < 0) - goto bad; - } - - if (connect (data, data_addr, socket_sockaddr_size (data_addr)) < 0) { - warn ("connect"); - goto bad; - } -#ifdef IPTOS_THROUGHPUT - socket_set_tos (data, IPTOS_THROUGHPUT); -#endif - return (0); -bad: - close (data); - data = -1; - sendport = 1; - return (1); -} - - -static int -active_mode (void) -{ - int tmpno = 0; - socklen_t len; - int result; - -noport: - data_addr->sa_family = myctladdr->sa_family; - socket_set_address_and_port (data_addr, socket_get_address (myctladdr), - sendport ? 0 : socket_get_port (myctladdr)); - - if (data != -1) - close (data); - data = socket (data_addr->sa_family, SOCK_STREAM, 0); - if (data < 0) { - warn ("socket"); - if (tmpno) - sendport = 1; - return (1); - } - if (!sendport) - socket_set_reuseaddr (data, 1); - if (bind (data, data_addr, socket_sockaddr_size (data_addr)) < 0) { - warn ("bind"); - goto bad; - } - if (options & SO_DEBUG) - socket_set_debug (data); - len = sizeof (data_addr_ss); - if (getsockname (data, data_addr, &len) < 0) { - warn ("getsockname"); - goto bad; - } - if (listen (data, 1) < 0) - warn ("listen"); - if (sendport) { - char addr_str[256]; - int inet_af; - int overbose; - - if (inet_ntop (data_addr->sa_family, socket_get_address (data_addr), - addr_str, sizeof(addr_str)) == NULL) - errx (1, "inet_ntop failed"); - switch (data_addr->sa_family) { - case AF_INET : - inet_af = 1; - break; -#ifdef HAVE_IPV6 - case AF_INET6 : - inet_af = 2; - break; -#endif - default : - errx (1, "bad address family %d", data_addr->sa_family); - } - - - overbose = verbose; - if (debug == 0) - verbose = -1; - - result = command ("EPRT |%d|%s|%d|", - inet_af, addr_str, - ntohs(socket_get_port (data_addr))); - verbose = overbose; - - if (result == ERROR) { - struct sockaddr_in *sin4 = (struct sockaddr_in *)data_addr; - - unsigned int a = ntohl(sin4->sin_addr.s_addr); - unsigned int p = ntohs(sin4->sin_port); - - if (data_addr->sa_family != AF_INET) { - warnx ("remote server doesn't support EPRT"); - goto bad; - } - - result = command("PORT %d,%d,%d,%d,%d,%d", - (a >> 24) & 0xff, - (a >> 16) & 0xff, - (a >> 8) & 0xff, - a & 0xff, - (p >> 8) & 0xff, - p & 0xff); - if (result == ERROR && sendport == -1) { - sendport = 0; - tmpno = 1; - goto noport; - } - return (result != COMPLETE); - } - return result != COMPLETE; - } - if (tmpno) - sendport = 1; - - -#ifdef IPTOS_THROUGHPUT - socket_set_tos (data, IPTOS_THROUGHPUT); -#endif - return (0); -bad: - close (data); - data = -1; - if (tmpno) - sendport = 1; - return (1); -} - -/* - * Need to start a listen on the data channel before we send the command, - * otherwise the server's connect may fail. - */ -int -initconn (void) -{ - if (passivemode) - return passive_mode (); - else - return active_mode (); -} - -FILE * -dataconn (const char *lmode) -{ - struct sockaddr_storage from_ss; - struct sockaddr *from = (struct sockaddr *)&from_ss; - socklen_t fromlen = sizeof(from_ss); - int s; - - if (passivemode) - return (fdopen (data, lmode)); - - s = accept (data, from, &fromlen); - if (s < 0) { - warn ("accept"); - close (data), data = -1; - return (NULL); - } - close (data); - data = s; -#ifdef IPTOS_THROUGHPUT - socket_set_tos (s, IPTOS_THROUGHPUT); -#endif - return (fdopen (data, lmode)); -} - -void -ptransfer (char *direction, long int bytes, - struct timeval * t0, struct timeval * t1) -{ - struct timeval td; - float s; - float bs; - int prec; - char *unit; - - if (verbose) { - td.tv_sec = t1->tv_sec - t0->tv_sec; - td.tv_usec = t1->tv_usec - t0->tv_usec; - if (td.tv_usec < 0) { - td.tv_sec--; - td.tv_usec += 1000000; - } - s = td.tv_sec + (td.tv_usec / 1000000.); - bs = bytes / (s ? s : 1); - if (bs >= 1048576) { - bs /= 1048576; - unit = "M"; - prec = 2; - } else if (bs >= 1024) { - bs /= 1024; - unit = "k"; - prec = 1; - } else { - unit = ""; - prec = 0; - } - - printf ("%ld bytes %s in %.3g seconds (%.*f %sbyte/s)\n", - bytes, direction, s, prec, bs, unit); - } -} - -void -psabort (int sig) -{ - - abrtflag++; -} - -void -pswitch (int flag) -{ - sighand oldintr; - static struct comvars { - int connect; - char name[MaxHostNameLen]; - struct sockaddr_storage mctl; - struct sockaddr_storage hctl; - FILE *in; - FILE *out; - int tpe; - int curtpe; - int cpnd; - int sunqe; - int runqe; - int mcse; - int ntflg; - char nti[17]; - char nto[17]; - int mapflg; - char mi[MaxPathLen]; - char mo[MaxPathLen]; - } proxstruct, tmpstruct; - struct comvars *ip, *op; - - abrtflag = 0; - oldintr = signal (SIGINT, psabort); - if (flag) { - if (proxy) - return; - ip = &tmpstruct; - op = &proxstruct; - proxy++; - } else { - if (!proxy) - return; - ip = &proxstruct; - op = &tmpstruct; - proxy = 0; - } - ip->connect = connected; - connected = op->connect; - if (hostname) { - strlcpy (ip->name, hostname, sizeof (ip->name)); - } else - ip->name[0] = 0; - hostname = op->name; - ip->hctl = hisctladdr_ss; - hisctladdr_ss = op->hctl; - ip->mctl = myctladdr_ss; - myctladdr_ss = op->mctl; - ip->in = cin; - cin = op->in; - ip->out = cout; - cout = op->out; - ip->tpe = type; - type = op->tpe; - ip->curtpe = curtype; - curtype = op->curtpe; - ip->cpnd = cpend; - cpend = op->cpnd; - ip->sunqe = sunique; - sunique = op->sunqe; - ip->runqe = runique; - runique = op->runqe; - ip->mcse = mcase; - mcase = op->mcse; - ip->ntflg = ntflag; - ntflag = op->ntflg; - strlcpy (ip->nti, ntin, sizeof (ip->nti)); - strlcpy (ntin, op->nti, 17); - strlcpy (ip->nto, ntout, sizeof (ip->nto)); - strlcpy (ntout, op->nto, 17); - ip->mapflg = mapflag; - mapflag = op->mapflg; - strlcpy (ip->mi, mapin, MaxPathLen); - strlcpy (mapin, op->mi, MaxPathLen); - strlcpy (ip->mo, mapout, MaxPathLen); - strlcpy (mapout, op->mo, MaxPathLen); - signal(SIGINT, oldintr); - if (abrtflag) { - abrtflag = 0; - (*oldintr) (SIGINT); - } -} - -void -abortpt (int sig) -{ - - printf ("\n"); - fflush (stdout); - ptabflg++; - mflag = 0; - abrtflag = 0; - longjmp (ptabort, 1); -} - -void -proxtrans (char *cmd, char *local, char *remote) -{ - sighand oldintr = NULL; - int secndflag = 0, prox_type, nfnd; - char *cmd2; - fd_set mask; - - if (strcmp (cmd, "RETR")) - cmd2 = "RETR"; - else - cmd2 = runique ? "STOU" : "STOR"; - if ((prox_type = type) == 0) { - if (unix_server && unix_proxy) - prox_type = TYPE_I; - else - prox_type = TYPE_A; - } - if (curtype != prox_type) - changetype (prox_type, 1); - if (command ("PASV") != COMPLETE) { - printf ("proxy server does not support third party transfers.\n"); - return; - } - pswitch (0); - if (!connected) { - printf ("No primary connection\n"); - pswitch (1); - code = -1; - return; - } - if (curtype != prox_type) - changetype (prox_type, 1); - if (command ("PORT %s", pasv) != COMPLETE) { - pswitch (1); - return; - } - if (setjmp (ptabort)) - goto abort; - oldintr = signal (SIGINT, abortpt); - if (command ("%s %s", cmd, remote) != PRELIM) { - signal (SIGINT, oldintr); - pswitch (1); - return; - } - sleep (2); - pswitch (1); - secndflag++; - if (command ("%s %s", cmd2, local) != PRELIM) - goto abort; - ptflag++; - getreply (0); - pswitch (0); - getreply (0); - signal (SIGINT, oldintr); - pswitch (1); - ptflag = 0; - printf ("local: %s remote: %s\n", local, remote); - return; -abort: - signal (SIGINT, SIG_IGN); - ptflag = 0; - if (strcmp (cmd, "RETR") && !proxy) - pswitch (1); - else if (!strcmp (cmd, "RETR") && proxy) - pswitch (0); - if (!cpend && !secndflag) { /* only here if cmd = "STOR" (proxy=1) */ - if (command ("%s %s", cmd2, local) != PRELIM) { - pswitch (0); - if (cpend) - abort_remote ((FILE *) NULL); - } - pswitch (1); - if (ptabflg) - code = -1; - if (oldintr) - signal (SIGINT, oldintr); - return; - } - if (cpend) - abort_remote ((FILE *) NULL); - pswitch (!proxy); - if (!cpend && !secndflag) { /* only if cmd = "RETR" (proxy=1) */ - if (command ("%s %s", cmd2, local) != PRELIM) { - pswitch (0); - if (cpend) - abort_remote ((FILE *) NULL); - pswitch (1); - if (ptabflg) - code = -1; - signal (SIGINT, oldintr); - return; - } - } - if (cpend) - abort_remote ((FILE *) NULL); - pswitch (!proxy); - if (cpend) { - FD_ZERO (&mask); - if (fileno(cin) >= FD_SETSIZE) - errx (1, "fd too large"); - FD_SET (fileno (cin), &mask); - if ((nfnd = empty (&mask, 10)) <= 0) { - if (nfnd < 0) { - warn ("abort"); - } - if (ptabflg) - code = -1; - lostpeer (0); - } - getreply (0); - getreply (0); - } - if (proxy) - pswitch (0); - pswitch (1); - if (ptabflg) - code = -1; - signal (SIGINT, oldintr); -} - -void -reset (int argc, char **argv) -{ - fd_set mask; - int nfnd = 1; - - FD_ZERO (&mask); - while (nfnd > 0) { - if (fileno (cin) >= FD_SETSIZE) - errx (1, "fd too large"); - FD_SET (fileno (cin), &mask); - if ((nfnd = empty (&mask, 0)) < 0) { - warn ("reset"); - code = -1; - lostpeer(0); - } else if (nfnd) { - getreply(0); - } - } -} - -char * -gunique (char *local) -{ - static char new[MaxPathLen]; - char *cp = strrchr (local, '/'); - int d, count = 0; - char ext = '1'; - - if (cp) - *cp = '\0'; - d = access (cp ? local : ".", 2); - if (cp) - *cp = '/'; - if (d < 0) { - warn ("local: %s", local); - return NULL; - } - strlcpy (new, local, sizeof(new)); - cp = new + strlen(new); - *cp++ = '.'; - while (!d) { - if (++count == 100) { - printf ("runique: can't find unique file name.\n"); - return NULL; - } - *cp++ = ext; - *cp = '\0'; - if (ext == '9') - ext = '0'; - else - ext++; - if ((d = access (new, 0)) < 0) - break; - if (ext != '0') - cp--; - else if (*(cp - 2) == '.') - *(cp - 1) = '1'; - else { - *(cp - 2) = *(cp - 2) + 1; - cp--; - } - } - return (new); -} - -void -abort_remote (FILE * din) -{ - char buf[BUFSIZ]; - int nfnd; - fd_set mask; - - /* - * send IAC in urgent mode instead of DM because 4.3BSD places oob mark - * after urgent byte rather than before as is protocol now - */ - snprintf (buf, sizeof (buf), "%c%c%c", IAC, IP, IAC); - if (send (fileno (cout), buf, 3, MSG_OOB) != 3) - warn ("abort"); - fprintf (cout, "%c", DM); - sec_fprintf(cout, "ABOR"); - sec_fflush (cout); - fprintf (cout, "\r\n"); - fflush(cout); - FD_ZERO (&mask); - if (fileno (cin) >= FD_SETSIZE) - errx (1, "fd too large"); - FD_SET (fileno (cin), &mask); - if (din) { - if (fileno (din) >= FD_SETSIZE) - errx (1, "fd too large"); - FD_SET (fileno (din), &mask); - } - if ((nfnd = empty (&mask, 10)) <= 0) { - if (nfnd < 0) { - warn ("abort"); - } - if (ptabflg) - code = -1; - lostpeer (0); - } - if (din && FD_ISSET (fileno (din), &mask)) { - while (read (fileno (din), buf, BUFSIZ) > 0) - /* LOOP */ ; - } - if (getreply (0) == ERROR && code == 552) { - /* 552 needed for nic style abort */ - getreply (0); - } - getreply (0); -} diff --git a/crypto/heimdal/appl/ftp/ftp/ftp_locl.h b/crypto/heimdal/appl/ftp/ftp/ftp_locl.h deleted file mode 100644 index 51808c14721b..000000000000 --- a/crypto/heimdal/appl/ftp/ftp/ftp_locl.h +++ /dev/null @@ -1,141 +0,0 @@ -/* - * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: ftp_locl.h 11444 2002-09-10 20:03:49Z joda $ */ - -#ifndef __FTP_LOCL_H__ -#define __FTP_LOCL_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#ifdef HAVE_PWD_H -#include -#endif -#include -#include -#include -#include -#include -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif -#ifdef HAVE_SYS_WAIT_H -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif - -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN_SYSTM_H -#include -#endif -#ifdef HAVE_NETINET_IP_H -#include -#endif - -#ifdef HAVE_ARPA_FTP_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_ARPA_TELNET_H -#include -#endif - -#include -#include -#include -#ifdef HAVE_NETDB_H -#include -#endif - -#ifdef HAVE_SYS_MMAN_H -#include -#endif - -#include - -#ifdef SOCKS -#include -extern int LIBPREFIX(fclose) (FILE *); - -/* This doesn't belong here. */ -struct tm *localtime(const time_t *); -struct hostent *gethostbyname(const char *); - -#endif - -#include "ftp_var.h" -#include "extern.h" -#include "common.h" -#include "pathnames.h" - -#include "roken.h" -#include "security.h" - -/* des_read_pw_string */ -#include "crypto-headers.h" - -#if defined(__sun__) && !defined(__svr4) -int fclose(FILE*); -int pclose(FILE*); -#endif - -#endif /* __FTP_LOCL_H__ */ diff --git a/crypto/heimdal/appl/ftp/ftp/ftp_var.h b/crypto/heimdal/appl/ftp/ftp/ftp_var.h deleted file mode 100644 index 75ec495b76eb..000000000000 --- a/crypto/heimdal/appl/ftp/ftp/ftp_var.h +++ /dev/null @@ -1,130 +0,0 @@ -/* - * Copyright (c) 1985, 1989, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)ftp_var.h 8.4 (Berkeley) 10/9/94 - */ - -/* - * FTP global variables. - */ - -#ifdef HAVE_SYS_PARAM_H -#include -#endif -#include - -/* - * Options and other state info. - */ -extern int trace; /* trace packets exchanged */ -extern int hash; /* print # for each buffer transferred */ -extern int sendport; /* use PORT cmd for each data connection */ -extern int verbose; /* print messages coming back from server */ -extern int connected; /* connected to server */ -extern int fromatty; /* input is from a terminal */ -extern int interactive; /* interactively prompt on m* cmds */ -extern int lineedit; /* use line-editing */ -extern int debug; /* debugging level */ -extern int bell; /* ring bell on cmd completion */ -extern int doglob; /* glob local file names */ -extern int autologin; /* establish user account on connection */ -extern int doencrypt; -extern int proxy; /* proxy server connection active */ -extern int proxflag; /* proxy connection exists */ -extern int sunique; /* store files on server with unique name */ -extern int runique; /* store local files with unique name */ -extern int mcase; /* map upper to lower case for mget names */ -extern int ntflag; /* use ntin ntout tables for name translation */ -extern int mapflag; /* use mapin mapout templates on file names */ -extern int code; /* return/reply code for ftp command */ -extern int crflag; /* if 1, strip car. rets. on ascii gets */ -extern char pasv[64]; /* passive port for proxy data connection */ -extern int passivemode; /* passive mode enabled */ -extern char *altarg; /* argv[1] with no shell-like preprocessing */ -extern char ntin[17]; /* input translation table */ -extern char ntout[17]; /* output translation table */ -extern char mapin[MaxPathLen]; /* input map template */ -extern char mapout[MaxPathLen]; /* output map template */ -extern char typename[32]; /* name of file transfer type */ -extern int type; /* requested file transfer type */ -extern int curtype; /* current file transfer type */ -extern char structname[32]; /* name of file transfer structure */ -extern int stru; /* file transfer structure */ -extern char formname[32]; /* name of file transfer format */ -extern int form; /* file transfer format */ -extern char modename[32]; /* name of file transfer mode */ -extern int mode; /* file transfer mode */ -extern char bytename[32]; /* local byte size in ascii */ -extern int bytesize; /* local byte size in binary */ - -extern char *hostname; /* name of host connected to */ -extern int unix_server; /* server is unix, can use binary for ascii */ -extern int unix_proxy; /* proxy is unix, can use binary for ascii */ - -extern jmp_buf toplevel; /* non-local goto stuff for cmd scanner */ - -extern char line[200]; /* input line buffer */ -extern char *stringbase; /* current scan point in line buffer */ -extern char argbuf[200]; /* argument storage buffer */ -extern char *argbase; /* current storage point in arg buffer */ -extern int margc; /* count of arguments on input line */ -extern char **margv; /* args parsed from input line */ -extern int margvlen; /* how large margv is currently */ -extern int cpend; /* flag: if != 0, then pending server reply */ -extern int mflag; /* flag: if != 0, then active multi command */ - -extern int options; /* used during socket creation */ -extern int use_kerberos; /* use Kerberos authentication */ - -/* - * Format of command table. - */ -struct cmd { - char *c_name; /* name of command */ - char *c_help; /* help string */ - char c_bell; /* give bell when command completes */ - char c_conn; /* must be connected to use command */ - char c_proxy; /* proxy server may execute */ - void (*c_handler) (int, char **); /* function to call */ -}; - -struct macel { - char mac_name[9]; /* macro name */ - char *mac_start; /* start of macro in macbuf */ - char *mac_end; /* end of macro in macbuf */ -}; - -extern int macnum; /* number of defined macros */ -extern struct macel macros[16]; -extern char macbuf[4096]; - - diff --git a/crypto/heimdal/appl/ftp/ftp/globals.c b/crypto/heimdal/appl/ftp/ftp/globals.c deleted file mode 100644 index 52f80488240f..000000000000 --- a/crypto/heimdal/appl/ftp/ftp/globals.c +++ /dev/null @@ -1,79 +0,0 @@ -#include "ftp_locl.h" -RCSID("$Id: globals.c 16160 2005-10-12 09:42:47Z joda $"); - -/* - * Options and other state info. - */ -int trace; /* trace packets exchanged */ -int hash; /* print # for each buffer transferred */ -int sendport; /* use PORT cmd for each data connection */ -int verbose; /* print messages coming back from server */ -int connected; /* connected to server */ -int fromatty; /* input is from a terminal */ -int interactive; /* interactively prompt on m* cmds */ -int lineedit; /* use line-editing */ -int debug; /* debugging level */ -int bell; /* ring bell on cmd completion */ -int doglob; /* glob local file names */ -int doencrypt; /* try to use encryption */ -int autologin; /* establish user account on connection */ -int proxy; /* proxy server connection active */ -int proxflag; /* proxy connection exists */ -int sunique; /* store files on server with unique name */ -int runique; /* store local files with unique name */ -int mcase; /* map upper to lower case for mget names */ -int ntflag; /* use ntin ntout tables for name translation */ -int mapflag; /* use mapin mapout templates on file names */ -int code; /* return/reply code for ftp command */ -int crflag; /* if 1, strip car. rets. on ascii gets */ -char pasv[64]; /* passive port for proxy data connection */ -int passivemode; /* passive mode enabled */ -char *altarg; /* argv[1] with no shell-like preprocessing */ -char ntin[17]; /* input translation table */ -char ntout[17]; /* output translation table */ -char mapin[MaxPathLen]; /* input map template */ -char mapout[MaxPathLen]; /* output map template */ -char typename[32]; /* name of file transfer type */ -int type; /* requested file transfer type */ -int curtype; /* current file transfer type */ -char structname[32]; /* name of file transfer structure */ -int stru; /* file transfer structure */ -char formname[32]; /* name of file transfer format */ -int form; /* file transfer format */ -char modename[32]; /* name of file transfer mode */ -int mode; /* file transfer mode */ -char bytename[32]; /* local byte size in ascii */ -int bytesize; /* local byte size in binary */ - -char *hostname; /* name of host connected to */ -int unix_server; /* server is unix, can use binary for ascii */ -int unix_proxy; /* proxy is unix, can use binary for ascii */ - -jmp_buf toplevel; /* non-local goto stuff for cmd scanner */ - -char line[200]; /* input line buffer */ -char *stringbase; /* current scan point in line buffer */ -char argbuf[200]; /* argument storage buffer */ -char *argbase; /* current storage point in arg buffer */ -int margc; /* count of arguments on input line */ -char **margv; /* args parsed from input line */ -int margvlen; /* how large margv is currently */ -int cpend; /* flag: if != 0, then pending server reply */ -int mflag; /* flag: if != 0, then active multi command */ - -int options; /* used during socket creation */ -int use_kerberos; /* use Kerberos authentication */ - -/* - * Format of command table. - */ - -int macnum; /* number of defined macros */ -struct macel macros[16]; -char macbuf[4096]; - -char username[32]; - -/* these are set in ruserpass */ -char myhostname[MaxHostNameLen]; -char *mydomain; diff --git a/crypto/heimdal/appl/ftp/ftp/gssapi.c b/crypto/heimdal/appl/ftp/ftp/gssapi.c deleted file mode 100644 index 9432feb8290e..000000000000 --- a/crypto/heimdal/appl/ftp/ftp/gssapi.c +++ /dev/null @@ -1,528 +0,0 @@ -/* - * Copyright (c) 1998 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef FTP_SERVER -#include "ftpd_locl.h" -#else -#include "ftp_locl.h" -#endif -#include -#include - -RCSID("$Id: gssapi.c 21513 2007-07-12 12:45:25Z lha $"); - -int ftp_do_gss_bindings = 0; -int ftp_do_gss_delegate = 1; - -struct gss_data { - gss_ctx_id_t context_hdl; - char *client_name; - gss_cred_id_t delegated_cred_handle; - void *mech_data; -}; - -static int -gss_init(void *app_data) -{ - struct gss_data *d = app_data; - d->context_hdl = GSS_C_NO_CONTEXT; - d->delegated_cred_handle = GSS_C_NO_CREDENTIAL; -#if defined(FTP_SERVER) - return 0; -#else - /* XXX Check the gss mechanism; with gss_indicate_mechs() ? */ -#ifdef KRB5 - return !use_kerberos; -#else - return 0; -#endif /* KRB5 */ -#endif /* FTP_SERVER */ -} - -static int -gss_check_prot(void *app_data, int level) -{ - if(level == prot_confidential) - return -1; - return 0; -} - -static int -gss_decode(void *app_data, void *buf, int len, int level) -{ - OM_uint32 maj_stat, min_stat; - gss_buffer_desc input, output; - gss_qop_t qop_state; - int conf_state; - struct gss_data *d = app_data; - size_t ret_len; - - input.length = len; - input.value = buf; - maj_stat = gss_unwrap (&min_stat, - d->context_hdl, - &input, - &output, - &conf_state, - &qop_state); - if(GSS_ERROR(maj_stat)) - return -1; - memmove(buf, output.value, output.length); - ret_len = output.length; - gss_release_buffer(&min_stat, &output); - return ret_len; -} - -static int -gss_overhead(void *app_data, int level, int len) -{ - return 100; /* dunno? */ -} - - -static int -gss_encode(void *app_data, void *from, int length, int level, void **to) -{ - OM_uint32 maj_stat, min_stat; - gss_buffer_desc input, output; - int conf_state; - struct gss_data *d = app_data; - - input.length = length; - input.value = from; - maj_stat = gss_wrap (&min_stat, - d->context_hdl, - level == prot_private, - GSS_C_QOP_DEFAULT, - &input, - &conf_state, - &output); - *to = output.value; - return output.length; -} - -static void -sockaddr_to_gss_address (struct sockaddr *sa, - OM_uint32 *addr_type, - gss_buffer_desc *gss_addr) -{ - switch (sa->sa_family) { -#ifdef HAVE_IPV6 - case AF_INET6 : { - struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; - - gss_addr->length = 16; - gss_addr->value = &sin6->sin6_addr; - *addr_type = GSS_C_AF_INET6; - break; - } -#endif - case AF_INET : { - struct sockaddr_in *sin4 = (struct sockaddr_in *)sa; - - gss_addr->length = 4; - gss_addr->value = &sin4->sin_addr; - *addr_type = GSS_C_AF_INET; - break; - } - default : - errx (1, "unknown address family %d", sa->sa_family); - - } -} - -/* end common stuff */ - -#ifdef FTP_SERVER - -static int -gss_adat(void *app_data, void *buf, size_t len) -{ - char *p = NULL; - gss_buffer_desc input_token, output_token; - OM_uint32 maj_stat, min_stat; - gss_name_t client_name; - struct gss_data *d = app_data; - gss_channel_bindings_t bindings; - - if (ftp_do_gss_bindings) { - bindings = malloc(sizeof(*bindings)); - if (bindings == NULL) - errx(1, "out of memory"); - - sockaddr_to_gss_address (his_addr, - &bindings->initiator_addrtype, - &bindings->initiator_address); - sockaddr_to_gss_address (ctrl_addr, - &bindings->acceptor_addrtype, - &bindings->acceptor_address); - - bindings->application_data.length = 0; - bindings->application_data.value = NULL; - } else - bindings = GSS_C_NO_CHANNEL_BINDINGS; - - input_token.value = buf; - input_token.length = len; - - maj_stat = gss_accept_sec_context (&min_stat, - &d->context_hdl, - GSS_C_NO_CREDENTIAL, - &input_token, - bindings, - &client_name, - NULL, - &output_token, - NULL, - NULL, - &d->delegated_cred_handle); - - if (bindings != GSS_C_NO_CHANNEL_BINDINGS) - free(bindings); - - if(output_token.length) { - if(base64_encode(output_token.value, output_token.length, &p) < 0) { - reply(535, "Out of memory base64-encoding."); - return -1; - } - gss_release_buffer(&min_stat, &output_token); - } - if(maj_stat == GSS_S_COMPLETE){ - char *name; - gss_buffer_desc export_name; - gss_OID oid; - - maj_stat = gss_display_name(&min_stat, client_name, - &export_name, &oid); - if(maj_stat != 0) { - reply(500, "Error displaying name"); - goto out; - } - /* XXX kerberos */ - if(oid != GSS_KRB5_NT_PRINCIPAL_NAME) { - reply(500, "OID not kerberos principal name"); - gss_release_buffer(&min_stat, &export_name); - goto out; - } - name = malloc(export_name.length + 1); - if(name == NULL) { - reply(500, "Out of memory"); - gss_release_buffer(&min_stat, &export_name); - goto out; - } - memcpy(name, export_name.value, export_name.length); - name[export_name.length] = '\0'; - gss_release_buffer(&min_stat, &export_name); - d->client_name = name; - if(p) - reply(235, "ADAT=%s", p); - else - reply(235, "ADAT Complete"); - sec_complete = 1; - - } else if(maj_stat == GSS_S_CONTINUE_NEEDED) { - if(p) - reply(335, "ADAT=%s", p); - else - reply(335, "OK, need more data"); - } else { - OM_uint32 new_stat; - OM_uint32 msg_ctx = 0; - gss_buffer_desc status_string; - gss_display_status(&new_stat, - min_stat, - GSS_C_MECH_CODE, - GSS_C_NO_OID, - &msg_ctx, - &status_string); - syslog(LOG_ERR, "gss_accept_sec_context: %s", - (char*)status_string.value); - gss_release_buffer(&new_stat, &status_string); - reply(431, "Security resource unavailable"); - } - out: - if (client_name) - gss_release_name(&min_stat, &client_name); - free(p); - return 0; -} - -int gss_userok(void*, char*); -int gss_session(void*, char*); - -struct sec_server_mech gss_server_mech = { - "GSSAPI", - sizeof(struct gss_data), - gss_init, /* init */ - NULL, /* end */ - gss_check_prot, - gss_overhead, - gss_encode, - gss_decode, - /* */ - NULL, - gss_adat, - NULL, /* pbsz */ - NULL, /* ccc */ - gss_userok, - gss_session -}; - -#else /* FTP_SERVER */ - -extern struct sockaddr *hisctladdr, *myctladdr; - -static int -import_name(const char *kname, const char *host, gss_name_t *target_name) -{ - OM_uint32 maj_stat, min_stat; - gss_buffer_desc name; - char *str; - - name.length = asprintf(&str, "%s@%s", kname, host); - if (str == NULL) { - printf("Out of memory\n"); - return AUTH_ERROR; - } - name.value = str; - - maj_stat = gss_import_name(&min_stat, - &name, - GSS_C_NT_HOSTBASED_SERVICE, - target_name); - if (GSS_ERROR(maj_stat)) { - OM_uint32 new_stat; - OM_uint32 msg_ctx = 0; - gss_buffer_desc status_string; - - gss_display_status(&new_stat, - min_stat, - GSS_C_MECH_CODE, - GSS_C_NO_OID, - &msg_ctx, - &status_string); - printf("Error importing name %s: %s\n", - (char *)name.value, - (char *)status_string.value); - free(name.value); - gss_release_buffer(&new_stat, &status_string); - return AUTH_ERROR; - } - free(name.value); - return 0; -} - -static int -gss_auth(void *app_data, char *host) -{ - - OM_uint32 maj_stat, min_stat; - gss_name_t target_name; - gss_buffer_desc input, output_token; - int context_established = 0; - char *p; - int n; - gss_channel_bindings_t bindings; - struct gss_data *d = app_data; - OM_uint32 mech_flags = GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG; - - const char *knames[] = { "ftp", "host", NULL }, **kname = knames; - - - if(import_name(*kname++, host, &target_name)) - return AUTH_ERROR; - - input.length = 0; - input.value = NULL; - - if (ftp_do_gss_bindings) { - bindings = malloc(sizeof(*bindings)); - if (bindings == NULL) - errx(1, "out of memory"); - - sockaddr_to_gss_address (myctladdr, - &bindings->initiator_addrtype, - &bindings->initiator_address); - sockaddr_to_gss_address (hisctladdr, - &bindings->acceptor_addrtype, - &bindings->acceptor_address); - - bindings->application_data.length = 0; - bindings->application_data.value = NULL; - } else - bindings = GSS_C_NO_CHANNEL_BINDINGS; - - if (ftp_do_gss_delegate) - mech_flags |= GSS_C_DELEG_FLAG; - - while(!context_established) { - maj_stat = gss_init_sec_context(&min_stat, - GSS_C_NO_CREDENTIAL, - &d->context_hdl, - target_name, - GSS_C_NO_OID, - mech_flags, - 0, - bindings, - &input, - NULL, - &output_token, - NULL, - NULL); - if (GSS_ERROR(maj_stat)) { - OM_uint32 new_stat; - OM_uint32 msg_ctx = 0; - gss_buffer_desc status_string; - - d->context_hdl = GSS_C_NO_CONTEXT; - - gss_release_name(&min_stat, &target_name); - - if(*kname != NULL) { - - if(import_name(*kname++, host, &target_name)) { - if (bindings != GSS_C_NO_CHANNEL_BINDINGS) - free(bindings); - return AUTH_ERROR; - } - continue; - } - - if (bindings != GSS_C_NO_CHANNEL_BINDINGS) - free(bindings); - - gss_display_status(&new_stat, - min_stat, - GSS_C_MECH_CODE, - GSS_C_NO_OID, - &msg_ctx, - &status_string); - printf("Error initializing security context: %s\n", - (char*)status_string.value); - gss_release_buffer(&new_stat, &status_string); - return AUTH_CONTINUE; - } - - if (input.value) { - free(input.value); - input.value = NULL; - input.length = 0; - } - if (output_token.length != 0) { - base64_encode(output_token.value, output_token.length, &p); - gss_release_buffer(&min_stat, &output_token); - n = command("ADAT %s", p); - free(p); - } - if (GSS_ERROR(maj_stat)) { - if (d->context_hdl != GSS_C_NO_CONTEXT) - gss_delete_sec_context (&min_stat, - &d->context_hdl, - GSS_C_NO_BUFFER); - break; - } - if (maj_stat & GSS_S_CONTINUE_NEEDED) { - p = strstr(reply_string, "ADAT="); - if(p == NULL){ - printf("Error: expected ADAT in reply. got: %s\n", - reply_string); - if (bindings != GSS_C_NO_CHANNEL_BINDINGS) - free(bindings); - return AUTH_ERROR; - } else { - p+=5; - input.value = malloc(strlen(p)); - input.length = base64_decode(p, input.value); - } - } else { - if(code != 235) { - printf("Unrecognized response code: %d\n", code); - if (bindings != GSS_C_NO_CHANNEL_BINDINGS) - free(bindings); - return AUTH_ERROR; - } - context_established = 1; - } - } - - gss_release_name(&min_stat, &target_name); - - if (bindings != GSS_C_NO_CHANNEL_BINDINGS) - free(bindings); - if (input.value) - free(input.value); - - { - gss_name_t targ_name; - - maj_stat = gss_inquire_context(&min_stat, - d->context_hdl, - NULL, - &targ_name, - NULL, - NULL, - NULL, - NULL, - NULL); - if (GSS_ERROR(maj_stat) == 0) { - gss_buffer_desc name; - maj_stat = gss_display_name (&min_stat, - targ_name, - &name, - NULL); - if (GSS_ERROR(maj_stat) == 0) { - printf("Authenticated to <%s>\n", (char *)name.value); - gss_release_buffer(&min_stat, &name); - } - gss_release_name(&min_stat, &targ_name); - } else - printf("Failed to get gss name of peer.\n"); - } - - - return AUTH_OK; -} - -struct sec_client_mech gss_client_mech = { - "GSSAPI", - sizeof(struct gss_data), - gss_init, - gss_auth, - NULL, /* end */ - gss_check_prot, - gss_overhead, - gss_encode, - gss_decode, -}; - -#endif /* FTP_SERVER */ diff --git a/crypto/heimdal/appl/ftp/ftp/kauth.c b/crypto/heimdal/appl/ftp/ftp/kauth.c deleted file mode 100644 index 36305d2cd2e1..000000000000 --- a/crypto/heimdal/appl/ftp/ftp/kauth.c +++ /dev/null @@ -1,193 +0,0 @@ -/* - * Copyright (c) 1995-1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ftp_locl.h" -RCSID("$Id: kauth.c 15666 2005-07-19 17:08:11Z lha $"); - -#ifdef KRB4 -#include - -void -kauth(int argc, char **argv) -{ - int ret; - char buf[1024]; - des_cblock key; - des_key_schedule schedule; - KTEXT_ST tkt, tktcopy; - char *name; - char *p; - int overbose; - char passwd[100]; - int tmp; - - int save; - - if(argc > 2){ - printf("usage: %s [principal]\n", argv[0]); - code = -1; - return; - } - if(argc == 2) - name = argv[1]; - else - name = username; - - overbose = verbose; - verbose = 0; - - save = set_command_prot(prot_private); - ret = command("SITE KAUTH %s", name); - if(ret != CONTINUE){ - verbose = overbose; - set_command_prot(save); - code = -1; - return; - } - verbose = overbose; - p = strstr(reply_string, "T="); - if(!p){ - printf("Bad reply from server.\n"); - set_command_prot(save); - code = -1; - return; - } - p += 2; - tmp = base64_decode(p, &tkt.dat); - if(tmp < 0){ - printf("Failed to decode base64 in reply.\n"); - set_command_prot(save); - code = -1; - return; - } - tkt.length = tmp; - tktcopy.length = tkt.length; - - p = strstr(reply_string, "P="); - if(!p){ - printf("Bad reply from server.\n"); - verbose = overbose; - set_command_prot(save); - code = -1; - return; - } - name = p + 2; - for(; *p && *p != ' ' && *p != '\r' && *p != '\n'; p++); - *p = 0; - - snprintf(buf, sizeof(buf), "Password for %s:", name); - if (des_read_pw_string (passwd, sizeof(passwd)-1, buf, 0)) - *passwd = '\0'; - des_string_to_key (passwd, &key); - - des_key_sched(&key, schedule); - - des_pcbc_encrypt((des_cblock*)tkt.dat, (des_cblock*)tktcopy.dat, - tkt.length, - schedule, &key, DES_DECRYPT); - if (strcmp ((char*)tktcopy.dat + 8, - KRB_TICKET_GRANTING_TICKET) != 0) { - afs_string_to_key (passwd, krb_realmofhost(hostname), &key); - des_key_sched (&key, schedule); - des_pcbc_encrypt((des_cblock*)tkt.dat, (des_cblock*)tktcopy.dat, - tkt.length, - schedule, &key, DES_DECRYPT); - } - memset(key, 0, sizeof(key)); - memset(schedule, 0, sizeof(schedule)); - memset(passwd, 0, sizeof(passwd)); - if(base64_encode(tktcopy.dat, tktcopy.length, &p) < 0) { - printf("Out of memory base64-encoding.\n"); - set_command_prot(save); - code = -1; - return; - } - memset (tktcopy.dat, 0, tktcopy.length); - ret = command("SITE KAUTH %s %s", name, p); - free(p); - set_command_prot(save); - if(ret != COMPLETE){ - code = -1; - return; - } - code = 0; -} - -void -kdestroy(int argc, char **argv) -{ - int ret; - if (argc != 1) { - printf("usage: %s\n", argv[0]); - code = -1; - return; - } - ret = command("SITE KDESTROY"); - code = (ret == COMPLETE); -} - -void -krbtkfile(int argc, char **argv) -{ - int ret; - if(argc != 2) { - printf("usage: %s tktfile\n", argv[0]); - code = -1; - return; - } - ret = command("SITE KRBTKFILE %s", argv[1]); - code = (ret == COMPLETE); -} -#endif - -#if defined(KRB4) || defined(KRB5) - -void -afslog(int argc, char **argv) -{ - int ret; - if(argc > 2) { - printf("usage: %s [cell]\n", argv[0]); - code = -1; - return; - } - if(argc == 2) - ret = command("SITE AFSLOG %s", argv[1]); - else - ret = command("SITE AFSLOG"); - code = (ret == COMPLETE); -} - -#else -int ftp_afslog_placeholder; -#endif diff --git a/crypto/heimdal/appl/ftp/ftp/krb4.c b/crypto/heimdal/appl/ftp/ftp/krb4.c deleted file mode 100644 index 408b7fa73579..000000000000 --- a/crypto/heimdal/appl/ftp/ftp/krb4.c +++ /dev/null @@ -1,340 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef FTP_SERVER -#include "ftpd_locl.h" -#else -#include "ftp_locl.h" -#endif -#include - -RCSID("$Id: krb4.c 17450 2006-05-05 11:11:43Z lha $"); - -#ifdef FTP_SERVER -#define LOCAL_ADDR ctrl_addr -#define REMOTE_ADDR his_addr -#else -#define LOCAL_ADDR myctladdr -#define REMOTE_ADDR hisctladdr -#endif - -extern struct sockaddr *LOCAL_ADDR, *REMOTE_ADDR; - -struct krb4_data { - des_cblock key; - des_key_schedule schedule; - char name[ANAME_SZ]; - char instance[INST_SZ]; - char realm[REALM_SZ]; -}; - -static int -krb4_check_prot(void *app_data, int level) -{ - if(level == prot_confidential) - return -1; - return 0; -} - -static int -krb4_decode(void *app_data, void *buf, int len, int level) -{ - MSG_DAT m; - int e; - struct krb4_data *d = app_data; - - if(level == prot_safe) - e = krb_rd_safe(buf, len, &d->key, - (struct sockaddr_in *)REMOTE_ADDR, - (struct sockaddr_in *)LOCAL_ADDR, &m); - else - e = krb_rd_priv(buf, len, d->schedule, &d->key, - (struct sockaddr_in *)REMOTE_ADDR, - (struct sockaddr_in *)LOCAL_ADDR, &m); - if(e){ - syslog(LOG_ERR, "krb4_decode: %s", krb_get_err_text(e)); - return -1; - } - memmove(buf, m.app_data, m.app_length); - return m.app_length; -} - -static int -krb4_overhead(void *app_data, int level, int len) -{ - return 31; -} - -static int -krb4_encode(void *app_data, void *from, int length, int level, void **to) -{ - struct krb4_data *d = app_data; - *to = malloc(length + 31); - if(level == prot_safe) - return krb_mk_safe(from, *to, length, &d->key, - (struct sockaddr_in *)LOCAL_ADDR, - (struct sockaddr_in *)REMOTE_ADDR); - else if(level == prot_private) - return krb_mk_priv(from, *to, length, d->schedule, &d->key, - (struct sockaddr_in *)LOCAL_ADDR, - (struct sockaddr_in *)REMOTE_ADDR); - else - return -1; -} - -#ifdef FTP_SERVER - -static int -krb4_adat(void *app_data, void *buf, size_t len) -{ - KTEXT_ST tkt; - AUTH_DAT auth_dat; - char *p; - int kerror; - uint32_t cs; - char msg[35]; /* size of encrypted block */ - int tmp_len; - struct krb4_data *d = app_data; - char inst[INST_SZ]; - struct sockaddr_in *his_addr_sin = (struct sockaddr_in *)his_addr; - - memcpy(tkt.dat, buf, len); - tkt.length = len; - - k_getsockinst(0, inst, sizeof(inst)); - kerror = krb_rd_req(&tkt, "ftp", inst, - his_addr_sin->sin_addr.s_addr, &auth_dat, ""); - if(kerror == RD_AP_UNDEC){ - k_getsockinst(0, inst, sizeof(inst)); - kerror = krb_rd_req(&tkt, "rcmd", inst, - his_addr_sin->sin_addr.s_addr, &auth_dat, ""); - } - - if(kerror){ - reply(535, "Error reading request: %s.", krb_get_err_text(kerror)); - return -1; - } - - memcpy(d->key, auth_dat.session, sizeof(d->key)); - des_set_key(&d->key, d->schedule); - - strlcpy(d->name, auth_dat.pname, sizeof(d->name)); - strlcpy(d->instance, auth_dat.pinst, sizeof(d->instance)); - strlcpy(d->realm, auth_dat.prealm, sizeof(d->instance)); - - cs = auth_dat.checksum + 1; - { - unsigned char tmp[4]; - KRB_PUT_INT(cs, tmp, 4, sizeof(tmp)); - tmp_len = krb_mk_safe(tmp, msg, 4, &d->key, - (struct sockaddr_in *)LOCAL_ADDR, - (struct sockaddr_in *)REMOTE_ADDR); - } - if(tmp_len < 0){ - reply(535, "Error creating reply: %s.", strerror(errno)); - return -1; - } - len = tmp_len; - if(base64_encode(msg, len, &p) < 0) { - reply(535, "Out of memory base64-encoding."); - return -1; - } - reply(235, "ADAT=%s", p); - sec_complete = 1; - free(p); - return 0; -} - -static int -krb4_userok(void *app_data, char *user) -{ - struct krb4_data *d = app_data; - return krb_kuserok(d->name, d->instance, d->realm, user); -} - -struct sec_server_mech krb4_server_mech = { - "KERBEROS_V4", - sizeof(struct krb4_data), - NULL, /* init */ - NULL, /* end */ - krb4_check_prot, - krb4_overhead, - krb4_encode, - krb4_decode, - /* */ - NULL, - krb4_adat, - NULL, /* pbsz */ - NULL, /* ccc */ - krb4_userok -}; - -#else /* FTP_SERVER */ - -static int -krb4_init(void *app_data) -{ - return !use_kerberos; -} - -static int -mk_auth(struct krb4_data *d, KTEXT adat, - char *service, char *host, int checksum) -{ - int ret; - CREDENTIALS cred; - char sname[SNAME_SZ], inst[INST_SZ], realm[REALM_SZ]; - - strlcpy(sname, service, sizeof(sname)); - strlcpy(inst, krb_get_phost(host), sizeof(inst)); - strlcpy(realm, krb_realmofhost(host), sizeof(realm)); - ret = krb_mk_req(adat, sname, inst, realm, checksum); - if(ret) - return ret; - strlcpy(sname, service, sizeof(sname)); - strlcpy(inst, krb_get_phost(host), sizeof(inst)); - strlcpy(realm, krb_realmofhost(host), sizeof(realm)); - ret = krb_get_cred(sname, inst, realm, &cred); - memmove(&d->key, &cred.session, sizeof(des_cblock)); - des_key_sched(&d->key, d->schedule); - memset(&cred, 0, sizeof(cred)); - return ret; -} - -static int -krb4_auth(void *app_data, char *host) -{ - int ret; - char *p; - int len; - KTEXT_ST adat; - MSG_DAT msg_data; - int checksum; - uint32_t cs; - struct krb4_data *d = app_data; - struct sockaddr_in *localaddr = (struct sockaddr_in *)LOCAL_ADDR; - struct sockaddr_in *remoteaddr = (struct sockaddr_in *)REMOTE_ADDR; - - checksum = getpid(); - ret = mk_auth(d, &adat, "ftp", host, checksum); - if(ret == KDC_PR_UNKNOWN) - ret = mk_auth(d, &adat, "rcmd", host, checksum); - if(ret){ - printf("%s\n", krb_get_err_text(ret)); - return AUTH_CONTINUE; - } - -#ifdef HAVE_KRB_GET_OUR_IP_FOR_REALM - if (krb_get_config_bool("nat_in_use")) { - struct in_addr natAddr; - - if (krb_get_our_ip_for_realm(krb_realmofhost(host), - &natAddr) != KSUCCESS - && krb_get_our_ip_for_realm(NULL, &natAddr) != KSUCCESS) - printf("Can't get address for realm %s\n", - krb_realmofhost(host)); - else { - if (natAddr.s_addr != localaddr->sin_addr.s_addr) { - printf("Using NAT IP address (%s) for kerberos 4\n", - inet_ntoa(natAddr)); - localaddr->sin_addr = natAddr; - - /* - * This not the best place to do this, but it - * is here we know that (probably) NAT is in - * use! - */ - - passivemode = 1; - printf("Setting: Passive mode on.\n"); - } - } - } -#endif - - printf("Local address is %s\n", inet_ntoa(localaddr->sin_addr)); - printf("Remote address is %s\n", inet_ntoa(remoteaddr->sin_addr)); - - if(base64_encode(adat.dat, adat.length, &p) < 0) { - printf("Out of memory base64-encoding.\n"); - return AUTH_CONTINUE; - } - ret = command("ADAT %s", p); - free(p); - - if(ret != COMPLETE){ - printf("Server didn't accept auth data.\n"); - return AUTH_ERROR; - } - - p = strstr(reply_string, "ADAT="); - if(!p){ - printf("Remote host didn't send adat reply.\n"); - return AUTH_ERROR; - } - p += 5; - len = base64_decode(p, adat.dat); - if(len < 0){ - printf("Failed to decode base64 from server.\n"); - return AUTH_ERROR; - } - adat.length = len; - ret = krb_rd_safe(adat.dat, adat.length, &d->key, - (struct sockaddr_in *)hisctladdr, - (struct sockaddr_in *)myctladdr, &msg_data); - if(ret){ - printf("Error reading reply from server: %s.\n", - krb_get_err_text(ret)); - return AUTH_ERROR; - } - krb_get_int(msg_data.app_data, &cs, 4, 0); - if(cs - checksum != 1){ - printf("Bad checksum returned from server.\n"); - return AUTH_ERROR; - } - return AUTH_OK; -} - -struct sec_client_mech krb4_client_mech = { - "KERBEROS_V4", - sizeof(struct krb4_data), - krb4_init, /* init */ - krb4_auth, - NULL, /* end */ - krb4_check_prot, - krb4_overhead, - krb4_encode, - krb4_decode -}; - -#endif /* FTP_SERVER */ diff --git a/crypto/heimdal/appl/ftp/ftp/main.c b/crypto/heimdal/appl/ftp/ftp/main.c deleted file mode 100644 index c78cd4a64258..000000000000 --- a/crypto/heimdal/appl/ftp/ftp/main.c +++ /dev/null @@ -1,591 +0,0 @@ -/* - * Copyright (c) 1985, 1989, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * FTP User Program -- Command Interface. - */ - -#include "ftp_locl.h" -#include - -RCSID("$Id: main.c 16160 2005-10-12 09:42:47Z joda $"); - -static int help_flag; -static int version_flag; -static int debug_flag; - -struct getargs getargs[] = { - { NULL, 'd', arg_flag, &debug_flag, - "debug", NULL }, - { NULL, 'g', arg_negative_flag, &doglob, - "disables globbing", NULL}, - { NULL, 'i', arg_negative_flag, &interactive, - "Turn off interactive prompting", NULL}, - { NULL, 'l', arg_negative_flag, &lineedit, - "Turn off line editing", NULL}, - { NULL, 'n', arg_negative_flag, &autologin, - "Turn off auto-login", NULL}, - { NULL, 'p', arg_flag, &passivemode, - "passive mode", NULL}, - { NULL, 't', arg_counter, &trace, - "Packet tracing", NULL}, -#ifdef KRB5 - { "gss-bindings", 0, arg_negative_flag, &ftp_do_gss_bindings, - "Don't use GSS-API bindings", NULL}, - { "gss-delegate", 0, arg_negative_flag, &ftp_do_gss_delegate, - "Disable delegation of GSS-API credentials", NULL}, -#endif - { NULL, 'v', arg_counter, &verbose, - "verbosity", NULL}, - { NULL, 'K', arg_negative_flag, &use_kerberos, - "Disable kerberos authentication", NULL}, - { "encrypt", 'x', arg_flag, &doencrypt, - "Encrypt command and data channel if possible" }, - { "version", 0, arg_flag, &version_flag }, - { "help", 'h', arg_flag, &help_flag }, -}; - -static int num_args = sizeof(getargs) / sizeof(getargs[0]); - -static void -usage(int ecode) -{ - arg_printusage(getargs, num_args, NULL, "[host [port]]"); - exit(ecode); -} - -int -main(int argc, char **argv) -{ - int top; - struct passwd *pw = NULL; - char homedir[MaxPathLen]; - struct servent *sp; - int optind = 0; - - setprogname(argv[0]); - - sp = getservbyname("ftp", "tcp"); - if (sp == 0) - errx(1, "ftp/tcp: unknown service"); - doglob = 1; - interactive = 1; - autologin = 1; - lineedit = 1; - passivemode = 0; /* passive mode not active */ - use_kerberos = 1; -#ifdef KRB5 - ftp_do_gss_bindings = 1; -#endif - - if(getarg(getargs, num_args, argc, argv, &optind)) - usage(1); - if(help_flag) - usage(0); - if(version_flag) { - print_version(NULL); - exit(0); - } - - if (debug_flag) { - options |= SO_DEBUG; - debug++; - } - - argc -= optind; - argv += optind; - - fromatty = isatty(fileno(stdin)); - if (fromatty) - verbose++; - cpend = 0; /* no pending replies */ - proxy = 0; /* proxy not active */ - crflag = 1; /* strip c.r. on ascii gets */ - sendport = -1; /* not using ports */ - /* - * Set up the home directory in case we're globbing. - */ - pw = k_getpwuid(getuid()); - if (pw != NULL) { - strlcpy(homedir, pw->pw_dir, sizeof(homedir)); - home = homedir; - } - if (argc > 0) { - char *xargv[5]; - - if (setjmp(toplevel)) - exit(0); - signal(SIGINT, intr); - signal(SIGPIPE, lostpeer); - xargv[0] = (char*)getprogname(); - xargv[1] = argv[0]; - xargv[2] = argv[1]; - xargv[3] = argv[2]; - xargv[4] = NULL; - setpeer(argc+1, xargv); - } - if(setjmp(toplevel) == 0) - top = 1; - else - top = 0; - if (top) { - signal(SIGINT, intr); - signal(SIGPIPE, lostpeer); - } - for (;;) { - cmdscanner(top); - top = 1; - } -} - -void -intr(int sig) -{ - - longjmp(toplevel, 1); -} - -#ifndef SHUT_RDWR -#define SHUT_RDWR 2 -#endif - -RETSIGTYPE -lostpeer(int sig) -{ - - if (connected) { - if (cout != NULL) { - shutdown(fileno(cout), SHUT_RDWR); - fclose(cout); - cout = NULL; - } - if (data >= 0) { - shutdown(data, SHUT_RDWR); - close(data); - data = -1; - } - connected = 0; - } - pswitch(1); - if (connected) { - if (cout != NULL) { - shutdown(fileno(cout), SHUT_RDWR); - fclose(cout); - cout = NULL; - } - connected = 0; - } - proxflag = 0; - pswitch(0); - sec_end(); - SIGRETURN(0); -} - -/* -char * -tail(filename) - char *filename; -{ - char *s; - - while (*filename) { - s = strrchr(filename, '/'); - if (s == NULL) - break; - if (s[1]) - return (s + 1); - *s = '\0'; - } - return (filename); -} -*/ - -static char * -simple_readline(char *prompt) -{ - char buf[BUFSIZ]; - printf ("%s", prompt); - fflush (stdout); - if(fgets(buf, sizeof(buf), stdin) == NULL) - return NULL; - if (buf[strlen(buf) - 1] == '\n') - buf[strlen(buf) - 1] = '\0'; - return strdup(buf); -} - -#ifndef HAVE_READLINE - -static char * -readline(char *prompt) -{ - return simple_readline (prompt); -} - -static void -add_history(char *p) -{ -} - -#else - -/* These should not really be here */ - -char *readline(char *); -void add_history(char *); - -#endif - -/* - * Command parser. - */ -void -cmdscanner(int top) -{ - struct cmd *c; - int l; - - if (!top) - putchar('\n'); - for (;;) { - if (fromatty) { - char *p; - if (lineedit) - p = readline("ftp> "); - else - p = simple_readline("ftp> "); - if(p == NULL) { - printf("\n"); - quit(0, 0); - } - strlcpy(line, p, sizeof(line)); - if (lineedit) - add_history(p); - free(p); - } else{ - if (fgets(line, sizeof line, stdin) == NULL) - quit(0, 0); - } - /* XXX will break on long lines */ - l = strlen(line); - if (l == 0) - break; - if (line[--l] == '\n') { - if (l == 0) - break; - line[l] = '\0'; - } else if (l == sizeof(line) - 2) { - printf("sorry, input line too long\n"); - while ((l = getchar()) != '\n' && l != EOF) - /* void */; - break; - } /* else it was a line without a newline */ - makeargv(); - if (margc == 0) { - continue; - } - c = getcmd(margv[0]); - if (c == (struct cmd *)-1) { - printf("?Ambiguous command\n"); - continue; - } - if (c == 0) { - printf("?Invalid command\n"); - continue; - } - if (c->c_conn && !connected) { - printf("Not connected.\n"); - continue; - } - (*c->c_handler)(margc, margv); - if (bell && c->c_bell) - putchar('\007'); - if (c->c_handler != help) - break; - } - signal(SIGINT, intr); - signal(SIGPIPE, lostpeer); -} - -struct cmd * -getcmd(char *name) -{ - char *p, *q; - struct cmd *c, *found; - int nmatches, longest; - - longest = 0; - nmatches = 0; - found = 0; - for (c = cmdtab; (p = c->c_name); c++) { - for (q = name; *q == *p++; q++) - if (*q == 0) /* exact match? */ - return (c); - if (!*q) { /* the name was a prefix */ - if (q - name > longest) { - longest = q - name; - nmatches = 1; - found = c; - } else if (q - name == longest) - nmatches++; - } - } - if (nmatches > 1) - return ((struct cmd *)-1); - return (found); -} - -/* - * Slice a string up into argc/argv. - */ - -int slrflag; - -void -makeargv(void) -{ - char **argp; - - argp = margv; - stringbase = line; /* scan from first of buffer */ - argbase = argbuf; /* store from first of buffer */ - slrflag = 0; - for (margc = 0; ; margc++) { - /* Expand array if necessary */ - if (margc == margvlen) { - int i; - - margv = (margvlen == 0) - ? (char **)malloc(20 * sizeof(char *)) - : (char **)realloc(margv, - (margvlen + 20)*sizeof(char *)); - if (margv == NULL) - errx(1, "cannot realloc argv array"); - for(i = margvlen; i < margvlen + 20; ++i) - margv[i] = NULL; - margvlen += 20; - argp = margv + margc; - } - - if ((*argp++ = slurpstring()) == NULL) - break; - } - -} - -/* - * Parse string into argbuf; - * implemented with FSM to - * handle quoting and strings - */ -char * -slurpstring(void) -{ - int got_one = 0; - char *sb = stringbase; - char *ap = argbase; - char *tmp = argbase; /* will return this if token found */ - - if (*sb == '!' || *sb == '$') { /* recognize ! as a token for shell */ - switch (slrflag) { /* and $ as token for macro invoke */ - case 0: - slrflag++; - stringbase++; - return ((*sb == '!') ? "!" : "$"); - /* NOTREACHED */ - case 1: - slrflag++; - altarg = stringbase; - break; - default: - break; - } - } - -S0: - switch (*sb) { - - case '\0': - goto OUT; - - case ' ': - case '\t': - sb++; goto S0; - - default: - switch (slrflag) { - case 0: - slrflag++; - break; - case 1: - slrflag++; - altarg = sb; - break; - default: - break; - } - goto S1; - } - -S1: - switch (*sb) { - - case ' ': - case '\t': - case '\0': - goto OUT; /* end of token */ - - case '\\': - sb++; goto S2; /* slurp next character */ - - case '"': - sb++; goto S3; /* slurp quoted string */ - - default: - *ap++ = *sb++; /* add character to token */ - got_one = 1; - goto S1; - } - -S2: - switch (*sb) { - - case '\0': - goto OUT; - - default: - *ap++ = *sb++; - got_one = 1; - goto S1; - } - -S3: - switch (*sb) { - - case '\0': - goto OUT; - - case '"': - sb++; goto S1; - - default: - *ap++ = *sb++; - got_one = 1; - goto S3; - } - -OUT: - if (got_one) - *ap++ = '\0'; - argbase = ap; /* update storage pointer */ - stringbase = sb; /* update scan pointer */ - if (got_one) { - return (tmp); - } - switch (slrflag) { - case 0: - slrflag++; - break; - case 1: - slrflag++; - altarg = (char *) 0; - break; - default: - break; - } - return NULL; -} - -#define HELPINDENT ((int) sizeof ("directory")) - -/* - * Help command. - * Call each command handler with argc == 0 and argv[0] == name. - */ -void -help(int argc, char **argv) -{ - struct cmd *c; - - if (argc == 1) { - int i, j, w, k; - int columns, width = 0, lines; - - printf("Commands may be abbreviated. Commands are:\n\n"); - for (c = cmdtab; c < &cmdtab[NCMDS]; c++) { - int len = strlen(c->c_name); - - if (len > width) - width = len; - } - width = (width + 8) &~ 7; - columns = 80 / width; - if (columns == 0) - columns = 1; - lines = (NCMDS + columns - 1) / columns; - for (i = 0; i < lines; i++) { - for (j = 0; j < columns; j++) { - c = cmdtab + j * lines + i; - if (c->c_name && (!proxy || c->c_proxy)) { - printf("%s", c->c_name); - } - else if (c->c_name) { - for (k=0; k < strlen(c->c_name); k++) { - putchar(' '); - } - } - if (c + lines >= &cmdtab[NCMDS]) { - printf("\n"); - break; - } - w = strlen(c->c_name); - while (w < width) { - w = (w + 8) &~ 7; - putchar('\t'); - } - } - } - return; - } - while (--argc > 0) { - char *arg; - arg = *++argv; - c = getcmd(arg); - if (c == (struct cmd *)-1) - printf("?Ambiguous help command %s\n", arg); - else if (c == (struct cmd *)0) - printf("?Invalid help command %s\n", arg); - else - printf("%-*s\t%s\n", HELPINDENT, - c->c_name, c->c_help); - } -} diff --git a/crypto/heimdal/appl/ftp/ftp/pathnames.h b/crypto/heimdal/appl/ftp/ftp/pathnames.h deleted file mode 100644 index f7c1fb391d69..000000000000 --- a/crypto/heimdal/appl/ftp/ftp/pathnames.h +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)pathnames.h 8.1 (Berkeley) 6/6/93 - */ - -#ifdef HAVE_PATHS_H -#include -#endif - -#define _PATH_TMP_XXX "/tmp/ftpXXXXXX" - -#ifndef _PATH_BSHELL -#define _PATH_BSHELL "/bin/sh" -#endif diff --git a/crypto/heimdal/appl/ftp/ftp/ruserpass.c b/crypto/heimdal/appl/ftp/ftp/ruserpass.c deleted file mode 100644 index 8c0cd8d6e90f..000000000000 --- a/crypto/heimdal/appl/ftp/ftp/ruserpass.c +++ /dev/null @@ -1,313 +0,0 @@ -/* - * Copyright (c) 1985, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ftp_locl.h" -RCSID("$Id: ruserpass.c 16161 2005-10-12 09:44:24Z joda $"); - -static int token (void); -static FILE *cfile; - -#define DEFAULT 1 -#define LOGIN 2 -#define PASSWD 3 -#define ACCOUNT 4 -#define MACDEF 5 -#define PROT 6 -#define ID 10 -#define MACH 11 - -static char tokval[100]; - -static struct toktab { - char *tokstr; - int tval; -} toktab[]= { - { "default", DEFAULT }, - { "login", LOGIN }, - { "password", PASSWD }, - { "passwd", PASSWD }, - { "account", ACCOUNT }, - { "machine", MACH }, - { "macdef", MACDEF }, - { "prot", PROT }, - { NULL, 0 } -}; - -/* - * Write a copy of the hostname into `hostname, sz' and return a guess - * as to the `domain' of that hostname. - */ - -static char * -guess_domain (char *hostname_str, size_t sz) -{ - struct addrinfo *ai, *a; - struct addrinfo hints; - int error; - char *dot; - - if (gethostname (hostname_str, sz) < 0) { - strlcpy (hostname_str, "", sz); - return ""; - } - dot = strchr (hostname_str, '.'); - if (dot != NULL) - return dot + 1; - - memset (&hints, 0, sizeof(hints)); - hints.ai_flags = AI_CANONNAME; - - error = getaddrinfo (hostname_str, NULL, &hints, &ai); - if (error) - return hostname_str; - - for (a = ai; a != NULL; a = a->ai_next) - if (a->ai_canonname != NULL) { - strlcpy (hostname_str, ai->ai_canonname, sz); - break; - } - freeaddrinfo (ai); - dot = strchr (hostname_str, '.'); - if (dot != NULL) - return dot + 1; - else - return hostname_str; -} - -int -ruserpass(char *host, char **aname, char **apass, char **aacct) -{ - char *hdir, buf[BUFSIZ], *tmp; - int t, i, c, usedefault = 0; - struct stat stb; - - mydomain = guess_domain (myhostname, MaxHostNameLen); - - hdir = getenv("HOME"); - if (hdir == NULL) - hdir = "."; - snprintf(buf, sizeof(buf), "%s/.netrc", hdir); - cfile = fopen(buf, "r"); - if (cfile == NULL) { - if (errno != ENOENT) - warn("%s", buf); - return (0); - } - -next: - while ((t = token())) switch(t) { - - case DEFAULT: - usedefault = 1; - /* FALL THROUGH */ - - case MACH: - if (!usedefault) { - if (token() != ID) - continue; - /* - * Allow match either for user's input host name - * or official hostname. Also allow match of - * incompletely-specified host in local domain. - */ - if (strcasecmp(host, tokval) == 0) - goto match; - if (strcasecmp(hostname, tokval) == 0) - goto match; - if ((tmp = strchr(hostname, '.')) != NULL && - tmp++ && - strcasecmp(tmp, mydomain) == 0 && - strncasecmp(hostname, tokval, tmp-hostname) == 0 && - tokval[tmp - hostname] == '\0') - goto match; - if ((tmp = strchr(host, '.')) != NULL && - tmp++ && - strcasecmp(tmp, mydomain) == 0 && - strncasecmp(host, tokval, tmp - host) == 0 && - tokval[tmp - host] == '\0') - goto match; - continue; - } - match: - while ((t = token()) && t != MACH && t != DEFAULT) switch(t) { - - case LOGIN: - if (token()) { - if (*aname == 0) { - *aname = strdup(tokval); - } else { - if (strcmp(*aname, tokval)) - goto next; - } - } - break; - case PASSWD: - if ((*aname == NULL || strcmp(*aname, "anonymous")) && - fstat(fileno(cfile), &stb) >= 0 && - (stb.st_mode & 077) != 0) { - warnx("Error: .netrc file is readable by others."); - warnx("Remove password or make file unreadable by others."); - goto bad; - } - if (token() && *apass == 0) { - *apass = strdup(tokval); - } - break; - case ACCOUNT: - if (fstat(fileno(cfile), &stb) >= 0 - && (stb.st_mode & 077) != 0) { - warnx("Error: .netrc file is readable by others."); - warnx("Remove account or make file unreadable by others."); - goto bad; - } - if (token() && *aacct == 0) { - *aacct = strdup(tokval); - } - break; - case MACDEF: - if (proxy) { - fclose(cfile); - return (0); - } - while ((c=getc(cfile)) != EOF && - (c == ' ' || c == '\t')); - if (c == EOF || c == '\n') { - printf("Missing macdef name argument.\n"); - goto bad; - } - if (macnum == 16) { - printf("Limit of 16 macros have already been defined\n"); - goto bad; - } - tmp = macros[macnum].mac_name; - *tmp++ = c; - for (i=0; i < 8 && (c=getc(cfile)) != EOF && - !isspace(c); ++i) { - *tmp++ = c; - } - if (c == EOF) { - printf("Macro definition missing null line terminator.\n"); - goto bad; - } - *tmp = '\0'; - if (c != '\n') { - while ((c=getc(cfile)) != EOF && c != '\n'); - } - if (c == EOF) { - printf("Macro definition missing null line terminator.\n"); - goto bad; - } - if (macnum == 0) { - macros[macnum].mac_start = macbuf; - } - else { - macros[macnum].mac_start = macros[macnum-1].mac_end + 1; - } - tmp = macros[macnum].mac_start; - while (tmp != macbuf + 4096) { - if ((c=getc(cfile)) == EOF) { - printf("Macro definition missing null line terminator.\n"); - goto bad; - } - *tmp = c; - if (*tmp == '\n') { - if (*(tmp-1) == '\0') { - macros[macnum++].mac_end = tmp - 1; - break; - } - *tmp = '\0'; - } - tmp++; - } - if (tmp == macbuf + 4096) { - printf("4K macro buffer exceeded\n"); - goto bad; - } - break; - case PROT: - token(); - if(doencrypt == 0 && sec_request_prot(tokval) < 0) - warnx("Unknown protection level \"%s\"", tokval); - break; - default: - warnx("Unknown .netrc keyword %s", tokval); - break; - } - goto done; - } -done: - fclose(cfile); - return (0); -bad: - fclose(cfile); - return (-1); -} - -static int -token(void) -{ - char *cp; - int c; - struct toktab *t; - - if (feof(cfile) || ferror(cfile)) - return (0); - while ((c = getc(cfile)) != EOF && - (c == '\n' || c == '\t' || c == ' ' || c == ',')) - continue; - if (c == EOF) - return (0); - cp = tokval; - if (c == '"') { - while ((c = getc(cfile)) != EOF && c != '"') { - if (c == '\\') - c = getc(cfile); - *cp++ = c; - } - } else { - *cp++ = c; - while ((c = getc(cfile)) != EOF - && c != '\n' && c != '\t' && c != ' ' && c != ',') { - if (c == '\\') - c = getc(cfile); - *cp++ = c; - } - } - *cp = 0; - if (tokval[0] == 0) - return (0); - for (t = toktab; t->tokstr; t++) - if (!strcmp(t->tokstr, tokval)) - return (t->tval); - return (ID); -} diff --git a/crypto/heimdal/appl/ftp/ftp/security.c b/crypto/heimdal/appl/ftp/ftp/security.c deleted file mode 100644 index 2a4803f90b18..000000000000 --- a/crypto/heimdal/appl/ftp/ftp/security.c +++ /dev/null @@ -1,883 +0,0 @@ -/* - * Copyright (c) 1998-2002, 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef FTP_SERVER -#include "ftpd_locl.h" -#else -#include "ftp_locl.h" -#endif - -RCSID("$Id: security.c 21225 2007-06-20 10:16:02Z lha $"); - -static enum protection_level command_prot; -static enum protection_level data_prot; -static size_t buffer_size; - -struct buffer { - void *data; - size_t size; - size_t index; - int eof_flag; -}; - -static struct buffer in_buffer, out_buffer; -int sec_complete; - -static struct { - enum protection_level level; - const char *name; -} level_names[] = { - { prot_clear, "clear" }, - { prot_safe, "safe" }, - { prot_confidential, "confidential" }, - { prot_private, "private" } -}; - -static const char * -level_to_name(enum protection_level level) -{ - int i; - for(i = 0; i < sizeof(level_names) / sizeof(level_names[0]); i++) - if(level_names[i].level == level) - return level_names[i].name; - return "unknown"; -} - -#ifndef FTP_SERVER /* not used in server */ -static enum protection_level -name_to_level(const char *name) -{ - int i; - for(i = 0; i < sizeof(level_names) / sizeof(level_names[0]); i++) - if(!strncasecmp(level_names[i].name, name, strlen(name))) - return level_names[i].level; - return (enum protection_level)-1; -} -#endif - -#ifdef FTP_SERVER - -static struct sec_server_mech *mechs[] = { -#ifdef KRB5 - &gss_server_mech, -#endif -#ifdef KRB4 - &krb4_server_mech, -#endif - NULL -}; - -static struct sec_server_mech *mech; - -#else - -static struct sec_client_mech *mechs[] = { -#ifdef KRB5 - &gss_client_mech, -#endif -#ifdef KRB4 - &krb4_client_mech, -#endif - NULL -}; - -static struct sec_client_mech *mech; - -#endif - -static void *app_data; - -int -sec_getc(FILE *F) -{ - if(sec_complete && data_prot) { - char c; - if(sec_read(fileno(F), &c, 1) <= 0) - return EOF; - return c; - } else - return getc(F); -} - -static int -block_read(int fd, void *buf, size_t len) -{ - unsigned char *p = buf; - int b; - while(len) { - b = read(fd, p, len); - if (b == 0) - return 0; - else if (b < 0) - return -1; - len -= b; - p += b; - } - return p - (unsigned char*)buf; -} - -static int -block_write(int fd, void *buf, size_t len) -{ - unsigned char *p = buf; - int b; - while(len) { - b = write(fd, p, len); - if(b < 0) - return -1; - len -= b; - p += b; - } - return p - (unsigned char*)buf; -} - -static int -sec_get_data(int fd, struct buffer *buf, int level) -{ - int len; - int b; - void *tmp; - - b = block_read(fd, &len, sizeof(len)); - if (b == 0) - return 0; - else if (b < 0) - return -1; - len = ntohl(len); - tmp = realloc(buf->data, len); - if (tmp == NULL) - return -1; - buf->data = tmp; - b = block_read(fd, buf->data, len); - if (b == 0) - return 0; - else if (b < 0) - return -1; - buf->size = (*mech->decode)(app_data, buf->data, len, data_prot); - buf->index = 0; - return 0; -} - -static size_t -buffer_read(struct buffer *buf, void *dataptr, size_t len) -{ - len = min(len, buf->size - buf->index); - memcpy(dataptr, (char*)buf->data + buf->index, len); - buf->index += len; - return len; -} - -static size_t -buffer_write(struct buffer *buf, void *dataptr, size_t len) -{ - if(buf->index + len > buf->size) { - void *tmp; - if(buf->data == NULL) - tmp = malloc(1024); - else - tmp = realloc(buf->data, buf->index + len); - if(tmp == NULL) - return -1; - buf->data = tmp; - buf->size = buf->index + len; - } - memcpy((char*)buf->data + buf->index, dataptr, len); - buf->index += len; - return len; -} - -int -sec_read(int fd, void *dataptr, int length) -{ - size_t len; - int rx = 0; - - if(sec_complete == 0 || data_prot == 0) - return read(fd, dataptr, length); - - if(in_buffer.eof_flag){ - in_buffer.eof_flag = 0; - return 0; - } - - len = buffer_read(&in_buffer, dataptr, length); - length -= len; - rx += len; - dataptr = (char*)dataptr + len; - - while(length){ - int ret; - - ret = sec_get_data(fd, &in_buffer, data_prot); - if (ret < 0) - return -1; - if(ret == 0 && in_buffer.size == 0) { - if(rx) - in_buffer.eof_flag = 1; - return rx; - } - len = buffer_read(&in_buffer, dataptr, length); - length -= len; - rx += len; - dataptr = (char*)dataptr + len; - } - return rx; -} - -static int -sec_send(int fd, char *from, int length) -{ - int bytes; - void *buf; - bytes = (*mech->encode)(app_data, from, length, data_prot, &buf); - bytes = htonl(bytes); - block_write(fd, &bytes, sizeof(bytes)); - block_write(fd, buf, ntohl(bytes)); - free(buf); - return length; -} - -int -sec_fflush(FILE *F) -{ - if(data_prot != prot_clear) { - if(out_buffer.index > 0){ - sec_write(fileno(F), out_buffer.data, out_buffer.index); - out_buffer.index = 0; - } - sec_send(fileno(F), NULL, 0); - } - fflush(F); - return 0; -} - -int -sec_write(int fd, char *dataptr, int length) -{ - int len = buffer_size; - int tx = 0; - - if(data_prot == prot_clear) - return write(fd, dataptr, length); - - len -= (*mech->overhead)(app_data, data_prot, len); - while(length){ - if(length < len) - len = length; - sec_send(fd, dataptr, len); - length -= len; - dataptr += len; - tx += len; - } - return tx; -} - -int -sec_vfprintf2(FILE *f, const char *fmt, va_list ap) -{ - char *buf; - int ret; - if(data_prot == prot_clear) - return vfprintf(f, fmt, ap); - else { - int len; - len = vasprintf(&buf, fmt, ap); - if (len == -1) - return len; - ret = buffer_write(&out_buffer, buf, len); - free(buf); - return ret; - } -} - -int -sec_fprintf2(FILE *f, const char *fmt, ...) -{ - int ret; - va_list ap; - va_start(ap, fmt); - ret = sec_vfprintf2(f, fmt, ap); - va_end(ap); - return ret; -} - -int -sec_putc(int c, FILE *F) -{ - char ch = c; - if(data_prot == prot_clear) - return putc(c, F); - - buffer_write(&out_buffer, &ch, 1); - if(c == '\n' || out_buffer.index >= 1024 /* XXX */) { - sec_write(fileno(F), out_buffer.data, out_buffer.index); - out_buffer.index = 0; - } - return c; -} - -int -sec_read_msg(char *s, int level) -{ - int len; - char *buf; - int return_code; - - buf = malloc(strlen(s)); - len = base64_decode(s + 4, buf); /* XXX */ - - len = (*mech->decode)(app_data, buf, len, level); - if(len < 0) - return -1; - - buf[len] = '\0'; - - if(buf[3] == '-') - return_code = 0; - else - sscanf(buf, "%d", &return_code); - if(buf[len-1] == '\n') - buf[len-1] = '\0'; - strcpy(s, buf); - free(buf); - return return_code; -} - -int -sec_vfprintf(FILE *f, const char *fmt, va_list ap) -{ - char *buf; - void *enc; - int len; - if(!sec_complete) - return vfprintf(f, fmt, ap); - - if (vasprintf(&buf, fmt, ap) == -1) { - printf("Failed to allocate command.\n"); - return -1; - } - len = (*mech->encode)(app_data, buf, strlen(buf), command_prot, &enc); - free(buf); - if(len < 0) { - printf("Failed to encode command.\n"); - return -1; - } - if(base64_encode(enc, len, &buf) < 0){ - free(enc); - printf("Out of memory base64-encoding.\n"); - return -1; - } - free(enc); -#ifdef FTP_SERVER - if(command_prot == prot_safe) - fprintf(f, "631 %s\r\n", buf); - else if(command_prot == prot_private) - fprintf(f, "632 %s\r\n", buf); - else if(command_prot == prot_confidential) - fprintf(f, "633 %s\r\n", buf); -#else - if(command_prot == prot_safe) - fprintf(f, "MIC %s", buf); - else if(command_prot == prot_private) - fprintf(f, "ENC %s", buf); - else if(command_prot == prot_confidential) - fprintf(f, "CONF %s", buf); -#endif - free(buf); - return 0; -} - -int -sec_fprintf(FILE *f, const char *fmt, ...) -{ - va_list ap; - int ret; - va_start(ap, fmt); - ret = sec_vfprintf(f, fmt, ap); - va_end(ap); - return ret; -} - -/* end common stuff */ - -#ifdef FTP_SERVER - -int ccc_passed; - -void -auth(char *auth_name) -{ - int i; - void *tmp; - - for(i = 0; (mech = mechs[i]) != NULL; i++){ - if(!strcasecmp(auth_name, mech->name)){ - tmp = realloc(app_data, mech->size); - if (tmp == NULL) { - reply(431, "Unable to accept %s at this time", mech->name); - return; - } - app_data = tmp; - - if(mech->init && (*mech->init)(app_data) != 0) { - reply(431, "Unable to accept %s at this time", mech->name); - return; - } - if(mech->auth) { - (*mech->auth)(app_data); - return; - } - if(mech->adat) - reply(334, "Send authorization data."); - else - reply(234, "Authorization complete."); - return; - } - } - free (app_data); - app_data = NULL; - reply(504, "%s is unknown to me", auth_name); -} - -void -adat(char *auth_data) -{ - if(mech && !sec_complete) { - void *buf = malloc(strlen(auth_data)); - size_t len; - len = base64_decode(auth_data, buf); - (*mech->adat)(app_data, buf, len); - free(buf); - } else - reply(503, "You must %sissue an AUTH first.", mech ? "re-" : ""); -} - -void pbsz(int size) -{ - size_t new = size; - if(!sec_complete) - reply(503, "Incomplete security data exchange."); - if(mech->pbsz) - new = (*mech->pbsz)(app_data, size); - if(buffer_size != new){ - buffer_size = size; - } - if(new != size) - reply(200, "PBSZ=%lu", (unsigned long)new); - else - reply(200, "OK"); -} - -void -prot(char *pl) -{ - int p = -1; - - if(buffer_size == 0){ - reply(503, "No protection buffer size negotiated."); - return; - } - - if(!strcasecmp(pl, "C")) - p = prot_clear; - else if(!strcasecmp(pl, "S")) - p = prot_safe; - else if(!strcasecmp(pl, "E")) - p = prot_confidential; - else if(!strcasecmp(pl, "P")) - p = prot_private; - else { - reply(504, "Unrecognized protection level."); - return; - } - - if(sec_complete){ - if((*mech->check_prot)(app_data, p)){ - reply(536, "%s does not support %s protection.", - mech->name, level_to_name(p)); - }else{ - data_prot = (enum protection_level)p; - reply(200, "Data protection is %s.", level_to_name(p)); - } - }else{ - reply(503, "Incomplete security data exchange."); - } -} - -void ccc(void) -{ - if(sec_complete){ - if(mech->ccc && (*mech->ccc)(app_data) == 0) { - command_prot = data_prot = prot_clear; - ccc_passed = 1; - } else - reply(534, "You must be joking."); - }else - reply(503, "Incomplete security data exchange."); -} - -void mec(char *msg, enum protection_level level) -{ - void *buf; - size_t len, buf_size; - if(!sec_complete) { - reply(503, "Incomplete security data exchange."); - return; - } - buf_size = strlen(msg) + 2; - buf = malloc(buf_size); - len = base64_decode(msg, buf); - command_prot = level; - if(len == (size_t)-1) { - reply(501, "Failed to base64-decode command"); - return; - } - len = (*mech->decode)(app_data, buf, len, level); - if(len == (size_t)-1) { - reply(535, "Failed to decode command"); - return; - } - ((char*)buf)[len] = '\0'; - if(strstr((char*)buf, "\r\n") == NULL) - strlcat((char*)buf, "\r\n", buf_size); - new_ftp_command(buf); -} - -/* ------------------------------------------------------------ */ - -int -sec_userok(char *userstr) -{ - if(sec_complete) - return (*mech->userok)(app_data, userstr); - return 0; -} - -int -sec_session(char *user) -{ - if(sec_complete && mech->session) - return (*mech->session)(app_data, user); - return 0; -} - -char *ftp_command; - -void -new_ftp_command(char *command) -{ - ftp_command = command; -} - -void -delete_ftp_command(void) -{ - free(ftp_command); - ftp_command = NULL; -} - -int -secure_command(void) -{ - return ftp_command != NULL; -} - -enum protection_level -get_command_prot(void) -{ - return command_prot; -} - -#else /* FTP_SERVER */ - -void -sec_status(void) -{ - if(sec_complete){ - printf("Using %s for authentication.\n", mech->name); - printf("Using %s command channel.\n", level_to_name(command_prot)); - printf("Using %s data channel.\n", level_to_name(data_prot)); - if(buffer_size > 0) - printf("Protection buffer size: %lu.\n", - (unsigned long)buffer_size); - }else{ - printf("Not using any security mechanism.\n"); - } -} - -static int -sec_prot_internal(int level) -{ - int ret; - char *p; - unsigned int s = 1048576; - - int old_verbose = verbose; - verbose = 0; - - if(!sec_complete){ - printf("No security data exchange has taken place.\n"); - return -1; - } - - if(level){ - ret = command("PBSZ %u", s); - if(ret != COMPLETE){ - printf("Failed to set protection buffer size.\n"); - return -1; - } - buffer_size = s; - p = strstr(reply_string, "PBSZ="); - if(p) - sscanf(p, "PBSZ=%u", &s); - if(s < buffer_size) - buffer_size = s; - } - verbose = old_verbose; - ret = command("PROT %c", level["CSEP"]); /* XXX :-) */ - if(ret != COMPLETE){ - printf("Failed to set protection level.\n"); - return -1; - } - - data_prot = (enum protection_level)level; - return 0; -} - -enum protection_level -set_command_prot(enum protection_level level) -{ - int ret; - enum protection_level old = command_prot; - if(level != command_prot && level == prot_clear) { - ret = command("CCC"); - if(ret != COMPLETE) { - printf("Failed to clear command channel.\n"); - return -1; - } - } - command_prot = level; - return old; -} - -void -sec_prot(int argc, char **argv) -{ - int level = -1; - - if(argc > 3) - goto usage; - - if(argc == 1) { - sec_status(); - return; - } - if(!sec_complete) { - printf("No security data exchange has taken place.\n"); - code = -1; - return; - } - level = name_to_level(argv[argc - 1]); - - if(level == -1) - goto usage; - - if((*mech->check_prot)(app_data, level)) { - printf("%s does not implement %s protection.\n", - mech->name, level_to_name(level)); - code = -1; - return; - } - - if(argc == 2 || strncasecmp(argv[1], "data", strlen(argv[1])) == 0) { - if(sec_prot_internal(level) < 0){ - code = -1; - return; - } - } else if(strncasecmp(argv[1], "command", strlen(argv[1])) == 0) { - if(set_command_prot(level) < 0) { - code = -1; - return; - } - } else - goto usage; - code = 0; - return; - usage: - printf("usage: %s [command|data] [clear|safe|confidential|private]\n", - argv[0]); - code = -1; -} - -void -sec_prot_command(int argc, char **argv) -{ - int level; - - if(argc > 2) - goto usage; - - if(!sec_complete) { - printf("No security data exchange has taken place.\n"); - code = -1; - return; - } - - if(argc == 1) { - sec_status(); - } else { - level = name_to_level(argv[1]); - if(level == -1) - goto usage; - - if((*mech->check_prot)(app_data, level)) { - printf("%s does not implement %s protection.\n", - mech->name, level_to_name(level)); - code = -1; - return; - } - if(set_command_prot(level) < 0) { - code = -1; - return; - } - } - code = 0; - return; - usage: - printf("usage: %s [clear|safe|confidential|private]\n", - argv[0]); - code = -1; -} - -static enum protection_level request_data_prot; - -void -sec_set_protection_level(void) -{ - if(sec_complete && data_prot != request_data_prot) - sec_prot_internal(request_data_prot); -} - - -int -sec_request_prot(char *level) -{ - int l = name_to_level(level); - if(l == -1) - return -1; - request_data_prot = (enum protection_level)l; - return 0; -} - -int -sec_login(char *host) -{ - int ret; - struct sec_client_mech **m; - int old_verbose = verbose; - - verbose = -1; /* shut up all messages this will produce (they - are usually not very user friendly) */ - - for(m = mechs; *m && (*m)->name; m++) { - void *tmp; - - tmp = realloc(app_data, (*m)->size); - if (tmp == NULL) { - warnx ("realloc %lu failed", (unsigned long)(*m)->size); - return -1; - } - app_data = tmp; - - if((*m)->init && (*(*m)->init)(app_data) != 0) { - printf("Skipping %s...\n", (*m)->name); - continue; - } - printf("Trying %s...\n", (*m)->name); - ret = command("AUTH %s", (*m)->name); - if(ret != CONTINUE){ - if(code == 504){ - printf("%s is not supported by the server.\n", (*m)->name); - }else if(code == 534){ - printf("%s rejected as security mechanism.\n", (*m)->name); - }else if(ret == ERROR) { - printf("The server doesn't support the FTP " - "security extensions.\n"); - verbose = old_verbose; - return -1; - } - continue; - } - - ret = (*(*m)->auth)(app_data, host); - - if(ret == AUTH_CONTINUE) - continue; - else if(ret != AUTH_OK){ - /* mechanism is supposed to output error string */ - verbose = old_verbose; - return -1; - } - mech = *m; - sec_complete = 1; - if(doencrypt) { - command_prot = prot_private; - request_data_prot = prot_private; - } else { - command_prot = prot_safe; - } - break; - } - - verbose = old_verbose; - return *m == NULL; -} - -void -sec_end(void) -{ - if (mech != NULL) { - if(mech->end) - (*mech->end)(app_data); - if (app_data != NULL) { - memset(app_data, 0, mech->size); - free(app_data); - app_data = NULL; - } - } - sec_complete = 0; - data_prot = (enum protection_level)0; -} - -#endif /* FTP_SERVER */ - diff --git a/crypto/heimdal/appl/ftp/ftp/security.h b/crypto/heimdal/appl/ftp/ftp/security.h deleted file mode 100644 index 85ba23eee0ba..000000000000 --- a/crypto/heimdal/appl/ftp/ftp/security.h +++ /dev/null @@ -1,140 +0,0 @@ -/* - * Copyright (c) 1998 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: security.h 21224 2007-06-20 10:15:13Z lha $ */ - -#ifndef __security_h__ -#define __security_h__ - -enum protection_level { - prot_clear, - prot_safe, - prot_confidential, - prot_private -}; - -struct sec_client_mech { - char *name; - size_t size; - int (*init)(void *); - int (*auth)(void *, char*); - void (*end)(void *); - int (*check_prot)(void *, int); - int (*overhead)(void *, int, int); - int (*encode)(void *, void*, int, int, void**); - int (*decode)(void *, void*, int, int); -}; - -struct sec_server_mech { - char *name; - size_t size; - int (*init)(void *); - void (*end)(void *); - int (*check_prot)(void *, int); - int (*overhead)(void *, int, int); - int (*encode)(void *, void*, int, int, void**); - int (*decode)(void *, void*, int, int); - - int (*auth)(void *); - int (*adat)(void *, void*, size_t); - size_t (*pbsz)(void *, size_t); - int (*ccc)(void*); - int (*userok)(void*, char*); - int (*session)(void*, char*); -}; - -#define AUTH_OK 0 -#define AUTH_CONTINUE 1 -#define AUTH_ERROR 2 - -extern int ftp_do_gss_bindings; -extern int ftp_do_gss_delegate; -#ifdef FTP_SERVER -extern struct sec_server_mech krb4_server_mech, gss_server_mech; -#else -extern struct sec_client_mech krb4_client_mech, gss_client_mech; -#endif - -extern int sec_complete; - -#ifdef FTP_SERVER -extern char *ftp_command; -void new_ftp_command(char*); -void delete_ftp_command(void); -#endif - -/* ---- */ - - -int sec_fflush (FILE *); -int sec_fprintf (FILE *, const char *, ...) - __attribute__ ((format (printf, 2,3))); -int sec_getc (FILE *); -int sec_putc (int, FILE *); -int sec_read (int, void *, int); -int sec_read_msg (char *, int); -int sec_vfprintf (FILE *, const char *, va_list) - __attribute__ ((format (printf, 2,0))); -int sec_fprintf2(FILE *f, const char *fmt, ...) - __attribute__ ((format (printf, 2,3))); -int sec_vfprintf2(FILE *, const char *, va_list) - __attribute__ ((format (printf, 2,0))); -int sec_write (int, char *, int); - -#ifdef FTP_SERVER -void adat (char *); -void auth (char *); -void ccc (void); -void mec (char *, enum protection_level); -void pbsz (int); -void prot (char *); -void delete_ftp_command (void); -void new_ftp_command (char *); -int sec_userok (char *); -int sec_session(char *); -int secure_command (void); -enum protection_level get_command_prot(void); -#else -void sec_end (void); -int sec_login (char *); -void sec_prot (int, char **); -void sec_prot_command (int, char **); -int sec_request_prot (char *); -void sec_set_protection_level (void); -void sec_status (void); - -enum protection_level set_command_prot(enum protection_level); - -#endif - -#endif /* __security_h__ */ diff --git a/crypto/heimdal/appl/ftp/ftpd/Makefile.am b/crypto/heimdal/appl/ftp/ftpd/Makefile.am deleted file mode 100644 index b40487630409..000000000000 --- a/crypto/heimdal/appl/ftp/ftpd/Makefile.am +++ /dev/null @@ -1,59 +0,0 @@ -# $Id: Makefile.am 21031 2007-06-09 05:00:27Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += -I$(srcdir)/../common $(INCLUDE_krb4) -DFTP_SERVER - -libexec_PROGRAMS = ftpd - -CHECK_LOCAL = - -if KRB4 -krb4_sources = krb4.c -endif -if KRB5 -krb5_sources = gssapi.c gss_userok.c -endif - -ftpd_SOURCES = \ - extern.h \ - ftpcmd.y \ - ftpd.c \ - ftpd_locl.h \ - logwtmp.c \ - ls.c \ - pathnames.h \ - popen.c \ - security.c \ - kauth.c \ - klist.c \ - $(krb4_sources) \ - $(krb5_sources) - -EXTRA_ftpd_SOURCES = krb4.c kauth.c gssapi.c gss_userok.c - -$(ftpd_OBJECTS): security.h - -security.c: - @test -f security.c || $(LN_S) $(srcdir)/../ftp/security.c . -security.h: - @test -f security.h || $(LN_S) $(srcdir)/../ftp/security.h . -krb4.c: - @test -f krb4.c || $(LN_S) $(srcdir)/../ftp/krb4.c . -gssapi.c: - @test -f gssapi.c || $(LN_S) $(srcdir)/../ftp/gssapi.c . - -CLEANFILES = security.c security.h krb4.c gssapi.c - -man_MANS = ftpd.8 ftpusers.5 - -LDADD = ../common/libcommon.a \ - $(LIB_otp) \ - $(LIB_gssapi) \ - $(LIB_krb5) \ - $(LIB_kafs) \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(LIB_roken) - -EXTRA_DIST = $(man_MANS) diff --git a/crypto/heimdal/appl/ftp/ftpd/Makefile.in b/crypto/heimdal/appl/ftp/ftpd/Makefile.in deleted file mode 100644 index c7a6a8fce070..000000000000 --- a/crypto/heimdal/appl/ftp/ftpd/Makefile.in +++ /dev/null @@ -1,939 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 21031 2007-06-09 05:00:27Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ftpcmd.c -libexec_PROGRAMS = ftpd$(EXEEXT) -subdir = appl/ftp/ftpd -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(man5dir)" \ - "$(DESTDIR)$(man8dir)" -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(libexec_PROGRAMS) -am__ftpd_SOURCES_DIST = extern.h ftpcmd.y ftpd.c ftpd_locl.h logwtmp.c \ - ls.c pathnames.h popen.c security.c kauth.c klist.c krb4.c \ - gssapi.c gss_userok.c -@KRB4_TRUE@am__objects_1 = krb4.$(OBJEXT) -@KRB5_TRUE@am__objects_2 = gssapi.$(OBJEXT) gss_userok.$(OBJEXT) -am_ftpd_OBJECTS = ftpcmd.$(OBJEXT) ftpd.$(OBJEXT) logwtmp.$(OBJEXT) \ - ls.$(OBJEXT) popen.$(OBJEXT) security.$(OBJEXT) \ - kauth.$(OBJEXT) klist.$(OBJEXT) $(am__objects_1) \ - $(am__objects_2) -ftpd_OBJECTS = $(am_ftpd_OBJECTS) -ftpd_LDADD = $(LDADD) -am__DEPENDENCIES_1 = -am__DEPENDENCIES_2 = $(top_builddir)/lib/kafs/libkafs.la \ - $(am__DEPENDENCIES_1) -ftpd_DEPENDENCIES = ../common/libcommon.a $(am__DEPENDENCIES_1) \ - $(LIB_gssapi) $(LIB_krb5) $(am__DEPENDENCIES_2) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -@MAINTAINER_MODE_FALSE@am__skipyacc = test -f $@ || -YACCCOMPILE = $(YACC) $(YFLAGS) $(AM_YFLAGS) -LTYACCCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(YACC) $(YFLAGS) $(AM_YFLAGS) -YLWRAP = $(top_srcdir)/ylwrap -SOURCES = $(ftpd_SOURCES) $(EXTRA_ftpd_SOURCES) -DIST_SOURCES = $(am__ftpd_SOURCES_DIST) $(EXTRA_ftpd_SOURCES) -man5dir = $(mandir)/man5 -man8dir = $(mandir)/man8 -MANS = $(man_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - -I$(srcdir)/../common $(INCLUDE_krb4) -DFTP_SERVER -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -CHECK_LOCAL = -@KRB4_TRUE@krb4_sources = krb4.c -@KRB5_TRUE@krb5_sources = gssapi.c gss_userok.c -ftpd_SOURCES = \ - extern.h \ - ftpcmd.y \ - ftpd.c \ - ftpd_locl.h \ - logwtmp.c \ - ls.c \ - pathnames.h \ - popen.c \ - security.c \ - kauth.c \ - klist.c \ - $(krb4_sources) \ - $(krb5_sources) - -EXTRA_ftpd_SOURCES = krb4.c kauth.c gssapi.c gss_userok.c -CLEANFILES = security.c security.h krb4.c gssapi.c -man_MANS = ftpd.8 ftpusers.5 -LDADD = ../common/libcommon.a \ - $(LIB_otp) \ - $(LIB_gssapi) \ - $(LIB_krb5) \ - $(LIB_kafs) \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(LIB_roken) - -EXTRA_DIST = $(man_MANS) -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj .y -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/ftp/ftpd/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/ftp/ftpd/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-libexecPROGRAMS: $(libexec_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-libexecPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done - -clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -ftpd$(EXEEXT): $(ftpd_OBJECTS) $(ftpd_DEPENDENCIES) - @rm -f ftpd$(EXEEXT) - $(LINK) $(ftpd_OBJECTS) $(ftpd_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -.y.c: - $(am__skipyacc) $(SHELL) $(YLWRAP) $< y.tab.c $@ y.tab.h $*.h y.output $*.output -- $(YACCCOMPILE) - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man5: $(man5_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man5dir)" || $(MKDIR_P) "$(DESTDIR)$(man5dir)" - @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.5*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 5*) ;; \ - *) ext='5' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst"; \ - done -uninstall-man5: - @$(NORMAL_UNINSTALL) - @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.5*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 5*) ;; \ - *) ext='5' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man5dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man5dir)/$$inst"; \ - done -install-man8: $(man8_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(PROGRAMS) $(MANS) all-local -installdirs: - for dir in "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." - -rm -f ftpcmd.c -clean: clean-am - -clean-am: clean-generic clean-libexecPROGRAMS clean-libtool \ - mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-libexecPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man5 install-man8 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-libexecPROGRAMS uninstall-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man5 uninstall-man8 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-generic clean-libexecPROGRAMS clean-libtool ctags \ - dist-hook distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am \ - install-libexecPROGRAMS install-man install-man5 install-man8 \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ - pdf pdf-am ps ps-am tags uninstall uninstall-am uninstall-hook \ - uninstall-libexecPROGRAMS uninstall-man uninstall-man5 \ - uninstall-man8 - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -$(ftpd_OBJECTS): security.h - -security.c: - @test -f security.c || $(LN_S) $(srcdir)/../ftp/security.c . -security.h: - @test -f security.h || $(LN_S) $(srcdir)/../ftp/security.h . -krb4.c: - @test -f krb4.c || $(LN_S) $(srcdir)/../ftp/krb4.c . -gssapi.c: - @test -f gssapi.c || $(LN_S) $(srcdir)/../ftp/gssapi.c . -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/appl/ftp/ftpd/extern.h b/crypto/heimdal/appl/ftp/ftpd/extern.h deleted file mode 100644 index db40f2fdd21d..000000000000 --- a/crypto/heimdal/appl/ftp/ftpd/extern.h +++ /dev/null @@ -1,148 +0,0 @@ -/*- - * Copyright (c) 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)extern.h 8.2 (Berkeley) 4/4/94 - */ - -#ifndef _EXTERN_H_ -#define _EXTERN_H_ - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif - -#include -#include -#ifdef HAVE_PWD_H -#include -#endif - -#ifdef HAVE_LIMITS_H -#include -#endif - -#ifndef NBBY -#define NBBY CHAR_BIT -#endif - -void abor(void); -void blkfree(char **); -char **copyblk(char **); -void cwd(char *); -void do_delete(char *); -void dologout(int); -void eprt(char *); -void epsv(char *); -void fatal(char *); -int filename_check(char *); -int ftpd_pclose(FILE *); -FILE *ftpd_popen(char *, char *, int, int); -char *ftpd_getline(char *, int); -void ftpd_logwtmp(char *, char *, char *); -void lreply(int, const char *, ...) - __attribute__ ((format (printf, 2, 3))); -void makedir(char *); -void nack(char *); -void nreply(const char *, ...) - __attribute__ ((format (printf, 1, 2))); -void pass(char *); -void pasv(void); -void perror_reply(int, const char *); -void pwd(void); -void removedir(char *); -void renamecmd(char *, char *); -char *renamefrom(char *); -void reply(int, const char *, ...) - __attribute__ ((format (printf, 2, 3))); -void retrieve(const char *, char *); -void send_file_list(char *); -void setproctitle(const char *, ...) - __attribute__ ((format (printf, 1, 2))); -void statcmd(void); -void statfilecmd(char *); -void do_store(char *, char *, int); -void upper(char *); -void user(char *); -void yyerror(char *); - -void list_file(char*); - -void kauth(char *, char*); -void klist(void); -void cond_kdestroy(void); -void kdestroy(void); -void krbtkfile(const char *tkfile); -void afslog(const char *, int); -void afsunlog(void); - -extern int do_destroy_tickets; -extern char *k5ccname; - -int find(char *); - -int builtin_ls(FILE*, const char*); - -int do_login(int code, char *passwd); -int klogin(char *name, char *password); - -const char *ftp_rooted(const char *path); - -extern struct sockaddr *ctrl_addr, *his_addr; -extern char hostname[]; - -extern struct sockaddr *data_dest; -extern int logged_in; -extern struct passwd *pw; -extern int guest; -extern int logging; -extern int type; -extern off_t file_size; -extern off_t byte_count; -extern int ccc_passed; - -extern int form; -extern int debug; -extern int ftpd_timeout; -extern int maxtimeout; -extern int pdata; -extern char hostname[], remotehost[]; -extern char proctitle[]; -extern int usedefault; -extern char tmpline[]; - -#endif /* _EXTERN_H_ */ diff --git a/crypto/heimdal/appl/ftp/ftpd/ftpcmd.c b/crypto/heimdal/appl/ftp/ftpd/ftpcmd.c deleted file mode 100644 index 94eadeeec92e..000000000000 --- a/crypto/heimdal/appl/ftp/ftpd/ftpcmd.c +++ /dev/null @@ -1,3551 +0,0 @@ -/* A Bison parser, made by GNU Bison 2.3. */ - -/* Skeleton implementation for Bison's Yacc-like parsers in C - - Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 - Free Software Foundation, Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2, or (at your option) - any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, - Boston, MA 02110-1301, USA. */ - -/* As a special exception, you may create a larger work that contains - part or all of the Bison parser skeleton and distribute that work - under terms of your choice, so long as that work isn't itself a - parser generator using the skeleton or a modified version thereof - as a parser skeleton. Alternatively, if you modify or redistribute - the parser skeleton itself, you may (at your option) remove this - special exception, which will cause the skeleton and the resulting - Bison output files to be licensed under the GNU General Public - License without this special exception. - - This special exception was added by the Free Software Foundation in - version 2.2 of Bison. */ - -/* C LALR(1) parser skeleton written by Richard Stallman, by - simplifying the original so-called "semantic" parser. */ - -/* All symbols defined below should begin with yy or YY, to avoid - infringing on user name space. This should be done even for local - variables, as they might otherwise be expanded by user macros. - There are some unavoidable exceptions within include files to - define necessary library symbols; they are noted "INFRINGES ON - USER NAME SPACE" below. */ - -/* Identify Bison output. */ -#define YYBISON 1 - -/* Bison version. */ -#define YYBISON_VERSION "2.3" - -/* Skeleton name. */ -#define YYSKELETON_NAME "yacc.c" - -/* Pure parsers. */ -#define YYPURE 0 - -/* Using locations. */ -#define YYLSP_NEEDED 0 - - - -/* Tokens. */ -#ifndef YYTOKENTYPE -# define YYTOKENTYPE - /* Put the tokens into the symbol table, so that GDB and other debuggers - know about them. */ - enum yytokentype { - A = 258, - B = 259, - C = 260, - E = 261, - F = 262, - I = 263, - L = 264, - N = 265, - P = 266, - R = 267, - S = 268, - T = 269, - SP = 270, - CRLF = 271, - COMMA = 272, - USER = 273, - PASS = 274, - ACCT = 275, - REIN = 276, - QUIT = 277, - PORT = 278, - PASV = 279, - TYPE = 280, - STRU = 281, - MODE = 282, - RETR = 283, - STOR = 284, - APPE = 285, - MLFL = 286, - MAIL = 287, - MSND = 288, - MSOM = 289, - MSAM = 290, - MRSQ = 291, - MRCP = 292, - ALLO = 293, - REST = 294, - RNFR = 295, - RNTO = 296, - ABOR = 297, - DELE = 298, - CWD = 299, - LIST = 300, - NLST = 301, - SITE = 302, - sTAT = 303, - HELP = 304, - NOOP = 305, - MKD = 306, - RMD = 307, - PWD = 308, - CDUP = 309, - STOU = 310, - SMNT = 311, - SYST = 312, - SIZE = 313, - MDTM = 314, - EPRT = 315, - EPSV = 316, - UMASK = 317, - IDLE = 318, - CHMOD = 319, - AUTH = 320, - ADAT = 321, - PROT = 322, - PBSZ = 323, - CCC = 324, - MIC = 325, - CONF = 326, - ENC = 327, - KAUTH = 328, - KLIST = 329, - KDESTROY = 330, - KRBTKFILE = 331, - AFSLOG = 332, - LOCATE = 333, - URL = 334, - FEAT = 335, - OPTS = 336, - LEXERR = 337, - STRING = 338, - NUMBER = 339 - }; -#endif -/* Tokens. */ -#define A 258 -#define B 259 -#define C 260 -#define E 261 -#define F 262 -#define I 263 -#define L 264 -#define N 265 -#define P 266 -#define R 267 -#define S 268 -#define T 269 -#define SP 270 -#define CRLF 271 -#define COMMA 272 -#define USER 273 -#define PASS 274 -#define ACCT 275 -#define REIN 276 -#define QUIT 277 -#define PORT 278 -#define PASV 279 -#define TYPE 280 -#define STRU 281 -#define MODE 282 -#define RETR 283 -#define STOR 284 -#define APPE 285 -#define MLFL 286 -#define MAIL 287 -#define MSND 288 -#define MSOM 289 -#define MSAM 290 -#define MRSQ 291 -#define MRCP 292 -#define ALLO 293 -#define REST 294 -#define RNFR 295 -#define RNTO 296 -#define ABOR 297 -#define DELE 298 -#define CWD 299 -#define LIST 300 -#define NLST 301 -#define SITE 302 -#define sTAT 303 -#define HELP 304 -#define NOOP 305 -#define MKD 306 -#define RMD 307 -#define PWD 308 -#define CDUP 309 -#define STOU 310 -#define SMNT 311 -#define SYST 312 -#define SIZE 313 -#define MDTM 314 -#define EPRT 315 -#define EPSV 316 -#define UMASK 317 -#define IDLE 318 -#define CHMOD 319 -#define AUTH 320 -#define ADAT 321 -#define PROT 322 -#define PBSZ 323 -#define CCC 324 -#define MIC 325 -#define CONF 326 -#define ENC 327 -#define KAUTH 328 -#define KLIST 329 -#define KDESTROY 330 -#define KRBTKFILE 331 -#define AFSLOG 332 -#define LOCATE 333 -#define URL 334 -#define FEAT 335 -#define OPTS 336 -#define LEXERR 337 -#define STRING 338 -#define NUMBER 339 - - - - -/* Copy the first part of user declarations. */ -#line 43 "ftpcmd.y" - - -#include "ftpd_locl.h" -RCSID("$Id: ftpcmd.y 15677 2005-07-19 18:33:08Z lha $"); - -off_t restart_point; - -static int hasyyerrored; - - -static int cmd_type; -static int cmd_form; -static int cmd_bytesz; -char cbuf[64*1024]; -char *fromname; - -struct tab { - char *name; - short token; - short state; - short implemented; /* 1 if command is implemented */ - char *help; -}; - -extern struct tab cmdtab[]; -extern struct tab sitetab[]; - -static char *copy (char *); -static void help (struct tab *, char *); -static struct tab * - lookup (struct tab *, char *); -static void sizecmd (char *); -static RETSIGTYPE toolong (int); -static int yylex (void); - -/* This is for bison */ - -#if !defined(alloca) && !defined(HAVE_ALLOCA) -#define alloca(x) malloc(x) -#endif - - - -/* Enabling traces. */ -#ifndef YYDEBUG -# define YYDEBUG 0 -#endif - -/* Enabling verbose error messages. */ -#ifdef YYERROR_VERBOSE -# undef YYERROR_VERBOSE -# define YYERROR_VERBOSE 1 -#else -# define YYERROR_VERBOSE 0 -#endif - -/* Enabling the token table. */ -#ifndef YYTOKEN_TABLE -# define YYTOKEN_TABLE 0 -#endif - -#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED -typedef union YYSTYPE -#line 86 "ftpcmd.y" -{ - int i; - char *s; -} -/* Line 193 of yacc.c. */ -#line 312 "ftpcmd.c" - YYSTYPE; -# define yystype YYSTYPE /* obsolescent; will be withdrawn */ -# define YYSTYPE_IS_DECLARED 1 -# define YYSTYPE_IS_TRIVIAL 1 -#endif - - - -/* Copy the second part of user declarations. */ - - -/* Line 216 of yacc.c. */ -#line 325 "ftpcmd.c" - -#ifdef short -# undef short -#endif - -#ifdef YYTYPE_UINT8 -typedef YYTYPE_UINT8 yytype_uint8; -#else -typedef unsigned char yytype_uint8; -#endif - -#ifdef YYTYPE_INT8 -typedef YYTYPE_INT8 yytype_int8; -#elif (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -typedef signed char yytype_int8; -#else -typedef short int yytype_int8; -#endif - -#ifdef YYTYPE_UINT16 -typedef YYTYPE_UINT16 yytype_uint16; -#else -typedef unsigned short int yytype_uint16; -#endif - -#ifdef YYTYPE_INT16 -typedef YYTYPE_INT16 yytype_int16; -#else -typedef short int yytype_int16; -#endif - -#ifndef YYSIZE_T -# ifdef __SIZE_TYPE__ -# define YYSIZE_T __SIZE_TYPE__ -# elif defined size_t -# define YYSIZE_T size_t -# elif ! defined YYSIZE_T && (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -# include /* INFRINGES ON USER NAME SPACE */ -# define YYSIZE_T size_t -# else -# define YYSIZE_T unsigned int -# endif -#endif - -#define YYSIZE_MAXIMUM ((YYSIZE_T) -1) - -#ifndef YY_ -# if defined YYENABLE_NLS && YYENABLE_NLS -# if ENABLE_NLS -# include /* INFRINGES ON USER NAME SPACE */ -# define YY_(msgid) dgettext ("bison-runtime", msgid) -# endif -# endif -# ifndef YY_ -# define YY_(msgid) msgid -# endif -#endif - -/* Suppress unused-variable warnings by "using" E. */ -#if ! defined lint || defined __GNUC__ -# define YYUSE(e) ((void) (e)) -#else -# define YYUSE(e) /* empty */ -#endif - -/* Identity function, used to suppress warnings about constant conditions. */ -#ifndef lint -# define YYID(n) (n) -#else -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static int -YYID (int i) -#else -static int -YYID (i) - int i; -#endif -{ - return i; -} -#endif - -#if ! defined yyoverflow || YYERROR_VERBOSE - -/* The parser invokes alloca or malloc; define the necessary symbols. */ - -# ifdef YYSTACK_USE_ALLOCA -# if YYSTACK_USE_ALLOCA -# ifdef __GNUC__ -# define YYSTACK_ALLOC __builtin_alloca -# elif defined __BUILTIN_VA_ARG_INCR -# include /* INFRINGES ON USER NAME SPACE */ -# elif defined _AIX -# define YYSTACK_ALLOC __alloca -# elif defined _MSC_VER -# include /* INFRINGES ON USER NAME SPACE */ -# define alloca _alloca -# else -# define YYSTACK_ALLOC alloca -# if ! defined _ALLOCA_H && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -# include /* INFRINGES ON USER NAME SPACE */ -# ifndef _STDLIB_H -# define _STDLIB_H 1 -# endif -# endif -# endif -# endif -# endif - -# ifdef YYSTACK_ALLOC - /* Pacify GCC's `empty if-body' warning. */ -# define YYSTACK_FREE(Ptr) do { /* empty */; } while (YYID (0)) -# ifndef YYSTACK_ALLOC_MAXIMUM - /* The OS might guarantee only one guard page at the bottom of the stack, - and a page size can be as small as 4096 bytes. So we cannot safely - invoke alloca (N) if N exceeds 4096. Use a slightly smaller number - to allow for a few compiler-allocated temporary stack slots. */ -# define YYSTACK_ALLOC_MAXIMUM 4032 /* reasonable circa 2006 */ -# endif -# else -# define YYSTACK_ALLOC YYMALLOC -# define YYSTACK_FREE YYFREE -# ifndef YYSTACK_ALLOC_MAXIMUM -# define YYSTACK_ALLOC_MAXIMUM YYSIZE_MAXIMUM -# endif -# if (defined __cplusplus && ! defined _STDLIB_H \ - && ! ((defined YYMALLOC || defined malloc) \ - && (defined YYFREE || defined free))) -# include /* INFRINGES ON USER NAME SPACE */ -# ifndef _STDLIB_H -# define _STDLIB_H 1 -# endif -# endif -# ifndef YYMALLOC -# define YYMALLOC malloc -# if ! defined malloc && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -void *malloc (YYSIZE_T); /* INFRINGES ON USER NAME SPACE */ -# endif -# endif -# ifndef YYFREE -# define YYFREE free -# if ! defined free && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -void free (void *); /* INFRINGES ON USER NAME SPACE */ -# endif -# endif -# endif -#endif /* ! defined yyoverflow || YYERROR_VERBOSE */ - - -#if (! defined yyoverflow \ - && (! defined __cplusplus \ - || (defined YYSTYPE_IS_TRIVIAL && YYSTYPE_IS_TRIVIAL))) - -/* A type that is properly aligned for any stack member. */ -union yyalloc -{ - yytype_int16 yyss; - YYSTYPE yyvs; - }; - -/* The size of the maximum gap between one aligned stack and the next. */ -# define YYSTACK_GAP_MAXIMUM (sizeof (union yyalloc) - 1) - -/* The size of an array large to enough to hold all stacks, each with - N elements. */ -# define YYSTACK_BYTES(N) \ - ((N) * (sizeof (yytype_int16) + sizeof (YYSTYPE)) \ - + YYSTACK_GAP_MAXIMUM) - -/* Copy COUNT objects from FROM to TO. The source and destination do - not overlap. */ -# ifndef YYCOPY -# if defined __GNUC__ && 1 < __GNUC__ -# define YYCOPY(To, From, Count) \ - __builtin_memcpy (To, From, (Count) * sizeof (*(From))) -# else -# define YYCOPY(To, From, Count) \ - do \ - { \ - YYSIZE_T yyi; \ - for (yyi = 0; yyi < (Count); yyi++) \ - (To)[yyi] = (From)[yyi]; \ - } \ - while (YYID (0)) -# endif -# endif - -/* Relocate STACK from its old location to the new one. The - local variables YYSIZE and YYSTACKSIZE give the old and new number of - elements in the stack, and YYPTR gives the new location of the - stack. Advance YYPTR to a properly aligned location for the next - stack. */ -# define YYSTACK_RELOCATE(Stack) \ - do \ - { \ - YYSIZE_T yynewbytes; \ - YYCOPY (&yyptr->Stack, Stack, yysize); \ - Stack = &yyptr->Stack; \ - yynewbytes = yystacksize * sizeof (*Stack) + YYSTACK_GAP_MAXIMUM; \ - yyptr += yynewbytes / sizeof (*yyptr); \ - } \ - while (YYID (0)) - -#endif - -/* YYFINAL -- State number of the termination state. */ -#define YYFINAL 2 -/* YYLAST -- Last index in YYTABLE. */ -#define YYLAST 327 - -/* YYNTOKENS -- Number of terminals. */ -#define YYNTOKENS 85 -/* YYNNTS -- Number of nonterminals. */ -#define YYNNTS 18 -/* YYNRULES -- Number of rules. */ -#define YYNRULES 98 -/* YYNRULES -- Number of states. */ -#define YYNSTATES 317 - -/* YYTRANSLATE(YYLEX) -- Bison symbol number corresponding to YYLEX. */ -#define YYUNDEFTOK 2 -#define YYMAXUTOK 339 - -#define YYTRANSLATE(YYX) \ - ((unsigned int) (YYX) <= YYMAXUTOK ? yytranslate[YYX] : YYUNDEFTOK) - -/* YYTRANSLATE[YYLEX] -- Bison symbol number corresponding to YYLEX. */ -static const yytype_uint8 yytranslate[] = -{ - 0, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 1, 2, 3, 4, - 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, - 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, - 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, - 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, - 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, - 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, - 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, - 75, 76, 77, 78, 79, 80, 81, 82, 83, 84 -}; - -#if YYDEBUG -/* YYPRHS[YYN] -- Index of the first RHS symbol of rule number YYN in - YYRHS. */ -static const yytype_uint16 yyprhs[] = -{ - 0, 0, 3, 4, 7, 10, 16, 22, 28, 34, - 38, 42, 48, 54, 60, 66, 72, 82, 88, 94, - 100, 104, 110, 114, 120, 126, 130, 136, 142, 146, - 150, 156, 160, 166, 170, 176, 182, 186, 190, 194, - 200, 206, 214, 220, 228, 238, 244, 252, 260, 266, - 272, 280, 286, 294, 302, 308, 314, 318, 324, 330, - 334, 337, 343, 349, 354, 359, 365, 371, 375, 380, - 385, 390, 392, 393, 395, 397, 409, 411, 413, 415, - 417, 421, 423, 427, 429, 431, 435, 438, 440, 442, - 444, 446, 448, 450, 452, 454, 456, 458, 460 -}; - -/* YYRHS -- A `-1'-separated list of the rules' RHS. */ -static const yytype_int8 yyrhs[] = -{ - 86, 0, -1, -1, 86, 87, -1, 86, 88, -1, - 18, 15, 89, 16, 102, -1, 19, 15, 90, 16, - 102, -1, 23, 15, 92, 16, 102, -1, 60, 15, - 83, 16, 102, -1, 24, 16, 101, -1, 61, 16, - 101, -1, 61, 15, 83, 16, 101, -1, 25, 15, - 94, 16, 102, -1, 26, 15, 95, 16, 102, -1, - 27, 15, 96, 16, 102, -1, 38, 15, 84, 16, - 102, -1, 38, 15, 84, 15, 12, 15, 84, 16, - 102, -1, 28, 15, 97, 16, 101, -1, 29, 15, - 97, 16, 101, -1, 30, 15, 97, 16, 101, -1, - 46, 16, 101, -1, 46, 15, 83, 16, 101, -1, - 45, 16, 101, -1, 45, 15, 97, 16, 101, -1, - 48, 15, 97, 16, 101, -1, 48, 16, 102, -1, - 43, 15, 97, 16, 100, -1, 41, 15, 97, 16, - 100, -1, 42, 16, 102, -1, 44, 16, 101, -1, - 44, 15, 97, 16, 101, -1, 49, 16, 102, -1, - 49, 15, 83, 16, 102, -1, 50, 16, 102, -1, - 51, 15, 97, 16, 101, -1, 52, 15, 97, 16, - 100, -1, 53, 16, 101, -1, 54, 16, 101, -1, - 80, 16, 102, -1, 81, 15, 83, 16, 102, -1, - 47, 15, 49, 16, 102, -1, 47, 15, 49, 15, - 83, 16, 102, -1, 47, 15, 62, 16, 101, -1, - 47, 15, 62, 15, 99, 16, 100, -1, 47, 15, - 64, 15, 99, 15, 97, 16, 100, -1, 47, 15, - 63, 16, 102, -1, 47, 15, 63, 15, 84, 16, - 102, -1, 47, 15, 73, 15, 83, 16, 101, -1, - 47, 15, 74, 16, 101, -1, 47, 15, 75, 16, - 101, -1, 47, 15, 76, 15, 83, 16, 101, -1, - 47, 15, 77, 16, 101, -1, 47, 15, 77, 15, - 83, 16, 101, -1, 47, 15, 78, 15, 83, 16, - 101, -1, 47, 15, 79, 16, 102, -1, 55, 15, - 97, 16, 101, -1, 57, 16, 102, -1, 58, 15, - 97, 16, 101, -1, 59, 15, 97, 16, 101, -1, - 22, 16, 102, -1, 1, 16, -1, 40, 15, 97, - 16, 100, -1, 39, 15, 91, 16, 102, -1, 65, - 15, 83, 16, -1, 66, 15, 83, 16, -1, 68, - 15, 84, 16, 102, -1, 67, 15, 83, 16, 102, - -1, 69, 16, 102, -1, 70, 15, 83, 16, -1, - 71, 15, 83, 16, -1, 72, 15, 83, 16, -1, - 83, -1, -1, 83, -1, 84, -1, 84, 17, 84, - 17, 84, 17, 84, 17, 84, 17, 84, -1, 10, - -1, 14, -1, 5, -1, 3, -1, 3, 15, 93, - -1, 6, -1, 6, 15, 93, -1, 8, -1, 9, - -1, 9, 15, 91, -1, 9, 91, -1, 7, -1, - 12, -1, 11, -1, 13, -1, 4, -1, 5, -1, - 98, -1, 83, -1, 84, -1, 101, -1, 102, -1, - -1 -}; - -/* YYRLINE[YYN] -- source line where rule number YYN was defined. */ -static const yytype_uint16 yyrline[] = -{ - 0, 129, 129, 131, 136, 140, 146, 153, 164, 170, - 175, 180, 186, 223, 237, 251, 257, 263, 272, 281, - 290, 295, 304, 309, 315, 322, 327, 334, 348, 353, - 358, 365, 370, 387, 392, 399, 406, 411, 416, 426, - 433, 438, 443, 451, 464, 478, 485, 502, 525, 530, - 539, 552, 563, 576, 583, 588, 595, 613, 630, 658, - 665, 671, 681, 691, 696, 701, 706, 711, 716, 721, - 726, 734, 739, 742, 746, 750, 763, 767, 771, 778, - 783, 788, 793, 798, 802, 807, 813, 821, 825, 829, - 836, 840, 844, 851, 879, 883, 909, 917, 928 -}; -#endif - -#if YYDEBUG || YYERROR_VERBOSE || YYTOKEN_TABLE -/* YYTNAME[SYMBOL-NUM] -- String name of the symbol SYMBOL-NUM. - First, the terminals, then, starting at YYNTOKENS, nonterminals. */ -static const char *const yytname[] = -{ - "$end", "error", "$undefined", "A", "B", "C", "E", "F", "I", "L", "N", - "P", "R", "S", "T", "SP", "CRLF", "COMMA", "USER", "PASS", "ACCT", - "REIN", "QUIT", "PORT", "PASV", "TYPE", "STRU", "MODE", "RETR", "STOR", - "APPE", "MLFL", "MAIL", "MSND", "MSOM", "MSAM", "MRSQ", "MRCP", "ALLO", - "REST", "RNFR", "RNTO", "ABOR", "DELE", "CWD", "LIST", "NLST", "SITE", - "sTAT", "HELP", "NOOP", "MKD", "RMD", "PWD", "CDUP", "STOU", "SMNT", - "SYST", "SIZE", "MDTM", "EPRT", "EPSV", "UMASK", "IDLE", "CHMOD", "AUTH", - "ADAT", "PROT", "PBSZ", "CCC", "MIC", "CONF", "ENC", "KAUTH", "KLIST", - "KDESTROY", "KRBTKFILE", "AFSLOG", "LOCATE", "URL", "FEAT", "OPTS", - "LEXERR", "STRING", "NUMBER", "$accept", "cmd_list", "cmd", "rcmd", - "username", "password", "byte_size", "host_port", "form_code", - "type_code", "struct_code", "mode_code", "pathname", "pathstring", - "octal_number", "check_login_no_guest", "check_login", "check_secure", 0 -}; -#endif - -# ifdef YYPRINT -/* YYTOKNUM[YYLEX-NUM] -- Internal token number corresponding to - token YYLEX-NUM. */ -static const yytype_uint16 yytoknum[] = -{ - 0, 256, 257, 258, 259, 260, 261, 262, 263, 264, - 265, 266, 267, 268, 269, 270, 271, 272, 273, 274, - 275, 276, 277, 278, 279, 280, 281, 282, 283, 284, - 285, 286, 287, 288, 289, 290, 291, 292, 293, 294, - 295, 296, 297, 298, 299, 300, 301, 302, 303, 304, - 305, 306, 307, 308, 309, 310, 311, 312, 313, 314, - 315, 316, 317, 318, 319, 320, 321, 322, 323, 324, - 325, 326, 327, 328, 329, 330, 331, 332, 333, 334, - 335, 336, 337, 338, 339 -}; -# endif - -/* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */ -static const yytype_uint8 yyr1[] = -{ - 0, 85, 86, 86, 86, 87, 87, 87, 87, 87, - 87, 87, 87, 87, 87, 87, 87, 87, 87, 87, - 87, 87, 87, 87, 87, 87, 87, 87, 87, 87, - 87, 87, 87, 87, 87, 87, 87, 87, 87, 87, - 87, 87, 87, 87, 87, 87, 87, 87, 87, 87, - 87, 87, 87, 87, 87, 87, 87, 87, 87, 87, - 87, 88, 88, 88, 88, 88, 88, 88, 88, 88, - 88, 89, 90, 90, 91, 92, 93, 93, 93, 94, - 94, 94, 94, 94, 94, 94, 94, 95, 95, 95, - 96, 96, 96, 97, 98, 99, 100, 101, 102 -}; - -/* YYR2[YYN] -- Number of symbols composing right hand side of rule YYN. */ -static const yytype_uint8 yyr2[] = -{ - 0, 2, 0, 2, 2, 5, 5, 5, 5, 3, - 3, 5, 5, 5, 5, 5, 9, 5, 5, 5, - 3, 5, 3, 5, 5, 3, 5, 5, 3, 3, - 5, 3, 5, 3, 5, 5, 3, 3, 3, 5, - 5, 7, 5, 7, 9, 5, 7, 7, 5, 5, - 7, 5, 7, 7, 5, 5, 3, 5, 5, 3, - 2, 5, 5, 4, 4, 5, 5, 3, 4, 4, - 4, 1, 0, 1, 1, 11, 1, 1, 1, 1, - 3, 1, 3, 1, 1, 3, 2, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 0 -}; - -/* YYDEFACT[STATE-NAME] -- Default rule to reduce with in state - STATE-NUM when YYTABLE doesn't specify something else to do. Zero - means the default is an error. */ -static const yytype_uint8 yydefact[] = -{ - 2, 0, 1, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 3, 4, - 60, 0, 72, 98, 0, 98, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 98, 0, 0, 98, - 0, 98, 0, 98, 0, 0, 98, 0, 98, 98, - 0, 0, 98, 98, 0, 98, 0, 0, 0, 0, - 98, 0, 0, 0, 0, 98, 0, 0, 0, 98, - 0, 71, 0, 73, 0, 59, 0, 0, 9, 97, - 79, 81, 83, 84, 0, 87, 89, 88, 0, 91, - 92, 90, 0, 94, 0, 93, 0, 0, 0, 74, - 0, 0, 0, 28, 0, 0, 29, 0, 22, 0, - 20, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 25, 0, 31, 33, 0, 0, 36, - 37, 0, 56, 0, 0, 0, 0, 10, 0, 0, - 0, 0, 67, 0, 0, 0, 38, 0, 98, 98, - 0, 98, 0, 0, 0, 86, 98, 98, 98, 98, - 98, 98, 0, 98, 98, 98, 98, 98, 98, 98, - 98, 0, 98, 0, 98, 0, 98, 0, 0, 98, - 98, 0, 0, 98, 0, 98, 98, 98, 98, 98, - 98, 98, 98, 98, 98, 63, 64, 98, 98, 68, - 69, 70, 98, 5, 6, 0, 7, 78, 76, 77, - 80, 82, 85, 12, 13, 14, 17, 18, 19, 0, - 15, 62, 61, 96, 27, 26, 30, 23, 21, 0, - 40, 95, 0, 42, 0, 45, 0, 0, 48, 49, - 0, 0, 51, 0, 54, 24, 32, 34, 35, 55, - 57, 58, 8, 11, 66, 65, 39, 0, 0, 98, - 98, 98, 0, 98, 98, 98, 98, 0, 0, 41, - 43, 46, 0, 47, 50, 52, 53, 0, 98, 98, - 0, 16, 44, 0, 0, 0, 75 -}; - -/* YYDEFGOTO[NTERM-NUM]. */ -static const yytype_int16 yydefgoto[] = -{ - -1, 1, 48, 49, 102, 104, 130, 107, 240, 114, - 118, 122, 124, 125, 262, 252, 253, 109 -}; - -/* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing - STATE-NUM. */ -#define YYPACT_NINF -196 -static const yytype_int16 yypact[] = -{ - -196, 246, -196, 3, 13, 20, 11, 24, 21, 26, - 30, 45, 66, 67, 68, 69, 70, 71, 72, 76, - 73, -7, -5, 15, 78, 28, 32, 80, 79, 82, - 83, 91, 93, 94, 96, 97, 98, 38, 100, 101, - 102, 103, 104, 106, 107, 108, 111, 109, -196, -196, - -196, -66, 36, -196, 14, -196, 12, 22, 1, 46, - 46, 46, 25, 48, 46, 46, -196, 46, 46, -196, - 46, -196, 53, -196, 27, 46, -196, 55, -196, -196, - 46, 46, -196, -196, 46, -196, 46, 46, 56, 59, - -196, 60, 61, 62, 63, -196, 65, 77, 85, -196, - 86, -196, 114, -196, 115, -196, 120, 130, -196, -196, - 135, 136, -196, -11, 138, -196, -196, -196, 139, -196, - -196, -196, 143, -196, 145, -196, 147, 156, 47, -196, - 157, 162, 165, -196, 166, 168, -196, 170, -196, 174, - -196, 49, 52, 54, 137, 177, 178, 179, 181, 64, - 182, 183, 184, -196, 185, -196, -196, 186, 187, -196, - -196, 188, -196, 189, 190, 191, 192, -196, 193, 194, - 195, 196, -196, 197, 198, 199, -196, 200, -196, -196, - 133, -196, 2, 2, 48, -196, -196, -196, -196, -196, - -196, -196, 206, -196, -196, -196, -196, -196, -196, -196, - -196, 110, -196, 140, -196, 141, -196, 140, 144, -196, - -196, 146, 148, -196, 149, -196, -196, -196, -196, -196, - -196, -196, -196, -196, -196, -196, -196, -196, -196, -196, - -196, -196, -196, -196, -196, 202, -196, -196, -196, -196, - -196, -196, -196, -196, -196, -196, -196, -196, -196, 205, - -196, -196, -196, -196, -196, -196, -196, -196, -196, 207, - -196, -196, 210, -196, 212, -196, 215, 217, -196, -196, - 218, 219, -196, 221, -196, -196, -196, -196, -196, -196, - -196, -196, -196, -196, -196, -196, -196, 155, 158, -196, - -196, -196, 46, -196, -196, -196, -196, 204, 224, -196, - -196, -196, 225, -196, -196, -196, -196, 159, -196, -196, - 227, -196, -196, 161, 231, 167, -196 -}; - -/* YYPGOTO[NTERM-NUM]. */ -static const yytype_int16 yypgoto[] = -{ - -196, -196, -196, -196, -196, -196, -110, -196, 39, -196, - -196, -196, -9, -196, 42, -195, -33, -53 -}; - -/* YYTABLE[YYPACT[STATE-NUM]]. What to do in state STATE-NUM. If - positive, shift that token. If negative, reduce the rule which - number is the opposite. If zero, do what YYDEFACT says. - If YYTABLE_NINF, syntax error. */ -#define YYTABLE_NINF -1 -static const yytype_uint16 yytable[] = -{ - 105, 254, 255, 185, 184, 119, 120, 237, 68, 69, - 70, 71, 238, 133, 121, 110, 239, 101, 111, 50, - 112, 113, 108, 153, 278, 155, 156, 53, 51, 115, - 72, 73, 162, 116, 117, 52, 136, 55, 138, 54, - 140, 56, 172, 75, 76, 57, 176, 77, 78, 159, - 160, 126, 127, 89, 90, 131, 132, 167, 134, 135, - 58, 137, 192, 193, 201, 202, 152, 203, 204, 205, - 206, 157, 158, 129, 242, 161, 141, 163, 164, 212, - 213, 59, 60, 61, 62, 63, 64, 65, 67, 142, - 143, 144, 66, 74, 80, 300, 79, 81, 106, 82, - 145, 146, 147, 148, 149, 150, 151, 83, 84, 128, - 85, 86, 87, 88, 312, 91, 92, 93, 94, 103, - 95, 96, 97, 98, 100, 233, 234, 99, 236, 123, - 178, 179, 129, 243, 244, 245, 139, 180, 154, 165, - 250, 251, 166, 168, 169, 170, 181, 171, 173, 260, - 182, 183, 207, 265, 186, 187, 246, 247, 248, 188, - 174, 189, 274, 190, 276, 256, 257, 258, 175, 177, - 282, 263, 191, 194, 284, 285, 268, 269, 195, 286, - 272, 196, 197, 275, 198, 277, 199, 279, 280, 281, - 200, 283, 208, 259, 209, 210, 211, 214, 0, 215, - 216, 217, 218, 219, 220, 221, 222, 223, 224, 225, - 226, 227, 228, 229, 230, 231, 232, 235, 249, 287, - 288, 307, 241, 289, 261, 264, 290, 267, 291, 270, - 292, 271, 273, 293, 294, 295, 299, 296, 301, 297, - 308, 309, 298, 310, 313, 314, 2, 3, 315, 266, - 0, 316, 0, 0, 0, 311, 0, 0, 0, 0, - 303, 304, 305, 306, 4, 5, 0, 0, 6, 7, - 8, 9, 10, 11, 12, 13, 14, 0, 0, 0, - 0, 0, 0, 302, 15, 16, 17, 18, 19, 20, - 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, - 31, 32, 0, 33, 34, 35, 36, 37, 0, 0, - 0, 38, 39, 40, 41, 42, 43, 44, 45, 0, - 0, 0, 0, 0, 0, 0, 46, 47 -}; - -static const yytype_int16 yycheck[] = -{ - 53, 196, 197, 113, 15, 4, 5, 5, 15, 16, - 15, 16, 10, 66, 13, 3, 14, 83, 6, 16, - 8, 9, 55, 76, 219, 78, 79, 16, 15, 7, - 15, 16, 85, 11, 12, 15, 69, 16, 71, 15, - 73, 15, 95, 15, 16, 15, 99, 15, 16, 82, - 83, 60, 61, 15, 16, 64, 65, 90, 67, 68, - 15, 70, 15, 16, 15, 16, 75, 15, 16, 15, - 16, 80, 81, 84, 184, 84, 49, 86, 87, 15, - 16, 15, 15, 15, 15, 15, 15, 15, 15, 62, - 63, 64, 16, 15, 15, 290, 16, 15, 84, 16, - 73, 74, 75, 76, 77, 78, 79, 16, 15, 84, - 16, 15, 15, 15, 309, 15, 15, 15, 15, 83, - 16, 15, 15, 15, 15, 178, 179, 16, 181, 83, - 16, 16, 84, 186, 187, 188, 83, 17, 83, 83, - 193, 194, 83, 83, 83, 83, 16, 84, 83, 202, - 15, 15, 15, 206, 16, 16, 189, 190, 191, 16, - 83, 16, 215, 16, 217, 198, 199, 200, 83, 83, - 223, 204, 16, 16, 227, 228, 209, 210, 16, 232, - 213, 16, 16, 216, 16, 218, 16, 220, 221, 222, - 16, 224, 15, 83, 16, 16, 15, 15, -1, 16, - 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, - 16, 16, 16, 16, 16, 16, 16, 84, 12, 17, - 15, 17, 183, 16, 84, 84, 16, 83, 16, 83, - 15, 83, 83, 16, 16, 16, 289, 16, 291, 84, - 16, 16, 84, 84, 17, 84, 0, 1, 17, 207, - -1, 84, -1, -1, -1, 308, -1, -1, -1, -1, - 293, 294, 295, 296, 18, 19, -1, -1, 22, 23, - 24, 25, 26, 27, 28, 29, 30, -1, -1, -1, - -1, -1, -1, 292, 38, 39, 40, 41, 42, 43, - 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, - 54, 55, -1, 57, 58, 59, 60, 61, -1, -1, - -1, 65, 66, 67, 68, 69, 70, 71, 72, -1, - -1, -1, -1, -1, -1, -1, 80, 81 -}; - -/* YYSTOS[STATE-NUM] -- The (internal number of the) accessing - symbol of state STATE-NUM. */ -static const yytype_uint8 yystos[] = -{ - 0, 86, 0, 1, 18, 19, 22, 23, 24, 25, - 26, 27, 28, 29, 30, 38, 39, 40, 41, 42, - 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, - 53, 54, 55, 57, 58, 59, 60, 61, 65, 66, - 67, 68, 69, 70, 71, 72, 80, 81, 87, 88, - 16, 15, 15, 16, 15, 16, 15, 15, 15, 15, - 15, 15, 15, 15, 15, 15, 16, 15, 15, 16, - 15, 16, 15, 16, 15, 15, 16, 15, 16, 16, - 15, 15, 16, 16, 15, 16, 15, 15, 15, 15, - 16, 15, 15, 15, 15, 16, 15, 15, 15, 16, - 15, 83, 89, 83, 90, 102, 84, 92, 101, 102, - 3, 6, 8, 9, 94, 7, 11, 12, 95, 4, - 5, 13, 96, 83, 97, 98, 97, 97, 84, 84, - 91, 97, 97, 102, 97, 97, 101, 97, 101, 83, - 101, 49, 62, 63, 64, 73, 74, 75, 76, 77, - 78, 79, 97, 102, 83, 102, 102, 97, 97, 101, - 101, 97, 102, 97, 97, 83, 83, 101, 83, 83, - 83, 84, 102, 83, 83, 83, 102, 83, 16, 16, - 17, 16, 15, 15, 15, 91, 16, 16, 16, 16, - 16, 16, 15, 16, 16, 16, 16, 16, 16, 16, - 16, 15, 16, 15, 16, 15, 16, 15, 15, 16, - 16, 15, 15, 16, 15, 16, 16, 16, 16, 16, - 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, - 16, 16, 16, 102, 102, 84, 102, 5, 10, 14, - 93, 93, 91, 102, 102, 102, 101, 101, 101, 12, - 102, 102, 100, 101, 100, 100, 101, 101, 101, 83, - 102, 84, 99, 101, 84, 102, 99, 83, 101, 101, - 83, 83, 101, 83, 102, 101, 102, 101, 100, 101, - 101, 101, 102, 101, 102, 102, 102, 17, 15, 16, - 16, 16, 15, 16, 16, 16, 16, 84, 84, 102, - 100, 102, 97, 101, 101, 101, 101, 17, 16, 16, - 84, 102, 100, 17, 84, 17, 84 -}; - -#define yyerrok (yyerrstatus = 0) -#define yyclearin (yychar = YYEMPTY) -#define YYEMPTY (-2) -#define YYEOF 0 - -#define YYACCEPT goto yyacceptlab -#define YYABORT goto yyabortlab -#define YYERROR goto yyerrorlab - - -/* Like YYERROR except do call yyerror. This remains here temporarily - to ease the transition to the new meaning of YYERROR, for GCC. - Once GCC version 2 has supplanted version 1, this can go. */ - -#define YYFAIL goto yyerrlab - -#define YYRECOVERING() (!!yyerrstatus) - -#define YYBACKUP(Token, Value) \ -do \ - if (yychar == YYEMPTY && yylen == 1) \ - { \ - yychar = (Token); \ - yylval = (Value); \ - yytoken = YYTRANSLATE (yychar); \ - YYPOPSTACK (1); \ - goto yybackup; \ - } \ - else \ - { \ - yyerror (YY_("syntax error: cannot back up")); \ - YYERROR; \ - } \ -while (YYID (0)) - - -#define YYTERROR 1 -#define YYERRCODE 256 - - -/* YYLLOC_DEFAULT -- Set CURRENT to span from RHS[1] to RHS[N]. - If N is 0, then set CURRENT to the empty location which ends - the previous symbol: RHS[0] (always defined). */ - -#define YYRHSLOC(Rhs, K) ((Rhs)[K]) -#ifndef YYLLOC_DEFAULT -# define YYLLOC_DEFAULT(Current, Rhs, N) \ - do \ - if (YYID (N)) \ - { \ - (Current).first_line = YYRHSLOC (Rhs, 1).first_line; \ - (Current).first_column = YYRHSLOC (Rhs, 1).first_column; \ - (Current).last_line = YYRHSLOC (Rhs, N).last_line; \ - (Current).last_column = YYRHSLOC (Rhs, N).last_column; \ - } \ - else \ - { \ - (Current).first_line = (Current).last_line = \ - YYRHSLOC (Rhs, 0).last_line; \ - (Current).first_column = (Current).last_column = \ - YYRHSLOC (Rhs, 0).last_column; \ - } \ - while (YYID (0)) -#endif - - -/* YY_LOCATION_PRINT -- Print the location on the stream. - This macro was not mandated originally: define only if we know - we won't break user code: when these are the locations we know. */ - -#ifndef YY_LOCATION_PRINT -# if defined YYLTYPE_IS_TRIVIAL && YYLTYPE_IS_TRIVIAL -# define YY_LOCATION_PRINT(File, Loc) \ - fprintf (File, "%d.%d-%d.%d", \ - (Loc).first_line, (Loc).first_column, \ - (Loc).last_line, (Loc).last_column) -# else -# define YY_LOCATION_PRINT(File, Loc) ((void) 0) -# endif -#endif - - -/* YYLEX -- calling `yylex' with the right arguments. */ - -#ifdef YYLEX_PARAM -# define YYLEX yylex (YYLEX_PARAM) -#else -# define YYLEX yylex () -#endif - -/* Enable debugging if requested. */ -#if YYDEBUG - -# ifndef YYFPRINTF -# include /* INFRINGES ON USER NAME SPACE */ -# define YYFPRINTF fprintf -# endif - -# define YYDPRINTF(Args) \ -do { \ - if (yydebug) \ - YYFPRINTF Args; \ -} while (YYID (0)) - -# define YY_SYMBOL_PRINT(Title, Type, Value, Location) \ -do { \ - if (yydebug) \ - { \ - YYFPRINTF (stderr, "%s ", Title); \ - yy_symbol_print (stderr, \ - Type, Value); \ - YYFPRINTF (stderr, "\n"); \ - } \ -} while (YYID (0)) - - -/*--------------------------------. -| Print this symbol on YYOUTPUT. | -`--------------------------------*/ - -/*ARGSUSED*/ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yy_symbol_value_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep) -#else -static void -yy_symbol_value_print (yyoutput, yytype, yyvaluep) - FILE *yyoutput; - int yytype; - YYSTYPE const * const yyvaluep; -#endif -{ - if (!yyvaluep) - return; -# ifdef YYPRINT - if (yytype < YYNTOKENS) - YYPRINT (yyoutput, yytoknum[yytype], *yyvaluep); -# else - YYUSE (yyoutput); -# endif - switch (yytype) - { - default: - break; - } -} - - -/*--------------------------------. -| Print this symbol on YYOUTPUT. | -`--------------------------------*/ - -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yy_symbol_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep) -#else -static void -yy_symbol_print (yyoutput, yytype, yyvaluep) - FILE *yyoutput; - int yytype; - YYSTYPE const * const yyvaluep; -#endif -{ - if (yytype < YYNTOKENS) - YYFPRINTF (yyoutput, "token %s (", yytname[yytype]); - else - YYFPRINTF (yyoutput, "nterm %s (", yytname[yytype]); - - yy_symbol_value_print (yyoutput, yytype, yyvaluep); - YYFPRINTF (yyoutput, ")"); -} - -/*------------------------------------------------------------------. -| yy_stack_print -- Print the state stack from its BOTTOM up to its | -| TOP (included). | -`------------------------------------------------------------------*/ - -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yy_stack_print (yytype_int16 *bottom, yytype_int16 *top) -#else -static void -yy_stack_print (bottom, top) - yytype_int16 *bottom; - yytype_int16 *top; -#endif -{ - YYFPRINTF (stderr, "Stack now"); - for (; bottom <= top; ++bottom) - YYFPRINTF (stderr, " %d", *bottom); - YYFPRINTF (stderr, "\n"); -} - -# define YY_STACK_PRINT(Bottom, Top) \ -do { \ - if (yydebug) \ - yy_stack_print ((Bottom), (Top)); \ -} while (YYID (0)) - - -/*------------------------------------------------. -| Report that the YYRULE is going to be reduced. | -`------------------------------------------------*/ - -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yy_reduce_print (YYSTYPE *yyvsp, int yyrule) -#else -static void -yy_reduce_print (yyvsp, yyrule) - YYSTYPE *yyvsp; - int yyrule; -#endif -{ - int yynrhs = yyr2[yyrule]; - int yyi; - unsigned long int yylno = yyrline[yyrule]; - YYFPRINTF (stderr, "Reducing stack by rule %d (line %lu):\n", - yyrule - 1, yylno); - /* The symbols being reduced. */ - for (yyi = 0; yyi < yynrhs; yyi++) - { - fprintf (stderr, " $%d = ", yyi + 1); - yy_symbol_print (stderr, yyrhs[yyprhs[yyrule] + yyi], - &(yyvsp[(yyi + 1) - (yynrhs)]) - ); - fprintf (stderr, "\n"); - } -} - -# define YY_REDUCE_PRINT(Rule) \ -do { \ - if (yydebug) \ - yy_reduce_print (yyvsp, Rule); \ -} while (YYID (0)) - -/* Nonzero means print parse trace. It is left uninitialized so that - multiple parsers can coexist. */ -int yydebug; -#else /* !YYDEBUG */ -# define YYDPRINTF(Args) -# define YY_SYMBOL_PRINT(Title, Type, Value, Location) -# define YY_STACK_PRINT(Bottom, Top) -# define YY_REDUCE_PRINT(Rule) -#endif /* !YYDEBUG */ - - -/* YYINITDEPTH -- initial size of the parser's stacks. */ -#ifndef YYINITDEPTH -# define YYINITDEPTH 200 -#endif - -/* YYMAXDEPTH -- maximum size the stacks can grow to (effective only - if the built-in stack extension method is used). - - Do not make this value too large; the results are undefined if - YYSTACK_ALLOC_MAXIMUM < YYSTACK_BYTES (YYMAXDEPTH) - evaluated with infinite-precision integer arithmetic. */ - -#ifndef YYMAXDEPTH -# define YYMAXDEPTH 10000 -#endif - - - -#if YYERROR_VERBOSE - -# ifndef yystrlen -# if defined __GLIBC__ && defined _STRING_H -# define yystrlen strlen -# else -/* Return the length of YYSTR. */ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static YYSIZE_T -yystrlen (const char *yystr) -#else -static YYSIZE_T -yystrlen (yystr) - const char *yystr; -#endif -{ - YYSIZE_T yylen; - for (yylen = 0; yystr[yylen]; yylen++) - continue; - return yylen; -} -# endif -# endif - -# ifndef yystpcpy -# if defined __GLIBC__ && defined _STRING_H && defined _GNU_SOURCE -# define yystpcpy stpcpy -# else -/* Copy YYSRC to YYDEST, returning the address of the terminating '\0' in - YYDEST. */ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static char * -yystpcpy (char *yydest, const char *yysrc) -#else -static char * -yystpcpy (yydest, yysrc) - char *yydest; - const char *yysrc; -#endif -{ - char *yyd = yydest; - const char *yys = yysrc; - - while ((*yyd++ = *yys++) != '\0') - continue; - - return yyd - 1; -} -# endif -# endif - -# ifndef yytnamerr -/* Copy to YYRES the contents of YYSTR after stripping away unnecessary - quotes and backslashes, so that it's suitable for yyerror. The - heuristic is that double-quoting is unnecessary unless the string - contains an apostrophe, a comma, or backslash (other than - backslash-backslash). YYSTR is taken from yytname. If YYRES is - null, do not copy; instead, return the length of what the result - would have been. */ -static YYSIZE_T -yytnamerr (char *yyres, const char *yystr) -{ - if (*yystr == '"') - { - YYSIZE_T yyn = 0; - char const *yyp = yystr; - - for (;;) - switch (*++yyp) - { - case '\'': - case ',': - goto do_not_strip_quotes; - - case '\\': - if (*++yyp != '\\') - goto do_not_strip_quotes; - /* Fall through. */ - default: - if (yyres) - yyres[yyn] = *yyp; - yyn++; - break; - - case '"': - if (yyres) - yyres[yyn] = '\0'; - return yyn; - } - do_not_strip_quotes: ; - } - - if (! yyres) - return yystrlen (yystr); - - return yystpcpy (yyres, yystr) - yyres; -} -# endif - -/* Copy into YYRESULT an error message about the unexpected token - YYCHAR while in state YYSTATE. Return the number of bytes copied, - including the terminating null byte. If YYRESULT is null, do not - copy anything; just return the number of bytes that would be - copied. As a special case, return 0 if an ordinary "syntax error" - message will do. Return YYSIZE_MAXIMUM if overflow occurs during - size calculation. */ -static YYSIZE_T -yysyntax_error (char *yyresult, int yystate, int yychar) -{ - int yyn = yypact[yystate]; - - if (! (YYPACT_NINF < yyn && yyn <= YYLAST)) - return 0; - else - { - int yytype = YYTRANSLATE (yychar); - YYSIZE_T yysize0 = yytnamerr (0, yytname[yytype]); - YYSIZE_T yysize = yysize0; - YYSIZE_T yysize1; - int yysize_overflow = 0; - enum { YYERROR_VERBOSE_ARGS_MAXIMUM = 5 }; - char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM]; - int yyx; - -# if 0 - /* This is so xgettext sees the translatable formats that are - constructed on the fly. */ - YY_("syntax error, unexpected %s"); - YY_("syntax error, unexpected %s, expecting %s"); - YY_("syntax error, unexpected %s, expecting %s or %s"); - YY_("syntax error, unexpected %s, expecting %s or %s or %s"); - YY_("syntax error, unexpected %s, expecting %s or %s or %s or %s"); -# endif - char *yyfmt; - char const *yyf; - static char const yyunexpected[] = "syntax error, unexpected %s"; - static char const yyexpecting[] = ", expecting %s"; - static char const yyor[] = " or %s"; - char yyformat[sizeof yyunexpected - + sizeof yyexpecting - 1 - + ((YYERROR_VERBOSE_ARGS_MAXIMUM - 2) - * (sizeof yyor - 1))]; - char const *yyprefix = yyexpecting; - - /* Start YYX at -YYN if negative to avoid negative indexes in - YYCHECK. */ - int yyxbegin = yyn < 0 ? -yyn : 0; - - /* Stay within bounds of both yycheck and yytname. */ - int yychecklim = YYLAST - yyn + 1; - int yyxend = yychecklim < YYNTOKENS ? yychecklim : YYNTOKENS; - int yycount = 1; - - yyarg[0] = yytname[yytype]; - yyfmt = yystpcpy (yyformat, yyunexpected); - - for (yyx = yyxbegin; yyx < yyxend; ++yyx) - if (yycheck[yyx + yyn] == yyx && yyx != YYTERROR) - { - if (yycount == YYERROR_VERBOSE_ARGS_MAXIMUM) - { - yycount = 1; - yysize = yysize0; - yyformat[sizeof yyunexpected - 1] = '\0'; - break; - } - yyarg[yycount++] = yytname[yyx]; - yysize1 = yysize + yytnamerr (0, yytname[yyx]); - yysize_overflow |= (yysize1 < yysize); - yysize = yysize1; - yyfmt = yystpcpy (yyfmt, yyprefix); - yyprefix = yyor; - } - - yyf = YY_(yyformat); - yysize1 = yysize + yystrlen (yyf); - yysize_overflow |= (yysize1 < yysize); - yysize = yysize1; - - if (yysize_overflow) - return YYSIZE_MAXIMUM; - - if (yyresult) - { - /* Avoid sprintf, as that infringes on the user's name space. - Don't have undefined behavior even if the translation - produced a string with the wrong number of "%s"s. */ - char *yyp = yyresult; - int yyi = 0; - while ((*yyp = *yyf) != '\0') - { - if (*yyp == '%' && yyf[1] == 's' && yyi < yycount) - { - yyp += yytnamerr (yyp, yyarg[yyi++]); - yyf += 2; - } - else - { - yyp++; - yyf++; - } - } - } - return yysize; - } -} -#endif /* YYERROR_VERBOSE */ - - -/*-----------------------------------------------. -| Release the memory associated to this symbol. | -`-----------------------------------------------*/ - -/*ARGSUSED*/ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yydestruct (const char *yymsg, int yytype, YYSTYPE *yyvaluep) -#else -static void -yydestruct (yymsg, yytype, yyvaluep) - const char *yymsg; - int yytype; - YYSTYPE *yyvaluep; -#endif -{ - YYUSE (yyvaluep); - - if (!yymsg) - yymsg = "Deleting"; - YY_SYMBOL_PRINT (yymsg, yytype, yyvaluep, yylocationp); - - switch (yytype) - { - - default: - break; - } -} - - -/* Prevent warnings from -Wmissing-prototypes. */ - -#ifdef YYPARSE_PARAM -#if defined __STDC__ || defined __cplusplus -int yyparse (void *YYPARSE_PARAM); -#else -int yyparse (); -#endif -#else /* ! YYPARSE_PARAM */ -#if defined __STDC__ || defined __cplusplus -int yyparse (void); -#else -int yyparse (); -#endif -#endif /* ! YYPARSE_PARAM */ - - - -/* The look-ahead symbol. */ -int yychar; - -/* The semantic value of the look-ahead symbol. */ -YYSTYPE yylval; - -/* Number of syntax errors so far. */ -int yynerrs; - - - -/*----------. -| yyparse. | -`----------*/ - -#ifdef YYPARSE_PARAM -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -int -yyparse (void *YYPARSE_PARAM) -#else -int -yyparse (YYPARSE_PARAM) - void *YYPARSE_PARAM; -#endif -#else /* ! YYPARSE_PARAM */ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -int -yyparse (void) -#else -int -yyparse () - -#endif -#endif -{ - - int yystate; - int yyn; - int yyresult; - /* Number of tokens to shift before error messages enabled. */ - int yyerrstatus; - /* Look-ahead token as an internal (translated) token number. */ - int yytoken = 0; -#if YYERROR_VERBOSE - /* Buffer for error messages, and its allocated size. */ - char yymsgbuf[128]; - char *yymsg = yymsgbuf; - YYSIZE_T yymsg_alloc = sizeof yymsgbuf; -#endif - - /* Three stacks and their tools: - `yyss': related to states, - `yyvs': related to semantic values, - `yyls': related to locations. - - Refer to the stacks thru separate pointers, to allow yyoverflow - to reallocate them elsewhere. */ - - /* The state stack. */ - yytype_int16 yyssa[YYINITDEPTH]; - yytype_int16 *yyss = yyssa; - yytype_int16 *yyssp; - - /* The semantic value stack. */ - YYSTYPE yyvsa[YYINITDEPTH]; - YYSTYPE *yyvs = yyvsa; - YYSTYPE *yyvsp; - - - -#define YYPOPSTACK(N) (yyvsp -= (N), yyssp -= (N)) - - YYSIZE_T yystacksize = YYINITDEPTH; - - /* The variables used to return semantic value and location from the - action routines. */ - YYSTYPE yyval; - - - /* The number of symbols on the RHS of the reduced rule. - Keep to zero when no symbol should be popped. */ - int yylen = 0; - - YYDPRINTF ((stderr, "Starting parse\n")); - - yystate = 0; - yyerrstatus = 0; - yynerrs = 0; - yychar = YYEMPTY; /* Cause a token to be read. */ - - /* Initialize stack pointers. - Waste one element of value and location stack - so that they stay on the same level as the state stack. - The wasted elements are never initialized. */ - - yyssp = yyss; - yyvsp = yyvs; - - goto yysetstate; - -/*------------------------------------------------------------. -| yynewstate -- Push a new state, which is found in yystate. | -`------------------------------------------------------------*/ - yynewstate: - /* In all cases, when you get here, the value and location stacks - have just been pushed. So pushing a state here evens the stacks. */ - yyssp++; - - yysetstate: - *yyssp = yystate; - - if (yyss + yystacksize - 1 <= yyssp) - { - /* Get the current used size of the three stacks, in elements. */ - YYSIZE_T yysize = yyssp - yyss + 1; - -#ifdef yyoverflow - { - /* Give user a chance to reallocate the stack. Use copies of - these so that the &'s don't force the real ones into - memory. */ - YYSTYPE *yyvs1 = yyvs; - yytype_int16 *yyss1 = yyss; - - - /* Each stack pointer address is followed by the size of the - data in use in that stack, in bytes. This used to be a - conditional around just the two extra args, but that might - be undefined if yyoverflow is a macro. */ - yyoverflow (YY_("memory exhausted"), - &yyss1, yysize * sizeof (*yyssp), - &yyvs1, yysize * sizeof (*yyvsp), - - &yystacksize); - - yyss = yyss1; - yyvs = yyvs1; - } -#else /* no yyoverflow */ -# ifndef YYSTACK_RELOCATE - goto yyexhaustedlab; -# else - /* Extend the stack our own way. */ - if (YYMAXDEPTH <= yystacksize) - goto yyexhaustedlab; - yystacksize *= 2; - if (YYMAXDEPTH < yystacksize) - yystacksize = YYMAXDEPTH; - - { - yytype_int16 *yyss1 = yyss; - union yyalloc *yyptr = - (union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize)); - if (! yyptr) - goto yyexhaustedlab; - YYSTACK_RELOCATE (yyss); - YYSTACK_RELOCATE (yyvs); - -# undef YYSTACK_RELOCATE - if (yyss1 != yyssa) - YYSTACK_FREE (yyss1); - } -# endif -#endif /* no yyoverflow */ - - yyssp = yyss + yysize - 1; - yyvsp = yyvs + yysize - 1; - - - YYDPRINTF ((stderr, "Stack size increased to %lu\n", - (unsigned long int) yystacksize)); - - if (yyss + yystacksize - 1 <= yyssp) - YYABORT; - } - - YYDPRINTF ((stderr, "Entering state %d\n", yystate)); - - goto yybackup; - -/*-----------. -| yybackup. | -`-----------*/ -yybackup: - - /* Do appropriate processing given the current state. Read a - look-ahead token if we need one and don't already have one. */ - - /* First try to decide what to do without reference to look-ahead token. */ - yyn = yypact[yystate]; - if (yyn == YYPACT_NINF) - goto yydefault; - - /* Not known => get a look-ahead token if don't already have one. */ - - /* YYCHAR is either YYEMPTY or YYEOF or a valid look-ahead symbol. */ - if (yychar == YYEMPTY) - { - YYDPRINTF ((stderr, "Reading a token: ")); - yychar = YYLEX; - } - - if (yychar <= YYEOF) - { - yychar = yytoken = YYEOF; - YYDPRINTF ((stderr, "Now at end of input.\n")); - } - else - { - yytoken = YYTRANSLATE (yychar); - YY_SYMBOL_PRINT ("Next token is", yytoken, &yylval, &yylloc); - } - - /* If the proper action on seeing token YYTOKEN is to reduce or to - detect an error, take that action. */ - yyn += yytoken; - if (yyn < 0 || YYLAST < yyn || yycheck[yyn] != yytoken) - goto yydefault; - yyn = yytable[yyn]; - if (yyn <= 0) - { - if (yyn == 0 || yyn == YYTABLE_NINF) - goto yyerrlab; - yyn = -yyn; - goto yyreduce; - } - - if (yyn == YYFINAL) - YYACCEPT; - - /* Count tokens shifted since error; after three, turn off error - status. */ - if (yyerrstatus) - yyerrstatus--; - - /* Shift the look-ahead token. */ - YY_SYMBOL_PRINT ("Shifting", yytoken, &yylval, &yylloc); - - /* Discard the shifted token unless it is eof. */ - if (yychar != YYEOF) - yychar = YYEMPTY; - - yystate = yyn; - *++yyvsp = yylval; - - goto yynewstate; - - -/*-----------------------------------------------------------. -| yydefault -- do the default action for the current state. | -`-----------------------------------------------------------*/ -yydefault: - yyn = yydefact[yystate]; - if (yyn == 0) - goto yyerrlab; - goto yyreduce; - - -/*-----------------------------. -| yyreduce -- Do a reduction. | -`-----------------------------*/ -yyreduce: - /* yyn is the number of a rule to reduce with. */ - yylen = yyr2[yyn]; - - /* If YYLEN is nonzero, implement the default value of the action: - `$$ = $1'. - - Otherwise, the following line sets YYVAL to garbage. - This behavior is undocumented and Bison - users should not rely upon it. Assigning to YYVAL - unconditionally makes the parser a bit smaller, and it avoids a - GCC warning that YYVAL may be used uninitialized. */ - yyval = yyvsp[1-yylen]; - - - YY_REDUCE_PRINT (yyn); - switch (yyn) - { - case 3: -#line 132 "ftpcmd.y" - { - fromname = (char *) 0; - restart_point = (off_t) 0; - } - break; - - case 5: -#line 141 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i)) - user((yyvsp[(3) - (5)].s)); - free((yyvsp[(3) - (5)].s)); - } - break; - - case 6: -#line 147 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i)) - pass((yyvsp[(3) - (5)].s)); - memset ((yyvsp[(3) - (5)].s), 0, strlen((yyvsp[(3) - (5)].s))); - free((yyvsp[(3) - (5)].s)); - } - break; - - case 7: -#line 154 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i)) { - usedefault = 0; - if (pdata >= 0) { - close(pdata); - pdata = -1; - } - reply(200, "PORT command successful."); - } - } - break; - - case 8: -#line 165 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i)) - eprt ((yyvsp[(3) - (5)].s)); - free ((yyvsp[(3) - (5)].s)); - } - break; - - case 9: -#line 171 "ftpcmd.y" - { - if((yyvsp[(3) - (3)].i)) - pasv (); - } - break; - - case 10: -#line 176 "ftpcmd.y" - { - if((yyvsp[(3) - (3)].i)) - epsv (NULL); - } - break; - - case 11: -#line 181 "ftpcmd.y" - { - if((yyvsp[(5) - (5)].i)) - epsv ((yyvsp[(3) - (5)].s)); - free ((yyvsp[(3) - (5)].s)); - } - break; - - case 12: -#line 187 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i)) { - switch (cmd_type) { - - case TYPE_A: - if (cmd_form == FORM_N) { - reply(200, "Type set to A."); - type = cmd_type; - form = cmd_form; - } else - reply(504, "Form must be N."); - break; - - case TYPE_E: - reply(504, "Type E not implemented."); - break; - - case TYPE_I: - reply(200, "Type set to I."); - type = cmd_type; - break; - - case TYPE_L: -#if NBBY == 8 - if (cmd_bytesz == 8) { - reply(200, - "Type set to L (byte size 8)."); - type = cmd_type; - } else - reply(504, "Byte size must be 8."); -#else /* NBBY == 8 */ - UNIMPLEMENTED for NBBY != 8 -#endif /* NBBY == 8 */ - } - } - } - break; - - case 13: -#line 224 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i)) { - switch ((yyvsp[(3) - (5)].i)) { - - case STRU_F: - reply(200, "STRU F ok."); - break; - - default: - reply(504, "Unimplemented STRU type."); - } - } - } - break; - - case 14: -#line 238 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i)) { - switch ((yyvsp[(3) - (5)].i)) { - - case MODE_S: - reply(200, "MODE S ok."); - break; - - default: - reply(502, "Unimplemented MODE type."); - } - } - } - break; - - case 15: -#line 252 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i)) { - reply(202, "ALLO command ignored."); - } - } - break; - - case 16: -#line 258 "ftpcmd.y" - { - if ((yyvsp[(9) - (9)].i)) { - reply(202, "ALLO command ignored."); - } - } - break; - - case 17: -#line 264 "ftpcmd.y" - { - char *name = (yyvsp[(3) - (5)].s); - - if ((yyvsp[(5) - (5)].i) && name != NULL) - retrieve(0, name); - if (name != NULL) - free(name); - } - break; - - case 18: -#line 273 "ftpcmd.y" - { - char *name = (yyvsp[(3) - (5)].s); - - if ((yyvsp[(5) - (5)].i) && name != NULL) - do_store(name, "w", 0); - if (name != NULL) - free(name); - } - break; - - case 19: -#line 282 "ftpcmd.y" - { - char *name = (yyvsp[(3) - (5)].s); - - if ((yyvsp[(5) - (5)].i) && name != NULL) - do_store(name, "a", 0); - if (name != NULL) - free(name); - } - break; - - case 20: -#line 291 "ftpcmd.y" - { - if ((yyvsp[(3) - (3)].i)) - send_file_list("."); - } - break; - - case 21: -#line 296 "ftpcmd.y" - { - char *name = (yyvsp[(3) - (5)].s); - - if ((yyvsp[(5) - (5)].i) && name != NULL) - send_file_list(name); - if (name != NULL) - free(name); - } - break; - - case 22: -#line 305 "ftpcmd.y" - { - if((yyvsp[(3) - (3)].i)) - list_file("."); - } - break; - - case 23: -#line 310 "ftpcmd.y" - { - if((yyvsp[(5) - (5)].i)) - list_file((yyvsp[(3) - (5)].s)); - free((yyvsp[(3) - (5)].s)); - } - break; - - case 24: -#line 316 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i) && (yyvsp[(3) - (5)].s) != NULL) - statfilecmd((yyvsp[(3) - (5)].s)); - if ((yyvsp[(3) - (5)].s) != NULL) - free((yyvsp[(3) - (5)].s)); - } - break; - - case 25: -#line 323 "ftpcmd.y" - { - if ((yyvsp[(3) - (3)].i)) - statcmd(); - } - break; - - case 26: -#line 328 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i) && (yyvsp[(3) - (5)].s) != NULL) - do_delete((yyvsp[(3) - (5)].s)); - if ((yyvsp[(3) - (5)].s) != NULL) - free((yyvsp[(3) - (5)].s)); - } - break; - - case 27: -#line 335 "ftpcmd.y" - { - if((yyvsp[(5) - (5)].i)){ - if (fromname) { - renamecmd(fromname, (yyvsp[(3) - (5)].s)); - free(fromname); - fromname = (char *) 0; - } else { - reply(503, "Bad sequence of commands."); - } - } - if ((yyvsp[(3) - (5)].s) != NULL) - free((yyvsp[(3) - (5)].s)); - } - break; - - case 28: -#line 349 "ftpcmd.y" - { - if ((yyvsp[(3) - (3)].i)) - reply(225, "ABOR command successful."); - } - break; - - case 29: -#line 354 "ftpcmd.y" - { - if ((yyvsp[(3) - (3)].i)) - cwd(pw->pw_dir); - } - break; - - case 30: -#line 359 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i) && (yyvsp[(3) - (5)].s) != NULL) - cwd((yyvsp[(3) - (5)].s)); - if ((yyvsp[(3) - (5)].s) != NULL) - free((yyvsp[(3) - (5)].s)); - } - break; - - case 31: -#line 366 "ftpcmd.y" - { - if ((yyvsp[(3) - (3)].i)) - help(cmdtab, (char *) 0); - } - break; - - case 32: -#line 371 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i)) { - char *cp = (yyvsp[(3) - (5)].s); - - if (strncasecmp(cp, "SITE", 4) == 0) { - cp = (yyvsp[(3) - (5)].s) + 4; - if (*cp == ' ') - cp++; - if (*cp) - help(sitetab, cp); - else - help(sitetab, (char *) 0); - } else - help(cmdtab, (yyvsp[(3) - (5)].s)); - } - } - break; - - case 33: -#line 388 "ftpcmd.y" - { - if ((yyvsp[(3) - (3)].i)) - reply(200, "NOOP command successful."); - } - break; - - case 34: -#line 393 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i) && (yyvsp[(3) - (5)].s) != NULL) - makedir((yyvsp[(3) - (5)].s)); - if ((yyvsp[(3) - (5)].s) != NULL) - free((yyvsp[(3) - (5)].s)); - } - break; - - case 35: -#line 400 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i) && (yyvsp[(3) - (5)].s) != NULL) - removedir((yyvsp[(3) - (5)].s)); - if ((yyvsp[(3) - (5)].s) != NULL) - free((yyvsp[(3) - (5)].s)); - } - break; - - case 36: -#line 407 "ftpcmd.y" - { - if ((yyvsp[(3) - (3)].i)) - pwd(); - } - break; - - case 37: -#line 412 "ftpcmd.y" - { - if ((yyvsp[(3) - (3)].i)) - cwd(".."); - } - break; - - case 38: -#line 417 "ftpcmd.y" - { - if ((yyvsp[(3) - (3)].i)) { - lreply(211, "Supported features:"); - lreply(0, " MDTM"); - lreply(0, " REST STREAM"); - lreply(0, " SIZE"); - reply(211, "End"); - } - } - break; - - case 39: -#line 427 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i)) - reply(501, "Bad options"); - free ((yyvsp[(3) - (5)].s)); - } - break; - - case 40: -#line 434 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i)) - help(sitetab, (char *) 0); - } - break; - - case 41: -#line 439 "ftpcmd.y" - { - if ((yyvsp[(7) - (7)].i)) - help(sitetab, (yyvsp[(5) - (7)].s)); - } - break; - - case 42: -#line 444 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i)) { - int oldmask = umask(0); - umask(oldmask); - reply(200, "Current UMASK is %03o", oldmask); - } - } - break; - - case 43: -#line 452 "ftpcmd.y" - { - if ((yyvsp[(7) - (7)].i)) { - if (((yyvsp[(5) - (7)].i) == -1) || ((yyvsp[(5) - (7)].i) > 0777)) { - reply(501, "Bad UMASK value"); - } else { - int oldmask = umask((yyvsp[(5) - (7)].i)); - reply(200, - "UMASK set to %03o (was %03o)", - (yyvsp[(5) - (7)].i), oldmask); - } - } - } - break; - - case 44: -#line 465 "ftpcmd.y" - { - if ((yyvsp[(9) - (9)].i) && (yyvsp[(7) - (9)].s) != NULL) { - if ((yyvsp[(5) - (9)].i) > 0777) - reply(501, - "CHMOD: Mode value must be between 0 and 0777"); - else if (chmod((yyvsp[(7) - (9)].s), (yyvsp[(5) - (9)].i)) < 0) - perror_reply(550, (yyvsp[(7) - (9)].s)); - else - reply(200, "CHMOD command successful."); - } - if ((yyvsp[(7) - (9)].s) != NULL) - free((yyvsp[(7) - (9)].s)); - } - break; - - case 45: -#line 479 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i)) - reply(200, - "Current IDLE time limit is %d seconds; max %d", - ftpd_timeout, maxtimeout); - } - break; - - case 46: -#line 486 "ftpcmd.y" - { - if ((yyvsp[(7) - (7)].i)) { - if ((yyvsp[(5) - (7)].i) < 30 || (yyvsp[(5) - (7)].i) > maxtimeout) { - reply(501, - "Maximum IDLE time must be between 30 and %d seconds", - maxtimeout); - } else { - ftpd_timeout = (yyvsp[(5) - (7)].i); - alarm((unsigned) ftpd_timeout); - reply(200, - "Maximum IDLE time set to %d seconds", - ftpd_timeout); - } - } - } - break; - - case 47: -#line 503 "ftpcmd.y" - { -#ifdef KRB4 - char *p; - - if(guest) - reply(500, "Can't be done as guest."); - else{ - if((yyvsp[(7) - (7)].i) && (yyvsp[(5) - (7)].s) != NULL){ - p = strpbrk((yyvsp[(5) - (7)].s), " \t"); - if(p){ - *p++ = 0; - kauth((yyvsp[(5) - (7)].s), p + strspn(p, " \t")); - }else - kauth((yyvsp[(5) - (7)].s), NULL); - } - } - if((yyvsp[(5) - (7)].s) != NULL) - free((yyvsp[(5) - (7)].s)); -#else - reply(500, "Command not implemented."); -#endif - } - break; - - case 48: -#line 526 "ftpcmd.y" - { - if((yyvsp[(5) - (5)].i)) - klist(); - } - break; - - case 49: -#line 531 "ftpcmd.y" - { -#ifdef KRB4 - if((yyvsp[(5) - (5)].i)) - kdestroy(); -#else - reply(500, "Command not implemented."); -#endif - } - break; - - case 50: -#line 540 "ftpcmd.y" - { -#ifdef KRB4 - if(guest) - reply(500, "Can't be done as guest."); - else if((yyvsp[(7) - (7)].i) && (yyvsp[(5) - (7)].s)) - krbtkfile((yyvsp[(5) - (7)].s)); - if((yyvsp[(5) - (7)].s)) - free((yyvsp[(5) - (7)].s)); -#else - reply(500, "Command not implemented."); -#endif - } - break; - - case 51: -#line 553 "ftpcmd.y" - { -#if defined(KRB4) || defined(KRB5) - if(guest) - reply(500, "Can't be done as guest."); - else if((yyvsp[(5) - (5)].i)) - afslog(NULL, 0); -#else - reply(500, "Command not implemented."); -#endif - } - break; - - case 52: -#line 564 "ftpcmd.y" - { -#if defined(KRB4) || defined(KRB5) - if(guest) - reply(500, "Can't be done as guest."); - else if((yyvsp[(7) - (7)].i)) - afslog((yyvsp[(5) - (7)].s), 0); - if((yyvsp[(5) - (7)].s)) - free((yyvsp[(5) - (7)].s)); -#else - reply(500, "Command not implemented."); -#endif - } - break; - - case 53: -#line 577 "ftpcmd.y" - { - if((yyvsp[(7) - (7)].i) && (yyvsp[(5) - (7)].s) != NULL) - find((yyvsp[(5) - (7)].s)); - if((yyvsp[(5) - (7)].s) != NULL) - free((yyvsp[(5) - (7)].s)); - } - break; - - case 54: -#line 584 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i)) - reply(200, "http://www.pdc.kth.se/heimdal/"); - } - break; - - case 55: -#line 589 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i) && (yyvsp[(3) - (5)].s) != NULL) - do_store((yyvsp[(3) - (5)].s), "w", 1); - if ((yyvsp[(3) - (5)].s) != NULL) - free((yyvsp[(3) - (5)].s)); - } - break; - - case 56: -#line 596 "ftpcmd.y" - { - if ((yyvsp[(3) - (3)].i)) { -#if !defined(WIN32) && !defined(__EMX__) && !defined(__OS2__) && !defined(__CYGWIN32__) - reply(215, "UNIX Type: L%d", NBBY); -#else - reply(215, "UNKNOWN Type: L%d", NBBY); -#endif - } - } - break; - - case 57: -#line 614 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i) && (yyvsp[(3) - (5)].s) != NULL) - sizecmd((yyvsp[(3) - (5)].s)); - if ((yyvsp[(3) - (5)].s) != NULL) - free((yyvsp[(3) - (5)].s)); - } - break; - - case 58: -#line 631 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i) && (yyvsp[(3) - (5)].s) != NULL) { - struct stat stbuf; - if (stat((yyvsp[(3) - (5)].s), &stbuf) < 0) - reply(550, "%s: %s", - (yyvsp[(3) - (5)].s), strerror(errno)); - else if (!S_ISREG(stbuf.st_mode)) { - reply(550, - "%s: not a plain file.", (yyvsp[(3) - (5)].s)); - } else { - struct tm *t; - time_t mtime = stbuf.st_mtime; - - t = gmtime(&mtime); - reply(213, - "%04d%02d%02d%02d%02d%02d", - t->tm_year + 1900, - t->tm_mon + 1, - t->tm_mday, - t->tm_hour, - t->tm_min, - t->tm_sec); - } - } - if ((yyvsp[(3) - (5)].s) != NULL) - free((yyvsp[(3) - (5)].s)); - } - break; - - case 59: -#line 659 "ftpcmd.y" - { - if ((yyvsp[(3) - (3)].i)) { - reply(221, "Goodbye."); - dologout(0); - } - } - break; - - case 60: -#line 666 "ftpcmd.y" - { - yyerrok; - } - break; - - case 61: -#line 672 "ftpcmd.y" - { - restart_point = (off_t) 0; - if ((yyvsp[(5) - (5)].i) && (yyvsp[(3) - (5)].s)) { - fromname = renamefrom((yyvsp[(3) - (5)].s)); - if (fromname == (char *) 0 && (yyvsp[(3) - (5)].s)) { - free((yyvsp[(3) - (5)].s)); - } - } - } - break; - - case 62: -#line 682 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i)) { - fromname = (char *) 0; - restart_point = (yyvsp[(3) - (5)].i); /* XXX $3 is only "int" */ - reply(350, "Restarting at %ld. %s", - (long)restart_point, - "Send STORE or RETRIEVE to initiate transfer."); - } - } - break; - - case 63: -#line 692 "ftpcmd.y" - { - auth((yyvsp[(3) - (4)].s)); - free((yyvsp[(3) - (4)].s)); - } - break; - - case 64: -#line 697 "ftpcmd.y" - { - adat((yyvsp[(3) - (4)].s)); - free((yyvsp[(3) - (4)].s)); - } - break; - - case 65: -#line 702 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i)) - pbsz((yyvsp[(3) - (5)].i)); - } - break; - - case 66: -#line 707 "ftpcmd.y" - { - if ((yyvsp[(5) - (5)].i)) - prot((yyvsp[(3) - (5)].s)); - } - break; - - case 67: -#line 712 "ftpcmd.y" - { - if ((yyvsp[(3) - (3)].i)) - ccc(); - } - break; - - case 68: -#line 717 "ftpcmd.y" - { - mec((yyvsp[(3) - (4)].s), prot_safe); - free((yyvsp[(3) - (4)].s)); - } - break; - - case 69: -#line 722 "ftpcmd.y" - { - mec((yyvsp[(3) - (4)].s), prot_confidential); - free((yyvsp[(3) - (4)].s)); - } - break; - - case 70: -#line 727 "ftpcmd.y" - { - mec((yyvsp[(3) - (4)].s), prot_private); - free((yyvsp[(3) - (4)].s)); - } - break; - - case 72: -#line 739 "ftpcmd.y" - { - (yyval.s) = (char *)calloc(1, sizeof(char)); - } - break; - - case 75: -#line 752 "ftpcmd.y" - { - struct sockaddr_in *sin4 = (struct sockaddr_in *)data_dest; - - sin4->sin_family = AF_INET; - sin4->sin_port = htons((yyvsp[(9) - (11)].i) * 256 + (yyvsp[(11) - (11)].i)); - sin4->sin_addr.s_addr = - htonl(((yyvsp[(1) - (11)].i) << 24) | ((yyvsp[(3) - (11)].i) << 16) | ((yyvsp[(5) - (11)].i) << 8) | (yyvsp[(7) - (11)].i)); - } - break; - - case 76: -#line 764 "ftpcmd.y" - { - (yyval.i) = FORM_N; - } - break; - - case 77: -#line 768 "ftpcmd.y" - { - (yyval.i) = FORM_T; - } - break; - - case 78: -#line 772 "ftpcmd.y" - { - (yyval.i) = FORM_C; - } - break; - - case 79: -#line 779 "ftpcmd.y" - { - cmd_type = TYPE_A; - cmd_form = FORM_N; - } - break; - - case 80: -#line 784 "ftpcmd.y" - { - cmd_type = TYPE_A; - cmd_form = (yyvsp[(3) - (3)].i); - } - break; - - case 81: -#line 789 "ftpcmd.y" - { - cmd_type = TYPE_E; - cmd_form = FORM_N; - } - break; - - case 82: -#line 794 "ftpcmd.y" - { - cmd_type = TYPE_E; - cmd_form = (yyvsp[(3) - (3)].i); - } - break; - - case 83: -#line 799 "ftpcmd.y" - { - cmd_type = TYPE_I; - } - break; - - case 84: -#line 803 "ftpcmd.y" - { - cmd_type = TYPE_L; - cmd_bytesz = NBBY; - } - break; - - case 85: -#line 808 "ftpcmd.y" - { - cmd_type = TYPE_L; - cmd_bytesz = (yyvsp[(3) - (3)].i); - } - break; - - case 86: -#line 814 "ftpcmd.y" - { - cmd_type = TYPE_L; - cmd_bytesz = (yyvsp[(2) - (2)].i); - } - break; - - case 87: -#line 822 "ftpcmd.y" - { - (yyval.i) = STRU_F; - } - break; - - case 88: -#line 826 "ftpcmd.y" - { - (yyval.i) = STRU_R; - } - break; - - case 89: -#line 830 "ftpcmd.y" - { - (yyval.i) = STRU_P; - } - break; - - case 90: -#line 837 "ftpcmd.y" - { - (yyval.i) = MODE_S; - } - break; - - case 91: -#line 841 "ftpcmd.y" - { - (yyval.i) = MODE_B; - } - break; - - case 92: -#line 845 "ftpcmd.y" - { - (yyval.i) = MODE_C; - } - break; - - case 93: -#line 852 "ftpcmd.y" - { - /* - * Problem: this production is used for all pathname - * processing, but only gives a 550 error reply. - * This is a valid reply in some cases but not in others. - */ - if (logged_in && (yyvsp[(1) - (1)].s) && *(yyvsp[(1) - (1)].s) == '~') { - glob_t gl; - int flags = - GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE; - - memset(&gl, 0, sizeof(gl)); - if (glob((yyvsp[(1) - (1)].s), flags, NULL, &gl) || - gl.gl_pathc == 0) { - reply(550, "not found"); - (yyval.s) = NULL; - } else { - (yyval.s) = strdup(gl.gl_pathv[0]); - } - globfree(&gl); - free((yyvsp[(1) - (1)].s)); - } else - (yyval.s) = (yyvsp[(1) - (1)].s); - } - break; - - case 95: -#line 884 "ftpcmd.y" - { - int ret, dec, multby, digit; - - /* - * Convert a number that was read as decimal number - * to what it would be if it had been read as octal. - */ - dec = (yyvsp[(1) - (1)].i); - multby = 1; - ret = 0; - while (dec) { - digit = dec%10; - if (digit > 7) { - ret = -1; - break; - } - ret += digit * multby; - multby *= 8; - dec /= 10; - } - (yyval.i) = ret; - } - break; - - case 96: -#line 910 "ftpcmd.y" - { - (yyval.i) = (yyvsp[(1) - (1)].i) && !guest; - if((yyvsp[(1) - (1)].i) && !(yyval.i)) - reply(550, "Permission denied"); - } - break; - - case 97: -#line 918 "ftpcmd.y" - { - if((yyvsp[(1) - (1)].i)) { - if(((yyval.i) = logged_in) == 0) - reply(530, "Please login with USER and PASS."); - } else - (yyval.i) = 0; - } - break; - - case 98: -#line 928 "ftpcmd.y" - { - (yyval.i) = 1; - if(sec_complete && !ccc_passed && !secure_command()) { - (yyval.i) = 0; - reply(533, "Command protection level denied " - "for paranoid reasons."); - } - } - break; - - -/* Line 1267 of yacc.c. */ -#line 2778 "ftpcmd.c" - default: break; - } - YY_SYMBOL_PRINT ("-> $$ =", yyr1[yyn], &yyval, &yyloc); - - YYPOPSTACK (yylen); - yylen = 0; - YY_STACK_PRINT (yyss, yyssp); - - *++yyvsp = yyval; - - - /* Now `shift' the result of the reduction. Determine what state - that goes to, based on the state we popped back to and the rule - number reduced by. */ - - yyn = yyr1[yyn]; - - yystate = yypgoto[yyn - YYNTOKENS] + *yyssp; - if (0 <= yystate && yystate <= YYLAST && yycheck[yystate] == *yyssp) - yystate = yytable[yystate]; - else - yystate = yydefgoto[yyn - YYNTOKENS]; - - goto yynewstate; - - -/*------------------------------------. -| yyerrlab -- here on detecting error | -`------------------------------------*/ -yyerrlab: - /* If not already recovering from an error, report this error. */ - if (!yyerrstatus) - { - ++yynerrs; -#if ! YYERROR_VERBOSE - yyerror (YY_("syntax error")); -#else - { - YYSIZE_T yysize = yysyntax_error (0, yystate, yychar); - if (yymsg_alloc < yysize && yymsg_alloc < YYSTACK_ALLOC_MAXIMUM) - { - YYSIZE_T yyalloc = 2 * yysize; - if (! (yysize <= yyalloc && yyalloc <= YYSTACK_ALLOC_MAXIMUM)) - yyalloc = YYSTACK_ALLOC_MAXIMUM; - if (yymsg != yymsgbuf) - YYSTACK_FREE (yymsg); - yymsg = (char *) YYSTACK_ALLOC (yyalloc); - if (yymsg) - yymsg_alloc = yyalloc; - else - { - yymsg = yymsgbuf; - yymsg_alloc = sizeof yymsgbuf; - } - } - - if (0 < yysize && yysize <= yymsg_alloc) - { - (void) yysyntax_error (yymsg, yystate, yychar); - yyerror (yymsg); - } - else - { - yyerror (YY_("syntax error")); - if (yysize != 0) - goto yyexhaustedlab; - } - } -#endif - } - - - - if (yyerrstatus == 3) - { - /* If just tried and failed to reuse look-ahead token after an - error, discard it. */ - - if (yychar <= YYEOF) - { - /* Return failure if at end of input. */ - if (yychar == YYEOF) - YYABORT; - } - else - { - yydestruct ("Error: discarding", - yytoken, &yylval); - yychar = YYEMPTY; - } - } - - /* Else will try to reuse look-ahead token after shifting the error - token. */ - goto yyerrlab1; - - -/*---------------------------------------------------. -| yyerrorlab -- error raised explicitly by YYERROR. | -`---------------------------------------------------*/ -yyerrorlab: - - /* Pacify compilers like GCC when the user code never invokes - YYERROR and the label yyerrorlab therefore never appears in user - code. */ - if (/*CONSTCOND*/ 0) - goto yyerrorlab; - - /* Do not reclaim the symbols of the rule which action triggered - this YYERROR. */ - YYPOPSTACK (yylen); - yylen = 0; - YY_STACK_PRINT (yyss, yyssp); - yystate = *yyssp; - goto yyerrlab1; - - -/*-------------------------------------------------------------. -| yyerrlab1 -- common code for both syntax error and YYERROR. | -`-------------------------------------------------------------*/ -yyerrlab1: - yyerrstatus = 3; /* Each real token shifted decrements this. */ - - for (;;) - { - yyn = yypact[yystate]; - if (yyn != YYPACT_NINF) - { - yyn += YYTERROR; - if (0 <= yyn && yyn <= YYLAST && yycheck[yyn] == YYTERROR) - { - yyn = yytable[yyn]; - if (0 < yyn) - break; - } - } - - /* Pop the current state because it cannot handle the error token. */ - if (yyssp == yyss) - YYABORT; - - - yydestruct ("Error: popping", - yystos[yystate], yyvsp); - YYPOPSTACK (1); - yystate = *yyssp; - YY_STACK_PRINT (yyss, yyssp); - } - - if (yyn == YYFINAL) - YYACCEPT; - - *++yyvsp = yylval; - - - /* Shift the error token. */ - YY_SYMBOL_PRINT ("Shifting", yystos[yyn], yyvsp, yylsp); - - yystate = yyn; - goto yynewstate; - - -/*-------------------------------------. -| yyacceptlab -- YYACCEPT comes here. | -`-------------------------------------*/ -yyacceptlab: - yyresult = 0; - goto yyreturn; - -/*-----------------------------------. -| yyabortlab -- YYABORT comes here. | -`-----------------------------------*/ -yyabortlab: - yyresult = 1; - goto yyreturn; - -#ifndef yyoverflow -/*-------------------------------------------------. -| yyexhaustedlab -- memory exhaustion comes here. | -`-------------------------------------------------*/ -yyexhaustedlab: - yyerror (YY_("memory exhausted")); - yyresult = 2; - /* Fall through. */ -#endif - -yyreturn: - if (yychar != YYEOF && yychar != YYEMPTY) - yydestruct ("Cleanup: discarding lookahead", - yytoken, &yylval); - /* Do not reclaim the symbols of the rule which action triggered - this YYABORT or YYACCEPT. */ - YYPOPSTACK (yylen); - YY_STACK_PRINT (yyss, yyssp); - while (yyssp != yyss) - { - yydestruct ("Cleanup: popping", - yystos[*yyssp], yyvsp); - YYPOPSTACK (1); - } -#ifndef yyoverflow - if (yyss != yyssa) - YYSTACK_FREE (yyss); -#endif -#if YYERROR_VERBOSE - if (yymsg != yymsgbuf) - YYSTACK_FREE (yymsg); -#endif - /* Make sure YYID is used. */ - return YYID (yyresult); -} - - -#line 938 "ftpcmd.y" - - -#define CMD 0 /* beginning of command */ -#define ARGS 1 /* expect miscellaneous arguments */ -#define STR1 2 /* expect SP followed by STRING */ -#define STR2 3 /* expect STRING */ -#define OSTR 4 /* optional SP then STRING */ -#define ZSTR1 5 /* SP then optional STRING */ -#define ZSTR2 6 /* optional STRING after SP */ -#define SITECMD 7 /* SITE command */ -#define NSTR 8 /* Number followed by a string */ - -struct tab cmdtab[] = { /* In order defined in RFC 765 */ - { "USER", USER, STR1, 1, " username" }, - { "PASS", PASS, ZSTR1, 1, " password" }, - { "ACCT", ACCT, STR1, 0, "(specify account)" }, - { "SMNT", SMNT, ARGS, 0, "(structure mount)" }, - { "REIN", REIN, ARGS, 0, "(reinitialize server state)" }, - { "QUIT", QUIT, ARGS, 1, "(terminate service)", }, - { "PORT", PORT, ARGS, 1, " b0, b1, b2, b3, b4" }, - { "EPRT", EPRT, STR1, 1, " string" }, - { "PASV", PASV, ARGS, 1, "(set server in passive mode)" }, - { "EPSV", EPSV, OSTR, 1, "[ foo]" }, - { "TYPE", TYPE, ARGS, 1, " [ A | E | I | L ]" }, - { "STRU", STRU, ARGS, 1, "(specify file structure)" }, - { "MODE", MODE, ARGS, 1, "(specify transfer mode)" }, - { "RETR", RETR, STR1, 1, " file-name" }, - { "STOR", STOR, STR1, 1, " file-name" }, - { "APPE", APPE, STR1, 1, " file-name" }, - { "MLFL", MLFL, OSTR, 0, "(mail file)" }, - { "MAIL", MAIL, OSTR, 0, "(mail to user)" }, - { "MSND", MSND, OSTR, 0, "(mail send to terminal)" }, - { "MSOM", MSOM, OSTR, 0, "(mail send to terminal or mailbox)" }, - { "MSAM", MSAM, OSTR, 0, "(mail send to terminal and mailbox)" }, - { "MRSQ", MRSQ, OSTR, 0, "(mail recipient scheme question)" }, - { "MRCP", MRCP, STR1, 0, "(mail recipient)" }, - { "ALLO", ALLO, ARGS, 1, "allocate storage (vacuously)" }, - { "REST", REST, ARGS, 1, " offset (restart command)" }, - { "RNFR", RNFR, STR1, 1, " file-name" }, - { "RNTO", RNTO, STR1, 1, " file-name" }, - { "ABOR", ABOR, ARGS, 1, "(abort operation)" }, - { "DELE", DELE, STR1, 1, " file-name" }, - { "CWD", CWD, OSTR, 1, "[ directory-name ]" }, - { "XCWD", CWD, OSTR, 1, "[ directory-name ]" }, - { "LIST", LIST, OSTR, 1, "[ path-name ]" }, - { "NLST", NLST, OSTR, 1, "[ path-name ]" }, - { "SITE", SITE, SITECMD, 1, "site-cmd [ arguments ]" }, - { "SYST", SYST, ARGS, 1, "(get type of operating system)" }, - { "STAT", sTAT, OSTR, 1, "[ path-name ]" }, - { "HELP", HELP, OSTR, 1, "[ ]" }, - { "NOOP", NOOP, ARGS, 1, "" }, - { "MKD", MKD, STR1, 1, " path-name" }, - { "XMKD", MKD, STR1, 1, " path-name" }, - { "RMD", RMD, STR1, 1, " path-name" }, - { "XRMD", RMD, STR1, 1, " path-name" }, - { "PWD", PWD, ARGS, 1, "(return current directory)" }, - { "XPWD", PWD, ARGS, 1, "(return current directory)" }, - { "CDUP", CDUP, ARGS, 1, "(change to parent directory)" }, - { "XCUP", CDUP, ARGS, 1, "(change to parent directory)" }, - { "STOU", STOU, STR1, 1, " file-name" }, - { "SIZE", SIZE, OSTR, 1, " path-name" }, - { "MDTM", MDTM, OSTR, 1, " path-name" }, - - /* extensions from RFC2228 */ - { "AUTH", AUTH, STR1, 1, " auth-type" }, - { "ADAT", ADAT, STR1, 1, " auth-data" }, - { "PBSZ", PBSZ, ARGS, 1, " buffer-size" }, - { "PROT", PROT, STR1, 1, " prot-level" }, - { "CCC", CCC, ARGS, 1, "" }, - { "MIC", MIC, STR1, 1, " integrity command" }, - { "CONF", CONF, STR1, 1, " confidentiality command" }, - { "ENC", ENC, STR1, 1, " privacy command" }, - - /* RFC2389 */ - { "FEAT", FEAT, ARGS, 1, "" }, - { "OPTS", OPTS, ARGS, 1, " command [ options]" }, - - { NULL, 0, 0, 0, 0 } -}; - -struct tab sitetab[] = { - { "UMASK", UMASK, ARGS, 1, "[ umask ]" }, - { "IDLE", IDLE, ARGS, 1, "[ maximum-idle-time ]" }, - { "CHMOD", CHMOD, NSTR, 1, " mode file-name" }, - { "HELP", HELP, OSTR, 1, "[ ]" }, - - { "KAUTH", KAUTH, STR1, 1, " principal [ ticket ]" }, - { "KLIST", KLIST, ARGS, 1, "(show ticket file)" }, - { "KDESTROY", KDESTROY, ARGS, 1, "(destroy tickets)" }, - { "KRBTKFILE", KRBTKFILE, STR1, 1, " ticket-file" }, - { "AFSLOG", AFSLOG, OSTR, 1, "[ cell]" }, - - { "LOCATE", LOCATE, STR1, 1, " globexpr" }, - { "FIND", LOCATE, STR1, 1, " globexpr" }, - - { "URL", URL, ARGS, 1, "?" }, - - { NULL, 0, 0, 0, 0 } -}; - -static struct tab * -lookup(struct tab *p, char *cmd) -{ - - for (; p->name != NULL; p++) - if (strcmp(cmd, p->name) == 0) - return (p); - return (0); -} - -/* - * ftpd_getline - a hacked up version of fgets to ignore TELNET escape codes. - */ -char * -ftpd_getline(char *s, int n) -{ - int c; - char *cs; - - cs = s; - - /* might still be data within the security MIC/CONF/ENC */ - if(ftp_command){ - strlcpy(s, ftp_command, n); - if (debug) - syslog(LOG_DEBUG, "command: %s", s); - return s; - } - while ((c = getc(stdin)) != EOF) { - c &= 0377; - if (c == IAC) { - if ((c = getc(stdin)) != EOF) { - c &= 0377; - switch (c) { - case WILL: - case WONT: - c = getc(stdin); - printf("%c%c%c", IAC, DONT, 0377&c); - fflush(stdout); - continue; - case DO: - case DONT: - c = getc(stdin); - printf("%c%c%c", IAC, WONT, 0377&c); - fflush(stdout); - continue; - case IAC: - break; - default: - continue; /* ignore command */ - } - } - } - *cs++ = c; - if (--n <= 0 || c == '\n') - break; - } - if (c == EOF && cs == s) - return (NULL); - *cs++ = '\0'; - if (debug) { - if (!guest && strncasecmp("pass ", s, 5) == 0) { - /* Don't syslog passwords */ - syslog(LOG_DEBUG, "command: %.5s ???", s); - } else { - char *cp; - int len; - - /* Don't syslog trailing CR-LF */ - len = strlen(s); - cp = s + len - 1; - while (cp >= s && (*cp == '\n' || *cp == '\r')) { - --cp; - --len; - } - syslog(LOG_DEBUG, "command: %.*s", len, s); - } - } -#ifdef XXX - fprintf(stderr, "%s\n", s); -#endif - return (s); -} - -static RETSIGTYPE -toolong(int signo) -{ - - reply(421, - "Timeout (%d seconds): closing control connection.", - ftpd_timeout); - if (logging) - syslog(LOG_INFO, "User %s timed out after %d seconds", - (pw ? pw -> pw_name : "unknown"), ftpd_timeout); - dologout(1); - SIGRETURN(0); -} - -static int -yylex(void) -{ - static int cpos, state; - char *cp, *cp2; - struct tab *p; - int n; - char c; - - for (;;) { - switch (state) { - - case CMD: - hasyyerrored = 0; - - signal(SIGALRM, toolong); - alarm((unsigned) ftpd_timeout); - if (ftpd_getline(cbuf, sizeof(cbuf)-1) == NULL) { - reply(221, "You could at least say goodbye."); - dologout(0); - } - alarm(0); -#ifdef HAVE_SETPROCTITLE - if (strncasecmp(cbuf, "PASS", 4) != 0) - setproctitle("%s: %s", proctitle, cbuf); -#endif /* HAVE_SETPROCTITLE */ - if ((cp = strchr(cbuf, '\r'))) { - *cp++ = '\n'; - *cp = '\0'; - } - if ((cp = strpbrk(cbuf, " \n"))) - cpos = cp - cbuf; - if (cpos == 0) - cpos = 4; - c = cbuf[cpos]; - cbuf[cpos] = '\0'; - strupr(cbuf); - p = lookup(cmdtab, cbuf); - cbuf[cpos] = c; - if (p != 0) { - if (p->implemented == 0) { - nack(p->name); - hasyyerrored = 1; - break; - } - state = p->state; - yylval.s = p->name; - return (p->token); - } - break; - - case SITECMD: - if (cbuf[cpos] == ' ') { - cpos++; - return (SP); - } - cp = &cbuf[cpos]; - if ((cp2 = strpbrk(cp, " \n"))) - cpos = cp2 - cbuf; - c = cbuf[cpos]; - cbuf[cpos] = '\0'; - strupr(cp); - p = lookup(sitetab, cp); - cbuf[cpos] = c; - if (p != 0) { - if (p->implemented == 0) { - state = CMD; - nack(p->name); - hasyyerrored = 1; - break; - } - state = p->state; - yylval.s = p->name; - return (p->token); - } - state = CMD; - break; - - case OSTR: - if (cbuf[cpos] == '\n') { - state = CMD; - return (CRLF); - } - /* FALLTHROUGH */ - - case STR1: - case ZSTR1: - dostr1: - if (cbuf[cpos] == ' ') { - cpos++; - if(state == OSTR) - state = STR2; - else - state++; - return (SP); - } - break; - - case ZSTR2: - if (cbuf[cpos] == '\n') { - state = CMD; - return (CRLF); - } - /* FALLTHROUGH */ - - case STR2: - cp = &cbuf[cpos]; - n = strlen(cp); - cpos += n - 1; - /* - * Make sure the string is nonempty and \n terminated. - */ - if (n > 1 && cbuf[cpos] == '\n') { - cbuf[cpos] = '\0'; - yylval.s = copy(cp); - cbuf[cpos] = '\n'; - state = ARGS; - return (STRING); - } - break; - - case NSTR: - if (cbuf[cpos] == ' ') { - cpos++; - return (SP); - } - if (isdigit((unsigned char)cbuf[cpos])) { - cp = &cbuf[cpos]; - while (isdigit((unsigned char)cbuf[++cpos])) - ; - c = cbuf[cpos]; - cbuf[cpos] = '\0'; - yylval.i = atoi(cp); - cbuf[cpos] = c; - state = STR1; - return (NUMBER); - } - state = STR1; - goto dostr1; - - case ARGS: - if (isdigit((unsigned char)cbuf[cpos])) { - cp = &cbuf[cpos]; - while (isdigit((unsigned char)cbuf[++cpos])) - ; - c = cbuf[cpos]; - cbuf[cpos] = '\0'; - yylval.i = atoi(cp); - cbuf[cpos] = c; - return (NUMBER); - } - switch (cbuf[cpos++]) { - - case '\n': - state = CMD; - return (CRLF); - - case ' ': - return (SP); - - case ',': - return (COMMA); - - case 'A': - case 'a': - return (A); - - case 'B': - case 'b': - return (B); - - case 'C': - case 'c': - return (C); - - case 'E': - case 'e': - return (E); - - case 'F': - case 'f': - return (F); - - case 'I': - case 'i': - return (I); - - case 'L': - case 'l': - return (L); - - case 'N': - case 'n': - return (N); - - case 'P': - case 'p': - return (P); - - case 'R': - case 'r': - return (R); - - case 'S': - case 's': - return (S); - - case 'T': - case 't': - return (T); - - } - break; - - default: - fatal("Unknown state in scanner."); - } - yyerror(NULL); - state = CMD; - return (0); - } -} - -/* ARGSUSED */ -void -yyerror(char *s) -{ - char *cp; - - if (hasyyerrored) - return; - - if ((cp = strchr(cbuf,'\n'))) - *cp = '\0'; - reply(500, "'%s': command not understood.", cbuf); - hasyyerrored = 1; -} - -static char * -copy(char *s) -{ - char *p; - - p = strdup(s); - if (p == NULL) - fatal("Ran out of memory."); - return p; -} - -static void -help(struct tab *ctab, char *s) -{ - struct tab *c; - int width, NCMDS; - char *t; - char buf[1024]; - - if (ctab == sitetab) - t = "SITE "; - else - t = ""; - width = 0, NCMDS = 0; - for (c = ctab; c->name != NULL; c++) { - int len = strlen(c->name); - - if (len > width) - width = len; - NCMDS++; - } - width = (width + 8) &~ 7; - if (s == 0) { - int i, j, w; - int columns, lines; - - lreply(214, "The following %scommands are recognized %s.", - t, "(* =>'s unimplemented)"); - columns = 76 / width; - if (columns == 0) - columns = 1; - lines = (NCMDS + columns - 1) / columns; - for (i = 0; i < lines; i++) { - strlcpy (buf, " ", sizeof(buf)); - for (j = 0; j < columns; j++) { - c = ctab + j * lines + i; - snprintf (buf + strlen(buf), - sizeof(buf) - strlen(buf), - "%s%c", - c->name, - c->implemented ? ' ' : '*'); - if (c + lines >= &ctab[NCMDS]) - break; - w = strlen(c->name) + 1; - while (w < width) { - strlcat (buf, - " ", - sizeof(buf)); - w++; - } - } - lreply(214, "%s", buf); - } - reply(214, "Direct comments to kth-krb-bugs@pdc.kth.se"); - return; - } - strupr(s); - c = lookup(ctab, s); - if (c == (struct tab *)0) { - reply(502, "Unknown command %s.", s); - return; - } - if (c->implemented) - reply(214, "Syntax: %s%s %s", t, c->name, c->help); - else - reply(214, "%s%-*s\t%s; unimplemented.", t, width, - c->name, c->help); -} - -static void -sizecmd(char *filename) -{ - switch (type) { - case TYPE_L: - case TYPE_I: { - struct stat stbuf; - if (stat(filename, &stbuf) < 0 || !S_ISREG(stbuf.st_mode)) - reply(550, "%s: not a plain file.", filename); - else - reply(213, "%lu", (unsigned long)stbuf.st_size); - break; - } - case TYPE_A: { - FILE *fin; - int c; - size_t count; - struct stat stbuf; - fin = fopen(filename, "r"); - if (fin == NULL) { - perror_reply(550, filename); - return; - } - if (fstat(fileno(fin), &stbuf) < 0 || !S_ISREG(stbuf.st_mode)) { - reply(550, "%s: not a plain file.", filename); - fclose(fin); - return; - } - - count = 0; - while((c=getc(fin)) != EOF) { - if (c == '\n') /* will get expanded to \r\n */ - count++; - count++; - } - fclose(fin); - - reply(213, "%lu", (unsigned long)count); - break; - } - default: - reply(504, "SIZE not implemented for Type %c.", "?AEIL"[type]); - } -} - diff --git a/crypto/heimdal/appl/ftp/ftpd/ftpcmd.y b/crypto/heimdal/appl/ftp/ftpd/ftpcmd.y deleted file mode 100644 index 963a6a0f4590..000000000000 --- a/crypto/heimdal/appl/ftp/ftpd/ftpcmd.y +++ /dev/null @@ -1,1496 +0,0 @@ -/* $NetBSD: ftpcmd.y,v 1.6 1995/06/03 22:46:45 mycroft Exp $ */ - -/* - * Copyright (c) 1985, 1988, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)ftpcmd.y 8.3 (Berkeley) 4/6/94 - */ - -/* - * Grammar for FTP commands. - * See RFC 959. - */ - -%{ - -#include "ftpd_locl.h" -RCSID("$Id: ftpcmd.y 15677 2005-07-19 18:33:08Z lha $"); - -off_t restart_point; - -static int hasyyerrored; - - -static int cmd_type; -static int cmd_form; -static int cmd_bytesz; -char cbuf[64*1024]; -char *fromname; - -struct tab { - char *name; - short token; - short state; - short implemented; /* 1 if command is implemented */ - char *help; -}; - -extern struct tab cmdtab[]; -extern struct tab sitetab[]; - -static char *copy (char *); -static void help (struct tab *, char *); -static struct tab * - lookup (struct tab *, char *); -static void sizecmd (char *); -static RETSIGTYPE toolong (int); -static int yylex (void); - -/* This is for bison */ - -#if !defined(alloca) && !defined(HAVE_ALLOCA) -#define alloca(x) malloc(x) -#endif - -%} - -%union { - int i; - char *s; -} - -%token - A B C E F I - L N P R S T - - SP CRLF COMMA - - USER PASS ACCT REIN QUIT PORT - PASV TYPE STRU MODE RETR STOR - APPE MLFL MAIL MSND MSOM MSAM - MRSQ MRCP ALLO REST RNFR RNTO - ABOR DELE CWD LIST NLST SITE - sTAT HELP NOOP MKD RMD PWD - CDUP STOU SMNT SYST SIZE MDTM - EPRT EPSV - - UMASK IDLE CHMOD - - AUTH ADAT PROT PBSZ CCC MIC - CONF ENC - - KAUTH KLIST KDESTROY KRBTKFILE AFSLOG - LOCATE URL - - FEAT OPTS - - LEXERR - -%token STRING -%token NUMBER - -%type check_login check_login_no_guest check_secure octal_number byte_size -%type struct_code mode_code type_code form_code -%type pathstring pathname password username - -%start cmd_list - -%% - -cmd_list - : /* empty */ - | cmd_list cmd - { - fromname = (char *) 0; - restart_point = (off_t) 0; - } - | cmd_list rcmd - ; - -cmd - : USER SP username CRLF check_secure - { - if ($5) - user($3); - free($3); - } - | PASS SP password CRLF check_secure - { - if ($5) - pass($3); - memset ($3, 0, strlen($3)); - free($3); - } - | PORT SP host_port CRLF check_secure - { - if ($5) { - usedefault = 0; - if (pdata >= 0) { - close(pdata); - pdata = -1; - } - reply(200, "PORT command successful."); - } - } - | EPRT SP STRING CRLF check_secure - { - if ($5) - eprt ($3); - free ($3); - } - | PASV CRLF check_login - { - if($3) - pasv (); - } - | EPSV CRLF check_login - { - if($3) - epsv (NULL); - } - | EPSV SP STRING CRLF check_login - { - if($5) - epsv ($3); - free ($3); - } - | TYPE SP type_code CRLF check_secure - { - if ($5) { - switch (cmd_type) { - - case TYPE_A: - if (cmd_form == FORM_N) { - reply(200, "Type set to A."); - type = cmd_type; - form = cmd_form; - } else - reply(504, "Form must be N."); - break; - - case TYPE_E: - reply(504, "Type E not implemented."); - break; - - case TYPE_I: - reply(200, "Type set to I."); - type = cmd_type; - break; - - case TYPE_L: -#if NBBY == 8 - if (cmd_bytesz == 8) { - reply(200, - "Type set to L (byte size 8)."); - type = cmd_type; - } else - reply(504, "Byte size must be 8."); -#else /* NBBY == 8 */ - UNIMPLEMENTED for NBBY != 8 -#endif /* NBBY == 8 */ - } - } - } - | STRU SP struct_code CRLF check_secure - { - if ($5) { - switch ($3) { - - case STRU_F: - reply(200, "STRU F ok."); - break; - - default: - reply(504, "Unimplemented STRU type."); - } - } - } - | MODE SP mode_code CRLF check_secure - { - if ($5) { - switch ($3) { - - case MODE_S: - reply(200, "MODE S ok."); - break; - - default: - reply(502, "Unimplemented MODE type."); - } - } - } - | ALLO SP NUMBER CRLF check_secure - { - if ($5) { - reply(202, "ALLO command ignored."); - } - } - | ALLO SP NUMBER SP R SP NUMBER CRLF check_secure - { - if ($9) { - reply(202, "ALLO command ignored."); - } - } - | RETR SP pathname CRLF check_login - { - char *name = $3; - - if ($5 && name != NULL) - retrieve(0, name); - if (name != NULL) - free(name); - } - | STOR SP pathname CRLF check_login - { - char *name = $3; - - if ($5 && name != NULL) - do_store(name, "w", 0); - if (name != NULL) - free(name); - } - | APPE SP pathname CRLF check_login - { - char *name = $3; - - if ($5 && name != NULL) - do_store(name, "a", 0); - if (name != NULL) - free(name); - } - | NLST CRLF check_login - { - if ($3) - send_file_list("."); - } - | NLST SP STRING CRLF check_login - { - char *name = $3; - - if ($5 && name != NULL) - send_file_list(name); - if (name != NULL) - free(name); - } - | LIST CRLF check_login - { - if($3) - list_file("."); - } - | LIST SP pathname CRLF check_login - { - if($5) - list_file($3); - free($3); - } - | sTAT SP pathname CRLF check_login - { - if ($5 && $3 != NULL) - statfilecmd($3); - if ($3 != NULL) - free($3); - } - | sTAT CRLF check_secure - { - if ($3) - statcmd(); - } - | DELE SP pathname CRLF check_login_no_guest - { - if ($5 && $3 != NULL) - do_delete($3); - if ($3 != NULL) - free($3); - } - | RNTO SP pathname CRLF check_login_no_guest - { - if($5){ - if (fromname) { - renamecmd(fromname, $3); - free(fromname); - fromname = (char *) 0; - } else { - reply(503, "Bad sequence of commands."); - } - } - if ($3 != NULL) - free($3); - } - | ABOR CRLF check_secure - { - if ($3) - reply(225, "ABOR command successful."); - } - | CWD CRLF check_login - { - if ($3) - cwd(pw->pw_dir); - } - | CWD SP pathname CRLF check_login - { - if ($5 && $3 != NULL) - cwd($3); - if ($3 != NULL) - free($3); - } - | HELP CRLF check_secure - { - if ($3) - help(cmdtab, (char *) 0); - } - | HELP SP STRING CRLF check_secure - { - if ($5) { - char *cp = $3; - - if (strncasecmp(cp, "SITE", 4) == 0) { - cp = $3 + 4; - if (*cp == ' ') - cp++; - if (*cp) - help(sitetab, cp); - else - help(sitetab, (char *) 0); - } else - help(cmdtab, $3); - } - } - | NOOP CRLF check_secure - { - if ($3) - reply(200, "NOOP command successful."); - } - | MKD SP pathname CRLF check_login - { - if ($5 && $3 != NULL) - makedir($3); - if ($3 != NULL) - free($3); - } - | RMD SP pathname CRLF check_login_no_guest - { - if ($5 && $3 != NULL) - removedir($3); - if ($3 != NULL) - free($3); - } - | PWD CRLF check_login - { - if ($3) - pwd(); - } - | CDUP CRLF check_login - { - if ($3) - cwd(".."); - } - | FEAT CRLF check_secure - { - if ($3) { - lreply(211, "Supported features:"); - lreply(0, " MDTM"); - lreply(0, " REST STREAM"); - lreply(0, " SIZE"); - reply(211, "End"); - } - } - | OPTS SP STRING CRLF check_secure - { - if ($5) - reply(501, "Bad options"); - free ($3); - } - - | SITE SP HELP CRLF check_secure - { - if ($5) - help(sitetab, (char *) 0); - } - | SITE SP HELP SP STRING CRLF check_secure - { - if ($7) - help(sitetab, $5); - } - | SITE SP UMASK CRLF check_login - { - if ($5) { - int oldmask = umask(0); - umask(oldmask); - reply(200, "Current UMASK is %03o", oldmask); - } - } - | SITE SP UMASK SP octal_number CRLF check_login_no_guest - { - if ($7) { - if (($5 == -1) || ($5 > 0777)) { - reply(501, "Bad UMASK value"); - } else { - int oldmask = umask($5); - reply(200, - "UMASK set to %03o (was %03o)", - $5, oldmask); - } - } - } - | SITE SP CHMOD SP octal_number SP pathname CRLF check_login_no_guest - { - if ($9 && $7 != NULL) { - if ($5 > 0777) - reply(501, - "CHMOD: Mode value must be between 0 and 0777"); - else if (chmod($7, $5) < 0) - perror_reply(550, $7); - else - reply(200, "CHMOD command successful."); - } - if ($7 != NULL) - free($7); - } - | SITE SP IDLE CRLF check_secure - { - if ($5) - reply(200, - "Current IDLE time limit is %d seconds; max %d", - ftpd_timeout, maxtimeout); - } - | SITE SP IDLE SP NUMBER CRLF check_secure - { - if ($7) { - if ($5 < 30 || $5 > maxtimeout) { - reply(501, - "Maximum IDLE time must be between 30 and %d seconds", - maxtimeout); - } else { - ftpd_timeout = $5; - alarm((unsigned) ftpd_timeout); - reply(200, - "Maximum IDLE time set to %d seconds", - ftpd_timeout); - } - } - } - - | SITE SP KAUTH SP STRING CRLF check_login - { -#ifdef KRB4 - char *p; - - if(guest) - reply(500, "Can't be done as guest."); - else{ - if($7 && $5 != NULL){ - p = strpbrk($5, " \t"); - if(p){ - *p++ = 0; - kauth($5, p + strspn(p, " \t")); - }else - kauth($5, NULL); - } - } - if($5 != NULL) - free($5); -#else - reply(500, "Command not implemented."); -#endif - } - | SITE SP KLIST CRLF check_login - { - if($5) - klist(); - } - | SITE SP KDESTROY CRLF check_login - { -#ifdef KRB4 - if($5) - kdestroy(); -#else - reply(500, "Command not implemented."); -#endif - } - | SITE SP KRBTKFILE SP STRING CRLF check_login - { -#ifdef KRB4 - if(guest) - reply(500, "Can't be done as guest."); - else if($7 && $5) - krbtkfile($5); - if($5) - free($5); -#else - reply(500, "Command not implemented."); -#endif - } - | SITE SP AFSLOG CRLF check_login - { -#if defined(KRB4) || defined(KRB5) - if(guest) - reply(500, "Can't be done as guest."); - else if($5) - afslog(NULL, 0); -#else - reply(500, "Command not implemented."); -#endif - } - | SITE SP AFSLOG SP STRING CRLF check_login - { -#if defined(KRB4) || defined(KRB5) - if(guest) - reply(500, "Can't be done as guest."); - else if($7) - afslog($5, 0); - if($5) - free($5); -#else - reply(500, "Command not implemented."); -#endif - } - | SITE SP LOCATE SP STRING CRLF check_login - { - if($7 && $5 != NULL) - find($5); - if($5 != NULL) - free($5); - } - | SITE SP URL CRLF check_secure - { - if ($5) - reply(200, "http://www.pdc.kth.se/heimdal/"); - } - | STOU SP pathname CRLF check_login - { - if ($5 && $3 != NULL) - do_store($3, "w", 1); - if ($3 != NULL) - free($3); - } - | SYST CRLF check_secure - { - if ($3) { -#if !defined(WIN32) && !defined(__EMX__) && !defined(__OS2__) && !defined(__CYGWIN32__) - reply(215, "UNIX Type: L%d", NBBY); -#else - reply(215, "UNKNOWN Type: L%d", NBBY); -#endif - } - } - - /* - * SIZE is not in RFC959, but Postel has blessed it and - * it will be in the updated RFC. - * - * Return size of file in a format suitable for - * using with RESTART (we just count bytes). - */ - | SIZE SP pathname CRLF check_login - { - if ($5 && $3 != NULL) - sizecmd($3); - if ($3 != NULL) - free($3); - } - - /* - * MDTM is not in RFC959, but Postel has blessed it and - * it will be in the updated RFC. - * - * Return modification time of file as an ISO 3307 - * style time. E.g. YYYYMMDDHHMMSS or YYYYMMDDHHMMSS.xxx - * where xxx is the fractional second (of any precision, - * not necessarily 3 digits) - */ - | MDTM SP pathname CRLF check_login - { - if ($5 && $3 != NULL) { - struct stat stbuf; - if (stat($3, &stbuf) < 0) - reply(550, "%s: %s", - $3, strerror(errno)); - else if (!S_ISREG(stbuf.st_mode)) { - reply(550, - "%s: not a plain file.", $3); - } else { - struct tm *t; - time_t mtime = stbuf.st_mtime; - - t = gmtime(&mtime); - reply(213, - "%04d%02d%02d%02d%02d%02d", - t->tm_year + 1900, - t->tm_mon + 1, - t->tm_mday, - t->tm_hour, - t->tm_min, - t->tm_sec); - } - } - if ($3 != NULL) - free($3); - } - | QUIT CRLF check_secure - { - if ($3) { - reply(221, "Goodbye."); - dologout(0); - } - } - | error CRLF - { - yyerrok; - } - ; -rcmd - : RNFR SP pathname CRLF check_login_no_guest - { - restart_point = (off_t) 0; - if ($5 && $3) { - fromname = renamefrom($3); - if (fromname == (char *) 0 && $3) { - free($3); - } - } - } - | REST SP byte_size CRLF check_secure - { - if ($5) { - fromname = (char *) 0; - restart_point = $3; /* XXX $3 is only "int" */ - reply(350, "Restarting at %ld. %s", - (long)restart_point, - "Send STORE or RETRIEVE to initiate transfer."); - } - } - | AUTH SP STRING CRLF - { - auth($3); - free($3); - } - | ADAT SP STRING CRLF - { - adat($3); - free($3); - } - | PBSZ SP NUMBER CRLF check_secure - { - if ($5) - pbsz($3); - } - | PROT SP STRING CRLF check_secure - { - if ($5) - prot($3); - } - | CCC CRLF check_secure - { - if ($3) - ccc(); - } - | MIC SP STRING CRLF - { - mec($3, prot_safe); - free($3); - } - | CONF SP STRING CRLF - { - mec($3, prot_confidential); - free($3); - } - | ENC SP STRING CRLF - { - mec($3, prot_private); - free($3); - } - ; - -username - : STRING - ; - -password - : /* empty */ - { - $$ = (char *)calloc(1, sizeof(char)); - } - | STRING - ; - -byte_size - : NUMBER - ; - -host_port - : NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA - NUMBER COMMA NUMBER - { - struct sockaddr_in *sin4 = (struct sockaddr_in *)data_dest; - - sin4->sin_family = AF_INET; - sin4->sin_port = htons($9 * 256 + $11); - sin4->sin_addr.s_addr = - htonl(($1 << 24) | ($3 << 16) | ($5 << 8) | $7); - } - ; - -form_code - : N - { - $$ = FORM_N; - } - | T - { - $$ = FORM_T; - } - | C - { - $$ = FORM_C; - } - ; - -type_code - : A - { - cmd_type = TYPE_A; - cmd_form = FORM_N; - } - | A SP form_code - { - cmd_type = TYPE_A; - cmd_form = $3; - } - | E - { - cmd_type = TYPE_E; - cmd_form = FORM_N; - } - | E SP form_code - { - cmd_type = TYPE_E; - cmd_form = $3; - } - | I - { - cmd_type = TYPE_I; - } - | L - { - cmd_type = TYPE_L; - cmd_bytesz = NBBY; - } - | L SP byte_size - { - cmd_type = TYPE_L; - cmd_bytesz = $3; - } - /* this is for a bug in the BBN ftp */ - | L byte_size - { - cmd_type = TYPE_L; - cmd_bytesz = $2; - } - ; - -struct_code - : F - { - $$ = STRU_F; - } - | R - { - $$ = STRU_R; - } - | P - { - $$ = STRU_P; - } - ; - -mode_code - : S - { - $$ = MODE_S; - } - | B - { - $$ = MODE_B; - } - | C - { - $$ = MODE_C; - } - ; - -pathname - : pathstring - { - /* - * Problem: this production is used for all pathname - * processing, but only gives a 550 error reply. - * This is a valid reply in some cases but not in others. - */ - if (logged_in && $1 && *$1 == '~') { - glob_t gl; - int flags = - GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE; - - memset(&gl, 0, sizeof(gl)); - if (glob($1, flags, NULL, &gl) || - gl.gl_pathc == 0) { - reply(550, "not found"); - $$ = NULL; - } else { - $$ = strdup(gl.gl_pathv[0]); - } - globfree(&gl); - free($1); - } else - $$ = $1; - } - ; - -pathstring - : STRING - ; - -octal_number - : NUMBER - { - int ret, dec, multby, digit; - - /* - * Convert a number that was read as decimal number - * to what it would be if it had been read as octal. - */ - dec = $1; - multby = 1; - ret = 0; - while (dec) { - digit = dec%10; - if (digit > 7) { - ret = -1; - break; - } - ret += digit * multby; - multby *= 8; - dec /= 10; - } - $$ = ret; - } - ; - - -check_login_no_guest : check_login - { - $$ = $1 && !guest; - if($1 && !$$) - reply(550, "Permission denied"); - } - ; - -check_login : check_secure - { - if($1) { - if(($$ = logged_in) == 0) - reply(530, "Please login with USER and PASS."); - } else - $$ = 0; - } - ; - -check_secure : /* empty */ - { - $$ = 1; - if(sec_complete && !ccc_passed && !secure_command()) { - $$ = 0; - reply(533, "Command protection level denied " - "for paranoid reasons."); - } - } - ; - -%% - -#define CMD 0 /* beginning of command */ -#define ARGS 1 /* expect miscellaneous arguments */ -#define STR1 2 /* expect SP followed by STRING */ -#define STR2 3 /* expect STRING */ -#define OSTR 4 /* optional SP then STRING */ -#define ZSTR1 5 /* SP then optional STRING */ -#define ZSTR2 6 /* optional STRING after SP */ -#define SITECMD 7 /* SITE command */ -#define NSTR 8 /* Number followed by a string */ - -struct tab cmdtab[] = { /* In order defined in RFC 765 */ - { "USER", USER, STR1, 1, " username" }, - { "PASS", PASS, ZSTR1, 1, " password" }, - { "ACCT", ACCT, STR1, 0, "(specify account)" }, - { "SMNT", SMNT, ARGS, 0, "(structure mount)" }, - { "REIN", REIN, ARGS, 0, "(reinitialize server state)" }, - { "QUIT", QUIT, ARGS, 1, "(terminate service)", }, - { "PORT", PORT, ARGS, 1, " b0, b1, b2, b3, b4" }, - { "EPRT", EPRT, STR1, 1, " string" }, - { "PASV", PASV, ARGS, 1, "(set server in passive mode)" }, - { "EPSV", EPSV, OSTR, 1, "[ foo]" }, - { "TYPE", TYPE, ARGS, 1, " [ A | E | I | L ]" }, - { "STRU", STRU, ARGS, 1, "(specify file structure)" }, - { "MODE", MODE, ARGS, 1, "(specify transfer mode)" }, - { "RETR", RETR, STR1, 1, " file-name" }, - { "STOR", STOR, STR1, 1, " file-name" }, - { "APPE", APPE, STR1, 1, " file-name" }, - { "MLFL", MLFL, OSTR, 0, "(mail file)" }, - { "MAIL", MAIL, OSTR, 0, "(mail to user)" }, - { "MSND", MSND, OSTR, 0, "(mail send to terminal)" }, - { "MSOM", MSOM, OSTR, 0, "(mail send to terminal or mailbox)" }, - { "MSAM", MSAM, OSTR, 0, "(mail send to terminal and mailbox)" }, - { "MRSQ", MRSQ, OSTR, 0, "(mail recipient scheme question)" }, - { "MRCP", MRCP, STR1, 0, "(mail recipient)" }, - { "ALLO", ALLO, ARGS, 1, "allocate storage (vacuously)" }, - { "REST", REST, ARGS, 1, " offset (restart command)" }, - { "RNFR", RNFR, STR1, 1, " file-name" }, - { "RNTO", RNTO, STR1, 1, " file-name" }, - { "ABOR", ABOR, ARGS, 1, "(abort operation)" }, - { "DELE", DELE, STR1, 1, " file-name" }, - { "CWD", CWD, OSTR, 1, "[ directory-name ]" }, - { "XCWD", CWD, OSTR, 1, "[ directory-name ]" }, - { "LIST", LIST, OSTR, 1, "[ path-name ]" }, - { "NLST", NLST, OSTR, 1, "[ path-name ]" }, - { "SITE", SITE, SITECMD, 1, "site-cmd [ arguments ]" }, - { "SYST", SYST, ARGS, 1, "(get type of operating system)" }, - { "STAT", sTAT, OSTR, 1, "[ path-name ]" }, - { "HELP", HELP, OSTR, 1, "[ ]" }, - { "NOOP", NOOP, ARGS, 1, "" }, - { "MKD", MKD, STR1, 1, " path-name" }, - { "XMKD", MKD, STR1, 1, " path-name" }, - { "RMD", RMD, STR1, 1, " path-name" }, - { "XRMD", RMD, STR1, 1, " path-name" }, - { "PWD", PWD, ARGS, 1, "(return current directory)" }, - { "XPWD", PWD, ARGS, 1, "(return current directory)" }, - { "CDUP", CDUP, ARGS, 1, "(change to parent directory)" }, - { "XCUP", CDUP, ARGS, 1, "(change to parent directory)" }, - { "STOU", STOU, STR1, 1, " file-name" }, - { "SIZE", SIZE, OSTR, 1, " path-name" }, - { "MDTM", MDTM, OSTR, 1, " path-name" }, - - /* extensions from RFC2228 */ - { "AUTH", AUTH, STR1, 1, " auth-type" }, - { "ADAT", ADAT, STR1, 1, " auth-data" }, - { "PBSZ", PBSZ, ARGS, 1, " buffer-size" }, - { "PROT", PROT, STR1, 1, " prot-level" }, - { "CCC", CCC, ARGS, 1, "" }, - { "MIC", MIC, STR1, 1, " integrity command" }, - { "CONF", CONF, STR1, 1, " confidentiality command" }, - { "ENC", ENC, STR1, 1, " privacy command" }, - - /* RFC2389 */ - { "FEAT", FEAT, ARGS, 1, "" }, - { "OPTS", OPTS, ARGS, 1, " command [ options]" }, - - { NULL, 0, 0, 0, 0 } -}; - -struct tab sitetab[] = { - { "UMASK", UMASK, ARGS, 1, "[ umask ]" }, - { "IDLE", IDLE, ARGS, 1, "[ maximum-idle-time ]" }, - { "CHMOD", CHMOD, NSTR, 1, " mode file-name" }, - { "HELP", HELP, OSTR, 1, "[ ]" }, - - { "KAUTH", KAUTH, STR1, 1, " principal [ ticket ]" }, - { "KLIST", KLIST, ARGS, 1, "(show ticket file)" }, - { "KDESTROY", KDESTROY, ARGS, 1, "(destroy tickets)" }, - { "KRBTKFILE", KRBTKFILE, STR1, 1, " ticket-file" }, - { "AFSLOG", AFSLOG, OSTR, 1, "[ cell]" }, - - { "LOCATE", LOCATE, STR1, 1, " globexpr" }, - { "FIND", LOCATE, STR1, 1, " globexpr" }, - - { "URL", URL, ARGS, 1, "?" }, - - { NULL, 0, 0, 0, 0 } -}; - -static struct tab * -lookup(struct tab *p, char *cmd) -{ - - for (; p->name != NULL; p++) - if (strcmp(cmd, p->name) == 0) - return (p); - return (0); -} - -/* - * ftpd_getline - a hacked up version of fgets to ignore TELNET escape codes. - */ -char * -ftpd_getline(char *s, int n) -{ - int c; - char *cs; - - cs = s; - - /* might still be data within the security MIC/CONF/ENC */ - if(ftp_command){ - strlcpy(s, ftp_command, n); - if (debug) - syslog(LOG_DEBUG, "command: %s", s); - return s; - } - while ((c = getc(stdin)) != EOF) { - c &= 0377; - if (c == IAC) { - if ((c = getc(stdin)) != EOF) { - c &= 0377; - switch (c) { - case WILL: - case WONT: - c = getc(stdin); - printf("%c%c%c", IAC, DONT, 0377&c); - fflush(stdout); - continue; - case DO: - case DONT: - c = getc(stdin); - printf("%c%c%c", IAC, WONT, 0377&c); - fflush(stdout); - continue; - case IAC: - break; - default: - continue; /* ignore command */ - } - } - } - *cs++ = c; - if (--n <= 0 || c == '\n') - break; - } - if (c == EOF && cs == s) - return (NULL); - *cs++ = '\0'; - if (debug) { - if (!guest && strncasecmp("pass ", s, 5) == 0) { - /* Don't syslog passwords */ - syslog(LOG_DEBUG, "command: %.5s ???", s); - } else { - char *cp; - int len; - - /* Don't syslog trailing CR-LF */ - len = strlen(s); - cp = s + len - 1; - while (cp >= s && (*cp == '\n' || *cp == '\r')) { - --cp; - --len; - } - syslog(LOG_DEBUG, "command: %.*s", len, s); - } - } -#ifdef XXX - fprintf(stderr, "%s\n", s); -#endif - return (s); -} - -static RETSIGTYPE -toolong(int signo) -{ - - reply(421, - "Timeout (%d seconds): closing control connection.", - ftpd_timeout); - if (logging) - syslog(LOG_INFO, "User %s timed out after %d seconds", - (pw ? pw -> pw_name : "unknown"), ftpd_timeout); - dologout(1); - SIGRETURN(0); -} - -static int -yylex(void) -{ - static int cpos, state; - char *cp, *cp2; - struct tab *p; - int n; - char c; - - for (;;) { - switch (state) { - - case CMD: - hasyyerrored = 0; - - signal(SIGALRM, toolong); - alarm((unsigned) ftpd_timeout); - if (ftpd_getline(cbuf, sizeof(cbuf)-1) == NULL) { - reply(221, "You could at least say goodbye."); - dologout(0); - } - alarm(0); -#ifdef HAVE_SETPROCTITLE - if (strncasecmp(cbuf, "PASS", 4) != 0) - setproctitle("%s: %s", proctitle, cbuf); -#endif /* HAVE_SETPROCTITLE */ - if ((cp = strchr(cbuf, '\r'))) { - *cp++ = '\n'; - *cp = '\0'; - } - if ((cp = strpbrk(cbuf, " \n"))) - cpos = cp - cbuf; - if (cpos == 0) - cpos = 4; - c = cbuf[cpos]; - cbuf[cpos] = '\0'; - strupr(cbuf); - p = lookup(cmdtab, cbuf); - cbuf[cpos] = c; - if (p != 0) { - if (p->implemented == 0) { - nack(p->name); - hasyyerrored = 1; - break; - } - state = p->state; - yylval.s = p->name; - return (p->token); - } - break; - - case SITECMD: - if (cbuf[cpos] == ' ') { - cpos++; - return (SP); - } - cp = &cbuf[cpos]; - if ((cp2 = strpbrk(cp, " \n"))) - cpos = cp2 - cbuf; - c = cbuf[cpos]; - cbuf[cpos] = '\0'; - strupr(cp); - p = lookup(sitetab, cp); - cbuf[cpos] = c; - if (p != 0) { - if (p->implemented == 0) { - state = CMD; - nack(p->name); - hasyyerrored = 1; - break; - } - state = p->state; - yylval.s = p->name; - return (p->token); - } - state = CMD; - break; - - case OSTR: - if (cbuf[cpos] == '\n') { - state = CMD; - return (CRLF); - } - /* FALLTHROUGH */ - - case STR1: - case ZSTR1: - dostr1: - if (cbuf[cpos] == ' ') { - cpos++; - if(state == OSTR) - state = STR2; - else - state++; - return (SP); - } - break; - - case ZSTR2: - if (cbuf[cpos] == '\n') { - state = CMD; - return (CRLF); - } - /* FALLTHROUGH */ - - case STR2: - cp = &cbuf[cpos]; - n = strlen(cp); - cpos += n - 1; - /* - * Make sure the string is nonempty and \n terminated. - */ - if (n > 1 && cbuf[cpos] == '\n') { - cbuf[cpos] = '\0'; - yylval.s = copy(cp); - cbuf[cpos] = '\n'; - state = ARGS; - return (STRING); - } - break; - - case NSTR: - if (cbuf[cpos] == ' ') { - cpos++; - return (SP); - } - if (isdigit((unsigned char)cbuf[cpos])) { - cp = &cbuf[cpos]; - while (isdigit((unsigned char)cbuf[++cpos])) - ; - c = cbuf[cpos]; - cbuf[cpos] = '\0'; - yylval.i = atoi(cp); - cbuf[cpos] = c; - state = STR1; - return (NUMBER); - } - state = STR1; - goto dostr1; - - case ARGS: - if (isdigit((unsigned char)cbuf[cpos])) { - cp = &cbuf[cpos]; - while (isdigit((unsigned char)cbuf[++cpos])) - ; - c = cbuf[cpos]; - cbuf[cpos] = '\0'; - yylval.i = atoi(cp); - cbuf[cpos] = c; - return (NUMBER); - } - switch (cbuf[cpos++]) { - - case '\n': - state = CMD; - return (CRLF); - - case ' ': - return (SP); - - case ',': - return (COMMA); - - case 'A': - case 'a': - return (A); - - case 'B': - case 'b': - return (B); - - case 'C': - case 'c': - return (C); - - case 'E': - case 'e': - return (E); - - case 'F': - case 'f': - return (F); - - case 'I': - case 'i': - return (I); - - case 'L': - case 'l': - return (L); - - case 'N': - case 'n': - return (N); - - case 'P': - case 'p': - return (P); - - case 'R': - case 'r': - return (R); - - case 'S': - case 's': - return (S); - - case 'T': - case 't': - return (T); - - } - break; - - default: - fatal("Unknown state in scanner."); - } - yyerror(NULL); - state = CMD; - return (0); - } -} - -/* ARGSUSED */ -void -yyerror(char *s) -{ - char *cp; - - if (hasyyerrored) - return; - - if ((cp = strchr(cbuf,'\n'))) - *cp = '\0'; - reply(500, "'%s': command not understood.", cbuf); - hasyyerrored = 1; -} - -static char * -copy(char *s) -{ - char *p; - - p = strdup(s); - if (p == NULL) - fatal("Ran out of memory."); - return p; -} - -static void -help(struct tab *ctab, char *s) -{ - struct tab *c; - int width, NCMDS; - char *t; - char buf[1024]; - - if (ctab == sitetab) - t = "SITE "; - else - t = ""; - width = 0, NCMDS = 0; - for (c = ctab; c->name != NULL; c++) { - int len = strlen(c->name); - - if (len > width) - width = len; - NCMDS++; - } - width = (width + 8) &~ 7; - if (s == 0) { - int i, j, w; - int columns, lines; - - lreply(214, "The following %scommands are recognized %s.", - t, "(* =>'s unimplemented)"); - columns = 76 / width; - if (columns == 0) - columns = 1; - lines = (NCMDS + columns - 1) / columns; - for (i = 0; i < lines; i++) { - strlcpy (buf, " ", sizeof(buf)); - for (j = 0; j < columns; j++) { - c = ctab + j * lines + i; - snprintf (buf + strlen(buf), - sizeof(buf) - strlen(buf), - "%s%c", - c->name, - c->implemented ? ' ' : '*'); - if (c + lines >= &ctab[NCMDS]) - break; - w = strlen(c->name) + 1; - while (w < width) { - strlcat (buf, - " ", - sizeof(buf)); - w++; - } - } - lreply(214, "%s", buf); - } - reply(214, "Direct comments to kth-krb-bugs@pdc.kth.se"); - return; - } - strupr(s); - c = lookup(ctab, s); - if (c == (struct tab *)0) { - reply(502, "Unknown command %s.", s); - return; - } - if (c->implemented) - reply(214, "Syntax: %s%s %s", t, c->name, c->help); - else - reply(214, "%s%-*s\t%s; unimplemented.", t, width, - c->name, c->help); -} - -static void -sizecmd(char *filename) -{ - switch (type) { - case TYPE_L: - case TYPE_I: { - struct stat stbuf; - if (stat(filename, &stbuf) < 0 || !S_ISREG(stbuf.st_mode)) - reply(550, "%s: not a plain file.", filename); - else - reply(213, "%lu", (unsigned long)stbuf.st_size); - break; - } - case TYPE_A: { - FILE *fin; - int c; - size_t count; - struct stat stbuf; - fin = fopen(filename, "r"); - if (fin == NULL) { - perror_reply(550, filename); - return; - } - if (fstat(fileno(fin), &stbuf) < 0 || !S_ISREG(stbuf.st_mode)) { - reply(550, "%s: not a plain file.", filename); - fclose(fin); - return; - } - - count = 0; - while((c=getc(fin)) != EOF) { - if (c == '\n') /* will get expanded to \r\n */ - count++; - count++; - } - fclose(fin); - - reply(213, "%lu", (unsigned long)count); - break; - } - default: - reply(504, "SIZE not implemented for Type %c.", "?AEIL"[type]); - } -} diff --git a/crypto/heimdal/appl/ftp/ftpd/ftpd.8 b/crypto/heimdal/appl/ftp/ftpd/ftpd.8 deleted file mode 100644 index 0dfed9f75430..000000000000 --- a/crypto/heimdal/appl/ftp/ftpd/ftpd.8 +++ /dev/null @@ -1,503 +0,0 @@ -.\" $NetBSD: ftpd.8,v 1.7 1995/04/11 02:44:53 cgd Exp $ -.\" -.\" Copyright (c) 1985, 1988, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)ftpd.8 8.2 (Berkeley) 4/19/94 -.\" -.Dd July 19, 2003 -.Dt FTPD 8 -.Os BSD 4.2 -.Sh NAME -.Nm ftpd -.Nd Internet File Transfer Protocol server -.Sh SYNOPSIS -.Nm -.Op Fl a Ar authmode -.Op Fl dilvU -.Op Fl g Ar umask -.Op Fl p Ar port -.Op Fl T Ar maxtimeout -.Op Fl t Ar timeout -.Op Fl -gss-bindings -.Op Fl I | Fl -no-insecure-oob -.Op Fl u Ar default umask -.Op Fl B | Fl -builtin-ls -.Op Fl -good-chars= Ns Ar string -.Sh DESCRIPTION -.Nm Ftpd -is the -Internet File Transfer Protocol -server process. The server uses the -.Tn TCP -protocol -and listens at the port specified in the -.Dq ftp -service specification; see -.Xr services 5 . -.Pp -Available options: -.Bl -tag -width Ds -.It Fl a -Select the level of authentication required. Kerberised login can not -be turned off. The default is to only allow kerberised login. Other -possibilities can be turned on by giving a string of comma separated -flags as argument to -.Fl a . -Recognised flags are: -.Bl -tag -width plain -.It Ar plain -Allow logging in with plaintext password. The password can be a(n) OTP -or an ordinary password. -.It Ar otp -Same as -.Ar plain , -but only OTP is allowed. -.It Ar ftp -Allow anonymous login. -.El -.Pp -The following combination modes exists for backwards compatibility: -.Bl -tag -width plain -.It Ar none -Same as -.Ar plain,ftp . -.It Ar safe -Same as -.Ar ftp . -.It Ar user -Ignored. -.El -.It Fl d -Debugging information is written to the syslog using LOG_FTP. -.It Fl g -Anonymous users will get a umask of -.Ar umask . -.It Fl -gss-bindings -require the peer to use GSS-API bindings (ie make sure IP addresses match). -.It Fl i -Open a socket and wait for a connection. This is mainly used for -debugging when ftpd isn't started by inetd. -.It Fl l -Each successful and failed -.Xr ftp 1 -session is logged using syslog with a facility of LOG_FTP. -If this option is specified twice, the retrieve (get), store (put), append, -delete, make directory, remove directory and rename operations and -their filename arguments are also logged. -.It Fl p -Use -.Ar port -(a service name or number) instead of the default -.Ar ftp/tcp . -.It Fl T -A client may also request a different timeout period; -the maximum period allowed may be set to -.Ar timeout -seconds with the -.Fl T -option. -The default limit is 2 hours. -.It Fl t -The inactivity timeout period is set to -.Ar timeout -seconds (the default is 15 minutes). -.It Fl u -Set the initial umask to something else than the default 027. -.It Fl U -In previous versions of -.Nm ftpd , -when a passive mode client requested a data connection to the server, the -server would use data ports in the range 1024..4999. Now, by default, -if the system supports the IP_PORTRANGE socket option, the server will -use data ports in the range 49152..65535. Specifying this option will -revert to the old behavior. -.It Fl v -Verbose mode. -.It Xo -.Fl B , -.Fl -builtin-ls -.Xc -use built-in ls to list files -.It Xo -.Fl -good-chars= Ns Ar string -.Xc -allowed anonymous upload filename chars -.It Xo -.Fl I -.Fl -no-insecure-oob -.Xc -don't allow insecure out of band. -Heimdal ftp clients before 0.6.3 doesn't support secure oob, so turning -on this option makes them no longer work. -.El -.Pp -The file -.Pa /etc/nologin -can be used to disable ftp access. -If the file exists, -.Nm -displays it and exits. -If the file -.Pa /etc/ftpwelcome -exists, -.Nm -prints it before issuing the -.Dq ready -message. -If the file -.Pa /etc/motd -exists, -.Nm -prints it after a successful login. -.Pp -The ftp server currently supports the following ftp requests. -The case of the requests is ignored. -.Bl -column "Request" -offset indent -.It Request Ta "Description" -.It ABOR Ta "abort previous command" -.It ACCT Ta "specify account (ignored)" -.It ALLO Ta "allocate storage (vacuously)" -.It APPE Ta "append to a file" -.It CDUP Ta "change to parent of current working directory" -.It CWD Ta "change working directory" -.It DELE Ta "delete a file" -.It HELP Ta "give help information" -.It LIST Ta "give list files in a directory" Pq Dq Li "ls -lgA" -.It MKD Ta "make a directory" -.It MDTM Ta "show last modification time of file" -.It MODE Ta "specify data transfer" Em mode -.It NLST Ta "give name list of files in directory" -.It NOOP Ta "do nothing" -.It PASS Ta "specify password" -.It PASV Ta "prepare for server-to-server transfer" -.It PORT Ta "specify data connection port" -.It PWD Ta "print the current working directory" -.It QUIT Ta "terminate session" -.It REST Ta "restart incomplete transfer" -.It RETR Ta "retrieve a file" -.It RMD Ta "remove a directory" -.It RNFR Ta "specify rename-from file name" -.It RNTO Ta "specify rename-to file name" -.It SITE Ta "non-standard commands (see next section)" -.It SIZE Ta "return size of file" -.It STAT Ta "return status of server" -.It STOR Ta "store a file" -.It STOU Ta "store a file with a unique name" -.It STRU Ta "specify data transfer" Em structure -.It SYST Ta "show operating system type of server system" -.It TYPE Ta "specify data transfer" Em type -.It USER Ta "specify user name" -.It XCUP Ta "change to parent of current working directory (deprecated)" -.It XCWD Ta "change working directory (deprecated)" -.It XMKD Ta "make a directory (deprecated)" -.It XPWD Ta "print the current working directory (deprecated)" -.It XRMD Ta "remove a directory (deprecated)" -.El -.Pp -The following commands are specified by RFC2228. -.Bl -column Request -offset indent -.It AUTH Ta "authentication/security mechanism" -.It ADAT Ta "authentication/security data" -.It PROT Ta "data channel protection level" -.It PBSZ Ta "protection buffer size" -.It MIC Ta "integrity protected command" -.It CONF Ta "confidentiality protected command" -.It ENC Ta "privacy protected command" -.It CCC Ta "clear command channel" -.El -.Pp -The following non-standard or -.Tn UNIX -specific commands are supported -by the -SITE request. -.Pp -.Bl -column Request -offset indent -.It UMASK Ta change umask, (e.g. -.Ic "SITE UMASK 002" ) -.It IDLE Ta set idle-timer, (e.g. -.Ic "SITE IDLE 60" ) -.It CHMOD Ta change mode of a file (e.g. -.Ic "SITE CHMOD 755 filename" ) -.It FIND Ta quickly find a specific file with GNU -.Xr locate 1 . -.It HELP Ta give help information. -.El -.Pp -The following Kerberos related site commands are understood. -.Bl -column Request -offset indent -.It KAUTH Ta obtain remote tickets. -.It KLIST Ta show remote tickets -.El -.Pp -The remaining ftp requests specified in Internet RFC 959 -are -recognized, but not implemented. -MDTM and SIZE are not specified in RFC 959, but will appear in the -next updated FTP RFC. -.Pp -The ftp server will abort an active file transfer only when the -ABOR -command is preceded by a Telnet "Interrupt Process" (IP) -signal and a Telnet "Synch" signal in the command Telnet stream, -as described in Internet RFC 959. -If a -STAT -command is received during a data transfer, preceded by a Telnet IP -and Synch, transfer status will be returned. -.Pp -.Nm Ftpd -interprets file names according to the -.Dq globbing -conventions used by -.Xr csh 1 . -This allows users to use the metacharacters -.Dq Li \&*?[]{}~ . -.Pp -.Nm Ftpd -authenticates users according to these rules. -.Pp -.Bl -enum -offset indent -.It -If Kerberos authentication is used, the user must pass valid tickets -and the principal must be allowed to login as the remote user. -.It -The login name must be in the password data base, and not have a null -password (if Kerberos is used the password field is not checked). In -this case a password must be provided by the client before any file -operations may be performed. If the user has an OTP key, the response -from a successful USER command will include an OTP challenge. The -client may choose to respond with a PASS command giving either a -standard password or an OTP one-time password. The server will -automatically determine which type of password it has been given and -attempt to authenticate accordingly. See -.Xr otp 1 -for more information on OTP authentication. -.It -The login name must not appear in the file -.Pa /etc/ftpusers . -.It -The user must have a standard shell returned by -.Xr getusershell 3 . -.It -If the user name appears in the file -.Pa /etc/ftpchroot -the session's root will be changed to the user's login directory by -.Xr chroot 2 -as for an -.Dq anonymous -or -.Dq ftp -account (see next item). However, the user must still supply a password. -This feature is intended as a compromise between a fully anonymous account -and a fully privileged account. The account should also be set up as for an -anonymous account. -.It -If the user name is -.Dq anonymous -or -.Dq ftp , -an -anonymous ftp account must be present in the password -file (user -.Dq ftp ) . -In this case the user is allowed -to log in by specifying any password (by convention an email address for -the user should be used as the password). -.El -.Pp -In the last case, -.Nm ftpd -takes special measures to restrict the client's access privileges. -The server performs a -.Xr chroot 2 -to the home directory of the -.Dq ftp -user. -In order that system security is not breached, it is recommended -that the -.Dq ftp -subtree be constructed with care, consider following these guidelines -for anonymous ftp. -.Pp -In general all files should be owned by -.Dq root , -and have non-write permissions (644 or 755 depending on the kind of -file). No files should be owned or writable by -.Dq ftp -(possibly with exception for the -.Pa ~ftp/incoming , -as specified below). -.Bl -tag -width "~ftp/pub" -offset indent -.It Pa ~ftp -The -.Dq ftp -homedirectory should be owned by root. -.It Pa ~ftp/bin -The directory for external programs (such as -.Xr ls 1 ) . -These programs must either be statically linked, or you must setup an -environment for dynamic linking when running chrooted. -These programs will be used if present: -.Bl -tag -width "locate" -offset indent -.It ls -Used when listing files. -.It compress -When retrieving a filename that ends in -.Pa .Z , -and that file isn't present, -.Nm -will try to find the filename without -.Pa .Z -and compress it on the fly. -.It gzip -Same as compress, just with files ending in -.Pa .gz . -.It gtar -Enables retrieval of whole directories as files ending in -.Pa .tar . -Can also be combined with compression. You must use GNU Tar (or some -other that supports the -.Fl z -and -.Fl Z -flags). -.It locate -Will enable ``fast find'' with the -.Ic SITE FIND -command. You must also create a -.Pa locatedb -file in -.Pa ~ftp/etc . -.El -.It Pa ~ftp/etc -If you put copies of the -.Xr passwd 5 -and -.Xr group 5 -files here, ls will be able to produce owner names rather than -numbers. Remember to remove any passwords from these files. -.Pp -The file -.Pa motd , -if present, will be printed after a successful login. -.It Pa ~ftp/dev -Put a copy of -.Xr /dev/null 7 -here. -.It Pa ~ftp/pub -Traditional place to put whatever you want to make public. -.El -.Pp -If you want guests to be able to upload files, create a -.Pa ~ftp/incoming -directory owned by -.Dq root , -and group -.Dq ftp -with mode 730 (make sure -.Dq ftp -is member of group -.Dq ftp ) . -The following restrictions apply to anonymous users: -.Bl -bullet -.It -Directories created will have mode 700. -.It -Uploaded files will be created with an umask of 777, if not changed -with the -.Fl g -option. -.It -These command are not accessible: -.Ic DELE , RMD , RNTO , RNFR , -.Ic SITE UMASK , -and -.Ic SITE CHMOD . -.It -Filenames must start with an alpha-numeric character, and consist of -alpha-numeric characters or any of the following: -.Li \&+ -(plus), -.Li \&- -(minus), -.Li \&= -(equal), -.Li \&_ -(underscore), -.Li \&. -(period), and -.Li \&, -(comma). -.El -.Sh FILES -.Bl -tag -width /etc/ftpwelcome -compact -.It Pa /etc/ftpusers -Access list for users. -.It Pa /etc/ftpchroot -List of normal users who should be chroot'd. -.It Pa /etc/ftpwelcome -Welcome notice. -.It Pa /etc/motd -Welcome notice after login. -.It Pa /etc/nologin -Displayed and access refused. -.It Pa ~/.klogin -Login access for Kerberos. -.El -.Sh SEE ALSO -.Xr ftp 1 , -.Xr otp 1 , -.Xr getusershell 3 , -.Xr ftpusers 5 , -.Xr syslogd 8 -.Sh STANDARDS -.Bl -tag -compact -width "RFC 1938" -.It Cm RFC 959 -FTP PROTOCOL SPECIFICATION -.It Cm RFC 1938 -OTP Specification -.It Cm RFC 2228 -FTP Security Extensions. -.El -.Sh BUGS -The server must run as the super-user -to create sockets with privileged port numbers. It maintains -an effective user id of the logged in user, reverting to -the super-user only when binding addresses to sockets. The -possible security holes have been extensively -scrutinized, but are possibly incomplete. -.Sh HISTORY -The -.Nm -command appeared in -.Bx 4.2 . diff --git a/crypto/heimdal/appl/ftp/ftpd/ftpd.c b/crypto/heimdal/appl/ftp/ftpd/ftpd.c deleted file mode 100644 index 2005a4fb3161..000000000000 --- a/crypto/heimdal/appl/ftp/ftpd/ftpd.c +++ /dev/null @@ -1,2393 +0,0 @@ -/* - * Copyright (c) 1985, 1988, 1990, 1992, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#define FTP_NAMES -#include "ftpd_locl.h" -#ifdef KRB5 -#include -#endif -#include "getarg.h" - -RCSID("$Id: ftpd.c 21222 2007-06-20 10:11:14Z lha $"); - -static char version[] = "Version 6.00"; - -extern off_t restart_point; -extern char cbuf[]; - -struct sockaddr_storage ctrl_addr_ss; -struct sockaddr *ctrl_addr = (struct sockaddr *)&ctrl_addr_ss; - -struct sockaddr_storage data_source_ss; -struct sockaddr *data_source = (struct sockaddr *)&data_source_ss; - -struct sockaddr_storage data_dest_ss; -struct sockaddr *data_dest = (struct sockaddr *)&data_dest_ss; - -struct sockaddr_storage his_addr_ss; -struct sockaddr *his_addr = (struct sockaddr *)&his_addr_ss; - -struct sockaddr_storage pasv_addr_ss; -struct sockaddr *pasv_addr = (struct sockaddr *)&pasv_addr_ss; - -int data; -int logged_in; -struct passwd *pw; -int debug = 0; -int ftpd_timeout = 900; /* timeout after 15 minutes of inactivity */ -int maxtimeout = 7200;/* don't allow idle time to be set beyond 2 hours */ -int restricted_data_ports = 1; -int logging; -int guest; -int dochroot; -int type; -int form; -int stru; /* avoid C keyword */ -int mode; -int usedefault = 1; /* for data transfers */ -int pdata = -1; /* for passive mode */ -int allow_insecure_oob = 1; -static int transflag; -static int urgflag; -off_t file_size; -off_t byte_count; -#if !defined(CMASK) || CMASK == 0 -#undef CMASK -#define CMASK 027 -#endif -int defumask = CMASK; /* default umask value */ -int guest_umask = 0777; /* Paranoia for anonymous users */ -char tmpline[10240]; -char hostname[MaxHostNameLen]; -char remotehost[MaxHostNameLen]; -static char ttyline[20]; - -#define AUTH_PLAIN (1 << 0) /* allow sending passwords */ -#define AUTH_OTP (1 << 1) /* passwords are one-time */ -#define AUTH_FTP (1 << 2) /* allow anonymous login */ - -static int auth_level = 0; /* Only allow kerberos login by default */ - -/* - * Timeout intervals for retrying connections - * to hosts that don't accept PORT cmds. This - * is a kludge, but given the problems with TCP... - */ -#define SWAITMAX 90 /* wait at most 90 seconds */ -#define SWAITINT 5 /* interval between retries */ - -int swaitmax = SWAITMAX; -int swaitint = SWAITINT; - -#ifdef HAVE_SETPROCTITLE -char proctitle[BUFSIZ]; /* initial part of title */ -#endif /* HAVE_SETPROCTITLE */ - -#define LOGCMD(cmd, file) \ - if (logging > 1) \ - syslog(LOG_INFO,"%s %s%s", cmd, \ - *(file) == '/' ? "" : curdir(), file); -#define LOGCMD2(cmd, file1, file2) \ - if (logging > 1) \ - syslog(LOG_INFO,"%s %s%s %s%s", cmd, \ - *(file1) == '/' ? "" : curdir(), file1, \ - *(file2) == '/' ? "" : curdir(), file2); -#define LOGBYTES(cmd, file, cnt) \ - if (logging > 1) { \ - if (cnt == (off_t)-1) \ - syslog(LOG_INFO,"%s %s%s", cmd, \ - *(file) == '/' ? "" : curdir(), file); \ - else \ - syslog(LOG_INFO, "%s %s%s = %ld bytes", \ - cmd, (*(file) == '/') ? "" : curdir(), file, (long)cnt); \ - } - -static void ack (char *); -static void myoob (int); -static int handleoobcmd(void); -static int checkuser (char *, char *); -static int checkaccess (char *); -static FILE *dataconn (const char *, off_t, const char *); -static void dolog (struct sockaddr *, int); -static void end_login (void); -static FILE *getdatasock (const char *, int); -static char *gunique (char *); -static RETSIGTYPE lostconn (int); -static int receive_data (FILE *, FILE *); -static void send_data (FILE *, FILE *); -static struct passwd * sgetpwnam (char *); - -static char * -curdir(void) -{ - static char path[MaxPathLen+1]; /* path + '/' + '\0' */ - - if (getcwd(path, sizeof(path)-1) == NULL) - return (""); - if (path[1] != '\0') /* special case for root dir. */ - strlcat(path, "/", sizeof(path)); - /* For guest account, skip / since it's chrooted */ - return (guest ? path+1 : path); -} - -#ifndef LINE_MAX -#define LINE_MAX 1024 -#endif - -static int -parse_auth_level(char *str) -{ - char *p; - int ret = 0; - char *foo = NULL; - - for(p = strtok_r(str, ",", &foo); - p; - p = strtok_r(NULL, ",", &foo)) { - if(strcmp(p, "user") == 0) - ; -#ifdef OTP - else if(strcmp(p, "otp") == 0) - ret |= AUTH_PLAIN|AUTH_OTP; -#endif - else if(strcmp(p, "ftp") == 0 || - strcmp(p, "safe") == 0) - ret |= AUTH_FTP; - else if(strcmp(p, "plain") == 0) - ret |= AUTH_PLAIN; - else if(strcmp(p, "none") == 0) - ret |= AUTH_PLAIN|AUTH_FTP; - else - warnx("bad value for -a: `%s'", p); - } - return ret; -} - -/* - * Print usage and die. - */ - -static int interactive_flag; -static char *guest_umask_string; -static char *port_string; -static char *umask_string; -static char *auth_string; - -int use_builtin_ls = -1; - -static int help_flag; -static int version_flag; - -static const char *good_chars = "+-=_,."; - -struct getargs args[] = { - { NULL, 'a', arg_string, &auth_string, "required authentication" }, - { NULL, 'i', arg_flag, &interactive_flag, "don't assume stdin is a socket" }, - { NULL, 'p', arg_string, &port_string, "what port to listen to" }, - { NULL, 'g', arg_string, &guest_umask_string, "umask for guest logins" }, - { NULL, 'l', arg_counter, &logging, "log more stuff", "" }, - { NULL, 't', arg_integer, &ftpd_timeout, "initial timeout" }, - { NULL, 'T', arg_integer, &maxtimeout, "max timeout" }, - { NULL, 'u', arg_string, &umask_string, "umask for user logins" }, - { NULL, 'U', arg_negative_flag, &restricted_data_ports, "don't use high data ports" }, - { NULL, 'd', arg_flag, &debug, "enable debugging" }, - { NULL, 'v', arg_flag, &debug, "enable debugging" }, - { "builtin-ls", 'B', arg_flag, &use_builtin_ls, "use built-in ls to list files" }, - { "good-chars", 0, arg_string, &good_chars, "allowed anonymous upload filename chars" }, - { "insecure-oob", 'I', arg_negative_flag, &allow_insecure_oob, "don't allow insecure OOB ABOR/STAT" }, -#ifdef KRB5 - { "gss-bindings", 0, arg_flag, &ftp_do_gss_bindings, "Require GSS-API bindings", NULL}, -#endif - { "version", 0, arg_flag, &version_flag }, - { "help", 'h', arg_flag, &help_flag } -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage (int code) -{ - arg_printusage(args, num_args, NULL, ""); - exit (code); -} - -/* output contents of a file */ -static int -show_file(const char *file, int code) -{ - FILE *f; - char buf[128]; - - f = fopen(file, "r"); - if(f == NULL) - return -1; - while(fgets(buf, sizeof(buf), f)){ - buf[strcspn(buf, "\r\n")] = '\0'; - lreply(code, "%s", buf); - } - fclose(f); - return 0; -} - -int -main(int argc, char **argv) -{ - socklen_t his_addr_len, ctrl_addr_len; - int on = 1; - int port; - struct servent *sp; - - int optind = 0; - - setprogname (argv[0]); - - /* detach from any tickets and tokens */ - { -#ifdef KRB4 - char tkfile[1024]; - snprintf(tkfile, sizeof(tkfile), - "/tmp/ftp_%u", (unsigned)getpid()); - krb_set_tkt_string(tkfile); -#endif - } - - if(getarg(args, num_args, argc, argv, &optind)) - usage(1); - - if(help_flag) - usage(0); - - if(version_flag) { - print_version(NULL); - exit(0); - } - - if(auth_string) - auth_level = parse_auth_level(auth_string); - { - char *p; - long val = 0; - - if(guest_umask_string) { - val = strtol(guest_umask_string, &p, 8); - if (*p != '\0' || val < 0) - warnx("bad value for -g"); - else - guest_umask = val; - } - if(umask_string) { - val = strtol(umask_string, &p, 8); - if (*p != '\0' || val < 0) - warnx("bad value for -u"); - else - defumask = val; - } - } - sp = getservbyname("ftp", "tcp"); - if(sp) - port = sp->s_port; - else - port = htons(21); - if(port_string) { - sp = getservbyname(port_string, "tcp"); - if(sp) - port = sp->s_port; - else - if(isdigit((unsigned char)port_string[0])) - port = htons(atoi(port_string)); - else - warnx("bad value for -p"); - } - - if (maxtimeout < ftpd_timeout) - maxtimeout = ftpd_timeout; - -#if 0 - if (ftpd_timeout > maxtimeout) - ftpd_timeout = maxtimeout; -#endif - - if(interactive_flag) - mini_inetd (port); - - /* - * LOG_NDELAY sets up the logging connection immediately, - * necessary for anonymous ftp's that chroot and can't do it later. - */ - openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_FTP); - his_addr_len = sizeof(his_addr_ss); - if (getpeername(STDIN_FILENO, his_addr, &his_addr_len) < 0) { - syslog(LOG_ERR, "getpeername (%s): %m",argv[0]); - exit(1); - } - ctrl_addr_len = sizeof(ctrl_addr_ss); - if (getsockname(STDIN_FILENO, ctrl_addr, &ctrl_addr_len) < 0) { - syslog(LOG_ERR, "getsockname (%s): %m",argv[0]); - exit(1); - } -#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT) - { - int tos = IPTOS_LOWDELAY; - - if (setsockopt(STDIN_FILENO, IPPROTO_IP, IP_TOS, - (void *)&tos, sizeof(int)) < 0) - syslog(LOG_WARNING, "setsockopt (IP_TOS): %m"); - } -#endif - data_source->sa_family = ctrl_addr->sa_family; - socket_set_port (data_source, - htons(ntohs(socket_get_port(ctrl_addr)) - 1)); - - /* set this here so it can be put in wtmp */ - snprintf(ttyline, sizeof(ttyline), "ftp%u", (unsigned)getpid()); - - - /* freopen(_PATH_DEVNULL, "w", stderr); */ - signal(SIGPIPE, lostconn); - signal(SIGCHLD, SIG_IGN); -#ifdef SIGURG - if (signal(SIGURG, myoob) == SIG_ERR) - syslog(LOG_ERR, "signal: %m"); -#endif - - /* Try to handle urgent data inline */ -#if defined(SO_OOBINLINE) && defined(HAVE_SETSOCKOPT) - if (setsockopt(0, SOL_SOCKET, SO_OOBINLINE, (void *)&on, - sizeof(on)) < 0) - syslog(LOG_ERR, "setsockopt: %m"); -#endif - -#ifdef F_SETOWN - if (fcntl(fileno(stdin), F_SETOWN, getpid()) == -1) - syslog(LOG_ERR, "fcntl F_SETOWN: %m"); -#endif - dolog(his_addr, his_addr_len); - /* - * Set up default state - */ - data = -1; - type = TYPE_A; - form = FORM_N; - stru = STRU_F; - mode = MODE_S; - tmpline[0] = '\0'; - - /* If logins are disabled, print out the message. */ - if(show_file(_PATH_NOLOGIN, 530) == 0) { - reply(530, "System not available."); - exit(0); - } - show_file(_PATH_FTPWELCOME, 220); - /* reply(220,) must follow */ - gethostname(hostname, sizeof(hostname)); - - reply(220, "%s FTP server (%s" -#ifdef KRB5 - "+%s" -#endif -#ifdef KRB4 - "+%s" -#endif - ") ready.", hostname, version -#ifdef KRB5 - ,heimdal_version -#endif -#ifdef KRB4 - ,krb4_version -#endif - ); - - for (;;) - yyparse(); - /* NOTREACHED */ -} - -static RETSIGTYPE -lostconn(int signo) -{ - - if (debug) - syslog(LOG_DEBUG, "lost connection"); - dologout(-1); -} - -/* - * Helper function for sgetpwnam(). - */ -static char * -sgetsave(char *s) -{ - char *new = strdup(s); - - if (new == NULL) { - perror_reply(421, "Local resource failure: malloc"); - dologout(1); - /* NOTREACHED */ - } - return new; -} - -/* - * Save the result of a getpwnam. Used for USER command, since - * the data returned must not be clobbered by any other command - * (e.g., globbing). - */ -static struct passwd * -sgetpwnam(char *name) -{ - static struct passwd save; - struct passwd *p; - - if ((p = k_getpwnam(name)) == NULL) - return (p); - if (save.pw_name) { - free(save.pw_name); - free(save.pw_passwd); - free(save.pw_gecos); - free(save.pw_dir); - free(save.pw_shell); - } - save = *p; - save.pw_name = sgetsave(p->pw_name); - save.pw_passwd = sgetsave(p->pw_passwd); - save.pw_gecos = sgetsave(p->pw_gecos); - save.pw_dir = sgetsave(p->pw_dir); - save.pw_shell = sgetsave(p->pw_shell); - return (&save); -} - -static int login_attempts; /* number of failed login attempts */ -static int askpasswd; /* had user command, ask for passwd */ -static char curname[10]; /* current USER name */ -#ifdef OTP -OtpContext otp_ctx; -#endif - -/* - * USER command. - * Sets global passwd pointer pw if named account exists and is acceptable; - * sets askpasswd if a PASS command is expected. If logged in previously, - * need to reset state. If name is "ftp" or "anonymous", the name is not in - * _PATH_FTPUSERS, and ftp account exists, set guest and pw, then just return. - * If account doesn't exist, ask for passwd anyway. Otherwise, check user - * requesting login privileges. Disallow anyone who does not have a standard - * shell as returned by getusershell(). Disallow anyone mentioned in the file - * _PATH_FTPUSERS to allow people such as root and uucp to be avoided. - */ -void -user(char *name) -{ - char *cp, *shell; - - if(auth_level == 0 && !sec_complete){ - reply(530, "No login allowed without authorization."); - return; - } - - if (logged_in) { - if (guest) { - reply(530, "Can't change user from guest login."); - return; - } else if (dochroot) { - reply(530, "Can't change user from chroot user."); - return; - } - end_login(); - } - - guest = 0; - if (strcmp(name, "ftp") == 0 || strcmp(name, "anonymous") == 0) { - if ((auth_level & AUTH_FTP) == 0 || - checkaccess("ftp") || - checkaccess("anonymous")) - reply(530, "User %s access denied.", name); - else if ((pw = sgetpwnam("ftp")) != NULL) { - guest = 1; - defumask = guest_umask; /* paranoia for incoming */ - askpasswd = 1; - reply(331, "Guest login ok, type your name as password."); - } else - reply(530, "User %s unknown.", name); - if (!askpasswd && logging) { - char data_addr[256]; - - if (inet_ntop (his_addr->sa_family, - socket_get_address(his_addr), - data_addr, sizeof(data_addr)) == NULL) - strlcpy (data_addr, "unknown address", - sizeof(data_addr)); - - syslog(LOG_NOTICE, - "ANONYMOUS FTP LOGIN REFUSED FROM %s(%s)", - remotehost, data_addr); - } - return; - } - if((auth_level & AUTH_PLAIN) == 0 && !sec_complete){ - reply(530, "Only authorized and anonymous login allowed."); - return; - } - if ((pw = sgetpwnam(name))) { - if ((shell = pw->pw_shell) == NULL || *shell == 0) - shell = _PATH_BSHELL; - while ((cp = getusershell()) != NULL) - if (strcmp(cp, shell) == 0) - break; - endusershell(); - - if (cp == NULL || checkaccess(name)) { - reply(530, "User %s access denied.", name); - if (logging) { - char data_addr[256]; - - if (inet_ntop (his_addr->sa_family, - socket_get_address(his_addr), - data_addr, - sizeof(data_addr)) == NULL) - strlcpy (data_addr, - "unknown address", - sizeof(data_addr)); - - syslog(LOG_NOTICE, - "FTP LOGIN REFUSED FROM %s(%s), %s", - remotehost, - data_addr, - name); - } - pw = (struct passwd *) NULL; - return; - } - } - if (logging) - strlcpy(curname, name, sizeof(curname)); - if(sec_complete) { - if(sec_userok(name) == 0) { - do_login(232, name); - sec_session(name); - } else - reply(530, "User %s access denied.", name); - } else { -#ifdef OTP - char ss[256]; - - if (otp_challenge(&otp_ctx, name, ss, sizeof(ss)) == 0) { - reply(331, "Password %s for %s required.", - ss, name); - askpasswd = 1; - } else -#endif - if ((auth_level & AUTH_OTP) == 0) { - reply(331, "Password required for %s.", name); - askpasswd = 1; - } else { -#ifdef OTP - char *s; - - if ((s = otp_error (&otp_ctx)) != NULL) - lreply(530, "OTP: %s", s); -#endif - reply(530, - "Only authorized, anonymous" -#ifdef OTP - " and OTP " -#endif - "login allowed."); - } - - } - /* - * Delay before reading passwd after first failed - * attempt to slow down passwd-guessing programs. - */ - if (login_attempts) - sleep(login_attempts); -} - -/* - * Check if a user is in the file "fname" - */ -static int -checkuser(char *fname, char *name) -{ - FILE *fd; - int found = 0; - char *p, line[BUFSIZ]; - - if ((fd = fopen(fname, "r")) != NULL) { - while (fgets(line, sizeof(line), fd) != NULL) - if ((p = strchr(line, '\n')) != NULL) { - *p = '\0'; - if (line[0] == '#') - continue; - if (strcmp(line, name) == 0) { - found = 1; - break; - } - } - fclose(fd); - } - return (found); -} - - -/* - * Determine whether a user has access, based on information in - * _PATH_FTPUSERS. The users are listed one per line, with `allow' - * or `deny' after the username. If anything other than `allow', or - * just nothing, is given after the username, `deny' is assumed. - * - * If the user is not found in the file, but the pseudo-user `*' is, - * the permission is taken from that line. - * - * This preserves the old semantics where if a user was listed in the - * file he was denied, otherwise he was allowed. - * - * Return 1 if the user is denied, or 0 if he is allowed. */ - -static int -match(const char *pattern, const char *string) -{ - return fnmatch(pattern, string, FNM_NOESCAPE); -} - -static int -checkaccess(char *name) -{ -#define ALLOWED 0 -#define NOT_ALLOWED 1 - FILE *fd; - int allowed = ALLOWED; - char *user, *perm, line[BUFSIZ]; - char *foo; - - fd = fopen(_PATH_FTPUSERS, "r"); - - if(fd == NULL) - return allowed; - - while (fgets(line, sizeof(line), fd) != NULL) { - foo = NULL; - user = strtok_r(line, " \t\n", &foo); - if (user == NULL || user[0] == '#') - continue; - perm = strtok_r(NULL, " \t\n", &foo); - if (match(user, name) == 0){ - if(perm && strcmp(perm, "allow") == 0) - allowed = ALLOWED; - else - allowed = NOT_ALLOWED; - break; - } - } - fclose(fd); - return allowed; -} -#undef ALLOWED -#undef NOT_ALLOWED - - -int do_login(int code, char *passwd) -{ - login_attempts = 0; /* this time successful */ - if (setegid((gid_t)pw->pw_gid) < 0) { - reply(550, "Can't set gid."); - return -1; - } - initgroups(pw->pw_name, pw->pw_gid); -#if defined(KRB4) || defined(KRB5) - if(k_hasafs()) - k_setpag(); -#endif - - /* open wtmp before chroot */ - ftpd_logwtmp(ttyline, pw->pw_name, remotehost); - logged_in = 1; - - dochroot = checkuser(_PATH_FTPCHROOT, pw->pw_name); - if (guest) { - /* - * We MUST do a chdir() after the chroot. Otherwise - * the old current directory will be accessible as "." - * outside the new root! - */ - if (chroot(pw->pw_dir) < 0 || chdir("/") < 0) { - reply(550, "Can't set guest privileges."); - return -1; - } - } else if (dochroot) { - if (chroot(pw->pw_dir) < 0 || chdir("/") < 0) { - reply(550, "Can't change root."); - return -1; - } - } else if (chdir(pw->pw_dir) < 0) { - if (chdir("/") < 0) { - reply(530, "User %s: can't change directory to %s.", - pw->pw_name, pw->pw_dir); - return -1; - } else - lreply(code, "No directory! Logging in with home=/"); - } - if (seteuid((uid_t)pw->pw_uid) < 0) { - reply(550, "Can't set uid."); - return -1; - } - - if(use_builtin_ls == -1) { - struct stat st; - /* if /bin/ls exist and is a regular file, use it, otherwise - use built-in ls */ - if(stat("/bin/ls", &st) == 0 && - S_ISREG(st.st_mode)) - use_builtin_ls = 0; - else - use_builtin_ls = 1; - } - - /* - * Display a login message, if it exists. - * N.B. reply(code,) must follow the message. - */ - show_file(_PATH_FTPLOGINMESG, code); - if(show_file(_PATH_ISSUE_NET, code) != 0) - show_file(_PATH_ISSUE, code); - if (guest) { - reply(code, "Guest login ok, access restrictions apply."); -#ifdef HAVE_SETPROCTITLE - snprintf (proctitle, sizeof(proctitle), - "%s: anonymous/%s", - remotehost, - passwd); - setproctitle("%s", proctitle); -#endif /* HAVE_SETPROCTITLE */ - if (logging) { - char data_addr[256]; - - if (inet_ntop (his_addr->sa_family, - socket_get_address(his_addr), - data_addr, sizeof(data_addr)) == NULL) - strlcpy (data_addr, "unknown address", - sizeof(data_addr)); - - syslog(LOG_INFO, "ANONYMOUS FTP LOGIN FROM %s(%s), %s", - remotehost, - data_addr, - passwd); - } - } else { - reply(code, "User %s logged in.", pw->pw_name); -#ifdef HAVE_SETPROCTITLE - snprintf(proctitle, sizeof(proctitle), "%s: %s", remotehost, pw->pw_name); - setproctitle("%s", proctitle); -#endif /* HAVE_SETPROCTITLE */ - if (logging) { - char data_addr[256]; - - if (inet_ntop (his_addr->sa_family, - socket_get_address(his_addr), - data_addr, sizeof(data_addr)) == NULL) - strlcpy (data_addr, "unknown address", - sizeof(data_addr)); - - syslog(LOG_INFO, "FTP LOGIN FROM %s(%s) as %s", - remotehost, - data_addr, - pw->pw_name); - } - } - umask(defumask); - return 0; -} - -/* - * Terminate login as previous user, if any, resetting state; - * used when USER command is given or login fails. - */ -static void -end_login(void) -{ - - if (seteuid((uid_t)0) < 0) - fatal("Failed to seteuid"); - if (logged_in) - ftpd_logwtmp(ttyline, "", ""); - pw = NULL; - logged_in = 0; - guest = 0; - dochroot = 0; -} - -#ifdef KRB5 -static int -krb5_verify(struct passwd *pwd, char *passwd) -{ - krb5_context context; - krb5_ccache id; - krb5_principal princ; - krb5_error_code ret; - - ret = krb5_init_context(&context); - if(ret) - return ret; - - ret = krb5_parse_name(context, pwd->pw_name, &princ); - if(ret){ - krb5_free_context(context); - return ret; - } - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &id); - if(ret){ - krb5_free_principal(context, princ); - krb5_free_context(context); - return ret; - } - ret = krb5_verify_user(context, - princ, - id, - passwd, - 1, - NULL); - krb5_free_principal(context, princ); - if (k_hasafs()) { - krb5_afslog_uid_home(context, id,NULL, NULL,pwd->pw_uid, pwd->pw_dir); - } - krb5_cc_destroy(context, id); - krb5_free_context (context); - if(ret) - return ret; - return 0; -} -#endif /* KRB5 */ - -void -pass(char *passwd) -{ - int rval; - - /* some clients insists on sending a password */ - if (logged_in && askpasswd == 0){ - reply(230, "Password not necessary"); - return; - } - - if (logged_in || askpasswd == 0) { - reply(503, "Login with USER first."); - return; - } - askpasswd = 0; - rval = 1; - if (!guest) { /* "ftp" is only account allowed no password */ - if (pw == NULL) - rval = 1; /* failure below */ -#ifdef OTP - else if (otp_verify_user (&otp_ctx, passwd) == 0) { - rval = 0; - } -#endif - else if((auth_level & AUTH_OTP) == 0) { -#ifdef KRB5 - rval = krb5_verify(pw, passwd); -#endif -#ifdef KRB4 - if (rval) { - char realm[REALM_SZ]; - if((rval = krb_get_lrealm(realm, 1)) == KSUCCESS) - rval = krb_verify_user(pw->pw_name, - "", realm, - passwd, - KRB_VERIFY_SECURE, NULL); - if (rval == KSUCCESS ) { - chown (tkt_string(), pw->pw_uid, pw->pw_gid); - if(k_hasafs()) - krb_afslog(0, 0); - } - } -#endif - if (rval) - rval = unix_verify_user(pw->pw_name, passwd); - } else { -#ifdef OTP - char *s; - if ((s = otp_error(&otp_ctx)) != NULL) - lreply(530, "OTP: %s", s); -#endif - } - memset (passwd, 0, strlen(passwd)); - - /* - * If rval == 1, the user failed the authentication - * check above. If rval == 0, either Kerberos or - * local authentication succeeded. - */ - if (rval) { - char data_addr[256]; - - if (inet_ntop (his_addr->sa_family, - socket_get_address(his_addr), - data_addr, sizeof(data_addr)) == NULL) - strlcpy (data_addr, "unknown address", - sizeof(data_addr)); - - reply(530, "Login incorrect."); - if (logging) - syslog(LOG_NOTICE, - "FTP LOGIN FAILED FROM %s(%s), %s", - remotehost, - data_addr, - curname); - pw = NULL; - if (login_attempts++ >= 5) { - syslog(LOG_NOTICE, - "repeated login failures from %s(%s)", - remotehost, - data_addr); - exit(0); - } - return; - } - } - if(!do_login(230, passwd)) - return; - - /* Forget all about it... */ - end_login(); -} - -void -retrieve(const char *cmd, char *name) -{ - FILE *fin = NULL, *dout; - struct stat st; - int (*closefunc) (FILE *); - char line[BUFSIZ]; - - - if (cmd == 0) { - fin = fopen(name, "r"); - closefunc = fclose; - st.st_size = 0; - if(fin == NULL){ - int save_errno = errno; - struct cmds { - const char *ext; - const char *cmd; - const char *rev_cmd; - } cmds[] = { - {".tar", "/bin/gtar cPf - %s", NULL}, - {".tar.gz", "/bin/gtar zcPf - %s", NULL}, - {".tar.Z", "/bin/gtar ZcPf - %s", NULL}, - {".gz", "/bin/gzip -c -- %s", "/bin/gzip -c -d -- %s"}, - {".Z", "/bin/compress -c -- %s", "/bin/uncompress -c -- %s"}, - {NULL, NULL} - }; - struct cmds *p; - for(p = cmds; p->ext; p++){ - char *tail = name + strlen(name) - strlen(p->ext); - char c = *tail; - - if(strcmp(tail, p->ext) == 0 && - (*tail = 0) == 0 && - access(name, R_OK) == 0){ - snprintf (line, sizeof(line), p->cmd, name); - *tail = c; - break; - } - *tail = c; - if (p->rev_cmd != NULL) { - char *ext; - int ret; - - ret = asprintf(&ext, "%s%s", name, p->ext); - if (ret != -1) { - if (access(ext, R_OK) == 0) { - snprintf (line, sizeof(line), - p->rev_cmd, ext); - free(ext); - break; - } - free(ext); - } - } - - } - if(p->ext){ - fin = ftpd_popen(line, "r", 0, 0); - closefunc = ftpd_pclose; - st.st_size = -1; - cmd = line; - } else - errno = save_errno; - } - } else { - snprintf(line, sizeof(line), cmd, name); - name = line; - fin = ftpd_popen(line, "r", 1, 0); - closefunc = ftpd_pclose; - st.st_size = -1; - } - if (fin == NULL) { - if (errno != 0) { - perror_reply(550, name); - if (cmd == 0) { - LOGCMD("get", name); - } - } - return; - } - byte_count = -1; - if (cmd == 0){ - if(fstat(fileno(fin), &st) < 0 || !S_ISREG(st.st_mode)) { - reply(550, "%s: not a plain file.", name); - goto done; - } - } - if (restart_point) { - if (type == TYPE_A) { - off_t i, n; - int c; - - n = restart_point; - i = 0; - while (i++ < n) { - if ((c=getc(fin)) == EOF) { - perror_reply(550, name); - goto done; - } - if (c == '\n') - i++; - } - } else if (lseek(fileno(fin), restart_point, SEEK_SET) < 0) { - perror_reply(550, name); - goto done; - } - } - dout = dataconn(name, st.st_size, "w"); - if (dout == NULL) - goto done; - set_buffer_size(fileno(dout), 0); - send_data(fin, dout); - fclose(dout); - data = -1; - pdata = -1; -done: - if (cmd == 0) - LOGBYTES("get", name, byte_count); - (*closefunc)(fin); -} - -/* filename sanity check */ - -int -filename_check(char *filename) -{ - char *p; - - p = strrchr(filename, '/'); - if(p) - filename = p + 1; - - p = filename; - - if(isalnum((unsigned char)*p)){ - p++; - while(*p && (isalnum((unsigned char)*p) || strchr(good_chars, (unsigned char)*p))) - p++; - if(*p == '\0') - return 0; - } - lreply(553, "\"%s\" is not an acceptable filename.", filename); - lreply(553, "The filename must start with an alphanumeric " - "character and must only"); - reply(553, "consist of alphanumeric characters or any of the following: %s", - good_chars); - return 1; -} - -void -do_store(char *name, char *mode, int unique) -{ - FILE *fout, *din; - struct stat st; - int (*closefunc) (FILE *); - - if(guest && filename_check(name)) - return; - if (unique && stat(name, &st) == 0 && - (name = gunique(name)) == NULL) { - LOGCMD(*mode == 'w' ? "put" : "append", name); - return; - } - - if (restart_point) - mode = "r+"; - fout = fopen(name, mode); - closefunc = fclose; - if (fout == NULL) { - perror_reply(553, name); - LOGCMD(*mode == 'w' ? "put" : "append", name); - return; - } - byte_count = -1; - if (restart_point) { - if (type == TYPE_A) { - off_t i, n; - int c; - - n = restart_point; - i = 0; - while (i++ < n) { - if ((c=getc(fout)) == EOF) { - perror_reply(550, name); - goto done; - } - if (c == '\n') - i++; - } - /* - * We must do this seek to "current" position - * because we are changing from reading to - * writing. - */ - if (fseek(fout, 0L, SEEK_CUR) < 0) { - perror_reply(550, name); - goto done; - } - } else if (lseek(fileno(fout), restart_point, SEEK_SET) < 0) { - perror_reply(550, name); - goto done; - } - } - din = dataconn(name, (off_t)-1, "r"); - if (din == NULL) - goto done; - set_buffer_size(fileno(din), 1); - if (receive_data(din, fout) == 0) { - if((*closefunc)(fout) < 0) - perror_reply(552, name); - else { - if (unique) - reply(226, "Transfer complete (unique file name:%s).", - name); - else - reply(226, "Transfer complete."); - } - } else - (*closefunc)(fout); - fclose(din); - data = -1; - pdata = -1; -done: - LOGBYTES(*mode == 'w' ? "put" : "append", name, byte_count); -} - -static FILE * -getdatasock(const char *mode, int domain) -{ - int s, t, tries; - - if (data >= 0) - return (fdopen(data, mode)); - if (seteuid(0) < 0) - fatal("Failed to seteuid"); - s = socket(domain, SOCK_STREAM, 0); - if (s < 0) - goto bad; - socket_set_reuseaddr (s, 1); - /* anchor socket to avoid multi-homing problems */ - socket_set_address_and_port (data_source, - socket_get_address (ctrl_addr), - socket_get_port (data_source)); - - for (tries = 1; ; tries++) { - if (bind(s, data_source, - socket_sockaddr_size (data_source)) >= 0) - break; - if (errno != EADDRINUSE || tries > 10) - goto bad; - sleep(tries); - } - if (seteuid(pw->pw_uid) < 0) - fatal("Failed to seteuid"); -#ifdef IPTOS_THROUGHPUT - socket_set_tos (s, IPTOS_THROUGHPUT); -#endif - return (fdopen(s, mode)); -bad: - /* Return the real value of errno (close may change it) */ - t = errno; - if (seteuid((uid_t)pw->pw_uid) < 0) - fatal("Failed to seteuid"); - close(s); - errno = t; - return (NULL); -} - -static int -accept_with_timeout(int socket, - struct sockaddr *address, - socklen_t *address_len, - struct timeval *timeout) -{ - int ret; - fd_set rfd; - FD_ZERO(&rfd); - FD_SET(socket, &rfd); - ret = select(socket + 1, &rfd, NULL, NULL, timeout); - if(ret < 0) - return ret; - if(ret == 0) { - errno = ETIMEDOUT; - return -1; - } - return accept(socket, address, address_len); -} - -static FILE * -dataconn(const char *name, off_t size, const char *mode) -{ - char sizebuf[32]; - FILE *file; - int domain, retry = 0; - - file_size = size; - byte_count = 0; - if (size >= 0) - snprintf(sizebuf, sizeof(sizebuf), " (%ld bytes)", (long)size); - else - *sizebuf = '\0'; - if (pdata >= 0) { - struct sockaddr_storage from_ss; - struct sockaddr *from = (struct sockaddr *)&from_ss; - struct timeval timeout; - int s; - socklen_t fromlen = sizeof(from_ss); - - timeout.tv_sec = 15; - timeout.tv_usec = 0; - s = accept_with_timeout(pdata, from, &fromlen, &timeout); - if (s < 0) { - reply(425, "Can't open data connection."); - close(pdata); - pdata = -1; - return (NULL); - } - close(pdata); - pdata = s; -#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT) - { - int tos = IPTOS_THROUGHPUT; - - setsockopt(s, IPPROTO_IP, IP_TOS, (void *)&tos, - sizeof(tos)); - } -#endif - reply(150, "Opening %s mode data connection for '%s'%s.", - type == TYPE_A ? "ASCII" : "BINARY", name, sizebuf); - return (fdopen(pdata, mode)); - } - if (data >= 0) { - reply(125, "Using existing data connection for '%s'%s.", - name, sizebuf); - usedefault = 1; - return (fdopen(data, mode)); - } - if (usedefault) - data_dest = his_addr; - usedefault = 1; - /* - * Default to using the same socket type as the ctrl address, - * unless we know the type of the data address. - */ - domain = data_dest->sa_family; - if (domain == PF_UNSPEC) - domain = ctrl_addr->sa_family; - - file = getdatasock(mode, domain); - if (file == NULL) { - char data_addr[256]; - - if (inet_ntop (data_source->sa_family, - socket_get_address(data_source), - data_addr, sizeof(data_addr)) == NULL) - strlcpy (data_addr, "unknown address", - sizeof(data_addr)); - - reply(425, "Can't create data socket (%s,%d): %s.", - data_addr, - socket_get_port (data_source), - strerror(errno)); - return (NULL); - } - data = fileno(file); - while (connect(data, data_dest, - socket_sockaddr_size(data_dest)) < 0) { - if (errno == EADDRINUSE && retry < swaitmax) { - sleep(swaitint); - retry += swaitint; - continue; - } - perror_reply(425, "Can't build data connection"); - fclose(file); - data = -1; - return (NULL); - } - reply(150, "Opening %s mode data connection for '%s'%s.", - type == TYPE_A ? "ASCII" : "BINARY", name, sizebuf); - return (file); -} - -/* - * Tranfer the contents of "instr" to "outstr" peer using the appropriate - * encapsulation of the data subject * to Mode, Structure, and Type. - * - * NB: Form isn't handled. - */ -static void -send_data(FILE *instr, FILE *outstr) -{ - int c, cnt, filefd, netfd; - static char *buf; - static size_t bufsize; - - transflag = 1; - switch (type) { - - case TYPE_A: - while ((c = getc(instr)) != EOF) { - if (urgflag && handleoobcmd()) - return; - byte_count++; - if(c == '\n') - sec_putc('\r', outstr); - sec_putc(c, outstr); - } - sec_fflush(outstr); - transflag = 0; - urgflag = 0; - if (ferror(instr)) - goto file_err; - if (ferror(outstr)) - goto data_err; - reply(226, "Transfer complete."); - return; - - case TYPE_I: - case TYPE_L: -#if 0 /* XXX handle urg flag */ -#if defined(HAVE_MMAP) && !defined(NO_MMAP) -#ifndef MAP_FAILED -#define MAP_FAILED (-1) -#endif - { - struct stat st; - char *chunk; - int in = fileno(instr); - if(fstat(in, &st) == 0 && S_ISREG(st.st_mode) - && st.st_size > 0) { - /* - * mmap zero bytes has potential of loosing, don't do it. - */ - chunk = mmap(0, st.st_size, PROT_READ, - MAP_SHARED, in, 0); - if((void *)chunk != (void *)MAP_FAILED) { - cnt = st.st_size - restart_point; - sec_write(fileno(outstr), chunk + restart_point, cnt); - if (munmap(chunk, st.st_size) < 0) - warn ("munmap"); - sec_fflush(outstr); - byte_count = cnt; - transflag = 0; - urgflag = 0; - } - } - } -#endif -#endif - if(transflag) { - struct stat st; - - netfd = fileno(outstr); - filefd = fileno(instr); - buf = alloc_buffer (buf, &bufsize, - fstat(filefd, &st) >= 0 ? &st : NULL); - if (buf == NULL) { - transflag = 0; - urgflag = 0; - perror_reply(451, "Local resource failure: malloc"); - return; - } - while ((cnt = read(filefd, buf, bufsize)) > 0 && - sec_write(netfd, buf, cnt) == cnt) { - byte_count += cnt; - if (urgflag && handleoobcmd()) - return; - } - sec_fflush(outstr); /* to end an encrypted stream */ - transflag = 0; - urgflag = 0; - if (cnt != 0) { - if (cnt < 0) - goto file_err; - goto data_err; - } - } - reply(226, "Transfer complete."); - return; - default: - transflag = 0; - urgflag = 0; - reply(550, "Unimplemented TYPE %d in send_data", type); - return; - } - -data_err: - transflag = 0; - urgflag = 0; - perror_reply(426, "Data connection"); - return; - -file_err: - transflag = 0; - urgflag = 0; - perror_reply(551, "Error on input file"); -} - -/* - * Transfer data from peer to "outstr" using the appropriate encapulation of - * the data subject to Mode, Structure, and Type. - * - * N.B.: Form isn't handled. - */ -static int -receive_data(FILE *instr, FILE *outstr) -{ - int cnt, bare_lfs = 0; - static char *buf; - static size_t bufsize; - struct stat st; - - transflag = 1; - - buf = alloc_buffer (buf, &bufsize, - fstat(fileno(outstr), &st) >= 0 ? &st : NULL); - if (buf == NULL) { - transflag = 0; - urgflag = 0; - perror_reply(451, "Local resource failure: malloc"); - return -1; - } - - switch (type) { - - case TYPE_I: - case TYPE_L: - while ((cnt = sec_read(fileno(instr), buf, bufsize)) > 0) { - if (write(fileno(outstr), buf, cnt) != cnt) - goto file_err; - byte_count += cnt; - if (urgflag && handleoobcmd()) - return (-1); - } - if (cnt < 0) - goto data_err; - transflag = 0; - urgflag = 0; - return (0); - - case TYPE_E: - reply(553, "TYPE E not implemented."); - transflag = 0; - urgflag = 0; - return (-1); - - case TYPE_A: - { - char *p, *q; - int cr_flag = 0; - while ((cnt = sec_read(fileno(instr), - buf + cr_flag, - bufsize - cr_flag)) > 0){ - if (urgflag && handleoobcmd()) - return (-1); - byte_count += cnt; - cnt += cr_flag; - cr_flag = 0; - for(p = buf, q = buf; p < buf + cnt;) { - if(*p == '\n') - bare_lfs++; - if(*p == '\r') { - if(p == buf + cnt - 1){ - cr_flag = 1; - p++; - continue; - }else if(p[1] == '\n'){ - *q++ = '\n'; - p += 2; - continue; - } - } - *q++ = *p++; - } - fwrite(buf, q - buf, 1, outstr); - if(cr_flag) - buf[0] = '\r'; - } - if(cr_flag) - putc('\r', outstr); - fflush(outstr); - if (ferror(instr)) - goto data_err; - if (ferror(outstr)) - goto file_err; - transflag = 0; - urgflag = 0; - if (bare_lfs) { - lreply(226, "WARNING! %d bare linefeeds received in ASCII mode\r\n" - " File may not have transferred correctly.\r\n", - bare_lfs); - } - return (0); - } - default: - reply(550, "Unimplemented TYPE %d in receive_data", type); - transflag = 0; - urgflag = 0; - return (-1); - } - -data_err: - transflag = 0; - urgflag = 0; - perror_reply(426, "Data Connection"); - return (-1); - -file_err: - transflag = 0; - urgflag = 0; - perror_reply(452, "Error writing file"); - return (-1); -} - -void -statfilecmd(char *filename) -{ - FILE *fin; - int c; - char line[LINE_MAX]; - - snprintf(line, sizeof(line), "/bin/ls -la -- %s", filename); - fin = ftpd_popen(line, "r", 1, 0); - lreply(211, "status of %s:", filename); - while ((c = getc(fin)) != EOF) { - if (c == '\n') { - if (ferror(stdout)){ - perror_reply(421, "control connection"); - ftpd_pclose(fin); - dologout(1); - /* NOTREACHED */ - } - if (ferror(fin)) { - perror_reply(551, filename); - ftpd_pclose(fin); - return; - } - putc('\r', stdout); - } - putc(c, stdout); - } - ftpd_pclose(fin); - reply(211, "End of Status"); -} - -void -statcmd(void) -{ -#if 0 - struct sockaddr_in *sin; - u_char *a, *p; - - lreply(211, "%s FTP server (%s) status:", hostname, version); - printf(" %s\r\n", version); - printf(" Connected to %s", remotehost); - if (!isdigit((unsigned char)remotehost[0])) - printf(" (%s)", inet_ntoa(his_addr.sin_addr)); - printf("\r\n"); - if (logged_in) { - if (guest) - printf(" Logged in anonymously\r\n"); - else - printf(" Logged in as %s\r\n", pw->pw_name); - } else if (askpasswd) - printf(" Waiting for password\r\n"); - else - printf(" Waiting for user name\r\n"); - printf(" TYPE: %s", typenames[type]); - if (type == TYPE_A || type == TYPE_E) - printf(", FORM: %s", formnames[form]); - if (type == TYPE_L) -#if NBBY == 8 - printf(" %d", NBBY); -#else - printf(" %d", bytesize); /* need definition! */ -#endif - printf("; STRUcture: %s; transfer MODE: %s\r\n", - strunames[stru], modenames[mode]); - if (data != -1) - printf(" Data connection open\r\n"); - else if (pdata != -1) { - printf(" in Passive mode"); - sin = &pasv_addr; - goto printaddr; - } else if (usedefault == 0) { - printf(" PORT"); - sin = &data_dest; -printaddr: - a = (u_char *) &sin->sin_addr; - p = (u_char *) &sin->sin_port; -#define UC(b) (((int) b) & 0xff) - printf(" (%d,%d,%d,%d,%d,%d)\r\n", UC(a[0]), - UC(a[1]), UC(a[2]), UC(a[3]), UC(p[0]), UC(p[1])); -#undef UC - } else - printf(" No data connection\r\n"); -#endif - reply(211, "End of status"); -} - -void -fatal(char *s) -{ - - reply(451, "Error in server: %s\n", s); - reply(221, "Closing connection due to server error."); - dologout(0); - /* NOTREACHED */ -} - -static void -int_reply(int, char *, const char *, va_list) -#ifdef __GNUC__ -__attribute__ ((format (printf, 3, 0))) -#endif -; - -static void -int_reply(int n, char *c, const char *fmt, va_list ap) -{ - char buf[10240]; - char *p; - p=buf; - if(n){ - snprintf(p, sizeof(buf), "%d%s", n, c); - p+=strlen(p); - } - vsnprintf(p, sizeof(buf) - strlen(p), fmt, ap); - p+=strlen(p); - snprintf(p, sizeof(buf) - strlen(p), "\r\n"); - p+=strlen(p); - sec_fprintf(stdout, "%s", buf); - fflush(stdout); - if (debug) - syslog(LOG_DEBUG, "<--- %s- ", buf); -} - -void -reply(int n, const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - int_reply(n, " ", fmt, ap); - delete_ftp_command(); - va_end(ap); -} - -void -lreply(int n, const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - int_reply(n, "-", fmt, ap); - va_end(ap); -} - -void -nreply(const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - int_reply(0, NULL, fmt, ap); - va_end(ap); -} - -static void -ack(char *s) -{ - - reply(250, "%s command successful.", s); -} - -void -nack(char *s) -{ - - reply(502, "%s command not implemented.", s); -} - -void -do_delete(char *name) -{ - struct stat st; - - LOGCMD("delete", name); - if (stat(name, &st) < 0) { - perror_reply(550, name); - return; - } - if ((st.st_mode&S_IFMT) == S_IFDIR) { - if (rmdir(name) < 0) { - perror_reply(550, name); - return; - } - goto done; - } - if (unlink(name) < 0) { - perror_reply(550, name); - return; - } -done: - ack("DELE"); -} - -void -cwd(char *path) -{ - - if (chdir(path) < 0) - perror_reply(550, path); - else - ack("CWD"); -} - -void -makedir(char *name) -{ - - LOGCMD("mkdir", name); - if(guest && filename_check(name)) - return; - if (mkdir(name, 0777) < 0) - perror_reply(550, name); - else{ - if(guest) - chmod(name, 0700); /* guest has umask 777 */ - reply(257, "MKD command successful."); - } -} - -void -removedir(char *name) -{ - - LOGCMD("rmdir", name); - if (rmdir(name) < 0) - perror_reply(550, name); - else - ack("RMD"); -} - -void -pwd(void) -{ - char path[MaxPathLen]; - char *ret; - - /* SunOS has a broken getcwd that does popen(pwd) (!!!), this - * failes miserably when running chroot - */ - ret = getcwd(path, sizeof(path)); - if (ret == NULL) - reply(550, "%s.", strerror(errno)); - else - reply(257, "\"%s\" is current directory.", path); -} - -char * -renamefrom(char *name) -{ - struct stat st; - - if (stat(name, &st) < 0) { - perror_reply(550, name); - return NULL; - } - reply(350, "File exists, ready for destination name"); - return (name); -} - -void -renamecmd(char *from, char *to) -{ - - LOGCMD2("rename", from, to); - if(guest && filename_check(to)) - return; - if (rename(from, to) < 0) - perror_reply(550, "rename"); - else - ack("RNTO"); -} - -static void -dolog(struct sockaddr *sa, int len) -{ - getnameinfo_verified (sa, len, remotehost, sizeof(remotehost), - NULL, 0, 0); -#ifdef HAVE_SETPROCTITLE - snprintf(proctitle, sizeof(proctitle), "%s: connected", remotehost); - setproctitle("%s", proctitle); -#endif /* HAVE_SETPROCTITLE */ - - if (logging) { - char data_addr[256]; - - if (inet_ntop (his_addr->sa_family, - socket_get_address(his_addr), - data_addr, sizeof(data_addr)) == NULL) - strlcpy (data_addr, "unknown address", - sizeof(data_addr)); - - - syslog(LOG_INFO, "connection from %s(%s)", - remotehost, - data_addr); - } -} - -/* - * Record logout in wtmp file - * and exit with supplied status. - */ -void -dologout(int status) -{ - transflag = 0; - urgflag = 0; - if (logged_in) { -#if KRB4 || KRB5 - cond_kdestroy(); -#endif - seteuid((uid_t)0); /* No need to check, we call exit() below */ - ftpd_logwtmp(ttyline, "", ""); - } - /* beware of flushing buffers after a SIGPIPE */ -#ifdef XXX - exit(status); -#else - _exit(status); -#endif -} - -void abor(void) -{ - if (!transflag) - return; - reply(426, "Transfer aborted. Data connection closed."); - reply(226, "Abort successful"); - transflag = 0; -} - -static void -myoob(int signo) -{ - urgflag = 1; -} - -static char * -mec_space(char *p) -{ - while(isspace(*(unsigned char *)p)) - p++; - return p; -} - -static int -handleoobcmd(void) -{ - char *cp; - - /* only process if transfer occurring */ - if (!transflag) - return 0; - - urgflag = 0; - - cp = tmpline; - if (ftpd_getline(cp, sizeof(tmpline)) == NULL) { - reply(221, "You could at least say goodbye."); - dologout(0); - } - - if (strncasecmp("MIC", cp, 3) == 0) { - mec(mec_space(cp + 3), prot_safe); - } else if (strncasecmp("CONF", cp, 4) == 0) { - mec(mec_space(cp + 4), prot_confidential); - } else if (strncasecmp("ENC", cp, 3) == 0) { - mec(mec_space(cp + 3), prot_private); - } else if (!allow_insecure_oob) { - reply(533, "Command protection level denied " - "for paranoid reasons."); - goto out; - } - - if (secure_command()) - cp = ftp_command; - - if (strcasecmp(cp, "ABOR\r\n") == 0) { - abor(); - } else if (strcasecmp(cp, "STAT\r\n") == 0) { - if (file_size != (off_t) -1) - reply(213, "Status: %ld of %ld bytes transferred", - (long)byte_count, - (long)file_size); - else - reply(213, "Status: %ld bytes transferred", - (long)byte_count); - } -out: - return (transflag == 0); -} - -/* - * Note: a response of 425 is not mentioned as a possible response to - * the PASV command in RFC959. However, it has been blessed as - * a legitimate response by Jon Postel in a telephone conversation - * with Rick Adams on 25 Jan 89. - */ -void -pasv(void) -{ - socklen_t len; - char *p, *a; - struct sockaddr_in *sin; - - if (ctrl_addr->sa_family != AF_INET) { - reply(425, - "You cannot do PASV with something that's not IPv4"); - return; - } - - if(pdata != -1) - close(pdata); - - pdata = socket(ctrl_addr->sa_family, SOCK_STREAM, 0); - if (pdata < 0) { - perror_reply(425, "Can't open passive connection"); - return; - } - pasv_addr->sa_family = ctrl_addr->sa_family; - socket_set_address_and_port (pasv_addr, - socket_get_address (ctrl_addr), - 0); - socket_set_portrange(pdata, restricted_data_ports, - pasv_addr->sa_family); - if (seteuid(0) < 0) - fatal("Failed to seteuid"); - if (bind(pdata, pasv_addr, socket_sockaddr_size (pasv_addr)) < 0) { - if (seteuid(pw->pw_uid) < 0) - fatal("Failed to seteuid"); - goto pasv_error; - } - if (seteuid(pw->pw_uid) < 0) - fatal("Failed to seteuid"); - len = sizeof(pasv_addr_ss); - if (getsockname(pdata, pasv_addr, &len) < 0) - goto pasv_error; - if (listen(pdata, 1) < 0) - goto pasv_error; - sin = (struct sockaddr_in *)pasv_addr; - a = (char *) &sin->sin_addr; - p = (char *) &sin->sin_port; - -#define UC(b) (((int) b) & 0xff) - - reply(227, "Entering Passive Mode (%d,%d,%d,%d,%d,%d)", UC(a[0]), - UC(a[1]), UC(a[2]), UC(a[3]), UC(p[0]), UC(p[1])); - return; - -pasv_error: - close(pdata); - pdata = -1; - perror_reply(425, "Can't open passive connection"); - return; -} - -void -epsv(char *proto) -{ - socklen_t len; - - pdata = socket(ctrl_addr->sa_family, SOCK_STREAM, 0); - if (pdata < 0) { - perror_reply(425, "Can't open passive connection"); - return; - } - pasv_addr->sa_family = ctrl_addr->sa_family; - socket_set_address_and_port (pasv_addr, - socket_get_address (ctrl_addr), - 0); - socket_set_portrange(pdata, restricted_data_ports, - pasv_addr->sa_family); - if (seteuid(0) < 0) - fatal("Failed to seteuid"); - if (bind(pdata, pasv_addr, socket_sockaddr_size (pasv_addr)) < 0) { - if (seteuid(pw->pw_uid)) - fatal("Failed to seteuid"); - goto pasv_error; - } - if (seteuid(pw->pw_uid) < 0) - fatal("Failed to seteuid"); - len = sizeof(pasv_addr_ss); - if (getsockname(pdata, pasv_addr, &len) < 0) - goto pasv_error; - if (listen(pdata, 1) < 0) - goto pasv_error; - - reply(229, "Entering Extended Passive Mode (|||%d|)", - ntohs(socket_get_port (pasv_addr))); - return; - -pasv_error: - close(pdata); - pdata = -1; - perror_reply(425, "Can't open passive connection"); - return; -} - -void -eprt(char *str) -{ - char *end; - char sep; - int af; - int ret; - int port; - - usedefault = 0; - if (pdata >= 0) { - close(pdata); - pdata = -1; - } - - sep = *str++; - if (sep == '\0') { - reply(500, "Bad syntax in EPRT"); - return; - } - af = strtol (str, &end, 0); - if (af == 0 || *end != sep) { - reply(500, "Bad syntax in EPRT"); - return; - } - str = end + 1; - switch (af) { -#ifdef HAVE_IPV6 - case 2 : - data_dest->sa_family = AF_INET6; - break; -#endif - case 1 : - data_dest->sa_family = AF_INET; - break; - default : - reply(522, "Network protocol %d not supported, use (1" -#ifdef HAVE_IPV6 - ",2" -#endif - ")", af); - return; - } - end = strchr (str, sep); - if (end == NULL) { - reply(500, "Bad syntax in EPRT"); - return; - } - *end = '\0'; - ret = inet_pton (data_dest->sa_family, str, - socket_get_address (data_dest)); - - if (ret != 1) { - reply(500, "Bad address syntax in EPRT"); - return; - } - str = end + 1; - port = strtol (str, &end, 0); - if (port == 0 || *end != sep) { - reply(500, "Bad port syntax in EPRT"); - return; - } - socket_set_port (data_dest, htons(port)); - reply(200, "EPRT command successful."); -} - -/* - * Generate unique name for file with basename "local". - * The file named "local" is already known to exist. - * Generates failure reply on error. - */ -static char * -gunique(char *local) -{ - static char new[MaxPathLen]; - struct stat st; - int count; - char *cp; - - cp = strrchr(local, '/'); - if (cp) - *cp = '\0'; - if (stat(cp ? local : ".", &st) < 0) { - perror_reply(553, cp ? local : "."); - return NULL; - } - if (cp) - *cp = '/'; - for (count = 1; count < 100; count++) { - snprintf (new, sizeof(new), "%s.%d", local, count); - if (stat(new, &st) < 0) - return (new); - } - reply(452, "Unique file name cannot be created."); - return (NULL); -} - -/* - * Format and send reply containing system error number. - */ -void -perror_reply(int code, const char *string) -{ - reply(code, "%s: %s.", string, strerror(errno)); -} - -static char *onefile[] = { - "", - 0 -}; - -void -list_file(char *file) -{ - if(use_builtin_ls) { - FILE *dout; - dout = dataconn(file, -1, "w"); - if (dout == NULL) - return; - set_buffer_size(fileno(dout), 0); - if(builtin_ls(dout, file) == 0) - reply(226, "Transfer complete."); - else - reply(451, "Requested action aborted. Local error in processing."); - fclose(dout); - data = -1; - pdata = -1; - } else { -#ifdef HAVE_LS_A - const char *cmd = "/bin/ls -lA %s"; -#else - const char *cmd = "/bin/ls -la %s"; -#endif - retrieve(cmd, file); - } -} - -void -send_file_list(char *whichf) -{ - struct stat st; - DIR *dirp = NULL; - struct dirent *dir; - FILE *dout = NULL; - char **dirlist, *dirname; - int simple = 0; - int freeglob = 0; - glob_t gl; - char buf[MaxPathLen]; - - if (strpbrk(whichf, "~{[*?") != NULL) { - int flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE| -#ifdef GLOB_MAXPATH - GLOB_MAXPATH -#else - GLOB_LIMIT -#endif - ; - - memset(&gl, 0, sizeof(gl)); - freeglob = 1; - if (glob(whichf, flags, 0, &gl)) { - reply(550, "not found"); - goto out; - } else if (gl.gl_pathc == 0) { - errno = ENOENT; - perror_reply(550, whichf); - goto out; - } - dirlist = gl.gl_pathv; - } else { - onefile[0] = whichf; - dirlist = onefile; - simple = 1; - } - - while ((dirname = *dirlist++)) { - - if (urgflag && handleoobcmd()) - goto out; - - if (stat(dirname, &st) < 0) { - /* - * If user typed "ls -l", etc, and the client - * used NLST, do what the user meant. - */ - if (dirname[0] == '-' && *dirlist == NULL && - transflag == 0) { - list_file(dirname); - goto out; - } - perror_reply(550, whichf); - goto out; - } - - if (S_ISREG(st.st_mode)) { - if (dout == NULL) { - dout = dataconn("file list", (off_t)-1, "w"); - if (dout == NULL) - goto out; - transflag = 1; - } - snprintf(buf, sizeof(buf), "%s%s\n", dirname, - type == TYPE_A ? "\r" : ""); - sec_write(fileno(dout), buf, strlen(buf)); - byte_count += strlen(dirname) + 1; - continue; - } else if (!S_ISDIR(st.st_mode)) - continue; - - if ((dirp = opendir(dirname)) == NULL) - continue; - - while ((dir = readdir(dirp)) != NULL) { - char nbuf[MaxPathLen]; - - if (urgflag && handleoobcmd()) - goto out; - - if (!strcmp(dir->d_name, ".")) - continue; - if (!strcmp(dir->d_name, "..")) - continue; - - snprintf(nbuf, sizeof(nbuf), "%s/%s", dirname, dir->d_name); - - /* - * We have to do a stat to insure it's - * not a directory or special file. - */ - if (simple || (stat(nbuf, &st) == 0 && - S_ISREG(st.st_mode))) { - if (dout == NULL) { - dout = dataconn("file list", (off_t)-1, "w"); - if (dout == NULL) - goto out; - transflag = 1; - } - if(strncmp(nbuf, "./", 2) == 0) - snprintf(buf, sizeof(buf), "%s%s\n", nbuf +2, - type == TYPE_A ? "\r" : ""); - else - snprintf(buf, sizeof(buf), "%s%s\n", nbuf, - type == TYPE_A ? "\r" : ""); - sec_write(fileno(dout), buf, strlen(buf)); - byte_count += strlen(nbuf) + 1; - } - } - closedir(dirp); - } - if (dout == NULL) - reply(550, "No files found."); - else if (ferror(dout) != 0) - perror_reply(550, "Data connection"); - else - reply(226, "Transfer complete."); - -out: - transflag = 0; - if (dout != NULL){ - sec_write(fileno(dout), buf, 0); /* XXX flush */ - - fclose(dout); - } - data = -1; - pdata = -1; - if (freeglob) { - freeglob = 0; - globfree(&gl); - } -} - - -int -find(char *pattern) -{ - char line[1024]; - FILE *f; - - snprintf(line, sizeof(line), - "/bin/locate -d %s -- %s", - ftp_rooted("/etc/locatedb"), - pattern); - f = ftpd_popen(line, "r", 1, 1); - if(f == NULL){ - perror_reply(550, "/bin/locate"); - return 1; - } - lreply(200, "Output from find."); - while(fgets(line, sizeof(line), f)){ - if(line[strlen(line)-1] == '\n') - line[strlen(line)-1] = 0; - nreply("%s", line); - } - reply(200, "Done"); - ftpd_pclose(f); - return 0; -} - diff --git a/crypto/heimdal/appl/ftp/ftpd/ftpd_locl.h b/crypto/heimdal/appl/ftp/ftpd/ftpd_locl.h deleted file mode 100644 index f5574e970543..000000000000 --- a/crypto/heimdal/appl/ftp/ftpd/ftpd_locl.h +++ /dev/null @@ -1,175 +0,0 @@ -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: ftpd_locl.h 14933 2005-04-24 19:58:14Z lha $ */ - -#ifndef __ftpd_locl_h__ -#define __ftpd_locl_h__ - -#ifdef HAVE_CONFIG_H -#include -#endif - -/* - * FTP server. - */ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 -#include -#endif -#ifdef HAVE_SYS_IOCCOM_H -#include -#endif -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif -#ifdef HAVE_SYS_WAIT_H -#include -#endif - -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN_SYSTM_H -#include -#endif -#ifdef HAVE_NETINET_IP_H -#include -#endif - -#ifdef HAVE_SYS_MMAN_H -#include -#endif - -#include -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_ARPA_TELNET_H -#include -#endif - -#include -#ifdef HAVE_DIRENT_H -#include -#endif -#include -#ifdef HAVE_FCNTL_H -#include -#endif -#include -#include -#ifdef HAVE_PWD_H -#include -#endif -#include -#include -#include -#include -#include -#ifdef HAVE_SYSLOG_H -#include -#endif -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_GRP_H -#include -#endif -#include - -#ifdef HAVE_BSD_BSD_H -#include -#endif - -#include -#include "roken.h" - -#include "pathnames.h" -#include "extern.h" -#include "common.h" - -#include "security.h" - -#ifdef KRB5 -#include -#endif /* KRB5 */ - -#ifdef KRB4 -#include -#endif - -#if defined(KRB4) || defined(KRB5) -#include -#endif - -#ifdef OTP -#include -#endif - -#ifdef SOCKS -#include -extern int LIBPREFIX(fclose) (FILE *); -#endif - -/* SunOS doesn't have any declaration of fclose */ - -int fclose(FILE *stream); - -int yyparse(void); - -#ifndef LOG_FTP -#define LOG_FTP LOG_DAEMON -#endif - -#endif /* __ftpd_locl_h__ */ diff --git a/crypto/heimdal/appl/ftp/ftpd/ftpusers.5 b/crypto/heimdal/appl/ftp/ftpd/ftpusers.5 deleted file mode 100644 index 85b5f62b8a46..000000000000 --- a/crypto/heimdal/appl/ftp/ftpd/ftpusers.5 +++ /dev/null @@ -1,37 +0,0 @@ -.\" $Id: ftpusers.5 11176 2002-08-20 17:07:29Z joda $ -.\" -.Dd May 7, 1997 -.Dt FTPUSERS 5 -.Os KTH-KRB -.Sh NAME -.Pa /etc/ftpusers -.Nd FTP access list file -.Sh DESCRIPTION -.Pa /etc/ftpusers -contains a list of users that should be allowed or denied FTP -access. Each line contains a user, optionally followed by -.Dq allow -(anything but -.Dq allow -is ignored). The semi-user -.Dq * -matches any user. Users that has an explicit -.Dq allow , -or that does not match any line, are allowed access. Anyone else is -denied access. -.Pp -Note that this is compatible with the old format, where this file -contained a list of users that should be denied access. -.Sh EXAMPLES -This will deny anyone but -.Dq foo -and -.Dq bar -to use FTP: -.Bd -literal -foo allow -bar allow -* -.Ed -.Sh SEE ALSO -.Xr ftpd 8 diff --git a/crypto/heimdal/appl/ftp/ftpd/gss_userok.c b/crypto/heimdal/appl/ftp/ftpd/gss_userok.c deleted file mode 100644 index 6fa8f7e97571..000000000000 --- a/crypto/heimdal/appl/ftp/ftpd/gss_userok.c +++ /dev/null @@ -1,155 +0,0 @@ -/* - * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ftpd_locl.h" -#include -#include - -RCSID("$Id: gss_userok.c 21222 2007-06-20 10:11:14Z lha $"); - -/* XXX a bit too much of krb5 dependency here... - What is the correct way to do this? - */ - -struct gss_krb5_data { - krb5_context context; -}; - -/* XXX sync with gssapi.c */ -struct gss_data { - gss_ctx_id_t context_hdl; - char *client_name; - gss_cred_id_t delegated_cred_handle; - void *mech_data; -}; - -int gss_userok(void*, char*); /* to keep gcc happy */ -int gss_session(void*, char*); /* to keep gcc happy */ - -int -gss_userok(void *app_data, char *username) -{ - struct gss_data *data = app_data; - krb5_error_code ret; - krb5_principal client; - struct gss_krb5_data *kdata; - - kdata = calloc(1, sizeof(struct gss_krb5_data)); - if (kdata == NULL) - return 1; - data->mech_data = kdata; - - ret = krb5_init_context(&(kdata->context)); - if (ret) { - free(kdata); - return 1; - } - - ret = krb5_parse_name(kdata->context, data->client_name, &client); - if(ret) { - krb5_free_context(kdata->context); - free(kdata); - return 1; - } - ret = krb5_kuserok(kdata->context, client, username); - if (!ret) { - krb5_free_principal(kdata->context, client); - krb5_free_context(kdata->context); - free(kdata); - return 1; - } - - ret = 0; - krb5_free_principal(kdata->context, client); - return ret; -} - -int -gss_session(void *app_data, char *username) -{ - struct gss_data *data = app_data; - krb5_error_code ret; - OM_uint32 minor_status; - struct gss_krb5_data *kdata; - - ret = 0; - - kdata = (struct gss_krb5_data *)(data->mech_data); - - /* more of krb-depend stuff :-( */ - /* gss_add_cred() ? */ - if (data->delegated_cred_handle != GSS_C_NO_CREDENTIAL) { - krb5_ccache ccache = NULL; - const char* ticketfile; - struct passwd *kpw; - - ret = krb5_cc_gen_new(kdata->context, &krb5_fcc_ops, &ccache); - if (ret) - goto fail; - - ticketfile = krb5_cc_get_name(kdata->context, ccache); - - ret = gss_krb5_copy_ccache(&minor_status, - data->delegated_cred_handle, - ccache); - if (ret) { - ret = 0; - goto fail; - } - - do_destroy_tickets = 1; - - kpw = getpwnam(username); - - if (kpw == NULL) { - unlink(ticketfile); - ret = 1; - goto fail; - } - - chown (ticketfile, kpw->pw_uid, kpw->pw_gid); - - if (asprintf(&k5ccname, "FILE:%s", ticketfile) != -1) { - esetenv ("KRB5CCNAME", k5ccname, 1); - } - afslog(NULL, 1); - fail: - if (ccache) - krb5_cc_close(kdata->context, ccache); - } - - gss_release_cred(&minor_status, &data->delegated_cred_handle); - krb5_free_context(kdata->context); - free(kdata); - return ret; -} diff --git a/crypto/heimdal/appl/ftp/ftpd/gssapi.c b/crypto/heimdal/appl/ftp/ftpd/gssapi.c deleted file mode 100644 index 9432feb8290e..000000000000 --- a/crypto/heimdal/appl/ftp/ftpd/gssapi.c +++ /dev/null @@ -1,528 +0,0 @@ -/* - * Copyright (c) 1998 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef FTP_SERVER -#include "ftpd_locl.h" -#else -#include "ftp_locl.h" -#endif -#include -#include - -RCSID("$Id: gssapi.c 21513 2007-07-12 12:45:25Z lha $"); - -int ftp_do_gss_bindings = 0; -int ftp_do_gss_delegate = 1; - -struct gss_data { - gss_ctx_id_t context_hdl; - char *client_name; - gss_cred_id_t delegated_cred_handle; - void *mech_data; -}; - -static int -gss_init(void *app_data) -{ - struct gss_data *d = app_data; - d->context_hdl = GSS_C_NO_CONTEXT; - d->delegated_cred_handle = GSS_C_NO_CREDENTIAL; -#if defined(FTP_SERVER) - return 0; -#else - /* XXX Check the gss mechanism; with gss_indicate_mechs() ? */ -#ifdef KRB5 - return !use_kerberos; -#else - return 0; -#endif /* KRB5 */ -#endif /* FTP_SERVER */ -} - -static int -gss_check_prot(void *app_data, int level) -{ - if(level == prot_confidential) - return -1; - return 0; -} - -static int -gss_decode(void *app_data, void *buf, int len, int level) -{ - OM_uint32 maj_stat, min_stat; - gss_buffer_desc input, output; - gss_qop_t qop_state; - int conf_state; - struct gss_data *d = app_data; - size_t ret_len; - - input.length = len; - input.value = buf; - maj_stat = gss_unwrap (&min_stat, - d->context_hdl, - &input, - &output, - &conf_state, - &qop_state); - if(GSS_ERROR(maj_stat)) - return -1; - memmove(buf, output.value, output.length); - ret_len = output.length; - gss_release_buffer(&min_stat, &output); - return ret_len; -} - -static int -gss_overhead(void *app_data, int level, int len) -{ - return 100; /* dunno? */ -} - - -static int -gss_encode(void *app_data, void *from, int length, int level, void **to) -{ - OM_uint32 maj_stat, min_stat; - gss_buffer_desc input, output; - int conf_state; - struct gss_data *d = app_data; - - input.length = length; - input.value = from; - maj_stat = gss_wrap (&min_stat, - d->context_hdl, - level == prot_private, - GSS_C_QOP_DEFAULT, - &input, - &conf_state, - &output); - *to = output.value; - return output.length; -} - -static void -sockaddr_to_gss_address (struct sockaddr *sa, - OM_uint32 *addr_type, - gss_buffer_desc *gss_addr) -{ - switch (sa->sa_family) { -#ifdef HAVE_IPV6 - case AF_INET6 : { - struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; - - gss_addr->length = 16; - gss_addr->value = &sin6->sin6_addr; - *addr_type = GSS_C_AF_INET6; - break; - } -#endif - case AF_INET : { - struct sockaddr_in *sin4 = (struct sockaddr_in *)sa; - - gss_addr->length = 4; - gss_addr->value = &sin4->sin_addr; - *addr_type = GSS_C_AF_INET; - break; - } - default : - errx (1, "unknown address family %d", sa->sa_family); - - } -} - -/* end common stuff */ - -#ifdef FTP_SERVER - -static int -gss_adat(void *app_data, void *buf, size_t len) -{ - char *p = NULL; - gss_buffer_desc input_token, output_token; - OM_uint32 maj_stat, min_stat; - gss_name_t client_name; - struct gss_data *d = app_data; - gss_channel_bindings_t bindings; - - if (ftp_do_gss_bindings) { - bindings = malloc(sizeof(*bindings)); - if (bindings == NULL) - errx(1, "out of memory"); - - sockaddr_to_gss_address (his_addr, - &bindings->initiator_addrtype, - &bindings->initiator_address); - sockaddr_to_gss_address (ctrl_addr, - &bindings->acceptor_addrtype, - &bindings->acceptor_address); - - bindings->application_data.length = 0; - bindings->application_data.value = NULL; - } else - bindings = GSS_C_NO_CHANNEL_BINDINGS; - - input_token.value = buf; - input_token.length = len; - - maj_stat = gss_accept_sec_context (&min_stat, - &d->context_hdl, - GSS_C_NO_CREDENTIAL, - &input_token, - bindings, - &client_name, - NULL, - &output_token, - NULL, - NULL, - &d->delegated_cred_handle); - - if (bindings != GSS_C_NO_CHANNEL_BINDINGS) - free(bindings); - - if(output_token.length) { - if(base64_encode(output_token.value, output_token.length, &p) < 0) { - reply(535, "Out of memory base64-encoding."); - return -1; - } - gss_release_buffer(&min_stat, &output_token); - } - if(maj_stat == GSS_S_COMPLETE){ - char *name; - gss_buffer_desc export_name; - gss_OID oid; - - maj_stat = gss_display_name(&min_stat, client_name, - &export_name, &oid); - if(maj_stat != 0) { - reply(500, "Error displaying name"); - goto out; - } - /* XXX kerberos */ - if(oid != GSS_KRB5_NT_PRINCIPAL_NAME) { - reply(500, "OID not kerberos principal name"); - gss_release_buffer(&min_stat, &export_name); - goto out; - } - name = malloc(export_name.length + 1); - if(name == NULL) { - reply(500, "Out of memory"); - gss_release_buffer(&min_stat, &export_name); - goto out; - } - memcpy(name, export_name.value, export_name.length); - name[export_name.length] = '\0'; - gss_release_buffer(&min_stat, &export_name); - d->client_name = name; - if(p) - reply(235, "ADAT=%s", p); - else - reply(235, "ADAT Complete"); - sec_complete = 1; - - } else if(maj_stat == GSS_S_CONTINUE_NEEDED) { - if(p) - reply(335, "ADAT=%s", p); - else - reply(335, "OK, need more data"); - } else { - OM_uint32 new_stat; - OM_uint32 msg_ctx = 0; - gss_buffer_desc status_string; - gss_display_status(&new_stat, - min_stat, - GSS_C_MECH_CODE, - GSS_C_NO_OID, - &msg_ctx, - &status_string); - syslog(LOG_ERR, "gss_accept_sec_context: %s", - (char*)status_string.value); - gss_release_buffer(&new_stat, &status_string); - reply(431, "Security resource unavailable"); - } - out: - if (client_name) - gss_release_name(&min_stat, &client_name); - free(p); - return 0; -} - -int gss_userok(void*, char*); -int gss_session(void*, char*); - -struct sec_server_mech gss_server_mech = { - "GSSAPI", - sizeof(struct gss_data), - gss_init, /* init */ - NULL, /* end */ - gss_check_prot, - gss_overhead, - gss_encode, - gss_decode, - /* */ - NULL, - gss_adat, - NULL, /* pbsz */ - NULL, /* ccc */ - gss_userok, - gss_session -}; - -#else /* FTP_SERVER */ - -extern struct sockaddr *hisctladdr, *myctladdr; - -static int -import_name(const char *kname, const char *host, gss_name_t *target_name) -{ - OM_uint32 maj_stat, min_stat; - gss_buffer_desc name; - char *str; - - name.length = asprintf(&str, "%s@%s", kname, host); - if (str == NULL) { - printf("Out of memory\n"); - return AUTH_ERROR; - } - name.value = str; - - maj_stat = gss_import_name(&min_stat, - &name, - GSS_C_NT_HOSTBASED_SERVICE, - target_name); - if (GSS_ERROR(maj_stat)) { - OM_uint32 new_stat; - OM_uint32 msg_ctx = 0; - gss_buffer_desc status_string; - - gss_display_status(&new_stat, - min_stat, - GSS_C_MECH_CODE, - GSS_C_NO_OID, - &msg_ctx, - &status_string); - printf("Error importing name %s: %s\n", - (char *)name.value, - (char *)status_string.value); - free(name.value); - gss_release_buffer(&new_stat, &status_string); - return AUTH_ERROR; - } - free(name.value); - return 0; -} - -static int -gss_auth(void *app_data, char *host) -{ - - OM_uint32 maj_stat, min_stat; - gss_name_t target_name; - gss_buffer_desc input, output_token; - int context_established = 0; - char *p; - int n; - gss_channel_bindings_t bindings; - struct gss_data *d = app_data; - OM_uint32 mech_flags = GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG; - - const char *knames[] = { "ftp", "host", NULL }, **kname = knames; - - - if(import_name(*kname++, host, &target_name)) - return AUTH_ERROR; - - input.length = 0; - input.value = NULL; - - if (ftp_do_gss_bindings) { - bindings = malloc(sizeof(*bindings)); - if (bindings == NULL) - errx(1, "out of memory"); - - sockaddr_to_gss_address (myctladdr, - &bindings->initiator_addrtype, - &bindings->initiator_address); - sockaddr_to_gss_address (hisctladdr, - &bindings->acceptor_addrtype, - &bindings->acceptor_address); - - bindings->application_data.length = 0; - bindings->application_data.value = NULL; - } else - bindings = GSS_C_NO_CHANNEL_BINDINGS; - - if (ftp_do_gss_delegate) - mech_flags |= GSS_C_DELEG_FLAG; - - while(!context_established) { - maj_stat = gss_init_sec_context(&min_stat, - GSS_C_NO_CREDENTIAL, - &d->context_hdl, - target_name, - GSS_C_NO_OID, - mech_flags, - 0, - bindings, - &input, - NULL, - &output_token, - NULL, - NULL); - if (GSS_ERROR(maj_stat)) { - OM_uint32 new_stat; - OM_uint32 msg_ctx = 0; - gss_buffer_desc status_string; - - d->context_hdl = GSS_C_NO_CONTEXT; - - gss_release_name(&min_stat, &target_name); - - if(*kname != NULL) { - - if(import_name(*kname++, host, &target_name)) { - if (bindings != GSS_C_NO_CHANNEL_BINDINGS) - free(bindings); - return AUTH_ERROR; - } - continue; - } - - if (bindings != GSS_C_NO_CHANNEL_BINDINGS) - free(bindings); - - gss_display_status(&new_stat, - min_stat, - GSS_C_MECH_CODE, - GSS_C_NO_OID, - &msg_ctx, - &status_string); - printf("Error initializing security context: %s\n", - (char*)status_string.value); - gss_release_buffer(&new_stat, &status_string); - return AUTH_CONTINUE; - } - - if (input.value) { - free(input.value); - input.value = NULL; - input.length = 0; - } - if (output_token.length != 0) { - base64_encode(output_token.value, output_token.length, &p); - gss_release_buffer(&min_stat, &output_token); - n = command("ADAT %s", p); - free(p); - } - if (GSS_ERROR(maj_stat)) { - if (d->context_hdl != GSS_C_NO_CONTEXT) - gss_delete_sec_context (&min_stat, - &d->context_hdl, - GSS_C_NO_BUFFER); - break; - } - if (maj_stat & GSS_S_CONTINUE_NEEDED) { - p = strstr(reply_string, "ADAT="); - if(p == NULL){ - printf("Error: expected ADAT in reply. got: %s\n", - reply_string); - if (bindings != GSS_C_NO_CHANNEL_BINDINGS) - free(bindings); - return AUTH_ERROR; - } else { - p+=5; - input.value = malloc(strlen(p)); - input.length = base64_decode(p, input.value); - } - } else { - if(code != 235) { - printf("Unrecognized response code: %d\n", code); - if (bindings != GSS_C_NO_CHANNEL_BINDINGS) - free(bindings); - return AUTH_ERROR; - } - context_established = 1; - } - } - - gss_release_name(&min_stat, &target_name); - - if (bindings != GSS_C_NO_CHANNEL_BINDINGS) - free(bindings); - if (input.value) - free(input.value); - - { - gss_name_t targ_name; - - maj_stat = gss_inquire_context(&min_stat, - d->context_hdl, - NULL, - &targ_name, - NULL, - NULL, - NULL, - NULL, - NULL); - if (GSS_ERROR(maj_stat) == 0) { - gss_buffer_desc name; - maj_stat = gss_display_name (&min_stat, - targ_name, - &name, - NULL); - if (GSS_ERROR(maj_stat) == 0) { - printf("Authenticated to <%s>\n", (char *)name.value); - gss_release_buffer(&min_stat, &name); - } - gss_release_name(&min_stat, &targ_name); - } else - printf("Failed to get gss name of peer.\n"); - } - - - return AUTH_OK; -} - -struct sec_client_mech gss_client_mech = { - "GSSAPI", - sizeof(struct gss_data), - gss_init, - gss_auth, - NULL, /* end */ - gss_check_prot, - gss_overhead, - gss_encode, - gss_decode, -}; - -#endif /* FTP_SERVER */ diff --git a/crypto/heimdal/appl/ftp/ftpd/kauth.c b/crypto/heimdal/appl/ftp/ftpd/kauth.c deleted file mode 100644 index 0f34092d1646..000000000000 --- a/crypto/heimdal/appl/ftp/ftpd/kauth.c +++ /dev/null @@ -1,360 +0,0 @@ -/* - * Copyright (c) 1995 - 1999, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ftpd_locl.h" - -RCSID("$Id: kauth.c 15666 2005-07-19 17:08:11Z lha $"); - -#if defined(KRB4) || defined(KRB5) - -int do_destroy_tickets = 1; -char *k5ccname; - -#endif - -#ifdef KRB4 - -static KTEXT_ST cip; -static unsigned int lifetime; -static time_t local_time; - -static krb_principal pr; - -static int -save_tkt(const char *user, - const char *instance, - const char *realm, - const void *arg, - key_proc_t key_proc, - KTEXT *cipp) -{ - local_time = time(0); - memmove(&cip, *cipp, sizeof(cip)); - return -1; -} - -static int -store_ticket(KTEXT cip) -{ - char *ptr; - des_cblock session; - krb_principal sp; - unsigned char kvno; - KTEXT_ST tkt; - int left = cip->length; - int len; - int kerror; - - ptr = (char *) cip->dat; - - /* extract session key */ - memmove(session, ptr, 8); - ptr += 8; - left -= 8; - - len = strnlen(ptr, left); - if (len == left) - return(INTK_BADPW); - - /* extract server's name */ - strlcpy(sp.name, ptr, sizeof(sp.name)); - ptr += len + 1; - left -= len + 1; - - len = strnlen(ptr, left); - if (len == left) - return(INTK_BADPW); - - /* extract server's instance */ - strlcpy(sp.instance, ptr, sizeof(sp.instance)); - ptr += len + 1; - left -= len + 1; - - len = strnlen(ptr, left); - if (len == left) - return(INTK_BADPW); - - /* extract server's realm */ - strlcpy(sp.realm, ptr, sizeof(sp.realm)); - ptr += len + 1; - left -= len + 1; - - if(left < 3) - return INTK_BADPW; - /* extract ticket lifetime, server key version, ticket length */ - /* be sure to avoid sign extension on lifetime! */ - lifetime = (unsigned char) ptr[0]; - kvno = (unsigned char) ptr[1]; - tkt.length = (unsigned char) ptr[2]; - ptr += 3; - left -= 3; - - if (tkt.length > left) - return(INTK_BADPW); - - /* extract ticket itself */ - memmove(tkt.dat, ptr, tkt.length); - ptr += tkt.length; - left -= tkt.length; - - /* Here is where the time should be verified against the KDC. - * Unfortunately everything is sent in host byte order (receiver - * makes wrong) , and at this stage there is no way for us to know - * which byteorder the KDC has. So we simply ignore the time, - * there are no security risks with this, the only thing that can - * happen is that we might receive a replayed ticket, which could - * at most be useless. - */ - -#if 0 - /* check KDC time stamp */ - { - time_t kdc_time; - - memmove(&kdc_time, ptr, sizeof(kdc_time)); - if (swap_bytes) swap_u_long(kdc_time); - - ptr += 4; - - if (abs((int)(local_time - kdc_time)) > CLOCK_SKEW) { - return(RD_AP_TIME); /* XXX should probably be better - code */ - } - } -#endif - - /* initialize ticket cache */ - - if (tf_create(TKT_FILE) != KSUCCESS) - return(INTK_ERR); - - if (tf_put_pname(pr.name) != KSUCCESS || - tf_put_pinst(pr.instance) != KSUCCESS) { - tf_close(); - return(INTK_ERR); - } - - - kerror = tf_save_cred(sp.name, sp.instance, sp.realm, session, - lifetime, kvno, &tkt, local_time); - tf_close(); - - return(kerror); -} - -void -kauth(char *principal, char *ticket) -{ - char *p; - int ret; - - if(get_command_prot() != prot_private) { - reply(500, "Request denied (bad protection level)"); - return; - } - ret = krb_parse_name(principal, &pr); - if(ret){ - reply(500, "Bad principal: %s.", krb_get_err_text(ret)); - return; - } - if(pr.realm[0] == 0) - krb_get_lrealm(pr.realm, 1); - - if(ticket){ - cip.length = base64_decode(ticket, &cip.dat); - if(cip.length == -1){ - reply(500, "Failed to decode data."); - return; - } - ret = store_ticket(&cip); - if(ret){ - reply(500, "Kerberos error: %s.", krb_get_err_text(ret)); - memset(&cip, 0, sizeof(cip)); - return; - } - do_destroy_tickets = 1; - - if(k_hasafs()) - krb_afslog(0, 0); - reply(200, "Tickets will be destroyed on exit."); - return; - } - - ret = krb_get_in_tkt (pr.name, - pr.instance, - pr.realm, - KRB_TICKET_GRANTING_TICKET, - pr.realm, - DEFAULT_TKT_LIFE, - NULL, save_tkt, NULL); - if(ret != INTK_BADPW){ - reply(500, "Kerberos error: %s.", krb_get_err_text(ret)); - return; - } - if(base64_encode(cip.dat, cip.length, &p) < 0) { - reply(500, "Out of memory while base64-encoding."); - return; - } - reply(300, "P=%s T=%s", krb_unparse_name(&pr), p); - free(p); - memset(&cip, 0, sizeof(cip)); -} - - -static char * -short_date(int32_t dp) -{ - char *cp; - time_t t = (time_t)dp; - - if (t == (time_t)(-1L)) return "*** Never *** "; - cp = ctime(&t) + 4; - cp[15] = '\0'; - return (cp); -} - -void -krbtkfile(const char *tkfile) -{ - do_destroy_tickets = 0; - krb_set_tkt_string(tkfile); - reply(200, "Using ticket file %s", tkfile); -} - -#endif /* KRB4 */ - -#ifdef KRB5 - -static void -dest_cc(void) -{ - krb5_context context; - krb5_error_code ret; - krb5_ccache id; - - ret = krb5_init_context(&context); - if (ret == 0) { - if (k5ccname) - ret = krb5_cc_resolve(context, k5ccname, &id); - else - ret = krb5_cc_default (context, &id); - if (ret) - krb5_free_context(context); - } - if (ret == 0) { - krb5_cc_destroy(context, id); - krb5_free_context (context); - } -} -#endif - -#if defined(KRB4) || defined(KRB5) - -/* - * Only destroy if we created the tickets - */ - -void -cond_kdestroy(void) -{ - if (do_destroy_tickets) { -#if KRB4 - dest_tkt(); -#endif -#if KRB5 - dest_cc(); -#endif - do_destroy_tickets = 0; - } - afsunlog(); -} - -void -kdestroy(void) -{ -#if KRB4 - dest_tkt(); -#endif -#if KRB5 - dest_cc(); -#endif - afsunlog(); - reply(200, "Tickets destroyed"); -} - - -void -afslog(const char *cell, int quiet) -{ - if(k_hasafs()) { -#ifdef KRB5 - krb5_context context; - krb5_error_code ret; - krb5_ccache id; - - ret = krb5_init_context(&context); - if (ret == 0) { - if (k5ccname) - ret = krb5_cc_resolve(context, k5ccname, &id); - else - ret = krb5_cc_default(context, &id); - if (ret) - krb5_free_context(context); - } - if (ret == 0) { - krb5_afslog(context, id, cell, 0); - krb5_cc_close (context, id); - krb5_free_context (context); - } -#endif -#ifdef KRB4 - krb_afslog(cell, 0); -#endif - if (!quiet) - reply(200, "afslog done"); - } else { - if (!quiet) - reply(200, "no AFS present"); - } -} - -void -afsunlog(void) -{ - if(k_hasafs()) - k_unlog(); -} - -#else -int ftpd_afslog_placeholder; -#endif /* KRB4 || KRB5 */ diff --git a/crypto/heimdal/appl/ftp/ftpd/klist.c b/crypto/heimdal/appl/ftp/ftpd/klist.c deleted file mode 100644 index 4afa9b83ccc4..000000000000 --- a/crypto/heimdal/appl/ftp/ftpd/klist.c +++ /dev/null @@ -1,178 +0,0 @@ -/* - * Copyright (c) 1995 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ftpd_locl.h" - -#ifdef KRB5 - -static int -print_cred(krb5_context context, krb5_creds *cred) -{ - char t1[128], t2[128], *str; - krb5_error_code ret; - krb5_timestamp sec; - - krb5_timeofday (context, &sec); - - if(cred->times.starttime) - krb5_format_time(context, cred->times.starttime, t1, sizeof(t1), 1); - else - krb5_format_time(context, cred->times.authtime, t1, sizeof(t1), 1); - - if(cred->times.endtime > sec) - krb5_format_time(context, cred->times.endtime, t2, sizeof(t2), 1); - else - strlcpy(t2, ">>>Expired<<<", sizeof(t2)); - - ret = krb5_unparse_name (context, cred->server, &str); - if (ret) { - lreply(500, "krb5_unparse_name: %d", ret); - return 1; - } - - lreply(200, "%-20s %-20s %s", t1, t2, str); - free(str); - return 0; -} - -static int -print_tickets (krb5_context context, - krb5_ccache ccache, - krb5_principal principal) -{ - krb5_error_code ret; - krb5_cc_cursor cursor; - krb5_creds cred; - char *str; - - ret = krb5_unparse_name (context, principal, &str); - if (ret) { - lreply(500, "krb5_unparse_name: %d", ret); - return 500; - } - - lreply(200, "%17s: %s:%s", - "Credentials cache", - krb5_cc_get_type(context, ccache), - krb5_cc_get_name(context, ccache)); - lreply(200, "%17s: %s", "Principal", str); - free (str); - - ret = krb5_cc_start_seq_get (context, ccache, &cursor); - if (ret) { - lreply(500, "krb5_cc_start_seq_get: %d", ret); - return 500; - } - - lreply(200, " Issued Expires Principal"); - - while ((ret = krb5_cc_next_cred (context, - ccache, - &cursor, - &cred)) == 0) { - if (print_cred(context, &cred)) - return 500; - krb5_free_cred_contents (context, &cred); - } - if (ret != KRB5_CC_END) { - lreply(500, "krb5_cc_get_next: %d", ret); - return 500; - } - ret = krb5_cc_end_seq_get (context, ccache, &cursor); - if (ret) { - lreply(500, "krb5_cc_end_seq_get: %d", ret); - return 500; - } - - return 200; -} - -static int -klist5(void) -{ - krb5_error_code ret; - krb5_context context; - krb5_ccache ccache; - krb5_principal principal; - int exit_status = 200; - - ret = krb5_init_context (&context); - if (ret) { - lreply(500, "krb5_init_context failed: %d", ret); - return 500; - } - - if (k5ccname) - ret = krb5_cc_resolve(context, k5ccname, &ccache); - else - ret = krb5_cc_default (context, &ccache); - if (ret) { - lreply(500, "krb5_cc_default: %d", ret); - return 500; - } - - ret = krb5_cc_get_principal (context, ccache, &principal); - if (ret) { - if(ret == ENOENT) - lreply(500, "No ticket file: %s", - krb5_cc_get_name(context, ccache)); - else - lreply(500, "krb5_cc_get_principal: %d", ret); - - return 500; - } - exit_status = print_tickets (context, ccache, principal); - - ret = krb5_cc_close (context, ccache); - if (ret) { - lreply(500, "krb5_cc_close: %d", ret); - exit_status = 500; - } - - krb5_free_principal (context, principal); - krb5_free_context (context); - return exit_status; -} -#endif - -void -klist(void) -{ -#if KRB5 - int res = klist5(); - reply(res, " "); -#else - reply(500, "Command not implemented."); -#endif -} - diff --git a/crypto/heimdal/appl/ftp/ftpd/krb4.c b/crypto/heimdal/appl/ftp/ftpd/krb4.c deleted file mode 100644 index 408b7fa73579..000000000000 --- a/crypto/heimdal/appl/ftp/ftpd/krb4.c +++ /dev/null @@ -1,340 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef FTP_SERVER -#include "ftpd_locl.h" -#else -#include "ftp_locl.h" -#endif -#include - -RCSID("$Id: krb4.c 17450 2006-05-05 11:11:43Z lha $"); - -#ifdef FTP_SERVER -#define LOCAL_ADDR ctrl_addr -#define REMOTE_ADDR his_addr -#else -#define LOCAL_ADDR myctladdr -#define REMOTE_ADDR hisctladdr -#endif - -extern struct sockaddr *LOCAL_ADDR, *REMOTE_ADDR; - -struct krb4_data { - des_cblock key; - des_key_schedule schedule; - char name[ANAME_SZ]; - char instance[INST_SZ]; - char realm[REALM_SZ]; -}; - -static int -krb4_check_prot(void *app_data, int level) -{ - if(level == prot_confidential) - return -1; - return 0; -} - -static int -krb4_decode(void *app_data, void *buf, int len, int level) -{ - MSG_DAT m; - int e; - struct krb4_data *d = app_data; - - if(level == prot_safe) - e = krb_rd_safe(buf, len, &d->key, - (struct sockaddr_in *)REMOTE_ADDR, - (struct sockaddr_in *)LOCAL_ADDR, &m); - else - e = krb_rd_priv(buf, len, d->schedule, &d->key, - (struct sockaddr_in *)REMOTE_ADDR, - (struct sockaddr_in *)LOCAL_ADDR, &m); - if(e){ - syslog(LOG_ERR, "krb4_decode: %s", krb_get_err_text(e)); - return -1; - } - memmove(buf, m.app_data, m.app_length); - return m.app_length; -} - -static int -krb4_overhead(void *app_data, int level, int len) -{ - return 31; -} - -static int -krb4_encode(void *app_data, void *from, int length, int level, void **to) -{ - struct krb4_data *d = app_data; - *to = malloc(length + 31); - if(level == prot_safe) - return krb_mk_safe(from, *to, length, &d->key, - (struct sockaddr_in *)LOCAL_ADDR, - (struct sockaddr_in *)REMOTE_ADDR); - else if(level == prot_private) - return krb_mk_priv(from, *to, length, d->schedule, &d->key, - (struct sockaddr_in *)LOCAL_ADDR, - (struct sockaddr_in *)REMOTE_ADDR); - else - return -1; -} - -#ifdef FTP_SERVER - -static int -krb4_adat(void *app_data, void *buf, size_t len) -{ - KTEXT_ST tkt; - AUTH_DAT auth_dat; - char *p; - int kerror; - uint32_t cs; - char msg[35]; /* size of encrypted block */ - int tmp_len; - struct krb4_data *d = app_data; - char inst[INST_SZ]; - struct sockaddr_in *his_addr_sin = (struct sockaddr_in *)his_addr; - - memcpy(tkt.dat, buf, len); - tkt.length = len; - - k_getsockinst(0, inst, sizeof(inst)); - kerror = krb_rd_req(&tkt, "ftp", inst, - his_addr_sin->sin_addr.s_addr, &auth_dat, ""); - if(kerror == RD_AP_UNDEC){ - k_getsockinst(0, inst, sizeof(inst)); - kerror = krb_rd_req(&tkt, "rcmd", inst, - his_addr_sin->sin_addr.s_addr, &auth_dat, ""); - } - - if(kerror){ - reply(535, "Error reading request: %s.", krb_get_err_text(kerror)); - return -1; - } - - memcpy(d->key, auth_dat.session, sizeof(d->key)); - des_set_key(&d->key, d->schedule); - - strlcpy(d->name, auth_dat.pname, sizeof(d->name)); - strlcpy(d->instance, auth_dat.pinst, sizeof(d->instance)); - strlcpy(d->realm, auth_dat.prealm, sizeof(d->instance)); - - cs = auth_dat.checksum + 1; - { - unsigned char tmp[4]; - KRB_PUT_INT(cs, tmp, 4, sizeof(tmp)); - tmp_len = krb_mk_safe(tmp, msg, 4, &d->key, - (struct sockaddr_in *)LOCAL_ADDR, - (struct sockaddr_in *)REMOTE_ADDR); - } - if(tmp_len < 0){ - reply(535, "Error creating reply: %s.", strerror(errno)); - return -1; - } - len = tmp_len; - if(base64_encode(msg, len, &p) < 0) { - reply(535, "Out of memory base64-encoding."); - return -1; - } - reply(235, "ADAT=%s", p); - sec_complete = 1; - free(p); - return 0; -} - -static int -krb4_userok(void *app_data, char *user) -{ - struct krb4_data *d = app_data; - return krb_kuserok(d->name, d->instance, d->realm, user); -} - -struct sec_server_mech krb4_server_mech = { - "KERBEROS_V4", - sizeof(struct krb4_data), - NULL, /* init */ - NULL, /* end */ - krb4_check_prot, - krb4_overhead, - krb4_encode, - krb4_decode, - /* */ - NULL, - krb4_adat, - NULL, /* pbsz */ - NULL, /* ccc */ - krb4_userok -}; - -#else /* FTP_SERVER */ - -static int -krb4_init(void *app_data) -{ - return !use_kerberos; -} - -static int -mk_auth(struct krb4_data *d, KTEXT adat, - char *service, char *host, int checksum) -{ - int ret; - CREDENTIALS cred; - char sname[SNAME_SZ], inst[INST_SZ], realm[REALM_SZ]; - - strlcpy(sname, service, sizeof(sname)); - strlcpy(inst, krb_get_phost(host), sizeof(inst)); - strlcpy(realm, krb_realmofhost(host), sizeof(realm)); - ret = krb_mk_req(adat, sname, inst, realm, checksum); - if(ret) - return ret; - strlcpy(sname, service, sizeof(sname)); - strlcpy(inst, krb_get_phost(host), sizeof(inst)); - strlcpy(realm, krb_realmofhost(host), sizeof(realm)); - ret = krb_get_cred(sname, inst, realm, &cred); - memmove(&d->key, &cred.session, sizeof(des_cblock)); - des_key_sched(&d->key, d->schedule); - memset(&cred, 0, sizeof(cred)); - return ret; -} - -static int -krb4_auth(void *app_data, char *host) -{ - int ret; - char *p; - int len; - KTEXT_ST adat; - MSG_DAT msg_data; - int checksum; - uint32_t cs; - struct krb4_data *d = app_data; - struct sockaddr_in *localaddr = (struct sockaddr_in *)LOCAL_ADDR; - struct sockaddr_in *remoteaddr = (struct sockaddr_in *)REMOTE_ADDR; - - checksum = getpid(); - ret = mk_auth(d, &adat, "ftp", host, checksum); - if(ret == KDC_PR_UNKNOWN) - ret = mk_auth(d, &adat, "rcmd", host, checksum); - if(ret){ - printf("%s\n", krb_get_err_text(ret)); - return AUTH_CONTINUE; - } - -#ifdef HAVE_KRB_GET_OUR_IP_FOR_REALM - if (krb_get_config_bool("nat_in_use")) { - struct in_addr natAddr; - - if (krb_get_our_ip_for_realm(krb_realmofhost(host), - &natAddr) != KSUCCESS - && krb_get_our_ip_for_realm(NULL, &natAddr) != KSUCCESS) - printf("Can't get address for realm %s\n", - krb_realmofhost(host)); - else { - if (natAddr.s_addr != localaddr->sin_addr.s_addr) { - printf("Using NAT IP address (%s) for kerberos 4\n", - inet_ntoa(natAddr)); - localaddr->sin_addr = natAddr; - - /* - * This not the best place to do this, but it - * is here we know that (probably) NAT is in - * use! - */ - - passivemode = 1; - printf("Setting: Passive mode on.\n"); - } - } - } -#endif - - printf("Local address is %s\n", inet_ntoa(localaddr->sin_addr)); - printf("Remote address is %s\n", inet_ntoa(remoteaddr->sin_addr)); - - if(base64_encode(adat.dat, adat.length, &p) < 0) { - printf("Out of memory base64-encoding.\n"); - return AUTH_CONTINUE; - } - ret = command("ADAT %s", p); - free(p); - - if(ret != COMPLETE){ - printf("Server didn't accept auth data.\n"); - return AUTH_ERROR; - } - - p = strstr(reply_string, "ADAT="); - if(!p){ - printf("Remote host didn't send adat reply.\n"); - return AUTH_ERROR; - } - p += 5; - len = base64_decode(p, adat.dat); - if(len < 0){ - printf("Failed to decode base64 from server.\n"); - return AUTH_ERROR; - } - adat.length = len; - ret = krb_rd_safe(adat.dat, adat.length, &d->key, - (struct sockaddr_in *)hisctladdr, - (struct sockaddr_in *)myctladdr, &msg_data); - if(ret){ - printf("Error reading reply from server: %s.\n", - krb_get_err_text(ret)); - return AUTH_ERROR; - } - krb_get_int(msg_data.app_data, &cs, 4, 0); - if(cs - checksum != 1){ - printf("Bad checksum returned from server.\n"); - return AUTH_ERROR; - } - return AUTH_OK; -} - -struct sec_client_mech krb4_client_mech = { - "KERBEROS_V4", - sizeof(struct krb4_data), - krb4_init, /* init */ - krb4_auth, - NULL, /* end */ - krb4_check_prot, - krb4_overhead, - krb4_encode, - krb4_decode -}; - -#endif /* FTP_SERVER */ diff --git a/crypto/heimdal/appl/ftp/ftpd/logwtmp.c b/crypto/heimdal/appl/ftp/ftpd/logwtmp.c deleted file mode 100644 index ebf37e6b14f1..000000000000 --- a/crypto/heimdal/appl/ftp/ftpd/logwtmp.c +++ /dev/null @@ -1,138 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: logwtmp.c 9079 2000-09-19 13:17:20Z assar $"); -#endif - -#include -#include -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_UTMP_H -#include -#endif -#ifdef HAVE_UTMPX_H -#include -#endif -#include -#include "extern.h" - -#ifndef WTMP_FILE -#ifdef _PATH_WTMP -#define WTMP_FILE _PATH_WTMP -#else -#define WTMP_FILE "/var/adm/wtmp" -#endif -#endif - -void -ftpd_logwtmp(char *line, char *name, char *host) -{ - static int init = 0; - static int fd; -#ifdef WTMPX_FILE - static int fdx; -#endif - struct utmp ut; -#ifdef WTMPX_FILE - struct utmpx utx; -#endif - - memset(&ut, 0, sizeof(struct utmp)); -#ifdef HAVE_STRUCT_UTMP_UT_TYPE - if(name[0]) - ut.ut_type = USER_PROCESS; - else - ut.ut_type = DEAD_PROCESS; -#endif - strncpy(ut.ut_line, line, sizeof(ut.ut_line)); - strncpy(ut.ut_name, name, sizeof(ut.ut_name)); -#ifdef HAVE_STRUCT_UTMP_UT_PID - ut.ut_pid = getpid(); -#endif -#ifdef HAVE_STRUCT_UTMP_UT_HOST - strncpy(ut.ut_host, host, sizeof(ut.ut_host)); -#endif - ut.ut_time = time(NULL); - -#ifdef WTMPX_FILE - strncpy(utx.ut_line, line, sizeof(utx.ut_line)); - strncpy(utx.ut_user, name, sizeof(utx.ut_user)); - strncpy(utx.ut_host, host, sizeof(utx.ut_host)); -#ifdef HAVE_STRUCT_UTMPX_UT_SYSLEN - utx.ut_syslen = strlen(host) + 1; - if (utx.ut_syslen > sizeof(utx.ut_host)) - utx.ut_syslen = sizeof(utx.ut_host); -#endif - { - struct timeval tv; - - gettimeofday (&tv, 0); - utx.ut_tv.tv_sec = tv.tv_sec; - utx.ut_tv.tv_usec = tv.tv_usec; - } - - if(name[0]) - utx.ut_type = USER_PROCESS; - else - utx.ut_type = DEAD_PROCESS; -#endif - - if(!init){ - fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0); -#ifdef WTMPX_FILE - fdx = open(WTMPX_FILE, O_WRONLY|O_APPEND, 0); -#endif - init = 1; - } - if(fd >= 0) { - write(fd, &ut, sizeof(struct utmp)); /* XXX */ -#ifdef WTMPX_FILE - write(fdx, &utx, sizeof(struct utmpx)); -#endif - } -} diff --git a/crypto/heimdal/appl/ftp/ftpd/ls.c b/crypto/heimdal/appl/ftp/ftpd/ls.c deleted file mode 100644 index 9dcd84812b5a..000000000000 --- a/crypto/heimdal/appl/ftp/ftpd/ls.c +++ /dev/null @@ -1,891 +0,0 @@ -/* - * Copyright (c) 1999 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#ifndef TEST -#include "ftpd_locl.h" - -RCSID("$Id: ls.c 16216 2005-10-22 13:15:43Z lha $"); - -#else -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#define sec_fprintf2 fprintf -#define sec_fflush fflush -static void list_files(FILE *out, const char **files, int n_files, int flags); -static int parse_flags(const char *options); - -int -main(int argc, char **argv) -{ - int i = 1; - int flags; - if(argc > 1 && argv[1][0] == '-') { - flags = parse_flags(argv[1]); - i = 2; - } else - flags = parse_flags(NULL); - - list_files(stdout, (const char **)argv + i, argc - i, flags); - return 0; -} -#endif - -struct fileinfo { - struct stat st; - int inode; - int bsize; - char mode[11]; - int n_link; - char *user; - char *group; - char *size; - char *major; - char *minor; - char *date; - char *filename; - char *link; -}; - -static void -free_fileinfo(struct fileinfo *f) -{ - free(f->user); - free(f->group); - free(f->size); - free(f->major); - free(f->minor); - free(f->date); - free(f->filename); - free(f->link); -} - -#define LS_DIRS (1 << 0) -#define LS_IGNORE_DOT (1 << 1) -#define LS_SORT_MODE (3 << 2) -#define SORT_MODE(f) ((f) & LS_SORT_MODE) -#define LS_SORT_NAME (1 << 2) -#define LS_SORT_MTIME (2 << 2) -#define LS_SORT_SIZE (3 << 2) -#define LS_SORT_REVERSE (1 << 4) - -#define LS_SIZE (1 << 5) -#define LS_INODE (1 << 6) -#define LS_TYPE (1 << 7) -#define LS_DISP_MODE (3 << 8) -#define DISP_MODE(f) ((f) & LS_DISP_MODE) -#define LS_DISP_LONG (1 << 8) -#define LS_DISP_COLUMN (2 << 8) -#define LS_DISP_CROSS (3 << 8) -#define LS_SHOW_ALL (1 << 10) -#define LS_RECURSIVE (1 << 11) -#define LS_EXTRA_BLANK (1 << 12) -#define LS_SHOW_DIRNAME (1 << 13) -#define LS_DIR_FLAG (1 << 14) /* these files come via list_dir */ - -#ifndef S_ISTXT -#define S_ISTXT S_ISVTX -#endif - -#if !defined(_S_IFMT) && defined(S_IFMT) -#define _S_IFMT S_IFMT -#endif - -#ifndef S_ISSOCK -#define S_ISSOCK(mode) (((mode) & _S_IFMT) == S_IFSOCK) -#endif - -#ifndef S_ISLNK -#define S_ISLNK(mode) (((mode) & _S_IFMT) == S_IFLNK) -#endif - -static size_t -block_convert(size_t blocks) -{ -#ifdef S_BLKSIZE - return blocks * S_BLKSIZE / 1024; -#else - return blocks * 512 / 1024; -#endif -} - -static int -make_fileinfo(FILE *out, const char *filename, struct fileinfo *file, int flags) -{ - char buf[128]; - int file_type = 0; - struct stat *st = &file->st; - - file->inode = st->st_ino; - file->bsize = block_convert(st->st_blocks); - - if(S_ISDIR(st->st_mode)) { - file->mode[0] = 'd'; - file_type = '/'; - } - else if(S_ISCHR(st->st_mode)) - file->mode[0] = 'c'; - else if(S_ISBLK(st->st_mode)) - file->mode[0] = 'b'; - else if(S_ISREG(st->st_mode)) { - file->mode[0] = '-'; - if(st->st_mode & (S_IXUSR | S_IXGRP | S_IXOTH)) - file_type = '*'; - } - else if(S_ISFIFO(st->st_mode)) { - file->mode[0] = 'p'; - file_type = '|'; - } - else if(S_ISLNK(st->st_mode)) { - file->mode[0] = 'l'; - file_type = '@'; - } - else if(S_ISSOCK(st->st_mode)) { - file->mode[0] = 's'; - file_type = '='; - } -#ifdef S_ISWHT - else if(S_ISWHT(st->st_mode)) { - file->mode[0] = 'w'; - file_type = '%'; - } -#endif - else - file->mode[0] = '?'; - { - char *x[] = { "---", "--x", "-w-", "-wx", - "r--", "r-x", "rw-", "rwx" }; - strcpy(file->mode + 1, x[(st->st_mode & S_IRWXU) >> 6]); - strcpy(file->mode + 4, x[(st->st_mode & S_IRWXG) >> 3]); - strcpy(file->mode + 7, x[(st->st_mode & S_IRWXO) >> 0]); - if((st->st_mode & S_ISUID)) { - if((st->st_mode & S_IXUSR)) - file->mode[3] = 's'; - else - file->mode[3] = 'S'; - } - if((st->st_mode & S_ISGID)) { - if((st->st_mode & S_IXGRP)) - file->mode[6] = 's'; - else - file->mode[6] = 'S'; - } - if((st->st_mode & S_ISTXT)) { - if((st->st_mode & S_IXOTH)) - file->mode[9] = 't'; - else - file->mode[9] = 'T'; - } - } - file->n_link = st->st_nlink; - { - struct passwd *pwd; - pwd = getpwuid(st->st_uid); - if(pwd == NULL) { - if (asprintf(&file->user, "%u", (unsigned)st->st_uid) == -1) - file->user = NULL; - } else - file->user = strdup(pwd->pw_name); - if (file->user == NULL) { - syslog(LOG_ERR, "out of memory"); - return -1; - } - } - { - struct group *grp; - grp = getgrgid(st->st_gid); - if(grp == NULL) { - if (asprintf(&file->group, "%u", (unsigned)st->st_gid) == -1) - file->group = NULL; - } else - file->group = strdup(grp->gr_name); - if (file->group == NULL) { - syslog(LOG_ERR, "out of memory"); - return -1; - } - } - - if(S_ISCHR(st->st_mode) || S_ISBLK(st->st_mode)) { -#if defined(major) && defined(minor) - if (asprintf(&file->major, "%u", (unsigned)major(st->st_rdev)) == -1) - file->major = NULL; - if (asprintf(&file->minor, "%u", (unsigned)minor(st->st_rdev)) == -1) - file->minor = NULL; -#else - /* Don't want to use the DDI/DKI crap. */ - if (asprintf(&file->major, "%u", (unsigned)st->st_rdev) == -1) - file->major = NULL; - if (asprintf(&file->minor, "%u", 0) == -1) - file->minor = NULL; -#endif - if (file->major == NULL || file->minor == NULL) { - syslog(LOG_ERR, "out of memory"); - return -1; - } - } else { - if (asprintf(&file->size, "%lu", (unsigned long)st->st_size) == -1) - file->size = NULL; - } - - { - time_t t = time(NULL); - time_t mtime = st->st_mtime; - struct tm *tm = localtime(&mtime); - if((t - mtime > 6*30*24*60*60) || - (mtime - t > 6*30*24*60*60)) - strftime(buf, sizeof(buf), "%b %e %Y", tm); - else - strftime(buf, sizeof(buf), "%b %e %H:%M", tm); - file->date = strdup(buf); - if (file->date == NULL) { - syslog(LOG_ERR, "out of memory"); - return -1; - } - } - { - const char *p = strrchr(filename, '/'); - if(p) - p++; - else - p = filename; - if((flags & LS_TYPE) && file_type != 0) { - if (asprintf(&file->filename, "%s%c", p, file_type) == -1) - file->filename = NULL; - } else - file->filename = strdup(p); - if (file->filename == NULL) { - syslog(LOG_ERR, "out of memory"); - return -1; - } - } - if(S_ISLNK(st->st_mode)) { - int n; - n = readlink((char *)filename, buf, sizeof(buf) - 1); - if(n >= 0) { - buf[n] = '\0'; - file->link = strdup(buf); - if (file->link == NULL) { - syslog(LOG_ERR, "out of memory"); - return -1; - } - } else - sec_fprintf2(out, "readlink(%s): %s", filename, strerror(errno)); - } - return 0; -} - -static void -print_file(FILE *out, - int flags, - struct fileinfo *f, - int max_inode, - int max_bsize, - int max_n_link, - int max_user, - int max_group, - int max_size, - int max_major, - int max_minor, - int max_date) -{ - if(f->filename == NULL) - return; - - if(flags & LS_INODE) { - sec_fprintf2(out, "%*d", max_inode, f->inode); - sec_fprintf2(out, " "); - } - if(flags & LS_SIZE) { - sec_fprintf2(out, "%*d", max_bsize, f->bsize); - sec_fprintf2(out, " "); - } - sec_fprintf2(out, "%s", f->mode); - sec_fprintf2(out, " "); - sec_fprintf2(out, "%*d", max_n_link, f->n_link); - sec_fprintf2(out, " "); - sec_fprintf2(out, "%-*s", max_user, f->user); - sec_fprintf2(out, " "); - sec_fprintf2(out, "%-*s", max_group, f->group); - sec_fprintf2(out, " "); - if(f->major != NULL && f->minor != NULL) - sec_fprintf2(out, "%*s, %*s", max_major, f->major, max_minor, f->minor); - else - sec_fprintf2(out, "%*s", max_size, f->size); - sec_fprintf2(out, " "); - sec_fprintf2(out, "%*s", max_date, f->date); - sec_fprintf2(out, " "); - sec_fprintf2(out, "%s", f->filename); - if(f->link) - sec_fprintf2(out, " -> %s", f->link); - sec_fprintf2(out, "\r\n"); -} - -static int -compare_filename(struct fileinfo *a, struct fileinfo *b) -{ - if(a->filename == NULL) - return 1; - if(b->filename == NULL) - return -1; - return strcmp(a->filename, b->filename); -} - -static int -compare_mtime(struct fileinfo *a, struct fileinfo *b) -{ - if(a->filename == NULL) - return 1; - if(b->filename == NULL) - return -1; - return b->st.st_mtime - a->st.st_mtime; -} - -static int -compare_size(struct fileinfo *a, struct fileinfo *b) -{ - if(a->filename == NULL) - return 1; - if(b->filename == NULL) - return -1; - return b->st.st_size - a->st.st_size; -} - -static int list_dir(FILE*, const char*, int); - -static int -find_log10(int num) -{ - int i = 1; - while(num > 10) { - i++; - num /= 10; - } - return i; -} - -/* - * Operate as lstat but fake up entries for AFS mount points so we don't - * have to fetch them. - */ - -#ifdef KRB4 -static int do_the_afs_dance = 1; -#endif - -static int -lstat_file (const char *file, struct stat *sb) -{ -#ifdef KRB4 - if (do_the_afs_dance && - k_hasafs() - && strcmp(file, ".") - && strcmp(file, "..") - && strcmp(file, "/")) - { - struct ViceIoctl a_params; - char *dir, *last; - char *path_bkp; - static ino_t ino_counter = 0, ino_last = 0; - int ret; - const int maxsize = 2048; - - path_bkp = strdup (file); - if (path_bkp == NULL) - return -1; - - a_params.out = malloc (maxsize); - if (a_params.out == NULL) { - free (path_bkp); - return -1; - } - - /* If path contains more than the filename alone - split it */ - - last = strrchr (path_bkp, '/'); - if (last != NULL) { - if(last[1] == '\0') - /* if path ended in /, replace with `.' */ - a_params.in = "."; - else - a_params.in = last + 1; - while(last > path_bkp && *--last == '/'); - if(*last != '/' || last != path_bkp) { - *++last = '\0'; - dir = path_bkp; - } else - /* we got to the start, so this must be the root dir */ - dir = "/"; - } else { - /* file is relative to cdir */ - dir = "."; - a_params.in = path_bkp; - } - - a_params.in_size = strlen (a_params.in) + 1; - a_params.out_size = maxsize; - - ret = k_pioctl (dir, VIOC_AFS_STAT_MT_PT, &a_params, 0); - free (a_params.out); - if (ret < 0) { - free (path_bkp); - - if (errno != EINVAL) - return ret; - else - /* if we get EINVAL this is probably not a mountpoint */ - return lstat (file, sb); - } - - /* - * wow this was a mountpoint, lets cook the struct stat - * use . as a prototype - */ - - ret = lstat (dir, sb); - free (path_bkp); - if (ret < 0) - return ret; - - if (ino_last == sb->st_ino) - ino_counter++; - else { - ino_last = sb->st_ino; - ino_counter = 0; - } - sb->st_ino += ino_counter; - sb->st_nlink = 3; - - return 0; - } -#endif /* KRB4 */ - return lstat (file, sb); -} - -#define IS_DOT_DOTDOT(X) ((X)[0] == '.' && ((X)[1] == '\0' || \ - ((X)[1] == '.' && (X)[2] == '\0'))) - -static int -list_files(FILE *out, const char **files, int n_files, int flags) -{ - struct fileinfo *fi; - int i; - int *dirs = NULL; - size_t total_blocks = 0; - int n_print = 0; - int ret = 0; - - if(n_files == 0) - return 0; - - if(n_files > 1) - flags |= LS_SHOW_DIRNAME; - - fi = calloc(n_files, sizeof(*fi)); - if (fi == NULL) { - syslog(LOG_ERR, "out of memory"); - return -1; - } - for(i = 0; i < n_files; i++) { - if(lstat_file(files[i], &fi[i].st) < 0) { - sec_fprintf2(out, "%s: %s\r\n", files[i], strerror(errno)); - fi[i].filename = NULL; - } else { - int include_in_list = 1; - total_blocks += block_convert(fi[i].st.st_blocks); - if(S_ISDIR(fi[i].st.st_mode)) { - if(dirs == NULL) - dirs = calloc(n_files, sizeof(*dirs)); - if(dirs == NULL) { - syslog(LOG_ERR, "%s: %m", files[i]); - ret = -1; - goto out; - } - dirs[i] = 1; - if((flags & LS_DIRS) == 0) - include_in_list = 0; - } - if(include_in_list) { - ret = make_fileinfo(out, files[i], &fi[i], flags); - if (ret) - goto out; - n_print++; - } - } - } - switch(SORT_MODE(flags)) { - case LS_SORT_NAME: - qsort(fi, n_files, sizeof(*fi), - (int (*)(const void*, const void*))compare_filename); - break; - case LS_SORT_MTIME: - qsort(fi, n_files, sizeof(*fi), - (int (*)(const void*, const void*))compare_mtime); - break; - case LS_SORT_SIZE: - qsort(fi, n_files, sizeof(*fi), - (int (*)(const void*, const void*))compare_size); - break; - } - if(DISP_MODE(flags) == LS_DISP_LONG) { - int max_inode = 0; - int max_bsize = 0; - int max_n_link = 0; - int max_user = 0; - int max_group = 0; - int max_size = 0; - int max_major = 0; - int max_minor = 0; - int max_date = 0; - for(i = 0; i < n_files; i++) { - if(fi[i].filename == NULL) - continue; - if(fi[i].inode > max_inode) - max_inode = fi[i].inode; - if(fi[i].bsize > max_bsize) - max_bsize = fi[i].bsize; - if(fi[i].n_link > max_n_link) - max_n_link = fi[i].n_link; - if(strlen(fi[i].user) > max_user) - max_user = strlen(fi[i].user); - if(strlen(fi[i].group) > max_group) - max_group = strlen(fi[i].group); - if(fi[i].major != NULL && strlen(fi[i].major) > max_major) - max_major = strlen(fi[i].major); - if(fi[i].minor != NULL && strlen(fi[i].minor) > max_minor) - max_minor = strlen(fi[i].minor); - if(fi[i].size != NULL && strlen(fi[i].size) > max_size) - max_size = strlen(fi[i].size); - if(strlen(fi[i].date) > max_date) - max_date = strlen(fi[i].date); - } - if(max_size < max_major + max_minor + 2) - max_size = max_major + max_minor + 2; - else if(max_size - max_minor - 2 > max_major) - max_major = max_size - max_minor - 2; - max_inode = find_log10(max_inode); - max_bsize = find_log10(max_bsize); - max_n_link = find_log10(max_n_link); - - if(n_print > 0) - sec_fprintf2(out, "total %lu\r\n", (unsigned long)total_blocks); - if(flags & LS_SORT_REVERSE) - for(i = n_files - 1; i >= 0; i--) - print_file(out, - flags, - &fi[i], - max_inode, - max_bsize, - max_n_link, - max_user, - max_group, - max_size, - max_major, - max_minor, - max_date); - else - for(i = 0; i < n_files; i++) - print_file(out, - flags, - &fi[i], - max_inode, - max_bsize, - max_n_link, - max_user, - max_group, - max_size, - max_major, - max_minor, - max_date); - } else if(DISP_MODE(flags) == LS_DISP_COLUMN || - DISP_MODE(flags) == LS_DISP_CROSS) { - int max_len = 0; - int size_len = 0; - int num_files = n_files; - int columns; - int j; - for(i = 0; i < n_files; i++) { - if(fi[i].filename == NULL) { - num_files--; - continue; - } - if(strlen(fi[i].filename) > max_len) - max_len = strlen(fi[i].filename); - if(find_log10(fi[i].bsize) > size_len) - size_len = find_log10(fi[i].bsize); - } - if(num_files == 0) - goto next; - if(flags & LS_SIZE) { - columns = 80 / (size_len + 1 + max_len + 1); - max_len = 80 / columns - size_len - 1; - } else { - columns = 80 / (max_len + 1); /* get space between columns */ - max_len = 80 / columns; - } - if(flags & LS_SIZE) - sec_fprintf2(out, "total %lu\r\n", - (unsigned long)total_blocks); - if(DISP_MODE(flags) == LS_DISP_CROSS) { - for(i = 0, j = 0; i < n_files; i++) { - if(fi[i].filename == NULL) - continue; - if(flags & LS_SIZE) - sec_fprintf2(out, "%*u %-*s", size_len, fi[i].bsize, - max_len, fi[i].filename); - else - sec_fprintf2(out, "%-*s", max_len, fi[i].filename); - j++; - if(j == columns) { - sec_fprintf2(out, "\r\n"); - j = 0; - } - } - if(j > 0) - sec_fprintf2(out, "\r\n"); - } else { - int skip = (num_files + columns - 1) / columns; - j = 0; - for(i = 0; i < skip; i++) { - for(j = i; j < n_files;) { - while(j < n_files && fi[j].filename == NULL) - j++; - if(flags & LS_SIZE) - sec_fprintf2(out, "%*u %-*s", size_len, fi[j].bsize, - max_len, fi[j].filename); - else - sec_fprintf2(out, "%-*s", max_len, fi[j].filename); - j += skip; - } - sec_fprintf2(out, "\r\n"); - } - } - } else { - for(i = 0; i < n_files; i++) { - if(fi[i].filename == NULL) - continue; - sec_fprintf2(out, "%s\r\n", fi[i].filename); - } - } - next: - if(((flags & LS_DIRS) == 0 || (flags & LS_RECURSIVE)) && dirs != NULL) { - for(i = 0; i < n_files; i++) { - if(dirs[i]) { - const char *p = strrchr(files[i], '/'); - if(p == NULL) - p = files[i]; - else - p++; - if(!(flags & LS_DIR_FLAG) || !IS_DOT_DOTDOT(p)) { - if((flags & LS_SHOW_DIRNAME)) { - if ((flags & LS_EXTRA_BLANK)) - sec_fprintf2(out, "\r\n"); - sec_fprintf2(out, "%s:\r\n", files[i]); - } - list_dir(out, files[i], flags | LS_DIRS | LS_EXTRA_BLANK); - } - } - } - } - out: - for(i = 0; i < n_files; i++) - free_fileinfo(&fi[i]); - free(fi); - if(dirs != NULL) - free(dirs); - return ret; -} - -static void -free_files (char **files, int n) -{ - int i; - - for (i = 0; i < n; ++i) - free (files[i]); - free (files); -} - -static int -hide_file(const char *filename, int flags) -{ - if(filename[0] != '.') - return 0; - if((flags & LS_IGNORE_DOT)) - return 1; - if(filename[1] == '\0' || (filename[1] == '.' && filename[2] == '\0')) { - if((flags & LS_SHOW_ALL)) - return 0; - else - return 1; - } - return 0; -} - -static int -list_dir(FILE *out, const char *directory, int flags) -{ - DIR *d = opendir(directory); - struct dirent *ent; - char **files = NULL; - int n_files = 0; - int ret; - - if(d == NULL) { - syslog(LOG_ERR, "%s: %m", directory); - return -1; - } - while((ent = readdir(d)) != NULL) { - void *tmp; - - if(hide_file(ent->d_name, flags)) - continue; - tmp = realloc(files, (n_files + 1) * sizeof(*files)); - if (tmp == NULL) { - syslog(LOG_ERR, "%s: out of memory", directory); - free_files (files, n_files); - closedir (d); - return -1; - } - files = tmp; - ret = asprintf(&files[n_files], "%s/%s", directory, ent->d_name); - if (ret == -1) { - syslog(LOG_ERR, "%s: out of memory", directory); - free_files (files, n_files); - closedir (d); - return -1; - } - ++n_files; - } - closedir(d); - return list_files(out, (const char**)files, n_files, flags | LS_DIR_FLAG); -} - -static int -parse_flags(const char *options) -{ -#ifdef TEST - int flags = LS_SORT_NAME | LS_IGNORE_DOT | LS_DISP_COLUMN; -#else - int flags = LS_SORT_NAME | LS_IGNORE_DOT | LS_DISP_LONG; -#endif - - const char *p; - if(options == NULL || *options != '-') - return flags; - for(p = options + 1; *p; p++) { - switch(*p) { - case '1': - flags = (flags & ~LS_DISP_MODE); - break; - case 'a': - flags |= LS_SHOW_ALL; - /*FALLTHROUGH*/ - case 'A': - flags &= ~LS_IGNORE_DOT; - break; - case 'C': - flags = (flags & ~LS_DISP_MODE) | LS_DISP_COLUMN; - break; - case 'd': - flags |= LS_DIRS; - break; - case 'f': - flags = (flags & ~LS_SORT_MODE); - break; - case 'F': - flags |= LS_TYPE; - break; - case 'i': - flags |= LS_INODE; - break; - case 'l': - flags = (flags & ~LS_DISP_MODE) | LS_DISP_LONG; - break; - case 'r': - flags |= LS_SORT_REVERSE; - break; - case 'R': - flags |= LS_RECURSIVE; - break; - case 's': - flags |= LS_SIZE; - break; - case 'S': - flags = (flags & ~LS_SORT_MODE) | LS_SORT_SIZE; - break; - case 't': - flags = (flags & ~LS_SORT_MODE) | LS_SORT_MTIME; - break; - case 'x': - flags = (flags & ~LS_DISP_MODE) | LS_DISP_CROSS; - break; - /* these are a bunch of unimplemented flags from BSD ls */ - case 'k': /* display sizes in kB */ - case 'c': /* last change time */ - case 'L': /* list symlink target */ - case 'm': /* stream output */ - case 'o': /* BSD file flags */ - case 'p': /* display / after directories */ - case 'q': /* print non-graphic characters */ - case 'u': /* use last access time */ - case 'T': /* display complete time */ - case 'W': /* include whiteouts */ - break; - } - } - return flags; -} - -int -builtin_ls(FILE *out, const char *file) -{ - int flags; - int ret; - - if(*file == '-') { - flags = parse_flags(file); - file = "."; - } else - flags = parse_flags(""); - - ret = list_files(out, &file, 1, flags); - sec_fflush(out); - return ret; -} diff --git a/crypto/heimdal/appl/ftp/ftpd/pathnames.h b/crypto/heimdal/appl/ftp/ftpd/pathnames.h deleted file mode 100644 index 884902905e3e..000000000000 --- a/crypto/heimdal/appl/ftp/ftpd/pathnames.h +++ /dev/null @@ -1,63 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)pathnames.h 8.1 (Berkeley) 6/4/93 - */ - -#ifdef HAVE_PATHS_H -#include -#endif - -#ifndef _PATH_DEVNULL -#define _PATH_DEVNULL "/dev/null" -#endif - -#ifndef _PATH_NOLOGIN -#define _PATH_NOLOGIN "/etc/nologin" -#endif - -#ifndef _PATH_BSHELL -#define _PATH_BSHELL "/bin/sh" -#endif - -#ifndef _PATH_FTPUSERS -#define _PATH_FTPUSERS SYSCONFDIR "/ftpusers" -#endif - -#define _PATH_FTPCHROOT SYSCONFDIR "/ftpchroot" -#define _PATH_FTPWELCOME SYSCONFDIR "/ftpwelcome" -#define _PATH_FTPLOGINMESG SYSCONFDIR "/motd" - -#ifndef _PATH_ISSUE -#define _PATH_ISSUE SYSCONFDIR "/issue" -#endif -#define _PATH_ISSUE_NET SYSCONFDIR "/issue.net" diff --git a/crypto/heimdal/appl/ftp/ftpd/popen.c b/crypto/heimdal/appl/ftp/ftpd/popen.c deleted file mode 100644 index dc75fb45419b..000000000000 --- a/crypto/heimdal/appl/ftp/ftpd/popen.c +++ /dev/null @@ -1,238 +0,0 @@ -/* - * Copyright (c) 1988, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software written by Ken Arnold and - * published in UNIX Review, Vol. 6, No. 8. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: popen.c 10900 2002-04-02 11:57:39Z joda $"); -#endif - -#include -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include "extern.h" - - -/* - * Special version of popen which avoids call to shell. This ensures - * no one may create a pipe to a hidden program as a side effect of a - * list or dir command. - */ -static int *pids; -static int fds; - -extern int dochroot; - -/* return path prepended with ~ftp if that file exists, otherwise - * return path unchanged - */ - -const char * -ftp_rooted(const char *path) -{ - static char home[MaxPathLen] = ""; - static char newpath[MaxPathLen]; - struct passwd *pwd; - - if(!home[0]) - if((pwd = k_getpwnam("ftp"))) - strlcpy(home, pwd->pw_dir, sizeof(home)); - snprintf(newpath, sizeof(newpath), "%s/%s", home, path); - if(access(newpath, X_OK)) - strlcpy(newpath, path, sizeof(newpath)); - return newpath; -} - - -#define MAXARGS 100 -#define MAXGLOBS 1000 - -FILE * -ftpd_popen(char *program, char *type, int do_stderr, int no_glob) -{ - char *cp; - FILE *iop; - int argc, gargc, pdes[2], pid; - char **pop, *argv[MAXARGS], *gargv[MAXGLOBS]; - char *foo; - - if (strcmp(type, "r") && strcmp(type, "w")) - return (NULL); - - if (!pids) { - - /* This function is ugly and should be rewritten, in - * modern unices there is no such thing as a maximum - * filedescriptor. - */ - - fds = getdtablesize(); - pids = (int*)calloc(fds, sizeof(int)); - if(!pids) - return NULL; - } - if (pipe(pdes) < 0) - return (NULL); - - /* break up string into pieces */ - foo = NULL; - for (argc = 0, cp = program; argc < MAXARGS - 1; cp = NULL) { - if (!(argv[argc++] = strtok_r(cp, " \t\n", &foo))) - break; - } - argv[MAXARGS - 1] = NULL; - - gargv[0] = (char*)ftp_rooted(argv[0]); - /* glob each piece */ - for (gargc = argc = 1; argv[argc] && gargc < MAXGLOBS - 1; argc++) { - glob_t gl; - int flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE - | -#ifdef GLOB_MAXPATH - GLOB_MAXPATH -#else - GLOB_LIMIT -#endif - ; - - memset(&gl, 0, sizeof(gl)); - if (no_glob || - glob(argv[argc], flags, NULL, &gl) || - gl.gl_pathc == 0) - gargv[gargc++] = strdup(argv[argc]); - else - for (pop = gl.gl_pathv; - *pop && gargc < MAXGLOBS - 1; - pop++) - gargv[gargc++] = strdup(*pop); - globfree(&gl); - } - gargv[gargc] = NULL; - - iop = NULL; - switch(pid = fork()) { - case -1: /* error */ - close(pdes[0]); - close(pdes[1]); - goto pfree; - /* NOTREACHED */ - case 0: /* child */ - if (*type == 'r') { - if (pdes[1] != STDOUT_FILENO) { - dup2(pdes[1], STDOUT_FILENO); - close(pdes[1]); - } - if(do_stderr) - dup2(STDOUT_FILENO, STDERR_FILENO); - close(pdes[0]); - } else { - if (pdes[0] != STDIN_FILENO) { - dup2(pdes[0], STDIN_FILENO); - close(pdes[0]); - } - close(pdes[1]); - } - execv(gargv[0], gargv); - gargv[0] = argv[0]; - execv(gargv[0], gargv); - _exit(1); - } - /* parent; assume fdopen can't fail... */ - if (*type == 'r') { - iop = fdopen(pdes[0], type); - close(pdes[1]); - } else { - iop = fdopen(pdes[1], type); - close(pdes[0]); - } - pids[fileno(iop)] = pid; - -pfree: - for (argc = 1; gargv[argc] != NULL; argc++) - free(gargv[argc]); - - - return (iop); -} - -int -ftpd_pclose(FILE *iop) -{ - int fdes, status; - pid_t pid; - sigset_t sigset, osigset; - - /* - * pclose returns -1 if stream is not associated with a - * `popened' command, or, if already `pclosed'. - */ - if (pids == 0 || pids[fdes = fileno(iop)] == 0) - return (-1); - fclose(iop); - sigemptyset(&sigset); - sigaddset(&sigset, SIGINT); - sigaddset(&sigset, SIGQUIT); - sigaddset(&sigset, SIGHUP); - sigprocmask(SIG_BLOCK, &sigset, &osigset); - while ((pid = waitpid(pids[fdes], &status, 0)) < 0 && errno == EINTR) - continue; - sigprocmask(SIG_SETMASK, &osigset, NULL); - pids[fdes] = 0; - if (pid < 0) - return (pid); - if (WIFEXITED(status)) - return (WEXITSTATUS(status)); - return (1); -} diff --git a/crypto/heimdal/appl/ftp/ftpd/security.c b/crypto/heimdal/appl/ftp/ftpd/security.c deleted file mode 100644 index 2a4803f90b18..000000000000 --- a/crypto/heimdal/appl/ftp/ftpd/security.c +++ /dev/null @@ -1,883 +0,0 @@ -/* - * Copyright (c) 1998-2002, 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef FTP_SERVER -#include "ftpd_locl.h" -#else -#include "ftp_locl.h" -#endif - -RCSID("$Id: security.c 21225 2007-06-20 10:16:02Z lha $"); - -static enum protection_level command_prot; -static enum protection_level data_prot; -static size_t buffer_size; - -struct buffer { - void *data; - size_t size; - size_t index; - int eof_flag; -}; - -static struct buffer in_buffer, out_buffer; -int sec_complete; - -static struct { - enum protection_level level; - const char *name; -} level_names[] = { - { prot_clear, "clear" }, - { prot_safe, "safe" }, - { prot_confidential, "confidential" }, - { prot_private, "private" } -}; - -static const char * -level_to_name(enum protection_level level) -{ - int i; - for(i = 0; i < sizeof(level_names) / sizeof(level_names[0]); i++) - if(level_names[i].level == level) - return level_names[i].name; - return "unknown"; -} - -#ifndef FTP_SERVER /* not used in server */ -static enum protection_level -name_to_level(const char *name) -{ - int i; - for(i = 0; i < sizeof(level_names) / sizeof(level_names[0]); i++) - if(!strncasecmp(level_names[i].name, name, strlen(name))) - return level_names[i].level; - return (enum protection_level)-1; -} -#endif - -#ifdef FTP_SERVER - -static struct sec_server_mech *mechs[] = { -#ifdef KRB5 - &gss_server_mech, -#endif -#ifdef KRB4 - &krb4_server_mech, -#endif - NULL -}; - -static struct sec_server_mech *mech; - -#else - -static struct sec_client_mech *mechs[] = { -#ifdef KRB5 - &gss_client_mech, -#endif -#ifdef KRB4 - &krb4_client_mech, -#endif - NULL -}; - -static struct sec_client_mech *mech; - -#endif - -static void *app_data; - -int -sec_getc(FILE *F) -{ - if(sec_complete && data_prot) { - char c; - if(sec_read(fileno(F), &c, 1) <= 0) - return EOF; - return c; - } else - return getc(F); -} - -static int -block_read(int fd, void *buf, size_t len) -{ - unsigned char *p = buf; - int b; - while(len) { - b = read(fd, p, len); - if (b == 0) - return 0; - else if (b < 0) - return -1; - len -= b; - p += b; - } - return p - (unsigned char*)buf; -} - -static int -block_write(int fd, void *buf, size_t len) -{ - unsigned char *p = buf; - int b; - while(len) { - b = write(fd, p, len); - if(b < 0) - return -1; - len -= b; - p += b; - } - return p - (unsigned char*)buf; -} - -static int -sec_get_data(int fd, struct buffer *buf, int level) -{ - int len; - int b; - void *tmp; - - b = block_read(fd, &len, sizeof(len)); - if (b == 0) - return 0; - else if (b < 0) - return -1; - len = ntohl(len); - tmp = realloc(buf->data, len); - if (tmp == NULL) - return -1; - buf->data = tmp; - b = block_read(fd, buf->data, len); - if (b == 0) - return 0; - else if (b < 0) - return -1; - buf->size = (*mech->decode)(app_data, buf->data, len, data_prot); - buf->index = 0; - return 0; -} - -static size_t -buffer_read(struct buffer *buf, void *dataptr, size_t len) -{ - len = min(len, buf->size - buf->index); - memcpy(dataptr, (char*)buf->data + buf->index, len); - buf->index += len; - return len; -} - -static size_t -buffer_write(struct buffer *buf, void *dataptr, size_t len) -{ - if(buf->index + len > buf->size) { - void *tmp; - if(buf->data == NULL) - tmp = malloc(1024); - else - tmp = realloc(buf->data, buf->index + len); - if(tmp == NULL) - return -1; - buf->data = tmp; - buf->size = buf->index + len; - } - memcpy((char*)buf->data + buf->index, dataptr, len); - buf->index += len; - return len; -} - -int -sec_read(int fd, void *dataptr, int length) -{ - size_t len; - int rx = 0; - - if(sec_complete == 0 || data_prot == 0) - return read(fd, dataptr, length); - - if(in_buffer.eof_flag){ - in_buffer.eof_flag = 0; - return 0; - } - - len = buffer_read(&in_buffer, dataptr, length); - length -= len; - rx += len; - dataptr = (char*)dataptr + len; - - while(length){ - int ret; - - ret = sec_get_data(fd, &in_buffer, data_prot); - if (ret < 0) - return -1; - if(ret == 0 && in_buffer.size == 0) { - if(rx) - in_buffer.eof_flag = 1; - return rx; - } - len = buffer_read(&in_buffer, dataptr, length); - length -= len; - rx += len; - dataptr = (char*)dataptr + len; - } - return rx; -} - -static int -sec_send(int fd, char *from, int length) -{ - int bytes; - void *buf; - bytes = (*mech->encode)(app_data, from, length, data_prot, &buf); - bytes = htonl(bytes); - block_write(fd, &bytes, sizeof(bytes)); - block_write(fd, buf, ntohl(bytes)); - free(buf); - return length; -} - -int -sec_fflush(FILE *F) -{ - if(data_prot != prot_clear) { - if(out_buffer.index > 0){ - sec_write(fileno(F), out_buffer.data, out_buffer.index); - out_buffer.index = 0; - } - sec_send(fileno(F), NULL, 0); - } - fflush(F); - return 0; -} - -int -sec_write(int fd, char *dataptr, int length) -{ - int len = buffer_size; - int tx = 0; - - if(data_prot == prot_clear) - return write(fd, dataptr, length); - - len -= (*mech->overhead)(app_data, data_prot, len); - while(length){ - if(length < len) - len = length; - sec_send(fd, dataptr, len); - length -= len; - dataptr += len; - tx += len; - } - return tx; -} - -int -sec_vfprintf2(FILE *f, const char *fmt, va_list ap) -{ - char *buf; - int ret; - if(data_prot == prot_clear) - return vfprintf(f, fmt, ap); - else { - int len; - len = vasprintf(&buf, fmt, ap); - if (len == -1) - return len; - ret = buffer_write(&out_buffer, buf, len); - free(buf); - return ret; - } -} - -int -sec_fprintf2(FILE *f, const char *fmt, ...) -{ - int ret; - va_list ap; - va_start(ap, fmt); - ret = sec_vfprintf2(f, fmt, ap); - va_end(ap); - return ret; -} - -int -sec_putc(int c, FILE *F) -{ - char ch = c; - if(data_prot == prot_clear) - return putc(c, F); - - buffer_write(&out_buffer, &ch, 1); - if(c == '\n' || out_buffer.index >= 1024 /* XXX */) { - sec_write(fileno(F), out_buffer.data, out_buffer.index); - out_buffer.index = 0; - } - return c; -} - -int -sec_read_msg(char *s, int level) -{ - int len; - char *buf; - int return_code; - - buf = malloc(strlen(s)); - len = base64_decode(s + 4, buf); /* XXX */ - - len = (*mech->decode)(app_data, buf, len, level); - if(len < 0) - return -1; - - buf[len] = '\0'; - - if(buf[3] == '-') - return_code = 0; - else - sscanf(buf, "%d", &return_code); - if(buf[len-1] == '\n') - buf[len-1] = '\0'; - strcpy(s, buf); - free(buf); - return return_code; -} - -int -sec_vfprintf(FILE *f, const char *fmt, va_list ap) -{ - char *buf; - void *enc; - int len; - if(!sec_complete) - return vfprintf(f, fmt, ap); - - if (vasprintf(&buf, fmt, ap) == -1) { - printf("Failed to allocate command.\n"); - return -1; - } - len = (*mech->encode)(app_data, buf, strlen(buf), command_prot, &enc); - free(buf); - if(len < 0) { - printf("Failed to encode command.\n"); - return -1; - } - if(base64_encode(enc, len, &buf) < 0){ - free(enc); - printf("Out of memory base64-encoding.\n"); - return -1; - } - free(enc); -#ifdef FTP_SERVER - if(command_prot == prot_safe) - fprintf(f, "631 %s\r\n", buf); - else if(command_prot == prot_private) - fprintf(f, "632 %s\r\n", buf); - else if(command_prot == prot_confidential) - fprintf(f, "633 %s\r\n", buf); -#else - if(command_prot == prot_safe) - fprintf(f, "MIC %s", buf); - else if(command_prot == prot_private) - fprintf(f, "ENC %s", buf); - else if(command_prot == prot_confidential) - fprintf(f, "CONF %s", buf); -#endif - free(buf); - return 0; -} - -int -sec_fprintf(FILE *f, const char *fmt, ...) -{ - va_list ap; - int ret; - va_start(ap, fmt); - ret = sec_vfprintf(f, fmt, ap); - va_end(ap); - return ret; -} - -/* end common stuff */ - -#ifdef FTP_SERVER - -int ccc_passed; - -void -auth(char *auth_name) -{ - int i; - void *tmp; - - for(i = 0; (mech = mechs[i]) != NULL; i++){ - if(!strcasecmp(auth_name, mech->name)){ - tmp = realloc(app_data, mech->size); - if (tmp == NULL) { - reply(431, "Unable to accept %s at this time", mech->name); - return; - } - app_data = tmp; - - if(mech->init && (*mech->init)(app_data) != 0) { - reply(431, "Unable to accept %s at this time", mech->name); - return; - } - if(mech->auth) { - (*mech->auth)(app_data); - return; - } - if(mech->adat) - reply(334, "Send authorization data."); - else - reply(234, "Authorization complete."); - return; - } - } - free (app_data); - app_data = NULL; - reply(504, "%s is unknown to me", auth_name); -} - -void -adat(char *auth_data) -{ - if(mech && !sec_complete) { - void *buf = malloc(strlen(auth_data)); - size_t len; - len = base64_decode(auth_data, buf); - (*mech->adat)(app_data, buf, len); - free(buf); - } else - reply(503, "You must %sissue an AUTH first.", mech ? "re-" : ""); -} - -void pbsz(int size) -{ - size_t new = size; - if(!sec_complete) - reply(503, "Incomplete security data exchange."); - if(mech->pbsz) - new = (*mech->pbsz)(app_data, size); - if(buffer_size != new){ - buffer_size = size; - } - if(new != size) - reply(200, "PBSZ=%lu", (unsigned long)new); - else - reply(200, "OK"); -} - -void -prot(char *pl) -{ - int p = -1; - - if(buffer_size == 0){ - reply(503, "No protection buffer size negotiated."); - return; - } - - if(!strcasecmp(pl, "C")) - p = prot_clear; - else if(!strcasecmp(pl, "S")) - p = prot_safe; - else if(!strcasecmp(pl, "E")) - p = prot_confidential; - else if(!strcasecmp(pl, "P")) - p = prot_private; - else { - reply(504, "Unrecognized protection level."); - return; - } - - if(sec_complete){ - if((*mech->check_prot)(app_data, p)){ - reply(536, "%s does not support %s protection.", - mech->name, level_to_name(p)); - }else{ - data_prot = (enum protection_level)p; - reply(200, "Data protection is %s.", level_to_name(p)); - } - }else{ - reply(503, "Incomplete security data exchange."); - } -} - -void ccc(void) -{ - if(sec_complete){ - if(mech->ccc && (*mech->ccc)(app_data) == 0) { - command_prot = data_prot = prot_clear; - ccc_passed = 1; - } else - reply(534, "You must be joking."); - }else - reply(503, "Incomplete security data exchange."); -} - -void mec(char *msg, enum protection_level level) -{ - void *buf; - size_t len, buf_size; - if(!sec_complete) { - reply(503, "Incomplete security data exchange."); - return; - } - buf_size = strlen(msg) + 2; - buf = malloc(buf_size); - len = base64_decode(msg, buf); - command_prot = level; - if(len == (size_t)-1) { - reply(501, "Failed to base64-decode command"); - return; - } - len = (*mech->decode)(app_data, buf, len, level); - if(len == (size_t)-1) { - reply(535, "Failed to decode command"); - return; - } - ((char*)buf)[len] = '\0'; - if(strstr((char*)buf, "\r\n") == NULL) - strlcat((char*)buf, "\r\n", buf_size); - new_ftp_command(buf); -} - -/* ------------------------------------------------------------ */ - -int -sec_userok(char *userstr) -{ - if(sec_complete) - return (*mech->userok)(app_data, userstr); - return 0; -} - -int -sec_session(char *user) -{ - if(sec_complete && mech->session) - return (*mech->session)(app_data, user); - return 0; -} - -char *ftp_command; - -void -new_ftp_command(char *command) -{ - ftp_command = command; -} - -void -delete_ftp_command(void) -{ - free(ftp_command); - ftp_command = NULL; -} - -int -secure_command(void) -{ - return ftp_command != NULL; -} - -enum protection_level -get_command_prot(void) -{ - return command_prot; -} - -#else /* FTP_SERVER */ - -void -sec_status(void) -{ - if(sec_complete){ - printf("Using %s for authentication.\n", mech->name); - printf("Using %s command channel.\n", level_to_name(command_prot)); - printf("Using %s data channel.\n", level_to_name(data_prot)); - if(buffer_size > 0) - printf("Protection buffer size: %lu.\n", - (unsigned long)buffer_size); - }else{ - printf("Not using any security mechanism.\n"); - } -} - -static int -sec_prot_internal(int level) -{ - int ret; - char *p; - unsigned int s = 1048576; - - int old_verbose = verbose; - verbose = 0; - - if(!sec_complete){ - printf("No security data exchange has taken place.\n"); - return -1; - } - - if(level){ - ret = command("PBSZ %u", s); - if(ret != COMPLETE){ - printf("Failed to set protection buffer size.\n"); - return -1; - } - buffer_size = s; - p = strstr(reply_string, "PBSZ="); - if(p) - sscanf(p, "PBSZ=%u", &s); - if(s < buffer_size) - buffer_size = s; - } - verbose = old_verbose; - ret = command("PROT %c", level["CSEP"]); /* XXX :-) */ - if(ret != COMPLETE){ - printf("Failed to set protection level.\n"); - return -1; - } - - data_prot = (enum protection_level)level; - return 0; -} - -enum protection_level -set_command_prot(enum protection_level level) -{ - int ret; - enum protection_level old = command_prot; - if(level != command_prot && level == prot_clear) { - ret = command("CCC"); - if(ret != COMPLETE) { - printf("Failed to clear command channel.\n"); - return -1; - } - } - command_prot = level; - return old; -} - -void -sec_prot(int argc, char **argv) -{ - int level = -1; - - if(argc > 3) - goto usage; - - if(argc == 1) { - sec_status(); - return; - } - if(!sec_complete) { - printf("No security data exchange has taken place.\n"); - code = -1; - return; - } - level = name_to_level(argv[argc - 1]); - - if(level == -1) - goto usage; - - if((*mech->check_prot)(app_data, level)) { - printf("%s does not implement %s protection.\n", - mech->name, level_to_name(level)); - code = -1; - return; - } - - if(argc == 2 || strncasecmp(argv[1], "data", strlen(argv[1])) == 0) { - if(sec_prot_internal(level) < 0){ - code = -1; - return; - } - } else if(strncasecmp(argv[1], "command", strlen(argv[1])) == 0) { - if(set_command_prot(level) < 0) { - code = -1; - return; - } - } else - goto usage; - code = 0; - return; - usage: - printf("usage: %s [command|data] [clear|safe|confidential|private]\n", - argv[0]); - code = -1; -} - -void -sec_prot_command(int argc, char **argv) -{ - int level; - - if(argc > 2) - goto usage; - - if(!sec_complete) { - printf("No security data exchange has taken place.\n"); - code = -1; - return; - } - - if(argc == 1) { - sec_status(); - } else { - level = name_to_level(argv[1]); - if(level == -1) - goto usage; - - if((*mech->check_prot)(app_data, level)) { - printf("%s does not implement %s protection.\n", - mech->name, level_to_name(level)); - code = -1; - return; - } - if(set_command_prot(level) < 0) { - code = -1; - return; - } - } - code = 0; - return; - usage: - printf("usage: %s [clear|safe|confidential|private]\n", - argv[0]); - code = -1; -} - -static enum protection_level request_data_prot; - -void -sec_set_protection_level(void) -{ - if(sec_complete && data_prot != request_data_prot) - sec_prot_internal(request_data_prot); -} - - -int -sec_request_prot(char *level) -{ - int l = name_to_level(level); - if(l == -1) - return -1; - request_data_prot = (enum protection_level)l; - return 0; -} - -int -sec_login(char *host) -{ - int ret; - struct sec_client_mech **m; - int old_verbose = verbose; - - verbose = -1; /* shut up all messages this will produce (they - are usually not very user friendly) */ - - for(m = mechs; *m && (*m)->name; m++) { - void *tmp; - - tmp = realloc(app_data, (*m)->size); - if (tmp == NULL) { - warnx ("realloc %lu failed", (unsigned long)(*m)->size); - return -1; - } - app_data = tmp; - - if((*m)->init && (*(*m)->init)(app_data) != 0) { - printf("Skipping %s...\n", (*m)->name); - continue; - } - printf("Trying %s...\n", (*m)->name); - ret = command("AUTH %s", (*m)->name); - if(ret != CONTINUE){ - if(code == 504){ - printf("%s is not supported by the server.\n", (*m)->name); - }else if(code == 534){ - printf("%s rejected as security mechanism.\n", (*m)->name); - }else if(ret == ERROR) { - printf("The server doesn't support the FTP " - "security extensions.\n"); - verbose = old_verbose; - return -1; - } - continue; - } - - ret = (*(*m)->auth)(app_data, host); - - if(ret == AUTH_CONTINUE) - continue; - else if(ret != AUTH_OK){ - /* mechanism is supposed to output error string */ - verbose = old_verbose; - return -1; - } - mech = *m; - sec_complete = 1; - if(doencrypt) { - command_prot = prot_private; - request_data_prot = prot_private; - } else { - command_prot = prot_safe; - } - break; - } - - verbose = old_verbose; - return *m == NULL; -} - -void -sec_end(void) -{ - if (mech != NULL) { - if(mech->end) - (*mech->end)(app_data); - if (app_data != NULL) { - memset(app_data, 0, mech->size); - free(app_data); - app_data = NULL; - } - } - sec_complete = 0; - data_prot = (enum protection_level)0; -} - -#endif /* FTP_SERVER */ - diff --git a/crypto/heimdal/appl/gssmask/Makefile.am b/crypto/heimdal/appl/gssmask/Makefile.am deleted file mode 100644 index 347a27ec9290..000000000000 --- a/crypto/heimdal/appl/gssmask/Makefile.am +++ /dev/null @@ -1,12 +0,0 @@ -# $Id: Makefile.am 18468 2006-10-14 13:50:51Z lha $ - -include $(top_srcdir)/Makefile.am.common - -noinst_PROGRAMS = gssmask gssmaestro - -gssmask_SOURCES = gssmask.c common.c common.h protocol.h - -gssmaestro_SOURCES = gssmaestro.c common.c common.h protocol.h - -LDADD = $(top_builddir)/lib/gssapi/libgssapi.la $(LIB_roken) - diff --git a/crypto/heimdal/appl/gssmask/Makefile.in b/crypto/heimdal/appl/gssmask/Makefile.in deleted file mode 100644 index a51092274cfe..000000000000 --- a/crypto/heimdal/appl/gssmask/Makefile.in +++ /dev/null @@ -1,760 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 18468 2006-10-14 13:50:51Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -noinst_PROGRAMS = gssmask$(EXEEXT) gssmaestro$(EXEEXT) -subdir = appl/gssmask -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -PROGRAMS = $(noinst_PROGRAMS) -am_gssmaestro_OBJECTS = gssmaestro.$(OBJEXT) common.$(OBJEXT) -gssmaestro_OBJECTS = $(am_gssmaestro_OBJECTS) -gssmaestro_LDADD = $(LDADD) -am__DEPENDENCIES_1 = -gssmaestro_DEPENDENCIES = $(top_builddir)/lib/gssapi/libgssapi.la \ - $(am__DEPENDENCIES_1) -am_gssmask_OBJECTS = gssmask.$(OBJEXT) common.$(OBJEXT) -gssmask_OBJECTS = $(am_gssmask_OBJECTS) -gssmask_LDADD = $(LDADD) -gssmask_DEPENDENCIES = $(top_builddir)/lib/gssapi/libgssapi.la \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(gssmaestro_SOURCES) $(gssmask_SOURCES) -DIST_SOURCES = $(gssmaestro_SOURCES) $(gssmask_SOURCES) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -gssmask_SOURCES = gssmask.c common.c common.h protocol.h -gssmaestro_SOURCES = gssmaestro.c common.c common.h protocol.h -LDADD = $(top_builddir)/lib/gssapi/libgssapi.la $(LIB_roken) -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/gssmask/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/gssmask/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -gssmaestro$(EXEEXT): $(gssmaestro_OBJECTS) $(gssmaestro_DEPENDENCIES) - @rm -f gssmaestro$(EXEEXT) - $(LINK) $(gssmaestro_OBJECTS) $(gssmaestro_LDADD) $(LIBS) -gssmask$(EXEEXT): $(gssmask_OBJECTS) $(gssmask_DEPENDENCIES) - @rm -f gssmask$(EXEEXT) - $(LINK) $(gssmask_OBJECTS) $(gssmask_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(PROGRAMS) all-local -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool clean-noinstPROGRAMS \ - mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-generic clean-libtool clean-noinstPROGRAMS ctags \ - dist-hook distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ - pdf pdf-am ps ps-am tags uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/appl/gssmask/common.c b/crypto/heimdal/appl/gssmask/common.c deleted file mode 100644 index a57b803abafb..000000000000 --- a/crypto/heimdal/appl/gssmask/common.c +++ /dev/null @@ -1,97 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include -RCSID("$Id: common.c 18900 2006-11-03 05:21:01Z lha $"); - -krb5_error_code -store_string(krb5_storage *sp, const char *str) -{ - size_t len = strlen(str) + 1; - krb5_error_code ret; - - ret = krb5_store_int32(sp, len); - if (ret) - return ret; - ret = krb5_storage_write(sp, str, len); - if (ret != len) - return EINVAL; - return 0; -} - -static void -add_list(char ****list, size_t *listlen, char **str, size_t len) -{ - size_t i; - *list = erealloc(*list, sizeof(**list) * (*listlen + 1)); - - (*list)[*listlen] = ecalloc(len, sizeof(**list)); - for (i = 0; i < len; i++) - (*list)[*listlen][i] = str[i]; - (*listlen)++; -} - -static void -permute(char ****list, size_t *listlen, - char **str, const int start, const int len) -{ - int i, j; - -#define SWAP(s,i,j) { char *t = str[i]; str[i] = str[j]; str[j] = t; } - - for (i = start; i < len - 1; i++) { - for (j = i+1; j < len; j++) { - SWAP(str,i,j); - permute(list, listlen, str, i+1, len); - SWAP(str,i,j); - } - } - add_list(list, listlen, str, len); -} - -char *** -permutate_all(struct getarg_strings *strings, size_t *size) -{ - char **list, ***all = NULL; - int i; - - *size = 0; - - list = ecalloc(strings->num_strings, sizeof(*list)); - for (i = 0; i < strings->num_strings; i++) - list[i] = strings->strings[i]; - - permute(&all, size, list, 0, strings->num_strings); - free(list); - return all; -} diff --git a/crypto/heimdal/appl/gssmask/common.h b/crypto/heimdal/appl/gssmask/common.h deleted file mode 100644 index a44339e4596c..000000000000 --- a/crypto/heimdal/appl/gssmask/common.h +++ /dev/null @@ -1,112 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -/* $Id: common.h 18250 2006-10-06 07:22:00Z lha $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -/* - * pthread support is disable because the pthread - * test have no "application pthread libflags" variable, - * when this is fixed pthread support can be enabled again. - */ -#undef ENABLE_PTHREAD_SUPPORT - -#include -#ifdef HAVE_SYS_UTSNAME_H -#include -#endif - -#ifdef HAVE_SYS_WAIT_H -#include -#endif - -#include -#include -#include -#include - -#include -#include - -#include "protocol.h" - -krb5_error_code store_string(krb5_storage *, const char *); - - -#define ret16(_client, num) \ - do { \ - if (krb5_ret_int16((_client)->sock, &(num)) != 0) \ - errx(1, "krb5_ret_int16 " #num); \ - } while(0) - -#define ret32(_client, num) \ - do { \ - if (krb5_ret_int32((_client)->sock, &(num)) != 0) \ - errx(1, "krb5_ret_int32 " #num); \ - } while(0) - -#define retdata(_client, data) \ - do { \ - if (krb5_ret_data((_client)->sock, &(data)) != 0) \ - errx(1, "krb5_ret_data " #data); \ - } while(0) - -#define retstring(_client, data) \ - do { \ - if (krb5_ret_string((_client)->sock, &(data)) != 0) \ - errx(1, "krb5_ret_data " #data); \ - } while(0) - - -#define put32(_client, num) \ - do { \ - if (krb5_store_int32((_client)->sock, num) != 0) \ - errx(1, "krb5_store_int32 " #num); \ - } while(0) - -#define putdata(_client, data) \ - do { \ - if (krb5_store_data((_client)->sock, data) != 0) \ - errx(1, "krb5_store_data " #data); \ - } while(0) - -#define putstring(_client, str) \ - do { \ - if (store_string((_client)->sock, str) != 0) \ - errx(1, "krb5_store_str " #str); \ - } while(0) - -char *** permutate_all(struct getarg_strings *, size_t *); diff --git a/crypto/heimdal/appl/gssmask/gssmaestro.c b/crypto/heimdal/appl/gssmask/gssmaestro.c deleted file mode 100644 index 610c53f5f59b..000000000000 --- a/crypto/heimdal/appl/gssmask/gssmaestro.c +++ /dev/null @@ -1,851 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include -RCSID("$Id: gssmaestro.c 21605 2007-07-17 06:51:57Z lha $"); - -static FILE *logfile; - -/* - * - */ - -struct client { - char *name; - struct sockaddr *sa; - socklen_t salen; - krb5_storage *sock; - int32_t capabilities; - char *target_name; - char *moniker; - krb5_storage *logsock; - int have_log; -#ifdef ENABLE_PTHREAD_SUPPORT - pthread_t thr; -#else - pid_t child; -#endif -}; - -static struct client **clients; -static int num_clients; - -static int -init_sec_context(struct client *client, - int32_t *hContext, int32_t *hCred, - int32_t flags, - const char *targetname, - const krb5_data *itoken, krb5_data *otoken) -{ - int32_t val; - krb5_data_zero(otoken); - put32(client, eInitContext); - put32(client, *hContext); - put32(client, *hCred); - put32(client, flags); - putstring(client, targetname); - putdata(client, *itoken); - ret32(client, *hContext); - ret32(client, val); - retdata(client, *otoken); - return val; -} - -static int -accept_sec_context(struct client *client, - int32_t *hContext, - int32_t flags, - const krb5_data *itoken, - krb5_data *otoken, - int32_t *hDelegCred) -{ - int32_t val; - krb5_data_zero(otoken); - put32(client, eAcceptContext); - put32(client, *hContext); - put32(client, flags); - putdata(client, *itoken); - ret32(client, *hContext); - ret32(client, val); - retdata(client, *otoken); - ret32(client, *hDelegCred); - return val; -} - -static int -acquire_cred(struct client *client, - const char *username, - const char *password, - int32_t flags, - int32_t *hCred) -{ - int32_t val; - put32(client, eAcquireCreds); - putstring(client, username); - putstring(client, password); - put32(client, flags); - ret32(client, val); - ret32(client, *hCred); - return val; -} - -static int -toast_resource(struct client *client, - int32_t hCred) -{ - int32_t val; - put32(client, eToastResource); - put32(client, hCred); - ret32(client, val); - return val; -} - -static int -goodbye(struct client *client) -{ - put32(client, eGoodBye); - return GSMERR_OK; -} - -static int -get_targetname(struct client *client, - char **target) -{ - put32(client, eGetTargetName); - retstring(client, *target); - return GSMERR_OK; -} - -static int32_t -encrypt_token(struct client *client, int32_t hContext, int32_t flags, - krb5_data *in, krb5_data *out) -{ - int32_t val; - put32(client, eEncrypt); - put32(client, hContext); - put32(client, flags); - put32(client, 0); - putdata(client, *in); - ret32(client, val); - retdata(client, *out); - return val; -} - -static int32_t -decrypt_token(struct client *client, int32_t hContext, int flags, - krb5_data *in, krb5_data *out) -{ - int32_t val; - put32(client, eDecrypt); - put32(client, hContext); - put32(client, flags); - put32(client, 0); - putdata(client, *in); - ret32(client, val); - retdata(client, *out); - return val; -} - -static int32_t -get_mic(struct client *client, int32_t hContext, - krb5_data *in, krb5_data *mic) -{ - int32_t val; - put32(client, eSign); - put32(client, hContext); - put32(client, 0); - put32(client, 0); - putdata(client, *in); - ret32(client, val); - retdata(client, *mic); - return val; -} - -static int32_t -verify_mic(struct client *client, int32_t hContext, - krb5_data *in, krb5_data *mic) -{ - int32_t val; - put32(client, eVerify); - put32(client, hContext); - put32(client, 0); - put32(client, 0); - putdata(client, *in); - putdata(client, *mic); - ret32(client, val); - return val; -} - - -static int32_t -get_version_capa(struct client *client, - int32_t *version, int32_t *capa, - char **version_str) -{ - put32(client, eGetVersionAndCapabilities); - ret32(client, *version); - ret32(client, *capa); - retstring(client, *version_str); - return GSMERR_OK; -} - -static int32_t -get_moniker(struct client *client, - char **moniker) -{ - put32(client, eGetMoniker); - retstring(client, *moniker); - return GSMERR_OK; -} - -static int -wait_log(struct client *c) -{ - int32_t port; - struct sockaddr_storage sast; - socklen_t salen = sizeof(sast); - int fd, fd2, ret; - - memset(&sast, 0, sizeof(sast)); - - assert(sizeof(sast) >= c->salen); - - fd = socket(c->sa->sa_family, SOCK_STREAM, 0); - if (fd < 0) - err(1, "failed to build socket for %s's logging port", c->moniker); - - ((struct sockaddr *)&sast)->sa_family = c->sa->sa_family; - ret = bind(fd, (struct sockaddr *)&sast, c->salen); - if (ret < 0) - err(1, "failed to bind %s's logging port", c->moniker); - - if (listen(fd, SOMAXCONN) < 0) - err(1, "failed to listen %s's logging port", c->moniker); - - salen = sizeof(sast); - ret = getsockname(fd, (struct sockaddr *)&sast, &salen); - if (ret < 0) - err(1, "failed to get address of local socket for %s", c->moniker); - - port = socket_get_port((struct sockaddr *)&sast); - - put32(c, eSetLoggingSocket); - put32(c, ntohs(port)); - - salen = sizeof(sast); - fd2 = accept(fd, (struct sockaddr *)&sast, &salen); - if (fd2 < 0) - err(1, "failed to accept local socket for %s", c->moniker); - close(fd); - - return fd2; -} - - - - -static int -build_context(struct client *ipeer, struct client *apeer, - int32_t flags, int32_t hCred, - int32_t *iContext, int32_t *aContext, int32_t *hDelegCred) -{ - int32_t val = GSMERR_ERROR, ic = 0, ac = 0, deleg = 0; - krb5_data itoken, otoken; - int iDone = 0, aDone = 0; - int step = 0; - int first_call = 0x80; - - if (apeer->target_name == NULL) - errx(1, "apeer %s have no target name", apeer->name); - - krb5_data_zero(&itoken); - - while (!iDone || !aDone) { - - if (iDone) { - warnx("iPeer already done, aPeer want extra rtt"); - val = GSMERR_ERROR; - goto out; - } - - val = init_sec_context(ipeer, &ic, &hCred, flags|first_call, - apeer->target_name, &itoken, &otoken); - step++; - switch(val) { - case GSMERR_OK: - iDone = 1; - if (aDone) - continue; - break; - case GSMERR_CONTINUE_NEEDED: - break; - default: - warnx("iPeer %s failed with %d (step %d)", - ipeer->name, (int)val, step); - goto out; - } - - if (aDone) { - warnx("aPeer already done, iPeer want extra rtt"); - val = GSMERR_ERROR; - goto out; - } - - val = accept_sec_context(apeer, &ac, flags|first_call, - &otoken, &itoken, &deleg); - step++; - switch(val) { - case GSMERR_OK: - aDone = 1; - if (iDone) - continue; - break; - case GSMERR_CONTINUE_NEEDED: - break; - default: - warnx("aPeer %s failed with %d (step %d)", - apeer->name, (int)val, step); - val = GSMERR_ERROR; - goto out; - } - first_call = 0; - val = GSMERR_OK; - } - - if (iContext == NULL || val != GSMERR_OK) { - if (ic) - toast_resource(ipeer, ic); - if (iContext) - *iContext = 0; - } else - *iContext = ic; - - if (aContext == NULL || val != GSMERR_OK) { - if (ac) - toast_resource(apeer, ac); - if (aContext) - *aContext = 0; - } else - *aContext = ac; - - if (hDelegCred == NULL || val != GSMERR_OK) { - if (deleg) - toast_resource(apeer, deleg); - if (hDelegCred) - *hDelegCred = 0; - } else - *hDelegCred = deleg; - -out: - return val; -} - -static void -test_mic(struct client *c1, int32_t hc1, struct client *c2, int32_t hc2) -{ - krb5_data msg, mic; - int32_t val; - - msg.data = "foo"; - msg.length = 3; - - krb5_data_zero(&mic); - - val = get_mic(c1, hc1, &msg, &mic); - if (val) - errx(1, "get_mic failed to host: %s", c1->moniker); - val = verify_mic(c2, hc2, &msg, &mic); - if (val) - errx(1, "verify_mic failed to host: %s", c2->moniker); - - krb5_data_free(&mic); -} - -static int32_t -test_wrap(struct client *c1, int32_t hc1, struct client *c2, int32_t hc2, - int conf) -{ - krb5_data msg, wrapped, out; - int32_t val; - - msg.data = "foo"; - msg.length = 3; - - krb5_data_zero(&wrapped); - krb5_data_zero(&out); - - val = encrypt_token(c1, hc1, conf, &msg, &wrapped); - if (val) { - warnx("encrypt_token failed to host: %s", c1->moniker); - return val; - } - val = decrypt_token(c2, hc2, conf, &wrapped, &out); - if (val) { - krb5_data_free(&wrapped); - warnx("decrypt_token failed to host: %s", c2->moniker); - return val; - } - - if (msg.length != out.length) { - warnx("decrypted'ed token have wrong length (%lu != %lu)", - (unsigned long)msg.length, (unsigned long)out.length); - val = GSMERR_ERROR; - } else if (memcmp(msg.data, out.data, msg.length) != 0) { - warnx("decryptd'ed token have wrong data"); - val = GSMERR_ERROR; - } - - krb5_data_free(&wrapped); - krb5_data_free(&out); - return val; -} - -static int32_t -test_token(struct client *c1, int32_t hc1, struct client *c2, int32_t hc2) -{ - int32_t val; - int i; - - for (i = 0; i < 10; i++) { - test_mic(c1, hc1, c2, hc2); - test_mic(c2, hc2, c1, hc1); - val = test_wrap(c1, hc1, c2, hc2, 0); - if (val) return val; - val = test_wrap(c2, hc2, c1, hc1, 0); - if (val) return val; - val = test_wrap(c1, hc1, c2, hc2, 1); - if (val) return val; - val = test_wrap(c2, hc2, c1, hc1, 1); - if (val) return val; - } - return GSMERR_OK; -} - -static int -log_function(void *ptr) -{ - struct client *c = ptr; - int32_t cmd, line; - char *file, *string; - - while (1) { - if (krb5_ret_int32(c->logsock, &cmd)) - goto out; - - switch (cmd) { - case eLogSetMoniker: - if (krb5_ret_string(c->logsock, &file)) - goto out; - free(file); - break; - case eLogInfo: - case eLogFailure: - if (krb5_ret_string(c->logsock, &file)) - goto out; - if (krb5_ret_int32(c->logsock, &line)) - goto out; - if (krb5_ret_string(c->logsock, &string)) - goto out; - printf("%s:%lu: %s\n", - file, (unsigned long)line, string); - fprintf(logfile, "%s:%lu: %s\n", - file, (unsigned long)line, string); - fflush(logfile); - free(file); - free(string); - if (krb5_store_int32(c->logsock, 0)) - goto out; - break; - default: - errx(1, "client send bad log command: %d", (int)cmd); - } - } -out: - - return 0; -} - -static void -connect_client(const char *slave) -{ - char *name, *port; - struct client *c = ecalloc(1, sizeof(*c)); - struct addrinfo hints, *res0, *res; - int ret, fd; - - name = estrdup(slave); - port = strchr(name, ':'); - if (port == NULL) - errx(1, "port missing from %s", name); - *port++ = 0; - - c->name = estrdup(slave); - - memset(&hints, 0, sizeof(hints)); - hints.ai_family = PF_UNSPEC; - hints.ai_socktype = SOCK_STREAM; - - ret = getaddrinfo(name, port, &hints, &res0); - if (ret) - errx(1, "error resolving %s", name); - - for (res = res0, fd = -1; res; res = res->ai_next) { - fd = socket(res->ai_family, res->ai_socktype, res->ai_protocol); - if (fd < 0) - continue; - if (connect(fd, res->ai_addr, res->ai_addrlen) < 0) { - close(fd); - fd = -1; - continue; - } - c->sa = ecalloc(1, res->ai_addrlen); - memcpy(c->sa, res->ai_addr, res->ai_addrlen); - c->salen = res->ai_addrlen; - break; /* okay we got one */ - } - if (fd < 0) - err(1, "connect to host: %s", name); - freeaddrinfo(res); - - c->sock = krb5_storage_from_fd(fd); - close(fd); - if (c->sock == NULL) - errx(1, "krb5_storage_from_fd"); - - { - int32_t version; - char *str = NULL; - get_version_capa(c, &version, &c->capabilities, &str); - if (str) { - free(str); - } - if (c->capabilities & HAS_MONIKER) - get_moniker(c, &c->moniker); - else - c->moniker = c->name; - if (c->capabilities & ISSERVER) - get_targetname(c, &c->target_name); - } - - if (logfile) { - int fd; - - printf("starting log socket to client %s\n", c->moniker); - - fd = wait_log(c); - - c->logsock = krb5_storage_from_fd(fd); - close(fd); - if (c->logsock == NULL) - errx(1, "failed to create log krb5_storage"); -#ifdef ENABLE_PTHREAD_SUPPORT - pthread_create(&c->thr, NULL, log_function, c); -#else - c->child = fork(); - if (c->child == -1) - errx(1, "failed to fork"); - else if (c->child == 0) { - log_function(c); - fclose(logfile); - exit(0); - } -#endif - } - - - clients = erealloc(clients, (num_clients + 1) * sizeof(*clients)); - - clients[num_clients] = c; - num_clients++; - - free(name); -} - -static struct client * -get_client(const char *slave) -{ - size_t i; - for (i = 0; i < num_clients; i++) - if (strcmp(slave, clients[i]->name) == 0) - return clients[i]; - errx(1, "failed to find client %s", slave); -} - -/* - * - */ - -static int version_flag; -static int help_flag; -static char *logfile_str; -static getarg_strings principals; -static getarg_strings slaves; - -struct getargs args[] = { - { "principals", 0, arg_strings, &principals, "Test principal", - NULL }, - { "slaves", 0, arg_strings, &slaves, "Slaves", - NULL }, - { "log-file", 0, arg_string, &logfile_str, "Logfile", - NULL }, - { "version", 0, arg_flag, &version_flag, "Print version", - NULL }, - { "help", 0, arg_flag, &help_flag, NULL, - NULL } -}; - -static void -usage(int ret) -{ - arg_printusage (args, - sizeof(args) / sizeof(args[0]), - NULL, - ""); - exit (ret); -} - -int -main(int argc, char **argv) -{ - int optidx= 0; - char *user; - char *password; - char ***list, **p; - size_t num_list, i, j, k; - int failed = 0; - - setprogname (argv[0]); - - if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage (1); - - if (help_flag) - usage (0); - - if (version_flag) { - print_version (NULL); - return 0; - } - - if (optidx != argc) - usage (1); - - if (principals.num_strings == 0) - errx(1, "no principals"); - - user = estrdup(principals.strings[0]); - password = strchr(user, ':'); - if (password == NULL) - errx(1, "password missing from %s", user); - *password++ = 0; - - if (slaves.num_strings == 0) - errx(1, "no principals"); - - if (logfile_str) { - printf("open logfile %s\n", logfile_str); - logfile = fopen(logfile_str, "w+"); - if (logfile == NULL) - err(1, "failed to open: %s", logfile_str); - } - - /* - * - */ - - list = permutate_all(&slaves, &num_list); - - /* - * Set up connection to all clients - */ - - printf("Connecting to slaves\n"); - for (i = 0; i < slaves.num_strings; i++) - connect_client(slaves.strings[i]); - - /* - * Test acquire credentials - */ - - printf("Test acquire credentials\n"); - for (i = 0; i < slaves.num_strings; i++) { - int32_t hCred, val; - - val = acquire_cred(clients[i], user, password, 1, &hCred); - if (val != GSMERR_OK) { - warnx("Failed to acquire_cred on host %s: %d", - clients[i]->moniker, (int)val); - failed = 1; - } else - toast_resource(clients[i], hCred); - } - - if (failed) - goto out; - - /* - * First test if all slaves can build context to them-self. - */ - - printf("Self context tests\n"); - for (i = 0; i < num_clients; i++) { - int32_t hCred, val, delegCred; - int32_t clientC, serverC; - struct client *c = clients[i]; - - if (c->target_name == NULL) - continue; - - printf("%s connects to self using %s\n", - c->moniker, c->target_name); - - val = acquire_cred(c, user, password, 1, &hCred); - if (val != GSMERR_OK) - errx(1, "failed to acquire_cred: %d", (int)val); - - val = build_context(c, c, - GSS_C_REPLAY_FLAG|GSS_C_SEQUENCE_FLAG| - GSS_C_INTEG_FLAG|GSS_C_CONF_FLAG| - GSS_C_DELEG_FLAG|GSS_C_MUTUAL_FLAG, - hCred, &clientC, &serverC, &delegCred); - if (val == GSMERR_OK) { - test_token(c, clientC, c, serverC); - toast_resource(c, clientC); - toast_resource(c, serverC); - if (delegCred) - toast_resource(c, delegCred); - } else { - warnx("build_context failed: %d", (int)val); - } - /* - * - */ - - val = build_context(c, c, - GSS_C_INTEG_FLAG|GSS_C_CONF_FLAG, - hCred, &clientC, &serverC, &delegCred); - if (val == GSMERR_OK) { - test_token(c, clientC, c, serverC); - toast_resource(c, clientC); - toast_resource(c, serverC); - if (delegCred) - toast_resource(c, delegCred); - } else { - warnx("build_context failed: %d", (int)val); - } - - toast_resource(c, hCred); - } - /* - * Build contexts though all entries in each lists, including the - * step from the last entry to the first, ie treat the list as a - * circle. - * - * Only follow the delegated credential, but test "all" - * flags. (XXX only do deleg|mutual right now. - */ - - printf("\"All\" permutation tests\n"); - - for (i = 0; i < num_list; i++) { - int32_t hCred, val, delegCred = 0; - int32_t clientC = 0, serverC = 0; - struct client *client, *server; - - p = list[i]; - - client = get_client(p[0]); - - val = acquire_cred(client, user, password, 1, &hCred); - if (val != GSMERR_OK) - errx(1, "failed to acquire_cred: %d", (int)val); - - for (j = 1; j < num_clients + 1; j++) { - server = get_client(p[j % num_clients]); - - if (server->target_name == NULL) - break; - - for (k = 1; k < j; k++) - printf("\t"); - printf("%s -> %s\n", client->moniker, server->moniker); - - val = build_context(client, server, - GSS_C_REPLAY_FLAG|GSS_C_SEQUENCE_FLAG| - GSS_C_INTEG_FLAG|GSS_C_CONF_FLAG| - GSS_C_DELEG_FLAG|GSS_C_MUTUAL_FLAG, - hCred, &clientC, &serverC, &delegCred); - if (val != GSMERR_OK) { - warnx("build_context failed: %d", (int)val); - break; - } - - val = test_token(client, clientC, server, serverC); - if (val) - break; - - toast_resource(client, clientC); - toast_resource(server, serverC); - if (!delegCred) { - warnx("no delegated cred on %s", server->moniker); - break; - } - toast_resource(client, hCred); - hCred = delegCred; - client = server; - } - if (hCred) - toast_resource(client, hCred); - } - - /* - * Close all connections to clients - */ - -out: - printf("sending goodbye and waiting for log sockets\n"); - for (i = 0; i < num_clients; i++) { - goodbye(clients[i]); - if (clients[i]->logsock) { -#ifdef ENABLE_PTHREAD_SUPPORT - pthread_join(&clients[i]->thr, NULL); -#else - waitpid(clients[i]->child, NULL, 0); -#endif - } - } - - printf("done\n"); - - return 0; -} diff --git a/crypto/heimdal/appl/gssmask/gssmask.c b/crypto/heimdal/appl/gssmask/gssmask.c deleted file mode 100644 index 46b532b61f5a..000000000000 --- a/crypto/heimdal/appl/gssmask/gssmask.c +++ /dev/null @@ -1,1092 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "common.h" -RCSID("$Id: gssmask.c 21229 2007-06-20 10:19:19Z lha $"); - -/* - * - */ - -enum handle_type { handle_context, handle_cred }; - -struct handle { - int32_t idx; - enum handle_type type; - void *ptr; - struct handle *next; -}; - -struct client { - krb5_storage *sock; - krb5_storage *logging; - char *moniker; - int32_t nHandle; - struct handle *handles; - struct sockaddr_storage sa; - socklen_t salen; - char servername[MAXHOSTNAMELEN]; -}; - -FILE *logfile; -static char *targetname; -krb5_context context; - -/* - * - */ - -static void -logmessage(struct client *c, const char *file, unsigned int lineno, - int level, const char *fmt, ...) -{ - char *message; - va_list ap; - int32_t ackid; - - va_start(ap, fmt); - vasprintf(&message, fmt, ap); - va_end(ap); - - if (logfile) - fprintf(logfile, "%s:%u: %d %s\n", file, lineno, level, message); - - if (c->logging) { - if (krb5_store_int32(c->logging, eLogInfo) != 0) - errx(1, "krb5_store_int32: log level"); - if (krb5_store_string(c->logging, file) != 0) - errx(1, "krb5_store_string: filename"); - if (krb5_store_int32(c->logging, lineno) != 0) - errx(1, "krb5_store_string: filename"); - if (krb5_store_string(c->logging, message) != 0) - errx(1, "krb5_store_string: message"); - if (krb5_ret_int32(c->logging, &ackid) != 0) - errx(1, "krb5_ret_int32: ackid"); - } - free(message); -} - -/* - * - */ - -static int32_t -add_handle(struct client *c, enum handle_type type, void *data) -{ - struct handle *h; - - h = ecalloc(1, sizeof(*h)); - - h->idx = ++c->nHandle; - h->type = type; - h->ptr = data; - h->next = c->handles; - c->handles = h; - - return h->idx; -} - -static void -del_handle(struct handle **h, int32_t idx) -{ - OM_uint32 min_stat; - - if (idx == 0) - return; - - while (*h) { - if ((*h)->idx == idx) { - struct handle *p = *h; - *h = (*h)->next; - switch(p->type) { - case handle_context: { - gss_ctx_id_t c = p->ptr; - gss_delete_sec_context(&min_stat, &c, NULL); - break; } - case handle_cred: { - gss_cred_id_t c = p->ptr; - gss_release_cred(&min_stat, &c); - break; } - } - free(p); - return; - } - h = &((*h)->next); - } - errx(1, "tried to delete an unexisting handle"); -} - -static void * -find_handle(struct handle *h, int32_t idx, enum handle_type type) -{ - if (idx == 0) - return NULL; - - while (h) { - if (h->idx == idx) { - if (type == h->type) - return h->ptr; - errx(1, "monger switched type on handle!"); - } - h = h->next; - } - return NULL; -} - - -static int32_t -convert_gss_to_gsm(OM_uint32 maj_stat) -{ - switch(maj_stat) { - case 0: - return GSMERR_OK; - case GSS_S_CONTINUE_NEEDED: - return GSMERR_CONTINUE_NEEDED; - case GSS_S_DEFECTIVE_TOKEN: - return GSMERR_INVALID_TOKEN; - case GSS_S_BAD_MIC: - return GSMERR_AP_MODIFIED; - default: - return GSMERR_ERROR; - } -} - -static int32_t -convert_krb5_to_gsm(krb5_error_code ret) -{ - switch(ret) { - case 0: - return GSMERR_OK; - default: - return GSMERR_ERROR; - } -} - -/* - * - */ - -static int32_t -acquire_cred(struct client *c, - krb5_principal principal, - krb5_get_init_creds_opt *opt, - int32_t *handle) -{ - krb5_error_code ret; - krb5_creds cred; - krb5_ccache id; - gss_cred_id_t gcred; - OM_uint32 maj_stat, min_stat; - - *handle = 0; - - krb5_get_init_creds_opt_set_forwardable (opt, 1); - krb5_get_init_creds_opt_set_renew_life (opt, 3600 * 24 * 30); - - memset(&cred, 0, sizeof(cred)); - - ret = krb5_get_init_creds_password (context, - &cred, - principal, - NULL, - NULL, - NULL, - 0, - NULL, - opt); - if (ret) { - logmessage(c, __FILE__, __LINE__, 0, - "krb5_get_init_creds failed: %d", ret); - return convert_krb5_to_gsm(ret); - } - - ret = krb5_cc_new_unique(context, "MEMORY", NULL, &id); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_initialize"); - - ret = krb5_cc_initialize (context, id, cred.client); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_initialize"); - - ret = krb5_cc_store_cred (context, id, &cred); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_store_cred"); - - krb5_free_cred_contents (context, &cred); - - maj_stat = gss_krb5_import_cred(&min_stat, - id, - NULL, - NULL, - &gcred); - krb5_cc_close(context, id); - if (maj_stat) { - logmessage(c, __FILE__, __LINE__, 0, - "krb5 import creds failed with: %d", maj_stat); - return convert_gss_to_gsm(maj_stat); - } - - *handle = add_handle(c, handle_cred, gcred); - - return 0; -} - - -/* - * - */ - -#define HandleOP(h) \ -handle##h(enum gssMaggotOp op, struct client *c) - -/* - * - */ - -static int -HandleOP(GetVersionInfo) -{ - put32(c, GSSMAGGOTPROTOCOL); - errx(1, "GetVersionInfo"); -} - -static int -HandleOP(GoodBye) -{ - struct handle *h = c->handles; - int i = 0; - - while (h) { - h = h->next; - i++; - } - - if (i != 0) - logmessage(c, __FILE__, __LINE__, 0, - "Did not toast all resources: %d", i); - return 1; -} - -static int -HandleOP(InitContext) -{ - OM_uint32 maj_stat, min_stat, ret_flags; - int32_t hContext, hCred, flags; - krb5_data target_name, in_token; - int32_t new_context_id = 0, gsm_error = 0; - krb5_data out_token = { 0 , NULL }; - - gss_ctx_id_t ctx; - gss_cred_id_t creds; - gss_name_t gss_target_name; - gss_buffer_desc input_token, output_token; - gss_OID oid = GSS_C_NO_OID; - gss_buffer_t input_token_ptr = GSS_C_NO_BUFFER; - - ret32(c, hContext); - ret32(c, hCred); - ret32(c, flags); - retdata(c, target_name); - retdata(c, in_token); - - logmessage(c, __FILE__, __LINE__, 0, - "targetname: <%.*s>", (int)target_name.length, - (char *)target_name.data); - - ctx = find_handle(c->handles, hContext, handle_context); - if (ctx == NULL) - hContext = 0; - creds = find_handle(c->handles, hCred, handle_cred); - if (creds == NULL) - abort(); - - input_token.length = target_name.length; - input_token.value = target_name.data; - - maj_stat = gss_import_name(&min_stat, - &input_token, - GSS_KRB5_NT_PRINCIPAL_NAME, - &gss_target_name); - if (GSS_ERROR(maj_stat)) { - logmessage(c, __FILE__, __LINE__, 0, - "import name creds failed with: %d", maj_stat); - gsm_error = convert_gss_to_gsm(maj_stat); - goto out; - } - - /* oid from flags */ - - if (in_token.length) { - input_token.length = in_token.length; - input_token.value = in_token.data; - input_token_ptr = &input_token; - if (ctx == NULL) - krb5_errx(context, 1, "initcreds, context NULL, but not first req"); - } else { - input_token.length = 0; - input_token.value = NULL; - if (ctx) - krb5_errx(context, 1, "initcreds, context not NULL, but first req"); - } - - if ((flags & GSS_C_DELEG_FLAG) != 0) - logmessage(c, __FILE__, __LINE__, 0, "init_sec_context delegating"); - if ((flags & GSS_C_DCE_STYLE) != 0) - logmessage(c, __FILE__, __LINE__, 0, "init_sec_context dce-style"); - - maj_stat = gss_init_sec_context(&min_stat, - creds, - &ctx, - gss_target_name, - oid, - flags & 0x7f, - 0, - NULL, - input_token_ptr, - NULL, - &output_token, - &ret_flags, - NULL); - if (GSS_ERROR(maj_stat)) { - if (hContext != 0) - del_handle(&c->handles, hContext); - new_context_id = 0; - logmessage(c, __FILE__, __LINE__, 0, - "gss_init_sec_context returns code: %d/%d", - maj_stat, min_stat); - } else { - if (input_token.length == 0) - new_context_id = add_handle(c, handle_context, ctx); - else - new_context_id = hContext; - } - - gsm_error = convert_gss_to_gsm(maj_stat); - - if (output_token.length) { - out_token.data = output_token.value; - out_token.length = output_token.length; - } - -out: - logmessage(c, __FILE__, __LINE__, 0, - "InitContext return code: %d", gsm_error); - - put32(c, new_context_id); - put32(c, gsm_error); - putdata(c, out_token); - - gss_release_name(&min_stat, &gss_target_name); - if (output_token.length) - gss_release_buffer(&min_stat, &output_token); - krb5_data_free(&in_token); - krb5_data_free(&target_name); - - return 0; -} - -static int -HandleOP(AcceptContext) -{ - OM_uint32 maj_stat, min_stat, ret_flags; - int32_t hContext, deleg_hcred, flags; - krb5_data in_token; - int32_t new_context_id = 0, gsm_error = 0; - krb5_data out_token = { 0 , NULL }; - - gss_ctx_id_t ctx; - gss_cred_id_t deleg_cred = GSS_C_NO_CREDENTIAL; - gss_buffer_desc input_token, output_token; - gss_buffer_t input_token_ptr = GSS_C_NO_BUFFER; - - ret32(c, hContext); - ret32(c, flags); - retdata(c, in_token); - - ctx = find_handle(c->handles, hContext, handle_context); - if (ctx == NULL) - hContext = 0; - - if (in_token.length) { - input_token.length = in_token.length; - input_token.value = in_token.data; - input_token_ptr = &input_token; - } else { - input_token.length = 0; - input_token.value = NULL; - } - - maj_stat = gss_accept_sec_context(&min_stat, - &ctx, - GSS_C_NO_CREDENTIAL, - &input_token, - GSS_C_NO_CHANNEL_BINDINGS, - NULL, - NULL, - &output_token, - &ret_flags, - NULL, - &deleg_cred); - if (GSS_ERROR(maj_stat)) { - if (hContext != 0) - del_handle(&c->handles, hContext); - logmessage(c, __FILE__, __LINE__, 0, - "gss_accept_sec_context returns code: %d/%d", - maj_stat, min_stat); - new_context_id = 0; - } else { - if (hContext == 0) - new_context_id = add_handle(c, handle_context, ctx); - else - new_context_id = hContext; - } - if (output_token.length) { - out_token.data = output_token.value; - out_token.length = output_token.length; - } - if ((ret_flags & GSS_C_DCE_STYLE) != 0) - logmessage(c, __FILE__, __LINE__, 0, "accept_sec_context dce-style"); - if ((ret_flags & GSS_C_DELEG_FLAG) != 0) { - deleg_hcred = add_handle(c, handle_cred, deleg_cred); - logmessage(c, __FILE__, __LINE__, 0, - "accept_context delegated handle: %d", deleg_hcred); - } else { - gss_release_cred(&min_stat, &deleg_cred); - deleg_hcred = 0; - } - - - gsm_error = convert_gss_to_gsm(maj_stat); - - put32(c, new_context_id); - put32(c, gsm_error); - putdata(c, out_token); - put32(c, deleg_hcred); - - if (output_token.length) - gss_release_buffer(&min_stat, &output_token); - krb5_data_free(&in_token); - - return 0; -} - -static int -HandleOP(ToastResource) -{ - int32_t handle; - - ret32(c, handle); - logmessage(c, __FILE__, __LINE__, 0, "toasting %d", handle); - del_handle(&c->handles, handle); - put32(c, GSMERR_OK); - - return 0; -} - -static int -HandleOP(AcquireCreds) -{ - char *name, *password; - int32_t gsm_error, flags, handle = 0; - krb5_principal principal = NULL; - krb5_get_init_creds_opt *opt = NULL; - krb5_error_code ret; - - retstring(c, name); - retstring(c, password); - ret32(c, flags); - - logmessage(c, __FILE__, __LINE__, 0, - "username: %s password: %s", name, password); - - ret = krb5_parse_name(context, name, &principal); - if (ret) { - gsm_error = convert_krb5_to_gsm(ret); - goto out; - } - - ret = krb5_get_init_creds_opt_alloc (context, &opt); - if (ret) - krb5_err(context, 1, ret, "krb5_get_init_creds_opt_alloc"); - - krb5_get_init_creds_opt_set_pa_password(context, opt, password, NULL); - - gsm_error = acquire_cred(c, principal, opt, &handle); - -out: - logmessage(c, __FILE__, __LINE__, 0, - "AcquireCreds handle: %d return code: %d", handle, gsm_error); - - if (opt) - krb5_get_init_creds_opt_free (context, opt); - if (principal) - krb5_free_principal(context, principal); - free(name); - free(password); - - put32(c, gsm_error); - put32(c, handle); - - return 0; -} - -static int -HandleOP(Sign) -{ - OM_uint32 maj_stat, min_stat; - int32_t hContext, flags, seqno; - krb5_data token; - gss_ctx_id_t ctx; - gss_buffer_desc input_token, output_token; - - ret32(c, hContext); - ret32(c, flags); - ret32(c, seqno); - retdata(c, token); - - ctx = find_handle(c->handles, hContext, handle_context); - if (ctx == NULL) - errx(1, "sign: reference to unknown context"); - - input_token.length = token.length; - input_token.value = token.data; - - maj_stat = gss_get_mic(&min_stat, ctx, 0, &input_token, - &output_token); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_get_mic failed"); - - krb5_data_free(&token); - - token.data = output_token.value; - token.length = output_token.length; - - put32(c, 0); /* XXX fix gsm_error */ - putdata(c, token); - - gss_release_buffer(&min_stat, &output_token); - - return 0; -} - -static int -HandleOP(Verify) -{ - OM_uint32 maj_stat, min_stat; - int32_t hContext, flags, seqno; - krb5_data msg, mic; - gss_ctx_id_t ctx; - gss_buffer_desc msg_token, mic_token; - gss_qop_t qop; - - ret32(c, hContext); - - ctx = find_handle(c->handles, hContext, handle_context); - if (ctx == NULL) - errx(1, "verify: reference to unknown context"); - - ret32(c, flags); - ret32(c, seqno); - retdata(c, msg); - - msg_token.length = msg.length; - msg_token.value = msg.data; - - retdata(c, mic); - - mic_token.length = mic.length; - mic_token.value = mic.data; - - maj_stat = gss_verify_mic(&min_stat, ctx, &msg_token, - &mic_token, &qop); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_verify_mic failed"); - - krb5_data_free(&mic); - krb5_data_free(&msg); - - put32(c, 0); /* XXX fix gsm_error */ - - return 0; -} - -static int -HandleOP(GetVersionAndCapabilities) -{ - int32_t cap = HAS_MONIKER; - char name[256] = "unknown", *str; - - if (targetname) - cap |= ISSERVER; /* is server */ - -#ifdef HAVE_UNAME - { - struct utsname ut; - if (uname(&ut) == 0) { - snprintf(name, sizeof(name), "%s-%s-%s", - ut.sysname, ut.version, ut.machine); - } - } -#endif - - asprintf(&str, "gssmask %s %s", PACKAGE_STRING, name); - - put32(c, GSSMAGGOTPROTOCOL); - put32(c, cap); - putstring(c, str); - free(str); - - return 0; -} - -static int -HandleOP(GetTargetName) -{ - if (targetname) - putstring(c, targetname); - else - putstring(c, ""); - return 0; -} - -static int -HandleOP(SetLoggingSocket) -{ - int32_t portnum; - int fd, ret; - - ret32(c, portnum); - - logmessage(c, __FILE__, __LINE__, 0, - "logging port on peer is: %d", (int)portnum); - - socket_set_port((struct sockaddr *)(&c->sa), htons(portnum)); - - fd = socket(((struct sockaddr *)&c->sa)->sa_family, SOCK_STREAM, 0); - if (fd < 0) - return 0; - - ret = connect(fd, (struct sockaddr *)&c->sa, c->salen); - if (ret < 0) { - logmessage(c, __FILE__, __LINE__, 0, "failed connect to log port: %s", - strerror(errno)); - close(fd); - return 0; - } - - if (c->logging) - krb5_storage_free(c->logging); - c->logging = krb5_storage_from_fd(fd); - close(fd); - - krb5_store_int32(c->logging, eLogSetMoniker); - store_string(c->logging, c->moniker); - - logmessage(c, __FILE__, __LINE__, 0, "logging turned on"); - - return 0; -} - - -static int -HandleOP(ChangePassword) -{ - errx(1, "ChangePassword"); -} - -static int -HandleOP(SetPasswordSelf) -{ - errx(1, "SetPasswordSelf"); -} - -static int -HandleOP(Wrap) -{ - OM_uint32 maj_stat, min_stat; - int32_t hContext, flags, seqno; - krb5_data token; - gss_ctx_id_t ctx; - gss_buffer_desc input_token, output_token; - int conf_state; - - ret32(c, hContext); - ret32(c, flags); - ret32(c, seqno); - retdata(c, token); - - ctx = find_handle(c->handles, hContext, handle_context); - if (ctx == NULL) - errx(1, "wrap: reference to unknown context"); - - input_token.length = token.length; - input_token.value = token.data; - - maj_stat = gss_wrap(&min_stat, ctx, flags, 0, &input_token, - &conf_state, &output_token); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_wrap failed"); - - krb5_data_free(&token); - - token.data = output_token.value; - token.length = output_token.length; - - put32(c, 0); /* XXX fix gsm_error */ - putdata(c, token); - - gss_release_buffer(&min_stat, &output_token); - - return 0; -} - - -static int -HandleOP(Unwrap) -{ - OM_uint32 maj_stat, min_stat; - int32_t hContext, flags, seqno; - krb5_data token; - gss_ctx_id_t ctx; - gss_buffer_desc input_token, output_token; - int conf_state; - gss_qop_t qop_state; - - ret32(c, hContext); - ret32(c, flags); - ret32(c, seqno); - retdata(c, token); - - ctx = find_handle(c->handles, hContext, handle_context); - if (ctx == NULL) - errx(1, "unwrap: reference to unknown context"); - - input_token.length = token.length; - input_token.value = token.data; - - maj_stat = gss_unwrap(&min_stat, ctx, &input_token, - &output_token, &conf_state, &qop_state); - - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_unwrap failed: %d/%d", maj_stat, min_stat); - - krb5_data_free(&token); - if (maj_stat == GSS_S_COMPLETE) { - token.data = output_token.value; - token.length = output_token.length; - } else { - token.data = NULL; - token.length = 0; - } - put32(c, 0); /* XXX fix gsm_error */ - putdata(c, token); - - if (maj_stat == GSS_S_COMPLETE) - gss_release_buffer(&min_stat, &output_token); - - return 0; -} - -static int -HandleOP(Encrypt) -{ - return handleWrap(op, c); -} - -static int -HandleOP(Decrypt) -{ - return handleUnwrap(op, c); -} - -static int -HandleOP(ConnectLoggingService2) -{ - errx(1, "ConnectLoggingService2"); -} - -static int -HandleOP(GetMoniker) -{ - putstring(c, c->moniker); - return 0; -} - -static int -HandleOP(CallExtension) -{ - errx(1, "CallExtension"); -} - -static int -HandleOP(AcquirePKInitCreds) -{ - int32_t flags; - krb5_data pfxdata; - - ret32(c, flags); - retdata(c, pfxdata); - - /* get credentials */ - - krb5_data_free(&pfxdata); - - put32(c, -1); /* hResource */ - put32(c, GSMERR_NOT_SUPPORTED); - return 0; -} - -/* - * - */ - -struct handler { - enum gssMaggotOp op; - const char *name; - int (*func)(enum gssMaggotOp, struct client *); -}; - -#define S(a) { e##a, #a, handle##a } - -struct handler handlers[] = { - S(GetVersionInfo), - S(GoodBye), - S(InitContext), - S(AcceptContext), - S(ToastResource), - S(AcquireCreds), - S(Encrypt), - S(Decrypt), - S(Sign), - S(Verify), - S(GetVersionAndCapabilities), - S(GetTargetName), - S(SetLoggingSocket), - S(ChangePassword), - S(SetPasswordSelf), - S(Wrap), - S(Unwrap), - S(ConnectLoggingService2), - S(GetMoniker), - S(CallExtension), - S(AcquirePKInitCreds) -}; - -#undef S - -/* - * - */ - -static struct handler * -find_op(int32_t op) -{ - int i; - - for (i = 0; i < sizeof(handlers)/sizeof(handlers[0]); i++) - if (handlers[i].op == op) - return &handlers[i]; - return NULL; -} - -static struct client * -create_client(int fd, int port, const char *moniker) -{ - struct client *c; - - c = ecalloc(1, sizeof(*c)); - - if (moniker) { - c->moniker = estrdup(moniker); - } else { - char hostname[MAXHOSTNAMELEN]; - gethostname(hostname, sizeof(hostname)); - asprintf(&c->moniker, "gssmask: %s:%d", hostname, port); - } - - { - c->salen = sizeof(c->sa); - getpeername(fd, (struct sockaddr *)&c->sa, &c->salen); - - getnameinfo((struct sockaddr *)&c->sa, c->salen, - c->servername, sizeof(c->servername), - NULL, 0, NI_NUMERICHOST); - } - - c->sock = krb5_storage_from_fd(fd); - if (c->sock == NULL) - errx(1, "krb5_storage_from_fd"); - - close(fd); - - return c; -} - -static void -free_client(struct client *c) -{ - while(c->handles) - del_handle(&c->handles, c->handles->idx); - - free(c->moniker); - krb5_storage_free(c->sock); - if (c->logging) - krb5_storage_free(c->logging); - free(c); -} - - -static void * -handleServer(void *ptr) -{ - struct handler *handler; - struct client *c; - int32_t op; - - c = (struct client *)ptr; - - - while(1) { - ret32(c, op); - - handler = find_op(op); - if (handler == NULL) { - logmessage(c, __FILE__, __LINE__, 0, - "op %d not supported", (int)op); - exit(1); - } - - logmessage(c, __FILE__, __LINE__, 0, - "---> Got op %s from server %s", - handler->name, c->servername); - - if ((handler->func)(handler->op, c)) - break; - } - - return NULL; -} - - -static char *port_str; -static int version_flag; -static int help_flag; -static char *logfile_str; -static char *moniker_str; - -static int port = 4711; - -struct getargs args[] = { - { "spn", 0, arg_string, &targetname, "This host's SPN", - "service/host@REALM" }, - { "port", 'p', arg_string, &port_str, "Use this port", - "number-of-service" }, - { "logfile", 0, arg_string, &logfile_str, "logfile", - "number-of-service" }, - { "moniker", 0, arg_string, &moniker_str, "nickname", - "name" }, - { "version", 0, arg_flag, &version_flag, "Print version", - NULL }, - { "help", 0, arg_flag, &help_flag, NULL, - NULL } -}; - -static void -usage(int ret) -{ - arg_printusage (args, - sizeof(args) / sizeof(args[0]), - NULL, - ""); - exit (ret); -} - -int -main(int argc, char **argv) -{ - int optidx = 0; - - setprogname (argv[0]); - - if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage (1); - - if (help_flag) - usage (0); - - if (version_flag) { - print_version (NULL); - return 0; - } - - if (optidx != argc) - usage (1); - - if (port_str) { - char *ptr; - - port = strtol (port_str, &ptr, 10); - if (port == 0 && ptr == port_str) - errx (1, "Bad port `%s'", port_str); - } - - krb5_init_context(&context); - - { - const char *lf = logfile_str; - if (lf == NULL) - lf = "/dev/tty"; - - logfile = fopen(lf, "w"); - if (logfile == NULL) - err(1, "error opening %s", lf); - } - - mini_inetd(htons(port)); - fprintf(logfile, "connected\n"); - - { - struct client *c; - - c = create_client(0, port, moniker_str); - /* close(0); */ - - handleServer(c); - - free_client(c); - } - - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/appl/gssmask/protocol.h b/crypto/heimdal/appl/gssmask/protocol.h deleted file mode 100644 index 3683fa6edb1d..000000000000 --- a/crypto/heimdal/appl/gssmask/protocol.h +++ /dev/null @@ -1,286 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -/* - * $Id: protocol.h 18352 2006-10-08 13:53:28Z lha $ - */ - -/* missing from tests: - * - export context - * - import context - */ - -/* - * wire encodings: - * int16: number, 2 bytes, in network order - * int32: number, 4 bytes, in network order - * length-encoded: [int32 length, data of length bytes] - * string: [int32 length, string of length + 1 bytes, includes trailing '\0' ] - */ - -enum gssMaggotErrorCodes { - GSMERR_OK = 0, - GSMERR_ERROR, - GSMERR_CONTINUE_NEEDED, - GSMERR_INVALID_TOKEN, - GSMERR_AP_MODIFIED, - GSMERR_TEST_ISSUE, - GSMERR_NOT_SUPPORTED -}; - -/* - * input: - * int32: message OP (enum gssMaggotProtocol) - * ... - * - * return: -- on error - * int32: not support (GSMERR_NOT_SUPPORTED) - * - * return: -- on existing message OP - * int32: support (GSMERR_OK) -- only sent for extensions - * ... - */ - -#define GSSMAGGOTPROTOCOL 14 - -enum gssMaggotOp { - eGetVersionInfo = 0, - /* - * input: - * none - * return: - * int32: last version handled - */ - eGoodBye, - /* - * input: - * none - * return: - * close socket - */ - eInitContext, - /* - * input: - * int32: hContext - * int32: hCred - * int32: Flags - * the lowest 0x7f flags maps directly to GSS-API flags - * DELEGATE 0x001 - * MUTUAL_AUTH 0x002 - * REPLAY_DETECT 0x004 - * SEQUENCE_DETECT 0x008 - * CONFIDENTIALITY 0x010 - * INTEGRITY 0x020 - * ANONYMOUS 0x040 - * - * FIRST_CALL 0x080 - * - * NTLM 0x100 - * SPNEGO 0x200 - * length-encoded: targetname - * length-encoded: token - * return: - * int32: hNewContextId - * int32: gssapi status val - * length-encoded: output token - */ - eAcceptContext, - /* - * input: - * int32: hContext - * int32: Flags -- unused ? - * flags are same as flags for eInitContext - * length-encoded: token - * return: - * int32: hNewContextId - * int32: gssapi status val - * length-encoded: output token - * int32: delegation cred id - */ - eToastResource, - /* - * input: - * int32: hResource - * return: - * int32: gsm status val - */ - eAcquireCreds, - /* - * input: - * string: principal name - * string: password - * int32: flags - * FORWARDABLE 0x001 - * DEFAULT_CREDS 0x002 - * - * NTLM 0x100 - * SPNEGO 0x200 - * return: - * int32: gsm status val - * int32: hCred - */ - eEncrypt, - /* - * input: - * int32: hContext - * int32: flags -- unused - * int32: seqno -- unused - * length-encode: plaintext - * return: - * int32: gsm status val - * length-encode: ciphertext - */ - eDecrypt, - /* - * input: - * int32: hContext - * int32: flags -- unused - * int32: seqno -- unused - * length-encode: ciphertext - * return: - * int32: gsm status val - * length-encode: plaintext - */ - eSign, - /* message same as eEncrypt */ - eVerify, - /* - * input: - * int32: hContext - * int32: flags -- unused - * int32: seqno -- unused - * length-encode: message - * length-encode: signature - * return: - * int32: gsm status val - */ - eGetVersionAndCapabilities, - /* - * return: - * int32: protocol version - * int32: capability flags */ -#define ISSERVER 0x01 -#define ISKDC 0x02 -#define MS_KERBEROS 0x04 -#define LOGSERVER 0x08 -#define HAS_MONIKER 0x10 - /* string: version string - */ - eGetTargetName, - /* - * return: - * string: target principal name - */ - eSetLoggingSocket, - /* - * input: - * int32: hostPort - * return to the port on the host: - * int32: opcode - for example eLogSetMoniker - */ - eChangePassword, - /* here ended version 7 of the protocol */ - /* - * input: - * string: principal name - * string: old password - * string: new password - * return: - * int32: gsm status val - */ - eSetPasswordSelf, - /* same as eChangePassword */ - eWrap, - /* message same as eEncrypt */ - eUnwrap, - /* message same as eDecrypt */ - eConnectLoggingService2, - /* - * return1: - * int16: log port number - * int32: master log prototocol version (0) - * - * wait for master to connect on the master log socket - * - * return2: - * int32: gsm connection status - * int32: maggot log prototocol version (2) - */ - eGetMoniker, - /* - * return: - * string: moniker (Nickname the master can refer to maggot) - */ - eCallExtension, - /* - * input: - * string: extension name - * int32: message id - * return: - * int32: gsm status val - */ - eAcquirePKInitCreds, - /* - * input: - * int32: flags - * length-encode: certificate (pkcs12 data) - * return: - * int32: hResource - * int32: gsm status val (GSMERR_NOT_SUPPORTED) - */ - /* here ended version 7 of the protocol */ - eLastProtocolMessage -}; - -enum gssMaggotLogOp{ - eLogInfo = 0, - /* - string: File - int32: Line - string: message - reply: - int32: ackid - */ - eLogFailure, - /* - string: File - int32: Line - string: message - reply: - int32: ackid - */ - eLogSetMoniker - /* - string: moniker - */ -}; diff --git a/crypto/heimdal/appl/kf/Makefile.am b/crypto/heimdal/appl/kf/Makefile.am deleted file mode 100644 index 10d4be6ca65b..000000000000 --- a/crypto/heimdal/appl/kf/Makefile.am +++ /dev/null @@ -1,20 +0,0 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -include $(top_srcdir)/Makefile.am.common - -bin_PROGRAMS = kf - -libexec_PROGRAMS = kfd - -man_MANS = kf.1 kfd.8 - -kf_SOURCES = kf.c kf_locl.h - -kfd_SOURCES = kfd.c kf_locl.h - -LDADD = $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) - -EXTRA_DIST = $(man_MANS) diff --git a/crypto/heimdal/appl/kf/Makefile.in b/crypto/heimdal/appl/kf/Makefile.in deleted file mode 100644 index 1dc0684ead24..000000000000 --- a/crypto/heimdal/appl/kf/Makefile.in +++ /dev/null @@ -1,925 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -bin_PROGRAMS = kf$(EXEEXT) -libexec_PROGRAMS = kfd$(EXEEXT) -subdir = appl/kf -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)" \ - "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man8dir)" -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(bin_PROGRAMS) $(libexec_PROGRAMS) -am_kf_OBJECTS = kf.$(OBJEXT) -kf_OBJECTS = $(am_kf_OBJECTS) -kf_LDADD = $(LDADD) -am__DEPENDENCIES_1 = -kf_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) -am_kfd_OBJECTS = kfd.$(OBJEXT) -kfd_OBJECTS = $(am_kfd_OBJECTS) -kfd_LDADD = $(LDADD) -kfd_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(kf_SOURCES) $(kfd_SOURCES) -DIST_SOURCES = $(kf_SOURCES) $(kfd_SOURCES) -man1dir = $(mandir)/man1 -man8dir = $(mandir)/man8 -MANS = $(man_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -man_MANS = kf.1 kfd.8 -kf_SOURCES = kf.c kf_locl.h -kfd_SOURCES = kfd.c kf_locl.h -LDADD = $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) - -EXTRA_DIST = $(man_MANS) -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/kf/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/kf/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-binPROGRAMS: $(bin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-binPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done - -clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -install-libexecPROGRAMS: $(libexec_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-libexecPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done - -clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -kf$(EXEEXT): $(kf_OBJECTS) $(kf_DEPENDENCIES) - @rm -f kf$(EXEEXT) - $(LINK) $(kf_OBJECTS) $(kf_LDADD) $(LIBS) -kfd$(EXEEXT): $(kfd_OBJECTS) $(kfd_DEPENDENCIES) - @rm -f kfd$(EXEEXT) - $(LINK) $(kfd_OBJECTS) $(kfd_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done -install-man8: $(man8_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(PROGRAMS) $(MANS) all-local -installdirs: - for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \ - clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-binPROGRAMS install-libexecPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man1 install-man8 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-binPROGRAMS uninstall-libexecPROGRAMS \ - uninstall-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man1 uninstall-man8 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \ - clean-libtool ctags dist-hook distclean distclean-compile \ - distclean-generic distclean-libtool distclean-tags distdir dvi \ - dvi-am html html-am info info-am install install-am \ - install-binPROGRAMS install-data install-data-am \ - install-data-hook install-dvi install-dvi-am install-exec \ - install-exec-am install-exec-hook install-html install-html-am \ - install-info install-info-am install-libexecPROGRAMS \ - install-man install-man1 install-man8 install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-binPROGRAMS \ - uninstall-hook uninstall-libexecPROGRAMS uninstall-man \ - uninstall-man1 uninstall-man8 - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/appl/kf/kf.1 b/crypto/heimdal/appl/kf/kf.1 deleted file mode 100644 index 97e408d0d927..000000000000 --- a/crypto/heimdal/appl/kf/kf.1 +++ /dev/null @@ -1,112 +0,0 @@ -.\" Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kf.1 11986 2003-04-11 12:43:57Z lha $ -.\" -.Dd July 2, 2000 -.Dt KF 1 -.Os Heimdal -.Sh NAME -.Nm kf -.Nd securely forward tickets -.Sh SYNOPSIS -.Nm -.Oo -.Fl p Ar port | -.Fl -port Ns = Ns Ar port -.Oc -.Oo -.Fl l Ar login | -.Fl -login Ns = Ns Ar login -.Oc -.Oo -.Fl c Ar ccache | -.Fl -ccache Ns = Ns Ar ccache -.Oc -.Op Fl F | -forwardable -.Op Fl G | -no-forwardable -.Op Fl h | -help -.Op Fl -version -.Ar host ... -.Sh DESCRIPTION -The -.Nm -program forwards tickets to a remote host through an authenticated -and encrypted stream. -Options supported are: -.Bl -tag -width indent -.It Xo -.Fl p Ar port , -.Fl -port Ns = Ns Ar port -.Xc -port to connect to -.It Xo -.Fl l Ar login , -.Fl -login Ns = Ns Ar login -.Xc -remote login name -.It Xo -.Fl c Ar ccache , -.Fl -ccache Ns = Ns Ar ccache -.Xc -remote cred cache -.It Fl F , -forwardable -forward forwardable credentials -.It Fl G , -no-forwardable -do not forward forwardable credentials -.It Fl h , -help -.It Fl -version -.El -.Pp -.Nm -is useful when you do not want to enter your password on a remote host -but want to have your tickets one for example AFS. -.Pp -In order for -.Nm -to work you will need to acquire your initial ticket with forwardable -flag, i.e. -.Nm kinit Fl -forwardable . -.Pp -.Nm telnet -is able to forward tickets by itself. -.\".Sh ENVIRONMENT -.\".Sh FILES -.\".Sh EXAMPLES -.\".Sh DIAGNOSTICS -.Sh SEE ALSO -.Xr kinit 1 , -.Xr telnet 1 , -.Xr kfd 8 -.\".Sh STANDARDS -.\".Sh HISTORY -.\".Sh AUTHORS -.\".Sh BUGS diff --git a/crypto/heimdal/appl/kf/kf.c b/crypto/heimdal/appl/kf/kf.c deleted file mode 100644 index 637796548fc0..000000000000 --- a/crypto/heimdal/appl/kf/kf.c +++ /dev/null @@ -1,335 +0,0 @@ -/* - * Copyright (c) 1997 - 2000, 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kf_locl.h" -RCSID("$Id: kf.c 11400 2002-09-05 15:00:03Z joda $"); - -krb5_context context; -static int help_flag; -static int version_flag; -static char *port_str; -const char *service = KF_SERVICE; -const char *remote_name = NULL; -int forwardable = 0; -const char *ccache_name = NULL; - -static struct getargs args[] = { - { "port", 'p', arg_string, &port_str, "port to connect to", "port" }, - { "login", 'l',arg_string, &remote_name,"remote login name","login"}, - { "ccache", 'c',arg_string, &ccache_name, "remote cred cache","ccache"}, - { "forwardable",'F',arg_flag,&forwardable, - "Forward forwardable credentials", NULL }, - { "forwardable",'G',arg_negative_flag,&forwardable, - "Don't forward forwardable credentials", NULL }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 0, arg_flag, &version_flag } -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage(int code, struct getargs *args, int num_args) -{ - arg_printusage(args, num_args, NULL, "hosts"); - exit(code); -} - -static int -client_setup(krb5_context *context, int *argc, char **argv) -{ - int optind = 0; - int port = 0; - int status; - - setprogname (argv[0]); - - status = krb5_init_context (context); - if (status) - errx(1, "krb5_init_context failed: %d", status); - - forwardable = krb5_config_get_bool (*context, NULL, - "libdefaults", - "forwardable", - NULL); - - if (getarg (args, num_args, *argc, argv, &optind)) - usage(1, args, num_args); - - if(help_flag) - usage (0, args, num_args); - if(version_flag) { - print_version(NULL); - exit(0); - } - - if(port_str) { - struct servent *s = roken_getservbyname(port_str, "tcp"); - if(s) - port = s->s_port; - else { - char *ptr; - - port = strtol (port_str, &ptr, 10); - if (port == 0 && ptr == port_str) - errx (1, "Bad port `%s'", port_str); - port = htons(port); - } - } - - if (port == 0) - port = krb5_getportbyname (*context, KF_PORT_NAME, "tcp", KF_PORT_NUM); - - if(*argc - optind < 1) - usage(1, args, num_args); - *argc = optind; - - return port; -} - -/* - * forward creds to `hostname'/`service' over `sock' - * return 0 iff OK - */ - -static int -proto (int sock, const char *hostname, const char *service, - char *message, size_t len) -{ - krb5_auth_context auth_context; - krb5_error_code status; - krb5_principal server; - krb5_data data; - krb5_data data_send; - - krb5_ccache ccache; - krb5_creds creds; - krb5_kdc_flags flags; - krb5_principal principal; - - status = krb5_auth_con_init (context, &auth_context); - if (status) { - krb5_warn (context, status, "krb5_auth_con_init"); - return 1; - } - - status = krb5_auth_con_setaddrs_from_fd (context, - auth_context, - &sock); - if (status) { - krb5_warn (context, status, "krb5_auth_con_setaddr"); - return 1; - } - - status = krb5_sname_to_principal (context, - hostname, - service, - KRB5_NT_SRV_HST, - &server); - if (status) { - krb5_warn (context, status, "krb5_sname_to_principal"); - return 1; - } - - status = krb5_sendauth (context, - &auth_context, - &sock, - KF_VERSION_1, - NULL, - server, - AP_OPTS_MUTUAL_REQUIRED | AP_OPTS_USE_SUBKEY, - NULL, - NULL, - NULL, - NULL, - NULL, - NULL); - if (status) { - krb5_warn(context, status, "krb5_sendauth"); - return 1; - } - - if (ccache_name == NULL) - ccache_name = ""; - - data_send.data = (void *)remote_name; - data_send.length = strlen(remote_name) + 1; - status = krb5_write_priv_message(context, auth_context, &sock, &data_send); - if (status) { - krb5_warn (context, status, "krb5_write_message"); - return 1; - } - data_send.data = (void *)ccache_name; - data_send.length = strlen(ccache_name)+1; - status = krb5_write_priv_message(context, auth_context, &sock, &data_send); - if (status) { - krb5_warn (context, status, "krb5_write_message"); - return 1; - } - - memset (&creds, 0, sizeof(creds)); - - status = krb5_cc_default (context, &ccache); - if (status) { - krb5_warn (context, status, "krb5_cc_default"); - return 1; - } - - status = krb5_cc_get_principal (context, ccache, &principal); - if (status) { - krb5_warn (context, status, "krb5_cc_get_principal"); - return 1; - } - - creds.client = principal; - - status = krb5_make_principal (context, - &creds.server, - principal->realm, - KRB5_TGS_NAME, - principal->realm, - NULL); - - if (status) { - krb5_warn (context, status, "krb5_make_principal"); - return 1; - } - - creds.times.endtime = 0; - - flags.i = 0; - flags.b.forwarded = 1; - flags.b.forwardable = forwardable; - - status = krb5_get_forwarded_creds (context, - auth_context, - ccache, - flags.i, - hostname, - &creds, - &data); - if (status) { - krb5_warn (context, status, "krb5_get_forwarded_creds"); - return 1; - } - - status = krb5_write_priv_message(context, auth_context, &sock, &data); - - if (status) { - krb5_warn (context, status, "krb5_mk_priv"); - return 1; - } - - krb5_data_free (&data); - - status = krb5_read_priv_message(context, auth_context, &sock, &data); - if (status) { - krb5_warn (context, status, "krb5_mk_priv"); - return 1; - } - if(data.length >= len) { - krb5_warnx (context, "returned string is too long, truncating"); - memcpy(message, data.data, len); - message[len - 1] = '\0'; - } else { - memcpy(message, data.data, data.length); - message[data.length] = '\0'; - } - krb5_data_free (&data); - - return(strcmp(message, "ok")); -} - -static int -doit (const char *hostname, int port, const char *service, - char *message, size_t len) -{ - struct addrinfo *ai, *a; - struct addrinfo hints; - int error; - char portstr[NI_MAXSERV]; - - memset (&hints, 0, sizeof(hints)); - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = IPPROTO_TCP; - - snprintf (portstr, sizeof(portstr), "%u", ntohs(port)); - - error = getaddrinfo (hostname, portstr, &hints, &ai); - if (error) { - errx (1, "getaddrinfo(%s): %s", hostname, gai_strerror(error)); - } - - for (a = ai; a != NULL; a = a->ai_next) { - int s; - - s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (s < 0) - continue; - if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { - warn ("connect(%s)", hostname); - close (s); - continue; - } - freeaddrinfo (ai); - return proto (s, hostname, service, message, len); - } - warnx ("failed to contact %s", hostname); - freeaddrinfo (ai); - return 1; -} - -int -main(int argc, char **argv) -{ - int argcc,port,i; - int ret=0; - - argcc = argc; - port = client_setup(&context, &argcc, argv); - - if (remote_name == NULL) { - remote_name = get_default_username (); - if (remote_name == NULL) - errx (1, "who are you?"); - } - - for (i = argcc;i < argc; i++) { - char message[128]; - ret = doit (argv[i], port, service, message, sizeof(message)); - if(ret == 0) - warnx ("%s: ok", argv[i]); - else - warnx ("%s: failed: %s", argv[i], message); - } - return(ret); -} diff --git a/crypto/heimdal/appl/kf/kf_locl.h b/crypto/heimdal/appl/kf/kf_locl.h deleted file mode 100644 index e4d9ee81d81d..000000000000 --- a/crypto/heimdal/appl/kf/kf_locl.h +++ /dev/null @@ -1,81 +0,0 @@ -/* - * Copyright (c) 1997 - 1999, 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: kf_locl.h 11376 2002-09-04 20:29:04Z joda $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif - -#ifdef HAVE_PWD_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif -#include -#include -#include -#include -#include - -#define KF_SERVICE "host" - -#define KF_PORT_NAME "kf" -#define KF_PORT_NUM 2110 -#define KF_VERSION_1 "KFWDV0.1" diff --git a/crypto/heimdal/appl/kf/kfd.8 b/crypto/heimdal/appl/kf/kfd.8 deleted file mode 100644 index f6767498fe7b..000000000000 --- a/crypto/heimdal/appl/kf/kfd.8 +++ /dev/null @@ -1,85 +0,0 @@ -.\" Copyright (c) 2000 - 2002 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kfd.8 11648 2003-02-16 21:10:32Z lha $ -.\" -.Dd July 2, 2000 -.Dt KFD 8 -.Os Heimdal -.Sh NAME -.Nm kfd -.Nd receive forwarded tickets -.Sh SYNOPSIS -.Nm -.Oo -.Fl p Ar port | -.Fl -port Ns = Ns Ar port -.Oc -.Op Fl i | -inetd -.Oo -.Fl R Ar regpag | -.Fl -regpag Ns = Ns Ar regpag -.Oc -.Op Fl h | -help -.Op Fl -version -.Sh DESCRIPTION -This is the daemon for -.Xr kf 1 . -Supported options: -.Bl -tag -width indent -.It Xo -.Fl p Ar port , -.Fl -port Ns = Ns Ar port -.Xc -port to listen to -.It Fl i , -inetd -not started from inetd -.It Xo -.Fl R Ar regpag , -.Fl -regpag= Ns Ar regpag -.Xc -path to regpag binary -.El -.\".Sh ENVIRONMENT -.\".Sh FILES -.Sh EXAMPLES -Put the following in -.Pa /etc/inetd.conf : -.Bd -literal -kf stream tcp nowait root /usr/heimdal/libexec/kfd kfd -.Ed -.\".Sh DIAGNOSTICS -.Sh SEE ALSO -.Xr kf 1 -.\".Sh STANDARDS -.\".Sh HISTORY -.\".Sh AUTHORS -.\".Sh BUGS diff --git a/crypto/heimdal/appl/kf/kfd.c b/crypto/heimdal/appl/kf/kfd.c deleted file mode 100644 index 9d8c84c39026..000000000000 --- a/crypto/heimdal/appl/kf/kfd.c +++ /dev/null @@ -1,308 +0,0 @@ -/* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kf_locl.h" -RCSID("$Id: kfd.c 15246 2005-05-27 13:47:20Z lha $"); - -krb5_context context; -char krb5_tkfile[MAXPATHLEN]; - -static int help_flag; -static int version_flag; -static char *port_str; -char *service = KF_SERVICE; -int do_inetd = 0; -static char *regpag_str=NULL; - -static struct getargs args[] = { - { "port", 'p', arg_string, &port_str, "port to listen to", "port" }, - { "inetd",'i',arg_flag, &do_inetd, - "Not started from inetd", NULL }, - { "regpag",'R',arg_string,®pag_str,"path to regpag binary","regpag"}, - { "help", 'h', arg_flag, &help_flag }, - { "version", 0, arg_flag, &version_flag } -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage(int code, struct getargs *args, int num_args) -{ - arg_printusage(args, num_args, NULL, ""); - exit(code); -} - -static int -server_setup(krb5_context *context, int argc, char **argv) -{ - int port = 0; - int local_argc; - - local_argc = krb5_program_setup(context, argc, argv, args, num_args, usage); - - if(help_flag) - (*usage)(0, args, num_args); - if(version_flag) { - print_version(NULL); - exit(0); - } - - if(port_str){ - struct servent *s = roken_getservbyname(port_str, "tcp"); - if(s) - port = s->s_port; - else { - char *ptr; - - port = strtol (port_str, &ptr, 10); - if (port == 0 && ptr == port_str) - errx (1, "Bad port `%s'", port_str); - port = htons(port); - } - } - - if (port == 0) - port = krb5_getportbyname (*context, KF_PORT_NAME, "tcp", KF_PORT_NUM); - - if(argv[local_argc] != NULL) - usage(1, args, num_args); - - return port; -} - -static int protocol_version; - -static krb5_boolean -kfd_match_version(const void *arg, const char *version) -{ - if(strcmp(version, KF_VERSION_1) == 0) { - protocol_version = 1; - return TRUE; - } else if (strlen(version) == 4 && - version[0] == '0' && - version[1] == '.' && - (version[2] == '4' || version[2] == '3') && - islower((unsigned char)version[3])) { - protocol_version = 0; - return TRUE; - } - return FALSE; -} - -static int -proto (int sock, const char *service) -{ - krb5_auth_context auth_context; - krb5_error_code status; - krb5_principal server; - krb5_ticket *ticket; - char *name; - char ret_string[10]; - char hostname[MAXHOSTNAMELEN]; - krb5_data data; - krb5_data remotename; - krb5_data tk_file; - krb5_ccache ccache; - char ccname[MAXPATHLEN]; - struct passwd *pwd; - - status = krb5_auth_con_init (context, &auth_context); - if (status) - krb5_err(context, 1, status, "krb5_auth_con_init"); - - status = krb5_auth_con_setaddrs_from_fd (context, - auth_context, - &sock); - if (status) - krb5_err(context, 1, status, "krb5_auth_con_setaddr"); - - if(gethostname (hostname, sizeof(hostname)) < 0) - krb5_err(context, 1, errno, "gethostname"); - - status = krb5_sname_to_principal (context, - hostname, - service, - KRB5_NT_SRV_HST, - &server); - if (status) - krb5_err(context, 1, status, "krb5_sname_to_principal"); - - status = krb5_recvauth_match_version (context, - &auth_context, - &sock, - kfd_match_version, - NULL, - server, - 0, - NULL, - &ticket); - if (status) - krb5_err(context, 1, status, "krb5_recvauth"); - - status = krb5_unparse_name (context, - ticket->client, - &name); - if (status) - krb5_err(context, 1, status, "krb5_unparse_name"); - - if(protocol_version == 0) { - data.data = "old clnt"; /* XXX old clients only had room for - 10 bytes of message, and also - didn't show it to the user */ - data.length = strlen(data.data) + 1; - krb5_write_message(context, &sock, &data); - sleep(2); /* XXX give client time to finish */ - krb5_errx(context, 1, "old client; exiting"); - } - - status=krb5_read_priv_message (context, auth_context, - &sock, &remotename); - if (status) - krb5_err(context, 1, status, "krb5_read_message"); - status=krb5_read_priv_message (context, auth_context, - &sock, &tk_file); - if (status) - krb5_err(context, 1, status, "krb5_read_message"); - - krb5_data_zero (&data); - - if(((char*)remotename.data)[remotename.length-1] != '\0') - krb5_errx(context, 1, "unterminated received"); - if(((char*)tk_file.data)[tk_file.length-1] != '\0') - krb5_errx(context, 1, "unterminated received"); - - status = krb5_read_priv_message(context, auth_context, &sock, &data); - - if (status) { - krb5_err(context, 1, errno, "krb5_read_priv_message"); - goto out; - } - - pwd = getpwnam ((char *)(remotename.data)); - if (pwd == NULL) { - status=1; - krb5_warnx(context, "getpwnam: %s failed",(char *)(remotename.data)); - goto out; - } - - if(!krb5_kuserok (context, - ticket->client, - (char *)(remotename.data))) { - status=1; - krb5_warnx(context, "krb5_kuserok: permission denied"); - goto out; - } - - if (setgid(pwd->pw_gid) < 0) { - krb5_warn(context, errno, "setgid"); - goto out; - } - if (setuid(pwd->pw_uid) < 0) { - krb5_warn(context, errno, "setuid"); - goto out; - } - - if (tk_file.length != 1) - snprintf (ccname, sizeof(ccname), "%s", (char *)(tk_file.data)); - else - snprintf (ccname, sizeof(ccname), "FILE:/tmp/krb5cc_%lu", - (unsigned long)pwd->pw_uid); - - status = krb5_cc_resolve (context, ccname, &ccache); - if (status) { - krb5_warn(context, status, "krb5_cc_resolve"); - goto out; - } - status = krb5_cc_initialize (context, ccache, ticket->client); - if (status) { - krb5_warn(context, status, "krb5_cc_initialize"); - goto out; - } - status = krb5_rd_cred2 (context, auth_context, ccache, &data); - krb5_cc_close (context, ccache); - if (status) { - krb5_warn(context, status, "krb5_rd_cred"); - goto out; - - } - strlcpy(krb5_tkfile,ccname,sizeof(krb5_tkfile)); - krb5_warnx(context, "%s forwarded ticket to %s,%s", - name, - (char *)(remotename.data),ccname); - out: - if (status) { - strlcpy(ret_string, "no", sizeof(ret_string)); - krb5_warnx(context, "failed"); - } else { - strlcpy(ret_string, "ok", sizeof(ret_string)); - } - - krb5_data_free (&tk_file); - krb5_data_free (&remotename); - krb5_data_free (&data); - free(name); - - data.data = ret_string; - data.length = strlen(ret_string) + 1; - return krb5_write_priv_message(context, auth_context, &sock, &data); -} - -static int -doit (int port, const char *service) -{ - if (do_inetd) - mini_inetd(port); - return proto (STDIN_FILENO, service); -} - -int -main(int argc, char **argv) -{ - int port; - int ret; - krb5_log_facility *fac; - - setprogname (argv[0]); - roken_openlog (argv[0], LOG_ODELAY | LOG_PID,LOG_AUTH); - port = server_setup(&context, argc, argv); - ret = krb5_openlog(context, "kfd", &fac); - if(ret) krb5_err(context, 1, ret, "krb5_openlog"); - ret = krb5_set_warn_dest(context, fac); - if(ret) krb5_err(context, 1, ret, "krb5_set_warn_dest"); - - ret = doit (port, service); - closelog(); - if (ret == 0 && regpag_str != NULL) - ret = execl(regpag_str, "regpag", "-t", krb5_tkfile, "-r", NULL); - return ret; -} diff --git a/crypto/heimdal/appl/login/ChangeLog b/crypto/heimdal/appl/login/ChangeLog deleted file mode 100644 index 2400808db410..000000000000 --- a/crypto/heimdal/appl/login/ChangeLog +++ /dev/null @@ -1,355 +0,0 @@ -2006-12-05 Love Hörnquist Åstrand - - * limits_conf.c: Clear errno before calling the strtol - functions. From Paul Stoeber to OpenBSD by Ray Lai and Björn - Sandell. - - * limits_conf.c: Report to syslog strings that start with NUL; - prevents negative index array access. Ray Lai of OpenBSD via Björn - Sandell. - -2006-10-07 Love Hörnquist Åstrand - - * Makefile.am: Add man_MANS to EXTRA_DIST - -2006-09-22 Love Hörnquist Åstrand - - * read_string.c: try to not call signaction for signal 0 and use - NSIG if it exists to determin how many signals there exists, also, - only restore those signalhandlers that we got out. - -2006-04-27 Love Hörnquist Åstrand - - * login_locl.h: Include "loginpaths.h" - - * loginpaths.h: Shared paths between login and rshd. - -2006-01-09 Johan Danielsson - - * login.c: log successful logins - -2005-08-08 Love Hörnquist Åstrand - - * login.c (do_login): only do krb4_get_afs_tokens if we have done - v4 authentication or done a 5to4 conversion of tickets. This is to - avoid delays on a realm that only support Kerberos 5 and drop - Kerberos 4 requests. - -2005-05-10 Dave Love - - * login.c: Include . - -2005-05-02 Dave Love - - * limits_conf.c: Check RLIMIT_MEMLOCK, not RLIMIT_LOCK. - -2005-04-28 Dave Love - - * limits_conf.c: Maybe include sys/resource.h. Use various - RLIMIT_ macros conditionally. For Solaris, Irix and Tru64. - -2005-04-22 Johan Danielsson - - * login.1: document limits.conf - - * Makefile.am: limits_conf.c - - * login_locl.h: template for limits.conf - - * login.c: read limits.conf (from /etc/security by default, - overridable in login.conf) - - * limits_conf.c: implement a parser for limits.conf - -2004-09-08 Johan Danielsson - - * login.c: use krb5_appdefault_boolean instead of - krb5_config_get_bool - -2003-09-03 Love Hörnquist Åstrand - - * login.c (krb5_to4): set client princ of the mcred - -2003-07-07 Love Hörnquist Åstrand - - * login.c (krb5_to4): use krb5_cc_clear_mcred - -2003-03-24 Johan Danielsson - - * Makefile.am: install man pages - - * login.1: manpage for login - - * login.c: allow "welcome" as well as "motd" in login.conf - - * login.access.5: login.access manual page - -2003-03-18 Love Hörnquist Åstrand - - * login.c: also need pag_set - * login.c: if there is kerberos 5, call krb5_afslog\* - -2002-08-23 Johan Danielsson - - * login.c: if motd is set in login.conf, output its contents - before starting the shell - -2002-02-27 Johan Danielsson - - * login.c: reset signals to default, needed on solaris 8 - -2002-02-19 Johan Danielsson - - * login_locl.h: include netgroup.h and rpcsvc/ypclnt.h - - * login.c: make this build without krb5 - -2001-09-22 Assar Westerlund - - * login_locl.h: kludge: use absolute path to find prot.h so we do - not get confused by athena's prot.h - -2001-09-17 Assar Westerlund - - * login.c (do_login): add setpcred - -2001-07-06 Assar Westerlund - - * login.c: move osf2c magic earlier. from Mark Davies - - -2001-06-19 Assar Westerlund - - * login.c (krb5_to4): dereference result from krb5_princ_realm. - noted by Thomas Nystrom - -2001-06-04 Assar Westerlund - - * update copyright messages on Wietse Venema's code. - -2001-05-31 Assar Westerlund - - * login.c (krb5_to4): look for [realms]krb4_get_tickets to - decide whether to get kerberos 4 tickets - -2001-02-08 Assar Westerlund - - * utmp_login.c, utmpx_login.c: try to write a useful string as - host in utmp, using the same algoritm as telnetd - -2001-01-29 Assar Westerlund - - * login.c: remove some krb5_free_context that might happen at - unappropriate times - -2000-12-31 Assar Westerlund - - * login.c (main): handle krb5_init_context failure consistently - -2000-12-11 Assar Westerlund - - * login.c (do_login): set the group on the tty. - (r_flag): comment out - * login.c (krb5_to4): always return a value - -2000-10-15 Assar Westerlund - - * login.c (krb5_to4): check another return code - -2000-08-22 Johan Danielsson - - * login.c (do_login): set PATH to something sane; - (start_logout_process): avoid getting signals sent to the parent - - * login_locl.h: _PATH_DEFPATH - -2000-07-01 Assar Westerlund - - * login.c (login_timeout): add back - -2000-06-28 Johan Danielsson - - * env.c: new file for environment related functions - - * login.c: move environment stuff to separate file, allow - specifying list of environment files via login.conf - -2000-06-21 Assar Westerlund - - * Makefile.am (LDADD): add otp - * login.c: add reading of /etc/environment. From Ake Sandgren - - add otp support. From Daniel Kouril - -2000-06-09 Assar Westerlund - - * login.c (do_login): work-around for setuid and capabilities bug - fixed in Linux 2.2.16 - -2000-04-09 Assar Westerlund - - * login.c: allow conversion of v5 -> v4 tickets when logging in - with forwarded tickets - -1999-11-09 Johan Danielsson - - * conf.c: remove case for not having cgetent, since it's in roken - -1999-11-05 Assar Westerlund - - * login.c (do_login): conditionalize shadow stuff on getspnam - -1999-10-30 Assar Westerlund - - * Makefile.am (login_DEPENDENCIES): remove, it's not entirely - correct and was causing problems with non-GNU make - -1999-10-28 Assar Westerlund - - * login.c (start_logout_proceess): don't examine `prog' before - setting it. - -1999-10-27 Assar Westerlund - - * login.c (do_login): chown and chmod the tty. some clean-up. - -1999-10-03 Assar Westerlund - - * login.c (krb5_start_session): correct the ccache to - krb524_convert_creds_kdc - -1999-09-28 Assar Westerlund - - * login.c (krb5_verify): use krb5_verify_user_lrealm - -1999-09-01 Johan Danielsson - - * login.c: SGI capability mumbo-jumbo - -1999-08-09 Johan Danielsson - - * login.c (start_logout_process): call setproctitle - - * login_locl.h: declare struct spwd - - * login.c: add support for starting extra processes at login and - logout; always preserve TERM and TZ - - * conf.c: add configuration file support - -1999-08-07 Assar Westerlund - - * shadow.c (check_shadow): check for a NULL sp - -1999-08-05 Assar Westerlund - - * login.c (main): move down login incorrect to disallow account - guessing - -1999-08-04 Assar Westerlund - - * utmpx_login.c (utmpx_login): fix for Solaris. From Miroslav - Ruda - - * login_locl.h: add and some prototypes - - * login.c: fixes with v4 and shadow support. From Miroslav Ruda - - - * shadow.c: new file with functions for handling shadow passwords - - * Makefile.am: add shadow - -1999-07-22 Assar Westerlund - - * login.c (main): generate a better tty name - -1999-05-25 Johan Danielsson - - * login.c (do_login): set $SHELL - -1999-05-18 Assar Westerlund - - * add login-access - -1999-05-11 Assar Westerlund - - * login.c: copy the v5 ccache to a file after having done setuid - -1999-05-09 Assar Westerlund - - * login.c (krb5_verify): check seteuid for errors - -Mon Apr 19 22:30:55 1999 Assar Westerlund - - * login.c: conditionalize the kafs calls on KRB4 - - * Makefile.am (LDADD): add kafs - - * login.c: add support for getting afs tokens with v4 and v5 - -Sun Apr 18 14:12:28 1999 Johan Danielsson - - * login.c: check _PATH_NOLOGIN - - * login_locl.h: _PATH_NOLOGIN - -1999-04-11 Assar Westerlund - - * login.c (main): use print_version - -Thu Apr 8 15:03:55 1999 Johan Danielsson - - * login.c: remove definition of KRB_VERIFY_USER et.al. (moved to - config.h) - - * login_locl.h: include udb.h, sys/resource.h, and sys/category.h - -Sat Mar 27 17:58:37 1999 Johan Danielsson - - * Makefile.am: osfc2.c - - * login.c: magic for OSF C2, and Crays - - * login_locl.h: do_osfc2_magic proto - - * osfc2.c: bsd_locl -> login_locl - - * osfc2.c: OSF C2 magic - -Tue Mar 23 14:17:40 1999 Johan Danielsson - - * login_locl.h: _PATH_UTMP - -Sun Mar 21 15:02:31 1999 Johan Danielsson - - * login.c: `-h' is host, not help - -Sat Mar 20 00:11:13 1999 Assar Westerlund - - * login_locl.h: krb.h: add - - * login.c: static-size - (krb4_verify): add - -Thu Mar 18 11:36:10 1999 Johan Danielsson - - * Makefile.am: include Makefile.am.common - -Thu Mar 11 17:53:36 1999 Johan Danielsson - - * utmpx_login.c: add some consts - - * utmp_login.c: add some consts - - * login.c: staticize - - * login_locl.h: add prototypes, and defaults for - _PATH_* - -Mon Mar 1 10:49:14 1999 Johan Danielsson - - * utmpx_login.c: HAVE_UT_* -> HAVE_STRUCT_UTMP*_UT_* - - * utmp_login.c: HAVE_UT_* -> HAVE_STRUCT_UTMP*_UT_* - diff --git a/crypto/heimdal/appl/login/Makefile.am b/crypto/heimdal/appl/login/Makefile.am deleted file mode 100644 index b7c9f93010ab..000000000000 --- a/crypto/heimdal/appl/login/Makefile.am +++ /dev/null @@ -1,43 +0,0 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_krb4) - -man_MANS = login.1 login.access.5 - -bin_PROGRAMS = login - -login_SOURCES = \ - conf.c \ - env.c \ - login.c \ - login_access.c \ - login_locl.h \ - login_protos.h \ - loginpaths.h \ - limits_conf.c \ - osfc2.c \ - read_string.c \ - shadow.c \ - stty_default.c \ - tty.c \ - utmp_login.c \ - utmpx_login.c - -LDADD = $(LIB_otp) \ - $(LIB_kafs) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) \ - $(LIB_security) \ - $(DBLIB) - -$(srcdir)/login_protos.h: - cd $(srcdir); perl ../../cf/make-proto.pl -o login_protos.h -q -P comment $(login_SOURCES) || rm -f login_protos.h - -$(login_OBJECTS): $(srcdir)/login_protos.h - -EXTRA_DIST = $(man_MANS) diff --git a/crypto/heimdal/appl/login/Makefile.in b/crypto/heimdal/appl/login/Makefile.in deleted file mode 100644 index faa632ab8cf5..000000000000 --- a/crypto/heimdal/appl/login/Makefile.in +++ /dev/null @@ -1,915 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog -bin_PROGRAMS = login$(EXEEXT) -subdir = appl/login -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" \ - "$(DESTDIR)$(man5dir)" -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(bin_PROGRAMS) -am_login_OBJECTS = conf.$(OBJEXT) env.$(OBJEXT) login.$(OBJEXT) \ - login_access.$(OBJEXT) limits_conf.$(OBJEXT) osfc2.$(OBJEXT) \ - read_string.$(OBJEXT) shadow.$(OBJEXT) stty_default.$(OBJEXT) \ - tty.$(OBJEXT) utmp_login.$(OBJEXT) utmpx_login.$(OBJEXT) -login_OBJECTS = $(am_login_OBJECTS) -login_LDADD = $(LDADD) -am__DEPENDENCIES_1 = -am__DEPENDENCIES_2 = $(top_builddir)/lib/kafs/libkafs.la \ - $(am__DEPENDENCIES_1) -login_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_2) \ - $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(login_SOURCES) -DIST_SOURCES = $(login_SOURCES) -man1dir = $(mandir)/man1 -man5dir = $(mandir)/man5 -MANS = $(man_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -man_MANS = login.1 login.access.5 -login_SOURCES = \ - conf.c \ - env.c \ - login.c \ - login_access.c \ - login_locl.h \ - login_protos.h \ - loginpaths.h \ - limits_conf.c \ - osfc2.c \ - read_string.c \ - shadow.c \ - stty_default.c \ - tty.c \ - utmp_login.c \ - utmpx_login.c - -LDADD = $(LIB_otp) \ - $(LIB_kafs) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) \ - $(LIB_security) \ - $(DBLIB) - -EXTRA_DIST = $(man_MANS) -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/login/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/login/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-binPROGRAMS: $(bin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-binPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done - -clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -login$(EXEEXT): $(login_OBJECTS) $(login_DEPENDENCIES) - @rm -f login$(EXEEXT) - $(LINK) $(login_OBJECTS) $(login_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done -install-man5: $(man5_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man5dir)" || $(MKDIR_P) "$(DESTDIR)$(man5dir)" - @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.5*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 5*) ;; \ - *) ext='5' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst"; \ - done -uninstall-man5: - @$(NORMAL_UNINSTALL) - @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.5*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 5*) ;; \ - *) ext='5' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man5dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man5dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(PROGRAMS) $(MANS) all-local -installdirs: - for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-binPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man1 install-man5 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-binPROGRAMS uninstall-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man1 uninstall-man5 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-binPROGRAMS clean-generic clean-libtool ctags \ - dist-hook distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-binPROGRAMS \ - install-data install-data-am install-data-hook install-dvi \ - install-dvi-am install-exec install-exec-am install-exec-hook \ - install-html install-html-am install-info install-info-am \ - install-man install-man1 install-man5 install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-binPROGRAMS \ - uninstall-hook uninstall-man uninstall-man1 uninstall-man5 - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -$(srcdir)/login_protos.h: - cd $(srcdir); perl ../../cf/make-proto.pl -o login_protos.h -q -P comment $(login_SOURCES) || rm -f login_protos.h - -$(login_OBJECTS): $(srcdir)/login_protos.h -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/appl/login/conf.c b/crypto/heimdal/appl/login/conf.c deleted file mode 100644 index 81a3c744023c..000000000000 --- a/crypto/heimdal/appl/login/conf.c +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "login_locl.h" - -RCSID("$Id: conf.c 8302 2000-05-29 16:52:24Z assar $"); - -static char *confbuf; - -static int -login_conf_init(void) -{ - char *files[] = { _PATH_LOGIN_CONF, NULL }; - return cgetent(&confbuf, files, "default"); -} - -char * -login_conf_get_string(const char *str) -{ - char *value; - if(login_conf_init() != 0) - return NULL; - if(cgetstr(confbuf, (char *)str, &value) < 0) - return NULL; - return value; -} diff --git a/crypto/heimdal/appl/login/env.c b/crypto/heimdal/appl/login/env.c deleted file mode 100644 index e1b33ba23663..000000000000 --- a/crypto/heimdal/appl/login/env.c +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (c) 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "login_locl.h" -RCSID("$Id: env.c 8476 2000-06-28 12:27:38Z joda $"); - -/* - * the environment we will send to execle and the shell. - */ - -char **env; -int num_env; - -void -extend_env(char *str) -{ - env = realloc(env, (num_env + 1) * sizeof(*env)); - if(env == NULL) - errx(1, "Out of memory!"); - env[num_env++] = str; -} - -void -add_env(const char *var, const char *value) -{ - int i; - char *str; - asprintf(&str, "%s=%s", var, value); - if(str == NULL) - errx(1, "Out of memory!"); - for(i = 0; i < num_env; i++) - if(strncmp(env[i], var, strlen(var)) == 0 && - env[i][strlen(var)] == '='){ - free(env[i]); - env[i] = str; - return; - } - - extend_env(str); -} - -void -copy_env(void) -{ - char **p; - for(p = environ; *p; p++) - extend_env(*p); -} - -int -login_read_env(const char *file) -{ - char **newenv; - char *p; - int i, j; - - newenv = NULL; - i = read_environment(file, &newenv); - for (j = 0; j < i; j++) { - p = strchr(newenv[j], '='); - *p++ = 0; - add_env(newenv[j], p); - *--p = '='; - free(newenv[j]); - } - free(newenv); - return 0; -} diff --git a/crypto/heimdal/appl/login/limits_conf.c b/crypto/heimdal/appl/login/limits_conf.c deleted file mode 100644 index ac9837f1406b..000000000000 --- a/crypto/heimdal/appl/login/limits_conf.c +++ /dev/null @@ -1,214 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "login_locl.h" - -RCSID("$Id: limits_conf.c 19215 2006-12-04 23:41:18Z lha $"); - -#include -#include -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif - -struct limit { - const char *name; - int resource; - int scale; - int has_limit; - struct rlimit limit; -} limits[] = { -#define LIM(X, S) { #X, RLIMIT_##X, S, 0 } - LIM(CORE, 1024), - LIM(CPU, 60), - LIM(DATA, 1024), - LIM(FSIZE, 1024), -#ifdef RLIMIT_MEMLOCK - LIM(MEMLOCK, 1024), -#endif - LIM(NOFILE, 1), -#ifdef RLIMIT_NPROC - LIM(NPROC, 1), -#endif -#ifdef RLIMIT_RSS - LIM(RSS, 1024), -#endif - LIM(STACK, 1024), - -#ifdef RLIMIT_AS - LIM(AS, 1024), -#endif -#ifdef RLIMIT_LOCKS - LIM(LOCKS, 1), -#endif - /* - maxlogins - priority - */ - { NULL, 0 } -}; - -static struct limit * -find_limit(const char *name) -{ - struct limit *l; - for(l = limits; l->name != NULL; l++) - if(strcasecmp(name, l->name) == 0) - return l; - return NULL; -} - -/* this function reads limits.conf files similar to pam_limits - unimplemented features include: - % maxlogins - "-" no limits, - priorities etc that are not set via setrlimit - XXX uses static storage, and clobbers getgr* -*/ - -int -read_limits_conf(const char *file, const struct passwd *pwd) -{ - FILE *f; - char *args[4]; - int lineno = 0; - char buf[1024]; - struct limit *l; - rlim_t value; - - f = fopen(file, "r"); - if(f == NULL) { - if(errno != ENOENT && errno != ENOTDIR) - syslog(LOG_ERR, "%s: %m", file); - return -1; - } - - while(fgets(buf, sizeof(buf), f) != NULL) { - char *last = NULL; - char *end = NULL; - int level; - - lineno++; - - if(buf[0] == '\0') { - syslog(LOG_ERR, "%s: line %d: NUL character", file, lineno); - continue; - } - if(buf[strlen(buf) - 1] != '\n') { - /* file did not end with a newline, figure out if we're at - the EOF, or if our buffer was too small */ - int eof = 1; - int c; - while((c = fgetc(f)) != EOF) { - eof = 0; - if(c == '\n') - break; - } - if(!eof) { - syslog(LOG_ERR, "%s: line %d: line too long", file, lineno); - continue; - } - } - buf[strcspn(buf, "#\r\n")] = '\0'; - if((args[0] = strtok_r(buf, " \t", &last)) == NULL || - (args[1] = strtok_r(NULL, " \t", &last)) == NULL || - (args[2] = strtok_r(NULL, " \t", &last)) == NULL || - (args[3] = strtok_r(NULL, " \t", &last)) == NULL) { - if(args[0] != NULL) /* this would include comment lines */ - syslog(LOG_ERR, "%s: line %d: malformed line", file, lineno); - continue; - } - - l = find_limit(args[2]); - if(l == NULL) { - syslog(LOG_ERR, "%s: line %d: unknown limit %s", file, lineno, args[2]); - continue; - } - if(strcmp(args[3], "-") == 0) { - value = RLIM_INFINITY; - } else { - errno = 0; - value = strtol(args[3], &end, 10); - if(*end != '\0') { - syslog(LOG_ERR, "%s: line %d: bad value %s", file, lineno, args[3]); - continue; - } - if((value == LONG_MIN || value == LONG_MAX) && errno == ERANGE) { - syslog(LOG_ERR, "%s: line %d: bad value %s", file, lineno, args[3]); - continue; - } - if(value * l->scale < value) - value = RLIM_INFINITY; - else - value *= l->scale; - } - level = 0; - /* XXX unclear: if you set group hard and user soft limit, - should the hard limit still apply? this code doesn't. */ - if(strcmp(args[0], pwd->pw_name) == 0) - level = 3; - if(*args[0] == '@') { - struct group *gr; - gr = getgrnam(args[0] + 1); - if(gr != NULL && gr->gr_gid == pwd->pw_gid) - level = 2; - } - if(strcmp(args[0], "*") == 0) - level = 1; - if(level == 0 || level < l->has_limit) /* not for us */ - continue; - if(l->has_limit < level) { - if(getrlimit(l->resource, &l->limit) < 0) - continue; - l->has_limit = level; - } - - /* XXX unclear: if you soft to more than default hard, should - we set hard to soft? this code doesn't. */ - if(strcasecmp(args[1], "soft") == 0 || strcmp(args[1], "-") == 0) - l->limit.rlim_cur = value; - if(strcasecmp(args[1], "hard") == 0 || strcmp(args[1], "-") == 0) - l->limit.rlim_max = value; - } - fclose(f); - for(l = limits; l->name != NULL; l++) { - if(l->has_limit) { - if(l->limit.rlim_cur > l->limit.rlim_max) - l->limit.rlim_cur = l->limit.rlim_max; - if(setrlimit(l->resource, &l->limit) != 0) - syslog(LOG_ERR, "setrlimit RLIM_%s failed: %m", l->name); - } - l->has_limit = 0; - } - return 0; -} diff --git a/crypto/heimdal/appl/login/login.1 b/crypto/heimdal/appl/login/login.1 deleted file mode 100644 index 1ae4f3e5a147..000000000000 --- a/crypto/heimdal/appl/login/login.1 +++ /dev/null @@ -1,253 +0,0 @@ -.\" $Id: login.1 14891 2005-04-22 15:49:25Z joda $ -.\" -.Dd April 22, 2005 -.Dt LOGIN 1 -.Os HEIMDAL -.Sh NAME -.Nm login -.Nd -authenticate a user and start new session -.Sh SYNOPSIS -.Nm -.Op Fl fp -.Op Fl a Ar level -.Op Fl h Ar hostname -.Ar [username] -.Sh DESCRIPTION -This manual page documents the -.Nm login -program distributed with the Heimdal Kerberos 5 implementation, it may -differ in important ways from your system version. -.Pp -The -.Nm login -programs logs users into the system. It is intended to be run by -system daemons like -.Xr getty 8 -or -.Xr telnetd 8 . -If you are already logged in, but want to change to another user, you -should use -.Xr su 1 . -.Pp -A username can be given on the command line, else one will be prompted -for. -.Pp -A password is required to login, unless the -.Fl f -option is given (indicating that the calling program has already done -proper authentication). With -.Fl f -the user will be logged in without further questions. -.Pp -For password authentication Kerberos 5, Kerberos 4 (if compiled in), -OTP (if compiled in) and local -.No ( Pa /etc/passwd ) -passwords are supported. OTP will be used if the the user is -registered to use it, and -.Nm login -is given the option -.Fl a Li otp . -When using OTP, a challenge is shown to the user. -.Pp -Further options are: -.Bl -tag -width Ds -.It Fl a Ar string -Which authentication mode to use, the only supported value is -currently -.Dq otp . -.It Fl f -Indicates that the user is already authenticated. This happens, for -instance, when login is started by telnetd, and the user has proved -authentic via Kerberos. -.It Fl h Ar hostname -Indicates which host the user is logging in from. This is passed from -telnetd, and is entered into the login database. -.It Fl p -This tells -.Nm login -to preserve all environment variables. If not given, only the -.Dv TERM -and -.Dv TZ -variables are preserved. It could be a security risk to pass random -variables to -.Nm login -or the user shell, so the calling daemon should make sure it only -passes -.Dq safe -variables. -.El -.Pp -The process of logging user in proceeds as follows. -.Pp -First a check is made that logins are allowed at all. This usually -means checking -.Pa /etc/nologin . -If it exists, and the user trying to login is not root, the contents -is printed, and then login exits. -.Pp -Then various system parameters are set up, like changing the owner of -the tty to the user, setting up signals, setting the group list, and -user and group id. Also various machine specific tasks are performed. -.Pp -Next -.Nm login -changes to the users home directory, or if that fails, to -.Pa / . -The environment is setup, by adding some required variables (such as -.Dv PATH ) , -and also authentication related ones (such as -.Dv KRB5CCNAME ) . -If an environment file exists -.No ( Pa /etc/environment ) , -variables are set according to -it. -.Pp -If one or more login message files are configured, their contents is -printed to the terminal. -.Pp -If a login time command is configured, it is executed. A logout time -command can also be configured, which makes -.Nm login -fork, and wait for the user shell to exit, and then run the command. -This can be used to clean up user credentials. -.Pp -Finally, the user's shell is executed. If the user logging in is root, -and root's login shell does not exist, a default shell (usually -.Pa /bin/sh ) -is also tried before giving up. -.Sh ENVIRONMENT -These environment variables are set by login (not including ones set by -.Pa /etc/environment ) : -.Pp -.Bl -tag -compact -width USERXXLOGNAME -.It Dv PATH -the default system path -.It Dv HOME -the user's home directory (or possibly -.Pa / ) -.It Dv USER , Dv LOGNAME -both set to the username -.It Dv SHELL -the user's shell -.It Dv TERM , Dv TZ -set to whatever is passed to -.Nm login -.It Dv KRB5CCNAME -if the password is verified via Kerberos 5, this will point to the -credentials cache file -.It Dv KRBTKFILE -if the password is verified via Kerberos 4, this will point to the -ticket file -.El -.Sh FILES -.Bl -tag -compact -width Ds -.It Pa /etc/environment -Contains a set of environment variables that should be set in addition -to the ones above. It should contain sh-style assignments like -.Dq VARIABLE=value . -Note that they are not parsed the way a shell would. No variable -expansion is performed, and all strings are literal, and quotation -marks should not be used. Everything after a hash mark is considered a -comment. The following are all different (the last will set the -variable -.Dv BAR , -not -.Dv FOO ) . -.Bd -literal -offset indent -FOO=this is a string -FOO="this is a string" -BAR= FOO='this is a string' -.Ed -.It Pa /etc/login.access -See -.Xr login.access 5 . -.It Pa /etc/login.conf -This is a termcap style configuration file, that contains various -settings used by -.Nm login . -Currently only the -.Dq default -capability record is used. The possible capability strings include: -.Pp -.Bl -tag -compact -width Ds -.It Li environment -This is a comma separated list of environment files that are read in -the order specified. If this is missing the default -.Pa /etc/environment -is used. -.It Li login_program -This program will be executed just before the user's shell is started. -It will be called without arguments. -.It Li logout_program -This program will be executed just after the user's shell has -terminated. It will be called without arguments. This program will be -the parent process of the spawned shell. -.It Li motd -A comma separated list of text files that will be printed to the -user's terminal before starting the shell. The string -.Li welcome -works similarly, but points to a single file. -.It Li limits -Points to a file containing ulimit settings for various users. Syntax -is inspired by what pam_limits uses, and the default is -.Pa /etc/security/limits.conf . -.El -.It Pa /etc/nologin -If it exists, login is denied to all but root. The contents of this -file is printed before login exits. -.El -.Pp -Other -.Nm login -programs typically print all sorts of information by default, such as -last time you logged in, if you have mail, and system message files. -This version of -.Nm login -does not, so there is no reason for -.Pa .hushlogin -files or similar. We feel that these tasks are best left to the user's -shell, but the -.Li login_program -facility allows for a shell independent solution, if that is desired. -.Sh EXAMPLES -A -.Pa login.conf -file could look like: -.Bd -literal -offset indent -default:\\ - :motd=/etc/motd,/etc/motd.local:\\ - :limits=/etc/limits.conf: -.Ed -.Pp -The -.Pa limits.conf -file consists of a table with four whitespace separated fields. First -field is a username or a groupname (prefixed with -.Sq @ ) , -or -.Sq * . -Second field is -.Sq soft , -.Sq hard , -or -.Sq - -(the last meaning both soft and hard). -Third field is a limit name (such as -.Sq cpu -or -.Sq core ) . -Last field is the limit value (a number or -.Sq - -for unlimited). In the case of data sizes, the value is in kilobytes, -and cputime is in minutes. -.Sh SEE ALSO -.Xr su 1 , -.Xr login.access 5 , -.Xr getty 8 , -.Xr telnetd 8 -.Sh AUTHORS -This login program was written for the Heimdal Kerberos 5 -implementation. The login.access code was written by Wietse Venema. -.\".Sh BUGS diff --git a/crypto/heimdal/appl/login/login.access.5 b/crypto/heimdal/appl/login/login.access.5 deleted file mode 100644 index 23290beb9cf6..000000000000 --- a/crypto/heimdal/appl/login/login.access.5 +++ /dev/null @@ -1,56 +0,0 @@ -.\" $Id: login.access.5 11902 2003-03-24 15:49:30Z joda $ -.\" -.Dd March 21, 2003 -.Dt LOGIN.ACCESS 5 -.Os HEIMDAL -.Sh NAME -.Nm login.access -.Nd -login access control table -.Sh DESCRIPTION -The -.Nm login.access -file specifies on which ttys or from which hosts certain users are -allowed to login. -.Pp -At login, the -.Pa /etc/login.access -file is checked for the first entry that matches a specific user/host -or user/tty combination. That entry can either allow or deny login -access to that user. -.Pp -Each entry have three fields separated by colon: -.Bl -bullet -.It -The first field indicates the permission given if the entry matches. -It can be either -.Dq + -(allow access) -or -.Dq - -(deny access) . -.It -The second field is a comma separated list of users or groups for -which the current entry applies. NIS netgroups can used (if -configured) if preceeded by @. The magic string ALL matches all users. -A group will match if the user is a member of that group, or it is the -user's primary group. -.It -The third field is a list of ttys, or network names. A network name -can be either a hostname, a domain (indicated by a starting period), -or a netgroup. As with the user list, ALL matches anything. LOCAL -matches a string not containing a period. -.El -.Pp -If the string EXCEPT is found in either the user or from list, the -rest of the list are exceptions to the list before EXCEPT. -.Sh BUGS -If there's a user and a group with the same name, there is no way to -make the group match if the user also matches. -.Sh SEE ALSO -.Xr login 1 -.Sh AUTHORS -The -.Fn login_access -function was written by -Wietse Venema. This manual page was written for Heimdal. diff --git a/crypto/heimdal/appl/login/login.c b/crypto/heimdal/appl/login/login.c deleted file mode 100644 index cc41097133bd..000000000000 --- a/crypto/heimdal/appl/login/login.c +++ /dev/null @@ -1,887 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "login_locl.h" -#ifdef HAVE_CAPABILITY_H -#include -#endif -#ifdef HAVE_SYS_CAPABILITY_H -#include -#endif -#ifdef HAVE_CRYPT_H -#include -#endif - -RCSID("$Id: login.c 16498 2006-01-09 16:26:25Z joda $"); - -static int login_timeout = 60; - -static int -start_login_process(void) -{ - char *prog, *argv0; - prog = login_conf_get_string("login_program"); - if(prog == NULL) - return 0; - argv0 = strrchr(prog, '/'); - - if(argv0) - argv0++; - else - argv0 = prog; - - return simple_execle(prog, argv0, NULL, env); -} - -static int -start_logout_process(void) -{ - char *prog, *argv0; - pid_t pid; - - prog = login_conf_get_string("logout_program"); - if(prog == NULL) - return 0; - argv0 = strrchr(prog, '/'); - - if(argv0) - argv0++; - else - argv0 = prog; - - pid = fork(); - if(pid == 0) { - /* avoid getting signals sent to the shell */ - setpgid(0, getpid()); - return 0; - } - if(pid == -1) - err(1, "fork"); - /* wait for the real login process to exit */ -#ifdef HAVE_SETPROCTITLE - setproctitle("waitpid %d", pid); -#endif - while(1) { - int status; - int ret; - ret = waitpid(pid, &status, 0); - if(ret > 0) { - if(WIFEXITED(status) || WIFSIGNALED(status)) { - execle(prog, argv0, NULL, env); - err(1, "exec %s", prog); - } - } else if(ret < 0) - err(1, "waitpid"); - } -} - -static void -exec_shell(const char *shell, int fallback) -{ - char *sh; - const char *p; - - extend_env(NULL); - if(start_login_process() < 0) - warn("login process"); - start_logout_process(); - - p = strrchr(shell, '/'); - if(p) - p++; - else - p = shell; - if (asprintf(&sh, "-%s", p) == -1) - errx(1, "Out of memory"); - execle(shell, sh, NULL, env); - if(fallback){ - warnx("Can't exec %s, trying %s", - shell, _PATH_BSHELL); - execle(_PATH_BSHELL, "-sh", NULL, env); - err(1, "%s", _PATH_BSHELL); - } - err(1, "%s", shell); -} - -static enum { NONE = 0, AUTH_KRB4 = 1, AUTH_KRB5 = 2, AUTH_OTP = 3 } auth; - -#ifdef KRB4 -static krb5_boolean get_v4_tgt = FALSE; -#endif - -#ifdef OTP -static OtpContext otp_ctx; - -static int -otp_verify(struct passwd *pwd, const char *password) -{ - return (otp_verify_user (&otp_ctx, password)); -} -#endif /* OTP */ - - -static int pag_set = 0; - -#ifdef KRB5 -static krb5_context context; -static krb5_ccache id, id2; - -static int -krb5_verify(struct passwd *pwd, const char *password) -{ - krb5_error_code ret; - krb5_principal princ; - - ret = krb5_parse_name(context, pwd->pw_name, &princ); - if(ret) - return 1; - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &id); - if(ret) { - krb5_free_principal(context, princ); - return 1; - } - ret = krb5_verify_user_lrealm(context, - princ, - id, - password, - 1, - NULL); - krb5_free_principal(context, princ); - return ret; -} - -#ifdef KRB4 -static krb5_error_code -krb5_to4 (krb5_ccache id) -{ - krb5_error_code ret; - krb5_principal princ; - - ret = krb5_cc_get_principal(context, id, &princ); - if(ret == 0) { - krb5_appdefault_boolean(context, "login", - krb5_principal_get_realm(context, princ), - "krb4_get_tickets", FALSE, &get_v4_tgt); - krb5_free_principal(context, princ); - } else { - krb5_realm realm = NULL; - krb5_get_default_realm(context, &realm); - krb5_appdefault_boolean(context, "login", - realm, - "krb4_get_tickets", FALSE, &get_v4_tgt); - free(realm); - } - - if (get_v4_tgt) { - CREDENTIALS c; - krb5_creds mcred, cred; - char krb4tkfile[MAXPATHLEN]; - krb5_error_code ret; - krb5_principal princ; - - krb5_cc_clear_mcred(&mcred); - - ret = krb5_cc_get_principal (context, id, &princ); - if (ret) - return ret; - - ret = krb5_make_principal(context, &mcred.server, - princ->realm, - "krbtgt", - princ->realm, - NULL); - if (ret) { - krb5_free_principal(context, princ); - return ret; - } - mcred.client = princ; - - ret = krb5_cc_retrieve_cred(context, id, 0, &mcred, &cred); - if(ret == 0) { - ret = krb524_convert_creds_kdc_ccache(context, id, &cred, &c); - if(ret == 0) { - snprintf(krb4tkfile,sizeof(krb4tkfile),"%s%d",TKT_ROOT, - getuid()); - krb_set_tkt_string(krb4tkfile); - tf_setup(&c, c.pname, c.pinst); - } - memset(&c, 0, sizeof(c)); - krb5_free_cred_contents(context, &cred); - } - if (ret != 0) - get_v4_tgt = FALSE; - krb5_free_principal(context, mcred.server); - krb5_free_principal(context, mcred.client); - } - return 0; -} -#endif /* KRB4 */ - -static int -krb5_start_session (const struct passwd *pwd) -{ - krb5_error_code ret; - char residual[64]; - - /* copy credentials to file cache */ - snprintf(residual, sizeof(residual), "FILE:/tmp/krb5cc_%u", - (unsigned)pwd->pw_uid); - krb5_cc_resolve(context, residual, &id2); - ret = krb5_cc_copy_cache(context, id, id2); - if (ret == 0) - add_env("KRB5CCNAME", residual); - else { - krb5_cc_destroy (context, id2); - return ret; - } -#ifdef KRB4 - krb5_to4 (id2); -#endif - krb5_cc_close(context, id2); - krb5_cc_destroy(context, id); - return 0; -} - -static void -krb5_finish (void) -{ - krb5_free_context(context); -} - -static void -krb5_get_afs_tokens (const struct passwd *pwd) -{ - char cell[64]; - char *pw_dir; - krb5_error_code ret; - - if (!k_hasafs ()) - return; - - ret = krb5_cc_default(context, &id2); - - if (ret == 0) { - pw_dir = pwd->pw_dir; - - if (!pag_set) { - k_setpag(); - pag_set = 1; - } - - if(k_afs_cell_of_file(pw_dir, cell, sizeof(cell)) == 0) - krb5_afslog_uid_home (context, id2, - cell, NULL, pwd->pw_uid, pwd->pw_dir); - krb5_afslog_uid_home (context, id2, NULL, NULL, - pwd->pw_uid, pwd->pw_dir); - krb5_cc_close (context, id2); - } -} - -#endif /* KRB5 */ - -#ifdef KRB4 - -static int -krb4_verify(struct passwd *pwd, const char *password) -{ - char lrealm[REALM_SZ]; - int ret; - char ticket_file[MaxPathLen]; - - ret = krb_get_lrealm (lrealm, 1); - if (ret) - return 1; - - snprintf (ticket_file, sizeof(ticket_file), - "%s%u_%u", - TKT_ROOT, (unsigned)pwd->pw_uid, (unsigned)getpid()); - - krb_set_tkt_string (ticket_file); - - ret = krb_verify_user (pwd->pw_name, "", lrealm, (char *)password, - KRB_VERIFY_SECURE_FAIL, NULL); - if (ret) - return 1; - - if (chown (ticket_file, pwd->pw_uid, pwd->pw_gid) < 0) { - dest_tkt(); - return 1; - } - - add_env ("KRBTKFILE", ticket_file); - return 0; -} - -static void -krb4_get_afs_tokens (const struct passwd *pwd) -{ - char cell[64]; - char *pw_dir; - - if (!k_hasafs ()) - return; - - pw_dir = pwd->pw_dir; - - if (!pag_set) { - k_setpag(); - pag_set = 1; - } - - if(k_afs_cell_of_file(pw_dir, cell, sizeof(cell)) == 0) - krb_afslog_uid_home (cell, NULL, pwd->pw_uid, pwd->pw_dir); - - krb_afslog_uid_home (NULL, NULL, pwd->pw_uid, pwd->pw_dir); -} - -#endif /* KRB4 */ - -static int f_flag; -static int p_flag; -#if 0 -static int r_flag; -#endif -static int version_flag; -static int help_flag; -static char *remote_host; -static char *auth_level = NULL; - -struct getargs args[] = { - { NULL, 'a', arg_string, &auth_level, "authentication mode" }, -#if 0 - { NULL, 'd' }, -#endif - { NULL, 'f', arg_flag, &f_flag, "pre-authenticated" }, - { NULL, 'h', arg_string, &remote_host, "remote host", "hostname" }, - { NULL, 'p', arg_flag, &p_flag, "don't purge environment" }, -#if 0 - { NULL, 'r', arg_flag, &r_flag, "rlogin protocol" }, -#endif - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag,&help_flag, } -}; - -int nargs = sizeof(args) / sizeof(args[0]); - -static void -update_utmp(const char *username, const char *hostname, - char *tty, char *ttyn) -{ - /* - * Update the utmp files, both BSD and SYSV style. - */ - if (utmpx_login(tty, username, hostname) != 0 && !f_flag) { - printf("No utmpx entry. You must exec \"login\" from the " - "lowest level shell.\n"); - exit(1); - } - utmp_login(ttyn, username, hostname); -} - -static void -checknologin(void) -{ - FILE *f; - char buf[1024]; - - f = fopen(_PATH_NOLOGIN, "r"); - if(f == NULL) - return; - while(fgets(buf, sizeof(buf), f)) - fputs(buf, stdout); - fclose(f); - exit(0); -} - -/* print contents of a file */ -static void -show_file(const char *file) -{ - FILE *f; - char buf[BUFSIZ]; - if((f = fopen(file, "r")) == NULL) - return; - while (fgets(buf, sizeof(buf), f)) - fputs(buf, stdout); - fclose(f); -} - -/* - * Actually log in the user. `pwd' contains all the relevant - * information about the user. `ttyn' is the complete name of the tty - * and `tty' the short name. - */ - -static void -do_login(const struct passwd *pwd, char *tty, char *ttyn) -{ -#ifdef HAVE_GETSPNAM - struct spwd *sp; -#endif - int rootlogin = (pwd->pw_uid == 0); - gid_t tty_gid; - struct group *gr; - const char *home_dir; - int i; - - if(!rootlogin) - checknologin(); - -#ifdef HAVE_GETSPNAM - sp = getspnam(pwd->pw_name); -#endif - - update_utmp(pwd->pw_name, remote_host ? remote_host : "", - tty, ttyn); - - gr = getgrnam ("tty"); - if (gr != NULL) - tty_gid = gr->gr_gid; - else - tty_gid = pwd->pw_gid; - - if (chown (ttyn, pwd->pw_uid, tty_gid) < 0) { - warn("chown %s", ttyn); - if (rootlogin == 0) - exit (1); - } - - if (chmod (ttyn, S_IRUSR | S_IWUSR | S_IWGRP) < 0) { - warn("chmod %s", ttyn); - if (rootlogin == 0) - exit (1); - } - -#ifdef HAVE_SETLOGIN - if(setlogin(pwd->pw_name)){ - warn("setlogin(%s)", pwd->pw_name); - if(rootlogin == 0) - exit(1); - } -#endif - if(rootlogin == 0) { - const char *file = login_conf_get_string("limits"); - if(file == NULL) - file = _PATH_LIMITS_CONF; - - read_limits_conf(file, pwd); - } - -#ifdef HAVE_SETPCRED - if (setpcred (pwd->pw_name, NULL) == -1) - warn("setpcred(%s)", pwd->pw_name); -#endif /* HAVE_SETPCRED */ -#ifdef HAVE_INITGROUPS - if(initgroups(pwd->pw_name, pwd->pw_gid)){ - warn("initgroups(%s, %u)", pwd->pw_name, (unsigned)pwd->pw_gid); - if(rootlogin == 0) - exit(1); - } -#endif - if(do_osfc2_magic(pwd->pw_uid)) - exit(1); - if(setgid(pwd->pw_gid)){ - warn("setgid(%u)", (unsigned)pwd->pw_gid); - if(rootlogin == 0) - exit(1); - } - if(setuid(pwd->pw_uid) || (pwd->pw_uid != 0 && setuid(0) == 0)) { - warn("setuid(%u)", (unsigned)pwd->pw_uid); - if(rootlogin == 0) - exit(1); - } - - /* make sure signals are set to default actions, apparently some - OS:es like to ignore SIGINT, which is not very convenient */ - - for (i = 1; i < NSIG; ++i) - signal(i, SIG_DFL); - - /* all kinds of different magic */ - -#ifdef HAVE_GETSPNAM - check_shadow(pwd, sp); -#endif - -#if defined(HAVE_GETUDBNAM) && defined(HAVE_SETLIM) - { - struct udb *udb; - long t; - const long maxcpu = 46116860184; /* some random constant */ - udb = getudbnam(pwd->pw_name); - if(udb == UDB_NULL) - errx(1, "Failed to get UDB entry."); - t = udb->ue_pcpulim[UDBRC_INTER]; - if(t == 0 || t > maxcpu) - t = CPUUNLIM; - else - t *= 100 * CLOCKS_PER_SEC; - - if(limit(C_PROC, 0, L_CPU, t) < 0) - warn("limit C_PROC"); - - t = udb->ue_jcpulim[UDBRC_INTER]; - if(t == 0 || t > maxcpu) - t = CPUUNLIM; - else - t *= 100 * CLOCKS_PER_SEC; - - if(limit(C_JOBPROCS, 0, L_CPU, t) < 0) - warn("limit C_JOBPROCS"); - - nice(udb->ue_nice[UDBRC_INTER]); - } -#endif -#if defined(HAVE_SGI_GETCAPABILITYBYNAME) && defined(HAVE_CAP_SET_PROC) - /* XXX SGI capability hack IRIX 6.x (x >= 0?) has something - called capabilities, that allow you to give away - permissions (such as chown) to specific processes. From 6.5 - this is default on, and the default capability set seems to - not always be the empty set. The problem is that the - runtime linker refuses to do just about anything if the - process has *any* capabilities set, so we have to remove - them here (unless otherwise instructed by /etc/capability). - In IRIX < 6.5, these functions was called sgi_cap_setproc, - etc, but we ignore this fact (it works anyway). */ - { - struct user_cap *ucap = sgi_getcapabilitybyname(pwd->pw_name); - cap_t cap; - if(ucap == NULL) - cap = cap_from_text("all="); - else - cap = cap_from_text(ucap->ca_default); - if(cap == NULL) - err(1, "cap_from_text"); - if(cap_set_proc(cap) < 0) - err(1, "cap_set_proc"); - cap_free(cap); - free(ucap); - } -#endif - home_dir = pwd->pw_dir; - if (chdir(home_dir) < 0) { - fprintf(stderr, "No home directory \"%s\"!\n", pwd->pw_dir); - if (chdir("/")) - exit(0); - home_dir = "/"; - fprintf(stderr, "Logging in with home = \"/\".\n"); - } -#ifdef KRB5 - if (auth == AUTH_KRB5) { - krb5_start_session (pwd); - } -#ifdef KRB4 - else if (auth == 0) { - krb5_error_code ret; - krb5_ccache id; - - ret = krb5_cc_default (context, &id); - if (ret == 0) { - krb5_to4 (id); - krb5_cc_close (context, id); - } - } -#endif /* KRB4 */ - - krb5_get_afs_tokens (pwd); - - krb5_finish (); -#endif /* KRB5 */ - -#ifdef KRB4 - if (auth == AUTH_KRB4 || get_v4_tgt) - krb4_get_afs_tokens (pwd); -#endif /* KRB4 */ - - add_env("PATH", _PATH_DEFPATH); - - { - const char *str = login_conf_get_string("environment"); - char buf[MAXPATHLEN]; - - if(str == NULL) { - login_read_env(_PATH_ETC_ENVIRONMENT); - } else { - while(strsep_copy(&str, ",", buf, sizeof(buf)) != -1) { - if(buf[0] == '\0') - continue; - login_read_env(buf); - } - } - } - { - const char *str = login_conf_get_string("motd"); - char buf[MAXPATHLEN]; - - if(str != NULL) { - while(strsep_copy(&str, ",", buf, sizeof(buf)) != -1) { - if(buf[0] == '\0') - continue; - show_file(buf); - } - } else { - str = login_conf_get_string("welcome"); - if(str != NULL) - show_file(str); - } - } - add_env("HOME", home_dir); - add_env("USER", pwd->pw_name); - add_env("LOGNAME", pwd->pw_name); - add_env("SHELL", pwd->pw_shell); - exec_shell(pwd->pw_shell, rootlogin); -} - -static int -check_password(struct passwd *pwd, const char *password) -{ - if(pwd->pw_passwd == NULL) - return 1; - if(pwd->pw_passwd[0] == '\0'){ -#ifdef ALLOW_NULL_PASSWORD - return password[0] != '\0'; -#else - return 1; -#endif - } - if(strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) == 0) - return 0; -#ifdef KRB5 - if(krb5_verify(pwd, password) == 0) { - auth = AUTH_KRB5; - return 0; - } -#endif -#ifdef KRB4 - if (krb4_verify (pwd, password) == 0) { - auth = AUTH_KRB4; - return 0; - } -#endif -#ifdef OTP - if (otp_verify (pwd, password) == 0) { - auth = AUTH_OTP; - return 0; - } -#endif - return 1; -} - -static void -usage(int status) -{ - arg_printusage(args, nargs, NULL, "[username]"); - exit(status); -} - -static RETSIGTYPE -sig_handler(int sig) -{ - if (sig == SIGALRM) - fprintf(stderr, "Login timed out after %d seconds\n", - login_timeout); - else - fprintf(stderr, "Login received signal, exiting\n"); - exit(0); -} - -int -main(int argc, char **argv) -{ - int max_tries = 5; - int try; - - char username[32]; - int optidx = 0; - - int ask = 1; - struct sigaction sa; - - setprogname(argv[0]); - -#ifdef KRB5 - { - krb5_error_code ret; - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - } -#endif - - openlog("login", LOG_ODELAY | LOG_PID, LOG_AUTH); - - if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, - &optidx)) - usage (1); - argc -= optidx; - argv += optidx; - - if(help_flag) - usage(0); - if (version_flag) { - print_version (NULL); - return 0; - } - - if (geteuid() != 0) - errx(1, "only root may use login, use su"); - - /* Default tty settings. */ - stty_default(); - - if(p_flag) - copy_env(); - else { - /* this set of variables is always preserved by BSD login */ - if(getenv("TERM")) - add_env("TERM", getenv("TERM")); - if(getenv("TZ")) - add_env("TZ", getenv("TZ")); - } - - if(*argv){ - if(strchr(*argv, '=') == NULL && strcmp(*argv, "-") != 0){ - strlcpy (username, *argv, sizeof(username)); - ask = 0; - } - } - -#if defined(DCE) && defined(AIX) - esetenv("AUTHSTATE", "DCE", 1); -#endif - - /* XXX should we care about environment on the command line? */ - - memset(&sa, 0, sizeof(sa)); - sa.sa_handler = sig_handler; - sigemptyset(&sa.sa_mask); - sa.sa_flags = 0; - sigaction(SIGALRM, &sa, NULL); - alarm(login_timeout); - - for(try = 0; try < max_tries; try++){ - struct passwd *pwd; - char password[128]; - int ret; - char ttname[32]; - char *tty, *ttyn; - char prompt[128]; -#ifdef OTP - char otp_str[256]; -#endif - - if(ask){ - f_flag = 0; -#if 0 - r_flag = 0; -#endif - ret = read_string("login: ", username, sizeof(username), 1); - if(ret == -3) - exit(0); - if(ret == -2) - sig_handler(0); /* exit */ - } - pwd = k_getpwnam(username); -#ifdef ALLOW_NULL_PASSWORD - if (pwd != NULL && (pwd->pw_passwd[0] == '\0')) { - strcpy(password,""); - } - else -#endif - - { -#ifdef OTP - if(auth_level && strcmp(auth_level, "otp") == 0 && - otp_challenge(&otp_ctx, username, - otp_str, sizeof(otp_str)) == 0) - snprintf (prompt, sizeof(prompt), "%s's %s Password: ", - username, otp_str); - else -#endif - strncpy(prompt, "Password: ", sizeof(prompt)); - - if (f_flag == 0) { - ret = read_string(prompt, password, sizeof(password), 0); - if (ret == -3) { - ask = 1; - continue; - } - if (ret == -2) - sig_handler(0); - } - } - - if(pwd == NULL){ - fprintf(stderr, "Login incorrect.\n"); - ask = 1; - continue; - } - - if(f_flag == 0 && check_password(pwd, password)){ - fprintf(stderr, "Login incorrect.\n"); - ask = 1; - continue; - } - ttyn = ttyname(STDIN_FILENO); - if(ttyn == NULL){ - snprintf(ttname, sizeof(ttname), "%s??", _PATH_TTY); - ttyn = ttname; - } - if (strncmp (ttyn, _PATH_DEV, strlen(_PATH_DEV)) == 0) - tty = ttyn + strlen(_PATH_DEV); - else - tty = ttyn; - - if (login_access (pwd, remote_host ? remote_host : tty) == 0) { - fprintf(stderr, "Permission denied\n"); - if (remote_host) - syslog(LOG_NOTICE, "%s LOGIN REFUSED FROM %s", - pwd->pw_name, remote_host); - else - syslog(LOG_NOTICE, "%s LOGIN REFUSED ON %s", - pwd->pw_name, tty); - exit (1); - } else { - if (remote_host) - syslog(LOG_NOTICE, "%s LOGIN ACCEPTED FROM %s ppid=%d", - pwd->pw_name, remote_host, (int) getppid()); - else - syslog(LOG_NOTICE, "%s LOGIN ACCEPTED ON %s ppid=%d", - pwd->pw_name, tty, (int) getppid()); - } - alarm(0); - do_login(pwd, tty, ttyn); - } - exit(1); -} diff --git a/crypto/heimdal/appl/login/login_access.c b/crypto/heimdal/appl/login/login_access.c deleted file mode 100644 index e1bfe42ea1b8..000000000000 --- a/crypto/heimdal/appl/login/login_access.c +++ /dev/null @@ -1,277 +0,0 @@ -/************************************************************************ -* Copyright 1995 by Wietse Venema. All rights reserved. Some individual -* files may be covered by other copyrights. -* -* This material was originally written and compiled by Wietse Venema at -* Eindhoven University of Technology, The Netherlands, in 1990, 1991, -* 1992, 1993, 1994 and 1995. -* -* Redistribution and use in source and binary forms, with or without -* modification, are permitted provided that this entire copyright notice -* is duplicated in all such copies. -* -* This software is provided "as is" and without any expressed or implied -* warranties, including, without limitation, the implied warranties of -* merchantibility and fitness for any particular purpose. -************************************************************************/ - /* - * This module implements a simple but effective form of login access - * control based on login names and on host (or domain) names, internet - * addresses (or network numbers), or on terminal line names in case of - * non-networked logins. Diagnostics are reported through syslog(3). - * - * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. - */ - -#include "login_locl.h" - -RCSID("$Id: login_access.c 10020 2001-06-04 14:10:19Z assar $"); - - /* Delimiters for fields and for lists of users, ttys or hosts. */ - -static char fs[] = ":"; /* field separator */ -static char sep[] = ", \t"; /* list-element separator */ - - /* Constants to be used in assignments only, not in comparisons... */ - -#define YES 1 -#define NO 0 - - /* - * A structure to bundle up all login-related information to keep the - * functional interfaces as generic as possible. - */ -struct login_info { - struct passwd *user; - char *from; -}; - -static int list_match(char *list, struct login_info *item, - int (*match_fn)(char *, struct login_info *)); -static int user_match(char *tok, struct login_info *item); -static int from_match(char *tok, struct login_info *item); -static int string_match(char *tok, char *string); - -/* login_access - match username/group and host/tty with access control file */ - -int login_access(struct passwd *user, char *from) -{ - struct login_info item; - FILE *fp; - char line[BUFSIZ]; - char *perm; /* becomes permission field */ - char *users; /* becomes list of login names */ - char *froms; /* becomes list of terminals or hosts */ - int match = NO; - int end; - int lineno = 0; /* for diagnostics */ - char *foo; - - /* - * Bundle up the arguments to avoid unnecessary clumsiness lateron. - */ - item.user = user; - item.from = from; - - /* - * Process the table one line at a time and stop at the first match. - * Blank lines and lines that begin with a '#' character are ignored. - * Non-comment lines are broken at the ':' character. All fields are - * mandatory. The first field should be a "+" or "-" character. A - * non-existing table means no access control. - */ - - if ((fp = fopen(_PATH_LOGACCESS, "r")) != 0) { - while (!match && fgets(line, sizeof(line), fp)) { - lineno++; - if (line[end = strlen(line) - 1] != '\n') { - syslog(LOG_ERR, "%s: line %d: missing newline or line too long", - _PATH_LOGACCESS, lineno); - continue; - } - if (line[0] == '#') - continue; /* comment line */ - while (end > 0 && isspace((unsigned char)line[end - 1])) - end--; - line[end] = 0; /* strip trailing whitespace */ - if (line[0] == 0) /* skip blank lines */ - continue; - foo = NULL; - if (!(perm = strtok_r(line, fs, &foo)) - || !(users = strtok_r(NULL, fs, &foo)) - || !(froms = strtok_r(NULL, fs, &foo)) - || strtok_r(NULL, fs, &foo)) { - syslog(LOG_ERR, "%s: line %d: bad field count", - _PATH_LOGACCESS, - lineno); - continue; - } - if (perm[0] != '+' && perm[0] != '-') { - syslog(LOG_ERR, "%s: line %d: bad first field", - _PATH_LOGACCESS, - lineno); - continue; - } - match = (list_match(froms, &item, from_match) - && list_match(users, &item, user_match)); - } - fclose(fp); - } else if (errno != ENOENT) { - syslog(LOG_ERR, "cannot open %s: %m", _PATH_LOGACCESS); - } - return (match == 0 || (line[0] == '+')); -} - -/* list_match - match an item against a list of tokens with exceptions */ - -static int -list_match(char *list, - struct login_info *item, - int (*match_fn)(char *, struct login_info *)) -{ - char *tok; - int match = NO; - char *foo = NULL; - - /* - * Process tokens one at a time. We have exhausted all possible matches - * when we reach an "EXCEPT" token or the end of the list. If we do find - * a match, look for an "EXCEPT" list and recurse to determine whether - * the match is affected by any exceptions. - */ - - for (tok = strtok_r(list, sep, &foo); - tok != NULL; - tok = strtok_r(NULL, sep, &foo)) { - if (strcasecmp(tok, "EXCEPT") == 0) /* EXCEPT: give up */ - break; - if ((match = (*match_fn) (tok, item)) != 0) /* YES */ - break; - } - /* Process exceptions to matches. */ - - if (match != NO) { - while ((tok = strtok_r(NULL, sep, &foo)) && strcasecmp(tok, "EXCEPT")) - /* VOID */ ; - if (tok == 0 || list_match(NULL, item, match_fn) == NO) - return (match); - } - return (NO); -} - -/* myhostname - figure out local machine name */ - -static char *myhostname(void) -{ - static char name[MAXHOSTNAMELEN + 1] = ""; - - if (name[0] == 0) { - gethostname(name, sizeof(name)); - name[MAXHOSTNAMELEN] = 0; - } - return (name); -} - -/* netgroup_match - match group against machine or user */ - -static int netgroup_match(char *group, char *machine, char *user) -{ -#ifdef HAVE_YP_GET_DEFAULT_DOMAIN - static char *mydomain = 0; - - if (mydomain == 0) - yp_get_default_domain(&mydomain); - return (innetgr(group, machine, user, mydomain)); -#else - syslog(LOG_ERR, "NIS netgroup support not configured"); - return 0; -#endif -} - -/* user_match - match a username against one token */ - -static int user_match(char *tok, struct login_info *item) -{ - char *string = item->user->pw_name; - struct login_info fake_item; - struct group *group; - int i; - char *at; - - /* - * If a token has the magic value "ALL" the match always succeeds. - * Otherwise, return YES if the token fully matches the username, if the - * token is a group that contains the username, or if the token is the - * name of the user's primary group. - */ - - if ((at = strchr(tok + 1, '@')) != 0) { /* split user@host pattern */ - *at = 0; - fake_item.from = myhostname(); - return (user_match(tok, item) && from_match(at + 1, &fake_item)); - } else if (tok[0] == '@') { /* netgroup */ - return (netgroup_match(tok + 1, (char *) 0, string)); - } else if (string_match(tok, string)) { /* ALL or exact match */ - return (YES); - } else if ((group = getgrnam(tok)) != 0) { /* try group membership */ - if (item->user->pw_gid == group->gr_gid) - return (YES); - for (i = 0; group->gr_mem[i]; i++) - if (strcasecmp(string, group->gr_mem[i]) == 0) - return (YES); - } - return (NO); -} - -/* from_match - match a host or tty against a list of tokens */ - -static int from_match(char *tok, struct login_info *item) -{ - char *string = item->from; - int tok_len; - int str_len; - - /* - * If a token has the magic value "ALL" the match always succeeds. Return - * YES if the token fully matches the string. If the token is a domain - * name, return YES if it matches the last fields of the string. If the - * token has the magic value "LOCAL", return YES if the string does not - * contain a "." character. If the token is a network number, return YES - * if it matches the head of the string. - */ - - if (tok[0] == '@') { /* netgroup */ - return (netgroup_match(tok + 1, string, (char *) 0)); - } else if (string_match(tok, string)) { /* ALL or exact match */ - return (YES); - } else if (tok[0] == '.') { /* domain: match last fields */ - if ((str_len = strlen(string)) > (tok_len = strlen(tok)) - && strcasecmp(tok, string + str_len - tok_len) == 0) - return (YES); - } else if (strcasecmp(tok, "LOCAL") == 0) { /* local: no dots */ - if (strchr(string, '.') == 0) - return (YES); - } else if (tok[(tok_len = strlen(tok)) - 1] == '.' /* network */ - && strncmp(tok, string, tok_len) == 0) { - return (YES); - } - return (NO); -} - -/* string_match - match a string against one token */ - -static int string_match(char *tok, char *string) -{ - - /* - * If the token has the magic value "ALL" the match always succeeds. - * Otherwise, return YES if the token fully matches the string. - */ - - if (strcasecmp(tok, "ALL") == 0) { /* all: always matches */ - return (YES); - } else if (strcasecmp(tok, string) == 0) { /* try exact match */ - return (YES); - } - return (NO); -} diff --git a/crypto/heimdal/appl/login/login_locl.h b/crypto/heimdal/appl/login/login_locl.h deleted file mode 100644 index 08b960c9c719..000000000000 --- a/crypto/heimdal/appl/login/login_locl.h +++ /dev/null @@ -1,150 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: login_locl.h 17302 2006-04-27 09:17:01Z lha $ */ - -#ifndef __LOGIN_LOCL_H__ -#define __LOGIN_LOCL_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_PATHS_H -#include -#endif -#ifdef HAVE_UTMP_H -#include -#endif -#ifdef HAVE_UTMPX_H -#include -#endif -#ifdef HAVE_UDB_H -#include -#endif -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif -#ifdef HAVE_SYS_CATEGORY_H -#include -#endif -#ifdef HAVE_SYS_WAIT_H -#include -#endif -#ifdef HAVE_SHADOW_H -#include -#endif -#ifdef HAVE_NETGROUP_H -#include -#endif -#ifdef HAVE_RPCSVC_YPCLNT_H -#include -#endif -#ifdef KRB4 -#include -#endif -#ifdef KRB5 -#include -#endif -#include - -#ifdef OTP -#include -#endif - -#ifdef HAVE_OSFC2 -#define getargs OSFgetargs -#include "/usr/include/prot.h" -#undef getargs -#endif - -#ifndef _PATH_BSHELL -#define _PATH_BSHELL "/bin/sh" -#endif -#ifndef _PATH_TTY -#define _PATH_TTY "/dev/tty" -#endif -#ifndef _PATH_DEV -#define _PATH_DEV "/dev/" -#endif -#ifndef _PATH_WTMP -#ifdef WTMP_FILE -#define _PATH_WTMP WTMP_FILE -#else -#define _PATH_WTMP "/var/adm/wtmp" -#endif -#endif -#ifndef _PATH_UTMP -#ifdef UTMP_FILE -#define _PATH_UTMP UTMP_FILE -#else -#define _PATH_UTMP "/var/adm/utmp" -#endif -#endif - -#ifndef _PATH_LOGACCESS -#define _PATH_LOGACCESS SYSCONFDIR "/login.access" -#endif /* _PATH_LOGACCESS */ - -#ifndef _PATH_LOGIN_CONF -#define _PATH_LOGIN_CONF SYSCONFDIR "/login.conf" -#endif /* _PATH_LOGIN_CONF */ - -#ifndef _PATH_DEFPATH -#define _PATH_DEFPATH "/usr/bin:/bin" -#endif - -#include "loginpaths.h" - -struct spwd; - -extern char **env; -extern int num_env; - -#include "login_protos.h" - -#endif /* __LOGIN_LOCL_H__ */ diff --git a/crypto/heimdal/appl/login/login_protos.h b/crypto/heimdal/appl/login/login_protos.h deleted file mode 100644 index 7fdbb35ca120..000000000000 --- a/crypto/heimdal/appl/login/login_protos.h +++ /dev/null @@ -1,91 +0,0 @@ -/* This is a generated file */ -#ifndef __login_protos_h__ -#define __login_protos_h__ - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -void -add_env ( - const char */*var*/, - const char */*value*/); - -void -check_shadow ( - const struct passwd */*pw*/, - const struct spwd */*sp*/); - -char * -clean_ttyname (char */*tty*/); - -void -copy_env (void); - -int -do_osfc2_magic (uid_t /*uid*/); - -void -extend_env (char */*str*/); - -int -login_access ( - struct passwd */*user*/, - char */*from*/); - -char * -login_conf_get_string (const char */*str*/); - -int -login_read_env (const char */*file*/); - -char * -make_id (char */*tty*/); - -void -prepare_utmp ( - struct utmp */*utmp*/, - char */*tty*/, - const char */*username*/, - const char */*hostname*/); - -int -read_limits_conf ( - const char */*file*/, - const struct passwd */*pwd*/); - -int -read_string ( - const char */*prompt*/, - char */*buf*/, - size_t /*len*/, - int /*echo*/); - -void -shrink_hostname ( - const char */*hostname*/, - char */*dst*/, - size_t /*dst_sz*/); - -void -stty_default (void); - -void -utmp_login ( - char */*tty*/, - const char */*username*/, - const char */*hostname*/); - -int -utmpx_login ( - char */*line*/, - const char */*user*/, - const char */*host*/); - -#ifdef __cplusplus -} -#endif - -#endif /* __login_protos_h__ */ diff --git a/crypto/heimdal/appl/login/loginpaths.h b/crypto/heimdal/appl/login/loginpaths.h deleted file mode 100644 index 141f81e2db5f..000000000000 --- a/crypto/heimdal/appl/login/loginpaths.h +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: loginpaths.h 17299 2006-04-27 09:14:20Z lha $ */ - -#ifndef __LOGIN_PATH_H -#define __LOGIN_PATH_H - -#ifndef _PATH_NOLOGIN -#define _PATH_NOLOGIN "/etc/nologin" -#endif - -#ifndef _PATH_ETC_ENVIRONMENT -#define _PATH_ETC_ENVIRONMENT SYSCONFDIR "/environment" -#endif - -#ifndef _PATH_LIMITS_CONF -#define _PATH_LIMITS_CONF "/etc/security/limits.conf" -#endif - - -#endif /* __LOGIN_PATH_H */ diff --git a/crypto/heimdal/appl/login/osfc2.c b/crypto/heimdal/appl/login/osfc2.c deleted file mode 100644 index e9c367937d4c..000000000000 --- a/crypto/heimdal/appl/login/osfc2.c +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "login_locl.h" -RCSID("$Id: osfc2.c 9704 2001-02-20 01:44:56Z assar $"); - -int -do_osfc2_magic(uid_t uid) -{ -#ifdef HAVE_OSFC2 - struct es_passwd *epw; - char *argv[2]; - - /* fake */ - argv[0] = (char*)getprogname(); - argv[1] = NULL; - set_auth_parameters(1, argv); - - epw = getespwuid(uid); - if(epw == NULL) { - syslog(LOG_AUTHPRIV|LOG_NOTICE, - "getespwuid failed for %d", uid); - printf("Sorry.\n"); - return 1; - } - /* We don't check for auto-retired, foo-retired, - bar-retired, or any other kind of retired accounts - here; neither do we check for time-locked accounts, or - any other kind of serious C2 mumbo-jumbo. We do, - however, call setluid, since failing to do so is not - very good (take my word for it). */ - - if(!epw->uflg->fg_uid) { - syslog(LOG_AUTHPRIV|LOG_NOTICE, - "attempted login by %s (has no uid)", epw->ufld->fd_name); - printf("Sorry.\n"); - return 1; - } - setluid(epw->ufld->fd_uid); - if(getluid() != epw->ufld->fd_uid) { - syslog(LOG_AUTHPRIV|LOG_NOTICE, - "failed to set LUID for %s (%d)", - epw->ufld->fd_name, epw->ufld->fd_uid); - printf("Sorry.\n"); - return 1; - } -#endif /* HAVE_OSFC2 */ - return 0; -} diff --git a/crypto/heimdal/appl/login/read_string.c b/crypto/heimdal/appl/login/read_string.c deleted file mode 100644 index 925345e93098..000000000000 --- a/crypto/heimdal/appl/login/read_string.c +++ /dev/null @@ -1,137 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "login_locl.h" - -RCSID("$Id: read_string.c 18156 2006-09-22 15:42:39Z lha $"); - -static sig_atomic_t intr_flag; - -static void -intr(int sig) -{ - intr_flag++; -} - -#ifndef NSIG -#define NSIG 47 -#endif - -int -read_string(const char *prompt, char *buf, size_t len, int echo) -{ - struct sigaction sigs[NSIG]; - int oksigs[NSIG]; - struct sigaction sa; - FILE *tty; - int ret = 0; - int of = 0; - int i; - int c; - char *p; - - struct termios t_new, t_old; - - memset(&oksigs, 0, sizeof(oksigs)); - - memset(&sa, 0, sizeof(sa)); - sa.sa_handler = intr; - sigemptyset(&sa.sa_mask); - sa.sa_flags = 0; - for(i = 1; i < sizeof(sigs) / sizeof(sigs[0]); i++) - if (i != SIGALRM) - if (sigaction(i, &sa, &sigs[i]) == 0) - oksigs[i] = 1; - - if((tty = fopen("/dev/tty", "r")) == NULL) - tty = stdin; - - fprintf(stderr, "%s", prompt); - fflush(stderr); - - if(echo == 0){ - tcgetattr(fileno(tty), &t_old); - memcpy(&t_new, &t_old, sizeof(t_new)); - t_new.c_lflag &= ~ECHO; - tcsetattr(fileno(tty), TCSANOW, &t_new); - } - intr_flag = 0; - p = buf; - while(intr_flag == 0){ - c = getc(tty); - if(c == EOF){ - if(!ferror(tty)) - ret = 1; - break; - } - if(c == '\n') - break; - if(of == 0) - *p++ = c; - of = (p == buf + len); - } - if(of) - p--; - *p = 0; - - if(echo == 0){ - printf("\n"); - tcsetattr(fileno(tty), TCSANOW, &t_old); - } - - if(tty != stdin) - fclose(tty); - - for(i = 1; i < sizeof(sigs) / sizeof(sigs[0]); i++) - if (oksigs[i]) - sigaction(i, &sigs[i], NULL); - - if(ret) - return -3; - if(intr_flag) - return -2; - if(of) - return -1; - return 0; -} - - -#if 0 -int main() -{ - char s[128]; - int ret; - ret = read_string("foo: ", s, sizeof(s), 0); - printf("%d ->%s<-\n", ret, s); -} -#endif diff --git a/crypto/heimdal/appl/login/shadow.c b/crypto/heimdal/appl/login/shadow.c deleted file mode 100644 index 081fe1cb7034..000000000000 --- a/crypto/heimdal/appl/login/shadow.c +++ /dev/null @@ -1,95 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "login_locl.h" - -RCSID("$Id: shadow.c 7464 1999-12-02 17:05:13Z joda $"); - -#ifdef HAVE_SHADOW_H - -#ifndef _PATH_CHPASS -#define _PATH_CHPASS "/usr/bin/passwd" -#endif - -static int -change_passwd(const struct passwd *who) -{ - int status; - pid_t pid; - - switch (pid = fork()) { - case -1: - printf("fork /bin/passwd"); - exit(1); - case 0: - execlp(_PATH_CHPASS, "passwd", who->pw_name, (char *) 0); - exit(1); - default: - waitpid(pid, &status, 0); - return (status); - } -} - -void -check_shadow(const struct passwd *pw, const struct spwd *sp) -{ - long today; - - today = time(0)/(24L * 60 * 60); - - if (sp == NULL) - return; - - if (sp->sp_expire > 0) { - if (today >= sp->sp_expire) { - printf("Your account has expired.\n"); - sleep(1); - exit(0); - } else if (sp->sp_expire - today < 14) { - printf("Your account will expire in %d days.\n", - (int)(sp->sp_expire - today)); - } - } - - if (sp->sp_max > 0) { - if (today >= (sp->sp_lstchg + sp->sp_max)) { - printf("Your password has expired. Choose a new one.\n"); - change_passwd(pw); - } else if (sp->sp_warn > 0 - && (today > (sp->sp_lstchg + sp->sp_max - sp->sp_warn))) { - printf("Your password will expire in %d days.\n", - (int)(sp->sp_lstchg + sp->sp_max - today)); - } - } -} -#endif /* HAVE_SHADOW_H */ diff --git a/crypto/heimdal/appl/login/stty_default.c b/crypto/heimdal/appl/login/stty_default.c deleted file mode 100644 index df490489c974..000000000000 --- a/crypto/heimdal/appl/login/stty_default.c +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "login_locl.h" - -RCSID("$Id: stty_default.c 7464 1999-12-02 17:05:13Z joda $"); - -#include - -/* HP-UX 9.0 termios doesn't define these */ -#ifndef FLUSHO -#define FLUSHO 0 -#endif - -#ifndef XTABS -#define XTABS 0 -#endif - -#ifndef OXTABS -#define OXTABS XTABS -#endif - -/* Ultrix... */ -#ifndef ECHOPRT -#define ECHOPRT 0 -#endif - -#ifndef ECHOCTL -#define ECHOCTL 0 -#endif - -#ifndef ECHOKE -#define ECHOKE 0 -#endif - -#ifndef IMAXBEL -#define IMAXBEL 0 -#endif - -#define Ctl(x) ((x) ^ 0100) - -void -stty_default(void) -{ - struct termios termios; - - /* - * Finalize the terminal settings. Some systems default to 8 bits, - * others to 7, so we should leave that alone. - */ - tcgetattr(0, &termios); - - termios.c_iflag |= (BRKINT|IGNPAR|ICRNL|IXON|IMAXBEL); - termios.c_iflag &= ~IXANY; - - termios.c_lflag |= (ISIG|IEXTEN|ICANON|ECHO|ECHOE|ECHOK|ECHOCTL|ECHOKE); - termios.c_lflag &= ~(ECHOPRT|TOSTOP|FLUSHO); - - termios.c_oflag |= (OPOST|ONLCR); - termios.c_oflag &= ~OXTABS; - - termios.c_cc[VINTR] = Ctl('C'); - termios.c_cc[VERASE] = Ctl('H'); - termios.c_cc[VKILL] = Ctl('U'); - termios.c_cc[VEOF] = Ctl('D'); - - termios.c_cc[VSUSP] = Ctl('Z'); - - tcsetattr(0, TCSANOW, &termios); -} diff --git a/crypto/heimdal/appl/login/tty.c b/crypto/heimdal/appl/login/tty.c deleted file mode 100644 index 8dd68eece738..000000000000 --- a/crypto/heimdal/appl/login/tty.c +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "login_locl.h" - -RCSID("$Id: tty.c 7464 1999-12-02 17:05:13Z joda $"); - -/* - * Clean the tty name. Return a pointer to the cleaned version. - */ - -char * -clean_ttyname (char *tty) -{ - char *res = tty; - - if (strncmp (res, _PATH_DEV, strlen(_PATH_DEV)) == 0) - res += strlen(_PATH_DEV); - if (strncmp (res, "pty/", 4) == 0) - res += 4; - if (strncmp (res, "ptym/", 5) == 0) - res += 5; - return res; -} - -/* - * Generate a name usable as an `ut_id', typically without `tty'. - */ - -char * -make_id (char *tty) -{ - char *res = tty; - - if (strncmp (res, "pts/", 4) == 0) - res += 4; - if (strncmp (res, "tty", 3) == 0) - res += 3; - return res; -} diff --git a/crypto/heimdal/appl/login/utmp_login.c b/crypto/heimdal/appl/login/utmp_login.c deleted file mode 100644 index 5f6c79c13979..000000000000 --- a/crypto/heimdal/appl/login/utmp_login.c +++ /dev/null @@ -1,162 +0,0 @@ -/* - * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "login_locl.h" - -RCSID("$Id: utmp_login.c 9661 2001-02-08 16:08:47Z assar $"); - -/* try to put something useful from hostname into dst, dst_sz: - * full name, first component or address */ - -void -shrink_hostname (const char *hostname, - char *dst, size_t dst_sz) -{ - char local_hostname[MaxHostNameLen]; - char *ld, *hd; - int ret; - struct addrinfo *ai; - - if (strlen(hostname) < dst_sz) { - strlcpy (dst, hostname, dst_sz); - return; - } - gethostname (local_hostname, sizeof(local_hostname)); - hd = strchr (hostname, '.'); - ld = strchr (local_hostname, '.'); - if (hd != NULL && ld != NULL && strcmp(hd, ld) == 0 - && hd - hostname < dst_sz) { - strlcpy (dst, hostname, dst_sz); - dst[hd - hostname] = '\0'; - return; - } - - ret = getaddrinfo (hostname, NULL, NULL, &ai); - if (ret) { - strncpy (dst, hostname, dst_sz); - return; - } - ret = getnameinfo (ai->ai_addr, ai->ai_addrlen, - dst, dst_sz, - NULL, 0, - NI_NUMERICHOST); - freeaddrinfo (ai); - if (ret) { - strncpy (dst, hostname, dst_sz); - return; - } -} - -void -prepare_utmp (struct utmp *utmp, char *tty, - const char *username, const char *hostname) -{ - char *ttyx = clean_ttyname (tty); - - memset(utmp, 0, sizeof(*utmp)); - utmp->ut_time = time(NULL); - strncpy(utmp->ut_line, ttyx, sizeof(utmp->ut_line)); - strncpy(utmp->ut_name, username, sizeof(utmp->ut_name)); - -# ifdef HAVE_STRUCT_UTMP_UT_USER - strncpy(utmp->ut_user, username, sizeof(utmp->ut_user)); -# endif - -# ifdef HAVE_STRUCT_UTMP_UT_ADDR - if (hostname[0]) { - struct hostent *he; - if ((he = gethostbyname(hostname))) - memcpy(&utmp->ut_addr, he->h_addr_list[0], - sizeof(utmp->ut_addr)); - } -# endif - -# ifdef HAVE_STRUCT_UTMP_UT_HOST - shrink_hostname (hostname, utmp->ut_host, sizeof(utmp->ut_host)); -# endif - -# ifdef HAVE_STRUCT_UTMP_UT_TYPE - utmp->ut_type = USER_PROCESS; -# endif - -# ifdef HAVE_STRUCT_UTMP_UT_PID - utmp->ut_pid = getpid(); -# endif - -# ifdef HAVE_STRUCT_UTMP_UT_ID - strncpy(utmp->ut_id, make_id(ttyx), sizeof(utmp->ut_id)); -# endif -} - -#ifdef HAVE_UTMPX_H -void utmp_login(char *tty, const char *username, const char *hostname) -{ - return; -} -#else - -/* update utmp and wtmp - the BSD way */ - -void utmp_login(char *tty, const char *username, const char *hostname) -{ - struct utmp utmp; - int fd; - - prepare_utmp (&utmp, tty, username, hostname); - -#ifdef HAVE_SETUTENT - utmpname(_PATH_UTMP); - setutent(); - pututline(&utmp); - endutent(); -#else - -#ifdef HAVE_TTYSLOT - { - int ttyno; - ttyno = ttyslot(); - if (ttyno > 0 && (fd = open(_PATH_UTMP, O_WRONLY, 0)) >= 0) { - lseek(fd, (long)(ttyno * sizeof(struct utmp)), SEEK_SET); - write(fd, &utmp, sizeof(struct utmp)); - close(fd); - } - } -#endif /* HAVE_TTYSLOT */ -#endif /* HAVE_SETUTENT */ - - if ((fd = open(_PATH_WTMP, O_WRONLY|O_APPEND, 0)) >= 0) { - write(fd, &utmp, sizeof(struct utmp)); - close(fd); - } -} -#endif /* !HAVE_UTMPX_H */ diff --git a/crypto/heimdal/appl/login/utmpx_login.c b/crypto/heimdal/appl/login/utmpx_login.c deleted file mode 100644 index 5e25c09892dd..000000000000 --- a/crypto/heimdal/appl/login/utmpx_login.c +++ /dev/null @@ -1,105 +0,0 @@ -/************************************************************************ -* Copyright 1995 by Wietse Venema. All rights reserved. Some individual -* files may be covered by other copyrights. -* -* This material was originally written and compiled by Wietse Venema at -* Eindhoven University of Technology, The Netherlands, in 1990, 1991, -* 1992, 1993, 1994 and 1995. -* -* Redistribution and use in source and binary forms, with or without -* modification, are permitted provided that this entire copyright notice -* is duplicated in all such copies. -* -* This software is provided "as is" and without any expressed or implied -* warranties, including, without limitation, the implied warranties of -* merchantibility and fitness for any particular purpose. -************************************************************************/ -/* Author: Wietse Venema */ - -#include "login_locl.h" - -RCSID("$Id: utmpx_login.c 10020 2001-06-04 14:10:19Z assar $"); - -/* utmpx_login - update utmp and wtmp after login */ - -#ifndef HAVE_UTMPX_H -int utmpx_login(char *line, const char *user, const char *host) { return 0; } -#else - -static void -utmpx_update(struct utmpx *ut, char *line, const char *user, const char *host) -{ - struct timeval tmp; - char *clean_tty = clean_ttyname(line); - - strncpy(ut->ut_line, clean_tty, sizeof(ut->ut_line)); -#ifdef HAVE_STRUCT_UTMPX_UT_ID - strncpy(ut->ut_id, make_id(clean_tty), sizeof(ut->ut_id)); -#endif - strncpy(ut->ut_user, user, sizeof(ut->ut_user)); - shrink_hostname (host, ut->ut_host, sizeof(ut->ut_host)); -#ifdef HAVE_STRUCT_UTMPX_UT_SYSLEN - ut->ut_syslen = strlen(host) + 1; - if (ut->ut_syslen > sizeof(ut->ut_host)) - ut->ut_syslen = sizeof(ut->ut_host); -#endif - ut->ut_type = USER_PROCESS; - gettimeofday (&tmp, 0); - ut->ut_tv.tv_sec = tmp.tv_sec; - ut->ut_tv.tv_usec = tmp.tv_usec; - pututxline(ut); -#ifdef WTMPX_FILE - updwtmpx(WTMPX_FILE, ut); -#elif defined(WTMP_FILE) - { - struct utmp utmp; - int fd; - - prepare_utmp (&utmp, line, user, host); - if ((fd = open(_PATH_WTMP, O_WRONLY|O_APPEND, 0)) >= 0) { - write(fd, &utmp, sizeof(struct utmp)); - close(fd); - } - } -#endif -} - -int -utmpx_login(char *line, const char *user, const char *host) -{ - struct utmpx *ut, save_ut; - pid_t mypid = getpid(); - int ret = (-1); - - /* - * SYSV4 ttymon and login use tty port names with the "/dev/" prefix - * stripped off. Rlogind and telnetd, on the other hand, make utmpx - * entries with device names like /dev/pts/nnn. We therefore cannot use - * getutxline(). Return nonzero if no utmp entry was found with our own - * process ID for a login or user process. - */ - - while ((ut = getutxent())) { - /* Try to find a reusable entry */ - if (ut->ut_pid == mypid - && ( ut->ut_type == INIT_PROCESS - || ut->ut_type == LOGIN_PROCESS - || ut->ut_type == USER_PROCESS)) { - save_ut = *ut; - utmpx_update(&save_ut, line, user, host); - ret = 0; - break; - } - } - if (ret == -1) { - /* Grow utmpx file by one record. */ - struct utmpx newut; - memset(&newut, 0, sizeof(newut)); - newut.ut_pid = mypid; - utmpx_update(&newut, line, user, host); - ret = 0; - } - endutxent(); - return (ret); -} -#endif /* HAVE_UTMPX_H */ diff --git a/crypto/heimdal/appl/push/ChangeLog b/crypto/heimdal/appl/push/ChangeLog deleted file mode 100644 index d1ad46b8c832..000000000000 --- a/crypto/heimdal/appl/push/ChangeLog +++ /dev/null @@ -1,200 +0,0 @@ -2005-04-19 Love Hörnquist Åstrand - - * push.c: catch when snprint needs a larger buffer - -2004-06-17 Johan Danielsson - - * push.c: alloc memory to handle very long lines - -2003-04-03 Assar Westerlund - - * push.c: fixed one incorrect fprintf to stderr - -2003-03-18 Love Hörnquist Åstrand - - * push.c: add names of pop states, add some more debugging and use - fprintf(stderr) for all dbg stmts. - -2001-09-04 Assar Westerlund - - * push.c (doit): check return values from snprintf being negative - -2000-12-31 Assar Westerlund - - * push.c (main): handle krb5_init_context failure consistently - -2000-12-26 Assar Westerlund - - * push.c: support several headers, from use - estrdup, emalloc, erealloc - -2000-11-29 Johan Danielsson - - * pfrom.1: work around bug in grog that makes it think it needs - mdoc.old - - * push.8: work around bug in grog that makes it think it needs - mdoc.old - -2000-11-27 Johan Danielsson - - * push.c: add space to usage - -2000-10-08 Assar Westerlund - - * push.c (doit): check that fds are not too large to select on - -2000-03-04 Assar Westerlund - - * add man-page for pfrom - -1999-12-28 Assar Westerlund - - * push.c (main): call k_getportbyname with port number in - network-byte-order - -1999-12-14 Assar Westerlund - - * push.c (do_connect): remove bogus local block variable - -1999-12-05 Assar Westerlund - - * push.c (do_connect): use `getaddrinfo' - * push.c: add --count (print number of messages and bytes at - beginning) - -1999-11-13 Assar Westerlund - - * push.c: make `-v' a arg_counter - -1999-11-02 Assar Westerlund - - * push.c (main): redo the v4/v5 selection for consistency. -4 -> - try only v4 -5 -> try only v5 none, -45 -> try v5, v4 - -1999-08-19 Assar Westerlund - - * push.c (doit): remember to step over the error message when we - discover that XDELE is not supported - -1999-08-12 Johan Danielsson - - * push.c: use XDELE - -1999-08-05 Assar Westerlund - - * push.c (do_connect): v6-ify - -1999-06-15 Assar Westerlund - - * push.c: get_default_username and the resulting const propagation - -1999-05-21 Assar Westerlund - - * push.c (parse_pobox): try $USERNAME - -1999-05-11 Assar Westerlund - - * push.c (do_v5): remove unused and non-working code - -1999-05-10 Assar Westerlund - - * push.c (do_v5): call krb5_sendauth with ccache == NULL - -Wed Apr 7 23:40:00 1999 Assar Westerlund - - * Makefile.in: fix names of hesiod variables - -Wed Mar 24 04:37:04 1999 Assar Westerlund - - * Makefile.am (pfrom): fix typo - - * push.c (get_pobox): try to handle old and new hesiod APIs - -Mon Mar 22 22:19:40 1999 Assar Westerlund - - * Makefile.am: hesoid -> hesiod - -Sun Mar 21 18:02:10 1999 Johan Danielsson - - * Makefile.am: bindir -> libexecdir - -Sat Mar 20 00:12:26 1999 Assar Westerlund - - * Makefile.am: LDADD: add missing backslash - -Thu Mar 18 15:28:35 1999 Johan Danielsson - - * Makefile.am: clean pfrom - - * Makefile.am: include Makefile.am.common - -Mon Mar 15 18:26:16 1999 Johan Danielsson - - * push.c: strncasecmp headers - -Mon Feb 15 22:22:09 1999 Assar Westerlund - - * Makefile.in (pfrom): use libexecdir - - * Makefile.am: build and install pfrom - - * push.c (do_connect): init `s' - (pop_state): spell-check enums - -Tue Nov 24 23:20:54 1998 Assar Westerlund - - * Makefile.in: build and install pfrom - - * pfrom.in: bindir -> libexecdir - -Sun Nov 22 15:33:52 1998 Johan Danielsson - - * push.c: eliminate some warnings - -Sun Nov 22 10:34:54 1998 Assar Westerlund - - * Makefile.in (WFLAGS): set - -Thu Nov 19 01:17:33 1998 Assar Westerlund - - * push_locl.h: add - - * Makefile.am, Makefile.in: link and include hesiod - - * push.c (get_pobox): new function. add hesiod support. - -1998-11-07 Assar Westerlund - - * push.8: updated - - * push.c: --from implementation from - -Fri Jul 10 01:14:45 1998 Assar Westerlund - - * push.c (net_{read,write}): remove - -Wed Jun 24 14:41:41 1998 Johan Danielsson - - * push.c: allow `po:user@host' mailbox syntax - -Tue Jun 2 17:35:06 1998 Johan Danielsson - - * push.c: quote '^From ' properly - -Mon May 25 05:22:47 1998 Assar Westerlund - - * Makefile.in (clean): PROGS -> PROGRAMS - -Sun Apr 26 11:42:13 1998 Assar Westerlund - - * push.c (main): better default for v4 and v5 - - * push.c (main): init context correctly - - * push.c: should work with krb4 - - * push_locl.h: krb4 compat - - * Makefile.in: new file - diff --git a/crypto/heimdal/appl/push/Makefile.am b/crypto/heimdal/appl/push/Makefile.am deleted file mode 100644 index eb67943371fc..000000000000 --- a/crypto/heimdal/appl/push/Makefile.am +++ /dev/null @@ -1,27 +0,0 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_krb4) $(INCLUDE_hesiod) - -bin_SCRIPTS = pfrom - -libexec_PROGRAMS = push - -push_SOURCES = push.c push_locl.h - -pfrom: pfrom.in - sed -e "s!%libexecdir%!$(libexecdir)!" $(srcdir)/pfrom.in > $@ - chmod +x $@ - -man_MANS = push.8 pfrom.1 - -CLEANFILES = pfrom - -EXTRA_DIST = pfrom.in $(man_MANS) - -LDADD = $(LIB_krb5) \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(LIB_roken) \ - $(LIB_hesiod) diff --git a/crypto/heimdal/appl/push/Makefile.in b/crypto/heimdal/appl/push/Makefile.in deleted file mode 100644 index 9178f7ba79ff..000000000000 --- a/crypto/heimdal/appl/push/Makefile.in +++ /dev/null @@ -1,915 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog -libexec_PROGRAMS = push$(EXEEXT) -subdir = appl/push -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(bindir)" \ - "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man8dir)" -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(libexec_PROGRAMS) -am_push_OBJECTS = push.$(OBJEXT) -push_OBJECTS = $(am_push_OBJECTS) -push_LDADD = $(LDADD) -am__DEPENDENCIES_1 = -push_DEPENDENCIES = $(LIB_krb5) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -binSCRIPT_INSTALL = $(INSTALL_SCRIPT) -SCRIPTS = $(bin_SCRIPTS) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(push_SOURCES) -DIST_SOURCES = $(push_SOURCES) -man1dir = $(mandir)/man1 -man8dir = $(mandir)/man8 -MANS = $(man_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) $(INCLUDE_hesiod) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -bin_SCRIPTS = pfrom -push_SOURCES = push.c push_locl.h -man_MANS = push.8 pfrom.1 -CLEANFILES = pfrom -EXTRA_DIST = pfrom.in $(man_MANS) -LDADD = $(LIB_krb5) \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(LIB_roken) \ - $(LIB_hesiod) - -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/push/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/push/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-libexecPROGRAMS: $(libexec_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-libexecPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done - -clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -push$(EXEEXT): $(push_OBJECTS) $(push_DEPENDENCIES) - @rm -f push$(EXEEXT) - $(LINK) $(push_OBJECTS) $(push_LDADD) $(LIBS) -install-binSCRIPTS: $(bin_SCRIPTS) - @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_SCRIPTS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - if test -f $$d$$p; then \ - f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \ - echo " $(binSCRIPT_INSTALL) '$$d$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(binSCRIPT_INSTALL) "$$d$$p" "$(DESTDIR)$(bindir)/$$f"; \ - else :; fi; \ - done - -uninstall-binSCRIPTS: - @$(NORMAL_UNINSTALL) - @list='$(bin_SCRIPTS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done -install-man8: $(man8_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(PROGRAMS) $(SCRIPTS) $(MANS) all-local -installdirs: - for dir in "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libexecPROGRAMS clean-libtool \ - mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-binSCRIPTS install-libexecPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man1 install-man8 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-binSCRIPTS uninstall-libexecPROGRAMS \ - uninstall-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man1 uninstall-man8 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-generic clean-libexecPROGRAMS clean-libtool ctags \ - dist-hook distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-binSCRIPTS \ - install-data install-data-am install-data-hook install-dvi \ - install-dvi-am install-exec install-exec-am install-exec-hook \ - install-html install-html-am install-info install-info-am \ - install-libexecPROGRAMS install-man install-man1 install-man8 \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ - pdf pdf-am ps ps-am tags uninstall uninstall-am \ - uninstall-binSCRIPTS uninstall-hook uninstall-libexecPROGRAMS \ - uninstall-man uninstall-man1 uninstall-man8 - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -pfrom: pfrom.in - sed -e "s!%libexecdir%!$(libexecdir)!" $(srcdir)/pfrom.in > $@ - chmod +x $@ -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/appl/push/pfrom.1 b/crypto/heimdal/appl/push/pfrom.1 deleted file mode 100644 index e8f15618edbc..000000000000 --- a/crypto/heimdal/appl/push/pfrom.1 +++ /dev/null @@ -1,55 +0,0 @@ -.\" Copyright (c) 2000 - 2002 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: pfrom.1 11648 2003-02-16 21:10:32Z lha $ -.\" -.Dd March 4, 2000 -.Dt PFROM 1 -.Os HEIMDAL -.Sh NAME -.Nm pfrom -.Nd "fetch a list of the current mail via POP" -.Sh SYNOPSIS -.Nm -.Op Fl 4 | Fl -krb4 -.Op Fl 5 | Fl -krb5 -.Op Fl v | Fl -verbose -.Op Fl c | -count -.Op Fl -header -.Oo Fl p Ar port-spec \*(Ba Xo -.Fl -port= Ns Ar port-spec -.Xc -.Oc -.Sh DESCRIPTION -.Nm -is a script that does push --from. -.Sh SEE ALSO -.Xr push 8 diff --git a/crypto/heimdal/appl/push/pfrom.in b/crypto/heimdal/appl/push/pfrom.in deleted file mode 100644 index 8af97ef19a04..000000000000 --- a/crypto/heimdal/appl/push/pfrom.in +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh -# $Id: pfrom.in 5248 1998-11-24 13:25:47Z assar $ -libexecdir=%libexecdir% -PATH=$libexecdir:$PATH -export PATH -push --from $* diff --git a/crypto/heimdal/appl/push/push.8 b/crypto/heimdal/appl/push/push.8 deleted file mode 100644 index 985545e547d1..000000000000 --- a/crypto/heimdal/appl/push/push.8 +++ /dev/null @@ -1,138 +0,0 @@ -.\" $Id: push.8 11176 2002-08-20 17:07:29Z joda $ -.\" -.Dd May 31, 1998 -.Dt PUSH 8 -.Os HEIMDAL -.Sh NAME -.Nm push -.Nd fetch mail via POP -.Sh SYNOPSIS -.Nm -.Op Fl 4 | Fl -krb4 -.Op Fl 5 | Fl -krb5 -.Op Fl v | Fl -verbose -.Op Fl f | Fl -fork -.Op Fl l | -leave -.Op Fl -from -.Op Fl c | -count -.Op Fl -headers Ns = Ns Ar headers -.Oo Fl p Ar port-spec \*(Ba Xo -.Fl -port Ns = Ns Ar port-spec -.Xc -.Oc -.Ar po-box -.Pa filename -.Sh DESCRIPTION -.Nm -retrieves mail from the post office box -.Ar po-box , -and stores the mail in mbox format in -.Pa filename . -The -.Ar po-box -can have any of the following formats: -.Bl -hang -compact -offset indent -.It Ql hostname:username -.It Ql po:hostname:username -.It Ql username@hostname -.It Ql po:username@hostname -.It Ql hostname -.It Ql po:username -.El -.Pp -If no username is specified, -.Nm -assumes that it's the same as on the local machine; -.Ar hostname -defaults to the value of the -.Ev MAILHOST -environment variable. -.Pp -Supported options: -.Bl -tag -width Ds -.It Xo -.Fl 4 , -.Fl -krb4 -.Xc -use Kerberos 4 (if compiled with support for Kerberos 4) -.It Xo -.Fl 5 , -.Fl -krb5 -.Xc -use Kerberos 5 (if compiled with support for Kerberos 5) -.It Xo -.Fl f , -.Fl -fork -.Xc -fork before starting to delete messages -.It Xo -.Fl l , -.Fl -leave -.Xc -don't delete fetched mail -.It Xo -.Fl -from -.Xc -behave like from. -.It Xo -.Fl c , -.Fl -count -.Xc -first print how many messages and bytes there are. -.It Xo -.Fl -headers Ns = Ns Ar headers -.Xc -a list of comma-separated headers that should get printed. -.It Xo -.Fl p Ar port-spec , -.Fl -port Ns = Ns Ar port-spec -.Xc -use this port instead of the default -.Ql kpop -or -.Ql 1109 . -.El -.Pp -The default is to first try Kerberos 5 authentication and then, if -that fails, Kerberos 4. -.Sh ENVIRONMENT -.Bl -tag -width Ds -.It Ev MAILHOST -points to the post office, if no other hostname is specified. -.El -.\".Sh FILES -.Sh EXAMPLES -.Bd -literal -offset indent -$ push cornfield:roosta ~/.emacs-mail-crash-box -.Ed -.Pp -tries to fetch mail for the user -.Ar roosta -from the post office at -.Dq cornfield , -and stores the mail in -.Pa ~/.emacs-mail-crash-box -(you are using Gnus, aren't you?) -.Bd -literal -offset indent -$ push --from -5 havregryn -.Ed -.Pp -tries to fetch -.Sy From: -lines for current user at post office -.Dq havregryn -using Kerberos 5. -.\".Sh DIAGNOSTICS -.Sh SEE ALSO -.Xr from 1 , -.Xr pfrom 1 , -.Xr movemail 8 , -.Xr popper 8 -.\".Sh STANDARDS -.Sh HISTORY -.Nm -was written while waiting for -.Nm movemail -to finish getting the mail. -.\".Sh AUTHORS -.\".Sh BUGS diff --git a/crypto/heimdal/appl/push/push.c b/crypto/heimdal/appl/push/push.c deleted file mode 100644 index 87a0be234722..000000000000 --- a/crypto/heimdal/appl/push/push.c +++ /dev/null @@ -1,844 +0,0 @@ -/* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "push_locl.h" -RCSID("$Id: push.c 14850 2005-04-19 18:00:17Z lha $"); - -#ifdef KRB4 -static int use_v4 = -1; -#endif - -#ifdef KRB5 -static int use_v5 = -1; -static krb5_context context; -#endif - -static char *port_str; -static int verbose_level; -static int do_fork; -static int do_leave; -static int do_version; -static int do_help; -static int do_from; -static int do_count; -static char *header_str; - -struct getargs args[] = { -#ifdef KRB4 - { "krb4", '4', arg_flag, &use_v4, "Use Kerberos V4", - NULL }, -#endif -#ifdef KRB5 - { "krb5", '5', arg_flag, &use_v5, "Use Kerberos V5", - NULL }, -#endif - { "verbose",'v', arg_counter, &verbose_level, "Verbose", - NULL }, - { "fork", 'f', arg_flag, &do_fork, "Fork deleting proc", - NULL }, - { "leave", 'l', arg_flag, &do_leave, "Leave mail on server", - NULL }, - { "port", 'p', arg_string, &port_str, "Use this port", - "number-or-service" }, - { "from", 0, arg_flag, &do_from, "Behave like from", - NULL }, - { "headers", 0, arg_string, &header_str, "Headers to print", NULL }, - { "count", 'c', arg_flag, &do_count, "Print number of messages", NULL}, - { "version", 0, arg_flag, &do_version, "Print version", - NULL }, - { "help", 0, arg_flag, &do_help, NULL, - NULL } - -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args) / sizeof(args[0]), - NULL, - "[[{po:username[@hostname] | hostname[:username]}] ...] " - "filename"); - exit (ret); -} - -static int -do_connect (const char *hostname, int port, int nodelay) -{ - struct addrinfo *ai, *a; - struct addrinfo hints; - int error; - int s = -1; - char portstr[NI_MAXSERV]; - - memset (&hints, 0, sizeof(hints)); - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = IPPROTO_TCP; - - snprintf (portstr, sizeof(portstr), "%u", ntohs(port)); - - error = getaddrinfo (hostname, portstr, &hints, &ai); - if (error) - errx (1, "getaddrinfo(%s): %s", hostname, gai_strerror(error)); - - for (a = ai; a != NULL; a = a->ai_next) { - s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (s < 0) - continue; - if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { - warn ("connect(%s)", hostname); - close (s); - continue; - } - break; - } - freeaddrinfo (ai); - if (a == NULL) { - warnx ("failed to contact %s", hostname); - return -1; - } - - if(setsockopt(s, IPPROTO_TCP, TCP_NODELAY, - (void *)&nodelay, sizeof(nodelay)) < 0) - err (1, "setsockopt TCP_NODELAY"); - return s; -} - -typedef enum { INIT = 0, GREET, USER, PASS, STAT, RETR, TOP, - DELE, XDELE, QUIT} pop_state; - -static char *pop_state_string[] = { - "INIT", "GREET", "USER", "PASS", "STAT", "RETR", "TOP", - "DELE", "XDELE", "QUIT" -}; - -#define PUSH_BUFSIZ 65536 - -#define STEP 16 - -struct write_state { - struct iovec *iovecs; - size_t niovecs, maxiovecs, allociovecs; - int fd; -}; - -static void -write_state_init (struct write_state *w, int fd) -{ -#ifdef UIO_MAXIOV - w->maxiovecs = UIO_MAXIOV; -#else - w->maxiovecs = 16; -#endif - w->allociovecs = min(STEP, w->maxiovecs); - w->niovecs = 0; - w->iovecs = emalloc(w->allociovecs * sizeof(*w->iovecs)); - w->fd = fd; -} - -static void -write_state_add (struct write_state *w, void *v, size_t len) -{ - if(w->niovecs == w->allociovecs) { - if(w->niovecs == w->maxiovecs) { - if(writev (w->fd, w->iovecs, w->niovecs) < 0) - err(1, "writev"); - w->niovecs = 0; - } else { - w->allociovecs = min(w->allociovecs + STEP, w->maxiovecs); - w->iovecs = erealloc (w->iovecs, - w->allociovecs * sizeof(*w->iovecs)); - } - } - w->iovecs[w->niovecs].iov_base = v; - w->iovecs[w->niovecs].iov_len = len; - ++w->niovecs; -} - -static void -write_state_flush (struct write_state *w) -{ - if (w->niovecs) { - if (writev (w->fd, w->iovecs, w->niovecs) < 0) - err (1, "writev"); - w->niovecs = 0; - } -} - -static void -write_state_destroy (struct write_state *w) -{ - free (w->iovecs); -} - -static int -doit(int s, - const char *host, - const char *user, - const char *outfilename, - const char *header_str, - int leavep, - int verbose, - int forkp) -{ - int ret; - char out_buf[PUSH_BUFSIZ]; - int out_len = 0; - char *in_buf; - size_t in_buf_size; - size_t in_len = 0; - char *in_ptr; - pop_state state = INIT; - unsigned count, bytes; - unsigned asked_for = 0, retrieved = 0, asked_deleted = 0, deleted = 0; - unsigned sent_xdele = 0; - int out_fd; - char from_line[128]; - size_t from_line_length; - time_t now; - struct write_state write_state; - int numheaders = 1; - char **headers = NULL; - int i; - char *tmp = NULL; - - in_buf = emalloc(PUSH_BUFSIZ + 1); - in_ptr = in_buf; - in_buf_size = PUSH_BUFSIZ; - - if (do_from) { - char *tmp2; - - tmp2 = tmp = estrdup(header_str); - - out_fd = -1; - if (verbose) - fprintf (stderr, "%s@%s\n", user, host); - while (*tmp != '\0') { - tmp = strchr(tmp, ','); - if (tmp == NULL) - break; - tmp++; - numheaders++; - } - - headers = emalloc(sizeof(char *) * (numheaders + 1)); - for (i = 0; i < numheaders; i++) { - headers[i] = strtok_r(tmp2, ",", &tmp2); - } - headers[numheaders] = NULL; - } else { - out_fd = open(outfilename, O_WRONLY | O_APPEND | O_CREAT, 0666); - if (out_fd < 0) - err (1, "open %s", outfilename); - if (verbose) - fprintf (stderr, "%s@%s -> %s\n", user, host, outfilename); - } - - now = time(NULL); - from_line_length = snprintf (from_line, sizeof(from_line), - "From %s %s", "push", ctime(&now)); - if (from_line_length < 0 || from_line_length > sizeof(from_line)) - errx (1, "snprintf failed"); - - out_len = snprintf (out_buf, sizeof(out_buf), - "USER %s\r\nPASS hej\r\nSTAT\r\n", - user); - if (out_len < 0 || out_len > sizeof(out_buf)) - errx (1, "snprintf failed"); - if (net_write (s, out_buf, out_len) != out_len) - err (1, "write"); - if (verbose > 1) - fprintf (stderr, "%s", out_buf); - - if (!do_from) - write_state_init (&write_state, out_fd); - - while(state != QUIT) { - fd_set readset, writeset; - - FD_ZERO(&readset); - FD_ZERO(&writeset); - if (s >= FD_SETSIZE) - errx (1, "fd too large"); - FD_SET(s,&readset); - - if (verbose > 1) - fprintf (stderr, "state: %s count: %d asked_for: %d " - "retrieved: %d asked_deleted: %d\n", - pop_state_string[state], - count, asked_for, retrieved, asked_deleted); - - if (((state == STAT || state == RETR || state == TOP) - && asked_for < count) - || (state == XDELE && !sent_xdele) - || (state == DELE && asked_deleted < count)) - FD_SET(s,&writeset); - ret = select (s + 1, &readset, &writeset, NULL, NULL); - if (ret < 0) { - if (errno == EAGAIN) - continue; - else - err (1, "select"); - } - - if (FD_ISSET(s, &readset)) { - char *beg, *p; - size_t rem; - int blank_line = 0; - - if(in_len >= in_buf_size) { - char *tmp = erealloc(in_buf, in_buf_size + PUSH_BUFSIZ + 1); - in_ptr = tmp + (in_ptr - in_buf); - in_buf = tmp; - in_buf_size += PUSH_BUFSIZ; - } - - ret = read (s, in_ptr, in_buf_size - in_len); - if (ret < 0) - err (1, "read"); - else if (ret == 0) - errx (1, "EOF during read"); - - in_len += ret; - in_ptr += ret; - *in_ptr = '\0'; - - beg = in_buf; - rem = in_len; - while(rem > 1 - && (p = strstr(beg, "\r\n")) != NULL) { - if (state == TOP) { - char *copy = beg; - - for (i = 0; i < numheaders; i++) { - size_t len; - - len = min(p - copy + 1, strlen(headers[i])); - if (strncasecmp(copy, headers[i], len) == 0) { - fprintf (stdout, "%.*s\n", (int)(p - copy), copy); - } - } - if (beg[0] == '.' && beg[1] == '\r' && beg[2] == '\n') { - if (numheaders > 1) - fprintf (stdout, "\n"); - state = STAT; - if (++retrieved == count) { - state = QUIT; - net_write (s, "QUIT\r\n", 6); - if (verbose > 1) - fprintf (stderr, "QUIT\r\n"); - } - } - rem -= p - beg + 2; - beg = p + 2; - } else if (state == RETR) { - char *copy = beg; - if (beg[0] == '.') { - if (beg[1] == '\r' && beg[2] == '\n') { - if(!blank_line) - write_state_add(&write_state, "\n", 1); - state = STAT; - rem -= p - beg + 2; - beg = p + 2; - if (++retrieved == count) { - write_state_flush (&write_state); - if (fsync (out_fd) < 0) - err (1, "fsync"); - close(out_fd); - if (leavep) { - state = QUIT; - net_write (s, "QUIT\r\n", 6); - if (verbose > 1) - fprintf (stderr, "QUIT\r\n"); - } else { - if (forkp) { - pid_t pid; - - pid = fork(); - if (pid < 0) - warn ("fork"); - else if(pid != 0) { - if(verbose) - fprintf (stderr, - "(exiting)"); - return 0; - } - } - - state = XDELE; - if (verbose) - fprintf (stderr, "deleting... "); - } - } - continue; - } else - ++copy; - } - *p = '\n'; - if(blank_line && - strncmp(copy, "From ", min(p - copy + 1, 5)) == 0) - write_state_add(&write_state, ">", 1); - write_state_add(&write_state, copy, p - copy + 1); - blank_line = (*copy == '\n'); - rem -= p - beg + 2; - beg = p + 2; - } else if (rem >= 3 && strncmp (beg, "+OK", 3) == 0) { - if (state == STAT) { - if (!do_from) - write_state_add(&write_state, - from_line, from_line_length); - blank_line = 0; - if (do_from) - state = TOP; - else - state = RETR; - } else if (state == XDELE) { - state = QUIT; - net_write (s, "QUIT\r\n", 6); - if (verbose > 1) - fprintf (stderr, "QUIT\r\n"); - break; - } else if (state == DELE) { - if (++deleted == count) { - state = QUIT; - net_write (s, "QUIT\r\n", 6); - if (verbose > 1) - fprintf (stderr, "QUIT\r\n"); - break; - } - } else if (++state == STAT) { - if(sscanf (beg + 4, "%u %u", &count, &bytes) != 2) - errx(1, "Bad STAT-line: %.*s", (int)(p - beg), beg); - if (verbose) { - fprintf (stderr, "%u message(s) (%u bytes). " - "fetching... ", - count, bytes); - if (do_from) - fprintf (stderr, "\n"); - } else if (do_count) { - fprintf (stderr, "%u message(s) (%u bytes).\n", - count, bytes); - } - if (count == 0) { - state = QUIT; - net_write (s, "QUIT\r\n", 6); - if (verbose > 1) - fprintf (stderr, "QUIT\r\n"); - break; - } - } - - rem -= p - beg + 2; - beg = p + 2; - } else { - if(state == XDELE) { - state = DELE; - rem -= p - beg + 2; - beg = p + 2; - } else - errx (1, "Bad response: %.*s", (int)(p - beg), beg); - } - } - if (!do_from) - write_state_flush (&write_state); - - memmove (in_buf, beg, rem); - in_len = rem; - in_ptr = in_buf + rem; - } - if (FD_ISSET(s, &writeset)) { - if ((state == STAT && !do_from) || state == RETR) - out_len = snprintf (out_buf, sizeof(out_buf), - "RETR %u\r\n", ++asked_for); - else if ((state == STAT && do_from) || state == TOP) - out_len = snprintf (out_buf, sizeof(out_buf), - "TOP %u 0\r\n", ++asked_for); - else if(state == XDELE) { - out_len = snprintf(out_buf, sizeof(out_buf), - "XDELE %u %u\r\n", 1, count); - sent_xdele++; - } - else if(state == DELE) - out_len = snprintf (out_buf, sizeof(out_buf), - "DELE %u\r\n", ++asked_deleted); - if (out_len < 0 || out_len > sizeof(out_buf)) - errx (1, "snprintf failed"); - if (net_write (s, out_buf, out_len) != out_len) - err (1, "write"); - if (verbose > 1) - fprintf (stderr, "%s", out_buf); - } - } - if (verbose) - fprintf (stderr, "Done\n"); - if (do_from) { - free (tmp); - free (headers); - } else { - write_state_destroy (&write_state); - } - return 0; -} - -#ifdef KRB5 -static int -do_v5 (const char *host, - int port, - const char *user, - const char *filename, - const char *header_str, - int leavep, - int verbose, - int forkp) -{ - krb5_error_code ret; - krb5_auth_context auth_context = NULL; - krb5_principal server; - int s; - - s = do_connect (host, port, 1); - if (s < 0) - return 1; - - ret = krb5_sname_to_principal (context, - host, - "pop", - KRB5_NT_SRV_HST, - &server); - if (ret) { - warnx ("krb5_sname_to_principal: %s", - krb5_get_err_text (context, ret)); - return 1; - } - - ret = krb5_sendauth (context, - &auth_context, - &s, - "KPOPV1.0", - NULL, - server, - 0, - NULL, - NULL, - NULL, - NULL, - NULL, - NULL); - krb5_free_principal (context, server); - if (ret) { - warnx ("krb5_sendauth: %s", - krb5_get_err_text (context, ret)); - return 1; - } - return doit (s, host, user, filename, header_str, leavep, verbose, forkp); -} -#endif - -#ifdef KRB4 -static int -do_v4 (const char *host, - int port, - const char *user, - const char *filename, - const char *header_str, - int leavep, - int verbose, - int forkp) -{ - KTEXT_ST ticket; - MSG_DAT msg_data; - CREDENTIALS cred; - des_key_schedule sched; - int s; - int ret; - - s = do_connect (host, port, 1); - if (s < 0) - return 1; - ret = krb_sendauth(0, - s, - &ticket, - "pop", - (char *)host, - krb_realmofhost(host), - getpid(), - &msg_data, - &cred, - sched, - NULL, - NULL, - "KPOPV0.1"); - if(ret) { - warnx("krb_sendauth: %s", krb_get_err_text(ret)); - return 1; - } - return doit (s, host, user, filename, header_str, leavep, verbose, forkp); -} -#endif /* KRB4 */ - -#ifdef HESIOD - -#ifdef HESIOD_INTERFACES - -static char * -hesiod_get_pobox (const char **user) -{ - void *context; - struct hesiod_postoffice *hpo; - char *ret = NULL; - - if(hesiod_init (&context) != 0) - err (1, "hesiod_init"); - - hpo = hesiod_getmailhost (context, *user); - if (hpo == NULL) { - warn ("hesiod_getmailhost %s", *user); - } else { - if (strcasecmp(hpo->hesiod_po_type, "pop") != 0) - errx (1, "Unsupported po type %s", hpo->hesiod_po_type); - - ret = estrdup(hpo->hesiod_po_host); - *user = estrdup(hpo->hesiod_po_name); - hesiod_free_postoffice (context, hpo); - } - hesiod_end (context); - return ret; -} - -#else /* !HESIOD_INTERFACES */ - -static char * -hesiod_get_pobox (const char **user) -{ - char *ret = NULL; - struct hes_postoffice *hpo; - - hpo = hes_getmailhost (*user); - if (hpo == NULL) { - warn ("hes_getmailhost %s", *user); - } else { - if (strcasecmp(hpo->po_type, "pop") != 0) - errx (1, "Unsupported po type %s", hpo->po_type); - - ret = estrdup(hpo->po_host); - *user = estrdup(hpo->po_name); - } - return ret; -} - -#endif /* HESIOD_INTERFACES */ - -#endif /* HESIOD */ - -static char * -get_pobox (const char **user) -{ - char *ret = NULL; - -#ifdef HESIOD - ret = hesiod_get_pobox (user); -#endif - - if (ret == NULL) - ret = getenv("MAILHOST"); - if (ret == NULL) - errx (1, "MAILHOST not set"); - return ret; -} - -static void -parse_pobox (char *a0, const char **host, const char **user) -{ - const char *h, *u; - char *p; - int po = 0; - - if (a0 == NULL) { - - *user = getenv ("USERNAME"); - if (*user == NULL) { - struct passwd *pwd = getpwuid (getuid ()); - - if (pwd == NULL) - errx (1, "Who are you?"); - *user = estrdup (pwd->pw_name); - } - *host = get_pobox (user); - return; - } - - /* if the specification starts with po:, remember this information */ - if(strncmp(a0, "po:", 3) == 0) { - a0 += 3; - po++; - } - /* if there is an `@', the hostname is after it, otherwise at the - beginning of the string */ - p = strchr(a0, '@'); - if(p != NULL) { - *p++ = '\0'; - h = p; - } else { - h = a0; - } - /* if there is a `:', the username comes before it, otherwise at - the beginning of the string */ - p = strchr(a0, ':'); - if(p != NULL) { - *p++ = '\0'; - u = p; - } else { - u = a0; - } - if(h == u) { - /* some inconsistent compatibility with various mailers */ - if(po) { - h = get_pobox (&u); - } else { - u = get_default_username (); - if (u == NULL) - errx (1, "Who are you?"); - } - } - *host = h; - *user = u; -} - -int -main(int argc, char **argv) -{ - int port = 0; - int optind = 0; - int ret = 1; - const char *host, *user, *filename = NULL; - char *pobox = NULL; - - setprogname (argv[0]); - -#ifdef KRB5 - { - krb5_error_code ret; - - ret = krb5_init_context (&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - } -#endif - - if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, - &optind)) - usage (1); - - argc -= optind; - argv += optind; - -#if defined(KRB4) && defined(KRB5) - if(use_v4 == -1 && use_v5 == 1) - use_v4 = 0; - if(use_v5 == -1 && use_v4 == 1) - use_v5 = 0; -#endif - - if (do_help) - usage (0); - - if (do_version) { - print_version(NULL); - return 0; - } - - if (do_from && header_str == NULL) - header_str = "From:"; - else if (header_str != NULL) - do_from = 1; - - if (do_from) { - if (argc == 0) - pobox = NULL; - else if (argc == 1) - pobox = argv[0]; - else - usage (1); - } else { - if (argc == 1) { - filename = argv[0]; - pobox = NULL; - } else if (argc == 2) { - filename = argv[1]; - pobox = argv[0]; - } else - usage (1); - } - - if (port_str) { - struct servent *s = roken_getservbyname (port_str, "tcp"); - - if (s) - port = s->s_port; - else { - char *ptr; - - port = strtol (port_str, &ptr, 10); - if (port == 0 && ptr == port_str) - errx (1, "Bad port `%s'", port_str); - port = htons(port); - } - } - if (port == 0) { -#ifdef KRB5 - port = krb5_getportbyname (context, "kpop", "tcp", 1109); -#elif defined(KRB4) - port = k_getportbyname ("kpop", "tcp", htons(1109)); -#else -#error must define KRB4 or KRB5 -#endif - } - - parse_pobox (pobox, &host, &user); - -#ifdef KRB5 - if (ret && use_v5) { - ret = do_v5 (host, port, user, filename, header_str, - do_leave, verbose_level, do_fork); - } -#endif - -#ifdef KRB4 - if (ret && use_v4) { - ret = do_v4 (host, port, user, filename, header_str, - do_leave, verbose_level, do_fork); - } -#endif /* KRB4 */ - return ret; -} diff --git a/crypto/heimdal/appl/push/push_locl.h b/crypto/heimdal/appl/push/push_locl.h deleted file mode 100644 index 0bcac64d805d..000000000000 --- a/crypto/heimdal/appl/push/push_locl.h +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: push_locl.h 7463 1999-12-02 16:58:55Z joda $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_ERRNO_H -#include -#endif -#include -#include -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SELECT_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_SYS_UIO_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif -#ifdef HAVE_NETINET_TCP_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_PWD_H -#include -#endif -#ifdef HESIOD -#include -#endif - -#include -#include -#include -#ifdef KRB5 -#include -#endif - -#ifdef KRB4 -#include -#endif diff --git a/crypto/heimdal/appl/rcp/ChangeLog b/crypto/heimdal/appl/rcp/ChangeLog deleted file mode 100644 index 6ae6a1db0fbc..000000000000 --- a/crypto/heimdal/appl/rcp/ChangeLog +++ /dev/null @@ -1,125 +0,0 @@ -2007-12-13 Love Hörnquist Åstrand - - * Makefile.am: Add missing files, from Buchan Milne. - -2006-10-20 Love Hörnquist Åstrand - - * Makefile.am: more files - -2006-08-08 Love Hörnquist Åstrand - - * util.c: Check return values from setuid, prompted by MIT - advisory. Thanks to Tom Yu at MIT, and Michael Calmer and Marcus - Meissner at SUSE. Either of CVE-2006-3083 or CVE-2006-3084. - - * rcp.c: Check return values from setuid, prompted by MIT - advisory. Thanks to Tom Yu at MIT, and Michael Calmer and Marcus - Meissner at SUSE. Either of CVE-2006-3083 or CVE-2006-3084. - - * rcp.c: Check return values from seteuid, prompted by MIT - advisory. Thanks to Tom Yu at MIT, and Michael Calmer and Marcus - Meissner at SUSE. Either of CVE-2006-3083 or CVE-2006-3084. - -2005-10-22 Love Hörnquist Åstrand - - * rcp.c: Check return value from asprintf instead of string != - NULL since it undefined behavior on Linux. From Björn Sandell - -2005-08-30 Love Hörnquist Åstrand - - * util.c: Explicit typecast to avoid signess warning. - -2005-05-29 Love Hörnquist Åstrand - - * rcp_locl.h: undef _PATH_RSH to make sure our version is used - -2005-05-11 David Love - - * rcp.c: MODEMASK is defined in sys/vnode.h on Solaris, so undef - it before we define our own. - -2005-04-27 Love Hörnquist Åstrand - - * rcp_locl.h: use BINDIR instead of "/usr/bin/ with _PATH_RSH - -2005-04-18 Love Hörnquist Åstrand - - * util.c: use unsigned char * to make sure its not negative when - passing it to is* functions - -2004-05-14 Johan Danielsson - - * rcp.c: add -e (passed to rsh) - -2003-04-16 Johan Danielsson - - * rcp.1: add a HISTORY section - - * rcp.1: brief manpage - - * rcp.c: add a -4 option - -2001-09-24 Johan Danielsson - - * rcp.c: more va_* fixing; from Thomas Klausner - -2001-09-08 Assar Westerlund - - * rcp.c (run_err): always match va_start and va_end - -2001-09-04 Assar Westerlund - - * util.c (allocbuf): do not leak memory on failure and zero - re-used memory, from Markus Friedl - -2001-07-19 Assar Westerlund - - * rcp.c (main): add missing setprogname - -2001-06-14 Assar Westerlund - - * rcp.c: add some const replace a few malloc/snprintf with - asprintf - * rcp.c (sizestr): remove and use snprintf to do this correctly - instead - -2001-04-21 Johan Danielsson - - * rcp.c: convert to use getarg - - * rcp.c: do a better job of supporting files larger than 2GB - -2001-02-07 Assar Westerlund - - * rcp.c: add -F for forwarding ticket, from Ake Sandgren - - -2001-01-29 Assar Westerlund - - * util.c (roundup): add fallback definition - - * rcp.c: remove non-STDC code - * rcp_locl.h: add sys/types.h and sys/wait.h - - * rcp.c: no calls to err with NULL - -2001-01-28 Assar Westerlund - - * rcp_locl.h: add - - * Makefile.am (LDADD): remove unused libraries - -2001-01-27 Assar Westerlund - - * util.c: replace vfork by fork - - * rcp.c: add RCSID S_ISTXT -> S_ISVTX printf sizes of files with - %lu instead of %q (which is not portable) - - * util.c: add RCSID do not use sig_t - * rcp.c: remove __P, use st_mtime et al from struct stat - * extern.h: remove __P - - * initial import of port of bsd rcp changed to use existing rsh, - contributed by Richard Nyberg - diff --git a/crypto/heimdal/appl/rcp/Makefile.am b/crypto/heimdal/appl/rcp/Makefile.am deleted file mode 100644 index 6b2295a3f657..000000000000 --- a/crypto/heimdal/appl/rcp/Makefile.am +++ /dev/null @@ -1,15 +0,0 @@ -# $Id: Makefile.am 22281 2007-12-13 20:35:52Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_krb4) - -bin_PROGRAMS = rcp - -rcp_SOURCES = rcp.c util.c rcp_locl.h extern.h - -man_MANS = rcp.1 - -EXTRA_DIST = $(man_MANS) - -LDADD = $(LIB_roken) diff --git a/crypto/heimdal/appl/rcp/Makefile.in b/crypto/heimdal/appl/rcp/Makefile.in deleted file mode 100644 index 2ee015181aa2..000000000000 --- a/crypto/heimdal/appl/rcp/Makefile.in +++ /dev/null @@ -1,829 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22281 2007-12-13 20:35:52Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog -bin_PROGRAMS = rcp$(EXEEXT) -subdir = appl/rcp -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(bin_PROGRAMS) -am_rcp_OBJECTS = rcp.$(OBJEXT) util.$(OBJEXT) -rcp_OBJECTS = $(am_rcp_OBJECTS) -rcp_LDADD = $(LDADD) -am__DEPENDENCIES_1 = -rcp_DEPENDENCIES = $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(rcp_SOURCES) -DIST_SOURCES = $(rcp_SOURCES) -man1dir = $(mandir)/man1 -MANS = $(man_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -rcp_SOURCES = rcp.c util.c rcp_locl.h extern.h -man_MANS = rcp.1 -EXTRA_DIST = $(man_MANS) -LDADD = $(LIB_roken) -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/rcp/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/rcp/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-binPROGRAMS: $(bin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-binPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done - -clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -rcp$(EXEEXT): $(rcp_OBJECTS) $(rcp_DEPENDENCIES) - @rm -f rcp$(EXEEXT) - $(LINK) $(rcp_OBJECTS) $(rcp_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(PROGRAMS) $(MANS) all-local -installdirs: - for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-binPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man1 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-binPROGRAMS uninstall-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man1 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-binPROGRAMS clean-generic clean-libtool ctags \ - dist-hook distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-binPROGRAMS \ - install-data install-data-am install-data-hook install-dvi \ - install-dvi-am install-exec install-exec-am install-exec-hook \ - install-html install-html-am install-info install-info-am \ - install-man install-man1 install-pdf install-pdf-am install-ps \ - install-ps-am install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \ - uninstall-am uninstall-binPROGRAMS uninstall-hook \ - uninstall-man uninstall-man1 - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/appl/rcp/extern.h b/crypto/heimdal/appl/rcp/extern.h deleted file mode 100644 index a98456d305e2..000000000000 --- a/crypto/heimdal/appl/rcp/extern.h +++ /dev/null @@ -1,51 +0,0 @@ -/*- - * Copyright (c) 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)extern.h 8.1 (Berkeley) 5/31/93 - * $FreeBSD$ - */ - -typedef struct { - int cnt; - char *buf; -} BUF; - -extern int iamremote; - -BUF *allocbuf (BUF *, int, int); -char *colon (char *); -void lostconn (int); -void nospace (void); -int okname (char *); -void run_err (const char *, ...); -int susystem (char *, int); -void verifydir (char *); diff --git a/crypto/heimdal/appl/rcp/rcp.1 b/crypto/heimdal/appl/rcp/rcp.1 deleted file mode 100644 index 920a4f7d134e..000000000000 --- a/crypto/heimdal/appl/rcp/rcp.1 +++ /dev/null @@ -1,67 +0,0 @@ -.\" $Id: rcp.1 12025 2003-04-16 12:20:43Z joda $ -.\" -.Dd April 16, 2003 -.Dt RCP 1 -.Os HEIMDAL -.Sh NAME -.Nm rcp -.Nd -copy file to and from remote machines -.Sh SYNOPSIS -.Nm rcp -.Op Fl 45FKpxz -.Op Fl P Ar port -.Ar file1 file2 -.Nm rcp -.Op Fl 45FKprxz -.Op Fl P Ar port -.Ar file... directory -.Sh DESCRIPTION -.Nm rcp -copies files between machines. Each file argument is either a remote file name of the form -.Dq rname@rhost:path -or a local file (containing no colon or with a slash before the first -colon). -.Pp -Supported options: -.Bl -tag -width Ds -.It Xo -.Fl 4 , -.Fl 5 , -.Fl K , -.Fl F , -.Fl x , -.Fl z -.Xc -These options are passed on to -.Xr rsh 1 . -.It Fl P Ar port -This will pass the option -.Fl p Ar port -to -.Xr rsh 1 . -.It Fl p -Preserve file permissions. -.It Fl r -Copy source directories recursively. -.El -.\".Sh ENVIRONMENT -.\".Sh FILES -.\".Sh EXAMPLES -.Sh DIAGNOSTICS -.Nm rcp -is implemented as a protocol on top of -.Xr rsh 1 , -and thus requires a working rsh. If you intend to use Kerberos -authentication, rsh needs to be Kerberos aware, else you may see more -or less strange errors, such as "login incorrect", or "lost -connection". -.\".Sh SEE ALSO -.\".Sh STANDARDS -.Sh HISTORY -The -.Nm rcp -utility first appeared in 4.2BSD. This version is derived from -4.3BSD-Reno. -.\".Sh AUTHORS -.\".Sh BUGS diff --git a/crypto/heimdal/appl/rcp/rcp.c b/crypto/heimdal/appl/rcp/rcp.c deleted file mode 100644 index 9a138c784604..000000000000 --- a/crypto/heimdal/appl/rcp/rcp.c +++ /dev/null @@ -1,802 +0,0 @@ -/* - * Copyright (c) 1983, 1990, 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "rcp_locl.h" -#include - -#define RSH_PROGRAM "rsh" - -struct passwd *pwd; -uid_t userid; -int errs, remin, remout; -int pflag, iamremote, iamrecursive, targetshouldbedirectory; -int doencrypt, noencrypt; -int usebroken, usekrb4, usekrb5, forwardtkt; -char *port; -int eflag = 0; - -#define CMDNEEDS 64 -char cmd[CMDNEEDS]; /* must hold "rcp -r -p -d\0" */ - -int response (void); -void rsource (char *, struct stat *); -void sink (int, char *[]); -void source (int, char *[]); -void tolocal (int, char *[]); -void toremote (char *, int, char *[]); - -int do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout); - -static int fflag, tflag; - -static int version_flag, help_flag; - -struct getargs args[] = { - { NULL, '4', arg_flag, &usekrb4, "use Kerberos 4 authentication" }, - { NULL, '5', arg_flag, &usekrb5, "use Kerberos 5 authentication" }, - { NULL, 'F', arg_flag, &forwardtkt, "forward credentials" }, - { NULL, 'K', arg_flag, &usebroken, "use BSD authentication" }, - { NULL, 'P', arg_string, &port, "non-default port", "port" }, - { NULL, 'p', arg_flag, &pflag, "preserve file permissions" }, - { NULL, 'r', arg_flag, &iamrecursive, "recursive mode" }, - { NULL, 'x', arg_flag, &doencrypt, "use encryption" }, - { NULL, 'z', arg_flag, &noencrypt, "don't encrypt" }, - { NULL, 'd', arg_flag, &targetshouldbedirectory }, - { NULL, 'e', arg_flag, &eflag, "passed to rsh" }, - { NULL, 'f', arg_flag, &fflag }, - { NULL, 't', arg_flag, &tflag }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args) / sizeof(args[0]), - NULL, - "file1 file2|file... directory"); - exit (ret); -} - -int -main(int argc, char **argv) -{ - char *targ; - int optind = 0; - - setprogname(argv[0]); - if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, - &optind)) - usage (1); - if(help_flag) - usage(0); - if (version_flag) { - print_version (NULL); - return 0; - } - - iamremote = (fflag || tflag); - - argc -= optind; - argv += optind; - - if ((pwd = getpwuid(userid = getuid())) == NULL) - errx(1, "unknown user %d", (int)userid); - - remin = STDIN_FILENO; /* XXX */ - remout = STDOUT_FILENO; - - if (fflag) { /* Follow "protocol", send data. */ - response(); - if (setuid(userid) < 0) - errx(1, "setuid failed"); - source(argc, argv); - exit(errs); - } - - if (tflag) { /* Receive data. */ - if (setuid(userid) < 0) - errx(1, "setuid failed"); - sink(argc, argv); - exit(errs); - } - - if (argc < 2) - usage(1); - if (argc > 2) - targetshouldbedirectory = 1; - - remin = remout = -1; - /* Command to be executed on remote system using "rsh". */ - snprintf(cmd, sizeof(cmd), - "rcp%s%s%s", iamrecursive ? " -r" : "", - pflag ? " -p" : "", targetshouldbedirectory ? " -d" : ""); - - signal(SIGPIPE, lostconn); - - if ((targ = colon(argv[argc - 1]))) /* Dest is remote host. */ - toremote(targ, argc, argv); - else { - tolocal(argc, argv); /* Dest is local host. */ - if (targetshouldbedirectory) - verifydir(argv[argc - 1]); - } - exit(errs); -} - -void -toremote(char *targ, int argc, char **argv) -{ - int i; - char *bp, *host, *src, *suser, *thost, *tuser; - - *targ++ = 0; - if (*targ == 0) - targ = "."; - - if ((thost = strchr(argv[argc - 1], '@'))) { - /* user@host */ - *thost++ = 0; - tuser = argv[argc - 1]; - if (*tuser == '\0') - tuser = NULL; - else if (!okname(tuser)) - exit(1); - } else { - thost = argv[argc - 1]; - tuser = NULL; - } - - for (i = 0; i < argc - 1; i++) { - src = colon(argv[i]); - if (src) { /* remote to remote */ - int ret; - *src++ = 0; - if (*src == 0) - src = "."; - host = strchr(argv[i], '@'); - if (host) { - *host++ = '\0'; - suser = argv[i]; - if (*suser == '\0') - suser = pwd->pw_name; - else if (!okname(suser)) - continue; - ret = asprintf(&bp, - "%s%s %s -l %s -n %s %s '%s%s%s:%s'", - _PATH_RSH, eflag ? " -e" : "", - host, suser, cmd, src, - tuser ? tuser : "", tuser ? "@" : "", - thost, targ); - } else { - ret = asprintf(&bp, - "exec %s%s %s -n %s %s '%s%s%s:%s'", - _PATH_RSH, eflag ? " -e" : "", - argv[i], cmd, src, - tuser ? tuser : "", tuser ? "@" : "", - thost, targ); - } - if (ret == -1) - err (1, "malloc"); - susystem(bp, userid); - free(bp); - } else { /* local to remote */ - if (remin == -1) { - if (asprintf(&bp, "%s -t %s", cmd, targ) == -1) - err (1, "malloc"); - host = thost; - - if (do_cmd(host, tuser, bp, &remin, &remout) < 0) - exit(1); - - if (response() < 0) - exit(1); - free(bp); - if (setuid(userid) < 0) - errx(1, "setuid failed"); - } - source(1, argv+i); - } - } -} - -void -tolocal(int argc, char **argv) -{ - int i; - char *bp, *host, *src, *suser; - - for (i = 0; i < argc - 1; i++) { - int ret; - - if (!(src = colon(argv[i]))) { /* Local to local. */ - ret = asprintf(&bp, "exec %s%s%s %s %s", _PATH_CP, - iamrecursive ? " -PR" : "", pflag ? " -p" : "", - argv[i], argv[argc - 1]); - if (ret == -1) - err (1, "malloc"); - if (susystem(bp, userid)) - ++errs; - free(bp); - continue; - } - *src++ = 0; - if (*src == 0) - src = "."; - if ((host = strchr(argv[i], '@')) == NULL) { - host = argv[i]; - suser = pwd->pw_name; - } else { - *host++ = 0; - suser = argv[i]; - if (*suser == '\0') - suser = pwd->pw_name; - else if (!okname(suser)) - continue; - } - ret = asprintf(&bp, "%s -f %s", cmd, src); - if (ret == -1) - err (1, "malloc"); - if (do_cmd(host, suser, bp, &remin, &remout) < 0) { - free(bp); - ++errs; - continue; - } - free(bp); - sink(1, argv + argc - 1); - if (seteuid(0) < 0) - exit(1); - close(remin); - remin = remout = -1; - } -} - -void -source(int argc, char **argv) -{ - struct stat stb; - static BUF buffer; - BUF *bp; - off_t i; - int amt, fd, haderr, indx, result; - char *last, *name, buf[BUFSIZ]; - - for (indx = 0; indx < argc; ++indx) { - name = argv[indx]; - if ((fd = open(name, O_RDONLY, 0)) < 0) - goto syserr; - if (fstat(fd, &stb)) { -syserr: run_err("%s: %s", name, strerror(errno)); - goto next; - } - switch (stb.st_mode & S_IFMT) { - case S_IFREG: - break; - case S_IFDIR: - if (iamrecursive) { - rsource(name, &stb); - goto next; - } - /* FALLTHROUGH */ - default: - run_err("%s: not a regular file", name); - goto next; - } - if ((last = strrchr(name, '/')) == NULL) - last = name; - else - ++last; - if (pflag) { - /* - * Make it compatible with possible future - * versions expecting microseconds. - */ - snprintf(buf, sizeof(buf), "T%ld 0 %ld 0\n", - (long)stb.st_mtime, - (long)stb.st_atime); - write(remout, buf, strlen(buf)); - if (response() < 0) - goto next; - } -#undef MODEMASK -#define MODEMASK (S_ISUID|S_ISGID|S_ISVTX|S_IRWXU|S_IRWXG|S_IRWXO) - snprintf(buf, sizeof(buf), "C%04o %lu %s\n", - stb.st_mode & MODEMASK, - (unsigned long)stb.st_size, - last); - write(remout, buf, strlen(buf)); - if (response() < 0) - goto next; - if ((bp = allocbuf(&buffer, fd, BUFSIZ)) == NULL) { -next: close(fd); - continue; - } - - /* Keep writing after an error so that we stay sync'd up. */ - for (haderr = i = 0; i < stb.st_size; i += bp->cnt) { - amt = bp->cnt; - if (i + amt > stb.st_size) - amt = stb.st_size - i; - if (!haderr) { - result = read(fd, bp->buf, amt); - if (result != amt) - haderr = result >= 0 ? EIO : errno; - } - if (haderr) - write(remout, bp->buf, amt); - else { - result = write(remout, bp->buf, amt); - if (result != amt) - haderr = result >= 0 ? EIO : errno; - } - } - if (close(fd) && !haderr) - haderr = errno; - if (!haderr) - write(remout, "", 1); - else - run_err("%s: %s", name, strerror(haderr)); - response(); - } -} - -void -rsource(char *name, struct stat *statp) -{ - DIR *dirp; - struct dirent *dp; - char *last, *vect[1], path[MAXPATHLEN]; - - if (!(dirp = opendir(name))) { - run_err("%s: %s", name, strerror(errno)); - return; - } - last = strrchr(name, '/'); - if (last == 0) - last = name; - else - last++; - if (pflag) { - snprintf(path, sizeof(path), "T%ld 0 %ld 0\n", - (long)statp->st_mtime, - (long)statp->st_atime); - write(remout, path, strlen(path)); - if (response() < 0) { - closedir(dirp); - return; - } - } - snprintf(path, sizeof(path), - "D%04o %d %s\n", statp->st_mode & MODEMASK, 0, last); - write(remout, path, strlen(path)); - if (response() < 0) { - closedir(dirp); - return; - } - while ((dp = readdir(dirp))) { - if (dp->d_ino == 0) - continue; - if (!strcmp(dp->d_name, ".") || !strcmp(dp->d_name, "..")) - continue; - if (strlen(name) + 1 + strlen(dp->d_name) >= MAXPATHLEN - 1) { - run_err("%s/%s: name too long", name, dp->d_name); - continue; - } - snprintf(path, sizeof(path), "%s/%s", name, dp->d_name); - vect[0] = path; - source(1, vect); - } - closedir(dirp); - write(remout, "E\n", 2); - response(); -} - -void -sink(int argc, char **argv) -{ - static BUF buffer; - struct stat stb; - struct timeval tv[2]; - enum { YES, NO, DISPLAYED } wrerr; - BUF *bp; - off_t i, j, size; - int amt, count, exists, first, mask, mode, ofd, omode; - int setimes, targisdir, wrerrno = 0; - char ch, *cp, *np, *targ, *why, *vect[1], buf[BUFSIZ]; - -#define atime tv[0] -#define mtime tv[1] -#define SCREWUP(str) { why = str; goto screwup; } - - setimes = targisdir = 0; - mask = umask(0); - if (!pflag) - umask(mask); - if (argc != 1) { - run_err("ambiguous target"); - exit(1); - } - targ = *argv; - if (targetshouldbedirectory) - verifydir(targ); - write(remout, "", 1); - if (stat(targ, &stb) == 0 && S_ISDIR(stb.st_mode)) - targisdir = 1; - for (first = 1;; first = 0) { - cp = buf; - if (read(remin, cp, 1) <= 0) - return; - if (*cp++ == '\n') - SCREWUP("unexpected "); - do { - if (read(remin, &ch, sizeof(ch)) != sizeof(ch)) - SCREWUP("lost connection"); - *cp++ = ch; - } while (cp < &buf[BUFSIZ - 1] && ch != '\n'); - *cp = 0; - - if (buf[0] == '\01' || buf[0] == '\02') { - if (iamremote == 0) - write(STDERR_FILENO, - buf + 1, strlen(buf + 1)); - if (buf[0] == '\02') - exit(1); - ++errs; - continue; - } - if (buf[0] == 'E') { - write(remout, "", 1); - return; - } - - if (ch == '\n') - *--cp = 0; - - cp = buf; - if (*cp == 'T') { - setimes++; - cp++; - mtime.tv_sec = strtol(cp, &cp, 10); - if (!cp || *cp++ != ' ') - SCREWUP("mtime.sec not delimited"); - mtime.tv_usec = strtol(cp, &cp, 10); - if (!cp || *cp++ != ' ') - SCREWUP("mtime.usec not delimited"); - atime.tv_sec = strtol(cp, &cp, 10); - if (!cp || *cp++ != ' ') - SCREWUP("atime.sec not delimited"); - atime.tv_usec = strtol(cp, &cp, 10); - if (!cp || *cp++ != '\0') - SCREWUP("atime.usec not delimited"); - write(remout, "", 1); - continue; - } - if (*cp != 'C' && *cp != 'D') { - /* - * Check for the case "rcp remote:foo\* local:bar". - * In this case, the line "No match." can be returned - * by the shell before the rcp command on the remote is - * executed so the ^Aerror_message convention isn't - * followed. - */ - if (first) { - run_err("%s", cp); - exit(1); - } - SCREWUP("expected control record"); - } - mode = 0; - for (++cp; cp < buf + 5; cp++) { - if (*cp < '0' || *cp > '7') - SCREWUP("bad mode"); - mode = (mode << 3) | (*cp - '0'); - } - if (*cp++ != ' ') - SCREWUP("mode not delimited"); - - for (size = 0; isdigit((unsigned char)*cp);) - size = size * 10 + (*cp++ - '0'); - if (*cp++ != ' ') - SCREWUP("size not delimited"); - if (targisdir) { - static char *namebuf; - static int cursize; - size_t need; - - need = strlen(targ) + strlen(cp) + 250; - if (need > cursize) { - if (!(namebuf = malloc(need))) - run_err("%s", strerror(errno)); - } - snprintf(namebuf, need, "%s%s%s", targ, - *targ ? "/" : "", cp); - np = namebuf; - } else - np = targ; - exists = stat(np, &stb) == 0; - if (buf[0] == 'D') { - int mod_flag = pflag; - if (exists) { - if (!S_ISDIR(stb.st_mode)) { - errno = ENOTDIR; - goto bad; - } - if (pflag) - chmod(np, mode); - } else { - /* Handle copying from a read-only directory */ - mod_flag = 1; - if (mkdir(np, mode | S_IRWXU) < 0) - goto bad; - } - vect[0] = np; - sink(1, vect); - if (setimes) { - setimes = 0; - if (utimes(np, tv) < 0) - run_err("%s: set times: %s", - np, strerror(errno)); - } - if (mod_flag) - chmod(np, mode); - continue; - } - omode = mode; - mode |= S_IWRITE; - if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) < 0) { -bad: run_err("%s: %s", np, strerror(errno)); - continue; - } - write(remout, "", 1); - if ((bp = allocbuf(&buffer, ofd, BUFSIZ)) == NULL) { - close(ofd); - continue; - } - cp = bp->buf; - wrerr = NO; - for (count = i = 0; i < size; i += BUFSIZ) { - amt = BUFSIZ; - if (i + amt > size) - amt = size - i; - count += amt; - if((j = net_read(remin, cp, amt)) != amt) { - run_err("%s", j ? strerror(errno) : - "dropped connection"); - exit(1); - } - amt -= j; - cp += j; - if (count == bp->cnt) { - /* Keep reading so we stay sync'd up. */ - if (wrerr == NO) { - j = write(ofd, bp->buf, count); - if (j != count) { - wrerr = YES; - wrerrno = j >= 0 ? EIO : errno; - } - } - count = 0; - cp = bp->buf; - } - } - if (count != 0 && wrerr == NO && - (j = write(ofd, bp->buf, count)) != count) { - wrerr = YES; - wrerrno = j >= 0 ? EIO : errno; - } - if (ftruncate(ofd, size)) { - run_err("%s: truncate: %s", np, strerror(errno)); - wrerr = DISPLAYED; - } - if (pflag) { - if (exists || omode != mode) - if (fchmod(ofd, omode)) - run_err("%s: set mode: %s", - np, strerror(errno)); - } else { - if (!exists && omode != mode) - if (fchmod(ofd, omode & ~mask)) - run_err("%s: set mode: %s", - np, strerror(errno)); - } - close(ofd); - response(); - if (setimes && wrerr == NO) { - setimes = 0; - if (utimes(np, tv) < 0) { - run_err("%s: set times: %s", - np, strerror(errno)); - wrerr = DISPLAYED; - } - } - switch(wrerr) { - case YES: - run_err("%s: %s", np, strerror(wrerrno)); - break; - case NO: - write(remout, "", 1); - break; - case DISPLAYED: - break; - } - } -screwup: - run_err("protocol error: %s", why); - exit(1); -} - -int -response(void) -{ - char ch, *cp, resp, rbuf[BUFSIZ]; - - if (read(remin, &resp, sizeof(resp)) != sizeof(resp)) - lostconn(0); - - cp = rbuf; - switch(resp) { - case 0: /* ok */ - return (0); - default: - *cp++ = resp; - /* FALLTHROUGH */ - case 1: /* error, followed by error msg */ - case 2: /* fatal error, "" */ - do { - if (read(remin, &ch, sizeof(ch)) != sizeof(ch)) - lostconn(0); - *cp++ = ch; - } while (cp < &rbuf[BUFSIZ] && ch != '\n'); - - if (!iamremote) - write(STDERR_FILENO, rbuf, cp - rbuf); - ++errs; - if (resp == 1) - return (-1); - exit(1); - } - /* NOTREACHED */ -} - -#include - -void -run_err(const char *fmt, ...) -{ - static FILE *fp; - va_list ap; - - ++errs; - if (fp == NULL && !(fp = fdopen(remout, "w"))) - return; - va_start(ap, fmt); - fprintf(fp, "%c", 0x01); - fprintf(fp, "rcp: "); - vfprintf(fp, fmt, ap); - fprintf(fp, "\n"); - fflush(fp); - va_end(ap); - - if (!iamremote) { - va_start(ap, fmt); - vwarnx(fmt, ap); - va_end(ap); - } -} - -/* - * This function executes the given command as the specified user on the - * given host. This returns < 0 if execution fails, and >= 0 otherwise. This - * assigns the input and output file descriptors on success. - * - * If it cannot create necessary pipes it exits with error message. - */ - -int -do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout) -{ - int pin[2], pout[2], reserved[2]; - - /* - * Reserve two descriptors so that the real pipes won't get - * descriptors 0 and 1 because that will screw up dup2 below. - */ - pipe(reserved); - - /* Create a socket pair for communicating with rsh. */ - if (pipe(pin) < 0) { - perror("pipe"); - exit(255); - } - if (pipe(pout) < 0) { - perror("pipe"); - exit(255); - } - - /* Free the reserved descriptors. */ - close(reserved[0]); - close(reserved[1]); - - /* For a child to execute the command on the remote host using rsh. */ - if (fork() == 0) { - char *args[100]; - unsigned int i; - - /* Child. */ - close(pin[1]); - close(pout[0]); - dup2(pin[0], 0); - dup2(pout[1], 1); - close(pin[0]); - close(pout[1]); - - i = 0; - args[i++] = RSH_PROGRAM; - if (usekrb4) - args[i++] = "-4"; - if (usekrb5) - args[i++] = "-5"; - if (usebroken) - args[i++] = "-K"; - if (doencrypt) - args[i++] = "-x"; - if (forwardtkt) - args[i++] = "-F"; - if (noencrypt) - args[i++] = "-z"; - if (port != NULL) { - args[i++] = "-p"; - args[i++] = port; - } - if (eflag) - args[i++] = "-e"; - if (remuser != NULL) { - args[i++] = "-l"; - args[i++] = remuser; - } - args[i++] = host; - args[i++] = cmd; - args[i++] = NULL; - - execvp(RSH_PROGRAM, args); - perror(RSH_PROGRAM); - exit(1); - } - /* Parent. Close the other side, and return the local side. */ - close(pin[0]); - *fdout = pin[1]; - close(pout[1]); - *fdin = pout[0]; - return 0; -} diff --git a/crypto/heimdal/appl/rcp/rcp_locl.h b/crypto/heimdal/appl/rcp/rcp_locl.h deleted file mode 100644 index 4dc6d5f8eb74..000000000000 --- a/crypto/heimdal/appl/rcp/rcp_locl.h +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright (c) 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: rcp_locl.h 15285 2005-05-29 18:24:43Z lha $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include - -#include "extern.h" - -#ifndef _PATH_CP -#define _PATH_CP "/bin/cp" -#endif -#undef _PATH_RSH -#define _PATH_RSH BINDIR "/rsh" diff --git a/crypto/heimdal/appl/rcp/util.c b/crypto/heimdal/appl/rcp/util.c deleted file mode 100644 index fe9e899ffc89..000000000000 --- a/crypto/heimdal/appl/rcp/util.c +++ /dev/null @@ -1,172 +0,0 @@ -/*- - * Copyright (c) 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if 0 -#ifndef lint -#if 0 -static char sccsid[] = "@(#)util.c 8.2 (Berkeley) 4/2/94"; -#endif -static const char rcsid[] = - "$FreeBSD$"; -#endif /* not lint */ -#endif - -#include "rcp_locl.h" - -RCSID("$Id: util.c 17878 2006-08-08 21:43:58Z lha $"); - -char * -colon(cp) - char *cp; -{ - if (*cp == ':') /* Leading colon is part of file name. */ - return (0); - - for (; *cp; ++cp) { - if (*cp == ':') - return (cp); - if (*cp == '/') - return (0); - } - return (0); -} - -void -verifydir(cp) - char *cp; -{ - struct stat stb; - - if (!stat(cp, &stb)) { - if (S_ISDIR(stb.st_mode)) - return; - errno = ENOTDIR; - } - run_err("%s: %s", cp, strerror(errno)); - exit(1); -} - -int -okname(cp0) - char *cp0; -{ - int c; - unsigned char *cp; - - cp = (unsigned char *)cp0; - do { - c = *cp; - if (c & 0200) - goto bad; - if (!isalpha(c) && !isdigit(c) && c != '_' && c != '-') - goto bad; - } while (*++cp); - return (1); - -bad: warnx("%s: invalid user name", cp0); - return (0); -} - -int -susystem(s, userid) - int userid; - char *s; -{ - void (*istat)(int), (*qstat)(int); - int status; - pid_t pid; - - pid = fork(); - switch (pid) { - case -1: - return (127); - - case 0: - if (setuid(userid) < 0) - _exit(127); - execl(_PATH_BSHELL, "sh", "-c", s, NULL); - _exit(127); - } - istat = signal(SIGINT, SIG_IGN); - qstat = signal(SIGQUIT, SIG_IGN); - if (waitpid(pid, &status, 0) < 0) - status = -1; - (void)signal(SIGINT, istat); - (void)signal(SIGQUIT, qstat); - return (status); -} - -#ifndef roundup -#define roundup(x, y) ((((x)+((y)-1))/(y))*(y)) -#endif - -BUF * -allocbuf(bp, fd, blksize) - BUF *bp; - int fd, blksize; -{ - struct stat stb; - size_t size; - char *p; - - if (fstat(fd, &stb) < 0) { - run_err("fstat: %s", strerror(errno)); - return (0); - } - size = roundup(stb.st_blksize, blksize); - if (size == 0) - size = blksize; - if (bp->cnt >= size) - return (bp); - if ((p = realloc(bp->buf, size)) == NULL) { - if (bp->buf) - free(bp->buf); - bp->buf = NULL; - bp->cnt = 0; - run_err("%s", strerror(errno)); - return (0); - } - memset(p, 0, size); - bp->buf = p; - bp->cnt = size; - return (bp); -} - -void -lostconn(signo) - int signo; -{ - if (!iamremote) - warnx("lost connection"); - exit(1); -} diff --git a/crypto/heimdal/appl/rsh/ChangeLog b/crypto/heimdal/appl/rsh/ChangeLog deleted file mode 100644 index e78ff25a8aeb..000000000000 --- a/crypto/heimdal/appl/rsh/ChangeLog +++ /dev/null @@ -1,549 +0,0 @@ -2007-07-12 Love Hörnquist Åstrand - - * rsh.c: Fix pointer vs strict alias rules. - - * rshd.c: Fix pointer vs strict alias rules. - -2007-01-04 Love Hörnquist Åstrand - - * rshd.c: Declare iruserok if needed, based on bug report from - David Love. - -2006-11-14 Love Hörnquist Åstrand - - * rsh_locl.h: Forward decl. - -2006-10-14 Love Hörnquist Åstrand - - * rsh_locl.h: Include "crypto-headers.h". - -2006-10-07 Love Hörnquist Åstrand - - * Makefile.am: Add man_MANS to EXTRA_DIST - -2006-04-27 Love Hörnquist Åstrand - - * Makefile.am: rshd_SOURCES += add limits_conf.c - - * rsh_locl.h: Include "loginpaths.h" - - * rshd.c: Read limits from limits.confon non-root login, patch - from Daniel Ahlin - -2006-02-27 Johan Danielsson - - * rshd.8: grammar (from Thomas Klausner) - -2006-01-31 Johan Danielsson - - * rshd.c (krb5_start_session): syslog failures to store cred cache - -2005-12-21 Love Hörnquist Åstrand - - * rshd.c (doit): move creation of users ticket file to later to - avoid seteuid/setuid dance. this breaks DCE, so remove support for - it completely. - -2005-10-22 Love Hörnquist Åstrand - - * rshd.c: Check return value from asprintf instead of string != - NULL since it undefined behavior on Linux. From Björn Sandell - - * rsh.c: Check return value from asprintf instead of string != - NULL since it undefined behavior on Linux. From Björn Sandell - -2005-06-08 Love Hörnquist Åstrand - - * rshd.c: init some important variables and check that they are - set checking authentication, all to please gcc - -2005-05-27 Love Hörnquist Åstrand - - * rshd.c: case uid_t to unsigned long in printf format - -2005-04-27 Love Hörnquist Åstrand - - * rsh_locl.h: Use larger buffer for recving data to be compatible - with older versions of heimdal (0.4 branch specificly) - - * rshd.c: Use larger buffer for recving data to be compatible with - older versions of heimdal (0.4 branch specificly) - -2005-04-25 Love Hörnquist Åstrand - - * rshd.c: use snprintf to format tkfile - -2005-04-24 Love Hörnquist Åstrand - - * rsh.c: use strlcat - - * rsh.c: use strlcpy - - * rsh_locl.h: forward declaration for private structures - -2005-04-20 Love Hörnquist Åstrand - - * rsh.c: cast size_t to unsigned long - -2004-09-21 Johan Danielsson - - * rshd.c: rename loop to rshd_loop - - * rshd.c: pass errsock status to init_ivecs - - * rsh.c: rename loop() to rsh_loop() - - * rsh.c (loop): pass errsock status to init_ivecs - - * common.c (init_ivecs): if we don't have an errsock the ivecs - should point to the same data - - * rshd.c: if we don't have an errsock, dup stdout to stderr (this - would normally be done by inetd, but not by mini_inetd). - - * rshd.c: move keepalive setting to after setting up sockets - -2004-02-20 Johan Danielsson - - * rsh.1: reorder and document some options - - * rsh_locl.h: include kafs.h if krb4 || krb5 - - * rsh.c: reorder some options - -2003-09-04 Johan Danielsson - - * rsh.1: document -d - -2003-08-19 Johan Danielsson - - * rshd.c: -P also with KRB5 - -2003-04-22 Love Hörnquist Åstrand - - * rsh.1: replace > with \*[Gt] - -2003-04-16 Johan Danielsson - - * rsh.c: use krb5_appdefault to get defaults for forward and - encrypt - - * rshd.c: use ARG_MAX + 1 - - * rshd.c (read_str): return allocated string - - * rsh_locl.h: set NCARGS to 8k if undefined - -2003-03-23 Assar Westerlund - - * rsh.c (loop): only check errsock if it's valid - -2003-03-18 Love Love Hörnquist Åstrand - - * rshd.c: do krb5_afslog when compling with afs support - - * rsh_locl.h: always include kafs.h - -2002-11-22 Johan Danielsson - - * rshd.8: clarify -x and kerberos 5 - -2002-11-01 Johan Danielsson - - * rsh_locl.h: bump COMMAND_SZ to NCARGS+1 - -2002-09-04 Johan Danielsson - - * rsh.c: free some memory - -2002-09-04 Assar Westerlund - - * common.c: krb5_crypto_block_size -> krb5_crypto_getblocksize - -2002-09-04 Johan Danielsson - - * rsh.1: document -P - -2002-09-03 Johan Danielsson - - * rsh.c: revert to protocol v1 if not asked for specific protocol - - * rshd.c: handle protocol version 2 - - * rsh.c: handle protocol version 2 - - * common.c: handle protocol version 2 - - * rsh_locl.h: handle protocol version 2 - -2002-02-18 Johan Danielsson - - * rshd.c: don't show options that doesn't apply - - * rsh.c: don't show options that doesn't apply - - * rsh_locl.h: if we're not building with any kerberos support, - just call read/write directly - - * common.c: if we're not building with any kerberos support, just - call read/write directly - - * rshd.c: make this build without krb5; also use the addrinfo - interface to mini_inetd, and set the keepalive option if requested - - * rsh.c: make this build without krb5 - - * rsh_locl.h: make this build without krb5 - - * common.c: make this build without krb5 - -2001-11-30 Johan Danielsson - - * rshd.c: make the syslog messages somewhat more informative - -2001-08-15 Johan Danielsson - - * rsh.c: only complain about encryption flag when old - authentication is requested - -2001-08-07 Johan Danielsson - - * rsh.c: don't try broken auth if rresvport failed; try to give - some more informative error messages - -2001-07-31 Johan Danielsson - - * rshd.8: add an EXAMPLE - * rshd.8: manual page - * rshd.c: add some compat flags - * rsh.1: manual page - * rsh.c: iff -d, set the SO_DEBUG flags of the stdout and stderr - socket; implement parsing user@host - -2001-07-19 Assar Westerlund - - * rshd.c (fatal): use vsnprintf correctly - -2001-02-07 Assar Westerlund - - * Makefile.am: add login_access - * rshd.c (login_access): add prototype - (syslog_and_die, fatal): add printf attributes - (*): AIX -> _AIX - (doit): use login_access - based on patches from Ake Sandgren - -2001-01-09 Assar Westerlund - - * rshd.c (save_krb5_creds): use krb5_rd_cred2 instead of - krb5_rd_cred - -2000-12-31 Assar Westerlund - - * rshd.c (main): handle krb5_init_context failure consistently - * rsh.c (main): handle krb5_init_context failure consistently - -2000-12-05 Johan Danielsson - - * rshd.c: require encryption if passed -x - -2000-11-15 Assar Westerlund - - * rshd.c (loop): check that the fd's aren't too large to select on - * rsh.c (loop, proto): check that the fd's aren't too large to - select on - -2000-08-10 Assar Westerlund - - * rsh.c: move code to do config/command parsing correctly. - -2000-08-09 Assar Westerlund - - * rsh.c (main): only fetch stuff from krb5.conf when no option has - been given - -2000-08-01 Assar Westerlund - - * rsh.c (doit): loop until we create an error socket of an - supported socket family - -2000-07-02 Assar Westerlund - - * rshd.c: DCE stuff from Ake Sandgren - do not call syslog with a variable as format string - - * rsh_locl.h (_PATH_ETC_ENVIRONMENT): add - -2000-06-09 Assar Westerlund - - * rsh.c (main): work-around for setuid and capabilities bug fixed - in Linux 2.2.16 - -2000-06-06 Johan Danielsson - - * rsh.c: nuke long option from -z - - * rsh.c: don't try to encrypt if auth is broken (Daniel Kouril) - -2000-06-03 Assar Westerlund - - * rshd.c (doit): check return value of getspnam. From - - -2000-05-23 Assar Westerlund - - * rsh.c (proto): select on the normal socket when waiting for the - daemon to connect back to the stderr port, so that we discover - when data arrives there before. when that happens, we assume that - the daemon did not manage to connect (because of NAT/whatever) and - continue as if `-e' was given - * rshd.c (doit): if we fail to connect back to the stderr port, - act as if `-e' was given on the client side, i.e. without the - special TCP-connection. This tries to make things better when - running the head against a NAT wall, for example. - -2000-02-07 Assar Westerlund - - * Makefile.am (LDADD): make sure we use the heimdal libdes - -2000-02-06 Assar Westerlund - - * *: conditionalize des stuff on KRB4 - -1999-12-16 Assar Westerlund - - * rsh.c (doit): addrinfo returned from getaddrinfo() is not usable - directly as hints. copy it and set AI_PASSIVE. - -1999-11-20 Assar Westerlund - - * rsh.c (main): remember to close the priviledged sockets before - calling rlogin - -1999-11-02 Assar Westerlund - - * rsh.c (main): redo the v4/v5 selection for consistency. -4 -> - try only v4 -5 -> try only v5 none, -45 -> try v5, v4 - -1999-10-26 Assar Westerlund - - * rshd.c (main): ignore SIGPIPE - - * common.c (do_read): the encoded length can be longer than the - buffer being used, allocate memory for it dynamically. From Brian - A May - -1999-10-14 Assar Westerlund - - * rsh.c (proto): be more careful and don't print errno when read() - returns 0 - -1999-09-20 Assar Westerlund - - * rshd.c (recv_krb4_auth): set `iv' - -1999-08-16 Assar Westerlund - - * common.c (do_read): be careful with the return value from - krb5_net_read - -1999-08-05 Assar Westerlund - - * rsh.c: call freehostent - - * rsh.c: remove some dead code - -1999-08-04 Assar Westerlund - - * rshd.c: re-write the handling of forwarded credentials and - stuff. From Miroslav Ruda - - * rsh_locl.h: always include kafs.h - - * rsh.c: add `-z' and `-G' options - - * rsh.c (loop): shutdown one side of the TCP connection on EOF. - From Brian A May - - * common.c (do_read): handle EOF. From Brian A May - - -1999-08-01 Assar Westerlund - - * rsh.c: const fixes - -1999-07-29 Assar Westerlund - - * rshd.c: v6-ify - - * rsh.c: v6-ify - -1999-07-28 Assar Westerlund - - * rsh_locl.h: move around kafs.h - -1999-07-24 Assar Westerlund - - * rsh_locl.h: - - * rsh.c, rshd.c: improve forwarding and implement unique ccache on - server. From Miroslav Ruda - -1999-07-03 Assar Westerlund - - * rsh.c (construct_command): handle argc == 0 for generality - -1999-06-23 Assar Westerlund - - * rsh.c: new option `-e' for not trying to open an stderr socket - -1999-06-17 Assar Westerlund - - * rsh_locl.h (RSH_BUFSIZ): bump to 16 * 1024 to be sure that we - don't leave any data inside des_enc_read. (that constant should - really be exported in some way...) - -1999-06-15 Assar Westerlund - - * rsh.c: use get_default_username and resulting const pollution - -1999-05-21 Assar Westerlund - - * rsh.c (main): try $USERNAME - -1999-05-14 Assar Westerlund - - * rshd.c (doit): afslog correctly - -1999-05-11 Assar Westerlund - - * rsh.c (main): add fallback to rlogin - -1999-05-10 Assar Westerlund - - * rsh.c (send_krb5_auth): call krb5_sendauth with ccache == NULL. - check return value from krb5_crypto_init - - * common.c (do_write, do_read): always return -1 for failure - (net_write, net_read): remove. they already exist in libroken - -1999-05-09 Assar Westerlund - - * rsh.c: make sure it tries with all other authentication methods - after one has failed - * rsh.c (main): detect the case of no command given. - -1999-04-11 Assar Westerlund - - * rsh.c: new option --forwardable. use print_version - -Sat Apr 10 17:10:55 1999 Assar Westerlund - - * rshd.c (setup_copier): use `socketpair' instead of `pipe'. Some - shells don't think it's a rsh session if they find a pipe at the - other end. - (setup_environment): add SSH_CLIENT just to make bash happy - - * common.c (do_read): use krb5_get_wrapped_length - -Wed Mar 24 03:59:42 1999 Assar Westerlund - - * rsh.c (loop): more braces to make gcc happy - -Tue Mar 23 17:08:32 1999 Johan Danielsson - - * rsh_locl.h: kafs.h - - * rshd.c: add `-P', `-v', and `-L' flags - -Thu Mar 18 11:37:24 1999 Johan Danielsson - - * Makefile.am: include Makefile.am.common - -Tue Dec 1 14:44:44 1998 Johan Danielsson - - * appl/rsh/rshd.c: update to new crypto framework - - * appl/rsh/rsh_locl.h: update to new crypto framework - - * appl/rsh/rsh.c: update to new crypto framework - - * appl/rsh/common.c: update to new crypto framework - -Mon Nov 2 01:15:06 1998 Assar Westerlund - - * appl/rsh/rsh.c (main): initialize host - - * appl/rsh/rshd.c (recv_krb5_auth): disable `do_encrypt' if not - encrypting. - -Thu Jul 30 23:12:17 1998 Assar Westerlund - - * appl/rsh/rsh.c: kludges for parsing `rsh hostname -l user' - -Thu Jul 23 19:49:03 1998 Johan Danielsson - - * appl/rsh/rshd.c: use krb5_verify_authenticator_checksum - -Sat Apr 18 21:13:06 1998 Johan Danielsson - - * appl/rsh/rsh.c: Don't try v5 if (only) `-4' is specified. - -Sun Dec 21 09:44:05 1997 Assar Westerlund - - * appl/rsh/rshd.c (recv_krb5_auth): swap the order of the - `local_user' and the `remote_user' - - * appl/rsh/rsh.c (send_krb5_auth): swap the order of the - `local_user' and the `remote_user' - -Sat Nov 29 07:10:11 1997 Assar Westerlund - - * appl/rsh/rshd.c: updated to use getarg. - changed `struct fd_set' to `fd_set'. - implemented broken/BSD authentication (requires iruserok) - -Wed Nov 12 02:35:57 1997 Assar Westerlund - - * appl/rsh/rsh_locl.h: add AUTH_BROKEN and PATH_RSH - - * appl/rsh/Makefile.am: set BINDIR - - * appl/rsh/rsh.c: implemented BSD-style reserved port - `authentication' - -Sun Aug 24 08:06:54 1997 Assar Westerlund - - * appl/rsh/rshd.c: syslog remote shells - -Tue Aug 12 01:29:46 1997 Assar Westerlund - - * appl/rshd/rshd.c: Use `krb5_sock_to_principal'. Send server - parameter to krb5_rd_req/krb5_recvauth. Set addresses in - auth_context. - -Fri Jul 25 17:32:12 1997 Assar Westerlund - - * appl/rsh/rshd.c: implement forwarding - - * appl/rsh/rsh.c: Use getarg. Implement forwarding. - -Sun Jul 13 00:32:16 1997 Assar Westerlund - - * appl/rsh: Conditionalize the krb4-support. - -Wed Jul 9 06:58:00 1997 Assar Westerlund - - * appl/rsh/rsh.c: use the correct user for the checksum - -Mon Jul 7 11:15:51 1997 Assar Westerlund - - * appl/rsh/rshd.c: Now works. Also implementd encryption and - `-p'. - - * appl/rsh/common.c: new file - -Mon Jun 30 06:08:14 1997 Assar Westerlund - - * appl/rsh: New program. - diff --git a/crypto/heimdal/appl/rsh/Makefile.am b/crypto/heimdal/appl/rsh/Makefile.am deleted file mode 100644 index 6377e02c7127..000000000000 --- a/crypto/heimdal/appl/rsh/Makefile.am +++ /dev/null @@ -1,29 +0,0 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_krb4) -I$(srcdir)/../login - -bin_PROGRAMS = rsh - -man_MANS = rsh.1 rshd.8 - -libexec_PROGRAMS = rshd - -rsh_SOURCES = rsh.c common.c rsh_locl.h - -rshd_SOURCES = rshd.c common.c login_access.c limits_conf.c rsh_locl.h - -login_access.c: - $(LN_S) $(srcdir)/../login/login_access.c . - -limits_conf.c: - $(LN_S) $(srcdir)/../login/limits_conf.c . - -LDADD = $(LIB_kafs) \ - $(LIB_krb5) \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(LIB_roken) - -EXTRA_DIST = $(man_MANS) diff --git a/crypto/heimdal/appl/rsh/Makefile.in b/crypto/heimdal/appl/rsh/Makefile.in deleted file mode 100644 index 6c7651c65fdf..000000000000 --- a/crypto/heimdal/appl/rsh/Makefile.in +++ /dev/null @@ -1,936 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog -bin_PROGRAMS = rsh$(EXEEXT) -libexec_PROGRAMS = rshd$(EXEEXT) -subdir = appl/rsh -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)" \ - "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man8dir)" -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(bin_PROGRAMS) $(libexec_PROGRAMS) -am_rsh_OBJECTS = rsh.$(OBJEXT) common.$(OBJEXT) -rsh_OBJECTS = $(am_rsh_OBJECTS) -rsh_LDADD = $(LDADD) -am__DEPENDENCIES_1 = -am__DEPENDENCIES_2 = $(top_builddir)/lib/kafs/libkafs.la \ - $(am__DEPENDENCIES_1) -rsh_DEPENDENCIES = $(am__DEPENDENCIES_2) $(LIB_krb5) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -am_rshd_OBJECTS = rshd.$(OBJEXT) common.$(OBJEXT) \ - login_access.$(OBJEXT) limits_conf.$(OBJEXT) -rshd_OBJECTS = $(am_rshd_OBJECTS) -rshd_LDADD = $(LDADD) -rshd_DEPENDENCIES = $(am__DEPENDENCIES_2) $(LIB_krb5) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(rsh_SOURCES) $(rshd_SOURCES) -DIST_SOURCES = $(rsh_SOURCES) $(rshd_SOURCES) -man1dir = $(mandir)/man1 -man8dir = $(mandir)/man8 -MANS = $(man_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) -I$(srcdir)/../login -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -man_MANS = rsh.1 rshd.8 -rsh_SOURCES = rsh.c common.c rsh_locl.h -rshd_SOURCES = rshd.c common.c login_access.c limits_conf.c rsh_locl.h -LDADD = $(LIB_kafs) \ - $(LIB_krb5) \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(LIB_roken) - -EXTRA_DIST = $(man_MANS) -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/rsh/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/rsh/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-binPROGRAMS: $(bin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-binPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done - -clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -install-libexecPROGRAMS: $(libexec_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-libexecPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done - -clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -rsh$(EXEEXT): $(rsh_OBJECTS) $(rsh_DEPENDENCIES) - @rm -f rsh$(EXEEXT) - $(LINK) $(rsh_OBJECTS) $(rsh_LDADD) $(LIBS) -rshd$(EXEEXT): $(rshd_OBJECTS) $(rshd_DEPENDENCIES) - @rm -f rshd$(EXEEXT) - $(LINK) $(rshd_OBJECTS) $(rshd_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done -install-man8: $(man8_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(PROGRAMS) $(MANS) all-local -installdirs: - for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \ - clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-binPROGRAMS install-libexecPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man1 install-man8 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-binPROGRAMS uninstall-libexecPROGRAMS \ - uninstall-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man1 uninstall-man8 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \ - clean-libtool ctags dist-hook distclean distclean-compile \ - distclean-generic distclean-libtool distclean-tags distdir dvi \ - dvi-am html html-am info info-am install install-am \ - install-binPROGRAMS install-data install-data-am \ - install-data-hook install-dvi install-dvi-am install-exec \ - install-exec-am install-exec-hook install-html install-html-am \ - install-info install-info-am install-libexecPROGRAMS \ - install-man install-man1 install-man8 install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-binPROGRAMS \ - uninstall-hook uninstall-libexecPROGRAMS uninstall-man \ - uninstall-man1 uninstall-man8 - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -login_access.c: - $(LN_S) $(srcdir)/../login/login_access.c . - -limits_conf.c: - $(LN_S) $(srcdir)/../login/limits_conf.c . -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/appl/rsh/common.c b/crypto/heimdal/appl/rsh/common.c deleted file mode 100644 index 84311b00e188..000000000000 --- a/crypto/heimdal/appl/rsh/common.c +++ /dev/null @@ -1,180 +0,0 @@ -/* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "rsh_locl.h" -RCSID("$Id: common.c 17450 2006-05-05 11:11:43Z lha $"); - -#if defined(KRB4) || defined(KRB5) - -#ifdef KRB5 -int key_usage = 1026; - -void *ivec_in[2]; -void *ivec_out[2]; - -void -init_ivecs(int client, int have_errsock) -{ - size_t blocksize; - - krb5_crypto_getblocksize(context, crypto, &blocksize); - - ivec_in[0] = malloc(blocksize); - memset(ivec_in[0], client, blocksize); - - if(have_errsock) { - ivec_in[1] = malloc(blocksize); - memset(ivec_in[1], 2 | client, blocksize); - } else - ivec_in[1] = ivec_in[0]; - - ivec_out[0] = malloc(blocksize); - memset(ivec_out[0], !client, blocksize); - - if(have_errsock) { - ivec_out[1] = malloc(blocksize); - memset(ivec_out[1], 2 | !client, blocksize); - } else - ivec_out[1] = ivec_out[0]; -} -#endif - - -ssize_t -do_read (int fd, void *buf, size_t sz, void *ivec) -{ - if (do_encrypt) { -#ifdef KRB4 - if (auth_method == AUTH_KRB4) { - return des_enc_read (fd, buf, sz, schedule, &iv); - } else -#endif /* KRB4 */ -#ifdef KRB5 - if(auth_method == AUTH_KRB5) { - krb5_error_code ret; - uint32_t len, outer_len; - int status; - krb5_data data; - void *edata; - - ret = krb5_net_read (context, &fd, &len, 4); - if (ret <= 0) - return ret; - len = ntohl(len); - if (len > sz) - abort (); - /* ivec will be non null for protocol version 2 */ - if(ivec != NULL) - outer_len = krb5_get_wrapped_length (context, crypto, len + 4); - else - outer_len = krb5_get_wrapped_length (context, crypto, len); - edata = malloc (outer_len); - if (edata == NULL) - errx (1, "malloc: cannot allocate %u bytes", outer_len); - ret = krb5_net_read (context, &fd, edata, outer_len); - if (ret <= 0) - return ret; - - status = krb5_decrypt_ivec(context, crypto, key_usage, - edata, outer_len, &data, ivec); - free (edata); - - if (status) - krb5_err (context, 1, status, "decrypting data"); - if(ivec != NULL) { - unsigned long l; - if(data.length < len + 4) - errx (1, "data received is too short"); - _krb5_get_int(data.data, &l, 4); - if(l != len) - errx (1, "inconsistency in received data"); - memcpy (buf, (unsigned char *)data.data+4, len); - } else - memcpy (buf, data.data, len); - krb5_data_free (&data); - return len; - } else -#endif /* KRB5 */ - abort (); - } else - return read (fd, buf, sz); -} - -ssize_t -do_write (int fd, void *buf, size_t sz, void *ivec) -{ - if (do_encrypt) { -#ifdef KRB4 - if(auth_method == AUTH_KRB4) { - return des_enc_write (fd, buf, sz, schedule, &iv); - } else -#endif /* KRB4 */ -#ifdef KRB5 - if(auth_method == AUTH_KRB5) { - krb5_error_code status; - krb5_data data; - unsigned char len[4]; - int ret; - - _krb5_put_int(len, sz, 4); - if(ivec != NULL) { - unsigned char *tmp = malloc(sz + 4); - if(tmp == NULL) - err(1, "malloc"); - _krb5_put_int(tmp, sz, 4); - memcpy(tmp + 4, buf, sz); - status = krb5_encrypt_ivec(context, crypto, key_usage, - tmp, sz + 4, &data, ivec); - free(tmp); - } else - status = krb5_encrypt_ivec(context, crypto, key_usage, - buf, sz, &data, ivec); - - if (status) - krb5_err(context, 1, status, "encrypting data"); - - ret = krb5_net_write (context, &fd, len, 4); - if (ret != 4) - return ret; - ret = krb5_net_write (context, &fd, data.data, data.length); - if (ret != data.length) - return ret; - free (data.data); - return sz; - } else -#endif /* KRB5 */ - abort(); - } else - return write (fd, buf, sz); -} -#endif /* KRB4 || KRB5 */ diff --git a/crypto/heimdal/appl/rsh/limits_conf.c b/crypto/heimdal/appl/rsh/limits_conf.c deleted file mode 100644 index ac9837f1406b..000000000000 --- a/crypto/heimdal/appl/rsh/limits_conf.c +++ /dev/null @@ -1,214 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "login_locl.h" - -RCSID("$Id: limits_conf.c 19215 2006-12-04 23:41:18Z lha $"); - -#include -#include -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif - -struct limit { - const char *name; - int resource; - int scale; - int has_limit; - struct rlimit limit; -} limits[] = { -#define LIM(X, S) { #X, RLIMIT_##X, S, 0 } - LIM(CORE, 1024), - LIM(CPU, 60), - LIM(DATA, 1024), - LIM(FSIZE, 1024), -#ifdef RLIMIT_MEMLOCK - LIM(MEMLOCK, 1024), -#endif - LIM(NOFILE, 1), -#ifdef RLIMIT_NPROC - LIM(NPROC, 1), -#endif -#ifdef RLIMIT_RSS - LIM(RSS, 1024), -#endif - LIM(STACK, 1024), - -#ifdef RLIMIT_AS - LIM(AS, 1024), -#endif -#ifdef RLIMIT_LOCKS - LIM(LOCKS, 1), -#endif - /* - maxlogins - priority - */ - { NULL, 0 } -}; - -static struct limit * -find_limit(const char *name) -{ - struct limit *l; - for(l = limits; l->name != NULL; l++) - if(strcasecmp(name, l->name) == 0) - return l; - return NULL; -} - -/* this function reads limits.conf files similar to pam_limits - unimplemented features include: - % maxlogins - "-" no limits, - priorities etc that are not set via setrlimit - XXX uses static storage, and clobbers getgr* -*/ - -int -read_limits_conf(const char *file, const struct passwd *pwd) -{ - FILE *f; - char *args[4]; - int lineno = 0; - char buf[1024]; - struct limit *l; - rlim_t value; - - f = fopen(file, "r"); - if(f == NULL) { - if(errno != ENOENT && errno != ENOTDIR) - syslog(LOG_ERR, "%s: %m", file); - return -1; - } - - while(fgets(buf, sizeof(buf), f) != NULL) { - char *last = NULL; - char *end = NULL; - int level; - - lineno++; - - if(buf[0] == '\0') { - syslog(LOG_ERR, "%s: line %d: NUL character", file, lineno); - continue; - } - if(buf[strlen(buf) - 1] != '\n') { - /* file did not end with a newline, figure out if we're at - the EOF, or if our buffer was too small */ - int eof = 1; - int c; - while((c = fgetc(f)) != EOF) { - eof = 0; - if(c == '\n') - break; - } - if(!eof) { - syslog(LOG_ERR, "%s: line %d: line too long", file, lineno); - continue; - } - } - buf[strcspn(buf, "#\r\n")] = '\0'; - if((args[0] = strtok_r(buf, " \t", &last)) == NULL || - (args[1] = strtok_r(NULL, " \t", &last)) == NULL || - (args[2] = strtok_r(NULL, " \t", &last)) == NULL || - (args[3] = strtok_r(NULL, " \t", &last)) == NULL) { - if(args[0] != NULL) /* this would include comment lines */ - syslog(LOG_ERR, "%s: line %d: malformed line", file, lineno); - continue; - } - - l = find_limit(args[2]); - if(l == NULL) { - syslog(LOG_ERR, "%s: line %d: unknown limit %s", file, lineno, args[2]); - continue; - } - if(strcmp(args[3], "-") == 0) { - value = RLIM_INFINITY; - } else { - errno = 0; - value = strtol(args[3], &end, 10); - if(*end != '\0') { - syslog(LOG_ERR, "%s: line %d: bad value %s", file, lineno, args[3]); - continue; - } - if((value == LONG_MIN || value == LONG_MAX) && errno == ERANGE) { - syslog(LOG_ERR, "%s: line %d: bad value %s", file, lineno, args[3]); - continue; - } - if(value * l->scale < value) - value = RLIM_INFINITY; - else - value *= l->scale; - } - level = 0; - /* XXX unclear: if you set group hard and user soft limit, - should the hard limit still apply? this code doesn't. */ - if(strcmp(args[0], pwd->pw_name) == 0) - level = 3; - if(*args[0] == '@') { - struct group *gr; - gr = getgrnam(args[0] + 1); - if(gr != NULL && gr->gr_gid == pwd->pw_gid) - level = 2; - } - if(strcmp(args[0], "*") == 0) - level = 1; - if(level == 0 || level < l->has_limit) /* not for us */ - continue; - if(l->has_limit < level) { - if(getrlimit(l->resource, &l->limit) < 0) - continue; - l->has_limit = level; - } - - /* XXX unclear: if you soft to more than default hard, should - we set hard to soft? this code doesn't. */ - if(strcasecmp(args[1], "soft") == 0 || strcmp(args[1], "-") == 0) - l->limit.rlim_cur = value; - if(strcasecmp(args[1], "hard") == 0 || strcmp(args[1], "-") == 0) - l->limit.rlim_max = value; - } - fclose(f); - for(l = limits; l->name != NULL; l++) { - if(l->has_limit) { - if(l->limit.rlim_cur > l->limit.rlim_max) - l->limit.rlim_cur = l->limit.rlim_max; - if(setrlimit(l->resource, &l->limit) != 0) - syslog(LOG_ERR, "setrlimit RLIM_%s failed: %m", l->name); - } - l->has_limit = 0; - } - return 0; -} diff --git a/crypto/heimdal/appl/rsh/login_access.c b/crypto/heimdal/appl/rsh/login_access.c deleted file mode 100644 index e1bfe42ea1b8..000000000000 --- a/crypto/heimdal/appl/rsh/login_access.c +++ /dev/null @@ -1,277 +0,0 @@ -/************************************************************************ -* Copyright 1995 by Wietse Venema. All rights reserved. Some individual -* files may be covered by other copyrights. -* -* This material was originally written and compiled by Wietse Venema at -* Eindhoven University of Technology, The Netherlands, in 1990, 1991, -* 1992, 1993, 1994 and 1995. -* -* Redistribution and use in source and binary forms, with or without -* modification, are permitted provided that this entire copyright notice -* is duplicated in all such copies. -* -* This software is provided "as is" and without any expressed or implied -* warranties, including, without limitation, the implied warranties of -* merchantibility and fitness for any particular purpose. -************************************************************************/ - /* - * This module implements a simple but effective form of login access - * control based on login names and on host (or domain) names, internet - * addresses (or network numbers), or on terminal line names in case of - * non-networked logins. Diagnostics are reported through syslog(3). - * - * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. - */ - -#include "login_locl.h" - -RCSID("$Id: login_access.c 10020 2001-06-04 14:10:19Z assar $"); - - /* Delimiters for fields and for lists of users, ttys or hosts. */ - -static char fs[] = ":"; /* field separator */ -static char sep[] = ", \t"; /* list-element separator */ - - /* Constants to be used in assignments only, not in comparisons... */ - -#define YES 1 -#define NO 0 - - /* - * A structure to bundle up all login-related information to keep the - * functional interfaces as generic as possible. - */ -struct login_info { - struct passwd *user; - char *from; -}; - -static int list_match(char *list, struct login_info *item, - int (*match_fn)(char *, struct login_info *)); -static int user_match(char *tok, struct login_info *item); -static int from_match(char *tok, struct login_info *item); -static int string_match(char *tok, char *string); - -/* login_access - match username/group and host/tty with access control file */ - -int login_access(struct passwd *user, char *from) -{ - struct login_info item; - FILE *fp; - char line[BUFSIZ]; - char *perm; /* becomes permission field */ - char *users; /* becomes list of login names */ - char *froms; /* becomes list of terminals or hosts */ - int match = NO; - int end; - int lineno = 0; /* for diagnostics */ - char *foo; - - /* - * Bundle up the arguments to avoid unnecessary clumsiness lateron. - */ - item.user = user; - item.from = from; - - /* - * Process the table one line at a time and stop at the first match. - * Blank lines and lines that begin with a '#' character are ignored. - * Non-comment lines are broken at the ':' character. All fields are - * mandatory. The first field should be a "+" or "-" character. A - * non-existing table means no access control. - */ - - if ((fp = fopen(_PATH_LOGACCESS, "r")) != 0) { - while (!match && fgets(line, sizeof(line), fp)) { - lineno++; - if (line[end = strlen(line) - 1] != '\n') { - syslog(LOG_ERR, "%s: line %d: missing newline or line too long", - _PATH_LOGACCESS, lineno); - continue; - } - if (line[0] == '#') - continue; /* comment line */ - while (end > 0 && isspace((unsigned char)line[end - 1])) - end--; - line[end] = 0; /* strip trailing whitespace */ - if (line[0] == 0) /* skip blank lines */ - continue; - foo = NULL; - if (!(perm = strtok_r(line, fs, &foo)) - || !(users = strtok_r(NULL, fs, &foo)) - || !(froms = strtok_r(NULL, fs, &foo)) - || strtok_r(NULL, fs, &foo)) { - syslog(LOG_ERR, "%s: line %d: bad field count", - _PATH_LOGACCESS, - lineno); - continue; - } - if (perm[0] != '+' && perm[0] != '-') { - syslog(LOG_ERR, "%s: line %d: bad first field", - _PATH_LOGACCESS, - lineno); - continue; - } - match = (list_match(froms, &item, from_match) - && list_match(users, &item, user_match)); - } - fclose(fp); - } else if (errno != ENOENT) { - syslog(LOG_ERR, "cannot open %s: %m", _PATH_LOGACCESS); - } - return (match == 0 || (line[0] == '+')); -} - -/* list_match - match an item against a list of tokens with exceptions */ - -static int -list_match(char *list, - struct login_info *item, - int (*match_fn)(char *, struct login_info *)) -{ - char *tok; - int match = NO; - char *foo = NULL; - - /* - * Process tokens one at a time. We have exhausted all possible matches - * when we reach an "EXCEPT" token or the end of the list. If we do find - * a match, look for an "EXCEPT" list and recurse to determine whether - * the match is affected by any exceptions. - */ - - for (tok = strtok_r(list, sep, &foo); - tok != NULL; - tok = strtok_r(NULL, sep, &foo)) { - if (strcasecmp(tok, "EXCEPT") == 0) /* EXCEPT: give up */ - break; - if ((match = (*match_fn) (tok, item)) != 0) /* YES */ - break; - } - /* Process exceptions to matches. */ - - if (match != NO) { - while ((tok = strtok_r(NULL, sep, &foo)) && strcasecmp(tok, "EXCEPT")) - /* VOID */ ; - if (tok == 0 || list_match(NULL, item, match_fn) == NO) - return (match); - } - return (NO); -} - -/* myhostname - figure out local machine name */ - -static char *myhostname(void) -{ - static char name[MAXHOSTNAMELEN + 1] = ""; - - if (name[0] == 0) { - gethostname(name, sizeof(name)); - name[MAXHOSTNAMELEN] = 0; - } - return (name); -} - -/* netgroup_match - match group against machine or user */ - -static int netgroup_match(char *group, char *machine, char *user) -{ -#ifdef HAVE_YP_GET_DEFAULT_DOMAIN - static char *mydomain = 0; - - if (mydomain == 0) - yp_get_default_domain(&mydomain); - return (innetgr(group, machine, user, mydomain)); -#else - syslog(LOG_ERR, "NIS netgroup support not configured"); - return 0; -#endif -} - -/* user_match - match a username against one token */ - -static int user_match(char *tok, struct login_info *item) -{ - char *string = item->user->pw_name; - struct login_info fake_item; - struct group *group; - int i; - char *at; - - /* - * If a token has the magic value "ALL" the match always succeeds. - * Otherwise, return YES if the token fully matches the username, if the - * token is a group that contains the username, or if the token is the - * name of the user's primary group. - */ - - if ((at = strchr(tok + 1, '@')) != 0) { /* split user@host pattern */ - *at = 0; - fake_item.from = myhostname(); - return (user_match(tok, item) && from_match(at + 1, &fake_item)); - } else if (tok[0] == '@') { /* netgroup */ - return (netgroup_match(tok + 1, (char *) 0, string)); - } else if (string_match(tok, string)) { /* ALL or exact match */ - return (YES); - } else if ((group = getgrnam(tok)) != 0) { /* try group membership */ - if (item->user->pw_gid == group->gr_gid) - return (YES); - for (i = 0; group->gr_mem[i]; i++) - if (strcasecmp(string, group->gr_mem[i]) == 0) - return (YES); - } - return (NO); -} - -/* from_match - match a host or tty against a list of tokens */ - -static int from_match(char *tok, struct login_info *item) -{ - char *string = item->from; - int tok_len; - int str_len; - - /* - * If a token has the magic value "ALL" the match always succeeds. Return - * YES if the token fully matches the string. If the token is a domain - * name, return YES if it matches the last fields of the string. If the - * token has the magic value "LOCAL", return YES if the string does not - * contain a "." character. If the token is a network number, return YES - * if it matches the head of the string. - */ - - if (tok[0] == '@') { /* netgroup */ - return (netgroup_match(tok + 1, string, (char *) 0)); - } else if (string_match(tok, string)) { /* ALL or exact match */ - return (YES); - } else if (tok[0] == '.') { /* domain: match last fields */ - if ((str_len = strlen(string)) > (tok_len = strlen(tok)) - && strcasecmp(tok, string + str_len - tok_len) == 0) - return (YES); - } else if (strcasecmp(tok, "LOCAL") == 0) { /* local: no dots */ - if (strchr(string, '.') == 0) - return (YES); - } else if (tok[(tok_len = strlen(tok)) - 1] == '.' /* network */ - && strncmp(tok, string, tok_len) == 0) { - return (YES); - } - return (NO); -} - -/* string_match - match a string against one token */ - -static int string_match(char *tok, char *string) -{ - - /* - * If the token has the magic value "ALL" the match always succeeds. - * Otherwise, return YES if the token fully matches the string. - */ - - if (strcasecmp(tok, "ALL") == 0) { /* all: always matches */ - return (YES); - } else if (strcasecmp(tok, string) == 0) { /* try exact match */ - return (YES); - } - return (NO); -} diff --git a/crypto/heimdal/appl/rsh/rsh.1 b/crypto/heimdal/appl/rsh/rsh.1 deleted file mode 100644 index 2999dc06a29c..000000000000 --- a/crypto/heimdal/appl/rsh/rsh.1 +++ /dev/null @@ -1,295 +0,0 @@ -.\" Copyright (c) 2002 - 2003 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: rsh.1 13394 2004-02-20 12:21:42Z joda $ -.\" -.Dd February 20, 2004 -.Dt RSH 1 -.Os HEIMDAL -.Sh NAME -.Nm rsh -.Nd -remote shell -.Sh SYNOPSIS -.Nm -.Op Fl 45FGKdefnuxz -.Op Fl U Pa string -.Op Fl p Ar port -.Op Fl l Ar username -.Op Fl P Ar N|O -.Ar host [command] -.Sh DESCRIPTION -.Nm -authenticates to the -.Xr rshd 8 -daemon on the remote -.Ar host , -and then executes the specified -.Ar command . -.Pp -.Nm -copies its standard input to the remote command, and the standard -output and error of the remote command to its own. -.Pp -Valid options are: -.Bl -tag -width Ds -.It Xo -.Fl 4 , -.Fl -krb4 -.Xc -The -.Fl 4 -option requests Kerberos 4 authentication. Normally all supported -authentication mechanisms will be tried, but in some cases more -explicit control is desired. -.It Xo -.Fl 5 , -.Fl -krb5 -.Xc -The -.Fl 5 -option requests Kerberos 5 authentication. This is analogous to the -.Fl 4 -option. -.It Xo -.Fl K , -.Fl -broken -.Xc -The -.Fl K -option turns off all Kerberos authentication. The security in this -mode relies on reserved ports. The long name is an indication of how -good this is. -.It Xo -.Fl n , -.Fl -no-input -.Xc -The -.Fl n -option directs the input from the -.Pa /dev/null -device (see the -.Sx BUGS -section of this manual page). -.It Fl d -Enable -.Xr setsockopt 2 -socket debugging. -.It Xo -.Fl e , -.Fl -no-stderr -.Xc -Don't use a separate socket for the stderr stream. This can be -necessary if rsh-ing through a NAT bridge. -.It Xo -.Fl x , -.Fl -encrypt -.Xc -The -.Fl x -option enables encryption for all data exchange. This is only valid -for Kerberos authenticated connections (see the -.Sx BUGS -section for limitations). -.It Xo -.Fl z -.Xc -The opposite of -.Fl x . -This is the default, and is mainly useful if encryption has been -enabled by default, for instance in the -.Li appdefaults -section of -.Pa /etc/krb5.conf -when using Kerberos 5. -.It Xo -.Fl f , -.Fl -forward -.Xc -Forward Kerberos 5 credentials to the remote host. -Also settable via -.Li appdefaults -(see -.Xr krb5.conf ) . -.It Xo -.Fl F , -.Fl -forwardable -.Xc -Make the forwarded credentials re-forwardable. -Also settable via -.Li appdefaults -(see -.Xr krb5.conf ) . -.It Xo -.Fl l Ar string , -.Fl -user= Ns Ar string -.Xc -By default the remote username is the same as the local. The -.Fl l -option or the -.Pa username@host -format allow the remote name to be specified. -.It Xo -.Fl n , -.Fl -no-input -.Xc -Direct input from -.Pa /dev/null -(see the -.Sx BUGS -section). -.It Xo -.Fl p Ar number-or-service , -.Fl -port= Ns Ar number-or-service -.Xc -Connect to this port instead of the default (which is 514 when using -old port based authentication, 544 for Kerberos 5 and non-encrypted -Kerberos 4, and 545 for encrytpted Kerberos 4; subject of course to -the contents of -.Pa /etc/services ) . -.It Xo -.Fl P Ar N|O|1|2 , -.Fl -protocol= Ns Ar N|O|1|2 -.Xc -Specifies the protocol version to use with Kerberos 5. -.Ar N -and -.Ar 2 -select protocol version 2, while -.Ar O -and -.Ar 1 -select version 1. Version 2 is believed to be more secure, and is the -default. Unless asked for a specific version, -.Nm -will try both. This behaviour may change in the future. -.It Xo -.Fl u , -.Fl -unique -.Xc -Make sure the remote credentials cache is unique, that is, don't reuse -any existing cache. Mutually exclusive to -.Fl U . -.It Xo -.Fl U Pa string , -.Fl -tkfile= Ns Pa string -.Xc -Name of the remote credentials cache. Mutually exclusive to -.Fl u . -.It Xo -.Fl x , -.Fl -encrypt -.Xc -The -.Fl x -option enables encryption for all data exchange. This is only valid -for Kerberos authenticated connections (see the -.Sx BUGS -section for limitations). -.It Fl z -The opposite of -.Fl x . -This is the default, but encryption can be enabled when using -Kerberos 5, by setting the -.Li libdefaults/encrypt -option in -.Xr krb5.conf 5 . -.El -.\".Pp -.\"Without a -.\".Ar command -.\".Nm -.\"will just exec -.\".Xr rlogin 1 -.\"with the same arguments. -.Sh EXAMPLES -Care should be taken when issuing commands containing shell meta -characters. Without quoting, these will be expanded on the local -machine. -.Pp -The following command: -.Pp -.Dl rsh otherhost cat remotefile \*[Gt] localfile -.Pp -will write the contents of the remote -.Pa remotefile -to the local -.Pa localfile , -but: -.Pp -.Dl rsh otherhost 'cat remotefile \*[Gt] remotefile2' -.Pp -will write it to the remote -.Pa remotefile2 . -.\".Sh ENVIRONMENT -.Sh FILES -.Bl -tag -width /etc/hosts -compact -.It Pa /etc/hosts -.El -.\".Sh DIAGNOSTICS -.Sh SEE ALSO -.Xr rlogin 1 , -.Xr krb_realmofhost 3 , -.Xr krb_sendauth 3 , -.Xr hosts.equiv 5 , -.Xr krb5.conf 5 , -.Xr rhosts 5 , -.Xr kerberos 8 -.Xr rshd 8 -.\".Sh STANDARDS -.Sh HISTORY -The -.Nm -command appeared in -.Bx 4.2 . -.Sh AUTHORS -This implementation of -.Nm -was written as part of the Heimdal Kerberos 5 implementation. -.Sh BUGS -Some shells (notably -.Xr csh 1 ) -will cause -.Nm -to block if run in the background, unless the standard input is directed away from the terminal. This is what the -.Fl n -option is for. -.Pp -The -.Fl x -options enables encryption for the session, but for both Kerberos 4 -and 5 the actual command is sent unencrypted, so you should not send -any secret information in the command line (which is probably a bad -idea anyway, since the command line can usually be read with tools -like -.Xr ps 1 ) . -Forthermore in Kerberos 4 the command is not even integrity -protected, so anyone with the right tools can modify the command. diff --git a/crypto/heimdal/appl/rsh/rsh.c b/crypto/heimdal/appl/rsh/rsh.c deleted file mode 100644 index 2d64d21f49fa..000000000000 --- a/crypto/heimdal/appl/rsh/rsh.c +++ /dev/null @@ -1,1124 +0,0 @@ -/* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "rsh_locl.h" -RCSID("$Id: rsh.c 21516 2007-07-12 12:47:23Z lha $"); - -enum auth_method auth_method; -#if defined(KRB4) || defined(KRB5) -int do_encrypt = -1; -#endif -#ifdef KRB5 -int do_unique_tkfile = 0; -char *unique_tkfile = NULL; -char tkfile[MAXPATHLEN]; -int do_forward = -1; -int do_forwardable = -1; -krb5_context context; -krb5_keyblock *keyblock; -krb5_crypto crypto; -#endif -#ifdef KRB4 -des_key_schedule schedule; -des_cblock iv; -#endif -int sock_debug = 0; - -#ifdef KRB4 -static int use_v4 = -1; -#endif -#ifdef KRB5 -static int use_v5 = -1; -#endif -#if defined(KRB4) || defined(KRB5) -static int use_only_broken = 0; -#else -static int use_only_broken = 1; -#endif -static int use_broken = 1; -static char *port_str; -static const char *user; -static int do_version; -static int do_help; -static int do_errsock = 1; -#ifdef KRB5 -static char *protocol_version_str; -static int protocol_version = 2; -#endif - -/* - * - */ - -static int input = 1; /* Read from stdin */ - -static int -rsh_loop (int s, int errsock) -{ - fd_set real_readset; - int count = 1; - -#ifdef KRB5 - if(auth_method == AUTH_KRB5 && protocol_version == 2) - init_ivecs(1, errsock != -1); -#endif - - if (s >= FD_SETSIZE || (errsock != -1 && errsock >= FD_SETSIZE)) - errx (1, "fd too large"); - - FD_ZERO(&real_readset); - FD_SET(s, &real_readset); - if (errsock != -1) { - FD_SET(errsock, &real_readset); - ++count; - } - if(input) - FD_SET(STDIN_FILENO, &real_readset); - - for (;;) { - int ret; - fd_set readset; - char buf[RSH_BUFSIZ]; - - readset = real_readset; - ret = select (max(s, errsock) + 1, &readset, NULL, NULL, NULL); - if (ret < 0) { - if (errno == EINTR) - continue; - else - err (1, "select"); - } - if (FD_ISSET(s, &readset)) { - ret = do_read (s, buf, sizeof(buf), ivec_in[0]); - if (ret < 0) - err (1, "read"); - else if (ret == 0) { - close (s); - FD_CLR(s, &real_readset); - if (--count == 0) - return 0; - } else - net_write (STDOUT_FILENO, buf, ret); - } - if (errsock != -1 && FD_ISSET(errsock, &readset)) { - ret = do_read (errsock, buf, sizeof(buf), ivec_in[1]); - if (ret < 0) - err (1, "read"); - else if (ret == 0) { - close (errsock); - FD_CLR(errsock, &real_readset); - if (--count == 0) - return 0; - } else - net_write (STDERR_FILENO, buf, ret); - } - if (FD_ISSET(STDIN_FILENO, &readset)) { - ret = read (STDIN_FILENO, buf, sizeof(buf)); - if (ret < 0) - err (1, "read"); - else if (ret == 0) { - close (STDIN_FILENO); - FD_CLR(STDIN_FILENO, &real_readset); - shutdown (s, SHUT_WR); - } else - do_write (s, buf, ret, ivec_out[0]); - } - } -} - -#ifdef KRB4 -static int -send_krb4_auth(int s, - struct sockaddr *thisaddr, - struct sockaddr *thataddr, - const char *hostname, - const char *remote_user, - const char *local_user, - size_t cmd_len, - const char *cmd) -{ - KTEXT_ST text; - CREDENTIALS cred; - MSG_DAT msg; - int status; - size_t len; - - /* the normal default for krb4 should be to disable encryption */ - status = krb_sendauth ((do_encrypt == 1) ? KOPT_DO_MUTUAL : 0, - s, &text, "rcmd", - (char *)hostname, krb_realmofhost (hostname), - getpid(), &msg, &cred, schedule, - (struct sockaddr_in *)thisaddr, - (struct sockaddr_in *)thataddr, - KCMD_OLD_VERSION); - if (status != KSUCCESS) { - warnx("%s: %s", hostname, krb_get_err_text(status)); - return 1; - } - memcpy (iv, cred.session, sizeof(iv)); - - len = strlen(remote_user) + 1; - if (net_write (s, remote_user, len) != len) { - warn("write"); - return 1; - } - if (net_write (s, cmd, cmd_len) != cmd_len) { - warn("write"); - return 1; - } - return 0; -} -#endif /* KRB4 */ - -#ifdef KRB5 -/* - * Send forward information on `s' for host `hostname', them being - * forwardable themselves if `forwardable' - */ - -static int -krb5_forward_cred (krb5_auth_context auth_context, - int s, - const char *hostname, - int forwardable) -{ - krb5_error_code ret; - krb5_ccache ccache; - krb5_creds creds; - krb5_kdc_flags flags; - krb5_data out_data; - krb5_principal principal; - - memset (&creds, 0, sizeof(creds)); - - ret = krb5_cc_default (context, &ccache); - if (ret) { - warnx ("could not forward creds: krb5_cc_default: %s", - krb5_get_err_text (context, ret)); - return 1; - } - - ret = krb5_cc_get_principal (context, ccache, &principal); - if (ret) { - warnx ("could not forward creds: krb5_cc_get_principal: %s", - krb5_get_err_text (context, ret)); - return 1; - } - - creds.client = principal; - - ret = krb5_build_principal (context, - &creds.server, - strlen(principal->realm), - principal->realm, - "krbtgt", - principal->realm, - NULL); - - if (ret) { - warnx ("could not forward creds: krb5_build_principal: %s", - krb5_get_err_text (context, ret)); - return 1; - } - - creds.times.endtime = 0; - - flags.i = 0; - flags.b.forwarded = 1; - flags.b.forwardable = forwardable; - - ret = krb5_get_forwarded_creds (context, - auth_context, - ccache, - flags.i, - hostname, - &creds, - &out_data); - if (ret) { - warnx ("could not forward creds: krb5_get_forwarded_creds: %s", - krb5_get_err_text (context, ret)); - return 1; - } - - ret = krb5_write_message (context, - (void *)&s, - &out_data); - krb5_data_free (&out_data); - - if (ret) - warnx ("could not forward creds: krb5_write_message: %s", - krb5_get_err_text (context, ret)); - return 0; -} - -static int sendauth_version_error; - -static int -send_krb5_auth(int s, - struct sockaddr *thisaddr, - struct sockaddr *thataddr, - const char *hostname, - const char *remote_user, - const char *local_user, - size_t cmd_len, - const char *cmd) -{ - krb5_principal server; - krb5_data cksum_data; - int status; - size_t len; - krb5_auth_context auth_context = NULL; - const char *protocol_string = NULL; - krb5_flags ap_opts; - char *str; - - status = krb5_sname_to_principal(context, - hostname, - "host", - KRB5_NT_SRV_HST, - &server); - if (status) { - warnx ("%s: %s", hostname, krb5_get_err_text(context, status)); - return 1; - } - - if(do_encrypt == -1) { - krb5_appdefault_boolean(context, NULL, - krb5_principal_get_realm(context, server), - "encrypt", - FALSE, - &do_encrypt); - } - - cksum_data.length = asprintf (&str, - "%u:%s%s%s", - ntohs(socket_get_port(thataddr)), - do_encrypt ? "-x " : "", - cmd, - remote_user); - if (str == NULL) { - warnx ("%s: failed to allocate command", hostname); - return 1; - } - cksum_data.data = str; - - ap_opts = 0; - - if(do_encrypt) - ap_opts |= AP_OPTS_MUTUAL_REQUIRED; - - switch(protocol_version) { - case 2: - ap_opts |= AP_OPTS_USE_SUBKEY; - protocol_string = KCMD_NEW_VERSION; - break; - case 1: - protocol_string = KCMD_OLD_VERSION; - key_usage = KRB5_KU_OTHER_ENCRYPTED; - break; - default: - abort(); - } - - status = krb5_sendauth (context, - &auth_context, - &s, - protocol_string, - NULL, - server, - ap_opts, - &cksum_data, - NULL, - NULL, - NULL, - NULL, - NULL); - - /* do this while we have a principal */ - if(do_forward == -1 || do_forwardable == -1) { - krb5_const_realm realm = krb5_principal_get_realm(context, server); - if (do_forwardable == -1) - krb5_appdefault_boolean(context, NULL, realm, - "forwardable", FALSE, - &do_forwardable); - if (do_forward == -1) - krb5_appdefault_boolean(context, NULL, realm, - "forward", FALSE, - &do_forward); - } - - krb5_free_principal(context, server); - krb5_data_free(&cksum_data); - - if (status) { - if(status == KRB5_SENDAUTH_REJECTED && - protocol_version == 2 && protocol_version_str == NULL) - sendauth_version_error = 1; - else - krb5_warn(context, status, "%s", hostname); - return 1; - } - - status = krb5_auth_con_getlocalsubkey (context, auth_context, &keyblock); - if(keyblock == NULL) - status = krb5_auth_con_getkey (context, auth_context, &keyblock); - if (status) { - warnx ("krb5_auth_con_getkey: %s", krb5_get_err_text(context, status)); - return 1; - } - - status = krb5_auth_con_setaddrs_from_fd (context, - auth_context, - &s); - if (status) { - warnx("krb5_auth_con_setaddrs_from_fd: %s", - krb5_get_err_text(context, status)); - return(1); - } - - status = krb5_crypto_init(context, keyblock, 0, &crypto); - if(status) { - warnx ("krb5_crypto_init: %s", krb5_get_err_text(context, status)); - return 1; - } - - len = strlen(remote_user) + 1; - if (net_write (s, remote_user, len) != len) { - warn ("write"); - return 1; - } - if (do_encrypt && net_write (s, "-x ", 3) != 3) { - warn ("write"); - return 1; - } - if (net_write (s, cmd, cmd_len) != cmd_len) { - warn ("write"); - return 1; - } - - if (do_unique_tkfile) { - if (net_write (s, tkfile, strlen(tkfile)) != strlen(tkfile)) { - warn ("write"); - return 1; - } - } - len = strlen(local_user) + 1; - if (net_write (s, local_user, len) != len) { - warn ("write"); - return 1; - } - - if (!do_forward - || krb5_forward_cred (auth_context, s, hostname, do_forwardable)) { - /* Empty forwarding info */ - - u_char zero[4] = {0, 0, 0, 0}; - write (s, &zero, 4); - } - krb5_auth_con_free (context, auth_context); - return 0; -} - -#endif /* KRB5 */ - -static int -send_broken_auth(int s, - struct sockaddr *thisaddr, - struct sockaddr *thataddr, - const char *hostname, - const char *remote_user, - const char *local_user, - size_t cmd_len, - const char *cmd) -{ - size_t len; - - len = strlen(local_user) + 1; - if (net_write (s, local_user, len) != len) { - warn ("write"); - return 1; - } - len = strlen(remote_user) + 1; - if (net_write (s, remote_user, len) != len) { - warn ("write"); - return 1; - } - if (net_write (s, cmd, cmd_len) != cmd_len) { - warn ("write"); - return 1; - } - return 0; -} - -static int -proto (int s, int errsock, - const char *hostname, const char *local_user, const char *remote_user, - const char *cmd, size_t cmd_len, - int (*auth_func)(int s, - struct sockaddr *this, struct sockaddr *that, - const char *hostname, const char *remote_user, - const char *local_user, size_t cmd_len, - const char *cmd)) -{ - int errsock2; - char buf[BUFSIZ]; - char *p; - size_t len; - char reply; - struct sockaddr_storage thisaddr_ss; - struct sockaddr *thisaddr = (struct sockaddr *)&thisaddr_ss; - struct sockaddr_storage thataddr_ss; - struct sockaddr *thataddr = (struct sockaddr *)&thataddr_ss; - struct sockaddr_storage erraddr_ss; - struct sockaddr *erraddr = (struct sockaddr *)&erraddr_ss; - socklen_t addrlen; - int ret; - - addrlen = sizeof(thisaddr_ss); - if (getsockname (s, thisaddr, &addrlen) < 0) { - warn ("getsockname(%s)", hostname); - return 1; - } - addrlen = sizeof(thataddr_ss); - if (getpeername (s, thataddr, &addrlen) < 0) { - warn ("getpeername(%s)", hostname); - return 1; - } - - if (errsock != -1) { - - addrlen = sizeof(erraddr_ss); - if (getsockname (errsock, erraddr, &addrlen) < 0) { - warn ("getsockname"); - return 1; - } - - if (listen (errsock, 1) < 0) { - warn ("listen"); - return 1; - } - - p = buf; - snprintf (p, sizeof(buf), "%u", - ntohs(socket_get_port(erraddr))); - len = strlen(buf) + 1; - if(net_write (s, buf, len) != len) { - warn ("write"); - close (errsock); - return 1; - } - - - for (;;) { - fd_set fdset; - - if (errsock >= FD_SETSIZE || s >= FD_SETSIZE) - errx (1, "fd too large"); - - FD_ZERO(&fdset); - FD_SET(errsock, &fdset); - FD_SET(s, &fdset); - - ret = select (max(errsock, s) + 1, &fdset, NULL, NULL, NULL); - if (ret < 0) { - if (errno == EINTR) - continue; - warn ("select"); - close (errsock); - return 1; - } - if (FD_ISSET(errsock, &fdset)) { - errsock2 = accept (errsock, NULL, NULL); - close (errsock); - if (errsock2 < 0) { - warn ("accept"); - return 1; - } - break; - } - - /* - * there should not arrive any data on this fd so if it's - * readable it probably indicates that the other side when - * away. - */ - - if (FD_ISSET(s, &fdset)) { - warnx ("socket closed"); - close (errsock); - errsock2 = -1; - break; - } - } - } else { - if (net_write (s, "0", 2) != 2) { - warn ("write"); - return 1; - } - errsock2 = -1; - } - - if ((*auth_func)(s, thisaddr, thataddr, hostname, - remote_user, local_user, - cmd_len, cmd)) { - close (errsock2); - return 1; - } - - ret = net_read (s, &reply, 1); - if (ret < 0) { - warn ("read"); - close (errsock2); - return 1; - } else if (ret == 0) { - warnx ("unexpected EOF from %s", hostname); - close (errsock2); - return 1; - } - if (reply != 0) { - - warnx ("Error from rshd at %s:", hostname); - - while ((ret = read (s, buf, sizeof(buf))) > 0) - write (STDOUT_FILENO, buf, ret); - write (STDOUT_FILENO,"\n",1); - close (errsock2); - return 1; - } - - if (sock_debug) { - int one = 1; - if (setsockopt(s, SOL_SOCKET, SO_DEBUG, (void *)&one, sizeof(one)) < 0) - warn("setsockopt remote"); - if (errsock2 != -1 && - setsockopt(errsock2, SOL_SOCKET, SO_DEBUG, - (void *)&one, sizeof(one)) < 0) - warn("setsockopt stderr"); - } - - return rsh_loop (s, errsock2); -} - -/* - * Return in `res' a copy of the concatenation of `argc, argv' into - * malloced space. */ - -static size_t -construct_command (char **res, int argc, char **argv) -{ - int i; - size_t len = 0; - char *tmp; - - for (i = 0; i < argc; ++i) - len += strlen(argv[i]) + 1; - len = max (1, len); - tmp = malloc (len); - if (tmp == NULL) - errx (1, "malloc %lu failed", (unsigned long)len); - - *tmp = '\0'; - for (i = 0; i < argc - 1; ++i) { - strlcat (tmp, argv[i], len); - strlcat (tmp, " ", len); - } - if (argc > 0) - strlcat (tmp, argv[argc-1], len); - *res = tmp; - return len; -} - -static char * -print_addr (const struct sockaddr *sa) -{ - char addr_str[256]; - char *res; - const char *as = NULL; - - if(sa->sa_family == AF_INET) - as = inet_ntop (sa->sa_family, &((struct sockaddr_in*)sa)->sin_addr, - addr_str, sizeof(addr_str)); -#ifdef HAVE_INET6 - else if(sa->sa_family == AF_INET6) - as = inet_ntop (sa->sa_family, &((struct sockaddr_in6*)sa)->sin6_addr, - addr_str, sizeof(addr_str)); -#endif - if(as == NULL) - return NULL; - res = strdup(as); - if (res == NULL) - errx (1, "malloc: out of memory"); - return res; -} - -static int -doit_broken (int argc, - char **argv, - int hostindex, - struct addrinfo *ai, - const char *remote_user, - const char *local_user, - int priv_socket1, - int priv_socket2, - const char *cmd, - size_t cmd_len) -{ - struct addrinfo *a; - - if (connect (priv_socket1, ai->ai_addr, ai->ai_addrlen) < 0) { - int save_errno = errno; - - close(priv_socket1); - close(priv_socket2); - - for (a = ai->ai_next; a != NULL; a = a->ai_next) { - pid_t pid; - char *adr = print_addr(a->ai_addr); - if(adr == NULL) - continue; - - pid = fork(); - if (pid < 0) - err (1, "fork"); - else if(pid == 0) { - char **new_argv; - int i = 0; - - new_argv = malloc((argc + 2) * sizeof(*new_argv)); - if (new_argv == NULL) - errx (1, "malloc: out of memory"); - new_argv[i] = argv[i]; - ++i; - if (hostindex == i) - new_argv[i++] = adr; - new_argv[i++] = "-K"; - for(; i <= argc; ++i) - new_argv[i] = argv[i - 1]; - if (hostindex > 1) - new_argv[hostindex + 1] = adr; - new_argv[argc + 1] = NULL; - execv(PATH_RSH, new_argv); - err(1, "execv(%s)", PATH_RSH); - } else { - int status; - free(adr); - - while(waitpid(pid, &status, 0) < 0) - ; - if(WIFEXITED(status) && WEXITSTATUS(status) == 0) - return 0; - } - } - errno = save_errno; - warn("%s", argv[hostindex]); - return 1; - } else { - int ret; - - ret = proto (priv_socket1, priv_socket2, - argv[hostindex], - local_user, remote_user, - cmd, cmd_len, - send_broken_auth); - return ret; - } -} - -#if defined(KRB4) || defined(KRB5) -static int -doit (const char *hostname, - struct addrinfo *ai, - const char *remote_user, - const char *local_user, - const char *cmd, - size_t cmd_len, - int (*auth_func)(int s, - struct sockaddr *this, struct sockaddr *that, - const char *hostname, const char *remote_user, - const char *local_user, size_t cmd_len, - const char *cmd)) -{ - int error; - struct addrinfo *a; - int socketfailed = 1; - int ret; - - for (a = ai; a != NULL; a = a->ai_next) { - int s; - int errsock; - - s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (s < 0) - continue; - socketfailed = 0; - if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { - char addr[128]; - if(getnameinfo(a->ai_addr, a->ai_addrlen, - addr, sizeof(addr), NULL, 0, NI_NUMERICHOST) == 0) - warn ("connect(%s [%s])", hostname, addr); - else - warn ("connect(%s)", hostname); - close (s); - continue; - } - if (do_errsock) { - struct addrinfo *ea, *eai; - struct addrinfo hints; - - memset (&hints, 0, sizeof(hints)); - hints.ai_socktype = a->ai_socktype; - hints.ai_protocol = a->ai_protocol; - hints.ai_family = a->ai_family; - hints.ai_flags = AI_PASSIVE; - - errsock = -1; - - error = getaddrinfo (NULL, "0", &hints, &eai); - if (error) - errx (1, "getaddrinfo: %s", gai_strerror(error)); - for (ea = eai; ea != NULL; ea = ea->ai_next) { - errsock = socket (ea->ai_family, ea->ai_socktype, - ea->ai_protocol); - if (errsock < 0) - continue; - if (bind (errsock, ea->ai_addr, ea->ai_addrlen) < 0) - err (1, "bind"); - break; - } - if (errsock < 0) - err (1, "socket"); - freeaddrinfo (eai); - } else - errsock = -1; - - ret = proto (s, errsock, - hostname, - local_user, remote_user, - cmd, cmd_len, auth_func); - close (s); - return ret; - } - if(socketfailed) - warnx ("failed to contact %s", hostname); - return -1; -} -#endif /* KRB4 || KRB5 */ - -struct getargs args[] = { -#ifdef KRB4 - { "krb4", '4', arg_flag, &use_v4, "Use Kerberos V4" }, -#endif -#ifdef KRB5 - { "krb5", '5', arg_flag, &use_v5, "Use Kerberos V5" }, - { "forward", 'f', arg_flag, &do_forward, "Forward credentials [krb5]"}, - { "forwardable", 'F', arg_flag, &do_forwardable, - "Forward forwardable credentials [krb5]" }, - { NULL, 'G', arg_negative_flag,&do_forward, "Don't forward credentials" }, - { "unique", 'u', arg_flag, &do_unique_tkfile, - "Use unique remote credentials cache [krb5]" }, - { "tkfile", 'U', arg_string, &unique_tkfile, - "Specifies remote credentials cache [krb5]" }, - { "protocol", 'P', arg_string, &protocol_version_str, - "Protocol version [krb5]", "protocol" }, -#endif - { "broken", 'K', arg_flag, &use_only_broken, "Use only priv port" }, -#if defined(KRB4) || defined(KRB5) - { "encrypt", 'x', arg_flag, &do_encrypt, "Encrypt connection" }, - { NULL, 'z', arg_negative_flag, &do_encrypt, - "Don't encrypt connection", NULL }, -#endif - { NULL, 'd', arg_flag, &sock_debug, "Enable socket debugging" }, - { "input", 'n', arg_negative_flag, &input, "Close stdin" }, - { "port", 'p', arg_string, &port_str, "Use this port", - "port" }, - { "user", 'l', arg_string, &user, "Run as this user", "login" }, - { "stderr", 'e', arg_negative_flag, &do_errsock, "Don't open stderr"}, -#ifdef KRB5 -#endif - { "version", 0, arg_flag, &do_version, NULL }, - { "help", 0, arg_flag, &do_help, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args) / sizeof(args[0]), - NULL, - "[login@]host [command]"); - exit (ret); -} - -/* - * - */ - -int -main(int argc, char **argv) -{ - int priv_port1, priv_port2; - int priv_socket1, priv_socket2; - int argindex = 0; - int error; - struct addrinfo hints, *ai; - int ret = 1; - char *cmd; - char *tmp; - size_t cmd_len; - const char *local_user; - char *host = NULL; - int host_index = -1; -#ifdef KRB5 - int status; -#endif - uid_t uid; - - priv_port1 = priv_port2 = IPPORT_RESERVED-1; - priv_socket1 = rresvport(&priv_port1); - priv_socket2 = rresvport(&priv_port2); - uid = getuid (); - if (setuid (uid) || (uid != 0 && setuid(0) == 0)) - err (1, "setuid"); - - setprogname (argv[0]); - - if (argc >= 2 && argv[1][0] != '-') { - host = argv[host_index = 1]; - argindex = 1; - } - - if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, - &argindex)) - usage (1); - - if (do_help) - usage (0); - - if (do_version) { - print_version (NULL); - return 0; - } - -#ifdef KRB5 - if(protocol_version_str != NULL) { - if(strcasecmp(protocol_version_str, "N") == 0) - protocol_version = 2; - else if(strcasecmp(protocol_version_str, "O") == 0) - protocol_version = 1; - else { - char *end; - int v; - v = strtol(protocol_version_str, &end, 0); - if(*end != '\0' || (v != 1 && v != 2)) { - errx(1, "unknown protocol version \"%s\"", - protocol_version_str); - } - protocol_version = v; - } - } - - status = krb5_init_context (&context); - if (status) { - if(use_v5 == 1) - errx(1, "krb5_init_context failed: %d", status); - else - use_v5 = 0; - } - - /* request for forwardable on the command line means we should - also forward */ - if (do_forwardable == 1) - do_forward = 1; - -#endif - -#if defined(KRB4) && defined(KRB5) - if(use_v4 == -1 && use_v5 == 1) - use_v4 = 0; - if(use_v5 == -1 && use_v4 == 1) - use_v5 = 0; -#endif - - if (use_only_broken) { -#ifdef KRB4 - use_v4 = 0; -#endif -#ifdef KRB5 - use_v5 = 0; -#endif - } - - if(priv_socket1 < 0) { - if (use_only_broken) - errx (1, "unable to bind reserved port: is rsh setuid root?"); - use_broken = 0; - } - -#if defined(KRB4) || defined(KRB5) - if (do_encrypt == 1 && use_only_broken) - errx (1, "encryption not supported with old style authentication"); -#endif - - - -#ifdef KRB5 - if (do_unique_tkfile && unique_tkfile != NULL) - errx (1, "Only one of -u and -U allowed."); - - if (do_unique_tkfile) - strlcpy(tkfile,"-u ", sizeof(tkfile)); - else if (unique_tkfile != NULL) { - if (strchr(unique_tkfile,' ') != NULL) { - warnx("Space is not allowed in tkfilename"); - usage(1); - } - do_unique_tkfile = 1; - snprintf (tkfile, sizeof(tkfile), "-U %s ", unique_tkfile); - } -#endif - - if (host == NULL) { - if (argc - argindex < 1) - usage (1); - else - host = argv[host_index = argindex++]; - } - - if((tmp = strchr(host, '@')) != NULL) { - *tmp++ = '\0'; - user = host; - host = tmp; - } - - if (argindex == argc) { - close (priv_socket1); - close (priv_socket2); - argv[0] = "rlogin"; - execvp ("rlogin", argv); - err (1, "execvp rlogin"); - } - - local_user = get_default_username (); - if (local_user == NULL) - errx (1, "who are you?"); - - if (user == NULL) - user = local_user; - - cmd_len = construct_command(&cmd, argc - argindex, argv + argindex); - - /* - * Try all different authentication methods - */ - -#ifdef KRB5 - if (ret && use_v5) { - memset (&hints, 0, sizeof(hints)); - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = IPPROTO_TCP; - - if(port_str == NULL) { - error = getaddrinfo(host, "kshell", &hints, &ai); - if(error == EAI_NONAME) - error = getaddrinfo(host, "544", &hints, &ai); - } else - error = getaddrinfo(host, port_str, &hints, &ai); - - if(error) - errx (1, "getaddrinfo: %s", gai_strerror(error)); - - auth_method = AUTH_KRB5; - again: - ret = doit (host, ai, user, local_user, cmd, cmd_len, - send_krb5_auth); - if(ret != 0 && sendauth_version_error && - protocol_version == 2) { - protocol_version = 1; - goto again; - } - freeaddrinfo(ai); - } -#endif -#ifdef KRB4 - if (ret && use_v4) { - memset (&hints, 0, sizeof(hints)); - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = IPPROTO_TCP; - - if(port_str == NULL) { - if(do_encrypt) { - error = getaddrinfo(host, "ekshell", &hints, &ai); - if(error == EAI_NONAME) - error = getaddrinfo(host, "545", &hints, &ai); - } else { - error = getaddrinfo(host, "kshell", &hints, &ai); - if(error == EAI_NONAME) - error = getaddrinfo(host, "544", &hints, &ai); - } - } else - error = getaddrinfo(host, port_str, &hints, &ai); - - if(error) - errx (1, "getaddrinfo: %s", gai_strerror(error)); - auth_method = AUTH_KRB4; - ret = doit (host, ai, user, local_user, cmd, cmd_len, - send_krb4_auth); - freeaddrinfo(ai); - } -#endif - if (ret && use_broken) { - memset (&hints, 0, sizeof(hints)); - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = IPPROTO_TCP; - - if(port_str == NULL) { - error = getaddrinfo(host, "shell", &hints, &ai); - if(error == EAI_NONAME) - error = getaddrinfo(host, "514", &hints, &ai); - } else - error = getaddrinfo(host, port_str, &hints, &ai); - - if(error) - errx (1, "getaddrinfo: %s", gai_strerror(error)); - - auth_method = AUTH_BROKEN; - ret = doit_broken (argc, argv, host_index, ai, - user, local_user, - priv_socket1, - do_errsock ? priv_socket2 : -1, - cmd, cmd_len); - freeaddrinfo(ai); - } - free(cmd); - return ret; -} diff --git a/crypto/heimdal/appl/rsh/rsh_locl.h b/crypto/heimdal/appl/rsh/rsh_locl.h deleted file mode 100644 index 0d65962bfd0e..000000000000 --- a/crypto/heimdal/appl/rsh/rsh_locl.h +++ /dev/null @@ -1,169 +0,0 @@ -/* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: rsh_locl.h 21553 2007-07-15 09:04:52Z lha $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_SYS_WAIT_H -#include -#endif -#ifdef HAVE_SYS_SELECT_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif - -#ifdef HAVE_PWD_H -#include -#endif -#ifdef HAVE_SHADOW_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_LIMITS_H -#include -#endif -#include - -#ifdef HAVE_SYS_PARAM_H -#include -#endif - -#ifdef HAVE_SYSLOG_H -#include -#endif -#ifdef HAVE_PATHS_H -#include -#endif -#include -#include -#include -#ifdef KRB4 -#include -#include -#endif -#ifdef KRB5 -#include -/* XXX */ -struct krb5_pk_identity; -struct krb5_pk_cert; -struct ContentInfo; -struct _krb5_krb_auth_data; -struct krb5_dh_moduli; -#include "crypto-headers.h" -#include /* for _krb5_{get,put}_int */ -#endif -#if defined(KRB4) || defined(KRB5) -#include -#endif - -#ifndef _PATH_BSHELL -#define _PATH_BSHELL "/bin/sh" -#endif - -#ifndef _PATH_DEFPATH -#define _PATH_DEFPATH "/usr/bin:/bin" -#endif - -#include "loginpaths.h" - -/* - * - */ - -enum auth_method { AUTH_KRB4, AUTH_KRB5, AUTH_BROKEN }; - -extern enum auth_method auth_method; -extern int do_encrypt; -#ifdef KRB5 -extern krb5_context context; -extern krb5_keyblock *keyblock; -extern krb5_crypto crypto; -extern int key_usage; -extern void *ivec_in[2]; -extern void *ivec_out[2]; -void init_ivecs(int, int); -#endif -#ifdef KRB4 -extern des_key_schedule schedule; -extern des_cblock iv; -#endif - -#define KCMD_OLD_VERSION "KCMDV0.1" -#define KCMD_NEW_VERSION "KCMDV0.2" - -#define USERNAME_SZ 16 -#ifndef ARG_MAX -#define ARG_MAX 8192 -#endif - -#define RSH_BUFSIZ (5 * 1024) /* MIT kcmd can't handle larger buffers */ -#define RSHD_BUFSIZ (16 * 1024) /* Old maxize for Heimdal 0.4 rsh */ - -#define PATH_RSH BINDIR "/rsh" - -#if defined(KRB4) || defined(KRB5) -ssize_t do_read (int, void*, size_t, void*); -ssize_t do_write (int, void*, size_t, void*); -#else -#define do_write(F, B, L, I) write((F), (B), (L)) -#define do_read(F, B, L, I) read((F), (B), (L)) -#endif diff --git a/crypto/heimdal/appl/rsh/rshd.8 b/crypto/heimdal/appl/rsh/rshd.8 deleted file mode 100644 index 95737a5082d3..000000000000 --- a/crypto/heimdal/appl/rsh/rshd.8 +++ /dev/null @@ -1,162 +0,0 @@ -.\" Copyright (c) 2001 - 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: rshd.8 16764 2006-02-27 10:07:04Z joda $ -.\" -.Dd November 22, 2002 -.Dt RSHD 8 -.Os HEIMDAL -.Sh NAME -.Nm rshd -.Nd -remote shell server -.Sh SYNOPSIS -.Nm -.Op Fl aiklnvxPL -.Op Fl p Ar port -.Sh DESCRIPTION -.Nm -is the server for -the -.Xr rsh 1 -program. It provides an authenticated remote command execution -service. Supported options are: -.Bl -tag -width Ds -.It Xo -.Fl n , -.Fl -no-keepalive -.Xc -Disables keep-alive messages. -Keep-alives are packets sent at certain intervals to make sure that the -client is still there, even when it doesn't send any data. -.It Xo -.Fl k , -.Fl -kerberos -.Xc -Assume that clients connecting to this server will use some form of -Kerberos authentication. See the -.Sx EXAMPLES -section for a sample -.Xr inetd.conf 5 -configuration. -.It Xo -.Fl x , -.Fl -encrypt -.Xc -For Kerberos 4 this means that the connections are encrypted. Kerberos -5 can negotiate encryption even without this option, but if it's -present -.Nm -will deny unencrypted connections. This option implies -.Fl k . -.\".It Xo -.\".Fl l , -.\".Fl -no-rhosts -.\".Xc -.\"When using old port-based authentication, the user's -.\".Pa .rhosts -.\"files are normally checked. This option disables this. -.It Xo -.Fl v , -.Fl -vacuous -.Xc -If the connecting client does not use any Kerberised authentication, -print a message that complains about this fact, and exit. This is -helpful if you want to move away from old port-based authentication. -.It Xo -.Fl P -.Xc -When using the AFS filesystem, users' authentication tokens are put in -something called a PAG (Process Authentication Group). Multiple -processes can share a PAG, but normally each login session has its own -PAG. This option disables the -.Fn setpag -call, so all tokens will be put in the default (uid-based) PAG, making -it possible to share tokens between sessions. This is only useful in -peculiar environments, such as some batch systems. -.It Xo -.Fl i , -.Fl -no-inetd -.Xc -The -.Fl i -option will cause -.Nm -to create a socket, instead of assuming that its stdin came from -.Xr inetd 8 . -This is mostly useful for debugging. -.It Xo -.Fl p Ar port , -.Fl -port= Ns Ar port -.Xc -Port to use with -.Fl i . -.It Xo -.Fl a -.Xc -This flag is for backwards compatibility only. -.It Xo -.Fl L -.Xc -This flag enables logging of connections to -.Xr syslogd 8 . -This option is always on in this implementation. -.El -.\".Sh ENVIRONMENT -.Sh FILES -.Bl -tag -width /etc/hosts.equiv -compact -.It Pa /etc/hosts.equiv -.It Pa ~/.rhosts -.El -.Sh EXAMPLES -The following can be used to enable Kerberised rsh in -.Xr inetd.cond 5 , -while disabling non-Kerberised connections: -.Bd -literal -shell stream tcp nowait root /usr/libexec/rshd rshd -v -kshell stream tcp nowait root /usr/libexec/rshd rshd -k -ekshell stream tcp nowait root /usr/libexec/rshd rshd -kx -.Ed -.\".Sh DIAGNOSTICS -.Sh SEE ALSO -.Xr rsh 1 , -.Xr iruserok 3 -.\".Sh STANDARDS -.Sh HISTORY -The -.Nm -command appeared in -.Bx 4.2 . -.Sh AUTHORS -This implementation of -.Nm -was written as part of the Heimdal Kerberos 5 implementation. -.\".Sh BUGS diff --git a/crypto/heimdal/appl/rsh/rshd.c b/crypto/heimdal/appl/rsh/rshd.c deleted file mode 100644 index 852327ad6705..000000000000 --- a/crypto/heimdal/appl/rsh/rshd.c +++ /dev/null @@ -1,1063 +0,0 @@ -/* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "rsh_locl.h" -#include "login_locl.h" -RCSID("$Id: rshd.c 21515 2007-07-12 12:47:07Z lha $"); - -int -login_access( struct passwd *user, char *from); -int -read_limits_conf(const char *file, const struct passwd *pwd); - -#ifdef NEED_IRUSEROK_PROTO -int iruserok(uint32_t, int, const char *, const char *); -#endif - -enum auth_method auth_method; - -#ifdef KRB5 -krb5_context context; -krb5_keyblock *keyblock; -krb5_crypto crypto; -#endif - -#ifdef KRB4 -des_key_schedule schedule; -des_cblock iv; -#endif - -#ifdef KRB5 -krb5_ccache ccache, ccache2; -int kerberos_status = 0; -#endif - -int do_encrypt = 0; - -static int do_unique_tkfile = 0; -static char tkfile[MAXPATHLEN] = ""; - -static int do_inetd = 1; -static char *port_str; -static int do_rhosts = 1; -static int do_kerberos = 0; -#define DO_KRB4 2 -#define DO_KRB5 4 -static int do_vacuous = 0; -static int do_log = 1; -static int do_newpag = 1; -static int do_addr_verify = 0; -static int do_keepalive = 1; -static int do_version; -static int do_help = 0; - -static void -syslog_and_die (const char *m, ...) - __attribute__ ((format (printf, 1, 2))); - -static void -syslog_and_die (const char *m, ...) -{ - va_list args; - - va_start(args, m); - vsyslog (LOG_ERR, m, args); - va_end(args); - exit (1); -} - -static void -fatal (int, const char*, const char *, ...) - __attribute__ ((noreturn, format (printf, 3, 4))); - -static void -fatal (int sock, const char *what, const char *m, ...) -{ - va_list args; - char buf[BUFSIZ]; - size_t len; - - *buf = 1; - va_start(args, m); - len = vsnprintf (buf + 1, sizeof(buf) - 1, m, args); - len = min(len, sizeof(buf) - 1); - va_end(args); - if(what != NULL) - syslog (LOG_ERR, "%s: %m: %s", what, buf + 1); - else - syslog (LOG_ERR, "%s", buf + 1); - net_write (sock, buf, len + 1); - exit (1); -} - -static char * -read_str (int s, size_t sz, char *expl) -{ - char *str = malloc(sz); - char *p = str; - if(str == NULL) - fatal(s, NULL, "%s too long", expl); - while(p < str + sz) { - if(net_read(s, p, 1) != 1) - syslog_and_die("read: %m"); - if(*p == '\0') - return str; - p++; - } - fatal(s, NULL, "%s too long", expl); -} - -static int -recv_bsd_auth (int s, u_char *buf, - struct sockaddr_in *thisaddr, - struct sockaddr_in *thataddr, - char **client_username, - char **server_username, - char **cmd) -{ - struct passwd *pwd; - - *client_username = read_str (s, USERNAME_SZ, "local username"); - *server_username = read_str (s, USERNAME_SZ, "remote username"); - *cmd = read_str (s, ARG_MAX + 1, "command"); - pwd = getpwnam(*server_username); - if (pwd == NULL) - fatal(s, NULL, "Login incorrect."); - if (iruserok(thataddr->sin_addr.s_addr, pwd->pw_uid == 0, - *client_username, *server_username)) - fatal(s, NULL, "Login incorrect."); - return 0; -} - -#ifdef KRB4 -static int -recv_krb4_auth (int s, u_char *buf, - struct sockaddr *thisaddr, - struct sockaddr *thataddr, - char **client_username, - char **server_username, - char **cmd) -{ - int status; - int32_t options; - KTEXT_ST ticket; - AUTH_DAT auth; - char instance[INST_SZ + 1]; - char version[KRB_SENDAUTH_VLEN + 1]; - - if (memcmp (buf, KRB_SENDAUTH_VERS, 4) != 0) - return -1; - if (net_read (s, buf + 4, KRB_SENDAUTH_VLEN - 4) != - KRB_SENDAUTH_VLEN - 4) - syslog_and_die ("reading auth info: %m"); - if (memcmp (buf, KRB_SENDAUTH_VERS, KRB_SENDAUTH_VLEN) != 0) - syslog_and_die("unrecognized auth protocol: %.8s", buf); - - options = KOPT_IGNORE_PROTOCOL; - if (do_encrypt) - options |= KOPT_DO_MUTUAL; - k_getsockinst (s, instance, sizeof(instance)); - status = krb_recvauth (options, - s, - &ticket, - "rcmd", - instance, - (struct sockaddr_in *)thataddr, - (struct sockaddr_in *)thisaddr, - &auth, - "", - schedule, - version); - if (status != KSUCCESS) - syslog_and_die ("recvauth: %s", krb_get_err_text(status)); - if (strncmp (version, KCMD_OLD_VERSION, KRB_SENDAUTH_VLEN) != 0) - syslog_and_die ("bad version: %s", version); - - *server_username = read_str (s, USERNAME_SZ, "remote username"); - if (kuserok (&auth, *server_username) != 0) - fatal (s, NULL, "Permission denied."); - *cmd = read_str (s, ARG_MAX + 1, "command"); - - syslog(LOG_INFO|LOG_AUTH, - "kerberos v4 shell from %s on %s as %s, cmd '%.80s'", - krb_unparse_name_long(auth.pname, auth.pinst, auth.prealm), - - inet_ntoa(((struct sockaddr_in *)thataddr)->sin_addr), - *server_username, - *cmd); - - memcpy (iv, auth.session, sizeof(iv)); - - return 0; -} - -#endif /* KRB4 */ - -#ifdef KRB5 -static int -save_krb5_creds (int s, - krb5_auth_context auth_context, - krb5_principal client) - -{ - int ret; - krb5_data remote_cred; - - krb5_data_zero (&remote_cred); - ret= krb5_read_message (context, (void *)&s, &remote_cred); - if (ret) { - krb5_data_free(&remote_cred); - return 0; - } - if (remote_cred.length == 0) - return 0; - - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &ccache); - if (ret) { - krb5_data_free(&remote_cred); - return 0; - } - - krb5_cc_initialize(context,ccache,client); - ret = krb5_rd_cred2(context, auth_context, ccache, &remote_cred); - if(ret != 0) - syslog(LOG_INFO|LOG_AUTH, - "reading creds: %s", krb5_get_err_text(context, ret)); - krb5_data_free (&remote_cred); - if (ret) - return 0; - return 1; -} - -static void -krb5_start_session (void) -{ - krb5_error_code ret; - char *estr; - - ret = krb5_cc_resolve (context, tkfile, &ccache2); - if (ret) { - estr = krb5_get_error_string(context); - syslog(LOG_WARNING, "resolve cred cache %s: %s", - tkfile, - estr ? estr : krb5_get_err_text(context, ret)); - free(estr); - krb5_cc_destroy(context, ccache); - return; - } - - ret = krb5_cc_copy_cache (context, ccache, ccache2); - if (ret) { - estr = krb5_get_error_string(context); - syslog(LOG_WARNING, "storing credentials: %s", - estr ? estr : krb5_get_err_text(context, ret)); - free(estr); - krb5_cc_destroy(context, ccache); - return ; - } - - krb5_cc_close(context, ccache2); - krb5_cc_destroy(context, ccache); - return; -} - -static int protocol_version; - -static krb5_boolean -match_kcmd_version(const void *data, const char *version) -{ - if(strcmp(version, KCMD_NEW_VERSION) == 0) { - protocol_version = 2; - return TRUE; - } - if(strcmp(version, KCMD_OLD_VERSION) == 0) { - protocol_version = 1; - key_usage = KRB5_KU_OTHER_ENCRYPTED; - return TRUE; - } - return FALSE; -} - - -static int -recv_krb5_auth (int s, u_char *buf, - struct sockaddr *thisaddr, - struct sockaddr *thataddr, - char **client_username, - char **server_username, - char **cmd) -{ - uint32_t len; - krb5_auth_context auth_context = NULL; - krb5_ticket *ticket; - krb5_error_code status; - krb5_data cksum_data; - krb5_principal server; - char *str; - - if (memcmp (buf, "\x00\x00\x00\x13", 4) != 0) - return -1; - len = (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | (buf[3]); - - if (net_read(s, buf, len) != len) - syslog_and_die ("reading auth info: %m"); - if (len != sizeof(KRB5_SENDAUTH_VERSION) - || memcmp (buf, KRB5_SENDAUTH_VERSION, len) != 0) - syslog_and_die ("bad sendauth version: %.8s", buf); - - status = krb5_sock_to_principal (context, - s, - "host", - KRB5_NT_SRV_HST, - &server); - if (status) - syslog_and_die ("krb5_sock_to_principal: %s", - krb5_get_err_text(context, status)); - - status = krb5_recvauth_match_version(context, - &auth_context, - &s, - match_kcmd_version, - NULL, - server, - KRB5_RECVAUTH_IGNORE_VERSION, - NULL, - &ticket); - krb5_free_principal (context, server); - if (status) - syslog_and_die ("krb5_recvauth: %s", - krb5_get_err_text(context, status)); - - *server_username = read_str (s, USERNAME_SZ, "remote username"); - *cmd = read_str (s, ARG_MAX + 1, "command"); - *client_username = read_str (s, ARG_MAX + 1, "local username"); - - if(protocol_version == 2) { - status = krb5_auth_con_getremotesubkey(context, auth_context, - &keyblock); - if(status != 0 || keyblock == NULL) - syslog_and_die("failed to get remote subkey"); - } else if(protocol_version == 1) { - status = krb5_auth_con_getkey (context, auth_context, &keyblock); - if(status != 0 || keyblock == NULL) - syslog_and_die("failed to get key"); - } - if (status != 0 || keyblock == NULL) - syslog_and_die ("krb5_auth_con_getkey: %s", - krb5_get_err_text(context, status)); - - status = krb5_crypto_init(context, keyblock, 0, &crypto); - if(status) - syslog_and_die("krb5_crypto_init: %s", - krb5_get_err_text(context, status)); - - - cksum_data.length = asprintf (&str, - "%u:%s%s", - ntohs(socket_get_port (thisaddr)), - *cmd, - *server_username); - if (str == NULL) - syslog_and_die ("asprintf: out of memory"); - cksum_data.data = str; - - status = krb5_verify_authenticator_checksum(context, - auth_context, - cksum_data.data, - cksum_data.length); - - if (status) - syslog_and_die ("krb5_verify_authenticator_checksum: %s", - krb5_get_err_text(context, status)); - - free (cksum_data.data); - - if (strncmp (*client_username, "-u ", 3) == 0) { - do_unique_tkfile = 1; - memmove (*client_username, *client_username + 3, - strlen(*client_username) - 2); - } - - if (strncmp (*client_username, "-U ", 3) == 0) { - char *end, *temp_tkfile; - - do_unique_tkfile = 1; - if (strncmp (*client_username + 3, "FILE:", 5) == 0) { - temp_tkfile = tkfile; - } else { - strlcpy (tkfile, "FILE:", sizeof(tkfile)); - temp_tkfile = tkfile + 5; - } - end = strchr(*client_username + 3,' '); - if (end == NULL) - syslog_and_die("missing argument after -U"); - snprintf(temp_tkfile, sizeof(tkfile) - (temp_tkfile - tkfile), - "%.*s", - (int)(end - *client_username - 3), - *client_username + 3); - memmove (*client_username, end + 1, strlen(end+1)+1); - } - - kerberos_status = save_krb5_creds (s, auth_context, ticket->client); - - if(!krb5_kuserok (context, - ticket->client, - *server_username)) - fatal (s, NULL, "Permission denied."); - - if (strncmp (*cmd, "-x ", 3) == 0) { - do_encrypt = 1; - memmove (*cmd, *cmd + 3, strlen(*cmd) - 2); - } else { - if(do_encrypt) - fatal (s, NULL, "Encryption is required."); - do_encrypt = 0; - } - - { - char *name; - - if (krb5_unparse_name (context, ticket->client, &name) == 0) { - char addr_str[256]; - - if (inet_ntop (thataddr->sa_family, - socket_get_address (thataddr), - addr_str, sizeof(addr_str)) == NULL) - strlcpy (addr_str, "unknown address", - sizeof(addr_str)); - - syslog(LOG_INFO|LOG_AUTH, - "kerberos v5 shell from %s on %s as %s, cmd '%.80s'", - name, - addr_str, - *server_username, - *cmd); - free (name); - } - } - - return 0; -} -#endif /* KRB5 */ - -static void -rshd_loop (int from0, int to0, - int to1, int from1, - int to2, int from2, - int have_errsock) -{ - fd_set real_readset; - int max_fd; - int count = 2; - char *buf; - - if(from0 >= FD_SETSIZE || from1 >= FD_SETSIZE || from2 >= FD_SETSIZE) - errx (1, "fd too large"); - -#ifdef KRB5 - if(auth_method == AUTH_KRB5 && protocol_version == 2) - init_ivecs(0, have_errsock); -#endif - - FD_ZERO(&real_readset); - FD_SET(from0, &real_readset); - FD_SET(from1, &real_readset); - FD_SET(from2, &real_readset); - max_fd = max(from0, max(from1, from2)) + 1; - - buf = malloc(max(RSHD_BUFSIZ, RSH_BUFSIZ)); - if (buf == NULL) - syslog_and_die("out of memory"); - - for (;;) { - int ret; - fd_set readset = real_readset; - - ret = select (max_fd, &readset, NULL, NULL, NULL); - if (ret < 0) { - if (errno == EINTR) - continue; - else - syslog_and_die ("select: %m"); - } - if (FD_ISSET(from0, &readset)) { - ret = do_read (from0, buf, RSHD_BUFSIZ, ivec_in[0]); - if (ret < 0) - syslog_and_die ("read: %m"); - else if (ret == 0) { - close (from0); - close (to0); - FD_CLR(from0, &real_readset); - } else - net_write (to0, buf, ret); - } - if (FD_ISSET(from1, &readset)) { - ret = read (from1, buf, RSH_BUFSIZ); - if (ret < 0) - syslog_and_die ("read: %m"); - else if (ret == 0) { - close (from1); - close (to1); - FD_CLR(from1, &real_readset); - if (--count == 0) - exit (0); - } else - do_write (to1, buf, ret, ivec_out[0]); - } - if (FD_ISSET(from2, &readset)) { - ret = read (from2, buf, RSH_BUFSIZ); - if (ret < 0) - syslog_and_die ("read: %m"); - else if (ret == 0) { - close (from2); - close (to2); - FD_CLR(from2, &real_readset); - if (--count == 0) - exit (0); - } else - do_write (to2, buf, ret, ivec_out[1]); - } - } -} - -/* - * Used by `setup_copier' to create some pipe-like means of - * communcation. Real pipes would probably be the best thing, but - * then the shell doesn't understand it's talking to rshd. If - * socketpair doesn't work everywhere, some autoconf magic would have - * to be added here. - * - * If it fails creating the `pipe', it aborts by calling fatal. - */ - -static void -pipe_a_like (int fd[2]) -{ - if (socketpair (AF_UNIX, SOCK_STREAM, 0, fd) < 0) - fatal (STDOUT_FILENO, "socketpair", "Pipe creation failed."); -} - -/* - * Start a child process and leave the parent copying data to and from it. */ - -static void -setup_copier (int have_errsock) -{ - int p0[2], p1[2], p2[2]; - pid_t pid; - - pipe_a_like(p0); - pipe_a_like(p1); - pipe_a_like(p2); - pid = fork (); - if (pid < 0) - fatal (STDOUT_FILENO, "fork", "Could not create child process."); - if (pid == 0) { /* child */ - close (p0[1]); - close (p1[0]); - close (p2[0]); - dup2 (p0[0], STDIN_FILENO); - dup2 (p1[1], STDOUT_FILENO); - dup2 (p2[1], STDERR_FILENO); - close (p0[0]); - close (p1[1]); - close (p2[1]); - } else { /* parent */ - close (p0[0]); - close (p1[1]); - close (p2[1]); - - if (net_write (STDOUT_FILENO, "", 1) != 1) - fatal (STDOUT_FILENO, "net_write", "Write failure."); - - rshd_loop (STDIN_FILENO, p0[1], - STDOUT_FILENO, p1[0], - STDERR_FILENO, p2[0], - have_errsock); - } -} - -/* - * Is `port' a ``reserverd'' port? - */ - -static int -is_reserved(u_short port) -{ - return ntohs(port) < IPPORT_RESERVED; -} - -/* - * Set the necessary part of the environment in `env'. - */ - -static void -setup_environment (char ***env, const struct passwd *pwd) -{ - int i, j, path; - char **e; - - i = 0; - path = 0; - *env = NULL; - - i = read_environment(_PATH_ETC_ENVIRONMENT, env); - e = *env; - for (j = 0; j < i; j++) { - if (!strncmp(e[j], "PATH=", 5)) { - path = 1; - } - } - - e = *env; - e = realloc(e, (i + 7) * sizeof(char *)); - - if (asprintf (&e[i++], "USER=%s", pwd->pw_name) == -1) - syslog_and_die ("asprintf: out of memory"); - if (asprintf (&e[i++], "HOME=%s", pwd->pw_dir) == -1) - syslog_and_die ("asprintf: out of memory"); - if (asprintf (&e[i++], "SHELL=%s", pwd->pw_shell) == -1) - syslog_and_die ("asprintf: out of memory"); - if (! path) { - if (asprintf (&e[i++], "PATH=%s", _PATH_DEFPATH) == -1) - syslog_and_die ("asprintf: out of memory"); - } - asprintf (&e[i++], "SSH_CLIENT=only_to_make_bash_happy"); - if (do_unique_tkfile) - if (asprintf (&e[i++], "KRB5CCNAME=%s", tkfile) == -1) - syslog_and_die ("asprintf: out of memory"); - e[i++] = NULL; - *env = e; -} - -static void -doit (void) -{ - u_char buf[BUFSIZ]; - u_char *p; - struct sockaddr_storage thisaddr_ss; - struct sockaddr *thisaddr = (struct sockaddr *)&thisaddr_ss; - struct sockaddr_storage thataddr_ss; - struct sockaddr *thataddr = (struct sockaddr *)&thataddr_ss; - struct sockaddr_storage erraddr_ss; - struct sockaddr *erraddr = (struct sockaddr *)&erraddr_ss; - socklen_t thisaddr_len, thataddr_len; - int port; - int errsock = -1; - char *client_user = NULL, *server_user = NULL, *cmd = NULL; - struct passwd *pwd; - int s = STDIN_FILENO; - char **env; - int ret; - char that_host[NI_MAXHOST]; - - thisaddr_len = sizeof(thisaddr_ss); - if (getsockname (s, thisaddr, &thisaddr_len) < 0) - syslog_and_die("getsockname: %m"); - thataddr_len = sizeof(thataddr_ss); - if (getpeername (s, thataddr, &thataddr_len) < 0) - syslog_and_die ("getpeername: %m"); - - /* check for V4MAPPED addresses? */ - - if (do_kerberos == 0 && !is_reserved(socket_get_port(thataddr))) - fatal(s, NULL, "Permission denied."); - - p = buf; - port = 0; - for(;;) { - if (net_read (s, p, 1) != 1) - syslog_and_die ("reading port number: %m"); - if (*p == '\0') - break; - else if (isdigit(*p)) - port = port * 10 + *p - '0'; - else - syslog_and_die ("non-digit in port number: %c", *p); - } - - if (do_kerberos == 0 && !is_reserved(htons(port))) - fatal(s, NULL, "Permission denied."); - - if (port) { - int priv_port = IPPORT_RESERVED - 1; - - /* - * There's no reason to require a ``privileged'' port number - * here, but for some reason the brain dead rsh clients - * do... :-( - */ - - erraddr->sa_family = thataddr->sa_family; - socket_set_address_and_port (erraddr, - socket_get_address (thataddr), - htons(port)); - - /* - * we only do reserved port for IPv4 - */ - - if (erraddr->sa_family == AF_INET) - errsock = rresvport (&priv_port); - else - errsock = socket (erraddr->sa_family, SOCK_STREAM, 0); - if (errsock < 0) - syslog_and_die ("socket: %m"); - if (connect (errsock, - erraddr, - socket_sockaddr_size (erraddr)) < 0) { - syslog (LOG_WARNING, "connect: %m"); - close (errsock); - } - } - - if(do_kerberos) { - if (net_read (s, buf, 4) != 4) - syslog_and_die ("reading auth info: %m"); - -#ifdef KRB4 - if ((do_kerberos & DO_KRB4) && - recv_krb4_auth (s, buf, thisaddr, thataddr, - &client_user, - &server_user, - &cmd) == 0) - auth_method = AUTH_KRB4; - else -#endif /* KRB4 */ -#ifdef KRB5 - if((do_kerberos & DO_KRB5) && - recv_krb5_auth (s, buf, thisaddr, thataddr, - &client_user, - &server_user, - &cmd) == 0) - auth_method = AUTH_KRB5; - else -#endif /* KRB5 */ - syslog_and_die ("unrecognized auth protocol: %x %x %x %x", - buf[0], buf[1], buf[2], buf[3]); - } else { - if(recv_bsd_auth (s, buf, - (struct sockaddr_in *)thisaddr, - (struct sockaddr_in *)thataddr, - &client_user, - &server_user, - &cmd) == 0) { - auth_method = AUTH_BROKEN; - if(do_vacuous) { - printf("Remote host requires Kerberos authentication\n"); - exit(0); - } - } else - syslog_and_die("recv_bsd_auth failed"); - } - - if (client_user == NULL || server_user == NULL || cmd == NULL) - syslog_and_die("mising client/server/cmd"); - - pwd = getpwnam (server_user); - if (pwd == NULL) - fatal (s, NULL, "Login incorrect."); - - if (*pwd->pw_shell == '\0') - pwd->pw_shell = _PATH_BSHELL; - - if (pwd->pw_uid != 0 && access (_PATH_NOLOGIN, F_OK) == 0) - fatal (s, NULL, "Login disabled."); - - - ret = getnameinfo_verified (thataddr, thataddr_len, - that_host, sizeof(that_host), - NULL, 0, 0); - if (ret) - fatal (s, NULL, "getnameinfo: %s", gai_strerror(ret)); - - if (login_access(pwd, that_host) == 0) { - syslog(LOG_NOTICE, "Kerberos rsh denied to %s from %s", - server_user, that_host); - fatal(s, NULL, "Permission denied."); - } - -#ifdef HAVE_GETSPNAM - { - struct spwd *sp; - long today; - - sp = getspnam(server_user); - if (sp != NULL) { - today = time(0)/(24L * 60 * 60); - if (sp->sp_expire > 0) - if (today > sp->sp_expire) - fatal(s, NULL, "Account has expired."); - } - } -#endif - - -#ifdef HAVE_SETLOGIN - if (setlogin(pwd->pw_name) < 0) - syslog(LOG_ERR, "setlogin() failed: %m"); -#endif - -#ifdef HAVE_SETPCRED - if (setpcred (pwd->pw_name, NULL) == -1) - syslog(LOG_ERR, "setpcred() failure: %m"); -#endif /* HAVE_SETPCRED */ - - /* Apply limits if not root */ - if(pwd->pw_uid != 0) { - const char *file = _PATH_LIMITS_CONF; - read_limits_conf(file, pwd); - } - - if (initgroups (pwd->pw_name, pwd->pw_gid) < 0) - fatal (s, "initgroups", "Login incorrect."); - - if (setgid(pwd->pw_gid) < 0) - fatal (s, "setgid", "Login incorrect."); - - if (setuid (pwd->pw_uid) < 0) - fatal (s, "setuid", "Login incorrect."); - - if (chdir (pwd->pw_dir) < 0) - fatal (s, "chdir", "Remote directory."); - - if (errsock >= 0) { - if (dup2 (errsock, STDERR_FILENO) < 0) - fatal (s, "dup2", "Cannot dup stderr."); - close (errsock); - } else { - if (dup2 (STDOUT_FILENO, STDERR_FILENO) < 0) - fatal (s, "dup2", "Cannot dup stderr."); - } - -#ifdef KRB5 - { - int fd; - - if (!do_unique_tkfile) - snprintf(tkfile,sizeof(tkfile),"FILE:/tmp/krb5cc_%lu", - (unsigned long)pwd->pw_uid); - else if (*tkfile=='\0') { - snprintf(tkfile,sizeof(tkfile),"FILE:/tmp/krb5cc_XXXXXX"); - fd = mkstemp(tkfile+5); - close(fd); - unlink(tkfile+5); - } - - if (kerberos_status) - krb5_start_session(); - } -#endif - - setup_environment (&env, pwd); - - if (do_encrypt) { - setup_copier (errsock >= 0); - } else { - if (net_write (s, "", 1) != 1) - fatal (s, "net_write", "write failed"); - } - -#if defined(KRB4) || defined(KRB5) - if(k_hasafs()) { - char cell[64]; - - if(do_newpag) - k_setpag(); -#ifdef KRB4 - if (k_afs_cell_of_file (pwd->pw_dir, cell, sizeof(cell)) == 0) - krb_afslog_uid_home (cell, NULL, pwd->pw_uid, pwd->pw_dir); - krb_afslog_uid_home(NULL, NULL, pwd->pw_uid, pwd->pw_dir); -#endif - -#ifdef KRB5 - /* XXX */ - if (kerberos_status) { - krb5_ccache ccache; - krb5_error_code status; - - status = krb5_cc_resolve (context, tkfile, &ccache); - if (!status) { - if (k_afs_cell_of_file (pwd->pw_dir, cell, sizeof(cell)) == 0) - krb5_afslog_uid_home(context, ccache, cell, NULL, - pwd->pw_uid, pwd->pw_dir); - krb5_afslog_uid_home(context, ccache, NULL, NULL, - pwd->pw_uid, pwd->pw_dir); - krb5_cc_close (context, ccache); - } - } -#endif /* KRB5 */ - } -#endif /* KRB5 || KRB4 */ - execle (pwd->pw_shell, pwd->pw_shell, "-c", cmd, NULL, env); - err(1, "exec %s", pwd->pw_shell); -} - -struct getargs args[] = { - { NULL, 'a', arg_flag, &do_addr_verify }, - { "keepalive", 'n', arg_negative_flag, &do_keepalive }, - { "inetd", 'i', arg_negative_flag, &do_inetd, - "Not started from inetd" }, -#if defined(KRB4) || defined(KRB5) - { "kerberos", 'k', arg_flag, &do_kerberos, - "Implement kerberised services" }, - { "encrypt", 'x', arg_flag, &do_encrypt, - "Implement encrypted service" }, -#endif - { "rhosts", 'l', arg_negative_flag, &do_rhosts, - "Don't check users .rhosts" }, - { "port", 'p', arg_string, &port_str, "Use this port", - "port" }, - { "vacuous", 'v', arg_flag, &do_vacuous, - "Don't accept non-kerberised connections" }, -#if defined(KRB4) || defined(KRB5) - { NULL, 'P', arg_negative_flag, &do_newpag, - "Don't put process in new PAG" }, -#endif - /* compatibility flag: */ - { NULL, 'L', arg_flag, &do_log }, - { "version", 0, arg_flag, &do_version }, - { "help", 0, arg_flag, &do_help } -}; - -static void -usage (int ret) -{ - if(isatty(STDIN_FILENO)) - arg_printusage (args, - sizeof(args) / sizeof(args[0]), - NULL, - ""); - else - syslog (LOG_ERR, "Usage: %s [-ikxlvPL] [-p port]", getprogname()); - exit (ret); -} - - -int -main(int argc, char **argv) -{ - int optind = 0; - int on = 1; - - setprogname (argv[0]); - roken_openlog ("rshd", LOG_ODELAY | LOG_PID, LOG_AUTH); - - if (getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, - &optind)) - usage(1); - - if(do_help) - usage (0); - - if (do_version) { - print_version(NULL); - exit(0); - } - -#if defined(KRB4) || defined(KRB5) - if (do_encrypt) - do_kerberos = 1; - - if(do_kerberos) - do_kerberos = DO_KRB4 | DO_KRB5; -#endif - -#ifdef KRB5 - if((do_kerberos & DO_KRB5) && krb5_init_context (&context) != 0) - do_kerberos &= ~DO_KRB5; -#endif - - if (!do_inetd) { - int error; - struct addrinfo *ai = NULL, hints; - char portstr[NI_MAXSERV]; - - memset (&hints, 0, sizeof(hints)); - hints.ai_flags = AI_PASSIVE; - hints.ai_socktype = SOCK_STREAM; - hints.ai_family = PF_UNSPEC; - - if(port_str != NULL) { - error = getaddrinfo (NULL, port_str, &hints, &ai); - if (error) - errx (1, "getaddrinfo: %s", gai_strerror (error)); - } - if (ai == NULL) { -#if defined(KRB4) || defined(KRB5) - if (do_kerberos) { - if (do_encrypt) { - error = getaddrinfo(NULL, "ekshell", &hints, &ai); - if(error == EAI_NONAME) { - snprintf(portstr, sizeof(portstr), "%d", 545); - error = getaddrinfo(NULL, portstr, &hints, &ai); - } - if(error) - errx (1, "getaddrinfo: %s", gai_strerror (error)); - } else { - error = getaddrinfo(NULL, "kshell", &hints, &ai); - if(error == EAI_NONAME) { - snprintf(portstr, sizeof(portstr), "%d", 544); - error = getaddrinfo(NULL, portstr, &hints, &ai); - } - if(error) - errx (1, "getaddrinfo: %s", gai_strerror (error)); - } - } else -#endif - { - error = getaddrinfo(NULL, "shell", &hints, &ai); - if(error == EAI_NONAME) { - snprintf(portstr, sizeof(portstr), "%d", 514); - error = getaddrinfo(NULL, portstr, &hints, &ai); - } - if(error) - errx (1, "getaddrinfo: %s", gai_strerror (error)); - } - } - mini_inetd_addrinfo (ai); - freeaddrinfo(ai); - } - - if (do_keepalive && - setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, (char *)&on, - sizeof(on)) < 0) - syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m"); - - /* set SO_LINGER? */ - - signal (SIGPIPE, SIG_IGN); - - doit (); - return 0; -} diff --git a/crypto/heimdal/appl/su/ChangeLog b/crypto/heimdal/appl/su/ChangeLog deleted file mode 100644 index 591eadac47ca..000000000000 --- a/crypto/heimdal/appl/su/ChangeLog +++ /dev/null @@ -1,123 +0,0 @@ -2007-10-19 Love Hörnquist Åstrand - - * su.c: read environment from _PATH_ETC_ENVIRONMENT - - * supaths.c: paths - -2007-08-02 Love Hörnquist Åstrand - - * su.c: Check all local realms when su-ing, from Magnus Holmberg. - -2007-06-19 Love Hörnquist Åstrand - - * su.c: If not root and not setuid, print warning. - -2006-01-17 Love Hörnquist Åstrand - - * su.c (group_member_p): rename from group_member to avoid name - pollution from glibc headers. Fixed based on report from David Love. - -2006-01-12 Johan Danielsson - - * su.c: fix reversed logic when deciding to print tty or not - -2005-10-22 Love Hörnquist Åstrand - - * su.c: Check return value from asprintf instead of string != NULL - since it undefined behavior on Linux. From Björn Sandell - -2005-05-10 Dave Love - - * su.c: Include . - -2003-09-03 Love Hörnquist Åstrand - - * su.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ - -2003-05-06 Johan Danielsson - - * su.c: remove accidentally committed code that prints the command - being executed - -2003-03-18 Love Hörnquist Åstrand - - * su.c (krb5_start_session): krb5_afslog doesn't depend on KRB4 - any more - -2002-02-19 Johan Danielsson - - * su.c: make this build without krb5 - -2002-01-09 Jacques Vidrine - - * su.c: Don't use getlogin() to determine whether we are root. - Patch by joda. - -2001-06-12 Assar Westerlund - - * su.c: check memory allocations. add some const - -2000-12-31 Assar Westerlund - - * su.c (krb5_verify): handle krb5_init_context failure - consistently - -2000-08-28 Johan Danielsson - - * su.c: set KRBTKFILE - -2000-07-10 Assar Westerlund - - * Makefile.am: actually install su - * su.c (krb5_verify): try harder freeing. do not get upset on - interrupted password read - -2000-06-09 Assar Westerlund - - * su.c (main): work-around for setuid and capabilities bug fixed - in Linux 2.2.16 - -2000-06-03 Assar Westerlund - - * su.c (main): just ignore shadow information if getspnam returns - NULL - -1999-10-20 Assar Westerlund - - * Makefile.am: use LIB_roken - -1999-09-28 Assar Westerlund - - * su.c (krb5_verify): use krb5_verify_user_lrealm - -1999-08-04 Assar Westerlund - - * su.c: add support for shadow passwords and rewrite some logic. - From Miroslav Ruda - - * Makefile.am: add libkafs - -1999-06-15 Assar Westerlund - - * su.c (main): conditionalize `getlogin' - -1999-05-11 Assar Westerlund - - * su.c (verfiy_krb5): get the name out of the ccache before - closing it - -1999-05-05 Assar Westerlund - - * su.c: some more error checking - -Wed Apr 21 21:04:36 1999 Assar Westerlund - - * su.c (-f): implement - - * su.c: implement -i - (verify_krb5): correct the ownership on the credential cache - -Tue Apr 20 13:26:13 1999 Johan Danielsson - - * su.c: don't depend on paths.h - diff --git a/crypto/heimdal/appl/su/Makefile.am b/crypto/heimdal/appl/su/Makefile.am deleted file mode 100644 index 91e0ee3d48ee..000000000000 --- a/crypto/heimdal/appl/su/Makefile.am +++ /dev/null @@ -1,19 +0,0 @@ -# $Id: Makefile.am 21986 2007-10-19 05:22:57Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_krb4) $(INCLUDE_hcrypto) - -bin_PROGRAMS = su -bin_SUIDS = su -su_SOURCES = su.c supaths.h -man_MANS = su.1 - -LDADD = $(LIB_kafs) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) - -EXTRA_DIST = $(man_MANS) diff --git a/crypto/heimdal/appl/su/Makefile.in b/crypto/heimdal/appl/su/Makefile.in deleted file mode 100644 index 0159272bc721..000000000000 --- a/crypto/heimdal/appl/su/Makefile.in +++ /dev/null @@ -1,841 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 21986 2007-10-19 05:22:57Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog -bin_PROGRAMS = su$(EXEEXT) -subdir = appl/su -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(bin_PROGRAMS) -am_su_OBJECTS = su.$(OBJEXT) -su_OBJECTS = $(am_su_OBJECTS) -su_LDADD = $(LDADD) -am__DEPENDENCIES_1 = -am__DEPENDENCIES_2 = $(top_builddir)/lib/kafs/libkafs.la \ - $(am__DEPENDENCIES_1) -su_DEPENDENCIES = $(am__DEPENDENCIES_2) \ - $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(su_SOURCES) -DIST_SOURCES = $(su_SOURCES) -man1dir = $(mandir)/man1 -MANS = $(man_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) $(INCLUDE_hcrypto) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -bin_SUIDS = su -su_SOURCES = su.c supaths.h -man_MANS = su.1 -LDADD = $(LIB_kafs) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) - -EXTRA_DIST = $(man_MANS) -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/su/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/su/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-binPROGRAMS: $(bin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-binPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done - -clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -su$(EXEEXT): $(su_OBJECTS) $(su_DEPENDENCIES) - @rm -f su$(EXEEXT) - $(LINK) $(su_OBJECTS) $(su_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(PROGRAMS) $(MANS) all-local -installdirs: - for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-binPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man1 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-binPROGRAMS uninstall-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man1 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-binPROGRAMS clean-generic clean-libtool ctags \ - dist-hook distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-binPROGRAMS \ - install-data install-data-am install-data-hook install-dvi \ - install-dvi-am install-exec install-exec-am install-exec-hook \ - install-html install-html-am install-info install-info-am \ - install-man install-man1 install-pdf install-pdf-am install-ps \ - install-ps-am install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \ - uninstall-am uninstall-binPROGRAMS uninstall-hook \ - uninstall-man uninstall-man1 - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/appl/su/su.1 b/crypto/heimdal/appl/su/su.1 deleted file mode 100644 index 76f4dc5d4552..000000000000 --- a/crypto/heimdal/appl/su/su.1 +++ /dev/null @@ -1,123 +0,0 @@ -.\" Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: su.1 16528 2006-01-12 16:25:01Z joda $ -.\" -.Dd January 12, 2006 -.Dt SU 1 -.Os HEIMDAL -.Sh NAME -.Nm su -.Nd substitute user identity -.Sh SYNOPSIS -.Nm su -.Op Fl K | Fl -no-kerberos -.Op Fl f -.Op Fl l | Fl -full -.Op Fl m -.Oo Fl i Ar instance \*(Ba Xo -.Fl -instance= Ns Ar instance -.Xc -.Oc -.Oo Fl c Ar command \*(Ba Xo -.Fl -command= Ns Ar command -.Xc -.Oc -.Op Ar login Op Ar "shell arguments" -.Sh DESCRIPTION -.Nm su -will use Kerberos authentication provided that an instance for the -user wanting to change effective UID is present in a file named -.Pa .k5login -in the target user id's home directory -.Pp -A special case exists where -.Ql root Ap s -.Pa ~/.k5login -needs to contain an entry for: -.Ql user Ns / Ns Ao instance Ac Ns @ Ns REALM -for -.Nm su -to succed (where -.Aq instance -is -.Ql root -unless changed with -.Fl i ) . -.Pp -In the absence of either an entry for current user in said file or -other problems like missing -.Ql host/hostname@REALM -keys in the system's -keytab, or user typing the wrong password, -.Nm su -will fall back to traditional -.Pa /etc/passwd -authentication. -.Pp -When using -.Pa /etc/passwd -authentication, -.Nm su -allows -.Ql root -access only to members of the group -.Ql wheel , -or to any user (with knowledge of the -.Ql root -password) if that group -does not exist, or has no members. -.Pp -The options are as follows: -.Bl -item -width Ds -.It -.Fl K , -.Fl -no-kerberos -don't use Kerberos. -.It -.Fl f -don't read .cshrc. -.It -.Fl l , -.Fl -full -simulate full login. -.It -.Fl m -leave environment unmodified. -.It -.Fl i Ar instance , -.Fl -instance= Ns Ar instance -root instance to use. -.It -.Fl c Ar command , -.Fl -command= Ns Ar command -command to execute. -.El diff --git a/crypto/heimdal/appl/su/su.c b/crypto/heimdal/appl/su/su.c deleted file mode 100644 index fc21595216b6..000000000000 --- a/crypto/heimdal/appl/su/su.c +++ /dev/null @@ -1,622 +0,0 @@ -/* - * Copyright (c) 1999 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include - -RCSID("$Id: su.c 21988 2007-10-19 05:36:54Z lha $"); - -#include -#include -#include - -#include - -#ifdef HAVE_PATHS_H -#include -#endif - -#ifdef HAVE_SHADOW_H -#include -#endif - -#include -#ifdef HAVE_CRYPT_H -#include -#endif - -#include "crypto-headers.h" -#ifdef KRB5 -#include -#endif -#ifdef KRB4 -#include -#endif -#include -#include -#include -#include - -#include "supaths.h" - -int kerberos_flag = 1; -int csh_f_flag; -int full_login; -int env_flag; -char *kerberos_instance = "root"; -int help_flag; -int version_flag; -char *cmd; -char tkfile[256]; - -struct getargs args[] = { - { "kerberos", 'K', arg_negative_flag, &kerberos_flag, - "don't use kerberos" }, - { NULL, 'f', arg_flag, &csh_f_flag, - "don't read .cshrc" }, - { "full", 'l', arg_flag, &full_login, - "simulate full login" }, - { NULL, 'm', arg_flag, &env_flag, - "leave environment unmodified" }, - { "instance", 'i', arg_string, &kerberos_instance, - "root instance to use" }, - { "command", 'c', arg_string, &cmd, - "command to execute" }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 0, arg_flag, &version_flag }, -}; - - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - "[login [shell arguments]]"); - exit (ret); -} - -static void -free_info(struct passwd *p) -{ - free (p->pw_name); - free (p->pw_passwd); - free (p->pw_dir); - free (p->pw_shell); - free (p); -} - -static struct passwd* -dup_info(const struct passwd *pwd) -{ - struct passwd *info; - - info = malloc(sizeof(*info)); - if(info == NULL) - return NULL; - info->pw_name = strdup(pwd->pw_name); - info->pw_passwd = strdup(pwd->pw_passwd); - info->pw_uid = pwd->pw_uid; - info->pw_gid = pwd->pw_gid; - info->pw_dir = strdup(pwd->pw_dir); - info->pw_shell = strdup(pwd->pw_shell); - if(info->pw_name == NULL || info->pw_passwd == NULL || - info->pw_dir == NULL || info->pw_shell == NULL) { - free_info (info); - return NULL; - } - return info; -} - -#if defined(KRB4) || defined(KRB5) -static void -set_tkfile() -{ -#ifndef TKT_ROOT -#define TKT_ROOT "/tmp/tkt" -#endif - int fd; - if(*tkfile != '\0') - return; - snprintf(tkfile, sizeof(tkfile), "%s_XXXXXX", TKT_ROOT); - fd = mkstemp(tkfile); - if(fd >= 0) - close(fd); -#ifdef KRB4 - krb_set_tkt_string(tkfile); -#endif -} -#endif - -#ifdef KRB5 -static krb5_context context; -static krb5_ccache ccache; - -static int -krb5_verify(const struct passwd *login_info, - const struct passwd *su_info, - const char *kerberos_instance) -{ - krb5_error_code ret; - krb5_principal p; - krb5_realm *realms, *r; - char *login_name = NULL; - int user_ok = 0; - -#if defined(HAVE_GETLOGIN) && !defined(POSIX_GETLOGIN) - login_name = getlogin(); -#endif - ret = krb5_init_context (&context); - if (ret) { -#if 0 - warnx("krb5_init_context failed: %d", ret); -#endif - return 1; - } - - ret = krb5_get_default_realms(context, &realms); - if (ret) - return 1; - - /* Check all local realms */ - for (r = realms; *r != NULL && !user_ok; r++) { - - if (login_name == NULL || strcmp (login_name, "root") == 0) - login_name = login_info->pw_name; - if (strcmp (su_info->pw_name, "root") == 0) - ret = krb5_make_principal(context, &p, *r, - login_name, - kerberos_instance, - NULL); - else - ret = krb5_make_principal(context, &p, *r, - su_info->pw_name, - NULL); - if (ret) { - krb5_free_host_realm(context, realms); - return 1; - } - - /* if we are su-ing too root, check with krb5_kuserok */ - if (su_info->pw_uid == 0 && !krb5_kuserok(context, p, su_info->pw_name)) - continue; - - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &ccache); - if(ret) { - krb5_free_host_realm(context, realms); - krb5_free_principal (context, p); - return 1; - } - ret = krb5_verify_user(context, p, ccache, NULL, TRUE, NULL); - krb5_free_principal (context, p); - switch (ret) { - case 0: - user_ok = 1; - break; - case KRB5_LIBOS_PWDINTR : - krb5_cc_destroy(context, ccache); - break; - case KRB5KRB_AP_ERR_BAD_INTEGRITY: - case KRB5KRB_AP_ERR_MODIFIED: - krb5_cc_destroy(context, ccache); - krb5_warnx(context, "Password incorrect"); - break; - default : - krb5_cc_destroy(context, ccache); - krb5_warn(context, ret, "krb5_verify_user"); - break; - } - } - krb5_free_host_realm(context, realms); - if (!user_ok) - return 1; - return 0; -} - -static int -krb5_start_session(void) -{ - krb5_ccache ccache2; - char *cc_name; - int ret; - - ret = krb5_cc_gen_new(context, &krb5_fcc_ops, &ccache2); - if (ret) { - krb5_cc_destroy(context, ccache); - return 1; - } - - ret = krb5_cc_copy_cache(context, ccache, ccache2); - - ret = asprintf(&cc_name, "%s:%s", krb5_cc_get_type(context, ccache2), - krb5_cc_get_name(context, ccache2)); - if (ret == -1) - errx(1, "malloc - out of memory"); - esetenv("KRB5CCNAME", cc_name, 1); - - /* we want to export this even if we don't directly support KRB4 */ - set_tkfile(); - esetenv("KRBTKFILE", tkfile, 1); - - /* convert creds? */ - if(k_hasafs()) { - if (k_setpag() == 0) - krb5_afslog(context, ccache2, NULL, NULL); - } - - krb5_cc_close(context, ccache2); - krb5_cc_destroy(context, ccache); - return 0; -} -#endif - -#ifdef KRB4 - -static int -krb_verify(const struct passwd *login_info, - const struct passwd *su_info, - const char *kerberos_instance) -{ - int ret; - char *login_name = NULL; - char *name, *instance, realm[REALM_SZ]; - -#if defined(HAVE_GETLOGIN) && !defined(POSIX_GETLOGIN) - login_name = getlogin(); -#endif - - ret = krb_get_lrealm(realm, 1); - - if (login_name == NULL || strcmp (login_name, "root") == 0) - login_name = login_info->pw_name; - if (strcmp (su_info->pw_name, "root") == 0) { - name = login_name; - instance = (char*)kerberos_instance; - } else { - name = su_info->pw_name; - instance = ""; - } - - if(su_info->pw_uid != 0 || - krb_kuserok(name, instance, realm, su_info->pw_name) == 0) { - char password[128]; - char *prompt; - ret = asprintf (&prompt, - "%s's Password: ", - krb_unparse_name_long (name, instance, realm)); - if (ret == -1) - return (1); - if (UI_UTIL_read_pw_string (password, sizeof (password), prompt, 0)) { - memset (password, 0, sizeof (password)); - free(prompt); - return (1); - } - free(prompt); - if (strlen(password) == 0) - return (1); /* Empty passwords are not allowed */ - set_tkfile(); - setuid(geteuid()); /* need to run as root here */ - ret = krb_verify_user(name, instance, realm, password, - KRB_VERIFY_SECURE, NULL); - memset(password, 0, sizeof(password)); - - if(ret) { - warnx("%s", krb_get_err_text(ret)); - return 1; - } - chown (tkt_string(), su_info->pw_uid, su_info->pw_gid); - return 0; - } - return 1; -} - - -static int -krb_start_session(void) -{ - esetenv("KRBTKFILE", tkfile, 1); - - /* convert creds? */ - if(k_hasafs() && k_setpag() == 0) - krb_afslog(NULL, NULL); - - return 0; -} -#endif - -#define GROUP_MEMBER 0 -#define GROUP_MISSING 1 -#define GROUP_EMPTY 2 -#define GROUP_NOT_MEMBER 3 - -static int -group_member_p(const char *group, const char *user) -{ - struct group *g; - int i; - g = getgrnam(group); - if(g == NULL) - return GROUP_MISSING; - if(g->gr_mem[0] == NULL) - return GROUP_EMPTY; - for(i = 0; g->gr_mem[i] != NULL; i++) - if(strcmp(user, g->gr_mem[i]) == 0) - return GROUP_MEMBER; - return GROUP_NOT_MEMBER; -} - -static int -verify_unix(struct passwd *login, struct passwd *su) -{ - char prompt[128]; - char pw_buf[1024]; - char *pw; - int r; - if(su->pw_passwd != NULL && *su->pw_passwd != '\0') { - snprintf(prompt, sizeof(prompt), "%s's password: ", su->pw_name); - r = UI_UTIL_read_pw_string(pw_buf, sizeof(pw_buf), prompt, 0); - if(r != 0) - exit(0); - pw = crypt(pw_buf, su->pw_passwd); - memset(pw_buf, 0, sizeof(pw_buf)); - if(strcmp(pw, su->pw_passwd) != 0) { - syslog (LOG_ERR | LOG_AUTH, "%s to %s: incorrect password", - login->pw_name, su->pw_name); - return 1; - } - } - /* if su:ing to root, check membership of group wheel or root; if - that group doesn't exist, or is empty, allow anyone to su - root */ - if(su->pw_uid == 0) { -#ifndef ROOT_GROUP -#define ROOT_GROUP "wheel" -#endif - int gs = group_member_p(ROOT_GROUP, login->pw_name); - if(gs == GROUP_NOT_MEMBER) { - syslog (LOG_ERR | LOG_AUTH, "%s to %s: not in group %s", - login->pw_name, su->pw_name, ROOT_GROUP); - return 1; - } - return 0; - } - return 0; -} - -int -main(int argc, char **argv) -{ - int i, optind = 0; - char *su_user; - struct passwd *su_info; - struct passwd *login_info; - - struct passwd *pwd; - - char *shell; - - int ok = 0; - int kerberos_error=1; - - setprogname (argv[0]); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)) - usage(1); - - for (i=0; i < optind; i++) - if (strcmp(argv[i], "-") == 0) { - full_login = 1; - break; - } - - if(help_flag) - usage(0); - if(version_flag) { - print_version(NULL); - exit(0); - } - if(optind >= argc) - su_user = "root"; - else - su_user = argv[optind++]; - - if (!issuid() && getuid() != 0) - warnx("Not setuid and you are root, expect this to fail"); - - pwd = k_getpwnam(su_user); - if(pwd == NULL) - errx (1, "unknown login %s", su_user); - if (pwd->pw_uid == 0 && strcmp ("root", su_user) != 0) { - syslog (LOG_ALERT, "NIS attack, user %s has uid 0", su_user); - errx (1, "unknown login %s", su_user); - } - su_info = dup_info(pwd); - if (su_info == NULL) - errx (1, "malloc: out of memory"); - - pwd = getpwuid(getuid()); - if(pwd == NULL) - errx(1, "who are you?"); - login_info = dup_info(pwd); - if (login_info == NULL) - errx (1, "malloc: out of memory"); - if(env_flag) - shell = login_info->pw_shell; - else - shell = su_info->pw_shell; - if(shell == NULL || *shell == '\0') - shell = _PATH_BSHELL; - - -#ifdef KRB5 - if(kerberos_flag && ok == 0 && - (kerberos_error=krb5_verify(login_info, su_info, kerberos_instance)) == 0) - ok = 5; -#endif -#ifdef KRB4 - if(kerberos_flag && ok == 0 && - (kerberos_error = krb_verify(login_info, su_info, kerberos_instance)) == 0) - ok = 4; -#endif - - if(ok == 0 && login_info->pw_uid && verify_unix(login_info, su_info) != 0) { - printf("Sorry!\n"); - exit(1); - } - -#ifdef HAVE_GETSPNAM - { struct spwd *sp; - long today; - - sp = getspnam(su_info->pw_name); - if (sp != NULL) { - today = time(0)/(24L * 60 * 60); - if (sp->sp_expire > 0) { - if (today >= sp->sp_expire) { - if (login_info->pw_uid) - errx(1,"Your account has expired."); - else - printf("Your account has expired."); - } - else if (sp->sp_expire - today < 14) - printf("Your account will expire in %d days.\n", - (int)(sp->sp_expire - today)); - } - if (sp->sp_max > 0) { - if (today >= sp->sp_lstchg + sp->sp_max) { - if (login_info->pw_uid) - errx(1,"Your password has expired. Choose a new one."); - else - printf("Your password has expired. Choose a new one."); - } - else if (today >= sp->sp_lstchg + sp->sp_max - sp->sp_warn) - printf("Your account will expire in %d days.\n", - (int)(sp->sp_lstchg + sp->sp_max -today)); - } - } - } -#endif - { - char *tty = ttyname (STDERR_FILENO); - syslog (LOG_NOTICE | LOG_AUTH, tty ? "%s to %s on %s" : "%s to %s", - login_info->pw_name, su_info->pw_name, tty); - } - - - if(!env_flag) { - if(full_login) { - char *t = getenv ("TERM"); - char **newenv = NULL; - int i, j; - - i = read_environment(_PATH_ETC_ENVIRONMENT, &newenv); - - environ = malloc ((10 + i) * sizeof (char *)); - if (environ == NULL) - err (1, "malloc"); - environ[0] = NULL; - - for (j = 0; j < i; j++) { - char *p = strchr(newenv[j], '='); - *p++ = 0; - esetenv (newenv[j], p, 1); - } - free(newenv); - - esetenv ("PATH", _PATH_DEFPATH, 1); - if (t) - esetenv ("TERM", t, 1); - if (chdir (su_info->pw_dir) < 0) - errx (1, "no directory"); - } - if (full_login || su_info->pw_uid) - esetenv ("USER", su_info->pw_name, 1); - esetenv("HOME", su_info->pw_dir, 1); - esetenv("SHELL", shell, 1); - } - - { - int i; - char **args; - char *p; - - p = strrchr(shell, '/'); - if(p) - p++; - else - p = shell; - - if (strcmp(p, "csh") != 0) - csh_f_flag = 0; - - args = malloc(((cmd ? 2 : 0) + 1 + argc - optind + 1 + csh_f_flag) * sizeof(*args)); - if (args == NULL) - err (1, "malloc"); - i = 0; - if(full_login) { - if (asprintf(&args[i++], "-%s", p) == -1) - errx (1, "malloc"); - } else - args[i++] = p; - if (cmd) { - args[i++] = "-c"; - args[i++] = cmd; - } - - if (csh_f_flag) - args[i++] = "-f"; - - for (argv += optind; *argv; ++argv) - args[i++] = *argv; - args[i] = NULL; - - if(setgid(su_info->pw_gid) < 0) - err(1, "setgid"); - if (initgroups (su_info->pw_name, su_info->pw_gid) < 0) - err (1, "initgroups"); - if(setuid(su_info->pw_uid) < 0 - || (su_info->pw_uid != 0 && setuid(0) == 0)) - err(1, "setuid"); - -#ifdef KRB5 - if (ok == 5) - krb5_start_session(); -#endif -#ifdef KRB4 - if (ok == 4) - krb_start_session(); -#endif - execv(shell, args); - } - - exit(1); -} diff --git a/crypto/heimdal/appl/su/supaths.h b/crypto/heimdal/appl/su/supaths.h deleted file mode 100644 index c12a0c7b748d..000000000000 --- a/crypto/heimdal/appl/su/supaths.h +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id$ */ - -#ifndef __SU_PATH_H -#define __SU_PATH_H - -#ifndef _PATH_DEFPATH -#define _PATH_DEFPATH "/usr/bin:/bin" -#endif - -#ifndef _PATH_BSHELL -#define _PATH_BSHELL "/bin/sh" -#endif - -#ifndef _PATH_ETC_ENVIRONMENT -#define _PATH_ETC_ENVIRONMENT SYSCONFDIR "/environment" -#endif - -#endif /* __SU_PATH_H */ diff --git a/crypto/heimdal/appl/telnet/ChangeLog b/crypto/heimdal/appl/telnet/ChangeLog deleted file mode 100644 index 473ab6b05738..000000000000 --- a/crypto/heimdal/appl/telnet/ChangeLog +++ /dev/null @@ -1,804 +0,0 @@ -2007-12-31 Love Hörnquist Åstrand - - * telnetd/sys_term.c: Use strlcpy instead of strncpy, thanks to - Antoine Brodin. - -2007-07-31 Love Hörnquist Åstrand - - * telnetd/telnetd.c (usage): use exit_code, add --version and - --help. - - * telnetd/telnetd.c: Add --help, reported by David Love. - -2007-07-30 Love Hörnquist Åstrand - - * telnet/main.c: Catch --help, reported by David Love. - -2007-07-12 Love Hörnquist Åstrand - - * telnetd/sys_term.c: GLIBC made the choice that ut_tv should be - shared between 32 and 64 bit platforms so now we can no longer use - struct timeval functions to compare or set/get data that uses - pointer (gettimeofday for example) since ut_tv is now not a struct - timeval but rather a struct { int32_t tv_sec; int32_t tv_usec; }; - -2006-10-21 Love Hörnquist Åstrand - - * telnet/telnet_locl.h: Include roken.h before the local - headerfiles. - - * telnetd/telnetd.h: HP/UX defines SE in sys/uio.h, #undef it. - - * telnetd/sys_term.c: Dont't include some streamspty headers here. - - * telnetd/telnetd.c: Dont't include some streamspty headers here. - - * telnetd/telnetd.h: includes some STREAMSPTY header here to avoid - ioctl vs socket_wrapper horror. - -2006-10-20 Love Hörnquist Åstrand - - * telnet/Makefile.am: more files - - * telnetd/Makefile.am: more files - -2006-09-19 Love Hörnquist Åstrand - - * telnetd/telnetd.8: Add documentation for -e, require encryption. - - * telnetd/telnetd.h: Add require_encryption. - - * telnetd/telnetd.c: Allow encryption to be required, wait to the - client to turn it on, if failes, refuse the connection. - - * telnetd/state.c: If encryption is required, don't allow it to be - turned off. - -2006-09-04 Love Hörnquist Åstrand - - * libtelnet/kerberos5.c (kerberos5_forward): use KDCOptions2int on - flags before passing them to krb5_get_forwarded_creds. - -2006-05-05 Love Hörnquist Åstrand - - * Rename u_intXX_t to uintXX_t - -2006-03-23 Love Hörnquist Åstrand - - * libtelnet/encrypt.c: Spelling. - -2005-12-01 Love Hörnquist Åstrand - - * telnetd/telnetd.c: Initialize the slc mapping table before its - used. Based on bug report from Russell Sanford - - -2005-11-03 Love Hörnquist Åstrand - - * telnet/telnet.c: Spelling in comments, from Dave Love - - -2005-10-31 Love Hörnquist Åstrand - - * libtelnet/kerberos5.c (Data): Use right variable. From Tomas - Olsson - -2005-10-22 Love Hörnquist Åstrand - - * telnet/commands.c: Check return value from asprintf instead of - string != NULL since it undefined behavior on Linux. From Björn - Sandell - - * libtelnet/kerberos5.c: Check return value from asprintf instead - of string != NULL since it undefined behavior on Linux. From Björn - Sandell - - * libtelnet/kerberos.c: Check return value from asprintf instead - of string != NULL since it undefined behavior on Linux. From Björn - Sandell - -2005-08-08 Love Hörnquist Åstrand - - * telnetd/telnetd.c: Fix printing of /etc/issue{,.net}. - - * telnetd/utility.c: make writenet take const void * and size_t, - abort if size it too large - - * telnetd/state.c: Fix ansi c warning. - - * telnetd/sys_term.c: no need to typecast argument to writenet - - * telnetd/ext.h: make writenet take const void * and size_t - -2005-07-07 Assar Westerlund - - * libtelnet/kerberos.c: Do not assume that des_key_schedule is an - array. - -2005-05-27 Love Hörnquist Åstrand - - * libtelnet/kerberos5.c: case uid_t to unsigned long in printf - format - - * telnetd/sys_term.c (set_termbuf): use {} around if to make else - unambiguous - -2005-05-20 Love Hörnquist Åstrand - - * telnetd/sys_term.c (start_login): put utmpx code into a new - scope to avoid pre c99 problems. - -2005-05-19 Dave Love - - * telnet/telnet.c,telnet_locl.h: Make solaris find tgetent - -2005-05-13 Johan Danielsson - - * telnetd/sys_term.c (start_login): set encryption pointers to - NULL, so we don't try to do either - -2005-05-11 Dave Love - - * telnet/telnet.c: undef ISASCII before we define our own (problem - on Irix) - -2005-04-28 Johan Danielsson - - * telnetd/utility.c (putf): %t: the regular and streamspty case - are functionally equivalent, so merge them, this also makes it - work better on machines that puts their devices in a subdirectory - to /dev - -2005-04-27 Dave Love - - * telnetd/sys_term.c (getpty): Declare p. - -2005-04-25 Love Hörnquist Åstrand - - * telnetd/telnetd.c: use strlcpy - -2005-04-24 Love Hörnquist Åstrand - - * telnetd/global.c, telnetd/state.c, telnetd/telnetd.c, - telentd/ext.h: remove another strcpy - -2005-04-19 Love Hörnquist Åstrand - - * telnetd/sys_term.c: rewrite getpty to make use openpty when its - found, save the slave fd so that cleanopen can use it if its - available - -2005-04-07 Love Hörnquist Åstrand - - * telnetd/sys_term.c: clean_ttyname might be unused, mark it so - with __attribute__ - -2005-04-06 Love Hörnquist Åstrand - - * telnetd/sys_term.c: use NULL as last argument to execl, not 0 - - * telnet/commands.c: use NULL as last argument to execl, not 0 - -2005-03-29 Love Hörnquist Åstrand - - * telnet/telnet.c: From FreeBSD: - - Correct a pair of buffer overflows in the telnet(1) command: - - (CAN-2005-0468) A heap buffer overflow in env_opt_add() and related - functions. - - (CAN-2005-0469) A global uninitialized data section buffer overflow in - slc_add_reply() and related functions. - - As a result of these vulnerabilities, it may be possible for a - malicious telnet server or active network attacker to cause - telnet(1) to execute arbitrary code with the privileges of the - user running it. - - Security: CAN-2005-0468, CAN-2005-0469 Security: - FreeBSD-SA-05:01.telnet Security: - http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities - Security: - http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities - - These fixes are based in part on patches Submitted by: Solar - Designer - -2005-03-23 Love Hörnquist Åstrand - - * telnetd/telnetd.c: remove setting of DES_check_key, all code - uses DES_set_key_checked - - * libtelnet/enc_des.c: use DES_set_key_checked - -2005-01-09 Love Hörnquist Åstrand - - * telnet/telnet.c: cast argument to toupper to unsigned char - - * telnet/commands.c: cast argument to is* to unsigned char - -2004-06-20 Love Hörnquist Åstrand - - * telnet/network.c: make network rings larger From: MAAAAA MOOOR - - - * telnetd/state.c: make subbuffer larger XXX resize dynamicly - From: MAAAAA MOOOR - - * libtelnet/kerberos5.c (Data): allocate the data needed to be - send From: MAAAAA MOOOR - -2004-04-02 Love Hörnquist Åstrand - - * telnet/main.c: make encrypt, forwardable, forward use appdefault - (that also searches libdefaults), prompted by Thomas Nystrom - - -2004-03-22 Love Hörnquist Åstrand - - * telnetd/telnetd.c: call setprogname to make libvers happy - - * telnet/main.c: call setprogname to make libvers happy - -2003-09-25 Love Hörnquist Åstrand - - * telnet/externs.h: export Scheduler and scheduler_lockout_tty - - * telnet/telnet.c (my_telnet): if telnet_spin returns failure, - complain that the server disconnected and exit - - * telnet/authenc.c (telnet_spin): if Scheduler() returns failure - (-1) propagate to higher level - -2003-09-03 Love Hörnquist Åstrand - - * telnetd/telnetd.c: use new DES_ api - - * libtelnet/enc_des.c: use new DES_ api - -2003-04-22 Love Hörnquist Åstrand - - * telnet/telnet.1: replace <,> with \*[Lt],\*[Gt] - -2002-09-02 Johan Danielsson - - * libtelnet/kerberos5.c: set AP_OPTS_USE_SUBKEY - -2002-08-28 Johan Danielsson - - * telnet/commands.c: remove extra "Toggle"'s - - * telnet/commands.c: IRIX == 4 -> IRIX4 - - * telnet/main.c: rename functions to what they're really called - - * telnet/commands.c: kill some might be uninitialized warnings - - * telnet/commands.c: add forward and forwardable toggle options, - and call set_forward_options() after parsing .telnetrc - - * telnet/externs.h: proto for set_forward_options - - * telnet/main.c: only register what forwarding options are asked - for when parsing command line, we have to set the actual flags - later after we have read .telnetrc - - * libtelnet/auth-proto.h: kerberos5_set_forward{,able} protos - - * libtelnet/kerberos5.c: add kerberos5_set_forward{,able} - functions suitable for the command parser - -2002-08-23 Assar Westerlund - - * telnetd/telnetd.c: add --version as a special case - * telnet/main.c: add --version as a special case - -2002-05-03 Johan Danielsson - - * telnet/telnet.c: only try to negotiate encryption if we're - talking to a real telnet - -2002-03-31 Johan Danielsson - - * telnet/commands.c: fix an old cut-n-paste typo (via debian) - -2002-02-07 Johan Danielsson - - * telnet/telnet.c: print a more informative message than "done" - after negotiating encryption - -2001-09-17 Assar Westerlund - - * telnetd/telnetd.c: add a kludge to make it build on aix (that - defines NOERROR in both sys/stream.h and arpa/nameser.h and - considers that a fatal error) - - * telnet/telnet.c: undef PUTSHORT to avoid conflict - -2001-08-26 Assar Westerlund - - * telnetd/Makefile.am: also link with the library for logout - -2001-08-22 Assar Westerlund - - * telnetd/sys_term.c: include libutil.h if it exists - -2001-08-10 Assar Westerlund - - * telnetd/sys_term.c (getpty): call openpty if it exists - -2001-07-19 Assar Westerlund - - * telnetd/global.c (output_data): make sure of not forwarding - `nfrontp' too far, thereby allowing writes after the end of - `netobuf' - -2001-06-18 Assar Westerlund - - * libtelnet/kerberos5.c: update to new krb5_auth_con* names - -2001-04-25 Assar Westerlund - - * telnetd/sys_term.c (start_login): give the correct error if exec - fails - * telnetd/utility.c (fatalperror_errno): add a new function with - explicit errno parameter - -2001-03-07 Assar Westerlund - - * telnetd/sys_term.c: some minimal more amount of - const-correctness - -2001-02-24 Assar Westerlund - - * libtelnet/enc_des.c: learn to live with libcrypto (from openssl) - -2001-02-20 Assar Westerlund - - * telnet/commands.c (tn): copy the hostname so it doesn't get - overwritten while reading ~/.telnetrc - (*): removed some unneeded externs - -2001-02-08 Assar Westerlund - - * telnetd/sys_term.c (startslave, start_login): re-write code to - keep track both of remote hostname and utmp string to be used - * telnetd/telnetd.c (doit, my_telnet): re-write code to keep track - both of remote hostname and utmp string to be used - -2001-02-07 Assar Westerlund - - * telnet/Makefile.am, telnetd/Makefile.am: add LIB_kdfs - -2001-01-09 Assar Westerlund - - * libtelnet/kerberos5.c (kerberos5_is): use krb5_rd_cred2 instead - of krb5_rd_cred - -2000-12-31 Assar Westerlund - - * telnet/main.c (krb5_init): check krb5_init_context for success - * libtelnet/kerberos5.c (kerberos5_init): check krb5_init_context - for success - -2000-12-11 Assar Westerlund - - * telnet/commands.c (sourceroute): make it not break if the - rfc2292 api does not exist - -2000-12-09 Assar Westerlund - - * telnetd/sys_term.c (scrub_env): add supporting non-file TERMCAP - variables - -2000-12-07 Assar Westerlund - - * telnetd/telnetd.h: move include files around to avoid getting SE - from sys/*.h on HP to override SE from telnet.h - - * telnetd/sys_term.c (scrub_env): remove some const-ness - * telnetd/sys_term.c (scrub_env): add LOGNAME and POSIXLY_CORRECT - to the list of authorized environment variables to be compatible - with linux-telnetd - - * telnetd/sys_term.c (scrub_env): change filtering algoritm from - allowing everything except a few bad cases to not allowing - anything except a few non-dangerous cases - -2000-12-06 Johan Danielsson - - * libtelnet/kerberos5.c: de-pointerise auth_context parameter to - krb5_mk_rep - -2000-11-23 Johan Danielsson - - * libtelnet/kerberos5.c: print the principal we're trying to use - - * libtelnet/kerberos.c: print the principal we're trying to use - -2000-11-16 Assar Westerlund - - * libtelnet/misc-proto.h (telnet_getenv): const-ize some - -2000-11-08 Johan Danielsson - - * telnet/telnet.c: fake entry if no tgetent - -2000-10-08 Assar Westerlund - - * telnetd/utility.c (stilloob): check that fds are not too large - to select on - (ttloop): remove confusing output of errno - * telnetd/telnetd.c (my_telnet): check that fds are not too large - to select on - * telnet/utilities.c (EmptyTerminal): check that fds are not too - large to select on - * telnet/sys_bsd.c (process_rings): check that fds are not too - large to select on - * telnet/network.c (stilloob): check that fds are not too large to - select on - -2000-06-09 Assar Westerlund - - * telnet/commands.c: remove all setuid(getuid()). we do not - support telnet being setuid root - -2000-05-05 Assar Westerlund - - * telnet/externs.h (sourceroute): update prototype - * telnet/commands.c (tn): re-enable source routing - (sourceroute): make it work again based on the code from - itojun@kame.net - -2000-03-28 Assar Westerlund - - * telnet/commands.c (tn): clean-up a tiny little bit. give-up if - we do not manage to connect to any address - -2000-03-26 Assar Westerlund - - * telnetd/sys_term.c (*): make sure to always call time, ctime, - and gmtime with `time_t's. there were some types (like in - lastlog) that we believed to always be time_t. this has proven - wrong on Solaris 8 in 64-bit mode, where they are stored as 32-bit - quantities but time_t has gone up to 64 bits - -2000-03-03 Assar Westerlund - - * libtelnet/kerberos5.c (kerberos5_init): check that we do have a - keytab before saying that we will support KERBEROS5 - -2000-02-12 Assar Westerlund - - * telnet/commands.c (tn): only set tos for AF_INET. From - itojun@iijlab.net - -2000-02-07 Assar Westerlund - - * libtelnet/kerberos.c (kerberos4_is): send a reject back to the - client when we're not authorized - -2000-02-06 Assar Westerlund - - * telnet/ring.h (ring_encrypt): better proto - * telnet/ring.c (ring_encrypt): better proto - -2000-02-04 Assar Westerlund - - * telnet/telnet_locl.h: klduge-around KLUDGELINEMODE - -2000-01-18 Assar Westerlund - - * libtelnet/misc.c (auth_encrypt_user): const-ify - * libtelnet/misc.h (RemoteHostName, LocalHostName): const-ify - * libtelnet/misc.c (auth_encrypt_init, RemoteHostName, - LocalHostName): const-ify - * libtelnet/misc-proto.h (auth_encrypt_init, auth_encrypt_user): - const-ify - * libtelnet/encrypt.c (encrypt_init, Name): const-ify - * libtelnet/enc-proto.h (encrypt_init): const-ify - * libtelnet/auth.c (auth_init, Name): const-ify - * libtelnet/auth-proto.h (auth_init): const-ify - -2000-01-08 Assar Westerlund - - * telnet/commands.c (tn): handle ai_canonname being set in any of - the addresses returnedby getaddrinfo. glibc apparently returns - the reverse lookup of every address in ai_canonname. remove some - unused variables. - -2000-01-01 Assar Westerlund - - * telnetd/sys_term.c (addarg): make void (return value isn't check - anyway). fatal error when malloc fails - -1999-12-16 Assar Westerlund - - * telnet/commands.c (*): handle ai_canonname not being set - -1999-12-04 Assar Westerlund - - * telnetd/telnetd.c (doit): use getnameinfo_verified - * telnetd/telnetd.c: use getnameinfo - * telnet/commands.c: re-write to using getaddrinfo. disable - source-routing for the moment, it doesn't seem to be used anyways. - -1999-09-16 Assar Westerlund - - * telnet/commands.c: revert 1.54, get_default_username should DTRT - now - -1999-09-05 Assar Westerlund - - * telnetd/utility.c (ttloop): make it return 1 if interrupted by a - signal, which must have been what was meant from the beginning - - * telnetd/ext.h (ttloop): update prototype - - * telnetd/authenc.c (telnet_spin): actually return the value from - ttloop (otherwise it's kind of bogus) - -1999-08-05 Assar Westerlund - - * telnetd/sys_term.c (rmut): free utxp - -1999-08-04 Assar Westerlund - - * telnet/main.c: add -G and config file support. From Miroslav - Ruda - - * telnetd/sys_term.c (rmut): work around utmpx strangness. From - Miroslav Ruda - -1999-08-02 Assar Westerlund - - * telnetd/telnetd.c (doit): only free hp if != NULL. From: Jonas - Oberg - -1999-07-29 Assar Westerlund - - * telnetd/telnetd.c (doit): remove unused variable mapped_sin - -1999-07-26 Assar Westerlund - - * telnetd/ext.h: update prototypes - - * telnetd/telnetd.c: make it handle v4 and v6 sockets. (it - doesn't handle being given a v6 socket that's really talking to an - v4 adress (mapped) because the rest of the code in telnetd is not - able to handle it anyway). please run two telnetd from your - inetd, one for v4 and one for v6. - -1999-07-07 Assar Westerlund - - * telnet/commands.c (tn): extra bogus const-cast - -1999-07-06 Assar Westerlund - - * telnetd/sys_term.c (start_login): print a different warning with - `-a otp' - -1999-06-24 Assar Westerlund - - * libtelnet/kerberos5.c (kerberos5_send): set the addresses in the - auth_context - -1999-06-23 Assar Westerlund - - * telnet/Makefile.am (INCLUDES): add $(INCLUDE_krb4) - - * telnet/commands.c (togkrbdebug): conditionalize on - krb_disable_debug - -1999-06-16 Johan Danielsson - - * telnet/commands.c: add kerberos debugging option - -1999-06-15 Assar Westerlund - - * telnet/commands.c (tn): use get_default_username - -1999-05-14 Assar Westerlund - - * telnetd/state.c (telrcv): magic patch to make it work against - DOS Clarkson Telnet. From Miroslav Ruda - -1999-04-25 Assar Westerlund - - * libtelnet/kerberos5.c (kerberos5_send): use - `krb5_auth_setkeytype' instead of `krb5_auth_setenctype' to make - sure we get a DES session key. - -Thu Apr 1 16:59:27 1999 Johan Danielsson - - * telnetd/Makefile.am: don't run check-local - - * telnet/Makefile.am: don't run check-local - -Mon Mar 29 16:11:33 1999 Johan Danielsson - - * telnetd/sys_term.c: _CRAY -> HAVE_STRUCT_UTMP_UT_ID - -Sat Mar 20 00:12:54 1999 Assar Westerlund - - * telnet/authenc.c (telnet_gets): remove old extern declarations - -Thu Mar 18 11:20:16 1999 Johan Danielsson - - * telnetd/Makefile.am: include Makefile.am.common - - * telnet/Makefile.am: include Makefile.am.common - - * libtelnet/Makefile.am: include Makefile.am.common - - * Makefile.am: include Makefile.am.common - -Mon Mar 15 17:40:53 1999 Johan Danielsson - - * telnetd/telnetd.c: replace perror/exit with fatalperror - -Sat Mar 13 22:18:57 1999 Assar Westerlund - - * telnetd/telnetd.c (main): 0 -> STDIN_FILENO. remove abs - - * libtelnet/kerberos.c (kerberos4_is): syslog root logins - -Thu Mar 11 14:48:54 1999 Johan Danielsson - - * telnetd/Makefile.in: add WFLAGS - - * telnet/Makefile.in: add WFLAGS - - * libtelnet/Makefile.in: add WFLAGS - - * telnetd/sys_term.c: remove unused variables - - * telnet/telnet.c: fix some warnings - - * telnet/main.c: fix some warnings - - * telnet/commands.c: fix types in format string - - * libtelnet/auth.c: fix types in format string - -Mon Mar 1 10:50:30 1999 Johan Danielsson - - * telnetd/sys_term.c: HAVE_UT_* -> HAVE_STRUCT_UTMP*_UT_* - -Mon Feb 1 04:08:36 1999 Assar Westerlund - - * telnet/commands.c (tn): only call gethostbyname2 with AF_INET6 - if we actually have IPv6. From "Brandon S. Allbery KF8NH" - - -Sat Nov 21 16:51:00 1998 Johan Danielsson - - * telnetd/sys_term.c (cleanup): don't call vhangup() on sgi:s - -Fri Aug 14 16:29:18 1998 Johan Danielsson - - * libtelnet/kerberos.c: krb_put_int -> KRB_PUT_INT - -Thu Jul 23 20:29:05 1998 Johan Danielsson - - * libtelnet/kerberos5.c: use krb5_verify_authenticator_checksum - -Mon Jul 13 22:00:09 1998 Assar Westerlund - - * telnet/commands.c (tn): don't advance hostent->h_addr_list, use - a copy instead - -Wed May 27 04:19:17 1998 Assar Westerlund - - * telnet/sys_bsd.c (process_rings): correct call to `stilloob' - -Fri May 15 19:38:19 1998 Johan Danielsson - - * libtelnet/kerberos5.c: Always print errors from mk_req. - -Fri May 1 07:16:59 1998 Assar Westerlund - - * telnet/commands.c: unifdef -DHAVE_H_ERRNO - -Sat Apr 4 15:00:29 1998 Assar Westerlund - - * telnet/commands.c (tn): moved the printing of `trying...' to the - loop - -Thu Mar 12 02:33:48 1998 Assar Westerlund - - * telnet/telnet_locl.h: include . From Gregory S. Stark - - -Sat Feb 21 15:12:38 1998 Assar Westerlund - - * telnetd/ext.h: add prototype for login_tty - - * telnet/utilities.c (printsub): `direction' is now an int. - - * libtelnet/misc-proto.h: add prototype for `printsub' - -Tue Feb 17 02:45:01 1998 Assar Westerlund - - * libtelnet/kerberos.c (kerberos4_is): cred.pname should be - cred.pinst. From - -Sun Feb 15 02:46:39 1998 Assar Westerlund - - * telnet/*/*.c: renamed `telnet' to `my_telnet' to avoid - conflicts with system header files on mklinux. - -Tue Feb 10 02:09:03 1998 Assar Westerlund - - * telnetd/telnetd.c: new signature for `getterminaltype' and - `auth_wait' - - * libtelnet: changed the signature of the authentication method - `status' - -Sat Feb 7 07:21:29 1998 Assar Westerlund - - * */*.c: replace HAS_GETTOS by HAVE_PARSETOS and HAVE_GETTOSBYNAME - -Fri Dec 26 16:17:10 1997 Assar Westerlund - - * telnet/commands.c (tn): repair support for numeric addresses - -Sun Dec 21 09:40:31 1997 Assar Westerlund - - * libtelnet/kerberos.c: fix up lots of stuff related to the - forwarding of v4 tickets. - - * libtelnet/kerberos5.c (kerberos5_forward): zero out `creds'. - -Mon Dec 15 20:53:13 1997 Johan Danielsson - - * telnet/sys_bsd.c: Don't turn off OPOST in 8bit-mode. - -Tue Dec 9 19:26:50 1997 Assar Westerlund - - * telnet/main.c (main): add 'b' to getopt - -Sat Nov 29 03:28:54 1997 Johan Danielsson - - * telnet/telnet.c: Change binary mode to do just that, and add a - eight-bit mode for just passing all characters. - -Sun Nov 16 04:37:02 1997 Assar Westerlund - - * libtelnet/kerberos5.c (kerberos5_send): always ask for a session - key of type DES - - * libtelnet/kerberos5.c: remove old garbage and fix call to - krb5_auth_con_setaddrs_from_fd - -Fri Nov 14 20:35:18 1997 Johan Danielsson - - * telnetd/telnetd.c: Output contents of /etc/issue. - -Mon Nov 3 07:09:16 1997 Assar Westerlund - - * telnet/telnet_locl.h: only include iff - !defined(HAVE_TERMIOS_H) - - * libtelnet/kerberos.c (kerberos4_is): send the peer address to - krb_rd_req - - * telnetd/telnetd.c (terminaltypeok): always return OK. It used - to call `tgetent' to figure if it was a defined terminal type. - It's possible to overflow tgetent so that's a bad idea. The worst - that could happen by saying yes to all terminals is that the user - ends up with a terminal that has no definition on the local - system. And besides, most telnet client has no support for - falling back to a different terminal type. - -Mon Oct 20 05:47:19 1997 Assar Westerlund - - * libtelnet/kerberos5.c: remove lots of old junk. clean-up. - better error checking and reporting. tell the user permission - denied much earlier. - - * libtelnet/kerberos.c (kerberos4_is): only print - UserNameRequested if != NULL - diff --git a/crypto/heimdal/appl/telnet/Makefile.am b/crypto/heimdal/appl/telnet/Makefile.am deleted file mode 100644 index 61f0e86aecb9..000000000000 --- a/crypto/heimdal/appl/telnet/Makefile.am +++ /dev/null @@ -1,11 +0,0 @@ -# $Id: Makefile.am 5652 1999-03-20 13:58:20Z joda $ - -include $(top_srcdir)/Makefile.am.common - -SUBDIRS = libtelnet telnet telnetd - -dist-hook: - $(mkinstalldirs) $(distdir)/arpa - $(INSTALL_DATA) $(srcdir)/arpa/telnet.h $(distdir)/arpa - -EXTRA_DIST = README.ORIG telnet.state diff --git a/crypto/heimdal/appl/telnet/Makefile.in b/crypto/heimdal/appl/telnet/Makefile.in deleted file mode 100644 index 83dc3744649e..000000000000 --- a/crypto/heimdal/appl/telnet/Makefile.in +++ /dev/null @@ -1,820 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 5652 1999-03-20 13:58:20Z joda $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog -subdir = appl/telnet -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ - html-recursive info-recursive install-data-recursive \ - install-dvi-recursive install-exec-recursive \ - install-html-recursive install-info-recursive \ - install-pdf-recursive install-ps-recursive install-recursive \ - installcheck-recursive installdirs-recursive pdf-recursive \ - ps-recursive uninstall-recursive -RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ - distclean-recursive maintainer-clean-recursive -ETAGS = etags -CTAGS = ctags -DIST_SUBDIRS = $(SUBDIRS) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -SUBDIRS = libtelnet telnet telnetd -EXTRA_DIST = README.ORIG telnet.state -all: all-recursive - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/telnet/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/telnet/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -# This directory's subdirectories are mostly independent; you can cd -# into them and run `make' without going through this Makefile. -# To change the values of `make' variables: instead of editing Makefiles, -# (1) if the variable is set in `config.status', edit `config.status' -# (which will cause the Makefiles to be regenerated when you run `make'); -# (2) otherwise, pass the desired values on the `make' command line. -$(RECURSIVE_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - target=`echo $@ | sed s/-recursive//`; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - dot_seen=yes; \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done; \ - if test "$$dot_seen" = "no"; then \ - $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ - fi; test -z "$$fail" - -$(RECURSIVE_CLEAN_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - case "$@" in \ - distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ - *) list='$(SUBDIRS)' ;; \ - esac; \ - rev=''; for subdir in $$list; do \ - if test "$$subdir" = "."; then :; else \ - rev="$$subdir $$rev"; \ - fi; \ - done; \ - rev="$$rev ."; \ - target=`echo $@ | sed s/-recursive//`; \ - for subdir in $$rev; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done && test -z "$$fail" -tags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ - done -ctags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ - include_option=--etags-include; \ - empty_fix=.; \ - else \ - include_option=--include; \ - empty_fix=; \ - fi; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test ! -f $$subdir/TAGS || \ - tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ - fi; \ - done; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test -d "$(distdir)/$$subdir" \ - || $(MKDIR_P) "$(distdir)/$$subdir" \ - || exit 1; \ - distdir=`$(am__cd) $(distdir) && pwd`; \ - top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ - (cd $$subdir && \ - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$$top_distdir" \ - distdir="$$distdir/$$subdir" \ - am__remove_distdir=: \ - am__skip_length_check=: \ - distdir) \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-recursive -all-am: Makefile all-local -installdirs: installdirs-recursive -installdirs-am: -install: install-recursive -install-exec: install-exec-recursive -install-data: install-data-recursive -uninstall: uninstall-recursive - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-recursive -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-recursive - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-recursive - -rm -f Makefile -distclean-am: clean-am distclean-generic distclean-tags - -dvi: dvi-recursive - -dvi-am: - -html: html-recursive - -info: info-recursive - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-recursive - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-recursive - -install-info: install-info-recursive - -install-man: - -install-pdf: install-pdf-recursive - -install-ps: install-ps-recursive - -installcheck-am: - -maintainer-clean: maintainer-clean-recursive - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-recursive - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-recursive - -pdf-am: - -ps: ps-recursive - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ - install-data-am install-exec-am install-strip uninstall-am - -.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ - all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool ctags ctags-recursive dist-hook \ - distclean distclean-generic distclean-libtool distclean-tags \ - distdir dvi dvi-am html html-am info info-am install \ - install-am install-data install-data-am install-data-hook \ - install-dvi install-dvi-am install-exec install-exec-am \ - install-exec-hook install-html install-html-am install-info \ - install-info-am install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs installdirs-am maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags tags-recursive \ - uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -dist-hook: - $(mkinstalldirs) $(distdir)/arpa - $(INSTALL_DATA) $(srcdir)/arpa/telnet.h $(distdir)/arpa -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/appl/telnet/README.ORIG b/crypto/heimdal/appl/telnet/README.ORIG deleted file mode 100644 index 37b588fafd6f..000000000000 --- a/crypto/heimdal/appl/telnet/README.ORIG +++ /dev/null @@ -1,743 +0,0 @@ - -This is a distribution of both client and server telnet. These programs -have been compiled on: - telnet telnetd - 4.4 BSD-Lite x x - 4.3 BSD Reno X X - UNICOS 9.1 X X - UNICOS 9.0 X X - UNICOS 8.0 X X - BSDI 2.0 X X - Solaris 2.4 x x (no linemode in server) - SunOs 4.1.4 X X (no linemode in server) - Ultrix 4.3 X X (no linemode in server) - Ultrix 4.1 X X (no linemode in server) - -In addition, previous versions have been compiled on the following -machines, but were not available for testing this version. - telnet telnetd - Next1.0 X X - UNICOS 8.3 X X - UNICOS 7.C X X - UNICOS 7.0 X X - SunOs 4.0.3c X X (no linemode in server) - 4.3 BSD X X (no linemode in server) - DYNIX V3.0.12 X X (no linemode in server) - Ultrix 3.1 X X (no linemode in server) - Ultrix 4.0 X X (no linemode in server) - SunOs 3.5 X X (no linemode in server) - SunOs 4.1.3 X X (no linemode in server) - Solaris 2.2 x x (no linemode in server) - Solaris 2.3 x x (no linemode in server) - BSDI 1.0 X X - BSDI 1.1 X X - DYNIX V3.0.17.9 X X (no linemode in server) - HP-UX 8.0 x x (no linemode in server) - -This code should work, but there are no guarantees. - -May 30, 1995 - -This release represents what is on the 4.4BSD-Lite2 release, which -should be the final BSD release. I will continue to support of -telnet, The code (without encryption) is available via anonymous ftp -from ftp.cray.com, in src/telnet/telnet.YY.MM.DD.NE.tar.Z, where -YY.MM.DD is replaced with the year, month and day of the release. -If you can't find it at one of these places, at some point in the -near future information about the latest releases should be available -from ftp.borman.com. - -In addition, the version with the encryption code is available via -ftp from net-dist.mit.edu, in the directory /pub/telnet. There -is a README file there that gives further information on how -to get the distribution. - -Questions, comments, bug reports and bug fixes can be sent to -one of these addresses: - dab@borman.com - dab@cray.com - dab@bsdi.com - -This release is mainly bug fixes and code cleanup. - - Replace all calls to bcopy()/bzero() with calls to - memmove()/memset() and all calls to index()/rindex() - with calls to strchr()/strrchr(). - - Add some missing diagnostics for option tracing - to telnetd. - - Add support for BSDI 2.0 and Solaris 2.4. - - Add support for UNICOS 8.0 - - Get rid of expanded tabs and trailing white spaces. - - From Paul Vixie: - Fix for telnet going into an endless spin - when the session dies abnormally. - - From Jef Poskanzer: - Changes to allow telnet to compile - under SunOS 3.5. - - From Philip Guenther: - makeutx() doesn't expand utmpx, - use pututxline() instead. - - From Chris Torek: - Add a sleep(1) before execing login - to avoid race condition that can eat - up the login prompt. - Use terminal speed directly if it is - not an encoded value. - - From Steve Parker: - Fix to realloc() call. Fix for execing - login on solaris with no user name. - -January 19, 1994 - -This is a list of some of the changes since the last tar release -of telnet/telnetd. There are probably other changes that aren't -listed here, but this should hit a lot of the main ones. - - General: - Changed #define for AUTHENTICATE to AUTHENTICATION - Changed #define for ENCRYPT to ENCRYPTION - Changed #define for DES_ENCRYPT to DES_ENCRYPTION - - Added support for SPX authentication: -DSPX - - Added support for Kerberos Version 5 authentication: -DKRB5 - - Added support for ANSI C function prototypes - - Added support for the NEW-ENVIRON option (RFC-1572) - including support for USERVAR. - - Made support for the old Environment Option (RFC-1408) - conditional on -DOLD_ENVIRON - - Added #define ENV_HACK - support for RFC 1571 - - The encryption code is removed from the public distributions. - Domestic 4.4 BSD distributions contain the encryption code. - - ENV_HACK: Code to deal with systems that only implement - the old ENVIRON option, and have reversed definitions - of ENV_VAR and ENV_VAL. Also fixes ENV processing in - client to handle things besides just the default set... - - NO_BSD_SETJMP: UNICOS configuration for - UNICOS 6.1/6.0/5.1/5.0 systems. - - STREAMSPTY: Use /dev/ptmx to get a clean pty. This - is for SVr4 derivatives (Like Solaris) - - UTMPX: For systems that have /etc/utmpx. This is for - SVr4 derivatives (Like Solaris) - - Definitions for BSDI 1.0 - - Definitions for 4.3 Reno and 4.4 BSD. - - Definitions for UNICOS 8.0 and UNICOS 7.C - - Definitions for Solaris 2.0 - - Definitions for HP-UX 8.0 - - Latest Copyright notices from Berkeley. - - FLOW-CONTROL: support for RFC-XXXx - - - Client Specific: - - Fix the "send" command to not send garbage... - - Fix status message for "skiprc" - - Make sure to send NAWS after telnet has been suspended - or an external command has been run, if the window size - has changed. - - sysV88 support. - - Server Specific: - - Support flowcontrol option in non-linemode servers. - - -k Server supports Kludge Linemode, but will default to - either single character mode or real Linemode support. - The user will have to explicitly ask to switch into - kludge linemode. ("stty extproc", or escape back to - to telnet and say "mode line".) - - -u Specify the length of the hostname field in the utmp - file. Hostname longer than this length will be put - into the utmp file in dotted decimal notation, rather - than putting in a truncated hostname. - - -U Registered hosts only. If a reverse hostname lookup - fails, the connection will be refused. - - -f/-F - Allows forwarding of credentials for KRB5. - -Februrary 22, 1991: - - Features: - - This version of telnet/telnetd has support for both - the AUTHENTICATION and ENCRYPTION options. The - AUTHENTICATION option is fairly well defined, and - an option number has been assigned to it. The - ENCRYPTION option is still in a state of flux; an - option number has been assigned to, but it is still - subject to change. The code is provided in this release - for experimental and testing purposes. - - The telnet "send" command can now be used to send - do/dont/will/wont commands, with any telnet option - name. The rules for when do/dont/will/wont are sent - are still followed, so just because the user requests - that one of these be sent doesn't mean that it will - be sent... - - The telnet "getstatus" command no longer requires - that option printing be enabled to see the response - to the "DO STATUS" command. - - A -n flag has been added to telnetd to disable - keepalives. - - A new telnet command, "auth" has been added (if - AUTHENTICATE is defined). It has four sub-commands, - "status", "disable", "enable" and "help". - - A new telnet command, "encrypt" has been added (if - ENCRYPT is defined). It has many sub-commands: - "enable", "type", "start", "stop", "input", - "-input", "output", "-output", "status", and "help". - - The LOGOUT option is now supported by both telnet - and telnetd, a new command, "logout", was added - to support this. - - Several new toggle options were added: - "autoencrypt", "autodecrypt", "autologin", "authdebug", - "encdebug", "skiprc", "verbose_encrypt" - - An "rlogin" interface has been added. If the program - is named "rlogin", or the "-r" flag is given, then - an rlogin type of interface will be used. - ~. Terminates the session - ~ Suspend the session - ~^] Escape to telnet command mode - ~~ Pass through the ~. - BUG: If you type the rlogin escape character - in the middle of a line while in rlogin - mode, you cannot erase it or any characters - before it. Hopefully this can be fixed - in a future release... - - General changes: - - A "libtelnet.a" has now been created. This libraray - contains code that is common to both telnet and - telnetd. This is also where library routines that - are needed, but are not in the standard C library, - are placed. - - The makefiles have been re-done. All of the site - specific configuration information has now been put - into a single "Config.generic" file, in the top level - directory. Changing this one file will take care of - all three subdirectories. Also, to add a new/local - definition, a "Config.local" file may be created - at the top level; if that file exists, the subdirectories - will use that file instead of "Config.generic". - - Many 1-2 line functions in commands.c have been - removed, and just inserted in-line, or replaced - with a macro. - - Bug Fixes: - - The non-termio code in both telnet and telnetd was - setting/clearing CTLECH in the sg_flags word. This - was incorrect, and has been changed to set/clear the - LCTLECH bit in the local mode word. - - The SRCRT #define has been removed. If IP_OPTIONS - and IPPROTO_IP are defined on the system, then the - source route code is automatically enabled. - - The NO_GETTYTAB #define has been removed; there - is a compatability routine that can be built into - libtelnet to achive the same results. - - The server, telnetd, has been switched to use getopt() - for parsing the argument list. - - The code for getting the input/output speeds via - cfgetispeed()/cfgetospeed() was still not quite - right in telnet. Posix says if the ispeed is 0, - then it is really equal to the ospeed. - - The suboption processing code in telnet now has - explicit checks to make sure that we received - the entire suboption (telnetd was already doing this). - - The telnet code for processing the terminal type - could cause a core dump if an existing connection - was closed, and a new connection opened without - exiting telnet. - - Telnetd was doing a TCSADRAIN when setting the new - terminal settings; This is not good, because it means - that the tcsetattr() will hang waiting for output to - drain, and telnetd is the only one that will drain - the output... The fix is to use TCSANOW which does - not wait. - - Telnetd was improperly setting/clearing the ISTRIP - flag in the c_lflag field, it should be using the - c_iflag field. - - When the child process of telnetd was opening the - slave side of the pty, it was re-setting the EXTPROC - bit too early, and some of the other initialization - code was wiping it out. This would cause telnetd - to go out of linemode and into single character mode. - - One instance of leaving linemode in telnetd forgot - to send a WILL ECHO to the client, the net result - would be that the user would see double character - echo. - - If the MODE was being changed several times very - quickly, telnetd could get out of sync with the - state changes and the returning acks; and wind up - being left in the wrong state. - -September 14, 1990: - - Switch the client to use getopt() for parsing the - argument list. The 4.3Reno getopt.c is included for - systems that don't have getopt(). - - Use the posix _POSIX_VDISABLE value for what value - to use when disabling special characters. If this - is undefined, it defaults to 0x3ff. - - For non-termio systems, TIOCSETP was being used to - change the state of the terminal. This causes the - input queue to be flushed, which we don't want. This - is now changed to TIOCSETN. - - Take out the "#ifdef notdef" around the code in the - server that generates a "sync" when the pty oputput - is flushed. The potential problem is that some older - telnet clients may go into an infinate loop when they - receive a "sync", if so, the server can be compiled - with "NO_URGENT" defined. - - Fix the client where it was setting/clearing the OPOST - bit in the c_lflag field, not the c_oflag field. - - Fix the client where it was setting/clearing the ISTRIP - bit in the c_lflag field, not the c_iflag field. (On - 4.3Reno, this is the ECHOPRT bit in the c_lflag field.) - The client also had its interpretation of WILL BINARY - and DO BINARY reversed. - - Fix a bug in client that would cause a core dump when - attempting to remove the last environment variable. - - In the client, there were a few places were switch() - was being passed a character, and if it was a negative - value, it could get sign extended, and not match - the 8 bit case statements. The fix is to and the - switch value with 0xff. - - Add a couple more printoption() calls in the client, I - don't think there are any more places were a telnet - command can be received and not printed out when - "options" is on. - - A new flag has been added to the client, "-a". Currently, - this just causes the USER name to be sent across, in - the future this may be used to signify that automatic - authentication is requested. - - The USER variable is now only sent by the client if - the "-a" or "-l user" options are explicity used, or - if the user explicitly asks for the "USER" environment - variable to be exported. In the server, if it receives - the "USER" environment variable, it won't print out the - banner message, so that only "Password:" will be printed. - This makes the symantics more like rlogin, and should be - more familiar to the user. (People are not used to - getting a banner message, and then getting just a - "Password:" prompt.) - - Re-vamp the code for starting up the child login - process. The code was getting ugly, and it was - hard to tell what was really going on. What we - do now is after the fork(), in the child: - 1) make sure we have no controlling tty - 2) open and initialize the tty - 3) do a setsid()/setpgrp() - 4) makes the tty our controlling tty. - On some systems, #2 makes the tty our controlling - tty, and #4 is a no-op. The parent process does - a gets rid of any controlling tty after the child - is fork()ed. - - Use the strdup() library routine in telnet, instead - of the local savestr() routine. If you don't have - strdup(), you need to define NO_STRDUP. - - Add support for ^T (SIGINFO/VSTATUS), found in the - 4.3Reno distribution. This maps to the AYT character. - You need a 4-line bugfix in the kernel to get this - to work properly: - - > *** tty_pty.c.ORG Tue Sep 11 09:41:53 1990 - > --- tty_pty.c Tue Sep 11 17:48:03 1990 - > *************** - > *** 609,613 **** - > if ((tp->t_lflag&NOFLSH) == 0) - > ttyflush(tp, FREAD|FWRITE); - > ! pgsignal(tp->t_pgrp, *(unsigned int *)data); - > return(0); - > } - > --- 609,616 ---- - > if ((tp->t_lflag&NOFLSH) == 0) - > ttyflush(tp, FREAD|FWRITE); - > ! pgsignal(tp->t_pgrp, *(unsigned int *)data, 1); - > ! if ((*(unsigned int *)data == SIGINFO) && - > ! ((tp->t_lflag&NOKERNINFO) == 0)) - > ! ttyinfo(tp); - > return(0); - > } - - The client is now smarter when setting the telnet escape - character; it only sets it to one of VEOL and VEOL2 if - one of them is undefined, and the other one is not already - defined to the telnet escape character. - - Handle TERMIOS systems that have seperate input and output - line speed settings imbedded in the flags. - - Many other minor bug fixes. - -June 20, 1990: - Re-organize makefiles and source tree. The telnet/Source - directory is now gone, and all the source that was in - telnet/Source is now just in the telnet directory. - - Seperate makefile for each system are now gone. There - are two makefiles, Makefile and Makefile.generic. - The "Makefile" has the definitions for the various - system, and "Makefile.generic" does all the work. - There is a variable called "WHAT" that is used to - specify what to make. For example, in the telnet - directory, you might say: - make 4.4bsd WHAT=clean - to clean out the directory. - - Add support for the ENVIRON and XDISPLOC options. - In order for the server to work, login has to have - the "-p" option to preserve environment variables. - - Add the SOFT_TAB and LIT_ECHO modes in the LINEMODE support. - - Add the "-l user" option to command line and open command - (This is passed through the ENVIRON option). - - Add the "-e" command line option, for setting the escape - character. - - Add the "-D", diagnostic, option to the server. This allows - the server to print out debug information, which is very - useful when trying to debug a telnet that doesn't have any - debugging ability. - - Turn off the literal next character when not in LINEMODE. - - Don't recognize ^Y locally, just pass it through. - - Make minor modifications for Sun4.0 and Sun4.1 - - Add support for both FORW1 and FORW2 characters. The - telnet escpape character is set to whichever of the - two is not being used. If both are in use, the escape - character is not set, so when in linemode the user will - have to follow the escape character with a or - -libtelnet/Makefile.4.4: -telnet/Makefile.4.4: -telnetd/Makefile.4.4: - These are the makefiles that can be used on a 4.3Reno - system when this software is installed in /usr/src/lib/libtelnet, - /usr/src/libexec/telnetd, and /usr/src/usr.bin/telnet. - - -The following TELNET options are supported: - - LINEMODE: - The LINEMODE option is supported as per RFC1116. The - FORWARDMASK option is not currently supported. - - BINARY: The client has the ability to turn on/off the BINARY - option in each direction. Turning on BINARY from - server to client causes the LITOUT bit to get set in - the terminal driver on both ends, turning on BINARY - from the client to the server causes the PASS8 bit - to get set in the terminal driver on both ends. - - TERMINAL-TYPE: - This is supported as per RFC1091. On the server side, - when a terminal type is received, termcap/terminfo - is consulted to determine if it is a known terminal - type. It keeps requesting terminal types until it - gets one that it recongnizes, or hits the end of the - list. The server side looks up the entry in the - termcap/terminfo data base, and generates a list of - names which it then passes one at a time to each - request for a terminal type, duplicating the last - entry in the list before cycling back to the beginning. - - NAWS: The Negotiate about Window Size, as per RFC 1073. - - TERMINAL-SPEED: - Implemented as per RFC 1079 - - TOGGLE-FLOW-CONTROL: - Implemented as per RFC 1080 - - TIMING-MARK: - As per RFC 860 - - SGA: As per RFC 858 - - ECHO: As per RFC 857 - - LOGOUT: As per RFC 727 - - STATUS: - The server will send its current status upon - request. It does not ask for the clients status. - The client will request the servers current status - from the "send getstatus" command. - - ENVIRON: - This option is currently being defined by the IETF - Telnet Working Group, and an RFC has not yet been - issued, but should be in the near future... - - X-DISPLAY-LOCATION: - This functionality can be done through the ENVIRON - option, it is added here for completeness. - - AUTHENTICATION: - This option is currently being defined by the IETF - Telnet Working Group, and an RFC has not yet been - issued. The basic framework is pretty much decided, - but the definitions for the specific authentication - schemes is still in a state of flux. - - ENCRYPTION: - This option is currently being defined by the IETF - Telnet Working Group, and an RFC has not yet been - issued. The draft RFC is still in a state of flux, - so this code may change in the future. diff --git a/crypto/heimdal/appl/telnet/arpa/telnet.h b/crypto/heimdal/appl/telnet/arpa/telnet.h deleted file mode 100644 index 5d9ef6001621..000000000000 --- a/crypto/heimdal/appl/telnet/arpa/telnet.h +++ /dev/null @@ -1,323 +0,0 @@ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)telnet.h 8.2 (Berkeley) 12/15/93 - */ - -#ifndef _TELNET_H_ -#define _TELNET_H_ - -/* - * Definitions for the TELNET protocol. - */ -#define IAC 255 /* interpret as command: */ -#define DONT 254 /* you are not to use option */ -#define DO 253 /* please, you use option */ -#define WONT 252 /* I won't use option */ -#define WILL 251 /* I will use option */ -#define SB 250 /* interpret as subnegotiation */ -#define GA 249 /* you may reverse the line */ -#define EL 248 /* erase the current line */ -#define EC 247 /* erase the current character */ -#define AYT 246 /* are you there */ -#define AO 245 /* abort output--but let prog finish */ -#define IP 244 /* interrupt process--permanently */ -#define BREAK 243 /* break */ -#define DM 242 /* data mark--for connect. cleaning */ -#define NOP 241 /* nop */ -#define SE 240 /* end sub negotiation */ -#define EOR 239 /* end of record (transparent mode) */ -#define ABORT 238 /* Abort process */ -#define SUSP 237 /* Suspend process */ -#define xEOF 236 /* End of file: EOF is already used... */ - -#define SYNCH 242 /* for telfunc calls */ - -#ifdef TELCMDS -char *telcmds[] = { - "EOF", "SUSP", "ABORT", "EOR", - "SE", "NOP", "DMARK", "BRK", "IP", "AO", "AYT", "EC", - "EL", "GA", "SB", "WILL", "WONT", "DO", "DONT", "IAC", 0, -}; -#else -extern char *telcmds[]; -#endif - -#define TELCMD_FIRST xEOF -#define TELCMD_LAST IAC -#define TELCMD_OK(x) ((unsigned int)(x) <= TELCMD_LAST && \ - (unsigned int)(x) >= TELCMD_FIRST) -#define TELCMD(x) telcmds[(x)-TELCMD_FIRST] - -/* telnet options */ -#define TELOPT_BINARY 0 /* 8-bit data path */ -#define TELOPT_ECHO 1 /* echo */ -#define TELOPT_RCP 2 /* prepare to reconnect */ -#define TELOPT_SGA 3 /* suppress go ahead */ -#define TELOPT_NAMS 4 /* approximate message size */ -#define TELOPT_STATUS 5 /* give status */ -#define TELOPT_TM 6 /* timing mark */ -#define TELOPT_RCTE 7 /* remote controlled transmission and echo */ -#define TELOPT_NAOL 8 /* negotiate about output line width */ -#define TELOPT_NAOP 9 /* negotiate about output page size */ -#define TELOPT_NAOCRD 10 /* negotiate about CR disposition */ -#define TELOPT_NAOHTS 11 /* negotiate about horizontal tabstops */ -#define TELOPT_NAOHTD 12 /* negotiate about horizontal tab disposition */ -#define TELOPT_NAOFFD 13 /* negotiate about formfeed disposition */ -#define TELOPT_NAOVTS 14 /* negotiate about vertical tab stops */ -#define TELOPT_NAOVTD 15 /* negotiate about vertical tab disposition */ -#define TELOPT_NAOLFD 16 /* negotiate about output LF disposition */ -#define TELOPT_XASCII 17 /* extended ascic character set */ -#define TELOPT_LOGOUT 18 /* force logout */ -#define TELOPT_BM 19 /* byte macro */ -#define TELOPT_DET 20 /* data entry terminal */ -#define TELOPT_SUPDUP 21 /* supdup protocol */ -#define TELOPT_SUPDUPOUTPUT 22 /* supdup output */ -#define TELOPT_SNDLOC 23 /* send location */ -#define TELOPT_TTYPE 24 /* terminal type */ -#define TELOPT_EOR 25 /* end or record */ -#define TELOPT_TUID 26 /* TACACS user identification */ -#define TELOPT_OUTMRK 27 /* output marking */ -#define TELOPT_TTYLOC 28 /* terminal location number */ -#define TELOPT_3270REGIME 29 /* 3270 regime */ -#define TELOPT_X3PAD 30 /* X.3 PAD */ -#define TELOPT_NAWS 31 /* window size */ -#define TELOPT_TSPEED 32 /* terminal speed */ -#define TELOPT_LFLOW 33 /* remote flow control */ -#define TELOPT_LINEMODE 34 /* Linemode option */ -#define TELOPT_XDISPLOC 35 /* X Display Location */ -#define TELOPT_OLD_ENVIRON 36 /* Old - Environment variables */ -#define TELOPT_AUTHENTICATION 37/* Authenticate */ -#define TELOPT_ENCRYPT 38 /* Encryption option */ -#define TELOPT_NEW_ENVIRON 39 /* New - Environment variables */ -#define TELOPT_EXOPL 255 /* extended-options-list */ - - -#define NTELOPTS (1+TELOPT_NEW_ENVIRON) -#ifdef TELOPTS -char *telopts[NTELOPTS+1] = { - "BINARY", "ECHO", "RCP", "SUPPRESS GO AHEAD", "NAME", - "STATUS", "TIMING MARK", "RCTE", "NAOL", "NAOP", - "NAOCRD", "NAOHTS", "NAOHTD", "NAOFFD", "NAOVTS", - "NAOVTD", "NAOLFD", "EXTEND ASCII", "LOGOUT", "BYTE MACRO", - "DATA ENTRY TERMINAL", "SUPDUP", "SUPDUP OUTPUT", - "SEND LOCATION", "TERMINAL TYPE", "END OF RECORD", - "TACACS UID", "OUTPUT MARKING", "TTYLOC", - "3270 REGIME", "X.3 PAD", "NAWS", "TSPEED", "LFLOW", - "LINEMODE", "XDISPLOC", "OLD-ENVIRON", "AUTHENTICATION", - "ENCRYPT", "NEW-ENVIRON", - 0, -}; -#define TELOPT_FIRST TELOPT_BINARY -#define TELOPT_LAST TELOPT_NEW_ENVIRON -#define TELOPT_OK(x) ((unsigned int)(x) <= TELOPT_LAST) -#define TELOPT(x) telopts[(x)-TELOPT_FIRST] -#endif - -/* sub-option qualifiers */ -#define TELQUAL_IS 0 /* option is... */ -#define TELQUAL_SEND 1 /* send option */ -#define TELQUAL_INFO 2 /* ENVIRON: informational version of IS */ -#define TELQUAL_REPLY 2 /* AUTHENTICATION: client version of IS */ -#define TELQUAL_NAME 3 /* AUTHENTICATION: client version of IS */ - -#define LFLOW_OFF 0 /* Disable remote flow control */ -#define LFLOW_ON 1 /* Enable remote flow control */ -#define LFLOW_RESTART_ANY 2 /* Restart output on any char */ -#define LFLOW_RESTART_XON 3 /* Restart output only on XON */ - -/* - * LINEMODE suboptions - */ - -#define LM_MODE 1 -#define LM_FORWARDMASK 2 -#define LM_SLC 3 - -#define MODE_EDIT 0x01 -#define MODE_TRAPSIG 0x02 -#define MODE_ACK 0x04 -#define MODE_SOFT_TAB 0x08 -#define MODE_LIT_ECHO 0x10 - -#define MODE_MASK 0x1f - -/* Not part of protocol, but needed to simplify things... */ -#define MODE_FLOW 0x0100 -#define MODE_ECHO 0x0200 -#define MODE_INBIN 0x0400 -#define MODE_OUTBIN 0x0800 -#define MODE_FORCE 0x1000 - -#define SLC_SYNCH 1 -#define SLC_BRK 2 -#define SLC_IP 3 -#define SLC_AO 4 -#define SLC_AYT 5 -#define SLC_EOR 6 -#define SLC_ABORT 7 -#define SLC_EOF 8 -#define SLC_SUSP 9 -#define SLC_EC 10 -#define SLC_EL 11 -#define SLC_EW 12 -#define SLC_RP 13 -#define SLC_LNEXT 14 -#define SLC_XON 15 -#define SLC_XOFF 16 -#define SLC_FORW1 17 -#define SLC_FORW2 18 - -#define NSLC 18 - -/* - * For backwards compatability, we define SLC_NAMES to be the - * list of names if SLC_NAMES is not defined. - */ -#define SLC_NAMELIST "0", "SYNCH", "BRK", "IP", "AO", "AYT", "EOR", \ - "ABORT", "EOF", "SUSP", "EC", "EL", "EW", "RP", \ - "LNEXT", "XON", "XOFF", "FORW1", "FORW2", 0, -#ifdef SLC_NAMES -char *slc_names[] = { - SLC_NAMELIST -}; -#else -extern char *slc_names[]; -#define SLC_NAMES SLC_NAMELIST -#endif - -#define SLC_NAME_OK(x) ((unsigned int)(x) <= NSLC) -#define SLC_NAME(x) slc_names[x] - -#define SLC_NOSUPPORT 0 -#define SLC_CANTCHANGE 1 -#define SLC_VARIABLE 2 -#define SLC_DEFAULT 3 -#define SLC_LEVELBITS 0x03 - -#define SLC_FUNC 0 -#define SLC_FLAGS 1 -#define SLC_VALUE 2 - -#define SLC_ACK 0x80 -#define SLC_FLUSHIN 0x40 -#define SLC_FLUSHOUT 0x20 - -#define OLD_ENV_VAR 1 -#define OLD_ENV_VALUE 0 -#define NEW_ENV_VAR 0 -#define NEW_ENV_VALUE 1 -#define ENV_ESC 2 -#define ENV_USERVAR 3 - -/* - * AUTHENTICATION suboptions - */ - -/* - * Who is authenticating who ... - */ -#define AUTH_WHO_CLIENT 0 /* Client authenticating server */ -#define AUTH_WHO_SERVER 1 /* Server authenticating client */ -#define AUTH_WHO_MASK 1 - -/* - * amount of authentication done - */ -#define AUTH_HOW_ONE_WAY 0 -#define AUTH_HOW_MUTUAL 2 -#define AUTH_HOW_MASK 2 - -#define AUTHTYPE_NULL 0 -#define AUTHTYPE_KERBEROS_V4 1 -#define AUTHTYPE_KERBEROS_V5 2 -#define AUTHTYPE_SPX 3 -#define AUTHTYPE_MINK 4 -#define AUTHTYPE_SRA 5 -#define AUTHTYPE_CNT 6 -/* #define AUTHTYPE_UNSECURE 6 */ - -#define AUTHTYPE_TEST 99 - -#ifdef AUTH_NAMES -char *authtype_names[] = { - "NULL", "KERBEROS_V4", "KERBEROS_V5", "SPX", "MINK", - "SRA", 0, -}; -#else -extern char *authtype_names[]; -#endif - -#define AUTHTYPE_NAME_OK(x) ((unsigned int)(x) < AUTHTYPE_CNT) -#define AUTHTYPE_NAME(x) authtype_names[x] - -/* - * ENCRYPTion suboptions - */ -#define ENCRYPT_IS 0 /* I pick encryption type ... */ -#define ENCRYPT_SUPPORT 1 /* I support encryption types ... */ -#define ENCRYPT_REPLY 2 /* Initial setup response */ -#define ENCRYPT_START 3 /* Am starting to send encrypted */ -#define ENCRYPT_END 4 /* Am ending encrypted */ -#define ENCRYPT_REQSTART 5 /* Request you start encrypting */ -#define ENCRYPT_REQEND 6 /* Request you send encrypting */ -#define ENCRYPT_ENC_KEYID 7 -#define ENCRYPT_DEC_KEYID 8 -#define ENCRYPT_CNT 9 - -#define ENCTYPE_ANY 0 -#define ENCTYPE_DES_CFB64 1 -#define ENCTYPE_DES_OFB64 2 -#define ENCTYPE_CNT 3 - -#ifdef ENCRYPT_NAMES -char *encrypt_names[] = { - "IS", "SUPPORT", "REPLY", "START", "END", - "REQUEST-START", "REQUEST-END", "ENC-KEYID", "DEC-KEYID", - 0, -}; -char *enctype_names[] = { - "ANY", "DES_CFB64", "DES_OFB64", 0, -}; -#else -extern char *encrypt_names[]; -extern char *enctype_names[]; -#endif - - -#define ENCRYPT_NAME_OK(x) ((unsigned int)(x) < ENCRYPT_CNT) -#define ENCRYPT_NAME(x) encrypt_names[x] - -#define ENCTYPE_NAME_OK(x) ((unsigned int)(x) < ENCTYPE_CNT) -#define ENCTYPE_NAME(x) enctype_names[x] - -#endif /* !_TELNET_H_ */ diff --git a/crypto/heimdal/appl/telnet/libtelnet/Makefile.am b/crypto/heimdal/appl/telnet/libtelnet/Makefile.am deleted file mode 100644 index 60786baa62dc..000000000000 --- a/crypto/heimdal/appl/telnet/libtelnet/Makefile.am +++ /dev/null @@ -1,24 +0,0 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += -I$(srcdir)/.. $(INCLUDE_krb4) $(INCLUDE_hcrypto) - -noinst_LIBRARIES = libtelnet.a - -libtelnet_a_SOURCES = \ - auth-proto.h \ - auth.c \ - auth.h \ - enc-proto.h \ - enc_des.c \ - encrypt.c \ - encrypt.h \ - genget.c \ - kerberos.c \ - kerberos5.c \ - misc-proto.h \ - misc.c \ - misc.h - -EXTRA_DIST = krb4encpwd.c rsaencpwd.c spx.c diff --git a/crypto/heimdal/appl/telnet/libtelnet/Makefile.in b/crypto/heimdal/appl/telnet/libtelnet/Makefile.in deleted file mode 100644 index cb00e59e5ff5..000000000000 --- a/crypto/heimdal/appl/telnet/libtelnet/Makefile.in +++ /dev/null @@ -1,764 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = appl/telnet/libtelnet -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) -ARFLAGS = cru -libtelnet_a_AR = $(AR) $(ARFLAGS) -libtelnet_a_LIBADD = -am_libtelnet_a_OBJECTS = auth.$(OBJEXT) enc_des.$(OBJEXT) \ - encrypt.$(OBJEXT) genget.$(OBJEXT) kerberos.$(OBJEXT) \ - kerberos5.$(OBJEXT) misc.$(OBJEXT) -libtelnet_a_OBJECTS = $(am_libtelnet_a_OBJECTS) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(libtelnet_a_SOURCES) -DIST_SOURCES = $(libtelnet_a_SOURCES) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - -I$(srcdir)/.. $(INCLUDE_krb4) $(INCLUDE_hcrypto) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -noinst_LIBRARIES = libtelnet.a -libtelnet_a_SOURCES = \ - auth-proto.h \ - auth.c \ - auth.h \ - enc-proto.h \ - enc_des.c \ - encrypt.c \ - encrypt.h \ - genget.c \ - kerberos.c \ - kerberos5.c \ - misc-proto.h \ - misc.c \ - misc.h - -EXTRA_DIST = krb4encpwd.c rsaencpwd.c spx.c -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/telnet/libtelnet/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/telnet/libtelnet/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -clean-noinstLIBRARIES: - -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) -libtelnet.a: $(libtelnet_a_OBJECTS) $(libtelnet_a_DEPENDENCIES) - -rm -f libtelnet.a - $(libtelnet_a_AR) libtelnet.a $(libtelnet_a_OBJECTS) $(libtelnet_a_LIBADD) - $(RANLIB) libtelnet.a - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(LIBRARIES) all-local -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool clean-noinstLIBRARIES \ - mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-generic clean-libtool clean-noinstLIBRARIES ctags \ - dist-hook distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ - pdf pdf-am ps ps-am tags uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/appl/telnet/libtelnet/auth-proto.h b/crypto/heimdal/appl/telnet/libtelnet/auth-proto.h deleted file mode 100644 index 4f2e2457bb03..000000000000 --- a/crypto/heimdal/appl/telnet/libtelnet/auth-proto.h +++ /dev/null @@ -1,124 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)auth-proto.h 8.1 (Berkeley) 6/4/93 - */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America is assumed - * to require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -/* $Id: auth-proto.h 11288 2002-08-28 20:56:14Z joda $ */ - -#ifdef AUTHENTICATION -Authenticator *findauthenticator (int, int); - -int auth_wait (char *, size_t); -void auth_disable_name (char *); -void auth_finished (Authenticator *, int); -void auth_gen_printsub (unsigned char *, int, unsigned char *, int); -void auth_init (const char *, int); -void auth_is (unsigned char *, int); -void auth_name(unsigned char*, int); -void auth_reply (unsigned char *, int); -void auth_request (void); -void auth_send (unsigned char *, int); -void auth_send_retry (void); -void auth_printsub(unsigned char*, int, unsigned char*, int); -int getauthmask(char *type, int *maskp); -int auth_enable(char *type); -int auth_disable(char *type); -int auth_onoff(char *type, int on); -int auth_togdebug(int on); -int auth_status(void); -int auth_sendname(unsigned char *cp, int len); -void auth_debug(int mode); -void auth_gen_printsub(unsigned char *data, int cnt, - unsigned char *buf, int buflen); - -#ifdef UNSAFE -int unsafe_init (Authenticator *, int); -int unsafe_send (Authenticator *); -void unsafe_is (Authenticator *, unsigned char *, int); -void unsafe_reply (Authenticator *, unsigned char *, int); -int unsafe_status (Authenticator *, char *, int); -void unsafe_printsub (unsigned char *, int, unsigned char *, int); -#endif - -#ifdef SRA -int sra_init (Authenticator *, int); -int sra_send (Authenticator *); -void sra_is (Authenticator *, unsigned char *, int); -void sra_reply (Authenticator *, unsigned char *, int); -int sra_status (Authenticator *, char *, int); -void sra_printsub (unsigned char *, int, unsigned char *, int); -#endif - -#ifdef KRB4 -int kerberos4_init (Authenticator *, int); -int kerberos4_send_mutual (Authenticator *); -int kerberos4_send_oneway (Authenticator *); -void kerberos4_is (Authenticator *, unsigned char *, int); -void kerberos4_reply (Authenticator *, unsigned char *, int); -int kerberos4_status (Authenticator *, char *, size_t, int); -void kerberos4_printsub (unsigned char *, int, unsigned char *, int); -int kerberos4_forward(Authenticator *ap, void *); -#endif - -#ifdef KRB5 -int kerberos5_init (Authenticator *, int); -int kerberos5_send_mutual (Authenticator *); -int kerberos5_send_oneway (Authenticator *); -void kerberos5_is (Authenticator *, unsigned char *, int); -void kerberos5_reply (Authenticator *, unsigned char *, int); -int kerberos5_status (Authenticator *, char *, size_t, int); -void kerberos5_printsub (unsigned char *, int, unsigned char *, int); -int kerberos5_set_forward(int); -int kerberos5_set_forwardable(int); -#endif -#endif diff --git a/crypto/heimdal/appl/telnet/libtelnet/auth.c b/crypto/heimdal/appl/telnet/libtelnet/auth.c deleted file mode 100644 index 13253034d176..000000000000 --- a/crypto/heimdal/appl/telnet/libtelnet/auth.c +++ /dev/null @@ -1,660 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America is assumed - * to require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include - -RCSID("$Id: auth.c 10809 2002-01-18 12:58:49Z joda $"); - -#if defined(AUTHENTICATION) -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#include -#define AUTH_NAMES -#ifdef HAVE_ARPA_TELNET_H -#include -#endif -#include -#include - -#include - -#ifdef SOCKS -#include -#endif - -#include "encrypt.h" -#include "auth.h" -#include "misc-proto.h" -#include "auth-proto.h" - -#define typemask(x) (1<<((x)-1)) - -#ifdef KRB4_ENCPWD -extern krb4encpwd_init(); -extern krb4encpwd_send(); -extern krb4encpwd_is(); -extern krb4encpwd_reply(); -extern krb4encpwd_status(); -extern krb4encpwd_printsub(); -#endif - -#ifdef RSA_ENCPWD -extern rsaencpwd_init(); -extern rsaencpwd_send(); -extern rsaencpwd_is(); -extern rsaencpwd_reply(); -extern rsaencpwd_status(); -extern rsaencpwd_printsub(); -#endif - -int auth_debug_mode = 0; -int auth_has_failed = 0; -int auth_enable_encrypt = 0; -static const char *Name = "Noname"; -static int Server = 0; -static Authenticator *authenticated = 0; -static int authenticating = 0; -static int validuser = 0; -static unsigned char _auth_send_data[256]; -static unsigned char *auth_send_data; -static int auth_send_cnt = 0; - -/* - * Authentication types supported. Plese note that these are stored - * in priority order, i.e. try the first one first. - */ -Authenticator authenticators[] = { -#ifdef UNSAFE - { AUTHTYPE_UNSAFE, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY, - unsafe_init, - unsafe_send, - unsafe_is, - unsafe_reply, - unsafe_status, - unsafe_printsub }, -#endif -#ifdef SRA - { AUTHTYPE_SRA, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY, - sra_init, - sra_send, - sra_is, - sra_reply, - sra_status, - sra_printsub }, -#endif -#ifdef SPX - { AUTHTYPE_SPX, AUTH_WHO_CLIENT|AUTH_HOW_MUTUAL, - spx_init, - spx_send, - spx_is, - spx_reply, - spx_status, - spx_printsub }, - { AUTHTYPE_SPX, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY, - spx_init, - spx_send, - spx_is, - spx_reply, - spx_status, - spx_printsub }, -#endif -#ifdef KRB5 - { AUTHTYPE_KERBEROS_V5, AUTH_WHO_CLIENT|AUTH_HOW_MUTUAL, - kerberos5_init, - kerberos5_send_mutual, - kerberos5_is, - kerberos5_reply, - kerberos5_status, - kerberos5_printsub }, - { AUTHTYPE_KERBEROS_V5, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY, - kerberos5_init, - kerberos5_send_oneway, - kerberos5_is, - kerberos5_reply, - kerberos5_status, - kerberos5_printsub }, -#endif -#ifdef KRB4 - { AUTHTYPE_KERBEROS_V4, AUTH_WHO_CLIENT|AUTH_HOW_MUTUAL, - kerberos4_init, - kerberos4_send_mutual, - kerberos4_is, - kerberos4_reply, - kerberos4_status, - kerberos4_printsub }, - { AUTHTYPE_KERBEROS_V4, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY, - kerberos4_init, - kerberos4_send_oneway, - kerberos4_is, - kerberos4_reply, - kerberos4_status, - kerberos4_printsub }, -#endif -#ifdef KRB4_ENCPWD - { AUTHTYPE_KRB4_ENCPWD, AUTH_WHO_CLIENT|AUTH_HOW_MUTUAL, - krb4encpwd_init, - krb4encpwd_send, - krb4encpwd_is, - krb4encpwd_reply, - krb4encpwd_status, - krb4encpwd_printsub }, -#endif -#ifdef RSA_ENCPWD - { AUTHTYPE_RSA_ENCPWD, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY, - rsaencpwd_init, - rsaencpwd_send, - rsaencpwd_is, - rsaencpwd_reply, - rsaencpwd_status, - rsaencpwd_printsub }, -#endif - { 0, }, -}; - -static Authenticator NoAuth = { 0 }; - -static int i_support = 0; -static int i_wont_support = 0; - -Authenticator * -findauthenticator(int type, int way) -{ - Authenticator *ap = authenticators; - - while (ap->type && (ap->type != type || ap->way != way)) - ++ap; - return(ap->type ? ap : 0); -} - -void -auth_init(const char *name, int server) -{ - Authenticator *ap = authenticators; - - Server = server; - Name = name; - - i_support = 0; - authenticated = 0; - authenticating = 0; - while (ap->type) { - if (!ap->init || (*ap->init)(ap, server)) { - i_support |= typemask(ap->type); - if (auth_debug_mode) - printf(">>>%s: I support auth type %d %d\r\n", - Name, - ap->type, ap->way); - } - else if (auth_debug_mode) - printf(">>>%s: Init failed: auth type %d %d\r\n", - Name, ap->type, ap->way); - ++ap; - } -} - -void -auth_disable_name(char *name) -{ - int x; - for (x = 0; x < AUTHTYPE_CNT; ++x) { - if (!strcasecmp(name, AUTHTYPE_NAME(x))) { - i_wont_support |= typemask(x); - break; - } - } -} - -int -getauthmask(char *type, int *maskp) -{ - int x; - - if (!strcasecmp(type, AUTHTYPE_NAME(0))) { - *maskp = -1; - return(1); - } - - for (x = 1; x < AUTHTYPE_CNT; ++x) { - if (!strcasecmp(type, AUTHTYPE_NAME(x))) { - *maskp = typemask(x); - return(1); - } - } - return(0); -} - -int -auth_enable(char *type) -{ - return(auth_onoff(type, 1)); -} - -int -auth_disable(char *type) -{ - return(auth_onoff(type, 0)); -} - -int -auth_onoff(char *type, int on) -{ - int i, mask = -1; - Authenticator *ap; - - if (!strcasecmp(type, "?") || !strcasecmp(type, "help")) { - printf("auth %s 'type'\n", on ? "enable" : "disable"); - printf("Where 'type' is one of:\n"); - printf("\t%s\n", AUTHTYPE_NAME(0)); - mask = 0; - for (ap = authenticators; ap->type; ap++) { - if ((mask & (i = typemask(ap->type))) != 0) - continue; - mask |= i; - printf("\t%s\n", AUTHTYPE_NAME(ap->type)); - } - return(0); - } - - if (!getauthmask(type, &mask)) { - printf("%s: invalid authentication type\n", type); - return(0); - } - if (on) - i_wont_support &= ~mask; - else - i_wont_support |= mask; - return(1); -} - -int -auth_togdebug(int on) -{ - if (on < 0) - auth_debug_mode ^= 1; - else - auth_debug_mode = on; - printf("auth debugging %s\n", auth_debug_mode ? "enabled" : "disabled"); - return(1); -} - -int -auth_status(void) -{ - Authenticator *ap; - int i, mask; - - if (i_wont_support == -1) - printf("Authentication disabled\n"); - else - printf("Authentication enabled\n"); - - mask = 0; - for (ap = authenticators; ap->type; ap++) { - if ((mask & (i = typemask(ap->type))) != 0) - continue; - mask |= i; - printf("%s: %s\n", AUTHTYPE_NAME(ap->type), - (i_wont_support & typemask(ap->type)) ? - "disabled" : "enabled"); - } - return(1); -} - -/* - * This routine is called by the server to start authentication - * negotiation. - */ -void -auth_request(void) -{ - static unsigned char str_request[64] = { IAC, SB, - TELOPT_AUTHENTICATION, - TELQUAL_SEND, }; - Authenticator *ap = authenticators; - unsigned char *e = str_request + 4; - - if (!authenticating) { - authenticating = 1; - while (ap->type) { - if (i_support & ~i_wont_support & typemask(ap->type)) { - if (auth_debug_mode) { - printf(">>>%s: Sending type %d %d\r\n", - Name, ap->type, ap->way); - } - *e++ = ap->type; - *e++ = ap->way; - } - ++ap; - } - *e++ = IAC; - *e++ = SE; - telnet_net_write(str_request, e - str_request); - printsub('>', &str_request[2], e - str_request - 2); - } -} - -/* - * This is called when an AUTH SEND is received. - * It should never arrive on the server side (as only the server can - * send an AUTH SEND). - * You should probably respond to it if you can... - * - * If you want to respond to the types out of order (i.e. even - * if he sends LOGIN KERBEROS and you support both, you respond - * with KERBEROS instead of LOGIN (which is against what the - * protocol says)) you will have to hack this code... - */ -void -auth_send(unsigned char *data, int cnt) -{ - Authenticator *ap; - static unsigned char str_none[] = { IAC, SB, TELOPT_AUTHENTICATION, - TELQUAL_IS, AUTHTYPE_NULL, 0, - IAC, SE }; - if (Server) { - if (auth_debug_mode) { - printf(">>>%s: auth_send called!\r\n", Name); - } - return; - } - - if (auth_debug_mode) { - printf(">>>%s: auth_send got:", Name); - printd(data, cnt); printf("\r\n"); - } - - /* - * Save the data, if it is new, so that we can continue looking - * at it if the authorization we try doesn't work - */ - if (data < _auth_send_data || - data > _auth_send_data + sizeof(_auth_send_data)) { - auth_send_cnt = cnt > sizeof(_auth_send_data) - ? sizeof(_auth_send_data) - : cnt; - memmove(_auth_send_data, data, auth_send_cnt); - auth_send_data = _auth_send_data; - } else { - /* - * This is probably a no-op, but we just make sure - */ - auth_send_data = data; - auth_send_cnt = cnt; - } - while ((auth_send_cnt -= 2) >= 0) { - if (auth_debug_mode) - printf(">>>%s: He supports %d\r\n", - Name, *auth_send_data); - if ((i_support & ~i_wont_support) & typemask(*auth_send_data)) { - ap = findauthenticator(auth_send_data[0], - auth_send_data[1]); - if (ap && ap->send) { - if (auth_debug_mode) - printf(">>>%s: Trying %d %d\r\n", - Name, auth_send_data[0], - auth_send_data[1]); - if ((*ap->send)(ap)) { - /* - * Okay, we found one we like - * and did it. - * we can go home now. - */ - if (auth_debug_mode) - printf(">>>%s: Using type %d\r\n", - Name, *auth_send_data); - auth_send_data += 2; - return; - } - } - /* else - * just continue on and look for the - * next one if we didn't do anything. - */ - } - auth_send_data += 2; - } - telnet_net_write(str_none, sizeof(str_none)); - printsub('>', &str_none[2], sizeof(str_none) - 2); - if (auth_debug_mode) - printf(">>>%s: Sent failure message\r\n", Name); - auth_finished(0, AUTH_REJECT); - auth_has_failed = 1; -#ifdef KANNAN - /* - * We requested strong authentication, however no mechanisms worked. - * Therefore, exit on client end. - */ - printf("Unable to securely authenticate user ... exit\n"); - exit(0); -#endif /* KANNAN */ -} - -void -auth_send_retry(void) -{ - /* - * if auth_send_cnt <= 0 then auth_send will end up rejecting - * the authentication and informing the other side of this. - */ - auth_send(auth_send_data, auth_send_cnt); -} - -void -auth_is(unsigned char *data, int cnt) -{ - Authenticator *ap; - - if (cnt < 2) - return; - - if (data[0] == AUTHTYPE_NULL) { - auth_finished(0, AUTH_REJECT); - return; - } - - if ((ap = findauthenticator(data[0], data[1]))) { - if (ap->is) - (*ap->is)(ap, data+2, cnt-2); - } else if (auth_debug_mode) - printf(">>>%s: Invalid authentication in IS: %d\r\n", - Name, *data); -} - -void -auth_reply(unsigned char *data, int cnt) -{ - Authenticator *ap; - - if (cnt < 2) - return; - - if ((ap = findauthenticator(data[0], data[1]))) { - if (ap->reply) - (*ap->reply)(ap, data+2, cnt-2); - } else if (auth_debug_mode) - printf(">>>%s: Invalid authentication in SEND: %d\r\n", - Name, *data); -} - -void -auth_name(unsigned char *data, int cnt) -{ - char savename[256]; - - if (cnt < 1) { - if (auth_debug_mode) - printf(">>>%s: Empty name in NAME\r\n", Name); - return; - } - if (cnt > sizeof(savename) - 1) { - if (auth_debug_mode) - printf(">>>%s: Name in NAME (%d) exceeds %lu length\r\n", - Name, cnt, (unsigned long)(sizeof(savename)-1)); - return; - } - memmove(savename, data, cnt); - savename[cnt] = '\0'; /* Null terminate */ - if (auth_debug_mode) - printf(">>>%s: Got NAME [%s]\r\n", Name, savename); - auth_encrypt_user(savename); -} - -int -auth_sendname(unsigned char *cp, int len) -{ - static unsigned char str_request[256+6] - = { IAC, SB, TELOPT_AUTHENTICATION, TELQUAL_NAME, }; - unsigned char *e = str_request + 4; - unsigned char *ee = &str_request[sizeof(str_request)-2]; - - while (--len >= 0) { - if ((*e++ = *cp++) == IAC) - *e++ = IAC; - if (e >= ee) - return(0); - } - *e++ = IAC; - *e++ = SE; - telnet_net_write(str_request, e - str_request); - printsub('>', &str_request[2], e - &str_request[2]); - return(1); -} - -void -auth_finished(Authenticator *ap, int result) -{ - if (!(authenticated = ap)) - authenticated = &NoAuth; - validuser = result; -} - -/* ARGSUSED */ -static void -auth_intr(int sig) -{ - auth_finished(0, AUTH_REJECT); -} - -int -auth_wait(char *name, size_t name_sz) -{ - if (auth_debug_mode) - printf(">>>%s: in auth_wait.\r\n", Name); - - if (Server && !authenticating) - return(0); - - signal(SIGALRM, auth_intr); - alarm(30); - while (!authenticated) - if (telnet_spin()) - break; - alarm(0); - signal(SIGALRM, SIG_DFL); - - /* - * Now check to see if the user is valid or not - */ - if (!authenticated || authenticated == &NoAuth) - return(AUTH_REJECT); - - if (validuser == AUTH_VALID) - validuser = AUTH_USER; - - if (authenticated->status) - validuser = (*authenticated->status)(authenticated, - name, name_sz, - validuser); - return(validuser); -} - -void -auth_debug(int mode) -{ - auth_debug_mode = mode; -} - -void -auth_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) -{ - Authenticator *ap; - - if ((ap = findauthenticator(data[1], data[2])) && ap->printsub) - (*ap->printsub)(data, cnt, buf, buflen); - else - auth_gen_printsub(data, cnt, buf, buflen); -} - -void -auth_gen_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) -{ - unsigned char *cp; - unsigned char tbuf[16]; - - cnt -= 3; - data += 3; - buf[buflen-1] = '\0'; - buf[buflen-2] = '*'; - buflen -= 2; - for (; cnt > 0; cnt--, data++) { - snprintf((char*)tbuf, sizeof(tbuf), " %d", *data); - for (cp = tbuf; *cp && buflen > 0; --buflen) - *buf++ = *cp++; - if (buflen <= 0) - return; - } - *buf = '\0'; -} -#endif diff --git a/crypto/heimdal/appl/telnet/libtelnet/auth.h b/crypto/heimdal/appl/telnet/libtelnet/auth.h deleted file mode 100644 index 924881588af3..000000000000 --- a/crypto/heimdal/appl/telnet/libtelnet/auth.h +++ /dev/null @@ -1,81 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)auth.h 8.1 (Berkeley) 6/4/93 - */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America is assumed - * to require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -/* $Id: auth.h 5027 1998-06-09 19:25:40Z joda $ */ - -#ifndef __AUTH__ -#define __AUTH__ - -#define AUTH_REJECT 0 /* Rejected */ -#define AUTH_UNKNOWN 1 /* We don't know who he is, but he's okay */ -#define AUTH_OTHER 2 /* We know him, but not his name */ -#define AUTH_USER 3 /* We know he name */ -#define AUTH_VALID 4 /* We know him, and he needs no password */ - -typedef struct XauthP { - int type; - int way; - int (*init) (struct XauthP *, int); - int (*send) (struct XauthP *); - void (*is) (struct XauthP *, unsigned char *, int); - void (*reply) (struct XauthP *, unsigned char *, int); - int (*status) (struct XauthP *, char *, size_t, int); - void (*printsub) (unsigned char *, int, unsigned char *, int); -} Authenticator; - -#include "auth-proto.h" - -extern int auth_debug_mode; -#endif diff --git a/crypto/heimdal/appl/telnet/libtelnet/enc-proto.h b/crypto/heimdal/appl/telnet/libtelnet/enc-proto.h deleted file mode 100644 index a40893bb8d36..000000000000 --- a/crypto/heimdal/appl/telnet/libtelnet/enc-proto.h +++ /dev/null @@ -1,133 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)enc-proto.h 8.1 (Berkeley) 6/4/93 - * - * @(#)enc-proto.h 5.2 (Berkeley) 3/22/91 - */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America is assumed - * to require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -/* $Id: enc-proto.h 10809 2002-01-18 12:58:49Z joda $ */ - -#if defined(ENCRYPTION) -Encryptions *findencryption (int); -Encryptions *finddecryption(int); -int EncryptAutoDec(int); -int EncryptAutoEnc(int); -int EncryptDebug(int); -int EncryptDisable(char*, char*); -int EncryptEnable(char*, char*); -int EncryptStart(char*); -int EncryptStartInput(void); -int EncryptStartOutput(void); -int EncryptStatus(void); -int EncryptStop(char*); -int EncryptStopInput(void); -int EncryptStopOutput(void); -int EncryptType(char*, char*); -int EncryptVerbose(int); -void decrypt_auto(int); -void encrypt_auto(int); -void encrypt_debug(int); -void encrypt_dec_keyid(unsigned char*, int); -void encrypt_display(void); -void encrypt_enc_keyid(unsigned char*, int); -void encrypt_end(void); -void encrypt_gen_printsub(unsigned char*, int, unsigned char*, int); -void encrypt_init(const char*, int); -void encrypt_is(unsigned char*, int); -void encrypt_list_types(void); -void encrypt_not(void); -void encrypt_printsub(unsigned char*, int, unsigned char*, int); -void encrypt_reply(unsigned char*, int); -void encrypt_request_end(void); -void encrypt_request_start(unsigned char*, int); -void encrypt_send_end(void); -void encrypt_send_keyid(int, unsigned char*, int, int); -void encrypt_send_request_end(void); -int encrypt_is_encrypting(void); -void encrypt_send_request_start(void); -void encrypt_send_support(void); -void encrypt_session_key(Session_Key*, int); -void encrypt_start(unsigned char*, int); -void encrypt_start_output(int); -void encrypt_support(unsigned char*, int); -void encrypt_verbose_quiet(int); -void encrypt_wait(void); -int encrypt_delay(void); - -#ifdef TELENTD -void encrypt_wait (void); -#else -void encrypt_display (void); -#endif - -void cfb64_encrypt (unsigned char *, int); -int cfb64_decrypt (int); -void cfb64_init (int); -int cfb64_start (int, int); -int cfb64_is (unsigned char *, int); -int cfb64_reply (unsigned char *, int); -void cfb64_session (Session_Key *, int); -int cfb64_keyid (int, unsigned char *, int *); -void cfb64_printsub (unsigned char *, int, unsigned char *, int); - -void ofb64_encrypt (unsigned char *, int); -int ofb64_decrypt (int); -void ofb64_init (int); -int ofb64_start (int, int); -int ofb64_is (unsigned char *, int); -int ofb64_reply (unsigned char *, int); -void ofb64_session (Session_Key *, int); -int ofb64_keyid (int, unsigned char *, int *); -void ofb64_printsub (unsigned char *, int, unsigned char *, int); - -#endif diff --git a/crypto/heimdal/appl/telnet/libtelnet/enc_des.c b/crypto/heimdal/appl/telnet/libtelnet/enc_des.c deleted file mode 100644 index 13dd9daf38e0..000000000000 --- a/crypto/heimdal/appl/telnet/libtelnet/enc_des.c +++ /dev/null @@ -1,674 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: enc_des.c 14681 2005-03-23 16:19:31Z lha $"); - -#if defined(AUTHENTICATION) && defined(ENCRYPTION) && defined(DES_ENCRYPTION) -#include -#include -#ifdef __STDC__ -#include -#include -#endif -#include -#ifdef SOCKS -#include -#endif - -#include "encrypt.h" -#include "misc-proto.h" - -#include "crypto-headers.h" - -extern int encrypt_debug_mode; - -#define CFB 0 -#define OFB 1 - -#define NO_SEND_IV 1 -#define NO_RECV_IV 2 -#define NO_KEYID 4 -#define IN_PROGRESS (NO_SEND_IV|NO_RECV_IV|NO_KEYID) -#define SUCCESS 0 -#define FAILED -1 - - -struct stinfo { - DES_cblock str_output; - DES_cblock str_feed; - DES_cblock str_iv; - DES_cblock str_ikey; - DES_key_schedule str_sched; - int str_index; - int str_flagshift; -}; - -struct fb { - DES_cblock krbdes_key; - DES_key_schedule krbdes_sched; - DES_cblock temp_feed; - unsigned char fb_feed[64]; - int need_start; - int state[2]; - int keyid[2]; - int once; - struct stinfo streams[2]; -}; - -static struct fb fb[2]; - -struct keyidlist { - char *keyid; - int keyidlen; - char *key; - int keylen; - int flags; -} keyidlist [] = { - { "\0", 1, 0, 0, 0 }, /* default key of zero */ - { 0, 0, 0, 0, 0 } -}; - -#define KEYFLAG_MASK 03 - -#define KEYFLAG_NOINIT 00 -#define KEYFLAG_INIT 01 -#define KEYFLAG_OK 02 -#define KEYFLAG_BAD 03 - -#define KEYFLAG_SHIFT 2 - -#define SHIFT_VAL(a,b) (KEYFLAG_SHIFT*((a)+((b)*2))) - -#define FB64_IV 1 -#define FB64_IV_OK 2 -#define FB64_IV_BAD 3 - - -void fb64_stream_iv (DES_cblock, struct stinfo *); -void fb64_init (struct fb *); -static int fb64_start (struct fb *, int, int); -int fb64_is (unsigned char *, int, struct fb *); -int fb64_reply (unsigned char *, int, struct fb *); -static void fb64_session (Session_Key *, int, struct fb *); -void fb64_stream_key (DES_cblock, struct stinfo *); -int fb64_keyid (int, unsigned char *, int *, struct fb *); -void fb64_printsub(unsigned char *, int , - unsigned char *, int , char *); - -void cfb64_init(int server) -{ - fb64_init(&fb[CFB]); - fb[CFB].fb_feed[4] = ENCTYPE_DES_CFB64; - fb[CFB].streams[0].str_flagshift = SHIFT_VAL(0, CFB); - fb[CFB].streams[1].str_flagshift = SHIFT_VAL(1, CFB); -} - - -void ofb64_init(int server) -{ - fb64_init(&fb[OFB]); - fb[OFB].fb_feed[4] = ENCTYPE_DES_OFB64; - fb[CFB].streams[0].str_flagshift = SHIFT_VAL(0, OFB); - fb[CFB].streams[1].str_flagshift = SHIFT_VAL(1, OFB); -} - -void fb64_init(struct fb *fbp) -{ - memset(fbp,0, sizeof(*fbp)); - fbp->state[0] = fbp->state[1] = FAILED; - fbp->fb_feed[0] = IAC; - fbp->fb_feed[1] = SB; - fbp->fb_feed[2] = TELOPT_ENCRYPT; - fbp->fb_feed[3] = ENCRYPT_IS; -} - -/* - * Returns: - * -1: some error. Negotiation is done, encryption not ready. - * 0: Successful, initial negotiation all done. - * 1: successful, negotiation not done yet. - * 2: Not yet. Other things (like getting the key from - * Kerberos) have to happen before we can continue. - */ -int cfb64_start(int dir, int server) -{ - return(fb64_start(&fb[CFB], dir, server)); -} - -int ofb64_start(int dir, int server) -{ - return(fb64_start(&fb[OFB], dir, server)); -} - -static int fb64_start(struct fb *fbp, int dir, int server) -{ - int x; - unsigned char *p; - int state; - - switch (dir) { - case DIR_DECRYPT: - /* - * This is simply a request to have the other side - * start output (our input). He will negotiate an - * IV so we need not look for it. - */ - state = fbp->state[dir-1]; - if (state == FAILED) - state = IN_PROGRESS; - break; - - case DIR_ENCRYPT: - state = fbp->state[dir-1]; - if (state == FAILED) - state = IN_PROGRESS; - else if ((state & NO_SEND_IV) == 0) { - break; - } - - if (!VALIDKEY(fbp->krbdes_key)) { - fbp->need_start = 1; - break; - } - - state &= ~NO_SEND_IV; - state |= NO_RECV_IV; - if (encrypt_debug_mode) - printf("Creating new feed\r\n"); - /* - * Create a random feed and send it over. - */ -#ifndef OLD_DES_RANDOM_KEY - DES_random_key(&fbp->temp_feed); -#else - /* - * From des_cryp.man "If the des_check_key flag is non-zero, - * des_set_key will check that the key passed is - * of odd parity and is not a week or semi-weak key." - */ - do { - DES_random_key(fbp->temp_feed); - DES_set_odd_parity(fbp->temp_feed); - } while (DES_is_weak_key(fbp->temp_feed)); -#endif - DES_ecb_encrypt(&fbp->temp_feed, - &fbp->temp_feed, - &fbp->krbdes_sched, 1); - p = fbp->fb_feed + 3; - *p++ = ENCRYPT_IS; - p++; - *p++ = FB64_IV; - for (x = 0; x < sizeof(DES_cblock); ++x) { - if ((*p++ = fbp->temp_feed[x]) == IAC) - *p++ = IAC; - } - *p++ = IAC; - *p++ = SE; - printsub('>', &fbp->fb_feed[2], p - &fbp->fb_feed[2]); - telnet_net_write(fbp->fb_feed, p - fbp->fb_feed); - break; - default: - return(FAILED); - } - return(fbp->state[dir-1] = state); -} - -/* - * Returns: - * -1: some error. Negotiation is done, encryption not ready. - * 0: Successful, initial negotiation all done. - * 1: successful, negotiation not done yet. - */ - -int cfb64_is(unsigned char *data, int cnt) -{ - return(fb64_is(data, cnt, &fb[CFB])); -} - -int ofb64_is(unsigned char *data, int cnt) -{ - return(fb64_is(data, cnt, &fb[OFB])); -} - - -int fb64_is(unsigned char *data, int cnt, struct fb *fbp) -{ - unsigned char *p; - int state = fbp->state[DIR_DECRYPT-1]; - - if (cnt-- < 1) - goto failure; - - switch (*data++) { - case FB64_IV: - if (cnt != sizeof(DES_cblock)) { - if (encrypt_debug_mode) - printf("CFB64: initial vector failed on size\r\n"); - state = FAILED; - goto failure; - } - - if (encrypt_debug_mode) - printf("CFB64: initial vector received\r\n"); - - if (encrypt_debug_mode) - printf("Initializing Decrypt stream\r\n"); - - fb64_stream_iv(data, &fbp->streams[DIR_DECRYPT-1]); - - p = fbp->fb_feed + 3; - *p++ = ENCRYPT_REPLY; - p++; - *p++ = FB64_IV_OK; - *p++ = IAC; - *p++ = SE; - printsub('>', &fbp->fb_feed[2], p - &fbp->fb_feed[2]); - telnet_net_write(fbp->fb_feed, p - fbp->fb_feed); - - state = fbp->state[DIR_DECRYPT-1] = IN_PROGRESS; - break; - - default: - if (encrypt_debug_mode) { - printf("Unknown option type: %d\r\n", *(data-1)); - printd(data, cnt); - printf("\r\n"); - } - /* FALL THROUGH */ - failure: - /* - * We failed. Send an FB64_IV_BAD option - * to the other side so it will know that - * things failed. - */ - p = fbp->fb_feed + 3; - *p++ = ENCRYPT_REPLY; - p++; - *p++ = FB64_IV_BAD; - *p++ = IAC; - *p++ = SE; - printsub('>', &fbp->fb_feed[2], p - &fbp->fb_feed[2]); - telnet_net_write(fbp->fb_feed, p - fbp->fb_feed); - - break; - } - return(fbp->state[DIR_DECRYPT-1] = state); -} - -/* - * Returns: - * -1: some error. Negotiation is done, encryption not ready. - * 0: Successful, initial negotiation all done. - * 1: successful, negotiation not done yet. - */ - -int cfb64_reply(unsigned char *data, int cnt) -{ - return(fb64_reply(data, cnt, &fb[CFB])); -} - -int ofb64_reply(unsigned char *data, int cnt) -{ - return(fb64_reply(data, cnt, &fb[OFB])); -} - - -int fb64_reply(unsigned char *data, int cnt, struct fb *fbp) -{ - int state = fbp->state[DIR_ENCRYPT-1]; - - if (cnt-- < 1) - goto failure; - - switch (*data++) { - case FB64_IV_OK: - fb64_stream_iv(fbp->temp_feed, &fbp->streams[DIR_ENCRYPT-1]); - if (state == FAILED) - state = IN_PROGRESS; - state &= ~NO_RECV_IV; - encrypt_send_keyid(DIR_ENCRYPT, (unsigned char *)"\0", 1, 1); - break; - - case FB64_IV_BAD: - memset(fbp->temp_feed, 0, sizeof(DES_cblock)); - fb64_stream_iv(fbp->temp_feed, &fbp->streams[DIR_ENCRYPT-1]); - state = FAILED; - break; - - default: - if (encrypt_debug_mode) { - printf("Unknown option type: %d\r\n", data[-1]); - printd(data, cnt); - printf("\r\n"); - } - /* FALL THROUGH */ - failure: - state = FAILED; - break; - } - return(fbp->state[DIR_ENCRYPT-1] = state); -} - -void cfb64_session(Session_Key *key, int server) -{ - fb64_session(key, server, &fb[CFB]); -} - -void ofb64_session(Session_Key *key, int server) -{ - fb64_session(key, server, &fb[OFB]); -} - -static void fb64_session(Session_Key *key, int server, struct fb *fbp) -{ - - if (!key || key->type != SK_DES) { - if (encrypt_debug_mode) - printf("Can't set krbdes's session key (%d != %d)\r\n", - key ? key->type : -1, SK_DES); - return; - } - memcpy(fbp->krbdes_key, key->data, sizeof(DES_cblock)); - - fb64_stream_key(fbp->krbdes_key, &fbp->streams[DIR_ENCRYPT-1]); - fb64_stream_key(fbp->krbdes_key, &fbp->streams[DIR_DECRYPT-1]); - - if (fbp->once == 0) { -#if !defined(OLD_DES_RANDOM_KEY) && !defined(HAVE_OPENSSL) - DES_init_random_number_generator(&fbp->krbdes_key); -#endif - fbp->once = 1; - } - DES_set_key_checked((DES_cblock *)&fbp->krbdes_key, - &fbp->krbdes_sched); - /* - * Now look to see if krbdes_start() was was waiting for - * the key to show up. If so, go ahead an call it now - * that we have the key. - */ - if (fbp->need_start) { - fbp->need_start = 0; - fb64_start(fbp, DIR_ENCRYPT, server); - } -} - -/* - * We only accept a keyid of 0. If we get a keyid of - * 0, then mark the state as SUCCESS. - */ - -int cfb64_keyid(int dir, unsigned char *kp, int *lenp) -{ - return(fb64_keyid(dir, kp, lenp, &fb[CFB])); -} - -int ofb64_keyid(int dir, unsigned char *kp, int *lenp) -{ - return(fb64_keyid(dir, kp, lenp, &fb[OFB])); -} - -int fb64_keyid(int dir, unsigned char *kp, int *lenp, struct fb *fbp) -{ - int state = fbp->state[dir-1]; - - if (*lenp != 1 || (*kp != '\0')) { - *lenp = 0; - return(state); - } - - if (state == FAILED) - state = IN_PROGRESS; - - state &= ~NO_KEYID; - - return(fbp->state[dir-1] = state); -} - -void fb64_printsub(unsigned char *data, int cnt, - unsigned char *buf, int buflen, char *type) -{ - char lbuf[32]; - int i; - char *cp; - - buf[buflen-1] = '\0'; /* make sure it's NULL terminated */ - buflen -= 1; - - switch(data[2]) { - case FB64_IV: - snprintf(lbuf, sizeof(lbuf), "%s_IV", type); - cp = lbuf; - goto common; - - case FB64_IV_OK: - snprintf(lbuf, sizeof(lbuf), "%s_IV_OK", type); - cp = lbuf; - goto common; - - case FB64_IV_BAD: - snprintf(lbuf, sizeof(lbuf), "%s_IV_BAD", type); - cp = lbuf; - goto common; - - default: - snprintf(lbuf, sizeof(lbuf), " %d (unknown)", data[2]); - cp = lbuf; - common: - for (; (buflen > 0) && (*buf = *cp++); buf++) - buflen--; - for (i = 3; i < cnt; i++) { - snprintf(lbuf, sizeof(lbuf), " %d", data[i]); - for (cp = lbuf; (buflen > 0) && (*buf = *cp++); buf++) - buflen--; - } - break; - } -} - -void cfb64_printsub(unsigned char *data, int cnt, - unsigned char *buf, int buflen) -{ - fb64_printsub(data, cnt, buf, buflen, "CFB64"); -} - -void ofb64_printsub(unsigned char *data, int cnt, - unsigned char *buf, int buflen) -{ - fb64_printsub(data, cnt, buf, buflen, "OFB64"); -} - -void fb64_stream_iv(DES_cblock seed, struct stinfo *stp) -{ - - memcpy(stp->str_iv, seed,sizeof(DES_cblock)); - memcpy(stp->str_output, seed, sizeof(DES_cblock)); - - DES_set_key_checked(&stp->str_ikey, &stp->str_sched); - - stp->str_index = sizeof(DES_cblock); -} - -void fb64_stream_key(DES_cblock key, struct stinfo *stp) -{ - memcpy(stp->str_ikey, key, sizeof(DES_cblock)); - DES_set_key_checked((DES_cblock*)key, &stp->str_sched); - - memcpy(stp->str_output, stp->str_iv, sizeof(DES_cblock)); - - stp->str_index = sizeof(DES_cblock); -} - -/* - * DES 64 bit Cipher Feedback - * - * key --->+-----+ - * +->| DES |--+ - * | +-----+ | - * | v - * INPUT --(--------->(+)+---> DATA - * | | - * +-------------+ - * - * - * Given: - * iV: Initial vector, 64 bits (8 bytes) long. - * Dn: the nth chunk of 64 bits (8 bytes) of data to encrypt (decrypt). - * On: the nth chunk of 64 bits (8 bytes) of encrypted (decrypted) output. - * - * V0 = DES(iV, key) - * On = Dn ^ Vn - * V(n+1) = DES(On, key) - */ - -void cfb64_encrypt(unsigned char *s, int c) -{ - struct stinfo *stp = &fb[CFB].streams[DIR_ENCRYPT-1]; - int index; - - index = stp->str_index; - while (c-- > 0) { - if (index == sizeof(DES_cblock)) { - DES_cblock b; - DES_ecb_encrypt(&stp->str_output, &b,&stp->str_sched, 1); - memcpy(stp->str_feed, b, sizeof(DES_cblock)); - index = 0; - } - - /* On encryption, we store (feed ^ data) which is cypher */ - *s = stp->str_output[index] = (stp->str_feed[index] ^ *s); - s++; - index++; - } - stp->str_index = index; -} - -int cfb64_decrypt(int data) -{ - struct stinfo *stp = &fb[CFB].streams[DIR_DECRYPT-1]; - int index; - - if (data == -1) { - /* - * Back up one byte. It is assumed that we will - * never back up more than one byte. If we do, this - * may or may not work. - */ - if (stp->str_index) - --stp->str_index; - return(0); - } - - index = stp->str_index++; - if (index == sizeof(DES_cblock)) { - DES_cblock b; - DES_ecb_encrypt(&stp->str_output,&b, &stp->str_sched, 1); - memcpy(stp->str_feed, b, sizeof(DES_cblock)); - stp->str_index = 1; /* Next time will be 1 */ - index = 0; /* But now use 0 */ - } - - /* On decryption we store (data) which is cypher. */ - stp->str_output[index] = data; - return(data ^ stp->str_feed[index]); -} - -/* - * DES 64 bit Output Feedback - * - * key --->+-----+ - * +->| DES |--+ - * | +-----+ | - * +-----------+ - * v - * INPUT -------->(+) ----> DATA - * - * Given: - * iV: Initial vector, 64 bits (8 bytes) long. - * Dn: the nth chunk of 64 bits (8 bytes) of data to encrypt (decrypt). - * On: the nth chunk of 64 bits (8 bytes) of encrypted (decrypted) output. - * - * V0 = DES(iV, key) - * V(n+1) = DES(Vn, key) - * On = Dn ^ Vn - */ - -void ofb64_encrypt(unsigned char *s, int c) -{ - struct stinfo *stp = &fb[OFB].streams[DIR_ENCRYPT-1]; - int index; - - index = stp->str_index; - while (c-- > 0) { - if (index == sizeof(DES_cblock)) { - DES_cblock b; - DES_ecb_encrypt(&stp->str_feed,&b, &stp->str_sched, 1); - memcpy(stp->str_feed, b, sizeof(DES_cblock)); - index = 0; - } - *s++ ^= stp->str_feed[index]; - index++; - } - stp->str_index = index; -} - -int ofb64_decrypt(int data) -{ - struct stinfo *stp = &fb[OFB].streams[DIR_DECRYPT-1]; - int index; - - if (data == -1) { - /* - * Back up one byte. It is assumed that we will - * never back up more than one byte. If we do, this - * may or may not work. - */ - if (stp->str_index) - --stp->str_index; - return(0); - } - - index = stp->str_index++; - if (index == sizeof(DES_cblock)) { - DES_cblock b; - DES_ecb_encrypt(&stp->str_feed,&b,&stp->str_sched, 1); - memcpy(stp->str_feed, b, sizeof(DES_cblock)); - stp->str_index = 1; /* Next time will be 1 */ - index = 0; /* But now use 0 */ - } - - return(data ^ stp->str_feed[index]); -} -#endif - diff --git a/crypto/heimdal/appl/telnet/libtelnet/encrypt.c b/crypto/heimdal/appl/telnet/libtelnet/encrypt.c deleted file mode 100644 index 04dbe83d5c5e..000000000000 --- a/crypto/heimdal/appl/telnet/libtelnet/encrypt.c +++ /dev/null @@ -1,1002 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America is assumed - * to require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - - -#include - -RCSID("$Id: encrypt.c 16802 2006-03-23 19:36:31Z lha $"); - -#if defined(ENCRYPTION) - -#define ENCRYPT_NAMES -#include - -#include "encrypt.h" -#include "misc.h" - -#include -#include -#include -#include -#ifdef SOCKS -#include -#endif - - -/* - * These functions pointers point to the current routines - * for encrypting and decrypting data. - */ -void (*encrypt_output) (unsigned char *, int); -int (*decrypt_input) (int); -char *nclearto; - -int encrypt_debug_mode = 0; -static int decrypt_mode = 0; -static int encrypt_mode = 0; -static int encrypt_verbose = 0; -static int autoencrypt = 0; -static int autodecrypt = 0; -static int havesessionkey = 0; -static int Server = 0; -static const char *Name = "Noname"; - -#define typemask(x) ((x) > 0 ? 1 << ((x)-1) : 0) - -static long i_support_encrypt = typemask(ENCTYPE_DES_CFB64) - | typemask(ENCTYPE_DES_OFB64); - static long i_support_decrypt = typemask(ENCTYPE_DES_CFB64) - | typemask(ENCTYPE_DES_OFB64); - static long i_wont_support_encrypt = 0; - static long i_wont_support_decrypt = 0; -#define I_SUPPORT_ENCRYPT (i_support_encrypt & ~i_wont_support_encrypt) -#define I_SUPPORT_DECRYPT (i_support_decrypt & ~i_wont_support_decrypt) - - static long remote_supports_encrypt = 0; - static long remote_supports_decrypt = 0; - - static Encryptions encryptions[] = { -#if defined(DES_ENCRYPTION) - { "DES_CFB64", ENCTYPE_DES_CFB64, - cfb64_encrypt, - cfb64_decrypt, - cfb64_init, - cfb64_start, - cfb64_is, - cfb64_reply, - cfb64_session, - cfb64_keyid, - cfb64_printsub }, - { "DES_OFB64", ENCTYPE_DES_OFB64, - ofb64_encrypt, - ofb64_decrypt, - ofb64_init, - ofb64_start, - ofb64_is, - ofb64_reply, - ofb64_session, - ofb64_keyid, - ofb64_printsub }, -#endif - { 0, }, - }; - -static unsigned char str_send[64] = { IAC, SB, TELOPT_ENCRYPT, - ENCRYPT_SUPPORT }; -static unsigned char str_suplen = 0; -static unsigned char str_start[72] = { IAC, SB, TELOPT_ENCRYPT }; -static unsigned char str_end[] = { IAC, SB, TELOPT_ENCRYPT, 0, IAC, SE }; - -Encryptions * -findencryption(int type) -{ - Encryptions *ep = encryptions; - - if (!(I_SUPPORT_ENCRYPT & remote_supports_decrypt & typemask(type))) - return(0); - while (ep->type && ep->type != type) - ++ep; - return(ep->type ? ep : 0); -} - -Encryptions * -finddecryption(int type) -{ - Encryptions *ep = encryptions; - - if (!(I_SUPPORT_DECRYPT & remote_supports_encrypt & typemask(type))) - return(0); - while (ep->type && ep->type != type) - ++ep; - return(ep->type ? ep : 0); -} - -#define MAXKEYLEN 64 - -static struct key_info { - unsigned char keyid[MAXKEYLEN]; - int keylen; - int dir; - int *modep; - Encryptions *(*getcrypt)(); -} ki[2] = { - { { 0 }, 0, DIR_ENCRYPT, &encrypt_mode, findencryption }, - { { 0 }, 0, DIR_DECRYPT, &decrypt_mode, finddecryption }, -}; - -void -encrypt_init(const char *name, int server) -{ - Encryptions *ep = encryptions; - - Name = name; - Server = server; - i_support_encrypt = i_support_decrypt = 0; - remote_supports_encrypt = remote_supports_decrypt = 0; - encrypt_mode = 0; - decrypt_mode = 0; - encrypt_output = 0; - decrypt_input = 0; -#ifdef notdef - encrypt_verbose = !server; -#endif - - str_suplen = 4; - - while (ep->type) { - if (encrypt_debug_mode) - printf(">>>%s: I will support %s\r\n", - Name, ENCTYPE_NAME(ep->type)); - i_support_encrypt |= typemask(ep->type); - i_support_decrypt |= typemask(ep->type); - if ((i_wont_support_decrypt & typemask(ep->type)) == 0) - if ((str_send[str_suplen++] = ep->type) == IAC) - str_send[str_suplen++] = IAC; - if (ep->init) - (*ep->init)(Server); - ++ep; - } - str_send[str_suplen++] = IAC; - str_send[str_suplen++] = SE; -} - -void -encrypt_list_types(void) -{ - Encryptions *ep = encryptions; - - printf("Valid encryption types:\n"); - while (ep->type) { - printf("\t%s (%d)\r\n", ENCTYPE_NAME(ep->type), ep->type); - ++ep; - } -} - -int -EncryptEnable(char *type, char *mode) -{ - if (isprefix(type, "help") || isprefix(type, "?")) { - printf("Usage: encrypt enable [input|output]\n"); - encrypt_list_types(); - return(0); - } - if (EncryptType(type, mode)) - return(EncryptStart(mode)); - return(0); -} - -int -EncryptDisable(char *type, char *mode) -{ - Encryptions *ep; - int ret = 0; - - if (isprefix(type, "help") || isprefix(type, "?")) { - printf("Usage: encrypt disable [input|output]\n"); - encrypt_list_types(); - } else if ((ep = (Encryptions *)genget(type, (char**)encryptions, - sizeof(Encryptions))) == 0) { - printf("%s: invalid encryption type\n", type); - } else if (Ambiguous(ep)) { - printf("Ambiguous type '%s'\n", type); - } else { - if ((mode == 0) || (isprefix(mode, "input") ? 1 : 0)) { - if (decrypt_mode == ep->type) - EncryptStopInput(); - i_wont_support_decrypt |= typemask(ep->type); - ret = 1; - } - if ((mode == 0) || (isprefix(mode, "output"))) { - if (encrypt_mode == ep->type) - EncryptStopOutput(); - i_wont_support_encrypt |= typemask(ep->type); - ret = 1; - } - if (ret == 0) - printf("%s: invalid encryption mode\n", mode); - } - return(ret); -} - -int -EncryptType(char *type, char *mode) -{ - Encryptions *ep; - int ret = 0; - - if (isprefix(type, "help") || isprefix(type, "?")) { - printf("Usage: encrypt type [input|output]\n"); - encrypt_list_types(); - } else if ((ep = (Encryptions *)genget(type, (char**)encryptions, - sizeof(Encryptions))) == 0) { - printf("%s: invalid encryption type\n", type); - } else if (Ambiguous(ep)) { - printf("Ambiguous type '%s'\n", type); - } else { - if ((mode == 0) || isprefix(mode, "input")) { - decrypt_mode = ep->type; - i_wont_support_decrypt &= ~typemask(ep->type); - ret = 1; - } - if ((mode == 0) || isprefix(mode, "output")) { - encrypt_mode = ep->type; - i_wont_support_encrypt &= ~typemask(ep->type); - ret = 1; - } - if (ret == 0) - printf("%s: invalid encryption mode\n", mode); - } - return(ret); -} - -int -EncryptStart(char *mode) -{ - int ret = 0; - if (mode) { - if (isprefix(mode, "input")) - return(EncryptStartInput()); - if (isprefix(mode, "output")) - return(EncryptStartOutput()); - if (isprefix(mode, "help") || isprefix(mode, "?")) { - printf("Usage: encrypt start [input|output]\n"); - return(0); - } - printf("%s: invalid encryption mode 'encrypt start ?' for help\n", mode); - return(0); - } - ret += EncryptStartInput(); - ret += EncryptStartOutput(); - return(ret); -} - -int -EncryptStartInput(void) -{ - if (decrypt_mode) { - encrypt_send_request_start(); - return(1); - } - printf("No previous decryption mode, decryption not enabled\r\n"); - return(0); -} - -int -EncryptStartOutput(void) -{ - if (encrypt_mode) { - encrypt_start_output(encrypt_mode); - return(1); - } - printf("No previous encryption mode, encryption not enabled\r\n"); - return(0); -} - -int -EncryptStop(char *mode) -{ - int ret = 0; - if (mode) { - if (isprefix(mode, "input")) - return(EncryptStopInput()); - if (isprefix(mode, "output")) - return(EncryptStopOutput()); - if (isprefix(mode, "help") || isprefix(mode, "?")) { - printf("Usage: encrypt stop [input|output]\n"); - return(0); - } - printf("%s: invalid encryption mode 'encrypt stop ?' for help\n", mode); - return(0); - } - ret += EncryptStopInput(); - ret += EncryptStopOutput(); - return(ret); -} - -int -EncryptStopInput(void) -{ - encrypt_send_request_end(); - return(1); -} - -int -EncryptStopOutput(void) -{ - encrypt_send_end(); - return(1); -} - -void -encrypt_display(void) -{ - printf("Autoencrypt for output is %s. Autodecrypt for input is %s.\r\n", - autoencrypt?"on":"off", autodecrypt?"on":"off"); - - if (encrypt_output) - printf("Currently encrypting output with %s\r\n", - ENCTYPE_NAME(encrypt_mode)); - else - printf("Currently not encrypting output\r\n"); - - if (decrypt_input) - printf("Currently decrypting input with %s\r\n", - ENCTYPE_NAME(decrypt_mode)); - else - printf("Currently not decrypting input\r\n"); -} - -int -EncryptStatus(void) -{ - printf("Autoencrypt for output is %s. Autodecrypt for input is %s.\r\n", - autoencrypt?"on":"off", autodecrypt?"on":"off"); - - if (encrypt_output) - printf("Currently encrypting output with %s\r\n", - ENCTYPE_NAME(encrypt_mode)); - else if (encrypt_mode) { - printf("Currently output is clear text.\r\n"); - printf("Last encryption mode was %s\r\n", - ENCTYPE_NAME(encrypt_mode)); - } else - printf("Currently not encrypting output\r\n"); - - if (decrypt_input) { - printf("Currently decrypting input with %s\r\n", - ENCTYPE_NAME(decrypt_mode)); - } else if (decrypt_mode) { - printf("Currently input is clear text.\r\n"); - printf("Last decryption mode was %s\r\n", - ENCTYPE_NAME(decrypt_mode)); - } else - printf("Currently not decrypting input\r\n"); - - return 1; -} - -void -encrypt_send_support(void) -{ - if (str_suplen) { - /* - * If the user has requested that decryption start - * immediatly, then send a "REQUEST START" before - * we negotiate the type. - */ - if (!Server && autodecrypt) - encrypt_send_request_start(); - telnet_net_write(str_send, str_suplen); - printsub('>', &str_send[2], str_suplen - 2); - str_suplen = 0; - } -} - -int -EncryptDebug(int on) -{ - if (on < 0) - encrypt_debug_mode ^= 1; - else - encrypt_debug_mode = on; - printf("Encryption debugging %s\r\n", - encrypt_debug_mode ? "enabled" : "disabled"); - return(1); -} - -/* turn on verbose encryption, but dont keep telling the whole world - */ -void encrypt_verbose_quiet(int on) -{ - if(on < 0) - encrypt_verbose ^= 1; - else - encrypt_verbose = on ? 1 : 0; -} - -int -EncryptVerbose(int on) -{ - encrypt_verbose_quiet(on); - printf("Encryption %s verbose\r\n", - encrypt_verbose ? "is" : "is not"); - return(1); -} - -int -EncryptAutoEnc(int on) -{ - encrypt_auto(on); - printf("Automatic encryption of output is %s\r\n", - autoencrypt ? "enabled" : "disabled"); - return(1); -} - -int -EncryptAutoDec(int on) -{ - decrypt_auto(on); - printf("Automatic decryption of input is %s\r\n", - autodecrypt ? "enabled" : "disabled"); - return(1); -} - -/* Called when we receive a WONT or a DONT ENCRYPT after we sent a DO - encrypt */ -void -encrypt_not(void) -{ - if (encrypt_verbose) - printf("[ Connection is NOT encrypted ]\r\n"); - else - printf("\r\n*** Connection not encrypted! " - "Communication may be eavesdropped. ***\r\n"); -} - -/* - * Called when ENCRYPT SUPPORT is received. - */ -void -encrypt_support(unsigned char *typelist, int cnt) -{ - int type, use_type = 0; - Encryptions *ep; - - /* - * Forget anything the other side has previously told us. - */ - remote_supports_decrypt = 0; - - while (cnt-- > 0) { - type = *typelist++; - if (encrypt_debug_mode) - printf(">>>%s: He is supporting %s (%d)\r\n", - Name, - ENCTYPE_NAME(type), type); - if ((type < ENCTYPE_CNT) && - (I_SUPPORT_ENCRYPT & typemask(type))) { - remote_supports_decrypt |= typemask(type); - if (use_type == 0) - use_type = type; - } - } - if (use_type) { - ep = findencryption(use_type); - if (!ep) - return; - type = ep->start ? (*ep->start)(DIR_ENCRYPT, Server) : 0; - if (encrypt_debug_mode) - printf(">>>%s: (*ep->start)() returned %d\r\n", - Name, type); - if (type < 0) - return; - encrypt_mode = use_type; - if (type == 0) - encrypt_start_output(use_type); - } -} - -void -encrypt_is(unsigned char *data, int cnt) -{ - Encryptions *ep; - int type, ret; - - if (--cnt < 0) - return; - type = *data++; - if (type < ENCTYPE_CNT) - remote_supports_encrypt |= typemask(type); - if (!(ep = finddecryption(type))) { - if (encrypt_debug_mode) - printf(">>>%s: Can't find type %s (%d) for initial negotiation\r\n", - Name, - ENCTYPE_NAME_OK(type) - ? ENCTYPE_NAME(type) : "(unknown)", - type); - return; - } - if (!ep->is) { - if (encrypt_debug_mode) - printf(">>>%s: No initial negotiation needed for type %s (%d)\r\n", - Name, - ENCTYPE_NAME_OK(type) - ? ENCTYPE_NAME(type) : "(unknown)", - type); - ret = 0; - } else { - ret = (*ep->is)(data, cnt); - if (encrypt_debug_mode) - printf("(*ep->is)(%p, %d) returned %s(%d)\n", data, cnt, - (ret < 0) ? "FAIL " : - (ret == 0) ? "SUCCESS " : "MORE_TO_DO ", ret); - } - if (ret < 0) { - autodecrypt = 0; - } else { - decrypt_mode = type; - if (ret == 0 && autodecrypt) - encrypt_send_request_start(); - } -} - -void -encrypt_reply(unsigned char *data, int cnt) -{ - Encryptions *ep; - int ret, type; - - if (--cnt < 0) - return; - type = *data++; - if (!(ep = findencryption(type))) { - if (encrypt_debug_mode) - printf(">>>%s: Can't find type %s (%d) for initial negotiation\r\n", - Name, - ENCTYPE_NAME_OK(type) - ? ENCTYPE_NAME(type) : "(unknown)", - type); - return; - } - if (!ep->reply) { - if (encrypt_debug_mode) - printf(">>>%s: No initial negotiation needed for type %s (%d)\r\n", - Name, - ENCTYPE_NAME_OK(type) - ? ENCTYPE_NAME(type) : "(unknown)", - type); - ret = 0; - } else { - ret = (*ep->reply)(data, cnt); - if (encrypt_debug_mode) - printf("(*ep->reply)(%p, %d) returned %s(%d)\n", - data, cnt, - (ret < 0) ? "FAIL " : - (ret == 0) ? "SUCCESS " : "MORE_TO_DO ", ret); - } - if (encrypt_debug_mode) - printf(">>>%s: encrypt_reply returned %d\n", Name, ret); - if (ret < 0) { - autoencrypt = 0; - } else { - encrypt_mode = type; - if (ret == 0 && autoencrypt) - encrypt_start_output(type); - } -} - -/* - * Called when ENCRYPT START is received. - */ -void -encrypt_start(unsigned char *data, int cnt) -{ - Encryptions *ep; - - if (!decrypt_mode) { - /* - * Something is wrong. We should not get a START - * command without having already picked our - * decryption scheme. Send a REQUEST-END to - * attempt to clear the channel... - */ - printf("%s: Warning, Cannot decrypt input stream!!!\r\n", Name); - encrypt_send_request_end(); - return; - } - - if ((ep = finddecryption(decrypt_mode))) { - decrypt_input = ep->input; - if (encrypt_verbose) - printf("[ Input is now decrypted with type %s ]\r\n", - ENCTYPE_NAME(decrypt_mode)); - if (encrypt_debug_mode) - printf(">>>%s: Start to decrypt input with type %s\r\n", - Name, ENCTYPE_NAME(decrypt_mode)); - } else { - printf("%s: Warning, Cannot decrypt type %s (%d)!!!\r\n", - Name, - ENCTYPE_NAME_OK(decrypt_mode) - ? ENCTYPE_NAME(decrypt_mode) - : "(unknown)", - decrypt_mode); - encrypt_send_request_end(); - } -} - -void -encrypt_session_key(Session_Key *key, int server) -{ - Encryptions *ep = encryptions; - - havesessionkey = 1; - - while (ep->type) { - if (ep->session) - (*ep->session)(key, server); - ++ep; - } -} - -/* - * Called when ENCRYPT END is received. - */ -void -encrypt_end(void) -{ - decrypt_input = 0; - if (encrypt_debug_mode) - printf(">>>%s: Input is back to clear text\r\n", Name); - if (encrypt_verbose) - printf("[ Input is now clear text ]\r\n"); -} - -/* - * Called when ENCRYPT REQUEST-END is received. - */ -void -encrypt_request_end(void) -{ - encrypt_send_end(); -} - -/* - * Called when ENCRYPT REQUEST-START is received. If we receive - * this before a type is picked, then that indicates that the - * other side wants us to start encrypting data as soon as we - * can. - */ -void -encrypt_request_start(unsigned char *data, int cnt) -{ - if (encrypt_mode == 0) { - if (Server) - autoencrypt = 1; - return; - } - encrypt_start_output(encrypt_mode); -} - -static unsigned char str_keyid[(MAXKEYLEN*2)+5] = { IAC, SB, TELOPT_ENCRYPT }; - -static void -encrypt_keyid(struct key_info *kp, unsigned char *keyid, int len) -{ - Encryptions *ep; - int dir = kp->dir; - int ret = 0; - - if (!(ep = (*kp->getcrypt)(*kp->modep))) { - if (len == 0) - return; - kp->keylen = 0; - } else if (len == 0) { - /* - * Empty option, indicates a failure. - */ - if (kp->keylen == 0) - return; - kp->keylen = 0; - if (ep->keyid) - (void)(*ep->keyid)(dir, kp->keyid, &kp->keylen); - - } else if ((len != kp->keylen) || (memcmp(keyid,kp->keyid,len) != 0)) { - /* - * Length or contents are different - */ - kp->keylen = len; - memcpy(kp->keyid,keyid, len); - if (ep->keyid) - (void)(*ep->keyid)(dir, kp->keyid, &kp->keylen); - } else { - if (ep->keyid) - ret = (*ep->keyid)(dir, kp->keyid, &kp->keylen); - if ((ret == 0) && (dir == DIR_ENCRYPT) && autoencrypt) - encrypt_start_output(*kp->modep); - return; - } - - encrypt_send_keyid(dir, kp->keyid, kp->keylen, 0); -} - -void encrypt_enc_keyid(unsigned char *keyid, int len) -{ - encrypt_keyid(&ki[1], keyid, len); -} - -void encrypt_dec_keyid(unsigned char *keyid, int len) -{ - encrypt_keyid(&ki[0], keyid, len); -} - - -void encrypt_send_keyid(int dir, unsigned char *keyid, int keylen, int saveit) -{ - unsigned char *strp; - - str_keyid[3] = (dir == DIR_ENCRYPT) - ? ENCRYPT_ENC_KEYID : ENCRYPT_DEC_KEYID; - if (saveit) { - struct key_info *kp = &ki[(dir == DIR_ENCRYPT) ? 0 : 1]; - memcpy(kp->keyid,keyid, keylen); - kp->keylen = keylen; - } - - for (strp = &str_keyid[4]; keylen > 0; --keylen) { - if ((*strp++ = *keyid++) == IAC) - *strp++ = IAC; - } - *strp++ = IAC; - *strp++ = SE; - telnet_net_write(str_keyid, strp - str_keyid); - printsub('>', &str_keyid[2], strp - str_keyid - 2); -} - -void -encrypt_auto(int on) -{ - if (on < 0) - autoencrypt ^= 1; - else - autoencrypt = on ? 1 : 0; -} - -void -decrypt_auto(int on) -{ - if (on < 0) - autodecrypt ^= 1; - else - autodecrypt = on ? 1 : 0; -} - -void -encrypt_start_output(int type) -{ - Encryptions *ep; - unsigned char *p; - int i; - - if (!(ep = findencryption(type))) { - if (encrypt_debug_mode) { - printf(">>>%s: Can't encrypt with type %s (%d)\r\n", - Name, - ENCTYPE_NAME_OK(type) - ? ENCTYPE_NAME(type) : "(unknown)", - type); - } - return; - } - if (ep->start) { - i = (*ep->start)(DIR_ENCRYPT, Server); - if (encrypt_debug_mode) { - printf(">>>%s: Encrypt start: %s (%d) %s\r\n", - Name, - (i < 0) ? "failed" : - "initial negotiation in progress", - i, ENCTYPE_NAME(type)); - } - if (i) - return; - } - p = str_start + 3; - *p++ = ENCRYPT_START; - for (i = 0; i < ki[0].keylen; ++i) { - if ((*p++ = ki[0].keyid[i]) == IAC) - *p++ = IAC; - } - *p++ = IAC; - *p++ = SE; - telnet_net_write(str_start, p - str_start); - net_encrypt(); - printsub('>', &str_start[2], p - &str_start[2]); - /* - * If we are already encrypting in some mode, then - * encrypt the ring (which includes our request) in - * the old mode, mark it all as "clear text" and then - * switch to the new mode. - */ - encrypt_output = ep->output; - encrypt_mode = type; - if (encrypt_debug_mode) - printf(">>>%s: Started to encrypt output with type %s\r\n", - Name, ENCTYPE_NAME(type)); - if (encrypt_verbose) - printf("[ Output is now encrypted with type %s ]\r\n", - ENCTYPE_NAME(type)); -} - -void -encrypt_send_end(void) -{ - if (!encrypt_output) - return; - - str_end[3] = ENCRYPT_END; - telnet_net_write(str_end, sizeof(str_end)); - net_encrypt(); - printsub('>', &str_end[2], sizeof(str_end) - 2); - /* - * Encrypt the output buffer now because it will not be done by - * netflush... - */ - encrypt_output = 0; - if (encrypt_debug_mode) - printf(">>>%s: Output is back to clear text\r\n", Name); - if (encrypt_verbose) - printf("[ Output is now clear text ]\r\n"); -} - -void -encrypt_send_request_start(void) -{ - unsigned char *p; - int i; - - p = &str_start[3]; - *p++ = ENCRYPT_REQSTART; - for (i = 0; i < ki[1].keylen; ++i) { - if ((*p++ = ki[1].keyid[i]) == IAC) - *p++ = IAC; - } - *p++ = IAC; - *p++ = SE; - telnet_net_write(str_start, p - str_start); - printsub('>', &str_start[2], p - &str_start[2]); - if (encrypt_debug_mode) - printf(">>>%s: Request input to be encrypted\r\n", Name); -} - -void -encrypt_send_request_end(void) -{ - str_end[3] = ENCRYPT_REQEND; - telnet_net_write(str_end, sizeof(str_end)); - printsub('>', &str_end[2], sizeof(str_end) - 2); - - if (encrypt_debug_mode) - printf(">>>%s: Request input to be clear text\r\n", Name); -} - - -void encrypt_wait(void) -{ - if (encrypt_debug_mode) - printf(">>>%s: in encrypt_wait\r\n", Name); - if (!havesessionkey || !(I_SUPPORT_ENCRYPT & remote_supports_decrypt)) - return; - while (autoencrypt && !encrypt_output) - if (telnet_spin()) - return; -} - -int -encrypt_delay(void) -{ - if(!havesessionkey || - (I_SUPPORT_ENCRYPT & remote_supports_decrypt) == 0 || - (I_SUPPORT_DECRYPT & remote_supports_encrypt) == 0) - return 0; - if(!(encrypt_output && decrypt_input)) - return 1; - return 0; -} - -int encrypt_is_encrypting() -{ - if (encrypt_output && decrypt_input) - return 1; - return 0; -} - -void -encrypt_debug(int mode) -{ - encrypt_debug_mode = mode; -} - -void encrypt_gen_printsub(unsigned char *data, int cnt, - unsigned char *buf, int buflen) -{ - char tbuf[16], *cp; - - cnt -= 2; - data += 2; - buf[buflen-1] = '\0'; - buf[buflen-2] = '*'; - buflen -= 2;; - for (; cnt > 0; cnt--, data++) { - snprintf(tbuf, sizeof(tbuf), " %d", *data); - for (cp = tbuf; *cp && buflen > 0; --buflen) - *buf++ = *cp++; - if (buflen <= 0) - return; - } - *buf = '\0'; -} - -void -encrypt_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) -{ - Encryptions *ep; - int type = data[1]; - - for (ep = encryptions; ep->type && ep->type != type; ep++) - ; - - if (ep->printsub) - (*ep->printsub)(data, cnt, buf, buflen); - else - encrypt_gen_printsub(data, cnt, buf, buflen); -} -#endif diff --git a/crypto/heimdal/appl/telnet/libtelnet/encrypt.h b/crypto/heimdal/appl/telnet/libtelnet/encrypt.h deleted file mode 100644 index 814491cb423f..000000000000 --- a/crypto/heimdal/appl/telnet/libtelnet/encrypt.h +++ /dev/null @@ -1,103 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)encrypt.h 8.1 (Berkeley) 6/4/93 - * - * @(#)encrypt.h 5.2 (Berkeley) 3/22/91 - */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America is assumed - * to require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -/* $Id: encrypt.h 11444 2002-09-10 20:03:49Z joda $ */ - -#ifndef __ENCRYPT__ -#define __ENCRYPT__ - -#define DIR_DECRYPT 1 -#define DIR_ENCRYPT 2 - -#define VALIDKEY(key) ( key[0] | key[1] | key[2] | key[3] | \ - key[4] | key[5] | key[6] | key[7]) - -#define SAMEKEY(k1, k2) (!memcmp(k1, k2, sizeof(des_cblock))) - -typedef struct { - short type; - int length; - unsigned char *data; -} Session_Key; - -typedef struct { - char *name; - int type; - void (*output) (unsigned char *, int); - int (*input) (int); - void (*init) (int); - int (*start) (int, int); - int (*is) (unsigned char *, int); - int (*reply) (unsigned char *, int); - void (*session) (Session_Key *, int); - int (*keyid) (int, unsigned char *, int *); - void (*printsub) (unsigned char *, int, unsigned char *, int); -} Encryptions; - -#define SK_DES 1 /* Matched Kerberos v5 KEYTYPE_DES */ - -#include "crypto-headers.h" -#ifdef HAVE_OPENSSL -#define des_new_random_key des_random_key -#endif - -#include "enc-proto.h" - -extern int encrypt_debug_mode; -extern int (*decrypt_input) (int); -extern void (*encrypt_output) (unsigned char *, int); -#endif diff --git a/crypto/heimdal/appl/telnet/libtelnet/genget.c b/crypto/heimdal/appl/telnet/libtelnet/genget.c deleted file mode 100644 index 5785314f41b5..000000000000 --- a/crypto/heimdal/appl/telnet/libtelnet/genget.c +++ /dev/null @@ -1,103 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include "misc-proto.h" - -RCSID("$Id: genget.c 10646 2001-09-03 05:54:18Z assar $"); - -#include - -#define LOWER(x) (isupper(x) ? tolower(x) : (x)) -/* - * The prefix function returns 0 if *s1 is not a prefix - * of *s2. If *s1 exactly matches *s2, the negative of - * the length is returned. If *s1 is a prefix of *s2, - * the length of *s1 is returned. - */ - -int -isprefix(char *s1, char *s2) -{ - char *os1; - char c1, c2; - - if (*s1 == '\0') - return(-1); - os1 = s1; - c1 = *s1; - c2 = *s2; - while (tolower((unsigned char)c1) == tolower((unsigned char)c2)) { - if (c1 == '\0') - break; - c1 = *++s1; - c2 = *++s2; - } - return(*s1 ? 0 : (*s2 ? (s1 - os1) : (os1 - s1))); -} - -static char *ambiguous; /* special return value for command routines */ - -char ** -genget(char *name, char **table, int stlen) - /* name to match */ - /* name entry in table */ - -{ - char **c, **found; - int n; - - if (name == 0) - return 0; - - found = 0; - for (c = table; *c != 0; c = (char **)((char *)c + stlen)) { - if ((n = isprefix(name, *c)) == 0) - continue; - if (n < 0) /* exact match */ - return(c); - if (found) - return(&ambiguous); - found = c; - } - return(found); -} - -/* - * Function call version of Ambiguous() - */ -int -Ambiguous(void *s) -{ - return((char **)s == &ambiguous); -} diff --git a/crypto/heimdal/appl/telnet/libtelnet/kerberos.c b/crypto/heimdal/appl/telnet/libtelnet/kerberos.c deleted file mode 100644 index 1c86fe298514..000000000000 --- a/crypto/heimdal/appl/telnet/libtelnet/kerberos.c +++ /dev/null @@ -1,723 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America is assumed - * to require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -RCSID("$Id: kerberos.c 22071 2007-11-14 20:04:50Z lha $"); - -#ifdef KRB4 -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_ARPA_TELNET_H -#include -#endif -#include -#include -#include -#include -#include -#include -#ifdef SOCKS -#include -#endif - - -#include "encrypt.h" -#include "auth.h" -#include "misc.h" - -int kerberos4_cksum (unsigned char *, int); -extern int auth_debug_mode; - -static unsigned char str_data[2048] = { IAC, SB, TELOPT_AUTHENTICATION, 0, - AUTHTYPE_KERBEROS_V4, }; - -#define KRB_AUTH 0 /* Authentication data follows */ -#define KRB_REJECT 1 /* Rejected (reason might follow) */ -#define KRB_ACCEPT 2 /* Accepted */ -#define KRB_CHALLENGE 3 /* Challenge for mutual auth. */ -#define KRB_RESPONSE 4 /* Response for mutual auth. */ - -#define KRB_FORWARD 5 /* */ -#define KRB_FORWARD_ACCEPT 6 /* */ -#define KRB_FORWARD_REJECT 7 /* */ - -#define KRB_SERVICE_NAME "rcmd" - -static KTEXT_ST auth; -static char name[ANAME_SZ]; -static AUTH_DAT adat; -static des_cblock session_key; -static des_cblock cred_session; -static des_key_schedule sched; -static des_cblock challenge; -static int auth_done; /* XXX */ - -static int pack_cred(CREDENTIALS *cred, unsigned char *buf); -static int unpack_cred(unsigned char *buf, int len, CREDENTIALS *cred); - - -static int -Data(Authenticator *ap, int type, const void *d, int c) -{ - unsigned char *p = str_data + 4; - const unsigned char *cd = (const unsigned char *)d; - - if (c == -1) - c = strlen((const char *)cd); - - if (auth_debug_mode) { - printf("%s:%d: [%d] (%d)", - str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY", - str_data[3], - type, c); - printd(d, c); - printf("\r\n"); - } - *p++ = ap->type; - *p++ = ap->way; - *p++ = type; - while (c-- > 0) { - if ((*p++ = *cd++) == IAC) - *p++ = IAC; - } - *p++ = IAC; - *p++ = SE; - if (str_data[3] == TELQUAL_IS) - printsub('>', &str_data[2], p - (&str_data[2])); - return(telnet_net_write(str_data, p - str_data)); -} - -int -kerberos4_init(Authenticator *ap, int server) -{ - FILE *fp; - - if (server) { - str_data[3] = TELQUAL_REPLY; - if ((fp = fopen(KEYFILE, "r")) == NULL) - return(0); - fclose(fp); - } else { - str_data[3] = TELQUAL_IS; - } - return(1); -} - -char dst_realm_buf[REALM_SZ], *dest_realm = NULL; -int dst_realm_sz = REALM_SZ; - -static int -kerberos4_send(char *name, Authenticator *ap) -{ - KTEXT_ST auth; - char instance[INST_SZ]; - char *realm; - CREDENTIALS cred; - int r; - - if (!UserNameRequested) { - if (auth_debug_mode) { - printf("Kerberos V4: no user name supplied\r\n"); - } - return(0); - } - - memset(instance, 0, sizeof(instance)); - - strlcpy (instance, - krb_get_phost(RemoteHostName), - INST_SZ); - - realm = dest_realm ? dest_realm : krb_realmofhost(RemoteHostName); - - if (!realm) { - printf("Kerberos V4: no realm for %s\r\n", RemoteHostName); - return(0); - } - printf("[ Trying %s (%s.%s@%s) ... ]\r\n", name, - KRB_SERVICE_NAME, instance, realm); - r = krb_mk_req(&auth, KRB_SERVICE_NAME, instance, realm, 0L); - if (r) { - printf("mk_req failed: %s\r\n", krb_get_err_text(r)); - return(0); - } - r = krb_get_cred(KRB_SERVICE_NAME, instance, realm, &cred); - if (r) { - printf("get_cred failed: %s\r\n", krb_get_err_text(r)); - return(0); - } - if (!auth_sendname((unsigned char*)UserNameRequested, - strlen(UserNameRequested))) { - if (auth_debug_mode) - printf("Not enough room for user name\r\n"); - return(0); - } - if (auth_debug_mode) - printf("Sent %d bytes of authentication data\r\n", auth.length); - if (!Data(ap, KRB_AUTH, (void *)auth.dat, auth.length)) { - if (auth_debug_mode) - printf("Not enough room for authentication data\r\n"); - return(0); - } -#ifdef ENCRYPTION - /* create challenge */ - if ((ap->way & AUTH_HOW_MASK)==AUTH_HOW_MUTUAL) { - int i; - - des_key_sched(&cred.session, sched); - memcpy (&cred_session, &cred.session, sizeof(cred_session)); -#ifndef HAVE_OPENSSL - des_init_random_number_generator(&cred.session); -#endif - des_new_random_key(&session_key); - des_ecb_encrypt(&session_key, &session_key, sched, 0); - des_ecb_encrypt(&session_key, &challenge, sched, 0); - - /* - old code - Some CERT Advisory thinks this is a bad thing... - - des_init_random_number_generator(&cred.session); - des_new_random_key(&challenge); - des_ecb_encrypt(&challenge, &session_key, sched, 1); - */ - - /* - * Increment the challenge by 1, and encrypt it for - * later comparison. - */ - for (i = 7; i >= 0; --i) - if(++challenge[i] != 0) /* No carry! */ - break; - des_ecb_encrypt(&challenge, &challenge, sched, 1); - } - -#endif - - if (auth_debug_mode) { - printf("CK: %d:", kerberos4_cksum(auth.dat, auth.length)); - printd(auth.dat, auth.length); - printf("\r\n"); - printf("Sent Kerberos V4 credentials to server\r\n"); - } - return(1); -} -int -kerberos4_send_mutual(Authenticator *ap) -{ - return kerberos4_send("mutual KERBEROS4", ap); -} - -int -kerberos4_send_oneway(Authenticator *ap) -{ - return kerberos4_send("KERBEROS4", ap); -} - -void -kerberos4_is(Authenticator *ap, unsigned char *data, int cnt) -{ - struct sockaddr_in addr; - char realm[REALM_SZ]; - char instance[INST_SZ]; - int r; - socklen_t addr_len; - - if (cnt-- < 1) - return; - switch (*data++) { - case KRB_AUTH: - if (krb_get_lrealm(realm, 1) != KSUCCESS) { - Data(ap, KRB_REJECT, (void *)"No local V4 Realm.", -1); - auth_finished(ap, AUTH_REJECT); - if (auth_debug_mode) - printf("No local realm\r\n"); - return; - } - memmove(auth.dat, data, auth.length = cnt); - if (auth_debug_mode) { - printf("Got %d bytes of authentication data\r\n", cnt); - printf("CK: %d:", kerberos4_cksum(auth.dat, auth.length)); - printd(auth.dat, auth.length); - printf("\r\n"); - } - k_getsockinst(0, instance, sizeof(instance)); - addr_len = sizeof(addr); - if(getpeername(0, (struct sockaddr *)&addr, &addr_len) < 0) { - if(auth_debug_mode) - printf("getpeername failed\r\n"); - Data(ap, KRB_REJECT, "getpeername failed", -1); - auth_finished(ap, AUTH_REJECT); - return; - } - if (addr.sin_family != AF_INET) { - if (auth_debug_mode) - printf("unknown address family: %d\r\n", addr.sin_family); - Data(ap, KRB_REJECT, "bad address family", -1); - auth_finished(ap, AUTH_REJECT); - return; - } - - r = krb_rd_req(&auth, KRB_SERVICE_NAME, - instance, addr.sin_addr.s_addr, &adat, ""); - if (r) { - if (auth_debug_mode) - printf("Kerberos failed him as %s\r\n", name); - Data(ap, KRB_REJECT, (void *)krb_get_err_text(r), -1); - auth_finished(ap, AUTH_REJECT); - return; - } - /* save the session key */ - memmove(session_key, adat.session, sizeof(adat.session)); - krb_kntoln(&adat, name); - - if (UserNameRequested && !kuserok(&adat, UserNameRequested)){ - char ts[MaxPathLen]; - struct passwd *pw = getpwnam(UserNameRequested); - - if(pw){ - snprintf(ts, sizeof(ts), - "%s%u", - TKT_ROOT, - (unsigned)pw->pw_uid); - esetenv("KRBTKFILE", ts, 1); - - if (pw->pw_uid == 0) - syslog(LOG_INFO|LOG_AUTH, - "ROOT Kerberos login from %s on %s\n", - krb_unparse_name_long(adat.pname, - adat.pinst, - adat.prealm), - RemoteHostName); - } - Data(ap, KRB_ACCEPT, NULL, 0); - } else { - char *msg; - int ret; - - ret = asprintf (&msg, "user `%s' is not authorized to " - "login as `%s'", - krb_unparse_name_long(adat.pname, - adat.pinst, - adat.prealm), - UserNameRequested ? UserNameRequested : ""); - if (ret == -1) - Data(ap, KRB_REJECT, NULL, 0); - else { - Data(ap, KRB_REJECT, (void *)msg, -1); - free(msg); - } - auth_finished(ap, AUTH_REJECT); - break; - } - auth_finished(ap, AUTH_USER); - break; - - case KRB_CHALLENGE: -#ifndef ENCRYPTION - Data(ap, KRB_RESPONSE, NULL, 0); -#else - if(!VALIDKEY(session_key)){ - Data(ap, KRB_RESPONSE, NULL, 0); - break; - } - des_key_sched(&session_key, sched); - { - des_cblock d_block; - int i; - Session_Key skey; - - memmove(d_block, data, sizeof(d_block)); - - /* make a session key for encryption */ - des_ecb_encrypt(&d_block, &session_key, sched, 1); - skey.type=SK_DES; - skey.length=8; - skey.data=session_key; - encrypt_session_key(&skey, 1); - - /* decrypt challenge, add one and encrypt it */ - des_ecb_encrypt(&d_block, &challenge, sched, 0); - for (i = 7; i >= 0; i--) - if(++challenge[i] != 0) - break; - des_ecb_encrypt(&challenge, &challenge, sched, 1); - Data(ap, KRB_RESPONSE, (void *)challenge, sizeof(challenge)); - } -#endif - break; - - case KRB_FORWARD: - { - des_key_schedule ks; - unsigned char netcred[sizeof(CREDENTIALS)]; - CREDENTIALS cred; - int ret; - if(cnt > sizeof(cred)) - abort(); - - memcpy (session_key, adat.session, sizeof(session_key)); - des_set_key(&session_key, ks); - des_pcbc_encrypt((void*)data, (void*)netcred, cnt, - ks, &session_key, DES_DECRYPT); - unpack_cred(netcred, cnt, &cred); - { - if(strcmp(cred.service, KRB_TICKET_GRANTING_TICKET) || - strncmp(cred.instance, cred.realm, sizeof(cred.instance)) || - cred.lifetime < 0 || cred.lifetime > 255 || - cred.kvno < 0 || cred.kvno > 255 || - cred.issue_date < 0 || - cred.issue_date > time(0) + CLOCK_SKEW || - strncmp(cred.pname, adat.pname, sizeof(cred.pname)) || - strncmp(cred.pinst, adat.pinst, sizeof(cred.pinst))){ - Data(ap, KRB_FORWARD_REJECT, "Bad credentials", -1); - }else{ - if((ret = tf_setup(&cred, - cred.pname, - cred.pinst)) == KSUCCESS){ - struct passwd *pw = getpwnam(UserNameRequested); - - if (pw) - chown(tkt_string(), pw->pw_uid, pw->pw_gid); - Data(ap, KRB_FORWARD_ACCEPT, 0, 0); - } else{ - Data(ap, KRB_FORWARD_REJECT, - krb_get_err_text(ret), -1); - } - } - } - memset(data, 0, cnt); - memset(&ks, 0, sizeof(ks)); - memset(&cred, 0, sizeof(cred)); - } - - break; - - default: - if (auth_debug_mode) - printf("Unknown Kerberos option %d\r\n", data[-1]); - Data(ap, KRB_REJECT, 0, 0); - break; - } -} - -void -kerberos4_reply(Authenticator *ap, unsigned char *data, int cnt) -{ - Session_Key skey; - - if (cnt-- < 1) - return; - switch (*data++) { - case KRB_REJECT: - if(auth_done){ /* XXX Ick! */ - printf("[ Kerberos V4 received unknown opcode ]\r\n"); - }else{ - printf("[ Kerberos V4 refuses authentication "); - if (cnt > 0) - printf("because %.*s ", cnt, data); - printf("]\r\n"); - auth_send_retry(); - } - return; - case KRB_ACCEPT: - printf("[ Kerberos V4 accepts you ]\r\n"); - auth_done = 1; - if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) { - /* - * Send over the encrypted challenge. - */ - Data(ap, KRB_CHALLENGE, session_key, - sizeof(session_key)); - des_ecb_encrypt(&session_key, &session_key, sched, 1); - skey.type = SK_DES; - skey.length = 8; - skey.data = session_key; - encrypt_session_key(&skey, 0); -#if 0 - kerberos4_forward(ap, &cred_session); -#endif - return; - } - auth_finished(ap, AUTH_USER); - return; - case KRB_RESPONSE: - /* make sure the response is correct */ - if ((cnt != sizeof(des_cblock)) || - (memcmp(data, challenge, sizeof(challenge)))){ - printf("[ Kerberos V4 challenge failed!!! ]\r\n"); - auth_send_retry(); - return; - } - printf("[ Kerberos V4 challenge successful ]\r\n"); - auth_finished(ap, AUTH_USER); - break; - case KRB_FORWARD_ACCEPT: - printf("[ Kerberos V4 accepted forwarded credentials ]\r\n"); - break; - case KRB_FORWARD_REJECT: - printf("[ Kerberos V4 rejected forwarded credentials: `%.*s']\r\n", - cnt, data); - break; - default: - if (auth_debug_mode) - printf("Unknown Kerberos option %d\r\n", data[-1]); - return; - } -} - -int -kerberos4_status(Authenticator *ap, char *name, size_t name_sz, int level) -{ - if (level < AUTH_USER) - return(level); - - if (UserNameRequested && !kuserok(&adat, UserNameRequested)) { - strlcpy(name, UserNameRequested, name_sz); - return(AUTH_VALID); - } else - return(AUTH_USER); -} - -#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);} -#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);} - -void -kerberos4_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) -{ - int i; - - buf[buflen-1] = '\0'; /* make sure it's NULL terminated */ - buflen -= 1; - - switch(data[3]) { - case KRB_REJECT: /* Rejected (reason might follow) */ - strlcpy((char *)buf, " REJECT ", buflen); - goto common; - - case KRB_ACCEPT: /* Accepted (name might follow) */ - strlcpy((char *)buf, " ACCEPT ", buflen); - common: - BUMP(buf, buflen); - if (cnt <= 4) - break; - ADDC(buf, buflen, '"'); - for (i = 4; i < cnt; i++) - ADDC(buf, buflen, data[i]); - ADDC(buf, buflen, '"'); - ADDC(buf, buflen, '\0'); - break; - - case KRB_AUTH: /* Authentication data follows */ - strlcpy((char *)buf, " AUTH", buflen); - goto common2; - - case KRB_CHALLENGE: - strlcpy((char *)buf, " CHALLENGE", buflen); - goto common2; - - case KRB_RESPONSE: - strlcpy((char *)buf, " RESPONSE", buflen); - goto common2; - - default: - snprintf((char*)buf, buflen, " %d (unknown)", data[3]); - common2: - BUMP(buf, buflen); - for (i = 4; i < cnt; i++) { - snprintf((char*)buf, buflen, " %d", data[i]); - BUMP(buf, buflen); - } - break; - } -} - -int -kerberos4_cksum(unsigned char *d, int n) -{ - int ck = 0; - - /* - * A comment is probably needed here for those not - * well versed in the "C" language. Yes, this is - * supposed to be a "switch" with the body of the - * "switch" being a "while" statement. The whole - * purpose of the switch is to allow us to jump into - * the middle of the while() loop, and then not have - * to do any more switch()s. - * - * Some compilers will spit out a warning message - * about the loop not being entered at the top. - */ - switch (n&03) - while (n > 0) { - case 0: - ck ^= (int)*d++ << 24; - --n; - case 3: - ck ^= (int)*d++ << 16; - --n; - case 2: - ck ^= (int)*d++ << 8; - --n; - case 1: - ck ^= (int)*d++; - --n; - } - return(ck); -} - -static int -pack_cred(CREDENTIALS *cred, unsigned char *buf) -{ - unsigned char *p = buf; - - memcpy (p, cred->service, ANAME_SZ); - p += ANAME_SZ; - memcpy (p, cred->instance, INST_SZ); - p += INST_SZ; - memcpy (p, cred->realm, REALM_SZ); - p += REALM_SZ; - memcpy(p, cred->session, 8); - p += 8; - p += KRB_PUT_INT(cred->lifetime, p, 4, 4); - p += KRB_PUT_INT(cred->kvno, p, 4, 4); - p += KRB_PUT_INT(cred->ticket_st.length, p, 4, 4); - memcpy(p, cred->ticket_st.dat, cred->ticket_st.length); - p += cred->ticket_st.length; - p += KRB_PUT_INT(0, p, 4, 4); - p += KRB_PUT_INT(cred->issue_date, p, 4, 4); - memcpy (p, cred->pname, ANAME_SZ); - p += ANAME_SZ; - memcpy (p, cred->pinst, INST_SZ); - p += INST_SZ; - return p - buf; -} - -static int -unpack_cred(unsigned char *buf, int len, CREDENTIALS *cred) -{ - char *p = (char*)buf; - uint32_t tmp; - - strncpy (cred->service, p, ANAME_SZ); - cred->service[ANAME_SZ - 1] = '\0'; - p += ANAME_SZ; - strncpy (cred->instance, p, INST_SZ); - cred->instance[INST_SZ - 1] = '\0'; - p += INST_SZ; - strncpy (cred->realm, p, REALM_SZ); - cred->realm[REALM_SZ - 1] = '\0'; - p += REALM_SZ; - - memcpy(cred->session, p, 8); - p += 8; - p += krb_get_int(p, &tmp, 4, 0); - cred->lifetime = tmp; - p += krb_get_int(p, &tmp, 4, 0); - cred->kvno = tmp; - - p += krb_get_int(p, &cred->ticket_st.length, 4, 0); - memcpy(cred->ticket_st.dat, p, cred->ticket_st.length); - p += cred->ticket_st.length; - p += krb_get_int(p, &tmp, 4, 0); - cred->ticket_st.mbz = 0; - p += krb_get_int(p, (uint32_t *)&cred->issue_date, 4, 0); - - strncpy (cred->pname, p, ANAME_SZ); - cred->pname[ANAME_SZ - 1] = '\0'; - p += ANAME_SZ; - strncpy (cred->pinst, p, INST_SZ); - cred->pinst[INST_SZ - 1] = '\0'; - p += INST_SZ; - return 0; -} - - -int -kerberos4_forward(Authenticator *ap, void *v) -{ - des_cblock *key = (des_cblock *)v; - CREDENTIALS cred; - char *realm; - des_key_schedule ks; - int len; - unsigned char netcred[sizeof(CREDENTIALS)]; - int ret; - - realm = krb_realmofhost(RemoteHostName); - if(realm == NULL) - return -1; - memset(&cred, 0, sizeof(cred)); - ret = krb_get_cred(KRB_TICKET_GRANTING_TICKET, - realm, - realm, - &cred); - if(ret) - return ret; - des_set_key(key, ks); - len = pack_cred(&cred, netcred); - des_pcbc_encrypt((void*)netcred, (void*)netcred, len, - ks, key, DES_ENCRYPT); - memset(&ks, 0, sizeof(ks)); - Data(ap, KRB_FORWARD, netcred, len); - memset(netcred, 0, sizeof(netcred)); - return 0; -} - -#endif /* KRB4 */ - diff --git a/crypto/heimdal/appl/telnet/libtelnet/kerberos5.c b/crypto/heimdal/appl/telnet/libtelnet/kerberos5.c deleted file mode 100644 index cac80d059abf..000000000000 --- a/crypto/heimdal/appl/telnet/libtelnet/kerberos5.c +++ /dev/null @@ -1,895 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include - -RCSID("$Id: kerberos5.c 22071 2007-11-14 20:04:50Z lha $"); - -#ifdef KRB5 - -#include -#include -#include -#include -#include -#include -#include -#include -#define Authenticator k5_Authenticator -#include -#undef Authenticator -#include -#ifdef SOCKS -#include -#endif - - -#include "encrypt.h" -#include "auth.h" -#include "misc.h" - -#if defined(DCE) -int dfsk5ok = 0; -int dfspag = 0; -int dfsfwd = 0; -#endif - -int forward_flags = 0; /* Flags get set in telnet/main.c on -f and -F */ - -int forward(int); -int forwardable(int); - -/* These values need to be the same as those defined in telnet/main.c. */ -/* Either define them in both places, or put in some common header file. */ -#define OPTS_FORWARD_CREDS 0x00000002 -#define OPTS_FORWARDABLE_CREDS 0x00000001 - - -void kerberos5_forward (Authenticator *); - -static unsigned char str_data[4] = { IAC, SB, TELOPT_AUTHENTICATION, 0 }; - -#define KRB_AUTH 0 /* Authentication data follows */ -#define KRB_REJECT 1 /* Rejected (reason might follow) */ -#define KRB_ACCEPT 2 /* Accepted */ -#define KRB_RESPONSE 3 /* Response for mutual auth. */ - -#define KRB_FORWARD 4 /* Forwarded credentials follow */ -#define KRB_FORWARD_ACCEPT 5 /* Forwarded credentials accepted */ -#define KRB_FORWARD_REJECT 6 /* Forwarded credentials rejected */ - -static krb5_data auth; -static krb5_ticket *ticket; - -static krb5_context context; -static krb5_auth_context auth_context; - -static int -Data(Authenticator *ap, int type, const void *d, int c) -{ - const unsigned char *cp, *cd = d; - unsigned char *p0, *p; - size_t len = sizeof(str_data) + 3 + 2; - int ret; - - if (c == -1) - c = strlen((const char*)cd); - - for (cp = cd; cp - cd < c; cp++, len++) - if (*cp == IAC) - len++; - - p0 = malloc(len); - if (p0 == NULL) - return 0; - - memcpy(p0, str_data, sizeof(str_data)); - p = p0 + sizeof(str_data); - - if (auth_debug_mode) { - printf("%s:%d: [%d] (%d)", - str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY", - str_data[3], - type, c); - printd(d, c); - printf("\r\n"); - } - *p++ = ap->type; - *p++ = ap->way; - *p++ = type; - while (c-- > 0) { - if ((*p++ = *cd++) == IAC) - *p++ = IAC; - } - *p++ = IAC; - *p++ = SE; - if (str_data[3] == TELQUAL_IS) - printsub('>', &p0[2], len - 2); - ret = telnet_net_write(p0, len); - free(p0); - return ret; -} - -int -kerberos5_init(Authenticator *ap, int server) -{ - krb5_error_code ret; - - ret = krb5_init_context(&context); - if (ret) - return 0; - if (server) { - krb5_keytab kt; - krb5_kt_cursor cursor; - - ret = krb5_kt_default(context, &kt); - if (ret) - return 0; - - ret = krb5_kt_start_seq_get (context, kt, &cursor); - if (ret) { - krb5_kt_close (context, kt); - return 0; - } - krb5_kt_end_seq_get (context, kt, &cursor); - krb5_kt_close (context, kt); - - str_data[3] = TELQUAL_REPLY; - } else - str_data[3] = TELQUAL_IS; - return(1); -} - -extern int net; -static int -kerberos5_send(char *name, Authenticator *ap) -{ - krb5_error_code ret; - krb5_ccache ccache; - int ap_opts; - krb5_data cksum_data; - char ap_msg[2]; - - if (!UserNameRequested) { - if (auth_debug_mode) { - printf("Kerberos V5: no user name supplied\r\n"); - } - return(0); - } - - ret = krb5_cc_default(context, &ccache); - if (ret) { - if (auth_debug_mode) { - printf("Kerberos V5: could not get default ccache: %s\r\n", - krb5_get_err_text (context, ret)); - } - return 0; - } - - if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) - ap_opts = AP_OPTS_MUTUAL_REQUIRED; - else - ap_opts = 0; - - ap_opts |= AP_OPTS_USE_SUBKEY; - - ret = krb5_auth_con_init (context, &auth_context); - if (ret) { - if (auth_debug_mode) { - printf("Kerberos V5: krb5_auth_con_init failed (%s)\r\n", - krb5_get_err_text(context, ret)); - } - return(0); - } - - ret = krb5_auth_con_setaddrs_from_fd (context, - auth_context, - &net); - if (ret) { - if (auth_debug_mode) { - printf ("Kerberos V5:" - " krb5_auth_con_setaddrs_from_fd failed (%s)\r\n", - krb5_get_err_text(context, ret)); - } - return(0); - } - - krb5_auth_con_setkeytype (context, auth_context, KEYTYPE_DES); - - ap_msg[0] = ap->type; - ap_msg[1] = ap->way; - - cksum_data.length = sizeof(ap_msg); - cksum_data.data = ap_msg; - - - { - krb5_principal service; - char sname[128]; - - - ret = krb5_sname_to_principal (context, - RemoteHostName, - NULL, - KRB5_NT_SRV_HST, - &service); - if(ret) { - if (auth_debug_mode) { - printf ("Kerberos V5:" - " krb5_sname_to_principal(%s) failed (%s)\r\n", - RemoteHostName, krb5_get_err_text(context, ret)); - } - return 0; - } - ret = krb5_unparse_name_fixed(context, service, sname, sizeof(sname)); - if(ret) { - if (auth_debug_mode) { - printf ("Kerberos V5:" - " krb5_unparse_name_fixed failed (%s)\r\n", - krb5_get_err_text(context, ret)); - } - return 0; - } - printf("[ Trying %s (%s)... ]\r\n", name, sname); - ret = krb5_mk_req_exact(context, &auth_context, ap_opts, - service, - &cksum_data, ccache, &auth); - krb5_free_principal (context, service); - - } - if (ret) { - if (1 || auth_debug_mode) { - printf("Kerberos V5: mk_req failed (%s)\r\n", - krb5_get_err_text(context, ret)); - } - return(0); - } - - if (!auth_sendname((unsigned char *)UserNameRequested, - strlen(UserNameRequested))) { - if (auth_debug_mode) - printf("Not enough room for user name\r\n"); - return(0); - } - if (!Data(ap, KRB_AUTH, auth.data, auth.length)) { - if (auth_debug_mode) - printf("Not enough room for authentication data\r\n"); - return(0); - } - if (auth_debug_mode) { - printf("Sent Kerberos V5 credentials to server\r\n"); - } - return(1); -} - -int -kerberos5_send_mutual(Authenticator *ap) -{ - return kerberos5_send("mutual KERBEROS5", ap); -} - -int -kerberos5_send_oneway(Authenticator *ap) -{ - return kerberos5_send("KERBEROS5", ap); -} - -static void log_message(const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - if (auth_debug_mode) { - va_start(ap, fmt); - vfprintf(stdout, fmt, ap); - va_end(ap); - fprintf(stdout, "\r\n"); - } - va_start(ap, fmt); - vsyslog(LOG_NOTICE, fmt, ap); - va_end(ap); -} - -void -kerberos5_is(Authenticator *ap, unsigned char *data, int cnt) -{ - krb5_error_code ret; - krb5_data outbuf; - krb5_keyblock *key_block; - char *name; - krb5_principal server; - int zero = 0; - - if (cnt-- < 1) - return; - switch (*data++) { - case KRB_AUTH: - auth.data = (char *)data; - auth.length = cnt; - - auth_context = NULL; - - ret = krb5_auth_con_init (context, &auth_context); - if (ret) { - Data(ap, KRB_REJECT, "krb5_auth_con_init failed", -1); - auth_finished(ap, AUTH_REJECT); - log_message("Kerberos V5: krb5_auth_con_init failed (%s)", - krb5_get_err_text(context, ret)); - return; - } - - ret = krb5_auth_con_setaddrs_from_fd (context, - auth_context, - &zero); - if (ret) { - Data(ap, KRB_REJECT, "krb5_auth_con_setaddrs_from_fd failed", -1); - auth_finished(ap, AUTH_REJECT); - log_message("Kerberos V5: " - "krb5_auth_con_setaddrs_from_fd failed (%s)", - krb5_get_err_text(context, ret)); - return; - } - - ret = krb5_sock_to_principal (context, - 0, - "host", - KRB5_NT_SRV_HST, - &server); - if (ret) { - Data(ap, KRB_REJECT, "krb5_sock_to_principal failed", -1); - auth_finished(ap, AUTH_REJECT); - log_message("Kerberos V5: " - "krb5_sock_to_principal failed (%s)", - krb5_get_err_text(context, ret)); - return; - } - - ret = krb5_rd_req(context, - &auth_context, - &auth, - server, - NULL, - NULL, - &ticket); - - krb5_free_principal (context, server); - if (ret) { - const char *errbuf2 = "Read req failed"; - char *errbuf; - int ret2; - - ret2 = asprintf(&errbuf, - "Read req failed: %s", - krb5_get_err_text(context, ret)); - if (ret2 != -1) - errbuf2 = errbuf; - Data(ap, KRB_REJECT, errbuf2, -1); - log_message("%s", errbuf2); - if (ret2 != -1) - free (errbuf); - return; - } - - { - char ap_msg[2]; - - ap_msg[0] = ap->type; - ap_msg[1] = ap->way; - - ret = krb5_verify_authenticator_checksum(context, - auth_context, - ap_msg, - sizeof(ap_msg)); - - if (ret) { - const char *errbuf2 = "Bad checksum"; - char *errbuf; - int ret2; - - ret2 = asprintf(&errbuf, "Bad checksum: %s", - krb5_get_err_text(context, ret)); - if (ret2 != -1) - errbuf2 = errbuf; - Data(ap, KRB_REJECT, errbuf2, -1); - log_message("%s", errbuf2); - if (ret2 != -1) - free(errbuf); - return; - } - } - ret = krb5_auth_con_getremotesubkey (context, - auth_context, - &key_block); - - if (ret) { - Data(ap, KRB_REJECT, "krb5_auth_con_getremotesubkey failed", -1); - auth_finished(ap, AUTH_REJECT); - log_message("Kerberos V5: " - "krb5_auth_con_getremotesubkey failed (%s)", - krb5_get_err_text(context, ret)); - return; - } - - if (key_block == NULL) { - ret = krb5_auth_con_getkey(context, - auth_context, - &key_block); - } - if (ret) { - Data(ap, KRB_REJECT, "krb5_auth_con_getkey failed", -1); - auth_finished(ap, AUTH_REJECT); - log_message("Kerberos V5: " - "krb5_auth_con_getkey failed (%s)", - krb5_get_err_text(context, ret)); - return; - } - if (key_block == NULL) { - Data(ap, KRB_REJECT, "no subkey received", -1); - auth_finished(ap, AUTH_REJECT); - log_message("Kerberos V5: " - "krb5_auth_con_getremotesubkey returned NULL key"); - return; - } - - if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) { - ret = krb5_mk_rep(context, auth_context, &outbuf); - if (ret) { - Data(ap, KRB_REJECT, - "krb5_mk_rep failed", -1); - auth_finished(ap, AUTH_REJECT); - log_message("Kerberos V5: " - "krb5_mk_rep failed (%s)", - krb5_get_err_text(context, ret)); - return; - } - Data(ap, KRB_RESPONSE, outbuf.data, outbuf.length); - } - if (krb5_unparse_name(context, ticket->client, &name)) - name = 0; - - if(UserNameRequested && krb5_kuserok(context, - ticket->client, - UserNameRequested)) { - Data(ap, KRB_ACCEPT, name, name ? -1 : 0); - log_message("%s accepted as user %s from %s", - name ? name : "", - UserNameRequested ? UserNameRequested : "", - RemoteHostName ? RemoteHostName : ""); - - if(key_block->keytype == ETYPE_DES_CBC_MD5 || - key_block->keytype == ETYPE_DES_CBC_MD4 || - key_block->keytype == ETYPE_DES_CBC_CRC) { - Session_Key skey; - - skey.type = SK_DES; - skey.length = 8; - skey.data = key_block->keyvalue.data; - encrypt_session_key(&skey, 0); - } - - } else { - const char *msg2 = "user is not authorized to login"; - char *msg; - - ret = asprintf (&msg, "user `%s' is not authorized to " - "login as `%s'", - name ? name : "", - UserNameRequested ? UserNameRequested : ""); - if (ret != -1) - msg2 = msg; - Data(ap, KRB_REJECT, (void *)msg2, -1); - if (ret != -1) - free(msg); - auth_finished (ap, AUTH_REJECT); - krb5_free_keyblock_contents(context, key_block); - break; - } - auth_finished(ap, AUTH_USER); - krb5_free_keyblock_contents(context, key_block); - - break; - case KRB_FORWARD: { - struct passwd *pwd; - char ccname[1024]; /* XXX */ - krb5_data inbuf; - krb5_ccache ccache; - inbuf.data = (char *)data; - inbuf.length = cnt; - - pwd = getpwnam (UserNameRequested); - if (pwd == NULL) - break; - - snprintf (ccname, sizeof(ccname), - "FILE:/tmp/krb5cc_%lu", (unsigned long)pwd->pw_uid); - - ret = krb5_cc_resolve (context, ccname, &ccache); - if (ret) { - log_message("Kerberos V5: could not get ccache: %s", - krb5_get_err_text(context, ret)); - break; - } - - ret = krb5_cc_initialize (context, - ccache, - ticket->client); - if (ret) { - log_message("Kerberos V5: could not init ccache: %s", - krb5_get_err_text(context, ret)); - break; - } - -#if defined(DCE) - esetenv("KRB5CCNAME", ccname, 1); -#endif - ret = krb5_rd_cred2 (context, - auth_context, - ccache, - &inbuf); - if(ret) { - const char *errbuf2 = "Read forwarded creds failed"; - char *errbuf; - int ret2; - - ret2 = asprintf (&errbuf, - "Read forwarded creds failed: %s", - krb5_get_err_text (context, ret)); - if (ret2 != -1) - errbuf2 = errbuf; - Data(ap, KRB_FORWARD_REJECT, errbuf, -1); - log_message("Could not read forwarded credentials: %s", errbuf); - - if (ret2 != -1) - free (errbuf); - } else { - Data(ap, KRB_FORWARD_ACCEPT, 0, 0); -#if defined(DCE) - dfsfwd = 1; -#endif - } - chown (ccname + 5, pwd->pw_uid, -1); - log_message("Forwarded credentials obtained"); - break; - } - default: - log_message("Unknown Kerberos option %d", data[-1]); - Data(ap, KRB_REJECT, 0, 0); - break; - } -} - -void -kerberos5_reply(Authenticator *ap, unsigned char *data, int cnt) -{ - static int mutual_complete = 0; - - if (cnt-- < 1) - return; - switch (*data++) { - case KRB_REJECT: - if (cnt > 0) { - printf("[ Kerberos V5 refuses authentication because %.*s ]\r\n", - cnt, data); - } else - printf("[ Kerberos V5 refuses authentication ]\r\n"); - auth_send_retry(); - return; - case KRB_ACCEPT: { - krb5_error_code ret; - Session_Key skey; - krb5_keyblock *keyblock; - - if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL && - !mutual_complete) { - printf("[ Kerberos V5 accepted you, but didn't provide mutual authentication! ]\r\n"); - auth_send_retry(); - return; - } - if (cnt) - printf("[ Kerberos V5 accepts you as ``%.*s'' ]\r\n", cnt, data); - else - printf("[ Kerberos V5 accepts you ]\r\n"); - - ret = krb5_auth_con_getlocalsubkey (context, - auth_context, - &keyblock); - if (ret) - ret = krb5_auth_con_getkey (context, - auth_context, - &keyblock); - if(ret) { - printf("[ krb5_auth_con_getkey: %s ]\r\n", - krb5_get_err_text(context, ret)); - auth_send_retry(); - return; - } - - skey.type = SK_DES; - skey.length = 8; - skey.data = keyblock->keyvalue.data; - encrypt_session_key(&skey, 0); - krb5_free_keyblock_contents (context, keyblock); - auth_finished(ap, AUTH_USER); - if (forward_flags & OPTS_FORWARD_CREDS) - kerberos5_forward(ap); - break; - } - case KRB_RESPONSE: - if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) { - /* the rest of the reply should contain a krb_ap_rep */ - krb5_ap_rep_enc_part *reply; - krb5_data inbuf; - krb5_error_code ret; - - inbuf.length = cnt; - inbuf.data = (char *)data; - - ret = krb5_rd_rep(context, auth_context, &inbuf, &reply); - if (ret) { - printf("[ Mutual authentication failed: %s ]\r\n", - krb5_get_err_text (context, ret)); - auth_send_retry(); - return; - } - krb5_free_ap_rep_enc_part(context, reply); - mutual_complete = 1; - } - return; - case KRB_FORWARD_ACCEPT: - printf("[ Kerberos V5 accepted forwarded credentials ]\r\n"); - return; - case KRB_FORWARD_REJECT: - printf("[ Kerberos V5 refuses forwarded credentials because %.*s ]\r\n", - cnt, data); - return; - default: - if (auth_debug_mode) - printf("Unknown Kerberos option %d\r\n", data[-1]); - return; - } -} - -int -kerberos5_status(Authenticator *ap, char *name, size_t name_sz, int level) -{ - if (level < AUTH_USER) - return(level); - - if (UserNameRequested && - krb5_kuserok(context, - ticket->client, - UserNameRequested)) - { - strlcpy(name, UserNameRequested, name_sz); -#if defined(DCE) - dfsk5ok = 1; -#endif - return(AUTH_VALID); - } else - return(AUTH_USER); -} - -#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);} -#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);} - -void -kerberos5_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) -{ - int i; - - buf[buflen-1] = '\0'; /* make sure it's NULL terminated */ - buflen -= 1; - - switch(data[3]) { - case KRB_REJECT: /* Rejected (reason might follow) */ - strlcpy((char *)buf, " REJECT ", buflen); - goto common; - - case KRB_ACCEPT: /* Accepted (name might follow) */ - strlcpy((char *)buf, " ACCEPT ", buflen); - common: - BUMP(buf, buflen); - if (cnt <= 4) - break; - ADDC(buf, buflen, '"'); - for (i = 4; i < cnt; i++) - ADDC(buf, buflen, data[i]); - ADDC(buf, buflen, '"'); - ADDC(buf, buflen, '\0'); - break; - - - case KRB_AUTH: /* Authentication data follows */ - strlcpy((char *)buf, " AUTH", buflen); - goto common2; - - case KRB_RESPONSE: - strlcpy((char *)buf, " RESPONSE", buflen); - goto common2; - - case KRB_FORWARD: /* Forwarded credentials follow */ - strlcpy((char *)buf, " FORWARD", buflen); - goto common2; - - case KRB_FORWARD_ACCEPT: /* Forwarded credentials accepted */ - strlcpy((char *)buf, " FORWARD_ACCEPT", buflen); - goto common2; - - case KRB_FORWARD_REJECT: /* Forwarded credentials rejected */ - /* (reason might follow) */ - strlcpy((char *)buf, " FORWARD_REJECT", buflen); - goto common2; - - default: - snprintf((char*)buf, buflen, " %d (unknown)", data[3]); - common2: - BUMP(buf, buflen); - for (i = 4; i < cnt; i++) { - snprintf((char*)buf, buflen, " %d", data[i]); - BUMP(buf, buflen); - } - break; - } -} - -void -kerberos5_forward(Authenticator *ap) -{ - krb5_error_code ret; - krb5_ccache ccache; - krb5_creds creds; - KDCOptions flags; - krb5_data out_data; - krb5_principal principal; - - ret = krb5_cc_default (context, &ccache); - if (ret) { - if (auth_debug_mode) - printf ("KerberosV5: could not get default ccache: %s\r\n", - krb5_get_err_text (context, ret)); - return; - } - - ret = krb5_cc_get_principal (context, ccache, &principal); - if (ret) { - if (auth_debug_mode) - printf ("KerberosV5: could not get principal: %s\r\n", - krb5_get_err_text (context, ret)); - return; - } - - memset (&creds, 0, sizeof(creds)); - - creds.client = principal; - - ret = krb5_build_principal (context, - &creds.server, - strlen(principal->realm), - principal->realm, - "krbtgt", - principal->realm, - NULL); - - if (ret) { - if (auth_debug_mode) - printf ("KerberosV5: could not get principal: %s\r\n", - krb5_get_err_text (context, ret)); - return; - } - - creds.times.endtime = 0; - - memset(&flags, 0, sizeof(flags)); - flags.forwarded = 1; - if (forward_flags & OPTS_FORWARDABLE_CREDS) - flags.forwardable = 1; - - ret = krb5_get_forwarded_creds (context, - auth_context, - ccache, - KDCOptions2int(flags), - RemoteHostName, - &creds, - &out_data); - if (ret) { - if (auth_debug_mode) - printf ("Kerberos V5: error getting forwarded creds: %s\r\n", - krb5_get_err_text (context, ret)); - return; - } - - if(!Data(ap, KRB_FORWARD, out_data.data, out_data.length)) { - if (auth_debug_mode) - printf("Not enough room for authentication data\r\n"); - } else { - if (auth_debug_mode) - printf("Forwarded local Kerberos V5 credentials to server\r\n"); - } -} - -#if defined(DCE) -/* if this was a K5 authentication try and join a PAG for the user. */ -void -kerberos5_dfspag(void) -{ - if (dfsk5ok) { - dfspag = krb5_dfs_pag(context, dfsfwd, ticket->client, - UserNameRequested); - } -} -#endif - -int -kerberos5_set_forward(int on) -{ - if(on == 0) - forward_flags &= ~OPTS_FORWARD_CREDS; - if(on == 1) - forward_flags |= OPTS_FORWARD_CREDS; - if(on == -1) - forward_flags ^= OPTS_FORWARD_CREDS; - return 0; -} - -int -kerberos5_set_forwardable(int on) -{ - if(on == 0) - forward_flags &= ~OPTS_FORWARDABLE_CREDS; - if(on == 1) - forward_flags |= OPTS_FORWARDABLE_CREDS; - if(on == -1) - forward_flags ^= OPTS_FORWARDABLE_CREDS; - return 0; -} - -#endif /* KRB5 */ diff --git a/crypto/heimdal/appl/telnet/libtelnet/krb4encpwd.c b/crypto/heimdal/appl/telnet/libtelnet/krb4encpwd.c deleted file mode 100644 index f14bc7da50f0..000000000000 --- a/crypto/heimdal/appl/telnet/libtelnet/krb4encpwd.c +++ /dev/null @@ -1,436 +0,0 @@ -/*- - * Copyright (c) 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: krb4encpwd.c 22071 2007-11-14 20:04:50Z lha $"); - -#ifdef KRB4_ENCPWD -/* - * COPYRIGHT (C) 1990 DIGITAL EQUIPMENT CORPORATION - * ALL RIGHTS RESERVED - * - * "Digital Equipment Corporation authorizes the reproduction, - * distribution and modification of this software subject to the following - * restrictions: - * - * 1. Any partial or whole copy of this software, or any modification - * thereof, must include this copyright notice in its entirety. - * - * 2. This software is supplied "as is" with no warranty of any kind, - * expressed or implied, for any purpose, including any warranty of fitness - * or merchantibility. DIGITAL assumes no responsibility for the use or - * reliability of this software, nor promises to provide any form of - * support for it on any basis. - * - * 3. Distribution of this software is authorized only if no profit or - * remuneration of any kind is received in exchange for such distribution. - * - * 4. This software produces public key authentication certificates - * bearing an expiration date established by DIGITAL and RSA Data - * Security, Inc. It may cease to generate certificates after the expiration - * date. Any modification of this software that changes or defeats - * the expiration date or its effect is unauthorized. - * - * 5. Software that will renew or extend the expiration date of - * authentication certificates produced by this software may be obtained - * from RSA Data Security, Inc., 10 Twin Dolphin Drive, Redwood City, CA - * 94065, (415)595-8782, or from DIGITAL" - * - */ - -#include -#include -#include -#include - -#include -#include -#include -#ifdef SOCKS -#include -#endif - -#include "encrypt.h" -#include "auth.h" -#include "misc.h" - -int krb_mk_encpwd_req (KTEXT, char *, char *, char *, char *, char *, char *); -int krb_rd_encpwd_req (KTEXT, char *, char *, u_long, AUTH_DAT *, char *, char *, char *, char *); - -extern auth_debug_mode; - -static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0, - AUTHTYPE_KRB4_ENCPWD, }; -static unsigned char str_name[1024] = { IAC, SB, TELOPT_AUTHENTICATION, - TELQUAL_NAME, }; - -#define KRB4_ENCPWD_AUTH 0 /* Authentication data follows */ -#define KRB4_ENCPWD_REJECT 1 /* Rejected (reason might follow) */ -#define KRB4_ENCPWD_ACCEPT 2 /* Accepted */ -#define KRB4_ENCPWD_CHALLENGE 3 /* Challenge for mutual auth. */ -#define KRB4_ENCPWD_ACK 4 /* Acknowledge */ - -#define KRB_SERVICE_NAME "rcmd" - -static KTEXT_ST auth; -static char name[ANAME_SZ]; -static char user_passwd[ANAME_SZ]; -static AUTH_DAT adat = { 0 }; -static des_key_schedule sched; -static char challenge[REALM_SZ]; - - static int -Data(ap, type, d, c) - Authenticator *ap; - int type; - void *d; - int c; -{ - unsigned char *p = str_data + 4; - unsigned char *cd = (unsigned char *)d; - - if (c == -1) - c = strlen(cd); - - if (0) { - printf("%s:%d: [%d] (%d)", - str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY", - str_data[3], - type, c); - printd(d, c); - printf("\r\n"); - } - *p++ = ap->type; - *p++ = ap->way; - *p++ = type; - while (c-- > 0) { - if ((*p++ = *cd++) == IAC) - *p++ = IAC; - } - *p++ = IAC; - *p++ = SE; - if (str_data[3] == TELQUAL_IS) - printsub('>', &str_data[2], p - (&str_data[2])); - return(telnet_net_write(str_data, p - str_data)); -} - - int -krb4encpwd_init(ap, server) - Authenticator *ap; - int server; -{ - char hostname[80], *cp, *realm; - des_clock skey; - - if (server) { - str_data[3] = TELQUAL_REPLY; - } else { - str_data[3] = TELQUAL_IS; - gethostname(hostname, sizeof(hostname)); - realm = krb_realmofhost(hostname); - cp = strchr(hostname, '.'); - if (*cp != NULL) *cp = NULL; - if (read_service_key(KRB_SERVICE_NAME, hostname, realm, 0, - KEYFILE, (char *)skey)) { - return(0); - } - } - return(1); -} - - int -krb4encpwd_send(ap) - Authenticator *ap; -{ - - printf("[ Trying KRB4ENCPWD ... ]\r\n"); - if (!UserNameRequested) { - return(0); - } - if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) { - return(0); - } - - if (!Data(ap, KRB4_ENCPWD_ACK, NULL, 0)) { - return(0); - } - - return(1); -} - - void -krb4encpwd_is(ap, data, cnt) - Authenticator *ap; - unsigned char *data; - int cnt; -{ - Session_Key skey; - des_cblock datablock; - char r_passwd[ANAME_SZ], r_user[ANAME_SZ]; - char lhostname[ANAME_SZ], *cp; - int r; - time_t now; - - if (cnt-- < 1) - return; - switch (*data++) { - case KRB4_ENCPWD_AUTH: - memmove(auth.dat, data, auth.length = cnt); - - gethostname(lhostname, sizeof(lhostname)); - if ((cp = strchr(lhostname, '.')) != 0) *cp = '\0'; - - if (r = krb_rd_encpwd_req(&auth, KRB_SERVICE_NAME, lhostname, 0, &adat, NULL, challenge, r_user, r_passwd)) { - Data(ap, KRB4_ENCPWD_REJECT, "Auth failed", -1); - auth_finished(ap, AUTH_REJECT); - return; - } - auth_encrypt_userpwd(r_passwd); - if (passwdok(UserNameRequested, UserPassword) == 0) { - /* - * illegal username and password - */ - Data(ap, KRB4_ENCPWD_REJECT, "Illegal password", -1); - auth_finished(ap, AUTH_REJECT); - return; - } - - memmove(session_key, adat.session, sizeof(des_cblock)); - Data(ap, KRB4_ENCPWD_ACCEPT, 0, 0); - auth_finished(ap, AUTH_USER); - break; - - case KRB4_ENCPWD_CHALLENGE: - /* - * Take the received random challenge text and save - * for future authentication. - */ - memmove(challenge, data, sizeof(des_cblock)); - break; - - - case KRB4_ENCPWD_ACK: - /* - * Receive ack, if mutual then send random challenge - */ - - /* - * If we are doing mutual authentication, get set up to send - * the challenge, and verify it when the response comes back. - */ - - if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) { - int i; - - time(&now); - snprintf(challenge, sizeof(challenge), "%x", now); - Data(ap, KRB4_ENCPWD_CHALLENGE, challenge, strlen(challenge)); - } - break; - - default: - Data(ap, KRB4_ENCPWD_REJECT, 0, 0); - break; - } -} - - - void -krb4encpwd_reply(ap, data, cnt) - Authenticator *ap; - unsigned char *data; - int cnt; -{ - Session_Key skey; - KTEXT_ST krb_token; - des_cblock enckey; - CREDENTIALS cred; - int r; - char randchal[REALM_SZ], instance[ANAME_SZ], *cp; - char hostname[80], *realm; - - if (cnt-- < 1) - return; - switch (*data++) { - case KRB4_ENCPWD_REJECT: - if (cnt > 0) { - printf("[ KRB4_ENCPWD refuses authentication because %.*s ]\r\n", - cnt, data); - } else - printf("[ KRB4_ENCPWD refuses authentication ]\r\n"); - auth_send_retry(); - return; - case KRB4_ENCPWD_ACCEPT: - printf("[ KRB4_ENCPWD accepts you ]\r\n"); - auth_finished(ap, AUTH_USER); - return; - case KRB4_ENCPWD_CHALLENGE: - /* - * Verify that the response to the challenge is correct. - */ - - gethostname(hostname, sizeof(hostname)); - realm = krb_realmofhost(hostname); - memmove(challenge, data, cnt); - memset(user_passwd, 0, sizeof(user_passwd)); - des_read_pw_string(user_passwd, sizeof(user_passwd)-1, "Password: ", 0); - UserPassword = user_passwd; - Challenge = challenge; - strlcpy(instance, RemoteHostName, sizeof(instance)); - if ((cp = strchr(instance, '.')) != 0) *cp = '\0'; - - if (r = krb_mk_encpwd_req(&krb_token, KRB_SERVICE_NAME, instance, realm, Challenge, UserNameRequested, user_passwd)) { - krb_token.length = 0; - } - - if (!Data(ap, KRB4_ENCPWD_AUTH, krb_token.dat, krb_token.length)) { - return; - } - - break; - - default: - return; - } -} - - int -krb4encpwd_status(ap, name, name_sz, level) - Authenticator *ap; - char *name; - size_t name_sz; - int level; -{ - - if (level < AUTH_USER) - return(level); - - if (UserNameRequested && passwdok(UserNameRequested, UserPassword)) { - strlcpy(name, UserNameRequested, name_sz); - return(AUTH_VALID); - } else { - return(AUTH_USER); - } -} - -#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);} -#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);} - - void -krb4encpwd_printsub(data, cnt, buf, buflen) - unsigned char *data, *buf; - int cnt, buflen; -{ - int i; - - buf[buflen-1] = '\0'; /* make sure it's NULL terminated */ - buflen -= 1; - - switch(data[3]) { - case KRB4_ENCPWD_REJECT: /* Rejected (reason might follow) */ - strlcpy((char *)buf, " REJECT ", buflen); - goto common; - - case KRB4_ENCPWD_ACCEPT: /* Accepted (name might follow) */ - strlcpy((char *)buf, " ACCEPT ", buflen); - common: - BUMP(buf, buflen); - if (cnt <= 4) - break; - ADDC(buf, buflen, '"'); - for (i = 4; i < cnt; i++) - ADDC(buf, buflen, data[i]); - ADDC(buf, buflen, '"'); - ADDC(buf, buflen, '\0'); - break; - - case KRB4_ENCPWD_AUTH: /* Authentication data follows */ - strlcpy((char *)buf, " AUTH", buflen); - goto common2; - - case KRB4_ENCPWD_CHALLENGE: - strlcpy((char *)buf, " CHALLENGE", buflen); - goto common2; - - case KRB4_ENCPWD_ACK: - strlcpy((char *)buf, " ACK", buflen); - goto common2; - - default: - snprintf(buf, buflen, " %d (unknown)", data[3]); - common2: - BUMP(buf, buflen); - for (i = 4; i < cnt; i++) { - snprintf(buf, buflen, " %d", data[i]); - BUMP(buf, buflen); - } - break; - } -} - -int passwdok(name, passwd) -char *name, *passwd; -{ - char *crypt(); - char *salt, *p; - struct passwd *pwd; - int passwdok_status = 0; - - if (pwd = k_getpwnam(name)) - salt = pwd->pw_passwd; - else salt = "xx"; - - p = crypt(passwd, salt); - - if (pwd && !strcmp(p, pwd->pw_passwd)) { - passwdok_status = 1; - } else passwdok_status = 0; - return(passwdok_status); -} - -#endif - -#ifdef notdef - -prkey(msg, key) - char *msg; - unsigned char *key; -{ - int i; - printf("%s:", msg); - for (i = 0; i < 8; i++) - printf(" %3d", key[i]); - printf("\r\n"); -} -#endif diff --git a/crypto/heimdal/appl/telnet/libtelnet/misc-proto.h b/crypto/heimdal/appl/telnet/libtelnet/misc-proto.h deleted file mode 100644 index 07a250948f60..000000000000 --- a/crypto/heimdal/appl/telnet/libtelnet/misc-proto.h +++ /dev/null @@ -1,79 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)misc-proto.h 8.1 (Berkeley) 6/4/93 - */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America is assumed - * to require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -/* $Id: misc-proto.h 9187 2000-11-15 23:00:21Z assar $ */ - -#ifndef __MISC_PROTO__ -#define __MISC_PROTO__ - -void auth_encrypt_init (const char *, const char *, const char *, int); -void auth_encrypt_user(const char *name); -void auth_encrypt_connect (int); -void printd (const unsigned char *, int); - -char** genget (char *name, char **table, int stlen); -int isprefix(char *s1, char *s2); -int Ambiguous(void *s); - -/* - * These functions are imported from the application - */ -int telnet_net_write (unsigned char *, int); -void net_encrypt (void); -int telnet_spin (void); -char *telnet_getenv (const char *); -char *telnet_gets (char *, char *, int, int); -void printsub(int direction, unsigned char *pointer, int length); -#endif diff --git a/crypto/heimdal/appl/telnet/libtelnet/misc.c b/crypto/heimdal/appl/telnet/libtelnet/misc.c deleted file mode 100644 index f74e30482db1..000000000000 --- a/crypto/heimdal/appl/telnet/libtelnet/misc.c +++ /dev/null @@ -1,95 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: misc.c 7822 2000-01-25 23:24:58Z assar $"); - -#include -#include -#include -#include -#ifdef SOCKS -#include -#endif -#include "misc.h" -#include "auth.h" -#include "encrypt.h" - - -const char *RemoteHostName; -const char *LocalHostName; -char *UserNameRequested = 0; -int ConnectedCount = 0; - -void -auth_encrypt_init(const char *local, const char *remote, const char *name, - int server) -{ - RemoteHostName = remote; - LocalHostName = local; -#ifdef AUTHENTICATION - auth_init(name, server); -#endif -#ifdef ENCRYPTION - encrypt_init(name, server); -#endif - if (UserNameRequested) { - free(UserNameRequested); - UserNameRequested = 0; - } -} - -void -auth_encrypt_user(const char *name) -{ - if (UserNameRequested) - free(UserNameRequested); - UserNameRequested = name ? strdup(name) : 0; -} - -void -auth_encrypt_connect(int cnt) -{ -} - -void -printd(const unsigned char *data, int cnt) -{ - if (cnt > 16) - cnt = 16; - while (cnt-- > 0) { - printf(" %02x", *data); - ++data; - } -} diff --git a/crypto/heimdal/appl/telnet/libtelnet/misc.h b/crypto/heimdal/appl/telnet/libtelnet/misc.h deleted file mode 100644 index e31556530aa5..000000000000 --- a/crypto/heimdal/appl/telnet/libtelnet/misc.h +++ /dev/null @@ -1,42 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)misc.h 8.1 (Berkeley) 6/4/93 - */ - -extern char *UserNameRequested; -extern const char *LocalHostName; -extern const char *RemoteHostName; -extern int ConnectedCount; -extern int ReservedPort; - -#include "misc-proto.h" diff --git a/crypto/heimdal/appl/telnet/libtelnet/rsaencpwd.c b/crypto/heimdal/appl/telnet/libtelnet/rsaencpwd.c deleted file mode 100644 index cff096c0229e..000000000000 --- a/crypto/heimdal/appl/telnet/libtelnet/rsaencpwd.c +++ /dev/null @@ -1,487 +0,0 @@ -/*- - * Copyright (c) 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: rsaencpwd.c 22071 2007-11-14 20:04:50Z lha $"); - -#ifdef RSA_ENCPWD -/* - * COPYRIGHT (C) 1990 DIGITAL EQUIPMENT CORPORATION - * ALL RIGHTS RESERVED - * - * "Digital Equipment Corporation authorizes the reproduction, - * distribution and modification of this software subject to the following - * restrictions: - * - * 1. Any partial or whole copy of this software, or any modification - * thereof, must include this copyright notice in its entirety. - * - * 2. This software is supplied "as is" with no warranty of any kind, - * expressed or implied, for any purpose, including any warranty of fitness - * or merchantibility. DIGITAL assumes no responsibility for the use or - * reliability of this software, nor promises to provide any form of - * support for it on any basis. - * - * 3. Distribution of this software is authorized only if no profit or - * remuneration of any kind is received in exchange for such distribution. - * - * 4. This software produces public key authentication certificates - * bearing an expiration date established by DIGITAL and RSA Data - * Security, Inc. It may cease to generate certificates after the expiration - * date. Any modification of this software that changes or defeats - * the expiration date or its effect is unauthorized. - * - * 5. Software that will renew or extend the expiration date of - * authentication certificates produced by this software may be obtained - * from RSA Data Security, Inc., 10 Twin Dolphin Drive, Redwood City, CA - * 94065, (415)595-8782, or from DIGITAL" - * - */ - -#include -#ifdef HAVE_ARPA_TELNET_H -#include -#endif -#include -#include - -#include -#include -#ifdef SOCKS -#include -#endif - -#include "encrypt.h" -#include "auth.h" -#include "misc.h" -#include "cdc.h" - -extern auth_debug_mode; - -static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0, - AUTHTYPE_RSA_ENCPWD, }; -static unsigned char str_name[1024] = { IAC, SB, TELOPT_AUTHENTICATION, - TELQUAL_NAME, }; - -#define RSA_ENCPWD_AUTH 0 /* Authentication data follows */ -#define RSA_ENCPWD_REJECT 1 /* Rejected (reason might follow) */ -#define RSA_ENCPWD_ACCEPT 2 /* Accepted */ -#define RSA_ENCPWD_CHALLENGEKEY 3 /* Challenge and public key */ - -#define NAME_SZ 40 -#define CHAL_SZ 20 -#define PWD_SZ 40 - -static KTEXT_ST auth; -static char name[NAME_SZ]; -static char user_passwd[PWD_SZ]; -static char key_file[2*NAME_SZ]; -static char lhostname[NAME_SZ]; -static char challenge[CHAL_SZ]; -static int challenge_len; - - static int -Data(ap, type, d, c) - Authenticator *ap; - int type; - void *d; - int c; -{ - unsigned char *p = str_data + 4; - unsigned char *cd = (unsigned char *)d; - - if (c == -1) - c = strlen((char *)cd); - - if (0) { - printf("%s:%d: [%d] (%d)", - str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY", - str_data[3], - type, c); - printd(d, c); - printf("\r\n"); - } - *p++ = ap->type; - *p++ = ap->way; - if (type != NULL) *p++ = type; - while (c-- > 0) { - if ((*p++ = *cd++) == IAC) - *p++ = IAC; - } - *p++ = IAC; - *p++ = SE; - if (str_data[3] == TELQUAL_IS) - printsub('>', &str_data[2], p - (&str_data[2])); - return(telnet_net_write(str_data, p - str_data)); -} - - int -rsaencpwd_init(ap, server) - Authenticator *ap; - int server; -{ - char *cp; - FILE *fp; - - if (server) { - str_data[3] = TELQUAL_REPLY; - memset(key_file, 0, sizeof(key_file)); - gethostname(lhostname, sizeof(lhostname)); - if ((cp = strchr(lhostname, '.')) != 0) *cp = '\0'; - snprintf(key_file, sizeof(key_file), - SYSCONFDIR "/.%s_privkey", lhostname); - if ((fp=fopen(key_file, "r"))==NULL) return(0); - fclose(fp); - } else { - str_data[3] = TELQUAL_IS; - } - return(1); -} - - int -rsaencpwd_send(ap) - Authenticator *ap; -{ - - printf("[ Trying RSAENCPWD ... ]\r\n"); - if (!UserNameRequested) { - return(0); - } - if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) { - return(0); - } - if (!Data(ap, NULL, NULL, 0)) { - return(0); - } - - - return(1); -} - - void -rsaencpwd_is(ap, data, cnt) - Authenticator *ap; - unsigned char *data; - int cnt; -{ - Session_Key skey; - des_cblock datablock; - char r_passwd[PWD_SZ], r_user[NAME_SZ]; - char *cp, key[160]; - char chalkey[160], *ptr; - FILE *fp; - int r, i, j, chalkey_len, len; - time_t now; - - cnt--; - switch (*data++) { - case RSA_ENCPWD_AUTH: - memmove(auth.dat, data, auth.length = cnt); - - if ((fp=fopen(key_file, "r"))==NULL) { - Data(ap, RSA_ENCPWD_REJECT, "Auth failed", -1); - auth_finished(ap, AUTH_REJECT); - return; - } - /* - * get privkey - */ - fscanf(fp, "%x;", &len); - for (i=0;iway & AUTH_HOW_MASK) == AUTH_HOW_ONE_WAY) { - int i; - - - time(&now); - if ((now % 2) == 0) { - snprintf(challenge, sizeof(challenge), "%x", now); - challenge_len = strlen(challenge); - } else { - strlcpy(challenge, "randchal", sizeof(challenge)); - challenge_len = 8; - } - - if ((fp=fopen(key_file, "r"))==NULL) { - Data(ap, RSA_ENCPWD_REJECT, "Auth failed", -1); - auth_finished(ap, AUTH_REJECT); - return; - } - /* - * skip privkey - */ - fscanf(fp, "%x;", &len); - for (i=0;i 0) { - printf("[ RSA_ENCPWD refuses authentication because %.*s ]\r\n", - cnt, data); - } else - printf("[ RSA_ENCPWD refuses authentication ]\r\n"); - auth_send_retry(); - return; - case RSA_ENCPWD_ACCEPT: - printf("[ RSA_ENCPWD accepts you ]\r\n"); - auth_finished(ap, AUTH_USER); - return; - case RSA_ENCPWD_CHALLENGEKEY: - /* - * Verify that the response to the challenge is correct. - */ - - memmove(chalkey, data, cnt); - ptr = (char *) &chalkey[0]; - ptr += DecodeHeaderLength(chalkey); - if (*ptr != 0x04) { - return; - } - *ptr++; - challenge_len = DecodeValueLength(ptr); - ptr += NumEncodeLengthOctets(challenge_len); - memmove(challenge, ptr, challenge_len); - ptr += challenge_len; - if (*ptr != 0x04) { - return; - } - *ptr++; - pubkey_len = DecodeValueLength(ptr); - ptr += NumEncodeLengthOctets(pubkey_len); - memmove(pubkey, ptr, pubkey_len); - memset(user_passwd, 0, sizeof(user_passwd)); - des_read_pw_string(user_passwd, sizeof(user_passwd)-1, "Password: ", 0); - UserPassword = user_passwd; - Challenge = challenge; - r = init_rsa_encpwd(&token, user_passwd, challenge, challenge_len, pubkey); - if (r < 0) { - token.length = 1; - } - - if (!Data(ap, RSA_ENCPWD_AUTH, token.dat, token.length)) { - return; - } - - break; - - default: - return; - } -} - - int -rsaencpwd_status(ap, name, name_sz, level) - Authenticator *ap; - char *name; - size_t name_sz; - int level; -{ - - if (level < AUTH_USER) - return(level); - - if (UserNameRequested && rsaencpwd_passwdok(UserNameRequested, UserPassword)) { - strlcpy(name, UserNameRequested, name_sz); - return(AUTH_VALID); - } else { - return(AUTH_USER); - } -} - -#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);} -#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);} - - void -rsaencpwd_printsub(data, cnt, buf, buflen) - unsigned char *data, *buf; - int cnt, buflen; -{ - int i; - - buf[buflen-1] = '\0'; /* make sure it's NULL terminated */ - buflen -= 1; - - switch(data[3]) { - case RSA_ENCPWD_REJECT: /* Rejected (reason might follow) */ - strlcpy((char *)buf, " REJECT ", buflen); - goto common; - - case RSA_ENCPWD_ACCEPT: /* Accepted (name might follow) */ - strlcpy((char *)buf, " ACCEPT ", buflen); - common: - BUMP(buf, buflen); - if (cnt <= 4) - break; - ADDC(buf, buflen, '"'); - for (i = 4; i < cnt; i++) - ADDC(buf, buflen, data[i]); - ADDC(buf, buflen, '"'); - ADDC(buf, buflen, '\0'); - break; - - case RSA_ENCPWD_AUTH: /* Authentication data follows */ - strlcpy((char *)buf, " AUTH", buflen); - goto common2; - - case RSA_ENCPWD_CHALLENGEKEY: - strlcpy((char *)buf, " CHALLENGEKEY", buflen); - goto common2; - - default: - snprintf(buf, buflen, " %d (unknown)", data[3]); - common2: - BUMP(buf, buflen); - for (i = 4; i < cnt; i++) { - snprintf(buf, buflen, " %d", data[i]); - BUMP(buf, buflen); - } - break; - } -} - -int rsaencpwd_passwdok(name, passwd) -char *name, *passwd; -{ - char *crypt(); - char *salt, *p; - struct passwd *pwd; - int passwdok_status = 0; - - if (pwd = k_getpwnam(name)) - salt = pwd->pw_passwd; - else salt = "xx"; - - p = crypt(passwd, salt); - - if (pwd && !strcmp(p, pwd->pw_passwd)) { - passwdok_status = 1; - } else passwdok_status = 0; - return(passwdok_status); -} - -#endif - -#ifdef notdef - -prkey(msg, key) - char *msg; - unsigned char *key; -{ - int i; - printf("%s:", msg); - for (i = 0; i < 8; i++) - printf(" %3d", key[i]); - printf("\r\n"); -} -#endif diff --git a/crypto/heimdal/appl/telnet/libtelnet/spx.c b/crypto/heimdal/appl/telnet/libtelnet/spx.c deleted file mode 100644 index 82fafdb0b7d9..000000000000 --- a/crypto/heimdal/appl/telnet/libtelnet/spx.c +++ /dev/null @@ -1,586 +0,0 @@ -/*- - * Copyright (c) 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: spx.c 22071 2007-11-14 20:04:50Z lha $"); - -#ifdef SPX -/* - * COPYRIGHT (C) 1990 DIGITAL EQUIPMENT CORPORATION - * ALL RIGHTS RESERVED - * - * "Digital Equipment Corporation authorizes the reproduction, - * distribution and modification of this software subject to the following - * restrictions: - * - * 1. Any partial or whole copy of this software, or any modification - * thereof, must include this copyright notice in its entirety. - * - * 2. This software is supplied "as is" with no warranty of any kind, - * expressed or implied, for any purpose, including any warranty of fitness - * or merchantibility. DIGITAL assumes no responsibility for the use or - * reliability of this software, nor promises to provide any form of - * support for it on any basis. - * - * 3. Distribution of this software is authorized only if no profit or - * remuneration of any kind is received in exchange for such distribution. - * - * 4. This software produces public key authentication certificates - * bearing an expiration date established by DIGITAL and RSA Data - * Security, Inc. It may cease to generate certificates after the expiration - * date. Any modification of this software that changes or defeats - * the expiration date or its effect is unauthorized. - * - * 5. Software that will renew or extend the expiration date of - * authentication certificates produced by this software may be obtained - * from RSA Data Security, Inc., 10 Twin Dolphin Drive, Redwood City, CA - * 94065, (415)595-8782, or from DIGITAL" - * - */ - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_ARPA_TELNET_H -#include -#endif -#include -#include "gssapi_defs.h" -#include -#include - -#include -#ifdef SOCKS -#include -#endif - -#include "encrypt.h" -#include "auth.h" -#include "misc.h" - -extern auth_debug_mode; - -static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0, - AUTHTYPE_SPX, }; -static unsigned char str_name[1024] = { IAC, SB, TELOPT_AUTHENTICATION, - TELQUAL_NAME, }; - -#define SPX_AUTH 0 /* Authentication data follows */ -#define SPX_REJECT 1 /* Rejected (reason might follow) */ -#define SPX_ACCEPT 2 /* Accepted */ - -static des_key_schedule sched; -static des_cblock challenge = { 0 }; - - -/*******************************************************************/ - -gss_OID_set actual_mechs; -gss_OID actual_mech_type, output_name_type; -int major_status, status, msg_ctx = 0, new_status; -int req_flags = 0, ret_flags, lifetime_rec; -gss_cred_id_t gss_cred_handle; -gss_ctx_id_t actual_ctxhandle, context_handle; -gss_buffer_desc output_token, input_token, input_name_buffer; -gss_buffer_desc status_string; -gss_name_t desired_targname, src_name; -gss_channel_bindings input_chan_bindings; -char lhostname[GSS_C_MAX_PRINTABLE_NAME]; -char targ_printable[GSS_C_MAX_PRINTABLE_NAME]; -int to_addr=0, from_addr=0; -char *address; -gss_buffer_desc fullname_buffer; -gss_OID fullname_type; -gss_cred_id_t gss_delegated_cred_handle; - -/*******************************************************************/ - - - - static int -Data(ap, type, d, c) - Authenticator *ap; - int type; - void *d; - int c; -{ - unsigned char *p = str_data + 4; - unsigned char *cd = (unsigned char *)d; - - if (c == -1) - c = strlen((char *)cd); - - if (0) { - printf("%s:%d: [%d] (%d)", - str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY", - str_data[3], - type, c); - printd(d, c); - printf("\r\n"); - } - *p++ = ap->type; - *p++ = ap->way; - *p++ = type; - while (c-- > 0) { - if ((*p++ = *cd++) == IAC) - *p++ = IAC; - } - *p++ = IAC; - *p++ = SE; - if (str_data[3] == TELQUAL_IS) - printsub('>', &str_data[2], p - (&str_data[2])); - return(telnet_net_write(str_data, p - str_data)); -} - - int -spx_init(ap, server) - Authenticator *ap; - int server; -{ - gss_cred_id_t tmp_cred_handle; - - if (server) { - str_data[3] = TELQUAL_REPLY; - gethostname(lhostname, sizeof(lhostname)); - snprintf (targ_printable, sizeof(targ_printable), - "SERVICE:rcmd@%s", lhostname); - input_name_buffer.length = strlen(targ_printable); - input_name_buffer.value = targ_printable; - major_status = gss_import_name(&status, - &input_name_buffer, - GSS_C_NULL_OID, - &desired_targname); - major_status = gss_acquire_cred(&status, - desired_targname, - 0, - GSS_C_NULL_OID_SET, - GSS_C_ACCEPT, - &tmp_cred_handle, - &actual_mechs, - &lifetime_rec); - if (major_status != GSS_S_COMPLETE) return(0); - } else { - str_data[3] = TELQUAL_IS; - } - return(1); -} - - int -spx_send(ap) - Authenticator *ap; -{ - des_cblock enckey; - int r; - - gss_OID actual_mech_type, output_name_type; - int msg_ctx = 0, new_status, status; - int req_flags = 0, ret_flags, lifetime_rec, major_status; - gss_buffer_desc output_token, input_token, input_name_buffer; - gss_buffer_desc output_name_buffer, status_string; - gss_name_t desired_targname; - gss_channel_bindings input_chan_bindings; - char targ_printable[GSS_C_MAX_PRINTABLE_NAME]; - int from_addr=0, to_addr=0, myhostlen, j; - int deleg_flag=1, mutual_flag=0, replay_flag=0, seq_flag=0; - char *address; - - printf("[ Trying SPX ... ]\r\n"); - snprintf (targ_printable, sizeof(targ_printable), - "SERVICE:rcmd@%s", RemoteHostName); - - input_name_buffer.length = strlen(targ_printable); - input_name_buffer.value = targ_printable; - - if (!UserNameRequested) { - return(0); - } - - major_status = gss_import_name(&status, - &input_name_buffer, - GSS_C_NULL_OID, - &desired_targname); - - - major_status = gss_display_name(&status, - desired_targname, - &output_name_buffer, - &output_name_type); - - printf("target is '%s'\n", output_name_buffer.value); fflush(stdout); - - major_status = gss_release_buffer(&status, &output_name_buffer); - - input_chan_bindings = (gss_channel_bindings) - malloc(sizeof(gss_channel_bindings_desc)); - - input_chan_bindings->initiator_addrtype = GSS_C_AF_INET; - input_chan_bindings->initiator_address.length = 4; - address = (char *) malloc(4); - input_chan_bindings->initiator_address.value = (char *) address; - address[0] = ((from_addr & 0xff000000) >> 24); - address[1] = ((from_addr & 0xff0000) >> 16); - address[2] = ((from_addr & 0xff00) >> 8); - address[3] = (from_addr & 0xff); - input_chan_bindings->acceptor_addrtype = GSS_C_AF_INET; - input_chan_bindings->acceptor_address.length = 4; - address = (char *) malloc(4); - input_chan_bindings->acceptor_address.value = (char *) address; - address[0] = ((to_addr & 0xff000000) >> 24); - address[1] = ((to_addr & 0xff0000) >> 16); - address[2] = ((to_addr & 0xff00) >> 8); - address[3] = (to_addr & 0xff); - input_chan_bindings->application_data.length = 0; - - req_flags = 0; - if (deleg_flag) req_flags = req_flags | 1; - if (mutual_flag) req_flags = req_flags | 2; - if (replay_flag) req_flags = req_flags | 4; - if (seq_flag) req_flags = req_flags | 8; - - major_status = gss_init_sec_context(&status, /* minor status */ - GSS_C_NO_CREDENTIAL, /* cred handle */ - &actual_ctxhandle, /* ctx handle */ - desired_targname, /* target name */ - GSS_C_NULL_OID, /* mech type */ - req_flags, /* req flags */ - 0, /* time req */ - input_chan_bindings, /* chan binding */ - GSS_C_NO_BUFFER, /* input token */ - &actual_mech_type, /* actual mech */ - &output_token, /* output token */ - &ret_flags, /* ret flags */ - &lifetime_rec); /* time rec */ - - if ((major_status != GSS_S_COMPLETE) && - (major_status != GSS_S_CONTINUE_NEEDED)) { - gss_display_status(&new_status, - status, - GSS_C_MECH_CODE, - GSS_C_NULL_OID, - &msg_ctx, - &status_string); - printf("%s\n", status_string.value); - return(0); - } - - if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) { - return(0); - } - - if (!Data(ap, SPX_AUTH, output_token.value, output_token.length)) { - return(0); - } - - return(1); -} - - void -spx_is(ap, data, cnt) - Authenticator *ap; - unsigned char *data; - int cnt; -{ - Session_Key skey; - des_cblock datablock; - int r; - - if (cnt-- < 1) - return; - switch (*data++) { - case SPX_AUTH: - input_token.length = cnt; - input_token.value = (char *) data; - - gethostname(lhostname, sizeof(lhostname)); - - snprintf(targ_printable, sizeof(targ_printable), - "SERVICE:rcmd@%s", lhostname); - - input_name_buffer.length = strlen(targ_printable); - input_name_buffer.value = targ_printable; - - major_status = gss_import_name(&status, - &input_name_buffer, - GSS_C_NULL_OID, - &desired_targname); - - major_status = gss_acquire_cred(&status, - desired_targname, - 0, - GSS_C_NULL_OID_SET, - GSS_C_ACCEPT, - &gss_cred_handle, - &actual_mechs, - &lifetime_rec); - - major_status = gss_release_name(&status, desired_targname); - - input_chan_bindings = (gss_channel_bindings) - malloc(sizeof(gss_channel_bindings_desc)); - - input_chan_bindings->initiator_addrtype = GSS_C_AF_INET; - input_chan_bindings->initiator_address.length = 4; - address = (char *) malloc(4); - input_chan_bindings->initiator_address.value = (char *) address; - address[0] = ((from_addr & 0xff000000) >> 24); - address[1] = ((from_addr & 0xff0000) >> 16); - address[2] = ((from_addr & 0xff00) >> 8); - address[3] = (from_addr & 0xff); - input_chan_bindings->acceptor_addrtype = GSS_C_AF_INET; - input_chan_bindings->acceptor_address.length = 4; - address = (char *) malloc(4); - input_chan_bindings->acceptor_address.value = (char *) address; - address[0] = ((to_addr & 0xff000000) >> 24); - address[1] = ((to_addr & 0xff0000) >> 16); - address[2] = ((to_addr & 0xff00) >> 8); - address[3] = (to_addr & 0xff); - input_chan_bindings->application_data.length = 0; - - major_status = gss_accept_sec_context(&status, - &context_handle, - gss_cred_handle, - &input_token, - input_chan_bindings, - &src_name, - &actual_mech_type, - &output_token, - &ret_flags, - &lifetime_rec, - &gss_delegated_cred_handle); - - - if (major_status != GSS_S_COMPLETE) { - - major_status = gss_display_name(&status, - src_name, - &fullname_buffer, - &fullname_type); - Data(ap, SPX_REJECT, "auth failed", -1); - auth_finished(ap, AUTH_REJECT); - return; - } - - major_status = gss_display_name(&status, - src_name, - &fullname_buffer, - &fullname_type); - - - Data(ap, SPX_ACCEPT, output_token.value, output_token.length); - auth_finished(ap, AUTH_USER); - break; - - default: - Data(ap, SPX_REJECT, 0, 0); - break; - } -} - - - void -spx_reply(ap, data, cnt) - Authenticator *ap; - unsigned char *data; - int cnt; -{ - Session_Key skey; - - if (cnt-- < 1) - return; - switch (*data++) { - case SPX_REJECT: - if (cnt > 0) { - printf("[ SPX refuses authentication because %.*s ]\r\n", - cnt, data); - } else - printf("[ SPX refuses authentication ]\r\n"); - auth_send_retry(); - return; - case SPX_ACCEPT: - printf("[ SPX accepts you ]\r\n"); - if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) { - /* - * Send over the encrypted challenge. - */ - input_token.value = (char *) data; - input_token.length = cnt; - - major_status = gss_init_sec_context(&status, /* minor stat */ - GSS_C_NO_CREDENTIAL, /* cred handle */ - &actual_ctxhandle, /* ctx handle */ - desired_targname, /* target name */ - GSS_C_NULL_OID, /* mech type */ - req_flags, /* req flags */ - 0, /* time req */ - input_chan_bindings, /* chan binding */ - &input_token, /* input token */ - &actual_mech_type, /* actual mech */ - &output_token, /* output token */ - &ret_flags, /* ret flags */ - &lifetime_rec); /* time rec */ - - if (major_status != GSS_S_COMPLETE) { - gss_display_status(&new_status, - status, - GSS_C_MECH_CODE, - GSS_C_NULL_OID, - &msg_ctx, - &status_string); - printf("[ SPX mutual response fails ... '%s' ]\r\n", - status_string.value); - auth_send_retry(); - return; - } - } - auth_finished(ap, AUTH_USER); - return; - - default: - return; - } -} - - int -spx_status(ap, name, name_sz, level) - Authenticator *ap; - char *name; - size_t name_sz; - int level; -{ - - gss_buffer_desc fullname_buffer, acl_file_buffer; - gss_OID fullname_type; - char acl_file[160], fullname[160]; - int major_status, status = 0; - struct passwd *pwd; - - /* - * hard code fullname to - * "SPX:/C=US/O=Digital/OU=LKG/OU=Sphinx/OU=Users/CN=Kannan Alagappan" - * and acl_file to "~kannan/.sphinx" - */ - - pwd = k_getpwnam(UserNameRequested); - if (pwd == NULL) { - return(AUTH_USER); /* not authenticated */ - } - - snprintf (acl_file, sizeof(acl_file), - "%s/.sphinx", pwd->pw_dir); - - acl_file_buffer.value = acl_file; - acl_file_buffer.length = strlen(acl_file); - - major_status = gss_display_name(&status, - src_name, - &fullname_buffer, - &fullname_type); - - if (level < AUTH_USER) - return(level); - - major_status = gss__check_acl(&status, &fullname_buffer, - &acl_file_buffer); - - if (major_status == GSS_S_COMPLETE) { - strlcpy(name, UserNameRequested, name_sz); - return(AUTH_VALID); - } else { - return(AUTH_USER); - } - -} - -#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);} -#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);} - - void -spx_printsub(data, cnt, buf, buflen) - unsigned char *data, *buf; - int cnt, buflen; -{ - int i; - - buf[buflen-1] = '\0'; /* make sure it's NULL terminated */ - buflen -= 1; - - switch(data[3]) { - case SPX_REJECT: /* Rejected (reason might follow) */ - strlcpy((char *)buf, " REJECT ", buflen); - goto common; - - case SPX_ACCEPT: /* Accepted (name might follow) */ - strlcpy((char *)buf, " ACCEPT ", buflen); - common: - BUMP(buf, buflen); - if (cnt <= 4) - break; - ADDC(buf, buflen, '"'); - for (i = 4; i < cnt; i++) - ADDC(buf, buflen, data[i]); - ADDC(buf, buflen, '"'); - ADDC(buf, buflen, '\0'); - break; - - case SPX_AUTH: /* Authentication data follows */ - strlcpy((char *)buf, " AUTH", buflen); - goto common2; - - default: - snprintf(buf, buflen, " %d (unknown)", data[3]); - common2: - BUMP(buf, buflen); - for (i = 4; i < cnt; i++) { - snprintf(buf, buflen, " %d", data[i]); - BUMP(buf, buflen); - } - break; - } -} - -#endif - -#ifdef notdef - -prkey(msg, key) - char *msg; - unsigned char *key; -{ - int i; - printf("%s:", msg); - for (i = 0; i < 8; i++) - printf(" %3d", key[i]); - printf("\r\n"); -} -#endif diff --git a/crypto/heimdal/appl/telnet/telnet.state b/crypto/heimdal/appl/telnet/telnet.state deleted file mode 100644 index 1927a2b4bb5b..000000000000 --- a/crypto/heimdal/appl/telnet/telnet.state +++ /dev/null @@ -1,80 +0,0 @@ - - Three pieces of state need to be kept for each side of each option. - (You need the localside, sending WILL/WONT & receiving DO/DONT, and - the remoteside, sending DO/DONT and receiving WILL/WONT) - - MY_STATE: What state am I in? - WANT_STATE: What state do I want? - WANT_RESP: How many requests have I initiated? - - Default values: - MY_STATE = WANT_STATE = DONT - WANT_RESP = 0 - - The local setup will change based on the state of the Telnet - variables. When we are the originator, we can either make the - local setup changes at option request time (in which case if - the option is denied we need to change things back) or when - the option is acknowledged. - - To initiate a switch to NEW_STATE: - - if ((WANT_RESP == 0 && NEW_STATE == MY_STATE) || - WANT_STATE == NEW_STATE) { - do nothing; - } else { - /* - * This is where the logic goes to change the local setup - * if we are doing so at request initiation - */ - WANT_STATE = NEW_STATE; - send NEW_STATE; - WANT_RESP += 1; - } - - When receiving NEW_STATE: - - if (WANT_RESP) { - --WANT_RESP; - if (WANT_RESP && (NEW_STATE == MY_STATE)) - --WANT_RESP; - } - if (WANT_RESP == 0) { - if (NEW_STATE != WANT_STATE) { - /* - * This is where the logic goes to decide if it is ok - * to switch to NEW_STATE, and if so, do any necessary - * local setup changes. - */ - if (ok_to_switch_to NEW_STATE) - WANT_STATE = NEW_STATE; - else - WANT_RESP++; -* if (MY_STATE != WANT_STATE) - reply with WANT_STATE; - } else { - /* - * This is where the logic goes to change the local setup - * if we are doing so at request acknowledgment - */ - } - } - MY_STATE = NEW_STATE; - -* This if() line is not needed, it should be ok to always do the - "reply with WANT_STATE". With the if() line, asking to turn on - an option that the other side doesn't understand is: - Send DO option - Recv WONT option - Without the if() line, it is: - Send DO option - Recv WONT option - Send DONT option - If the other side does not expect to receive the latter case, - but generates the latter case, then there is a potential for - option negotiation loops. An implementation that does not expect - to get the second case should not generate it, an implementation - that does expect to get it may or may not generate it, and things - will still work. Being conservative in what we send, we have the - if() statement in, but we expect the other side to generate the - last response. diff --git a/crypto/heimdal/appl/telnet/telnet/Makefile.am b/crypto/heimdal/appl/telnet/telnet/Makefile.am deleted file mode 100644 index a472ba919dd1..000000000000 --- a/crypto/heimdal/appl/telnet/telnet/Makefile.am +++ /dev/null @@ -1,25 +0,0 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += -I$(srcdir)/.. $(INCLUDE_krb4) $(INCLUDE_hcrypto) - -bin_PROGRAMS = telnet - -CHECK_LOCAL = - -telnet_SOURCES = authenc.c commands.c main.c network.c ring.c \ - sys_bsd.c telnet.c terminal.c \ - utilities.c defines.h externs.h ring.h telnet_locl.h types.h - -man_MANS = telnet.1 - -LDADD = ../libtelnet/libtelnet.a \ - $(LIB_krb5) \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(LIB_tgetent) \ - $(LIB_kdfs) \ - $(LIB_roken) - -EXTRA_DIST = $(man_MANS) diff --git a/crypto/heimdal/appl/telnet/telnet/Makefile.in b/crypto/heimdal/appl/telnet/telnet/Makefile.in deleted file mode 100644 index df9afb1f52da..000000000000 --- a/crypto/heimdal/appl/telnet/telnet/Makefile.in +++ /dev/null @@ -1,845 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -bin_PROGRAMS = telnet$(EXEEXT) -subdir = appl/telnet/telnet -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(bin_PROGRAMS) -am_telnet_OBJECTS = authenc.$(OBJEXT) commands.$(OBJEXT) \ - main.$(OBJEXT) network.$(OBJEXT) ring.$(OBJEXT) \ - sys_bsd.$(OBJEXT) telnet.$(OBJEXT) terminal.$(OBJEXT) \ - utilities.$(OBJEXT) -telnet_OBJECTS = $(am_telnet_OBJECTS) -telnet_LDADD = $(LDADD) -am__DEPENDENCIES_1 = -telnet_DEPENDENCIES = ../libtelnet/libtelnet.a $(LIB_krb5) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(LIB_kdfs) $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(telnet_SOURCES) -DIST_SOURCES = $(telnet_SOURCES) -man1dir = $(mandir)/man1 -MANS = $(man_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - -I$(srcdir)/.. $(INCLUDE_krb4) $(INCLUDE_hcrypto) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -CHECK_LOCAL = -telnet_SOURCES = authenc.c commands.c main.c network.c ring.c \ - sys_bsd.c telnet.c terminal.c \ - utilities.c defines.h externs.h ring.h telnet_locl.h types.h - -man_MANS = telnet.1 -LDADD = ../libtelnet/libtelnet.a \ - $(LIB_krb5) \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(LIB_tgetent) \ - $(LIB_kdfs) \ - $(LIB_roken) - -EXTRA_DIST = $(man_MANS) -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/telnet/telnet/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/telnet/telnet/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-binPROGRAMS: $(bin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-binPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done - -clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -telnet$(EXEEXT): $(telnet_OBJECTS) $(telnet_DEPENDENCIES) - @rm -f telnet$(EXEEXT) - $(LINK) $(telnet_OBJECTS) $(telnet_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(PROGRAMS) $(MANS) all-local -installdirs: - for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-binPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man1 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-binPROGRAMS uninstall-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man1 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-binPROGRAMS clean-generic clean-libtool ctags \ - dist-hook distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-binPROGRAMS \ - install-data install-data-am install-data-hook install-dvi \ - install-dvi-am install-exec install-exec-am install-exec-hook \ - install-html install-html-am install-info install-info-am \ - install-man install-man1 install-pdf install-pdf-am install-ps \ - install-ps-am install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \ - uninstall-am uninstall-binPROGRAMS uninstall-hook \ - uninstall-man uninstall-man1 - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/appl/telnet/telnet/authenc.c b/crypto/heimdal/appl/telnet/telnet/authenc.c deleted file mode 100644 index 35a3bf74abca..000000000000 --- a/crypto/heimdal/appl/telnet/telnet/authenc.c +++ /dev/null @@ -1,99 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnet_locl.h" - -RCSID("$Id: authenc.c 12921 2003-09-25 15:45:51Z lha $"); - -#if defined(AUTHENTICATION) || defined(ENCRYPTION) -int -telnet_net_write(unsigned char *str, int len) -{ - if (NETROOM() > len) { - ring_supply_data(&netoring, str, len); - if (str[0] == IAC && str[1] == SE) - printsub('>', &str[2], len-2); - return(len); - } - return(0); -} - -void -net_encrypt(void) -{ -#if defined(ENCRYPTION) - if (encrypt_output) - ring_encrypt(&netoring, encrypt_output); - else - ring_clearto(&netoring); -#endif -} - -int -telnet_spin(void) -{ - int ret = 0; - - scheduler_lockout_tty = 1; - if (Scheduler(0) == -1) - ret = 1; - scheduler_lockout_tty = 0; - - return ret; - -} - -char * -telnet_getenv(const char *val) -{ - return((char *)env_getvalue((unsigned char *)val)); -} - -char * -telnet_gets(char *prompt, char *result, int length, int echo) -{ - int om = globalmode; - char *res; - - TerminalNewMode(-1); - if (echo) { - printf("%s", prompt); - res = fgets(result, length, stdin); - } else if ((res = getpass(prompt))) { - strlcpy(result, res, length); - res = result; - } - TerminalNewMode(om); - return(res); -} -#endif diff --git a/crypto/heimdal/appl/telnet/telnet/commands.c b/crypto/heimdal/appl/telnet/telnet/commands.c deleted file mode 100644 index 98031e87abfd..000000000000 --- a/crypto/heimdal/appl/telnet/telnet/commands.c +++ /dev/null @@ -1,2696 +0,0 @@ -/* - * Copyright (c) 1988, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnet_locl.h" - -RCSID("$Id: commands.c 16224 2005-10-22 17:17:44Z lha $"); - -#if defined(IPPROTO_IP) && defined(IP_TOS) -int tos = -1; -#endif /* defined(IPPROTO_IP) && defined(IP_TOS) */ - -char *hostname; -static char _hostname[MaxHostNameLen]; - -typedef int (*intrtn_t)(int, char**); -static int call(intrtn_t, ...); - -typedef struct { - char *name; /* command name */ - char *help; /* help string (NULL for no help) */ - int (*handler)(); /* routine which executes command */ - int needconnect; /* Do we need to be connected to execute? */ -} Command; - -static char line[256]; -static char saveline[256]; -static int margc; -static char *margv[20]; - -static void -makeargv() -{ - char *cp, *cp2, c; - char **argp = margv; - - margc = 0; - cp = line; - if (*cp == '!') { /* Special case shell escape */ - /* save for shell command */ - strlcpy(saveline, line, sizeof(saveline)); - *argp++ = "!"; /* No room in string to get this */ - margc++; - cp++; - } - while ((c = *cp)) { - int inquote = 0; - while (isspace((unsigned char)c)) - c = *++cp; - if (c == '\0') - break; - *argp++ = cp; - margc += 1; - for (cp2 = cp; c != '\0'; c = *++cp) { - if (inquote) { - if (c == inquote) { - inquote = 0; - continue; - } - } else { - if (c == '\\') { - if ((c = *++cp) == '\0') - break; - } else if (c == '"') { - inquote = '"'; - continue; - } else if (c == '\'') { - inquote = '\''; - continue; - } else if (isspace((unsigned char)c)) - break; - } - *cp2++ = c; - } - *cp2 = '\0'; - if (c == '\0') - break; - cp++; - } - *argp++ = 0; -} - -/* - * Make a character string into a number. - * - * Todo: 1. Could take random integers (12, 0x12, 012, 0b1). - */ - -static char -special(char *s) -{ - char c; - char b; - - switch (*s) { - case '^': - b = *++s; - if (b == '?') { - c = b | 0x40; /* DEL */ - } else { - c = b & 0x1f; - } - break; - default: - c = *s; - break; - } - return c; -} - -/* - * Construct a control character sequence - * for a special character. - */ -static char * -control(cc_t c) -{ - static char buf[5]; - /* - * The only way I could get the Sun 3.5 compiler - * to shut up about - * if ((unsigned int)c >= 0x80) - * was to assign "c" to an unsigned int variable... - * Arggg.... - */ - unsigned int uic = (unsigned int)c; - - if (uic == 0x7f) - return ("^?"); - if (c == (cc_t)_POSIX_VDISABLE) { - return "off"; - } - if (uic >= 0x80) { - buf[0] = '\\'; - buf[1] = ((c>>6)&07) + '0'; - buf[2] = ((c>>3)&07) + '0'; - buf[3] = (c&07) + '0'; - buf[4] = 0; - } else if (uic >= 0x20) { - buf[0] = c; - buf[1] = 0; - } else { - buf[0] = '^'; - buf[1] = '@'+c; - buf[2] = 0; - } - return (buf); -} - - - -/* - * The following are data structures and routines for - * the "send" command. - * - */ - -struct sendlist { - char *name; /* How user refers to it (case independent) */ - char *help; /* Help information (0 ==> no help) */ - int needconnect; /* Need to be connected */ - int narg; /* Number of arguments */ - int (*handler)(); /* Routine to perform (for special ops) */ - int nbyte; /* Number of bytes to send this command */ - int what; /* Character to be sent (<0 ==> special) */ -}; - - -static int - send_esc (void), - send_help (void), - send_docmd (char *), - send_dontcmd (char *), - send_willcmd (char *), - send_wontcmd (char *); - -static struct sendlist Sendlist[] = { - { "ao", "Send Telnet Abort output", 1, 0, 0, 2, AO }, - { "ayt", "Send Telnet 'Are You There'", 1, 0, 0, 2, AYT }, - { "brk", "Send Telnet Break", 1, 0, 0, 2, BREAK }, - { "break", 0, 1, 0, 0, 2, BREAK }, - { "ec", "Send Telnet Erase Character", 1, 0, 0, 2, EC }, - { "el", "Send Telnet Erase Line", 1, 0, 0, 2, EL }, - { "escape", "Send current escape character", 1, 0, send_esc, 1, 0 }, - { "ga", "Send Telnet 'Go Ahead' sequence", 1, 0, 0, 2, GA }, - { "ip", "Send Telnet Interrupt Process", 1, 0, 0, 2, IP }, - { "intp", 0, 1, 0, 0, 2, IP }, - { "interrupt", 0, 1, 0, 0, 2, IP }, - { "intr", 0, 1, 0, 0, 2, IP }, - { "nop", "Send Telnet 'No operation'", 1, 0, 0, 2, NOP }, - { "eor", "Send Telnet 'End of Record'", 1, 0, 0, 2, EOR }, - { "abort", "Send Telnet 'Abort Process'", 1, 0, 0, 2, ABORT }, - { "susp", "Send Telnet 'Suspend Process'", 1, 0, 0, 2, SUSP }, - { "eof", "Send Telnet End of File Character", 1, 0, 0, 2, xEOF }, - { "synch", "Perform Telnet 'Synch operation'", 1, 0, dosynch, 2, 0 }, - { "getstatus", "Send request for STATUS", 1, 0, get_status, 6, 0 }, - { "?", "Display send options", 0, 0, send_help, 0, 0 }, - { "help", 0, 0, 0, send_help, 0, 0 }, - { "do", 0, 0, 1, send_docmd, 3, 0 }, - { "dont", 0, 0, 1, send_dontcmd, 3, 0 }, - { "will", 0, 0, 1, send_willcmd, 3, 0 }, - { "wont", 0, 0, 1, send_wontcmd, 3, 0 }, - { 0 } -}; - -#define GETSEND(name) ((struct sendlist *) genget(name, (char **) Sendlist, \ - sizeof(struct sendlist))) - -static int -sendcmd(int argc, char **argv) -{ - int count; /* how many bytes we are going to need to send */ - int i; - struct sendlist *s; /* pointer to current command */ - int success = 0; - int needconnect = 0; - - if (argc < 2) { - printf("need at least one argument for 'send' command\r\n"); - printf("'send ?' for help\r\n"); - return 0; - } - /* - * First, validate all the send arguments. - * In addition, we see how much space we are going to need, and - * whether or not we will be doing a "SYNCH" operation (which - * flushes the network queue). - */ - count = 0; - for (i = 1; i < argc; i++) { - s = GETSEND(argv[i]); - if (s == 0) { - printf("Unknown send argument '%s'\r\n'send ?' for help.\r\n", - argv[i]); - return 0; - } else if (Ambiguous(s)) { - printf("Ambiguous send argument '%s'\r\n'send ?' for help.\r\n", - argv[i]); - return 0; - } - if (i + s->narg >= argc) { - fprintf(stderr, - "Need %d argument%s to 'send %s' command. 'send %s ?' for help.\r\n", - s->narg, s->narg == 1 ? "" : "s", s->name, s->name); - return 0; - } - count += s->nbyte; - if (s->handler == send_help) { - send_help(); - return 0; - } - - i += s->narg; - needconnect += s->needconnect; - } - if (!connected && needconnect) { - printf("?Need to be connected first.\r\n"); - printf("'send ?' for help\r\n"); - return 0; - } - /* Now, do we have enough room? */ - if (NETROOM() < count) { - printf("There is not enough room in the buffer TO the network\r\n"); - printf("to process your request. Nothing will be done.\r\n"); - printf("('send synch' will throw away most data in the network\r\n"); - printf("buffer, if this might help.)\r\n"); - return 0; - } - /* OK, they are all OK, now go through again and actually send */ - count = 0; - for (i = 1; i < argc; i++) { - if ((s = GETSEND(argv[i])) == 0) { - fprintf(stderr, "Telnet 'send' error - argument disappeared!\r\n"); - quit(); - /*NOTREACHED*/ - } - if (s->handler) { - count++; - success += (*s->handler)((s->narg > 0) ? argv[i+1] : 0, - (s->narg > 1) ? argv[i+2] : 0); - i += s->narg; - } else { - NET2ADD(IAC, s->what); - printoption("SENT", IAC, s->what); - } - } - return (count == success); -} - -static int -send_tncmd(void (*func)(), char *cmd, char *name); - -static int -send_esc() -{ - NETADD(escape); - return 1; -} - -static int -send_docmd(char *name) -{ - return(send_tncmd(send_do, "do", name)); -} - -static int -send_dontcmd(char *name) -{ - return(send_tncmd(send_dont, "dont", name)); -} - -static int -send_willcmd(char *name) -{ - return(send_tncmd(send_will, "will", name)); -} - -static int -send_wontcmd(char *name) -{ - return(send_tncmd(send_wont, "wont", name)); -} - -extern char *telopts[]; /* XXX */ - -static int -send_tncmd(void (*func)(), char *cmd, char *name) -{ - char **cpp; - int val = 0; - - if (isprefix(name, "help") || isprefix(name, "?")) { - int col, len; - - printf("Usage: send %s \r\n", cmd); - printf("\"value\" must be from 0 to 255\r\n"); - printf("Valid options are:\r\n\t"); - - col = 8; - for (cpp = telopts; *cpp; cpp++) { - len = strlen(*cpp) + 3; - if (col + len > 65) { - printf("\r\n\t"); - col = 8; - } - printf(" \"%s\"", *cpp); - col += len; - } - printf("\r\n"); - return 0; - } - cpp = genget(name, telopts, sizeof(char *)); - if (Ambiguous(cpp)) { - fprintf(stderr,"'%s': ambiguous argument ('send %s ?' for help).\r\n", - name, cmd); - return 0; - } - if (cpp) { - val = cpp - telopts; - } else { - char *cp = name; - - while (*cp >= '0' && *cp <= '9') { - val *= 10; - val += *cp - '0'; - cp++; - } - if (*cp != 0) { - fprintf(stderr, "'%s': unknown argument ('send %s ?' for help).\r\n", - name, cmd); - return 0; - } else if (val < 0 || val > 255) { - fprintf(stderr, "'%s': bad value ('send %s ?' for help).\r\n", - name, cmd); - return 0; - } - } - if (!connected) { - printf("?Need to be connected first.\r\n"); - return 0; - } - (*func)(val, 1); - return 1; -} - -static int -send_help() -{ - struct sendlist *s; /* pointer to current command */ - for (s = Sendlist; s->name; s++) { - if (s->help) - printf("%-15s %s\r\n", s->name, s->help); - } - return(0); -} - -/* - * The following are the routines and data structures referred - * to by the arguments to the "toggle" command. - */ - -static int -lclchars() -{ - donelclchars = 1; - return 1; -} - -static int -togdebug() -{ -#ifndef NOT43 - if (net > 0 && - (SetSockOpt(net, SOL_SOCKET, SO_DEBUG, debug)) < 0) { - perror("setsockopt (SO_DEBUG)"); - } -#else /* NOT43 */ - if (debug) { - if (net > 0 && SetSockOpt(net, SOL_SOCKET, SO_DEBUG, 0, 0) < 0) - perror("setsockopt (SO_DEBUG)"); - } else - printf("Cannot turn off socket debugging\r\n"); -#endif /* NOT43 */ - return 1; -} - -#if defined(KRB4) && defined(HAVE_KRB_DISABLE_DEBUG) -#include - -static int -togkrbdebug(void) -{ - if(krb_debug) - krb_enable_debug(); - else - krb_disable_debug(); - return 1; -} -#endif - -static int -togcrlf() -{ - if (crlf) { - printf("Will send carriage returns as telnet .\r\n"); - } else { - printf("Will send carriage returns as telnet .\r\n"); - } - return 1; -} - -int binmode; - -static int -togbinary(int val) -{ - donebinarytoggle = 1; - - if (val >= 0) { - binmode = val; - } else { - if (my_want_state_is_will(TELOPT_BINARY) && - my_want_state_is_do(TELOPT_BINARY)) { - binmode = 1; - } else if (my_want_state_is_wont(TELOPT_BINARY) && - my_want_state_is_dont(TELOPT_BINARY)) { - binmode = 0; - } - val = binmode ? 0 : 1; - } - - if (val == 1) { - if (my_want_state_is_will(TELOPT_BINARY) && - my_want_state_is_do(TELOPT_BINARY)) { - printf("Already operating in binary mode with remote host.\r\n"); - } else { - printf("Negotiating binary mode with remote host.\r\n"); - tel_enter_binary(3); - } - } else { - if (my_want_state_is_wont(TELOPT_BINARY) && - my_want_state_is_dont(TELOPT_BINARY)) { - printf("Already in network ascii mode with remote host.\r\n"); - } else { - printf("Negotiating network ascii mode with remote host.\r\n"); - tel_leave_binary(3); - } - } - return 1; -} - -static int -togrbinary(int val) -{ - donebinarytoggle = 1; - - if (val == -1) - val = my_want_state_is_do(TELOPT_BINARY) ? 0 : 1; - - if (val == 1) { - if (my_want_state_is_do(TELOPT_BINARY)) { - printf("Already receiving in binary mode.\r\n"); - } else { - printf("Negotiating binary mode on input.\r\n"); - tel_enter_binary(1); - } - } else { - if (my_want_state_is_dont(TELOPT_BINARY)) { - printf("Already receiving in network ascii mode.\r\n"); - } else { - printf("Negotiating network ascii mode on input.\r\n"); - tel_leave_binary(1); - } - } - return 1; -} - -static int -togxbinary(int val) -{ - donebinarytoggle = 1; - - if (val == -1) - val = my_want_state_is_will(TELOPT_BINARY) ? 0 : 1; - - if (val == 1) { - if (my_want_state_is_will(TELOPT_BINARY)) { - printf("Already transmitting in binary mode.\r\n"); - } else { - printf("Negotiating binary mode on output.\r\n"); - tel_enter_binary(2); - } - } else { - if (my_want_state_is_wont(TELOPT_BINARY)) { - printf("Already transmitting in network ascii mode.\r\n"); - } else { - printf("Negotiating network ascii mode on output.\r\n"); - tel_leave_binary(2); - } - } - return 1; -} - - -static int togglehelp (void); -#if defined(AUTHENTICATION) -extern int auth_togdebug (int); -#endif -#if defined(ENCRYPTION) -extern int EncryptAutoEnc (int); -extern int EncryptAutoDec (int); -extern int EncryptDebug (int); -extern int EncryptVerbose (int); -#endif - -struct togglelist { - char *name; /* name of toggle */ - char *help; /* help message */ - int (*handler)(); /* routine to do actual setting */ - int *variable; - char *actionexplanation; -}; - -static struct togglelist Togglelist[] = { - { "autoflush", - "flushing of output when sending interrupt characters", - 0, - &autoflush, - "flush output when sending interrupt characters" }, - { "autosynch", - "automatic sending of interrupt characters in urgent mode", - 0, - &autosynch, - "send interrupt characters in urgent mode" }, -#if defined(AUTHENTICATION) - { "autologin", - "automatic sending of login and/or authentication info", - 0, - &autologin, - "send login name and/or authentication information" }, - { "authdebug", - "authentication debugging", - auth_togdebug, - 0, - "print authentication debugging information" }, -#endif -#if defined(ENCRYPTION) - { "autoencrypt", - "automatic encryption of data stream", - EncryptAutoEnc, - 0, - "automatically encrypt output" }, - { "autodecrypt", - "automatic decryption of data stream", - EncryptAutoDec, - 0, - "automatically decrypt input" }, - { "verbose_encrypt", - "verbose encryption output", - EncryptVerbose, - 0, - "print verbose encryption output" }, - { "encdebug", - "encryption debugging", - EncryptDebug, - 0, - "print encryption debugging information" }, -#endif -#if defined(KRB5) - { "forward", - "credentials forwarding", - kerberos5_set_forward, - 0, - "forward credentials" }, - { "forwardable", - "forwardable flag of forwarded credentials", - kerberos5_set_forwardable, - 0, - "forward forwardable credentials" }, -#endif - { "skiprc", - "don't read ~/.telnetrc file", - 0, - &skiprc, - "skip reading of ~/.telnetrc file" }, - { "binary", - "sending and receiving of binary data", - togbinary, - 0, - 0 }, - { "inbinary", - "receiving of binary data", - togrbinary, - 0, - 0 }, - { "outbinary", - "sending of binary data", - togxbinary, - 0, - 0 }, - { "crlf", - "sending carriage returns as telnet ", - togcrlf, - &crlf, - 0 }, - { "crmod", - "mapping of received carriage returns", - 0, - &crmod, - "map carriage return on output" }, - { "localchars", - "local recognition of certain control characters", - lclchars, - &localchars, - "recognize certain control characters" }, - { " ", "", 0 }, /* empty line */ - { "debug", - "debugging", - togdebug, - &debug, - "turn on socket level debugging" }, -#if defined(KRB4) && defined(HAVE_KRB_DISABLE_DEBUG) - { "krb_debug", - "kerberos 4 debugging", - togkrbdebug, - &krb_debug, - "turn on kerberos 4 debugging" }, -#endif - { "netdata", - "printing of hexadecimal network data (debugging)", - 0, - &netdata, - "print hexadecimal representation of network traffic" }, - { "prettydump", - "output of \"netdata\" to user readable format (debugging)", - 0, - &prettydump, - "print user readable output for \"netdata\"" }, - { "options", - "viewing of options processing (debugging)", - 0, - &showoptions, - "show option processing" }, - { "termdata", - "printing of hexadecimal terminal data (debugging)", - 0, - &termdata, - "print hexadecimal representation of terminal traffic" }, - { "?", - 0, - togglehelp }, - { "help", - 0, - togglehelp }, - { 0 } -}; - -static int -togglehelp() -{ - struct togglelist *c; - - for (c = Togglelist; c->name; c++) { - if (c->help) { - if (*c->help) - printf("%-15s toggle %s\r\n", c->name, c->help); - else - printf("\r\n"); - } - } - printf("\r\n"); - printf("%-15s %s\r\n", "?", "display help information"); - return 0; -} - -static void -settogglehelp(int set) -{ - struct togglelist *c; - - for (c = Togglelist; c->name; c++) { - if (c->help) { - if (*c->help) - printf("%-15s %s %s\r\n", c->name, set ? "enable" : "disable", - c->help); - else - printf("\r\n"); - } - } -} - -#define GETTOGGLE(name) (struct togglelist *) \ - genget(name, (char **) Togglelist, sizeof(struct togglelist)) - -static int -toggle(int argc, char *argv[]) -{ - int retval = 1; - char *name; - struct togglelist *c; - - if (argc < 2) { - fprintf(stderr, - "Need an argument to 'toggle' command. 'toggle ?' for help.\r\n"); - return 0; - } - argc--; - argv++; - while (argc--) { - name = *argv++; - c = GETTOGGLE(name); - if (Ambiguous(c)) { - fprintf(stderr, "'%s': ambiguous argument ('toggle ?' for help).\r\n", - name); - return 0; - } else if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('toggle ?' for help).\r\n", - name); - return 0; - } else { - if (c->variable) { - *c->variable = !*c->variable; /* invert it */ - if (c->actionexplanation) { - printf("%s %s.\r\n", *c->variable? "Will" : "Won't", - c->actionexplanation); - } - } - if (c->handler) { - retval &= (*c->handler)(-1); - } - } - } - return retval; -} - -/* - * The following perform the "set" command. - */ - -struct termios new_tc = { 0 }; - -struct setlist { - char *name; /* name */ - char *help; /* help information */ - void (*handler)(); - cc_t *charp; /* where it is located at */ -}; - -static struct setlist Setlist[] = { -#ifdef KLUDGELINEMODE - { "echo", "character to toggle local echoing on/off", 0, &echoc }, -#endif - { "escape", "character to escape back to telnet command mode", 0, &escape }, - { "rlogin", "rlogin escape character", 0, &rlogin }, - { "tracefile", "file to write trace information to", SetNetTrace, (cc_t *)NetTraceFile}, - { " ", "" }, - { " ", "The following need 'localchars' to be toggled true", 0, 0 }, - { "flushoutput", "character to cause an Abort Output", 0, &termFlushChar }, - { "interrupt", "character to cause an Interrupt Process", 0, &termIntChar }, - { "quit", "character to cause an Abort process", 0, &termQuitChar }, - { "eof", "character to cause an EOF ", 0, &termEofChar }, - { " ", "" }, - { " ", "The following are for local editing in linemode", 0, 0 }, - { "erase", "character to use to erase a character", 0, &termEraseChar }, - { "kill", "character to use to erase a line", 0, &termKillChar }, - { "lnext", "character to use for literal next", 0, &termLiteralNextChar }, - { "susp", "character to cause a Suspend Process", 0, &termSuspChar }, - { "reprint", "character to use for line reprint", 0, &termRprntChar }, - { "worderase", "character to use to erase a word", 0, &termWerasChar }, - { "start", "character to use for XON", 0, &termStartChar }, - { "stop", "character to use for XOFF", 0, &termStopChar }, - { "forw1", "alternate end of line character", 0, &termForw1Char }, - { "forw2", "alternate end of line character", 0, &termForw2Char }, - { "ayt", "alternate AYT character", 0, &termAytChar }, - { 0 } -}; - -static struct setlist * -getset(char *name) -{ - return (struct setlist *) - genget(name, (char **) Setlist, sizeof(struct setlist)); -} - -void -set_escape_char(char *s) -{ - if (rlogin != _POSIX_VDISABLE) { - rlogin = (s && *s) ? special(s) : _POSIX_VDISABLE; - printf("Telnet rlogin escape character is '%s'.\r\n", - control(rlogin)); - } else { - escape = (s && *s) ? special(s) : _POSIX_VDISABLE; - printf("Telnet escape character is '%s'.\r\n", control(escape)); - } -} - -static int -setcmd(int argc, char *argv[]) -{ - int value; - struct setlist *ct; - struct togglelist *c; - - if (argc < 2 || argc > 3) { - printf("Format is 'set Name Value'\r\n'set ?' for help.\r\n"); - return 0; - } - if ((argc == 2) && (isprefix(argv[1], "?") || isprefix(argv[1], "help"))) { - for (ct = Setlist; ct->name; ct++) - printf("%-15s %s\r\n", ct->name, ct->help); - printf("\r\n"); - settogglehelp(1); - printf("%-15s %s\r\n", "?", "display help information"); - return 0; - } - - ct = getset(argv[1]); - if (ct == 0) { - c = GETTOGGLE(argv[1]); - if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('set ?' for help).\r\n", - argv[1]); - return 0; - } else if (Ambiguous(c)) { - fprintf(stderr, "'%s': ambiguous argument ('set ?' for help).\r\n", - argv[1]); - return 0; - } - if (c->variable) { - if ((argc == 2) || (strcmp("on", argv[2]) == 0)) - *c->variable = 1; - else if (strcmp("off", argv[2]) == 0) - *c->variable = 0; - else { - printf("Format is 'set togglename [on|off]'\r\n'set ?' for help.\r\n"); - return 0; - } - if (c->actionexplanation) { - printf("%s %s.\r\n", *c->variable? "Will" : "Won't", - c->actionexplanation); - } - } - if (c->handler) - (*c->handler)(1); - } else if (argc != 3) { - printf("Format is 'set Name Value'\r\n'set ?' for help.\r\n"); - return 0; - } else if (Ambiguous(ct)) { - fprintf(stderr, "'%s': ambiguous argument ('set ?' for help).\r\n", - argv[1]); - return 0; - } else if (ct->handler) { - (*ct->handler)(argv[2]); - printf("%s set to \"%s\".\r\n", ct->name, (char *)ct->charp); - } else { - if (strcmp("off", argv[2])) { - value = special(argv[2]); - } else { - value = _POSIX_VDISABLE; - } - *(ct->charp) = (cc_t)value; - printf("%s character is '%s'.\r\n", ct->name, control(*(ct->charp))); - } - slc_check(); - return 1; -} - -static int -unsetcmd(int argc, char *argv[]) -{ - struct setlist *ct; - struct togglelist *c; - char *name; - - if (argc < 2) { - fprintf(stderr, - "Need an argument to 'unset' command. 'unset ?' for help.\r\n"); - return 0; - } - if (isprefix(argv[1], "?") || isprefix(argv[1], "help")) { - for (ct = Setlist; ct->name; ct++) - printf("%-15s %s\r\n", ct->name, ct->help); - printf("\r\n"); - settogglehelp(0); - printf("%-15s %s\r\n", "?", "display help information"); - return 0; - } - - argc--; - argv++; - while (argc--) { - name = *argv++; - ct = getset(name); - if (ct == 0) { - c = GETTOGGLE(name); - if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('unset ?' for help).\r\n", - name); - return 0; - } else if (Ambiguous(c)) { - fprintf(stderr, "'%s': ambiguous argument ('unset ?' for help).\r\n", - name); - return 0; - } - if (c->variable) { - *c->variable = 0; - if (c->actionexplanation) { - printf("%s %s.\r\n", *c->variable? "Will" : "Won't", - c->actionexplanation); - } - } - if (c->handler) - (*c->handler)(0); - } else if (Ambiguous(ct)) { - fprintf(stderr, "'%s': ambiguous argument ('unset ?' for help).\r\n", - name); - return 0; - } else if (ct->handler) { - (*ct->handler)(0); - printf("%s reset to \"%s\".\r\n", ct->name, (char *)ct->charp); - } else { - *(ct->charp) = _POSIX_VDISABLE; - printf("%s character is '%s'.\r\n", ct->name, control(*(ct->charp))); - } - } - return 1; -} - -/* - * The following are the data structures and routines for the - * 'mode' command. - */ -#ifdef KLUDGELINEMODE - -static int -dokludgemode(void) -{ - kludgelinemode = 1; - send_wont(TELOPT_LINEMODE, 1); - send_dont(TELOPT_SGA, 1); - send_dont(TELOPT_ECHO, 1); - return 1; -} -#endif - -static int -dolinemode() -{ -#ifdef KLUDGELINEMODE - if (kludgelinemode) - send_dont(TELOPT_SGA, 1); -#endif - send_will(TELOPT_LINEMODE, 1); - send_dont(TELOPT_ECHO, 1); - return 1; -} - -static int -docharmode() -{ -#ifdef KLUDGELINEMODE - if (kludgelinemode) - send_do(TELOPT_SGA, 1); - else -#endif - send_wont(TELOPT_LINEMODE, 1); - send_do(TELOPT_ECHO, 1); - return 1; -} - -static int -dolmmode(int bit, int on) -{ - unsigned char c; - - if (my_want_state_is_wont(TELOPT_LINEMODE)) { - printf("?Need to have LINEMODE option enabled first.\r\n"); - printf("'mode ?' for help.\r\n"); - return 0; - } - - if (on) - c = (linemode | bit); - else - c = (linemode & ~bit); - lm_mode(&c, 1, 1); - return 1; -} - -static int -tn_setmode(int bit) -{ - return dolmmode(bit, 1); -} - -static int -tn_clearmode(int bit) -{ - return dolmmode(bit, 0); -} - -struct modelist { - char *name; /* command name */ - char *help; /* help string */ - int (*handler)(); /* routine which executes command */ - int needconnect; /* Do we need to be connected to execute? */ - int arg1; -}; - -static int modehelp(void); - -static struct modelist ModeList[] = { - { "character", "Disable LINEMODE option", docharmode, 1 }, -#ifdef KLUDGELINEMODE - { "", "(or disable obsolete line-by-line mode)", 0 }, -#endif - { "line", "Enable LINEMODE option", dolinemode, 1 }, -#ifdef KLUDGELINEMODE - { "", "(or enable obsolete line-by-line mode)", 0 }, -#endif - { "", "", 0 }, - { "", "These require the LINEMODE option to be enabled", 0 }, - { "isig", "Enable signal trapping", tn_setmode, 1, MODE_TRAPSIG }, - { "+isig", 0, tn_setmode, 1, MODE_TRAPSIG }, - { "-isig", "Disable signal trapping", tn_clearmode, 1, MODE_TRAPSIG }, - { "edit", "Enable character editing", tn_setmode, 1, MODE_EDIT }, - { "+edit", 0, tn_setmode, 1, MODE_EDIT }, - { "-edit", "Disable character editing", tn_clearmode, 1, MODE_EDIT }, - { "softtabs", "Enable tab expansion", tn_setmode, 1, MODE_SOFT_TAB }, - { "+softtabs", 0, tn_setmode, 1, MODE_SOFT_TAB }, - { "-softtabs", "Disable tab expansion", tn_clearmode, 1, MODE_SOFT_TAB }, - { "litecho", "Enable literal character echo", tn_setmode, 1, MODE_LIT_ECHO }, - { "+litecho", 0, tn_setmode, 1, MODE_LIT_ECHO }, - { "-litecho", "Disable literal character echo", tn_clearmode, 1, MODE_LIT_ECHO }, - { "help", 0, modehelp, 0 }, -#ifdef KLUDGELINEMODE - { "kludgeline", 0, dokludgemode, 1 }, -#endif - { "", "", 0 }, - { "?", "Print help information", modehelp, 0 }, - { 0 }, -}; - - -static int -modehelp(void) -{ - struct modelist *mt; - - printf("format is: 'mode Mode', where 'Mode' is one of:\r\n\r\n"); - for (mt = ModeList; mt->name; mt++) { - if (mt->help) { - if (*mt->help) - printf("%-15s %s\r\n", mt->name, mt->help); - else - printf("\r\n"); - } - } - return 0; -} - -#define GETMODECMD(name) (struct modelist *) \ - genget(name, (char **) ModeList, sizeof(struct modelist)) - -static int -modecmd(int argc, char **argv) -{ - struct modelist *mt; - - if (argc != 2) { - printf("'mode' command requires an argument\r\n"); - printf("'mode ?' for help.\r\n"); - } else if ((mt = GETMODECMD(argv[1])) == 0) { - fprintf(stderr, "Unknown mode '%s' ('mode ?' for help).\r\n", argv[1]); - } else if (Ambiguous(mt)) { - fprintf(stderr, "Ambiguous mode '%s' ('mode ?' for help).\r\n", argv[1]); - } else if (mt->needconnect && !connected) { - printf("?Need to be connected first.\r\n"); - printf("'mode ?' for help.\r\n"); - } else if (mt->handler) { - return (*mt->handler)(mt->arg1); - } - return 0; -} - -/* - * The following data structures and routines implement the - * "display" command. - */ - -static int -display(int argc, char *argv[]) -{ - struct togglelist *tl; - struct setlist *sl; - -#define dotog(tl) if (tl->variable && tl->actionexplanation) { \ - if (*tl->variable) { \ - printf("will"); \ - } else { \ - printf("won't"); \ - } \ - printf(" %s.\r\n", tl->actionexplanation); \ - } - -#define doset(sl) if (sl->name && *sl->name != ' ') { \ - if (sl->handler == 0) \ - printf("%-15s [%s]\r\n", sl->name, control(*sl->charp)); \ - else \ - printf("%-15s \"%s\"\r\n", sl->name, (char *)sl->charp); \ - } - - if (argc == 1) { - for (tl = Togglelist; tl->name; tl++) { - dotog(tl); - } - printf("\r\n"); - for (sl = Setlist; sl->name; sl++) { - doset(sl); - } - } else { - int i; - - for (i = 1; i < argc; i++) { - sl = getset(argv[i]); - tl = GETTOGGLE(argv[i]); - if (Ambiguous(sl) || Ambiguous(tl)) { - printf("?Ambiguous argument '%s'.\r\n", argv[i]); - return 0; - } else if (!sl && !tl) { - printf("?Unknown argument '%s'.\r\n", argv[i]); - return 0; - } else { - if (tl) { - dotog(tl); - } - if (sl) { - doset(sl); - } - } - } - } -/*@*/optionstatus(); -#if defined(ENCRYPTION) - EncryptStatus(); -#endif - return 1; -#undef doset -#undef dotog -} - -/* - * The following are the data structures, and many of the routines, - * relating to command processing. - */ - -/* - * Set the escape character. - */ -static int -setescape(int argc, char *argv[]) -{ - char *arg; - char buf[50]; - - printf( - "Deprecated usage - please use 'set escape%s%s' in the future.\r\n", - (argc > 2)? " ":"", (argc > 2)? argv[1]: ""); - if (argc > 2) - arg = argv[1]; - else { - printf("new escape character: "); - fgets(buf, sizeof(buf), stdin); - arg = buf; - } - if (arg[0] != '\0') - escape = arg[0]; - printf("Escape character is '%s'.\r\n", control(escape)); - - fflush(stdout); - return 1; -} - -static int -togcrmod() -{ - crmod = !crmod; - printf("Deprecated usage - please use 'toggle crmod' in the future.\r\n"); - printf("%s map carriage return on output.\r\n", crmod ? "Will" : "Won't"); - fflush(stdout); - return 1; -} - -static int -telnetsuspend() -{ -#ifdef SIGTSTP - setcommandmode(); - { - long oldrows, oldcols, newrows, newcols, err; - - err = (TerminalWindowSize(&oldrows, &oldcols) == 0) ? 1 : 0; - kill(0, SIGTSTP); - /* - * If we didn't get the window size before the SUSPEND, but we - * can get them now (?), then send the NAWS to make sure that - * we are set up for the right window size. - */ - if (TerminalWindowSize(&newrows, &newcols) && connected && - (err || ((oldrows != newrows) || (oldcols != newcols)))) { - sendnaws(); - } - } - /* reget parameters in case they were changed */ - TerminalSaveState(); - setconnmode(0); -#else - printf("Suspend is not supported. Try the '!' command instead\r\n"); -#endif - return 1; -} - -static int -shell(int argc, char **argv) -{ - long oldrows, oldcols, newrows, newcols, err; - - setcommandmode(); - - err = (TerminalWindowSize(&oldrows, &oldcols) == 0) ? 1 : 0; - switch(fork()) { - case -1: - perror("Fork failed\r\n"); - break; - - case 0: - { - /* - * Fire up the shell in the child. - */ - char *shellp, *shellname; - - shellp = getenv("SHELL"); - if (shellp == NULL) - shellp = "/bin/sh"; - if ((shellname = strrchr(shellp, '/')) == 0) - shellname = shellp; - else - shellname++; - if (argc > 1) - execl(shellp, shellname, "-c", &saveline[1], NULL); - else - execl(shellp, shellname, NULL); - perror("Execl"); - _exit(1); - } - default: - wait((int *)0); /* Wait for the shell to complete */ - - if (TerminalWindowSize(&newrows, &newcols) && connected && - (err || ((oldrows != newrows) || (oldcols != newcols)))) { - sendnaws(); - } - break; - } - return 1; -} - -static int -bye(int argc, char **argv) -{ - if (connected) { - shutdown(net, 2); - printf("Connection closed.\r\n"); - NetClose(net); - connected = 0; - resettermname = 1; -#if defined(AUTHENTICATION) || defined(ENCRYPTION) - auth_encrypt_connect(connected); -#endif - /* reset options */ - tninit(); - } - if ((argc != 2) || (strcmp(argv[1], "fromquit") != 0)) - longjmp(toplevel, 1); - return 0; /* NOTREACHED */ -} - -int -quit(void) -{ - call(bye, "bye", "fromquit", 0); - Exit(0); - return 0; /*NOTREACHED*/ -} - -static int -logout() -{ - send_do(TELOPT_LOGOUT, 1); - netflush(); - return 1; -} - - -/* - * The SLC command. - */ - -struct slclist { - char *name; - char *help; - void (*handler)(); - int arg; -}; - -static void slc_help(void); - -struct slclist SlcList[] = { - { "export", "Use local special character definitions", - slc_mode_export, 0 }, - { "import", "Use remote special character definitions", - slc_mode_import, 1 }, - { "check", "Verify remote special character definitions", - slc_mode_import, 0 }, - { "help", 0, slc_help, 0 }, - { "?", "Print help information", slc_help, 0 }, - { 0 }, -}; - -static void -slc_help(void) -{ - struct slclist *c; - - for (c = SlcList; c->name; c++) { - if (c->help) { - if (*c->help) - printf("%-15s %s\r\n", c->name, c->help); - else - printf("\r\n"); - } - } -} - -static struct slclist * -getslc(char *name) -{ - return (struct slclist *) - genget(name, (char **) SlcList, sizeof(struct slclist)); -} - -static int -slccmd(int argc, char **argv) -{ - struct slclist *c; - - if (argc != 2) { - fprintf(stderr, - "Need an argument to 'slc' command. 'slc ?' for help.\r\n"); - return 0; - } - c = getslc(argv[1]); - if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('slc ?' for help).\r\n", - argv[1]); - return 0; - } - if (Ambiguous(c)) { - fprintf(stderr, "'%s': ambiguous argument ('slc ?' for help).\r\n", - argv[1]); - return 0; - } - (*c->handler)(c->arg); - slcstate(); - return 1; -} - -/* - * The ENVIRON command. - */ - -struct envlist { - char *name; - char *help; - void (*handler)(); - int narg; -}; - -static void env_help (void); - -struct envlist EnvList[] = { - { "define", "Define an environment variable", - (void (*)())env_define, 2 }, - { "undefine", "Undefine an environment variable", - env_undefine, 1 }, - { "export", "Mark an environment variable for automatic export", - env_export, 1 }, - { "unexport", "Don't mark an environment variable for automatic export", - env_unexport, 1 }, - { "send", "Send an environment variable", env_send, 1 }, - { "list", "List the current environment variables", - env_list, 0 }, - { "help", 0, env_help, 0 }, - { "?", "Print help information", env_help, 0 }, - { 0 }, -}; - -static void -env_help() -{ - struct envlist *c; - - for (c = EnvList; c->name; c++) { - if (c->help) { - if (*c->help) - printf("%-15s %s\r\n", c->name, c->help); - else - printf("\r\n"); - } - } -} - -static struct envlist * -getenvcmd(char *name) -{ - return (struct envlist *) - genget(name, (char **) EnvList, sizeof(struct envlist)); -} - -static int -env_cmd(int argc, char **argv) -{ - struct envlist *c; - - if (argc < 2) { - fprintf(stderr, - "Need an argument to 'environ' command. 'environ ?' for help.\r\n"); - return 0; - } - c = getenvcmd(argv[1]); - if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('environ ?' for help).\r\n", - argv[1]); - return 0; - } - if (Ambiguous(c)) { - fprintf(stderr, "'%s': ambiguous argument ('environ ?' for help).\r\n", - argv[1]); - return 0; - } - if (c->narg + 2 != argc) { - fprintf(stderr, - "Need %s%d argument%s to 'environ %s' command. 'environ ?' for help.\r\n", - c->narg < argc + 2 ? "only " : "", - c->narg, c->narg == 1 ? "" : "s", c->name); - return 0; - } - (*c->handler)(argv[2], argv[3]); - return 1; -} - -struct env_lst { - struct env_lst *next; /* pointer to next structure */ - struct env_lst *prev; /* pointer to previous structure */ - unsigned char *var; /* pointer to variable name */ - unsigned char *value; /* pointer to variable value */ - int export; /* 1 -> export with default list of variables */ - int welldefined; /* A well defined variable */ -}; - -struct env_lst envlisthead; - -struct env_lst * -env_find(unsigned char *var) -{ - struct env_lst *ep; - - for (ep = envlisthead.next; ep; ep = ep->next) { - if (strcmp((char *)ep->var, (char *)var) == 0) - return(ep); - } - return(NULL); -} - -#ifdef IRIX4 -#define environ _environ -#endif - -void -env_init(void) -{ - char **epp, *cp; - struct env_lst *ep; - - for (epp = environ; *epp; epp++) { - if ((cp = strchr(*epp, '='))) { - *cp = '\0'; - ep = env_define((unsigned char *)*epp, - (unsigned char *)cp+1); - ep->export = 0; - *cp = '='; - } - } - /* - * Special case for DISPLAY variable. If it is ":0.0" or - * "unix:0.0", we have to get rid of "unix" and insert our - * hostname. - */ - if ((ep = env_find((unsigned char*)"DISPLAY")) - && (*ep->value == ':' - || strncmp((char *)ep->value, "unix:", 5) == 0)) { - char hbuf[256+1]; - char *cp2 = strchr((char *)ep->value, ':'); - int error; - - /* XXX - should be k_gethostname? */ - gethostname(hbuf, 256); - hbuf[256] = '\0'; - - /* If this is not the full name, try to get it via DNS */ - if (strchr(hbuf, '.') == 0) { - struct addrinfo hints, *ai, *a; - - memset (&hints, 0, sizeof(hints)); - hints.ai_flags = AI_CANONNAME; - - error = getaddrinfo (hbuf, NULL, &hints, &ai); - if (error == 0) { - for (a = ai; a != NULL; a = a->ai_next) - if (a->ai_canonname != NULL) { - strlcpy (hbuf, - ai->ai_canonname, - 256); - break; - } - freeaddrinfo (ai); - } - } - - error = asprintf (&cp, "%s%s", hbuf, cp2); - if (error != -1) { - free (ep->value); - ep->value = (unsigned char *)cp; - } - } - /* - * If USER is not defined, but LOGNAME is, then add - * USER with the value from LOGNAME. By default, we - * don't export the USER variable. - */ - if ((env_find((unsigned char*)"USER") == NULL) && - (ep = env_find((unsigned char*)"LOGNAME"))) { - env_define((unsigned char *)"USER", ep->value); - env_unexport((unsigned char *)"USER"); - } - env_export((unsigned char *)"DISPLAY"); - env_export((unsigned char *)"PRINTER"); - env_export((unsigned char *)"XAUTHORITY"); -} - -struct env_lst * -env_define(unsigned char *var, unsigned char *value) -{ - struct env_lst *ep; - - if ((ep = env_find(var))) { - if (ep->var) - free(ep->var); - if (ep->value) - free(ep->value); - } else { - ep = (struct env_lst *)malloc(sizeof(struct env_lst)); - ep->next = envlisthead.next; - envlisthead.next = ep; - ep->prev = &envlisthead; - if (ep->next) - ep->next->prev = ep; - } - ep->welldefined = opt_welldefined((char *)var); - ep->export = 1; - ep->var = (unsigned char *)strdup((char *)var); - ep->value = (unsigned char *)strdup((char *)value); - return(ep); -} - -void -env_undefine(unsigned char *var) -{ - struct env_lst *ep; - - if ((ep = env_find(var))) { - ep->prev->next = ep->next; - if (ep->next) - ep->next->prev = ep->prev; - if (ep->var) - free(ep->var); - if (ep->value) - free(ep->value); - free(ep); - } -} - -void -env_export(unsigned char *var) -{ - struct env_lst *ep; - - if ((ep = env_find(var))) - ep->export = 1; -} - -void -env_unexport(unsigned char *var) -{ - struct env_lst *ep; - - if ((ep = env_find(var))) - ep->export = 0; -} - -void -env_send(unsigned char *var) -{ - struct env_lst *ep; - - if (my_state_is_wont(TELOPT_NEW_ENVIRON) -#ifdef OLD_ENVIRON - && my_state_is_wont(TELOPT_OLD_ENVIRON) -#endif - ) { - fprintf(stderr, - "Cannot send '%s': Telnet ENVIRON option not enabled\r\n", - var); - return; - } - ep = env_find(var); - if (ep == 0) { - fprintf(stderr, "Cannot send '%s': variable not defined\r\n", - var); - return; - } - env_opt_start_info(); - env_opt_add(ep->var); - env_opt_end(0); -} - -void -env_list(void) -{ - struct env_lst *ep; - - for (ep = envlisthead.next; ep; ep = ep->next) { - printf("%c %-20s %s\r\n", ep->export ? '*' : ' ', - ep->var, ep->value); - } -} - -unsigned char * -env_default(int init, int welldefined) -{ - static struct env_lst *nep = NULL; - - if (init) { - nep = &envlisthead; - return NULL; - } - if (nep) { - while ((nep = nep->next)) { - if (nep->export && (nep->welldefined == welldefined)) - return(nep->var); - } - } - return(NULL); -} - -unsigned char * -env_getvalue(unsigned char *var) -{ - struct env_lst *ep; - - if ((ep = env_find(var))) - return(ep->value); - return(NULL); -} - - -#if defined(AUTHENTICATION) -/* - * The AUTHENTICATE command. - */ - -struct authlist { - char *name; - char *help; - int (*handler)(); - int narg; -}; - -static int - auth_help (void); - -struct authlist AuthList[] = { - { "status", "Display current status of authentication information", - auth_status, 0 }, - { "disable", "Disable an authentication type ('auth disable ?' for more)", - auth_disable, 1 }, - { "enable", "Enable an authentication type ('auth enable ?' for more)", - auth_enable, 1 }, - { "help", 0, auth_help, 0 }, - { "?", "Print help information", auth_help, 0 }, - { 0 }, -}; - -static int -auth_help() -{ - struct authlist *c; - - for (c = AuthList; c->name; c++) { - if (c->help) { - if (*c->help) - printf("%-15s %s\r\n", c->name, c->help); - else - printf("\r\n"); - } - } - return 0; -} - -static int -auth_cmd(int argc, char **argv) -{ - struct authlist *c; - - if (argc < 2) { - fprintf(stderr, - "Need an argument to 'auth' command. 'auth ?' for help.\r\n"); - return 0; - } - - c = (struct authlist *) - genget(argv[1], (char **) AuthList, sizeof(struct authlist)); - if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('auth ?' for help).\r\n", - argv[1]); - return 0; - } - if (Ambiguous(c)) { - fprintf(stderr, "'%s': ambiguous argument ('auth ?' for help).\r\n", - argv[1]); - return 0; - } - if (c->narg + 2 != argc) { - fprintf(stderr, - "Need %s%d argument%s to 'auth %s' command. 'auth ?' for help.\r\n", - c->narg < argc + 2 ? "only " : "", - c->narg, c->narg == 1 ? "" : "s", c->name); - return 0; - } - return((*c->handler)(argv[2], argv[3])); -} -#endif - - -#if defined(ENCRYPTION) -/* - * The ENCRYPT command. - */ - -struct encryptlist { - char *name; - char *help; - int (*handler)(); - int needconnect; - int minarg; - int maxarg; -}; - -static int - EncryptHelp (void); - -struct encryptlist EncryptList[] = { - { "enable", "Enable encryption. ('encrypt enable ?' for more)", - EncryptEnable, 1, 1, 2 }, - { "disable", "Disable encryption. ('encrypt enable ?' for more)", - EncryptDisable, 0, 1, 2 }, - { "type", "Set encryptiong type. ('encrypt type ?' for more)", - EncryptType, 0, 1, 1 }, - { "start", "Start encryption. ('encrypt start ?' for more)", - EncryptStart, 1, 0, 1 }, - { "stop", "Stop encryption. ('encrypt stop ?' for more)", - EncryptStop, 1, 0, 1 }, - { "input", "Start encrypting the input stream", - EncryptStartInput, 1, 0, 0 }, - { "-input", "Stop encrypting the input stream", - EncryptStopInput, 1, 0, 0 }, - { "output", "Start encrypting the output stream", - EncryptStartOutput, 1, 0, 0 }, - { "-output", "Stop encrypting the output stream", - EncryptStopOutput, 1, 0, 0 }, - - { "status", "Display current status of authentication information", - EncryptStatus, 0, 0, 0 }, - { "help", 0, EncryptHelp, 0, 0, 0 }, - { "?", "Print help information", EncryptHelp, 0, 0, 0 }, - { 0 }, -}; - -static int -EncryptHelp() -{ - struct encryptlist *c; - - for (c = EncryptList; c->name; c++) { - if (c->help) { - if (*c->help) - printf("%-15s %s\r\n", c->name, c->help); - else - printf("\r\n"); - } - } - return 0; -} - -static int -encrypt_cmd(int argc, char **argv) -{ - struct encryptlist *c; - - c = (struct encryptlist *) - genget(argv[1], (char **) EncryptList, sizeof(struct encryptlist)); - if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('encrypt ?' for help).\r\n", - argv[1]); - return 0; - } - if (Ambiguous(c)) { - fprintf(stderr, "'%s': ambiguous argument ('encrypt ?' for help).\r\n", - argv[1]); - return 0; - } - argc -= 2; - if (argc < c->minarg || argc > c->maxarg) { - if (c->minarg == c->maxarg) { - fprintf(stderr, "Need %s%d argument%s ", - c->minarg < argc ? "only " : "", c->minarg, - c->minarg == 1 ? "" : "s"); - } else { - fprintf(stderr, "Need %s%d-%d arguments ", - c->maxarg < argc ? "only " : "", c->minarg, c->maxarg); - } - fprintf(stderr, "to 'encrypt %s' command. 'encrypt ?' for help.\r\n", - c->name); - return 0; - } - if (c->needconnect && !connected) { - if (!(argc && (isprefix(argv[2], "help") || isprefix(argv[2], "?")))) { - printf("?Need to be connected first.\r\n"); - return 0; - } - } - return ((*c->handler)(argc > 0 ? argv[2] : 0, - argc > 1 ? argv[3] : 0, - argc > 2 ? argv[4] : 0)); -} -#endif - - -/* - * Print status about the connection. - */ - -static int -status(int argc, char **argv) -{ - if (connected) { - printf("Connected to %s.\r\n", hostname); - if ((argc < 2) || strcmp(argv[1], "notmuch")) { - int mode = getconnmode(); - - if (my_want_state_is_will(TELOPT_LINEMODE)) { - printf("Operating with LINEMODE option\r\n"); - printf("%s line editing\r\n", (mode&MODE_EDIT) ? "Local" : "No"); - printf("%s catching of signals\r\n", - (mode&MODE_TRAPSIG) ? "Local" : "No"); - slcstate(); -#ifdef KLUDGELINEMODE - } else if (kludgelinemode && my_want_state_is_dont(TELOPT_SGA)) { - printf("Operating in obsolete linemode\r\n"); -#endif - } else { - printf("Operating in single character mode\r\n"); - if (localchars) - printf("Catching signals locally\r\n"); - } - printf("%s character echo\r\n", (mode&MODE_ECHO) ? "Local" : "Remote"); - if (my_want_state_is_will(TELOPT_LFLOW)) - printf("%s flow control\r\n", (mode&MODE_FLOW) ? "Local" : "No"); -#if defined(ENCRYPTION) - encrypt_display(); -#endif - } - } else { - printf("No connection.\r\n"); - } - printf("Escape character is '%s'.\r\n", control(escape)); - fflush(stdout); - return 1; -} - -#ifdef SIGINFO -/* - * Function that gets called when SIGINFO is received. - */ -RETSIGTYPE -ayt_status(int ignore) -{ - call(status, "status", "notmuch", 0); -} -#endif - -static Command *getcmd(char *name); - -static void -cmdrc(char *m1, char *m2) -{ - static char rcname[128]; - Command *c; - FILE *rcfile; - int gotmachine = 0; - int l1 = strlen(m1); - int l2 = strlen(m2); - char m1save[64]; - - if (skiprc) - return; - - strlcpy(m1save, m1, sizeof(m1save)); - m1 = m1save; - - if (rcname[0] == 0) { - char *home = getenv("HOME"); - - snprintf (rcname, sizeof(rcname), "%s/.telnetrc", - home ? home : ""); - } - - if ((rcfile = fopen(rcname, "r")) == 0) { - return; - } - - for (;;) { - if (fgets(line, sizeof(line), rcfile) == NULL) - break; - if (line[0] == 0) - break; - if (line[0] == '#') - continue; - if (gotmachine) { - if (!isspace((unsigned char)line[0])) - gotmachine = 0; - } - if (gotmachine == 0) { - if (isspace((unsigned char)line[0])) - continue; - if (strncasecmp(line, m1, l1) == 0) - strncpy(line, &line[l1], sizeof(line) - l1); - else if (strncasecmp(line, m2, l2) == 0) - strncpy(line, &line[l2], sizeof(line) - l2); - else if (strncasecmp(line, "DEFAULT", 7) == 0) - strncpy(line, &line[7], sizeof(line) - 7); - else - continue; - if (line[0] != ' ' && line[0] != '\t' && line[0] != '\n') - continue; - gotmachine = 1; - } - makeargv(); - if (margv[0] == 0) - continue; - c = getcmd(margv[0]); - if (Ambiguous(c)) { - printf("?Ambiguous command: %s\r\n", margv[0]); - continue; - } - if (c == 0) { - printf("?Invalid command: %s\r\n", margv[0]); - continue; - } - /* - * This should never happen... - */ - if (c->needconnect && !connected) { - printf("?Need to be connected first for %s.\r\n", margv[0]); - continue; - } - (*c->handler)(margc, margv); - } - fclose(rcfile); -} - -int -tn(int argc, char **argv) -{ - struct servent *sp = 0; - char *cmd, *hostp = 0, *portp = 0; - char *user = 0; - int port = 0; - - /* clear the socket address prior to use */ - - if (connected) { - printf("?Already connected to %s\r\n", hostname); - return 0; - } - if (argc < 2) { - strlcpy(line, "open ", sizeof(line)); - printf("(to) "); - fgets(&line[strlen(line)], sizeof(line) - strlen(line), stdin); - makeargv(); - argc = margc; - argv = margv; - } - cmd = *argv; - --argc; ++argv; - while (argc) { - if (strcmp(*argv, "help") == 0 || isprefix(*argv, "?")) - goto usage; - if (strcmp(*argv, "-l") == 0) { - --argc; ++argv; - if (argc == 0) - goto usage; - user = strdup(*argv++); - --argc; - continue; - } - if (strcmp(*argv, "-a") == 0) { - --argc; ++argv; - autologin = 1; - continue; - } - if (hostp == 0) { - hostp = *argv++; - --argc; - continue; - } - if (portp == 0) { - portp = *argv++; - --argc; - continue; - } - usage: - printf("usage: %s [-l user] [-a] host-name [port]\r\n", cmd); - return 0; - } - if (hostp == 0) - goto usage; - - strlcpy (_hostname, hostp, sizeof(_hostname)); - hostp = _hostname; - if (hostp[0] == '@' || hostp[0] == '!') { - char *p; - hostname = NULL; - for (p = hostp + 1; *p; p++) { - if (*p == ',' || *p == '@') - hostname = p; - } - if (hostname == NULL) { - fprintf(stderr, "%s: bad source route specification\n", hostp); - return 0; - } - *hostname++ = '\0'; - } else - hostname = hostp; - - if (portp) { - if (*portp == '-') { - portp++; - telnetport = 1; - } else - telnetport = 0; - port = atoi(portp); - if (port == 0) { - sp = roken_getservbyname(portp, "tcp"); - if (sp) - port = sp->s_port; - else { - printf("%s: bad port number\r\n", portp); - return 0; - } - } else { - port = htons(port); - } - } else { - if (sp == 0) { - sp = roken_getservbyname("telnet", "tcp"); - if (sp == 0) { - fprintf(stderr, "telnet: tcp/telnet: unknown service\r\n"); - return 0; - } - port = sp->s_port; - } - telnetport = 1; - } - - { - struct addrinfo *ai, *a, hints; - int error; - char portstr[NI_MAXSERV]; - - memset (&hints, 0, sizeof(hints)); - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = IPPROTO_TCP; - hints.ai_flags = AI_CANONNAME; - - snprintf (portstr, sizeof(portstr), "%u", ntohs(port)); - - error = getaddrinfo (hostname, portstr, &hints, &ai); - if (error) { - fprintf (stderr, "%s: %s\r\n", hostname, gai_strerror (error)); - return 0; - } - - for (a = ai; a != NULL && connected == 0; a = a->ai_next) { - char addrstr[256]; - - if (a->ai_canonname != NULL) - strlcpy (_hostname, a->ai_canonname, sizeof(_hostname)); - - if (getnameinfo (a->ai_addr, a->ai_addrlen, - addrstr, sizeof(addrstr), - NULL, 0, NI_NUMERICHOST) != 0) - strlcpy (addrstr, "unknown address", sizeof(addrstr)); - - printf("Trying %s...\r\n", addrstr); - - net = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (net < 0) { - warn ("socket"); - continue; - } - -#if defined(IP_OPTIONS) && defined(IPPROTO_IP) && defined(HAVE_SETSOCKOPT) - if (hostp[0] == '@' || hostp[0] == '!') { - char *srp = 0; - int srlen; - int proto, opt; - - if ((srlen = sourceroute(a, hostp, &srp, &proto, &opt)) < 0) { - (void) NetClose(net); - net = -1; - continue; - } - if (srp && setsockopt(net, proto, opt, srp, srlen) < 0) - perror("setsockopt (source route)"); - } -#endif - -#if defined(IPPROTO_IP) && defined(IP_TOS) - if (a->ai_family == AF_INET) { -# if defined(HAVE_GETTOSBYNAME) - struct tosent *tp; - if (tos < 0 && (tp = gettosbyname("telnet", "tcp"))) - tos = tp->t_tos; -# endif - if (tos < 0) - tos = 020; /* Low Delay bit */ - if (tos - && (setsockopt(net, IPPROTO_IP, IP_TOS, - (void *)&tos, sizeof(int)) < 0) - && (errno != ENOPROTOOPT)) - perror("telnet: setsockopt (IP_TOS) (ignored)"); - } -#endif /* defined(IPPROTO_IP) && defined(IP_TOS) */ - if (debug && SetSockOpt(net, SOL_SOCKET, SO_DEBUG, 1) < 0) { - perror("setsockopt (SO_DEBUG)"); - } - - if (connect (net, a->ai_addr, a->ai_addrlen) < 0) { - fprintf (stderr, "telnet: connect to address %s: %s\n", - addrstr, strerror(errno)); - NetClose(net); - if (a->ai_next != NULL) { - continue; - } else { - freeaddrinfo (ai); - return 0; - } - } - ++connected; -#if defined(AUTHENTICATION) || defined(ENCRYPTION) - auth_encrypt_connect(connected); -#endif - } - freeaddrinfo (ai); - if (connected == 0) - return 0; - } - cmdrc(hostp, hostname); - set_forward_options(); - if (autologin && user == NULL) - user = (char *)get_default_username (); - if (user) { - env_define((unsigned char *)"USER", (unsigned char *)user); - env_export((unsigned char *)"USER"); - } - call(status, "status", "notmuch", 0); - if (setjmp(peerdied) == 0) - my_telnet((char *)user); - NetClose(net); - ExitString("Connection closed by foreign host.\r\n",1); - /*NOTREACHED*/ - return 0; -} - -#define HELPINDENT ((int)sizeof ("connect")) - -static char - openhelp[] = "connect to a site", - closehelp[] = "close current connection", - logouthelp[] = "forcibly logout remote user and close the connection", - quithelp[] = "exit telnet", - statushelp[] = "print status information", - helphelp[] = "print help information", - sendhelp[] = "transmit special characters ('send ?' for more)", - sethelp[] = "set operating parameters ('set ?' for more)", - unsethelp[] = "unset operating parameters ('unset ?' for more)", - togglestring[] ="toggle operating parameters ('toggle ?' for more)", - slchelp[] = "change state of special charaters ('slc ?' for more)", - displayhelp[] = "display operating parameters", -#if defined(AUTHENTICATION) - authhelp[] = "turn on (off) authentication ('auth ?' for more)", -#endif -#if defined(ENCRYPTION) - encrypthelp[] = "turn on (off) encryption ('encrypt ?' for more)", -#endif - zhelp[] = "suspend telnet", - shellhelp[] = "invoke a subshell", - envhelp[] = "change environment variables ('environ ?' for more)", - modestring[] = "try to enter line or character mode ('mode ?' for more)"; - -static int help(int argc, char **argv); - -static Command cmdtab[] = { - { "close", closehelp, bye, 1 }, - { "logout", logouthelp, logout, 1 }, - { "display", displayhelp, display, 0 }, - { "mode", modestring, modecmd, 0 }, - { "open", openhelp, tn, 0 }, - { "quit", quithelp, quit, 0 }, - { "send", sendhelp, sendcmd, 0 }, - { "set", sethelp, setcmd, 0 }, - { "unset", unsethelp, unsetcmd, 0 }, - { "status", statushelp, status, 0 }, - { "toggle", togglestring, toggle, 0 }, - { "slc", slchelp, slccmd, 0 }, -#if defined(AUTHENTICATION) - { "auth", authhelp, auth_cmd, 0 }, -#endif -#if defined(ENCRYPTION) - { "encrypt", encrypthelp, encrypt_cmd, 0 }, -#endif - { "z", zhelp, telnetsuspend, 0 }, - { "!", shellhelp, shell, 0 }, - { "environ", envhelp, env_cmd, 0 }, - { "?", helphelp, help, 0 }, - { 0, 0, 0, 0 } -}; - -static char crmodhelp[] = "deprecated command -- use 'toggle crmod' instead"; -static char escapehelp[] = "deprecated command -- use 'set escape' instead"; - -static Command cmdtab2[] = { - { "help", 0, help, 0 }, - { "escape", escapehelp, setescape, 0 }, - { "crmod", crmodhelp, togcrmod, 0 }, - { 0, 0, 0, 0 } -}; - - -/* - * Call routine with argc, argv set from args (terminated by 0). - */ - -static int -call(intrtn_t routine, ...) -{ - va_list ap; - char *args[100]; - int argno = 0; - - va_start(ap, routine); - while ((args[argno++] = va_arg(ap, char *)) != 0); - va_end(ap); - return (*routine)(argno-1, args); -} - - -static Command -*getcmd(char *name) -{ - Command *cm; - - if ((cm = (Command *) genget(name, (char **) cmdtab, sizeof(Command)))) - return cm; - return (Command *) genget(name, (char **) cmdtab2, sizeof(Command)); -} - -void -command(int top, char *tbuf, int cnt) -{ - Command *c; - - setcommandmode(); - if (!top) { - putchar('\n'); - } else { - signal(SIGINT, SIG_DFL); - signal(SIGQUIT, SIG_DFL); - } - for (;;) { - if (rlogin == _POSIX_VDISABLE) - printf("%s> ", prompt); - if (tbuf) { - char *cp; - cp = line; - while (cnt > 0 && (*cp++ = *tbuf++) != '\n') - cnt--; - tbuf = 0; - if (cp == line || *--cp != '\n' || cp == line) - goto getline; - *cp = '\0'; - if (rlogin == _POSIX_VDISABLE) - printf("%s\r\n", line); - } else { - getline: - if (rlogin != _POSIX_VDISABLE) - printf("%s> ", prompt); - if (fgets(line, sizeof(line), stdin) == NULL) { - if (feof(stdin) || ferror(stdin)) { - quit(); - /*NOTREACHED*/ - } - break; - } - } - if (line[0] == 0) - break; - makeargv(); - if (margv[0] == 0) { - break; - } - c = getcmd(margv[0]); - if (Ambiguous(c)) { - printf("?Ambiguous command\r\n"); - continue; - } - if (c == 0) { - printf("?Invalid command\r\n"); - continue; - } - if (c->needconnect && !connected) { - printf("?Need to be connected first.\r\n"); - continue; - } - if ((*c->handler)(margc, margv)) { - break; - } - } - if (!top) { - if (!connected) { - longjmp(toplevel, 1); - /*NOTREACHED*/ - } - setconnmode(0); - } -} - -/* - * Help command. - */ -static int -help(int argc, char **argv) -{ - Command *c; - - if (argc == 1) { - printf("Commands may be abbreviated. Commands are:\r\n\r\n"); - for (c = cmdtab; c->name; c++) - if (c->help) { - printf("%-*s\t%s\r\n", HELPINDENT, c->name, - c->help); - } - return 0; - } - while (--argc > 0) { - char *arg; - arg = *++argv; - c = getcmd(arg); - if (Ambiguous(c)) - printf("?Ambiguous help command %s\r\n", arg); - else if (c == (Command *)0) - printf("?Invalid help command %s\r\n", arg); - else - printf("%s\r\n", c->help); - } - return 0; -} - - -#if defined(IP_OPTIONS) && defined(IPPROTO_IP) - -/* - * Source route is handed in as - * [!]@hop1@hop2...@dst - * - * If the leading ! is present, it is a strict source route, otherwise it is - * assmed to be a loose source route. Note that leading ! is effective - * only for IPv4 case. - * - * We fill in the source route option as - * hop1,hop2,hop3...dest - * and return a pointer to hop1, which will - * be the address to connect() to. - * - * Arguments: - * ai: The address (by struct addrinfo) for the final destination. - * - * arg: Pointer to route list to decipher - * - * cpp: Pointer to a pointer, so that sourceroute() can return - * the address of result buffer (statically alloc'ed). - * - * protop/optp: - * Pointer to an integer. The pointed variable - * lenp: pointer to an integer that contains the - * length of *cpp if *cpp != NULL. - * - * Return values: - * - * Returns the length of the option pointed to by *cpp. If the - * return value is -1, there was a syntax error in the - * option, either arg contained unknown characters or too many hosts, - * or hostname cannot be resolved. - * - * The caller needs to pass return value (len), *cpp, *protop and *optp - * to setsockopt(2). - * - * *cpp: Points to the result buffer. The region is statically - * allocated by the function. - * - * *protop: - * protocol # to be passed to setsockopt(2). - * - * *optp: option # to be passed to setsockopt(2). - * - */ -int -sourceroute(struct addrinfo *ai, - char *arg, - char **cpp, - int *protop, - int *optp) -{ - char *cp, *cp2, *lsrp = NULL, *lsrep = NULL; - struct addrinfo hints, *res; - int len, error; - struct sockaddr_in *sin; - register char c; - static char lsr[44]; -#ifdef INET6 - struct cmsghdr *cmsg = NULL; - struct sockaddr_in6 *sin6; - static char rhbuf[1024]; -#endif - - /* - * Verify the arguments. - */ - if (cpp == NULL) - return -1; - - cp = arg; - - *cpp = NULL; - switch (ai->ai_family) { - case AF_INET: - lsrp = lsr; - lsrep = lsrp + sizeof(lsr); - - /* - * Next, decide whether we have a loose source - * route or a strict source route, and fill in - * the begining of the option. - */ - if (*cp == '!') { - cp++; - *lsrp++ = IPOPT_SSRR; - } else - *lsrp++ = IPOPT_LSRR; - if (*cp != '@') - return -1; - lsrp++; /* skip over length, we'll fill it in later */ - *lsrp++ = 4; - cp++; - *protop = IPPROTO_IP; - *optp = IP_OPTIONS; - break; -#ifdef INET6 - case AF_INET6: -/* this needs to be updated for rfc2292bis */ -#ifdef IPV6_PKTOPTIONS - cmsg = inet6_rthdr_init(rhbuf, IPV6_RTHDR_TYPE_0); - if (*cp != '@') - return -1; - cp++; - *protop = IPPROTO_IPV6; - *optp = IPV6_PKTOPTIONS; - break; -#else - return -1; -#endif -#endif - default: - return -1; - } - - memset(&hints, 0, sizeof(hints)); - hints.ai_family = ai->ai_family; - hints.ai_socktype = SOCK_STREAM; - - for (c = 0;;) { - if (c == ':') - cp2 = 0; - else for (cp2 = cp; (c = *cp2) != '\0'; cp2++) { - if (c == ',') { - *cp2++ = '\0'; - if (*cp2 == '@') - cp2++; - } else if (c == '@') { - *cp2++ = '\0'; - } -#if 0 /*colon conflicts with IPv6 address*/ - else if (c == ':') { - *cp2++ = '\0'; - } -#endif - else - continue; - break; - } - if (!c) - cp2 = 0; - - error = getaddrinfo(cp, NULL, &hints, &res); - if (error) { - fprintf(stderr, "%s: %s\n", cp, gai_strerror(error)); - return -1; - } - if (ai->ai_family != res->ai_family) { - freeaddrinfo(res); - return -1; - } - if (ai->ai_family == AF_INET) { - /* - * Check to make sure there is space for address - */ - if (lsrp + 4 > lsrep) { - freeaddrinfo(res); - return -1; - } - sin = (struct sockaddr_in *)res->ai_addr; - memcpy(lsrp, &sin->sin_addr, sizeof(struct in_addr)); - lsrp += sizeof(struct in_addr); - } -#ifdef INET6 - else if (ai->ai_family == AF_INET6) { - sin6 = (struct sockaddr_in6 *)res->ai_addr; - inet6_rthdr_add(cmsg, &sin6->sin6_addr, - IPV6_RTHDR_LOOSE); - } -#endif - else { - freeaddrinfo(res); - return -1; - } - freeaddrinfo(res); - if (cp2) - cp = cp2; - else - break; - } - if (ai->ai_family == AF_INET) { - /* record the last hop */ - if (lsrp + 4 > lsrep) - return -1; - sin = (struct sockaddr_in *)ai->ai_addr; - memcpy(lsrp, &sin->sin_addr, sizeof(struct in_addr)); - lsrp += sizeof(struct in_addr); -#ifndef sysV88 - lsr[IPOPT_OLEN] = lsrp - lsr; - if (lsr[IPOPT_OLEN] <= 7 || lsr[IPOPT_OLEN] > 40) - return -1; - *lsrp++ = IPOPT_NOP; /*32bit word align*/ - len = lsrp - lsr; - *cpp = lsr; -#else - ipopt.io_len = lsrp - lsr; - if (ipopt.io_len <= 5) /*is 3 better?*/ - return -1; - *cpp = (char 8)&ipopt; -#endif - } -#ifdef INET6 - else if (ai->ai_family == AF_INET6) { - inet6_rthdr_lasthop(cmsg, IPV6_RTHDR_LOOSE); - len = cmsg->cmsg_len; - *cpp = rhbuf; - } -#endif - else - return -1; - return len; -} -#endif diff --git a/crypto/heimdal/appl/telnet/telnet/defines.h b/crypto/heimdal/appl/telnet/telnet/defines.h deleted file mode 100644 index 5c1ac2bcc658..000000000000 --- a/crypto/heimdal/appl/telnet/telnet/defines.h +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)defines.h 8.1 (Berkeley) 6/6/93 - */ - -#define settimer(x) clocks.x = clocks.system++ - -#define NETADD(c) { *netoring.supply = c; ring_supplied(&netoring, 1); } -#define NET2ADD(c1,c2) { NETADD(c1); NETADD(c2); } -#define NETBYTES() (ring_full_count(&netoring)) -#define NETROOM() (ring_empty_count(&netoring)) - -#define TTYADD(c) if (!(SYNCHing||flushout)) { \ - *ttyoring.supply = c; \ - ring_supplied(&ttyoring, 1); \ - } -#define TTYBYTES() (ring_full_count(&ttyoring)) -#define TTYROOM() (ring_empty_count(&ttyoring)) - -/* Various modes */ -#define MODE_LOCAL_CHARS(m) ((m)&(MODE_EDIT|MODE_TRAPSIG)) -#define MODE_LOCAL_ECHO(m) ((m)&MODE_ECHO) -#define MODE_COMMAND_LINE(m) ((m)==-1) - -#define CONTROL(x) ((x)&0x1f) /* CTRL(x) is not portable */ - - -/* XXX extra mode bits, these should be synced with */ - -#define MODE_OUT8 0x8000 /* binary mode sans -opost */ diff --git a/crypto/heimdal/appl/telnet/telnet/externs.h b/crypto/heimdal/appl/telnet/telnet/externs.h deleted file mode 100644 index badfca5775a2..000000000000 --- a/crypto/heimdal/appl/telnet/telnet/externs.h +++ /dev/null @@ -1,444 +0,0 @@ -/* - * Copyright (c) 1988, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)externs.h 8.3 (Berkeley) 5/30/95 - */ - -/* $Id: externs.h 21734 2007-07-31 01:55:45Z lha $ */ - -#ifndef BSD -# define BSD 43 -#endif - -#ifndef _POSIX_VDISABLE -# ifdef sun -# include /* pick up VDISABLE definition, mayby */ -# endif -# ifdef VDISABLE -# define _POSIX_VDISABLE VDISABLE -# else -# define _POSIX_VDISABLE ((cc_t)'\377') -# endif -#endif - -#define SUBBUFSIZE 256 - -extern int - autologin, /* Autologin enabled */ - skiprc, /* Don't process the ~/.telnetrc file */ - eight, /* use eight bit mode (binary in and/or out */ - binary, - flushout, /* flush output */ - connected, /* Are we connected to the other side? */ - globalmode, /* Mode tty should be in */ - telnetport, /* Are we connected to the telnet port? */ - localflow, /* Flow control handled locally */ - restartany, /* If flow control, restart output on any character */ - localchars, /* we recognize interrupt/quit */ - donelclchars, /* the user has set "localchars" */ - showoptions, - wantencryption, /* User has requested encryption */ - net, /* Network file descriptor */ - tin, /* Terminal input file descriptor */ - tout, /* Terminal output file descriptor */ - crlf, /* Should '\r' be mapped to (or )? */ - autoflush, /* flush output when interrupting? */ - autosynch, /* send interrupt characters with SYNCH? */ - SYNCHing, /* Is the stream in telnet SYNCH mode? */ - donebinarytoggle, /* the user has put us in binary */ - dontlecho, /* do we suppress local echoing right now? */ - crmod, - netdata, /* Print out network data flow */ - prettydump, /* Print "netdata" output in user readable format */ - termdata, /* Print out terminal data flow */ - debug; /* Debug level */ - -extern int intr_happened, intr_waiting; /* for interrupt handling */ - -extern cc_t escape; /* Escape to command mode */ -extern cc_t rlogin; /* Rlogin mode escape character */ -#ifdef KLUDGELINEMODE -extern cc_t echoc; /* Toggle local echoing */ -#endif - -extern char - *prompt; /* Prompt for command. */ - -extern char - doopt[], - dont[], - will[], - wont[], - do_dont_resp[], - will_wont_resp[], - options[], /* All the little options */ - *hostname; /* Who are we connected to? */ -#if defined(ENCRYPTION) -extern void (*encrypt_output) (unsigned char *, int); -extern int (*decrypt_input) (int); -#endif - -/* - * We keep track of each side of the option negotiation. - */ - -#define MY_STATE_WILL 0x01 -#define MY_WANT_STATE_WILL 0x02 -#define MY_STATE_DO 0x04 -#define MY_WANT_STATE_DO 0x08 - -/* - * Macros to check the current state of things - */ - -#define my_state_is_do(opt) (options[opt]&MY_STATE_DO) -#define my_state_is_will(opt) (options[opt]&MY_STATE_WILL) -#define my_want_state_is_do(opt) (options[opt]&MY_WANT_STATE_DO) -#define my_want_state_is_will(opt) (options[opt]&MY_WANT_STATE_WILL) - -#define my_state_is_dont(opt) (!my_state_is_do(opt)) -#define my_state_is_wont(opt) (!my_state_is_will(opt)) -#define my_want_state_is_dont(opt) (!my_want_state_is_do(opt)) -#define my_want_state_is_wont(opt) (!my_want_state_is_will(opt)) - -#define set_my_state_do(opt) {options[opt] |= MY_STATE_DO;} -#define set_my_state_will(opt) {options[opt] |= MY_STATE_WILL;} -#define set_my_want_state_do(opt) {options[opt] |= MY_WANT_STATE_DO;} -#define set_my_want_state_will(opt) {options[opt] |= MY_WANT_STATE_WILL;} - -#define set_my_state_dont(opt) {options[opt] &= ~MY_STATE_DO;} -#define set_my_state_wont(opt) {options[opt] &= ~MY_STATE_WILL;} -#define set_my_want_state_dont(opt) {options[opt] &= ~MY_WANT_STATE_DO;} -#define set_my_want_state_wont(opt) {options[opt] &= ~MY_WANT_STATE_WILL;} - -/* - * Make everything symmetrical - */ - -#define HIS_STATE_WILL MY_STATE_DO -#define HIS_WANT_STATE_WILL MY_WANT_STATE_DO -#define HIS_STATE_DO MY_STATE_WILL -#define HIS_WANT_STATE_DO MY_WANT_STATE_WILL - -#define his_state_is_do my_state_is_will -#define his_state_is_will my_state_is_do -#define his_want_state_is_do my_want_state_is_will -#define his_want_state_is_will my_want_state_is_do - -#define his_state_is_dont my_state_is_wont -#define his_state_is_wont my_state_is_dont -#define his_want_state_is_dont my_want_state_is_wont -#define his_want_state_is_wont my_want_state_is_dont - -#define set_his_state_do set_my_state_will -#define set_his_state_will set_my_state_do -#define set_his_want_state_do set_my_want_state_will -#define set_his_want_state_will set_my_want_state_do - -#define set_his_state_dont set_my_state_wont -#define set_his_state_wont set_my_state_dont -#define set_his_want_state_dont set_my_want_state_wont -#define set_his_want_state_wont set_my_want_state_dont - - -extern FILE - *NetTrace; /* Where debugging output goes */ -extern char - NetTraceFile[]; /* Name of file where debugging output goes */ -extern void - SetNetTrace (char *); /* Function to change where debugging goes */ - -extern jmp_buf - peerdied, - toplevel; /* For error conditions. */ - -int Scheduler(int); -extern int scheduler_lockout_tty; - - -/* authenc.c */ - -#if defined(AUTHENTICATION) || defined(ENCRYPTION) -int telnet_net_write(unsigned char *str, int len); -void net_encrypt(void); -int telnet_spin(void); -char *telnet_getenv(const char *val); -char *telnet_gets(char *prompt, char *result, int length, int echo); -#endif - -/* commands.c */ - -struct env_lst *env_define (unsigned char *, unsigned char *); -struct env_lst *env_find(unsigned char *var); -void env_init (void); -void env_undefine (unsigned char *); -void env_export (unsigned char *); -void env_unexport (unsigned char *); -void env_send (unsigned char *); -void env_list (void); -unsigned char * env_default(int init, int welldefined); -unsigned char * env_getvalue(unsigned char *var); - -void set_escape_char(char *s); -int sourceroute(struct addrinfo *ai, char *arg, char **cpp, - int *prototp, int *optp); - -#if defined(AUTHENTICATION) -int auth_enable (char *); -int auth_disable (char *); -int auth_status (void); -#endif - -#if defined(ENCRYPTION) -int EncryptEnable (char *, char *); -int EncryptDisable (char *, char *); -int EncryptType (char *, char *); -int EncryptStart (char *); -int EncryptStartInput (void); -int EncryptStartOutput (void); -int EncryptStop (char *); -int EncryptStopInput (void); -int EncryptStopOutput (void); -int EncryptStatus (void); -#endif - -#ifdef SIGINFO -RETSIGTYPE ayt_status(int); -#endif -int tn(int argc, char **argv); -void command(int top, char *tbuf, int cnt); - -/* main.c */ - -void tninit(void); -void set_forward_options(void); - -/* network.c */ - -void init_network(void); -int stilloob(void); -void setneturg(void); -int netflush(void); - -/* sys_bsd.c */ - -void init_sys(void); -int TerminalWrite(char *buf, int n); -int TerminalRead(unsigned char *buf, int n); -int TerminalAutoFlush(void); -int TerminalSpecialChars(int c); -void TerminalFlushOutput(void); -void TerminalSaveState(void); -void TerminalDefaultChars(void); -void TerminalNewMode(int f); -cc_t *tcval(int func); -void TerminalSpeeds(long *input_speed, long *output_speed); -int TerminalWindowSize(long *rows, long *cols); -int NetClose(int fd); -void NetNonblockingIO(int fd, int onoff); -int process_rings(int netin, int netout, int netex, int ttyin, int ttyout, - int poll); - -/* telnet.c */ - -void init_telnet(void); - -void tel_leave_binary(int rw); -void tel_enter_binary(int rw); -int opt_welldefined(char *ep); -int telrcv(void); -int rlogin_susp(void); -void intp(void); -void sendbrk(void); -void sendabort(void); -void sendsusp(void); -void sendeof(void); -void sendayt(void); - -void xmitAO(void); -void xmitEL(void); -void xmitEC(void); - - -void Dump (char, unsigned char *, int); -void printoption (char *, int, int); -void printsub (int, unsigned char *, int); -void sendnaws (void); -void setconnmode (int); -void setcommandmode (void); -void setneturg (void); -void sys_telnet_init (void); -void my_telnet (char *); -void tel_enter_binary (int); -void TerminalFlushOutput (void); -void TerminalNewMode (int); -void TerminalRestoreState (void); -void TerminalSaveState (void); -void willoption (int); -void wontoption (int); - - -void send_do (int, int); -void send_dont (int, int); -void send_will (int, int); -void send_wont (int, int); - -void lm_will (unsigned char *, int); -void lm_wont (unsigned char *, int); -void lm_do (unsigned char *, int); -void lm_dont (unsigned char *, int); -void lm_mode (unsigned char *, int, int); - -void slc_init (void); -void slcstate (void); -void slc_mode_export (void); -void slc_mode_import (int); -void slc_import (int); -void slc_export (void); -void slc (unsigned char *, int); -void slc_check (void); -void slc_start_reply (void); -void slc_add_reply (unsigned char, unsigned char, cc_t); -void slc_end_reply (void); -int slc_update (void); - -void env_opt (unsigned char *, int); -void env_opt_start (void); -void env_opt_start_info (void); -void env_opt_add (unsigned char *); -void env_opt_end (int); - -unsigned char *env_default (int, int); -unsigned char *env_getvalue (unsigned char *); - -int get_status (void); -int dosynch (void); - -cc_t *tcval (int); - -int quit (void); - -/* terminal.c */ - -void init_terminal(void); -int ttyflush(int drop); -int getconnmode(void); - -/* utilities.c */ - -int SetSockOpt(int fd, int level, int option, int yesno); -void SetNetTrace(char *file); -void Dump(char direction, unsigned char *buffer, int length); -void printoption(char *direction, int cmd, int option); -void optionstatus(void); -void printsub(int direction, unsigned char *pointer, int length); -void EmptyTerminal(void); -void SetForExit(void); -void Exit(int returnCode); -void ExitString(char *string, int returnCode); - -extern struct termios new_tc; - -# define termEofChar new_tc.c_cc[VEOF] -# define termEraseChar new_tc.c_cc[VERASE] -# define termIntChar new_tc.c_cc[VINTR] -# define termKillChar new_tc.c_cc[VKILL] -# define termQuitChar new_tc.c_cc[VQUIT] - -# ifndef VSUSP -extern cc_t termSuspChar; -# else -# define termSuspChar new_tc.c_cc[VSUSP] -# endif -# if defined(VFLUSHO) && !defined(VDISCARD) -# define VDISCARD VFLUSHO -# endif -# ifndef VDISCARD -extern cc_t termFlushChar; -# else -# define termFlushChar new_tc.c_cc[VDISCARD] -# endif -# ifndef VWERASE -extern cc_t termWerasChar; -# else -# define termWerasChar new_tc.c_cc[VWERASE] -# endif -# ifndef VREPRINT -extern cc_t termRprntChar; -# else -# define termRprntChar new_tc.c_cc[VREPRINT] -# endif -# ifndef VLNEXT -extern cc_t termLiteralNextChar; -# else -# define termLiteralNextChar new_tc.c_cc[VLNEXT] -# endif -# ifndef VSTART -extern cc_t termStartChar; -# else -# define termStartChar new_tc.c_cc[VSTART] -# endif -# ifndef VSTOP -extern cc_t termStopChar; -# else -# define termStopChar new_tc.c_cc[VSTOP] -# endif -# ifndef VEOL -extern cc_t termForw1Char; -# else -# define termForw1Char new_tc.c_cc[VEOL] -# endif -# ifndef VEOL2 -extern cc_t termForw2Char; -# else -# define termForw2Char new_tc.c_cc[VEOL] -# endif -# ifndef VSTATUS -extern cc_t termAytChar; -#else -# define termAytChar new_tc.c_cc[VSTATUS] -#endif - -/* Ring buffer structures which are shared */ - -extern Ring - netoring, - netiring, - ttyoring, - ttyiring; - -extern int resettermname; -extern int linemode; -#ifdef KLUDGELINEMODE -extern int kludgelinemode; -#endif -extern int want_status_response; diff --git a/crypto/heimdal/appl/telnet/telnet/main.c b/crypto/heimdal/appl/telnet/telnet/main.c deleted file mode 100644 index bb358a8d8823..000000000000 --- a/crypto/heimdal/appl/telnet/telnet/main.c +++ /dev/null @@ -1,370 +0,0 @@ -/* - * Copyright (c) 1988, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -static char *copyright[] = { - "@(#) Copyright (c) 1988, 1990, 1993\n" - "\tThe Regents of the University of California. All rights reserved.\n", - (char*)copyright -}; - -#include "telnet_locl.h" -RCSID("$Id: main.c 21731 2007-07-30 20:01:26Z lha $"); - -#if KRB5 -#define FORWARD -#endif - -/* - * Initialize variables. - */ -void -tninit(void) -{ - init_terminal(); - - init_network(); - - init_telnet(); - - init_sys(); -} - -static void -usage(int exit_code) -{ - fprintf(stderr, "Usage: %s %s%s%s%s\n", prompt, -#ifdef AUTHENTICATION - "[-8] [-E] [-K] [-L] [-G] [-S tos] [-X atype] [-a] [-c] [-d] [-e char]", - "\n\t[-k realm] [-l user] [-f/-F] [-n tracefile] ", -#else - "[-8] [-E] [-L] [-S tos] [-a] [-c] [-d] [-e char] [-l user]", - "\n\t[-n tracefile]", -#endif - "[-r] ", -#ifdef ENCRYPTION - "[-x] [host-name [port]]" -#else - "[host-name [port]]" -#endif - ); - exit(exit_code); -} - -/* - * main. Parse arguments, invoke the protocol or command parser. - */ - - -#ifdef FORWARD -int forward_option = 0; /* forward flags set from command line */ -#endif /* FORWARD */ -void -set_forward_options(void) -{ -#ifdef FORWARD - switch(forward_option) { - case 'f': - kerberos5_set_forward(1); - kerberos5_set_forwardable(0); - break; - case 'F': - kerberos5_set_forward(1); - kerberos5_set_forwardable(1); - break; - case 'G': - kerberos5_set_forward(0); - kerberos5_set_forwardable(0); - break; - default: - break; - } -#endif -} - -#ifdef KRB5 -#define Authenticator asn1_Authenticator -#include -static void -krb5_init(void) -{ - krb5_context context; - krb5_error_code ret; - krb5_boolean ret_val; - - ret = krb5_init_context(&context); - if (ret) - return; - -#if defined(AUTHENTICATION) && defined(FORWARD) - krb5_appdefault_boolean(context, NULL, - NULL, "forward", - 0, &ret_val); - if (ret_val) - kerberos5_set_forward(1); - krb5_appdefault_boolean(context, NULL, - NULL, "forwardable", - 0, &ret_val); - if (ret_val) - kerberos5_set_forwardable(1); -#endif -#ifdef ENCRYPTION - krb5_appdefault_boolean(context, NULL, - NULL, "encrypt", - 0, &ret_val); - if (ret_val) { - encrypt_auto(1); - decrypt_auto(1); - wantencryption = 1; - EncryptVerbose(1); - } -#endif - - krb5_free_context(context); -} -#endif - -#if defined(AUTHENTICATION) && defined(KRB4) -extern char *dest_realm, dst_realm_buf[]; -extern int dst_realm_sz; -#endif - -int -main(int argc, char **argv) -{ - int ch; - char *user; - - setprogname(argv[0]); - -#ifdef KRB5 - krb5_init(); -#endif - - tninit(); /* Clear out things */ - - TerminalSaveState(); - - if ((prompt = strrchr(argv[0], '/'))) - ++prompt; - else - prompt = argv[0]; - - user = NULL; - - rlogin = (strncmp(prompt, "rlog", 4) == 0) ? '~' : _POSIX_VDISABLE; - - /* - * if AUTHENTICATION and ENCRYPTION is set autologin will be - * se to true after the getopt switch; unless the -K option is - * passed - */ - autologin = -1; - - if (argc == 2 && strcmp(argv[1], "--version") == 0) { - print_version(NULL); - exit(0); - } - if (argc == 2 && strcmp(argv[1], "--help") == 0) - usage(0); - - - while((ch = getopt(argc, argv, - "78DEKLS:X:abcde:fFk:l:n:rxG")) != -1) { - switch(ch) { - case '8': - eight = 3; /* binary output and input */ - break; - case '7': - eight = 0; - break; - case 'b': - binary = 3; - break; - case 'D': { - /* sometimes we don't want a mangled display */ - char *p; - if((p = getenv("DISPLAY"))) - env_define((unsigned char*)"DISPLAY", (unsigned char*)p); - break; - } - case 'E': - rlogin = escape = _POSIX_VDISABLE; - break; - case 'K': -#ifdef AUTHENTICATION - autologin = 0; -#endif - break; - case 'L': - eight |= 2; /* binary output only */ - break; - case 'S': - { -#ifdef HAVE_PARSETOS - extern int tos; - - if ((tos = parsetos(optarg, "tcp")) < 0) - fprintf(stderr, "%s%s%s%s\n", - prompt, ": Bad TOS argument '", - optarg, - "; will try to use default TOS"); -#else - fprintf(stderr, - "%s: Warning: -S ignored, no parsetos() support.\n", - prompt); -#endif - } - break; - case 'X': -#ifdef AUTHENTICATION - auth_disable_name(optarg); -#endif - break; - case 'a': - autologin = 1; - break; - case 'c': - skiprc = 1; - break; - case 'd': - debug = 1; - break; - case 'e': - set_escape_char(optarg); - break; - case 'f': - case 'F': - case 'G': -#if defined(AUTHENTICATION) && defined(KRB5) && defined(FORWARD) - if (forward_option) { - fprintf(stderr, - "%s: Only one of -f, -F and -G allowed.\n", - prompt); - usage(1); - } - forward_option = ch; -#else - fprintf(stderr, - "%s: Warning: -%c ignored, no Kerberos V5 support.\n", - prompt, ch); -#endif - break; - case 'k': -#if defined(AUTHENTICATION) && defined(KRB4) - { - dest_realm = dst_realm_buf; - strlcpy(dest_realm, optarg, dst_realm_sz); - } -#else - fprintf(stderr, - "%s: Warning: -k ignored, no Kerberos V4 support.\n", - prompt); -#endif - break; - case 'l': - if(autologin == 0){ - fprintf(stderr, "%s: Warning: -K ignored\n", prompt); - autologin = -1; - } - user = optarg; - break; - case 'n': - SetNetTrace(optarg); - break; - case 'r': - rlogin = '~'; - break; - case 'x': -#ifdef ENCRYPTION - encrypt_auto(1); - decrypt_auto(1); - wantencryption = 1; - EncryptVerbose(1); -#else - fprintf(stderr, - "%s: Warning: -x ignored, no ENCRYPT support.\n", - prompt); -#endif - break; - - case '?': - default: - usage(1); - /* NOTREACHED */ - } - } - - if (autologin == -1) { /* esc@magic.fi; force */ -#if defined(AUTHENTICATION) - autologin = 1; -#endif -#if defined(ENCRYPTION) - encrypt_auto(1); - decrypt_auto(1); - wantencryption = -1; -#endif - } - - if (autologin == -1) - autologin = (rlogin == _POSIX_VDISABLE) ? 0 : 1; - - argc -= optind; - argv += optind; - - if (argc) { - char *args[7], **argp = args; - - if (argc > 2) - usage(1); - *argp++ = prompt; - if (user) { - *argp++ = "-l"; - *argp++ = user; - } - *argp++ = argv[0]; /* host */ - if (argc > 1) - *argp++ = argv[1]; /* port */ - *argp = 0; - - if (setjmp(toplevel) != 0) - Exit(0); - if (tn(argp - args, args) == 1) - return (0); - else - return (1); - } - setjmp(toplevel); - for (;;) { - command(1, 0, 0); - } -} diff --git a/crypto/heimdal/appl/telnet/telnet/network.c b/crypto/heimdal/appl/telnet/telnet/network.c deleted file mode 100644 index 4a565880d2a2..000000000000 --- a/crypto/heimdal/appl/telnet/telnet/network.c +++ /dev/null @@ -1,173 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnet_locl.h" - -RCSID("$Id: network.c 13941 2004-06-20 17:01:28Z lha $"); - -Ring netoring, netiring; -size_t netobufsize = 64*1024; -size_t netibufsize = 64*1024; - -/* - * Initialize internal network data structures. - */ - -void -init_network(void) -{ - void *obuf, *ibuf; - - if ((obuf = malloc(netobufsize)) == NULL) - exit(1); - if ((ibuf = malloc(netibufsize)) == NULL) - exit(1); - - if (ring_init(&netoring, obuf, netobufsize) != 1) { - exit(1); - } - if (ring_init(&netiring, ibuf, netibufsize) != 1) { - exit(1); - } - NetTrace = stdout; -} - - -/* - * Check to see if any out-of-band data exists on a socket (for - * Telnet "synch" processing). - */ - -int -stilloob(void) -{ - static struct timeval timeout = { 0 }; - fd_set excepts; - int value; - - do { - FD_ZERO(&excepts); - if (net >= FD_SETSIZE) - errx (1, "fd too large"); - FD_SET(net, &excepts); - value = select(net+1, 0, 0, &excepts, &timeout); - } while ((value == -1) && (errno == EINTR)); - - if (value < 0) { - perror("select"); - quit(); - /* NOTREACHED */ - } - if (FD_ISSET(net, &excepts)) { - return 1; - } else { - return 0; - } -} - - -/* - * setneturg() - * - * Sets "neturg" to the current location. - */ - -void -setneturg(void) -{ - ring_mark(&netoring); -} - - -/* - * netflush - * Send as much data as possible to the network, - * handling requests for urgent data. - * - * The return value indicates whether we did any - * useful work. - */ - - -int -netflush(void) -{ - int n, n1; - -#if defined(ENCRYPTION) - if (encrypt_output) - ring_encrypt(&netoring, encrypt_output); -#endif - if ((n1 = n = ring_full_consecutive(&netoring)) > 0) { - if (!ring_at_mark(&netoring)) { - n = send(net, (char *)netoring.consume, n, 0); /* normal write */ - } else { - /* - * In 4.2 (and 4.3) systems, there is some question about - * what byte in a sendOOB operation is the "OOB" data. - * To make ourselves compatible, we only send ONE byte - * out of band, the one WE THINK should be OOB (though - * we really have more the TCP philosophy of urgent data - * rather than the Unix philosophy of OOB data). - */ - n = send(net, (char *)netoring.consume, 1, MSG_OOB);/* URGENT data */ - } - } - if (n < 0) { - if (errno != ENOBUFS && errno != EWOULDBLOCK) { - setcommandmode(); - perror(hostname); - NetClose(net); - ring_clear_mark(&netoring); - longjmp(peerdied, -1); - /*NOTREACHED*/ - } - n = 0; - } - if (netdata && n) { - Dump('>', netoring.consume, n); - } - if (n) { - ring_consumed(&netoring, n); - /* - * If we sent all, and more to send, then recurse to pick - * up the other half. - */ - if ((n1 == n) && ring_full_consecutive(&netoring)) { - netflush(); - } - return 1; - } else { - return 0; - } -} diff --git a/crypto/heimdal/appl/telnet/telnet/ring.c b/crypto/heimdal/appl/telnet/telnet/ring.c deleted file mode 100644 index fd93e949482c..000000000000 --- a/crypto/heimdal/appl/telnet/telnet/ring.c +++ /dev/null @@ -1,321 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnet_locl.h" - -RCSID("$Id: ring.c 7853 2000-02-06 05:15:47Z assar $"); - -/* - * This defines a structure for a ring buffer. - * - * The circular buffer has two parts: - *((( - * full: [consume, supply) - * empty: [supply, consume) - *]]] - * - */ - -/* Internal macros */ - -#define ring_subtract(d,a,b) (((a)-(b) >= 0)? \ - (a)-(b): (((a)-(b))+(d)->size)) - -#define ring_increment(d,a,c) (((a)+(c) < (d)->top)? \ - (a)+(c) : (((a)+(c))-(d)->size)) - -#define ring_decrement(d,a,c) (((a)-(c) >= (d)->bottom)? \ - (a)-(c) : (((a)-(c))-(d)->size)) - - -/* - * The following is a clock, used to determine full, empty, etc. - * - * There is some trickiness here. Since the ring buffers are initialized - * to ZERO on allocation, we need to make sure, when interpreting the - * clock, that when the times are EQUAL, then the buffer is FULL. - */ -static u_long ring_clock = 0; - - -#define ring_empty(d) (((d)->consume == (d)->supply) && \ - ((d)->consumetime >= (d)->supplytime)) -#define ring_full(d) (((d)->supply == (d)->consume) && \ - ((d)->supplytime > (d)->consumetime)) - - - - - -/* Buffer state transition routines */ - -int -ring_init(Ring *ring, unsigned char *buffer, int count) -{ - memset(ring, 0, sizeof *ring); - - ring->size = count; - - ring->supply = ring->consume = ring->bottom = buffer; - - ring->top = ring->bottom+ring->size; - -#if defined(ENCRYPTION) - ring->clearto = 0; -#endif - - return 1; -} - -/* Mark routines */ - -/* - * Mark the most recently supplied byte. - */ - -void -ring_mark(Ring *ring) -{ - ring->mark = ring_decrement(ring, ring->supply, 1); -} - -/* - * Is the ring pointing to the mark? - */ - -int -ring_at_mark(Ring *ring) -{ - if (ring->mark == ring->consume) { - return 1; - } else { - return 0; - } -} - -/* - * Clear any mark set on the ring. - */ - -void -ring_clear_mark(Ring *ring) -{ - ring->mark = 0; -} - -/* - * Add characters from current segment to ring buffer. - */ -void -ring_supplied(Ring *ring, int count) -{ - ring->supply = ring_increment(ring, ring->supply, count); - ring->supplytime = ++ring_clock; -} - -/* - * We have just consumed "c" bytes. - */ -void -ring_consumed(Ring *ring, int count) -{ - if (count == 0) /* don't update anything */ - return; - - if (ring->mark && - (ring_subtract(ring, ring->mark, ring->consume) < count)) { - ring->mark = 0; - } -#if defined(ENCRYPTION) - if (ring->consume < ring->clearto && - ring->clearto <= ring->consume + count) - ring->clearto = 0; - else if (ring->consume + count > ring->top && - ring->bottom <= ring->clearto && - ring->bottom + ((ring->consume + count) - ring->top)) - ring->clearto = 0; -#endif - ring->consume = ring_increment(ring, ring->consume, count); - ring->consumetime = ++ring_clock; - /* - * Try to encourage "ring_empty_consecutive()" to be large. - */ - if (ring_empty(ring)) { - ring->consume = ring->supply = ring->bottom; - } -} - - - -/* Buffer state query routines */ - - -/* Number of bytes that may be supplied */ -int -ring_empty_count(Ring *ring) -{ - if (ring_empty(ring)) { /* if empty */ - return ring->size; - } else { - return ring_subtract(ring, ring->consume, ring->supply); - } -} - -/* number of CONSECUTIVE bytes that may be supplied */ -int -ring_empty_consecutive(Ring *ring) -{ - if ((ring->consume < ring->supply) || ring_empty(ring)) { - /* - * if consume is "below" supply, or empty, then - * return distance to the top - */ - return ring_subtract(ring, ring->top, ring->supply); - } else { - /* - * else, return what we may. - */ - return ring_subtract(ring, ring->consume, ring->supply); - } -} - -/* Return the number of bytes that are available for consuming - * (but don't give more than enough to get to cross over set mark) - */ - -int -ring_full_count(Ring *ring) -{ - if ((ring->mark == 0) || (ring->mark == ring->consume)) { - if (ring_full(ring)) { - return ring->size; /* nothing consumed, but full */ - } else { - return ring_subtract(ring, ring->supply, ring->consume); - } - } else { - return ring_subtract(ring, ring->mark, ring->consume); - } -} - -/* - * Return the number of CONSECUTIVE bytes available for consuming. - * However, don't return more than enough to cross over set mark. - */ -int -ring_full_consecutive(Ring *ring) -{ - if ((ring->mark == 0) || (ring->mark == ring->consume)) { - if ((ring->supply < ring->consume) || ring_full(ring)) { - return ring_subtract(ring, ring->top, ring->consume); - } else { - return ring_subtract(ring, ring->supply, ring->consume); - } - } else { - if (ring->mark < ring->consume) { - return ring_subtract(ring, ring->top, ring->consume); - } else { /* Else, distance to mark */ - return ring_subtract(ring, ring->mark, ring->consume); - } - } -} - -/* - * Move data into the "supply" portion of of the ring buffer. - */ -void -ring_supply_data(Ring *ring, unsigned char *buffer, int count) -{ - int i; - - while (count) { - i = min(count, ring_empty_consecutive(ring)); - memmove(ring->supply, buffer, i); - ring_supplied(ring, i); - count -= i; - buffer += i; - } -} - -#ifdef notdef - -/* - * Move data from the "consume" portion of the ring buffer - */ -void -ring_consume_data(Ring *ring, unsigned char *buffer, int count) -{ - int i; - - while (count) { - i = min(count, ring_full_consecutive(ring)); - memmove(buffer, ring->consume, i); - ring_consumed(ring, i); - count -= i; - buffer += i; - } -} -#endif - -#if defined(ENCRYPTION) -void -ring_encrypt(Ring *ring, void (*encryptor)(unsigned char *, int)) -{ - unsigned char *s, *c; - - if (ring_empty(ring) || ring->clearto == ring->supply) - return; - - if (!(c = ring->clearto)) - c = ring->consume; - - s = ring->supply; - - if (s <= c) { - (*encryptor)(c, ring->top - c); - (*encryptor)(ring->bottom, s - ring->bottom); - } else - (*encryptor)(c, s - c); - - ring->clearto = ring->supply; -} - -void -ring_clearto(Ring *ring) -{ - if (!ring_empty(ring)) - ring->clearto = ring->supply; - else - ring->clearto = 0; -} -#endif - diff --git a/crypto/heimdal/appl/telnet/telnet/ring.h b/crypto/heimdal/appl/telnet/telnet/ring.h deleted file mode 100644 index d0c2ad75b66c..000000000000 --- a/crypto/heimdal/appl/telnet/telnet/ring.h +++ /dev/null @@ -1,99 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)ring.h 8.1 (Berkeley) 6/6/93 - */ - -/* $Id: ring.h 7853 2000-02-06 05:15:47Z assar $ */ - -/* - * This defines a structure for a ring buffer. - * - * The circular buffer has two parts: - *((( - * full: [consume, supply) - * empty: [supply, consume) - *]]] - * - */ -typedef struct { - unsigned char *consume, /* where data comes out of */ - *supply, /* where data comes in to */ - *bottom, /* lowest address in buffer */ - *top, /* highest address+1 in buffer */ - *mark; /* marker (user defined) */ -#if defined(ENCRYPTION) - unsigned char *clearto; /* Data to this point is clear text */ - unsigned char *encryyptedto; /* Data is encrypted to here */ -#endif - int size; /* size in bytes of buffer */ - u_long consumetime, /* help us keep straight full, empty, etc. */ - supplytime; -} Ring; - -/* Here are some functions and macros to deal with the ring buffer */ - -/* Initialization routine */ -extern int - ring_init (Ring *ring, unsigned char *buffer, int count); - -/* Data movement routines */ -extern void - ring_supply_data (Ring *ring, unsigned char *buffer, int count); -#ifdef notdef -extern void - ring_consume_data (Ring *ring, unsigned char *buffer, int count); -#endif - -/* Buffer state transition routines */ -extern void - ring_supplied (Ring *ring, int count), - ring_consumed (Ring *ring, int count); - -/* Buffer state query routines */ -extern int - ring_empty_count (Ring *ring), - ring_empty_consecutive (Ring *ring), - ring_full_count (Ring *ring), - ring_full_consecutive (Ring *ring); - -#if defined(ENCRYPTION) -extern void - ring_encrypt (Ring *ring, void (*func)(unsigned char *, int)), - ring_clearto (Ring *ring); -#endif - -extern int ring_at_mark(Ring *ring); - -extern void - ring_clear_mark(Ring *ring), - ring_mark(Ring *ring); diff --git a/crypto/heimdal/appl/telnet/telnet/sys_bsd.c b/crypto/heimdal/appl/telnet/telnet/sys_bsd.c deleted file mode 100644 index 5bc2d1298cbb..000000000000 --- a/crypto/heimdal/appl/telnet/telnet/sys_bsd.c +++ /dev/null @@ -1,979 +0,0 @@ -/* - * Copyright (c) 1988, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnet_locl.h" - -RCSID("$Id: sys_bsd.c 10941 2002-04-18 16:18:43Z joda $"); - -/* - * The following routines try to encapsulate what is system dependent - * (at least between 4.x and dos) which is used in telnet.c. - */ - -int - tout, /* Output file descriptor */ - tin, /* Input file descriptor */ - net; - -struct termios old_tc = { 0 }; -extern struct termios new_tc; - -# ifndef TCSANOW -# ifdef TCSETS -# define TCSANOW TCSETS -# define TCSADRAIN TCSETSW -# define tcgetattr(f, t) ioctl(f, TCGETS, (char *)t) -# else -# ifdef TCSETA -# define TCSANOW TCSETA -# define TCSADRAIN TCSETAW -# define tcgetattr(f, t) ioctl(f, TCGETA, (char *)t) -# else -# define TCSANOW TIOCSETA -# define TCSADRAIN TIOCSETAW -# define tcgetattr(f, t) ioctl(f, TIOCGETA, (char *)t) -# endif -# endif -# define tcsetattr(f, a, t) ioctl(f, a, (char *)t) -# define cfgetospeed(ptr) ((ptr)->c_cflag&CBAUD) -# ifdef CIBAUD -# define cfgetispeed(ptr) (((ptr)->c_cflag&CIBAUD) >> IBSHIFT) -# else -# define cfgetispeed(ptr) cfgetospeed(ptr) -# endif -# endif /* TCSANOW */ - -static fd_set ibits, obits, xbits; - - -void -init_sys(void) -{ - tout = fileno(stdout); - tin = fileno(stdin); - FD_ZERO(&ibits); - FD_ZERO(&obits); - FD_ZERO(&xbits); - - errno = 0; -} - - -int -TerminalWrite(char *buf, int n) -{ - return write(tout, buf, n); -} - -int -TerminalRead(unsigned char *buf, int n) -{ - return read(tin, buf, n); -} - -/* - * - */ - -int -TerminalAutoFlush(void) -{ -#if defined(LNOFLSH) - int flush; - - ioctl(0, TIOCLGET, (char *)&flush); - return !(flush&LNOFLSH); /* if LNOFLSH, no autoflush */ -#else /* LNOFLSH */ - return 1; -#endif /* LNOFLSH */ -} - -/* - * TerminalSpecialChars() - * - * Look at an input character to see if it is a special character - * and decide what to do. - * - * Output: - * - * 0 Don't add this character. - * 1 Do add this character - */ - -int -TerminalSpecialChars(int c) -{ - if (c == termIntChar) { - intp(); - return 0; - } else if (c == termQuitChar) { -#ifdef KLUDGELINEMODE - if (kludgelinemode) - sendbrk(); - else -#endif - sendabort(); - return 0; - } else if (c == termEofChar) { - if (my_want_state_is_will(TELOPT_LINEMODE)) { - sendeof(); - return 0; - } - return 1; - } else if (c == termSuspChar) { - sendsusp(); - return(0); - } else if (c == termFlushChar) { - xmitAO(); /* Transmit Abort Output */ - return 0; - } else if (!MODE_LOCAL_CHARS(globalmode)) { - if (c == termKillChar) { - xmitEL(); - return 0; - } else if (c == termEraseChar) { - xmitEC(); /* Transmit Erase Character */ - return 0; - } - } - return 1; -} - - -/* - * Flush output to the terminal - */ - -void -TerminalFlushOutput(void) -{ -#ifdef TIOCFLUSH - ioctl(fileno(stdout), TIOCFLUSH, (char *) 0); -#else - ioctl(fileno(stdout), TCFLSH, (char *) 0); -#endif -} - -void -TerminalSaveState(void) -{ - tcgetattr(0, &old_tc); - - new_tc = old_tc; - -#ifndef VDISCARD - termFlushChar = CONTROL('O'); -#endif -#ifndef VWERASE - termWerasChar = CONTROL('W'); -#endif -#ifndef VREPRINT - termRprntChar = CONTROL('R'); -#endif -#ifndef VLNEXT - termLiteralNextChar = CONTROL('V'); -#endif -#ifndef VSTART - termStartChar = CONTROL('Q'); -#endif -#ifndef VSTOP - termStopChar = CONTROL('S'); -#endif -#ifndef VSTATUS - termAytChar = CONTROL('T'); -#endif -} - -cc_t* -tcval(int func) -{ - switch(func) { - case SLC_IP: return(&termIntChar); - case SLC_ABORT: return(&termQuitChar); - case SLC_EOF: return(&termEofChar); - case SLC_EC: return(&termEraseChar); - case SLC_EL: return(&termKillChar); - case SLC_XON: return(&termStartChar); - case SLC_XOFF: return(&termStopChar); - case SLC_FORW1: return(&termForw1Char); - case SLC_FORW2: return(&termForw2Char); -# ifdef VDISCARD - case SLC_AO: return(&termFlushChar); -# endif -# ifdef VSUSP - case SLC_SUSP: return(&termSuspChar); -# endif -# ifdef VWERASE - case SLC_EW: return(&termWerasChar); -# endif -# ifdef VREPRINT - case SLC_RP: return(&termRprntChar); -# endif -# ifdef VLNEXT - case SLC_LNEXT: return(&termLiteralNextChar); -# endif -# ifdef VSTATUS - case SLC_AYT: return(&termAytChar); -# endif - - case SLC_SYNCH: - case SLC_BRK: - case SLC_EOR: - default: - return((cc_t *)0); - } -} - -void -TerminalDefaultChars(void) -{ - memmove(new_tc.c_cc, old_tc.c_cc, sizeof(old_tc.c_cc)); -# ifndef VDISCARD - termFlushChar = CONTROL('O'); -# endif -# ifndef VWERASE - termWerasChar = CONTROL('W'); -# endif -# ifndef VREPRINT - termRprntChar = CONTROL('R'); -# endif -# ifndef VLNEXT - termLiteralNextChar = CONTROL('V'); -# endif -# ifndef VSTART - termStartChar = CONTROL('Q'); -# endif -# ifndef VSTOP - termStopChar = CONTROL('S'); -# endif -# ifndef VSTATUS - termAytChar = CONTROL('T'); -# endif -} - -#ifdef notdef -void -TerminalRestoreState() -{ -} -#endif - -/* - * TerminalNewMode - set up terminal to a specific mode. - * MODE_ECHO: do local terminal echo - * MODE_FLOW: do local flow control - * MODE_TRAPSIG: do local mapping to TELNET IAC sequences - * MODE_EDIT: do local line editing - * - * Command mode: - * MODE_ECHO|MODE_EDIT|MODE_FLOW|MODE_TRAPSIG - * local echo - * local editing - * local xon/xoff - * local signal mapping - * - * Linemode: - * local/no editing - * Both Linemode and Single Character mode: - * local/remote echo - * local/no xon/xoff - * local/no signal mapping - */ - - -#ifdef SIGTSTP -static RETSIGTYPE susp(int); -#endif /* SIGTSTP */ -#ifdef SIGINFO -static RETSIGTYPE ayt(int); -#endif - -void -TerminalNewMode(int f) -{ - static int prevmode = 0; - struct termios tmp_tc; - int onoff; - int old; - cc_t esc; - - globalmode = f&~MODE_FORCE; - if (prevmode == f) - return; - - /* - * Write any outstanding data before switching modes - * ttyflush() returns 0 only when there is no more data - * left to write out, it returns -1 if it couldn't do - * anything at all, otherwise it returns 1 + the number - * of characters left to write. - */ - old = ttyflush(SYNCHing|flushout); - if (old < 0 || old > 1) { - tcgetattr(tin, &tmp_tc); - do { - /* - * Wait for data to drain, then flush again. - */ - tcsetattr(tin, TCSADRAIN, &tmp_tc); - old = ttyflush(SYNCHing|flushout); - } while (old < 0 || old > 1); - } - - old = prevmode; - prevmode = f&~MODE_FORCE; - tmp_tc = new_tc; - - if (f&MODE_ECHO) { - tmp_tc.c_lflag |= ECHO; - tmp_tc.c_oflag |= ONLCR; - if (crlf) - tmp_tc.c_iflag |= ICRNL; - } else { - tmp_tc.c_lflag &= ~ECHO; - tmp_tc.c_oflag &= ~ONLCR; -# ifdef notdef - if (crlf) - tmp_tc.c_iflag &= ~ICRNL; -# endif - } - - if ((f&MODE_FLOW) == 0) { - tmp_tc.c_iflag &= ~(IXOFF|IXON); /* Leave the IXANY bit alone */ - } else { - if (restartany < 0) { - tmp_tc.c_iflag |= IXOFF|IXON; /* Leave the IXANY bit alone */ - } else if (restartany > 0) { - tmp_tc.c_iflag |= IXOFF|IXON|IXANY; - } else { - tmp_tc.c_iflag |= IXOFF|IXON; - tmp_tc.c_iflag &= ~IXANY; - } - } - - if ((f&MODE_TRAPSIG) == 0) { - tmp_tc.c_lflag &= ~ISIG; - localchars = 0; - } else { - tmp_tc.c_lflag |= ISIG; - localchars = 1; - } - - if (f&MODE_EDIT) { - tmp_tc.c_lflag |= ICANON; - } else { - tmp_tc.c_lflag &= ~ICANON; - tmp_tc.c_iflag &= ~ICRNL; - tmp_tc.c_cc[VMIN] = 1; - tmp_tc.c_cc[VTIME] = 0; - } - - if ((f&(MODE_EDIT|MODE_TRAPSIG)) == 0) { -# ifdef VLNEXT - tmp_tc.c_cc[VLNEXT] = (cc_t)(_POSIX_VDISABLE); -# endif - } - - if (f&MODE_SOFT_TAB) { -# ifdef OXTABS - tmp_tc.c_oflag |= OXTABS; -# endif -# ifdef TABDLY - tmp_tc.c_oflag &= ~TABDLY; - tmp_tc.c_oflag |= TAB3; -# endif - } else { -# ifdef OXTABS - tmp_tc.c_oflag &= ~OXTABS; -# endif -# ifdef TABDLY - tmp_tc.c_oflag &= ~TABDLY; -# endif - } - - if (f&MODE_LIT_ECHO) { -# ifdef ECHOCTL - tmp_tc.c_lflag &= ~ECHOCTL; -# endif - } else { -# ifdef ECHOCTL - tmp_tc.c_lflag |= ECHOCTL; -# endif - } - - if (f == -1) { - onoff = 0; - } else { - if (f & MODE_INBIN) - tmp_tc.c_iflag &= ~ISTRIP; - else - tmp_tc.c_iflag |= ISTRIP; - if ((f & MODE_OUTBIN) || (f & MODE_OUT8)) { - tmp_tc.c_cflag &= ~(CSIZE|PARENB); - tmp_tc.c_cflag |= CS8; - if(f & MODE_OUTBIN) - tmp_tc.c_oflag &= ~OPOST; - else - tmp_tc.c_oflag |= OPOST; - } else { - tmp_tc.c_cflag &= ~(CSIZE|PARENB); - tmp_tc.c_cflag |= old_tc.c_cflag & (CSIZE|PARENB); - tmp_tc.c_oflag |= OPOST; - } - onoff = 1; - } - - if (f != -1) { - -#ifdef SIGTSTP - signal(SIGTSTP, susp); -#endif /* SIGTSTP */ -#ifdef SIGINFO - signal(SIGINFO, ayt); -#endif -#ifdef NOKERNINFO - tmp_tc.c_lflag |= NOKERNINFO; -#endif - /* - * We don't want to process ^Y here. It's just another - * character that we'll pass on to the back end. It has - * to process it because it will be processed when the - * user attempts to read it, not when we send it. - */ -# ifdef VDSUSP - tmp_tc.c_cc[VDSUSP] = (cc_t)(_POSIX_VDISABLE); -# endif - /* - * If the VEOL character is already set, then use VEOL2, - * otherwise use VEOL. - */ - esc = (rlogin != _POSIX_VDISABLE) ? rlogin : escape; - if ((tmp_tc.c_cc[VEOL] != esc) -# ifdef VEOL2 - && (tmp_tc.c_cc[VEOL2] != esc) -# endif - ) { - if (tmp_tc.c_cc[VEOL] == (cc_t)(_POSIX_VDISABLE)) - tmp_tc.c_cc[VEOL] = esc; -# ifdef VEOL2 - else if (tmp_tc.c_cc[VEOL2] == (cc_t)(_POSIX_VDISABLE)) - tmp_tc.c_cc[VEOL2] = esc; -# endif - } - } else { - sigset_t sm; - -#ifdef SIGINFO - signal(SIGINFO, ayt_status); -#endif -#ifdef SIGTSTP - signal(SIGTSTP, SIG_DFL); - sigemptyset(&sm); - sigaddset(&sm, SIGTSTP); - sigprocmask(SIG_UNBLOCK, &sm, NULL); -#endif /* SIGTSTP */ - tmp_tc = old_tc; - } - if (tcsetattr(tin, TCSADRAIN, &tmp_tc) < 0) - tcsetattr(tin, TCSANOW, &tmp_tc); - - ioctl(tin, FIONBIO, (char *)&onoff); - ioctl(tout, FIONBIO, (char *)&onoff); - -} - -/* - * Try to guess whether speeds are "encoded" (4.2BSD) or just numeric (4.4BSD). - */ -#if B4800 != 4800 -#define DECODE_BAUD -#endif - -#ifdef DECODE_BAUD -#ifndef B7200 -#define B7200 B4800 -#endif - -#ifndef B14400 -#define B14400 B9600 -#endif - -#ifndef B19200 -# define B19200 B14400 -#endif - -#ifndef B28800 -#define B28800 B19200 -#endif - -#ifndef B38400 -# define B38400 B28800 -#endif - -#ifndef B57600 -#define B57600 B38400 -#endif - -#ifndef B76800 -#define B76800 B57600 -#endif - -#ifndef B115200 -#define B115200 B76800 -#endif - -#ifndef B230400 -#define B230400 B115200 -#endif - - -/* - * This code assumes that the values B0, B50, B75... - * are in ascending order. They do not have to be - * contiguous. - */ -struct termspeeds { - long speed; - long value; -} termspeeds[] = { - { 0, B0 }, { 50, B50 }, { 75, B75 }, - { 110, B110 }, { 134, B134 }, { 150, B150 }, - { 200, B200 }, { 300, B300 }, { 600, B600 }, - { 1200, B1200 }, { 1800, B1800 }, { 2400, B2400 }, - { 4800, B4800 }, { 7200, B7200 }, { 9600, B9600 }, - { 14400, B14400 }, { 19200, B19200 }, { 28800, B28800 }, - { 38400, B38400 }, { 57600, B57600 }, { 115200, B115200 }, - { 230400, B230400 }, { -1, B230400 } -}; -#endif /* DECODE_BAUD */ - -void -TerminalSpeeds(long *input_speed, long *output_speed) -{ -#ifdef DECODE_BAUD - struct termspeeds *tp; -#endif /* DECODE_BAUD */ - long in, out; - - out = cfgetospeed(&old_tc); - in = cfgetispeed(&old_tc); - if (in == 0) - in = out; - -#ifdef DECODE_BAUD - tp = termspeeds; - while ((tp->speed != -1) && (tp->value < in)) - tp++; - *input_speed = tp->speed; - - tp = termspeeds; - while ((tp->speed != -1) && (tp->value < out)) - tp++; - *output_speed = tp->speed; -#else /* DECODE_BAUD */ - *input_speed = in; - *output_speed = out; -#endif /* DECODE_BAUD */ -} - -int -TerminalWindowSize(long *rows, long *cols) -{ - struct winsize ws; - - if (get_window_size (STDIN_FILENO, &ws) == 0) { - *rows = ws.ws_row; - *cols = ws.ws_col; - return 1; - } else - return 0; -} - -int -NetClose(int fd) -{ - return close(fd); -} - - -void -NetNonblockingIO(int fd, int onoff) -{ - ioctl(fd, FIONBIO, (char *)&onoff); -} - - -/* - * Various signal handling routines. - */ - -static RETSIGTYPE deadpeer(int), - intr(int), intr2(int), susp(int), sendwin(int); -#ifdef SIGINFO -static RETSIGTYPE ayt(int); -#endif - - - /* ARGSUSED */ -static RETSIGTYPE -deadpeer(int sig) -{ - setcommandmode(); - longjmp(peerdied, -1); -} - -int intr_happened = 0; -int intr_waiting = 0; - - /* ARGSUSED */ -static RETSIGTYPE -intr(int sig) -{ - if (intr_waiting) { - intr_happened = 1; - return; - } - if (localchars) { - intp(); - return; - } - setcommandmode(); - longjmp(toplevel, -1); -} - - /* ARGSUSED */ -static RETSIGTYPE -intr2(int sig) -{ - if (localchars) { -#ifdef KLUDGELINEMODE - if (kludgelinemode) - sendbrk(); - else -#endif - sendabort(); - return; - } -} - -#ifdef SIGTSTP - /* ARGSUSED */ -static RETSIGTYPE -susp(int sig) -{ - if ((rlogin != _POSIX_VDISABLE) && rlogin_susp()) - return; - if (localchars) - sendsusp(); -} -#endif - -#ifdef SIGWINCH - /* ARGSUSED */ -static RETSIGTYPE -sendwin(int sig) -{ - if (connected) { - sendnaws(); - } -} -#endif - -#ifdef SIGINFO - /* ARGSUSED */ -static RETSIGTYPE -ayt(int sig) -{ - if (connected) - sendayt(); - else - ayt_status(sig); -} -#endif - - -void -sys_telnet_init(void) -{ - signal(SIGINT, intr); - signal(SIGQUIT, intr2); - signal(SIGPIPE, deadpeer); -#ifdef SIGWINCH - signal(SIGWINCH, sendwin); -#endif -#ifdef SIGTSTP - signal(SIGTSTP, susp); -#endif -#ifdef SIGINFO - signal(SIGINFO, ayt); -#endif - - setconnmode(0); - - NetNonblockingIO(net, 1); - - -#if defined(SO_OOBINLINE) - if (SetSockOpt(net, SOL_SOCKET, SO_OOBINLINE, 1) == -1) - perror("setsockopt (SO_OOBINLINE) (ignored)"); -#endif /* defined(SO_OOBINLINE) */ -} - -/* - * Process rings - - * - * This routine tries to fill up/empty our various rings. - * - * The parameter specifies whether this is a poll operation, - * or a block-until-something-happens operation. - * - * The return value is 1 if something happened, 0 if not. - */ - -int -process_rings(int netin, - int netout, - int netex, - int ttyin, - int ttyout, - int poll) /* If 0, then block until something to do */ -{ - int c; - /* One wants to be a bit careful about setting returnValue - * to one, since a one implies we did some useful work, - * and therefore probably won't be called to block next - * time (TN3270 mode only). - */ - int returnValue = 0; - static struct timeval TimeValue = { 0 }; - - if (net >= FD_SETSIZE - || tout >= FD_SETSIZE - || tin >= FD_SETSIZE) - errx (1, "fd too large"); - - if (netout) { - FD_SET(net, &obits); - } - if (ttyout) { - FD_SET(tout, &obits); - } - if (ttyin) { - FD_SET(tin, &ibits); - } - if (netin) { - FD_SET(net, &ibits); - } -#if !defined(SO_OOBINLINE) - if (netex) { - FD_SET(net, &xbits); - } -#endif - if ((c = select(FD_SETSIZE, &ibits, &obits, &xbits, - (poll == 0)? (struct timeval *)0 : &TimeValue)) < 0) { - if (c == -1) { - /* - * we can get EINTR if we are in line mode, - * and the user does an escape (TSTP), or - * some other signal generator. - */ - if (errno == EINTR) { - return 0; - } - /* I don't like this, does it ever happen? */ - printf("sleep(5) from telnet, after select\r\n"); - sleep(5); - } - return 0; - } - - /* - * Any urgent data? - */ - if (FD_ISSET(net, &xbits)) { - FD_CLR(net, &xbits); - SYNCHing = 1; - ttyflush(1); /* flush already enqueued data */ - } - - /* - * Something to read from the network... - */ - if (FD_ISSET(net, &ibits)) { - int canread; - - FD_CLR(net, &ibits); - canread = ring_empty_consecutive(&netiring); -#if !defined(SO_OOBINLINE) - /* - * In 4.2 (and some early 4.3) systems, the - * OOB indication and data handling in the kernel - * is such that if two separate TCP Urgent requests - * come in, one byte of TCP data will be overlaid. - * This is fatal for Telnet, but we try to live - * with it. - * - * In addition, in 4.2 (and...), a special protocol - * is needed to pick up the TCP Urgent data in - * the correct sequence. - * - * What we do is: if we think we are in urgent - * mode, we look to see if we are "at the mark". - * If we are, we do an OOB receive. If we run - * this twice, we will do the OOB receive twice, - * but the second will fail, since the second - * time we were "at the mark", but there wasn't - * any data there (the kernel doesn't reset - * "at the mark" until we do a normal read). - * Once we've read the OOB data, we go ahead - * and do normal reads. - * - * There is also another problem, which is that - * since the OOB byte we read doesn't put us - * out of OOB state, and since that byte is most - * likely the TELNET DM (data mark), we would - * stay in the TELNET SYNCH (SYNCHing) state. - * So, clocks to the rescue. If we've "just" - * received a DM, then we test for the - * presence of OOB data when the receive OOB - * fails (and AFTER we did the normal mode read - * to clear "at the mark"). - */ - if (SYNCHing) { - int atmark; - static int bogus_oob = 0, first = 1; - - ioctl(net, SIOCATMARK, (char *)&atmark); - if (atmark) { - c = recv(net, netiring.supply, canread, MSG_OOB); - if ((c == -1) && (errno == EINVAL)) { - c = recv(net, netiring.supply, canread, 0); - if (clocks.didnetreceive < clocks.gotDM) { - SYNCHing = stilloob(); - } - } else if (first && c > 0) { - /* - * Bogosity check. Systems based on 4.2BSD - * do not return an error if you do a second - * recv(MSG_OOB). So, we do one. If it - * succeeds and returns exactly the same - * data, then assume that we are running - * on a broken system and set the bogus_oob - * flag. (If the data was different, then - * we probably got some valid new data, so - * increment the count...) - */ - int i; - i = recv(net, netiring.supply + c, canread - c, MSG_OOB); - if (i == c && - memcmp(netiring.supply, netiring.supply + c, i) == 0) { - bogus_oob = 1; - first = 0; - } else if (i < 0) { - bogus_oob = 0; - first = 0; - } else - c += i; - } - if (bogus_oob && c > 0) { - int i; - /* - * Bogosity. We have to do the read - * to clear the atmark to get out of - * an infinate loop. - */ - i = read(net, netiring.supply + c, canread - c); - if (i > 0) - c += i; - } - } else { - c = recv(net, netiring.supply, canread, 0); - } - } else { - c = recv(net, netiring.supply, canread, 0); - } - settimer(didnetreceive); -#else /* !defined(SO_OOBINLINE) */ - c = recv(net, (char *)netiring.supply, canread, 0); -#endif /* !defined(SO_OOBINLINE) */ - if (c < 0 && errno == EWOULDBLOCK) { - c = 0; - } else if (c <= 0) { - return -1; - } - if (netdata) { - Dump('<', netiring.supply, c); - } - if (c) - ring_supplied(&netiring, c); - returnValue = 1; - } - - /* - * Something to read from the tty... - */ - if (FD_ISSET(tin, &ibits)) { - FD_CLR(tin, &ibits); - c = TerminalRead(ttyiring.supply, ring_empty_consecutive(&ttyiring)); - if (c < 0 && errno == EIO) - c = 0; - if (c < 0 && errno == EWOULDBLOCK) { - c = 0; - } else { - /* EOF detection for line mode!!!! */ - if ((c == 0) && MODE_LOCAL_CHARS(globalmode) && isatty(tin)) { - /* must be an EOF... */ - *ttyiring.supply = termEofChar; - c = 1; - } - if (c <= 0) { - return -1; - } - if (termdata) { - Dump('<', ttyiring.supply, c); - } - ring_supplied(&ttyiring, c); - } - returnValue = 1; /* did something useful */ - } - - if (FD_ISSET(net, &obits)) { - FD_CLR(net, &obits); - returnValue |= netflush(); - } - if (FD_ISSET(tout, &obits)) { - FD_CLR(tout, &obits); - returnValue |= (ttyflush(SYNCHing|flushout) > 0); - } - - return returnValue; -} diff --git a/crypto/heimdal/appl/telnet/telnet/telnet.1 b/crypto/heimdal/appl/telnet/telnet/telnet.1 deleted file mode 100644 index 37f588a4c59c..000000000000 --- a/crypto/heimdal/appl/telnet/telnet/telnet.1 +++ /dev/null @@ -1,1369 +0,0 @@ -.\" Copyright (c) 1983, 1990, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)telnet.1 8.6 (Berkeley) 6/1/94 -.\" -.Dd June 1, 1994 -.Dt TELNET 1 -.Os BSD 4.2 -.Sh NAME -.Nm telnet -.Nd user interface to the -.Tn TELNET -protocol -.Sh SYNOPSIS -.Nm telnet -.Op Fl 78EFKLacdfrx -.Op Fl S Ar tos -.Op Fl X Ar authtype -.Op Fl e Ar escapechar -.Op Fl k Ar realm -.Op Fl l Ar user -.Op Fl n Ar tracefile -.Oo -.Ar host -.Op port -.Oc -.Sh DESCRIPTION -The -.Nm telnet -command -is used to communicate with another host using the -.Tn TELNET -protocol. -If -.Nm telnet -is invoked without the -.Ar host -argument, it enters command mode, -indicated by its prompt -.Pq Nm telnet\*[Gt] . -In this mode, it accepts and executes the commands listed below. -If it is invoked with arguments, it performs an -.Ic open -command with those arguments. -.Pp -Options: -.Bl -tag -width indent -.It Fl 8 -Specifies an 8-bit data path. This causes an attempt to -negotiate the -.Dv TELNET BINARY -option on both input and output. -.It Fl 7 -Do not try to negotiate -.Dv TELNET BINARY -option. -.It Fl E -Stops any character from being recognized as an escape character. -.It Fl F -If Kerberos V5 authentication is being used, the -.Fl F -option allows the local credentials to be forwarded -to the remote system, including any credentials that -have already been forwarded into the local environment. -.It Fl K -Specifies no automatic login to the remote system. -.It Fl L -Specifies an 8-bit data path on output. This causes the -BINARY option to be negotiated on output. -.It Fl S Ar tos -Sets the IP type-of-service (TOS) option for the telnet -connection to the value -.Ar tos , -which can be a numeric TOS value -or, on systems that support it, a symbolic -TOS name found in the /etc/iptos file. -.It Fl X Ar atype -Disables the -.Ar atype -type of authentication. -.It Fl a -Attempt automatic login. -Currently, this sends the user name via the -.Ev USER -variable -of the -.Ev ENVIRON -option if supported by the remote system. -The name used is that of the current user as returned by -.Xr getlogin 2 -if it agrees with the current user ID, -otherwise it is the name associated with the user ID. -.It Fl c -Disables the reading of the user's -.Pa \&.telnetrc -file. (See the -.Ic toggle skiprc -command on this man page.) -.It Fl d -Sets the initial value of the -.Ic debug -toggle to -.Dv TRUE -.It Fl e Ar escape char -Sets the initial -.Nm -.Nm telnet -escape character to -.Ar escape char . -If -.Ar escape char -is omitted, then -there will be no escape character. -.It Fl f -If Kerberos V5 authentication is being used, the -.Fl f -option allows the local credentials to be forwarded to the remote system. -.It Fl k Ar realm -If Kerberos authentication is being used, the -.Fl k -option requests that telnet obtain tickets for the remote host in -realm realm instead of the remote host's realm, as determined -by -.Xr krb_realmofhost 3 . -.It Fl l Ar user -When connecting to the remote system, if the remote system -understands the -.Ev ENVIRON -option, then -.Ar user -will be sent to the remote system as the value for the variable USER. -This option implies the -.Fl a -option. -This option may also be used with the -.Ic open -command. -.It Fl n Ar tracefile -Opens -.Ar tracefile -for recording trace information. -See the -.Ic set tracefile -command below. -.It Fl r -Specifies a user interface similar to -.Xr rlogin 1 . -In this -mode, the escape character is set to the tilde (~) character, -unless modified by the -e option. -.It Fl x -Turn on encryption of the data stream. When this option is turned on, -.B telnet -will exit with an error if authentication cannot be negotiated or if -encryption cannot be turned on. -.It Ar host -Indicates the official name, an alias, or the Internet address -of a remote host. -.It Ar port -Indicates a port number (address of an application). If a number is -not specified, the default -.Nm telnet -port is used. -.El -.Pp -When in rlogin mode, a line of the form ~. disconnects from the -remote host; ~ is the telnet escape character. -Similarly, the line ~^Z suspends the telnet session. -The line ~^] escapes to the normal telnet escape prompt. -.Pp -Once a connection has been opened, -.Nm telnet -will attempt to enable the -.Dv TELNET LINEMODE -option. -If this fails, then -.Nm telnet -will revert to one of two input modes: -either \*(Lqcharacter at a time\*(Rq -or \*(Lqold line by line\*(Rq -depending on what the remote system supports. -.Pp -When -.Dv LINEMODE -is enabled, character processing is done on the -local system, under the control of the remote system. When input -editing or character echoing is to be disabled, the remote system -will relay that information. The remote system will also relay -changes to any special characters that happen on the remote -system, so that they can take effect on the local system. -.Pp -In \*(Lqcharacter at a time\*(Rq mode, most -text typed is immediately sent to the remote host for processing. -.Pp -In \*(Lqold line by line\*(Rq mode, all text is echoed locally, -and (normally) only completed lines are sent to the remote host. -The \*(Lqlocal echo character\*(Rq (initially \*(Lq^E\*(Rq) may be used -to turn off and on the local echo -(this would mostly be used to enter passwords -without the password being echoed). -.Pp -If the -.Dv LINEMODE -option is enabled, or if the -.Ic localchars -toggle is -.Dv TRUE -(the default for \*(Lqold line by line\*(Lq; see below), -the user's -.Ic quit , -.Ic intr , -and -.Ic flush -characters are trapped locally, and sent as -.Tn TELNET -protocol sequences to the remote side. -If -.Dv LINEMODE -has ever been enabled, then the user's -.Ic susp -and -.Ic eof -are also sent as -.Tn TELNET -protocol sequences, -and -.Ic quit -is sent as a -.Dv TELNET ABORT -instead of -.Dv BREAK -There are options (see -.Ic toggle -.Ic autoflush -and -.Ic toggle -.Ic autosynch -below) -which cause this action to flush subsequent output to the terminal -(until the remote host acknowledges the -.Tn TELNET -sequence) and flush previous terminal input -(in the case of -.Ic quit -and -.Ic intr ) . -.Pp -While connected to a remote host, -.Nm telnet -command mode may be entered by typing the -.Nm telnet -\*(Lqescape character\*(Rq (initially \*(Lq^]\*(Rq). -When in command mode, the normal terminal editing conventions are available. -.Pp -The following -.Nm telnet -commands are available. -Only enough of each command to uniquely identify it need be typed -(this is also true for arguments to the -.Ic mode , -.Ic set , -.Ic toggle , -.Ic unset , -.Ic slc , -.Ic environ , -and -.Ic display -commands). -.Pp -.Bl -tag -width "mode type" -.It Ic auth Ar argument ... -The auth command manipulates the information sent through the -.Dv TELNET AUTHENTICATE -option. Valid arguments for the -auth command are as follows: -.Bl -tag -width "disable type" -.It Ic disable Ar type -Disables the specified type of authentication. To -obtain a list of available types, use the -.Ic auth disable ?\& -command. -.It Ic enable Ar type -Enables the specified type of authentication. To -obtain a list of available types, use the -.Ic auth enable ?\& -command. -.It Ic status -Lists the current status of the various types of -authentication. -.El -.It Ic close -Close a -.Tn TELNET -session and return to command mode. -.It Ic display Ar argument ... -Displays all, or some, of the -.Ic set -and -.Ic toggle -values (see below). -.It Ic encrypt Ar argument ... -The encrypt command manipulates the information sent through the -.Dv TELNET ENCRYPT -option. -.Pp -Note: Because of export controls, the -.Dv TELNET ENCRYPT -option is not supported outside of the United States and Canada. -.Pp -Valid arguments for the encrypt command are as follows: -.Bl -tag -width Ar -.It Ic disable Ar type Xo -.Op Cm input | output -.Xc -Disables the specified type of encryption. If you -omit the input and output, both input and output -are disabled. To obtain a list of available -types, use the -.Ic encrypt disable ?\& -command. -.It Ic enable Ar type Xo -.Op Cm input | output -.Xc -Enables the specified type of encryption. If you -omit input and output, both input and output are -enabled. To obtain a list of available types, use the -.Ic encrypt enable ?\& -command. -.It Ic input -This is the same as the -.Ic encrypt start input -command. -.It Ic -input -This is the same as the -.Ic encrypt stop input -command. -.It Ic output -This is the same as the -.Ic encrypt start output -command. -.It Ic -output -This is the same as the -.Ic encrypt stop output -command. -.It Ic start Op Cm input | output -Attempts to start encryption. If you omit -.Ic input -and -.Ic output , -both input and output are enabled. To -obtain a list of available types, use the -.Ic encrypt enable ?\& -command. -.It Ic status -Lists the current status of encryption. -.It Ic stop Op Cm input | output -Stops encryption. If you omit input and output, -encryption is on both input and output. -.It Ic type Ar type -Sets the default type of encryption to be used -with later -.Ic encrypt start -or -.Ic encrypt stop -commands. -.El -.It Ic environ Ar arguments ... -The -.Ic environ -command is used to manipulate the -the variables that my be sent through the -.Dv TELNET ENVIRON -option. -The initial set of variables is taken from the users -environment, with only the -.Ev DISPLAY -and -.Ev PRINTER -variables being exported by default. -The -.Ev USER -variable is also exported if the -.Fl a -or -.Fl l -options are used. -.Pp -Valid arguments for the -.Ic environ -command are: -.Bl -tag -width Fl -.It Ic define Ar variable value -Define the variable -.Ar variable -to have a value of -.Ar value . -Any variables defined by this command are automatically exported. -The -.Ar value -may be enclosed in single or double quotes so -that tabs and spaces may be included. -.It Ic undefine Ar variable -Remove -.Ar variable -from the list of environment variables. -.It Ic export Ar variable -Mark the variable -.Ar variable -to be exported to the remote side. -.It Ic unexport Ar variable -Mark the variable -.Ar variable -to not be exported unless -explicitly asked for by the remote side. -.It Ic list -List the current set of environment variables. -Those marked with a -.Cm * -will be sent automatically, -other variables will only be sent if explicitly requested. -.It Ic ?\& -Prints out help information for the -.Ic environ -command. -.El -.It Ic logout -Sends the -.Dv TELNET LOGOUT -option to the remote side. -This command is similar to a -.Ic close -command; however, if the remote side does not support the -.Dv LOGOUT -option, nothing happens. -If, however, the remote side does support the -.Dv LOGOUT -option, this command should cause the remote side to close the -.Tn TELNET -connection. -If the remote side also supports the concept of -suspending a user's session for later reattachment, -the logout argument indicates that you -should terminate the session immediately. -.It Ic mode Ar type -.Ar Type -is one of several options, depending on the state of the -.Tn TELNET -session. -The remote host is asked for permission to go into the requested mode. -If the remote host is capable of entering that mode, the requested -mode will be entered. -.Bl -tag -width Ar -.It Ic character -Disable the -.Dv TELNET LINEMODE -option, or, if the remote side does not understand the -.Dv LINEMODE -option, then enter \*(Lqcharacter at a time\*(Lq mode. -.It Ic line -Enable the -.Dv TELNET LINEMODE -option, or, if the remote side does not understand the -.Dv LINEMODE -option, then attempt to enter \*(Lqold-line-by-line\*(Lq mode. -.It Ic isig Pq Ic \-isig -Attempt to enable (disable) the -.Dv TRAPSIG -mode of the -.Dv LINEMODE -option. -This requires that the -.Dv LINEMODE -option be enabled. -.It Ic edit Pq Ic \-edit -Attempt to enable (disable) the -.Dv EDIT -mode of the -.Dv LINEMODE -option. -This requires that the -.Dv LINEMODE -option be enabled. -.It Ic softtabs Pq Ic \-softtabs -Attempt to enable (disable) the -.Dv SOFT_TAB -mode of the -.Dv LINEMODE -option. -This requires that the -.Dv LINEMODE -option be enabled. -.It Ic litecho Pq Ic \-litecho -Attempt to enable (disable) the -.Dv LIT_ECHO -mode of the -.Dv LINEMODE -option. -This requires that the -.Dv LINEMODE -option be enabled. -.It Ic ?\& -Prints out help information for the -.Ic mode -command. -.El -.It Xo -.Ic open Ar host -.Op Fl l Ar user -.Op Oo Fl Oc Ns Ar port -.Xc -Open a connection to the named host. -If no port number -is specified, -.Nm telnet -will attempt to contact a -.Tn TELNET -server at the default port. -The host specification may be either a host name (see -.Xr hosts 5 ) -or an Internet address specified in the \*(Lqdot notation\*(Rq (see -.Xr inet 3 ) . -The -.Op Fl l -option may be used to specify the user name -to be passed to the remote system via the -.Ev ENVIRON -option. -When connecting to a non-standard port, -.Nm telnet -omits any automatic initiation of -.Tn TELNET -options. When the port number is preceded by a minus sign, -the initial option negotiation is done. -After establishing a connection, the file -.Pa \&.telnetrc -in the -users home directory is opened. Lines beginning with a # are -comment lines. Blank lines are ignored. Lines that begin -without white space are the start of a machine entry. The -first thing on the line is the name of the machine that is -being connected to. The rest of the line, and successive -lines that begin with white space are assumed to be -.Nm telnet -commands and are processed as if they had been typed -in manually to the -.Nm telnet -command prompt. -.It Ic quit -Close any open -.Tn TELNET -session and exit -.Nm telnet . -An end of file (in command mode) will also close a session and exit. -.It Ic send Ar arguments -Sends one or more special character sequences to the remote host. -The following are the arguments which may be specified -(more than one argument may be specified at a time): -.Pp -.Bl -tag -width escape -.It Ic abort -Sends the -.Dv TELNET ABORT -(Abort -processes) -sequence. -.It Ic ao -Sends the -.Dv TELNET AO -(Abort Output) sequence, which should cause the remote system to flush -all output -.Em from -the remote system -.Em to -the user's terminal. -.It Ic ayt -Sends the -.Dv TELNET AYT -(Are You There) -sequence, to which the remote system may or may not choose to respond. -.It Ic brk -Sends the -.Dv TELNET BRK -(Break) sequence, which may have significance to the remote -system. -.It Ic ec -Sends the -.Dv TELNET EC -(Erase Character) -sequence, which should cause the remote system to erase the last character -entered. -.It Ic el -Sends the -.Dv TELNET EL -(Erase Line) -sequence, which should cause the remote system to erase the line currently -being entered. -.It Ic eof -Sends the -.Dv TELNET EOF -(End Of File) -sequence. -.It Ic eor -Sends the -.Dv TELNET EOR -(End of Record) -sequence. -.It Ic escape -Sends the current -.Nm telnet -escape character (initially \*(Lq^\*(Rq). -.It Ic ga -Sends the -.Dv TELNET GA -(Go Ahead) -sequence, which likely has no significance to the remote system. -.It Ic getstatus -If the remote side supports the -.Dv TELNET STATUS -command, -.Ic getstatus -will send the subnegotiation to request that the server send -its current option status. -.It Ic ip -Sends the -.Dv TELNET IP -(Interrupt Process) sequence, which should cause the remote -system to abort the currently running process. -.It Ic nop -Sends the -.Dv TELNET NOP -(No OPeration) -sequence. -.It Ic susp -Sends the -.Dv TELNET SUSP -(SUSPend process) -sequence. -.It Ic synch -Sends the -.Dv TELNET SYNCH -sequence. -This sequence causes the remote system to discard all previously typed -(but not yet read) input. -This sequence is sent as -.Tn TCP -urgent -data (and may not work if the remote system is a -.Bx 4.2 -system -- if -it doesn't work, a lower case \*(Lqr\*(Rq may be echoed on the terminal). -.It Ic do Ar cmd -.It Ic dont Ar cmd -.It Ic will Ar cmd -.It Ic wont Ar cmd -Sends the -.Dv TELNET DO -.Ar cmd -sequence. -.Ar Cmd -can be either a decimal number between 0 and 255, -or a symbolic name for a specific -.Dv TELNET -command. -.Ar Cmd -can also be either -.Ic help -or -.Ic ?\& -to print out help information, including -a list of known symbolic names. -.It Ic ?\& -Prints out help information for the -.Ic send -command. -.El -.It Ic set Ar argument value -.It Ic unset Ar argument value -The -.Ic set -command will set any one of a number of -.Nm telnet -variables to a specific value or to -.Dv TRUE . -The special value -.Ic off -turns off the function associated with -the variable, this is equivalent to using the -.Ic unset -command. -The -.Ic unset -command will disable or set to -.Dv FALSE -any of the specified functions. -The values of variables may be interrogated with the -.Ic display -command. -The variables which may be set or unset, but not toggled, are -listed here. In addition, any of the variables for the -.Ic toggle -command may be explicitly set or unset using -the -.Ic set -and -.Ic unset -commands. -.Bl -tag -width escape -.It Ic ayt -If -.Tn TELNET -is in localchars mode, or -.Dv LINEMODE -is enabled, and the status character is typed, a -.Dv TELNET AYT -sequence (see -.Ic send ayt -preceding) is sent to the -remote host. The initial value for the "Are You There" -character is the terminal's status character. -.It Ic echo -This is the value (initially \*(Lq^E\*(Rq) which, when in -\*(Lqline by line\*(Rq mode, toggles between doing local echoing -of entered characters (for normal processing), and suppressing -echoing of entered characters (for entering, say, a password). -.It Ic eof -If -.Nm telnet -is operating in -.Dv LINEMODE -or \*(Lqold line by line\*(Rq mode, entering this character -as the first character on a line will cause this character to be -sent to the remote system. -The initial value of the eof character is taken to be the terminal's -.Ic eof -character. -.It Ic erase -If -.Nm telnet -is in -.Ic localchars -mode (see -.Ic toggle -.Ic localchars -below), -.Sy and -if -.Nm telnet -is operating in \*(Lqcharacter at a time\*(Rq mode, then when this -character is typed, a -.Dv TELNET EC -sequence (see -.Ic send -.Ic ec -above) -is sent to the remote system. -The initial value for the erase character is taken to be -the terminal's -.Ic erase -character. -.It Ic escape -This is the -.Nm telnet -escape character (initially \*(Lq^[\*(Rq) which causes entry -into -.Nm telnet -command mode (when connected to a remote system). -.It Ic flushoutput -If -.Nm telnet -is in -.Ic localchars -mode (see -.Ic toggle -.Ic localchars -below) -and the -.Ic flushoutput -character is typed, a -.Dv TELNET AO -sequence (see -.Ic send -.Ic ao -above) -is sent to the remote host. -The initial value for the flush character is taken to be -the terminal's -.Ic flush -character. -.It Ic forw1 -.It Ic forw2 -If -.Tn TELNET -is operating in -.Dv LINEMODE , -these are the -characters that, when typed, cause partial lines to be -forwarded to the remote system. The initial value for -the forwarding characters are taken from the terminal's -eol and eol2 characters. -.It Ic interrupt -If -.Nm telnet -is in -.Ic localchars -mode (see -.Ic toggle -.Ic localchars -below) -and the -.Ic interrupt -character is typed, a -.Dv TELNET IP -sequence (see -.Ic send -.Ic ip -above) -is sent to the remote host. -The initial value for the interrupt character is taken to be -the terminal's -.Ic intr -character. -.It Ic kill -If -.Nm telnet -is in -.Ic localchars -mode (see -.Ic toggle -.Ic localchars -below), -.Ic and -if -.Nm telnet -is operating in \*(Lqcharacter at a time\*(Rq mode, then when this -character is typed, a -.Dv TELNET EL -sequence (see -.Ic send -.Ic el -above) -is sent to the remote system. -The initial value for the kill character is taken to be -the terminal's -.Ic kill -character. -.It Ic lnext -If -.Nm telnet -is operating in -.Dv LINEMODE -or \*(Lqold line by line\*(Lq mode, then this character is taken to -be the terminal's -.Ic lnext -character. -The initial value for the lnext character is taken to be -the terminal's -.Ic lnext -character. -.It Ic quit -If -.Nm telnet -is in -.Ic localchars -mode (see -.Ic toggle -.Ic localchars -below) -and the -.Ic quit -character is typed, a -.Dv TELNET BRK -sequence (see -.Ic send -.Ic brk -above) -is sent to the remote host. -The initial value for the quit character is taken to be -the terminal's -.Ic quit -character. -.It Ic reprint -If -.Nm telnet -is operating in -.Dv LINEMODE -or \*(Lqold line by line\*(Lq mode, then this character is taken to -be the terminal's -.Ic reprint -character. -The initial value for the reprint character is taken to be -the terminal's -.Ic reprint -character. -.It Ic rlogin -This is the rlogin escape character. -If set, the normal -.Tn TELNET -escape character is ignored unless it is -preceded by this character at the beginning of a line. -This character, at the beginning of a line followed by -a "." closes the connection; when followed by a ^Z it -suspends the telnet command. The initial state is to -disable the rlogin escape character. -.It Ic start -If the -.Dv TELNET TOGGLE-FLOW-CONTROL -option has been enabled, -then this character is taken to -be the terminal's -.Ic start -character. -The initial value for the kill character is taken to be -the terminal's -.Ic start -character. -.It Ic stop -If the -.Dv TELNET TOGGLE-FLOW-CONTROL -option has been enabled, -then this character is taken to -be the terminal's -.Ic stop -character. -The initial value for the kill character is taken to be -the terminal's -.Ic stop -character. -.It Ic susp -If -.Nm telnet -is in -.Ic localchars -mode, or -.Dv LINEMODE -is enabled, and the -.Ic suspend -character is typed, a -.Dv TELNET SUSP -sequence (see -.Ic send -.Ic susp -above) -is sent to the remote host. -The initial value for the suspend character is taken to be -the terminal's -.Ic suspend -character. -.It Ic tracefile -This is the file to which the output, caused by -.Ic netdata -or -.Ic option -tracing being -.Dv TRUE , -will be written. If it is set to -.Dq Fl , -then tracing information will be written to standard output (the default). -.It Ic worderase -If -.Nm telnet -is operating in -.Dv LINEMODE -or \*(Lqold line by line\*(Lq mode, then this character is taken to -be the terminal's -.Ic worderase -character. -The initial value for the worderase character is taken to be -the terminal's -.Ic worderase -character. -.It Ic ?\& -Displays the legal -.Ic set -.Pq Ic unset -commands. -.El -.It Ic slc Ar state -The -.Ic slc -command (Set Local Characters) is used to set -or change the state of the the special -characters when the -.Dv TELNET LINEMODE -option has -been enabled. Special characters are characters that get -mapped to -.Tn TELNET -commands sequences (like -.Ic ip -or -.Ic quit ) -or line editing characters (like -.Ic erase -and -.Ic kill ) . -By default, the local special characters are exported. -.Bl -tag -width Fl -.It Ic check -Verify the current settings for the current special characters. -The remote side is requested to send all the current special -character settings, and if there are any discrepancies with -the local side, the local side will switch to the remote value. -.It Ic export -Switch to the local defaults for the special characters. The -local default characters are those of the local terminal at -the time when -.Nm telnet -was started. -.It Ic import -Switch to the remote defaults for the special characters. -The remote default characters are those of the remote system -at the time when the -.Tn TELNET -connection was established. -.It Ic ?\& -Prints out help information for the -.Ic slc -command. -.El -.It Ic status -Show the current status of -.Nm telnet . -This includes the peer one is connected to, as well -as the current mode. -.It Ic toggle Ar arguments ... -Toggle (between -.Dv TRUE -and -.Dv FALSE ) -various flags that control how -.Nm telnet -responds to events. -These flags may be set explicitly to -.Dv TRUE -or -.Dv FALSE -using the -.Ic set -and -.Ic unset -commands listed above. -More than one argument may be specified. -The state of these flags may be interrogated with the -.Ic display -command. -Valid arguments are: -.Bl -tag -width Ar -.It Ic authdebug -Turns on debugging information for the authentication code. -.It Ic autoflush -If -.Ic autoflush -and -.Ic localchars -are both -.Dv TRUE , -then when the -.Ic ao , -or -.Ic quit -characters are recognized (and transformed into -.Tn TELNET -sequences; see -.Ic set -above for details), -.Nm telnet -refuses to display any data on the user's terminal -until the remote system acknowledges (via a -.Dv TELNET TIMING MARK -option) -that it has processed those -.Tn TELNET -sequences. -The initial value for this toggle is -.Dv TRUE -if the terminal user had not -done an "stty noflsh", otherwise -.Dv FALSE -(see -.Xr stty 1 ) . -.It Ic autodecrypt -When the -.Dv TELNET ENCRYPT -option is negotiated, by -default the actual encryption (decryption) of the data -stream does not start automatically. The autoencrypt -(autodecrypt) command states that encryption of the -output (input) stream should be enabled as soon as -possible. -.Pp -Note: Because of export controls, the -.Dv TELNET ENCRYPT -option is not supported outside the United States and Canada. -.It Ic autologin -If the remote side supports the -.Dv TELNET AUTHENTICATION -option -.Tn TELNET -attempts to use it to perform automatic authentication. If the -.Dv AUTHENTICATION -option is not supported, the user's login -name are propagated through the -.Dv TELNET ENVIRON -option. -This command is the same as specifying -.Ar a -option on the -.Ic open -command. -.It Ic autosynch -If -.Ic autosynch -and -.Ic localchars -are both -.Dv TRUE , -then when either the -.Ic intr -or -.Ic quit -characters is typed (see -.Ic set -above for descriptions of the -.Ic intr -and -.Ic quit -characters), the resulting -.Tn TELNET -sequence sent is followed by the -.Dv TELNET SYNCH -sequence. -This procedure -.Ic should -cause the remote system to begin throwing away all previously -typed input until both of the -.Tn TELNET -sequences have been read and acted upon. -The initial value of this toggle is -.Dv FALSE . -.It Ic binary -Enable or disable the -.Dv TELNET BINARY -option on both input and output. -.It Ic inbinary -Enable or disable the -.Dv TELNET BINARY -option on input. -.It Ic outbinary -Enable or disable the -.Dv TELNET BINARY -option on output. -.It Ic crlf -If this is -.Dv TRUE , -then carriage returns will be sent as -.Li \*[Lt]CR\*[Gt]\*[Lt]LF\*[Gt] . -If this is -.Dv FALSE , -then carriage returns will be send as -.Li \*[Lt]CR\*[Gt]\*[Lt]NUL\*[Gt] . -The initial value for this toggle is -.Dv FALSE . -.It Ic crmod -Toggle carriage return mode. -When this mode is enabled, most carriage return characters received from -the remote host will be mapped into a carriage return followed by -a line feed. -This mode does not affect those characters typed by the user, only -those received from the remote host. -This mode is not very useful unless the remote host -only sends carriage return, but never line feed. -The initial value for this toggle is -.Dv FALSE . -.It Ic debug -Toggles socket level debugging (useful only to the -.Ic super user ) . -The initial value for this toggle is -.Dv FALSE . -.It Ic encdebug -Turns on debugging information for the encryption code. -.It Ic localchars -If this is -.Dv TRUE , -then the -.Ic flush , -.Ic interrupt , -.Ic quit , -.Ic erase , -and -.Ic kill -characters (see -.Ic set -above) are recognized locally, and transformed into (hopefully) appropriate -.Tn TELNET -control sequences -(respectively -.Ic ao , -.Ic ip , -.Ic brk , -.Ic ec , -and -.Ic el ; -see -.Ic send -above). -The initial value for this toggle is -.Dv TRUE -in \*(Lqold line by line\*(Rq mode, -and -.Dv FALSE -in \*(Lqcharacter at a time\*(Rq mode. -When the -.Dv LINEMODE -option is enabled, the value of -.Ic localchars -is ignored, and assumed to always be -.Dv TRUE . -If -.Dv LINEMODE -has ever been enabled, then -.Ic quit -is sent as -.Ic abort , -and -.Ic eof -and -.Ic suspend -are sent as -.Ic eof -and -.Ic susp , -see -.Ic send -above). -.It Ic netdata -Toggles the display of all network data (in hexadecimal format). -The initial value for this toggle is -.Dv FALSE . -.It Ic options -Toggles the display of some internal -.Nm telnet -protocol processing (having to do with -.Tn TELNET -options). -The initial value for this toggle is -.Dv FALSE . -.It Ic prettydump -When the -.Ic netdata -toggle is enabled, if -.Ic prettydump -is enabled the output from the -.Ic netdata -command will be formatted in a more user readable format. -Spaces are put between each character in the output, and the -beginning of any -.Tn TELNET -escape sequence is preceded by a '*' to aid in locating them. -.It Ic skiprc -When the skiprc toggle is -.Dv TRUE , -.Tn TELNET -skips the reading of the -.Pa \&.telnetrc -file in the users home -directory when connections are opened. The initial -value for this toggle is -.Dv FALSE . -.It Ic termdata -Toggles the display of all terminal data (in hexadecimal format). -The initial value for this toggle is -.Dv FALSE . -.It Ic verbose_encrypt -When the -.Ic verbose_encrypt -toggle is -.Dv TRUE , -.Tn TELNET -prints out a message each time encryption is enabled or -disabled. The initial value for this toggle is -.Dv FALSE . -Note: Because of export controls, data encryption -is not supported outside of the United States and Canada. -.It Ic \&? -Displays the legal -.Ic toggle -commands. -.El -.It Ic z -Suspend -.Nm telnet . -This command only works when the user is using the -.Xr csh 1 . -.It Ic \&! Op Ar command -Execute a single command in a subshell on the local -system. If -.Ic command -is omitted, then an interactive -subshell is invoked. -.It Ic ?\& Op Ar command -Get help. With no arguments, -.Nm telnet -prints a help summary. -If a command is specified, -.Nm telnet -will print the help information for just that command. -.El -.Sh ENVIRONMENT -.Nm Telnet -uses at least the -.Ev HOME , -.Ev SHELL , -.Ev DISPLAY , -and -.Ev TERM -environment variables. -Other environment variables may be propagated -to the other side via the -.Dv TELNET ENVIRON -option. -.Sh FILES -.Bl -tag -width ~/.telnetrc -compact -.It Pa ~/.telnetrc -user customized telnet startup values -.El -.Sh HISTORY -The -.Nm Telnet -command appeared in -.Bx 4.2 . -.Sh NOTES -.Pp -On some remote systems, echo has to be turned off manually when in -\*(Lqold line by line\*(Rq mode. -.Pp -In \*(Lqold line by line\*(Rq mode or -.Dv LINEMODE -the terminal's -.Ic eof -character is only recognized (and sent to the remote system) -when it is the first character on a line. diff --git a/crypto/heimdal/appl/telnet/telnet/telnet.c b/crypto/heimdal/appl/telnet/telnet/telnet.c deleted file mode 100644 index a90f2124dc70..000000000000 --- a/crypto/heimdal/appl/telnet/telnet/telnet.c +++ /dev/null @@ -1,2420 +0,0 @@ -/* - * Copyright (c) 1988, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnet_locl.h" - -RCSID("$Id: telnet.c 16285 2005-11-03 18:38:57Z lha $"); - -#define strip(x) (eight ? (x) : ((x) & 0x7f)) - -static unsigned char subbuffer[SUBBUFSIZE], - *subpointer, *subend; /* buffer for sub-options */ -#define SB_CLEAR() subpointer = subbuffer; -#define SB_TERM() { subend = subpointer; SB_CLEAR(); } -#define SB_ACCUM(c) if (subpointer < (subbuffer+sizeof subbuffer)) { \ - *subpointer++ = (c); \ - } - -#define SB_GET() ((*subpointer++)&0xff) -#define SB_PEEK() ((*subpointer)&0xff) -#define SB_EOF() (subpointer >= subend) -#define SB_LEN() (subend - subpointer) - -char options[256]; /* The combined options */ -char do_dont_resp[256]; -char will_wont_resp[256]; - -int - eight = 3, - binary = 0, - autologin = 0, /* Autologin anyone? */ - skiprc = 0, - connected, - showoptions, - ISend, /* trying to send network data in */ - debug = 0, - crmod, - netdata, /* Print out network data flow */ - crlf, /* Should '\r' be mapped to (or )? */ - telnetport, - wantencryption = 0, - SYNCHing, /* we are in TELNET SYNCH mode */ - flushout, /* flush output */ - autoflush = 0, /* flush output when interrupting? */ - autosynch, /* send interrupt characters with SYNCH? */ - localflow, /* we handle flow control locally */ - restartany, /* if flow control enabled, restart on any character */ - localchars, /* we recognize interrupt/quit */ - donelclchars, /* the user has set "localchars" */ - donebinarytoggle, /* the user has put us in binary */ - dontlecho, /* do we suppress local echoing right now? */ - globalmode; - -char *prompt = 0; - -int scheduler_lockout_tty = 0; - -cc_t escape; -cc_t rlogin; -#ifdef KLUDGELINEMODE -cc_t echoc; -#endif - -/* - * Telnet receiver states for fsm - */ -#define TS_DATA 0 -#define TS_IAC 1 -#define TS_WILL 2 -#define TS_WONT 3 -#define TS_DO 4 -#define TS_DONT 5 -#define TS_CR 6 -#define TS_SB 7 /* sub-option collection */ -#define TS_SE 8 /* looking for sub-option end */ - -static int telrcv_state; -#ifdef OLD_ENVIRON -unsigned char telopt_environ = TELOPT_NEW_ENVIRON; -#else -# define telopt_environ TELOPT_NEW_ENVIRON -#endif - -jmp_buf toplevel; -jmp_buf peerdied; - -int flushline; -int linemode; - -#ifdef KLUDGELINEMODE -int kludgelinemode = 1; -#endif - -/* - * The following are some clocks used to decide how to interpret - * the relationship between various variables. - */ - -Clocks clocks; - -static int is_unique(char *name, char **as, char **ae); - - -/* - * Initialize telnet environment. - */ - -void -init_telnet(void) -{ - env_init(); - - SB_CLEAR(); - memset(options, 0, sizeof options); - - connected = ISend = localflow = donebinarytoggle = 0; -#if defined(AUTHENTICATION) || defined(ENCRYPTION) - auth_encrypt_connect(connected); -#endif /* defined(AUTHENTICATION) || defined(ENCRYPTION) */ - restartany = -1; - - SYNCHing = 0; - - /* Don't change NetTrace */ - - escape = CONTROL(']'); - rlogin = _POSIX_VDISABLE; -#ifdef KLUDGELINEMODE - echoc = CONTROL('E'); -#endif - - flushline = 1; - telrcv_state = TS_DATA; -} - - -/* - * These routines are in charge of sending option negotiations - * to the other side. - * - * The basic idea is that we send the negotiation if either side - * is in disagreement as to what the current state should be. - */ - -void -send_do(int c, int init) -{ - if (init) { - if (((do_dont_resp[c] == 0) && my_state_is_do(c)) || - my_want_state_is_do(c)) - return; - set_my_want_state_do(c); - do_dont_resp[c]++; - } - NET2ADD(IAC, DO); - NETADD(c); - printoption("SENT", DO, c); -} - -void -send_dont(int c, int init) -{ - if (init) { - if (((do_dont_resp[c] == 0) && my_state_is_dont(c)) || - my_want_state_is_dont(c)) - return; - set_my_want_state_dont(c); - do_dont_resp[c]++; - } - NET2ADD(IAC, DONT); - NETADD(c); - printoption("SENT", DONT, c); -} - -void -send_will(int c, int init) -{ - if (init) { - if (((will_wont_resp[c] == 0) && my_state_is_will(c)) || - my_want_state_is_will(c)) - return; - set_my_want_state_will(c); - will_wont_resp[c]++; - } - NET2ADD(IAC, WILL); - NETADD(c); - printoption("SENT", WILL, c); -} - -void -send_wont(int c, int init) -{ - if (init) { - if (((will_wont_resp[c] == 0) && my_state_is_wont(c)) || - my_want_state_is_wont(c)) - return; - set_my_want_state_wont(c); - will_wont_resp[c]++; - } - NET2ADD(IAC, WONT); - NETADD(c); - printoption("SENT", WONT, c); -} - - -void -willoption(int option) -{ - int new_state_ok = 0; - - if (do_dont_resp[option]) { - --do_dont_resp[option]; - if (do_dont_resp[option] && my_state_is_do(option)) - --do_dont_resp[option]; - } - - if ((do_dont_resp[option] == 0) && my_want_state_is_dont(option)) { - - switch (option) { - - case TELOPT_ECHO: - case TELOPT_BINARY: - case TELOPT_SGA: - settimer(modenegotiated); - /* FALL THROUGH */ - case TELOPT_STATUS: -#if defined(AUTHENTICATION) - case TELOPT_AUTHENTICATION: -#endif -#if defined(ENCRYPTION) - case TELOPT_ENCRYPT: -#endif - new_state_ok = 1; - break; - - case TELOPT_TM: - if (flushout) - flushout = 0; - /* - * Special case for TM. If we get back a WILL, - * pretend we got back a WONT. - */ - set_my_want_state_dont(option); - set_my_state_dont(option); - return; /* Never reply to TM will's/wont's */ - - case TELOPT_LINEMODE: - default: - break; - } - - if (new_state_ok) { - set_my_want_state_do(option); - send_do(option, 0); - setconnmode(0); /* possibly set new tty mode */ - } else { - do_dont_resp[option]++; - send_dont(option, 0); - } - } - set_my_state_do(option); -#if defined(ENCRYPTION) - if (option == TELOPT_ENCRYPT) - encrypt_send_support(); -#endif -} - -void -wontoption(int option) -{ - if (do_dont_resp[option]) { - --do_dont_resp[option]; - if (do_dont_resp[option] && my_state_is_dont(option)) - --do_dont_resp[option]; - } - - if ((do_dont_resp[option] == 0) && my_want_state_is_do(option)) { - - switch (option) { - -#ifdef KLUDGELINEMODE - case TELOPT_SGA: - if (!kludgelinemode) - break; - /* FALL THROUGH */ -#endif - case TELOPT_ECHO: - settimer(modenegotiated); - break; - - case TELOPT_TM: - if (flushout) - flushout = 0; - set_my_want_state_dont(option); - set_my_state_dont(option); - return; /* Never reply to TM will's/wont's */ - -#ifdef ENCRYPTION - case TELOPT_ENCRYPT: - encrypt_not(); - break; -#endif - default: - break; - } - set_my_want_state_dont(option); - if (my_state_is_do(option)) - send_dont(option, 0); - setconnmode(0); /* Set new tty mode */ - } else if (option == TELOPT_TM) { - /* - * Special case for TM. - */ - if (flushout) - flushout = 0; - set_my_want_state_dont(option); - } - set_my_state_dont(option); -} - -static void -dooption(int option) -{ - int new_state_ok = 0; - - if (will_wont_resp[option]) { - --will_wont_resp[option]; - if (will_wont_resp[option] && my_state_is_will(option)) - --will_wont_resp[option]; - } - - if (will_wont_resp[option] == 0) { - if (my_want_state_is_wont(option)) { - - switch (option) { - - case TELOPT_TM: - /* - * Special case for TM. We send a WILL, but pretend - * we sent WONT. - */ - send_will(option, 0); - set_my_want_state_wont(TELOPT_TM); - set_my_state_wont(TELOPT_TM); - return; - - case TELOPT_BINARY: /* binary mode */ - case TELOPT_NAWS: /* window size */ - case TELOPT_TSPEED: /* terminal speed */ - case TELOPT_LFLOW: /* local flow control */ - case TELOPT_TTYPE: /* terminal type option */ - case TELOPT_SGA: /* no big deal */ -#if defined(ENCRYPTION) - case TELOPT_ENCRYPT: /* encryption variable option */ -#endif - new_state_ok = 1; - break; - - case TELOPT_NEW_ENVIRON: /* New environment variable option */ -#ifdef OLD_ENVIRON - if (my_state_is_will(TELOPT_OLD_ENVIRON)) - send_wont(TELOPT_OLD_ENVIRON, 1); /* turn off the old */ - goto env_common; - case TELOPT_OLD_ENVIRON: /* Old environment variable option */ - if (my_state_is_will(TELOPT_NEW_ENVIRON)) - break; /* Don't enable if new one is in use! */ - env_common: - telopt_environ = option; -#endif - new_state_ok = 1; - break; - -#if defined(AUTHENTICATION) - case TELOPT_AUTHENTICATION: - if (autologin) - new_state_ok = 1; - break; -#endif - - case TELOPT_XDISPLOC: /* X Display location */ - if (env_getvalue((unsigned char *)"DISPLAY")) - new_state_ok = 1; - break; - - case TELOPT_LINEMODE: -#ifdef KLUDGELINEMODE - kludgelinemode = 0; - send_do(TELOPT_SGA, 1); -#endif - set_my_want_state_will(TELOPT_LINEMODE); - send_will(option, 0); - set_my_state_will(TELOPT_LINEMODE); - slc_init(); - return; - - case TELOPT_ECHO: /* We're never going to echo... */ - default: - break; - } - - if (new_state_ok) { - set_my_want_state_will(option); - send_will(option, 0); - setconnmode(0); /* Set new tty mode */ - } else { - will_wont_resp[option]++; - send_wont(option, 0); - } - } else { - /* - * Handle options that need more things done after the - * other side has acknowledged the option. - */ - switch (option) { - case TELOPT_LINEMODE: -#ifdef KLUDGELINEMODE - kludgelinemode = 0; - send_do(TELOPT_SGA, 1); -#endif - set_my_state_will(option); - slc_init(); - send_do(TELOPT_SGA, 0); - return; - } - } - } - set_my_state_will(option); -} - -static void -dontoption(int option) -{ - - if (will_wont_resp[option]) { - --will_wont_resp[option]; - if (will_wont_resp[option] && my_state_is_wont(option)) - --will_wont_resp[option]; - } - - if ((will_wont_resp[option] == 0) && my_want_state_is_will(option)) { - switch (option) { - case TELOPT_LINEMODE: - linemode = 0; /* put us back to the default state */ - break; -#ifdef OLD_ENVIRON - case TELOPT_NEW_ENVIRON: - /* - * The new environ option wasn't recognized, try - * the old one. - */ - send_will(TELOPT_OLD_ENVIRON, 1); - telopt_environ = TELOPT_OLD_ENVIRON; - break; -#endif -#if 0 -#ifdef ENCRYPTION - case TELOPT_ENCRYPT: - encrypt_not(); - break; -#endif -#endif - } - /* we always accept a DONT */ - set_my_want_state_wont(option); - if (my_state_is_will(option)) - send_wont(option, 0); - setconnmode(0); /* Set new tty mode */ - } - set_my_state_wont(option); -} - -/* - * Given a buffer returned by tgetent(), this routine will turn - * the pipe separated list of names in the buffer into an array - * of pointers to null terminated names. We toss out any bad, - * duplicate, or verbose names (names with spaces). - */ - -static char *name_unknown = "UNKNOWN"; -static char *unknown[] = { 0, 0 }; - -static char ** -mklist(char *buf, char *name) -{ - int n; - char c, *cp, **argvp, *cp2, **argv, **avt; - - if (name) { - if ((int)strlen(name) > 40) { - name = 0; - unknown[0] = name_unknown; - } else { - unknown[0] = name; - strupr(name); - } - } else - unknown[0] = name_unknown; - /* - * Count up the number of names. - */ - for (n = 1, cp = buf; *cp && *cp != ':'; cp++) { - if (*cp == '|') - n++; - } - /* - * Allocate an array to put the name pointers into - */ - argv = (char **)malloc((n+3)*sizeof(char *)); - if (argv == 0) - return(unknown); - - /* - * Fill up the array of pointers to names. - */ - *argv = 0; - argvp = argv+1; - n = 0; - for (cp = cp2 = buf; (c = *cp); cp++) { - if (c == '|' || c == ':') { - *cp++ = '\0'; - /* - * Skip entries that have spaces or are over 40 - * characters long. If this is our environment - * name, then put it up front. Otherwise, as - * long as this is not a duplicate name (case - * insensitive) add it to the list. - */ - if (n || (cp - cp2 > 41)) - ; - else if (name && (strncasecmp(name, cp2, cp-cp2) == 0)) - *argv = cp2; - else if (is_unique(cp2, argv+1, argvp)) - *argvp++ = cp2; - if (c == ':') - break; - /* - * Skip multiple delimiters. Reset cp2 to - * the beginning of the next name. Reset n, - * the flag for names with spaces. - */ - while ((c = *cp) == '|') - cp++; - cp2 = cp; - n = 0; - } - /* - * Skip entries with spaces or non-ascii values. - * Convert lower case letters to upper case. - */ -#undef ISASCII -#define ISASCII(c) (!((c)&0x80)) - if ((c == ' ') || !ISASCII(c)) - n = 1; - else if (islower((unsigned char)c)) - *cp = toupper((unsigned char)c); - } - - /* - * Check for an old V6 2 character name. If the second - * name points to the beginning of the buffer, and is - * only 2 characters long, move it to the end of the array. - */ - if ((argv[1] == buf) && (strlen(argv[1]) == 2)) { - --argvp; - for (avt = &argv[1]; avt < argvp; avt++) - *avt = *(avt+1); - *argvp++ = buf; - } - - /* - * Duplicate last name, for TTYPE option, and null - * terminate the array. If we didn't find a match on - * our terminal name, put that name at the beginning. - */ - cp = *(argvp-1); - *argvp++ = cp; - *argvp = 0; - - if (*argv == 0) { - if (name) - *argv = name; - else { - --argvp; - for (avt = argv; avt < argvp; avt++) - *avt = *(avt+1); - } - } - if (*argv) - return(argv); - else - return(unknown); -} - -static int -is_unique(char *name, char **as, char **ae) -{ - char **ap; - int n; - - n = strlen(name) + 1; - for (ap = as; ap < ae; ap++) - if (strncasecmp(*ap, name, n) == 0) - return(0); - return (1); -} - -static char termbuf[1024]; - -static int -telnet_setupterm(const char *tname, int fd, int *errp) -{ -#ifdef HAVE_TGETENT - if (tgetent(termbuf, tname) == 1) { - termbuf[1023] = '\0'; - if (errp) - *errp = 1; - return(0); - } - if (errp) - *errp = 0; - return(-1); -#else - strlcpy(termbuf, tname, sizeof(termbuf)); - if(errp) *errp = 1; - return 0; -#endif -} - -int resettermname = 1; - -static char * -gettermname() -{ - char *tname; - static char **tnamep = 0; - static char **next; - int err; - - if (resettermname) { - resettermname = 0; - if (tnamep && tnamep != unknown) - free(tnamep); - if ((tname = (char *)env_getvalue((unsigned char *)"TERM")) && - telnet_setupterm(tname, 1, &err) == 0) { - tnamep = mklist(termbuf, tname); - } else { - if (tname && ((int)strlen(tname) <= 40)) { - unknown[0] = tname; - strupr(tname); - } else - unknown[0] = name_unknown; - tnamep = unknown; - } - next = tnamep; - } - if (*next == 0) - next = tnamep; - return(*next++); -} -/* - * suboption() - * - * Look at the sub-option buffer, and try to be helpful to the other - * side. - * - * Currently we recognize: - * - * Terminal type, send request. - * Terminal speed (send request). - * Local flow control (is request). - * Linemode - */ - -static void -suboption() -{ - unsigned char subchar; - - printsub('<', subbuffer, SB_LEN()+2); - switch (subchar = SB_GET()) { - case TELOPT_TTYPE: - if (my_want_state_is_wont(TELOPT_TTYPE)) - return; - if (SB_EOF() || SB_GET() != TELQUAL_SEND) { - return; - } else { - char *name; - unsigned char temp[50]; - int len; - - name = gettermname(); - len = strlen(name) + 4 + 2; - if (len < NETROOM()) { - snprintf((char *)temp, sizeof(temp), - "%c%c%c%c%s%c%c", IAC, SB, TELOPT_TTYPE, - TELQUAL_IS, name, IAC, SE); - ring_supply_data(&netoring, temp, len); - printsub('>', &temp[2], len-2); - } else { - ExitString("No room in buffer for terminal type.\n", 1); - /*NOTREACHED*/ - } - } - break; - case TELOPT_TSPEED: - if (my_want_state_is_wont(TELOPT_TSPEED)) - return; - if (SB_EOF()) - return; - if (SB_GET() == TELQUAL_SEND) { - long output_speed, input_speed; - unsigned char temp[50]; - int len; - - TerminalSpeeds(&input_speed, &output_speed); - - snprintf((char *)temp, sizeof(temp), - "%c%c%c%c%u,%u%c%c", IAC, SB, TELOPT_TSPEED, - TELQUAL_IS, - (unsigned)output_speed, - (unsigned)input_speed, IAC, SE); - len = strlen((char *)temp+4) + 4; /* temp[3] is 0 ... */ - - if (len < NETROOM()) { - ring_supply_data(&netoring, temp, len); - printsub('>', temp+2, len - 2); - } -/*@*/ else printf("lm_will: not enough room in buffer\n"); - } - break; - case TELOPT_LFLOW: - if (my_want_state_is_wont(TELOPT_LFLOW)) - return; - if (SB_EOF()) - return; - switch(SB_GET()) { - case LFLOW_RESTART_ANY: - restartany = 1; - break; - case LFLOW_RESTART_XON: - restartany = 0; - break; - case LFLOW_ON: - localflow = 1; - break; - case LFLOW_OFF: - localflow = 0; - break; - default: - return; - } - setcommandmode(); - setconnmode(0); - break; - - case TELOPT_LINEMODE: - if (my_want_state_is_wont(TELOPT_LINEMODE)) - return; - if (SB_EOF()) - return; - switch (SB_GET()) { - case WILL: - lm_will(subpointer, SB_LEN()); - break; - case WONT: - lm_wont(subpointer, SB_LEN()); - break; - case DO: - lm_do(subpointer, SB_LEN()); - break; - case DONT: - lm_dont(subpointer, SB_LEN()); - break; - case LM_SLC: - slc(subpointer, SB_LEN()); - break; - case LM_MODE: - lm_mode(subpointer, SB_LEN(), 0); - break; - default: - break; - } - break; - -#ifdef OLD_ENVIRON - case TELOPT_OLD_ENVIRON: -#endif - case TELOPT_NEW_ENVIRON: - if (SB_EOF()) - return; - switch(SB_PEEK()) { - case TELQUAL_IS: - case TELQUAL_INFO: - if (my_want_state_is_dont(subchar)) - return; - break; - case TELQUAL_SEND: - if (my_want_state_is_wont(subchar)) { - return; - } - break; - default: - return; - } - env_opt(subpointer, SB_LEN()); - break; - - case TELOPT_XDISPLOC: - if (my_want_state_is_wont(TELOPT_XDISPLOC)) - return; - if (SB_EOF()) - return; - if (SB_GET() == TELQUAL_SEND) { - unsigned char temp[50], *dp; - int len; - - if ((dp = env_getvalue((unsigned char *)"DISPLAY")) == NULL) { - /* - * Something happened, we no longer have a DISPLAY - * variable. So, turn off the option. - */ - send_wont(TELOPT_XDISPLOC, 1); - break; - } - snprintf((char *)temp, sizeof(temp), - "%c%c%c%c%s%c%c", IAC, SB, TELOPT_XDISPLOC, - TELQUAL_IS, dp, IAC, SE); - len = strlen((char *)temp+4) + 4; /* temp[3] is 0 ... */ - - if (len < NETROOM()) { - ring_supply_data(&netoring, temp, len); - printsub('>', temp+2, len - 2); - } -/*@*/ else printf("lm_will: not enough room in buffer\n"); - } - break; - -#if defined(AUTHENTICATION) - case TELOPT_AUTHENTICATION: { - if (!autologin) - break; - if (SB_EOF()) - return; - switch(SB_GET()) { - case TELQUAL_IS: - if (my_want_state_is_dont(TELOPT_AUTHENTICATION)) - return; - auth_is(subpointer, SB_LEN()); - break; - case TELQUAL_SEND: - if (my_want_state_is_wont(TELOPT_AUTHENTICATION)) - return; - auth_send(subpointer, SB_LEN()); - break; - case TELQUAL_REPLY: - if (my_want_state_is_wont(TELOPT_AUTHENTICATION)) - return; - auth_reply(subpointer, SB_LEN()); - break; - case TELQUAL_NAME: - if (my_want_state_is_dont(TELOPT_AUTHENTICATION)) - return; - auth_name(subpointer, SB_LEN()); - break; - } - } - break; -#endif -#if defined(ENCRYPTION) - case TELOPT_ENCRYPT: - if (SB_EOF()) - return; - switch(SB_GET()) { - case ENCRYPT_START: - if (my_want_state_is_dont(TELOPT_ENCRYPT)) - return; - encrypt_start(subpointer, SB_LEN()); - break; - case ENCRYPT_END: - if (my_want_state_is_dont(TELOPT_ENCRYPT)) - return; - encrypt_end(); - break; - case ENCRYPT_SUPPORT: - if (my_want_state_is_wont(TELOPT_ENCRYPT)) - return; - encrypt_support(subpointer, SB_LEN()); - break; - case ENCRYPT_REQSTART: - if (my_want_state_is_wont(TELOPT_ENCRYPT)) - return; - encrypt_request_start(subpointer, SB_LEN()); - break; - case ENCRYPT_REQEND: - if (my_want_state_is_wont(TELOPT_ENCRYPT)) - return; - /* - * We can always send an REQEND so that we cannot - * get stuck encrypting. We should only get this - * if we have been able to get in the correct mode - * anyhow. - */ - encrypt_request_end(); - break; - case ENCRYPT_IS: - if (my_want_state_is_dont(TELOPT_ENCRYPT)) - return; - encrypt_is(subpointer, SB_LEN()); - break; - case ENCRYPT_REPLY: - if (my_want_state_is_wont(TELOPT_ENCRYPT)) - return; - encrypt_reply(subpointer, SB_LEN()); - break; - case ENCRYPT_ENC_KEYID: - if (my_want_state_is_dont(TELOPT_ENCRYPT)) - return; - encrypt_enc_keyid(subpointer, SB_LEN()); - break; - case ENCRYPT_DEC_KEYID: - if (my_want_state_is_wont(TELOPT_ENCRYPT)) - return; - encrypt_dec_keyid(subpointer, SB_LEN()); - break; - default: - break; - } - break; -#endif - default: - break; - } -} - -static unsigned char str_lm[] = { IAC, SB, TELOPT_LINEMODE, 0, 0, IAC, SE }; - -void -lm_will(unsigned char *cmd, int len) -{ - if (len < 1) { -/*@*/ printf("lm_will: no command!!!\n"); /* Should not happen... */ - return; - } - switch(cmd[0]) { - case LM_FORWARDMASK: /* We shouldn't ever get this... */ - default: - str_lm[3] = DONT; - str_lm[4] = cmd[0]; - if (NETROOM() > sizeof(str_lm)) { - ring_supply_data(&netoring, str_lm, sizeof(str_lm)); - printsub('>', &str_lm[2], sizeof(str_lm)-2); - } -/*@*/ else printf("lm_will: not enough room in buffer\n"); - break; - } -} - -void -lm_wont(unsigned char *cmd, int len) -{ - if (len < 1) { -/*@*/ printf("lm_wont: no command!!!\n"); /* Should not happen... */ - return; - } - switch(cmd[0]) { - case LM_FORWARDMASK: /* We shouldn't ever get this... */ - default: - /* We are always DONT, so don't respond */ - return; - } -} - -void -lm_do(unsigned char *cmd, int len) -{ - if (len < 1) { -/*@*/ printf("lm_do: no command!!!\n"); /* Should not happen... */ - return; - } - switch(cmd[0]) { - case LM_FORWARDMASK: - default: - str_lm[3] = WONT; - str_lm[4] = cmd[0]; - if (NETROOM() > sizeof(str_lm)) { - ring_supply_data(&netoring, str_lm, sizeof(str_lm)); - printsub('>', &str_lm[2], sizeof(str_lm)-2); - } -/*@*/ else printf("lm_do: not enough room in buffer\n"); - break; - } -} - -void -lm_dont(unsigned char *cmd, int len) -{ - if (len < 1) { -/*@*/ printf("lm_dont: no command!!!\n"); /* Should not happen... */ - return; - } - switch(cmd[0]) { - case LM_FORWARDMASK: - default: - /* we are always WONT, so don't respond */ - break; - } -} - -static unsigned char str_lm_mode[] = { - IAC, SB, TELOPT_LINEMODE, LM_MODE, 0, IAC, SE -}; - -void -lm_mode(unsigned char *cmd, int len, int init) -{ - if (len != 1) - return; - if ((linemode&MODE_MASK&~MODE_ACK) == *cmd) - return; - if (*cmd&MODE_ACK) - return; - linemode = *cmd&(MODE_MASK&~MODE_ACK); - str_lm_mode[4] = linemode; - if (!init) - str_lm_mode[4] |= MODE_ACK; - if (NETROOM() > sizeof(str_lm_mode)) { - ring_supply_data(&netoring, str_lm_mode, sizeof(str_lm_mode)); - printsub('>', &str_lm_mode[2], sizeof(str_lm_mode)-2); - } -/*@*/ else printf("lm_mode: not enough room in buffer\n"); - setconnmode(0); /* set changed mode */ -} - - - -/* - * slc() - * Handle special character suboption of LINEMODE. - */ - -struct spc { - cc_t val; - cc_t *valp; - char flags; /* Current flags & level */ - char mylevel; /* Maximum level & flags */ -} spc_data[NSLC+1]; - -#define SLC_IMPORT 0 -#define SLC_EXPORT 1 -#define SLC_RVALUE 2 -static int slc_mode = SLC_EXPORT; - -void -slc_init() -{ - struct spc *spcp; - - localchars = 1; - for (spcp = spc_data; spcp < &spc_data[NSLC+1]; spcp++) { - spcp->val = 0; - spcp->valp = 0; - spcp->flags = spcp->mylevel = SLC_NOSUPPORT; - } - -#define initfunc(func, flags) { \ - spcp = &spc_data[func]; \ - if ((spcp->valp = tcval(func))) { \ - spcp->val = *spcp->valp; \ - spcp->mylevel = SLC_VARIABLE|flags; \ - } else { \ - spcp->val = 0; \ - spcp->mylevel = SLC_DEFAULT; \ - } \ - } - - initfunc(SLC_SYNCH, 0); - /* No BRK */ - initfunc(SLC_AO, 0); - initfunc(SLC_AYT, 0); - /* No EOR */ - initfunc(SLC_ABORT, SLC_FLUSHIN|SLC_FLUSHOUT); - initfunc(SLC_EOF, 0); - initfunc(SLC_SUSP, SLC_FLUSHIN); - initfunc(SLC_EC, 0); - initfunc(SLC_EL, 0); - initfunc(SLC_EW, 0); - initfunc(SLC_RP, 0); - initfunc(SLC_LNEXT, 0); - initfunc(SLC_XON, 0); - initfunc(SLC_XOFF, 0); - initfunc(SLC_FORW1, 0); - initfunc(SLC_FORW2, 0); - /* No FORW2 */ - - initfunc(SLC_IP, SLC_FLUSHIN|SLC_FLUSHOUT); -#undef initfunc - - if (slc_mode == SLC_EXPORT) - slc_export(); - else - slc_import(1); - -} - -void -slcstate() -{ - printf("Special characters are %s values\n", - slc_mode == SLC_IMPORT ? "remote default" : - slc_mode == SLC_EXPORT ? "local" : - "remote"); -} - -void -slc_mode_export() -{ - slc_mode = SLC_EXPORT; - if (my_state_is_will(TELOPT_LINEMODE)) - slc_export(); -} - -void -slc_mode_import(int def) -{ - slc_mode = def ? SLC_IMPORT : SLC_RVALUE; - if (my_state_is_will(TELOPT_LINEMODE)) - slc_import(def); -} - -unsigned char slc_import_val[] = { - IAC, SB, TELOPT_LINEMODE, LM_SLC, 0, SLC_VARIABLE, 0, IAC, SE -}; -unsigned char slc_import_def[] = { - IAC, SB, TELOPT_LINEMODE, LM_SLC, 0, SLC_DEFAULT, 0, IAC, SE -}; - -void -slc_import(int def) -{ - if (NETROOM() > sizeof(slc_import_val)) { - if (def) { - ring_supply_data(&netoring, slc_import_def, sizeof(slc_import_def)); - printsub('>', &slc_import_def[2], sizeof(slc_import_def)-2); - } else { - ring_supply_data(&netoring, slc_import_val, sizeof(slc_import_val)); - printsub('>', &slc_import_val[2], sizeof(slc_import_val)-2); - } - } -/*@*/ else printf("slc_import: not enough room\n"); -} - -void -slc_export() -{ - struct spc *spcp; - - TerminalDefaultChars(); - - slc_start_reply(); - for (spcp = &spc_data[1]; spcp < &spc_data[NSLC+1]; spcp++) { - if (spcp->mylevel != SLC_NOSUPPORT) { - if (spcp->val == (cc_t)(_POSIX_VDISABLE)) - spcp->flags = SLC_NOSUPPORT; - else - spcp->flags = spcp->mylevel; - if (spcp->valp) - spcp->val = *spcp->valp; - slc_add_reply(spcp - spc_data, spcp->flags, spcp->val); - } - } - slc_end_reply(); - slc_update(); - setconnmode(1); /* Make sure the character values are set */ -} - -void -slc(unsigned char *cp, int len) -{ - struct spc *spcp; - int func,level; - - slc_start_reply(); - - for (; len >= 3; len -=3, cp +=3) { - - func = cp[SLC_FUNC]; - - if (func == 0) { - /* - * Client side: always ignore 0 function. - */ - continue; - } - if (func > NSLC) { - if ((cp[SLC_FLAGS] & SLC_LEVELBITS) != SLC_NOSUPPORT) - slc_add_reply(func, SLC_NOSUPPORT, 0); - continue; - } - - spcp = &spc_data[func]; - - level = cp[SLC_FLAGS]&(SLC_LEVELBITS|SLC_ACK); - - if ((cp[SLC_VALUE] == (unsigned char)spcp->val) && - ((level&SLC_LEVELBITS) == (spcp->flags&SLC_LEVELBITS))) { - continue; - } - - if (level == (SLC_DEFAULT|SLC_ACK)) { - /* - * This is an error condition, the SLC_ACK - * bit should never be set for the SLC_DEFAULT - * level. Our best guess to recover is to - * ignore the SLC_ACK bit. - */ - cp[SLC_FLAGS] &= ~SLC_ACK; - } - - if (level == ((spcp->flags&SLC_LEVELBITS)|SLC_ACK)) { - spcp->val = (cc_t)cp[SLC_VALUE]; - spcp->flags = cp[SLC_FLAGS]; /* include SLC_ACK */ - continue; - } - - level &= ~SLC_ACK; - - if (level <= (spcp->mylevel&SLC_LEVELBITS)) { - spcp->flags = cp[SLC_FLAGS]|SLC_ACK; - spcp->val = (cc_t)cp[SLC_VALUE]; - } - if (level == SLC_DEFAULT) { - if ((spcp->mylevel&SLC_LEVELBITS) != SLC_DEFAULT) - spcp->flags = spcp->mylevel; - else - spcp->flags = SLC_NOSUPPORT; - } - slc_add_reply(func, spcp->flags, spcp->val); - } - slc_end_reply(); - if (slc_update()) - setconnmode(1); /* set the new character values */ -} - -void -slc_check() -{ - struct spc *spcp; - - slc_start_reply(); - for (spcp = &spc_data[1]; spcp < &spc_data[NSLC+1]; spcp++) { - if (spcp->valp && spcp->val != *spcp->valp) { - spcp->val = *spcp->valp; - if (spcp->val == (cc_t)(_POSIX_VDISABLE)) - spcp->flags = SLC_NOSUPPORT; - else - spcp->flags = spcp->mylevel; - slc_add_reply(spcp - spc_data, spcp->flags, spcp->val); - } - } - slc_end_reply(); - setconnmode(1); -} - - -unsigned char slc_reply[128]; -unsigned char const * const slc_reply_eom = &slc_reply[sizeof(slc_reply)]; -unsigned char *slc_replyp; - -void -slc_start_reply() -{ - slc_replyp = slc_reply; - *slc_replyp++ = IAC; - *slc_replyp++ = SB; - *slc_replyp++ = TELOPT_LINEMODE; - *slc_replyp++ = LM_SLC; -} - -void -slc_add_reply(unsigned char func, unsigned char flags, cc_t value) -{ - /* A sequence of up to 6 bytes my be written for this member of the SLC - * suboption list by this function. The end of negotiation command, - * which is written by slc_end_reply(), will require 2 additional - * bytes. Do not proceed unless there is sufficient space for these - * items. - */ - if (&slc_replyp[6+2] > slc_reply_eom) - return; - if ((*slc_replyp++ = func) == IAC) - *slc_replyp++ = IAC; - if ((*slc_replyp++ = flags) == IAC) - *slc_replyp++ = IAC; - if ((*slc_replyp++ = (unsigned char)value) == IAC) - *slc_replyp++ = IAC; -} - -void -slc_end_reply() -{ - int len; - - /* The end of negotiation command requires 2 bytes. */ - if (&slc_replyp[2] > slc_reply_eom) - return; - *slc_replyp++ = IAC; - *slc_replyp++ = SE; - len = slc_replyp - slc_reply; - if (len <= 6) - return; - if (NETROOM() > len) { - ring_supply_data(&netoring, slc_reply, slc_replyp - slc_reply); - printsub('>', &slc_reply[2], slc_replyp - slc_reply - 2); - } -/*@*/else printf("slc_end_reply: not enough room\n"); -} - -int -slc_update() -{ - struct spc *spcp; - int need_update = 0; - - for (spcp = &spc_data[1]; spcp < &spc_data[NSLC+1]; spcp++) { - if (!(spcp->flags&SLC_ACK)) - continue; - spcp->flags &= ~SLC_ACK; - if (spcp->valp && (*spcp->valp != spcp->val)) { - *spcp->valp = spcp->val; - need_update = 1; - } - } - return(need_update); -} - -#ifdef OLD_ENVIRON -# define old_env_var OLD_ENV_VAR -# define old_env_value OLD_ENV_VALUE -#endif - -void -env_opt(unsigned char *buf, int len) -{ - unsigned char *ep = 0, *epc = 0; - int i; - - switch(buf[0]&0xff) { - case TELQUAL_SEND: - env_opt_start(); - if (len == 1) { - env_opt_add(NULL); - } else for (i = 1; i < len; i++) { - switch (buf[i]&0xff) { -#ifdef OLD_ENVIRON - case OLD_ENV_VAR: - case OLD_ENV_VALUE: - /* - * Although OLD_ENV_VALUE is not legal, we will - * still recognize it, just in case it is an - * old server that has VAR & VALUE mixed up... - */ - /* FALL THROUGH */ -#else - case NEW_ENV_VAR: -#endif - case ENV_USERVAR: - if (ep) { - *epc = 0; - env_opt_add(ep); - } - ep = epc = &buf[i+1]; - break; - case ENV_ESC: - i++; - /*FALL THROUGH*/ - default: - if (epc) - *epc++ = buf[i]; - break; - } - } - if (ep) { - *epc = 0; - env_opt_add(ep); - } - env_opt_end(1); - break; - - case TELQUAL_IS: - case TELQUAL_INFO: - /* Ignore for now. We shouldn't get it anyway. */ - break; - - default: - break; - } -} - -#define OPT_REPLY_SIZE (2 * SUBBUFSIZE) -unsigned char *opt_reply; -unsigned char *opt_replyp; -unsigned char *opt_replyend; - -void -env_opt_start() -{ - if (opt_reply) { - void *tmp = realloc (opt_reply, OPT_REPLY_SIZE); - if (tmp != NULL) { - opt_reply = tmp; - } else { - free (opt_reply); - opt_reply = NULL; - } - } else - opt_reply = (unsigned char *)malloc(OPT_REPLY_SIZE); - if (opt_reply == NULL) { -/*@*/ printf("env_opt_start: malloc()/realloc() failed!!!\n"); - opt_reply = opt_replyp = opt_replyend = NULL; - return; - } - opt_replyp = opt_reply; - opt_replyend = opt_reply + OPT_REPLY_SIZE; - *opt_replyp++ = IAC; - *opt_replyp++ = SB; - *opt_replyp++ = telopt_environ; - *opt_replyp++ = TELQUAL_IS; -} - -void -env_opt_start_info() -{ - env_opt_start(); - if (opt_replyp) - opt_replyp[-1] = TELQUAL_INFO; -} - -void -env_opt_add(unsigned char *ep) -{ - unsigned char *vp, c; - - if (opt_reply == NULL) /*XXX*/ - return; /*XXX*/ - - if (ep == NULL || *ep == '\0') { - /* Send user defined variables first. */ - env_default(1, 0); - while ((ep = env_default(0, 0))) - env_opt_add(ep); - - /* Now add the list of well know variables. */ - env_default(1, 1); - while ((ep = env_default(0, 1))) - env_opt_add(ep); - return; - } - vp = env_getvalue(ep); - if (opt_replyp + (vp ? 2 * strlen((char *)vp) : 0) + - 2 * strlen((char *)ep) + 6 > opt_replyend) - { - int len; - void *tmp; - opt_replyend += OPT_REPLY_SIZE; - len = opt_replyend - opt_reply; - tmp = realloc(opt_reply, len); - if (tmp == NULL) { -/*@*/ printf("env_opt_add: realloc() failed!!!\n"); - opt_reply = opt_replyp = opt_replyend = NULL; - return; - } - opt_reply = tmp; - opt_replyp = opt_reply + len - (opt_replyend - opt_replyp); - opt_replyend = opt_reply + len; - } - if (opt_welldefined((char *)ep)) { -#ifdef OLD_ENVIRON - if (telopt_environ == TELOPT_OLD_ENVIRON) - *opt_replyp++ = old_env_var; - else -#endif - *opt_replyp++ = NEW_ENV_VAR; - } else - *opt_replyp++ = ENV_USERVAR; - for (;;) { - while ((c = *ep++)) { - if (opt_replyp + (2 + 2) > opt_replyend) - return; - switch(c&0xff) { - case IAC: - *opt_replyp++ = IAC; - break; - case NEW_ENV_VAR: - case NEW_ENV_VALUE: - case ENV_ESC: - case ENV_USERVAR: - *opt_replyp++ = ENV_ESC; - break; - } - *opt_replyp++ = c; - } - if ((ep = vp)) { - if (opt_replyp + (1 + 2 + 2) > opt_replyend) - return; -#ifdef OLD_ENVIRON - if (telopt_environ == TELOPT_OLD_ENVIRON) - *opt_replyp++ = old_env_value; - else -#endif - *opt_replyp++ = NEW_ENV_VALUE; - vp = NULL; - } else - break; - } -} - -int -opt_welldefined(char *ep) -{ - if ((strcmp(ep, "USER") == 0) || - (strcmp(ep, "DISPLAY") == 0) || - (strcmp(ep, "PRINTER") == 0) || - (strcmp(ep, "SYSTEMTYPE") == 0) || - (strcmp(ep, "JOB") == 0) || - (strcmp(ep, "ACCT") == 0)) - return(1); - return(0); -} - -void -env_opt_end(int emptyok) -{ - int len; - - if (opt_replyp + 2 > opt_replyend) - return; - len = opt_replyp + 2 - opt_reply; - if (emptyok || len > 6) { - *opt_replyp++ = IAC; - *opt_replyp++ = SE; - if (NETROOM() > len) { - ring_supply_data(&netoring, opt_reply, len); - printsub('>', &opt_reply[2], len - 2); - } -/*@*/ else printf("slc_end_reply: not enough room\n"); - } - if (opt_reply) { - free(opt_reply); - opt_reply = opt_replyp = opt_replyend = NULL; - } -} - - - -int -telrcv(void) -{ - int c; - int scc; - unsigned char *sbp = NULL; - int count; - int returnValue = 0; - - scc = 0; - count = 0; - while (TTYROOM() > 2) { - if (scc == 0) { - if (count) { - ring_consumed(&netiring, count); - returnValue = 1; - count = 0; - } - sbp = netiring.consume; - scc = ring_full_consecutive(&netiring); - if (scc == 0) { - /* No more data coming in */ - break; - } - } - - c = *sbp++ & 0xff, scc--; count++; -#if defined(ENCRYPTION) - if (decrypt_input) - c = (*decrypt_input)(c); -#endif - - switch (telrcv_state) { - - case TS_CR: - telrcv_state = TS_DATA; - if (c == '\0') { - break; /* Ignore \0 after CR */ - } - else if ((c == '\n') && my_want_state_is_dont(TELOPT_ECHO) && !crmod) { - TTYADD(c); - break; - } - /* Else, fall through */ - - case TS_DATA: - if (c == IAC) { - telrcv_state = TS_IAC; - break; - } - /* - * The 'crmod' hack (see following) is needed - * since we can't set CRMOD on output only. - * Machines like MULTICS like to send \r without - * \n; since we must turn off CRMOD to get proper - * input, the mapping is done here (sigh). - */ - if ((c == '\r') && my_want_state_is_dont(TELOPT_BINARY)) { - if (scc > 0) { - c = *sbp&0xff; -#if defined(ENCRYPTION) - if (decrypt_input) - c = (*decrypt_input)(c); -#endif - if (c == 0) { - sbp++, scc--; count++; - /* a "true" CR */ - TTYADD('\r'); - } else if (my_want_state_is_dont(TELOPT_ECHO) && - (c == '\n')) { - sbp++, scc--; count++; - TTYADD('\n'); - } else { -#if defined(ENCRYPTION) - if (decrypt_input) - (*decrypt_input)(-1); -#endif - - TTYADD('\r'); - if (crmod) { - TTYADD('\n'); - } - } - } else { - telrcv_state = TS_CR; - TTYADD('\r'); - if (crmod) { - TTYADD('\n'); - } - } - } else { - TTYADD(c); - } - continue; - - case TS_IAC: -process_iac: - switch (c) { - - case WILL: - telrcv_state = TS_WILL; - continue; - - case WONT: - telrcv_state = TS_WONT; - continue; - - case DO: - telrcv_state = TS_DO; - continue; - - case DONT: - telrcv_state = TS_DONT; - continue; - - case DM: - /* - * We may have missed an urgent notification, - * so make sure we flush whatever is in the - * buffer currently. - */ - printoption("RCVD", IAC, DM); - SYNCHing = 1; - ttyflush(1); - SYNCHing = stilloob(); - settimer(gotDM); - break; - - case SB: - SB_CLEAR(); - telrcv_state = TS_SB; - continue; - - - case IAC: - TTYADD(IAC); - break; - - case NOP: - case GA: - default: - printoption("RCVD", IAC, c); - break; - } - telrcv_state = TS_DATA; - continue; - - case TS_WILL: - printoption("RCVD", WILL, c); - willoption(c); - telrcv_state = TS_DATA; - continue; - - case TS_WONT: - printoption("RCVD", WONT, c); - wontoption(c); - telrcv_state = TS_DATA; - continue; - - case TS_DO: - printoption("RCVD", DO, c); - dooption(c); - if (c == TELOPT_NAWS) { - sendnaws(); - } else if (c == TELOPT_LFLOW) { - localflow = 1; - setcommandmode(); - setconnmode(0); - } - telrcv_state = TS_DATA; - continue; - - case TS_DONT: - printoption("RCVD", DONT, c); - dontoption(c); - flushline = 1; - setconnmode(0); /* set new tty mode (maybe) */ - telrcv_state = TS_DATA; - continue; - - case TS_SB: - if (c == IAC) { - telrcv_state = TS_SE; - } else { - SB_ACCUM(c); - } - continue; - - case TS_SE: - if (c != SE) { - if (c != IAC) { - /* - * This is an error. We only expect to get - * "IAC IAC" or "IAC SE". Several things may - * have happened. An IAC was not doubled, the - * IAC SE was left off, or another option got - * inserted into the suboption are all possibilities. - * If we assume that the IAC was not doubled, - * and really the IAC SE was left off, we could - * get into an infinite loop here. So, instead, - * we terminate the suboption, and process the - * partial suboption if we can. - */ - SB_ACCUM(IAC); - SB_ACCUM(c); - subpointer -= 2; - SB_TERM(); - - printoption("In SUBOPTION processing, RCVD", IAC, c); - suboption(); /* handle sub-option */ - telrcv_state = TS_IAC; - goto process_iac; - } - SB_ACCUM(c); - telrcv_state = TS_SB; - } else { - SB_ACCUM(IAC); - SB_ACCUM(SE); - subpointer -= 2; - SB_TERM(); - suboption(); /* handle sub-option */ - telrcv_state = TS_DATA; - } - } - } - if (count) - ring_consumed(&netiring, count); - return returnValue||count; -} - -static int bol = 1, local = 0; - -int -rlogin_susp(void) -{ - if (local) { - local = 0; - bol = 1; - command(0, "z\n", 2); - return(1); - } - return(0); -} - -static int -telsnd() -{ - int tcc; - int count; - int returnValue = 0; - unsigned char *tbp = NULL; - - tcc = 0; - count = 0; - while (NETROOM() > 2) { - int sc; - int c; - - if (tcc == 0) { - if (count) { - ring_consumed(&ttyiring, count); - returnValue = 1; - count = 0; - } - tbp = ttyiring.consume; - tcc = ring_full_consecutive(&ttyiring); - if (tcc == 0) { - break; - } - } - c = *tbp++ & 0xff, sc = strip(c), tcc--; count++; - if (rlogin != _POSIX_VDISABLE) { - if (bol) { - bol = 0; - if (sc == rlogin) { - local = 1; - continue; - } - } else if (local) { - local = 0; - if (sc == '.' || c == termEofChar) { - bol = 1; - command(0, "close\n", 6); - continue; - } - if (sc == termSuspChar) { - bol = 1; - command(0, "z\n", 2); - continue; - } - if (sc == escape) { - command(0, (char *)tbp, tcc); - bol = 1; - count += tcc; - tcc = 0; - flushline = 1; - break; - } - if (sc != rlogin) { - ++tcc; - --tbp; - --count; - c = sc = rlogin; - } - } - if ((sc == '\n') || (sc == '\r')) - bol = 1; - } else if (sc == escape) { - /* - * Double escape is a pass through of a single escape character. - */ - if (tcc && strip(*tbp) == escape) { - tbp++; - tcc--; - count++; - bol = 0; - } else { - command(0, (char *)tbp, tcc); - bol = 1; - count += tcc; - tcc = 0; - flushline = 1; - break; - } - } else - bol = 0; -#ifdef KLUDGELINEMODE - if (kludgelinemode && (globalmode&MODE_EDIT) && (sc == echoc)) { - if (tcc > 0 && strip(*tbp) == echoc) { - tcc--; tbp++; count++; - } else { - dontlecho = !dontlecho; - settimer(echotoggle); - setconnmode(0); - flushline = 1; - break; - } - } -#endif - if (MODE_LOCAL_CHARS(globalmode)) { - if (TerminalSpecialChars(sc) == 0) { - bol = 1; - break; - } - } - if (my_want_state_is_wont(TELOPT_BINARY)) { - switch (c) { - case '\n': - /* - * If we are in CRMOD mode (\r ==> \n) - * on our local machine, then probably - * a newline (unix) is CRLF (TELNET). - */ - if (MODE_LOCAL_CHARS(globalmode)) { - NETADD('\r'); - } - NETADD('\n'); - bol = flushline = 1; - break; - case '\r': - if (!crlf) { - NET2ADD('\r', '\0'); - } else { - NET2ADD('\r', '\n'); - } - bol = flushline = 1; - break; - case IAC: - NET2ADD(IAC, IAC); - break; - default: - NETADD(c); - break; - } - } else if (c == IAC) { - NET2ADD(IAC, IAC); - } else { - NETADD(c); - } - } - if (count) - ring_consumed(&ttyiring, count); - return returnValue||count; /* Non-zero if we did anything */ -} - -/* - * Scheduler() - * - * Try to do something. - * - * If we do something useful, return 1; else return 0. - * - */ - - - int -Scheduler(int block) /* should we block in the select ? */ -{ - /* One wants to be a bit careful about setting returnValue - * to one, since a one implies we did some useful work, - * and therefore probably won't be called to block next - * time (TN3270 mode only). - */ - int returnValue; - int netin, netout, netex, ttyin, ttyout; - - /* Decide which rings should be processed */ - - netout = ring_full_count(&netoring) && - (flushline || - (my_want_state_is_wont(TELOPT_LINEMODE) -#ifdef KLUDGELINEMODE - && (!kludgelinemode || my_want_state_is_do(TELOPT_SGA)) -#endif - ) || - my_want_state_is_will(TELOPT_BINARY)); - ttyout = ring_full_count(&ttyoring); - - ttyin = ring_empty_count(&ttyiring); - - netin = !ISend && ring_empty_count(&netiring); - - netex = !SYNCHing; - - /* If we have seen a signal recently, reset things */ - - if (scheduler_lockout_tty) { - ttyin = ttyout = 0; - } - - /* Call to system code to process rings */ - - returnValue = process_rings(netin, netout, netex, ttyin, ttyout, !block); - - /* Now, look at the input rings, looking for work to do. */ - - if (ring_full_count(&ttyiring)) { - returnValue |= telsnd(); - } - - if (ring_full_count(&netiring)) { - returnValue |= telrcv(); - } - return returnValue; -} - -extern int auth_has_failed; /* XXX should be somewhere else */ - -/* - * Select from tty and network... - */ -void -my_telnet(char *user) -{ - int printed_encrypt = 0; - - sys_telnet_init(); - -#if defined(AUTHENTICATION) || defined(ENCRYPTION) - { - static char local_host[256] = { 0 }; - - if (!local_host[0]) { - /* XXX - should be k_gethostname? */ - gethostname(local_host, sizeof(local_host)); - local_host[sizeof(local_host)-1] = 0; - } - auth_encrypt_init(local_host, hostname, "TELNET", 0); - auth_encrypt_user(user); - } -#endif - if (telnetport) { -#if defined(AUTHENTICATION) - if (autologin) - send_will(TELOPT_AUTHENTICATION, 1); -#endif -#if defined(ENCRYPTION) - send_do(TELOPT_ENCRYPT, 1); - send_will(TELOPT_ENCRYPT, 1); -#endif - send_do(TELOPT_SGA, 1); - send_will(TELOPT_TTYPE, 1); - send_will(TELOPT_NAWS, 1); - send_will(TELOPT_TSPEED, 1); - send_will(TELOPT_LFLOW, 1); - send_will(TELOPT_LINEMODE, 1); - send_will(TELOPT_NEW_ENVIRON, 1); - send_do(TELOPT_STATUS, 1); - if (env_getvalue((unsigned char *)"DISPLAY")) - send_will(TELOPT_XDISPLOC, 1); - if (binary) - tel_enter_binary(binary); - } - -#ifdef ENCRYPTION - /* - * Note: we assume a tie to the authentication option here. This - * is necessary so that authentication fails, we don't spin - * forever. - */ - if (telnetport && wantencryption) { - time_t timeout = time(0) + 60; - - send_do(TELOPT_ENCRYPT, 1); - send_will(TELOPT_ENCRYPT, 1); - while (1) { - if (my_want_state_is_wont(TELOPT_AUTHENTICATION)) { - if (wantencryption == -1) { - break; - } else { - printf("\nServer refused to negotiate authentication,\n"); - printf("which is required for encryption.\n"); - Exit(1); - } - } - if (auth_has_failed) { - printf("\nAuthentication negotiation has failed,\n"); - printf("which is required for encryption.\n"); - Exit(1); - } - if (my_want_state_is_dont(TELOPT_ENCRYPT) || - my_want_state_is_wont(TELOPT_ENCRYPT)) { - printf("\nServer refused to negotiate encryption.\n"); - Exit(1); - } - if (encrypt_is_encrypting()) - break; - if (time(0) > timeout) { - printf("\nEncryption could not be enabled.\n"); - Exit(1); - } - if (printed_encrypt == 0) { - printed_encrypt = 1; - printf("Waiting for encryption to be negotiated...\n"); - /* - * Turn on MODE_TRAPSIG and then turn off localchars - * so that ^C will cause telnet to exit. - */ - TerminalNewMode(getconnmode()|MODE_TRAPSIG); - intr_waiting = 1; - } - if (intr_happened) { - printf("\nUser interrupt.\n"); - Exit(1); - } - if (telnet_spin()) { - printf("\nServer disconnected.\n"); - Exit(1); - } - - } - if (printed_encrypt) { - printf("Encryption negotiated.\n"); - intr_waiting = 0; - setconnmode(0); - } - } -#endif - - for (;;) { - int schedValue; - - while ((schedValue = Scheduler(0)) != 0) { - if (schedValue == -1) { - setcommandmode(); - return; - } - } - - if (Scheduler(1) == -1) { - setcommandmode(); - return; - } - } -} - -/* - * netclear() - * - * We are about to do a TELNET SYNCH operation. Clear - * the path to the network. - * - * Things are a bit tricky since we may have sent the first - * byte or so of a previous TELNET command into the network. - * So, we have to scan the network buffer from the beginning - * until we are up to where we want to be. - * - * A side effect of what we do, just to keep things - * simple, is to clear the urgent data pointer. The principal - * caller should be setting the urgent data pointer AFTER calling - * us in any case. - */ - -static void -netclear() -{ -#if 0 /* XXX */ - char *thisitem, *next; - char *good; -#define wewant(p) ((nfrontp > p) && ((*p&0xff) == IAC) && \ - ((*(p+1)&0xff) != EC) && ((*(p+1)&0xff) != EL)) - - thisitem = netobuf; - - while ((next = nextitem(thisitem)) <= netobuf.send) { - thisitem = next; - } - - /* Now, thisitem is first before/at boundary. */ - - good = netobuf; /* where the good bytes go */ - - while (netoring.add > thisitem) { - if (wewant(thisitem)) { - int length; - - next = thisitem; - do { - next = nextitem(next); - } while (wewant(next) && (nfrontp > next)); - length = next-thisitem; - memmove(good, thisitem, length); - good += length; - thisitem = next; - } else { - thisitem = nextitem(thisitem); - } - } - -#endif /* 0 */ -} - -/* - * These routines add various telnet commands to the data stream. - */ - -static void -doflush() -{ - NET2ADD(IAC, DO); - NETADD(TELOPT_TM); - flushline = 1; - flushout = 1; - ttyflush(1); /* Flush/drop output */ - /* do printoption AFTER flush, otherwise the output gets tossed... */ - printoption("SENT", DO, TELOPT_TM); -} - -void -xmitAO(void) -{ - NET2ADD(IAC, AO); - printoption("SENT", IAC, AO); - if (autoflush) { - doflush(); - } -} - - -void -xmitEL(void) -{ - NET2ADD(IAC, EL); - printoption("SENT", IAC, EL); -} - -void -xmitEC(void) -{ - NET2ADD(IAC, EC); - printoption("SENT", IAC, EC); -} - - -int -dosynch() -{ - netclear(); /* clear the path to the network */ - NETADD(IAC); - setneturg(); - NETADD(DM); - printoption("SENT", IAC, DM); - return 1; -} - -int want_status_response = 0; - -int -get_status() -{ - unsigned char tmp[16]; - unsigned char *cp; - - if (my_want_state_is_dont(TELOPT_STATUS)) { - printf("Remote side does not support STATUS option\n"); - return 0; - } - cp = tmp; - - *cp++ = IAC; - *cp++ = SB; - *cp++ = TELOPT_STATUS; - *cp++ = TELQUAL_SEND; - *cp++ = IAC; - *cp++ = SE; - if (NETROOM() >= cp - tmp) { - ring_supply_data(&netoring, tmp, cp-tmp); - printsub('>', tmp+2, cp - tmp - 2); - } - ++want_status_response; - return 1; -} - -void -intp(void) -{ - NET2ADD(IAC, IP); - printoption("SENT", IAC, IP); - flushline = 1; - if (autoflush) { - doflush(); - } - if (autosynch) { - dosynch(); - } -} - -void -sendbrk(void) -{ - NET2ADD(IAC, BREAK); - printoption("SENT", IAC, BREAK); - flushline = 1; - if (autoflush) { - doflush(); - } - if (autosynch) { - dosynch(); - } -} - -void -sendabort(void) -{ - NET2ADD(IAC, ABORT); - printoption("SENT", IAC, ABORT); - flushline = 1; - if (autoflush) { - doflush(); - } - if (autosynch) { - dosynch(); - } -} - -void -sendsusp(void) -{ - NET2ADD(IAC, SUSP); - printoption("SENT", IAC, SUSP); - flushline = 1; - if (autoflush) { - doflush(); - } - if (autosynch) { - dosynch(); - } -} - -void -sendeof(void) -{ - NET2ADD(IAC, xEOF); - printoption("SENT", IAC, xEOF); -} - -void -sendayt(void) -{ - NET2ADD(IAC, AYT); - printoption("SENT", IAC, AYT); -} - -/* - * Send a window size update to the remote system. - */ - -void -sendnaws() -{ - long rows, cols; - unsigned char tmp[16]; - unsigned char *cp; - - if (my_state_is_wont(TELOPT_NAWS)) - return; - -#undef PUTSHORT -#define PUTSHORT(cp, x) { if ((*cp++ = ((x)>>8)&0xff) == IAC) *cp++ = IAC; \ - if ((*cp++ = ((x))&0xff) == IAC) *cp++ = IAC; } - - if (TerminalWindowSize(&rows, &cols) == 0) { /* Failed */ - return; - } - - cp = tmp; - - *cp++ = IAC; - *cp++ = SB; - *cp++ = TELOPT_NAWS; - PUTSHORT(cp, cols); - PUTSHORT(cp, rows); - *cp++ = IAC; - *cp++ = SE; - if (NETROOM() >= cp - tmp) { - ring_supply_data(&netoring, tmp, cp-tmp); - printsub('>', tmp+2, cp - tmp - 2); - } -} - -void -tel_enter_binary(int rw) -{ - if (rw&1) - send_do(TELOPT_BINARY, 1); - if (rw&2) - send_will(TELOPT_BINARY, 1); -} - -void -tel_leave_binary(int rw) -{ - if (rw&1) - send_dont(TELOPT_BINARY, 1); - if (rw&2) - send_wont(TELOPT_BINARY, 1); -} diff --git a/crypto/heimdal/appl/telnet/telnet/telnet_locl.h b/crypto/heimdal/appl/telnet/telnet/telnet_locl.h deleted file mode 100644 index 503191db1f32..000000000000 --- a/crypto/heimdal/appl/telnet/telnet/telnet_locl.h +++ /dev/null @@ -1,181 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: telnet_locl.h 18776 2006-10-21 19:14:13Z lha $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include -#ifdef HAVE_SIGNAL_H -#include -#endif -#include -#include -#ifdef HAVE_BSDSETJMP_H -#include -#endif - -#ifdef HAVE_SYS_TYPES_H -#include -#endif - -#ifdef HAVE_UNISTD_H -#include -#endif - -/* termios.h *must* be included before curses.h, but not on Solaris 9, - at least, where we end up with - "/usr/include/term.h", line 1060: incomplete struct/union/enum termio: Ottyb -*/ -#if defined HAVE_TERMIOS_H && !defined __sun -#include -#endif - -#if defined(HAVE_CURSES_H) -#include -#ifdef HAVE_TERM_H -#include -#endif -#elif defined(HAVE_TERMCAP_H) -#include -#endif - -#if defined(HAVE_SYS_TERMIO_H) && !defined(HAVE_TERMIOS_H) -#include -#endif - -#ifdef HAVE_FCNTL_H -#include -#endif - -#ifdef HAVE_NETDB_H -#include -#endif - -#ifdef HAVE_PWD_H -#include -#endif - -#ifdef HAVE_SYS_SELECT_H -#include -#endif -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif -/* not with SunOS 4 */ -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 -#include -#endif -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif /* HAVE_SYS_RESOURCE_H */ -#ifdef HAVE_SYS_WAIT_H -#include -#endif -#ifdef HAVE_SYS_FILIO_H -#include -#endif -#ifdef HAVE_SYS_FILE_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif - -#ifdef HAVE_NETINET_IN_SYSTM_H -#include -#endif -#ifdef HAVE_NETINET_IP_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#ifdef _AIX -struct sockaddr_dl; /* AIX fun */ -struct ether_addr; -#endif -#include -#endif - -#ifdef HAVE_ARPA_TELNET_H -#include -#endif - -#ifdef SOCKS -#include -#endif - -#if defined(AUTHENTICATION) || defined(ENCRYPTION) -#include -#include -#endif -#include -#include - -#define LINEMODE -#ifndef KLUDGELINEMODE -#define KLUDGELINEMODE -#endif - -#include -#include - -#include "ring.h" -#include "externs.h" -#include "defines.h" -#include "types.h" - -/* prototypes */ - diff --git a/crypto/heimdal/appl/telnet/telnet/terminal.c b/crypto/heimdal/appl/telnet/telnet/terminal.c deleted file mode 100644 index 2fbd3dc9ab94..000000000000 --- a/crypto/heimdal/appl/telnet/telnet/terminal.c +++ /dev/null @@ -1,221 +0,0 @@ -/* - * Copyright (c) 1988, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnet_locl.h" - -RCSID("$Id: terminal.c 9733 2001-03-06 20:10:14Z assar $"); - -Ring ttyoring, ttyiring; -unsigned char ttyobuf[2*BUFSIZ], ttyibuf[BUFSIZ]; - -int termdata; /* Debugging flag */ - -# ifndef VDISCARD -cc_t termFlushChar; -# endif -# ifndef VLNEXT -cc_t termLiteralNextChar; -# endif -# ifndef VSUSP -cc_t termSuspChar; -# endif -# ifndef VWERASE -cc_t termWerasChar; -# endif -# ifndef VREPRINT -cc_t termRprntChar; -# endif -# ifndef VSTART -cc_t termStartChar; -# endif -# ifndef VSTOP -cc_t termStopChar; -# endif -# ifndef VEOL -cc_t termForw1Char; -# endif -# ifndef VEOL2 -cc_t termForw2Char; -# endif -# ifndef VSTATUS -cc_t termAytChar; -# endif - -/* - * initialize the terminal data structures. - */ - -void -init_terminal(void) -{ - if (ring_init(&ttyoring, ttyobuf, sizeof ttyobuf) != 1) { - exit(1); - } - if (ring_init(&ttyiring, ttyibuf, sizeof ttyibuf) != 1) { - exit(1); - } - autoflush = TerminalAutoFlush(); -} - - -/* - * Send as much data as possible to the terminal. - * - * Return value: - * -1: No useful work done, data waiting to go out. - * 0: No data was waiting, so nothing was done. - * 1: All waiting data was written out. - * n: All data - n was written out. - */ - - -int -ttyflush(int drop) -{ - int n, n0, n1; - - n0 = ring_full_count(&ttyoring); - if ((n1 = n = ring_full_consecutive(&ttyoring)) > 0) { - if (drop) { - TerminalFlushOutput(); - /* we leave 'n' alone! */ - } else { - n = TerminalWrite((char *)ttyoring.consume, n); - } - } - if (n > 0) { - if (termdata && n) { - Dump('>', ttyoring.consume, n); - } - /* - * If we wrote everything, and the full count is - * larger than what we wrote, then write the - * rest of the buffer. - */ - if (n1 == n && n0 > n) { - n1 = n0 - n; - if (!drop) - n1 = TerminalWrite((char *)ttyoring.bottom, n1); - if (n1 > 0) - n += n1; - } - ring_consumed(&ttyoring, n); - } - if (n < 0) - return -1; - if (n == n0) { - if (n0) - return -1; - return 0; - } - return n0 - n + 1; -} - - -/* - * These routines decides on what the mode should be (based on the values - * of various global variables). - */ - - -int -getconnmode(void) -{ - int mode = 0; - - if (my_want_state_is_dont(TELOPT_ECHO)) - mode |= MODE_ECHO; - - if (localflow) - mode |= MODE_FLOW; - - if ((eight & 1) || my_want_state_is_will(TELOPT_BINARY)) - mode |= MODE_INBIN; - - if (eight & 2) - mode |= MODE_OUT8; - if (his_want_state_is_will(TELOPT_BINARY)) - mode |= MODE_OUTBIN; - -#ifdef KLUDGELINEMODE - if (kludgelinemode) { - if (my_want_state_is_dont(TELOPT_SGA)) { - mode |= (MODE_TRAPSIG|MODE_EDIT); - if (dontlecho && (clocks.echotoggle > clocks.modenegotiated)) { - mode &= ~MODE_ECHO; - } - } - return(mode); - } -#endif - if (my_want_state_is_will(TELOPT_LINEMODE)) - mode |= linemode; - return(mode); -} - - void -setconnmode(force) - int force; -{ -#ifdef ENCRYPTION - static int enc_passwd = 0; -#endif - int newmode; - - newmode = getconnmode()|(force?MODE_FORCE:0); - - TerminalNewMode(newmode); - -#ifdef ENCRYPTION - if ((newmode & (MODE_ECHO|MODE_EDIT)) == MODE_EDIT) { - if (my_want_state_is_will(TELOPT_ENCRYPT) - && (enc_passwd == 0) && !encrypt_output) { - encrypt_request_start(0, 0); - enc_passwd = 1; - } - } else { - if (enc_passwd) { - encrypt_request_end(); - enc_passwd = 0; - } - } -#endif - -} - - - void -setcommandmode() -{ - TerminalNewMode(-1); -} diff --git a/crypto/heimdal/appl/telnet/telnet/types.h b/crypto/heimdal/appl/telnet/telnet/types.h deleted file mode 100644 index 191d311fd154..000000000000 --- a/crypto/heimdal/appl/telnet/telnet/types.h +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)types.h 8.1 (Berkeley) 6/6/93 - */ - -typedef struct { - char *modedescriptions; - char modetype; -} Modelist; - -extern Modelist modelist[]; - -typedef struct { - int - system, /* what the current time is */ - echotoggle, /* last time user entered echo character */ - modenegotiated, /* last time operating mode negotiated */ - didnetreceive, /* last time we read data from network */ - gotDM; /* when did we last see a data mark */ -} Clocks; - -extern Clocks clocks; diff --git a/crypto/heimdal/appl/telnet/telnet/utilities.c b/crypto/heimdal/appl/telnet/telnet/utilities.c deleted file mode 100644 index d62d572a5fe4..000000000000 --- a/crypto/heimdal/appl/telnet/telnet/utilities.c +++ /dev/null @@ -1,864 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#define TELOPTS -#define TELCMDS -#define SLC_NAMES - -#include "telnet_locl.h" - -RCSID("$Id: utilities.c 10587 2001-08-29 00:45:23Z assar $"); - -FILE *NetTrace = 0; /* Not in bss, since needs to stay */ -int prettydump; - -/* - * SetSockOpt() - * - * Compensate for differences in 4.2 and 4.3 systems. - */ - -int -SetSockOpt(int fd, int level, int option, int yesno) -{ -#ifdef HAVE_SETSOCKOPT -#ifndef NOT43 - return setsockopt(fd, level, option, - (void *)&yesno, sizeof yesno); -#else /* NOT43 */ - if (yesno == 0) { /* Can't do that in 4.2! */ - fprintf(stderr, "Error: attempt to turn off an option 0x%x.\n", - option); - return -1; - } - return setsockopt(fd, level, option, 0, 0); -#endif /* NOT43 */ -#else - return -1; -#endif -} - -/* - * The following are routines used to print out debugging information. - */ - -char NetTraceFile[256] = "(standard output)"; - -void -SetNetTrace(char *file) -{ - if (NetTrace && NetTrace != stdout) - fclose(NetTrace); - if (file && (strcmp(file, "-") != 0)) { - NetTrace = fopen(file, "w"); - if (NetTrace) { - strlcpy(NetTraceFile, file, sizeof(NetTraceFile)); - return; - } - fprintf(stderr, "Cannot open %s.\n", file); - } - NetTrace = stdout; - strlcpy(NetTraceFile, "(standard output)", sizeof(NetTraceFile)); -} - -void -Dump(char direction, unsigned char *buffer, int length) -{ -# define BYTES_PER_LINE 32 - unsigned char *pThis; - int offset; - - offset = 0; - - while (length) { - /* print one line */ - fprintf(NetTrace, "%c 0x%x\t", direction, offset); - pThis = buffer; - if (prettydump) { - buffer = buffer + min(length, BYTES_PER_LINE/2); - while (pThis < buffer) { - fprintf(NetTrace, "%c%.2x", - (((*pThis)&0xff) == 0xff) ? '*' : ' ', - (*pThis)&0xff); - pThis++; - } - length -= BYTES_PER_LINE/2; - offset += BYTES_PER_LINE/2; - } else { - buffer = buffer + min(length, BYTES_PER_LINE); - while (pThis < buffer) { - fprintf(NetTrace, "%.2x", (*pThis)&0xff); - pThis++; - } - length -= BYTES_PER_LINE; - offset += BYTES_PER_LINE; - } - if (NetTrace == stdout) { - fprintf(NetTrace, "\r\n"); - } else { - fprintf(NetTrace, "\n"); - } - if (length < 0) { - fflush(NetTrace); - return; - } - /* find next unique line */ - } - fflush(NetTrace); -} - - -void -printoption(char *direction, int cmd, int option) -{ - if (!showoptions) - return; - if (cmd == IAC) { - if (TELCMD_OK(option)) - fprintf(NetTrace, "%s IAC %s", direction, TELCMD(option)); - else - fprintf(NetTrace, "%s IAC %d", direction, option); - } else { - char *fmt; - fmt = (cmd == WILL) ? "WILL" : (cmd == WONT) ? "WONT" : - (cmd == DO) ? "DO" : (cmd == DONT) ? "DONT" : 0; - if (fmt) { - fprintf(NetTrace, "%s %s ", direction, fmt); - if (TELOPT_OK(option)) - fprintf(NetTrace, "%s", TELOPT(option)); - else if (option == TELOPT_EXOPL) - fprintf(NetTrace, "EXOPL"); - else - fprintf(NetTrace, "%d", option); - } else - fprintf(NetTrace, "%s %d %d", direction, cmd, option); - } - if (NetTrace == stdout) { - fprintf(NetTrace, "\r\n"); - fflush(NetTrace); - } else { - fprintf(NetTrace, "\n"); - } - return; -} - -void -optionstatus(void) -{ - int i; - - for (i = 0; i < 256; i++) { - if (do_dont_resp[i]) { - if (TELOPT_OK(i)) - printf("resp DO_DONT %s: %d\n", TELOPT(i), do_dont_resp[i]); - else if (TELCMD_OK(i)) - printf("resp DO_DONT %s: %d\n", TELCMD(i), do_dont_resp[i]); - else - printf("resp DO_DONT %d: %d\n", i, - do_dont_resp[i]); - if (my_want_state_is_do(i)) { - if (TELOPT_OK(i)) - printf("want DO %s\n", TELOPT(i)); - else if (TELCMD_OK(i)) - printf("want DO %s\n", TELCMD(i)); - else - printf("want DO %d\n", i); - } else { - if (TELOPT_OK(i)) - printf("want DONT %s\n", TELOPT(i)); - else if (TELCMD_OK(i)) - printf("want DONT %s\n", TELCMD(i)); - else - printf("want DONT %d\n", i); - } - } else { - if (my_state_is_do(i)) { - if (TELOPT_OK(i)) - printf(" DO %s\n", TELOPT(i)); - else if (TELCMD_OK(i)) - printf(" DO %s\n", TELCMD(i)); - else - printf(" DO %d\n", i); - } - } - if (will_wont_resp[i]) { - if (TELOPT_OK(i)) - printf("resp WILL_WONT %s: %d\n", TELOPT(i), will_wont_resp[i]); - else if (TELCMD_OK(i)) - printf("resp WILL_WONT %s: %d\n", TELCMD(i), will_wont_resp[i]); - else - printf("resp WILL_WONT %d: %d\n", - i, will_wont_resp[i]); - if (my_want_state_is_will(i)) { - if (TELOPT_OK(i)) - printf("want WILL %s\n", TELOPT(i)); - else if (TELCMD_OK(i)) - printf("want WILL %s\n", TELCMD(i)); - else - printf("want WILL %d\n", i); - } else { - if (TELOPT_OK(i)) - printf("want WONT %s\n", TELOPT(i)); - else if (TELCMD_OK(i)) - printf("want WONT %s\n", TELCMD(i)); - else - printf("want WONT %d\n", i); - } - } else { - if (my_state_is_will(i)) { - if (TELOPT_OK(i)) - printf(" WILL %s\n", TELOPT(i)); - else if (TELCMD_OK(i)) - printf(" WILL %s\n", TELCMD(i)); - else - printf(" WILL %d\n", i); - } - } - } - -} - -void -printsub(int direction, unsigned char *pointer, int length) -{ - int i; - unsigned char buf[512]; - - if (showoptions || direction == 0 || - (want_status_response && (pointer[0] == TELOPT_STATUS))) { - if (direction) { - fprintf(NetTrace, "%s IAC SB ", - (direction == '<')? "RCVD":"SENT"); - if (length >= 3) { - int j; - - i = pointer[length-2]; - j = pointer[length-1]; - - if (i != IAC || j != SE) { - fprintf(NetTrace, "(terminated by "); - if (TELOPT_OK(i)) - fprintf(NetTrace, "%s ", TELOPT(i)); - else if (TELCMD_OK(i)) - fprintf(NetTrace, "%s ", TELCMD(i)); - else - fprintf(NetTrace, "%d ", i); - if (TELOPT_OK(j)) - fprintf(NetTrace, "%s", TELOPT(j)); - else if (TELCMD_OK(j)) - fprintf(NetTrace, "%s", TELCMD(j)); - else - fprintf(NetTrace, "%d", j); - fprintf(NetTrace, ", not IAC SE!) "); - } - } - length -= 2; - } - if (length < 1) { - fprintf(NetTrace, "(Empty suboption??\?)"); - if (NetTrace == stdout) - fflush(NetTrace); - return; - } - switch (pointer[0]) { - case TELOPT_TTYPE: - fprintf(NetTrace, "TERMINAL-TYPE "); - switch (pointer[1]) { - case TELQUAL_IS: - fprintf(NetTrace, "IS \"%.*s\"", length-2, (char *)pointer+2); - break; - case TELQUAL_SEND: - fprintf(NetTrace, "SEND"); - break; - default: - fprintf(NetTrace, - "- unknown qualifier %d (0x%x).", - pointer[1], pointer[1]); - } - break; - case TELOPT_TSPEED: - fprintf(NetTrace, "TERMINAL-SPEED"); - if (length < 2) { - fprintf(NetTrace, " (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case TELQUAL_IS: - fprintf(NetTrace, " IS "); - fprintf(NetTrace, "%.*s", length-2, (char *)pointer+2); - break; - default: - if (pointer[1] == 1) - fprintf(NetTrace, " SEND"); - else - fprintf(NetTrace, " %d (unknown)", pointer[1]); - for (i = 2; i < length; i++) - fprintf(NetTrace, " ?%d?", pointer[i]); - break; - } - break; - - case TELOPT_LFLOW: - fprintf(NetTrace, "TOGGLE-FLOW-CONTROL"); - if (length < 2) { - fprintf(NetTrace, " (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case LFLOW_OFF: - fprintf(NetTrace, " OFF"); break; - case LFLOW_ON: - fprintf(NetTrace, " ON"); break; - case LFLOW_RESTART_ANY: - fprintf(NetTrace, " RESTART-ANY"); break; - case LFLOW_RESTART_XON: - fprintf(NetTrace, " RESTART-XON"); break; - default: - fprintf(NetTrace, " %d (unknown)", pointer[1]); - } - for (i = 2; i < length; i++) - fprintf(NetTrace, " ?%d?", pointer[i]); - break; - - case TELOPT_NAWS: - fprintf(NetTrace, "NAWS"); - if (length < 2) { - fprintf(NetTrace, " (empty suboption??\?)"); - break; - } - if (length == 2) { - fprintf(NetTrace, " ?%d?", pointer[1]); - break; - } - fprintf(NetTrace, " %d %d (%d)", - pointer[1], pointer[2], - (int)((((unsigned int)pointer[1])<<8)|((unsigned int)pointer[2]))); - if (length == 4) { - fprintf(NetTrace, " ?%d?", pointer[3]); - break; - } - fprintf(NetTrace, " %d %d (%d)", - pointer[3], pointer[4], - (int)((((unsigned int)pointer[3])<<8)|((unsigned int)pointer[4]))); - for (i = 5; i < length; i++) - fprintf(NetTrace, " ?%d?", pointer[i]); - break; - -#if defined(AUTHENTICATION) - case TELOPT_AUTHENTICATION: - fprintf(NetTrace, "AUTHENTICATION"); - if (length < 2) { - fprintf(NetTrace, " (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case TELQUAL_REPLY: - case TELQUAL_IS: - fprintf(NetTrace, " %s ", (pointer[1] == TELQUAL_IS) ? - "IS" : "REPLY"); - if (AUTHTYPE_NAME_OK(pointer[2])) - fprintf(NetTrace, "%s ", AUTHTYPE_NAME(pointer[2])); - else - fprintf(NetTrace, "%d ", pointer[2]); - if (length < 3) { - fprintf(NetTrace, "(partial suboption??\?)"); - break; - } - fprintf(NetTrace, "%s|%s", - ((pointer[3] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ? - "CLIENT" : "SERVER", - ((pointer[3] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ? - "MUTUAL" : "ONE-WAY"); - - auth_printsub(&pointer[1], length - 1, buf, sizeof(buf)); - fprintf(NetTrace, "%s", buf); - break; - - case TELQUAL_SEND: - i = 2; - fprintf(NetTrace, " SEND "); - while (i < length) { - if (AUTHTYPE_NAME_OK(pointer[i])) - fprintf(NetTrace, "%s ", AUTHTYPE_NAME(pointer[i])); - else - fprintf(NetTrace, "%d ", pointer[i]); - if (++i >= length) { - fprintf(NetTrace, "(partial suboption??\?)"); - break; - } - fprintf(NetTrace, "%s|%s ", - ((pointer[i] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ? - "CLIENT" : "SERVER", - ((pointer[i] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ? - "MUTUAL" : "ONE-WAY"); - ++i; - } - break; - - case TELQUAL_NAME: - i = 2; - fprintf(NetTrace, " NAME \""); - while (i < length) - putc(pointer[i++], NetTrace); - putc('"', NetTrace); - break; - - default: - for (i = 2; i < length; i++) - fprintf(NetTrace, " ?%d?", pointer[i]); - break; - } - break; -#endif - -#if defined(ENCRYPTION) - case TELOPT_ENCRYPT: - fprintf(NetTrace, "ENCRYPT"); - if (length < 2) { - fprintf(NetTrace, " (empty suboption?)"); - break; - } - switch (pointer[1]) { - case ENCRYPT_START: - fprintf(NetTrace, " START"); - break; - - case ENCRYPT_END: - fprintf(NetTrace, " END"); - break; - - case ENCRYPT_REQSTART: - fprintf(NetTrace, " REQUEST-START"); - break; - - case ENCRYPT_REQEND: - fprintf(NetTrace, " REQUEST-END"); - break; - - case ENCRYPT_IS: - case ENCRYPT_REPLY: - fprintf(NetTrace, " %s ", (pointer[1] == ENCRYPT_IS) ? - "IS" : "REPLY"); - if (length < 3) { - fprintf(NetTrace, " (partial suboption?)"); - break; - } - if (ENCTYPE_NAME_OK(pointer[2])) - fprintf(NetTrace, "%s ", ENCTYPE_NAME(pointer[2])); - else - fprintf(NetTrace, " %d (unknown)", pointer[2]); - - encrypt_printsub(&pointer[1], length - 1, buf, sizeof(buf)); - fprintf(NetTrace, "%s", buf); - break; - - case ENCRYPT_SUPPORT: - i = 2; - fprintf(NetTrace, " SUPPORT "); - while (i < length) { - if (ENCTYPE_NAME_OK(pointer[i])) - fprintf(NetTrace, "%s ", ENCTYPE_NAME(pointer[i])); - else - fprintf(NetTrace, "%d ", pointer[i]); - i++; - } - break; - - case ENCRYPT_ENC_KEYID: - fprintf(NetTrace, " ENC_KEYID "); - goto encommon; - - case ENCRYPT_DEC_KEYID: - fprintf(NetTrace, " DEC_KEYID "); - goto encommon; - - default: - fprintf(NetTrace, " %d (unknown)", pointer[1]); - encommon: - for (i = 2; i < length; i++) - fprintf(NetTrace, " %d", pointer[i]); - break; - } - break; -#endif - - case TELOPT_LINEMODE: - fprintf(NetTrace, "LINEMODE "); - if (length < 2) { - fprintf(NetTrace, " (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case WILL: - fprintf(NetTrace, "WILL "); - goto common; - case WONT: - fprintf(NetTrace, "WONT "); - goto common; - case DO: - fprintf(NetTrace, "DO "); - goto common; - case DONT: - fprintf(NetTrace, "DONT "); - common: - if (length < 3) { - fprintf(NetTrace, "(no option??\?)"); - break; - } - switch (pointer[2]) { - case LM_FORWARDMASK: - fprintf(NetTrace, "Forward Mask"); - for (i = 3; i < length; i++) - fprintf(NetTrace, " %x", pointer[i]); - break; - default: - fprintf(NetTrace, "%d (unknown)", pointer[2]); - for (i = 3; i < length; i++) - fprintf(NetTrace, " %d", pointer[i]); - break; - } - break; - - case LM_SLC: - fprintf(NetTrace, "SLC"); - for (i = 2; i < length - 2; i += 3) { - if (SLC_NAME_OK(pointer[i+SLC_FUNC])) - fprintf(NetTrace, " %s", SLC_NAME(pointer[i+SLC_FUNC])); - else - fprintf(NetTrace, " %d", pointer[i+SLC_FUNC]); - switch (pointer[i+SLC_FLAGS]&SLC_LEVELBITS) { - case SLC_NOSUPPORT: - fprintf(NetTrace, " NOSUPPORT"); break; - case SLC_CANTCHANGE: - fprintf(NetTrace, " CANTCHANGE"); break; - case SLC_VARIABLE: - fprintf(NetTrace, " VARIABLE"); break; - case SLC_DEFAULT: - fprintf(NetTrace, " DEFAULT"); break; - } - fprintf(NetTrace, "%s%s%s", - pointer[i+SLC_FLAGS]&SLC_ACK ? "|ACK" : "", - pointer[i+SLC_FLAGS]&SLC_FLUSHIN ? "|FLUSHIN" : "", - pointer[i+SLC_FLAGS]&SLC_FLUSHOUT ? "|FLUSHOUT" : ""); - if (pointer[i+SLC_FLAGS]& ~(SLC_ACK|SLC_FLUSHIN| - SLC_FLUSHOUT| SLC_LEVELBITS)) - fprintf(NetTrace, "(0x%x)", pointer[i+SLC_FLAGS]); - fprintf(NetTrace, " %d;", pointer[i+SLC_VALUE]); - if ((pointer[i+SLC_VALUE] == IAC) && - (pointer[i+SLC_VALUE+1] == IAC)) - i++; - } - for (; i < length; i++) - fprintf(NetTrace, " ?%d?", pointer[i]); - break; - - case LM_MODE: - fprintf(NetTrace, "MODE "); - if (length < 3) { - fprintf(NetTrace, "(no mode??\?)"); - break; - } - { - char tbuf[64]; - snprintf(tbuf, sizeof(tbuf), - "%s%s%s%s%s", - pointer[2]&MODE_EDIT ? "|EDIT" : "", - pointer[2]&MODE_TRAPSIG ? "|TRAPSIG" : "", - pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "", - pointer[2]&MODE_LIT_ECHO ? "|LIT_ECHO" : "", - pointer[2]&MODE_ACK ? "|ACK" : ""); - fprintf(NetTrace, "%s", tbuf[1] ? &tbuf[1] : "0"); - } - if (pointer[2]&~(MODE_MASK)) - fprintf(NetTrace, " (0x%x)", pointer[2]); - for (i = 3; i < length; i++) - fprintf(NetTrace, " ?0x%x?", pointer[i]); - break; - default: - fprintf(NetTrace, "%d (unknown)", pointer[1]); - for (i = 2; i < length; i++) - fprintf(NetTrace, " %d", pointer[i]); - } - break; - - case TELOPT_STATUS: { - char *cp; - int j, k; - - fprintf(NetTrace, "STATUS"); - - switch (pointer[1]) { - default: - if (pointer[1] == TELQUAL_SEND) - fprintf(NetTrace, " SEND"); - else - fprintf(NetTrace, " %d (unknown)", pointer[1]); - for (i = 2; i < length; i++) - fprintf(NetTrace, " ?%d?", pointer[i]); - break; - case TELQUAL_IS: - if (--want_status_response < 0) - want_status_response = 0; - if (NetTrace == stdout) - fprintf(NetTrace, " IS\r\n"); - else - fprintf(NetTrace, " IS\n"); - - for (i = 2; i < length; i++) { - switch(pointer[i]) { - case DO: cp = "DO"; goto common2; - case DONT: cp = "DONT"; goto common2; - case WILL: cp = "WILL"; goto common2; - case WONT: cp = "WONT"; goto common2; - common2: - i++; - if (TELOPT_OK((int)pointer[i])) - fprintf(NetTrace, " %s %s", cp, TELOPT(pointer[i])); - else - fprintf(NetTrace, " %s %d", cp, pointer[i]); - - if (NetTrace == stdout) - fprintf(NetTrace, "\r\n"); - else - fprintf(NetTrace, "\n"); - break; - - case SB: - fprintf(NetTrace, " SB "); - i++; - j = k = i; - while (j < length) { - if (pointer[j] == SE) { - if (j+1 == length) - break; - if (pointer[j+1] == SE) - j++; - else - break; - } - pointer[k++] = pointer[j++]; - } - printsub(0, &pointer[i], k - i); - if (i < length) { - fprintf(NetTrace, " SE"); - i = j; - } else - i = j - 1; - - if (NetTrace == stdout) - fprintf(NetTrace, "\r\n"); - else - fprintf(NetTrace, "\n"); - - break; - - default: - fprintf(NetTrace, " %d", pointer[i]); - break; - } - } - break; - } - break; - } - - case TELOPT_XDISPLOC: - fprintf(NetTrace, "X-DISPLAY-LOCATION "); - switch (pointer[1]) { - case TELQUAL_IS: - fprintf(NetTrace, "IS \"%.*s\"", length-2, (char *)pointer+2); - break; - case TELQUAL_SEND: - fprintf(NetTrace, "SEND"); - break; - default: - fprintf(NetTrace, "- unknown qualifier %d (0x%x).", - pointer[1], pointer[1]); - } - break; - - case TELOPT_NEW_ENVIRON: - fprintf(NetTrace, "NEW-ENVIRON "); -#ifdef OLD_ENVIRON - goto env_common1; - case TELOPT_OLD_ENVIRON: - fprintf(NetTrace, "OLD-ENVIRON"); - env_common1: -#endif - switch (pointer[1]) { - case TELQUAL_IS: - fprintf(NetTrace, "IS "); - goto env_common; - case TELQUAL_SEND: - fprintf(NetTrace, "SEND "); - goto env_common; - case TELQUAL_INFO: - fprintf(NetTrace, "INFO "); - env_common: - { - int noquote = 2; - for (i = 2; i < length; i++ ) { - switch (pointer[i]) { - case NEW_ENV_VALUE: -#ifdef OLD_ENVIRON - /* case NEW_ENV_OVAR: */ - if (pointer[0] == TELOPT_OLD_ENVIRON) { - fprintf(NetTrace, "\" VAR " + noquote); - } else -#endif /* OLD_ENVIRON */ - fprintf(NetTrace, "\" VALUE " + noquote); - noquote = 2; - break; - - case NEW_ENV_VAR: -#ifdef OLD_ENVIRON - /* case OLD_ENV_VALUE: */ - if (pointer[0] == TELOPT_OLD_ENVIRON) { - fprintf(NetTrace, "\" VALUE " + noquote); - } else -#endif /* OLD_ENVIRON */ - fprintf(NetTrace, "\" VAR " + noquote); - noquote = 2; - break; - - case ENV_ESC: - fprintf(NetTrace, "\" ESC " + noquote); - noquote = 2; - break; - - case ENV_USERVAR: - fprintf(NetTrace, "\" USERVAR " + noquote); - noquote = 2; - break; - - default: - if (isprint(pointer[i]) && pointer[i] != '"') { - if (noquote) { - putc('"', NetTrace); - noquote = 0; - } - putc(pointer[i], NetTrace); - } else { - fprintf(NetTrace, "\" %03o " + noquote, - pointer[i]); - noquote = 2; - } - break; - } - } - if (!noquote) - putc('"', NetTrace); - break; - } - } - break; - - default: - if (TELOPT_OK(pointer[0])) - fprintf(NetTrace, "%s (unknown)", TELOPT(pointer[0])); - else - fprintf(NetTrace, "%d (unknown)", pointer[0]); - for (i = 1; i < length; i++) - fprintf(NetTrace, " %d", pointer[i]); - break; - } - if (direction) { - if (NetTrace == stdout) - fprintf(NetTrace, "\r\n"); - else - fprintf(NetTrace, "\n"); - } - if (NetTrace == stdout) - fflush(NetTrace); - } -} - -/* EmptyTerminal - called to make sure that the terminal buffer is empty. - * Note that we consider the buffer to run all the - * way to the kernel (thus the select). - */ - -void -EmptyTerminal(void) -{ - fd_set outs; - - FD_ZERO(&outs); - - if (tout >= FD_SETSIZE) - ExitString("fd too large", 1); - - if (TTYBYTES() == 0) { - FD_SET(tout, &outs); - select(tout+1, 0, &outs, 0, - (struct timeval *) 0); /* wait for TTLOWAT */ - } else { - while (TTYBYTES()) { - ttyflush(0); - FD_SET(tout, &outs); - select(tout+1, 0, &outs, 0, - (struct timeval *) 0); /* wait for TTLOWAT */ - } - } -} - -void -SetForExit(void) -{ - setconnmode(0); - do { - telrcv(); /* Process any incoming data */ - EmptyTerminal(); - } while (ring_full_count(&netiring)); /* While there is any */ - setcommandmode(); - fflush(stdout); - fflush(stderr); - setconnmode(0); - EmptyTerminal(); /* Flush the path to the tty */ - setcommandmode(); -} - -void -Exit(int returnCode) -{ - SetForExit(); - exit(returnCode); -} - -void -ExitString(char *string, int returnCode) -{ - SetForExit(); - fwrite(string, 1, strlen(string), stderr); - exit(returnCode); -} diff --git a/crypto/heimdal/appl/telnet/telnetd/Makefile.am b/crypto/heimdal/appl/telnet/telnetd/Makefile.am deleted file mode 100644 index df2b864dc17e..000000000000 --- a/crypto/heimdal/appl/telnet/telnetd/Makefile.am +++ /dev/null @@ -1,28 +0,0 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += -I$(srcdir)/.. $(INCLUDE_krb4) $(INCLUDE_hcrypto) - -libexec_PROGRAMS = telnetd - -CHECK_LOCAL = - -telnetd_SOURCES = telnetd.c state.c termstat.c slc.c sys_term.c \ - utility.c global.c authenc.c defs.h ext.h telnetd.h - -man_MANS = telnetd.8 - -LDADD = \ - ../libtelnet/libtelnet.a \ - $(LIB_krb5) \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(LIB_tgetent) \ - $(LIB_logwtmp) \ - $(LIB_logout) \ - $(LIB_openpty) \ - $(LIB_kdfs) \ - $(LIB_roken) - -EXTRA_DIST = $(man_MANS) diff --git a/crypto/heimdal/appl/telnet/telnetd/Makefile.in b/crypto/heimdal/appl/telnet/telnetd/Makefile.in deleted file mode 100644 index ba4cd3594b4f..000000000000 --- a/crypto/heimdal/appl/telnet/telnetd/Makefile.in +++ /dev/null @@ -1,850 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -libexec_PROGRAMS = telnetd$(EXEEXT) -subdir = appl/telnet/telnetd -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(man8dir)" -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(libexec_PROGRAMS) -am_telnetd_OBJECTS = telnetd.$(OBJEXT) state.$(OBJEXT) \ - termstat.$(OBJEXT) slc.$(OBJEXT) sys_term.$(OBJEXT) \ - utility.$(OBJEXT) global.$(OBJEXT) authenc.$(OBJEXT) -telnetd_OBJECTS = $(am_telnetd_OBJECTS) -telnetd_LDADD = $(LDADD) -am__DEPENDENCIES_1 = -telnetd_DEPENDENCIES = ../libtelnet/libtelnet.a $(LIB_krb5) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) $(LIB_kdfs) \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(telnetd_SOURCES) -DIST_SOURCES = $(telnetd_SOURCES) -man8dir = $(mandir)/man8 -MANS = $(man_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - -I$(srcdir)/.. $(INCLUDE_krb4) $(INCLUDE_hcrypto) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -CHECK_LOCAL = -telnetd_SOURCES = telnetd.c state.c termstat.c slc.c sys_term.c \ - utility.c global.c authenc.c defs.h ext.h telnetd.h - -man_MANS = telnetd.8 -LDADD = \ - ../libtelnet/libtelnet.a \ - $(LIB_krb5) \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(LIB_tgetent) \ - $(LIB_logwtmp) \ - $(LIB_logout) \ - $(LIB_openpty) \ - $(LIB_kdfs) \ - $(LIB_roken) - -EXTRA_DIST = $(man_MANS) -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/telnet/telnetd/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/telnet/telnetd/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-libexecPROGRAMS: $(libexec_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-libexecPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done - -clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -telnetd$(EXEEXT): $(telnetd_OBJECTS) $(telnetd_DEPENDENCIES) - @rm -f telnetd$(EXEEXT) - $(LINK) $(telnetd_OBJECTS) $(telnetd_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man8: $(man8_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(PROGRAMS) $(MANS) all-local -installdirs: - for dir in "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libexecPROGRAMS clean-libtool \ - mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-libexecPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man8 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-libexecPROGRAMS uninstall-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man8 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-generic clean-libexecPROGRAMS clean-libtool ctags \ - dist-hook distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am \ - install-libexecPROGRAMS install-man install-man8 install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-hook \ - uninstall-libexecPROGRAMS uninstall-man uninstall-man8 - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/appl/telnet/telnetd/authenc.c b/crypto/heimdal/appl/telnet/telnetd/authenc.c deleted file mode 100644 index 1fac6c0917ae..000000000000 --- a/crypto/heimdal/appl/telnet/telnetd/authenc.c +++ /dev/null @@ -1,80 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnetd.h" - -RCSID("$Id: authenc.c 9200 2000-11-15 23:20:43Z assar $"); - -#ifdef AUTHENTICATION - -int -telnet_net_write(unsigned char *str, int len) -{ - if (nfrontp + len < netobuf + BUFSIZ) { - memmove(nfrontp, str, len); - nfrontp += len; - return(len); - } - return(0); -} - -void -net_encrypt(void) -{ -#ifdef ENCRYPTION - char *s = (nclearto > nbackp) ? nclearto : nbackp; - if (s < nfrontp && encrypt_output) { - (*encrypt_output)((unsigned char *)s, nfrontp - s); - } - nclearto = nfrontp; -#endif -} - -int -telnet_spin(void) -{ - return ttloop(); -} - -char * -telnet_getenv(const char *val) -{ - return(getenv(val)); -} - -char * -telnet_gets(char *prompt, char *result, int length, int echo) -{ - return NULL; -} -#endif diff --git a/crypto/heimdal/appl/telnet/telnetd/defs.h b/crypto/heimdal/appl/telnet/telnetd/defs.h deleted file mode 100644 index add8fd21518a..000000000000 --- a/crypto/heimdal/appl/telnet/telnetd/defs.h +++ /dev/null @@ -1,190 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)defs.h 8.1 (Berkeley) 6/4/93 - */ - -/* - * Telnet server defines - */ - -#ifndef __DEFS_H__ -#define __DEFS_H__ - -#ifndef BSD -# define BSD 43 -#endif - -#if defined(PRINTOPTIONS) && defined(DIAGNOSTICS) -#define TELOPTS -#define TELCMDS -#define SLC_NAMES -#endif - -#if !defined(TIOCSCTTY) && defined(TCSETCTTY) -# define TIOCSCTTY TCSETCTTY -#endif - -#ifndef TIOCPKT_FLUSHWRITE -#define TIOCPKT_FLUSHWRITE 0x02 -#endif - -#ifndef TIOCPKT_NOSTOP -#define TIOCPKT_NOSTOP 0x10 -#endif - -#ifndef TIOCPKT_DOSTOP -#define TIOCPKT_DOSTOP 0x20 -#endif - -/* - * I/O data buffers defines - */ -#define NETSLOP 64 -#ifdef _CRAY -#undef BUFSIZ -#define BUFSIZ 2048 -#endif - -#define NIACCUM(c) { *netip++ = c; \ - ncc++; \ - } - -/* clock manipulations */ -#define settimer(x) (clocks.x = ++clocks.system) -#define sequenceIs(x,y) (clocks.x < clocks.y) - -/* - * Structures of information for each special character function. - */ -typedef struct { - unsigned char flag; /* the flags for this function */ - cc_t val; /* the value of the special character */ -} slcent, *Slcent; - -typedef struct { - slcent defset; /* the default settings */ - slcent current; /* the current settings */ - cc_t *sptr; /* a pointer to the char in */ - /* system data structures */ -} slcfun, *Slcfun; - -#ifdef DIAGNOSTICS -/* - * Diagnostics capabilities - */ -#define TD_REPORT 0x01 /* Report operations to client */ -#define TD_EXERCISE 0x02 /* Exercise client's implementation */ -#define TD_NETDATA 0x04 /* Display received data stream */ -#define TD_PTYDATA 0x08 /* Display data passed to pty */ -#define TD_OPTIONS 0x10 /* Report just telnet options */ -#endif /* DIAGNOSTICS */ - -/* - * We keep track of each side of the option negotiation. - */ - -#define MY_STATE_WILL 0x01 -#define MY_WANT_STATE_WILL 0x02 -#define MY_STATE_DO 0x04 -#define MY_WANT_STATE_DO 0x08 - -/* - * Macros to check the current state of things - */ - -#define my_state_is_do(opt) (options[opt]&MY_STATE_DO) -#define my_state_is_will(opt) (options[opt]&MY_STATE_WILL) -#define my_want_state_is_do(opt) (options[opt]&MY_WANT_STATE_DO) -#define my_want_state_is_will(opt) (options[opt]&MY_WANT_STATE_WILL) - -#define my_state_is_dont(opt) (!my_state_is_do(opt)) -#define my_state_is_wont(opt) (!my_state_is_will(opt)) -#define my_want_state_is_dont(opt) (!my_want_state_is_do(opt)) -#define my_want_state_is_wont(opt) (!my_want_state_is_will(opt)) - -#define set_my_state_do(opt) (options[opt] |= MY_STATE_DO) -#define set_my_state_will(opt) (options[opt] |= MY_STATE_WILL) -#define set_my_want_state_do(opt) (options[opt] |= MY_WANT_STATE_DO) -#define set_my_want_state_will(opt) (options[opt] |= MY_WANT_STATE_WILL) - -#define set_my_state_dont(opt) (options[opt] &= ~MY_STATE_DO) -#define set_my_state_wont(opt) (options[opt] &= ~MY_STATE_WILL) -#define set_my_want_state_dont(opt) (options[opt] &= ~MY_WANT_STATE_DO) -#define set_my_want_state_wont(opt) (options[opt] &= ~MY_WANT_STATE_WILL) - -/* - * Tricky code here. What we want to know is if the MY_STATE_WILL - * and MY_WANT_STATE_WILL bits have the same value. Since the two - * bits are adjacent, a little arithmatic will show that by adding - * in the lower bit, the upper bit will be set if the two bits were - * different, and clear if they were the same. - */ -#define my_will_wont_is_changing(opt) \ - ((options[opt]+MY_STATE_WILL) & MY_WANT_STATE_WILL) - -#define my_do_dont_is_changing(opt) \ - ((options[opt]+MY_STATE_DO) & MY_WANT_STATE_DO) - -/* - * Make everything symmetrical - */ - -#define HIS_STATE_WILL MY_STATE_DO -#define HIS_WANT_STATE_WILL MY_WANT_STATE_DO -#define HIS_STATE_DO MY_STATE_WILL -#define HIS_WANT_STATE_DO MY_WANT_STATE_WILL - -#define his_state_is_do my_state_is_will -#define his_state_is_will my_state_is_do -#define his_want_state_is_do my_want_state_is_will -#define his_want_state_is_will my_want_state_is_do - -#define his_state_is_dont my_state_is_wont -#define his_state_is_wont my_state_is_dont -#define his_want_state_is_dont my_want_state_is_wont -#define his_want_state_is_wont my_want_state_is_dont - -#define set_his_state_do set_my_state_will -#define set_his_state_will set_my_state_do -#define set_his_want_state_do set_my_want_state_will -#define set_his_want_state_will set_my_want_state_do - -#define set_his_state_dont set_my_state_wont -#define set_his_state_wont set_my_state_dont -#define set_his_want_state_dont set_my_want_state_wont -#define set_his_want_state_wont set_my_want_state_dont - -#define his_will_wont_is_changing my_do_dont_is_changing -#define his_do_dont_is_changing my_will_wont_is_changing - -#endif /* __DEFS_H__ */ diff --git a/crypto/heimdal/appl/telnet/telnetd/ext.h b/crypto/heimdal/appl/telnet/telnetd/ext.h deleted file mode 100644 index 68b97bfea3e9..000000000000 --- a/crypto/heimdal/appl/telnet/telnetd/ext.h +++ /dev/null @@ -1,208 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)ext.h 8.2 (Berkeley) 12/15/93 - */ - -/* $Id: ext.h 15841 2005-08-08 13:34:26Z lha $ */ - -#ifndef __EXT_H__ -#define __EXT_H__ - -/* - * Telnet server variable declarations - */ -extern char options[256]; -extern char do_dont_resp[256]; -extern char will_wont_resp[256]; -extern int flowmode; /* current flow control state */ -extern int restartany; /* restart output on any character state */ -#ifdef DIAGNOSTICS -extern int diagnostic; /* telnet diagnostic capabilities */ -#endif /* DIAGNOSTICS */ -extern int require_otp; -#ifdef AUTHENTICATION -extern int auth_level; -#endif -extern const char *new_login; - -extern slcfun slctab[NSLC + 1]; /* slc mapping table */ - -extern char terminaltype[41]; - -/* - * I/O data buffers, pointers, and counters. - */ -extern char ptyobuf[BUFSIZ+NETSLOP], *pfrontp, *pbackp; - -extern char netibuf[BUFSIZ], *netip; - -extern char netobuf[BUFSIZ+NETSLOP], *nfrontp, *nbackp; -extern char *neturg; /* one past last bye of urgent data */ - -extern int pcc, ncc; - -extern int ourpty, net; -extern char *line; -extern int SYNCHing; /* we are in TELNET SYNCH mode */ - -int telnet_net_write (unsigned char *str, int len); -void net_encrypt (void); -int telnet_spin (void); -char *telnet_getenv (const char *val); -char *telnet_gets (char *prompt, char *result, int length, int echo); -void get_slc_defaults (void); -void telrcv (void); -void send_do (int option, int init); -void willoption (int option); -void send_dont (int option, int init); -void wontoption (int option); -void send_will (int option, int init); -void dooption (int option); -void send_wont (int option, int init); -void dontoption (int option); -void suboption (void); -void doclientstat (void); -void send_status (void); -void init_termbuf (void); -void set_termbuf (void); -int spcset (int func, cc_t *valp, cc_t **valpp); -void set_utid (void); -int getpty (int *ptynum); -int tty_isecho (void); -int tty_flowmode (void); -int tty_restartany (void); -void tty_setecho (int on); -int tty_israw (void); -void tty_binaryin (int on); -void tty_binaryout (int on); -int tty_isbinaryin (void); -int tty_isbinaryout (void); -int tty_issofttab (void); -void tty_setsofttab (int on); -int tty_islitecho (void); -void tty_setlitecho (int on); -int tty_iscrnl (void); -void tty_tspeed (int val); -void tty_rspeed (int val); -void getptyslave (void); -int cleanopen (char *); -void startslave (const char *host, const char *, int autologin, char *autoname); -void init_env (void); -void start_login (const char *host, int autologin, char *name); -void cleanup (int sig); -int main (int argc, char **argv); -int getterminaltype (char *name, size_t); -void _gettermname (void); -int terminaltypeok (char *s); -void my_telnet (int f, int p, const char*, const char *, int, char*); -void interrupt (void); -void sendbrk (void); -void sendsusp (void); -void recv_ayt (void); -void doeof (void); -void flowstat (void); -void clientstat (int code, int parm1, int parm2); -int ttloop (void); -int stilloob (int s); -void ptyflush (void); -char *nextitem (char *current); -void netclear (void); -void netflush (void); -void writenet (const void *, size_t); -void fatal (int f, char *msg); -void fatalperror (int f, const char *msg); -void fatalperror_errno (int f, const char *msg, int error); -void edithost (char *pat, char *host); -void putstr (char *s); -void putchr (int cc); -void putf (char *cp, char *where); -void printoption (char *fmt, int option); -void printsub (int direction, unsigned char *pointer, int length); -void printdata (char *tag, char *ptr, int cnt); -int login_tty(int t); - -#ifdef ENCRYPTION -extern void (*encrypt_output) (unsigned char *, int); -extern int (*decrypt_input) (int); -extern char *nclearto; -#endif - - -/* - * The following are some clocks used to decide how to interpret - * the relationship between various variables. - */ - -struct clocks_t{ - int - system, /* what the current time is */ - echotoggle, /* last time user entered echo character */ - modenegotiated, /* last time operating mode negotiated */ - didnetreceive, /* last time we read data from network */ - ttypesubopt, /* ttype subopt is received */ - tspeedsubopt, /* tspeed subopt is received */ - environsubopt, /* environ subopt is received */ - oenvironsubopt, /* old environ subopt is received */ - xdisplocsubopt, /* xdisploc subopt is received */ - baseline, /* time started to do timed action */ - gotDM; /* when did we last see a data mark */ -}; -extern struct clocks_t clocks; - -extern int log_unauth; -extern int no_warn; - -extern int def_tspeed, def_rspeed; -#ifdef TIOCSWINSZ -extern int def_row, def_col; -#endif - -#ifdef STREAMSPTY -extern int really_stream; -#endif - -#ifndef USE_IM -# ifdef CRAY -# define USE_IM "Cray UNICOS (%h) (%t)" -# endif -# ifdef _AIX -# define USE_IM "%s %v.%r (%h) (%t)" -# endif -# ifndef USE_IM -# define USE_IM "%s %r (%h) (%t)" -# endif -#endif - -#define DEFAULT_IM "\r\n\r\n" USE_IM "\r\n\r\n\r\n" - -#endif /* __EXT_H__ */ diff --git a/crypto/heimdal/appl/telnet/telnetd/global.c b/crypto/heimdal/appl/telnet/telnetd/global.c deleted file mode 100644 index 8b3c40580e3d..000000000000 --- a/crypto/heimdal/appl/telnet/telnetd/global.c +++ /dev/null @@ -1,107 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* a *lot* of ugly global definitions that really should be removed... - */ - -#include "telnetd.h" - -RCSID("$Id: global.c 14939 2005-04-24 20:59:35Z lha $"); - -/* - * Telnet server variable declarations - */ -char options[256]; -char do_dont_resp[256]; -char will_wont_resp[256]; -int linemode; /* linemode on/off */ -int flowmode; /* current flow control state */ -int restartany; /* restart output on any character state */ -#ifdef DIAGNOSTICS -int diagnostic; /* telnet diagnostic capabilities */ -#endif /* DIAGNOSTICS */ -int require_otp; - -slcfun slctab[NSLC + 1]; /* slc mapping table */ - -char terminaltype[41]; - -/* - * I/O data buffers, pointers, and counters. - */ -char ptyobuf[BUFSIZ+NETSLOP], *pfrontp, *pbackp; - -char netibuf[BUFSIZ], *netip; - -char netobuf[BUFSIZ+NETSLOP], *nfrontp, *nbackp; -char *neturg; /* one past last bye of urgent data */ - -int pcc, ncc; - -int ourpty, net; -int SYNCHing; /* we are in TELNET SYNCH mode */ - -/* - * The following are some clocks used to decide how to interpret - * the relationship between various variables. - */ - -struct clocks_t clocks; - - -/* whether to log unauthenticated login attempts */ -int log_unauth; - -/* do not print warning if connection is not encrypted */ -int no_warn; - -/* - * This function appends data to nfrontp and advances nfrontp. - */ - -int -output_data (const char *format, ...) -{ - va_list args; - int remaining, ret; - - va_start(args, format); - remaining = BUFSIZ - (nfrontp - netobuf); - ret = vsnprintf (nfrontp, - remaining, - format, - args); - nfrontp += min(ret, remaining-1); - va_end(args); - return ret; -} diff --git a/crypto/heimdal/appl/telnet/telnetd/slc.c b/crypto/heimdal/appl/telnet/telnetd/slc.c deleted file mode 100644 index b9ab1212c07f..000000000000 --- a/crypto/heimdal/appl/telnet/telnetd/slc.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnetd.h" - -RCSID("$Id: slc.c 1695 1997-05-11 06:30:05Z assar $"); - -/* - * get_slc_defaults - * - * Initialize the slc mapping table. - */ -void -get_slc_defaults(void) -{ - int i; - - init_termbuf(); - - for (i = 1; i <= NSLC; i++) { - slctab[i].defset.flag = - spcset(i, &slctab[i].defset.val, &slctab[i].sptr); - slctab[i].current.flag = SLC_NOSUPPORT; - slctab[i].current.val = 0; - } - -} diff --git a/crypto/heimdal/appl/telnet/telnetd/state.c b/crypto/heimdal/appl/telnet/telnetd/state.c deleted file mode 100644 index 32c3d0e02c39..000000000000 --- a/crypto/heimdal/appl/telnet/telnetd/state.c +++ /dev/null @@ -1,1360 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnetd.h" - -RCSID("$Id: state.c 18110 2006-09-19 08:25:20Z lha $"); - -unsigned char doopt[] = { IAC, DO, '%', 'c', 0 }; -unsigned char dont[] = { IAC, DONT, '%', 'c', 0 }; -unsigned char will[] = { IAC, WILL, '%', 'c', 0 }; -unsigned char wont[] = { IAC, WONT, '%', 'c', 0 }; -int not42 = 1; - -/* - * Buffer for sub-options, and macros - * for suboptions buffer manipulations - */ -unsigned char subbuffer[1024*64], *subpointer= subbuffer, *subend= subbuffer; - -#define SB_CLEAR() subpointer = subbuffer -#define SB_TERM() { subend = subpointer; SB_CLEAR(); } -#define SB_ACCUM(c) if (subpointer < (subbuffer+sizeof subbuffer)) { \ - *subpointer++ = (c); \ - } -#define SB_GET() ((*subpointer++)&0xff) -#define SB_EOF() (subpointer >= subend) -#define SB_LEN() (subend - subpointer) - -#ifdef ENV_HACK -unsigned char *subsave; -#define SB_SAVE() subsave = subpointer; -#define SB_RESTORE() subpointer = subsave; -#endif - - -/* - * State for recv fsm - */ -#define TS_DATA 0 /* base state */ -#define TS_IAC 1 /* look for double IAC's */ -#define TS_CR 2 /* CR-LF ->'s CR */ -#define TS_SB 3 /* throw away begin's... */ -#define TS_SE 4 /* ...end's (suboption negotiation) */ -#define TS_WILL 5 /* will option negotiation */ -#define TS_WONT 6 /* wont -''- */ -#define TS_DO 7 /* do -''- */ -#define TS_DONT 8 /* dont -''- */ - -void -telrcv(void) -{ - int c; - static int state = TS_DATA; - - while (ncc > 0) { - if ((&ptyobuf[BUFSIZ] - pfrontp) < 2) - break; - c = *netip++ & 0377, ncc--; -#ifdef ENCRYPTION - if (decrypt_input) - c = (*decrypt_input)(c); -#endif - switch (state) { - - case TS_CR: - state = TS_DATA; - /* Strip off \n or \0 after a \r */ - if ((c == 0) || (c == '\n')) { - break; - } - /* FALL THROUGH */ - - case TS_DATA: - if (c == IAC) { - state = TS_IAC; - break; - } - /* - * We now map \r\n ==> \r for pragmatic reasons. - * Many client implementations send \r\n when - * the user hits the CarriageReturn key. - * - * We USED to map \r\n ==> \n, since \r\n says - * that we want to be in column 1 of the next - * printable line, and \n is the standard - * unix way of saying that (\r is only good - * if CRMOD is set, which it normally is). - */ - if ((c == '\r') && his_state_is_wont(TELOPT_BINARY)) { - int nc = *netip; -#ifdef ENCRYPTION - if (decrypt_input) - nc = (*decrypt_input)(nc & 0xff); -#endif - { -#ifdef ENCRYPTION - if (decrypt_input) - (void)(*decrypt_input)(-1); -#endif - state = TS_CR; - } - } - *pfrontp++ = c; - break; - - case TS_IAC: - gotiac: switch (c) { - - /* - * Send the process on the pty side an - * interrupt. Do this with a NULL or - * interrupt char; depending on the tty mode. - */ - case IP: - DIAG(TD_OPTIONS, - printoption("td: recv IAC", c)); - interrupt(); - break; - - case BREAK: - DIAG(TD_OPTIONS, - printoption("td: recv IAC", c)); - sendbrk(); - break; - - /* - * Are You There? - */ - case AYT: - DIAG(TD_OPTIONS, - printoption("td: recv IAC", c)); - recv_ayt(); - break; - - /* - * Abort Output - */ - case AO: - { - DIAG(TD_OPTIONS, - printoption("td: recv IAC", c)); - ptyflush(); /* half-hearted */ - init_termbuf(); - - if (slctab[SLC_AO].sptr && - *slctab[SLC_AO].sptr != (cc_t)(_POSIX_VDISABLE)) { - *pfrontp++ = - (unsigned char)*slctab[SLC_AO].sptr; - } - - netclear(); /* clear buffer back */ - output_data ("%c%c", IAC, DM); - neturg = nfrontp-1; /* off by one XXX */ - DIAG(TD_OPTIONS, - printoption("td: send IAC", DM)); - break; - } - - /* - * Erase Character and - * Erase Line - */ - case EC: - case EL: - { - cc_t ch; - - DIAG(TD_OPTIONS, - printoption("td: recv IAC", c)); - ptyflush(); /* half-hearted */ - init_termbuf(); - if (c == EC) - ch = *slctab[SLC_EC].sptr; - else - ch = *slctab[SLC_EL].sptr; - if (ch != (cc_t)(_POSIX_VDISABLE)) - *pfrontp++ = (unsigned char)ch; - break; - } - - /* - * Check for urgent data... - */ - case DM: - DIAG(TD_OPTIONS, - printoption("td: recv IAC", c)); - SYNCHing = stilloob(net); - settimer(gotDM); - break; - - - /* - * Begin option subnegotiation... - */ - case SB: - state = TS_SB; - SB_CLEAR(); - continue; - - case WILL: - state = TS_WILL; - continue; - - case WONT: - state = TS_WONT; - continue; - - case DO: - state = TS_DO; - continue; - - case DONT: - state = TS_DONT; - continue; - case EOR: - if (his_state_is_will(TELOPT_EOR)) - doeof(); - break; - - /* - * Handle RFC 10xx Telnet linemode option additions - * to command stream (EOF, SUSP, ABORT). - */ - case xEOF: - doeof(); - break; - - case SUSP: - sendsusp(); - break; - - case ABORT: - sendbrk(); - break; - - case IAC: - *pfrontp++ = c; - break; - } - state = TS_DATA; - break; - - case TS_SB: - if (c == IAC) { - state = TS_SE; - } else { - SB_ACCUM(c); - } - break; - - case TS_SE: - if (c != SE) { - if (c != IAC) { - /* - * bad form of suboption negotiation. - * handle it in such a way as to avoid - * damage to local state. Parse - * suboption buffer found so far, - * then treat remaining stream as - * another command sequence. - */ - - /* for DIAGNOSTICS */ - SB_ACCUM(IAC); - SB_ACCUM(c); - subpointer -= 2; - - SB_TERM(); - suboption(); - state = TS_IAC; - goto gotiac; - } - SB_ACCUM(c); - state = TS_SB; - } else { - /* for DIAGNOSTICS */ - SB_ACCUM(IAC); - SB_ACCUM(SE); - subpointer -= 2; - - SB_TERM(); - suboption(); /* handle sub-option */ - state = TS_DATA; - } - break; - - case TS_WILL: - willoption(c); - state = TS_DATA; - continue; - - case TS_WONT: - wontoption(c); - if (c==TELOPT_ENCRYPT && his_do_dont_is_changing(TELOPT_ENCRYPT) ) - dontoption(c); - state = TS_DATA; - continue; - - case TS_DO: - dooption(c); - state = TS_DATA; - continue; - - case TS_DONT: - dontoption(c); - state = TS_DATA; - continue; - - default: - syslog(LOG_ERR, "telnetd: panic state=%d\n", state); - printf("telnetd: panic state=%d\n", state); - exit(1); - } - } -} /* end of telrcv */ - -/* - * The will/wont/do/dont state machines are based on Dave Borman's - * Telnet option processing state machine. - * - * These correspond to the following states: - * my_state = the last negotiated state - * want_state = what I want the state to go to - * want_resp = how many requests I have sent - * All state defaults are negative, and resp defaults to 0. - * - * When initiating a request to change state to new_state: - * - * if ((want_resp == 0 && new_state == my_state) || want_state == new_state) { - * do nothing; - * } else { - * want_state = new_state; - * send new_state; - * want_resp++; - * } - * - * When receiving new_state: - * - * if (want_resp) { - * want_resp--; - * if (want_resp && (new_state == my_state)) - * want_resp--; - * } - * if ((want_resp == 0) && (new_state != want_state)) { - * if (ok_to_switch_to new_state) - * want_state = new_state; - * else - * want_resp++; - * send want_state; - * } - * my_state = new_state; - * - * Note that new_state is implied in these functions by the function itself. - * will and do imply positive new_state, wont and dont imply negative. - * - * Finally, there is one catch. If we send a negative response to a - * positive request, my_state will be the positive while want_state will - * remain negative. my_state will revert to negative when the negative - * acknowlegment arrives from the peer. Thus, my_state generally tells - * us not only the last negotiated state, but also tells us what the peer - * wants to be doing as well. It is important to understand this difference - * as we may wish to be processing data streams based on our desired state - * (want_state) or based on what the peer thinks the state is (my_state). - * - * This all works fine because if the peer sends a positive request, the data - * that we receive prior to negative acknowlegment will probably be affected - * by the positive state, and we can process it as such (if we can; if we - * can't then it really doesn't matter). If it is that important, then the - * peer probably should be buffering until this option state negotiation - * is complete. - * - */ -void -send_do(int option, int init) -{ - if (init) { - if ((do_dont_resp[option] == 0 && his_state_is_will(option)) || - his_want_state_is_will(option)) - return; - /* - * Special case for TELOPT_TM: We send a DO, but pretend - * that we sent a DONT, so that we can send more DOs if - * we want to. - */ - if (option == TELOPT_TM) - set_his_want_state_wont(option); - else - set_his_want_state_will(option); - do_dont_resp[option]++; - } - output_data((const char *)doopt, option); - - DIAG(TD_OPTIONS, printoption("td: send do", option)); -} - -#ifdef AUTHENTICATION -extern void auth_request(void); -#endif -#ifdef ENCRYPTION -extern void encrypt_send_support(void); -#endif - -void -willoption(int option) -{ - int changeok = 0; - void (*func)(void) = NULL; - - /* - * process input from peer. - */ - - DIAG(TD_OPTIONS, printoption("td: recv will", option)); - - if (do_dont_resp[option]) { - do_dont_resp[option]--; - if (do_dont_resp[option] && his_state_is_will(option)) - do_dont_resp[option]--; - } - if (do_dont_resp[option] == 0) { - if (his_want_state_is_wont(option)) { - switch (option) { - - case TELOPT_BINARY: - init_termbuf(); - tty_binaryin(1); - set_termbuf(); - changeok++; - break; - - case TELOPT_ECHO: - /* - * See comments below for more info. - */ - not42 = 0; /* looks like a 4.2 system */ - break; - - case TELOPT_TM: - /* - * We never respond to a WILL TM, and - * we leave the state WONT. - */ - return; - - case TELOPT_LFLOW: - /* - * If we are going to support flow control - * option, then don't worry peer that we can't - * change the flow control characters. - */ - slctab[SLC_XON].defset.flag &= ~SLC_LEVELBITS; - slctab[SLC_XON].defset.flag |= SLC_DEFAULT; - slctab[SLC_XOFF].defset.flag &= ~SLC_LEVELBITS; - slctab[SLC_XOFF].defset.flag |= SLC_DEFAULT; - case TELOPT_TTYPE: - case TELOPT_SGA: - case TELOPT_NAWS: - case TELOPT_TSPEED: - case TELOPT_XDISPLOC: - case TELOPT_NEW_ENVIRON: - case TELOPT_OLD_ENVIRON: - changeok++; - break; - - -#ifdef AUTHENTICATION - case TELOPT_AUTHENTICATION: - func = auth_request; - changeok++; - break; -#endif - -#ifdef ENCRYPTION - case TELOPT_ENCRYPT: - func = encrypt_send_support; - changeok++; - break; -#endif - - default: - break; - } - if (changeok) { - set_his_want_state_will(option); - send_do(option, 0); - } else { - do_dont_resp[option]++; - send_dont(option, 0); - } - } else { - /* - * Option processing that should happen when - * we receive conformation of a change in - * state that we had requested. - */ - switch (option) { - case TELOPT_ECHO: - not42 = 0; /* looks like a 4.2 system */ - /* - * Egads, he responded "WILL ECHO". Turn - * it off right now! - */ - send_dont(option, 1); - /* - * "WILL ECHO". Kludge upon kludge! - * A 4.2 client is now echoing user input at - * the tty. This is probably undesireable and - * it should be stopped. The client will - * respond WONT TM to the DO TM that we send to - * check for kludge linemode. When the WONT TM - * arrives, linemode will be turned off and a - * change propogated to the pty. This change - * will cause us to process the new pty state - * in localstat(), which will notice that - * linemode is off and send a WILL ECHO - * so that we are properly in character mode and - * all is well. - */ - break; - -#ifdef AUTHENTICATION - case TELOPT_AUTHENTICATION: - func = auth_request; - break; -#endif - -#ifdef ENCRYPTION - case TELOPT_ENCRYPT: - func = encrypt_send_support; - break; -#endif - - case TELOPT_LFLOW: - func = flowstat; - break; - } - } - } - set_his_state_will(option); - if (func) - (*func)(); -} /* end of willoption */ - -void -send_dont(int option, int init) -{ - if (init) { - if ((do_dont_resp[option] == 0 && his_state_is_wont(option)) || - his_want_state_is_wont(option)) - return; - set_his_want_state_wont(option); - do_dont_resp[option]++; - } - output_data((const char *)dont, option); - - DIAG(TD_OPTIONS, printoption("td: send dont", option)); -} - -void -wontoption(int option) -{ - /* - * Process client input. - */ - - DIAG(TD_OPTIONS, printoption("td: recv wont", option)); - - if (do_dont_resp[option]) { - do_dont_resp[option]--; - if (do_dont_resp[option] && his_state_is_wont(option)) - do_dont_resp[option]--; - } - if (do_dont_resp[option] == 0) { - if (his_want_state_is_will(option)) { - /* it is always ok to change to negative state */ - switch (option) { - case TELOPT_ECHO: - not42 = 1; /* doesn't seem to be a 4.2 system */ - break; - - case TELOPT_BINARY: - init_termbuf(); - tty_binaryin(0); - set_termbuf(); - break; - - case TELOPT_TM: - /* - * If we get a WONT TM, and had sent a DO TM, - * don't respond with a DONT TM, just leave it - * as is. Short circut the state machine to - * achive this. - */ - set_his_want_state_wont(TELOPT_TM); - return; - - case TELOPT_LFLOW: - /* - * If we are not going to support flow control - * option, then let peer know that we can't - * change the flow control characters. - */ - slctab[SLC_XON].defset.flag &= ~SLC_LEVELBITS; - slctab[SLC_XON].defset.flag |= SLC_CANTCHANGE; - slctab[SLC_XOFF].defset.flag &= ~SLC_LEVELBITS; - slctab[SLC_XOFF].defset.flag |= SLC_CANTCHANGE; - break; - -#ifdef AUTHENTICATION - case TELOPT_AUTHENTICATION: - auth_finished(0, AUTH_REJECT); - break; -#endif - - /* - * For options that we might spin waiting for - * sub-negotiation, if the client turns off the - * option rather than responding to the request, - * we have to treat it here as if we got a response - * to the sub-negotiation, (by updating the timers) - * so that we'll break out of the loop. - */ - case TELOPT_TTYPE: - settimer(ttypesubopt); - break; - - case TELOPT_TSPEED: - settimer(tspeedsubopt); - break; - - case TELOPT_XDISPLOC: - settimer(xdisplocsubopt); - break; - - case TELOPT_OLD_ENVIRON: - settimer(oenvironsubopt); - break; - - case TELOPT_NEW_ENVIRON: - settimer(environsubopt); - break; - - default: - break; - } - set_his_want_state_wont(option); - if (his_state_is_will(option)) - send_dont(option, 0); - } else { - switch (option) { - case TELOPT_TM: - break; - -#ifdef AUTHENTICATION - case TELOPT_AUTHENTICATION: - auth_finished(0, AUTH_REJECT); - break; -#endif - default: - break; - } - } - } - set_his_state_wont(option); - -} /* end of wontoption */ - -void -send_will(int option, int init) -{ - if (init) { - if ((will_wont_resp[option] == 0 && my_state_is_will(option))|| - my_want_state_is_will(option)) - return; - set_my_want_state_will(option); - will_wont_resp[option]++; - } - output_data ((const char *)will, option); - - DIAG(TD_OPTIONS, printoption("td: send will", option)); -} - -/* - * When we get a DONT SGA, we will try once to turn it - * back on. If the other side responds DONT SGA, we - * leave it at that. This is so that when we talk to - * clients that understand KLUDGELINEMODE but not LINEMODE, - * we'll keep them in char-at-a-time mode. - */ -int turn_on_sga = 0; - -void -dooption(int option) -{ - int changeok = 0; - - /* - * Process client input. - */ - - DIAG(TD_OPTIONS, printoption("td: recv do", option)); - - if (will_wont_resp[option]) { - will_wont_resp[option]--; - if (will_wont_resp[option] && my_state_is_will(option)) - will_wont_resp[option]--; - } - if ((will_wont_resp[option] == 0) && (my_want_state_is_wont(option))) { - switch (option) { - case TELOPT_ECHO: - { - init_termbuf(); - tty_setecho(1); - set_termbuf(); - } - changeok++; - break; - - case TELOPT_BINARY: - init_termbuf(); - tty_binaryout(1); - set_termbuf(); - changeok++; - break; - - case TELOPT_SGA: - turn_on_sga = 0; - changeok++; - break; - - case TELOPT_STATUS: - changeok++; - break; - - case TELOPT_TM: - /* - * Special case for TM. We send a WILL, but - * pretend we sent a WONT. - */ - send_will(option, 0); - set_my_want_state_wont(option); - set_my_state_wont(option); - return; - - case TELOPT_LOGOUT: - /* - * When we get a LOGOUT option, respond - * with a WILL LOGOUT, make sure that - * it gets written out to the network, - * and then just go away... - */ - set_my_want_state_will(TELOPT_LOGOUT); - send_will(TELOPT_LOGOUT, 0); - set_my_state_will(TELOPT_LOGOUT); - netflush(); - cleanup(0); - /* NOT REACHED */ - break; - -#ifdef ENCRYPTION - case TELOPT_ENCRYPT: - changeok++; - break; -#endif - case TELOPT_LINEMODE: - case TELOPT_TTYPE: - case TELOPT_NAWS: - case TELOPT_TSPEED: - case TELOPT_LFLOW: - case TELOPT_XDISPLOC: -#ifdef TELOPT_ENVIRON - case TELOPT_NEW_ENVIRON: -#endif - case TELOPT_OLD_ENVIRON: - default: - break; - } - if (changeok) { - set_my_want_state_will(option); - send_will(option, 0); - } else { - will_wont_resp[option]++; - send_wont(option, 0); - } - } - set_my_state_will(option); - -} /* end of dooption */ - -void -send_wont(int option, int init) -{ - if (init) { - if ((will_wont_resp[option] == 0 && my_state_is_wont(option)) || - my_want_state_is_wont(option)) - return; - set_my_want_state_wont(option); - will_wont_resp[option]++; - } - output_data ((const char *)wont, option); - - DIAG(TD_OPTIONS, printoption("td: send wont", option)); -} - -void -dontoption(int option) -{ - /* - * Process client input. - */ - - - DIAG(TD_OPTIONS, printoption("td: recv dont", option)); - - if (will_wont_resp[option]) { - will_wont_resp[option]--; - if (will_wont_resp[option] && my_state_is_wont(option)) - will_wont_resp[option]--; - } - if ((will_wont_resp[option] == 0) && (my_want_state_is_will(option))) { - switch (option) { - case TELOPT_BINARY: - init_termbuf(); - tty_binaryout(0); - set_termbuf(); - break; - - case TELOPT_ECHO: /* we should stop echoing */ - { - init_termbuf(); - tty_setecho(0); - set_termbuf(); - } - break; - - case TELOPT_SGA: - set_my_want_state_wont(option); - if (my_state_is_will(option)) - send_wont(option, 0); - set_my_state_wont(option); - if (turn_on_sga ^= 1) - send_will(option, 1); - return; - - default: - break; - } - - set_my_want_state_wont(option); - if (my_state_is_will(option)) - send_wont(option, 0); - } - set_my_state_wont(option); - -} /* end of dontoption */ - -#ifdef ENV_HACK -int env_ovar = -1; -int env_ovalue = -1; -#else /* ENV_HACK */ -# define env_ovar OLD_ENV_VAR -# define env_ovalue OLD_ENV_VALUE -#endif /* ENV_HACK */ - -/* - * suboption() - * - * Look at the sub-option buffer, and try to be helpful to the other - * side. - * - * Currently we recognize: - * - * Terminal type is - * Linemode - * Window size - * Terminal speed - */ -void -suboption(void) -{ - int subchar; - - DIAG(TD_OPTIONS, {netflush(); printsub('<', subpointer, SB_LEN()+2);}); - - subchar = SB_GET(); - switch (subchar) { - case TELOPT_TSPEED: { - int xspeed, rspeed; - - if (his_state_is_wont(TELOPT_TSPEED)) /* Ignore if option disabled */ - break; - - settimer(tspeedsubopt); - - if (SB_EOF() || SB_GET() != TELQUAL_IS) - return; - - xspeed = atoi((char *)subpointer); - - while (SB_GET() != ',' && !SB_EOF()); - if (SB_EOF()) - return; - - rspeed = atoi((char *)subpointer); - clientstat(TELOPT_TSPEED, xspeed, rspeed); - - break; - - } /* end of case TELOPT_TSPEED */ - - case TELOPT_TTYPE: { /* Yaaaay! */ - char *p; - - if (his_state_is_wont(TELOPT_TTYPE)) /* Ignore if option disabled */ - break; - settimer(ttypesubopt); - - if (SB_EOF() || SB_GET() != TELQUAL_IS) { - return; /* ??? XXX but, this is the most robust */ - } - - p = terminaltype; - - while ((p < (terminaltype + sizeof terminaltype-1)) && - !SB_EOF()) { - int c; - - c = SB_GET(); - if (isupper(c)) { - c = tolower(c); - } - *p++ = c; /* accumulate name */ - } - *p = 0; - break; - } /* end of case TELOPT_TTYPE */ - - case TELOPT_NAWS: { - int xwinsize, ywinsize; - - if (his_state_is_wont(TELOPT_NAWS)) /* Ignore if option disabled */ - break; - - if (SB_EOF()) - return; - xwinsize = SB_GET() << 8; - if (SB_EOF()) - return; - xwinsize |= SB_GET(); - if (SB_EOF()) - return; - ywinsize = SB_GET() << 8; - if (SB_EOF()) - return; - ywinsize |= SB_GET(); - clientstat(TELOPT_NAWS, xwinsize, ywinsize); - - break; - - } /* end of case TELOPT_NAWS */ - - case TELOPT_STATUS: { - int mode; - - if (SB_EOF()) - break; - mode = SB_GET(); - switch (mode) { - case TELQUAL_SEND: - if (my_state_is_will(TELOPT_STATUS)) - send_status(); - break; - - case TELQUAL_IS: - break; - - default: - break; - } - break; - } /* end of case TELOPT_STATUS */ - - case TELOPT_XDISPLOC: { - if (SB_EOF() || SB_GET() != TELQUAL_IS) - return; - settimer(xdisplocsubopt); - subpointer[SB_LEN()] = '\0'; - esetenv("DISPLAY", (char *)subpointer, 1); - break; - } /* end of case TELOPT_XDISPLOC */ - -#ifdef TELOPT_NEW_ENVIRON - case TELOPT_NEW_ENVIRON: -#endif - case TELOPT_OLD_ENVIRON: { - int c; - char *cp, *varp, *valp; - - if (SB_EOF()) - return; - c = SB_GET(); - if (c == TELQUAL_IS) { - if (subchar == TELOPT_OLD_ENVIRON) - settimer(oenvironsubopt); - else - settimer(environsubopt); - } else if (c != TELQUAL_INFO) { - return; - } - -#ifdef TELOPT_NEW_ENVIRON - if (subchar == TELOPT_NEW_ENVIRON) { - while (!SB_EOF()) { - c = SB_GET(); - if ((c == NEW_ENV_VAR) || (c == ENV_USERVAR)) - break; - } - } else -#endif - { -#ifdef ENV_HACK - /* - * We only want to do this if we haven't already decided - * whether or not the other side has its VALUE and VAR - * reversed. - */ - if (env_ovar < 0) { - int last = -1; /* invalid value */ - int empty = 0; - int got_var = 0, got_value = 0, got_uservar = 0; - - /* - * The other side might have its VALUE and VAR values - * reversed. To be interoperable, we need to determine - * which way it is. If the first recognized character - * is a VAR or VALUE, then that will tell us what - * type of client it is. If the fist recognized - * character is a USERVAR, then we continue scanning - * the suboption looking for two consecutive - * VAR or VALUE fields. We should not get two - * consecutive VALUE fields, so finding two - * consecutive VALUE or VAR fields will tell us - * what the client is. - */ - SB_SAVE(); - while (!SB_EOF()) { - c = SB_GET(); - switch(c) { - case OLD_ENV_VAR: - if (last < 0 || last == OLD_ENV_VAR - || (empty && (last == OLD_ENV_VALUE))) - goto env_ovar_ok; - got_var++; - last = OLD_ENV_VAR; - break; - case OLD_ENV_VALUE: - if (last < 0 || last == OLD_ENV_VALUE - || (empty && (last == OLD_ENV_VAR))) - goto env_ovar_wrong; - got_value++; - last = OLD_ENV_VALUE; - break; - case ENV_USERVAR: - /* count strings of USERVAR as one */ - if (last != ENV_USERVAR) - got_uservar++; - if (empty) { - if (last == OLD_ENV_VALUE) - goto env_ovar_ok; - if (last == OLD_ENV_VAR) - goto env_ovar_wrong; - } - last = ENV_USERVAR; - break; - case ENV_ESC: - if (!SB_EOF()) - c = SB_GET(); - /* FALL THROUGH */ - default: - empty = 0; - continue; - } - empty = 1; - } - if (empty) { - if (last == OLD_ENV_VALUE) - goto env_ovar_ok; - if (last == OLD_ENV_VAR) - goto env_ovar_wrong; - } - /* - * Ok, the first thing was a USERVAR, and there - * are not two consecutive VAR or VALUE commands, - * and none of the VAR or VALUE commands are empty. - * If the client has sent us a well-formed option, - * then the number of VALUEs received should always - * be less than or equal to the number of VARs and - * USERVARs received. - * - * If we got exactly as many VALUEs as VARs and - * USERVARs, the client has the same definitions. - * - * If we got exactly as many VARs as VALUEs and - * USERVARS, the client has reversed definitions. - */ - if (got_uservar + got_var == got_value) { - env_ovar_ok: - env_ovar = OLD_ENV_VAR; - env_ovalue = OLD_ENV_VALUE; - } else if (got_uservar + got_value == got_var) { - env_ovar_wrong: - env_ovar = OLD_ENV_VALUE; - env_ovalue = OLD_ENV_VAR; - DIAG(TD_OPTIONS, { - output_data("ENVIRON VALUE and VAR are reversed!\r\n"); - }); - - } - } - SB_RESTORE(); -#endif - - while (!SB_EOF()) { - c = SB_GET(); - if ((c == env_ovar) || (c == ENV_USERVAR)) - break; - } - } - - if (SB_EOF()) - return; - - cp = varp = (char *)subpointer; - valp = 0; - - while (!SB_EOF()) { - c = SB_GET(); - if (subchar == TELOPT_OLD_ENVIRON) { - if (c == env_ovar) - c = NEW_ENV_VAR; - else if (c == env_ovalue) - c = NEW_ENV_VALUE; - } - switch (c) { - - case NEW_ENV_VALUE: - *cp = '\0'; - cp = valp = (char *)subpointer; - break; - - case NEW_ENV_VAR: - case ENV_USERVAR: - *cp = '\0'; - if (valp) - esetenv(varp, valp, 1); - else - unsetenv(varp); - cp = varp = (char *)subpointer; - valp = 0; - break; - - case ENV_ESC: - if (SB_EOF()) - break; - c = SB_GET(); - /* FALL THROUGH */ - default: - *cp++ = c; - break; - } - } - *cp = '\0'; - if (valp) - esetenv(varp, valp, 1); - else - unsetenv(varp); - break; - } /* end of case TELOPT_NEW_ENVIRON */ -#ifdef AUTHENTICATION - case TELOPT_AUTHENTICATION: - if (SB_EOF()) - break; - switch(SB_GET()) { - case TELQUAL_SEND: - case TELQUAL_REPLY: - /* - * These are sent by us and cannot be sent by - * the client. - */ - break; - case TELQUAL_IS: - auth_is(subpointer, SB_LEN()); - break; - case TELQUAL_NAME: - auth_name(subpointer, SB_LEN()); - break; - } - break; -#endif -#ifdef ENCRYPTION - case TELOPT_ENCRYPT: - if (SB_EOF()) - break; - switch(SB_GET()) { - case ENCRYPT_SUPPORT: - encrypt_support(subpointer, SB_LEN()); - break; - case ENCRYPT_IS: - encrypt_is(subpointer, SB_LEN()); - break; - case ENCRYPT_REPLY: - encrypt_reply(subpointer, SB_LEN()); - break; - case ENCRYPT_START: - encrypt_start(subpointer, SB_LEN()); - break; - case ENCRYPT_END: - if (require_encryption) - fatal(net, "Output encryption is not possible to turn off"); - encrypt_end(); - break; - case ENCRYPT_REQSTART: - encrypt_request_start(subpointer, SB_LEN()); - break; - case ENCRYPT_REQEND: - /* - * We can always send an REQEND so that we cannot - * get stuck encrypting. We should only get this - * if we have been able to get in the correct mode - * anyhow. - */ - if (require_encryption) - fatal(net, "Input encryption is not possible to turn off"); - encrypt_request_end(); - break; - case ENCRYPT_ENC_KEYID: - encrypt_enc_keyid(subpointer, SB_LEN()); - break; - case ENCRYPT_DEC_KEYID: - encrypt_dec_keyid(subpointer, SB_LEN()); - break; - default: - break; - } - break; -#endif - - default: - break; - } /* end of switch */ - -} /* end of suboption */ - -void -doclientstat(void) -{ - clientstat(TELOPT_LINEMODE, WILL, 0); -} - -#undef ADD -#define ADD(c) *ncp++ = c -#define ADD_DATA(c) { *ncp++ = c; if (c == SE || c == IAC) *ncp++ = c; } - -void -send_status(void) -{ - unsigned char statusbuf[256]; - unsigned char *ncp; - unsigned char i; - - ncp = statusbuf; - - netflush(); /* get rid of anything waiting to go out */ - - ADD(IAC); - ADD(SB); - ADD(TELOPT_STATUS); - ADD(TELQUAL_IS); - - /* - * We check the want_state rather than the current state, - * because if we received a DO/WILL for an option that we - * don't support, and the other side didn't send a DONT/WONT - * in response to our WONT/DONT, then the "state" will be - * WILL/DO, and the "want_state" will be WONT/DONT. We - * need to go by the latter. - */ - for (i = 0; i < (unsigned char)NTELOPTS; i++) { - if (my_want_state_is_will(i)) { - ADD(WILL); - ADD_DATA(i); - } - if (his_want_state_is_will(i)) { - ADD(DO); - ADD_DATA(i); - } - } - - if (his_want_state_is_will(TELOPT_LFLOW)) { - ADD(SB); - ADD(TELOPT_LFLOW); - if (flowmode) { - ADD(LFLOW_ON); - } else { - ADD(LFLOW_OFF); - } - ADD(SE); - - if (restartany >= 0) { - ADD(SB); - ADD(TELOPT_LFLOW); - if (restartany) { - ADD(LFLOW_RESTART_ANY); - } else { - ADD(LFLOW_RESTART_XON); - } - ADD(SE); - } - } - - - ADD(IAC); - ADD(SE); - - writenet(statusbuf, ncp - statusbuf); - netflush(); /* Send it on its way */ - - DIAG(TD_OPTIONS, - {printsub('>', statusbuf, ncp - statusbuf); netflush();}); -} diff --git a/crypto/heimdal/appl/telnet/telnetd/sys_term.c b/crypto/heimdal/appl/telnet/telnetd/sys_term.c deleted file mode 100644 index 852611f8eefa..000000000000 --- a/crypto/heimdal/appl/telnet/telnetd/sys_term.c +++ /dev/null @@ -1,1899 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnetd.h" - -RCSID("$Id: sys_term.c 22390 2007-12-31 10:12:48Z lha $"); - -#if defined(_CRAY) || (defined(__hpux) && !defined(HAVE_UTMPX_H)) -# define PARENT_DOES_UTMP -#endif - -#ifdef HAVE_UTMP_H -#include -#endif - -#ifdef HAVE_UTMPX_H -#include -#endif - -#ifdef HAVE_UTMPX_H -struct utmpx wtmp; -#elif defined(HAVE_UTMP_H) -struct utmp wtmp; -#endif /* HAVE_UTMPX_H */ - -#ifdef HAVE_STRUCT_UTMP_UT_HOST -int utmp_len = sizeof(wtmp.ut_host); -#else -int utmp_len = MaxHostNameLen; -#endif - -#ifndef UTMP_FILE -#ifdef _PATH_UTMP -#define UTMP_FILE _PATH_UTMP -#else -#define UTMP_FILE "/etc/utmp" -#endif -#endif - -#if !defined(WTMP_FILE) && defined(_PATH_WTMP) -#define WTMP_FILE _PATH_WTMP -#endif - -#ifndef PARENT_DOES_UTMP -#ifdef WTMP_FILE -char wtmpf[] = WTMP_FILE; -#else -char wtmpf[] = "/usr/adm/wtmp"; -#endif -char utmpf[] = UTMP_FILE; -#else /* PARENT_DOES_UTMP */ -#ifdef WTMP_FILE -char wtmpf[] = WTMP_FILE; -#else -char wtmpf[] = "/etc/wtmp"; -#endif -#endif /* PARENT_DOES_UTMP */ - -#ifdef HAVE_TMPDIR_H -#include -#endif /* CRAY */ - -#if !(defined(__sgi) || defined(__linux) || defined(_AIX)) && defined(HAVE_SYS_TTY) -#include -#endif -#ifdef t_erase -#undef t_erase -#undef t_kill -#undef t_intrc -#undef t_quitc -#undef t_startc -#undef t_stopc -#undef t_eofc -#undef t_brkc -#undef t_suspc -#undef t_dsuspc -#undef t_rprntc -#undef t_flushc -#undef t_werasc -#undef t_lnextc -#endif - -#ifdef HAVE_TERMIOS_H -#include -#else -#ifdef HAVE_TERMIO_H -#include -#endif -#endif - -#ifdef HAVE_UTIL_H -#include -#endif -#ifdef HAVE_LIBUTIL_H -#include -#endif - -# ifndef TCSANOW -# ifdef TCSETS -# define TCSANOW TCSETS -# define TCSADRAIN TCSETSW -# define tcgetattr(f, t) ioctl(f, TCGETS, (char *)t) -# else -# ifdef TCSETA -# define TCSANOW TCSETA -# define TCSADRAIN TCSETAW -# define tcgetattr(f, t) ioctl(f, TCGETA, (char *)t) -# else -# define TCSANOW TIOCSETA -# define TCSADRAIN TIOCSETAW -# define tcgetattr(f, t) ioctl(f, TIOCGETA, (char *)t) -# endif -# endif -# define tcsetattr(f, a, t) ioctl(f, a, t) -# define cfsetospeed(tp, val) (tp)->c_cflag &= ~CBAUD; \ -(tp)->c_cflag |= (val) -# define cfgetospeed(tp) ((tp)->c_cflag & CBAUD) -# ifdef CIBAUD -# define cfsetispeed(tp, val) (tp)->c_cflag &= ~CIBAUD; \ - (tp)->c_cflag |= ((val)<c_cflag & CIBAUD)>>IBSHIFT) -# else -# define cfsetispeed(tp, val) (tp)->c_cflag &= ~CBAUD; \ - (tp)->c_cflag |= (val) -# define cfgetispeed(tp) ((tp)->c_cflag & CBAUD) -# endif -# endif /* TCSANOW */ - struct termios termbuf, termbuf2; /* pty control structure */ -# ifdef STREAMSPTY - static int ttyfd = -1; - int really_stream = 0; -# endif - - const char *new_login = _PATH_LOGIN; - -/* - * init_termbuf() - * copy_termbuf(cp) - * set_termbuf() - * - * These three routines are used to get and set the "termbuf" structure - * to and from the kernel. init_termbuf() gets the current settings. - * copy_termbuf() hands in a new "termbuf" to write to the kernel, and - * set_termbuf() writes the structure into the kernel. - */ - - void - init_termbuf(void) -{ -# ifdef STREAMSPTY - if (really_stream) - tcgetattr(ttyfd, &termbuf); - else -# endif - tcgetattr(ourpty, &termbuf); - termbuf2 = termbuf; -} - -void -set_termbuf(void) -{ - /* - * Only make the necessary changes. - */ - if (memcmp(&termbuf, &termbuf2, sizeof(termbuf))) { -# ifdef STREAMSPTY - if (really_stream) - tcsetattr(ttyfd, TCSANOW, &termbuf); - else -# endif - tcsetattr(ourpty, TCSANOW, &termbuf); - } -} - - -/* - * spcset(func, valp, valpp) - * - * This function takes various special characters (func), and - * sets *valp to the current value of that character, and - * *valpp to point to where in the "termbuf" structure that - * value is kept. - * - * It returns the SLC_ level of support for this function. - */ - - -int -spcset(int func, cc_t *valp, cc_t **valpp) -{ - -#define setval(a, b) *valp = termbuf.c_cc[a]; \ - *valpp = &termbuf.c_cc[a]; \ - return(b); -#define defval(a) *valp = ((cc_t)a); *valpp = (cc_t *)0; return(SLC_DEFAULT); - - switch(func) { - case SLC_EOF: - setval(VEOF, SLC_VARIABLE); - case SLC_EC: - setval(VERASE, SLC_VARIABLE); - case SLC_EL: - setval(VKILL, SLC_VARIABLE); - case SLC_IP: - setval(VINTR, SLC_VARIABLE|SLC_FLUSHIN|SLC_FLUSHOUT); - case SLC_ABORT: - setval(VQUIT, SLC_VARIABLE|SLC_FLUSHIN|SLC_FLUSHOUT); - case SLC_XON: -#ifdef VSTART - setval(VSTART, SLC_VARIABLE); -#else - defval(0x13); -#endif - case SLC_XOFF: -#ifdef VSTOP - setval(VSTOP, SLC_VARIABLE); -#else - defval(0x11); -#endif - case SLC_EW: -#ifdef VWERASE - setval(VWERASE, SLC_VARIABLE); -#else - defval(0); -#endif - case SLC_RP: -#ifdef VREPRINT - setval(VREPRINT, SLC_VARIABLE); -#else - defval(0); -#endif - case SLC_LNEXT: -#ifdef VLNEXT - setval(VLNEXT, SLC_VARIABLE); -#else - defval(0); -#endif - case SLC_AO: -#if !defined(VDISCARD) && defined(VFLUSHO) -# define VDISCARD VFLUSHO -#endif -#ifdef VDISCARD - setval(VDISCARD, SLC_VARIABLE|SLC_FLUSHOUT); -#else - defval(0); -#endif - case SLC_SUSP: -#ifdef VSUSP - setval(VSUSP, SLC_VARIABLE|SLC_FLUSHIN); -#else - defval(0); -#endif -#ifdef VEOL - case SLC_FORW1: - setval(VEOL, SLC_VARIABLE); -#endif -#ifdef VEOL2 - case SLC_FORW2: - setval(VEOL2, SLC_VARIABLE); -#endif - case SLC_AYT: -#ifdef VSTATUS - setval(VSTATUS, SLC_VARIABLE); -#else - defval(0); -#endif - - case SLC_BRK: - case SLC_SYNCH: - case SLC_EOR: - defval(0); - - default: - *valp = 0; - *valpp = 0; - return(SLC_NOSUPPORT); - } -} - -#ifdef _CRAY -/* - * getnpty() - * - * Return the number of pty's configured into the system. - */ -int -getnpty() -{ -#ifdef _SC_CRAY_NPTY - int numptys; - - if ((numptys = sysconf(_SC_CRAY_NPTY)) != -1) - return numptys; - else -#endif /* _SC_CRAY_NPTY */ - return 128; -} -#endif /* CRAY */ - -/* - * getpty() - * - * Allocate a pty. As a side effect, the external character - * array "line" contains the name of the slave side. - * - * Returns the file descriptor of the opened pty. - */ - -static int ptyslavefd = -1; - -static char Xline[] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; -char *line = Xline; - -#ifdef _CRAY -char myline[] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; -#endif /* CRAY */ - -#if !defined(HAVE_PTSNAME) && defined(STREAMSPTY) -static char *ptsname(int fd) -{ -#ifdef HAVE_TTYNAME - return ttyname(fd); -#else - return NULL; -#endif -} -#endif - -int getpty(int *ptynum) -{ -#if defined(HAVE_OPENPTY) || defined(__linux) || defined(__osf__) /* XXX */ - { - int master; - int slave; - if(openpty(&master, &slave, line, 0, 0) == 0){ - ptyslavefd = slave; - return master; - } - } -#endif /* HAVE_OPENPTY .... */ -#ifdef HAVE__GETPTY - { - int master; - char *p; - p = _getpty(&master, O_RDWR, 0600, 1); - if(p == NULL) - return -1; - strlcpy(line, p, sizeof(Xline)); - return master; - } -#endif - -#ifdef STREAMSPTY - { - char *clone[] = { "/dev/ptc", "/dev/ptmx", "/dev/ptm", - "/dev/ptym/clone", 0 }; - - char **q; - int p; - for(q=clone; *q; q++){ - p=open(*q, O_RDWR); - if(p >= 0){ -#ifdef HAVE_GRANTPT - grantpt(p); -#endif -#ifdef HAVE_UNLOCKPT - unlockpt(p); -#endif - strlcpy(line, ptsname(p), sizeof(Xline)); - really_stream = 1; - return p; - } - } - } -#endif /* STREAMSPTY */ -#ifndef _CRAY - { - int p; - char *cp, *p1, *p2; - int i; - -#ifndef __hpux - snprintf(line, sizeof(Xline), "/dev/ptyXX"); - p1 = &line[8]; - p2 = &line[9]; -#else - snprintf(line, sizeof(Xline), "/dev/ptym/ptyXX"); - p1 = &line[13]; - p2 = &line[14]; -#endif - - - for (cp = "pqrstuvwxyzPQRST"; *cp; cp++) { - struct stat stb; - - *p1 = *cp; - *p2 = '0'; - /* - * This stat() check is just to keep us from - * looping through all 256 combinations if there - * aren't that many ptys available. - */ - if (stat(line, &stb) < 0) - break; - for (i = 0; i < 16; i++) { - *p2 = "0123456789abcdef"[i]; - p = open(line, O_RDWR); - if (p > 0) { -#if SunOS == 40 - int dummy; -#endif - -#ifndef __hpux - line[5] = 't'; -#else - for (p1 = &line[8]; *p1; p1++) - *p1 = *(p1+1); - line[9] = 't'; -#endif - chown(line, 0, 0); - chmod(line, 0600); -#if SunOS == 40 - if (ioctl(p, TIOCGPGRP, &dummy) == 0 - || errno != EIO) { - chmod(line, 0666); - close(p); - line[5] = 'p'; - } else -#endif /* SunOS == 40 */ - return(p); - } - } - } - } -#else /* CRAY */ - { - extern lowpty, highpty; - struct stat sb; - int p; - - for (*ptynum = lowpty; *ptynum <= highpty; (*ptynum)++) { - snprintf(myline, sizeof(myline), "/dev/pty/%03d", *ptynum); - p = open(myline, 2); - if (p < 0) - continue; - snprintf(line, sizeof(Xline), "/dev/ttyp%03d", *ptynum); - /* - * Here are some shenanigans to make sure that there - * are no listeners lurking on the line. - */ - if(stat(line, &sb) < 0) { - close(p); - continue; - } - if(sb.st_uid || sb.st_gid || sb.st_mode != 0600) { - chown(line, 0, 0); - chmod(line, 0600); - close(p); - p = open(myline, 2); - if (p < 0) - continue; - } - /* - * Now it should be safe...check for accessability. - */ - if (access(line, 6) == 0) - return(p); - else { - /* no tty side to pty so skip it */ - close(p); - } - } - } -#endif /* CRAY */ - return(-1); -} - - -int -tty_isecho(void) -{ - return (termbuf.c_lflag & ECHO); -} - -int -tty_flowmode(void) -{ - return((termbuf.c_iflag & IXON) ? 1 : 0); -} - -int -tty_restartany(void) -{ - return((termbuf.c_iflag & IXANY) ? 1 : 0); -} - -void -tty_setecho(int on) -{ - if (on) - termbuf.c_lflag |= ECHO; - else - termbuf.c_lflag &= ~ECHO; -} - -int -tty_israw(void) -{ - return(!(termbuf.c_lflag & ICANON)); -} - -void -tty_binaryin(int on) -{ - if (on) { - termbuf.c_iflag &= ~ISTRIP; - } else { - termbuf.c_iflag |= ISTRIP; - } -} - -void -tty_binaryout(int on) -{ - if (on) { - termbuf.c_cflag &= ~(CSIZE|PARENB); - termbuf.c_cflag |= CS8; - termbuf.c_oflag &= ~OPOST; - } else { - termbuf.c_cflag &= ~CSIZE; - termbuf.c_cflag |= CS7|PARENB; - termbuf.c_oflag |= OPOST; - } -} - -int -tty_isbinaryin(void) -{ - return(!(termbuf.c_iflag & ISTRIP)); -} - -int -tty_isbinaryout(void) -{ - return(!(termbuf.c_oflag&OPOST)); -} - - -int -tty_issofttab(void) -{ -# ifdef OXTABS - return (termbuf.c_oflag & OXTABS); -# endif -# ifdef TABDLY - return ((termbuf.c_oflag & TABDLY) == TAB3); -# endif -} - -void -tty_setsofttab(int on) -{ - if (on) { -# ifdef OXTABS - termbuf.c_oflag |= OXTABS; -# endif -# ifdef TABDLY - termbuf.c_oflag &= ~TABDLY; - termbuf.c_oflag |= TAB3; -# endif - } else { -# ifdef OXTABS - termbuf.c_oflag &= ~OXTABS; -# endif -# ifdef TABDLY - termbuf.c_oflag &= ~TABDLY; - termbuf.c_oflag |= TAB0; -# endif - } -} - -int -tty_islitecho(void) -{ -# ifdef ECHOCTL - return (!(termbuf.c_lflag & ECHOCTL)); -# endif -# ifdef TCTLECH - return (!(termbuf.c_lflag & TCTLECH)); -# endif -# if !defined(ECHOCTL) && !defined(TCTLECH) - return (0); /* assumes ctl chars are echoed '^x' */ -# endif -} - -void -tty_setlitecho(int on) -{ -# ifdef ECHOCTL - if (on) - termbuf.c_lflag &= ~ECHOCTL; - else - termbuf.c_lflag |= ECHOCTL; -# endif -# ifdef TCTLECH - if (on) - termbuf.c_lflag &= ~TCTLECH; - else - termbuf.c_lflag |= TCTLECH; -# endif -} - -int -tty_iscrnl(void) -{ - return (termbuf.c_iflag & ICRNL); -} - -/* - * Try to guess whether speeds are "encoded" (4.2BSD) or just numeric (4.4BSD). - */ -#if B4800 != 4800 -#define DECODE_BAUD -#endif - -#ifdef DECODE_BAUD - -/* - * A table of available terminal speeds - */ -struct termspeeds { - int speed; - int value; -} termspeeds[] = { - { 0, B0 }, { 50, B50 }, { 75, B75 }, - { 110, B110 }, { 134, B134 }, { 150, B150 }, - { 200, B200 }, { 300, B300 }, { 600, B600 }, - { 1200, B1200 }, { 1800, B1800 }, { 2400, B2400 }, - { 4800, B4800 }, -#ifdef B7200 - { 7200, B7200 }, -#endif - { 9600, B9600 }, -#ifdef B14400 - { 14400, B14400 }, -#endif -#ifdef B19200 - { 19200, B19200 }, -#endif -#ifdef B28800 - { 28800, B28800 }, -#endif -#ifdef B38400 - { 38400, B38400 }, -#endif -#ifdef B57600 - { 57600, B57600 }, -#endif -#ifdef B115200 - { 115200, B115200 }, -#endif -#ifdef B230400 - { 230400, B230400 }, -#endif - { -1, 0 } -}; -#endif /* DECODE_BUAD */ - -void -tty_tspeed(int val) -{ -#ifdef DECODE_BAUD - struct termspeeds *tp; - - for (tp = termspeeds; (tp->speed != -1) && (val > tp->speed); tp++) - ; - if (tp->speed == -1) /* back up to last valid value */ - --tp; - cfsetospeed(&termbuf, tp->value); -#else /* DECODE_BUAD */ - cfsetospeed(&termbuf, val); -#endif /* DECODE_BUAD */ -} - -void -tty_rspeed(int val) -{ -#ifdef DECODE_BAUD - struct termspeeds *tp; - - for (tp = termspeeds; (tp->speed != -1) && (val > tp->speed); tp++) - ; - if (tp->speed == -1) /* back up to last valid value */ - --tp; - cfsetispeed(&termbuf, tp->value); -#else /* DECODE_BAUD */ - cfsetispeed(&termbuf, val); -#endif /* DECODE_BAUD */ -} - -#ifdef PARENT_DOES_UTMP -extern struct utmp wtmp; -extern char wtmpf[]; - -extern void utmp_sig_init (void); -extern void utmp_sig_reset (void); -extern void utmp_sig_wait (void); -extern void utmp_sig_notify (int); -# endif /* PARENT_DOES_UTMP */ - -#ifdef STREAMSPTY - -/* I_FIND seems to live a life of its own */ -static int my_find(int fd, char *module) -{ -#if defined(I_FIND) && defined(I_LIST) - static int flag; - static struct str_list sl; - int n; - int i; - - if(!flag){ - n = ioctl(fd, I_LIST, 0); - if(n < 0){ - perror("ioctl(fd, I_LIST, 0)"); - return -1; - } - sl.sl_modlist=(struct str_mlist*)malloc(n * sizeof(struct str_mlist)); - sl.sl_nmods = n; - n = ioctl(fd, I_LIST, &sl); - if(n < 0){ - perror("ioctl(fd, I_LIST, n)"); - return -1; - } - flag = 1; - } - - for(i=0; i= modules; p--){ - err = ioctl(fd, I_PUSH, *p); - if(err < 0 && errno != EINVAL) - fatalperror(net, "I_PUSH"); - } -} -#endif - -/* - * getptyslave() - * - * Open the slave side of the pty, and do any initialization - * that is necessary. The return value is a file descriptor - * for the slave side. - */ -void getptyslave(void) -{ - int t = -1; - - struct winsize ws; - /* - * Opening the slave side may cause initilization of the - * kernel tty structure. We need remember the state of - * if linemode was turned on - * terminal window size - * terminal speed - * so that we can re-set them if we need to. - */ - - - /* - * Make sure that we don't have a controlling tty, and - * that we are the session (process group) leader. - */ - -#ifdef HAVE_SETSID - if(setsid()<0) - fatalperror(net, "setsid()"); -#else -# ifdef TIOCNOTTY - t = open(_PATH_TTY, O_RDWR); - if (t >= 0) { - ioctl(t, TIOCNOTTY, (char *)0); - close(t); - } -# endif -#endif - -# ifdef PARENT_DOES_UTMP - /* - * Wait for our parent to get the utmp stuff to get done. - */ - utmp_sig_wait(); -# endif - - t = cleanopen(line); - if (t < 0) - fatalperror(net, line); - -#ifdef STREAMSPTY - ttyfd = t; - - - /* - * Not all systems have (or need) modules ttcompat and pckt so - * don't flag it as a fatal error if they don't exist. - */ - - if (really_stream) - { - /* these are the streams modules that we want pushed. note - that they are in reverse order, ptem will be pushed - first. maybe_push_modules() will try to push all modules - before the first one that isn't already pushed. i.e if - ldterm is pushed, only ttcompat will be attempted. - - all this is because we don't know which modules are - available, and we don't know which modules are already - pushed (via autopush, for instance). - - */ - - char *ttymodules[] = { "ttcompat", "ldterm", "ptem", NULL }; - char *ptymodules[] = { "pckt", NULL }; - - maybe_push_modules(t, ttymodules); - maybe_push_modules(ourpty, ptymodules); - } -#endif - /* - * set up the tty modes as we like them to be. - */ - init_termbuf(); -# ifdef TIOCSWINSZ - if (def_row || def_col) { - memset(&ws, 0, sizeof(ws)); - ws.ws_col = def_col; - ws.ws_row = def_row; - ioctl(t, TIOCSWINSZ, (char *)&ws); - } -# endif - - /* - * Settings for sgtty based systems - */ - - /* - * Settings for UNICOS (and HPUX) - */ -# if defined(_CRAY) || defined(__hpux) - termbuf.c_oflag = OPOST|ONLCR|TAB3; - termbuf.c_iflag = IGNPAR|ISTRIP|ICRNL|IXON; - termbuf.c_lflag = ISIG|ICANON|ECHO|ECHOE|ECHOK; - termbuf.c_cflag = EXTB|HUPCL|CS8; -# endif - - /* - * Settings for all other termios/termio based - * systems, other than 4.4BSD. In 4.4BSD the - * kernel does the initial terminal setup. - */ -# if !(defined(_CRAY) || defined(__hpux)) && (BSD <= 43) -# ifndef OXTABS -# define OXTABS 0 -# endif - termbuf.c_lflag |= ECHO; - termbuf.c_oflag |= ONLCR|OXTABS; - termbuf.c_iflag |= ICRNL; - termbuf.c_iflag &= ~IXOFF; -# endif - tty_rspeed((def_rspeed > 0) ? def_rspeed : 9600); - tty_tspeed((def_tspeed > 0) ? def_tspeed : 9600); - - /* - * Set the tty modes, and make this our controlling tty. - */ - set_termbuf(); - if (login_tty(t) == -1) - fatalperror(net, "login_tty"); - if (net > 2) - close(net); - if (ourpty > 2) { - close(ourpty); - ourpty = -1; - } -} - -#ifndef O_NOCTTY -#define O_NOCTTY 0 -#endif -/* - * Open the specified slave side of the pty, - * making sure that we have a clean tty. - */ - -int cleanopen(char *line) -{ - int t; - - if (ptyslavefd != -1) - return ptyslavefd; - -#ifdef STREAMSPTY - if (!really_stream) -#endif - { - /* - * Make sure that other people can't open the - * slave side of the connection. - */ - chown(line, 0, 0); - chmod(line, 0600); - } - -#ifdef HAVE_REVOKE - revoke(line); -#endif - - t = open(line, O_RDWR|O_NOCTTY); - - if (t < 0) - return(-1); - - /* - * Hangup anybody else using this ttyp, then reopen it for - * ourselves. - */ -# if !(defined(_CRAY) || defined(__hpux)) && (BSD <= 43) && !defined(STREAMSPTY) - signal(SIGHUP, SIG_IGN); -#ifdef HAVE_VHANGUP - vhangup(); -#else -#endif - signal(SIGHUP, SIG_DFL); - t = open(line, O_RDWR|O_NOCTTY); - if (t < 0) - return(-1); -# endif -# if defined(_CRAY) && defined(TCVHUP) - { - int i; - signal(SIGHUP, SIG_IGN); - ioctl(t, TCVHUP, (char *)0); - signal(SIGHUP, SIG_DFL); - - i = open(line, O_RDWR); - - if (i < 0) - return(-1); - close(t); - t = i; - } -# endif /* defined(CRAY) && defined(TCVHUP) */ - return(t); -} - -#if !defined(BSD4_4) - -int login_tty(int t) -{ -# if defined(TIOCSCTTY) && !defined(__hpux) - if (ioctl(t, TIOCSCTTY, (char *)0) < 0) - fatalperror(net, "ioctl(sctty)"); -# ifdef _CRAY - /* - * Close the hard fd to /dev/ttypXXX, and re-open through - * the indirect /dev/tty interface. - */ - close(t); - if ((t = open("/dev/tty", O_RDWR)) < 0) - fatalperror(net, "open(/dev/tty)"); -# endif -# else - /* - * We get our controlling tty assigned as a side-effect - * of opening up a tty device. But on BSD based systems, - * this only happens if our process group is zero. The - * setsid() call above may have set our pgrp, so clear - * it out before opening the tty... - */ -#ifdef HAVE_SETPGID - setpgid(0, 0); -#else - setpgrp(0, 0); /* if setpgid isn't available, setpgrp - probably takes arguments */ -#endif - close(open(line, O_RDWR)); -# endif - if (t != 0) - dup2(t, 0); - if (t != 1) - dup2(t, 1); - if (t != 2) - dup2(t, 2); - if (t > 2) - close(t); - return(0); -} -#endif /* BSD <= 43 */ - -/* - * This comes from ../../bsd/tty.c and should not really be here. - */ - -/* - * Clean the tty name. Return a pointer to the cleaned version. - */ - -static char * clean_ttyname (char *) __attribute__((unused)); - -static char * -clean_ttyname (char *tty) -{ - char *res = tty; - - if (strncmp (res, _PATH_DEV, strlen(_PATH_DEV)) == 0) - res += strlen(_PATH_DEV); - if (strncmp (res, "pty/", 4) == 0) - res += 4; - if (strncmp (res, "ptym/", 5) == 0) - res += 5; - return res; -} - -/* - * Generate a name usable as an `ut_id', typically without `tty'. - */ - -#ifdef HAVE_STRUCT_UTMP_UT_ID -static char * -make_id (char *tty) -{ - char *res = tty; - - if (strncmp (res, "pts/", 4) == 0) - res += 4; - if (strncmp (res, "tty", 3) == 0) - res += 3; - return res; -} -#endif - -/* - * startslave(host) - * - * Given a hostname, do whatever - * is necessary to startup the login process on the slave side of the pty. - */ - -/* ARGSUSED */ -void -startslave(const char *host, const char *utmp_host, - int autologin, char *autoname) -{ - int i; - -#ifdef AUTHENTICATION - if (!autoname || !autoname[0]) - autologin = 0; - - if (autologin < auth_level) { - fatal(net, "Authorization failed"); - exit(1); - } -#endif - - { - char *tbuf = - "\r\n*** Connection not encrypted! " - "Communication may be eavesdropped. ***\r\n"; -#ifdef ENCRYPTION - if (!no_warn && (encrypt_output == 0 || decrypt_input == 0)) -#endif - writenet(tbuf, strlen(tbuf)); - } -# ifdef PARENT_DOES_UTMP - utmp_sig_init(); -# endif /* PARENT_DOES_UTMP */ - - if ((i = fork()) < 0) - fatalperror(net, "fork"); - if (i) { -# ifdef PARENT_DOES_UTMP - /* - * Cray parent will create utmp entry for child and send - * signal to child to tell when done. Child waits for signal - * before doing anything important. - */ - int pid = i; - void sigjob (int); - - setpgrp(); - utmp_sig_reset(); /* reset handler to default */ - /* - * Create utmp entry for child - */ - wtmp.ut_time = time(NULL); - wtmp.ut_type = LOGIN_PROCESS; - wtmp.ut_pid = pid; - strncpy(wtmp.ut_user, "LOGIN", sizeof(wtmp.ut_user)); - strncpy(wtmp.ut_host, utmp_host, sizeof(wtmp.ut_host)); - strncpy(wtmp.ut_line, clean_ttyname(line), sizeof(wtmp.ut_line)); -#ifdef HAVE_STRUCT_UTMP_UT_ID - strncpy(wtmp.ut_id, wtmp.ut_line + 3, sizeof(wtmp.ut_id)); -#endif - - pututline(&wtmp); - endutent(); - if ((i = open(wtmpf, O_WRONLY|O_APPEND)) >= 0) { - write(i, &wtmp, sizeof(struct utmp)); - close(i); - } -#ifdef _CRAY - signal(WJSIGNAL, sigjob); -#endif - utmp_sig_notify(pid); -# endif /* PARENT_DOES_UTMP */ - } else { - getptyslave(); -#if defined(DCE) - /* if we authenticated via K5, try and join the PAG */ - kerberos5_dfspag(); -#endif - start_login(host, autologin, autoname); - /*NOTREACHED*/ - } -} - -char *envinit[3]; -extern char **environ; - -void -init_env(void) -{ - char **envp; - - envp = envinit; - if ((*envp = getenv("TZ"))) - *envp++ -= 3; -#if defined(_CRAY) || defined(__hpux) - else - *envp++ = "TZ=GMT0"; -#endif - *envp = 0; - environ = envinit; -} - -/* - * scrub_env() - * - * We only accept the environment variables listed below. - */ - -static void -scrub_env(void) -{ - static const char *reject[] = { - "TERMCAP=/", - NULL - }; - - static const char *accept[] = { - "XAUTH=", "XAUTHORITY=", "DISPLAY=", - "TERM=", - "EDITOR=", - "PAGER=", - "PRINTER=", - "LOGNAME=", - "POSIXLY_CORRECT=", - "TERMCAP=", - NULL - }; - - char **cpp, **cpp2; - const char **p; - - for (cpp2 = cpp = environ; *cpp; cpp++) { - int reject_it = 0; - - for(p = reject; *p; p++) - if(strncmp(*cpp, *p, strlen(*p)) == 0) { - reject_it = 1; - break; - } - if (reject_it) - continue; - - for(p = accept; *p; p++) - if(strncmp(*cpp, *p, strlen(*p)) == 0) - break; - if(*p != NULL) - *cpp2++ = *cpp; - } - *cpp2 = NULL; -} - - -struct arg_val { - int size; - int argc; - char **argv; -}; - -static void addarg(struct arg_val*, const char*); - -/* - * start_login(host) - * - * Assuming that we are now running as a child processes, this - * function will turn us into the login process. - */ - -void -start_login(const char *host, int autologin, char *name) -{ - struct arg_val argv; - char *user; - int save_errno; - -#ifdef ENCRYPTION - encrypt_output = NULL; - decrypt_input = NULL; -#endif - -#ifdef HAVE_UTMPX_H - { - int pid = getpid(); - struct utmpx utmpx; - struct timeval tv; - char *clean_tty; - - /* - * Create utmp entry for child - */ - - clean_tty = clean_ttyname(line); - memset(&utmpx, 0, sizeof(utmpx)); - strncpy(utmpx.ut_user, ".telnet", sizeof(utmpx.ut_user)); - strncpy(utmpx.ut_line, clean_tty, sizeof(utmpx.ut_line)); -#ifdef HAVE_STRUCT_UTMP_UT_ID - strncpy(utmpx.ut_id, make_id(clean_tty), sizeof(utmpx.ut_id)); -#endif - utmpx.ut_pid = pid; - - utmpx.ut_type = LOGIN_PROCESS; - - gettimeofday (&tv, NULL); - utmpx.ut_tv.tv_sec = tv.tv_sec; - utmpx.ut_tv.tv_usec = tv.tv_usec; - - if (pututxline(&utmpx) == NULL) - fatal(net, "pututxline failed"); - } -#endif - - scrub_env(); - - /* - * -h : pass on name of host. - * WARNING: -h is accepted by login if and only if - * getuid() == 0. - * -p : don't clobber the environment (so terminal type stays set). - * - * -f : force this login, he has already been authenticated - */ - - /* init argv structure */ - argv.size=0; - argv.argc=0; - argv.argv=malloc(0); /*so we can call realloc later */ - addarg(&argv, "login"); - addarg(&argv, "-h"); - addarg(&argv, host); - addarg(&argv, "-p"); - if(name[0]) - user = name; - else - user = getenv("USER"); -#ifdef AUTHENTICATION - if (auth_level < 0 || autologin != AUTH_VALID) { - if(!no_warn) { - printf("User not authenticated. "); - if (require_otp) - printf("Using one-time password\r\n"); - else - printf("Using plaintext username and password\r\n"); - } - if (require_otp) { - addarg(&argv, "-a"); - addarg(&argv, "otp"); - } - if(log_unauth) - syslog(LOG_INFO, "unauthenticated access from %s (%s)", - host, user ? user : "unknown user"); - } - if (auth_level >= 0 && autologin == AUTH_VALID) - addarg(&argv, "-f"); -#endif - if(user){ - addarg(&argv, "--"); - addarg(&argv, strdup(user)); - } - if (getenv("USER")) { - /* - * Assume that login will set the USER variable - * correctly. For SysV systems, this means that - * USER will no longer be set, just LOGNAME by - * login. (The problem is that if the auto-login - * fails, and the user then specifies a different - * account name, he can get logged in with both - * LOGNAME and USER in his environment, but the - * USER value will be wrong. - */ - unsetenv("USER"); - } - closelog(); - /* - * This sleep(1) is in here so that telnetd can - * finish up with the tty. There's a race condition - * the login banner message gets lost... - */ - sleep(1); - - execv(new_login, argv.argv); - save_errno = errno; - syslog(LOG_ERR, "%s: %m", new_login); - fatalperror_errno(net, new_login, save_errno); - /*NOTREACHED*/ -} - -static void -addarg(struct arg_val *argv, const char *val) -{ - if(argv->size <= argv->argc+1) { - argv->argv = realloc(argv->argv, sizeof(char*) * (argv->size + 10)); - if (argv->argv == NULL) - fatal (net, "realloc: out of memory"); - argv->size+=10; - } - if((argv->argv[argv->argc++] = strdup(val)) == NULL) - fatal (net, "strdup: out of memory"); - argv->argv[argv->argc] = NULL; -} - - -/* - * rmut() - * - * This is the function called by cleanup() to - * remove the utmp entry for this person. - */ - -#ifdef HAVE_UTMPX_H -static void -rmut(void) -{ - struct utmpx utmpx, *non_save_utxp; - char *clean_tty = clean_ttyname(line); - - /* - * This updates the utmpx and utmp entries and make a wtmp/x entry - */ - - setutxent(); - memset(&utmpx, 0, sizeof(utmpx)); - strncpy(utmpx.ut_line, clean_tty, sizeof(utmpx.ut_line)); - utmpx.ut_type = LOGIN_PROCESS; - non_save_utxp = getutxline(&utmpx); - if (non_save_utxp) { - struct utmpx *utxp; - struct timeval tv; - char user0; - - utxp = malloc(sizeof(struct utmpx)); - *utxp = *non_save_utxp; - user0 = utxp->ut_user[0]; - utxp->ut_user[0] = '\0'; - utxp->ut_type = DEAD_PROCESS; -#ifdef HAVE_STRUCT_UTMPX_UT_EXIT -#ifdef _STRUCT___EXIT_STATUS - utxp->ut_exit.__e_termination = 0; - utxp->ut_exit.__e_exit = 0; -#elif defined(__osf__) /* XXX */ - utxp->ut_exit.ut_termination = 0; - utxp->ut_exit.ut_exit = 0; -#else - utxp->ut_exit.e_termination = 0; - utxp->ut_exit.e_exit = 0; -#endif -#endif - gettimeofday (&tv, NULL); - utxp->ut_tv.tv_sec = tv.tv_sec; - utxp->ut_tv.tv_usec = tv.tv_usec; - - pututxline(utxp); -#ifdef WTMPX_FILE - utxp->ut_user[0] = user0; - updwtmpx(WTMPX_FILE, utxp); -#elif defined(WTMP_FILE) - /* This is a strange system with a utmpx and a wtmp! */ - { - int f = open(wtmpf, O_WRONLY|O_APPEND); - struct utmp wtmp; - if (f >= 0) { - strncpy(wtmp.ut_line, clean_tty, sizeof(wtmp.ut_line)); - strncpy(wtmp.ut_name, "", sizeof(wtmp.ut_name)); -#ifdef HAVE_STRUCT_UTMP_UT_HOST - strncpy(wtmp.ut_host, "", sizeof(wtmp.ut_host)); -#endif - wtmp.ut_time = time(NULL); - write(f, &wtmp, sizeof(wtmp)); - close(f); - } - } -#endif - free (utxp); - } - endutxent(); -} /* end of rmut */ -#endif - -#if !defined(HAVE_UTMPX_H) && !(defined(_CRAY) || defined(__hpux)) && BSD <= 43 -static void -rmut(void) -{ - int f; - int found = 0; - struct utmp *u, *utmp; - int nutmp; - struct stat statbf; - char *clean_tty = clean_ttyname(line); - - f = open(utmpf, O_RDWR); - if (f >= 0) { - fstat(f, &statbf); - utmp = (struct utmp *)malloc((unsigned)statbf.st_size); - if (!utmp) - syslog(LOG_ERR, "utmp malloc failed"); - if (statbf.st_size && utmp) { - nutmp = read(f, utmp, (int)statbf.st_size); - nutmp /= sizeof(struct utmp); - - for (u = utmp ; u < &utmp[nutmp] ; u++) { - if (strncmp(u->ut_line, - clean_tty, - sizeof(u->ut_line)) || - u->ut_name[0]==0) - continue; - lseek(f, ((long)u)-((long)utmp), L_SET); - strncpy(u->ut_name, "", sizeof(u->ut_name)); -#ifdef HAVE_STRUCT_UTMP_UT_HOST - strncpy(u->ut_host, "", sizeof(u->ut_host)); -#endif - u->ut_time = time(NULL); - write(f, u, sizeof(wtmp)); - found++; - } - } - close(f); - } - if (found) { - f = open(wtmpf, O_WRONLY|O_APPEND); - if (f >= 0) { - strncpy(wtmp.ut_line, clean_tty, sizeof(wtmp.ut_line)); - strncpy(wtmp.ut_name, "", sizeof(wtmp.ut_name)); -#ifdef HAVE_STRUCT_UTMP_UT_HOST - strncpy(wtmp.ut_host, "", sizeof(wtmp.ut_host)); -#endif - wtmp.ut_time = time(NULL); - write(f, &wtmp, sizeof(wtmp)); - close(f); - } - } - chmod(line, 0666); - chown(line, 0, 0); - line[strlen("/dev/")] = 'p'; - chmod(line, 0666); - chown(line, 0, 0); -} /* end of rmut */ -#endif /* CRAY */ - -#if defined(__hpux) && !defined(HAVE_UTMPX_H) -static void -rmut (char *line) -{ - struct utmp utmp; - struct utmp *utptr; - int fd; /* for /etc/wtmp */ - - utmp.ut_type = USER_PROCESS; - strncpy(utmp.ut_line, clean_ttyname(line), sizeof(utmp.ut_line)); - setutent(); - utptr = getutline(&utmp); - /* write it out only if it exists */ - if (utptr) { - utptr->ut_type = DEAD_PROCESS; - utptr->ut_time = time(NULL); - pututline(utptr); - /* set wtmp entry if wtmp file exists */ - if ((fd = open(wtmpf, O_WRONLY | O_APPEND)) >= 0) { - write(fd, utptr, sizeof(utmp)); - close(fd); - } - } - endutent(); - - chmod(line, 0666); - chown(line, 0, 0); - line[14] = line[13]; - line[13] = line[12]; - line[8] = 'm'; - line[9] = '/'; - line[10] = 'p'; - line[11] = 't'; - line[12] = 'y'; - chmod(line, 0666); - chown(line, 0, 0); -} -#endif - -/* - * cleanup() - * - * This is the routine to call when we are all through, to - * clean up anything that needs to be cleaned up. - */ - -#ifdef PARENT_DOES_UTMP - -void -cleanup(int sig) -{ -#ifdef _CRAY - static int incleanup = 0; - int t; - int child_status; /* status of child process as returned by waitpid */ - int flags = WNOHANG|WUNTRACED; - - /* - * 1: Pick up the zombie, if we are being called - * as the signal handler. - * 2: If we are a nested cleanup(), return. - * 3: Try to clean up TMPDIR. - * 4: Fill in utmp with shutdown of process. - * 5: Close down the network and pty connections. - * 6: Finish up the TMPDIR cleanup, if needed. - */ - if (sig == SIGCHLD) { - while (waitpid(-1, &child_status, flags) > 0) - ; /* VOID */ - /* Check if the child process was stopped - * rather than exited. We want cleanup only if - * the child has died. - */ - if (WIFSTOPPED(child_status)) { - return; - } - } - t = sigblock(sigmask(SIGCHLD)); - if (incleanup) { - sigsetmask(t); - return; - } - incleanup = 1; - sigsetmask(t); - - t = cleantmp(&wtmp); - setutent(); /* just to make sure */ -#endif /* CRAY */ - rmut(line); - close(ourpty); - shutdown(net, 2); -#ifdef _CRAY - if (t == 0) - cleantmp(&wtmp); -#endif /* CRAY */ - exit(1); -} - -#else /* PARENT_DOES_UTMP */ - -void -cleanup(int sig) -{ -#if defined(HAVE_UTMPX_H) || !defined(HAVE_LOGWTMP) - rmut(); -#ifdef HAVE_VHANGUP -#ifndef __sgi - vhangup(); /* XXX */ -#endif -#endif -#else - char *p; - - p = line + sizeof("/dev/") - 1; - if (logout(p)) - logwtmp(p, "", ""); - chmod(line, 0666); - chown(line, 0, 0); - *p = 'p'; - chmod(line, 0666); - chown(line, 0, 0); -#endif - shutdown(net, 2); - exit(1); -} - -#endif /* PARENT_DOES_UTMP */ - -#ifdef PARENT_DOES_UTMP -/* - * _utmp_sig_rcv - * utmp_sig_init - * utmp_sig_wait - * These three functions are used to coordinate the handling of - * the utmp file between the server and the soon-to-be-login shell. - * The server actually creates the utmp structure, the child calls - * utmp_sig_wait(), until the server calls utmp_sig_notify() and - * signals the future-login shell to proceed. - */ -static int caught=0; /* NZ when signal intercepted */ -static void (*func)(); /* address of previous handler */ - -void -_utmp_sig_rcv(sig) - int sig; -{ - caught = 1; - signal(SIGUSR1, func); -} - -void -utmp_sig_init() -{ - /* - * register signal handler for UTMP creation - */ - if ((int)(func = signal(SIGUSR1, _utmp_sig_rcv)) == -1) - fatalperror(net, "telnetd/signal"); -} - -void -utmp_sig_reset() -{ - signal(SIGUSR1, func); /* reset handler to default */ -} - -# ifdef __hpux -# define sigoff() /* do nothing */ -# define sigon() /* do nothing */ -# endif - -void -utmp_sig_wait() -{ - /* - * Wait for parent to write our utmp entry. - */ - sigoff(); - while (caught == 0) { - pause(); /* wait until we get a signal (sigon) */ - sigoff(); /* turn off signals while we check caught */ - } - sigon(); /* turn on signals again */ -} - -void -utmp_sig_notify(pid) -{ - kill(pid, SIGUSR1); -} - -#ifdef _CRAY -static int gotsigjob = 0; - - /*ARGSUSED*/ -void -sigjob(sig) - int sig; -{ - int jid; - struct jobtemp *jp; - - while ((jid = waitjob(NULL)) != -1) { - if (jid == 0) { - return; - } - gotsigjob++; - jobend(jid, NULL, NULL); - } -} - -/* - * jid_getutid: - * called by jobend() before calling cleantmp() - * to find the correct $TMPDIR to cleanup. - */ - -struct utmp * -jid_getutid(jid) - int jid; -{ - struct utmp *cur = NULL; - - setutent(); /* just to make sure */ - while (cur = getutent()) { - if ( (cur->ut_type != NULL) && (jid == cur->ut_jid) ) { - return(cur); - } - } - - return(0); -} - -/* - * Clean up the TMPDIR that login created. - * The first time this is called we pick up the info - * from the utmp. If the job has already gone away, - * then we'll clean up and be done. If not, then - * when this is called the second time it will wait - * for the signal that the job is done. - */ -int -cleantmp(wtp) - struct utmp *wtp; -{ - struct utmp *utp; - static int first = 1; - int mask, omask, ret; - extern struct utmp *getutid (const struct utmp *_Id); - - - mask = sigmask(WJSIGNAL); - - if (first == 0) { - omask = sigblock(mask); - while (gotsigjob == 0) - sigpause(omask); - return(1); - } - first = 0; - setutent(); /* just to make sure */ - - utp = getutid(wtp); - if (utp == 0) { - syslog(LOG_ERR, "Can't get /etc/utmp entry to clean TMPDIR"); - return(-1); - } - /* - * Nothing to clean up if the user shell was never started. - */ - if (utp->ut_type != USER_PROCESS || utp->ut_jid == 0) - return(1); - - /* - * Block the WJSIGNAL while we are in jobend(). - */ - omask = sigblock(mask); - ret = jobend(utp->ut_jid, utp->ut_tpath, utp->ut_user); - sigsetmask(omask); - return(ret); -} - -int -jobend(jid, path, user) - int jid; - char *path; - char *user; -{ - static int saved_jid = 0; - static int pty_saved_jid = 0; - static char saved_path[sizeof(wtmp.ut_tpath)+1]; - static char saved_user[sizeof(wtmp.ut_user)+1]; - - /* - * this little piece of code comes into play - * only when ptyreconnect is used to reconnect - * to an previous session. - * - * this is the only time when the - * "saved_jid != jid" code is executed. - */ - - if ( saved_jid && saved_jid != jid ) { - if (!path) { /* called from signal handler */ - pty_saved_jid = jid; - } else { - pty_saved_jid = saved_jid; - } - } - - if (path) { - strlcpy(saved_path, path, sizeof(saved_path)); - strlcpy(saved_user, user, sizeof(saved_user)); - } - if (saved_jid == 0) { - saved_jid = jid; - return(0); - } - - /* if the jid has changed, get the correct entry from the utmp file */ - - if ( saved_jid != jid ) { - struct utmp *utp = NULL; - struct utmp *jid_getutid(); - - utp = jid_getutid(pty_saved_jid); - - if (utp == 0) { - syslog(LOG_ERR, "Can't get /etc/utmp entry to clean TMPDIR"); - return(-1); - } - - cleantmpdir(jid, utp->ut_tpath, utp->ut_user); - return(1); - } - - cleantmpdir(jid, saved_path, saved_user); - return(1); -} - -/* - * Fork a child process to clean up the TMPDIR - */ -cleantmpdir(jid, tpath, user) - int jid; - char *tpath; - char *user; -{ - switch(fork()) { - case -1: - syslog(LOG_ERR, "TMPDIR cleanup(%s): fork() failed: %m\n", - tpath); - break; - case 0: - execl(CLEANTMPCMD, CLEANTMPCMD, user, tpath, NULL); - syslog(LOG_ERR, "TMPDIR cleanup(%s): execl(%s) failed: %m\n", - tpath, CLEANTMPCMD); - exit(1); - default: - /* - * Forget about child. We will exit, and - * /etc/init will pick it up. - */ - break; - } -} -#endif /* CRAY */ -#endif /* defined(PARENT_DOES_UTMP) */ diff --git a/crypto/heimdal/appl/telnet/telnetd/telnetd.8 b/crypto/heimdal/appl/telnet/telnetd/telnetd.8 deleted file mode 100644 index a7dd67024c46..000000000000 --- a/crypto/heimdal/appl/telnet/telnetd/telnetd.8 +++ /dev/null @@ -1,536 +0,0 @@ -.\" Copyright (c) 1983, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)telnetd.8 8.4 (Berkeley) 6/1/94 -.\" -.Dd September 19, 2006 -.Dt TELNETD 8 -.Os BSD 4.2 -.Sh NAME -.Nm telnetd -.Nd DARPA -.Tn TELNET -protocol server -.Sh SYNOPSIS -.Nm telnetd -.Op Fl BeUhkln -.Op Fl D Ar debugmode -.Op Fl S Ar tos -.Op Fl X Ar authtype -.Op Fl a Ar authmode -.Op Fl r Ns Ar lowpty-highpty -.Op Fl u Ar len -.Op Fl debug -.Op Fl L Ar /bin/login -.Op Fl y -.Op Ar port -.Sh DESCRIPTION -The -.Nm telnetd -command is a server which supports the -.Tn DARPA -standard -.Tn TELNET -virtual terminal protocol. -.Nm Telnetd -is normally invoked by the internet server (see -.Xr inetd 8 ) -for requests to connect to the -.Tn TELNET -port as indicated by the -.Pa /etc/services -file (see -.Xr services 5 ) . -The -.Fl debug -option may be used to start up -.Nm telnetd -manually, instead of through -.Xr inetd 8 . -If started up this way, -.Ar port -may be specified to run -.Nm telnetd -on an alternate -.Tn TCP -port number. -.Pp -The -.Nm telnetd -command accepts the following options: -.Bl -tag -width "-a authmode" -.It Fl a Ar authmode -This option may be used for specifying what mode should -be used for authentication. -Note that this option is only useful if -.Nm telnetd -has been compiled with support for the -.Dv AUTHENTICATION -option. -There are several valid values for -.Ar authmode : -.Bl -tag -width debug -.It debug -Turns on authentication debugging code. -.It user -Only allow connections when the remote user -can provide valid authentication information -to identify the remote user, -and is allowed access to the specified account -without providing a password. -.It valid -Only allow connections when the remote user -can provide valid authentication information -to identify the remote user. -The -.Xr login 1 -command will provide any additional user verification -needed if the remote user is not allowed automatic -access to the specified account. -.It other -Only allow connections that supply some authentication information. -This option is currently not supported -by any of the existing authentication mechanisms, -and is thus the same as specifying -.Fl a -.Cm valid . -.It otp -Only allow authenticated connections (as with -.Fl a -.Cm user ) -and also logins with one-time passwords (OTPs). This option will call -login with an option so that only OTPs are accepted. The user can of -course still type secret information at the prompt. -.It none -This is the default state. -Authentication information is not required. -If no or insufficient authentication information -is provided, then the -.Xr login 1 -program will provide the necessary user -verification. -.It off -This disables the authentication code. -All user verification will happen through the -.Xr login 1 -program. -.El -.It Fl B -Ignored. -.It Fl D Ar debugmode -This option may be used for debugging purposes. -This allows -.Nm telnetd -to print out debugging information -to the connection, allowing the user to see what -.Nm telnetd -is doing. -There are several possible values for -.Ar debugmode : -.Bl -tag -width exercise -.It Cm options -Prints information about the negotiation of -.Tn TELNET -options. -.It Cm report -Prints the -.Cm options -information, plus some additional information -about what processing is going on. -.It Cm netdata -Displays the data stream received by -.Nm telnetd . -.It Cm ptydata -Displays data written to the pty. -.It Cm exercise -Has not been implemented yet. -.El -.It Fl e -require encryption to be turned on (in both direction) by the client -and disconnects if the client tries to turn the encryption off (in -either direction). -.It Fl h -Disables the printing of host-specific information before -login has been completed. -.It Fl k -.It Fl l -Ignored. -.It Fl n -Disable -.Dv TCP -keep-alives. Normally -.Nm telnetd -enables the -.Tn TCP -keep-alive mechanism to probe connections that -have been idle for some period of time to determine -if the client is still there, so that idle connections -from machines that have crashed or can no longer -be reached may be cleaned up. -.It Fl r Ar lowpty-highpty -This option is only enabled when -.Nm telnetd -is compiled for -.Dv UNICOS . -It specifies an inclusive range of pseudo-terminal devices to -use. If the system has sysconf variable -.Dv _SC_CRAY_NPTY -configured, the default pty search range is 0 to -.Dv _SC_CRAY_NPTY ; -otherwise, the default range is 0 to 128. Either -.Ar lowpty -or -.Ar highpty -may be omitted to allow changing -either end of the search range. If -.Ar lowpty -is omitted, the - character is still required so that -.Nm telnetd -can differentiate -.Ar highpty -from -.Ar lowpty . -.It Fl S Ar tos -.It Fl u Ar len -This option is used to specify the size of the field -in the -.Dv utmp -structure that holds the remote host name. -If the resolved host name is longer than -.Ar len , -the dotted decimal value will be used instead. -This allows hosts with very long host names that -overflow this field to still be uniquely identified. -Specifying -.Fl u0 -indicates that only dotted decimal addresses -should be put into the -.Pa utmp -file. -.It Fl U -This option causes -.Nm telnetd -to refuse connections from addresses that -cannot be mapped back into a symbolic name -via the -.Xr gethostbyaddr 3 -routine. -.It Fl X Ar authtype -This option is only valid if -.Nm telnetd -has been built with support for the authentication option. -It disables the use of -.Ar authtype -authentication, and -can be used to temporarily disable -a specific authentication type without having to recompile -.Nm telnetd . -.It Fl L Ar pathname -Specify pathname to an alternative login program. -.It Fl y -Makes -.Nm -not warn when a user is trying to login with a cleartext password. -.El -.Pp -.Nm Telnetd -operates by allocating a pseudo-terminal device (see -.Xr pty 4 ) -for a client, then creating a login process which has -the slave side of the pseudo-terminal as -.Dv stdin , -.Dv stdout -and -.Dv stderr . -.Nm Telnetd -manipulates the master side of the pseudo-terminal, -implementing the -.Tn TELNET -protocol and passing characters -between the remote client and the login process. -.Pp -When a -.Tn TELNET -session is started up, -.Nm telnetd -sends -.Tn TELNET -options to the client side indicating -a willingness to do the -following -.Tn TELNET -options, which are described in more detail below: -.Bd -literal -offset indent -DO AUTHENTICATION -WILL ENCRYPT -DO TERMINAL TYPE -DO TSPEED -DO XDISPLOC -DO NEW-ENVIRON -DO ENVIRON -WILL SUPPRESS GO AHEAD -DO ECHO -DO LINEMODE -DO NAWS -WILL STATUS -DO LFLOW -DO TIMING-MARK -.Ed -.Pp -The pseudo-terminal allocated to the client is configured -to operate in -.Dq cooked -mode, and with -.Dv XTABS and -.Dv CRMOD -enabled (see -.Xr tty 4 ) . -.Pp -.Nm Telnetd -has support for enabling locally the following -.Tn TELNET -options: -.Bl -tag -width "DO AUTHENTICATION" -.It "WILL ECHO" -When the -.Dv LINEMODE -option is enabled, a -.Dv WILL ECHO -or -.Dv WONT ECHO -will be sent to the client to indicate the -current state of terminal echoing. -When terminal echo is not desired, a -.Dv WILL ECHO -is sent to indicate that -.Tn telnetd -will take care of echoing any data that needs to be -echoed to the terminal, and then nothing is echoed. -When terminal echo is desired, a -.Dv WONT ECHO -is sent to indicate that -.Tn telnetd -will not be doing any terminal echoing, so the -client should do any terminal echoing that is needed. -.It "WILL BINARY" -Indicates that the client is willing to send a -8 bits of data, rather than the normal 7 bits -of the Network Virtual Terminal. -.It "WILL SGA" -Indicates that it will not be sending -.Dv IAC GA , -go ahead, commands. -.It "WILL STATUS" -Indicates a willingness to send the client, upon -request, of the current status of all -.Tn TELNET -options. -.It "WILL TIMING-MARK" -Whenever a -.Dv DO TIMING-MARK -command is received, it is always responded -to with a -.Dv WILL TIMING-MARK -.It "WILL LOGOUT" -When a -.Dv DO LOGOUT -is received, a -.Dv WILL LOGOUT -is sent in response, and the -.Tn TELNET -session is shut down. -.It "WILL ENCRYPT" -Only sent if -.Nm telnetd -is compiled with support for data encryption, and -indicates a willingness to decrypt -the data stream. -.El -.Pp -.Nm Telnetd -has support for enabling remotely the following -.Tn TELNET -options: -.Bl -tag -width "DO AUTHENTICATION" -.It "DO BINARY" -Sent to indicate that -.Tn telnetd -is willing to receive an 8 bit data stream. -.It "DO LFLOW" -Requests that the client handle flow control -characters remotely. -.It "DO ECHO" -This is not really supported, but is sent to identify a 4.2BSD -.Xr telnet 1 -client, which will improperly respond with -.Dv WILL ECHO . -If a -.Dv WILL ECHO -is received, a -.Dv DONT ECHO -will be sent in response. -.It "DO TERMINAL-TYPE" -Indicates a desire to be able to request the -name of the type of terminal that is attached -to the client side of the connection. -.It "DO SGA" -Indicates that it does not need to receive -.Dv IAC GA , -the go ahead command. -.It "DO NAWS" -Requests that the client inform the server when -the window (display) size changes. -.It "DO TERMINAL-SPEED" -Indicates a desire to be able to request information -about the speed of the serial line to which -the client is attached. -.It "DO XDISPLOC" -Indicates a desire to be able to request the name -of the X windows display that is associated with -the telnet client. -.It "DO NEW-ENVIRON" -Indicates a desire to be able to request environment -variable information, as described in RFC 1572. -.It "DO ENVIRON" -Indicates a desire to be able to request environment -variable information, as described in RFC 1408. -.It "DO LINEMODE" -Only sent if -.Nm telnetd -is compiled with support for linemode, and -requests that the client do line by line processing. -.It "DO TIMING-MARK" -Only sent if -.Nm telnetd -is compiled with support for both linemode and -kludge linemode, and the client responded with -.Dv WONT LINEMODE . -If the client responds with -.Dv WILL TM , -the it is assumed that the client supports -kludge linemode. -Note that the -.Op Fl k -option can be used to disable this. -.It "DO AUTHENTICATION" -Only sent if -.Nm telnetd -is compiled with support for authentication, and -indicates a willingness to receive authentication -information for automatic login. -.It "DO ENCRYPT" -Only sent if -.Nm telnetd -is compiled with support for data encryption, and -indicates a willingness to decrypt -the data stream. -.El -.Sh FILES -.Bl -tag -width /etc/services -compact -.It Pa /etc/services -.It Pa /etc/inittab -(UNICOS systems only) -.It Pa /etc/iptos -(if supported) -.El -.Sh "SEE ALSO" -.Xr telnet 1 , -.Xr login 1 -.Sh STANDARDS -.Bl -tag -compact -width RFC-1572 -.It Cm RFC-854 -.Tn TELNET -PROTOCOL SPECIFICATION -.It Cm RFC-855 -TELNET OPTION SPECIFICATIONS -.It Cm RFC-856 -TELNET BINARY TRANSMISSION -.It Cm RFC-857 -TELNET ECHO OPTION -.It Cm RFC-858 -TELNET SUPPRESS GO AHEAD OPTION -.It Cm RFC-859 -TELNET STATUS OPTION -.It Cm RFC-860 -TELNET TIMING MARK OPTION -.It Cm RFC-861 -TELNET EXTENDED OPTIONS - LIST OPTION -.It Cm RFC-885 -TELNET END OF RECORD OPTION -.It Cm RFC-1073 -Telnet Window Size Option -.It Cm RFC-1079 -Telnet Terminal Speed Option -.It Cm RFC-1091 -Telnet Terminal-Type Option -.It Cm RFC-1096 -Telnet X Display Location Option -.It Cm RFC-1123 -Requirements for Internet Hosts -- Application and Support -.It Cm RFC-1184 -Telnet Linemode Option -.It Cm RFC-1372 -Telnet Remote Flow Control Option -.It Cm RFC-1416 -Telnet Authentication Option -.It Cm RFC-1411 -Telnet Authentication: Kerberos Version 4 -.It Cm RFC-1412 -Telnet Authentication: SPX -.It Cm RFC-1571 -Telnet Environment Option Interoperability Issues -.It Cm RFC-1572 -Telnet Environment Option -.El -.Sh BUGS -Some -.Tn TELNET -commands are only partially implemented. -.Pp -Because of bugs in the original 4.2 BSD -.Xr telnet 1 , -.Nm telnetd -performs some dubious protocol exchanges to try to discover if the remote -client is, in fact, a 4.2 BSD -.Xr telnet 1 . -.Pp -Binary mode -has no common interpretation except between similar operating systems -(Unix in this case). -.Pp -The terminal type name received from the remote client is converted to -lower case. -.Pp -.Nm Telnetd -never sends -.Tn TELNET -.Dv IAC GA -(go ahead) commands. diff --git a/crypto/heimdal/appl/telnet/telnetd/telnetd.c b/crypto/heimdal/appl/telnet/telnetd/telnetd.c deleted file mode 100644 index 033a0bffc3e1..000000000000 --- a/crypto/heimdal/appl/telnet/telnetd/telnetd.c +++ /dev/null @@ -1,1401 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnetd.h" - -RCSID("$Id: telnetd.c 21748 2007-07-31 18:57:20Z lha $"); - -#ifdef _SC_CRAY_SECURE_SYS -#include -#include -#include -#include -int secflag; -char tty_dev[16]; -struct secdev dv; -struct sysv sysv; -struct socksec ss; -#endif /* _SC_CRAY_SECURE_SYS */ - -#ifdef AUTHENTICATION -int auth_level = 0; -#endif - -#ifdef KRB5 -#define Authenticator k5_Authenticator -#include -#undef Authenticator -#endif - -extern int utmp_len; -int registerd_host_only = 0; -#ifdef ENCRYPTION -int require_encryption = 0; -#endif - -#ifdef STREAMSPTY - -#ifdef _AIX -#include -#endif -# ifdef HAVE_SYS_STRTTY_H -# include -# endif -# ifdef HAVE_SYS_STR_TTY_H -# include -# endif -/* make sure we don't get the bsd version */ -/* what is this here for? solaris? /joda */ -# ifdef HAVE_SYS_TTY_H -# include "/usr/include/sys/tty.h" -# endif -# ifdef HAVE_SYS_PTYVAR_H -# include -# endif - -/* - * Because of the way ptyibuf is used with streams messages, we need - * ptyibuf+1 to be on a full-word boundary. The following wierdness - * is simply to make that happen. - */ -long ptyibufbuf[BUFSIZ/sizeof(long)+1]; -char *ptyibuf = ((char *)&ptyibufbuf[1])-1; -char *ptyip = ((char *)&ptyibufbuf[1])-1; -char ptyibuf2[BUFSIZ]; -unsigned char ctlbuf[BUFSIZ]; -struct strbuf strbufc, strbufd; - -int readstream(int, char*, int); - -#else /* ! STREAMPTY */ - -/* - * I/O data buffers, - * pointers, and counters. - */ -char ptyibuf[BUFSIZ], *ptyip = ptyibuf; -char ptyibuf2[BUFSIZ]; - -#endif /* ! STREAMPTY */ - -int hostinfo = 1; /* do we print login banner? */ - -#ifdef _CRAY -extern int newmap; /* nonzero if \n maps to ^M^J */ -int lowpty = 0, highpty; /* low, high pty numbers */ -#endif /* CRAY */ - -int debug = 0; -int keepalive = 1; -char *progname; - -static void usage (int error_code); - -/* - * The string to pass to getopt(). We do it this way so - * that only the actual options that we support will be - * passed off to getopt(). - */ -char valid_opts[] = "Bd:hklnS:u:UL:y" -#ifdef AUTHENTICATION - "a:X:z" -#endif -#ifdef ENCRYPTION - "e" -#endif -#ifdef DIAGNOSTICS - "D:" -#endif -#ifdef _CRAY - "r:" -#endif - ; - -static void doit(struct sockaddr*, int); - -int -main(int argc, char **argv) -{ - struct sockaddr_storage __ss; - struct sockaddr *sa = (struct sockaddr *)&__ss; - int on = 1; - socklen_t sa_size; - int ch; -#if defined(IPPROTO_IP) && defined(IP_TOS) - int tos = -1; -#endif - pfrontp = pbackp = ptyobuf; - netip = netibuf; - nfrontp = nbackp = netobuf; - - setprogname(argv[0]); - - progname = *argv; -#ifdef ENCRYPTION - nclearto = 0; -#endif - -#ifdef _CRAY - /* - * Get number of pty's before trying to process options, - * which may include changing pty range. - */ - highpty = getnpty(); -#endif /* CRAY */ - - if (argc == 2 && strcmp(argv[1], "--version") == 0) { - print_version(NULL); - exit(0); - } - if (argc == 2 && strcmp(argv[1], "--help") == 0) - usage(0); - - while ((ch = getopt(argc, argv, valid_opts)) != -1) { - switch(ch) { - -#ifdef AUTHENTICATION - case 'a': - /* - * Check for required authentication level - */ - if (strcmp(optarg, "debug") == 0) { - auth_debug_mode = 1; - } else if (strcasecmp(optarg, "none") == 0) { - auth_level = 0; - } else if (strcasecmp(optarg, "otp") == 0) { - auth_level = 0; - require_otp = 1; - } else if (strcasecmp(optarg, "other") == 0) { - auth_level = AUTH_OTHER; - } else if (strcasecmp(optarg, "user") == 0) { - auth_level = AUTH_USER; - } else if (strcasecmp(optarg, "valid") == 0) { - auth_level = AUTH_VALID; - } else if (strcasecmp(optarg, "off") == 0) { - /* - * This hack turns off authentication - */ - auth_level = -1; - } else { - fprintf(stderr, - "telnetd: unknown authorization level for -a\n"); - } - break; -#endif /* AUTHENTICATION */ - - case 'B': /* BFTP mode is not supported any more */ - break; - case 'd': - if (strcmp(optarg, "ebug") == 0) { - debug++; - break; - } - usage(1); - /* NOTREACHED */ - break; - -#ifdef DIAGNOSTICS - case 'D': - /* - * Check for desired diagnostics capabilities. - */ - if (!strcmp(optarg, "report")) { - diagnostic |= TD_REPORT|TD_OPTIONS; - } else if (!strcmp(optarg, "exercise")) { - diagnostic |= TD_EXERCISE; - } else if (!strcmp(optarg, "netdata")) { - diagnostic |= TD_NETDATA; - } else if (!strcmp(optarg, "ptydata")) { - diagnostic |= TD_PTYDATA; - } else if (!strcmp(optarg, "options")) { - diagnostic |= TD_OPTIONS; - } else { - usage(1); - /* NOT REACHED */ - } - break; -#endif /* DIAGNOSTICS */ - -#ifdef ENCRYPTION - case 'e': - require_encryption = 1; - break; -#endif - - case 'h': - hostinfo = 0; - break; - - case 'k': /* Linemode is not supported any more */ - case 'l': - break; - - case 'n': - keepalive = 0; - break; - -#ifdef _CRAY - case 'r': - { - char *strchr(); - char *c; - - /* - * Allow the specification of alterations - * to the pty search range. It is legal to - * specify only one, and not change the - * other from its default. - */ - c = strchr(optarg, '-'); - if (c) { - *c++ = '\0'; - highpty = atoi(c); - } - if (*optarg != '\0') - lowpty = atoi(optarg); - if ((lowpty > highpty) || (lowpty < 0) || - (highpty > 32767)) { - usage(1); - /* NOT REACHED */ - } - break; - } -#endif /* CRAY */ - - case 'S': -#ifdef HAVE_PARSETOS - if ((tos = parsetos(optarg, "tcp")) < 0) - fprintf(stderr, "%s%s%s\n", - "telnetd: Bad TOS argument '", optarg, - "'; will try to use default TOS"); -#else - fprintf(stderr, "%s%s\n", "TOS option unavailable; ", - "-S flag not supported\n"); -#endif - break; - - case 'u': { - char *eptr; - - utmp_len = strtol(optarg, &eptr, 0); - if (optarg == eptr) - fprintf(stderr, "telnetd: unknown utmp len (%s)\n", optarg); - break; - } - - case 'U': - registerd_host_only = 1; - break; - -#ifdef AUTHENTICATION - case 'X': - /* - * Check for invalid authentication types - */ - auth_disable_name(optarg); - break; -#endif - case 'y': - no_warn = 1; - break; -#ifdef AUTHENTICATION - case 'z': - log_unauth = 1; - break; - -#endif /* AUTHENTICATION */ - - case 'L': - new_login = optarg; - break; - - default: - fprintf(stderr, "telnetd: %c: unknown option\n", ch); - /* FALLTHROUGH */ - case '?': - usage(0); - /* NOTREACHED */ - } - } - - argc -= optind; - argv += optind; - - if (debug) { - int port = 0; - struct servent *sp; - - if (argc > 1) { - usage (1); - } else if (argc == 1) { - sp = roken_getservbyname (*argv, "tcp"); - if (sp) - port = sp->s_port; - else - port = htons(atoi(*argv)); - } else { -#ifdef KRB5 - port = krb5_getportbyname (NULL, "telnet", "tcp", 23); -#else - port = k_getportbyname("telnet", "tcp", htons(23)); -#endif - } - mini_inetd (port); - } else if (argc > 0) { - usage(1); - /* NOT REACHED */ - } - -#ifdef _SC_CRAY_SECURE_SYS - secflag = sysconf(_SC_CRAY_SECURE_SYS); - - /* - * Get socket's security label - */ - if (secflag) { - socklen_t szss = sizeof(ss); - int sock_multi; - socklen_t szi = sizeof(int); - - memset(&dv, 0, sizeof(dv)); - - if (getsysv(&sysv, sizeof(struct sysv)) != 0) - fatalperror(net, "getsysv"); - - /* - * Get socket security label and set device values - * {security label to be set on ttyp device} - */ -#ifdef SO_SEC_MULTI /* 8.0 code */ - if ((getsockopt(0, SOL_SOCKET, SO_SECURITY, - (void *)&ss, &szss) < 0) || - (getsockopt(0, SOL_SOCKET, SO_SEC_MULTI, - (void *)&sock_multi, &szi) < 0)) - fatalperror(net, "getsockopt"); - else { - dv.dv_actlvl = ss.ss_actlabel.lt_level; - dv.dv_actcmp = ss.ss_actlabel.lt_compart; - if (!sock_multi) { - dv.dv_minlvl = dv.dv_maxlvl = dv.dv_actlvl; - dv.dv_valcmp = dv.dv_actcmp; - } else { - dv.dv_minlvl = ss.ss_minlabel.lt_level; - dv.dv_maxlvl = ss.ss_maxlabel.lt_level; - dv.dv_valcmp = ss.ss_maxlabel.lt_compart; - } - dv.dv_devflg = 0; - } -#else /* SO_SEC_MULTI */ /* 7.0 code */ - if (getsockopt(0, SOL_SOCKET, SO_SECURITY, - (void *)&ss, &szss) >= 0) { - dv.dv_actlvl = ss.ss_slevel; - dv.dv_actcmp = ss.ss_compart; - dv.dv_minlvl = ss.ss_minlvl; - dv.dv_maxlvl = ss.ss_maxlvl; - dv.dv_valcmp = ss.ss_maxcmp; - } -#endif /* SO_SEC_MULTI */ - } -#endif /* _SC_CRAY_SECURE_SYS */ - - roken_openlog("telnetd", LOG_PID | LOG_ODELAY, LOG_DAEMON); - sa_size = sizeof (__ss); - if (getpeername(STDIN_FILENO, sa, &sa_size) < 0) { - fprintf(stderr, "%s: ", progname); - perror("getpeername"); - _exit(1); - } - if (keepalive && - setsockopt(STDIN_FILENO, SOL_SOCKET, SO_KEEPALIVE, - (void *)&on, sizeof (on)) < 0) { - syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m"); - } - -#if defined(IPPROTO_IP) && defined(IP_TOS) && defined(HAVE_SETSOCKOPT) - { -# ifdef HAVE_GETTOSBYNAME - struct tosent *tp; - if (tos < 0 && (tp = gettosbyname("telnet", "tcp"))) - tos = tp->t_tos; -# endif - if (tos < 0) - tos = 020; /* Low Delay bit */ - if (tos - && sa->sa_family == AF_INET - && (setsockopt(STDIN_FILENO, IPPROTO_IP, IP_TOS, - (void *)&tos, sizeof(tos)) < 0) - && (errno != ENOPROTOOPT) ) - syslog(LOG_WARNING, "setsockopt (IP_TOS): %m"); - } -#endif /* defined(IPPROTO_IP) && defined(IP_TOS) */ - net = STDIN_FILENO; - doit(sa, sa_size); - /* NOTREACHED */ - return 0; -} /* end of main */ - -static void -usage(int exit_code) -{ - fprintf(stderr, "Usage: telnetd"); - fprintf(stderr, " [--help]"); - fprintf(stderr, " [--version]"); -#ifdef AUTHENTICATION - fprintf(stderr, " [-a (debug|other|otp|user|valid|off|none)]\n\t"); -#endif - fprintf(stderr, " [-debug]"); -#ifdef DIAGNOSTICS - fprintf(stderr, " [-D (options|report|exercise|netdata|ptydata)]\n\t"); -#endif -#ifdef AUTHENTICATION - fprintf(stderr, " [-edebug]"); -#endif - fprintf(stderr, " [-h]"); - fprintf(stderr, " [-L login]"); - fprintf(stderr, " [-n]"); -#ifdef _CRAY - fprintf(stderr, " [-r[lowpty]-[highpty]]"); -#endif - fprintf(stderr, "\n\t"); -#ifdef HAVE_GETTOSBYNAME - fprintf(stderr, " [-S tos]"); -#endif -#ifdef AUTHENTICATION - fprintf(stderr, " [-X auth-type] [-y] [-z]"); -#endif - fprintf(stderr, " [-u utmp_hostname_length] [-U]"); - fprintf(stderr, " [port]\n"); - exit(exit_code); -} - -/* - * getterminaltype - * - * Ask the other end to send along its terminal type and speed. - * Output is the variable terminaltype filled in. - */ -static unsigned char ttytype_sbbuf[] = { - IAC, SB, TELOPT_TTYPE, TELQUAL_SEND, IAC, SE -}; - -int -getterminaltype(char *name, size_t name_sz) -{ - int retval = -1; - - settimer(baseline); -#ifdef AUTHENTICATION - /* - * Handle the Authentication option before we do anything else. - */ - send_do(TELOPT_AUTHENTICATION, 1); - while (his_will_wont_is_changing(TELOPT_AUTHENTICATION)) - ttloop(); - if (his_state_is_will(TELOPT_AUTHENTICATION)) { - retval = auth_wait(name, name_sz); - } -#endif - -#ifdef ENCRYPTION - send_will(TELOPT_ENCRYPT, 1); - send_do(TELOPT_ENCRYPT, 1); /* esc@magic.fi */ -#endif - send_do(TELOPT_TTYPE, 1); - send_do(TELOPT_TSPEED, 1); - send_do(TELOPT_XDISPLOC, 1); - send_do(TELOPT_NEW_ENVIRON, 1); - send_do(TELOPT_OLD_ENVIRON, 1); - while ( -#ifdef ENCRYPTION - his_do_dont_is_changing(TELOPT_ENCRYPT) || -#endif - his_will_wont_is_changing(TELOPT_TTYPE) || - his_will_wont_is_changing(TELOPT_TSPEED) || - his_will_wont_is_changing(TELOPT_XDISPLOC) || - his_will_wont_is_changing(TELOPT_NEW_ENVIRON) || - his_will_wont_is_changing(TELOPT_OLD_ENVIRON)) { - ttloop(); - } -#ifdef ENCRYPTION - /* - * Wait for the negotiation of what type of encryption we can - * send with. If autoencrypt is not set, this will just return. - */ - if (his_state_is_will(TELOPT_ENCRYPT)) { - encrypt_wait(); - } - if (require_encryption) { - - while (encrypt_delay()) - if (telnet_spin()) - fatal(net, "Failed while waiting for encryption"); - - if (!encrypt_is_encrypting()) - fatal(net, "Encryption required but not turned on by client"); - } -#endif - if (his_state_is_will(TELOPT_TSPEED)) { - static unsigned char sb[] = - { IAC, SB, TELOPT_TSPEED, TELQUAL_SEND, IAC, SE }; - - telnet_net_write (sb, sizeof sb); - DIAG(TD_OPTIONS, printsub('>', sb + 2, sizeof sb - 2);); - } - if (his_state_is_will(TELOPT_XDISPLOC)) { - static unsigned char sb[] = - { IAC, SB, TELOPT_XDISPLOC, TELQUAL_SEND, IAC, SE }; - - telnet_net_write (sb, sizeof sb); - DIAG(TD_OPTIONS, printsub('>', sb + 2, sizeof sb - 2);); - } - if (his_state_is_will(TELOPT_NEW_ENVIRON)) { - static unsigned char sb[] = - { IAC, SB, TELOPT_NEW_ENVIRON, TELQUAL_SEND, IAC, SE }; - - telnet_net_write (sb, sizeof sb); - DIAG(TD_OPTIONS, printsub('>', sb + 2, sizeof sb - 2);); - } - else if (his_state_is_will(TELOPT_OLD_ENVIRON)) { - static unsigned char sb[] = - { IAC, SB, TELOPT_OLD_ENVIRON, TELQUAL_SEND, IAC, SE }; - - telnet_net_write (sb, sizeof sb); - DIAG(TD_OPTIONS, printsub('>', sb + 2, sizeof sb - 2);); - } - if (his_state_is_will(TELOPT_TTYPE)) { - - telnet_net_write (ttytype_sbbuf, sizeof ttytype_sbbuf); - DIAG(TD_OPTIONS, printsub('>', ttytype_sbbuf + 2, - sizeof ttytype_sbbuf - 2);); - } - if (his_state_is_will(TELOPT_TSPEED)) { - while (sequenceIs(tspeedsubopt, baseline)) - ttloop(); - } - if (his_state_is_will(TELOPT_XDISPLOC)) { - while (sequenceIs(xdisplocsubopt, baseline)) - ttloop(); - } - if (his_state_is_will(TELOPT_NEW_ENVIRON)) { - while (sequenceIs(environsubopt, baseline)) - ttloop(); - } - if (his_state_is_will(TELOPT_OLD_ENVIRON)) { - while (sequenceIs(oenvironsubopt, baseline)) - ttloop(); - } - if (his_state_is_will(TELOPT_TTYPE)) { - char first[256], last[256]; - - while (sequenceIs(ttypesubopt, baseline)) - ttloop(); - - /* - * If the other side has already disabled the option, then - * we have to just go with what we (might) have already gotten. - */ - if (his_state_is_will(TELOPT_TTYPE) && !terminaltypeok(terminaltype)) { - strlcpy(first, terminaltype, sizeof(first)); - for(;;) { - /* - * Save the unknown name, and request the next name. - */ - strlcpy(last, terminaltype, sizeof(last)); - _gettermname(); - if (terminaltypeok(terminaltype)) - break; - if ((strncmp(last, terminaltype, sizeof(last)) == 0) || - his_state_is_wont(TELOPT_TTYPE)) { - /* - * We've hit the end. If this is the same as - * the first name, just go with it. - */ - if (strncmp(first, terminaltype, sizeof(first)) == 0) - break; - /* - * Get the terminal name one more time, so that - * RFC1091 compliant telnets will cycle back to - * the start of the list. - */ - _gettermname(); - if (strncmp(first, terminaltype, sizeof(first)) != 0) - strlcpy(terminaltype, first, sizeof(terminaltype)); - break; - } - } - } - } - return(retval); -} /* end of getterminaltype */ - -void -_gettermname(void) -{ - /* - * If the client turned off the option, - * we can't send another request, so we - * just return. - */ - if (his_state_is_wont(TELOPT_TTYPE)) - return; - settimer(baseline); - telnet_net_write (ttytype_sbbuf, sizeof ttytype_sbbuf); - DIAG(TD_OPTIONS, printsub('>', ttytype_sbbuf + 2, - sizeof ttytype_sbbuf - 2);); - while (sequenceIs(ttypesubopt, baseline)) - ttloop(); -} - -int -terminaltypeok(char *s) -{ - return 1; -} - - -char host_name[MaxHostNameLen]; -char remote_host_name[MaxHostNameLen]; -char remote_utmp_name[MaxHostNameLen]; - -/* - * Get a pty, scan input lines. - */ -static void -doit(struct sockaddr *who, int who_len) -{ - int level; - int ptynum; - char user_name[256]; - int error; - - /* - * Find an available pty to use. - */ - ourpty = getpty(&ptynum); - if (ourpty < 0) - fatal(net, "All network ports in use"); - -#ifdef _SC_CRAY_SECURE_SYS - /* - * set ttyp line security label - */ - if (secflag) { - char slave_dev[16]; - - snprintf(tty_dev, sizeof(tty_dev), "/dev/pty/%03d", ptynum); - if (setdevs(tty_dev, &dv) < 0) - fatal(net, "cannot set pty security"); - snprintf(slave_dev, sizeof(slave_dev), "/dev/ttyp%03d", ptynum); - if (setdevs(slave_dev, &dv) < 0) - fatal(net, "cannot set tty security"); - } -#endif /* _SC_CRAY_SECURE_SYS */ - - error = getnameinfo_verified (who, who_len, - remote_host_name, - sizeof(remote_host_name), - NULL, 0, - registerd_host_only ? NI_NAMEREQD : 0); - if (error) - fatal(net, "Couldn't resolve your address into a host name.\r\n\ -Please contact your net administrator"); - - gethostname(host_name, sizeof (host_name)); - - strlcpy (remote_utmp_name, remote_host_name, sizeof(remote_utmp_name)); - - /* Only trim if too long (and possible) */ - if (strlen(remote_utmp_name) > utmp_len) { - char *domain = strchr(host_name, '.'); - char *p = strchr(remote_utmp_name, '.'); - if (domain != NULL && p != NULL && (strcmp(p, domain) == 0)) - *p = '\0'; /* remove domain part */ - } - - /* - * If hostname still doesn't fit utmp, use ipaddr. - */ - if (strlen(remote_utmp_name) > utmp_len) { - error = getnameinfo (who, who_len, - remote_utmp_name, - sizeof(remote_utmp_name), - NULL, 0, - NI_NUMERICHOST); - if (error) - fatal(net, "Couldn't get numeric address\r\n"); - } - -#ifdef AUTHENTICATION - auth_encrypt_init(host_name, remote_host_name, "TELNETD", 1); -#endif - - init_env(); - - /* begin server processing */ - - /* - * Initialize the slc mapping table. - */ - - get_slc_defaults(); - - /* - * get terminal type. - */ - *user_name = 0; - level = getterminaltype(user_name, sizeof(user_name)); - esetenv("TERM", terminaltype[0] ? terminaltype : "network", 1); - -#ifdef _SC_CRAY_SECURE_SYS - if (secflag) { - if (setulvl(dv.dv_actlvl) < 0) - fatal(net,"cannot setulvl()"); - if (setucmp(dv.dv_actcmp) < 0) - fatal(net, "cannot setucmp()"); - } -#endif /* _SC_CRAY_SECURE_SYS */ - - my_telnet(net, ourpty, remote_host_name, remote_utmp_name, - level, user_name); - /*NOTREACHED*/ -} /* end of doit */ - -/* output contents of /etc/issue.net, or /etc/issue */ -static void -show_issue(void) -{ - FILE *f; - char buf[128]; - f = fopen(SYSCONFDIR "/issue.net", "r"); - if(f == NULL) - f = fopen(SYSCONFDIR "/issue", "r"); - if(f){ - while(fgets(buf, sizeof(buf), f) != NULL) { - size_t len = strcspn(buf, "\r\n"); - if(len == strlen(buf)) { - /* there's no newline */ - writenet(buf, len); - } else { - /* replace newline with \r\n */ - buf[len] = '\0'; - writenet(buf, len); - writenet("\r\n", 2); - } - } - fclose(f); - } -} - -/* - * Main loop. Select from pty and network, and - * hand data to telnet receiver finite state machine. - */ -void -my_telnet(int f, int p, const char *host, const char *utmp_host, - int level, char *autoname) -{ - int on = 1; - char *he; - char *IM; - int nfd; - int startslave_called = 0; - time_t timeout; - - /* - * Do some tests where it is desireable to wait for a response. - * Rather than doing them slowly, one at a time, do them all - * at once. - */ - if (my_state_is_wont(TELOPT_SGA)) - send_will(TELOPT_SGA, 1); - /* - * Is the client side a 4.2 (NOT 4.3) system? We need to know this - * because 4.2 clients are unable to deal with TCP urgent data. - * - * To find out, we send out a "DO ECHO". If the remote system - * answers "WILL ECHO" it is probably a 4.2 client, and we note - * that fact ("WILL ECHO" ==> that the client will echo what - * WE, the server, sends it; it does NOT mean that the client will - * echo the terminal input). - */ - send_do(TELOPT_ECHO, 1); - - /* - * Send along a couple of other options that we wish to negotiate. - */ - send_do(TELOPT_NAWS, 1); - send_will(TELOPT_STATUS, 1); - flowmode = 1; /* default flow control state */ - restartany = -1; /* uninitialized... */ - send_do(TELOPT_LFLOW, 1); - - /* - * Spin, waiting for a response from the DO ECHO. However, - * some REALLY DUMB telnets out there might not respond - * to the DO ECHO. So, we spin looking for NAWS, (most dumb - * telnets so far seem to respond with WONT for a DO that - * they don't understand...) because by the time we get the - * response, it will already have processed the DO ECHO. - * Kludge upon kludge. - */ - while (his_will_wont_is_changing(TELOPT_NAWS)) - ttloop(); - - /* - * But... - * The client might have sent a WILL NAWS as part of its - * startup code; if so, we'll be here before we get the - * response to the DO ECHO. We'll make the assumption - * that any implementation that understands about NAWS - * is a modern enough implementation that it will respond - * to our DO ECHO request; hence we'll do another spin - * waiting for the ECHO option to settle down, which is - * what we wanted to do in the first place... - */ - if (his_want_state_is_will(TELOPT_ECHO) && - his_state_is_will(TELOPT_NAWS)) { - while (his_will_wont_is_changing(TELOPT_ECHO)) - ttloop(); - } - /* - * On the off chance that the telnet client is broken and does not - * respond to the DO ECHO we sent, (after all, we did send the - * DO NAWS negotiation after the DO ECHO, and we won't get here - * until a response to the DO NAWS comes back) simulate the - * receipt of a will echo. This will also send a WONT ECHO - * to the client, since we assume that the client failed to - * respond because it believes that it is already in DO ECHO - * mode, which we do not want. - */ - if (his_want_state_is_will(TELOPT_ECHO)) { - DIAG(TD_OPTIONS, - {output_data("td: simulating recv\r\n"); - }); - willoption(TELOPT_ECHO); - } - - /* - * Finally, to clean things up, we turn on our echo. This - * will break stupid 4.2 telnets out of local terminal echo. - */ - - if (my_state_is_wont(TELOPT_ECHO)) - send_will(TELOPT_ECHO, 1); - -#ifdef TIOCPKT -#ifdef STREAMSPTY - if (!really_stream) -#endif - /* - * Turn on packet mode - */ - ioctl(p, TIOCPKT, (char *)&on); -#endif - - - /* - * Call telrcv() once to pick up anything received during - * terminal type negotiation, 4.2/4.3 determination, and - * linemode negotiation. - */ - telrcv(); - - ioctl(f, FIONBIO, (char *)&on); - ioctl(p, FIONBIO, (char *)&on); - -#if defined(SO_OOBINLINE) && defined(HAVE_SETSOCKOPT) - setsockopt(net, SOL_SOCKET, SO_OOBINLINE, - (void *)&on, sizeof on); -#endif /* defined(SO_OOBINLINE) */ - -#ifdef SIGTSTP - signal(SIGTSTP, SIG_IGN); -#endif -#ifdef SIGTTOU - /* - * Ignoring SIGTTOU keeps the kernel from blocking us - * in ttioct() in /sys/tty.c. - */ - signal(SIGTTOU, SIG_IGN); -#endif - - signal(SIGCHLD, cleanup); - -#ifdef TIOCNOTTY - { - int t; - t = open(_PATH_TTY, O_RDWR); - if (t >= 0) { - ioctl(t, TIOCNOTTY, (char *)0); - close(t); - } - } -#endif - - show_issue(); - /* - * Show banner that getty never gave. - * - * We put the banner in the pty input buffer. This way, it - * gets carriage return null processing, etc., just like all - * other pty --> client data. - */ - - if (getenv("USER")) - hostinfo = 0; - - IM = DEFAULT_IM; - he = 0; - edithost(he, host_name); - if (hostinfo && *IM) - putf(IM, ptyibuf2); - - if (pcc) - strncat(ptyibuf2, ptyip, pcc+1); - ptyip = ptyibuf2; - pcc = strlen(ptyip); - - DIAG(TD_REPORT, { - output_data("td: Entering processing loop\r\n"); - }); - - - nfd = ((f > p) ? f : p) + 1; - timeout = time(NULL) + 5; - for (;;) { - fd_set ibits, obits, xbits; - int c; - - /* wait for encryption to be turned on, but don't wait - indefinitely */ - if(!startslave_called && (!encrypt_delay() || timeout > time(NULL))){ - startslave_called = 1; - startslave(host, utmp_host, level, autoname); - } - - if (ncc < 0 && pcc < 0) - break; - - FD_ZERO(&ibits); - FD_ZERO(&obits); - FD_ZERO(&xbits); - - if (f >= FD_SETSIZE - || p >= FD_SETSIZE) - fatal(net, "fd too large"); - - /* - * Never look for input if there's still - * stuff in the corresponding output buffer - */ - if (nfrontp - nbackp || pcc > 0) { - FD_SET(f, &obits); - } else { - FD_SET(p, &ibits); - } - if (pfrontp - pbackp || ncc > 0) { - FD_SET(p, &obits); - } else { - FD_SET(f, &ibits); - } - if (!SYNCHing) { - FD_SET(f, &xbits); - } - if ((c = select(nfd, &ibits, &obits, &xbits, - (struct timeval *)0)) < 1) { - if (c == -1) { - if (errno == EINTR) { - continue; - } - } - sleep(5); - continue; - } - - /* - * Any urgent data? - */ - if (FD_ISSET(net, &xbits)) { - SYNCHing = 1; - } - - /* - * Something to read from the network... - */ - if (FD_ISSET(net, &ibits)) { -#ifndef SO_OOBINLINE - /* - * In 4.2 (and 4.3 beta) systems, the - * OOB indication and data handling in the kernel - * is such that if two separate TCP Urgent requests - * come in, one byte of TCP data will be overlaid. - * This is fatal for Telnet, but we try to live - * with it. - * - * In addition, in 4.2 (and...), a special protocol - * is needed to pick up the TCP Urgent data in - * the correct sequence. - * - * What we do is: if we think we are in urgent - * mode, we look to see if we are "at the mark". - * If we are, we do an OOB receive. If we run - * this twice, we will do the OOB receive twice, - * but the second will fail, since the second - * time we were "at the mark", but there wasn't - * any data there (the kernel doesn't reset - * "at the mark" until we do a normal read). - * Once we've read the OOB data, we go ahead - * and do normal reads. - * - * There is also another problem, which is that - * since the OOB byte we read doesn't put us - * out of OOB state, and since that byte is most - * likely the TELNET DM (data mark), we would - * stay in the TELNET SYNCH (SYNCHing) state. - * So, clocks to the rescue. If we've "just" - * received a DM, then we test for the - * presence of OOB data when the receive OOB - * fails (and AFTER we did the normal mode read - * to clear "at the mark"). - */ - if (SYNCHing) { - int atmark; - - ioctl(net, SIOCATMARK, (char *)&atmark); - if (atmark) { - ncc = recv(net, netibuf, sizeof (netibuf), MSG_OOB); - if ((ncc == -1) && (errno == EINVAL)) { - ncc = read(net, netibuf, sizeof (netibuf)); - if (sequenceIs(didnetreceive, gotDM)) { - SYNCHing = stilloob(net); - } - } - } else { - ncc = read(net, netibuf, sizeof (netibuf)); - } - } else { - ncc = read(net, netibuf, sizeof (netibuf)); - } - settimer(didnetreceive); -#else /* !defined(SO_OOBINLINE)) */ - ncc = read(net, netibuf, sizeof (netibuf)); -#endif /* !defined(SO_OOBINLINE)) */ - if (ncc < 0 && errno == EWOULDBLOCK) - ncc = 0; - else { - if (ncc <= 0) { - break; - } - netip = netibuf; - } - DIAG((TD_REPORT | TD_NETDATA), { - output_data("td: netread %d chars\r\n", ncc); - }); - DIAG(TD_NETDATA, printdata("nd", netip, ncc)); - } - - /* - * Something to read from the pty... - */ - if (FD_ISSET(p, &ibits)) { -#ifdef STREAMSPTY - if (really_stream) - pcc = readstream(p, ptyibuf, BUFSIZ); - else -#endif - pcc = read(p, ptyibuf, BUFSIZ); - - /* - * On some systems, if we try to read something - * off the master side before the slave side is - * opened, we get EIO. - */ - if (pcc < 0 && (errno == EWOULDBLOCK || -#ifdef EAGAIN - errno == EAGAIN || -#endif - errno == EIO)) { - pcc = 0; - } else { - if (pcc <= 0) - break; - if (ptyibuf[0] & TIOCPKT_FLUSHWRITE) { - netclear(); /* clear buffer back */ -#ifndef NO_URGENT - /* - * There are client telnets on some - * operating systems get screwed up - * royally if we send them urgent - * mode data. - */ - output_data ("%c%c", IAC, DM); - - neturg = nfrontp-1; /* off by one XXX */ - DIAG(TD_OPTIONS, - printoption("td: send IAC", DM)); - -#endif - } - if (his_state_is_will(TELOPT_LFLOW) && - (ptyibuf[0] & - (TIOCPKT_NOSTOP|TIOCPKT_DOSTOP))) { - int newflow = - ptyibuf[0] & TIOCPKT_DOSTOP ? 1 : 0; - if (newflow != flowmode) { - flowmode = newflow; - output_data("%c%c%c%c%c%c", - IAC, SB, TELOPT_LFLOW, - flowmode ? LFLOW_ON - : LFLOW_OFF, - IAC, SE); - DIAG(TD_OPTIONS, printsub('>', - (unsigned char *)nfrontp-4, - 4);); - } - } - pcc--; - ptyip = ptyibuf+1; - } - } - - while (pcc > 0) { - if ((&netobuf[BUFSIZ] - nfrontp) < 3) - break; - c = *ptyip++ & 0377, pcc--; - if (c == IAC) - *nfrontp++ = c; - *nfrontp++ = c; - if ((c == '\r') && (my_state_is_wont(TELOPT_BINARY))) { - if (pcc > 0 && ((*ptyip & 0377) == '\n')) { - *nfrontp++ = *ptyip++ & 0377; - pcc--; - } else - *nfrontp++ = '\0'; - } - } - - if (FD_ISSET(f, &obits) && (nfrontp - nbackp) > 0) - netflush(); - if (ncc > 0) - telrcv(); - if (FD_ISSET(p, &obits) && (pfrontp - pbackp) > 0) - ptyflush(); - } - cleanup(0); -} - -#ifndef TCSIG -# ifdef TIOCSIG -# define TCSIG TIOCSIG -# endif -#endif - -#ifdef STREAMSPTY - - int flowison = -1; /* current state of flow: -1 is unknown */ - -int -readstream(int p, char *ibuf, int bufsize) -{ - int flags = 0; - int ret = 0; - struct termios *tsp; -#if 0 - struct termio *tp; -#endif - struct iocblk *ip; - char vstop, vstart; - int ixon; - int newflow; - - strbufc.maxlen = BUFSIZ; - strbufc.buf = (char *)ctlbuf; - strbufd.maxlen = bufsize-1; - strbufd.len = 0; - strbufd.buf = ibuf+1; - ibuf[0] = 0; - - ret = getmsg(p, &strbufc, &strbufd, &flags); - if (ret < 0) /* error of some sort -- probably EAGAIN */ - return(-1); - - if (strbufc.len <= 0 || ctlbuf[0] == M_DATA) { - /* data message */ - if (strbufd.len > 0) { /* real data */ - return(strbufd.len + 1); /* count header char */ - } else { - /* nothing there */ - errno = EAGAIN; - return(-1); - } - } - - /* - * It's a control message. Return 1, to look at the flag we set - */ - - switch (ctlbuf[0]) { - case M_FLUSH: - if (ibuf[1] & FLUSHW) - ibuf[0] = TIOCPKT_FLUSHWRITE; - return(1); - - case M_IOCTL: - ip = (struct iocblk *) (ibuf+1); - - switch (ip->ioc_cmd) { -#ifdef TCSETS - case TCSETS: - case TCSETSW: - case TCSETSF: - tsp = (struct termios *) - (ibuf+1 + sizeof(struct iocblk)); - vstop = tsp->c_cc[VSTOP]; - vstart = tsp->c_cc[VSTART]; - ixon = tsp->c_iflag & IXON; - break; -#endif -#if 0 - case TCSETA: - case TCSETAW: - case TCSETAF: - tp = (struct termio *) (ibuf+1 + sizeof(struct iocblk)); - vstop = tp->c_cc[VSTOP]; - vstart = tp->c_cc[VSTART]; - ixon = tp->c_iflag & IXON; - break; -#endif - default: - errno = EAGAIN; - return(-1); - } - - newflow = (ixon && (vstart == 021) && (vstop == 023)) ? 1 : 0; - if (newflow != flowison) { /* it's a change */ - flowison = newflow; - ibuf[0] = newflow ? TIOCPKT_DOSTOP : TIOCPKT_NOSTOP; - return(1); - } - } - - /* nothing worth doing anything about */ - errno = EAGAIN; - return(-1); -} -#endif /* STREAMSPTY */ - -/* - * Send interrupt to process on other side of pty. - * If it is in raw mode, just write NULL; - * otherwise, write intr char. - */ -void -interrupt() -{ - ptyflush(); /* half-hearted */ - -#if defined(STREAMSPTY) && defined(TIOCSIGNAL) - /* Streams PTY style ioctl to post a signal */ - if (really_stream) - { - int sig = SIGINT; - ioctl(ourpty, TIOCSIGNAL, &sig); - ioctl(ourpty, I_FLUSH, FLUSHR); - } -#else -#ifdef TCSIG - ioctl(ourpty, TCSIG, (char *)SIGINT); -#else /* TCSIG */ - init_termbuf(); - *pfrontp++ = slctab[SLC_IP].sptr ? - (unsigned char)*slctab[SLC_IP].sptr : '\177'; -#endif /* TCSIG */ -#endif -} - -/* - * Send quit to process on other side of pty. - * If it is in raw mode, just write NULL; - * otherwise, write quit char. - */ -void -sendbrk() -{ - ptyflush(); /* half-hearted */ -#ifdef TCSIG - ioctl(ourpty, TCSIG, (char *)SIGQUIT); -#else /* TCSIG */ - init_termbuf(); - *pfrontp++ = slctab[SLC_ABORT].sptr ? - (unsigned char)*slctab[SLC_ABORT].sptr : '\034'; -#endif /* TCSIG */ -} - -void -sendsusp() -{ -#ifdef SIGTSTP - ptyflush(); /* half-hearted */ -# ifdef TCSIG - ioctl(ourpty, TCSIG, (char *)SIGTSTP); -# else /* TCSIG */ - *pfrontp++ = slctab[SLC_SUSP].sptr ? - (unsigned char)*slctab[SLC_SUSP].sptr : '\032'; -# endif /* TCSIG */ -#endif /* SIGTSTP */ -} - -/* - * When we get an AYT, if ^T is enabled, use that. Otherwise, - * just send back "[Yes]". - */ -void -recv_ayt() -{ -#if defined(SIGINFO) && defined(TCSIG) - if (slctab[SLC_AYT].sptr && *slctab[SLC_AYT].sptr != _POSIX_VDISABLE) { - ioctl(ourpty, TCSIG, (char *)SIGINFO); - return; - } -#endif - output_data("\r\n[Yes]\r\n"); -} - -void -doeof() -{ - init_termbuf(); - - *pfrontp++ = slctab[SLC_EOF].sptr ? - (unsigned char)*slctab[SLC_EOF].sptr : '\004'; -} diff --git a/crypto/heimdal/appl/telnet/telnetd/telnetd.h b/crypto/heimdal/appl/telnet/telnetd/telnetd.h deleted file mode 100644 index 51a5725bd9a0..000000000000 --- a/crypto/heimdal/appl/telnet/telnetd/telnetd.h +++ /dev/null @@ -1,251 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)telnetd.h 8.1 (Berkeley) 6/4/93 - */ - - -#include - -#include -#include -#include -#include - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif - -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif - -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif /* HAVE_SYS_RESOURCE_H */ - -#ifdef HAVE_SYS_WAIT_H -#include -#endif - -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_SYS_FILE_H -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif - -/* including both and in SunOS 4 generates a - lot of warnings */ - -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 -#include -#endif -#ifdef HAVE_SYS_FILIO_H -#include -#endif - -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif - -#ifdef HAVE_ARPA_INET_H -#include -#endif - -#include -#include -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_SYSLOG_H -#include -#endif -#include - -#ifdef HAVE_UNISTD_H -#include -#endif - -#include - -#ifdef HAVE_PTY_H -#include -#endif - -#ifdef STREAMSPTY -#ifdef HAVE_SAC_H -#include -#endif -#ifdef HAVE_SYS_STROPTS_H -#include -#endif - -# include - -#ifdef HAVE_SYS_UIO_H -#include -#ifdef __hpux -#undef SE -#endif -#endif -#ifdef HAVE_SYS_STREAM_H -#include -#endif - -#endif /* STREAMSPTY */ - -#undef NOERROR - -#include "defs.h" - -#ifndef _POSIX_VDISABLE -# ifdef VDISABLE -# define _POSIX_VDISABLE VDISABLE -# else -# define _POSIX_VDISABLE ((unsigned char)'\377') -# endif -#endif - - -#ifdef HAVE_SYS_PTY_H -#include -#endif -#ifdef HAVE_SYS_SELECT_H -#include -#endif - -#ifdef HAVE_SYS_PTYIO_H -#include -#endif - -#ifdef HAVE_SYS_UTSNAME_H -#include -#endif - -#ifdef HAVE_PATHS_H -#include -#endif - -#ifdef HAVE_ARPA_TELNET_H -#include -#endif - -#include "ext.h" - -#ifdef SOCKS -#include -/* This doesn't belong here. */ -struct tm *localtime(const time_t *); -struct hostent *gethostbyname(const char *); -#endif - -#ifdef KRB4 -#include -#endif - -#ifdef AUTHENTICATION -#include -#include -#ifdef ENCRYPTION -#include -#endif -#endif - -#ifdef HAVE_LIBUTIL_H -#include -#endif - -#include - -/* Don't use the system login, use our version instead */ - -/* BINDIR should be defined somewhere else... */ - -#ifndef BINDIR -#define BINDIR "/usr/athena/bin" -#endif - -#undef _PATH_LOGIN -#define _PATH_LOGIN BINDIR "/login" - -/* fallbacks */ - -#ifndef _PATH_DEV -#define _PATH_DEV "/dev/" -#endif - -#ifndef _PATH_TTY -#define _PATH_TTY "/dev/tty" -#endif /* _PATH_TTY */ - -#ifdef DIAGNOSTICS -#define DIAG(a,b) if (diagnostic & (a)) b -#else -#define DIAG(a,b) -#endif - -/* other external variables */ -extern char **environ; - -/* prototypes */ - -/* appends data to nfrontp and advances */ -int output_data (const char *format, ...) -#ifdef __GNUC__ -__attribute__ ((format (printf, 1, 2))) -#endif -; - -#ifdef ENCRYPTION -extern int require_encryption; -#endif diff --git a/crypto/heimdal/appl/telnet/telnetd/termstat.c b/crypto/heimdal/appl/telnet/telnetd/termstat.c deleted file mode 100644 index 696a2343dffd..000000000000 --- a/crypto/heimdal/appl/telnet/telnetd/termstat.c +++ /dev/null @@ -1,138 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnetd.h" - -RCSID("$Id: termstat.c 10587 2001-08-29 00:45:23Z assar $"); - -/* - * local variables - */ -int def_tspeed = -1, def_rspeed = -1; -#ifdef TIOCSWINSZ -int def_row = 0, def_col = 0; -#endif - -/* - * flowstat - * - * Check for changes to flow control - */ -void -flowstat(void) -{ - if (his_state_is_will(TELOPT_LFLOW)) { - if (tty_flowmode() != flowmode) { - flowmode = tty_flowmode(); - output_data("%c%c%c%c%c%c", - IAC, SB, TELOPT_LFLOW, - flowmode ? LFLOW_ON : LFLOW_OFF, - IAC, SE); - } - if (tty_restartany() != restartany) { - restartany = tty_restartany(); - output_data("%c%c%c%c%c%c", - IAC, SB, TELOPT_LFLOW, - restartany ? LFLOW_RESTART_ANY - : LFLOW_RESTART_XON, - IAC, SE); - } - } -} - -/* - * clientstat - * - * Process linemode related requests from the client. - * Client can request a change to only one of linemode, editmode or slc's - * at a time, and if using kludge linemode, then only linemode may be - * affected. - */ -void -clientstat(int code, int parm1, int parm2) -{ - /* - * Get a copy of terminal characteristics. - */ - init_termbuf(); - - /* - * Process request from client. code tells what it is. - */ - switch (code) { - case TELOPT_NAWS: -#ifdef TIOCSWINSZ - { - struct winsize ws; - - def_col = parm1; - def_row = parm2; - - /* - * Change window size as requested by client. - */ - - ws.ws_col = parm1; - ws.ws_row = parm2; - ioctl(ourpty, TIOCSWINSZ, (char *)&ws); - } -#endif /* TIOCSWINSZ */ - - break; - - case TELOPT_TSPEED: - { - def_tspeed = parm1; - def_rspeed = parm2; - /* - * Change terminal speed as requested by client. - * We set the receive speed first, so that if we can't - * store seperate receive and transmit speeds, the transmit - * speed will take precedence. - */ - tty_rspeed(parm2); - tty_tspeed(parm1); - set_termbuf(); - - break; - - } /* end of case TELOPT_TSPEED */ - - default: - /* What? */ - break; - } /* end of switch */ - - netflush(); - -} diff --git a/crypto/heimdal/appl/telnet/telnetd/utility.c b/crypto/heimdal/appl/telnet/telnetd/utility.c deleted file mode 100644 index f55914f199b3..000000000000 --- a/crypto/heimdal/appl/telnet/telnetd/utility.c +++ /dev/null @@ -1,1163 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#define PRINTOPTIONS -#include "telnetd.h" - -RCSID("$Id: utility.c 15844 2005-08-08 13:36:16Z lha $"); - -/* - * utility functions performing io related tasks - */ - -/* - * ttloop - * - * A small subroutine to flush the network output buffer, get some - * data from the network, and pass it through the telnet state - * machine. We also flush the pty input buffer (by dropping its data) - * if it becomes too full. - * - * return 0 if OK or 1 if interrupted by a signal. - */ - -int -ttloop(void) -{ - DIAG(TD_REPORT, { - output_data("td: ttloop\r\n"); - }); - if (nfrontp-nbackp) - netflush(); - ncc = read(net, netibuf, sizeof netibuf); - if (ncc < 0) { - if (errno == EINTR) - return 1; - syslog(LOG_INFO, "ttloop: read: %m\n"); - exit(1); - } else if (ncc == 0) { - syslog(LOG_INFO, "ttloop: peer died\n"); - exit(1); - } - DIAG(TD_REPORT, { - output_data("td: ttloop read %d chars\r\n", ncc); - }); - netip = netibuf; - telrcv(); /* state machine */ - if (ncc > 0) { - pfrontp = pbackp = ptyobuf; - telrcv(); - } - return 0; -} /* end of ttloop */ - -/* - * Check a descriptor to see if out of band data exists on it. - */ -int -stilloob(int s) -{ - static struct timeval timeout = { 0 }; - fd_set excepts; - int value; - - if (s >= FD_SETSIZE) - fatal(ourpty, "fd too large"); - - do { - FD_ZERO(&excepts); - FD_SET(s, &excepts); - value = select(s+1, 0, 0, &excepts, &timeout); - } while ((value == -1) && (errno == EINTR)); - - if (value < 0) { - fatalperror(ourpty, "select"); - } - if (FD_ISSET(s, &excepts)) { - return 1; - } else { - return 0; - } -} - -void -ptyflush(void) -{ - int n; - - if ((n = pfrontp - pbackp) > 0) { - DIAG((TD_REPORT | TD_PTYDATA), { - output_data("td: ptyflush %d chars\r\n", n); - }); - DIAG(TD_PTYDATA, printdata("pd", pbackp, n)); - n = write(ourpty, pbackp, n); - } - if (n < 0) { - if (errno == EWOULDBLOCK || errno == EINTR) - return; - cleanup(0); - } - pbackp += n; - if (pbackp == pfrontp) - pbackp = pfrontp = ptyobuf; -} - -/* - * nextitem() - * - * Return the address of the next "item" in the TELNET data - * stream. This will be the address of the next character if - * the current address is a user data character, or it will - * be the address of the character following the TELNET command - * if the current address is a TELNET IAC ("I Am a Command") - * character. - */ -char * -nextitem(char *current) -{ - if ((*current&0xff) != IAC) { - return current+1; - } - switch (*(current+1)&0xff) { - case DO: - case DONT: - case WILL: - case WONT: - return current+3; - case SB:{ - /* loop forever looking for the SE */ - char *look = current+2; - - for (;;) { - if ((*look++&0xff) == IAC) { - if ((*look++&0xff) == SE) { - return look; - } - } - } - } - default: - return current+2; - } -} - - -/* - * netclear() - * - * We are about to do a TELNET SYNCH operation. Clear - * the path to the network. - * - * Things are a bit tricky since we may have sent the first - * byte or so of a previous TELNET command into the network. - * So, we have to scan the network buffer from the beginning - * until we are up to where we want to be. - * - * A side effect of what we do, just to keep things - * simple, is to clear the urgent data pointer. The principal - * caller should be setting the urgent data pointer AFTER calling - * us in any case. - */ -void -netclear(void) -{ - char *thisitem, *next; - char *good; -#define wewant(p) ((nfrontp > p) && ((*p&0xff) == IAC) && \ - ((*(p+1)&0xff) != EC) && ((*(p+1)&0xff) != EL)) - -#ifdef ENCRYPTION - thisitem = nclearto > netobuf ? nclearto : netobuf; -#else - thisitem = netobuf; -#endif - - while ((next = nextitem(thisitem)) <= nbackp) { - thisitem = next; - } - - /* Now, thisitem is first before/at boundary. */ - -#ifdef ENCRYPTION - good = nclearto > netobuf ? nclearto : netobuf; -#else - good = netobuf; /* where the good bytes go */ -#endif - - while (nfrontp > thisitem) { - if (wewant(thisitem)) { - int length; - - next = thisitem; - do { - next = nextitem(next); - } while (wewant(next) && (nfrontp > next)); - length = next-thisitem; - memmove(good, thisitem, length); - good += length; - thisitem = next; - } else { - thisitem = nextitem(thisitem); - } - } - - nbackp = netobuf; - nfrontp = good; /* next byte to be sent */ - neturg = 0; -} /* end of netclear */ - -extern int not42; - -/* - * netflush - * Send as much data as possible to the network, - * handling requests for urgent data. - */ -void -netflush(void) -{ - int n; - - if ((n = nfrontp - nbackp) > 0) { - DIAG(TD_REPORT, - { n += output_data("td: netflush %d chars\r\n", n); - }); -#ifdef ENCRYPTION - if (encrypt_output) { - char *s = nclearto ? nclearto : nbackp; - if (nfrontp - s > 0) { - (*encrypt_output)((unsigned char *)s, nfrontp-s); - nclearto = nfrontp; - } - } -#endif - /* - * if no urgent data, or if the other side appears to be an - * old 4.2 client (and thus unable to survive TCP urgent data), - * write the entire buffer in non-OOB mode. - */ -#if 1 /* remove this to make it work between solaris 2.6 and linux */ - if ((neturg == 0) || (not42 == 0)) { -#endif - n = write(net, nbackp, n); /* normal write */ -#if 1 /* remove this to make it work between solaris 2.6 and linux */ - } else { - n = neturg - nbackp; - /* - * In 4.2 (and 4.3) systems, there is some question about - * what byte in a sendOOB operation is the "OOB" data. - * To make ourselves compatible, we only send ONE byte - * out of band, the one WE THINK should be OOB (though - * we really have more the TCP philosophy of urgent data - * rather than the Unix philosophy of OOB data). - */ - if (n > 1) { - n = send(net, nbackp, n-1, 0); /* send URGENT all by itself */ - } else { - n = send(net, nbackp, n, MSG_OOB); /* URGENT data */ - } - } -#endif - } - if (n < 0) { - if (errno == EWOULDBLOCK || errno == EINTR) - return; - cleanup(0); - } - nbackp += n; -#ifdef ENCRYPTION - if (nbackp > nclearto) - nclearto = 0; -#endif - if (nbackp >= neturg) { - neturg = 0; - } - if (nbackp == nfrontp) { - nbackp = nfrontp = netobuf; -#ifdef ENCRYPTION - nclearto = 0; -#endif - } - return; -} - - -/* - * writenet - * - * Just a handy little function to write a bit of raw data to the net. - * It will force a transmit of the buffer if necessary - * - * arguments - * ptr - A pointer to a character string to write - * len - How many bytes to write - */ -void -writenet(const void *ptr, size_t len) -{ - /* flush buffer if no room for new data) */ - while ((&netobuf[BUFSIZ] - nfrontp) < len) { - /* if this fails, don't worry, buffer is a little big */ - netflush(); - } - if ((&netobuf[BUFSIZ] - nfrontp) < len) - abort(); - - memmove(nfrontp, ptr, len); - nfrontp += len; -} - - -/* - * miscellaneous functions doing a variety of little jobs follow ... - */ - - -void fatal(int f, char *msg) -{ - char buf[BUFSIZ]; - - snprintf(buf, sizeof(buf), "telnetd: %s.\r\n", msg); -#ifdef ENCRYPTION - if (encrypt_output) { - /* - * Better turn off encryption first.... - * Hope it flushes... - */ - encrypt_send_end(); - netflush(); - } -#endif - write(f, buf, (int)strlen(buf)); - sleep(1); /*XXX*/ - exit(1); -} - -void -fatalperror_errno(int f, const char *msg, int error) -{ - char buf[BUFSIZ]; - - snprintf(buf, sizeof(buf), "%s: %s", msg, strerror(error)); - fatal(f, buf); -} - -void -fatalperror(int f, const char *msg) -{ - fatalperror_errno(f, msg, errno); -} - -char editedhost[32]; - -void edithost(char *pat, char *host) -{ - char *res = editedhost; - - if (!pat) - pat = ""; - while (*pat) { - switch (*pat) { - - case '#': - if (*host) - host++; - break; - - case '@': - if (*host) - *res++ = *host++; - break; - - default: - *res++ = *pat; - break; - } - if (res == &editedhost[sizeof editedhost - 1]) { - *res = '\0'; - return; - } - pat++; - } - if (*host) - strlcpy (res, host, - sizeof editedhost - (res - editedhost)); - else - *res = '\0'; - editedhost[sizeof editedhost - 1] = '\0'; -} - -static char *putlocation; - -void -putstr(char *s) -{ - - while (*s) - putchr(*s++); -} - -void -putchr(int cc) -{ - *putlocation++ = cc; -} - -static char fmtstr[] = { "%l:%M%P on %A, %d %B %Y" }; - -void putf(char *cp, char *where) -{ -#ifdef HAVE_UNAME - struct utsname name; -#endif - char *slash; - time_t t; - char db[100]; - - /* if we don't have uname, set these to sensible values */ - char *sysname = "Unix", - *machine = "", - *release = "", - *version = ""; - -#ifdef HAVE_UNAME - uname(&name); - sysname=name.sysname; - machine=name.machine; - release=name.release; - version=name.version; -#endif - - putlocation = where; - - while (*cp) { - if (*cp != '%') { - putchr(*cp++); - continue; - } - switch (*++cp) { - - case 't': - slash = strchr(line+1, '/'); - if (slash == (char *) 0) - putstr(line); - else - putstr(&slash[1]); - break; - - case 'h': - putstr(editedhost); - break; - - case 's': - putstr(sysname); - break; - - case 'm': - putstr(machine); - break; - - case 'r': - putstr(release); - break; - - case 'v': - putstr(version); - break; - - case 'd': - time(&t); - strftime(db, sizeof(db), fmtstr, localtime(&t)); - putstr(db); - break; - - case '%': - putchr('%'); - break; - } - cp++; - } -} - -#ifdef DIAGNOSTICS -/* - * Print telnet options and commands in plain text, if possible. - */ -void -printoption(char *fmt, int option) -{ - if (TELOPT_OK(option)) - output_data("%s %s\r\n", - fmt, - TELOPT(option)); - else if (TELCMD_OK(option)) - output_data("%s %s\r\n", - fmt, - TELCMD(option)); - else - output_data("%s %d\r\n", - fmt, - option); - return; -} - -void -printsub(int direction, unsigned char *pointer, int length) - /* '<' or '>' */ - /* where suboption data sits */ - /* length of suboption data */ -{ - int i = 0; - unsigned char buf[512]; - - if (!(diagnostic & TD_OPTIONS)) - return; - - if (direction) { - output_data("td: %s suboption ", - direction == '<' ? "recv" : "send"); - if (length >= 3) { - int j; - - i = pointer[length-2]; - j = pointer[length-1]; - - if (i != IAC || j != SE) { - output_data("(terminated by "); - if (TELOPT_OK(i)) - output_data("%s ", - TELOPT(i)); - else if (TELCMD_OK(i)) - output_data("%s ", - TELCMD(i)); - else - output_data("%d ", - i); - if (TELOPT_OK(j)) - output_data("%s", - TELOPT(j)); - else if (TELCMD_OK(j)) - output_data("%s", - TELCMD(j)); - else - output_data("%d", - j); - output_data(", not IAC SE!) "); - } - } - length -= 2; - } - if (length < 1) { - output_data("(Empty suboption??\?)"); - return; - } - switch (pointer[0]) { - case TELOPT_TTYPE: - output_data("TERMINAL-TYPE "); - switch (pointer[1]) { - case TELQUAL_IS: - output_data("IS \"%.*s\"", - length-2, - (char *)pointer+2); - break; - case TELQUAL_SEND: - output_data("SEND"); - break; - default: - output_data("- unknown qualifier %d (0x%x).", - pointer[1], pointer[1]); - } - break; - case TELOPT_TSPEED: - output_data("TERMINAL-SPEED"); - if (length < 2) { - output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case TELQUAL_IS: - output_data(" IS %.*s", length-2, (char *)pointer+2); - break; - default: - if (pointer[1] == 1) - output_data(" SEND"); - else - output_data(" %d (unknown)", pointer[1]); - for (i = 2; i < length; i++) { - output_data(" ?%d?", pointer[i]); - } - break; - } - break; - - case TELOPT_LFLOW: - output_data("TOGGLE-FLOW-CONTROL"); - if (length < 2) { - output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case LFLOW_OFF: - output_data(" OFF"); - break; - case LFLOW_ON: - output_data(" ON"); - break; - case LFLOW_RESTART_ANY: - output_data(" RESTART-ANY"); - break; - case LFLOW_RESTART_XON: - output_data(" RESTART-XON"); - break; - default: - output_data(" %d (unknown)", - pointer[1]); - } - for (i = 2; i < length; i++) { - output_data(" ?%d?", - pointer[i]); - } - break; - - case TELOPT_NAWS: - output_data("NAWS"); - if (length < 2) { - output_data(" (empty suboption??\?)"); - break; - } - if (length == 2) { - output_data(" ?%d?", - pointer[1]); - break; - } - output_data(" %u %u(%u)", - pointer[1], - pointer[2], - (((unsigned int)pointer[1])<<8) + pointer[2]); - if (length == 4) { - output_data(" ?%d?", - pointer[3]); - break; - } - output_data(" %u %u(%u)", - pointer[3], - pointer[4], - (((unsigned int)pointer[3])<<8) + pointer[4]); - for (i = 5; i < length; i++) { - output_data(" ?%d?", - pointer[i]); - } - break; - - case TELOPT_LINEMODE: - output_data("LINEMODE "); - if (length < 2) { - output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case WILL: - output_data("WILL "); - goto common; - case WONT: - output_data("WONT "); - goto common; - case DO: - output_data("DO "); - goto common; - case DONT: - output_data("DONT "); - common: - if (length < 3) { - output_data("(no option??\?)"); - break; - } - switch (pointer[2]) { - case LM_FORWARDMASK: - output_data("Forward Mask"); - for (i = 3; i < length; i++) { - output_data(" %x", pointer[i]); - } - break; - default: - output_data("%d (unknown)", - pointer[2]); - for (i = 3; i < length; i++) { - output_data(" %d", - pointer[i]); - } - break; - } - break; - - case LM_SLC: - output_data("SLC"); - for (i = 2; i < length - 2; i += 3) { - if (SLC_NAME_OK(pointer[i+SLC_FUNC])) - output_data(" %s", - SLC_NAME(pointer[i+SLC_FUNC])); - else - output_data(" %d", - pointer[i+SLC_FUNC]); - switch (pointer[i+SLC_FLAGS]&SLC_LEVELBITS) { - case SLC_NOSUPPORT: - output_data(" NOSUPPORT"); - break; - case SLC_CANTCHANGE: - output_data(" CANTCHANGE"); - break; - case SLC_VARIABLE: - output_data(" VARIABLE"); - break; - case SLC_DEFAULT: - output_data(" DEFAULT"); - break; - } - output_data("%s%s%s", - pointer[i+SLC_FLAGS]&SLC_ACK ? "|ACK" : "", - pointer[i+SLC_FLAGS]&SLC_FLUSHIN ? "|FLUSHIN" : "", - pointer[i+SLC_FLAGS]&SLC_FLUSHOUT ? "|FLUSHOUT" : ""); - if (pointer[i+SLC_FLAGS]& ~(SLC_ACK|SLC_FLUSHIN| - SLC_FLUSHOUT| SLC_LEVELBITS)) { - output_data("(0x%x)", - pointer[i+SLC_FLAGS]); - } - output_data(" %d;", - pointer[i+SLC_VALUE]); - if ((pointer[i+SLC_VALUE] == IAC) && - (pointer[i+SLC_VALUE+1] == IAC)) - i++; - } - for (; i < length; i++) { - output_data(" ?%d?", - pointer[i]); - } - break; - - case LM_MODE: - output_data("MODE "); - if (length < 3) { - output_data("(no mode??\?)"); - break; - } - { - char tbuf[32]; - snprintf(tbuf, - sizeof(tbuf), - "%s%s%s%s%s", - pointer[2]&MODE_EDIT ? "|EDIT" : "", - pointer[2]&MODE_TRAPSIG ? "|TRAPSIG" : "", - pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "", - pointer[2]&MODE_LIT_ECHO ? "|LIT_ECHO" : "", - pointer[2]&MODE_ACK ? "|ACK" : ""); - output_data("%s", - tbuf[1] ? &tbuf[1] : "0"); - } - if (pointer[2]&~(MODE_EDIT|MODE_TRAPSIG|MODE_ACK)) { - output_data(" (0x%x)", - pointer[2]); - } - for (i = 3; i < length; i++) { - output_data(" ?0x%x?", - pointer[i]); - } - break; - default: - output_data("%d (unknown)", - pointer[1]); - for (i = 2; i < length; i++) { - output_data(" %d", pointer[i]); - } - } - break; - - case TELOPT_STATUS: { - char *cp; - int j, k; - - output_data("STATUS"); - - switch (pointer[1]) { - default: - if (pointer[1] == TELQUAL_SEND) - output_data(" SEND"); - else - output_data(" %d (unknown)", - pointer[1]); - for (i = 2; i < length; i++) { - output_data(" ?%d?", - pointer[i]); - } - break; - case TELQUAL_IS: - output_data(" IS\r\n"); - - for (i = 2; i < length; i++) { - switch(pointer[i]) { - case DO: cp = "DO"; goto common2; - case DONT: cp = "DONT"; goto common2; - case WILL: cp = "WILL"; goto common2; - case WONT: cp = "WONT"; goto common2; - common2: - i++; - if (TELOPT_OK(pointer[i])) - output_data(" %s %s", - cp, - TELOPT(pointer[i])); - else - output_data(" %s %d", - cp, - pointer[i]); - - output_data("\r\n"); - break; - - case SB: - output_data(" SB "); - i++; - j = k = i; - while (j < length) { - if (pointer[j] == SE) { - if (j+1 == length) - break; - if (pointer[j+1] == SE) - j++; - else - break; - } - pointer[k++] = pointer[j++]; - } - printsub(0, &pointer[i], k - i); - if (i < length) { - output_data(" SE"); - i = j; - } else - i = j - 1; - - output_data("\r\n"); - - break; - - default: - output_data(" %d", - pointer[i]); - break; - } - } - break; - } - break; - } - - case TELOPT_XDISPLOC: - output_data("X-DISPLAY-LOCATION "); - switch (pointer[1]) { - case TELQUAL_IS: - output_data("IS \"%.*s\"", - length-2, - (char *)pointer+2); - break; - case TELQUAL_SEND: - output_data("SEND"); - break; - default: - output_data("- unknown qualifier %d (0x%x).", - pointer[1], pointer[1]); - } - break; - - case TELOPT_NEW_ENVIRON: - output_data("NEW-ENVIRON "); - goto env_common1; - case TELOPT_OLD_ENVIRON: - output_data("OLD-ENVIRON"); - env_common1: - switch (pointer[1]) { - case TELQUAL_IS: - output_data("IS "); - goto env_common; - case TELQUAL_SEND: - output_data("SEND "); - goto env_common; - case TELQUAL_INFO: - output_data("INFO "); - env_common: - { - int noquote = 2; - for (i = 2; i < length; i++ ) { - switch (pointer[i]) { - case NEW_ENV_VAR: - output_data("\" VAR " + noquote); - noquote = 2; - break; - - case NEW_ENV_VALUE: - output_data("\" VALUE " + noquote); - noquote = 2; - break; - - case ENV_ESC: - output_data("\" ESC " + noquote); - noquote = 2; - break; - - case ENV_USERVAR: - output_data("\" USERVAR " + noquote); - noquote = 2; - break; - - default: - if (isprint(pointer[i]) && pointer[i] != '"') { - if (noquote) { - output_data ("\""); - noquote = 0; - } - output_data ("%c", pointer[i]); - } else { - output_data("\" %03o " + noquote, - pointer[i]); - noquote = 2; - } - break; - } - } - if (!noquote) - output_data ("\""); - break; - } - } - break; - -#ifdef AUTHENTICATION - case TELOPT_AUTHENTICATION: - output_data("AUTHENTICATION"); - - if (length < 2) { - output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case TELQUAL_REPLY: - case TELQUAL_IS: - output_data(" %s ", - (pointer[1] == TELQUAL_IS) ? - "IS" : "REPLY"); - if (AUTHTYPE_NAME_OK(pointer[2])) - output_data("%s ", - AUTHTYPE_NAME(pointer[2])); - else - output_data("%d ", - pointer[2]); - if (length < 3) { - output_data("(partial suboption??\?)"); - break; - } - output_data("%s|%s", - ((pointer[3] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ? - "CLIENT" : "SERVER", - ((pointer[3] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ? - "MUTUAL" : "ONE-WAY"); - - auth_printsub(&pointer[1], length - 1, buf, sizeof(buf)); - output_data("%s", - buf); - break; - - case TELQUAL_SEND: - i = 2; - output_data(" SEND "); - while (i < length) { - if (AUTHTYPE_NAME_OK(pointer[i])) - output_data("%s ", - AUTHTYPE_NAME(pointer[i])); - else - output_data("%d ", - pointer[i]); - if (++i >= length) { - output_data("(partial suboption??\?)"); - break; - } - output_data("%s|%s ", - ((pointer[i] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ? - "CLIENT" : "SERVER", - ((pointer[i] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ? - "MUTUAL" : "ONE-WAY"); - ++i; - } - break; - - case TELQUAL_NAME: - i = 2; - output_data(" NAME \"%.*s\"", - length - 2, - pointer); - break; - - default: - for (i = 2; i < length; i++) { - output_data(" ?%d?", - pointer[i]); - } - break; - } - break; -#endif - -#ifdef ENCRYPTION - case TELOPT_ENCRYPT: - output_data("ENCRYPT"); - if (length < 2) { - output_data(" (empty suboption?)"); - break; - } - switch (pointer[1]) { - case ENCRYPT_START: - output_data(" START"); - break; - - case ENCRYPT_END: - output_data(" END"); - break; - - case ENCRYPT_REQSTART: - output_data(" REQUEST-START"); - break; - - case ENCRYPT_REQEND: - output_data(" REQUEST-END"); - break; - - case ENCRYPT_IS: - case ENCRYPT_REPLY: - output_data(" %s ", - (pointer[1] == ENCRYPT_IS) ? - "IS" : "REPLY"); - if (length < 3) { - output_data(" (partial suboption?)"); - break; - } - if (ENCTYPE_NAME_OK(pointer[2])) - output_data("%s ", - ENCTYPE_NAME(pointer[2])); - else - output_data(" %d (unknown)", - pointer[2]); - - encrypt_printsub(&pointer[1], length - 1, buf, sizeof(buf)); - output_data("%s", - buf); - break; - - case ENCRYPT_SUPPORT: - i = 2; - output_data(" SUPPORT "); - while (i < length) { - if (ENCTYPE_NAME_OK(pointer[i])) - output_data("%s ", - ENCTYPE_NAME(pointer[i])); - else - output_data("%d ", - pointer[i]); - i++; - } - break; - - case ENCRYPT_ENC_KEYID: - output_data(" ENC_KEYID %d", pointer[1]); - goto encommon; - - case ENCRYPT_DEC_KEYID: - output_data(" DEC_KEYID %d", pointer[1]); - goto encommon; - - default: - output_data(" %d (unknown)", pointer[1]); - encommon: - for (i = 2; i < length; i++) { - output_data(" %d", pointer[i]); - } - break; - } - break; -#endif - - default: - if (TELOPT_OK(pointer[0])) - output_data("%s (unknown)", - TELOPT(pointer[0])); - else - output_data("%d (unknown)", - pointer[i]); - for (i = 1; i < length; i++) { - output_data(" %d", pointer[i]); - } - break; - } - output_data("\r\n"); -} - -/* - * Dump a data buffer in hex and ascii to the output data stream. - */ -void -printdata(char *tag, char *ptr, int cnt) -{ - int i; - char xbuf[30]; - - while (cnt) { - /* flush net output buffer if no room for new data) */ - if ((&netobuf[BUFSIZ] - nfrontp) < 80) { - netflush(); - } - - /* add a line of output */ - output_data("%s: ", tag); - for (i = 0; i < 20 && cnt; i++) { - output_data("%02x", *ptr); - if (isprint((unsigned char)*ptr)) { - xbuf[i] = *ptr; - } else { - xbuf[i] = '.'; - } - if (i % 2) { - output_data(" "); - } - cnt--; - ptr++; - } - xbuf[i] = '\0'; - output_data(" %s\r\n", xbuf); - } -} -#endif /* DIAGNOSTICS */ diff --git a/crypto/heimdal/appl/test/Makefile.am b/crypto/heimdal/appl/test/Makefile.am deleted file mode 100644 index 21f2013b71e1..000000000000 --- a/crypto/heimdal/appl/test/Makefile.am +++ /dev/null @@ -1,42 +0,0 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -include $(top_srcdir)/Makefile.am.common - -noinst_PROGRAMS = tcp_client tcp_server gssapi_server gssapi_client \ - uu_server uu_client nt_gss_server nt_gss_client http_client - -tcp_client_SOURCES = tcp_client.c common.c test_locl.h - -tcp_server_SOURCES = tcp_server.c common.c test_locl.h - -gssapi_server_SOURCES = gssapi_server.c gss_common.c common.c \ - gss_common.h test_locl.h - -gssapi_client_SOURCES = gssapi_client.c gss_common.c common.c \ - gss_common.h test_locl.h - -http_client_SOURCES = http_client.c gss_common.c common.c \ - gss_common.h test_locl.h - -uu_server_SOURCES = uu_server.c common.c test_locl.h - -uu_client_SOURCES = uu_client.c common.c test_locl.h - -gssapi_server_LDADD = $(top_builddir)/lib/gssapi/libgssapi.la $(LDADD) - -gssapi_client_LDADD = $(gssapi_server_LDADD) - -http_client_LDADD = $(top_builddir)/lib/gssapi/libgssapi.la $(LDADD) - -nt_gss_client_SOURCES = nt_gss_client.c nt_gss_common.c nt_gss_common.h common.c - -nt_gss_server_SOURCES = nt_gss_server.c nt_gss_common.c nt_gss_common.h - -nt_gss_client_LDADD = $(gssapi_server_LDADD) - -nt_gss_server_LDADD = $(nt_gss_client_LDADD) - -LDADD = $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) diff --git a/crypto/heimdal/appl/test/Makefile.in b/crypto/heimdal/appl/test/Makefile.in deleted file mode 100644 index fb9e36884f94..000000000000 --- a/crypto/heimdal/appl/test/Makefile.in +++ /dev/null @@ -1,856 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -noinst_PROGRAMS = tcp_client$(EXEEXT) tcp_server$(EXEEXT) \ - gssapi_server$(EXEEXT) gssapi_client$(EXEEXT) \ - uu_server$(EXEEXT) uu_client$(EXEEXT) nt_gss_server$(EXEEXT) \ - nt_gss_client$(EXEEXT) http_client$(EXEEXT) -subdir = appl/test -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -PROGRAMS = $(noinst_PROGRAMS) -am_gssapi_client_OBJECTS = gssapi_client.$(OBJEXT) \ - gss_common.$(OBJEXT) common.$(OBJEXT) -gssapi_client_OBJECTS = $(am_gssapi_client_OBJECTS) -am__DEPENDENCIES_1 = -am__DEPENDENCIES_2 = $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) -am__DEPENDENCIES_3 = $(top_builddir)/lib/gssapi/libgssapi.la \ - $(am__DEPENDENCIES_2) -gssapi_client_DEPENDENCIES = $(am__DEPENDENCIES_3) -am_gssapi_server_OBJECTS = gssapi_server.$(OBJEXT) \ - gss_common.$(OBJEXT) common.$(OBJEXT) -gssapi_server_OBJECTS = $(am_gssapi_server_OBJECTS) -gssapi_server_DEPENDENCIES = $(top_builddir)/lib/gssapi/libgssapi.la \ - $(am__DEPENDENCIES_2) -am_http_client_OBJECTS = http_client.$(OBJEXT) gss_common.$(OBJEXT) \ - common.$(OBJEXT) -http_client_OBJECTS = $(am_http_client_OBJECTS) -http_client_DEPENDENCIES = $(top_builddir)/lib/gssapi/libgssapi.la \ - $(am__DEPENDENCIES_2) -am_nt_gss_client_OBJECTS = nt_gss_client.$(OBJEXT) \ - nt_gss_common.$(OBJEXT) common.$(OBJEXT) -nt_gss_client_OBJECTS = $(am_nt_gss_client_OBJECTS) -nt_gss_client_DEPENDENCIES = $(am__DEPENDENCIES_3) -am_nt_gss_server_OBJECTS = nt_gss_server.$(OBJEXT) \ - nt_gss_common.$(OBJEXT) -nt_gss_server_OBJECTS = $(am_nt_gss_server_OBJECTS) -am__DEPENDENCIES_4 = $(am__DEPENDENCIES_3) -nt_gss_server_DEPENDENCIES = $(am__DEPENDENCIES_4) -am_tcp_client_OBJECTS = tcp_client.$(OBJEXT) common.$(OBJEXT) -tcp_client_OBJECTS = $(am_tcp_client_OBJECTS) -tcp_client_LDADD = $(LDADD) -tcp_client_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) -am_tcp_server_OBJECTS = tcp_server.$(OBJEXT) common.$(OBJEXT) -tcp_server_OBJECTS = $(am_tcp_server_OBJECTS) -tcp_server_LDADD = $(LDADD) -tcp_server_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) -am_uu_client_OBJECTS = uu_client.$(OBJEXT) common.$(OBJEXT) -uu_client_OBJECTS = $(am_uu_client_OBJECTS) -uu_client_LDADD = $(LDADD) -uu_client_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) -am_uu_server_OBJECTS = uu_server.$(OBJEXT) common.$(OBJEXT) -uu_server_OBJECTS = $(am_uu_server_OBJECTS) -uu_server_LDADD = $(LDADD) -uu_server_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(gssapi_client_SOURCES) $(gssapi_server_SOURCES) \ - $(http_client_SOURCES) $(nt_gss_client_SOURCES) \ - $(nt_gss_server_SOURCES) $(tcp_client_SOURCES) \ - $(tcp_server_SOURCES) $(uu_client_SOURCES) \ - $(uu_server_SOURCES) -DIST_SOURCES = $(gssapi_client_SOURCES) $(gssapi_server_SOURCES) \ - $(http_client_SOURCES) $(nt_gss_client_SOURCES) \ - $(nt_gss_server_SOURCES) $(tcp_client_SOURCES) \ - $(tcp_server_SOURCES) $(uu_client_SOURCES) \ - $(uu_server_SOURCES) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -tcp_client_SOURCES = tcp_client.c common.c test_locl.h -tcp_server_SOURCES = tcp_server.c common.c test_locl.h -gssapi_server_SOURCES = gssapi_server.c gss_common.c common.c \ - gss_common.h test_locl.h - -gssapi_client_SOURCES = gssapi_client.c gss_common.c common.c \ - gss_common.h test_locl.h - -http_client_SOURCES = http_client.c gss_common.c common.c \ - gss_common.h test_locl.h - -uu_server_SOURCES = uu_server.c common.c test_locl.h -uu_client_SOURCES = uu_client.c common.c test_locl.h -gssapi_server_LDADD = $(top_builddir)/lib/gssapi/libgssapi.la $(LDADD) -gssapi_client_LDADD = $(gssapi_server_LDADD) -http_client_LDADD = $(top_builddir)/lib/gssapi/libgssapi.la $(LDADD) -nt_gss_client_SOURCES = nt_gss_client.c nt_gss_common.c nt_gss_common.h common.c -nt_gss_server_SOURCES = nt_gss_server.c nt_gss_common.c nt_gss_common.h -nt_gss_client_LDADD = $(gssapi_server_LDADD) -nt_gss_server_LDADD = $(nt_gss_client_LDADD) -LDADD = $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) - -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps appl/test/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps appl/test/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -gssapi_client$(EXEEXT): $(gssapi_client_OBJECTS) $(gssapi_client_DEPENDENCIES) - @rm -f gssapi_client$(EXEEXT) - $(LINK) $(gssapi_client_OBJECTS) $(gssapi_client_LDADD) $(LIBS) -gssapi_server$(EXEEXT): $(gssapi_server_OBJECTS) $(gssapi_server_DEPENDENCIES) - @rm -f gssapi_server$(EXEEXT) - $(LINK) $(gssapi_server_OBJECTS) $(gssapi_server_LDADD) $(LIBS) -http_client$(EXEEXT): $(http_client_OBJECTS) $(http_client_DEPENDENCIES) - @rm -f http_client$(EXEEXT) - $(LINK) $(http_client_OBJECTS) $(http_client_LDADD) $(LIBS) -nt_gss_client$(EXEEXT): $(nt_gss_client_OBJECTS) $(nt_gss_client_DEPENDENCIES) - @rm -f nt_gss_client$(EXEEXT) - $(LINK) $(nt_gss_client_OBJECTS) $(nt_gss_client_LDADD) $(LIBS) -nt_gss_server$(EXEEXT): $(nt_gss_server_OBJECTS) $(nt_gss_server_DEPENDENCIES) - @rm -f nt_gss_server$(EXEEXT) - $(LINK) $(nt_gss_server_OBJECTS) $(nt_gss_server_LDADD) $(LIBS) -tcp_client$(EXEEXT): $(tcp_client_OBJECTS) $(tcp_client_DEPENDENCIES) - @rm -f tcp_client$(EXEEXT) - $(LINK) $(tcp_client_OBJECTS) $(tcp_client_LDADD) $(LIBS) -tcp_server$(EXEEXT): $(tcp_server_OBJECTS) $(tcp_server_DEPENDENCIES) - @rm -f tcp_server$(EXEEXT) - $(LINK) $(tcp_server_OBJECTS) $(tcp_server_LDADD) $(LIBS) -uu_client$(EXEEXT): $(uu_client_OBJECTS) $(uu_client_DEPENDENCIES) - @rm -f uu_client$(EXEEXT) - $(LINK) $(uu_client_OBJECTS) $(uu_client_LDADD) $(LIBS) -uu_server$(EXEEXT): $(uu_server_OBJECTS) $(uu_server_DEPENDENCIES) - @rm -f uu_server$(EXEEXT) - $(LINK) $(uu_server_OBJECTS) $(uu_server_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(PROGRAMS) all-local -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool clean-noinstPROGRAMS \ - mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-generic clean-libtool clean-noinstPROGRAMS ctags \ - dist-hook distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ - pdf pdf-am ps ps-am tags uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/appl/test/common.c b/crypto/heimdal/appl/test/common.c deleted file mode 100644 index 595c8287e12f..000000000000 --- a/crypto/heimdal/appl/test/common.c +++ /dev/null @@ -1,174 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "test_locl.h" - -RCSID("$Id: common.c 12796 2003-09-09 03:38:04Z lha $"); - -static int help_flag; -static int version_flag; -static char *port_str; -static char *keytab_str; -krb5_keytab keytab; -char *service = SERVICE; -char *mech = "krb5"; -int fork_flag; - -static struct getargs args[] = { - { "port", 'p', arg_string, &port_str, "port to listen to", "port" }, - { "service", 's', arg_string, &service, "service to use", "service" }, - { "keytab", 'k', arg_string, &keytab_str, "keytab to use", "keytab" }, - { "mech", 'm', arg_string, &mech, "gssapi mech to use", "mech" }, - { "fork", 'f', arg_flag, &fork_flag, "do fork" }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 0, arg_flag, &version_flag } -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - -static void -server_usage(int code, struct getargs *args, int num_args) -{ - arg_printusage(args, num_args, NULL, ""); - exit(code); -} - -static void -client_usage(int code, struct getargs *args, int num_args) -{ - arg_printusage(args, num_args, NULL, "host"); - exit(code); -} - - -static int -common_setup(krb5_context *context, int *argc, char **argv, - void (*usage)(int, struct getargs*, int)) -{ - int port = 0; - *argc = krb5_program_setup(context, *argc, argv, args, num_args, usage); - - if(help_flag) - (*usage)(0, args, num_args); - if(version_flag) { - print_version(NULL); - exit(0); - } - - if(port_str){ - struct servent *s = roken_getservbyname(port_str, "tcp"); - if(s) - port = s->s_port; - else { - char *ptr; - - port = strtol (port_str, &ptr, 10); - if (port == 0 && ptr == port_str) - errx (1, "Bad port `%s'", port_str); - port = htons(port); - } - } - - if (port == 0) - port = krb5_getportbyname (*context, PORT, "tcp", 4711); - - return port; -} - -int -server_setup(krb5_context *context, int argc, char **argv) -{ - int port = common_setup(context, &argc, argv, server_usage); - krb5_error_code ret; - - if(argv[argc] != NULL) - server_usage(1, args, num_args); - if (keytab_str != NULL) - ret = krb5_kt_resolve (*context, keytab_str, &keytab); - else - ret = krb5_kt_default (*context, &keytab); - if (ret) - krb5_err (*context, 1, ret, "krb5_kt_resolve/default"); - return port; -} - -int -client_setup(krb5_context *context, int *argc, char **argv) -{ - int optind = *argc; - int port = common_setup(context, &optind, argv, client_usage); - if(*argc - optind != 1) - client_usage(1, args, num_args); - *argc = optind; - return port; -} - -int -client_doit (const char *hostname, int port, const char *service, - int (*func)(int, const char *hostname, const char *service)) -{ - struct addrinfo *ai, *a; - struct addrinfo hints; - int error; - char portstr[NI_MAXSERV]; - - memset (&hints, 0, sizeof(hints)); - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = IPPROTO_TCP; - - snprintf (portstr, sizeof(portstr), "%u", ntohs(port)); - - error = getaddrinfo (hostname, portstr, &hints, &ai); - if (error) { - errx (1, "%s: %s", hostname, gai_strerror(error)); - return -1; - } - - for (a = ai; a != NULL; a = a->ai_next) { - int s; - - s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (s < 0) - continue; - if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { - warn ("connect(%s)", hostname); - close (s); - continue; - } - freeaddrinfo (ai); - return (*func) (s, hostname, service); - } - warnx ("failed to contact %s", hostname); - freeaddrinfo (ai); - return 1; -} diff --git a/crypto/heimdal/appl/test/gss_common.c b/crypto/heimdal/appl/test/gss_common.c deleted file mode 100644 index 4c80e543b7c8..000000000000 --- a/crypto/heimdal/appl/test/gss_common.c +++ /dev/null @@ -1,152 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "test_locl.h" -#include -#include "gss_common.h" -RCSID("$Id: gss_common.c 19937 2007-01-16 21:56:01Z lha $"); - -void -write_token (int sock, gss_buffer_t buf) -{ - uint32_t len, net_len; - OM_uint32 min_stat; - - len = buf->length; - - net_len = htonl(len); - - if (net_write (sock, &net_len, 4) != 4) - err (1, "write"); - if (net_write (sock, buf->value, len) != len) - err (1, "write"); - - gss_release_buffer (&min_stat, buf); -} - -static void -enet_read(int fd, void *buf, size_t len) -{ - ssize_t ret; - - ret = net_read (fd, buf, len); - if (ret == 0) - errx (1, "EOF in read"); - else if (ret < 0) - errx (1, "read"); -} - -void -read_token (int sock, gss_buffer_t buf) -{ - uint32_t len, net_len; - - enet_read (sock, &net_len, 4); - len = ntohl(net_len); - buf->length = len; - buf->value = emalloc(len); - enet_read (sock, buf->value, len); -} - -void -gss_print_errors (int min_stat) -{ - OM_uint32 new_stat; - OM_uint32 msg_ctx = 0; - gss_buffer_desc status_string; - OM_uint32 ret; - - do { - ret = gss_display_status (&new_stat, - min_stat, - GSS_C_MECH_CODE, - GSS_C_NO_OID, - &msg_ctx, - &status_string); - fprintf (stderr, "%.*s\n", (int)status_string.length, - (char *)status_string.value); - gss_release_buffer (&new_stat, &status_string); - } while (!GSS_ERROR(ret) && msg_ctx != 0); -} - -void -gss_verr(int exitval, int status, const char *fmt, va_list ap) -{ - vwarnx (fmt, ap); - gss_print_errors (status); - exit (exitval); -} - -void -gss_err(int exitval, int status, const char *fmt, ...) -{ - va_list args; - - va_start(args, fmt); - gss_verr (exitval, status, fmt, args); - va_end(args); -} - -gss_OID -select_mech(const char *mech) -{ - if (strcasecmp(mech, "krb5") == 0) - return GSS_KRB5_MECHANISM; - else if (strcasecmp(mech, "spnego") == 0) - return GSS_SPNEGO_MECHANISM; - else if (strcasecmp(mech, "no-oid") == 0) - return GSS_C_NO_OID; - else - errx (1, "Unknown mechanism '%s' (spnego, krb5, no-oid)", mech); -} - -void -print_gss_name(const char *prefix, gss_name_t name) -{ - OM_uint32 maj_stat, min_stat; - gss_buffer_desc name_token; - - maj_stat = gss_display_name (&min_stat, - name, - &name_token, - NULL); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_display_name"); - - fprintf (stderr, "%s `%.*s'\n", prefix, - (int)name_token.length, - (char *)name_token.value); - - gss_release_buffer (&min_stat, &name_token); - -} diff --git a/crypto/heimdal/appl/test/gss_common.h b/crypto/heimdal/appl/test/gss_common.h deleted file mode 100644 index 598ac8c287d8..000000000000 --- a/crypto/heimdal/appl/test/gss_common.h +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: gss_common.h 14661 2005-03-19 03:13:14Z lha $ */ - -void write_token (int sock, gss_buffer_t buf); -void read_token (int sock, gss_buffer_t buf); - -void gss_print_errors (int min_stat); - -void gss_verr(int exitval, int status, const char *fmt, va_list ap) - __attribute__ ((format (printf, 3, 0))); - -void gss_err(int exitval, int status, const char *fmt, ...) - __attribute__ ((format (printf, 3, 4))); - -gss_OID select_mech(const char *); - -void print_gss_name(const char *, gss_name_t); diff --git a/crypto/heimdal/appl/test/gssapi_client.c b/crypto/heimdal/appl/test/gssapi_client.c deleted file mode 100644 index d10fc5701fa8..000000000000 --- a/crypto/heimdal/appl/test/gssapi_client.c +++ /dev/null @@ -1,248 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "test_locl.h" -#include -#include "gss_common.h" -RCSID("$Id: gssapi_client.c 21521 2007-07-12 13:13:40Z lha $"); - -static int -do_trans (int sock, gss_ctx_id_t context_hdl) -{ - OM_uint32 maj_stat, min_stat; - gss_buffer_desc real_input_token, real_output_token; - gss_buffer_t input_token = &real_input_token, - output_token = &real_output_token; - - /* get_mic */ - - input_token->length = 3; - input_token->value = strdup("hej"); - - maj_stat = gss_get_mic(&min_stat, - context_hdl, - GSS_C_QOP_DEFAULT, - input_token, - output_token); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_get_mic"); - - write_token (sock, input_token); - write_token (sock, output_token); - - /* wrap */ - - input_token->length = 7; - input_token->value = "hemligt"; - - maj_stat = gss_wrap (&min_stat, - context_hdl, - 0, - GSS_C_QOP_DEFAULT, - input_token, - NULL, - output_token); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_wrap"); - - write_token (sock, output_token); - - maj_stat = gss_wrap (&min_stat, - context_hdl, - 1, - GSS_C_QOP_DEFAULT, - input_token, - NULL, - output_token); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_wrap"); - - write_token (sock, output_token); - - return 0; -} - -static int -proto (int sock, const char *hostname, const char *service) -{ - struct sockaddr_in remote, local; - socklen_t addrlen; - - int context_established = 0; - gss_ctx_id_t context_hdl = GSS_C_NO_CONTEXT; - gss_buffer_desc real_input_token, real_output_token; - gss_buffer_t input_token = &real_input_token, - output_token = &real_output_token; - OM_uint32 maj_stat, min_stat; - gss_name_t server; - gss_buffer_desc name_token; - struct gss_channel_bindings_struct input_chan_bindings; - u_char init_buf[4]; - u_char acct_buf[4]; - gss_OID mech_oid; - char *str; - - mech_oid = select_mech(mech); - - name_token.length = asprintf (&str, - "%s@%s", service, hostname); - if (str == NULL) - errx(1, "malloc - out of memory"); - name_token.value = str; - - maj_stat = gss_import_name (&min_stat, - &name_token, - GSS_C_NT_HOSTBASED_SERVICE, - &server); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, - "Error importing name `%s@%s':\n", service, hostname); - - addrlen = sizeof(local); - if (getsockname (sock, (struct sockaddr *)&local, &addrlen) < 0 - || addrlen != sizeof(local)) - err (1, "getsockname(%s)", hostname); - - addrlen = sizeof(remote); - if (getpeername (sock, (struct sockaddr *)&remote, &addrlen) < 0 - || addrlen != sizeof(remote)) - err (1, "getpeername(%s)", hostname); - - input_token->length = 0; - output_token->length = 0; - - input_chan_bindings.initiator_addrtype = GSS_C_AF_INET; - input_chan_bindings.initiator_address.length = 4; - init_buf[0] = (local.sin_addr.s_addr >> 24) & 0xFF; - init_buf[1] = (local.sin_addr.s_addr >> 16) & 0xFF; - init_buf[2] = (local.sin_addr.s_addr >> 8) & 0xFF; - init_buf[3] = (local.sin_addr.s_addr >> 0) & 0xFF; - input_chan_bindings.initiator_address.value = init_buf; - - input_chan_bindings.acceptor_addrtype = GSS_C_AF_INET; - input_chan_bindings.acceptor_address.length = 4; - acct_buf[0] = (remote.sin_addr.s_addr >> 24) & 0xFF; - acct_buf[1] = (remote.sin_addr.s_addr >> 16) & 0xFF; - acct_buf[2] = (remote.sin_addr.s_addr >> 8) & 0xFF; - acct_buf[3] = (remote.sin_addr.s_addr >> 0) & 0xFF; - input_chan_bindings.acceptor_address.value = acct_buf; - -#if 0 - input_chan_bindings.application_data.value = emalloc(4); - * (unsigned short*)input_chan_bindings.application_data.value = local.sin_port; - * ((unsigned short *)input_chan_bindings.application_data.value + 1) = remote.sin_port; - input_chan_bindings.application_data.length = 4; -#else - input_chan_bindings.application_data.length = 0; - input_chan_bindings.application_data.value = NULL; -#endif - - while(!context_established) { - maj_stat = - gss_init_sec_context(&min_stat, - GSS_C_NO_CREDENTIAL, - &context_hdl, - server, - mech_oid, - GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG - | GSS_C_DELEG_FLAG, - 0, - &input_chan_bindings, - input_token, - NULL, - output_token, - NULL, - NULL); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_init_sec_context"); - if (output_token->length != 0) - write_token (sock, output_token); - if (GSS_ERROR(maj_stat)) { - if (context_hdl != GSS_C_NO_CONTEXT) - gss_delete_sec_context (&min_stat, - &context_hdl, - GSS_C_NO_BUFFER); - break; - } - if (maj_stat & GSS_S_CONTINUE_NEEDED) { - read_token (sock, input_token); - } else { - context_established = 1; - } - - } - if (fork_flag) { - pid_t pid; - int pipefd[2]; - - if (pipe (pipefd) < 0) - err (1, "pipe"); - - pid = fork (); - if (pid < 0) - err (1, "fork"); - if (pid != 0) { - gss_buffer_desc buf; - - maj_stat = gss_export_sec_context (&min_stat, - &context_hdl, - &buf); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_export_sec_context"); - write_token (pipefd[1], &buf); - exit (0); - } else { - gss_ctx_id_t context_hdl; - gss_buffer_desc buf; - - close (pipefd[1]); - read_token (pipefd[0], &buf); - close (pipefd[0]); - maj_stat = gss_import_sec_context (&min_stat, &buf, &context_hdl); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_import_sec_context"); - gss_release_buffer (&min_stat, &buf); - return do_trans (sock, context_hdl); - } - } else { - return do_trans (sock, context_hdl); - } -} - -int -main(int argc, char **argv) -{ - krb5_context context; /* XXX */ - int port = client_setup(&context, &argc, argv); - return client_doit (argv[argc], port, service, proto); -} diff --git a/crypto/heimdal/appl/test/gssapi_server.c b/crypto/heimdal/appl/test/gssapi_server.c deleted file mode 100644 index e63a2bc8c538..000000000000 --- a/crypto/heimdal/appl/test/gssapi_server.c +++ /dev/null @@ -1,334 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "test_locl.h" -#include -#include "gss_common.h" -RCSID("$Id: gssapi_server.c 14762 2005-04-10 14:47:41Z lha $"); - -static int -process_it(int sock, - gss_ctx_id_t context_hdl, - gss_name_t client_name - ) -{ - OM_uint32 maj_stat, min_stat; - gss_buffer_desc real_input_token, real_output_token; - gss_buffer_t input_token = &real_input_token, - output_token = &real_output_token; - gss_name_t server_name; - int conf_flag; - - print_gss_name("User is", client_name); - - maj_stat = gss_inquire_context(&min_stat, - context_hdl, - NULL, - &server_name, - NULL, - NULL, - NULL, - NULL, - NULL); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_inquire_context"); - - print_gss_name("Server is", server_name); - - maj_stat = gss_release_name(&min_stat, &server_name); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_release_name"); - - /* gss_verify_mic */ - - read_token (sock, input_token); - read_token (sock, output_token); - - maj_stat = gss_verify_mic (&min_stat, - context_hdl, - input_token, - output_token, - NULL); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_verify_mic"); - - fprintf (stderr, "gss_verify_mic: %.*s\n", (int)input_token->length, - (char *)input_token->value); - - gss_release_buffer (&min_stat, input_token); - gss_release_buffer (&min_stat, output_token); - - /* gss_unwrap */ - - read_token (sock, input_token); - - maj_stat = gss_unwrap (&min_stat, - context_hdl, - input_token, - output_token, - &conf_flag, - NULL); - if(GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_unwrap"); - - fprintf (stderr, "gss_unwrap: %.*s %s\n", (int)output_token->length, - (char *)output_token->value, - conf_flag ? "CONF" : "INT"); - - gss_release_buffer (&min_stat, input_token); - gss_release_buffer (&min_stat, output_token); - - read_token (sock, input_token); - - maj_stat = gss_unwrap (&min_stat, - context_hdl, - input_token, - output_token, - &conf_flag, - NULL); - if(GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_unwrap"); - - fprintf (stderr, "gss_unwrap: %.*s %s\n", (int)output_token->length, - (char *)output_token->value, - conf_flag ? "CONF" : "INT"); - - gss_release_buffer (&min_stat, input_token); - gss_release_buffer (&min_stat, output_token); - - return 0; -} - -static int -proto (int sock, const char *service) -{ - struct sockaddr_in remote, local; - socklen_t addrlen; - gss_ctx_id_t context_hdl = GSS_C_NO_CONTEXT; - gss_buffer_desc real_input_token, real_output_token; - gss_buffer_t input_token = &real_input_token, - output_token = &real_output_token; - OM_uint32 maj_stat, min_stat; - gss_name_t client_name; - struct gss_channel_bindings_struct input_chan_bindings; - gss_cred_id_t delegated_cred_handle = NULL; - krb5_ccache ccache; - u_char init_buf[4]; - u_char acct_buf[4]; - gss_OID mech_oid; - char *mech, *p; - - addrlen = sizeof(local); - if (getsockname (sock, (struct sockaddr *)&local, &addrlen) < 0 - || addrlen != sizeof(local)) - err (1, "getsockname)"); - - addrlen = sizeof(remote); - if (getpeername (sock, (struct sockaddr *)&remote, &addrlen) < 0 - || addrlen != sizeof(remote)) - err (1, "getpeername"); - - input_chan_bindings.initiator_addrtype = GSS_C_AF_INET; - input_chan_bindings.initiator_address.length = 4; - init_buf[0] = (remote.sin_addr.s_addr >> 24) & 0xFF; - init_buf[1] = (remote.sin_addr.s_addr >> 16) & 0xFF; - init_buf[2] = (remote.sin_addr.s_addr >> 8) & 0xFF; - init_buf[3] = (remote.sin_addr.s_addr >> 0) & 0xFF; - - input_chan_bindings.initiator_address.value = init_buf; - input_chan_bindings.acceptor_addrtype = GSS_C_AF_INET; - - input_chan_bindings.acceptor_address.length = 4; - acct_buf[0] = (local.sin_addr.s_addr >> 24) & 0xFF; - acct_buf[1] = (local.sin_addr.s_addr >> 16) & 0xFF; - acct_buf[2] = (local.sin_addr.s_addr >> 8) & 0xFF; - acct_buf[3] = (local.sin_addr.s_addr >> 0) & 0xFF; - input_chan_bindings.acceptor_address.value = acct_buf; - input_chan_bindings.application_data.value = emalloc(4); -#if 0 - * (unsigned short *)input_chan_bindings.application_data.value = - remote.sin_port; - * ((unsigned short *)input_chan_bindings.application_data.value + 1) = - local.sin_port; - input_chan_bindings.application_data.length = 4; -#else - input_chan_bindings.application_data.length = 0; - input_chan_bindings.application_data.value = NULL; -#endif - - delegated_cred_handle = GSS_C_NO_CREDENTIAL; - - do { - read_token (sock, input_token); - maj_stat = - gss_accept_sec_context (&min_stat, - &context_hdl, - GSS_C_NO_CREDENTIAL, - input_token, - &input_chan_bindings, - &client_name, - &mech_oid, - output_token, - NULL, - NULL, - &delegated_cred_handle); - if(GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_accept_sec_context"); - if (output_token->length != 0) - write_token (sock, output_token); - if (GSS_ERROR(maj_stat)) { - if (context_hdl != GSS_C_NO_CONTEXT) - gss_delete_sec_context (&min_stat, - &context_hdl, - GSS_C_NO_BUFFER); - break; - } - } while(maj_stat & GSS_S_CONTINUE_NEEDED); - - p = (char *)mech_oid->elements; - if (mech_oid->length == GSS_KRB5_MECHANISM->length - && memcmp(p, GSS_KRB5_MECHANISM->elements, mech_oid->length) == 0) - mech = "Kerberos 5"; - else if (mech_oid->length == GSS_SPNEGO_MECHANISM->length - && memcmp(p, GSS_SPNEGO_MECHANISM->elements, mech_oid->length) == 0) - mech = "SPNEGO"; /* XXX Silly, wont show up */ - else - mech = "Unknown"; - - printf("Using mech: %s\n", mech); - - if (delegated_cred_handle != GSS_C_NO_CREDENTIAL) { - krb5_context context; - - printf("Delegated cred found\n"); - - maj_stat = krb5_init_context(&context); - maj_stat = krb5_cc_resolve(context, "FILE:/tmp/krb5cc_test", &ccache); - maj_stat = gss_krb5_copy_ccache(&min_stat, - delegated_cred_handle, - ccache); - if (maj_stat == 0) { - krb5_principal p; - maj_stat = krb5_cc_get_principal(context, ccache, &p); - if (maj_stat == 0) { - char *name; - maj_stat = krb5_unparse_name(context, p, &name); - if (maj_stat == 0) { - printf("Delegated user is: `%s'\n", name); - free(name); - } - krb5_free_principal(context, p); - } - } - krb5_cc_close(context, ccache); - gss_release_cred(&min_stat, &delegated_cred_handle); - } - - if (fork_flag) { - pid_t pid; - int pipefd[2]; - - if (pipe (pipefd) < 0) - err (1, "pipe"); - - pid = fork (); - if (pid < 0) - err (1, "fork"); - if (pid != 0) { - gss_buffer_desc buf; - - maj_stat = gss_export_sec_context (&min_stat, - &context_hdl, - &buf); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_export_sec_context"); - write_token (pipefd[1], &buf); - exit (0); - } else { - gss_ctx_id_t context_hdl; - gss_buffer_desc buf; - - close (pipefd[1]); - read_token (pipefd[0], &buf); - close (pipefd[0]); - maj_stat = gss_import_sec_context (&min_stat, &buf, &context_hdl); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_import_sec_context"); - gss_release_buffer (&min_stat, &buf); - return process_it (sock, context_hdl, client_name); - } - } else { - return process_it (sock, context_hdl, client_name); - } -} - -static int -doit (int port, const char *service) -{ - int sock, sock2; - struct sockaddr_in my_addr; - int one = 1; - - sock = socket (AF_INET, SOCK_STREAM, 0); - if (sock < 0) - err (1, "socket"); - - memset (&my_addr, 0, sizeof(my_addr)); - my_addr.sin_family = AF_INET; - my_addr.sin_port = port; - my_addr.sin_addr.s_addr = INADDR_ANY; - - if (setsockopt (sock, SOL_SOCKET, SO_REUSEADDR, - (void *)&one, sizeof(one)) < 0) - warn ("setsockopt SO_REUSEADDR"); - - if (bind (sock, (struct sockaddr *)&my_addr, sizeof(my_addr)) < 0) - err (1, "bind"); - - if (listen (sock, 1) < 0) - err (1, "listen"); - - sock2 = accept (sock, NULL, NULL); - if (sock2 < 0) - err (1, "accept"); - - return proto (sock2, service); -} - -int -main(int argc, char **argv) -{ - krb5_context context = NULL; /* XXX */ - int port = server_setup(&context, argc, argv); - return doit (port, service); -} diff --git a/crypto/heimdal/appl/test/http_client.c b/crypto/heimdal/appl/test/http_client.c deleted file mode 100644 index 074ba3768bef..000000000000 --- a/crypto/heimdal/appl/test/http_client.c +++ /dev/null @@ -1,504 +0,0 @@ -/* - * Copyright (c) 2003 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "test_locl.h" -#include -#include "gss_common.h" -#include - -RCSID("$Id: http_client.c 14861 2005-04-20 10:38:37Z lha $"); - -/* - * A simplistic client implementing draft-brezak-spnego-http-04.txt - */ - -static int -do_connect (const char *hostname, const char *port) -{ - struct addrinfo *ai, *a; - struct addrinfo hints; - int error; - int s = -1; - - memset (&hints, 0, sizeof(hints)); - hints.ai_family = PF_UNSPEC; - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = 0; - - error = getaddrinfo (hostname, port, &hints, &ai); - if (error) - errx (1, "getaddrinfo(%s): %s", hostname, gai_strerror(error)); - - for (a = ai; a != NULL; a = a->ai_next) { - s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (s < 0) - continue; - if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { - warn ("connect(%s)", hostname); - close (s); - continue; - } - break; - } - freeaddrinfo (ai); - if (a == NULL) - errx (1, "failed to contact %s", hostname); - - return s; -} - -static void -fdprintf(int s, const char *fmt, ...) -{ - size_t len; - ssize_t ret; - va_list ap; - char *str, *buf; - - va_start(ap, fmt); - vasprintf(&str, fmt, ap); - va_end(ap); - - if (str == NULL) - errx(1, "vasprintf"); - - buf = str; - len = strlen(buf); - while (len) { - ret = write(s, buf, len); - if (ret == 0) - err(1, "connection closed"); - else if (ret < 0) - err(1, "error"); - len -= ret; - buf += ret; - } - free(str); -} - -static int help_flag; -static int version_flag; -static int verbose_flag; -static int mutual_flag = 1; -static int delegate_flag; -static char *port_str = "http"; -static char *gss_service = "HTTP"; - -static struct getargs http_args[] = { - { "verbose", 'v', arg_flag, &verbose_flag, "verbose logging", }, - { "port", 'p', arg_string, &port_str, "port to connect to", "port" }, - { "delegate", 0, arg_flag, &delegate_flag, "gssapi delegate credential" }, - { "gss-service", 's', arg_string, &gss_service, "gssapi service to use", - "service" }, - { "mech", 'm', arg_string, &mech, "gssapi mech to use", "mech" }, - { "mutual", 0, arg_negative_flag, &mutual_flag, "no gssapi mutual auth" }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 0, arg_flag, &version_flag } -}; - -static int num_http_args = sizeof(http_args) / sizeof(http_args[0]); - -static void -usage(int code) -{ - arg_printusage(http_args, num_http_args, NULL, "host [page]"); - exit(code); -} - -/* - * - */ - -struct http_req { - char *response; - char **headers; - int num_headers; - void *body; - size_t body_size; -}; - - -static void -http_req_zero(struct http_req *req) -{ - req->response = NULL; - req->headers = NULL; - req->num_headers = 0; - req->body = NULL; - req->body_size = 0; -} - -static void -http_req_free(struct http_req *req) -{ - int i; - - free(req->response); - for (i = 0; i < req->num_headers; i++) - free(req->headers[i]); - free(req->headers); - free(req->body); - http_req_zero(req); -} - -static const char * -http_find_header(struct http_req *req, const char *header) -{ - int i, len = strlen(header); - - for (i = 0; i < req->num_headers; i++) { - if (strncasecmp(header, req->headers[i], len) == 0) { - return req->headers[i] + len + 1; - } - } - return NULL; -} - - -static int -http_query(const char *host, const char *page, - char **headers, int num_headers, struct http_req *req) -{ - enum { RESPONSE, HEADER, BODY } state; - ssize_t ret; - char in_buf[1024], *in_ptr = in_buf; - size_t in_len = 0; - int s, i; - - http_req_zero(req); - - s = do_connect(host, port_str); - if (s < 0) - errx(1, "connection failed"); - - fdprintf(s, "GET %s HTTP/1.0\r\n", page); - for (i = 0; i < num_headers; i++) - fdprintf(s, "%s\r\n", headers[i]); - fdprintf(s, "Host: %s\r\n\r\n", host); - - state = RESPONSE; - - while (1) { - ret = read (s, in_ptr, sizeof(in_buf) - in_len - 1); - if (ret == 0) - break; - else if (ret < 0) - err (1, "read: %lu", (unsigned long)ret); - - in_buf[ret + in_len] = '\0'; - - if (state == HEADER || state == RESPONSE) { - char *p; - - in_len += ret; - in_ptr += ret; - - while (1) { - p = strstr(in_buf, "\r\n"); - - if (p == NULL) { - break; - } else if (p == in_buf) { - memmove(in_buf, in_buf + 2, sizeof(in_buf) - 2); - state = BODY; - in_len -= 2; - in_ptr -= 2; - break; - } else if (state == RESPONSE) { - req->response = strndup(in_buf, p - in_buf); - state = HEADER; - } else { - req->headers = realloc(req->headers, - (req->num_headers + 1) * sizeof(req->headers[0])); - req->headers[req->num_headers] = strndup(in_buf, p - in_buf); - if (req->headers[req->num_headers] == NULL) - errx(1, "strdup"); - req->num_headers++; - } - memmove(in_buf, p + 2, sizeof(in_buf) - (p - in_buf) - 2); - in_len -= (p - in_buf) + 2; - in_ptr -= (p - in_buf) + 2; - } - } - - if (state == BODY) { - - req->body = erealloc(req->body, req->body_size + ret + 1); - - memcpy((char *)req->body + req->body_size, in_buf, ret); - req->body_size += ret; - ((char *)req->body)[req->body_size] = '\0'; - - in_ptr = in_buf; - in_len = 0; - } else - abort(); - } - - if (verbose_flag) { - int i; - printf("response: %s\n", req->response); - for (i = 0; i < req->num_headers; i++) - printf("header[%d] %s\n", i, req->headers[i]); - printf("body: %.*s\n", (int)req->body_size, (char *)req->body); - } - - close(s); - return 0; -} - - -int -main(int argc, char **argv) -{ - struct http_req req; - const char *host, *page; - int i, done, print_body, gssapi_done, gssapi_started; - char *headers[10]; /* XXX */ - int num_headers; - gss_ctx_id_t context_hdl = GSS_C_NO_CONTEXT; - gss_name_t server = GSS_C_NO_NAME; - int optind = 0; - gss_OID mech_oid; - OM_uint32 flags; - - setprogname(argv[0]); - - if(getarg(http_args, num_http_args, argc, argv, &optind)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag) { - print_version(NULL); - exit(0); - } - - argc -= optind; - argv += optind; - - mech_oid = select_mech(mech); - - if (argc != 1 && argc != 2) - errx(1, "usage: %s host [page]", getprogname()); - host = argv[0]; - if (argc == 2) - page = argv[1]; - else - page = "/"; - - flags = 0; - if (delegate_flag) - flags |= GSS_C_DELEG_FLAG; - if (mutual_flag) - flags |= GSS_C_MUTUAL_FLAG; - - done = 0; - num_headers = 0; - gssapi_done = 1; - gssapi_started = 0; - do { - print_body = 0; - - http_query(host, page, headers, num_headers, &req); - for (i = 0 ; i < num_headers; i++) - free(headers[i]); - num_headers = 0; - - if (strstr(req.response, " 200 ") != NULL) { - print_body = 1; - done = 1; - } else if (strstr(req.response, " 401 ") != NULL) { - if (http_find_header(&req, "WWW-Authenticate:") == NULL) - errx(1, "Got %s but missed `WWW-Authenticate'", req.response); - gssapi_done = 0; - } - - if (!gssapi_done) { - const char *h = http_find_header(&req, "WWW-Authenticate:"); - if (h == NULL) - errx(1, "Got %s but missed `WWW-Authenticate'", req.response); - - if (strncasecmp(h, "Negotiate", 9) == 0) { - OM_uint32 maj_stat, min_stat; - gss_buffer_desc input_token, output_token; - - if (verbose_flag) - printf("Negotiate found\n"); - - if (server == GSS_C_NO_NAME) { - char *name; - asprintf(&name, "%s@%s", gss_service, host); - input_token.length = strlen(name); - input_token.value = name; - - maj_stat = gss_import_name(&min_stat, - &input_token, - GSS_C_NT_HOSTBASED_SERVICE, - &server); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_inport_name"); - free(name); - input_token.length = 0; - input_token.value = NULL; - } - - i = 9; - while(h[i] && isspace((unsigned char)h[i])) - i++; - if (h[i] != '\0') { - int len = strlen(&h[i]); - if (len == 0) - errx(1, "invalid Negotiate token"); - input_token.value = emalloc(len); - len = base64_decode(&h[i], input_token.value); - if (len < 0) - errx(1, "invalid base64 Negotiate token %s", &h[i]); - input_token.length = len; - } else { - if (gssapi_started) - errx(1, "Negotiate already started"); - gssapi_started = 1; - - input_token.length = 0; - input_token.value = NULL; - } - - maj_stat = - gss_init_sec_context(&min_stat, - GSS_C_NO_CREDENTIAL, - &context_hdl, - server, - mech_oid, - flags, - 0, - GSS_C_NO_CHANNEL_BINDINGS, - &input_token, - NULL, - &output_token, - NULL, - NULL); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_init_sec_context"); - else if (maj_stat & GSS_S_CONTINUE_NEEDED) - gssapi_done = 0; - else { - gss_name_t targ_name, src_name; - gss_buffer_desc name_buffer; - gss_OID mech_type; - - gssapi_done = 1; - - printf("Negotiate done: %s\n", mech); - - maj_stat = gss_inquire_context(&min_stat, - context_hdl, - &src_name, - &targ_name, - NULL, - &mech_type, - NULL, - NULL, - NULL); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_inquire_context"); - - maj_stat = gss_display_name(&min_stat, - src_name, - &name_buffer, - NULL); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_display_name"); - - printf("Source: %.*s\n", - (int)name_buffer.length, - (char *)name_buffer.value); - - gss_release_buffer(&min_stat, &name_buffer); - - maj_stat = gss_display_name(&min_stat, - targ_name, - &name_buffer, - NULL); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_display_name"); - - printf("Target: %.*s\n", - (int)name_buffer.length, - (char *)name_buffer.value); - - gss_release_name(&min_stat, &targ_name); - gss_release_buffer(&min_stat, &name_buffer); - } - - if (output_token.length) { - char *neg_token; - - base64_encode(output_token.value, - output_token.length, - &neg_token); - - asprintf(&headers[0], "Authorization: Negotiate %s", - neg_token); - - num_headers = 1; - free(neg_token); - gss_release_buffer(&min_stat, &output_token); - } - if (input_token.length) - free(input_token.value); - - } else - done = 1; - } else - done = 1; - - if (verbose_flag) { - printf("%s\n\n", req.response); - - for (i = 0; i < req.num_headers; i++) - printf("%s\n", req.headers[i]); - printf("\n"); - } - if (print_body || verbose_flag) - printf("%.*s\n", (int)req.body_size, (char *)req.body); - - http_req_free(&req); - } while (!done); - - if (gssapi_done == 0) - errx(1, "gssapi not done but http dance done"); - - return 0; -} diff --git a/crypto/heimdal/appl/test/nt_gss_client.c b/crypto/heimdal/appl/test/nt_gss_client.c deleted file mode 100644 index 3527799b4017..000000000000 --- a/crypto/heimdal/appl/test/nt_gss_client.c +++ /dev/null @@ -1,167 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "test_locl.h" -#include -#include "nt_gss_common.h" - -RCSID("$Id: nt_gss_client.c 21522 2007-07-12 13:15:04Z lha $"); - -/* - * This program tries to act as a client for the sample in `Sample - * SSPI Code' in Windows 2000 RC1 SDK. - */ - -static int -proto (int sock, const char *hostname, const char *service) -{ - struct sockaddr_in remote, local; - socklen_t addrlen; - - int context_established = 0; - gss_ctx_id_t context_hdl = GSS_C_NO_CONTEXT; - gss_buffer_t input_token, output_token; - gss_buffer_desc real_input_token, real_output_token; - OM_uint32 maj_stat, min_stat; - gss_name_t server; - gss_buffer_desc name_token; - char *str; - - name_token.length = asprintf (&str, - "%s@%s", service, hostname); - if (str == NULL) - errx(1, "out of memory"); - name_token.value = str; - - maj_stat = gss_import_name (&min_stat, - &name_token, - GSS_C_NT_HOSTBASED_SERVICE, - &server); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, - "Error importing name `%s@%s':\n", service, hostname); - - addrlen = sizeof(local); - if (getsockname (sock, (struct sockaddr *)&local, &addrlen) < 0 - || addrlen != sizeof(local)) - err (1, "getsockname(%s)", hostname); - - addrlen = sizeof(remote); - if (getpeername (sock, (struct sockaddr *)&remote, &addrlen) < 0 - || addrlen != sizeof(remote)) - err (1, "getpeername(%s)", hostname); - - input_token = &real_input_token; - output_token = &real_output_token; - - input_token->length = 0; - output_token->length = 0; - - while(!context_established) { - maj_stat = - gss_init_sec_context(&min_stat, - GSS_C_NO_CREDENTIAL, - &context_hdl, - server, - GSS_C_NO_OID, - GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG, - 0, - GSS_C_NO_CHANNEL_BINDINGS, - input_token, - NULL, - output_token, - NULL, - NULL); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_init_sec_context"); - if (output_token->length != 0) - nt_write_token (sock, output_token); - if (GSS_ERROR(maj_stat)) { - if (context_hdl != GSS_C_NO_CONTEXT) - gss_delete_sec_context (&min_stat, - &context_hdl, - GSS_C_NO_BUFFER); - break; - } - if (maj_stat & GSS_S_CONTINUE_NEEDED) { - nt_read_token (sock, input_token); - } else { - context_established = 1; - } - - } - - /* get_mic */ - - input_token->length = 3; - input_token->value = strdup("hej"); - - maj_stat = gss_get_mic(&min_stat, - context_hdl, - GSS_C_QOP_DEFAULT, - input_token, - output_token); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_get_mic"); - - nt_write_token (sock, input_token); - nt_write_token (sock, output_token); - - /* wrap */ - - input_token->length = 7; - input_token->value = "hemligt"; - - - maj_stat = gss_wrap (&min_stat, - context_hdl, - 1, - GSS_C_QOP_DEFAULT, - input_token, - NULL, - output_token); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_wrap"); - - nt_write_token (sock, output_token); - - return 0; -} - -int -main(int argc, char **argv) -{ - krb5_context context; /* XXX */ - int port = client_setup(&context, &argc, argv); - return client_doit (argv[argc], port, service, proto); -} diff --git a/crypto/heimdal/appl/test/nt_gss_common.c b/crypto/heimdal/appl/test/nt_gss_common.c deleted file mode 100644 index ca079179bc8f..000000000000 --- a/crypto/heimdal/appl/test/nt_gss_common.c +++ /dev/null @@ -1,131 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "test_locl.h" -#include -#include "nt_gss_common.h" - -RCSID("$Id: nt_gss_common.c 17450 2006-05-05 11:11:43Z lha $"); - -/* - * These are functions that are needed to interoperate with the - * `Sample SSPI Code' in Windows 2000 RC1 SDK. - */ - -/* - * Write the `gss_buffer_t' in `buf' onto the fd `sock', but remember that - * the length is written in little-endian-order. - */ - -void -nt_write_token (int sock, gss_buffer_t buf) -{ - unsigned char net_len[4]; - uint32_t len; - OM_uint32 min_stat; - - len = buf->length; - - net_len[0] = (len >> 0) & 0xFF; - net_len[1] = (len >> 8) & 0xFF; - net_len[2] = (len >> 16) & 0xFF; - net_len[3] = (len >> 24) & 0xFF; - - if (write (sock, net_len, 4) != 4) - err (1, "write"); - if (write (sock, buf->value, len) != len) - err (1, "write"); - - gss_release_buffer (&min_stat, buf); -} - -/* - * - */ - -void -nt_read_token (int sock, gss_buffer_t buf) -{ - unsigned char net_len[4]; - uint32_t len; - - if (read(sock, net_len, 4) != 4) - err (1, "read"); - len = (net_len[0] << 0) - | (net_len[1] << 8) - | (net_len[2] << 16) - | (net_len[3] << 24); - - buf->length = len; - buf->value = malloc(len); - if (read (sock, buf->value, len) != len) - err (1, "read"); -} - -void -gss_print_errors (int min_stat) -{ - OM_uint32 new_stat; - OM_uint32 msg_ctx = 0; - gss_buffer_desc status_string; - OM_uint32 ret; - - do { - ret = gss_display_status (&new_stat, - min_stat, - GSS_C_MECH_CODE, - GSS_C_NO_OID, - &msg_ctx, - &status_string); - fprintf (stderr, "%s\n", (char *)status_string.value); - gss_release_buffer (&new_stat, &status_string); - } while (!GSS_ERROR(ret) && msg_ctx != 0); -} - -void -gss_verr(int exitval, int status, const char *fmt, va_list ap) -{ - vwarnx (fmt, ap); - gss_print_errors (status); - exit (exitval); -} - -void -gss_err(int exitval, int status, const char *fmt, ...) -{ - va_list args; - - va_start(args, fmt); - gss_verr (exitval, status, fmt, args); - va_end(args); -} diff --git a/crypto/heimdal/appl/test/nt_gss_common.h b/crypto/heimdal/appl/test/nt_gss_common.h deleted file mode 100644 index 50b5c8380f4b..000000000000 --- a/crypto/heimdal/appl/test/nt_gss_common.h +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: nt_gss_common.h 7464 1999-12-02 17:05:13Z joda $ */ - -void nt_write_token (int sock, gss_buffer_t buf); -void nt_read_token (int sock, gss_buffer_t buf); - -void gss_print_errors (int min_stat); - -void gss_verr(int exitval, int status, const char *fmt, va_list ap) - __attribute__ ((format (printf, 3, 0))); - -void gss_err(int exitval, int status, const char *fmt, ...) - __attribute__ ((format (printf, 3, 4))); diff --git a/crypto/heimdal/appl/test/nt_gss_server.c b/crypto/heimdal/appl/test/nt_gss_server.c deleted file mode 100644 index df4a32ef857c..000000000000 --- a/crypto/heimdal/appl/test/nt_gss_server.c +++ /dev/null @@ -1,247 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "test_locl.h" -#include -#include -#include "nt_gss_common.h" - -RCSID("$Id: nt_gss_server.c 12323 2003-05-21 15:15:34Z lha $"); - -/* - * This program tries to act as a server for the sample in `Sample - * SSPI Code' in Windows 2000 RC1 SDK. - * - * use --dump-auth to get a binary dump of the authorization data in the ticket - */ - -static int help_flag; -static int version_flag; -static char *port_str; -char *service = SERVICE; -static char *auth_file; - -static struct getargs args[] = { - { "port", 'p', arg_string, &port_str, "port to listen to", "port" }, - { "service", 's', arg_string, &service, "service to use", "service" }, - { "dump-auth", 0, arg_string, &auth_file, "dump authorization data", - "file" }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 0, arg_flag, &version_flag } -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - -static int -proto (int sock, const char *service) -{ - struct sockaddr_in remote, local; - socklen_t addrlen; - gss_ctx_id_t context_hdl = GSS_C_NO_CONTEXT; - gss_buffer_t input_token, output_token; - gss_buffer_desc real_input_token, real_output_token; - OM_uint32 maj_stat, min_stat; - gss_name_t client_name; - gss_buffer_desc name_token; - - addrlen = sizeof(local); - if (getsockname (sock, (struct sockaddr *)&local, &addrlen) < 0 - || addrlen != sizeof(local)) - err (1, "getsockname)"); - - addrlen = sizeof(remote); - if (getpeername (sock, (struct sockaddr *)&remote, &addrlen) < 0 - || addrlen != sizeof(remote)) - err (1, "getpeername"); - - input_token = &real_input_token; - output_token = &real_output_token; - - do { - nt_read_token (sock, input_token); - maj_stat = - gss_accept_sec_context (&min_stat, - &context_hdl, - GSS_C_NO_CREDENTIAL, - input_token, - GSS_C_NO_CHANNEL_BINDINGS, - &client_name, - NULL, - output_token, - NULL, - NULL, - NULL); - if(GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_accept_sec_context"); - if (output_token->length != 0) - nt_write_token (sock, output_token); - if (GSS_ERROR(maj_stat)) { - if (context_hdl != GSS_C_NO_CONTEXT) - gss_delete_sec_context (&min_stat, - &context_hdl, - GSS_C_NO_BUFFER); - break; - } - } while(maj_stat & GSS_S_CONTINUE_NEEDED); - - if (auth_file != NULL) { - int fd = open (auth_file, O_WRONLY | O_CREAT, 0666); -#if 0 - krb5_ticket *ticket; - krb5_data *data; - - ticket = context_hdl->ticket; - data = &ticket->ticket.authorization_data->val[0].ad_data; - - if(fd < 0) - err (1, "open %s", auth_file); - if (write (fd, data->data, data->length) != data->length) - errx (1, "write to %s failed", auth_file); -#endif - if (close (fd)) - err (1, "close %s", auth_file); - } - - maj_stat = gss_display_name (&min_stat, - client_name, - &name_token, - NULL); - if (GSS_ERROR(maj_stat)) - gss_err (1, min_stat, "gss_display_name"); - - fprintf (stderr, "User is `%.*s'\n", (int)name_token.length, - (char *)name_token.value); - - /* write something back */ - - output_token->value = strdup ("hejsan"); - output_token->length = strlen (output_token->value) + 1; - nt_write_token (sock, output_token); - - output_token->value = strdup ("hoppsan"); - output_token->length = strlen (output_token->value) + 1; - nt_write_token (sock, output_token); - - return 0; -} - -static int -doit (int port, const char *service) -{ - int sock, sock2; - struct sockaddr_in my_addr; - int one = 1; - - sock = socket (AF_INET, SOCK_STREAM, 0); - if (sock < 0) - err (1, "socket"); - - memset (&my_addr, 0, sizeof(my_addr)); - my_addr.sin_family = AF_INET; - my_addr.sin_port = port; - my_addr.sin_addr.s_addr = INADDR_ANY; - - if (setsockopt (sock, SOL_SOCKET, SO_REUSEADDR, - (void *)&one, sizeof(one)) < 0) - warn ("setsockopt SO_REUSEADDR"); - - if (bind (sock, (struct sockaddr *)&my_addr, sizeof(my_addr)) < 0) - err (1, "bind"); - - if (listen (sock, 1) < 0) - err (1, "listen"); - - sock2 = accept (sock, NULL, NULL); - if (sock2 < 0) - err (1, "accept"); - - return proto (sock2, service); -} - -static void -usage(int code, struct getargs *args, int num_args) -{ - arg_printusage(args, num_args, NULL, ""); - exit(code); -} - -static int -common_setup(krb5_context *context, int *argc, char **argv, - void (*usage)(int, struct getargs*, int)) -{ - int port = 0; - *argc = krb5_program_setup(context, *argc, argv, args, num_args, usage); - - if(help_flag) - (*usage)(0, args, num_args); - if(version_flag) { - print_version(NULL); - exit(0); - } - - if(port_str){ - struct servent *s = roken_getservbyname(port_str, "tcp"); - if(s) - port = s->s_port; - else { - char *ptr; - - port = strtol (port_str, &ptr, 10); - if (port == 0 && ptr == port_str) - errx (1, "Bad port `%s'", port_str); - port = htons(port); - } - } - - if (port == 0) - port = krb5_getportbyname (*context, PORT, "tcp", 4711); - - return port; -} - -static int -setup(krb5_context *context, int argc, char **argv) -{ - int port = common_setup(context, &argc, argv, usage); - if(argv[argc] != NULL) - usage(1, args, num_args); - return port; -} - -int -main(int argc, char **argv) -{ - krb5_context context = NULL; /* XXX */ - int port = setup(&context, argc, argv); - return doit (port, service); -} diff --git a/crypto/heimdal/appl/test/tcp_client.c b/crypto/heimdal/appl/test/tcp_client.c deleted file mode 100644 index f1a4cb25216f..000000000000 --- a/crypto/heimdal/appl/test/tcp_client.c +++ /dev/null @@ -1,132 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "test_locl.h" -RCSID("$Id: tcp_client.c 17450 2006-05-05 11:11:43Z lha $"); - -krb5_context context; - -static int -proto (int sock, const char *hostname, const char *service) -{ - krb5_auth_context auth_context; - krb5_error_code status; - krb5_principal server; - krb5_data data; - krb5_data packet; - uint32_t len, net_len; - - status = krb5_auth_con_init (context, &auth_context); - if (status) - krb5_err (context, 1, status, "krb5_auth_con_init"); - - status = krb5_auth_con_setaddrs_from_fd (context, - auth_context, - &sock); - if (status) - krb5_err (context, 1, status, "krb5_auth_con_setaddrs_from_fd"); - - status = krb5_sname_to_principal (context, - hostname, - service, - KRB5_NT_SRV_HST, - &server); - if (status) - krb5_err (context, 1, status, "krb5_sname_to_principal"); - - status = krb5_sendauth (context, - &auth_context, - &sock, - VERSION, - NULL, - server, - AP_OPTS_MUTUAL_REQUIRED, - NULL, - NULL, - NULL, - NULL, - NULL, - NULL); - if (status) - krb5_err (context, 1, status, "krb5_sendauth"); - - data.data = "hej"; - data.length = 3; - - krb5_data_zero (&packet); - - status = krb5_mk_safe (context, - auth_context, - &data, - &packet, - NULL); - if (status) - krb5_err (context, 1, status, "krb5_mk_safe"); - - len = packet.length; - net_len = htonl(len); - - if (krb5_net_write (context, &sock, &net_len, 4) != 4) - err (1, "krb5_net_write"); - if (krb5_net_write (context, &sock, packet.data, len) != len) - err (1, "krb5_net_write"); - - data.data = "hemligt"; - data.length = 7; - - krb5_data_free (&packet); - - status = krb5_mk_priv (context, - auth_context, - &data, - &packet, - NULL); - if (status) - krb5_err (context, 1, status, "krb5_mk_priv"); - - len = packet.length; - net_len = htonl(len); - - if (krb5_net_write (context, &sock, &net_len, 4) != 4) - err (1, "krb5_net_write"); - if (krb5_net_write (context, &sock, packet.data, len) != len) - err (1, "krb5_net_write"); - return 0; -} - -int -main(int argc, char **argv) -{ - int port = client_setup(&context, &argc, argv); - return client_doit (argv[argc], port, service, proto); -} diff --git a/crypto/heimdal/appl/test/tcp_server.c b/crypto/heimdal/appl/test/tcp_server.c deleted file mode 100644 index 97a9b1170d2e..000000000000 --- a/crypto/heimdal/appl/test/tcp_server.c +++ /dev/null @@ -1,168 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "test_locl.h" -RCSID("$Id: tcp_server.c 17954 2006-09-01 09:01:03Z lha $"); - -krb5_context context; - -static int -proto (int sock, const char *service) -{ - krb5_auth_context auth_context; - krb5_error_code status; - krb5_principal server; - krb5_ticket *ticket; - char *name; - char hostname[MAXHOSTNAMELEN]; - krb5_data packet; - krb5_data data; - uint32_t len, net_len; - ssize_t n; - - status = krb5_auth_con_init (context, &auth_context); - if (status) - krb5_err (context, 1, status, "krb5_auth_con_init"); - - status = krb5_auth_con_setaddrs_from_fd (context, - auth_context, - &sock); - - if (status) - krb5_err (context, 1, status, "krb5_auth_con_setaddrs_from_fd"); - - if(gethostname (hostname, sizeof(hostname)) < 0) - krb5_err (context, 1, errno, "gethostname"); - - status = krb5_sname_to_principal (context, - hostname, - service, - KRB5_NT_SRV_HST, - &server); - if (status) - krb5_err (context, 1, status, "krb5_sname_to_principal"); - - status = krb5_recvauth (context, - &auth_context, - &sock, - VERSION, - server, - 0, - keytab, - &ticket); - if (status) - krb5_err (context, 1, status, "krb5_recvauth"); - - status = krb5_unparse_name (context, - ticket->client, - &name); - if (status) - krb5_err (context, 1, status, "krb5_unparse_name"); - - fprintf (stderr, "User is `%s'\n", name); - free (name); - - krb5_data_zero (&data); - krb5_data_zero (&packet); - - n = krb5_net_read (context, &sock, &net_len, 4); - if (n == 0) - krb5_errx (context, 1, "EOF in krb5_net_read"); - if (n < 0) - krb5_err (context, 1, errno, "krb5_net_read"); - - len = ntohl(net_len); - - krb5_data_alloc (&packet, len); - - n = krb5_net_read (context, &sock, packet.data, len); - if (n == 0) - krb5_errx (context, 1, "EOF in krb5_net_read"); - if (n < 0) - krb5_err (context, 1, errno, "krb5_net_read"); - - status = krb5_rd_safe (context, - auth_context, - &packet, - &data, - NULL); - if (status) - krb5_err (context, 1, status, "krb5_rd_safe"); - - fprintf (stderr, "safe packet: %.*s\n", (int)data.length, - (char *)data.data); - - n = krb5_net_read (context, &sock, &net_len, 4); - if (n == 0) - krb5_errx (context, 1, "EOF in krb5_net_read"); - if (n < 0) - krb5_err (context, 1, errno, "krb5_net_read"); - - len = ntohl(net_len); - - krb5_data_alloc (&packet, len); - - n = krb5_net_read (context, &sock, packet.data, len); - if (n == 0) - krb5_errx (context, 1, "EOF in krb5_net_read"); - if (n < 0) - krb5_err (context, 1, errno, "krb5_net_read"); - - status = krb5_rd_priv (context, - auth_context, - &packet, - &data, - NULL); - if (status) - krb5_err (context, 1, status, "krb5_rd_priv"); - - fprintf (stderr, "priv packet: %.*s\n", (int)data.length, - (char *)data.data); - - return 0; -} - -static int -doit (int port, const char *service) -{ - mini_inetd (port); - - return proto (STDIN_FILENO, service); -} - -int -main(int argc, char **argv) -{ - int port = server_setup(&context, argc, argv); - return doit (port, service); -} diff --git a/crypto/heimdal/appl/test/test_locl.h b/crypto/heimdal/appl/test/test_locl.h deleted file mode 100644 index b203787f0a07..000000000000 --- a/crypto/heimdal/appl/test/test_locl.h +++ /dev/null @@ -1,88 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: test_locl.h 12797 2003-09-09 03:38:51Z lha $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif - -#ifdef HAVE_PWD_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif -#include -#include -#include -#include -#include - -#define SERVICE "test" - -#define PORT "test" - -extern char *service; -extern char *mech; -extern krb5_keytab keytab; -extern int fork_flag; -int server_setup(krb5_context*, int, char**); -int client_setup(krb5_context*, int*, char**); -int client_doit (const char *hostname, int port, const char *service, - int (*func)(int, const char *hostname, const char *service)); diff --git a/crypto/heimdal/appl/test/uu_client.c b/crypto/heimdal/appl/test/uu_client.c deleted file mode 100644 index 6113b8b569f9..000000000000 --- a/crypto/heimdal/appl/test/uu_client.c +++ /dev/null @@ -1,193 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "test_locl.h" -RCSID("$Id: uu_client.c 14719 2005-04-03 19:53:32Z lha $"); - -krb5_context context; - -static int -proto (int sock, const char *hostname, const char *service) -{ - struct sockaddr_in remote, local; - socklen_t addrlen; - krb5_address remote_addr, local_addr; - krb5_context context; - krb5_ccache ccache; - krb5_auth_context auth_context; - krb5_error_code status; - krb5_principal client; - krb5_data data; - krb5_data packet; - krb5_creds mcred, cred; - krb5_ticket *ticket; - - addrlen = sizeof(local); - if (getsockname (sock, (struct sockaddr *)&local, &addrlen) < 0 - || addrlen != sizeof(local)) - err (1, "getsockname(%s)", hostname); - - addrlen = sizeof(remote); - if (getpeername (sock, (struct sockaddr *)&remote, &addrlen) < 0 - || addrlen != sizeof(remote)) - err (1, "getpeername(%s)", hostname); - - status = krb5_init_context(&context); - if (status) - errx(1, "krb5_init_context failed: %d", status); - - status = krb5_cc_default (context, &ccache); - if (status) - krb5_err(context, 1, status, "krb5_cc_default"); - - status = krb5_auth_con_init (context, &auth_context); - if (status) - krb5_err(context, 1, status, "krb5_auth_con_init"); - - local_addr.addr_type = AF_INET; - local_addr.address.length = sizeof(local.sin_addr); - local_addr.address.data = &local.sin_addr; - - remote_addr.addr_type = AF_INET; - remote_addr.address.length = sizeof(remote.sin_addr); - remote_addr.address.data = &remote.sin_addr; - - status = krb5_auth_con_setaddrs (context, - auth_context, - &local_addr, - &remote_addr); - if (status) - krb5_err(context, 1, status, "krb5_auth_con_setaddr"); - - krb5_cc_clear_mcred(&mcred); - - status = krb5_cc_get_principal(context, ccache, &client); - if(status) - krb5_err(context, 1, status, "krb5_cc_get_principal"); - status = krb5_make_principal(context, &mcred.server, - *krb5_princ_realm(context, client), - "krbtgt", - *krb5_princ_realm(context, client), - NULL); - if(status) - krb5_err(context, 1, status, "krb5_make_principal"); - mcred.client = client; - - status = krb5_cc_retrieve_cred(context, ccache, 0, &mcred, &cred); - if(status) - krb5_err(context, 1, status, "krb5_cc_retrieve_cred"); - - { - char *client_name; - krb5_data data; - status = krb5_unparse_name(context, cred.client, &client_name); - if(status) - krb5_err(context, 1, status, "krb5_unparse_name"); - data.data = client_name; - data.length = strlen(client_name) + 1; - status = krb5_write_message(context, &sock, &data); - if(status) - krb5_err(context, 1, status, "krb5_write_message"); - free(client_name); - } - - status = krb5_write_message(context, &sock, &cred.ticket); - if(status) - krb5_err(context, 1, status, "krb5_write_message"); - - status = krb5_auth_con_setuserkey(context, auth_context, &cred.session); - if(status) - krb5_err(context, 1, status, "krb5_auth_con_setuserkey"); - - status = krb5_recvauth(context, &auth_context, &sock, - VERSION, client, 0, NULL, &ticket); - - if (status) - krb5_err(context, 1, status, "krb5_recvauth"); - - if (ticket->ticket.authorization_data) { - AuthorizationData *authz; - int i; - - printf("Authorization data:\n"); - - authz = ticket->ticket.authorization_data; - for (i = 0; i < authz->len; i++) { - printf("\ttype %d, length %lu\n", - authz->val[i].ad_type, - (unsigned long)authz->val[i].ad_data.length); - } - } - - data.data = "hej"; - data.length = 3; - - krb5_data_zero (&packet); - - status = krb5_mk_safe (context, - auth_context, - &data, - &packet, - NULL); - if (status) - krb5_err(context, 1, status, "krb5_mk_safe"); - - status = krb5_write_message(context, &sock, &packet); - if(status) - krb5_err(context, 1, status, "krb5_write_message"); - - data.data = "hemligt"; - data.length = 7; - - krb5_data_free (&packet); - - status = krb5_mk_priv (context, - auth_context, - &data, - &packet, - NULL); - if (status) - krb5_err(context, 1, status, "krb5_mk_priv"); - - status = krb5_write_message(context, &sock, &packet); - if(status) - krb5_err(context, 1, status, "krb5_write_message"); - return 0; -} - -int -main(int argc, char **argv) -{ - int port = client_setup(&context, &argc, argv); - return client_doit (argv[argc], port, service, proto); -} diff --git a/crypto/heimdal/appl/test/uu_server.c b/crypto/heimdal/appl/test/uu_server.c deleted file mode 100644 index 6462363456cd..000000000000 --- a/crypto/heimdal/appl/test/uu_server.c +++ /dev/null @@ -1,210 +0,0 @@ -/* - * Copyright (c) 1997 - 2000, 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "test_locl.h" -RCSID("$Id: uu_server.c 20880 2007-06-04 16:55:00Z lha $"); - -krb5_context context; - -static int -proto (int sock, const char *service) -{ - struct sockaddr_in remote, local; - socklen_t addrlen; - krb5_address remote_addr, local_addr; - krb5_ccache ccache; - krb5_auth_context auth_context; - krb5_error_code status; - krb5_data packet; - krb5_data data; - krb5_data client_name; - krb5_creds in_creds, *out_creds; - - addrlen = sizeof(local); - if (getsockname (sock, (struct sockaddr *)&local, &addrlen) < 0 - || addrlen != sizeof(local)) - err (1, "getsockname)"); - - addrlen = sizeof(remote); - if (getpeername (sock, (struct sockaddr *)&remote, &addrlen) < 0 - || addrlen != sizeof(remote)) - err (1, "getpeername"); - - status = krb5_auth_con_init (context, &auth_context); - if (status) - errx (1, "krb5_auth_con_init: %s", - krb5_get_err_text(context, status)); - - local_addr.addr_type = AF_INET; - local_addr.address.length = sizeof(local.sin_addr); - local_addr.address.data = &local.sin_addr; - - remote_addr.addr_type = AF_INET; - remote_addr.address.length = sizeof(remote.sin_addr); - remote_addr.address.data = &remote.sin_addr; - - status = krb5_auth_con_setaddrs (context, - auth_context, - &local_addr, - &remote_addr); - if (status) - errx (1, "krb5_auth_con_setaddr: %s", - krb5_get_err_text(context, status)); - - status = krb5_read_message(context, &sock, &client_name); - if(status) - krb5_err(context, 1, status, "krb5_read_message"); - - memset(&in_creds, 0, sizeof(in_creds)); - status = krb5_cc_default(context, &ccache); - status = krb5_cc_get_principal(context, ccache, &in_creds.client); - - status = krb5_read_message(context, &sock, &in_creds.second_ticket); - if(status) - krb5_err(context, 1, status, "krb5_read_message"); - - status = krb5_parse_name(context, client_name.data, &in_creds.server); - if(status) - krb5_err(context, 1, status, "krb5_parse_name"); - - status = krb5_get_credentials(context, KRB5_GC_USER_USER, ccache, - &in_creds, &out_creds); - if(status) - krb5_err(context, 1, status, "krb5_get_credentials"); - - status = krb5_cc_default(context, &ccache); - - status = krb5_sendauth(context, - &auth_context, - &sock, - VERSION, - in_creds.client, - in_creds.server, - AP_OPTS_USE_SESSION_KEY, - NULL, - out_creds, - ccache, - NULL, - NULL, - NULL); - - if (status) - krb5_err(context, 1, status, "krb5_sendauth"); - - { - char *str; - krb5_unparse_name(context, in_creds.server, &str); - printf ("User is `%s'\n", str); - free(str); - krb5_unparse_name(context, in_creds.client, &str); - printf ("Server is `%s'\n", str); - free(str); - } - - krb5_data_zero (&data); - krb5_data_zero (&packet); - - status = krb5_read_message(context, &sock, &packet); - if(status) - krb5_err(context, 1, status, "krb5_read_message"); - - status = krb5_rd_safe (context, - auth_context, - &packet, - &data, - NULL); - if (status) - errx (1, "krb5_rd_safe: %s", - krb5_get_err_text(context, status)); - - printf ("safe packet: %.*s\n", (int)data.length, - (char *)data.data); - - status = krb5_read_message(context, &sock, &packet); - if(status) - krb5_err(context, 1, status, "krb5_read_message"); - - status = krb5_rd_priv (context, - auth_context, - &packet, - &data, - NULL); - if (status) - errx (1, "krb5_rd_priv: %s", - krb5_get_err_text(context, status)); - - printf ("priv packet: %.*s\n", (int)data.length, - (char *)data.data); - - return 0; -} - -static int -doit (int port, const char *service) -{ - int sock, sock2; - struct sockaddr_in my_addr; - int one = 1; - - sock = socket (AF_INET, SOCK_STREAM, 0); - if (sock < 0) - err (1, "socket"); - - memset (&my_addr, 0, sizeof(my_addr)); - my_addr.sin_family = AF_INET; - my_addr.sin_port = port; - my_addr.sin_addr.s_addr = INADDR_ANY; - - if (setsockopt (sock, SOL_SOCKET, SO_REUSEADDR, - (void *)&one, sizeof(one)) < 0) - warn ("setsockopt SO_REUSEADDR"); - - if (bind (sock, (struct sockaddr *)&my_addr, sizeof(my_addr)) < 0) - err (1, "bind"); - - if (listen (sock, 1) < 0) - err (1, "listen"); - - sock2 = accept (sock, NULL, NULL); - if (sock2 < 0) - err (1, "accept"); - - return proto (sock2, service); -} - -int -main(int argc, char **argv) -{ - int port = server_setup(&context, argc, argv); - return doit (port, service); -} diff --git a/crypto/heimdal/autogen.sh b/crypto/heimdal/autogen.sh deleted file mode 100644 index c3facbf5c7ee..000000000000 --- a/crypto/heimdal/autogen.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/sh -# to really generate all files you need to run "make distcheck" in a -# object tree, but this will do if you have all parts of the required -# tool-chain installed -autoreconf -f -i || { echo "autoreconf failed: $?"; exit 1; } diff --git a/crypto/heimdal/cf/ChangeLog b/crypto/heimdal/cf/ChangeLog deleted file mode 100644 index 0bd84c652cbd..000000000000 --- a/crypto/heimdal/cf/ChangeLog +++ /dev/null @@ -1,1232 +0,0 @@ -2007-10-01 Love Hörnquist Åstrand - - * crypto.m4: openssl might require -ldl too, so lets check that. - -2007-07-31 Love Hörnquist Åstrand - - * Makefile.am.common (check-local::): exit on failure to perform - test. - -2007-07-28 Love Hörnquist Åstrand - - * Makefile.am.common (check-local): also check that --help works. - -2007-07-17 Love Hörnquist Åstrand - - * crypto.m4: depend on EVP_CIPHER_iv_length - -2007-06-27 Love Hörnquist Åstrand - - * Makefile.am.common: Need absolute reference to the top source - directory and top build directory. - -2007-06-20 Love Hörnquist Åstrand - - * wflags.m4: Add --enable-developer and make it cause -Werror to - be included. - -2007-06-18 Love Hörnquist Åstrand - - * Makefile.am.common: Merge from samba config. - - * Makefile.am.common (makedir-in-tree): depend on INFO_DEPS. - - * valgrind-suppressions: Unknown suppression in runtime link - editor - -2007-06-08 Love Hörnquist Åstrand - - * Makefile.am.common: Add heimdal-lorikeet target distdir-in-tree - -2007-06-04 Love Hörnquist Åstrand - - * framework-security.m4: test for -framework Security - -2007-05-10 Love Hörnquist Åstrand - - * roken-frag.m4: we have a fnmatch.h only if there is a working - implementation and a header file. If we do use roken, lets use our - own headerfile that does symbol renaming. - -2007-04-19 Love Hörnquist Åstrand - - * version-script.m4: check if ld supports --version-script - -2007-04-11 Love Hörnquist Åstrand - - * roken-frag.m4: drop broken-getnameinfo.m4 - - * roken-frag.m4: drop test for broken getnameinfo, that old aix is - no longer relevant. - -2007-02-16 Love Hörnquist Åstrand - - * install-catman.sh: Stop overwriting cmd. - -2007-01-15 Love Hörnquist Åstrand - - * install-catman.sh: Use test instead of [. - - * install-catman.sh: Use = instead of ==, make solaris more happy. - -2007-01-08 Love Hörnquist Åstrand - - * roken-frag.m4: More headerfiles for iruserok prototype check. - - * check-symbols.sh: Add fc_softc for AIX as ignore syms. - -2007-01-04 Love Hörnquist Åstrand - - * roken-frag.m4: Check if iruserok needs a prototype. - -2006-12-06 Love Hörnquist Åstrand - - * check-compile-et.m4: set automake symbol COM_ERR when we build - local com_err - -2006-11-16 Love Hörnquist Åstrand - - * valgrind-suppressions: We shouldn't be running /bin/ls under - valgrind, but for now, at least make it easier to see any other - warnings. From Andrew Bartlett. - -2006-10-22 Love Hörnquist Åstrand - - * Makefile.am.common: Add target for valgrind debugging - - * valgrind-suppressions: valgrind suppressions - -2006-10-21 Love Hörnquist Åstrand - - * check-lex.m4: Borrow test for autoconf cvs to help hpux hosts - -2006-10-20 Love Hörnquist Åstrand - - * Makefile.am.common: provide uninstall hook for cat/manpages. - - * install-catman.sh: provide uninstall command - -2006-10-19 Love Hörnquist Åstrand - - * roken-frag.m4: Add check for timegm. - - * roken-frag.m4: Include sys/types.h for sys/socket.h and netdb.h. - -2006-10-07 Love Hörnquist Åstrand - - * Makefile.am.common (install-build-headers): make this function - convoluted and deal with dist_, nodist, nobase and all its - friends. - - * have-struct-field.m4: memset the structure to make sure that we - don't get compiler warnings. - - * crypto.m4: OpenSSL_add_all_algorithms is not a openssl specific - requirement, hcrypto need to have to too. - - * crypto.m4: Require openssl have OpenSSL_add_all_algorithms - -2006-10-04 Love Hörnquist Åstrand - - * autobuild.m4: Add autobuild, GPLed, but free to use in projects - not avaible under GPL or LGPL (just like autoconf). - -2006-09-16 Love Hörnquist Åstrand - - * roken-frag.m4: Add samba_SOCKET_WRAPPER fragment - -2006-09-12 Love Hörnquist Åstrand - - * socket-wrapper.m4: Add socket-wrapper test - -2006-05-06 Love Hörnquist Åstrand - - * crypto.m4: Move up evp.h to please OpenSSL, from Douglas - E. Engert. - -2006-04-22 Love Hörnquist Åstrand - - * roken-frag.m4: Add check for fnmatch.h, its needed to be done - for the automake conditional below. - -2006-04-15 Love Hörnquist Åstrand - - * crypto.m4: Require SHA256 - -2006-01-18 Love Hörnquist Åstrand - - * crypto.m4 Check for if we are to consider - using OpenSSL, also check for headers since - make_crypto.c assumes that the name of the files. - -2006-01-13 Love Hörnquist Åstrand - - * crypto.m4: libdes is renamed to hcrypto - - * crypto.m4: Remove support for old hash names. - -2005-10-26 Love Hörnquist Åstrand - - * install-catman.sh: Add variable INSTALL_CATPAGES that controls - if cat pages are installed, defaults to true. From Johnny Lam - . - -2005-09-28 Love Hörnquist Åstrand - - * roken-frag.m4: Check for and uintptr_t - -2005-09-02 Love Hörnquist Åstrand - - * roken-frag.m4: Resolver check moved to rk_RESOLV, from Andrew - Bartlet - - * resolv.m4: Resolver checks, broken out so samba can use it From - Andrew Bartlet - -2005-08-22 Love Hörnquist Åstrand - - * roken-frag.m4: Check for res_ndestroy. - -2005-08-03 Love Hörnquist Åstrand - - * crypto.m4: Add , OpenSSL 0.9.8 needs it for size_t. - From: Quanah Gibson-Mount - -2005-07-12 Love Hörnquist Åstrand - - * check-compile-et.m4: check that initialize_conf_error_table_r - have the right argument - -2005-07-07 Love Hörnquist Åstrand - - * check-symbols.sh: allow symbols to start with ., aix uses this - -2005-06-16 Love Hörnquist Åstrand - - * krb-bigendian.m4: use ansi c prototypes - - * krb-func-getcwd-broken.m4: use ansi c prototypes - - * broken-snprintf.m4: use ansi c prototypes - - * have-pragma-weak.m4: use ansi c declarations - - * check-getpwnam_r-posix.m4: use ansi c declarations - - * broken-realloc.m4: use ansi c declarations - - * check-compile-et.m4: use ansi c declarations - - * dlopen.m4: add headers and argument to dlopen - - * c-function.m4: use ansi c declarations - - * check-var.m4: use ansi c declarations - - * pthreads.m4: disable threads on aix because of utmp/utmpx - problems - - * broken-getaddrinfo.m4: check for brokenness in getaddrinfo on - AIX that can't handle "0" as port number. - -2005-06-11 Love Hörnquist Åstrand - - * db.m4: Add an option to disable ndbm, from Stefan Metzmacher - - -2005-06-03 Love Hörnquist Åstrand - - * pthreads.m4: rework how pthreads support to turned on/off, - always run though the switch to figure out what the - linker/compiler flag are - -2005-06-01 Love Hörnquist Åstrand - - * pthreads.m4: s/else if/elif/ - - * check-symbols.sh: AIX have a diffrent nm, use -B to get bsd like - output - - * pthreads.m4: aix case: assume gcc handles -pthread, in the - non-gcc case, use the compiler as hint (xlc vs xlc_r) if this - environment handles threads or not - -2005-05-22 Love Hörnquist Åstrand - - * check-symbols.sh: ignore weak symbols too - -2005-05-19 David Love - - * check-getpwnam_r-posix.m4: define _POSIX_PTHREAD_SEMANTICS to - make solaris provide the right getpwname_r - -2005-05-17 Johan Danielsson - - * roken-frag.m4: am_conditional have_cgetent - -2005-05-10 David Love - - * roken-frag.m4: Get daemon declared on Solaris (it's in unistd.h - but masked by a feature test), just to avoid a warning, since it - has int args. - -2005-05-11 Love Hörnquist Åstrand - - * check-var.m4: AC_CHECK_DECL and AC_CHECK_DECLS have a subtile - diffrence, the later defines HAVE_ cpp symbols, the first doesn't. - -2005-05-05 Love Hörnquist Åstrand - - * check-symbols.sh: ignore N symbols too - -2005-04-30 Love Hörnquist Åstrand - - * broken-snprintf.m4: include checking if snprintf(NULL, 0, "") - works - - * check-compile-et.m4: require compile_et to generate a - initialize_FOO_error_table_r (they are used in libkrb5), and - always check for initialize_error_table_r - -2005-04-29 Love Hörnquist Åstrand - - * Makefile.am.common: add LIB_com_err - -2005-04-29 David Love - - * roken-frag.m4: Check for correct vis.h. - -2005-04-28 David Love - - * pthreads.m4: Set PTHREADS_LIBS on Irix. - -2005-04-27 Love Hörnquist Åstrand - - * broken-realloc.m4: use rk_realloc if realloc is broken, this - makes "host-tools" not beeing able to use realloc - - * pthreads.m4: Add support for Solaris, Irix, and modern - Linux. From David Love - -2005-04-25 Love Hörnquist Åstrand - - * check-symbols.sh: limit the units functions to - asn1_[A-Za-z0-9]*_units$ - -2005-04-20 Love Hörnquist Åstrand - - * check-symbols.sh: this lib include com_err, add -com_err to - CHECK_SYMBOLS - - * check-symbols.sh: print the type so I don't need to ask for it - -2005-04-18 Love Hörnquist Åstrand - - * check-symbols.sh: ignore filename symbols - -2005-04-04 Love Hörnquist Åstrand - - * check-symbols.sh: assume symbols prefixed with _ is a sideeffekt - of the local linker and also just fine - -2005-03-16 Love Hörnquist Åstrand - - * roken-frag.m4: include for - -2005-03-01 Love Hörnquist Åstrand - - * sunos.m4: Match solaris 10. From: Joakim Fallsjo - - -2004-12-29 Love - - * check-symbols.sh: add -asn1compile symbols - -2004-12-29 Love Hörnquist Åstrand - - * check-symbols.sh: add exported symbols test - - * Makefile.am.common: add CHECK_SYMBOLS tests, so that we don't - export to much stuff - -2004-09-03 Love Hörnquist Åstrand - - * make-proto.pl: add cpluscplus extern "C" support - -2004-07-09 Love Hörnquist Åstrand - - * pthreads.m4: add -pthread to LIBS since libtool doesn't preserve - it for us when adding is as a dependency on libs - -2004-04-24 Johan Danielsson - - * largefile.m4: like AC_SYS_LARGEFILE, but also add to CPPFLAGS - -2004-04-14 Love Hörnquist Åstrand - - * check-compile-et.m4: even more evil stuff for cross-compiling - - * check-x.m4: use AC_RUN_IFELSE so we can handle cross compiling - - * check-compile-et.m4: use AC_RUN_IFELSE so we can handle cross - compiling - -2004-04-13 Love Hörnquist Åstrand - - * make-proto.pl: if -E, add windows standard calling conv to - headerfile if needed - - * win32.m4: add rk_WIN32_EXPORT - -2004-02-12 Love Hörnquist Åstrand - - * configure.in: rename AC_WFLAGS to rk_WFLAGS - - * *.m4: overquote to pacify automake1.8 - -2004-02-11 Love Hörnquist Åstrand - - * roken-frag.m4: resolv.h is even more special - - * roken-frag.m4: AC_CHECK_HEADERS(net/if.h netinet6/in6_var.h - sys/sysctl.h sys/proc.h, resolv.h) are all special and need extra - help - - * test-package.m4: If there is a --with-PACKAGE=path but no - --with-PACKAGE-config, go seach for path/PACKEGE-config and use it - if it exists. Inspired by Harald Barth - -2003-09-03 Love Hörnquist Åstrand - - * crypto.m4: check for DES_, AES_, and if openssl UI_ - -2003-08-27 Johan Danielsson - - * vararray.m4: test for variable-length arrays - - * roken-frag.m4: test for poll and poll.h - -2003-08-16 Love Hörnquist Åstrand - - * Makefile.am.common: don't try doing local checks if CHECK_LOCAL - is set to no-check-local - -2003-08-01 Love Hörnquist Åstrand - - * check-compile-et.m4: check if compile_et support ``error_table N - M'' also, don't be overly aggressivly reset CFLAGS - -2003-07-22 Love Hörnquist Åstrand - - * pthreads.m4: pthread test - -2003-05-08 Johan Danielsson - - * Makefile.am.common: change install-data-local to - install-data-hook - -2003-05-05 Assar Westerlund - - * crypto.m4: define OPENSSL_DES_LIBDES_COMPATIBILITY - -2003-04-03 Love Hörnquist Åstrand - - * crypto.m4: check if libcrypto needs -lnsl or -lsocket - -2003-04-02 Love Hörnquist Åstrand - - * crypto.m4: in the case where se don't link with kerberos 4, use - ${with_openssl_include} if its are set (not - ${with_openssl}/include) same for with_openssl_lib - -2003-03-18 Love Hörnquist Åstrand - - * Makefile.am.common: always define LIB_kafs - -2003-03-12 Love Hörnquist Åstrand - - * check-compile-et.m4: check if the output of compile_et needs - initialize_error_table_r - -2003-02-17 Love Hörnquist Åstrand - - * check-var.m4: add a check if the variable is avaible when we - include the headerfiles - -2002-12-18 Johan Danielsson - - * roken-frag.m4: res_nsearch takes 6 parameters; spotted by Howard - Chu - -2002-10-25 Johan Danielsson - - * crypto.m4: do a better job at matching headers to libraries - -2002-10-16 Johan Danielsson - - * sunos.m4: more quoting - -2002-09-19 Johan Danielsson - - * make-proto.pl: check the processed string for closing ), not the - source - -2002-09-10 Johan Danielsson - - * crypto.m4: use m4 macros for test cases, also test for older - hash names - - * test-package.m4: include dep libraries in LIB_* - - * crypto.m4: move krb4 test before test for openssl, and bail out - if krb4 is requested, but the crypto library is not the same as - krb4 - - * db.m4: filter contents of LDFLAGS - -2002-09-09 Johan Danielsson - - * auth-modules.m4: rename to rk_AUTH_MODULES - - * auth-modules.m4: only include modules explicitly asked for - -2002-09-04 Johan Danielsson - - * roken-frag.m4: test for res_nsearch - -2002-09-03 Assar Westerlund - - * roken-frag.m4: check for sys/mman.h and mmap (used by - parse_reply-test) - -2002-08-28 Assar Westerlund - - * krb-readline.m4: also add LIB_tgetent in the case of editline - - * crypto.m4: define HAVE_OPENSSL even if we got to hear about it - by krb4 - -2002-08-28 Johan Danielsson - - * krb-readline.m4: add LIB_tgetent to LIB_readline if we have to - - * sunos.m4: various sunos tests - - * crypto.m4: try to extract the crypto compiler flags from - {INCLUDE,LIB}_krb4 - (XXX this is really horrible) - - * krb-readline.m4: don't add -rpath to LIB_readline (libtool - should to this for us), also don't append LIB_tgetent to - LIB_readline (TEST_PACKAGE should do this) - - * test-package.m4: add the possibility to use a *-config program - to get flags; rename to rk_TEST_PACKAGE while here - - * krb-bigendian.m4: move ENDIANESS_IN_SYS_PARAM_H tests here - - * aix.m4: rename to rk_AIX - - * telnet.m4: move telnet tests here - - * aix.m4: restructure this somewhat - - * dlopen.m4: test for dlopen suitable for AC_REQUIRE - - * irix.m4: move some stuff here and rename to irix.m4 - - * krb-sys-nextstep.m4: move SGTTY stuff to read_pwd.c - -2002-08-28 Jacques Vidrine - - * auth-modules.m4: do not build pam_krb4 on freebsd - -2002-08-26 Assar Westerlund - - * roken-frag.m4: test for the vis, strvis functions requiring - prototypes - -2002-08-23 Johan Danielsson - - * need-proto.m4: missing comma - -2002-08-22 Johan Danielsson - - * roken-frag.m4: some rototilling - - * need-proto.m4: use AS_TR_CPP - -2002-08-20 Johan Danielsson - - * roken-frag.m4: HAVE_TYPE instead of CHECK_TYPE ssize_t - - * krb-version.m4: use PACKAGE_TARNAME and PACKAGE_STRING - - * broken-getaddrinfo.m4: can't test for EAI_SERVICE here since AIX - is even more fsck:ed - - * roken-frag.m4: test for altzone - -2002-08-19 Johan Danielsson - - * Makefile.am.common: only define ROKEN_RENAME if do_roken_rename - -2002-08-13 Johan Danielsson - - * Makefile.am.common: add ROKEN_RENAME variable - -2002-08-12 Johan Danielsson - - * make-proto.pl: include to get va_list - - * destdirs.m4: also define localstatedir and sysconfdir - -2002-08-01 Johan Danielsson - - * crypto.m4: newer openssl seems to take the address of the - schedule parameter to des_cbc_encrypt, so we need to feed it a - variable, not just NULL (from Magnus Holmberg) - -2002-05-24 Johan Danielsson - - * misc.m4: change \100 back to @; some m4's (probably some regex) - doesn't like this as a replacement regexp; the reason it was once - changed to \100 was probably because of some autoconf bug at the - time - -2002-05-20 Johan Danielsson - - * broken2.m4 []-less is apparently the way to go - -2002-05-19 Johan Danielsson - - * otp.m4: check db_type instead of precence of dbm_firstkey - - * roken-frag.m4: don't AC_LIBOBJ more than one function at a time - - * find-if-not-broken.m4: s/AC_LIBOBJ/rk_LIBOBJ/ - - * broken2.m4: s/AC_LIBOBJ/rk_LIBOBJ/ - - * broken.m4: s/AC_LIBOBJ/rk_LIBOBJ/ - - * misc.m4: automake can't handle macros passed to AC_LIBOBJ, so - add an alias to it called rk_LIBOBJ; this requires that the - relevant source are manually included in roken/Makefile.am - - * aix.m4: ac_enable --diable-dynamic-afs - - * roken-frag.m4: use AC_LIBOBJ - - * krb-func-getcwd-broken.m4: use AC_LIBOBJ - - * find-if-not-broken.m4: use AC_LIBOBJ - - * broken2.m4: use AC_LIBOBJ - - * broken.m4: use AC_LIBOBJ - - * aix.m4: recognise aix5 - -2002-05-17 Johan Danielsson - - * crypto.m4: am-conditionalise HAVE_OPENSSL - - * db.m4: make it possible to run this twice - - * Makefile.am.common: also install nodist_include_HEADERS - -2002-05-16 Johan Danielsson - - * make-proto.pl: make it possible to redefine the "private" regexp - -2002-05-02 Johan Danielsson - - * db.m4: am_cond HAVE_* - -2002-04-30 Johan Danielsson - - * krb-ipv6.m4: use AC_HELP_STRING; fix logic bug in AC_MSG_RESULT - call - - * test-package.m4: use AC_HELP_STRING - - * roken.m4: use AC_HELP_STRING - - * osfc2.m4: use AC_HELP_STRING - - * mips-abi.m4: use AC_HELP_STRING - - * krb-bigendian.m4: use AC_HELP_STRING - - * db.m4: rework this somewhat; check for db3/4 in subdirs, change - --with to --enable; it should really be possible to point it to - some directory --with-berkeley-db=/foo - - * otp.m4: OTP test - -2002-04-25 Johan Danielsson - - * destdirs.m4: define BINDIR et al - -2002-04-18 Johan Danielsson - - * misc.m4: remove some stuff that is defined elsewhere - - * make-proto.pl: optionally remove __P and parameter names - -2001-11-30 Assar Westerlund - - * roken-frag.m4: move ipv6 tests after -lsocket (to handle Solaris - 8) - -2001-09-29 Assar Westerlund - - * install-catman.sh: handle man pages without SYNOPSIS but looking - for both SYNOPSIS and DESCRIPTION - -2001-09-18 Johan Danielsson - - * roken-frag.m4: include freeaddrinfo if using getaddrinfo - -2001-09-13 Assar Westerlund - - * db.m4: test for the ndbm database really being a .db one - and use it when moving/removing database files - -2001-09-03 Assar Westerlund - - * db.m4: prefer ndbm.h to dbm.h - * roken-frag.m4: check for atexit and on_exit - -2001-09-02 Assar Westerlund - - * check-compile-et.m4: only add /usr/include/et to CPPFLAGS if - it's actually used - -2001-09-01 Assar Westerlund - - * Makefile.am.common (AUTOMAKE_OPTIONS): set 1.4b here so that - users are warned if using earlier automake versions - - * find-func-no-libs2.m4: ignore "no" as a library - another - special case to make it easy to send the result from this macro - into another invocation - -2001-08-30 Assar Westerlund - - * db.m4: check for ndbm functions in db3 library too - -2001-08-29 Jacques Vidrine - - * check-compile-et.m4: Check for already-installed com_err. - * Makefile.am.common: Use the compile_et discovered at - configuration time. - -2001-08-29 Assar Westerlund - - * crypto.m4: use AC_WITH_ALL to allow separate specification of - include and lib - * with-all.m4: new macro for doing --with-foo, --with-foo-include, - and --with-foo-lib in a sensible way - - * find-func-no-libs2.m4: handle both -llib and lib in the second - argument also yes -> "" as a library, to ease callers that send in - results from this macro (this might be a little bit unclean) - -2001-08-28 Assar Westerlund - - * roken-frag.m4: test for issetugid - -2001-08-24 Assar Westerlund - - * Makefile.am.common: change one += to = to AM_CFLAGS to avoid an - error with recent automake - -2001-08-22 Assar Westerlund - - * crypto.m4: SHA1_CTX should be SHA_CTX - -2001-08-21 Assar Westerlund - - * roken-frag.m4: remove all winsock.h - for now, it does more harm than good under cygwin and if it should be - used, the correct conditional needs to be found - from - -2001-08-21 Johan Danielsson - - * check-var.m4: AC_TR_CPP -> AS_TR_CPP to make autoconf 2.52 happy - -2001-08-17 Johan Danielsson - - * krb-ipv6.m4: add test for non-existant in6addr_loopback in AIX - -2001-08-15 Johan Danielsson - - * roken-frag.m4: test for getaddrinfo's that doesn't like numeric - services - - * broken-getaddrinfo.m4: test for getaddrinfo's that doesn't like - numeric services - -2001-08-08 Assar Westerlund - - * db.m4: do a separate test for gdbm/ndbm.h and -lgdbm - -2001-08-05 Assar Westerlund - - * db.m4: ac_cv_funclib_\func can be yes - * db.m4: use AC_FIND_FUNC_NO_LIBS to test in libc - anset cache variables after first attempt at finding dbm_firstkey (how - should this be done?) - * db.m4: do not test for ndbm library when ndbm-db was found in libc - * db.m4: test for ndbm-compatability with db - * db.m4: add forgotten AC_SUBST - * db.m4: first steps towards a new db test - - * roken-frag.m4: remove header files checked by rk_db - -2001-08-05 Assar Westerlund - - * roken-frag.m4: remove header files checked by rk_db - -2001-06-24 Assar Westerlund - - * roken-frag.m4: make sure of building getaddrinfo et al if - missing - -2001-06-20 Johan Danielsson - - * install-catman.sh: try to install links to manpages - -2001-06-19 Assar Westerlund - - * broken-glob.m4: try to handle FreeBSD's GLOB_MAXPATH - -2001-06-18 Johan Danielsson - - * roken-frag.m4: test for getaddrinfo needs netdb.h on Tru64 - -2001-06-17 Assar Westerlund - - * roken-frag.m4 (AC_CHECK_HEADERS): test for random - * roken-frag.m4 (AC_CHECK_HEADERS): test for initstate and - setstate - - * roken-frag.m4 (AC_BROKEN): test for - emalloc,ecalloc,erealloc,estrdup - -2001-05-11 Johan Danielsson - - * roken-frag.m4: bswap{16,32} - -2001-03-26 Assar Westerlund - - * broken-glob.m4: also test for GLOB_LIMIT - * krb-ipv6.m4: restore CFLAGS if v6 is not detected - -2001-02-20 Assar Westerlund - - * roken-frag.m4: check for getprogname, setprogname - -2001-02-07 Assar Westerlund - - * Makefile.am.common (LIB_kdfs): set. use it. from Ake Sandgren - - -2000-12-26 Assar Westerlund - - * krb-ipv6.m4: remove some dnl that weren't the correct with - modern autoconf - -2000-12-15 Assar Westerlund - - * roken-frag.m4 (inet_ntoa, inet_ntop, inet_pton): add necessary - includes when testing - * broken2.m4: new variant of broken, with includes and arguments - - * test-package.m4: s/ifval/m4_ifval/ to keep in sync with - autoconf. from Ake Sandgren - * check-var.m4: s/ifval/m4_ifval/ to keep in sync with autoconf. - from Ake Sandgren - -2000-12-13 Assar Westerlund - - * krb-irix.m4: need to set irix to no first. From Ake Sandgren - - -2000-12-12 Johan Danielsson - - * roken-frag.m4: move sa_len test to before test for broken - getnameinfo - -2000-12-12 Assar Westerlund - - * roken-frag.m4: only test for broken getnameinfo if it exists - -2000-12-10 Johan Danielsson - - * roken-frag.m4: ifaddrs.h - -2000-12-06 Johan Danielsson - - * roken-frag.m4: test for unvis, and vis.h - - * roken-frag.m4: test for strvis* - -2000-12-05 Johan Danielsson - - * Makefile.am.common: just warn if we fail to setuid a program - - * broken-getnameinfo.m4: add more quotes - - * roken-frag.m4: test for getifaddrs - - * roken-frag.m4: test for broken AIX getnameinfo - - * broken-getnameinfo.m4: test for broken getnameinfo - -2000-12-01 Assar Westerlund - - * Makefile.am.common: add kludge for LIBS - -2000-11-30 Johan Danielsson - - * check-man.m4: update this after recent changes - - * Makefile.am.common: use install-catman.sh - - * install-catman.sh: script to install preformatted manual pages - - * Makefile.am.common: change cat handling - -2000-11-29 Johan Danielsson - - * roken-frag.m4: don't use AC_CONFIG_FILES here, since it doesn't - work with automake - -2000-11-15 Assar Westerlund - - * krb-readline.m4: link against the libtool-versions of - libeditline and libel_compat - - * Makefile.am.common (INCLUDES): add $(INCLUDES_roken) - * roken-frag.m4 (CPPFLAGS_roken): rename to INCLUDES_roken - -2000-11-05 Johan Danielsson - - * aix.m4: set aix - -2000-08-19 Assar Westerlund - - * krb-bigendian.m4: merge from arla: make it work better - -2000-08-07 Johan Danielsson - - * roken-frag.m4: check getsockname for proto compat - -2000-08-04 Johan Danielsson - - * Makefile.am.common: add library for pidfile - - * roken-frag.m4: tests for util.h and pidfile - -2000-07-19 Johan Danielsson - - * check-var.m4: rename to rk_CHECK_VAR, transposing the arguments, - and making the second optional, AU_DEFINE AC_CHECK_VAR to - rk_CHECK_VAR - - * roken-frag.m4: other roken tests - - * db.m4: db tests - -2000-07-18 Johan Danielsson - - * mips-abi.m4: AC_ERROR -> AC_MSG_ERROR - - * check-netinet-ip-and-tcp.m4: use cache_check, and make this work - with new autoconf - - * aix.m4: don't subst AFS_EXTRA_LD - -2000-07-15 Johan Danielsson - - * check-var.m4: workaround feature of newer autoconf - - * find-func-no-libs2.m4: use cleaner autoheader trick - - * have-type.m4: use cleaner autoheader trick - - * have-types.m4: use cleaner autoheader trick - - * test-package.m4: add 6th parameter for now - - * broken.m4: use cleaner autoheader trick - - * retsigtype.m4: test for signal handler return type - - * broken-realloc.m4: test for broken realloc - -2000-07-08 Assar Westerlund - - * roken.m4: set CPPFLAGS_roken and call AC_CONFIG_SUBDIRS - -2000-07-02 Assar Westerlund - - * Makefile.am.common (CP): set and use - -2000-04-05 Assar Westerlund - - * Makefile.am.common (INCLUDE_openldap, LIB_openldap): add - -2000-03-28 Assar Westerlund - - * krb-prog-yacc.m4: AC_MSG_WARNING should be AC_MSG_WARN - - * shared-libs.m4: try to update to freebsd5 (and elf) - -2000-03-16 Assar Westerlund - - * krb-prog-yacc.m4: warn we do not find any yacc - -2000-01-08 Assar Westerlund - - * krb-bigendian.m4: new file, replacement for ac_c_bigendian - -2000-01-01 Assar Westerlund - - * krb-ipv6.m4: re-organize: test for type of stack first so that - we can find the libraries that we might have to link the test - program against. not linking the test program means we don't know - if the right stuff is in the libraries. also cosmetic changes to - make sure we print the checking for... nicely - -1999-12-21 Assar Westerlund - - * krb-ipv6.m4: try linking, not only compiling - * krb-ipv6.m4: add --without-ipv6 make sure we have `in6addr_any' - which we use in the code. This test avoids false positives on - OpenBSD - -1999-11-29 Johan Danielsson - - * grok-type.m4: inttypes.h - -1999-11-05 Assar Westerlund - - * check-x.m4: include X_PRE_LIBS and X_EXTRA_LIBS when testing - -1999-11-01 Assar Westerlund - - * Makefile.am.common (install-build-headers): use `cp' instead of - INSTALL_DATA for copying header files inside the build tree. The - user might have redefined INSTALL_DATA to specify owners and other - information. - -1999-10-30 Assar Westerlund - - * find-func-no-libs2.m4: add yet another argument to allow specify - linker flags that will be added _before_ the library when trying - to link - - * find-func-no-libs.m4: add yet another argument to allow specify - linker flags that will be added _before_ the library when trying - to link - -1999-10-12 Assar Westerlund - - * find-func-no-libs2.m4 (AC_FIND_FUNC_NO_LIBS2): new argument - `extra libs' - - * find-func-no-libs.m4 (AC_FIND_FUNC_NO_LIBS): new argument `extra - libs' - -1999-09-01 Johan Danielsson - - * capabilities.m4: sgi capabilities - -1999-07-29 Assar Westerlund - - * have-struct-field.m4: quote macros when undefining - -1999-07-28 Assar Westerlund - - * Makefile.am.common (install-build-headers): add dependencies - -1999-07-24 Assar Westerlund - - * have-type.m4: try to get autoheader to co-operate - - * have-type.m4: stolen from Arla - - * krb-struct-sockaddr-sa-len.m4: not used any longer. removed. - -1999-06-13 Assar Westerlund - - * krb-struct-spwd.m4: consequent name of cache variables - - * krb-func-getlogin.m4: new file for testing for posix (broken) - getlogin - - * shared-libs.m4 (freebsd[34]): don't use ld -Bshareable - -1999-06-02 Johan Danielsson - - * check-x.m4: extended test for X - -1999-05-14 Assar Westerlund - - * check-netinet-ip-and-tcp.m4: proper autoheader tricks - - * check-netinet-ip-and-tcp.m4: new file for checking for - netinet/{ip,tcp}.h. These are special as they on Irix 6.5.3 - require to be included in advance. - - * check-xau.m4: we also need to check for XauFilename since it's - used by appl/kx. And on Irix 6.5 that function requires linking - with -lX11. - -1999-05-08 Assar Westerlund - - * krb-find-db.m4: try with more header files than ndbm.h - -1999-04-19 Assar Westerlund - - * test-package.m4: try to handle the case of --without-package - correctly - -1999-04-17 Assar Westerlund - - * make-aclocal: removed. Not used anymore, being replaced by - aclocal from automake. - -Thu Apr 15 14:17:26 1999 Johan Danielsson - - * make-proto.pl: handle __attribute__ - -Fri Apr 9 20:37:18 1999 Assar Westerlund - - * shared-libs.m4: quote $@ - (freebsd3): add install_symlink_command2 - -Wed Apr 7 20:40:22 1999 Assar Westerlund - - * shared-libs.m4 (hpux): no library dependencies - -Mon Apr 5 16:13:08 1999 Johan Danielsson - - * test-package.m4: compile and link, rather than looking for - files; also export more information, so it's possible to add rpath - information - -Tue Mar 30 13:49:54 1999 Johan Danielsson - - * Makefile.am.common: CFLAGS -> AM_CFLAGS - -Mon Mar 29 16:51:12 1999 Johan Danielsson - - * check-xau.m4: check for XauWriteAuth before checking for - XauReadAuth to catch -lX11:s not containing XauWriteAuth, and IRIX - 6.5 that doesn't work with -lXau - -Sat Mar 27 18:03:58 1999 Johan Danielsson - - * osfc2.m4: --enable-osfc2 - -Fri Mar 19 15:34:52 1999 Johan Danielsson - - * shared-libs.m4: move shared lib stuff here - -Wed Mar 24 23:24:51 1999 Assar Westerlund - - * Makefile.am.common (install-build-headers): simplify loop - -Tue Mar 23 17:31:23 1999 Johan Danielsson - - * check-getpwnam_r-posix.m4: check for getpwnam_r, and if it's - posix or not - -Tue Mar 23 00:00:13 1999 Assar Westerlund - - * Makefile.am.common (install_build_headers): try to make it work - better when list of headers is empty. handle make rewriting the - filenames. - - * Makefile.am.common: hesoid -> hesiod - -Sun Mar 21 14:48:03 1999 Johan Danielsson - - * grok-type.m4: - - * Makefile.am.common: fix for automake bug/feature; add more LIB_* - - * test-package.m4: fix typo - - * check-man.m4: fix some typos - - * auth-modules.m4: tests for authentication modules - -Thu Mar 18 11:02:55 1999 Johan Danielsson - - * Makefile.am.common: make install-build-headers a multi - dependency target - - * Makefile.am.common: remove include_dir hack - - * Makefile.am.common: define LIB_kafs and LIB_gssapi - - * krb-find-db.m4: subst DBLIB also - - * check-xau.m4: test for Xau{Read,Write}Auth - -Wed Mar 10 19:29:20 1999 Johan Danielsson - - * wflags.m4: AC_WFLAGS - -Mon Mar 1 11:23:41 1999 Johan Danielsson - - * have-struct-field.m4: remove extra AC_MSG_RESULT - - * proto-compat.m4: typo - - * krb-func-getcwd-broken.m4: update to autoconf 2.13 - - * krb-find-db.m4: update to autoconf 2.13 - - * check-declaration.m4: typo - - * have-pragma-weak.m4: update to autoconf 2.13 - - * have-struct-field.m4: better handling of types with spaces - -Mon Feb 22 20:05:06 1999 Johan Danielsson - - * broken-glob.m4: check for broken glob - -Sun Jan 31 06:50:33 1999 Assar Westerlund - - * krb-ipv6.m4: more magic for different v6 implementations. From - Jun-ichiro itojun Hagino - -Sun Nov 22 12:16:06 1998 Assar Westerlund - - * krb-struct-spwd.m4: new file - -Thu Jun 4 04:07:41 1998 Assar Westerlund - - * find-func-no-libs2.m4: new file - -Fri May 1 23:31:28 1998 Assar Westerlund - - * c-attribute.m4, c-function.m4: new files (from arla) - -Wed Mar 18 23:11:29 1998 Assar Westerlund - - * krb-ipv6.m4: rename HAVE_STRUCT_SOCKADDR_IN6 to HAVE_IPV6 - -Thu Feb 26 02:37:49 1998 Assar Westerlund - - * make-proto.pl: should work with perl4 - diff --git a/crypto/heimdal/cf/Makefile.am.common b/crypto/heimdal/cf/Makefile.am.common deleted file mode 100644 index bbc79a5ab9df..000000000000 --- a/crypto/heimdal/cf/Makefile.am.common +++ /dev/null @@ -1,249 +0,0 @@ -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -SUFFIXES = .et .h - -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) - -if do_roken_rename -ROKEN_RENAME = -DROKEN_RENAME -endif - -AM_CFLAGS = $(WFLAGS) - -CP = cp - -## set build_HEADERZ to headers that should just be installed in build tree - -buildinclude = $(top_builddir)/include - -## these aren't detected by automake -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_crypt = @LIB_crypt@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_el_init = @LIB_el_init@ -LIB_getattr = @LIB_getattr@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_openpty = @LIB_openpty@ -LIB_pidfile = @LIB_pidfile@ -LIB_res_search = @LIB_res_search@ -LIB_setpcred = @LIB_setpcred@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LIB_com_err = @LIB_com_err@ -LIB_door_create = @LIB_door_create@ - -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -LIB_hesiod = @LIB_hesiod@ - -INCLUDE_krb4 = @INCLUDE_krb4@ -LIB_krb4 = @LIB_krb4@ - -INCLUDE_openldap = @INCLUDE_openldap@ -LIB_openldap = @LIB_openldap@ - -INCLUDE_readline = @INCLUDE_readline@ -LIB_readline = @LIB_readline@ - -LEXLIB = @LEXLIB@ - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -SUFFIXES += .x .z - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ - -SUFFIXES += .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 - -NROFF_MAN = groff -mandoc -Tascii -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -## MAINTAINERCLEANFILES += - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) - -if KRB5 -LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la -LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -endif - -if DCE -LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -endif - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done diff --git a/crypto/heimdal/cf/aix.m4 b/crypto/heimdal/cf/aix.m4 deleted file mode 100644 index 32aeba6a70c2..000000000000 --- a/crypto/heimdal/cf/aix.m4 +++ /dev/null @@ -1,57 +0,0 @@ -dnl -dnl $Id: aix.m4 14147 2004-08-25 14:14:01Z joda $ -dnl - -AC_DEFUN([rk_AIX],[ - -aix=no -case "$host" in -*-*-aix3*) - aix=3 - ;; -*-*-aix4*|*-*-aix5*) - aix=4 - ;; -esac - -AM_CONDITIONAL(AIX, test "$aix" != no)dnl -AM_CONDITIONAL(AIX4, test "$aix" = 4) - - -AC_ARG_ENABLE(dynamic-afs, - AS_HELP_STRING([--disable-dynamic-afs], - [do not use loaded AFS library with AIX])) - -if test "$aix" != no; then - if test "$enable_dynamic_afs" != no; then - AC_REQUIRE([rk_DLOPEN]) - if test "$ac_cv_func_dlopen" = no; then - AC_FIND_FUNC_NO_LIBS(loadquery, ld) - fi - if test "$ac_cv_func_dlopen" != no; then - AIX_EXTRA_KAFS='$(LIB_dlopen)' - elif test "$ac_cv_func_loadquery" != no; then - AIX_EXTRA_KAFS='$(LIB_loadquery)' - else - AC_MSG_NOTICE([not using dynloaded AFS library]) - AIX_EXTRA_KAFS= - enable_dynamic_afs=no - fi - else - AIX_EXTRA_KAFS= - fi -fi - -AM_CONDITIONAL(AIX_DYNAMIC_AFS, test "$enable_dynamic_afs" != no)dnl -AC_SUBST(AIX_EXTRA_KAFS)dnl - -AH_BOTTOM([#if _AIX -#define _ALL_SOURCE -/* XXX this is gross, but kills about a gazillion warnings */ -struct ether_addr; -struct sockaddr; -struct sockaddr_dl; -struct sockaddr_in; -#endif]) - -]) diff --git a/crypto/heimdal/cf/auth-modules.m4 b/crypto/heimdal/cf/auth-modules.m4 deleted file mode 100644 index d2383c6bbde6..000000000000 --- a/crypto/heimdal/cf/auth-modules.m4 +++ /dev/null @@ -1,45 +0,0 @@ -dnl $Id: auth-modules.m4 13338 2004-02-12 14:21:14Z lha $ -dnl -dnl Figure what authentication modules should be built -dnl -dnl rk_AUTH_MODULES(module-list) - -AC_DEFUN([rk_AUTH_MODULES],[ -AC_MSG_CHECKING([which authentication modules should be built]) - -z='m4_ifval([$1], $1, [sia pam afskauthlib])' -LIB_AUTH_SUBDIRS= -for i in $z; do -case $i in -sia) -if test "$ac_cv_header_siad_h" = yes; then - LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS sia" -fi -;; -pam) -case "${host}" in -*-*-freebsd*) ac_cv_want_pam_krb4=no ;; -*) ac_cv_want_pam_krb4=yes ;; -esac - -if test "$ac_cv_want_pam_krb4" = yes -a \ - "$ac_cv_header_security_pam_modules_h" = yes -a \ - "$enable_shared" = yes; then - LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS pam" -fi -;; -afskauthlib) -case "${host}" in -*-*-irix[[56]]*) LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS afskauthlib" ;; -esac -;; -esac -done -if test "$LIB_AUTH_SUBDIRS"; then - AC_MSG_RESULT($LIB_AUTH_SUBDIRS) -else - AC_MSG_RESULT(none) -fi - -AC_SUBST(LIB_AUTH_SUBDIRS)dnl -]) diff --git a/crypto/heimdal/cf/autobuild.m4 b/crypto/heimdal/cf/autobuild.m4 deleted file mode 100644 index bd1f4dc1b0b3..000000000000 --- a/crypto/heimdal/cf/autobuild.m4 +++ /dev/null @@ -1,34 +0,0 @@ -# autobuild.m4 serial 2 (autobuild-3.3) -# Copyright (C) 2004 Simon Josefsson -# -# This file is free software, distributed under the terms of the GNU -# General Public License. As a special exception to the GNU General -# Public License, this file may be distributed as part of a program -# that contains a configuration script generated by Autoconf, under -# the same distribution terms as the rest of that program. -# -# This file can can be used in projects which are not available under -# the GNU General Public License or the GNU Library General Public -# License but which still want to provide support for Autobuild. - -# Usage: AB_INIT([MODE]). -AC_DEFUN([AB_INIT], -[ - AC_REQUIRE([AC_CANONICAL_BUILD]) - AC_REQUIRE([AC_CANONICAL_HOST]) - - AC_MSG_NOTICE([autobuild project... ${PACKAGE_NAME:-$PACKAGE}]) - AC_MSG_NOTICE([autobuild revision... ${PACKAGE_VERSION:-$VERSION}]) - hostname=`hostname` - if test "$hostname"; then - AC_MSG_NOTICE([autobuild hostname... $hostname]) - fi - ifelse([$1],[],,[AC_MSG_NOTICE([autobuild mode... $1])]) - date=`date +%Y%m%d-%H%M%S` - if test "$?" != 0; then - date=`date` - fi - if test "$date"; then - AC_MSG_NOTICE([autobuild timestamp... $date]) - fi -]) diff --git a/crypto/heimdal/cf/broken-getaddrinfo.m4 b/crypto/heimdal/cf/broken-getaddrinfo.m4 deleted file mode 100644 index b8d323c71229..000000000000 --- a/crypto/heimdal/cf/broken-getaddrinfo.m4 +++ /dev/null @@ -1,26 +0,0 @@ -dnl $Id: broken-getaddrinfo.m4 15401 2005-06-16 16:10:50Z lha $ -dnl -dnl test if getaddrinfo can handle numeric services - -AC_DEFUN([rk_BROKEN_GETADDRINFO],[ -AC_CACHE_CHECK([if getaddrinfo handles numeric services], ac_cv_func_getaddrinfo_numserv, -AC_RUN_IFELSE([AC_LANG_SOURCE([[#include -#include -#include -#include - -int -main(int argc, char **argv) -{ - struct addrinfo hints, *ai; - memset(&hints, 0, sizeof(hints)); - hints.ai_flags = AI_PASSIVE; - hints.ai_socktype = SOCK_STREAM; - hints.ai_family = PF_UNSPEC; - if(getaddrinfo(NULL, "17", &hints, &ai) != 0) - return 1; - if(getaddrinfo(NULL, "0", &hints, &ai) != 0) - return 1; - return 0; -} -]])],[ac_cv_func_getaddrinfo_numserv=yes],[ac_cv_func_getaddrinfo_numserv=no]))]) diff --git a/crypto/heimdal/cf/broken-getnameinfo.m4 b/crypto/heimdal/cf/broken-getnameinfo.m4 deleted file mode 100644 index bf2897b2cdd8..000000000000 --- a/crypto/heimdal/cf/broken-getnameinfo.m4 +++ /dev/null @@ -1,28 +0,0 @@ -dnl $Id: broken-getnameinfo.m4,v 1.2.12.1 2004/04/01 07:27:32 joda Exp $ -dnl -dnl test for broken AIX getnameinfo - -AC_DEFUN([rk_BROKEN_GETNAMEINFO],[ -AC_CACHE_CHECK([if getnameinfo is broken], ac_cv_func_getnameinfo_broken, -AC_TRY_RUN([[#include -#include -#include -#include -#include - -int -main(int argc, char **argv) -{ - struct sockaddr_in sin; - char host[256]; - memset(&sin, 0, sizeof(sin)); -#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN - sin.sin_len = sizeof(sin); -#endif - sin.sin_family = AF_INET; - sin.sin_addr.s_addr = 0xffffffff; - sin.sin_port = 0; - return getnameinfo((struct sockaddr*)&sin, sizeof(sin), host, sizeof(host), - NULL, 0, 0); -} -]], ac_cv_func_getnameinfo_broken=no, ac_cv_func_getnameinfo_broken=yes))]) diff --git a/crypto/heimdal/cf/broken-glob.m4 b/crypto/heimdal/cf/broken-glob.m4 deleted file mode 100644 index a27e7ea3be0f..000000000000 --- a/crypto/heimdal/cf/broken-glob.m4 +++ /dev/null @@ -1,29 +0,0 @@ -dnl $Id: broken-glob.m4 14166 2004-08-26 12:35:42Z joda $ -dnl -dnl check for glob(3) -dnl -AC_DEFUN([AC_BROKEN_GLOB],[ -AC_CACHE_CHECK(for working glob, ac_cv_func_glob_working, -ac_cv_func_glob_working=yes -AC_LINK_IFELSE([AC_LANG_PROGRAM([[ -#include -#include ]],[[ -glob(NULL, GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE| -#ifdef GLOB_MAXPATH -GLOB_MAXPATH -#else -GLOB_LIMIT -#endif -, -NULL, NULL); -]])],[:],[ac_cv_func_glob_working=no])) - -if test "$ac_cv_func_glob_working" = yes; then - AC_DEFINE(HAVE_GLOB, 1, [define if you have a glob() that groks - GLOB_BRACE, GLOB_NOCHECK, GLOB_QUOTE, GLOB_TILDE, and GLOB_LIMIT]) -fi -if test "$ac_cv_func_glob_working" = yes; then -AC_NEED_PROTO([#include -#include ],glob) -fi -]) diff --git a/crypto/heimdal/cf/broken-realloc.m4 b/crypto/heimdal/cf/broken-realloc.m4 deleted file mode 100644 index 0b7c4766372c..000000000000 --- a/crypto/heimdal/cf/broken-realloc.m4 +++ /dev/null @@ -1,25 +0,0 @@ -dnl -dnl $Id: broken-realloc.m4 15435 2005-06-16 19:45:52Z lha $ -dnl -dnl Test for realloc that doesn't handle NULL as first parameter -dnl -AC_DEFUN([rk_BROKEN_REALLOC], [ -AC_CACHE_CHECK(if realloc if broken, ac_cv_func_realloc_broken, [ -ac_cv_func_realloc_broken=no -AC_RUN_IFELSE([AC_LANG_SOURCE([[ -#include -#include - -int main(int argc, char **argv) -{ - return realloc(NULL, 17) == NULL; -} -]])],[:], [ac_cv_func_realloc_broken=yes],[:]) -]) -if test "$ac_cv_func_realloc_broken" = yes ; then - AC_DEFINE(BROKEN_REALLOC, 1, [Define if realloc(NULL) doesn't work.]) -fi -AH_BOTTOM([#ifdef BROKEN_REALLOC -#define realloc(X, Y) rk_realloc((X), (Y)) -#endif]) -]) diff --git a/crypto/heimdal/cf/broken-snprintf.m4 b/crypto/heimdal/cf/broken-snprintf.m4 deleted file mode 100644 index 8e2287419f2d..000000000000 --- a/crypto/heimdal/cf/broken-snprintf.m4 +++ /dev/null @@ -1,63 +0,0 @@ -dnl $Id: broken-snprintf.m4 15455 2005-06-16 21:03:43Z lha $ -dnl -AC_DEFUN([AC_BROKEN_SNPRINTF], [ -AC_CACHE_CHECK(for working snprintf,ac_cv_func_snprintf_working, -ac_cv_func_snprintf_working=yes -AC_RUN_IFELSE([AC_LANG_SOURCE([[ -#include -#include -int main(int argc, char **argv) -{ - char foo[[3]]; - snprintf(foo, 2, "12"); - return strcmp(foo, "1") || snprintf(NULL, 0, "%d", 12) != 2; -}]])],[:],[ac_cv_func_snprintf_working=no],[:])) - -if test "$ac_cv_func_snprintf_working" = yes; then - AC_DEFINE_UNQUOTED(HAVE_SNPRINTF, 1, [define if you have a working snprintf]) -fi -if test "$ac_cv_func_snprintf_working" = yes; then -AC_NEED_PROTO([#include ],snprintf) -fi -]) - -AC_DEFUN([AC_BROKEN_VSNPRINTF],[ -AC_CACHE_CHECK(for working vsnprintf,ac_cv_func_vsnprintf_working, -ac_cv_func_vsnprintf_working=yes -AC_RUN_IFELSE([AC_LANG_SOURCE([[ -#include -#include -#include - -int foo(int num, ...) -{ - char bar[[3]]; - va_list arg; - va_start(arg, num); - vsnprintf(bar, 2, "%s", arg); - va_end(arg); - return strcmp(bar, "1"); -} - -int bar(int num, int len, ...) -{ - int r; - va_list arg; - va_start(arg, len); - r = vsnprintf(NULL, 0, "%s", arg); - va_end(arg); - return r != len; -} - -int main(int argc, char **argv) -{ - return foo(0, "12") || bar(0, 2, "12"); -}]])],[:],[ac_cv_func_vsnprintf_working=no],[:])) - -if test "$ac_cv_func_vsnprintf_working" = yes; then - AC_DEFINE_UNQUOTED(HAVE_VSNPRINTF, 1, [define if you have a working vsnprintf]) -fi -if test "$ac_cv_func_vsnprintf_working" = yes; then -AC_NEED_PROTO([#include ],vsnprintf) -fi -]) diff --git a/crypto/heimdal/cf/broken.m4 b/crypto/heimdal/cf/broken.m4 deleted file mode 100644 index 6306ba7176f3..000000000000 --- a/crypto/heimdal/cf/broken.m4 +++ /dev/null @@ -1,12 +0,0 @@ -dnl $Id: broken.m4 11003 2002-05-19 19:37:08Z joda $ -dnl -dnl -dnl Same as AC _REPLACE_FUNCS, just define HAVE_func if found in normal -dnl libraries - -AC_DEFUN([AC_BROKEN], -[AC_FOREACH([rk_func], [$1], - [AC_CHECK_FUNC(rk_func, - [AC_DEFINE_UNQUOTED(AS_TR_CPP(HAVE_[]rk_func), 1, - [Define if you have the function `]rk_func['.])], - [rk_LIBOBJ(rk_func)])])]) diff --git a/crypto/heimdal/cf/broken2.m4 b/crypto/heimdal/cf/broken2.m4 deleted file mode 100644 index 20d5163ac85a..000000000000 --- a/crypto/heimdal/cf/broken2.m4 +++ /dev/null @@ -1,25 +0,0 @@ -dnl $Id: broken2.m4 14181 2004-08-31 12:53:36Z joda $ -dnl -dnl AC_BROKEN but with more arguments - -dnl AC_BROKEN2(func, includes, arguments) -AC_DEFUN([AC_BROKEN2], -[AC_MSG_CHECKING([for $1]) -AC_CACHE_VAL(ac_cv_func_[]$1, -[AC_LINK_IFELSE([AC_LANG_PROGRAM([[$2]],[[ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$1) || defined (__stub___$1) -choke me -#else -$1($3); -#endif -]])], [eval "ac_cv_func_[]$1=yes"], [eval "ac_cv_func_[]$1=no"])]) -if eval "test \"\${ac_cv_func_[]$1}\" = yes"; then - AC_DEFINE_UNQUOTED(AS_TR_CPP(HAVE_[]$1), 1, define) - AC_MSG_RESULT(yes) -else - AC_MSG_RESULT(no) - rk_LIBOBJ($1) -fi]) diff --git a/crypto/heimdal/cf/c-attribute.m4 b/crypto/heimdal/cf/c-attribute.m4 deleted file mode 100644 index 1025538f66f7..000000000000 --- a/crypto/heimdal/cf/c-attribute.m4 +++ /dev/null @@ -1,28 +0,0 @@ -dnl -dnl $Id: c-attribute.m4 14166 2004-08-26 12:35:42Z joda $ -dnl - -dnl -dnl Test for __attribute__ -dnl - -AC_DEFUN([AC_C___ATTRIBUTE__], [ -AC_MSG_CHECKING(for __attribute__) -AC_CACHE_VAL(ac_cv___attribute__, [ -AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include -static void foo(void) __attribute__ ((noreturn)); - -static void -foo(void) -{ - exit(1); -} -]])], -[ac_cv___attribute__=yes], -[ac_cv___attribute__=no])]) -if test "$ac_cv___attribute__" = "yes"; then - AC_DEFINE(HAVE___ATTRIBUTE__, 1, [define if your compiler has __attribute__]) -fi -AC_MSG_RESULT($ac_cv___attribute__) -]) - diff --git a/crypto/heimdal/cf/c-function.m4 b/crypto/heimdal/cf/c-function.m4 deleted file mode 100644 index cb39705e8694..000000000000 --- a/crypto/heimdal/cf/c-function.m4 +++ /dev/null @@ -1,33 +0,0 @@ -dnl -dnl $Id: c-function.m4 15422 2005-06-16 18:59:29Z lha $ -dnl - -dnl -dnl Test for __FUNCTION__ -dnl - -AC_DEFUN([AC_C___FUNCTION__], [ -AC_MSG_CHECKING(for __FUNCTION__) -AC_CACHE_VAL(ac_cv___function__, [ -AC_RUN_IFELSE([AC_LANG_SOURCE([[ -#include - -static char *foo(void) -{ - return __FUNCTION__; -} - -int main(int argc, char **argc) -{ - return strcmp(foo(), "foo") != 0; -} -]])], -[ac_cv___function__=yes], -[ac_cv___function__=no], -[ac_cv___function__=no])]) -if test "$ac_cv___function__" = "yes"; then - AC_DEFINE(HAVE___FUNCTION__, 1, [define if your compiler has __FUNCTION__]) -fi -AC_MSG_RESULT($ac_cv___function__) -]) - diff --git a/crypto/heimdal/cf/capabilities.m4 b/crypto/heimdal/cf/capabilities.m4 deleted file mode 100644 index 12cbef81b417..000000000000 --- a/crypto/heimdal/cf/capabilities.m4 +++ /dev/null @@ -1,14 +0,0 @@ -dnl -dnl $Id: capabilities.m4 13338 2004-02-12 14:21:14Z lha $ -dnl - -dnl -dnl Test SGI capabilities -dnl - -AC_DEFUN([KRB_CAPABILITIES],[ - -AC_CHECK_HEADERS(capability.h sys/capability.h) - -AC_CHECK_FUNCS(sgi_getcapabilitybyname cap_set_proc) -]) diff --git a/crypto/heimdal/cf/check-compile-et.m4 b/crypto/heimdal/cf/check-compile-et.m4 deleted file mode 100644 index 583abdf7099c..000000000000 --- a/crypto/heimdal/cf/check-compile-et.m4 +++ /dev/null @@ -1,109 +0,0 @@ -dnl $Id: check-compile-et.m4 19252 2006-12-06 13:32:55Z lha $ -dnl -dnl CHECK_COMPILE_ET -AC_DEFUN([CHECK_COMPILE_ET], [ - -AC_CHECK_PROG(COMPILE_ET, compile_et, [compile_et]) - -krb_cv_compile_et="no" -krb_cv_com_err_need_r="" -krb_cv_compile_et_cross=no -if test "${COMPILE_ET}" = "compile_et"; then - -dnl We have compile_et. Now let's see if it supports `prefix' and `index'. -AC_MSG_CHECKING(whether compile_et has the features we need) -cat > conftest_et.et <<'EOF' -error_table test conf -prefix CONFTEST -index 1 -error_code CODE1, "CODE1" -index 128 -error_code CODE2, "CODE2" -end -EOF -if ${COMPILE_ET} conftest_et.et >/dev/null 2>&1; then - dnl XXX Some systems have . - save_CPPFLAGS="${CPPFLAGS}" - if test -d "/usr/include/et"; then - CPPFLAGS="-I/usr/include/et ${CPPFLAGS}" - fi - dnl Check that the `prefix' and `index' directives were honored. - AC_RUN_IFELSE([ -#include -#include -#include "conftest_et.h" -int main(int argc, char **argv){ -#ifndef ERROR_TABLE_BASE_conf -#error compile_et does not handle error_table N M -#endif -return (CONFTEST_CODE2 - CONFTEST_CODE1) != 127;} - ], [krb_cv_compile_et="yes"],[CPPFLAGS="${save_CPPFLAGS}"], - [krb_cv_compile_et="yes" krb_cv_compile_et_cross=yes] ) -fi -AC_MSG_RESULT(${krb_cv_compile_et}) -if test "${krb_cv_compile_et}" = "yes" -a "${krb_cv_compile_et_cross}" = no; then - AC_MSG_CHECKING([for if com_err generates a initialize_conf_error_table_r]) - AC_EGREP_CPP([initialize_conf_error_table_r.*struct et_list], - [#include "conftest_et.h"], - [krb_cv_com_err_need_r="ok"]) - if test X"$krb_cv_com_err_need_r" = X ; then - AC_MSG_RESULT(no) - krb_cv_compile_et=no - else - AC_MSG_RESULT(yes) - fi -fi -rm -fr conftest* -fi - -if test "${krb_cv_compile_et_cross}" = yes ; then - krb_cv_com_err="cross" -elif test "${krb_cv_compile_et}" = "yes"; then - dnl Since compile_et seems to work, let's check libcom_err - krb_cv_save_LIBS="${LIBS}" - LIBS="${LIBS} -lcom_err" - AC_MSG_CHECKING(for com_err) - AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]],[[ - const char *p; - p = error_message(0); - initialize_error_table_r(0,0,0,0); - ]])],[krb_cv_com_err="yes"],[krb_cv_com_err="no"; CPPFLAGS="${save_CPPFLAGS}"]) - AC_MSG_RESULT(${krb_cv_com_err}) - LIBS="${krb_cv_save_LIBS}" -else - dnl Since compile_et doesn't work, forget about libcom_err - krb_cv_com_err="no" -fi - -dnl Only use the system's com_err if we found compile_et, libcom_err, and -dnl com_err.h. -if test "${krb_cv_com_err}" = "yes"; then - DIR_com_err="" - LIB_com_err="-lcom_err" - LIB_com_err_a="" - LIB_com_err_so="" - AC_MSG_NOTICE(Using the already-installed com_err) - localcomerr=no -elif test "${krb_cv_com_err}" = "cross"; then - DIR_com_err="com_err" - LIB_com_err="\$(top_builddir)/lib/com_err/libcom_err.la" - LIB_com_err_a="\$(top_builddir)/lib/com_err/.libs/libcom_err.a" - LIB_com_err_so="\$(top_builddir)/lib/com_err/.libs/libcom_err.so" - AC_MSG_NOTICE(Using our own com_err with toolchain compile_et) - localcomerr=yes -else - COMPILE_ET="\$(top_builddir)/lib/com_err/compile_et" - DIR_com_err="com_err" - LIB_com_err="\$(top_builddir)/lib/com_err/libcom_err.la" - LIB_com_err_a="\$(top_builddir)/lib/com_err/.libs/libcom_err.a" - LIB_com_err_so="\$(top_builddir)/lib/com_err/.libs/libcom_err.so" - AC_MSG_NOTICE(Using our own com_err) - localcomerr=yes -fi -AM_CONDITIONAL(COM_ERR, test "$localcomerr" = yes)dnl -AC_SUBST(DIR_com_err) -AC_SUBST(LIB_com_err) -AC_SUBST(LIB_com_err_a) -AC_SUBST(LIB_com_err_so) - -]) diff --git a/crypto/heimdal/cf/check-declaration.m4 b/crypto/heimdal/cf/check-declaration.m4 deleted file mode 100644 index 18bdf8a7a0ab..000000000000 --- a/crypto/heimdal/cf/check-declaration.m4 +++ /dev/null @@ -1,25 +0,0 @@ -dnl $Id: check-declaration.m4,v 1.3.34.1 2004/04/01 07:27:32 joda Exp $ -dnl -dnl -dnl Check if we need the declaration of a variable -dnl - -dnl AC_HAVE_DECLARATION(includes, variable) -AC_DEFUN([AC_CHECK_DECLARATION], [ -AC_MSG_CHECKING([if $2 is properly declared]) -AC_CACHE_VAL(ac_cv_var_$2_declaration, [ -AC_TRY_COMPILE([$1 -extern struct { int foo; } $2;], -[$2.foo = 1;], -eval "ac_cv_var_$2_declaration=no", -eval "ac_cv_var_$2_declaration=yes") -]) - -define(foo, [HAVE_]translit($2, [a-z], [A-Z])[_DECLARATION]) - -AC_MSG_RESULT($ac_cv_var_$2_declaration) -if eval "test \"\$ac_cv_var_$2_declaration\" = yes"; then - AC_DEFINE(foo, 1, [define if your system declares $2]) -fi -undefine([foo]) -]) diff --git a/crypto/heimdal/cf/check-getpwnam_r-posix.m4 b/crypto/heimdal/cf/check-getpwnam_r-posix.m4 deleted file mode 100644 index bb7e38859a25..000000000000 --- a/crypto/heimdal/cf/check-getpwnam_r-posix.m4 +++ /dev/null @@ -1,25 +0,0 @@ -dnl $Id: check-getpwnam_r-posix.m4 15435 2005-06-16 19:45:52Z lha $ -dnl -dnl check for getpwnam_r, and if it's posix or not - -AC_DEFUN([AC_CHECK_GETPWNAM_R_POSIX],[ -AC_FIND_FUNC_NO_LIBS(getpwnam_r,c_r) -if test "$ac_cv_func_getpwnam_r" = yes; then - AC_CACHE_CHECK(if getpwnam_r is posix,ac_cv_func_getpwnam_r_posix, - ac_libs="$LIBS" - LIBS="$LIBS $LIB_getpwnam_r" - AC_RUN_IFELSE([AC_LANG_SOURCE([[ -#define _POSIX_PTHREAD_SEMANTICS -#include -int main(int argc, char **argv) -{ - struct passwd pw, *pwd; - return getpwnam_r("", &pw, NULL, 0, &pwd) < 0; -} -]])],[ac_cv_func_getpwnam_r_posix=yes],[ac_cv_func_getpwnam_r_posix=no],[:]) -LIBS="$ac_libs") -if test "$ac_cv_func_getpwnam_r_posix" = yes; then - AC_DEFINE(POSIX_GETPWNAM_R, 1, [Define if getpwnam_r has POSIX flavour.]) -fi -fi -]) \ No newline at end of file diff --git a/crypto/heimdal/cf/check-man.m4 b/crypto/heimdal/cf/check-man.m4 deleted file mode 100644 index 7538cc82d7af..000000000000 --- a/crypto/heimdal/cf/check-man.m4 +++ /dev/null @@ -1,58 +0,0 @@ -dnl $Id: check-man.m4 13338 2004-02-12 14:21:14Z lha $ -dnl check how to format manual pages -dnl - -AC_DEFUN([rk_CHECK_MAN], -[AC_PATH_PROG(NROFF, nroff) -AC_PATH_PROG(GROFF, groff) -AC_CACHE_CHECK(how to format man pages,ac_cv_sys_man_format, -[cat > conftest.1 << END -.Dd January 1, 1970 -.Dt CONFTEST 1 -.Sh NAME -.Nm conftest -.Nd -foobar -END - -if test "$NROFF" ; then - for i in "-mdoc" "-mandoc"; do - if "$NROFF" $i conftest.1 2> /dev/null | \ - grep Jan > /dev/null 2>&1 ; then - ac_cv_sys_man_format="$NROFF $i" - break - fi - done -fi -if test "$ac_cv_sys_man_format" = "" -a "$GROFF" ; then - for i in "-mdoc" "-mandoc"; do - if "$GROFF" -Tascii $i conftest.1 2> /dev/null | \ - grep Jan > /dev/null 2>&1 ; then - ac_cv_sys_man_format="$GROFF -Tascii $i" - break - fi - done -fi -if test "$ac_cv_sys_man_format"; then - ac_cv_sys_man_format="$ac_cv_sys_man_format \[$]< > \[$]@" -fi -]) -if test "$ac_cv_sys_man_format"; then - CATMAN="$ac_cv_sys_man_format" - AC_SUBST(CATMAN) -fi -AM_CONDITIONAL(CATMAN, test "$CATMAN") -AC_CACHE_CHECK(extension of pre-formatted manual pages,ac_cv_sys_catman_ext, -[if grep _suffix /etc/man.conf > /dev/null 2>&1; then - ac_cv_sys_catman_ext=0 -else - ac_cv_sys_catman_ext=number -fi -]) -if test "$ac_cv_sys_catman_ext" = number; then - CATMANEXT='$$section' -else - CATMANEXT=0 -fi -AC_SUBST(CATMANEXT) -]) \ No newline at end of file diff --git a/crypto/heimdal/cf/check-netinet-ip-and-tcp.m4 b/crypto/heimdal/cf/check-netinet-ip-and-tcp.m4 deleted file mode 100644 index 64bb8f139de7..000000000000 --- a/crypto/heimdal/cf/check-netinet-ip-and-tcp.m4 +++ /dev/null @@ -1,33 +0,0 @@ -dnl -dnl $Id: check-netinet-ip-and-tcp.m4 14162 2004-08-26 11:27:32Z joda $ -dnl - -dnl extra magic check for netinet/{ip.h,tcp.h} because on irix 6.5.3 -dnl you have to include standards.h before including these files - -AC_DEFUN([CHECK_NETINET_IP_AND_TCP], -[ -AC_CHECK_HEADERS(standards.h) -for i in netinet/ip.h netinet/tcp.h; do - -cv=`echo "$i" | sed 'y%./+-%__p_%'` - -AC_CACHE_CHECK([for $i],ac_cv_header_$cv, -[AC_PREPROC_IFELSE([AC_LANG_SOURCE([[ -#ifdef HAVE_STANDARDS_H -#include -#endif -#include <$i> -]])], -[eval "ac_cv_header_$cv=yes"], -[eval "ac_cv_header_$cv=no"])]) -ac_res=`eval echo \\$ac_cv_header_$cv` -if test "$ac_res" = yes; then - ac_tr_hdr=HAVE_`echo $i | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` - AC_DEFINE_UNQUOTED($ac_tr_hdr, 1) -fi -done -if false;then - AC_CHECK_HEADERS(netinet/ip.h netinet/tcp.h) -fi -]) diff --git a/crypto/heimdal/cf/check-type-extra.m4 b/crypto/heimdal/cf/check-type-extra.m4 deleted file mode 100644 index 2778a9d76f13..000000000000 --- a/crypto/heimdal/cf/check-type-extra.m4 +++ /dev/null @@ -1,23 +0,0 @@ -dnl $Id: check-type-extra.m4 13338 2004-02-12 14:21:14Z lha $ -dnl -dnl ac_check_type + extra headers - -dnl AC_CHECK_TYPE_EXTRA(TYPE, DEFAULT, HEADERS) -AC_DEFUN([AC_CHECK_TYPE_EXTRA], -[AC_REQUIRE([AC_HEADER_STDC])dnl -AC_MSG_CHECKING(for $1) -AC_CACHE_VAL(ac_cv_type_$1, -[AC_EGREP_CPP(dnl -changequote(<<,>>)dnl -<<$1[^a-zA-Z_0-9]>>dnl -changequote([,]), [#include -#if STDC_HEADERS -#include -#include -#endif -$3], ac_cv_type_$1=yes, ac_cv_type_$1=no)])dnl -AC_MSG_RESULT($ac_cv_type_$1) -if test $ac_cv_type_$1 = no; then - AC_DEFINE($1, $2, [Define this to what the type $1 should be.]) -fi -]) diff --git a/crypto/heimdal/cf/check-var.m4 b/crypto/heimdal/cf/check-var.m4 deleted file mode 100644 index 1e6846593b08..000000000000 --- a/crypto/heimdal/cf/check-var.m4 +++ /dev/null @@ -1,27 +0,0 @@ -dnl $Id: check-var.m4 15422 2005-06-16 18:59:29Z lha $ -dnl -dnl rk_CHECK_VAR(variable, includes) -AC_DEFUN([rk_CHECK_VAR], [ -AC_MSG_CHECKING(for $1) -AC_CACHE_VAL(ac_cv_var_$1, [ -m4_ifval([$2],[ - AC_LINK_IFELSE([AC_LANG_PROGRAM([[$2 - void * foo(void) { return &$1; }]],[[foo()]])], - [ac_cv_var_$1=yes],[ac_cv_var_$1=no])]) -if test "$ac_cv_var_$1" != yes ; then -AC_LINK_IFELSE([AC_LANG_PROGRAM([[extern int $1; -int foo(void) { return $1; }]],[[foo()]])], - [ac_cv_var_$1=yes],[ac_cv_var_$1=no]) -fi -]) -ac_foo=`eval echo \\$ac_cv_var_$1` -AC_MSG_RESULT($ac_foo) -if test "$ac_foo" = yes; then - AC_DEFINE_UNQUOTED(AS_TR_CPP(HAVE_[]$1), 1, - [Define if you have the `]$1[' variable.]) - m4_ifval([$2], AC_CHECK_DECLS([$1],[],[],[$2])) -fi -]) - -AC_WARNING_ENABLE([obsolete]) -AU_DEFUN([AC_CHECK_VAR], [rk_CHECK_VAR([$2], [$1])], [foo]) diff --git a/crypto/heimdal/cf/check-x.m4 b/crypto/heimdal/cf/check-x.m4 deleted file mode 100644 index 07f7e2d80f59..000000000000 --- a/crypto/heimdal/cf/check-x.m4 +++ /dev/null @@ -1,53 +0,0 @@ -dnl -dnl See if there is any X11 present -dnl -dnl $Id: check-x.m4 15435 2005-06-16 19:45:52Z lha $ - -AC_DEFUN([KRB_CHECK_X],[ -AC_PATH_XTRA - -# try to figure out if we need any additional ld flags, like -R -# and yes, the autoconf X test is utterly broken -if test "$no_x" != yes; then - AC_CACHE_CHECK(for special X linker flags,krb_cv_sys_x_libs_rpath,[ - ac_save_libs="$LIBS" - ac_save_cflags="$CFLAGS" - CFLAGS="$CFLAGS $X_CFLAGS" - krb_cv_sys_x_libs_rpath="" - krb_cv_sys_x_libs="" - for rflag in "" "-R" "-R " "-rpath "; do - if test "$rflag" = ""; then - foo="$X_LIBS" - else - foo="" - for flag in $X_LIBS; do - case $flag in - -L*) - foo="$foo $flag `echo $flag | sed \"s/-L/$rflag/\"`" - ;; - *) - foo="$foo $flag" - ;; - esac - done - fi - LIBS="$ac_save_libs $foo $X_PRE_LIBS -lX11 $X_EXTRA_LIBS" - AC_RUN_IFELSE([ - #include - foo(void) - { - XOpenDisplay(NULL); - } - main(int argc, char **argv) - { - return 0; - } - ],krb_cv_sys_x_libs_rpath="$rflag"; krb_cv_sys_x_libs="$foo"; break,:, - krb_cv_sys_x_libs_rpath="" ; krb_cv_sys_x_libs="" ; break) - done - LIBS="$ac_save_libs" - CFLAGS="$ac_save_cflags" - ]) - X_LIBS="$krb_cv_sys_x_libs" -fi -]) diff --git a/crypto/heimdal/cf/check-xau.m4 b/crypto/heimdal/cf/check-xau.m4 deleted file mode 100644 index 4d416fd19ac6..000000000000 --- a/crypto/heimdal/cf/check-xau.m4 +++ /dev/null @@ -1,64 +0,0 @@ -dnl $Id: check-xau.m4 15454 2005-06-16 21:02:16Z lha $ -dnl -dnl check for Xau{Read,Write}Auth and XauFileName -dnl -AC_DEFUN([AC_CHECK_XAU],[ -save_CFLAGS="$CFLAGS" -CFLAGS="$X_CFLAGS $CFLAGS" -save_LIBS="$LIBS" -dnl LIBS="$X_LIBS $X_PRE_LIBS $X_EXTRA_LIBS $LIBS" -LIBS="$X_PRE_LIBS $X_EXTRA_LIBS $LIBS" -save_LDFLAGS="$LDFLAGS" -LDFLAGS="$LDFLAGS $X_LIBS" - -## check for XauWriteAuth first, so we detect the case where -## XauReadAuth is in -lX11, but XauWriteAuth is only in -lXau this -## could be done by checking for XauReadAuth in -lXau first, but this -## breaks in IRIX 6.5 - -AC_FIND_FUNC_NO_LIBS(XauWriteAuth, X11 Xau,[#include ],[0,0]) -ac_xxx="$LIBS" -LIBS="$LIB_XauWriteAuth $LIBS" -AC_FIND_FUNC_NO_LIBS(XauReadAuth, X11 Xau,[#include ],[0]) -LIBS="$LIB_XauReadAauth $LIBS" -AC_FIND_FUNC_NO_LIBS(XauFileName, X11 Xau,[#include ]) -LIBS="$ac_xxx" - -## set LIB_XauReadAuth to union of these tests, since this is what the -## Makefiles are using -case "$ac_cv_funclib_XauWriteAuth" in -yes) ;; -no) ;; -*) if test "$ac_cv_funclib_XauReadAuth" = yes; then - if test "$ac_cv_funclib_XauFileName" = yes; then - LIB_XauReadAuth="$LIB_XauWriteAuth" - else - LIB_XauReadAuth="$LIB_XauWriteAuth $LIB_XauFileName" - fi - else - if test "$ac_cv_funclib_XauFileName" = yes; then - LIB_XauReadAuth="$LIB_XauReadAuth $LIB_XauWriteAuth" - else - LIB_XauReadAuth="$LIB_XauReadAuth $LIB_XauWriteAuth $LIB_XauFileName" - fi - fi - ;; -esac - -if test "$AUTOMAKE" != ""; then - AM_CONDITIONAL(NEED_WRITEAUTH, test "$ac_cv_func_XauWriteAuth" != "yes") -else - AC_SUBST(NEED_WRITEAUTH_TRUE) - AC_SUBST(NEED_WRITEAUTH_FALSE) - if test "$ac_cv_func_XauWriteAuth" != "yes"; then - NEED_WRITEAUTH_TRUE= - NEED_WRITEAUTH_FALSE='#' - else - NEED_WRITEAUTH_TRUE='#' - NEED_WRITEAUTH_FALSE= - fi -fi -CFLAGS=$save_CFLAGS -LIBS=$save_LIBS -LDFLAGS=$save_LDFLAGS -]) diff --git a/crypto/heimdal/cf/crypto.m4 b/crypto/heimdal/cf/crypto.m4 deleted file mode 100644 index 69b2fc963c31..000000000000 --- a/crypto/heimdal/cf/crypto.m4 +++ /dev/null @@ -1,177 +0,0 @@ -dnl $Id: crypto.m4 22080 2007-11-16 11:10:54Z lha $ -dnl -dnl test for crypto libraries: -dnl - libcrypto (from openssl) -dnl - own-built libhcrypto - -m4_define([test_headers], [ - #undef KRB5 /* makes md4.h et al unhappy */ - #ifdef HAVE_OPENSSL - #ifdef HAVE_SYS_TYPES_H - #include - #endif - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #else - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #endif - ]) -m4_define([test_body], [ - void *schedule = 0; - MD4_CTX md4; - MD5_CTX md5; - SHA_CTX sha1; - SHA256_CTX sha256; - - MD4_Init(&md4); - MD5_Init(&md5); - SHA1_Init(&sha1); - SHA256_Init(&sha256); - EVP_CIPHER_iv_length(((EVP_CIPHER*)0)); - #ifdef HAVE_OPENSSL - RAND_status(); - UI_UTIL_read_pw_string(0,0,0,0); - #endif - - OpenSSL_add_all_algorithms(); - AES_encrypt(0,0,0); - DES_cbc_encrypt(0, 0, 0, schedule, 0, 0); - RC4(0, 0, 0, 0);]) - - -AC_DEFUN([KRB_CRYPTO],[ -crypto_lib=unknown -AC_WITH_ALL([openssl]) - -DIR_hcrypto= - -AC_MSG_CHECKING([for crypto library]) - -openssl=no - -if test "$crypto_lib" = "unknown" -a "$with_krb4" != "no"; then - save_CPPFLAGS="$CPPFLAGS" - save_LIBS="$LIBS" - - cdirs= clibs= - for i in $LIB_krb4; do - case "$i" in - -L*) cdirs="$cdirs $i";; - -l*) clibs="$clibs $i";; - esac - done - - ires= - for i in $INCLUDE_krb4; do - CFLAGS="-DHAVE_OPENSSL $i $save_CFLAGS" - for j in $cdirs; do - for k in $clibs; do - LIBS="$j $k $save_LIBS" - AC_LINK_IFELSE([AC_LANG_PROGRAM([test_headers], - [test_body])], - [openssl=yes ires="$i" lres="$j $k"; break 3]) - done - done - CFLAGS="$i $save_CFLAGS" - for j in $cdirs; do - for k in $clibs; do - LIBS="$j $k $save_LIBS" - AC_LINK_IFELSE([AC_LANG_PROGRAM([test_headers],[test_body])], - [openssl=no ires="$i" lres="$j $k"; break 3]) - done - done - done - - CFLAGS="$save_CFLAGS" - LIBS="$save_LIBS" - if test "$ires" -a "$lres"; then - INCLUDE_hcrypto="$ires" - LIB_hcrypto="$lres" - crypto_lib=krb4 - AC_MSG_RESULT([same as krb4]) - LIB_hcrypto_a='$(LIB_hcrypto)' - LIB_hcrypto_so='$(LIB_hcrypto)' - LIB_hcrypto_appl='$(LIB_hcrypto)' - fi -fi - -if test "$crypto_lib" = "unknown" -a "$with_openssl" != "no"; then - save_CFLAGS="$CFLAGS" - save_LIBS="$LIBS" - INCLUDE_hcrypto= - LIB_hcrypto= - if test "$with_openssl_include" != ""; then - INCLUDE_hcrypto="-I${with_openssl_include}" - fi - if test "$with_openssl_lib" != ""; then - LIB_hcrypto="-L${with_openssl_lib}" - fi - CFLAGS="-DHAVE_OPENSSL ${INCLUDE_hcrypto} ${CFLAGS}" - saved_LIB_hcrypto="$LIB_hcrypto" - for lres in "" "-ldl" "-lnsl -lsocket" "-lnsl -lsocket -ldl"; do - LIB_hcrypto="${saved_LIB_hcrypto} -lcrypto $lres" - LIB_hcrypto_a="$LIB_hcrypto" - LIB_hcrypto_so="$LIB_hcrypto" - LIB_hcrypto_appl="$LIB_hcrypto" - LIBS="${LIBS} ${LIB_hcrypto}" - AC_LINK_IFELSE([AC_LANG_PROGRAM([test_headers],[test_body])], [ - crypto_lib=libcrypto openssl=yes - AC_MSG_RESULT([libcrypto]) - ]) - if test "$crypto_lib" = libcrypto ; then - break; - fi - done - CFLAGS="$save_CFLAGS" - LIBS="$save_LIBS" -fi - -if test "$crypto_lib" = "unknown"; then - - DIR_hcrypto='hcrypto' - LIB_hcrypto='$(top_builddir)/lib/hcrypto/libhcrypto.la' - LIB_hcrypto_a='$(top_builddir)/lib/hcrypto/.libs/libhcrypto.a' - LIB_hcrypto_so='$(top_builddir)/lib/hcrypto/.libs/libhcrypto.so' - LIB_hcrypto_appl="-lhcrypto" - - AC_MSG_RESULT([included libhcrypto]) - -fi - -if test "$with_krb4" != no -a "$crypto_lib" != krb4; then - AC_MSG_ERROR([the crypto library used by krb4 lacks features -required by Kerberos 5; to continue, you need to install a newer -Kerberos 4 or configure --without-krb4]) -fi - -if test "$openssl" = "yes"; then - AC_DEFINE([HAVE_OPENSSL], 1, [define to use openssl's libcrypto]) -fi -AM_CONDITIONAL(HAVE_OPENSSL, test "$openssl" = yes)dnl - -AC_SUBST(DIR_hcrypto) -AC_SUBST(INCLUDE_hcrypto) -AC_SUBST(LIB_hcrypto) -AC_SUBST(LIB_hcrypto_a) -AC_SUBST(LIB_hcrypto_so) -AC_SUBST(LIB_hcrypto_appl) -]) diff --git a/crypto/heimdal/cf/db.m4 b/crypto/heimdal/cf/db.m4 deleted file mode 100644 index cc8b8cae40e9..000000000000 --- a/crypto/heimdal/cf/db.m4 +++ /dev/null @@ -1,211 +0,0 @@ -dnl $Id: db.m4 15456 2005-06-16 21:04:43Z lha $ -dnl -dnl tests for various db libraries -dnl -AC_DEFUN([rk_DB],[ -AC_ARG_ENABLE(berkeley-db, - AS_HELP_STRING([--disable-berkeley-db], - [if you don't want berkeley db]),[ -]) - -AC_ARG_ENABLE(ndbm-db, - AS_HELP_STRING([--disable-ndbm-db], - [if you don't want ndbm db]),[ -]) - -have_ndbm=no -db_type=unknown - -if test "$enable_berkeley_db" != no; then - - AC_CHECK_HEADERS([ \ - db4/db.h \ - db3/db.h \ - db.h \ - db_185.h \ - ]) - -dnl db_create is used by db3 and db4 - - AC_FIND_FUNC_NO_LIBS(db_create, db4 db3 db, [ - #include - #ifdef HAVE_DB4_DB_H - #include - #elif defined(HAVE_DB3_DB_H) - #include - #else - #include - #endif - ],[NULL, NULL, 0]) - - if test "$ac_cv_func_db_create" = "yes"; then - db_type=db3 - if test "$ac_cv_funclib_db_create" != "yes"; then - DBLIB="$ac_cv_funclib_db_create" - else - DBLIB="" - fi - AC_DEFINE(HAVE_DB3, 1, [define if you have a berkeley db3/4 library]) - else - -dnl dbopen is used by db1/db2 - - AC_FIND_FUNC_NO_LIBS(dbopen, db2 db, [ - #include - #if defined(HAVE_DB2_DB_H) - #include - #elif defined(HAVE_DB_185_H) - #include - #elif defined(HAVE_DB_H) - #include - #else - #error no db.h - #endif - ],[NULL, 0, 0, 0, NULL]) - - if test "$ac_cv_func_dbopen" = "yes"; then - db_type=db1 - if test "$ac_cv_funclib_dbopen" != "yes"; then - DBLIB="$ac_cv_funclib_dbopen" - else - DBLIB="" - fi - AC_DEFINE(HAVE_DB1, 1, [define if you have a berkeley db1/2 library]) - fi - fi - -dnl test for ndbm compatability - - if test "$ac_cv_func_dbm_firstkey" != yes; then - AC_FIND_FUNC_NO_LIBS2(dbm_firstkey, $ac_cv_funclib_dbopen $ac_cv_funclib_db_create, [ - #include - #define DB_DBM_HSEARCH 1 - #include - DBM *dbm; - ],[NULL]) - - if test "$ac_cv_func_dbm_firstkey" = "yes"; then - if test "$ac_cv_funclib_dbm_firstkey" != "yes"; then - LIB_NDBM="$ac_cv_funclib_dbm_firstkey" - else - LIB_NDBM="" - fi - AC_DEFINE(HAVE_DB_NDBM, 1, [define if you have ndbm compat in db]) - AC_DEFINE(HAVE_NEW_DB, 1, [Define if NDBM really is DB (creates files *.db)]) - else - $as_unset ac_cv_func_dbm_firstkey - $as_unset ac_cv_funclib_dbm_firstkey - fi - fi - -fi # berkeley db - -if test "$enable_ndbm_db" != "no"; then - - if test "$db_type" = "unknown" -o "$ac_cv_func_dbm_firstkey" = ""; then - - AC_CHECK_HEADERS([ \ - dbm.h \ - ndbm.h \ - ]) - - AC_FIND_FUNC_NO_LIBS(dbm_firstkey, ndbm, [ - #include - #if defined(HAVE_NDBM_H) - #include - #elif defined(HAVE_DBM_H) - #include - #endif - DBM *dbm; - ],[NULL]) - - if test "$ac_cv_func_dbm_firstkey" = "yes"; then - if test "$ac_cv_funclib_dbm_firstkey" != "yes"; then - LIB_NDBM="$ac_cv_funclib_dbm_firstkey" - else - LIB_NDBM="" - fi - AC_DEFINE(HAVE_NDBM, 1, [define if you have a ndbm library])dnl - have_ndbm=yes - if test "$db_type" = "unknown"; then - db_type=ndbm - DBLIB="$LIB_NDBM" - fi - else - - $as_unset ac_cv_func_dbm_firstkey - $as_unset ac_cv_funclib_dbm_firstkey - - AC_CHECK_HEADERS([ \ - gdbm/ndbm.h \ - ]) - - AC_FIND_FUNC_NO_LIBS(dbm_firstkey, gdbm, [ - #include - #include - DBM *dbm; - ],[NULL]) - - if test "$ac_cv_func_dbm_firstkey" = "yes"; then - if test "$ac_cv_funclib_dbm_firstkey" != "yes"; then - LIB_NDBM="$ac_cv_funclib_dbm_firstkey" - else - LIB_NDBM="" - fi - AC_DEFINE(HAVE_NDBM, 1, [define if you have a ndbm library])dnl - have_ndbm=yes - if test "$db_type" = "unknown"; then - db_type=ndbm - DBLIB="$LIB_NDBM" - fi - fi - fi - fi #enable_ndbm_db -fi # unknown - -if test "$have_ndbm" = "yes"; then - AC_MSG_CHECKING([if ndbm is implemented with db]) - AC_RUN_IFELSE([AC_LANG_SOURCE([[ -#include -#include -#if defined(HAVE_GDBM_NDBM_H) -#include -#elif defined(HAVE_NDBM_H) -#include -#elif defined(HAVE_DBM_H) -#include -#endif -int main(int argc, char **argv) -{ - DBM *d; - - d = dbm_open("conftest", O_RDWR | O_CREAT, 0666); - if (d == NULL) - return 1; - dbm_close(d); - return 0; -}]])],[ - if test -f conftest.db; then - AC_MSG_RESULT([yes]) - AC_DEFINE(HAVE_NEW_DB, 1, [Define if NDBM really is DB (creates files *.db)]) - else - AC_MSG_RESULT([no]) - fi],[AC_MSG_RESULT([no])]) -fi - -AM_CONDITIONAL(HAVE_DB1, test "$db_type" = db1)dnl -AM_CONDITIONAL(HAVE_DB3, test "$db_type" = db3)dnl -AM_CONDITIONAL(HAVE_NDBM, test "$db_type" = ndbm)dnl - -## it's probably not correct to include LDFLAGS here, but we might -## need it, for now just add any possible -L -z="" -for i in $LDFLAGS; do - case "$i" in - -L*) z="$z $i";; - esac -done -DBLIB="$z $DBLIB" -AC_SUBST(DBLIB)dnl -AC_SUBST(LIB_NDBM)dnl -]) diff --git a/crypto/heimdal/cf/destdirs.m4 b/crypto/heimdal/cf/destdirs.m4 deleted file mode 100644 index 6b75f655fb07..000000000000 --- a/crypto/heimdal/cf/destdirs.m4 +++ /dev/null @@ -1,18 +0,0 @@ -dnl -dnl $Id: destdirs.m4 11082 2002-08-12 15:12:50Z joda $ -dnl - -AC_DEFUN([rk_DESTDIRS], [ -# This is done by AC_OUTPUT but we need the result here. -test "x$prefix" = xNONE && prefix=$ac_default_prefix -test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' - -AC_FOREACH([rk_dir], [bin lib libexec localstate sbin sysconf], [ - x="${rk_dir[]dir}" - eval y="$x" - while test "x$y" != "x$x"; do - x="$y" - eval y="$x" - done - AC_DEFINE_UNQUOTED(AS_TR_CPP(rk_dir[]dir), "$x", [path to ]rk_dir[])]) -]) diff --git a/crypto/heimdal/cf/dlopen.m4 b/crypto/heimdal/cf/dlopen.m4 deleted file mode 100644 index 310ca556b4d1..000000000000 --- a/crypto/heimdal/cf/dlopen.m4 +++ /dev/null @@ -1,11 +0,0 @@ -dnl -dnl $Id: dlopen.m4 15433 2005-06-16 19:40:59Z lha $ -dnl - -AC_DEFUN([rk_DLOPEN], [ - AC_FIND_FUNC_NO_LIBS(dlopen, dl,[ -#ifdef HAVE_DLFCN_H -#include -#endif],[0,0]) - AM_CONDITIONAL(HAVE_DLOPEN, test "$ac_cv_funclib_dlopen" != no) -]) diff --git a/crypto/heimdal/cf/find-func-no-libs.m4 b/crypto/heimdal/cf/find-func-no-libs.m4 deleted file mode 100644 index 76965a84ee8a..000000000000 --- a/crypto/heimdal/cf/find-func-no-libs.m4 +++ /dev/null @@ -1,9 +0,0 @@ -dnl $Id: find-func-no-libs.m4 13338 2004-02-12 14:21:14Z lha $ -dnl -dnl -dnl Look for function in any of the specified libraries -dnl - -dnl AC_FIND_FUNC_NO_LIBS(func, libraries, includes, arguments, extra libs, extra args) -AC_DEFUN([AC_FIND_FUNC_NO_LIBS], [ -AC_FIND_FUNC_NO_LIBS2([$1], ["" $2], [$3], [$4], [$5], [$6])]) diff --git a/crypto/heimdal/cf/find-func-no-libs2.m4 b/crypto/heimdal/cf/find-func-no-libs2.m4 deleted file mode 100644 index 617a09e8da1b..000000000000 --- a/crypto/heimdal/cf/find-func-no-libs2.m4 +++ /dev/null @@ -1,63 +0,0 @@ -dnl $Id: find-func-no-libs2.m4 14166 2004-08-26 12:35:42Z joda $ -dnl -dnl -dnl Look for function in any of the specified libraries -dnl - -dnl AC_FIND_FUNC_NO_LIBS2(func, libraries, includes, arguments, extra libs, extra args) -AC_DEFUN([AC_FIND_FUNC_NO_LIBS2], [ - -AC_MSG_CHECKING([for $1]) -AC_CACHE_VAL(ac_cv_funclib_$1, -[ -if eval "test \"\$ac_cv_func_$1\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in $2; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS="$6 $ac_lib $5 $ac_save_LIBS" - AC_LINK_IFELSE([AC_LANG_PROGRAM([[$3]],[[$1($4)]])],[eval "if test -n \"$ac_lib\";then ac_cv_funclib_$1=$ac_lib; else ac_cv_funclib_$1=yes; fi";break]) - done - eval "ac_cv_funclib_$1=\${ac_cv_funclib_$1-no}" - LIBS="$ac_save_LIBS" -fi -]) - -eval "ac_res=\$ac_cv_funclib_$1" - -if false; then - AC_CHECK_FUNCS($1) -dnl AC_CHECK_LIBS($2, foo) -fi -# $1 -eval "ac_tr_func=HAVE_[]upcase($1)" -eval "ac_tr_lib=HAVE_LIB[]upcase($ac_res | sed -e 's/-l//')" -eval "LIB_$1=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_$1=yes" - eval "LIB_$1=" - AC_DEFINE_UNQUOTED($ac_tr_func) - AC_MSG_RESULT([yes]) - ;; - no) - eval "ac_cv_func_$1=no" - eval "LIB_$1=" - AC_MSG_RESULT([no]) - ;; - *) - eval "ac_cv_func_$1=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - AC_DEFINE_UNQUOTED($ac_tr_func) - AC_DEFINE_UNQUOTED($ac_tr_lib) - AC_MSG_RESULT([yes, in $ac_res]) - ;; -esac -AC_SUBST(LIB_$1) -]) diff --git a/crypto/heimdal/cf/find-func.m4 b/crypto/heimdal/cf/find-func.m4 deleted file mode 100644 index 2354f38e5e4b..000000000000 --- a/crypto/heimdal/cf/find-func.m4 +++ /dev/null @@ -1,9 +0,0 @@ -dnl $Id: find-func.m4 13338 2004-02-12 14:21:14Z lha $ -dnl -dnl AC_FIND_FUNC(func, libraries, includes, arguments) -AC_DEFUN([AC_FIND_FUNC], [ -AC_FIND_FUNC_NO_LIBS([$1], [$2], [$3], [$4]) -if test -n "$LIB_$1"; then - LIBS="$LIB_$1 $LIBS" -fi -]) diff --git a/crypto/heimdal/cf/find-if-not-broken.m4 b/crypto/heimdal/cf/find-if-not-broken.m4 deleted file mode 100644 index 3e946385c50a..000000000000 --- a/crypto/heimdal/cf/find-if-not-broken.m4 +++ /dev/null @@ -1,12 +0,0 @@ -dnl $Id: find-if-not-broken.m4 13338 2004-02-12 14:21:14Z lha $ -dnl -dnl -dnl Mix between AC_FIND_FUNC and AC_BROKEN -dnl - -AC_DEFUN([AC_FIND_IF_NOT_BROKEN], -[AC_FIND_FUNC([$1], [$2], [$3], [$4]) -if eval "test \"$ac_cv_func_$1\" != yes"; then - rk_LIBOBJ([$1]) -fi -]) diff --git a/crypto/heimdal/cf/framework-security.m4 b/crypto/heimdal/cf/framework-security.m4 deleted file mode 100644 index 3358292f4e6b..000000000000 --- a/crypto/heimdal/cf/framework-security.m4 +++ /dev/null @@ -1,31 +0,0 @@ -AC_DEFUN([rk_FRAMEWORK_SECURITY], [ - -AC_MSG_CHECKING([for framework security]) -AC_CACHE_VAL(rk_cv_framework_security, -[ -if test "$rk_cv_framework_security" != yes; then - ac_save_LIBS="$LIBS" - LIBS="$ac_save_LIBS -framework Security -framework CoreFoundation" - AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include -]], -[[SecKeychainSearchRef searchRef; -SecKeychainSearchCreateFromAttributes(NULL,kSecCertificateItemClass,NULL, &searchRef); -CFRelease(&searchRef); -]])],[rk_cv_framework_security=yes]) - LIBS="$ac_save_LIBS" -fi -]) - -if test "$rk_cv_framework_security" = yes; then - AC_DEFINE(HAVE_FRAMEWORK_SECURITY, 1, [Have -framework Security]) - AC_MSG_RESULT(yes) -else - AC_MSG_RESULT(no) -fi -AM_CONDITIONAL(FRAMEWORK_SECURITY, test "$rk_cv_framework_security" = yes) - -if test "$rk_cv_framework_security" = yes; then - AC_NEED_PROTO([#include ],SecKeyGetCSPHandle) -fi - -]) diff --git a/crypto/heimdal/cf/have-pragma-weak.m4 b/crypto/heimdal/cf/have-pragma-weak.m4 deleted file mode 100644 index 32b7a67da149..000000000000 --- a/crypto/heimdal/cf/have-pragma-weak.m4 +++ /dev/null @@ -1,37 +0,0 @@ -dnl $Id: have-pragma-weak.m4 15435 2005-06-16 19:45:52Z lha $ -dnl -AC_DEFUN([AC_HAVE_PRAGMA_WEAK], [ -if test "${enable_shared}" = "yes"; then -AC_MSG_CHECKING(for pragma weak) -AC_CACHE_VAL(ac_have_pragma_weak, [ -ac_have_pragma_weak=no -cat > conftest_foo.$ac_ext <<'EOF' -[#]line __oline__ "configure" -#include "confdefs.h" -#pragma weak foo = _foo -int _foo = 17; -EOF -cat > conftest_bar.$ac_ext <<'EOF' -[#]line __oline__ "configure" -#include "confdefs.h" -extern int foo; - -int t(void) { - return foo; -} - -int main(int argc, char **argv) { - return t(); -} -EOF -if AC_TRY_EVAL('CC -o conftest $CFLAGS $CPPFLAGS $LDFLAGS conftest_foo.$ac_ext conftest_bar.$ac_ext 1>&AC_FD_CC'); then -ac_have_pragma_weak=yes -fi -rm -rf conftest* -]) -if test "$ac_have_pragma_weak" = "yes"; then - AC_DEFINE(HAVE_PRAGMA_WEAK, 1, [Define this if your compiler supports \`#pragma weak.'])dnl -fi -AC_MSG_RESULT($ac_have_pragma_weak) -fi -]) diff --git a/crypto/heimdal/cf/have-struct-field.m4 b/crypto/heimdal/cf/have-struct-field.m4 deleted file mode 100644 index 8618bc073482..000000000000 --- a/crypto/heimdal/cf/have-struct-field.m4 +++ /dev/null @@ -1,21 +0,0 @@ -dnl $Id: have-struct-field.m4 18314 2006-10-07 17:31:56Z lha $ -dnl -dnl check for fields in a structure -dnl -dnl AC_HAVE_STRUCT_FIELD(struct, field, headers) - -AC_DEFUN([AC_HAVE_STRUCT_FIELD], [ -define(cache_val, translit(ac_cv_type_$1_$2, [A-Z ], [a-z_])) -AC_CACHE_CHECK([for $2 in $1], cache_val,[ -AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[$3]], - [[$1 x; memset(&x, 0, sizeof(x)); x.$2]])], - [cache_val=yes], - [cache_val=no]) -]) -if test "$cache_val" = yes; then - define(foo, translit(HAVE_$1_$2, [a-z ], [A-Z_])) - AC_DEFINE(foo, 1, [Define if $1 has field $2.]) - undefine([foo]) -fi -undefine([cache_val]) -]) diff --git a/crypto/heimdal/cf/have-type.m4 b/crypto/heimdal/cf/have-type.m4 deleted file mode 100644 index 34d5befbb602..000000000000 --- a/crypto/heimdal/cf/have-type.m4 +++ /dev/null @@ -1,30 +0,0 @@ -dnl $Id: have-type.m4 14166 2004-08-26 12:35:42Z joda $ -dnl -dnl check for existance of a type - -dnl AC_HAVE_TYPE(TYPE,INCLUDES) -AC_DEFUN([AC_HAVE_TYPE], [ -AC_REQUIRE([AC_HEADER_STDC]) -cv=`echo "$1" | sed 'y%./+- %__p__%'` -AC_MSG_CHECKING(for $1) -AC_CACHE_VAL([ac_cv_type_$cv], -AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ -#include -#if STDC_HEADERS -#include -#include -#endif -$2]], -[[$1 foo;]])], -[eval "ac_cv_type_$cv=yes"], -[eval "ac_cv_type_$cv=no"]))dnl -ac_foo=`eval echo \\$ac_cv_type_$cv` -AC_MSG_RESULT($ac_foo) -if test "$ac_foo" = yes; then - ac_tr_hdr=HAVE_`echo $1 | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` -if false; then - AC_CHECK_TYPES($1) -fi - AC_DEFINE_UNQUOTED($ac_tr_hdr, 1, [Define if you have type `$1']) -fi -]) diff --git a/crypto/heimdal/cf/have-types.m4 b/crypto/heimdal/cf/have-types.m4 deleted file mode 100644 index 79ceb97e40f8..000000000000 --- a/crypto/heimdal/cf/have-types.m4 +++ /dev/null @@ -1,12 +0,0 @@ -dnl -dnl $Id: have-types.m4 13338 2004-02-12 14:21:14Z lha $ -dnl - -AC_DEFUN([AC_HAVE_TYPES], [ -for i in $1; do - AC_HAVE_TYPE($i) -done -if false;then - AC_CHECK_FUNCS($1) -fi -]) diff --git a/crypto/heimdal/cf/install-catman.sh b/crypto/heimdal/cf/install-catman.sh deleted file mode 100755 index 872e1628070c..000000000000 --- a/crypto/heimdal/cf/install-catman.sh +++ /dev/null @@ -1,72 +0,0 @@ -#!/bin/sh -# -# $Id: install-catman.sh 20232 2007-02-16 11:03:13Z lha $ -# -# install preformatted manual pages - -cmd="$1"; shift -INSTALL_DATA="$1"; shift -mkinstalldirs="$1"; shift -srcdir="$1"; shift -manbase="$1"; shift -suffix="$1"; shift -catinstall="${INSTALL_CATPAGES-yes}" - -for f in "$@"; do - base=`echo "$f" | sed 's/\(.*\)\.\([^.]*\)$/\1/'` - section=`echo "$f" | sed 's/\(.*\)\.\([^.]*\)$/\2/'` - mandir="$manbase/man$section" - catdir="$manbase/cat$section" - c="$base.cat$section" - - if test "$catinstall" = yes -a -f "$srcdir/$c"; then - if test "$cmd" = install ; then - if test \! -d "$catdir"; then - eval "$mkinstalldirs $catdir" - fi - eval "echo $INSTALL_DATA $srcdir/$c $catdir/$base.$suffix" - eval "$INSTALL_DATA $srcdir/$c $catdir/$base.$suffix" - elif test "$cmd" = uninstall ; then - eval "echo rm -f $catdir/$base.$suffix" - eval "rm -f $catdir/$base.$suffix" - fi - fi - for link in `sed -n -e '/SYNOPSIS/q;/DESCRIPTION/q;s/^\.Nm \([^ ]*\).*/\1/p' $srcdir/$f`; do - if test "$link" = "$base" ; then - continue - fi - if test "$cmd" = install ; then - target="$mandir/$link.$section" - for lncmd in "ln -f $mandir/$base.$section $target" \ - "ln -s $base.$section $target" \ - "cp -f $mandir/$base.$section $target" - do - if eval "$lncmd"; then - eval echo "$lncmd" - break - fi - done - if test "$catinstall" = yes -a -f "$srcdir/$c"; then - target="$catdir/$link.$suffix" - for lncmd in "ln -f $catdir/$base.$suffix $target" \ - "ln -fs $base.$suffix $target" \ - "cp -f $catdir/$base.$suffix $target" - do - if eval "$lncmd"; then - eval echo "$lncmd" - break - fi - done - fi - elif test "$cmd" = uninstall ; then - target="$mandir/$link.$section" - eval "echo rm -f $target" - eval "rm -f $target" - if test "$catinstall" = yes; then - target="$catdir/$link.$suffix" - eval "echo rm -f $target" - eval "rm -f $target" - fi - fi - done -done diff --git a/crypto/heimdal/cf/irix.m4 b/crypto/heimdal/cf/irix.m4 deleted file mode 100644 index 510b81f26bc0..000000000000 --- a/crypto/heimdal/cf/irix.m4 +++ /dev/null @@ -1,26 +0,0 @@ -dnl -dnl $Id: irix.m4 11267 2002-08-28 19:11:44Z joda $ -dnl - -AC_DEFUN([rk_IRIX], -[ -irix=no -case "$host" in -*-*-irix4*) - AC_DEFINE([IRIX4], 1, - [Define if you are running IRIX 4.]) - irix=yes - ;; -*-*-irix*) - irix=yes - ;; -esac -AM_CONDITIONAL(IRIX, test "$irix" != no)dnl - -AH_BOTTOM([ -/* IRIX 4 braindamage */ -#if IRIX == 4 && !defined(__STDC__) -#define __STDC__ 0 -#endif -]) -]) diff --git a/crypto/heimdal/cf/krb-bigendian.m4 b/crypto/heimdal/cf/krb-bigendian.m4 deleted file mode 100644 index 30e1a799c511..000000000000 --- a/crypto/heimdal/cf/krb-bigendian.m4 +++ /dev/null @@ -1,62 +0,0 @@ -dnl -dnl $Id: krb-bigendian.m4 15456 2005-06-16 21:04:43Z lha $ -dnl - -dnl check if this computer is little or big-endian -dnl if we can figure it out at compile-time then don't define the cpp symbol -dnl otherwise test for it and define it. also allow options for overriding -dnl it when cross-compiling - -AC_DEFUN([KRB_C_BIGENDIAN], [ -AC_ARG_ENABLE(bigendian, - AS_HELP_STRING([--enable-bigendian],[the target is big endian]), -krb_cv_c_bigendian=yes) -AC_ARG_ENABLE(littleendian, - AS_HELP_STRING([--enable-littleendian],[the target is little endian]), -krb_cv_c_bigendian=no) -AC_CACHE_CHECK([whether byte order is known at compile time], -krb_cv_c_bigendian_compile, -[AC_COMPILE_IFELSE([AC_LANG_SOURCE([[ -#include -#include -#if !BYTE_ORDER || !BIG_ENDIAN || !LITTLE_ENDIAN - bogus endian macros -#endif]])],[krb_cv_c_bigendian_compile=yes],[krb_cv_c_bigendian_compile=no])]) -AC_CACHE_CHECK(whether byte ordering is bigendian, krb_cv_c_bigendian,[ - if test "$krb_cv_c_bigendian_compile" = "yes"; then - AC_COMPILE_IFELSE([AC_LANG_SOURCE([[ -#include -#include -#if BYTE_ORDER != BIG_ENDIAN - not big endian -#endif]])],[krb_cv_c_bigendian=yes],[krb_cv_c_bigendian=no]) - else - AC_RUN_IFELSE([AC_LANG_SOURCE([[main (int argc, char **argv) { - /* Are we little or big endian? From Harbison&Steele. */ - union - { - long l; - char c[sizeof (long)]; - } u; - u.l = 1; - exit (u.c[sizeof (long) - 1] == 1); - }]])],[krb_cv_c_bigendian=no],[krb_cv_c_bigendian=yes], - [AC_MSG_ERROR([specify either --enable-bigendian or --enable-littleendian])]) - fi -]) -if test "$krb_cv_c_bigendian" = "yes"; then - AC_DEFINE(WORDS_BIGENDIAN, 1, [define if target is big endian])dnl -fi -if test "$krb_cv_c_bigendian_compile" = "yes"; then - AC_DEFINE(ENDIANESS_IN_SYS_PARAM_H, 1, [define if sys/param.h defines the endiness])dnl -fi -AH_BOTTOM([ -#if ENDIANESS_IN_SYS_PARAM_H -# include -# include -# if BYTE_ORDER == BIG_ENDIAN -# define WORDS_BIGENDIAN 1 -# endif -#endif -]) -]) diff --git a/crypto/heimdal/cf/krb-func-getcwd-broken.m4 b/crypto/heimdal/cf/krb-func-getcwd-broken.m4 deleted file mode 100644 index 6ab4a268a47c..000000000000 --- a/crypto/heimdal/cf/krb-func-getcwd-broken.m4 +++ /dev/null @@ -1,41 +0,0 @@ -dnl $Id: krb-func-getcwd-broken.m4 15455 2005-06-16 21:03:43Z lha $ -dnl -dnl -dnl test for broken getcwd in (SunOS braindamage) -dnl - -AC_DEFUN([AC_KRB_FUNC_GETCWD_BROKEN], [ -if test "$ac_cv_func_getcwd" = yes; then -AC_MSG_CHECKING(if getcwd is broken) -AC_CACHE_VAL(ac_cv_func_getcwd_broken, [ -ac_cv_func_getcwd_broken=no - -AC_RUN_IFELSE([AC_LANG_SOURCE([[ -#include -char *getcwd(char*, int); - -void *popen(char *cmd, char *mode) -{ - errno = ENOTTY; - return 0; -} - -int main(int argc, char **argv) -{ - char *ret; - ret = getcwd(0, 1024); - if(ret == 0 && errno == ENOTTY) - return 0; - return 1; -} -]])], [ac_cv_func_getcwd_broken=yes],[:],[:]) -]) -if test "$ac_cv_func_getcwd_broken" = yes; then - AC_DEFINE(BROKEN_GETCWD, 1, [Define if getcwd is broken (like in SunOS 4).])dnl - AC_LIBOBJ(getcwd) - AC_MSG_RESULT($ac_cv_func_getcwd_broken) -else - AC_MSG_RESULT([seems ok]) -fi -fi -]) diff --git a/crypto/heimdal/cf/krb-func-getlogin.m4 b/crypto/heimdal/cf/krb-func-getlogin.m4 deleted file mode 100644 index 03cecfcefe66..000000000000 --- a/crypto/heimdal/cf/krb-func-getlogin.m4 +++ /dev/null @@ -1,22 +0,0 @@ -dnl -dnl $Id: krb-func-getlogin.m4 13338 2004-02-12 14:21:14Z lha $ -dnl -dnl test for POSIX (broken) getlogin -dnl - - -AC_DEFUN([AC_FUNC_GETLOGIN], [ -AC_CHECK_FUNCS(getlogin setlogin) -if test "$ac_cv_func_getlogin" = yes; then -AC_CACHE_CHECK(if getlogin is posix, ac_cv_func_getlogin_posix, [ -if test "$ac_cv_func_getlogin" = yes -a "$ac_cv_func_setlogin" = yes; then - ac_cv_func_getlogin_posix=no -else - ac_cv_func_getlogin_posix=yes -fi -]) -if test "$ac_cv_func_getlogin_posix" = yes; then - AC_DEFINE(POSIX_GETLOGIN, 1, [Define if getlogin has POSIX flavour (and not BSD).]) -fi -fi -]) diff --git a/crypto/heimdal/cf/krb-ipv6.m4 b/crypto/heimdal/cf/krb-ipv6.m4 deleted file mode 100644 index ba0b00093fde..000000000000 --- a/crypto/heimdal/cf/krb-ipv6.m4 +++ /dev/null @@ -1,149 +0,0 @@ -dnl $Id: krb-ipv6.m4 14166 2004-08-26 12:35:42Z joda $ -dnl -dnl test for IPv6 -dnl -AC_DEFUN([AC_KRB_IPV6], [ -AC_ARG_WITH(ipv6, - AS_HELP_STRING([--without-ipv6],[do not enable IPv6 support]),[ -if test "$withval" = "no"; then - ac_cv_lib_ipv6=no -fi]) -save_CFLAGS="${CFLAGS}" -AC_CACHE_CHECK([for IPv6 stack type], v6type, -[dnl check for different v6 implementations (by itojun) -v6type=unknown -v6lib=none - -for i in v6d toshiba kame inria zeta linux; do - case $i in - v6d) - AC_EGREP_CPP(yes, [ -#include -#ifdef __V6D__ -yes -#endif], - [v6type=$i; v6lib=v6; - v6libdir=/usr/local/v6/lib; - CFLAGS="-I/usr/local/v6/include $CFLAGS"]) - ;; - toshiba) - AC_EGREP_CPP(yes, [ -#include -#ifdef _TOSHIBA_INET6 -yes -#endif], - [v6type=$i; v6lib=inet6; - v6libdir=/usr/local/v6/lib; - CFLAGS="-DINET6 $CFLAGS"]) - ;; - kame) - AC_EGREP_CPP(yes, [ -#include -#ifdef __KAME__ -yes -#endif], - [v6type=$i; v6lib=inet6; - v6libdir=/usr/local/v6/lib; - CFLAGS="-DINET6 $CFLAGS"]) - ;; - inria) - AC_EGREP_CPP(yes, [ -#include -#ifdef IPV6_INRIA_VERSION -yes -#endif], - [v6type=$i; CFLAGS="-DINET6 $CFLAGS"]) - ;; - zeta) - AC_EGREP_CPP(yes, [ -#include -#ifdef _ZETA_MINAMI_INET6 -yes -#endif], - [v6type=$i; v6lib=inet6; - v6libdir=/usr/local/v6/lib; - CFLAGS="-DINET6 $CFLAGS"]) - ;; - linux) - if test -d /usr/inet6; then - v6type=$i - v6lib=inet6 - v6libdir=/usr/inet6 - CFLAGS="-DINET6 $CFLAGS" - fi - ;; - esac - if test "$v6type" != "unknown"; then - break - fi -done - -if test "$v6lib" != "none"; then - for dir in $v6libdir /usr/local/v6/lib /usr/local/lib; do - if test -d $dir -a -f $dir/lib$v6lib.a; then - LIBS="-L$dir -l$v6lib $LIBS" - break - fi - done -fi -]) - -AC_CACHE_CHECK([for IPv6], ac_cv_lib_ipv6, [ -AC_LINK_IFELSE([AC_LANG_PROGRAM([[ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -]], -[[ - struct sockaddr_in6 sin6; - int s; - - s = socket(AF_INET6, SOCK_DGRAM, 0); - - sin6.sin6_family = AF_INET6; - sin6.sin6_port = htons(17); - sin6.sin6_addr = in6addr_any; - bind(s, (struct sockaddr *)&sin6, sizeof(sin6)); -]])], -[ac_cv_lib_ipv6=yes], -[ac_cv_lib_ipv6=no])]) -if test "$ac_cv_lib_ipv6" = yes; then - AC_DEFINE(HAVE_IPV6, 1, [Define if you have IPv6.]) -else - CFLAGS="${save_CFLAGS}" -fi - -## test for AIX missing in6addr_loopback -if test "$ac_cv_lib_ipv6" = yes; then - AC_CACHE_CHECK([for in6addr_loopback],[ac_cv_var_in6addr_loopback],[ - AC_LINK_IFELSE([AC_LANG_PROGRAM([[ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif]],[[ -struct sockaddr_in6 sin6; -sin6.sin6_addr = in6addr_loopback; -]])],[ac_cv_var_in6addr_loopback=yes],[ac_cv_var_in6addr_loopback=no])]) - if test "$ac_cv_var_in6addr_loopback" = yes; then - AC_DEFINE(HAVE_IN6ADDR_LOOPBACK, 1, - [Define if you have the in6addr_loopback variable]) - fi -fi -]) \ No newline at end of file diff --git a/crypto/heimdal/cf/krb-prog-ln-s.m4 b/crypto/heimdal/cf/krb-prog-ln-s.m4 deleted file mode 100644 index e4bb7cad460a..000000000000 --- a/crypto/heimdal/cf/krb-prog-ln-s.m4 +++ /dev/null @@ -1,28 +0,0 @@ -dnl $Id: krb-prog-ln-s.m4 13338 2004-02-12 14:21:14Z lha $ -dnl -dnl -dnl Better test for ln -s, ln or cp -dnl - -AC_DEFUN([AC_KRB_PROG_LN_S], -[AC_MSG_CHECKING(for ln -s or something else) -AC_CACHE_VAL(ac_cv_prog_LN_S, -[rm -f conftestdata -if ln -s X conftestdata 2>/dev/null -then - rm -f conftestdata - ac_cv_prog_LN_S="ln -s" -else - touch conftestdata1 - if ln conftestdata1 conftestdata2; then - rm -f conftestdata* - ac_cv_prog_LN_S=ln - else - ac_cv_prog_LN_S=cp - fi -fi])dnl -LN_S="$ac_cv_prog_LN_S" -AC_MSG_RESULT($ac_cv_prog_LN_S) -AC_SUBST(LN_S)dnl -]) - diff --git a/crypto/heimdal/cf/krb-prog-ranlib.m4 b/crypto/heimdal/cf/krb-prog-ranlib.m4 deleted file mode 100644 index 6a851a24da62..000000000000 --- a/crypto/heimdal/cf/krb-prog-ranlib.m4 +++ /dev/null @@ -1,8 +0,0 @@ -dnl $Id: krb-prog-ranlib.m4 13338 2004-02-12 14:21:14Z lha $ -dnl -dnl -dnl Also look for EMXOMF for OS/2 -dnl - -AC_DEFUN([AC_KRB_PROG_RANLIB], -[AC_CHECK_PROGS(RANLIB, ranlib EMXOMF, :)]) diff --git a/crypto/heimdal/cf/krb-prog-yacc.m4 b/crypto/heimdal/cf/krb-prog-yacc.m4 deleted file mode 100644 index 10203e453fe4..000000000000 --- a/crypto/heimdal/cf/krb-prog-yacc.m4 +++ /dev/null @@ -1,12 +0,0 @@ -dnl $Id: krb-prog-yacc.m4 13338 2004-02-12 14:21:14Z lha $ -dnl -dnl -dnl We prefer byacc or yacc because they do not use `alloca' -dnl - -AC_DEFUN([AC_KRB_PROG_YACC], -[AC_CHECK_PROGS(YACC, byacc yacc 'bison -y') -if test "$YACC" = ""; then - AC_MSG_WARN([yacc not found - some stuff will not build]) -fi -]) diff --git a/crypto/heimdal/cf/krb-readline.m4 b/crypto/heimdal/cf/krb-readline.m4 deleted file mode 100644 index 61a50c5abacd..000000000000 --- a/crypto/heimdal/cf/krb-readline.m4 +++ /dev/null @@ -1,39 +0,0 @@ -dnl $Id: krb-readline.m4 14166 2004-08-26 12:35:42Z joda $ -dnl -dnl Tests for readline functions -dnl - -dnl el_init - -AC_DEFUN([KRB_READLINE],[ -AC_FIND_FUNC_NO_LIBS(el_init, edit, [], [], [$LIB_tgetent]) -if test "$ac_cv_func_el_init" = yes ; then - AC_CACHE_CHECK(for four argument el_init, ac_cv_func_el_init_four,[ - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include - #include ]], - [[el_init("", NULL, NULL, NULL);]])], - [ac_cv_func_el_init_four=yes], - [ac_cv_func_el_init_four=no])]) - if test "$ac_cv_func_el_init_four" = yes; then - AC_DEFINE(HAVE_FOUR_VALUED_EL_INIT, 1, [Define if el_init takes four arguments.]) - fi -fi - -dnl readline - -ac_foo=no -if test "$with_readline" = yes; then - : -elif test "$ac_cv_func_readline" = yes; then - : -elif test "$ac_cv_func_el_init" = yes; then - ac_foo=yes - LIB_readline="\$(top_builddir)/lib/editline/libel_compat.la \$(LIB_el_init) \$(LIB_tgetent)" -else - LIB_readline="\$(top_builddir)/lib/editline/libeditline.la \$(LIB_tgetent)" -fi -AM_CONDITIONAL(el_compat, test "$ac_foo" = yes) -AC_DEFINE(HAVE_READLINE, 1, - [Define if you have a readline compatible library.])dnl - -]) diff --git a/crypto/heimdal/cf/krb-struct-spwd.m4 b/crypto/heimdal/cf/krb-struct-spwd.m4 deleted file mode 100644 index 17fb2a371cb3..000000000000 --- a/crypto/heimdal/cf/krb-struct-spwd.m4 +++ /dev/null @@ -1,21 +0,0 @@ -dnl $Id: krb-struct-spwd.m4 14166 2004-08-26 12:35:42Z joda $ -dnl -dnl Test for `struct spwd' - -AC_DEFUN([AC_KRB_STRUCT_SPWD], [ -AC_MSG_CHECKING(for struct spwd) -AC_CACHE_VAL(ac_cv_struct_spwd, [ -AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ -#include -#ifdef HAVE_SHADOW_H -#include -#endif]],[[struct spwd foo;]])], -[ac_cv_struct_spwd=yes], -[ac_cv_struct_spwd=no]) -]) -AC_MSG_RESULT($ac_cv_struct_spwd) - -if test "$ac_cv_struct_spwd" = "yes"; then - AC_DEFINE(HAVE_STRUCT_SPWD, 1, [define if you have struct spwd]) -fi -]) diff --git a/crypto/heimdal/cf/krb-struct-winsize.m4 b/crypto/heimdal/cf/krb-struct-winsize.m4 deleted file mode 100644 index 06e5f5bb8e7e..000000000000 --- a/crypto/heimdal/cf/krb-struct-winsize.m4 +++ /dev/null @@ -1,25 +0,0 @@ -dnl $Id: krb-struct-winsize.m4 13338 2004-02-12 14:21:14Z lha $ -dnl -dnl -dnl Search for struct winsize -dnl - -AC_DEFUN([AC_KRB_STRUCT_WINSIZE], [ -AC_MSG_CHECKING(for struct winsize) -AC_CACHE_VAL(ac_cv_struct_winsize, [ -ac_cv_struct_winsize=no -for i in sys/termios.h sys/ioctl.h; do -AC_EGREP_HEADER( -struct[[ ]]*winsize,dnl -$i, ac_cv_struct_winsize=yes; break)dnl -done -]) -if test "$ac_cv_struct_winsize" = "yes"; then - AC_DEFINE(HAVE_STRUCT_WINSIZE, 1, [define if struct winsize is declared in sys/termios.h]) -fi -AC_MSG_RESULT($ac_cv_struct_winsize) -AC_EGREP_HEADER(ws_xpixel, termios.h, - AC_DEFINE(HAVE_WS_XPIXEL, 1, [define if struct winsize has ws_xpixel])) -AC_EGREP_HEADER(ws_ypixel, termios.h, - AC_DEFINE(HAVE_WS_YPIXEL, 1, [define if struct winsize has ws_ypixel])) -]) diff --git a/crypto/heimdal/cf/krb-sys-aix.m4 b/crypto/heimdal/cf/krb-sys-aix.m4 deleted file mode 100644 index 544e779181a5..000000000000 --- a/crypto/heimdal/cf/krb-sys-aix.m4 +++ /dev/null @@ -1,15 +0,0 @@ -dnl $Id: krb-sys-aix.m4 13338 2004-02-12 14:21:14Z lha $ -dnl -dnl -dnl AIX have a very different syscall convention -dnl -AC_DEFUN([AC_KRB_SYS_AIX], [ -AC_MSG_CHECKING(for AIX) -AC_CACHE_VAL(krb_cv_sys_aix, -AC_EGREP_CPP(yes, -[#ifdef _AIX - yes -#endif -], krb_cv_sys_aix=yes, krb_cv_sys_aix=no) ) -AC_MSG_RESULT($krb_cv_sys_aix) -]) diff --git a/crypto/heimdal/cf/krb-sys-nextstep.m4 b/crypto/heimdal/cf/krb-sys-nextstep.m4 deleted file mode 100644 index dcf7e096c33e..000000000000 --- a/crypto/heimdal/cf/krb-sys-nextstep.m4 +++ /dev/null @@ -1,18 +0,0 @@ -dnl $Id: krb-sys-nextstep.m4 13338 2004-02-12 14:21:14Z lha $ -dnl -dnl NEXTSTEP is not posix compliant by default, -dnl you need a switch -posix to the compiler -dnl - -AC_DEFUN([rk_SYS_NEXTSTEP], [ -AC_CACHE_CHECK(for NeXTSTEP, rk_cv_sys_nextstep, [ -AC_EGREP_CPP(yes, -[#if defined(NeXT) && !defined(__APPLE__) - yes -#endif -], rk_cv_sys_nextstep=yes, rk_cv_sys_nextstep=no)]) -if test "$rk_cv_sys_nextstep" = "yes"; then - CFLAGS="$CFLAGS -posix" - LIBS="$LIBS -posix" -fi -]) diff --git a/crypto/heimdal/cf/krb-version.m4 b/crypto/heimdal/cf/krb-version.m4 deleted file mode 100644 index 92d731f0438f..000000000000 --- a/crypto/heimdal/cf/krb-version.m4 +++ /dev/null @@ -1,24 +0,0 @@ -dnl $Id: krb-version.m4 13338 2004-02-12 14:21:14Z lha $ -dnl -dnl -dnl output a C header-file with some version strings -dnl - -AC_DEFUN([AC_KRB_VERSION],[ -cat > include/newversion.h.in </dev/null | sed 1q` - Date=`date` - mv -f include/newversion.h.in include/version.h.in - sed -e "s/@USER@/$User/" -e "s/@HOST@/$Host/" -e "s/@DATE@/$Date/" include/version.h.in > include/version.h -fi -]) diff --git a/crypto/heimdal/cf/largefile.m4 b/crypto/heimdal/cf/largefile.m4 deleted file mode 100644 index 972ba9c44549..000000000000 --- a/crypto/heimdal/cf/largefile.m4 +++ /dev/null @@ -1,16 +0,0 @@ -dnl $Id: largefile.m4 13768 2004-04-24 21:51:32Z joda $ -dnl -dnl Figure out what flags we need for 64-bit file access, and also set -dnl them on the command line. -dnl -AC_DEFUN([rk_SYS_LARGEFILE],[ -AC_REQUIRE([AC_SYS_LARGEFILE])dnl -dnl need to set this on the command line, since it might otherwise break -dnl with generated code, such as lex -if test "$enable_largefile" != no -a "$ac_cv_sys_large_files" != no; then - CPPFLAGS="$CPPFLAGS -D_LARGE_FILES=$ac_cv_sys_large_files" -fi -if test "$enable_largefile" != no -a "$ac_cv_sys_file_offset_bits" != no; then - CPPFLAGS="$CPPFLAGS -D_FILE_OFFSET_BITS=$ac_cv_sys_file_offset_bits" -fi -]) diff --git a/crypto/heimdal/cf/make-proto.pl b/crypto/heimdal/cf/make-proto.pl deleted file mode 100644 index f119b517e792..000000000000 --- a/crypto/heimdal/cf/make-proto.pl +++ /dev/null @@ -1,337 +0,0 @@ -# Make prototypes from .c files -# $Id: make-proto.pl 14183 2004-09-03 08:50:57Z lha $ - -##use Getopt::Std; -require 'getopts.pl'; - -$brace = 0; -$line = ""; -$debug = 0; -$oproto = 1; -$private_func_re = "^_"; - -do Getopts('x:m:o:p:dqE:R:P:') || die "foo"; - -if($opt_d) { - $debug = 1; -} - -if($opt_q) { - $oproto = 0; -} - -if($opt_R) { - $private_func_re = $opt_R; -} -%flags = ( - 'multiline-proto' => 1, - 'header' => 1, - 'function-blocking' => 0, - 'gnuc-attribute' => 1, - 'cxx' => 1 - ); -if($opt_m) { - foreach $i (split(/,/, $opt_m)) { - if($i eq "roken") { - $flags{"multiline-proto"} = 0; - $flags{"header"} = 0; - $flags{"function-blocking"} = 0; - $flags{"gnuc-attribute"} = 0; - $flags{"cxx"} = 0; - } else { - if(substr($i, 0, 3) eq "no-") { - $flags{substr($i, 3)} = 0; - } else { - $flags{$i} = 1; - } - } - } -} - -if($opt_x) { - open(EXP, $opt_x); - while() { - chomp; - s/\#.*//g; - s/\s+/ /g; - if(/^([a-zA-Z0-9_]+)\s?(.*)$/) { - $exported{$1} = $2; - } else { - print $_, "\n"; - } - } - close EXP; -} - -while(<>) { - print $brace, " ", $_ if($debug); - if(/^\#if 0/) { - $if_0 = 1; - } - if($if_0 && /^\#endif/) { - $if_0 = 0; - } - if($if_0) { next } - if(/^\s*\#/) { - next; - } - if(/^\s*$/) { - $line = ""; - next; - } - if(/\{/){ - if (!/\}/) { - $brace++; - } - $_ = $line; - while(s/\*\//\ca/){ - s/\/\*(.|\n)*\ca//; - } - s/^\s*//; - s/\s*$//; - s/\s+/ /g; - if($_ =~ /\)$/){ - if(!/^static/ && !/^PRIVATE/){ - if(/(.*)(__attribute__\s?\(.*\))/) { - $attr = $2; - $_ = $1; - } else { - $attr = ""; - } - # remove outer () - s/\s*\(//; - # remove , within () - while(s/\(([^()]*),(.*)\)/($1\$$2)/g){} - s/\<\s*void\s*\>/<>/; - # remove parameter names - if($opt_P eq "remove") { - s/(\s*)([a-zA-Z0-9_]+)([,>])/$3/g; - s/\s+\*/*/g; - s/\(\*(\s*)([a-zA-Z0-9_]+)\)/(*)/g; - } elsif($opt_P eq "comment") { - s/([a-zA-Z0-9_]+)([,>])/\/\*$1\*\/$2/g; - s/\(\*([a-zA-Z0-9_]+)\)/(*\/\*$1\*\/)/g; - } - s/\<\>//; - # add newlines before parameters - if($flags{"multiline-proto"}) { - s/,\s*/,\n\t/g; - } else { - s/,\s*/, /g; - } - # fix removed , - s/\$/,/g; - # match function name - /([a-zA-Z0-9_]+)\s*\/$RP/; - # insert newline before function name - if($flags{"multiline-proto"}) { - s/(.*)\s([a-zA-Z0-9_]+ \Q$LP\E)/$1\n$2/; - } - if($attr ne "") { - $_ .= "\n $attr"; - } - $_ = $_ . ";"; - $funcs{$f} = $_; - } - } - $line = ""; - } - if(/\}/){ - $brace--; - } - if(/^\}/){ - $brace = 0; - } - if($brace == 0) { - $line = $line . " " . $_; - } -} - -sub foo { - local ($arg) = @_; - $_ = $arg; - s/.*\/([^\/]*)/$1/; - s/[^a-zA-Z0-9]/_/g; - "__" . $_ . "__"; -} - -if($opt_o) { - open(OUT, ">$opt_o"); - $block = &foo($opt_o); -} else { - $block = "__public_h__"; -} - -if($opt_p) { - open(PRIV, ">$opt_p"); - $private = &foo($opt_p); -} else { - $private = "__private_h__"; -} - -$public_h = ""; -$private_h = ""; - -$public_h_header .= "/* This is a generated file */ -#ifndef $block -#define $block - -"; -if ($oproto) { - $public_h_header .= "#ifdef __STDC__ -#include -#ifndef __P -#define __P(x) x -#endif -#else -#ifndef __P -#define __P(x) () -#endif -#endif - -"; -} else { - $public_h_header .= "#include - -"; -} -$public_h_trailer = ""; - -$private_h_header = "/* This is a generated file */ -#ifndef $private -#define $private - -"; -if($oproto) { - $private_h_header .= "#ifdef __STDC__ -#include -#ifndef __P -#define __P(x) x -#endif -#else -#ifndef __P -#define __P(x) () -#endif -#endif - -"; -} else { - $private_h_header .= "#include - -"; -} -$private_h_trailer = ""; - -foreach(sort keys %funcs){ - if(/^(main)$/) { next } - if(!defined($exported{$_}) && /$private_func_re/) { - $private_h .= $funcs{$_} . "\n\n"; - if($funcs{$_} =~ /__attribute__/) { - $private_attribute_seen = 1; - } - } else { - if($flags{"function-blocking"}) { - $fupper = uc $_; - if($exported{$_} =~ /proto/) { - $public_h .= "#if !defined(HAVE_$fupper) || defined(NEED_${fupper}_PROTO)\n"; - } else { - $public_h .= "#ifndef HAVE_$fupper\n"; - } - } - $public_h .= $funcs{$_} . "\n"; - if($funcs{$_} =~ /__attribute__/) { - $public_attribute_seen = 1; - } - if($flags{"function-blocking"}) { - $public_h .= "#endif\n"; - } - $public_h .= "\n"; - } -} - -if($flags{"gnuc-attribute"}) { - if ($public_attribute_seen) { - $public_h_header .= "#if !defined(__GNUC__) && !defined(__attribute__) -#define __attribute__(x) -#endif - -"; - } - - if ($private_attribute_seen) { - $private_h_header .= "#if !defined(__GNUC__) && !defined(__attribute__) -#define __attribute__(x) -#endif - -"; - } -} -if($flags{"cxx"}) { - $public_h_header .= "#ifdef __cplusplus -extern \"C\" { -#endif - -"; - $public_h_trailer .= "#ifdef __cplusplus -} -#endif - -"; - -} -if ($opt_E) { - $public_h_header .= "#ifndef $opt_E -#if defined(_WIN32) -#define $opt_E _stdcall -#else -#define $opt_E -#endif -#endif - -"; - - $private_h_header .= "#ifndef $opt_E -#if defined(_WIN32) -#define $opt_E _stdcall -#else -#define $opt_E -#endif -#endif - -"; -} - -if ($public_h ne "" && $flags{"header"}) { - $public_h = $public_h_header . $public_h . - $public_h_trailer . "#endif /* $block */\n"; -} -if ($private_h ne "" && $flags{"header"}) { - $private_h = $private_h_header . $private_h . - $private_h_trailer . "#endif /* $private */\n"; -} - -if($opt_o) { - print OUT $public_h; -} -if($opt_p) { - print PRIV $private_h; -} - -close OUT; -close PRIV; diff --git a/crypto/heimdal/cf/mips-abi.m4 b/crypto/heimdal/cf/mips-abi.m4 deleted file mode 100644 index 2af513e188df..000000000000 --- a/crypto/heimdal/cf/mips-abi.m4 +++ /dev/null @@ -1,87 +0,0 @@ -dnl $Id: mips-abi.m4 14166 2004-08-26 12:35:42Z joda $ -dnl -dnl -dnl Check for MIPS/IRIX ABI flags. Sets $abi and $abilibdirext to some -dnl value. - -AC_DEFUN([AC_MIPS_ABI], [ -AC_ARG_WITH(mips_abi, - AS_HELP_STRING([--with-mips-abi=abi],[ABI to use for IRIX (32, n32, or 64)])) - -case "$host_os" in -irix*) -with_mips_abi="${with_mips_abi:-yes}" -if test -n "$GCC"; then - -# GCC < 2.8 only supports the O32 ABI. GCC >= 2.8 has a flag to select -# which ABI to use, but only supports (as of 2.8.1) the N32 and 64 ABIs. -# -# Default to N32, but if GCC doesn't grok -mabi=n32, we assume an old -# GCC and revert back to O32. The same goes if O32 is asked for - old -# GCCs doesn't like the -mabi option, and new GCCs can't output O32. -# -# Don't you just love *all* the different SGI ABIs? - -case "${with_mips_abi}" in - 32|o32) abi='-mabi=32'; abilibdirext='' ;; - n32|yes) abi='-mabi=n32'; abilibdirext='32' ;; - 64) abi='-mabi=64'; abilibdirext='64' ;; - no) abi=''; abilibdirext='';; - *) AC_MSG_ERROR("Invalid ABI specified") ;; -esac -if test -n "$abi" ; then -ac_foo=krb_cv_gcc_`echo $abi | tr =- __` -dnl -dnl can't use AC_CACHE_CHECK here, since it doesn't quote CACHE-ID to -dnl AC_MSG_RESULT -dnl -AC_MSG_CHECKING([if $CC supports the $abi option]) -AC_CACHE_VAL($ac_foo, [ -save_CFLAGS="$CFLAGS" -CFLAGS="$CFLAGS $abi" -AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]],[[int x;]])],[eval $ac_foo=yes], [eval $ac_foo=no])dnl -CFLAGS="$save_CFLAGS" -]) -ac_res=`eval echo \\\$$ac_foo` -AC_MSG_RESULT($ac_res) -if test $ac_res = no; then -# Try to figure out why that failed... -case $abi in - -mabi=32) - save_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -mabi=n32" - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]],[[int x;]])],[ac_res=yes],[ac_res=no])dnl - CLAGS="$save_CFLAGS" - if test $ac_res = yes; then - # New GCC - AC_MSG_ERROR([$CC does not support the $with_mips_abi ABI]) - fi - # Old GCC - abi='' - abilibdirext='' - ;; - -mabi=n32|-mabi=64) - if test $with_mips_abi = yes; then - # Old GCC, default to O32 - abi='' - abilibdirext='' - else - # Some broken GCC - AC_MSG_ERROR([$CC does not support the $with_mips_abi ABI]) - fi - ;; -esac -fi #if test $ac_res = no; then -fi #if test -n "$abi" ; then -else -case "${with_mips_abi}" in - 32|o32) abi='-32'; abilibdirext='' ;; - n32|yes) abi='-n32'; abilibdirext='32' ;; - 64) abi='-64'; abilibdirext='64' ;; - no) abi=''; abilibdirext='';; - *) AC_MSG_ERROR("Invalid ABI specified") ;; -esac -fi #if test -n "$GCC"; then -;; -esac -]) diff --git a/crypto/heimdal/cf/misc.m4 b/crypto/heimdal/cf/misc.m4 deleted file mode 100644 index 042f30a58d60..000000000000 --- a/crypto/heimdal/cf/misc.m4 +++ /dev/null @@ -1,15 +0,0 @@ - -dnl $Id: misc.m4 11022 2002-05-24 15:35:32Z joda $ -dnl -AC_DEFUN([upcase],[`echo $1 | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`])dnl -AC_DEFUN([rk_LIBOBJ],[AC_LIBOBJ([$1])])dnl -AC_DEFUN([rk_CONFIG_HEADER],[AH_TOP([#ifndef RCSID -#define RCSID(msg) \ -static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } -#endif - -/* Maximum values on all known systems */ -#define MaxHostNameLen (64+4) -#define MaxPathLen (1024+4) - -])]) \ No newline at end of file diff --git a/crypto/heimdal/cf/need-proto.m4 b/crypto/heimdal/cf/need-proto.m4 deleted file mode 100644 index 978abb1afbaa..000000000000 --- a/crypto/heimdal/cf/need-proto.m4 +++ /dev/null @@ -1,22 +0,0 @@ -dnl $Id: need-proto.m4 14166 2004-08-26 12:35:42Z joda $ -dnl -dnl -dnl Check if we need the prototype for a function -dnl - -dnl AC_NEED_PROTO(includes, function) - -AC_DEFUN([AC_NEED_PROTO], [ -if test "$ac_cv_func_$2+set" != set -o "$ac_cv_func_$2" = yes; then -AC_CACHE_CHECK([if $2 needs a prototype], ac_cv_func_$2_noproto, -AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[$1 -struct foo { int foo; } xx; -extern int $2 (struct foo*);]],[[$2(&xx)]])], -[eval "ac_cv_func_$2_noproto=yes"], -[eval "ac_cv_func_$2_noproto=no"])) -if test "$ac_cv_func_$2_noproto" = yes; then - AC_DEFINE(AS_TR_CPP(NEED_[]$2[]_PROTO), 1, - [define if the system is missing a prototype for $2()]) -fi -fi -]) diff --git a/crypto/heimdal/cf/osfc2.m4 b/crypto/heimdal/cf/osfc2.m4 deleted file mode 100644 index 6366f7a4ed23..000000000000 --- a/crypto/heimdal/cf/osfc2.m4 +++ /dev/null @@ -1,14 +0,0 @@ -dnl $Id: osfc2.m4 14147 2004-08-25 14:14:01Z joda $ -dnl -dnl enable OSF C2 stuff - -AC_DEFUN([AC_CHECK_OSFC2],[ -AC_ARG_ENABLE(osfc2, - AS_HELP_STRING([--enable-osfc2],[enable some OSF C2 support])) -LIB_security= -if test "$enable_osfc2" = yes; then - AC_DEFINE(HAVE_OSFC2, 1, [Define to enable basic OSF C2 support.]) - LIB_security=-lsecurity -fi -AC_SUBST(LIB_security) -]) diff --git a/crypto/heimdal/cf/otp.m4 b/crypto/heimdal/cf/otp.m4 deleted file mode 100644 index fa6a530bcf34..000000000000 --- a/crypto/heimdal/cf/otp.m4 +++ /dev/null @@ -1,27 +0,0 @@ -dnl $Id: otp.m4 14147 2004-08-25 14:14:01Z joda $ -dnl -dnl check requirements for OTP library -dnl -AC_DEFUN([rk_OTP],[ -AC_REQUIRE([rk_DB])dnl -AC_ARG_ENABLE(otp, - AS_HELP_STRING([--disable-otp],[if you don't want OTP support])) -if test "$enable_otp" = yes -a "$db_type" = unknown; then - AC_MSG_ERROR([OTP requires a NDBM/DB compatible library]) -fi -if test "$enable_otp" != no; then - if test "$db_type" != unknown; then - enable_otp=yes - else - enable_otp=no - fi -fi -if test "$enable_otp" = yes; then - AC_DEFINE(OTP, 1, [Define if you want OTP support in applications.]) - LIB_otp='$(top_builddir)/lib/otp/libotp.la' - AC_SUBST(LIB_otp) -fi -AC_MSG_CHECKING([whether to enable OTP library]) -AC_MSG_RESULT($enable_otp) -AM_CONDITIONAL(OTP, test "$enable_otp" = yes)dnl -]) diff --git a/crypto/heimdal/cf/proto-compat.m4 b/crypto/heimdal/cf/proto-compat.m4 deleted file mode 100644 index 0da8b250e60f..000000000000 --- a/crypto/heimdal/cf/proto-compat.m4 +++ /dev/null @@ -1,21 +0,0 @@ -dnl $Id: proto-compat.m4 14166 2004-08-26 12:35:42Z joda $ -dnl -dnl -dnl Check if the prototype of a function is compatible with another one -dnl - -dnl AC_PROTO_COMPAT(includes, function, prototype) - -AC_DEFUN([AC_PROTO_COMPAT], [ -AC_CACHE_CHECK([if $2 is compatible with system prototype], -ac_cv_func_$2_proto_compat, -AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[$1]],[[$3]])], -[eval "ac_cv_func_$2_proto_compat=yes"], -[eval "ac_cv_func_$2_proto_compat=no"])) -define([foo], translit($2, [a-z], [A-Z])[_PROTO_COMPATIBLE]) -if test "$ac_cv_func_$2_proto_compat" = yes; then - AC_DEFINE(foo, 1, [define if prototype of $2 is compatible with - $3]) -fi -undefine([foo]) -]) \ No newline at end of file diff --git a/crypto/heimdal/cf/pthreads.m4 b/crypto/heimdal/cf/pthreads.m4 deleted file mode 100644 index fd2c81ba3f07..000000000000 --- a/crypto/heimdal/cf/pthreads.m4 +++ /dev/null @@ -1,75 +0,0 @@ -dnl $Id: pthreads.m4 20295 2007-04-11 11:08:08Z lha $ - -AC_DEFUN([KRB_PTHREADS], [ -AC_MSG_CHECKING(if compiling threadsafe libraries) - -AC_ARG_ENABLE(pthread-support, - AS_HELP_STRING([--enable-pthread-support], - [if you want thread safe libraries]), - [],[enable_pthread_support=maybe]) - -case "$host" in -*-*-solaris2*) - native_pthread_support=yes - if test "$GCC" = yes; then - PTHREADS_CFLAGS=-pthreads - PTHREADS_LIBS=-pthreads - else - PTHREADS_CFLAGS=-mt - PTHREADS_LIBS=-mt - fi - ;; -*-*-netbsd*) - native_pthread_support="if running netbsd 1.6T or newer" - dnl heim_threads.h knows this - PTHREADS_LIBS="" - ;; -*-*-freebsd5*) - native_pthread_support=yes - ;; -*-*-linux* | *-*-linux-gnu) - case `uname -r` in - 2.*) - native_pthread_support=yes - PTHREADS_CFLAGS=-pthread - PTHREADS_LIBS=-pthread - ;; - esac - ;; -*-*-aix*) - dnl AIX is disabled since we don't handle the utmp/utmpx - dnl problems that aix causes when compiling with pthread support - native_pthread_support=no - ;; -mips-sgi-irix6.[[5-9]]) # maybe works for earlier versions too - native_pthread_support=yes - PTHREADS_LIBS="-lpthread" - ;; -*-*-darwin*) - native_pthread_support=yes - ;; -*) - native_pthread_support=no - ;; -esac - -if test "$enable_pthread_support" = maybe ; then - enable_pthread_support="$native_pthread_support" -fi - -if test "$enable_pthread_support" != no; then - AC_DEFINE(ENABLE_PTHREAD_SUPPORT, 1, - [Define if you want have a thread safe libraries]) - dnl This sucks, but libtool doesn't save the depenecy on -pthread - dnl for libraries. - LIBS="$PTHREADS_LIBS $LIBS" -else - PTHREADS_CFLAGS="" - PTHREADS_LIBS="" -fi - -AC_SUBST(PTHREADS_CFLAGS) -AC_SUBST(PTHREADS_LIBS) - -AC_MSG_RESULT($enable_pthread_support) -]) diff --git a/crypto/heimdal/cf/resolv.m4 b/crypto/heimdal/cf/resolv.m4 deleted file mode 100644 index 8bb5e4ecbb0f..000000000000 --- a/crypto/heimdal/cf/resolv.m4 +++ /dev/null @@ -1,109 +0,0 @@ -dnl stuff used by DNS resolv code in roken -dnl -dnl $Id: resolv.m4 16009 2005-09-02 10:17:38Z lha $ -dnl - -AC_DEFUN([rk_RESOLV],[ - -AC_CHECK_HEADERS([arpa/nameser.h]) - -AC_CHECK_HEADERS(resolv.h, , , [AC_INCLUDES_DEFAULT -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -]) - -AC_FIND_FUNC(res_search, resolv, -[ -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif -], -[0,0,0,0,0]) - -AC_FIND_FUNC(res_nsearch, resolv, -[ -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif -], -[0,0,0,0,0,0]) - -AC_FIND_FUNC(res_ndestroy, resolv, -[ -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif -], -[0]) - -AC_FIND_FUNC(dn_expand, resolv, -[ -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif -], -[0,0,0,0,0]) - -rk_CHECK_VAR(_res, -[#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif]) - -]) diff --git a/crypto/heimdal/cf/retsigtype.m4 b/crypto/heimdal/cf/retsigtype.m4 deleted file mode 100644 index 2857bff1d965..000000000000 --- a/crypto/heimdal/cf/retsigtype.m4 +++ /dev/null @@ -1,18 +0,0 @@ -dnl -dnl $Id: retsigtype.m4 13338 2004-02-12 14:21:14Z lha $ -dnl -dnl Figure out return type of signal handlers, and define SIGRETURN macro -dnl that can be used to return from one -dnl -AC_DEFUN([rk_RETSIGTYPE],[ -AC_TYPE_SIGNAL -if test "$ac_cv_type_signal" = "void" ; then - AC_DEFINE(VOID_RETSIGTYPE, 1, [Define if signal handlers return void.]) -fi -AC_SUBST(VOID_RETSIGTYPE) -AH_BOTTOM([#ifdef VOID_RETSIGTYPE -#define SIGRETURN(x) return -#else -#define SIGRETURN(x) return (RETSIGTYPE)(x) -#endif]) -]) \ No newline at end of file diff --git a/crypto/heimdal/cf/roken-frag.m4 b/crypto/heimdal/cf/roken-frag.m4 deleted file mode 100644 index eccbdbd4142f..000000000000 --- a/crypto/heimdal/cf/roken-frag.m4 +++ /dev/null @@ -1,655 +0,0 @@ -dnl $Id: roken-frag.m4 20639 2007-05-10 17:22:58Z lha $ -dnl -dnl some code to get roken working -dnl -dnl rk_ROKEN(subdir) -dnl -AC_DEFUN([rk_ROKEN], [ - -AC_REQUIRE([rk_CONFIG_HEADER]) - -DIR_roken=roken -LIB_roken='$(top_builddir)/$1/libroken.la' -INCLUDES_roken='-I$(top_builddir)/$1 -I$(top_srcdir)/$1' - -dnl Checks for programs -AC_REQUIRE([AC_PROG_CC]) -AC_REQUIRE([AC_PROG_AWK]) -AC_REQUIRE([AC_OBJEXT]) -AC_REQUIRE([AC_EXEEXT]) -AC_REQUIRE([AC_PROG_LIBTOOL]) - -AC_REQUIRE([AC_MIPS_ABI]) - -dnl C characteristics - -AC_REQUIRE([AC_C___ATTRIBUTE__]) -AC_REQUIRE([AC_C_INLINE]) -AC_REQUIRE([AC_C_CONST]) -rk_WFLAGS(-Wall -Wmissing-prototypes -Wpointer-arith -Wbad-function-cast -Wmissing-declarations -Wnested-externs) - -AC_REQUIRE([rk_DB]) - -dnl C types - -AC_REQUIRE([AC_TYPE_SIZE_T]) -AC_HAVE_TYPE([ssize_t],[#include ]) -AC_REQUIRE([AC_TYPE_PID_T]) -AC_REQUIRE([AC_TYPE_UID_T]) -AC_HAVE_TYPE([long long]) - -AC_REQUIRE([rk_RETSIGTYPE]) - -dnl Checks for header files. -AC_REQUIRE([AC_HEADER_STDC]) -AC_REQUIRE([AC_HEADER_TIME]) - -AC_CHECK_HEADERS([\ - arpa/inet.h \ - config.h \ - crypt.h \ - dirent.h \ - errno.h \ - err.h \ - fcntl.h \ - fnmatch.h \ - grp.h \ - ifaddrs.h \ - netinet/in.h \ - netinet/in6.h \ - netinet/in_systm.h \ - netinet6/in6.h \ - paths.h \ - poll.h \ - pwd.h \ - rpcsvc/ypclnt.h \ - shadow.h \ - stdint.h \ - sys/bswap.h \ - sys/ioctl.h \ - sys/mman.h \ - sys/param.h \ - sys/resource.h \ - sys/sockio.h \ - sys/stat.h \ - sys/time.h \ - sys/tty.h \ - sys/types.h \ - sys/uio.h \ - sys/utsname.h \ - sys/wait.h \ - syslog.h \ - termios.h \ - unistd.h \ - userconf.h \ - usersec.h \ - util.h \ -]) - -AC_HAVE_TYPE([uintptr_t],[#ifdef HAVE_STDINT_H -#include -#endif]) - -dnl Sunpro 5.2 has a vis.h which is something different. -AC_CHECK_HEADERS(vis.h, , , [ -#include -#ifndef VIS_SP -#error invis -#endif]) - -AC_CHECK_HEADERS(netdb.h, , , [AC_INCLUDES_DEFAULT -#ifdef HAVE_SYS_TYPES_H -#include -#endif -]) - -AC_CHECK_HEADERS(sys/socket.h, , , [AC_INCLUDES_DEFAULT -#ifdef HAVE_SYS_TYPES_H -#include -#endif -]) - -AC_CHECK_HEADERS(net/if.h, , , [AC_INCLUDES_DEFAULT -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#if HAVE_SYS_SOCKET_H -#include -#endif]) - -AC_CHECK_HEADERS(netinet6/in6_var.h, , , [AC_INCLUDES_DEFAULT -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#if HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif -]) - -AC_CHECK_HEADERS(sys/sysctl.h, , , [AC_INCLUDES_DEFAULT -#ifdef HAVE_SYS_PARAM_H -#include -#endif -]) - -AC_CHECK_HEADERS(sys/proc.h, , , [AC_INCLUDES_DEFAULT -#ifdef HAVE_SYS_PARAM_H -#include -#endif -]) - -AC_REQUIRE([CHECK_NETINET_IP_AND_TCP]) - -AM_CONDITIONAL(have_err_h, test "$ac_cv_header_err_h" = yes) -AM_CONDITIONAL(have_ifaddrs_h, test "$ac_cv_header_ifaddrs_h" = yes) -AM_CONDITIONAL(have_vis_h, test "$ac_cv_header_vis_h" = yes) - -dnl Check for functions and libraries - -AC_FIND_FUNC(socket, socket) -AC_FIND_FUNC(gethostbyname, nsl) -AC_FIND_FUNC(syslog, syslog) - -AC_KRB_IPV6 - -AC_FIND_FUNC(gethostbyname2, inet6 ip6) - -rk_RESOLV - -AC_BROKEN_SNPRINTF -AC_BROKEN_VSNPRINTF - -AC_BROKEN_GLOB -if test "$ac_cv_func_glob_working" != yes; then - AC_LIBOBJ(glob) -fi -AM_CONDITIONAL(have_glob_h, test "$ac_cv_func_glob_working" = yes) - - -AC_CHECK_FUNCS([ \ - asnprintf \ - asprintf \ - atexit \ - cgetent \ - getconfattr \ - getprogname \ - getrlimit \ - getspnam \ - initstate \ - issetugid \ - on_exit \ - poll \ - random \ - setprogname \ - setstate \ - strsvis \ - strunvis \ - strvis \ - strvisx \ - svis \ - sysconf \ - sysctl \ - uname \ - unvis \ - vasnprintf \ - vasprintf \ - vis \ -]) - -if test "$ac_cv_func_cgetent" = no; then - AC_LIBOBJ(getcap) -fi -AM_CONDITIONAL(have_cgetent, test "$ac_cv_func_cgetent" = yes) - -AC_REQUIRE([AC_FUNC_GETLOGIN]) - -AC_REQUIRE([AC_FUNC_MMAP]) - -AC_FIND_FUNC_NO_LIBS(getsockopt,, -[#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif], -[0,0,0,0,0]) -AC_FIND_FUNC_NO_LIBS(setsockopt,, -[#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif], -[0,0,0,0,0]) - -AC_FIND_IF_NOT_BROKEN(hstrerror, resolv, -[#ifdef HAVE_NETDB_H -#include -#endif], -17) -AC_NEED_PROTO([ -#ifdef HAVE_NETDB_H -#include -#endif], -hstrerror) - -AC_FOREACH([rk_func], [asprintf vasprintf asnprintf vasnprintf], - [AC_NEED_PROTO([ - #include - #include ], - rk_func)]) - -AC_FIND_FUNC_NO_LIBS(bswap16,, -[#ifdef HAVE_SYS_BSWAP_H -#include -#endif],0) - -AC_FIND_FUNC_NO_LIBS(bswap32,, -[#ifdef HAVE_SYS_BSWAP_H -#include -#endif],0) - -AC_FIND_FUNC_NO_LIBS(pidfile,util, -[#ifdef HAVE_UTIL_H -#include -#endif],0) - -AC_FIND_IF_NOT_BROKEN(getaddrinfo,, -[#ifdef HAVE_NETDB_H -#include -#endif],[0,0,0,0]) - -AC_FIND_IF_NOT_BROKEN(getnameinfo,, -[#ifdef HAVE_NETDB_H -#include -#endif],[0,0,0,0,0,0,0]) - -AC_FIND_IF_NOT_BROKEN(freeaddrinfo,, -[#ifdef HAVE_NETDB_H -#include -#endif],[0]) - -AC_FIND_IF_NOT_BROKEN(gai_strerror,, -[#ifdef HAVE_NETDB_H -#include -#endif],[0]) - -AC_BROKEN([ \ - chown \ - copyhostent \ - closefrom \ - daemon \ - ecalloc \ - emalloc \ - erealloc \ - estrdup \ - err \ - errx \ - fchown \ - flock \ - fnmatch \ - freehostent \ - getcwd \ - getdtablesize \ - getegid \ - geteuid \ - getgid \ - gethostname \ - getifaddrs \ - getipnodebyaddr \ - getipnodebyname \ - getopt \ - gettimeofday \ - getuid \ - getusershell \ - initgroups \ - innetgr \ - iruserok \ - localtime_r \ - lstat \ - memmove \ - mkstemp \ - putenv \ - rcmd \ - readv \ - recvmsg \ - sendmsg \ - setegid \ - setenv \ - seteuid \ - strcasecmp \ - strdup \ - strerror \ - strftime \ - strlcat \ - strlcpy \ - strlwr \ - strncasecmp \ - strndup \ - strnlen \ - strptime \ - strsep \ - strsep_copy \ - strtok_r \ - strupr \ - swab \ - timegm \ - unsetenv \ - verr \ - verrx \ - vsyslog \ - vwarn \ - vwarnx \ - warn \ - warnx \ - writev \ -]) - -AM_CONDITIONAL(have_fnmatch_h, - test "$ac_cv_header_fnmatch_h" = yes -a "$ac_cv_func_fnmatch" = yes) - -AC_FOREACH([rk_func], [strndup strsep strtok_r], - [AC_NEED_PROTO([#include ], rk_func)]) - -AC_FOREACH([rk_func], [strsvis strunvis strvis strvisx svis unvis vis], -[AC_NEED_PROTO([#ifdef HAVE_VIS_H -#include -#endif], rk_func)]) - -AC_BROKEN2(inet_aton, -[#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif], -[0,0]) - -AC_BROKEN2(inet_ntop, -[#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif], -[0, 0, 0, 0]) - -AC_BROKEN2(inet_pton, -[#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif], -[0,0,0]) - -dnl -dnl Check for sa_len in struct sockaddr, -dnl needs to come before the getnameinfo test -dnl -AC_HAVE_STRUCT_FIELD(struct sockaddr, sa_len, [#include -#include ]) - -if test "$ac_cv_func_getaddrinfo" = "yes"; then - rk_BROKEN_GETADDRINFO - if test "$ac_cv_func_getaddrinfo_numserv" = no; then - AC_LIBOBJ(getaddrinfo) - AC_LIBOBJ(freeaddrinfo) - fi -fi - -AC_NEED_PROTO([#include ], setenv) -AC_NEED_PROTO([#include ], unsetenv) -AC_NEED_PROTO([#include ], gethostname) -AC_NEED_PROTO([#include ], mkstemp) -AC_NEED_PROTO([#include ], getusershell) -AC_NEED_PROTO([#include ], daemon) -AC_NEED_PROTO([ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif], -iruserok) - -AC_NEED_PROTO([ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif], -inet_aton) - -AC_FIND_FUNC_NO_LIBS(crypt, crypt)dnl - -AC_REQUIRE([rk_BROKEN_REALLOC])dnl - -dnl AC_KRB_FUNC_GETCWD_BROKEN - -dnl -dnl Checks for prototypes and declarations -dnl - -AC_PROTO_COMPAT([ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -], -gethostbyname, struct hostent *gethostbyname(const char *)) - -AC_PROTO_COMPAT([ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -], -gethostbyaddr, struct hostent *gethostbyaddr(const void *, size_t, int)) - -AC_PROTO_COMPAT([ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -], -getservbyname, struct servent *getservbyname(const char *, const char *)) - -AC_PROTO_COMPAT([ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -], -getsockname, int getsockname(int, struct sockaddr*, socklen_t*)) - -AC_PROTO_COMPAT([ -#ifdef HAVE_SYSLOG_H -#include -#endif -], -openlog, void openlog(const char *, int, int)) - -AC_NEED_PROTO([ -#ifdef HAVE_CRYPT_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -], -crypt) - -dnl variables - -rk_CHECK_VAR(h_errno, -[#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif]) - -rk_CHECK_VAR(h_errlist, -[#ifdef HAVE_NETDB_H -#include -#endif]) - -rk_CHECK_VAR(h_nerr, -[#ifdef HAVE_NETDB_H -#include -#endif]) - -rk_CHECK_VAR([__progname], -[#ifdef HAVE_ERR_H -#include -#endif]) - -AC_CHECK_DECLS([optarg, optind, opterr, optopt, environ],[],[][ -#include -#ifdef HAVE_UNISTD_H -#include -#endif]) - -dnl -dnl Check for fields in struct tm -dnl - -AC_HAVE_STRUCT_FIELD(struct tm, tm_gmtoff, [#include ]) -AC_HAVE_STRUCT_FIELD(struct tm, tm_zone, [#include ]) - -dnl -dnl or do we have a variable `timezone' ? -dnl - -rk_CHECK_VAR(timezone,[#include ]) -rk_CHECK_VAR(altzone,[#include ]) - -AC_HAVE_TYPE([sa_family_t],[ -#include -#include ]) -AC_HAVE_TYPE([socklen_t],[ -#include -#include ]) -AC_HAVE_TYPE([struct sockaddr], [ -#include -#include ]) -AC_HAVE_TYPE([struct sockaddr_storage], [ -#include -#include ]) -AC_HAVE_TYPE([struct addrinfo], [ -#include -#include ]) -AC_HAVE_TYPE([struct ifaddrs], [#include ]) -AC_HAVE_TYPE([struct iovec],[ -#include -#include -]) -AC_HAVE_TYPE([struct msghdr],[ -#include -#include -]) - -dnl -dnl Check for struct winsize -dnl - -AC_KRB_STRUCT_WINSIZE - -dnl -dnl Check for struct spwd -dnl - -AC_KRB_STRUCT_SPWD - -# -# Check if we want samba's socket wrapper -# - -samba_SOCKET_WRAPPER - -dnl won't work with automake -dnl moved to AC_OUTPUT in configure.in -dnl AC_CONFIG_FILES($1/Makefile) - -LIB_roken="${LIB_roken} \$(LIB_crypt) \$(LIB_dbopen)" - -AC_SUBST(DIR_roken)dnl -AC_SUBST(LIB_roken)dnl -AC_SUBST(INCLUDES_roken)dnl -]) diff --git a/crypto/heimdal/cf/roken.m4 b/crypto/heimdal/cf/roken.m4 deleted file mode 100644 index 7d8a7e8d2442..000000000000 --- a/crypto/heimdal/cf/roken.m4 +++ /dev/null @@ -1,64 +0,0 @@ -dnl $Id: roken.m4 14162 2004-08-26 11:27:32Z joda $ -dnl -dnl try to look for an installed roken library with sufficient stuff -dnl -dnl set LIB_roken to the what we should link with -dnl set DIR_roken to if the directory should be built -dnl set CPPFLAGS_roken to stuff to add to CPPFLAGS - -dnl AC_ROKEN(version,directory-to-try,roken-dir,fallback-library,fallback-cppflags) -AC_DEFUN([AC_ROKEN], [ - -AC_ARG_WITH(roken, - AS_HELP_STRING([--with-roken=dir],[use the roken library in dir]), -[if test "$withval" = "no"; then - AC_MSG_ERROR(roken is required) -fi]) - -save_CPPFLAGS="${CPPFLAGS}" - -case $with_roken in -yes|"") - dirs="$2" ;; -*) - dirs="$with_roken" ;; -esac - -roken_installed=no - -for i in $dirs; do - -AC_MSG_CHECKING(for roken in $i) - -CPPFLAGS="-I$i/include ${CPPFLAGS}" - -AC_PREPROC_IFELSE([AC_LANG_SOURCE([[ -#include -#if ROKEN_VERSION < $1 -#error old roken version, should be $1 -fail -#endif -]])],[roken_installed=yes; break]) - -AC_MSG_RESULT($roken_installed) - -done - -CPPFLAGS="$save_CPPFLAGS" - -if test "$roken_installed" != "yes"; then - DIR_roken="roken" - LIB_roken='$4' - CPPFLAGS_roken='$5' - AC_CONFIG_SUBDIRS(lib/roken) -else - LIB_roken="$i/lib/libroken.la" - CPPFLAGS_roken="-I$i/include" -fi - -LIB_roken="${LIB_roken} \$(LIB_crypt) \$(LIB_dbopen)" - -AC_SUBST(LIB_roken)dnl -AC_SUBST(DIR_roken)dnl -AC_SUBST(CPPFLAGS_roken)dnl -]) diff --git a/crypto/heimdal/cf/socket-wrapper.m4 b/crypto/heimdal/cf/socket-wrapper.m4 deleted file mode 100644 index a2b934bd0a15..000000000000 --- a/crypto/heimdal/cf/socket-wrapper.m4 +++ /dev/null @@ -1,16 +0,0 @@ -dnl $Id: socket-wrapper.m4 18077 2006-09-12 17:33:07Z lha $ -dnl -AC_DEFUN([samba_SOCKET_WRAPPER], [ - -AC_ARG_ENABLE(socket-wrapper, - AS_HELP_STRING([--enable-socket-wrapper], - [use sambas socket-wrapper for testing])) - -AM_CONDITIONAL(have_socket_wrapper, test "x$enable_socket_wrapper" = xyes)dnl - -if test "x$enable_socket_wrapper" = xyes ; then - AC_DEFINE(SOCKET_WRAPPER_REPLACE, 1, - [Define if you want to use samba socket wrappers.]) -fi - -]) diff --git a/crypto/heimdal/cf/sunos.m4 b/crypto/heimdal/cf/sunos.m4 deleted file mode 100644 index 18876f58e12c..000000000000 --- a/crypto/heimdal/cf/sunos.m4 +++ /dev/null @@ -1,25 +0,0 @@ -dnl -dnl $Id: sunos.m4 14608 2005-03-01 22:17:44Z lha $ -dnl - -AC_DEFUN([rk_SUNOS],[ -sunos=no -case "$host" in -*-*-sunos4*) - sunos=40 - ;; -*-*-solaris2.7) - sunos=57 - ;; -*-*-solaris2.[[89]] | *-*-solaris2.10) - sunos=58 - ;; -*-*-solaris2*) - sunos=50 - ;; -esac -if test "$sunos" != no; then - AC_DEFINE_UNQUOTED(SunOS, $sunos, - [Define to what version of SunOS you are running.]) -fi -]) \ No newline at end of file diff --git a/crypto/heimdal/cf/telnet.m4 b/crypto/heimdal/cf/telnet.m4 deleted file mode 100644 index b2bef86e9e7d..000000000000 --- a/crypto/heimdal/cf/telnet.m4 +++ /dev/null @@ -1,78 +0,0 @@ -dnl -dnl $Id: telnet.m4 15435 2005-06-16 19:45:52Z lha $ -dnl -dnl stuff used by telnet - -AC_DEFUN([rk_TELNET],[ -AC_DEFINE(AUTHENTICATION, 1, - [Define if you want authentication support in telnet.])dnl -AC_DEFINE(ENCRYPTION, 1, - [Define if you want encryption support in telnet.])dnl -AC_DEFINE(DES_ENCRYPTION, 1, - [Define if you want to use DES encryption in telnet.])dnl -AC_DEFINE(DIAGNOSTICS, 1, - [Define this to enable diagnostics in telnet.])dnl -AC_DEFINE(OLD_ENVIRON, 1, - [Define this to enable old environment option in telnet.])dnl -if false; then - AC_DEFINE(ENV_HACK, 1, - [Define this if you want support for broken ENV_{VAR,VAL} telnets.]) -fi - -# Simple test for streamspty, based on the existance of getmsg(), alas -# this breaks on SunOS4 which have streams but BSD-like ptys -# -# And also something wierd has happend with dec-osf1, fallback to bsd-ptys - -case "$host" in -*-*-aix3*|*-*-sunos4*|*-*-osf*|*-*-hpux1[[01]]*) - ;; -*) - AC_CHECK_FUNC(getmsg) - if test "$ac_cv_func_getmsg" = "yes"; then - AC_CACHE_CHECK([if getmsg works], ac_cv_func_getmsg_works, - AC_RUN_IFELSE([AC_LANG_SOURCE([[ - #include - #include - - int main(int argc, char **argv) - { - int ret; - ret = getmsg(open("/dev/null", 0), NULL, NULL, NULL); - if(ret < 0 && errno == ENOSYS) - return 1; - return 0; - } - ]])], [ac_cv_func_getmsg_works=yes], - [ac_cv_func_getmsg_works=no], - [ac_cv_func_getmsg_works=no])) - if test "$ac_cv_func_getmsg_works" = "yes"; then - AC_DEFINE(HAVE_GETMSG, 1, - [Define if you have a working getmsg.]) - AC_DEFINE(STREAMSPTY, 1, - [Define if you have streams ptys.]) - fi - fi - ;; -esac - -AH_BOTTOM([ -#if defined(ENCRYPTION) && !defined(AUTHENTICATION) -#define AUTHENTICATION 1 -#endif - -/* Set this to the default system lead string for telnetd - * can contain %-escapes: %s=sysname, %m=machine, %r=os-release - * %v=os-version, %t=tty, %h=hostname, %d=date and time - */ -#undef USE_IM - -/* Used with login -p */ -#undef LOGIN_ARGS - -/* set this to a sensible login */ -#ifndef LOGIN_PATH -#define LOGIN_PATH BINDIR "/login" -#endif -]) -]) diff --git a/crypto/heimdal/cf/test-package.m4 b/crypto/heimdal/cf/test-package.m4 deleted file mode 100644 index 8ef9ef738e44..000000000000 --- a/crypto/heimdal/cf/test-package.m4 +++ /dev/null @@ -1,133 +0,0 @@ -dnl $Id: test-package.m4 14166 2004-08-26 12:35:42Z joda $ -dnl -dnl rk_TEST_PACKAGE(package,headers,libraries,extra libs, -dnl default locations, conditional, config-program) - -AC_DEFUN([rk_TEST_PACKAGE],[ -AC_ARG_WITH($1, - AS_HELP_STRING([--with-$1=dir],[use $1 in dir])) -AC_ARG_WITH($1-lib, - AS_HELP_STRING([--with-$1-lib=dir],[use $1 libraries in dir]), -[if test "$withval" = "yes" -o "$withval" = "no"; then - AC_MSG_ERROR([No argument for --with-$1-lib]) -elif test "X$with_$1" = "X"; then - with_$1=yes -fi]) -AC_ARG_WITH($1-include, - AS_HELP_STRING([--with-$1-include=dir],[use $1 headers in dir]), -[if test "$withval" = "yes" -o "$withval" = "no"; then - AC_MSG_ERROR([No argument for --with-$1-include]) -elif test "X$with_$1" = "X"; then - with_$1=yes -fi]) -AC_ARG_WITH($1-config, - AS_HELP_STRING([--with-$1-config=path],[config program for $1])) - -m4_ifval([$6], - m4_define([rk_pkgname], $6), - m4_define([rk_pkgname], AS_TR_CPP($1))) - -AC_MSG_CHECKING(for $1) - -case "$with_$1" in -yes|"") d='$5' ;; -no) d= ;; -*) d="$with_$1" ;; -esac - -header_dirs= -lib_dirs= -for i in $d; do - if test "$with_$1_include" = ""; then - if test -d "$i/include/$1"; then - header_dirs="$header_dirs $i/include/$1" - fi - if test -d "$i/include"; then - header_dirs="$header_dirs $i/include" - fi - fi - if test "$with_$1_lib" = ""; then - if test -d "$i/lib$abilibdirext"; then - lib_dirs="$lib_dirs $i/lib$abilibdirext" - fi - fi -done - -if test "$with_$1_include"; then - header_dirs="$with_$1_include $header_dirs" -fi -if test "$with_$1_lib"; then - lib_dirs="$with_$1_lib $lib_dirs" -fi - -if test "$with_$1_config" = ""; then - with_$1_config='$7' -fi - -$1_cflags= -$1_libs= - -case "$with_$1_config" in -yes|no|""|"$7") - if test -f $with_$1/bin/$7 ; then - with_$1_config=$with_$1/bin/$7 - fi - ;; -esac - -case "$with_$1_config" in -yes|no|"") - ;; -*) - $1_cflags="`$with_$1_config --cflags 2>&1`" - $1_libs="`$with_$1_config --libs 2>&1`" - ;; -esac - -found=no -if test "$with_$1" != no; then - save_CFLAGS="$CFLAGS" - save_LIBS="$LIBS" - if test "$[]$1_cflags" -a "$[]$1_libs"; then - CFLAGS="$[]$1_cflags $save_CFLAGS" - LIBS="$[]$1_libs $save_LIBS" - AC_LINK_IFELSE([AC_LANG_PROGRAM([[$2]],[[]])],[ - INCLUDE_$1="$[]$1_cflags" - LIB_$1="$[]$1_libs" - AC_MSG_RESULT([from $with_$1_config]) - found=yes]) - fi - if test "$found" = no; then - ires= lres= - for i in $header_dirs; do - CFLAGS="-I$i $save_CFLAGS" - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[$2]],[[]])],[ires=$i;break]) - done - for i in $lib_dirs; do - LIBS="-L$i $3 $4 $save_LIBS" - AC_LINK_IFELSE([AC_LANG_PROGRAM([[$2]],[[]])],[lres=$i;break]) - done - if test "$ires" -a "$lres" -a "$with_$1" != "no"; then - INCLUDE_$1="-I$ires" - LIB_$1="-L$lres $3 $4" - found=yes - AC_MSG_RESULT([headers $ires, libraries $lres]) - fi - fi - CFLAGS="$save_CFLAGS" - LIBS="$save_LIBS" -fi - -if test "$found" = yes; then - AC_DEFINE_UNQUOTED(rk_pkgname, 1, [Define if you have the $1 package.]) - with_$1=yes -else - with_$1=no - INCLUDE_$1= - LIB_$1= - AC_MSG_RESULT(no) -fi - -AC_SUBST(INCLUDE_$1) -AC_SUBST(LIB_$1) -]) diff --git a/crypto/heimdal/cf/valgrind-suppressions b/crypto/heimdal/cf/valgrind-suppressions deleted file mode 100644 index 1e32042f3c4f..000000000000 --- a/crypto/heimdal/cf/valgrind-suppressions +++ /dev/null @@ -1,84 +0,0 @@ -# $Id: valgrind-suppressions 21182 2007-06-20 02:57:13Z lha $ -{ - linux db init brokenness - Memcheck:Param - pwrite64(buf) - fun:do_pwrite64 - fun:__os_io - fun:__memp_pgwrite - fun:__memp_fsync - fun:__bam_read_root - fun:__bam_open - fun:__db_dbopen - fun:__db_open - fun:DB_open -} -{ - linux strerror - Memcheck:Leak - fun:_vgrZU_libcZdsoZa_malloc - fun:rwlock_add_to_list - fun:rwlock_have_already - fun:pthread_rwlock_rdlock - fun:__dcigettext - fun:dcgettext - fun:strerror_r - fun:strerror -} -{ - linux db close brokenness - Memcheck:Param - pwrite64(buf) - fun:do_pwrite64 - fun:__os_io - fun:__memp_pgwrite - fun:__memp_fsync - fun:__db_sync - fun:__db_close - fun:DB_close -} -{ - GLIBC 2.1.2 getservbyname defect - Memcheck:Leak - fun:_vgrZU_libcZdsoZa_malloc - fun:strdup - obj:* - obj:* - fun:getservbyname_r@@GLIBC_2.1.2 - fun:getservbyname -} -{ - glibc getaddrinfo defect - Memcheck:Leak - fun:_vgrZU_libcZdsoZa_malloc - fun:__libc_res_nsend - fun:__libc_res_nquery - fun:__libc_res_nquerydomain - fun:__libc_res_nsearch - obj:* - fun:gaih_inet - fun:getaddrinfo -} -{ - glibc dlopen failure called from /bin/ls - Memcheck:Addr4 - obj:/lib/ld-2.3.6.so - obj:/lib/ld-2.3.6.so - obj:/lib/ld-2.3.6.so -} -{ - Unknown suppression in runtime link editor - Memcheck:Cond - obj:/lib/ld-2.5.so - obj:/lib/ld-2.5.so - obj:/lib/ld-2.5.so - obj:/lib/ld-2.5.so -} -{ - Unknown suppression in runtime link editor - Memcheck:Addr4 - obj:/lib/ld-2.5.so - obj:/lib/ld-2.5.so - obj:/lib/ld-2.5.so - obj:/lib/ld-2.5.so -} diff --git a/crypto/heimdal/cf/vararray.m4 b/crypto/heimdal/cf/vararray.m4 deleted file mode 100644 index 86f58d954f33..000000000000 --- a/crypto/heimdal/cf/vararray.m4 +++ /dev/null @@ -1,16 +0,0 @@ -dnl -dnl $Id: vararray.m4 14166 2004-08-26 12:35:42Z joda $ -dnl -dnl Test for variable size arrays. -dnl - -AC_DEFUN([rk_C_VARARRAY], [ - AC_CACHE_CHECK([if the compiler supports variable-length arrays],[rk_cv_c_vararray],[ - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]],[[int x = 0; { int y[x]; }]])], - [rk_cv_c_vararray=yes], - [rk_cv_c_vararray=no])]) - if test "$rk_cv_c_vararray" = yes; then - AC_DEFINE([HAVE_VARIABLE_LENGTH_ARRAY], [1], - [Define if your compiler supports variable-length arrays.]) - fi -]) diff --git a/crypto/heimdal/cf/version-script.m4 b/crypto/heimdal/cf/version-script.m4 deleted file mode 100644 index 342e5ac9cb14..000000000000 --- a/crypto/heimdal/cf/version-script.m4 +++ /dev/null @@ -1,40 +0,0 @@ -dnl check if ld supports --version-script -dnl -AC_DEFUN([rk_VERSIONSCRIPT],[ -AC_CACHE_CHECK(for ld --version-script, rk_cv_version_script,[ - rk_cv_version_script=no - - cat > conftest.map < conftest.c <. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - -# This file is maintained in Automake, please report -# bugs to or send patches to -# . - -case $1 in - '') - echo "$0: No command. Try \`$0 --help' for more information." 1>&2 - exit 1; - ;; - -h | --h*) - cat <<\EOF -Usage: compile [--help] [--version] PROGRAM [ARGS] - -Wrapper for compilers which do not understand `-c -o'. -Remove `-o dest.o' from ARGS, run PROGRAM with the remaining -arguments, and rename the output as expected. - -If you are trying to build a whole package this is not the -right script to run: please start by reading the file `INSTALL'. - -Report bugs to . -EOF - exit $? - ;; - -v | --v*) - echo "compile $scriptversion" - exit $? - ;; -esac - -ofile= -cfile= -eat= - -for arg -do - if test -n "$eat"; then - eat= - else - case $1 in - -o) - # configure might choose to run compile as `compile cc -o foo foo.c'. - # So we strip `-o arg' only if arg is an object. - eat=1 - case $2 in - *.o | *.obj) - ofile=$2 - ;; - *) - set x "$@" -o "$2" - shift - ;; - esac - ;; - *.c) - cfile=$1 - set x "$@" "$1" - shift - ;; - *) - set x "$@" "$1" - shift - ;; - esac - fi - shift -done - -if test -z "$ofile" || test -z "$cfile"; then - # If no `-o' option was seen then we might have been invoked from a - # pattern rule where we don't need one. That is ok -- this is a - # normal compilation that the losing compiler can handle. If no - # `.c' file was seen then we are probably linking. That is also - # ok. - exec "$@" -fi - -# Name of file we expect compiler to create. -cofile=`echo "$cfile" | sed -e 's|^.*/||' -e 's/\.c$/.o/'` - -# Create the lock directory. -# Note: use `[/.-]' here to ensure that we don't use the same name -# that we are using for the .o file. Also, base the name on the expected -# object file name, since that is what matters with a parallel build. -lockdir=`echo "$cofile" | sed -e 's|[/.-]|_|g'`.d -while true; do - if mkdir "$lockdir" >/dev/null 2>&1; then - break - fi - sleep 1 -done -# FIXME: race condition here if user kills between mkdir and trap. -trap "rmdir '$lockdir'; exit 1" 1 2 15 - -# Run the compile. -"$@" -ret=$? - -if test -f "$cofile"; then - mv "$cofile" "$ofile" -elif test -f "${cofile}bj"; then - mv "${cofile}bj" "$ofile" -fi - -rmdir "$lockdir" -exit $ret - -# Local Variables: -# mode: shell-script -# sh-indentation: 2 -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "scriptversion=" -# time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-end: "$" -# End: diff --git a/crypto/heimdal/config.guess b/crypto/heimdal/config.guess deleted file mode 100755 index 396482d6cb50..000000000000 --- a/crypto/heimdal/config.guess +++ /dev/null @@ -1,1500 +0,0 @@ -#! /bin/sh -# Attempt to guess a canonical system name. -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, -# Inc. - -timestamp='2006-07-02' - -# This file is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA -# 02110-1301, USA. -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - - -# Originally written by Per Bothner . -# Please send patches to . Submit a context -# diff and a properly formatted ChangeLog entry. -# -# This script attempts to guess a canonical system name similar to -# config.sub. If it succeeds, it prints the system name on stdout, and -# exits with 0. Otherwise, it exits with 1. -# -# The plan is that this can be called by configure scripts if you -# don't specify an explicit build system type. - -me=`echo "$0" | sed -e 's,.*/,,'` - -usage="\ -Usage: $0 [OPTION] - -Output the configuration name of the system \`$me' is run on. - -Operation modes: - -h, --help print this help, then exit - -t, --time-stamp print date of last modification, then exit - -v, --version print version number, then exit - -Report bugs and patches to ." - -version="\ -GNU config.guess ($timestamp) - -Originally written by Per Bothner. -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005 -Free Software Foundation, Inc. - -This is free software; see the source for copying conditions. There is NO -warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." - -help=" -Try \`$me --help' for more information." - -# Parse command line -while test $# -gt 0 ; do - case $1 in - --time-stamp | --time* | -t ) - echo "$timestamp" ; exit ;; - --version | -v ) - echo "$version" ; exit ;; - --help | --h* | -h ) - echo "$usage"; exit ;; - -- ) # Stop option processing - shift; break ;; - - ) # Use stdin as input. - break ;; - -* ) - echo "$me: invalid option $1$help" >&2 - exit 1 ;; - * ) - break ;; - esac -done - -if test $# != 0; then - echo "$me: too many arguments$help" >&2 - exit 1 -fi - -trap 'exit 1' 1 2 15 - -# CC_FOR_BUILD -- compiler used by this script. Note that the use of a -# compiler to aid in system detection is discouraged as it requires -# temporary files to be created and, as you can see below, it is a -# headache to deal with in a portable fashion. - -# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still -# use `HOST_CC' if defined, but it is deprecated. - -# Portable tmp directory creation inspired by the Autoconf team. - -set_cc_for_build=' -trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; -trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; -: ${TMPDIR=/tmp} ; - { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || - { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || - { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || - { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; -dummy=$tmp/dummy ; -tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; -case $CC_FOR_BUILD,$HOST_CC,$CC in - ,,) echo "int x;" > $dummy.c ; - for c in cc gcc c89 c99 ; do - if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then - CC_FOR_BUILD="$c"; break ; - fi ; - done ; - if test x"$CC_FOR_BUILD" = x ; then - CC_FOR_BUILD=no_compiler_found ; - fi - ;; - ,,*) CC_FOR_BUILD=$CC ;; - ,*,*) CC_FOR_BUILD=$HOST_CC ;; -esac ; set_cc_for_build= ;' - -# This is needed to find uname on a Pyramid OSx when run in the BSD universe. -# (ghazi@noc.rutgers.edu 1994-08-24) -if (test -f /.attbin/uname) >/dev/null 2>&1 ; then - PATH=$PATH:/.attbin ; export PATH -fi - -UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown -UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown -UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown -UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown - -# Note: order is significant - the case branches are not exclusive. - -case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in - *:NetBSD:*:*) - # NetBSD (nbsd) targets should (where applicable) match one or - # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, - # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently - # switched to ELF, *-*-netbsd* would select the old - # object file format. This provides both forward - # compatibility and a consistent mechanism for selecting the - # object file format. - # - # Note: NetBSD doesn't particularly care about the vendor - # portion of the name. We always set it to "unknown". - sysctl="sysctl -n hw.machine_arch" - UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \ - /usr/sbin/$sysctl 2>/dev/null || echo unknown)` - case "${UNAME_MACHINE_ARCH}" in - armeb) machine=armeb-unknown ;; - arm*) machine=arm-unknown ;; - sh3el) machine=shl-unknown ;; - sh3eb) machine=sh-unknown ;; - *) machine=${UNAME_MACHINE_ARCH}-unknown ;; - esac - # The Operating System including object format, if it has switched - # to ELF recently, or will in the future. - case "${UNAME_MACHINE_ARCH}" in - arm*|i386|m68k|ns32k|sh3*|sparc|vax) - eval $set_cc_for_build - if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ - | grep __ELF__ >/dev/null - then - # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). - # Return netbsd for either. FIX? - os=netbsd - else - os=netbsdelf - fi - ;; - *) - os=netbsd - ;; - esac - # The OS release - # Debian GNU/NetBSD machines have a different userland, and - # thus, need a distinct triplet. However, they do not need - # kernel version information, so it can be replaced with a - # suitable tag, in the style of linux-gnu. - case "${UNAME_VERSION}" in - Debian*) - release='-gnu' - ;; - *) - release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` - ;; - esac - # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: - # contains redundant information, the shorter form: - # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. - echo "${machine}-${os}${release}" - exit ;; - *:OpenBSD:*:*) - UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` - echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} - exit ;; - *:ekkoBSD:*:*) - echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE} - exit ;; - *:SolidBSD:*:*) - echo ${UNAME_MACHINE}-unknown-solidbsd${UNAME_RELEASE} - exit ;; - macppc:MirBSD:*:*) - echo powerpc-unknown-mirbsd${UNAME_RELEASE} - exit ;; - *:MirBSD:*:*) - echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE} - exit ;; - alpha:OSF1:*:*) - case $UNAME_RELEASE in - *4.0) - UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` - ;; - *5.*) - UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` - ;; - esac - # According to Compaq, /usr/sbin/psrinfo has been available on - # OSF/1 and Tru64 systems produced since 1995. I hope that - # covers most systems running today. This code pipes the CPU - # types through head -n 1, so we only detect the type of CPU 0. - ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` - case "$ALPHA_CPU_TYPE" in - "EV4 (21064)") - UNAME_MACHINE="alpha" ;; - "EV4.5 (21064)") - UNAME_MACHINE="alpha" ;; - "LCA4 (21066/21068)") - UNAME_MACHINE="alpha" ;; - "EV5 (21164)") - UNAME_MACHINE="alphaev5" ;; - "EV5.6 (21164A)") - UNAME_MACHINE="alphaev56" ;; - "EV5.6 (21164PC)") - UNAME_MACHINE="alphapca56" ;; - "EV5.7 (21164PC)") - UNAME_MACHINE="alphapca57" ;; - "EV6 (21264)") - UNAME_MACHINE="alphaev6" ;; - "EV6.7 (21264A)") - UNAME_MACHINE="alphaev67" ;; - "EV6.8CB (21264C)") - UNAME_MACHINE="alphaev68" ;; - "EV6.8AL (21264B)") - UNAME_MACHINE="alphaev68" ;; - "EV6.8CX (21264D)") - UNAME_MACHINE="alphaev68" ;; - "EV6.9A (21264/EV69A)") - UNAME_MACHINE="alphaev69" ;; - "EV7 (21364)") - UNAME_MACHINE="alphaev7" ;; - "EV7.9 (21364A)") - UNAME_MACHINE="alphaev79" ;; - esac - # A Pn.n version is a patched version. - # A Vn.n version is a released version. - # A Tn.n version is a released field test version. - # A Xn.n version is an unreleased experimental baselevel. - # 1.2 uses "1.2" for uname -r. - echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - exit ;; - Alpha\ *:Windows_NT*:*) - # How do we know it's Interix rather than the generic POSIX subsystem? - # Should we change UNAME_MACHINE based on the output of uname instead - # of the specific Alpha model? - echo alpha-pc-interix - exit ;; - 21064:Windows_NT:50:3) - echo alpha-dec-winnt3.5 - exit ;; - Amiga*:UNIX_System_V:4.0:*) - echo m68k-unknown-sysv4 - exit ;; - *:[Aa]miga[Oo][Ss]:*:*) - echo ${UNAME_MACHINE}-unknown-amigaos - exit ;; - *:[Mm]orph[Oo][Ss]:*:*) - echo ${UNAME_MACHINE}-unknown-morphos - exit ;; - *:OS/390:*:*) - echo i370-ibm-openedition - exit ;; - *:z/VM:*:*) - echo s390-ibm-zvmoe - exit ;; - *:OS400:*:*) - echo powerpc-ibm-os400 - exit ;; - arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) - echo arm-acorn-riscix${UNAME_RELEASE} - exit ;; - arm:riscos:*:*|arm:RISCOS:*:*) - echo arm-unknown-riscos - exit ;; - SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) - echo hppa1.1-hitachi-hiuxmpp - exit ;; - Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) - # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. - if test "`(/bin/universe) 2>/dev/null`" = att ; then - echo pyramid-pyramid-sysv3 - else - echo pyramid-pyramid-bsd - fi - exit ;; - NILE*:*:*:dcosx) - echo pyramid-pyramid-svr4 - exit ;; - DRS?6000:unix:4.0:6*) - echo sparc-icl-nx6 - exit ;; - DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*) - case `/usr/bin/uname -p` in - sparc) echo sparc-icl-nx7; exit ;; - esac ;; - sun4H:SunOS:5.*:*) - echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) - echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - i86pc:SunOS:5.*:*) - echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - sun4*:SunOS:6*:*) - # According to config.sub, this is the proper way to canonicalize - # SunOS6. Hard to guess exactly what SunOS6 will be like, but - # it's likely to be more like Solaris than SunOS4. - echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - sun4*:SunOS:*:*) - case "`/usr/bin/arch -k`" in - Series*|S4*) - UNAME_RELEASE=`uname -v` - ;; - esac - # Japanese Language versions have a version number like `4.1.3-JL'. - echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` - exit ;; - sun3*:SunOS:*:*) - echo m68k-sun-sunos${UNAME_RELEASE} - exit ;; - sun*:*:4.2BSD:*) - UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` - test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 - case "`/bin/arch`" in - sun3) - echo m68k-sun-sunos${UNAME_RELEASE} - ;; - sun4) - echo sparc-sun-sunos${UNAME_RELEASE} - ;; - esac - exit ;; - aushp:SunOS:*:*) - echo sparc-auspex-sunos${UNAME_RELEASE} - exit ;; - # The situation for MiNT is a little confusing. The machine name - # can be virtually everything (everything which is not - # "atarist" or "atariste" at least should have a processor - # > m68000). The system name ranges from "MiNT" over "FreeMiNT" - # to the lowercase version "mint" (or "freemint"). Finally - # the system name "TOS" denotes a system which is actually not - # MiNT. But MiNT is downward compatible to TOS, so this should - # be no problem. - atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} - exit ;; - atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} - exit ;; - *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} - exit ;; - milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) - echo m68k-milan-mint${UNAME_RELEASE} - exit ;; - hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) - echo m68k-hades-mint${UNAME_RELEASE} - exit ;; - *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) - echo m68k-unknown-mint${UNAME_RELEASE} - exit ;; - m68k:machten:*:*) - echo m68k-apple-machten${UNAME_RELEASE} - exit ;; - powerpc:machten:*:*) - echo powerpc-apple-machten${UNAME_RELEASE} - exit ;; - RISC*:Mach:*:*) - echo mips-dec-mach_bsd4.3 - exit ;; - RISC*:ULTRIX:*:*) - echo mips-dec-ultrix${UNAME_RELEASE} - exit ;; - VAX*:ULTRIX*:*:*) - echo vax-dec-ultrix${UNAME_RELEASE} - exit ;; - 2020:CLIX:*:* | 2430:CLIX:*:*) - echo clipper-intergraph-clix${UNAME_RELEASE} - exit ;; - mips:*:*:UMIPS | mips:*:*:RISCos) - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c -#ifdef __cplusplus -#include /* for printf() prototype */ - int main (int argc, char *argv[]) { -#else - int main (argc, argv) int argc; char *argv[]; { -#endif - #if defined (host_mips) && defined (MIPSEB) - #if defined (SYSTYPE_SYSV) - printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0); - #endif - #if defined (SYSTYPE_SVR4) - printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0); - #endif - #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD) - printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0); - #endif - #endif - exit (-1); - } -EOF - $CC_FOR_BUILD -o $dummy $dummy.c && - dummyarg=`echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` && - SYSTEM_NAME=`$dummy $dummyarg` && - { echo "$SYSTEM_NAME"; exit; } - echo mips-mips-riscos${UNAME_RELEASE} - exit ;; - Motorola:PowerMAX_OS:*:*) - echo powerpc-motorola-powermax - exit ;; - Motorola:*:4.3:PL8-*) - echo powerpc-harris-powermax - exit ;; - Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*) - echo powerpc-harris-powermax - exit ;; - Night_Hawk:Power_UNIX:*:*) - echo powerpc-harris-powerunix - exit ;; - m88k:CX/UX:7*:*) - echo m88k-harris-cxux7 - exit ;; - m88k:*:4*:R4*) - echo m88k-motorola-sysv4 - exit ;; - m88k:*:3*:R3*) - echo m88k-motorola-sysv3 - exit ;; - AViiON:dgux:*:*) - # DG/UX returns AViiON for all architectures - UNAME_PROCESSOR=`/usr/bin/uname -p` - if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] - then - if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ - [ ${TARGET_BINARY_INTERFACE}x = x ] - then - echo m88k-dg-dgux${UNAME_RELEASE} - else - echo m88k-dg-dguxbcs${UNAME_RELEASE} - fi - else - echo i586-dg-dgux${UNAME_RELEASE} - fi - exit ;; - M88*:DolphinOS:*:*) # DolphinOS (SVR3) - echo m88k-dolphin-sysv3 - exit ;; - M88*:*:R3*:*) - # Delta 88k system running SVR3 - echo m88k-motorola-sysv3 - exit ;; - XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) - echo m88k-tektronix-sysv3 - exit ;; - Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) - echo m68k-tektronix-bsd - exit ;; - *:IRIX*:*:*) - echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` - exit ;; - ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. - echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id - exit ;; # Note that: echo "'`uname -s`'" gives 'AIX ' - i*86:AIX:*:*) - echo i386-ibm-aix - exit ;; - ia64:AIX:*:*) - if [ -x /usr/bin/oslevel ] ; then - IBM_REV=`/usr/bin/oslevel` - else - IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} - fi - echo ${UNAME_MACHINE}-ibm-aix${IBM_REV} - exit ;; - *:AIX:2:3) - if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #include - - main() - { - if (!__power_pc()) - exit(1); - puts("powerpc-ibm-aix3.2.5"); - exit(0); - } -EOF - if $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` - then - echo "$SYSTEM_NAME" - else - echo rs6000-ibm-aix3.2.5 - fi - elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then - echo rs6000-ibm-aix3.2.4 - else - echo rs6000-ibm-aix3.2 - fi - exit ;; - *:AIX:*:[45]) - IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` - if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then - IBM_ARCH=rs6000 - else - IBM_ARCH=powerpc - fi - if [ -x /usr/bin/oslevel ] ; then - IBM_REV=`/usr/bin/oslevel` - else - IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} - fi - echo ${IBM_ARCH}-ibm-aix${IBM_REV} - exit ;; - *:AIX:*:*) - echo rs6000-ibm-aix - exit ;; - ibmrt:4.4BSD:*|romp-ibm:BSD:*) - echo romp-ibm-bsd4.4 - exit ;; - ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and - echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to - exit ;; # report: romp-ibm BSD 4.3 - *:BOSX:*:*) - echo rs6000-bull-bosx - exit ;; - DPX/2?00:B.O.S.:*:*) - echo m68k-bull-sysv3 - exit ;; - 9000/[34]??:4.3bsd:1.*:*) - echo m68k-hp-bsd - exit ;; - hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) - echo m68k-hp-bsd4.4 - exit ;; - 9000/[34678]??:HP-UX:*:*) - HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` - case "${UNAME_MACHINE}" in - 9000/31? ) HP_ARCH=m68000 ;; - 9000/[34]?? ) HP_ARCH=m68k ;; - 9000/[678][0-9][0-9]) - if [ -x /usr/bin/getconf ]; then - sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` - sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` - case "${sc_cpu_version}" in - 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 - 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 - 532) # CPU_PA_RISC2_0 - case "${sc_kernel_bits}" in - 32) HP_ARCH="hppa2.0n" ;; - 64) HP_ARCH="hppa2.0w" ;; - '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 - esac ;; - esac - fi - if [ "${HP_ARCH}" = "" ]; then - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - - #define _HPUX_SOURCE - #include - #include - - int main () - { - #if defined(_SC_KERNEL_BITS) - long bits = sysconf(_SC_KERNEL_BITS); - #endif - long cpu = sysconf (_SC_CPU_VERSION); - - switch (cpu) - { - case CPU_PA_RISC1_0: puts ("hppa1.0"); break; - case CPU_PA_RISC1_1: puts ("hppa1.1"); break; - case CPU_PA_RISC2_0: - #if defined(_SC_KERNEL_BITS) - switch (bits) - { - case 64: puts ("hppa2.0w"); break; - case 32: puts ("hppa2.0n"); break; - default: puts ("hppa2.0"); break; - } break; - #else /* !defined(_SC_KERNEL_BITS) */ - puts ("hppa2.0"); break; - #endif - default: puts ("hppa1.0"); break; - } - exit (0); - } -EOF - (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` - test -z "$HP_ARCH" && HP_ARCH=hppa - fi ;; - esac - if [ ${HP_ARCH} = "hppa2.0w" ] - then - eval $set_cc_for_build - - # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating - # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler - # generating 64-bit code. GNU and HP use different nomenclature: - # - # $ CC_FOR_BUILD=cc ./config.guess - # => hppa2.0w-hp-hpux11.23 - # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess - # => hppa64-hp-hpux11.23 - - if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | - grep __LP64__ >/dev/null - then - HP_ARCH="hppa2.0w" - else - HP_ARCH="hppa64" - fi - fi - echo ${HP_ARCH}-hp-hpux${HPUX_REV} - exit ;; - ia64:HP-UX:*:*) - HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` - echo ia64-hp-hpux${HPUX_REV} - exit ;; - 3050*:HI-UX:*:*) - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #include - int - main () - { - long cpu = sysconf (_SC_CPU_VERSION); - /* The order matters, because CPU_IS_HP_MC68K erroneously returns - true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct - results, however. */ - if (CPU_IS_PA_RISC (cpu)) - { - switch (cpu) - { - case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break; - case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break; - case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break; - default: puts ("hppa-hitachi-hiuxwe2"); break; - } - } - else if (CPU_IS_HP_MC68K (cpu)) - puts ("m68k-hitachi-hiuxwe2"); - else puts ("unknown-hitachi-hiuxwe2"); - exit (0); - } -EOF - $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` && - { echo "$SYSTEM_NAME"; exit; } - echo unknown-hitachi-hiuxwe2 - exit ;; - 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* ) - echo hppa1.1-hp-bsd - exit ;; - 9000/8??:4.3bsd:*:*) - echo hppa1.0-hp-bsd - exit ;; - *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) - echo hppa1.0-hp-mpeix - exit ;; - hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* ) - echo hppa1.1-hp-osf - exit ;; - hp8??:OSF1:*:*) - echo hppa1.0-hp-osf - exit ;; - i*86:OSF1:*:*) - if [ -x /usr/sbin/sysversion ] ; then - echo ${UNAME_MACHINE}-unknown-osf1mk - else - echo ${UNAME_MACHINE}-unknown-osf1 - fi - exit ;; - parisc*:Lites*:*:*) - echo hppa1.1-hp-lites - exit ;; - C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) - echo c1-convex-bsd - exit ;; - C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) - if getsysinfo -f scalar_acc - then echo c32-convex-bsd - else echo c2-convex-bsd - fi - exit ;; - C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) - echo c34-convex-bsd - exit ;; - C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) - echo c38-convex-bsd - exit ;; - C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) - echo c4-convex-bsd - exit ;; - CRAY*Y-MP:*:*:*) - echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - CRAY*[A-Z]90:*:*:*) - echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ - | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ - -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \ - -e 's/\.[^.]*$/.X/' - exit ;; - CRAY*TS:*:*:*) - echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - CRAY*T3E:*:*:*) - echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - CRAY*SV1:*:*:*) - echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - *:UNICOS/mp:*:*) - echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) - FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` - FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` - echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit ;; - 5000:UNIX_System_V:4.*:*) - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` - FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` - echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit ;; - i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) - echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} - exit ;; - sparc*:BSD/OS:*:*) - echo sparc-unknown-bsdi${UNAME_RELEASE} - exit ;; - *:BSD/OS:*:*) - echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} - exit ;; - *:FreeBSD:*:*) - case ${UNAME_MACHINE} in - pc98) - echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; - amd64) - echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; - *) - echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; - esac - exit ;; - i*:CYGWIN*:*) - echo ${UNAME_MACHINE}-pc-cygwin - exit ;; - i*:MINGW*:*) - echo ${UNAME_MACHINE}-pc-mingw32 - exit ;; - i*:windows32*:*) - # uname -m includes "-pc" on this system. - echo ${UNAME_MACHINE}-mingw32 - exit ;; - i*:PW*:*) - echo ${UNAME_MACHINE}-pc-pw32 - exit ;; - x86:Interix*:[3456]*) - echo i586-pc-interix${UNAME_RELEASE} - exit ;; - EM64T:Interix*:[3456]*) - echo x86_64-unknown-interix${UNAME_RELEASE} - exit ;; - [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) - echo i${UNAME_MACHINE}-pc-mks - exit ;; - i*:Windows_NT*:* | Pentium*:Windows_NT*:*) - # How do we know it's Interix rather than the generic POSIX subsystem? - # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we - # UNAME_MACHINE based on the output of uname instead of i386? - echo i586-pc-interix - exit ;; - i*:UWIN*:*) - echo ${UNAME_MACHINE}-pc-uwin - exit ;; - amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*) - echo x86_64-unknown-cygwin - exit ;; - p*:CYGWIN*:*) - echo powerpcle-unknown-cygwin - exit ;; - prep*:SunOS:5.*:*) - echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - *:GNU:*:*) - # the GNU system - echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` - exit ;; - *:GNU/*:*:*) - # other systems with GNU libc and userland - echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu - exit ;; - i*86:Minix:*:*) - echo ${UNAME_MACHINE}-pc-minix - exit ;; - arm*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - avr32*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - cris:Linux:*:*) - echo cris-axis-linux-gnu - exit ;; - crisv32:Linux:*:*) - echo crisv32-axis-linux-gnu - exit ;; - frv:Linux:*:*) - echo frv-unknown-linux-gnu - exit ;; - ia64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - m32r*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - m68*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - mips:Linux:*:*) - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #undef CPU - #undef mips - #undef mipsel - #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) - CPU=mipsel - #else - #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) - CPU=mips - #else - CPU= - #endif - #endif -EOF - eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n ' - /^CPU/{ - s: ::g - p - }'`" - test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } - ;; - mips64:Linux:*:*) - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #undef CPU - #undef mips64 - #undef mips64el - #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) - CPU=mips64el - #else - #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) - CPU=mips64 - #else - CPU= - #endif - #endif -EOF - eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n ' - /^CPU/{ - s: ::g - p - }'`" - test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } - ;; - or32:Linux:*:*) - echo or32-unknown-linux-gnu - exit ;; - ppc:Linux:*:*) - echo powerpc-unknown-linux-gnu - exit ;; - ppc64:Linux:*:*) - echo powerpc64-unknown-linux-gnu - exit ;; - alpha:Linux:*:*) - case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in - EV5) UNAME_MACHINE=alphaev5 ;; - EV56) UNAME_MACHINE=alphaev56 ;; - PCA56) UNAME_MACHINE=alphapca56 ;; - PCA57) UNAME_MACHINE=alphapca56 ;; - EV6) UNAME_MACHINE=alphaev6 ;; - EV67) UNAME_MACHINE=alphaev67 ;; - EV68*) UNAME_MACHINE=alphaev68 ;; - esac - objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null - if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi - echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} - exit ;; - parisc:Linux:*:* | hppa:Linux:*:*) - # Look for CPU level - case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in - PA7*) echo hppa1.1-unknown-linux-gnu ;; - PA8*) echo hppa2.0-unknown-linux-gnu ;; - *) echo hppa-unknown-linux-gnu ;; - esac - exit ;; - parisc64:Linux:*:* | hppa64:Linux:*:*) - echo hppa64-unknown-linux-gnu - exit ;; - s390:Linux:*:* | s390x:Linux:*:*) - echo ${UNAME_MACHINE}-ibm-linux - exit ;; - sh64*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - sh*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - sparc:Linux:*:* | sparc64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - vax:Linux:*:*) - echo ${UNAME_MACHINE}-dec-linux-gnu - exit ;; - x86_64:Linux:*:*) - echo x86_64-unknown-linux-gnu - exit ;; - i*86:Linux:*:*) - # The BFD linker knows what the default object file format is, so - # first see if it will tell us. cd to the root directory to prevent - # problems with other programs or directories called `ld' in the path. - # Set LC_ALL=C to ensure ld outputs messages in English. - ld_supported_targets=`cd /; LC_ALL=C ld --help 2>&1 \ - | sed -ne '/supported targets:/!d - s/[ ][ ]*/ /g - s/.*supported targets: *// - s/ .*// - p'` - case "$ld_supported_targets" in - elf32-i386) - TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu" - ;; - a.out-i386-linux) - echo "${UNAME_MACHINE}-pc-linux-gnuaout" - exit ;; - coff-i386) - echo "${UNAME_MACHINE}-pc-linux-gnucoff" - exit ;; - "") - # Either a pre-BFD a.out linker (linux-gnuoldld) or - # one that does not give us useful --help. - echo "${UNAME_MACHINE}-pc-linux-gnuoldld" - exit ;; - esac - # Determine whether the default compiler is a.out or elf - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #include - #ifdef __ELF__ - # ifdef __GLIBC__ - # if __GLIBC__ >= 2 - LIBC=gnu - # else - LIBC=gnulibc1 - # endif - # else - LIBC=gnulibc1 - # endif - #else - #if defined(__INTEL_COMPILER) || defined(__PGI) || defined(__SUNPRO_C) || defined(__SUNPRO_CC) - LIBC=gnu - #else - LIBC=gnuaout - #endif - #endif - #ifdef __dietlibc__ - LIBC=dietlibc - #endif -EOF - eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n ' - /^LIBC/{ - s: ::g - p - }'`" - test x"${LIBC}" != x && { - echo "${UNAME_MACHINE}-pc-linux-${LIBC}" - exit - } - test x"${TENTATIVE}" != x && { echo "${TENTATIVE}"; exit; } - ;; - i*86:DYNIX/ptx:4*:*) - # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. - # earlier versions are messed up and put the nodename in both - # sysname and nodename. - echo i386-sequent-sysv4 - exit ;; - i*86:UNIX_SV:4.2MP:2.*) - # Unixware is an offshoot of SVR4, but it has its own version - # number series starting with 2... - # I am not positive that other SVR4 systems won't match this, - # I just have to hope. -- rms. - # Use sysv4.2uw... so that sysv4* matches it. - echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} - exit ;; - i*86:OS/2:*:*) - # If we were able to find `uname', then EMX Unix compatibility - # is probably installed. - echo ${UNAME_MACHINE}-pc-os2-emx - exit ;; - i*86:XTS-300:*:STOP) - echo ${UNAME_MACHINE}-unknown-stop - exit ;; - i*86:atheos:*:*) - echo ${UNAME_MACHINE}-unknown-atheos - exit ;; - i*86:syllable:*:*) - echo ${UNAME_MACHINE}-pc-syllable - exit ;; - i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*) - echo i386-unknown-lynxos${UNAME_RELEASE} - exit ;; - i*86:*DOS:*:*) - echo ${UNAME_MACHINE}-pc-msdosdjgpp - exit ;; - i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*) - UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'` - if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then - echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL} - else - echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL} - fi - exit ;; - i*86:*:5:[678]*) - # UnixWare 7.x, OpenUNIX and OpenServer 6. - case `/bin/uname -X | grep "^Machine"` in - *486*) UNAME_MACHINE=i486 ;; - *Pentium) UNAME_MACHINE=i586 ;; - *Pent*|*Celeron) UNAME_MACHINE=i686 ;; - esac - echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} - exit ;; - i*86:*:3.2:*) - if test -f /usr/options/cb.name; then - UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then - UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')` - (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486 - (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \ - && UNAME_MACHINE=i586 - (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \ - && UNAME_MACHINE=i686 - (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \ - && UNAME_MACHINE=i686 - echo ${UNAME_MACHINE}-pc-sco$UNAME_REL - else - echo ${UNAME_MACHINE}-pc-sysv32 - fi - exit ;; - pc:*:*:*) - # Left here for compatibility: - # uname -m prints for DJGPP always 'pc', but it prints nothing about - # the processor, so we play safe by assuming i386. - echo i386-pc-msdosdjgpp - exit ;; - Intel:Mach:3*:*) - echo i386-pc-mach3 - exit ;; - paragon:*:*:*) - echo i860-intel-osf1 - exit ;; - i860:*:4.*:*) # i860-SVR4 - if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then - echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 - else # Add other i860-SVR4 vendors below as they are discovered. - echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 - fi - exit ;; - mini*:CTIX:SYS*5:*) - # "miniframe" - echo m68010-convergent-sysv - exit ;; - mc68k:UNIX:SYSTEM5:3.51m) - echo m68k-convergent-sysv - exit ;; - M680?0:D-NIX:5.3:*) - echo m68k-diab-dnix - exit ;; - M68*:*:R3V[5678]*:*) - test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;; - 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0) - OS_REL='' - test -r /etc/.relid \ - && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` - /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && { echo i486-ncr-sysv4.3${OS_REL}; exit; } - /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ - && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; - 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) - /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && { echo i486-ncr-sysv4; exit; } ;; - m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) - echo m68k-unknown-lynxos${UNAME_RELEASE} - exit ;; - mc68030:UNIX_System_V:4.*:*) - echo m68k-atari-sysv4 - exit ;; - TSUNAMI:LynxOS:2.*:*) - echo sparc-unknown-lynxos${UNAME_RELEASE} - exit ;; - rs6000:LynxOS:2.*:*) - echo rs6000-unknown-lynxos${UNAME_RELEASE} - exit ;; - PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*) - echo powerpc-unknown-lynxos${UNAME_RELEASE} - exit ;; - SM[BE]S:UNIX_SV:*:*) - echo mips-dde-sysv${UNAME_RELEASE} - exit ;; - RM*:ReliantUNIX-*:*:*) - echo mips-sni-sysv4 - exit ;; - RM*:SINIX-*:*:*) - echo mips-sni-sysv4 - exit ;; - *:SINIX-*:*:*) - if uname -p 2>/dev/null >/dev/null ; then - UNAME_MACHINE=`(uname -p) 2>/dev/null` - echo ${UNAME_MACHINE}-sni-sysv4 - else - echo ns32k-sni-sysv - fi - exit ;; - PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort - # says - echo i586-unisys-sysv4 - exit ;; - *:UNIX_System_V:4*:FTX*) - # From Gerald Hewes . - # How about differentiating between stratus architectures? -djm - echo hppa1.1-stratus-sysv4 - exit ;; - *:*:*:FTX*) - # From seanf@swdc.stratus.com. - echo i860-stratus-sysv4 - exit ;; - i*86:VOS:*:*) - # From Paul.Green@stratus.com. - echo ${UNAME_MACHINE}-stratus-vos - exit ;; - *:VOS:*:*) - # From Paul.Green@stratus.com. - echo hppa1.1-stratus-vos - exit ;; - mc68*:A/UX:*:*) - echo m68k-apple-aux${UNAME_RELEASE} - exit ;; - news*:NEWS-OS:6*:*) - echo mips-sony-newsos6 - exit ;; - R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) - if [ -d /usr/nec ]; then - echo mips-nec-sysv${UNAME_RELEASE} - else - echo mips-unknown-sysv${UNAME_RELEASE} - fi - exit ;; - BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. - echo powerpc-be-beos - exit ;; - BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. - echo powerpc-apple-beos - exit ;; - BePC:BeOS:*:*) # BeOS running on Intel PC compatible. - echo i586-pc-beos - exit ;; - SX-4:SUPER-UX:*:*) - echo sx4-nec-superux${UNAME_RELEASE} - exit ;; - SX-5:SUPER-UX:*:*) - echo sx5-nec-superux${UNAME_RELEASE} - exit ;; - SX-6:SUPER-UX:*:*) - echo sx6-nec-superux${UNAME_RELEASE} - exit ;; - Power*:Rhapsody:*:*) - echo powerpc-apple-rhapsody${UNAME_RELEASE} - exit ;; - *:Rhapsody:*:*) - echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} - exit ;; - *:Darwin:*:*) - UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown - case $UNAME_PROCESSOR in - unknown) UNAME_PROCESSOR=powerpc ;; - esac - echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} - exit ;; - *:procnto*:*:* | *:QNX:[0123456789]*:*) - UNAME_PROCESSOR=`uname -p` - if test "$UNAME_PROCESSOR" = "x86"; then - UNAME_PROCESSOR=i386 - UNAME_MACHINE=pc - fi - echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE} - exit ;; - *:QNX:*:4*) - echo i386-pc-qnx - exit ;; - NSE-?:NONSTOP_KERNEL:*:*) - echo nse-tandem-nsk${UNAME_RELEASE} - exit ;; - NSR-?:NONSTOP_KERNEL:*:*) - echo nsr-tandem-nsk${UNAME_RELEASE} - exit ;; - *:NonStop-UX:*:*) - echo mips-compaq-nonstopux - exit ;; - BS2000:POSIX*:*:*) - echo bs2000-siemens-sysv - exit ;; - DS/*:UNIX_System_V:*:*) - echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE} - exit ;; - *:Plan9:*:*) - # "uname -m" is not consistent, so use $cputype instead. 386 - # is converted to i386 for consistency with other x86 - # operating systems. - if test "$cputype" = "386"; then - UNAME_MACHINE=i386 - else - UNAME_MACHINE="$cputype" - fi - echo ${UNAME_MACHINE}-unknown-plan9 - exit ;; - *:TOPS-10:*:*) - echo pdp10-unknown-tops10 - exit ;; - *:TENEX:*:*) - echo pdp10-unknown-tenex - exit ;; - KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) - echo pdp10-dec-tops20 - exit ;; - XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) - echo pdp10-xkl-tops20 - exit ;; - *:TOPS-20:*:*) - echo pdp10-unknown-tops20 - exit ;; - *:ITS:*:*) - echo pdp10-unknown-its - exit ;; - SEI:*:*:SEIUX) - echo mips-sei-seiux${UNAME_RELEASE} - exit ;; - *:DragonFly:*:*) - echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` - exit ;; - *:*VMS:*:*) - UNAME_MACHINE=`(uname -p) 2>/dev/null` - case "${UNAME_MACHINE}" in - A*) echo alpha-dec-vms ; exit ;; - I*) echo ia64-dec-vms ; exit ;; - V*) echo vax-dec-vms ; exit ;; - esac ;; - *:XENIX:*:SysV) - echo i386-pc-xenix - exit ;; - i*86:skyos:*:*) - echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//' - exit ;; - i*86:rdos:*:*) - echo ${UNAME_MACHINE}-pc-rdos - exit ;; -esac - -#echo '(No uname command or uname output not recognized.)' 1>&2 -#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 - -eval $set_cc_for_build -cat >$dummy.c < -# include -#endif -main () -{ -#if defined (sony) -#if defined (MIPSEB) - /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, - I don't know.... */ - printf ("mips-sony-bsd\n"); exit (0); -#else -#include - printf ("m68k-sony-newsos%s\n", -#ifdef NEWSOS4 - "4" -#else - "" -#endif - ); exit (0); -#endif -#endif - -#if defined (__arm) && defined (__acorn) && defined (__unix) - printf ("arm-acorn-riscix\n"); exit (0); -#endif - -#if defined (hp300) && !defined (hpux) - printf ("m68k-hp-bsd\n"); exit (0); -#endif - -#if defined (NeXT) -#if !defined (__ARCHITECTURE__) -#define __ARCHITECTURE__ "m68k" -#endif - int version; - version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; - if (version < 4) - printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); - else - printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); - exit (0); -#endif - -#if defined (MULTIMAX) || defined (n16) -#if defined (UMAXV) - printf ("ns32k-encore-sysv\n"); exit (0); -#else -#if defined (CMU) - printf ("ns32k-encore-mach\n"); exit (0); -#else - printf ("ns32k-encore-bsd\n"); exit (0); -#endif -#endif -#endif - -#if defined (__386BSD__) - printf ("i386-pc-bsd\n"); exit (0); -#endif - -#if defined (sequent) -#if defined (i386) - printf ("i386-sequent-dynix\n"); exit (0); -#endif -#if defined (ns32000) - printf ("ns32k-sequent-dynix\n"); exit (0); -#endif -#endif - -#if defined (_SEQUENT_) - struct utsname un; - - uname(&un); - - if (strncmp(un.version, "V2", 2) == 0) { - printf ("i386-sequent-ptx2\n"); exit (0); - } - if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ - printf ("i386-sequent-ptx1\n"); exit (0); - } - printf ("i386-sequent-ptx\n"); exit (0); - -#endif - -#if defined (vax) -# if !defined (ultrix) -# include -# if defined (BSD) -# if BSD == 43 - printf ("vax-dec-bsd4.3\n"); exit (0); -# else -# if BSD == 199006 - printf ("vax-dec-bsd4.3reno\n"); exit (0); -# else - printf ("vax-dec-bsd\n"); exit (0); -# endif -# endif -# else - printf ("vax-dec-bsd\n"); exit (0); -# endif -# else - printf ("vax-dec-ultrix\n"); exit (0); -# endif -#endif - -#if defined (alliant) && defined (i860) - printf ("i860-alliant-bsd\n"); exit (0); -#endif - - exit (1); -} -EOF - -$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` && - { echo "$SYSTEM_NAME"; exit; } - -# Apollos put the system type in the environment. - -test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; } - -# Convex versions that predate uname can use getsysinfo(1) - -if [ -x /usr/convex/getsysinfo ] -then - case `getsysinfo -f cpu_type` in - c1*) - echo c1-convex-bsd - exit ;; - c2*) - if getsysinfo -f scalar_acc - then echo c32-convex-bsd - else echo c2-convex-bsd - fi - exit ;; - c34*) - echo c34-convex-bsd - exit ;; - c38*) - echo c38-convex-bsd - exit ;; - c4*) - echo c4-convex-bsd - exit ;; - esac -fi - -cat >&2 < in order to provide the needed -information to handle your system. - -config.guess timestamp = $timestamp - -uname -m = `(uname -m) 2>/dev/null || echo unknown` -uname -r = `(uname -r) 2>/dev/null || echo unknown` -uname -s = `(uname -s) 2>/dev/null || echo unknown` -uname -v = `(uname -v) 2>/dev/null || echo unknown` - -/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null` -/bin/uname -X = `(/bin/uname -X) 2>/dev/null` - -hostinfo = `(hostinfo) 2>/dev/null` -/bin/universe = `(/bin/universe) 2>/dev/null` -/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null` -/bin/arch = `(/bin/arch) 2>/dev/null` -/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null` -/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null` - -UNAME_MACHINE = ${UNAME_MACHINE} -UNAME_RELEASE = ${UNAME_RELEASE} -UNAME_SYSTEM = ${UNAME_SYSTEM} -UNAME_VERSION = ${UNAME_VERSION} -EOF - -exit 1 - -# Local variables: -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "timestamp='" -# time-stamp-format: "%:y-%02m-%02d" -# time-stamp-end: "'" -# End: diff --git a/crypto/heimdal/config.sub b/crypto/heimdal/config.sub deleted file mode 100755 index fab0aa355663..000000000000 --- a/crypto/heimdal/config.sub +++ /dev/null @@ -1,1616 +0,0 @@ -#! /bin/sh -# Configuration validation subroutine script. -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, -# Inc. - -timestamp='2006-09-20' - -# This file is (in principle) common to ALL GNU software. -# The presence of a machine in this file suggests that SOME GNU software -# can handle that machine. It does not imply ALL GNU software can. -# -# This file is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA -# 02110-1301, USA. -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - - -# Please send patches to . Submit a context -# diff and a properly formatted ChangeLog entry. -# -# Configuration subroutine to validate and canonicalize a configuration type. -# Supply the specified configuration type as an argument. -# If it is invalid, we print an error message on stderr and exit with code 1. -# Otherwise, we print the canonical config type on stdout and succeed. - -# This file is supposed to be the same for all GNU packages -# and recognize all the CPU types, system types and aliases -# that are meaningful with *any* GNU software. -# Each package is responsible for reporting which valid configurations -# it does not support. The user should be able to distinguish -# a failure to support a valid configuration from a meaningless -# configuration. - -# The goal of this file is to map all the various variations of a given -# machine specification into a single specification in the form: -# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM -# or in some cases, the newer four-part form: -# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM -# It is wrong to echo any other type of specification. - -me=`echo "$0" | sed -e 's,.*/,,'` - -usage="\ -Usage: $0 [OPTION] CPU-MFR-OPSYS - $0 [OPTION] ALIAS - -Canonicalize a configuration name. - -Operation modes: - -h, --help print this help, then exit - -t, --time-stamp print date of last modification, then exit - -v, --version print version number, then exit - -Report bugs and patches to ." - -version="\ -GNU config.sub ($timestamp) - -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005 -Free Software Foundation, Inc. - -This is free software; see the source for copying conditions. There is NO -warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." - -help=" -Try \`$me --help' for more information." - -# Parse command line -while test $# -gt 0 ; do - case $1 in - --time-stamp | --time* | -t ) - echo "$timestamp" ; exit ;; - --version | -v ) - echo "$version" ; exit ;; - --help | --h* | -h ) - echo "$usage"; exit ;; - -- ) # Stop option processing - shift; break ;; - - ) # Use stdin as input. - break ;; - -* ) - echo "$me: invalid option $1$help" - exit 1 ;; - - *local*) - # First pass through any local machine types. - echo $1 - exit ;; - - * ) - break ;; - esac -done - -case $# in - 0) echo "$me: missing argument$help" >&2 - exit 1;; - 1) ;; - *) echo "$me: too many arguments$help" >&2 - exit 1;; -esac - -# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). -# Here we must recognize all the valid KERNEL-OS combinations. -maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` -case $maybe_os in - nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \ - uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \ - storm-chaos* | os2-emx* | rtmk-nova*) - os=-$maybe_os - basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` - ;; - *) - basic_machine=`echo $1 | sed 's/-[^-]*$//'` - if [ $basic_machine != $1 ] - then os=`echo $1 | sed 's/.*-/-/'` - else os=; fi - ;; -esac - -### Let's recognize common machines as not being operating systems so -### that things like config.sub decstation-3100 work. We also -### recognize some manufacturers as not being operating systems, so we -### can provide default operating systems below. -case $os in - -sun*os*) - # Prevent following clause from handling this invalid input. - ;; - -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \ - -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \ - -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \ - -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ - -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ - -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ - -apple | -axis | -knuth | -cray) - os= - basic_machine=$1 - ;; - -sim | -cisco | -oki | -wec | -winbond) - os= - basic_machine=$1 - ;; - -scout) - ;; - -wrs) - os=-vxworks - basic_machine=$1 - ;; - -chorusos*) - os=-chorusos - basic_machine=$1 - ;; - -chorusrdb) - os=-chorusrdb - basic_machine=$1 - ;; - -hiux*) - os=-hiuxwe2 - ;; - -sco6) - os=-sco5v6 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco5) - os=-sco3.2v5 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco4) - os=-sco3.2v4 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco3.2.[4-9]*) - os=`echo $os | sed -e 's/sco3.2./sco3.2v/'` - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco3.2v[4-9]*) - # Don't forget version if it is 3.2v4 or newer. - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco5v6*) - # Don't forget version if it is 3.2v4 or newer. - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco*) - os=-sco3.2v2 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -udk*) - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -isc) - os=-isc2.2 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -clix*) - basic_machine=clipper-intergraph - ;; - -isc*) - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -lynx*) - os=-lynxos - ;; - -ptx*) - basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'` - ;; - -windowsnt*) - os=`echo $os | sed -e 's/windowsnt/winnt/'` - ;; - -psos*) - os=-psos - ;; - -mint | -mint[0-9]*) - basic_machine=m68k-atari - os=-mint - ;; -esac - -# Decode aliases for certain CPU-COMPANY combinations. -case $basic_machine in - # Recognize the basic CPU types without company name. - # Some are omitted here because they have special meanings below. - 1750a | 580 \ - | a29k \ - | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ - | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ - | am33_2.0 \ - | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \ - | bfin \ - | c4x | clipper \ - | d10v | d30v | dlx | dsp16xx \ - | fr30 | frv \ - | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ - | i370 | i860 | i960 | ia64 \ - | ip2k | iq2000 \ - | m32c | m32r | m32rle | m68000 | m68k | m88k \ - | maxq | mb | microblaze | mcore \ - | mips | mipsbe | mipseb | mipsel | mipsle \ - | mips16 \ - | mips64 | mips64el \ - | mips64vr | mips64vrel \ - | mips64orion | mips64orionel \ - | mips64vr4100 | mips64vr4100el \ - | mips64vr4300 | mips64vr4300el \ - | mips64vr5000 | mips64vr5000el \ - | mips64vr5900 | mips64vr5900el \ - | mipsisa32 | mipsisa32el \ - | mipsisa32r2 | mipsisa32r2el \ - | mipsisa64 | mipsisa64el \ - | mipsisa64r2 | mipsisa64r2el \ - | mipsisa64sb1 | mipsisa64sb1el \ - | mipsisa64sr71k | mipsisa64sr71kel \ - | mipstx39 | mipstx39el \ - | mn10200 | mn10300 \ - | mt \ - | msp430 \ - | nios | nios2 \ - | ns16k | ns32k \ - | or32 \ - | pdp10 | pdp11 | pj | pjl \ - | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ - | pyramid \ - | score \ - | sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ - | sh64 | sh64le \ - | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \ - | sparcv8 | sparcv9 | sparcv9b | sparcv9v \ - | spu | strongarm \ - | tahoe | thumb | tic4x | tic80 | tron \ - | v850 | v850e \ - | we32k \ - | x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \ - | z8k) - basic_machine=$basic_machine-unknown - ;; - m6811 | m68hc11 | m6812 | m68hc12) - # Motorola 68HC11/12. - basic_machine=$basic_machine-unknown - os=-none - ;; - m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k) - ;; - ms1) - basic_machine=mt-unknown - ;; - - # We use `pc' rather than `unknown' - # because (1) that's what they normally are, and - # (2) the word "unknown" tends to confuse beginning users. - i*86 | x86_64) - basic_machine=$basic_machine-pc - ;; - # Object if more than one company name word. - *-*-*) - echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 - exit 1 - ;; - # Recognize the basic CPU types with company name. - 580-* \ - | a29k-* \ - | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ - | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ - | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ - | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ - | avr-* | avr32-* \ - | bfin-* | bs2000-* \ - | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \ - | clipper-* | craynv-* | cydra-* \ - | d10v-* | d30v-* | dlx-* \ - | elxsi-* \ - | f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \ - | h8300-* | h8500-* \ - | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ - | i*86-* | i860-* | i960-* | ia64-* \ - | ip2k-* | iq2000-* \ - | m32c-* | m32r-* | m32rle-* \ - | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ - | m88110-* | m88k-* | maxq-* | mcore-* \ - | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ - | mips16-* \ - | mips64-* | mips64el-* \ - | mips64vr-* | mips64vrel-* \ - | mips64orion-* | mips64orionel-* \ - | mips64vr4100-* | mips64vr4100el-* \ - | mips64vr4300-* | mips64vr4300el-* \ - | mips64vr5000-* | mips64vr5000el-* \ - | mips64vr5900-* | mips64vr5900el-* \ - | mipsisa32-* | mipsisa32el-* \ - | mipsisa32r2-* | mipsisa32r2el-* \ - | mipsisa64-* | mipsisa64el-* \ - | mipsisa64r2-* | mipsisa64r2el-* \ - | mipsisa64sb1-* | mipsisa64sb1el-* \ - | mipsisa64sr71k-* | mipsisa64sr71kel-* \ - | mipstx39-* | mipstx39el-* \ - | mmix-* \ - | mt-* \ - | msp430-* \ - | nios-* | nios2-* \ - | none-* | np1-* | ns16k-* | ns32k-* \ - | orion-* \ - | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ - | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ - | pyramid-* \ - | romp-* | rs6000-* \ - | sh-* | sh[1234]-* | sh[24]a-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ - | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ - | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ - | sparclite-* \ - | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \ - | tahoe-* | thumb-* \ - | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ - | tron-* \ - | v850-* | v850e-* | vax-* \ - | we32k-* \ - | x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \ - | xstormy16-* | xtensa-* \ - | ymp-* \ - | z8k-*) - ;; - # Recognize the various machine names and aliases which stand - # for a CPU type and a company and sometimes even an OS. - 386bsd) - basic_machine=i386-unknown - os=-bsd - ;; - 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) - basic_machine=m68000-att - ;; - 3b*) - basic_machine=we32k-att - ;; - a29khif) - basic_machine=a29k-amd - os=-udi - ;; - abacus) - basic_machine=abacus-unknown - ;; - adobe68k) - basic_machine=m68010-adobe - os=-scout - ;; - alliant | fx80) - basic_machine=fx80-alliant - ;; - altos | altos3068) - basic_machine=m68k-altos - ;; - am29k) - basic_machine=a29k-none - os=-bsd - ;; - amd64) - basic_machine=x86_64-pc - ;; - amd64-*) - basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - amdahl) - basic_machine=580-amdahl - os=-sysv - ;; - amiga | amiga-*) - basic_machine=m68k-unknown - ;; - amigaos | amigados) - basic_machine=m68k-unknown - os=-amigaos - ;; - amigaunix | amix) - basic_machine=m68k-unknown - os=-sysv4 - ;; - apollo68) - basic_machine=m68k-apollo - os=-sysv - ;; - apollo68bsd) - basic_machine=m68k-apollo - os=-bsd - ;; - aux) - basic_machine=m68k-apple - os=-aux - ;; - balance) - basic_machine=ns32k-sequent - os=-dynix - ;; - c90) - basic_machine=c90-cray - os=-unicos - ;; - convex-c1) - basic_machine=c1-convex - os=-bsd - ;; - convex-c2) - basic_machine=c2-convex - os=-bsd - ;; - convex-c32) - basic_machine=c32-convex - os=-bsd - ;; - convex-c34) - basic_machine=c34-convex - os=-bsd - ;; - convex-c38) - basic_machine=c38-convex - os=-bsd - ;; - cray | j90) - basic_machine=j90-cray - os=-unicos - ;; - craynv) - basic_machine=craynv-cray - os=-unicosmp - ;; - cr16c) - basic_machine=cr16c-unknown - os=-elf - ;; - crds | unos) - basic_machine=m68k-crds - ;; - crisv32 | crisv32-* | etraxfs*) - basic_machine=crisv32-axis - ;; - cris | cris-* | etrax*) - basic_machine=cris-axis - ;; - crx) - basic_machine=crx-unknown - os=-elf - ;; - da30 | da30-*) - basic_machine=m68k-da30 - ;; - decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) - basic_machine=mips-dec - ;; - decsystem10* | dec10*) - basic_machine=pdp10-dec - os=-tops10 - ;; - decsystem20* | dec20*) - basic_machine=pdp10-dec - os=-tops20 - ;; - delta | 3300 | motorola-3300 | motorola-delta \ - | 3300-motorola | delta-motorola) - basic_machine=m68k-motorola - ;; - delta88) - basic_machine=m88k-motorola - os=-sysv3 - ;; - djgpp) - basic_machine=i586-pc - os=-msdosdjgpp - ;; - dpx20 | dpx20-*) - basic_machine=rs6000-bull - os=-bosx - ;; - dpx2* | dpx2*-bull) - basic_machine=m68k-bull - os=-sysv3 - ;; - ebmon29k) - basic_machine=a29k-amd - os=-ebmon - ;; - elxsi) - basic_machine=elxsi-elxsi - os=-bsd - ;; - encore | umax | mmax) - basic_machine=ns32k-encore - ;; - es1800 | OSE68k | ose68k | ose | OSE) - basic_machine=m68k-ericsson - os=-ose - ;; - fx2800) - basic_machine=i860-alliant - ;; - genix) - basic_machine=ns32k-ns - ;; - gmicro) - basic_machine=tron-gmicro - os=-sysv - ;; - go32) - basic_machine=i386-pc - os=-go32 - ;; - h3050r* | hiux*) - basic_machine=hppa1.1-hitachi - os=-hiuxwe2 - ;; - h8300hms) - basic_machine=h8300-hitachi - os=-hms - ;; - h8300xray) - basic_machine=h8300-hitachi - os=-xray - ;; - h8500hms) - basic_machine=h8500-hitachi - os=-hms - ;; - harris) - basic_machine=m88k-harris - os=-sysv3 - ;; - hp300-*) - basic_machine=m68k-hp - ;; - hp300bsd) - basic_machine=m68k-hp - os=-bsd - ;; - hp300hpux) - basic_machine=m68k-hp - os=-hpux - ;; - hp3k9[0-9][0-9] | hp9[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hp9k2[0-9][0-9] | hp9k31[0-9]) - basic_machine=m68000-hp - ;; - hp9k3[2-9][0-9]) - basic_machine=m68k-hp - ;; - hp9k6[0-9][0-9] | hp6[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hp9k7[0-79][0-9] | hp7[0-79][0-9]) - basic_machine=hppa1.1-hp - ;; - hp9k78[0-9] | hp78[0-9]) - # FIXME: really hppa2.0-hp - basic_machine=hppa1.1-hp - ;; - hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) - # FIXME: really hppa2.0-hp - basic_machine=hppa1.1-hp - ;; - hp9k8[0-9][13679] | hp8[0-9][13679]) - basic_machine=hppa1.1-hp - ;; - hp9k8[0-9][0-9] | hp8[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hppa-next) - os=-nextstep3 - ;; - hppaosf) - basic_machine=hppa1.1-hp - os=-osf - ;; - hppro) - basic_machine=hppa1.1-hp - os=-proelf - ;; - i370-ibm* | ibm*) - basic_machine=i370-ibm - ;; -# I'm not sure what "Sysv32" means. Should this be sysv3.2? - i*86v32) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-sysv32 - ;; - i*86v4*) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-sysv4 - ;; - i*86v) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-sysv - ;; - i*86sol2) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-solaris2 - ;; - i386mach) - basic_machine=i386-mach - os=-mach - ;; - i386-vsta | vsta) - basic_machine=i386-unknown - os=-vsta - ;; - iris | iris4d) - basic_machine=mips-sgi - case $os in - -irix*) - ;; - *) - os=-irix4 - ;; - esac - ;; - isi68 | isi) - basic_machine=m68k-isi - os=-sysv - ;; - m88k-omron*) - basic_machine=m88k-omron - ;; - magnum | m3230) - basic_machine=mips-mips - os=-sysv - ;; - merlin) - basic_machine=ns32k-utek - os=-sysv - ;; - mingw32) - basic_machine=i386-pc - os=-mingw32 - ;; - miniframe) - basic_machine=m68000-convergent - ;; - *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) - basic_machine=m68k-atari - os=-mint - ;; - mips3*-*) - basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'` - ;; - mips3*) - basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown - ;; - monitor) - basic_machine=m68k-rom68k - os=-coff - ;; - morphos) - basic_machine=powerpc-unknown - os=-morphos - ;; - msdos) - basic_machine=i386-pc - os=-msdos - ;; - ms1-*) - basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` - ;; - mvs) - basic_machine=i370-ibm - os=-mvs - ;; - ncr3000) - basic_machine=i486-ncr - os=-sysv4 - ;; - netbsd386) - basic_machine=i386-unknown - os=-netbsd - ;; - netwinder) - basic_machine=armv4l-rebel - os=-linux - ;; - news | news700 | news800 | news900) - basic_machine=m68k-sony - os=-newsos - ;; - news1000) - basic_machine=m68030-sony - os=-newsos - ;; - news-3600 | risc-news) - basic_machine=mips-sony - os=-newsos - ;; - necv70) - basic_machine=v70-nec - os=-sysv - ;; - next | m*-next ) - basic_machine=m68k-next - case $os in - -nextstep* ) - ;; - -ns2*) - os=-nextstep2 - ;; - *) - os=-nextstep3 - ;; - esac - ;; - nh3000) - basic_machine=m68k-harris - os=-cxux - ;; - nh[45]000) - basic_machine=m88k-harris - os=-cxux - ;; - nindy960) - basic_machine=i960-intel - os=-nindy - ;; - mon960) - basic_machine=i960-intel - os=-mon960 - ;; - nonstopux) - basic_machine=mips-compaq - os=-nonstopux - ;; - np1) - basic_machine=np1-gould - ;; - nsr-tandem) - basic_machine=nsr-tandem - ;; - op50n-* | op60c-*) - basic_machine=hppa1.1-oki - os=-proelf - ;; - openrisc | openrisc-*) - basic_machine=or32-unknown - ;; - os400) - basic_machine=powerpc-ibm - os=-os400 - ;; - OSE68000 | ose68000) - basic_machine=m68000-ericsson - os=-ose - ;; - os68k) - basic_machine=m68k-none - os=-os68k - ;; - pa-hitachi) - basic_machine=hppa1.1-hitachi - os=-hiuxwe2 - ;; - paragon) - basic_machine=i860-intel - os=-osf - ;; - pbd) - basic_machine=sparc-tti - ;; - pbb) - basic_machine=m68k-tti - ;; - pc532 | pc532-*) - basic_machine=ns32k-pc532 - ;; - pc98) - basic_machine=i386-pc - ;; - pc98-*) - basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentium | p5 | k5 | k6 | nexgen | viac3) - basic_machine=i586-pc - ;; - pentiumpro | p6 | 6x86 | athlon | athlon_*) - basic_machine=i686-pc - ;; - pentiumii | pentium2 | pentiumiii | pentium3) - basic_machine=i686-pc - ;; - pentium4) - basic_machine=i786-pc - ;; - pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) - basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentiumpro-* | p6-* | 6x86-* | athlon-*) - basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) - basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentium4-*) - basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pn) - basic_machine=pn-gould - ;; - power) basic_machine=power-ibm - ;; - ppc) basic_machine=powerpc-unknown - ;; - ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ppcle | powerpclittle | ppc-le | powerpc-little) - basic_machine=powerpcle-unknown - ;; - ppcle-* | powerpclittle-*) - basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ppc64) basic_machine=powerpc64-unknown - ;; - ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ppc64le | powerpc64little | ppc64-le | powerpc64-little) - basic_machine=powerpc64le-unknown - ;; - ppc64le-* | powerpc64little-*) - basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ps2) - basic_machine=i386-ibm - ;; - pw32) - basic_machine=i586-unknown - os=-pw32 - ;; - rdos) - basic_machine=i386-pc - os=-rdos - ;; - rom68k) - basic_machine=m68k-rom68k - os=-coff - ;; - rm[46]00) - basic_machine=mips-siemens - ;; - rtpc | rtpc-*) - basic_machine=romp-ibm - ;; - s390 | s390-*) - basic_machine=s390-ibm - ;; - s390x | s390x-*) - basic_machine=s390x-ibm - ;; - sa29200) - basic_machine=a29k-amd - os=-udi - ;; - sb1) - basic_machine=mipsisa64sb1-unknown - ;; - sb1el) - basic_machine=mipsisa64sb1el-unknown - ;; - sde) - basic_machine=mipsisa32-sde - os=-elf - ;; - sei) - basic_machine=mips-sei - os=-seiux - ;; - sequent) - basic_machine=i386-sequent - ;; - sh) - basic_machine=sh-hitachi - os=-hms - ;; - sh64) - basic_machine=sh64-unknown - ;; - sparclite-wrs | simso-wrs) - basic_machine=sparclite-wrs - os=-vxworks - ;; - sps7) - basic_machine=m68k-bull - os=-sysv2 - ;; - spur) - basic_machine=spur-unknown - ;; - st2000) - basic_machine=m68k-tandem - ;; - stratus) - basic_machine=i860-stratus - os=-sysv4 - ;; - sun2) - basic_machine=m68000-sun - ;; - sun2os3) - basic_machine=m68000-sun - os=-sunos3 - ;; - sun2os4) - basic_machine=m68000-sun - os=-sunos4 - ;; - sun3os3) - basic_machine=m68k-sun - os=-sunos3 - ;; - sun3os4) - basic_machine=m68k-sun - os=-sunos4 - ;; - sun4os3) - basic_machine=sparc-sun - os=-sunos3 - ;; - sun4os4) - basic_machine=sparc-sun - os=-sunos4 - ;; - sun4sol2) - basic_machine=sparc-sun - os=-solaris2 - ;; - sun3 | sun3-*) - basic_machine=m68k-sun - ;; - sun4) - basic_machine=sparc-sun - ;; - sun386 | sun386i | roadrunner) - basic_machine=i386-sun - ;; - sv1) - basic_machine=sv1-cray - os=-unicos - ;; - symmetry) - basic_machine=i386-sequent - os=-dynix - ;; - t3e) - basic_machine=alphaev5-cray - os=-unicos - ;; - t90) - basic_machine=t90-cray - os=-unicos - ;; - tic54x | c54x*) - basic_machine=tic54x-unknown - os=-coff - ;; - tic55x | c55x*) - basic_machine=tic55x-unknown - os=-coff - ;; - tic6x | c6x*) - basic_machine=tic6x-unknown - os=-coff - ;; - tx39) - basic_machine=mipstx39-unknown - ;; - tx39el) - basic_machine=mipstx39el-unknown - ;; - toad1) - basic_machine=pdp10-xkl - os=-tops20 - ;; - tower | tower-32) - basic_machine=m68k-ncr - ;; - tpf) - basic_machine=s390x-ibm - os=-tpf - ;; - udi29k) - basic_machine=a29k-amd - os=-udi - ;; - ultra3) - basic_machine=a29k-nyu - os=-sym1 - ;; - v810 | necv810) - basic_machine=v810-nec - os=-none - ;; - vaxv) - basic_machine=vax-dec - os=-sysv - ;; - vms) - basic_machine=vax-dec - os=-vms - ;; - vpp*|vx|vx-*) - basic_machine=f301-fujitsu - ;; - vxworks960) - basic_machine=i960-wrs - os=-vxworks - ;; - vxworks68) - basic_machine=m68k-wrs - os=-vxworks - ;; - vxworks29k) - basic_machine=a29k-wrs - os=-vxworks - ;; - w65*) - basic_machine=w65-wdc - os=-none - ;; - w89k-*) - basic_machine=hppa1.1-winbond - os=-proelf - ;; - xbox) - basic_machine=i686-pc - os=-mingw32 - ;; - xps | xps100) - basic_machine=xps100-honeywell - ;; - ymp) - basic_machine=ymp-cray - os=-unicos - ;; - z8k-*-coff) - basic_machine=z8k-unknown - os=-sim - ;; - none) - basic_machine=none-none - os=-none - ;; - -# Here we handle the default manufacturer of certain CPU types. It is in -# some cases the only manufacturer, in others, it is the most popular. - w89k) - basic_machine=hppa1.1-winbond - ;; - op50n) - basic_machine=hppa1.1-oki - ;; - op60c) - basic_machine=hppa1.1-oki - ;; - romp) - basic_machine=romp-ibm - ;; - mmix) - basic_machine=mmix-knuth - ;; - rs6000) - basic_machine=rs6000-ibm - ;; - vax) - basic_machine=vax-dec - ;; - pdp10) - # there are many clones, so DEC is not a safe bet - basic_machine=pdp10-unknown - ;; - pdp11) - basic_machine=pdp11-dec - ;; - we32k) - basic_machine=we32k-att - ;; - sh[1234] | sh[24]a | sh[34]eb | sh[1234]le | sh[23]ele) - basic_machine=sh-unknown - ;; - sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v) - basic_machine=sparc-sun - ;; - cydra) - basic_machine=cydra-cydrome - ;; - orion) - basic_machine=orion-highlevel - ;; - orion105) - basic_machine=clipper-highlevel - ;; - mac | mpw | mac-mpw) - basic_machine=m68k-apple - ;; - pmac | pmac-mpw) - basic_machine=powerpc-apple - ;; - *-unknown) - # Make sure to match an already-canonicalized machine name. - ;; - *) - echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 - exit 1 - ;; -esac - -# Here we canonicalize certain aliases for manufacturers. -case $basic_machine in - *-digital*) - basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'` - ;; - *-commodore*) - basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'` - ;; - *) - ;; -esac - -# Decode manufacturer-specific aliases for certain operating systems. - -if [ x"$os" != x"" ] -then -case $os in - # First match some system type aliases - # that might get confused with valid system types. - # -solaris* is a basic system type, with this one exception. - -solaris1 | -solaris1.*) - os=`echo $os | sed -e 's|solaris1|sunos4|'` - ;; - -solaris) - os=-solaris2 - ;; - -svr4*) - os=-sysv4 - ;; - -unixware*) - os=-sysv4.2uw - ;; - -gnu/linux*) - os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'` - ;; - # First accept the basic system types. - # The portable systems comes first. - # Each alternative MUST END IN A *, to match a version number. - # -sysv* is not here because it comes later, after sysvr4. - -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ - | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\ - | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \ - | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ - | -aos* \ - | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ - | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ - | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \ - | -openbsd* | -solidbsd* \ - | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ - | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ - | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ - | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ - | -chorusos* | -chorusrdb* \ - | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ - | -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \ - | -uxpv* | -beos* | -mpeix* | -udk* \ - | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ - | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ - | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ - | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ - | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ - | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ - | -skyos* | -haiku* | -rdos* | -toppers*) - # Remember, each alternative MUST END IN *, to match a version number. - ;; - -qnx*) - case $basic_machine in - x86-* | i*86-*) - ;; - *) - os=-nto$os - ;; - esac - ;; - -nto-qnx*) - ;; - -nto*) - os=`echo $os | sed -e 's|nto|nto-qnx|'` - ;; - -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ - | -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \ - | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*) - ;; - -mac*) - os=`echo $os | sed -e 's|mac|macos|'` - ;; - -linux-dietlibc) - os=-linux-dietlibc - ;; - -linux*) - os=`echo $os | sed -e 's|linux|linux-gnu|'` - ;; - -sunos5*) - os=`echo $os | sed -e 's|sunos5|solaris2|'` - ;; - -sunos6*) - os=`echo $os | sed -e 's|sunos6|solaris3|'` - ;; - -opened*) - os=-openedition - ;; - -os400*) - os=-os400 - ;; - -wince*) - os=-wince - ;; - -osfrose*) - os=-osfrose - ;; - -osf*) - os=-osf - ;; - -utek*) - os=-bsd - ;; - -dynix*) - os=-bsd - ;; - -acis*) - os=-aos - ;; - -atheos*) - os=-atheos - ;; - -syllable*) - os=-syllable - ;; - -386bsd) - os=-bsd - ;; - -ctix* | -uts*) - os=-sysv - ;; - -nova*) - os=-rtmk-nova - ;; - -ns2 ) - os=-nextstep2 - ;; - -nsk*) - os=-nsk - ;; - # Preserve the version number of sinix5. - -sinix5.*) - os=`echo $os | sed -e 's|sinix|sysv|'` - ;; - -sinix*) - os=-sysv4 - ;; - -tpf*) - os=-tpf - ;; - -triton*) - os=-sysv3 - ;; - -oss*) - os=-sysv3 - ;; - -svr4) - os=-sysv4 - ;; - -svr3) - os=-sysv3 - ;; - -sysvr4) - os=-sysv4 - ;; - # This must come after -sysvr4. - -sysv*) - ;; - -ose*) - os=-ose - ;; - -es1800*) - os=-ose - ;; - -xenix) - os=-xenix - ;; - -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) - os=-mint - ;; - -aros*) - os=-aros - ;; - -kaos*) - os=-kaos - ;; - -zvmoe) - os=-zvmoe - ;; - -none) - ;; - *) - # Get rid of the `-' at the beginning of $os. - os=`echo $os | sed 's/[^-]*-//'` - echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2 - exit 1 - ;; -esac -else - -# Here we handle the default operating systems that come with various machines. -# The value should be what the vendor currently ships out the door with their -# machine or put another way, the most popular os provided with the machine. - -# Note that if you're going to try to match "-MANUFACTURER" here (say, -# "-sun"), then you have to tell the case statement up towards the top -# that MANUFACTURER isn't an operating system. Otherwise, code above -# will signal an error saying that MANUFACTURER isn't an operating -# system, and we'll never get to this point. - -case $basic_machine in - score-*) - os=-elf - ;; - spu-*) - os=-elf - ;; - *-acorn) - os=-riscix1.2 - ;; - arm*-rebel) - os=-linux - ;; - arm*-semi) - os=-aout - ;; - c4x-* | tic4x-*) - os=-coff - ;; - # This must come before the *-dec entry. - pdp10-*) - os=-tops20 - ;; - pdp11-*) - os=-none - ;; - *-dec | vax-*) - os=-ultrix4.2 - ;; - m68*-apollo) - os=-domain - ;; - i386-sun) - os=-sunos4.0.2 - ;; - m68000-sun) - os=-sunos3 - # This also exists in the configure program, but was not the - # default. - # os=-sunos4 - ;; - m68*-cisco) - os=-aout - ;; - mips*-cisco) - os=-elf - ;; - mips*-*) - os=-elf - ;; - or32-*) - os=-coff - ;; - *-tti) # must be before sparc entry or we get the wrong os. - os=-sysv3 - ;; - sparc-* | *-sun) - os=-sunos4.1.1 - ;; - *-be) - os=-beos - ;; - *-haiku) - os=-haiku - ;; - *-ibm) - os=-aix - ;; - *-knuth) - os=-mmixware - ;; - *-wec) - os=-proelf - ;; - *-winbond) - os=-proelf - ;; - *-oki) - os=-proelf - ;; - *-hp) - os=-hpux - ;; - *-hitachi) - os=-hiux - ;; - i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) - os=-sysv - ;; - *-cbm) - os=-amigaos - ;; - *-dg) - os=-dgux - ;; - *-dolphin) - os=-sysv3 - ;; - m68k-ccur) - os=-rtu - ;; - m88k-omron*) - os=-luna - ;; - *-next ) - os=-nextstep - ;; - *-sequent) - os=-ptx - ;; - *-crds) - os=-unos - ;; - *-ns) - os=-genix - ;; - i370-*) - os=-mvs - ;; - *-next) - os=-nextstep3 - ;; - *-gould) - os=-sysv - ;; - *-highlevel) - os=-bsd - ;; - *-encore) - os=-bsd - ;; - *-sgi) - os=-irix - ;; - *-siemens) - os=-sysv4 - ;; - *-masscomp) - os=-rtu - ;; - f30[01]-fujitsu | f700-fujitsu) - os=-uxpv - ;; - *-rom68k) - os=-coff - ;; - *-*bug) - os=-coff - ;; - *-apple) - os=-macos - ;; - *-atari*) - os=-mint - ;; - *) - os=-none - ;; -esac -fi - -# Here we handle the case where we know the os, and the CPU type, but not the -# manufacturer. We pick the logical manufacturer. -vendor=unknown -case $basic_machine in - *-unknown) - case $os in - -riscix*) - vendor=acorn - ;; - -sunos*) - vendor=sun - ;; - -aix*) - vendor=ibm - ;; - -beos*) - vendor=be - ;; - -hpux*) - vendor=hp - ;; - -mpeix*) - vendor=hp - ;; - -hiux*) - vendor=hitachi - ;; - -unos*) - vendor=crds - ;; - -dgux*) - vendor=dg - ;; - -luna*) - vendor=omron - ;; - -genix*) - vendor=ns - ;; - -mvs* | -opened*) - vendor=ibm - ;; - -os400*) - vendor=ibm - ;; - -ptx*) - vendor=sequent - ;; - -tpf*) - vendor=ibm - ;; - -vxsim* | -vxworks* | -windiss*) - vendor=wrs - ;; - -aux*) - vendor=apple - ;; - -hms*) - vendor=hitachi - ;; - -mpw* | -macos*) - vendor=apple - ;; - -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) - vendor=atari - ;; - -vos*) - vendor=stratus - ;; - esac - basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"` - ;; -esac - -echo $basic_machine$os -exit - -# Local variables: -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "timestamp='" -# time-stamp-format: "%:y-%02m-%02d" -# time-stamp-end: "'" -# End: diff --git a/crypto/heimdal/configure b/crypto/heimdal/configure deleted file mode 100755 index e905a3519728..000000000000 --- a/crypto/heimdal/configure +++ /dev/null @@ -1,54327 +0,0 @@ -#! /bin/sh -# From configure.in Revision: 22513 . -# Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.61 for Heimdal 1.1. -# -# Report bugs to . -# -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, -# 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This configure script is free software; the Free Software Foundation -# gives unlimited permission to copy, distribute and modify it. -## --------------------- ## -## M4sh Initialization. ## -## --------------------- ## - -# Be more Bourne compatible -DUALCASE=1; export DUALCASE # for MKS sh -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then - emulate sh - NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which - # is contrary to our usage. Disable this feature. - alias -g '${1+"$@"}'='"$@"' - setopt NO_GLOB_SUBST -else - case `(set -o) 2>/dev/null` in - *posix*) set -o posix ;; -esac - -fi - - - - -# PATH needs CR -# Avoid depending upon Character Ranges. -as_cr_letters='abcdefghijklmnopqrstuvwxyz' -as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' -as_cr_Letters=$as_cr_letters$as_cr_LETTERS -as_cr_digits='0123456789' -as_cr_alnum=$as_cr_Letters$as_cr_digits - -# The user is always right. -if test "${PATH_SEPARATOR+set}" != set; then - echo "#! /bin/sh" >conf$$.sh - echo "exit 0" >>conf$$.sh - chmod +x conf$$.sh - if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then - PATH_SEPARATOR=';' - else - PATH_SEPARATOR=: - fi - rm -f conf$$.sh -fi - -# Support unset when possible. -if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then - as_unset=unset -else - as_unset=false -fi - - -# IFS -# We need space, tab and new line, in precisely that order. Quoting is -# there to prevent editors from complaining about space-tab. -# (If _AS_PATH_WALK were called with IFS unset, it would disable word -# splitting by setting IFS to empty value.) -as_nl=' -' -IFS=" "" $as_nl" - -# Find who we are. Look in the path if we contain no directory separator. -case $0 in - *[\\/]* ) as_myself=$0 ;; - *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break -done -IFS=$as_save_IFS - - ;; -esac -# We did not find ourselves, most probably we were run as `sh COMMAND' -# in which case we are not to be found in the path. -if test "x$as_myself" = x; then - as_myself=$0 -fi -if test ! -f "$as_myself"; then - echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 - { (exit 1); exit 1; } -fi - -# Work around bugs in pre-3.0 UWIN ksh. -for as_var in ENV MAIL MAILPATH -do ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var -done -PS1='$ ' -PS2='> ' -PS4='+ ' - -# NLS nuisances. -for as_var in \ - LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \ - LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \ - LC_TELEPHONE LC_TIME -do - if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then - eval $as_var=C; export $as_var - else - ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var - fi -done - -# Required to use basename. -if expr a : '\(a\)' >/dev/null 2>&1 && - test "X`expr 00001 : '.*\(...\)'`" = X001; then - as_expr=expr -else - as_expr=false -fi - -if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then - as_basename=basename -else - as_basename=false -fi - - -# Name of the executable. -as_me=`$as_basename -- "$0" || -$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ - X"$0" : 'X\(//\)$' \| \ - X"$0" : 'X\(/\)' \| . 2>/dev/null || -echo X/"$0" | - sed '/^.*\/\([^/][^/]*\)\/*$/{ - s//\1/ - q - } - /^X\/\(\/\/\)$/{ - s//\1/ - q - } - /^X\/\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - -# CDPATH. -$as_unset CDPATH - - -if test "x$CONFIG_SHELL" = x; then - if (eval ":") 2>/dev/null; then - as_have_required=yes -else - as_have_required=no -fi - - if test $as_have_required = yes && (eval ": -(as_func_return () { - (exit \$1) -} -as_func_success () { - as_func_return 0 -} -as_func_failure () { - as_func_return 1 -} -as_func_ret_success () { - return 0 -} -as_func_ret_failure () { - return 1 -} - -exitcode=0 -if as_func_success; then - : -else - exitcode=1 - echo as_func_success failed. -fi - -if as_func_failure; then - exitcode=1 - echo as_func_failure succeeded. -fi - -if as_func_ret_success; then - : -else - exitcode=1 - echo as_func_ret_success failed. -fi - -if as_func_ret_failure; then - exitcode=1 - echo as_func_ret_failure succeeded. -fi - -if ( set x; as_func_ret_success y && test x = \"\$1\" ); then - : -else - exitcode=1 - echo positional parameters were not saved. -fi - -test \$exitcode = 0) || { (exit 1); exit 1; } - -( - as_lineno_1=\$LINENO - as_lineno_2=\$LINENO - test \"x\$as_lineno_1\" != \"x\$as_lineno_2\" && - test \"x\`expr \$as_lineno_1 + 1\`\" = \"x\$as_lineno_2\") || { (exit 1); exit 1; } -") 2> /dev/null; then - : -else - as_candidate_shells= - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - case $as_dir in - /*) - for as_base in sh bash ksh sh5; do - as_candidate_shells="$as_candidate_shells $as_dir/$as_base" - done;; - esac -done -IFS=$as_save_IFS - - - for as_shell in $as_candidate_shells $SHELL; do - # Try only shells that exist, to save several forks. - if { test -f "$as_shell" || test -f "$as_shell.exe"; } && - { ("$as_shell") 2> /dev/null <<\_ASEOF -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then - emulate sh - NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which - # is contrary to our usage. Disable this feature. - alias -g '${1+"$@"}'='"$@"' - setopt NO_GLOB_SUBST -else - case `(set -o) 2>/dev/null` in - *posix*) set -o posix ;; -esac - -fi - - -: -_ASEOF -}; then - CONFIG_SHELL=$as_shell - as_have_required=yes - if { "$as_shell" 2> /dev/null <<\_ASEOF -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then - emulate sh - NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which - # is contrary to our usage. Disable this feature. - alias -g '${1+"$@"}'='"$@"' - setopt NO_GLOB_SUBST -else - case `(set -o) 2>/dev/null` in - *posix*) set -o posix ;; -esac - -fi - - -: -(as_func_return () { - (exit $1) -} -as_func_success () { - as_func_return 0 -} -as_func_failure () { - as_func_return 1 -} -as_func_ret_success () { - return 0 -} -as_func_ret_failure () { - return 1 -} - -exitcode=0 -if as_func_success; then - : -else - exitcode=1 - echo as_func_success failed. -fi - -if as_func_failure; then - exitcode=1 - echo as_func_failure succeeded. -fi - -if as_func_ret_success; then - : -else - exitcode=1 - echo as_func_ret_success failed. -fi - -if as_func_ret_failure; then - exitcode=1 - echo as_func_ret_failure succeeded. -fi - -if ( set x; as_func_ret_success y && test x = "$1" ); then - : -else - exitcode=1 - echo positional parameters were not saved. -fi - -test $exitcode = 0) || { (exit 1); exit 1; } - -( - as_lineno_1=$LINENO - as_lineno_2=$LINENO - test "x$as_lineno_1" != "x$as_lineno_2" && - test "x`expr $as_lineno_1 + 1`" = "x$as_lineno_2") || { (exit 1); exit 1; } - -_ASEOF -}; then - break -fi - -fi - - done - - if test "x$CONFIG_SHELL" != x; then - for as_var in BASH_ENV ENV - do ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var - done - export CONFIG_SHELL - exec "$CONFIG_SHELL" "$as_myself" ${1+"$@"} -fi - - - if test $as_have_required = no; then - echo This script requires a shell more modern than all the - echo shells that I found on your system. Please install a - echo modern shell, or manually run the script under such a - echo shell if you do have one. - { (exit 1); exit 1; } -fi - - -fi - -fi - - - -(eval "as_func_return () { - (exit \$1) -} -as_func_success () { - as_func_return 0 -} -as_func_failure () { - as_func_return 1 -} -as_func_ret_success () { - return 0 -} -as_func_ret_failure () { - return 1 -} - -exitcode=0 -if as_func_success; then - : -else - exitcode=1 - echo as_func_success failed. -fi - -if as_func_failure; then - exitcode=1 - echo as_func_failure succeeded. -fi - -if as_func_ret_success; then - : -else - exitcode=1 - echo as_func_ret_success failed. -fi - -if as_func_ret_failure; then - exitcode=1 - echo as_func_ret_failure succeeded. -fi - -if ( set x; as_func_ret_success y && test x = \"\$1\" ); then - : -else - exitcode=1 - echo positional parameters were not saved. -fi - -test \$exitcode = 0") || { - echo No shell found that supports shell functions. - echo Please tell autoconf@gnu.org about your system, - echo including any error possibly output before this - echo message -} - - - - as_lineno_1=$LINENO - as_lineno_2=$LINENO - test "x$as_lineno_1" != "x$as_lineno_2" && - test "x`expr $as_lineno_1 + 1`" = "x$as_lineno_2" || { - - # Create $as_me.lineno as a copy of $as_myself, but with $LINENO - # uniformly replaced by the line number. The first 'sed' inserts a - # line-number line after each line using $LINENO; the second 'sed' - # does the real work. The second script uses 'N' to pair each - # line-number line with the line containing $LINENO, and appends - # trailing '-' during substitution so that $LINENO is not a special - # case at line end. - # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the - # scripts with optimization help from Paolo Bonzini. Blame Lee - # E. McMahon (1931-1989) for sed's syntax. :-) - sed -n ' - p - /[$]LINENO/= - ' <$as_myself | - sed ' - s/[$]LINENO.*/&-/ - t lineno - b - :lineno - N - :loop - s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ - t loop - s/-\n.*// - ' >$as_me.lineno && - chmod +x "$as_me.lineno" || - { echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2 - { (exit 1); exit 1; }; } - - # Don't try to exec as it changes $[0], causing all sort of problems - # (the dirname of $[0] is not the place where we might find the - # original and so on. Autoconf is especially sensitive to this). - . "./$as_me.lineno" - # Exit status is that of the last command. - exit -} - - -if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then - as_dirname=dirname -else - as_dirname=false -fi - -ECHO_C= ECHO_N= ECHO_T= -case `echo -n x` in --n*) - case `echo 'x\c'` in - *c*) ECHO_T=' ';; # ECHO_T is single tab character. - *) ECHO_C='\c';; - esac;; -*) - ECHO_N='-n';; -esac - -if expr a : '\(a\)' >/dev/null 2>&1 && - test "X`expr 00001 : '.*\(...\)'`" = X001; then - as_expr=expr -else - as_expr=false -fi - -rm -f conf$$ conf$$.exe conf$$.file -if test -d conf$$.dir; then - rm -f conf$$.dir/conf$$.file -else - rm -f conf$$.dir - mkdir conf$$.dir -fi -echo >conf$$.file -if ln -s conf$$.file conf$$ 2>/dev/null; then - as_ln_s='ln -s' - # ... but there are two gotchas: - # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. - # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -p'. - ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -p' -elif ln conf$$.file conf$$ 2>/dev/null; then - as_ln_s=ln -else - as_ln_s='cp -p' -fi -rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file -rmdir conf$$.dir 2>/dev/null - -if mkdir -p . 2>/dev/null; then - as_mkdir_p=: -else - test -d ./-p && rmdir ./-p - as_mkdir_p=false -fi - -if test -x / >/dev/null 2>&1; then - as_test_x='test -x' -else - if ls -dL / >/dev/null 2>&1; then - as_ls_L_option=L - else - as_ls_L_option= - fi - as_test_x=' - eval sh -c '\'' - if test -d "$1"; then - test -d "$1/."; - else - case $1 in - -*)set "./$1";; - esac; - case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in - ???[sx]*):;;*)false;;esac;fi - '\'' sh - ' -fi -as_executable_p=$as_test_x - -# Sed expression to map a string onto a valid CPP name. -as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" - -# Sed expression to map a string onto a valid variable name. -as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" - - - - -# Check that we are running under the correct shell. -SHELL=${CONFIG_SHELL-/bin/sh} - -case X$ECHO in -X*--fallback-echo) - # Remove one level of quotation (which was required for Make). - ECHO=`echo "$ECHO" | sed 's,\\\\\$\\$0,'$0','` - ;; -esac - -echo=${ECHO-echo} -if test "X$1" = X--no-reexec; then - # Discard the --no-reexec flag, and continue. - shift -elif test "X$1" = X--fallback-echo; then - # Avoid inline document here, it may be left over - : -elif test "X`($echo '\t') 2>/dev/null`" = 'X\t' ; then - # Yippee, $echo works! - : -else - # Restart under the correct shell. - exec $SHELL "$0" --no-reexec ${1+"$@"} -fi - -if test "X$1" = X--fallback-echo; then - # used as fallback echo - shift - cat </dev/null 2>&1 && unset CDPATH - -if test -z "$ECHO"; then -if test "X${echo_test_string+set}" != Xset; then -# find a string as large as possible, as long as the shell can cope with it - for cmd in 'sed 50q "$0"' 'sed 20q "$0"' 'sed 10q "$0"' 'sed 2q "$0"' 'echo test'; do - # expected sizes: less than 2Kb, 1Kb, 512 bytes, 16 bytes, ... - if (echo_test_string=`eval $cmd`) 2>/dev/null && - echo_test_string=`eval $cmd` && - (test "X$echo_test_string" = "X$echo_test_string") 2>/dev/null - then - break - fi - done -fi - -if test "X`($echo '\t') 2>/dev/null`" = 'X\t' && - echo_testing_string=`($echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - : -else - # The Solaris, AIX, and Digital Unix default echo programs unquote - # backslashes. This makes it impossible to quote backslashes using - # echo "$something" | sed 's/\\/\\\\/g' - # - # So, first we look for a working echo in the user's PATH. - - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - for dir in $PATH /usr/ucb; do - IFS="$lt_save_ifs" - if (test -f $dir/echo || test -f $dir/echo$ac_exeext) && - test "X`($dir/echo '\t') 2>/dev/null`" = 'X\t' && - echo_testing_string=`($dir/echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - echo="$dir/echo" - break - fi - done - IFS="$lt_save_ifs" - - if test "X$echo" = Xecho; then - # We didn't find a better echo, so look for alternatives. - if test "X`(print -r '\t') 2>/dev/null`" = 'X\t' && - echo_testing_string=`(print -r "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - # This shell has a builtin print -r that does the trick. - echo='print -r' - elif (test -f /bin/ksh || test -f /bin/ksh$ac_exeext) && - test "X$CONFIG_SHELL" != X/bin/ksh; then - # If we have ksh, try running configure again with it. - ORIGINAL_CONFIG_SHELL=${CONFIG_SHELL-/bin/sh} - export ORIGINAL_CONFIG_SHELL - CONFIG_SHELL=/bin/ksh - export CONFIG_SHELL - exec $CONFIG_SHELL "$0" --no-reexec ${1+"$@"} - else - # Try using printf. - echo='printf %s\n' - if test "X`($echo '\t') 2>/dev/null`" = 'X\t' && - echo_testing_string=`($echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - # Cool, printf works - : - elif echo_testing_string=`($ORIGINAL_CONFIG_SHELL "$0" --fallback-echo '\t') 2>/dev/null` && - test "X$echo_testing_string" = 'X\t' && - echo_testing_string=`($ORIGINAL_CONFIG_SHELL "$0" --fallback-echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - CONFIG_SHELL=$ORIGINAL_CONFIG_SHELL - export CONFIG_SHELL - SHELL="$CONFIG_SHELL" - export SHELL - echo="$CONFIG_SHELL $0 --fallback-echo" - elif echo_testing_string=`($CONFIG_SHELL "$0" --fallback-echo '\t') 2>/dev/null` && - test "X$echo_testing_string" = 'X\t' && - echo_testing_string=`($CONFIG_SHELL "$0" --fallback-echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - echo="$CONFIG_SHELL $0 --fallback-echo" - else - # maybe with a smaller string... - prev=: - - for cmd in 'echo test' 'sed 2q "$0"' 'sed 10q "$0"' 'sed 20q "$0"' 'sed 50q "$0"'; do - if (test "X$echo_test_string" = "X`eval $cmd`") 2>/dev/null - then - break - fi - prev="$cmd" - done - - if test "$prev" != 'sed 50q "$0"'; then - echo_test_string=`eval $prev` - export echo_test_string - exec ${ORIGINAL_CONFIG_SHELL-${CONFIG_SHELL-/bin/sh}} "$0" ${1+"$@"} - else - # Oops. We lost completely, so just stick with echo. - echo=echo - fi - fi - fi - fi -fi -fi - -# Copy echo and quote the copy suitably for passing to libtool from -# the Makefile, instead of quoting the original, which is used later. -ECHO=$echo -if test "X$ECHO" = "X$CONFIG_SHELL $0 --fallback-echo"; then - ECHO="$CONFIG_SHELL \\\$\$0 --fallback-echo" -fi - - - - -tagnames=${tagnames+${tagnames},}CXX - -tagnames=${tagnames+${tagnames},}F77 - -exec 7<&0 &1 - -# Name of the host. -# hostname on some systems (SVR3.2, Linux) returns a bogus exit status, -# so uname gets run too. -ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` - -# -# Initializations. -# -ac_default_prefix=/usr/local -ac_clean_files= -ac_config_libobj_dir=. -LIBOBJS= -cross_compiling=no -subdirs= -MFLAGS= -MAKEFLAGS= -SHELL=${CONFIG_SHELL-/bin/sh} - -# Identity of this package. -PACKAGE_NAME='Heimdal' -PACKAGE_TARNAME='heimdal' -PACKAGE_VERSION='1.1' -PACKAGE_STRING='Heimdal 1.1' -PACKAGE_BUGREPORT='heimdal-bugs@h5l.org' - -ac_unique_file="kuser/kinit.c" -ac_default_prefix=/usr/heimdal -# Factoring default headers for most tests. -ac_includes_default="\ -#include -#ifdef HAVE_SYS_TYPES_H -# include -#endif -#ifdef HAVE_SYS_STAT_H -# include -#endif -#ifdef STDC_HEADERS -# include -# include -#else -# ifdef HAVE_STDLIB_H -# include -# endif -#endif -#ifdef HAVE_STRING_H -# if !defined STDC_HEADERS && defined HAVE_MEMORY_H -# include -# endif -# include -#endif -#ifdef HAVE_STRINGS_H -# include -#endif -#ifdef HAVE_INTTYPES_H -# include -#endif -#ifdef HAVE_STDINT_H -# include -#endif -#ifdef HAVE_UNISTD_H -# include -#endif" - -ac_subst_vars='SHELL -PATH_SEPARATOR -PACKAGE_NAME -PACKAGE_TARNAME -PACKAGE_VERSION -PACKAGE_STRING -PACKAGE_BUGREPORT -exec_prefix -prefix -program_transform_name -bindir -sbindir -libexecdir -datarootdir -datadir -sysconfdir -sharedstatedir -localstatedir -includedir -oldincludedir -docdir -infodir -htmldir -dvidir -pdfdir -psdir -libdir -localedir -mandir -DEFS -ECHO_C -ECHO_N -ECHO_T -LIBS -build_alias -host_alias -target_alias -INSTALL_PROGRAM -INSTALL_SCRIPT -INSTALL_DATA -am__isrc -CYGPATH_W -PACKAGE -VERSION -ACLOCAL -AUTOCONF -AUTOMAKE -AUTOHEADER -MAKEINFO -install_sh -STRIP -INSTALL_STRIP_PROGRAM -mkdir_p -AWK -SET_MAKE -am__leading_dot -AMTAR -am__tar -am__untar -MAINTAINER_MODE_TRUE -MAINTAINER_MODE_FALSE -MAINT -CC -CFLAGS -LDFLAGS -CPPFLAGS -ac_ct_CC -EXEEXT -OBJEXT -CPP -build -build_cpu -build_vendor -build_os -host -host_cpu -host_vendor -host_os -CANONICAL_HOST -YACC -YFLAGS -LEX -LEX_OUTPUT_ROOT -LEXLIB -LN_S -GREP -EGREP -ECHO -AR -RANLIB -CXX -CXXFLAGS -ac_ct_CXX -CXXCPP -F77 -FFLAGS -ac_ct_F77 -LIBTOOL -ENABLE_SHARED_TRUE -ENABLE_SHARED_FALSE -VERSIONING -versionscript_TRUE -versionscript_FALSE -LDFLAGS_VERSION_SCRIPT -INCLUDE_openldap -LIB_openldap -OPENLDAP_MODULE_TRUE -OPENLDAP_MODULE_FALSE -PKINIT_TRUE -PKINIT_FALSE -DIR_hdbdir -INCLUDE_krb4 -LIB_krb4 -KRB4_TRUE -KRB4_FALSE -KRB5_TRUE -KRB5_FALSE -do_roken_rename_TRUE -do_roken_rename_FALSE -LIB_kdb -HAVE_OPENSSL_TRUE -HAVE_OPENSSL_FALSE -DIR_hcrypto -INCLUDE_hcrypto -LIB_hcrypto -LIB_hcrypto_a -LIB_hcrypto_so -LIB_hcrypto_appl -PTHREADS_CFLAGS -PTHREADS_LIBS -DCE_TRUE -DCE_FALSE -dpagaix_cflags -dpagaix_ldadd -dpagaix_ldflags -LIB_db_create -LIB_dbopen -LIB_dbm_firstkey -HAVE_DB1_TRUE -HAVE_DB1_FALSE -HAVE_DB3_TRUE -HAVE_DB3_FALSE -HAVE_NDBM_TRUE -HAVE_NDBM_FALSE -DBLIB -LIB_NDBM -WFLAGS -WFLAGS_NOUNUSED -WFLAGS_NOIMPLICITINT -VOID_RETSIGTYPE -have_err_h_TRUE -have_err_h_FALSE -have_ifaddrs_h_TRUE -have_ifaddrs_h_FALSE -have_vis_h_TRUE -have_vis_h_FALSE -LIB_socket -LIB_gethostbyname -LIB_syslog -LIB_gethostbyname2 -LIB_res_search -LIB_res_nsearch -LIB_res_ndestroy -LIB_dn_expand -LIBOBJS -have_glob_h_TRUE -have_glob_h_FALSE -have_cgetent_TRUE -have_cgetent_FALSE -LIB_getsockopt -LIB_setsockopt -LIB_hstrerror -LIB_bswap16 -LIB_bswap32 -LIB_pidfile -LIB_getaddrinfo -LIB_getnameinfo -LIB_freeaddrinfo -LIB_gai_strerror -have_fnmatch_h_TRUE -have_fnmatch_h_FALSE -LIB_crypt -have_socket_wrapper_TRUE -have_socket_wrapper_FALSE -DIR_roken -LIB_roken -INCLUDES_roken -LIBADD_roken -LIB_otp -OTP_TRUE -OTP_FALSE -LIB_security -NROFF -GROFF -CATMAN -CATMAN_TRUE -CATMAN_FALSE -CATMANEXT -INCLUDE_readline -LIB_readline -INCLUDE_hesiod -LIB_hesiod -AIX_TRUE -AIX_FALSE -AIX4_TRUE -AIX4_FALSE -LIB_dlopen -HAVE_DLOPEN_TRUE -HAVE_DLOPEN_FALSE -LIB_loadquery -AIX_DYNAMIC_AFS_TRUE -AIX_DYNAMIC_AFS_FALSE -AIX_EXTRA_KAFS -IRIX_TRUE -IRIX_FALSE -XMKMF -X_CFLAGS -X_PRE_LIBS -X_LIBS -X_EXTRA_LIBS -HAVE_X_TRUE -HAVE_X_FALSE -LIB_XauWriteAuth -LIB_XauReadAuth -LIB_XauFileName -NEED_WRITEAUTH_TRUE -NEED_WRITEAUTH_FALSE -LIB_logwtmp -LIB_logout -LIB_openpty -LIB_tgetent -LIB_getpwnam_r -LIB_door_create -KCM_TRUE -KCM_FALSE -FRAMEWORK_SECURITY_TRUE -FRAMEWORK_SECURITY_FALSE -LIB_el_init -el_compat_TRUE -el_compat_FALSE -COMPILE_ET -COM_ERR_TRUE -COM_ERR_FALSE -DIR_com_err -LIB_com_err -LIB_com_err_a -LIB_com_err_so -LIB_AUTH_SUBDIRS -LTLIBOBJS' -ac_subst_files='' - ac_precious_vars='build_alias -host_alias -target_alias -CC -CFLAGS -LDFLAGS -LIBS -CPPFLAGS -CPP -YACC -YFLAGS -CXX -CXXFLAGS -CCC -CXXCPP -F77 -FFLAGS -XMKMF' - - -# Initialize some variables set by options. -ac_init_help= -ac_init_version=false -# The variables have the same names as the options, with -# dashes changed to underlines. -cache_file=/dev/null -exec_prefix=NONE -no_create= -no_recursion= -prefix=NONE -program_prefix=NONE -program_suffix=NONE -program_transform_name=s,x,x, -silent= -site= -srcdir= -verbose= -x_includes=NONE -x_libraries=NONE - -# Installation directory options. -# These are left unexpanded so users can "make install exec_prefix=/foo" -# and all the variables that are supposed to be based on exec_prefix -# by default will actually change. -# Use braces instead of parens because sh, perl, etc. also accept them. -# (The list follows the same order as the GNU Coding Standards.) -bindir='${exec_prefix}/bin' -sbindir='${exec_prefix}/sbin' -libexecdir='${exec_prefix}/libexec' -datarootdir='${prefix}/share' -datadir='${datarootdir}' -sysconfdir='${prefix}/etc' -sharedstatedir='${prefix}/com' -localstatedir='${prefix}/var' -includedir='${prefix}/include' -oldincludedir='/usr/include' -docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' -infodir='${datarootdir}/info' -htmldir='${docdir}' -dvidir='${docdir}' -pdfdir='${docdir}' -psdir='${docdir}' -libdir='${exec_prefix}/lib' -localedir='${datarootdir}/locale' -mandir='${datarootdir}/man' - -ac_prev= -ac_dashdash= -for ac_option -do - # If the previous option needs an argument, assign it. - if test -n "$ac_prev"; then - eval $ac_prev=\$ac_option - ac_prev= - continue - fi - - case $ac_option in - *=*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; - *) ac_optarg=yes ;; - esac - - # Accept the important Cygnus configure options, so we can diagnose typos. - - case $ac_dashdash$ac_option in - --) - ac_dashdash=yes ;; - - -bindir | --bindir | --bindi | --bind | --bin | --bi) - ac_prev=bindir ;; - -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) - bindir=$ac_optarg ;; - - -build | --build | --buil | --bui | --bu) - ac_prev=build_alias ;; - -build=* | --build=* | --buil=* | --bui=* | --bu=*) - build_alias=$ac_optarg ;; - - -cache-file | --cache-file | --cache-fil | --cache-fi \ - | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) - ac_prev=cache_file ;; - -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ - | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) - cache_file=$ac_optarg ;; - - --config-cache | -C) - cache_file=config.cache ;; - - -datadir | --datadir | --datadi | --datad) - ac_prev=datadir ;; - -datadir=* | --datadir=* | --datadi=* | --datad=*) - datadir=$ac_optarg ;; - - -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \ - | --dataroo | --dataro | --datar) - ac_prev=datarootdir ;; - -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \ - | --dataroot=* | --dataroo=* | --dataro=* | --datar=*) - datarootdir=$ac_optarg ;; - - -disable-* | --disable-*) - ac_feature=`expr "x$ac_option" : 'x-*disable-\(.*\)'` - # Reject names that are not valid shell variable names. - expr "x$ac_feature" : ".*[^-._$as_cr_alnum]" >/dev/null && - { echo "$as_me: error: invalid feature name: $ac_feature" >&2 - { (exit 1); exit 1; }; } - ac_feature=`echo $ac_feature | sed 's/[-.]/_/g'` - eval enable_$ac_feature=no ;; - - -docdir | --docdir | --docdi | --doc | --do) - ac_prev=docdir ;; - -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*) - docdir=$ac_optarg ;; - - -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv) - ac_prev=dvidir ;; - -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*) - dvidir=$ac_optarg ;; - - -enable-* | --enable-*) - ac_feature=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` - # Reject names that are not valid shell variable names. - expr "x$ac_feature" : ".*[^-._$as_cr_alnum]" >/dev/null && - { echo "$as_me: error: invalid feature name: $ac_feature" >&2 - { (exit 1); exit 1; }; } - ac_feature=`echo $ac_feature | sed 's/[-.]/_/g'` - eval enable_$ac_feature=\$ac_optarg ;; - - -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ - | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ - | --exec | --exe | --ex) - ac_prev=exec_prefix ;; - -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ - | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ - | --exec=* | --exe=* | --ex=*) - exec_prefix=$ac_optarg ;; - - -gas | --gas | --ga | --g) - # Obsolete; use --with-gas. - with_gas=yes ;; - - -help | --help | --hel | --he | -h) - ac_init_help=long ;; - -help=r* | --help=r* | --hel=r* | --he=r* | -hr*) - ac_init_help=recursive ;; - -help=s* | --help=s* | --hel=s* | --he=s* | -hs*) - ac_init_help=short ;; - - -host | --host | --hos | --ho) - ac_prev=host_alias ;; - -host=* | --host=* | --hos=* | --ho=*) - host_alias=$ac_optarg ;; - - -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht) - ac_prev=htmldir ;; - -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \ - | --ht=*) - htmldir=$ac_optarg ;; - - -includedir | --includedir | --includedi | --included | --include \ - | --includ | --inclu | --incl | --inc) - ac_prev=includedir ;; - -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ - | --includ=* | --inclu=* | --incl=* | --inc=*) - includedir=$ac_optarg ;; - - -infodir | --infodir | --infodi | --infod | --info | --inf) - ac_prev=infodir ;; - -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) - infodir=$ac_optarg ;; - - -libdir | --libdir | --libdi | --libd) - ac_prev=libdir ;; - -libdir=* | --libdir=* | --libdi=* | --libd=*) - libdir=$ac_optarg ;; - - -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ - | --libexe | --libex | --libe) - ac_prev=libexecdir ;; - -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ - | --libexe=* | --libex=* | --libe=*) - libexecdir=$ac_optarg ;; - - -localedir | --localedir | --localedi | --localed | --locale) - ac_prev=localedir ;; - -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*) - localedir=$ac_optarg ;; - - -localstatedir | --localstatedir | --localstatedi | --localstated \ - | --localstate | --localstat | --localsta | --localst | --locals) - ac_prev=localstatedir ;; - -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ - | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*) - localstatedir=$ac_optarg ;; - - -mandir | --mandir | --mandi | --mand | --man | --ma | --m) - ac_prev=mandir ;; - -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) - mandir=$ac_optarg ;; - - -nfp | --nfp | --nf) - # Obsolete; use --without-fp. - with_fp=no ;; - - -no-create | --no-create | --no-creat | --no-crea | --no-cre \ - | --no-cr | --no-c | -n) - no_create=yes ;; - - -no-recursion | --no-recursion | --no-recursio | --no-recursi \ - | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) - no_recursion=yes ;; - - -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ - | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ - | --oldin | --oldi | --old | --ol | --o) - ac_prev=oldincludedir ;; - -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ - | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ - | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) - oldincludedir=$ac_optarg ;; - - -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) - ac_prev=prefix ;; - -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) - prefix=$ac_optarg ;; - - -program-prefix | --program-prefix | --program-prefi | --program-pref \ - | --program-pre | --program-pr | --program-p) - ac_prev=program_prefix ;; - -program-prefix=* | --program-prefix=* | --program-prefi=* \ - | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) - program_prefix=$ac_optarg ;; - - -program-suffix | --program-suffix | --program-suffi | --program-suff \ - | --program-suf | --program-su | --program-s) - ac_prev=program_suffix ;; - -program-suffix=* | --program-suffix=* | --program-suffi=* \ - | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) - program_suffix=$ac_optarg ;; - - -program-transform-name | --program-transform-name \ - | --program-transform-nam | --program-transform-na \ - | --program-transform-n | --program-transform- \ - | --program-transform | --program-transfor \ - | --program-transfo | --program-transf \ - | --program-trans | --program-tran \ - | --progr-tra | --program-tr | --program-t) - ac_prev=program_transform_name ;; - -program-transform-name=* | --program-transform-name=* \ - | --program-transform-nam=* | --program-transform-na=* \ - | --program-transform-n=* | --program-transform-=* \ - | --program-transform=* | --program-transfor=* \ - | --program-transfo=* | --program-transf=* \ - | --program-trans=* | --program-tran=* \ - | --progr-tra=* | --program-tr=* | --program-t=*) - program_transform_name=$ac_optarg ;; - - -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd) - ac_prev=pdfdir ;; - -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*) - pdfdir=$ac_optarg ;; - - -psdir | --psdir | --psdi | --psd | --ps) - ac_prev=psdir ;; - -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*) - psdir=$ac_optarg ;; - - -q | -quiet | --quiet | --quie | --qui | --qu | --q \ - | -silent | --silent | --silen | --sile | --sil) - silent=yes ;; - - -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) - ac_prev=sbindir ;; - -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ - | --sbi=* | --sb=*) - sbindir=$ac_optarg ;; - - -sharedstatedir | --sharedstatedir | --sharedstatedi \ - | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ - | --sharedst | --shareds | --shared | --share | --shar \ - | --sha | --sh) - ac_prev=sharedstatedir ;; - -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ - | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ - | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ - | --sha=* | --sh=*) - sharedstatedir=$ac_optarg ;; - - -site | --site | --sit) - ac_prev=site ;; - -site=* | --site=* | --sit=*) - site=$ac_optarg ;; - - -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) - ac_prev=srcdir ;; - -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) - srcdir=$ac_optarg ;; - - -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ - | --syscon | --sysco | --sysc | --sys | --sy) - ac_prev=sysconfdir ;; - -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ - | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) - sysconfdir=$ac_optarg ;; - - -target | --target | --targe | --targ | --tar | --ta | --t) - ac_prev=target_alias ;; - -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) - target_alias=$ac_optarg ;; - - -v | -verbose | --verbose | --verbos | --verbo | --verb) - verbose=yes ;; - - -version | --version | --versio | --versi | --vers | -V) - ac_init_version=: ;; - - -with-* | --with-*) - ac_package=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` - # Reject names that are not valid shell variable names. - expr "x$ac_package" : ".*[^-._$as_cr_alnum]" >/dev/null && - { echo "$as_me: error: invalid package name: $ac_package" >&2 - { (exit 1); exit 1; }; } - ac_package=`echo $ac_package | sed 's/[-.]/_/g'` - eval with_$ac_package=\$ac_optarg ;; - - -without-* | --without-*) - ac_package=`expr "x$ac_option" : 'x-*without-\(.*\)'` - # Reject names that are not valid shell variable names. - expr "x$ac_package" : ".*[^-._$as_cr_alnum]" >/dev/null && - { echo "$as_me: error: invalid package name: $ac_package" >&2 - { (exit 1); exit 1; }; } - ac_package=`echo $ac_package | sed 's/[-.]/_/g'` - eval with_$ac_package=no ;; - - --x) - # Obsolete; use --with-x. - with_x=yes ;; - - -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ - | --x-incl | --x-inc | --x-in | --x-i) - ac_prev=x_includes ;; - -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ - | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) - x_includes=$ac_optarg ;; - - -x-libraries | --x-libraries | --x-librarie | --x-librari \ - | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) - ac_prev=x_libraries ;; - -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ - | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) - x_libraries=$ac_optarg ;; - - -*) { echo "$as_me: error: unrecognized option: $ac_option -Try \`$0 --help' for more information." >&2 - { (exit 1); exit 1; }; } - ;; - - *=*) - ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` - # Reject names that are not valid shell variable names. - expr "x$ac_envvar" : ".*[^_$as_cr_alnum]" >/dev/null && - { echo "$as_me: error: invalid variable name: $ac_envvar" >&2 - { (exit 1); exit 1; }; } - eval $ac_envvar=\$ac_optarg - export $ac_envvar ;; - - *) - # FIXME: should be removed in autoconf 3.0. - echo "$as_me: WARNING: you should use --build, --host, --target" >&2 - expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && - echo "$as_me: WARNING: invalid host type: $ac_option" >&2 - : ${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option} - ;; - - esac -done - -if test -n "$ac_prev"; then - ac_option=--`echo $ac_prev | sed 's/_/-/g'` - { echo "$as_me: error: missing argument to $ac_option" >&2 - { (exit 1); exit 1; }; } -fi - -# Be sure to have absolute directory names. -for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ - datadir sysconfdir sharedstatedir localstatedir includedir \ - oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ - libdir localedir mandir -do - eval ac_val=\$$ac_var - case $ac_val in - [\\/$]* | ?:[\\/]* ) continue;; - NONE | '' ) case $ac_var in *prefix ) continue;; esac;; - esac - { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2 - { (exit 1); exit 1; }; } -done - -# There might be people who depend on the old broken behavior: `$host' -# used to hold the argument of --host etc. -# FIXME: To remove some day. -build=$build_alias -host=$host_alias -target=$target_alias - -# FIXME: To remove some day. -if test "x$host_alias" != x; then - if test "x$build_alias" = x; then - cross_compiling=maybe - echo "$as_me: WARNING: If you wanted to set the --build type, don't use --host. - If a cross compiler is detected then cross compile mode will be used." >&2 - elif test "x$build_alias" != "x$host_alias"; then - cross_compiling=yes - fi -fi - -ac_tool_prefix= -test -n "$host_alias" && ac_tool_prefix=$host_alias- - -test "$silent" = yes && exec 6>/dev/null - - -ac_pwd=`pwd` && test -n "$ac_pwd" && -ac_ls_di=`ls -di .` && -ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || - { echo "$as_me: error: Working directory cannot be determined" >&2 - { (exit 1); exit 1; }; } -test "X$ac_ls_di" = "X$ac_pwd_ls_di" || - { echo "$as_me: error: pwd does not report name of working directory" >&2 - { (exit 1); exit 1; }; } - - -# Find the source files, if location was not specified. -if test -z "$srcdir"; then - ac_srcdir_defaulted=yes - # Try the directory containing this script, then the parent directory. - ac_confdir=`$as_dirname -- "$0" || -$as_expr X"$0" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$0" : 'X\(//\)[^/]' \| \ - X"$0" : 'X\(//\)$' \| \ - X"$0" : 'X\(/\)' \| . 2>/dev/null || -echo X"$0" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - srcdir=$ac_confdir - if test ! -r "$srcdir/$ac_unique_file"; then - srcdir=.. - fi -else - ac_srcdir_defaulted=no -fi -if test ! -r "$srcdir/$ac_unique_file"; then - test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." - { echo "$as_me: error: cannot find sources ($ac_unique_file) in $srcdir" >&2 - { (exit 1); exit 1; }; } -fi -ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" -ac_abs_confdir=`( - cd "$srcdir" && test -r "./$ac_unique_file" || { echo "$as_me: error: $ac_msg" >&2 - { (exit 1); exit 1; }; } - pwd)` -# When building in place, set srcdir=. -if test "$ac_abs_confdir" = "$ac_pwd"; then - srcdir=. -fi -# Remove unnecessary trailing slashes from srcdir. -# Double slashes in file names in object file debugging info -# mess up M-x gdb in Emacs. -case $srcdir in -*/) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;; -esac -for ac_var in $ac_precious_vars; do - eval ac_env_${ac_var}_set=\${${ac_var}+set} - eval ac_env_${ac_var}_value=\$${ac_var} - eval ac_cv_env_${ac_var}_set=\${${ac_var}+set} - eval ac_cv_env_${ac_var}_value=\$${ac_var} -done - -# -# Report the --help message. -# -if test "$ac_init_help" = "long"; then - # Omit some internal or obsolete options to make the list less imposing. - # This message is too long to be a string in the A/UX 3.1 sh. - cat <<_ACEOF -\`configure' configures Heimdal 1.1 to adapt to many kinds of systems. - -Usage: $0 [OPTION]... [VAR=VALUE]... - -To assign environment variables (e.g., CC, CFLAGS...), specify them as -VAR=VALUE. See below for descriptions of some of the useful variables. - -Defaults for the options are specified in brackets. - -Configuration: - -h, --help display this help and exit - --help=short display options specific to this package - --help=recursive display the short help of all the included packages - -V, --version display version information and exit - -q, --quiet, --silent do not print \`checking...' messages - --cache-file=FILE cache test results in FILE [disabled] - -C, --config-cache alias for \`--cache-file=config.cache' - -n, --no-create do not create output files - --srcdir=DIR find the sources in DIR [configure dir or \`..'] - -Installation directories: - --prefix=PREFIX install architecture-independent files in PREFIX - [$ac_default_prefix] - --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX - [PREFIX] - -By default, \`make install' will install all the files in -\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify -an installation prefix other than \`$ac_default_prefix' using \`--prefix', -for instance \`--prefix=\$HOME'. - -For better control, use the options below. - -Fine tuning of the installation directories: - --bindir=DIR user executables [EPREFIX/bin] - --sbindir=DIR system admin executables [EPREFIX/sbin] - --libexecdir=DIR program executables [EPREFIX/libexec] - --sysconfdir=DIR read-only single-machine data [PREFIX/etc] - --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] - --localstatedir=DIR modifiable single-machine data [PREFIX/var] - --libdir=DIR object code libraries [EPREFIX/lib] - --includedir=DIR C header files [PREFIX/include] - --oldincludedir=DIR C header files for non-gcc [/usr/include] - --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] - --datadir=DIR read-only architecture-independent data [DATAROOTDIR] - --infodir=DIR info documentation [DATAROOTDIR/info] - --localedir=DIR locale-dependent data [DATAROOTDIR/locale] - --mandir=DIR man documentation [DATAROOTDIR/man] - --docdir=DIR documentation root [DATAROOTDIR/doc/heimdal] - --htmldir=DIR html documentation [DOCDIR] - --dvidir=DIR dvi documentation [DOCDIR] - --pdfdir=DIR pdf documentation [DOCDIR] - --psdir=DIR ps documentation [DOCDIR] -_ACEOF - - cat <<\_ACEOF - -Program names: - --program-prefix=PREFIX prepend PREFIX to installed program names - --program-suffix=SUFFIX append SUFFIX to installed program names - --program-transform-name=PROGRAM run sed PROGRAM on installed program names - -X features: - --x-includes=DIR X include files are in DIR - --x-libraries=DIR X library files are in DIR - -System types: - --build=BUILD configure for building on BUILD [guessed] - --host=HOST cross-compile to build programs to run on HOST [BUILD] -_ACEOF -fi - -if test -n "$ac_init_help"; then - case $ac_init_help in - short | recursive ) echo "Configuration of Heimdal 1.1:";; - esac - cat <<\_ACEOF - -Optional Features: - --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) - --enable-FEATURE[=ARG] include FEATURE [ARG=yes] - --enable-maintainer-mode enable make rules and dependencies not useful - (and sometimes confusing) to the casual installer - --disable-largefile omit support for large files - --enable-shared[=PKGS] build shared libraries [default=yes] - --enable-static[=PKGS] build static libraries [default=yes] - --enable-fast-install[=PKGS] - optimize for fast installation [default=yes] - --disable-libtool-lock avoid locking (might break parallel builds) - --enable-hdb-openldap-module - if you want support to build openldap hdb as shared - object - --disable-pk-init if you want disable to PK-INIT support - --enable-pthread-support - if you want thread safe libraries - --enable-dce if you want support for DCE/DFS PAG's - --disable-afs-support if you don't want support for AFS - --disable-berkeley-db if you don't want berkeley db - --disable-ndbm-db if you don't want ndbm db - --enable-developer enable developer warnings - --enable-socket-wrapper use sambas socket-wrapper for testing - --disable-otp if you don't want OTP support - --enable-osfc2 enable some OSF C2 support - --disable-mmap disable use of mmap - --disable-afs-string-to-key - disable use of weak AFS string-to-key functions - --enable-bigendian the target is big endian - --enable-littleendian the target is little endian - --disable-dynamic-afs do not use loaded AFS library with AIX - --enable-netinfo enable netinfo for configuration lookup - --enable-kcm enable Kerberos Credentials Manager - -Optional Packages: - --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] - --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) - --with-mips-abi=abi ABI to use for IRIX (32, n32, or 64) - --with-gnu-ld assume the C compiler uses GNU ld [default=no] - --with-pic try to use only PIC/non-PIC objects [default=use - both] - --with-tags[=TAGS] include additional configurations [automatic] - --with-openldap=dir use openldap in dir - --with-openldap-lib=dir use openldap libraries in dir - --with-openldap-include=dir - use openldap headers in dir - --with-openldap-config=path - config program for openldap - --with-hdbdir Default location for KDC database - [default=/var/heimdal] - --with-openssl=dir use openssl in dir - --with-openssl-lib=dir use openssl libraries in dir - --with-openssl-include=dir - use openssl headers in dir - --without-ipv6 do not enable IPv6 support - --with-readline=dir use readline in dir - --with-readline-lib=dir use readline libraries in dir - --with-readline-include=dir - use readline headers in dir - --with-readline-config=path - config program for readline - --with-hesiod=dir use hesiod in dir - --with-hesiod-lib=dir use hesiod libraries in dir - --with-hesiod-include=dir - use hesiod headers in dir - --with-hesiod-config=path - config program for hesiod - --with-x use the X Window System - -Some influential environment variables: - CC C compiler command - CFLAGS C compiler flags - LDFLAGS linker flags, e.g. -L if you have libraries in a - nonstandard directory - LIBS libraries to pass to the linker, e.g. -l - CPPFLAGS C/C++/Objective C preprocessor flags, e.g. -I if - you have headers in a nonstandard directory - CPP C preprocessor - YACC The `Yet Another C Compiler' implementation to use. Defaults to - the first program found out of: `bison -y', `byacc', `yacc'. - YFLAGS The list of arguments that will be passed by default to $YACC. - This script will default YFLAGS to the empty string to avoid a - default value of `-d' given by some make applications. - CXX C++ compiler command - CXXFLAGS C++ compiler flags - CXXCPP C++ preprocessor - F77 Fortran 77 compiler command - FFLAGS Fortran 77 compiler flags - XMKMF Path to xmkmf, Makefile generator for X Window System - -Use these variables to override the choices made by `configure' or to help -it to find libraries and programs with nonstandard names/locations. - -Report bugs to . -_ACEOF -ac_status=$? -fi - -if test "$ac_init_help" = "recursive"; then - # If there are subdirs, report their specific --help. - for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue - test -d "$ac_dir" || continue - ac_builddir=. - -case "$ac_dir" in -.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; -*) - ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'` - # A ".." for each directory in $ac_dir_suffix. - ac_top_builddir_sub=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,/..,g;s,/,,'` - case $ac_top_builddir_sub in - "") ac_top_builddir_sub=. ac_top_build_prefix= ;; - *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; - esac ;; -esac -ac_abs_top_builddir=$ac_pwd -ac_abs_builddir=$ac_pwd$ac_dir_suffix -# for backward compatibility: -ac_top_builddir=$ac_top_build_prefix - -case $srcdir in - .) # We are building in place. - ac_srcdir=. - ac_top_srcdir=$ac_top_builddir_sub - ac_abs_top_srcdir=$ac_pwd ;; - [\\/]* | ?:[\\/]* ) # Absolute name. - ac_srcdir=$srcdir$ac_dir_suffix; - ac_top_srcdir=$srcdir - ac_abs_top_srcdir=$srcdir ;; - *) # Relative name. - ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix - ac_top_srcdir=$ac_top_build_prefix$srcdir - ac_abs_top_srcdir=$ac_pwd/$srcdir ;; -esac -ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix - - cd "$ac_dir" || { ac_status=$?; continue; } - # Check for guested configure. - if test -f "$ac_srcdir/configure.gnu"; then - echo && - $SHELL "$ac_srcdir/configure.gnu" --help=recursive - elif test -f "$ac_srcdir/configure"; then - echo && - $SHELL "$ac_srcdir/configure" --help=recursive - else - echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 - fi || ac_status=$? - cd "$ac_pwd" || { ac_status=$?; break; } - done -fi - -test -n "$ac_init_help" && exit $ac_status -if $ac_init_version; then - cat <<\_ACEOF -Heimdal configure 1.1 -generated by GNU Autoconf 2.61 - -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, -2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -This configure script is free software; the Free Software Foundation -gives unlimited permission to copy, distribute and modify it. -_ACEOF - exit -fi -cat >config.log <<_ACEOF -This file contains any messages produced by compilers while -running configure, to aid debugging if configure makes a mistake. - -It was created by Heimdal $as_me 1.1, which was -generated by GNU Autoconf 2.61. Invocation command line was - - $ $0 $@ - -_ACEOF -exec 5>>config.log -{ -cat <<_ASUNAME -## --------- ## -## Platform. ## -## --------- ## - -hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` -uname -m = `(uname -m) 2>/dev/null || echo unknown` -uname -r = `(uname -r) 2>/dev/null || echo unknown` -uname -s = `(uname -s) 2>/dev/null || echo unknown` -uname -v = `(uname -v) 2>/dev/null || echo unknown` - -/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` -/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` - -/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` -/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` -/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` -/usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` -/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` -/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` -/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` - -_ASUNAME - -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - echo "PATH: $as_dir" -done -IFS=$as_save_IFS - -} >&5 - -cat >&5 <<_ACEOF - - -## ----------- ## -## Core tests. ## -## ----------- ## - -_ACEOF - - -# Keep a trace of the command line. -# Strip out --no-create and --no-recursion so they do not pile up. -# Strip out --silent because we don't want to record it for future runs. -# Also quote any args containing shell meta-characters. -# Make two passes to allow for proper duplicate-argument suppression. -ac_configure_args= -ac_configure_args0= -ac_configure_args1= -ac_must_keep_next=false -for ac_pass in 1 2 -do - for ac_arg - do - case $ac_arg in - -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; - -q | -quiet | --quiet | --quie | --qui | --qu | --q \ - | -silent | --silent | --silen | --sile | --sil) - continue ;; - *\'*) - ac_arg=`echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; - esac - case $ac_pass in - 1) ac_configure_args0="$ac_configure_args0 '$ac_arg'" ;; - 2) - ac_configure_args1="$ac_configure_args1 '$ac_arg'" - if test $ac_must_keep_next = true; then - ac_must_keep_next=false # Got value, back to normal. - else - case $ac_arg in - *=* | --config-cache | -C | -disable-* | --disable-* \ - | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ - | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ - | -with-* | --with-* | -without-* | --without-* | --x) - case "$ac_configure_args0 " in - "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; - esac - ;; - -* ) ac_must_keep_next=true ;; - esac - fi - ac_configure_args="$ac_configure_args '$ac_arg'" - ;; - esac - done -done -$as_unset ac_configure_args0 || test "${ac_configure_args0+set}" != set || { ac_configure_args0=; export ac_configure_args0; } -$as_unset ac_configure_args1 || test "${ac_configure_args1+set}" != set || { ac_configure_args1=; export ac_configure_args1; } - -# When interrupted or exit'd, cleanup temporary files, and complete -# config.log. We remove comments because anyway the quotes in there -# would cause problems or look ugly. -# WARNING: Use '\'' to represent an apostrophe within the trap. -# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. -trap 'exit_status=$? - # Save into config.log some information that might help in debugging. - { - echo - - cat <<\_ASBOX -## ---------------- ## -## Cache variables. ## -## ---------------- ## -_ASBOX - echo - # The following way of writing the cache mishandles newlines in values, -( - for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do - eval ac_val=\$$ac_var - case $ac_val in #( - *${as_nl}*) - case $ac_var in #( - *_cv_*) { echo "$as_me:$LINENO: WARNING: Cache variable $ac_var contains a newline." >&5 -echo "$as_me: WARNING: Cache variable $ac_var contains a newline." >&2;} ;; - esac - case $ac_var in #( - _ | IFS | as_nl) ;; #( - *) $as_unset $ac_var ;; - esac ;; - esac - done - (set) 2>&1 | - case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( - *${as_nl}ac_space=\ *) - sed -n \ - "s/'\''/'\''\\\\'\'''\''/g; - s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" - ;; #( - *) - sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" - ;; - esac | - sort -) - echo - - cat <<\_ASBOX -## ----------------- ## -## Output variables. ## -## ----------------- ## -_ASBOX - echo - for ac_var in $ac_subst_vars - do - eval ac_val=\$$ac_var - case $ac_val in - *\'\''*) ac_val=`echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; - esac - echo "$ac_var='\''$ac_val'\''" - done | sort - echo - - if test -n "$ac_subst_files"; then - cat <<\_ASBOX -## ------------------- ## -## File substitutions. ## -## ------------------- ## -_ASBOX - echo - for ac_var in $ac_subst_files - do - eval ac_val=\$$ac_var - case $ac_val in - *\'\''*) ac_val=`echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; - esac - echo "$ac_var='\''$ac_val'\''" - done | sort - echo - fi - - if test -s confdefs.h; then - cat <<\_ASBOX -## ----------- ## -## confdefs.h. ## -## ----------- ## -_ASBOX - echo - cat confdefs.h - echo - fi - test "$ac_signal" != 0 && - echo "$as_me: caught signal $ac_signal" - echo "$as_me: exit $exit_status" - } >&5 - rm -f core *.core core.conftest.* && - rm -f -r conftest* confdefs* conf$$* $ac_clean_files && - exit $exit_status -' 0 -for ac_signal in 1 2 13 15; do - trap 'ac_signal='$ac_signal'; { (exit 1); exit 1; }' $ac_signal -done -ac_signal=0 - -# confdefs.h avoids OS command line length limits that DEFS can exceed. -rm -f -r conftest* confdefs.h - -# Predefined preprocessor variables. - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_NAME "$PACKAGE_NAME" -_ACEOF - - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_TARNAME "$PACKAGE_TARNAME" -_ACEOF - - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_VERSION "$PACKAGE_VERSION" -_ACEOF - - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_STRING "$PACKAGE_STRING" -_ACEOF - - -cat >>confdefs.h <<_ACEOF -#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" -_ACEOF - - -# Let the site file select an alternate cache file if it wants to. -# Prefer explicitly selected file to automatically selected ones. -if test -n "$CONFIG_SITE"; then - set x "$CONFIG_SITE" -elif test "x$prefix" != xNONE; then - set x "$prefix/share/config.site" "$prefix/etc/config.site" -else - set x "$ac_default_prefix/share/config.site" \ - "$ac_default_prefix/etc/config.site" -fi -shift -for ac_site_file -do - if test -r "$ac_site_file"; then - { echo "$as_me:$LINENO: loading site script $ac_site_file" >&5 -echo "$as_me: loading site script $ac_site_file" >&6;} - sed 's/^/| /' "$ac_site_file" >&5 - . "$ac_site_file" - fi -done - -if test -r "$cache_file"; then - # Some versions of bash will fail to source /dev/null (special - # files actually), so we avoid doing that. - if test -f "$cache_file"; then - { echo "$as_me:$LINENO: loading cache $cache_file" >&5 -echo "$as_me: loading cache $cache_file" >&6;} - case $cache_file in - [\\/]* | ?:[\\/]* ) . "$cache_file";; - *) . "./$cache_file";; - esac - fi -else - { echo "$as_me:$LINENO: creating cache $cache_file" >&5 -echo "$as_me: creating cache $cache_file" >&6;} - >$cache_file -fi - -# Check that the precious variables saved in the cache have kept the same -# value. -ac_cache_corrupted=false -for ac_var in $ac_precious_vars; do - eval ac_old_set=\$ac_cv_env_${ac_var}_set - eval ac_new_set=\$ac_env_${ac_var}_set - eval ac_old_val=\$ac_cv_env_${ac_var}_value - eval ac_new_val=\$ac_env_${ac_var}_value - case $ac_old_set,$ac_new_set in - set,) - { echo "$as_me:$LINENO: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 -echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} - ac_cache_corrupted=: ;; - ,set) - { echo "$as_me:$LINENO: error: \`$ac_var' was not set in the previous run" >&5 -echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} - ac_cache_corrupted=: ;; - ,);; - *) - if test "x$ac_old_val" != "x$ac_new_val"; then - { echo "$as_me:$LINENO: error: \`$ac_var' has changed since the previous run:" >&5 -echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} - { echo "$as_me:$LINENO: former value: $ac_old_val" >&5 -echo "$as_me: former value: $ac_old_val" >&2;} - { echo "$as_me:$LINENO: current value: $ac_new_val" >&5 -echo "$as_me: current value: $ac_new_val" >&2;} - ac_cache_corrupted=: - fi;; - esac - # Pass precious variables to config.status. - if test "$ac_new_set" = set; then - case $ac_new_val in - *\'*) ac_arg=$ac_var=`echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; - *) ac_arg=$ac_var=$ac_new_val ;; - esac - case " $ac_configure_args " in - *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. - *) ac_configure_args="$ac_configure_args '$ac_arg'" ;; - esac - fi -done -if $ac_cache_corrupted; then - { echo "$as_me:$LINENO: error: changes in the environment can compromise the build" >&5 -echo "$as_me: error: changes in the environment can compromise the build" >&2;} - { { echo "$as_me:$LINENO: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&5 -echo "$as_me: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&2;} - { (exit 1); exit 1; }; } -fi - - - - - - - - - - - - - - - - - - - - - - - - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - - -ac_config_headers="$ac_config_headers include/config.h" - - -am__api_version='1.10' - -ac_aux_dir= -for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do - if test -f "$ac_dir/install-sh"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/install-sh -c" - break - elif test -f "$ac_dir/install.sh"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/install.sh -c" - break - elif test -f "$ac_dir/shtool"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/shtool install -c" - break - fi -done -if test -z "$ac_aux_dir"; then - { { echo "$as_me:$LINENO: error: cannot find install-sh or install.sh in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" >&5 -echo "$as_me: error: cannot find install-sh or install.sh in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" >&2;} - { (exit 1); exit 1; }; } -fi - -# These three variables are undocumented and unsupported, -# and are intended to be withdrawn in a future Autoconf release. -# They can cause serious problems if a builder's source tree is in a directory -# whose full name contains unusual characters. -ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. -ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. -ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. - - -# Find a good install program. We prefer a C program (faster), -# so one script is as good as another. But avoid the broken or -# incompatible versions: -# SysV /etc/install, /usr/sbin/install -# SunOS /usr/etc/install -# IRIX /sbin/install -# AIX /bin/install -# AmigaOS /C/install, which installs bootblocks on floppy discs -# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag -# AFS /usr/afsws/bin/install, which mishandles nonexistent args -# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" -# OS/2's system install, which has a completely different semantic -# ./install, which can be erroneously created by make from ./install.sh. -{ echo "$as_me:$LINENO: checking for a BSD-compatible install" >&5 -echo $ECHO_N "checking for a BSD-compatible install... $ECHO_C" >&6; } -if test -z "$INSTALL"; then -if test "${ac_cv_path_install+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - # Account for people who put trailing slashes in PATH elements. -case $as_dir/ in - ./ | .// | /cC/* | \ - /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ - ?:\\/os2\\/install\\/* | ?:\\/OS2\\/INSTALL\\/* | \ - /usr/ucb/* ) ;; - *) - # OSF1 and SCO ODT 3.0 have their own names for install. - # Don't use installbsd from OSF since it installs stuff as root - # by default. - for ac_prog in ginstall scoinst install; do - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; }; then - if test $ac_prog = install && - grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then - # AIX install. It has an incompatible calling convention. - : - elif test $ac_prog = install && - grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then - # program-specific install script used by HP pwplus--don't use. - : - else - ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" - break 3 - fi - fi - done - done - ;; -esac -done -IFS=$as_save_IFS - - -fi - if test "${ac_cv_path_install+set}" = set; then - INSTALL=$ac_cv_path_install - else - # As a last resort, use the slow shell script. Don't cache a - # value for INSTALL within a source directory, because that will - # break other packages using the cache if that directory is - # removed, or if the value is a relative name. - INSTALL=$ac_install_sh - fi -fi -{ echo "$as_me:$LINENO: result: $INSTALL" >&5 -echo "${ECHO_T}$INSTALL" >&6; } - -# Use test -z because SunOS4 sh mishandles braces in ${var-val}. -# It thinks the first close brace ends the variable substitution. -test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' - -test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' - -test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' - -{ echo "$as_me:$LINENO: checking whether build environment is sane" >&5 -echo $ECHO_N "checking whether build environment is sane... $ECHO_C" >&6; } -# Just in case -sleep 1 -echo timestamp > conftest.file -# Do `set' in a subshell so we don't clobber the current shell's -# arguments. Must try -L first in case configure is actually a -# symlink; some systems play weird games with the mod time of symlinks -# (eg FreeBSD returns the mod time of the symlink's containing -# directory). -if ( - set X `ls -Lt $srcdir/configure conftest.file 2> /dev/null` - if test "$*" = "X"; then - # -L didn't work. - set X `ls -t $srcdir/configure conftest.file` - fi - rm -f conftest.file - if test "$*" != "X $srcdir/configure conftest.file" \ - && test "$*" != "X conftest.file $srcdir/configure"; then - - # If neither matched, then we have a broken ls. This can happen - # if, for instance, CONFIG_SHELL is bash and it inherits a - # broken ls alias from the environment. This has actually - # happened. Such a system could not be considered "sane". - { { echo "$as_me:$LINENO: error: ls -t appears to fail. Make sure there is not a broken -alias in your environment" >&5 -echo "$as_me: error: ls -t appears to fail. Make sure there is not a broken -alias in your environment" >&2;} - { (exit 1); exit 1; }; } - fi - - test "$2" = conftest.file - ) -then - # Ok. - : -else - { { echo "$as_me:$LINENO: error: newly created file is older than distributed files! -Check your system clock" >&5 -echo "$as_me: error: newly created file is older than distributed files! -Check your system clock" >&2;} - { (exit 1); exit 1; }; } -fi -{ echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } -test "$program_prefix" != NONE && - program_transform_name="s&^&$program_prefix&;$program_transform_name" -# Use a double $ so make ignores it. -test "$program_suffix" != NONE && - program_transform_name="s&\$&$program_suffix&;$program_transform_name" -# Double any \ or $. echo might interpret backslashes. -# By default was `s,x,x', remove it if useless. -cat <<\_ACEOF >conftest.sed -s/[\\$]/&&/g;s/;s,x,x,$// -_ACEOF -program_transform_name=`echo $program_transform_name | sed -f conftest.sed` -rm -f conftest.sed - -# expand $ac_aux_dir to an absolute path -am_aux_dir=`cd $ac_aux_dir && pwd` - -test x"${MISSING+set}" = xset || MISSING="\${SHELL} $am_aux_dir/missing" -# Use eval to expand $SHELL -if eval "$MISSING --run true"; then - am_missing_run="$MISSING --run " -else - am_missing_run= - { echo "$as_me:$LINENO: WARNING: \`missing' script is too old or missing" >&5 -echo "$as_me: WARNING: \`missing' script is too old or missing" >&2;} -fi - -{ echo "$as_me:$LINENO: checking for a thread-safe mkdir -p" >&5 -echo $ECHO_N "checking for a thread-safe mkdir -p... $ECHO_C" >&6; } -if test -z "$MKDIR_P"; then - if test "${ac_cv_path_mkdir+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/opt/sfw/bin -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_prog in mkdir gmkdir; do - for ac_exec_ext in '' $ac_executable_extensions; do - { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; } || continue - case `"$as_dir/$ac_prog$ac_exec_ext" --version 2>&1` in #( - 'mkdir (GNU coreutils) '* | \ - 'mkdir (coreutils) '* | \ - 'mkdir (fileutils) '4.1*) - ac_cv_path_mkdir=$as_dir/$ac_prog$ac_exec_ext - break 3;; - esac - done - done -done -IFS=$as_save_IFS - -fi - - if test "${ac_cv_path_mkdir+set}" = set; then - MKDIR_P="$ac_cv_path_mkdir -p" - else - # As a last resort, use the slow shell script. Don't cache a - # value for MKDIR_P within a source directory, because that will - # break other packages using the cache if that directory is - # removed, or if the value is a relative name. - test -d ./--version && rmdir ./--version - MKDIR_P="$ac_install_sh -d" - fi -fi -{ echo "$as_me:$LINENO: result: $MKDIR_P" >&5 -echo "${ECHO_T}$MKDIR_P" >&6; } - -mkdir_p="$MKDIR_P" -case $mkdir_p in - [\\/$]* | ?:[\\/]*) ;; - */*) mkdir_p="\$(top_builddir)/$mkdir_p" ;; -esac - -for ac_prog in gawk mawk nawk awk -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_AWK+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$AWK"; then - ac_cv_prog_AWK="$AWK" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_AWK="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -AWK=$ac_cv_prog_AWK -if test -n "$AWK"; then - { echo "$as_me:$LINENO: result: $AWK" >&5 -echo "${ECHO_T}$AWK" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - test -n "$AWK" && break -done - -{ echo "$as_me:$LINENO: checking whether ${MAKE-make} sets \$(MAKE)" >&5 -echo $ECHO_N "checking whether ${MAKE-make} sets \$(MAKE)... $ECHO_C" >&6; } -set x ${MAKE-make}; ac_make=`echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` -if { as_var=ac_cv_prog_make_${ac_make}_set; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.make <<\_ACEOF -SHELL = /bin/sh -all: - @echo '@@@%%%=$(MAKE)=@@@%%%' -_ACEOF -# GNU make sometimes prints "make[1]: Entering...", which would confuse us. -case `${MAKE-make} -f conftest.make 2>/dev/null` in - *@@@%%%=?*=@@@%%%*) - eval ac_cv_prog_make_${ac_make}_set=yes;; - *) - eval ac_cv_prog_make_${ac_make}_set=no;; -esac -rm -f conftest.make -fi -if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - SET_MAKE= -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - SET_MAKE="MAKE=${MAKE-make}" -fi - -rm -rf .tst 2>/dev/null -mkdir .tst 2>/dev/null -if test -d .tst; then - am__leading_dot=. -else - am__leading_dot=_ -fi -rmdir .tst 2>/dev/null - -if test "`cd $srcdir && pwd`" != "`pwd`"; then - # Use -I$(srcdir) only when $(srcdir) != ., so that make's output - # is not polluted with repeated "-I." - am__isrc=' -I$(srcdir)' - # test to see if srcdir already configured - if test -f $srcdir/config.status; then - { { echo "$as_me:$LINENO: error: source directory already configured; run \"make distclean\" there first" >&5 -echo "$as_me: error: source directory already configured; run \"make distclean\" there first" >&2;} - { (exit 1); exit 1; }; } - fi -fi - -# test whether we have cygpath -if test -z "$CYGPATH_W"; then - if (cygpath --version) >/dev/null 2>/dev/null; then - CYGPATH_W='cygpath -w' - else - CYGPATH_W=echo - fi -fi - - -# Define the identity of the package. - PACKAGE='heimdal' - VERSION='1.1' - - -cat >>confdefs.h <<_ACEOF -#define PACKAGE "$PACKAGE" -_ACEOF - - -cat >>confdefs.h <<_ACEOF -#define VERSION "$VERSION" -_ACEOF - -# Some tools Automake needs. - -ACLOCAL=${ACLOCAL-"${am_missing_run}aclocal-${am__api_version}"} - - -AUTOCONF=${AUTOCONF-"${am_missing_run}autoconf"} - - -AUTOMAKE=${AUTOMAKE-"${am_missing_run}automake-${am__api_version}"} - - -AUTOHEADER=${AUTOHEADER-"${am_missing_run}autoheader"} - - -MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"} - -install_sh=${install_sh-"\$(SHELL) $am_aux_dir/install-sh"} - -# Installed binaries are usually stripped using `strip' when the user -# run `make install-strip'. However `strip' might not be the right -# tool to use in cross-compilation environments, therefore Automake -# will honor the `STRIP' environment variable to overrule this program. -if test "$cross_compiling" != no; then - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. -set dummy ${ac_tool_prefix}strip; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_STRIP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$STRIP"; then - ac_cv_prog_STRIP="$STRIP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_STRIP="${ac_tool_prefix}strip" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -STRIP=$ac_cv_prog_STRIP -if test -n "$STRIP"; then - { echo "$as_me:$LINENO: result: $STRIP" >&5 -echo "${ECHO_T}$STRIP" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_STRIP"; then - ac_ct_STRIP=$STRIP - # Extract the first word of "strip", so it can be a program name with args. -set dummy strip; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_STRIP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_STRIP"; then - ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_STRIP="strip" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP -if test -n "$ac_ct_STRIP"; then - { echo "$as_me:$LINENO: result: $ac_ct_STRIP" >&5 -echo "${ECHO_T}$ac_ct_STRIP" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - if test "x$ac_ct_STRIP" = x; then - STRIP=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - STRIP=$ac_ct_STRIP - fi -else - STRIP="$ac_cv_prog_STRIP" -fi - -fi -INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" - -# We need awk for the "check" target. The system "awk" is bad on -# some platforms. -# Always define AMTAR for backward compatibility. - -AMTAR=${AMTAR-"${am_missing_run}tar"} - -am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -' - - - - - -{ echo "$as_me:$LINENO: checking whether to enable maintainer-specific portions of Makefiles" >&5 -echo $ECHO_N "checking whether to enable maintainer-specific portions of Makefiles... $ECHO_C" >&6; } - # Check whether --enable-maintainer-mode was given. -if test "${enable_maintainer_mode+set}" = set; then - enableval=$enable_maintainer_mode; USE_MAINTAINER_MODE=$enableval -else - USE_MAINTAINER_MODE=no -fi - - { echo "$as_me:$LINENO: result: $USE_MAINTAINER_MODE" >&5 -echo "${ECHO_T}$USE_MAINTAINER_MODE" >&6; } - if test $USE_MAINTAINER_MODE = yes; then - MAINTAINER_MODE_TRUE= - MAINTAINER_MODE_FALSE='#' -else - MAINTAINER_MODE_TRUE='#' - MAINTAINER_MODE_FALSE= -fi - - MAINT=$MAINTAINER_MODE_TRUE - - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. -set dummy ${ac_tool_prefix}gcc; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_CC="${ac_tool_prefix}gcc" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { echo "$as_me:$LINENO: result: $CC" >&5 -echo "${ECHO_T}$CC" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_CC"; then - ac_ct_CC=$CC - # Extract the first word of "gcc", so it can be a program name with args. -set dummy gcc; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_CC"; then - ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_CC="gcc" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -ac_ct_CC=$ac_cv_prog_ac_ct_CC -if test -n "$ac_ct_CC"; then - { echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 -echo "${ECHO_T}$ac_ct_CC" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - if test "x$ac_ct_CC" = x; then - CC="" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - CC=$ac_ct_CC - fi -else - CC="$ac_cv_prog_CC" -fi - -if test -z "$CC"; then - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. -set dummy ${ac_tool_prefix}cc; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_CC="${ac_tool_prefix}cc" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { echo "$as_me:$LINENO: result: $CC" >&5 -echo "${ECHO_T}$CC" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - fi -fi -if test -z "$CC"; then - # Extract the first word of "cc", so it can be a program name with args. -set dummy cc; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else - ac_prog_rejected=no -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then - ac_prog_rejected=yes - continue - fi - ac_cv_prog_CC="cc" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -if test $ac_prog_rejected = yes; then - # We found a bogon in the path, so make sure we never use it. - set dummy $ac_cv_prog_CC - shift - if test $# != 0; then - # We chose a different compiler from the bogus one. - # However, it has the same basename, so the bogon will be chosen - # first if we set CC to just the basename; use the full file name. - shift - ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" - fi -fi -fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { echo "$as_me:$LINENO: result: $CC" >&5 -echo "${ECHO_T}$CC" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - -fi -if test -z "$CC"; then - if test -n "$ac_tool_prefix"; then - for ac_prog in cl.exe - do - # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. -set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_CC="$ac_tool_prefix$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { echo "$as_me:$LINENO: result: $CC" >&5 -echo "${ECHO_T}$CC" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - test -n "$CC" && break - done -fi -if test -z "$CC"; then - ac_ct_CC=$CC - for ac_prog in cl.exe -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_CC"; then - ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_CC="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -ac_ct_CC=$ac_cv_prog_ac_ct_CC -if test -n "$ac_ct_CC"; then - { echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 -echo "${ECHO_T}$ac_ct_CC" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - test -n "$ac_ct_CC" && break -done - - if test "x$ac_ct_CC" = x; then - CC="" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - CC=$ac_ct_CC - fi -fi - -fi - - -test -z "$CC" && { { echo "$as_me:$LINENO: error: no acceptable C compiler found in \$PATH -See \`config.log' for more details." >&5 -echo "$as_me: error: no acceptable C compiler found in \$PATH -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } - -# Provide some information about the compiler. -echo "$as_me:$LINENO: checking for C compiler version" >&5 -ac_compiler=`set X $ac_compile; echo $2` -{ (ac_try="$ac_compiler --version >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler --version >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -v >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -v >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -V >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -V >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } - -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -ac_clean_files_save=$ac_clean_files -ac_clean_files="$ac_clean_files a.out a.exe b.out" -# Try to create an executable without -o first, disregard a.out. -# It will help us diagnose broken compilers, and finding out an intuition -# of exeext. -{ echo "$as_me:$LINENO: checking for C compiler default output file name" >&5 -echo $ECHO_N "checking for C compiler default output file name... $ECHO_C" >&6; } -ac_link_default=`echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` -# -# List of possible output files, starting from the most likely. -# The algorithm is not robust to junk in `.', hence go to wildcards (a.*) -# only as a last resort. b.out is created by i960 compilers. -ac_files='a_out.exe a.exe conftest.exe a.out conftest a.* conftest.* b.out' -# -# The IRIX 6 linker writes into existing files which may not be -# executable, retaining their permissions. Remove them first so a -# subsequent execution test works. -ac_rmfiles= -for ac_file in $ac_files -do - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) ;; - * ) ac_rmfiles="$ac_rmfiles $ac_file";; - esac -done -rm -f $ac_rmfiles - -if { (ac_try="$ac_link_default" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link_default") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. -# So ignore a value of `no', otherwise this would lead to `EXEEXT = no' -# in a Makefile. We should not override ac_cv_exeext if it was cached, -# so that the user can short-circuit this test for compilers unknown to -# Autoconf. -for ac_file in $ac_files '' -do - test -f "$ac_file" || continue - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) - ;; - [ab].out ) - # We found the default executable, but exeext='' is most - # certainly right. - break;; - *.* ) - if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; - then :; else - ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` - fi - # We set ac_cv_exeext here because the later test for it is not - # safe: cross compilers may not add the suffix if given an `-o' - # argument, so we may need to know it at that point already. - # Even if this section looks crufty: it has the advantage of - # actually working. - break;; - * ) - break;; - esac -done -test "$ac_cv_exeext" = no && ac_cv_exeext= - -else - ac_file='' -fi - -{ echo "$as_me:$LINENO: result: $ac_file" >&5 -echo "${ECHO_T}$ac_file" >&6; } -if test -z "$ac_file"; then - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -{ { echo "$as_me:$LINENO: error: C compiler cannot create executables -See \`config.log' for more details." >&5 -echo "$as_me: error: C compiler cannot create executables -See \`config.log' for more details." >&2;} - { (exit 77); exit 77; }; } -fi - -ac_exeext=$ac_cv_exeext - -# Check that the compiler produces executables we can run. If not, either -# the compiler is broken, or we cross compile. -{ echo "$as_me:$LINENO: checking whether the C compiler works" >&5 -echo $ECHO_N "checking whether the C compiler works... $ECHO_C" >&6; } -# FIXME: These cross compiler hacks should be removed for Autoconf 3.0 -# If not cross compiling, check that we can run a simple program. -if test "$cross_compiling" != yes; then - if { ac_try='./$ac_file' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - cross_compiling=no - else - if test "$cross_compiling" = maybe; then - cross_compiling=yes - else - { { echo "$as_me:$LINENO: error: cannot run C compiled programs. -If you meant to cross compile, use \`--host'. -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot run C compiled programs. -If you meant to cross compile, use \`--host'. -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } - fi - fi -fi -{ echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - -rm -f a.out a.exe conftest$ac_cv_exeext b.out -ac_clean_files=$ac_clean_files_save -# Check that the compiler produces executables we can run. If not, either -# the compiler is broken, or we cross compile. -{ echo "$as_me:$LINENO: checking whether we are cross compiling" >&5 -echo $ECHO_N "checking whether we are cross compiling... $ECHO_C" >&6; } -{ echo "$as_me:$LINENO: result: $cross_compiling" >&5 -echo "${ECHO_T}$cross_compiling" >&6; } - -{ echo "$as_me:$LINENO: checking for suffix of executables" >&5 -echo $ECHO_N "checking for suffix of executables... $ECHO_C" >&6; } -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - # If both `conftest.exe' and `conftest' are `present' (well, observable) -# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will -# work properly (i.e., refer to `conftest.exe'), while it won't with -# `rm'. -for ac_file in conftest.exe conftest conftest.*; do - test -f "$ac_file" || continue - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) ;; - *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` - break;; - * ) break;; - esac -done -else - { { echo "$as_me:$LINENO: error: cannot compute suffix of executables: cannot compile and link -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute suffix of executables: cannot compile and link -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } -fi - -rm -f conftest$ac_cv_exeext -{ echo "$as_me:$LINENO: result: $ac_cv_exeext" >&5 -echo "${ECHO_T}$ac_cv_exeext" >&6; } - -rm -f conftest.$ac_ext -EXEEXT=$ac_cv_exeext -ac_exeext=$EXEEXT -{ echo "$as_me:$LINENO: checking for suffix of object files" >&5 -echo $ECHO_N "checking for suffix of object files... $ECHO_C" >&6; } -if test "${ac_cv_objext+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.o conftest.obj -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - for ac_file in conftest.o conftest.obj conftest.*; do - test -f "$ac_file" || continue; - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf ) ;; - *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` - break;; - esac -done -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -{ { echo "$as_me:$LINENO: error: cannot compute suffix of object files: cannot compile -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute suffix of object files: cannot compile -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } -fi - -rm -f conftest.$ac_cv_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_objext" >&5 -echo "${ECHO_T}$ac_cv_objext" >&6; } -OBJEXT=$ac_cv_objext -ac_objext=$OBJEXT -{ echo "$as_me:$LINENO: checking whether we are using the GNU C compiler" >&5 -echo $ECHO_N "checking whether we are using the GNU C compiler... $ECHO_C" >&6; } -if test "${ac_cv_c_compiler_gnu+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -#ifndef __GNUC__ - choke me -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_compiler_gnu=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_compiler_gnu=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -ac_cv_c_compiler_gnu=$ac_compiler_gnu - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_c_compiler_gnu" >&5 -echo "${ECHO_T}$ac_cv_c_compiler_gnu" >&6; } -GCC=`test $ac_compiler_gnu = yes && echo yes` -ac_test_CFLAGS=${CFLAGS+set} -ac_save_CFLAGS=$CFLAGS -{ echo "$as_me:$LINENO: checking whether $CC accepts -g" >&5 -echo $ECHO_N "checking whether $CC accepts -g... $ECHO_C" >&6; } -if test "${ac_cv_prog_cc_g+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_save_c_werror_flag=$ac_c_werror_flag - ac_c_werror_flag=yes - ac_cv_prog_cc_g=no - CFLAGS="-g" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_cc_g=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - CFLAGS="" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_c_werror_flag=$ac_save_c_werror_flag - CFLAGS="-g" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_cc_g=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ac_c_werror_flag=$ac_save_c_werror_flag -fi -{ echo "$as_me:$LINENO: result: $ac_cv_prog_cc_g" >&5 -echo "${ECHO_T}$ac_cv_prog_cc_g" >&6; } -if test "$ac_test_CFLAGS" = set; then - CFLAGS=$ac_save_CFLAGS -elif test $ac_cv_prog_cc_g = yes; then - if test "$GCC" = yes; then - CFLAGS="-g -O2" - else - CFLAGS="-g" - fi -else - if test "$GCC" = yes; then - CFLAGS="-O2" - else - CFLAGS= - fi -fi -{ echo "$as_me:$LINENO: checking for $CC option to accept ISO C89" >&5 -echo $ECHO_N "checking for $CC option to accept ISO C89... $ECHO_C" >&6; } -if test "${ac_cv_prog_cc_c89+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_cv_prog_cc_c89=no -ac_save_CC=$CC -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -#include -#include -/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ -struct buf { int x; }; -FILE * (*rcsopen) (struct buf *, struct stat *, int); -static char *e (p, i) - char **p; - int i; -{ - return p[i]; -} -static char *f (char * (*g) (char **, int), char **p, ...) -{ - char *s; - va_list v; - va_start (v,p); - s = g (p, va_arg (v,int)); - va_end (v); - return s; -} - -/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has - function prototypes and stuff, but not '\xHH' hex character constants. - These don't provoke an error unfortunately, instead are silently treated - as 'x'. The following induces an error, until -std is added to get - proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an - array size at least. It's necessary to write '\x00'==0 to get something - that's true only with -std. */ -int osf4_cc_array ['\x00' == 0 ? 1 : -1]; - -/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters - inside strings and character constants. */ -#define FOO(x) 'x' -int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; - -int test (int i, double x); -struct s1 {int (*f) (int a);}; -struct s2 {int (*f) (double a);}; -int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); -int argc; -char **argv; -int -main () -{ -return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; - ; - return 0; -} -_ACEOF -for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ - -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" -do - CC="$ac_save_CC $ac_arg" - rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_cc_c89=$ac_arg -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext - test "x$ac_cv_prog_cc_c89" != "xno" && break -done -rm -f conftest.$ac_ext -CC=$ac_save_CC - -fi -# AC_CACHE_VAL -case "x$ac_cv_prog_cc_c89" in - x) - { echo "$as_me:$LINENO: result: none needed" >&5 -echo "${ECHO_T}none needed" >&6; } ;; - xno) - { echo "$as_me:$LINENO: result: unsupported" >&5 -echo "${ECHO_T}unsupported" >&6; } ;; - *) - CC="$CC $ac_cv_prog_cc_c89" - { echo "$as_me:$LINENO: result: $ac_cv_prog_cc_c89" >&5 -echo "${ECHO_T}$ac_cv_prog_cc_c89" >&6; } ;; -esac - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -if test "x$CC" != xcc; then - { echo "$as_me:$LINENO: checking whether $CC and cc understand -c and -o together" >&5 -echo $ECHO_N "checking whether $CC and cc understand -c and -o together... $ECHO_C" >&6; } -else - { echo "$as_me:$LINENO: checking whether cc understands -c and -o together" >&5 -echo $ECHO_N "checking whether cc understands -c and -o together... $ECHO_C" >&6; } -fi -set dummy $CC; ac_cc=`echo $2 | - sed 's/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/'` -if { as_var=ac_cv_prog_cc_${ac_cc}_c_o; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -# Make sure it works both with $CC and with simple cc. -# We do the test twice because some compilers refuse to overwrite an -# existing .o file with -o, though they will create one. -ac_try='$CC -c conftest.$ac_ext -o conftest2.$ac_objext >&5' -rm -f conftest2.* -if { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - test -f conftest2.$ac_objext && { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; -then - eval ac_cv_prog_cc_${ac_cc}_c_o=yes - if test "x$CC" != xcc; then - # Test first that cc exists at all. - if { ac_try='cc -c conftest.$ac_ext >&5' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_try='cc -c conftest.$ac_ext -o conftest2.$ac_objext >&5' - rm -f conftest2.* - if { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - test -f conftest2.$ac_objext && { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; - then - # cc works too. - : - else - # cc exists but doesn't like -o. - eval ac_cv_prog_cc_${ac_cc}_c_o=no - fi - fi - fi -else - eval ac_cv_prog_cc_${ac_cc}_c_o=no -fi -rm -f core conftest* - -fi -if eval test \$ac_cv_prog_cc_${ac_cc}_c_o = yes; then - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - -cat >>confdefs.h <<\_ACEOF -#define NO_MINUS_C_MINUS_O 1 -_ACEOF - -fi - -# FIXME: we rely on the cache variable name because -# there is no other way. -set dummy $CC -ac_cc=`echo $2 | sed 's/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/'` -if eval "test \"`echo '$ac_cv_prog_cc_'${ac_cc}_c_o`\" != yes"; then - # Losing compiler, so override with the script. - # FIXME: It is wrong to rewrite CC. - # But if we don't then we get into trouble of one sort or another. - # A longer-term fix would be to have automake use am__CC in this case, - # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)" - CC="$am_aux_dir/compile $CC" -fi - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu -{ echo "$as_me:$LINENO: checking how to run the C preprocessor" >&5 -echo $ECHO_N "checking how to run the C preprocessor... $ECHO_C" >&6; } -# On Suns, sometimes $CPP names a directory. -if test -n "$CPP" && test -d "$CPP"; then - CPP= -fi -if test -z "$CPP"; then - if test "${ac_cv_prog_CPP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - # Double quotes because CPP needs to be expanded - for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" - do - ac_preproc_ok=false -for ac_c_preproc_warn_flag in '' yes -do - # Use a header file that comes with gcc, so configuring glibc - # with a fresh cross-compiler works. - # Prefer to if __STDC__ is defined, since - # exists even on freestanding compilers. - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. "Syntax error" is here to catch this case. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef __STDC__ -# include -#else -# include -#endif - Syntax error -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - # Broken: fails on valid input. -continue -fi - -rm -f conftest.err conftest.$ac_ext - - # OK, works on sane cases. Now check whether nonexistent headers - # can be detected and how. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - # Broken: success on invalid input. -continue -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - # Passes both tests. -ac_preproc_ok=: -break -fi - -rm -f conftest.err conftest.$ac_ext - -done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.err conftest.$ac_ext -if $ac_preproc_ok; then - break -fi - - done - ac_cv_prog_CPP=$CPP - -fi - CPP=$ac_cv_prog_CPP -else - ac_cv_prog_CPP=$CPP -fi -{ echo "$as_me:$LINENO: result: $CPP" >&5 -echo "${ECHO_T}$CPP" >&6; } -ac_preproc_ok=false -for ac_c_preproc_warn_flag in '' yes -do - # Use a header file that comes with gcc, so configuring glibc - # with a fresh cross-compiler works. - # Prefer to if __STDC__ is defined, since - # exists even on freestanding compilers. - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. "Syntax error" is here to catch this case. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef __STDC__ -# include -#else -# include -#endif - Syntax error -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - # Broken: fails on valid input. -continue -fi - -rm -f conftest.err conftest.$ac_ext - - # OK, works on sane cases. Now check whether nonexistent headers - # can be detected and how. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - # Broken: success on invalid input. -continue -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - # Passes both tests. -ac_preproc_ok=: -break -fi - -rm -f conftest.err conftest.$ac_ext - -done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.err conftest.$ac_ext -if $ac_preproc_ok; then - : -else - { { echo "$as_me:$LINENO: error: C preprocessor \"$CPP\" fails sanity check -See \`config.log' for more details." >&5 -echo "$as_me: error: C preprocessor \"$CPP\" fails sanity check -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } -fi - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - - - -test "$sysconfdir" = '${prefix}/etc' && sysconfdir='/etc' -test "$localstatedir" = '${prefix}/var' && localstatedir='/var/heimdal' - -# Make sure we can run config.sub. -$SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 || - { { echo "$as_me:$LINENO: error: cannot run $SHELL $ac_aux_dir/config.sub" >&5 -echo "$as_me: error: cannot run $SHELL $ac_aux_dir/config.sub" >&2;} - { (exit 1); exit 1; }; } - -{ echo "$as_me:$LINENO: checking build system type" >&5 -echo $ECHO_N "checking build system type... $ECHO_C" >&6; } -if test "${ac_cv_build+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_build_alias=$build_alias -test "x$ac_build_alias" = x && - ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"` -test "x$ac_build_alias" = x && - { { echo "$as_me:$LINENO: error: cannot guess build type; you must specify one" >&5 -echo "$as_me: error: cannot guess build type; you must specify one" >&2;} - { (exit 1); exit 1; }; } -ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` || - { { echo "$as_me:$LINENO: error: $SHELL $ac_aux_dir/config.sub $ac_build_alias failed" >&5 -echo "$as_me: error: $SHELL $ac_aux_dir/config.sub $ac_build_alias failed" >&2;} - { (exit 1); exit 1; }; } - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_build" >&5 -echo "${ECHO_T}$ac_cv_build" >&6; } -case $ac_cv_build in -*-*-*) ;; -*) { { echo "$as_me:$LINENO: error: invalid value of canonical build" >&5 -echo "$as_me: error: invalid value of canonical build" >&2;} - { (exit 1); exit 1; }; };; -esac -build=$ac_cv_build -ac_save_IFS=$IFS; IFS='-' -set x $ac_cv_build -shift -build_cpu=$1 -build_vendor=$2 -shift; shift -# Remember, the first character of IFS is used to create $*, -# except with old shells: -build_os=$* -IFS=$ac_save_IFS -case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac - - -{ echo "$as_me:$LINENO: checking host system type" >&5 -echo $ECHO_N "checking host system type... $ECHO_C" >&6; } -if test "${ac_cv_host+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test "x$host_alias" = x; then - ac_cv_host=$ac_cv_build -else - ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` || - { { echo "$as_me:$LINENO: error: $SHELL $ac_aux_dir/config.sub $host_alias failed" >&5 -echo "$as_me: error: $SHELL $ac_aux_dir/config.sub $host_alias failed" >&2;} - { (exit 1); exit 1; }; } -fi - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_host" >&5 -echo "${ECHO_T}$ac_cv_host" >&6; } -case $ac_cv_host in -*-*-*) ;; -*) { { echo "$as_me:$LINENO: error: invalid value of canonical host" >&5 -echo "$as_me: error: invalid value of canonical host" >&2;} - { (exit 1); exit 1; }; };; -esac -host=$ac_cv_host -ac_save_IFS=$IFS; IFS='-' -set x $ac_cv_host -shift -host_cpu=$1 -host_vendor=$2 -shift; shift -# Remember, the first character of IFS is used to create $*, -# except with old shells: -host_os=$* -IFS=$ac_save_IFS -case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac - - -CANONICAL_HOST=$host - - - - - - - { echo "$as_me:$LINENO: autobuild project... ${PACKAGE_NAME:-$PACKAGE}" >&5 -echo "$as_me: autobuild project... ${PACKAGE_NAME:-$PACKAGE}" >&6;} - { echo "$as_me:$LINENO: autobuild revision... ${PACKAGE_VERSION:-$VERSION}" >&5 -echo "$as_me: autobuild revision... ${PACKAGE_VERSION:-$VERSION}" >&6;} - hostname=`hostname` - if test "$hostname"; then - { echo "$as_me:$LINENO: autobuild hostname... $hostname" >&5 -echo "$as_me: autobuild hostname... $hostname" >&6;} - fi - - date=`date +%Y%m%d-%H%M%S` - if test "$?" != 0; then - date=`date` - fi - if test "$date"; then - { echo "$as_me:$LINENO: autobuild timestamp... $date" >&5 -echo "$as_me: autobuild timestamp... $date" >&6;} - fi - - - -# Check whether --enable-largefile was given. -if test "${enable_largefile+set}" = set; then - enableval=$enable_largefile; -fi - -if test "$enable_largefile" != no; then - - { echo "$as_me:$LINENO: checking for special C compiler options needed for large files" >&5 -echo $ECHO_N "checking for special C compiler options needed for large files... $ECHO_C" >&6; } -if test "${ac_cv_sys_largefile_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_cv_sys_largefile_CC=no - if test "$GCC" != yes; then - ac_save_CC=$CC - while :; do - # IRIX 6.2 and later do not support large files by default, - # so use the C compiler's -n32 option if that helps. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () -{ - - ; - return 0; -} -_ACEOF - rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext - CC="$CC -n32" - rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_sys_largefile_CC=' -n32'; break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext - break - done - CC=$ac_save_CC - rm -f conftest.$ac_ext - fi -fi -{ echo "$as_me:$LINENO: result: $ac_cv_sys_largefile_CC" >&5 -echo "${ECHO_T}$ac_cv_sys_largefile_CC" >&6; } - if test "$ac_cv_sys_largefile_CC" != no; then - CC=$CC$ac_cv_sys_largefile_CC - fi - - { echo "$as_me:$LINENO: checking for _FILE_OFFSET_BITS value needed for large files" >&5 -echo $ECHO_N "checking for _FILE_OFFSET_BITS value needed for large files... $ECHO_C" >&6; } -if test "${ac_cv_sys_file_offset_bits+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - while :; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_sys_file_offset_bits=no; break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#define _FILE_OFFSET_BITS 64 -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_sys_file_offset_bits=64; break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ac_cv_sys_file_offset_bits=unknown - break -done -fi -{ echo "$as_me:$LINENO: result: $ac_cv_sys_file_offset_bits" >&5 -echo "${ECHO_T}$ac_cv_sys_file_offset_bits" >&6; } -case $ac_cv_sys_file_offset_bits in #( - no | unknown) ;; - *) -cat >>confdefs.h <<_ACEOF -#define _FILE_OFFSET_BITS $ac_cv_sys_file_offset_bits -_ACEOF -;; -esac -rm -f conftest* - if test $ac_cv_sys_file_offset_bits = unknown; then - { echo "$as_me:$LINENO: checking for _LARGE_FILES value needed for large files" >&5 -echo $ECHO_N "checking for _LARGE_FILES value needed for large files... $ECHO_C" >&6; } -if test "${ac_cv_sys_large_files+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - while :; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_sys_large_files=no; break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#define _LARGE_FILES 1 -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_sys_large_files=1; break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ac_cv_sys_large_files=unknown - break -done -fi -{ echo "$as_me:$LINENO: result: $ac_cv_sys_large_files" >&5 -echo "${ECHO_T}$ac_cv_sys_large_files" >&6; } -case $ac_cv_sys_large_files in #( - no | unknown) ;; - *) -cat >>confdefs.h <<_ACEOF -#define _LARGE_FILES $ac_cv_sys_large_files -_ACEOF -;; -esac -rm -f conftest* - fi -fi - - -if test "$enable_largefile" != no -a "$ac_cv_sys_large_files" != no; then - CPPFLAGS="$CPPFLAGS -D_LARGE_FILES=$ac_cv_sys_large_files" -fi -if test "$enable_largefile" != no -a "$ac_cv_sys_file_offset_bits" != no; then - CPPFLAGS="$CPPFLAGS -D_FILE_OFFSET_BITS=$ac_cv_sys_file_offset_bits" -fi - - - -cat >>confdefs.h <<\_ACEOF -#define _GNU_SOURCE 1 -_ACEOF - - - - - -for ac_prog in 'bison -y' byacc -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_YACC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$YACC"; then - ac_cv_prog_YACC="$YACC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_YACC="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -YACC=$ac_cv_prog_YACC -if test -n "$YACC"; then - { echo "$as_me:$LINENO: result: $YACC" >&5 -echo "${ECHO_T}$YACC" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - test -n "$YACC" && break -done -test -n "$YACC" || YACC="yacc" - -for ac_prog in flex lex -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_LEX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$LEX"; then - ac_cv_prog_LEX="$LEX" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_LEX="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -LEX=$ac_cv_prog_LEX -if test -n "$LEX"; then - { echo "$as_me:$LINENO: result: $LEX" >&5 -echo "${ECHO_T}$LEX" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - test -n "$LEX" && break -done -test -n "$LEX" || LEX=":" - -if test "x$LEX" != "x:"; then - cat >conftest.l <<_ACEOF -%% -a { ECHO; } -b { REJECT; } -c { yymore (); } -d { yyless (1); } -e { yyless (input () != 0); } -f { unput (yytext[0]); } -. { BEGIN INITIAL; } -%% -#ifdef YYTEXT_POINTER -extern char *yytext; -#endif -int -main (void) -{ - return ! yylex () + ! yywrap (); -} -_ACEOF -{ (ac_try="$LEX conftest.l" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$LEX conftest.l") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ echo "$as_me:$LINENO: checking lex output file root" >&5 -echo $ECHO_N "checking lex output file root... $ECHO_C" >&6; } -if test "${ac_cv_prog_lex_root+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if test -f lex.yy.c; then - ac_cv_prog_lex_root=lex.yy -elif test -f lexyy.c; then - ac_cv_prog_lex_root=lexyy -else - { { echo "$as_me:$LINENO: error: cannot find output from $LEX; giving up" >&5 -echo "$as_me: error: cannot find output from $LEX; giving up" >&2;} - { (exit 1); exit 1; }; } -fi -fi -{ echo "$as_me:$LINENO: result: $ac_cv_prog_lex_root" >&5 -echo "${ECHO_T}$ac_cv_prog_lex_root" >&6; } -LEX_OUTPUT_ROOT=$ac_cv_prog_lex_root - -if test -z "${LEXLIB+set}"; then - { echo "$as_me:$LINENO: checking lex library" >&5 -echo $ECHO_N "checking lex library... $ECHO_C" >&6; } -if test "${ac_cv_lib_lex+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - - ac_save_LIBS=$LIBS - ac_cv_lib_lex='none needed' - for ac_lib in '' -lfl -ll; do - LIBS="$ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -`cat $LEX_OUTPUT_ROOT.c` -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_lex=$ac_lib -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - test "$ac_cv_lib_lex" != 'none needed' && break - done - LIBS=$ac_save_LIBS - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_lex" >&5 -echo "${ECHO_T}$ac_cv_lib_lex" >&6; } - test "$ac_cv_lib_lex" != 'none needed' && LEXLIB=$ac_cv_lib_lex -fi - - -{ echo "$as_me:$LINENO: checking whether yytext is a pointer" >&5 -echo $ECHO_N "checking whether yytext is a pointer... $ECHO_C" >&6; } -if test "${ac_cv_prog_lex_yytext_pointer+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - # POSIX says lex can declare yytext either as a pointer or an array; the -# default is implementation-dependent. Figure out which it is, since -# not all implementations provide the %pointer and %array declarations. -ac_cv_prog_lex_yytext_pointer=no -ac_save_LIBS=$LIBS -LIBS="$LEXLIB $ac_save_LIBS" -cat >conftest.$ac_ext <<_ACEOF -#define YYTEXT_POINTER 1 -`cat $LEX_OUTPUT_ROOT.c` -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_prog_lex_yytext_pointer=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_save_LIBS - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_prog_lex_yytext_pointer" >&5 -echo "${ECHO_T}$ac_cv_prog_lex_yytext_pointer" >&6; } -if test $ac_cv_prog_lex_yytext_pointer = yes; then - -cat >>confdefs.h <<\_ACEOF -#define YYTEXT_POINTER 1 -_ACEOF - -fi -rm -f conftest.l $LEX_OUTPUT_ROOT.c - -fi -if test "$LEX" = :; then - LEX=${am_missing_run}flex -fi -for ac_prog in gawk mawk nawk awk -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_AWK+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$AWK"; then - ac_cv_prog_AWK="$AWK" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_AWK="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -AWK=$ac_cv_prog_AWK -if test -n "$AWK"; then - { echo "$as_me:$LINENO: result: $AWK" >&5 -echo "${ECHO_T}$AWK" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - test -n "$AWK" && break -done - -{ echo "$as_me:$LINENO: checking for ln -s or something else" >&5 -echo $ECHO_N "checking for ln -s or something else... $ECHO_C" >&6; } -if test "${ac_cv_prog_LN_S+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - rm -f conftestdata -if ln -s X conftestdata 2>/dev/null -then - rm -f conftestdata - ac_cv_prog_LN_S="ln -s" -else - touch conftestdata1 - if ln conftestdata1 conftestdata2; then - rm -f conftestdata* - ac_cv_prog_LN_S=ln - else - ac_cv_prog_LN_S=cp - fi -fi -fi -LN_S="$ac_cv_prog_LN_S" -{ echo "$as_me:$LINENO: result: $ac_cv_prog_LN_S" >&5 -echo "${ECHO_T}$ac_cv_prog_LN_S" >&6; } - - - - -# Check whether --with-mips_abi was given. -if test "${with_mips_abi+set}" = set; then - withval=$with_mips_abi; -fi - - -case "$host_os" in -irix*) -with_mips_abi="${with_mips_abi:-yes}" -if test -n "$GCC"; then - -# GCC < 2.8 only supports the O32 ABI. GCC >= 2.8 has a flag to select -# which ABI to use, but only supports (as of 2.8.1) the N32 and 64 ABIs. -# -# Default to N32, but if GCC doesn't grok -mabi=n32, we assume an old -# GCC and revert back to O32. The same goes if O32 is asked for - old -# GCCs doesn't like the -mabi option, and new GCCs can't output O32. -# -# Don't you just love *all* the different SGI ABIs? - -case "${with_mips_abi}" in - 32|o32) abi='-mabi=32'; abilibdirext='' ;; - n32|yes) abi='-mabi=n32'; abilibdirext='32' ;; - 64) abi='-mabi=64'; abilibdirext='64' ;; - no) abi=''; abilibdirext='';; - *) { { echo "$as_me:$LINENO: error: \"Invalid ABI specified\"" >&5 -echo "$as_me: error: \"Invalid ABI specified\"" >&2;} - { (exit 1); exit 1; }; } ;; -esac -if test -n "$abi" ; then -ac_foo=krb_cv_gcc_`echo $abi | tr =- __` -{ echo "$as_me:$LINENO: checking if $CC supports the $abi option" >&5 -echo $ECHO_N "checking if $CC supports the $abi option... $ECHO_C" >&6; } -if { as_var=$ac_foo; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -save_CFLAGS="$CFLAGS" -CFLAGS="$CFLAGS $abi" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -int x; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval $ac_foo=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval $ac_foo=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_extCFLAGS="$save_CFLAGS" - -fi - -ac_res=`eval echo \\\$$ac_foo` -{ echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test $ac_res = no; then -# Try to figure out why that failed... -case $abi in - -mabi=32) - save_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -mabi=n32" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -int x; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_res=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_res=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext CLAGS="$save_CFLAGS" - if test $ac_res = yes; then - # New GCC - { { echo "$as_me:$LINENO: error: $CC does not support the $with_mips_abi ABI" >&5 -echo "$as_me: error: $CC does not support the $with_mips_abi ABI" >&2;} - { (exit 1); exit 1; }; } - fi - # Old GCC - abi='' - abilibdirext='' - ;; - -mabi=n32|-mabi=64) - if test $with_mips_abi = yes; then - # Old GCC, default to O32 - abi='' - abilibdirext='' - else - # Some broken GCC - { { echo "$as_me:$LINENO: error: $CC does not support the $with_mips_abi ABI" >&5 -echo "$as_me: error: $CC does not support the $with_mips_abi ABI" >&2;} - { (exit 1); exit 1; }; } - fi - ;; -esac -fi #if test $ac_res = no; then -fi #if test -n "$abi" ; then -else -case "${with_mips_abi}" in - 32|o32) abi='-32'; abilibdirext='' ;; - n32|yes) abi='-n32'; abilibdirext='32' ;; - 64) abi='-64'; abilibdirext='64' ;; - no) abi=''; abilibdirext='';; - *) { { echo "$as_me:$LINENO: error: \"Invalid ABI specified\"" >&5 -echo "$as_me: error: \"Invalid ABI specified\"" >&2;} - { (exit 1); exit 1; }; } ;; -esac -fi #if test -n "$GCC"; then -;; -esac - -CC="$CC $abi" -libdir="$libdir$abilibdirext" - - -{ echo "$as_me:$LINENO: checking for __attribute__" >&5 -echo $ECHO_N "checking for __attribute__... $ECHO_C" >&6; } -if test "${ac_cv___attribute__+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -static void foo(void) __attribute__ ((noreturn)); - -static void -foo(void) -{ - exit(1); -} - -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv___attribute__=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv___attribute__=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -if test "$ac_cv___attribute__" = "yes"; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE___ATTRIBUTE__ 1 -_ACEOF - -fi -{ echo "$as_me:$LINENO: result: $ac_cv___attribute__" >&5 -echo "${ECHO_T}$ac_cv___attribute__" >&6; } - - -# Check whether --enable-shared was given. -if test "${enable_shared+set}" = set; then - enableval=$enable_shared; p=${PACKAGE-default} - case $enableval in - yes) enable_shared=yes ;; - no) enable_shared=no ;; - *) - enable_shared=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_shared=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac -else - enable_shared=yes -fi - - -# Check whether --enable-static was given. -if test "${enable_static+set}" = set; then - enableval=$enable_static; p=${PACKAGE-default} - case $enableval in - yes) enable_static=yes ;; - no) enable_static=no ;; - *) - enable_static=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_static=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac -else - enable_static=yes -fi - - -# Check whether --enable-fast-install was given. -if test "${enable_fast_install+set}" = set; then - enableval=$enable_fast_install; p=${PACKAGE-default} - case $enableval in - yes) enable_fast_install=yes ;; - no) enable_fast_install=no ;; - *) - enable_fast_install=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_fast_install=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac -else - enable_fast_install=yes -fi - - -{ echo "$as_me:$LINENO: checking for a sed that does not truncate output" >&5 -echo $ECHO_N "checking for a sed that does not truncate output... $ECHO_C" >&6; } -if test "${lt_cv_path_SED+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - # Loop through the user's path and test for sed and gsed. -# Then use that list of sed's as ones to test for truncation. -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for lt_ac_prog in sed gsed; do - for ac_exec_ext in '' $ac_executable_extensions; do - if $as_executable_p "$as_dir/$lt_ac_prog$ac_exec_ext"; then - lt_ac_sed_list="$lt_ac_sed_list $as_dir/$lt_ac_prog$ac_exec_ext" - fi - done - done -done -lt_ac_max=0 -lt_ac_count=0 -# Add /usr/xpg4/bin/sed as it is typically found on Solaris -# along with /bin/sed that truncates output. -for lt_ac_sed in $lt_ac_sed_list /usr/xpg4/bin/sed; do - test ! -f $lt_ac_sed && continue - cat /dev/null > conftest.in - lt_ac_count=0 - echo $ECHO_N "0123456789$ECHO_C" >conftest.in - # Check for GNU sed and select it if it is found. - if "$lt_ac_sed" --version 2>&1 < /dev/null | grep 'GNU' > /dev/null; then - lt_cv_path_SED=$lt_ac_sed - break - fi - while true; do - cat conftest.in conftest.in >conftest.tmp - mv conftest.tmp conftest.in - cp conftest.in conftest.nl - echo >>conftest.nl - $lt_ac_sed -e 's/a$//' < conftest.nl >conftest.out || break - cmp -s conftest.out conftest.nl || break - # 10000 chars as input seems more than enough - test $lt_ac_count -gt 10 && break - lt_ac_count=`expr $lt_ac_count + 1` - if test $lt_ac_count -gt $lt_ac_max; then - lt_ac_max=$lt_ac_count - lt_cv_path_SED=$lt_ac_sed - fi - done -done - -fi - -SED=$lt_cv_path_SED -{ echo "$as_me:$LINENO: result: $SED" >&5 -echo "${ECHO_T}$SED" >&6; } - -{ echo "$as_me:$LINENO: checking for grep that handles long lines and -e" >&5 -echo $ECHO_N "checking for grep that handles long lines and -e... $ECHO_C" >&6; } -if test "${ac_cv_path_GREP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - # Extract the first word of "grep ggrep" to use in msg output -if test -z "$GREP"; then -set dummy grep ggrep; ac_prog_name=$2 -if test "${ac_cv_path_GREP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_path_GREP_found=false -# Loop through the user's path and test for each of PROGNAME-LIST -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_prog in grep ggrep; do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue - # Check for GNU ac_path_GREP and select it if it is found. - # Check for GNU $ac_path_GREP -case `"$ac_path_GREP" --version 2>&1` in -*GNU*) - ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; -*) - ac_count=0 - echo $ECHO_N "0123456789$ECHO_C" >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - echo 'GREP' >> "conftest.nl" - "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - ac_count=`expr $ac_count + 1` - if test $ac_count -gt ${ac_path_GREP_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_GREP="$ac_path_GREP" - ac_path_GREP_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break - done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; -esac - - - $ac_path_GREP_found && break 3 - done -done - -done -IFS=$as_save_IFS - - -fi - -GREP="$ac_cv_path_GREP" -if test -z "$GREP"; then - { { echo "$as_me:$LINENO: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&5 -echo "$as_me: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&2;} - { (exit 1); exit 1; }; } -fi - -else - ac_cv_path_GREP=$GREP -fi - - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_path_GREP" >&5 -echo "${ECHO_T}$ac_cv_path_GREP" >&6; } - GREP="$ac_cv_path_GREP" - - -{ echo "$as_me:$LINENO: checking for egrep" >&5 -echo $ECHO_N "checking for egrep... $ECHO_C" >&6; } -if test "${ac_cv_path_EGREP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 - then ac_cv_path_EGREP="$GREP -E" - else - # Extract the first word of "egrep" to use in msg output -if test -z "$EGREP"; then -set dummy egrep; ac_prog_name=$2 -if test "${ac_cv_path_EGREP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_path_EGREP_found=false -# Loop through the user's path and test for each of PROGNAME-LIST -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_prog in egrep; do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue - # Check for GNU ac_path_EGREP and select it if it is found. - # Check for GNU $ac_path_EGREP -case `"$ac_path_EGREP" --version 2>&1` in -*GNU*) - ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; -*) - ac_count=0 - echo $ECHO_N "0123456789$ECHO_C" >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - echo 'EGREP' >> "conftest.nl" - "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - ac_count=`expr $ac_count + 1` - if test $ac_count -gt ${ac_path_EGREP_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_EGREP="$ac_path_EGREP" - ac_path_EGREP_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break - done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; -esac - - - $ac_path_EGREP_found && break 3 - done -done - -done -IFS=$as_save_IFS - - -fi - -EGREP="$ac_cv_path_EGREP" -if test -z "$EGREP"; then - { { echo "$as_me:$LINENO: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&5 -echo "$as_me: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&2;} - { (exit 1); exit 1; }; } -fi - -else - ac_cv_path_EGREP=$EGREP -fi - - - fi -fi -{ echo "$as_me:$LINENO: result: $ac_cv_path_EGREP" >&5 -echo "${ECHO_T}$ac_cv_path_EGREP" >&6; } - EGREP="$ac_cv_path_EGREP" - - - -# Check whether --with-gnu-ld was given. -if test "${with_gnu_ld+set}" = set; then - withval=$with_gnu_ld; test "$withval" = no || with_gnu_ld=yes -else - with_gnu_ld=no -fi - -ac_prog=ld -if test "$GCC" = yes; then - # Check if gcc -print-prog-name=ld gives a path. - { echo "$as_me:$LINENO: checking for ld used by $CC" >&5 -echo $ECHO_N "checking for ld used by $CC... $ECHO_C" >&6; } - case $host in - *-*-mingw*) - # gcc leaves a trailing carriage return which upsets mingw - ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;; - *) - ac_prog=`($CC -print-prog-name=ld) 2>&5` ;; - esac - case $ac_prog in - # Accept absolute paths. - [\\/]* | ?:[\\/]*) - re_direlt='/[^/][^/]*/\.\./' - # Canonicalize the pathname of ld - ac_prog=`echo $ac_prog| $SED 's%\\\\%/%g'` - while echo $ac_prog | grep "$re_direlt" > /dev/null 2>&1; do - ac_prog=`echo $ac_prog| $SED "s%$re_direlt%/%"` - done - test -z "$LD" && LD="$ac_prog" - ;; - "") - # If it fails, then pretend we aren't using GCC. - ac_prog=ld - ;; - *) - # If it is relative, then search for the first ld in PATH. - with_gnu_ld=unknown - ;; - esac -elif test "$with_gnu_ld" = yes; then - { echo "$as_me:$LINENO: checking for GNU ld" >&5 -echo $ECHO_N "checking for GNU ld... $ECHO_C" >&6; } -else - { echo "$as_me:$LINENO: checking for non-GNU ld" >&5 -echo $ECHO_N "checking for non-GNU ld... $ECHO_C" >&6; } -fi -if test "${lt_cv_path_LD+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -z "$LD"; then - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - for ac_dir in $PATH; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then - lt_cv_path_LD="$ac_dir/$ac_prog" - # Check to see if the program is GNU ld. I'd rather use --version, - # but apparently some variants of GNU ld only accept -v. - # Break only if it was the GNU/non-GNU ld that we prefer. - case `"$lt_cv_path_LD" -v 2>&1 &5 -echo "${ECHO_T}$LD" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi -test -z "$LD" && { { echo "$as_me:$LINENO: error: no acceptable ld found in \$PATH" >&5 -echo "$as_me: error: no acceptable ld found in \$PATH" >&2;} - { (exit 1); exit 1; }; } -{ echo "$as_me:$LINENO: checking if the linker ($LD) is GNU ld" >&5 -echo $ECHO_N "checking if the linker ($LD) is GNU ld... $ECHO_C" >&6; } -if test "${lt_cv_prog_gnu_ld+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - # I'd rather use --version here, but apparently some GNU lds only accept -v. -case `$LD -v 2>&1 &5 -echo "${ECHO_T}$lt_cv_prog_gnu_ld" >&6; } -with_gnu_ld=$lt_cv_prog_gnu_ld - - -{ echo "$as_me:$LINENO: checking for $LD option to reload object files" >&5 -echo $ECHO_N "checking for $LD option to reload object files... $ECHO_C" >&6; } -if test "${lt_cv_ld_reload_flag+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_cv_ld_reload_flag='-r' -fi -{ echo "$as_me:$LINENO: result: $lt_cv_ld_reload_flag" >&5 -echo "${ECHO_T}$lt_cv_ld_reload_flag" >&6; } -reload_flag=$lt_cv_ld_reload_flag -case $reload_flag in -"" | " "*) ;; -*) reload_flag=" $reload_flag" ;; -esac -reload_cmds='$LD$reload_flag -o $output$reload_objs' -case $host_os in - darwin*) - if test "$GCC" = yes; then - reload_cmds='$LTCC $LTCFLAGS -nostdlib ${wl}-r -o $output$reload_objs' - else - reload_cmds='$LD$reload_flag -o $output$reload_objs' - fi - ;; -esac - -{ echo "$as_me:$LINENO: checking for BSD-compatible nm" >&5 -echo $ECHO_N "checking for BSD-compatible nm... $ECHO_C" >&6; } -if test "${lt_cv_path_NM+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$NM"; then - # Let the user override the test. - lt_cv_path_NM="$NM" -else - lt_nm_to_check="${ac_tool_prefix}nm" - if test -n "$ac_tool_prefix" && test "$build" = "$host"; then - lt_nm_to_check="$lt_nm_to_check nm" - fi - for lt_tmp_nm in $lt_nm_to_check; do - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - tmp_nm="$ac_dir/$lt_tmp_nm" - if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext" ; then - # Check to see if the nm accepts a BSD-compat flag. - # Adding the `sed 1q' prevents false positives on HP-UX, which says: - # nm: unknown option "B" ignored - # Tru64's nm complains that /dev/null is an invalid object file - case `"$tmp_nm" -B /dev/null 2>&1 | sed '1q'` in - */dev/null* | *'Invalid file or object type'*) - lt_cv_path_NM="$tmp_nm -B" - break - ;; - *) - case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in - */dev/null*) - lt_cv_path_NM="$tmp_nm -p" - break - ;; - *) - lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but - continue # so that we can try to find one that supports BSD flags - ;; - esac - ;; - esac - fi - done - IFS="$lt_save_ifs" - done - test -z "$lt_cv_path_NM" && lt_cv_path_NM=nm -fi -fi -{ echo "$as_me:$LINENO: result: $lt_cv_path_NM" >&5 -echo "${ECHO_T}$lt_cv_path_NM" >&6; } -NM="$lt_cv_path_NM" - -{ echo "$as_me:$LINENO: checking whether ln -s works" >&5 -echo $ECHO_N "checking whether ln -s works... $ECHO_C" >&6; } -LN_S=$as_ln_s -if test "$LN_S" = "ln -s"; then - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } -else - { echo "$as_me:$LINENO: result: no, using $LN_S" >&5 -echo "${ECHO_T}no, using $LN_S" >&6; } -fi - -{ echo "$as_me:$LINENO: checking how to recognise dependent libraries" >&5 -echo $ECHO_N "checking how to recognise dependent libraries... $ECHO_C" >&6; } -if test "${lt_cv_deplibs_check_method+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_cv_file_magic_cmd='$MAGIC_CMD' -lt_cv_file_magic_test_file= -lt_cv_deplibs_check_method='unknown' -# Need to set the preceding variable on all platforms that support -# interlibrary dependencies. -# 'none' -- dependencies not supported. -# `unknown' -- same as none, but documents that we really don't know. -# 'pass_all' -- all dependencies passed with no checks. -# 'test_compile' -- check by making test program. -# 'file_magic [[regex]]' -- check by looking for files in library path -# which responds to the $file_magic_cmd with a given extended regex. -# If you have `file' or equivalent on your system and you're not sure -# whether `pass_all' will *always* work, you probably want this one. - -case $host_os in -aix4* | aix5*) - lt_cv_deplibs_check_method=pass_all - ;; - -beos*) - lt_cv_deplibs_check_method=pass_all - ;; - -bsdi[45]*) - lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib)' - lt_cv_file_magic_cmd='/usr/bin/file -L' - lt_cv_file_magic_test_file=/shlib/libc.so - ;; - -cygwin*) - # func_win32_libid is a shell function defined in ltmain.sh - lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL' - lt_cv_file_magic_cmd='func_win32_libid' - ;; - -mingw* | pw32*) - # Base MSYS/MinGW do not provide the 'file' command needed by - # func_win32_libid shell function, so use a weaker test based on 'objdump'. - lt_cv_deplibs_check_method='file_magic file format pei*-i386(.*architecture: i386)?' - lt_cv_file_magic_cmd='$OBJDUMP -f' - ;; - -darwin* | rhapsody*) - lt_cv_deplibs_check_method=pass_all - ;; - -freebsd* | kfreebsd*-gnu | dragonfly*) - if echo __ELF__ | $CC -E - | grep __ELF__ > /dev/null; then - case $host_cpu in - i*86 ) - # Not sure whether the presence of OpenBSD here was a mistake. - # Let's accept both of them until this is cleared up. - lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[3-9]86 (compact )?demand paged shared library' - lt_cv_file_magic_cmd=/usr/bin/file - lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*` - ;; - esac - else - lt_cv_deplibs_check_method=pass_all - fi - ;; - -gnu*) - lt_cv_deplibs_check_method=pass_all - ;; - -hpux10.20* | hpux11*) - lt_cv_file_magic_cmd=/usr/bin/file - case $host_cpu in - ia64*) - lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - IA64' - lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so - ;; - hppa*64*) - lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - PA-RISC [0-9].[0-9]' - lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl - ;; - *) - lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|PA-RISC[0-9].[0-9]) shared library' - lt_cv_file_magic_test_file=/usr/lib/libc.sl - ;; - esac - ;; - -interix3*) - # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here - lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|\.a)$' - ;; - -irix5* | irix6* | nonstopux*) - case $LD in - *-32|*"-32 ") libmagic=32-bit;; - *-n32|*"-n32 ") libmagic=N32;; - *-64|*"-64 ") libmagic=64-bit;; - *) libmagic=never-match;; - esac - lt_cv_deplibs_check_method=pass_all - ;; - -# This must be Linux ELF. -linux*) - lt_cv_deplibs_check_method=pass_all - ;; - -netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ > /dev/null; then - lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$' - else - lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|_pic\.a)$' - fi - ;; - -newos6*) - lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (executable|dynamic lib)' - lt_cv_file_magic_cmd=/usr/bin/file - lt_cv_file_magic_test_file=/usr/lib/libnls.so - ;; - -nto-qnx*) - lt_cv_deplibs_check_method=unknown - ;; - -openbsd*) - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|\.so|_pic\.a)$' - else - lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$' - fi - ;; - -osf3* | osf4* | osf5*) - lt_cv_deplibs_check_method=pass_all - ;; - -solaris*) - lt_cv_deplibs_check_method=pass_all - ;; - -sysv4 | sysv4.3*) - case $host_vendor in - motorola) - lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib) M[0-9][0-9]* Version [0-9]' - lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*` - ;; - ncr) - lt_cv_deplibs_check_method=pass_all - ;; - sequent) - lt_cv_file_magic_cmd='/bin/file' - lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [LM]SB (shared object|dynamic lib )' - ;; - sni) - lt_cv_file_magic_cmd='/bin/file' - lt_cv_deplibs_check_method="file_magic ELF [0-9][0-9]*-bit [LM]SB dynamic lib" - lt_cv_file_magic_test_file=/lib/libc.so - ;; - siemens) - lt_cv_deplibs_check_method=pass_all - ;; - pc) - lt_cv_deplibs_check_method=pass_all - ;; - esac - ;; - -sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) - lt_cv_deplibs_check_method=pass_all - ;; -esac - -fi -{ echo "$as_me:$LINENO: result: $lt_cv_deplibs_check_method" >&5 -echo "${ECHO_T}$lt_cv_deplibs_check_method" >&6; } -file_magic_cmd=$lt_cv_file_magic_cmd -deplibs_check_method=$lt_cv_deplibs_check_method -test -z "$deplibs_check_method" && deplibs_check_method=unknown - - -# If no C compiler was specified, use CC. -LTCC=${LTCC-"$CC"} - -# If no C compiler flags were specified, use CFLAGS. -LTCFLAGS=${LTCFLAGS-"$CFLAGS"} - -# Allow CC to be a program name with arguments. -compiler=$CC - -# Check whether --enable-libtool-lock was given. -if test "${enable_libtool_lock+set}" = set; then - enableval=$enable_libtool_lock; -fi - -test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes - -# Some flags need to be propagated to the compiler or linker for good -# libtool support. -case $host in -ia64-*-hpux*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - case `/usr/bin/file conftest.$ac_objext` in - *ELF-32*) - HPUX_IA64_MODE="32" - ;; - *ELF-64*) - HPUX_IA64_MODE="64" - ;; - esac - fi - rm -rf conftest* - ;; -*-*-irix6*) - # Find out which ABI we are using. - echo '#line 5679 "configure"' > conftest.$ac_ext - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - if test "$lt_cv_prog_gnu_ld" = yes; then - case `/usr/bin/file conftest.$ac_objext` in - *32-bit*) - LD="${LD-ld} -melf32bsmip" - ;; - *N32*) - LD="${LD-ld} -melf32bmipn32" - ;; - *64-bit*) - LD="${LD-ld} -melf64bmip" - ;; - esac - else - case `/usr/bin/file conftest.$ac_objext` in - *32-bit*) - LD="${LD-ld} -32" - ;; - *N32*) - LD="${LD-ld} -n32" - ;; - *64-bit*) - LD="${LD-ld} -64" - ;; - esac - fi - fi - rm -rf conftest* - ;; - -x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*|s390*-*linux*|sparc*-*linux*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - case `/usr/bin/file conftest.o` in - *32-bit*) - case $host in - x86_64-*linux*) - LD="${LD-ld} -m elf_i386" - ;; - ppc64-*linux*|powerpc64-*linux*) - LD="${LD-ld} -m elf32ppclinux" - ;; - s390x-*linux*) - LD="${LD-ld} -m elf_s390" - ;; - sparc64-*linux*) - LD="${LD-ld} -m elf32_sparc" - ;; - esac - ;; - *64-bit*) - case $host in - x86_64-*linux*) - LD="${LD-ld} -m elf_x86_64" - ;; - ppc*-*linux*|powerpc*-*linux*) - LD="${LD-ld} -m elf64ppc" - ;; - s390*-*linux*) - LD="${LD-ld} -m elf64_s390" - ;; - sparc*-*linux*) - LD="${LD-ld} -m elf64_sparc" - ;; - esac - ;; - esac - fi - rm -rf conftest* - ;; - -*-*-sco3.2v5*) - # On SCO OpenServer 5, we need -belf to get full-featured binaries. - SAVE_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -belf" - { echo "$as_me:$LINENO: checking whether the C compiler needs -belf" >&5 -echo $ECHO_N "checking whether the C compiler needs -belf... $ECHO_C" >&6; } -if test "${lt_cv_cc_needs_belf+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - lt_cv_cc_needs_belf=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - lt_cv_cc_needs_belf=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -fi -{ echo "$as_me:$LINENO: result: $lt_cv_cc_needs_belf" >&5 -echo "${ECHO_T}$lt_cv_cc_needs_belf" >&6; } - if test x"$lt_cv_cc_needs_belf" != x"yes"; then - # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf - CFLAGS="$SAVE_CFLAGS" - fi - ;; -sparc*-*solaris*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - case `/usr/bin/file conftest.o` in - *64-bit*) - case $lt_cv_prog_gnu_ld in - yes*) LD="${LD-ld} -m elf64_sparc" ;; - *) LD="${LD-ld} -64" ;; - esac - ;; - esac - fi - rm -rf conftest* - ;; - - -esac - -need_locks="$enable_libtool_lock" - - - -{ echo "$as_me:$LINENO: checking for ANSI C header files" >&5 -echo $ECHO_N "checking for ANSI C header files... $ECHO_C" >&6; } -if test "${ac_cv_header_stdc+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -#include -#include - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_header_stdc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_header_stdc=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -if test $ac_cv_header_stdc = yes; then - # SunOS 4.x string.h does not declare mem*, contrary to ANSI. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "memchr" >/dev/null 2>&1; then - : -else - ac_cv_header_stdc=no -fi -rm -f conftest* - -fi - -if test $ac_cv_header_stdc = yes; then - # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "free" >/dev/null 2>&1; then - : -else - ac_cv_header_stdc=no -fi -rm -f conftest* - -fi - -if test $ac_cv_header_stdc = yes; then - # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. - if test "$cross_compiling" = yes; then - : -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -#if ((' ' & 0x0FF) == 0x020) -# define ISLOWER(c) ('a' <= (c) && (c) <= 'z') -# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) -#else -# define ISLOWER(c) \ - (('a' <= (c) && (c) <= 'i') \ - || ('j' <= (c) && (c) <= 'r') \ - || ('s' <= (c) && (c) <= 'z')) -# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) -#endif - -#define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) -int -main () -{ - int i; - for (i = 0; i < 256; i++) - if (XOR (islower (i), ISLOWER (i)) - || toupper (i) != TOUPPER (i)) - return 2; - return 0; -} -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - : -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_header_stdc=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi - - -fi -fi -{ echo "$as_me:$LINENO: result: $ac_cv_header_stdc" >&5 -echo "${ECHO_T}$ac_cv_header_stdc" >&6; } -if test $ac_cv_header_stdc = yes; then - -cat >>confdefs.h <<\_ACEOF -#define STDC_HEADERS 1 -_ACEOF - -fi - -# On IRIX 5.3, sys/types and inttypes.h are conflicting. - - - - - - - - - -for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ - inttypes.h stdint.h unistd.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - -for ac_header in dlfcn.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - -ac_ext=cpp -ac_cpp='$CXXCPP $CPPFLAGS' -ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_cxx_compiler_gnu -if test -z "$CXX"; then - if test -n "$CCC"; then - CXX=$CCC - else - if test -n "$ac_tool_prefix"; then - for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC - do - # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. -set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$CXX"; then - ac_cv_prog_CXX="$CXX" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_CXX="$ac_tool_prefix$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -CXX=$ac_cv_prog_CXX -if test -n "$CXX"; then - { echo "$as_me:$LINENO: result: $CXX" >&5 -echo "${ECHO_T}$CXX" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - test -n "$CXX" && break - done -fi -if test -z "$CXX"; then - ac_ct_CXX=$CXX - for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_CXX"; then - ac_cv_prog_ac_ct_CXX="$ac_ct_CXX" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_CXX="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -ac_ct_CXX=$ac_cv_prog_ac_ct_CXX -if test -n "$ac_ct_CXX"; then - { echo "$as_me:$LINENO: result: $ac_ct_CXX" >&5 -echo "${ECHO_T}$ac_ct_CXX" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - test -n "$ac_ct_CXX" && break -done - - if test "x$ac_ct_CXX" = x; then - CXX="g++" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - CXX=$ac_ct_CXX - fi -fi - - fi -fi -# Provide some information about the compiler. -echo "$as_me:$LINENO: checking for C++ compiler version" >&5 -ac_compiler=`set X $ac_compile; echo $2` -{ (ac_try="$ac_compiler --version >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler --version >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -v >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -v >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -V >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -V >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } - -{ echo "$as_me:$LINENO: checking whether we are using the GNU C++ compiler" >&5 -echo $ECHO_N "checking whether we are using the GNU C++ compiler... $ECHO_C" >&6; } -if test "${ac_cv_cxx_compiler_gnu+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -#ifndef __GNUC__ - choke me -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_compiler_gnu=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_compiler_gnu=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -ac_cv_cxx_compiler_gnu=$ac_compiler_gnu - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_cxx_compiler_gnu" >&5 -echo "${ECHO_T}$ac_cv_cxx_compiler_gnu" >&6; } -GXX=`test $ac_compiler_gnu = yes && echo yes` -ac_test_CXXFLAGS=${CXXFLAGS+set} -ac_save_CXXFLAGS=$CXXFLAGS -{ echo "$as_me:$LINENO: checking whether $CXX accepts -g" >&5 -echo $ECHO_N "checking whether $CXX accepts -g... $ECHO_C" >&6; } -if test "${ac_cv_prog_cxx_g+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_save_cxx_werror_flag=$ac_cxx_werror_flag - ac_cxx_werror_flag=yes - ac_cv_prog_cxx_g=no - CXXFLAGS="-g" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_cxx_g=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - CXXFLAGS="" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cxx_werror_flag=$ac_save_cxx_werror_flag - CXXFLAGS="-g" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_cxx_g=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ac_cxx_werror_flag=$ac_save_cxx_werror_flag -fi -{ echo "$as_me:$LINENO: result: $ac_cv_prog_cxx_g" >&5 -echo "${ECHO_T}$ac_cv_prog_cxx_g" >&6; } -if test "$ac_test_CXXFLAGS" = set; then - CXXFLAGS=$ac_save_CXXFLAGS -elif test $ac_cv_prog_cxx_g = yes; then - if test "$GXX" = yes; then - CXXFLAGS="-g -O2" - else - CXXFLAGS="-g" - fi -else - if test "$GXX" = yes; then - CXXFLAGS="-O2" - else - CXXFLAGS= - fi -fi -ac_ext=cpp -ac_cpp='$CXXCPP $CPPFLAGS' -ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_cxx_compiler_gnu - - - -if test -n "$CXX" && ( test "X$CXX" != "Xno" && - ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) || - (test "X$CXX" != "Xg++"))) ; then - ac_ext=cpp -ac_cpp='$CXXCPP $CPPFLAGS' -ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_cxx_compiler_gnu -{ echo "$as_me:$LINENO: checking how to run the C++ preprocessor" >&5 -echo $ECHO_N "checking how to run the C++ preprocessor... $ECHO_C" >&6; } -if test -z "$CXXCPP"; then - if test "${ac_cv_prog_CXXCPP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - # Double quotes because CXXCPP needs to be expanded - for CXXCPP in "$CXX -E" "/lib/cpp" - do - ac_preproc_ok=false -for ac_cxx_preproc_warn_flag in '' yes -do - # Use a header file that comes with gcc, so configuring glibc - # with a fresh cross-compiler works. - # Prefer to if __STDC__ is defined, since - # exists even on freestanding compilers. - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. "Syntax error" is here to catch this case. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef __STDC__ -# include -#else -# include -#endif - Syntax error -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_cxx_preproc_warn_flag$ac_cxx_werror_flag" || - test ! -s conftest.err - }; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - # Broken: fails on valid input. -continue -fi - -rm -f conftest.err conftest.$ac_ext - - # OK, works on sane cases. Now check whether nonexistent headers - # can be detected and how. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_cxx_preproc_warn_flag$ac_cxx_werror_flag" || - test ! -s conftest.err - }; then - # Broken: success on invalid input. -continue -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - # Passes both tests. -ac_preproc_ok=: -break -fi - -rm -f conftest.err conftest.$ac_ext - -done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.err conftest.$ac_ext -if $ac_preproc_ok; then - break -fi - - done - ac_cv_prog_CXXCPP=$CXXCPP - -fi - CXXCPP=$ac_cv_prog_CXXCPP -else - ac_cv_prog_CXXCPP=$CXXCPP -fi -{ echo "$as_me:$LINENO: result: $CXXCPP" >&5 -echo "${ECHO_T}$CXXCPP" >&6; } -ac_preproc_ok=false -for ac_cxx_preproc_warn_flag in '' yes -do - # Use a header file that comes with gcc, so configuring glibc - # with a fresh cross-compiler works. - # Prefer to if __STDC__ is defined, since - # exists even on freestanding compilers. - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. "Syntax error" is here to catch this case. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef __STDC__ -# include -#else -# include -#endif - Syntax error -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_cxx_preproc_warn_flag$ac_cxx_werror_flag" || - test ! -s conftest.err - }; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - # Broken: fails on valid input. -continue -fi - -rm -f conftest.err conftest.$ac_ext - - # OK, works on sane cases. Now check whether nonexistent headers - # can be detected and how. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_cxx_preproc_warn_flag$ac_cxx_werror_flag" || - test ! -s conftest.err - }; then - # Broken: success on invalid input. -continue -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - # Passes both tests. -ac_preproc_ok=: -break -fi - -rm -f conftest.err conftest.$ac_ext - -done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.err conftest.$ac_ext -if $ac_preproc_ok; then - : -else - { { echo "$as_me:$LINENO: error: C++ preprocessor \"$CXXCPP\" fails sanity check -See \`config.log' for more details." >&5 -echo "$as_me: error: C++ preprocessor \"$CXXCPP\" fails sanity check -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } -fi - -ac_ext=cpp -ac_cpp='$CXXCPP $CPPFLAGS' -ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_cxx_compiler_gnu - -fi - - -ac_ext=f -ac_compile='$F77 -c $FFLAGS conftest.$ac_ext >&5' -ac_link='$F77 -o conftest$ac_exeext $FFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_f77_compiler_gnu -if test -n "$ac_tool_prefix"; then - for ac_prog in g77 xlf f77 frt pgf77 cf77 fort77 fl32 af77 xlf90 f90 pgf90 pghpf epcf90 gfortran g95 xlf95 f95 fort ifort ifc efc pgf95 lf95 ftn - do - # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. -set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_F77+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$F77"; then - ac_cv_prog_F77="$F77" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_F77="$ac_tool_prefix$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -F77=$ac_cv_prog_F77 -if test -n "$F77"; then - { echo "$as_me:$LINENO: result: $F77" >&5 -echo "${ECHO_T}$F77" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - test -n "$F77" && break - done -fi -if test -z "$F77"; then - ac_ct_F77=$F77 - for ac_prog in g77 xlf f77 frt pgf77 cf77 fort77 fl32 af77 xlf90 f90 pgf90 pghpf epcf90 gfortran g95 xlf95 f95 fort ifort ifc efc pgf95 lf95 ftn -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_F77+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_F77"; then - ac_cv_prog_ac_ct_F77="$ac_ct_F77" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_F77="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -ac_ct_F77=$ac_cv_prog_ac_ct_F77 -if test -n "$ac_ct_F77"; then - { echo "$as_me:$LINENO: result: $ac_ct_F77" >&5 -echo "${ECHO_T}$ac_ct_F77" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - test -n "$ac_ct_F77" && break -done - - if test "x$ac_ct_F77" = x; then - F77="" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - F77=$ac_ct_F77 - fi -fi - - -# Provide some information about the compiler. -echo "$as_me:$LINENO: checking for Fortran 77 compiler version" >&5 -ac_compiler=`set X $ac_compile; echo $2` -{ (ac_try="$ac_compiler --version >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler --version >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -v >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -v >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -V >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -V >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -rm -f a.out - -# If we don't use `.F' as extension, the preprocessor is not run on the -# input file. (Note that this only needs to work for GNU compilers.) -ac_save_ext=$ac_ext -ac_ext=F -{ echo "$as_me:$LINENO: checking whether we are using the GNU Fortran 77 compiler" >&5 -echo $ECHO_N "checking whether we are using the GNU Fortran 77 compiler... $ECHO_C" >&6; } -if test "${ac_cv_f77_compiler_gnu+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF - program main -#ifndef __GNUC__ - choke me -#endif - - end -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_f77_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_compiler_gnu=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_compiler_gnu=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -ac_cv_f77_compiler_gnu=$ac_compiler_gnu - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_f77_compiler_gnu" >&5 -echo "${ECHO_T}$ac_cv_f77_compiler_gnu" >&6; } -ac_ext=$ac_save_ext -ac_test_FFLAGS=${FFLAGS+set} -ac_save_FFLAGS=$FFLAGS -FFLAGS= -{ echo "$as_me:$LINENO: checking whether $F77 accepts -g" >&5 -echo $ECHO_N "checking whether $F77 accepts -g... $ECHO_C" >&6; } -if test "${ac_cv_prog_f77_g+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - FFLAGS=-g -cat >conftest.$ac_ext <<_ACEOF - program main - - end -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_f77_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_f77_g=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_prog_f77_g=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_prog_f77_g" >&5 -echo "${ECHO_T}$ac_cv_prog_f77_g" >&6; } -if test "$ac_test_FFLAGS" = set; then - FFLAGS=$ac_save_FFLAGS -elif test $ac_cv_prog_f77_g = yes; then - if test "x$ac_cv_f77_compiler_gnu" = xyes; then - FFLAGS="-g -O2" - else - FFLAGS="-g" - fi -else - if test "x$ac_cv_f77_compiler_gnu" = xyes; then - FFLAGS="-O2" - else - FFLAGS= - fi -fi - -G77=`test $ac_compiler_gnu = yes && echo yes` -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - - -# Autoconf 2.13's AC_OBJEXT and AC_EXEEXT macros only works for C compilers! - -# find the maximum length of command line arguments -{ echo "$as_me:$LINENO: checking the maximum length of command line arguments" >&5 -echo $ECHO_N "checking the maximum length of command line arguments... $ECHO_C" >&6; } -if test "${lt_cv_sys_max_cmd_len+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - i=0 - teststring="ABCD" - - case $build_os in - msdosdjgpp*) - # On DJGPP, this test can blow up pretty badly due to problems in libc - # (any single argument exceeding 2000 bytes causes a buffer overrun - # during glob expansion). Even if it were fixed, the result of this - # check would be larger than it should be. - lt_cv_sys_max_cmd_len=12288; # 12K is about right - ;; - - gnu*) - # Under GNU Hurd, this test is not required because there is - # no limit to the length of command line arguments. - # Libtool will interpret -1 as no limit whatsoever - lt_cv_sys_max_cmd_len=-1; - ;; - - cygwin* | mingw*) - # On Win9x/ME, this test blows up -- it succeeds, but takes - # about 5 minutes as the teststring grows exponentially. - # Worse, since 9x/ME are not pre-emptively multitasking, - # you end up with a "frozen" computer, even though with patience - # the test eventually succeeds (with a max line length of 256k). - # Instead, let's just punt: use the minimum linelength reported by - # all of the supported platforms: 8192 (on NT/2K/XP). - lt_cv_sys_max_cmd_len=8192; - ;; - - amigaos*) - # On AmigaOS with pdksh, this test takes hours, literally. - # So we just punt and use a minimum line length of 8192. - lt_cv_sys_max_cmd_len=8192; - ;; - - netbsd* | freebsd* | openbsd* | darwin* | dragonfly*) - # This has been around since 386BSD, at least. Likely further. - if test -x /sbin/sysctl; then - lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax` - elif test -x /usr/sbin/sysctl; then - lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax` - else - lt_cv_sys_max_cmd_len=65536 # usable default for all BSDs - fi - # And add a safety zone - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` - ;; - - interix*) - # We know the value 262144 and hardcode it with a safety zone (like BSD) - lt_cv_sys_max_cmd_len=196608 - ;; - - osf*) - # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure - # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not - # nice to cause kernel panics so lets avoid the loop below. - # First set a reasonable default. - lt_cv_sys_max_cmd_len=16384 - # - if test -x /sbin/sysconfig; then - case `/sbin/sysconfig -q proc exec_disable_arg_limit` in - *1*) lt_cv_sys_max_cmd_len=-1 ;; - esac - fi - ;; - sco3.2v5*) - lt_cv_sys_max_cmd_len=102400 - ;; - sysv5* | sco5v6* | sysv4.2uw2*) - kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null` - if test -n "$kargmax"; then - lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[ ]//'` - else - lt_cv_sys_max_cmd_len=32768 - fi - ;; - *) - # If test is not a shell built-in, we'll probably end up computing a - # maximum length that is only half of the actual maximum length, but - # we can't tell. - SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}} - while (test "X"`$SHELL $0 --fallback-echo "X$teststring" 2>/dev/null` \ - = "XX$teststring") >/dev/null 2>&1 && - new_result=`expr "X$teststring" : ".*" 2>&1` && - lt_cv_sys_max_cmd_len=$new_result && - test $i != 17 # 1/2 MB should be enough - do - i=`expr $i + 1` - teststring=$teststring$teststring - done - teststring= - # Add a significant safety factor because C++ compilers can tack on massive - # amounts of additional arguments before passing them to the linker. - # It appears as though 1/2 is a usable value. - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2` - ;; - esac - -fi - -if test -n $lt_cv_sys_max_cmd_len ; then - { echo "$as_me:$LINENO: result: $lt_cv_sys_max_cmd_len" >&5 -echo "${ECHO_T}$lt_cv_sys_max_cmd_len" >&6; } -else - { echo "$as_me:$LINENO: result: none" >&5 -echo "${ECHO_T}none" >&6; } -fi - - - - -# Check for command to grab the raw symbol name followed by C symbol from nm. -{ echo "$as_me:$LINENO: checking command to parse $NM output from $compiler object" >&5 -echo $ECHO_N "checking command to parse $NM output from $compiler object... $ECHO_C" >&6; } -if test "${lt_cv_sys_global_symbol_pipe+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -# These are sane defaults that work on at least a few old systems. -# [They come from Ultrix. What could be older than Ultrix?!! ;)] - -# Character class describing NM global symbol codes. -symcode='[BCDEGRST]' - -# Regexp to match symbols that can be accessed directly from C. -sympat='\([_A-Za-z][_A-Za-z0-9]*\)' - -# Transform an extracted symbol line into a proper C declaration -lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^. .* \(.*\)$/extern int \1;/p'" - -# Transform an extracted symbol line into symbol name and symbol address -lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([^ ]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode \([^ ]*\) \([^ ]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'" - -# Define system-specific variables. -case $host_os in -aix*) - symcode='[BCDT]' - ;; -cygwin* | mingw* | pw32*) - symcode='[ABCDGISTW]' - ;; -hpux*) # Its linker distinguishes data from code symbols - if test "$host_cpu" = ia64; then - symcode='[ABCDEGRST]' - fi - lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" - lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([^ ]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'" - ;; -linux*) - if test "$host_cpu" = ia64; then - symcode='[ABCDGIRSTW]' - lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" - lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([^ ]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'" - fi - ;; -irix* | nonstopux*) - symcode='[BCDEGRST]' - ;; -osf*) - symcode='[BCDEGQRST]' - ;; -solaris*) - symcode='[BDRT]' - ;; -sco3.2v5*) - symcode='[DT]' - ;; -sysv4.2uw2*) - symcode='[DT]' - ;; -sysv5* | sco5v6* | unixware* | OpenUNIX*) - symcode='[ABDT]' - ;; -sysv4) - symcode='[DFNSTU]' - ;; -esac - -# Handle CRLF in mingw tool chain -opt_cr= -case $build_os in -mingw*) - opt_cr=`echo 'x\{0,1\}' | tr x '\015'` # option cr in regexp - ;; -esac - -# If we're using GNU nm, then use its standard symbol codes. -case `$NM -V 2>&1` in -*GNU* | *'with BFD'*) - symcode='[ABCDGIRSTW]' ;; -esac - -# Try without a prefix undercore, then with it. -for ac_symprfx in "" "_"; do - - # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol. - symxfrm="\\1 $ac_symprfx\\2 \\2" - - # Write the raw and C identifiers. - lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[ ]\($symcode$symcode*\)[ ][ ]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'" - - # Check to see that the pipe works correctly. - pipe_works=no - - rm -f conftest* - cat > conftest.$ac_ext <&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - # Now try to grab the symbols. - nlist=conftest.nm - if { (eval echo "$as_me:$LINENO: \"$NM conftest.$ac_objext \| $lt_cv_sys_global_symbol_pipe \> $nlist\"") >&5 - (eval $NM conftest.$ac_objext \| $lt_cv_sys_global_symbol_pipe \> $nlist) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && test -s "$nlist"; then - # Try sorting and uniquifying the output. - if sort "$nlist" | uniq > "$nlist"T; then - mv -f "$nlist"T "$nlist" - else - rm -f "$nlist"T - fi - - # Make sure that we snagged all the symbols we need. - if grep ' nm_test_var$' "$nlist" >/dev/null; then - if grep ' nm_test_func$' "$nlist" >/dev/null; then - cat < conftest.$ac_ext -#ifdef __cplusplus -extern "C" { -#endif - -EOF - # Now generate the symbol file. - eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | grep -v main >> conftest.$ac_ext' - - cat <> conftest.$ac_ext -#if defined (__STDC__) && __STDC__ -# define lt_ptr_t void * -#else -# define lt_ptr_t char * -# define const -#endif - -/* The mapping between symbol names and symbols. */ -const struct { - const char *name; - lt_ptr_t address; -} -lt_preloaded_symbols[] = -{ -EOF - $SED "s/^$symcode$symcode* \(.*\) \(.*\)$/ {\"\2\", (lt_ptr_t) \&\2},/" < "$nlist" | grep -v main >> conftest.$ac_ext - cat <<\EOF >> conftest.$ac_ext - {0, (lt_ptr_t) 0} -}; - -#ifdef __cplusplus -} -#endif -EOF - # Now try linking the two files. - mv conftest.$ac_objext conftstm.$ac_objext - lt_save_LIBS="$LIBS" - lt_save_CFLAGS="$CFLAGS" - LIBS="conftstm.$ac_objext" - CFLAGS="$CFLAGS$lt_prog_compiler_no_builtin_flag" - if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && test -s conftest${ac_exeext}; then - pipe_works=yes - fi - LIBS="$lt_save_LIBS" - CFLAGS="$lt_save_CFLAGS" - else - echo "cannot find nm_test_func in $nlist" >&5 - fi - else - echo "cannot find nm_test_var in $nlist" >&5 - fi - else - echo "cannot run $lt_cv_sys_global_symbol_pipe" >&5 - fi - else - echo "$progname: failed program was:" >&5 - cat conftest.$ac_ext >&5 - fi - rm -f conftest* conftst* - - # Do not use the global_symbol_pipe unless it works. - if test "$pipe_works" = yes; then - break - else - lt_cv_sys_global_symbol_pipe= - fi -done - -fi - -if test -z "$lt_cv_sys_global_symbol_pipe"; then - lt_cv_sys_global_symbol_to_cdecl= -fi -if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then - { echo "$as_me:$LINENO: result: failed" >&5 -echo "${ECHO_T}failed" >&6; } -else - { echo "$as_me:$LINENO: result: ok" >&5 -echo "${ECHO_T}ok" >&6; } -fi - -{ echo "$as_me:$LINENO: checking for objdir" >&5 -echo $ECHO_N "checking for objdir... $ECHO_C" >&6; } -if test "${lt_cv_objdir+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - rm -f .libs 2>/dev/null -mkdir .libs 2>/dev/null -if test -d .libs; then - lt_cv_objdir=.libs -else - # MS-DOS does not allow filenames that begin with a dot. - lt_cv_objdir=_libs -fi -rmdir .libs 2>/dev/null -fi -{ echo "$as_me:$LINENO: result: $lt_cv_objdir" >&5 -echo "${ECHO_T}$lt_cv_objdir" >&6; } -objdir=$lt_cv_objdir - - - - - -case $host_os in -aix3*) - # AIX sometimes has problems with the GCC collect2 program. For some - # reason, if we set the COLLECT_NAMES environment variable, the problems - # vanish in a puff of smoke. - if test "X${COLLECT_NAMES+set}" != Xset; then - COLLECT_NAMES= - export COLLECT_NAMES - fi - ;; -esac - -# Sed substitution that helps us do robust quoting. It backslashifies -# metacharacters that are still active within double-quoted strings. -Xsed='sed -e 1s/^X//' -sed_quote_subst='s/\([\\"\\`$\\\\]\)/\\\1/g' - -# Same as above, but do not quote variable references. -double_quote_subst='s/\([\\"\\`\\\\]\)/\\\1/g' - -# Sed substitution to delay expansion of an escaped shell variable in a -# double_quote_subst'ed string. -delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g' - -# Sed substitution to avoid accidental globbing in evaled expressions -no_glob_subst='s/\*/\\\*/g' - -# Constants: -rm="rm -f" - -# Global variables: -default_ofile=libtool -can_build_shared=yes - -# All known linkers require a `.a' archive for static linking (except MSVC, -# which needs '.lib'). -libext=a -ltmain="$ac_aux_dir/ltmain.sh" -ofile="$default_ofile" -with_gnu_ld="$lt_cv_prog_gnu_ld" - -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}ar", so it can be a program name with args. -set dummy ${ac_tool_prefix}ar; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_AR+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$AR"; then - ac_cv_prog_AR="$AR" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_AR="${ac_tool_prefix}ar" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -AR=$ac_cv_prog_AR -if test -n "$AR"; then - { echo "$as_me:$LINENO: result: $AR" >&5 -echo "${ECHO_T}$AR" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_AR"; then - ac_ct_AR=$AR - # Extract the first word of "ar", so it can be a program name with args. -set dummy ar; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_AR+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_AR"; then - ac_cv_prog_ac_ct_AR="$ac_ct_AR" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_AR="ar" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -ac_ct_AR=$ac_cv_prog_ac_ct_AR -if test -n "$ac_ct_AR"; then - { echo "$as_me:$LINENO: result: $ac_ct_AR" >&5 -echo "${ECHO_T}$ac_ct_AR" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - if test "x$ac_ct_AR" = x; then - AR="false" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - AR=$ac_ct_AR - fi -else - AR="$ac_cv_prog_AR" -fi - -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. -set dummy ${ac_tool_prefix}ranlib; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_RANLIB+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$RANLIB"; then - ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -RANLIB=$ac_cv_prog_RANLIB -if test -n "$RANLIB"; then - { echo "$as_me:$LINENO: result: $RANLIB" >&5 -echo "${ECHO_T}$RANLIB" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_RANLIB"; then - ac_ct_RANLIB=$RANLIB - # Extract the first word of "ranlib", so it can be a program name with args. -set dummy ranlib; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_RANLIB+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_RANLIB"; then - ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_RANLIB="ranlib" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB -if test -n "$ac_ct_RANLIB"; then - { echo "$as_me:$LINENO: result: $ac_ct_RANLIB" >&5 -echo "${ECHO_T}$ac_ct_RANLIB" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - if test "x$ac_ct_RANLIB" = x; then - RANLIB=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - RANLIB=$ac_ct_RANLIB - fi -else - RANLIB="$ac_cv_prog_RANLIB" -fi - -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. -set dummy ${ac_tool_prefix}strip; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_STRIP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$STRIP"; then - ac_cv_prog_STRIP="$STRIP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_STRIP="${ac_tool_prefix}strip" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -STRIP=$ac_cv_prog_STRIP -if test -n "$STRIP"; then - { echo "$as_me:$LINENO: result: $STRIP" >&5 -echo "${ECHO_T}$STRIP" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_STRIP"; then - ac_ct_STRIP=$STRIP - # Extract the first word of "strip", so it can be a program name with args. -set dummy strip; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_STRIP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_STRIP"; then - ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_STRIP="strip" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP -if test -n "$ac_ct_STRIP"; then - { echo "$as_me:$LINENO: result: $ac_ct_STRIP" >&5 -echo "${ECHO_T}$ac_ct_STRIP" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - if test "x$ac_ct_STRIP" = x; then - STRIP=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - STRIP=$ac_ct_STRIP - fi -else - STRIP="$ac_cv_prog_STRIP" -fi - - -old_CC="$CC" -old_CFLAGS="$CFLAGS" - -# Set sane defaults for various variables -test -z "$AR" && AR=ar -test -z "$AR_FLAGS" && AR_FLAGS=cru -test -z "$AS" && AS=as -test -z "$CC" && CC=cc -test -z "$LTCC" && LTCC=$CC -test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS -test -z "$DLLTOOL" && DLLTOOL=dlltool -test -z "$LD" && LD=ld -test -z "$LN_S" && LN_S="ln -s" -test -z "$MAGIC_CMD" && MAGIC_CMD=file -test -z "$NM" && NM=nm -test -z "$SED" && SED=sed -test -z "$OBJDUMP" && OBJDUMP=objdump -test -z "$RANLIB" && RANLIB=: -test -z "$STRIP" && STRIP=: -test -z "$ac_objext" && ac_objext=o - -# Determine commands to create old-style static archives. -old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs$old_deplibs' -old_postinstall_cmds='chmod 644 $oldlib' -old_postuninstall_cmds= - -if test -n "$RANLIB"; then - case $host_os in - openbsd*) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib" - ;; - *) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib" - ;; - esac - old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib" -fi - -for cc_temp in $compiler""; do - case $cc_temp in - compile | *[\\/]compile | ccache | *[\\/]ccache ) ;; - distcc | *[\\/]distcc | purify | *[\\/]purify ) ;; - \-*) ;; - *) break;; - esac -done -cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` - - -# Only perform the check for file, if the check method requires it -case $deplibs_check_method in -file_magic*) - if test "$file_magic_cmd" = '$MAGIC_CMD'; then - { echo "$as_me:$LINENO: checking for ${ac_tool_prefix}file" >&5 -echo $ECHO_N "checking for ${ac_tool_prefix}file... $ECHO_C" >&6; } -if test "${lt_cv_path_MAGIC_CMD+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - case $MAGIC_CMD in -[\\/*] | ?:[\\/]*) - lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path. - ;; -*) - lt_save_MAGIC_CMD="$MAGIC_CMD" - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - ac_dummy="/usr/bin$PATH_SEPARATOR$PATH" - for ac_dir in $ac_dummy; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/${ac_tool_prefix}file; then - lt_cv_path_MAGIC_CMD="$ac_dir/${ac_tool_prefix}file" - if test -n "$file_magic_test_file"; then - case $deplibs_check_method in - "file_magic "*) - file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"` - MAGIC_CMD="$lt_cv_path_MAGIC_CMD" - if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null | - $EGREP "$file_magic_regex" > /dev/null; then - : - else - cat <&2 - -*** Warning: the command libtool uses to detect shared libraries, -*** $file_magic_cmd, produces output that libtool cannot recognize. -*** The result is that libtool may fail to recognize shared libraries -*** as such. This will affect the creation of libtool libraries that -*** depend on shared libraries, but programs linked with such libtool -*** libraries will work regardless of this problem. Nevertheless, you -*** may want to report the problem to your system manager and/or to -*** bug-libtool@gnu.org - -EOF - fi ;; - esac - fi - break - fi - done - IFS="$lt_save_ifs" - MAGIC_CMD="$lt_save_MAGIC_CMD" - ;; -esac -fi - -MAGIC_CMD="$lt_cv_path_MAGIC_CMD" -if test -n "$MAGIC_CMD"; then - { echo "$as_me:$LINENO: result: $MAGIC_CMD" >&5 -echo "${ECHO_T}$MAGIC_CMD" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - -if test -z "$lt_cv_path_MAGIC_CMD"; then - if test -n "$ac_tool_prefix"; then - { echo "$as_me:$LINENO: checking for file" >&5 -echo $ECHO_N "checking for file... $ECHO_C" >&6; } -if test "${lt_cv_path_MAGIC_CMD+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - case $MAGIC_CMD in -[\\/*] | ?:[\\/]*) - lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path. - ;; -*) - lt_save_MAGIC_CMD="$MAGIC_CMD" - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - ac_dummy="/usr/bin$PATH_SEPARATOR$PATH" - for ac_dir in $ac_dummy; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/file; then - lt_cv_path_MAGIC_CMD="$ac_dir/file" - if test -n "$file_magic_test_file"; then - case $deplibs_check_method in - "file_magic "*) - file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"` - MAGIC_CMD="$lt_cv_path_MAGIC_CMD" - if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null | - $EGREP "$file_magic_regex" > /dev/null; then - : - else - cat <&2 - -*** Warning: the command libtool uses to detect shared libraries, -*** $file_magic_cmd, produces output that libtool cannot recognize. -*** The result is that libtool may fail to recognize shared libraries -*** as such. This will affect the creation of libtool libraries that -*** depend on shared libraries, but programs linked with such libtool -*** libraries will work regardless of this problem. Nevertheless, you -*** may want to report the problem to your system manager and/or to -*** bug-libtool@gnu.org - -EOF - fi ;; - esac - fi - break - fi - done - IFS="$lt_save_ifs" - MAGIC_CMD="$lt_save_MAGIC_CMD" - ;; -esac -fi - -MAGIC_CMD="$lt_cv_path_MAGIC_CMD" -if test -n "$MAGIC_CMD"; then - { echo "$as_me:$LINENO: result: $MAGIC_CMD" >&5 -echo "${ECHO_T}$MAGIC_CMD" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - else - MAGIC_CMD=: - fi -fi - - fi - ;; -esac - -enable_dlopen=no -enable_win32_dll=no - -# Check whether --enable-libtool-lock was given. -if test "${enable_libtool_lock+set}" = set; then - enableval=$enable_libtool_lock; -fi - -test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes - - -# Check whether --with-pic was given. -if test "${with_pic+set}" = set; then - withval=$with_pic; pic_mode="$withval" -else - pic_mode=default -fi - -test -z "$pic_mode" && pic_mode=default - -# Use C for the default configuration in the libtool script -tagname= -lt_save_CC="$CC" -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - -# Source file extension for C test sources. -ac_ext=c - -# Object file extension for compiled C test sources. -objext=o -objext=$objext - -# Code to be used in simple compile tests -lt_simple_compile_test_code="int some_variable = 0;\n" - -# Code to be used in simple link tests -lt_simple_link_test_code='int main(){return(0);}\n' - - -# If no C compiler was specified, use CC. -LTCC=${LTCC-"$CC"} - -# If no C compiler flags were specified, use CFLAGS. -LTCFLAGS=${LTCFLAGS-"$CFLAGS"} - -# Allow CC to be a program name with arguments. -compiler=$CC - - -# save warnings/boilerplate of simple test code -ac_outfile=conftest.$ac_objext -printf "$lt_simple_compile_test_code" >conftest.$ac_ext -eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_compiler_boilerplate=`cat conftest.err` -$rm conftest* - -ac_outfile=conftest.$ac_objext -printf "$lt_simple_link_test_code" >conftest.$ac_ext -eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_linker_boilerplate=`cat conftest.err` -$rm conftest* - - - -lt_prog_compiler_no_builtin_flag= - -if test "$GCC" = yes; then - lt_prog_compiler_no_builtin_flag=' -fno-builtin' - - -{ echo "$as_me:$LINENO: checking if $compiler supports -fno-rtti -fno-exceptions" >&5 -echo $ECHO_N "checking if $compiler supports -fno-rtti -fno-exceptions... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_rtti_exceptions+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_cv_prog_compiler_rtti_exceptions=no - ac_outfile=conftest.$ac_objext - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - lt_compiler_flag="-fno-rtti -fno-exceptions" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - # The option is referenced via a variable to avoid confusing sed. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:8072: $lt_compile\"" >&5) - (eval "$lt_compile" 2>conftest.err) - ac_status=$? - cat conftest.err >&5 - echo "$as_me:8076: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s "$ac_outfile"; then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings other than the usual output. - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then - lt_cv_prog_compiler_rtti_exceptions=yes - fi - fi - $rm conftest* - -fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_rtti_exceptions" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_rtti_exceptions" >&6; } - -if test x"$lt_cv_prog_compiler_rtti_exceptions" = xyes; then - lt_prog_compiler_no_builtin_flag="$lt_prog_compiler_no_builtin_flag -fno-rtti -fno-exceptions" -else - : -fi - -fi - -lt_prog_compiler_wl= -lt_prog_compiler_pic= -lt_prog_compiler_static= - -{ echo "$as_me:$LINENO: checking for $compiler option to produce PIC" >&5 -echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } - - if test "$GCC" = yes; then - lt_prog_compiler_wl='-Wl,' - lt_prog_compiler_static='-static' - - case $host_os in - aix*) - # All AIX code is PIC. - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - lt_prog_compiler_static='-Bstatic' - fi - ;; - - amigaos*) - # FIXME: we need at least 68020 code to build shared libraries, but - # adding the `-m68020' flag to GCC prevents building anything better, - # like `-m68040'. - lt_prog_compiler_pic='-m68020 -resident32 -malways-restore-a4' - ;; - - beos* | cygwin* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) - # PIC is the default for these OSes. - ;; - - mingw* | pw32* | os2*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - lt_prog_compiler_pic='-DDLL_EXPORT' - ;; - - darwin* | rhapsody*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - lt_prog_compiler_pic='-fno-common' - ;; - - interix3*) - # Interix 3.x gcc -fpic/-fPIC options generate broken code. - # Instead, we relocate shared libraries at runtime. - ;; - - msdosdjgpp*) - # Just because we use GCC doesn't mean we suddenly get shared libraries - # on systems that don't support them. - lt_prog_compiler_can_build_shared=no - enable_shared=no - ;; - - sysv4*MP*) - if test -d /usr/nec; then - lt_prog_compiler_pic=-Kconform_pic - fi - ;; - - hpux*) - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - lt_prog_compiler_pic='-fPIC' - ;; - esac - ;; - - *) - lt_prog_compiler_pic='-fPIC' - ;; - esac - else - # PORTME Check for flag to pass linker flags through the system compiler. - case $host_os in - aix*) - lt_prog_compiler_wl='-Wl,' - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - lt_prog_compiler_static='-Bstatic' - else - lt_prog_compiler_static='-bnso -bI:/lib/syscalls.exp' - fi - ;; - darwin*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - case $cc_basename in - xlc*) - lt_prog_compiler_pic='-qnocommon' - lt_prog_compiler_wl='-Wl,' - ;; - esac - ;; - - mingw* | pw32* | os2*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - lt_prog_compiler_pic='-DDLL_EXPORT' - ;; - - hpux9* | hpux10* | hpux11*) - lt_prog_compiler_wl='-Wl,' - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - lt_prog_compiler_pic='+Z' - ;; - esac - # Is there a better lt_prog_compiler_static that works with the bundled CC? - lt_prog_compiler_static='${wl}-a ${wl}archive' - ;; - - irix5* | irix6* | nonstopux*) - lt_prog_compiler_wl='-Wl,' - # PIC (with -KPIC) is the default. - lt_prog_compiler_static='-non_shared' - ;; - - newsos6) - lt_prog_compiler_pic='-KPIC' - lt_prog_compiler_static='-Bstatic' - ;; - - linux*) - case $cc_basename in - icc* | ecc*) - lt_prog_compiler_wl='-Wl,' - lt_prog_compiler_pic='-KPIC' - lt_prog_compiler_static='-static' - ;; - pgcc* | pgf77* | pgf90* | pgf95*) - # Portland Group compilers (*not* the Pentium gcc compiler, - # which looks to be a dead project) - lt_prog_compiler_wl='-Wl,' - lt_prog_compiler_pic='-fpic' - lt_prog_compiler_static='-Bstatic' - ;; - ccc*) - lt_prog_compiler_wl='-Wl,' - # All Alpha code is PIC. - lt_prog_compiler_static='-non_shared' - ;; - esac - ;; - - osf3* | osf4* | osf5*) - lt_prog_compiler_wl='-Wl,' - # All OSF/1 code is PIC. - lt_prog_compiler_static='-non_shared' - ;; - - solaris*) - lt_prog_compiler_pic='-KPIC' - lt_prog_compiler_static='-Bstatic' - case $cc_basename in - f77* | f90* | f95*) - lt_prog_compiler_wl='-Qoption ld ';; - *) - lt_prog_compiler_wl='-Wl,';; - esac - ;; - - sunos4*) - lt_prog_compiler_wl='-Qoption ld ' - lt_prog_compiler_pic='-PIC' - lt_prog_compiler_static='-Bstatic' - ;; - - sysv4 | sysv4.2uw2* | sysv4.3*) - lt_prog_compiler_wl='-Wl,' - lt_prog_compiler_pic='-KPIC' - lt_prog_compiler_static='-Bstatic' - ;; - - sysv4*MP*) - if test -d /usr/nec ;then - lt_prog_compiler_pic='-Kconform_pic' - lt_prog_compiler_static='-Bstatic' - fi - ;; - - sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) - lt_prog_compiler_wl='-Wl,' - lt_prog_compiler_pic='-KPIC' - lt_prog_compiler_static='-Bstatic' - ;; - - unicos*) - lt_prog_compiler_wl='-Wl,' - lt_prog_compiler_can_build_shared=no - ;; - - uts4*) - lt_prog_compiler_pic='-pic' - lt_prog_compiler_static='-Bstatic' - ;; - - *) - lt_prog_compiler_can_build_shared=no - ;; - esac - fi - -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic" >&5 -echo "${ECHO_T}$lt_prog_compiler_pic" >&6; } - -# -# Check to make sure the PIC flag actually works. -# -if test -n "$lt_prog_compiler_pic"; then - -{ echo "$as_me:$LINENO: checking if $compiler PIC flag $lt_prog_compiler_pic works" >&5 -echo $ECHO_N "checking if $compiler PIC flag $lt_prog_compiler_pic works... $ECHO_C" >&6; } -if test "${lt_prog_compiler_pic_works+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_prog_compiler_pic_works=no - ac_outfile=conftest.$ac_objext - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - lt_compiler_flag="$lt_prog_compiler_pic -DPIC" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - # The option is referenced via a variable to avoid confusing sed. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:8340: $lt_compile\"" >&5) - (eval "$lt_compile" 2>conftest.err) - ac_status=$? - cat conftest.err >&5 - echo "$as_me:8344: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s "$ac_outfile"; then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings other than the usual output. - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then - lt_prog_compiler_pic_works=yes - fi - fi - $rm conftest* - -fi -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_works" >&5 -echo "${ECHO_T}$lt_prog_compiler_pic_works" >&6; } - -if test x"$lt_prog_compiler_pic_works" = xyes; then - case $lt_prog_compiler_pic in - "" | " "*) ;; - *) lt_prog_compiler_pic=" $lt_prog_compiler_pic" ;; - esac -else - lt_prog_compiler_pic= - lt_prog_compiler_can_build_shared=no -fi - -fi -case $host_os in - # For platforms which do not support PIC, -DPIC is meaningless: - *djgpp*) - lt_prog_compiler_pic= - ;; - *) - lt_prog_compiler_pic="$lt_prog_compiler_pic -DPIC" - ;; -esac - -# -# Check to make sure the static flag actually works. -# -wl=$lt_prog_compiler_wl eval lt_tmp_static_flag=\"$lt_prog_compiler_static\" -{ echo "$as_me:$LINENO: checking if $compiler static flag $lt_tmp_static_flag works" >&5 -echo $ECHO_N "checking if $compiler static flag $lt_tmp_static_flag works... $ECHO_C" >&6; } -if test "${lt_prog_compiler_static_works+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_prog_compiler_static_works=no - save_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS $lt_tmp_static_flag" - printf "$lt_simple_link_test_code" > conftest.$ac_ext - if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then - # The linker can only warn and ignore the option if not recognized - # So say no if there are warnings - if test -s conftest.err; then - # Append any errors to the config.log. - cat conftest.err 1>&5 - $echo "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if diff conftest.exp conftest.er2 >/dev/null; then - lt_prog_compiler_static_works=yes - fi - else - lt_prog_compiler_static_works=yes - fi - fi - $rm conftest* - LDFLAGS="$save_LDFLAGS" - -fi -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_static_works" >&5 -echo "${ECHO_T}$lt_prog_compiler_static_works" >&6; } - -if test x"$lt_prog_compiler_static_works" = xyes; then - : -else - lt_prog_compiler_static= -fi - - -{ echo "$as_me:$LINENO: checking if $compiler supports -c -o file.$ac_objext" >&5 -echo $ECHO_N "checking if $compiler supports -c -o file.$ac_objext... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_c_o+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_cv_prog_compiler_c_o=no - $rm -r conftest 2>/dev/null - mkdir conftest - cd conftest - mkdir out - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - - lt_compiler_flag="-o out/conftest2.$ac_objext" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:8444: $lt_compile\"" >&5) - (eval "$lt_compile" 2>out/conftest.err) - ac_status=$? - cat out/conftest.err >&5 - echo "$as_me:8448: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s out/conftest2.$ac_objext - then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp - $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2 - if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then - lt_cv_prog_compiler_c_o=yes - fi - fi - chmod u+w . 2>&5 - $rm conftest* - # SGI C++ compiler will create directory out/ii_files/ for - # template instantiation - test -d out/ii_files && $rm out/ii_files/* && rmdir out/ii_files - $rm out/* && rmdir out - cd .. - rmdir conftest - $rm conftest* - -fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_c_o" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_c_o" >&6; } - - -hard_links="nottested" -if test "$lt_cv_prog_compiler_c_o" = no && test "$need_locks" != no; then - # do not overwrite the value of need_locks provided by the user - { echo "$as_me:$LINENO: checking if we can lock with hard links" >&5 -echo $ECHO_N "checking if we can lock with hard links... $ECHO_C" >&6; } - hard_links=yes - $rm conftest* - ln conftest.a conftest.b 2>/dev/null && hard_links=no - touch conftest.a - ln conftest.a conftest.b 2>&5 || hard_links=no - ln conftest.a conftest.b 2>/dev/null && hard_links=no - { echo "$as_me:$LINENO: result: $hard_links" >&5 -echo "${ECHO_T}$hard_links" >&6; } - if test "$hard_links" = no; then - { echo "$as_me:$LINENO: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5 -echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;} - need_locks=warn - fi -else - need_locks=no -fi - -{ echo "$as_me:$LINENO: checking whether the $compiler linker ($LD) supports shared libraries" >&5 -echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared libraries... $ECHO_C" >&6; } - - runpath_var= - allow_undefined_flag= - enable_shared_with_static_runtimes=no - archive_cmds= - archive_expsym_cmds= - old_archive_From_new_cmds= - old_archive_from_expsyms_cmds= - export_dynamic_flag_spec= - whole_archive_flag_spec= - thread_safe_flag_spec= - hardcode_libdir_flag_spec= - hardcode_libdir_flag_spec_ld= - hardcode_libdir_separator= - hardcode_direct=no - hardcode_minus_L=no - hardcode_shlibpath_var=unsupported - link_all_deplibs=unknown - hardcode_automatic=no - module_cmds= - module_expsym_cmds= - always_export_symbols=no - export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - # include_expsyms should be a list of space-separated symbols to be *always* - # included in the symbol list - include_expsyms= - # exclude_expsyms can be an extended regexp of symbols to exclude - # it will be wrapped by ` (' and `)$', so one must not match beginning or - # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc', - # as well as any symbol that contains `d'. - exclude_expsyms="_GLOBAL_OFFSET_TABLE_" - # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out - # platforms (ab)use it in PIC code, but their linkers get confused if - # the symbol is explicitly referenced. Since portable code cannot - # rely on this symbol name, it's probably fine to never include it in - # preloaded symbol tables. - extract_expsyms_cmds= - # Just being paranoid about ensuring that cc_basename is set. - for cc_temp in $compiler""; do - case $cc_temp in - compile | *[\\/]compile | ccache | *[\\/]ccache ) ;; - distcc | *[\\/]distcc | purify | *[\\/]purify ) ;; - \-*) ;; - *) break;; - esac -done -cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` - - case $host_os in - cygwin* | mingw* | pw32*) - # FIXME: the MSVC++ port hasn't been tested in a loooong time - # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. - if test "$GCC" != yes; then - with_gnu_ld=no - fi - ;; - interix*) - # we just hope/assume this is gcc and not c89 (= MSVC++) - with_gnu_ld=yes - ;; - openbsd*) - with_gnu_ld=no - ;; - esac - - ld_shlibs=yes - if test "$with_gnu_ld" = yes; then - # If archive_cmds runs LD, not CC, wlarc should be empty - wlarc='${wl}' - - # Set some defaults for GNU ld with shared library support. These - # are reset later if shared libraries are not supported. Putting them - # here allows them to be overridden if necessary. - runpath_var=LD_RUN_PATH - hardcode_libdir_flag_spec='${wl}--rpath ${wl}$libdir' - export_dynamic_flag_spec='${wl}--export-dynamic' - # ancient GNU ld didn't support --whole-archive et. al. - if $LD --help 2>&1 | grep 'no-whole-archive' > /dev/null; then - whole_archive_flag_spec="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' - else - whole_archive_flag_spec= - fi - supports_anon_versioning=no - case `$LD -v 2>/dev/null` in - *\ [01].* | *\ 2.[0-9].* | *\ 2.10.*) ;; # catch versions < 2.11 - *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ... - *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ... - *\ 2.11.*) ;; # other 2.11 versions - *) supports_anon_versioning=yes ;; - esac - - # See if GNU ld supports shared libraries. - case $host_os in - aix3* | aix4* | aix5*) - # On AIX/PPC, the GNU linker is very broken - if test "$host_cpu" != ia64; then - ld_shlibs=no - cat <&2 - -*** Warning: the GNU linker, at least up to release 2.9.1, is reported -*** to be unable to reliably create shared libraries on AIX. -*** Therefore, libtool is disabling shared libraries support. If you -*** really care for shared libraries, you may want to modify your PATH -*** so that a non-GNU linker is found, and then restart. - -EOF - fi - ;; - - amigaos*) - archive_cmds='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' - hardcode_libdir_flag_spec='-L$libdir' - hardcode_minus_L=yes - - # Samuel A. Falvo II reports - # that the semantics of dynamic libraries on AmigaOS, at least up - # to version 4, is to share data among multiple programs linked - # with the same dynamic library. Since this doesn't match the - # behavior of shared libraries on other platforms, we can't use - # them. - ld_shlibs=no - ;; - - beos*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - allow_undefined_flag=unsupported - # Joseph Beckenbach says some releases of gcc - # support --undefined. This deserves some investigation. FIXME - archive_cmds='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - else - ld_shlibs=no - fi - ;; - - cygwin* | mingw* | pw32*) - # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, ) is actually meaningless, - # as there is no search path for DLLs. - hardcode_libdir_flag_spec='-L$libdir' - allow_undefined_flag=unsupported - always_export_symbols=no - enable_shared_with_static_runtimes=yes - export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS] /s/.* \([^ ]*\)/\1 DATA/'\'' | $SED -e '\''/^[AITW] /s/.* //'\'' | sort | uniq > $export_symbols' - - if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - # If the export-symbols file already is a .def file (1st line - # is EXPORTS), use it as is; otherwise, prepend... - archive_expsym_cmds='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then - cp $export_symbols $output_objdir/$soname.def; - else - echo EXPORTS > $output_objdir/$soname.def; - cat $export_symbols >> $output_objdir/$soname.def; - fi~ - $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - else - ld_shlibs=no - fi - ;; - - interix3*) - hardcode_direct=no - hardcode_shlibpath_var=no - hardcode_libdir_flag_spec='${wl}-rpath,$libdir' - export_dynamic_flag_spec='${wl}-E' - # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. - # Instead, shared libraries are loaded at an image base (0x10000000 by - # default) and relocated if they conflict, which is a slow very memory - # consuming and fragmenting process. To avoid this, we pick a random, - # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link - # time. Moving up from 0x10000000 also allows more sbrk(2) space. - archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - archive_expsym_cmds='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - ;; - - linux*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - tmp_addflag= - case $cc_basename,$host_cpu in - pgcc*) # Portland Group C compiler - whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive' - tmp_addflag=' $pic_flag' - ;; - pgf77* | pgf90* | pgf95*) # Portland Group f77 and f90 compilers - whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive' - tmp_addflag=' $pic_flag -Mnomain' ;; - ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64 - tmp_addflag=' -i_dynamic' ;; - efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64 - tmp_addflag=' -i_dynamic -nofor_main' ;; - ifc* | ifort*) # Intel Fortran compiler - tmp_addflag=' -nofor_main' ;; - esac - archive_cmds='$CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - - if test $supports_anon_versioning = yes; then - archive_expsym_cmds='$echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ - $echo "local: *; };" >> $output_objdir/$libname.ver~ - $CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' - fi - else - ld_shlibs=no - fi - ;; - - netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - archive_cmds='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' - wlarc= - else - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - fi - ;; - - solaris*) - if $LD -v 2>&1 | grep 'BFD 2\.8' > /dev/null; then - ld_shlibs=no - cat <&2 - -*** Warning: The releases 2.8.* of the GNU linker cannot reliably -*** create shared libraries on Solaris systems. Therefore, libtool -*** is disabling shared libraries support. We urge you to upgrade GNU -*** binutils to release 2.9.1 or newer. Another option is to modify -*** your PATH or compiler configuration so that the native linker is -*** used, and then restart. - -EOF - elif $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - else - ld_shlibs=no - fi - ;; - - sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*) - case `$LD -v 2>&1` in - *\ [01].* | *\ 2.[0-9].* | *\ 2.1[0-5].*) - ld_shlibs=no - cat <<_LT_EOF 1>&2 - -*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not -*** reliably create shared libraries on SCO systems. Therefore, libtool -*** is disabling shared libraries support. We urge you to upgrade GNU -*** binutils to release 2.16.91.0.3 or newer. Another option is to modify -*** your PATH or compiler configuration so that the native linker is -*** used, and then restart. - -_LT_EOF - ;; - *) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - hardcode_libdir_flag_spec='`test -z "$SCOABSPATH" && echo ${wl}-rpath,$libdir`' - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib' - archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname,-retain-symbols-file,$export_symbols -o $lib' - else - ld_shlibs=no - fi - ;; - esac - ;; - - sunos4*) - archive_cmds='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags' - wlarc= - hardcode_direct=yes - hardcode_shlibpath_var=no - ;; - - *) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - else - ld_shlibs=no - fi - ;; - esac - - if test "$ld_shlibs" = no; then - runpath_var= - hardcode_libdir_flag_spec= - export_dynamic_flag_spec= - whole_archive_flag_spec= - fi - else - # PORTME fill in a description of your system's linker (not GNU ld) - case $host_os in - aix3*) - allow_undefined_flag=unsupported - always_export_symbols=yes - archive_expsym_cmds='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname' - # Note: this linker hardcodes the directories in LIBPATH if there - # are no directories specified by -L. - hardcode_minus_L=yes - if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then - # Neither direct hardcoding nor static linking is supported with a - # broken collect2. - hardcode_direct=unsupported - fi - ;; - - aix4* | aix5*) - if test "$host_cpu" = ia64; then - # On IA64, the linker does run time linking by default, so we don't - # have to do anything special. - aix_use_runtimelinking=no - exp_sym_flag='-Bexport' - no_entry_flag="" - else - # If we're using GNU nm, then we don't want the "-C" option. - # -C means demangle to AIX nm, but means don't demangle with GNU nm - if $NM -V 2>&1 | grep 'GNU' > /dev/null; then - export_symbols_cmds='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols' - else - export_symbols_cmds='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols' - fi - aix_use_runtimelinking=no - - # Test if we are trying to use run time linking or normal - # AIX style linking. If -brtl is somewhere in LDFLAGS, we - # need to do runtime linking. - case $host_os in aix4.[23]|aix4.[23].*|aix5*) - for ld_flag in $LDFLAGS; do - if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then - aix_use_runtimelinking=yes - break - fi - done - ;; - esac - - exp_sym_flag='-bexport' - no_entry_flag='-bnoentry' - fi - - # When large executables or shared objects are built, AIX ld can - # have problems creating the table of contents. If linking a library - # or program results in "error TOC overflow" add -mminimal-toc to - # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not - # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. - - archive_cmds='' - hardcode_direct=yes - hardcode_libdir_separator=':' - link_all_deplibs=yes - - if test "$GCC" = yes; then - case $host_os in aix4.[012]|aix4.[012].*) - # We only want to do this on AIX 4.2 and lower, the check - # below for broken collect2 doesn't work under 4.3+ - collect2name=`${CC} -print-prog-name=collect2` - if test -f "$collect2name" && \ - strings "$collect2name" | grep resolve_lib_name >/dev/null - then - # We have reworked collect2 - hardcode_direct=yes - else - # We have old collect2 - hardcode_direct=unsupported - # It fails to find uninstalled libraries when the uninstalled - # path is not listed in the libpath. Setting hardcode_minus_L - # to unsupported forces relinking - hardcode_minus_L=yes - hardcode_libdir_flag_spec='-L$libdir' - hardcode_libdir_separator= - fi - ;; - esac - shared_flag='-shared' - if test "$aix_use_runtimelinking" = yes; then - shared_flag="$shared_flag "'${wl}-G' - fi - else - # not using gcc - if test "$host_cpu" = ia64; then - # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release - # chokes on -Wl,-G. The following line is correct: - shared_flag='-G' - else - if test "$aix_use_runtimelinking" = yes; then - shared_flag='${wl}-G' - else - shared_flag='${wl}-bM:SRE' - fi - fi - fi - - # It seems that -bexpall does not export symbols beginning with - # underscore (_), so it is better to generate a list of symbols to export. - always_export_symbols=yes - if test "$aix_use_runtimelinking" = yes; then - # Warning - without using the other runtime loading flags (-brtl), - # -berok will link without error, but may produce a broken library. - allow_undefined_flag='-berok' - # Determine the default libpath from the value encoded in an empty executable. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'`; fi -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi - - hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath" - archive_expsym_cmds="\$CC"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then echo "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" - else - if test "$host_cpu" = ia64; then - hardcode_libdir_flag_spec='${wl}-R $libdir:/usr/lib:/lib' - allow_undefined_flag="-z nodefs" - archive_expsym_cmds="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols" - else - # Determine the default libpath from the value encoded in an empty executable. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'`; fi -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi - - hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath" - # Warning - without using the other run time loading flags, - # -berok will link without error, but may produce a broken library. - no_undefined_flag=' ${wl}-bernotok' - allow_undefined_flag=' ${wl}-berok' - # Exported symbols can be pulled into shared objects from archives - whole_archive_flag_spec='$convenience' - archive_cmds_need_lc=yes - # This is similar to how AIX traditionally builds its shared libraries. - archive_expsym_cmds="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname' - fi - fi - ;; - - amigaos*) - archive_cmds='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' - hardcode_libdir_flag_spec='-L$libdir' - hardcode_minus_L=yes - # see comment about different semantics on the GNU ld section - ld_shlibs=no - ;; - - bsdi[45]*) - export_dynamic_flag_spec=-rdynamic - ;; - - cygwin* | mingw* | pw32*) - # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. - # hardcode_libdir_flag_spec is actually meaningless, as there is - # no search path for DLLs. - hardcode_libdir_flag_spec=' ' - allow_undefined_flag=unsupported - # Tell ltmain to make .lib files, not .a files. - libext=lib - # Tell ltmain to make .dll files, not .so files. - shrext_cmds=".dll" - # FIXME: Setting linknames here is a bad hack. - archive_cmds='$CC -o $lib $libobjs $compiler_flags `echo "$deplibs" | $SED -e '\''s/ -lc$//'\''` -link -dll~linknames=' - # The linker will automatically build a .lib file if we build a DLL. - old_archive_From_new_cmds='true' - # FIXME: Should let the user specify the lib program. - old_archive_cmds='lib /OUT:$oldlib$oldobjs$old_deplibs' - fix_srcfile_path='`cygpath -w "$srcfile"`' - enable_shared_with_static_runtimes=yes - ;; - - darwin* | rhapsody*) - case $host_os in - rhapsody* | darwin1.[012]) - allow_undefined_flag='${wl}-undefined ${wl}suppress' - ;; - *) # Darwin 1.3 on - if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then - allow_undefined_flag='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - else - case ${MACOSX_DEPLOYMENT_TARGET} in - 10.[012]) - allow_undefined_flag='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - ;; - 10.*) - allow_undefined_flag='${wl}-undefined ${wl}dynamic_lookup' - ;; - esac - fi - ;; - esac - archive_cmds_need_lc=no - hardcode_direct=no - hardcode_automatic=yes - hardcode_shlibpath_var=unsupported - whole_archive_flag_spec='' - link_all_deplibs=yes - if test "$GCC" = yes ; then - output_verbose_link_cmd='echo' - archive_cmds='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - module_cmds='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - archive_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - module_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - case $cc_basename in - xlc*) - output_verbose_link_cmd='echo' - archive_cmds='$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring' - module_cmds='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - archive_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - module_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - ;; - *) - ld_shlibs=no - ;; - esac - fi - ;; - - dgux*) - archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_libdir_flag_spec='-L$libdir' - hardcode_shlibpath_var=no - ;; - - freebsd1*) - ld_shlibs=no - ;; - - # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor - # support. Future versions do this automatically, but an explicit c++rt0.o - # does not break anything, and helps significantly (at the cost of a little - # extra space). - freebsd2.2*) - archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o' - hardcode_libdir_flag_spec='-R$libdir' - hardcode_direct=yes - hardcode_shlibpath_var=no - ;; - - # Unfortunately, older versions of FreeBSD 2 do not have this feature. - freebsd2*) - archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct=yes - hardcode_minus_L=yes - hardcode_shlibpath_var=no - ;; - - # FreeBSD 3 and greater uses gcc -shared to do shared libraries. - freebsd* | kfreebsd*-gnu | dragonfly*) - archive_cmds='$CC -shared -o $lib $libobjs $deplibs $compiler_flags' - hardcode_libdir_flag_spec='-R$libdir' - hardcode_direct=yes - hardcode_shlibpath_var=no - ;; - - hpux9*) - if test "$GCC" = yes; then - archive_cmds='$rm $output_objdir/$soname~$CC -shared -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - else - archive_cmds='$rm $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - fi - hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir' - hardcode_libdir_separator=: - hardcode_direct=yes - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L=yes - export_dynamic_flag_spec='${wl}-E' - ;; - - hpux10*) - if test "$GCC" = yes -a "$with_gnu_ld" = no; then - archive_cmds='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags' - fi - if test "$with_gnu_ld" = no; then - hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir' - hardcode_libdir_separator=: - - hardcode_direct=yes - export_dynamic_flag_spec='${wl}-E' - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L=yes - fi - ;; - - hpux11*) - if test "$GCC" = yes -a "$with_gnu_ld" = no; then - case $host_cpu in - hppa*64*) - archive_cmds='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - ia64*) - archive_cmds='$CC -shared ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - archive_cmds='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - else - case $host_cpu in - hppa*64*) - archive_cmds='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - ia64*) - archive_cmds='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - archive_cmds='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - fi - if test "$with_gnu_ld" = no; then - hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir' - hardcode_libdir_separator=: - - case $host_cpu in - hppa*64*|ia64*) - hardcode_libdir_flag_spec_ld='+b $libdir' - hardcode_direct=no - hardcode_shlibpath_var=no - ;; - *) - hardcode_direct=yes - export_dynamic_flag_spec='${wl}-E' - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L=yes - ;; - esac - fi - ;; - - irix5* | irix6* | nonstopux*) - if test "$GCC" = yes; then - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - archive_cmds='$LD -shared $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - hardcode_libdir_flag_spec_ld='-rpath $libdir' - fi - hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator=: - link_all_deplibs=yes - ;; - - netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out - else - archive_cmds='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF - fi - hardcode_libdir_flag_spec='-R$libdir' - hardcode_direct=yes - hardcode_shlibpath_var=no - ;; - - newsos6) - archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct=yes - hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator=: - hardcode_shlibpath_var=no - ;; - - openbsd*) - hardcode_direct=yes - hardcode_shlibpath_var=no - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols' - hardcode_libdir_flag_spec='${wl}-rpath,$libdir' - export_dynamic_flag_spec='${wl}-E' - else - case $host_os in - openbsd[01].* | openbsd2.[0-7] | openbsd2.[0-7].*) - archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' - hardcode_libdir_flag_spec='-R$libdir' - ;; - *) - archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - hardcode_libdir_flag_spec='${wl}-rpath,$libdir' - ;; - esac - fi - ;; - - os2*) - hardcode_libdir_flag_spec='-L$libdir' - hardcode_minus_L=yes - allow_undefined_flag=unsupported - archive_cmds='$echo "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$echo "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~$echo DATA >> $output_objdir/$libname.def~$echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~$echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def' - old_archive_From_new_cmds='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def' - ;; - - osf3*) - if test "$GCC" = yes; then - allow_undefined_flag=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - allow_undefined_flag=' -expect_unresolved \*' - archive_cmds='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - fi - hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator=: - ;; - - osf4* | osf5*) # as osf3* with the addition of -msym flag - if test "$GCC" = yes; then - allow_undefined_flag=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' - else - allow_undefined_flag=' -expect_unresolved \*' - archive_cmds='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - archive_expsym_cmds='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; echo "-hidden">> $lib.exp~ - $LD -shared${allow_undefined_flag} -input $lib.exp $linker_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib~$rm $lib.exp' - - # Both c and cxx compiler support -rpath directly - hardcode_libdir_flag_spec='-rpath $libdir' - fi - hardcode_libdir_separator=: - ;; - - solaris*) - no_undefined_flag=' -z text' - if test "$GCC" = yes; then - wlarc='${wl}' - archive_cmds='$CC -shared ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $CC -shared ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$rm $lib.exp' - else - wlarc='' - archive_cmds='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags' - archive_expsym_cmds='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$rm $lib.exp' - fi - hardcode_libdir_flag_spec='-R$libdir' - hardcode_shlibpath_var=no - case $host_os in - solaris2.[0-5] | solaris2.[0-5].*) ;; - *) - # The compiler driver will combine linker options so we - # cannot just pass the convience library names through - # without $wl, iff we do not link with $LD. - # Luckily, gcc supports the same syntax we need for Sun Studio. - # Supported since Solaris 2.6 (maybe 2.5.1?) - case $wlarc in - '') - whole_archive_flag_spec='-z allextract$convenience -z defaultextract' ;; - *) - whole_archive_flag_spec='${wl}-z ${wl}allextract`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}-z ${wl}defaultextract' ;; - esac ;; - esac - link_all_deplibs=yes - ;; - - sunos4*) - if test "x$host_vendor" = xsequent; then - # Use $CC to link under sequent, because it throws in some extra .o - # files that make .init and .fini sections work. - archive_cmds='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags' - fi - hardcode_libdir_flag_spec='-L$libdir' - hardcode_direct=yes - hardcode_minus_L=yes - hardcode_shlibpath_var=no - ;; - - sysv4) - case $host_vendor in - sni) - archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct=yes # is this really true??? - ;; - siemens) - ## LD is ld it makes a PLAMLIB - ## CC just makes a GrossModule. - archive_cmds='$LD -G -o $lib $libobjs $deplibs $linker_flags' - reload_cmds='$CC -r -o $output$reload_objs' - hardcode_direct=no - ;; - motorola) - archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct=no #Motorola manual says yes, but my tests say they lie - ;; - esac - runpath_var='LD_RUN_PATH' - hardcode_shlibpath_var=no - ;; - - sysv4.3*) - archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_shlibpath_var=no - export_dynamic_flag_spec='-Bexport' - ;; - - sysv4*MP*) - if test -d /usr/nec; then - archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_shlibpath_var=no - runpath_var=LD_RUN_PATH - hardcode_runpath_var=yes - ld_shlibs=yes - fi - ;; - - sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7*) - no_undefined_flag='${wl}-z,text' - archive_cmds_need_lc=no - hardcode_shlibpath_var=no - runpath_var='LD_RUN_PATH' - - if test "$GCC" = yes; then - archive_cmds='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - fi - ;; - - sysv5* | sco3.2v5* | sco5v6*) - # Note: We can NOT use -z defs as we might desire, because we do not - # link with -lc, and that would cause any symbols used from libc to - # always be unresolved, which means just about no library would - # ever link correctly. If we're not using GNU ld we use -z text - # though, which does catch some bad symbols but isn't as heavy-handed - # as -z defs. - no_undefined_flag='${wl}-z,text' - allow_undefined_flag='${wl}-z,nodefs' - archive_cmds_need_lc=no - hardcode_shlibpath_var=no - hardcode_libdir_flag_spec='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`' - hardcode_libdir_separator=':' - link_all_deplibs=yes - export_dynamic_flag_spec='${wl}-Bexport' - runpath_var='LD_RUN_PATH' - - if test "$GCC" = yes; then - archive_cmds='$CC -shared ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds='$CC -G ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - fi - ;; - - uts4*) - archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_libdir_flag_spec='-L$libdir' - hardcode_shlibpath_var=no - ;; - - *) - ld_shlibs=no - ;; - esac - fi - -{ echo "$as_me:$LINENO: result: $ld_shlibs" >&5 -echo "${ECHO_T}$ld_shlibs" >&6; } -test "$ld_shlibs" = no && can_build_shared=no - -# -# Do we need to explicitly link libc? -# -case "x$archive_cmds_need_lc" in -x|xyes) - # Assume -lc should be added - archive_cmds_need_lc=yes - - if test "$enable_shared" = yes && test "$GCC" = yes; then - case $archive_cmds in - *'~'*) - # FIXME: we may have to deal with multi-command sequences. - ;; - '$CC '*) - # Test whether the compiler implicitly links with -lc since on some - # systems, -lgcc has to come before -lc. If gcc already passes -lc - # to ld, don't add -lc before -lgcc. - { echo "$as_me:$LINENO: checking whether -lc should be explicitly linked in" >&5 -echo $ECHO_N "checking whether -lc should be explicitly linked in... $ECHO_C" >&6; } - $rm conftest* - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } 2>conftest.err; then - soname=conftest - lib=conftest - libobjs=conftest.$ac_objext - deplibs= - wl=$lt_prog_compiler_wl - pic_flag=$lt_prog_compiler_pic - compiler_flags=-v - linker_flags=-v - verstring= - output_objdir=. - libname=conftest - lt_save_allow_undefined_flag=$allow_undefined_flag - allow_undefined_flag= - if { (eval echo "$as_me:$LINENO: \"$archive_cmds 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1\"") >&5 - (eval $archive_cmds 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } - then - archive_cmds_need_lc=no - else - archive_cmds_need_lc=yes - fi - allow_undefined_flag=$lt_save_allow_undefined_flag - else - cat conftest.err 1>&5 - fi - $rm conftest* - { echo "$as_me:$LINENO: result: $archive_cmds_need_lc" >&5 -echo "${ECHO_T}$archive_cmds_need_lc" >&6; } - ;; - esac - fi - ;; -esac - -{ echo "$as_me:$LINENO: checking dynamic linker characteristics" >&5 -echo $ECHO_N "checking dynamic linker characteristics... $ECHO_C" >&6; } -library_names_spec= -libname_spec='lib$name' -soname_spec= -shrext_cmds=".so" -postinstall_cmds= -postuninstall_cmds= -finish_cmds= -finish_eval= -shlibpath_var= -shlibpath_overrides_runpath=unknown -version_type=none -dynamic_linker="$host_os ld.so" -sys_lib_dlsearch_path_spec="/lib /usr/lib" -if test "$GCC" = yes; then - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"` - if echo "$sys_lib_search_path_spec" | grep ';' >/dev/null ; then - # if the path contains ";" then we assume it to be the separator - # otherwise default to the standard path separator (i.e. ":") - it is - # assumed that no part of a normal pathname contains ";" but that should - # okay in the real world where ";" in dirpaths is itself problematic. - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi -else - sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib" -fi -need_lib_prefix=unknown -hardcode_into_libs=no - -# when you set need_version to no, make sure it does not cause -set_version -# flags to be left without arguments -need_version=unknown - -case $host_os in -aix3*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a' - shlibpath_var=LIBPATH - - # AIX 3 has no versioning support, so we append a major version to the name. - soname_spec='${libname}${release}${shared_ext}$major' - ;; - -aix4* | aix5*) - version_type=linux - need_lib_prefix=no - need_version=no - hardcode_into_libs=yes - if test "$host_cpu" = ia64; then - # AIX 5 supports IA64 - library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - else - # With GCC up to 2.95.x, collect2 would create an import file - # for dependence libraries. The import file would start with - # the line `#! .'. This would cause the generated library to - # depend on `.', always an invalid library. This was fixed in - # development snapshots of GCC prior to 3.0. - case $host_os in - aix4 | aix4.[01] | aix4.[01].*) - if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)' - echo ' yes ' - echo '#endif'; } | ${CC} -E - | grep yes > /dev/null; then - : - else - can_build_shared=no - fi - ;; - esac - # AIX (on Power*) has no versioning support, so currently we can not hardcode correct - # soname into executable. Probably we can add versioning support to - # collect2, so additional links can be useful in future. - if test "$aix_use_runtimelinking" = yes; then - # If using run time linking (on AIX 4.2 or later) use lib.so - # instead of lib.a to let people know that these are not - # typical AIX shared libraries. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - else - # We preserve .a as extension for shared libraries through AIX4.2 - # and later when we are not doing run time linking. - library_names_spec='${libname}${release}.a $libname.a' - soname_spec='${libname}${release}${shared_ext}$major' - fi - shlibpath_var=LIBPATH - fi - ;; - -amigaos*) - library_names_spec='$libname.ixlibrary $libname.a' - # Create ${libname}_ixlibrary.a entries in /sys/libs. - finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$echo "X$lib" | $Xsed -e '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $rm /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done' - ;; - -beos*) - library_names_spec='${libname}${shared_ext}' - dynamic_linker="$host_os ld.so" - shlibpath_var=LIBRARY_PATH - ;; - -bsdi[45]*) - version_type=linux - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib" - sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib" - # the default ld.so.conf also contains /usr/contrib/lib and - # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow - # libtool to hard-code these into programs - ;; - -cygwin* | mingw* | pw32*) - version_type=windows - shrext_cmds=".dll" - need_version=no - need_lib_prefix=no - - case $GCC,$host_os in - yes,cygwin* | yes,mingw* | yes,pw32*) - library_names_spec='$libname.dll.a' - # DLL is installed to $(libdir)/../bin by postinstall_cmds - postinstall_cmds='base_file=`basename \${file}`~ - dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i;echo \$dlname'\''`~ - dldir=$destdir/`dirname \$dlpath`~ - test -d \$dldir || mkdir -p \$dldir~ - $install_prog $dir/$dlname \$dldir/$dlname~ - chmod a+x \$dldir/$dlname' - postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ - dlpath=$dir/\$dldll~ - $rm \$dlpath' - shlibpath_overrides_runpath=yes - - case $host_os in - cygwin*) - # Cygwin DLLs use 'cyg' prefix rather than 'lib' - soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib" - ;; - mingw*) - # MinGW DLLs use traditional 'lib' prefix - soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"` - if echo "$sys_lib_search_path_spec" | grep ';[c-zC-Z]:/' >/dev/null; then - # It is most probably a Windows format PATH printed by - # mingw gcc, but we are running on Cygwin. Gcc prints its search - # path with ; separators, and with drive letters. We can handle the - # drive letters (cygwin fileutils understands them), so leave them, - # especially as we might pass files found there to a mingw objdump, - # which wouldn't understand a cygwinified path. Ahh. - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi - ;; - pw32*) - # pw32 DLLs use 'pw' prefix rather than 'lib' - library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - ;; - esac - ;; - - *) - library_names_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext} $libname.lib' - ;; - esac - dynamic_linker='Win32 ld.exe' - # FIXME: first we should search . and the directory the executable is in - shlibpath_var=PATH - ;; - -darwin* | rhapsody*) - dynamic_linker="$host_os dyld" - version_type=darwin - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext ${libname}${release}${versuffix}$shared_ext' - soname_spec='${libname}${release}${major}$shared_ext' - shlibpath_overrides_runpath=yes - shlibpath_var=DYLD_LIBRARY_PATH - shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`' - # Apple's gcc prints 'gcc -print-search-dirs' doesn't operate the same. - if test "$GCC" = yes; then - sys_lib_search_path_spec=`$CC -print-search-dirs | tr "\n" "$PATH_SEPARATOR" | sed -e 's/libraries:/@libraries:/' | tr "@" "\n" | grep "^libraries:" | sed -e "s/^libraries://" -e "s,=/,/,g" -e "s,$PATH_SEPARATOR, ,g" -e "s,.*,& /lib /usr/lib /usr/local/lib,g"` - else - sys_lib_search_path_spec='/lib /usr/lib /usr/local/lib' - fi - sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib' - ;; - -dgux*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -freebsd1*) - dynamic_linker=no - ;; - -kfreebsd*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='GNU ld.so' - ;; - -freebsd* | dragonfly*) - # DragonFly does not have aout. When/if they implement a new - # versioning mechanism, adjust this. - if test -x /usr/bin/objformat; then - objformat=`/usr/bin/objformat` - else - case $host_os in - freebsd[123]*) objformat=aout ;; - *) objformat=elf ;; - esac - fi - version_type=freebsd-$objformat - case $version_type in - freebsd-elf*) - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - need_version=no - need_lib_prefix=no - ;; - freebsd-*) - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix' - need_version=yes - ;; - esac - shlibpath_var=LD_LIBRARY_PATH - case $host_os in - freebsd2*) - shlibpath_overrides_runpath=yes - ;; - freebsd3.[01]* | freebsdelf3.[01]*) - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - freebsd3.[2-9]* | freebsdelf3.[2-9]* | \ - freebsd4.[0-5] | freebsdelf4.[0-5] | freebsd4.1.1 | freebsdelf4.1.1) - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - freebsd*) # from 4.6 on - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - esac - ;; - -gnu*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - ;; - -hpux9* | hpux10* | hpux11*) - # Give a soname corresponding to the major version so that dld.sl refuses to - # link against other versions. - version_type=sunos - need_lib_prefix=no - need_version=no - case $host_cpu in - ia64*) - shrext_cmds='.so' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.so" - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - if test "X$HPUX_IA64_MODE" = X32; then - sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib" - else - sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64" - fi - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - hppa*64*) - shrext_cmds='.sl' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.sl" - shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64" - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - *) - shrext_cmds='.sl' - dynamic_linker="$host_os dld.sl" - shlibpath_var=SHLIB_PATH - shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - ;; - esac - # HP-UX runs *really* slowly unless shared libraries are mode 555. - postinstall_cmds='chmod 555 $lib' - ;; - -interix3*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - -irix5* | irix6* | nonstopux*) - case $host_os in - nonstopux*) version_type=nonstopux ;; - *) - if test "$lt_cv_prog_gnu_ld" = yes; then - version_type=linux - else - version_type=irix - fi ;; - esac - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}' - case $host_os in - irix5* | nonstopux*) - libsuff= shlibsuff= - ;; - *) - case $LD in # libtool.m4 will add one of these switches to LD - *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ") - libsuff= shlibsuff= libmagic=32-bit;; - *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ") - libsuff=32 shlibsuff=N32 libmagic=N32;; - *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ") - libsuff=64 shlibsuff=64 libmagic=64-bit;; - *) libsuff= shlibsuff= libmagic=never-match;; - esac - ;; - esac - shlibpath_var=LD_LIBRARY${shlibsuff}_PATH - shlibpath_overrides_runpath=no - sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}" - sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}" - hardcode_into_libs=yes - ;; - -# No shared lib support for Linux oldld, aout, or coff. -linux*oldld* | linux*aout* | linux*coff*) - dynamic_linker=no - ;; - -# This must be Linux ELF. -linux*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - # This implies no fast_install, which is unacceptable. - # Some rework will be needed to allow for fast_install - # before this can be enabled. - hardcode_into_libs=yes - - # Append ld.so.conf contents to the search path - if test -f /etc/ld.so.conf; then - lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '` - sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" - fi - - # We used to test for /lib/ld.so.1 and disable shared libraries on - # powerpc, because MkLinux only supported shared libraries with the - # GNU dynamic linker. Since this was broken with cross compilers, - # most powerpc-linux boxes support dynamic linking these days and - # people can always --disable-shared, the test was removed, and we - # assume the GNU/Linux dynamic linker is in use. - dynamic_linker='GNU/Linux ld.so' - ;; - -knetbsd*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='GNU ld.so' - ;; - -netbsd*) - version_type=sunos - need_lib_prefix=no - need_version=no - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - dynamic_linker='NetBSD (a.out) ld.so' - else - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='NetBSD ld.elf_so' - fi - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - -newsos6) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -nto-qnx*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -openbsd*) - version_type=sunos - sys_lib_dlsearch_path_spec="/usr/lib" - need_lib_prefix=no - # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs. - case $host_os in - openbsd3.3 | openbsd3.3.*) need_version=yes ;; - *) need_version=no ;; - esac - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - shlibpath_var=LD_LIBRARY_PATH - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - case $host_os in - openbsd2.[89] | openbsd2.[89].*) - shlibpath_overrides_runpath=no - ;; - *) - shlibpath_overrides_runpath=yes - ;; - esac - else - shlibpath_overrides_runpath=yes - fi - ;; - -os2*) - libname_spec='$name' - shrext_cmds=".dll" - need_lib_prefix=no - library_names_spec='$libname${shared_ext} $libname.a' - dynamic_linker='OS/2 ld.exe' - shlibpath_var=LIBPATH - ;; - -osf3* | osf4* | osf5*) - version_type=osf - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib" - sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec" - ;; - -solaris*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - # ldd complains unless libraries are executable - postinstall_cmds='chmod +x $lib' - ;; - -sunos4*) - version_type=sunos - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - if test "$with_gnu_ld" = yes; then - need_lib_prefix=no - fi - need_version=yes - ;; - -sysv4 | sysv4.3*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - case $host_vendor in - sni) - shlibpath_overrides_runpath=no - need_lib_prefix=no - export_dynamic_flag_spec='${wl}-Blargedynsym' - runpath_var=LD_RUN_PATH - ;; - siemens) - need_lib_prefix=no - ;; - motorola) - need_lib_prefix=no - need_version=no - shlibpath_overrides_runpath=no - sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib' - ;; - esac - ;; - -sysv4*MP*) - if test -d /usr/nec ;then - version_type=linux - library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}' - soname_spec='$libname${shared_ext}.$major' - shlibpath_var=LD_LIBRARY_PATH - fi - ;; - -sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) - version_type=freebsd-elf - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - if test "$with_gnu_ld" = yes; then - sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib' - shlibpath_overrides_runpath=no - else - sys_lib_search_path_spec='/usr/ccs/lib /usr/lib' - shlibpath_overrides_runpath=yes - case $host_os in - sco3.2v5*) - sys_lib_search_path_spec="$sys_lib_search_path_spec /lib" - ;; - esac - fi - sys_lib_dlsearch_path_spec='/usr/lib' - ;; - -uts4*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -*) - dynamic_linker=no - ;; -esac -{ echo "$as_me:$LINENO: result: $dynamic_linker" >&5 -echo "${ECHO_T}$dynamic_linker" >&6; } -test "$dynamic_linker" = no && can_build_shared=no - -variables_saved_for_relink="PATH $shlibpath_var $runpath_var" -if test "$GCC" = yes; then - variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" -fi - -{ echo "$as_me:$LINENO: checking how to hardcode library paths into programs" >&5 -echo $ECHO_N "checking how to hardcode library paths into programs... $ECHO_C" >&6; } -hardcode_action= -if test -n "$hardcode_libdir_flag_spec" || \ - test -n "$runpath_var" || \ - test "X$hardcode_automatic" = "Xyes" ; then - - # We can hardcode non-existant directories. - if test "$hardcode_direct" != no && - # If the only mechanism to avoid hardcoding is shlibpath_var, we - # have to relink, otherwise we might link with an installed library - # when we should be linking with a yet-to-be-installed one - ## test "$_LT_AC_TAGVAR(hardcode_shlibpath_var, )" != no && - test "$hardcode_minus_L" != no; then - # Linking always hardcodes the temporary library directory. - hardcode_action=relink - else - # We can link without hardcoding, and we can hardcode nonexisting dirs. - hardcode_action=immediate - fi -else - # We cannot hardcode anything, or else we can only hardcode existing - # directories. - hardcode_action=unsupported -fi -{ echo "$as_me:$LINENO: result: $hardcode_action" >&5 -echo "${ECHO_T}$hardcode_action" >&6; } - -if test "$hardcode_action" = relink; then - # Fast installation is not supported - enable_fast_install=no -elif test "$shlibpath_overrides_runpath" = yes || - test "$enable_shared" = no; then - # Fast installation is not necessary - enable_fast_install=needless -fi - -striplib= -old_striplib= -{ echo "$as_me:$LINENO: checking whether stripping libraries is possible" >&5 -echo $ECHO_N "checking whether stripping libraries is possible... $ECHO_C" >&6; } -if test -n "$STRIP" && $STRIP -V 2>&1 | grep "GNU strip" >/dev/null; then - test -z "$old_striplib" && old_striplib="$STRIP --strip-debug" - test -z "$striplib" && striplib="$STRIP --strip-unneeded" - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } -else -# FIXME - insert some real tests, host_os isn't really good enough - case $host_os in - darwin*) - if test -n "$STRIP" ; then - striplib="$STRIP -x" - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - ;; - *) - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - esac -fi - -if test "x$enable_dlopen" != xyes; then - enable_dlopen=unknown - enable_dlopen_self=unknown - enable_dlopen_self_static=unknown -else - lt_cv_dlopen=no - lt_cv_dlopen_libs= - - case $host_os in - beos*) - lt_cv_dlopen="load_add_on" - lt_cv_dlopen_libs= - lt_cv_dlopen_self=yes - ;; - - mingw* | pw32*) - lt_cv_dlopen="LoadLibrary" - lt_cv_dlopen_libs= - ;; - - cygwin*) - lt_cv_dlopen="dlopen" - lt_cv_dlopen_libs= - ;; - - darwin*) - # if libdl is installed we need to link against it - { echo "$as_me:$LINENO: checking for dlopen in -ldl" >&5 -echo $ECHO_N "checking for dlopen in -ldl... $ECHO_C" >&6; } -if test "${ac_cv_lib_dl_dlopen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-ldl $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dlopen (); -int -main () -{ -return dlopen (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_dl_dlopen=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_dl_dlopen=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_dl_dlopen" >&5 -echo "${ECHO_T}$ac_cv_lib_dl_dlopen" >&6; } -if test $ac_cv_lib_dl_dlopen = yes; then - lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl" -else - - lt_cv_dlopen="dyld" - lt_cv_dlopen_libs= - lt_cv_dlopen_self=yes - -fi - - ;; - - *) - { echo "$as_me:$LINENO: checking for shl_load" >&5 -echo $ECHO_N "checking for shl_load... $ECHO_C" >&6; } -if test "${ac_cv_func_shl_load+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define shl_load to an innocuous variant, in case declares shl_load. - For example, HP-UX 11i declares gettimeofday. */ -#define shl_load innocuous_shl_load - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char shl_load (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef shl_load - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char shl_load (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_shl_load || defined __stub___shl_load -choke me -#endif - -int -main () -{ -return shl_load (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_shl_load=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_shl_load=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_shl_load" >&5 -echo "${ECHO_T}$ac_cv_func_shl_load" >&6; } -if test $ac_cv_func_shl_load = yes; then - lt_cv_dlopen="shl_load" -else - { echo "$as_me:$LINENO: checking for shl_load in -ldld" >&5 -echo $ECHO_N "checking for shl_load in -ldld... $ECHO_C" >&6; } -if test "${ac_cv_lib_dld_shl_load+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-ldld $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char shl_load (); -int -main () -{ -return shl_load (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_dld_shl_load=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_dld_shl_load=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_dld_shl_load" >&5 -echo "${ECHO_T}$ac_cv_lib_dld_shl_load" >&6; } -if test $ac_cv_lib_dld_shl_load = yes; then - lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-dld" -else - { echo "$as_me:$LINENO: checking for dlopen" >&5 -echo $ECHO_N "checking for dlopen... $ECHO_C" >&6; } -if test "${ac_cv_func_dlopen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define dlopen to an innocuous variant, in case declares dlopen. - For example, HP-UX 11i declares gettimeofday. */ -#define dlopen innocuous_dlopen - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char dlopen (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef dlopen - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dlopen (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_dlopen || defined __stub___dlopen -choke me -#endif - -int -main () -{ -return dlopen (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_dlopen=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_dlopen=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_dlopen" >&5 -echo "${ECHO_T}$ac_cv_func_dlopen" >&6; } -if test $ac_cv_func_dlopen = yes; then - lt_cv_dlopen="dlopen" -else - { echo "$as_me:$LINENO: checking for dlopen in -ldl" >&5 -echo $ECHO_N "checking for dlopen in -ldl... $ECHO_C" >&6; } -if test "${ac_cv_lib_dl_dlopen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-ldl $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dlopen (); -int -main () -{ -return dlopen (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_dl_dlopen=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_dl_dlopen=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_dl_dlopen" >&5 -echo "${ECHO_T}$ac_cv_lib_dl_dlopen" >&6; } -if test $ac_cv_lib_dl_dlopen = yes; then - lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl" -else - { echo "$as_me:$LINENO: checking for dlopen in -lsvld" >&5 -echo $ECHO_N "checking for dlopen in -lsvld... $ECHO_C" >&6; } -if test "${ac_cv_lib_svld_dlopen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lsvld $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dlopen (); -int -main () -{ -return dlopen (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_svld_dlopen=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_svld_dlopen=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_svld_dlopen" >&5 -echo "${ECHO_T}$ac_cv_lib_svld_dlopen" >&6; } -if test $ac_cv_lib_svld_dlopen = yes; then - lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld" -else - { echo "$as_me:$LINENO: checking for dld_link in -ldld" >&5 -echo $ECHO_N "checking for dld_link in -ldld... $ECHO_C" >&6; } -if test "${ac_cv_lib_dld_dld_link+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-ldld $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dld_link (); -int -main () -{ -return dld_link (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_dld_dld_link=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_dld_dld_link=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_dld_dld_link" >&5 -echo "${ECHO_T}$ac_cv_lib_dld_dld_link" >&6; } -if test $ac_cv_lib_dld_dld_link = yes; then - lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-dld" -fi - - -fi - - -fi - - -fi - - -fi - - -fi - - ;; - esac - - if test "x$lt_cv_dlopen" != xno; then - enable_dlopen=yes - else - enable_dlopen=no - fi - - case $lt_cv_dlopen in - dlopen) - save_CPPFLAGS="$CPPFLAGS" - test "x$ac_cv_header_dlfcn_h" = xyes && CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H" - - save_LDFLAGS="$LDFLAGS" - wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\" - - save_LIBS="$LIBS" - LIBS="$lt_cv_dlopen_libs $LIBS" - - { echo "$as_me:$LINENO: checking whether a program can dlopen itself" >&5 -echo $ECHO_N "checking whether a program can dlopen itself... $ECHO_C" >&6; } -if test "${lt_cv_dlopen_self+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test "$cross_compiling" = yes; then : - lt_cv_dlopen_self=cross -else - lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 - lt_status=$lt_dlunknown - cat > conftest.$ac_ext < -#endif - -#include - -#ifdef RTLD_GLOBAL -# define LT_DLGLOBAL RTLD_GLOBAL -#else -# ifdef DL_GLOBAL -# define LT_DLGLOBAL DL_GLOBAL -# else -# define LT_DLGLOBAL 0 -# endif -#endif - -/* We may have to define LT_DLLAZY_OR_NOW in the command line if we - find out it does not work in some platform. */ -#ifndef LT_DLLAZY_OR_NOW -# ifdef RTLD_LAZY -# define LT_DLLAZY_OR_NOW RTLD_LAZY -# else -# ifdef DL_LAZY -# define LT_DLLAZY_OR_NOW DL_LAZY -# else -# ifdef RTLD_NOW -# define LT_DLLAZY_OR_NOW RTLD_NOW -# else -# ifdef DL_NOW -# define LT_DLLAZY_OR_NOW DL_NOW -# else -# define LT_DLLAZY_OR_NOW 0 -# endif -# endif -# endif -# endif -#endif - -#ifdef __cplusplus -extern "C" void exit (int); -#endif - -void fnord() { int i=42;} -int main () -{ - void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW); - int status = $lt_dlunknown; - - if (self) - { - if (dlsym (self,"fnord")) status = $lt_dlno_uscore; - else if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore; - /* dlclose (self); */ - } - else - puts (dlerror ()); - - exit (status); -} -EOF - if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && test -s conftest${ac_exeext} 2>/dev/null; then - (./conftest; exit; ) >&5 2>/dev/null - lt_status=$? - case x$lt_status in - x$lt_dlno_uscore) lt_cv_dlopen_self=yes ;; - x$lt_dlneed_uscore) lt_cv_dlopen_self=yes ;; - x$lt_dlunknown|x*) lt_cv_dlopen_self=no ;; - esac - else : - # compilation failed - lt_cv_dlopen_self=no - fi -fi -rm -fr conftest* - - -fi -{ echo "$as_me:$LINENO: result: $lt_cv_dlopen_self" >&5 -echo "${ECHO_T}$lt_cv_dlopen_self" >&6; } - - if test "x$lt_cv_dlopen_self" = xyes; then - wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\" - { echo "$as_me:$LINENO: checking whether a statically linked program can dlopen itself" >&5 -echo $ECHO_N "checking whether a statically linked program can dlopen itself... $ECHO_C" >&6; } -if test "${lt_cv_dlopen_self_static+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test "$cross_compiling" = yes; then : - lt_cv_dlopen_self_static=cross -else - lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 - lt_status=$lt_dlunknown - cat > conftest.$ac_ext < -#endif - -#include - -#ifdef RTLD_GLOBAL -# define LT_DLGLOBAL RTLD_GLOBAL -#else -# ifdef DL_GLOBAL -# define LT_DLGLOBAL DL_GLOBAL -# else -# define LT_DLGLOBAL 0 -# endif -#endif - -/* We may have to define LT_DLLAZY_OR_NOW in the command line if we - find out it does not work in some platform. */ -#ifndef LT_DLLAZY_OR_NOW -# ifdef RTLD_LAZY -# define LT_DLLAZY_OR_NOW RTLD_LAZY -# else -# ifdef DL_LAZY -# define LT_DLLAZY_OR_NOW DL_LAZY -# else -# ifdef RTLD_NOW -# define LT_DLLAZY_OR_NOW RTLD_NOW -# else -# ifdef DL_NOW -# define LT_DLLAZY_OR_NOW DL_NOW -# else -# define LT_DLLAZY_OR_NOW 0 -# endif -# endif -# endif -# endif -#endif - -#ifdef __cplusplus -extern "C" void exit (int); -#endif - -void fnord() { int i=42;} -int main () -{ - void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW); - int status = $lt_dlunknown; - - if (self) - { - if (dlsym (self,"fnord")) status = $lt_dlno_uscore; - else if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore; - /* dlclose (self); */ - } - else - puts (dlerror ()); - - exit (status); -} -EOF - if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && test -s conftest${ac_exeext} 2>/dev/null; then - (./conftest; exit; ) >&5 2>/dev/null - lt_status=$? - case x$lt_status in - x$lt_dlno_uscore) lt_cv_dlopen_self_static=yes ;; - x$lt_dlneed_uscore) lt_cv_dlopen_self_static=yes ;; - x$lt_dlunknown|x*) lt_cv_dlopen_self_static=no ;; - esac - else : - # compilation failed - lt_cv_dlopen_self_static=no - fi -fi -rm -fr conftest* - - -fi -{ echo "$as_me:$LINENO: result: $lt_cv_dlopen_self_static" >&5 -echo "${ECHO_T}$lt_cv_dlopen_self_static" >&6; } - fi - - CPPFLAGS="$save_CPPFLAGS" - LDFLAGS="$save_LDFLAGS" - LIBS="$save_LIBS" - ;; - esac - - case $lt_cv_dlopen_self in - yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;; - *) enable_dlopen_self=unknown ;; - esac - - case $lt_cv_dlopen_self_static in - yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;; - *) enable_dlopen_self_static=unknown ;; - esac -fi - - -# Report which library types will actually be built -{ echo "$as_me:$LINENO: checking if libtool supports shared libraries" >&5 -echo $ECHO_N "checking if libtool supports shared libraries... $ECHO_C" >&6; } -{ echo "$as_me:$LINENO: result: $can_build_shared" >&5 -echo "${ECHO_T}$can_build_shared" >&6; } - -{ echo "$as_me:$LINENO: checking whether to build shared libraries" >&5 -echo $ECHO_N "checking whether to build shared libraries... $ECHO_C" >&6; } -test "$can_build_shared" = "no" && enable_shared=no - -# On AIX, shared libraries and static libraries use the same namespace, and -# are all built from PIC. -case $host_os in -aix3*) - test "$enable_shared" = yes && enable_static=no - if test -n "$RANLIB"; then - archive_cmds="$archive_cmds~\$RANLIB \$lib" - postinstall_cmds='$RANLIB $lib' - fi - ;; - -aix4* | aix5*) - if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then - test "$enable_shared" = yes && enable_static=no - fi - ;; -esac -{ echo "$as_me:$LINENO: result: $enable_shared" >&5 -echo "${ECHO_T}$enable_shared" >&6; } - -{ echo "$as_me:$LINENO: checking whether to build static libraries" >&5 -echo $ECHO_N "checking whether to build static libraries... $ECHO_C" >&6; } -# Make sure either enable_shared or enable_static is yes. -test "$enable_shared" = yes || enable_static=yes -{ echo "$as_me:$LINENO: result: $enable_static" >&5 -echo "${ECHO_T}$enable_static" >&6; } - -# The else clause should only fire when bootstrapping the -# libtool distribution, otherwise you forgot to ship ltmain.sh -# with your package, and you will get complaints that there are -# no rules to generate ltmain.sh. -if test -f "$ltmain"; then - # See if we are running on zsh, and set the options which allow our commands through - # without removal of \ escapes. - if test -n "${ZSH_VERSION+set}" ; then - setopt NO_GLOB_SUBST - fi - # Now quote all the things that may contain metacharacters while being - # careful not to overquote the AC_SUBSTed values. We take copies of the - # variables and quote the copies for generation of the libtool script. - for var in echo old_CC old_CFLAGS AR AR_FLAGS EGREP RANLIB LN_S LTCC LTCFLAGS NM \ - SED SHELL STRIP \ - libname_spec library_names_spec soname_spec extract_expsyms_cmds \ - old_striplib striplib file_magic_cmd finish_cmds finish_eval \ - deplibs_check_method reload_flag reload_cmds need_locks \ - lt_cv_sys_global_symbol_pipe lt_cv_sys_global_symbol_to_cdecl \ - lt_cv_sys_global_symbol_to_c_name_address \ - sys_lib_search_path_spec sys_lib_dlsearch_path_spec \ - old_postinstall_cmds old_postuninstall_cmds \ - compiler \ - CC \ - LD \ - lt_prog_compiler_wl \ - lt_prog_compiler_pic \ - lt_prog_compiler_static \ - lt_prog_compiler_no_builtin_flag \ - export_dynamic_flag_spec \ - thread_safe_flag_spec \ - whole_archive_flag_spec \ - enable_shared_with_static_runtimes \ - old_archive_cmds \ - old_archive_from_new_cmds \ - predep_objects \ - postdep_objects \ - predeps \ - postdeps \ - compiler_lib_search_path \ - archive_cmds \ - archive_expsym_cmds \ - postinstall_cmds \ - postuninstall_cmds \ - old_archive_from_expsyms_cmds \ - allow_undefined_flag \ - no_undefined_flag \ - export_symbols_cmds \ - hardcode_libdir_flag_spec \ - hardcode_libdir_flag_spec_ld \ - hardcode_libdir_separator \ - hardcode_automatic \ - module_cmds \ - module_expsym_cmds \ - lt_cv_prog_compiler_c_o \ - exclude_expsyms \ - include_expsyms; do - - case $var in - old_archive_cmds | \ - old_archive_from_new_cmds | \ - archive_cmds | \ - archive_expsym_cmds | \ - module_cmds | \ - module_expsym_cmds | \ - old_archive_from_expsyms_cmds | \ - export_symbols_cmds | \ - extract_expsyms_cmds | reload_cmds | finish_cmds | \ - postinstall_cmds | postuninstall_cmds | \ - old_postinstall_cmds | old_postuninstall_cmds | \ - sys_lib_search_path_spec | sys_lib_dlsearch_path_spec) - # Double-quote double-evaled strings. - eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$double_quote_subst\" -e \"\$sed_quote_subst\" -e \"\$delay_variable_subst\"\`\\\"" - ;; - *) - eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$sed_quote_subst\"\`\\\"" - ;; - esac - done - - case $lt_echo in - *'\$0 --fallback-echo"') - lt_echo=`$echo "X$lt_echo" | $Xsed -e 's/\\\\\\\$0 --fallback-echo"$/$0 --fallback-echo"/'` - ;; - esac - -cfgfile="${ofile}T" - trap "$rm \"$cfgfile\"; exit 1" 1 2 15 - $rm -f "$cfgfile" - { echo "$as_me:$LINENO: creating $ofile" >&5 -echo "$as_me: creating $ofile" >&6;} - - cat <<__EOF__ >> "$cfgfile" -#! $SHELL - -# `$echo "$cfgfile" | sed 's%^.*/%%'` - Provide generalized library-building support services. -# Generated automatically by $PROGRAM (GNU $PACKAGE $VERSION$TIMESTAMP) -# NOTE: Changes made to this file will be lost: look at ltmain.sh. -# -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001 -# Free Software Foundation, Inc. -# -# This file is part of GNU Libtool: -# Originally by Gordon Matzigkeit , 1996 -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - -# A sed program that does not truncate output. -SED=$lt_SED - -# Sed that helps us avoid accidentally triggering echo(1) options like -n. -Xsed="$SED -e 1s/^X//" - -# The HP-UX ksh and POSIX shell print the target directory to stdout -# if CDPATH is set. -(unset CDPATH) >/dev/null 2>&1 && unset CDPATH - -# The names of the tagged configurations supported by this script. -available_tags= - -# ### BEGIN LIBTOOL CONFIG - -# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: - -# Shell to use when invoking shell scripts. -SHELL=$lt_SHELL - -# Whether or not to build shared libraries. -build_libtool_libs=$enable_shared - -# Whether or not to build static libraries. -build_old_libs=$enable_static - -# Whether or not to add -lc for building shared libraries. -build_libtool_need_lc=$archive_cmds_need_lc - -# Whether or not to disallow shared libs when runtime libs are static -allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes - -# Whether or not to optimize for fast installation. -fast_install=$enable_fast_install - -# The host system. -host_alias=$host_alias -host=$host -host_os=$host_os - -# The build system. -build_alias=$build_alias -build=$build -build_os=$build_os - -# An echo program that does not interpret backslashes. -echo=$lt_echo - -# The archiver. -AR=$lt_AR -AR_FLAGS=$lt_AR_FLAGS - -# A C compiler. -LTCC=$lt_LTCC - -# LTCC compiler flags. -LTCFLAGS=$lt_LTCFLAGS - -# A language-specific compiler. -CC=$lt_compiler - -# Is the compiler the GNU C compiler? -with_gcc=$GCC - -# An ERE matcher. -EGREP=$lt_EGREP - -# The linker used to build libraries. -LD=$lt_LD - -# Whether we need hard or soft links. -LN_S=$lt_LN_S - -# A BSD-compatible nm program. -NM=$lt_NM - -# A symbol stripping program -STRIP=$lt_STRIP - -# Used to examine libraries when file_magic_cmd begins "file" -MAGIC_CMD=$MAGIC_CMD - -# Used on cygwin: DLL creation program. -DLLTOOL="$DLLTOOL" - -# Used on cygwin: object dumper. -OBJDUMP="$OBJDUMP" - -# Used on cygwin: assembler. -AS="$AS" - -# The name of the directory that contains temporary libtool files. -objdir=$objdir - -# How to create reloadable object files. -reload_flag=$lt_reload_flag -reload_cmds=$lt_reload_cmds - -# How to pass a linker flag through the compiler. -wl=$lt_lt_prog_compiler_wl - -# Object file suffix (normally "o"). -objext="$ac_objext" - -# Old archive suffix (normally "a"). -libext="$libext" - -# Shared library suffix (normally ".so"). -shrext_cmds='$shrext_cmds' - -# Executable file suffix (normally ""). -exeext="$exeext" - -# Additional compiler flags for building library objects. -pic_flag=$lt_lt_prog_compiler_pic -pic_mode=$pic_mode - -# What is the maximum length of a command? -max_cmd_len=$lt_cv_sys_max_cmd_len - -# Does compiler simultaneously support -c and -o options? -compiler_c_o=$lt_lt_cv_prog_compiler_c_o - -# Must we lock files when doing compilation? -need_locks=$lt_need_locks - -# Do we need the lib prefix for modules? -need_lib_prefix=$need_lib_prefix - -# Do we need a version for libraries? -need_version=$need_version - -# Whether dlopen is supported. -dlopen_support=$enable_dlopen - -# Whether dlopen of programs is supported. -dlopen_self=$enable_dlopen_self - -# Whether dlopen of statically linked programs is supported. -dlopen_self_static=$enable_dlopen_self_static - -# Compiler flag to prevent dynamic linking. -link_static_flag=$lt_lt_prog_compiler_static - -# Compiler flag to turn off builtin functions. -no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag - -# Compiler flag to allow reflexive dlopens. -export_dynamic_flag_spec=$lt_export_dynamic_flag_spec - -# Compiler flag to generate shared objects directly from archives. -whole_archive_flag_spec=$lt_whole_archive_flag_spec - -# Compiler flag to generate thread-safe objects. -thread_safe_flag_spec=$lt_thread_safe_flag_spec - -# Library versioning type. -version_type=$version_type - -# Format of library name prefix. -libname_spec=$lt_libname_spec - -# List of archive names. First name is the real one, the rest are links. -# The last name is the one that the linker finds with -lNAME. -library_names_spec=$lt_library_names_spec - -# The coded name of the library, if different from the real name. -soname_spec=$lt_soname_spec - -# Commands used to build and install an old-style archive. -RANLIB=$lt_RANLIB -old_archive_cmds=$lt_old_archive_cmds -old_postinstall_cmds=$lt_old_postinstall_cmds -old_postuninstall_cmds=$lt_old_postuninstall_cmds - -# Create an old-style archive from a shared archive. -old_archive_from_new_cmds=$lt_old_archive_from_new_cmds - -# Create a temporary old-style archive to link instead of a shared archive. -old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds - -# Commands used to build and install a shared archive. -archive_cmds=$lt_archive_cmds -archive_expsym_cmds=$lt_archive_expsym_cmds -postinstall_cmds=$lt_postinstall_cmds -postuninstall_cmds=$lt_postuninstall_cmds - -# Commands used to build a loadable module (assumed same as above if empty) -module_cmds=$lt_module_cmds -module_expsym_cmds=$lt_module_expsym_cmds - -# Commands to strip libraries. -old_striplib=$lt_old_striplib -striplib=$lt_striplib - -# Dependencies to place before the objects being linked to create a -# shared library. -predep_objects=$lt_predep_objects - -# Dependencies to place after the objects being linked to create a -# shared library. -postdep_objects=$lt_postdep_objects - -# Dependencies to place before the objects being linked to create a -# shared library. -predeps=$lt_predeps - -# Dependencies to place after the objects being linked to create a -# shared library. -postdeps=$lt_postdeps - -# The library search path used internally by the compiler when linking -# a shared library. -compiler_lib_search_path=$lt_compiler_lib_search_path - -# Method to check whether dependent libraries are shared objects. -deplibs_check_method=$lt_deplibs_check_method - -# Command to use when deplibs_check_method == file_magic. -file_magic_cmd=$lt_file_magic_cmd - -# Flag that allows shared libraries with undefined symbols to be built. -allow_undefined_flag=$lt_allow_undefined_flag - -# Flag that forces no undefined symbols. -no_undefined_flag=$lt_no_undefined_flag - -# Commands used to finish a libtool library installation in a directory. -finish_cmds=$lt_finish_cmds - -# Same as above, but a single script fragment to be evaled but not shown. -finish_eval=$lt_finish_eval - -# Take the output of nm and produce a listing of raw symbols and C names. -global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe - -# Transform the output of nm in a proper C declaration -global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl - -# Transform the output of nm in a C name address pair -global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address - -# This is the shared library runtime path variable. -runpath_var=$runpath_var - -# This is the shared library path variable. -shlibpath_var=$shlibpath_var - -# Is shlibpath searched before the hard-coded library search path? -shlibpath_overrides_runpath=$shlibpath_overrides_runpath - -# How to hardcode a shared library path into an executable. -hardcode_action=$hardcode_action - -# Whether we should hardcode library paths into libraries. -hardcode_into_libs=$hardcode_into_libs - -# Flag to hardcode \$libdir into a binary during linking. -# This must work even if \$libdir does not exist. -hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec - -# If ld is used when linking, flag to hardcode \$libdir into -# a binary during linking. This must work even if \$libdir does -# not exist. -hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld - -# Whether we need a single -rpath flag with a separated argument. -hardcode_libdir_separator=$lt_hardcode_libdir_separator - -# Set to yes if using DIR/libNAME${shared_ext} during linking hardcodes DIR into the -# resulting binary. -hardcode_direct=$hardcode_direct - -# Set to yes if using the -LDIR flag during linking hardcodes DIR into the -# resulting binary. -hardcode_minus_L=$hardcode_minus_L - -# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into -# the resulting binary. -hardcode_shlibpath_var=$hardcode_shlibpath_var - -# Set to yes if building a shared library automatically hardcodes DIR into the library -# and all subsequent libraries and executables linked against it. -hardcode_automatic=$hardcode_automatic - -# Variables whose values should be saved in libtool wrapper scripts and -# restored at relink time. -variables_saved_for_relink="$variables_saved_for_relink" - -# Whether libtool must link a program against all its dependency libraries. -link_all_deplibs=$link_all_deplibs - -# Compile-time system search path for libraries -sys_lib_search_path_spec=$lt_sys_lib_search_path_spec - -# Run-time system search path for libraries -sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec - -# Fix the shell variable \$srcfile for the compiler. -fix_srcfile_path="$fix_srcfile_path" - -# Set to yes if exported symbols are required. -always_export_symbols=$always_export_symbols - -# The commands to list exported symbols. -export_symbols_cmds=$lt_export_symbols_cmds - -# The commands to extract the exported symbol list from a shared archive. -extract_expsyms_cmds=$lt_extract_expsyms_cmds - -# Symbols that should not be listed in the preloaded symbols. -exclude_expsyms=$lt_exclude_expsyms - -# Symbols that must always be exported. -include_expsyms=$lt_include_expsyms - -# ### END LIBTOOL CONFIG - -__EOF__ - - - case $host_os in - aix3*) - cat <<\EOF >> "$cfgfile" - -# AIX sometimes has problems with the GCC collect2 program. For some -# reason, if we set the COLLECT_NAMES environment variable, the problems -# vanish in a puff of smoke. -if test "X${COLLECT_NAMES+set}" != Xset; then - COLLECT_NAMES= - export COLLECT_NAMES -fi -EOF - ;; - esac - - # We use sed instead of cat because bash on DJGPP gets confused if - # if finds mixed CR/LF and LF-only lines. Since sed operates in - # text mode, it properly converts lines to CR/LF. This bash problem - # is reportedly fixed, but why not run on old versions too? - sed '$q' "$ltmain" >> "$cfgfile" || (rm -f "$cfgfile"; exit 1) - - mv -f "$cfgfile" "$ofile" || \ - (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile") - chmod +x "$ofile" - -else - # If there is no Makefile yet, we rely on a make rule to execute - # `config.status --recheck' to rerun these tests and create the - # libtool script then. - ltmain_in=`echo $ltmain | sed -e 's/\.sh$/.in/'` - if test -f "$ltmain_in"; then - test -f Makefile && make "$ltmain" - fi -fi - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -CC="$lt_save_CC" - - -# Check whether --with-tags was given. -if test "${with_tags+set}" = set; then - withval=$with_tags; tagnames="$withval" -fi - - -if test -f "$ltmain" && test -n "$tagnames"; then - if test ! -f "${ofile}"; then - { echo "$as_me:$LINENO: WARNING: output file \`$ofile' does not exist" >&5 -echo "$as_me: WARNING: output file \`$ofile' does not exist" >&2;} - fi - - if test -z "$LTCC"; then - eval "`$SHELL ${ofile} --config | grep '^LTCC='`" - if test -z "$LTCC"; then - { echo "$as_me:$LINENO: WARNING: output file \`$ofile' does not look like a libtool script" >&5 -echo "$as_me: WARNING: output file \`$ofile' does not look like a libtool script" >&2;} - else - { echo "$as_me:$LINENO: WARNING: using \`LTCC=$LTCC', extracted from \`$ofile'" >&5 -echo "$as_me: WARNING: using \`LTCC=$LTCC', extracted from \`$ofile'" >&2;} - fi - fi - if test -z "$LTCFLAGS"; then - eval "`$SHELL ${ofile} --config | grep '^LTCFLAGS='`" - fi - - # Extract list of available tagged configurations in $ofile. - # Note that this assumes the entire list is on one line. - available_tags=`grep "^available_tags=" "${ofile}" | $SED -e 's/available_tags=\(.*$\)/\1/' -e 's/\"//g'` - - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for tagname in $tagnames; do - IFS="$lt_save_ifs" - # Check whether tagname contains only valid characters - case `$echo "X$tagname" | $Xsed -e 's:[-_ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890,/]::g'` in - "") ;; - *) { { echo "$as_me:$LINENO: error: invalid tag name: $tagname" >&5 -echo "$as_me: error: invalid tag name: $tagname" >&2;} - { (exit 1); exit 1; }; } - ;; - esac - - if grep "^# ### BEGIN LIBTOOL TAG CONFIG: $tagname$" < "${ofile}" > /dev/null - then - { { echo "$as_me:$LINENO: error: tag name \"$tagname\" already exists" >&5 -echo "$as_me: error: tag name \"$tagname\" already exists" >&2;} - { (exit 1); exit 1; }; } - fi - - # Update the list of available tags. - if test -n "$tagname"; then - echo appending configuration tag \"$tagname\" to $ofile - - case $tagname in - CXX) - if test -n "$CXX" && ( test "X$CXX" != "Xno" && - ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) || - (test "X$CXX" != "Xg++"))) ; then - ac_ext=cpp -ac_cpp='$CXXCPP $CPPFLAGS' -ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_cxx_compiler_gnu - - - - -archive_cmds_need_lc_CXX=no -allow_undefined_flag_CXX= -always_export_symbols_CXX=no -archive_expsym_cmds_CXX= -export_dynamic_flag_spec_CXX= -hardcode_direct_CXX=no -hardcode_libdir_flag_spec_CXX= -hardcode_libdir_flag_spec_ld_CXX= -hardcode_libdir_separator_CXX= -hardcode_minus_L_CXX=no -hardcode_shlibpath_var_CXX=unsupported -hardcode_automatic_CXX=no -module_cmds_CXX= -module_expsym_cmds_CXX= -link_all_deplibs_CXX=unknown -old_archive_cmds_CXX=$old_archive_cmds -no_undefined_flag_CXX= -whole_archive_flag_spec_CXX= -enable_shared_with_static_runtimes_CXX=no - -# Dependencies to place before and after the object being linked: -predep_objects_CXX= -postdep_objects_CXX= -predeps_CXX= -postdeps_CXX= -compiler_lib_search_path_CXX= - -# Source file extension for C++ test sources. -ac_ext=cpp - -# Object file extension for compiled C++ test sources. -objext=o -objext_CXX=$objext - -# Code to be used in simple compile tests -lt_simple_compile_test_code="int some_variable = 0;\n" - -# Code to be used in simple link tests -lt_simple_link_test_code='int main(int, char *[]) { return(0); }\n' - -# ltmain only uses $CC for tagged configurations so make sure $CC is set. - -# If no C compiler was specified, use CC. -LTCC=${LTCC-"$CC"} - -# If no C compiler flags were specified, use CFLAGS. -LTCFLAGS=${LTCFLAGS-"$CFLAGS"} - -# Allow CC to be a program name with arguments. -compiler=$CC - - -# save warnings/boilerplate of simple test code -ac_outfile=conftest.$ac_objext -printf "$lt_simple_compile_test_code" >conftest.$ac_ext -eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_compiler_boilerplate=`cat conftest.err` -$rm conftest* - -ac_outfile=conftest.$ac_objext -printf "$lt_simple_link_test_code" >conftest.$ac_ext -eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_linker_boilerplate=`cat conftest.err` -$rm conftest* - - -# Allow CC to be a program name with arguments. -lt_save_CC=$CC -lt_save_LD=$LD -lt_save_GCC=$GCC -GCC=$GXX -lt_save_with_gnu_ld=$with_gnu_ld -lt_save_path_LD=$lt_cv_path_LD -if test -n "${lt_cv_prog_gnu_ldcxx+set}"; then - lt_cv_prog_gnu_ld=$lt_cv_prog_gnu_ldcxx -else - $as_unset lt_cv_prog_gnu_ld -fi -if test -n "${lt_cv_path_LDCXX+set}"; then - lt_cv_path_LD=$lt_cv_path_LDCXX -else - $as_unset lt_cv_path_LD -fi -test -z "${LDCXX+set}" || LD=$LDCXX -CC=${CXX-"c++"} -compiler=$CC -compiler_CXX=$CC -for cc_temp in $compiler""; do - case $cc_temp in - compile | *[\\/]compile | ccache | *[\\/]ccache ) ;; - distcc | *[\\/]distcc | purify | *[\\/]purify ) ;; - \-*) ;; - *) break;; - esac -done -cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` - - -# We don't want -fno-exception wen compiling C++ code, so set the -# no_builtin_flag separately -if test "$GXX" = yes; then - lt_prog_compiler_no_builtin_flag_CXX=' -fno-builtin' -else - lt_prog_compiler_no_builtin_flag_CXX= -fi - -if test "$GXX" = yes; then - # Set up default GNU C++ configuration - - -# Check whether --with-gnu-ld was given. -if test "${with_gnu_ld+set}" = set; then - withval=$with_gnu_ld; test "$withval" = no || with_gnu_ld=yes -else - with_gnu_ld=no -fi - -ac_prog=ld -if test "$GCC" = yes; then - # Check if gcc -print-prog-name=ld gives a path. - { echo "$as_me:$LINENO: checking for ld used by $CC" >&5 -echo $ECHO_N "checking for ld used by $CC... $ECHO_C" >&6; } - case $host in - *-*-mingw*) - # gcc leaves a trailing carriage return which upsets mingw - ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;; - *) - ac_prog=`($CC -print-prog-name=ld) 2>&5` ;; - esac - case $ac_prog in - # Accept absolute paths. - [\\/]* | ?:[\\/]*) - re_direlt='/[^/][^/]*/\.\./' - # Canonicalize the pathname of ld - ac_prog=`echo $ac_prog| $SED 's%\\\\%/%g'` - while echo $ac_prog | grep "$re_direlt" > /dev/null 2>&1; do - ac_prog=`echo $ac_prog| $SED "s%$re_direlt%/%"` - done - test -z "$LD" && LD="$ac_prog" - ;; - "") - # If it fails, then pretend we aren't using GCC. - ac_prog=ld - ;; - *) - # If it is relative, then search for the first ld in PATH. - with_gnu_ld=unknown - ;; - esac -elif test "$with_gnu_ld" = yes; then - { echo "$as_me:$LINENO: checking for GNU ld" >&5 -echo $ECHO_N "checking for GNU ld... $ECHO_C" >&6; } -else - { echo "$as_me:$LINENO: checking for non-GNU ld" >&5 -echo $ECHO_N "checking for non-GNU ld... $ECHO_C" >&6; } -fi -if test "${lt_cv_path_LD+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -z "$LD"; then - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - for ac_dir in $PATH; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then - lt_cv_path_LD="$ac_dir/$ac_prog" - # Check to see if the program is GNU ld. I'd rather use --version, - # but apparently some variants of GNU ld only accept -v. - # Break only if it was the GNU/non-GNU ld that we prefer. - case `"$lt_cv_path_LD" -v 2>&1 &5 -echo "${ECHO_T}$LD" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi -test -z "$LD" && { { echo "$as_me:$LINENO: error: no acceptable ld found in \$PATH" >&5 -echo "$as_me: error: no acceptable ld found in \$PATH" >&2;} - { (exit 1); exit 1; }; } -{ echo "$as_me:$LINENO: checking if the linker ($LD) is GNU ld" >&5 -echo $ECHO_N "checking if the linker ($LD) is GNU ld... $ECHO_C" >&6; } -if test "${lt_cv_prog_gnu_ld+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - # I'd rather use --version here, but apparently some GNU lds only accept -v. -case `$LD -v 2>&1 &5 -echo "${ECHO_T}$lt_cv_prog_gnu_ld" >&6; } -with_gnu_ld=$lt_cv_prog_gnu_ld - - - - # Check if GNU C++ uses GNU ld as the underlying linker, since the - # archiving commands below assume that GNU ld is being used. - if test "$with_gnu_ld" = yes; then - archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - - hardcode_libdir_flag_spec_CXX='${wl}--rpath ${wl}$libdir' - export_dynamic_flag_spec_CXX='${wl}--export-dynamic' - - # If archive_cmds runs LD, not CC, wlarc should be empty - # XXX I think wlarc can be eliminated in ltcf-cxx, but I need to - # investigate it a little bit more. (MM) - wlarc='${wl}' - - # ancient GNU ld didn't support --whole-archive et. al. - if eval "`$CC -print-prog-name=ld` --help 2>&1" | \ - grep 'no-whole-archive' > /dev/null; then - whole_archive_flag_spec_CXX="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' - else - whole_archive_flag_spec_CXX= - fi - else - with_gnu_ld=no - wlarc= - - # A generic and very simple default shared library creation - # command for GNU C++ for the case where it uses the native - # linker, instead of GNU ld. If possible, this setting should - # overridden to take advantage of the native linker features on - # the platform it is being used on. - archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib' - fi - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"' - -else - GXX=no - with_gnu_ld=no - wlarc= -fi - -# PORTME: fill in a description of your system's C++ link characteristics -{ echo "$as_me:$LINENO: checking whether the $compiler linker ($LD) supports shared libraries" >&5 -echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared libraries... $ECHO_C" >&6; } -ld_shlibs_CXX=yes -case $host_os in - aix3*) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - aix4* | aix5*) - if test "$host_cpu" = ia64; then - # On IA64, the linker does run time linking by default, so we don't - # have to do anything special. - aix_use_runtimelinking=no - exp_sym_flag='-Bexport' - no_entry_flag="" - else - aix_use_runtimelinking=no - - # Test if we are trying to use run time linking or normal - # AIX style linking. If -brtl is somewhere in LDFLAGS, we - # need to do runtime linking. - case $host_os in aix4.[23]|aix4.[23].*|aix5*) - for ld_flag in $LDFLAGS; do - case $ld_flag in - *-brtl*) - aix_use_runtimelinking=yes - break - ;; - esac - done - ;; - esac - - exp_sym_flag='-bexport' - no_entry_flag='-bnoentry' - fi - - # When large executables or shared objects are built, AIX ld can - # have problems creating the table of contents. If linking a library - # or program results in "error TOC overflow" add -mminimal-toc to - # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not - # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. - - archive_cmds_CXX='' - hardcode_direct_CXX=yes - hardcode_libdir_separator_CXX=':' - link_all_deplibs_CXX=yes - - if test "$GXX" = yes; then - case $host_os in aix4.[012]|aix4.[012].*) - # We only want to do this on AIX 4.2 and lower, the check - # below for broken collect2 doesn't work under 4.3+ - collect2name=`${CC} -print-prog-name=collect2` - if test -f "$collect2name" && \ - strings "$collect2name" | grep resolve_lib_name >/dev/null - then - # We have reworked collect2 - hardcode_direct_CXX=yes - else - # We have old collect2 - hardcode_direct_CXX=unsupported - # It fails to find uninstalled libraries when the uninstalled - # path is not listed in the libpath. Setting hardcode_minus_L - # to unsupported forces relinking - hardcode_minus_L_CXX=yes - hardcode_libdir_flag_spec_CXX='-L$libdir' - hardcode_libdir_separator_CXX= - fi - ;; - esac - shared_flag='-shared' - if test "$aix_use_runtimelinking" = yes; then - shared_flag="$shared_flag "'${wl}-G' - fi - else - # not using gcc - if test "$host_cpu" = ia64; then - # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release - # chokes on -Wl,-G. The following line is correct: - shared_flag='-G' - else - if test "$aix_use_runtimelinking" = yes; then - shared_flag='${wl}-G' - else - shared_flag='${wl}-bM:SRE' - fi - fi - fi - - # It seems that -bexpall does not export symbols beginning with - # underscore (_), so it is better to generate a list of symbols to export. - always_export_symbols_CXX=yes - if test "$aix_use_runtimelinking" = yes; then - # Warning - without using the other runtime loading flags (-brtl), - # -berok will link without error, but may produce a broken library. - allow_undefined_flag_CXX='-berok' - # Determine the default libpath from the value encoded in an empty executable. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'`; fi -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi - - hardcode_libdir_flag_spec_CXX='${wl}-blibpath:$libdir:'"$aix_libpath" - - archive_expsym_cmds_CXX="\$CC"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then echo "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" - else - if test "$host_cpu" = ia64; then - hardcode_libdir_flag_spec_CXX='${wl}-R $libdir:/usr/lib:/lib' - allow_undefined_flag_CXX="-z nodefs" - archive_expsym_cmds_CXX="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols" - else - # Determine the default libpath from the value encoded in an empty executable. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'`; fi -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi - - hardcode_libdir_flag_spec_CXX='${wl}-blibpath:$libdir:'"$aix_libpath" - # Warning - without using the other run time loading flags, - # -berok will link without error, but may produce a broken library. - no_undefined_flag_CXX=' ${wl}-bernotok' - allow_undefined_flag_CXX=' ${wl}-berok' - # Exported symbols can be pulled into shared objects from archives - whole_archive_flag_spec_CXX='$convenience' - archive_cmds_need_lc_CXX=yes - # This is similar to how AIX traditionally builds its shared libraries. - archive_expsym_cmds_CXX="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname' - fi - fi - ;; - - beos*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - allow_undefined_flag_CXX=unsupported - # Joseph Beckenbach says some releases of gcc - # support --undefined. This deserves some investigation. FIXME - archive_cmds_CXX='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - else - ld_shlibs_CXX=no - fi - ;; - - chorus*) - case $cc_basename in - *) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - esac - ;; - - cygwin* | mingw* | pw32*) - # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, CXX) is actually meaningless, - # as there is no search path for DLLs. - hardcode_libdir_flag_spec_CXX='-L$libdir' - allow_undefined_flag_CXX=unsupported - always_export_symbols_CXX=no - enable_shared_with_static_runtimes_CXX=yes - - if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then - archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - # If the export-symbols file already is a .def file (1st line - # is EXPORTS), use it as is; otherwise, prepend... - archive_expsym_cmds_CXX='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then - cp $export_symbols $output_objdir/$soname.def; - else - echo EXPORTS > $output_objdir/$soname.def; - cat $export_symbols >> $output_objdir/$soname.def; - fi~ - $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - else - ld_shlibs_CXX=no - fi - ;; - darwin* | rhapsody*) - case $host_os in - rhapsody* | darwin1.[012]) - allow_undefined_flag_CXX='${wl}-undefined ${wl}suppress' - ;; - *) # Darwin 1.3 on - if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then - allow_undefined_flag_CXX='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - else - case ${MACOSX_DEPLOYMENT_TARGET} in - 10.[012]) - allow_undefined_flag_CXX='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - ;; - 10.*) - allow_undefined_flag_CXX='${wl}-undefined ${wl}dynamic_lookup' - ;; - esac - fi - ;; - esac - archive_cmds_need_lc_CXX=no - hardcode_direct_CXX=no - hardcode_automatic_CXX=yes - hardcode_shlibpath_var_CXX=unsupported - whole_archive_flag_spec_CXX='' - link_all_deplibs_CXX=yes - - if test "$GXX" = yes ; then - lt_int_apple_cc_single_mod=no - output_verbose_link_cmd='echo' - if $CC -dumpspecs 2>&1 | $EGREP 'single_module' >/dev/null ; then - lt_int_apple_cc_single_mod=yes - fi - if test "X$lt_int_apple_cc_single_mod" = Xyes ; then - archive_cmds_CXX='$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - else - archive_cmds_CXX='$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - fi - module_cmds_CXX='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - if test "X$lt_int_apple_cc_single_mod" = Xyes ; then - archive_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - archive_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - fi - module_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - case $cc_basename in - xlc*) - output_verbose_link_cmd='echo' - archive_cmds_CXX='$CC -qmkshrobj ${wl}-single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring' - module_cmds_CXX='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - archive_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj ${wl}-single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - module_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - ;; - *) - ld_shlibs_CXX=no - ;; - esac - fi - ;; - - dgux*) - case $cc_basename in - ec++*) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - ghcx*) - # Green Hills C++ Compiler - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - *) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - esac - ;; - freebsd[12]*) - # C++ shared libraries reported to be fairly broken before switch to ELF - ld_shlibs_CXX=no - ;; - freebsd-elf*) - archive_cmds_need_lc_CXX=no - ;; - freebsd* | kfreebsd*-gnu | dragonfly*) - # FreeBSD 3 and later use GNU C++ and GNU ld with standard ELF - # conventions - ld_shlibs_CXX=yes - ;; - gnu*) - ;; - hpux9*) - hardcode_libdir_flag_spec_CXX='${wl}+b ${wl}$libdir' - hardcode_libdir_separator_CXX=: - export_dynamic_flag_spec_CXX='${wl}-E' - hardcode_direct_CXX=yes - hardcode_minus_L_CXX=yes # Not in the search PATH, - # but as the default - # location of the library. - - case $cc_basename in - CC*) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - aCC*) - archive_cmds_CXX='$rm $output_objdir/$soname~$CC -b ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | grep "[-]L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - ;; - *) - if test "$GXX" = yes; then - archive_cmds_CXX='$rm $output_objdir/$soname~$CC -shared -nostdlib -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - else - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - fi - ;; - esac - ;; - hpux10*|hpux11*) - if test $with_gnu_ld = no; then - hardcode_libdir_flag_spec_CXX='${wl}+b ${wl}$libdir' - hardcode_libdir_separator_CXX=: - - case $host_cpu in - hppa*64*|ia64*) - hardcode_libdir_flag_spec_ld_CXX='+b $libdir' - ;; - *) - export_dynamic_flag_spec_CXX='${wl}-E' - ;; - esac - fi - case $host_cpu in - hppa*64*|ia64*) - hardcode_direct_CXX=no - hardcode_shlibpath_var_CXX=no - ;; - *) - hardcode_direct_CXX=yes - hardcode_minus_L_CXX=yes # Not in the search PATH, - # but as the default - # location of the library. - ;; - esac - - case $cc_basename in - CC*) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - aCC*) - case $host_cpu in - hppa*64*) - archive_cmds_CXX='$CC -b ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - ia64*) - archive_cmds_CXX='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - *) - archive_cmds_CXX='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - esac - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | grep "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - ;; - *) - if test "$GXX" = yes; then - if test $with_gnu_ld = no; then - case $host_cpu in - hppa*64*) - archive_cmds_CXX='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - ia64*) - archive_cmds_CXX='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - *) - archive_cmds_CXX='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - ;; - esac - fi - else - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - fi - ;; - esac - ;; - interix3*) - hardcode_direct_CXX=no - hardcode_shlibpath_var_CXX=no - hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir' - export_dynamic_flag_spec_CXX='${wl}-E' - # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. - # Instead, shared libraries are loaded at an image base (0x10000000 by - # default) and relocated if they conflict, which is a slow very memory - # consuming and fragmenting process. To avoid this, we pick a random, - # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link - # time. Moving up from 0x10000000 also allows more sbrk(2) space. - archive_cmds_CXX='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - archive_expsym_cmds_CXX='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - ;; - irix5* | irix6*) - case $cc_basename in - CC*) - # SGI C++ - archive_cmds_CXX='$CC -shared -all -multigot $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - - # Archives containing C++ object files must be created using - # "CC -ar", where "CC" is the IRIX C++ compiler. This is - # necessary to make sure instantiated templates are included - # in the archive. - old_archive_cmds_CXX='$CC -ar -WR,-u -o $oldlib $oldobjs' - ;; - *) - if test "$GXX" = yes; then - if test "$with_gnu_ld" = no; then - archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` -o $lib' - fi - fi - link_all_deplibs_CXX=yes - ;; - esac - hardcode_libdir_flag_spec_CXX='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator_CXX=: - ;; - linux*) - case $cc_basename in - KCC*) - # Kuck and Associates, Inc. (KAI) C++ Compiler - - # KCC will only create a shared library if the output file - # ends with ".so" (or ".sl" for HP-UX), so rename the library - # to its proper name (with version) after linking. - archive_cmds_CXX='tempext=`echo $shared_ext | $SED -e '\''s/\([^()0-9A-Za-z{}]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib' - archive_expsym_cmds_CXX='tempext=`echo $shared_ext | $SED -e '\''s/\([^()0-9A-Za-z{}]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib ${wl}-retain-symbols-file,$export_symbols; mv \$templib $lib' - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`$CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 | grep "ld"`; rm -f libconftest$shared_ext; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - - hardcode_libdir_flag_spec_CXX='${wl}--rpath,$libdir' - export_dynamic_flag_spec_CXX='${wl}--export-dynamic' - - # Archives containing C++ object files must be created using - # "CC -Bstatic", where "CC" is the KAI C++ compiler. - old_archive_cmds_CXX='$CC -Bstatic -o $oldlib $oldobjs' - ;; - icpc*) - # Intel C++ - with_gnu_ld=yes - # version 8.0 and above of icpc choke on multiply defined symbols - # if we add $predep_objects and $postdep_objects, however 7.1 and - # earlier do not add the objects themselves. - case `$CC -V 2>&1` in - *"Version 7."*) - archive_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - ;; - *) # Version 8.0 or newer - tmp_idyn= - case $host_cpu in - ia64*) tmp_idyn=' -i_dynamic';; - esac - archive_cmds_CXX='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_CXX='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - ;; - esac - archive_cmds_need_lc_CXX=no - hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir' - export_dynamic_flag_spec_CXX='${wl}--export-dynamic' - whole_archive_flag_spec_CXX='${wl}--whole-archive$convenience ${wl}--no-whole-archive' - ;; - pgCC*) - # Portland Group C++ compiler - archive_cmds_CXX='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib' - archive_expsym_cmds_CXX='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib' - - hardcode_libdir_flag_spec_CXX='${wl}--rpath ${wl}$libdir' - export_dynamic_flag_spec_CXX='${wl}--export-dynamic' - whole_archive_flag_spec_CXX='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive' - ;; - cxx*) - # Compaq C++ - archive_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib ${wl}-retain-symbols-file $wl$export_symbols' - - runpath_var=LD_RUN_PATH - hardcode_libdir_flag_spec_CXX='-rpath $libdir' - hardcode_libdir_separator_CXX=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld .*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - ;; - esac - ;; - lynxos*) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - m88k*) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - mvs*) - case $cc_basename in - cxx*) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - *) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - esac - ;; - netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - archive_cmds_CXX='$LD -Bshareable -o $lib $predep_objects $libobjs $deplibs $postdep_objects $linker_flags' - wlarc= - hardcode_libdir_flag_spec_CXX='-R$libdir' - hardcode_direct_CXX=yes - hardcode_shlibpath_var_CXX=no - fi - # Workaround some broken pre-1.5 toolchains - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep conftest.$objext | $SED -e "s:-lgcc -lc -lgcc::"' - ;; - openbsd2*) - # C++ shared libraries are fairly broken - ld_shlibs_CXX=no - ;; - openbsd*) - hardcode_direct_CXX=yes - hardcode_shlibpath_var_CXX=no - archive_cmds_CXX='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib' - hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir' - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - archive_expsym_cmds_CXX='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file,$export_symbols -o $lib' - export_dynamic_flag_spec_CXX='${wl}-E' - whole_archive_flag_spec_CXX="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' - fi - output_verbose_link_cmd='echo' - ;; - osf3*) - case $cc_basename in - KCC*) - # Kuck and Associates, Inc. (KAI) C++ Compiler - - # KCC will only create a shared library if the output file - # ends with ".so" (or ".sl" for HP-UX), so rename the library - # to its proper name (with version) after linking. - archive_cmds_CXX='tempext=`echo $shared_ext | $SED -e '\''s/\([^()0-9A-Za-z{}]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib' - - hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir' - hardcode_libdir_separator_CXX=: - - # Archives containing C++ object files must be created using - # "CC -Bstatic", where "CC" is the KAI C++ compiler. - old_archive_cmds_CXX='$CC -Bstatic -o $oldlib $oldobjs' - - ;; - RCC*) - # Rational C++ 2.4.1 - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - cxx*) - allow_undefined_flag_CXX=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds_CXX='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $soname `test -n "$verstring" && echo ${wl}-set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - - hardcode_libdir_flag_spec_CXX='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator_CXX=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld" | grep -v "ld:"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - ;; - *) - if test "$GXX" = yes && test "$with_gnu_ld" = no; then - allow_undefined_flag_CXX=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds_CXX='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - - hardcode_libdir_flag_spec_CXX='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator_CXX=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"' - - else - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - fi - ;; - esac - ;; - osf4* | osf5*) - case $cc_basename in - KCC*) - # Kuck and Associates, Inc. (KAI) C++ Compiler - - # KCC will only create a shared library if the output file - # ends with ".so" (or ".sl" for HP-UX), so rename the library - # to its proper name (with version) after linking. - archive_cmds_CXX='tempext=`echo $shared_ext | $SED -e '\''s/\([^()0-9A-Za-z{}]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib' - - hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir' - hardcode_libdir_separator_CXX=: - - # Archives containing C++ object files must be created using - # the KAI C++ compiler. - old_archive_cmds_CXX='$CC -o $oldlib $oldobjs' - ;; - RCC*) - # Rational C++ 2.4.1 - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - cxx*) - allow_undefined_flag_CXX=' -expect_unresolved \*' - archive_cmds_CXX='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - archive_expsym_cmds_CXX='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done~ - echo "-hidden">> $lib.exp~ - $CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname -Wl,-input -Wl,$lib.exp `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib~ - $rm $lib.exp' - - hardcode_libdir_flag_spec_CXX='-rpath $libdir' - hardcode_libdir_separator_CXX=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - # - # There doesn't appear to be a way to prevent this compiler from - # explicitly linking system object files so we need to strip them - # from the output so that they don't get included in the library - # dependencies. - output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "ld" | grep -v "ld:"`; templist=`echo $templist | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' - ;; - *) - if test "$GXX" = yes && test "$with_gnu_ld" = no; then - allow_undefined_flag_CXX=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds_CXX='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - - hardcode_libdir_flag_spec_CXX='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator_CXX=: - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep "\-L"' - - else - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - fi - ;; - esac - ;; - psos*) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - sunos4*) - case $cc_basename in - CC*) - # Sun C++ 4.x - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - lcc*) - # Lucid - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - *) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - esac - ;; - solaris*) - case $cc_basename in - CC*) - # Sun C++ 4.2, 5.x and Centerline C++ - archive_cmds_need_lc_CXX=yes - no_undefined_flag_CXX=' -zdefs' - archive_cmds_CXX='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' - archive_expsym_cmds_CXX='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $CC -G${allow_undefined_flag} ${wl}-M ${wl}$lib.exp -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp' - - hardcode_libdir_flag_spec_CXX='-R$libdir' - hardcode_shlibpath_var_CXX=no - case $host_os in - solaris2.[0-5] | solaris2.[0-5].*) ;; - *) - # The C++ compiler is used as linker so we must use $wl - # flag to pass the commands to the underlying system - # linker. We must also pass each convience library through - # to the system linker between allextract/defaultextract. - # The C++ compiler will combine linker options so we - # cannot just pass the convience library names through - # without $wl. - # Supported since Solaris 2.6 (maybe 2.5.1?) - whole_archive_flag_spec_CXX='${wl}-z ${wl}allextract`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}-z ${wl}defaultextract' - ;; - esac - link_all_deplibs_CXX=yes - - output_verbose_link_cmd='echo' - - # Archives containing C++ object files must be created using - # "CC -xar", where "CC" is the Sun C++ compiler. This is - # necessary to make sure instantiated templates are included - # in the archive. - old_archive_cmds_CXX='$CC -xar -o $oldlib $oldobjs' - ;; - gcx*) - # Green Hills C++ Compiler - archive_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' - - # The C++ compiler must be used to create the archive. - old_archive_cmds_CXX='$CC $LDFLAGS -archive -o $oldlib $oldobjs' - ;; - *) - # GNU C++ compiler with Solaris linker - if test "$GXX" = yes && test "$with_gnu_ld" = no; then - no_undefined_flag_CXX=' ${wl}-z ${wl}defs' - if $CC --version | grep -v '^2\.7' > /dev/null; then - archive_cmds_CXX='$CC -shared -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' - archive_expsym_cmds_CXX='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $CC -shared -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp' - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd="$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep \"\-L\"" - else - # g++ 2.7 appears to require `-G' NOT `-shared' on this - # platform. - archive_cmds_CXX='$CC -G -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' - archive_expsym_cmds_CXX='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $CC -G -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$rm $lib.exp' - - # Commands to make compiler produce verbose output that lists - # what "hidden" libraries, object files and flags are used when - # linking a shared library. - output_verbose_link_cmd="$CC -G $CFLAGS -v conftest.$objext 2>&1 | grep \"\-L\"" - fi - - hardcode_libdir_flag_spec_CXX='${wl}-R $wl$libdir' - fi - ;; - esac - ;; - sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7* | sco3.2v5.0.[024]*) - no_undefined_flag_CXX='${wl}-z,text' - archive_cmds_need_lc_CXX=no - hardcode_shlibpath_var_CXX=no - runpath_var='LD_RUN_PATH' - - case $cc_basename in - CC*) - archive_cmds_CXX='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_CXX='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - archive_cmds_CXX='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_CXX='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - ;; - sysv5* | sco3.2v5* | sco5v6*) - # Note: We can NOT use -z defs as we might desire, because we do not - # link with -lc, and that would cause any symbols used from libc to - # always be unresolved, which means just about no library would - # ever link correctly. If we're not using GNU ld we use -z text - # though, which does catch some bad symbols but isn't as heavy-handed - # as -z defs. - # For security reasons, it is highly recommended that you always - # use absolute paths for naming shared libraries, and exclude the - # DT_RUNPATH tag from executables and libraries. But doing so - # requires that you compile everything twice, which is a pain. - # So that behaviour is only enabled if SCOABSPATH is set to a - # non-empty value in the environment. Most likely only useful for - # creating official distributions of packages. - # This is a hack until libtool officially supports absolute path - # names for shared libraries. - no_undefined_flag_CXX='${wl}-z,text' - allow_undefined_flag_CXX='${wl}-z,nodefs' - archive_cmds_need_lc_CXX=no - hardcode_shlibpath_var_CXX=no - hardcode_libdir_flag_spec_CXX='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`' - hardcode_libdir_separator_CXX=':' - link_all_deplibs_CXX=yes - export_dynamic_flag_spec_CXX='${wl}-Bexport' - runpath_var='LD_RUN_PATH' - - case $cc_basename in - CC*) - archive_cmds_CXX='$CC -G ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_CXX='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - archive_cmds_CXX='$CC -shared ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_CXX='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - ;; - tandem*) - case $cc_basename in - NCC*) - # NonStop-UX NCC 3.20 - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - *) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - esac - ;; - vxworks*) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; - *) - # FIXME: insert proper C++ library support - ld_shlibs_CXX=no - ;; -esac -{ echo "$as_me:$LINENO: result: $ld_shlibs_CXX" >&5 -echo "${ECHO_T}$ld_shlibs_CXX" >&6; } -test "$ld_shlibs_CXX" = no && can_build_shared=no - -GCC_CXX="$GXX" -LD_CXX="$LD" - - -cat > conftest.$ac_ext <&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - # Parse the compiler output and extract the necessary - # objects, libraries and library flags. - - # Sentinel used to keep track of whether or not we are before - # the conftest object file. - pre_test_object_deps_done=no - - # The `*' in the case matches for architectures that use `case' in - # $output_verbose_cmd can trigger glob expansion during the loop - # eval without this substitution. - output_verbose_link_cmd=`$echo "X$output_verbose_link_cmd" | $Xsed -e "$no_glob_subst"` - - for p in `eval $output_verbose_link_cmd`; do - case $p in - - -L* | -R* | -l*) - # Some compilers place space between "-{L,R}" and the path. - # Remove the space. - if test $p = "-L" \ - || test $p = "-R"; then - prev=$p - continue - else - prev= - fi - - if test "$pre_test_object_deps_done" = no; then - case $p in - -L* | -R*) - # Internal compiler library paths should come after those - # provided the user. The postdeps already come after the - # user supplied libs so there is no need to process them. - if test -z "$compiler_lib_search_path_CXX"; then - compiler_lib_search_path_CXX="${prev}${p}" - else - compiler_lib_search_path_CXX="${compiler_lib_search_path_CXX} ${prev}${p}" - fi - ;; - # The "-l" case would never come before the object being - # linked, so don't bother handling this case. - esac - else - if test -z "$postdeps_CXX"; then - postdeps_CXX="${prev}${p}" - else - postdeps_CXX="${postdeps_CXX} ${prev}${p}" - fi - fi - ;; - - *.$objext) - # This assumes that the test object file only shows up - # once in the compiler output. - if test "$p" = "conftest.$objext"; then - pre_test_object_deps_done=yes - continue - fi - - if test "$pre_test_object_deps_done" = no; then - if test -z "$predep_objects_CXX"; then - predep_objects_CXX="$p" - else - predep_objects_CXX="$predep_objects_CXX $p" - fi - else - if test -z "$postdep_objects_CXX"; then - postdep_objects_CXX="$p" - else - postdep_objects_CXX="$postdep_objects_CXX $p" - fi - fi - ;; - - *) ;; # Ignore the rest. - - esac - done - - # Clean up. - rm -f a.out a.exe -else - echo "libtool.m4: error: problem compiling CXX test program" -fi - -$rm -f confest.$objext - -# PORTME: override above test on systems where it is broken -case $host_os in -interix3*) - # Interix 3.5 installs completely hosed .la files for C++, so rather than - # hack all around it, let's just trust "g++" to DTRT. - predep_objects_CXX= - postdep_objects_CXX= - postdeps_CXX= - ;; - -solaris*) - case $cc_basename in - CC*) - # Adding this requires a known-good setup of shared libraries for - # Sun compiler versions before 5.6, else PIC objects from an old - # archive will be linked into the output, leading to subtle bugs. - postdeps_CXX='-lCstd -lCrun' - ;; - esac - ;; -esac - - -case " $postdeps_CXX " in -*" -lc "*) archive_cmds_need_lc_CXX=no ;; -esac - -lt_prog_compiler_wl_CXX= -lt_prog_compiler_pic_CXX= -lt_prog_compiler_static_CXX= - -{ echo "$as_me:$LINENO: checking for $compiler option to produce PIC" >&5 -echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } - - # C++ specific cases for pic, static, wl, etc. - if test "$GXX" = yes; then - lt_prog_compiler_wl_CXX='-Wl,' - lt_prog_compiler_static_CXX='-static' - - case $host_os in - aix*) - # All AIX code is PIC. - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - lt_prog_compiler_static_CXX='-Bstatic' - fi - ;; - amigaos*) - # FIXME: we need at least 68020 code to build shared libraries, but - # adding the `-m68020' flag to GCC prevents building anything better, - # like `-m68040'. - lt_prog_compiler_pic_CXX='-m68020 -resident32 -malways-restore-a4' - ;; - beos* | cygwin* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) - # PIC is the default for these OSes. - ;; - mingw* | os2* | pw32*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - lt_prog_compiler_pic_CXX='-DDLL_EXPORT' - ;; - darwin* | rhapsody*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - lt_prog_compiler_pic_CXX='-fno-common' - ;; - *djgpp*) - # DJGPP does not support shared libraries at all - lt_prog_compiler_pic_CXX= - ;; - interix3*) - # Interix 3.x gcc -fpic/-fPIC options generate broken code. - # Instead, we relocate shared libraries at runtime. - ;; - sysv4*MP*) - if test -d /usr/nec; then - lt_prog_compiler_pic_CXX=-Kconform_pic - fi - ;; - hpux*) - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - ;; - *) - lt_prog_compiler_pic_CXX='-fPIC' - ;; - esac - ;; - *) - lt_prog_compiler_pic_CXX='-fPIC' - ;; - esac - else - case $host_os in - aix4* | aix5*) - # All AIX code is PIC. - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - lt_prog_compiler_static_CXX='-Bstatic' - else - lt_prog_compiler_static_CXX='-bnso -bI:/lib/syscalls.exp' - fi - ;; - chorus*) - case $cc_basename in - cxch68*) - # Green Hills C++ Compiler - # _LT_AC_TAGVAR(lt_prog_compiler_static, CXX)="--no_auto_instantiation -u __main -u __premain -u _abort -r $COOL_DIR/lib/libOrb.a $MVME_DIR/lib/CC/libC.a $MVME_DIR/lib/classix/libcx.s.a" - ;; - esac - ;; - darwin*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - case $cc_basename in - xlc*) - lt_prog_compiler_pic_CXX='-qnocommon' - lt_prog_compiler_wl_CXX='-Wl,' - ;; - esac - ;; - dgux*) - case $cc_basename in - ec++*) - lt_prog_compiler_pic_CXX='-KPIC' - ;; - ghcx*) - # Green Hills C++ Compiler - lt_prog_compiler_pic_CXX='-pic' - ;; - *) - ;; - esac - ;; - freebsd* | kfreebsd*-gnu | dragonfly*) - # FreeBSD uses GNU C++ - ;; - hpux9* | hpux10* | hpux11*) - case $cc_basename in - CC*) - lt_prog_compiler_wl_CXX='-Wl,' - lt_prog_compiler_static_CXX='${wl}-a ${wl}archive' - if test "$host_cpu" != ia64; then - lt_prog_compiler_pic_CXX='+Z' - fi - ;; - aCC*) - lt_prog_compiler_wl_CXX='-Wl,' - lt_prog_compiler_static_CXX='${wl}-a ${wl}archive' - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - lt_prog_compiler_pic_CXX='+Z' - ;; - esac - ;; - *) - ;; - esac - ;; - interix*) - # This is c89, which is MS Visual C++ (no shared libs) - # Anyone wants to do a port? - ;; - irix5* | irix6* | nonstopux*) - case $cc_basename in - CC*) - lt_prog_compiler_wl_CXX='-Wl,' - lt_prog_compiler_static_CXX='-non_shared' - # CC pic flag -KPIC is the default. - ;; - *) - ;; - esac - ;; - linux*) - case $cc_basename in - KCC*) - # KAI C++ Compiler - lt_prog_compiler_wl_CXX='--backend -Wl,' - lt_prog_compiler_pic_CXX='-fPIC' - ;; - icpc* | ecpc*) - # Intel C++ - lt_prog_compiler_wl_CXX='-Wl,' - lt_prog_compiler_pic_CXX='-KPIC' - lt_prog_compiler_static_CXX='-static' - ;; - pgCC*) - # Portland Group C++ compiler. - lt_prog_compiler_wl_CXX='-Wl,' - lt_prog_compiler_pic_CXX='-fpic' - lt_prog_compiler_static_CXX='-Bstatic' - ;; - cxx*) - # Compaq C++ - # Make sure the PIC flag is empty. It appears that all Alpha - # Linux and Compaq Tru64 Unix objects are PIC. - lt_prog_compiler_pic_CXX= - lt_prog_compiler_static_CXX='-non_shared' - ;; - *) - ;; - esac - ;; - lynxos*) - ;; - m88k*) - ;; - mvs*) - case $cc_basename in - cxx*) - lt_prog_compiler_pic_CXX='-W c,exportall' - ;; - *) - ;; - esac - ;; - netbsd*) - ;; - osf3* | osf4* | osf5*) - case $cc_basename in - KCC*) - lt_prog_compiler_wl_CXX='--backend -Wl,' - ;; - RCC*) - # Rational C++ 2.4.1 - lt_prog_compiler_pic_CXX='-pic' - ;; - cxx*) - # Digital/Compaq C++ - lt_prog_compiler_wl_CXX='-Wl,' - # Make sure the PIC flag is empty. It appears that all Alpha - # Linux and Compaq Tru64 Unix objects are PIC. - lt_prog_compiler_pic_CXX= - lt_prog_compiler_static_CXX='-non_shared' - ;; - *) - ;; - esac - ;; - psos*) - ;; - solaris*) - case $cc_basename in - CC*) - # Sun C++ 4.2, 5.x and Centerline C++ - lt_prog_compiler_pic_CXX='-KPIC' - lt_prog_compiler_static_CXX='-Bstatic' - lt_prog_compiler_wl_CXX='-Qoption ld ' - ;; - gcx*) - # Green Hills C++ Compiler - lt_prog_compiler_pic_CXX='-PIC' - ;; - *) - ;; - esac - ;; - sunos4*) - case $cc_basename in - CC*) - # Sun C++ 4.x - lt_prog_compiler_pic_CXX='-pic' - lt_prog_compiler_static_CXX='-Bstatic' - ;; - lcc*) - # Lucid - lt_prog_compiler_pic_CXX='-pic' - ;; - *) - ;; - esac - ;; - tandem*) - case $cc_basename in - NCC*) - # NonStop-UX NCC 3.20 - lt_prog_compiler_pic_CXX='-KPIC' - ;; - *) - ;; - esac - ;; - sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) - case $cc_basename in - CC*) - lt_prog_compiler_wl_CXX='-Wl,' - lt_prog_compiler_pic_CXX='-KPIC' - lt_prog_compiler_static_CXX='-Bstatic' - ;; - esac - ;; - vxworks*) - ;; - *) - lt_prog_compiler_can_build_shared_CXX=no - ;; - esac - fi - -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_CXX" >&5 -echo "${ECHO_T}$lt_prog_compiler_pic_CXX" >&6; } - -# -# Check to make sure the PIC flag actually works. -# -if test -n "$lt_prog_compiler_pic_CXX"; then - -{ echo "$as_me:$LINENO: checking if $compiler PIC flag $lt_prog_compiler_pic_CXX works" >&5 -echo $ECHO_N "checking if $compiler PIC flag $lt_prog_compiler_pic_CXX works... $ECHO_C" >&6; } -if test "${lt_prog_compiler_pic_works_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_prog_compiler_pic_works_CXX=no - ac_outfile=conftest.$ac_objext - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - lt_compiler_flag="$lt_prog_compiler_pic_CXX -DPIC" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - # The option is referenced via a variable to avoid confusing sed. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:13188: $lt_compile\"" >&5) - (eval "$lt_compile" 2>conftest.err) - ac_status=$? - cat conftest.err >&5 - echo "$as_me:13192: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s "$ac_outfile"; then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings other than the usual output. - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then - lt_prog_compiler_pic_works_CXX=yes - fi - fi - $rm conftest* - -fi -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_works_CXX" >&5 -echo "${ECHO_T}$lt_prog_compiler_pic_works_CXX" >&6; } - -if test x"$lt_prog_compiler_pic_works_CXX" = xyes; then - case $lt_prog_compiler_pic_CXX in - "" | " "*) ;; - *) lt_prog_compiler_pic_CXX=" $lt_prog_compiler_pic_CXX" ;; - esac -else - lt_prog_compiler_pic_CXX= - lt_prog_compiler_can_build_shared_CXX=no -fi - -fi -case $host_os in - # For platforms which do not support PIC, -DPIC is meaningless: - *djgpp*) - lt_prog_compiler_pic_CXX= - ;; - *) - lt_prog_compiler_pic_CXX="$lt_prog_compiler_pic_CXX -DPIC" - ;; -esac - -# -# Check to make sure the static flag actually works. -# -wl=$lt_prog_compiler_wl_CXX eval lt_tmp_static_flag=\"$lt_prog_compiler_static_CXX\" -{ echo "$as_me:$LINENO: checking if $compiler static flag $lt_tmp_static_flag works" >&5 -echo $ECHO_N "checking if $compiler static flag $lt_tmp_static_flag works... $ECHO_C" >&6; } -if test "${lt_prog_compiler_static_works_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_prog_compiler_static_works_CXX=no - save_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS $lt_tmp_static_flag" - printf "$lt_simple_link_test_code" > conftest.$ac_ext - if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then - # The linker can only warn and ignore the option if not recognized - # So say no if there are warnings - if test -s conftest.err; then - # Append any errors to the config.log. - cat conftest.err 1>&5 - $echo "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if diff conftest.exp conftest.er2 >/dev/null; then - lt_prog_compiler_static_works_CXX=yes - fi - else - lt_prog_compiler_static_works_CXX=yes - fi - fi - $rm conftest* - LDFLAGS="$save_LDFLAGS" - -fi -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_static_works_CXX" >&5 -echo "${ECHO_T}$lt_prog_compiler_static_works_CXX" >&6; } - -if test x"$lt_prog_compiler_static_works_CXX" = xyes; then - : -else - lt_prog_compiler_static_CXX= -fi - - -{ echo "$as_me:$LINENO: checking if $compiler supports -c -o file.$ac_objext" >&5 -echo $ECHO_N "checking if $compiler supports -c -o file.$ac_objext... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_c_o_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_cv_prog_compiler_c_o_CXX=no - $rm -r conftest 2>/dev/null - mkdir conftest - cd conftest - mkdir out - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - - lt_compiler_flag="-o out/conftest2.$ac_objext" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:13292: $lt_compile\"" >&5) - (eval "$lt_compile" 2>out/conftest.err) - ac_status=$? - cat out/conftest.err >&5 - echo "$as_me:13296: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s out/conftest2.$ac_objext - then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp - $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2 - if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then - lt_cv_prog_compiler_c_o_CXX=yes - fi - fi - chmod u+w . 2>&5 - $rm conftest* - # SGI C++ compiler will create directory out/ii_files/ for - # template instantiation - test -d out/ii_files && $rm out/ii_files/* && rmdir out/ii_files - $rm out/* && rmdir out - cd .. - rmdir conftest - $rm conftest* - -fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_c_o_CXX" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_c_o_CXX" >&6; } - - -hard_links="nottested" -if test "$lt_cv_prog_compiler_c_o_CXX" = no && test "$need_locks" != no; then - # do not overwrite the value of need_locks provided by the user - { echo "$as_me:$LINENO: checking if we can lock with hard links" >&5 -echo $ECHO_N "checking if we can lock with hard links... $ECHO_C" >&6; } - hard_links=yes - $rm conftest* - ln conftest.a conftest.b 2>/dev/null && hard_links=no - touch conftest.a - ln conftest.a conftest.b 2>&5 || hard_links=no - ln conftest.a conftest.b 2>/dev/null && hard_links=no - { echo "$as_me:$LINENO: result: $hard_links" >&5 -echo "${ECHO_T}$hard_links" >&6; } - if test "$hard_links" = no; then - { echo "$as_me:$LINENO: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5 -echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;} - need_locks=warn - fi -else - need_locks=no -fi - -{ echo "$as_me:$LINENO: checking whether the $compiler linker ($LD) supports shared libraries" >&5 -echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared libraries... $ECHO_C" >&6; } - - export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - case $host_os in - aix4* | aix5*) - # If we're using GNU nm, then we don't want the "-C" option. - # -C means demangle to AIX nm, but means don't demangle with GNU nm - if $NM -V 2>&1 | grep 'GNU' > /dev/null; then - export_symbols_cmds_CXX='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols' - else - export_symbols_cmds_CXX='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols' - fi - ;; - pw32*) - export_symbols_cmds_CXX="$ltdll_cmds" - ;; - cygwin* | mingw*) - export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS] /s/.* \([^ ]*\)/\1 DATA/;/^.* __nm__/s/^.* __nm__\([^ ]*\) [^ ]*/\1 DATA/;/^I /d;/^[AITW] /s/.* //'\'' | sort | uniq > $export_symbols' - ;; - *) - export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - ;; - esac - -{ echo "$as_me:$LINENO: result: $ld_shlibs_CXX" >&5 -echo "${ECHO_T}$ld_shlibs_CXX" >&6; } -test "$ld_shlibs_CXX" = no && can_build_shared=no - -# -# Do we need to explicitly link libc? -# -case "x$archive_cmds_need_lc_CXX" in -x|xyes) - # Assume -lc should be added - archive_cmds_need_lc_CXX=yes - - if test "$enable_shared" = yes && test "$GCC" = yes; then - case $archive_cmds_CXX in - *'~'*) - # FIXME: we may have to deal with multi-command sequences. - ;; - '$CC '*) - # Test whether the compiler implicitly links with -lc since on some - # systems, -lgcc has to come before -lc. If gcc already passes -lc - # to ld, don't add -lc before -lgcc. - { echo "$as_me:$LINENO: checking whether -lc should be explicitly linked in" >&5 -echo $ECHO_N "checking whether -lc should be explicitly linked in... $ECHO_C" >&6; } - $rm conftest* - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } 2>conftest.err; then - soname=conftest - lib=conftest - libobjs=conftest.$ac_objext - deplibs= - wl=$lt_prog_compiler_wl_CXX - pic_flag=$lt_prog_compiler_pic_CXX - compiler_flags=-v - linker_flags=-v - verstring= - output_objdir=. - libname=conftest - lt_save_allow_undefined_flag=$allow_undefined_flag_CXX - allow_undefined_flag_CXX= - if { (eval echo "$as_me:$LINENO: \"$archive_cmds_CXX 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1\"") >&5 - (eval $archive_cmds_CXX 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } - then - archive_cmds_need_lc_CXX=no - else - archive_cmds_need_lc_CXX=yes - fi - allow_undefined_flag_CXX=$lt_save_allow_undefined_flag - else - cat conftest.err 1>&5 - fi - $rm conftest* - { echo "$as_me:$LINENO: result: $archive_cmds_need_lc_CXX" >&5 -echo "${ECHO_T}$archive_cmds_need_lc_CXX" >&6; } - ;; - esac - fi - ;; -esac - -{ echo "$as_me:$LINENO: checking dynamic linker characteristics" >&5 -echo $ECHO_N "checking dynamic linker characteristics... $ECHO_C" >&6; } -library_names_spec= -libname_spec='lib$name' -soname_spec= -shrext_cmds=".so" -postinstall_cmds= -postuninstall_cmds= -finish_cmds= -finish_eval= -shlibpath_var= -shlibpath_overrides_runpath=unknown -version_type=none -dynamic_linker="$host_os ld.so" -sys_lib_dlsearch_path_spec="/lib /usr/lib" -if test "$GCC" = yes; then - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"` - if echo "$sys_lib_search_path_spec" | grep ';' >/dev/null ; then - # if the path contains ";" then we assume it to be the separator - # otherwise default to the standard path separator (i.e. ":") - it is - # assumed that no part of a normal pathname contains ";" but that should - # okay in the real world where ";" in dirpaths is itself problematic. - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi -else - sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib" -fi -need_lib_prefix=unknown -hardcode_into_libs=no - -# when you set need_version to no, make sure it does not cause -set_version -# flags to be left without arguments -need_version=unknown - -case $host_os in -aix3*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a' - shlibpath_var=LIBPATH - - # AIX 3 has no versioning support, so we append a major version to the name. - soname_spec='${libname}${release}${shared_ext}$major' - ;; - -aix4* | aix5*) - version_type=linux - need_lib_prefix=no - need_version=no - hardcode_into_libs=yes - if test "$host_cpu" = ia64; then - # AIX 5 supports IA64 - library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - else - # With GCC up to 2.95.x, collect2 would create an import file - # for dependence libraries. The import file would start with - # the line `#! .'. This would cause the generated library to - # depend on `.', always an invalid library. This was fixed in - # development snapshots of GCC prior to 3.0. - case $host_os in - aix4 | aix4.[01] | aix4.[01].*) - if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)' - echo ' yes ' - echo '#endif'; } | ${CC} -E - | grep yes > /dev/null; then - : - else - can_build_shared=no - fi - ;; - esac - # AIX (on Power*) has no versioning support, so currently we can not hardcode correct - # soname into executable. Probably we can add versioning support to - # collect2, so additional links can be useful in future. - if test "$aix_use_runtimelinking" = yes; then - # If using run time linking (on AIX 4.2 or later) use lib.so - # instead of lib.a to let people know that these are not - # typical AIX shared libraries. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - else - # We preserve .a as extension for shared libraries through AIX4.2 - # and later when we are not doing run time linking. - library_names_spec='${libname}${release}.a $libname.a' - soname_spec='${libname}${release}${shared_ext}$major' - fi - shlibpath_var=LIBPATH - fi - ;; - -amigaos*) - library_names_spec='$libname.ixlibrary $libname.a' - # Create ${libname}_ixlibrary.a entries in /sys/libs. - finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$echo "X$lib" | $Xsed -e '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $rm /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done' - ;; - -beos*) - library_names_spec='${libname}${shared_ext}' - dynamic_linker="$host_os ld.so" - shlibpath_var=LIBRARY_PATH - ;; - -bsdi[45]*) - version_type=linux - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib" - sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib" - # the default ld.so.conf also contains /usr/contrib/lib and - # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow - # libtool to hard-code these into programs - ;; - -cygwin* | mingw* | pw32*) - version_type=windows - shrext_cmds=".dll" - need_version=no - need_lib_prefix=no - - case $GCC,$host_os in - yes,cygwin* | yes,mingw* | yes,pw32*) - library_names_spec='$libname.dll.a' - # DLL is installed to $(libdir)/../bin by postinstall_cmds - postinstall_cmds='base_file=`basename \${file}`~ - dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i;echo \$dlname'\''`~ - dldir=$destdir/`dirname \$dlpath`~ - test -d \$dldir || mkdir -p \$dldir~ - $install_prog $dir/$dlname \$dldir/$dlname~ - chmod a+x \$dldir/$dlname' - postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ - dlpath=$dir/\$dldll~ - $rm \$dlpath' - shlibpath_overrides_runpath=yes - - case $host_os in - cygwin*) - # Cygwin DLLs use 'cyg' prefix rather than 'lib' - soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib" - ;; - mingw*) - # MinGW DLLs use traditional 'lib' prefix - soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"` - if echo "$sys_lib_search_path_spec" | grep ';[c-zC-Z]:/' >/dev/null; then - # It is most probably a Windows format PATH printed by - # mingw gcc, but we are running on Cygwin. Gcc prints its search - # path with ; separators, and with drive letters. We can handle the - # drive letters (cygwin fileutils understands them), so leave them, - # especially as we might pass files found there to a mingw objdump, - # which wouldn't understand a cygwinified path. Ahh. - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi - ;; - pw32*) - # pw32 DLLs use 'pw' prefix rather than 'lib' - library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - ;; - esac - ;; - - *) - library_names_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext} $libname.lib' - ;; - esac - dynamic_linker='Win32 ld.exe' - # FIXME: first we should search . and the directory the executable is in - shlibpath_var=PATH - ;; - -darwin* | rhapsody*) - dynamic_linker="$host_os dyld" - version_type=darwin - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext ${libname}${release}${versuffix}$shared_ext' - soname_spec='${libname}${release}${major}$shared_ext' - shlibpath_overrides_runpath=yes - shlibpath_var=DYLD_LIBRARY_PATH - shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`' - # Apple's gcc prints 'gcc -print-search-dirs' doesn't operate the same. - if test "$GCC" = yes; then - sys_lib_search_path_spec=`$CC -print-search-dirs | tr "\n" "$PATH_SEPARATOR" | sed -e 's/libraries:/@libraries:/' | tr "@" "\n" | grep "^libraries:" | sed -e "s/^libraries://" -e "s,=/,/,g" -e "s,$PATH_SEPARATOR, ,g" -e "s,.*,& /lib /usr/lib /usr/local/lib,g"` - else - sys_lib_search_path_spec='/lib /usr/lib /usr/local/lib' - fi - sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib' - ;; - -dgux*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -freebsd1*) - dynamic_linker=no - ;; - -kfreebsd*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='GNU ld.so' - ;; - -freebsd* | dragonfly*) - # DragonFly does not have aout. When/if they implement a new - # versioning mechanism, adjust this. - if test -x /usr/bin/objformat; then - objformat=`/usr/bin/objformat` - else - case $host_os in - freebsd[123]*) objformat=aout ;; - *) objformat=elf ;; - esac - fi - version_type=freebsd-$objformat - case $version_type in - freebsd-elf*) - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - need_version=no - need_lib_prefix=no - ;; - freebsd-*) - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix' - need_version=yes - ;; - esac - shlibpath_var=LD_LIBRARY_PATH - case $host_os in - freebsd2*) - shlibpath_overrides_runpath=yes - ;; - freebsd3.[01]* | freebsdelf3.[01]*) - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - freebsd3.[2-9]* | freebsdelf3.[2-9]* | \ - freebsd4.[0-5] | freebsdelf4.[0-5] | freebsd4.1.1 | freebsdelf4.1.1) - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - freebsd*) # from 4.6 on - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - esac - ;; - -gnu*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - ;; - -hpux9* | hpux10* | hpux11*) - # Give a soname corresponding to the major version so that dld.sl refuses to - # link against other versions. - version_type=sunos - need_lib_prefix=no - need_version=no - case $host_cpu in - ia64*) - shrext_cmds='.so' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.so" - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - if test "X$HPUX_IA64_MODE" = X32; then - sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib" - else - sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64" - fi - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - hppa*64*) - shrext_cmds='.sl' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.sl" - shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64" - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - *) - shrext_cmds='.sl' - dynamic_linker="$host_os dld.sl" - shlibpath_var=SHLIB_PATH - shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - ;; - esac - # HP-UX runs *really* slowly unless shared libraries are mode 555. - postinstall_cmds='chmod 555 $lib' - ;; - -interix3*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - -irix5* | irix6* | nonstopux*) - case $host_os in - nonstopux*) version_type=nonstopux ;; - *) - if test "$lt_cv_prog_gnu_ld" = yes; then - version_type=linux - else - version_type=irix - fi ;; - esac - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}' - case $host_os in - irix5* | nonstopux*) - libsuff= shlibsuff= - ;; - *) - case $LD in # libtool.m4 will add one of these switches to LD - *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ") - libsuff= shlibsuff= libmagic=32-bit;; - *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ") - libsuff=32 shlibsuff=N32 libmagic=N32;; - *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ") - libsuff=64 shlibsuff=64 libmagic=64-bit;; - *) libsuff= shlibsuff= libmagic=never-match;; - esac - ;; - esac - shlibpath_var=LD_LIBRARY${shlibsuff}_PATH - shlibpath_overrides_runpath=no - sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}" - sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}" - hardcode_into_libs=yes - ;; - -# No shared lib support for Linux oldld, aout, or coff. -linux*oldld* | linux*aout* | linux*coff*) - dynamic_linker=no - ;; - -# This must be Linux ELF. -linux*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - # This implies no fast_install, which is unacceptable. - # Some rework will be needed to allow for fast_install - # before this can be enabled. - hardcode_into_libs=yes - - # Append ld.so.conf contents to the search path - if test -f /etc/ld.so.conf; then - lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '` - sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" - fi - - # We used to test for /lib/ld.so.1 and disable shared libraries on - # powerpc, because MkLinux only supported shared libraries with the - # GNU dynamic linker. Since this was broken with cross compilers, - # most powerpc-linux boxes support dynamic linking these days and - # people can always --disable-shared, the test was removed, and we - # assume the GNU/Linux dynamic linker is in use. - dynamic_linker='GNU/Linux ld.so' - ;; - -knetbsd*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='GNU ld.so' - ;; - -netbsd*) - version_type=sunos - need_lib_prefix=no - need_version=no - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - dynamic_linker='NetBSD (a.out) ld.so' - else - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='NetBSD ld.elf_so' - fi - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - -newsos6) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -nto-qnx*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -openbsd*) - version_type=sunos - sys_lib_dlsearch_path_spec="/usr/lib" - need_lib_prefix=no - # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs. - case $host_os in - openbsd3.3 | openbsd3.3.*) need_version=yes ;; - *) need_version=no ;; - esac - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - shlibpath_var=LD_LIBRARY_PATH - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - case $host_os in - openbsd2.[89] | openbsd2.[89].*) - shlibpath_overrides_runpath=no - ;; - *) - shlibpath_overrides_runpath=yes - ;; - esac - else - shlibpath_overrides_runpath=yes - fi - ;; - -os2*) - libname_spec='$name' - shrext_cmds=".dll" - need_lib_prefix=no - library_names_spec='$libname${shared_ext} $libname.a' - dynamic_linker='OS/2 ld.exe' - shlibpath_var=LIBPATH - ;; - -osf3* | osf4* | osf5*) - version_type=osf - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib" - sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec" - ;; - -solaris*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - # ldd complains unless libraries are executable - postinstall_cmds='chmod +x $lib' - ;; - -sunos4*) - version_type=sunos - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - if test "$with_gnu_ld" = yes; then - need_lib_prefix=no - fi - need_version=yes - ;; - -sysv4 | sysv4.3*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - case $host_vendor in - sni) - shlibpath_overrides_runpath=no - need_lib_prefix=no - export_dynamic_flag_spec='${wl}-Blargedynsym' - runpath_var=LD_RUN_PATH - ;; - siemens) - need_lib_prefix=no - ;; - motorola) - need_lib_prefix=no - need_version=no - shlibpath_overrides_runpath=no - sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib' - ;; - esac - ;; - -sysv4*MP*) - if test -d /usr/nec ;then - version_type=linux - library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}' - soname_spec='$libname${shared_ext}.$major' - shlibpath_var=LD_LIBRARY_PATH - fi - ;; - -sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) - version_type=freebsd-elf - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - if test "$with_gnu_ld" = yes; then - sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib' - shlibpath_overrides_runpath=no - else - sys_lib_search_path_spec='/usr/ccs/lib /usr/lib' - shlibpath_overrides_runpath=yes - case $host_os in - sco3.2v5*) - sys_lib_search_path_spec="$sys_lib_search_path_spec /lib" - ;; - esac - fi - sys_lib_dlsearch_path_spec='/usr/lib' - ;; - -uts4*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -*) - dynamic_linker=no - ;; -esac -{ echo "$as_me:$LINENO: result: $dynamic_linker" >&5 -echo "${ECHO_T}$dynamic_linker" >&6; } -test "$dynamic_linker" = no && can_build_shared=no - -variables_saved_for_relink="PATH $shlibpath_var $runpath_var" -if test "$GCC" = yes; then - variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" -fi - -{ echo "$as_me:$LINENO: checking how to hardcode library paths into programs" >&5 -echo $ECHO_N "checking how to hardcode library paths into programs... $ECHO_C" >&6; } -hardcode_action_CXX= -if test -n "$hardcode_libdir_flag_spec_CXX" || \ - test -n "$runpath_var_CXX" || \ - test "X$hardcode_automatic_CXX" = "Xyes" ; then - - # We can hardcode non-existant directories. - if test "$hardcode_direct_CXX" != no && - # If the only mechanism to avoid hardcoding is shlibpath_var, we - # have to relink, otherwise we might link with an installed library - # when we should be linking with a yet-to-be-installed one - ## test "$_LT_AC_TAGVAR(hardcode_shlibpath_var, CXX)" != no && - test "$hardcode_minus_L_CXX" != no; then - # Linking always hardcodes the temporary library directory. - hardcode_action_CXX=relink - else - # We can link without hardcoding, and we can hardcode nonexisting dirs. - hardcode_action_CXX=immediate - fi -else - # We cannot hardcode anything, or else we can only hardcode existing - # directories. - hardcode_action_CXX=unsupported -fi -{ echo "$as_me:$LINENO: result: $hardcode_action_CXX" >&5 -echo "${ECHO_T}$hardcode_action_CXX" >&6; } - -if test "$hardcode_action_CXX" = relink; then - # Fast installation is not supported - enable_fast_install=no -elif test "$shlibpath_overrides_runpath" = yes || - test "$enable_shared" = no; then - # Fast installation is not necessary - enable_fast_install=needless -fi - - -# The else clause should only fire when bootstrapping the -# libtool distribution, otherwise you forgot to ship ltmain.sh -# with your package, and you will get complaints that there are -# no rules to generate ltmain.sh. -if test -f "$ltmain"; then - # See if we are running on zsh, and set the options which allow our commands through - # without removal of \ escapes. - if test -n "${ZSH_VERSION+set}" ; then - setopt NO_GLOB_SUBST - fi - # Now quote all the things that may contain metacharacters while being - # careful not to overquote the AC_SUBSTed values. We take copies of the - # variables and quote the copies for generation of the libtool script. - for var in echo old_CC old_CFLAGS AR AR_FLAGS EGREP RANLIB LN_S LTCC LTCFLAGS NM \ - SED SHELL STRIP \ - libname_spec library_names_spec soname_spec extract_expsyms_cmds \ - old_striplib striplib file_magic_cmd finish_cmds finish_eval \ - deplibs_check_method reload_flag reload_cmds need_locks \ - lt_cv_sys_global_symbol_pipe lt_cv_sys_global_symbol_to_cdecl \ - lt_cv_sys_global_symbol_to_c_name_address \ - sys_lib_search_path_spec sys_lib_dlsearch_path_spec \ - old_postinstall_cmds old_postuninstall_cmds \ - compiler_CXX \ - CC_CXX \ - LD_CXX \ - lt_prog_compiler_wl_CXX \ - lt_prog_compiler_pic_CXX \ - lt_prog_compiler_static_CXX \ - lt_prog_compiler_no_builtin_flag_CXX \ - export_dynamic_flag_spec_CXX \ - thread_safe_flag_spec_CXX \ - whole_archive_flag_spec_CXX \ - enable_shared_with_static_runtimes_CXX \ - old_archive_cmds_CXX \ - old_archive_from_new_cmds_CXX \ - predep_objects_CXX \ - postdep_objects_CXX \ - predeps_CXX \ - postdeps_CXX \ - compiler_lib_search_path_CXX \ - archive_cmds_CXX \ - archive_expsym_cmds_CXX \ - postinstall_cmds_CXX \ - postuninstall_cmds_CXX \ - old_archive_from_expsyms_cmds_CXX \ - allow_undefined_flag_CXX \ - no_undefined_flag_CXX \ - export_symbols_cmds_CXX \ - hardcode_libdir_flag_spec_CXX \ - hardcode_libdir_flag_spec_ld_CXX \ - hardcode_libdir_separator_CXX \ - hardcode_automatic_CXX \ - module_cmds_CXX \ - module_expsym_cmds_CXX \ - lt_cv_prog_compiler_c_o_CXX \ - exclude_expsyms_CXX \ - include_expsyms_CXX; do - - case $var in - old_archive_cmds_CXX | \ - old_archive_from_new_cmds_CXX | \ - archive_cmds_CXX | \ - archive_expsym_cmds_CXX | \ - module_cmds_CXX | \ - module_expsym_cmds_CXX | \ - old_archive_from_expsyms_cmds_CXX | \ - export_symbols_cmds_CXX | \ - extract_expsyms_cmds | reload_cmds | finish_cmds | \ - postinstall_cmds | postuninstall_cmds | \ - old_postinstall_cmds | old_postuninstall_cmds | \ - sys_lib_search_path_spec | sys_lib_dlsearch_path_spec) - # Double-quote double-evaled strings. - eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$double_quote_subst\" -e \"\$sed_quote_subst\" -e \"\$delay_variable_subst\"\`\\\"" - ;; - *) - eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$sed_quote_subst\"\`\\\"" - ;; - esac - done - - case $lt_echo in - *'\$0 --fallback-echo"') - lt_echo=`$echo "X$lt_echo" | $Xsed -e 's/\\\\\\\$0 --fallback-echo"$/$0 --fallback-echo"/'` - ;; - esac - -cfgfile="$ofile" - - cat <<__EOF__ >> "$cfgfile" -# ### BEGIN LIBTOOL TAG CONFIG: $tagname - -# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: - -# Shell to use when invoking shell scripts. -SHELL=$lt_SHELL - -# Whether or not to build shared libraries. -build_libtool_libs=$enable_shared - -# Whether or not to build static libraries. -build_old_libs=$enable_static - -# Whether or not to add -lc for building shared libraries. -build_libtool_need_lc=$archive_cmds_need_lc_CXX - -# Whether or not to disallow shared libs when runtime libs are static -allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes_CXX - -# Whether or not to optimize for fast installation. -fast_install=$enable_fast_install - -# The host system. -host_alias=$host_alias -host=$host -host_os=$host_os - -# The build system. -build_alias=$build_alias -build=$build -build_os=$build_os - -# An echo program that does not interpret backslashes. -echo=$lt_echo - -# The archiver. -AR=$lt_AR -AR_FLAGS=$lt_AR_FLAGS - -# A C compiler. -LTCC=$lt_LTCC - -# LTCC compiler flags. -LTCFLAGS=$lt_LTCFLAGS - -# A language-specific compiler. -CC=$lt_compiler_CXX - -# Is the compiler the GNU C compiler? -with_gcc=$GCC_CXX - -# An ERE matcher. -EGREP=$lt_EGREP - -# The linker used to build libraries. -LD=$lt_LD_CXX - -# Whether we need hard or soft links. -LN_S=$lt_LN_S - -# A BSD-compatible nm program. -NM=$lt_NM - -# A symbol stripping program -STRIP=$lt_STRIP - -# Used to examine libraries when file_magic_cmd begins "file" -MAGIC_CMD=$MAGIC_CMD - -# Used on cygwin: DLL creation program. -DLLTOOL="$DLLTOOL" - -# Used on cygwin: object dumper. -OBJDUMP="$OBJDUMP" - -# Used on cygwin: assembler. -AS="$AS" - -# The name of the directory that contains temporary libtool files. -objdir=$objdir - -# How to create reloadable object files. -reload_flag=$lt_reload_flag -reload_cmds=$lt_reload_cmds - -# How to pass a linker flag through the compiler. -wl=$lt_lt_prog_compiler_wl_CXX - -# Object file suffix (normally "o"). -objext="$ac_objext" - -# Old archive suffix (normally "a"). -libext="$libext" - -# Shared library suffix (normally ".so"). -shrext_cmds='$shrext_cmds' - -# Executable file suffix (normally ""). -exeext="$exeext" - -# Additional compiler flags for building library objects. -pic_flag=$lt_lt_prog_compiler_pic_CXX -pic_mode=$pic_mode - -# What is the maximum length of a command? -max_cmd_len=$lt_cv_sys_max_cmd_len - -# Does compiler simultaneously support -c and -o options? -compiler_c_o=$lt_lt_cv_prog_compiler_c_o_CXX - -# Must we lock files when doing compilation? -need_locks=$lt_need_locks - -# Do we need the lib prefix for modules? -need_lib_prefix=$need_lib_prefix - -# Do we need a version for libraries? -need_version=$need_version - -# Whether dlopen is supported. -dlopen_support=$enable_dlopen - -# Whether dlopen of programs is supported. -dlopen_self=$enable_dlopen_self - -# Whether dlopen of statically linked programs is supported. -dlopen_self_static=$enable_dlopen_self_static - -# Compiler flag to prevent dynamic linking. -link_static_flag=$lt_lt_prog_compiler_static_CXX - -# Compiler flag to turn off builtin functions. -no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag_CXX - -# Compiler flag to allow reflexive dlopens. -export_dynamic_flag_spec=$lt_export_dynamic_flag_spec_CXX - -# Compiler flag to generate shared objects directly from archives. -whole_archive_flag_spec=$lt_whole_archive_flag_spec_CXX - -# Compiler flag to generate thread-safe objects. -thread_safe_flag_spec=$lt_thread_safe_flag_spec_CXX - -# Library versioning type. -version_type=$version_type - -# Format of library name prefix. -libname_spec=$lt_libname_spec - -# List of archive names. First name is the real one, the rest are links. -# The last name is the one that the linker finds with -lNAME. -library_names_spec=$lt_library_names_spec - -# The coded name of the library, if different from the real name. -soname_spec=$lt_soname_spec - -# Commands used to build and install an old-style archive. -RANLIB=$lt_RANLIB -old_archive_cmds=$lt_old_archive_cmds_CXX -old_postinstall_cmds=$lt_old_postinstall_cmds -old_postuninstall_cmds=$lt_old_postuninstall_cmds - -# Create an old-style archive from a shared archive. -old_archive_from_new_cmds=$lt_old_archive_from_new_cmds_CXX - -# Create a temporary old-style archive to link instead of a shared archive. -old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds_CXX - -# Commands used to build and install a shared archive. -archive_cmds=$lt_archive_cmds_CXX -archive_expsym_cmds=$lt_archive_expsym_cmds_CXX -postinstall_cmds=$lt_postinstall_cmds -postuninstall_cmds=$lt_postuninstall_cmds - -# Commands used to build a loadable module (assumed same as above if empty) -module_cmds=$lt_module_cmds_CXX -module_expsym_cmds=$lt_module_expsym_cmds_CXX - -# Commands to strip libraries. -old_striplib=$lt_old_striplib -striplib=$lt_striplib - -# Dependencies to place before the objects being linked to create a -# shared library. -predep_objects=$lt_predep_objects_CXX - -# Dependencies to place after the objects being linked to create a -# shared library. -postdep_objects=$lt_postdep_objects_CXX - -# Dependencies to place before the objects being linked to create a -# shared library. -predeps=$lt_predeps_CXX - -# Dependencies to place after the objects being linked to create a -# shared library. -postdeps=$lt_postdeps_CXX - -# The library search path used internally by the compiler when linking -# a shared library. -compiler_lib_search_path=$lt_compiler_lib_search_path_CXX - -# Method to check whether dependent libraries are shared objects. -deplibs_check_method=$lt_deplibs_check_method - -# Command to use when deplibs_check_method == file_magic. -file_magic_cmd=$lt_file_magic_cmd - -# Flag that allows shared libraries with undefined symbols to be built. -allow_undefined_flag=$lt_allow_undefined_flag_CXX - -# Flag that forces no undefined symbols. -no_undefined_flag=$lt_no_undefined_flag_CXX - -# Commands used to finish a libtool library installation in a directory. -finish_cmds=$lt_finish_cmds - -# Same as above, but a single script fragment to be evaled but not shown. -finish_eval=$lt_finish_eval - -# Take the output of nm and produce a listing of raw symbols and C names. -global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe - -# Transform the output of nm in a proper C declaration -global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl - -# Transform the output of nm in a C name address pair -global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address - -# This is the shared library runtime path variable. -runpath_var=$runpath_var - -# This is the shared library path variable. -shlibpath_var=$shlibpath_var - -# Is shlibpath searched before the hard-coded library search path? -shlibpath_overrides_runpath=$shlibpath_overrides_runpath - -# How to hardcode a shared library path into an executable. -hardcode_action=$hardcode_action_CXX - -# Whether we should hardcode library paths into libraries. -hardcode_into_libs=$hardcode_into_libs - -# Flag to hardcode \$libdir into a binary during linking. -# This must work even if \$libdir does not exist. -hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec_CXX - -# If ld is used when linking, flag to hardcode \$libdir into -# a binary during linking. This must work even if \$libdir does -# not exist. -hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld_CXX - -# Whether we need a single -rpath flag with a separated argument. -hardcode_libdir_separator=$lt_hardcode_libdir_separator_CXX - -# Set to yes if using DIR/libNAME${shared_ext} during linking hardcodes DIR into the -# resulting binary. -hardcode_direct=$hardcode_direct_CXX - -# Set to yes if using the -LDIR flag during linking hardcodes DIR into the -# resulting binary. -hardcode_minus_L=$hardcode_minus_L_CXX - -# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into -# the resulting binary. -hardcode_shlibpath_var=$hardcode_shlibpath_var_CXX - -# Set to yes if building a shared library automatically hardcodes DIR into the library -# and all subsequent libraries and executables linked against it. -hardcode_automatic=$hardcode_automatic_CXX - -# Variables whose values should be saved in libtool wrapper scripts and -# restored at relink time. -variables_saved_for_relink="$variables_saved_for_relink" - -# Whether libtool must link a program against all its dependency libraries. -link_all_deplibs=$link_all_deplibs_CXX - -# Compile-time system search path for libraries -sys_lib_search_path_spec=$lt_sys_lib_search_path_spec - -# Run-time system search path for libraries -sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec - -# Fix the shell variable \$srcfile for the compiler. -fix_srcfile_path="$fix_srcfile_path_CXX" - -# Set to yes if exported symbols are required. -always_export_symbols=$always_export_symbols_CXX - -# The commands to list exported symbols. -export_symbols_cmds=$lt_export_symbols_cmds_CXX - -# The commands to extract the exported symbol list from a shared archive. -extract_expsyms_cmds=$lt_extract_expsyms_cmds - -# Symbols that should not be listed in the preloaded symbols. -exclude_expsyms=$lt_exclude_expsyms_CXX - -# Symbols that must always be exported. -include_expsyms=$lt_include_expsyms_CXX - -# ### END LIBTOOL TAG CONFIG: $tagname - -__EOF__ - - -else - # If there is no Makefile yet, we rely on a make rule to execute - # `config.status --recheck' to rerun these tests and create the - # libtool script then. - ltmain_in=`echo $ltmain | sed -e 's/\.sh$/.in/'` - if test -f "$ltmain_in"; then - test -f Makefile && make "$ltmain" - fi -fi - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -CC=$lt_save_CC -LDCXX=$LD -LD=$lt_save_LD -GCC=$lt_save_GCC -with_gnu_ldcxx=$with_gnu_ld -with_gnu_ld=$lt_save_with_gnu_ld -lt_cv_path_LDCXX=$lt_cv_path_LD -lt_cv_path_LD=$lt_save_path_LD -lt_cv_prog_gnu_ldcxx=$lt_cv_prog_gnu_ld -lt_cv_prog_gnu_ld=$lt_save_with_gnu_ld - - else - tagname="" - fi - ;; - - F77) - if test -n "$F77" && test "X$F77" != "Xno"; then - -ac_ext=f -ac_compile='$F77 -c $FFLAGS conftest.$ac_ext >&5' -ac_link='$F77 -o conftest$ac_exeext $FFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_f77_compiler_gnu - - -archive_cmds_need_lc_F77=no -allow_undefined_flag_F77= -always_export_symbols_F77=no -archive_expsym_cmds_F77= -export_dynamic_flag_spec_F77= -hardcode_direct_F77=no -hardcode_libdir_flag_spec_F77= -hardcode_libdir_flag_spec_ld_F77= -hardcode_libdir_separator_F77= -hardcode_minus_L_F77=no -hardcode_automatic_F77=no -module_cmds_F77= -module_expsym_cmds_F77= -link_all_deplibs_F77=unknown -old_archive_cmds_F77=$old_archive_cmds -no_undefined_flag_F77= -whole_archive_flag_spec_F77= -enable_shared_with_static_runtimes_F77=no - -# Source file extension for f77 test sources. -ac_ext=f - -# Object file extension for compiled f77 test sources. -objext=o -objext_F77=$objext - -# Code to be used in simple compile tests -lt_simple_compile_test_code=" subroutine t\n return\n end\n" - -# Code to be used in simple link tests -lt_simple_link_test_code=" program t\n end\n" - -# ltmain only uses $CC for tagged configurations so make sure $CC is set. - -# If no C compiler was specified, use CC. -LTCC=${LTCC-"$CC"} - -# If no C compiler flags were specified, use CFLAGS. -LTCFLAGS=${LTCFLAGS-"$CFLAGS"} - -# Allow CC to be a program name with arguments. -compiler=$CC - - -# save warnings/boilerplate of simple test code -ac_outfile=conftest.$ac_objext -printf "$lt_simple_compile_test_code" >conftest.$ac_ext -eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_compiler_boilerplate=`cat conftest.err` -$rm conftest* - -ac_outfile=conftest.$ac_objext -printf "$lt_simple_link_test_code" >conftest.$ac_ext -eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_linker_boilerplate=`cat conftest.err` -$rm conftest* - - -# Allow CC to be a program name with arguments. -lt_save_CC="$CC" -CC=${F77-"f77"} -compiler=$CC -compiler_F77=$CC -for cc_temp in $compiler""; do - case $cc_temp in - compile | *[\\/]compile | ccache | *[\\/]ccache ) ;; - distcc | *[\\/]distcc | purify | *[\\/]purify ) ;; - \-*) ;; - *) break;; - esac -done -cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` - - -{ echo "$as_me:$LINENO: checking if libtool supports shared libraries" >&5 -echo $ECHO_N "checking if libtool supports shared libraries... $ECHO_C" >&6; } -{ echo "$as_me:$LINENO: result: $can_build_shared" >&5 -echo "${ECHO_T}$can_build_shared" >&6; } - -{ echo "$as_me:$LINENO: checking whether to build shared libraries" >&5 -echo $ECHO_N "checking whether to build shared libraries... $ECHO_C" >&6; } -test "$can_build_shared" = "no" && enable_shared=no - -# On AIX, shared libraries and static libraries use the same namespace, and -# are all built from PIC. -case $host_os in -aix3*) - test "$enable_shared" = yes && enable_static=no - if test -n "$RANLIB"; then - archive_cmds="$archive_cmds~\$RANLIB \$lib" - postinstall_cmds='$RANLIB $lib' - fi - ;; -aix4* | aix5*) - if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then - test "$enable_shared" = yes && enable_static=no - fi - ;; -esac -{ echo "$as_me:$LINENO: result: $enable_shared" >&5 -echo "${ECHO_T}$enable_shared" >&6; } - -{ echo "$as_me:$LINENO: checking whether to build static libraries" >&5 -echo $ECHO_N "checking whether to build static libraries... $ECHO_C" >&6; } -# Make sure either enable_shared or enable_static is yes. -test "$enable_shared" = yes || enable_static=yes -{ echo "$as_me:$LINENO: result: $enable_static" >&5 -echo "${ECHO_T}$enable_static" >&6; } - -GCC_F77="$G77" -LD_F77="$LD" - -lt_prog_compiler_wl_F77= -lt_prog_compiler_pic_F77= -lt_prog_compiler_static_F77= - -{ echo "$as_me:$LINENO: checking for $compiler option to produce PIC" >&5 -echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } - - if test "$GCC" = yes; then - lt_prog_compiler_wl_F77='-Wl,' - lt_prog_compiler_static_F77='-static' - - case $host_os in - aix*) - # All AIX code is PIC. - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - lt_prog_compiler_static_F77='-Bstatic' - fi - ;; - - amigaos*) - # FIXME: we need at least 68020 code to build shared libraries, but - # adding the `-m68020' flag to GCC prevents building anything better, - # like `-m68040'. - lt_prog_compiler_pic_F77='-m68020 -resident32 -malways-restore-a4' - ;; - - beos* | cygwin* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) - # PIC is the default for these OSes. - ;; - - mingw* | pw32* | os2*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - lt_prog_compiler_pic_F77='-DDLL_EXPORT' - ;; - - darwin* | rhapsody*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - lt_prog_compiler_pic_F77='-fno-common' - ;; - - interix3*) - # Interix 3.x gcc -fpic/-fPIC options generate broken code. - # Instead, we relocate shared libraries at runtime. - ;; - - msdosdjgpp*) - # Just because we use GCC doesn't mean we suddenly get shared libraries - # on systems that don't support them. - lt_prog_compiler_can_build_shared_F77=no - enable_shared=no - ;; - - sysv4*MP*) - if test -d /usr/nec; then - lt_prog_compiler_pic_F77=-Kconform_pic - fi - ;; - - hpux*) - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - lt_prog_compiler_pic_F77='-fPIC' - ;; - esac - ;; - - *) - lt_prog_compiler_pic_F77='-fPIC' - ;; - esac - else - # PORTME Check for flag to pass linker flags through the system compiler. - case $host_os in - aix*) - lt_prog_compiler_wl_F77='-Wl,' - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - lt_prog_compiler_static_F77='-Bstatic' - else - lt_prog_compiler_static_F77='-bnso -bI:/lib/syscalls.exp' - fi - ;; - darwin*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - case $cc_basename in - xlc*) - lt_prog_compiler_pic_F77='-qnocommon' - lt_prog_compiler_wl_F77='-Wl,' - ;; - esac - ;; - - mingw* | pw32* | os2*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - lt_prog_compiler_pic_F77='-DDLL_EXPORT' - ;; - - hpux9* | hpux10* | hpux11*) - lt_prog_compiler_wl_F77='-Wl,' - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - lt_prog_compiler_pic_F77='+Z' - ;; - esac - # Is there a better lt_prog_compiler_static that works with the bundled CC? - lt_prog_compiler_static_F77='${wl}-a ${wl}archive' - ;; - - irix5* | irix6* | nonstopux*) - lt_prog_compiler_wl_F77='-Wl,' - # PIC (with -KPIC) is the default. - lt_prog_compiler_static_F77='-non_shared' - ;; - - newsos6) - lt_prog_compiler_pic_F77='-KPIC' - lt_prog_compiler_static_F77='-Bstatic' - ;; - - linux*) - case $cc_basename in - icc* | ecc*) - lt_prog_compiler_wl_F77='-Wl,' - lt_prog_compiler_pic_F77='-KPIC' - lt_prog_compiler_static_F77='-static' - ;; - pgcc* | pgf77* | pgf90* | pgf95*) - # Portland Group compilers (*not* the Pentium gcc compiler, - # which looks to be a dead project) - lt_prog_compiler_wl_F77='-Wl,' - lt_prog_compiler_pic_F77='-fpic' - lt_prog_compiler_static_F77='-Bstatic' - ;; - ccc*) - lt_prog_compiler_wl_F77='-Wl,' - # All Alpha code is PIC. - lt_prog_compiler_static_F77='-non_shared' - ;; - esac - ;; - - osf3* | osf4* | osf5*) - lt_prog_compiler_wl_F77='-Wl,' - # All OSF/1 code is PIC. - lt_prog_compiler_static_F77='-non_shared' - ;; - - solaris*) - lt_prog_compiler_pic_F77='-KPIC' - lt_prog_compiler_static_F77='-Bstatic' - case $cc_basename in - f77* | f90* | f95*) - lt_prog_compiler_wl_F77='-Qoption ld ';; - *) - lt_prog_compiler_wl_F77='-Wl,';; - esac - ;; - - sunos4*) - lt_prog_compiler_wl_F77='-Qoption ld ' - lt_prog_compiler_pic_F77='-PIC' - lt_prog_compiler_static_F77='-Bstatic' - ;; - - sysv4 | sysv4.2uw2* | sysv4.3*) - lt_prog_compiler_wl_F77='-Wl,' - lt_prog_compiler_pic_F77='-KPIC' - lt_prog_compiler_static_F77='-Bstatic' - ;; - - sysv4*MP*) - if test -d /usr/nec ;then - lt_prog_compiler_pic_F77='-Kconform_pic' - lt_prog_compiler_static_F77='-Bstatic' - fi - ;; - - sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) - lt_prog_compiler_wl_F77='-Wl,' - lt_prog_compiler_pic_F77='-KPIC' - lt_prog_compiler_static_F77='-Bstatic' - ;; - - unicos*) - lt_prog_compiler_wl_F77='-Wl,' - lt_prog_compiler_can_build_shared_F77=no - ;; - - uts4*) - lt_prog_compiler_pic_F77='-pic' - lt_prog_compiler_static_F77='-Bstatic' - ;; - - *) - lt_prog_compiler_can_build_shared_F77=no - ;; - esac - fi - -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_F77" >&5 -echo "${ECHO_T}$lt_prog_compiler_pic_F77" >&6; } - -# -# Check to make sure the PIC flag actually works. -# -if test -n "$lt_prog_compiler_pic_F77"; then - -{ echo "$as_me:$LINENO: checking if $compiler PIC flag $lt_prog_compiler_pic_F77 works" >&5 -echo $ECHO_N "checking if $compiler PIC flag $lt_prog_compiler_pic_F77 works... $ECHO_C" >&6; } -if test "${lt_prog_compiler_pic_works_F77+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_prog_compiler_pic_works_F77=no - ac_outfile=conftest.$ac_objext - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - lt_compiler_flag="$lt_prog_compiler_pic_F77" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - # The option is referenced via a variable to avoid confusing sed. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:14862: $lt_compile\"" >&5) - (eval "$lt_compile" 2>conftest.err) - ac_status=$? - cat conftest.err >&5 - echo "$as_me:14866: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s "$ac_outfile"; then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings other than the usual output. - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then - lt_prog_compiler_pic_works_F77=yes - fi - fi - $rm conftest* - -fi -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_works_F77" >&5 -echo "${ECHO_T}$lt_prog_compiler_pic_works_F77" >&6; } - -if test x"$lt_prog_compiler_pic_works_F77" = xyes; then - case $lt_prog_compiler_pic_F77 in - "" | " "*) ;; - *) lt_prog_compiler_pic_F77=" $lt_prog_compiler_pic_F77" ;; - esac -else - lt_prog_compiler_pic_F77= - lt_prog_compiler_can_build_shared_F77=no -fi - -fi -case $host_os in - # For platforms which do not support PIC, -DPIC is meaningless: - *djgpp*) - lt_prog_compiler_pic_F77= - ;; - *) - lt_prog_compiler_pic_F77="$lt_prog_compiler_pic_F77" - ;; -esac - -# -# Check to make sure the static flag actually works. -# -wl=$lt_prog_compiler_wl_F77 eval lt_tmp_static_flag=\"$lt_prog_compiler_static_F77\" -{ echo "$as_me:$LINENO: checking if $compiler static flag $lt_tmp_static_flag works" >&5 -echo $ECHO_N "checking if $compiler static flag $lt_tmp_static_flag works... $ECHO_C" >&6; } -if test "${lt_prog_compiler_static_works_F77+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_prog_compiler_static_works_F77=no - save_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS $lt_tmp_static_flag" - printf "$lt_simple_link_test_code" > conftest.$ac_ext - if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then - # The linker can only warn and ignore the option if not recognized - # So say no if there are warnings - if test -s conftest.err; then - # Append any errors to the config.log. - cat conftest.err 1>&5 - $echo "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if diff conftest.exp conftest.er2 >/dev/null; then - lt_prog_compiler_static_works_F77=yes - fi - else - lt_prog_compiler_static_works_F77=yes - fi - fi - $rm conftest* - LDFLAGS="$save_LDFLAGS" - -fi -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_static_works_F77" >&5 -echo "${ECHO_T}$lt_prog_compiler_static_works_F77" >&6; } - -if test x"$lt_prog_compiler_static_works_F77" = xyes; then - : -else - lt_prog_compiler_static_F77= -fi - - -{ echo "$as_me:$LINENO: checking if $compiler supports -c -o file.$ac_objext" >&5 -echo $ECHO_N "checking if $compiler supports -c -o file.$ac_objext... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_c_o_F77+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_cv_prog_compiler_c_o_F77=no - $rm -r conftest 2>/dev/null - mkdir conftest - cd conftest - mkdir out - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - - lt_compiler_flag="-o out/conftest2.$ac_objext" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:14966: $lt_compile\"" >&5) - (eval "$lt_compile" 2>out/conftest.err) - ac_status=$? - cat out/conftest.err >&5 - echo "$as_me:14970: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s out/conftest2.$ac_objext - then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp - $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2 - if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then - lt_cv_prog_compiler_c_o_F77=yes - fi - fi - chmod u+w . 2>&5 - $rm conftest* - # SGI C++ compiler will create directory out/ii_files/ for - # template instantiation - test -d out/ii_files && $rm out/ii_files/* && rmdir out/ii_files - $rm out/* && rmdir out - cd .. - rmdir conftest - $rm conftest* - -fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_c_o_F77" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_c_o_F77" >&6; } - - -hard_links="nottested" -if test "$lt_cv_prog_compiler_c_o_F77" = no && test "$need_locks" != no; then - # do not overwrite the value of need_locks provided by the user - { echo "$as_me:$LINENO: checking if we can lock with hard links" >&5 -echo $ECHO_N "checking if we can lock with hard links... $ECHO_C" >&6; } - hard_links=yes - $rm conftest* - ln conftest.a conftest.b 2>/dev/null && hard_links=no - touch conftest.a - ln conftest.a conftest.b 2>&5 || hard_links=no - ln conftest.a conftest.b 2>/dev/null && hard_links=no - { echo "$as_me:$LINENO: result: $hard_links" >&5 -echo "${ECHO_T}$hard_links" >&6; } - if test "$hard_links" = no; then - { echo "$as_me:$LINENO: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5 -echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;} - need_locks=warn - fi -else - need_locks=no -fi - -{ echo "$as_me:$LINENO: checking whether the $compiler linker ($LD) supports shared libraries" >&5 -echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared libraries... $ECHO_C" >&6; } - - runpath_var= - allow_undefined_flag_F77= - enable_shared_with_static_runtimes_F77=no - archive_cmds_F77= - archive_expsym_cmds_F77= - old_archive_From_new_cmds_F77= - old_archive_from_expsyms_cmds_F77= - export_dynamic_flag_spec_F77= - whole_archive_flag_spec_F77= - thread_safe_flag_spec_F77= - hardcode_libdir_flag_spec_F77= - hardcode_libdir_flag_spec_ld_F77= - hardcode_libdir_separator_F77= - hardcode_direct_F77=no - hardcode_minus_L_F77=no - hardcode_shlibpath_var_F77=unsupported - link_all_deplibs_F77=unknown - hardcode_automatic_F77=no - module_cmds_F77= - module_expsym_cmds_F77= - always_export_symbols_F77=no - export_symbols_cmds_F77='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - # include_expsyms should be a list of space-separated symbols to be *always* - # included in the symbol list - include_expsyms_F77= - # exclude_expsyms can be an extended regexp of symbols to exclude - # it will be wrapped by ` (' and `)$', so one must not match beginning or - # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc', - # as well as any symbol that contains `d'. - exclude_expsyms_F77="_GLOBAL_OFFSET_TABLE_" - # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out - # platforms (ab)use it in PIC code, but their linkers get confused if - # the symbol is explicitly referenced. Since portable code cannot - # rely on this symbol name, it's probably fine to never include it in - # preloaded symbol tables. - extract_expsyms_cmds= - # Just being paranoid about ensuring that cc_basename is set. - for cc_temp in $compiler""; do - case $cc_temp in - compile | *[\\/]compile | ccache | *[\\/]ccache ) ;; - distcc | *[\\/]distcc | purify | *[\\/]purify ) ;; - \-*) ;; - *) break;; - esac -done -cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` - - case $host_os in - cygwin* | mingw* | pw32*) - # FIXME: the MSVC++ port hasn't been tested in a loooong time - # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. - if test "$GCC" != yes; then - with_gnu_ld=no - fi - ;; - interix*) - # we just hope/assume this is gcc and not c89 (= MSVC++) - with_gnu_ld=yes - ;; - openbsd*) - with_gnu_ld=no - ;; - esac - - ld_shlibs_F77=yes - if test "$with_gnu_ld" = yes; then - # If archive_cmds runs LD, not CC, wlarc should be empty - wlarc='${wl}' - - # Set some defaults for GNU ld with shared library support. These - # are reset later if shared libraries are not supported. Putting them - # here allows them to be overridden if necessary. - runpath_var=LD_RUN_PATH - hardcode_libdir_flag_spec_F77='${wl}--rpath ${wl}$libdir' - export_dynamic_flag_spec_F77='${wl}--export-dynamic' - # ancient GNU ld didn't support --whole-archive et. al. - if $LD --help 2>&1 | grep 'no-whole-archive' > /dev/null; then - whole_archive_flag_spec_F77="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' - else - whole_archive_flag_spec_F77= - fi - supports_anon_versioning=no - case `$LD -v 2>/dev/null` in - *\ [01].* | *\ 2.[0-9].* | *\ 2.10.*) ;; # catch versions < 2.11 - *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ... - *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ... - *\ 2.11.*) ;; # other 2.11 versions - *) supports_anon_versioning=yes ;; - esac - - # See if GNU ld supports shared libraries. - case $host_os in - aix3* | aix4* | aix5*) - # On AIX/PPC, the GNU linker is very broken - if test "$host_cpu" != ia64; then - ld_shlibs_F77=no - cat <&2 - -*** Warning: the GNU linker, at least up to release 2.9.1, is reported -*** to be unable to reliably create shared libraries on AIX. -*** Therefore, libtool is disabling shared libraries support. If you -*** really care for shared libraries, you may want to modify your PATH -*** so that a non-GNU linker is found, and then restart. - -EOF - fi - ;; - - amigaos*) - archive_cmds_F77='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' - hardcode_libdir_flag_spec_F77='-L$libdir' - hardcode_minus_L_F77=yes - - # Samuel A. Falvo II reports - # that the semantics of dynamic libraries on AmigaOS, at least up - # to version 4, is to share data among multiple programs linked - # with the same dynamic library. Since this doesn't match the - # behavior of shared libraries on other platforms, we can't use - # them. - ld_shlibs_F77=no - ;; - - beos*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - allow_undefined_flag_F77=unsupported - # Joseph Beckenbach says some releases of gcc - # support --undefined. This deserves some investigation. FIXME - archive_cmds_F77='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - else - ld_shlibs_F77=no - fi - ;; - - cygwin* | mingw* | pw32*) - # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, F77) is actually meaningless, - # as there is no search path for DLLs. - hardcode_libdir_flag_spec_F77='-L$libdir' - allow_undefined_flag_F77=unsupported - always_export_symbols_F77=no - enable_shared_with_static_runtimes_F77=yes - export_symbols_cmds_F77='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS] /s/.* \([^ ]*\)/\1 DATA/'\'' | $SED -e '\''/^[AITW] /s/.* //'\'' | sort | uniq > $export_symbols' - - if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then - archive_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - # If the export-symbols file already is a .def file (1st line - # is EXPORTS), use it as is; otherwise, prepend... - archive_expsym_cmds_F77='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then - cp $export_symbols $output_objdir/$soname.def; - else - echo EXPORTS > $output_objdir/$soname.def; - cat $export_symbols >> $output_objdir/$soname.def; - fi~ - $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - else - ld_shlibs_F77=no - fi - ;; - - interix3*) - hardcode_direct_F77=no - hardcode_shlibpath_var_F77=no - hardcode_libdir_flag_spec_F77='${wl}-rpath,$libdir' - export_dynamic_flag_spec_F77='${wl}-E' - # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. - # Instead, shared libraries are loaded at an image base (0x10000000 by - # default) and relocated if they conflict, which is a slow very memory - # consuming and fragmenting process. To avoid this, we pick a random, - # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link - # time. Moving up from 0x10000000 also allows more sbrk(2) space. - archive_cmds_F77='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - archive_expsym_cmds_F77='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - ;; - - linux*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - tmp_addflag= - case $cc_basename,$host_cpu in - pgcc*) # Portland Group C compiler - whole_archive_flag_spec_F77='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive' - tmp_addflag=' $pic_flag' - ;; - pgf77* | pgf90* | pgf95*) # Portland Group f77 and f90 compilers - whole_archive_flag_spec_F77='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive' - tmp_addflag=' $pic_flag -Mnomain' ;; - ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64 - tmp_addflag=' -i_dynamic' ;; - efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64 - tmp_addflag=' -i_dynamic -nofor_main' ;; - ifc* | ifort*) # Intel Fortran compiler - tmp_addflag=' -nofor_main' ;; - esac - archive_cmds_F77='$CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - - if test $supports_anon_versioning = yes; then - archive_expsym_cmds_F77='$echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ - $echo "local: *; };" >> $output_objdir/$libname.ver~ - $CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' - fi - else - ld_shlibs_F77=no - fi - ;; - - netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - archive_cmds_F77='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' - wlarc= - else - archive_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - fi - ;; - - solaris*) - if $LD -v 2>&1 | grep 'BFD 2\.8' > /dev/null; then - ld_shlibs_F77=no - cat <&2 - -*** Warning: The releases 2.8.* of the GNU linker cannot reliably -*** create shared libraries on Solaris systems. Therefore, libtool -*** is disabling shared libraries support. We urge you to upgrade GNU -*** binutils to release 2.9.1 or newer. Another option is to modify -*** your PATH or compiler configuration so that the native linker is -*** used, and then restart. - -EOF - elif $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - archive_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - else - ld_shlibs_F77=no - fi - ;; - - sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*) - case `$LD -v 2>&1` in - *\ [01].* | *\ 2.[0-9].* | *\ 2.1[0-5].*) - ld_shlibs_F77=no - cat <<_LT_EOF 1>&2 - -*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not -*** reliably create shared libraries on SCO systems. Therefore, libtool -*** is disabling shared libraries support. We urge you to upgrade GNU -*** binutils to release 2.16.91.0.3 or newer. Another option is to modify -*** your PATH or compiler configuration so that the native linker is -*** used, and then restart. - -_LT_EOF - ;; - *) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - hardcode_libdir_flag_spec_F77='`test -z "$SCOABSPATH" && echo ${wl}-rpath,$libdir`' - archive_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib' - archive_expsym_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname,-retain-symbols-file,$export_symbols -o $lib' - else - ld_shlibs_F77=no - fi - ;; - esac - ;; - - sunos4*) - archive_cmds_F77='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags' - wlarc= - hardcode_direct_F77=yes - hardcode_shlibpath_var_F77=no - ;; - - *) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - archive_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - else - ld_shlibs_F77=no - fi - ;; - esac - - if test "$ld_shlibs_F77" = no; then - runpath_var= - hardcode_libdir_flag_spec_F77= - export_dynamic_flag_spec_F77= - whole_archive_flag_spec_F77= - fi - else - # PORTME fill in a description of your system's linker (not GNU ld) - case $host_os in - aix3*) - allow_undefined_flag_F77=unsupported - always_export_symbols_F77=yes - archive_expsym_cmds_F77='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname' - # Note: this linker hardcodes the directories in LIBPATH if there - # are no directories specified by -L. - hardcode_minus_L_F77=yes - if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then - # Neither direct hardcoding nor static linking is supported with a - # broken collect2. - hardcode_direct_F77=unsupported - fi - ;; - - aix4* | aix5*) - if test "$host_cpu" = ia64; then - # On IA64, the linker does run time linking by default, so we don't - # have to do anything special. - aix_use_runtimelinking=no - exp_sym_flag='-Bexport' - no_entry_flag="" - else - # If we're using GNU nm, then we don't want the "-C" option. - # -C means demangle to AIX nm, but means don't demangle with GNU nm - if $NM -V 2>&1 | grep 'GNU' > /dev/null; then - export_symbols_cmds_F77='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols' - else - export_symbols_cmds_F77='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols' - fi - aix_use_runtimelinking=no - - # Test if we are trying to use run time linking or normal - # AIX style linking. If -brtl is somewhere in LDFLAGS, we - # need to do runtime linking. - case $host_os in aix4.[23]|aix4.[23].*|aix5*) - for ld_flag in $LDFLAGS; do - if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then - aix_use_runtimelinking=yes - break - fi - done - ;; - esac - - exp_sym_flag='-bexport' - no_entry_flag='-bnoentry' - fi - - # When large executables or shared objects are built, AIX ld can - # have problems creating the table of contents. If linking a library - # or program results in "error TOC overflow" add -mminimal-toc to - # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not - # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. - - archive_cmds_F77='' - hardcode_direct_F77=yes - hardcode_libdir_separator_F77=':' - link_all_deplibs_F77=yes - - if test "$GCC" = yes; then - case $host_os in aix4.[012]|aix4.[012].*) - # We only want to do this on AIX 4.2 and lower, the check - # below for broken collect2 doesn't work under 4.3+ - collect2name=`${CC} -print-prog-name=collect2` - if test -f "$collect2name" && \ - strings "$collect2name" | grep resolve_lib_name >/dev/null - then - # We have reworked collect2 - hardcode_direct_F77=yes - else - # We have old collect2 - hardcode_direct_F77=unsupported - # It fails to find uninstalled libraries when the uninstalled - # path is not listed in the libpath. Setting hardcode_minus_L - # to unsupported forces relinking - hardcode_minus_L_F77=yes - hardcode_libdir_flag_spec_F77='-L$libdir' - hardcode_libdir_separator_F77= - fi - ;; - esac - shared_flag='-shared' - if test "$aix_use_runtimelinking" = yes; then - shared_flag="$shared_flag "'${wl}-G' - fi - else - # not using gcc - if test "$host_cpu" = ia64; then - # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release - # chokes on -Wl,-G. The following line is correct: - shared_flag='-G' - else - if test "$aix_use_runtimelinking" = yes; then - shared_flag='${wl}-G' - else - shared_flag='${wl}-bM:SRE' - fi - fi - fi - - # It seems that -bexpall does not export symbols beginning with - # underscore (_), so it is better to generate a list of symbols to export. - always_export_symbols_F77=yes - if test "$aix_use_runtimelinking" = yes; then - # Warning - without using the other runtime loading flags (-brtl), - # -berok will link without error, but may produce a broken library. - allow_undefined_flag_F77='-berok' - # Determine the default libpath from the value encoded in an empty executable. - cat >conftest.$ac_ext <<_ACEOF - program main - - end -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_f77_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'`; fi -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi - - hardcode_libdir_flag_spec_F77='${wl}-blibpath:$libdir:'"$aix_libpath" - archive_expsym_cmds_F77="\$CC"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then echo "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" - else - if test "$host_cpu" = ia64; then - hardcode_libdir_flag_spec_F77='${wl}-R $libdir:/usr/lib:/lib' - allow_undefined_flag_F77="-z nodefs" - archive_expsym_cmds_F77="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols" - else - # Determine the default libpath from the value encoded in an empty executable. - cat >conftest.$ac_ext <<_ACEOF - program main - - end -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_f77_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'`; fi -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi - - hardcode_libdir_flag_spec_F77='${wl}-blibpath:$libdir:'"$aix_libpath" - # Warning - without using the other run time loading flags, - # -berok will link without error, but may produce a broken library. - no_undefined_flag_F77=' ${wl}-bernotok' - allow_undefined_flag_F77=' ${wl}-berok' - # Exported symbols can be pulled into shared objects from archives - whole_archive_flag_spec_F77='$convenience' - archive_cmds_need_lc_F77=yes - # This is similar to how AIX traditionally builds its shared libraries. - archive_expsym_cmds_F77="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname' - fi - fi - ;; - - amigaos*) - archive_cmds_F77='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' - hardcode_libdir_flag_spec_F77='-L$libdir' - hardcode_minus_L_F77=yes - # see comment about different semantics on the GNU ld section - ld_shlibs_F77=no - ;; - - bsdi[45]*) - export_dynamic_flag_spec_F77=-rdynamic - ;; - - cygwin* | mingw* | pw32*) - # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. - # hardcode_libdir_flag_spec is actually meaningless, as there is - # no search path for DLLs. - hardcode_libdir_flag_spec_F77=' ' - allow_undefined_flag_F77=unsupported - # Tell ltmain to make .lib files, not .a files. - libext=lib - # Tell ltmain to make .dll files, not .so files. - shrext_cmds=".dll" - # FIXME: Setting linknames here is a bad hack. - archive_cmds_F77='$CC -o $lib $libobjs $compiler_flags `echo "$deplibs" | $SED -e '\''s/ -lc$//'\''` -link -dll~linknames=' - # The linker will automatically build a .lib file if we build a DLL. - old_archive_From_new_cmds_F77='true' - # FIXME: Should let the user specify the lib program. - old_archive_cmds_F77='lib /OUT:$oldlib$oldobjs$old_deplibs' - fix_srcfile_path_F77='`cygpath -w "$srcfile"`' - enable_shared_with_static_runtimes_F77=yes - ;; - - darwin* | rhapsody*) - case $host_os in - rhapsody* | darwin1.[012]) - allow_undefined_flag_F77='${wl}-undefined ${wl}suppress' - ;; - *) # Darwin 1.3 on - if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then - allow_undefined_flag_F77='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - else - case ${MACOSX_DEPLOYMENT_TARGET} in - 10.[012]) - allow_undefined_flag_F77='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - ;; - 10.*) - allow_undefined_flag_F77='${wl}-undefined ${wl}dynamic_lookup' - ;; - esac - fi - ;; - esac - archive_cmds_need_lc_F77=no - hardcode_direct_F77=no - hardcode_automatic_F77=yes - hardcode_shlibpath_var_F77=unsupported - whole_archive_flag_spec_F77='' - link_all_deplibs_F77=yes - if test "$GCC" = yes ; then - output_verbose_link_cmd='echo' - archive_cmds_F77='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - module_cmds_F77='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - archive_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - module_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - case $cc_basename in - xlc*) - output_verbose_link_cmd='echo' - archive_cmds_F77='$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring' - module_cmds_F77='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - archive_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - module_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - ;; - *) - ld_shlibs_F77=no - ;; - esac - fi - ;; - - dgux*) - archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_libdir_flag_spec_F77='-L$libdir' - hardcode_shlibpath_var_F77=no - ;; - - freebsd1*) - ld_shlibs_F77=no - ;; - - # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor - # support. Future versions do this automatically, but an explicit c++rt0.o - # does not break anything, and helps significantly (at the cost of a little - # extra space). - freebsd2.2*) - archive_cmds_F77='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o' - hardcode_libdir_flag_spec_F77='-R$libdir' - hardcode_direct_F77=yes - hardcode_shlibpath_var_F77=no - ;; - - # Unfortunately, older versions of FreeBSD 2 do not have this feature. - freebsd2*) - archive_cmds_F77='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct_F77=yes - hardcode_minus_L_F77=yes - hardcode_shlibpath_var_F77=no - ;; - - # FreeBSD 3 and greater uses gcc -shared to do shared libraries. - freebsd* | kfreebsd*-gnu | dragonfly*) - archive_cmds_F77='$CC -shared -o $lib $libobjs $deplibs $compiler_flags' - hardcode_libdir_flag_spec_F77='-R$libdir' - hardcode_direct_F77=yes - hardcode_shlibpath_var_F77=no - ;; - - hpux9*) - if test "$GCC" = yes; then - archive_cmds_F77='$rm $output_objdir/$soname~$CC -shared -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - else - archive_cmds_F77='$rm $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - fi - hardcode_libdir_flag_spec_F77='${wl}+b ${wl}$libdir' - hardcode_libdir_separator_F77=: - hardcode_direct_F77=yes - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L_F77=yes - export_dynamic_flag_spec_F77='${wl}-E' - ;; - - hpux10*) - if test "$GCC" = yes -a "$with_gnu_ld" = no; then - archive_cmds_F77='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds_F77='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags' - fi - if test "$with_gnu_ld" = no; then - hardcode_libdir_flag_spec_F77='${wl}+b ${wl}$libdir' - hardcode_libdir_separator_F77=: - - hardcode_direct_F77=yes - export_dynamic_flag_spec_F77='${wl}-E' - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L_F77=yes - fi - ;; - - hpux11*) - if test "$GCC" = yes -a "$with_gnu_ld" = no; then - case $host_cpu in - hppa*64*) - archive_cmds_F77='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - ia64*) - archive_cmds_F77='$CC -shared ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - archive_cmds_F77='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - else - case $host_cpu in - hppa*64*) - archive_cmds_F77='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - ia64*) - archive_cmds_F77='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - archive_cmds_F77='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - fi - if test "$with_gnu_ld" = no; then - hardcode_libdir_flag_spec_F77='${wl}+b ${wl}$libdir' - hardcode_libdir_separator_F77=: - - case $host_cpu in - hppa*64*|ia64*) - hardcode_libdir_flag_spec_ld_F77='+b $libdir' - hardcode_direct_F77=no - hardcode_shlibpath_var_F77=no - ;; - *) - hardcode_direct_F77=yes - export_dynamic_flag_spec_F77='${wl}-E' - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L_F77=yes - ;; - esac - fi - ;; - - irix5* | irix6* | nonstopux*) - if test "$GCC" = yes; then - archive_cmds_F77='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - archive_cmds_F77='$LD -shared $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - hardcode_libdir_flag_spec_ld_F77='-rpath $libdir' - fi - hardcode_libdir_flag_spec_F77='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator_F77=: - link_all_deplibs_F77=yes - ;; - - netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - archive_cmds_F77='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out - else - archive_cmds_F77='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF - fi - hardcode_libdir_flag_spec_F77='-R$libdir' - hardcode_direct_F77=yes - hardcode_shlibpath_var_F77=no - ;; - - newsos6) - archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct_F77=yes - hardcode_libdir_flag_spec_F77='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator_F77=: - hardcode_shlibpath_var_F77=no - ;; - - openbsd*) - hardcode_direct_F77=yes - hardcode_shlibpath_var_F77=no - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - archive_cmds_F77='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_F77='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols' - hardcode_libdir_flag_spec_F77='${wl}-rpath,$libdir' - export_dynamic_flag_spec_F77='${wl}-E' - else - case $host_os in - openbsd[01].* | openbsd2.[0-7] | openbsd2.[0-7].*) - archive_cmds_F77='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' - hardcode_libdir_flag_spec_F77='-R$libdir' - ;; - *) - archive_cmds_F77='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - hardcode_libdir_flag_spec_F77='${wl}-rpath,$libdir' - ;; - esac - fi - ;; - - os2*) - hardcode_libdir_flag_spec_F77='-L$libdir' - hardcode_minus_L_F77=yes - allow_undefined_flag_F77=unsupported - archive_cmds_F77='$echo "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$echo "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~$echo DATA >> $output_objdir/$libname.def~$echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~$echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def' - old_archive_From_new_cmds_F77='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def' - ;; - - osf3*) - if test "$GCC" = yes; then - allow_undefined_flag_F77=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds_F77='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - allow_undefined_flag_F77=' -expect_unresolved \*' - archive_cmds_F77='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - fi - hardcode_libdir_flag_spec_F77='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator_F77=: - ;; - - osf4* | osf5*) # as osf3* with the addition of -msym flag - if test "$GCC" = yes; then - allow_undefined_flag_F77=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds_F77='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - hardcode_libdir_flag_spec_F77='${wl}-rpath ${wl}$libdir' - else - allow_undefined_flag_F77=' -expect_unresolved \*' - archive_cmds_F77='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - archive_expsym_cmds_F77='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; echo "-hidden">> $lib.exp~ - $LD -shared${allow_undefined_flag} -input $lib.exp $linker_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib~$rm $lib.exp' - - # Both c and cxx compiler support -rpath directly - hardcode_libdir_flag_spec_F77='-rpath $libdir' - fi - hardcode_libdir_separator_F77=: - ;; - - solaris*) - no_undefined_flag_F77=' -z text' - if test "$GCC" = yes; then - wlarc='${wl}' - archive_cmds_F77='$CC -shared ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_F77='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $CC -shared ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$rm $lib.exp' - else - wlarc='' - archive_cmds_F77='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags' - archive_expsym_cmds_F77='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$rm $lib.exp' - fi - hardcode_libdir_flag_spec_F77='-R$libdir' - hardcode_shlibpath_var_F77=no - case $host_os in - solaris2.[0-5] | solaris2.[0-5].*) ;; - *) - # The compiler driver will combine linker options so we - # cannot just pass the convience library names through - # without $wl, iff we do not link with $LD. - # Luckily, gcc supports the same syntax we need for Sun Studio. - # Supported since Solaris 2.6 (maybe 2.5.1?) - case $wlarc in - '') - whole_archive_flag_spec_F77='-z allextract$convenience -z defaultextract' ;; - *) - whole_archive_flag_spec_F77='${wl}-z ${wl}allextract`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}-z ${wl}defaultextract' ;; - esac ;; - esac - link_all_deplibs_F77=yes - ;; - - sunos4*) - if test "x$host_vendor" = xsequent; then - # Use $CC to link under sequent, because it throws in some extra .o - # files that make .init and .fini sections work. - archive_cmds_F77='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds_F77='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags' - fi - hardcode_libdir_flag_spec_F77='-L$libdir' - hardcode_direct_F77=yes - hardcode_minus_L_F77=yes - hardcode_shlibpath_var_F77=no - ;; - - sysv4) - case $host_vendor in - sni) - archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct_F77=yes # is this really true??? - ;; - siemens) - ## LD is ld it makes a PLAMLIB - ## CC just makes a GrossModule. - archive_cmds_F77='$LD -G -o $lib $libobjs $deplibs $linker_flags' - reload_cmds_F77='$CC -r -o $output$reload_objs' - hardcode_direct_F77=no - ;; - motorola) - archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct_F77=no #Motorola manual says yes, but my tests say they lie - ;; - esac - runpath_var='LD_RUN_PATH' - hardcode_shlibpath_var_F77=no - ;; - - sysv4.3*) - archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_shlibpath_var_F77=no - export_dynamic_flag_spec_F77='-Bexport' - ;; - - sysv4*MP*) - if test -d /usr/nec; then - archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_shlibpath_var_F77=no - runpath_var=LD_RUN_PATH - hardcode_runpath_var=yes - ld_shlibs_F77=yes - fi - ;; - - sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7*) - no_undefined_flag_F77='${wl}-z,text' - archive_cmds_need_lc_F77=no - hardcode_shlibpath_var_F77=no - runpath_var='LD_RUN_PATH' - - if test "$GCC" = yes; then - archive_cmds_F77='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_F77='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds_F77='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_F77='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - fi - ;; - - sysv5* | sco3.2v5* | sco5v6*) - # Note: We can NOT use -z defs as we might desire, because we do not - # link with -lc, and that would cause any symbols used from libc to - # always be unresolved, which means just about no library would - # ever link correctly. If we're not using GNU ld we use -z text - # though, which does catch some bad symbols but isn't as heavy-handed - # as -z defs. - no_undefined_flag_F77='${wl}-z,text' - allow_undefined_flag_F77='${wl}-z,nodefs' - archive_cmds_need_lc_F77=no - hardcode_shlibpath_var_F77=no - hardcode_libdir_flag_spec_F77='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`' - hardcode_libdir_separator_F77=':' - link_all_deplibs_F77=yes - export_dynamic_flag_spec_F77='${wl}-Bexport' - runpath_var='LD_RUN_PATH' - - if test "$GCC" = yes; then - archive_cmds_F77='$CC -shared ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_F77='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds_F77='$CC -G ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_F77='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - fi - ;; - - uts4*) - archive_cmds_F77='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_libdir_flag_spec_F77='-L$libdir' - hardcode_shlibpath_var_F77=no - ;; - - *) - ld_shlibs_F77=no - ;; - esac - fi - -{ echo "$as_me:$LINENO: result: $ld_shlibs_F77" >&5 -echo "${ECHO_T}$ld_shlibs_F77" >&6; } -test "$ld_shlibs_F77" = no && can_build_shared=no - -# -# Do we need to explicitly link libc? -# -case "x$archive_cmds_need_lc_F77" in -x|xyes) - # Assume -lc should be added - archive_cmds_need_lc_F77=yes - - if test "$enable_shared" = yes && test "$GCC" = yes; then - case $archive_cmds_F77 in - *'~'*) - # FIXME: we may have to deal with multi-command sequences. - ;; - '$CC '*) - # Test whether the compiler implicitly links with -lc since on some - # systems, -lgcc has to come before -lc. If gcc already passes -lc - # to ld, don't add -lc before -lgcc. - { echo "$as_me:$LINENO: checking whether -lc should be explicitly linked in" >&5 -echo $ECHO_N "checking whether -lc should be explicitly linked in... $ECHO_C" >&6; } - $rm conftest* - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } 2>conftest.err; then - soname=conftest - lib=conftest - libobjs=conftest.$ac_objext - deplibs= - wl=$lt_prog_compiler_wl_F77 - pic_flag=$lt_prog_compiler_pic_F77 - compiler_flags=-v - linker_flags=-v - verstring= - output_objdir=. - libname=conftest - lt_save_allow_undefined_flag=$allow_undefined_flag_F77 - allow_undefined_flag_F77= - if { (eval echo "$as_me:$LINENO: \"$archive_cmds_F77 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1\"") >&5 - (eval $archive_cmds_F77 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } - then - archive_cmds_need_lc_F77=no - else - archive_cmds_need_lc_F77=yes - fi - allow_undefined_flag_F77=$lt_save_allow_undefined_flag - else - cat conftest.err 1>&5 - fi - $rm conftest* - { echo "$as_me:$LINENO: result: $archive_cmds_need_lc_F77" >&5 -echo "${ECHO_T}$archive_cmds_need_lc_F77" >&6; } - ;; - esac - fi - ;; -esac - -{ echo "$as_me:$LINENO: checking dynamic linker characteristics" >&5 -echo $ECHO_N "checking dynamic linker characteristics... $ECHO_C" >&6; } -library_names_spec= -libname_spec='lib$name' -soname_spec= -shrext_cmds=".so" -postinstall_cmds= -postuninstall_cmds= -finish_cmds= -finish_eval= -shlibpath_var= -shlibpath_overrides_runpath=unknown -version_type=none -dynamic_linker="$host_os ld.so" -sys_lib_dlsearch_path_spec="/lib /usr/lib" -if test "$GCC" = yes; then - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"` - if echo "$sys_lib_search_path_spec" | grep ';' >/dev/null ; then - # if the path contains ";" then we assume it to be the separator - # otherwise default to the standard path separator (i.e. ":") - it is - # assumed that no part of a normal pathname contains ";" but that should - # okay in the real world where ";" in dirpaths is itself problematic. - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi -else - sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib" -fi -need_lib_prefix=unknown -hardcode_into_libs=no - -# when you set need_version to no, make sure it does not cause -set_version -# flags to be left without arguments -need_version=unknown - -case $host_os in -aix3*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a' - shlibpath_var=LIBPATH - - # AIX 3 has no versioning support, so we append a major version to the name. - soname_spec='${libname}${release}${shared_ext}$major' - ;; - -aix4* | aix5*) - version_type=linux - need_lib_prefix=no - need_version=no - hardcode_into_libs=yes - if test "$host_cpu" = ia64; then - # AIX 5 supports IA64 - library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - else - # With GCC up to 2.95.x, collect2 would create an import file - # for dependence libraries. The import file would start with - # the line `#! .'. This would cause the generated library to - # depend on `.', always an invalid library. This was fixed in - # development snapshots of GCC prior to 3.0. - case $host_os in - aix4 | aix4.[01] | aix4.[01].*) - if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)' - echo ' yes ' - echo '#endif'; } | ${CC} -E - | grep yes > /dev/null; then - : - else - can_build_shared=no - fi - ;; - esac - # AIX (on Power*) has no versioning support, so currently we can not hardcode correct - # soname into executable. Probably we can add versioning support to - # collect2, so additional links can be useful in future. - if test "$aix_use_runtimelinking" = yes; then - # If using run time linking (on AIX 4.2 or later) use lib.so - # instead of lib.a to let people know that these are not - # typical AIX shared libraries. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - else - # We preserve .a as extension for shared libraries through AIX4.2 - # and later when we are not doing run time linking. - library_names_spec='${libname}${release}.a $libname.a' - soname_spec='${libname}${release}${shared_ext}$major' - fi - shlibpath_var=LIBPATH - fi - ;; - -amigaos*) - library_names_spec='$libname.ixlibrary $libname.a' - # Create ${libname}_ixlibrary.a entries in /sys/libs. - finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$echo "X$lib" | $Xsed -e '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $rm /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done' - ;; - -beos*) - library_names_spec='${libname}${shared_ext}' - dynamic_linker="$host_os ld.so" - shlibpath_var=LIBRARY_PATH - ;; - -bsdi[45]*) - version_type=linux - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib" - sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib" - # the default ld.so.conf also contains /usr/contrib/lib and - # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow - # libtool to hard-code these into programs - ;; - -cygwin* | mingw* | pw32*) - version_type=windows - shrext_cmds=".dll" - need_version=no - need_lib_prefix=no - - case $GCC,$host_os in - yes,cygwin* | yes,mingw* | yes,pw32*) - library_names_spec='$libname.dll.a' - # DLL is installed to $(libdir)/../bin by postinstall_cmds - postinstall_cmds='base_file=`basename \${file}`~ - dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i;echo \$dlname'\''`~ - dldir=$destdir/`dirname \$dlpath`~ - test -d \$dldir || mkdir -p \$dldir~ - $install_prog $dir/$dlname \$dldir/$dlname~ - chmod a+x \$dldir/$dlname' - postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ - dlpath=$dir/\$dldll~ - $rm \$dlpath' - shlibpath_overrides_runpath=yes - - case $host_os in - cygwin*) - # Cygwin DLLs use 'cyg' prefix rather than 'lib' - soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib" - ;; - mingw*) - # MinGW DLLs use traditional 'lib' prefix - soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"` - if echo "$sys_lib_search_path_spec" | grep ';[c-zC-Z]:/' >/dev/null; then - # It is most probably a Windows format PATH printed by - # mingw gcc, but we are running on Cygwin. Gcc prints its search - # path with ; separators, and with drive letters. We can handle the - # drive letters (cygwin fileutils understands them), so leave them, - # especially as we might pass files found there to a mingw objdump, - # which wouldn't understand a cygwinified path. Ahh. - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi - ;; - pw32*) - # pw32 DLLs use 'pw' prefix rather than 'lib' - library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - ;; - esac - ;; - - *) - library_names_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext} $libname.lib' - ;; - esac - dynamic_linker='Win32 ld.exe' - # FIXME: first we should search . and the directory the executable is in - shlibpath_var=PATH - ;; - -darwin* | rhapsody*) - dynamic_linker="$host_os dyld" - version_type=darwin - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext ${libname}${release}${versuffix}$shared_ext' - soname_spec='${libname}${release}${major}$shared_ext' - shlibpath_overrides_runpath=yes - shlibpath_var=DYLD_LIBRARY_PATH - shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`' - # Apple's gcc prints 'gcc -print-search-dirs' doesn't operate the same. - if test "$GCC" = yes; then - sys_lib_search_path_spec=`$CC -print-search-dirs | tr "\n" "$PATH_SEPARATOR" | sed -e 's/libraries:/@libraries:/' | tr "@" "\n" | grep "^libraries:" | sed -e "s/^libraries://" -e "s,=/,/,g" -e "s,$PATH_SEPARATOR, ,g" -e "s,.*,& /lib /usr/lib /usr/local/lib,g"` - else - sys_lib_search_path_spec='/lib /usr/lib /usr/local/lib' - fi - sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib' - ;; - -dgux*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -freebsd1*) - dynamic_linker=no - ;; - -kfreebsd*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='GNU ld.so' - ;; - -freebsd* | dragonfly*) - # DragonFly does not have aout. When/if they implement a new - # versioning mechanism, adjust this. - if test -x /usr/bin/objformat; then - objformat=`/usr/bin/objformat` - else - case $host_os in - freebsd[123]*) objformat=aout ;; - *) objformat=elf ;; - esac - fi - version_type=freebsd-$objformat - case $version_type in - freebsd-elf*) - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - need_version=no - need_lib_prefix=no - ;; - freebsd-*) - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix' - need_version=yes - ;; - esac - shlibpath_var=LD_LIBRARY_PATH - case $host_os in - freebsd2*) - shlibpath_overrides_runpath=yes - ;; - freebsd3.[01]* | freebsdelf3.[01]*) - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - freebsd3.[2-9]* | freebsdelf3.[2-9]* | \ - freebsd4.[0-5] | freebsdelf4.[0-5] | freebsd4.1.1 | freebsdelf4.1.1) - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - freebsd*) # from 4.6 on - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - esac - ;; - -gnu*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - ;; - -hpux9* | hpux10* | hpux11*) - # Give a soname corresponding to the major version so that dld.sl refuses to - # link against other versions. - version_type=sunos - need_lib_prefix=no - need_version=no - case $host_cpu in - ia64*) - shrext_cmds='.so' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.so" - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - if test "X$HPUX_IA64_MODE" = X32; then - sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib" - else - sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64" - fi - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - hppa*64*) - shrext_cmds='.sl' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.sl" - shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64" - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - *) - shrext_cmds='.sl' - dynamic_linker="$host_os dld.sl" - shlibpath_var=SHLIB_PATH - shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - ;; - esac - # HP-UX runs *really* slowly unless shared libraries are mode 555. - postinstall_cmds='chmod 555 $lib' - ;; - -interix3*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - -irix5* | irix6* | nonstopux*) - case $host_os in - nonstopux*) version_type=nonstopux ;; - *) - if test "$lt_cv_prog_gnu_ld" = yes; then - version_type=linux - else - version_type=irix - fi ;; - esac - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}' - case $host_os in - irix5* | nonstopux*) - libsuff= shlibsuff= - ;; - *) - case $LD in # libtool.m4 will add one of these switches to LD - *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ") - libsuff= shlibsuff= libmagic=32-bit;; - *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ") - libsuff=32 shlibsuff=N32 libmagic=N32;; - *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ") - libsuff=64 shlibsuff=64 libmagic=64-bit;; - *) libsuff= shlibsuff= libmagic=never-match;; - esac - ;; - esac - shlibpath_var=LD_LIBRARY${shlibsuff}_PATH - shlibpath_overrides_runpath=no - sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}" - sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}" - hardcode_into_libs=yes - ;; - -# No shared lib support for Linux oldld, aout, or coff. -linux*oldld* | linux*aout* | linux*coff*) - dynamic_linker=no - ;; - -# This must be Linux ELF. -linux*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - # This implies no fast_install, which is unacceptable. - # Some rework will be needed to allow for fast_install - # before this can be enabled. - hardcode_into_libs=yes - - # Append ld.so.conf contents to the search path - if test -f /etc/ld.so.conf; then - lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '` - sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" - fi - - # We used to test for /lib/ld.so.1 and disable shared libraries on - # powerpc, because MkLinux only supported shared libraries with the - # GNU dynamic linker. Since this was broken with cross compilers, - # most powerpc-linux boxes support dynamic linking these days and - # people can always --disable-shared, the test was removed, and we - # assume the GNU/Linux dynamic linker is in use. - dynamic_linker='GNU/Linux ld.so' - ;; - -knetbsd*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='GNU ld.so' - ;; - -netbsd*) - version_type=sunos - need_lib_prefix=no - need_version=no - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - dynamic_linker='NetBSD (a.out) ld.so' - else - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='NetBSD ld.elf_so' - fi - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - -newsos6) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -nto-qnx*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -openbsd*) - version_type=sunos - sys_lib_dlsearch_path_spec="/usr/lib" - need_lib_prefix=no - # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs. - case $host_os in - openbsd3.3 | openbsd3.3.*) need_version=yes ;; - *) need_version=no ;; - esac - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - shlibpath_var=LD_LIBRARY_PATH - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - case $host_os in - openbsd2.[89] | openbsd2.[89].*) - shlibpath_overrides_runpath=no - ;; - *) - shlibpath_overrides_runpath=yes - ;; - esac - else - shlibpath_overrides_runpath=yes - fi - ;; - -os2*) - libname_spec='$name' - shrext_cmds=".dll" - need_lib_prefix=no - library_names_spec='$libname${shared_ext} $libname.a' - dynamic_linker='OS/2 ld.exe' - shlibpath_var=LIBPATH - ;; - -osf3* | osf4* | osf5*) - version_type=osf - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib" - sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec" - ;; - -solaris*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - # ldd complains unless libraries are executable - postinstall_cmds='chmod +x $lib' - ;; - -sunos4*) - version_type=sunos - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - if test "$with_gnu_ld" = yes; then - need_lib_prefix=no - fi - need_version=yes - ;; - -sysv4 | sysv4.3*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - case $host_vendor in - sni) - shlibpath_overrides_runpath=no - need_lib_prefix=no - export_dynamic_flag_spec='${wl}-Blargedynsym' - runpath_var=LD_RUN_PATH - ;; - siemens) - need_lib_prefix=no - ;; - motorola) - need_lib_prefix=no - need_version=no - shlibpath_overrides_runpath=no - sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib' - ;; - esac - ;; - -sysv4*MP*) - if test -d /usr/nec ;then - version_type=linux - library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}' - soname_spec='$libname${shared_ext}.$major' - shlibpath_var=LD_LIBRARY_PATH - fi - ;; - -sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) - version_type=freebsd-elf - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - if test "$with_gnu_ld" = yes; then - sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib' - shlibpath_overrides_runpath=no - else - sys_lib_search_path_spec='/usr/ccs/lib /usr/lib' - shlibpath_overrides_runpath=yes - case $host_os in - sco3.2v5*) - sys_lib_search_path_spec="$sys_lib_search_path_spec /lib" - ;; - esac - fi - sys_lib_dlsearch_path_spec='/usr/lib' - ;; - -uts4*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -*) - dynamic_linker=no - ;; -esac -{ echo "$as_me:$LINENO: result: $dynamic_linker" >&5 -echo "${ECHO_T}$dynamic_linker" >&6; } -test "$dynamic_linker" = no && can_build_shared=no - -variables_saved_for_relink="PATH $shlibpath_var $runpath_var" -if test "$GCC" = yes; then - variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" -fi - -{ echo "$as_me:$LINENO: checking how to hardcode library paths into programs" >&5 -echo $ECHO_N "checking how to hardcode library paths into programs... $ECHO_C" >&6; } -hardcode_action_F77= -if test -n "$hardcode_libdir_flag_spec_F77" || \ - test -n "$runpath_var_F77" || \ - test "X$hardcode_automatic_F77" = "Xyes" ; then - - # We can hardcode non-existant directories. - if test "$hardcode_direct_F77" != no && - # If the only mechanism to avoid hardcoding is shlibpath_var, we - # have to relink, otherwise we might link with an installed library - # when we should be linking with a yet-to-be-installed one - ## test "$_LT_AC_TAGVAR(hardcode_shlibpath_var, F77)" != no && - test "$hardcode_minus_L_F77" != no; then - # Linking always hardcodes the temporary library directory. - hardcode_action_F77=relink - else - # We can link without hardcoding, and we can hardcode nonexisting dirs. - hardcode_action_F77=immediate - fi -else - # We cannot hardcode anything, or else we can only hardcode existing - # directories. - hardcode_action_F77=unsupported -fi -{ echo "$as_me:$LINENO: result: $hardcode_action_F77" >&5 -echo "${ECHO_T}$hardcode_action_F77" >&6; } - -if test "$hardcode_action_F77" = relink; then - # Fast installation is not supported - enable_fast_install=no -elif test "$shlibpath_overrides_runpath" = yes || - test "$enable_shared" = no; then - # Fast installation is not necessary - enable_fast_install=needless -fi - - -# The else clause should only fire when bootstrapping the -# libtool distribution, otherwise you forgot to ship ltmain.sh -# with your package, and you will get complaints that there are -# no rules to generate ltmain.sh. -if test -f "$ltmain"; then - # See if we are running on zsh, and set the options which allow our commands through - # without removal of \ escapes. - if test -n "${ZSH_VERSION+set}" ; then - setopt NO_GLOB_SUBST - fi - # Now quote all the things that may contain metacharacters while being - # careful not to overquote the AC_SUBSTed values. We take copies of the - # variables and quote the copies for generation of the libtool script. - for var in echo old_CC old_CFLAGS AR AR_FLAGS EGREP RANLIB LN_S LTCC LTCFLAGS NM \ - SED SHELL STRIP \ - libname_spec library_names_spec soname_spec extract_expsyms_cmds \ - old_striplib striplib file_magic_cmd finish_cmds finish_eval \ - deplibs_check_method reload_flag reload_cmds need_locks \ - lt_cv_sys_global_symbol_pipe lt_cv_sys_global_symbol_to_cdecl \ - lt_cv_sys_global_symbol_to_c_name_address \ - sys_lib_search_path_spec sys_lib_dlsearch_path_spec \ - old_postinstall_cmds old_postuninstall_cmds \ - compiler_F77 \ - CC_F77 \ - LD_F77 \ - lt_prog_compiler_wl_F77 \ - lt_prog_compiler_pic_F77 \ - lt_prog_compiler_static_F77 \ - lt_prog_compiler_no_builtin_flag_F77 \ - export_dynamic_flag_spec_F77 \ - thread_safe_flag_spec_F77 \ - whole_archive_flag_spec_F77 \ - enable_shared_with_static_runtimes_F77 \ - old_archive_cmds_F77 \ - old_archive_from_new_cmds_F77 \ - predep_objects_F77 \ - postdep_objects_F77 \ - predeps_F77 \ - postdeps_F77 \ - compiler_lib_search_path_F77 \ - archive_cmds_F77 \ - archive_expsym_cmds_F77 \ - postinstall_cmds_F77 \ - postuninstall_cmds_F77 \ - old_archive_from_expsyms_cmds_F77 \ - allow_undefined_flag_F77 \ - no_undefined_flag_F77 \ - export_symbols_cmds_F77 \ - hardcode_libdir_flag_spec_F77 \ - hardcode_libdir_flag_spec_ld_F77 \ - hardcode_libdir_separator_F77 \ - hardcode_automatic_F77 \ - module_cmds_F77 \ - module_expsym_cmds_F77 \ - lt_cv_prog_compiler_c_o_F77 \ - exclude_expsyms_F77 \ - include_expsyms_F77; do - - case $var in - old_archive_cmds_F77 | \ - old_archive_from_new_cmds_F77 | \ - archive_cmds_F77 | \ - archive_expsym_cmds_F77 | \ - module_cmds_F77 | \ - module_expsym_cmds_F77 | \ - old_archive_from_expsyms_cmds_F77 | \ - export_symbols_cmds_F77 | \ - extract_expsyms_cmds | reload_cmds | finish_cmds | \ - postinstall_cmds | postuninstall_cmds | \ - old_postinstall_cmds | old_postuninstall_cmds | \ - sys_lib_search_path_spec | sys_lib_dlsearch_path_spec) - # Double-quote double-evaled strings. - eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$double_quote_subst\" -e \"\$sed_quote_subst\" -e \"\$delay_variable_subst\"\`\\\"" - ;; - *) - eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$sed_quote_subst\"\`\\\"" - ;; - esac - done - - case $lt_echo in - *'\$0 --fallback-echo"') - lt_echo=`$echo "X$lt_echo" | $Xsed -e 's/\\\\\\\$0 --fallback-echo"$/$0 --fallback-echo"/'` - ;; - esac - -cfgfile="$ofile" - - cat <<__EOF__ >> "$cfgfile" -# ### BEGIN LIBTOOL TAG CONFIG: $tagname - -# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: - -# Shell to use when invoking shell scripts. -SHELL=$lt_SHELL - -# Whether or not to build shared libraries. -build_libtool_libs=$enable_shared - -# Whether or not to build static libraries. -build_old_libs=$enable_static - -# Whether or not to add -lc for building shared libraries. -build_libtool_need_lc=$archive_cmds_need_lc_F77 - -# Whether or not to disallow shared libs when runtime libs are static -allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes_F77 - -# Whether or not to optimize for fast installation. -fast_install=$enable_fast_install - -# The host system. -host_alias=$host_alias -host=$host -host_os=$host_os - -# The build system. -build_alias=$build_alias -build=$build -build_os=$build_os - -# An echo program that does not interpret backslashes. -echo=$lt_echo - -# The archiver. -AR=$lt_AR -AR_FLAGS=$lt_AR_FLAGS - -# A C compiler. -LTCC=$lt_LTCC - -# LTCC compiler flags. -LTCFLAGS=$lt_LTCFLAGS - -# A language-specific compiler. -CC=$lt_compiler_F77 - -# Is the compiler the GNU C compiler? -with_gcc=$GCC_F77 - -# An ERE matcher. -EGREP=$lt_EGREP - -# The linker used to build libraries. -LD=$lt_LD_F77 - -# Whether we need hard or soft links. -LN_S=$lt_LN_S - -# A BSD-compatible nm program. -NM=$lt_NM - -# A symbol stripping program -STRIP=$lt_STRIP - -# Used to examine libraries when file_magic_cmd begins "file" -MAGIC_CMD=$MAGIC_CMD - -# Used on cygwin: DLL creation program. -DLLTOOL="$DLLTOOL" - -# Used on cygwin: object dumper. -OBJDUMP="$OBJDUMP" - -# Used on cygwin: assembler. -AS="$AS" - -# The name of the directory that contains temporary libtool files. -objdir=$objdir - -# How to create reloadable object files. -reload_flag=$lt_reload_flag -reload_cmds=$lt_reload_cmds - -# How to pass a linker flag through the compiler. -wl=$lt_lt_prog_compiler_wl_F77 - -# Object file suffix (normally "o"). -objext="$ac_objext" - -# Old archive suffix (normally "a"). -libext="$libext" - -# Shared library suffix (normally ".so"). -shrext_cmds='$shrext_cmds' - -# Executable file suffix (normally ""). -exeext="$exeext" - -# Additional compiler flags for building library objects. -pic_flag=$lt_lt_prog_compiler_pic_F77 -pic_mode=$pic_mode - -# What is the maximum length of a command? -max_cmd_len=$lt_cv_sys_max_cmd_len - -# Does compiler simultaneously support -c and -o options? -compiler_c_o=$lt_lt_cv_prog_compiler_c_o_F77 - -# Must we lock files when doing compilation? -need_locks=$lt_need_locks - -# Do we need the lib prefix for modules? -need_lib_prefix=$need_lib_prefix - -# Do we need a version for libraries? -need_version=$need_version - -# Whether dlopen is supported. -dlopen_support=$enable_dlopen - -# Whether dlopen of programs is supported. -dlopen_self=$enable_dlopen_self - -# Whether dlopen of statically linked programs is supported. -dlopen_self_static=$enable_dlopen_self_static - -# Compiler flag to prevent dynamic linking. -link_static_flag=$lt_lt_prog_compiler_static_F77 - -# Compiler flag to turn off builtin functions. -no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag_F77 - -# Compiler flag to allow reflexive dlopens. -export_dynamic_flag_spec=$lt_export_dynamic_flag_spec_F77 - -# Compiler flag to generate shared objects directly from archives. -whole_archive_flag_spec=$lt_whole_archive_flag_spec_F77 - -# Compiler flag to generate thread-safe objects. -thread_safe_flag_spec=$lt_thread_safe_flag_spec_F77 - -# Library versioning type. -version_type=$version_type - -# Format of library name prefix. -libname_spec=$lt_libname_spec - -# List of archive names. First name is the real one, the rest are links. -# The last name is the one that the linker finds with -lNAME. -library_names_spec=$lt_library_names_spec - -# The coded name of the library, if different from the real name. -soname_spec=$lt_soname_spec - -# Commands used to build and install an old-style archive. -RANLIB=$lt_RANLIB -old_archive_cmds=$lt_old_archive_cmds_F77 -old_postinstall_cmds=$lt_old_postinstall_cmds -old_postuninstall_cmds=$lt_old_postuninstall_cmds - -# Create an old-style archive from a shared archive. -old_archive_from_new_cmds=$lt_old_archive_from_new_cmds_F77 - -# Create a temporary old-style archive to link instead of a shared archive. -old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds_F77 - -# Commands used to build and install a shared archive. -archive_cmds=$lt_archive_cmds_F77 -archive_expsym_cmds=$lt_archive_expsym_cmds_F77 -postinstall_cmds=$lt_postinstall_cmds -postuninstall_cmds=$lt_postuninstall_cmds - -# Commands used to build a loadable module (assumed same as above if empty) -module_cmds=$lt_module_cmds_F77 -module_expsym_cmds=$lt_module_expsym_cmds_F77 - -# Commands to strip libraries. -old_striplib=$lt_old_striplib -striplib=$lt_striplib - -# Dependencies to place before the objects being linked to create a -# shared library. -predep_objects=$lt_predep_objects_F77 - -# Dependencies to place after the objects being linked to create a -# shared library. -postdep_objects=$lt_postdep_objects_F77 - -# Dependencies to place before the objects being linked to create a -# shared library. -predeps=$lt_predeps_F77 - -# Dependencies to place after the objects being linked to create a -# shared library. -postdeps=$lt_postdeps_F77 - -# The library search path used internally by the compiler when linking -# a shared library. -compiler_lib_search_path=$lt_compiler_lib_search_path_F77 - -# Method to check whether dependent libraries are shared objects. -deplibs_check_method=$lt_deplibs_check_method - -# Command to use when deplibs_check_method == file_magic. -file_magic_cmd=$lt_file_magic_cmd - -# Flag that allows shared libraries with undefined symbols to be built. -allow_undefined_flag=$lt_allow_undefined_flag_F77 - -# Flag that forces no undefined symbols. -no_undefined_flag=$lt_no_undefined_flag_F77 - -# Commands used to finish a libtool library installation in a directory. -finish_cmds=$lt_finish_cmds - -# Same as above, but a single script fragment to be evaled but not shown. -finish_eval=$lt_finish_eval - -# Take the output of nm and produce a listing of raw symbols and C names. -global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe - -# Transform the output of nm in a proper C declaration -global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl - -# Transform the output of nm in a C name address pair -global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address - -# This is the shared library runtime path variable. -runpath_var=$runpath_var - -# This is the shared library path variable. -shlibpath_var=$shlibpath_var - -# Is shlibpath searched before the hard-coded library search path? -shlibpath_overrides_runpath=$shlibpath_overrides_runpath - -# How to hardcode a shared library path into an executable. -hardcode_action=$hardcode_action_F77 - -# Whether we should hardcode library paths into libraries. -hardcode_into_libs=$hardcode_into_libs - -# Flag to hardcode \$libdir into a binary during linking. -# This must work even if \$libdir does not exist. -hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec_F77 - -# If ld is used when linking, flag to hardcode \$libdir into -# a binary during linking. This must work even if \$libdir does -# not exist. -hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld_F77 - -# Whether we need a single -rpath flag with a separated argument. -hardcode_libdir_separator=$lt_hardcode_libdir_separator_F77 - -# Set to yes if using DIR/libNAME${shared_ext} during linking hardcodes DIR into the -# resulting binary. -hardcode_direct=$hardcode_direct_F77 - -# Set to yes if using the -LDIR flag during linking hardcodes DIR into the -# resulting binary. -hardcode_minus_L=$hardcode_minus_L_F77 - -# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into -# the resulting binary. -hardcode_shlibpath_var=$hardcode_shlibpath_var_F77 - -# Set to yes if building a shared library automatically hardcodes DIR into the library -# and all subsequent libraries and executables linked against it. -hardcode_automatic=$hardcode_automatic_F77 - -# Variables whose values should be saved in libtool wrapper scripts and -# restored at relink time. -variables_saved_for_relink="$variables_saved_for_relink" - -# Whether libtool must link a program against all its dependency libraries. -link_all_deplibs=$link_all_deplibs_F77 - -# Compile-time system search path for libraries -sys_lib_search_path_spec=$lt_sys_lib_search_path_spec - -# Run-time system search path for libraries -sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec - -# Fix the shell variable \$srcfile for the compiler. -fix_srcfile_path="$fix_srcfile_path_F77" - -# Set to yes if exported symbols are required. -always_export_symbols=$always_export_symbols_F77 - -# The commands to list exported symbols. -export_symbols_cmds=$lt_export_symbols_cmds_F77 - -# The commands to extract the exported symbol list from a shared archive. -extract_expsyms_cmds=$lt_extract_expsyms_cmds - -# Symbols that should not be listed in the preloaded symbols. -exclude_expsyms=$lt_exclude_expsyms_F77 - -# Symbols that must always be exported. -include_expsyms=$lt_include_expsyms_F77 - -# ### END LIBTOOL TAG CONFIG: $tagname - -__EOF__ - - -else - # If there is no Makefile yet, we rely on a make rule to execute - # `config.status --recheck' to rerun these tests and create the - # libtool script then. - ltmain_in=`echo $ltmain | sed -e 's/\.sh$/.in/'` - if test -f "$ltmain_in"; then - test -f Makefile && make "$ltmain" - fi -fi - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -CC="$lt_save_CC" - - else - tagname="" - fi - ;; - - GCJ) - if test -n "$GCJ" && test "X$GCJ" != "Xno"; then - - -# Source file extension for Java test sources. -ac_ext=java - -# Object file extension for compiled Java test sources. -objext=o -objext_GCJ=$objext - -# Code to be used in simple compile tests -lt_simple_compile_test_code="class foo {}\n" - -# Code to be used in simple link tests -lt_simple_link_test_code='public class conftest { public static void main(String[] argv) {}; }\n' - -# ltmain only uses $CC for tagged configurations so make sure $CC is set. - -# If no C compiler was specified, use CC. -LTCC=${LTCC-"$CC"} - -# If no C compiler flags were specified, use CFLAGS. -LTCFLAGS=${LTCFLAGS-"$CFLAGS"} - -# Allow CC to be a program name with arguments. -compiler=$CC - - -# save warnings/boilerplate of simple test code -ac_outfile=conftest.$ac_objext -printf "$lt_simple_compile_test_code" >conftest.$ac_ext -eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_compiler_boilerplate=`cat conftest.err` -$rm conftest* - -ac_outfile=conftest.$ac_objext -printf "$lt_simple_link_test_code" >conftest.$ac_ext -eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_linker_boilerplate=`cat conftest.err` -$rm conftest* - - -# Allow CC to be a program name with arguments. -lt_save_CC="$CC" -CC=${GCJ-"gcj"} -compiler=$CC -compiler_GCJ=$CC -for cc_temp in $compiler""; do - case $cc_temp in - compile | *[\\/]compile | ccache | *[\\/]ccache ) ;; - distcc | *[\\/]distcc | purify | *[\\/]purify ) ;; - \-*) ;; - *) break;; - esac -done -cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` - - -# GCJ did not exist at the time GCC didn't implicitly link libc in. -archive_cmds_need_lc_GCJ=no - -old_archive_cmds_GCJ=$old_archive_cmds - - -lt_prog_compiler_no_builtin_flag_GCJ= - -if test "$GCC" = yes; then - lt_prog_compiler_no_builtin_flag_GCJ=' -fno-builtin' - - -{ echo "$as_me:$LINENO: checking if $compiler supports -fno-rtti -fno-exceptions" >&5 -echo $ECHO_N "checking if $compiler supports -fno-rtti -fno-exceptions... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_rtti_exceptions+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_cv_prog_compiler_rtti_exceptions=no - ac_outfile=conftest.$ac_objext - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - lt_compiler_flag="-fno-rtti -fno-exceptions" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - # The option is referenced via a variable to avoid confusing sed. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:17164: $lt_compile\"" >&5) - (eval "$lt_compile" 2>conftest.err) - ac_status=$? - cat conftest.err >&5 - echo "$as_me:17168: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s "$ac_outfile"; then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings other than the usual output. - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then - lt_cv_prog_compiler_rtti_exceptions=yes - fi - fi - $rm conftest* - -fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_rtti_exceptions" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_rtti_exceptions" >&6; } - -if test x"$lt_cv_prog_compiler_rtti_exceptions" = xyes; then - lt_prog_compiler_no_builtin_flag_GCJ="$lt_prog_compiler_no_builtin_flag_GCJ -fno-rtti -fno-exceptions" -else - : -fi - -fi - -lt_prog_compiler_wl_GCJ= -lt_prog_compiler_pic_GCJ= -lt_prog_compiler_static_GCJ= - -{ echo "$as_me:$LINENO: checking for $compiler option to produce PIC" >&5 -echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } - - if test "$GCC" = yes; then - lt_prog_compiler_wl_GCJ='-Wl,' - lt_prog_compiler_static_GCJ='-static' - - case $host_os in - aix*) - # All AIX code is PIC. - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - lt_prog_compiler_static_GCJ='-Bstatic' - fi - ;; - - amigaos*) - # FIXME: we need at least 68020 code to build shared libraries, but - # adding the `-m68020' flag to GCC prevents building anything better, - # like `-m68040'. - lt_prog_compiler_pic_GCJ='-m68020 -resident32 -malways-restore-a4' - ;; - - beos* | cygwin* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) - # PIC is the default for these OSes. - ;; - - mingw* | pw32* | os2*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - lt_prog_compiler_pic_GCJ='-DDLL_EXPORT' - ;; - - darwin* | rhapsody*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - lt_prog_compiler_pic_GCJ='-fno-common' - ;; - - interix3*) - # Interix 3.x gcc -fpic/-fPIC options generate broken code. - # Instead, we relocate shared libraries at runtime. - ;; - - msdosdjgpp*) - # Just because we use GCC doesn't mean we suddenly get shared libraries - # on systems that don't support them. - lt_prog_compiler_can_build_shared_GCJ=no - enable_shared=no - ;; - - sysv4*MP*) - if test -d /usr/nec; then - lt_prog_compiler_pic_GCJ=-Kconform_pic - fi - ;; - - hpux*) - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - lt_prog_compiler_pic_GCJ='-fPIC' - ;; - esac - ;; - - *) - lt_prog_compiler_pic_GCJ='-fPIC' - ;; - esac - else - # PORTME Check for flag to pass linker flags through the system compiler. - case $host_os in - aix*) - lt_prog_compiler_wl_GCJ='-Wl,' - if test "$host_cpu" = ia64; then - # AIX 5 now supports IA64 processor - lt_prog_compiler_static_GCJ='-Bstatic' - else - lt_prog_compiler_static_GCJ='-bnso -bI:/lib/syscalls.exp' - fi - ;; - darwin*) - # PIC is the default on this platform - # Common symbols not allowed in MH_DYLIB files - case $cc_basename in - xlc*) - lt_prog_compiler_pic_GCJ='-qnocommon' - lt_prog_compiler_wl_GCJ='-Wl,' - ;; - esac - ;; - - mingw* | pw32* | os2*) - # This hack is so that the source file can tell whether it is being - # built for inclusion in a dll (and should export symbols for example). - lt_prog_compiler_pic_GCJ='-DDLL_EXPORT' - ;; - - hpux9* | hpux10* | hpux11*) - lt_prog_compiler_wl_GCJ='-Wl,' - # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but - # not for PA HP-UX. - case $host_cpu in - hppa*64*|ia64*) - # +Z the default - ;; - *) - lt_prog_compiler_pic_GCJ='+Z' - ;; - esac - # Is there a better lt_prog_compiler_static that works with the bundled CC? - lt_prog_compiler_static_GCJ='${wl}-a ${wl}archive' - ;; - - irix5* | irix6* | nonstopux*) - lt_prog_compiler_wl_GCJ='-Wl,' - # PIC (with -KPIC) is the default. - lt_prog_compiler_static_GCJ='-non_shared' - ;; - - newsos6) - lt_prog_compiler_pic_GCJ='-KPIC' - lt_prog_compiler_static_GCJ='-Bstatic' - ;; - - linux*) - case $cc_basename in - icc* | ecc*) - lt_prog_compiler_wl_GCJ='-Wl,' - lt_prog_compiler_pic_GCJ='-KPIC' - lt_prog_compiler_static_GCJ='-static' - ;; - pgcc* | pgf77* | pgf90* | pgf95*) - # Portland Group compilers (*not* the Pentium gcc compiler, - # which looks to be a dead project) - lt_prog_compiler_wl_GCJ='-Wl,' - lt_prog_compiler_pic_GCJ='-fpic' - lt_prog_compiler_static_GCJ='-Bstatic' - ;; - ccc*) - lt_prog_compiler_wl_GCJ='-Wl,' - # All Alpha code is PIC. - lt_prog_compiler_static_GCJ='-non_shared' - ;; - esac - ;; - - osf3* | osf4* | osf5*) - lt_prog_compiler_wl_GCJ='-Wl,' - # All OSF/1 code is PIC. - lt_prog_compiler_static_GCJ='-non_shared' - ;; - - solaris*) - lt_prog_compiler_pic_GCJ='-KPIC' - lt_prog_compiler_static_GCJ='-Bstatic' - case $cc_basename in - f77* | f90* | f95*) - lt_prog_compiler_wl_GCJ='-Qoption ld ';; - *) - lt_prog_compiler_wl_GCJ='-Wl,';; - esac - ;; - - sunos4*) - lt_prog_compiler_wl_GCJ='-Qoption ld ' - lt_prog_compiler_pic_GCJ='-PIC' - lt_prog_compiler_static_GCJ='-Bstatic' - ;; - - sysv4 | sysv4.2uw2* | sysv4.3*) - lt_prog_compiler_wl_GCJ='-Wl,' - lt_prog_compiler_pic_GCJ='-KPIC' - lt_prog_compiler_static_GCJ='-Bstatic' - ;; - - sysv4*MP*) - if test -d /usr/nec ;then - lt_prog_compiler_pic_GCJ='-Kconform_pic' - lt_prog_compiler_static_GCJ='-Bstatic' - fi - ;; - - sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) - lt_prog_compiler_wl_GCJ='-Wl,' - lt_prog_compiler_pic_GCJ='-KPIC' - lt_prog_compiler_static_GCJ='-Bstatic' - ;; - - unicos*) - lt_prog_compiler_wl_GCJ='-Wl,' - lt_prog_compiler_can_build_shared_GCJ=no - ;; - - uts4*) - lt_prog_compiler_pic_GCJ='-pic' - lt_prog_compiler_static_GCJ='-Bstatic' - ;; - - *) - lt_prog_compiler_can_build_shared_GCJ=no - ;; - esac - fi - -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_GCJ" >&5 -echo "${ECHO_T}$lt_prog_compiler_pic_GCJ" >&6; } - -# -# Check to make sure the PIC flag actually works. -# -if test -n "$lt_prog_compiler_pic_GCJ"; then - -{ echo "$as_me:$LINENO: checking if $compiler PIC flag $lt_prog_compiler_pic_GCJ works" >&5 -echo $ECHO_N "checking if $compiler PIC flag $lt_prog_compiler_pic_GCJ works... $ECHO_C" >&6; } -if test "${lt_prog_compiler_pic_works_GCJ+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_prog_compiler_pic_works_GCJ=no - ac_outfile=conftest.$ac_objext - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - lt_compiler_flag="$lt_prog_compiler_pic_GCJ" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - # The option is referenced via a variable to avoid confusing sed. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:17432: $lt_compile\"" >&5) - (eval "$lt_compile" 2>conftest.err) - ac_status=$? - cat conftest.err >&5 - echo "$as_me:17436: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s "$ac_outfile"; then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings other than the usual output. - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then - lt_prog_compiler_pic_works_GCJ=yes - fi - fi - $rm conftest* - -fi -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_works_GCJ" >&5 -echo "${ECHO_T}$lt_prog_compiler_pic_works_GCJ" >&6; } - -if test x"$lt_prog_compiler_pic_works_GCJ" = xyes; then - case $lt_prog_compiler_pic_GCJ in - "" | " "*) ;; - *) lt_prog_compiler_pic_GCJ=" $lt_prog_compiler_pic_GCJ" ;; - esac -else - lt_prog_compiler_pic_GCJ= - lt_prog_compiler_can_build_shared_GCJ=no -fi - -fi -case $host_os in - # For platforms which do not support PIC, -DPIC is meaningless: - *djgpp*) - lt_prog_compiler_pic_GCJ= - ;; - *) - lt_prog_compiler_pic_GCJ="$lt_prog_compiler_pic_GCJ" - ;; -esac - -# -# Check to make sure the static flag actually works. -# -wl=$lt_prog_compiler_wl_GCJ eval lt_tmp_static_flag=\"$lt_prog_compiler_static_GCJ\" -{ echo "$as_me:$LINENO: checking if $compiler static flag $lt_tmp_static_flag works" >&5 -echo $ECHO_N "checking if $compiler static flag $lt_tmp_static_flag works... $ECHO_C" >&6; } -if test "${lt_prog_compiler_static_works_GCJ+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_prog_compiler_static_works_GCJ=no - save_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS $lt_tmp_static_flag" - printf "$lt_simple_link_test_code" > conftest.$ac_ext - if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then - # The linker can only warn and ignore the option if not recognized - # So say no if there are warnings - if test -s conftest.err; then - # Append any errors to the config.log. - cat conftest.err 1>&5 - $echo "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp - $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 - if diff conftest.exp conftest.er2 >/dev/null; then - lt_prog_compiler_static_works_GCJ=yes - fi - else - lt_prog_compiler_static_works_GCJ=yes - fi - fi - $rm conftest* - LDFLAGS="$save_LDFLAGS" - -fi -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_static_works_GCJ" >&5 -echo "${ECHO_T}$lt_prog_compiler_static_works_GCJ" >&6; } - -if test x"$lt_prog_compiler_static_works_GCJ" = xyes; then - : -else - lt_prog_compiler_static_GCJ= -fi - - -{ echo "$as_me:$LINENO: checking if $compiler supports -c -o file.$ac_objext" >&5 -echo $ECHO_N "checking if $compiler supports -c -o file.$ac_objext... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_c_o_GCJ+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_cv_prog_compiler_c_o_GCJ=no - $rm -r conftest 2>/dev/null - mkdir conftest - cd conftest - mkdir out - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - - lt_compiler_flag="-o out/conftest2.$ac_objext" - # Insert the option either (1) after the last *FLAGS variable, or - # (2) before a word containing "conftest.", or (3) at the end. - # Note that $ac_compile itself does not contain backslashes and begins - # with a dollar sign (not a hyphen), so the echo should work correctly. - lt_compile=`echo "$ac_compile" | $SED \ - -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ - -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ - -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:17536: $lt_compile\"" >&5) - (eval "$lt_compile" 2>out/conftest.err) - ac_status=$? - cat out/conftest.err >&5 - echo "$as_me:17540: \$? = $ac_status" >&5 - if (exit $ac_status) && test -s out/conftest2.$ac_objext - then - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings - $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp - $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2 - if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then - lt_cv_prog_compiler_c_o_GCJ=yes - fi - fi - chmod u+w . 2>&5 - $rm conftest* - # SGI C++ compiler will create directory out/ii_files/ for - # template instantiation - test -d out/ii_files && $rm out/ii_files/* && rmdir out/ii_files - $rm out/* && rmdir out - cd .. - rmdir conftest - $rm conftest* - -fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_c_o_GCJ" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_c_o_GCJ" >&6; } - - -hard_links="nottested" -if test "$lt_cv_prog_compiler_c_o_GCJ" = no && test "$need_locks" != no; then - # do not overwrite the value of need_locks provided by the user - { echo "$as_me:$LINENO: checking if we can lock with hard links" >&5 -echo $ECHO_N "checking if we can lock with hard links... $ECHO_C" >&6; } - hard_links=yes - $rm conftest* - ln conftest.a conftest.b 2>/dev/null && hard_links=no - touch conftest.a - ln conftest.a conftest.b 2>&5 || hard_links=no - ln conftest.a conftest.b 2>/dev/null && hard_links=no - { echo "$as_me:$LINENO: result: $hard_links" >&5 -echo "${ECHO_T}$hard_links" >&6; } - if test "$hard_links" = no; then - { echo "$as_me:$LINENO: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5 -echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;} - need_locks=warn - fi -else - need_locks=no -fi - -{ echo "$as_me:$LINENO: checking whether the $compiler linker ($LD) supports shared libraries" >&5 -echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared libraries... $ECHO_C" >&6; } - - runpath_var= - allow_undefined_flag_GCJ= - enable_shared_with_static_runtimes_GCJ=no - archive_cmds_GCJ= - archive_expsym_cmds_GCJ= - old_archive_From_new_cmds_GCJ= - old_archive_from_expsyms_cmds_GCJ= - export_dynamic_flag_spec_GCJ= - whole_archive_flag_spec_GCJ= - thread_safe_flag_spec_GCJ= - hardcode_libdir_flag_spec_GCJ= - hardcode_libdir_flag_spec_ld_GCJ= - hardcode_libdir_separator_GCJ= - hardcode_direct_GCJ=no - hardcode_minus_L_GCJ=no - hardcode_shlibpath_var_GCJ=unsupported - link_all_deplibs_GCJ=unknown - hardcode_automatic_GCJ=no - module_cmds_GCJ= - module_expsym_cmds_GCJ= - always_export_symbols_GCJ=no - export_symbols_cmds_GCJ='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - # include_expsyms should be a list of space-separated symbols to be *always* - # included in the symbol list - include_expsyms_GCJ= - # exclude_expsyms can be an extended regexp of symbols to exclude - # it will be wrapped by ` (' and `)$', so one must not match beginning or - # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc', - # as well as any symbol that contains `d'. - exclude_expsyms_GCJ="_GLOBAL_OFFSET_TABLE_" - # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out - # platforms (ab)use it in PIC code, but their linkers get confused if - # the symbol is explicitly referenced. Since portable code cannot - # rely on this symbol name, it's probably fine to never include it in - # preloaded symbol tables. - extract_expsyms_cmds= - # Just being paranoid about ensuring that cc_basename is set. - for cc_temp in $compiler""; do - case $cc_temp in - compile | *[\\/]compile | ccache | *[\\/]ccache ) ;; - distcc | *[\\/]distcc | purify | *[\\/]purify ) ;; - \-*) ;; - *) break;; - esac -done -cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` - - case $host_os in - cygwin* | mingw* | pw32*) - # FIXME: the MSVC++ port hasn't been tested in a loooong time - # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. - if test "$GCC" != yes; then - with_gnu_ld=no - fi - ;; - interix*) - # we just hope/assume this is gcc and not c89 (= MSVC++) - with_gnu_ld=yes - ;; - openbsd*) - with_gnu_ld=no - ;; - esac - - ld_shlibs_GCJ=yes - if test "$with_gnu_ld" = yes; then - # If archive_cmds runs LD, not CC, wlarc should be empty - wlarc='${wl}' - - # Set some defaults for GNU ld with shared library support. These - # are reset later if shared libraries are not supported. Putting them - # here allows them to be overridden if necessary. - runpath_var=LD_RUN_PATH - hardcode_libdir_flag_spec_GCJ='${wl}--rpath ${wl}$libdir' - export_dynamic_flag_spec_GCJ='${wl}--export-dynamic' - # ancient GNU ld didn't support --whole-archive et. al. - if $LD --help 2>&1 | grep 'no-whole-archive' > /dev/null; then - whole_archive_flag_spec_GCJ="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' - else - whole_archive_flag_spec_GCJ= - fi - supports_anon_versioning=no - case `$LD -v 2>/dev/null` in - *\ [01].* | *\ 2.[0-9].* | *\ 2.10.*) ;; # catch versions < 2.11 - *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ... - *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ... - *\ 2.11.*) ;; # other 2.11 versions - *) supports_anon_versioning=yes ;; - esac - - # See if GNU ld supports shared libraries. - case $host_os in - aix3* | aix4* | aix5*) - # On AIX/PPC, the GNU linker is very broken - if test "$host_cpu" != ia64; then - ld_shlibs_GCJ=no - cat <&2 - -*** Warning: the GNU linker, at least up to release 2.9.1, is reported -*** to be unable to reliably create shared libraries on AIX. -*** Therefore, libtool is disabling shared libraries support. If you -*** really care for shared libraries, you may want to modify your PATH -*** so that a non-GNU linker is found, and then restart. - -EOF - fi - ;; - - amigaos*) - archive_cmds_GCJ='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' - hardcode_libdir_flag_spec_GCJ='-L$libdir' - hardcode_minus_L_GCJ=yes - - # Samuel A. Falvo II reports - # that the semantics of dynamic libraries on AmigaOS, at least up - # to version 4, is to share data among multiple programs linked - # with the same dynamic library. Since this doesn't match the - # behavior of shared libraries on other platforms, we can't use - # them. - ld_shlibs_GCJ=no - ;; - - beos*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - allow_undefined_flag_GCJ=unsupported - # Joseph Beckenbach says some releases of gcc - # support --undefined. This deserves some investigation. FIXME - archive_cmds_GCJ='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - else - ld_shlibs_GCJ=no - fi - ;; - - cygwin* | mingw* | pw32*) - # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, GCJ) is actually meaningless, - # as there is no search path for DLLs. - hardcode_libdir_flag_spec_GCJ='-L$libdir' - allow_undefined_flag_GCJ=unsupported - always_export_symbols_GCJ=no - enable_shared_with_static_runtimes_GCJ=yes - export_symbols_cmds_GCJ='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS] /s/.* \([^ ]*\)/\1 DATA/'\'' | $SED -e '\''/^[AITW] /s/.* //'\'' | sort | uniq > $export_symbols' - - if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then - archive_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - # If the export-symbols file already is a .def file (1st line - # is EXPORTS), use it as is; otherwise, prepend... - archive_expsym_cmds_GCJ='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then - cp $export_symbols $output_objdir/$soname.def; - else - echo EXPORTS > $output_objdir/$soname.def; - cat $export_symbols >> $output_objdir/$soname.def; - fi~ - $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - else - ld_shlibs_GCJ=no - fi - ;; - - interix3*) - hardcode_direct_GCJ=no - hardcode_shlibpath_var_GCJ=no - hardcode_libdir_flag_spec_GCJ='${wl}-rpath,$libdir' - export_dynamic_flag_spec_GCJ='${wl}-E' - # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. - # Instead, shared libraries are loaded at an image base (0x10000000 by - # default) and relocated if they conflict, which is a slow very memory - # consuming and fragmenting process. To avoid this, we pick a random, - # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link - # time. Moving up from 0x10000000 also allows more sbrk(2) space. - archive_cmds_GCJ='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - archive_expsym_cmds_GCJ='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - ;; - - linux*) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - tmp_addflag= - case $cc_basename,$host_cpu in - pgcc*) # Portland Group C compiler - whole_archive_flag_spec_GCJ='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive' - tmp_addflag=' $pic_flag' - ;; - pgf77* | pgf90* | pgf95*) # Portland Group f77 and f90 compilers - whole_archive_flag_spec_GCJ='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}--no-whole-archive' - tmp_addflag=' $pic_flag -Mnomain' ;; - ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64 - tmp_addflag=' -i_dynamic' ;; - efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64 - tmp_addflag=' -i_dynamic -nofor_main' ;; - ifc* | ifort*) # Intel Fortran compiler - tmp_addflag=' -nofor_main' ;; - esac - archive_cmds_GCJ='$CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - - if test $supports_anon_versioning = yes; then - archive_expsym_cmds_GCJ='$echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ - $echo "local: *; };" >> $output_objdir/$libname.ver~ - $CC -shared'"$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' - fi - else - ld_shlibs_GCJ=no - fi - ;; - - netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - archive_cmds_GCJ='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' - wlarc= - else - archive_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - fi - ;; - - solaris*) - if $LD -v 2>&1 | grep 'BFD 2\.8' > /dev/null; then - ld_shlibs_GCJ=no - cat <&2 - -*** Warning: The releases 2.8.* of the GNU linker cannot reliably -*** create shared libraries on Solaris systems. Therefore, libtool -*** is disabling shared libraries support. We urge you to upgrade GNU -*** binutils to release 2.9.1 or newer. Another option is to modify -*** your PATH or compiler configuration so that the native linker is -*** used, and then restart. - -EOF - elif $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - archive_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - else - ld_shlibs_GCJ=no - fi - ;; - - sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*) - case `$LD -v 2>&1` in - *\ [01].* | *\ 2.[0-9].* | *\ 2.1[0-5].*) - ld_shlibs_GCJ=no - cat <<_LT_EOF 1>&2 - -*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not -*** reliably create shared libraries on SCO systems. Therefore, libtool -*** is disabling shared libraries support. We urge you to upgrade GNU -*** binutils to release 2.16.91.0.3 or newer. Another option is to modify -*** your PATH or compiler configuration so that the native linker is -*** used, and then restart. - -_LT_EOF - ;; - *) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - hardcode_libdir_flag_spec_GCJ='`test -z "$SCOABSPATH" && echo ${wl}-rpath,$libdir`' - archive_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib' - archive_expsym_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname,\${SCOABSPATH:+${install_libdir}/}$soname,-retain-symbols-file,$export_symbols -o $lib' - else - ld_shlibs_GCJ=no - fi - ;; - esac - ;; - - sunos4*) - archive_cmds_GCJ='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags' - wlarc= - hardcode_direct_GCJ=yes - hardcode_shlibpath_var_GCJ=no - ;; - - *) - if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then - archive_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' - else - ld_shlibs_GCJ=no - fi - ;; - esac - - if test "$ld_shlibs_GCJ" = no; then - runpath_var= - hardcode_libdir_flag_spec_GCJ= - export_dynamic_flag_spec_GCJ= - whole_archive_flag_spec_GCJ= - fi - else - # PORTME fill in a description of your system's linker (not GNU ld) - case $host_os in - aix3*) - allow_undefined_flag_GCJ=unsupported - always_export_symbols_GCJ=yes - archive_expsym_cmds_GCJ='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname' - # Note: this linker hardcodes the directories in LIBPATH if there - # are no directories specified by -L. - hardcode_minus_L_GCJ=yes - if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then - # Neither direct hardcoding nor static linking is supported with a - # broken collect2. - hardcode_direct_GCJ=unsupported - fi - ;; - - aix4* | aix5*) - if test "$host_cpu" = ia64; then - # On IA64, the linker does run time linking by default, so we don't - # have to do anything special. - aix_use_runtimelinking=no - exp_sym_flag='-Bexport' - no_entry_flag="" - else - # If we're using GNU nm, then we don't want the "-C" option. - # -C means demangle to AIX nm, but means don't demangle with GNU nm - if $NM -V 2>&1 | grep 'GNU' > /dev/null; then - export_symbols_cmds_GCJ='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols' - else - export_symbols_cmds_GCJ='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols' - fi - aix_use_runtimelinking=no - - # Test if we are trying to use run time linking or normal - # AIX style linking. If -brtl is somewhere in LDFLAGS, we - # need to do runtime linking. - case $host_os in aix4.[23]|aix4.[23].*|aix5*) - for ld_flag in $LDFLAGS; do - if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then - aix_use_runtimelinking=yes - break - fi - done - ;; - esac - - exp_sym_flag='-bexport' - no_entry_flag='-bnoentry' - fi - - # When large executables or shared objects are built, AIX ld can - # have problems creating the table of contents. If linking a library - # or program results in "error TOC overflow" add -mminimal-toc to - # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not - # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. - - archive_cmds_GCJ='' - hardcode_direct_GCJ=yes - hardcode_libdir_separator_GCJ=':' - link_all_deplibs_GCJ=yes - - if test "$GCC" = yes; then - case $host_os in aix4.[012]|aix4.[012].*) - # We only want to do this on AIX 4.2 and lower, the check - # below for broken collect2 doesn't work under 4.3+ - collect2name=`${CC} -print-prog-name=collect2` - if test -f "$collect2name" && \ - strings "$collect2name" | grep resolve_lib_name >/dev/null - then - # We have reworked collect2 - hardcode_direct_GCJ=yes - else - # We have old collect2 - hardcode_direct_GCJ=unsupported - # It fails to find uninstalled libraries when the uninstalled - # path is not listed in the libpath. Setting hardcode_minus_L - # to unsupported forces relinking - hardcode_minus_L_GCJ=yes - hardcode_libdir_flag_spec_GCJ='-L$libdir' - hardcode_libdir_separator_GCJ= - fi - ;; - esac - shared_flag='-shared' - if test "$aix_use_runtimelinking" = yes; then - shared_flag="$shared_flag "'${wl}-G' - fi - else - # not using gcc - if test "$host_cpu" = ia64; then - # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release - # chokes on -Wl,-G. The following line is correct: - shared_flag='-G' - else - if test "$aix_use_runtimelinking" = yes; then - shared_flag='${wl}-G' - else - shared_flag='${wl}-bM:SRE' - fi - fi - fi - - # It seems that -bexpall does not export symbols beginning with - # underscore (_), so it is better to generate a list of symbols to export. - always_export_symbols_GCJ=yes - if test "$aix_use_runtimelinking" = yes; then - # Warning - without using the other runtime loading flags (-brtl), - # -berok will link without error, but may produce a broken library. - allow_undefined_flag_GCJ='-berok' - # Determine the default libpath from the value encoded in an empty executable. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'`; fi -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi - - hardcode_libdir_flag_spec_GCJ='${wl}-blibpath:$libdir:'"$aix_libpath" - archive_expsym_cmds_GCJ="\$CC"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then echo "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" - else - if test "$host_cpu" = ia64; then - hardcode_libdir_flag_spec_GCJ='${wl}-R $libdir:/usr/lib:/lib' - allow_undefined_flag_GCJ="-z nodefs" - archive_expsym_cmds_GCJ="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols" - else - # Determine the default libpath from the value encoded in an empty executable. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; } -}'`; fi -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi - - hardcode_libdir_flag_spec_GCJ='${wl}-blibpath:$libdir:'"$aix_libpath" - # Warning - without using the other run time loading flags, - # -berok will link without error, but may produce a broken library. - no_undefined_flag_GCJ=' ${wl}-bernotok' - allow_undefined_flag_GCJ=' ${wl}-berok' - # Exported symbols can be pulled into shared objects from archives - whole_archive_flag_spec_GCJ='$convenience' - archive_cmds_need_lc_GCJ=yes - # This is similar to how AIX traditionally builds its shared libraries. - archive_expsym_cmds_GCJ="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname' - fi - fi - ;; - - amigaos*) - archive_cmds_GCJ='$rm $output_objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' - hardcode_libdir_flag_spec_GCJ='-L$libdir' - hardcode_minus_L_GCJ=yes - # see comment about different semantics on the GNU ld section - ld_shlibs_GCJ=no - ;; - - bsdi[45]*) - export_dynamic_flag_spec_GCJ=-rdynamic - ;; - - cygwin* | mingw* | pw32*) - # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. - # hardcode_libdir_flag_spec is actually meaningless, as there is - # no search path for DLLs. - hardcode_libdir_flag_spec_GCJ=' ' - allow_undefined_flag_GCJ=unsupported - # Tell ltmain to make .lib files, not .a files. - libext=lib - # Tell ltmain to make .dll files, not .so files. - shrext_cmds=".dll" - # FIXME: Setting linknames here is a bad hack. - archive_cmds_GCJ='$CC -o $lib $libobjs $compiler_flags `echo "$deplibs" | $SED -e '\''s/ -lc$//'\''` -link -dll~linknames=' - # The linker will automatically build a .lib file if we build a DLL. - old_archive_From_new_cmds_GCJ='true' - # FIXME: Should let the user specify the lib program. - old_archive_cmds_GCJ='lib /OUT:$oldlib$oldobjs$old_deplibs' - fix_srcfile_path_GCJ='`cygpath -w "$srcfile"`' - enable_shared_with_static_runtimes_GCJ=yes - ;; - - darwin* | rhapsody*) - case $host_os in - rhapsody* | darwin1.[012]) - allow_undefined_flag_GCJ='${wl}-undefined ${wl}suppress' - ;; - *) # Darwin 1.3 on - if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then - allow_undefined_flag_GCJ='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - else - case ${MACOSX_DEPLOYMENT_TARGET} in - 10.[012]) - allow_undefined_flag_GCJ='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' - ;; - 10.*) - allow_undefined_flag_GCJ='${wl}-undefined ${wl}dynamic_lookup' - ;; - esac - fi - ;; - esac - archive_cmds_need_lc_GCJ=no - hardcode_direct_GCJ=no - hardcode_automatic_GCJ=yes - hardcode_shlibpath_var_GCJ=unsupported - whole_archive_flag_spec_GCJ='' - link_all_deplibs_GCJ=yes - if test "$GCC" = yes ; then - output_verbose_link_cmd='echo' - archive_cmds_GCJ='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - module_cmds_GCJ='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - archive_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - module_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - case $cc_basename in - xlc*) - output_verbose_link_cmd='echo' - archive_cmds_GCJ='$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring' - module_cmds_GCJ='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds - archive_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - module_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - ;; - *) - ld_shlibs_GCJ=no - ;; - esac - fi - ;; - - dgux*) - archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_libdir_flag_spec_GCJ='-L$libdir' - hardcode_shlibpath_var_GCJ=no - ;; - - freebsd1*) - ld_shlibs_GCJ=no - ;; - - # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor - # support. Future versions do this automatically, but an explicit c++rt0.o - # does not break anything, and helps significantly (at the cost of a little - # extra space). - freebsd2.2*) - archive_cmds_GCJ='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o' - hardcode_libdir_flag_spec_GCJ='-R$libdir' - hardcode_direct_GCJ=yes - hardcode_shlibpath_var_GCJ=no - ;; - - # Unfortunately, older versions of FreeBSD 2 do not have this feature. - freebsd2*) - archive_cmds_GCJ='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct_GCJ=yes - hardcode_minus_L_GCJ=yes - hardcode_shlibpath_var_GCJ=no - ;; - - # FreeBSD 3 and greater uses gcc -shared to do shared libraries. - freebsd* | kfreebsd*-gnu | dragonfly*) - archive_cmds_GCJ='$CC -shared -o $lib $libobjs $deplibs $compiler_flags' - hardcode_libdir_flag_spec_GCJ='-R$libdir' - hardcode_direct_GCJ=yes - hardcode_shlibpath_var_GCJ=no - ;; - - hpux9*) - if test "$GCC" = yes; then - archive_cmds_GCJ='$rm $output_objdir/$soname~$CC -shared -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - else - archive_cmds_GCJ='$rm $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' - fi - hardcode_libdir_flag_spec_GCJ='${wl}+b ${wl}$libdir' - hardcode_libdir_separator_GCJ=: - hardcode_direct_GCJ=yes - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L_GCJ=yes - export_dynamic_flag_spec_GCJ='${wl}-E' - ;; - - hpux10*) - if test "$GCC" = yes -a "$with_gnu_ld" = no; then - archive_cmds_GCJ='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds_GCJ='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags' - fi - if test "$with_gnu_ld" = no; then - hardcode_libdir_flag_spec_GCJ='${wl}+b ${wl}$libdir' - hardcode_libdir_separator_GCJ=: - - hardcode_direct_GCJ=yes - export_dynamic_flag_spec_GCJ='${wl}-E' - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L_GCJ=yes - fi - ;; - - hpux11*) - if test "$GCC" = yes -a "$with_gnu_ld" = no; then - case $host_cpu in - hppa*64*) - archive_cmds_GCJ='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - ia64*) - archive_cmds_GCJ='$CC -shared ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - archive_cmds_GCJ='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - else - case $host_cpu in - hppa*64*) - archive_cmds_GCJ='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - ;; - ia64*) - archive_cmds_GCJ='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' - ;; - *) - archive_cmds_GCJ='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' - ;; - esac - fi - if test "$with_gnu_ld" = no; then - hardcode_libdir_flag_spec_GCJ='${wl}+b ${wl}$libdir' - hardcode_libdir_separator_GCJ=: - - case $host_cpu in - hppa*64*|ia64*) - hardcode_libdir_flag_spec_ld_GCJ='+b $libdir' - hardcode_direct_GCJ=no - hardcode_shlibpath_var_GCJ=no - ;; - *) - hardcode_direct_GCJ=yes - export_dynamic_flag_spec_GCJ='${wl}-E' - - # hardcode_minus_L: Not really in the search PATH, - # but as the default location of the library. - hardcode_minus_L_GCJ=yes - ;; - esac - fi - ;; - - irix5* | irix6* | nonstopux*) - if test "$GCC" = yes; then - archive_cmds_GCJ='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - archive_cmds_GCJ='$LD -shared $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - hardcode_libdir_flag_spec_ld_GCJ='-rpath $libdir' - fi - hardcode_libdir_flag_spec_GCJ='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator_GCJ=: - link_all_deplibs_GCJ=yes - ;; - - netbsd*) - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - archive_cmds_GCJ='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out - else - archive_cmds_GCJ='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF - fi - hardcode_libdir_flag_spec_GCJ='-R$libdir' - hardcode_direct_GCJ=yes - hardcode_shlibpath_var_GCJ=no - ;; - - newsos6) - archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct_GCJ=yes - hardcode_libdir_flag_spec_GCJ='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator_GCJ=: - hardcode_shlibpath_var_GCJ=no - ;; - - openbsd*) - hardcode_direct_GCJ=yes - hardcode_shlibpath_var_GCJ=no - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - archive_cmds_GCJ='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_GCJ='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols' - hardcode_libdir_flag_spec_GCJ='${wl}-rpath,$libdir' - export_dynamic_flag_spec_GCJ='${wl}-E' - else - case $host_os in - openbsd[01].* | openbsd2.[0-7] | openbsd2.[0-7].*) - archive_cmds_GCJ='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' - hardcode_libdir_flag_spec_GCJ='-R$libdir' - ;; - *) - archive_cmds_GCJ='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' - hardcode_libdir_flag_spec_GCJ='${wl}-rpath,$libdir' - ;; - esac - fi - ;; - - os2*) - hardcode_libdir_flag_spec_GCJ='-L$libdir' - hardcode_minus_L_GCJ=yes - allow_undefined_flag_GCJ=unsupported - archive_cmds_GCJ='$echo "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$echo "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~$echo DATA >> $output_objdir/$libname.def~$echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~$echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def' - old_archive_From_new_cmds_GCJ='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def' - ;; - - osf3*) - if test "$GCC" = yes; then - allow_undefined_flag_GCJ=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds_GCJ='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - else - allow_undefined_flag_GCJ=' -expect_unresolved \*' - archive_cmds_GCJ='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - fi - hardcode_libdir_flag_spec_GCJ='${wl}-rpath ${wl}$libdir' - hardcode_libdir_separator_GCJ=: - ;; - - osf4* | osf5*) # as osf3* with the addition of -msym flag - if test "$GCC" = yes; then - allow_undefined_flag_GCJ=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds_GCJ='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' - hardcode_libdir_flag_spec_GCJ='${wl}-rpath ${wl}$libdir' - else - allow_undefined_flag_GCJ=' -expect_unresolved \*' - archive_cmds_GCJ='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linker_flags -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib' - archive_expsym_cmds_GCJ='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; echo "-hidden">> $lib.exp~ - $LD -shared${allow_undefined_flag} -input $lib.exp $linker_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${output_objdir}/so_locations -o $lib~$rm $lib.exp' - - # Both c and cxx compiler support -rpath directly - hardcode_libdir_flag_spec_GCJ='-rpath $libdir' - fi - hardcode_libdir_separator_GCJ=: - ;; - - solaris*) - no_undefined_flag_GCJ=' -z text' - if test "$GCC" = yes; then - wlarc='${wl}' - archive_cmds_GCJ='$CC -shared ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_GCJ='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $CC -shared ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$rm $lib.exp' - else - wlarc='' - archive_cmds_GCJ='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags' - archive_expsym_cmds_GCJ='$echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~ - $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$rm $lib.exp' - fi - hardcode_libdir_flag_spec_GCJ='-R$libdir' - hardcode_shlibpath_var_GCJ=no - case $host_os in - solaris2.[0-5] | solaris2.[0-5].*) ;; - *) - # The compiler driver will combine linker options so we - # cannot just pass the convience library names through - # without $wl, iff we do not link with $LD. - # Luckily, gcc supports the same syntax we need for Sun Studio. - # Supported since Solaris 2.6 (maybe 2.5.1?) - case $wlarc in - '') - whole_archive_flag_spec_GCJ='-z allextract$convenience -z defaultextract' ;; - *) - whole_archive_flag_spec_GCJ='${wl}-z ${wl}allextract`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $echo \"$new_convenience\"` ${wl}-z ${wl}defaultextract' ;; - esac ;; - esac - link_all_deplibs_GCJ=yes - ;; - - sunos4*) - if test "x$host_vendor" = xsequent; then - # Use $CC to link under sequent, because it throws in some extra .o - # files that make .init and .fini sections work. - archive_cmds_GCJ='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds_GCJ='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags' - fi - hardcode_libdir_flag_spec_GCJ='-L$libdir' - hardcode_direct_GCJ=yes - hardcode_minus_L_GCJ=yes - hardcode_shlibpath_var_GCJ=no - ;; - - sysv4) - case $host_vendor in - sni) - archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct_GCJ=yes # is this really true??? - ;; - siemens) - ## LD is ld it makes a PLAMLIB - ## CC just makes a GrossModule. - archive_cmds_GCJ='$LD -G -o $lib $libobjs $deplibs $linker_flags' - reload_cmds_GCJ='$CC -r -o $output$reload_objs' - hardcode_direct_GCJ=no - ;; - motorola) - archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_direct_GCJ=no #Motorola manual says yes, but my tests say they lie - ;; - esac - runpath_var='LD_RUN_PATH' - hardcode_shlibpath_var_GCJ=no - ;; - - sysv4.3*) - archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_shlibpath_var_GCJ=no - export_dynamic_flag_spec_GCJ='-Bexport' - ;; - - sysv4*MP*) - if test -d /usr/nec; then - archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_shlibpath_var_GCJ=no - runpath_var=LD_RUN_PATH - hardcode_runpath_var=yes - ld_shlibs_GCJ=yes - fi - ;; - - sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7*) - no_undefined_flag_GCJ='${wl}-z,text' - archive_cmds_need_lc_GCJ=no - hardcode_shlibpath_var_GCJ=no - runpath_var='LD_RUN_PATH' - - if test "$GCC" = yes; then - archive_cmds_GCJ='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_GCJ='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds_GCJ='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_GCJ='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags' - fi - ;; - - sysv5* | sco3.2v5* | sco5v6*) - # Note: We can NOT use -z defs as we might desire, because we do not - # link with -lc, and that would cause any symbols used from libc to - # always be unresolved, which means just about no library would - # ever link correctly. If we're not using GNU ld we use -z text - # though, which does catch some bad symbols but isn't as heavy-handed - # as -z defs. - no_undefined_flag_GCJ='${wl}-z,text' - allow_undefined_flag_GCJ='${wl}-z,nodefs' - archive_cmds_need_lc_GCJ=no - hardcode_shlibpath_var_GCJ=no - hardcode_libdir_flag_spec_GCJ='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`' - hardcode_libdir_separator_GCJ=':' - link_all_deplibs_GCJ=yes - export_dynamic_flag_spec_GCJ='${wl}-Bexport' - runpath_var='LD_RUN_PATH' - - if test "$GCC" = yes; then - archive_cmds_GCJ='$CC -shared ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_GCJ='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - else - archive_cmds_GCJ='$CC -G ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - archive_expsym_cmds_GCJ='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,\${SCOABSPATH:+${install_libdir}/}$soname -o $lib $libobjs $deplibs $compiler_flags' - fi - ;; - - uts4*) - archive_cmds_GCJ='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' - hardcode_libdir_flag_spec_GCJ='-L$libdir' - hardcode_shlibpath_var_GCJ=no - ;; - - *) - ld_shlibs_GCJ=no - ;; - esac - fi - -{ echo "$as_me:$LINENO: result: $ld_shlibs_GCJ" >&5 -echo "${ECHO_T}$ld_shlibs_GCJ" >&6; } -test "$ld_shlibs_GCJ" = no && can_build_shared=no - -# -# Do we need to explicitly link libc? -# -case "x$archive_cmds_need_lc_GCJ" in -x|xyes) - # Assume -lc should be added - archive_cmds_need_lc_GCJ=yes - - if test "$enable_shared" = yes && test "$GCC" = yes; then - case $archive_cmds_GCJ in - *'~'*) - # FIXME: we may have to deal with multi-command sequences. - ;; - '$CC '*) - # Test whether the compiler implicitly links with -lc since on some - # systems, -lgcc has to come before -lc. If gcc already passes -lc - # to ld, don't add -lc before -lgcc. - { echo "$as_me:$LINENO: checking whether -lc should be explicitly linked in" >&5 -echo $ECHO_N "checking whether -lc should be explicitly linked in... $ECHO_C" >&6; } - $rm conftest* - printf "$lt_simple_compile_test_code" > conftest.$ac_ext - - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } 2>conftest.err; then - soname=conftest - lib=conftest - libobjs=conftest.$ac_objext - deplibs= - wl=$lt_prog_compiler_wl_GCJ - pic_flag=$lt_prog_compiler_pic_GCJ - compiler_flags=-v - linker_flags=-v - verstring= - output_objdir=. - libname=conftest - lt_save_allow_undefined_flag=$allow_undefined_flag_GCJ - allow_undefined_flag_GCJ= - if { (eval echo "$as_me:$LINENO: \"$archive_cmds_GCJ 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1\"") >&5 - (eval $archive_cmds_GCJ 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } - then - archive_cmds_need_lc_GCJ=no - else - archive_cmds_need_lc_GCJ=yes - fi - allow_undefined_flag_GCJ=$lt_save_allow_undefined_flag - else - cat conftest.err 1>&5 - fi - $rm conftest* - { echo "$as_me:$LINENO: result: $archive_cmds_need_lc_GCJ" >&5 -echo "${ECHO_T}$archive_cmds_need_lc_GCJ" >&6; } - ;; - esac - fi - ;; -esac - -{ echo "$as_me:$LINENO: checking dynamic linker characteristics" >&5 -echo $ECHO_N "checking dynamic linker characteristics... $ECHO_C" >&6; } -library_names_spec= -libname_spec='lib$name' -soname_spec= -shrext_cmds=".so" -postinstall_cmds= -postuninstall_cmds= -finish_cmds= -finish_eval= -shlibpath_var= -shlibpath_overrides_runpath=unknown -version_type=none -dynamic_linker="$host_os ld.so" -sys_lib_dlsearch_path_spec="/lib /usr/lib" -if test "$GCC" = yes; then - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"` - if echo "$sys_lib_search_path_spec" | grep ';' >/dev/null ; then - # if the path contains ";" then we assume it to be the separator - # otherwise default to the standard path separator (i.e. ":") - it is - # assumed that no part of a normal pathname contains ";" but that should - # okay in the real world where ";" in dirpaths is itself problematic. - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi -else - sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib" -fi -need_lib_prefix=unknown -hardcode_into_libs=no - -# when you set need_version to no, make sure it does not cause -set_version -# flags to be left without arguments -need_version=unknown - -case $host_os in -aix3*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a' - shlibpath_var=LIBPATH - - # AIX 3 has no versioning support, so we append a major version to the name. - soname_spec='${libname}${release}${shared_ext}$major' - ;; - -aix4* | aix5*) - version_type=linux - need_lib_prefix=no - need_version=no - hardcode_into_libs=yes - if test "$host_cpu" = ia64; then - # AIX 5 supports IA64 - library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - else - # With GCC up to 2.95.x, collect2 would create an import file - # for dependence libraries. The import file would start with - # the line `#! .'. This would cause the generated library to - # depend on `.', always an invalid library. This was fixed in - # development snapshots of GCC prior to 3.0. - case $host_os in - aix4 | aix4.[01] | aix4.[01].*) - if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)' - echo ' yes ' - echo '#endif'; } | ${CC} -E - | grep yes > /dev/null; then - : - else - can_build_shared=no - fi - ;; - esac - # AIX (on Power*) has no versioning support, so currently we can not hardcode correct - # soname into executable. Probably we can add versioning support to - # collect2, so additional links can be useful in future. - if test "$aix_use_runtimelinking" = yes; then - # If using run time linking (on AIX 4.2 or later) use lib.so - # instead of lib.a to let people know that these are not - # typical AIX shared libraries. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - else - # We preserve .a as extension for shared libraries through AIX4.2 - # and later when we are not doing run time linking. - library_names_spec='${libname}${release}.a $libname.a' - soname_spec='${libname}${release}${shared_ext}$major' - fi - shlibpath_var=LIBPATH - fi - ;; - -amigaos*) - library_names_spec='$libname.ixlibrary $libname.a' - # Create ${libname}_ixlibrary.a entries in /sys/libs. - finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$echo "X$lib" | $Xsed -e '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $rm /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done' - ;; - -beos*) - library_names_spec='${libname}${shared_ext}' - dynamic_linker="$host_os ld.so" - shlibpath_var=LIBRARY_PATH - ;; - -bsdi[45]*) - version_type=linux - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib" - sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib" - # the default ld.so.conf also contains /usr/contrib/lib and - # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow - # libtool to hard-code these into programs - ;; - -cygwin* | mingw* | pw32*) - version_type=windows - shrext_cmds=".dll" - need_version=no - need_lib_prefix=no - - case $GCC,$host_os in - yes,cygwin* | yes,mingw* | yes,pw32*) - library_names_spec='$libname.dll.a' - # DLL is installed to $(libdir)/../bin by postinstall_cmds - postinstall_cmds='base_file=`basename \${file}`~ - dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i;echo \$dlname'\''`~ - dldir=$destdir/`dirname \$dlpath`~ - test -d \$dldir || mkdir -p \$dldir~ - $install_prog $dir/$dlname \$dldir/$dlname~ - chmod a+x \$dldir/$dlname' - postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ - dlpath=$dir/\$dldll~ - $rm \$dlpath' - shlibpath_overrides_runpath=yes - - case $host_os in - cygwin*) - # Cygwin DLLs use 'cyg' prefix rather than 'lib' - soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib" - ;; - mingw*) - # MinGW DLLs use traditional 'lib' prefix - soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"` - if echo "$sys_lib_search_path_spec" | grep ';[c-zC-Z]:/' >/dev/null; then - # It is most probably a Windows format PATH printed by - # mingw gcc, but we are running on Cygwin. Gcc prints its search - # path with ; separators, and with drive letters. We can handle the - # drive letters (cygwin fileutils understands them), so leave them, - # especially as we might pass files found there to a mingw objdump, - # which wouldn't understand a cygwinified path. Ahh. - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` - else - sys_lib_search_path_spec=`echo "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` - fi - ;; - pw32*) - # pw32 DLLs use 'pw' prefix rather than 'lib' - library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' - ;; - esac - ;; - - *) - library_names_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext} $libname.lib' - ;; - esac - dynamic_linker='Win32 ld.exe' - # FIXME: first we should search . and the directory the executable is in - shlibpath_var=PATH - ;; - -darwin* | rhapsody*) - dynamic_linker="$host_os dyld" - version_type=darwin - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext ${libname}${release}${versuffix}$shared_ext' - soname_spec='${libname}${release}${major}$shared_ext' - shlibpath_overrides_runpath=yes - shlibpath_var=DYLD_LIBRARY_PATH - shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`' - # Apple's gcc prints 'gcc -print-search-dirs' doesn't operate the same. - if test "$GCC" = yes; then - sys_lib_search_path_spec=`$CC -print-search-dirs | tr "\n" "$PATH_SEPARATOR" | sed -e 's/libraries:/@libraries:/' | tr "@" "\n" | grep "^libraries:" | sed -e "s/^libraries://" -e "s,=/,/,g" -e "s,$PATH_SEPARATOR, ,g" -e "s,.*,& /lib /usr/lib /usr/local/lib,g"` - else - sys_lib_search_path_spec='/lib /usr/lib /usr/local/lib' - fi - sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib' - ;; - -dgux*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -freebsd1*) - dynamic_linker=no - ;; - -kfreebsd*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='GNU ld.so' - ;; - -freebsd* | dragonfly*) - # DragonFly does not have aout. When/if they implement a new - # versioning mechanism, adjust this. - if test -x /usr/bin/objformat; then - objformat=`/usr/bin/objformat` - else - case $host_os in - freebsd[123]*) objformat=aout ;; - *) objformat=elf ;; - esac - fi - version_type=freebsd-$objformat - case $version_type in - freebsd-elf*) - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - need_version=no - need_lib_prefix=no - ;; - freebsd-*) - library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix' - need_version=yes - ;; - esac - shlibpath_var=LD_LIBRARY_PATH - case $host_os in - freebsd2*) - shlibpath_overrides_runpath=yes - ;; - freebsd3.[01]* | freebsdelf3.[01]*) - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - freebsd3.[2-9]* | freebsdelf3.[2-9]* | \ - freebsd4.[0-5] | freebsdelf4.[0-5] | freebsd4.1.1 | freebsdelf4.1.1) - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - freebsd*) # from 4.6 on - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - esac - ;; - -gnu*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - ;; - -hpux9* | hpux10* | hpux11*) - # Give a soname corresponding to the major version so that dld.sl refuses to - # link against other versions. - version_type=sunos - need_lib_prefix=no - need_version=no - case $host_cpu in - ia64*) - shrext_cmds='.so' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.so" - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - if test "X$HPUX_IA64_MODE" = X32; then - sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib" - else - sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64" - fi - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - hppa*64*) - shrext_cmds='.sl' - hardcode_into_libs=yes - dynamic_linker="$host_os dld.sl" - shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH - shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64" - sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec - ;; - *) - shrext_cmds='.sl' - dynamic_linker="$host_os dld.sl" - shlibpath_var=SHLIB_PATH - shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - ;; - esac - # HP-UX runs *really* slowly unless shared libraries are mode 555. - postinstall_cmds='chmod 555 $lib' - ;; - -interix3*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - -irix5* | irix6* | nonstopux*) - case $host_os in - nonstopux*) version_type=nonstopux ;; - *) - if test "$lt_cv_prog_gnu_ld" = yes; then - version_type=linux - else - version_type=irix - fi ;; - esac - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}' - case $host_os in - irix5* | nonstopux*) - libsuff= shlibsuff= - ;; - *) - case $LD in # libtool.m4 will add one of these switches to LD - *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ") - libsuff= shlibsuff= libmagic=32-bit;; - *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ") - libsuff=32 shlibsuff=N32 libmagic=N32;; - *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ") - libsuff=64 shlibsuff=64 libmagic=64-bit;; - *) libsuff= shlibsuff= libmagic=never-match;; - esac - ;; - esac - shlibpath_var=LD_LIBRARY${shlibsuff}_PATH - shlibpath_overrides_runpath=no - sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}" - sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}" - hardcode_into_libs=yes - ;; - -# No shared lib support for Linux oldld, aout, or coff. -linux*oldld* | linux*aout* | linux*coff*) - dynamic_linker=no - ;; - -# This must be Linux ELF. -linux*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - # This implies no fast_install, which is unacceptable. - # Some rework will be needed to allow for fast_install - # before this can be enabled. - hardcode_into_libs=yes - - # Append ld.so.conf contents to the search path - if test -f /etc/ld.so.conf; then - lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '` - sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" - fi - - # We used to test for /lib/ld.so.1 and disable shared libraries on - # powerpc, because MkLinux only supported shared libraries with the - # GNU dynamic linker. Since this was broken with cross compilers, - # most powerpc-linux boxes support dynamic linking these days and - # people can always --disable-shared, the test was removed, and we - # assume the GNU/Linux dynamic linker is in use. - dynamic_linker='GNU/Linux ld.so' - ;; - -knetbsd*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='GNU ld.so' - ;; - -netbsd*) - version_type=sunos - need_lib_prefix=no - need_version=no - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - dynamic_linker='NetBSD (a.out) ld.so' - else - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - dynamic_linker='NetBSD ld.elf_so' - fi - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - ;; - -newsos6) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -nto-qnx*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -openbsd*) - version_type=sunos - sys_lib_dlsearch_path_spec="/usr/lib" - need_lib_prefix=no - # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs. - case $host_os in - openbsd3.3 | openbsd3.3.*) need_version=yes ;; - *) need_version=no ;; - esac - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - shlibpath_var=LD_LIBRARY_PATH - if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - case $host_os in - openbsd2.[89] | openbsd2.[89].*) - shlibpath_overrides_runpath=no - ;; - *) - shlibpath_overrides_runpath=yes - ;; - esac - else - shlibpath_overrides_runpath=yes - fi - ;; - -os2*) - libname_spec='$name' - shrext_cmds=".dll" - need_lib_prefix=no - library_names_spec='$libname${shared_ext} $libname.a' - dynamic_linker='OS/2 ld.exe' - shlibpath_var=LIBPATH - ;; - -osf3* | osf4* | osf5*) - version_type=osf - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}${shared_ext}$major' - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib" - sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec" - ;; - -solaris*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - # ldd complains unless libraries are executable - postinstall_cmds='chmod +x $lib' - ;; - -sunos4*) - version_type=sunos - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' - finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - if test "$with_gnu_ld" = yes; then - need_lib_prefix=no - fi - need_version=yes - ;; - -sysv4 | sysv4.3*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - case $host_vendor in - sni) - shlibpath_overrides_runpath=no - need_lib_prefix=no - export_dynamic_flag_spec='${wl}-Blargedynsym' - runpath_var=LD_RUN_PATH - ;; - siemens) - need_lib_prefix=no - ;; - motorola) - need_lib_prefix=no - need_version=no - shlibpath_overrides_runpath=no - sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib' - ;; - esac - ;; - -sysv4*MP*) - if test -d /usr/nec ;then - version_type=linux - library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}' - soname_spec='$libname${shared_ext}.$major' - shlibpath_var=LD_LIBRARY_PATH - fi - ;; - -sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) - version_type=freebsd-elf - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - if test "$with_gnu_ld" = yes; then - sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib' - shlibpath_overrides_runpath=no - else - sys_lib_search_path_spec='/usr/ccs/lib /usr/lib' - shlibpath_overrides_runpath=yes - case $host_os in - sco3.2v5*) - sys_lib_search_path_spec="$sys_lib_search_path_spec /lib" - ;; - esac - fi - sys_lib_dlsearch_path_spec='/usr/lib' - ;; - -uts4*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -*) - dynamic_linker=no - ;; -esac -{ echo "$as_me:$LINENO: result: $dynamic_linker" >&5 -echo "${ECHO_T}$dynamic_linker" >&6; } -test "$dynamic_linker" = no && can_build_shared=no - -variables_saved_for_relink="PATH $shlibpath_var $runpath_var" -if test "$GCC" = yes; then - variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" -fi - -{ echo "$as_me:$LINENO: checking how to hardcode library paths into programs" >&5 -echo $ECHO_N "checking how to hardcode library paths into programs... $ECHO_C" >&6; } -hardcode_action_GCJ= -if test -n "$hardcode_libdir_flag_spec_GCJ" || \ - test -n "$runpath_var_GCJ" || \ - test "X$hardcode_automatic_GCJ" = "Xyes" ; then - - # We can hardcode non-existant directories. - if test "$hardcode_direct_GCJ" != no && - # If the only mechanism to avoid hardcoding is shlibpath_var, we - # have to relink, otherwise we might link with an installed library - # when we should be linking with a yet-to-be-installed one - ## test "$_LT_AC_TAGVAR(hardcode_shlibpath_var, GCJ)" != no && - test "$hardcode_minus_L_GCJ" != no; then - # Linking always hardcodes the temporary library directory. - hardcode_action_GCJ=relink - else - # We can link without hardcoding, and we can hardcode nonexisting dirs. - hardcode_action_GCJ=immediate - fi -else - # We cannot hardcode anything, or else we can only hardcode existing - # directories. - hardcode_action_GCJ=unsupported -fi -{ echo "$as_me:$LINENO: result: $hardcode_action_GCJ" >&5 -echo "${ECHO_T}$hardcode_action_GCJ" >&6; } - -if test "$hardcode_action_GCJ" = relink; then - # Fast installation is not supported - enable_fast_install=no -elif test "$shlibpath_overrides_runpath" = yes || - test "$enable_shared" = no; then - # Fast installation is not necessary - enable_fast_install=needless -fi - - -# The else clause should only fire when bootstrapping the -# libtool distribution, otherwise you forgot to ship ltmain.sh -# with your package, and you will get complaints that there are -# no rules to generate ltmain.sh. -if test -f "$ltmain"; then - # See if we are running on zsh, and set the options which allow our commands through - # without removal of \ escapes. - if test -n "${ZSH_VERSION+set}" ; then - setopt NO_GLOB_SUBST - fi - # Now quote all the things that may contain metacharacters while being - # careful not to overquote the AC_SUBSTed values. We take copies of the - # variables and quote the copies for generation of the libtool script. - for var in echo old_CC old_CFLAGS AR AR_FLAGS EGREP RANLIB LN_S LTCC LTCFLAGS NM \ - SED SHELL STRIP \ - libname_spec library_names_spec soname_spec extract_expsyms_cmds \ - old_striplib striplib file_magic_cmd finish_cmds finish_eval \ - deplibs_check_method reload_flag reload_cmds need_locks \ - lt_cv_sys_global_symbol_pipe lt_cv_sys_global_symbol_to_cdecl \ - lt_cv_sys_global_symbol_to_c_name_address \ - sys_lib_search_path_spec sys_lib_dlsearch_path_spec \ - old_postinstall_cmds old_postuninstall_cmds \ - compiler_GCJ \ - CC_GCJ \ - LD_GCJ \ - lt_prog_compiler_wl_GCJ \ - lt_prog_compiler_pic_GCJ \ - lt_prog_compiler_static_GCJ \ - lt_prog_compiler_no_builtin_flag_GCJ \ - export_dynamic_flag_spec_GCJ \ - thread_safe_flag_spec_GCJ \ - whole_archive_flag_spec_GCJ \ - enable_shared_with_static_runtimes_GCJ \ - old_archive_cmds_GCJ \ - old_archive_from_new_cmds_GCJ \ - predep_objects_GCJ \ - postdep_objects_GCJ \ - predeps_GCJ \ - postdeps_GCJ \ - compiler_lib_search_path_GCJ \ - archive_cmds_GCJ \ - archive_expsym_cmds_GCJ \ - postinstall_cmds_GCJ \ - postuninstall_cmds_GCJ \ - old_archive_from_expsyms_cmds_GCJ \ - allow_undefined_flag_GCJ \ - no_undefined_flag_GCJ \ - export_symbols_cmds_GCJ \ - hardcode_libdir_flag_spec_GCJ \ - hardcode_libdir_flag_spec_ld_GCJ \ - hardcode_libdir_separator_GCJ \ - hardcode_automatic_GCJ \ - module_cmds_GCJ \ - module_expsym_cmds_GCJ \ - lt_cv_prog_compiler_c_o_GCJ \ - exclude_expsyms_GCJ \ - include_expsyms_GCJ; do - - case $var in - old_archive_cmds_GCJ | \ - old_archive_from_new_cmds_GCJ | \ - archive_cmds_GCJ | \ - archive_expsym_cmds_GCJ | \ - module_cmds_GCJ | \ - module_expsym_cmds_GCJ | \ - old_archive_from_expsyms_cmds_GCJ | \ - export_symbols_cmds_GCJ | \ - extract_expsyms_cmds | reload_cmds | finish_cmds | \ - postinstall_cmds | postuninstall_cmds | \ - old_postinstall_cmds | old_postuninstall_cmds | \ - sys_lib_search_path_spec | sys_lib_dlsearch_path_spec) - # Double-quote double-evaled strings. - eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$double_quote_subst\" -e \"\$sed_quote_subst\" -e \"\$delay_variable_subst\"\`\\\"" - ;; - *) - eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$sed_quote_subst\"\`\\\"" - ;; - esac - done - - case $lt_echo in - *'\$0 --fallback-echo"') - lt_echo=`$echo "X$lt_echo" | $Xsed -e 's/\\\\\\\$0 --fallback-echo"$/$0 --fallback-echo"/'` - ;; - esac - -cfgfile="$ofile" - - cat <<__EOF__ >> "$cfgfile" -# ### BEGIN LIBTOOL TAG CONFIG: $tagname - -# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: - -# Shell to use when invoking shell scripts. -SHELL=$lt_SHELL - -# Whether or not to build shared libraries. -build_libtool_libs=$enable_shared - -# Whether or not to build static libraries. -build_old_libs=$enable_static - -# Whether or not to add -lc for building shared libraries. -build_libtool_need_lc=$archive_cmds_need_lc_GCJ - -# Whether or not to disallow shared libs when runtime libs are static -allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes_GCJ - -# Whether or not to optimize for fast installation. -fast_install=$enable_fast_install - -# The host system. -host_alias=$host_alias -host=$host -host_os=$host_os - -# The build system. -build_alias=$build_alias -build=$build -build_os=$build_os - -# An echo program that does not interpret backslashes. -echo=$lt_echo - -# The archiver. -AR=$lt_AR -AR_FLAGS=$lt_AR_FLAGS - -# A C compiler. -LTCC=$lt_LTCC - -# LTCC compiler flags. -LTCFLAGS=$lt_LTCFLAGS - -# A language-specific compiler. -CC=$lt_compiler_GCJ - -# Is the compiler the GNU C compiler? -with_gcc=$GCC_GCJ - -# An ERE matcher. -EGREP=$lt_EGREP - -# The linker used to build libraries. -LD=$lt_LD_GCJ - -# Whether we need hard or soft links. -LN_S=$lt_LN_S - -# A BSD-compatible nm program. -NM=$lt_NM - -# A symbol stripping program -STRIP=$lt_STRIP - -# Used to examine libraries when file_magic_cmd begins "file" -MAGIC_CMD=$MAGIC_CMD - -# Used on cygwin: DLL creation program. -DLLTOOL="$DLLTOOL" - -# Used on cygwin: object dumper. -OBJDUMP="$OBJDUMP" - -# Used on cygwin: assembler. -AS="$AS" - -# The name of the directory that contains temporary libtool files. -objdir=$objdir - -# How to create reloadable object files. -reload_flag=$lt_reload_flag -reload_cmds=$lt_reload_cmds - -# How to pass a linker flag through the compiler. -wl=$lt_lt_prog_compiler_wl_GCJ - -# Object file suffix (normally "o"). -objext="$ac_objext" - -# Old archive suffix (normally "a"). -libext="$libext" - -# Shared library suffix (normally ".so"). -shrext_cmds='$shrext_cmds' - -# Executable file suffix (normally ""). -exeext="$exeext" - -# Additional compiler flags for building library objects. -pic_flag=$lt_lt_prog_compiler_pic_GCJ -pic_mode=$pic_mode - -# What is the maximum length of a command? -max_cmd_len=$lt_cv_sys_max_cmd_len - -# Does compiler simultaneously support -c and -o options? -compiler_c_o=$lt_lt_cv_prog_compiler_c_o_GCJ - -# Must we lock files when doing compilation? -need_locks=$lt_need_locks - -# Do we need the lib prefix for modules? -need_lib_prefix=$need_lib_prefix - -# Do we need a version for libraries? -need_version=$need_version - -# Whether dlopen is supported. -dlopen_support=$enable_dlopen - -# Whether dlopen of programs is supported. -dlopen_self=$enable_dlopen_self - -# Whether dlopen of statically linked programs is supported. -dlopen_self_static=$enable_dlopen_self_static - -# Compiler flag to prevent dynamic linking. -link_static_flag=$lt_lt_prog_compiler_static_GCJ - -# Compiler flag to turn off builtin functions. -no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag_GCJ - -# Compiler flag to allow reflexive dlopens. -export_dynamic_flag_spec=$lt_export_dynamic_flag_spec_GCJ - -# Compiler flag to generate shared objects directly from archives. -whole_archive_flag_spec=$lt_whole_archive_flag_spec_GCJ - -# Compiler flag to generate thread-safe objects. -thread_safe_flag_spec=$lt_thread_safe_flag_spec_GCJ - -# Library versioning type. -version_type=$version_type - -# Format of library name prefix. -libname_spec=$lt_libname_spec - -# List of archive names. First name is the real one, the rest are links. -# The last name is the one that the linker finds with -lNAME. -library_names_spec=$lt_library_names_spec - -# The coded name of the library, if different from the real name. -soname_spec=$lt_soname_spec - -# Commands used to build and install an old-style archive. -RANLIB=$lt_RANLIB -old_archive_cmds=$lt_old_archive_cmds_GCJ -old_postinstall_cmds=$lt_old_postinstall_cmds -old_postuninstall_cmds=$lt_old_postuninstall_cmds - -# Create an old-style archive from a shared archive. -old_archive_from_new_cmds=$lt_old_archive_from_new_cmds_GCJ - -# Create a temporary old-style archive to link instead of a shared archive. -old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds_GCJ - -# Commands used to build and install a shared archive. -archive_cmds=$lt_archive_cmds_GCJ -archive_expsym_cmds=$lt_archive_expsym_cmds_GCJ -postinstall_cmds=$lt_postinstall_cmds -postuninstall_cmds=$lt_postuninstall_cmds - -# Commands used to build a loadable module (assumed same as above if empty) -module_cmds=$lt_module_cmds_GCJ -module_expsym_cmds=$lt_module_expsym_cmds_GCJ - -# Commands to strip libraries. -old_striplib=$lt_old_striplib -striplib=$lt_striplib - -# Dependencies to place before the objects being linked to create a -# shared library. -predep_objects=$lt_predep_objects_GCJ - -# Dependencies to place after the objects being linked to create a -# shared library. -postdep_objects=$lt_postdep_objects_GCJ - -# Dependencies to place before the objects being linked to create a -# shared library. -predeps=$lt_predeps_GCJ - -# Dependencies to place after the objects being linked to create a -# shared library. -postdeps=$lt_postdeps_GCJ - -# The library search path used internally by the compiler when linking -# a shared library. -compiler_lib_search_path=$lt_compiler_lib_search_path_GCJ - -# Method to check whether dependent libraries are shared objects. -deplibs_check_method=$lt_deplibs_check_method - -# Command to use when deplibs_check_method == file_magic. -file_magic_cmd=$lt_file_magic_cmd - -# Flag that allows shared libraries with undefined symbols to be built. -allow_undefined_flag=$lt_allow_undefined_flag_GCJ - -# Flag that forces no undefined symbols. -no_undefined_flag=$lt_no_undefined_flag_GCJ - -# Commands used to finish a libtool library installation in a directory. -finish_cmds=$lt_finish_cmds - -# Same as above, but a single script fragment to be evaled but not shown. -finish_eval=$lt_finish_eval - -# Take the output of nm and produce a listing of raw symbols and C names. -global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe - -# Transform the output of nm in a proper C declaration -global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl - -# Transform the output of nm in a C name address pair -global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address - -# This is the shared library runtime path variable. -runpath_var=$runpath_var - -# This is the shared library path variable. -shlibpath_var=$shlibpath_var - -# Is shlibpath searched before the hard-coded library search path? -shlibpath_overrides_runpath=$shlibpath_overrides_runpath - -# How to hardcode a shared library path into an executable. -hardcode_action=$hardcode_action_GCJ - -# Whether we should hardcode library paths into libraries. -hardcode_into_libs=$hardcode_into_libs - -# Flag to hardcode \$libdir into a binary during linking. -# This must work even if \$libdir does not exist. -hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec_GCJ - -# If ld is used when linking, flag to hardcode \$libdir into -# a binary during linking. This must work even if \$libdir does -# not exist. -hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld_GCJ - -# Whether we need a single -rpath flag with a separated argument. -hardcode_libdir_separator=$lt_hardcode_libdir_separator_GCJ - -# Set to yes if using DIR/libNAME${shared_ext} during linking hardcodes DIR into the -# resulting binary. -hardcode_direct=$hardcode_direct_GCJ - -# Set to yes if using the -LDIR flag during linking hardcodes DIR into the -# resulting binary. -hardcode_minus_L=$hardcode_minus_L_GCJ - -# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into -# the resulting binary. -hardcode_shlibpath_var=$hardcode_shlibpath_var_GCJ - -# Set to yes if building a shared library automatically hardcodes DIR into the library -# and all subsequent libraries and executables linked against it. -hardcode_automatic=$hardcode_automatic_GCJ - -# Variables whose values should be saved in libtool wrapper scripts and -# restored at relink time. -variables_saved_for_relink="$variables_saved_for_relink" - -# Whether libtool must link a program against all its dependency libraries. -link_all_deplibs=$link_all_deplibs_GCJ - -# Compile-time system search path for libraries -sys_lib_search_path_spec=$lt_sys_lib_search_path_spec - -# Run-time system search path for libraries -sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec - -# Fix the shell variable \$srcfile for the compiler. -fix_srcfile_path="$fix_srcfile_path_GCJ" - -# Set to yes if exported symbols are required. -always_export_symbols=$always_export_symbols_GCJ - -# The commands to list exported symbols. -export_symbols_cmds=$lt_export_symbols_cmds_GCJ - -# The commands to extract the exported symbol list from a shared archive. -extract_expsyms_cmds=$lt_extract_expsyms_cmds - -# Symbols that should not be listed in the preloaded symbols. -exclude_expsyms=$lt_exclude_expsyms_GCJ - -# Symbols that must always be exported. -include_expsyms=$lt_include_expsyms_GCJ - -# ### END LIBTOOL TAG CONFIG: $tagname - -__EOF__ - - -else - # If there is no Makefile yet, we rely on a make rule to execute - # `config.status --recheck' to rerun these tests and create the - # libtool script then. - ltmain_in=`echo $ltmain | sed -e 's/\.sh$/.in/'` - if test -f "$ltmain_in"; then - test -f Makefile && make "$ltmain" - fi -fi - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -CC="$lt_save_CC" - - else - tagname="" - fi - ;; - - RC) - - -# Source file extension for RC test sources. -ac_ext=rc - -# Object file extension for compiled RC test sources. -objext=o -objext_RC=$objext - -# Code to be used in simple compile tests -lt_simple_compile_test_code='sample MENU { MENUITEM "&Soup", 100, CHECKED }\n' - -# Code to be used in simple link tests -lt_simple_link_test_code="$lt_simple_compile_test_code" - -# ltmain only uses $CC for tagged configurations so make sure $CC is set. - -# If no C compiler was specified, use CC. -LTCC=${LTCC-"$CC"} - -# If no C compiler flags were specified, use CFLAGS. -LTCFLAGS=${LTCFLAGS-"$CFLAGS"} - -# Allow CC to be a program name with arguments. -compiler=$CC - - -# save warnings/boilerplate of simple test code -ac_outfile=conftest.$ac_objext -printf "$lt_simple_compile_test_code" >conftest.$ac_ext -eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_compiler_boilerplate=`cat conftest.err` -$rm conftest* - -ac_outfile=conftest.$ac_objext -printf "$lt_simple_link_test_code" >conftest.$ac_ext -eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err -_lt_linker_boilerplate=`cat conftest.err` -$rm conftest* - - -# Allow CC to be a program name with arguments. -lt_save_CC="$CC" -CC=${RC-"windres"} -compiler=$CC -compiler_RC=$CC -for cc_temp in $compiler""; do - case $cc_temp in - compile | *[\\/]compile | ccache | *[\\/]ccache ) ;; - distcc | *[\\/]distcc | purify | *[\\/]purify ) ;; - \-*) ;; - *) break;; - esac -done -cc_basename=`$echo "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"` - -lt_cv_prog_compiler_c_o_RC=yes - -# The else clause should only fire when bootstrapping the -# libtool distribution, otherwise you forgot to ship ltmain.sh -# with your package, and you will get complaints that there are -# no rules to generate ltmain.sh. -if test -f "$ltmain"; then - # See if we are running on zsh, and set the options which allow our commands through - # without removal of \ escapes. - if test -n "${ZSH_VERSION+set}" ; then - setopt NO_GLOB_SUBST - fi - # Now quote all the things that may contain metacharacters while being - # careful not to overquote the AC_SUBSTed values. We take copies of the - # variables and quote the copies for generation of the libtool script. - for var in echo old_CC old_CFLAGS AR AR_FLAGS EGREP RANLIB LN_S LTCC LTCFLAGS NM \ - SED SHELL STRIP \ - libname_spec library_names_spec soname_spec extract_expsyms_cmds \ - old_striplib striplib file_magic_cmd finish_cmds finish_eval \ - deplibs_check_method reload_flag reload_cmds need_locks \ - lt_cv_sys_global_symbol_pipe lt_cv_sys_global_symbol_to_cdecl \ - lt_cv_sys_global_symbol_to_c_name_address \ - sys_lib_search_path_spec sys_lib_dlsearch_path_spec \ - old_postinstall_cmds old_postuninstall_cmds \ - compiler_RC \ - CC_RC \ - LD_RC \ - lt_prog_compiler_wl_RC \ - lt_prog_compiler_pic_RC \ - lt_prog_compiler_static_RC \ - lt_prog_compiler_no_builtin_flag_RC \ - export_dynamic_flag_spec_RC \ - thread_safe_flag_spec_RC \ - whole_archive_flag_spec_RC \ - enable_shared_with_static_runtimes_RC \ - old_archive_cmds_RC \ - old_archive_from_new_cmds_RC \ - predep_objects_RC \ - postdep_objects_RC \ - predeps_RC \ - postdeps_RC \ - compiler_lib_search_path_RC \ - archive_cmds_RC \ - archive_expsym_cmds_RC \ - postinstall_cmds_RC \ - postuninstall_cmds_RC \ - old_archive_from_expsyms_cmds_RC \ - allow_undefined_flag_RC \ - no_undefined_flag_RC \ - export_symbols_cmds_RC \ - hardcode_libdir_flag_spec_RC \ - hardcode_libdir_flag_spec_ld_RC \ - hardcode_libdir_separator_RC \ - hardcode_automatic_RC \ - module_cmds_RC \ - module_expsym_cmds_RC \ - lt_cv_prog_compiler_c_o_RC \ - exclude_expsyms_RC \ - include_expsyms_RC; do - - case $var in - old_archive_cmds_RC | \ - old_archive_from_new_cmds_RC | \ - archive_cmds_RC | \ - archive_expsym_cmds_RC | \ - module_cmds_RC | \ - module_expsym_cmds_RC | \ - old_archive_from_expsyms_cmds_RC | \ - export_symbols_cmds_RC | \ - extract_expsyms_cmds | reload_cmds | finish_cmds | \ - postinstall_cmds | postuninstall_cmds | \ - old_postinstall_cmds | old_postuninstall_cmds | \ - sys_lib_search_path_spec | sys_lib_dlsearch_path_spec) - # Double-quote double-evaled strings. - eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$double_quote_subst\" -e \"\$sed_quote_subst\" -e \"\$delay_variable_subst\"\`\\\"" - ;; - *) - eval "lt_$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$sed_quote_subst\"\`\\\"" - ;; - esac - done - - case $lt_echo in - *'\$0 --fallback-echo"') - lt_echo=`$echo "X$lt_echo" | $Xsed -e 's/\\\\\\\$0 --fallback-echo"$/$0 --fallback-echo"/'` - ;; - esac - -cfgfile="$ofile" - - cat <<__EOF__ >> "$cfgfile" -# ### BEGIN LIBTOOL TAG CONFIG: $tagname - -# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: - -# Shell to use when invoking shell scripts. -SHELL=$lt_SHELL - -# Whether or not to build shared libraries. -build_libtool_libs=$enable_shared - -# Whether or not to build static libraries. -build_old_libs=$enable_static - -# Whether or not to add -lc for building shared libraries. -build_libtool_need_lc=$archive_cmds_need_lc_RC - -# Whether or not to disallow shared libs when runtime libs are static -allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes_RC - -# Whether or not to optimize for fast installation. -fast_install=$enable_fast_install - -# The host system. -host_alias=$host_alias -host=$host -host_os=$host_os - -# The build system. -build_alias=$build_alias -build=$build -build_os=$build_os - -# An echo program that does not interpret backslashes. -echo=$lt_echo - -# The archiver. -AR=$lt_AR -AR_FLAGS=$lt_AR_FLAGS - -# A C compiler. -LTCC=$lt_LTCC - -# LTCC compiler flags. -LTCFLAGS=$lt_LTCFLAGS - -# A language-specific compiler. -CC=$lt_compiler_RC - -# Is the compiler the GNU C compiler? -with_gcc=$GCC_RC - -# An ERE matcher. -EGREP=$lt_EGREP - -# The linker used to build libraries. -LD=$lt_LD_RC - -# Whether we need hard or soft links. -LN_S=$lt_LN_S - -# A BSD-compatible nm program. -NM=$lt_NM - -# A symbol stripping program -STRIP=$lt_STRIP - -# Used to examine libraries when file_magic_cmd begins "file" -MAGIC_CMD=$MAGIC_CMD - -# Used on cygwin: DLL creation program. -DLLTOOL="$DLLTOOL" - -# Used on cygwin: object dumper. -OBJDUMP="$OBJDUMP" - -# Used on cygwin: assembler. -AS="$AS" - -# The name of the directory that contains temporary libtool files. -objdir=$objdir - -# How to create reloadable object files. -reload_flag=$lt_reload_flag -reload_cmds=$lt_reload_cmds - -# How to pass a linker flag through the compiler. -wl=$lt_lt_prog_compiler_wl_RC - -# Object file suffix (normally "o"). -objext="$ac_objext" - -# Old archive suffix (normally "a"). -libext="$libext" - -# Shared library suffix (normally ".so"). -shrext_cmds='$shrext_cmds' - -# Executable file suffix (normally ""). -exeext="$exeext" - -# Additional compiler flags for building library objects. -pic_flag=$lt_lt_prog_compiler_pic_RC -pic_mode=$pic_mode - -# What is the maximum length of a command? -max_cmd_len=$lt_cv_sys_max_cmd_len - -# Does compiler simultaneously support -c and -o options? -compiler_c_o=$lt_lt_cv_prog_compiler_c_o_RC - -# Must we lock files when doing compilation? -need_locks=$lt_need_locks - -# Do we need the lib prefix for modules? -need_lib_prefix=$need_lib_prefix - -# Do we need a version for libraries? -need_version=$need_version - -# Whether dlopen is supported. -dlopen_support=$enable_dlopen - -# Whether dlopen of programs is supported. -dlopen_self=$enable_dlopen_self - -# Whether dlopen of statically linked programs is supported. -dlopen_self_static=$enable_dlopen_self_static - -# Compiler flag to prevent dynamic linking. -link_static_flag=$lt_lt_prog_compiler_static_RC - -# Compiler flag to turn off builtin functions. -no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag_RC - -# Compiler flag to allow reflexive dlopens. -export_dynamic_flag_spec=$lt_export_dynamic_flag_spec_RC - -# Compiler flag to generate shared objects directly from archives. -whole_archive_flag_spec=$lt_whole_archive_flag_spec_RC - -# Compiler flag to generate thread-safe objects. -thread_safe_flag_spec=$lt_thread_safe_flag_spec_RC - -# Library versioning type. -version_type=$version_type - -# Format of library name prefix. -libname_spec=$lt_libname_spec - -# List of archive names. First name is the real one, the rest are links. -# The last name is the one that the linker finds with -lNAME. -library_names_spec=$lt_library_names_spec - -# The coded name of the library, if different from the real name. -soname_spec=$lt_soname_spec - -# Commands used to build and install an old-style archive. -RANLIB=$lt_RANLIB -old_archive_cmds=$lt_old_archive_cmds_RC -old_postinstall_cmds=$lt_old_postinstall_cmds -old_postuninstall_cmds=$lt_old_postuninstall_cmds - -# Create an old-style archive from a shared archive. -old_archive_from_new_cmds=$lt_old_archive_from_new_cmds_RC - -# Create a temporary old-style archive to link instead of a shared archive. -old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds_RC - -# Commands used to build and install a shared archive. -archive_cmds=$lt_archive_cmds_RC -archive_expsym_cmds=$lt_archive_expsym_cmds_RC -postinstall_cmds=$lt_postinstall_cmds -postuninstall_cmds=$lt_postuninstall_cmds - -# Commands used to build a loadable module (assumed same as above if empty) -module_cmds=$lt_module_cmds_RC -module_expsym_cmds=$lt_module_expsym_cmds_RC - -# Commands to strip libraries. -old_striplib=$lt_old_striplib -striplib=$lt_striplib - -# Dependencies to place before the objects being linked to create a -# shared library. -predep_objects=$lt_predep_objects_RC - -# Dependencies to place after the objects being linked to create a -# shared library. -postdep_objects=$lt_postdep_objects_RC - -# Dependencies to place before the objects being linked to create a -# shared library. -predeps=$lt_predeps_RC - -# Dependencies to place after the objects being linked to create a -# shared library. -postdeps=$lt_postdeps_RC - -# The library search path used internally by the compiler when linking -# a shared library. -compiler_lib_search_path=$lt_compiler_lib_search_path_RC - -# Method to check whether dependent libraries are shared objects. -deplibs_check_method=$lt_deplibs_check_method - -# Command to use when deplibs_check_method == file_magic. -file_magic_cmd=$lt_file_magic_cmd - -# Flag that allows shared libraries with undefined symbols to be built. -allow_undefined_flag=$lt_allow_undefined_flag_RC - -# Flag that forces no undefined symbols. -no_undefined_flag=$lt_no_undefined_flag_RC - -# Commands used to finish a libtool library installation in a directory. -finish_cmds=$lt_finish_cmds - -# Same as above, but a single script fragment to be evaled but not shown. -finish_eval=$lt_finish_eval - -# Take the output of nm and produce a listing of raw symbols and C names. -global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe - -# Transform the output of nm in a proper C declaration -global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl - -# Transform the output of nm in a C name address pair -global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address - -# This is the shared library runtime path variable. -runpath_var=$runpath_var - -# This is the shared library path variable. -shlibpath_var=$shlibpath_var - -# Is shlibpath searched before the hard-coded library search path? -shlibpath_overrides_runpath=$shlibpath_overrides_runpath - -# How to hardcode a shared library path into an executable. -hardcode_action=$hardcode_action_RC - -# Whether we should hardcode library paths into libraries. -hardcode_into_libs=$hardcode_into_libs - -# Flag to hardcode \$libdir into a binary during linking. -# This must work even if \$libdir does not exist. -hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec_RC - -# If ld is used when linking, flag to hardcode \$libdir into -# a binary during linking. This must work even if \$libdir does -# not exist. -hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld_RC - -# Whether we need a single -rpath flag with a separated argument. -hardcode_libdir_separator=$lt_hardcode_libdir_separator_RC - -# Set to yes if using DIR/libNAME${shared_ext} during linking hardcodes DIR into the -# resulting binary. -hardcode_direct=$hardcode_direct_RC - -# Set to yes if using the -LDIR flag during linking hardcodes DIR into the -# resulting binary. -hardcode_minus_L=$hardcode_minus_L_RC - -# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into -# the resulting binary. -hardcode_shlibpath_var=$hardcode_shlibpath_var_RC - -# Set to yes if building a shared library automatically hardcodes DIR into the library -# and all subsequent libraries and executables linked against it. -hardcode_automatic=$hardcode_automatic_RC - -# Variables whose values should be saved in libtool wrapper scripts and -# restored at relink time. -variables_saved_for_relink="$variables_saved_for_relink" - -# Whether libtool must link a program against all its dependency libraries. -link_all_deplibs=$link_all_deplibs_RC - -# Compile-time system search path for libraries -sys_lib_search_path_spec=$lt_sys_lib_search_path_spec - -# Run-time system search path for libraries -sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec - -# Fix the shell variable \$srcfile for the compiler. -fix_srcfile_path="$fix_srcfile_path_RC" - -# Set to yes if exported symbols are required. -always_export_symbols=$always_export_symbols_RC - -# The commands to list exported symbols. -export_symbols_cmds=$lt_export_symbols_cmds_RC - -# The commands to extract the exported symbol list from a shared archive. -extract_expsyms_cmds=$lt_extract_expsyms_cmds - -# Symbols that should not be listed in the preloaded symbols. -exclude_expsyms=$lt_exclude_expsyms_RC - -# Symbols that must always be exported. -include_expsyms=$lt_include_expsyms_RC - -# ### END LIBTOOL TAG CONFIG: $tagname - -__EOF__ - - -else - # If there is no Makefile yet, we rely on a make rule to execute - # `config.status --recheck' to rerun these tests and create the - # libtool script then. - ltmain_in=`echo $ltmain | sed -e 's/\.sh$/.in/'` - if test -f "$ltmain_in"; then - test -f Makefile && make "$ltmain" - fi -fi - - -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -CC="$lt_save_CC" - - ;; - - *) - { { echo "$as_me:$LINENO: error: Unsupported tag name: $tagname" >&5 -echo "$as_me: error: Unsupported tag name: $tagname" >&2;} - { (exit 1); exit 1; }; } - ;; - esac - - # Append the new tag name to the list of available tags. - if test -n "$tagname" ; then - available_tags="$available_tags $tagname" - fi - fi - done - IFS="$lt_save_ifs" - - # Now substitute the updated list of available tags. - if eval "sed -e 's/^available_tags=.*\$/available_tags=\"$available_tags\"/' \"$ofile\" > \"${ofile}T\""; then - mv "${ofile}T" "$ofile" - chmod +x "$ofile" - else - rm -f "${ofile}T" - { { echo "$as_me:$LINENO: error: unable to update list of available tagged configurations." >&5 -echo "$as_me: error: unable to update list of available tagged configurations." >&2;} - { (exit 1); exit 1; }; } - fi -fi - - - -# This can be used to rebuild libtool when needed -LIBTOOL_DEPS="$ac_aux_dir/ltmain.sh" - -# Always use our own libtool. -LIBTOOL='$(SHELL) $(top_builddir)/libtool' - -# Prevent multiple expansion - - - - - - - - - - - - - - - - - - - - - - if test "$enable_shared" = "yes"; then - ENABLE_SHARED_TRUE= - ENABLE_SHARED_FALSE='#' -else - ENABLE_SHARED_TRUE='#' - ENABLE_SHARED_FALSE= -fi - - -{ echo "$as_me:$LINENO: checking for ld --version-script" >&5 -echo $ECHO_N "checking for ld --version-script... $ECHO_C" >&6; } -if test "${rk_cv_version_script+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - - rk_cv_version_script=no - - cat > conftest.map < conftest.c <&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; - then - rk_cv_version_script=yes - fi -rm -f conftest* - -fi -{ echo "$as_me:$LINENO: result: $rk_cv_version_script" >&5 -echo "${ECHO_T}$rk_cv_version_script" >&6; } - -if test $rk_cv_version_script = yes ; then - doversioning=yes - LDFLAGS_VERSION_SCRIPT="-Wl,--version-script," -else - doversioning=no - LDFLAGS_VERSION_SCRIPT= -fi - - - if test $doversioning = yes; then - versionscript_TRUE= - versionscript_FALSE='#' -else - versionscript_TRUE='#' - versionscript_FALSE= -fi - - - - - - - -# Check whether --with-openldap was given. -if test "${with_openldap+set}" = set; then - withval=$with_openldap; -fi - - -# Check whether --with-openldap-lib was given. -if test "${with_openldap_lib+set}" = set; then - withval=$with_openldap_lib; if test "$withval" = "yes" -o "$withval" = "no"; then - { { echo "$as_me:$LINENO: error: No argument for --with-openldap-lib" >&5 -echo "$as_me: error: No argument for --with-openldap-lib" >&2;} - { (exit 1); exit 1; }; } -elif test "X$with_openldap" = "X"; then - with_openldap=yes -fi -fi - - -# Check whether --with-openldap-include was given. -if test "${with_openldap_include+set}" = set; then - withval=$with_openldap_include; if test "$withval" = "yes" -o "$withval" = "no"; then - { { echo "$as_me:$LINENO: error: No argument for --with-openldap-include" >&5 -echo "$as_me: error: No argument for --with-openldap-include" >&2;} - { (exit 1); exit 1; }; } -elif test "X$with_openldap" = "X"; then - with_openldap=yes -fi -fi - - -# Check whether --with-openldap-config was given. -if test "${with_openldap_config+set}" = set; then - withval=$with_openldap_config; -fi - - - - -{ echo "$as_me:$LINENO: checking for openldap" >&5 -echo $ECHO_N "checking for openldap... $ECHO_C" >&6; } - -case "$with_openldap" in -yes|"") d='' ;; -no) d= ;; -*) d="$with_openldap" ;; -esac - -header_dirs= -lib_dirs= -for i in $d; do - if test "$with_openldap_include" = ""; then - if test -d "$i/include/openldap"; then - header_dirs="$header_dirs $i/include/openldap" - fi - if test -d "$i/include"; then - header_dirs="$header_dirs $i/include" - fi - fi - if test "$with_openldap_lib" = ""; then - if test -d "$i/lib$abilibdirext"; then - lib_dirs="$lib_dirs $i/lib$abilibdirext" - fi - fi -done - -if test "$with_openldap_include"; then - header_dirs="$with_openldap_include $header_dirs" -fi -if test "$with_openldap_lib"; then - lib_dirs="$with_openldap_lib $lib_dirs" -fi - -if test "$with_openldap_config" = ""; then - with_openldap_config='' -fi - -openldap_cflags= -openldap_libs= - -case "$with_openldap_config" in -yes|no|""|"") - if test -f $with_openldap/bin/ ; then - with_openldap_config=$with_openldap/bin/ - fi - ;; -esac - -case "$with_openldap_config" in -yes|no|"") - ;; -*) - openldap_cflags="`$with_openldap_config --cflags 2>&1`" - openldap_libs="`$with_openldap_config --libs 2>&1`" - ;; -esac - -found=no -if test "$with_openldap" != no; then - save_CFLAGS="$CFLAGS" - save_LIBS="$LIBS" - if test "$openldap_cflags" -a "$openldap_libs"; then - CFLAGS="$openldap_cflags $save_CFLAGS" - LIBS="$openldap_libs $save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - - INCLUDE_openldap="$openldap_cflags" - LIB_openldap="$openldap_libs" - { echo "$as_me:$LINENO: result: from $with_openldap_config" >&5 -echo "${ECHO_T}from $with_openldap_config" >&6; } - found=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - fi - if test "$found" = no; then - ires= lres= - for i in $header_dirs; do - CFLAGS="-I$i $save_CFLAGS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ires=$i;break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - done - for i in $lib_dirs; do - LIBS="-L$i -lldap -llber $save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - lres=$i;break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - if test "$ires" -a "$lres" -a "$with_openldap" != "no"; then - INCLUDE_openldap="-I$ires" - LIB_openldap="-L$lres -lldap -llber " - found=yes - { echo "$as_me:$LINENO: result: headers $ires, libraries $lres" >&5 -echo "${ECHO_T}headers $ires, libraries $lres" >&6; } - fi - fi - CFLAGS="$save_CFLAGS" - LIBS="$save_LIBS" -fi - -if test "$found" = yes; then - -cat >>confdefs.h <<_ACEOF -#define OPENLDAP 1 -_ACEOF - - with_openldap=yes -else - with_openldap=no - INCLUDE_openldap= - LIB_openldap= - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - - - -# Check whether --enable-hdb-openldap-module was given. -if test "${enable_hdb_openldap_module+set}" = set; then - enableval=$enable_hdb_openldap_module; -fi - -if test "$enable_hdb_openldap_module" = yes -a "$with_openldap" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define OPENLDAP_MODULE 1 -_ACEOF - -fi - if test "$enable_hdb_openldap_module" = yes -a "$with_openldap" = yes; then - OPENLDAP_MODULE_TRUE= - OPENLDAP_MODULE_FALSE='#' -else - OPENLDAP_MODULE_TRUE='#' - OPENLDAP_MODULE_FALSE= -fi - - -# Check whether --enable-pk-init was given. -if test "${enable_pk_init+set}" = set; then - enableval=$enable_pk_init; -fi - -if test "$enable_pk_init" != no ;then - -cat >>confdefs.h <<\_ACEOF -#define PKINIT 1 -_ACEOF - -fi - if test "$enable_pk_init" != no; then - PKINIT_TRUE= - PKINIT_FALSE='#' -else - PKINIT_TRUE='#' - PKINIT_FALSE= -fi - - - - -# Check whether --with-hdbdir was given. -if test "${with_hdbdir+set}" = set; then - withval=$with_hdbdir; -else - with_hdbdir=/var/heimdal -fi - -DIR_hdbdir="$with_hdbdir" - - - -with_krb4=no - - - if false; then - KRB4_TRUE= - KRB4_FALSE='#' -else - KRB4_TRUE='#' - KRB4_FALSE= -fi - - - if true; then - KRB5_TRUE= - KRB5_FALSE='#' -else - KRB5_TRUE='#' - KRB5_FALSE= -fi - - if true; then - do_roken_rename_TRUE= - do_roken_rename_FALSE='#' -else - do_roken_rename_TRUE='#' - do_roken_rename_FALSE= -fi - - - -cat >>confdefs.h <<\_ACEOF -#define KRB5 1 -_ACEOF - - -crypto_lib=unknown - - -# Check whether --with-openssl was given. -if test "${with_openssl+set}" = set; then - withval=$with_openssl; -fi - - - -# Check whether --with-openssl-lib was given. -if test "${with_openssl_lib+set}" = set; then - withval=$with_openssl_lib; if test "$withval" = "yes" -o "$withval" = "no"; then - { { echo "$as_me:$LINENO: error: No argument for --with-openssl-lib" >&5 -echo "$as_me: error: No argument for --with-openssl-lib" >&2;} - { (exit 1); exit 1; }; } -elif test "X$with_openssl" = "X"; then - with_openssl=yes -fi -fi - - - -# Check whether --with-openssl-include was given. -if test "${with_openssl_include+set}" = set; then - withval=$with_openssl_include; if test "$withval" = "yes" -o "$withval" = "no"; then - { { echo "$as_me:$LINENO: error: No argument for --with-openssl-include" >&5 -echo "$as_me: error: No argument for --with-openssl-include" >&2;} - { (exit 1); exit 1; }; } -elif test "X$with_openssl" = "X"; then - with_openssl=yes -fi -fi - - -case "$with_openssl" in -yes) ;; -no) ;; -"") ;; -*) if test "$with_openssl_include" = ""; then - with_openssl_include="$with_openssl/include" - fi - if test "$with_openssl_lib" = ""; then - with_openssl_lib="$with_openssl/lib$abilibdirext" - fi - ;; -esac - - -DIR_hcrypto= - -{ echo "$as_me:$LINENO: checking for crypto library" >&5 -echo $ECHO_N "checking for crypto library... $ECHO_C" >&6; } - -openssl=no - -if test "$crypto_lib" = "unknown" -a "$with_krb4" != "no"; then - save_CPPFLAGS="$CPPFLAGS" - save_LIBS="$LIBS" - - cdirs= clibs= - for i in $LIB_krb4; do - case "$i" in - -L*) cdirs="$cdirs $i";; - -l*) clibs="$clibs $i";; - esac - done - - ires= - for i in $INCLUDE_krb4; do - CFLAGS="-DHAVE_OPENSSL $i $save_CFLAGS" - for j in $cdirs; do - for k in $clibs; do - LIBS="$j $k $save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - - #undef KRB5 /* makes md4.h et al unhappy */ - #ifdef HAVE_OPENSSL - #ifdef HAVE_SYS_TYPES_H - #include - #endif - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #else - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #endif - -int -main () -{ - - void *schedule = 0; - MD4_CTX md4; - MD5_CTX md5; - SHA_CTX sha1; - SHA256_CTX sha256; - - MD4_Init(&md4); - MD5_Init(&md5); - SHA1_Init(&sha1); - SHA256_Init(&sha256); - EVP_CIPHER_iv_length(((EVP_CIPHER*)0)); - #ifdef HAVE_OPENSSL - RAND_status(); - UI_UTIL_read_pw_string(0,0,0,0); - #endif - - OpenSSL_add_all_algorithms(); - AES_encrypt(0,0,0); - DES_cbc_encrypt(0, 0, 0, schedule, 0, 0); - RC4(0, 0, 0, 0); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - openssl=yes ires="$i" lres="$j $k"; break 3 -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - done - CFLAGS="$i $save_CFLAGS" - for j in $cdirs; do - for k in $clibs; do - LIBS="$j $k $save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - - #undef KRB5 /* makes md4.h et al unhappy */ - #ifdef HAVE_OPENSSL - #ifdef HAVE_SYS_TYPES_H - #include - #endif - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #else - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #endif - -int -main () -{ - - void *schedule = 0; - MD4_CTX md4; - MD5_CTX md5; - SHA_CTX sha1; - SHA256_CTX sha256; - - MD4_Init(&md4); - MD5_Init(&md5); - SHA1_Init(&sha1); - SHA256_Init(&sha256); - EVP_CIPHER_iv_length(((EVP_CIPHER*)0)); - #ifdef HAVE_OPENSSL - RAND_status(); - UI_UTIL_read_pw_string(0,0,0,0); - #endif - - OpenSSL_add_all_algorithms(); - AES_encrypt(0,0,0); - DES_cbc_encrypt(0, 0, 0, schedule, 0, 0); - RC4(0, 0, 0, 0); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - openssl=no ires="$i" lres="$j $k"; break 3 -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - done - done - - CFLAGS="$save_CFLAGS" - LIBS="$save_LIBS" - if test "$ires" -a "$lres"; then - INCLUDE_hcrypto="$ires" - LIB_hcrypto="$lres" - crypto_lib=krb4 - { echo "$as_me:$LINENO: result: same as krb4" >&5 -echo "${ECHO_T}same as krb4" >&6; } - LIB_hcrypto_a='$(LIB_hcrypto)' - LIB_hcrypto_so='$(LIB_hcrypto)' - LIB_hcrypto_appl='$(LIB_hcrypto)' - fi -fi - -if test "$crypto_lib" = "unknown" -a "$with_openssl" != "no"; then - save_CFLAGS="$CFLAGS" - save_LIBS="$LIBS" - INCLUDE_hcrypto= - LIB_hcrypto= - if test "$with_openssl_include" != ""; then - INCLUDE_hcrypto="-I${with_openssl_include}" - fi - if test "$with_openssl_lib" != ""; then - LIB_hcrypto="-L${with_openssl_lib}" - fi - CFLAGS="-DHAVE_OPENSSL ${INCLUDE_hcrypto} ${CFLAGS}" - saved_LIB_hcrypto="$LIB_hcrypto" - for lres in "" "-ldl" "-lnsl -lsocket" "-lnsl -lsocket -ldl"; do - LIB_hcrypto="${saved_LIB_hcrypto} -lcrypto $lres" - LIB_hcrypto_a="$LIB_hcrypto" - LIB_hcrypto_so="$LIB_hcrypto" - LIB_hcrypto_appl="$LIB_hcrypto" - LIBS="${LIBS} ${LIB_hcrypto}" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - - #undef KRB5 /* makes md4.h et al unhappy */ - #ifdef HAVE_OPENSSL - #ifdef HAVE_SYS_TYPES_H - #include - #endif - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #else - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #endif - -int -main () -{ - - void *schedule = 0; - MD4_CTX md4; - MD5_CTX md5; - SHA_CTX sha1; - SHA256_CTX sha256; - - MD4_Init(&md4); - MD5_Init(&md5); - SHA1_Init(&sha1); - SHA256_Init(&sha256); - EVP_CIPHER_iv_length(((EVP_CIPHER*)0)); - #ifdef HAVE_OPENSSL - RAND_status(); - UI_UTIL_read_pw_string(0,0,0,0); - #endif - - OpenSSL_add_all_algorithms(); - AES_encrypt(0,0,0); - DES_cbc_encrypt(0, 0, 0, schedule, 0, 0); - RC4(0, 0, 0, 0); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - - crypto_lib=libcrypto openssl=yes - { echo "$as_me:$LINENO: result: libcrypto" >&5 -echo "${ECHO_T}libcrypto" >&6; } - -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - if test "$crypto_lib" = libcrypto ; then - break; - fi - done - CFLAGS="$save_CFLAGS" - LIBS="$save_LIBS" -fi - -if test "$crypto_lib" = "unknown"; then - - DIR_hcrypto='hcrypto' - LIB_hcrypto='$(top_builddir)/lib/hcrypto/libhcrypto.la' - LIB_hcrypto_a='$(top_builddir)/lib/hcrypto/.libs/libhcrypto.a' - LIB_hcrypto_so='$(top_builddir)/lib/hcrypto/.libs/libhcrypto.so' - LIB_hcrypto_appl="-lhcrypto" - - { echo "$as_me:$LINENO: result: included libhcrypto" >&5 -echo "${ECHO_T}included libhcrypto" >&6; } - -fi - -if test "$with_krb4" != no -a "$crypto_lib" != krb4; then - { { echo "$as_me:$LINENO: error: the crypto library used by krb4 lacks features -required by Kerberos 5; to continue, you need to install a newer -Kerberos 4 or configure --without-krb4" >&5 -echo "$as_me: error: the crypto library used by krb4 lacks features -required by Kerberos 5; to continue, you need to install a newer -Kerberos 4 or configure --without-krb4" >&2;} - { (exit 1); exit 1; }; } -fi - -if test "$openssl" = "yes"; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_OPENSSL 1 -_ACEOF - -fi - if test "$openssl" = yes; then - HAVE_OPENSSL_TRUE= - HAVE_OPENSSL_FALSE='#' -else - HAVE_OPENSSL_TRUE='#' - HAVE_OPENSSL_FALSE= -fi - - - - - - - - - - -{ echo "$as_me:$LINENO: checking if compiling threadsafe libraries" >&5 -echo $ECHO_N "checking if compiling threadsafe libraries... $ECHO_C" >&6; } - -# Check whether --enable-pthread-support was given. -if test "${enable_pthread_support+set}" = set; then - enableval=$enable_pthread_support; -else - enable_pthread_support=maybe -fi - - -case "$host" in -*-*-solaris2*) - native_pthread_support=yes - if test "$GCC" = yes; then - PTHREADS_CFLAGS=-pthreads - PTHREADS_LIBS=-pthreads - else - PTHREADS_CFLAGS=-mt - PTHREADS_LIBS=-mt - fi - ;; -*-*-netbsd*) - native_pthread_support="if running netbsd 1.6T or newer" - PTHREADS_LIBS="" - ;; -*-*-freebsd5*) - native_pthread_support=yes - ;; -*-*-linux* | *-*-linux-gnu) - case `uname -r` in - 2.*) - native_pthread_support=yes - PTHREADS_CFLAGS=-pthread - PTHREADS_LIBS=-pthread - ;; - esac - ;; -*-*-aix*) - native_pthread_support=no - ;; -mips-sgi-irix6.[5-9]) # maybe works for earlier versions too - native_pthread_support=yes - PTHREADS_LIBS="-lpthread" - ;; -*-*-darwin*) - native_pthread_support=yes - ;; -*) - native_pthread_support=no - ;; -esac - -if test "$enable_pthread_support" = maybe ; then - enable_pthread_support="$native_pthread_support" -fi - -if test "$enable_pthread_support" != no; then - -cat >>confdefs.h <<\_ACEOF -#define ENABLE_PTHREAD_SUPPORT 1 -_ACEOF - - LIBS="$PTHREADS_LIBS $LIBS" -else - PTHREADS_CFLAGS="" - PTHREADS_LIBS="" -fi - - - - -{ echo "$as_me:$LINENO: result: $enable_pthread_support" >&5 -echo "${ECHO_T}$enable_pthread_support" >&6; } - - -# Check whether --enable-dce was given. -if test "${enable_dce+set}" = set; then - enableval=$enable_dce; -fi - -if test "$enable_dce" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define DCE 1 -_ACEOF - -fi - if test "$enable_dce" = yes; then - DCE_TRUE= - DCE_FALSE='#' -else - DCE_TRUE='#' - DCE_FALSE= -fi - - -## XXX quite horrible: -if test -f /etc/ibmcxx.cfg; then - dpagaix_ldadd=`sed -n '/^xlc_r4/,/^$/p' /etc/ibmcxx.cfg | sed -n -e '/libraries/{;s/^[^=]*=\(.*\)/\1/;s/,/ /gp;}'` - dpagaix_cflags=`sed -n '/^xlc_r4/,/^$/p' /etc/ibmcxx.cfg | sed -n -e '/options/{;s/^[^=]*=\(.*\)/\1/;s/-q^,*//;s/,/ /gp;}'` - dpagaix_ldflags= -else - dpagaix_cflags="-D_THREAD_SAFE -D_AIX_PTHREADS_D7 -D_AIX32_THREADS=1 -D_AES_SOURCE -D_AIX41 -I/usr/include/dce" - dpagaix_ldadd="-L/usr/lib/threads -ldcelibc_r -ldcepthreads -lpthreads_compat lpthreads -lc_r" - dpagaix_ldflags="-Wl,-bI:dfspag.exp" -fi - - - - -# Check whether --enable-afs-support was given. -if test "${enable_afs_support+set}" = set; then - enableval=$enable_afs_support; -fi - -if test "$enable_afs_support" = no; then - -cat >>confdefs.h <<\_ACEOF -#define NO_AFS 1 -_ACEOF - -fi - - -# Check whether --enable-berkeley-db was given. -if test "${enable_berkeley_db+set}" = set; then - enableval=$enable_berkeley_db; - -fi - - -# Check whether --enable-ndbm-db was given. -if test "${enable_ndbm_db+set}" = set; then - enableval=$enable_ndbm_db; - -fi - - -have_ndbm=no -db_type=unknown - -if test "$enable_berkeley_db" != no; then - - - - - -for ac_header in \ - db4/db.h \ - db3/db.h \ - db.h \ - db_185.h \ - -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - - - - -{ echo "$as_me:$LINENO: checking for db_create" >&5 -echo $ECHO_N "checking for db_create... $ECHO_C" >&6; } -if test "${ac_cv_funclib_db_create+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_db_create\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" db4 db3 db; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - - #include - #ifdef HAVE_DB4_DB_H - #include - #elif defined(HAVE_DB3_DB_H) - #include - #else - #include - #endif - -int -main () -{ -db_create(NULL, NULL, 0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_db_create=$ac_lib; else ac_cv_funclib_db_create=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_db_create=\${ac_cv_funclib_db_create-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_db_create" - -if false; then - -for ac_func in db_create -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# db_create -eval "ac_tr_func=HAVE_`echo db_create | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_db_create=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_db_create=yes" - eval "LIB_db_create=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_db_create=no" - eval "LIB_db_create=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_db_create=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - - - if test "$ac_cv_func_db_create" = "yes"; then - db_type=db3 - if test "$ac_cv_funclib_db_create" != "yes"; then - DBLIB="$ac_cv_funclib_db_create" - else - DBLIB="" - fi - -cat >>confdefs.h <<\_ACEOF -#define HAVE_DB3 1 -_ACEOF - - else - - - - - -{ echo "$as_me:$LINENO: checking for dbopen" >&5 -echo $ECHO_N "checking for dbopen... $ECHO_C" >&6; } -if test "${ac_cv_funclib_dbopen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_dbopen\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" db2 db; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - - #include - #if defined(HAVE_DB2_DB_H) - #include - #elif defined(HAVE_DB_185_H) - #include - #elif defined(HAVE_DB_H) - #include - #else - #error no db.h - #endif - -int -main () -{ -dbopen(NULL, 0, 0, 0, NULL) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_dbopen=$ac_lib; else ac_cv_funclib_dbopen=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_dbopen=\${ac_cv_funclib_dbopen-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_dbopen" - -if false; then - -for ac_func in dbopen -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# dbopen -eval "ac_tr_func=HAVE_`echo dbopen | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_dbopen=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_dbopen=yes" - eval "LIB_dbopen=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_dbopen=no" - eval "LIB_dbopen=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_dbopen=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - - - if test "$ac_cv_func_dbopen" = "yes"; then - db_type=db1 - if test "$ac_cv_funclib_dbopen" != "yes"; then - DBLIB="$ac_cv_funclib_dbopen" - else - DBLIB="" - fi - -cat >>confdefs.h <<\_ACEOF -#define HAVE_DB1 1 -_ACEOF - - fi - fi - - - if test "$ac_cv_func_dbm_firstkey" != yes; then - - -{ echo "$as_me:$LINENO: checking for dbm_firstkey" >&5 -echo $ECHO_N "checking for dbm_firstkey... $ECHO_C" >&6; } -if test "${ac_cv_funclib_dbm_firstkey+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_dbm_firstkey\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in $ac_cv_funclib_dbopen $ac_cv_funclib_db_create; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - - #include - #define DB_DBM_HSEARCH 1 - #include - DBM *dbm; - -int -main () -{ -dbm_firstkey(NULL) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_dbm_firstkey=$ac_lib; else ac_cv_funclib_dbm_firstkey=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_dbm_firstkey=\${ac_cv_funclib_dbm_firstkey-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_dbm_firstkey" - -if false; then - -for ac_func in dbm_firstkey -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# dbm_firstkey -eval "ac_tr_func=HAVE_`echo dbm_firstkey | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_dbm_firstkey=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_dbm_firstkey=yes" - eval "LIB_dbm_firstkey=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_dbm_firstkey=no" - eval "LIB_dbm_firstkey=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_dbm_firstkey=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - - - if test "$ac_cv_func_dbm_firstkey" = "yes"; then - if test "$ac_cv_funclib_dbm_firstkey" != "yes"; then - LIB_NDBM="$ac_cv_funclib_dbm_firstkey" - else - LIB_NDBM="" - fi - -cat >>confdefs.h <<\_ACEOF -#define HAVE_DB_NDBM 1 -_ACEOF - - -cat >>confdefs.h <<\_ACEOF -#define HAVE_NEW_DB 1 -_ACEOF - - else - $as_unset ac_cv_func_dbm_firstkey - $as_unset ac_cv_funclib_dbm_firstkey - fi - fi - -fi # berkeley db - -if test "$enable_ndbm_db" != "no"; then - - if test "$db_type" = "unknown" -o "$ac_cv_func_dbm_firstkey" = ""; then - - - -for ac_header in \ - dbm.h \ - ndbm.h \ - -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - - - -{ echo "$as_me:$LINENO: checking for dbm_firstkey" >&5 -echo $ECHO_N "checking for dbm_firstkey... $ECHO_C" >&6; } -if test "${ac_cv_funclib_dbm_firstkey+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_dbm_firstkey\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" ndbm; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - - #include - #if defined(HAVE_NDBM_H) - #include - #elif defined(HAVE_DBM_H) - #include - #endif - DBM *dbm; - -int -main () -{ -dbm_firstkey(NULL) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_dbm_firstkey=$ac_lib; else ac_cv_funclib_dbm_firstkey=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_dbm_firstkey=\${ac_cv_funclib_dbm_firstkey-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_dbm_firstkey" - -if false; then - -for ac_func in dbm_firstkey -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# dbm_firstkey -eval "ac_tr_func=HAVE_`echo dbm_firstkey | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_dbm_firstkey=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_dbm_firstkey=yes" - eval "LIB_dbm_firstkey=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_dbm_firstkey=no" - eval "LIB_dbm_firstkey=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_dbm_firstkey=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - - - if test "$ac_cv_func_dbm_firstkey" = "yes"; then - if test "$ac_cv_funclib_dbm_firstkey" != "yes"; then - LIB_NDBM="$ac_cv_funclib_dbm_firstkey" - else - LIB_NDBM="" - fi - -cat >>confdefs.h <<\_ACEOF -#define HAVE_NDBM 1 -_ACEOF - have_ndbm=yes - if test "$db_type" = "unknown"; then - db_type=ndbm - DBLIB="$LIB_NDBM" - fi - else - - $as_unset ac_cv_func_dbm_firstkey - $as_unset ac_cv_funclib_dbm_firstkey - - -for ac_header in \ - gdbm/ndbm.h \ - -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - - - -{ echo "$as_me:$LINENO: checking for dbm_firstkey" >&5 -echo $ECHO_N "checking for dbm_firstkey... $ECHO_C" >&6; } -if test "${ac_cv_funclib_dbm_firstkey+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_dbm_firstkey\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" gdbm; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - - #include - #include - DBM *dbm; - -int -main () -{ -dbm_firstkey(NULL) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_dbm_firstkey=$ac_lib; else ac_cv_funclib_dbm_firstkey=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_dbm_firstkey=\${ac_cv_funclib_dbm_firstkey-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_dbm_firstkey" - -if false; then - -for ac_func in dbm_firstkey -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# dbm_firstkey -eval "ac_tr_func=HAVE_`echo dbm_firstkey | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_dbm_firstkey=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_dbm_firstkey=yes" - eval "LIB_dbm_firstkey=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_dbm_firstkey=no" - eval "LIB_dbm_firstkey=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_dbm_firstkey=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - - - if test "$ac_cv_func_dbm_firstkey" = "yes"; then - if test "$ac_cv_funclib_dbm_firstkey" != "yes"; then - LIB_NDBM="$ac_cv_funclib_dbm_firstkey" - else - LIB_NDBM="" - fi - -cat >>confdefs.h <<\_ACEOF -#define HAVE_NDBM 1 -_ACEOF - have_ndbm=yes - if test "$db_type" = "unknown"; then - db_type=ndbm - DBLIB="$LIB_NDBM" - fi - fi - fi - fi #enable_ndbm_db -fi # unknown - -if test "$have_ndbm" = "yes"; then - { echo "$as_me:$LINENO: checking if ndbm is implemented with db" >&5 -echo $ECHO_N "checking if ndbm is implemented with db... $ECHO_C" >&6; } - if test "$cross_compiling" = yes; then - { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot run test program while cross compiling -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#include -#if defined(HAVE_GDBM_NDBM_H) -#include -#elif defined(HAVE_NDBM_H) -#include -#elif defined(HAVE_DBM_H) -#include -#endif -int main(int argc, char **argv) -{ - DBM *d; - - d = dbm_open("conftest", O_RDWR | O_CREAT, 0666); - if (d == NULL) - return 1; - dbm_close(d); - return 0; -} -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - - if test -f conftest.db; then - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - -cat >>confdefs.h <<\_ACEOF -#define HAVE_NEW_DB 1 -_ACEOF - - else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - fi -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -{ echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi - - -fi - - if test "$db_type" = db1; then - HAVE_DB1_TRUE= - HAVE_DB1_FALSE='#' -else - HAVE_DB1_TRUE='#' - HAVE_DB1_FALSE= -fi - if test "$db_type" = db3; then - HAVE_DB3_TRUE= - HAVE_DB3_FALSE='#' -else - HAVE_DB3_TRUE='#' - HAVE_DB3_FALSE= -fi - if test "$db_type" = ndbm; then - HAVE_NDBM_TRUE= - HAVE_NDBM_FALSE='#' -else - HAVE_NDBM_TRUE='#' - HAVE_NDBM_FALSE= -fi - -## it's probably not correct to include LDFLAGS here, but we might -## need it, for now just add any possible -L -z="" -for i in $LDFLAGS; do - case "$i" in - -L*) z="$z $i";; - esac -done -DBLIB="$z $DBLIB" - - - - - -{ echo "$as_me:$LINENO: checking for inline" >&5 -echo $ECHO_N "checking for inline... $ECHO_C" >&6; } -if test "${ac_cv_c_inline+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_cv_c_inline=no -for ac_kw in inline __inline__ __inline; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifndef __cplusplus -typedef int foo_t; -static $ac_kw foo_t static_foo () {return 0; } -$ac_kw foo_t foo () {return 0; } -#endif - -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_c_inline=$ac_kw -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - test "$ac_cv_c_inline" != no && break -done - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_c_inline" >&5 -echo "${ECHO_T}$ac_cv_c_inline" >&6; } - - -case $ac_cv_c_inline in - inline | yes) ;; - *) - case $ac_cv_c_inline in - no) ac_val=;; - *) ac_val=$ac_cv_c_inline;; - esac - cat >>confdefs.h <<_ACEOF -#ifndef __cplusplus -#define inline $ac_val -#endif -_ACEOF - ;; -esac - -{ echo "$as_me:$LINENO: checking for an ANSI C-conforming const" >&5 -echo $ECHO_N "checking for an ANSI C-conforming const... $ECHO_C" >&6; } -if test "${ac_cv_c_const+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -/* FIXME: Include the comments suggested by Paul. */ -#ifndef __cplusplus - /* Ultrix mips cc rejects this. */ - typedef int charset[2]; - const charset cs; - /* SunOS 4.1.1 cc rejects this. */ - char const *const *pcpcc; - char **ppc; - /* NEC SVR4.0.2 mips cc rejects this. */ - struct point {int x, y;}; - static struct point const zero = {0,0}; - /* AIX XL C 1.02.0.0 rejects this. - It does not let you subtract one const X* pointer from another in - an arm of an if-expression whose if-part is not a constant - expression */ - const char *g = "string"; - pcpcc = &g + (g ? g-g : 0); - /* HPUX 7.0 cc rejects these. */ - ++pcpcc; - ppc = (char**) pcpcc; - pcpcc = (char const *const *) ppc; - { /* SCO 3.2v4 cc rejects this. */ - char *t; - char const *s = 0 ? (char *) 0 : (char const *) 0; - - *t++ = 0; - if (s) return 0; - } - { /* Someone thinks the Sun supposedly-ANSI compiler will reject this. */ - int x[] = {25, 17}; - const int *foo = &x[0]; - ++foo; - } - { /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */ - typedef const int *iptr; - iptr p = 0; - ++p; - } - { /* AIX XL C 1.02.0.0 rejects this saying - "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */ - struct s { int j; const int *ap[3]; }; - struct s *b; b->j = 5; - } - { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ - const int foo = 10; - if (!foo) return 0; - } - return !cs[0] && !zero.x; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_c_const=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_c_const=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_c_const" >&5 -echo "${ECHO_T}$ac_cv_c_const" >&6; } -if test $ac_cv_c_const = no; then - -cat >>confdefs.h <<\_ACEOF -#define const -_ACEOF - -fi - -{ echo "$as_me:$LINENO: checking for size_t" >&5 -echo $ECHO_N "checking for size_t... $ECHO_C" >&6; } -if test "${ac_cv_type_size_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef size_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_size_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_size_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_size_t" >&5 -echo "${ECHO_T}$ac_cv_type_size_t" >&6; } -if test $ac_cv_type_size_t = yes; then - : -else - -cat >>confdefs.h <<_ACEOF -#define size_t unsigned int -_ACEOF - -fi - -{ echo "$as_me:$LINENO: checking for pid_t" >&5 -echo $ECHO_N "checking for pid_t... $ECHO_C" >&6; } -if test "${ac_cv_type_pid_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef pid_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_pid_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_pid_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_pid_t" >&5 -echo "${ECHO_T}$ac_cv_type_pid_t" >&6; } -if test $ac_cv_type_pid_t = yes; then - : -else - -cat >>confdefs.h <<_ACEOF -#define pid_t int -_ACEOF - -fi - -{ echo "$as_me:$LINENO: checking for uid_t in sys/types.h" >&5 -echo $ECHO_N "checking for uid_t in sys/types.h... $ECHO_C" >&6; } -if test "${ac_cv_type_uid_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "uid_t" >/dev/null 2>&1; then - ac_cv_type_uid_t=yes -else - ac_cv_type_uid_t=no -fi -rm -f conftest* - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_uid_t" >&5 -echo "${ECHO_T}$ac_cv_type_uid_t" >&6; } -if test $ac_cv_type_uid_t = no; then - -cat >>confdefs.h <<\_ACEOF -#define uid_t int -_ACEOF - - -cat >>confdefs.h <<\_ACEOF -#define gid_t int -_ACEOF - -fi - - -{ echo "$as_me:$LINENO: checking return type of signal handlers" >&5 -echo $ECHO_N "checking return type of signal handlers... $ECHO_C" >&6; } -if test "${ac_cv_type_signal+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include - -int -main () -{ -return *(signal (0, 0)) (0) == 1; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_signal=int -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_signal=void -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_signal" >&5 -echo "${ECHO_T}$ac_cv_type_signal" >&6; } - -cat >>confdefs.h <<_ACEOF -#define RETSIGTYPE $ac_cv_type_signal -_ACEOF - - -if test "$ac_cv_type_signal" = "void" ; then - -cat >>confdefs.h <<\_ACEOF -#define VOID_RETSIGTYPE 1 -_ACEOF - -fi - - - - -{ echo "$as_me:$LINENO: checking whether time.h and sys/time.h may both be included" >&5 -echo $ECHO_N "checking whether time.h and sys/time.h may both be included... $ECHO_C" >&6; } -if test "${ac_cv_header_time+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -#include - -int -main () -{ -if ((struct tm *) 0) -return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_header_time=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_header_time=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_header_time" >&5 -echo "${ECHO_T}$ac_cv_header_time" >&6; } -if test $ac_cv_header_time = yes; then - -cat >>confdefs.h <<\_ACEOF -#define TIME_WITH_SYS_TIME 1 -_ACEOF - -fi - - - -for ac_header in standards.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - -for i in netinet/ip.h netinet/tcp.h; do - -cv=`echo "$i" | sed 'y%./+-%__p_%'` - -{ echo "$as_me:$LINENO: checking for $i" >&5 -echo $ECHO_N "checking for $i... $ECHO_C" >&6; } -if { as_var=ac_cv_header_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_STANDARDS_H -#include -#endif -#include <$i> - -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - eval "ac_cv_header_$cv=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_header_$cv=no" -fi - -rm -f conftest.err conftest.$ac_ext -fi -ac_res=`eval echo '${'ac_cv_header_$cv'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -ac_res=`eval echo \\$ac_cv_header_$cv` -if test "$ac_res" = yes; then - ac_tr_hdr=HAVE_`echo $i | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` - cat >>confdefs.h <<_ACEOF -#define $ac_tr_hdr 1 -_ACEOF - -fi -done -if false;then - - -for ac_header in netinet/ip.h netinet/tcp.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - -fi - - - - -for ac_func in getlogin setlogin -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -if test "$ac_cv_func_getlogin" = yes; then -{ echo "$as_me:$LINENO: checking if getlogin is posix" >&5 -echo $ECHO_N "checking if getlogin is posix... $ECHO_C" >&6; } -if test "${ac_cv_func_getlogin_posix+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if test "$ac_cv_func_getlogin" = yes -a "$ac_cv_func_setlogin" = yes; then - ac_cv_func_getlogin_posix=no -else - ac_cv_func_getlogin_posix=yes -fi - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getlogin_posix" >&5 -echo "${ECHO_T}$ac_cv_func_getlogin_posix" >&6; } -if test "$ac_cv_func_getlogin_posix" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define POSIX_GETLOGIN 1 -_ACEOF - -fi -fi - - - -for ac_header in stdlib.h unistd.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - -for ac_func in getpagesize -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -{ echo "$as_me:$LINENO: checking for working mmap" >&5 -echo $ECHO_N "checking for working mmap... $ECHO_C" >&6; } -if test "${ac_cv_func_mmap_fixed_mapped+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test "$cross_compiling" = yes; then - ac_cv_func_mmap_fixed_mapped=no -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -/* malloc might have been renamed as rpl_malloc. */ -#undef malloc - -/* Thanks to Mike Haertel and Jim Avera for this test. - Here is a matrix of mmap possibilities: - mmap private not fixed - mmap private fixed at somewhere currently unmapped - mmap private fixed at somewhere already mapped - mmap shared not fixed - mmap shared fixed at somewhere currently unmapped - mmap shared fixed at somewhere already mapped - For private mappings, we should verify that changes cannot be read() - back from the file, nor mmap's back from the file at a different - address. (There have been systems where private was not correctly - implemented like the infamous i386 svr4.0, and systems where the - VM page cache was not coherent with the file system buffer cache - like early versions of FreeBSD and possibly contemporary NetBSD.) - For shared mappings, we should conversely verify that changes get - propagated back to all the places they're supposed to be. - - Grep wants private fixed already mapped. - The main things grep needs to know about mmap are: - * does it exist and is it safe to write into the mmap'd area - * how to use it (BSD variants) */ - -#include -#include - -#if !defined STDC_HEADERS && !defined HAVE_STDLIB_H -char *malloc (); -#endif - -/* This mess was copied from the GNU getpagesize.h. */ -#ifndef HAVE_GETPAGESIZE -/* Assume that all systems that can run configure have sys/param.h. */ -# ifndef HAVE_SYS_PARAM_H -# define HAVE_SYS_PARAM_H 1 -# endif - -# ifdef _SC_PAGESIZE -# define getpagesize() sysconf(_SC_PAGESIZE) -# else /* no _SC_PAGESIZE */ -# ifdef HAVE_SYS_PARAM_H -# include -# ifdef EXEC_PAGESIZE -# define getpagesize() EXEC_PAGESIZE -# else /* no EXEC_PAGESIZE */ -# ifdef NBPG -# define getpagesize() NBPG * CLSIZE -# ifndef CLSIZE -# define CLSIZE 1 -# endif /* no CLSIZE */ -# else /* no NBPG */ -# ifdef NBPC -# define getpagesize() NBPC -# else /* no NBPC */ -# ifdef PAGESIZE -# define getpagesize() PAGESIZE -# endif /* PAGESIZE */ -# endif /* no NBPC */ -# endif /* no NBPG */ -# endif /* no EXEC_PAGESIZE */ -# else /* no HAVE_SYS_PARAM_H */ -# define getpagesize() 8192 /* punt totally */ -# endif /* no HAVE_SYS_PARAM_H */ -# endif /* no _SC_PAGESIZE */ - -#endif /* no HAVE_GETPAGESIZE */ - -int -main () -{ - char *data, *data2, *data3; - int i, pagesize; - int fd; - - pagesize = getpagesize (); - - /* First, make a file with some known garbage in it. */ - data = (char *) malloc (pagesize); - if (!data) - return 1; - for (i = 0; i < pagesize; ++i) - *(data + i) = rand (); - umask (0); - fd = creat ("conftest.mmap", 0600); - if (fd < 0) - return 1; - if (write (fd, data, pagesize) != pagesize) - return 1; - close (fd); - - /* Next, try to mmap the file at a fixed address which already has - something else allocated at it. If we can, also make sure that - we see the same garbage. */ - fd = open ("conftest.mmap", O_RDWR); - if (fd < 0) - return 1; - data2 = (char *) malloc (2 * pagesize); - if (!data2) - return 1; - data2 += (pagesize - ((long int) data2 & (pagesize - 1))) & (pagesize - 1); - if (data2 != mmap (data2, pagesize, PROT_READ | PROT_WRITE, - MAP_PRIVATE | MAP_FIXED, fd, 0L)) - return 1; - for (i = 0; i < pagesize; ++i) - if (*(data + i) != *(data2 + i)) - return 1; - - /* Finally, make sure that changes to the mapped area do not - percolate back to the file as seen by read(). (This is a bug on - some variants of i386 svr4.0.) */ - for (i = 0; i < pagesize; ++i) - *(data2 + i) = *(data2 + i) + 1; - data3 = (char *) malloc (pagesize); - if (!data3) - return 1; - if (read (fd, data3, pagesize) != pagesize) - return 1; - for (i = 0; i < pagesize; ++i) - if (*(data + i) != *(data3 + i)) - return 1; - close (fd); - return 0; -} -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_func_mmap_fixed_mapped=yes -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_func_mmap_fixed_mapped=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi - - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_mmap_fixed_mapped" >&5 -echo "${ECHO_T}$ac_cv_func_mmap_fixed_mapped" >&6; } -if test $ac_cv_func_mmap_fixed_mapped = yes; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_MMAP 1 -_ACEOF - -fi -rm -f conftest.mmap - - -{ echo "$as_me:$LINENO: checking if realloc if broken" >&5 -echo $ECHO_N "checking if realloc if broken... $ECHO_C" >&6; } -if test "${ac_cv_func_realloc_broken+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -ac_cv_func_realloc_broken=no -if test "$cross_compiling" = yes; then - : -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#include - -int main(int argc, char **argv) -{ - return realloc(NULL, 17) == NULL; -} - -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - : -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_func_realloc_broken=yes -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi - - - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_realloc_broken" >&5 -echo "${ECHO_T}$ac_cv_func_realloc_broken" >&6; } -if test "$ac_cv_func_realloc_broken" = yes ; then - -cat >>confdefs.h <<\_ACEOF -#define BROKEN_REALLOC 1 -_ACEOF - -fi - - - - - - - -DIR_roken=roken -LIB_roken='$(top_builddir)/lib/roken/libroken.la' -INCLUDES_roken='-I$(top_builddir)/lib/roken -I$(top_srcdir)/lib/roken' - - - - - - - - - - - - - - - -# Check whether --enable-developer was given. -if test "${enable_developer+set}" = set; then - enableval=$enable_developer; -fi - -if test "X$enable_developer" = Xyes; then - dwflags="-Werror" -fi - -WFLAGS_NOUNUSED="" -WFLAGS_NOIMPLICITINT="" -if test -z "$WFLAGS" -a "$GCC" = "yes"; then - # -Wno-implicit-int for broken X11 headers - # leave these out for now: - # -Wcast-align doesn't work well on alpha osf/1 - # -Wmissing-prototypes -Wpointer-arith -Wbad-function-cast - # -Wmissing-declarations -Wnested-externs - WFLAGS="-Wall -Wmissing-prototypes -Wpointer-arith -Wbad-function-cast -Wmissing-declarations -Wnested-externs $dwflags" - WFLAGS_NOUNUSED="-Wno-unused" - WFLAGS_NOIMPLICITINT="-Wno-implicit-int" -fi - - - - - - - - -cv=`echo "ssize_t" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for ssize_t" >&5 -echo $ECHO_N "checking for ssize_t... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#if STDC_HEADERS -#include -#include -#endif -#include -int -main () -{ -ssize_t foo; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_type_$cv=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } -if test "$ac_foo" = yes; then - ac_tr_hdr=HAVE_`echo ssize_t | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` -if false; then - { echo "$as_me:$LINENO: checking for ssize_t" >&5 -echo $ECHO_N "checking for ssize_t... $ECHO_C" >&6; } -if test "${ac_cv_type_ssize_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef ssize_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_ssize_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_ssize_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_ssize_t" >&5 -echo "${ECHO_T}$ac_cv_type_ssize_t" >&6; } -if test $ac_cv_type_ssize_t = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_SSIZE_T 1 -_ACEOF - - -fi - -fi - -cat >>confdefs.h <<_ACEOF -#define $ac_tr_hdr 1 -_ACEOF - -fi - - - - - -cv=`echo "long long" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for long long" >&5 -echo $ECHO_N "checking for long long... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#if STDC_HEADERS -#include -#include -#endif - -int -main () -{ -long long foo; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_type_$cv=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } -if test "$ac_foo" = yes; then - ac_tr_hdr=HAVE_`echo long long | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` -if false; then - { echo "$as_me:$LINENO: checking for long long" >&5 -echo $ECHO_N "checking for long long... $ECHO_C" >&6; } -if test "${ac_cv_type_long_long+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef long long ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_long_long=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_long_long=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_long_long" >&5 -echo "${ECHO_T}$ac_cv_type_long_long" >&6; } -if test $ac_cv_type_long_long = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_LONG_LONG 1 -_ACEOF - - -fi - -fi - -cat >>confdefs.h <<_ACEOF -#define $ac_tr_hdr 1 -_ACEOF - -fi - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -for ac_header in \ - arpa/inet.h \ - config.h \ - crypt.h \ - dirent.h \ - errno.h \ - err.h \ - fcntl.h \ - fnmatch.h \ - grp.h \ - ifaddrs.h \ - netinet/in.h \ - netinet/in6.h \ - netinet/in_systm.h \ - netinet6/in6.h \ - paths.h \ - poll.h \ - pwd.h \ - rpcsvc/ypclnt.h \ - shadow.h \ - stdint.h \ - sys/bswap.h \ - sys/ioctl.h \ - sys/mman.h \ - sys/param.h \ - sys/resource.h \ - sys/sockio.h \ - sys/stat.h \ - sys/time.h \ - sys/tty.h \ - sys/types.h \ - sys/uio.h \ - sys/utsname.h \ - sys/wait.h \ - syslog.h \ - termios.h \ - unistd.h \ - userconf.h \ - usersec.h \ - util.h \ - -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - - -cv=`echo "uintptr_t" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for uintptr_t" >&5 -echo $ECHO_N "checking for uintptr_t... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#if STDC_HEADERS -#include -#include -#endif -#ifdef HAVE_STDINT_H -#include -#endif -int -main () -{ -uintptr_t foo; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_type_$cv=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } -if test "$ac_foo" = yes; then - ac_tr_hdr=HAVE_`echo uintptr_t | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` -if false; then - { echo "$as_me:$LINENO: checking for uintptr_t" >&5 -echo $ECHO_N "checking for uintptr_t... $ECHO_C" >&6; } -if test "${ac_cv_type_uintptr_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef uintptr_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_uintptr_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_uintptr_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_uintptr_t" >&5 -echo "${ECHO_T}$ac_cv_type_uintptr_t" >&6; } -if test $ac_cv_type_uintptr_t = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_UINTPTR_T 1 -_ACEOF - - -fi - -fi - -cat >>confdefs.h <<_ACEOF -#define $ac_tr_hdr 1 -_ACEOF - -fi - - - -for ac_header in vis.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#ifndef VIS_SP -#error invis -#endif - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - -for ac_header in netdb.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#ifdef HAVE_SYS_TYPES_H -#include -#endif - - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - -for ac_header in sys/socket.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#ifdef HAVE_SYS_TYPES_H -#include -#endif - - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - -for ac_header in net/if.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#if HAVE_SYS_SOCKET_H -#include -#endif - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - -for ac_header in netinet6/in6_var.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#if HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif - - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - -for ac_header in sys/sysctl.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#ifdef HAVE_SYS_PARAM_H -#include -#endif - - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - -for ac_header in sys/proc.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#ifdef HAVE_SYS_PARAM_H -#include -#endif - - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - - - if test "$ac_cv_header_err_h" = yes; then - have_err_h_TRUE= - have_err_h_FALSE='#' -else - have_err_h_TRUE='#' - have_err_h_FALSE= -fi - - if test "$ac_cv_header_ifaddrs_h" = yes; then - have_ifaddrs_h_TRUE= - have_ifaddrs_h_FALSE='#' -else - have_ifaddrs_h_TRUE='#' - have_ifaddrs_h_FALSE= -fi - - if test "$ac_cv_header_vis_h" = yes; then - have_vis_h_TRUE= - have_vis_h_FALSE='#' -else - have_vis_h_TRUE='#' - have_vis_h_FALSE= -fi - - - - - - - -{ echo "$as_me:$LINENO: checking for socket" >&5 -echo $ECHO_N "checking for socket... $ECHO_C" >&6; } -if test "${ac_cv_funclib_socket+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_socket\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" socket; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -socket() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_socket=$ac_lib; else ac_cv_funclib_socket=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_socket=\${ac_cv_funclib_socket-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_socket" - -if false; then - -for ac_func in socket -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# socket -eval "ac_tr_func=HAVE_`echo socket | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_socket=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_socket=yes" - eval "LIB_socket=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_socket=no" - eval "LIB_socket=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_socket=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - -if test -n "$LIB_socket"; then - LIBS="$LIB_socket $LIBS" -fi - - - - - -{ echo "$as_me:$LINENO: checking for gethostbyname" >&5 -echo $ECHO_N "checking for gethostbyname... $ECHO_C" >&6; } -if test "${ac_cv_funclib_gethostbyname+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_gethostbyname\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" nsl; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -gethostbyname() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_gethostbyname=$ac_lib; else ac_cv_funclib_gethostbyname=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_gethostbyname=\${ac_cv_funclib_gethostbyname-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_gethostbyname" - -if false; then - -for ac_func in gethostbyname -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# gethostbyname -eval "ac_tr_func=HAVE_`echo gethostbyname | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_gethostbyname=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_gethostbyname=yes" - eval "LIB_gethostbyname=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_gethostbyname=no" - eval "LIB_gethostbyname=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_gethostbyname=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - -if test -n "$LIB_gethostbyname"; then - LIBS="$LIB_gethostbyname $LIBS" -fi - - - - - -{ echo "$as_me:$LINENO: checking for syslog" >&5 -echo $ECHO_N "checking for syslog... $ECHO_C" >&6; } -if test "${ac_cv_funclib_syslog+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_syslog\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" syslog; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -syslog() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_syslog=$ac_lib; else ac_cv_funclib_syslog=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_syslog=\${ac_cv_funclib_syslog-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_syslog" - -if false; then - -for ac_func in syslog -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# syslog -eval "ac_tr_func=HAVE_`echo syslog | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_syslog=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_syslog=yes" - eval "LIB_syslog=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_syslog=no" - eval "LIB_syslog=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_syslog=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - -if test -n "$LIB_syslog"; then - LIBS="$LIB_syslog $LIBS" -fi - - - - -# Check whether --with-ipv6 was given. -if test "${with_ipv6+set}" = set; then - withval=$with_ipv6; -if test "$withval" = "no"; then - ac_cv_lib_ipv6=no -fi -fi - -save_CFLAGS="${CFLAGS}" -{ echo "$as_me:$LINENO: checking for IPv6 stack type" >&5 -echo $ECHO_N "checking for IPv6 stack type... $ECHO_C" >&6; } -if test "${v6type+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - v6type=unknown -v6lib=none - -for i in v6d toshiba kame inria zeta linux; do - case $i in - v6d) - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#ifdef __V6D__ -yes -#endif -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "yes" >/dev/null 2>&1; then - v6type=$i; v6lib=v6; - v6libdir=/usr/local/v6/lib; - CFLAGS="-I/usr/local/v6/include $CFLAGS" -fi -rm -f conftest* - - ;; - toshiba) - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#ifdef _TOSHIBA_INET6 -yes -#endif -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "yes" >/dev/null 2>&1; then - v6type=$i; v6lib=inet6; - v6libdir=/usr/local/v6/lib; - CFLAGS="-DINET6 $CFLAGS" -fi -rm -f conftest* - - ;; - kame) - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#ifdef __KAME__ -yes -#endif -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "yes" >/dev/null 2>&1; then - v6type=$i; v6lib=inet6; - v6libdir=/usr/local/v6/lib; - CFLAGS="-DINET6 $CFLAGS" -fi -rm -f conftest* - - ;; - inria) - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#ifdef IPV6_INRIA_VERSION -yes -#endif -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "yes" >/dev/null 2>&1; then - v6type=$i; CFLAGS="-DINET6 $CFLAGS" -fi -rm -f conftest* - - ;; - zeta) - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#ifdef _ZETA_MINAMI_INET6 -yes -#endif -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "yes" >/dev/null 2>&1; then - v6type=$i; v6lib=inet6; - v6libdir=/usr/local/v6/lib; - CFLAGS="-DINET6 $CFLAGS" -fi -rm -f conftest* - - ;; - linux) - if test -d /usr/inet6; then - v6type=$i - v6lib=inet6 - v6libdir=/usr/inet6 - CFLAGS="-DINET6 $CFLAGS" - fi - ;; - esac - if test "$v6type" != "unknown"; then - break - fi -done - -if test "$v6lib" != "none"; then - for dir in $v6libdir /usr/local/v6/lib /usr/local/lib; do - if test -d $dir -a -f $dir/lib$v6lib.a; then - LIBS="-L$dir -l$v6lib $LIBS" - break - fi - done -fi - -fi -{ echo "$as_me:$LINENO: result: $v6type" >&5 -echo "${ECHO_T}$v6type" >&6; } - -{ echo "$as_me:$LINENO: checking for IPv6" >&5 -echo $ECHO_N "checking for IPv6... $ECHO_C" >&6; } -if test "${ac_cv_lib_ipv6+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif - -int -main () -{ - - struct sockaddr_in6 sin6; - int s; - - s = socket(AF_INET6, SOCK_DGRAM, 0); - - sin6.sin6_family = AF_INET6; - sin6.sin6_port = htons(17); - sin6.sin6_addr = in6addr_any; - bind(s, (struct sockaddr *)&sin6, sizeof(sin6)); - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_ipv6=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_ipv6=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_ipv6" >&5 -echo "${ECHO_T}$ac_cv_lib_ipv6" >&6; } -if test "$ac_cv_lib_ipv6" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_IPV6 1 -_ACEOF - -else - CFLAGS="${save_CFLAGS}" -fi - -## test for AIX missing in6addr_loopback -if test "$ac_cv_lib_ipv6" = yes; then - { echo "$as_me:$LINENO: checking for in6addr_loopback" >&5 -echo $ECHO_N "checking for in6addr_loopback... $ECHO_C" >&6; } -if test "${ac_cv_var_in6addr_loopback+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -int -main () -{ - -struct sockaddr_in6 sin6; -sin6.sin6_addr = in6addr_loopback; - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_var_in6addr_loopback=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_in6addr_loopback=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_var_in6addr_loopback" >&5 -echo "${ECHO_T}$ac_cv_var_in6addr_loopback" >&6; } - if test "$ac_cv_var_in6addr_loopback" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_IN6ADDR_LOOPBACK 1 -_ACEOF - - fi -fi - - - - - - -{ echo "$as_me:$LINENO: checking for gethostbyname2" >&5 -echo $ECHO_N "checking for gethostbyname2... $ECHO_C" >&6; } -if test "${ac_cv_funclib_gethostbyname2+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_gethostbyname2\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" inet6 ip6; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -gethostbyname2() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_gethostbyname2=$ac_lib; else ac_cv_funclib_gethostbyname2=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_gethostbyname2=\${ac_cv_funclib_gethostbyname2-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_gethostbyname2" - -if false; then - -for ac_func in gethostbyname2 -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# gethostbyname2 -eval "ac_tr_func=HAVE_`echo gethostbyname2 | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_gethostbyname2=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_gethostbyname2=yes" - eval "LIB_gethostbyname2=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_gethostbyname2=no" - eval "LIB_gethostbyname2=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_gethostbyname2=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - -if test -n "$LIB_gethostbyname2"; then - LIBS="$LIB_gethostbyname2 $LIBS" -fi - - - - - -for ac_header in arpa/nameser.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - -for ac_header in resolv.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif - - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - - - - -{ echo "$as_me:$LINENO: checking for res_search" >&5 -echo $ECHO_N "checking for res_search... $ECHO_C" >&6; } -if test "${ac_cv_funclib_res_search+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_res_search\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" resolv; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif - -int -main () -{ -res_search(0,0,0,0,0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_res_search=$ac_lib; else ac_cv_funclib_res_search=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_res_search=\${ac_cv_funclib_res_search-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_res_search" - -if false; then - -for ac_func in res_search -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# res_search -eval "ac_tr_func=HAVE_`echo res_search | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_res_search=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_res_search=yes" - eval "LIB_res_search=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_res_search=no" - eval "LIB_res_search=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_res_search=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - -if test -n "$LIB_res_search"; then - LIBS="$LIB_res_search $LIBS" -fi - - - - - - -{ echo "$as_me:$LINENO: checking for res_nsearch" >&5 -echo $ECHO_N "checking for res_nsearch... $ECHO_C" >&6; } -if test "${ac_cv_funclib_res_nsearch+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_res_nsearch\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" resolv; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif - -int -main () -{ -res_nsearch(0,0,0,0,0,0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_res_nsearch=$ac_lib; else ac_cv_funclib_res_nsearch=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_res_nsearch=\${ac_cv_funclib_res_nsearch-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_res_nsearch" - -if false; then - -for ac_func in res_nsearch -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# res_nsearch -eval "ac_tr_func=HAVE_`echo res_nsearch | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_res_nsearch=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_res_nsearch=yes" - eval "LIB_res_nsearch=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_res_nsearch=no" - eval "LIB_res_nsearch=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_res_nsearch=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - -if test -n "$LIB_res_nsearch"; then - LIBS="$LIB_res_nsearch $LIBS" -fi - - - - - - -{ echo "$as_me:$LINENO: checking for res_ndestroy" >&5 -echo $ECHO_N "checking for res_ndestroy... $ECHO_C" >&6; } -if test "${ac_cv_funclib_res_ndestroy+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_res_ndestroy\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" resolv; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif - -int -main () -{ -res_ndestroy(0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_res_ndestroy=$ac_lib; else ac_cv_funclib_res_ndestroy=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_res_ndestroy=\${ac_cv_funclib_res_ndestroy-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_res_ndestroy" - -if false; then - -for ac_func in res_ndestroy -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# res_ndestroy -eval "ac_tr_func=HAVE_`echo res_ndestroy | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_res_ndestroy=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_res_ndestroy=yes" - eval "LIB_res_ndestroy=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_res_ndestroy=no" - eval "LIB_res_ndestroy=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_res_ndestroy=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - -if test -n "$LIB_res_ndestroy"; then - LIBS="$LIB_res_ndestroy $LIBS" -fi - - - - - - -{ echo "$as_me:$LINENO: checking for dn_expand" >&5 -echo $ECHO_N "checking for dn_expand... $ECHO_C" >&6; } -if test "${ac_cv_funclib_dn_expand+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_dn_expand\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" resolv; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif - -int -main () -{ -dn_expand(0,0,0,0,0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_dn_expand=$ac_lib; else ac_cv_funclib_dn_expand=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_dn_expand=\${ac_cv_funclib_dn_expand-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_dn_expand" - -if false; then - -for ac_func in dn_expand -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# dn_expand -eval "ac_tr_func=HAVE_`echo dn_expand | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_dn_expand=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_dn_expand=yes" - eval "LIB_dn_expand=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_dn_expand=no" - eval "LIB_dn_expand=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_dn_expand=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - -if test -n "$LIB_dn_expand"; then - LIBS="$LIB_dn_expand $LIBS" -fi - - - -{ echo "$as_me:$LINENO: checking for _res" >&5 -echo $ECHO_N "checking for _res... $ECHO_C" >&6; } -if test "${ac_cv_var__res+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - - - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif - void * foo(void) { return &_res; } -int -main () -{ -foo() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_var__res=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var__res=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test "$ac_cv_var__res" != yes ; then -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -extern int _res; -int foo(void) { return _res; } -int -main () -{ -foo() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_var__res=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var__res=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi - -fi - -ac_foo=`eval echo \\$ac_cv_var__res` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } -if test "$ac_foo" = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE__RES 1 -_ACEOF - - { echo "$as_me:$LINENO: checking whether _res is declared" >&5 -echo $ECHO_N "checking whether _res is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl__res+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif - -int -main () -{ -#ifndef _res - (void) _res; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl__res=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl__res=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl__res" >&5 -echo "${ECHO_T}$ac_cv_have_decl__res" >&6; } -if test $ac_cv_have_decl__res = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL__RES 1 -_ACEOF - - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL__RES 0 -_ACEOF - - -fi - - -fi - - - - - -{ echo "$as_me:$LINENO: checking for working snprintf" >&5 -echo $ECHO_N "checking for working snprintf... $ECHO_C" >&6; } -if test "${ac_cv_func_snprintf_working+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_cv_func_snprintf_working=yes -if test "$cross_compiling" = yes; then - : -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#include -int main(int argc, char **argv) -{ - char foo[3]; - snprintf(foo, 2, "12"); - return strcmp(foo, "1") || snprintf(NULL, 0, "%d", 12) != 2; -} -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - : -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_func_snprintf_working=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi - - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_snprintf_working" >&5 -echo "${ECHO_T}$ac_cv_func_snprintf_working" >&6; } - -if test "$ac_cv_func_snprintf_working" = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_SNPRINTF 1 -_ACEOF - -fi -if test "$ac_cv_func_snprintf_working" = yes; then - -if test "$ac_cv_func_snprintf+set" != set -o "$ac_cv_func_snprintf" = yes; then -{ echo "$as_me:$LINENO: checking if snprintf needs a prototype" >&5 -echo $ECHO_N "checking if snprintf needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_snprintf_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -struct foo { int foo; } xx; -extern int snprintf (struct foo*); -int -main () -{ -snprintf(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_snprintf_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_snprintf_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_snprintf_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_snprintf_noproto" >&6; } -if test "$ac_cv_func_snprintf_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_SNPRINTF_PROTO 1 -_ACEOF - -fi -fi - -fi - - -{ echo "$as_me:$LINENO: checking for working vsnprintf" >&5 -echo $ECHO_N "checking for working vsnprintf... $ECHO_C" >&6; } -if test "${ac_cv_func_vsnprintf_working+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_cv_func_vsnprintf_working=yes -if test "$cross_compiling" = yes; then - : -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#include -#include - -int foo(int num, ...) -{ - char bar[3]; - va_list arg; - va_start(arg, num); - vsnprintf(bar, 2, "%s", arg); - va_end(arg); - return strcmp(bar, "1"); -} - -int bar(int num, int len, ...) -{ - int r; - va_list arg; - va_start(arg, len); - r = vsnprintf(NULL, 0, "%s", arg); - va_end(arg); - return r != len; -} - -int main(int argc, char **argv) -{ - return foo(0, "12") || bar(0, 2, "12"); -} -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - : -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_func_vsnprintf_working=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi - - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_vsnprintf_working" >&5 -echo "${ECHO_T}$ac_cv_func_vsnprintf_working" >&6; } - -if test "$ac_cv_func_vsnprintf_working" = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_VSNPRINTF 1 -_ACEOF - -fi -if test "$ac_cv_func_vsnprintf_working" = yes; then - -if test "$ac_cv_func_vsnprintf+set" != set -o "$ac_cv_func_vsnprintf" = yes; then -{ echo "$as_me:$LINENO: checking if vsnprintf needs a prototype" >&5 -echo $ECHO_N "checking if vsnprintf needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_vsnprintf_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -struct foo { int foo; } xx; -extern int vsnprintf (struct foo*); -int -main () -{ -vsnprintf(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_vsnprintf_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_vsnprintf_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_vsnprintf_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_vsnprintf_noproto" >&6; } -if test "$ac_cv_func_vsnprintf_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_VSNPRINTF_PROTO 1 -_ACEOF - -fi -fi - -fi - - - -{ echo "$as_me:$LINENO: checking for working glob" >&5 -echo $ECHO_N "checking for working glob... $ECHO_C" >&6; } -if test "${ac_cv_func_glob_working+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_cv_func_glob_working=yes -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#include -int -main () -{ - -glob(NULL, GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE| -#ifdef GLOB_MAXPATH -GLOB_MAXPATH -#else -GLOB_LIMIT -#endif -, -NULL, NULL); - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_glob_working=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_glob_working" >&5 -echo "${ECHO_T}$ac_cv_func_glob_working" >&6; } - -if test "$ac_cv_func_glob_working" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_GLOB 1 -_ACEOF - -fi -if test "$ac_cv_func_glob_working" = yes; then - -if test "$ac_cv_func_glob+set" != set -o "$ac_cv_func_glob" = yes; then -{ echo "$as_me:$LINENO: checking if glob needs a prototype" >&5 -echo $ECHO_N "checking if glob needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_glob_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -struct foo { int foo; } xx; -extern int glob (struct foo*); -int -main () -{ -glob(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_glob_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_glob_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_glob_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_glob_noproto" >&6; } -if test "$ac_cv_func_glob_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_GLOB_PROTO 1 -_ACEOF - -fi -fi - -fi - -if test "$ac_cv_func_glob_working" != yes; then - case " $LIBOBJS " in - *" glob.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS glob.$ac_objext" - ;; -esac - -fi - if test "$ac_cv_func_glob_working" = yes; then - have_glob_h_TRUE= - have_glob_h_FALSE='#' -else - have_glob_h_TRUE='#' - have_glob_h_FALSE= -fi - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -for ac_func in \ - asnprintf \ - asprintf \ - atexit \ - cgetent \ - getconfattr \ - getprogname \ - getrlimit \ - getspnam \ - initstate \ - issetugid \ - on_exit \ - poll \ - random \ - setprogname \ - setstate \ - strsvis \ - strunvis \ - strvis \ - strvisx \ - svis \ - sysconf \ - sysctl \ - uname \ - unvis \ - vasnprintf \ - vasprintf \ - vis \ - -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - - -if test "$ac_cv_func_cgetent" = no; then - case " $LIBOBJS " in - *" getcap.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS getcap.$ac_objext" - ;; -esac - -fi - if test "$ac_cv_func_cgetent" = yes; then - have_cgetent_TRUE= - have_cgetent_FALSE='#' -else - have_cgetent_TRUE='#' - have_cgetent_FALSE= -fi - - - - - - - - - -{ echo "$as_me:$LINENO: checking for getsockopt" >&5 -echo $ECHO_N "checking for getsockopt... $ECHO_C" >&6; } -if test "${ac_cv_funclib_getsockopt+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_getsockopt\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" ; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -int -main () -{ -getsockopt(0,0,0,0,0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_getsockopt=$ac_lib; else ac_cv_funclib_getsockopt=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_getsockopt=\${ac_cv_funclib_getsockopt-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_getsockopt" - -if false; then - -for ac_func in getsockopt -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# getsockopt -eval "ac_tr_func=HAVE_`echo getsockopt | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_getsockopt=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_getsockopt=yes" - eval "LIB_getsockopt=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_getsockopt=no" - eval "LIB_getsockopt=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_getsockopt=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - - - - -{ echo "$as_me:$LINENO: checking for setsockopt" >&5 -echo $ECHO_N "checking for setsockopt... $ECHO_C" >&6; } -if test "${ac_cv_funclib_setsockopt+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_setsockopt\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" ; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -int -main () -{ -setsockopt(0,0,0,0,0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_setsockopt=$ac_lib; else ac_cv_funclib_setsockopt=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_setsockopt=\${ac_cv_funclib_setsockopt-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_setsockopt" - -if false; then - -for ac_func in setsockopt -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# setsockopt -eval "ac_tr_func=HAVE_`echo setsockopt | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_setsockopt=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_setsockopt=yes" - eval "LIB_setsockopt=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_setsockopt=no" - eval "LIB_setsockopt=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_setsockopt=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - - - - - - -{ echo "$as_me:$LINENO: checking for hstrerror" >&5 -echo $ECHO_N "checking for hstrerror... $ECHO_C" >&6; } -if test "${ac_cv_funclib_hstrerror+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_hstrerror\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" resolv; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_NETDB_H -#include -#endif -int -main () -{ -hstrerror(17) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_hstrerror=$ac_lib; else ac_cv_funclib_hstrerror=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_hstrerror=\${ac_cv_funclib_hstrerror-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_hstrerror" - -if false; then - -for ac_func in hstrerror -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# hstrerror -eval "ac_tr_func=HAVE_`echo hstrerror | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_hstrerror=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_hstrerror=yes" - eval "LIB_hstrerror=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_hstrerror=no" - eval "LIB_hstrerror=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_hstrerror=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - -if test -n "$LIB_hstrerror"; then - LIBS="$LIB_hstrerror $LIBS" -fi - -if eval "test \"$ac_cv_func_hstrerror\" != yes"; then - case " $LIBOBJS " in - *" hstrerror.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS hstrerror.$ac_objext" - ;; -esac - -fi - - -if test "$ac_cv_func_hstrerror+set" != set -o "$ac_cv_func_hstrerror" = yes; then -{ echo "$as_me:$LINENO: checking if hstrerror needs a prototype" >&5 -echo $ECHO_N "checking if hstrerror needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_hstrerror_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_NETDB_H -#include -#endif -struct foo { int foo; } xx; -extern int hstrerror (struct foo*); -int -main () -{ -hstrerror(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_hstrerror_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_hstrerror_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_hstrerror_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_hstrerror_noproto" >&6; } -if test "$ac_cv_func_hstrerror_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_HSTRERROR_PROTO 1 -_ACEOF - -fi -fi - - - -if test "$ac_cv_func_asprintf+set" != set -o "$ac_cv_func_asprintf" = yes; then -{ echo "$as_me:$LINENO: checking if asprintf needs a prototype" >&5 -echo $ECHO_N "checking if asprintf needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_asprintf_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - - #include - #include -struct foo { int foo; } xx; -extern int asprintf (struct foo*); -int -main () -{ -asprintf(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_asprintf_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_asprintf_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_asprintf_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_asprintf_noproto" >&6; } -if test "$ac_cv_func_asprintf_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_ASPRINTF_PROTO 1 -_ACEOF - -fi -fi - -if test "$ac_cv_func_vasprintf+set" != set -o "$ac_cv_func_vasprintf" = yes; then -{ echo "$as_me:$LINENO: checking if vasprintf needs a prototype" >&5 -echo $ECHO_N "checking if vasprintf needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_vasprintf_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - - #include - #include -struct foo { int foo; } xx; -extern int vasprintf (struct foo*); -int -main () -{ -vasprintf(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_vasprintf_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_vasprintf_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_vasprintf_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_vasprintf_noproto" >&6; } -if test "$ac_cv_func_vasprintf_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_VASPRINTF_PROTO 1 -_ACEOF - -fi -fi - -if test "$ac_cv_func_asnprintf+set" != set -o "$ac_cv_func_asnprintf" = yes; then -{ echo "$as_me:$LINENO: checking if asnprintf needs a prototype" >&5 -echo $ECHO_N "checking if asnprintf needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_asnprintf_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - - #include - #include -struct foo { int foo; } xx; -extern int asnprintf (struct foo*); -int -main () -{ -asnprintf(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_asnprintf_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_asnprintf_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_asnprintf_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_asnprintf_noproto" >&6; } -if test "$ac_cv_func_asnprintf_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_ASNPRINTF_PROTO 1 -_ACEOF - -fi -fi - -if test "$ac_cv_func_vasnprintf+set" != set -o "$ac_cv_func_vasnprintf" = yes; then -{ echo "$as_me:$LINENO: checking if vasnprintf needs a prototype" >&5 -echo $ECHO_N "checking if vasnprintf needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_vasnprintf_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - - #include - #include -struct foo { int foo; } xx; -extern int vasnprintf (struct foo*); -int -main () -{ -vasnprintf(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_vasnprintf_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_vasnprintf_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_vasnprintf_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_vasnprintf_noproto" >&6; } -if test "$ac_cv_func_vasnprintf_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_VASNPRINTF_PROTO 1 -_ACEOF - -fi -fi - - - - - -{ echo "$as_me:$LINENO: checking for bswap16" >&5 -echo $ECHO_N "checking for bswap16... $ECHO_C" >&6; } -if test "${ac_cv_funclib_bswap16+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_bswap16\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" ; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_SYS_BSWAP_H -#include -#endif -int -main () -{ -bswap16(0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_bswap16=$ac_lib; else ac_cv_funclib_bswap16=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_bswap16=\${ac_cv_funclib_bswap16-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_bswap16" - -if false; then - -for ac_func in bswap16 -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# bswap16 -eval "ac_tr_func=HAVE_`echo bswap16 | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_bswap16=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_bswap16=yes" - eval "LIB_bswap16=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_bswap16=no" - eval "LIB_bswap16=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_bswap16=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - - - - - -{ echo "$as_me:$LINENO: checking for bswap32" >&5 -echo $ECHO_N "checking for bswap32... $ECHO_C" >&6; } -if test "${ac_cv_funclib_bswap32+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_bswap32\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" ; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_SYS_BSWAP_H -#include -#endif -int -main () -{ -bswap32(0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_bswap32=$ac_lib; else ac_cv_funclib_bswap32=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_bswap32=\${ac_cv_funclib_bswap32-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_bswap32" - -if false; then - -for ac_func in bswap32 -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# bswap32 -eval "ac_tr_func=HAVE_`echo bswap32 | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_bswap32=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_bswap32=yes" - eval "LIB_bswap32=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_bswap32=no" - eval "LIB_bswap32=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_bswap32=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - - - - - -{ echo "$as_me:$LINENO: checking for pidfile" >&5 -echo $ECHO_N "checking for pidfile... $ECHO_C" >&6; } -if test "${ac_cv_funclib_pidfile+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_pidfile\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" util; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_UTIL_H -#include -#endif -int -main () -{ -pidfile(0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_pidfile=$ac_lib; else ac_cv_funclib_pidfile=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_pidfile=\${ac_cv_funclib_pidfile-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_pidfile" - -if false; then - -for ac_func in pidfile -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# pidfile -eval "ac_tr_func=HAVE_`echo pidfile | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_pidfile=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_pidfile=yes" - eval "LIB_pidfile=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_pidfile=no" - eval "LIB_pidfile=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_pidfile=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - - - - - - -{ echo "$as_me:$LINENO: checking for getaddrinfo" >&5 -echo $ECHO_N "checking for getaddrinfo... $ECHO_C" >&6; } -if test "${ac_cv_funclib_getaddrinfo+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_getaddrinfo\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" ; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_NETDB_H -#include -#endif -int -main () -{ -getaddrinfo(0,0,0,0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_getaddrinfo=$ac_lib; else ac_cv_funclib_getaddrinfo=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_getaddrinfo=\${ac_cv_funclib_getaddrinfo-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_getaddrinfo" - -if false; then - -for ac_func in getaddrinfo -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# getaddrinfo -eval "ac_tr_func=HAVE_`echo getaddrinfo | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_getaddrinfo=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_getaddrinfo=yes" - eval "LIB_getaddrinfo=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_getaddrinfo=no" - eval "LIB_getaddrinfo=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_getaddrinfo=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - -if test -n "$LIB_getaddrinfo"; then - LIBS="$LIB_getaddrinfo $LIBS" -fi - -if eval "test \"$ac_cv_func_getaddrinfo\" != yes"; then - case " $LIBOBJS " in - *" getaddrinfo.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS getaddrinfo.$ac_objext" - ;; -esac - -fi - - - - - - -{ echo "$as_me:$LINENO: checking for getnameinfo" >&5 -echo $ECHO_N "checking for getnameinfo... $ECHO_C" >&6; } -if test "${ac_cv_funclib_getnameinfo+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_getnameinfo\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" ; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_NETDB_H -#include -#endif -int -main () -{ -getnameinfo(0,0,0,0,0,0,0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_getnameinfo=$ac_lib; else ac_cv_funclib_getnameinfo=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_getnameinfo=\${ac_cv_funclib_getnameinfo-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_getnameinfo" - -if false; then - -for ac_func in getnameinfo -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# getnameinfo -eval "ac_tr_func=HAVE_`echo getnameinfo | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_getnameinfo=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_getnameinfo=yes" - eval "LIB_getnameinfo=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_getnameinfo=no" - eval "LIB_getnameinfo=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_getnameinfo=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - -if test -n "$LIB_getnameinfo"; then - LIBS="$LIB_getnameinfo $LIBS" -fi - -if eval "test \"$ac_cv_func_getnameinfo\" != yes"; then - case " $LIBOBJS " in - *" getnameinfo.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS getnameinfo.$ac_objext" - ;; -esac - -fi - - - - - - -{ echo "$as_me:$LINENO: checking for freeaddrinfo" >&5 -echo $ECHO_N "checking for freeaddrinfo... $ECHO_C" >&6; } -if test "${ac_cv_funclib_freeaddrinfo+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_freeaddrinfo\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" ; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_NETDB_H -#include -#endif -int -main () -{ -freeaddrinfo(0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_freeaddrinfo=$ac_lib; else ac_cv_funclib_freeaddrinfo=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_freeaddrinfo=\${ac_cv_funclib_freeaddrinfo-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_freeaddrinfo" - -if false; then - -for ac_func in freeaddrinfo -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# freeaddrinfo -eval "ac_tr_func=HAVE_`echo freeaddrinfo | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_freeaddrinfo=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_freeaddrinfo=yes" - eval "LIB_freeaddrinfo=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_freeaddrinfo=no" - eval "LIB_freeaddrinfo=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_freeaddrinfo=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - -if test -n "$LIB_freeaddrinfo"; then - LIBS="$LIB_freeaddrinfo $LIBS" -fi - -if eval "test \"$ac_cv_func_freeaddrinfo\" != yes"; then - case " $LIBOBJS " in - *" freeaddrinfo.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS freeaddrinfo.$ac_objext" - ;; -esac - -fi - - - - - - -{ echo "$as_me:$LINENO: checking for gai_strerror" >&5 -echo $ECHO_N "checking for gai_strerror... $ECHO_C" >&6; } -if test "${ac_cv_funclib_gai_strerror+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_gai_strerror\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" ; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_NETDB_H -#include -#endif -int -main () -{ -gai_strerror(0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_gai_strerror=$ac_lib; else ac_cv_funclib_gai_strerror=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_gai_strerror=\${ac_cv_funclib_gai_strerror-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_gai_strerror" - -if false; then - -for ac_func in gai_strerror -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# gai_strerror -eval "ac_tr_func=HAVE_`echo gai_strerror | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_gai_strerror=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_gai_strerror=yes" - eval "LIB_gai_strerror=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_gai_strerror=no" - eval "LIB_gai_strerror=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_gai_strerror=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - -if test -n "$LIB_gai_strerror"; then - LIBS="$LIB_gai_strerror $LIBS" -fi - -if eval "test \"$ac_cv_func_gai_strerror\" != yes"; then - case " $LIBOBJS " in - *" gai_strerror.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS gai_strerror.$ac_objext" - ;; -esac - -fi - - -{ echo "$as_me:$LINENO: checking for chown" >&5 -echo $ECHO_N "checking for chown... $ECHO_C" >&6; } -if test "${ac_cv_func_chown+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define chown to an innocuous variant, in case declares chown. - For example, HP-UX 11i declares gettimeofday. */ -#define chown innocuous_chown - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char chown (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef chown - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char chown (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_chown || defined __stub___chown -choke me -#endif - -int -main () -{ -return chown (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_chown=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_chown=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_chown" >&5 -echo "${ECHO_T}$ac_cv_func_chown" >&6; } -if test $ac_cv_func_chown = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_CHOWN 1 -_ACEOF - -else - case " $LIBOBJS " in - *" chown.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS chown.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for copyhostent" >&5 -echo $ECHO_N "checking for copyhostent... $ECHO_C" >&6; } -if test "${ac_cv_func_copyhostent+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define copyhostent to an innocuous variant, in case declares copyhostent. - For example, HP-UX 11i declares gettimeofday. */ -#define copyhostent innocuous_copyhostent - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char copyhostent (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef copyhostent - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char copyhostent (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_copyhostent || defined __stub___copyhostent -choke me -#endif - -int -main () -{ -return copyhostent (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_copyhostent=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_copyhostent=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_copyhostent" >&5 -echo "${ECHO_T}$ac_cv_func_copyhostent" >&6; } -if test $ac_cv_func_copyhostent = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_COPYHOSTENT 1 -_ACEOF - -else - case " $LIBOBJS " in - *" copyhostent.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS copyhostent.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for closefrom" >&5 -echo $ECHO_N "checking for closefrom... $ECHO_C" >&6; } -if test "${ac_cv_func_closefrom+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define closefrom to an innocuous variant, in case declares closefrom. - For example, HP-UX 11i declares gettimeofday. */ -#define closefrom innocuous_closefrom - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char closefrom (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef closefrom - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char closefrom (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_closefrom || defined __stub___closefrom -choke me -#endif - -int -main () -{ -return closefrom (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_closefrom=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_closefrom=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_closefrom" >&5 -echo "${ECHO_T}$ac_cv_func_closefrom" >&6; } -if test $ac_cv_func_closefrom = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_CLOSEFROM 1 -_ACEOF - -else - case " $LIBOBJS " in - *" closefrom.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS closefrom.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for daemon" >&5 -echo $ECHO_N "checking for daemon... $ECHO_C" >&6; } -if test "${ac_cv_func_daemon+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define daemon to an innocuous variant, in case declares daemon. - For example, HP-UX 11i declares gettimeofday. */ -#define daemon innocuous_daemon - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char daemon (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef daemon - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char daemon (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_daemon || defined __stub___daemon -choke me -#endif - -int -main () -{ -return daemon (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_daemon=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_daemon=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_daemon" >&5 -echo "${ECHO_T}$ac_cv_func_daemon" >&6; } -if test $ac_cv_func_daemon = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_DAEMON 1 -_ACEOF - -else - case " $LIBOBJS " in - *" daemon.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS daemon.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for ecalloc" >&5 -echo $ECHO_N "checking for ecalloc... $ECHO_C" >&6; } -if test "${ac_cv_func_ecalloc+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define ecalloc to an innocuous variant, in case declares ecalloc. - For example, HP-UX 11i declares gettimeofday. */ -#define ecalloc innocuous_ecalloc - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char ecalloc (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef ecalloc - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char ecalloc (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_ecalloc || defined __stub___ecalloc -choke me -#endif - -int -main () -{ -return ecalloc (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_ecalloc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_ecalloc=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_ecalloc" >&5 -echo "${ECHO_T}$ac_cv_func_ecalloc" >&6; } -if test $ac_cv_func_ecalloc = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_ECALLOC 1 -_ACEOF - -else - case " $LIBOBJS " in - *" ecalloc.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS ecalloc.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for emalloc" >&5 -echo $ECHO_N "checking for emalloc... $ECHO_C" >&6; } -if test "${ac_cv_func_emalloc+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define emalloc to an innocuous variant, in case declares emalloc. - For example, HP-UX 11i declares gettimeofday. */ -#define emalloc innocuous_emalloc - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char emalloc (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef emalloc - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char emalloc (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_emalloc || defined __stub___emalloc -choke me -#endif - -int -main () -{ -return emalloc (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_emalloc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_emalloc=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_emalloc" >&5 -echo "${ECHO_T}$ac_cv_func_emalloc" >&6; } -if test $ac_cv_func_emalloc = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_EMALLOC 1 -_ACEOF - -else - case " $LIBOBJS " in - *" emalloc.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS emalloc.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for erealloc" >&5 -echo $ECHO_N "checking for erealloc... $ECHO_C" >&6; } -if test "${ac_cv_func_erealloc+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define erealloc to an innocuous variant, in case declares erealloc. - For example, HP-UX 11i declares gettimeofday. */ -#define erealloc innocuous_erealloc - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char erealloc (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef erealloc - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char erealloc (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_erealloc || defined __stub___erealloc -choke me -#endif - -int -main () -{ -return erealloc (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_erealloc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_erealloc=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_erealloc" >&5 -echo "${ECHO_T}$ac_cv_func_erealloc" >&6; } -if test $ac_cv_func_erealloc = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_EREALLOC 1 -_ACEOF - -else - case " $LIBOBJS " in - *" erealloc.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS erealloc.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for estrdup" >&5 -echo $ECHO_N "checking for estrdup... $ECHO_C" >&6; } -if test "${ac_cv_func_estrdup+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define estrdup to an innocuous variant, in case declares estrdup. - For example, HP-UX 11i declares gettimeofday. */ -#define estrdup innocuous_estrdup - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char estrdup (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef estrdup - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char estrdup (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_estrdup || defined __stub___estrdup -choke me -#endif - -int -main () -{ -return estrdup (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_estrdup=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_estrdup=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_estrdup" >&5 -echo "${ECHO_T}$ac_cv_func_estrdup" >&6; } -if test $ac_cv_func_estrdup = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_ESTRDUP 1 -_ACEOF - -else - case " $LIBOBJS " in - *" estrdup.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS estrdup.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for err" >&5 -echo $ECHO_N "checking for err... $ECHO_C" >&6; } -if test "${ac_cv_func_err+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define err to an innocuous variant, in case declares err. - For example, HP-UX 11i declares gettimeofday. */ -#define err innocuous_err - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char err (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef err - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char err (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_err || defined __stub___err -choke me -#endif - -int -main () -{ -return err (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_err=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_err=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_err" >&5 -echo "${ECHO_T}$ac_cv_func_err" >&6; } -if test $ac_cv_func_err = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_ERR 1 -_ACEOF - -else - case " $LIBOBJS " in - *" err.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS err.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for errx" >&5 -echo $ECHO_N "checking for errx... $ECHO_C" >&6; } -if test "${ac_cv_func_errx+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define errx to an innocuous variant, in case declares errx. - For example, HP-UX 11i declares gettimeofday. */ -#define errx innocuous_errx - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char errx (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef errx - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char errx (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_errx || defined __stub___errx -choke me -#endif - -int -main () -{ -return errx (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_errx=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_errx=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_errx" >&5 -echo "${ECHO_T}$ac_cv_func_errx" >&6; } -if test $ac_cv_func_errx = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_ERRX 1 -_ACEOF - -else - case " $LIBOBJS " in - *" errx.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS errx.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for fchown" >&5 -echo $ECHO_N "checking for fchown... $ECHO_C" >&6; } -if test "${ac_cv_func_fchown+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define fchown to an innocuous variant, in case declares fchown. - For example, HP-UX 11i declares gettimeofday. */ -#define fchown innocuous_fchown - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char fchown (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef fchown - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char fchown (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_fchown || defined __stub___fchown -choke me -#endif - -int -main () -{ -return fchown (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_fchown=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_fchown=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_fchown" >&5 -echo "${ECHO_T}$ac_cv_func_fchown" >&6; } -if test $ac_cv_func_fchown = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_FCHOWN 1 -_ACEOF - -else - case " $LIBOBJS " in - *" fchown.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS fchown.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for flock" >&5 -echo $ECHO_N "checking for flock... $ECHO_C" >&6; } -if test "${ac_cv_func_flock+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define flock to an innocuous variant, in case declares flock. - For example, HP-UX 11i declares gettimeofday. */ -#define flock innocuous_flock - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char flock (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef flock - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char flock (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_flock || defined __stub___flock -choke me -#endif - -int -main () -{ -return flock (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_flock=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_flock=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_flock" >&5 -echo "${ECHO_T}$ac_cv_func_flock" >&6; } -if test $ac_cv_func_flock = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_FLOCK 1 -_ACEOF - -else - case " $LIBOBJS " in - *" flock.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS flock.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for fnmatch" >&5 -echo $ECHO_N "checking for fnmatch... $ECHO_C" >&6; } -if test "${ac_cv_func_fnmatch+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define fnmatch to an innocuous variant, in case declares fnmatch. - For example, HP-UX 11i declares gettimeofday. */ -#define fnmatch innocuous_fnmatch - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char fnmatch (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef fnmatch - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char fnmatch (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_fnmatch || defined __stub___fnmatch -choke me -#endif - -int -main () -{ -return fnmatch (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_fnmatch=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_fnmatch=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_fnmatch" >&5 -echo "${ECHO_T}$ac_cv_func_fnmatch" >&6; } -if test $ac_cv_func_fnmatch = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_FNMATCH 1 -_ACEOF - -else - case " $LIBOBJS " in - *" fnmatch.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS fnmatch.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for freehostent" >&5 -echo $ECHO_N "checking for freehostent... $ECHO_C" >&6; } -if test "${ac_cv_func_freehostent+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define freehostent to an innocuous variant, in case declares freehostent. - For example, HP-UX 11i declares gettimeofday. */ -#define freehostent innocuous_freehostent - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char freehostent (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef freehostent - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char freehostent (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_freehostent || defined __stub___freehostent -choke me -#endif - -int -main () -{ -return freehostent (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_freehostent=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_freehostent=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_freehostent" >&5 -echo "${ECHO_T}$ac_cv_func_freehostent" >&6; } -if test $ac_cv_func_freehostent = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_FREEHOSTENT 1 -_ACEOF - -else - case " $LIBOBJS " in - *" freehostent.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS freehostent.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for getcwd" >&5 -echo $ECHO_N "checking for getcwd... $ECHO_C" >&6; } -if test "${ac_cv_func_getcwd+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getcwd to an innocuous variant, in case declares getcwd. - For example, HP-UX 11i declares gettimeofday. */ -#define getcwd innocuous_getcwd - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getcwd (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getcwd - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getcwd (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getcwd || defined __stub___getcwd -choke me -#endif - -int -main () -{ -return getcwd (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getcwd=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getcwd=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getcwd" >&5 -echo "${ECHO_T}$ac_cv_func_getcwd" >&6; } -if test $ac_cv_func_getcwd = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_GETCWD 1 -_ACEOF - -else - case " $LIBOBJS " in - *" getcwd.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS getcwd.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for getdtablesize" >&5 -echo $ECHO_N "checking for getdtablesize... $ECHO_C" >&6; } -if test "${ac_cv_func_getdtablesize+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getdtablesize to an innocuous variant, in case declares getdtablesize. - For example, HP-UX 11i declares gettimeofday. */ -#define getdtablesize innocuous_getdtablesize - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getdtablesize (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getdtablesize - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getdtablesize (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getdtablesize || defined __stub___getdtablesize -choke me -#endif - -int -main () -{ -return getdtablesize (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getdtablesize=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getdtablesize=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getdtablesize" >&5 -echo "${ECHO_T}$ac_cv_func_getdtablesize" >&6; } -if test $ac_cv_func_getdtablesize = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_GETDTABLESIZE 1 -_ACEOF - -else - case " $LIBOBJS " in - *" getdtablesize.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS getdtablesize.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for getegid" >&5 -echo $ECHO_N "checking for getegid... $ECHO_C" >&6; } -if test "${ac_cv_func_getegid+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getegid to an innocuous variant, in case declares getegid. - For example, HP-UX 11i declares gettimeofday. */ -#define getegid innocuous_getegid - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getegid (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getegid - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getegid (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getegid || defined __stub___getegid -choke me -#endif - -int -main () -{ -return getegid (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getegid=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getegid=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getegid" >&5 -echo "${ECHO_T}$ac_cv_func_getegid" >&6; } -if test $ac_cv_func_getegid = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_GETEGID 1 -_ACEOF - -else - case " $LIBOBJS " in - *" getegid.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS getegid.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for geteuid" >&5 -echo $ECHO_N "checking for geteuid... $ECHO_C" >&6; } -if test "${ac_cv_func_geteuid+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define geteuid to an innocuous variant, in case declares geteuid. - For example, HP-UX 11i declares gettimeofday. */ -#define geteuid innocuous_geteuid - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char geteuid (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef geteuid - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char geteuid (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_geteuid || defined __stub___geteuid -choke me -#endif - -int -main () -{ -return geteuid (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_geteuid=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_geteuid=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_geteuid" >&5 -echo "${ECHO_T}$ac_cv_func_geteuid" >&6; } -if test $ac_cv_func_geteuid = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_GETEUID 1 -_ACEOF - -else - case " $LIBOBJS " in - *" geteuid.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS geteuid.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for getgid" >&5 -echo $ECHO_N "checking for getgid... $ECHO_C" >&6; } -if test "${ac_cv_func_getgid+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getgid to an innocuous variant, in case declares getgid. - For example, HP-UX 11i declares gettimeofday. */ -#define getgid innocuous_getgid - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getgid (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getgid - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getgid (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getgid || defined __stub___getgid -choke me -#endif - -int -main () -{ -return getgid (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getgid=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getgid=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getgid" >&5 -echo "${ECHO_T}$ac_cv_func_getgid" >&6; } -if test $ac_cv_func_getgid = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_GETGID 1 -_ACEOF - -else - case " $LIBOBJS " in - *" getgid.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS getgid.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for gethostname" >&5 -echo $ECHO_N "checking for gethostname... $ECHO_C" >&6; } -if test "${ac_cv_func_gethostname+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define gethostname to an innocuous variant, in case declares gethostname. - For example, HP-UX 11i declares gettimeofday. */ -#define gethostname innocuous_gethostname - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char gethostname (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef gethostname - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char gethostname (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_gethostname || defined __stub___gethostname -choke me -#endif - -int -main () -{ -return gethostname (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_gethostname=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_gethostname=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_gethostname" >&5 -echo "${ECHO_T}$ac_cv_func_gethostname" >&6; } -if test $ac_cv_func_gethostname = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_GETHOSTNAME 1 -_ACEOF - -else - case " $LIBOBJS " in - *" gethostname.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS gethostname.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for getifaddrs" >&5 -echo $ECHO_N "checking for getifaddrs... $ECHO_C" >&6; } -if test "${ac_cv_func_getifaddrs+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getifaddrs to an innocuous variant, in case declares getifaddrs. - For example, HP-UX 11i declares gettimeofday. */ -#define getifaddrs innocuous_getifaddrs - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getifaddrs (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getifaddrs - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getifaddrs (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getifaddrs || defined __stub___getifaddrs -choke me -#endif - -int -main () -{ -return getifaddrs (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getifaddrs=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getifaddrs=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getifaddrs" >&5 -echo "${ECHO_T}$ac_cv_func_getifaddrs" >&6; } -if test $ac_cv_func_getifaddrs = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_GETIFADDRS 1 -_ACEOF - -else - case " $LIBOBJS " in - *" getifaddrs.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS getifaddrs.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for getipnodebyaddr" >&5 -echo $ECHO_N "checking for getipnodebyaddr... $ECHO_C" >&6; } -if test "${ac_cv_func_getipnodebyaddr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getipnodebyaddr to an innocuous variant, in case declares getipnodebyaddr. - For example, HP-UX 11i declares gettimeofday. */ -#define getipnodebyaddr innocuous_getipnodebyaddr - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getipnodebyaddr (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getipnodebyaddr - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getipnodebyaddr (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getipnodebyaddr || defined __stub___getipnodebyaddr -choke me -#endif - -int -main () -{ -return getipnodebyaddr (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getipnodebyaddr=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getipnodebyaddr=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getipnodebyaddr" >&5 -echo "${ECHO_T}$ac_cv_func_getipnodebyaddr" >&6; } -if test $ac_cv_func_getipnodebyaddr = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_GETIPNODEBYADDR 1 -_ACEOF - -else - case " $LIBOBJS " in - *" getipnodebyaddr.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS getipnodebyaddr.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for getipnodebyname" >&5 -echo $ECHO_N "checking for getipnodebyname... $ECHO_C" >&6; } -if test "${ac_cv_func_getipnodebyname+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getipnodebyname to an innocuous variant, in case declares getipnodebyname. - For example, HP-UX 11i declares gettimeofday. */ -#define getipnodebyname innocuous_getipnodebyname - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getipnodebyname (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getipnodebyname - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getipnodebyname (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getipnodebyname || defined __stub___getipnodebyname -choke me -#endif - -int -main () -{ -return getipnodebyname (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getipnodebyname=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getipnodebyname=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getipnodebyname" >&5 -echo "${ECHO_T}$ac_cv_func_getipnodebyname" >&6; } -if test $ac_cv_func_getipnodebyname = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_GETIPNODEBYNAME 1 -_ACEOF - -else - case " $LIBOBJS " in - *" getipnodebyname.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS getipnodebyname.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for getopt" >&5 -echo $ECHO_N "checking for getopt... $ECHO_C" >&6; } -if test "${ac_cv_func_getopt+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getopt to an innocuous variant, in case declares getopt. - For example, HP-UX 11i declares gettimeofday. */ -#define getopt innocuous_getopt - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getopt (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getopt - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getopt (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getopt || defined __stub___getopt -choke me -#endif - -int -main () -{ -return getopt (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getopt=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getopt=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getopt" >&5 -echo "${ECHO_T}$ac_cv_func_getopt" >&6; } -if test $ac_cv_func_getopt = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_GETOPT 1 -_ACEOF - -else - case " $LIBOBJS " in - *" getopt.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS getopt.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for gettimeofday" >&5 -echo $ECHO_N "checking for gettimeofday... $ECHO_C" >&6; } -if test "${ac_cv_func_gettimeofday+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define gettimeofday to an innocuous variant, in case declares gettimeofday. - For example, HP-UX 11i declares gettimeofday. */ -#define gettimeofday innocuous_gettimeofday - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char gettimeofday (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef gettimeofday - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char gettimeofday (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_gettimeofday || defined __stub___gettimeofday -choke me -#endif - -int -main () -{ -return gettimeofday (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_gettimeofday=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_gettimeofday=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_gettimeofday" >&5 -echo "${ECHO_T}$ac_cv_func_gettimeofday" >&6; } -if test $ac_cv_func_gettimeofday = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_GETTIMEOFDAY 1 -_ACEOF - -else - case " $LIBOBJS " in - *" gettimeofday.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS gettimeofday.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for getuid" >&5 -echo $ECHO_N "checking for getuid... $ECHO_C" >&6; } -if test "${ac_cv_func_getuid+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getuid to an innocuous variant, in case declares getuid. - For example, HP-UX 11i declares gettimeofday. */ -#define getuid innocuous_getuid - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getuid (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getuid - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getuid (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getuid || defined __stub___getuid -choke me -#endif - -int -main () -{ -return getuid (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getuid=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getuid=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getuid" >&5 -echo "${ECHO_T}$ac_cv_func_getuid" >&6; } -if test $ac_cv_func_getuid = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_GETUID 1 -_ACEOF - -else - case " $LIBOBJS " in - *" getuid.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS getuid.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for getusershell" >&5 -echo $ECHO_N "checking for getusershell... $ECHO_C" >&6; } -if test "${ac_cv_func_getusershell+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getusershell to an innocuous variant, in case declares getusershell. - For example, HP-UX 11i declares gettimeofday. */ -#define getusershell innocuous_getusershell - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getusershell (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getusershell - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getusershell (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getusershell || defined __stub___getusershell -choke me -#endif - -int -main () -{ -return getusershell (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getusershell=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getusershell=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getusershell" >&5 -echo "${ECHO_T}$ac_cv_func_getusershell" >&6; } -if test $ac_cv_func_getusershell = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_GETUSERSHELL 1 -_ACEOF - -else - case " $LIBOBJS " in - *" getusershell.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS getusershell.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for initgroups" >&5 -echo $ECHO_N "checking for initgroups... $ECHO_C" >&6; } -if test "${ac_cv_func_initgroups+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define initgroups to an innocuous variant, in case declares initgroups. - For example, HP-UX 11i declares gettimeofday. */ -#define initgroups innocuous_initgroups - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char initgroups (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef initgroups - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char initgroups (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_initgroups || defined __stub___initgroups -choke me -#endif - -int -main () -{ -return initgroups (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_initgroups=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_initgroups=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_initgroups" >&5 -echo "${ECHO_T}$ac_cv_func_initgroups" >&6; } -if test $ac_cv_func_initgroups = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_INITGROUPS 1 -_ACEOF - -else - case " $LIBOBJS " in - *" initgroups.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS initgroups.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for innetgr" >&5 -echo $ECHO_N "checking for innetgr... $ECHO_C" >&6; } -if test "${ac_cv_func_innetgr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define innetgr to an innocuous variant, in case declares innetgr. - For example, HP-UX 11i declares gettimeofday. */ -#define innetgr innocuous_innetgr - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char innetgr (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef innetgr - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char innetgr (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_innetgr || defined __stub___innetgr -choke me -#endif - -int -main () -{ -return innetgr (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_innetgr=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_innetgr=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_innetgr" >&5 -echo "${ECHO_T}$ac_cv_func_innetgr" >&6; } -if test $ac_cv_func_innetgr = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_INNETGR 1 -_ACEOF - -else - case " $LIBOBJS " in - *" innetgr.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS innetgr.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for iruserok" >&5 -echo $ECHO_N "checking for iruserok... $ECHO_C" >&6; } -if test "${ac_cv_func_iruserok+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define iruserok to an innocuous variant, in case declares iruserok. - For example, HP-UX 11i declares gettimeofday. */ -#define iruserok innocuous_iruserok - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char iruserok (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef iruserok - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char iruserok (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_iruserok || defined __stub___iruserok -choke me -#endif - -int -main () -{ -return iruserok (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_iruserok=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_iruserok=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_iruserok" >&5 -echo "${ECHO_T}$ac_cv_func_iruserok" >&6; } -if test $ac_cv_func_iruserok = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_IRUSEROK 1 -_ACEOF - -else - case " $LIBOBJS " in - *" iruserok.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS iruserok.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for localtime_r" >&5 -echo $ECHO_N "checking for localtime_r... $ECHO_C" >&6; } -if test "${ac_cv_func_localtime_r+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define localtime_r to an innocuous variant, in case declares localtime_r. - For example, HP-UX 11i declares gettimeofday. */ -#define localtime_r innocuous_localtime_r - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char localtime_r (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef localtime_r - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char localtime_r (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_localtime_r || defined __stub___localtime_r -choke me -#endif - -int -main () -{ -return localtime_r (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_localtime_r=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_localtime_r=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_localtime_r" >&5 -echo "${ECHO_T}$ac_cv_func_localtime_r" >&6; } -if test $ac_cv_func_localtime_r = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_LOCALTIME_R 1 -_ACEOF - -else - case " $LIBOBJS " in - *" localtime_r.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS localtime_r.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for lstat" >&5 -echo $ECHO_N "checking for lstat... $ECHO_C" >&6; } -if test "${ac_cv_func_lstat+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define lstat to an innocuous variant, in case declares lstat. - For example, HP-UX 11i declares gettimeofday. */ -#define lstat innocuous_lstat - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char lstat (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef lstat - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char lstat (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_lstat || defined __stub___lstat -choke me -#endif - -int -main () -{ -return lstat (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_lstat=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_lstat=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_lstat" >&5 -echo "${ECHO_T}$ac_cv_func_lstat" >&6; } -if test $ac_cv_func_lstat = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_LSTAT 1 -_ACEOF - -else - case " $LIBOBJS " in - *" lstat.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS lstat.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for memmove" >&5 -echo $ECHO_N "checking for memmove... $ECHO_C" >&6; } -if test "${ac_cv_func_memmove+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define memmove to an innocuous variant, in case declares memmove. - For example, HP-UX 11i declares gettimeofday. */ -#define memmove innocuous_memmove - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char memmove (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef memmove - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char memmove (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_memmove || defined __stub___memmove -choke me -#endif - -int -main () -{ -return memmove (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_memmove=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_memmove=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_memmove" >&5 -echo "${ECHO_T}$ac_cv_func_memmove" >&6; } -if test $ac_cv_func_memmove = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_MEMMOVE 1 -_ACEOF - -else - case " $LIBOBJS " in - *" memmove.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS memmove.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for mkstemp" >&5 -echo $ECHO_N "checking for mkstemp... $ECHO_C" >&6; } -if test "${ac_cv_func_mkstemp+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define mkstemp to an innocuous variant, in case declares mkstemp. - For example, HP-UX 11i declares gettimeofday. */ -#define mkstemp innocuous_mkstemp - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char mkstemp (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef mkstemp - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char mkstemp (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_mkstemp || defined __stub___mkstemp -choke me -#endif - -int -main () -{ -return mkstemp (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_mkstemp=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_mkstemp=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_mkstemp" >&5 -echo "${ECHO_T}$ac_cv_func_mkstemp" >&6; } -if test $ac_cv_func_mkstemp = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_MKSTEMP 1 -_ACEOF - -else - case " $LIBOBJS " in - *" mkstemp.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS mkstemp.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for putenv" >&5 -echo $ECHO_N "checking for putenv... $ECHO_C" >&6; } -if test "${ac_cv_func_putenv+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define putenv to an innocuous variant, in case declares putenv. - For example, HP-UX 11i declares gettimeofday. */ -#define putenv innocuous_putenv - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char putenv (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef putenv - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char putenv (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_putenv || defined __stub___putenv -choke me -#endif - -int -main () -{ -return putenv (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_putenv=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_putenv=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_putenv" >&5 -echo "${ECHO_T}$ac_cv_func_putenv" >&6; } -if test $ac_cv_func_putenv = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_PUTENV 1 -_ACEOF - -else - case " $LIBOBJS " in - *" putenv.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS putenv.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for rcmd" >&5 -echo $ECHO_N "checking for rcmd... $ECHO_C" >&6; } -if test "${ac_cv_func_rcmd+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define rcmd to an innocuous variant, in case declares rcmd. - For example, HP-UX 11i declares gettimeofday. */ -#define rcmd innocuous_rcmd - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char rcmd (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef rcmd - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char rcmd (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_rcmd || defined __stub___rcmd -choke me -#endif - -int -main () -{ -return rcmd (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_rcmd=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_rcmd=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_rcmd" >&5 -echo "${ECHO_T}$ac_cv_func_rcmd" >&6; } -if test $ac_cv_func_rcmd = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_RCMD 1 -_ACEOF - -else - case " $LIBOBJS " in - *" rcmd.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS rcmd.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for readv" >&5 -echo $ECHO_N "checking for readv... $ECHO_C" >&6; } -if test "${ac_cv_func_readv+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define readv to an innocuous variant, in case declares readv. - For example, HP-UX 11i declares gettimeofday. */ -#define readv innocuous_readv - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char readv (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef readv - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char readv (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_readv || defined __stub___readv -choke me -#endif - -int -main () -{ -return readv (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_readv=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_readv=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_readv" >&5 -echo "${ECHO_T}$ac_cv_func_readv" >&6; } -if test $ac_cv_func_readv = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_READV 1 -_ACEOF - -else - case " $LIBOBJS " in - *" readv.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS readv.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for recvmsg" >&5 -echo $ECHO_N "checking for recvmsg... $ECHO_C" >&6; } -if test "${ac_cv_func_recvmsg+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define recvmsg to an innocuous variant, in case declares recvmsg. - For example, HP-UX 11i declares gettimeofday. */ -#define recvmsg innocuous_recvmsg - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char recvmsg (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef recvmsg - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char recvmsg (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_recvmsg || defined __stub___recvmsg -choke me -#endif - -int -main () -{ -return recvmsg (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_recvmsg=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_recvmsg=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_recvmsg" >&5 -echo "${ECHO_T}$ac_cv_func_recvmsg" >&6; } -if test $ac_cv_func_recvmsg = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_RECVMSG 1 -_ACEOF - -else - case " $LIBOBJS " in - *" recvmsg.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS recvmsg.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for sendmsg" >&5 -echo $ECHO_N "checking for sendmsg... $ECHO_C" >&6; } -if test "${ac_cv_func_sendmsg+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define sendmsg to an innocuous variant, in case declares sendmsg. - For example, HP-UX 11i declares gettimeofday. */ -#define sendmsg innocuous_sendmsg - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char sendmsg (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef sendmsg - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char sendmsg (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_sendmsg || defined __stub___sendmsg -choke me -#endif - -int -main () -{ -return sendmsg (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_sendmsg=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_sendmsg=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_sendmsg" >&5 -echo "${ECHO_T}$ac_cv_func_sendmsg" >&6; } -if test $ac_cv_func_sendmsg = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_SENDMSG 1 -_ACEOF - -else - case " $LIBOBJS " in - *" sendmsg.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS sendmsg.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for setegid" >&5 -echo $ECHO_N "checking for setegid... $ECHO_C" >&6; } -if test "${ac_cv_func_setegid+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define setegid to an innocuous variant, in case declares setegid. - For example, HP-UX 11i declares gettimeofday. */ -#define setegid innocuous_setegid - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char setegid (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef setegid - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char setegid (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_setegid || defined __stub___setegid -choke me -#endif - -int -main () -{ -return setegid (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_setegid=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_setegid=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_setegid" >&5 -echo "${ECHO_T}$ac_cv_func_setegid" >&6; } -if test $ac_cv_func_setegid = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_SETEGID 1 -_ACEOF - -else - case " $LIBOBJS " in - *" setegid.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS setegid.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for setenv" >&5 -echo $ECHO_N "checking for setenv... $ECHO_C" >&6; } -if test "${ac_cv_func_setenv+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define setenv to an innocuous variant, in case declares setenv. - For example, HP-UX 11i declares gettimeofday. */ -#define setenv innocuous_setenv - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char setenv (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef setenv - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char setenv (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_setenv || defined __stub___setenv -choke me -#endif - -int -main () -{ -return setenv (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_setenv=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_setenv=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_setenv" >&5 -echo "${ECHO_T}$ac_cv_func_setenv" >&6; } -if test $ac_cv_func_setenv = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_SETENV 1 -_ACEOF - -else - case " $LIBOBJS " in - *" setenv.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS setenv.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for seteuid" >&5 -echo $ECHO_N "checking for seteuid... $ECHO_C" >&6; } -if test "${ac_cv_func_seteuid+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define seteuid to an innocuous variant, in case declares seteuid. - For example, HP-UX 11i declares gettimeofday. */ -#define seteuid innocuous_seteuid - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char seteuid (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef seteuid - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char seteuid (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_seteuid || defined __stub___seteuid -choke me -#endif - -int -main () -{ -return seteuid (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_seteuid=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_seteuid=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_seteuid" >&5 -echo "${ECHO_T}$ac_cv_func_seteuid" >&6; } -if test $ac_cv_func_seteuid = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_SETEUID 1 -_ACEOF - -else - case " $LIBOBJS " in - *" seteuid.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS seteuid.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for strcasecmp" >&5 -echo $ECHO_N "checking for strcasecmp... $ECHO_C" >&6; } -if test "${ac_cv_func_strcasecmp+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strcasecmp to an innocuous variant, in case declares strcasecmp. - For example, HP-UX 11i declares gettimeofday. */ -#define strcasecmp innocuous_strcasecmp - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strcasecmp (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strcasecmp - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strcasecmp (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strcasecmp || defined __stub___strcasecmp -choke me -#endif - -int -main () -{ -return strcasecmp (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strcasecmp=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strcasecmp=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strcasecmp" >&5 -echo "${ECHO_T}$ac_cv_func_strcasecmp" >&6; } -if test $ac_cv_func_strcasecmp = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRCASECMP 1 -_ACEOF - -else - case " $LIBOBJS " in - *" strcasecmp.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS strcasecmp.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for strdup" >&5 -echo $ECHO_N "checking for strdup... $ECHO_C" >&6; } -if test "${ac_cv_func_strdup+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strdup to an innocuous variant, in case declares strdup. - For example, HP-UX 11i declares gettimeofday. */ -#define strdup innocuous_strdup - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strdup (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strdup - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strdup (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strdup || defined __stub___strdup -choke me -#endif - -int -main () -{ -return strdup (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strdup=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strdup=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strdup" >&5 -echo "${ECHO_T}$ac_cv_func_strdup" >&6; } -if test $ac_cv_func_strdup = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRDUP 1 -_ACEOF - -else - case " $LIBOBJS " in - *" strdup.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS strdup.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for strerror" >&5 -echo $ECHO_N "checking for strerror... $ECHO_C" >&6; } -if test "${ac_cv_func_strerror+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strerror to an innocuous variant, in case declares strerror. - For example, HP-UX 11i declares gettimeofday. */ -#define strerror innocuous_strerror - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strerror (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strerror - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strerror (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strerror || defined __stub___strerror -choke me -#endif - -int -main () -{ -return strerror (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strerror=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strerror=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strerror" >&5 -echo "${ECHO_T}$ac_cv_func_strerror" >&6; } -if test $ac_cv_func_strerror = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRERROR 1 -_ACEOF - -else - case " $LIBOBJS " in - *" strerror.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS strerror.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for strftime" >&5 -echo $ECHO_N "checking for strftime... $ECHO_C" >&6; } -if test "${ac_cv_func_strftime+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strftime to an innocuous variant, in case declares strftime. - For example, HP-UX 11i declares gettimeofday. */ -#define strftime innocuous_strftime - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strftime (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strftime - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strftime (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strftime || defined __stub___strftime -choke me -#endif - -int -main () -{ -return strftime (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strftime=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strftime=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strftime" >&5 -echo "${ECHO_T}$ac_cv_func_strftime" >&6; } -if test $ac_cv_func_strftime = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRFTIME 1 -_ACEOF - -else - case " $LIBOBJS " in - *" strftime.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS strftime.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for strlcat" >&5 -echo $ECHO_N "checking for strlcat... $ECHO_C" >&6; } -if test "${ac_cv_func_strlcat+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strlcat to an innocuous variant, in case declares strlcat. - For example, HP-UX 11i declares gettimeofday. */ -#define strlcat innocuous_strlcat - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strlcat (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strlcat - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strlcat (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strlcat || defined __stub___strlcat -choke me -#endif - -int -main () -{ -return strlcat (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strlcat=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strlcat=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strlcat" >&5 -echo "${ECHO_T}$ac_cv_func_strlcat" >&6; } -if test $ac_cv_func_strlcat = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRLCAT 1 -_ACEOF - -else - case " $LIBOBJS " in - *" strlcat.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS strlcat.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for strlcpy" >&5 -echo $ECHO_N "checking for strlcpy... $ECHO_C" >&6; } -if test "${ac_cv_func_strlcpy+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strlcpy to an innocuous variant, in case declares strlcpy. - For example, HP-UX 11i declares gettimeofday. */ -#define strlcpy innocuous_strlcpy - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strlcpy (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strlcpy - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strlcpy (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strlcpy || defined __stub___strlcpy -choke me -#endif - -int -main () -{ -return strlcpy (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strlcpy=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strlcpy=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strlcpy" >&5 -echo "${ECHO_T}$ac_cv_func_strlcpy" >&6; } -if test $ac_cv_func_strlcpy = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRLCPY 1 -_ACEOF - -else - case " $LIBOBJS " in - *" strlcpy.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS strlcpy.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for strlwr" >&5 -echo $ECHO_N "checking for strlwr... $ECHO_C" >&6; } -if test "${ac_cv_func_strlwr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strlwr to an innocuous variant, in case declares strlwr. - For example, HP-UX 11i declares gettimeofday. */ -#define strlwr innocuous_strlwr - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strlwr (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strlwr - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strlwr (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strlwr || defined __stub___strlwr -choke me -#endif - -int -main () -{ -return strlwr (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strlwr=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strlwr=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strlwr" >&5 -echo "${ECHO_T}$ac_cv_func_strlwr" >&6; } -if test $ac_cv_func_strlwr = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRLWR 1 -_ACEOF - -else - case " $LIBOBJS " in - *" strlwr.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS strlwr.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for strncasecmp" >&5 -echo $ECHO_N "checking for strncasecmp... $ECHO_C" >&6; } -if test "${ac_cv_func_strncasecmp+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strncasecmp to an innocuous variant, in case declares strncasecmp. - For example, HP-UX 11i declares gettimeofday. */ -#define strncasecmp innocuous_strncasecmp - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strncasecmp (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strncasecmp - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strncasecmp (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strncasecmp || defined __stub___strncasecmp -choke me -#endif - -int -main () -{ -return strncasecmp (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strncasecmp=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strncasecmp=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strncasecmp" >&5 -echo "${ECHO_T}$ac_cv_func_strncasecmp" >&6; } -if test $ac_cv_func_strncasecmp = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRNCASECMP 1 -_ACEOF - -else - case " $LIBOBJS " in - *" strncasecmp.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS strncasecmp.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for strndup" >&5 -echo $ECHO_N "checking for strndup... $ECHO_C" >&6; } -if test "${ac_cv_func_strndup+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strndup to an innocuous variant, in case declares strndup. - For example, HP-UX 11i declares gettimeofday. */ -#define strndup innocuous_strndup - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strndup (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strndup - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strndup (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strndup || defined __stub___strndup -choke me -#endif - -int -main () -{ -return strndup (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strndup=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strndup=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strndup" >&5 -echo "${ECHO_T}$ac_cv_func_strndup" >&6; } -if test $ac_cv_func_strndup = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRNDUP 1 -_ACEOF - -else - case " $LIBOBJS " in - *" strndup.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS strndup.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for strnlen" >&5 -echo $ECHO_N "checking for strnlen... $ECHO_C" >&6; } -if test "${ac_cv_func_strnlen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strnlen to an innocuous variant, in case declares strnlen. - For example, HP-UX 11i declares gettimeofday. */ -#define strnlen innocuous_strnlen - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strnlen (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strnlen - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strnlen (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strnlen || defined __stub___strnlen -choke me -#endif - -int -main () -{ -return strnlen (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strnlen=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strnlen=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strnlen" >&5 -echo "${ECHO_T}$ac_cv_func_strnlen" >&6; } -if test $ac_cv_func_strnlen = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRNLEN 1 -_ACEOF - -else - case " $LIBOBJS " in - *" strnlen.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS strnlen.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for strptime" >&5 -echo $ECHO_N "checking for strptime... $ECHO_C" >&6; } -if test "${ac_cv_func_strptime+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strptime to an innocuous variant, in case declares strptime. - For example, HP-UX 11i declares gettimeofday. */ -#define strptime innocuous_strptime - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strptime (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strptime - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strptime (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strptime || defined __stub___strptime -choke me -#endif - -int -main () -{ -return strptime (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strptime=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strptime=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strptime" >&5 -echo "${ECHO_T}$ac_cv_func_strptime" >&6; } -if test $ac_cv_func_strptime = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRPTIME 1 -_ACEOF - -else - case " $LIBOBJS " in - *" strptime.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS strptime.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for strsep" >&5 -echo $ECHO_N "checking for strsep... $ECHO_C" >&6; } -if test "${ac_cv_func_strsep+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strsep to an innocuous variant, in case declares strsep. - For example, HP-UX 11i declares gettimeofday. */ -#define strsep innocuous_strsep - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strsep (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strsep - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strsep (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strsep || defined __stub___strsep -choke me -#endif - -int -main () -{ -return strsep (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strsep=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strsep=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strsep" >&5 -echo "${ECHO_T}$ac_cv_func_strsep" >&6; } -if test $ac_cv_func_strsep = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRSEP 1 -_ACEOF - -else - case " $LIBOBJS " in - *" strsep.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS strsep.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for strsep_copy" >&5 -echo $ECHO_N "checking for strsep_copy... $ECHO_C" >&6; } -if test "${ac_cv_func_strsep_copy+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strsep_copy to an innocuous variant, in case declares strsep_copy. - For example, HP-UX 11i declares gettimeofday. */ -#define strsep_copy innocuous_strsep_copy - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strsep_copy (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strsep_copy - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strsep_copy (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strsep_copy || defined __stub___strsep_copy -choke me -#endif - -int -main () -{ -return strsep_copy (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strsep_copy=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strsep_copy=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strsep_copy" >&5 -echo "${ECHO_T}$ac_cv_func_strsep_copy" >&6; } -if test $ac_cv_func_strsep_copy = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRSEP_COPY 1 -_ACEOF - -else - case " $LIBOBJS " in - *" strsep_copy.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS strsep_copy.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for strtok_r" >&5 -echo $ECHO_N "checking for strtok_r... $ECHO_C" >&6; } -if test "${ac_cv_func_strtok_r+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strtok_r to an innocuous variant, in case declares strtok_r. - For example, HP-UX 11i declares gettimeofday. */ -#define strtok_r innocuous_strtok_r - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strtok_r (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strtok_r - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strtok_r (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strtok_r || defined __stub___strtok_r -choke me -#endif - -int -main () -{ -return strtok_r (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strtok_r=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strtok_r=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strtok_r" >&5 -echo "${ECHO_T}$ac_cv_func_strtok_r" >&6; } -if test $ac_cv_func_strtok_r = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRTOK_R 1 -_ACEOF - -else - case " $LIBOBJS " in - *" strtok_r.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS strtok_r.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for strupr" >&5 -echo $ECHO_N "checking for strupr... $ECHO_C" >&6; } -if test "${ac_cv_func_strupr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define strupr to an innocuous variant, in case declares strupr. - For example, HP-UX 11i declares gettimeofday. */ -#define strupr innocuous_strupr - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char strupr (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef strupr - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char strupr (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_strupr || defined __stub___strupr -choke me -#endif - -int -main () -{ -return strupr (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_strupr=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_strupr=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strupr" >&5 -echo "${ECHO_T}$ac_cv_func_strupr" >&6; } -if test $ac_cv_func_strupr = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUPR 1 -_ACEOF - -else - case " $LIBOBJS " in - *" strupr.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS strupr.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for swab" >&5 -echo $ECHO_N "checking for swab... $ECHO_C" >&6; } -if test "${ac_cv_func_swab+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define swab to an innocuous variant, in case declares swab. - For example, HP-UX 11i declares gettimeofday. */ -#define swab innocuous_swab - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char swab (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef swab - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char swab (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_swab || defined __stub___swab -choke me -#endif - -int -main () -{ -return swab (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_swab=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_swab=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_swab" >&5 -echo "${ECHO_T}$ac_cv_func_swab" >&6; } -if test $ac_cv_func_swab = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_SWAB 1 -_ACEOF - -else - case " $LIBOBJS " in - *" swab.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS swab.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for timegm" >&5 -echo $ECHO_N "checking for timegm... $ECHO_C" >&6; } -if test "${ac_cv_func_timegm+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define timegm to an innocuous variant, in case declares timegm. - For example, HP-UX 11i declares gettimeofday. */ -#define timegm innocuous_timegm - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char timegm (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef timegm - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char timegm (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_timegm || defined __stub___timegm -choke me -#endif - -int -main () -{ -return timegm (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_timegm=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_timegm=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_timegm" >&5 -echo "${ECHO_T}$ac_cv_func_timegm" >&6; } -if test $ac_cv_func_timegm = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_TIMEGM 1 -_ACEOF - -else - case " $LIBOBJS " in - *" timegm.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS timegm.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for unsetenv" >&5 -echo $ECHO_N "checking for unsetenv... $ECHO_C" >&6; } -if test "${ac_cv_func_unsetenv+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define unsetenv to an innocuous variant, in case declares unsetenv. - For example, HP-UX 11i declares gettimeofday. */ -#define unsetenv innocuous_unsetenv - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char unsetenv (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef unsetenv - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char unsetenv (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_unsetenv || defined __stub___unsetenv -choke me -#endif - -int -main () -{ -return unsetenv (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_unsetenv=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_unsetenv=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_unsetenv" >&5 -echo "${ECHO_T}$ac_cv_func_unsetenv" >&6; } -if test $ac_cv_func_unsetenv = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_UNSETENV 1 -_ACEOF - -else - case " $LIBOBJS " in - *" unsetenv.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS unsetenv.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for verr" >&5 -echo $ECHO_N "checking for verr... $ECHO_C" >&6; } -if test "${ac_cv_func_verr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define verr to an innocuous variant, in case declares verr. - For example, HP-UX 11i declares gettimeofday. */ -#define verr innocuous_verr - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char verr (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef verr - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char verr (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_verr || defined __stub___verr -choke me -#endif - -int -main () -{ -return verr (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_verr=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_verr=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_verr" >&5 -echo "${ECHO_T}$ac_cv_func_verr" >&6; } -if test $ac_cv_func_verr = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_VERR 1 -_ACEOF - -else - case " $LIBOBJS " in - *" verr.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS verr.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for verrx" >&5 -echo $ECHO_N "checking for verrx... $ECHO_C" >&6; } -if test "${ac_cv_func_verrx+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define verrx to an innocuous variant, in case declares verrx. - For example, HP-UX 11i declares gettimeofday. */ -#define verrx innocuous_verrx - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char verrx (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef verrx - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char verrx (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_verrx || defined __stub___verrx -choke me -#endif - -int -main () -{ -return verrx (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_verrx=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_verrx=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_verrx" >&5 -echo "${ECHO_T}$ac_cv_func_verrx" >&6; } -if test $ac_cv_func_verrx = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_VERRX 1 -_ACEOF - -else - case " $LIBOBJS " in - *" verrx.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS verrx.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for vsyslog" >&5 -echo $ECHO_N "checking for vsyslog... $ECHO_C" >&6; } -if test "${ac_cv_func_vsyslog+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define vsyslog to an innocuous variant, in case declares vsyslog. - For example, HP-UX 11i declares gettimeofday. */ -#define vsyslog innocuous_vsyslog - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char vsyslog (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef vsyslog - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char vsyslog (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_vsyslog || defined __stub___vsyslog -choke me -#endif - -int -main () -{ -return vsyslog (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_vsyslog=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_vsyslog=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_vsyslog" >&5 -echo "${ECHO_T}$ac_cv_func_vsyslog" >&6; } -if test $ac_cv_func_vsyslog = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_VSYSLOG 1 -_ACEOF - -else - case " $LIBOBJS " in - *" vsyslog.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS vsyslog.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for vwarn" >&5 -echo $ECHO_N "checking for vwarn... $ECHO_C" >&6; } -if test "${ac_cv_func_vwarn+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define vwarn to an innocuous variant, in case declares vwarn. - For example, HP-UX 11i declares gettimeofday. */ -#define vwarn innocuous_vwarn - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char vwarn (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef vwarn - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char vwarn (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_vwarn || defined __stub___vwarn -choke me -#endif - -int -main () -{ -return vwarn (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_vwarn=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_vwarn=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_vwarn" >&5 -echo "${ECHO_T}$ac_cv_func_vwarn" >&6; } -if test $ac_cv_func_vwarn = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_VWARN 1 -_ACEOF - -else - case " $LIBOBJS " in - *" vwarn.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS vwarn.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for vwarnx" >&5 -echo $ECHO_N "checking for vwarnx... $ECHO_C" >&6; } -if test "${ac_cv_func_vwarnx+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define vwarnx to an innocuous variant, in case declares vwarnx. - For example, HP-UX 11i declares gettimeofday. */ -#define vwarnx innocuous_vwarnx - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char vwarnx (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef vwarnx - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char vwarnx (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_vwarnx || defined __stub___vwarnx -choke me -#endif - -int -main () -{ -return vwarnx (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_vwarnx=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_vwarnx=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_vwarnx" >&5 -echo "${ECHO_T}$ac_cv_func_vwarnx" >&6; } -if test $ac_cv_func_vwarnx = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_VWARNX 1 -_ACEOF - -else - case " $LIBOBJS " in - *" vwarnx.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS vwarnx.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for warn" >&5 -echo $ECHO_N "checking for warn... $ECHO_C" >&6; } -if test "${ac_cv_func_warn+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define warn to an innocuous variant, in case declares warn. - For example, HP-UX 11i declares gettimeofday. */ -#define warn innocuous_warn - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char warn (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef warn - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char warn (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_warn || defined __stub___warn -choke me -#endif - -int -main () -{ -return warn (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_warn=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_warn=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_warn" >&5 -echo "${ECHO_T}$ac_cv_func_warn" >&6; } -if test $ac_cv_func_warn = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_WARN 1 -_ACEOF - -else - case " $LIBOBJS " in - *" warn.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS warn.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for warnx" >&5 -echo $ECHO_N "checking for warnx... $ECHO_C" >&6; } -if test "${ac_cv_func_warnx+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define warnx to an innocuous variant, in case declares warnx. - For example, HP-UX 11i declares gettimeofday. */ -#define warnx innocuous_warnx - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char warnx (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef warnx - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char warnx (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_warnx || defined __stub___warnx -choke me -#endif - -int -main () -{ -return warnx (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_warnx=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_warnx=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_warnx" >&5 -echo "${ECHO_T}$ac_cv_func_warnx" >&6; } -if test $ac_cv_func_warnx = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_WARNX 1 -_ACEOF - -else - case " $LIBOBJS " in - *" warnx.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS warnx.$ac_objext" - ;; -esac - -fi -{ echo "$as_me:$LINENO: checking for writev" >&5 -echo $ECHO_N "checking for writev... $ECHO_C" >&6; } -if test "${ac_cv_func_writev+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define writev to an innocuous variant, in case declares writev. - For example, HP-UX 11i declares gettimeofday. */ -#define writev innocuous_writev - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char writev (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef writev - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char writev (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_writev || defined __stub___writev -choke me -#endif - -int -main () -{ -return writev (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_writev=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_writev=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_writev" >&5 -echo "${ECHO_T}$ac_cv_func_writev" >&6; } -if test $ac_cv_func_writev = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_WRITEV 1 -_ACEOF - -else - case " $LIBOBJS " in - *" writev.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS writev.$ac_objext" - ;; -esac - -fi - - - if test "$ac_cv_header_fnmatch_h" = yes -a "$ac_cv_func_fnmatch" = yes; then - have_fnmatch_h_TRUE= - have_fnmatch_h_FALSE='#' -else - have_fnmatch_h_TRUE='#' - have_fnmatch_h_FALSE= -fi - - - -if test "$ac_cv_func_strndup+set" != set -o "$ac_cv_func_strndup" = yes; then -{ echo "$as_me:$LINENO: checking if strndup needs a prototype" >&5 -echo $ECHO_N "checking if strndup needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_strndup_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -struct foo { int foo; } xx; -extern int strndup (struct foo*); -int -main () -{ -strndup(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_strndup_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_strndup_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strndup_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_strndup_noproto" >&6; } -if test "$ac_cv_func_strndup_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_STRNDUP_PROTO 1 -_ACEOF - -fi -fi - -if test "$ac_cv_func_strsep+set" != set -o "$ac_cv_func_strsep" = yes; then -{ echo "$as_me:$LINENO: checking if strsep needs a prototype" >&5 -echo $ECHO_N "checking if strsep needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_strsep_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -struct foo { int foo; } xx; -extern int strsep (struct foo*); -int -main () -{ -strsep(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_strsep_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_strsep_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strsep_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_strsep_noproto" >&6; } -if test "$ac_cv_func_strsep_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_STRSEP_PROTO 1 -_ACEOF - -fi -fi - -if test "$ac_cv_func_strtok_r+set" != set -o "$ac_cv_func_strtok_r" = yes; then -{ echo "$as_me:$LINENO: checking if strtok_r needs a prototype" >&5 -echo $ECHO_N "checking if strtok_r needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_strtok_r_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -struct foo { int foo; } xx; -extern int strtok_r (struct foo*); -int -main () -{ -strtok_r(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_strtok_r_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_strtok_r_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strtok_r_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_strtok_r_noproto" >&6; } -if test "$ac_cv_func_strtok_r_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_STRTOK_R_PROTO 1 -_ACEOF - -fi -fi - - - -if test "$ac_cv_func_strsvis+set" != set -o "$ac_cv_func_strsvis" = yes; then -{ echo "$as_me:$LINENO: checking if strsvis needs a prototype" >&5 -echo $ECHO_N "checking if strsvis needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_strsvis_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_VIS_H -#include -#endif -struct foo { int foo; } xx; -extern int strsvis (struct foo*); -int -main () -{ -strsvis(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_strsvis_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_strsvis_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strsvis_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_strsvis_noproto" >&6; } -if test "$ac_cv_func_strsvis_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_STRSVIS_PROTO 1 -_ACEOF - -fi -fi - -if test "$ac_cv_func_strunvis+set" != set -o "$ac_cv_func_strunvis" = yes; then -{ echo "$as_me:$LINENO: checking if strunvis needs a prototype" >&5 -echo $ECHO_N "checking if strunvis needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_strunvis_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_VIS_H -#include -#endif -struct foo { int foo; } xx; -extern int strunvis (struct foo*); -int -main () -{ -strunvis(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_strunvis_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_strunvis_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strunvis_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_strunvis_noproto" >&6; } -if test "$ac_cv_func_strunvis_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_STRUNVIS_PROTO 1 -_ACEOF - -fi -fi - -if test "$ac_cv_func_strvis+set" != set -o "$ac_cv_func_strvis" = yes; then -{ echo "$as_me:$LINENO: checking if strvis needs a prototype" >&5 -echo $ECHO_N "checking if strvis needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_strvis_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_VIS_H -#include -#endif -struct foo { int foo; } xx; -extern int strvis (struct foo*); -int -main () -{ -strvis(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_strvis_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_strvis_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strvis_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_strvis_noproto" >&6; } -if test "$ac_cv_func_strvis_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_STRVIS_PROTO 1 -_ACEOF - -fi -fi - -if test "$ac_cv_func_strvisx+set" != set -o "$ac_cv_func_strvisx" = yes; then -{ echo "$as_me:$LINENO: checking if strvisx needs a prototype" >&5 -echo $ECHO_N "checking if strvisx needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_strvisx_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_VIS_H -#include -#endif -struct foo { int foo; } xx; -extern int strvisx (struct foo*); -int -main () -{ -strvisx(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_strvisx_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_strvisx_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_strvisx_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_strvisx_noproto" >&6; } -if test "$ac_cv_func_strvisx_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_STRVISX_PROTO 1 -_ACEOF - -fi -fi - -if test "$ac_cv_func_svis+set" != set -o "$ac_cv_func_svis" = yes; then -{ echo "$as_me:$LINENO: checking if svis needs a prototype" >&5 -echo $ECHO_N "checking if svis needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_svis_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_VIS_H -#include -#endif -struct foo { int foo; } xx; -extern int svis (struct foo*); -int -main () -{ -svis(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_svis_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_svis_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_svis_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_svis_noproto" >&6; } -if test "$ac_cv_func_svis_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_SVIS_PROTO 1 -_ACEOF - -fi -fi - -if test "$ac_cv_func_unvis+set" != set -o "$ac_cv_func_unvis" = yes; then -{ echo "$as_me:$LINENO: checking if unvis needs a prototype" >&5 -echo $ECHO_N "checking if unvis needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_unvis_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_VIS_H -#include -#endif -struct foo { int foo; } xx; -extern int unvis (struct foo*); -int -main () -{ -unvis(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_unvis_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_unvis_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_unvis_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_unvis_noproto" >&6; } -if test "$ac_cv_func_unvis_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_UNVIS_PROTO 1 -_ACEOF - -fi -fi - -if test "$ac_cv_func_vis+set" != set -o "$ac_cv_func_vis" = yes; then -{ echo "$as_me:$LINENO: checking if vis needs a prototype" >&5 -echo $ECHO_N "checking if vis needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_vis_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_VIS_H -#include -#endif -struct foo { int foo; } xx; -extern int vis (struct foo*); -int -main () -{ -vis(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_vis_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_vis_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_vis_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_vis_noproto" >&6; } -if test "$ac_cv_func_vis_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_VIS_PROTO 1 -_ACEOF - -fi -fi - - -{ echo "$as_me:$LINENO: checking for inet_aton" >&5 -echo $ECHO_N "checking for inet_aton... $ECHO_C" >&6; } -if test "${ac_cv_func_inet_aton+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -int -main () -{ - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_inet_aton) || defined (__stub___inet_aton) -choke me -#else -inet_aton(0,0); -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "ac_cv_func_inet_aton=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_inet_aton=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi - -if eval "test \"\${ac_cv_func_inet_aton}\" = yes"; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_INET_ATON 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - case " $LIBOBJS " in - *" inet_aton.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS inet_aton.$ac_objext" - ;; -esac - -fi - -{ echo "$as_me:$LINENO: checking for inet_ntop" >&5 -echo $ECHO_N "checking for inet_ntop... $ECHO_C" >&6; } -if test "${ac_cv_func_inet_ntop+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -int -main () -{ - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_inet_ntop) || defined (__stub___inet_ntop) -choke me -#else -inet_ntop(0, 0, 0, 0); -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "ac_cv_func_inet_ntop=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_inet_ntop=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi - -if eval "test \"\${ac_cv_func_inet_ntop}\" = yes"; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_INET_NTOP 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - case " $LIBOBJS " in - *" inet_ntop.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS inet_ntop.$ac_objext" - ;; -esac - -fi - -{ echo "$as_me:$LINENO: checking for inet_pton" >&5 -echo $ECHO_N "checking for inet_pton... $ECHO_C" >&6; } -if test "${ac_cv_func_inet_pton+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -int -main () -{ - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_inet_pton) || defined (__stub___inet_pton) -choke me -#else -inet_pton(0,0,0); -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "ac_cv_func_inet_pton=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_inet_pton=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi - -if eval "test \"\${ac_cv_func_inet_pton}\" = yes"; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_INET_PTON 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - case " $LIBOBJS " in - *" inet_pton.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS inet_pton.$ac_objext" - ;; -esac - -fi - - - -{ echo "$as_me:$LINENO: checking for sa_len in struct sockaddr" >&5 -echo $ECHO_N "checking for sa_len in struct sockaddr... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_sockaddr_sa_len+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -int -main () -{ -struct sockaddr x; memset(&x, 0, sizeof(x)); x.sa_len - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_sockaddr_sa_len=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_sockaddr_sa_len=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_sockaddr_sa_len" >&5 -echo "${ECHO_T}$ac_cv_type_struct_sockaddr_sa_len" >&6; } -if test "$ac_cv_type_struct_sockaddr_sa_len" = yes; then - - -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_SOCKADDR_SA_LEN 1 -_ACEOF - - -fi - - - -if test "$ac_cv_func_getaddrinfo" = "yes"; then - -{ echo "$as_me:$LINENO: checking if getaddrinfo handles numeric services" >&5 -echo $ECHO_N "checking if getaddrinfo handles numeric services... $ECHO_C" >&6; } -if test "${ac_cv_func_getaddrinfo_numserv+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test "$cross_compiling" = yes; then - { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot run test program while cross compiling -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -#include -#include - -int -main(int argc, char **argv) -{ - struct addrinfo hints, *ai; - memset(&hints, 0, sizeof(hints)); - hints.ai_flags = AI_PASSIVE; - hints.ai_socktype = SOCK_STREAM; - hints.ai_family = PF_UNSPEC; - if(getaddrinfo(NULL, "17", &hints, &ai) != 0) - return 1; - if(getaddrinfo(NULL, "0", &hints, &ai) != 0) - return 1; - return 0; -} - -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_func_getaddrinfo_numserv=yes -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_func_getaddrinfo_numserv=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi - - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getaddrinfo_numserv" >&5 -echo "${ECHO_T}$ac_cv_func_getaddrinfo_numserv" >&6; } - if test "$ac_cv_func_getaddrinfo_numserv" = no; then - case " $LIBOBJS " in - *" getaddrinfo.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS getaddrinfo.$ac_objext" - ;; -esac - - case " $LIBOBJS " in - *" freeaddrinfo.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS freeaddrinfo.$ac_objext" - ;; -esac - - fi -fi - - -if test "$ac_cv_func_setenv+set" != set -o "$ac_cv_func_setenv" = yes; then -{ echo "$as_me:$LINENO: checking if setenv needs a prototype" >&5 -echo $ECHO_N "checking if setenv needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_setenv_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -struct foo { int foo; } xx; -extern int setenv (struct foo*); -int -main () -{ -setenv(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_setenv_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_setenv_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_setenv_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_setenv_noproto" >&6; } -if test "$ac_cv_func_setenv_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_SETENV_PROTO 1 -_ACEOF - -fi -fi - - -if test "$ac_cv_func_unsetenv+set" != set -o "$ac_cv_func_unsetenv" = yes; then -{ echo "$as_me:$LINENO: checking if unsetenv needs a prototype" >&5 -echo $ECHO_N "checking if unsetenv needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_unsetenv_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -struct foo { int foo; } xx; -extern int unsetenv (struct foo*); -int -main () -{ -unsetenv(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_unsetenv_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_unsetenv_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_unsetenv_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_unsetenv_noproto" >&6; } -if test "$ac_cv_func_unsetenv_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_UNSETENV_PROTO 1 -_ACEOF - -fi -fi - - -if test "$ac_cv_func_gethostname+set" != set -o "$ac_cv_func_gethostname" = yes; then -{ echo "$as_me:$LINENO: checking if gethostname needs a prototype" >&5 -echo $ECHO_N "checking if gethostname needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_gethostname_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -struct foo { int foo; } xx; -extern int gethostname (struct foo*); -int -main () -{ -gethostname(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_gethostname_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_gethostname_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_gethostname_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_gethostname_noproto" >&6; } -if test "$ac_cv_func_gethostname_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_GETHOSTNAME_PROTO 1 -_ACEOF - -fi -fi - - -if test "$ac_cv_func_mkstemp+set" != set -o "$ac_cv_func_mkstemp" = yes; then -{ echo "$as_me:$LINENO: checking if mkstemp needs a prototype" >&5 -echo $ECHO_N "checking if mkstemp needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_mkstemp_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -struct foo { int foo; } xx; -extern int mkstemp (struct foo*); -int -main () -{ -mkstemp(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_mkstemp_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_mkstemp_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_mkstemp_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_mkstemp_noproto" >&6; } -if test "$ac_cv_func_mkstemp_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_MKSTEMP_PROTO 1 -_ACEOF - -fi -fi - - -if test "$ac_cv_func_getusershell+set" != set -o "$ac_cv_func_getusershell" = yes; then -{ echo "$as_me:$LINENO: checking if getusershell needs a prototype" >&5 -echo $ECHO_N "checking if getusershell needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_getusershell_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -struct foo { int foo; } xx; -extern int getusershell (struct foo*); -int -main () -{ -getusershell(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_getusershell_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_getusershell_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getusershell_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_getusershell_noproto" >&6; } -if test "$ac_cv_func_getusershell_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_GETUSERSHELL_PROTO 1 -_ACEOF - -fi -fi - - -if test "$ac_cv_func_daemon+set" != set -o "$ac_cv_func_daemon" = yes; then -{ echo "$as_me:$LINENO: checking if daemon needs a prototype" >&5 -echo $ECHO_N "checking if daemon needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_daemon_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -struct foo { int foo; } xx; -extern int daemon (struct foo*); -int -main () -{ -daemon(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_daemon_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_daemon_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_daemon_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_daemon_noproto" >&6; } -if test "$ac_cv_func_daemon_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_DAEMON_PROTO 1 -_ACEOF - -fi -fi - - -if test "$ac_cv_func_iruserok+set" != set -o "$ac_cv_func_iruserok" = yes; then -{ echo "$as_me:$LINENO: checking if iruserok needs a prototype" >&5 -echo $ECHO_N "checking if iruserok needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_iruserok_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -struct foo { int foo; } xx; -extern int iruserok (struct foo*); -int -main () -{ -iruserok(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_iruserok_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_iruserok_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_iruserok_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_iruserok_noproto" >&6; } -if test "$ac_cv_func_iruserok_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_IRUSEROK_PROTO 1 -_ACEOF - -fi -fi - - - -if test "$ac_cv_func_inet_aton+set" != set -o "$ac_cv_func_inet_aton" = yes; then -{ echo "$as_me:$LINENO: checking if inet_aton needs a prototype" >&5 -echo $ECHO_N "checking if inet_aton needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_inet_aton_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -struct foo { int foo; } xx; -extern int inet_aton (struct foo*); -int -main () -{ -inet_aton(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_inet_aton_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_inet_aton_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_inet_aton_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_inet_aton_noproto" >&6; } -if test "$ac_cv_func_inet_aton_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_INET_ATON_PROTO 1 -_ACEOF - -fi -fi - - - - - -{ echo "$as_me:$LINENO: checking for crypt" >&5 -echo $ECHO_N "checking for crypt... $ECHO_C" >&6; } -if test "${ac_cv_funclib_crypt+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_crypt\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" crypt; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -crypt() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_crypt=$ac_lib; else ac_cv_funclib_crypt=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_crypt=\${ac_cv_funclib_crypt-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_crypt" - -if false; then - -for ac_func in crypt -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# crypt -eval "ac_tr_func=HAVE_`echo crypt | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_crypt=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_crypt=yes" - eval "LIB_crypt=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_crypt=no" - eval "LIB_crypt=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_crypt=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - - - - - -{ echo "$as_me:$LINENO: checking if gethostbyname is compatible with system prototype" >&5 -echo $ECHO_N "checking if gethostbyname is compatible with system prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_gethostbyname_proto_compat+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif - -int -main () -{ -struct hostent *gethostbyname(const char *) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_gethostbyname_proto_compat=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_gethostbyname_proto_compat=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_gethostbyname_proto_compat" >&5 -echo "${ECHO_T}$ac_cv_func_gethostbyname_proto_compat" >&6; } - -if test "$ac_cv_func_gethostbyname_proto_compat" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define GETHOSTBYNAME_PROTO_COMPATIBLE 1 -_ACEOF - -fi - - - - -{ echo "$as_me:$LINENO: checking if gethostbyaddr is compatible with system prototype" >&5 -echo $ECHO_N "checking if gethostbyaddr is compatible with system prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_gethostbyaddr_proto_compat+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif - -int -main () -{ -struct hostent *gethostbyaddr(const void *, size_t, int) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_gethostbyaddr_proto_compat=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_gethostbyaddr_proto_compat=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_gethostbyaddr_proto_compat" >&5 -echo "${ECHO_T}$ac_cv_func_gethostbyaddr_proto_compat" >&6; } - -if test "$ac_cv_func_gethostbyaddr_proto_compat" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define GETHOSTBYADDR_PROTO_COMPATIBLE 1 -_ACEOF - -fi - - - - -{ echo "$as_me:$LINENO: checking if getservbyname is compatible with system prototype" >&5 -echo $ECHO_N "checking if getservbyname is compatible with system prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_getservbyname_proto_compat+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif - -int -main () -{ -struct servent *getservbyname(const char *, const char *) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_getservbyname_proto_compat=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_getservbyname_proto_compat=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getservbyname_proto_compat" >&5 -echo "${ECHO_T}$ac_cv_func_getservbyname_proto_compat" >&6; } - -if test "$ac_cv_func_getservbyname_proto_compat" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define GETSERVBYNAME_PROTO_COMPATIBLE 1 -_ACEOF - -fi - - - - -{ echo "$as_me:$LINENO: checking if getsockname is compatible with system prototype" >&5 -echo $ECHO_N "checking if getsockname is compatible with system prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_getsockname_proto_compat+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif - -int -main () -{ -int getsockname(int, struct sockaddr*, socklen_t*) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_getsockname_proto_compat=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_getsockname_proto_compat=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getsockname_proto_compat" >&5 -echo "${ECHO_T}$ac_cv_func_getsockname_proto_compat" >&6; } - -if test "$ac_cv_func_getsockname_proto_compat" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define GETSOCKNAME_PROTO_COMPATIBLE 1 -_ACEOF - -fi - - - - -{ echo "$as_me:$LINENO: checking if openlog is compatible with system prototype" >&5 -echo $ECHO_N "checking if openlog is compatible with system prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_openlog_proto_compat+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_SYSLOG_H -#include -#endif - -int -main () -{ -void openlog(const char *, int, int) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_openlog_proto_compat=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_openlog_proto_compat=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_openlog_proto_compat" >&5 -echo "${ECHO_T}$ac_cv_func_openlog_proto_compat" >&6; } - -if test "$ac_cv_func_openlog_proto_compat" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define OPENLOG_PROTO_COMPATIBLE 1 -_ACEOF - -fi - - - - -if test "$ac_cv_func_crypt+set" != set -o "$ac_cv_func_crypt" = yes; then -{ echo "$as_me:$LINENO: checking if crypt needs a prototype" >&5 -echo $ECHO_N "checking if crypt needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_crypt_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_CRYPT_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif - -struct foo { int foo; } xx; -extern int crypt (struct foo*); -int -main () -{ -crypt(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_crypt_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_crypt_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_crypt_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_crypt_noproto" >&6; } -if test "$ac_cv_func_crypt_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_CRYPT_PROTO 1 -_ACEOF - -fi -fi - - - - -{ echo "$as_me:$LINENO: checking for h_errno" >&5 -echo $ECHO_N "checking for h_errno... $ECHO_C" >&6; } -if test "${ac_cv_var_h_errno+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - - - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif - void * foo(void) { return &h_errno; } -int -main () -{ -foo() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_var_h_errno=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_h_errno=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test "$ac_cv_var_h_errno" != yes ; then -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -extern int h_errno; -int foo(void) { return h_errno; } -int -main () -{ -foo() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_var_h_errno=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_h_errno=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi - -fi - -ac_foo=`eval echo \\$ac_cv_var_h_errno` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } -if test "$ac_foo" = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_H_ERRNO 1 -_ACEOF - - { echo "$as_me:$LINENO: checking whether h_errno is declared" >&5 -echo $ECHO_N "checking whether h_errno is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl_h_errno+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif - -int -main () -{ -#ifndef h_errno - (void) h_errno; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl_h_errno=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl_h_errno=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_h_errno" >&5 -echo "${ECHO_T}$ac_cv_have_decl_h_errno" >&6; } -if test $ac_cv_have_decl_h_errno = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_H_ERRNO 1 -_ACEOF - - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_H_ERRNO 0 -_ACEOF - - -fi - - -fi - - - -{ echo "$as_me:$LINENO: checking for h_errlist" >&5 -echo $ECHO_N "checking for h_errlist... $ECHO_C" >&6; } -if test "${ac_cv_var_h_errlist+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - - - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_NETDB_H -#include -#endif - void * foo(void) { return &h_errlist; } -int -main () -{ -foo() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_var_h_errlist=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_h_errlist=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test "$ac_cv_var_h_errlist" != yes ; then -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -extern int h_errlist; -int foo(void) { return h_errlist; } -int -main () -{ -foo() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_var_h_errlist=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_h_errlist=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi - -fi - -ac_foo=`eval echo \\$ac_cv_var_h_errlist` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } -if test "$ac_foo" = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_H_ERRLIST 1 -_ACEOF - - { echo "$as_me:$LINENO: checking whether h_errlist is declared" >&5 -echo $ECHO_N "checking whether h_errlist is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl_h_errlist+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_NETDB_H -#include -#endif - -int -main () -{ -#ifndef h_errlist - (void) h_errlist; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl_h_errlist=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl_h_errlist=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_h_errlist" >&5 -echo "${ECHO_T}$ac_cv_have_decl_h_errlist" >&6; } -if test $ac_cv_have_decl_h_errlist = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_H_ERRLIST 1 -_ACEOF - - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_H_ERRLIST 0 -_ACEOF - - -fi - - -fi - - - -{ echo "$as_me:$LINENO: checking for h_nerr" >&5 -echo $ECHO_N "checking for h_nerr... $ECHO_C" >&6; } -if test "${ac_cv_var_h_nerr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - - - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_NETDB_H -#include -#endif - void * foo(void) { return &h_nerr; } -int -main () -{ -foo() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_var_h_nerr=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_h_nerr=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test "$ac_cv_var_h_nerr" != yes ; then -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -extern int h_nerr; -int foo(void) { return h_nerr; } -int -main () -{ -foo() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_var_h_nerr=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_h_nerr=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi - -fi - -ac_foo=`eval echo \\$ac_cv_var_h_nerr` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } -if test "$ac_foo" = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_H_NERR 1 -_ACEOF - - { echo "$as_me:$LINENO: checking whether h_nerr is declared" >&5 -echo $ECHO_N "checking whether h_nerr is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl_h_nerr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_NETDB_H -#include -#endif - -int -main () -{ -#ifndef h_nerr - (void) h_nerr; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl_h_nerr=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl_h_nerr=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_h_nerr" >&5 -echo "${ECHO_T}$ac_cv_have_decl_h_nerr" >&6; } -if test $ac_cv_have_decl_h_nerr = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_H_NERR 1 -_ACEOF - - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_H_NERR 0 -_ACEOF - - -fi - - -fi - - - -{ echo "$as_me:$LINENO: checking for __progname" >&5 -echo $ECHO_N "checking for __progname... $ECHO_C" >&6; } -if test "${ac_cv_var___progname+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - - - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_ERR_H -#include -#endif - void * foo(void) { return &__progname; } -int -main () -{ -foo() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_var___progname=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var___progname=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test "$ac_cv_var___progname" != yes ; then -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -extern int __progname; -int foo(void) { return __progname; } -int -main () -{ -foo() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_var___progname=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var___progname=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi - -fi - -ac_foo=`eval echo \\$ac_cv_var___progname` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } -if test "$ac_foo" = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE___PROGNAME 1 -_ACEOF - - { echo "$as_me:$LINENO: checking whether __progname is declared" >&5 -echo $ECHO_N "checking whether __progname is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl___progname+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef HAVE_ERR_H -#include -#endif - -int -main () -{ -#ifndef __progname - (void) __progname; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl___progname=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl___progname=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl___progname" >&5 -echo "${ECHO_T}$ac_cv_have_decl___progname" >&6; } -if test $ac_cv_have_decl___progname = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL___PROGNAME 1 -_ACEOF - - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL___PROGNAME 0 -_ACEOF - - -fi - - -fi - - -{ echo "$as_me:$LINENO: checking whether optarg is declared" >&5 -echo $ECHO_N "checking whether optarg is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl_optarg+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -int -main () -{ -#ifndef optarg - (void) optarg; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl_optarg=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl_optarg=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_optarg" >&5 -echo "${ECHO_T}$ac_cv_have_decl_optarg" >&6; } -if test $ac_cv_have_decl_optarg = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_OPTARG 1 -_ACEOF - - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_OPTARG 0 -_ACEOF - - -#include -#ifdef HAVE_UNISTD_H -#include -#endif -fi -{ echo "$as_me:$LINENO: checking whether optind is declared" >&5 -echo $ECHO_N "checking whether optind is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl_optind+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -int -main () -{ -#ifndef optind - (void) optind; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl_optind=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl_optind=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_optind" >&5 -echo "${ECHO_T}$ac_cv_have_decl_optind" >&6; } -if test $ac_cv_have_decl_optind = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_OPTIND 1 -_ACEOF - - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_OPTIND 0 -_ACEOF - - -#include -#ifdef HAVE_UNISTD_H -#include -#endif -fi -{ echo "$as_me:$LINENO: checking whether opterr is declared" >&5 -echo $ECHO_N "checking whether opterr is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl_opterr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -int -main () -{ -#ifndef opterr - (void) opterr; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl_opterr=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl_opterr=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_opterr" >&5 -echo "${ECHO_T}$ac_cv_have_decl_opterr" >&6; } -if test $ac_cv_have_decl_opterr = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_OPTERR 1 -_ACEOF - - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_OPTERR 0 -_ACEOF - - -#include -#ifdef HAVE_UNISTD_H -#include -#endif -fi -{ echo "$as_me:$LINENO: checking whether optopt is declared" >&5 -echo $ECHO_N "checking whether optopt is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl_optopt+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -int -main () -{ -#ifndef optopt - (void) optopt; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl_optopt=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl_optopt=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_optopt" >&5 -echo "${ECHO_T}$ac_cv_have_decl_optopt" >&6; } -if test $ac_cv_have_decl_optopt = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_OPTOPT 1 -_ACEOF - - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_OPTOPT 0 -_ACEOF - - -#include -#ifdef HAVE_UNISTD_H -#include -#endif -fi -{ echo "$as_me:$LINENO: checking whether environ is declared" >&5 -echo $ECHO_N "checking whether environ is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl_environ+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -int -main () -{ -#ifndef environ - (void) environ; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl_environ=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl_environ=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_environ" >&5 -echo "${ECHO_T}$ac_cv_have_decl_environ" >&6; } -if test $ac_cv_have_decl_environ = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_ENVIRON 1 -_ACEOF - - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_ENVIRON 0 -_ACEOF - - -#include -#ifdef HAVE_UNISTD_H -#include -#endif -fi - - - - - - -{ echo "$as_me:$LINENO: checking for tm_gmtoff in struct tm" >&5 -echo $ECHO_N "checking for tm_gmtoff in struct tm... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_tm_tm_gmtoff+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -int -main () -{ -struct tm x; memset(&x, 0, sizeof(x)); x.tm_gmtoff - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_tm_tm_gmtoff=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_tm_tm_gmtoff=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_tm_tm_gmtoff" >&5 -echo "${ECHO_T}$ac_cv_type_struct_tm_tm_gmtoff" >&6; } -if test "$ac_cv_type_struct_tm_tm_gmtoff" = yes; then - - -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_TM_TM_GMTOFF 1 -_ACEOF - - -fi - - - - -{ echo "$as_me:$LINENO: checking for tm_zone in struct tm" >&5 -echo $ECHO_N "checking for tm_zone in struct tm... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_tm_tm_zone+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -int -main () -{ -struct tm x; memset(&x, 0, sizeof(x)); x.tm_zone - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_tm_tm_zone=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_tm_tm_zone=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_tm_tm_zone" >&5 -echo "${ECHO_T}$ac_cv_type_struct_tm_tm_zone" >&6; } -if test "$ac_cv_type_struct_tm_tm_zone" = yes; then - - -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_TM_TM_ZONE 1 -_ACEOF - - -fi - - - - - -{ echo "$as_me:$LINENO: checking for timezone" >&5 -echo $ECHO_N "checking for timezone... $ECHO_C" >&6; } -if test "${ac_cv_var_timezone+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - - - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - void * foo(void) { return &timezone; } -int -main () -{ -foo() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_var_timezone=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_timezone=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test "$ac_cv_var_timezone" != yes ; then -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -extern int timezone; -int foo(void) { return timezone; } -int -main () -{ -foo() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_var_timezone=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_timezone=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi - -fi - -ac_foo=`eval echo \\$ac_cv_var_timezone` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } -if test "$ac_foo" = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_TIMEZONE 1 -_ACEOF - - { echo "$as_me:$LINENO: checking whether timezone is declared" >&5 -echo $ECHO_N "checking whether timezone is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl_timezone+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - -int -main () -{ -#ifndef timezone - (void) timezone; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl_timezone=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl_timezone=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_timezone" >&5 -echo "${ECHO_T}$ac_cv_have_decl_timezone" >&6; } -if test $ac_cv_have_decl_timezone = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_TIMEZONE 1 -_ACEOF - - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_TIMEZONE 0 -_ACEOF - - -fi - - -fi - - -{ echo "$as_me:$LINENO: checking for altzone" >&5 -echo $ECHO_N "checking for altzone... $ECHO_C" >&6; } -if test "${ac_cv_var_altzone+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - - - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - void * foo(void) { return &altzone; } -int -main () -{ -foo() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_var_altzone=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_altzone=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test "$ac_cv_var_altzone" != yes ; then -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -extern int altzone; -int foo(void) { return altzone; } -int -main () -{ -foo() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_var_altzone=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_var_altzone=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi - -fi - -ac_foo=`eval echo \\$ac_cv_var_altzone` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } -if test "$ac_foo" = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_ALTZONE 1 -_ACEOF - - { echo "$as_me:$LINENO: checking whether altzone is declared" >&5 -echo $ECHO_N "checking whether altzone is declared... $ECHO_C" >&6; } -if test "${ac_cv_have_decl_altzone+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - -int -main () -{ -#ifndef altzone - (void) altzone; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_have_decl_altzone=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_have_decl_altzone=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_have_decl_altzone" >&5 -echo "${ECHO_T}$ac_cv_have_decl_altzone" >&6; } -if test $ac_cv_have_decl_altzone = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_ALTZONE 1 -_ACEOF - - -else - cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_ALTZONE 0 -_ACEOF - - -fi - - -fi - - - - -cv=`echo "sa_family_t" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for sa_family_t" >&5 -echo $ECHO_N "checking for sa_family_t... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#if STDC_HEADERS -#include -#include -#endif - -#include -#include -int -main () -{ -sa_family_t foo; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_type_$cv=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } -if test "$ac_foo" = yes; then - ac_tr_hdr=HAVE_`echo sa_family_t | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` -if false; then - { echo "$as_me:$LINENO: checking for sa_family_t" >&5 -echo $ECHO_N "checking for sa_family_t... $ECHO_C" >&6; } -if test "${ac_cv_type_sa_family_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef sa_family_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_sa_family_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_sa_family_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_sa_family_t" >&5 -echo "${ECHO_T}$ac_cv_type_sa_family_t" >&6; } -if test $ac_cv_type_sa_family_t = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_SA_FAMILY_T 1 -_ACEOF - - -fi - -fi - -cat >>confdefs.h <<_ACEOF -#define $ac_tr_hdr 1 -_ACEOF - -fi - - - -cv=`echo "socklen_t" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for socklen_t" >&5 -echo $ECHO_N "checking for socklen_t... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#if STDC_HEADERS -#include -#include -#endif - -#include -#include -int -main () -{ -socklen_t foo; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_type_$cv=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } -if test "$ac_foo" = yes; then - ac_tr_hdr=HAVE_`echo socklen_t | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` -if false; then - { echo "$as_me:$LINENO: checking for socklen_t" >&5 -echo $ECHO_N "checking for socklen_t... $ECHO_C" >&6; } -if test "${ac_cv_type_socklen_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef socklen_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_socklen_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_socklen_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_socklen_t" >&5 -echo "${ECHO_T}$ac_cv_type_socklen_t" >&6; } -if test $ac_cv_type_socklen_t = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_SOCKLEN_T 1 -_ACEOF - - -fi - -fi - -cat >>confdefs.h <<_ACEOF -#define $ac_tr_hdr 1 -_ACEOF - -fi - - - -cv=`echo "struct sockaddr" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for struct sockaddr" >&5 -echo $ECHO_N "checking for struct sockaddr... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#if STDC_HEADERS -#include -#include -#endif - -#include -#include -int -main () -{ -struct sockaddr foo; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_type_$cv=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } -if test "$ac_foo" = yes; then - ac_tr_hdr=HAVE_`echo struct sockaddr | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` -if false; then - { echo "$as_me:$LINENO: checking for struct sockaddr" >&5 -echo $ECHO_N "checking for struct sockaddr... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_sockaddr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef struct sockaddr ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_sockaddr=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_sockaddr=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_sockaddr" >&5 -echo "${ECHO_T}$ac_cv_type_struct_sockaddr" >&6; } -if test $ac_cv_type_struct_sockaddr = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_SOCKADDR 1 -_ACEOF - - -fi - -fi - -cat >>confdefs.h <<_ACEOF -#define $ac_tr_hdr 1 -_ACEOF - -fi - - - -cv=`echo "struct sockaddr_storage" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for struct sockaddr_storage" >&5 -echo $ECHO_N "checking for struct sockaddr_storage... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#if STDC_HEADERS -#include -#include -#endif - -#include -#include -int -main () -{ -struct sockaddr_storage foo; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_type_$cv=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } -if test "$ac_foo" = yes; then - ac_tr_hdr=HAVE_`echo struct sockaddr_storage | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` -if false; then - { echo "$as_me:$LINENO: checking for struct sockaddr_storage" >&5 -echo $ECHO_N "checking for struct sockaddr_storage... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_sockaddr_storage+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef struct sockaddr_storage ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_sockaddr_storage=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_sockaddr_storage=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_sockaddr_storage" >&5 -echo "${ECHO_T}$ac_cv_type_struct_sockaddr_storage" >&6; } -if test $ac_cv_type_struct_sockaddr_storage = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_SOCKADDR_STORAGE 1 -_ACEOF - - -fi - -fi - -cat >>confdefs.h <<_ACEOF -#define $ac_tr_hdr 1 -_ACEOF - -fi - - - -cv=`echo "struct addrinfo" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for struct addrinfo" >&5 -echo $ECHO_N "checking for struct addrinfo... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#if STDC_HEADERS -#include -#include -#endif - -#include -#include -int -main () -{ -struct addrinfo foo; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_type_$cv=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } -if test "$ac_foo" = yes; then - ac_tr_hdr=HAVE_`echo struct addrinfo | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` -if false; then - { echo "$as_me:$LINENO: checking for struct addrinfo" >&5 -echo $ECHO_N "checking for struct addrinfo... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_addrinfo+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef struct addrinfo ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_addrinfo=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_addrinfo=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_addrinfo" >&5 -echo "${ECHO_T}$ac_cv_type_struct_addrinfo" >&6; } -if test $ac_cv_type_struct_addrinfo = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_ADDRINFO 1 -_ACEOF - - -fi - -fi - -cat >>confdefs.h <<_ACEOF -#define $ac_tr_hdr 1 -_ACEOF - -fi - - - -cv=`echo "struct ifaddrs" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for struct ifaddrs" >&5 -echo $ECHO_N "checking for struct ifaddrs... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#if STDC_HEADERS -#include -#include -#endif -#include -int -main () -{ -struct ifaddrs foo; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_type_$cv=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } -if test "$ac_foo" = yes; then - ac_tr_hdr=HAVE_`echo struct ifaddrs | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` -if false; then - { echo "$as_me:$LINENO: checking for struct ifaddrs" >&5 -echo $ECHO_N "checking for struct ifaddrs... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_ifaddrs+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef struct ifaddrs ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_ifaddrs=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_ifaddrs=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_ifaddrs" >&5 -echo "${ECHO_T}$ac_cv_type_struct_ifaddrs" >&6; } -if test $ac_cv_type_struct_ifaddrs = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_IFADDRS 1 -_ACEOF - - -fi - -fi - -cat >>confdefs.h <<_ACEOF -#define $ac_tr_hdr 1 -_ACEOF - -fi - - - -cv=`echo "struct iovec" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for struct iovec" >&5 -echo $ECHO_N "checking for struct iovec... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#if STDC_HEADERS -#include -#include -#endif - -#include -#include - -int -main () -{ -struct iovec foo; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_type_$cv=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } -if test "$ac_foo" = yes; then - ac_tr_hdr=HAVE_`echo struct iovec | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` -if false; then - { echo "$as_me:$LINENO: checking for struct iovec" >&5 -echo $ECHO_N "checking for struct iovec... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_iovec+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef struct iovec ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_iovec=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_iovec=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_iovec" >&5 -echo "${ECHO_T}$ac_cv_type_struct_iovec" >&6; } -if test $ac_cv_type_struct_iovec = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_IOVEC 1 -_ACEOF - - -fi - -fi - -cat >>confdefs.h <<_ACEOF -#define $ac_tr_hdr 1 -_ACEOF - -fi - - - -cv=`echo "struct msghdr" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for struct msghdr" >&5 -echo $ECHO_N "checking for struct msghdr... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#if STDC_HEADERS -#include -#include -#endif - -#include -#include - -int -main () -{ -struct msghdr foo; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_type_$cv=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } -if test "$ac_foo" = yes; then - ac_tr_hdr=HAVE_`echo struct msghdr | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` -if false; then - { echo "$as_me:$LINENO: checking for struct msghdr" >&5 -echo $ECHO_N "checking for struct msghdr... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_msghdr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef struct msghdr ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_msghdr=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_msghdr=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_msghdr" >&5 -echo "${ECHO_T}$ac_cv_type_struct_msghdr" >&6; } -if test $ac_cv_type_struct_msghdr = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_MSGHDR 1 -_ACEOF - - -fi - -fi - -cat >>confdefs.h <<_ACEOF -#define $ac_tr_hdr 1 -_ACEOF - -fi - - - - -{ echo "$as_me:$LINENO: checking for struct winsize" >&5 -echo $ECHO_N "checking for struct winsize... $ECHO_C" >&6; } -if test "${ac_cv_struct_winsize+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -ac_cv_struct_winsize=no -for i in sys/termios.h sys/ioctl.h; do -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$i> - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "struct[ ]*winsize" >/dev/null 2>&1; then - ac_cv_struct_winsize=yes; break -fi -rm -f conftest* -done - -fi - -if test "$ac_cv_struct_winsize" = "yes"; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_WINSIZE 1 -_ACEOF - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_struct_winsize" >&5 -echo "${ECHO_T}$ac_cv_struct_winsize" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "ws_xpixel" >/dev/null 2>&1; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_WS_XPIXEL 1 -_ACEOF - -fi -rm -f conftest* - -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "ws_ypixel" >/dev/null 2>&1; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_WS_YPIXEL 1 -_ACEOF - -fi -rm -f conftest* - - - - - -{ echo "$as_me:$LINENO: checking for struct spwd" >&5 -echo $ECHO_N "checking for struct spwd... $ECHO_C" >&6; } -if test "${ac_cv_struct_spwd+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#ifdef HAVE_SHADOW_H -#include -#endif -int -main () -{ -struct spwd foo; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_struct_spwd=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_struct_spwd=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi - -{ echo "$as_me:$LINENO: result: $ac_cv_struct_spwd" >&5 -echo "${ECHO_T}$ac_cv_struct_spwd" >&6; } - -if test "$ac_cv_struct_spwd" = "yes"; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_SPWD 1 -_ACEOF - -fi - - -# -# Check if we want samba's socket wrapper -# - - - -# Check whether --enable-socket-wrapper was given. -if test "${enable_socket_wrapper+set}" = set; then - enableval=$enable_socket_wrapper; -fi - - - if test "x$enable_socket_wrapper" = xyes; then - have_socket_wrapper_TRUE= - have_socket_wrapper_FALSE='#' -else - have_socket_wrapper_TRUE='#' - have_socket_wrapper_FALSE= -fi - -if test "x$enable_socket_wrapper" = xyes ; then - -cat >>confdefs.h <<\_ACEOF -#define SOCKET_WRAPPER_REPLACE 1 -_ACEOF - -fi - - - - -LIB_roken="${LIB_roken} \$(LIB_crypt) \$(LIB_dbopen)" - - -LIBADD_roken="$LIB_roken" -LIB_roken="\$(top_builddir)/lib/vers/libvers.la $LIB_roken" - - -# Check whether --enable-otp was given. -if test "${enable_otp+set}" = set; then - enableval=$enable_otp; -fi - -if test "$enable_otp" = yes -a "$db_type" = unknown; then - { { echo "$as_me:$LINENO: error: OTP requires a NDBM/DB compatible library" >&5 -echo "$as_me: error: OTP requires a NDBM/DB compatible library" >&2;} - { (exit 1); exit 1; }; } -fi -if test "$enable_otp" != no; then - if test "$db_type" != unknown; then - enable_otp=yes - else - enable_otp=no - fi -fi -if test "$enable_otp" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define OTP 1 -_ACEOF - - LIB_otp='$(top_builddir)/lib/otp/libotp.la' - -fi -{ echo "$as_me:$LINENO: checking whether to enable OTP library" >&5 -echo $ECHO_N "checking whether to enable OTP library... $ECHO_C" >&6; } -{ echo "$as_me:$LINENO: result: $enable_otp" >&5 -echo "${ECHO_T}$enable_otp" >&6; } - if test "$enable_otp" = yes; then - OTP_TRUE= - OTP_FALSE='#' -else - OTP_TRUE='#' - OTP_FALSE= -fi - - - -# Check whether --enable-osfc2 was given. -if test "${enable_osfc2+set}" = set; then - enableval=$enable_osfc2; -fi - -LIB_security= -if test "$enable_osfc2" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_OSFC2 1 -_ACEOF - - LIB_security=-lsecurity -fi - - - -# Check whether --enable-mmap was given. -if test "${enable_mmap+set}" = set; then - enableval=$enable_mmap; -fi - -if test "$enable_mmap" = "no"; then - -cat >>confdefs.h <<\_ACEOF -#define NO_MMAP 1 -_ACEOF - -fi - -# Check whether --enable-afs-string-to-key was given. -if test "${enable_afs_string_to_key+set}" = set; then - enableval=$enable_afs_string_to_key; -else - enable_afs_string_to_key=yes -fi - - -if test "$enable_afs_string_to_key" = "yes"; then - -cat >>confdefs.h <<\_ACEOF -#define ENABLE_AFS_STRING_TO_KEY 1 -_ACEOF - -fi - - -# Extract the first word of "nroff", so it can be a program name with args. -set dummy nroff; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_path_NROFF+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - case $NROFF in - [\\/]* | ?:[\\/]*) - ac_cv_path_NROFF="$NROFF" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_path_NROFF="$as_dir/$ac_word$ac_exec_ext" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - - ;; -esac -fi -NROFF=$ac_cv_path_NROFF -if test -n "$NROFF"; then - { echo "$as_me:$LINENO: result: $NROFF" >&5 -echo "${ECHO_T}$NROFF" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - -# Extract the first word of "groff", so it can be a program name with args. -set dummy groff; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_path_GROFF+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - case $GROFF in - [\\/]* | ?:[\\/]*) - ac_cv_path_GROFF="$GROFF" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_path_GROFF="$as_dir/$ac_word$ac_exec_ext" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - - ;; -esac -fi -GROFF=$ac_cv_path_GROFF -if test -n "$GROFF"; then - { echo "$as_me:$LINENO: result: $GROFF" >&5 -echo "${ECHO_T}$GROFF" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - -{ echo "$as_me:$LINENO: checking how to format man pages" >&5 -echo $ECHO_N "checking how to format man pages... $ECHO_C" >&6; } -if test "${ac_cv_sys_man_format+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat > conftest.1 << END -.Dd January 1, 1970 -.Dt CONFTEST 1 -.Sh NAME -.Nm conftest -.Nd -foobar -END - -if test "$NROFF" ; then - for i in "-mdoc" "-mandoc"; do - if "$NROFF" $i conftest.1 2> /dev/null | \ - grep Jan > /dev/null 2>&1 ; then - ac_cv_sys_man_format="$NROFF $i" - break - fi - done -fi -if test "$ac_cv_sys_man_format" = "" -a "$GROFF" ; then - for i in "-mdoc" "-mandoc"; do - if "$GROFF" -Tascii $i conftest.1 2> /dev/null | \ - grep Jan > /dev/null 2>&1 ; then - ac_cv_sys_man_format="$GROFF -Tascii $i" - break - fi - done -fi -if test "$ac_cv_sys_man_format"; then - ac_cv_sys_man_format="$ac_cv_sys_man_format \$< > \$@" -fi - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_sys_man_format" >&5 -echo "${ECHO_T}$ac_cv_sys_man_format" >&6; } -if test "$ac_cv_sys_man_format"; then - CATMAN="$ac_cv_sys_man_format" - -fi - if test "$CATMAN"; then - CATMAN_TRUE= - CATMAN_FALSE='#' -else - CATMAN_TRUE='#' - CATMAN_FALSE= -fi - -{ echo "$as_me:$LINENO: checking extension of pre-formatted manual pages" >&5 -echo $ECHO_N "checking extension of pre-formatted manual pages... $ECHO_C" >&6; } -if test "${ac_cv_sys_catman_ext+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if grep _suffix /etc/man.conf > /dev/null 2>&1; then - ac_cv_sys_catman_ext=0 -else - ac_cv_sys_catman_ext=number -fi - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_sys_catman_ext" >&5 -echo "${ECHO_T}$ac_cv_sys_catman_ext" >&6; } -if test "$ac_cv_sys_catman_ext" = number; then - CATMANEXT='$$section' -else - CATMANEXT=0 -fi - - - - - -# Check whether --with-readline was given. -if test "${with_readline+set}" = set; then - withval=$with_readline; -fi - - -# Check whether --with-readline-lib was given. -if test "${with_readline_lib+set}" = set; then - withval=$with_readline_lib; if test "$withval" = "yes" -o "$withval" = "no"; then - { { echo "$as_me:$LINENO: error: No argument for --with-readline-lib" >&5 -echo "$as_me: error: No argument for --with-readline-lib" >&2;} - { (exit 1); exit 1; }; } -elif test "X$with_readline" = "X"; then - with_readline=yes -fi -fi - - -# Check whether --with-readline-include was given. -if test "${with_readline_include+set}" = set; then - withval=$with_readline_include; if test "$withval" = "yes" -o "$withval" = "no"; then - { { echo "$as_me:$LINENO: error: No argument for --with-readline-include" >&5 -echo "$as_me: error: No argument for --with-readline-include" >&2;} - { (exit 1); exit 1; }; } -elif test "X$with_readline" = "X"; then - with_readline=yes -fi -fi - - -# Check whether --with-readline-config was given. -if test "${with_readline_config+set}" = set; then - withval=$with_readline_config; -fi - - - - -{ echo "$as_me:$LINENO: checking for readline" >&5 -echo $ECHO_N "checking for readline... $ECHO_C" >&6; } - -case "$with_readline" in -yes|"") d='' ;; -no) d= ;; -*) d="$with_readline" ;; -esac - -header_dirs= -lib_dirs= -for i in $d; do - if test "$with_readline_include" = ""; then - if test -d "$i/include/readline"; then - header_dirs="$header_dirs $i/include/readline" - fi - if test -d "$i/include"; then - header_dirs="$header_dirs $i/include" - fi - fi - if test "$with_readline_lib" = ""; then - if test -d "$i/lib$abilibdirext"; then - lib_dirs="$lib_dirs $i/lib$abilibdirext" - fi - fi -done - -if test "$with_readline_include"; then - header_dirs="$with_readline_include $header_dirs" -fi -if test "$with_readline_lib"; then - lib_dirs="$with_readline_lib $lib_dirs" -fi - -if test "$with_readline_config" = ""; then - with_readline_config='' -fi - -readline_cflags= -readline_libs= - -case "$with_readline_config" in -yes|no|""|"") - if test -f $with_readline/bin/ ; then - with_readline_config=$with_readline/bin/ - fi - ;; -esac - -case "$with_readline_config" in -yes|no|"") - ;; -*) - readline_cflags="`$with_readline_config --cflags 2>&1`" - readline_libs="`$with_readline_config --libs 2>&1`" - ;; -esac - -found=no -if test "$with_readline" != no; then - save_CFLAGS="$CFLAGS" - save_LIBS="$LIBS" - if test "$readline_cflags" -a "$readline_libs"; then - CFLAGS="$readline_cflags $save_CFLAGS" - LIBS="$readline_libs $save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - #include -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - - INCLUDE_readline="$readline_cflags" - LIB_readline="$readline_libs" - { echo "$as_me:$LINENO: result: from $with_readline_config" >&5 -echo "${ECHO_T}from $with_readline_config" >&6; } - found=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - fi - if test "$found" = no; then - ires= lres= - for i in $header_dirs; do - CFLAGS="-I$i $save_CFLAGS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - #include -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ires=$i;break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - done - for i in $lib_dirs; do - LIBS="-L$i -lreadline $save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - #include -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - lres=$i;break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - if test "$ires" -a "$lres" -a "$with_readline" != "no"; then - INCLUDE_readline="-I$ires" - LIB_readline="-L$lres -lreadline " - found=yes - { echo "$as_me:$LINENO: result: headers $ires, libraries $lres" >&5 -echo "${ECHO_T}headers $ires, libraries $lres" >&6; } - fi - fi - CFLAGS="$save_CFLAGS" - LIBS="$save_LIBS" -fi - -if test "$found" = yes; then - -cat >>confdefs.h <<_ACEOF -#define READLINE 1 -_ACEOF - - with_readline=yes -else - with_readline=no - INCLUDE_readline= - LIB_readline= - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - - - - - -# Check whether --with-hesiod was given. -if test "${with_hesiod+set}" = set; then - withval=$with_hesiod; -fi - - -# Check whether --with-hesiod-lib was given. -if test "${with_hesiod_lib+set}" = set; then - withval=$with_hesiod_lib; if test "$withval" = "yes" -o "$withval" = "no"; then - { { echo "$as_me:$LINENO: error: No argument for --with-hesiod-lib" >&5 -echo "$as_me: error: No argument for --with-hesiod-lib" >&2;} - { (exit 1); exit 1; }; } -elif test "X$with_hesiod" = "X"; then - with_hesiod=yes -fi -fi - - -# Check whether --with-hesiod-include was given. -if test "${with_hesiod_include+set}" = set; then - withval=$with_hesiod_include; if test "$withval" = "yes" -o "$withval" = "no"; then - { { echo "$as_me:$LINENO: error: No argument for --with-hesiod-include" >&5 -echo "$as_me: error: No argument for --with-hesiod-include" >&2;} - { (exit 1); exit 1; }; } -elif test "X$with_hesiod" = "X"; then - with_hesiod=yes -fi -fi - - -# Check whether --with-hesiod-config was given. -if test "${with_hesiod_config+set}" = set; then - withval=$with_hesiod_config; -fi - - - - -{ echo "$as_me:$LINENO: checking for hesiod" >&5 -echo $ECHO_N "checking for hesiod... $ECHO_C" >&6; } - -case "$with_hesiod" in -yes|"") d='' ;; -no) d= ;; -*) d="$with_hesiod" ;; -esac - -header_dirs= -lib_dirs= -for i in $d; do - if test "$with_hesiod_include" = ""; then - if test -d "$i/include/hesiod"; then - header_dirs="$header_dirs $i/include/hesiod" - fi - if test -d "$i/include"; then - header_dirs="$header_dirs $i/include" - fi - fi - if test "$with_hesiod_lib" = ""; then - if test -d "$i/lib$abilibdirext"; then - lib_dirs="$lib_dirs $i/lib$abilibdirext" - fi - fi -done - -if test "$with_hesiod_include"; then - header_dirs="$with_hesiod_include $header_dirs" -fi -if test "$with_hesiod_lib"; then - lib_dirs="$with_hesiod_lib $lib_dirs" -fi - -if test "$with_hesiod_config" = ""; then - with_hesiod_config='' -fi - -hesiod_cflags= -hesiod_libs= - -case "$with_hesiod_config" in -yes|no|""|"") - if test -f $with_hesiod/bin/ ; then - with_hesiod_config=$with_hesiod/bin/ - fi - ;; -esac - -case "$with_hesiod_config" in -yes|no|"") - ;; -*) - hesiod_cflags="`$with_hesiod_config --cflags 2>&1`" - hesiod_libs="`$with_hesiod_config --libs 2>&1`" - ;; -esac - -found=no -if test "$with_hesiod" != no; then - save_CFLAGS="$CFLAGS" - save_LIBS="$LIBS" - if test "$hesiod_cflags" -a "$hesiod_libs"; then - CFLAGS="$hesiod_cflags $save_CFLAGS" - LIBS="$hesiod_libs $save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - - INCLUDE_hesiod="$hesiod_cflags" - LIB_hesiod="$hesiod_libs" - { echo "$as_me:$LINENO: result: from $with_hesiod_config" >&5 -echo "${ECHO_T}from $with_hesiod_config" >&6; } - found=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - fi - if test "$found" = no; then - ires= lres= - for i in $header_dirs; do - CFLAGS="-I$i $save_CFLAGS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ires=$i;break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - done - for i in $lib_dirs; do - LIBS="-L$i -lhesiod $save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - lres=$i;break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - if test "$ires" -a "$lres" -a "$with_hesiod" != "no"; then - INCLUDE_hesiod="-I$ires" - LIB_hesiod="-L$lres -lhesiod " - found=yes - { echo "$as_me:$LINENO: result: headers $ires, libraries $lres" >&5 -echo "${ECHO_T}headers $ires, libraries $lres" >&6; } - fi - fi - CFLAGS="$save_CFLAGS" - LIBS="$save_LIBS" -fi - -if test "$found" = yes; then - -cat >>confdefs.h <<_ACEOF -#define HESIOD 1 -_ACEOF - - with_hesiod=yes -else - with_hesiod=no - INCLUDE_hesiod= - LIB_hesiod= - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - - - - -# Check whether --enable-bigendian was given. -if test "${enable_bigendian+set}" = set; then - enableval=$enable_bigendian; krb_cv_c_bigendian=yes -fi - -# Check whether --enable-littleendian was given. -if test "${enable_littleendian+set}" = set; then - enableval=$enable_littleendian; krb_cv_c_bigendian=no -fi - -{ echo "$as_me:$LINENO: checking whether byte order is known at compile time" >&5 -echo $ECHO_N "checking whether byte order is known at compile time... $ECHO_C" >&6; } -if test "${krb_cv_c_bigendian_compile+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#include -#if !BYTE_ORDER || !BIG_ENDIAN || !LITTLE_ENDIAN - bogus endian macros -#endif -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - krb_cv_c_bigendian_compile=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - krb_cv_c_bigendian_compile=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $krb_cv_c_bigendian_compile" >&5 -echo "${ECHO_T}$krb_cv_c_bigendian_compile" >&6; } -{ echo "$as_me:$LINENO: checking whether byte ordering is bigendian" >&5 -echo $ECHO_N "checking whether byte ordering is bigendian... $ECHO_C" >&6; } -if test "${krb_cv_c_bigendian+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - - if test "$krb_cv_c_bigendian_compile" = "yes"; then - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#include -#if BYTE_ORDER != BIG_ENDIAN - not big endian -#endif -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - krb_cv_c_bigendian=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - krb_cv_c_bigendian=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - else - if test "$cross_compiling" = yes; then - { { echo "$as_me:$LINENO: error: specify either --enable-bigendian or --enable-littleendian" >&5 -echo "$as_me: error: specify either --enable-bigendian or --enable-littleendian" >&2;} - { (exit 1); exit 1; }; } -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -main (int argc, char **argv) { - /* Are we little or big endian? From Harbison&Steele. */ - union - { - long l; - char c[sizeof (long)]; - } u; - u.l = 1; - exit (u.c[sizeof (long) - 1] == 1); - } -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - krb_cv_c_bigendian=no -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -krb_cv_c_bigendian=yes -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi - - - fi - -fi -{ echo "$as_me:$LINENO: result: $krb_cv_c_bigendian" >&5 -echo "${ECHO_T}$krb_cv_c_bigendian" >&6; } -if test "$krb_cv_c_bigendian" = "yes"; then - -cat >>confdefs.h <<\_ACEOF -#define WORDS_BIGENDIAN 1 -_ACEOF -fi -if test "$krb_cv_c_bigendian_compile" = "yes"; then - -cat >>confdefs.h <<\_ACEOF -#define ENDIANESS_IN_SYS_PARAM_H 1 -_ACEOF -fi - - - -{ echo "$as_me:$LINENO: checking for inline" >&5 -echo $ECHO_N "checking for inline... $ECHO_C" >&6; } -if test "${ac_cv_c_inline+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_cv_c_inline=no -for ac_kw in inline __inline__ __inline; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifndef __cplusplus -typedef int foo_t; -static $ac_kw foo_t static_foo () {return 0; } -$ac_kw foo_t foo () {return 0; } -#endif - -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_c_inline=$ac_kw -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - test "$ac_cv_c_inline" != no && break -done - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_c_inline" >&5 -echo "${ECHO_T}$ac_cv_c_inline" >&6; } - - -case $ac_cv_c_inline in - inline | yes) ;; - *) - case $ac_cv_c_inline in - no) ac_val=;; - *) ac_val=$ac_cv_c_inline;; - esac - cat >>confdefs.h <<_ACEOF -#ifndef __cplusplus -#define inline $ac_val -#endif -_ACEOF - ;; -esac - - - - - - -{ echo "$as_me:$LINENO: checking for dlopen" >&5 -echo $ECHO_N "checking for dlopen... $ECHO_C" >&6; } -if test "${ac_cv_funclib_dlopen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_dlopen\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" dl; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_DLFCN_H -#include -#endif -int -main () -{ -dlopen(0,0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_dlopen=$ac_lib; else ac_cv_funclib_dlopen=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_dlopen=\${ac_cv_funclib_dlopen-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_dlopen" - -if false; then - -for ac_func in dlopen -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# dlopen -eval "ac_tr_func=HAVE_`echo dlopen | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_dlopen=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_dlopen=yes" - eval "LIB_dlopen=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_dlopen=no" - eval "LIB_dlopen=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_dlopen=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - - if test "$ac_cv_funclib_dlopen" != no; then - HAVE_DLOPEN_TRUE= - HAVE_DLOPEN_FALSE='#' -else - HAVE_DLOPEN_TRUE='#' - HAVE_DLOPEN_FALSE= -fi - - - - -aix=no -case "$host" in -*-*-aix3*) - aix=3 - ;; -*-*-aix4*|*-*-aix5*) - aix=4 - ;; -esac - - if test "$aix" != no; then - AIX_TRUE= - AIX_FALSE='#' -else - AIX_TRUE='#' - AIX_FALSE= -fi - if test "$aix" = 4; then - AIX4_TRUE= - AIX4_FALSE='#' -else - AIX4_TRUE='#' - AIX4_FALSE= -fi - - - -# Check whether --enable-dynamic-afs was given. -if test "${enable_dynamic_afs+set}" = set; then - enableval=$enable_dynamic_afs; -fi - - -if test "$aix" != no; then - if test "$enable_dynamic_afs" != no; then - - if test "$ac_cv_func_dlopen" = no; then - - - -{ echo "$as_me:$LINENO: checking for loadquery" >&5 -echo $ECHO_N "checking for loadquery... $ECHO_C" >&6; } -if test "${ac_cv_funclib_loadquery+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_loadquery\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" ld; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -loadquery() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_loadquery=$ac_lib; else ac_cv_funclib_loadquery=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_loadquery=\${ac_cv_funclib_loadquery-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_loadquery" - -if false; then - -for ac_func in loadquery -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# loadquery -eval "ac_tr_func=HAVE_`echo loadquery | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_loadquery=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_loadquery=yes" - eval "LIB_loadquery=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_loadquery=no" - eval "LIB_loadquery=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_loadquery=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - - fi - if test "$ac_cv_func_dlopen" != no; then - AIX_EXTRA_KAFS='$(LIB_dlopen)' - elif test "$ac_cv_func_loadquery" != no; then - AIX_EXTRA_KAFS='$(LIB_loadquery)' - else - { echo "$as_me:$LINENO: not using dynloaded AFS library" >&5 -echo "$as_me: not using dynloaded AFS library" >&6;} - AIX_EXTRA_KAFS= - enable_dynamic_afs=no - fi - else - AIX_EXTRA_KAFS= - fi -fi - - if test "$enable_dynamic_afs" != no; then - AIX_DYNAMIC_AFS_TRUE= - AIX_DYNAMIC_AFS_FALSE='#' -else - AIX_DYNAMIC_AFS_TRUE='#' - AIX_DYNAMIC_AFS_FALSE= -fi - - - - - - -irix=no -case "$host" in -*-*-irix4*) - -cat >>confdefs.h <<\_ACEOF -#define IRIX4 1 -_ACEOF - - irix=yes - ;; -*-*-irix*) - irix=yes - ;; -esac - if test "$irix" != no; then - IRIX_TRUE= - IRIX_FALSE='#' -else - IRIX_TRUE='#' - IRIX_FALSE= -fi - - - - - -sunos=no -case "$host" in -*-*-sunos4*) - sunos=40 - ;; -*-*-solaris2.7) - sunos=57 - ;; -*-*-solaris2.[89] | *-*-solaris2.10) - sunos=58 - ;; -*-*-solaris2*) - sunos=50 - ;; -esac -if test "$sunos" != no; then - -cat >>confdefs.h <<_ACEOF -#define SunOS $sunos -_ACEOF - -fi - - -{ echo "$as_me:$LINENO: checking for X" >&5 -echo $ECHO_N "checking for X... $ECHO_C" >&6; } - - -# Check whether --with-x was given. -if test "${with_x+set}" = set; then - withval=$with_x; -fi - -# $have_x is `yes', `no', `disabled', or empty when we do not yet know. -if test "x$with_x" = xno; then - # The user explicitly disabled X. - have_x=disabled -else - case $x_includes,$x_libraries in #( - *\'*) { { echo "$as_me:$LINENO: error: Cannot use X directory names containing '" >&5 -echo "$as_me: error: Cannot use X directory names containing '" >&2;} - { (exit 1); exit 1; }; };; #( - *,NONE | NONE,*) if test "${ac_cv_have_x+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - # One or both of the vars are not set, and there is no cached value. -ac_x_includes=no ac_x_libraries=no -rm -f -r conftest.dir -if mkdir conftest.dir; then - cd conftest.dir - cat >Imakefile <<'_ACEOF' -incroot: - @echo incroot='${INCROOT}' -usrlibdir: - @echo usrlibdir='${USRLIBDIR}' -libdir: - @echo libdir='${LIBDIR}' -_ACEOF - if (export CC; ${XMKMF-xmkmf}) >/dev/null 2>/dev/null && test -f Makefile; then - # GNU make sometimes prints "make[1]: Entering...", which would confuse us. - for ac_var in incroot usrlibdir libdir; do - eval "ac_im_$ac_var=\`\${MAKE-make} $ac_var 2>/dev/null | sed -n 's/^$ac_var=//p'\`" - done - # Open Windows xmkmf reportedly sets LIBDIR instead of USRLIBDIR. - for ac_extension in a so sl; do - if test ! -f "$ac_im_usrlibdir/libX11.$ac_extension" && - test -f "$ac_im_libdir/libX11.$ac_extension"; then - ac_im_usrlibdir=$ac_im_libdir; break - fi - done - # Screen out bogus values from the imake configuration. They are - # bogus both because they are the default anyway, and because - # using them would break gcc on systems where it needs fixed includes. - case $ac_im_incroot in - /usr/include) ac_x_includes= ;; - *) test -f "$ac_im_incroot/X11/Xos.h" && ac_x_includes=$ac_im_incroot;; - esac - case $ac_im_usrlibdir in - /usr/lib | /lib) ;; - *) test -d "$ac_im_usrlibdir" && ac_x_libraries=$ac_im_usrlibdir ;; - esac - fi - cd .. - rm -f -r conftest.dir -fi - -# Standard set of common directories for X headers. -# Check X11 before X11Rn because it is often a symlink to the current release. -ac_x_header_dirs=' -/usr/X11/include -/usr/X11R6/include -/usr/X11R5/include -/usr/X11R4/include - -/usr/include/X11 -/usr/include/X11R6 -/usr/include/X11R5 -/usr/include/X11R4 - -/usr/local/X11/include -/usr/local/X11R6/include -/usr/local/X11R5/include -/usr/local/X11R4/include - -/usr/local/include/X11 -/usr/local/include/X11R6 -/usr/local/include/X11R5 -/usr/local/include/X11R4 - -/usr/X386/include -/usr/x386/include -/usr/XFree86/include/X11 - -/usr/include -/usr/local/include -/usr/unsupported/include -/usr/athena/include -/usr/local/x11r5/include -/usr/lpp/Xamples/include - -/usr/openwin/include -/usr/openwin/share/include' - -if test "$ac_x_includes" = no; then - # Guess where to find include files, by looking for Xlib.h. - # First, try using that file with no special directory specified. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - # We can compile using X headers with no special include directory. -ac_x_includes= -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - for ac_dir in $ac_x_header_dirs; do - if test -r "$ac_dir/X11/Xlib.h"; then - ac_x_includes=$ac_dir - break - fi -done -fi - -rm -f conftest.err conftest.$ac_ext -fi # $ac_x_includes = no - -if test "$ac_x_libraries" = no; then - # Check for the libraries. - # See if we find them without any special options. - # Don't add to $LIBS permanently. - ac_save_LIBS=$LIBS - LIBS="-lX11 $LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -int -main () -{ -XrmInitialize () - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - LIBS=$ac_save_LIBS -# We can link X programs with no special library path. -ac_x_libraries= -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - LIBS=$ac_save_LIBS -for ac_dir in `echo "$ac_x_includes $ac_x_header_dirs" | sed s/include/lib/g` -do - # Don't even attempt the hair of trying to link an X program! - for ac_extension in a so sl; do - if test -r "$ac_dir/libX11.$ac_extension"; then - ac_x_libraries=$ac_dir - break 2 - fi - done -done -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi # $ac_x_libraries = no - -case $ac_x_includes,$ac_x_libraries in #( - no,* | *,no | *\'*) - # Didn't find X, or a directory has "'" in its name. - ac_cv_have_x="have_x=no";; #( - *) - # Record where we found X for the cache. - ac_cv_have_x="have_x=yes\ - ac_x_includes='$ac_x_includes'\ - ac_x_libraries='$ac_x_libraries'" -esac -fi -;; #( - *) have_x=yes;; - esac - eval "$ac_cv_have_x" -fi # $with_x != no - -if test "$have_x" != yes; then - { echo "$as_me:$LINENO: result: $have_x" >&5 -echo "${ECHO_T}$have_x" >&6; } - no_x=yes -else - # If each of the values was on the command line, it overrides each guess. - test "x$x_includes" = xNONE && x_includes=$ac_x_includes - test "x$x_libraries" = xNONE && x_libraries=$ac_x_libraries - # Update the cache value to reflect the command line values. - ac_cv_have_x="have_x=yes\ - ac_x_includes='$x_includes'\ - ac_x_libraries='$x_libraries'" - { echo "$as_me:$LINENO: result: libraries $x_libraries, headers $x_includes" >&5 -echo "${ECHO_T}libraries $x_libraries, headers $x_includes" >&6; } -fi - - -if test "$no_x" = yes; then - # Not all programs may use this symbol, but it does not hurt to define it. - -cat >>confdefs.h <<\_ACEOF -#define X_DISPLAY_MISSING 1 -_ACEOF - - X_CFLAGS= X_PRE_LIBS= X_LIBS= X_EXTRA_LIBS= -else - if test -n "$x_includes"; then - X_CFLAGS="$X_CFLAGS -I$x_includes" - fi - - # It would also be nice to do this for all -L options, not just this one. - if test -n "$x_libraries"; then - X_LIBS="$X_LIBS -L$x_libraries" - # For Solaris; some versions of Sun CC require a space after -R and - # others require no space. Words are not sufficient . . . . - { echo "$as_me:$LINENO: checking whether -R must be followed by a space" >&5 -echo $ECHO_N "checking whether -R must be followed by a space... $ECHO_C" >&6; } - ac_xsave_LIBS=$LIBS; LIBS="$LIBS -R$x_libraries" - ac_xsave_c_werror_flag=$ac_c_werror_flag - ac_c_werror_flag=yes - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - X_LIBS="$X_LIBS -R$x_libraries" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - LIBS="$ac_xsave_LIBS -R $x_libraries" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - X_LIBS="$X_LIBS -R $x_libraries" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - { echo "$as_me:$LINENO: result: neither works" >&5 -echo "${ECHO_T}neither works" >&6; } -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - ac_c_werror_flag=$ac_xsave_c_werror_flag - LIBS=$ac_xsave_LIBS - fi - - # Check for system-dependent libraries X programs must link with. - # Do this before checking for the system-independent R6 libraries - # (-lICE), since we may need -lsocket or whatever for X linking. - - if test "$ISC" = yes; then - X_EXTRA_LIBS="$X_EXTRA_LIBS -lnsl_s -linet" - else - # Martyn Johnson says this is needed for Ultrix, if the X - # libraries were built with DECnet support. And Karl Berry says - # the Alpha needs dnet_stub (dnet does not exist). - ac_xsave_LIBS="$LIBS"; LIBS="$LIBS $X_LIBS -lX11" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char XOpenDisplay (); -int -main () -{ -return XOpenDisplay (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - { echo "$as_me:$LINENO: checking for dnet_ntoa in -ldnet" >&5 -echo $ECHO_N "checking for dnet_ntoa in -ldnet... $ECHO_C" >&6; } -if test "${ac_cv_lib_dnet_dnet_ntoa+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-ldnet $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dnet_ntoa (); -int -main () -{ -return dnet_ntoa (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_dnet_dnet_ntoa=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_dnet_dnet_ntoa=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_dnet_dnet_ntoa" >&5 -echo "${ECHO_T}$ac_cv_lib_dnet_dnet_ntoa" >&6; } -if test $ac_cv_lib_dnet_dnet_ntoa = yes; then - X_EXTRA_LIBS="$X_EXTRA_LIBS -ldnet" -fi - - if test $ac_cv_lib_dnet_dnet_ntoa = no; then - { echo "$as_me:$LINENO: checking for dnet_ntoa in -ldnet_stub" >&5 -echo $ECHO_N "checking for dnet_ntoa in -ldnet_stub... $ECHO_C" >&6; } -if test "${ac_cv_lib_dnet_stub_dnet_ntoa+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-ldnet_stub $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dnet_ntoa (); -int -main () -{ -return dnet_ntoa (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_dnet_stub_dnet_ntoa=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_dnet_stub_dnet_ntoa=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_dnet_stub_dnet_ntoa" >&5 -echo "${ECHO_T}$ac_cv_lib_dnet_stub_dnet_ntoa" >&6; } -if test $ac_cv_lib_dnet_stub_dnet_ntoa = yes; then - X_EXTRA_LIBS="$X_EXTRA_LIBS -ldnet_stub" -fi - - fi -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - LIBS="$ac_xsave_LIBS" - - # msh@cis.ufl.edu says -lnsl (and -lsocket) are needed for his 386/AT, - # to get the SysV transport functions. - # Chad R. Larson says the Pyramis MIS-ES running DC/OSx (SVR4) - # needs -lnsl. - # The nsl library prevents programs from opening the X display - # on Irix 5.2, according to T.E. Dickey. - # The functions gethostbyname, getservbyname, and inet_addr are - # in -lbsd on LynxOS 3.0.1/i386, according to Lars Hecking. - { echo "$as_me:$LINENO: checking for gethostbyname" >&5 -echo $ECHO_N "checking for gethostbyname... $ECHO_C" >&6; } -if test "${ac_cv_func_gethostbyname+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define gethostbyname to an innocuous variant, in case declares gethostbyname. - For example, HP-UX 11i declares gettimeofday. */ -#define gethostbyname innocuous_gethostbyname - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char gethostbyname (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef gethostbyname - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char gethostbyname (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_gethostbyname || defined __stub___gethostbyname -choke me -#endif - -int -main () -{ -return gethostbyname (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_gethostbyname=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_gethostbyname=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_gethostbyname" >&5 -echo "${ECHO_T}$ac_cv_func_gethostbyname" >&6; } - - if test $ac_cv_func_gethostbyname = no; then - { echo "$as_me:$LINENO: checking for gethostbyname in -lnsl" >&5 -echo $ECHO_N "checking for gethostbyname in -lnsl... $ECHO_C" >&6; } -if test "${ac_cv_lib_nsl_gethostbyname+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lnsl $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char gethostbyname (); -int -main () -{ -return gethostbyname (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_nsl_gethostbyname=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_nsl_gethostbyname=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_nsl_gethostbyname" >&5 -echo "${ECHO_T}$ac_cv_lib_nsl_gethostbyname" >&6; } -if test $ac_cv_lib_nsl_gethostbyname = yes; then - X_EXTRA_LIBS="$X_EXTRA_LIBS -lnsl" -fi - - if test $ac_cv_lib_nsl_gethostbyname = no; then - { echo "$as_me:$LINENO: checking for gethostbyname in -lbsd" >&5 -echo $ECHO_N "checking for gethostbyname in -lbsd... $ECHO_C" >&6; } -if test "${ac_cv_lib_bsd_gethostbyname+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lbsd $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char gethostbyname (); -int -main () -{ -return gethostbyname (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_bsd_gethostbyname=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_bsd_gethostbyname=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_bsd_gethostbyname" >&5 -echo "${ECHO_T}$ac_cv_lib_bsd_gethostbyname" >&6; } -if test $ac_cv_lib_bsd_gethostbyname = yes; then - X_EXTRA_LIBS="$X_EXTRA_LIBS -lbsd" -fi - - fi - fi - - # lieder@skyler.mavd.honeywell.com says without -lsocket, - # socket/setsockopt and other routines are undefined under SCO ODT - # 2.0. But -lsocket is broken on IRIX 5.2 (and is not necessary - # on later versions), says Simon Leinen: it contains gethostby* - # variants that don't use the name server (or something). -lsocket - # must be given before -lnsl if both are needed. We assume that - # if connect needs -lnsl, so does gethostbyname. - { echo "$as_me:$LINENO: checking for connect" >&5 -echo $ECHO_N "checking for connect... $ECHO_C" >&6; } -if test "${ac_cv_func_connect+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define connect to an innocuous variant, in case declares connect. - For example, HP-UX 11i declares gettimeofday. */ -#define connect innocuous_connect - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char connect (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef connect - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char connect (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_connect || defined __stub___connect -choke me -#endif - -int -main () -{ -return connect (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_connect=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_connect=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_connect" >&5 -echo "${ECHO_T}$ac_cv_func_connect" >&6; } - - if test $ac_cv_func_connect = no; then - { echo "$as_me:$LINENO: checking for connect in -lsocket" >&5 -echo $ECHO_N "checking for connect in -lsocket... $ECHO_C" >&6; } -if test "${ac_cv_lib_socket_connect+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lsocket $X_EXTRA_LIBS $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char connect (); -int -main () -{ -return connect (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_socket_connect=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_socket_connect=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_socket_connect" >&5 -echo "${ECHO_T}$ac_cv_lib_socket_connect" >&6; } -if test $ac_cv_lib_socket_connect = yes; then - X_EXTRA_LIBS="-lsocket $X_EXTRA_LIBS" -fi - - fi - - # Guillermo Gomez says -lposix is necessary on A/UX. - { echo "$as_me:$LINENO: checking for remove" >&5 -echo $ECHO_N "checking for remove... $ECHO_C" >&6; } -if test "${ac_cv_func_remove+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define remove to an innocuous variant, in case declares remove. - For example, HP-UX 11i declares gettimeofday. */ -#define remove innocuous_remove - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char remove (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef remove - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char remove (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_remove || defined __stub___remove -choke me -#endif - -int -main () -{ -return remove (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_remove=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_remove=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_remove" >&5 -echo "${ECHO_T}$ac_cv_func_remove" >&6; } - - if test $ac_cv_func_remove = no; then - { echo "$as_me:$LINENO: checking for remove in -lposix" >&5 -echo $ECHO_N "checking for remove in -lposix... $ECHO_C" >&6; } -if test "${ac_cv_lib_posix_remove+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lposix $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char remove (); -int -main () -{ -return remove (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_posix_remove=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_posix_remove=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_posix_remove" >&5 -echo "${ECHO_T}$ac_cv_lib_posix_remove" >&6; } -if test $ac_cv_lib_posix_remove = yes; then - X_EXTRA_LIBS="$X_EXTRA_LIBS -lposix" -fi - - fi - - # BSDI BSD/OS 2.1 needs -lipc for XOpenDisplay. - { echo "$as_me:$LINENO: checking for shmat" >&5 -echo $ECHO_N "checking for shmat... $ECHO_C" >&6; } -if test "${ac_cv_func_shmat+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define shmat to an innocuous variant, in case declares shmat. - For example, HP-UX 11i declares gettimeofday. */ -#define shmat innocuous_shmat - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char shmat (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef shmat - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char shmat (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_shmat || defined __stub___shmat -choke me -#endif - -int -main () -{ -return shmat (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_shmat=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_shmat=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_shmat" >&5 -echo "${ECHO_T}$ac_cv_func_shmat" >&6; } - - if test $ac_cv_func_shmat = no; then - { echo "$as_me:$LINENO: checking for shmat in -lipc" >&5 -echo $ECHO_N "checking for shmat in -lipc... $ECHO_C" >&6; } -if test "${ac_cv_lib_ipc_shmat+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lipc $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char shmat (); -int -main () -{ -return shmat (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_ipc_shmat=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_ipc_shmat=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_ipc_shmat" >&5 -echo "${ECHO_T}$ac_cv_lib_ipc_shmat" >&6; } -if test $ac_cv_lib_ipc_shmat = yes; then - X_EXTRA_LIBS="$X_EXTRA_LIBS -lipc" -fi - - fi - fi - - # Check for libraries that X11R6 Xt/Xaw programs need. - ac_save_LDFLAGS=$LDFLAGS - test -n "$x_libraries" && LDFLAGS="$LDFLAGS -L$x_libraries" - # SM needs ICE to (dynamically) link under SunOS 4.x (so we have to - # check for ICE first), but we must link in the order -lSM -lICE or - # we get undefined symbols. So assume we have SM if we have ICE. - # These have to be linked with before -lX11, unlike the other - # libraries we check for below, so use a different variable. - # John Interrante, Karl Berry - { echo "$as_me:$LINENO: checking for IceConnectionNumber in -lICE" >&5 -echo $ECHO_N "checking for IceConnectionNumber in -lICE... $ECHO_C" >&6; } -if test "${ac_cv_lib_ICE_IceConnectionNumber+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lICE $X_EXTRA_LIBS $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char IceConnectionNumber (); -int -main () -{ -return IceConnectionNumber (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_ICE_IceConnectionNumber=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_ICE_IceConnectionNumber=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_ICE_IceConnectionNumber" >&5 -echo "${ECHO_T}$ac_cv_lib_ICE_IceConnectionNumber" >&6; } -if test $ac_cv_lib_ICE_IceConnectionNumber = yes; then - X_PRE_LIBS="$X_PRE_LIBS -lSM -lICE" -fi - - LDFLAGS=$ac_save_LDFLAGS - -fi - - -# try to figure out if we need any additional ld flags, like -R -# and yes, the autoconf X test is utterly broken -if test "$no_x" != yes; then - { echo "$as_me:$LINENO: checking for special X linker flags" >&5 -echo $ECHO_N "checking for special X linker flags... $ECHO_C" >&6; } -if test "${krb_cv_sys_x_libs_rpath+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - - ac_save_libs="$LIBS" - ac_save_cflags="$CFLAGS" - CFLAGS="$CFLAGS $X_CFLAGS" - krb_cv_sys_x_libs_rpath="" - krb_cv_sys_x_libs="" - for rflag in "" "-R" "-R " "-rpath "; do - if test "$rflag" = ""; then - foo="$X_LIBS" - else - foo="" - for flag in $X_LIBS; do - case $flag in - -L*) - foo="$foo $flag `echo $flag | sed \"s/-L/$rflag/\"`" - ;; - *) - foo="$foo $flag" - ;; - esac - done - fi - LIBS="$ac_save_libs $foo $X_PRE_LIBS -lX11 $X_EXTRA_LIBS" - if test "$cross_compiling" = yes; then - krb_cv_sys_x_libs_rpath="" ; krb_cv_sys_x_libs="" ; break -else - cat >conftest.$ac_ext <<_ACEOF - - #include - foo(void) - { - XOpenDisplay(NULL); - } - main(int argc, char **argv) - { - return 0; - } - -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - krb_cv_sys_x_libs_rpath="$rflag"; krb_cv_sys_x_libs="$foo"; break -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -: -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi - - - done - LIBS="$ac_save_libs" - CFLAGS="$ac_save_cflags" - -fi -{ echo "$as_me:$LINENO: result: $krb_cv_sys_x_libs_rpath" >&5 -echo "${ECHO_T}$krb_cv_sys_x_libs_rpath" >&6; } - X_LIBS="$krb_cv_sys_x_libs" -fi - - - if test "$no_x" != yes; then - HAVE_X_TRUE= - HAVE_X_FALSE='#' -else - HAVE_X_TRUE='#' - HAVE_X_FALSE= -fi - - - -save_CFLAGS="$CFLAGS" -CFLAGS="$X_CFLAGS $CFLAGS" -save_LIBS="$LIBS" -LIBS="$X_PRE_LIBS $X_EXTRA_LIBS $LIBS" -save_LDFLAGS="$LDFLAGS" -LDFLAGS="$LDFLAGS $X_LIBS" - -## check for XauWriteAuth first, so we detect the case where -## XauReadAuth is in -lX11, but XauWriteAuth is only in -lXau this -## could be done by checking for XauReadAuth in -lXau first, but this -## breaks in IRIX 6.5 - - - - -{ echo "$as_me:$LINENO: checking for XauWriteAuth" >&5 -echo $ECHO_N "checking for XauWriteAuth... $ECHO_C" >&6; } -if test "${ac_cv_funclib_XauWriteAuth+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_XauWriteAuth\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" X11 Xau; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -int -main () -{ -XauWriteAuth(0,0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_XauWriteAuth=$ac_lib; else ac_cv_funclib_XauWriteAuth=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_XauWriteAuth=\${ac_cv_funclib_XauWriteAuth-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_XauWriteAuth" - -if false; then - -for ac_func in XauWriteAuth -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# XauWriteAuth -eval "ac_tr_func=HAVE_`echo XauWriteAuth | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_XauWriteAuth=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_XauWriteAuth=yes" - eval "LIB_XauWriteAuth=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_XauWriteAuth=no" - eval "LIB_XauWriteAuth=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_XauWriteAuth=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - -ac_xxx="$LIBS" -LIBS="$LIB_XauWriteAuth $LIBS" - - - -{ echo "$as_me:$LINENO: checking for XauReadAuth" >&5 -echo $ECHO_N "checking for XauReadAuth... $ECHO_C" >&6; } -if test "${ac_cv_funclib_XauReadAuth+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_XauReadAuth\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" X11 Xau; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -int -main () -{ -XauReadAuth(0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_XauReadAuth=$ac_lib; else ac_cv_funclib_XauReadAuth=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_XauReadAuth=\${ac_cv_funclib_XauReadAuth-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_XauReadAuth" - -if false; then - -for ac_func in XauReadAuth -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# XauReadAuth -eval "ac_tr_func=HAVE_`echo XauReadAuth | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_XauReadAuth=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_XauReadAuth=yes" - eval "LIB_XauReadAuth=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_XauReadAuth=no" - eval "LIB_XauReadAuth=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_XauReadAuth=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - -LIBS="$LIB_XauReadAauth $LIBS" - - - -{ echo "$as_me:$LINENO: checking for XauFileName" >&5 -echo $ECHO_N "checking for XauFileName... $ECHO_C" >&6; } -if test "${ac_cv_funclib_XauFileName+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_XauFileName\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" X11 Xau; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -int -main () -{ -XauFileName() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_XauFileName=$ac_lib; else ac_cv_funclib_XauFileName=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_XauFileName=\${ac_cv_funclib_XauFileName-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_XauFileName" - -if false; then - -for ac_func in XauFileName -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# XauFileName -eval "ac_tr_func=HAVE_`echo XauFileName | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_XauFileName=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_XauFileName=yes" - eval "LIB_XauFileName=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_XauFileName=no" - eval "LIB_XauFileName=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_XauFileName=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - -LIBS="$ac_xxx" - -## set LIB_XauReadAuth to union of these tests, since this is what the -## Makefiles are using -case "$ac_cv_funclib_XauWriteAuth" in -yes) ;; -no) ;; -*) if test "$ac_cv_funclib_XauReadAuth" = yes; then - if test "$ac_cv_funclib_XauFileName" = yes; then - LIB_XauReadAuth="$LIB_XauWriteAuth" - else - LIB_XauReadAuth="$LIB_XauWriteAuth $LIB_XauFileName" - fi - else - if test "$ac_cv_funclib_XauFileName" = yes; then - LIB_XauReadAuth="$LIB_XauReadAuth $LIB_XauWriteAuth" - else - LIB_XauReadAuth="$LIB_XauReadAuth $LIB_XauWriteAuth $LIB_XauFileName" - fi - fi - ;; -esac - -if test "$AUTOMAKE" != ""; then - if test "$ac_cv_func_XauWriteAuth" != "yes"; then - NEED_WRITEAUTH_TRUE= - NEED_WRITEAUTH_FALSE='#' -else - NEED_WRITEAUTH_TRUE='#' - NEED_WRITEAUTH_FALSE= -fi - -else - - - if test "$ac_cv_func_XauWriteAuth" != "yes"; then - NEED_WRITEAUTH_TRUE= - NEED_WRITEAUTH_FALSE='#' - else - NEED_WRITEAUTH_TRUE='#' - NEED_WRITEAUTH_FALSE= - fi -fi -CFLAGS=$save_CFLAGS -LIBS=$save_LIBS -LDFLAGS=$save_LDFLAGS - - - -{ echo "$as_me:$LINENO: checking for an ANSI C-conforming const" >&5 -echo $ECHO_N "checking for an ANSI C-conforming const... $ECHO_C" >&6; } -if test "${ac_cv_c_const+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -/* FIXME: Include the comments suggested by Paul. */ -#ifndef __cplusplus - /* Ultrix mips cc rejects this. */ - typedef int charset[2]; - const charset cs; - /* SunOS 4.1.1 cc rejects this. */ - char const *const *pcpcc; - char **ppc; - /* NEC SVR4.0.2 mips cc rejects this. */ - struct point {int x, y;}; - static struct point const zero = {0,0}; - /* AIX XL C 1.02.0.0 rejects this. - It does not let you subtract one const X* pointer from another in - an arm of an if-expression whose if-part is not a constant - expression */ - const char *g = "string"; - pcpcc = &g + (g ? g-g : 0); - /* HPUX 7.0 cc rejects these. */ - ++pcpcc; - ppc = (char**) pcpcc; - pcpcc = (char const *const *) ppc; - { /* SCO 3.2v4 cc rejects this. */ - char *t; - char const *s = 0 ? (char *) 0 : (char const *) 0; - - *t++ = 0; - if (s) return 0; - } - { /* Someone thinks the Sun supposedly-ANSI compiler will reject this. */ - int x[] = {25, 17}; - const int *foo = &x[0]; - ++foo; - } - { /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */ - typedef const int *iptr; - iptr p = 0; - ++p; - } - { /* AIX XL C 1.02.0.0 rejects this saying - "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */ - struct s { int j; const int *ap[3]; }; - struct s *b; b->j = 5; - } - { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ - const int foo = 10; - if (!foo) return 0; - } - return !cs[0] && !zero.x; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_c_const=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_c_const=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_c_const" >&5 -echo "${ECHO_T}$ac_cv_c_const" >&6; } -if test $ac_cv_c_const = no; then - -cat >>confdefs.h <<\_ACEOF -#define const -_ACEOF - -fi - -{ echo "$as_me:$LINENO: checking for off_t" >&5 -echo $ECHO_N "checking for off_t... $ECHO_C" >&6; } -if test "${ac_cv_type_off_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef off_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_off_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_off_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_off_t" >&5 -echo "${ECHO_T}$ac_cv_type_off_t" >&6; } -if test $ac_cv_type_off_t = yes; then - : -else - -cat >>confdefs.h <<_ACEOF -#define off_t long int -_ACEOF - -fi - -{ echo "$as_me:$LINENO: checking for mode_t" >&5 -echo $ECHO_N "checking for mode_t... $ECHO_C" >&6; } -if test "${ac_cv_type_mode_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#if STDC_HEADERS -#include -#include -#endif - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "mode_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then - ac_cv_type_mode_t=yes -else - ac_cv_type_mode_t=no -fi -rm -f conftest* - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_mode_t" >&5 -echo "${ECHO_T}$ac_cv_type_mode_t" >&6; } -if test $ac_cv_type_mode_t = no; then - -cat >>confdefs.h <<\_ACEOF -#define mode_t unsigned short -_ACEOF - -fi - -{ echo "$as_me:$LINENO: checking for sig_atomic_t" >&5 -echo $ECHO_N "checking for sig_atomic_t... $ECHO_C" >&6; } -if test "${ac_cv_type_sig_atomic_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#if STDC_HEADERS -#include -#include -#endif -#include -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "sig_atomic_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then - ac_cv_type_sig_atomic_t=yes -else - ac_cv_type_sig_atomic_t=no -fi -rm -f conftest* - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_sig_atomic_t" >&5 -echo "${ECHO_T}$ac_cv_type_sig_atomic_t" >&6; } -if test $ac_cv_type_sig_atomic_t = no; then - -cat >>confdefs.h <<\_ACEOF -#define sig_atomic_t int -_ACEOF - -fi - - - -cv=`echo "long long" | sed 'y%./+- %__p__%'` -{ echo "$as_me:$LINENO: checking for long long" >&5 -echo $ECHO_N "checking for long long... $ECHO_C" >&6; } -if { as_var=ac_cv_type_$cv; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#include -#if STDC_HEADERS -#include -#include -#endif - -int -main () -{ -long long foo; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_type_$cv=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_type_$cv=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_foo=`eval echo \\$ac_cv_type_$cv` -{ echo "$as_me:$LINENO: result: $ac_foo" >&5 -echo "${ECHO_T}$ac_foo" >&6; } -if test "$ac_foo" = yes; then - ac_tr_hdr=HAVE_`echo long long | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` -if false; then - { echo "$as_me:$LINENO: checking for long long" >&5 -echo $ECHO_N "checking for long long... $ECHO_C" >&6; } -if test "${ac_cv_type_long_long+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef long long ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_long_long=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_long_long=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_long_long" >&5 -echo "${ECHO_T}$ac_cv_type_long_long" >&6; } -if test $ac_cv_type_long_long = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_LONG_LONG 1 -_ACEOF - - -fi - -fi - -cat >>confdefs.h <<_ACEOF -#define $ac_tr_hdr 1 -_ACEOF - -fi - -{ echo "$as_me:$LINENO: checking whether time.h and sys/time.h may both be included" >&5 -echo $ECHO_N "checking whether time.h and sys/time.h may both be included... $ECHO_C" >&6; } -if test "${ac_cv_header_time+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -#include - -int -main () -{ -if ((struct tm *) 0) -return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_header_time=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_header_time=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_header_time" >&5 -echo "${ECHO_T}$ac_cv_header_time" >&6; } -if test $ac_cv_header_time = yes; then - -cat >>confdefs.h <<\_ACEOF -#define TIME_WITH_SYS_TIME 1 -_ACEOF - -fi - -{ echo "$as_me:$LINENO: checking whether struct tm is in sys/time.h or time.h" >&5 -echo $ECHO_N "checking whether struct tm is in sys/time.h or time.h... $ECHO_C" >&6; } -if test "${ac_cv_struct_tm+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include - -int -main () -{ -struct tm tm; - int *p = &tm.tm_sec; - return !p; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_struct_tm=time.h -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_struct_tm=sys/time.h -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_struct_tm" >&5 -echo "${ECHO_T}$ac_cv_struct_tm" >&6; } -if test $ac_cv_struct_tm = sys/time.h; then - -cat >>confdefs.h <<\_ACEOF -#define TM_IN_SYS_TIME 1 -_ACEOF - -fi - - -{ echo "$as_me:$LINENO: checking for ANSI C header files" >&5 -echo $ECHO_N "checking for ANSI C header files... $ECHO_C" >&6; } -if test "${ac_cv_header_stdc+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -#include -#include - -int -main () -{ - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_header_stdc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_header_stdc=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -if test $ac_cv_header_stdc = yes; then - # SunOS 4.x string.h does not declare mem*, contrary to ANSI. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "memchr" >/dev/null 2>&1; then - : -else - ac_cv_header_stdc=no -fi -rm -f conftest* - -fi - -if test $ac_cv_header_stdc = yes; then - # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "free" >/dev/null 2>&1; then - : -else - ac_cv_header_stdc=no -fi -rm -f conftest* - -fi - -if test $ac_cv_header_stdc = yes; then - # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. - if test "$cross_compiling" = yes; then - : -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -#if ((' ' & 0x0FF) == 0x020) -# define ISLOWER(c) ('a' <= (c) && (c) <= 'z') -# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) -#else -# define ISLOWER(c) \ - (('a' <= (c) && (c) <= 'i') \ - || ('j' <= (c) && (c) <= 'r') \ - || ('s' <= (c) && (c) <= 'z')) -# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) -#endif - -#define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) -int -main () -{ - int i; - for (i = 0; i < 256; i++) - if (XOR (islower (i), ISLOWER (i)) - || toupper (i) != TOUPPER (i)) - return 2; - return 0; -} -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - : -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_header_stdc=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi - - -fi -fi -{ echo "$as_me:$LINENO: result: $ac_cv_header_stdc" >&5 -echo "${ECHO_T}$ac_cv_header_stdc" >&6; } -if test $ac_cv_header_stdc = yes; then - -cat >>confdefs.h <<\_ACEOF -#define STDC_HEADERS 1 -_ACEOF - -fi - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -for ac_header in \ - arpa/ftp.h \ - arpa/telnet.h \ - bind/bitypes.h \ - bsdsetjmp.h \ - curses.h \ - dlfcn.h \ - fnmatch.h \ - inttypes.h \ - io.h \ - libutil.h \ - limits.h \ - maillock.h \ - netgroup.h \ - netinet/in6_machtypes.h \ - netinfo/ni.h \ - pthread.h \ - pty.h \ - sac.h \ - sgtty.h \ - siad.h \ - signal.h \ - strings.h \ - stropts.h \ - sys/bitypes.h \ - sys/category.h \ - sys/file.h \ - sys/filio.h \ - sys/ioccom.h \ - sys/mman.h \ - sys/param.h \ - sys/pty.h \ - sys/ptyio.h \ - sys/select.h \ - sys/socket.h \ - sys/str_tty.h \ - sys/stream.h \ - sys/stropts.h \ - sys/syscall.h \ - sys/termio.h \ - sys/timeb.h \ - sys/times.h \ - sys/types.h \ - sys/un.h \ - termcap.h \ - termio.h \ - termios.h \ - time.h \ - tmpdir.h \ - udb.h \ - util.h \ - utmp.h \ - utmpx.h \ - -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - -for ac_header in term.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f conftest.err conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - -for ac_header in net/if.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#if HAVE_SYS_SOCKET_H -#include -#endif - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - -for ac_header in sys/ptyvar.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#if HAVE_SYS_TTY_H -#include -#endif - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - -for ac_header in sys/strtty.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#if HAVE_TERMIOS_H -#include -#endif -#if HAVE_SYS_STREAM_H -#include -#endif - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - -for ac_header in sys/ucred.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#if HAVE_SYS_TYPES_H -#include -#endif -#if HAVE_SYS_PARAM_H -#include -#endif - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - -for ac_header in security/pam_modules.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include - - -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_Header=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - -# Check whether --enable-netinfo was given. -if test "${enable_netinfo+set}" = set; then - enableval=$enable_netinfo; -fi - - -if test "$ac_cv_header_netinfo_ni_h" = yes -a "$enable_netinfo" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_NETINFO 1 -_ACEOF - -fi - - - - - - - - - - -{ echo "$as_me:$LINENO: checking for logwtmp" >&5 -echo $ECHO_N "checking for logwtmp... $ECHO_C" >&6; } -if test "${ac_cv_funclib_logwtmp+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_logwtmp\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" util; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_UTIL_H -#include -#endif - -int -main () -{ -logwtmp(0,0,0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_logwtmp=$ac_lib; else ac_cv_funclib_logwtmp=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_logwtmp=\${ac_cv_funclib_logwtmp-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_logwtmp" - -if false; then - -for ac_func in logwtmp -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# logwtmp -eval "ac_tr_func=HAVE_`echo logwtmp | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_logwtmp=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_logwtmp=yes" - eval "LIB_logwtmp=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_logwtmp=no" - eval "LIB_logwtmp=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_logwtmp=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - - - - -{ echo "$as_me:$LINENO: checking for logout" >&5 -echo $ECHO_N "checking for logout... $ECHO_C" >&6; } -if test "${ac_cv_funclib_logout+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_logout\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" util; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_UTIL_H -#include -#endif - -int -main () -{ -logout(0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_logout=$ac_lib; else ac_cv_funclib_logout=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_logout=\${ac_cv_funclib_logout-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_logout" - -if false; then - -for ac_func in logout -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# logout -eval "ac_tr_func=HAVE_`echo logout | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_logout=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_logout=yes" - eval "LIB_logout=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_logout=no" - eval "LIB_logout=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_logout=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - - - - -{ echo "$as_me:$LINENO: checking for openpty" >&5 -echo $ECHO_N "checking for openpty... $ECHO_C" >&6; } -if test "${ac_cv_funclib_openpty+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_openpty\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" util; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_UTIL_H -#include -#endif - -int -main () -{ -openpty(0,0,0,0,0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_openpty=$ac_lib; else ac_cv_funclib_openpty=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_openpty=\${ac_cv_funclib_openpty-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_openpty" - -if false; then - -for ac_func in openpty -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# openpty -eval "ac_tr_func=HAVE_`echo openpty | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_openpty=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_openpty=yes" - eval "LIB_openpty=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_openpty=no" - eval "LIB_openpty=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_openpty=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - - - - - -{ echo "$as_me:$LINENO: checking for tgetent" >&5 -echo $ECHO_N "checking for tgetent... $ECHO_C" >&6; } -if test "${ac_cv_funclib_tgetent+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_tgetent\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" termcap ncurses curses; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_TERMCAP_H -#include -#endif -#ifdef HAVE_CURSES_H -#include -#endif - -int -main () -{ -tgetent(0,0) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_tgetent=$ac_lib; else ac_cv_funclib_tgetent=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_tgetent=\${ac_cv_funclib_tgetent-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_tgetent" - -if false; then - -for ac_func in tgetent -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# tgetent -eval "ac_tr_func=HAVE_`echo tgetent | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_tgetent=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_tgetent=yes" - eval "LIB_tgetent=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_tgetent=no" - eval "LIB_tgetent=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_tgetent=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -for ac_func in \ - _getpty \ - _scrsize \ - arc4random \ - fcntl \ - getpeereid \ - getpeerucred \ - grantpt \ - mktime \ - ptsname \ - rand \ - revoke \ - select \ - setitimer \ - setpcred \ - setpgid \ - setproctitle \ - setregid \ - setresgid \ - setresuid \ - setreuid \ - setsid \ - setutent \ - sigaction \ - strstr \ - ttyname \ - ttyslot \ - umask \ - unlockpt \ - vhangup \ - yp_get_default_domain \ - -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - - - - -for ac_header in stdlib.h unistd.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - -for ac_func in getpagesize -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -{ echo "$as_me:$LINENO: checking for working mmap" >&5 -echo $ECHO_N "checking for working mmap... $ECHO_C" >&6; } -if test "${ac_cv_func_mmap_fixed_mapped+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test "$cross_compiling" = yes; then - ac_cv_func_mmap_fixed_mapped=no -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -/* malloc might have been renamed as rpl_malloc. */ -#undef malloc - -/* Thanks to Mike Haertel and Jim Avera for this test. - Here is a matrix of mmap possibilities: - mmap private not fixed - mmap private fixed at somewhere currently unmapped - mmap private fixed at somewhere already mapped - mmap shared not fixed - mmap shared fixed at somewhere currently unmapped - mmap shared fixed at somewhere already mapped - For private mappings, we should verify that changes cannot be read() - back from the file, nor mmap's back from the file at a different - address. (There have been systems where private was not correctly - implemented like the infamous i386 svr4.0, and systems where the - VM page cache was not coherent with the file system buffer cache - like early versions of FreeBSD and possibly contemporary NetBSD.) - For shared mappings, we should conversely verify that changes get - propagated back to all the places they're supposed to be. - - Grep wants private fixed already mapped. - The main things grep needs to know about mmap are: - * does it exist and is it safe to write into the mmap'd area - * how to use it (BSD variants) */ - -#include -#include - -#if !defined STDC_HEADERS && !defined HAVE_STDLIB_H -char *malloc (); -#endif - -/* This mess was copied from the GNU getpagesize.h. */ -#ifndef HAVE_GETPAGESIZE -/* Assume that all systems that can run configure have sys/param.h. */ -# ifndef HAVE_SYS_PARAM_H -# define HAVE_SYS_PARAM_H 1 -# endif - -# ifdef _SC_PAGESIZE -# define getpagesize() sysconf(_SC_PAGESIZE) -# else /* no _SC_PAGESIZE */ -# ifdef HAVE_SYS_PARAM_H -# include -# ifdef EXEC_PAGESIZE -# define getpagesize() EXEC_PAGESIZE -# else /* no EXEC_PAGESIZE */ -# ifdef NBPG -# define getpagesize() NBPG * CLSIZE -# ifndef CLSIZE -# define CLSIZE 1 -# endif /* no CLSIZE */ -# else /* no NBPG */ -# ifdef NBPC -# define getpagesize() NBPC -# else /* no NBPC */ -# ifdef PAGESIZE -# define getpagesize() PAGESIZE -# endif /* PAGESIZE */ -# endif /* no NBPC */ -# endif /* no NBPG */ -# endif /* no EXEC_PAGESIZE */ -# else /* no HAVE_SYS_PARAM_H */ -# define getpagesize() 8192 /* punt totally */ -# endif /* no HAVE_SYS_PARAM_H */ -# endif /* no _SC_PAGESIZE */ - -#endif /* no HAVE_GETPAGESIZE */ - -int -main () -{ - char *data, *data2, *data3; - int i, pagesize; - int fd; - - pagesize = getpagesize (); - - /* First, make a file with some known garbage in it. */ - data = (char *) malloc (pagesize); - if (!data) - return 1; - for (i = 0; i < pagesize; ++i) - *(data + i) = rand (); - umask (0); - fd = creat ("conftest.mmap", 0600); - if (fd < 0) - return 1; - if (write (fd, data, pagesize) != pagesize) - return 1; - close (fd); - - /* Next, try to mmap the file at a fixed address which already has - something else allocated at it. If we can, also make sure that - we see the same garbage. */ - fd = open ("conftest.mmap", O_RDWR); - if (fd < 0) - return 1; - data2 = (char *) malloc (2 * pagesize); - if (!data2) - return 1; - data2 += (pagesize - ((long int) data2 & (pagesize - 1))) & (pagesize - 1); - if (data2 != mmap (data2, pagesize, PROT_READ | PROT_WRITE, - MAP_PRIVATE | MAP_FIXED, fd, 0L)) - return 1; - for (i = 0; i < pagesize; ++i) - if (*(data + i) != *(data2 + i)) - return 1; - - /* Finally, make sure that changes to the mapped area do not - percolate back to the file as seen by read(). (This is a bug on - some variants of i386 svr4.0.) */ - for (i = 0; i < pagesize; ++i) - *(data2 + i) = *(data2 + i) + 1; - data3 = (char *) malloc (pagesize); - if (!data3) - return 1; - if (read (fd, data3, pagesize) != pagesize) - return 1; - for (i = 0; i < pagesize; ++i) - if (*(data + i) != *(data3 + i)) - return 1; - close (fd); - return 0; -} -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_func_mmap_fixed_mapped=yes -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_func_mmap_fixed_mapped=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi - - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_mmap_fixed_mapped" >&5 -echo "${ECHO_T}$ac_cv_func_mmap_fixed_mapped" >&6; } -if test $ac_cv_func_mmap_fixed_mapped = yes; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_MMAP 1 -_ACEOF - -fi -rm -f conftest.mmap - - - - - - -for ac_header in capability.h sys/capability.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_compiler=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no -fi - -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to heimdal-bugs@h5l.org ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } - -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF - -fi - -done - - - - -for ac_func in sgi_getcapabilitybyname cap_set_proc -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - - - - - - - -{ echo "$as_me:$LINENO: checking for getpwnam_r" >&5 -echo $ECHO_N "checking for getpwnam_r... $ECHO_C" >&6; } -if test "${ac_cv_funclib_getpwnam_r+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_getpwnam_r\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" c_r; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -getpwnam_r() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_getpwnam_r=$ac_lib; else ac_cv_funclib_getpwnam_r=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_getpwnam_r=\${ac_cv_funclib_getpwnam_r-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_getpwnam_r" - -if false; then - -for ac_func in getpwnam_r -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# getpwnam_r -eval "ac_tr_func=HAVE_`echo getpwnam_r | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_getpwnam_r=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_getpwnam_r=yes" - eval "LIB_getpwnam_r=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_getpwnam_r=no" - eval "LIB_getpwnam_r=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_getpwnam_r=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - -if test "$ac_cv_func_getpwnam_r" = yes; then - { echo "$as_me:$LINENO: checking if getpwnam_r is posix" >&5 -echo $ECHO_N "checking if getpwnam_r is posix... $ECHO_C" >&6; } -if test "${ac_cv_func_getpwnam_r_posix+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_libs="$LIBS" - LIBS="$LIBS $LIB_getpwnam_r" - if test "$cross_compiling" = yes; then - : -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#define _POSIX_PTHREAD_SEMANTICS -#include -int main(int argc, char **argv) -{ - struct passwd pw, *pwd; - return getpwnam_r("", &pw, NULL, 0, &pwd) < 0; -} - -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_func_getpwnam_r_posix=yes -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_func_getpwnam_r_posix=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi - - -LIBS="$ac_libs" -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getpwnam_r_posix" >&5 -echo "${ECHO_T}$ac_cv_func_getpwnam_r_posix" >&6; } -if test "$ac_cv_func_getpwnam_r_posix" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define POSIX_GETPWNAM_R 1 -_ACEOF - -fi -fi - - -if test "$enable_pthread_support" != no; then - saved_LIBS="$LIBS" - LIBS="$LIBS $PTHREADS_LIBS" - - - -{ echo "$as_me:$LINENO: checking for door_create" >&5 -echo $ECHO_N "checking for door_create... $ECHO_C" >&6; } -if test "${ac_cv_funclib_door_create+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_door_create\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" door; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -door_create() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_door_create=$ac_lib; else ac_cv_funclib_door_create=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_door_create=\${ac_cv_funclib_door_create-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_door_create" - -if false; then - -for ac_func in door_create -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# door_create -eval "ac_tr_func=HAVE_`echo door_create | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_door_create=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_door_create=yes" - eval "LIB_door_create=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_door_create=no" - eval "LIB_door_create=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_door_create=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - - LIBS="$saved_LIBS" -fi - -# Check whether --enable-kcm was given. -if test "${enable_kcm+set}" = set; then - enableval=$enable_kcm; -else - enable_kcm=yes -fi - - -if test "$enable_kcm" = yes ; then - if test "$ac_cv_header_sys_un_h" != yes -a "$ac_cv_funclib_door_create" != yes ; then - enable_kcm=no - fi -fi -if test "$enable_kcm" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_KCM 1 -_ACEOF - -fi - if test "$enable_kcm" = yes; then - KCM_TRUE= - KCM_FALSE='#' -else - KCM_TRUE='#' - KCM_FALSE= -fi - - - - - - -for ac_func in getudbnam setlim -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - - - - - - -{ echo "$as_me:$LINENO: checking for ut_addr in struct utmp" >&5 -echo $ECHO_N "checking for ut_addr in struct utmp... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_utmp_ut_addr+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -int -main () -{ -struct utmp x; memset(&x, 0, sizeof(x)); x.ut_addr - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_utmp_ut_addr=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_utmp_ut_addr=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_utmp_ut_addr" >&5 -echo "${ECHO_T}$ac_cv_type_struct_utmp_ut_addr" >&6; } -if test "$ac_cv_type_struct_utmp_ut_addr" = yes; then - - -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_UTMP_UT_ADDR 1 -_ACEOF - - -fi - - - - -{ echo "$as_me:$LINENO: checking for ut_host in struct utmp" >&5 -echo $ECHO_N "checking for ut_host in struct utmp... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_utmp_ut_host+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -int -main () -{ -struct utmp x; memset(&x, 0, sizeof(x)); x.ut_host - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_utmp_ut_host=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_utmp_ut_host=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_utmp_ut_host" >&5 -echo "${ECHO_T}$ac_cv_type_struct_utmp_ut_host" >&6; } -if test "$ac_cv_type_struct_utmp_ut_host" = yes; then - - -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_UTMP_UT_HOST 1 -_ACEOF - - -fi - - - - -{ echo "$as_me:$LINENO: checking for ut_id in struct utmp" >&5 -echo $ECHO_N "checking for ut_id in struct utmp... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_utmp_ut_id+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -int -main () -{ -struct utmp x; memset(&x, 0, sizeof(x)); x.ut_id - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_utmp_ut_id=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_utmp_ut_id=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_utmp_ut_id" >&5 -echo "${ECHO_T}$ac_cv_type_struct_utmp_ut_id" >&6; } -if test "$ac_cv_type_struct_utmp_ut_id" = yes; then - - -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_UTMP_UT_ID 1 -_ACEOF - - -fi - - - - -{ echo "$as_me:$LINENO: checking for ut_pid in struct utmp" >&5 -echo $ECHO_N "checking for ut_pid in struct utmp... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_utmp_ut_pid+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -int -main () -{ -struct utmp x; memset(&x, 0, sizeof(x)); x.ut_pid - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_utmp_ut_pid=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_utmp_ut_pid=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_utmp_ut_pid" >&5 -echo "${ECHO_T}$ac_cv_type_struct_utmp_ut_pid" >&6; } -if test "$ac_cv_type_struct_utmp_ut_pid" = yes; then - - -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_UTMP_UT_PID 1 -_ACEOF - - -fi - - - - -{ echo "$as_me:$LINENO: checking for ut_type in struct utmp" >&5 -echo $ECHO_N "checking for ut_type in struct utmp... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_utmp_ut_type+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -int -main () -{ -struct utmp x; memset(&x, 0, sizeof(x)); x.ut_type - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_utmp_ut_type=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_utmp_ut_type=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_utmp_ut_type" >&5 -echo "${ECHO_T}$ac_cv_type_struct_utmp_ut_type" >&6; } -if test "$ac_cv_type_struct_utmp_ut_type" = yes; then - - -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_UTMP_UT_TYPE 1 -_ACEOF - - -fi - - - - -{ echo "$as_me:$LINENO: checking for ut_user in struct utmp" >&5 -echo $ECHO_N "checking for ut_user in struct utmp... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_utmp_ut_user+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -int -main () -{ -struct utmp x; memset(&x, 0, sizeof(x)); x.ut_user - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_utmp_ut_user=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_utmp_ut_user=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_utmp_ut_user" >&5 -echo "${ECHO_T}$ac_cv_type_struct_utmp_ut_user" >&6; } -if test "$ac_cv_type_struct_utmp_ut_user" = yes; then - - -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_UTMP_UT_USER 1 -_ACEOF - - -fi - - - - -{ echo "$as_me:$LINENO: checking for ut_exit in struct utmpx" >&5 -echo $ECHO_N "checking for ut_exit in struct utmpx... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_utmpx_ut_exit+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -int -main () -{ -struct utmpx x; memset(&x, 0, sizeof(x)); x.ut_exit - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_utmpx_ut_exit=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_utmpx_ut_exit=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_utmpx_ut_exit" >&5 -echo "${ECHO_T}$ac_cv_type_struct_utmpx_ut_exit" >&6; } -if test "$ac_cv_type_struct_utmpx_ut_exit" = yes; then - - -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_UTMPX_UT_EXIT 1 -_ACEOF - - -fi - - - - -{ echo "$as_me:$LINENO: checking for ut_syslen in struct utmpx" >&5 -echo $ECHO_N "checking for ut_syslen in struct utmpx... $ECHO_C" >&6; } -if test "${ac_cv_type_struct_utmpx_ut_syslen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -int -main () -{ -struct utmpx x; memset(&x, 0, sizeof(x)); x.ut_syslen - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_struct_utmpx_ut_syslen=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_struct_utmpx_ut_syslen=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_struct_utmpx_ut_syslen" >&5 -echo "${ECHO_T}$ac_cv_type_struct_utmpx_ut_syslen" >&6; } -if test "$ac_cv_type_struct_utmpx_ut_syslen" = yes; then - - -cat >>confdefs.h <<\_ACEOF -#define HAVE_STRUCT_UTMPX_UT_SYSLEN 1 -_ACEOF - - -fi - - - -{ echo "$as_me:$LINENO: checking for int8_t" >&5 -echo $ECHO_N "checking for int8_t... $ECHO_C" >&6; } -if test "${ac_cv_type_int8_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_INTTYPES_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_BIND_BITYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include -#endif - - -typedef int8_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_int8_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_int8_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_int8_t" >&5 -echo "${ECHO_T}$ac_cv_type_int8_t" >&6; } -if test $ac_cv_type_int8_t = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_INT8_T 1 -_ACEOF - - -fi -{ echo "$as_me:$LINENO: checking for int16_t" >&5 -echo $ECHO_N "checking for int16_t... $ECHO_C" >&6; } -if test "${ac_cv_type_int16_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_INTTYPES_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_BIND_BITYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include -#endif - - -typedef int16_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_int16_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_int16_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_int16_t" >&5 -echo "${ECHO_T}$ac_cv_type_int16_t" >&6; } -if test $ac_cv_type_int16_t = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_INT16_T 1 -_ACEOF - - -fi -{ echo "$as_me:$LINENO: checking for int32_t" >&5 -echo $ECHO_N "checking for int32_t... $ECHO_C" >&6; } -if test "${ac_cv_type_int32_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_INTTYPES_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_BIND_BITYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include -#endif - - -typedef int32_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_int32_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_int32_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_int32_t" >&5 -echo "${ECHO_T}$ac_cv_type_int32_t" >&6; } -if test $ac_cv_type_int32_t = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_INT32_T 1 -_ACEOF - - -fi -{ echo "$as_me:$LINENO: checking for int64_t" >&5 -echo $ECHO_N "checking for int64_t... $ECHO_C" >&6; } -if test "${ac_cv_type_int64_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_INTTYPES_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_BIND_BITYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include -#endif - - -typedef int64_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_int64_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_int64_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_int64_t" >&5 -echo "${ECHO_T}$ac_cv_type_int64_t" >&6; } -if test $ac_cv_type_int64_t = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_INT64_T 1 -_ACEOF - - -fi -{ echo "$as_me:$LINENO: checking for u_int8_t" >&5 -echo $ECHO_N "checking for u_int8_t... $ECHO_C" >&6; } -if test "${ac_cv_type_u_int8_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_INTTYPES_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_BIND_BITYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include -#endif - - -typedef u_int8_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_u_int8_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_u_int8_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_u_int8_t" >&5 -echo "${ECHO_T}$ac_cv_type_u_int8_t" >&6; } -if test $ac_cv_type_u_int8_t = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_U_INT8_T 1 -_ACEOF - - -fi -{ echo "$as_me:$LINENO: checking for u_int16_t" >&5 -echo $ECHO_N "checking for u_int16_t... $ECHO_C" >&6; } -if test "${ac_cv_type_u_int16_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_INTTYPES_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_BIND_BITYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include -#endif - - -typedef u_int16_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_u_int16_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_u_int16_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_u_int16_t" >&5 -echo "${ECHO_T}$ac_cv_type_u_int16_t" >&6; } -if test $ac_cv_type_u_int16_t = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_U_INT16_T 1 -_ACEOF - - -fi -{ echo "$as_me:$LINENO: checking for u_int32_t" >&5 -echo $ECHO_N "checking for u_int32_t... $ECHO_C" >&6; } -if test "${ac_cv_type_u_int32_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_INTTYPES_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_BIND_BITYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include -#endif - - -typedef u_int32_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_u_int32_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_u_int32_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_u_int32_t" >&5 -echo "${ECHO_T}$ac_cv_type_u_int32_t" >&6; } -if test $ac_cv_type_u_int32_t = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_U_INT32_T 1 -_ACEOF - - -fi -{ echo "$as_me:$LINENO: checking for u_int64_t" >&5 -echo $ECHO_N "checking for u_int64_t... $ECHO_C" >&6; } -if test "${ac_cv_type_u_int64_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_INTTYPES_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_BIND_BITYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include -#endif - - -typedef u_int64_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_u_int64_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_u_int64_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_u_int64_t" >&5 -echo "${ECHO_T}$ac_cv_type_u_int64_t" >&6; } -if test $ac_cv_type_u_int64_t = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_U_INT64_T 1 -_ACEOF - - -fi -{ echo "$as_me:$LINENO: checking for uint8_t" >&5 -echo $ECHO_N "checking for uint8_t... $ECHO_C" >&6; } -if test "${ac_cv_type_uint8_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_INTTYPES_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_BIND_BITYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include -#endif - - -typedef uint8_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_uint8_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_uint8_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_uint8_t" >&5 -echo "${ECHO_T}$ac_cv_type_uint8_t" >&6; } -if test $ac_cv_type_uint8_t = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_UINT8_T 1 -_ACEOF - - -fi -{ echo "$as_me:$LINENO: checking for uint16_t" >&5 -echo $ECHO_N "checking for uint16_t... $ECHO_C" >&6; } -if test "${ac_cv_type_uint16_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_INTTYPES_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_BIND_BITYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include -#endif - - -typedef uint16_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_uint16_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_uint16_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_uint16_t" >&5 -echo "${ECHO_T}$ac_cv_type_uint16_t" >&6; } -if test $ac_cv_type_uint16_t = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_UINT16_T 1 -_ACEOF - - -fi -{ echo "$as_me:$LINENO: checking for uint32_t" >&5 -echo $ECHO_N "checking for uint32_t... $ECHO_C" >&6; } -if test "${ac_cv_type_uint32_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_INTTYPES_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_BIND_BITYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include -#endif - - -typedef uint32_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_uint32_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_uint32_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_uint32_t" >&5 -echo "${ECHO_T}$ac_cv_type_uint32_t" >&6; } -if test $ac_cv_type_uint32_t = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_UINT32_T 1 -_ACEOF - - -fi -{ echo "$as_me:$LINENO: checking for uint64_t" >&5 -echo $ECHO_N "checking for uint64_t... $ECHO_C" >&6; } -if test "${ac_cv_type_uint64_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -#ifdef HAVE_INTTYPES_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_BIND_BITYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include -#endif - - -typedef uint64_t ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_uint64_t=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_uint64_t=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_uint64_t" >&5 -echo "${ECHO_T}$ac_cv_type_uint64_t" >&6; } -if test $ac_cv_type_uint64_t = yes; then - -cat >>confdefs.h <<_ACEOF -#define HAVE_UINT64_T 1 -_ACEOF - - -fi - - - - -{ echo "$as_me:$LINENO: checking for framework security" >&5 -echo $ECHO_N "checking for framework security... $ECHO_C" >&6; } -if test "${rk_cv_framework_security+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if test "$rk_cv_framework_security" != yes; then - ac_save_LIBS="$LIBS" - LIBS="$ac_save_LIBS -framework Security -framework CoreFoundation" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - -int -main () -{ -SecKeychainSearchRef searchRef; -SecKeychainSearchCreateFromAttributes(NULL,kSecCertificateItemClass,NULL, &searchRef); -CFRelease(&searchRef); - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - rk_cv_framework_security=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - LIBS="$ac_save_LIBS" -fi - -fi - - -if test "$rk_cv_framework_security" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_FRAMEWORK_SECURITY 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - if test "$rk_cv_framework_security" = yes; then - FRAMEWORK_SECURITY_TRUE= - FRAMEWORK_SECURITY_FALSE='#' -else - FRAMEWORK_SECURITY_TRUE='#' - FRAMEWORK_SECURITY_FALSE= -fi - - -if test "$rk_cv_framework_security" = yes; then - -if test "$ac_cv_func_SecKeyGetCSPHandle+set" != set -o "$ac_cv_func_SecKeyGetCSPHandle" = yes; then -{ echo "$as_me:$LINENO: checking if SecKeyGetCSPHandle needs a prototype" >&5 -echo $ECHO_N "checking if SecKeyGetCSPHandle needs a prototype... $ECHO_C" >&6; } -if test "${ac_cv_func_SecKeyGetCSPHandle_noproto+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -struct foo { int foo; } xx; -extern int SecKeyGetCSPHandle (struct foo*); -int -main () -{ -SecKeyGetCSPHandle(&xx) - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "ac_cv_func_SecKeyGetCSPHandle_noproto=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "ac_cv_func_SecKeyGetCSPHandle_noproto=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_SecKeyGetCSPHandle_noproto" >&5 -echo "${ECHO_T}$ac_cv_func_SecKeyGetCSPHandle_noproto" >&6; } -if test "$ac_cv_func_SecKeyGetCSPHandle_noproto" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define NEED_SECKEYGETCSPHANDLE_PROTO 1 -_ACEOF - -fi -fi - -fi - - - - - - - -{ echo "$as_me:$LINENO: checking for el_init" >&5 -echo $ECHO_N "checking for el_init... $ECHO_C" >&6; } -if test "${ac_cv_funclib_el_init+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - -if eval "test \"\$ac_cv_func_el_init\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" edit; do - case "$ac_lib" in - "") ;; - yes) ac_lib="" ;; - no) continue ;; - -l*) ;; - *) ac_lib="-l$ac_lib" ;; - esac - LIBS=" $ac_lib $LIB_tgetent $ac_save_LIBS" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -int -main () -{ -el_init() - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "if test -n \"$ac_lib\";then ac_cv_funclib_el_init=$ac_lib; else ac_cv_funclib_el_init=yes; fi";break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - eval "ac_cv_funclib_el_init=\${ac_cv_funclib_el_init-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_el_init" - -if false; then - -for ac_func in el_init -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - -fi -done - -fi -# el_init -eval "ac_tr_func=HAVE_`echo el_init | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_el_init=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_el_init=yes" - eval "LIB_el_init=" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - ;; - no) - eval "ac_cv_func_el_init=no" - eval "LIB_el_init=" - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - ;; - *) - eval "ac_cv_func_el_init=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >>confdefs.h <<_ACEOF -#define $ac_tr_func 1 -_ACEOF - - cat >>confdefs.h <<_ACEOF -#define $ac_tr_lib 1 -_ACEOF - - { echo "$as_me:$LINENO: result: yes, in $ac_res" >&5 -echo "${ECHO_T}yes, in $ac_res" >&6; } - ;; -esac - - -if test "$ac_cv_func_el_init" = yes ; then - { echo "$as_me:$LINENO: checking for four argument el_init" >&5 -echo $ECHO_N "checking for four argument el_init... $ECHO_C" >&6; } -if test "${ac_cv_func_el_init_four+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - #include -int -main () -{ -el_init("", NULL, NULL, NULL); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_func_el_init_four=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_el_init_four=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_el_init_four" >&5 -echo "${ECHO_T}$ac_cv_func_el_init_four" >&6; } - if test "$ac_cv_func_el_init_four" = yes; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_FOUR_VALUED_EL_INIT 1 -_ACEOF - - fi -fi - - -ac_foo=no -if test "$with_readline" = yes; then - : -elif test "$ac_cv_func_readline" = yes; then - : -elif test "$ac_cv_func_el_init" = yes; then - ac_foo=yes - LIB_readline="\$(top_builddir)/lib/editline/libel_compat.la \$(LIB_el_init) \$(LIB_tgetent)" -else - LIB_readline="\$(top_builddir)/lib/editline/libeditline.la \$(LIB_tgetent)" -fi - if test "$ac_foo" = yes; then - el_compat_TRUE= - el_compat_FALSE='#' -else - el_compat_TRUE='#' - el_compat_FALSE= -fi - - -cat >>confdefs.h <<\_ACEOF -#define HAVE_READLINE 1 -_ACEOF - - - - - -cat >>confdefs.h <<\_ACEOF -#define AUTHENTICATION 1 -_ACEOF - -cat >>confdefs.h <<\_ACEOF -#define ENCRYPTION 1 -_ACEOF - -cat >>confdefs.h <<\_ACEOF -#define DES_ENCRYPTION 1 -_ACEOF - -cat >>confdefs.h <<\_ACEOF -#define DIAGNOSTICS 1 -_ACEOF - -cat >>confdefs.h <<\_ACEOF -#define OLD_ENVIRON 1 -_ACEOF -if false; then - -cat >>confdefs.h <<\_ACEOF -#define ENV_HACK 1 -_ACEOF - -fi - -# Simple test for streamspty, based on the existance of getmsg(), alas -# this breaks on SunOS4 which have streams but BSD-like ptys -# -# And also something wierd has happend with dec-osf1, fallback to bsd-ptys - -case "$host" in -*-*-aix3*|*-*-sunos4*|*-*-osf*|*-*-hpux1[01]*) - ;; -*) - { echo "$as_me:$LINENO: checking for getmsg" >&5 -echo $ECHO_N "checking for getmsg... $ECHO_C" >&6; } -if test "${ac_cv_func_getmsg+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define getmsg to an innocuous variant, in case declares getmsg. - For example, HP-UX 11i declares gettimeofday. */ -#define getmsg innocuous_getmsg - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char getmsg (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef getmsg - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char getmsg (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_getmsg || defined __stub___getmsg -choke me -#endif - -int -main () -{ -return getmsg (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_getmsg=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_getmsg=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getmsg" >&5 -echo "${ECHO_T}$ac_cv_func_getmsg" >&6; } - - if test "$ac_cv_func_getmsg" = "yes"; then - { echo "$as_me:$LINENO: checking if getmsg works" >&5 -echo $ECHO_N "checking if getmsg works... $ECHO_C" >&6; } -if test "${ac_cv_func_getmsg_works+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test "$cross_compiling" = yes; then - ac_cv_func_getmsg_works=no -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - - #include - #include - - int main(int argc, char **argv) - { - int ret; - ret = getmsg(open("/dev/null", 0), NULL, NULL, NULL); - if(ret < 0 && errno == ENOSYS) - return 1; - return 0; - } - -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_func_getmsg_works=yes -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -ac_cv_func_getmsg_works=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi - - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_getmsg_works" >&5 -echo "${ECHO_T}$ac_cv_func_getmsg_works" >&6; } - if test "$ac_cv_func_getmsg_works" = "yes"; then - -cat >>confdefs.h <<\_ACEOF -#define HAVE_GETMSG 1 -_ACEOF - - -cat >>confdefs.h <<\_ACEOF -#define STREAMSPTY 1 -_ACEOF - - fi - fi - ;; -esac - - - - - - - -# Extract the first word of "compile_et", so it can be a program name with args. -set dummy compile_et; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_COMPILE_ET+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$COMPILE_ET"; then - ac_cv_prog_COMPILE_ET="$COMPILE_ET" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_COMPILE_ET="compile_et" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi -fi -COMPILE_ET=$ac_cv_prog_COMPILE_ET -if test -n "$COMPILE_ET"; then - { echo "$as_me:$LINENO: result: $COMPILE_ET" >&5 -echo "${ECHO_T}$COMPILE_ET" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - -krb_cv_compile_et="no" -krb_cv_com_err_need_r="" -krb_cv_compile_et_cross=no -if test "${COMPILE_ET}" = "compile_et"; then - -{ echo "$as_me:$LINENO: checking whether compile_et has the features we need" >&5 -echo $ECHO_N "checking whether compile_et has the features we need... $ECHO_C" >&6; } -cat > conftest_et.et <<'EOF' -error_table test conf -prefix CONFTEST -index 1 -error_code CODE1, "CODE1" -index 128 -error_code CODE2, "CODE2" -end -EOF -if ${COMPILE_ET} conftest_et.et >/dev/null 2>&1; then - save_CPPFLAGS="${CPPFLAGS}" - if test -d "/usr/include/et"; then - CPPFLAGS="-I/usr/include/et ${CPPFLAGS}" - fi - if test "$cross_compiling" = yes; then - krb_cv_compile_et="yes" krb_cv_compile_et_cross=yes -else - cat >conftest.$ac_ext <<_ACEOF - -#include -#include -#include "conftest_et.h" -int main(int argc, char **argv){ -#ifndef ERROR_TABLE_BASE_conf -#error compile_et does not handle error_table N M -#endif -return (CONFTEST_CODE2 - CONFTEST_CODE1) != 127;} - -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - krb_cv_compile_et="yes" -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -( exit $ac_status ) -CPPFLAGS="${save_CPPFLAGS}" -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi - - -fi -{ echo "$as_me:$LINENO: result: ${krb_cv_compile_et}" >&5 -echo "${ECHO_T}${krb_cv_compile_et}" >&6; } -if test "${krb_cv_compile_et}" = "yes" -a "${krb_cv_compile_et_cross}" = no; then - { echo "$as_me:$LINENO: checking for if com_err generates a initialize_conf_error_table_r" >&5 -echo $ECHO_N "checking for if com_err generates a initialize_conf_error_table_r... $ECHO_C" >&6; } - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include "conftest_et.h" -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "initialize_conf_error_table_r.*struct et_list" >/dev/null 2>&1; then - krb_cv_com_err_need_r="ok" -fi -rm -f conftest* - - if test X"$krb_cv_com_err_need_r" = X ; then - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - krb_cv_compile_et=no - else - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - fi -fi -rm -fr conftest* -fi - -if test "${krb_cv_compile_et_cross}" = yes ; then - krb_cv_com_err="cross" -elif test "${krb_cv_compile_et}" = "yes"; then - krb_cv_save_LIBS="${LIBS}" - LIBS="${LIBS} -lcom_err" - { echo "$as_me:$LINENO: checking for com_err" >&5 -echo $ECHO_N "checking for com_err... $ECHO_C" >&6; } - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -int -main () -{ - - const char *p; - p = error_message(0); - initialize_error_table_r(0,0,0,0); - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - krb_cv_com_err="yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - krb_cv_com_err="no"; CPPFLAGS="${save_CPPFLAGS}" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - { echo "$as_me:$LINENO: result: ${krb_cv_com_err}" >&5 -echo "${ECHO_T}${krb_cv_com_err}" >&6; } - LIBS="${krb_cv_save_LIBS}" -else - krb_cv_com_err="no" -fi - -if test "${krb_cv_com_err}" = "yes"; then - DIR_com_err="" - LIB_com_err="-lcom_err" - LIB_com_err_a="" - LIB_com_err_so="" - { echo "$as_me:$LINENO: Using the already-installed com_err" >&5 -echo "$as_me: Using the already-installed com_err" >&6;} - localcomerr=no -elif test "${krb_cv_com_err}" = "cross"; then - DIR_com_err="com_err" - LIB_com_err="\$(top_builddir)/lib/com_err/libcom_err.la" - LIB_com_err_a="\$(top_builddir)/lib/com_err/.libs/libcom_err.a" - LIB_com_err_so="\$(top_builddir)/lib/com_err/.libs/libcom_err.so" - { echo "$as_me:$LINENO: Using our own com_err with toolchain compile_et" >&5 -echo "$as_me: Using our own com_err with toolchain compile_et" >&6;} - localcomerr=yes -else - COMPILE_ET="\$(top_builddir)/lib/com_err/compile_et" - DIR_com_err="com_err" - LIB_com_err="\$(top_builddir)/lib/com_err/libcom_err.la" - LIB_com_err_a="\$(top_builddir)/lib/com_err/.libs/libcom_err.a" - LIB_com_err_so="\$(top_builddir)/lib/com_err/.libs/libcom_err.so" - { echo "$as_me:$LINENO: Using our own com_err" >&5 -echo "$as_me: Using our own com_err" >&6;} - localcomerr=yes -fi - if test "$localcomerr" = yes; then - COM_ERR_TRUE= - COM_ERR_FALSE='#' -else - COM_ERR_TRUE='#' - COM_ERR_FALSE= -fi - - - - - - - - -{ echo "$as_me:$LINENO: checking which authentication modules should be built" >&5 -echo $ECHO_N "checking which authentication modules should be built... $ECHO_C" >&6; } - -z='sia afskauthlib' -LIB_AUTH_SUBDIRS= -for i in $z; do -case $i in -sia) -if test "$ac_cv_header_siad_h" = yes; then - LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS sia" -fi -;; -pam) -case "${host}" in -*-*-freebsd*) ac_cv_want_pam_krb4=no ;; -*) ac_cv_want_pam_krb4=yes ;; -esac - -if test "$ac_cv_want_pam_krb4" = yes -a \ - "$ac_cv_header_security_pam_modules_h" = yes -a \ - "$enable_shared" = yes; then - LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS pam" -fi -;; -afskauthlib) -case "${host}" in -*-*-irix[56]*) LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS afskauthlib" ;; -esac -;; -esac -done -if test "$LIB_AUTH_SUBDIRS"; then - { echo "$as_me:$LINENO: result: $LIB_AUTH_SUBDIRS" >&5 -echo "${ECHO_T}$LIB_AUTH_SUBDIRS" >&6; } -else - { echo "$as_me:$LINENO: result: none" >&5 -echo "${ECHO_T}none" >&6; } -fi - - - - -# This is done by AC_OUTPUT but we need the result here. -test "x$prefix" = xNONE && prefix=$ac_default_prefix -test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' - - - x="${bindir}" - eval y="$x" - while test "x$y" != "x$x"; do - x="$y" - eval y="$x" - done - -cat >>confdefs.h <<_ACEOF -#define BINDIR "$x" -_ACEOF - - x="${libdir}" - eval y="$x" - while test "x$y" != "x$x"; do - x="$y" - eval y="$x" - done - -cat >>confdefs.h <<_ACEOF -#define LIBDIR "$x" -_ACEOF - - x="${libexecdir}" - eval y="$x" - while test "x$y" != "x$x"; do - x="$y" - eval y="$x" - done - -cat >>confdefs.h <<_ACEOF -#define LIBEXECDIR "$x" -_ACEOF - - x="${localstatedir}" - eval y="$x" - while test "x$y" != "x$x"; do - x="$y" - eval y="$x" - done - -cat >>confdefs.h <<_ACEOF -#define LOCALSTATEDIR "$x" -_ACEOF - - x="${sbindir}" - eval y="$x" - while test "x$y" != "x$x"; do - x="$y" - eval y="$x" - done - -cat >>confdefs.h <<_ACEOF -#define SBINDIR "$x" -_ACEOF - - x="${sysconfdir}" - eval y="$x" - while test "x$y" != "x$x"; do - x="$y" - eval y="$x" - done - -cat >>confdefs.h <<_ACEOF -#define SYSCONFDIR "$x" -_ACEOF - - - - - -# Check whether --enable-developer was given. -if test "${enable_developer+set}" = set; then - enableval=$enable_developer; -fi - -if test "X$enable_developer" = Xyes; then - dwflags="-Werror" -fi - -WFLAGS_NOUNUSED="" -WFLAGS_NOIMPLICITINT="" -if test -z "$WFLAGS" -a "$GCC" = "yes"; then - # -Wno-implicit-int for broken X11 headers - # leave these out for now: - # -Wcast-align doesn't work well on alpha osf/1 - # -Wmissing-prototypes -Wpointer-arith -Wbad-function-cast - # -Wmissing-declarations -Wnested-externs - WFLAGS="-Wall -Wmissing-prototypes -Wpointer-arith -Wbad-function-cast -Wmissing-declarations -Wnested-externs $dwflags" - WFLAGS_NOUNUSED="-Wno-unused" - WFLAGS_NOIMPLICITINT="-Wno-implicit-int" -fi - - - - - - -ac_config_files="$ac_config_files Makefile etc/Makefile include/Makefile include/gssapi/Makefile include/hcrypto/Makefile include/kadm5/Makefile lib/Makefile lib/45/Makefile lib/auth/Makefile lib/auth/afskauthlib/Makefile lib/auth/pam/Makefile lib/auth/sia/Makefile lib/asn1/Makefile lib/com_err/Makefile lib/hcrypto/Makefile lib/editline/Makefile lib/hx509/Makefile lib/gssapi/Makefile lib/ntlm/Makefile lib/hdb/Makefile lib/kadm5/Makefile lib/kafs/Makefile lib/kdfs/Makefile lib/krb5/Makefile lib/otp/Makefile lib/roken/Makefile lib/sl/Makefile lib/vers/Makefile kuser/Makefile kpasswd/Makefile kadmin/Makefile admin/Makefile kcm/Makefile kdc/Makefile appl/Makefile appl/afsutil/Makefile appl/ftp/Makefile appl/ftp/common/Makefile appl/ftp/ftp/Makefile appl/ftp/ftpd/Makefile appl/gssmask/Makefile appl/kx/Makefile appl/login/Makefile appl/otp/Makefile appl/popper/Makefile appl/push/Makefile appl/rsh/Makefile appl/rcp/Makefile appl/su/Makefile appl/xnlock/Makefile appl/telnet/Makefile appl/telnet/libtelnet/Makefile appl/telnet/telnet/Makefile appl/telnet/telnetd/Makefile appl/test/Makefile appl/kf/Makefile appl/dceutils/Makefile tests/Makefile tests/can/Makefile tests/db/Makefile tests/kdc/Makefile tests/ldap/Makefile tests/gss/Makefile tests/java/Makefile tests/plugin/Makefile packages/Makefile packages/mac/Makefile packages/debian/Makefile doc/Makefile tools/Makefile" - - -cat >confcache <<\_ACEOF -# This file is a shell script that caches the results of configure -# tests run on this system so they can be shared between configure -# scripts and configure runs, see configure's option --config-cache. -# It is not useful on other systems. If it contains results you don't -# want to keep, you may remove or edit it. -# -# config.status only pays attention to the cache file if you give it -# the --recheck option to rerun configure. -# -# `ac_cv_env_foo' variables (set or unset) will be overridden when -# loading this file, other *unset* `ac_cv_foo' will be assigned the -# following values. - -_ACEOF - -# The following way of writing the cache mishandles newlines in values, -# but we know of no workaround that is simple, portable, and efficient. -# So, we kill variables containing newlines. -# Ultrix sh set writes to stderr and can't be redirected directly, -# and sets the high bit in the cache file unless we assign to the vars. -( - for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do - eval ac_val=\$$ac_var - case $ac_val in #( - *${as_nl}*) - case $ac_var in #( - *_cv_*) { echo "$as_me:$LINENO: WARNING: Cache variable $ac_var contains a newline." >&5 -echo "$as_me: WARNING: Cache variable $ac_var contains a newline." >&2;} ;; - esac - case $ac_var in #( - _ | IFS | as_nl) ;; #( - *) $as_unset $ac_var ;; - esac ;; - esac - done - - (set) 2>&1 | - case $as_nl`(ac_space=' '; set) 2>&1` in #( - *${as_nl}ac_space=\ *) - # `set' does not quote correctly, so add quotes (double-quote - # substitution turns \\\\ into \\, and sed turns \\ into \). - sed -n \ - "s/'/'\\\\''/g; - s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" - ;; #( - *) - # `set' quotes correctly as required by POSIX, so do not add quotes. - sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" - ;; - esac | - sort -) | - sed ' - /^ac_cv_env_/b end - t clear - :clear - s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/ - t end - s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ - :end' >>confcache -if diff "$cache_file" confcache >/dev/null 2>&1; then :; else - if test -w "$cache_file"; then - test "x$cache_file" != "x/dev/null" && - { echo "$as_me:$LINENO: updating cache $cache_file" >&5 -echo "$as_me: updating cache $cache_file" >&6;} - cat confcache >$cache_file - else - { echo "$as_me:$LINENO: not updating unwritable cache $cache_file" >&5 -echo "$as_me: not updating unwritable cache $cache_file" >&6;} - fi -fi -rm -f confcache - -test "x$prefix" = xNONE && prefix=$ac_default_prefix -# Let make expand exec_prefix. -test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' - -DEFS=-DHAVE_CONFIG_H - -ac_libobjs= -ac_ltlibobjs= -for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue - # 1. Remove the extension, and $U if already installed. - ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' - ac_i=`echo "$ac_i" | sed "$ac_script"` - # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR - # will be set to the directory where LIBOBJS objects are built. - ac_libobjs="$ac_libobjs \${LIBOBJDIR}$ac_i\$U.$ac_objext" - ac_ltlibobjs="$ac_ltlibobjs \${LIBOBJDIR}$ac_i"'$U.lo' -done -LIBOBJS=$ac_libobjs - -LTLIBOBJS=$ac_ltlibobjs - - -if test -z "${MAINTAINER_MODE_TRUE}" && test -z "${MAINTAINER_MODE_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"MAINTAINER_MODE\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"MAINTAINER_MODE\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${ENABLE_SHARED_TRUE}" && test -z "${ENABLE_SHARED_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"ENABLE_SHARED\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"ENABLE_SHARED\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${versionscript_TRUE}" && test -z "${versionscript_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"versionscript\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"versionscript\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${OPENLDAP_MODULE_TRUE}" && test -z "${OPENLDAP_MODULE_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"OPENLDAP_MODULE\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"OPENLDAP_MODULE\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${PKINIT_TRUE}" && test -z "${PKINIT_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"PKINIT\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"PKINIT\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${KRB4_TRUE}" && test -z "${KRB4_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"KRB4\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"KRB4\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${KRB5_TRUE}" && test -z "${KRB5_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"KRB5\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"KRB5\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${do_roken_rename_TRUE}" && test -z "${do_roken_rename_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"do_roken_rename\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"do_roken_rename\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${HAVE_OPENSSL_TRUE}" && test -z "${HAVE_OPENSSL_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"HAVE_OPENSSL\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"HAVE_OPENSSL\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${DCE_TRUE}" && test -z "${DCE_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"DCE\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"DCE\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${HAVE_DB1_TRUE}" && test -z "${HAVE_DB1_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"HAVE_DB1\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"HAVE_DB1\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${HAVE_DB3_TRUE}" && test -z "${HAVE_DB3_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"HAVE_DB3\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"HAVE_DB3\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${HAVE_NDBM_TRUE}" && test -z "${HAVE_NDBM_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"HAVE_NDBM\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"HAVE_NDBM\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${have_err_h_TRUE}" && test -z "${have_err_h_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"have_err_h\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"have_err_h\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${have_ifaddrs_h_TRUE}" && test -z "${have_ifaddrs_h_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"have_ifaddrs_h\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"have_ifaddrs_h\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${have_vis_h_TRUE}" && test -z "${have_vis_h_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"have_vis_h\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"have_vis_h\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${have_glob_h_TRUE}" && test -z "${have_glob_h_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"have_glob_h\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"have_glob_h\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${have_cgetent_TRUE}" && test -z "${have_cgetent_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"have_cgetent\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"have_cgetent\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${have_fnmatch_h_TRUE}" && test -z "${have_fnmatch_h_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"have_fnmatch_h\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"have_fnmatch_h\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${have_socket_wrapper_TRUE}" && test -z "${have_socket_wrapper_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"have_socket_wrapper\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"have_socket_wrapper\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${OTP_TRUE}" && test -z "${OTP_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"OTP\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"OTP\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${CATMAN_TRUE}" && test -z "${CATMAN_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"CATMAN\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"CATMAN\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${AIX_TRUE}" && test -z "${AIX_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"AIX\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"AIX\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${AIX4_TRUE}" && test -z "${AIX4_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"AIX4\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"AIX4\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${HAVE_DLOPEN_TRUE}" && test -z "${HAVE_DLOPEN_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"HAVE_DLOPEN\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"HAVE_DLOPEN\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${AIX_DYNAMIC_AFS_TRUE}" && test -z "${AIX_DYNAMIC_AFS_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"AIX_DYNAMIC_AFS\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"AIX_DYNAMIC_AFS\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${IRIX_TRUE}" && test -z "${IRIX_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"IRIX\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"IRIX\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${HAVE_X_TRUE}" && test -z "${HAVE_X_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"HAVE_X\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"HAVE_X\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${NEED_WRITEAUTH_TRUE}" && test -z "${NEED_WRITEAUTH_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"NEED_WRITEAUTH\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"NEED_WRITEAUTH\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${KCM_TRUE}" && test -z "${KCM_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"KCM\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"KCM\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${FRAMEWORK_SECURITY_TRUE}" && test -z "${FRAMEWORK_SECURITY_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"FRAMEWORK_SECURITY\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"FRAMEWORK_SECURITY\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${el_compat_TRUE}" && test -z "${el_compat_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"el_compat\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"el_compat\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${COM_ERR_TRUE}" && test -z "${COM_ERR_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"COM_ERR\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"COM_ERR\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi - -: ${CONFIG_STATUS=./config.status} -ac_clean_files_save=$ac_clean_files -ac_clean_files="$ac_clean_files $CONFIG_STATUS" -{ echo "$as_me:$LINENO: creating $CONFIG_STATUS" >&5 -echo "$as_me: creating $CONFIG_STATUS" >&6;} -cat >$CONFIG_STATUS <<_ACEOF -#! $SHELL -# Generated by $as_me. -# Run this file to recreate the current configuration. -# Compiler output produced by configure, useful for debugging -# configure, is in config.log if it exists. - -debug=false -ac_cs_recheck=false -ac_cs_silent=false -SHELL=\${CONFIG_SHELL-$SHELL} -_ACEOF - -cat >>$CONFIG_STATUS <<\_ACEOF -## --------------------- ## -## M4sh Initialization. ## -## --------------------- ## - -# Be more Bourne compatible -DUALCASE=1; export DUALCASE # for MKS sh -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then - emulate sh - NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which - # is contrary to our usage. Disable this feature. - alias -g '${1+"$@"}'='"$@"' - setopt NO_GLOB_SUBST -else - case `(set -o) 2>/dev/null` in - *posix*) set -o posix ;; -esac - -fi - - - - -# PATH needs CR -# Avoid depending upon Character Ranges. -as_cr_letters='abcdefghijklmnopqrstuvwxyz' -as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' -as_cr_Letters=$as_cr_letters$as_cr_LETTERS -as_cr_digits='0123456789' -as_cr_alnum=$as_cr_Letters$as_cr_digits - -# The user is always right. -if test "${PATH_SEPARATOR+set}" != set; then - echo "#! /bin/sh" >conf$$.sh - echo "exit 0" >>conf$$.sh - chmod +x conf$$.sh - if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then - PATH_SEPARATOR=';' - else - PATH_SEPARATOR=: - fi - rm -f conf$$.sh -fi - -# Support unset when possible. -if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then - as_unset=unset -else - as_unset=false -fi - - -# IFS -# We need space, tab and new line, in precisely that order. Quoting is -# there to prevent editors from complaining about space-tab. -# (If _AS_PATH_WALK were called with IFS unset, it would disable word -# splitting by setting IFS to empty value.) -as_nl=' -' -IFS=" "" $as_nl" - -# Find who we are. Look in the path if we contain no directory separator. -case $0 in - *[\\/]* ) as_myself=$0 ;; - *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break -done -IFS=$as_save_IFS - - ;; -esac -# We did not find ourselves, most probably we were run as `sh COMMAND' -# in which case we are not to be found in the path. -if test "x$as_myself" = x; then - as_myself=$0 -fi -if test ! -f "$as_myself"; then - echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 - { (exit 1); exit 1; } -fi - -# Work around bugs in pre-3.0 UWIN ksh. -for as_var in ENV MAIL MAILPATH -do ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var -done -PS1='$ ' -PS2='> ' -PS4='+ ' - -# NLS nuisances. -for as_var in \ - LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \ - LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \ - LC_TELEPHONE LC_TIME -do - if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then - eval $as_var=C; export $as_var - else - ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var - fi -done - -# Required to use basename. -if expr a : '\(a\)' >/dev/null 2>&1 && - test "X`expr 00001 : '.*\(...\)'`" = X001; then - as_expr=expr -else - as_expr=false -fi - -if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then - as_basename=basename -else - as_basename=false -fi - - -# Name of the executable. -as_me=`$as_basename -- "$0" || -$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ - X"$0" : 'X\(//\)$' \| \ - X"$0" : 'X\(/\)' \| . 2>/dev/null || -echo X/"$0" | - sed '/^.*\/\([^/][^/]*\)\/*$/{ - s//\1/ - q - } - /^X\/\(\/\/\)$/{ - s//\1/ - q - } - /^X\/\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - -# CDPATH. -$as_unset CDPATH - - - - as_lineno_1=$LINENO - as_lineno_2=$LINENO - test "x$as_lineno_1" != "x$as_lineno_2" && - test "x`expr $as_lineno_1 + 1`" = "x$as_lineno_2" || { - - # Create $as_me.lineno as a copy of $as_myself, but with $LINENO - # uniformly replaced by the line number. The first 'sed' inserts a - # line-number line after each line using $LINENO; the second 'sed' - # does the real work. The second script uses 'N' to pair each - # line-number line with the line containing $LINENO, and appends - # trailing '-' during substitution so that $LINENO is not a special - # case at line end. - # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the - # scripts with optimization help from Paolo Bonzini. Blame Lee - # E. McMahon (1931-1989) for sed's syntax. :-) - sed -n ' - p - /[$]LINENO/= - ' <$as_myself | - sed ' - s/[$]LINENO.*/&-/ - t lineno - b - :lineno - N - :loop - s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ - t loop - s/-\n.*// - ' >$as_me.lineno && - chmod +x "$as_me.lineno" || - { echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2 - { (exit 1); exit 1; }; } - - # Don't try to exec as it changes $[0], causing all sort of problems - # (the dirname of $[0] is not the place where we might find the - # original and so on. Autoconf is especially sensitive to this). - . "./$as_me.lineno" - # Exit status is that of the last command. - exit -} - - -if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then - as_dirname=dirname -else - as_dirname=false -fi - -ECHO_C= ECHO_N= ECHO_T= -case `echo -n x` in --n*) - case `echo 'x\c'` in - *c*) ECHO_T=' ';; # ECHO_T is single tab character. - *) ECHO_C='\c';; - esac;; -*) - ECHO_N='-n';; -esac - -if expr a : '\(a\)' >/dev/null 2>&1 && - test "X`expr 00001 : '.*\(...\)'`" = X001; then - as_expr=expr -else - as_expr=false -fi - -rm -f conf$$ conf$$.exe conf$$.file -if test -d conf$$.dir; then - rm -f conf$$.dir/conf$$.file -else - rm -f conf$$.dir - mkdir conf$$.dir -fi -echo >conf$$.file -if ln -s conf$$.file conf$$ 2>/dev/null; then - as_ln_s='ln -s' - # ... but there are two gotchas: - # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. - # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -p'. - ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -p' -elif ln conf$$.file conf$$ 2>/dev/null; then - as_ln_s=ln -else - as_ln_s='cp -p' -fi -rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file -rmdir conf$$.dir 2>/dev/null - -if mkdir -p . 2>/dev/null; then - as_mkdir_p=: -else - test -d ./-p && rmdir ./-p - as_mkdir_p=false -fi - -if test -x / >/dev/null 2>&1; then - as_test_x='test -x' -else - if ls -dL / >/dev/null 2>&1; then - as_ls_L_option=L - else - as_ls_L_option= - fi - as_test_x=' - eval sh -c '\'' - if test -d "$1"; then - test -d "$1/."; - else - case $1 in - -*)set "./$1";; - esac; - case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in - ???[sx]*):;;*)false;;esac;fi - '\'' sh - ' -fi -as_executable_p=$as_test_x - -# Sed expression to map a string onto a valid CPP name. -as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" - -# Sed expression to map a string onto a valid variable name. -as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" - - -exec 6>&1 - -# Save the log message, to keep $[0] and so on meaningful, and to -# report actual input values of CONFIG_FILES etc. instead of their -# values after options handling. -ac_log=" -This file was extended by Heimdal $as_me 1.1, which was -generated by GNU Autoconf 2.61. Invocation command line was - - CONFIG_FILES = $CONFIG_FILES - CONFIG_HEADERS = $CONFIG_HEADERS - CONFIG_LINKS = $CONFIG_LINKS - CONFIG_COMMANDS = $CONFIG_COMMANDS - $ $0 $@ - -on `(hostname || uname -n) 2>/dev/null | sed 1q` -" - -_ACEOF - -cat >>$CONFIG_STATUS <<_ACEOF -# Files that config.status was made for. -config_files="$ac_config_files" -config_headers="$ac_config_headers" - -_ACEOF - -cat >>$CONFIG_STATUS <<\_ACEOF -ac_cs_usage="\ -\`$as_me' instantiates files from templates according to the -current configuration. - -Usage: $0 [OPTIONS] [FILE]... - - -h, --help print this help, then exit - -V, --version print version number and configuration settings, then exit - -q, --quiet do not print progress messages - -d, --debug don't remove temporary files - --recheck update $as_me by reconfiguring in the same conditions - --file=FILE[:TEMPLATE] - instantiate the configuration file FILE - --header=FILE[:TEMPLATE] - instantiate the configuration header FILE - -Configuration files: -$config_files - -Configuration headers: -$config_headers - -Report bugs to ." - -_ACEOF -cat >>$CONFIG_STATUS <<_ACEOF -ac_cs_version="\\ -Heimdal config.status 1.1 -configured by $0, generated by GNU Autoconf 2.61, - with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\" - -Copyright (C) 2006 Free Software Foundation, Inc. -This config.status script is free software; the Free Software Foundation -gives unlimited permission to copy, distribute and modify it." - -ac_pwd='$ac_pwd' -srcdir='$srcdir' -INSTALL='$INSTALL' -MKDIR_P='$MKDIR_P' -_ACEOF - -cat >>$CONFIG_STATUS <<\_ACEOF -# If no file are specified by the user, then we need to provide default -# value. By we need to know if files were specified by the user. -ac_need_defaults=: -while test $# != 0 -do - case $1 in - --*=*) - ac_option=`expr "X$1" : 'X\([^=]*\)='` - ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'` - ac_shift=: - ;; - *) - ac_option=$1 - ac_optarg=$2 - ac_shift=shift - ;; - esac - - case $ac_option in - # Handling of the options. - -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) - ac_cs_recheck=: ;; - --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) - echo "$ac_cs_version"; exit ;; - --debug | --debu | --deb | --de | --d | -d ) - debug=: ;; - --file | --fil | --fi | --f ) - $ac_shift - CONFIG_FILES="$CONFIG_FILES $ac_optarg" - ac_need_defaults=false;; - --header | --heade | --head | --hea ) - $ac_shift - CONFIG_HEADERS="$CONFIG_HEADERS $ac_optarg" - ac_need_defaults=false;; - --he | --h) - # Conflict between --help and --header - { echo "$as_me: error: ambiguous option: $1 -Try \`$0 --help' for more information." >&2 - { (exit 1); exit 1; }; };; - --help | --hel | -h ) - echo "$ac_cs_usage"; exit ;; - -q | -quiet | --quiet | --quie | --qui | --qu | --q \ - | -silent | --silent | --silen | --sile | --sil | --si | --s) - ac_cs_silent=: ;; - - # This is an error. - -*) { echo "$as_me: error: unrecognized option: $1 -Try \`$0 --help' for more information." >&2 - { (exit 1); exit 1; }; } ;; - - *) ac_config_targets="$ac_config_targets $1" - ac_need_defaults=false ;; - - esac - shift -done - -ac_configure_extra_args= - -if $ac_cs_silent; then - exec 6>/dev/null - ac_configure_extra_args="$ac_configure_extra_args --silent" -fi - -_ACEOF -cat >>$CONFIG_STATUS <<_ACEOF -if \$ac_cs_recheck; then - echo "running CONFIG_SHELL=$SHELL $SHELL $0 "$ac_configure_args \$ac_configure_extra_args " --no-create --no-recursion" >&6 - CONFIG_SHELL=$SHELL - export CONFIG_SHELL - exec $SHELL "$0"$ac_configure_args \$ac_configure_extra_args --no-create --no-recursion -fi - -_ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF -exec 5>>config.log -{ - echo - sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX -## Running $as_me. ## -_ASBOX - echo "$ac_log" -} >&5 - -_ACEOF -cat >>$CONFIG_STATUS <<_ACEOF -_ACEOF - -cat >>$CONFIG_STATUS <<\_ACEOF - -# Handling of arguments. -for ac_config_target in $ac_config_targets -do - case $ac_config_target in - "include/config.h") CONFIG_HEADERS="$CONFIG_HEADERS include/config.h" ;; - "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; - "etc/Makefile") CONFIG_FILES="$CONFIG_FILES etc/Makefile" ;; - "include/Makefile") CONFIG_FILES="$CONFIG_FILES include/Makefile" ;; - "include/gssapi/Makefile") CONFIG_FILES="$CONFIG_FILES include/gssapi/Makefile" ;; - "include/hcrypto/Makefile") CONFIG_FILES="$CONFIG_FILES include/hcrypto/Makefile" ;; - "include/kadm5/Makefile") CONFIG_FILES="$CONFIG_FILES include/kadm5/Makefile" ;; - "lib/Makefile") CONFIG_FILES="$CONFIG_FILES lib/Makefile" ;; - "lib/45/Makefile") CONFIG_FILES="$CONFIG_FILES lib/45/Makefile" ;; - "lib/auth/Makefile") CONFIG_FILES="$CONFIG_FILES lib/auth/Makefile" ;; - "lib/auth/afskauthlib/Makefile") CONFIG_FILES="$CONFIG_FILES lib/auth/afskauthlib/Makefile" ;; - "lib/auth/pam/Makefile") CONFIG_FILES="$CONFIG_FILES lib/auth/pam/Makefile" ;; - "lib/auth/sia/Makefile") CONFIG_FILES="$CONFIG_FILES lib/auth/sia/Makefile" ;; - "lib/asn1/Makefile") CONFIG_FILES="$CONFIG_FILES lib/asn1/Makefile" ;; - "lib/com_err/Makefile") CONFIG_FILES="$CONFIG_FILES lib/com_err/Makefile" ;; - "lib/hcrypto/Makefile") CONFIG_FILES="$CONFIG_FILES lib/hcrypto/Makefile" ;; - "lib/editline/Makefile") CONFIG_FILES="$CONFIG_FILES lib/editline/Makefile" ;; - "lib/hx509/Makefile") CONFIG_FILES="$CONFIG_FILES lib/hx509/Makefile" ;; - "lib/gssapi/Makefile") CONFIG_FILES="$CONFIG_FILES lib/gssapi/Makefile" ;; - "lib/ntlm/Makefile") CONFIG_FILES="$CONFIG_FILES lib/ntlm/Makefile" ;; - "lib/hdb/Makefile") CONFIG_FILES="$CONFIG_FILES lib/hdb/Makefile" ;; - "lib/kadm5/Makefile") CONFIG_FILES="$CONFIG_FILES lib/kadm5/Makefile" ;; - "lib/kafs/Makefile") CONFIG_FILES="$CONFIG_FILES lib/kafs/Makefile" ;; - "lib/kdfs/Makefile") CONFIG_FILES="$CONFIG_FILES lib/kdfs/Makefile" ;; - "lib/krb5/Makefile") CONFIG_FILES="$CONFIG_FILES lib/krb5/Makefile" ;; - "lib/otp/Makefile") CONFIG_FILES="$CONFIG_FILES lib/otp/Makefile" ;; - "lib/roken/Makefile") CONFIG_FILES="$CONFIG_FILES lib/roken/Makefile" ;; - "lib/sl/Makefile") CONFIG_FILES="$CONFIG_FILES lib/sl/Makefile" ;; - "lib/vers/Makefile") CONFIG_FILES="$CONFIG_FILES lib/vers/Makefile" ;; - "kuser/Makefile") CONFIG_FILES="$CONFIG_FILES kuser/Makefile" ;; - "kpasswd/Makefile") CONFIG_FILES="$CONFIG_FILES kpasswd/Makefile" ;; - "kadmin/Makefile") CONFIG_FILES="$CONFIG_FILES kadmin/Makefile" ;; - "admin/Makefile") CONFIG_FILES="$CONFIG_FILES admin/Makefile" ;; - "kcm/Makefile") CONFIG_FILES="$CONFIG_FILES kcm/Makefile" ;; - "kdc/Makefile") CONFIG_FILES="$CONFIG_FILES kdc/Makefile" ;; - "appl/Makefile") CONFIG_FILES="$CONFIG_FILES appl/Makefile" ;; - "appl/afsutil/Makefile") CONFIG_FILES="$CONFIG_FILES appl/afsutil/Makefile" ;; - "appl/ftp/Makefile") CONFIG_FILES="$CONFIG_FILES appl/ftp/Makefile" ;; - "appl/ftp/common/Makefile") CONFIG_FILES="$CONFIG_FILES appl/ftp/common/Makefile" ;; - "appl/ftp/ftp/Makefile") CONFIG_FILES="$CONFIG_FILES appl/ftp/ftp/Makefile" ;; - "appl/ftp/ftpd/Makefile") CONFIG_FILES="$CONFIG_FILES appl/ftp/ftpd/Makefile" ;; - "appl/gssmask/Makefile") CONFIG_FILES="$CONFIG_FILES appl/gssmask/Makefile" ;; - "appl/kx/Makefile") CONFIG_FILES="$CONFIG_FILES appl/kx/Makefile" ;; - "appl/login/Makefile") CONFIG_FILES="$CONFIG_FILES appl/login/Makefile" ;; - "appl/otp/Makefile") CONFIG_FILES="$CONFIG_FILES appl/otp/Makefile" ;; - "appl/popper/Makefile") CONFIG_FILES="$CONFIG_FILES appl/popper/Makefile" ;; - "appl/push/Makefile") CONFIG_FILES="$CONFIG_FILES appl/push/Makefile" ;; - "appl/rsh/Makefile") CONFIG_FILES="$CONFIG_FILES appl/rsh/Makefile" ;; - "appl/rcp/Makefile") CONFIG_FILES="$CONFIG_FILES appl/rcp/Makefile" ;; - "appl/su/Makefile") CONFIG_FILES="$CONFIG_FILES appl/su/Makefile" ;; - "appl/xnlock/Makefile") CONFIG_FILES="$CONFIG_FILES appl/xnlock/Makefile" ;; - "appl/telnet/Makefile") CONFIG_FILES="$CONFIG_FILES appl/telnet/Makefile" ;; - "appl/telnet/libtelnet/Makefile") CONFIG_FILES="$CONFIG_FILES appl/telnet/libtelnet/Makefile" ;; - "appl/telnet/telnet/Makefile") CONFIG_FILES="$CONFIG_FILES appl/telnet/telnet/Makefile" ;; - "appl/telnet/telnetd/Makefile") CONFIG_FILES="$CONFIG_FILES appl/telnet/telnetd/Makefile" ;; - "appl/test/Makefile") CONFIG_FILES="$CONFIG_FILES appl/test/Makefile" ;; - "appl/kf/Makefile") CONFIG_FILES="$CONFIG_FILES appl/kf/Makefile" ;; - "appl/dceutils/Makefile") CONFIG_FILES="$CONFIG_FILES appl/dceutils/Makefile" ;; - "tests/Makefile") CONFIG_FILES="$CONFIG_FILES tests/Makefile" ;; - "tests/can/Makefile") CONFIG_FILES="$CONFIG_FILES tests/can/Makefile" ;; - "tests/db/Makefile") CONFIG_FILES="$CONFIG_FILES tests/db/Makefile" ;; - "tests/kdc/Makefile") CONFIG_FILES="$CONFIG_FILES tests/kdc/Makefile" ;; - "tests/ldap/Makefile") CONFIG_FILES="$CONFIG_FILES tests/ldap/Makefile" ;; - "tests/gss/Makefile") CONFIG_FILES="$CONFIG_FILES tests/gss/Makefile" ;; - "tests/java/Makefile") CONFIG_FILES="$CONFIG_FILES tests/java/Makefile" ;; - "tests/plugin/Makefile") CONFIG_FILES="$CONFIG_FILES tests/plugin/Makefile" ;; - "packages/Makefile") CONFIG_FILES="$CONFIG_FILES packages/Makefile" ;; - "packages/mac/Makefile") CONFIG_FILES="$CONFIG_FILES packages/mac/Makefile" ;; - "packages/debian/Makefile") CONFIG_FILES="$CONFIG_FILES packages/debian/Makefile" ;; - "doc/Makefile") CONFIG_FILES="$CONFIG_FILES doc/Makefile" ;; - "tools/Makefile") CONFIG_FILES="$CONFIG_FILES tools/Makefile" ;; - - *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5 -echo "$as_me: error: invalid argument: $ac_config_target" >&2;} - { (exit 1); exit 1; }; };; - esac -done - - -# If the user did not use the arguments to specify the items to instantiate, -# then the envvar interface is used. Set only those that are not. -# We use the long form for the default assignment because of an extremely -# bizarre bug on SunOS 4.1.3. -if $ac_need_defaults; then - test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files - test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers -fi - -# Have a temporary directory for convenience. Make it in the build tree -# simply because there is no reason against having it here, and in addition, -# creating and moving files from /tmp can sometimes cause problems. -# Hook for its removal unless debugging. -# Note that there is a small window in which the directory will not be cleaned: -# after its creation but before its name has been assigned to `$tmp'. -$debug || -{ - tmp= - trap 'exit_status=$? - { test -z "$tmp" || test ! -d "$tmp" || rm -fr "$tmp"; } && exit $exit_status -' 0 - trap '{ (exit 1); exit 1; }' 1 2 13 15 -} -# Create a (secure) tmp directory for tmp files. - -{ - tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && - test -n "$tmp" && test -d "$tmp" -} || -{ - tmp=./conf$$-$RANDOM - (umask 077 && mkdir "$tmp") -} || -{ - echo "$me: cannot create a temporary directory in ." >&2 - { (exit 1); exit 1; } -} - -# -# Set up the sed scripts for CONFIG_FILES section. -# - -# No need to generate the scripts if there are no CONFIG_FILES. -# This happens for instance when ./config.status config.h -if test -n "$CONFIG_FILES"; then - -_ACEOF - - - -ac_delim='%!_!# ' -for ac_last_try in false false false false false :; do - cat >conf$$subs.sed <<_ACEOF -SHELL!$SHELL$ac_delim -PATH_SEPARATOR!$PATH_SEPARATOR$ac_delim -PACKAGE_NAME!$PACKAGE_NAME$ac_delim -PACKAGE_TARNAME!$PACKAGE_TARNAME$ac_delim -PACKAGE_VERSION!$PACKAGE_VERSION$ac_delim -PACKAGE_STRING!$PACKAGE_STRING$ac_delim -PACKAGE_BUGREPORT!$PACKAGE_BUGREPORT$ac_delim -exec_prefix!$exec_prefix$ac_delim -prefix!$prefix$ac_delim -program_transform_name!$program_transform_name$ac_delim -bindir!$bindir$ac_delim -sbindir!$sbindir$ac_delim -libexecdir!$libexecdir$ac_delim -datarootdir!$datarootdir$ac_delim -datadir!$datadir$ac_delim -sysconfdir!$sysconfdir$ac_delim -sharedstatedir!$sharedstatedir$ac_delim -localstatedir!$localstatedir$ac_delim -includedir!$includedir$ac_delim -oldincludedir!$oldincludedir$ac_delim -docdir!$docdir$ac_delim -infodir!$infodir$ac_delim -htmldir!$htmldir$ac_delim -dvidir!$dvidir$ac_delim -pdfdir!$pdfdir$ac_delim -psdir!$psdir$ac_delim -libdir!$libdir$ac_delim -localedir!$localedir$ac_delim -mandir!$mandir$ac_delim -DEFS!$DEFS$ac_delim -ECHO_C!$ECHO_C$ac_delim -ECHO_N!$ECHO_N$ac_delim -ECHO_T!$ECHO_T$ac_delim -LIBS!$LIBS$ac_delim -build_alias!$build_alias$ac_delim -host_alias!$host_alias$ac_delim -target_alias!$target_alias$ac_delim -INSTALL_PROGRAM!$INSTALL_PROGRAM$ac_delim -INSTALL_SCRIPT!$INSTALL_SCRIPT$ac_delim -INSTALL_DATA!$INSTALL_DATA$ac_delim -am__isrc!$am__isrc$ac_delim -CYGPATH_W!$CYGPATH_W$ac_delim -PACKAGE!$PACKAGE$ac_delim -VERSION!$VERSION$ac_delim -ACLOCAL!$ACLOCAL$ac_delim -AUTOCONF!$AUTOCONF$ac_delim -AUTOMAKE!$AUTOMAKE$ac_delim -AUTOHEADER!$AUTOHEADER$ac_delim -MAKEINFO!$MAKEINFO$ac_delim -install_sh!$install_sh$ac_delim -STRIP!$STRIP$ac_delim -INSTALL_STRIP_PROGRAM!$INSTALL_STRIP_PROGRAM$ac_delim -mkdir_p!$mkdir_p$ac_delim -AWK!$AWK$ac_delim -SET_MAKE!$SET_MAKE$ac_delim -am__leading_dot!$am__leading_dot$ac_delim -AMTAR!$AMTAR$ac_delim -am__tar!$am__tar$ac_delim -am__untar!$am__untar$ac_delim -MAINTAINER_MODE_TRUE!$MAINTAINER_MODE_TRUE$ac_delim -MAINTAINER_MODE_FALSE!$MAINTAINER_MODE_FALSE$ac_delim -MAINT!$MAINT$ac_delim -CC!$CC$ac_delim -CFLAGS!$CFLAGS$ac_delim -LDFLAGS!$LDFLAGS$ac_delim -CPPFLAGS!$CPPFLAGS$ac_delim -ac_ct_CC!$ac_ct_CC$ac_delim -EXEEXT!$EXEEXT$ac_delim -OBJEXT!$OBJEXT$ac_delim -CPP!$CPP$ac_delim -build!$build$ac_delim -build_cpu!$build_cpu$ac_delim -build_vendor!$build_vendor$ac_delim -build_os!$build_os$ac_delim -host!$host$ac_delim -host_cpu!$host_cpu$ac_delim -host_vendor!$host_vendor$ac_delim -host_os!$host_os$ac_delim -CANONICAL_HOST!$CANONICAL_HOST$ac_delim -YACC!$YACC$ac_delim -YFLAGS!$YFLAGS$ac_delim -LEX!$LEX$ac_delim -LEX_OUTPUT_ROOT!$LEX_OUTPUT_ROOT$ac_delim -LEXLIB!$LEXLIB$ac_delim -LN_S!$LN_S$ac_delim -GREP!$GREP$ac_delim -EGREP!$EGREP$ac_delim -ECHO!$ECHO$ac_delim -AR!$AR$ac_delim -RANLIB!$RANLIB$ac_delim -CXX!$CXX$ac_delim -CXXFLAGS!$CXXFLAGS$ac_delim -ac_ct_CXX!$ac_ct_CXX$ac_delim -CXXCPP!$CXXCPP$ac_delim -F77!$F77$ac_delim -FFLAGS!$FFLAGS$ac_delim -ac_ct_F77!$ac_ct_F77$ac_delim -_ACEOF - - if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then - break - elif $ac_last_try; then - { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 -echo "$as_me: error: could not make $CONFIG_STATUS" >&2;} - { (exit 1); exit 1; }; } - else - ac_delim="$ac_delim!$ac_delim _$ac_delim!! " - fi -done - -ac_eof=`sed -n '/^CEOF[0-9]*$/s/CEOF/0/p' conf$$subs.sed` -if test -n "$ac_eof"; then - ac_eof=`echo "$ac_eof" | sort -nru | sed 1q` - ac_eof=`expr $ac_eof + 1` -fi - -cat >>$CONFIG_STATUS <<_ACEOF -cat >"\$tmp/subs-1.sed" <<\CEOF$ac_eof -/@[a-zA-Z_][a-zA-Z_0-9]*@/!b -_ACEOF -sed ' -s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g -s/^/s,@/; s/!/@,|#_!!_#|/ -:n -t n -s/'"$ac_delim"'$/,g/; t -s/$/\\/; p -N; s/^.*\n//; s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g; b n -' >>$CONFIG_STATUS >$CONFIG_STATUS <<_ACEOF -CEOF$ac_eof -_ACEOF - - -ac_delim='%!_!# ' -for ac_last_try in false false false false false :; do - cat >conf$$subs.sed <<_ACEOF -LIBTOOL!$LIBTOOL$ac_delim -ENABLE_SHARED_TRUE!$ENABLE_SHARED_TRUE$ac_delim -ENABLE_SHARED_FALSE!$ENABLE_SHARED_FALSE$ac_delim -VERSIONING!$VERSIONING$ac_delim -versionscript_TRUE!$versionscript_TRUE$ac_delim -versionscript_FALSE!$versionscript_FALSE$ac_delim -LDFLAGS_VERSION_SCRIPT!$LDFLAGS_VERSION_SCRIPT$ac_delim -INCLUDE_openldap!$INCLUDE_openldap$ac_delim -LIB_openldap!$LIB_openldap$ac_delim -OPENLDAP_MODULE_TRUE!$OPENLDAP_MODULE_TRUE$ac_delim -OPENLDAP_MODULE_FALSE!$OPENLDAP_MODULE_FALSE$ac_delim -PKINIT_TRUE!$PKINIT_TRUE$ac_delim -PKINIT_FALSE!$PKINIT_FALSE$ac_delim -DIR_hdbdir!$DIR_hdbdir$ac_delim -INCLUDE_krb4!$INCLUDE_krb4$ac_delim -LIB_krb4!$LIB_krb4$ac_delim -KRB4_TRUE!$KRB4_TRUE$ac_delim -KRB4_FALSE!$KRB4_FALSE$ac_delim -KRB5_TRUE!$KRB5_TRUE$ac_delim -KRB5_FALSE!$KRB5_FALSE$ac_delim -do_roken_rename_TRUE!$do_roken_rename_TRUE$ac_delim -do_roken_rename_FALSE!$do_roken_rename_FALSE$ac_delim -LIB_kdb!$LIB_kdb$ac_delim -HAVE_OPENSSL_TRUE!$HAVE_OPENSSL_TRUE$ac_delim -HAVE_OPENSSL_FALSE!$HAVE_OPENSSL_FALSE$ac_delim -DIR_hcrypto!$DIR_hcrypto$ac_delim -INCLUDE_hcrypto!$INCLUDE_hcrypto$ac_delim -LIB_hcrypto!$LIB_hcrypto$ac_delim -LIB_hcrypto_a!$LIB_hcrypto_a$ac_delim -LIB_hcrypto_so!$LIB_hcrypto_so$ac_delim -LIB_hcrypto_appl!$LIB_hcrypto_appl$ac_delim -PTHREADS_CFLAGS!$PTHREADS_CFLAGS$ac_delim -PTHREADS_LIBS!$PTHREADS_LIBS$ac_delim -DCE_TRUE!$DCE_TRUE$ac_delim -DCE_FALSE!$DCE_FALSE$ac_delim -dpagaix_cflags!$dpagaix_cflags$ac_delim -dpagaix_ldadd!$dpagaix_ldadd$ac_delim -dpagaix_ldflags!$dpagaix_ldflags$ac_delim -LIB_db_create!$LIB_db_create$ac_delim -LIB_dbopen!$LIB_dbopen$ac_delim -LIB_dbm_firstkey!$LIB_dbm_firstkey$ac_delim -HAVE_DB1_TRUE!$HAVE_DB1_TRUE$ac_delim -HAVE_DB1_FALSE!$HAVE_DB1_FALSE$ac_delim -HAVE_DB3_TRUE!$HAVE_DB3_TRUE$ac_delim -HAVE_DB3_FALSE!$HAVE_DB3_FALSE$ac_delim -HAVE_NDBM_TRUE!$HAVE_NDBM_TRUE$ac_delim -HAVE_NDBM_FALSE!$HAVE_NDBM_FALSE$ac_delim -DBLIB!$DBLIB$ac_delim -LIB_NDBM!$LIB_NDBM$ac_delim -WFLAGS!$WFLAGS$ac_delim -WFLAGS_NOUNUSED!$WFLAGS_NOUNUSED$ac_delim -WFLAGS_NOIMPLICITINT!$WFLAGS_NOIMPLICITINT$ac_delim -VOID_RETSIGTYPE!$VOID_RETSIGTYPE$ac_delim -have_err_h_TRUE!$have_err_h_TRUE$ac_delim -have_err_h_FALSE!$have_err_h_FALSE$ac_delim -have_ifaddrs_h_TRUE!$have_ifaddrs_h_TRUE$ac_delim -have_ifaddrs_h_FALSE!$have_ifaddrs_h_FALSE$ac_delim -have_vis_h_TRUE!$have_vis_h_TRUE$ac_delim -have_vis_h_FALSE!$have_vis_h_FALSE$ac_delim -LIB_socket!$LIB_socket$ac_delim -LIB_gethostbyname!$LIB_gethostbyname$ac_delim -LIB_syslog!$LIB_syslog$ac_delim -LIB_gethostbyname2!$LIB_gethostbyname2$ac_delim -LIB_res_search!$LIB_res_search$ac_delim -LIB_res_nsearch!$LIB_res_nsearch$ac_delim -LIB_res_ndestroy!$LIB_res_ndestroy$ac_delim -LIB_dn_expand!$LIB_dn_expand$ac_delim -LIBOBJS!$LIBOBJS$ac_delim -have_glob_h_TRUE!$have_glob_h_TRUE$ac_delim -have_glob_h_FALSE!$have_glob_h_FALSE$ac_delim -have_cgetent_TRUE!$have_cgetent_TRUE$ac_delim -have_cgetent_FALSE!$have_cgetent_FALSE$ac_delim -LIB_getsockopt!$LIB_getsockopt$ac_delim -LIB_setsockopt!$LIB_setsockopt$ac_delim -LIB_hstrerror!$LIB_hstrerror$ac_delim -LIB_bswap16!$LIB_bswap16$ac_delim -LIB_bswap32!$LIB_bswap32$ac_delim -LIB_pidfile!$LIB_pidfile$ac_delim -LIB_getaddrinfo!$LIB_getaddrinfo$ac_delim -LIB_getnameinfo!$LIB_getnameinfo$ac_delim -LIB_freeaddrinfo!$LIB_freeaddrinfo$ac_delim -LIB_gai_strerror!$LIB_gai_strerror$ac_delim -have_fnmatch_h_TRUE!$have_fnmatch_h_TRUE$ac_delim -have_fnmatch_h_FALSE!$have_fnmatch_h_FALSE$ac_delim -LIB_crypt!$LIB_crypt$ac_delim -have_socket_wrapper_TRUE!$have_socket_wrapper_TRUE$ac_delim -have_socket_wrapper_FALSE!$have_socket_wrapper_FALSE$ac_delim -DIR_roken!$DIR_roken$ac_delim -LIB_roken!$LIB_roken$ac_delim -INCLUDES_roken!$INCLUDES_roken$ac_delim -LIBADD_roken!$LIBADD_roken$ac_delim -LIB_otp!$LIB_otp$ac_delim -OTP_TRUE!$OTP_TRUE$ac_delim -OTP_FALSE!$OTP_FALSE$ac_delim -LIB_security!$LIB_security$ac_delim -NROFF!$NROFF$ac_delim -GROFF!$GROFF$ac_delim -_ACEOF - - if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then - break - elif $ac_last_try; then - { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 -echo "$as_me: error: could not make $CONFIG_STATUS" >&2;} - { (exit 1); exit 1; }; } - else - ac_delim="$ac_delim!$ac_delim _$ac_delim!! " - fi -done - -ac_eof=`sed -n '/^CEOF[0-9]*$/s/CEOF/0/p' conf$$subs.sed` -if test -n "$ac_eof"; then - ac_eof=`echo "$ac_eof" | sort -nru | sed 1q` - ac_eof=`expr $ac_eof + 1` -fi - -cat >>$CONFIG_STATUS <<_ACEOF -cat >"\$tmp/subs-2.sed" <<\CEOF$ac_eof -/@[a-zA-Z_][a-zA-Z_0-9]*@/!b -_ACEOF -sed ' -s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g -s/^/s,@/; s/!/@,|#_!!_#|/ -:n -t n -s/'"$ac_delim"'$/,g/; t -s/$/\\/; p -N; s/^.*\n//; s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g; b n -' >>$CONFIG_STATUS >$CONFIG_STATUS <<_ACEOF -CEOF$ac_eof -_ACEOF - - -ac_delim='%!_!# ' -for ac_last_try in false false false false false :; do - cat >conf$$subs.sed <<_ACEOF -CATMAN!$CATMAN$ac_delim -CATMAN_TRUE!$CATMAN_TRUE$ac_delim -CATMAN_FALSE!$CATMAN_FALSE$ac_delim -CATMANEXT!$CATMANEXT$ac_delim -INCLUDE_readline!$INCLUDE_readline$ac_delim -LIB_readline!$LIB_readline$ac_delim -INCLUDE_hesiod!$INCLUDE_hesiod$ac_delim -LIB_hesiod!$LIB_hesiod$ac_delim -AIX_TRUE!$AIX_TRUE$ac_delim -AIX_FALSE!$AIX_FALSE$ac_delim -AIX4_TRUE!$AIX4_TRUE$ac_delim -AIX4_FALSE!$AIX4_FALSE$ac_delim -LIB_dlopen!$LIB_dlopen$ac_delim -HAVE_DLOPEN_TRUE!$HAVE_DLOPEN_TRUE$ac_delim -HAVE_DLOPEN_FALSE!$HAVE_DLOPEN_FALSE$ac_delim -LIB_loadquery!$LIB_loadquery$ac_delim -AIX_DYNAMIC_AFS_TRUE!$AIX_DYNAMIC_AFS_TRUE$ac_delim -AIX_DYNAMIC_AFS_FALSE!$AIX_DYNAMIC_AFS_FALSE$ac_delim -AIX_EXTRA_KAFS!$AIX_EXTRA_KAFS$ac_delim -IRIX_TRUE!$IRIX_TRUE$ac_delim -IRIX_FALSE!$IRIX_FALSE$ac_delim -XMKMF!$XMKMF$ac_delim -X_CFLAGS!$X_CFLAGS$ac_delim -X_PRE_LIBS!$X_PRE_LIBS$ac_delim -X_LIBS!$X_LIBS$ac_delim -X_EXTRA_LIBS!$X_EXTRA_LIBS$ac_delim -HAVE_X_TRUE!$HAVE_X_TRUE$ac_delim -HAVE_X_FALSE!$HAVE_X_FALSE$ac_delim -LIB_XauWriteAuth!$LIB_XauWriteAuth$ac_delim -LIB_XauReadAuth!$LIB_XauReadAuth$ac_delim -LIB_XauFileName!$LIB_XauFileName$ac_delim -NEED_WRITEAUTH_TRUE!$NEED_WRITEAUTH_TRUE$ac_delim -NEED_WRITEAUTH_FALSE!$NEED_WRITEAUTH_FALSE$ac_delim -LIB_logwtmp!$LIB_logwtmp$ac_delim -LIB_logout!$LIB_logout$ac_delim -LIB_openpty!$LIB_openpty$ac_delim -LIB_tgetent!$LIB_tgetent$ac_delim -LIB_getpwnam_r!$LIB_getpwnam_r$ac_delim -LIB_door_create!$LIB_door_create$ac_delim -KCM_TRUE!$KCM_TRUE$ac_delim -KCM_FALSE!$KCM_FALSE$ac_delim -FRAMEWORK_SECURITY_TRUE!$FRAMEWORK_SECURITY_TRUE$ac_delim -FRAMEWORK_SECURITY_FALSE!$FRAMEWORK_SECURITY_FALSE$ac_delim -LIB_el_init!$LIB_el_init$ac_delim -el_compat_TRUE!$el_compat_TRUE$ac_delim -el_compat_FALSE!$el_compat_FALSE$ac_delim -COMPILE_ET!$COMPILE_ET$ac_delim -COM_ERR_TRUE!$COM_ERR_TRUE$ac_delim -COM_ERR_FALSE!$COM_ERR_FALSE$ac_delim -DIR_com_err!$DIR_com_err$ac_delim -LIB_com_err!$LIB_com_err$ac_delim -LIB_com_err_a!$LIB_com_err_a$ac_delim -LIB_com_err_so!$LIB_com_err_so$ac_delim -LIB_AUTH_SUBDIRS!$LIB_AUTH_SUBDIRS$ac_delim -LTLIBOBJS!$LTLIBOBJS$ac_delim -_ACEOF - - if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 55; then - break - elif $ac_last_try; then - { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 -echo "$as_me: error: could not make $CONFIG_STATUS" >&2;} - { (exit 1); exit 1; }; } - else - ac_delim="$ac_delim!$ac_delim _$ac_delim!! " - fi -done - -ac_eof=`sed -n '/^CEOF[0-9]*$/s/CEOF/0/p' conf$$subs.sed` -if test -n "$ac_eof"; then - ac_eof=`echo "$ac_eof" | sort -nru | sed 1q` - ac_eof=`expr $ac_eof + 1` -fi - -cat >>$CONFIG_STATUS <<_ACEOF -cat >"\$tmp/subs-3.sed" <<\CEOF$ac_eof -/@[a-zA-Z_][a-zA-Z_0-9]*@/!b end -_ACEOF -sed ' -s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g -s/^/s,@/; s/!/@,|#_!!_#|/ -:n -t n -s/'"$ac_delim"'$/,g/; t -s/$/\\/; p -N; s/^.*\n//; s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g; b n -' >>$CONFIG_STATUS >$CONFIG_STATUS <<_ACEOF -:end -s/|#_!!_#|//g -CEOF$ac_eof -_ACEOF - - -# VPATH may cause trouble with some makes, so we remove $(srcdir), -# ${srcdir} and @srcdir@ from VPATH if srcdir is ".", strip leading and -# trailing colons and then remove the whole line if VPATH becomes empty -# (actually we leave an empty line to preserve line numbers). -if test "x$srcdir" = x.; then - ac_vpsub='/^[ ]*VPATH[ ]*=/{ -s/:*\$(srcdir):*/:/ -s/:*\${srcdir}:*/:/ -s/:*@srcdir@:*/:/ -s/^\([^=]*=[ ]*\):*/\1/ -s/:*$// -s/^[^=]*=[ ]*$// -}' -fi - -cat >>$CONFIG_STATUS <<\_ACEOF -fi # test -n "$CONFIG_FILES" - - -for ac_tag in :F $CONFIG_FILES :H $CONFIG_HEADERS -do - case $ac_tag in - :[FHLC]) ac_mode=$ac_tag; continue;; - esac - case $ac_mode$ac_tag in - :[FHL]*:*);; - :L* | :C*:*) { { echo "$as_me:$LINENO: error: Invalid tag $ac_tag." >&5 -echo "$as_me: error: Invalid tag $ac_tag." >&2;} - { (exit 1); exit 1; }; };; - :[FH]-) ac_tag=-:-;; - :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; - esac - ac_save_IFS=$IFS - IFS=: - set x $ac_tag - IFS=$ac_save_IFS - shift - ac_file=$1 - shift - - case $ac_mode in - :L) ac_source=$1;; - :[FH]) - ac_file_inputs= - for ac_f - do - case $ac_f in - -) ac_f="$tmp/stdin";; - *) # Look for the file first in the build tree, then in the source tree - # (if the path is not absolute). The absolute path cannot be DOS-style, - # because $ac_f cannot contain `:'. - test -f "$ac_f" || - case $ac_f in - [\\/$]*) false;; - *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; - esac || - { { echo "$as_me:$LINENO: error: cannot find input file: $ac_f" >&5 -echo "$as_me: error: cannot find input file: $ac_f" >&2;} - { (exit 1); exit 1; }; };; - esac - ac_file_inputs="$ac_file_inputs $ac_f" - done - - # Let's still pretend it is `configure' which instantiates (i.e., don't - # use $as_me), people would be surprised to read: - # /* config.h. Generated by config.status. */ - configure_input="Generated from "`IFS=: - echo $* | sed 's|^[^:]*/||;s|:[^:]*/|, |g'`" by configure." - if test x"$ac_file" != x-; then - configure_input="$ac_file. $configure_input" - { echo "$as_me:$LINENO: creating $ac_file" >&5 -echo "$as_me: creating $ac_file" >&6;} - fi - - case $ac_tag in - *:-:* | *:-) cat >"$tmp/stdin";; - esac - ;; - esac - - ac_dir=`$as_dirname -- "$ac_file" || -$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$ac_file" : 'X\(//\)[^/]' \| \ - X"$ac_file" : 'X\(//\)$' \| \ - X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || -echo X"$ac_file" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - { as_dir="$ac_dir" - case $as_dir in #( - -*) as_dir=./$as_dir;; - esac - test -d "$as_dir" || { $as_mkdir_p && mkdir -p "$as_dir"; } || { - as_dirs= - while :; do - case $as_dir in #( - *\'*) as_qdir=`echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #( - *) as_qdir=$as_dir;; - esac - as_dirs="'$as_qdir' $as_dirs" - as_dir=`$as_dirname -- "$as_dir" || -$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$as_dir" : 'X\(//\)[^/]' \| \ - X"$as_dir" : 'X\(//\)$' \| \ - X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || -echo X"$as_dir" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - test -d "$as_dir" && break - done - test -z "$as_dirs" || eval "mkdir $as_dirs" - } || test -d "$as_dir" || { { echo "$as_me:$LINENO: error: cannot create directory $as_dir" >&5 -echo "$as_me: error: cannot create directory $as_dir" >&2;} - { (exit 1); exit 1; }; }; } - ac_builddir=. - -case "$ac_dir" in -.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; -*) - ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'` - # A ".." for each directory in $ac_dir_suffix. - ac_top_builddir_sub=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,/..,g;s,/,,'` - case $ac_top_builddir_sub in - "") ac_top_builddir_sub=. ac_top_build_prefix= ;; - *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; - esac ;; -esac -ac_abs_top_builddir=$ac_pwd -ac_abs_builddir=$ac_pwd$ac_dir_suffix -# for backward compatibility: -ac_top_builddir=$ac_top_build_prefix - -case $srcdir in - .) # We are building in place. - ac_srcdir=. - ac_top_srcdir=$ac_top_builddir_sub - ac_abs_top_srcdir=$ac_pwd ;; - [\\/]* | ?:[\\/]* ) # Absolute name. - ac_srcdir=$srcdir$ac_dir_suffix; - ac_top_srcdir=$srcdir - ac_abs_top_srcdir=$srcdir ;; - *) # Relative name. - ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix - ac_top_srcdir=$ac_top_build_prefix$srcdir - ac_abs_top_srcdir=$ac_pwd/$srcdir ;; -esac -ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix - - - case $ac_mode in - :F) - # - # CONFIG_FILE - # - - case $INSTALL in - [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;; - *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;; - esac - ac_MKDIR_P=$MKDIR_P - case $MKDIR_P in - [\\/$]* | ?:[\\/]* ) ;; - */*) ac_MKDIR_P=$ac_top_build_prefix$MKDIR_P ;; - esac -_ACEOF - -cat >>$CONFIG_STATUS <<\_ACEOF -# If the template does not know about datarootdir, expand it. -# FIXME: This hack should be removed a few years after 2.60. -ac_datarootdir_hack=; ac_datarootdir_seen= - -case `sed -n '/datarootdir/ { - p - q -} -/@datadir@/p -/@docdir@/p -/@infodir@/p -/@localedir@/p -/@mandir@/p -' $ac_file_inputs` in -*datarootdir*) ac_datarootdir_seen=yes;; -*@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) - { echo "$as_me:$LINENO: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 -echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} -_ACEOF -cat >>$CONFIG_STATUS <<_ACEOF - ac_datarootdir_hack=' - s&@datadir@&$datadir&g - s&@docdir@&$docdir&g - s&@infodir@&$infodir&g - s&@localedir@&$localedir&g - s&@mandir@&$mandir&g - s&\\\${datarootdir}&$datarootdir&g' ;; -esac -_ACEOF - -# Neutralize VPATH when `$srcdir' = `.'. -# Shell code in configure.ac might set extrasub. -# FIXME: do we really want to maintain this feature? -cat >>$CONFIG_STATUS <<_ACEOF - sed "$ac_vpsub -$extrasub -_ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF -:t -/@[a-zA-Z_][a-zA-Z_0-9]*@/!b -s&@configure_input@&$configure_input&;t t -s&@top_builddir@&$ac_top_builddir_sub&;t t -s&@srcdir@&$ac_srcdir&;t t -s&@abs_srcdir@&$ac_abs_srcdir&;t t -s&@top_srcdir@&$ac_top_srcdir&;t t -s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t -s&@builddir@&$ac_builddir&;t t -s&@abs_builddir@&$ac_abs_builddir&;t t -s&@abs_top_builddir@&$ac_abs_top_builddir&;t t -s&@INSTALL@&$ac_INSTALL&;t t -s&@MKDIR_P@&$ac_MKDIR_P&;t t -$ac_datarootdir_hack -" $ac_file_inputs | sed -f "$tmp/subs-1.sed" | sed -f "$tmp/subs-2.sed" | sed -f "$tmp/subs-3.sed" >$tmp/out - -test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && - { ac_out=`sed -n '/\${datarootdir}/p' "$tmp/out"`; test -n "$ac_out"; } && - { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' "$tmp/out"`; test -z "$ac_out"; } && - { echo "$as_me:$LINENO: WARNING: $ac_file contains a reference to the variable \`datarootdir' -which seems to be undefined. Please make sure it is defined." >&5 -echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' -which seems to be undefined. Please make sure it is defined." >&2;} - - rm -f "$tmp/stdin" - case $ac_file in - -) cat "$tmp/out"; rm -f "$tmp/out";; - *) rm -f "$ac_file"; mv "$tmp/out" $ac_file;; - esac - ;; - :H) - # - # CONFIG_HEADER - # -_ACEOF - -# Transform confdefs.h into a sed script `conftest.defines', that -# substitutes the proper values into config.h.in to produce config.h. -rm -f conftest.defines conftest.tail -# First, append a space to every undef/define line, to ease matching. -echo 's/$/ /' >conftest.defines -# Then, protect against being on the right side of a sed subst, or in -# an unquoted here document, in config.status. If some macros were -# called several times there might be several #defines for the same -# symbol, which is useless. But do not sort them, since the last -# AC_DEFINE must be honored. -ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]* -# These sed commands are passed to sed as "A NAME B PARAMS C VALUE D", where -# NAME is the cpp macro being defined, VALUE is the value it is being given. -# PARAMS is the parameter list in the macro definition--in most cases, it's -# just an empty string. -ac_dA='s,^\\([ #]*\\)[^ ]*\\([ ]*' -ac_dB='\\)[ (].*,\\1define\\2' -ac_dC=' ' -ac_dD=' ,' - -uniq confdefs.h | - sed -n ' - t rset - :rset - s/^[ ]*#[ ]*define[ ][ ]*// - t ok - d - :ok - s/[\\&,]/\\&/g - s/^\('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/ '"$ac_dA"'\1'"$ac_dB"'\2'"${ac_dC}"'\3'"$ac_dD"'/p - s/^\('"$ac_word_re"'\)[ ]*\(.*\)/'"$ac_dA"'\1'"$ac_dB$ac_dC"'\2'"$ac_dD"'/p - ' >>conftest.defines - -# Remove the space that was appended to ease matching. -# Then replace #undef with comments. This is necessary, for -# example, in the case of _POSIX_SOURCE, which is predefined and required -# on some systems where configure will not decide to define it. -# (The regexp can be short, since the line contains either #define or #undef.) -echo 's/ $// -s,^[ #]*u.*,/* & */,' >>conftest.defines - -# Break up conftest.defines: -ac_max_sed_lines=50 - -# First sed command is: sed -f defines.sed $ac_file_inputs >"$tmp/out1" -# Second one is: sed -f defines.sed "$tmp/out1" >"$tmp/out2" -# Third one will be: sed -f defines.sed "$tmp/out2" >"$tmp/out1" -# et cetera. -ac_in='$ac_file_inputs' -ac_out='"$tmp/out1"' -ac_nxt='"$tmp/out2"' - -while : -do - # Write a here document: - cat >>$CONFIG_STATUS <<_ACEOF - # First, check the format of the line: - cat >"\$tmp/defines.sed" <<\\CEOF -/^[ ]*#[ ]*undef[ ][ ]*$ac_word_re[ ]*\$/b def -/^[ ]*#[ ]*define[ ][ ]*$ac_word_re[( ]/b def -b -:def -_ACEOF - sed ${ac_max_sed_lines}q conftest.defines >>$CONFIG_STATUS - echo 'CEOF - sed -f "$tmp/defines.sed"' "$ac_in >$ac_out" >>$CONFIG_STATUS - ac_in=$ac_out; ac_out=$ac_nxt; ac_nxt=$ac_in - sed 1,${ac_max_sed_lines}d conftest.defines >conftest.tail - grep . conftest.tail >/dev/null || break - rm -f conftest.defines - mv conftest.tail conftest.defines -done -rm -f conftest.defines conftest.tail - -echo "ac_result=$ac_in" >>$CONFIG_STATUS -cat >>$CONFIG_STATUS <<\_ACEOF - if test x"$ac_file" != x-; then - echo "/* $configure_input */" >"$tmp/config.h" - cat "$ac_result" >>"$tmp/config.h" - if diff $ac_file "$tmp/config.h" >/dev/null 2>&1; then - { echo "$as_me:$LINENO: $ac_file is unchanged" >&5 -echo "$as_me: $ac_file is unchanged" >&6;} - else - rm -f $ac_file - mv "$tmp/config.h" $ac_file - fi - else - echo "/* $configure_input */" - cat "$ac_result" - fi - rm -f "$tmp/out12" -# Compute $ac_file's index in $config_headers. -_am_stamp_count=1 -for _am_header in $config_headers :; do - case $_am_header in - $ac_file | $ac_file:* ) - break ;; - * ) - _am_stamp_count=`expr $_am_stamp_count + 1` ;; - esac -done -echo "timestamp for $ac_file" >`$as_dirname -- $ac_file || -$as_expr X$ac_file : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X$ac_file : 'X\(//\)[^/]' \| \ - X$ac_file : 'X\(//\)$' \| \ - X$ac_file : 'X\(/\)' \| . 2>/dev/null || -echo X$ac_file | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'`/stamp-h$_am_stamp_count - ;; - - - esac - -done # for ac_tag - - -{ (exit 0); exit 0; } -_ACEOF -chmod +x $CONFIG_STATUS -ac_clean_files=$ac_clean_files_save - - -# configure is writing to config.log, and then calls config.status. -# config.status does its own redirection, appending to config.log. -# Unfortunately, on DOS this fails, as config.log is still kept open -# by configure, so config.status won't be able to write to it; its -# output is simply discarded. So we exec the FD to /dev/null, -# effectively closing config.log, so it can be properly (re)opened and -# appended to by config.status. When coming back to configure, we -# need to make the FD available again. -if test "$no_create" != yes; then - ac_cs_success=: - ac_config_status_args= - test "$silent" = yes && - ac_config_status_args="$ac_config_status_args --quiet" - exec 5>/dev/null - $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false - exec 5>>config.log - # Use ||, not &&, to avoid exiting from the if with $? = 1, which - # would make configure fail if this is the last instruction. - $ac_cs_success || { (exit 1); exit 1; } -fi - - - -cat > include/newversion.h.in </dev/null | sed 1q` - Date=`date` - mv -f include/newversion.h.in include/version.h.in - sed -e "s/@USER@/$User/" -e "s/@HOST@/$Host/" -e "s/@DATE@/$Date/" include/version.h.in > include/version.h -fi diff --git a/crypto/heimdal/configure.in b/crypto/heimdal/configure.in deleted file mode 100644 index a039a71e04f6..000000000000 --- a/crypto/heimdal/configure.in +++ /dev/null @@ -1,543 +0,0 @@ -dnl Process this file with autoconf to produce a configure script. -AC_REVISION($Revision: 22513 $) -AC_PREREQ([2.59]) -test -z "$CFLAGS" && CFLAGS="-g" -AC_INIT([Heimdal],[1.1],[heimdal-bugs@h5l.org]) -AC_CONFIG_SRCDIR([kuser/kinit.c]) -AC_CONFIG_HEADERS(include/config.h) - -AM_INIT_AUTOMAKE([foreign no-dependencies 1.8]) -AM_MAINTAINER_MODE - -dnl Checks for programs. -AC_PROG_CC -AM_PROG_CC_C_O -AC_PROG_CPP - -AC_PREFIX_DEFAULT(/usr/heimdal) - -test "$sysconfdir" = '${prefix}/etc' && sysconfdir='/etc' -test "$localstatedir" = '${prefix}/var' && localstatedir='/var/heimdal' - -AC_CANONICAL_HOST -CANONICAL_HOST=$host -AC_SUBST(CANONICAL_HOST) - -dnl Hints for autobuild -AB_INIT - -rk_SYS_LARGEFILE - -dnl -dnl this is needed to run the configure tests against glibc -dnl -AC_DEFINE([_GNU_SOURCE], 1, - [Define to enable extensions on glibc-based systems such as Linux.]) - -AC_OBJEXT -AC_EXEEXT - -dnl AC_KRB_PROG_YACC -AC_PROG_YACC -AM_PROG_LEX -dnl AC_PROG_RANLIB -AC_PROG_AWK -AC_KRB_PROG_LN_S - -AC_MIPS_ABI -CC="$CC $abi" -libdir="$libdir$abilibdirext" - -AC_C___ATTRIBUTE__ - -AC_PROG_LIBTOOL - -AM_CONDITIONAL(ENABLE_SHARED, test "$enable_shared" = "yes") -rk_VERSIONSCRIPT - -rk_TEST_PACKAGE(openldap, -[#include -#include ], -[-lldap -llber],,,OPENLDAP) - -AC_ARG_ENABLE(hdb-openldap-module, - AS_HELP_STRING([--enable-hdb-openldap-module], - [if you want support to build openldap hdb as shared object])) -if test "$enable_hdb_openldap_module" = yes -a "$with_openldap" = yes; then - AC_DEFINE(OPENLDAP_MODULE, 1, [Define if you want support for hdb ldap module]) -fi -AM_CONDITIONAL(OPENLDAP_MODULE, test "$enable_hdb_openldap_module" = yes -a "$with_openldap" = yes) - -AC_ARG_ENABLE(pk-init, - AS_HELP_STRING([--disable-pk-init], - [if you want disable to PK-INIT support])) -if test "$enable_pk_init" != no ;then - AC_DEFINE([PKINIT], 1, [Define to enable PKINIT.]) -fi -AM_CONDITIONAL(PKINIT, test "$enable_pk_init" != no) - - -dnl path where the hdb directory is stored -AC_ARG_WITH([hdbdir], - [AC_HELP_STRING([--with-hdbdir], - [Default location for KDC database @<:@default=/var/heimdal@:>@])], - [], - [with_hdbdir=/var/heimdal]) -DIR_hdbdir="$with_hdbdir" -AC_SUBST([DIR_hdbdir]) - - -dnl no kerberos4 any more -with_krb4=no -AC_SUBST(INCLUDE_krb4) -AC_SUBST(LIB_krb4) -AM_CONDITIONAL(KRB4, false) - -AM_CONDITIONAL(KRB5, true) -AM_CONDITIONAL(do_roken_rename, true) - -AC_DEFINE(KRB5, 1, [Enable Kerberos 5 support in applications.])dnl -AC_SUBST(LIB_kdb)dnl - -KRB_CRYPTO - -KRB_PTHREADS - -AC_ARG_ENABLE(dce, - AS_HELP_STRING([--enable-dce],[if you want support for DCE/DFS PAG's])) -if test "$enable_dce" = yes; then - AC_DEFINE(DCE, 1, [Define if you want support for DCE/DFS PAG's.]) -fi -AM_CONDITIONAL(DCE, test "$enable_dce" = yes) - -## XXX quite horrible: -if test -f /etc/ibmcxx.cfg; then - dpagaix_ldadd=`sed -n '/^xlc_r4/,/^$/p' /etc/ibmcxx.cfg | sed -n -e '/libraries/{;s/^[[^=]]*=\(.*\)/\1/;s/,/ /gp;}'` - dpagaix_cflags=`sed -n '/^xlc_r4/,/^$/p' /etc/ibmcxx.cfg | sed -n -e '/options/{;s/^[[^=]]*=\(.*\)/\1/;s/-q[^,]*//;s/,/ /gp;}'` - dpagaix_ldflags= -else - dpagaix_cflags="-D_THREAD_SAFE -D_AIX_PTHREADS_D7 -D_AIX32_THREADS=1 -D_AES_SOURCE -D_AIX41 -I/usr/include/dce" - dpagaix_ldadd="-L/usr/lib/threads -ldcelibc_r -ldcepthreads -lpthreads_compat lpthreads -lc_r" - dpagaix_ldflags="-Wl,-bI:dfspag.exp" -fi -AC_SUBST(dpagaix_cflags) -AC_SUBST(dpagaix_ldadd) -AC_SUBST(dpagaix_ldflags) - -AC_ARG_ENABLE([afs-support], - AC_HELP_STRING([--disable-afs-support], - [if you don't want support for AFS])) -if test "$enable_afs_support" = no; then - AC_DEFINE(NO_AFS, 1, [Define if you don't wan't support for AFS.]) -fi - -rk_DB - -dnl AC_ROKEN(10,[/usr/heimdal /usr/athena],[lib/roken],[$(top_builddir)/lib/roken/libroken.la],[-I$(top_builddir)/lib/roken -I$(top_srcdir)/lib/roken]) - -rk_ROKEN(lib/roken) -LIBADD_roken="$LIB_roken" -AC_SUBST(LIBADD_roken)dnl -LIB_roken="\$(top_builddir)/lib/vers/libvers.la $LIB_roken" - -rk_OTP - -AC_CHECK_OSFC2 - -AC_ARG_ENABLE(mmap, - AS_HELP_STRING([--disable-mmap],[disable use of mmap])) -if test "$enable_mmap" = "no"; then - AC_DEFINE(NO_MMAP, 1, [Define if you don't want to use mmap.]) -fi - -AC_ARG_ENABLE(afs-string-to-key, - AS_HELP_STRING([--disable-afs-string-to-key], - [disable use of weak AFS string-to-key functions]), - [], [enable_afs_string_to_key=yes]) - -if test "$enable_afs_string_to_key" = "yes"; then - AC_DEFINE(ENABLE_AFS_STRING_TO_KEY, 1, [Define if want to use the weak AFS string to key functions.]) -fi - - -rk_CHECK_MAN - -rk_TEST_PACKAGE(readline, -[#include - #include ],-lreadline,,, READLINE) - -rk_TEST_PACKAGE(hesiod,[#include ],-lhesiod,,, HESIOD) - -KRB_C_BIGENDIAN -AC_C_INLINE - -rk_AIX -rk_IRIX -rk_SUNOS - -KRB_CHECK_X - -AM_CONDITIONAL(HAVE_X, test "$no_x" != yes) - -AC_CHECK_XAU - -dnl AM_C_PROTOTYPES - -dnl Checks for typedefs, structures, and compiler characteristics. -AC_C_CONST -AC_TYPE_OFF_T -AC_CHECK_TYPE_EXTRA(mode_t, unsigned short, []) -AC_CHECK_TYPE_EXTRA(sig_atomic_t, int, [#include ]) -AC_HAVE_TYPE([long long]) -AC_HEADER_TIME -AC_STRUCT_TM - -dnl Checks for header files. -AC_HEADER_STDC - -AC_CHECK_HEADERS([\ - arpa/ftp.h \ - arpa/telnet.h \ - bind/bitypes.h \ - bsdsetjmp.h \ - curses.h \ - dlfcn.h \ - fnmatch.h \ - inttypes.h \ - io.h \ - libutil.h \ - limits.h \ - maillock.h \ - netgroup.h \ - netinet/in6_machtypes.h \ - netinfo/ni.h \ - pthread.h \ - pty.h \ - sac.h \ - sgtty.h \ - siad.h \ - signal.h \ - strings.h \ - stropts.h \ - sys/bitypes.h \ - sys/category.h \ - sys/file.h \ - sys/filio.h \ - sys/ioccom.h \ - sys/mman.h \ - sys/param.h \ - sys/pty.h \ - sys/ptyio.h \ - sys/select.h \ - sys/socket.h \ - sys/str_tty.h \ - sys/stream.h \ - sys/stropts.h \ - sys/syscall.h \ - sys/termio.h \ - sys/timeb.h \ - sys/times.h \ - sys/types.h \ - sys/un.h \ - termcap.h \ - termio.h \ - termios.h \ - time.h \ - tmpdir.h \ - udb.h \ - util.h \ - utmp.h \ - utmpx.h \ -]) - -dnl On Solaris 8 there's a compilation warning for term.h because -dnl it doesn't define `bool'. -AC_CHECK_HEADERS(term.h, , , -) - -AC_CHECK_HEADERS(net/if.h, , , [AC_INCLUDES_DEFAULT -#if HAVE_SYS_SOCKET_H -#include -#endif]) - -AC_CHECK_HEADERS(sys/ptyvar.h, , , [AC_INCLUDES_DEFAULT -#if HAVE_SYS_TTY_H -#include -#endif]) - -AC_CHECK_HEADERS(sys/strtty.h, , , [AC_INCLUDES_DEFAULT -#if HAVE_TERMIOS_H -#include -#endif -#if HAVE_SYS_STREAM_H -#include -#endif]) - -AC_CHECK_HEADERS(sys/ucred.h, , , [AC_INCLUDES_DEFAULT -#if HAVE_SYS_TYPES_H -#include -#endif -#if HAVE_SYS_PARAM_H -#include -#endif]) - -AC_CHECK_HEADERS(security/pam_modules.h, , , [AC_INCLUDES_DEFAULT -#include -]) - -AC_ARG_ENABLE(netinfo, - AS_HELP_STRING([--enable-netinfo],[enable netinfo for configuration lookup])) - -if test "$ac_cv_header_netinfo_ni_h" = yes -a "$enable_netinfo" = yes; then - AC_DEFINE(HAVE_NETINFO, 1, - [Define if you want to use Netinfo instead of krb5.conf.]) -fi - -dnl export symbols -rk_WIN32_EXPORT(BUILD_KRB5_LIB, KRB5_LIB_FUNCTION) -rk_WIN32_EXPORT(BUILD_ROKEN_LIB, ROKEN_LIB_FUNCTION) - -dnl Checks for libraries. - -AC_FIND_FUNC_NO_LIBS(logwtmp, util,[ -#ifdef HAVE_UTIL_H -#include -#endif -],[0,0,0]) -AC_FIND_FUNC_NO_LIBS(logout, util,[ -#ifdef HAVE_UTIL_H -#include -#endif -],[0]) -AC_FIND_FUNC_NO_LIBS(openpty, util,[ -#ifdef HAVE_UTIL_H -#include -#endif -],[0,0,0,0,0]) - -AC_FIND_FUNC_NO_LIBS(tgetent, termcap ncurses curses,[ -#ifdef HAVE_TERMCAP_H -#include -#endif -#ifdef HAVE_CURSES_H -#include -#endif -],[0,0]) - -dnl Checks for library functions. - -AC_CHECK_FUNCS([ \ - _getpty \ - _scrsize \ - arc4random \ - fcntl \ - getpeereid \ - getpeerucred \ - grantpt \ - mktime \ - ptsname \ - rand \ - revoke \ - select \ - setitimer \ - setpcred \ - setpgid \ - setproctitle \ - setregid \ - setresgid \ - setresuid \ - setreuid \ - setsid \ - setutent \ - sigaction \ - strstr \ - ttyname \ - ttyslot \ - umask \ - unlockpt \ - vhangup \ - yp_get_default_domain \ -]) - -AC_FUNC_MMAP - -KRB_CAPABILITIES - -AC_CHECK_GETPWNAM_R_POSIX - -dnl detect doors on solaris -if test "$enable_pthread_support" != no; then - saved_LIBS="$LIBS" - LIBS="$LIBS $PTHREADS_LIBS" - AC_FIND_FUNC_NO_LIBS(door_create, door) - LIBS="$saved_LIBS" -fi - -AC_ARG_ENABLE(kcm, - AS_HELP_STRING([--enable-kcm],[enable Kerberos Credentials Manager]), -,[enable_kcm=yes]) - -if test "$enable_kcm" = yes ; then - if test "$ac_cv_header_sys_un_h" != yes -a "$ac_cv_funclib_door_create" != yes ; then - enable_kcm=no - fi -fi -if test "$enable_kcm" = yes; then - AC_DEFINE(HAVE_KCM, 1, - [Define if you want to use the Kerberos Credentials Manager.]) -fi -AM_CONDITIONAL(KCM, test "$enable_kcm" = yes) - - - -dnl Cray stuff -AC_CHECK_FUNCS(getudbnam setlim) - -dnl AC_KRB_FUNC_GETCWD_BROKEN - -dnl -dnl Check for fields in struct utmp -dnl - -AC_HAVE_STRUCT_FIELD(struct utmp, ut_addr, [#include ]) -AC_HAVE_STRUCT_FIELD(struct utmp, ut_host, [#include ]) -AC_HAVE_STRUCT_FIELD(struct utmp, ut_id, [#include ]) -AC_HAVE_STRUCT_FIELD(struct utmp, ut_pid, [#include ]) -AC_HAVE_STRUCT_FIELD(struct utmp, ut_type, [#include ]) -AC_HAVE_STRUCT_FIELD(struct utmp, ut_user, [#include ]) -AC_HAVE_STRUCT_FIELD(struct utmpx, ut_exit, [#include ]) -AC_HAVE_STRUCT_FIELD(struct utmpx, ut_syslen, [#include ]) - -AC_CHECK_TYPES([int8_t, int16_t, int32_t, int64_t, - u_int8_t, u_int16_t, u_int32_t, u_int64_t, - uint8_t, uint16_t, uint32_t, uint64_t],,,[ -#ifdef HAVE_INTTYPES_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_BIND_BITYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include -#endif -]) - -rk_FRAMEWORK_SECURITY - -KRB_READLINE - -rk_TELNET - -dnl Some operating systems already have com_err and compile_et -CHECK_COMPILE_ET - -rk_AUTH_MODULES([sia afskauthlib]) - -rk_DESTDIRS - -rk_WFLAGS([-Wall -Wmissing-prototypes -Wpointer-arith -Wbad-function-cast -Wmissing-declarations -Wnested-externs]) - - -AH_BOTTOM([#ifdef ROKEN_RENAME -#include "roken_rename.h" -#endif]) - -AC_CONFIG_FILES(Makefile \ - etc/Makefile \ - include/Makefile \ - include/gssapi/Makefile \ - include/hcrypto/Makefile \ - include/kadm5/Makefile \ - lib/Makefile \ - lib/45/Makefile \ - lib/auth/Makefile \ - lib/auth/afskauthlib/Makefile \ - lib/auth/pam/Makefile \ - lib/auth/sia/Makefile \ - lib/asn1/Makefile \ - lib/com_err/Makefile \ - lib/hcrypto/Makefile \ - lib/editline/Makefile \ - lib/hx509/Makefile \ - lib/gssapi/Makefile \ - lib/ntlm/Makefile \ - lib/hdb/Makefile \ - lib/kadm5/Makefile \ - lib/kafs/Makefile \ - lib/kdfs/Makefile \ - lib/krb5/Makefile \ - lib/otp/Makefile \ - lib/roken/Makefile \ - lib/sl/Makefile \ - lib/vers/Makefile \ - kuser/Makefile \ - kpasswd/Makefile \ - kadmin/Makefile \ - admin/Makefile \ - kcm/Makefile \ - kdc/Makefile \ - appl/Makefile \ - appl/afsutil/Makefile \ - appl/ftp/Makefile \ - appl/ftp/common/Makefile \ - appl/ftp/ftp/Makefile \ - appl/ftp/ftpd/Makefile \ - appl/gssmask/Makefile \ - appl/kx/Makefile \ - appl/login/Makefile \ - appl/otp/Makefile \ - appl/popper/Makefile \ - appl/push/Makefile \ - appl/rsh/Makefile \ - appl/rcp/Makefile \ - appl/su/Makefile \ - appl/xnlock/Makefile \ - appl/telnet/Makefile \ - appl/telnet/libtelnet/Makefile \ - appl/telnet/telnet/Makefile \ - appl/telnet/telnetd/Makefile \ - appl/test/Makefile \ - appl/kf/Makefile \ - appl/dceutils/Makefile \ - tests/Makefile \ - tests/can/Makefile \ - tests/db/Makefile \ - tests/kdc/Makefile \ - tests/ldap/Makefile \ - tests/gss/Makefile \ - tests/java/Makefile \ - tests/plugin/Makefile \ - packages/Makefile \ - packages/mac/Makefile \ - packages/debian/Makefile \ - doc/Makefile \ - tools/Makefile \ -) - -AC_OUTPUT - -dnl -dnl This is the release version name-number[beta] -dnl - -cat > include/newversion.h.in </dev/null | sed 1q` - Date=`date` - mv -f include/newversion.h.in include/version.h.in - sed -e "s/@USER@/$User/" -e "s/@HOST@/$Host/" -e "s/@DATE@/$Date/" include/version.h.in > include/version.h -fi diff --git a/crypto/heimdal/doc/Makefile.am b/crypto/heimdal/doc/Makefile.am deleted file mode 100644 index 87473fe0a3d6..000000000000 --- a/crypto/heimdal/doc/Makefile.am +++ /dev/null @@ -1,85 +0,0 @@ -# $Id: Makefile.am 22284 2007-12-13 20:39:37Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AUTOMAKE_OPTIONS = no-texinfo.tex - -MAKEINFOFLAGS = --no-split --css-include=$(srcdir)/heimdal.css - -TEXI2DVI = true # ARGH, make distcheck can't be disabled to not build dvifiles - -info_TEXINFOS = heimdal.texi hx509.texi - -dxy_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ - -e 's,[@]objdir[@],.,g' \ - -e 's,[@]PACKAGE_VERSION[@],$(PACKAGE_VERSION),g' - -krb5.dxy: krb5.din Makefile - $(dxy_subst) < $(srcdir)/krb5.din > krb5.dxy.tmp - chmod +x krb5.dxy.tmp - mv krb5.dxy.tmp krb5.dxy - -ntlm.dxy: ntlm.din Makefile - $(dxy_subst) < $(srcdir)/ntlm.din > ntlm.dxy.tmp - chmod +x ntlm.dxy.tmp - mv ntlm.dxy.tmp ntlm.dxy - -hx509.dxy: hx509.din Makefile - $(dxy_subst) < $(srcdir)/hx509.din > hx509.dxy.tmp - chmod +x hx509.dxy.tmp - mv hx509.dxy.tmp hx509.dxy - -hcrypto.dxy: hcrypto.din Makefile - $(dxy_subst) < $(srcdir)/hcrypto.din > hcrypto.dxy.tmp - chmod +x hcrypto.dxy.tmp - mv hcrypto.dxy.tmp hcrypto.dxy - - -texi_subst = sed -e 's,[@]dbdir[@],$(localstatedir),g' \ - -e 's,[@]PACKAGE_VERSION[@],$(PACKAGE_VERSION),g' - -vars.texi: vars.tin Makefile - $(texi_subst) < $(srcdir)/vars.tin > vars.texi.tmp - chmod +x vars.texi.tmp - mv vars.texi.tmp vars.texi - -doxygen: krb5.dxy ntlm.dxy hx509.dxy hcrypto.dxy - doxygen krb5.dxy - doxygen ntlm.dxy - doxygen hx509.dxy - doxygen hcrypto.dxy - -heimdal_TEXINFOS = \ - ack.texi \ - apps.texi \ - heimdal.texi \ - install.texi \ - intro.texi \ - kerberos4.texi \ - migration.texi \ - misc.texi \ - programming.texi \ - setup.texi \ - vars.texi \ - whatis.texi \ - win2k.texi - -EXTRA_DIST = \ - krb5.din \ - ntlm.din \ - hx509.din \ - hcrypto.din \ - heimdal.css \ - init-creds \ - latin1.tex \ - layman.asc \ - doxytmpl.dxy \ - vars.tin - -CLEANFILES = \ - krb5.dxy* \ - ntlm.dxy* \ - hx509.dxy* \ - hcrypto.dxy* \ - vars.texi* - diff --git a/crypto/heimdal/doc/Makefile.in b/crypto/heimdal/doc/Makefile.in deleted file mode 100644 index b79a7e33ece5..000000000000 --- a/crypto/heimdal/doc/Makefile.in +++ /dev/null @@ -1,982 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22284 2007-12-13 20:39:37Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(heimdal_TEXINFOS) $(srcdir)/Makefile.am \ - $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common mdate-sh -subdir = doc -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -INFO_DEPS = $(srcdir)/heimdal.info $(srcdir)/hx509.info -am__TEXINFO_TEX_DIR = $(srcdir) -DVIS = heimdal.dvi hx509.dvi -PDFS = heimdal.pdf hx509.pdf -PSS = heimdal.ps hx509.ps -HTMLS = heimdal.html hx509.html -TEXINFOS = heimdal.texi hx509.texi -TEXI2PDF = $(TEXI2DVI) --pdf --batch -MAKEINFOHTML = $(MAKEINFO) --html -AM_MAKEINFOHTMLFLAGS = $(AM_MAKEINFOFLAGS) -DVIPS = dvips -am__installdirs = "$(DESTDIR)$(infodir)" -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -AUTOMAKE_OPTIONS = no-texinfo.tex -MAKEINFOFLAGS = --no-split --css-include=$(srcdir)/heimdal.css -TEXI2DVI = true # ARGH, make distcheck can't be disabled to not build dvifiles -info_TEXINFOS = heimdal.texi hx509.texi -dxy_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ - -e 's,[@]objdir[@],.,g' \ - -e 's,[@]PACKAGE_VERSION[@],$(PACKAGE_VERSION),g' - -texi_subst = sed -e 's,[@]dbdir[@],$(localstatedir),g' \ - -e 's,[@]PACKAGE_VERSION[@],$(PACKAGE_VERSION),g' - -heimdal_TEXINFOS = \ - ack.texi \ - apps.texi \ - heimdal.texi \ - install.texi \ - intro.texi \ - kerberos4.texi \ - migration.texi \ - misc.texi \ - programming.texi \ - setup.texi \ - vars.texi \ - whatis.texi \ - win2k.texi - -EXTRA_DIST = \ - krb5.din \ - ntlm.din \ - hx509.din \ - hcrypto.din \ - heimdal.css \ - init-creds \ - latin1.tex \ - layman.asc \ - doxytmpl.dxy \ - vars.tin - -CLEANFILES = \ - krb5.dxy* \ - ntlm.dxy* \ - hx509.dxy* \ - hcrypto.dxy* \ - vars.texi* - -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .dvi .html .info .pdf .ps .texi -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps doc/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps doc/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -.texi.info: - restore=: && backupdir="$(am__leading_dot)am$$$$" && \ - am__cwd=`pwd` && cd $(srcdir) && \ - rm -rf $$backupdir && mkdir $$backupdir && \ - if ($(MAKEINFO) --version) >/dev/null 2>&1; then \ - for f in $@ $@-[0-9] $@-[0-9][0-9] $(@:.info=).i[0-9] $(@:.info=).i[0-9][0-9]; do \ - if test -f $$f; then mv $$f $$backupdir; restore=mv; else :; fi; \ - done; \ - else :; fi && \ - cd "$$am__cwd"; \ - if $(MAKEINFO) $(AM_MAKEINFOFLAGS) $(MAKEINFOFLAGS) -I $(srcdir) \ - -o $@ $<; \ - then \ - rc=0; \ - cd $(srcdir); \ - else \ - rc=$$?; \ - cd $(srcdir) && \ - $$restore $$backupdir/* `echo "./$@" | sed 's|[^/]*$$||'`; \ - fi; \ - rm -rf $$backupdir; exit $$rc - -.texi.dvi: - TEXINPUTS="$(am__TEXINFO_TEX_DIR)$(PATH_SEPARATOR)$$TEXINPUTS" \ - MAKEINFO='$(MAKEINFO) $(AM_MAKEINFOFLAGS) $(MAKEINFOFLAGS) -I $(srcdir)' \ - $(TEXI2DVI) $< - -.texi.pdf: - TEXINPUTS="$(am__TEXINFO_TEX_DIR)$(PATH_SEPARATOR)$$TEXINPUTS" \ - MAKEINFO='$(MAKEINFO) $(AM_MAKEINFOFLAGS) $(MAKEINFOFLAGS) -I $(srcdir)' \ - $(TEXI2PDF) $< - -.texi.html: - rm -rf $(@:.html=.htp) - if $(MAKEINFOHTML) $(AM_MAKEINFOHTMLFLAGS) $(MAKEINFOFLAGS) -I $(srcdir) \ - -o $(@:.html=.htp) $<; \ - then \ - rm -rf $@; \ - if test ! -d $(@:.html=.htp) && test -d $(@:.html=); then \ - mv $(@:.html=) $@; else mv $(@:.html=.htp) $@; fi; \ - else \ - if test ! -d $(@:.html=.htp) && test -d $(@:.html=); then \ - rm -rf $(@:.html=); else rm -Rf $(@:.html=.htp) $@; fi; \ - exit 1; \ - fi -$(srcdir)/heimdal.info: heimdal.texi $(heimdal_TEXINFOS) -heimdal.dvi: heimdal.texi $(heimdal_TEXINFOS) -heimdal.pdf: heimdal.texi $(heimdal_TEXINFOS) -heimdal.html: heimdal.texi $(heimdal_TEXINFOS) -$(srcdir)/hx509.info: hx509.texi -hx509.dvi: hx509.texi -hx509.pdf: hx509.texi -hx509.html: hx509.texi -.dvi.ps: - TEXINPUTS="$(am__TEXINFO_TEX_DIR)$(PATH_SEPARATOR)$$TEXINPUTS" \ - $(DVIPS) -o $@ $< - -uninstall-dvi-am: - @$(NORMAL_UNINSTALL) - @list='$(DVIS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(dvidir)/$$f'"; \ - rm -f "$(DESTDIR)$(dvidir)/$$f"; \ - done - -uninstall-html-am: - @$(NORMAL_UNINSTALL) - @list='$(HTMLS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -rf '$(DESTDIR)$(htmldir)/$$f'"; \ - rm -rf "$(DESTDIR)$(htmldir)/$$f"; \ - done - -uninstall-info-am: - @$(PRE_UNINSTALL) - @if test -d '$(DESTDIR)$(infodir)' && \ - (install-info --version && \ - install-info --version 2>&1 | sed 1q | grep -i -v debian) >/dev/null 2>&1; then \ - list='$(INFO_DEPS)'; \ - for file in $$list; do \ - relfile=`echo "$$file" | sed 's|^.*/||'`; \ - echo " install-info --info-dir='$(DESTDIR)$(infodir)' --remove '$(DESTDIR)$(infodir)/$$relfile'"; \ - install-info --info-dir="$(DESTDIR)$(infodir)" --remove "$(DESTDIR)$(infodir)/$$relfile"; \ - done; \ - else :; fi - @$(NORMAL_UNINSTALL) - @list='$(INFO_DEPS)'; \ - for file in $$list; do \ - relfile=`echo "$$file" | sed 's|^.*/||'`; \ - relfile_i=`echo "$$relfile" | sed 's|\.info$$||;s|$$|.i|'`; \ - (if test -d "$(DESTDIR)$(infodir)" && cd "$(DESTDIR)$(infodir)"; then \ - echo " cd '$(DESTDIR)$(infodir)' && rm -f $$relfile $$relfile-[0-9] $$relfile-[0-9][0-9] $$relfile_i[0-9] $$relfile_i[0-9][0-9]"; \ - rm -f $$relfile $$relfile-[0-9] $$relfile-[0-9][0-9] $$relfile_i[0-9] $$relfile_i[0-9][0-9]; \ - else :; fi); \ - done - -uninstall-pdf-am: - @$(NORMAL_UNINSTALL) - @list='$(PDFS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(pdfdir)/$$f'"; \ - rm -f "$(DESTDIR)$(pdfdir)/$$f"; \ - done - -uninstall-ps-am: - @$(NORMAL_UNINSTALL) - @list='$(PSS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(psdir)/$$f'"; \ - rm -f "$(DESTDIR)$(psdir)/$$f"; \ - done - -dist-info: $(INFO_DEPS) - @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ - list='$(INFO_DEPS)'; \ - for base in $$list; do \ - case $$base in \ - $(srcdir)/*) base=`echo "$$base" | sed "s|^$$srcdirstrip/||"`;; \ - esac; \ - if test -f $$base; then d=.; else d=$(srcdir); fi; \ - base_i=`echo "$$base" | sed 's|\.info$$||;s|$$|.i|'`; \ - for file in $$d/$$base $$d/$$base-[0-9] $$d/$$base-[0-9][0-9] $$d/$$base_i[0-9] $$d/$$base_i[0-9][0-9]; do \ - if test -f $$file; then \ - relfile=`expr "$$file" : "$$d/\(.*\)"`; \ - test -f $(distdir)/$$relfile || \ - cp -p $$file $(distdir)/$$relfile; \ - else :; fi; \ - done; \ - done - -mostlyclean-aminfo: - -rm -rf heimdal.aux heimdal.cp heimdal.cps heimdal.fn heimdal.fns heimdal.ky \ - heimdal.kys heimdal.log heimdal.pg heimdal.tmp heimdal.toc \ - heimdal.tp heimdal.tps heimdal.vr heimdal.vrs heimdal.dvi \ - heimdal.pdf heimdal.ps heimdal.html hx509.aux hx509.cp \ - hx509.cps hx509.fn hx509.fns hx509.ky hx509.kys hx509.log \ - hx509.pg hx509.tmp hx509.toc hx509.tp hx509.tps hx509.vr \ - hx509.vrs hx509.dvi hx509.pdf hx509.ps hx509.html - -maintainer-clean-aminfo: - @list='$(INFO_DEPS)'; for i in $$list; do \ - i_i=`echo "$$i" | sed 's|\.info$$||;s|$$|.i|'`; \ - echo " rm -f $$i $$i-[0-9] $$i-[0-9][0-9] $$i_i[0-9] $$i_i[0-9][0-9]"; \ - rm -f $$i $$i-[0-9] $$i-[0-9][0-9] $$i_i[0-9] $$i_i[0-9][0-9]; \ - done -tags: TAGS -TAGS: - -ctags: CTAGS -CTAGS: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-info dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(INFO_DEPS) all-local -installdirs: - for dir in "$(DESTDIR)$(infodir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: $(DVIS) - -html: html-am - -html-am: $(HTMLS) - -info: info-am - -info-am: $(INFO_DEPS) - -install-data-am: install-info-am - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-dvi-am: $(DVIS) - @$(NORMAL_INSTALL) - test -z "$(dvidir)" || $(MKDIR_P) "$(DESTDIR)$(dvidir)" - @list='$(DVIS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(INSTALL_DATA) '$$d$$p' '$(DESTDIR)$(dvidir)/$$f'"; \ - $(INSTALL_DATA) "$$d$$p" "$(DESTDIR)$(dvidir)/$$f"; \ - done -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-html-am: $(HTMLS) - @$(NORMAL_INSTALL) - test -z "$(htmldir)" || $(MKDIR_P) "$(DESTDIR)$(htmldir)" - @list='$(HTMLS)'; for p in $$list; do \ - if test -f "$$p" || test -d "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - if test -d "$$d$$p"; then \ - echo " $(MKDIR_P) '$(DESTDIR)$(htmldir)/$$f'"; \ - $(MKDIR_P) "$(DESTDIR)$(htmldir)/$$f" || exit 1; \ - echo " $(INSTALL_DATA) '$$d$$p'/* '$(DESTDIR)$(htmldir)/$$f'"; \ - $(INSTALL_DATA) "$$d$$p"/* "$(DESTDIR)$(htmldir)/$$f"; \ - else \ - echo " $(INSTALL_DATA) '$$d$$p' '$(DESTDIR)$(htmldir)/$$f'"; \ - $(INSTALL_DATA) "$$d$$p" "$(DESTDIR)$(htmldir)/$$f"; \ - fi; \ - done -install-info: install-info-am - -install-info-am: $(INFO_DEPS) - @$(NORMAL_INSTALL) - test -z "$(infodir)" || $(MKDIR_P) "$(DESTDIR)$(infodir)" - @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ - list='$(INFO_DEPS)'; \ - for file in $$list; do \ - case $$file in \ - $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ - esac; \ - if test -f $$file; then d=.; else d=$(srcdir); fi; \ - file_i=`echo "$$file" | sed 's|\.info$$||;s|$$|.i|'`; \ - for ifile in $$d/$$file $$d/$$file-[0-9] $$d/$$file-[0-9][0-9] \ - $$d/$$file_i[0-9] $$d/$$file_i[0-9][0-9] ; do \ - if test -f $$ifile; then \ - relfile=`echo "$$ifile" | sed 's|^.*/||'`; \ - echo " $(INSTALL_DATA) '$$ifile' '$(DESTDIR)$(infodir)/$$relfile'"; \ - $(INSTALL_DATA) "$$ifile" "$(DESTDIR)$(infodir)/$$relfile"; \ - else : ; fi; \ - done; \ - done - @$(POST_INSTALL) - @if (install-info --version && \ - install-info --version 2>&1 | sed 1q | grep -i -v debian) >/dev/null 2>&1; then \ - list='$(INFO_DEPS)'; \ - for file in $$list; do \ - relfile=`echo "$$file" | sed 's|^.*/||'`; \ - echo " install-info --info-dir='$(DESTDIR)$(infodir)' '$(DESTDIR)$(infodir)/$$relfile'";\ - install-info --info-dir="$(DESTDIR)$(infodir)" "$(DESTDIR)$(infodir)/$$relfile" || :;\ - done; \ - else : ; fi -install-man: - -install-pdf: install-pdf-am - -install-pdf-am: $(PDFS) - @$(NORMAL_INSTALL) - test -z "$(pdfdir)" || $(MKDIR_P) "$(DESTDIR)$(pdfdir)" - @list='$(PDFS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(INSTALL_DATA) '$$d$$p' '$(DESTDIR)$(pdfdir)/$$f'"; \ - $(INSTALL_DATA) "$$d$$p" "$(DESTDIR)$(pdfdir)/$$f"; \ - done -install-ps: install-ps-am - -install-ps-am: $(PSS) - @$(NORMAL_INSTALL) - test -z "$(psdir)" || $(MKDIR_P) "$(DESTDIR)$(psdir)" - @list='$(PSS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(INSTALL_DATA) '$$d$$p' '$(DESTDIR)$(psdir)/$$f'"; \ - $(INSTALL_DATA) "$$d$$p" "$(DESTDIR)$(psdir)/$$f"; \ - done -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-aminfo \ - maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-aminfo mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: $(PDFS) - -ps: ps-am - -ps-am: $(PSS) - -uninstall-am: uninstall-dvi-am uninstall-html-am uninstall-info-am \ - uninstall-pdf-am uninstall-ps-am - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool dist-hook dist-info distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-aminfo \ - maintainer-clean-generic mostlyclean mostlyclean-aminfo \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - uninstall uninstall-am uninstall-dvi-am uninstall-hook \ - uninstall-html-am uninstall-info-am uninstall-pdf-am \ - uninstall-ps-am - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -krb5.dxy: krb5.din Makefile - $(dxy_subst) < $(srcdir)/krb5.din > krb5.dxy.tmp - chmod +x krb5.dxy.tmp - mv krb5.dxy.tmp krb5.dxy - -ntlm.dxy: ntlm.din Makefile - $(dxy_subst) < $(srcdir)/ntlm.din > ntlm.dxy.tmp - chmod +x ntlm.dxy.tmp - mv ntlm.dxy.tmp ntlm.dxy - -hx509.dxy: hx509.din Makefile - $(dxy_subst) < $(srcdir)/hx509.din > hx509.dxy.tmp - chmod +x hx509.dxy.tmp - mv hx509.dxy.tmp hx509.dxy - -hcrypto.dxy: hcrypto.din Makefile - $(dxy_subst) < $(srcdir)/hcrypto.din > hcrypto.dxy.tmp - chmod +x hcrypto.dxy.tmp - mv hcrypto.dxy.tmp hcrypto.dxy - -vars.texi: vars.tin Makefile - $(texi_subst) < $(srcdir)/vars.tin > vars.texi.tmp - chmod +x vars.texi.tmp - mv vars.texi.tmp vars.texi - -doxygen: krb5.dxy ntlm.dxy hx509.dxy hcrypto.dxy - doxygen krb5.dxy - doxygen ntlm.dxy - doxygen hx509.dxy - doxygen hcrypto.dxy -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/doc/ack.texi b/crypto/heimdal/doc/ack.texi deleted file mode 100644 index 3c41f5000bc2..000000000000 --- a/crypto/heimdal/doc/ack.texi +++ /dev/null @@ -1,72 +0,0 @@ -@c $Id: ack.texi 21228 2007-06-20 10:18:03Z lha $ - -@node Acknowledgments, , Migration, Top -@comment node-name, next, previous, up -@appendix Acknowledgments - -Eric Young wrote ``libdes''. Heimdal used to use libdes, without it -kth-krb would never have existed. Since there are no longer any Eric -Young code left in the library, we renamed it to libhcrypto. - -All functions in libhcrypto have been re-implemented or used available -public domain code. The core AES function where written by Vincent -Rijmen, Antoon Bosselaers and Paulo Barreto. The core DES SBOX -transformation was written by Richard Outerbridge. @code{imath} that -is used for public key crypto support is written by Michael -J. Fromberger. - -The University of California at Berkeley initially wrote @code{telnet}, -and @code{telnetd}. The authentication and encryption code of -@code{telnet} and @code{telnetd} was added by David Borman (then of Cray -Research, Inc). The encryption code was removed when this was exported -and then added back by Juha Eskelinen. - -The @code{popper} was also a Berkeley program initially. - -Some of the functions in @file{libroken} also come from Berkeley by way -of NetBSD/FreeBSD. - -@code{editline} was written by Simmule Turner and Rich Salz. Heimdal -contains a modifed copy. - -The @code{getifaddrs} implementation for Linux was written by Hideaki -YOSHIFUJI for the Usagi project. - -The @code{pkcs11.h} headerfile was written by the Scute project. - -Bugfixes, documentation, encouragement, and code has been contributed by: -@table @asis -@item Alexander Boström -@item Andreaw Bartlett -@item Björn Sandell -@item Brandon S. Allbery KF8NH -@item Brian A May -@item Chaskiel M Grundman -@item Cizzi Storm -@item Daniel Kouril -@item David Love -@item Derrick J Brashear -@item Douglas E Engert -@item Frank van der Linden -@item Jason McIntyre -@item Johan Ihrén -@item Jun-ichiro itojun Hagino -@item Ken Hornstein -@item Magnus Ahltorp -@item Marc Horowitz -@item Mario Strasser -@item Mark Eichin -@item Mattias Amnefelt -@item Michael B Allen -@item Michael Fromberger -@item Michal Vocu -@item Miroslav Ruda -@item Petr Holub -@item Phil Fisher -@item Rafal Malinowski -@item Richard Nyberg -@item Åke Sandgren -@item and we hope that those not mentioned here will forgive us. -@end table - -All bugs were introduced by ourselves. diff --git a/crypto/heimdal/doc/apps.texi b/crypto/heimdal/doc/apps.texi deleted file mode 100644 index 9d451b60cd75..000000000000 --- a/crypto/heimdal/doc/apps.texi +++ /dev/null @@ -1,244 +0,0 @@ -@c $Id: apps.texi 22071 2007-11-14 20:04:50Z lha $ - -@node Applications, Things in search for a better place, Setting up a realm, Top - -@chapter Applications - -@menu -* Authentication modules:: -* AFS:: -@end menu - -@node Authentication modules, AFS, Applications, Applications -@section Authentication modules - -The problem of having different authentication mechanisms has been -recognised by several vendors, and several solutions have appeared. In -most cases these solutions involve some kind of shared modules that are -loaded at run-time. Modules for some of these systems can be found in -@file{lib/auth}. Presently there are modules for Digital's SIA, -and IRIX' @code{login} and @code{xdm} (in -@file{lib/auth/afskauthlib}). - -@menu -* Digital SIA:: -* IRIX:: -@end menu - -@node Digital SIA, IRIX, Authentication modules, Authentication modules -@subsection Digital SIA - -How to install the SIA module depends on which OS version you're -running. Tru64 5.0 has a new command, @file{siacfg}, which makes this -process quite simple. If you have this program, you should just be able -to run: -@example -siacfg -a KRB5 /usr/athena/lib/libsia_krb5.so -@end example - -On older versions, or if you want to do it by hand, you have to do the -following (not tested by us on Tru64 5.0): - -@itemize @bullet - -@item -Make sure @file{libsia_krb5.so} is available in -@file{/usr/athena/lib}. If @file{/usr/athena} is not on local disk, you -might want to put it in @file{/usr/shlib} or someplace else. If you do, -you'll have to edit @file{krb5_matrix.conf} to reflect the new location -(you will also have to do this if you installed in some other directory -than @file{/usr/athena}). If you built with shared libraries, you will -have to copy the shared @file{libkrb.so}, @file{libdes.so}, -@file{libkadm.so}, and @file{libkafs.so} to a place where the loader can -find them (such as @file{/usr/shlib}). -@item -Copy (your possibly edited) @file{krb5_matrix.conf} to @file{/etc/sia}. -@item -Apply @file{security.patch} to @file{/sbin/init.d/security}. -@item -Turn on KRB5 security by issuing @kbd{rcmgr set SECURITY KRB5} and -@kbd{rcmgr set KRB5_MATRIX_CONF krb5_matrix.conf}. -@item -Digital thinks you should reboot your machine, but that really shouldn't -be necessary. It's usually sufficient just to run -@kbd{/sbin/init.d/security start} (and restart any applications that use -SIA, like @code{xdm}.) -@end itemize - -Users with local passwords (like @samp{root}) should be able to login -safely. - -When using Digital's xdm the @samp{KRB5CCNAME} environment variable isn't -passed along as it should (since xdm zaps the environment). Instead you -have to set @samp{KRB5CCNAME} to the correct value in -@file{/usr/lib/X11/xdm/Xsession}. Add a line similar to -@example -KRB5CCNAME=FILE:/tmp/krb5cc`id -u`_`ps -o ppid= -p $$`; export KRB5CCNAME -@end example -If you use CDE, @code{dtlogin} allows you to specify which additional -environment variables it should export. To add @samp{KRB5CCNAME} to this -list, edit @file{/usr/dt/config/Xconfig}, and look for the definition of -@samp{exportList}. You want to add something like: -@example -Dtlogin.exportList: KRB5CCNAME -@end example - -@subsubheading Notes to users with Enhanced security - -Digital's @samp{ENHANCED} (C2) security, and Kerberos solve two -different problems. C2 deals with local security, adds better control of -who can do what, auditing, and similar things. Kerberos deals with -network security. - -To make C2 security work with Kerberos you will have to do the -following. - -@itemize @bullet -@item -Replace all occurrences of @file{krb5_matrix.conf} with -@file{krb5+c2_matrix.conf} in the directions above. -@item -You must enable ``vouching'' in the @samp{default} database. This will -make the OSFC2 module trust other SIA modules, so you can login without -giving your C2 password. To do this use @samp{edauth} to edit the -default entry @kbd{/usr/tcb/bin/edauth -dd default}, and add a -@samp{d_accept_alternate_vouching} capability, if not already present. -@item -For each user who does @emph{not} have a local C2 password, you should -set the password expiration field to zero. You can do this for each -user, or in the @samp{default} table. To do this use @samp{edauth} to -set (or change) the @samp{u_exp} capability to @samp{u_exp#0}. -@item -You also need to be aware that the shipped @file{login}, @file{rcp}, and -@file{rshd}, don't do any particular C2 magic (such as checking for -various forms of disabled accounts), so if you rely on those features, -you shouldn't use those programs. If you configure with -@samp{--enable-osfc2}, these programs will, however, set the login -UID. Still: use at your own risk. -@end itemize - -At present @samp{su} does not accept the vouching flag, so it will not -work as expected. - -Also, kerberised ftp will not work with C2 passwords. You can solve this -by using both Digital's ftpd and our on different ports. - -@strong{Remember}, if you do these changes you will get a system that -most certainly does @emph{not} fulfil the requirements of a C2 -system. If C2 is what you want, for instance if someone else is forcing -you to use it, you're out of luck. If you use enhanced security because -you want a system that is more secure than it would otherwise be, you -probably got an even more secure system. Passwords will not be sent in -the clear, for instance. - -@node IRIX, , Digital SIA, Authentication modules -@subsection IRIX - -The IRIX support is a module that is compatible with Transarc's -@file{afskauthlib.so}. It should work with all programs that use this -library. This should include @command{login} and @command{xdm}. - -The interface is not very documented but it seems that you have to copy -@file{libkafs.so}, @file{libkrb.so}, and @file{libdes.so} to -@file{/usr/lib}, or build your @file{afskauthlib.so} statically. - -The @file{afskauthlib.so} itself is able to reside in -@file{/usr/vice/etc}, @file{/usr/afsws/lib}, or the current directory -(wherever that is). - -IRIX 6.4 and newer seem to have all programs (including @command{xdm} and -@command{login}) in the N32 object format, whereas in older versions they -were O32. For it to work, the @file{afskauthlib.so} library has to be in -the same object format as the program that tries to load it. This might -require that you have to configure and build for O32 in addition to the -default N32. - -Apart from this it should ``just work''; there are no configuration -files. - -Note that recent Irix 6.5 versions (at least 6.5.22) have PAM, -including a @file{pam_krb5.so} module. Not all relevant programs use -PAM, though, e.g.@: @command{ssh}. In particular, for console -graphical login you need to turn off @samp{visuallogin} and turn on -@samp{xdm} with @command{chkconfig}. - -@node AFS, , Authentication modules, Applications -@section AFS - -@cindex AFS -AFS is a distributed filesystem that uses Kerberos for authentication. - -@cindex OpenAFS -@cindex Arla -For more information about AFS see OpenAFS -@url{http://www.openafs.org/} and Arla -@url{http://www.stacken.kth.se/projekt/arla/}. - -@subsection How to get a KeyFile - -@file{ktutil -k AFSKEYFILE:KeyFile get afs@@MY.REALM} - -or you can extract it with kadmin - -@example -kadmin> ext -k AFSKEYFILE:/usr/afs/etc/KeyFile afs@@My.CELL.NAME -@end example - -You have to make sure you have a @code{des-cbc-md5} encryption type since that -is the enctype that will be converted. - -@subsection How to convert a srvtab to a KeyFile - -You need a @file{/usr/vice/etc/ThisCell} containing the cellname of your -AFS-cell. - -@file{ktutil copy krb4:/root/afs-srvtab AFSKEYFILE:/usr/afs/etc/KeyFile}. - -If keyfile already exists, this will add the new key in afs-srvtab to -KeyFile. - -@section Using 2b tokens with AFS - -@subsection What is 2b ? - -2b is the name of the proposal that was implemented to give basic -Kerberos 5 support to AFS in rxkad. It's not real Kerberos 5 support -since it still uses fcrypt for data encryption and not Kerberos -encryption types. - -Its only possible (in all cases) to do this for DES encryption types -because only then the token (the AFS equivalent of a ticket) will be -smaller than the maximum size that can fit in the token cache in the -OpenAFS/Transarc client. It is a so tight fit that some extra wrapping -on the ASN1/DER encoding is removed from the Kerberos ticket. - -2b uses a Kerberos 5 EncTicketPart instead of a Kerberos 4 ditto for -the part of the ticket that is encrypted with the service's key. The -client doesn't know what's inside the encrypted data so to the client -it doesn't matter. - -To differentiate between Kerberos 4 tickets and Kerberos 5 tickets, 2b -uses a special kvno, 213 for 2b tokens and 255 for Kerberos 5 tokens. - -Its a requirement that all AFS servers that support 2b also support -native Kerberos 5 in rxkad. - -@subsection Configuring a Heimdal kdc to use 2b tokens - -Support for 2b tokens in the kdc are turned on for specific principals -by adding them to the string list option @code{[kdc]use_2b} in the -kdc's @file{krb5.conf} file. - -@example -[kdc] - use_2b = @{ - afs@@SU.SE = yes - afs/it.su.se@@SU.SE = yes - @} -@end example - -@subsection Configuring AFS clients for 2b support - -There is no need to configure AFS clients for 2b support. The only -software that needs to be installed/upgrade is a Kerberos 5 enabled -@file{afslog}. diff --git a/crypto/heimdal/doc/doxytmpl.dxy b/crypto/heimdal/doc/doxytmpl.dxy deleted file mode 100644 index bb7f25cb85e1..000000000000 --- a/crypto/heimdal/doc/doxytmpl.dxy +++ /dev/null @@ -1,257 +0,0 @@ -#--------------------------------------------------------------------------- -# Project related configuration options -#--------------------------------------------------------------------------- -DOXYFILE_ENCODING = UTF-8 -CREATE_SUBDIRS = NO -OUTPUT_LANGUAGE = English -BRIEF_MEMBER_DESC = YES -REPEAT_BRIEF = YES -ABBREVIATE_BRIEF = "The $name class " \ - "The $name widget " \ - "The $name file " \ - is \ - provides \ - specifies \ - contains \ - represents \ - a \ - an \ - the -ALWAYS_DETAILED_SEC = NO -INLINE_INHERITED_MEMB = NO -FULL_PATH_NAMES = YES -STRIP_FROM_PATH = /Applications/ -STRIP_FROM_INC_PATH = -SHORT_NAMES = NO -JAVADOC_AUTOBRIEF = NO -QT_AUTOBRIEF = NO -MULTILINE_CPP_IS_BRIEF = NO -DETAILS_AT_TOP = NO -INHERIT_DOCS = YES -SEPARATE_MEMBER_PAGES = NO -TAB_SIZE = 8 -ALIASES = -OPTIMIZE_OUTPUT_FOR_C = YES -OPTIMIZE_OUTPUT_JAVA = NO -BUILTIN_STL_SUPPORT = NO -CPP_CLI_SUPPORT = NO -DISTRIBUTE_GROUP_DOC = NO -SUBGROUPING = YES -#--------------------------------------------------------------------------- -# Build related configuration options -#--------------------------------------------------------------------------- -EXTRACT_ALL = NO -EXTRACT_PRIVATE = NO -EXTRACT_STATIC = NO -EXTRACT_LOCAL_CLASSES = YES -EXTRACT_LOCAL_METHODS = NO -EXTRACT_ANON_NSPACES = NO -HIDE_UNDOC_MEMBERS = YES -HIDE_UNDOC_CLASSES = YES -HIDE_FRIEND_COMPOUNDS = NO -HIDE_IN_BODY_DOCS = NO -INTERNAL_DOCS = NO -CASE_SENSE_NAMES = NO -HIDE_SCOPE_NAMES = NO -SHOW_INCLUDE_FILES = YES -INLINE_INFO = YES -SORT_MEMBER_DOCS = YES -SORT_BRIEF_DOCS = NO -SORT_BY_SCOPE_NAME = NO -GENERATE_TODOLIST = YES -GENERATE_TESTLIST = YES -GENERATE_BUGLIST = YES -GENERATE_DEPRECATEDLIST= YES -ENABLED_SECTIONS = -MAX_INITIALIZER_LINES = 30 -SHOW_USED_FILES = YES -SHOW_DIRECTORIES = NO -FILE_VERSION_FILTER = -#--------------------------------------------------------------------------- -# configuration options related to warning and progress messages -#--------------------------------------------------------------------------- -QUIET = YES -WARNINGS = YES -WARN_IF_DOC_ERROR = YES -WARN_NO_PARAMDOC = YES -WARN_FORMAT = "$file:$line: $text " -WARN_LOGFILE = -#--------------------------------------------------------------------------- -# configuration options related to the input files -#--------------------------------------------------------------------------- -INPUT_ENCODING = UTF-8 -FILE_PATTERNS = *.c \ - *.cc \ - *.cxx \ - *.cpp \ - *.c++ \ - *.d \ - *.java \ - *.ii \ - *.ixx \ - *.ipp \ - *.i++ \ - *.inl \ - *.h \ - *.hh \ - *.hxx \ - *.hpp \ - *.h++ \ - *.idl \ - *.odl \ - *.cs \ - *.php \ - *.php3 \ - *.inc \ - *.m \ - *.mm \ - *.dox \ - *.py -RECURSIVE = YES -EXCLUDE = -EXCLUDE_SYMLINKS = NO -EXCLUDE_PATTERNS = */.svn -EXCLUDE_SYMBOLS = -EXAMPLE_PATH = -EXAMPLE_PATTERNS = * -EXAMPLE_RECURSIVE = NO -IMAGE_PATH = -INPUT_FILTER = -FILTER_PATTERNS = -FILTER_SOURCE_FILES = NO -#--------------------------------------------------------------------------- -# configuration options related to source browsing -#--------------------------------------------------------------------------- -SOURCE_BROWSER = NO -INLINE_SOURCES = NO -STRIP_CODE_COMMENTS = YES -REFERENCED_BY_RELATION = NO -REFERENCES_RELATION = NO -REFERENCES_LINK_SOURCE = YES -USE_HTAGS = NO -VERBATIM_HEADERS = NO -#--------------------------------------------------------------------------- -# configuration options related to the alphabetical class index -#--------------------------------------------------------------------------- -ALPHABETICAL_INDEX = NO -COLS_IN_ALPHA_INDEX = 5 -IGNORE_PREFIX = -#--------------------------------------------------------------------------- -# configuration options related to the HTML output -#--------------------------------------------------------------------------- -GENERATE_HTML = YES -HTML_OUTPUT = html -HTML_FILE_EXTENSION = .html -HTML_STYLESHEET = -HTML_ALIGN_MEMBERS = YES -GENERATE_HTMLHELP = NO -HTML_DYNAMIC_SECTIONS = NO -CHM_FILE = -HHC_LOCATION = -GENERATE_CHI = NO -BINARY_TOC = NO -TOC_EXPAND = NO -DISABLE_INDEX = NO -ENUM_VALUES_PER_LINE = 4 -GENERATE_TREEVIEW = NO -TREEVIEW_WIDTH = 250 -#--------------------------------------------------------------------------- -# configuration options related to the LaTeX output -#--------------------------------------------------------------------------- -GENERATE_LATEX = NO -LATEX_OUTPUT = latex -LATEX_CMD_NAME = latex -MAKEINDEX_CMD_NAME = makeindex -COMPACT_LATEX = NO -PAPER_TYPE = a4wide -EXTRA_PACKAGES = -LATEX_HEADER = -PDF_HYPERLINKS = NO -USE_PDFLATEX = NO -LATEX_BATCHMODE = NO -LATEX_HIDE_INDICES = NO -#--------------------------------------------------------------------------- -# configuration options related to the RTF output -#--------------------------------------------------------------------------- -GENERATE_RTF = NO -RTF_OUTPUT = rtf -COMPACT_RTF = NO -RTF_HYPERLINKS = NO -RTF_STYLESHEET_FILE = -RTF_EXTENSIONS_FILE = -#--------------------------------------------------------------------------- -# configuration options related to the man page output -#--------------------------------------------------------------------------- -GENERATE_MAN = YES -MAN_OUTPUT = man -MAN_EXTENSION = .3 -MAN_LINKS = YES -#--------------------------------------------------------------------------- -# configuration options related to the XML output -#--------------------------------------------------------------------------- -GENERATE_XML = NO -XML_OUTPUT = xml -XML_SCHEMA = -XML_DTD = -XML_PROGRAMLISTING = YES -#--------------------------------------------------------------------------- -# configuration options for the AutoGen Definitions output -#--------------------------------------------------------------------------- -GENERATE_AUTOGEN_DEF = NO -#--------------------------------------------------------------------------- -# configuration options related to the Perl module output -#--------------------------------------------------------------------------- -GENERATE_PERLMOD = NO -PERLMOD_LATEX = NO -PERLMOD_PRETTY = YES -PERLMOD_MAKEVAR_PREFIX = -#--------------------------------------------------------------------------- -# Configuration options related to the preprocessor -#--------------------------------------------------------------------------- -ENABLE_PREPROCESSING = YES -MACRO_EXPANSION = NO -EXPAND_ONLY_PREDEF = NO -SEARCH_INCLUDES = YES -INCLUDE_PATH = -INCLUDE_FILE_PATTERNS = -PREDEFINED = -EXPAND_AS_DEFINED = -SKIP_FUNCTION_MACROS = YES -#--------------------------------------------------------------------------- -# Configuration::additions related to external references -#--------------------------------------------------------------------------- -TAGFILES = -GENERATE_TAGFILE = -ALLEXTERNALS = NO -EXTERNAL_GROUPS = YES -#--------------------------------------------------------------------------- -# Configuration options related to the dot tool -#--------------------------------------------------------------------------- -CLASS_DIAGRAMS = NO -MSCGEN_PATH = /Applications/Doxygen.app/Contents/Resources/ -HIDE_UNDOC_RELATIONS = YES -HAVE_DOT = YES -CLASS_GRAPH = YES -COLLABORATION_GRAPH = YES -GROUP_GRAPHS = YES -UML_LOOK = NO -TEMPLATE_RELATIONS = NO -INCLUDE_GRAPH = YES -INCLUDED_BY_GRAPH = YES -CALL_GRAPH = NO -CALLER_GRAPH = NO -GRAPHICAL_HIERARCHY = YES -DIRECTORY_GRAPH = YES -DOT_IMAGE_FORMAT = png -DOT_PATH = /Applications/Doxygen.app/Contents/Resources/ -DOTFILE_DIRS = -DOT_GRAPH_MAX_NODES = 50 -MAX_DOT_GRAPH_DEPTH = 1000 -DOT_TRANSPARENT = NO -DOT_MULTI_TARGETS = NO -GENERATE_LEGEND = YES -DOT_CLEANUP = YES -#--------------------------------------------------------------------------- -# Configuration::additions related to the search engine -#--------------------------------------------------------------------------- -SEARCHENGINE = NO diff --git a/crypto/heimdal/doc/hcrypto.din b/crypto/heimdal/doc/hcrypto.din deleted file mode 100644 index 55f1ed7c6ae3..000000000000 --- a/crypto/heimdal/doc/hcrypto.din +++ /dev/null @@ -1,15 +0,0 @@ -# Doxyfile 1.5.3 - -PROJECT_NAME = "Heimdal crypto library" -PROJECT_NUMBER = @PACKAGE_VERSION@ -OUTPUT_DIRECTORY = @objdir@/hcrypto -INPUT = @srcdir@/../lib/hcrypto - -WARN_IF_UNDOCUMENTED = YES - -PERL_PATH = /usr/bin/perl - -HTML_HEADER = "@srcdir@/header.html" -HTML_FOOTER = "@srcdir@/footer.html" - -@INCLUDE = "@srcdir@/doxytmpl.dxy" diff --git a/crypto/heimdal/doc/heimdal.css b/crypto/heimdal/doc/heimdal.css deleted file mode 100644 index 2e5b374f1f87..000000000000 --- a/crypto/heimdal/doc/heimdal.css +++ /dev/null @@ -1,53 +0,0 @@ -body { - color: black; - background-color: #fdfdfd; - font-family: serif; - max-width: 40em; -} -h1, h2, h3 { - font-family: sans-serif; - font-weight: bold; -} -h1 { - padding: 0.5em 0 0.5em 5%; - color: white; - background: #3366cc; - border-bottom: solid 1px black; -} -h1 { - font-size: 200%; -} -h2 { - font-size: 150%; -} -h3 { - font-size: 120%; -} -h4 { - font-weight: bold; -} -pre.example { - margin-left: 2em; - padding: 1em 0em; - border: 2px dashed #c0c0c0; - background: #f0f0f0; -} -a:link { - color: blue; - text-decoration: none; -} -a:visited { - color: red; - text-decoration: none -} -a:hover { - text-decoration: underline -} -span.literal { - font-family: monospace; -} -hr { - border-style: none; - background-color: black; - height: 1px; -} diff --git a/crypto/heimdal/doc/heimdal.texi b/crypto/heimdal/doc/heimdal.texi deleted file mode 100644 index 1b999d30108f..000000000000 --- a/crypto/heimdal/doc/heimdal.texi +++ /dev/null @@ -1,370 +0,0 @@ -\input texinfo @c -*- texinfo -*- -@c %**start of header -@c $Id: heimdal.texi 22191 2007-12-06 17:26:30Z lha $ -@setfilename heimdal.info -@settitle HEIMDAL -@iftex -@afourpaper -@end iftex -@c some sensible characters, please? -@tex -\input latin1.tex -@end tex -@setchapternewpage on -@syncodeindex pg cp -@c %**end of header - -@include vars.texi - -@set UPDATED $Date: 2007-12-06 09:26:30 -0800 (Tor, 06 Dec 2007) $ -@set VERSION @value{PACKAGE_VERSION} -@set EDITION 1.0 - -@ifinfo -@dircategory Security -@direntry -* Heimdal: (heimdal). The Kerberos 5 distribution from KTH -@end direntry -@end ifinfo - -@c title page -@titlepage -@title Heimdal -@subtitle Kerberos 5 from KTH -@subtitle Edition @value{EDITION}, for version @value{VERSION} -@subtitle 2007 -@author Johan Danielsson -@author Love Hörnquist Åstrand -@author Assar Westerlund -@author last updated @value{UPDATED} - -@def@copynext{@vskip 20pt plus 1fil@penalty-1000} -@def@copyrightstart{} -@def@copyrightend{} -@page -@copyrightstart -Copyright (c) 1997-2007 Kungliga Tekniska Högskolan -(Royal Institute of Technology, Stockholm, Sweden). -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -3. Neither the name of the Institute nor the names of its contributors - may be used to endorse or promote products derived from this software - without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - -@copynext - -Copyright (C) 1990 by the Massachusetts Institute of Technology - -Export of this software from the United States of America may -require a specific license from the United States Government. -It is the responsibility of any person or organization contemplating -export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - -@copynext - -Copyright (c) 1988, 1990, 1993 - The Regents of the University of California. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -3. Neither the name of the University nor the names of its contributors - may be used to endorse or promote products derived from this software - without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - -@copynext - -Copyright 1992 Simmule Turner and Rich Salz. All rights reserved. - -This software is not subject to any license of the American Telephone -and Telegraph Company or of the Regents of the University of California. - -Permission is granted to anyone to use this software for any purpose on -any computer system, and to alter it and redistribute it freely, subject -to the following restrictions: - -1. The authors are not responsible for the consequences of use of this - software, no matter how awful, even if they arise from flaws in it. - -2. The origin of this software must not be misrepresented, either by - explicit claim or by omission. Since few users ever read sources, - credits must appear in the documentation. - -3. Altered versions must be plainly marked as such, and must not be - misrepresented as being the original software. Since few users - ever read sources, credits must appear in the documentation. - -4. This notice may not be removed or altered. - -@copynext - -IMath is Copyright 2002-2005 Michael J. Fromberger -You may use it subject to the following Licensing Terms: - -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -@copynext - -Copyright (c) 2005 Doug Rabson -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - -@copynext - -Copyright (c) 2005 Marko Kreen -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - -@copynext - -Copyright (c) 2006,2007 -NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer as - the first lines of this file unmodified. -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR -IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT, -INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -@copyrightend -@end titlepage - -@macro manpage{man, section} -@cite{\man\(\section\)} -@end macro - -@c Less filling! Tastes great! -@iftex -@parindent=0pt -@global@parskip 6pt plus 1pt -@global@chapheadingskip = 15pt plus 4pt minus 2pt -@global@secheadingskip = 12pt plus 3pt minus 2pt -@global@subsecheadingskip = 9pt plus 2pt minus 2pt -@end iftex -@ifinfo -@paragraphindent 0 -@end ifinfo - -@ifnottex -@node Top, Introduction, (dir), (dir) -@top Heimdal -@end ifnottex - -This manual is last updated @value{UPDATED} for version -@value{VERSION} of Heimdal. - -@menu -* Introduction:: -* What is Kerberos?:: -* Building and Installing:: -* Setting up a realm:: -* Applications:: -* Things in search for a better place:: -* Kerberos 4 issues:: -* Windows 2000 compatability:: -* Programming with Kerberos:: -* Migration:: -* Acknowledgments:: - -@detailmenu - --- The Detailed Node Listing --- - -Setting up a realm - -* Configuration file:: -* Creating the database:: -* Modifying the database:: -* keytabs:: -* Serving Kerberos 4/524/kaserver:: -* Remote administration:: -* Password changing:: -* Testing clients and servers:: -* Slave Servers:: -* Incremental propagation:: -* Encryption types and salting:: -* Cross realm:: -* Transit policy:: -* Setting up DNS:: -* Using LDAP to store the database:: -* Providing Kerberos credentials to servers and programs:: -* Setting up PK-INIT:: - -Applications - -* Authentication modules:: -* AFS:: - -Authentication modules - -* Digital SIA:: -* IRIX:: - -Kerberos 4 issues - -* Principal conversion issues:: -* Converting a version 4 database:: -* kaserver:: - -Windows 2000 compatability - -* Configuring Windows 2000 to use a Heimdal KDC:: -* Inter-Realm keys (trust) between Windows 2000 and a Heimdal KDC:: -* Create account mappings:: -* Encryption types:: -* Authorisation data:: -* Quirks of Windows 2000 KDC:: -* Useful links when reading about the Windows 2000:: - -Programming with Kerberos - -* Kerberos 5 API Overview:: -* Walkthrough of a sample Kerberos 5 client:: -* Validating a password in a server application:: -* API differences to MIT Kerberos:: -* File formats:: - -@end detailmenu -@end menu - -@include intro.texi -@include whatis.texi -@include install.texi -@include setup.texi -@include apps.texi -@include misc.texi -@include kerberos4.texi -@include win2k.texi -@include programming.texi -@include migration.texi -@include ack.texi - -@c @shortcontents -@contents - -@bye diff --git a/crypto/heimdal/doc/hx509.din b/crypto/heimdal/doc/hx509.din deleted file mode 100644 index e28429f383bd..000000000000 --- a/crypto/heimdal/doc/hx509.din +++ /dev/null @@ -1,15 +0,0 @@ -# Doxyfile 1.5.3 - -PROJECT_NAME = Heimdal x509 library -PROJECT_NUMBER = @PACKAGE_VERSION@ -OUTPUT_DIRECTORY = @objdir@/hx509 -INPUT = @srcdir@/../lib/hx509 - -WARN_IF_UNDOCUMENTED = YES - -PERL_PATH = /usr/bin/perl - -HTML_HEADER = "@srcdir@/header.html" -HTML_FOOTER = "@srcdir@/footer.html" - -@INCLUDE = "@srcdir@/doxytmpl.dxy" diff --git a/crypto/heimdal/doc/hx509.texi b/crypto/heimdal/doc/hx509.texi deleted file mode 100644 index dbb5261ef938..000000000000 --- a/crypto/heimdal/doc/hx509.texi +++ /dev/null @@ -1,633 +0,0 @@ -\input texinfo @c -*- texinfo -*- -@c %**start of header -@c $Id: hx509.texi 22071 2007-11-14 20:04:50Z lha $ -@setfilename hx509.info -@settitle HX509 -@iftex -@afourpaper -@end iftex -@c some sensible characters, please? -@tex -\input latin1.tex -@end tex -@setchapternewpage on -@syncodeindex pg cp -@c %**end of header - -@set UPDATED $Date: 2007-11-14 12:04:50 -0800 (Ons, 14 Nov 2007) $ -@set VERSION 1.0 -@set EDITION 1.0 - -@ifinfo -@dircategory Security -@direntry -* hx509: (hx509). The X.509 distribution from KTH -@end direntry -@end ifinfo - -@c title page -@titlepage -@title HX509 -@subtitle X.509 distribution from KTH -@subtitle Edition @value{EDITION}, for version @value{VERSION} -@subtitle 2007 -@author Love Hörnquist Åstrand -@author last updated @value{UPDATED} - -@def@copynext{@vskip 20pt plus 1fil@penalty-1000} -@def@copyrightstart{} -@def@copyrightend{} -@page -@copyrightstart -Copyright (c) 1994-2007 Kungliga Tekniska Högskolan -(Royal Institute of Technology, Stockholm, Sweden). -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -3. Neither the name of the Institute nor the names of its contributors - may be used to endorse or promote products derived from this software - without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - -@copynext - -Copyright (C) 1990 by the Massachusetts Institute of Technology - -Export of this software from the United States of America may -require a specific license from the United States Government. -It is the responsibility of any person or organization contemplating -export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - -@copynext - -Copyright (c) 1988, 1990, 1993 - The Regents of the University of California. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -3. Neither the name of the University nor the names of its contributors - may be used to endorse or promote products derived from this software - without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - -@copynext - -Copyright 1992 Simmule Turner and Rich Salz. All rights reserved. - -This software is not subject to any license of the American Telephone -and Telegraph Company or of the Regents of the University of California. - -Permission is granted to anyone to use this software for any purpose on -any computer system, and to alter it and redistribute it freely, subject -to the following restrictions: - -1. The authors are not responsible for the consequences of use of this - software, no matter how awful, even if they arise from flaws in it. - -2. The origin of this software must not be misrepresented, either by - explicit claim or by omission. Since few users ever read sources, - credits must appear in the documentation. - -3. Altered versions must be plainly marked as such, and must not be - misrepresented as being the original software. Since few users - ever read sources, credits must appear in the documentation. - -4. This notice may not be removed or altered. - -@copynext - -IMath is Copyright 2002-2005 Michael J. Fromberger -You may use it subject to the following Licensing Terms: - -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -@copyrightend -@end titlepage - -@macro manpage{man, section} -@cite{\man\(\section\)} -@end macro - -@c Less filling! Tastes great! -@iftex -@parindent=0pt -@global@parskip 6pt plus 1pt -@global@chapheadingskip = 15pt plus 4pt minus 2pt -@global@secheadingskip = 12pt plus 3pt minus 2pt -@global@subsecheadingskip = 9pt plus 2pt minus 2pt -@end iftex -@ifinfo -@paragraphindent 0 -@end ifinfo - -@ifnottex -@node Top, Introduction, (dir), (dir) -@top Heimdal -@end ifnottex - -This manual is last updated @value{UPDATED} for version -@value{VERSION} of hx509. - -@menu -* Introduction:: -* What is X.509 ?:: -* Setting up a CA:: -* CMS signing and encryption:: - -@detailmenu - --- The Detailed Node Listing --- - -Setting up a CA - -@c * Issuing certificates:: -* Creating a CA certificate:: -* Issuing certificates:: -* Issuing CRLs:: -@c * Issuing a proxy certificate:: -@c * Creating a user certificate:: -@c * Validating a certificate:: -@c * Validating a certificate path:: -* Application requirements:: - -CMS signing and encryption - -* CMS background:: - -@end detailmenu -@end menu - -@node Introduction, What is X.509 ?, Top, Top -@chapter Introduction - -hx509 is a somewhat complete X.509 stack that can handle CMS messages -(crypto system used in S/MIME and Kerberos PK-INIT) and basic -certificate processing tasks, path construction, path validation, OCSP -and CRL validation, PKCS10 message construction, CMS Encrypted (shared -secret encrypted), CMS SignedData (certificate signed), and CMS -EnvelopedData (certificate encrypted). - -hx509 can use PKCS11 tokens, PKCS12 files, PEM files, DER encoded files. - -@node What is X.509 ?, Setting up a CA, Introduction, Top -@chapter What is X.509, PKIX, PKCS7 and CMS ? - -X.509 is from the beginning created by CCITT (later ITU) for the X.500 -directory service. But today when people are talking about X.509 they -are commonly referring to IETF's PKIX Certificate and CRL Profile of the -X.509 v3 certificate standard, as specified in RFC 3280. - -ITU continues to develop the X.509 standard together in a complicated -dance with IETF. - -X.509 is public key based security system that have associated data -stored within a so called certificate. From the beginning X.509 was a -strict hierarchical system with one root. This didn't not work so over -time X.509 got support for multiple policy roots, bridges, and mesh -solutions. You can even use it as a peer to peer system, but this is not -very common. - -@section Type of certificates - -There are several flavors of certificate in X.509. - -@itemize @bullet - -@item Trust anchors - -Trust anchors are strictly not certificate, but commonly stored in -certificate since they are easier to handle then. Trust anchor are the -keys that you trust to validate other certificate. This is done by -building a path from the certificate you wan to validate to to any of -the trust anchors you have. - -@item End Entity (EE) certificates - -End entity certificates is the most common type of certificate. End -entity certificates can't issue certificate them-self and is used to -authenticate and authorize user and services. - -@item Certification Authority (CA) certificates - -Certificate authority are certificates that have the right to issue -other certificate, they may be End entity certificates or Certificate -Authority certificates. There is no limit to how many certificates a CA -may issue, but there might other restrictions, like the maximum path -depth. - -@item Proxy certificates - -Remember that End Entity can't issue certificates by them own, it's not -really true. There there is an extension called proxy certificates, -defined in RFC3820, that allows certificates to be issued by end entity -certificates. The service that receives the proxy certificates must have -explicitly turned on support for proxy certificates, so their use is -somewhat limited. - -Proxy certificates can be limited by policy stored in the certificate to -what they can be used for. This allows users to delegate the proxy -certificate to services (by sending over the certificate and private -key) so the service can access services on behalf of the user. - -One example of this would be a print service. The user wants to print a -large job in the middle of the night when the printer isn't used that -much, so the user creates a proxy certificate with the policy that it -can only be used to access files related to this print job, creates the -print job description and send both the description and proxy -certificate with key over to print service. Later at night will the -print service, without the help of the user, access the files for the -the print job using the proxy certificate and print the job. Because of -the policy (limitation) in the proxy certificate, it can't be used for -any other purposes. - -@end itemize - -@section Building a path - -Before validating a path the path must be constructed. Given a -certificate (EE, CA, Proxy, or any other type), the path construction -algorithm will try to find a path to one of the trust anchors. - -It start with looking at whom issued the certificate, by name or Key -Identifier, and tries to find that certificate while at the same time -evaluates the policy. - -@node Setting up a CA, Creating a CA certificate, What is X.509 ?, Top -@chapter Setting up a CA - -Do not let this chapter scare you off, it's just to give you an idea how -to complicated setting up a CA can be. If you are just playing around, -skip all this and go to the next chapter, @pxref{Creating a CA -certificate}. - -Creating a CA certificate should be more the just creating a -certificate, there is the policy of the CA. If it's just you and your -friend that is playing around then it probably doesn't matter what the -policy is. But then it comes to trust in an organisation, it will -probably matter more whom your users and sysadmins will find it -acceptable to trust. - -At the same time, try to keep thing simple, it's not very hard to run a -Certificate authority and the process to get new certificates should -simple. - -Fill all this in later. - -How do you trust your CA. - -What is the CA responsibility. - -Review of CA activity. - -How much process should it be to issue certificate. - -Who is allowed to issue certificates. - -Who is allowed to requests certificates. - -How to handle certificate revocation, issuing CRLs and maintain OCSP -services. - -@node Creating a CA certificate, Issuing certificates, Setting up a CA, Top -@section Creating a CA certificate - -This section describes how to create a CA certificate and what to think -about. - -@subsection Lifetime CA certificate - -You probably want to create a CA certificate with a long lifetime, 10 -years at the shortest. This because you don't want to push out the -certificate (as a trust anchor) to all you users once again when the old -one just expired. A trust anchor can't really expire, but not all -software works that way. - -Keep in mind the security requirements might be different 10-20 years -into the future. For example, SHA1 is going to be withdrawn in 2010, so -make sure you have enough buffering in your choice of digest/hash -algorithms, signature algorithms and key lengths. - -@subsection Create a CA certificate - -This command below will create a CA certificate in the file ca.pem. - -@example -hxtool issue-certificate \ - --self-signed \ - --issue-ca \ - --generate-key=rsa \ - --subject="CN=CertificateAuthority,DC=test,DC=h5l,DC=se" \ - --lifetime=10years \ - --certificate="FILE:ca.pem" -@end example - -@subsection Extending lifetime of a CA certificate - -You just realised that your CA certificate is going to expire soon and -that you need replace it with something else, the easiest way to do that -is to extend the lifetime of your CA certificate. - -The example below will extend the CA certificate 10 years into the -future. You should compare this new certificate if it contains all the -special tweaks as the old certificate had. - -@example -hxtool issue-certificate \ - --self-signed \ - --issue-ca \ - --lifetime="10years" \ - --template-certificate="FILE:ca.pem" \ - --template-fields="serialNumber,notBefore,subject,SPKI" \ - --ca-private-key=FILE:ca.pem \ - --certificate="FILE:new-ca.pem" -@end example - -@subsection Subordinate CA - -This example create a new subordinate certificate authority. - -@example -hxtool issue-certificate \ - --ca-certificate=FILE:ca.pem \ - --issue-ca \ - --generate-key=rsa \ - --subject="CN=CertificateAuthority,DC=dev,DC=test,DC=h5l,DC=se" \ - --certificate="FILE:dev-ca.pem" -@end example - - -@node Issuing certificates, Issuing CRLs, Creating a CA certificate, Top -@section Issuing certificates - -First you'll create a CA certificate, after that you have to deal with -your users and servers and issue certificate to them. - -CA can generate the key for the user. - -Can receive PKCS10 certificate requests from the users. PKCS10 is a -request for a certificate. The user can specified what DN the user wants -and what public key. To prove the user have the key, the whole request -is signed by the private key of the user. - -@subsection Name space management - -What people might want to see. - -Re-issue certificates just because people moved within the organization. - -Expose privacy information. - -Using Sub-component name (+ notation). - -@subsection Certificate Revocation, CRL and OCSP - -Sonetimes people loose smartcard or computers and certificates have to -be make not valid any more, this is called revoking certificates. There -are two main protocols for doing this Certificate Revocations Lists -(CRL) and Online Certificate Status Protocol (OCSP). - -If you know that the certificate is destroyed then there is no need to -revoke the certificate because it can not be used by someone else. - -The main reason you as a CA administrator have to deal with CRLs however -will be that some software require there to be CRLs. Example of this is -Windows, so you have to deal with this somehow. - -@node Issuing CRLs, Application requirements, Issuing certificates, Top -@section Issuing CRLs - -Create an empty CRL with not certificates revoked. Default expiration -value is one year from now. - -@example -hxtool crl-sign \ - --crl-file=crl.der \ - --signer=FILE:ca.pem -@end example - -Create a CRL with all certificates in the directory -@file{/path/to/revoked/dir} included in the CRL as revoked. Also make -it expire one month from now. - -@example -hxtool crl-sign \ - --crl-file=crl.der \ - --signer=FILE:ca.pem \ - --lifetime='1 month' \ - DIR:/path/to/revoked/dir -@end example - -@node Application requirements, CMS signing and encryption, Issuing CRLs, Top -@section Application requirements - -Application have different requirements on certificates. This section -tries to expand what they are and how to use hxtool to generate -certificates for those services. - -@subsection HTTPS - server - -@example -hxtool issue-certificate \ - --subject="CN=www.test.h5l.se,DC=test,DC=h5l,DC=se" \ - --type="https-server" \ - --hostname="www.test.h5l.se" \ - --hostname="www2.test.h5l.se" \ - ... -@end example - -@subsection HTTPS - client - -@example -hxtool issue-certificate \ - --subject="UID=testus,DC=test,DC=h5l,DC=se" \ - --type="https-client" \ - ... -@end example - -@subsection S/MIME - email - -There are two things that should be set in S/MIME certificates, one or -more email addresses and an extended eku usage (EKU), emailProtection. - -The email address format used in S/MIME certificates is defined in -RFC2822, section 3.4.1 and it should be an ``addr-spec''. - -There are two ways to specifify email address in certificates. The old -ways is in the subject distinguished name, this should not be used. The -new way is using a Subject Alternative Name (SAN). - -But even though email address is stored in certificates, they don't need -to, email reader programs are required to accept certificates that -doesn't have either of the two methods of storing email in certificates. -In that case, they try to protect the user by printing the name of the -certificate instead. - -S/MIME certificate can be used in another special way. They can be -issued with a NULL subject distinguished name plus the email in SAN, -this is a valid certificate. This is used when you wont want to share -more information then you need to. - -hx509 issue-certificate supports adding the email SAN to certificate by -using the --email option, --email also gives an implicit emailProtection -eku. If you want to create an certificate without an email address, the -option --type=email will add the emailProtection EKU. - -@example -hxtool issue-certificate \ - --subject="UID=testus-email,DC=test,DC=h5l,DC=se" \ - --type=email \ - --email="testus@@test.h5l.se" \ - ... -@end example - -An example of an certificate without and subject distinguished name with -an email address in a SAN. - -@example -hxtool issue-certificate \ - --subject="" \ - --type=email \ - --email="testus@@test.h5l.se" \ - ... -@end example - -@subsection PK-INIT - -How to create a certificate for a KDC. - -@example -hxtool issue-certificate \ - --type="pkinit-kdc" \ - --pk-init-principal="krbtgt/TEST.H5L.SE@@TEST.H5L.SE" \ - --hostname kerberos.test.h5l.se \ - --hostname pal.test.h5l.se \ - ... -@end example - -How to create a certificate for a user. - -@example -hxtool issue-certificate \ - --type="pkinit-client" \ - --pk-init-principal="user@@TEST.H5L.SE" \ - ... -@end example - -@subsection XMPP/Jabber - -The jabber server certificate should have a dNSname that is the same as -the user entered into the application, not the same as the host name of -the machine. - -@example -hxtool issue-certificate \ - --subject="CN=xmpp1.test.h5l.se,DC=test,DC=h5l,DC=se" \ - --hostname="xmpp1.test.h5l.se" \ - --hostname="test.h5l.se" \ - ... -@end example - -The certificate may also contain a jabber identifier (JID) that, if the -receiver allows it, authorises the server or client to use that JID. - -When storing a JID inside the certificate, both for server and client, -it's stored inside a UTF8String within an otherName entity inside the -subjectAltName, using the OID id-on-xmppAddr (1.3.6.1.5.5.7.8.5). - -To read more about the requirements, see RFC3920, Extensible Messaging -and Presence Protocol (XMPP): Core. - -hxtool issue-certificate have support to add jid to the certificate -using the option @kbd{--jid}. - -@example -hxtool issue-certificate \ - --subject="CN=Love,DC=test,DC=h5l,DC=se" \ - --jid="lha@@test.h5l.se" \ - ... -@end example - - -@node CMS signing and encryption, CMS background, Application requirements, Top -@chapter CMS signing and encryption - -CMS is the Cryptographic Message System that among other, is used by -S/MIME (secure email) and Kerberos PK-INIT. It's an extended version of -the RSA, Inc standard PKCS7. - -@node CMS background, , CMS signing and encryption, Top -@section CMS background - - -@c @shortcontents -@contents - -@bye diff --git a/crypto/heimdal/doc/init-creds b/crypto/heimdal/doc/init-creds deleted file mode 100644 index 8892d29ff40e..000000000000 --- a/crypto/heimdal/doc/init-creds +++ /dev/null @@ -1,374 +0,0 @@ -Currently, getting an initial ticket for a user involves many function -calls, especially when a full set of features including password -expiration and challenge preauthentication is desired. In order to -solve this problem, a new api is proposed. - -typedef struct _krb5_prompt { - char *prompt; - int hidden; - krb5_data *reply; -} krb5_prompt; - -typedef int (*krb5_prompter_fct)(krb5_context context, - void *data, - const char *banner, - int num_prompts, - krb5_prompt prompts[]); - -typedef struct _krb5_get_init_creds_opt { - krb5_flags flags; - krb5_deltat tkt_life; - krb5_deltat renew_life; - int forwardable; - int proxiable; - krb5_enctype *etype_list; - int etype_list_length; - krb5_address **address_list; - /* XXX the next three should not be used, as they may be - removed later */ - krb5_preauthtype *preauth_list; - int preauth_list_length; - krb5_data *salt; -} krb5_get_init_creds_opt; - -#define KRB5_GET_INIT_CREDS_OPT_TKT_LIFE 0x0001 -#define KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE 0x0002 -#define KRB5_GET_INIT_CREDS_OPT_FORWARDABLE 0x0004 -#define KRB5_GET_INIT_CREDS_OPT_PROXIABLE 0x0008 -#define KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST 0x0010 -#define KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST 0x0020 -#define KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST 0x0040 -#define KRB5_GET_INIT_CREDS_OPT_SALT 0x0080 - -void krb5_get_init_creds_opt_init(krb5_get_init_creds_opt *opt); - -void krb5_get_init_creds_opt_set_tkt_life(krb5_get_init_creds_opt *opt, - krb5_deltat tkt_life); -void krb5_get_init_creds_opt_set_renew_life(krb5_get_init_creds_opt *opt, - krb5_deltat renew_life); -void krb5_get_init_creds_opt_set_forwardable(krb5_get_init_creds_opt *opt, - int forwardable); -void krb5_get_init_creds_opt_set_proxiable(krb5_get_init_creds_opt *opt, - int proxiable); -void krb5_get_init_creds_opt_set_etype_list(krb5_get_init_creds_opt *opt, - krb5_enctype *etype_list, - int etype_list_length); -void krb5_get_init_creds_opt_set_address_list(krb5_get_init_creds_opt *opt, - krb5_address **addresses); -void krb5_get_init_creds_opt_set_preauth_list(krb5_get_init_creds_opt *opt, - krb5_preauthtype *preauth_list, - int preauth_list_length); -void krb5_get_init_creds_opt_set_salt(krb5_get_init_creds_opt *opt, - krb5_data *salt); - -krb5_error_code -krb5_get_init_creds_password(krb5_context context, - krb5_creds *creds, - krb5_principal client, - char *password, - krb5_prompter_fct prompter, - void *data, - krb5_deltat start_time, - char *in_tkt_service, - krb5_get_init_creds_opt *options); - -This function will attempt to acquire an initial ticket. The function -will perform whatever tasks are necessary to do so. This may include -changing an expired password, preauthentication. - -The arguments divide into two types. Some arguments are basically -invariant and arbitrary across all initial tickets, and if not -specified are determined by configuration or library defaults. Some -arguments are different for each execution or application, and if not -specified can be determined correctly from system configuration or -environment. The former arguments are contained in a structure whose -pointer is passed to the function. A bitmask specifies which elements -of the structure should be used. In most cases, a NULL pointer can be -used. The latter arguments are specified as individual arguments to -the function. - -If a pointer to a credential is specified, the initial credential is -filled in. If the caller only wishes to do a simple password check -and will not be doing any other kerberos functions, then a NULL -pointer may be specified, and the credential will be destroyed. - -If the client name is non-NULL, the initial ticket requested will be -for that principal. Otherwise, the principal will be the username -specified by the USER environment variable, or if the USER environment -variable is not set, the username corresponding to the real user id of -the caller. - -If the password is non-NULL, then this string is used as the password. -Otherwise, the prompter function will be used to prompt the user for -the password. - -If a prompter function is non-NULL, it will be used if additional user -input is required, such as if the user's password has expired and -needs to be changed, or if input preauthentication is necessary. If -no function is specified and input is required, then the login will -fail. - - The context argument is the same as that passed to krb5_login. - The data argument is passed unmodified to the prompter - function and is intended to be used to pass application data - (such as a display handle) to the prompter function. - - The banner argument, if non-NULL, will indicate what sort of - input is expected from the user (for example, "Password has - expired and must be changed" or "Enter Activcard response for - challenge 012345678"), and should be displayed accordingly. - - The num_prompts argument indicates the number of values which - should be prompted for. If num_prompts == 0, then the banner - contains an informational message which should be displayed to - the user. - - The prompts argument contains an array describing the values - for which the user should be prompted. The prompt member - indicates the prompt for each value ("Enter new - password"/"Enter it again", or "Challenge response"). The - hidden member is nonzero if the response should not be - displayed back to the user. The reply member is a pointer to - krb5_data structure which has already been allocated. The - prompter should fill in the structure with the NUL-terminated - response from the user. - - If the response data does not fit, or if any other error - occurs, then the prompter function should return a non-zero - value which will be returned by the krb5_get_init_creds - function. Otherwise, zero should be returned. - - The library function krb5_prompter_posix() implements - a prompter using a posix terminal for user in. This function - does not use the data argument. - -If the start_time is zero, then the requested ticket will be valid -beginning immediately. Otherwise, the start_time indicates how far in -the future the ticket should be postdated. - -If the in_tkt_service name is non-NULL, that principal name will be -used as the server name for the initial ticket request. The realm of -the name specified will be ignored and will be set to the realm of the -client name. If no in_tkt_service name is specified, -krbtgt/CLIENT-REALM@CLIENT-REALM will be used. - -For the rest of arguments, a configuration or library default will be -used if no value is specified in the options structure. - -If a tkt_life is specified, that will be the lifetime of the ticket. -The library default is 10 hours; there is no configuration variable -(there should be, but it's not there now). - -If a renew_life is specified and non-zero, then the RENEWABLE option -on the ticket will be set, and the value of the argument will be the -the renewable lifetime. The configuration variable [libdefaults] -"renew_lifetime" is the renewable lifetime if none is passed in. The -library default is not to set the RENEWABLE option. - -If forwardable is specified, the FORWARDABLE option on the ticket will -be set if and only if forwardable is non-zero. The configuration -variable [libdefaults] "forwardable" is used if no value is passed in. -The option will be set if and only if the variable is "y", "yes", -"true", "t", "1", or "on", case insensitive. The library default is -not to set the FORWARDABLE option. - -If proxiable is specified, the PROXIABLE option on the ticket will be -set if and only if proxiable is non-zero. The configuration variable -[libdefaults] "proxiable" is used if no value is passed in. The -option will be set if and only if the variable is "y", "yes", "true", -"t", "1", or "on", case insensitive. The library default is not to -set the PROXIABLE option. - -If etype_list is specified, it will be used as the list of desired -encryption algorithms in the request. The configuration variable -[libdefaults] "default_tkt_enctypes" is used if no value is passed in. -The library default is "des-cbc-md5 des-cbc-crc". - -If address_list is specified, it will be used as the list of addresses -for which the ticket will be valid. The library default is to use all -local non-loopback addresses. There is no configuration variable. - -If preauth_list is specified, it names preauth data types which will -be included in the request. The library default is to interact with -the kdc to determine the required preauth types. There is no -configuration variable. - -If salt is specified, it specifies the salt which will be used when -converting the password to a key. The library default is to interact -with the kdc to determine the correct salt. There is no configuration -variable. - -================================================================ - -typedef struct _krb5_verify_init_creds_opt { - krb5_flags flags; - int ap_req_nofail; -} krb5_verify_init_creds_opt; - -#define KRB5_VERIFY_INIT_CREDS_OPT_AP_REQ_NOFAIL 0x0001 - -void krb5_verify_init_creds_opt_init(krb5_init_creds_opt *options); -void krb5_verify_init_creds_opt_set_ap_req_nofail(krb5_init_creds_opt *options, - int ap_req_nofail); - -krb5_error_code -krb5_verify_init_creds(krb5_context context, - krb5_creds *creds, - krb5_principal ap_req_server, - krb5_keytab ap_req_keytab, - krb5_ccache *ccache, - krb5_verify_init_creds_opt *options); - -This function will use the initial ticket in creds to make an AP_REQ -and verify it to insure that the AS_REP has not been spoofed. - -If the ap_req_server name is non-NULL, then this service name will be -used for the AP_REQ; otherwise, the default host key -(host/hostname.domain@LOCAL-REALM) will be used. - -If ap_req_keytab is non-NULL, the service key for the verification -will be read from that keytab; otherwise, the service key will be read -from the default keytab. - -If the service of the ticket in creds is the same as the service name -for the AP_REQ, then this ticket will be used directly. If the ticket -is a tgt, then it will be used to obtain credentials for the service. -Otherwise, the verification will fail, and return an error. - -Other failures of the AP_REQ verification may or may not be considered -errors, as described below. - -If a pointer to a credential cache handle is specified, and the handle -is NULL, a credential cache handle referring to all credentials -obtained in the course of verifying the user will be returned. In -order to avoid potential setuid race conditions and other problems -related to file system access, this handle will refer to a memory -credential cache. If the handle is non-NULL, then the credentials -will be added to the existing ccache. If the caller only wishes to -verify the password and will not be doing any other kerberos -functions, then a NULL pointer may be specified, and the credentials -will be deleted before the function returns. - -If ap_req_nofail is specified, then failures of the AP_REQ -verification are considered errors if and only if ap_req_nofail is -non-zero. - -Whether or not AP_REQ validation is performed and what failures mean -depends on these inputs: - - A) The appropriate keytab exists and contains the named key. - - B) An AP_REQ request to the kdc succeeds, and the resulting AP_REQ -can be decrypted and verified. - - C) The administrator has specified in a configuration file that -AP_REQ validation must succeed. This is basically a paranoid bit, and -can be overridden by the application based on a command line flag or -other application-specific info. This flag is especially useful if -the admin is concerned that DNS might be spoofed while determining the -host/FQDN name. The configuration variable [libdefaults] -"verify_ap_req_nofail" is used if no value is passed in. The library -default is not to set this option. - -Initial ticket verification will succeed if and only if: - - - A && B or - - !A && !C - -================================================================ - -For illustrative purposes, here's the invocations I expect some -programs will use. Of course, error checking needs to be added. - -kinit: - - /* Fill in client from the command line || existing ccache, and, - start_time, and options.{tkt_life,renew_life,forwardable,proxiable} - from the command line. Some or all may remain unset. */ - - krb5_get_init_creds(context, &creds, client, - krb5_initial_prompter_posix, NULL, - start_time, NULL, &options); - krb5_cc_store_cred(context, ccache, &creds); - krb5_free_cred_contents(context, &creds); - -login: - - krb5_get_init_creds(context, &creds, client, - krb5_initial_prompter_posix, NULL, - 0, NULL, NULL); - krb5_verify_init_creds(context, &creds, NULL, NULL, &vcc, NULL); - /* setuid */ - krb5_cc_store_cred(context, ccache, &creds); - krb5_cc_copy(context, vcc, ccache); - krb5_free_cred_contents(context, &creds); - krb5_cc_destroy(context, vcc); - -xdm: - - krb5_get_initial_creds(context, &creds, client, - krb5_initial_prompter_xt, (void *) &xtstuff, - 0, NULL, NULL); - krb5_verify_init_creds(context, &creds, NULL, NULL, &vcc, NULL); - /* setuid */ - krb5_cc_store_cred(context, ccache, &creds); - krb5_free_cred_contents(context, &creds); - krb5_cc_copy(context, vcc, ccache); - krb5_cc_destroy(context, vcc); - -passwd: - - krb5_init_creds_opt_init(&options); - krb5_init_creds_opt_set_tkt_life = 300; - krb5_get_initial_creds(context, &creds, client, - krb5_initial_prompter_posix, NULL, - 0, "kadmin/changepw", &options); - /* change password */ - krb5_free_cred_contents(context, &creds); - -pop3d (simple password validator when no user interation possible): - - krb5_get_initial_creds(context, &creds, client, - NULL, NULL, 0, NULL, NULL); - krb5_verify_init_creds(context, &creds, NULL, NULL, &vcc, NULL); - krb5_cc_destroy(context, vcc); - -================================================================ - -password expiration has a subtlety. When a password expires and is -changed, there is a delay between when the master gets the new key -(immediately), and the slaves (propogation interval). So, when -getting an in_tkt, if the password is expired, the request should be -reissued to the master (this kind of sucks if you have SAM, oh well). -If this says expired, too, then the password should be changed, and -then the initial ticket request should be issued to the master again. -If the master times out, then a message that the password has expired -and cannot be changed due to the master being unreachable should be -displayed. - -================================================================ - -get_init_creds reads config stuff from: - -[libdefaults] - varname1 = defvalue - REALM = { - varname1 = value - varname2 = value - } - -typedef struct _krb5_get_init_creds_opt { - krb5_flags flags; - krb5_deltat tkt_life; /* varname = "ticket_lifetime" */ - krb5_deltat renew_life; /* varname = "renew_lifetime" */ - int forwardable; /* varname = "forwardable" */ - int proxiable; /* varname = "proxiable" */ - krb5_enctype *etype_list; /* varname = "default_tkt_enctypes" */ - int etype_list_length; - krb5_address **address_list; /* no varname */ - krb5_preauthtype *preauth_list; /* no varname */ - int preauth_list_length; - krb5_data *salt; -} krb5_get_init_creds_opt; - - diff --git a/crypto/heimdal/doc/install.texi b/crypto/heimdal/doc/install.texi deleted file mode 100644 index 3d4b78d1c4ea..000000000000 --- a/crypto/heimdal/doc/install.texi +++ /dev/null @@ -1,107 +0,0 @@ -@c $Id: install.texi 16768 2006-02-27 12:26:49Z joda $ - -@node Building and Installing, Setting up a realm, What is Kerberos?, Top -@comment node-name, next, previous, up -@chapter Building and Installing - -Heimdal uses GNU Autoconf to configure for specific hosts, and GNU -Automake to manage makefiles. If this is new to you, the short -instruction is to run the @code{configure} script in the top level -directory, and when that finishes @code{make}. - -If you want to build the distribution in a different directory from the -source directory, you will need a make that implements VPATH correctly, -such as GNU make. - -You will need to build the distribution: - -@itemize @bullet -@item -A compiler that supports a ``loose'' ANSI C mode, such as @code{gcc}. -@item -lex or flex -@item -awk -@item -yacc or bison -@item -a socket library -@item -NDBM or Berkeley DB for building the server side. -@end itemize - -When everything is built, you can install by doing @kbd{make -install}. The default location for installation is @file{/usr/heimdal}, -but this can be changed by running @code{configure} with -@samp{--prefix=/some/other/place}. - -If you need to change the default behaviour, configure understands the -following options: - -@table @asis -@item @kbd{--without-berkeley-db} -DB is preferred before NDBM, but if you for some reason want to use NDBM -instead, you can use this option. - -@item @kbd{--with-krb4=@file{dir}} -Gives the location of Kerberos 4 libraries and headers. This enables -Kerberos 4 support in the applications (telnet, rsh, popper, etc) and -the KDC. It is automatically found if present under -@file{/usr/athena}. If you keep libraries and headers in different -places, you can instead give the path to each with the -@kbd{--with-krb4-lib=@file{dir}}, and -@kbd{--with-krb4-include=@file{dir}} options. - -You will need a fairly recent version of our Kerberos 4 distribution for -@code{rshd} and @code{popper} to support version 4 clients. - -@item @kbd{--enable-dce} -Enables support for getting DCE credentials and tokens. See the README -files in @file{appl/dceutils} for more information. - -@item @kbd{--disable-otp} -By default some of the application programs will build with support for -one-time passwords (OTP). Use this option to disable that support. - -@item @kbd{--enable-osfc2} -Enable some C2 support for OSF/Digital Unix/Tru64. Use this option if -you are running your OSF operating system in C2 mode. - -@item @kbd{--with-readline=@file{dir}} -Gives the path for the GNU Readline library, which will be used in some -programs. If no readline library is found, the (simpler) editline -library will be used instead. - -@item @kbd{--with-hesiod=@file{dir}} -Enables hesiod support in push. - -@item @kbd{--enable-netinfo} -Add support for using netinfo to lookup configuration information. -Probably only useful (and working) on NextStep/Mac OS X. - -@item @kbd{--without-ipv6} -Disable the IPv6 support. - -@item @kbd{--with-openldap} -Compile Heimdal with support for storing the database in LDAP. Requires -OpenLDAP @url{http://www.openldap.org}. See -@url{http://www.padl.com/Research/Heimdal.html} for more information. - -@item @kbd{--enable-bigendian} -@item @kbd{--enable-littleendian} -Normally, the build process will figure out by itself if the machine is -big or little endian. It might fail in some cases when -cross-compiling. If it does fail to figure it out, use the relevant of -these two options. - -@item @kbd{--with-mips-abi=@var{abi}} -On Irix there are three different ABIs that can be used (@samp{32}, -@samp{n32}, or @samp{64}). This option allows you to override the -automatic selection. - -@item @kbd{--disable-mmap} -Do not use the mmap system call. Normally, configure detects if there -is a working mmap and it is only used if there is one. Only try this -option if it fails to work anyhow. - -@end table diff --git a/crypto/heimdal/doc/intro.texi b/crypto/heimdal/doc/intro.texi deleted file mode 100644 index e1a96e12057a..000000000000 --- a/crypto/heimdal/doc/intro.texi +++ /dev/null @@ -1,99 +0,0 @@ -@c $Id: intro.texi 22509 2008-01-23 18:28:01Z lha $ - -@node Introduction, What is Kerberos?, Top, Top -@c @node Introduction, What is Kerberos?, Top, Top -@comment node-name, next, previous, up -@chapter Introduction - -@heading What is Heimdal? - -Heimdal is a free implementation of Kerberos 5. The goals are to: - -@itemize @bullet -@item -have an implementation that can be freely used by anyone -@item -be protocol compatible with existing implementations and, if not in -conflict, with RFC 4120 (and any future updated RFC). RFC 4120 -replaced RFC 1510. -@item -be reasonably compatible with the M.I.T Kerberos V5 API -@item -have support for Kerberos V5 over GSS-API (RFC1964) -@item -include the most important and useful application programs (rsh, telnet, -popper, etc.) -@item -include enough backwards compatibility with Kerberos V4 -@end itemize - -@heading Status - -Heimdal has the following features (this does not mean any of this -works): - -@itemize @bullet -@item -a stub generator and a library to encode/decode/whatever ASN.1/DER -stuff -@item -a @code{libkrb5} library that should be possible to get to work with -simple applications -@item -a GSS-API library -@item -@file{kinit}, @file{klist}, @file{kdestroy} -@item -@file{telnet}, @file{telnetd} -@item -@file{rsh}, @file{rshd} -@item -@file{popper}, @file{push} (a movemail equivalent) -@item -@file{ftp}, and @file{ftpd} -@item -a library @file{libkafs} for authenticating to AFS and a program -@file{afslog} that uses it -@item -some simple test programs -@item -a KDC that supports most things; optionally, it may also support -Kerberos V4 and kaserver, -@item -simple programs for distributing databases between a KDC master and -slaves -@item -a password changing daemon @file{kpasswdd}, library functions for -changing passwords and a simple client -@item -some kind of administration system -@item -Kerberos V4 support in many of the applications. -@end itemize - -@heading Bug reports - -If you find bugs in this software, make sure it is a genuine bug and not -just a part of the code that isn't implemented. - -Bug reports should be sent to @email{heimdal-bugs@@h5l.org}. Please -include information on what machine and operating system (including -version) you are running, what you are trying to do, what happens, what -you think should have happened, an example for us to repeat, the output -you get when trying the example, and a patch for the problem if you have -one. Please make any patches with @code{diff -u} or @code{diff -c}. - -Suggestions, comments and other non bug reports are also welcome. - -@heading Mailing list - -There are two mailing lists with talk about -Heimdal. @email{heimdal-announce@@sics.se} is a low-volume announcement -list, while @email{heimdal-discuss@@sics.se} is for general discussion. -Send a message to @email{majordomo@@sics.se} to subscribe. - -@heading Heimdal source code, binaries and the manual - -The source code for heimdal, links to binaries and the manual (this -document) can be found on our web-page at -@url{http://www.pdc.kth.se/heimdal/}. diff --git a/crypto/heimdal/doc/kerberos4.texi b/crypto/heimdal/doc/kerberos4.texi deleted file mode 100644 index fb490f372e86..000000000000 --- a/crypto/heimdal/doc/kerberos4.texi +++ /dev/null @@ -1,226 +0,0 @@ -@c $Id: kerberos4.texi 16370 2005-12-12 12:11:51Z lha $ - -@node Kerberos 4 issues, Windows 2000 compatability, Things in search for a better place, Top -@comment node-name, next, previous, up -@chapter Kerberos 4 issues - -The KDC has built-in version 4 support. It is not enabled by default, -see setup how to set it up. - -The KDC will also have kaserver emulation and be able to handle -AFS-clients that use @code{klog}. - -@menu -* Principal conversion issues:: -* Converting a version 4 database:: -* kaserver:: -@end menu - -@node Principal conversion issues, Converting a version 4 database, Kerberos 4 issues, Kerberos 4 issues -@section Principal conversion issues - -First, Kerberos 4 and Kerberos 5 principals are different. A version 4 -principal consists of a name, an instance, and a realm. A version 5 -principal has one or more components, and a realm (the terms ``name'' -and ``instance'' are still used, for the first and second component, -respectively). Also, in some cases the name of a version 4 principal -differs from the first component of the corresponding version 5 -principal. One notable example is the ``host'' type principals, where -the version 4 name is @samp{rcmd} (for ``remote command''), and the -version 5 name is @samp{host}. For the class of principals that has a -hostname as instance, there is an other major difference, Kerberos 4 -uses only the first component of the hostname, whereas Kerberos 5 uses -the fully qualified hostname. - -Because of this it can be hard or impossible to correctly convert a -version 4 principal to a version 5 principal @footnote{the other way is -not always trivial either, but usually easier}. The biggest problem is -to know if the conversion resulted in a valid principal. To give an -example, suppose you want to convert the principal @samp{rcmd.foo}. - -The @samp{rcmd} name suggests that the instance is a hostname (even if -there are exceptions to this rule). To correctly convert the instance -@samp{foo} to a hostname, you have to know which host it is referring -to. You can to this by either guessing (from the realm) which domain -name to append, or you have to have a list of possible hostnames. In the -simplest cases you can cover most principals with the first rule. If you -have several domains sharing a single realm this will not usually -work. If the exceptions are few you can probably come by with a lookup -table for the exceptions. - -In a complex scenario you will need some kind of host lookup mechanism. -Using DNS for this is tempting, but DNS is error prone, slow and unsafe -@footnote{at least until secure DNS is commonly available}. - -Fortunately, the KDC has a trump on hand: it can easily tell if a -principal exists in the database. The KDC will use -@code{krb5_425_conv_principal_ext} to convert principals when handling -to version 4 requests. - -@node Converting a version 4 database, kaserver , Principal conversion issues, Kerberos 4 issues -@section Converting a version 4 database - -If you want to convert an existing version 4 database, the principal -conversion issue arises too. - -If you decide to convert your database once and for all, you will only -have to do this conversion once. It is also possible to run a version 5 -KDC as a slave to a version 4 KDC. In this case this conversion will -happen every time the database is propagated. When doing this -conversion, there are a few things to look out for. If you have stale -entries in the database, these entries will not be converted. This might -be because these principals are not used anymore, or it might be just -because the principal couldn't be converted. - -You might also see problems with a many-to-one mapping of -principals. For instance, if you are using DNS lookups and you have two -principals @samp{rcmd.foo} and @samp{rcmd.bar}, where `foo' is a CNAME -for `bar', the resulting principals will be the same. Since the -conversion function can't tell which is correct, these conflicts will -have to be resolved manually. - -@subsection Conversion example - -Given the following set of hosts and services: - -@example -foo.se rcmd -mail.foo.se rcmd, pop -ftp.bar.se rcmd, ftp -@end example - -you have a database that consists of the following principals: - -@samp{rcmd.foo}, @samp{rcmd.mail}, @samp{pop.mail}, @samp{rcmd.ftp}, and -@samp{ftp.ftp}. - -lets say you also got these extra principals: @samp{rcmd.gone}, -@samp{rcmd.old-mail}, where @samp{gone.foo.se} was a machine that has -now passed away, and @samp{old-mail.foo.se} was an old mail machine that -is now a CNAME for @samp{mail.foo.se}. - -When you convert this database you want the following conversions to be -done: -@example -rcmd.foo host/foo.se -rcmd.mail host/mail.foo.se -pop.mail pop/mail.foo.se -rcmd.ftp host/ftp.bar.se -ftp.ftp ftp/ftp.bar.se -rcmd.gone @i{removed} -rcmd.old-mail @i{removed} -@end example - -A @file{krb5.conf} that does this looks like: - -@example -[realms] - FOO.SE = @{ - v4_name_convert = @{ - host = @{ - ftp = ftp - pop = pop - rcmd = host - @} - @} - v4_instance_convert = @{ - foo = foo.se - ftp = ftp.bar.se - @} - default_domain = foo.se - @} -@end example - -The @samp{v4_name_convert} section says which names should be considered -having an instance consisting of a hostname, and it also says how the -names should be converted (for instance @samp{rcmd} should be converted -to @samp{host}). The @samp{v4_instance_convert} section says how a -hostname should be qualified (this is just a hosts-file in -disguise). Host-instances that aren't covered by -@samp{v4_instance_convert} are qualified by appending the contents of -the @samp{default_domain}. - -Actually, this example doesn't work. Or rather, it works to well. Since -it has no way of knowing which hostnames are valid and which are not, it -will happily convert @samp{rcmd.gone} to @samp{host/gone.foo.se}. This -isn't a big problem, but if you have run your kerberos realm for a few -years, chances are big that you have quite a few `junk' principals. - -If you don't want this you can remove the @samp{default_domain} -statement, but then you will have to add entries for @emph{all} your hosts -in the @samp{v4_instance_convert} section. - -Instead of doing this you can use DNS to convert instances. This is not -a solution without problems, but it is probably easier than adding lots -of static host entries. - -To enable DNS lookup you should turn on @samp{v4_instance_resolve} in -the @samp{[libdefaults]} section. - -@subsection Converting a database - -The database conversion is done with @samp{hprop}. You can run this -command to propagate the database to the machine called -@samp{slave-server} (which should be running a @samp{hpropd}). - -@example -hprop --source=krb4-db --master-key=/.m slave-server -@end example - -This command can also be to use for converting the v4 database on the -server: - -@example -hprop -n --source=krb4-db -d /var/kerberos/principal --master-key=/.m | hpropd -n -@end example - -@section Version 4 Kadmin - -@samp{kadmind} can act as a version 4 kadmind, and you can do most -operations, but with some restrictions (since the version 4 kadmin -protocol is, lets say, very ad hoc.) One example is that it only passes -des keys when creating principals and changing passwords (modern kpasswd -clients do send the password, so it's possible to to password quality -checks). Because of this you can only create principals with des keys, -and you can't set any flags or do any other fancy stuff. - -To get this to work, you have to add another entry to inetd (since -version 4 uses port 751, not 749). - -@emph{And then there are a many more things you can do; more on this in -a later version of this manual. Until then, UTSL.} - -@node kaserver, , Converting a version 4 database, Kerberos 4 issues -@section kaserver - -@subsection kaserver emulation - -The Heimdal kdc can emulate a kaserver. The kaserver is a Kerberos 4 -server with pre-authentication using Rx as the on-wire protocol. The kdc -contains a minimalistic Rx implementation. - -There are three parts of the kaserver; KAA (Authentication), KAT (Ticket -Granting), and KAM (Maintenance). The KAA interface and KAT interface -both passes over DES encrypted data-blobs (just like the -Kerberos-protocol) and thus do not need any other protection. The KAM -interface uses @code{rxkad} (Kerberos authentication layer for Rx) for -security and data protection, and is used for example for changing -passwords. This part is not implemented in the kdc. - -Another difference between the ka-protocol and the Kerberos 4 protocol -is that the pass-phrase is salted with the cellname in the @code{string to -key} function in the ka-protocol, while in the Kerberos 4 protocol there -is no salting of the password at all. To make sure AFS-compatible keys -are added to each principals when they are created or their password are -changed, @samp{afs3-salt} should be added to -@samp{[kadmin]default_keys}. - -@subsection Transarc AFS Windows client - -The Transarc Windows client uses Kerberos 4 to obtain tokens, and thus -does not need a kaserver. The Windows client assumes that the Kerberos -server is on the same machine as the AFS-database server. If you do not -like to do that you can add a small program that runs on the database -servers that forward all kerberos requests to the real kerberos -server. A program that does this is @code{krb-forward} -(@url{ftp://ftp.stacken.kth.se/pub/projekts/krb-forward}). diff --git a/crypto/heimdal/doc/krb5.din b/crypto/heimdal/doc/krb5.din deleted file mode 100644 index 2af99473ebb3..000000000000 --- a/crypto/heimdal/doc/krb5.din +++ /dev/null @@ -1,16 +0,0 @@ -# Doxyfile 1.5.3 - -PROJECT_NAME = Heimdal Kerberos 5 library -PROJECT_NUMBER = @PACKAGE_VERSION@ -OUTPUT_DIRECTORY = @objdir@/krb5 -INPUT = @srcdir@/../lib/krb5 - -WARN_IF_UNDOCUMENTED = NO - -PERL_PATH = /usr/bin/perl - -HTML_HEADER = "@srcdir@/header.html" -HTML_FOOTER = "@srcdir@/footer.html" - -@INCLUDE = "@srcdir@/doxytmpl.dxy" - diff --git a/crypto/heimdal/doc/latin1.tex b/crypto/heimdal/doc/latin1.tex deleted file mode 100644 index e683dd271dc1..000000000000 --- a/crypto/heimdal/doc/latin1.tex +++ /dev/null @@ -1,95 +0,0 @@ -% ISO Latin 1 (ISO 8859/1) encoding for Computer Modern fonts. -% Jan Michael Rynning 1990-10-12 -\def\inmathmode#1{\relax\ifmmode#1\else$#1$\fi} -\global\catcode`\^^a0=\active \global\let^^a0=~ % no-break space -\global\catcode`\^^a1=\active \global\def^^a1{!`} % inverted exclamation mark -\global\catcode`\^^a2=\active \global\def^^a2{{\rm\rlap/c}} % cent sign -\global\catcode`\^^a3=\active \global\def^^a3{{\it\$}} % pound sign -% currency sign, yen sign, broken bar -\global\catcode`\^^a7=\active \global\let^^a7=\S % section sign -\global\catcode`\^^a8=\active \global\def^^a8{\"{}} % diaeresis -\global\catcode`\^^a9=\active \global\let^^a9=\copyright % copyright sign -% feminine ordinal indicator, left angle quotation mark -\global\catcode`\^^ac=\active \global\def^^ac{\inmathmode\neg}% not sign -\global\catcode`\^^ad=\active \global\let^^ad=\- % soft hyphen -% registered trade mark sign -\global\catcode`\^^af=\active \global\def^^af{\={}} % macron -% ... -\global\catcode`\^^b1=\active \global\def^^b1{\inmathmode\pm} % plus minus -\global\catcode`\^^b2=\active \global\def^^b2{\inmathmode{{^2}}} -\global\catcode`\^^b3=\active \global\def^^b3{\inmathmode{{^3}}} -\global\catcode`\^^b4=\active \global\def^^b4{\'{}} % acute accent -\global\catcode`\^^b5=\active \global\def^^b5{\inmathmode\mu} % mu -\global\catcode`\^^b6=\active \global\let^^b6=\P % pilcroy -\global\catcode`\^^b7=\active \global\def^^b7{\inmathmode{{\cdot}}} -\global\catcode`\^^b8=\active \global\def^^b8{\c{}} % cedilla -\global\catcode`\^^b9=\active \global\def^^b9{\inmathmode{{^1}}} -% ... -\global\catcode`\^^bc=\active \global\def^^bc{\inmathmode{{1\over4}}} -\global\catcode`\^^bd=\active \global\def^^bd{\inmathmode{{1\over2}}} -\global\catcode`\^^be=\active \global\def^^be{\inmathmode{{3\over4}}} -\global\catcode`\^^bf=\active \global\def^^bf{?`} % inverted question mark -\global\catcode`\^^c0=\active \global\def^^c0{\`A} -\global\catcode`\^^c1=\active \global\def^^c1{\'A} -\global\catcode`\^^c2=\active \global\def^^c2{\^A} -\global\catcode`\^^c3=\active \global\def^^c3{\~A} -\global\catcode`\^^c4=\active \global\def^^c4{\"A} % capital a with diaeresis -\global\catcode`\^^c5=\active \global\let^^c5=\AA % capital a with ring above -\global\catcode`\^^c6=\active \global\let^^c6=\AE -\global\catcode`\^^c7=\active \global\def^^c7{\c C} -\global\catcode`\^^c8=\active \global\def^^c8{\`E} -\global\catcode`\^^c9=\active \global\def^^c9{\'E} -\global\catcode`\^^ca=\active \global\def^^ca{\^E} -\global\catcode`\^^cb=\active \global\def^^cb{\"E} -\global\catcode`\^^cc=\active \global\def^^cc{\`I} -\global\catcode`\^^cd=\active \global\def^^cd{\'I} -\global\catcode`\^^ce=\active \global\def^^ce{\^I} -\global\catcode`\^^cf=\active \global\def^^cf{\"I} -% capital eth -\global\catcode`\^^d1=\active \global\def^^d1{\~N} -\global\catcode`\^^d2=\active \global\def^^d2{\`O} -\global\catcode`\^^d3=\active \global\def^^d3{\'O} -\global\catcode`\^^d4=\active \global\def^^d4{\^O} -\global\catcode`\^^d5=\active \global\def^^d5{\~O} -\global\catcode`\^^d6=\active \global\def^^d6{\"O} % capital o with diaeresis -\global\catcode`\^^d7=\active \global\def^^d7{\inmathmode\times}% multiplication sign -\global\catcode`\^^d8=\active \global\let^^d8=\O -\global\catcode`\^^d9=\active \global\def^^d9{\`U} -\global\catcode`\^^da=\active \global\def^^da{\'U} -\global\catcode`\^^db=\active \global\def^^db{\^U} -\global\catcode`\^^dc=\active \global\def^^dc{\"U} -\global\catcode`\^^dd=\active \global\def^^dd{\'Y} -% capital thorn -\global\catcode`\^^df=\active \global\def^^df{\ss} -\global\catcode`\^^e0=\active \global\def^^e0{\`a} -\global\catcode`\^^e1=\active \global\def^^e1{\'a} -\global\catcode`\^^e2=\active \global\def^^e2{\^a} -\global\catcode`\^^e3=\active \global\def^^e3{\~a} -\global\catcode`\^^e4=\active \global\def^^e4{\"a} % small a with diaeresis -\global\catcode`\^^e5=\active \global\let^^e5=\aa % small a with ring above -\global\catcode`\^^e6=\active \global\let^^e6=\ae -\global\catcode`\^^e7=\active \global\def^^e7{\c c} -\global\catcode`\^^e8=\active \global\def^^e8{\`e} -\global\catcode`\^^e9=\active \global\def^^e9{\'e} -\global\catcode`\^^ea=\active \global\def^^ea{\^e} -\global\catcode`\^^eb=\active \global\def^^eb{\"e} -\global\catcode`\^^ec=\active \global\def^^ec{\`\i} -\global\catcode`\^^ed=\active \global\def^^ed{\'\i} -\global\catcode`\^^ee=\active \global\def^^ee{\^\i} -\global\catcode`\^^ef=\active \global\def^^ef{\"\i} -% small eth -\global\catcode`\^^f1=\active \global\def^^f1{\~n} -\global\catcode`\^^f2=\active \global\def^^f2{\`o} -\global\catcode`\^^f3=\active \global\def^^f3{\'o} -\global\catcode`\^^f4=\active \global\def^^f4{\^o} -\global\catcode`\^^f5=\active \global\def^^f5{\~o} -\global\catcode`\^^f6=\active \global\def^^f6{\"o} % small o with diaeresis -\global\catcode`\^^f7=\active \global\def^^f7{\inmathmode\div}% division sign -\global\catcode`\^^f8=\active \global\let^^f8=\o -\global\catcode`\^^f9=\active \global\def^^f9{\`u} -\global\catcode`\^^fa=\active \global\def^^fa{\'u} -\global\catcode`\^^fb=\active \global\def^^fb{\^u} -\global\catcode`\^^fc=\active \global\def^^fc{\"u} -\global\catcode`\^^fd=\active \global\def^^fd{\'y} -% capital thorn -\global\catcode`\^^ff=\active \global\def^^ff{\"y} diff --git a/crypto/heimdal/doc/layman.asc b/crypto/heimdal/doc/layman.asc deleted file mode 100644 index d4fbe64be99d..000000000000 --- a/crypto/heimdal/doc/layman.asc +++ /dev/null @@ -1,1855 +0,0 @@ -A Layman's Guide to a Subset of ASN.1, BER, and DER - -An RSA Laboratories Technical Note -Burton S. Kaliski Jr. -Revised November 1, 1993 - - -Supersedes June 3, 1991 version, which was also published as -NIST/OSI Implementors' Workshop document SEC-SIG-91-17. -PKCS documents are available by electronic mail to -. - -Copyright (C) 1991-1993 RSA Laboratories, a division of RSA -Data Security, Inc. License to copy this document is granted -provided that it is identified as "RSA Data Security, Inc. -Public-Key Cryptography Standards (PKCS)" in all material -mentioning or referencing this document. -003-903015-110-000-000 - - -Abstract. This note gives a layman's introduction to a -subset of OSI's Abstract Syntax Notation One (ASN.1), Basic -Encoding Rules (BER), and Distinguished Encoding Rules -(DER). The particular purpose of this note is to provide -background material sufficient for understanding and -implementing the PKCS family of standards. - - -1. Introduction - -It is a generally accepted design principle that abstraction -is a key to managing software development. With abstraction, -a designer can specify a part of a system without concern -for how the part is actually implemented or represented. -Such a practice leaves the implementation open; it -simplifies the specification; and it makes it possible to -state "axioms" about the part that can be proved when the -part is implemented, and assumed when the part is employed -in another, higher-level part. Abstraction is the hallmark -of most modern software specifications. - -One of the most complex systems today, and one that also -involves a great deal of abstraction, is Open Systems -Interconnection (OSI, described in X.200). OSI is an -internationally standardized architecture that governs the -interconnection of computers from the physical layer up to -the user application layer. Objects at higher layers are -defined abstractly and intended to be implemented with -objects at lower layers. For instance, a service at one -layer may require transfer of certain abstract objects -between computers; a lower layer may provide transfer -services for strings of ones and zeroes, using encoding -rules to transform the abstract objects into such strings. -OSI is called an open system because it supports many -different implementations of the services at each layer. - -OSI's method of specifying abstract objects is called ASN.1 -(Abstract Syntax Notation One, defined in X.208), and one -set of rules for representing such objects as strings of -ones and zeros is called the BER (Basic Encoding Rules, -defined in X.209). ASN.1 is a flexible notation that allows -one to define a variety data types, from simple types such -as integers and bit strings to structured types such as sets -and sequences, as well as complex types defined in terms of -others. BER describes how to represent or encode values of -each ASN.1 type as a string of eight-bit octets. There is -generally more than one way to BER-encode a given value. -Another set of rules, called the Distinguished Encoding -Rules (DER), which is a subset of BER, gives a unique -encoding to each ASN.1 value. - -The purpose of this note is to describe a subset of ASN.1, -BER and DER sufficient to understand and implement one OSI- -based application, RSA Data Security, Inc.'s Public-Key -Cryptography Standards. The features described include an -overview of ASN.1, BER, and DER and an abridged list of -ASN.1 types and their BER and DER encodings. Sections 2-4 -give an overview of ASN.1, BER, and DER, in that order. -Section 5 lists some ASN.1 types, giving their notation, -specific encoding rules, examples, and comments about their -application to PKCS. Section 6 concludes with an example, -X.500 distinguished names. - -Advanced features of ASN.1, such as macros, are not -described in this note, as they are not needed to implement -PKCS. For information on the other features, and for more -detail generally, the reader is referred to CCITT -Recommendations X.208 and X.209, which define ASN.1 and BER. - -Terminology and notation. In this note, an octet is an eight- -bit unsigned integer. Bit 8 of the octet is the most -significant and bit 1 is the least significant. - -The following meta-syntax is used for in describing ASN.1 -notation: - - BIT monospace denotes literal characters in the type - and value notation; in examples, it generally - denotes an octet value in hexadecimal - - n1 bold italics denotes a variable - - [] bold square brackets indicate that a term is - optional - - {} bold braces group related terms - - | bold vertical bar delimits alternatives with a - group - - ... bold ellipsis indicates repeated occurrences - - = bold equals sign expresses terms as subterms - - -2. Abstract Syntax Notation One - -Abstract Syntax Notation One, abbreviated ASN.1, is a -notation for describing abstract types and values. - -In ASN.1, a type is a set of values. For some types, there -are a finite number of values, and for other types there are -an infinite number. A value of a given ASN.1 type is an -element of the type's set. ASN.1 has four kinds of type: -simple types, which are "atomic" and have no components; -structured types, which have components; tagged types, which -are derived from other types; and other types, which include -the CHOICE type and the ANY type. Types and values can be -given names with the ASN.1 assignment operator (::=) , and -those names can be used in defining other types and values. - -Every ASN.1 type other than CHOICE and ANY has a tag, which -consists of a class and a nonnegative tag number. ASN.1 -types are abstractly the same if and only if their tag -numbers are the same. In other words, the name of an ASN.1 -type does not affect its abstract meaning, only the tag -does. There are four classes of tag: - - Universal, for types whose meaning is the same in all - applications; these types are only defined in - X.208. - - Application, for types whose meaning is specific to an - application, such as X.500 directory services; - types in two different applications may have the - same application-specific tag and different - meanings. - - Private, for types whose meaning is specific to a given - enterprise. - - Context-specific, for types whose meaning is specific - to a given structured type; context-specific tags - are used to distinguish between component types - with the same underlying tag within the context of - a given structured type, and component types in - two different structured types may have the same - tag and different meanings. - -The types with universal tags are defined in X.208, which -also gives the types' universal tag numbers. Types with -other tags are defined in many places, and are always -obtained by implicit or explicit tagging (see Section 2.3). -Table 1 lists some ASN.1 types and their universal-class -tags. - - Type Tag number Tag number - (decimal) (hexadecimal) - INTEGER 2 02 - BIT STRING 3 03 - OCTET STRING 4 04 - NULL 5 05 - OBJECT IDENTIFIER 6 06 - SEQUENCE and SEQUENCE OF 16 10 - SET and SET OF 17 11 - PrintableString 19 13 - T61String 20 14 - IA5String 22 16 - UTCTime 23 17 - - Table 1. Some types and their universal-class tags. - -ASN.1 types and values are expressed in a flexible, -programming-language-like notation, with the following -special rules: - - o Layout is not significant; multiple spaces and - line breaks can be considered as a single space. - - o Comments are delimited by pairs of hyphens (--), - or a pair of hyphens and a line break. - - o Identifiers (names of values and fields) and type - references (names of types) consist of upper- and - lower-case letters, digits, hyphens, and spaces; - identifiers begin with lower-case letters; type - references begin with upper-case letters. - -The following four subsections give an overview of simple -types, structured types, implicitly and explicitly tagged -types, and other types. Section 5 describes specific types -in more detail. - - -2.1 Simple types - -Simple types are those not consisting of components; they -are the "atomic" types. ASN.1 defines several; the types -that are relevant to the PKCS standards are the following: - - BIT STRING, an arbitrary string of bits (ones and - zeroes). - - IA5String, an arbitrary string of IA5 (ASCII) - characters. - - INTEGER, an arbitrary integer. - - NULL, a null value. - - OBJECT IDENTIFIER, an object identifier, which is a - sequence of integer components that identify an - object such as an algorithm or attribute type. - - OCTET STRING, an arbitrary string of octets (eight-bit - values). - - PrintableString, an arbitrary string of printable - characters. - - T61String, an arbitrary string of T.61 (eight-bit) - characters. - - UTCTime, a "coordinated universal time" or Greenwich - Mean Time (GMT) value. - -Simple types fall into two categories: string types and non- -string types. BIT STRING, IA5String, OCTET STRING, -PrintableString, T61String, and UTCTime are string types. - -String types can be viewed, for the purposes of encoding, as -consisting of components, where the components are -substrings. This view allows one to encode a value whose -length is not known in advance (e.g., an octet string value -input from a file stream) with a constructed, indefinite- -length encoding (see Section 3). - -The string types can be given size constraints limiting the -length of values. - - -2.2 Structured types - -Structured types are those consisting of components. ASN.1 -defines four, all of which are relevant to the PKCS -standards: - - SEQUENCE, an ordered collection of one or more types. - - SEQUENCE OF, an ordered collection of zero or more - occurrences of a given type. - - SET, an unordered collection of one or more types. - - SET OF, an unordered collection of zero or more - occurrences of a given type. - -The structured types can have optional components, possibly -with default values. - - -2.3 Implicitly and explicitly tagged types - -Tagging is useful to distinguish types within an -application; it is also commonly used to distinguish -component types within a structured type. For instance, -optional components of a SET or SEQUENCE type are typically -given distinct context-specific tags to avoid ambiguity. - -There are two ways to tag a type: implicitly and explicitly. - -Implicitly tagged types are derived from other types by -changing the tag of the underlying type. Implicit tagging is -denoted by the ASN.1 keywords [class number] IMPLICIT (see -Section 5.1). - -Explicitly tagged types are derived from other types by -adding an outer tag to the underlying type. In effect, -explicitly tagged types are structured types consisting of -one component, the underlying type. Explicit tagging is -denoted by the ASN.1 keywords [class number] EXPLICIT (see -Section 5.2). - -The keyword [class number] alone is the same as explicit -tagging, except when the "module" in which the ASN.1 type is -defined has implicit tagging by default. ("Modules" are -among the advanced features not described in this note.) - -For purposes of encoding, an implicitly tagged type is -considered the same as the underlying type, except that the -tag is different. An explicitly tagged type is considered -like a structured type with one component, the underlying -type. Implicit tags result in shorter encodings, but -explicit tags may be necessary to avoid ambiguity if the tag -of the underlying type is indeterminate (e.g., the -underlying type is CHOICE or ANY). - - -2.4 Other types - -Other types in ASN.1 include the CHOICE and ANY types. The -CHOICE type denotes a union of one or more alternatives; the -ANY type denotes an arbitrary value of an arbitrary type, -where the arbitrary type is possibly defined in the -registration of an object identifier or integer value. - - -3. Basic Encoding Rules - -The Basic Encoding Rules for ASN.1, abbreviated BER, give -one or more ways to represent any ASN.1 value as an octet -string. (There are certainly other ways to represent ASN.1 -values, but BER is the standard for interchanging such -values in OSI.) - -There are three methods to encode an ASN.1 value under BER, -the choice of which depends on the type of value and whether -the length of the value is known. The three methods are -primitive, definite-length encoding; constructed, definite- -length encoding; and constructed, indefinite-length -encoding. Simple non-string types employ the primitive, -definite-length method; structured types employ either of -the constructed methods; and simple string types employ any -of the methods, depending on whether the length of the value -is known. Types derived by implicit tagging employ the -method of the underlying type and types derived by explicit -tagging employ the constructed methods. - -In each method, the BER encoding has three or four parts: - - Identifier octets. These identify the class and tag - number of the ASN.1 value, and indicate whether - the method is primitive or constructed. - - Length octets. For the definite-length methods, these - give the number of contents octets. For the - constructed, indefinite-length method, these - indicate that the length is indefinite. - - Contents octets. For the primitive, definite-length - method, these give a concrete representation of - the value. For the constructed methods, these - give the concatenation of the BER encodings of the - components of the value. - - End-of-contents octets. For the constructed, indefinite- - length method, these denote the end of the - contents. For the other methods, these are absent. - -The three methods of encoding are described in the following -sections. - - -3.1 Primitive, definite-length method - -This method applies to simple types and types derived from -simple types by implicit tagging. It requires that the -length of the value be known in advance. The parts of the -BER encoding are as follows: - -Identifier octets. There are two forms: low tag number (for -tag numbers between 0 and 30) and high tag number (for tag -numbers 31 and greater). - - Low-tag-number form. One octet. Bits 8 and 7 specify - the class (see Table 2), bit 6 has value "0," - indicating that the encoding is primitive, and - bits 5-1 give the tag number. - - Class Bit Bit - 8 7 - universal 0 0 - application 0 1 - context-specific 1 0 - private 1 1 - - Table 2. Class encoding in identifier octets. - - High-tag-number form. Two or more octets. First octet - is as in low-tag-number form, except that bits 5-1 - all have value "1." Second and following octets - give the tag number, base 128, most significant - digit first, with as few digits as possible, and - with the bit 8 of each octet except the last set - to "1." - -Length octets. There are two forms: short (for lengths -between 0 and 127), and long definite (for lengths between 0 -and 21008-1). - - Short form. One octet. Bit 8 has value "0" and bits 7-1 - give the length. - - Long form. Two to 127 octets. Bit 8 of first octet has - value "1" and bits 7-1 give the number of - additional length octets. Second and following - octets give the length, base 256, most significant - digit first. - -Contents octets. These give a concrete representation of the -value (or the value of the underlying type, if the type is -derived by implicit tagging). Details for particular types -are given in Section 5. - - -3.2 Constructed, definite-length method - -This method applies to simple string types, structured -types, types derived simple string types and structured -types by implicit tagging, and types derived from anything -by explicit tagging. It requires that the length of the -value be known in advance. The parts of the BER encoding are -as follows: - -Identifier octets. As described in Section 3.1, except that -bit 6 has value "1," indicating that the encoding is -constructed. - -Length octets. As described in Section 3.1. - -Contents octets. The concatenation of the BER encodings of -the components of the value: - - o For simple string types and types derived from - them by implicit tagging, the concatenation of the - BER encodings of consecutive substrings of the - value (underlying value for implicit tagging). - - o For structured types and types derived from them - by implicit tagging, the concatenation of the BER - encodings of components of the value (underlying - value for implicit tagging). - - o For types derived from anything by explicit - tagging, the BER encoding of the underlying value. - -Details for particular types are given in Section 5. - - -3.3 Constructed, indefinite-length method - -This method applies to simple string types, structured -types, types derived simple string types and structured -types by implicit tagging, and types derived from anything -by explicit tagging. It does not require that the length of -the value be known in advance. The parts of the BER encoding -are as follows: - -Identifier octets. As described in Section 3.2. - -Length octets. One octet, 80. - -Contents octets. As described in Section 3.2. - -End-of-contents octets. Two octets, 00 00. - -Since the end-of-contents octets appear where an ordinary -BER encoding might be expected (e.g., in the contents octets -of a sequence value), the 00 and 00 appear as identifier and -length octets, respectively. Thus the end-of-contents octets -is really the primitive, definite-length encoding of a value -with universal class, tag number 0, and length 0. - - -4. Distinguished Encoding Rules - -The Distinguished Encoding Rules for ASN.1, abbreviated DER, -are a subset of BER, and give exactly one way to represent -any ASN.1 value as an octet string. DER is intended for -applications in which a unique octet string encoding is -needed, as is the case when a digital signature is computed -on an ASN.1 value. DER is defined in Section 8.7 of X.509. - -DER adds the following restrictions to the rules given in -Section 3: - - 1. When the length is between 0 and 127, the short - form of length must be used - - 2. When the length is 128 or greater, the long form - of length must be used, and the length must be - encoded in the minimum number of octets. - - 3. For simple string types and implicitly tagged - types derived from simple string types, the - primitive, definite-length method must be - employed. - - 4. For structured types, implicitly tagged types - derived from structured types, and explicitly - tagged types derived from anything, the - constructed, definite-length method must be - employed. - -Other restrictions are defined for particular types (such as -BIT STRING, SEQUENCE, SET, and SET OF), and can be found in -Section 5. - - -5. Notation and encodings for some types - -This section gives the notation for some ASN.1 types and -describes how to encode values of those types under both BER -and DER. - -The types described are those presented in Section 2. They -are listed alphabetically here. - -Each description includes ASN.1 notation, BER encoding, and -DER encoding. The focus of the encodings is primarily on the -contents octets; the tag and length octets follow Sections 3 -and 4. The descriptions also explain where each type is used -in PKCS and related standards. ASN.1 notation is generally -only for types, although for the type OBJECT IDENTIFIER, -value notation is given as well. - - -5.1 Implicitly tagged types - -An implicitly tagged type is a type derived from another -type by changing the tag of the underlying type. - -Implicit tagging is used for optional SEQUENCE components -with underlying type other than ANY throughout PKCS, and for -the extendedCertificate alternative of PKCS #7's -ExtendedCertificateOrCertificate type. - -ASN.1 notation: - -[[class] number] IMPLICIT Type - -class = UNIVERSAL | APPLICATION | PRIVATE - -where Type is a type, class is an optional class name, and -number is the tag number within the class, a nonnegative -integer. - -In ASN.1 "modules" whose default tagging method is implicit -tagging, the notation [[class] number] Type is also -acceptable, and the keyword IMPLICIT is implied. (See -Section 2.3.) For definitions stated outside a module, the -explicit inclusion of the keyword IMPLICIT is preferable to -prevent ambiguity. - -If the class name is absent, then the tag is context- -specific. Context-specific tags can only appear in a -component of a structured or CHOICE type. - -Example: PKCS #8's PrivateKeyInfo type has an optional -attributes component with an implicit, context-specific tag: - -PrivateKeyInfo ::= SEQUENCE { - version Version, - privateKeyAlgorithm PrivateKeyAlgorithmIdentifier, - privateKey PrivateKey, - attributes [0] IMPLICIT Attributes OPTIONAL } - -Here the underlying type is Attributes, the class is absent -(i.e., context-specific), and the tag number within the -class is 0. - -BER encoding. Primitive or constructed, depending on the -underlying type. Contents octets are as for the BER encoding -of the underlying value. - -Example: The BER encoding of the attributes component of a -PrivateKeyInfo value is as follows: - - o the identifier octets are 80 if the underlying - Attributes value has a primitive BER encoding and - a0 if the underlying Attributes value has a - constructed BER encoding - - o the length and contents octets are the same as the - length and contents octets of the BER encoding of - the underlying Attributes value - -DER encoding. Primitive or constructed, depending on the -underlying type. Contents octets are as for the DER encoding -of the underlying value. - - -5.2 Explicitly tagged types - -Explicit tagging denotes a type derived from another type by -adding an outer tag to the underlying type. - -Explicit tagging is used for optional SEQUENCE components -with underlying type ANY throughout PKCS, and for the -version component of X.509's Certificate type. - -ASN.1 notation: - -[[class] number] EXPLICIT Type - -class = UNIVERSAL | APPLICATION | PRIVATE - -where Type is a type, class is an optional class name, and -number is the tag number within the class, a nonnegative -integer. - -If the class name is absent, then the tag is context- -specific. Context-specific tags can only appear in a -component of a SEQUENCE, SET or CHOICE type. - -In ASN.1 "modules" whose default tagging method is explicit -tagging, the notation [[class] number] Type is also -acceptable, and the keyword EXPLICIT is implied. (See -Section 2.3.) For definitions stated outside a module, the -explicit inclusion of the keyword EXPLICIT is preferable to -prevent ambiguity. - -Example 1: PKCS #7's ContentInfo type has an optional -content component with an explicit, context-specific tag: - -ContentInfo ::= SEQUENCE { - contentType ContentType, - content - [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL } - -Here the underlying type is ANY DEFINED BY contentType, the -class is absent (i.e., context-specific), and the tag number -within the class is 0. - -Example 2: X.509's Certificate type has a version component -with an explicit, context-specific tag, where the EXPLICIT -keyword is omitted: - -Certificate ::= ... - version [0] Version DEFAULT v1988, -... - -The tag is explicit because the default tagging method for -the ASN.1 "module" in X.509 that defines the Certificate -type is explicit tagging. - -BER encoding. Constructed. Contents octets are the BER -encoding of the underlying value. - -Example: the BER encoding of the content component of a -ContentInfo value is as follows: - - o identifier octets are a0 - - o length octets represent the length of the BER - encoding of the underlying ANY DEFINED BY - contentType value - - o contents octets are the BER encoding of the - underlying ANY DEFINED BY contentType value - -DER encoding. Constructed. Contents octets are the DER -encoding of the underlying value. - - -5.3 ANY - -The ANY type denotes an arbitrary value of an arbitrary -type, where the arbitrary type is possibly defined in the -registration of an object identifier or associated with an -integer index. - -The ANY type is used for content of a particular content -type in PKCS #7's ContentInfo type, for parameters of a -particular algorithm in X.509's AlgorithmIdentifier type, -and for attribute values in X.501's Attribute and -AttributeValueAssertion types. The Attribute type is used by -PKCS #6, #7, #8, #9 and #10, and the AttributeValueAssertion -type is used in X.501 distinguished names. - -ASN.1 notation: - -ANY [DEFINED BY identifier] - -where identifier is an optional identifier. - -In the ANY form, the actual type is indeterminate. - -The ANY DEFINED BY identifier form can only appear in a -component of a SEQUENCE or SET type for which identifier -identifies some other component, and that other component -has type INTEGER or OBJECT IDENTIFIER (or a type derived -from either of those by tagging). In that form, the actual -type is determined by the value of the other component, -either in the registration of the object identifier value, -or in a table of integer values. - -Example: X.509's AlgorithmIdentifier type has a component of -type ANY: - -AlgorithmIdentifier ::= SEQUENCE { - algorithm OBJECT IDENTIFIER, - parameters ANY DEFINED BY algorithm OPTIONAL } - -Here the actual type of the parameter component depends on -the value of the algorithm component. The actual type would -be defined in the registration of object identifier values -for the algorithm component. - -BER encoding. Same as the BER encoding of the actual value. - -Example: The BER encoding of the value of the parameter -component is the BER encoding of the value of the actual -type as defined in the registration of object identifier -values for the algorithm component. - -DER encoding. Same as the DER encoding of the actual value. - - -5.4 BIT STRING - -The BIT STRING type denotes an arbitrary string of bits -(ones and zeroes). A BIT STRING value can have any length, -including zero. This type is a string type. - -The BIT STRING type is used for digital signatures on -extended certificates in PKCS #6's ExtendedCertificate type, -for digital signatures on certificates in X.509's -Certificate type, and for public keys in certificates in -X.509's SubjectPublicKeyInfo type. - -ASN.1 notation: - -BIT STRING - -Example: X.509's SubjectPublicKeyInfo type has a component -of type BIT STRING: - -SubjectPublicKeyInfo ::= SEQUENCE { - algorithm AlgorithmIdentifier, - publicKey BIT STRING } - -BER encoding. Primitive or constructed. In a primitive -encoding, the first contents octet gives the number of bits -by which the length of the bit string is less than the next -multiple of eight (this is called the "number of unused -bits"). The second and following contents octets give the -value of the bit string, converted to an octet string. The -conversion process is as follows: - - 1. The bit string is padded after the last bit with - zero to seven bits of any value to make the length - of the bit string a multiple of eight. If the - length of the bit string is a multiple of eight - already, no padding is done. - - 2. The padded bit string is divided into octets. The - first eight bits of the padded bit string become - the first octet, bit 8 to bit 1, and so on through - the last eight bits of the padded bit string. - -In a constructed encoding, the contents octets give the -concatenation of the BER encodings of consecutive substrings -of the bit string, where each substring except the last has -a length that is a multiple of eight bits. - -Example: The BER encoding of the BIT STRING value -"011011100101110111" can be any of the following, among -others, depending on the choice of padding bits, the form of -length octets, and whether the encoding is primitive or -constructed: - -03 04 06 6e 5d c0 DER encoding - -03 04 06 6e 5d e0 padded with "100000" - -03 81 04 06 6e 5d c0 long form of length octets - -23 09 constructed encoding: "0110111001011101" + "11" - 03 03 00 6e 5d - 03 02 06 c0 - -DER encoding. Primitive. The contents octects are as for a -primitive BER encoding, except that the bit string is padded -with zero-valued bits. - -Example: The DER encoding of the BIT STRING value -"011011100101110111" is - -03 04 06 6e 5d c0 - - -5.5 CHOICE - -The CHOICE type denotes a union of one or more alternatives. - -The CHOICE type is used to represent the union of an -extended certificate and an X.509 certificate in PKCS #7's -ExtendedCertificateOrCertificate type. - -ASN.1 notation: - -CHOICE { - [identifier1] Type1, - ..., - [identifiern] Typen } - -where identifier1 , ..., identifiern are optional, distinct -identifiers for the alternatives, and Type1, ..., Typen are -the types of the alternatives. The identifiers are primarily -for documentation; they do not affect values of the type or -their encodings in any way. - -The types must have distinct tags. This requirement is -typically satisfied with explicit or implicit tagging on -some of the alternatives. - -Example: PKCS #7's ExtendedCertificateOrCertificate type is -a CHOICE type: - -ExtendedCertificateOrCertificate ::= CHOICE { - certificate Certificate, -- X.509 - extendedCertificate [0] IMPLICIT ExtendedCertificate -} - -Here the identifiers for the alternatives are certificate -and extendedCertificate, and the types of the alternatives -are Certificate and [0] IMPLICIT ExtendedCertificate. - -BER encoding. Same as the BER encoding of the chosen -alternative. The fact that the alternatives have distinct -tags makes it possible to distinguish between their BER -encodings. - -Example: The identifier octets for the BER encoding are 30 -if the chosen alternative is certificate, and a0 if the -chosen alternative is extendedCertificate. - -DER encoding. Same as the DER encoding of the chosen -alternative. - - -5.6 IA5String - -The IA5String type denotes an arbtrary string of IA5 -characters. IA5 stands for International Alphabet 5, which -is the same as ASCII. The character set includes non- -printing control characters. An IA5String value can have any -length, including zero. This type is a string type. - -The IA5String type is used in PKCS #9's electronic-mail -address, unstructured-name, and unstructured-address -attributes. - -ASN.1 notation: - -IA5String - -BER encoding. Primitive or constructed. In a primitive -encoding, the contents octets give the characters in the IA5 -string, encoded in ASCII. In a constructed encoding, the -contents octets give the concatenation of the BER encodings -of consecutive substrings of the IA5 string. - -Example: The BER encoding of the IA5String value -"test1@rsa.com" can be any of the following, among others, -depending on the form of length octets and whether the -encoding is primitive or constructed: - -16 0d 74 65 73 74 31 40 72 73 61 2e 63 6f 6d DER encoding - -16 81 0d long form of length octets - 74 65 73 74 31 40 72 73 61 2e 63 6f 6d - -36 13 constructed encoding: "test1" + "@" + "rsa.com" - 16 05 74 65 73 74 31 - 16 01 40 - 16 07 72 73 61 2e 63 6f 6d - -DER encoding. Primitive. Contents octets are as for a -primitive BER encoding. - -Example: The DER encoding of the IA5String value -"test1@rsa.com" is - -16 0d 74 65 73 74 31 40 72 73 61 2e 63 6f 6d - - -5.7 INTEGER - -The INTEGER type denotes an arbitrary integer. INTEGER -values can be positive, negative, or zero, and can have any -magnitude. - -The INTEGER type is used for version numbers throughout -PKCS, cryptographic values such as modulus, exponent, and -primes in PKCS #1's RSAPublicKey and RSAPrivateKey types and -PKCS #3's DHParameter type, a message-digest iteration count -in PKCS #5's PBEParameter type, and version numbers and -serial numbers in X.509's Certificate type. - -ASN.1 notation: - -INTEGER [{ identifier1(value1) ... identifiern(valuen) }] - -where identifier1, ..., identifiern are optional distinct -identifiers and value1, ..., valuen are optional integer -values. The identifiers, when present, are associated with -values of the type. - -Example: X.509's Version type is an INTEGER type with -identified values: - -Version ::= INTEGER { v1988(0) } - -The identifier v1988 is associated with the value 0. X.509's -Certificate type uses the identifier v1988 to give a default -value of 0 for the version component: - -Certificate ::= ... - version Version DEFAULT v1988, -... - -BER encoding. Primitive. Contents octets give the value of -the integer, base 256, in two's complement form, most -significant digit first, with the minimum number of octets. -The value 0 is encoded as a single 00 octet. - -Some example BER encodings (which also happen to be DER -encodings) are given in Table 3. - - Integer BER encoding - value - 0 02 01 00 - 127 02 01 7F - 128 02 02 00 80 - 256 02 02 01 00 - -128 02 01 80 - -129 02 02 FF 7F - - Table 3. Example BER encodings of INTEGER values. - -DER encoding. Primitive. Contents octets are as for a -primitive BER encoding. - - -5.8 NULL - -The NULL type denotes a null value. - -The NULL type is used for algorithm parameters in several -places in PKCS. - -ASN.1 notation: - -NULL - -BER encoding. Primitive. Contents octets are empty. - -Example: The BER encoding of a NULL value can be either of -the following, as well as others, depending on the form of -the length octets: - -05 00 - -05 81 00 - -DER encoding. Primitive. Contents octets are empty; the DER -encoding of a NULL value is always 05 00. - - -5.9 OBJECT IDENTIFIER - -The OBJECT IDENTIFIER type denotes an object identifier, a -sequence of integer components that identifies an object -such as an algorithm, an attribute type, or perhaps a -registration authority that defines other object -identifiers. An OBJECT IDENTIFIER value can have any number -of components, and components can generally have any -nonnegative value. This type is a non-string type. - -OBJECT IDENTIFIER values are given meanings by registration -authorities. Each registration authority is responsible for -all sequences of components beginning with a given sequence. -A registration authority typically delegates responsibility -for subsets of the sequences in its domain to other -registration authorities, or for particular types of object. -There are always at least two components. - -The OBJECT IDENTIFIER type is used to identify content in -PKCS #7's ContentInfo type, to identify algorithms in -X.509's AlgorithmIdentifier type, and to identify attributes -in X.501's Attribute and AttributeValueAssertion types. The -Attribute type is used by PKCS #6, #7, #8, #9, and #10, and -the AttributeValueAssertion type is used in X.501 -distinguished names. OBJECT IDENTIFIER values are defined -throughout PKCS. - -ASN.1 notation: - -OBJECT IDENTIFIER - -The ASN.1 notation for values of the OBJECT IDENTIFIER type -is - -{ [identifier] component1 ... componentn } - -componenti = identifieri | identifieri (valuei) | valuei - -where identifier, identifier1, ..., identifiern are -identifiers, and value1, ..., valuen are optional integer -values. - -The form without identifier is the "complete" value with all -its components; the form with identifier abbreviates the -beginning components with another object identifier value. -The identifiers identifier1, ..., identifiern are intended -primarily for documentation, but they must correspond to the -integer value when both are present. These identifiers can -appear without integer values only if they are among a small -set of identifiers defined in X.208. - -Example: The following values both refer to the object -identifier assigned to RSA Data Security, Inc.: - -{ iso(1) member-body(2) 840 113549 } -{ 1 2 840 113549 } - -(In this example, which gives ASN.1 value notation, the -object identifier values are decimal, not hexadecimal.) -Table 4 gives some other object identifier values and their -meanings. - - Object identifier value Meaning - { 1 2 } ISO member bodies - { 1 2 840 } US (ANSI) - { 1 2 840 113549 } RSA Data Security, Inc. - { 1 2 840 113549 1 } RSA Data Security, Inc. PKCS - { 2 5 } directory services (X.500) - { 2 5 8 } directory services-algorithms - - Table 4. Some object identifier values and their meanings. - -BER encoding. Primitive. Contents octets are as follows, -where value1, ..., valuen denote the integer values of the -components in the complete object identifier: - - 1. The first octet has value 40 * value1 + value2. - (This is unambiguous, since value1 is limited to - values 0, 1, and 2; value2 is limited to the range - 0 to 39 when value1 is 0 or 1; and, according to - X.208, n is always at least 2.) - - 2. The following octets, if any, encode value3, ..., - valuen. Each value is encoded base 128, most - significant digit first, with as few digits as - possible, and the most significant bit of each - octet except the last in the value's encoding set - to "1." - -Example: The first octet of the BER encoding of RSA Data -Security, Inc.'s object identifier is 40 * 1 + 2 = 42 = -2a16. The encoding of 840 = 6 * 128 + 4816 is 86 48 and the -encoding of 113549 = 6 * 1282 + 7716 * 128 + d16 is 86 f7 -0d. This leads to the following BER encoding: - -06 06 2a 86 48 86 f7 0d - -DER encoding. Primitive. Contents octets are as for a -primitive BER encoding. - - -5.10 OCTET STRING - -The OCTET STRING type denotes an arbitrary string of octets -(eight-bit values). An OCTET STRING value can have any -length, including zero. This type is a string type. - -The OCTET STRING type is used for salt values in PKCS #5's -PBEParameter type, for message digests, encrypted message -digests, and encrypted content in PKCS #7, and for private -keys and encrypted private keys in PKCS #8. - -ASN.1 notation: - -OCTET STRING [SIZE ({size | size1..size2})] - -where size, size1, and size2 are optional size constraints. -In the OCTET STRING SIZE (size) form, the octet string must -have size octets. In the OCTET STRING SIZE (size1..size2) -form, the octet string must have between size1 and size2 -octets. In the OCTET STRING form, the octet string can have -any size. - -Example: PKCS #5's PBEParameter type has a component of type -OCTET STRING: - -PBEParameter ::= SEQUENCE { - salt OCTET STRING SIZE(8), - iterationCount INTEGER } - -Here the size of the salt component is always eight octets. - -BER encoding. Primitive or constructed. In a primitive -encoding, the contents octets give the value of the octet -string, first octet to last octet. In a constructed -encoding, the contents octets give the concatenation of the -BER encodings of substrings of the OCTET STRING value. - -Example: The BER encoding of the OCTET STRING value 01 23 45 -67 89 ab cd ef can be any of the following, among others, -depending on the form of length octets and whether the -encoding is primitive or constructed: - -04 08 01 23 45 67 89 ab cd ef DER encoding - -04 81 08 01 23 45 67 89 ab cd ef long form of length octets - -24 0c constructed encoding: 01 ... 67 + 89 ... ef - 04 04 01 23 45 67 - 04 04 89 ab cd ef - -DER encoding. Primitive. Contents octets are as for a -primitive BER encoding. - -Example: The BER encoding of the OCTET STRING value 01 23 45 -67 89 ab cd ef is - -04 08 01 23 45 67 89 ab cd ef - - -5.11 PrintableString - -The PrintableString type denotes an arbitrary string of -printable characters from the following character set: - - A, B, ..., Z - a, b, ..., z - 0, 1, ..., 9 - (space) ' ( ) + , - . / : = ? - -This type is a string type. - -The PrintableString type is used in PKCS #9's challenge- -password and unstructuerd-address attributes, and in several -X.521 distinguished names attributes. - -ASN.1 notation: - -PrintableString - -BER encoding. Primitive or constructed. In a primitive -encoding, the contents octets give the characters in the -printable string, encoded in ASCII. In a constructed -encoding, the contents octets give the concatenation of the -BER encodings of consecutive substrings of the string. - -Example: The BER encoding of the PrintableString value "Test -User 1" can be any of the following, among others, depending -on the form of length octets and whether the encoding is -primitive or constructed: - -13 0b 54 65 73 74 20 55 73 65 72 20 31 DER encoding - -13 81 0b long form of length octets - 54 65 73 74 20 55 73 65 72 20 31 - -33 0f constructed encoding: "Test " + "User 1" - 13 05 54 65 73 74 20 - 13 06 55 73 65 72 20 31 - -DER encoding. Primitive. Contents octets are as for a -primitive BER encoding. - -Example: The DER encoding of the PrintableString value "Test -User 1" is - -13 0b 54 65 73 74 20 55 73 65 72 20 31 - - -5.12 SEQUENCE - -The SEQUENCE type denotes an ordered collection of one or -more types. - -The SEQUENCE type is used throughout PKCS and related -standards. - -ASN.1 notation: - -SEQUENCE { - [identifier1] Type1 [{OPTIONAL | DEFAULT value1}], - ..., - [identifiern] Typen [{OPTIONAL | DEFAULT valuen}]} - -where identifier1 , ..., identifiern are optional, distinct -identifiers for the components, Type1, ..., Typen are the -types of the components, and value1, ..., valuen are optional -default values for the components. The identifiers are -primarily for documentation; they do not affect values of -the type or their encodings in any way. - -The OPTIONAL qualifier indicates that the value of a -component is optional and need not be present in the -sequence. The DEFAULT qualifier also indicates that the -value of a component is optional, and assigns a default -value to the component when the component is absent. - -The types of any consecutive series of components with the -OPTIONAL or DEFAULT qualifier, as well as of any component -immediately following that series, must have distinct tags. -This requirement is typically satisfied with explicit or -implicit tagging on some of the components. - -Example: X.509's Validity type is a SEQUENCE type with two -components: - -Validity ::= SEQUENCE { - start UTCTime, - end UTCTime } - -Here the identifiers for the components are start and end, -and the types of the components are both UTCTime. - -BER encoding. Constructed. Contents octets are the -concatenation of the BER encodings of the values of the -components of the sequence, in order of definition, with the -following rules for components with the OPTIONAL and DEFAULT -qualifiers: - - o if the value of a component with the OPTIONAL or - DEFAULT qualifier is absent from the sequence, - then the encoding of that component is not - included in the contents octets - - o if the value of a component with the DEFAULT - qualifier is the default value, then the encoding - of that component may or may not be included in - the contents octets - -DER encoding. Constructed. Contents octets are the same as -the BER encoding, except that if the value of a component -with the DEFAULT qualifier is the default value, the -encoding of that component is not included in the contents -octets. - - -5.13 SEQUENCE OF - -The SEQUENCE OF type denotes an ordered collection of zero -or more occurrences of a given type. - -The SEQUENCE OF type is used in X.501 distinguished names. - -ASN.1 notation: - -SEQUENCE OF Type - -where Type is a type. - -Example: X.501's RDNSequence type consists of zero or more -occurences of the RelativeDistinguishedName type, most -significant occurrence first: - -RDNSequence ::= SEQUENCE OF RelativeDistinguishedName - -BER encoding. Constructed. Contents octets are the -concatenation of the BER encodings of the values of the -occurrences in the collection, in order of occurence. - -DER encoding. Constructed. Contents octets are the -concatenation of the DER encodings of the values of the -occurrences in the collection, in order of occurence. - - -5.14 SET - -The SET type denotes an unordered collection of one or more -types. - -The SET type is not used in PKCS. - -ASN.1 notation: - -SET { - [identifier1] Type1 [{OPTIONAL | DEFAULT value1}], - ..., - [identifiern] Typen [{OPTIONAL | DEFAULT valuen}]} - -where identifier1, ..., identifiern are optional, distinct -identifiers for the components, Type1, ..., Typen are the -types of the components, and value1, ..., valuen are -optional default values for the components. The identifiers -are primarily for documentation; they do not affect values -of the type or their encodings in any way. - -The OPTIONAL qualifier indicates that the value of a -component is optional and need not be present in the set. -The DEFAULT qualifier also indicates that the value of a -component is optional, and assigns a default value to the -component when the component is absent. - -The types must have distinct tags. This requirement is -typically satisfied with explicit or implicit tagging on -some of the components. - -BER encoding. Constructed. Contents octets are the -concatenation of the BER encodings of the values of the -components of the set, in any order, with the following -rules for components with the OPTIONAL and DEFAULT -qualifiers: - - o if the value of a component with the OPTIONAL or - DEFAULT qualifier is absent from the set, then the - encoding of that component is not included in the - contents octets - - o if the value of a component with the DEFAULT - qualifier is the default value, then the encoding - of that component may or may not be included in - the contents octets - -DER encoding. Constructed. Contents octets are the same as -for the BER encoding, except that: - - 1. If the value of a component with the DEFAULT - qualifier is the default value, the encoding of - that component is not included. - - 2. There is an order to the components, namely - ascending order by tag. - - -5.15 SET OF - -The SET OF type denotes an unordered collection of zero or -more occurrences of a given type. - -The SET OF type is used for sets of attributes in PKCS #6, -#7, #8, #9 and #10, for sets of message-digest algorithm -identifiers, signer information, and recipient information -in PKCS #7, and in X.501 distinguished names. - -ASN.1 notation: - -SET OF Type - -where Type is a type. - -Example: X.501's RelativeDistinguishedName type consists of -zero or more occurrences of the AttributeValueAssertion -type, where the order is unimportant: - -RelativeDistinguishedName ::= - SET OF AttributeValueAssertion - -BER encoding. Constructed. Contents octets are the -concatenation of the BER encodings of the values of the -occurrences in the collection, in any order. - -DER encoding. Constructed. Contents octets are the same as -for the BER encoding, except that there is an order, namely -ascending lexicographic order of BER encoding. Lexicographic -comparison of two different BER encodings is done as -follows: Logically pad the shorter BER encoding after the -last octet with dummy octets that are smaller in value than -any normal octet. Scan the BER encodings from left to right -until a difference is found. The smaller-valued BER encoding -is the one with the smaller-valued octet at the point of -difference. - - -5.16 T61String - -The T61String type denotes an arbtrary string of T.61 -characters. T.61 is an eight-bit extension to the ASCII -character set. Special "escape" sequences specify the -interpretation of subsequent character values as, for -example, Japanese; the initial interpretation is Latin. The -character set includes non-printing control characters. The -T61String type allows only the Latin and Japanese character -interepretations, and implementors' agreements for directory -names exclude control characters [NIST92]. A T61String value -can have any length, including zero. This type is a string -type. - -The T61String type is used in PKCS #9's unstructured-address -and challenge-password attributes, and in several X.521 -attributes. - -ASN.1 notation: - -T61String - -BER encoding. Primitive or constructed. In a primitive -encoding, the contents octets give the characters in the -T.61 string, encoded in ASCII. In a constructed encoding, -the contents octets give the concatenation of the BER -encodings of consecutive substrings of the T.61 string. - -Example: The BER encoding of the T61String value "cl'es -publiques" (French for "public keys") can be any of the -following, among others, depending on the form of length -octets and whether the encoding is primitive or constructed: - -14 0f DER encoding - 63 6c c2 65 73 20 70 75 62 6c 69 71 75 65 73 - -14 81 0f long form of length octets - 63 6c c2 65 73 20 70 75 62 6c 69 71 75 65 73 - -34 15 constructed encoding: "cl'es" + " " + "publiques" - 14 05 63 6c c2 65 73 - 14 01 20 - 14 09 70 75 62 6c 69 71 75 65 73 - -The eight-bit character c2 is a T.61 prefix that adds an -acute accent (') to the next character. - -DER encoding. Primitive. Contents octets are as for a -primitive BER encoding. - -Example: The DER encoding of the T61String value "cl'es -publiques" is - -14 0f 63 6c c2 65 73 20 70 75 62 6c 69 71 75 65 73 - - -5.17 UTCTime - -The UTCTime type denotes a "coordinated universal time" or -Greenwich Mean Time (GMT) value. A UTCTime value includes -the local time precise to either minutes or seconds, and an -offset from GMT in hours and minutes. It takes any of the -following forms: - -YYMMDDhhmmZ -YYMMDDhhmm+hh'mm' -YYMMDDhhmm-hh'mm' -YYMMDDhhmmssZ -YYMMDDhhmmss+hh'mm' -YYMMDDhhmmss-hh'mm' - -where: - - YY is the least significant two digits of the year - - MM is the month (01 to 12) - - DD is the day (01 to 31) - - hh is the hour (00 to 23) - - mm are the minutes (00 to 59) - - ss are the seconds (00 to 59) - - Z indicates that local time is GMT, + indicates that - local time is later than GMT, and - indicates that - local time is earlier than GMT - - hh' is the absolute value of the offset from GMT in - hours - - mm' is the absolute value of the offset from GMT in - minutes - -This type is a string type. - -The UTCTime type is used for signing times in PKCS #9's -signing-time attribute and for certificate validity periods -in X.509's Validity type. - -ASN.1 notation: - -UTCTime - -BER encoding. Primitive or constructed. In a primitive -encoding, the contents octets give the characters in the -string, encoded in ASCII. In a constructed encoding, the -contents octets give the concatenation of the BER encodings -of consecutive substrings of the string. (The constructed -encoding is not particularly interesting, since UTCTime -values are so short, but the constructed encoding is -permitted.) - -Example: The time this sentence was originally written was -4:45:40 p.m. Pacific Daylight Time on May 6, 1991, which can -be represented with either of the following UTCTime values, -among others: - -"910506164540-0700" - -"910506234540Z" - -These values have the following BER encodings, among others: - -17 0d 39 31 30 35 30 36 32 33 34 35 34 30 5a - -17 11 39 31 30 35 30 36 31 36 34 35 34 30 2D 30 37 30 - 30 - -DER encoding. Primitive. Contents octets are as for a -primitive BER encoding. - - -6. An example - -This section gives an example of ASN.1 notation and DER -encoding: the X.501 type Name. - - -6.1 Abstract notation - -This section gives the ASN.1 notation for the X.501 type -Name. - -Name ::= CHOICE { - RDNSequence } - -RDNSequence ::= SEQUENCE OF RelativeDistinguishedName - -RelativeDistinguishedName ::= - SET OF AttributeValueAssertion - -AttributeValueAssertion ::= SEQUENCE { - AttributeType, - AttributeValue } - -AttributeType ::= OBJECT IDENTIFIER - -AttributeValue ::= ANY - -The Name type identifies an object in an X.500 directory. -Name is a CHOICE type consisting of one alternative: -RDNSequence. (Future revisions of X.500 may have other -alternatives.) - -The RDNSequence type gives a path through an X.500 directory -tree starting at the root. RDNSequence is a SEQUENCE OF type -consisting of zero or more occurences of -RelativeDistinguishedName. - -The RelativeDistinguishedName type gives a unique name to an -object relative to the object superior to it in the -directory tree. RelativeDistinguishedName is a SET OF type -consisting of zero or more occurrences of -AttributeValueAssertion. - -The AttributeValueAssertion type assigns a value to some -attribute of a relative distinguished name, such as country -name or common name. AttributeValueAssertion is a SEQUENCE -type consisting of two components, an AttributeType type and -an AttributeValue type. - -The AttributeType type identifies an attribute by object -identifier. The AttributeValue type gives an arbitrary -attribute value. The actual type of the attribute value is -determined by the attribute type. - - -6.2 DER encoding - -This section gives an example of a DER encoding of a value -of type Name, working from the bottom up. - -The name is that of the Test User 1 from the PKCS examples -[Kal93]. The name is represented by the following path: - - (root) - | - countryName = "US" - | - organizationName = "Example Organization" - | - commonName = "Test User 1" - -Each level corresponds to one RelativeDistinguishedName -value, each of which happens for this name to consist of one -AttributeValueAssertion value. The AttributeType value is -before the equals sign, and the AttributeValue value (a -printable string for the given attribute types) is after the -equals sign. - -The countryName, organizationName, and commonUnitName are -attribute types defined in X.520 as: - -attributeType OBJECT IDENTIFIER ::= - { joint-iso-ccitt(2) ds(5) 4 } - -countryName OBJECT IDENTIFIER ::= { attributeType 6 } -organizationName OBJECT IDENTIFIER ::= - { attributeType 10 } -commonUnitName OBJECT IDENTIFIER ::= - { attributeType 3 } - - -6.2.1 AttributeType - -The three AttributeType values are OCTET STRING values, so -their DER encoding follows the primitive, definite-length -method: - -06 03 55 04 06 countryName - -06 03 55 04 0a organizationName - -06 03 55 04 03 commonName - -The identifier octets follow the low-tag form, since the tag -is 6 for OBJECT IDENTIFIER. Bits 8 and 7 have value "0," -indicating universal class, and bit 6 has value "0," -indicating that the encoding is primitive. The length octets -follow the short form. The contents octets are the -concatenation of three octet strings derived from -subidentifiers (in decimal): 40 * 2 + 5 = 85 = 5516; 4; and -6, 10, or 3. - - -6.2.2 AttributeValue - -The three AttributeValue values are PrintableString values, -so their encodings follow the primitive, definite-length -method: - -13 02 55 53 "US" - -13 14 "Example Organization" - 45 78 61 6d 70 6c 65 20 4f 72 67 61 6e 69 7a 61 - 74 69 6f 6e - -13 0b "Test User 1" - 54 65 73 74 20 55 73 65 72 20 31 - -The identifier octets follow the low-tag-number form, since -the tag for PrintableString, 19 (decimal), is between 0 and -30. Bits 8 and 7 have value "0" since PrintableString is in -the universal class. Bit 6 has value "0" since the encoding -is primitive. The length octets follow the short form, and -the contents octets are the ASCII representation of the -attribute value. - - -6.2.3 AttributeValueAssertion - -The three AttributeValueAssertion values are SEQUENCE -values, so their DER encodings follow the constructed, -definite-length method: - -30 09 countryName = "US" - 06 03 55 04 06 - 13 02 55 53 - -30 1b organizationName = "Example Organizaiton" - 06 03 55 04 0a - 13 14 ... 6f 6e - -30 12 commonName = "Test User 1" - 06 03 55 04 0b - 13 0b ... 20 31 - -The identifier octets follow the low-tag-number form, since -the tag for SEQUENCE, 16 (decimal), is between 0 and 30. -Bits 8 and 7 have value "0" since SEQUENCE is in the -universal class. Bit 6 has value "1" since the encoding is -constructed. The length octets follow the short form, and -the contents octets are the concatenation of the DER -encodings of the attributeType and attributeValue -components. - - -6.2.4 RelativeDistinguishedName - -The three RelativeDistinguishedName values are SET OF -values, so their DER encodings follow the constructed, -definite-length method: - -31 0b - 30 09 ... 55 53 - -31 1d - 30 1b ... 6f 6e - -31 14 - 30 12 ... 20 31 - -The identifier octets follow the low-tag-number form, since -the tag for SET OF, 17 (decimal), is between 0 and 30. Bits -8 and 7 have value "0" since SET OF is in the universal -class Bit 6 has value "1" since the encoding is constructed. -The lengths octets follow the short form, and the contents -octets are the DER encodings of the respective -AttributeValueAssertion values, since there is only one -value in each set. - - -6.2.5 RDNSequence - -The RDNSequence value is a SEQUENCE OF value, so its DER -encoding follows the constructed, definite-length method: - -30 42 - 31 0b ... 55 53 - 31 1d ... 6f 6e - 31 14 ... 20 31 - -The identifier octets follow the low-tag-number form, since -the tag for SEQUENCE OF, 16 (decimal), is between 0 and 30. -Bits 8 and 7 have value "0" since SEQUENCE OF is in the -universal class. Bit 6 has value "1" since the encoding is -constructed. The lengths octets follow the short form, and -the contents octets are the concatenation of the DER -encodings of the three RelativeDistinguishedName values, in -order of occurrence. - - -6.2.6 Name - -The Name value is a CHOICE value, so its DER encoding is the -same as that of the RDNSequence value: - -30 42 - 31 0b - 30 09 - 06 03 55 04 06 attributeType = countryName - 13 02 55 53 attributeValue = "US" - 31 1d - 30 1b - 06 03 55 04 0a attributeType = organizationName - 13 14 attributeValue = "Example Organization" - 45 78 61 6d 70 6c 65 20 4f 72 67 61 6e 69 7a 61 - 74 69 6f 6e - - 31 14 - 30 12 - 06 03 55 04 03 attributeType = commonName - 13 0b attributeValue = "Test User 1" - 54 65 73 74 20 55 73 65 72 20 31 - - -References - -PKCS #1 RSA Laboratories. PKCS #1: RSA Encryption - Standard. Version 1.5, November 1993. - -PKCS #3 RSA Laboratories. PKCS #3: Diffie-Hellman Key- - Agreement Standard. Version 1.4, November 1993. - -PKCS #5 RSA Laboratories. PKCS #5: Password-Based - Encryption Standard. Version 1.5, November 1993. - -PKCS #6 RSA Laboratories. PKCS #6: Extended-Certificate - Syntax Standard. Version 1.5, November 1993. - -PKCS #7 RSA Laboratories. PKCS #7: Cryptographic Message - Syntax Standard. Version 1.5, November 1993. - -PKCS #8 RSA Laboratories. PKCS #8: Private-Key Information - Syntax Standard. Version 1.2, November 1993. - -PKCS #9 RSA Laboratories. PKCS #9: Selected Attribute - Types. Version 1.1, November 1993. - -PKCS #10 RSA Laboratories. PKCS #10: Certification Request - Syntax Standard. Version 1.0, November 1993. - -X.200 CCITT. Recommendation X.200: Reference Model of - Open Systems Interconnection for CCITT - Applications. 1984. - -X.208 CCITT. Recommendation X.208: Specification of - Abstract Syntax Notation One (ASN.1). 1988. - -X.209 CCITT. Recommendation X.209: Specification of - Basic Encoding Rules for Abstract Syntax Notation - One (ASN.1). 1988. - -X.500 CCITT. Recommendation X.500: The - Directory--Overview of Concepts, Models and - Services. 1988. - -X.501 CCITT. Recommendation X.501: The Directory-- - Models. 1988. - -X.509 CCITT. Recommendation X.509: The Directory-- - Authentication Framework. 1988. - -X.520 CCITT. Recommendation X.520: The Directory-- - Selected Attribute Types. 1988. - -[Kal93] Burton S. Kaliski Jr. Some Examples of the PKCS - Standards. RSA Laboratories, November 1993. - -[NIST92] NIST. Special Publication 500-202: Stable - Implementation Agreements for Open Systems - Interconnection Protocols. Part 11 (Directory - Services Protocols). December 1992. - - -Revision history - - -June 3, 1991 version - -The June 3, 1991 version is part of the initial public -release of PKCS. It was published as NIST/OSI Implementors' -Workshop document SEC-SIG-91-17. - - -November 1, 1993 version - -The November 1, 1993 version incorporates several editorial -changes, including the addition of a revision history. It is -updated to be consistent with the following versions of the -PKCS documents: - - PKCS #1: RSA Encryption Standard. Version 1.5, November - 1993. - - PKCS #3: Diffie-Hellman Key-Agreement Standard. Version - 1.4, November 1993. - - PKCS #5: Password-Based Encryption Standard. Version - 1.5, November 1993. - - PKCS #6: Extended-Certificate Syntax Standard. Version - 1.5, November 1993. - - PKCS #7: Cryptographic Message Syntax Standard. Version - 1.5, November 1993. - - PKCS #8: Private-Key Information Syntax Standard. - Version 1.2, November 1993. - - PKCS #9: Selected Attribute Types. Version 1.1, - November 1993. - - PKCS #10: Certification Request Syntax Standard. - Version 1.0, November 1993. - -The following substantive changes were made: - - Section 5: Description of T61String type is added. - - Section 6: Names are changed, consistent with other - PKCS examples. - - -Author's address - -Burton S. Kaliski Jr., Ph.D. -Chief Scientist -RSA Laboratories (415) 595-7703 -100 Marine Parkway (415) 595-4126 (fax) -Redwood City, CA 94065 USA burt@rsa.com diff --git a/crypto/heimdal/doc/mdate-sh b/crypto/heimdal/doc/mdate-sh deleted file mode 100755 index 37171f21fbd9..000000000000 --- a/crypto/heimdal/doc/mdate-sh +++ /dev/null @@ -1,92 +0,0 @@ -#!/bin/sh -# Get modification time of a file or directory and pretty-print it. -# Copyright (C) 1995, 1996, 1997 Free Software Foundation, Inc. -# written by Ulrich Drepper , June 1995 -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software Foundation, -# Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - -# Prevent date giving response in another language. -LANG=C -export LANG -LC_ALL=C -export LC_ALL -LC_TIME=C -export LC_TIME - -# Get the extended ls output of the file or directory. -# On HPUX /bin/sh, "set" interprets "-rw-r--r--" as options, so the "x" below. -if ls -L /dev/null 1>/dev/null 2>&1; then - set - x`ls -L -l -d $1` -else - set - x`ls -l -d $1` -fi -# The month is at least the fourth argument -# (3 shifts here, the next inside the loop). -shift -shift -shift - -# Find the month. Next argument is day, followed by the year or time. -month= -until test $month -do - shift - case $1 in - Jan) month=January; nummonth=1;; - Feb) month=February; nummonth=2;; - Mar) month=March; nummonth=3;; - Apr) month=April; nummonth=4;; - May) month=May; nummonth=5;; - Jun) month=June; nummonth=6;; - Jul) month=July; nummonth=7;; - Aug) month=August; nummonth=8;; - Sep) month=September; nummonth=9;; - Oct) month=October; nummonth=10;; - Nov) month=November; nummonth=11;; - Dec) month=December; nummonth=12;; - esac -done - -day=$2 - -# Here we have to deal with the problem that the ls output gives either -# the time of day or the year. -case $3 in - *:*) set `date`; eval year=\$$# - case $2 in - Jan) nummonthtod=1;; - Feb) nummonthtod=2;; - Mar) nummonthtod=3;; - Apr) nummonthtod=4;; - May) nummonthtod=5;; - Jun) nummonthtod=6;; - Jul) nummonthtod=7;; - Aug) nummonthtod=8;; - Sep) nummonthtod=9;; - Oct) nummonthtod=10;; - Nov) nummonthtod=11;; - Dec) nummonthtod=12;; - esac - # For the first six month of the year the time notation can also - # be used for files modified in the last year. - if (expr $nummonth \> $nummonthtod) > /dev/null; - then - year=`expr $year - 1` - fi;; - *) year=$3;; -esac - -# The result. -echo $day $month $year diff --git a/crypto/heimdal/doc/migration.texi b/crypto/heimdal/doc/migration.texi deleted file mode 100644 index 586d48814939..000000000000 --- a/crypto/heimdal/doc/migration.texi +++ /dev/null @@ -1,43 +0,0 @@ -@c $Id: migration.texi 9718 2001-02-24 05:09:24Z assar $ - -@node Migration, Acknowledgments, Programming with Kerberos, Top -@chapter Migration - -@section General issues - -When migrating from a Kerberos 4 KDC. - -@section Order in what to do things: - -@itemize @bullet - -@item Convert the database, check all principals that hprop complains -about. - -@samp{hprop -n --source=| hpropd -n} - -Replace with whatever source you have, like krb4-db or krb4-dump. - -@item Run a Kerberos 5 slave for a while. - -@c XXX Add you slave first to your kdc list in you kdc. - -@item Figure out if it does everything you want it to. - -Make sure that all things that you use works for you. - -@item Let a small number of controlled users use Kerberos 5 tools. - -Find a sample population of your users and check what programs they use, -you can also check the kdc-log to check what ticket are checked out. - -@item Burn the bridge and change the master. -@item Let all users use the Kerberos 5 tools by default. -@item Turn off services that do not need Kerberos 4 authentication. - -Things that might be hard to get away is old programs with support for -Kerberos 4. Example applications are old Eudora installations using -KPOP, and Zephyr. Eudora can use the Kerberos 4 kerberos in the Heimdal -kdc. - -@end itemize diff --git a/crypto/heimdal/doc/misc.texi b/crypto/heimdal/doc/misc.texi deleted file mode 100644 index ea2260996b3c..000000000000 --- a/crypto/heimdal/doc/misc.texi +++ /dev/null @@ -1,58 +0,0 @@ -@c $Id: misc.texi 12197 2003-05-04 13:32:37Z lha $ - -@node Things in search for a better place, Kerberos 4 issues, Applications, Top -@chapter Things in search for a better place - -@section Making things work on Ciscos - -Modern versions of Cisco IOS has some support for authenticating via -Kerberos 5. This can be used both by having the router get a ticket when -you login (boring), and by using Kerberos authenticated telnet to access -your router (less boring). The following has been tested on IOS -11.2(12), things might be different with other versions. Old versions -are known to have bugs. - -To make this work, you will first have to configure your router to use -Kerberos (this is explained in the documentation). A sample -configuration looks like the following: - -@example -aaa new-model -aaa authentication login default krb5-telnet krb5 enable -aaa authorization exec krb5-instance -kerberos local-realm FOO.SE -kerberos srvtab entry host/router.foo.se 0 891725446 4 1 8 012345678901234567 -kerberos server FOO.SE 10.0.0.1 -kerberos instance map admin 15 -@end example - -This tells you (among other things) that when logging in, the router -should try to authenticate with kerberised telnet, and if that fails try -to verify a plain text password via a Kerberos ticket exchange (as -opposed to a local database, RADIUS or something similar), and if that -fails try the local enable password. If you're not careful when you -specify the `login default' authentication mechanism, you might not be -able to login at all. The `instance map' and `authorization exec' lines -says that people with `admin' instances should be given `enabled' shells -when logging in. - -The numbers after the principal on the `srvtab' line are principal type, -time stamp (in seconds since 1970), key version number (4), keytype (1 == -des), key length (always 8 with des), and then the key. - -To make the Heimdal KDC produce tickets that the Cisco can decode you -might have to turn on the @samp{encode_as_rep_as_tgs_rep} flag in the -KDC. You will also have to specify that the router can't handle anything -but @samp{des-cbc-crc}. This can be done with the @samp{del_enctype} -command of @samp{kadmin}. - -This all fine and so, but unless you have an IOS version with encryption -(available only in the U.S) it doesn't really solve any problems. Sure -you don't have to send your password over the wire, but since the telnet -connection isn't protected it's still possible for someone to steal your -session. This won't be fixed until someone adds integrity to the telnet -protocol. - -A working solution would be to hook up a machine with a real operating -system to the console of the Cisco and then use it as a backwards -terminal server. diff --git a/crypto/heimdal/doc/ntlm.din b/crypto/heimdal/doc/ntlm.din deleted file mode 100644 index bbf1087a5db8..000000000000 --- a/crypto/heimdal/doc/ntlm.din +++ /dev/null @@ -1,15 +0,0 @@ -# Doxyfile 1.5.3 - -PROJECT_NAME = Heimdal ntlm library -PROJECT_NUMBER = @PACKAGE_VERSION@ -OUTPUT_DIRECTORY = @objdir@/ntlm -INPUT = @srcdir@/../lib/ntlm - -WARN_IF_UNDOCUMENTED = YES - -PERL_PATH = /usr/bin/perl - -HTML_HEADER = "@srcdir@/header.html" -HTML_FOOTER = "@srcdir@/footer.html" - -@INCLUDE = "@srcdir@/doxytmpl.dxy" diff --git a/crypto/heimdal/doc/programming.texi b/crypto/heimdal/doc/programming.texi deleted file mode 100644 index 528348bdaaa6..000000000000 --- a/crypto/heimdal/doc/programming.texi +++ /dev/null @@ -1,642 +0,0 @@ -@c $Id: programming.texi 22071 2007-11-14 20:04:50Z lha $ - -@node Programming with Kerberos, Migration, Windows 2000 compatability, Top -@chapter Programming with Kerberos - -First you need to know how the Kerberos model works, go read the -introduction text (@pxref{What is Kerberos?}). - -@menu -* Kerberos 5 API Overview:: -* Walkthrough of a sample Kerberos 5 client:: -* Validating a password in a server application:: -* API differences to MIT Kerberos:: -* File formats:: -@end menu - -@node Kerberos 5 API Overview, Walkthrough of a sample Kerberos 5 client, Programming with Kerberos, Programming with Kerberos -@section Kerberos 5 API Overview - -All functions are documented in manual pages. This section tries to -give an overview of the major components used in Kerberos library, and -point to where to look for a specific function. - -@subsection Kerberos context - -A kerberos context (@code{krb5_context}) holds all per thread state. All global variables that -are context specific are stored in this structure, including default -encryption types, credential cache (for example, a ticket file), and default realms. - -See the manual pages for @manpage{krb5_context,3} and -@manpage{krb5_init_context,3}. - -@subsection Kerberos authentication context - -Kerberos authentication context (@code{krb5_auth_context}) holds all -context related to an authenticated connection, in a similar way to the -kerberos context that holds the context for the thread or process. - -The @code{krb5_auth_context} is used by various functions that are -directly related to authentication between the server/client. Example of -data that this structure contains are various flags, addresses of client -and server, port numbers, keyblocks (and subkeys), sequence numbers, -replay cache, and checksum types. - -See the manual page for @manpage{krb5_auth_context,3}. - -@subsection Kerberos principal - -The Kerberos principal is the structure that identifies a user or -service in Kerberos. The structure that holds the principal is the -@code{krb5_principal}. There are function to extract the realm and -elements of the principal, but most applications have no reason to -inspect the content of the structure. - -The are several ways to create a principal (with different degree of -portability), and one way to free it. - -See manual page for @manpage{krb5_principal,3} for more information -about the functions. - -@subsection Credential cache - -A credential cache holds the tickets for a user. A given user can have -several credential caches, one for each realm where the user have the -initial tickets (the first krbtgt). - -The credential cache data can be stored internally in different way, each of them for -different proposes. File credential (FILE) caches and processes based -(KCM) caches are for permanent storage. While memory caches (MEMORY) -are local caches to the local process. - -Caches are opened with @manpage{krb5_cc_resolve,3} or created with -@manpage{krb5_cc_gen_unique,3}. - -If the cache needs to be opened again (using -@manpage{krb5_cc_resolve,3}) @manpage{krb5_cc_close,3} will close the -handle, but not the remove the cache. @manpage{krb5_cc_destroy,3} will -zero out the cache, remove the cache so it can no longer be -referenced. - -See also manual page for @manpage{krb5_ccache,3} - -@subsection Kerberos errors - -Kerberos errors are based on the com_err library. All error codes are -32-bit signed numbers, the first 24 bits define what subsystem the -error originates from, and last 8 bits are 255 error codes within the -library. Each error code have fixed string associated with it. For -example, the error-code -1765328383 have the symbolic name -KRB5KDC_ERR_NAME_EXP, and associated error string ``Client's entry in -database has expired''. - -This is a great improvement compared to just getting one of the unix -error-codes back. However, Heimdal have an extention to pass back -customised errors messages. Instead of getting ``Key table entry not -found'', the user might back ``failed to find -host/host.example.com@@EXAMLE.COM(kvno 3) in keytab /etc/krb5.keytab -(des-cbc-crc)''. This improves the chance that the user find the -cause of the error so you should use the customised error message -whenever it's available. - -See also manual page for @manpage{krb5_get_error_string,3} and -@manpage{krb5_get_err_text,3}. - -@subsection Keytab management - -A keytab is a storage for locally stored keys. Heimdal includes keytab -support for Kerberos 5 keytabs, Kerberos 4 srvtab, AFS-KeyFile's, -and for storing keys in memory. - -Keytabs are used for servers and long-running services. - -See also manual page for @manpage{krb5_keytab,3} - -@subsection Kerberos crypto - -Heimdal includes a implementation of the Kerberos crypto framework, -all crypto operations. - -See also manual page for @manpage{krb5_crypto_init,3}, -@manpage{krb5_keyblock,3}, @manpage{krb5_create_checksum,3}, -and @manpage{krb5_encrypt,3}. - -@node Walkthrough of a sample Kerberos 5 client, Validating a password in a server application, Kerberos 5 API Overview, Programming with Kerberos -@section Walkthrough of a sample Kerberos 5 client - -This example contains parts of a sample TCP Kerberos 5 clients, if you -want a real working client, please look in @file{appl/test} directory in -the Heimdal distribution. - -All Kerberos error-codes that are returned from kerberos functions in -this program are passed to @code{krb5_err}, that will print a -descriptive text of the error code and exit. Graphical programs can -convert error-code to a human readable error-string with the -@manpage{krb5_get_err_text,3} function. - -Note that you should not use any Kerberos function before -@code{krb5_init_context()} have completed successfully. That is the -reason @code{err()} is used when @code{krb5_init_context()} fails. - -First the client needs to call @code{krb5_init_context} to initialise -the Kerberos 5 library. This is only needed once per thread -in the program. If the function returns a non-zero value it indicates -that either the Kerberos implementation is failing or it's disabled on -this host. - -@example -#include - -int -main(int argc, char **argv) -@{ - krb5_context context; - - if (krb5_context(&context)) - errx (1, "krb5_context"); -@end example - -Now the client wants to connect to the host at the other end. The -preferred way of doing this is using @manpage{getaddrinfo,3} (for -operating system that have this function implemented), since getaddrinfo -is neutral to the address type and can use any protocol that is available. - -@example - struct addrinfo *ai, *a; - struct addrinfo hints; - int error; - - memset (&hints, 0, sizeof(hints)); - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = IPPROTO_TCP; - - error = getaddrinfo (hostname, "pop3", &hints, &ai); - if (error) - errx (1, "%s: %s", hostname, gai_strerror(error)); - - for (a = ai; a != NULL; a = a->ai_next) @{ - int s; - - s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (s < 0) - continue; - if (connect (s, a->ai_addr, a->ai_addrlen) < 0) @{ - warn ("connect(%s)", hostname); - close (s); - continue; - @} - freeaddrinfo (ai); - ai = NULL; - @} - if (ai) @{ - freeaddrinfo (ai); - errx ("failed to contact %s", hostname); - @} -@end example - -Before authenticating, an authentication context needs to be -created. This context keeps all information for one (to be) authenticated -connection (see @manpage{krb5_auth_context,3}). - -@example - status = krb5_auth_con_init (context, &auth_context); - if (status) - krb5_err (context, 1, status, "krb5_auth_con_init"); -@end example - -For setting the address in the authentication there is a help function -@code{krb5_auth_con_setaddrs_from_fd} that does everything that is needed -when given a connected file descriptor to the socket. - -@example - status = krb5_auth_con_setaddrs_from_fd (context, - auth_context, - &sock); - if (status) - krb5_err (context, 1, status, - "krb5_auth_con_setaddrs_from_fd"); -@end example - -The next step is to build a server principal for the service we want -to connect to. (See also @manpage{krb5_sname_to_principal,3}.) - -@example - status = krb5_sname_to_principal (context, - hostname, - service, - KRB5_NT_SRV_HST, - &server); - if (status) - krb5_err (context, 1, status, "krb5_sname_to_principal"); -@end example - -The client principal is not passed to @manpage{krb5_sendauth,3} -function, this causes the @code{krb5_sendauth} function to try to figure it -out itself. - -The server program is using the function @manpage{krb5_recvauth,3} to -receive the Kerberos 5 authenticator. - -In this case, mutual authentication will be tried. That means that the server -will authenticate to the client. Using mutual authentication -is good since it enables the user to verify that they are talking to the -right server (a server that knows the key). - -If you are using a non-blocking socket you will need to do all work of -@code{krb5_sendauth} yourself. Basically you need to send over the -authenticator from @manpage{krb5_mk_req,3} and, in case of mutual -authentication, verifying the result from the server with -@manpage{krb5_rd_rep,3}. - -@example - status = krb5_sendauth (context, - &auth_context, - &sock, - VERSION, - NULL, - server, - AP_OPTS_MUTUAL_REQUIRED, - NULL, - NULL, - NULL, - NULL, - NULL, - NULL); - if (status) - krb5_err (context, 1, status, "krb5_sendauth"); -@end example - -Once authentication has been performed, it is time to send some -data. First we create a krb5_data structure, then we sign it with -@manpage{krb5_mk_safe,3} using the @code{auth_context} that contains the -session-key that was exchanged in the -@manpage{krb5_sendauth,3}/@manpage{krb5_recvauth,3} authentication -sequence. - -@example - data.data = "hej"; - data.length = 3; - - krb5_data_zero (&packet); - - status = krb5_mk_safe (context, - auth_context, - &data, - &packet, - NULL); - if (status) - krb5_err (context, 1, status, "krb5_mk_safe"); -@end example - -And send it over the network. - -@example - len = packet.length; - net_len = htonl(len); - - if (krb5_net_write (context, &sock, &net_len, 4) != 4) - err (1, "krb5_net_write"); - if (krb5_net_write (context, &sock, packet.data, len) != len) - err (1, "krb5_net_write"); -@end example - -To send encrypted (and signed) data @manpage{krb5_mk_priv,3} should be -used instead. @manpage{krb5_mk_priv,3} works the same way as -@manpage{krb5_mk_safe,3}, with the exception that it encrypts the data -in addition to signing it. - -@example - data.data = "hemligt"; - data.length = 7; - - krb5_data_free (&packet); - - status = krb5_mk_priv (context, - auth_context, - &data, - &packet, - NULL); - if (status) - krb5_err (context, 1, status, "krb5_mk_priv"); -@end example - -And send it over the network. - -@example - len = packet.length; - net_len = htonl(len); - - if (krb5_net_write (context, &sock, &net_len, 4) != 4) - err (1, "krb5_net_write"); - if (krb5_net_write (context, &sock, packet.data, len) != len) - err (1, "krb5_net_write"); - -@end example - -The server is using @manpage{krb5_rd_safe,3} and -@manpage{krb5_rd_priv,3} to verify the signature and decrypt the packet. - -@node Validating a password in a server application, API differences to MIT Kerberos, Walkthrough of a sample Kerberos 5 client, Programming with Kerberos -@section Validating a password in an application - -See the manual page for @manpage{krb5_verify_user,3}. - -@node API differences to MIT Kerberos, File formats, Validating a password in a server application, Programming with Kerberos -@section API differences to MIT Kerberos - -This section is somewhat disorganised, but so far there is no overall -structure to the differences, though some of the have their root in -that Heimdal uses an ASN.1 compiler and MIT doesn't. - -@subsection Principal and realms - -Heimdal stores the realm as a @code{krb5_realm}, that is a @code{char *}. -MIT Kerberos uses a @code{krb5_data} to store a realm. - -In Heimdal @code{krb5_principal} doesn't contain the component -@code{name_type}; it's instead stored in component -@code{name.name_type}. To get and set the nametype in Heimdal, use -@manpage{krb5_principal_get_type,3} and -@manpage{krb5_principal_set_type,3}. - -For more information about principal and realms, see -@manpage{krb5_principal,3}. - -@subsection Error messages - -To get the error string, Heimdal uses -@manpage{krb5_get_error_string,3} or, if @code{NULL} is returned, -@manpage{krb5_get_err_text,3}. This is to return custom error messages -(like ``Can't find host/datan.example.com@@EXAMPLE.COM in -/etc/krb5.conf.'' instead of a ``Key table entry not found'' that -@manpage{error_message,3} returns. - -Heimdal uses a threadsafe(r) version of the com_err interface; the -global @code{com_err} table isn't initialised. Then -@manpage{error_message,3} returns quite a boring error string (just -the error code itself). - - -@c @node Why you should use GSS-API for new applications, Walkthrough of a sample GSS-API client, Validating a password in a server application, Programming with Kerberos -@c @section Why you should use GSS-API for new applications -@c -@c SSPI, bah, bah, microsoft, bah, bah, almost GSS-API. -@c -@c It would also be possible for other mechanisms then Kerberos, but that -@c doesn't exist any other GSS-API implementations today. -@c -@c @node Walkthrough of a sample GSS-API client, , Why you should use GSS-API for new applications, Programming with Kerberos -@c @section Walkthrough of a sample GSS-API client -@c -@c Write about how gssapi_clent.c works. - -@node File formats, , API differences to MIT Kerberos, Programming with Kerberos -@section File formats - -This section documents the diffrent file formats that are used in -Heimdal and other Kerberos implementations. - -@subsection keytab - -The keytab binary format is not a standard format. The format has -evolved and may continue to. It is however understood by several -Kerberos implementations including Heimdal, MIT, Sun's Java ktab and -are created by the ktpass.exe utility from Windows. So it has -established itself as the defacto format for storing Kerberos keys. - -The following C-like structure definitions illustrate the MIT keytab -file format. All values are in network byte order. All text is ASCII. - -@example - keytab @{ - uint16_t file_format_version; /* 0x502 */ - keytab_entry entries[*]; - @}; - - keytab_entry @{ - int32_t size; - uint16_t num_components; /* subtract 1 if version 0x501 */ - counted_octet_string realm; - counted_octet_string components[num_components]; - uint32_t name_type; /* not present if version 0x501 */ - uint32_t timestamp; - uint8_t vno8; - keyblock key; - uint32_t vno; /* only present if >= 4 bytes left in entry */ - @}; - - counted_octet_string @{ - uint16_t length; - uint8_t data[length]; - @}; - - keyblock @{ - uint16_t type; - counted_octet_string; - @}; -@end example - -All numbers are stored in network byteorder (big endian) format. - -The keytab file format begins with the 16 bit file_format_version which -at the time this document was authored is 0x502. The format of older -keytabs is described at the end of this document. - -The file_format_version is immediately followed by an array of -keytab_entry structures which are prefixed with a 32 bit size indicating -the number of bytes that follow in the entry. Note that the size should be -evaluated as signed. This is because a negative value indicates that the -entry is in fact empty (e.g. it has been deleted) and that the negative -value of that negative value (which is of course a positive value) is -the offset to the next keytab_entry. Based on these size values alone -the entire keytab file can be traversed. - -The size is followed by a 16 bit num_components field indicating the -number of counted_octet_string components in the components array. - -The num_components field is followed by a counted_octet_string -representing the realm of the principal. - -A counted_octet_string is simply an array of bytes prefixed with a 16 -bit length. For the realm and name components, the counted_octet_string -bytes are ASCII encoded text with no zero terminator. - -Following the realm is the components array that represents the name of -the principal. The text of these components may be joined with slashs -to construct the typical SPN representation. For example, the service -principal HTTP/www.foo.net@@FOO.NET would consist of name components -"HTTP" followed by "www.foo.net". - -Following the components array is the 32 bit name_type (e.g. 1 is -KRB5_NT_PRINCIPAL, 2 is KRB5_NT_SRV_INST, 5 is KRB5_NT_UID, etc). In -practice the name_type is almost certainly 1 meaning KRB5_NT_PRINCIPAL. - -The 32 bit timestamp indicates the time the key was established for that -principal. The value represents the number of seconds since Jan 1, 1970. - -The 8 bit vno8 field is the version number of the key. This value is -overridden by the 32 bit vno field if it is present. The vno8 field is -filled with the lower 8 bits of the 32 bit protocol kvno field. - -The keyblock structure consists of a 16 bit value indicating the -encryption type and is a counted_octet_string containing the key. The -encryption type is the same as the Kerberos standard (e.g. 3 is -des-cbc-md5, 23 is arcfour-hmac-md5, etc). - -The last field of the keytab_entry structure is optional. If the size of -the keytab_entry indicates that there are at least 4 bytes remaining, -a 32 bit value representing the key version number is present. This -value supersedes the 8 bit vno8 value preceeding the keyblock. - -Older keytabs with a file_format_version of 0x501 are different in -three ways: - -@table @asis -@item All integers are in host byte order [1]. -@item The num_components field is 1 too large (i.e. after decoding, decrement by 1). -@item The 32 bit name_type field is not present. -@end table - -[1] The file_format_version field should really be treated as two -separate 8 bit quantities representing the major and minor version -number respectively. - -@subsection Heimdal database dump file - -Format of the Heimdal text dump file as of Heimdal 0.6.3: - -Each line in the dump file is one entry in the database. - -Each field of a line is separated by one or more spaces, with the -exception of fields consisting of principals containing spaces, where -space can be quoted with \ and \ is quoted by \. - -Fields and their types are: - -@example - Quoted princial (quote character is \) [string] - Keys [keys] - Created by [event] - Modified by [event optional] - Valid start time [time optional] - Valid end time [time optional] - Password end valid time [time optional] - Max lifetime of ticket [time optional] - Max renew time of ticket [integer optional] - Flags [hdb flags] - Generation number [generation optional] - Extensions [extentions optional] -@end example - -Fields following these silently are ignored. - -All optional fields will be skipped if they fail to parse (or comprise -the optional field marker of "-", w/o quotes). - -Example: - -@example -fred@@EXAMPLE.COM 27:1:16:e8b4c8fc7e60b9e641dcf4cff3f08a701d982a2f89ba373733d26ca59ba6c789666f6b8bfcf169412bb1e5dceb9b33cda29f3412:-:1:3:4498a933881178c744f4232172dcd774c64e81fa6d05ecdf643a7e390624a0ebf3c7407a:-:1:2:b01934b13eb795d76f3a80717d469639b4da0cfb644161340ef44fdeb375e54d684dbb85:-:1:1:ea8e16d8078bf60c781da90f508d4deccba70595258b9d31888d33987cd31af0c9cced2e:- 20020415130120:admin@@EXAMPLE.COM 20041221112428:fred@@EXAMPLE.COM - - - 86400 604800 126 20020415130120:793707:28 - -@end example - -Encoding of types are as follows: - -@table @asis -@item keys - -@example -kvno:[masterkvno:keytype:keydata:salt]@{zero or more separated by :@} -@end example - -kvno is the key version number. - -keydata is hex-encoded - -masterkvno is the kvno of the database master key. If this field is -empty, the kadmin load and merge operations will encrypt the key data -with the master key if there is one. Otherwise the key data will be -imported asis. - -salt is encoded as "-" (no/default salt) or - -@example -salt-type / -salt-type / "string" -salt-type / hex-encoded-data -@end example - -keytype is the protocol enctype number; see enum ENCTYPE in -include/krb5_asn1.h for values. - -Example: -@example -27:1:16:e8b4c8fc7e60b9e641dcf4cff3f08a701d982a2f89ba373733d26ca59ba6c789666f6b8bfcf169412bb1e5dceb9b33cda29f3412:-:1:3:4498a933881178c744f4232172dcd774c64e81fa6d05ecdf643a7e390624a0ebf3c7407a:-:1:2:b01934b13eb795d76f3a80717d469639b4da0cfb644161340ef44fdeb375e54d684dbb85:-:1:1:ea8e16d8078bf60c781da90f508d4deccba70595258b9d31888d33987cd31af0c9cced2e:- -@end example - - -@example -kvno=27,@{key: masterkvno=1,keytype=des3-cbc-sha1,keydata=..., default salt@}... -@end example - -@item time - -Format of the time is: YYYYmmddHHMMSS, corresponding to strftime -format "%Y%m%d%k%M%S". - -Time is expressed in UTC. - -Time can be optional (using -), when the time 0 is used. - -Example: - -@example -20041221112428 -@end example - -@item event - -@example - time:principal -@end example - -time is as given in format time - -principal is a string. Not quoting it may not work in earlier -versions of Heimdal. - -Example: -@example -20041221112428:bloggs@@EXAMPLE.COM -@end example - -@item hdb flags - -Integer encoding of HDB flags, see HDBFlags in lib/hdb/hdb.asn1. Each -bit in the integer is the same as the bit in the specification. - -@item generation: - -@example -time:usec:gen -@end example - - -usec is a the microsecond, integer. -gen is generation number, integer. - -The generation can be defaulted (using '-') or the empty string - -@item extensions: - -@example -first-hex-encoded-HDB-Extension[:second-...] -@end example - -HDB-extension is encoded the DER encoded HDB-Extension from -lib/hdb/hdb.asn1. Consumers HDB extensions should be aware that -unknown entires needs to be preserved even thought the ASN.1 data -content might be unknown. There is a critical flag in the data to show -to the KDC that the entry MUST be understod if the entry is to be -used. - -@end table diff --git a/crypto/heimdal/doc/setup.texi b/crypto/heimdal/doc/setup.texi deleted file mode 100644 index 02e7972c1dfe..000000000000 --- a/crypto/heimdal/doc/setup.texi +++ /dev/null @@ -1,1455 +0,0 @@ -@c $Id: setup.texi 22191 2007-12-06 17:26:30Z lha $ - -@node Setting up a realm, Applications, Building and Installing, Top - -@chapter Setting up a realm - -A -@cindex realm -realm is an administrative domain. The name of a Kerberos realm is -usually the Internet domain name in uppercase. Call your realm the same -as your Internet domain name if you do not have strong reasons for not -doing so. It will make life easier for you and everyone else. - -@menu -* Configuration file:: -* Creating the database:: -* Modifying the database:: -* Checking the setup:: -* keytabs:: -* Serving Kerberos 4/524/kaserver:: -* Remote administration:: -* Password changing:: -* Testing clients and servers:: -* Slave Servers:: -* Incremental propagation:: -* Encryption types and salting:: -* Cross realm:: -* Transit policy:: -* Setting up DNS:: -* Using LDAP to store the database:: -* Providing Kerberos credentials to servers and programs:: -* Setting up PK-INIT:: -@end menu - -@node Configuration file, Creating the database, Setting up a realm, Setting up a realm -@section Configuration file - -To setup a realm you will first have to create a configuration file: -@file{/etc/krb5.conf}. The @file{krb5.conf} file can contain many -configuration options, some of which are described here. - -There is a sample @file{krb5.conf} supplied with the distribution. - -The configuration file is a hierarchical structure consisting of -sections, each containing a list of bindings (either variable -assignments or subsections). A section starts with -@samp{[@samp{section-name}]}. A binding consists of a left hand side, an equal sign -(@samp{=}) and a right hand side (the left hand side tag must be -separated from the equal sign with some whitespace). Subsections have a -@samp{@{} as the first non-whitespace character after the equal sign. All -other bindings are treated as variable assignments. The value of a -variable extends to the end of the line. - -@example -[section1] - a-subsection = @{ - var = value1 - other-var = value with @{@} - sub-sub-section = @{ - var = 123 - @} - @} - var = some other value -[section2] - var = yet another value -@end example - -In this manual, names of sections and bindings will be given as strings -separated by slashes (@samp{/}). The @samp{other-var} variable will thus -be @samp{section1/a-subsection/other-var}. - -For in-depth information about the contents of the configuration file, refer to -the @file{krb5.conf} manual page. Some of the more important sections -are briefly described here. - -The @samp{libdefaults} section contains a list of library configuration -parameters, such as the default realm and the timeout for KDC -responses. The @samp{realms} section contains information about specific -realms, such as where they hide their KDC@. This section serves the same -purpose as the Kerberos 4 @file{krb.conf} file, but can contain more -information. Finally the @samp{domain_realm} section contains a list of -mappings from domains to realms, equivalent to the Kerberos 4 -@file{krb.realms} file. - -To continue with the realm setup, you will have to create a configuration file, -with contents similar to the following. - -@example -[libdefaults] - default_realm = MY.REALM -[realms] - MY.REALM = @{ - kdc = my.kdc my.slave.kdc - kdc = my.third.kdc - @} -[domain_realm] - .my.domain = MY.REALM - -@end example - -If you use a realm name equal to your domain name, you can omit the -@samp{libdefaults}, and @samp{domain_realm}, sections. If you have a DNS -SRV-record for your realm, or your Kerberos server has DNS CNAME -@samp{kerberos.my.realm}, you can omit the @samp{realms} section too. - -@node Creating the database, Modifying the database, Configuration file, Setting up a realm -@section Creating the database - -The database library will look for the database in the directory -@file{@value{dbdir}}, so you should probably create that directory. -Make sure the directory has restrictive permissions. - -@example -# mkdir /var/heimdal -@end example - -The keys of all the principals are stored in the database. If you -choose to, these can be encrypted with a master key. You do not have to -remember this key (or password), but just to enter it once and it will -be stored in a file (@file{/var/heimdal/m-key}). If you want to have a -master key, run @samp{kstash} to create this master key: - -@example -# kstash -Master key: -Verifying password - Master key: -@end example - -If you want to generate a random master key you can use the -@kbd{--random-key} flag to kstash. This will make sure you have a good key -on which attackers can't do a dictionary attack. - -If you have a master key, make sure you make a backup of your master -key file; without it backups of the database are of no use. - -To initialise the database use the @command{kadmin} program, with the -@kbd{-l} option (to enable local database mode). First issue a -@kbd{init MY.REALM} command. This will create the database and insert -default principals for that realm. You can have more than one realm in -one database, so @samp{init} does not destroy any old database. - -Before creating the database, @samp{init} will ask you some questions -about maximum ticket lifetimes. - -After creating the database you should probably add yourself to it. You -do this with the @samp{add} command. It takes as argument the name of a -principal. The principal should contain a realm, so if you haven't set up -a default realm, you will need to explicitly include the realm. - -@example -# kadmin -l -kadmin> init MY.REALM -Realm max ticket life [unlimited]: -Realm max renewable ticket life [unlimited]: -kadmin> add me -Max ticket life [unlimited]: -Max renewable life [unlimited]: -Attributes []: -Password: -Verifying password - Password: -@end example - -Now start the KDC and try getting a ticket. - -@example -# kdc & -# kinit me -me@@MY.REALMS's Password: -# klist -Credentials cache: /tmp/krb5cc_0 - Principal: me@@MY.REALM - - Issued Expires Principal -Aug 25 07:25:55 Aug 25 17:25:55 krbtgt/MY.REALM@@MY.REALM -@end example - -If you are curious you can use the @samp{dump} command to list all the -entries in the database. It should look something similar to the -following example (note that the entries here are truncated for -typographical reasons): - -@smallexample -kadmin> dump -me@@MY.REALM 1:0:1:0b01d3cb7c293b57:-:0:7:8aec316b9d1629e3baf8 ... -kadmin/admin@@MY.REALM 1:0:1:e5c8a2675b37a443:-:0:7:cb913ebf85 ... -krbtgt/MY.REALM@@MY.REALM 1:0:1:52b53b61c875ce16:-:0:7:c8943be ... -kadmin/changepw@@MY.REALM 1:0:1:f48c8af2b340e9fb:-:0:7:e3e6088 ... -@end smallexample - -@node Modifying the database, Checking the setup, Creating the database, Setting up a realm -@section Modifying the database - -All modifications of principals are done with with kadmin. - -A principal has several attributes and lifetimes associated with it. - -Principals are added, renamed, modified, and deleted with the kadmin -commands @samp{add}, @samp{rename}, @samp{modify}, @samp{delete}. -Both interactive editing and command line flags can be used (use --help -to list the available options). - -There are different kinds of types for the fields in the database; -attributes, absolute time times and relative times. - -@subsection Attributes - -When doing interactive editing, attributes are listed with @samp{?}. - -The attributes are given in a comma (@samp{,}) separated list. -Attributes are removed from the list by prefixing them with @samp{-}. - -@smallexample -kadmin> modify me -Max ticket life [1 day]: -Max renewable life [1 week]: -Principal expiration time [never]: -Password expiration time [never]: -Attributes [disallow-renewable]: requires-pre-auth,-disallow-renewable -kadmin> get me - Principal: me@@MY.REALM -[...] - Attributes: requires-pre-auth -@end smallexample - -@subsection Absolute times - -The format for absolute times are any of the following: - -@smallexample -never -now -YYYY-mm-dd -YYYY-mm-dd HH:MM:SS -@end smallexample - - -@subsection Relative times - -The format for relative times are any of the following combined: - -@smallexample -N year -M month -O day -P hour -Q minute -R second -@end smallexample - -@c Describe more of kadmin commands here... - -@node Checking the setup, keytabs, Modifying the database, Setting up a realm -@section Checking the setup - -There are two tools that can check the consistency of the Kerberos -configuration file and the Kerberos database. - -The Kerberos configuration file is checked using -@command{verify_krb5_conf}. The tool checks for common errors, but -commonly there are several uncommon configuration entries that are -never added to the tool and thus generates ``unknown entry'' warnings. -This is usually nothing to worry about. - -The database check is built into the kadmin tool. It will check for -common configuration error that will cause problems later. Common -check are for existence and flags on important principals. The -database check by run by the following command : - -@example -kadmin check REALM.EXAMPLE.ORG -@end example - -@node keytabs, Serving Kerberos 4/524/kaserver, Checking the setup, Setting up a realm -@section keytabs - -To extract a service ticket from the database and put it in a keytab, you -need to first create the principal in the database with @samp{ank} -(using the @kbd{--random-key} flag to get a random key) and then -extract it with @samp{ext_keytab}. - -@example -kadmin> add --random-key host/my.host.name -Max ticket life [unlimited]: -Max renewable life [unlimited]: -Attributes []: -kadmin> ext host/my.host.name -kadmin> exit -# ktutil list -Version Type Principal - 1 des-cbc-md5 host/my.host.name@@MY.REALM - 1 des-cbc-md4 host/my.host.name@@MY.REALM - 1 des-cbc-crc host/my.host.name@@MY.REALM - 1 des3-cbc-sha1 host/my.host.name@@MY.REALM -@end example - -@node Serving Kerberos 4/524/kaserver, Remote administration, keytabs, Setting up a realm -@section Serving Kerberos 4/524/kaserver - -Heimdal can be configured to support 524, Kerberos 4 or kaserver. All -these services are turned off by default. Kerberos 4 is always -supported by the KDC, but the Kerberos 4 client support also depends -on Kerberos 4 support having been included at compile-time, using -@kbd{--with-krb4=dir}. - -@subsection 524 - -524 is a service that allows the KDC to convert Kerberos 5 tickets to -Kerberos 4 tickets for backward compatibility. See also Using 2b -tokens with AFS in @xref{Things in search for a better place}. - -524 can be turned on by adding this to the configuration file - -@example -[kdc] - enable-524 = yes -@end example - -@subsection Kerberos 4 - -Kerberos 4 is the predecessor to to Kerberos 5. It only supports -single DES@. You should only enable Kerberos 4 support if you have -needs for compatibility with an installed base of Kerberos 4 -clients/servers. - -Kerberos 4 can be turned on by adding this to the configuration file - -@example -[kdc] - enable-kerberos4 = yes -@end example - -@subsection kaserver - -Kaserver is a Kerberos 4 that is used in AFS@. The protocol has some -extra features over plain Kerberos 4, but like Kerberos 4, only uses -single DES@. - -You should only enable Kaserver support if you have needs for -compatibility with an installed base of AFS machines. - -Kaserver can be turned on by adding this to the configuration file - -@example -[kdc] - enable-kaserver = yes -@end example - -@node Remote administration, Password changing, Serving Kerberos 4/524/kaserver, Setting up a realm -@section Remote administration - -The administration server, @command{kadmind}, can be started by -@command{inetd} (which isn't recommended) or run as a normal daemon. If you -want to start it from @command{inetd} you should add a line similar to the -one below to your @file{/etc/inetd.conf}. - -@example -kerberos-adm stream tcp nowait root /usr/heimdal/libexec/kadmind kadmind -@end example - -You might need to add @samp{kerberos-adm} to your @file{/etc/services} -as @samp{749/tcp}. - -Access to the administration server is controlled by an ACL file, -(default @file{/var/heimdal/kadmind.acl}.) The file has the following -syntax: -@smallexample -principal [priv1,priv2,...] [glob-pattern] -@end smallexample - -The matching is from top to bottom for matching principals (and if given, -glob-pattern). When there is a match, the access rights of that line are -applied. - -The privileges you can assign to a principal are: @samp{add}, -@samp{change-password} (or @samp{cpw} for short), @samp{delete}, -@samp{get}, @samp{list}, and @samp{modify}, or the special privilege -@samp{all}. All of these roughly correspond to the different commands -in @command{kadmin}. - -If a @var{glob-pattern} is given on a line, it restricts the access -rights for the principal to only apply for subjects that match the -pattern. The patterns are of the same type as those used in shell -globbing, see @url{none,,fnmatch(3)}. - -In the example below @samp{lha/admin} can change every principal in the -database. @samp{jimmy/admin} can only modify principals that belong to -the realm @samp{E.KTH.SE}. @samp{mille/admin} is working at the -help desk, so he should only be able to change the passwords for single -component principals (ordinary users). He will not be able to change any -@samp{/admin} principal. - -@example -lha/admin@@E.KTH.SE all -jimmy/admin@@E.KTH.SE all *@@E.KTH.SE -jimmy/admin@@E.KTH.SE all */*@@E.KTH.SE -mille/admin@@E.KTH.SE change-password *@@E.KTH.SE -@end example - -@node Password changing, Testing clients and servers, Remote administration, Setting up a realm -@section Password changing - -To allow users to change their passwords, you should run @command{kpasswdd}. -It is not run from @command{inetd}. - -You might need to add @samp{kpasswd} to your @file{/etc/services} as -@samp{464/udp}. - -@subsection Password quality assurance - -It is important that users have good passwords, both to make it harder -to guess them and to avoid off-line attacks (although -pre-authentication provides some defence against off-line attacks). -To ensure that the users choose good passwords, you can enable -password quality controls in @command{kpasswdd} and @command{kadmind}. -The controls themselves are done in a shared library or an external -program that is used by @command{kpasswdd}. To configure in these -controls, add lines similar to the following to your -@file{/etc/krb5.conf}: - -@example -[password_quality] - policies = external-check builtin:minimum-length module:policyname - external_program = /bin/false - policy_libraries = @var{library1.so} @var{library2.so} -@end example - -In @samp{[password_quality]policies} the module name is optional if -the policy name is unique in all modules (members of -@samp{policy_libraries}). - -The built-in polices are - -@itemize @bullet - -@item external-check - -Executes the program specified by @samp{[password_quality]external_program}. - -A number of key/value pairs are passed as input to the program, one per -line, ending with the string @samp{end}. The key/value lines are of -the form -@example -principal: @var{principal} -new-password: @var{password} -@end example -where @var{password} is the password to check for the previous -@var{principal}. - -If the external application approves the password, it should return -@samp{APPROVED} on standard out and exit with exit code 0. If it -doesn't approve the password, an one line error message explaining the -problem should be returned on standard error and the application -should exit with exit code 0. In case of a fatal error, the -application should, if possible, print an error message on standard -error and exit with a non-zero error code. - -@item minimum-length - -The minimum length password quality check reads the configuration file -stanza @samp{[password_quality]min_length} and requires the password -to be at least this length. - -@item character-class - -The character-class password quality check reads the configuration -file stanza @samp{[password_quality]min_classes}. The policy requires -the password to have characters from at least that many character -classes. Default value if not given is 3. - -The four different characters classes are, uppercase, lowercase, -number, special characters. - -@end itemize - -If you want to write your own shared object to check password -policies, see the manual page @manpage{kadm5_pwcheck,3}. - -Code for a password quality checking function that uses the cracklib -library can be found in @file{lib/kadm5/sample_password_check.c} in -the source code distribution. It requires that the cracklib library -be built with the patch available at -@url{ftp://ftp.pdc.kth.se/pub/krb/src/cracklib.patch}. - -A sample policy external program is included in -@file{lib/kadm5/check-cracklib.pl}. - -If no password quality checking function is configured, the only check -performed is that the password is at least six characters long. - -To check the password policy settings, use the command -@command{password-quality} in @command{kadmin} program. The password -verification is only performed locally, on the client. It may be -convenient to set the environment variable @samp{KRB5_CONFIG} to point -to a test version of @file{krb5.conf} while you're testing the -@samp{[password_quality]} stanza that way. - -@node Testing clients and servers, Slave Servers, Password changing, Setting up a realm -@section Testing clients and servers - -Now you should be able to run all the clients and servers. Refer to the -appropriate man pages for information on how to use them. - -@node Slave Servers, Incremental propagation, Testing clients and servers, Setting up a realm -@section Slave servers, Incremental propagation, Testing clients and servers, Setting up a realm - -It is desirable to have at least one backup (slave) server in case the -master server fails. It is possible to have any number of such slave -servers but more than three usually doesn't buy much more redundancy. - -All Kerberos servers for a realm must have the same database so that -they present the same service to the users. The -@pindex hprop -@command{hprop} program, running on the master, will propagate the database -to the slaves, running -@pindex hpropd -@command{hpropd} processes. - -Every slave needs a database directory, the master key (if it was used -for the database) and a keytab with the principal -@samp{hprop/@var{hostname}}. Add the principal with the -@pindex ktutil -@command{ktutil} command and start -@pindex hpropd -@command{hpropd}, as follows: - -@example -slave# ktutil get -p foo/admin hprop/`hostname` -slave# mkdir /var/heimdal -slave# hpropd -@end example - -The master will use the principal @samp{kadmin/hprop} to authenticate to -the slaves. This principal should be added when running @kbd{kadmin -l -init} but if you do not have it in your database for whatever reason, -please add it with @kbd{kadmin -l add}. - -Then run -@pindex hprop -@code{hprop} on the master: - -@example -master# hprop slave -@end example - -This was just an hands-on example to make sure that everything was -working properly. Doing it manually is of course the wrong way, and to -automate this you will want to start -@pindex hpropd -@command{hpropd} from @command{inetd} on the slave(s) and regularly run -@pindex hprop -@command{hprop} on the master to regularly propagate the database. -Starting the propagation once an hour from @command{cron} is probably a -good idea. - -@node Incremental propagation, Encryption types and salting, Slave Servers, Setting up a realm -@section Incremental propagation - -There is also a newer, and still somewhat experimental, mechanism for -doing incremental propagation in Heimdal. Instead of sending the whole -database regularly, it sends the changes as they happen on the master to -the slaves. The master keeps track of all the changes by assigning a -version number to every change to the database. The slaves know which -was the latest version they saw and in this way it can be determined if -they are in sync or not. A log of all the changes is kept on the master, -and when a slave is at an older version than the oldest one in the -log, the whole database has to be sent. - -Protocol-wise, all the slaves connect to the master and as a greeting -tell it the latest version that they have (@samp{IHAVE} message). The -master then responds by sending all the changes between that version and -the current version at the master (a series of @samp{FORYOU} messages) -or the whole database in a @samp{TELLYOUEVERYTHING} message. There is -also a keep-alive protocol that makes sure all slaves are up and running. - -@subsection Configuring incremental propagation - -The program that runs on the master is @command{ipropd-master} and all -clients run @command{ipropd-slave}. - -Create the file @file{/var/heimdal/slaves} on the master containing all -the slaves that the database should be propagated to. Each line contains -the full name of the principal (for example -@samp{iprop/hemligare.foo.se@@FOO.SE}). - -You should already have @samp{iprop/tcp} defined as 2121, in your -@file{/etc/services}. Otherwise, or if you need to use a different port -for some peculiar reason, you can use the @kbd{--port} option. This is -useful when you have multiple realms to distribute from one server. - -Then you need to create those principals that you added in the -configuration file. Create one @samp{iprop/hostname} for the master and -for every slave. - - -@example -master# /usr/heimdal/sbin/ktutil get iprop/`hostname` -@end example - -The next step is to start the @command{ipropd-master} process on the master -server. The @command{ipropd-master} listens on the UNIX domain socket -@file{/var/heimdal/signal} to know when changes have been made to the -database so they can be propagated to the slaves. There is also a -safety feature of testing the version number regularly (every 30 -seconds) to see if it has been modified by some means that do not raise -this signal. Then, start @command{ipropd-slave} on all the slaves: - -@example -master# /usr/heimdal/libexec/ipropd-master & -slave# /usr/heimdal/libexec/ipropd-slave master & -@end example - -To manage the iprop log file you should use the @command{iprop-log} -command. With it you can dump, truncate and replay the logfile. - -@node Encryption types and salting, Cross realm, Incremental propagation, Setting up a realm -@section Encryption types and salting -@cindex Salting -@cindex Encryption types - -The encryption types that the KDC is going to assign by default is -possible to change. Since the keys used for user authentication is -salted the encryption types are described together with the salt -strings. - -Salting is used to make it harder to pre-calculate all possible -keys. Using a salt increases the search space to make it almost -impossible to pre-calculate all keys. Salting is the process of mixing a -public string (the salt) with the password, then sending it through an -encryption type specific string-to-key function that will output the -fixed size encryption key. - -In Kerberos 5 the salt is determined by the encryption type, except in -some special cases. - -In @code{des} there is the Kerberos 4 salt -(none at all) or the afs-salt (using the cell (realm in -AFS lingo)). - -In @code{arcfour} (the encryption type that Microsoft Windows 2000 uses) -there is no salt. This is to be compatible with NTLM keys in Windows -NT 4. - -@code{[kadmin]default_keys} in @file{krb5.conf} controls -what salting to use. - -The syntax of @code{[kadmin]default_keys} is -@samp{[etype:]salt-type[:salt-string]}. @samp{etype} is the encryption -type (des-cbc-crc, arcfour-hmac-md5, aes256-cts-hmac-sha1-96), -@code{salt-type} is the type of salt (pw-salt or afs3-salt), and the -salt-string is the string that will be used as salt (remember that if -the salt is appended/prepended, the empty salt "" is the same thing as -no salt at all). - -Common types of salting include - -@itemize @bullet -@item @code{v4} (or @code{des:pw-salt:}) - -The Kerberos 4 salting is using no salt at all. Reason there is colon -at the end of the salt string is that it makes the salt the empty -string (same as no salt). - -@item @code{v5} (or @code{pw-salt}) - -@code{pw-salt} uses the default salt for each encryption type is -specified for. If the encryption type @samp{etype} isn't given, all -default encryption will be used. - -@item @code{afs3-salt} - -@code{afs3-salt} is the salt that is used with Transarc kaserver. It's -the cell name appended to the password. - -@end itemize - -@node Cross realm, Transit policy, Encryption types and salting, Setting up a realm -@section Cross realm -@cindex Cross realm - -Suppose you reside in the realm @samp{MY.REALM}, how do you -authenticate to a server in @samp{OTHER.REALM}? Having valid tickets in -@samp{MY.REALM} allows you to communicate with Kerberised services in that -realm. However, the computer in the other realm does not have a secret -key shared with the Kerberos server in your realm. - -It is possible to share keys between two realms that trust each -other. When a client program, such as @command{telnet} or @command{ssh}, -finds that the other computer is in a different realm, it will try to -get a ticket granting ticket for that other realm, but from the local -Kerberos server. With that ticket granting ticket, it will then obtain -service tickets from the Kerberos server in the other realm. - -For a two way trust between @samp{MY.REALM} and @samp{OTHER.REALM} -add the following principals to each realm. The principals should be -@samp{krbtgt/OTHER.REALM@@MY.REALM} and -@samp{krbtgt/MY.REALM@@OTHER.REALM} in @samp{MY.REALM}, and -@samp{krbtgt/MY.REALM@@OTHER.REALM} and -@samp{krbtgt/OTHER.REALM@@MY.REALM}in @samp{OTHER.REALM}. - -In Kerberos 5 the trust can be configured to be one way. So that -users from @samp{MY.REALM} can authenticate to services in -@samp{OTHER.REALM}, but not the opposite. In the example above, the -@samp{krbtgt/MY.REALM@@OTHER.REALM} then should be removed. - -The two principals must have the same key, key version number, and the -same set of encryption types. Remember to transfer the two keys in a -safe manner. - -@example -vr$ klist -Credentials cache: FILE:/tmp/krb5cc_913.console - Principal: lha@@E.KTH.SE - - Issued Expires Principal -May 3 13:55:52 May 3 23:55:54 krbtgt/E.KTH.SE@@E.KTH.SE - -vr$ telnet -l lha hummel.it.su.se -Trying 2001:6b0:5:1095:250:fcff:fe24:dbf... -Connected to hummel.it.su.se. -Escape character is '^]'. -Waiting for encryption to be negotiated... -[ Trying mutual KERBEROS5 (host/hummel.it.su.se@@SU.SE)... ] -[ Kerberos V5 accepts you as ``lha@@E.KTH.SE'' ] -Encryption negotiated. -Last login: Sat May 3 14:11:47 from vr.l.nxs.se -hummel$ exit - -vr$ klist -Credentials cache: FILE:/tmp/krb5cc_913.console - Principal: lha@@E.KTH.SE - - Issued Expires Principal -May 3 13:55:52 May 3 23:55:54 krbtgt/E.KTH.SE@@E.KTH.SE -May 3 13:55:56 May 3 23:55:54 krbtgt/SU.SE@@E.KTH.SE -May 3 14:10:54 May 3 23:55:54 host/hummel.it.su.se@@SU.SE - -@end example - -@node Transit policy, Setting up DNS, Cross realm, Setting up a realm -@section Transit policy -@cindex Transit policy - -If you want to use cross realm authentication through an intermediate -realm, it must be explicitly allowed by either the KDCs or the server -receiving the request. This is done in @file{krb5.conf} in the -@code{[capaths]} section. - -When the ticket transits through a realm to another realm, the -destination realm adds its peer to the "transited-realms" field in the -ticket. The field is unordered, since there is no way to know if -know if one of the transited-realms changed the order of the list. - -The syntax for @code{[capaths]} section: - -@example -[capaths] - CLIENT-REALM = @{ - SERVER-REALM = PERMITTED-CROSS-REALMS ... - @} -@end example - -The realm @code{STACKEN.KTH.SE} allows clients from @code{SU.SE} and -@code{DSV.SU.SE} to cross it. Since @code{STACKEN.KTH.SE} only has -direct cross realm setup with @code{KTH.SE}, and @code{DSV.SU.SE} only -has direct cross realm setup with @code{SU.SE} they need to use both -@code{SU.SE} and @code{KTH.SE} as transit realms. - -@example -[capaths] - SU.SE = @{ - STACKEN.KTH.SE = KTH.SE - @} - DSV.SU.SE = @{ - STACKEN.KTH.SE = SU.SE KTH.SE - @} - -@end example - -The order of the @code{PERMITTED-CROSS-REALMS} is not important when -doing transit cross realm verification. - -However, the order is important when the @code{[capaths]} section is used -to figure out the intermediate realm to go to when doing multi-realm -transit. When figuring out the next realm, the first realm of the list -of @code{PERMITTED-CROSS-REALMS} is chosen. This is done in both the -client kerberos library and the KDC. - -@c To test the cross realm configuration, use: -@c kmumble transit-check client server transit-realms ... - -@node Setting up DNS, Using LDAP to store the database, Transit policy, Setting up a realm -@section Setting up DNS -@cindex Setting up DNS - -@subsection Using DNS to find KDC - -If there is information about where to find the KDC or kadmind for a -realm in the @file{krb5.conf} for a realm, that information will be -preferred, and DNS will not be queried. - -Heimdal will try to use DNS to find the KDCs for a realm. First it -will try to find a @code{SRV} resource record (RR) for the realm. If no -SRV RRs are found, it will fall back to looking for an @code{A} RR for -a machine named kerberos.REALM, and then kerberos-1.REALM, etc - -Adding this information to DNS minimises the client configuration (in -the common case, resulting in no configuration needed) and allows the -system administrator to change the number of KDCs and on what machines -they are running without caring about clients. - -The downside of using DNS is that the client might be fooled to use the -wrong server if someone fakes DNS replies/data, but storing the IP -addresses of the KDC on all the clients makes it very hard to change -the infrastructure. - -An example of the configuration for the realm @code{EXAMPLE.COM}: - -@example - -$ORIGIN example.com. -_kerberos._tcp SRV 10 1 88 kerberos.example.com. -_kerberos._udp SRV 10 1 88 kerberos.example.com. -_kerberos._tcp SRV 10 1 88 kerberos-1.example.com. -_kerberos._udp SRV 10 1 88 kerberos-1.example.com. -_kpasswd._udp SRV 10 1 464 kerberos.example.com. -_kerberos-adm._tcp SRV 10 1 749 kerberos.example.com. - -@end example - -More information about DNS SRV resource records can be found in -RFC-2782 (A DNS RR for specifying the location of services (DNS SRV)). - -@subsection Using DNS to map hostname to Kerberos realm - -Heimdal also supports a way to lookup a realm from a hostname. This to -minimise configuration needed on clients. Using this has the drawback -that clients can be redirected by an attacker to realms within the -same cross realm trust and made to believe they are talking to the -right server (since Kerberos authentication will succeed). - -An example configuration that informs clients that for the realms -it.example.com and srv.example.com, they should use the realm -EXAMPLE.COM: - -@example - -$ORIGIN example.com. -_kerberos.it TXT "EXAMPLE.COM" -_kerberos.srv TXT "EXAMPLE.COM" - -@end example - -@node Using LDAP to store the database, Providing Kerberos credentials to servers and programs, Setting up DNS, Setting up a realm -@section Using LDAP to store the database -@cindex Using the LDAP backend - -This document describes how to install the LDAP backend for -Heimdal. Note that before attempting to configure such an -installation, you should be aware of the implications of storing -private information (such as users' keys) in a directory service -primarily designed for public information. Nonetheless, with a -suitable authorisation policy, it is possible to set this up in a -secure fashion. A knowledge of LDAP, Kerberos, and C is necessary to -install this backend. The HDB schema was devised by Leif Johansson. - -Requirements: - -@itemize @bullet - -@item -A current release of Heimdal, configured with -@code{--with-openldap=/usr/local} (adjust according to where you have -installed OpenLDAP). - -You can verify that you manage to configure LDAP support by running -@file{kdc --builtin-hdb}, and checking that @samp{ldap:} is one entry -in the list. - -Its also possible to configure the ldap backend as a shared module, -see option --hdb-openldap-module to configure. - -@item -OpenLDAP 2.0.x. Configure OpenLDAP with @kbd{--enable-local} to enable the -local transport. (A patch to support SASL EXTERNAL authentication is -necessary in order to use OpenLDAP 2.1.x.) - -@item -Add the hdb schema to the LDAP server, it's included in the source-tree -in @file{lib/hdb/hdb.schema}. Example from slapd.conf: - -@example -include /usr/local/etc/openldap/schema/hdb.schema -@end example - -@item -Configure the LDAP server ACLs to accept writes from clients over the -local transport. For example: - -@example -access to * - by dn.exact="uid=heimdal,dc=services,dc=example,dc=com" write - ... - -sasl-regexp "uidNumber=0\\\+gidNumber=.*,cn=peercred,cn=external,cn=auth" - "uid=heimdal,dc=services,dc=example,dc=com" - -@end example - -The sasl-regexp is for mapping between the SASL/EXTERNAL and a user in -a tree. The user that the key is mapped to should be have a -krb5Principal aux object with krb5PrincipalName set so that the -``creator'' and ``modifier'' is right in @file{kadmin}. - -Another option is to create an admins group and add the dn to that -group. - -Since Heimdal talks to the LDAP server over a UNIX domain socket, and -uses external sasl authentication, it's not possible to require -security layer quality (ssf in cyrus-sasl lingo). So that requirement -has to be turned off in OpenLDAP @command{slapd} configuration file -@file{slapd.conf}. - -@example -sasl-secprops minssf=0 -@end example - -@item - -Start @command{slapd} with the local listener (as well as the default TCP/IP -listener on port 389) as follows: - -@example - slapd -h "ldapi:/// ldap:///" -@end example - -Note: These is a bug in @command{slapd} where it appears to corrupt the krb5Key -binary attribute on shutdown. This may be related to our use of the V3 -schema definition syntax instead of the old UMich-style, V2 syntax. - -@item -You should specify the distinguished name under which your -principals will be stored in @file{krb5.conf}. Also you need to -enter the path to the kadmin acl file: - - -@example -[kdc] - database = @{ - dbname = ldap:ou=KerberosPrincipals,dc=example,dc=com - hdb-ldap-structural-object = inetOrgPerson - acl_file = /path/to/kadmind.acl - mkey_file = /path/to/mkey - @} -@end example - -@samp{mkey_file} can be excluded if you feel that you trust your ldap -directory to have the raw keys inside it. The -hdb-ldap-structural-object is not necessary if you do not need Samba -comatibility. - - - -@item -Once you have built Heimdal and started the LDAP server, run kadmin -(as usual) to initialise the database. Note that the instructions for -stashing a master key are as per any Heimdal installation. - -@example -kdc# kadmin -l -kadmin> init EXAMPLE.COM -Realm max ticket life [unlimited]: -Realm max renewable ticket life [unlimited]: -kadmin> ank lukeh -Max ticket life [1 day]: -Max renewable life [1 week]: -Principal expiration time [never]: -Password expiration time [never]: -Attributes []: -lukeh@@EXAMPLE.COM's Password: -Verifying password - lukeh@@EXAMPLE.COM's Password: -kadmin> exit -@end example - -Verify that the principal database has indeed been stored in the -directory with the following command: - -@example -kdc# ldapsearch -L -h localhost -D cn=manager \ - -w secret -b ou=KerberosPrincipals,dc=example,dc=com \ - 'objectclass=krb5KDCEntry' -@end example - -@item -Now consider adding indexes to the database to speed up the access, at -least theses should be added to slapd.conf. - -@example -index objectClass eq -index cn eq,sub,pres -index uid eq,sub,pres -index displayName eq,sub,pres -index krb5PrincipalName eq -@end example - -@end itemize - -@subsection Troubleshooting guide - -@url{https://sec.miljovern.no/bin/view/Info/TroubleshootingGuide} - - -@subsection Using Samba LDAP password database -@cindex Samba - -@c @node Using Samba LDAP password database, Providing Kerberos credentials to servers and programs, Using LDAP to store the database, Setting up a realm -@c @section Using Samba LDAP password database - -The Samba domain and the Kerberos realm can have different names since -arcfour's string to key functions principal/realm independent. So now -will be your first and only chance name your Kerberos realm without -needing to deal with old configuration files. - -First, you should set up Samba and get that working with LDAP backend. - -Now you can proceed as in @xref{Using LDAP to store the database}. -Heimdal will pick up the Samba LDAP entries if they are in the same -search space as the Kerberos entries. - -@node Providing Kerberos credentials to servers and programs, Setting up PK-INIT, Using LDAP to store the database, Setting up a realm -@section Providing Kerberos credentials to servers and programs - -Some services require Kerberos credentials when they start to make -connections to other services or need to use them when they have started. - -The easiest way to get tickets for a service is to store the key in a -keytab. Both ktutil get and kadmin ext can be used to get a -keytab. ktutil get is better in that way it changes the key/password -for the user. This is also the problem with ktutil. If ktutil is used -for the same service principal on several hosts, they keytab will only -be useful on the last host. In that case, run the extract command on -one host and then securely copy the keytab around to all other hosts -that need it. - -@example -host# ktutil -k /etc/krb5-service.keytab \ - get -p lha/admin@@EXAMPLE.ORG service-principal@@EXAMPLE.ORG -lha/admin@@EXAMPLE.ORG's Password: -@end example - -To get a Kerberos credential file for the service, use kinit in the -@kbd{--keytab} mode. This will not ask for a password but instead fetch the -key from the keytab. - -@example -service@@host$ kinit --cache=/var/run/service_krb5_cache \ - --keytab=/etc/krb5-service.keytab \ - service-principal@@EXAMPLE.ORG -@end example - -Long running services might need credentials longer then the -expiration time of the tickets. kinit can run in a mode that refreshes -the tickets before they expire. This is useful for services that write -into AFS and other distributed file systems using Kerberos. To run the -long running script, just append the program and arguments (if any) -after the principal. kinit will stop refreshing credentials and remove -the credentials when the script-to-start-service exits. - -@example -service@@host$ kinit --cache=/var/run/service_krb5_cache \ - --keytab=/etc/krb5-service.keytab \ - service-principal@@EXAMPLE.ORG \ - script-to-start-service argument1 argument2 -@end example - - -@node Setting up PK-INIT, , Providing Kerberos credentials to servers and programs, Setting up a realm -@section Setting up PK-INIT - -PK-INIT is levering the existing PKI infrastructure to use -certificates to get the initial ticket, that is usually the krbtgt. - -To use PK-INIT you must first have a PKI, so if you don't have one, -it is time to create it. Note that you should read the whole chapter -of the document to see the requirements on the CA software. - -There needs to exist a mapping between the certificate and what -principals that certificate is allowed to use. There are several ways -to do this. The administrator can use a configuration file, storing -the principal in the SubjectAltName extension of the certificate, or store the -mapping in the principals entry in the kerberos database. - -@section Certificates - -This section documents the requirements on the KDC and client -certificates and the format used in the id-pkinit-san OtherName -extention. - -@subsection KDC certificate - -The certificate for the KDC have serveral requirements. - -First the certificate should have an Extended Key Usage (EKU) -id-pkkdcekuoid (1.3.6.1.5.2.3.5) set. Second there must be a -subjectAltName otherName using oid id-pkinit-san (1.3.6.1.5.2.2) in -the type field and a DER encoded KRB5PrincipalName that matches the -name of the TGS of the target realm. - -Both of these two requirements are not required by the standard to be -checked by the client if it have external information what the -certificate the KDC is supposed to be used. So it's in the interest of -minimum amount of configuration on the clients they should be included. - -Remember that if the client would accept any certificate as the KDC's -certificate, the client could be fooled into trusting something that -isn't a KDC and thus expose the user to giving away information (like -password or other private information) that it is supposed to secret. - -Also, if the certificate has a nameConstraints extention with a -Generalname with dNSName or iPAdress it must match the hostname or -adress of the KDC. - -@subsection Client certificate - -The client certificate may need to have a EKU id-pkekuoid -(1.3.6.1.5.2.3.4) set depending on the certifiate on the KDC. - -It possible to store the principal (if allowed by the KDC) in the -certificate and thus delegate responsibility to do the mapping between -certificates and principals to the CA. - -@subsubsection Using KRB5PrincipalName in id-pkinit-san - -OtherName extention in the GeneralName is used to do the -mapping between certifiate and principal in the certifiate or storing -the krbtgt principal in the KDC certificate. - -The principal is stored in a SubjectAltName in the certificate using -OtherName. The oid in the type is id-pkinit-san. - -@example -id-pkinit-san OBJECT IDENTIFIER ::= @{ iso (1) org (3) dod (6) -internet (1) security (5) kerberosv5 (2) 2 @} -@end example - -The data part of the OtherName is filled with the following DER -encoded ASN.1 structure: - -@example -KRB5PrincipalName ::= SEQUENCE @{ - realm [0] Realm, - principalName [1] PrincipalName -@} -@end example - -where Realm and PrincipalName is defined by the Kerberos ASN.1 specification. - -@section Naming certificate using hx509 - -hx509 is the X.509 software used in Heimdal to handle -certificates. hx509 uses different syntaxes to specify the different -formats the certificates are stored in and what formats they exist in. - -There are several formats that can be used, PEM, embedded into PKCS12 -files, embedded into PKCS11 devices and raw DER encoded certificates. -Below is a list of types to use. - - -@table @asis - -@item DIR: - -DIR is reading all certificates in a directory that is DER or PEM -formatted. - -The main feature of DIR is that the directory is read on demand when -iterating over certificates, that way applictions can for some cases -avoid to store all certificates in memory. It's very useful for tests -that iterate over larger amount of certificates. - -Syntax is: - -@example -DIR:/path/to/der/files -@end example - -@item FILE: - -FILE: is used to have the lib pick up a certificate chain and a -private key. The file can be either a PEM (openssl) file or a raw DER -encoded certificate. If it's a PEM file it can contain several keys and -certificates and the code will try to match the private key and -certificate together. - -Its useful to have one PEM file that contains all the trust anchors. - -Syntax is: - -@example -FILE:certificate.pem,private-key.key,other-cert.pem,.... -@end example - -@item PKCS11: - -PKCS11: is used to handle smartcards via PKCS11 drivers, for example -soft-token, opensc, or muscle. The default is to use all slots on the -device/token. - -Syntax is: - -@example -PKCS11:shared-object.so -@end example - -@item PKCS12: - -PKCS12: is used to handle PKCS12 files. PKCS12 files commonly have the -extension pfx or p12. - -Syntax is: - -@example -PKCS12:/path/to/file.pfx -@end example - -@end table - -@section Configure the Kerberos software - -First configure the client's trust anchors and what parameters to -verify, see subsection below how to do that. Now you can use kinit to -get yourself tickets. One example how that can look like is: - -@example -$ kinit -C FILE:$HOME/.certs/lha.crt,$HOME/.certs/lha.key lha@@EXAMPLE.ORG -Enter your private key passphrase: -: lha@@nutcracker ; klist -Credentials cache: FILE:/tmp/krb5cc_19100a - Principal: lha@@EXAMPLE.ORG - - Issued Expires Principal -Apr 20 02:08:08 Apr 20 12:08:08 krbtgt/EXAMPLE.ORG@@EXAMPLE.ORG -@end example - -Using PKCS11 it can look like this instead: - -@example -$ kinit -C PKCS11:/tmp/pkcs11/lib/soft-pkcs11.so lha@@EXAMPLE.ORG -PIN code for SoftToken (slot): -$ klist -Credentials cache: API:4 - Principal: lha@@EXAMPLE.ORG - - Issued Expires Principal -Mar 26 23:40:10 Mar 27 09:40:10 krbtgt/EXAMPLE.ORG@@EXAMPLE.ORG -@end example - - -Write about the kdc. - -@section Configure the client - -@example -[appdefaults] - pkinit_anchors = FILE:/path/to/trust-anchors.pem - -[realms] - EXAMPLE.COM = @{ - pkinit_require_eku = true - pkinit_require_krbtgt_otherName = true - pkinit_win2k = no - pkinit_win2k_require_binding = yes - @} - -@end example - -@section Configure the KDC - -@example -[kdc] - enable-pkinit = yes - pkinit_identity = FILE:/secure/kdc.crt,/secure/kdc.key - pkinit_anchors = FILE:/path/to/trust-anchors.pem - pkinit_pool = PKCS12:/path/to/useful-intermediate-certs.pfx - pkinit_pool = FILE:/path/to/other-useful-intermediate-certs.pem - pkinit_allow_proxy_certificate = false - pkinit_win2k_require_binding = yes -@end example - -@subsection Using pki-mapping file - -Note that the file name is space sensitive. - -@example -# cat /var/heimdal/pki-mapping -# comments starts with # -lha@@EXAMPLE.ORG:C=SE,O=Stockholm universitet,CN=Love,UID=lha -lha@@EXAMPLE.ORG:CN=Love,UID=lha -@end example - -@subsection Using the Kerberos database - -@section Use hxtool to create certificates - -@subsection Generate certificates - -First you need to generate a CA certificate, change the --subject to -something appropriate, the CA certificate will be valid for 10 years. - -You need to change --subject in the command below. - -@example -hxtool issue-certificate \ - --self-signed \ - --issue-ca \ - --generate-key=rsa \ - --subject="CN=CA,DC=test,DC=h5l,DC=se" \ - --lifetime=10years \ - --certificate="FILE:ca.pem" -@end example - -The KDC needs to have a certificate, so generate a certificate of the -type ``pkinit-kdc'' and set the PK-INIT specifial SubjectAltName to the -name of the krbtgt of the realm. - -You need to change --subject and --pk-init-principal in the command below. - -@example -hxtool issue-certificate \ - --ca-certificate=FILE:ca.pem \ - --generate-key=rsa \ - --type="pkinit-kdc" \ - --pk-init-principal="krbtgt/TEST.H5L.SE@@TEST.H5L.SE" \ - --subject="uid=kdc,DC=test,DC=h5l,DC=se" \ - --certificate="FILE:kdc.pem" -@end example - -The users also needs to have a certificate, so generate a certificate -of the type ``pkinit-client''. The client doesn't need to have the PK-INIT -SubjectAltName set, you can have the Subject DN in the ACL file -(pki-mapping) instead. - -You need to change --subject and --pk-init-principal in the command below. - -@example -hxtool issue-certificate \ - --ca-certificate=FILE:ca.pem \ - --generate-key=rsa \ - --type="pkinit-client" \ - --pk-init-principal="lha@@TEST.H5L.SE" \ - --subject="uid=lha,DC=test,DC=h5l,DC=se" \ - --certificate="FILE:user.pem" -@end example - -@subsection Validate the certificate - -hxtool also contains a tool that will validate certificates according to -rules from the PKIX document. These checks are not complete, but a good test -to check if you got all of the basic bits right in your certificates. - -@example -hxtool validate FILE:user.pem -@end example - -@section Use OpenSSL to create certificates - -This section tries to give the CA owners hints how to create -certificates using OpenSSL (or CA software based on OpenSSL). - -@subsection Using OpenSSL to create certificates with krb5PrincipalName - -To make OpenSSL create certificates with krb5PrincipalName use -@file{openssl.cnf} as described below. To see a complete example of -creating client and KDC certificates, see the test-data generation -script @file{lib/hx509/data/gen-req.sh} in the source-tree. The -certicates it creates are used to test the PK-INIT functionality in -@file{tests/kdc/check-kdc.in}. - -To use this example you have to use OpenSSL 0.9.8a or later. - -@example - -[user_certificate] -subjectAltName=otherName:1.3.6.1.5.2.2;SEQUENCE:princ_name - -[princ_name] -realm = EXP:0, GeneralString:MY.REALM -principal_name = EXP:1, SEQUENCE:principal_seq - -[principal_seq] -name_type = EXP:0, INTEGER:1 -name_string = EXP:1, SEQUENCE:principals - -[principals] -princ1 = GeneralString:userid - -@end example - -Command usage - -@example -openssl x509 -extensions user_certificate -openssl ca -extensions user_certificate -@end example - - -@c --- ms certificate -@c -@c [ new_oids ] -@c msCertificateTemplateName = 1.3.6.1.4.1.311.20.2 -@c -@c -@c [ req_smartcard ] -@c keyUsage = digitalSignature, keyEncipherment -@c extendedKeyUsage = msSmartcardLogin, clientAuth -@c msCertificateTemplateName = ASN1:BMP:SmartcardLogon -@c subjectAltName = otherName:msUPN;UTF8:lukeh@dsg.padl.com -@c #subjectAltName = email:copy - - -@section Using PK-INIT with Windows - -@subsection Client configration - -Clients using a Windows KDC with PK-INIT need configuration since -windows uses pre-standard format and this can't be autodetected. - -The pkinit_win2k_require_binding option requires the reply for the KDC -to be of the new, secure, type that binds the request to reply. Before -clients should fake the reply from the KDC. To use this option you -have to apply a fix from Microsoft. - -@example -[realms] - MY.MS.REALM = @{ - pkinit_win2k = yes - pkinit_win2k_require_binding = no - @} -@end example - -@subsection Certificates - -The client certificates need to have the extended keyusage ``Microsoft -Smartcardlogin'' (openssl have the oid shortname msSmartcardLogin). - -See Microsoft Knowledge Base Article - 281245 ``Guidelines for Enabling -Smart Card Logon with Third-Party Certification Authorities'' for a -more extensive description of how set setup an external CA to it -includes all information that will make a Windows KDC happy. - -@subsection Configure Windows 2000 CA - -To enable Microsoft Smartcardlogin> for certificates in your Windows -2000 CA, you want to look at Microsoft Knowledge Base Article - -313274 ``HOW TO: Configure a Certification Authority to Issue -Smart Card Certificates in Windows''. diff --git a/crypto/heimdal/doc/vars.texi b/crypto/heimdal/doc/vars.texi deleted file mode 100755 index c2e6671a68eb..000000000000 --- a/crypto/heimdal/doc/vars.texi +++ /dev/null @@ -1,7 +0,0 @@ - -@c -@c Variables depending on installation -@c - -@set dbdir /var/heimdal -@set PACKAGE_VERSION 1.1 diff --git a/crypto/heimdal/doc/vars.tin b/crypto/heimdal/doc/vars.tin deleted file mode 100644 index d3e67b7d4893..000000000000 --- a/crypto/heimdal/doc/vars.tin +++ /dev/null @@ -1,7 +0,0 @@ - -@c -@c Variables depending on installation -@c - -@set dbdir @dbdir@ -@set PACKAGE_VERSION @PACKAGE_VERSION@ diff --git a/crypto/heimdal/doc/whatis.texi b/crypto/heimdal/doc/whatis.texi deleted file mode 100644 index 307c5a20877a..000000000000 --- a/crypto/heimdal/doc/whatis.texi +++ /dev/null @@ -1,161 +0,0 @@ -@c $Id: whatis.texi 16769 2006-02-27 12:26:50Z joda $ - -@node What is Kerberos?, Building and Installing, Introduction, Top -@chapter What is Kerberos? - -@quotation -@flushleft - Now this Cerberus had three heads of dogs, - the tail of a dragon, and on his back the - heads of all sorts of snakes. - --- Pseudo-Apollodorus Library 2.5.12 -@end flushleft -@end quotation - -Kerberos is a system for authenticating users and services on a network. -It is built upon the assumption that the network is ``unsafe''. For -example, data sent over the network can be eavesdropped and altered, and -addresses can also be faked. Therefore they cannot be used for -authentication purposes. -@cindex authentication - -Kerberos is a trusted third-party service. That means that there is a -third party (the kerberos server) that is trusted by all the entities on -the network (users and services, usually called @dfn{principals}). All -principals share a secret password (or key) with the kerberos server and -this enables principals to verify that the messages from the kerberos -server are authentic. Thus trusting the kerberos server, users and -services can authenticate each other. - -@section Basic mechanism - -@ifinfo -@macro sub{arg} -<\arg\> -@end macro -@end ifinfo - -@tex -@def@xsub#1{$_{#1}$} -@global@let@sub=@xsub -@end tex - -@ifhtml -@macro sub{arg} -@html -\arg\ -@end html -@end macro -@end ifhtml - -@c ifdocbook -@c macro sub{arg} -@c docbook -@c \arg\ -@c end docbook -@c end macro -@c end ifdocbook - -@quotation -@strong{Note} This discussion is about Kerberos version 4, but version -5 works similarly. -@end quotation - -In Kerberos, principals use @dfn{tickets} to prove that they are who -they claim to be. In the following example, @var{A} is the initiator of -the authentication exchange, usually a user, and @var{B} is the service -that @var{A} wishes to use. - -To obtain a ticket for a specific service, @var{A} sends a ticket -request to the kerberos server. The request contains @var{A}'s and -@var{B}'s names (along with some other fields). The kerberos server -checks that both @var{A} and @var{B} are valid principals. - -Having verified the validity of the principals, it creates a packet -containing @var{A}'s and @var{B}'s names, @var{A}'s network address -(@var{A@sub{addr}}), the current time (@var{t@sub{issue}}), the lifetime -of the ticket (@var{life}), and a secret @dfn{session key} -@cindex session key -(@var{K@sub{AB}}). This packet is encrypted with @var{B}'s secret key -(@var{K@sub{B}}). The actual ticket (@var{T@sub{AB}}) looks like this: -(@{@var{A}, @var{B}, @var{A@sub{addr}}, @var{t@sub{issue}}, @var{life}, -@var{K@sub{AB}}@}@var{K@sub{B}}). - -The reply to @var{A} consists of the ticket (@var{T@sub{AB}}), @var{B}'s -name, the current time, the lifetime of the ticket, and the session key, all -encrypted in @var{A}'s secret key (@{@var{B}, @var{t@sub{issue}}, -@var{life}, @var{K@sub{AB}}, @var{T@sub{AB}}@}@var{K@sub{A}}). @var{A} -decrypts the reply and retains it for later use. - -@sp 1 - -Before sending a message to @var{B}, @var{A} creates an authenticator -consisting of @var{A}'s name, @var{A}'s address, the current time, and a -``checksum'' chosen by @var{A}, all encrypted with the secret session -key (@{@var{A}, @var{A@sub{addr}}, @var{t@sub{current}}, -@var{checksum}@}@var{K@sub{AB}}). This is sent together with the ticket -received from the kerberos server to @var{B}. Upon reception, @var{B} -decrypts the ticket using @var{B}'s secret key. Since the ticket -contains the session key that the authenticator was encrypted with, -@var{B} can now also decrypt the authenticator. To verify that @var{A} -really is @var{A}, @var{B} now has to compare the contents of the ticket -with that of the authenticator. If everything matches, @var{B} now -considers @var{A} as properly authenticated. - -@c (here we should have some more explanations) - -@section Different attacks - -@subheading Impersonating A - -An impostor, @var{C} could steal the authenticator and the ticket as it -is transmitted across the network, and use them to impersonate -@var{A}. The address in the ticket and the authenticator was added to -make it more difficult to perform this attack. To succeed @var{C} will -have to either use the same machine as @var{A} or fake the source -addresses of the packets. By including the time stamp in the -authenticator, @var{C} does not have much time in which to mount the -attack. - -@subheading Impersonating B - -@var{C} can hijack @var{B}'s network address, and when @var{A} sends -her credentials, @var{C} just pretend to verify them. @var{C} can't -be sure that she is talking to @var{A}. - -@section Defence strategies - -It would be possible to add a @dfn{replay cache} -@cindex replay cache -to the server side. The idea is to save the authenticators sent during -the last few minutes, so that @var{B} can detect when someone is trying -to retransmit an already used message. This is somewhat impractical -(mostly regarding efficiency), and is not part of Kerberos 4; MIT -Kerberos 5 contains it. - -To authenticate @var{B}, @var{A} might request that @var{B} sends -something back that proves that @var{B} has access to the session -key. An example of this is the checksum that @var{A} sent as part of the -authenticator. One typical procedure is to add one to the checksum, -encrypt it with the session key and send it back to @var{A}. This is -called @dfn{mutual authentication}. - -The session key can also be used to add cryptographic checksums to the -messages sent between @var{A} and @var{B} (known as @dfn{message -integrity}). Encryption can also be added (@dfn{message -confidentiality}). This is probably the best approach in all cases. -@cindex integrity -@cindex confidentiality - -@section Further reading - -The original paper on Kerberos from 1988 is @cite{Kerberos: An -Authentication Service for Open Network Systems}, by Jennifer Steiner, -Clifford Neuman and Jeffrey I. Schiller. - -A less technical description can be found in @cite{Designing an -Authentication System: a Dialogue in Four Scenes} by Bill Bryant, also -from 1988. - -These documents can be found on our web-page at -@url{http://www.pdc.kth.se/kth-krb/}. diff --git a/crypto/heimdal/doc/win2k.texi b/crypto/heimdal/doc/win2k.texi deleted file mode 100644 index 7bc9b2a30b81..000000000000 --- a/crypto/heimdal/doc/win2k.texi +++ /dev/null @@ -1,306 +0,0 @@ -@c $Id: win2k.texi 21991 2007-10-19 13:28:07Z lha $ - -@node Windows 2000 compatability, Programming with Kerberos, Kerberos 4 issues, Top -@comment node-name, next, previous, up -@chapter Windows 2000 compatability - -Windows 2000 (formerly known as Windows NT 5) from Microsoft implements -Kerberos 5. Their implementation, however, has some quirks, -peculiarities, and bugs. This chapter is a short summary of the things -that we have found out while trying to test Heimdal against Windows -2000. Another big problem with the Kerberos implementation in Windows -2000 is that the available documentation is more focused on getting -things to work rather than how they work, and not that useful in figuring -out how things really work. - -This information should apply to Heimdal @value{VERSION} and Windows -2000 Professional. It's of course subject to change all the time and -mostly consists of our not so inspired guesses. Hopefully it's still -somewhat useful. - -@menu -* Configuring Windows 2000 to use a Heimdal KDC:: -* Inter-Realm keys (trust) between Windows 2000 and a Heimdal KDC:: -* Create account mappings:: -* Encryption types:: -* Authorisation data:: -* Quirks of Windows 2000 KDC:: -* Useful links when reading about the Windows 2000:: -@end menu - -@node Configuring Windows 2000 to use a Heimdal KDC, Inter-Realm keys (trust) between Windows 2000 and a Heimdal KDC, Windows 2000 compatability, Windows 2000 compatability -@comment node-name, next, precious, up -@section Configuring Windows 2000 to use a Heimdal KDC - -You need the command line program called @command{ksetup.exe} which is available -in the file @file{SUPPORT/TOOLS/SUPPORT.CAB} on the Windows 2000 Professional -CD-ROM. This program is used to configure the Kerberos settings on a -Workstation. - -@command{Ksetup} store the domain information under the registry key: -@code{HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\Kerberos\Domains}. - -Use the @command{kadmin} program in Heimdal to create a host principal in the -Kerberos realm. - -@example -unix% kadmin -kadmin> ank --password=password host/datan.example.com -@end example - -The name @samp{datan.example.com} should be replaced with DNS name of -the workstation. - -You must configure the workstation as a member of a workgroup, as opposed -to a member in an NT domain, and specify the KDC server of the realm -as follows: -@example -C:> ksetup /setdomain EXAMPLE.COM -C:> ksetup /addkdc EXAMPLE.COM kdc.example.com -@end example - -Set the machine password, i.e.@: create the local keytab: -@example -C:> ksetup /SetComputerPassword password -@end example - -The password used in @kbd{ksetup /setmachpassword} must be the same -as the password used in the @kbd{kadmin ank} command. - -The workstation must now be rebooted. - -A mapping between local NT users and Kerberos principals must be specified. -You have two choices. First: - -@example -C:> ksetup /mapuser user@@MY.REALM nt_user -@end example - -This will map a user to a specific principal; this allows you to have -other usernames in the realm than in your NT user database. (Don't ask -me why on earth you would want that@enddots{}) - -You can also say: -@example -C:> ksetup /mapuser * * -@end example -The Windows machine will now map any user to the corresponding principal, -for example @samp{nisse} to the principal @samp{nisse@@MY.REALM}. -(This is most likely what you want.) - -@node Inter-Realm keys (trust) between Windows 2000 and a Heimdal KDC, Create account mappings, Configuring Windows 2000 to use a Heimdal KDC, Windows 2000 compatability -@comment node-name, next, precious, up -@section Inter-Realm keys (trust) between Windows 2000 and a Heimdal KDC - -See also the Step-by-Step guide from Microsoft, referenced below. - -Install Windows 2000, and create a new controller (Active Directory -Server) for the domain. - -By default the trust will be non-transitive. This means that only users -directly from the trusted domain may authenticate. This can be changed -to transitive by using the @command{netdom.exe} tool. @command{netdom.exe} -can also be used to add the trust between two realms. - -You need to tell Windows 2000 on what hosts to find the KDCs for the -non-Windows realm with @command{ksetup}, see @xref{Configuring Windows 2000 -to use a Heimdal KDC}. - -This needs to be done on all computers that want enable cross-realm -login with @code{Mapped Names}. @c XXX probably shouldn't be @code - -Then you need to add the inter-realm keys on the Windows KDC@. Start the -Domain Tree Management tool (found in Programs, Administrative tools, -Active Directory Domains and Trusts). - -Right click on Properties of your domain, select the Trust tab. Press -Add on the appropriate trust windows and enter domain name and -password. When prompted if this is a non-Windows Kerberos realm, press -OK. - -Do not forget to add trusts in both directions (if that's what you want). - -If you want to use @command{netdom.exe} instead of the Domain Tree -Management tool, you do it like this: - -@example -netdom trust NT.REALM.EXAMPLE.COM /Domain:EXAMPLE.COM /add /realm /passwordt:TrustPassword -@end example - -You also need to add the inter-realm keys to the Heimdal KDC. Make sure -you have matching encryption types (DES, Arcfour and AES in case of Longhorn) - -Another issue is salting. Since Windows 2000 does not seem to -understand Kerberos 4 salted hashes you might need to turn off anything -similar to the following if you have it, at least while adding the -principals that are going to share keys with Windows 2000. - -@example -[kadmin] - default_keys = v5 v4 -@end example - -So remove v4 from default keys. - -What you probably want to use is this: - -@example -[kadmin] - default_keys = des-cbc-crc:pw-salt arcfour-hmac-md5:pw-salt -@end example - -@c XXX check this -@c It is definitely not supported in base 2003. I haven't been able to -@c get SP1 installed here, but it is supposed to work in that. - -Once that is also done, you can add the required inter-realm keys: - -@example -kadmin add krbtgt/NT.REALM.EXAMPLE.COM@@EXAMPLE.COM -kadmin add krbtgt/REALM.EXAMPLE.COM@@NT.EXAMPLE.COM -@end example - -Use the same passwords for both keys. - -Do not forget to reboot before trying the new realm-trust (after -running @command{ksetup}). It looks like it might work, but packets are -never sent to the non-Windows KDC. - -@node Create account mappings, Encryption types, Inter-Realm keys (trust) between Windows 2000 and a Heimdal KDC, Windows 2000 compatability -@comment node-name, next, precious, up -@section Create account mappings - -Start the @code{Active Directory Users and Computers} tool. Select the -View menu, that is in the left corner just below the real menu (or press -Alt-V), and select Advanced Features. Right click on the user that you -are going to do a name mapping for and choose Name mapping. - -Click on the Kerberos Names tab and add a new principal from the -non-Windows domain. - -@c XXX check entry name then I have network again -This adds @samp{authorizationNames} entry to the users LDAP entry to -the Active Directory LDAP catalog. When you create users by script you -can add this entry instead. - -@node Encryption types, Authorisation data, Create account mappings, Windows 2000 compatability -@comment node-name, next, previous, up -@section Encryption types - -Windows 2000 supports both the standard DES encryptions (@samp{des-cbc-crc} and -@samp{des-cbc-md5}) and its own proprietary encryption that is based on MD4 and -RC4 that is documented in and is supposed to be described in -@file{draft-brezak-win2k-krb-rc4-hmac-03.txt}. New users will get both -MD4 and DES keys. Users that are converted from a NT4 database, will -only have MD4 passwords and will need a password change to get a DES -key. - -@node Authorisation data, Quirks of Windows 2000 KDC, Encryption types, Windows 2000 compatability -@comment node-name, next, previous, up -@section Authorisation data - -The Windows 2000 KDC also adds extra authorisation data in tickets. -It is at this point unclear what triggers it to do this. The format of -this data is only available under a ``secret'' license from Microsoft, -which prohibits you implementing it. - -A simple way of getting hold of the data to be able to understand it -better is described here. - -@enumerate -@item Find the client example on using the SSPI in the SDK documentation. -@item Change ``AuthSamp'' in the source code to lowercase. -@item Build the program. -@item Add the ``authsamp'' principal with a known password to the -database. Make sure it has a DES key. -@item Run @kbd{ktutil add} to add the key for that principal to a -keytab. -@item Run @kbd{appl/test/nt_gss_server -p 2000 -s authsamp -@kbd{--dump-auth}=@var{file}} where @var{file} is an appropriate file. -@item It should authenticate and dump for you the authorisation data in -the file. -@item The tool @kbd{lib/asn1/asn1_print} is somewhat useful for -analysing the data. -@end enumerate - -@node Quirks of Windows 2000 KDC, Useful links when reading about the Windows 2000, Authorisation data, Windows 2000 compatability -@comment node-name, next, previous, up -@section Quirks of Windows 2000 KDC - -There are some issues with salts and Windows 2000. Using an empty salt---which is the only one that Kerberos 4 supported, and is therefore known -as a Kerberos 4 compatible salt---does not work, as far as we can tell -from out experiments and users' reports. Therefore, you have to make -sure you keep around keys with all the different types of salts that are -required. Microsoft have fixed this issue post Windows 2003. - -Microsoft seems also to have forgotten to implement the checksum -algorithms @samp{rsa-md4-des} and @samp{rsa-md5-des}. This can make Name -mapping (@pxref{Create account mappings}) fail if a @samp{des-cbc-md5} key -is used. To make the KDC return only @samp{des-cbc-crc} you must delete -the @samp{des-cbc-md5} key from the kdc using the @kbd{kadmin -del_enctype} command. - -@example -kadmin del_enctype lha des-cbc-md5 -@end example - -You should also add the following entries to the @file{krb5.conf} file: - -@example -[libdefaults] - default_etypes = des-cbc-crc - default_etypes_des = des-cbc-crc -@end example - -These configuration options will make sure that no checksums of the -unsupported types are generated. - -@node Useful links when reading about the Windows 2000, , Quirks of Windows 2000 KDC, Windows 2000 compatability -@comment node-name, next, previous, up -@section Useful links when reading about the Windows 2000 - -See also our paper presented at the 2001 Usenix Annual Technical -Conference, available in the proceedings or at -@uref{http://www.usenix.org/publications/library/proceedings/usenix01/freenix01/westerlund.html}. - -There are lots of texts about Kerberos on Microsoft's web site, here is a -short list of the interesting documents that we have managed to find. - -@itemize @bullet - -@item Step-by-Step Guide to Kerberos 5 (krb5 1.0) Interoperability: -@uref{http://www.microsoft.com/technet/prodtechnol/windows2000serv/howto/kerbstep.mspx}. -Kerberos GSS-API (in Windows-eze SSPI), Windows as a client in a -non-Windows KDC realm, adding unix clients to a Windows 2000 KDC, and -adding cross-realm trust (@pxref{Inter-Realm keys (trust) between Windows 2000 -and a Heimdal KDC}). - -@item Windows 2000 Kerberos Authentication: -@uref{www.microsoft.com/technet/prodtechnol/windows2000serv/deploy/confeat/kerberos.mspx}. -White paper that describes how Kerberos is used in Windows 2000. - -@item Overview of Kerberos: -@uref{http://support.microsoft.com/support/kb/articles/Q248/7/58.ASP}. -Links to useful other links. - -@c @item Klist for Windows: -@c @uref{http://msdn.microsoft.com/library/periodic/period00/security0500.htm}. -@c Describes where to get a klist for Windows 2000. - -@item Event logging for Kerberos: -@uref{http://support.microsoft.com/support/kb/articles/Q262/1/77.ASP}. -Basically it say that you can add a registry key -@code{HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters\LogLevel} -with value DWORD equal to 1, and then you'll get logging in the Event -Logger. - -@c @item Access to the Active Directory through LDAP: -@c @uref{http://msdn.microsoft.com/library/techart/kerberossamp.htm} - -@end itemize - -Other useful programs include these: - -@itemize @bullet -@item pwdump2 -@uref{http://www.bindview.com/Support/RAZOR/Utilities/Windows/pwdump2_readme.cfm}@end itemize diff --git a/crypto/heimdal/etc/Makefile.am b/crypto/heimdal/etc/Makefile.am deleted file mode 100644 index d5675d57a2ed..000000000000 --- a/crypto/heimdal/etc/Makefile.am +++ /dev/null @@ -1,5 +0,0 @@ -# $Id: Makefile.am 20565 2007-04-27 13:52:30Z lha $ - -include $(top_srcdir)/Makefile.am.common - -EXTRA_DIST = services.append diff --git a/crypto/heimdal/etc/Makefile.in b/crypto/heimdal/etc/Makefile.in deleted file mode 100644 index fef8bd2fa2dc..000000000000 --- a/crypto/heimdal/etc/Makefile.in +++ /dev/null @@ -1,658 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 20565 2007-04-27 13:52:30Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = etc -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -EXTRA_DIST = services.append -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps etc/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps etc/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -tags: TAGS -TAGS: - -ctags: CTAGS -CTAGS: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile all-local -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool dist-hook distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/etc/services.append b/crypto/heimdal/etc/services.append deleted file mode 100644 index 2eff2f7a34d9..000000000000 --- a/crypto/heimdal/etc/services.append +++ /dev/null @@ -1,29 +0,0 @@ -# -# $Id: services.append 10452 2001-08-08 15:48:37Z assar $ -# -# Kerberos services -# -kerberos 88/udp kerberos-sec # Kerberos v5 UDP -kerberos 88/tcp kerberos-sec # Kerberos v5 TCP -kpasswd 464/udp # password changing -kpasswd 464/tcp # password changing -klogin 543/tcp # Kerberos authenticated rlogin -kshell 544/tcp krcmd # and remote shell -ekshell 545/tcp # Kerberos encrypted remote shell -kfall -ekshell2 2106/tcp # What U of Colorado @ Boulder uses? -kerberos-adm 749/udp # v5 kadmin -kerberos-adm 749/tcp # v5 kadmin -kerberos-iv 750/udp kdc # Kerberos authentication--udp -kerberos-iv 750/tcp kdc # Kerberos authentication--tcp -kerberos_master 751/udp # v4 kadmin -kerberos_master 751/tcp # v4 kadmin -krb_prop 754/tcp hprop # Kerberos slave propagation -kpop 1109/tcp # Pop with Kerberos -eklogin 2105/tcp # Kerberos encrypted rlogin -rkinit 2108/tcp # Kerberos remote kinit -kf 2110/tcp # forward credentials -kx 2111/tcp # X over kerberos -kip 2112/tcp # IP over kerberos -kauth 2120/tcp # Remote kauth -iprop 2121/tcp # incremental propagation -krb524 4444/udp # MIT 5->4 diff --git a/crypto/heimdal/include/Makefile.am b/crypto/heimdal/include/Makefile.am deleted file mode 100644 index a63c227d44af..000000000000 --- a/crypto/heimdal/include/Makefile.am +++ /dev/null @@ -1,87 +0,0 @@ -# $Id: Makefile.am 22396 2008-01-01 19:35:05Z lha $ - -include $(top_srcdir)/Makefile.am.common - -SUBDIRS = kadm5 hcrypto gssapi - -noinst_PROGRAMS = bits make_crypto -CHECK_LOCAL = no-check-local - -AM_CPPFLAGS += -DHOST=\"$(CANONICAL_HOST)\" - -nodist_include_HEADERS = krb5-types.h -nodist_noinst_HEADERS = crypto-headers.h - -krb5-types.h: bits$(EXEEXT) - ./bits$(EXEEXT) krb5-types.h - -crypto-headers.h: make_crypto$(EXEEXT) - ./make_crypto$(EXEEXT) crypto-headers.h - -CLEANFILES = \ - cms_asn1.h \ - der-protos.h \ - digest_asn1.h \ - hdb-protos.h \ - heim_asn1.h \ - heim_threads.h \ - hex.h \ - hx509-protos.h \ - hx509.h \ - hx509_err.h \ - kx509_asn1.h \ - kx509_err.h \ - k524_err.h \ - kdc-protos.h \ - kdc.h \ - krb5_asn1.h \ - krb5_ccapi.h \ - parse_bytes.h \ - pkcs12_asn1.h \ - pkcs8_asn1.h \ - pkcs9_asn1.h \ - pkinit_asn1.h \ - rfc2459_asn1.h \ - rtbl.h \ - test-mem.h \ - vers.h \ - vis.h \ - asn1.h \ - asn1_err.h \ - base64.h \ - com_err.h \ - com_right.h \ - crypto-headers.h \ - der.h \ - editline.h \ - err.h \ - getarg.h \ - glob.h \ - gssapi.h \ - hdb.h \ - hdb_asn1.h \ - hdb_err.h \ - heim_err.h \ - heimntlm.h \ - heimntlm-protos.h \ - kafs.h \ - krb_err.h \ - krb5-protos.h \ - krb5-private.h \ - krb5-types.h \ - krb5.h \ - krb5_err.h \ - otp.h \ - parse_time.h \ - parse_units.h \ - resolve.h \ - roken-common.h \ - roken.h \ - sl.h \ - windc_plugin.h \ - locate_plugin.h \ - xdbm.h - -DISTCLEANFILES = \ - version.h \ - version.h.in diff --git a/crypto/heimdal/include/Makefile.in b/crypto/heimdal/include/Makefile.in deleted file mode 100644 index 382274419419..000000000000 --- a/crypto/heimdal/include/Makefile.in +++ /dev/null @@ -1,996 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22396 2008-01-01 19:35:05Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(srcdir)/config.h.in $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -noinst_PROGRAMS = bits$(EXEEXT) make_crypto$(EXEEXT) -subdir = include -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = config.h -CONFIG_CLEAN_FILES = -PROGRAMS = $(noinst_PROGRAMS) -bits_SOURCES = bits.c -bits_OBJECTS = bits.$(OBJEXT) -bits_LDADD = $(LDADD) -make_crypto_SOURCES = make_crypto.c -make_crypto_OBJECTS = make_crypto.$(OBJEXT) -make_crypto_LDADD = $(LDADD) -DEFAULT_INCLUDES = -I.@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = bits.c make_crypto.c -DIST_SOURCES = bits.c make_crypto.c -RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ - html-recursive info-recursive install-data-recursive \ - install-dvi-recursive install-exec-recursive \ - install-html-recursive install-info-recursive \ - install-pdf-recursive install-ps-recursive install-recursive \ - installcheck-recursive installdirs-recursive pdf-recursive \ - ps-recursive uninstall-recursive -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(includedir)" -nodist_includeHEADERS_INSTALL = $(INSTALL_HEADER) -HEADERS = $(nodist_include_HEADERS) $(nodist_noinst_HEADERS) -RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ - distclean-recursive maintainer-clean-recursive -ETAGS = etags -CTAGS = ctags -DIST_SUBDIRS = $(SUBDIRS) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - -DHOST=\"$(CANONICAL_HOST)\" -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -SUBDIRS = kadm5 hcrypto gssapi -CHECK_LOCAL = no-check-local -nodist_include_HEADERS = krb5-types.h -nodist_noinst_HEADERS = crypto-headers.h -CLEANFILES = \ - cms_asn1.h \ - der-protos.h \ - digest_asn1.h \ - hdb-protos.h \ - heim_asn1.h \ - heim_threads.h \ - hex.h \ - hx509-protos.h \ - hx509.h \ - hx509_err.h \ - kx509_asn1.h \ - kx509_err.h \ - k524_err.h \ - kdc-protos.h \ - kdc.h \ - krb5_asn1.h \ - krb5_ccapi.h \ - parse_bytes.h \ - pkcs12_asn1.h \ - pkcs8_asn1.h \ - pkcs9_asn1.h \ - pkinit_asn1.h \ - rfc2459_asn1.h \ - rtbl.h \ - test-mem.h \ - vers.h \ - vis.h \ - asn1.h \ - asn1_err.h \ - base64.h \ - com_err.h \ - com_right.h \ - crypto-headers.h \ - der.h \ - editline.h \ - err.h \ - getarg.h \ - glob.h \ - gssapi.h \ - hdb.h \ - hdb_asn1.h \ - hdb_err.h \ - heim_err.h \ - heimntlm.h \ - heimntlm-protos.h \ - kafs.h \ - krb_err.h \ - krb5-protos.h \ - krb5-private.h \ - krb5-types.h \ - krb5.h \ - krb5_err.h \ - otp.h \ - parse_time.h \ - parse_units.h \ - resolve.h \ - roken-common.h \ - roken.h \ - sl.h \ - windc_plugin.h \ - locate_plugin.h \ - xdbm.h - -DISTCLEANFILES = \ - version.h \ - version.h.in - -all: config.h - $(MAKE) $(AM_MAKEFLAGS) all-recursive - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps include/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps include/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -config.h: stamp-h1 - @if test ! -f $@; then \ - rm -f stamp-h1; \ - $(MAKE) $(AM_MAKEFLAGS) stamp-h1; \ - else :; fi - -stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status - @rm -f stamp-h1 - cd $(top_builddir) && $(SHELL) ./config.status include/config.h -$(srcdir)/config.h.in: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_srcdir) && $(AUTOHEADER) - rm -f stamp-h1 - touch $@ - -distclean-hdr: - -rm -f config.h stamp-h1 - -clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -bits$(EXEEXT): $(bits_OBJECTS) $(bits_DEPENDENCIES) - @rm -f bits$(EXEEXT) - $(LINK) $(bits_OBJECTS) $(bits_LDADD) $(LIBS) -make_crypto$(EXEEXT): $(make_crypto_OBJECTS) $(make_crypto_DEPENDENCIES) - @rm -f make_crypto$(EXEEXT) - $(LINK) $(make_crypto_OBJECTS) $(make_crypto_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-nodist_includeHEADERS: $(nodist_include_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(nodist_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(nodist_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ - done - -uninstall-nodist_includeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done - -# This directory's subdirectories are mostly independent; you can cd -# into them and run `make' without going through this Makefile. -# To change the values of `make' variables: instead of editing Makefiles, -# (1) if the variable is set in `config.status', edit `config.status' -# (which will cause the Makefiles to be regenerated when you run `make'); -# (2) otherwise, pass the desired values on the `make' command line. -$(RECURSIVE_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - target=`echo $@ | sed s/-recursive//`; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - dot_seen=yes; \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done; \ - if test "$$dot_seen" = "no"; then \ - $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ - fi; test -z "$$fail" - -$(RECURSIVE_CLEAN_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - case "$@" in \ - distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ - *) list='$(SUBDIRS)' ;; \ - esac; \ - rev=''; for subdir in $$list; do \ - if test "$$subdir" = "."; then :; else \ - rev="$$subdir $$rev"; \ - fi; \ - done; \ - rev="$$rev ."; \ - target=`echo $@ | sed s/-recursive//`; \ - for subdir in $$rev; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done && test -z "$$fail" -tags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ - done -ctags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: tags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ - include_option=--etags-include; \ - empty_fix=.; \ - else \ - include_option=--include; \ - empty_fix=; \ - fi; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test ! -f $$subdir/TAGS || \ - tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ - fi; \ - done; \ - list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: ctags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test -d "$(distdir)/$$subdir" \ - || $(MKDIR_P) "$(distdir)/$$subdir" \ - || exit 1; \ - distdir=`$(am__cd) $(distdir) && pwd`; \ - top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ - (cd $$subdir && \ - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$$top_distdir" \ - distdir="$$distdir/$$subdir" \ - am__remove_distdir=: \ - am__skip_length_check=: \ - distdir) \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-recursive -all-am: Makefile $(PROGRAMS) $(HEADERS) config.h all-local -installdirs: installdirs-recursive -installdirs-am: - for dir in "$(DESTDIR)$(includedir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-recursive -install-exec: install-exec-recursive -install-data: install-data-recursive -uninstall: uninstall-recursive - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-recursive -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test -z "$(DISTCLEANFILES)" || rm -f $(DISTCLEANFILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-recursive - -clean-am: clean-generic clean-libtool clean-noinstPROGRAMS \ - mostlyclean-am - -distclean: distclean-recursive - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-hdr distclean-tags - -dvi: dvi-recursive - -dvi-am: - -html: html-recursive - -info: info-recursive - -info-am: - -install-data-am: install-nodist_includeHEADERS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-recursive - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-recursive - -install-info: install-info-recursive - -install-man: - -install-pdf: install-pdf-recursive - -install-ps: install-ps-recursive - -installcheck-am: - -maintainer-clean: maintainer-clean-recursive - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-recursive - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-recursive - -pdf-am: - -ps: ps-recursive - -ps-am: - -uninstall-am: uninstall-nodist_includeHEADERS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ - install-data-am install-exec-am install-strip uninstall-am - -.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ - all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool clean-noinstPROGRAMS ctags \ - ctags-recursive dist-hook distclean distclean-compile \ - distclean-generic distclean-hdr distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am \ - install-data-hook install-dvi install-dvi-am install-exec \ - install-exec-am install-exec-hook install-html install-html-am \ - install-info install-info-am install-man \ - install-nodist_includeHEADERS install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs installdirs-am maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags tags-recursive uninstall uninstall-am uninstall-hook \ - uninstall-nodist_includeHEADERS - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -krb5-types.h: bits$(EXEEXT) - ./bits$(EXEEXT) krb5-types.h - -crypto-headers.h: make_crypto$(EXEEXT) - ./make_crypto$(EXEEXT) crypto-headers.h -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/include/bits.c b/crypto/heimdal/include/bits.c deleted file mode 100644 index 3fdaee420bfd..000000000000 --- a/crypto/heimdal/include/bits.c +++ /dev/null @@ -1,240 +0,0 @@ -/* - * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: bits.c 18703 2006-10-20 20:33:58Z lha $"); -#endif -#include -#include -#include -#include - -#define BITSIZE(TYPE) \ -{ \ - int b = 0; TYPE x = 1, zero = 0; const char *pre = "u"; \ - char tmp[128], tmp2[128]; \ - while(x){ x <<= 1; b++; if(x < zero) pre=""; } \ - if(b >= len){ \ - int tabs; \ - sprintf(tmp, "%sint%d_t" , pre, len); \ - sprintf(tmp2, "typedef %s %s;", #TYPE, tmp); \ - tabs = 5 - strlen(tmp2) / 8; \ - fprintf(f, "%s", tmp2); \ - while(tabs-- > 0) fprintf(f, "\t"); \ - fprintf(f, "/* %2d bits */\n", b); \ - return; \ - } \ -} - -#ifndef HAVE___ATTRIBUTE__ -#define __attribute__(x) -#endif - -static void -try_signed(FILE *f, int len) __attribute__ ((unused)); - -static void -try_unsigned(FILE *f, int len) __attribute__ ((unused)); - -static int -print_bt(FILE *f, int flag) __attribute__ ((unused)); - -static void -try_signed(FILE *f, int len) -{ - BITSIZE(signed char); - BITSIZE(short); - BITSIZE(int); - BITSIZE(long); -#ifdef HAVE_LONG_LONG - BITSIZE(long long); -#endif - fprintf(f, "/* There is no %d bit type */\n", len); -} - -static void -try_unsigned(FILE *f, int len) -{ - BITSIZE(unsigned char); - BITSIZE(unsigned short); - BITSIZE(unsigned int); - BITSIZE(unsigned long); -#ifdef HAVE_LONG_LONG - BITSIZE(unsigned long long); -#endif - fprintf(f, "/* There is no %d bit type */\n", len); -} - -static int -print_bt(FILE *f, int flag) -{ - if(flag == 0){ - fprintf(f, "/* For compatibility with various type definitions */\n"); - fprintf(f, "#ifndef __BIT_TYPES_DEFINED__\n"); - fprintf(f, "#define __BIT_TYPES_DEFINED__\n"); - fprintf(f, "\n"); - } - return 1; -} - -int main(int argc, char **argv) -{ - FILE *f; - int flag; - const char *fn, *hb; - - if (argc > 1 && strcmp(argv[1], "--version") == 0) { - printf("some version"); - return 0; - } - - if(argc < 2){ - fn = "bits.h"; - hb = "__BITS_H__"; - f = stdout; - } else { - char *p; - fn = argv[1]; - p = malloc(strlen(fn) + 5); - sprintf(p, "__%s__", fn); - hb = p; - for(; *p; p++){ - if(!isalnum((unsigned char)*p)) - *p = '_'; - } - f = fopen(argv[1], "w"); - } - fprintf(f, "/* %s -- this file was generated for %s by\n", fn, HOST); - fprintf(f, " %*s %s */\n\n", (int)strlen(fn), "", - "$Id: bits.c 18703 2006-10-20 20:33:58Z lha $"); - fprintf(f, "#ifndef %s\n", hb); - fprintf(f, "#define %s\n", hb); - fprintf(f, "\n"); -#ifdef HAVE_INTTYPES_H - fprintf(f, "#include \n"); -#endif -#ifdef HAVE_SYS_TYPES_H - fprintf(f, "#include \n"); -#endif -#ifdef HAVE_SYS_BITYPES_H - fprintf(f, "#include \n"); -#endif -#ifdef HAVE_BIND_BITYPES_H - fprintf(f, "#include \n"); -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H - fprintf(f, "#include \n"); -#endif -#ifdef HAVE_SOCKLEN_T - fprintf(f, "#include \n"); -#endif - fprintf(f, "\n"); - - flag = 0; -#ifndef HAVE_INT8_T - flag = print_bt(f, flag); - try_signed (f, 8); -#endif /* HAVE_INT8_T */ -#ifndef HAVE_INT16_T - flag = print_bt(f, flag); - try_signed (f, 16); -#endif /* HAVE_INT16_T */ -#ifndef HAVE_INT32_T - flag = print_bt(f, flag); - try_signed (f, 32); -#endif /* HAVE_INT32_T */ -#ifndef HAVE_INT64_T - flag = print_bt(f, flag); - try_signed (f, 64); -#endif /* HAVE_INT64_T */ - -#ifndef HAVE_UINT8_T - flag = print_bt(f, flag); - try_unsigned (f, 8); -#endif /* HAVE_UINT8_T */ -#ifndef HAVE_UINT16_T - flag = print_bt(f, flag); - try_unsigned (f, 16); -#endif /* HAVE_UINT16_T */ -#ifndef HAVE_UINT32_T - flag = print_bt(f, flag); - try_unsigned (f, 32); -#endif /* HAVE_UINT32_T */ -#ifndef HAVE_UINT64_T - flag = print_bt(f, flag); - try_unsigned (f, 64); -#endif /* HAVE_UINT64_T */ - -#define X(S) fprintf(f, "typedef uint" #S "_t u_int" #S "_t;\n") -#ifndef HAVE_U_INT8_T - flag = print_bt(f, flag); - X(8); -#endif /* HAVE_U_INT8_T */ -#ifndef HAVE_U_INT16_T - flag = print_bt(f, flag); - X(16); -#endif /* HAVE_U_INT16_T */ -#ifndef HAVE_U_INT32_T - flag = print_bt(f, flag); - X(32); -#endif /* HAVE_U_INT32_T */ -#ifndef HAVE_U_INT64_T - flag = print_bt(f, flag); - X(64); -#endif /* HAVE_U_INT64_T */ - - if(flag){ - fprintf(f, "\n"); - fprintf(f, "#endif /* __BIT_TYPES_DEFINED__ */\n\n"); - } -#ifdef KRB5 - fprintf(f, "\n"); -#if defined(HAVE_SOCKLEN_T) - fprintf(f, "typedef socklen_t krb5_socklen_t;\n"); -#else - fprintf(f, "typedef int krb5_socklen_t;\n"); -#endif -#if defined(HAVE_SSIZE_T) -#ifdef HAVE_UNISTD_H - fprintf(f, "#include \n"); -#endif - fprintf(f, "typedef ssize_t krb5_ssize_t;\n"); -#else - fprintf(f, "typedef int krb5_ssize_t;\n"); -#endif - fprintf(f, "\n"); -#endif /* KRB5 */ - fprintf(f, "#endif /* %s */\n", hb); - return 0; -} diff --git a/crypto/heimdal/include/config.h.in b/crypto/heimdal/include/config.h.in deleted file mode 100644 index 50cf5b19001d..000000000000 --- a/crypto/heimdal/include/config.h.in +++ /dev/null @@ -1,1472 +0,0 @@ -/* include/config.h.in. Generated from configure.in by autoheader. */ - -#ifndef RCSID -#define RCSID(msg) \ -static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg } -#endif - -/* Maximum values on all known systems */ -#define MaxHostNameLen (64+4) -#define MaxPathLen (1024+4) - - - -#ifdef BUILD_KRB5_LIB -#ifndef KRB5_LIB_FUNCTION -#ifdef _WIN32_ -#define KRB5_LIB_FUNCTION _export _stdcall -#else -#define KRB5_LIB_FUNCTION -#endif -#endif -#endif - - -#ifdef BUILD_ROKEN_LIB -#ifndef ROKEN_LIB_FUNCTION -#ifdef _WIN32_ -#define ROKEN_LIB_FUNCTION _export _stdcall -#else -#define ROKEN_LIB_FUNCTION -#endif -#endif -#endif - - -/* Define if you want authentication support in telnet. */ -#undef AUTHENTICATION - -/* path to bin */ -#undef BINDIR - -/* Define if realloc(NULL) doesn't work. */ -#undef BROKEN_REALLOC - -/* Define if you want support for DCE/DFS PAG's. */ -#undef DCE - -/* Define if you want to use DES encryption in telnet. */ -#undef DES_ENCRYPTION - -/* Define this to enable diagnostics in telnet. */ -#undef DIAGNOSTICS - -/* Define if want to use the weak AFS string to key functions. */ -#undef ENABLE_AFS_STRING_TO_KEY - -/* Define if you want have a thread safe libraries */ -#undef ENABLE_PTHREAD_SUPPORT - -/* Define if you want encryption support in telnet. */ -#undef ENCRYPTION - -/* define if sys/param.h defines the endiness */ -#undef ENDIANESS_IN_SYS_PARAM_H - -/* Define this if you want support for broken ENV_{VAR,VAL} telnets. */ -#undef ENV_HACK - -/* define if prototype of gethostbyaddr is compatible with struct hostent - *gethostbyaddr(const void *, size_t, int) */ -#undef GETHOSTBYADDR_PROTO_COMPATIBLE - -/* define if prototype of gethostbyname is compatible with struct hostent - *gethostbyname(const char *) */ -#undef GETHOSTBYNAME_PROTO_COMPATIBLE - -/* define if prototype of getservbyname is compatible with struct servent - *getservbyname(const char *, const char *) */ -#undef GETSERVBYNAME_PROTO_COMPATIBLE - -/* define if prototype of getsockname is compatible with int getsockname(int, - struct sockaddr*, socklen_t*) */ -#undef GETSOCKNAME_PROTO_COMPATIBLE - -/* Define if you have the `altzone' variable. */ -#undef HAVE_ALTZONE - -/* Define to 1 if you have the `arc4random' function. */ -#undef HAVE_ARC4RANDOM - -/* Define to 1 if you have the header file. */ -#undef HAVE_ARPA_FTP_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_ARPA_INET_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_ARPA_NAMESER_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_ARPA_TELNET_H - -/* Define to 1 if you have the `asnprintf' function. */ -#undef HAVE_ASNPRINTF - -/* Define to 1 if you have the `asprintf' function. */ -#undef HAVE_ASPRINTF - -/* Define to 1 if you have the `atexit' function. */ -#undef HAVE_ATEXIT - -/* Define to 1 if you have the header file. */ -#undef HAVE_BIND_BITYPES_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_BSDSETJMP_H - -/* Define to 1 if you have the `bswap16' function. */ -#undef HAVE_BSWAP16 - -/* Define to 1 if you have the `bswap32' function. */ -#undef HAVE_BSWAP32 - -/* Define to 1 if you have the header file. */ -#undef HAVE_CAPABILITY_H - -/* Define to 1 if you have the `cap_set_proc' function. */ -#undef HAVE_CAP_SET_PROC - -/* Define to 1 if you have the `cgetent' function. */ -#undef HAVE_CGETENT - -/* Define if you have the function `chown'. */ -#undef HAVE_CHOWN - -/* Define if you have the function `closefrom'. */ -#undef HAVE_CLOSEFROM - -/* Define to 1 if you have the header file. */ -#undef HAVE_CONFIG_H - -/* Define if you have the function `copyhostent'. */ -#undef HAVE_COPYHOSTENT - -/* Define to 1 if you have the `crypt' function. */ -#undef HAVE_CRYPT - -/* Define to 1 if you have the header file. */ -#undef HAVE_CRYPT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_CURSES_H - -/* Define if you have the function `daemon'. */ -#undef HAVE_DAEMON - -/* define if you have a berkeley db1/2 library */ -#undef HAVE_DB1 - -/* define if you have a berkeley db3/4 library */ -#undef HAVE_DB3 - -/* Define to 1 if you have the header file. */ -#undef HAVE_DB3_DB_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_DB4_DB_H - -/* Define to 1 if you have the `dbm_firstkey' function. */ -#undef HAVE_DBM_FIRSTKEY - -/* Define to 1 if you have the header file. */ -#undef HAVE_DBM_H - -/* Define to 1 if you have the `dbopen' function. */ -#undef HAVE_DBOPEN - -/* Define to 1 if you have the header file. */ -#undef HAVE_DB_185_H - -/* Define to 1 if you have the `db_create' function. */ -#undef HAVE_DB_CREATE - -/* Define to 1 if you have the header file. */ -#undef HAVE_DB_H - -/* define if you have ndbm compat in db */ -#undef HAVE_DB_NDBM - -/* Define to 1 if you have the declaration of `altzone', and to 0 if you - don't. */ -#undef HAVE_DECL_ALTZONE - -/* Define to 1 if you have the declaration of `environ', and to 0 if you - don't. */ -#undef HAVE_DECL_ENVIRON - -/* Define to 1 if you have the declaration of `h_errlist', and to 0 if you - don't. */ -#undef HAVE_DECL_H_ERRLIST - -/* Define to 1 if you have the declaration of `h_errno', and to 0 if you - don't. */ -#undef HAVE_DECL_H_ERRNO - -/* Define to 1 if you have the declaration of `h_nerr', and to 0 if you don't. - */ -#undef HAVE_DECL_H_NERR - -/* Define to 1 if you have the declaration of `optarg', and to 0 if you don't. - */ -#undef HAVE_DECL_OPTARG - -/* Define to 1 if you have the declaration of `opterr', and to 0 if you don't. - */ -#undef HAVE_DECL_OPTERR - -/* Define to 1 if you have the declaration of `optind', and to 0 if you don't. - */ -#undef HAVE_DECL_OPTIND - -/* Define to 1 if you have the declaration of `optopt', and to 0 if you don't. - */ -#undef HAVE_DECL_OPTOPT - -/* Define to 1 if you have the declaration of `timezone', and to 0 if you - don't. */ -#undef HAVE_DECL_TIMEZONE - -/* Define to 1 if you have the declaration of `_res', and to 0 if you don't. - */ -#undef HAVE_DECL__RES - -/* Define to 1 if you have the declaration of `__progname', and to 0 if you - don't. */ -#undef HAVE_DECL___PROGNAME - -/* Define to 1 if you have the header file. */ -#undef HAVE_DIRENT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_DLFCN_H - -/* Define to 1 if you have the `dlopen' function. */ -#undef HAVE_DLOPEN - -/* Define to 1 if you have the `dn_expand' function. */ -#undef HAVE_DN_EXPAND - -/* Define to 1 if you have the `door_create' function. */ -#undef HAVE_DOOR_CREATE - -/* Define if you have the function `ecalloc'. */ -#undef HAVE_ECALLOC - -/* Define to 1 if you have the `el_init' function. */ -#undef HAVE_EL_INIT - -/* Define if you have the function `emalloc'. */ -#undef HAVE_EMALLOC - -/* Define if you have the function `erealloc'. */ -#undef HAVE_EREALLOC - -/* Define if you have the function `err'. */ -#undef HAVE_ERR - -/* Define to 1 if you have the header file. */ -#undef HAVE_ERRNO_H - -/* Define if you have the function `errx'. */ -#undef HAVE_ERRX - -/* Define to 1 if you have the header file. */ -#undef HAVE_ERR_H - -/* Define if you have the function `estrdup'. */ -#undef HAVE_ESTRDUP - -/* Define if you have the function `fchown'. */ -#undef HAVE_FCHOWN - -/* Define to 1 if you have the `fcntl' function. */ -#undef HAVE_FCNTL - -/* Define to 1 if you have the header file. */ -#undef HAVE_FCNTL_H - -/* Define if you have the function `flock'. */ -#undef HAVE_FLOCK - -/* Define if you have the function `fnmatch'. */ -#undef HAVE_FNMATCH - -/* Define to 1 if you have the header file. */ -#undef HAVE_FNMATCH_H - -/* Define if el_init takes four arguments. */ -#undef HAVE_FOUR_VALUED_EL_INIT - -/* Have -framework Security */ -#undef HAVE_FRAMEWORK_SECURITY - -/* Define to 1 if you have the `freeaddrinfo' function. */ -#undef HAVE_FREEADDRINFO - -/* Define if you have the function `freehostent'. */ -#undef HAVE_FREEHOSTENT - -/* Define to 1 if you have the `gai_strerror' function. */ -#undef HAVE_GAI_STRERROR - -/* Define to 1 if you have the header file. */ -#undef HAVE_GDBM_NDBM_H - -/* Define to 1 if you have the `getaddrinfo' function. */ -#undef HAVE_GETADDRINFO - -/* Define to 1 if you have the `getconfattr' function. */ -#undef HAVE_GETCONFATTR - -/* Define if you have the function `getcwd'. */ -#undef HAVE_GETCWD - -/* Define if you have the function `getdtablesize'. */ -#undef HAVE_GETDTABLESIZE - -/* Define if you have the function `getegid'. */ -#undef HAVE_GETEGID - -/* Define if you have the function `geteuid'. */ -#undef HAVE_GETEUID - -/* Define if you have the function `getgid'. */ -#undef HAVE_GETGID - -/* Define to 1 if you have the `gethostbyname' function. */ -#undef HAVE_GETHOSTBYNAME - -/* Define to 1 if you have the `gethostbyname2' function. */ -#undef HAVE_GETHOSTBYNAME2 - -/* Define if you have the function `gethostname'. */ -#undef HAVE_GETHOSTNAME - -/* Define if you have the function `getifaddrs'. */ -#undef HAVE_GETIFADDRS - -/* Define if you have the function `getipnodebyaddr'. */ -#undef HAVE_GETIPNODEBYADDR - -/* Define if you have the function `getipnodebyname'. */ -#undef HAVE_GETIPNODEBYNAME - -/* Define to 1 if you have the `getlogin' function. */ -#undef HAVE_GETLOGIN - -/* Define if you have a working getmsg. */ -#undef HAVE_GETMSG - -/* Define to 1 if you have the `getnameinfo' function. */ -#undef HAVE_GETNAMEINFO - -/* Define if you have the function `getopt'. */ -#undef HAVE_GETOPT - -/* Define to 1 if you have the `getpagesize' function. */ -#undef HAVE_GETPAGESIZE - -/* Define to 1 if you have the `getpeereid' function. */ -#undef HAVE_GETPEEREID - -/* Define to 1 if you have the `getpeerucred' function. */ -#undef HAVE_GETPEERUCRED - -/* Define to 1 if you have the `getprogname' function. */ -#undef HAVE_GETPROGNAME - -/* Define to 1 if you have the `getpwnam_r' function. */ -#undef HAVE_GETPWNAM_R - -/* Define to 1 if you have the `getrlimit' function. */ -#undef HAVE_GETRLIMIT - -/* Define to 1 if you have the `getsockopt' function. */ -#undef HAVE_GETSOCKOPT - -/* Define to 1 if you have the `getspnam' function. */ -#undef HAVE_GETSPNAM - -/* Define if you have the function `gettimeofday'. */ -#undef HAVE_GETTIMEOFDAY - -/* Define to 1 if you have the `getudbnam' function. */ -#undef HAVE_GETUDBNAM - -/* Define if you have the function `getuid'. */ -#undef HAVE_GETUID - -/* Define if you have the function `getusershell'. */ -#undef HAVE_GETUSERSHELL - -/* define if you have a glob() that groks GLOB_BRACE, GLOB_NOCHECK, - GLOB_QUOTE, GLOB_TILDE, and GLOB_LIMIT */ -#undef HAVE_GLOB - -/* Define to 1 if you have the `grantpt' function. */ -#undef HAVE_GRANTPT - -/* Define to 1 if you have the header file. */ -#undef HAVE_GRP_H - -/* Define to 1 if you have the `hstrerror' function. */ -#undef HAVE_HSTRERROR - -/* Define if you have the `h_errlist' variable. */ -#undef HAVE_H_ERRLIST - -/* Define if you have the `h_errno' variable. */ -#undef HAVE_H_ERRNO - -/* Define if you have the `h_nerr' variable. */ -#undef HAVE_H_NERR - -/* Define to 1 if you have the header file. */ -#undef HAVE_IFADDRS_H - -/* Define if you have the in6addr_loopback variable */ -#undef HAVE_IN6ADDR_LOOPBACK - -/* define */ -#undef HAVE_INET_ATON - -/* define */ -#undef HAVE_INET_NTOP - -/* define */ -#undef HAVE_INET_PTON - -/* Define if you have the function `initgroups'. */ -#undef HAVE_INITGROUPS - -/* Define to 1 if you have the `initstate' function. */ -#undef HAVE_INITSTATE - -/* Define if you have the function `innetgr'. */ -#undef HAVE_INNETGR - -/* Define to 1 if the system has the type `int16_t'. */ -#undef HAVE_INT16_T - -/* Define to 1 if the system has the type `int32_t'. */ -#undef HAVE_INT32_T - -/* Define to 1 if the system has the type `int64_t'. */ -#undef HAVE_INT64_T - -/* Define to 1 if the system has the type `int8_t'. */ -#undef HAVE_INT8_T - -/* Define to 1 if you have the header file. */ -#undef HAVE_INTTYPES_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_IO_H - -/* Define if you have IPv6. */ -#undef HAVE_IPV6 - -/* Define if you have the function `iruserok'. */ -#undef HAVE_IRUSEROK - -/* Define to 1 if you have the `issetugid' function. */ -#undef HAVE_ISSETUGID - -/* Define if you want to use the Kerberos Credentials Manager. */ -#undef HAVE_KCM - -/* Define to 1 if you have the header file. */ -#undef HAVE_LIBUTIL_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_LIMITS_H - -/* Define to 1 if you have the `loadquery' function. */ -#undef HAVE_LOADQUERY - -/* Define if you have the function `localtime_r'. */ -#undef HAVE_LOCALTIME_R - -/* Define to 1 if you have the `logout' function. */ -#undef HAVE_LOGOUT - -/* Define to 1 if you have the `logwtmp' function. */ -#undef HAVE_LOGWTMP - -/* Define to 1 if the system has the type `long long'. */ -#undef HAVE_LONG_LONG - -/* Define if you have the function `lstat'. */ -#undef HAVE_LSTAT - -/* Define to 1 if you have the header file. */ -#undef HAVE_MAILLOCK_H - -/* Define if you have the function `memmove'. */ -#undef HAVE_MEMMOVE - -/* Define to 1 if you have the header file. */ -#undef HAVE_MEMORY_H - -/* Define if you have the function `mkstemp'. */ -#undef HAVE_MKSTEMP - -/* Define to 1 if you have the `mktime' function. */ -#undef HAVE_MKTIME - -/* Define to 1 if you have a working `mmap' system call. */ -#undef HAVE_MMAP - -/* define if you have a ndbm library */ -#undef HAVE_NDBM - -/* Define to 1 if you have the header file. */ -#undef HAVE_NDBM_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_NETDB_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_NETGROUP_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_NETINET6_IN6_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_NETINET6_IN6_VAR_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_NETINET_IN6_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_NETINET_IN6_MACHTYPES_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_NETINET_IN_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_NETINET_IN_SYSTM_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_NETINET_IP_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_NETINET_TCP_H - -/* Define if you want to use Netinfo instead of krb5.conf. */ -#undef HAVE_NETINFO - -/* Define to 1 if you have the header file. */ -#undef HAVE_NETINFO_NI_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_NET_IF_H - -/* Define if NDBM really is DB (creates files *.db) */ -#undef HAVE_NEW_DB - -/* Define to 1 if you have the `on_exit' function. */ -#undef HAVE_ON_EXIT - -/* Define to 1 if you have the `openpty' function. */ -#undef HAVE_OPENPTY - -/* define to use openssl's libcrypto */ -#undef HAVE_OPENSSL - -/* Define to enable basic OSF C2 support. */ -#undef HAVE_OSFC2 - -/* Define to 1 if you have the header file. */ -#undef HAVE_PATHS_H - -/* Define to 1 if you have the `pidfile' function. */ -#undef HAVE_PIDFILE - -/* Define to 1 if you have the `poll' function. */ -#undef HAVE_POLL - -/* Define to 1 if you have the header file. */ -#undef HAVE_POLL_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_PTHREAD_H - -/* Define to 1 if you have the `ptsname' function. */ -#undef HAVE_PTSNAME - -/* Define to 1 if you have the header file. */ -#undef HAVE_PTY_H - -/* Define if you have the function `putenv'. */ -#undef HAVE_PUTENV - -/* Define to 1 if you have the header file. */ -#undef HAVE_PWD_H - -/* Define to 1 if you have the `rand' function. */ -#undef HAVE_RAND - -/* Define to 1 if you have the `random' function. */ -#undef HAVE_RANDOM - -/* Define if you have the function `rcmd'. */ -#undef HAVE_RCMD - -/* Define if you have a readline compatible library. */ -#undef HAVE_READLINE - -/* Define if you have the function `readv'. */ -#undef HAVE_READV - -/* Define if you have the function `recvmsg'. */ -#undef HAVE_RECVMSG - -/* Define to 1 if you have the header file. */ -#undef HAVE_RESOLV_H - -/* Define to 1 if you have the `res_ndestroy' function. */ -#undef HAVE_RES_NDESTROY - -/* Define to 1 if you have the `res_nsearch' function. */ -#undef HAVE_RES_NSEARCH - -/* Define to 1 if you have the `res_search' function. */ -#undef HAVE_RES_SEARCH - -/* Define to 1 if you have the `revoke' function. */ -#undef HAVE_REVOKE - -/* Define to 1 if you have the header file. */ -#undef HAVE_RPCSVC_YPCLNT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SAC_H - -/* Define to 1 if the system has the type `sa_family_t'. */ -#undef HAVE_SA_FAMILY_T - -/* Define to 1 if you have the header file. */ -#undef HAVE_SECURITY_PAM_MODULES_H - -/* Define to 1 if you have the `select' function. */ -#undef HAVE_SELECT - -/* Define if you have the function `sendmsg'. */ -#undef HAVE_SENDMSG - -/* Define if you have the function `setegid'. */ -#undef HAVE_SETEGID - -/* Define if you have the function `setenv'. */ -#undef HAVE_SETENV - -/* Define if you have the function `seteuid'. */ -#undef HAVE_SETEUID - -/* Define to 1 if you have the `setitimer' function. */ -#undef HAVE_SETITIMER - -/* Define to 1 if you have the `setlim' function. */ -#undef HAVE_SETLIM - -/* Define to 1 if you have the `setlogin' function. */ -#undef HAVE_SETLOGIN - -/* Define to 1 if you have the `setpcred' function. */ -#undef HAVE_SETPCRED - -/* Define to 1 if you have the `setpgid' function. */ -#undef HAVE_SETPGID - -/* Define to 1 if you have the `setproctitle' function. */ -#undef HAVE_SETPROCTITLE - -/* Define to 1 if you have the `setprogname' function. */ -#undef HAVE_SETPROGNAME - -/* Define to 1 if you have the `setregid' function. */ -#undef HAVE_SETREGID - -/* Define to 1 if you have the `setresgid' function. */ -#undef HAVE_SETRESGID - -/* Define to 1 if you have the `setresuid' function. */ -#undef HAVE_SETRESUID - -/* Define to 1 if you have the `setreuid' function. */ -#undef HAVE_SETREUID - -/* Define to 1 if you have the `setsid' function. */ -#undef HAVE_SETSID - -/* Define to 1 if you have the `setsockopt' function. */ -#undef HAVE_SETSOCKOPT - -/* Define to 1 if you have the `setstate' function. */ -#undef HAVE_SETSTATE - -/* Define to 1 if you have the `setutent' function. */ -#undef HAVE_SETUTENT - -/* Define to 1 if you have the `sgi_getcapabilitybyname' function. */ -#undef HAVE_SGI_GETCAPABILITYBYNAME - -/* Define to 1 if you have the header file. */ -#undef HAVE_SGTTY_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SHADOW_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SIAD_H - -/* Define to 1 if you have the `sigaction' function. */ -#undef HAVE_SIGACTION - -/* Define to 1 if you have the header file. */ -#undef HAVE_SIGNAL_H - -/* define if you have a working snprintf */ -#undef HAVE_SNPRINTF - -/* Define to 1 if you have the `socket' function. */ -#undef HAVE_SOCKET - -/* Define to 1 if the system has the type `socklen_t'. */ -#undef HAVE_SOCKLEN_T - -/* Define to 1 if the system has the type `ssize_t'. */ -#undef HAVE_SSIZE_T - -/* Define to 1 if you have the header file. */ -#undef HAVE_STANDARDS_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_STDINT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_STDLIB_H - -/* Define if you have the function `strcasecmp'. */ -#undef HAVE_STRCASECMP - -/* Define if you have the function `strdup'. */ -#undef HAVE_STRDUP - -/* Define if you have the function `strerror'. */ -#undef HAVE_STRERROR - -/* Define if you have the function `strftime'. */ -#undef HAVE_STRFTIME - -/* Define to 1 if you have the header file. */ -#undef HAVE_STRINGS_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_STRING_H - -/* Define if you have the function `strlcat'. */ -#undef HAVE_STRLCAT - -/* Define if you have the function `strlcpy'. */ -#undef HAVE_STRLCPY - -/* Define if you have the function `strlwr'. */ -#undef HAVE_STRLWR - -/* Define if you have the function `strncasecmp'. */ -#undef HAVE_STRNCASECMP - -/* Define if you have the function `strndup'. */ -#undef HAVE_STRNDUP - -/* Define if you have the function `strnlen'. */ -#undef HAVE_STRNLEN - -/* Define to 1 if you have the header file. */ -#undef HAVE_STROPTS_H - -/* Define if you have the function `strptime'. */ -#undef HAVE_STRPTIME - -/* Define if you have the function `strsep'. */ -#undef HAVE_STRSEP - -/* Define if you have the function `strsep_copy'. */ -#undef HAVE_STRSEP_COPY - -/* Define to 1 if you have the `strstr' function. */ -#undef HAVE_STRSTR - -/* Define to 1 if you have the `strsvis' function. */ -#undef HAVE_STRSVIS - -/* Define if you have the function `strtok_r'. */ -#undef HAVE_STRTOK_R - -/* Define to 1 if the system has the type `struct addrinfo'. */ -#undef HAVE_STRUCT_ADDRINFO - -/* Define to 1 if the system has the type `struct ifaddrs'. */ -#undef HAVE_STRUCT_IFADDRS - -/* Define to 1 if the system has the type `struct iovec'. */ -#undef HAVE_STRUCT_IOVEC - -/* Define to 1 if the system has the type `struct msghdr'. */ -#undef HAVE_STRUCT_MSGHDR - -/* Define to 1 if the system has the type `struct sockaddr'. */ -#undef HAVE_STRUCT_SOCKADDR - -/* Define if struct sockaddr has field sa_len. */ -#undef HAVE_STRUCT_SOCKADDR_SA_LEN - -/* Define to 1 if the system has the type `struct sockaddr_storage'. */ -#undef HAVE_STRUCT_SOCKADDR_STORAGE - -/* define if you have struct spwd */ -#undef HAVE_STRUCT_SPWD - -/* Define if struct tm has field tm_gmtoff. */ -#undef HAVE_STRUCT_TM_TM_GMTOFF - -/* Define if struct tm has field tm_zone. */ -#undef HAVE_STRUCT_TM_TM_ZONE - -/* Define if struct utmpx has field ut_exit. */ -#undef HAVE_STRUCT_UTMPX_UT_EXIT - -/* Define if struct utmpx has field ut_syslen. */ -#undef HAVE_STRUCT_UTMPX_UT_SYSLEN - -/* Define if struct utmp has field ut_addr. */ -#undef HAVE_STRUCT_UTMP_UT_ADDR - -/* Define if struct utmp has field ut_host. */ -#undef HAVE_STRUCT_UTMP_UT_HOST - -/* Define if struct utmp has field ut_id. */ -#undef HAVE_STRUCT_UTMP_UT_ID - -/* Define if struct utmp has field ut_pid. */ -#undef HAVE_STRUCT_UTMP_UT_PID - -/* Define if struct utmp has field ut_type. */ -#undef HAVE_STRUCT_UTMP_UT_TYPE - -/* Define if struct utmp has field ut_user. */ -#undef HAVE_STRUCT_UTMP_UT_USER - -/* define if struct winsize is declared in sys/termios.h */ -#undef HAVE_STRUCT_WINSIZE - -/* Define to 1 if you have the `strunvis' function. */ -#undef HAVE_STRUNVIS - -/* Define if you have the function `strupr'. */ -#undef HAVE_STRUPR - -/* Define to 1 if you have the `strvis' function. */ -#undef HAVE_STRVIS - -/* Define to 1 if you have the `strvisx' function. */ -#undef HAVE_STRVISX - -/* Define to 1 if you have the `svis' function. */ -#undef HAVE_SVIS - -/* Define if you have the function `swab'. */ -#undef HAVE_SWAB - -/* Define to 1 if you have the `sysconf' function. */ -#undef HAVE_SYSCONF - -/* Define to 1 if you have the `sysctl' function. */ -#undef HAVE_SYSCTL - -/* Define to 1 if you have the `syslog' function. */ -#undef HAVE_SYSLOG - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYSLOG_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_BITYPES_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_BSWAP_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_CAPABILITY_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_CATEGORY_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_FILE_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_FILIO_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_IOCCOM_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_IOCTL_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_MMAN_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_PARAM_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_PROC_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_PTYIO_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_PTYVAR_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_PTY_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_RESOURCE_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_SELECT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_SOCKET_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_SOCKIO_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_STAT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_STREAM_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_STROPTS_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_STRTTY_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_STR_TTY_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_SYSCALL_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_SYSCTL_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_TERMIO_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_TIMEB_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_TIMES_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_TIME_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_TTY_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_TYPES_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_UCRED_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_UIO_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_UN_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_UTSNAME_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_SYS_WAIT_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_TERMCAP_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_TERMIOS_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_TERMIO_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_TERM_H - -/* Define to 1 if you have the `tgetent' function. */ -#undef HAVE_TGETENT - -/* Define if you have the function `timegm'. */ -#undef HAVE_TIMEGM - -/* Define if you have the `timezone' variable. */ -#undef HAVE_TIMEZONE - -/* Define to 1 if you have the header file. */ -#undef HAVE_TIME_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_TMPDIR_H - -/* Define to 1 if you have the `ttyname' function. */ -#undef HAVE_TTYNAME - -/* Define to 1 if you have the `ttyslot' function. */ -#undef HAVE_TTYSLOT - -/* Define to 1 if you have the header file. */ -#undef HAVE_UDB_H - -/* Define to 1 if the system has the type `uint16_t'. */ -#undef HAVE_UINT16_T - -/* Define to 1 if the system has the type `uint32_t'. */ -#undef HAVE_UINT32_T - -/* Define to 1 if the system has the type `uint64_t'. */ -#undef HAVE_UINT64_T - -/* Define to 1 if the system has the type `uint8_t'. */ -#undef HAVE_UINT8_T - -/* Define to 1 if the system has the type `uintptr_t'. */ -#undef HAVE_UINTPTR_T - -/* Define to 1 if you have the `umask' function. */ -#undef HAVE_UMASK - -/* Define to 1 if you have the `uname' function. */ -#undef HAVE_UNAME - -/* Define to 1 if you have the header file. */ -#undef HAVE_UNISTD_H - -/* Define to 1 if you have the `unlockpt' function. */ -#undef HAVE_UNLOCKPT - -/* Define if you have the function `unsetenv'. */ -#undef HAVE_UNSETENV - -/* Define to 1 if you have the `unvis' function. */ -#undef HAVE_UNVIS - -/* Define to 1 if you have the header file. */ -#undef HAVE_USERCONF_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_USERSEC_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_UTIL_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_UTMPX_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_UTMP_H - -/* Define to 1 if the system has the type `u_int16_t'. */ -#undef HAVE_U_INT16_T - -/* Define to 1 if the system has the type `u_int32_t'. */ -#undef HAVE_U_INT32_T - -/* Define to 1 if the system has the type `u_int64_t'. */ -#undef HAVE_U_INT64_T - -/* Define to 1 if the system has the type `u_int8_t'. */ -#undef HAVE_U_INT8_T - -/* Define to 1 if you have the `vasnprintf' function. */ -#undef HAVE_VASNPRINTF - -/* Define to 1 if you have the `vasprintf' function. */ -#undef HAVE_VASPRINTF - -/* Define if you have the function `verr'. */ -#undef HAVE_VERR - -/* Define if you have the function `verrx'. */ -#undef HAVE_VERRX - -/* Define to 1 if you have the `vhangup' function. */ -#undef HAVE_VHANGUP - -/* Define to 1 if you have the `vis' function. */ -#undef HAVE_VIS - -/* Define to 1 if you have the header file. */ -#undef HAVE_VIS_H - -/* define if you have a working vsnprintf */ -#undef HAVE_VSNPRINTF - -/* Define if you have the function `vsyslog'. */ -#undef HAVE_VSYSLOG - -/* Define if you have the function `vwarn'. */ -#undef HAVE_VWARN - -/* Define if you have the function `vwarnx'. */ -#undef HAVE_VWARNX - -/* Define if you have the function `warn'. */ -#undef HAVE_WARN - -/* Define if you have the function `warnx'. */ -#undef HAVE_WARNX - -/* Define if you have the function `writev'. */ -#undef HAVE_WRITEV - -/* define if struct winsize has ws_xpixel */ -#undef HAVE_WS_XPIXEL - -/* define if struct winsize has ws_ypixel */ -#undef HAVE_WS_YPIXEL - -/* Define to 1 if you have the `XauFileName' function. */ -#undef HAVE_XAUFILENAME - -/* Define to 1 if you have the `XauReadAuth' function. */ -#undef HAVE_XAUREADAUTH - -/* Define to 1 if you have the `XauWriteAuth' function. */ -#undef HAVE_XAUWRITEAUTH - -/* Define to 1 if you have the `yp_get_default_domain' function. */ -#undef HAVE_YP_GET_DEFAULT_DOMAIN - -/* Define to 1 if you have the `_getpty' function. */ -#undef HAVE__GETPTY - -/* Define if you have the `_res' variable. */ -#undef HAVE__RES - -/* Define to 1 if you have the `_scrsize' function. */ -#undef HAVE__SCRSIZE - -/* define if your compiler has __attribute__ */ -#undef HAVE___ATTRIBUTE__ - -/* Define if you have the `__progname' variable. */ -#undef HAVE___PROGNAME - -/* Define if you have the hesiod package. */ -#undef HESIOD - -/* Define if you are running IRIX 4. */ -#undef IRIX4 - -/* Enable Kerberos 5 support in applications. */ -#undef KRB5 - -/* path to lib */ -#undef LIBDIR - -/* path to libexec */ -#undef LIBEXECDIR - -/* path to localstate */ -#undef LOCALSTATEDIR - -/* define if the system is missing a prototype for asnprintf() */ -#undef NEED_ASNPRINTF_PROTO - -/* define if the system is missing a prototype for asprintf() */ -#undef NEED_ASPRINTF_PROTO - -/* define if the system is missing a prototype for crypt() */ -#undef NEED_CRYPT_PROTO - -/* define if the system is missing a prototype for daemon() */ -#undef NEED_DAEMON_PROTO - -/* define if the system is missing a prototype for gethostname() */ -#undef NEED_GETHOSTNAME_PROTO - -/* define if the system is missing a prototype for getusershell() */ -#undef NEED_GETUSERSHELL_PROTO - -/* define if the system is missing a prototype for glob() */ -#undef NEED_GLOB_PROTO - -/* define if the system is missing a prototype for hstrerror() */ -#undef NEED_HSTRERROR_PROTO - -/* define if the system is missing a prototype for inet_aton() */ -#undef NEED_INET_ATON_PROTO - -/* define if the system is missing a prototype for iruserok() */ -#undef NEED_IRUSEROK_PROTO - -/* define if the system is missing a prototype for mkstemp() */ -#undef NEED_MKSTEMP_PROTO - -/* define if the system is missing a prototype for SecKeyGetCSPHandle() */ -#undef NEED_SECKEYGETCSPHANDLE_PROTO - -/* define if the system is missing a prototype for setenv() */ -#undef NEED_SETENV_PROTO - -/* define if the system is missing a prototype for snprintf() */ -#undef NEED_SNPRINTF_PROTO - -/* define if the system is missing a prototype for strndup() */ -#undef NEED_STRNDUP_PROTO - -/* define if the system is missing a prototype for strsep() */ -#undef NEED_STRSEP_PROTO - -/* define if the system is missing a prototype for strsvis() */ -#undef NEED_STRSVIS_PROTO - -/* define if the system is missing a prototype for strtok_r() */ -#undef NEED_STRTOK_R_PROTO - -/* define if the system is missing a prototype for strunvis() */ -#undef NEED_STRUNVIS_PROTO - -/* define if the system is missing a prototype for strvisx() */ -#undef NEED_STRVISX_PROTO - -/* define if the system is missing a prototype for strvis() */ -#undef NEED_STRVIS_PROTO - -/* define if the system is missing a prototype for svis() */ -#undef NEED_SVIS_PROTO - -/* define if the system is missing a prototype for unsetenv() */ -#undef NEED_UNSETENV_PROTO - -/* define if the system is missing a prototype for unvis() */ -#undef NEED_UNVIS_PROTO - -/* define if the system is missing a prototype for vasnprintf() */ -#undef NEED_VASNPRINTF_PROTO - -/* define if the system is missing a prototype for vasprintf() */ -#undef NEED_VASPRINTF_PROTO - -/* define if the system is missing a prototype for vis() */ -#undef NEED_VIS_PROTO - -/* define if the system is missing a prototype for vsnprintf() */ -#undef NEED_VSNPRINTF_PROTO - -/* Define if you don't wan't support for AFS. */ -#undef NO_AFS - -/* Define to 1 if your C compiler doesn't accept -c and -o together. */ -#undef NO_MINUS_C_MINUS_O - -/* Define if you don't want to use mmap. */ -#undef NO_MMAP - -/* Define this to enable old environment option in telnet. */ -#undef OLD_ENVIRON - -/* Define if you have the openldap package. */ -#undef OPENLDAP - -/* Define if you want support for hdb ldap module */ -#undef OPENLDAP_MODULE - -/* define if prototype of openlog is compatible with void openlog(const char - *, int, int) */ -#undef OPENLOG_PROTO_COMPATIBLE - -/* Define if you want OTP support in applications. */ -#undef OTP - -/* Name of package */ -#undef PACKAGE - -/* Define to the address where bug reports for this package should be sent. */ -#undef PACKAGE_BUGREPORT - -/* Define to the full name of this package. */ -#undef PACKAGE_NAME - -/* Define to the full name and version of this package. */ -#undef PACKAGE_STRING - -/* Define to the one symbol short name of this package. */ -#undef PACKAGE_TARNAME - -/* Define to the version of this package. */ -#undef PACKAGE_VERSION - -/* Define to enable PKINIT. */ -#undef PKINIT - -/* Define if getlogin has POSIX flavour (and not BSD). */ -#undef POSIX_GETLOGIN - -/* Define if getpwnam_r has POSIX flavour. */ -#undef POSIX_GETPWNAM_R - -/* Define if you have the readline package. */ -#undef READLINE - -/* Define as the return type of signal handlers (`int' or `void'). */ -#undef RETSIGTYPE - -/* path to sbin */ -#undef SBINDIR - -/* Define if you want to use samba socket wrappers. */ -#undef SOCKET_WRAPPER_REPLACE - -/* Define to 1 if you have the ANSI C header files. */ -#undef STDC_HEADERS - -/* Define if you have streams ptys. */ -#undef STREAMSPTY - -/* path to sysconf */ -#undef SYSCONFDIR - -/* Define to what version of SunOS you are running. */ -#undef SunOS - -/* Define to 1 if you can safely include both and . */ -#undef TIME_WITH_SYS_TIME - -/* Define to 1 if your declares `struct tm'. */ -#undef TM_IN_SYS_TIME - -/* Version number of package */ -#undef VERSION - -/* Define if signal handlers return void. */ -#undef VOID_RETSIGTYPE - -/* define if target is big endian */ -#undef WORDS_BIGENDIAN - -/* Define to 1 if the X Window System is missing or not being used. */ -#undef X_DISPLAY_MISSING - -/* Define to 1 if `lex' declares `yytext' as a `char *' by default, not a - `char[]'. */ -#undef YYTEXT_POINTER - -/* Number of bits in a file offset, on hosts where this is settable. */ -#undef _FILE_OFFSET_BITS - -/* Define to enable extensions on glibc-based systems such as Linux. */ -#undef _GNU_SOURCE - -/* Define for large files, on AIX-style hosts. */ -#undef _LARGE_FILES - -/* Define to empty if `const' does not conform to ANSI C. */ -#undef const - -/* Define to `int' if doesn't define. */ -#undef gid_t - -/* Define to `__inline__' or `__inline' if that's what the C compiler - calls it, or to nothing if 'inline' is not supported under any name. */ -#ifndef __cplusplus -#undef inline -#endif - -/* Define this to what the type mode_t should be. */ -#undef mode_t - -/* Define to `long int' if does not define. */ -#undef off_t - -/* Define to `int' if does not define. */ -#undef pid_t - -/* Define this to what the type sig_atomic_t should be. */ -#undef sig_atomic_t - -/* Define to `unsigned int' if does not define. */ -#undef size_t - -/* Define to `int' if doesn't define. */ -#undef uid_t - -#ifdef ROKEN_RENAME -#include "roken_rename.h" -#endif - -#ifdef VOID_RETSIGTYPE -#define SIGRETURN(x) return -#else -#define SIGRETURN(x) return (RETSIGTYPE)(x) -#endif - -#ifdef BROKEN_REALLOC -#define realloc(X, Y) rk_realloc((X), (Y)) -#endif - - -#if ENDIANESS_IN_SYS_PARAM_H -# include -# include -# if BYTE_ORDER == BIG_ENDIAN -# define WORDS_BIGENDIAN 1 -# endif -#endif - - -#if _AIX -#define _ALL_SOURCE -/* XXX this is gross, but kills about a gazillion warnings */ -struct ether_addr; -struct sockaddr; -struct sockaddr_dl; -struct sockaddr_in; -#endif - - -/* IRIX 4 braindamage */ -#if IRIX == 4 && !defined(__STDC__) -#define __STDC__ 0 -#endif - - - -#if defined(ENCRYPTION) && !defined(AUTHENTICATION) -#define AUTHENTICATION 1 -#endif - -/* Set this to the default system lead string for telnetd - * can contain %-escapes: %s=sysname, %m=machine, %r=os-release - * %v=os-version, %t=tty, %h=hostname, %d=date and time - */ -#undef USE_IM - -/* Used with login -p */ -#undef LOGIN_ARGS - -/* set this to a sensible login */ -#ifndef LOGIN_PATH -#define LOGIN_PATH BINDIR "/login" -#endif - diff --git a/crypto/heimdal/include/gssapi/Makefile.am b/crypto/heimdal/include/gssapi/Makefile.am deleted file mode 100644 index 717339557418..000000000000 --- a/crypto/heimdal/include/gssapi/Makefile.am +++ /dev/null @@ -1,6 +0,0 @@ -# $Id: Makefile.am 18701 2006-10-20 20:32:01Z lha $ - -include $(top_srcdir)/Makefile.am.common - -CLEANFILES = gssapi.h gssapi_krb5.h gssapi_spnego.h - diff --git a/crypto/heimdal/include/gssapi/Makefile.in b/crypto/heimdal/include/gssapi/Makefile.in deleted file mode 100644 index 0aef05ddffe6..000000000000 --- a/crypto/heimdal/include/gssapi/Makefile.in +++ /dev/null @@ -1,659 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 18701 2006-10-20 20:32:01Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = include/gssapi -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -CLEANFILES = gssapi.h gssapi_krb5.h gssapi_spnego.h -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps include/gssapi/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps include/gssapi/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -tags: TAGS -TAGS: - -ctags: CTAGS -CTAGS: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile all-local -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool dist-hook distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/include/hcrypto/Makefile.am b/crypto/heimdal/include/hcrypto/Makefile.am deleted file mode 100644 index c5299a387cad..000000000000 --- a/crypto/heimdal/include/hcrypto/Makefile.am +++ /dev/null @@ -1,23 +0,0 @@ -# $Id: Makefile.am 16553 2006-01-13 13:43:32Z lha $ - -include $(top_srcdir)/Makefile.am.common - -CLEANFILES = \ - aes.h \ - bn.h \ - des.h \ - dh.h \ - dsa.h \ - engine.h \ - evp.h \ - hmac.h \ - md2.h \ - md4.h \ - md5.h \ - pkcs12.h \ - rand.h \ - rc2.h \ - rc4.h \ - rsa.h \ - sha.h \ - ui.h diff --git a/crypto/heimdal/include/hcrypto/Makefile.in b/crypto/heimdal/include/hcrypto/Makefile.in deleted file mode 100644 index 9896a2ad03f2..000000000000 --- a/crypto/heimdal/include/hcrypto/Makefile.in +++ /dev/null @@ -1,678 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 16553 2006-01-13 13:43:32Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = include/hcrypto -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -CLEANFILES = \ - aes.h \ - bn.h \ - des.h \ - dh.h \ - dsa.h \ - engine.h \ - evp.h \ - hmac.h \ - md2.h \ - md4.h \ - md5.h \ - pkcs12.h \ - rand.h \ - rc2.h \ - rc4.h \ - rsa.h \ - sha.h \ - ui.h - -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps include/hcrypto/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps include/hcrypto/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -tags: TAGS -TAGS: - -ctags: CTAGS -CTAGS: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile all-local -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool dist-hook distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/include/kadm5/Makefile.am b/crypto/heimdal/include/kadm5/Makefile.am deleted file mode 100644 index 6ccf564d30c2..000000000000 --- a/crypto/heimdal/include/kadm5/Makefile.am +++ /dev/null @@ -1,5 +0,0 @@ -# $Id: Makefile.am 18696 2006-10-20 20:25:13Z lha $ - -include $(top_srcdir)/Makefile.am.common - -CLEANFILES = admin.h kadm5_err.h private.h kadm5-private.h kadm5-protos.h diff --git a/crypto/heimdal/include/kadm5/Makefile.in b/crypto/heimdal/include/kadm5/Makefile.in deleted file mode 100644 index a553ab99d0c1..000000000000 --- a/crypto/heimdal/include/kadm5/Makefile.in +++ /dev/null @@ -1,659 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 18696 2006-10-20 20:25:13Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = include/kadm5 -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -CLEANFILES = admin.h kadm5_err.h private.h kadm5-private.h kadm5-protos.h -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps include/kadm5/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps include/kadm5/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -tags: TAGS -TAGS: - -ctags: CTAGS -CTAGS: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile all-local -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool dist-hook distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/include/make_crypto.c b/crypto/heimdal/include/make_crypto.c deleted file mode 100644 index 2df17a555e88..000000000000 --- a/crypto/heimdal/include/make_crypto.c +++ /dev/null @@ -1,111 +0,0 @@ -/* - * Copyright (c) 2002 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: make_crypto.c 19477 2006-12-20 19:51:53Z lha $"); -#endif -#include -#include -#include -#include - -int -main(int argc, char **argv) -{ - char *p; - FILE *f; - if(argc != 2) { - fprintf(stderr, "Usage: make_crypto file\n"); - exit(1); - } - if (strcmp(argv[1], "--version") == 0) { - printf("some version"); - return 0; - } - f = fopen(argv[1], "w"); - if(f == NULL) { - perror(argv[1]); - exit(1); - } - for(p = argv[1]; *p; p++) - if(!isalnum((unsigned char)*p)) - *p = '_'; - fprintf(f, "#ifndef __%s__\n", argv[1]); - fprintf(f, "#define __%s__\n", argv[1]); -#ifdef HAVE_OPENSSL - fputs("#ifndef OPENSSL_DES_LIBDES_COMPATIBILITY\n", f); - fputs("#define OPENSSL_DES_LIBDES_COMPATIBILITY\n", f); - fputs("#endif\n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#ifndef BN_is_negative\n", f); - fputs("#define BN_set_negative(bn, flag) ((bn)->neg=(flag)?1:0)\n", f); - fputs("#define BN_is_negative(bn) ((bn)->neg != 0)\n", f); - fputs("#endif\n", f); -#else - fputs("#ifdef KRB5\n", f); - fputs("#include \n", f); - fputs("#endif\n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); - fputs("#include \n", f); -#endif - fprintf(f, "#endif /* __%s__ */\n", argv[1]); - fclose(f); - exit(0); -} diff --git a/crypto/heimdal/install-sh b/crypto/heimdal/install-sh deleted file mode 100755 index 4fbbae7b7ff9..000000000000 --- a/crypto/heimdal/install-sh +++ /dev/null @@ -1,507 +0,0 @@ -#!/bin/sh -# install - install a program, script, or datafile - -scriptversion=2006-10-14.15 - -# This originates from X11R5 (mit/util/scripts/install.sh), which was -# later released in X11R6 (xc/config/util/install.sh) with the -# following copyright and license. -# -# Copyright (C) 1994 X Consortium -# -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to -# deal in the Software without restriction, including without limitation the -# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or -# sell copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -# X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN -# AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC- -# TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -# -# Except as contained in this notice, the name of the X Consortium shall not -# be used in advertising or otherwise to promote the sale, use or other deal- -# ings in this Software without prior written authorization from the X Consor- -# tium. -# -# -# FSF changes to this file are in the public domain. -# -# Calling this script install-sh is preferred over install.sh, to prevent -# `make' implicit rules from creating a file called install from it -# when there is no Makefile. -# -# This script is compatible with the BSD install script, but was written -# from scratch. - -nl=' -' -IFS=" "" $nl" - -# set DOITPROG to echo to test this script - -# Don't use :- since 4.3BSD and earlier shells don't like it. -doit="${DOITPROG-}" -if test -z "$doit"; then - doit_exec=exec -else - doit_exec=$doit -fi - -# Put in absolute file names if you don't have them in your path; -# or use environment vars. - -mvprog="${MVPROG-mv}" -cpprog="${CPPROG-cp}" -chmodprog="${CHMODPROG-chmod}" -chownprog="${CHOWNPROG-chown}" -chgrpprog="${CHGRPPROG-chgrp}" -stripprog="${STRIPPROG-strip}" -rmprog="${RMPROG-rm}" -mkdirprog="${MKDIRPROG-mkdir}" - -posix_glob= -posix_mkdir= - -# Desired mode of installed file. -mode=0755 - -chmodcmd=$chmodprog -chowncmd= -chgrpcmd= -stripcmd= -rmcmd="$rmprog -f" -mvcmd="$mvprog" -src= -dst= -dir_arg= -dstarg= -no_target_directory= - -usage="Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE - or: $0 [OPTION]... SRCFILES... DIRECTORY - or: $0 [OPTION]... -t DIRECTORY SRCFILES... - or: $0 [OPTION]... -d DIRECTORIES... - -In the 1st form, copy SRCFILE to DSTFILE. -In the 2nd and 3rd, copy all SRCFILES to DIRECTORY. -In the 4th, create DIRECTORIES. - -Options: --c (ignored) --d create directories instead of installing files. --g GROUP $chgrpprog installed files to GROUP. --m MODE $chmodprog installed files to MODE. --o USER $chownprog installed files to USER. --s $stripprog installed files. --t DIRECTORY install into DIRECTORY. --T report an error if DSTFILE is a directory. ---help display this help and exit. ---version display version info and exit. - -Environment variables override the default commands: - CHGRPPROG CHMODPROG CHOWNPROG CPPROG MKDIRPROG MVPROG RMPROG STRIPPROG -" - -while test $# -ne 0; do - case $1 in - -c) shift - continue;; - - -d) dir_arg=true - shift - continue;; - - -g) chgrpcmd="$chgrpprog $2" - shift - shift - continue;; - - --help) echo "$usage"; exit $?;; - - -m) mode=$2 - shift - shift - case $mode in - *' '* | *' '* | *' -'* | *'*'* | *'?'* | *'['*) - echo "$0: invalid mode: $mode" >&2 - exit 1;; - esac - continue;; - - -o) chowncmd="$chownprog $2" - shift - shift - continue;; - - -s) stripcmd=$stripprog - shift - continue;; - - -t) dstarg=$2 - shift - shift - continue;; - - -T) no_target_directory=true - shift - continue;; - - --version) echo "$0 $scriptversion"; exit $?;; - - --) shift - break;; - - -*) echo "$0: invalid option: $1" >&2 - exit 1;; - - *) break;; - esac -done - -if test $# -ne 0 && test -z "$dir_arg$dstarg"; then - # When -d is used, all remaining arguments are directories to create. - # When -t is used, the destination is already specified. - # Otherwise, the last argument is the destination. Remove it from $@. - for arg - do - if test -n "$dstarg"; then - # $@ is not empty: it contains at least $arg. - set fnord "$@" "$dstarg" - shift # fnord - fi - shift # arg - dstarg=$arg - done -fi - -if test $# -eq 0; then - if test -z "$dir_arg"; then - echo "$0: no input file specified." >&2 - exit 1 - fi - # It's OK to call `install-sh -d' without argument. - # This can happen when creating conditional directories. - exit 0 -fi - -if test -z "$dir_arg"; then - trap '(exit $?); exit' 1 2 13 15 - - # Set umask so as not to create temps with too-generous modes. - # However, 'strip' requires both read and write access to temps. - case $mode in - # Optimize common cases. - *644) cp_umask=133;; - *755) cp_umask=22;; - - *[0-7]) - if test -z "$stripcmd"; then - u_plus_rw= - else - u_plus_rw='% 200' - fi - cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;; - *) - if test -z "$stripcmd"; then - u_plus_rw= - else - u_plus_rw=,u+rw - fi - cp_umask=$mode$u_plus_rw;; - esac -fi - -for src -do - # Protect names starting with `-'. - case $src in - -*) src=./$src ;; - esac - - if test -n "$dir_arg"; then - dst=$src - dstdir=$dst - test -d "$dstdir" - dstdir_status=$? - else - - # Waiting for this to be detected by the "$cpprog $src $dsttmp" command - # might cause directories to be created, which would be especially bad - # if $src (and thus $dsttmp) contains '*'. - if test ! -f "$src" && test ! -d "$src"; then - echo "$0: $src does not exist." >&2 - exit 1 - fi - - if test -z "$dstarg"; then - echo "$0: no destination specified." >&2 - exit 1 - fi - - dst=$dstarg - # Protect names starting with `-'. - case $dst in - -*) dst=./$dst ;; - esac - - # If destination is a directory, append the input filename; won't work - # if double slashes aren't ignored. - if test -d "$dst"; then - if test -n "$no_target_directory"; then - echo "$0: $dstarg: Is a directory" >&2 - exit 1 - fi - dstdir=$dst - dst=$dstdir/`basename "$src"` - dstdir_status=0 - else - # Prefer dirname, but fall back on a substitute if dirname fails. - dstdir=` - (dirname "$dst") 2>/dev/null || - expr X"$dst" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$dst" : 'X\(//\)[^/]' \| \ - X"$dst" : 'X\(//\)$' \| \ - X"$dst" : 'X\(/\)' \| . 2>/dev/null || - echo X"$dst" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q' - ` - - test -d "$dstdir" - dstdir_status=$? - fi - fi - - obsolete_mkdir_used=false - - if test $dstdir_status != 0; then - case $posix_mkdir in - '') - # Create intermediate dirs using mode 755 as modified by the umask. - # This is like FreeBSD 'install' as of 1997-10-28. - umask=`umask` - case $stripcmd.$umask in - # Optimize common cases. - *[2367][2367]) mkdir_umask=$umask;; - .*0[02][02] | .[02][02] | .[02]) mkdir_umask=22;; - - *[0-7]) - mkdir_umask=`expr $umask + 22 \ - - $umask % 100 % 40 + $umask % 20 \ - - $umask % 10 % 4 + $umask % 2 - `;; - *) mkdir_umask=$umask,go-w;; - esac - - # With -d, create the new directory with the user-specified mode. - # Otherwise, rely on $mkdir_umask. - if test -n "$dir_arg"; then - mkdir_mode=-m$mode - else - mkdir_mode= - fi - - posix_mkdir=false - case $umask in - *[123567][0-7][0-7]) - # POSIX mkdir -p sets u+wx bits regardless of umask, which - # is incompatible with FreeBSD 'install' when (umask & 300) != 0. - ;; - *) - tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$ - trap 'ret=$?; rmdir "$tmpdir/d" "$tmpdir" 2>/dev/null; exit $ret' 0 - - if (umask $mkdir_umask && - exec $mkdirprog $mkdir_mode -p -- "$tmpdir/d") >/dev/null 2>&1 - then - if test -z "$dir_arg" || { - # Check for POSIX incompatibilities with -m. - # HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or - # other-writeable bit of parent directory when it shouldn't. - # FreeBSD 6.1 mkdir -m -p sets mode of existing directory. - ls_ld_tmpdir=`ls -ld "$tmpdir"` - case $ls_ld_tmpdir in - d????-?r-*) different_mode=700;; - d????-?--*) different_mode=755;; - *) false;; - esac && - $mkdirprog -m$different_mode -p -- "$tmpdir" && { - ls_ld_tmpdir_1=`ls -ld "$tmpdir"` - test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1" - } - } - then posix_mkdir=: - fi - rmdir "$tmpdir/d" "$tmpdir" - else - # Remove any dirs left behind by ancient mkdir implementations. - rmdir ./$mkdir_mode ./-p ./-- 2>/dev/null - fi - trap '' 0;; - esac;; - esac - - if - $posix_mkdir && ( - umask $mkdir_umask && - $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir" - ) - then : - else - - # The umask is ridiculous, or mkdir does not conform to POSIX, - # or it failed possibly due to a race condition. Create the - # directory the slow way, step by step, checking for races as we go. - - case $dstdir in - /*) prefix=/ ;; - -*) prefix=./ ;; - *) prefix= ;; - esac - - case $posix_glob in - '') - if (set -f) 2>/dev/null; then - posix_glob=true - else - posix_glob=false - fi ;; - esac - - oIFS=$IFS - IFS=/ - $posix_glob && set -f - set fnord $dstdir - shift - $posix_glob && set +f - IFS=$oIFS - - prefixes= - - for d - do - test -z "$d" && continue - - prefix=$prefix$d - if test -d "$prefix"; then - prefixes= - else - if $posix_mkdir; then - (umask=$mkdir_umask && - $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break - # Don't fail if two instances are running concurrently. - test -d "$prefix" || exit 1 - else - case $prefix in - *\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;; - *) qprefix=$prefix;; - esac - prefixes="$prefixes '$qprefix'" - fi - fi - prefix=$prefix/ - done - - if test -n "$prefixes"; then - # Don't fail if two instances are running concurrently. - (umask $mkdir_umask && - eval "\$doit_exec \$mkdirprog $prefixes") || - test -d "$dstdir" || exit 1 - obsolete_mkdir_used=true - fi - fi - fi - - if test -n "$dir_arg"; then - { test -z "$chowncmd" || $doit $chowncmd "$dst"; } && - { test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } && - { test "$obsolete_mkdir_used$chowncmd$chgrpcmd" = false || - test -z "$chmodcmd" || $doit $chmodcmd $mode "$dst"; } || exit 1 - else - - # Make a couple of temp file names in the proper directory. - dsttmp=$dstdir/_inst.$$_ - rmtmp=$dstdir/_rm.$$_ - - # Trap to clean up those temp files at exit. - trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0 - - # Copy the file name to the temp name. - (umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") && - - # and set any options; do chmod last to preserve setuid bits. - # - # If any of these fail, we abort the whole thing. If we want to - # ignore errors from any of these, just make sure not to ignore - # errors from the above "$doit $cpprog $src $dsttmp" command. - # - { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } \ - && { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } \ - && { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } \ - && { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } && - - # Now rename the file to the real destination. - { $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null \ - || { - # The rename failed, perhaps because mv can't rename something else - # to itself, or perhaps because mv is so ancient that it does not - # support -f. - - # Now remove or move aside any old file at destination location. - # We try this two ways since rm can't unlink itself on some - # systems and the destination file might be busy for other - # reasons. In this case, the final cleanup might fail but the new - # file should still install successfully. - { - if test -f "$dst"; then - $doit $rmcmd -f "$dst" 2>/dev/null \ - || { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null \ - && { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; }; }\ - || { - echo "$0: cannot unlink or rename $dst" >&2 - (exit 1); exit 1 - } - else - : - fi - } && - - # Now rename the file to the real destination. - $doit $mvcmd "$dsttmp" "$dst" - } - } || exit 1 - - trap '' 0 - fi -done - -# Local variables: -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "scriptversion=" -# time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-end: "$" -# End: diff --git a/crypto/heimdal/kadmin/ChangeLog b/crypto/heimdal/kadmin/ChangeLog deleted file mode 100644 index ef1d458127fe..000000000000 --- a/crypto/heimdal/kadmin/ChangeLog +++ /dev/null @@ -1,1044 +0,0 @@ -2007-12-09 Love Hörnquist Åstrand - - * kadmin.c: Use hdb_db_dir(). - - * kadmind.c: Use hdb_db_dir(). - -2007-07-26 Love Hörnquist Åstrand - - * util.c: Clear error string, just to be sure. - -2007-05-10 Love Hörnquist Åstrand - - * kadmin-commands.in: modify --pkinit-acl - - * mod.c: add pk-init command - -2007-02-22 Love Hörnquist Åstrand - - * kadmin.8: document kadmin add_enctype functionallity. - - * Makefile.am: Add new command, add_enctype. - - * kadmin-commands.in: Add new command, add_enctype. - - * add_enctype.c: Add support for adding a random key enctype to a - principal. - -2007-02-17 Love Hörnquist Åstrand - - * mod.c: add setting and displaying aliases - - * get.c: add setting and displaying aliases - - * kadmin-commands.in: add setting and displaying aliases - -2006-12-22 Love Hörnquist Åstrand - - * util.c: Make str2time_t parser more robust. - - * Makefile.am: Add test_util test program. - - * test_util.c: Test str2time_t parser. - -2006-12-05 Love Hörnquist Åstrand - - * add-random-users.c: Use strcspn to remove \n from fgets - result. Prompted by change by Ray Lai of OpenBSD via Björn - Sandell. - -2006-10-22 Love Hörnquist Åstrand - - * mod.c: Try to not leak memory. - - * check.c: Try to not leak memory. - -2006-10-07 Love Hörnquist Åstrand - - * Makefile.am: split build files into dist_ and noinst_ SOURCES - -2006-08-28 Love Hörnquist Åstrand - - * kadmin.c (help): use sl_slc_help(). - -2006-08-24 Love Hörnquist Åstrand - - * util.c: Add KRB5_KDB_ALLOW_DIGEST - -2006-07-14 Love Hörnquist Åstrand - - * get.c (format_field): optionally print issuer and anchor. - -2006-06-21 Love Hörnquist Åstrand - - * check.c: Check if afs@REALM and afs/cellname@REALM both exists. - -2006-06-14 Love Hörnquist Åstrand - - * util.c (kdb_attrs): Add KRB5_KDB_ALLOW_KERBEROS4 - -2006-06-07 Love Hörnquist Åstrand - - * mod.c (do_mod_entry): Add setting 1 delegation entry - -2006-06-01 Love Hörnquist Åstrand - - * server.c: Less shadowing. - -2006-05-13 Love Hörnquist Åstrand - - * Makefile.am: kadmin_SOURCES += add check.c - - * kadmin_locl.h: Avoid shadowing. - - * kadmin.8: Document the new check command. - - * kadmin-commands.in: Add check command - - * check.c: Check database for strange configurations on default - principals. - -2006-05-08 Love Hörnquist Åstrand - - * server.c (kadm_get_privs): one less "pointer targets in passing - argument differ in signedness" warning. - -2006-05-05 Love Hörnquist Åstrand - - * dump-format.txt: Moved to info documentation. - - * Rename u_intXX_t to uintXX_t - -2006-05-01 Love Hörnquist Åstrand - - * kadmin.8: spelling, update .Dd - -2006-04-12 Love Hörnquist Åstrand - - * add-random-users.c: Catch empty file case. From Tobias - Stoeckmann. - -2006-04-07 Love Hörnquist Åstrand - - * random_password.c (generate_password): memory leak in error - condition case From Coverity NetBSD CID#1887 - -2006-02-19 Love Hörnquist Åstrand - - * cpw.c (cpw_entry): make sure ret have a defined value - - * del.c (del_entry): make sure ret have a defined value - - * mod.c: Return error code so that toplevel function can catch - them. - -2006-01-25 Love Hörnquist Åstrand - - * cpw.c (cpw_entry): return 1 on failure. - - * rename.c (rename_entry): return 1 on failure. - - * del.c (del_entry): return 1 on failure. - - * ank.c (add_new_key): return 1 on failure. - - * get.c: Add printing of pkinit-acls. Don't print password by - default. Return 1 on failure processing any of the principals. - - * util.c (foreach_principal): If any of calls to `func' failes, - the first error is returned when all principals are processed. - -2005-12-01 Love Hörnquist Åstrand - - * kadmin-commands.in: Add ank as an alias to add, it lost in - transition to slc, from Måns Nilsson. - -2005-09-14 Love Hörquist Åstrand - - * dump-format.txt: Add extensions, fill in missing fields. - -2005-09-08 Love Hörquist Åstrand - - * init.c (create_random_entry): create principal with random - password even though its disabled. From Andrew Bartlet - - -2005-09-01 Love Hörquist Åstrand - - * kadm_conn.c: Use socket_set_reuseaddr and socket_set_ipv6only. - -2005-08-11 Love Hörquist Åstrand - - * get.c: Remove structure that is never used (sneaked in the large - TL_DATA patch). - - * kadmin-commands.in: Rename password-quality to - verify-password-quality. - - * get.c: Indent. - - * server.c: Avoid shadowing exp(). - - * load.c: Parse extensions. - - * kadmin_locl.h: Include . - - * get.c: Extend struct field_name to have a subvalue and a - extra_mask. Use that to implement printing of KADM5_TL_DATA - options and fix a dependency bug (keys needed principal to print - the salting). - -2005-07-08 Love Hörquist Åstrand - - * lower amount of shadow and const warnings - -2005-06-07 David Love - - * dump-format.txt: Clarify, spelling and add examples. - -2005-05-30 Love Hörquist Åstrand - - * util.c (kdb_attrs): add ok-as-delegate - - * get.c (getit): init data.mask to 0. Problem found by Andrew - Bartlett - -2005-05-09 Love Hörquist Åstrand - - * kadmin.c (main): catch -2 as EOF - -2005-05-03 Dave Love - - * init.c (init): Don't disable forwardable for kadmin/changepw. - -2005-05-02 Dave Love - - * kadmin.c (help): Don't use non-constant initializer for `fake'. - -2005-04-20 Love Hörquist Åstrand - - * util.c (foreach_principal): initialize ret to make sure it have - a value - -2005-04-04 Love Hörquist Åstrand - - * kadmind.c: add verifier libraries with - kadm5_add_passwd_quality_verifier - - * kadmin.c: add verifier libraries with - kadm5_add_passwd_quality_verifier - - * load.c: max-life and max-renew is of unsigned int in asn1 - compiler, use that for the parser too - -2005-03-26 Love Hörquist Åstrand - - * kadmin.8: List of attributes, from James F. Hranicky - - -2005-01-19 Love Hörquist Åstrand - - * dump.c (dump): handle errors - -2005-01-08 Love Hörquist Åstrand - - * dump-format.txt: text dump format - -2004-12-08 Love Hörquist Åstrand - - * kadmind.8: use keeps around options, from OpenBSD - - * kadmin.8: use keeps around options, "improve" spelling, from - openbsd - -2004-11-01 Love Hörquist Åstrand - - * get.c (getit): always free columns - - * ank.c (add_one_principal): catch error from - UI_UTIL_read_pw_string - -2004-10-31 Love Hörquist Åstrand - - * del_enctype.c (del_enctype): fix off-by-one error in del_enctype - From: - -2004-08-13 Love Hörquist Åstrand - - * get.c: print keytypes on long format - -2004-07-06 Love Hörquist Åstrand - - * get.c (format_field): allow mod_name to be optional - - * ext.c (do_ext_keytab): if there isn't any keydata, try using - kadm5_randkey_principal - -2004-07-02 Love Hörquist Åstrand - - * load.c: make merge/load work again - - * del.c: fix usage string - - * ank.c: fix slc lossage - -2004-06-28 Love Hörquist Åstrand - - * kadmin.c: use kadm5_ad_init_with_password_ctx - -2004-06-27 Johan Danielsson - - * kadmin.8: document get -o and stash - - * get.c: implement output column selection, similar to ps -o - - * kadmin-commands.in: make get -l the default again, and add - column selection flag; sync list with get - -2004-06-24 Johan Danielsson - - * kadmin-commands.in: mod needs default kvno of -1 - -2004-06-21 Johan Danielsson - - * kadmin: convert to use slc; also add stash subcommand - -2004-06-15 Love Hörquist Åstrand - - * kadmin.c (main): keytab mode requires principal name - -2004-06-12 Love Hörquist Åstrand - - * kadmind.c: drop keyfile, not used, found by - Elrond - - * kadmin.c: if keyfile is set, pass in to libkadm5 bug pointed out - by Elrond - -2004-05-31 Love Hörquist Åstrand - - * kadmin.c: add --ad flag, XXX rewrite the init kadm5 interface - -2004-05-13 Johan Danielsson - - * nuke kerberos 4 kadmin goo - -2004-05-07 Johan Danielsson - - * util.c (str2time_t): fix end-of-day logic, from Duncan - McEwan/Mark Davies. - -2004-04-29 Love Hörquist Åstrand - - * version4.c (handle_v4): make sure length is longer then 2, - Pointed out by Evgeny Demidov - - * kadmind.c: make kerberos4 support default turned off - -2004-03-24 Johan Danielsson - - * kadmin.8: update manpage - - * mod.c: allow wildcarding principals, and make parameters a work - same as if prompted - -2004-03-08 Love Hörquist Åstrand - - * kadmin.8: document password-quality - - * kadmin_locl.h: add prototype for password_quality - - * kadmin.c: add password-quality/pwq command - - * Makefile.am: kadmin_SOURCES += pw_quality.c - - * pw_quality.c: test run the password quality function - -2004-03-07 Love Hörquist Åstrand - - * ank.c (add_one_principal): even though the principal is disabled - (creation of random key/keydata), create it with a random password - -2003-12-07 Love Hörquist Åstrand - - * init.c (create_random_entry): print error message on failure - - * ank.c (add_one_principal): pass right argument to - kadm5_free_principal_ent From Panasas, Inc - -2003-11-18 Love Hörquist Åstrand - - * kadmind.c (main): move opening the logfile to after reading - kdc.conf move the loading of hdb keytab ops closer to where its - used From: Jeffrey Hutzelman - -2003-10-04 Love Hörquist Åstrand - - * util.c (str2time_t): allow whitespace between date and time - From: Bob Beck and adharw@yahoo.com - -2003-09-03 Love Hörquist Åstrand - - * ank.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ - - * cpw.c: s/des_read_pw_string/UI_UTIL_read_pw_string/ - -2003-08-21 Love Hörquist Åstrand - - * get.c (print_entry_terse): handle error when unparsing name - -2003-08-18 Love Hörquist Åstrand - - * kadmind.c (main): use krb5_prepend_config_files_default, now all - options in kdc.conf is parsed, not just [kdc]key-file= - - * kadmin.c (main): use krb5_prepend_config_files_default, now all - options in kdc.conf is parsed, not just [kdc]key-file= - -2003-04-14 Love Hörquist Åstrand - - * util.c: cast argument to tolower to unsigned char, from - Christian Biere via NetBSD - -2003-04-06 Love Hörquist Åstrand - - * kadmind.8: s/kerberos/Kerberos/ - -2003-03-31 Love Hörquist Åstrand - - * kadmin.8: initialises -> initializes, from Perry E. Metzger" - - - * kadmin.c: principal, not pricipal. From Thomas Klausner - - -2003-02-04 Love Hörquist Åstrand - - * kadmind.8: spelling, from jmc - - * kadmin.8: spelling, from jmc - -2003-01-29 Love Hörquist Åstrand - - * server.c (kadmind_dispatch): kadm_chpass: require the password - to pass the password quality check in case the user changes the - user's own password kadm_chpass_with_key: disallow the user to - change it own password to a key, since that password might violate - the password quality check. - -2002-12-03 Johan Danielsson - - * util.c (get_response): print a newline if interrupted - - * mod.c (mod_entry): check return value from edit_entry - - * ank.c (add_one_principal): check return value from edit_entry - - * ank.c (add_one_principal): don't continue if create_principal - fails - - * init.c: check return value from edit_deltat - - * init.c: add --help - -2002-10-29 Johan Danielsson - - * version4.c: speling (from Tomas Olsson) - -2002-10-23 Assar Westerlund - - * version4.c (decode_packet): check the length of the version - string and that rlen has a reasonable value - -2002-10-21 Johan Danielsson - - * version4.c: check size of rlen - -2002-09-10 Johan Danielsson - - * server.c: constify match_appl_version() - - * version4.c: change some lingering krb_err_base - -2002-09-09 Jacques Vidrine - - * server.c (kadmind_dispatch): while decoding arguments for - kadm_chpass_with_key, sanity check the number of keys given. - Potential problem pointed out by - Sebastian Krahmer . - -2002-09-04 Johan Danielsson - - * load.c (parse_generation): return if there is no generation - (spotted by Daniel Kouril) - -2002-06-07 Jacques Vidrine - - * ank.c: do not attempt to free uninitialized pointer when - kadm5_randkey_principal fails. - -2002-06-07 Johan Danielsson - - * util.c: remove unused variable; reported by Hans Insulander - -2002-03-05 Johan Danielsson - - * kadmind.8: clarify some acl wording, and add an example file - -2002-02-11 Johan Danielsson - - * ext.c: no need to use the "modify" keytab anymore - -2001-09-20 Assar Westerlund - - * add-random-users.c: allocate several buffers for the list of - words, instead of one strdup per word (running under efence does - not work very well otherwise) - -2001-09-13 Assar Westerlund - - * add-random-users.c: allow specifying the number of users to - create - -2001-08-24 Assar Westerlund - - * Makefile.am: rename variable name to avoid error from current - automake - -2001-08-22 Assar Westerlund - - * kadmin_locl.h: include libutil.h if it exists - -2001-08-10 Johan Danielsson - - * util.c: do something to handle C-c in prompts - - * load.c: remove unused etypes code, and add parsing of the - generation field - - * ank.c: add a --use-defaults option to just use default values - without questions - - * kadmin.c: add "del" alias for delete - - * cpw.c: call this operation "passwd" in usage - - * kadmin_locl.h: prototype for set_defaults - - * util.c (edit_entry): move setting of default values to a - separate function, set_defaults - -2001-08-01 Johan Danielsson - - * kadmin.c: print help message on bad options - -2001-07-31 Assar Westerlund - - * add-random-users.c (main): handle --version - -2001-07-30 Johan Danielsson - - * load.c: increase line buffer to 8k - -2001-06-12 Assar Westerlund - - * ext.c (ext_keytab): use the default modify keytab per default - -2001-05-17 Assar Westerlund - - * kadm_conn.c (start_server): fix krb5_eai_to_heim_errno call - -2001-05-15 Assar Westerlund - - * kadmin.c (main): some error cleaning required - -2001-05-14 Assar Westerlund - - * kadmind.c: new krb5_config_parse_file - * kadmin.c: new krb5_config_parse_file - * kadm_conn.c: update to new krb5_sockaddr2address - -2001-05-07 Assar Westerlund - - * kadmin_locl.h (foreach_principal): update prototype - * get.c (getit): new foreach_principal - * ext.c (ext_keytab): new foreach_principal - * del.c (del_entry): new foreach_principal - * cpw.c (cpw_entry): new foreach_principal - * util.c (foreach_principal): add `funcname' and try printing the - error string - -2001-05-04 Johan Danielsson - - * rename.c: fix argument number test - -2001-04-19 Johan Danielsson - - * del_enctype.c: fix argument count check after getarg change; - spotted by mark@MCS.VUW.AC.NZ - -2001-02-15 Assar Westerlund - - * kadmind.c (main): use a `struct sockaddr_storage' to be able to - store all types of addresses - -2001-02-07 Assar Westerlund - - * kadmin.c: add --keytab / _K, from Leif Johansson - - -2001-01-29 Assar Westerlund - - * kadm_conn.c (spawn_child): close the newly created socket in the - packet, it's not used. from - * version4.c (decode_packet): check success of - krb5_425_conv_principal. from - -2001-01-12 Assar Westerlund - - * util.c (parse_attributes): make empty string mean no attributes, - specifying the empty string at the command line should give you no - attributes, but just pressing return at the prompt gives you - default attributes - (edit_entry): only pick up values from the default principal if they - aren't set in the principal being edited - -2001-01-04 Assar Westerlund - - * load.c (doit): print an error and bail out if storing an entry - in the database fails. The most likely reason for it failing is - out-of-space. - -2000-12-31 Assar Westerlund - - * kadmind.c (main): handle krb5_init_context failure consistently - * kadmin.c (main): handle krb5_init_context failure consistently - * add-random-users.c (add_user): handle krb5_init_context failure - consistently - - * kadm_conn.c (spawn_child): use a struct sockaddr_storage - -2000-12-15 Johan Danielsson - - * get.c: avoid asprintf'ing NULL strings - -2000-12-14 Johan Danielsson - - * load.c: fix option parsing - -2000-11-16 Assar Westerlund - - * kadm_conn.c (wait_for_connection): check for fd's being too - large to select on - -2000-11-09 Johan Danielsson - - * get.c: don't try to print modifier name if it isn't set (from - Jacques A. Vidrine" ) - -2000-09-19 Assar Westerlund - - * server.c (kadmind_loop): send in keytab to v4 handling function - * version4.c: allow the specification of what keytab to use - - * get.c (print_entry_long): actually print the actual saltvalue - used if it's not the default - -2000-09-10 Johan Danielsson - - * kadmin.c: add option parsing, and add `privs' as an alias for - `privileges' - - * init.c: complain if there's no realm name specified - - * rename.c: add option parsing - - * load.c: add option parsing - - * get.c: make `get' and `list' aliases to each other, but with - different defaults - - * del_enctype.c: add option parsing - - * del.c: add option parsing - - * ank.c: calling the command `add' make more sense from an english - pov - - * Makefile.am: add kadmin manpage - - * kadmin.8: short manpage - - * kadmin.c: `quit' should be a alias for `exit', not `help' - -2000-08-27 Assar Westerlund - - * server.c (handle_v5): do not try to perform stupid stunts when - printing errors - -2000-08-19 Assar Westerlund - - * util.c (str2time_t): add alias for `now'. - -2000-08-18 Assar Westerlund - - * server.c (handle_v5): accept any kadmin/admin@* principal as the - server - * kadmind.c: remove extra prototype of kadmind_loop - * kadmin_locl.h (kadmind_loop): add prototype - - * init.c (usage): print init-usage and not add-dito - -2000-08-07 Johan Danielsson - - * kadmind.c: use roken_getsockname - -2000-08-07 Assar Westerlund - - * kadmind.c, kadm_conn.c: use socklen_t instead of int where - appropriate. From - -2000-08-04 Johan Danielsson - - * Makefile.am: link with pidfile library - - * kadmind.c: write a pid file, and setup password quality - functions - - * kadmin_locl.h: util.h - -2000-07-27 Assar Westerlund - - * version4.c (decode_packet): be totally consistent with the - prototype of des_cbc_cksum - * kadmind.c: use sa_size instead of sa_len, some systems define - this to emulate anonymous unions - * kadm_conn.c: use sa_size instead of sa_len, some systems define - this to emulate anonymous unions - -2000-07-24 Assar Westerlund - - * kadmin.c (commands): add quit - * load.c (doit): truncate the log since there's no way of knowing - what changes are going to be added - -2000-07-23 Assar Westerlund - - * util.c (str2time_t): be more careful with strptime that might - zero out the `struct tm' - -2000-07-22 Johan Danielsson - - * kadm_conn.c: make the parent process wait for children and - terminate after receiving a signal, also terminate on SIGINT - -2000-07-22 Assar Westerlund - - * version4.c: map both princ_expire_time and pw_expiration to v4 - principal expiration - -2000-07-22 Johan Danielsson - - * version4.c (handle_v4): check for termination - - * server.c (v5_loop): check for termination - - * kadm_conn.c (wait_term): if we're doing something, set just set - a flag otherwise exit rightaway - - * server.c: use krb5_read_priv_message; (v5_loop): check for EOF - -2000-07-21 Assar Westerlund - - * kadm_conn.c: remove sys/select.h. make signal handlers - type-correct and static - - * kadmin_locl.h: add limits.h and sys/select.h - -2000-07-20 Assar Westerlund - - * init.c (init): also create `kadmin/hprop' - * kadmind.c: ports is a string argument - * kadm_conn.c (start_server): fix printf format - - * kadmin_locl.h: add - * kadm_conn.c: remove sys/select.h. make signal handlers - type-correct and static - - * kadmin_locl.h: add limits.h and sys/select.h - -2000-07-17 Johan Danielsson - - * kadm_conn.c: put all processes in a new process group - - * server.c (v5_loop): use krb5_{read,write}_priv_message - -2000-07-11 Johan Danielsson - - * version4.c: change log strings to match the v5 counterparts - - * mod.c: allow setting kvno - - * kadmind.c: if stdin is not a socket create and listen to sockets - - * kadm_conn.c: socket creation functions - - * util.c (deltat2str): treat 0 and INT_MAX as never - -2000-07-08 Assar Westerlund - - * Makefile.am (INCLUDES): add ../lib/krb5 - * kadmin_locl.h: add krb5_locl.h (since we just use some stuff - from there) - -2000-06-07 Assar Westerlund - - * add-random-users.c: new testing program that adds a number of - randomly generated users - -2000-04-12 Assar Westerlund - - * cpw.c (do_cpw_entry): call set_password if no argument is given, - it will prompt for the password. - * kadmin.c: make help only print the commands that are actually - available. - -2000-04-03 Assar Westerlund - - * del_enctype.c (del_enctype): set ignore correctly - -2000-04-02 Assar Westerlund - - * kadmin.c (main): make parse errors a fatal error - * init.c (init): create changepw/kerberos with disallow-tgt and - pwchange attributes - -2000-03-23 Assar Westerlund - - * util.c (hex2n, parse_des_key): add - * server.c (kadmind_dispatch): add kadm_chpass_with_key - * cpw.c: add --key - * ank.c: add --key - -2000-02-16 Assar Westerlund - - * load.c (doit): check return value from parse_hdbflags2int - correctly - -2000-01-25 Assar Westerlund - - * load.c: checking all parsing for errors and all memory - allocations also - -2000-01-02 Assar Westerlund - - * server.c: check initial flag in ticket and allow users to change - their own password if it's set - * ext.c (do_ext_keytab): set timestamp - -1999-12-14 Assar Westerlund - - * del_enctype.c (usage): don't use arg_printusage - -1999-11-25 Assar Westerlund - - * del_enctype.c (del_enctype): try not to leak memory - - * version4.c (kadm_ser_mod): use kadm5_s_modify_principal (no - _with_key) - - * kadmin.c: add `del_enctype' - - * del_enctype.c (del_enctype): new function for deleting enctypes - from a principal - - * Makefile.am (kadmin_SOURCES): add del_enctype.c - -1999-11-09 Johan Danielsson - - * server.c: cope with old clients - - * kadmin_locl.h: remove version string - -1999-10-17 Assar Westerlund - - * Makefile.am (kadmin_LDADD): add LIB_dlopen - -1999-10-01 Assar Westerlund - - * ank.c (add_one_principal): `password' can cactually be NULL in - the overwrite code, check for it. - -1999-09-20 Assar Westerlund - - * mod.c (mod_entry): print the correct principal name in error - messages. From Love - -1999-09-10 Assar Westerlund - - * init.c (init): also create `changepw/kerberos' - - * version4.c: only create you loose packets when we fail decoding - and not when an operation is not performed for some reason - (decode_packet): read the service key from the hdb - (dispatch, decode_packet): return proper error messages - - * version4.c (kadm_ser_cpw): add password quality functions - -1999-08-27 Johan Danielsson - - * server.c (handle_v5): give more informative message if - KRB5_KT_NOTFOUND - -1999-08-26 Johan Danielsson - - * kadmind.c: use HDB keytabs - -1999-08-25 Assar Westerlund - - * cpw.c (set_password): use correct variable. From Love - - - * server.c (v5_loop): use correct error code - - * ank.c (add_one_principal): initialize `default_ent' - -1999-08-21 Assar Westerlund - - * random_password.c: new file, stolen from krb4 - - * kadmin_locl.h: add prototype for random_password - - * cpw.c: add support for --random-password - - * ank.c: add support for --random-password - - * Makefile.am (kadmin_SOURCES): add random_password.c - -1999-08-19 Assar Westerlund - - * util.c (edit_timet): break when we manage to parse the time not - the inverse. - - * mod.c: add parsing of lots of options. From Love - - - * ank.c: add setting of expiration and password expiration - - * kadmin_locl.h: update util.c prototypes - - * util.c: move-around. clean-up, rename, make consistent (and - some other weird stuff). based on patches from Love - - - * version4.c (kadm_ser_cpw): initialize password - (handle_v4): remove unused variable `ret' - -1999-08-16 Assar Westerlund - - * version4.c (handle_v4): more error checking and more correct - error messages - - * server.c (v5_loop, kadmind_loop): more error checking and more - correct error messages - -1999-07-24 Assar Westerlund - - * util.c (str2timeval, edit_time): functions for parsing and - editing times. Based on patches from Love . - (edit_entry): call new functions - - * mod.c (mod_entry): allow modifying expiration times - - * kadmin_locl.h (str2timeval): add prototype - - * ank.c (add_one_principal): allow setting expiration times - -1999-07-03 Assar Westerlund - - * server.c (v5_loop): handle data allocation with krb5_data_alloc - and check return value - -1999-06-23 Assar Westerlund - - * version4.c (kadm_ser_cpw): read the key in the strange order - it's sent - - * util.c (edit_entry): look at default - (edit_time): always set mask even if value == 0 - - * kadmin_locl.h (edit_entry): update - - * ank.c: make ank use the values of the default principal for - prompting - - * version4.c (values_to_ent): convert key data correctly - -1999-05-23 Assar Westerlund - - * init.c (create_random_entry): more correct setting of mask - -1999-05-21 Assar Westerlund - - * server.c (handle_v5): read sendauth version correctly. - -1999-05-14 Assar Westerlund - - * version4.c (error_code): try to handle really old krb4 - distributions - -1999-05-11 Assar Westerlund - - * init.c (init): initialize realm_max_life and realm_max_rlife - -1999-05-07 Assar Westerlund - - * ank.c (add_new_key): initialize more variables - -1999-05-04 Assar Westerlund - - * version4.c (kadm_ser_cpw): always allow a user to change her - password - (kadm_ser_*): make logging work - clean-up and restructure - - * kadmin_locl.h (set_entry): add prototype - - * kadmin.c (usage): update usage string - - * init.c (init): new arguments realm-max-ticket-life and - realm-max-renewable-life - - * util.c (edit_time, edit_attributes): don't do anything if it's - already set - (set_entry): new function - - * ank.c (add_new_key): new options for setting max-ticket-life, - max-renewable-life, and attributes - - * server.c (v5_loop): remove unused variable - - * kadmin_locl.h: add prototypes - - * version4.c: re-insert krb_err.h and other miss - - * server.c (kadmind_loop): break-up and restructure - - * version4.c: add ACL checks more error code checks restructure - -1999-05-03 Johan Danielsson - - * load.c: check for (un-)encrypted keys - - * dump.c: use hdb_print_entry - - * version4.c: version 4 support - - * Makefile.am: link with krb4 - - * kadmin_locl.h: include - - * server.c: move from lib/kadm5, and add basic support for krb4 - kadmin protocol - - * kadmind.c: move recvauth to kadmind_loop() diff --git a/crypto/heimdal/kadmin/Makefile.am b/crypto/heimdal/kadmin/Makefile.am deleted file mode 100644 index 323439a130d6..000000000000 --- a/crypto/heimdal/kadmin/Makefile.am +++ /dev/null @@ -1,94 +0,0 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_readline) $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 - -sbin_PROGRAMS = kadmin - -libexec_PROGRAMS = kadmind - -SLC = $(top_builddir)/lib/sl/slc - -man_MANS = kadmin.8 kadmind.8 - -noinst_PROGRAMS = add_random_users - -dist_kadmin_SOURCES = \ - ank.c \ - add_enctype.c \ - check.c \ - cpw.c \ - del.c \ - del_enctype.c \ - dump.c \ - ext.c \ - get.c \ - init.c \ - kadmin.c \ - load.c \ - mod.c \ - rename.c \ - stash.c \ - util.c \ - pw_quality.c \ - random_password.c \ - kadmin_locl.h - -nodist_kadmin_SOURCES = \ - kadmin-commands.c \ - kadmin-commands.h - -$(kadmin_OBJECTS): kadmin-commands.h - -CLEANFILES = kadmin-commands.h kadmin-commands.c - -kadmin-commands.c kadmin-commands.h: kadmin-commands.in - $(SLC) $(srcdir)/kadmin-commands.in - -kadmind_SOURCES = \ - kadmind.c \ - server.c \ - kadmin_locl.h \ - $(version4_c) \ - kadm_conn.c - -add_random_users_SOURCES = add-random-users.c - -test_util_SOURCES = test_util.c util.c - -TESTS = test_util - -check_PROGRAMS = $(TESTS) - -LDADD_common = \ - $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) \ - $(DBLIB) - -kadmind_LDADD = $(top_builddir)/lib/kadm5/libkadm5srv.la \ - $(LDADD_common) \ - $(LIB_pidfile) \ - $(LIB_dlopen) - -kadmin_LDADD = \ - $(top_builddir)/lib/kadm5/libkadm5clnt.la \ - $(top_builddir)/lib/kadm5/libkadm5srv.la \ - $(top_builddir)/lib/sl/libsl.la \ - $(LIB_readline) \ - $(LDADD_common) \ - $(LIB_dlopen) - -add_random_users_LDADD = \ - $(top_builddir)/lib/kadm5/libkadm5clnt.la \ - $(top_builddir)/lib/kadm5/libkadm5srv.la \ - $(LDADD_common) \ - $(LIB_dlopen) - -test_util_LDADD = $(kadmin_LDADD) - -EXTRA_DIST = $(man_MANS) kadmin-commands.in diff --git a/crypto/heimdal/kadmin/Makefile.in b/crypto/heimdal/kadmin/Makefile.in deleted file mode 100644 index 746cb48f664d..000000000000 --- a/crypto/heimdal/kadmin/Makefile.in +++ /dev/null @@ -1,1069 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog -sbin_PROGRAMS = kadmin$(EXEEXT) -libexec_PROGRAMS = kadmind$(EXEEXT) -noinst_PROGRAMS = add_random_users$(EXEEXT) -TESTS = test_util$(EXEEXT) -check_PROGRAMS = $(am__EXEEXT_1) -subdir = kadmin -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__EXEEXT_1 = test_util$(EXEEXT) -am__installdirs = "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(sbindir)" \ - "$(DESTDIR)$(man8dir)" -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(libexec_PROGRAMS) $(noinst_PROGRAMS) $(sbin_PROGRAMS) -am_add_random_users_OBJECTS = add-random-users.$(OBJEXT) -add_random_users_OBJECTS = $(am_add_random_users_OBJECTS) -am__DEPENDENCIES_1 = -am__DEPENDENCIES_2 = $(top_builddir)/lib/hdb/libhdb.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -add_random_users_DEPENDENCIES = \ - $(top_builddir)/lib/kadm5/libkadm5clnt.la \ - $(top_builddir)/lib/kadm5/libkadm5srv.la $(am__DEPENDENCIES_2) \ - $(am__DEPENDENCIES_1) -dist_kadmin_OBJECTS = ank.$(OBJEXT) add_enctype.$(OBJEXT) \ - check.$(OBJEXT) cpw.$(OBJEXT) del.$(OBJEXT) \ - del_enctype.$(OBJEXT) dump.$(OBJEXT) ext.$(OBJEXT) \ - get.$(OBJEXT) init.$(OBJEXT) kadmin.$(OBJEXT) load.$(OBJEXT) \ - mod.$(OBJEXT) rename.$(OBJEXT) stash.$(OBJEXT) util.$(OBJEXT) \ - pw_quality.$(OBJEXT) random_password.$(OBJEXT) -nodist_kadmin_OBJECTS = kadmin-commands.$(OBJEXT) -kadmin_OBJECTS = $(dist_kadmin_OBJECTS) $(nodist_kadmin_OBJECTS) -kadmin_DEPENDENCIES = $(top_builddir)/lib/kadm5/libkadm5clnt.la \ - $(top_builddir)/lib/kadm5/libkadm5srv.la \ - $(top_builddir)/lib/sl/libsl.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -am_kadmind_OBJECTS = kadmind.$(OBJEXT) server.$(OBJEXT) \ - kadm_conn.$(OBJEXT) -kadmind_OBJECTS = $(am_kadmind_OBJECTS) -kadmind_DEPENDENCIES = $(top_builddir)/lib/kadm5/libkadm5srv.la \ - $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -am_test_util_OBJECTS = test_util.$(OBJEXT) util.$(OBJEXT) -test_util_OBJECTS = $(am_test_util_OBJECTS) -am__DEPENDENCIES_3 = $(top_builddir)/lib/kadm5/libkadm5clnt.la \ - $(top_builddir)/lib/kadm5/libkadm5srv.la \ - $(top_builddir)/lib/sl/libsl.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -test_util_DEPENDENCIES = $(am__DEPENDENCIES_3) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(add_random_users_SOURCES) $(dist_kadmin_SOURCES) \ - $(nodist_kadmin_SOURCES) $(kadmind_SOURCES) \ - $(test_util_SOURCES) -DIST_SOURCES = $(add_random_users_SOURCES) $(dist_kadmin_SOURCES) \ - $(kadmind_SOURCES) $(test_util_SOURCES) -man8dir = $(mandir)/man8 -MANS = $(man_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_readline) $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -SLC = $(top_builddir)/lib/sl/slc -man_MANS = kadmin.8 kadmind.8 -dist_kadmin_SOURCES = \ - ank.c \ - add_enctype.c \ - check.c \ - cpw.c \ - del.c \ - del_enctype.c \ - dump.c \ - ext.c \ - get.c \ - init.c \ - kadmin.c \ - load.c \ - mod.c \ - rename.c \ - stash.c \ - util.c \ - pw_quality.c \ - random_password.c \ - kadmin_locl.h - -nodist_kadmin_SOURCES = \ - kadmin-commands.c \ - kadmin-commands.h - -CLEANFILES = kadmin-commands.h kadmin-commands.c -kadmind_SOURCES = \ - kadmind.c \ - server.c \ - kadmin_locl.h \ - $(version4_c) \ - kadm_conn.c - -add_random_users_SOURCES = add-random-users.c -test_util_SOURCES = test_util.c util.c -LDADD_common = \ - $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) \ - $(DBLIB) - -kadmind_LDADD = $(top_builddir)/lib/kadm5/libkadm5srv.la \ - $(LDADD_common) \ - $(LIB_pidfile) \ - $(LIB_dlopen) - -kadmin_LDADD = \ - $(top_builddir)/lib/kadm5/libkadm5clnt.la \ - $(top_builddir)/lib/kadm5/libkadm5srv.la \ - $(top_builddir)/lib/sl/libsl.la \ - $(LIB_readline) \ - $(LDADD_common) \ - $(LIB_dlopen) - -add_random_users_LDADD = \ - $(top_builddir)/lib/kadm5/libkadm5clnt.la \ - $(top_builddir)/lib/kadm5/libkadm5srv.la \ - $(LDADD_common) \ - $(LIB_dlopen) - -test_util_LDADD = $(kadmin_LDADD) -EXTRA_DIST = $(man_MANS) kadmin-commands.in -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps kadmin/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps kadmin/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -clean-checkPROGRAMS: - @list='$(check_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -install-libexecPROGRAMS: $(libexec_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-libexecPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done - -clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done - -clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -install-sbinPROGRAMS: $(sbin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(sbindir)" || $(MKDIR_P) "$(DESTDIR)$(sbindir)" - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-sbinPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(sbindir)/$$f'"; \ - rm -f "$(DESTDIR)$(sbindir)/$$f"; \ - done - -clean-sbinPROGRAMS: - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -add_random_users$(EXEEXT): $(add_random_users_OBJECTS) $(add_random_users_DEPENDENCIES) - @rm -f add_random_users$(EXEEXT) - $(LINK) $(add_random_users_OBJECTS) $(add_random_users_LDADD) $(LIBS) -kadmin$(EXEEXT): $(kadmin_OBJECTS) $(kadmin_DEPENDENCIES) - @rm -f kadmin$(EXEEXT) - $(LINK) $(kadmin_OBJECTS) $(kadmin_LDADD) $(LIBS) -kadmind$(EXEEXT): $(kadmind_OBJECTS) $(kadmind_DEPENDENCIES) - @rm -f kadmind$(EXEEXT) - $(LINK) $(kadmind_OBJECTS) $(kadmind_LDADD) $(LIBS) -test_util$(EXEEXT): $(test_util_OBJECTS) $(test_util_DEPENDENCIES) - @rm -f test_util$(EXEEXT) - $(LINK) $(test_util_OBJECTS) $(test_util_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man8: $(man8_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ - srcdir=$(srcdir); export srcdir; \ - list=' $(TESTS) '; \ - if test -n "$$list"; then \ - for tst in $$list; do \ - if test -f ./$$tst; then dir=./; \ - elif test -f $$tst; then dir=; \ - else dir="$(srcdir)/"; fi; \ - if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xpass=`expr $$xpass + 1`; \ - failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ - ;; \ - *) \ - echo "PASS: $$tst"; \ - ;; \ - esac; \ - elif test $$? -ne 77; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ - ;; \ - *) \ - failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ - ;; \ - esac; \ - else \ - skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ - fi; \ - else \ - if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ - else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ - fi; \ - fi; \ - dashes="$$banner"; \ - skipped=""; \ - if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ - test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$skipped"; \ - fi; \ - report=""; \ - if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ - report="Please report to $(PACKAGE_BUGREPORT)"; \ - test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$report"; \ - fi; \ - dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - test -z "$$skipped" || echo "$$skipped"; \ - test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0; \ - else :; fi - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) - $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local -check: check-am -all-am: Makefile $(PROGRAMS) $(MANS) all-local -installdirs: - for dir in "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-checkPROGRAMS clean-generic clean-libexecPROGRAMS \ - clean-libtool clean-noinstPROGRAMS clean-sbinPROGRAMS \ - mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-libexecPROGRAMS install-sbinPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man8 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-libexecPROGRAMS uninstall-man \ - uninstall-sbinPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man8 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \ - check-local clean clean-checkPROGRAMS clean-generic \ - clean-libexecPROGRAMS clean-libtool clean-noinstPROGRAMS \ - clean-sbinPROGRAMS ctags dist-hook distclean distclean-compile \ - distclean-generic distclean-libtool distclean-tags distdir dvi \ - dvi-am html html-am info info-am install install-am \ - install-data install-data-am install-data-hook install-dvi \ - install-dvi-am install-exec install-exec-am install-exec-hook \ - install-html install-html-am install-info install-info-am \ - install-libexecPROGRAMS install-man install-man8 install-pdf \ - install-pdf-am install-ps install-ps-am install-sbinPROGRAMS \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ - pdf pdf-am ps ps-am tags uninstall uninstall-am uninstall-hook \ - uninstall-libexecPROGRAMS uninstall-man uninstall-man8 \ - uninstall-sbinPROGRAMS - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -$(kadmin_OBJECTS): kadmin-commands.h - -kadmin-commands.c kadmin-commands.h: kadmin-commands.in - $(SLC) $(srcdir)/kadmin-commands.in -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/kadmin/add-random-users.c b/crypto/heimdal/kadmin/add-random-users.c deleted file mode 100644 index b7971434b25c..000000000000 --- a/crypto/heimdal/kadmin/add-random-users.c +++ /dev/null @@ -1,185 +0,0 @@ -/* - * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" - -RCSID("$Id: add-random-users.c 19213 2006-12-04 23:36:36Z lha $"); - -#define WORDS_FILENAME "/usr/share/dict/words" - -#define NUSERS 1000 - -#define WORDBUF_SIZE 65535 - -static unsigned -read_words (const char *filename, char ***ret_w) -{ - unsigned n, alloc; - FILE *f; - char buf[256]; - char **w = NULL; - char *wbuf = NULL, *wptr = NULL, *wend = NULL; - - f = fopen (filename, "r"); - if (f == NULL) - err (1, "cannot open %s", filename); - alloc = n = 0; - while (fgets (buf, sizeof(buf), f) != NULL) { - size_t len; - - buf[strcspn(buf, "\r\n")] = '\0'; - if (n >= alloc) { - alloc = max(alloc + 16, alloc * 2); - w = erealloc (w, alloc * sizeof(char **)); - } - len = strlen(buf); - if (wptr + len + 1 >= wend) { - wptr = wbuf = emalloc (WORDBUF_SIZE); - wend = wbuf + WORDBUF_SIZE; - } - memmove (wptr, buf, len + 1); - w[n++] = wptr; - wptr += len + 1; - } - if (n == 0) - errx(1, "%s is an empty file, no words to try", filename); - *ret_w = w; - return n; -} - -static void -add_user (krb5_context context, void *kadm_handle, - unsigned nwords, char **words) -{ - kadm5_principal_ent_rec princ; - char name[64]; - int r1, r2; - krb5_error_code ret; - int mask; - - r1 = rand(); - r2 = rand(); - - snprintf (name, sizeof(name), "%s%d", words[r1 % nwords], r2 % 1000); - - mask = KADM5_PRINCIPAL; - - memset(&princ, 0, sizeof(princ)); - ret = krb5_parse_name(context, name, &princ.principal); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - ret = kadm5_create_principal (kadm_handle, &princ, mask, name); - if (ret) - krb5_err (context, 1, ret, "kadm5_create_principal"); - kadm5_free_principal_ent(kadm_handle, &princ); - printf ("%s\n", name); -} - -static void -add_users (const char *filename, unsigned n) -{ - krb5_error_code ret; - int i; - void *kadm_handle; - krb5_context context; - unsigned nwords; - char **words; - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - ret = kadm5_s_init_with_password_ctx(context, - KADM5_ADMIN_SERVICE, - NULL, - KADM5_ADMIN_SERVICE, - NULL, 0, 0, - &kadm_handle); - if(ret) - krb5_err(context, 1, ret, "kadm5_init_with_password"); - - nwords = read_words (filename, &words); - - for (i = 0; i < n; ++i) - add_user (context, kadm_handle, nwords, words); - kadm5_destroy(kadm_handle); - krb5_free_context(context); -} - -static int version_flag = 0; -static int help_flag = 0; - -static struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - "[filename [n]]"); - exit (ret); -} - -int -main(int argc, char **argv) -{ - int optidx = 0; - int n = NUSERS; - const char *filename = WORDS_FILENAME; - - setprogname(argv[0]); - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - if (help_flag) - usage (0); - if (version_flag) { - print_version(NULL); - return 0; - } - srand (0); - argc -= optidx; - argv += optidx; - - if (argc > 0) { - if (argc > 1) - n = atoi(argv[1]); - filename = argv[0]; - } - - add_users (filename, n); - return 0; -} diff --git a/crypto/heimdal/kadmin/add_enctype.c b/crypto/heimdal/kadmin/add_enctype.c deleted file mode 100644 index 65337e62c001..000000000000 --- a/crypto/heimdal/kadmin/add_enctype.c +++ /dev/null @@ -1,164 +0,0 @@ -/* - * Copyright (c) 1999-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" -#include "kadmin-commands.h" - -RCSID("$Id: add_enctype.c 20287 2007-02-22 03:12:30Z lha $"); - -/* - * del_enctype principal enctypes... - */ - -int -add_enctype(struct add_enctype_options*opt, int argc, char **argv) -{ - kadm5_principal_ent_rec princ; - krb5_principal princ_ent = NULL; - krb5_error_code ret; - const char *princ_name; - int i, j; - krb5_key_data *new_key_data; - int n_etypes; - krb5_enctype *etypes; - - if (!opt->random_key_flag) { - krb5_warnx (context, "only random key is supported now"); - return 0; - } - - memset (&princ, 0, sizeof(princ)); - princ_name = argv[0]; - n_etypes = argc - 1; - etypes = malloc (n_etypes * sizeof(*etypes)); - if (etypes == NULL) { - krb5_warnx (context, "out of memory"); - return 0; - } - argv++; - for (i = 0; i < n_etypes; ++i) { - ret = krb5_string_to_enctype (context, argv[i], &etypes[i]); - if (ret) { - krb5_warnx (context, "bad enctype \"%s\"", argv[i]); - goto out2; - } - } - - ret = krb5_parse_name(context, princ_name, &princ_ent); - if (ret) { - krb5_warn (context, ret, "krb5_parse_name %s", princ_name); - goto out2; - } - - ret = kadm5_get_principal(kadm_handle, princ_ent, &princ, - KADM5_PRINCIPAL | KADM5_KEY_DATA); - if (ret) { - krb5_free_principal (context, princ_ent); - krb5_warnx (context, "no such principal: %s", princ_name); - goto out2; - } - - new_key_data = malloc((princ.n_key_data + n_etypes) - * sizeof(*new_key_data)); - if (new_key_data == NULL) { - krb5_warnx (context, "out of memory"); - goto out; - } - - for (i = 0; i < princ.n_key_data; ++i) { - krb5_key_data *key = &princ.key_data[i]; - - for (j = 0; j < n_etypes; ++j) { - if (etypes[j] == key->key_data_type[0]) { - krb5_warnx(context, "enctype %d already exists", - (int)etypes[j]); - goto out; - } - } - new_key_data[i] = *key; - } - - for (i = 0; i < n_etypes; ++i) { - int n = princ.n_key_data + i; - krb5_keyblock keyblock; - - memset(&new_key_data[n], 0, sizeof(new_key_data[n])); - new_key_data[n].key_data_ver = 2; - new_key_data[n].key_data_kvno = 0; - - ret = krb5_generate_random_keyblock (context, etypes[i], &keyblock); - if (ret) { - krb5_warnx(context, "genernate enctype %d failed", (int)etypes[i]); - while (--i >= 0) - free(new_key_data[--n].key_data_contents[0]); - goto out; - } - - /* key */ - new_key_data[n].key_data_type[0] = etypes[i]; - new_key_data[n].key_data_contents[0] = malloc(keyblock.keyvalue.length); - if (new_key_data[n].key_data_contents[0] == NULL) { - ret = ENOMEM; - krb5_warn(context, ret, "out of memory"); - while (--i >= 0) - free(new_key_data[--n].key_data_contents[0]); - goto out; - } - new_key_data[n].key_data_length[0] = keyblock.keyvalue.length; - memcpy(new_key_data[n].key_data_contents[0], - keyblock.keyvalue.data, - keyblock.keyvalue.length); - krb5_free_keyblock_contents(context, &keyblock); - - /* salt */ - new_key_data[n].key_data_type[1] = KRB5_PW_SALT; - new_key_data[n].key_data_length[1] = 0; - new_key_data[n].key_data_contents[1] = NULL; - - } - - free (princ.key_data); - princ.n_key_data += n_etypes; - princ.key_data = new_key_data; - new_key_data = NULL; - - ret = kadm5_modify_principal (kadm_handle, &princ, KADM5_KEY_DATA); - if (ret) - krb5_warn(context, ret, "kadm5_modify_principal"); -out: - krb5_free_principal (context, princ_ent); - kadm5_free_principal_ent(kadm_handle, &princ); -out2: - free (etypes); - return ret != 0; -} diff --git a/crypto/heimdal/kadmin/ank.c b/crypto/heimdal/kadmin/ank.c deleted file mode 100644 index 7e7cfa8817e8..000000000000 --- a/crypto/heimdal/kadmin/ank.c +++ /dev/null @@ -1,266 +0,0 @@ -/* - * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" -#include "kadmin-commands.h" - -RCSID("$Id: ank.c 16658 2006-01-25 12:29:46Z lha $"); - -/* - * fetch the default principal corresponding to `princ' - */ - -static krb5_error_code -get_default (kadm5_server_context *context, - krb5_principal princ, - kadm5_principal_ent_t default_ent) -{ - krb5_error_code ret; - krb5_principal def_principal; - krb5_realm *realm = krb5_princ_realm(context->context, princ); - - ret = krb5_make_principal (context->context, &def_principal, - *realm, "default", NULL); - if (ret) - return ret; - ret = kadm5_get_principal (context, def_principal, default_ent, - KADM5_PRINCIPAL_NORMAL_MASK); - krb5_free_principal (context->context, def_principal); - return ret; -} - -/* - * Add the principal `name' to the database. - * Prompt for all data not given by the input parameters. - */ - -static krb5_error_code -add_one_principal (const char *name, - int rand_key, - int rand_password, - int use_defaults, - char *password, - krb5_key_data *key_data, - const char *max_ticket_life, - const char *max_renewable_life, - const char *attributes, - const char *expiration, - const char *pw_expiration) -{ - krb5_error_code ret; - kadm5_principal_ent_rec princ, defrec; - kadm5_principal_ent_rec *default_ent = NULL; - krb5_principal princ_ent = NULL; - int mask = 0; - int default_mask = 0; - char pwbuf[1024]; - - memset(&princ, 0, sizeof(princ)); - ret = krb5_parse_name(context, name, &princ_ent); - if (ret) { - krb5_warn(context, ret, "krb5_parse_name"); - return ret; - } - princ.principal = princ_ent; - mask |= KADM5_PRINCIPAL; - - ret = set_entry(context, &princ, &mask, - max_ticket_life, max_renewable_life, - expiration, pw_expiration, attributes); - if (ret) - goto out; - - default_ent = &defrec; - ret = get_default (kadm_handle, princ_ent, default_ent); - if (ret) { - default_ent = NULL; - default_mask = 0; - } else { - default_mask = KADM5_ATTRIBUTES | KADM5_MAX_LIFE | KADM5_MAX_RLIFE | - KADM5_PRINC_EXPIRE_TIME | KADM5_PW_EXPIRATION; - } - - if(use_defaults) - set_defaults(&princ, &mask, default_ent, default_mask); - else - if(edit_entry(&princ, &mask, default_ent, default_mask)) - goto out; - if(rand_key || key_data) { - princ.attributes |= KRB5_KDB_DISALLOW_ALL_TIX; - mask |= KADM5_ATTRIBUTES; - random_password (pwbuf, sizeof(pwbuf)); - password = pwbuf; - } else if (rand_password) { - random_password (pwbuf, sizeof(pwbuf)); - password = pwbuf; - } else if(password == NULL) { - char *princ_name; - char *prompt; - - krb5_unparse_name(context, princ_ent, &princ_name); - asprintf (&prompt, "%s's Password: ", princ_name); - free (princ_name); - ret = UI_UTIL_read_pw_string (pwbuf, sizeof(pwbuf), prompt, 1); - free (prompt); - if (ret) { - krb5_set_error_string(context, "failed to verify password"); - ret = KRB5_LIBOS_BADPWDMATCH; - goto out; - } - password = pwbuf; - } - - ret = kadm5_create_principal(kadm_handle, &princ, mask, password); - if(ret) { - krb5_warn(context, ret, "kadm5_create_principal"); - goto out; - } - if(rand_key) { - krb5_keyblock *new_keys; - int n_keys, i; - ret = kadm5_randkey_principal(kadm_handle, princ_ent, - &new_keys, &n_keys); - if(ret){ - krb5_warn(context, ret, "kadm5_randkey_principal"); - n_keys = 0; - } - for(i = 0; i < n_keys; i++) - krb5_free_keyblock_contents(context, &new_keys[i]); - if (n_keys > 0) - free(new_keys); - kadm5_get_principal(kadm_handle, princ_ent, &princ, - KADM5_PRINCIPAL | KADM5_KVNO | KADM5_ATTRIBUTES); - princ.attributes &= (~KRB5_KDB_DISALLOW_ALL_TIX); - princ.kvno = 1; - kadm5_modify_principal(kadm_handle, &princ, - KADM5_ATTRIBUTES | KADM5_KVNO); - kadm5_free_principal_ent(kadm_handle, &princ); - } else if (key_data) { - ret = kadm5_chpass_principal_with_key (kadm_handle, princ_ent, - 3, key_data); - if (ret) { - krb5_warn(context, ret, "kadm5_chpass_principal_with_key"); - } - kadm5_get_principal(kadm_handle, princ_ent, &princ, - KADM5_PRINCIPAL | KADM5_ATTRIBUTES); - princ.attributes &= (~KRB5_KDB_DISALLOW_ALL_TIX); - kadm5_modify_principal(kadm_handle, &princ, KADM5_ATTRIBUTES); - kadm5_free_principal_ent(kadm_handle, &princ); - } else if (rand_password) { - char *princ_name; - - krb5_unparse_name(context, princ_ent, &princ_name); - printf ("added %s with password \"%s\"\n", princ_name, password); - free (princ_name); - } -out: - if (princ_ent) - krb5_free_principal (context, princ_ent); - if(default_ent) - kadm5_free_principal_ent (kadm_handle, default_ent); - if (password != NULL) - memset (password, 0, strlen(password)); - return ret; -} - -/* - * parse the string `key_string' into `key', returning 0 iff succesful. - */ - -/* - * the ank command - */ - -/* - * Parse arguments and add all the principals. - */ - -int -add_new_key(struct add_options *opt, int argc, char **argv) -{ - krb5_error_code ret = 0; - int i; - int num; - krb5_key_data key_data[3]; - krb5_key_data *kdp = NULL; - - num = 0; - if (opt->random_key_flag) - ++num; - if (opt->random_password_flag) - ++num; - if (opt->password_string) - ++num; - if (opt->key_string) - ++num; - - if (num > 1) { - fprintf (stderr, "give only one of " - "--random-key, --random-password, --password, --key\n"); - return 1; - } - - if (opt->key_string) { - const char *error; - - if (parse_des_key (opt->key_string, key_data, &error)) { - fprintf (stderr, "failed parsing key \"%s\": %s\n", - opt->key_string, error); - return 1; - } - kdp = key_data; - } - - for(i = 0; i < argc; i++) { - ret = add_one_principal (argv[i], - opt->random_key_flag, - opt->random_password_flag, - opt->use_defaults_flag, - opt->password_string, - kdp, - opt->max_ticket_life_string, - opt->max_renewable_life_string, - opt->attributes_string, - opt->expiration_time_string, - opt->pw_expiration_time_string); - if (ret) { - krb5_warn (context, ret, "adding %s", argv[i]); - break; - } - } - if (kdp) { - int16_t dummy = 3; - kadm5_free_key_data (kadm_handle, &dummy, key_data); - } - return ret != 0; -} diff --git a/crypto/heimdal/kadmin/check.c b/crypto/heimdal/kadmin/check.c deleted file mode 100644 index bd4f270adb77..000000000000 --- a/crypto/heimdal/kadmin/check.c +++ /dev/null @@ -1,238 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * Check database for strange configurations on default principals - */ - -#include "kadmin_locl.h" -#include "kadmin-commands.h" - -RCSID("$Id: check.c 20962 2007-06-07 05:09:24Z lha $"); - -static int -get_check_entry(const char *name, kadm5_principal_ent_rec *ent) -{ - krb5_error_code ret; - krb5_principal principal; - - ret = krb5_parse_name(context, name, &principal); - if (ret) { - krb5_warn(context, ret, "krb5_unparse_name: %s", name); - return 1; - } - - memset(ent, 0, sizeof(*ent)); - ret = kadm5_get_principal(kadm_handle, principal, ent, 0); - krb5_free_principal(context, principal); - if(ret) - return 1; - - return 0; -} - - -static int -do_check_entry(krb5_principal principal, void *data) -{ - krb5_error_code ret; - kadm5_principal_ent_rec princ; - char *name; - int i; - - ret = krb5_unparse_name(context, principal, &name); - if (ret) - return 1; - - memset (&princ, 0, sizeof(princ)); - ret = kadm5_get_principal(kadm_handle, principal, &princ, - KADM5_PRINCIPAL | KADM5_KEY_DATA); - if(ret) { - krb5_warn(context, ret, "Failed to get principal: %s", name); - free(name); - return 0; - } - - for (i = 0; i < princ.n_key_data; i++) { - size_t keysize; - ret = krb5_enctype_keysize(context, - princ.key_data[i].key_data_type[0], - &keysize); - if (ret == 0 && keysize != princ.key_data[i].key_data_length[0]) { - krb5_warnx(context, - "Principal %s enctype %d, wrong length: %lu\n", - name, princ.key_data[i].key_data_type[0], - (unsigned long)princ.key_data[i].key_data_length); - } - } - - free(name); - kadm5_free_principal_ent(kadm_handle, &princ); - - return 0; -} - -int -check(void *opt, int argc, char **argv) -{ - kadm5_principal_ent_rec ent; - krb5_error_code ret; - char *realm = NULL, *p, *p2; - int found; - - if (argc == 0) { - ret = krb5_get_default_realm(context, &realm); - if (ret) { - krb5_warn(context, ret, "krb5_get_default_realm"); - goto fail; - } - } else { - realm = strdup(argv[0]); - if (realm == NULL) { - krb5_warnx(context, "malloc"); - goto fail; - } - } - - /* - * Check krbtgt/REALM@REALM - * - * For now, just check existance - */ - - if (asprintf(&p, "%s/%s@%s", KRB5_TGS_NAME, realm, realm) == -1) { - krb5_warn(context, errno, "asprintf"); - goto fail; - } - - ret = get_check_entry(p, &ent); - if (ret) { - printf("%s doesn't exist, are you sure %s is a realm in your database", - p, realm); - free(p); - goto fail; - } - free(p); - - kadm5_free_principal_ent(kadm_handle, &ent); - - /* - * Check kadmin/admin@REALM - */ - - if (asprintf(&p, "kadmin/admin@%s", realm) == -1) { - krb5_warn(context, errno, "asprintf"); - goto fail; - } - - ret = get_check_entry(p, &ent); - if (ret) { - printf("%s doesn't exist, " - "there is no way to do remote administration", p); - free(p); - goto fail; - } - free(p); - - kadm5_free_principal_ent(kadm_handle, &ent); - - /* - * Check kadmin/changepw@REALM - */ - - if (asprintf(&p, "kadmin/changepw@%s", realm) == -1) { - krb5_warn(context, errno, "asprintf"); - goto fail; - } - - ret = get_check_entry(p, &ent); - if (ret) { - printf("%s doesn't exist, " - "there is no way to do change password", p); - free(p); - goto fail; - } - free(p); - - kadm5_free_principal_ent(kadm_handle, &ent); - - /* - * Check for duplicate afs keys - */ - - p2 = strdup(realm); - if (p2 == NULL) { - krb5_warn(context, errno, "malloc"); - free(p); - goto fail; - } - strlwr(p2); - - if (asprintf(&p, "afs/%s@%s", p2, realm) == -1) { - krb5_warn(context, errno, "asprintf"); - free(p2); - goto fail; - } - free(p2); - - ret = get_check_entry(p, &ent); - free(p); - if (ret == 0) { - kadm5_free_principal_ent(kadm_handle, &ent); - found = 1; - } else - found = 0; - - if (asprintf(&p, "afs@%s", realm) == -1) { - krb5_warn(context, errno, "asprintf"); - goto fail; - } - - ret = get_check_entry(p, &ent); - free(p); - if (ret == 0) { - kadm5_free_principal_ent(kadm_handle, &ent); - if (found) { - krb5_warnx(context, "afs@REALM and afs/cellname@REALM both exists"); - goto fail; - } - } - - foreach_principal("*", do_check_entry, "check", NULL); - - free(realm); - return 0; -fail: - free(realm); - return 1; -} diff --git a/crypto/heimdal/kadmin/cpw.c b/crypto/heimdal/kadmin/cpw.c deleted file mode 100644 index c5fa9ed3994c..000000000000 --- a/crypto/heimdal/kadmin/cpw.c +++ /dev/null @@ -1,184 +0,0 @@ -/* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" -#include "kadmin-commands.h" - -RCSID("$Id: cpw.c 16755 2006-02-18 23:30:32Z lha $"); - -struct cpw_entry_data { - int random_key; - int random_password; - char *password; - krb5_key_data *key_data; -}; - -static int -set_random_key (krb5_principal principal) -{ - krb5_error_code ret; - int i; - krb5_keyblock *keys; - int num_keys; - - ret = kadm5_randkey_principal(kadm_handle, principal, &keys, &num_keys); - if(ret) - return ret; - for(i = 0; i < num_keys; i++) - krb5_free_keyblock_contents(context, &keys[i]); - free(keys); - return 0; -} - -static int -set_random_password (krb5_principal principal) -{ - krb5_error_code ret; - char pw[128]; - - random_password (pw, sizeof(pw)); - ret = kadm5_chpass_principal(kadm_handle, principal, pw); - if (ret == 0) { - char *princ_name; - - krb5_unparse_name(context, principal, &princ_name); - - printf ("%s's password set to \"%s\"\n", princ_name, pw); - free (princ_name); - } - memset (pw, 0, sizeof(pw)); - return ret; -} - -static int -set_password (krb5_principal principal, char *password) -{ - krb5_error_code ret = 0; - char pwbuf[128]; - - if(password == NULL) { - char *princ_name; - char *prompt; - - krb5_unparse_name(context, principal, &princ_name); - asprintf(&prompt, "%s's Password: ", princ_name); - free (princ_name); - ret = UI_UTIL_read_pw_string(pwbuf, sizeof(pwbuf), prompt, 1); - free (prompt); - if(ret){ - return 0; /* XXX error code? */ - } - password = pwbuf; - } - if(ret == 0) - ret = kadm5_chpass_principal(kadm_handle, principal, password); - memset(pwbuf, 0, sizeof(pwbuf)); - return ret; -} - -static int -set_key_data (krb5_principal principal, krb5_key_data *key_data) -{ - krb5_error_code ret; - - ret = kadm5_chpass_principal_with_key (kadm_handle, principal, - 3, key_data); - return ret; -} - -static int -do_cpw_entry(krb5_principal principal, void *data) -{ - struct cpw_entry_data *e = data; - - if (e->random_key) - return set_random_key (principal); - else if (e->random_password) - return set_random_password (principal); - else if (e->key_data) - return set_key_data (principal, e->key_data); - else - return set_password (principal, e->password); -} - -int -cpw_entry(struct passwd_options *opt, int argc, char **argv) -{ - krb5_error_code ret = 0; - int i; - struct cpw_entry_data data; - int num; - krb5_key_data key_data[3]; - - data.random_key = opt->random_key_flag; - data.random_password = opt->random_password_flag; - data.password = opt->password_string; - data.key_data = NULL; - - num = 0; - if (data.random_key) - ++num; - if (data.random_password) - ++num; - if (data.password) - ++num; - if (opt->key_string) - ++num; - - if (num > 1) { - fprintf (stderr, "give only one of " - "--random-key, --random-password, --password, --key\n"); - return 1; - } - - if (opt->key_string) { - const char *error; - - if (parse_des_key (opt->key_string, key_data, &error)) { - fprintf (stderr, "failed parsing key \"%s\": %s\n", - opt->key_string, error); - return 1; - } - data.key_data = key_data; - } - - for(i = 0; i < argc; i++) - ret = foreach_principal(argv[i], do_cpw_entry, "cpw", &data); - - if (data.key_data) { - int16_t dummy; - kadm5_free_key_data (kadm_handle, &dummy, key_data); - } - - return ret != 0; -} diff --git a/crypto/heimdal/kadmin/del.c b/crypto/heimdal/kadmin/del.c deleted file mode 100644 index a7db479135e6..000000000000 --- a/crypto/heimdal/kadmin/del.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" -#include "kadmin-commands.h" - -RCSID("$Id: del.c 16754 2006-02-18 23:29:43Z lha $"); - -static int -do_del_entry(krb5_principal principal, void *data) -{ - return kadm5_delete_principal(kadm_handle, principal); -} - -int -del_entry(void *opt, int argc, char **argv) -{ - int i; - krb5_error_code ret = 0; - - for(i = 0; i < argc; i++) { - ret = foreach_principal(argv[i], do_del_entry, "del", NULL); - if (ret) - break; - } - return ret != 0; -} diff --git a/crypto/heimdal/kadmin/del_enctype.c b/crypto/heimdal/kadmin/del_enctype.c deleted file mode 100644 index 26921f2d42d6..000000000000 --- a/crypto/heimdal/kadmin/del_enctype.c +++ /dev/null @@ -1,123 +0,0 @@ -/* - * Copyright (c) 1999-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" -#include "kadmin-commands.h" - -RCSID("$Id: del_enctype.c 16658 2006-01-25 12:29:46Z lha $"); - -/* - * del_enctype principal enctypes... - */ - -int -del_enctype(void *opt, int argc, char **argv) -{ - kadm5_principal_ent_rec princ; - krb5_principal princ_ent = NULL; - krb5_error_code ret; - const char *princ_name; - int i, j, k; - krb5_key_data *new_key_data; - int n_etypes; - krb5_enctype *etypes; - - memset (&princ, 0, sizeof(princ)); - princ_name = argv[0]; - n_etypes = argc - 1; - etypes = malloc (n_etypes * sizeof(*etypes)); - if (etypes == NULL) { - krb5_warnx (context, "out of memory"); - return 0; - } - argv++; - for (i = 0; i < n_etypes; ++i) { - ret = krb5_string_to_enctype (context, argv[i], &etypes[i]); - if (ret) { - krb5_warnx (context, "bad enctype \"%s\"", argv[i]); - goto out2; - } - } - - ret = krb5_parse_name(context, princ_name, &princ_ent); - if (ret) { - krb5_warn (context, ret, "krb5_parse_name %s", princ_name); - goto out2; - } - - ret = kadm5_get_principal(kadm_handle, princ_ent, &princ, - KADM5_PRINCIPAL | KADM5_KEY_DATA); - if (ret) { - krb5_free_principal (context, princ_ent); - krb5_warnx (context, "no such principal: %s", princ_name); - goto out2; - } - - new_key_data = malloc(princ.n_key_data * sizeof(*new_key_data)); - if (new_key_data == NULL) { - krb5_warnx (context, "out of memory"); - goto out; - } - - for (i = 0, j = 0; i < princ.n_key_data; ++i) { - krb5_key_data *key = &princ.key_data[i]; - int docopy = 1; - - for (k = 0; k < n_etypes; ++k) - if (etypes[k] == key->key_data_type[0]) { - docopy = 0; - break; - } - if (docopy) { - new_key_data[j++] = *key; - } else { - int16_t ignore = 1; - - kadm5_free_key_data (kadm_handle, &ignore, key); - } - } - - free (princ.key_data); - princ.n_key_data = j; - princ.key_data = new_key_data; - - ret = kadm5_modify_principal (kadm_handle, &princ, KADM5_KEY_DATA); - if (ret) - krb5_warn(context, ret, "kadm5_modify_principal"); -out: - krb5_free_principal (context, princ_ent); - kadm5_free_principal_ent(kadm_handle, &princ); -out2: - free (etypes); - return ret != 0; -} diff --git a/crypto/heimdal/kadmin/dump.c b/crypto/heimdal/kadmin/dump.c deleted file mode 100644 index 97ec667ba6f2..000000000000 --- a/crypto/heimdal/kadmin/dump.c +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" -#include "kadmin-commands.h" -#include - -RCSID("$Id: dump.c 14518 2005-01-19 17:09:56Z lha $"); - -extern int local_flag; - -int -dump(struct dump_options *opt, int argc, char **argv) -{ - krb5_error_code ret; - FILE *f; - HDB *db = NULL; - - if(!local_flag) { - krb5_warnx(context, "dump is only available in local (-l) mode"); - return 0; - } - - db = _kadm5_s_get_db(kadm_handle); - - if(argc == 0) - f = stdout; - else - f = fopen(argv[0], "w"); - - if(f == NULL) { - krb5_warn(context, errno, "open: %s", argv[0]); - goto out; - } - ret = db->hdb_open(context, db, O_RDONLY, 0600); - if(ret) { - krb5_warn(context, ret, "hdb_open"); - goto out; - } - - hdb_foreach(context, db, opt->decrypt_flag ? HDB_F_DECRYPT : 0, - hdb_print_entry, f); - - db->hdb_close(context, db); -out: - if(f && f != stdout) - fclose(f); - return 0; -} diff --git a/crypto/heimdal/kadmin/ext.c b/crypto/heimdal/kadmin/ext.c deleted file mode 100644 index f80272f65f1d..000000000000 --- a/crypto/heimdal/kadmin/ext.c +++ /dev/null @@ -1,139 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" -#include "kadmin-commands.h" - -RCSID("$Id: ext.c 16658 2006-01-25 12:29:46Z lha $"); - -struct ext_keytab_data { - krb5_keytab keytab; -}; - -static int -do_ext_keytab(krb5_principal principal, void *data) -{ - krb5_error_code ret; - kadm5_principal_ent_rec princ; - struct ext_keytab_data *e = data; - krb5_keytab_entry *keys = NULL; - krb5_keyblock *k = NULL; - int i, n_k; - - ret = kadm5_get_principal(kadm_handle, principal, &princ, - KADM5_PRINCIPAL|KADM5_KVNO|KADM5_KEY_DATA); - if(ret) - return ret; - - if (princ.n_key_data) { - keys = malloc(sizeof(*keys) * princ.n_key_data); - if (keys == NULL) { - kadm5_free_principal_ent(kadm_handle, &princ); - krb5_clear_error_string(context); - return ENOMEM; - } - for (i = 0; i < princ.n_key_data; i++) { - krb5_key_data *kd = &princ.key_data[i]; - - keys[i].principal = princ.principal; - keys[i].vno = kd->key_data_kvno; - keys[i].keyblock.keytype = kd->key_data_type[0]; - keys[i].keyblock.keyvalue.length = kd->key_data_length[0]; - keys[i].keyblock.keyvalue.data = kd->key_data_contents[0]; - keys[i].timestamp = time(NULL); - } - - n_k = princ.n_key_data; - } else { - ret = kadm5_randkey_principal(kadm_handle, principal, &k, &n_k); - if (ret) { - kadm5_free_principal_ent(kadm_handle, &princ); - return ret; - } - keys = malloc(sizeof(*keys) * n_k); - if (keys == NULL) { - kadm5_free_principal_ent(kadm_handle, &princ); - krb5_clear_error_string(context); - return ENOMEM; - } - for (i = 0; i < n_k; i++) { - keys[i].principal = principal; - keys[i].vno = princ.kvno + 1; /* XXX get entry again */ - keys[i].keyblock = k[i]; - keys[i].timestamp = time(NULL); - } - } - - for(i = 0; i < n_k; i++) { - ret = krb5_kt_add_entry(context, e->keytab, &keys[i]); - if(ret) - krb5_warn(context, ret, "krb5_kt_add_entry(%d)", i); - } - - if (k) { - memset(k, 0, n_k * sizeof(*k)); - free(k); - } - if (keys) - free(keys); - kadm5_free_principal_ent(kadm_handle, &princ); - return 0; -} - -int -ext_keytab(struct ext_keytab_options *opt, int argc, char **argv) -{ - krb5_error_code ret; - int i; - struct ext_keytab_data data; - - if (opt->keytab_string == NULL) - ret = krb5_kt_default(context, &data.keytab); - else - ret = krb5_kt_resolve(context, opt->keytab_string, &data.keytab); - - if(ret){ - krb5_warn(context, ret, "krb5_kt_resolve"); - return 1; - } - - for(i = 0; i < argc; i++) { - ret = foreach_principal(argv[i], do_ext_keytab, "ext", &data); - if (ret) - break; - } - - krb5_kt_close(context, data.keytab); - - return ret != 0; -} diff --git a/crypto/heimdal/kadmin/get.c b/crypto/heimdal/kadmin/get.c deleted file mode 100644 index 6e09f916d4f9..000000000000 --- a/crypto/heimdal/kadmin/get.c +++ /dev/null @@ -1,498 +0,0 @@ -/* - * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" -#include "kadmin-commands.h" -#include -#include - -RCSID("$Id: get.c 21745 2007-07-31 16:11:25Z lha $"); - -static struct field_name { - const char *fieldname; - unsigned int fieldvalue; - unsigned int subvalue; - uint32_t extra_mask; - const char *default_header; - const char *def_longheader; - unsigned int flags; -} field_names[] = { - { "principal", KADM5_PRINCIPAL, 0, 0, "Principal", "Principal", 0 }, - { "princ_expire_time", KADM5_PRINC_EXPIRE_TIME, 0, 0, "Expiration", "Principal expires", 0 }, - { "pw_expiration", KADM5_PW_EXPIRATION, 0, 0, "PW-exp", "Password expires", 0 }, - { "last_pwd_change", KADM5_LAST_PWD_CHANGE, 0, 0, "PW-change", "Last password change", 0 }, - { "max_life", KADM5_MAX_LIFE, 0, 0, "Max life", "Max ticket life", 0 }, - { "max_rlife", KADM5_MAX_RLIFE, 0, 0, "Max renew", "Max renewable life", 0 }, - { "mod_time", KADM5_MOD_TIME, 0, 0, "Mod time", "Last modified", 0 }, - { "mod_name", KADM5_MOD_NAME, 0, 0, "Modifier", "Modifier", 0 }, - { "attributes", KADM5_ATTRIBUTES, 0, 0, "Attributes", "Attributes", 0 }, - { "kvno", KADM5_KVNO, 0, 0, "Kvno", "Kvno", RTBL_ALIGN_RIGHT }, - { "mkvno", KADM5_MKVNO, 0, 0, "Mkvno", "Mkvno", RTBL_ALIGN_RIGHT }, - { "last_success", KADM5_LAST_SUCCESS, 0, 0, "Last login", "Last successful login", 0 }, - { "last_failed", KADM5_LAST_FAILED, 0, 0, "Last fail", "Last failed login", 0 }, - { "fail_auth_count", KADM5_FAIL_AUTH_COUNT, 0, 0, "Fail count", "Failed login count", RTBL_ALIGN_RIGHT }, - { "policy", KADM5_POLICY, 0, 0, "Policy", "Policy", 0 }, - { "keytypes", KADM5_KEY_DATA, 0, KADM5_PRINCIPAL, "Keytypes", "Keytypes", 0 }, - { "password", KADM5_TL_DATA, KRB5_TL_PASSWORD, KADM5_KEY_DATA, "Password", "Password", 0 }, - { "pkinit-acl", KADM5_TL_DATA, KRB5_TL_PKINIT_ACL, 0, "PK-INIT ACL", "PK-INIT ACL", 0 }, - { "aliases", KADM5_TL_DATA, KRB5_TL_ALIASES, 0, "Aliases", "Aliases", 0 }, - { NULL } -}; - -struct field_info { - struct field_name *ff; - char *header; - struct field_info *next; -}; - -struct get_entry_data { - void (*format)(struct get_entry_data*, kadm5_principal_ent_t); - rtbl_t table; - uint32_t mask; - uint32_t extra_mask; - struct field_info *chead, **ctail; -}; - -static int -add_column(struct get_entry_data *data, struct field_name *ff, const char *header) -{ - struct field_info *f = malloc(sizeof(*f)); - if (f == NULL) - return ENOMEM; - f->ff = ff; - if(header) - f->header = strdup(header); - else - f->header = NULL; - f->next = NULL; - *data->ctail = f; - data->ctail = &f->next; - data->mask |= ff->fieldvalue; - data->extra_mask |= ff->extra_mask; - if(data->table != NULL) - rtbl_add_column_by_id(data->table, ff->fieldvalue, - header ? header : ff->default_header, ff->flags); - return 0; -} - -/* - * return 0 iff `salt' actually is the same as the current salt in `k' - */ - -static int -cmp_salt (const krb5_salt *salt, const krb5_key_data *k) -{ - if (salt->salttype != k->key_data_type[1]) - return 1; - if (salt->saltvalue.length != k->key_data_length[1]) - return 1; - return memcmp (salt->saltvalue.data, k->key_data_contents[1], - salt->saltvalue.length); -} - -static void -format_keytype(krb5_key_data *k, krb5_salt *def_salt, char *buf, size_t buf_len) -{ - krb5_error_code ret; - char *s; - - ret = krb5_enctype_to_string (context, - k->key_data_type[0], - &s); - if (ret) - asprintf (&s, "unknown(%d)", k->key_data_type[0]); - strlcpy(buf, s, buf_len); - free(s); - - strlcat(buf, "(", buf_len); - - ret = krb5_salttype_to_string (context, - k->key_data_type[0], - k->key_data_type[1], - &s); - if (ret) - asprintf (&s, "unknown(%d)", k->key_data_type[1]); - strlcat(buf, s, buf_len); - free(s); - - if (cmp_salt(def_salt, k) == 0) - s = strdup(""); - else if(k->key_data_length[1] == 0) - s = strdup("()"); - else - asprintf (&s, "(%.*s)", k->key_data_length[1], - (char *)k->key_data_contents[1]); - strlcat(buf, s, buf_len); - free(s); - - strlcat(buf, ")", buf_len); -} - -static void -format_field(kadm5_principal_ent_t princ, unsigned int field, - unsigned int subfield, char *buf, size_t buf_len, int condensed) -{ - switch(field) { - case KADM5_PRINCIPAL: - if(condensed) - krb5_unparse_name_fixed_short(context, princ->principal, buf, buf_len); - else - krb5_unparse_name_fixed(context, princ->principal, buf, buf_len); - break; - - case KADM5_PRINC_EXPIRE_TIME: - time_t2str(princ->princ_expire_time, buf, buf_len, !condensed); - break; - - case KADM5_PW_EXPIRATION: - time_t2str(princ->pw_expiration, buf, buf_len, !condensed); - break; - - case KADM5_LAST_PWD_CHANGE: - time_t2str(princ->last_pwd_change, buf, buf_len, !condensed); - break; - - case KADM5_MAX_LIFE: - deltat2str(princ->max_life, buf, buf_len); - break; - - case KADM5_MAX_RLIFE: - deltat2str(princ->max_renewable_life, buf, buf_len); - break; - - case KADM5_MOD_TIME: - time_t2str(princ->mod_date, buf, buf_len, !condensed); - break; - - case KADM5_MOD_NAME: - if (princ->mod_name == NULL) - strlcpy(buf, "unknown", buf_len); - else if(condensed) - krb5_unparse_name_fixed_short(context, princ->mod_name, buf, buf_len); - else - krb5_unparse_name_fixed(context, princ->mod_name, buf, buf_len); - break; - case KADM5_ATTRIBUTES: - attributes2str (princ->attributes, buf, buf_len); - break; - case KADM5_KVNO: - snprintf(buf, buf_len, "%d", princ->kvno); - break; - case KADM5_MKVNO: - snprintf(buf, buf_len, "%d", princ->mkvno); - break; - case KADM5_LAST_SUCCESS: - time_t2str(princ->last_success, buf, buf_len, !condensed); - break; - case KADM5_LAST_FAILED: - time_t2str(princ->last_failed, buf, buf_len, !condensed); - break; - case KADM5_FAIL_AUTH_COUNT: - snprintf(buf, buf_len, "%d", princ->fail_auth_count); - break; - case KADM5_POLICY: - if(princ->policy != NULL) - strlcpy(buf, princ->policy, buf_len); - else - strlcpy(buf, "none", buf_len); - break; - case KADM5_KEY_DATA:{ - krb5_salt def_salt; - int i; - char buf2[1024]; - krb5_get_pw_salt (context, princ->principal, &def_salt); - - *buf = '\0'; - for (i = 0; i < princ->n_key_data; ++i) { - format_keytype(&princ->key_data[i], &def_salt, buf2, sizeof(buf2)); - if(i > 0) - strlcat(buf, ", ", buf_len); - strlcat(buf, buf2, buf_len); - } - krb5_free_salt (context, def_salt); - break; - } - case KADM5_TL_DATA: { - krb5_tl_data *tl; - - for (tl = princ->tl_data; tl != NULL; tl = tl->tl_data_next) - if (tl->tl_data_type == subfield) - break; - if (tl == NULL) { - strlcpy(buf, "", buf_len); - break; - } - - switch (subfield) { - case KRB5_TL_PASSWORD: - snprintf(buf, buf_len, "\"%.*s\"", - (int)tl->tl_data_length, - (const char *)tl->tl_data_contents); - break; - case KRB5_TL_PKINIT_ACL: { - HDB_Ext_PKINIT_acl acl; - size_t size; - int i, ret; - - ret = decode_HDB_Ext_PKINIT_acl(tl->tl_data_contents, - tl->tl_data_length, - &acl, - &size); - if (ret) { - snprintf(buf, buf_len, "failed to decode ACL"); - break; - } - - buf[0] = '\0'; - for (i = 0; i < acl.len; i++) { - strlcat(buf, "subject: ", buf_len); - strlcat(buf, acl.val[i].subject, buf_len); - if (acl.val[i].issuer) { - strlcat(buf, " issuer:", buf_len); - strlcat(buf, *acl.val[i].issuer, buf_len); - } - if (acl.val[i].anchor) { - strlcat(buf, " anchor:", buf_len); - strlcat(buf, *acl.val[i].anchor, buf_len); - } - if (i + 1 < acl.len) - strlcat(buf, ", ", buf_len); - } - free_HDB_Ext_PKINIT_acl(&acl); - break; - } - case KRB5_TL_ALIASES: { - HDB_Ext_Aliases alias; - size_t size; - int i, ret; - - ret = decode_HDB_Ext_Aliases(tl->tl_data_contents, - tl->tl_data_length, - &alias, - &size); - if (ret) { - snprintf(buf, buf_len, "failed to decode alias"); - break; - } - buf[0] = '\0'; - for (i = 0; i < alias.aliases.len; i++) { - char *p; - ret = krb5_unparse_name(context, &alias.aliases.val[i], &p); - if (ret) - break; - if (i < 0) - strlcat(buf, " ", buf_len); - strlcat(buf, p, buf_len); - free(p); - } - free_HDB_Ext_Aliases(&alias); - break; - } - default: - snprintf(buf, buf_len, "unknown type %d", subfield); - break; - } - break; - } - default: - strlcpy(buf, "", buf_len); - break; - } -} - -static void -print_entry_short(struct get_entry_data *data, kadm5_principal_ent_t princ) -{ - char buf[1024]; - struct field_info *f; - - for(f = data->chead; f != NULL; f = f->next) { - format_field(princ, f->ff->fieldvalue, f->ff->subvalue, buf, sizeof(buf), 1); - rtbl_add_column_entry_by_id(data->table, f->ff->fieldvalue, buf); - } -} - -static void -print_entry_long(struct get_entry_data *data, kadm5_principal_ent_t princ) -{ - char buf[1024]; - struct field_info *f; - int width = 0; - - for(f = data->chead; f != NULL; f = f->next) { - int w = strlen(f->header ? f->header : f->ff->def_longheader); - if(w > width) - width = w; - } - for(f = data->chead; f != NULL; f = f->next) { - format_field(princ, f->ff->fieldvalue, f->ff->subvalue, buf, sizeof(buf), 0); - printf("%*s: %s\n", width, f->header ? f->header : f->ff->def_longheader, buf); - } - printf("\n"); -} - -static int -do_get_entry(krb5_principal principal, void *data) -{ - kadm5_principal_ent_rec princ; - krb5_error_code ret; - struct get_entry_data *e = data; - - memset(&princ, 0, sizeof(princ)); - ret = kadm5_get_principal(kadm_handle, principal, - &princ, - e->mask | e->extra_mask); - if(ret) - return ret; - else { - (e->format)(e, &princ); - kadm5_free_principal_ent(kadm_handle, &princ); - } - return 0; -} - -static void -free_columns(struct get_entry_data *data) -{ - struct field_info *f, *next; - for(f = data->chead; f != NULL; f = next) { - free(f->header); - next = f->next; - free(f); - } - data->chead = NULL; - data->ctail = &data->chead; -} - -static int -setup_columns(struct get_entry_data *data, const char *column_info) -{ - char buf[1024], *q; - char *field, *header; - struct field_name *f; - - while(strsep_copy(&column_info, ",", buf, sizeof(buf)) != -1) { - q = buf; - field = strsep(&q, "="); - header = strsep(&q, "="); - for(f = field_names; f->fieldname != NULL; f++) { - if(strcasecmp(field, f->fieldname) == 0) { - add_column(data, f, header); - break; - } - } - if(f->fieldname == NULL) { - krb5_warnx(context, "unknown field name \"%s\"", field); - free_columns(data); - return -1; - } - } - return 0; -} - -#define DEFAULT_COLUMNS_SHORT "principal,princ_expire_time,pw_expiration,last_pwd_change,max_life,max_rlife" -#define DEFAULT_COLUMNS_LONG "principal,princ_expire_time,pw_expiration,last_pwd_change,max_life,max_rlife,kvno,mkvno,last_success,last_failed,fail_auth_count,mod_time,mod_name,attributes,keytypes,pkinit-acl,aliases" -#define DEFAULT_COLUMNS_TERSE "principal=" - -static int -getit(struct get_options *opt, const char *name, int argc, char **argv) -{ - int i; - krb5_error_code ret; - struct get_entry_data data; - - if(opt->long_flag == -1 && (opt->short_flag == 1 || opt->terse_flag == 1)) - opt->long_flag = 0; - if(opt->short_flag == -1 && (opt->long_flag == 1 || opt->terse_flag == 1)) - opt->short_flag = 0; - if(opt->terse_flag == -1 && (opt->long_flag == 1 || opt->short_flag == 1)) - opt->terse_flag = 0; - if(opt->long_flag == 0 && opt->short_flag == 0 && opt->terse_flag == 0) - opt->short_flag = 1; - - data.table = NULL; - data.chead = NULL; - data.ctail = &data.chead; - data.mask = 0; - data.extra_mask = 0; - - if(opt->short_flag || opt->terse_flag) { - data.table = rtbl_create(); - rtbl_set_separator(data.table, " "); - data.format = print_entry_short; - } else - data.format = print_entry_long; - if(opt->column_info_string == NULL) { - if(opt->long_flag) - ret = setup_columns(&data, DEFAULT_COLUMNS_LONG); - else if(opt->short_flag) - ret = setup_columns(&data, DEFAULT_COLUMNS_SHORT); - else { - ret = setup_columns(&data, DEFAULT_COLUMNS_TERSE); - rtbl_set_flags(data.table, RTBL_HEADER_STYLE_NONE); - } - } else - ret = setup_columns(&data, opt->column_info_string); - - if(ret != 0) { - if(data.table != NULL) - rtbl_destroy(data.table); - return 0; - } - - for(i = 0; i < argc; i++) - ret = foreach_principal(argv[i], do_get_entry, "get", &data); - - if(data.table != NULL) { - rtbl_format(data.table, stdout); - rtbl_destroy(data.table); - } - free_columns(&data); - return ret != 0; -} - -int -get_entry(struct get_options *opt, int argc, char **argv) -{ - return getit(opt, "get", argc, argv); -} - -int -list_princs(struct list_options *opt, int argc, char **argv) -{ - if(sizeof(struct get_options) != sizeof(struct list_options)) { - krb5_warnx(context, "programmer error: sizeof(struct get_options) != sizeof(struct list_options)"); - return 0; - } - return getit((struct get_options*)opt, "list", argc, argv); -} diff --git a/crypto/heimdal/kadmin/init.c b/crypto/heimdal/kadmin/init.c deleted file mode 100644 index 8b512f94f2d3..000000000000 --- a/crypto/heimdal/kadmin/init.c +++ /dev/null @@ -1,248 +0,0 @@ -/* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" -#include "kadmin-commands.h" -#include - -RCSID("$Id: init.c 17447 2006-05-05 10:52:01Z lha $"); - -static kadm5_ret_t -create_random_entry(krb5_principal princ, - unsigned max_life, - unsigned max_rlife, - uint32_t attributes) -{ - kadm5_principal_ent_rec ent; - kadm5_ret_t ret; - int mask = 0; - krb5_keyblock *keys; - int n_keys, i; - char *name; - const char *password; - char pwbuf[512]; - - random_password(pwbuf, sizeof(pwbuf)); - password = pwbuf; - - ret = krb5_unparse_name(context, princ, &name); - if (ret) { - krb5_warn(context, ret, "failed to unparse principal name"); - return ret; - } - - memset(&ent, 0, sizeof(ent)); - ent.principal = princ; - mask |= KADM5_PRINCIPAL; - if (max_life) { - ent.max_life = max_life; - mask |= KADM5_MAX_LIFE; - } - if (max_rlife) { - ent.max_renewable_life = max_rlife; - mask |= KADM5_MAX_RLIFE; - } - ent.attributes |= attributes | KRB5_KDB_DISALLOW_ALL_TIX; - mask |= KADM5_ATTRIBUTES; - - /* Create the entry with a random password */ - ret = kadm5_create_principal(kadm_handle, &ent, mask, password); - if(ret) { - krb5_warn(context, ret, "create_random_entry(%s): randkey failed", - name); - goto out; - } - - /* Replace the string2key based keys with real random bytes */ - ret = kadm5_randkey_principal(kadm_handle, princ, &keys, &n_keys); - if(ret) { - krb5_warn(context, ret, "create_random_entry*%s): randkey failed", - name); - goto out; - } - for(i = 0; i < n_keys; i++) - krb5_free_keyblock_contents(context, &keys[i]); - free(keys); - ret = kadm5_get_principal(kadm_handle, princ, &ent, - KADM5_PRINCIPAL | KADM5_ATTRIBUTES); - if(ret) { - krb5_warn(context, ret, "create_random_entry(%s): " - "unable to get principal", name); - goto out; - } - ent.attributes &= (~KRB5_KDB_DISALLOW_ALL_TIX); - ent.kvno = 1; - ret = kadm5_modify_principal(kadm_handle, &ent, - KADM5_ATTRIBUTES|KADM5_KVNO); - kadm5_free_principal_ent (kadm_handle, &ent); - if(ret) { - krb5_warn(context, ret, "create_random_entry(%s): " - "unable to modify principal", name); - goto out; - } - out: - free(name); - return ret; -} - -extern int local_flag; - -int -init(struct init_options *opt, int argc, char **argv) -{ - kadm5_ret_t ret; - int i; - HDB *db; - krb5_deltat max_life, max_rlife; - - if(!local_flag) { - krb5_warnx(context, "init is only available in local (-l) mode"); - return 0; - } - - if (opt->realm_max_ticket_life_string) { - if (str2deltat (opt->realm_max_ticket_life_string, &max_life) != 0) { - krb5_warnx (context, "unable to parse \"%s\"", - opt->realm_max_ticket_life_string); - return 0; - } - } - if (opt->realm_max_renewable_life_string) { - if (str2deltat (opt->realm_max_renewable_life_string, &max_rlife) != 0) { - krb5_warnx (context, "unable to parse \"%s\"", - opt->realm_max_renewable_life_string); - return 0; - } - } - - db = _kadm5_s_get_db(kadm_handle); - - ret = db->hdb_open(context, db, O_RDWR | O_CREAT, 0600); - if(ret){ - krb5_warn(context, ret, "hdb_open"); - return 0; - } - db->hdb_close(context, db); - for(i = 0; i < argc; i++){ - krb5_principal princ; - const char *realm = argv[i]; - - /* Create `krbtgt/REALM' */ - ret = krb5_make_principal(context, &princ, realm, - KRB5_TGS_NAME, realm, NULL); - if(ret) - return 0; - if (opt->realm_max_ticket_life_string == NULL) { - max_life = 0; - if(edit_deltat ("Realm max ticket life", &max_life, NULL, 0)) { - krb5_free_principal(context, princ); - return 0; - } - } - if (opt->realm_max_renewable_life_string == NULL) { - max_rlife = 0; - if(edit_deltat("Realm max renewable ticket life", &max_rlife, - NULL, 0)) { - krb5_free_principal(context, princ); - return 0; - } - } - create_random_entry(princ, max_life, max_rlife, 0); - krb5_free_principal(context, princ); - - /* Create `kadmin/changepw' */ - krb5_make_principal(context, &princ, realm, - "kadmin", "changepw", NULL); - /* - * The Windows XP (at least) password changing protocol - * request the `kadmin/changepw' ticket with `renewable_ok, - * renewable, forwardable' and so fails if we disallow - * forwardable here. - */ - create_random_entry(princ, 5*60, 5*60, - KRB5_KDB_DISALLOW_TGT_BASED| - KRB5_KDB_PWCHANGE_SERVICE| - KRB5_KDB_DISALLOW_POSTDATED| - KRB5_KDB_DISALLOW_RENEWABLE| - KRB5_KDB_DISALLOW_PROXIABLE| - KRB5_KDB_REQUIRES_PRE_AUTH); - krb5_free_principal(context, princ); - - /* Create `kadmin/admin' */ - krb5_make_principal(context, &princ, realm, - "kadmin", "admin", NULL); - create_random_entry(princ, 60*60, 60*60, KRB5_KDB_REQUIRES_PRE_AUTH); - krb5_free_principal(context, princ); - - /* Create `changepw/kerberos' (for v4 compat) */ - krb5_make_principal(context, &princ, realm, - "changepw", "kerberos", NULL); - create_random_entry(princ, 60*60, 60*60, - KRB5_KDB_DISALLOW_TGT_BASED| - KRB5_KDB_PWCHANGE_SERVICE); - - krb5_free_principal(context, princ); - - /* Create `kadmin/hprop' for database propagation */ - krb5_make_principal(context, &princ, realm, - "kadmin", "hprop", NULL); - create_random_entry(princ, 60*60, 60*60, - KRB5_KDB_REQUIRES_PRE_AUTH| - KRB5_KDB_DISALLOW_TGT_BASED); - krb5_free_principal(context, princ); - - /* Create `default' */ - { - kadm5_principal_ent_rec ent; - int mask = 0; - - memset (&ent, 0, sizeof(ent)); - mask |= KADM5_PRINCIPAL; - krb5_make_principal(context, &ent.principal, realm, - "default", NULL); - mask |= KADM5_MAX_LIFE; - ent.max_life = 24 * 60 * 60; - mask |= KADM5_MAX_RLIFE; - ent.max_renewable_life = 7 * ent.max_life; - ent.attributes = KRB5_KDB_DISALLOW_ALL_TIX; - mask |= KADM5_ATTRIBUTES; - - ret = kadm5_create_principal(kadm_handle, &ent, mask, ""); - if (ret) - krb5_err (context, 1, ret, "kadm5_create_principal"); - - krb5_free_principal(context, ent.principal); - } - } - return 0; -} diff --git a/crypto/heimdal/kadmin/kadm_conn.c b/crypto/heimdal/kadmin/kadm_conn.c deleted file mode 100644 index f2a0828ed859..000000000000 --- a/crypto/heimdal/kadmin/kadm_conn.c +++ /dev/null @@ -1,284 +0,0 @@ -/* - * Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" -#ifdef HAVE_SYS_WAIT_H -#include -#endif - -RCSID("$Id: kadm_conn.c 16007 2005-09-01 18:49:57Z lha $"); - -struct kadm_port { - char *port; - unsigned short def_port; - struct kadm_port *next; -} *kadm_ports; - -static void -add_kadm_port(krb5_context context, const char *service, unsigned int port) -{ - struct kadm_port *p; - p = malloc(sizeof(*p)); - if(p == NULL) { - krb5_warnx(context, "failed to allocate %lu bytes\n", - (unsigned long)sizeof(*p)); - return; - } - - p->port = strdup(service); - p->def_port = port; - - p->next = kadm_ports; - kadm_ports = p; -} - -static void -add_standard_ports (krb5_context context) -{ - add_kadm_port(context, "kerberos-adm", 749); -} - -/* - * parse the set of space-delimited ports in `str' and add them. - * "+" => all the standard ones - * otherwise it's port|service[/protocol] - */ - -void -parse_ports(krb5_context context, const char *str) -{ - char p[128]; - - while(strsep_copy(&str, " \t", p, sizeof(p)) != -1) { - if(strcmp(p, "+") == 0) - add_standard_ports(context); - else - add_kadm_port(context, p, 0); - } -} - -static pid_t pgrp; -sig_atomic_t term_flag, doing_useful_work; - -static RETSIGTYPE -sigchld(int sig) -{ - int status; - waitpid(-1, &status, 0); - SIGRETURN(0); -} - -static RETSIGTYPE -terminate(int sig) -{ - if(getpid() == pgrp) { - /* parent */ - term_flag = 1; - signal(sig, SIG_IGN); - killpg(pgrp, sig); - } else { - /* child */ - if(doing_useful_work) - term_flag = 1; - else - exit(0); - } - SIGRETURN(0); -} - -static int -spawn_child(krb5_context context, int *socks, int num_socks, int this_sock) -{ - int e, i; - struct sockaddr_storage __ss; - struct sockaddr *sa = (struct sockaddr *)&__ss; - socklen_t sa_size = sizeof(__ss); - int s; - pid_t pid; - krb5_address addr; - char buf[128]; - size_t buf_len; - - s = accept(socks[this_sock], sa, &sa_size); - if(s < 0) { - krb5_warn(context, errno, "accept"); - return 1; - } - e = krb5_sockaddr2address(context, sa, &addr); - if(e) - krb5_warn(context, e, "krb5_sockaddr2address"); - else { - e = krb5_print_address (&addr, buf, sizeof(buf), - &buf_len); - if(e) - krb5_warn(context, e, "krb5_print_address"); - else - krb5_warnx(context, "connection from %s", buf); - krb5_free_address(context, &addr); - } - - pid = fork(); - if(pid == 0) { - for(i = 0; i < num_socks; i++) - close(socks[i]); - dup2(s, STDIN_FILENO); - dup2(s, STDOUT_FILENO); - if(s != STDIN_FILENO && s != STDOUT_FILENO) - close(s); - return 0; - } else { - close(s); - } - return 1; -} - -static int -wait_for_connection(krb5_context context, - int *socks, int num_socks) -{ - int i, e; - fd_set orig_read_set, read_set; - int max_fd = -1; - - FD_ZERO(&orig_read_set); - - for(i = 0; i < num_socks; i++) { - if (socks[i] >= FD_SETSIZE) - errx (1, "fd too large"); - FD_SET(socks[i], &orig_read_set); - max_fd = max(max_fd, socks[i]); - } - - pgrp = getpid(); - - if(setpgid(0, pgrp) < 0) - err(1, "setpgid"); - - signal(SIGTERM, terminate); - signal(SIGINT, terminate); - signal(SIGCHLD, sigchld); - - while (term_flag == 0) { - read_set = orig_read_set; - e = select(max_fd + 1, &read_set, NULL, NULL, NULL); - if(e < 0) { - if(errno != EINTR) - krb5_warn(context, errno, "select"); - } else if(e == 0) - krb5_warnx(context, "select returned 0"); - else { - for(i = 0; i < num_socks; i++) { - if(FD_ISSET(socks[i], &read_set)) - if(spawn_child(context, socks, num_socks, i) == 0) - return 0; - } - } - } - signal(SIGCHLD, SIG_IGN); - while(1) { - int status; - pid_t pid; - pid = waitpid(-1, &status, 0); - if(pid == -1 && errno == ECHILD) - break; - } - exit(0); -} - - -int -start_server(krb5_context context) -{ - int e; - struct kadm_port *p; - - int *socks = NULL, *tmp; - int num_socks = 0; - int i; - - for(p = kadm_ports; p; p = p->next) { - struct addrinfo hints, *ai, *ap; - char portstr[32]; - memset (&hints, 0, sizeof(hints)); - hints.ai_flags = AI_PASSIVE; - hints.ai_socktype = SOCK_STREAM; - - e = getaddrinfo(NULL, p->port, &hints, &ai); - if(e) { - snprintf(portstr, sizeof(portstr), "%u", p->def_port); - e = getaddrinfo(NULL, portstr, &hints, &ai); - } - - if(e) { - krb5_warn(context, krb5_eai_to_heim_errno(e, errno), - "%s", portstr); - continue; - } - i = 0; - for(ap = ai; ap; ap = ap->ai_next) - i++; - tmp = realloc(socks, (num_socks + i) * sizeof(*socks)); - if(tmp == NULL) { - krb5_warnx(context, "failed to reallocate %lu bytes", - (unsigned long)(num_socks + i) * sizeof(*socks)); - continue; - } - socks = tmp; - for(ap = ai; ap; ap = ap->ai_next) { - int s = socket(ap->ai_family, ap->ai_socktype, ap->ai_protocol); - if(s < 0) { - krb5_warn(context, errno, "socket"); - continue; - } - - socket_set_reuseaddr(s, 1); - socket_set_ipv6only(s, 1); - - if (bind (s, ap->ai_addr, ap->ai_addrlen) < 0) { - krb5_warn(context, errno, "bind"); - close(s); - continue; - } - if (listen (s, SOMAXCONN) < 0) { - krb5_warn(context, errno, "listen"); - close(s); - continue; - } - socks[num_socks++] = s; - } - freeaddrinfo (ai); - } - if(num_socks == 0) - krb5_errx(context, 1, "no sockets to listen to - exiting"); - return wait_for_connection(context, socks, num_socks); -} diff --git a/crypto/heimdal/kadmin/kadmin-commands.in b/crypto/heimdal/kadmin/kadmin-commands.in deleted file mode 100644 index 019b99ce14bc..000000000000 --- a/crypto/heimdal/kadmin/kadmin-commands.in +++ /dev/null @@ -1,420 +0,0 @@ -/* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $Id: kadmin-commands.in 21969 2007-10-18 18:51:11Z lha $ */ - -command = { - name = "stash" - name = "kstash" - option = { - long = "enctype" - short = "e" - type = "string" - help = "encryption type" - default = "des3-cbc-sha1" - } - option = { - long = "key-file" - short = "k" - type = "string" - argument = "file" - help = "master key file" - } - option = { - long = "convert-file" - type = "flag" - help = "just convert keyfile to new format" - } - option = { - long = "master-key-fd" - type = "integer" - argument = "fd" - help = "filedescriptor to read passphrase from" - default = "-1" - } - help = "Writes the Kerberos master key to a file used by the KDC. \nLocal (-l) mode only." -} -command = { - name = "dump" - option = { - long = "decrypt" - short = "d" - type = "flag" - help = "decrypt keys" - } - argument = "[dump-file]" - min_args = "0" - max_args = "1" - help = "Dumps the database in a human readable format to the specified file, \nor the standard out. Local (-l) mode only." -} - -command = { - name = "init" - option = { - long = "realm-max-ticket-life" - type = "string" - help = "realm max ticket lifetime" - } - option = { - long = "realm-max-renewable-life" - type = "string" - help = "realm max renewable lifetime" - } - argument = "realm..." - min_args = "1" - help = "Initializes the default principals for a realm. Creates the database\nif necessary. Local (-l) mode only." -} -command = { - name = "load" - argument = "file" - min_args = "1" - max_args = "1" - help = "Loads a previously dumped file. Local (-l) mode only." -} -command = { - name = "merge" - argument = "file" - min_args = "1" - max_args = "1" - help = "Merges the contents of a dump file into the database. Local (-l) mode only." -} -command = { - name = "add" - name = "ank" - name = "add_new_key" - function = "add_new_key" - option = { - long = "random-key" - short = "r" - type = "flag" - help = "set random key" - } - option = { - long = "random-password" - type = "flag" - help = "set random password" - } - option = { - long = "password" - short = "p" - type = "string" - help = "principal's password" - } - option = { - long = "key" - type = "string" - help = "DES-key in hex" - } - option = { - long = "max-ticket-life" - type = "string" - argument ="lifetime" - help = "max ticket lifetime" - } - option = { - long = "max-renewable-life" - type = "string" - argument = "lifetime" - help = "max renewable life" - } - option = { - long = "attributes" - type = "string" - argument = "attributes" - help = "principal attributes" - } - option = { - long = "expiration-time" - type = "string" - argument = "time" - help = "principal expiration time" - } - option = { - long = "pw-expiration-time" - type = "string" - argument = "time" - help = "password expiration time" - } - option = { - long = "use-defaults" - type = "flag" - help = "use default values" - } - argument = "principal..." - min_args = "1" - help = "Adds a principal to the database." -} -command = { - name = "passwd" - name = "cpw" - name = "change_password" - function = "cpw_entry" - option = { - long = "random-key" - short = "r" - type = "flag" - help = "set random key" - } - option = { - long = "random-password" - type = "flag" - help = "set random password" - } - option = { - long = "password" - short = "p" - type = "string" - help = "princial's password" - } - option = { - long = "key" - type = "string" - help = "DES key in hex" - } - argument = "principal..." - min_args = "1" - help = "Changes the password of one or more principals matching the expressions." -} -command = { - name = "delete" - name = "del" - name = "del_entry" - function = "del_entry" - argument = "principal..." - min_args = "1" - help = "Deletes all principals matching the expressions." -} -command = { - name = "del_enctype" - argument = "principal enctype..." - min_args = "2" - help = "Delete all the mentioned enctypes for principal." -} -command = { - name = "add_enctype" - option = { - long = "random-key" - short = "r" - type = "flag" - help = "set random key" - } - argument = "principal enctype..." - min_args = "2" - help = "Add new enctypes for principal." -} -command = { - name = "ext_keytab" - option = { - long = "keytab" - short = "k" - type = "string" - help = "keytab to use" - } - argument = "principal..." - min_args = "1" - help = "Extracts the keys of all principals matching the expressions, and stores them in a keytab." -} -command = { - name = "get" - name = "get_entry" - function = "get_entry" - /* XXX sync options with "list" */ - option = { - long = "long" - short = "l" - type = "flag" - help = "long format" - default = "-1" - } - option = { - long = "short" - short = "s" - type = "flag" - help = "short format" - } - option = { - long = "terse" - short = "t" - type = "flag" - help = "terse format" - } - option = { - long = "column-info" - short = "o" - type = "string" - help = "columns to print for short output" - } - argument = "principal..." - min_args = "1" - help = "Shows information about principals matching the expressions." -} -command = { - name = "rename" - function = "rename_entry" - argument = "from to" - min_args = "2" - max_args = "2" - help = "Renames a principal." -} -command = { - name = "modify" - function = "mod_entry" - option = { - long = "max-ticket-life" - type = "string" - argument ="lifetime" - help = "max ticket lifetime" - } - option = { - long = "max-renewable-life" - type = "string" - argument = "lifetime" - help = "max renewable life" - } - option = { - long = "attributes" - short = "a" - type = "string" - argument = "attributes" - help = "principal attributes" - } - option = { - long = "expiration-time" - type = "string" - argument = "time" - help = "principal expiration time" - } - option = { - long = "pw-expiration-time" - type = "string" - argument = "time" - help = "password expiration time" - } - option = { - long = "kvno" - type = "integer" - help = "key version number" - default = "-1" - } - option = { - long = "constrained-delegation" - type = "strings" - argument = "principal" - help = "allowed target principals" - } - option = { - long = "alias" - type = "strings" - argument = "principal" - help = "aliases" - } - option = { - long = "pkinit-acl" - type = "strings" - argument = "subject dn" - help = "aliases" - } - argument = "principal" - min_args = "1" - max_args = "1" - help = "Modifies some attributes of the specified principal." -} -command = { - name = "privileges" - name = "privs" - function = "get_privs" - help = "Shows which operations you are allowed to perform." -} -command = { - name = "list" - function = "list_princs" - /* XXX sync options with "get" */ - option = { - long = "long" - short = "l" - type = "flag" - help = "long format" - } - option = { - long = "short" - short = "s" - type = "flag" - help = "short format" - } - option = { - long = "terse" - short = "t" - type = "flag" - help = "terse format" - default = "-1" - } - option = { - long = "column-info" - short = "o" - type = "string" - help = "columns to print for short output" - } - argument = "principal..." - min_args = "1" - help = "Lists principals in a terse format. Equivalent to \"get -t\"." -} -command = { - name = "verify-password-quality" - name = "pwq" - function = "password_quality" - argument = "principal password" - min_args = "2" - max_args = "2" - help = "Try run the password quality function locally (not doing RPC out to server)." -} -command = { - name = "check" - function = "check" - argument = "[realm]" - min_args = "0" - max_args = "1" - help = "Check the realm (if not given, the default realm) for configuration errors." -} -command = { - name = "help" - name = "?" - argument = "[command]" - min_args = "0" - max_args = "1" - help = "Help! I need somebody." -} -command = { - name = "exit" - name = "quit" - function = "exit_kadmin" - help = "Quits." -} diff --git a/crypto/heimdal/kadmin/kadmin.8 b/crypto/heimdal/kadmin/kadmin.8 deleted file mode 100644 index 06fe3d09b262..000000000000 --- a/crypto/heimdal/kadmin/kadmin.8 +++ /dev/null @@ -1,414 +0,0 @@ -.\" Copyright (c) 2000 - 2007 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kadmin.8 21739 2007-07-31 15:55:32Z lha $ -.\" -.Dd Feb 22, 2007 -.Dt KADMIN 8 -.Os HEIMDAL -.Sh NAME -.Nm kadmin -.Nd Kerberos administration utility -.Sh SYNOPSIS -.Nm -.Bk -words -.Oo Fl p Ar string \*(Ba Xo -.Fl -principal= Ns Ar string -.Xc -.Oc -.Oo Fl K Ar string \*(Ba Xo -.Fl -keytab= Ns Ar string -.Xc -.Oc -.Oo Fl c Ar file \*(Ba Xo -.Fl -config-file= Ns Ar file -.Xc -.Oc -.Oo Fl k Ar file \*(Ba Xo -.Fl -key-file= Ns Ar file -.Xc -.Oc -.Oo Fl r Ar realm \*(Ba Xo -.Fl -realm= Ns Ar realm -.Xc -.Oc -.Oo Fl a Ar host \*(Ba Xo -.Fl -admin-server= Ns Ar host -.Xc -.Oc -.Oo Fl s Ar port number \*(Ba Xo -.Fl -server-port= Ns Ar port number -.Xc -.Oc -.Op Fl l | Fl -local -.Op Fl h | Fl -help -.Op Fl v | Fl -version -.Op Ar command -.Ek -.Sh DESCRIPTION -The -.Nm -program is used to make modifications to the Kerberos database, either remotely via the -.Xr kadmind 8 -daemon, or locally (with the -.Fl l -option). -.Pp -Supported options: -.Bl -tag -width Ds -.It Xo -.Fl p Ar string , -.Fl -principal= Ns Ar string -.Xc -principal to authenticate as -.It Xo -.Fl K Ar string , -.Fl -keytab= Ns Ar string -.Xc -keytab for authentication principal -.It Xo -.Fl c Ar file , -.Fl -config-file= Ns Ar file -.Xc -location of config file -.It Xo -.Fl k Ar file , -.Fl -key-file= Ns Ar file -.Xc -location of master key file -.It Xo -.Fl r Ar realm , -.Fl -realm= Ns Ar realm -.Xc -realm to use -.It Xo -.Fl a Ar host , -.Fl -admin-server= Ns Ar host -.Xc -server to contact -.It Xo -.Fl s Ar port number , -.Fl -server-port= Ns Ar port number -.Xc -port to use -.It Xo -.Fl l , -.Fl -local -.Xc -local admin mode -.El -.Pp -If no -.Ar command -is given on the command line, -.Nm -will prompt for commands to process. Some of the commands that take -one or more principals as argument -.Ns ( Nm delete , -.Nm ext_keytab , -.Nm get , -.Nm modify , -and -.Nm passwd ) -will accept a glob style wildcard, and perform the operation on all -matching principals. -.Pp -Commands include: -.\" not using a list here, since groff apparently gets confused -.\" with nested Xo/Xc -.Bd -ragged -offset indent -.Nm add -.Op Fl r | Fl -random-key -.Op Fl -random-password -.Oo Fl p Ar string \*(Ba Xo -.Fl -password= Ns Ar string -.Xc -.Oc -.Op Fl -key= Ns Ar string -.Op Fl -max-ticket-life= Ns Ar lifetime -.Op Fl -max-renewable-life= Ns Ar lifetime -.Op Fl -attributes= Ns Ar attributes -.Op Fl -expiration-time= Ns Ar time -.Op Fl -pw-expiration-time= Ns Ar time -.Ar principal... -.Pp -.Bd -ragged -offset indent -Adds a new principal to the database. The options not passed on the -command line will be promped for. -.Ed -.Pp -.Nm add_enctype -.Op Fl r | Fl -random-key -.Ar principal enctypes... -.Pp -.Bd -ragged -offset indent -Adds a new encryption type to the principal, only random key are -supported. -.Ed -.Pp -.Nm delete -.Ar principal... -.Pp -.Bd -ragged -offset indent -Removes a principal. -.Ed -.Pp -.Nm del_enctype -.Ar principal enctypes... -.Pp -.Bd -ragged -offset indent -Removes some enctypes from a principal; this can be useful if the -service belonging to the principal is known to not handle certain -enctypes. -.Ed -.Pp -.Nm ext_keytab -.Oo Fl k Ar string \*(Ba Xo -.Fl -keytab= Ns Ar string -.Xc -.Oc -.Ar principal... -.Pp -.Bd -ragged -offset indent -Creates a keytab with the keys of the specified principals. -.Ed -.Pp -.Nm get -.Op Fl l | Fl -long -.Op Fl s | Fl -short -.Op Fl t | Fl -terse -.Op Fl o Ar string | Fl -column-info= Ns Ar string -.Ar principal... -.Pp -.Bd -ragged -offset indent -Lists the matching principals, short prints the result as a table, -while long format produces a more verbose output. Which columns to -print can be selected with the -.Fl o -option. The argument is a comma separated list of column names -optionally appended with an equal sign -.Pq Sq = -and a column header. Which columns are printed by default differ -slightly between short and long output. -.Pp -The default terse output format is similar to -.Fl s o Ar principal= , -just printing the names of matched principals. -.Pp -Possible column names include: -.Li principal , -.Li princ_expire_time , -.Li pw_expiration , -.Li last_pwd_change , -.Li max_life , -.Li max_rlife , -.Li mod_time , -.Li mod_name , -.Li attributes , -.Li kvno , -.Li mkvno , -.Li last_success , -.Li last_failed , -.Li fail_auth_count , -.Li policy , -and -.Li keytypes . -.Ed -.Pp -.Nm modify -.Oo Fl a Ar attributes \*(Ba Xo -.Fl -attributes= Ns Ar attributes -.Xc -.Oc -.Op Fl -max-ticket-life= Ns Ar lifetime -.Op Fl -max-renewable-life= Ns Ar lifetime -.Op Fl -expiration-time= Ns Ar time -.Op Fl -pw-expiration-time= Ns Ar time -.Op Fl -kvno= Ns Ar number -.Ar principal... -.Pp -.Bd -ragged -offset indent -Modifies certain attributes of a principal. If run without command -line options, you will be prompted. With command line options, it will -only change the ones specified. -.Pp -Possible attributes are: -.Li new-princ , -.Li support-desmd5 , -.Li pwchange-service , -.Li disallow-svr , -.Li requires-pw-change , -.Li requires-hw-auth , -.Li requires-pre-auth , -.Li disallow-all-tix , -.Li disallow-dup-skey , -.Li disallow-proxiable , -.Li disallow-renewable , -.Li disallow-tgt-based , -.Li disallow-forwardable , -.Li disallow-postdated -.Pp -Attributes may be negated with a "-", e.g., -.Pp -kadmin -l modify -a -disallow-proxiable user -.Ed -.Pp -.Nm passwd -.Op Fl r | Fl -random-key -.Op Fl -random-password -.Oo Fl p Ar string \*(Ba Xo -.Fl -password= Ns Ar string -.Xc -.Oc -.Op Fl -key= Ns Ar string -.Ar principal... -.Pp -.Bd -ragged -offset indent -Changes the password of an existing principal. -.Ed -.Pp -.Nm password-quality -.Ar principal -.Ar password -.Pp -.Bd -ragged -offset indent -Run the password quality check function locally. -You can run this on the host that is configured to run the kadmind -process to verify that your configuration file is correct. -The verification is done locally, if kadmin is run in remote mode, -no rpc call is done to the server. -.Ed -.Pp -.Nm privileges -.Pp -.Bd -ragged -offset indent -Lists the operations you are allowed to perform. These include -.Li add , -.Li add_enctype , -.Li change-password , -.Li delete , -.Li del_enctype , -.Li get , -.Li list , -and -.Li modify . -.Ed -.Pp -.Nm rename -.Ar from to -.Pp -.Bd -ragged -offset indent -Renames a principal. This is normally transparent, but since keys are -salted with the principal name, they will have a non-standard salt, -and clients which are unable to cope with this will fail. Kerberos 4 -suffers from this. -.Ed -.Pp -.Nm check -.Op Ar realm -.Pp -.Bd -ragged -offset indent -Check database for strange configurations on important principals. If -no realm is given, the default realm is used. -.Ed -.Pp -.Ed -.Pp -When running in local mode, the following commands can also be used: -.Bd -ragged -offset indent -.Nm dump -.Op Fl d | Fl -decrypt -.Op Ar dump-file -.Pp -.Bd -ragged -offset indent -Writes the database in -.Dq human readable -form to the specified file, or standard out. If the database is -encrypted, the dump will also have encrypted keys, unless -.Fl -decrypt -is used. -.Ed -.Pp -.Nm init -.Op Fl -realm-max-ticket-life= Ns Ar string -.Op Fl -realm-max-renewable-life= Ns Ar string -.Ar realm -.Pp -.Bd -ragged -offset indent -Initializes the Kerberos database with entries for a new realm. It's -possible to have more than one realm served by one server. -.Ed -.Pp -.Nm load -.Ar file -.Pp -.Bd -ragged -offset indent -Reads a previously dumped database, and re-creates that database from -scratch. -.Ed -.Pp -.Nm merge -.Ar file -.Pp -.Bd -ragged -offset indent -Similar to -.Nm load -but just modifies the database with the entries in the dump file. -.Ed -.Pp -.Nm stash -.Oo Fl e Ar enctype \*(Ba Xo -.Fl -enctype= Ns Ar enctype -.Xc -.Oc -.Oo Fl k Ar keyfile \*(Ba Xo -.Fl -key-file= Ns Ar keyfile -.Xc -.Oc -.Op Fl -convert-file -.Op Fl -master-key-fd= Ns Ar fd -.Pp -.Bd -ragged -offset indent -Writes the Kerberos master key to a file used by the KDC. -.Ed -.Pp -.Ed -.\".Sh ENVIRONMENT -.\".Sh FILES -.\".Sh EXAMPLES -.\".Sh DIAGNOSTICS -.Sh SEE ALSO -.Xr kadmind 8 , -.Xr kdc 8 -.\".Sh STANDARDS -.\".Sh HISTORY -.\".Sh AUTHORS -.\".Sh BUGS diff --git a/crypto/heimdal/kadmin/kadmin.c b/crypto/heimdal/kadmin/kadmin.c deleted file mode 100644 index da9b894561d2..000000000000 --- a/crypto/heimdal/kadmin/kadmin.c +++ /dev/null @@ -1,284 +0,0 @@ -/* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" -#include "kadmin-commands.h" -#include - -RCSID("$Id: kadmin.c 22253 2007-12-09 06:00:00Z lha $"); - -static char *config_file; -static char *keyfile; -int local_flag; -static int ad_flag; -static int help_flag; -static int version_flag; -static char *realm; -static char *admin_server; -static int server_port = 0; -static char *client_name; -static char *keytab; -static char *check_library = NULL; -static char *check_function = NULL; -static getarg_strings policy_libraries = { 0, NULL }; - -static struct getargs args[] = { - { "principal", 'p', arg_string, &client_name, - "principal to authenticate as" }, - { "keytab", 'K', arg_string, &keytab, - "keytab for authentication principal" }, - { - "config-file", 'c', arg_string, &config_file, - "location of config file", "file" - }, - { - "key-file", 'k', arg_string, &keyfile, - "location of master key file", "file" - }, - { - "realm", 'r', arg_string, &realm, - "realm to use", "realm" - }, - { - "admin-server", 'a', arg_string, &admin_server, - "server to contact", "host" - }, - { - "server-port", 's', arg_integer, &server_port, - "port to use", "port number" - }, - { "ad", 0, arg_flag, &ad_flag, "active directory admin mode" }, -#ifdef HAVE_DLOPEN - { "check-library", 0, arg_string, &check_library, - "library to load password check function from", "library" }, - { "check-function", 0, arg_string, &check_function, - "password check function to load", "function" }, - { "policy-libraries", 0, arg_strings, &policy_libraries, - "password check function to load", "function" }, -#endif - { "local", 'l', arg_flag, &local_flag, "local admin mode" }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 'v', arg_flag, &version_flag } -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - - -krb5_context context; -void *kadm_handle; - -int -help(void *opt, int argc, char **argv) -{ - sl_slc_help(commands, argc, argv); - return 0; -} - -static int exit_seen = 0; - -int -exit_kadmin (void *opt, int argc, char **argv) -{ - exit_seen = 1; - return 0; -} - -static void -usage(int ret) -{ - arg_printusage (args, num_args, NULL, "[command]"); - exit (ret); -} - -int -get_privs(void *opt, int argc, char **argv) -{ - uint32_t privs; - char str[128]; - kadm5_ret_t ret; - - ret = kadm5_get_privs(kadm_handle, &privs); - if(ret) - krb5_warn(context, ret, "kadm5_get_privs"); - else{ - ret =_kadm5_privs_to_string(privs, str, sizeof(str)); - printf("%s\n", str); - } - return 0; -} - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - char **files; - kadm5_config_params conf; - int optidx = 0; - int exit_status = 0; - - setprogname(argv[0]); - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - if(getarg(args, num_args, argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if (version_flag) { - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - if (config_file == NULL) { - asprintf(&config_file, "%s/kdc.conf", hdb_db_dir(context)); - if (config_file == NULL) - errx(1, "out of memory"); - } - - ret = krb5_prepend_config_files_default(config_file, &files); - if (ret) - krb5_err(context, 1, ret, "getting configuration files"); - - ret = krb5_set_config_files(context, files); - krb5_free_config_files(files); - if(ret) - krb5_err(context, 1, ret, "reading configuration files"); - - memset(&conf, 0, sizeof(conf)); - if(realm) { - krb5_set_default_realm(context, realm); /* XXX should be fixed - some other way */ - conf.realm = realm; - conf.mask |= KADM5_CONFIG_REALM; - } - - if (admin_server) { - conf.admin_server = admin_server; - conf.mask |= KADM5_CONFIG_ADMIN_SERVER; - } - - if (server_port) { - conf.kadmind_port = htons(server_port); - conf.mask |= KADM5_CONFIG_KADMIND_PORT; - } - - if (keyfile) { - conf.stash_file = keyfile; - conf.mask |= KADM5_CONFIG_STASH_FILE; - } - - if(local_flag) { - int i; - - kadm5_setup_passwd_quality_check (context, - check_library, check_function); - - for (i = 0; i < policy_libraries.num_strings; i++) { - ret = kadm5_add_passwd_quality_verifier(context, - policy_libraries.strings[i]); - if (ret) - krb5_err(context, 1, ret, "kadm5_add_passwd_quality_verifier"); - } - ret = kadm5_add_passwd_quality_verifier(context, NULL); - if (ret) - krb5_err(context, 1, ret, "kadm5_add_passwd_quality_verifier"); - - ret = kadm5_s_init_with_password_ctx(context, - KADM5_ADMIN_SERVICE, - NULL, - KADM5_ADMIN_SERVICE, - &conf, 0, 0, - &kadm_handle); - } else if (ad_flag) { - if (client_name == NULL) - krb5_errx(context, 1, "keytab mode require principal name"); - ret = kadm5_ad_init_with_password_ctx(context, - client_name, - NULL, - KADM5_ADMIN_SERVICE, - &conf, 0, 0, - &kadm_handle); - } else if (keytab) { - if (client_name == NULL) - krb5_errx(context, 1, "keytab mode require principal name"); - ret = kadm5_c_init_with_skey_ctx(context, - client_name, - keytab, - KADM5_ADMIN_SERVICE, - &conf, 0, 0, - &kadm_handle); - } else - ret = kadm5_c_init_with_password_ctx(context, - client_name, - NULL, - KADM5_ADMIN_SERVICE, - &conf, 0, 0, - &kadm_handle); - - if(ret) - krb5_err(context, 1, ret, "kadm5_init_with_password"); - - signal(SIGINT, SIG_IGN); /* ignore signals for now, the sl command - parser will handle SIGINT its own way; - we should really take care of this in - each function, f.i `get' might be - interruptable, but not `create' */ - if (argc != 0) { - ret = sl_command (commands, argc, argv); - if(ret == -1) - krb5_warnx (context, "unrecognized command: %s", argv[0]); - else if (ret == -2) - ret = 0; - if(ret != 0) - exit_status = 1; - } else { - while(!exit_seen) { - ret = sl_command_loop(commands, "kadmin> ", NULL); - if (ret == -2) - exit_seen = 1; - else if (ret != 0) - exit_status = 1; - } - } - - kadm5_destroy(kadm_handle); - krb5_free_context(context); - return exit_status; -} diff --git a/crypto/heimdal/kadmin/kadmin_locl.h b/crypto/heimdal/kadmin/kadmin_locl.h deleted file mode 100644 index 7d0f77438a65..000000000000 --- a/crypto/heimdal/kadmin/kadmin_locl.h +++ /dev/null @@ -1,157 +0,0 @@ -/* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * $Id: kadmin_locl.h 17580 2006-05-13 21:28:56Z lha $ - */ - -#ifndef __ADMIN_LOCL_H__ -#define __ADMIN_LOCL_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include -#include -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SELECT_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_SYS_SELECT_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif - -#ifdef HAVE_UTIL_H -#include -#endif -#ifdef HAVE_LIBUTIL_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_SYS_UN_H -#include -#endif -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -extern krb5_context context; -extern void * kadm_handle; - -#undef ALLOC -#define ALLOC(X) ((X) = malloc(sizeof(*(X)))) - -/* util.c */ - -void attributes2str(krb5_flags, char *, size_t); -int str2attributes(const char *, krb5_flags *); -int parse_attributes (const char *, krb5_flags *, int *, int); -int edit_attributes (const char *, krb5_flags *, int *, int); - -void time_t2str(time_t, char *, size_t, int); -int str2time_t (const char *, time_t *); -int parse_timet (const char *, krb5_timestamp *, int *, int); -int edit_timet (const char *, krb5_timestamp *, int *, - int); - -void deltat2str(unsigned, char *, size_t); -int str2deltat(const char *, krb5_deltat *); -int parse_deltat (const char *, krb5_deltat *, int *, int); -int edit_deltat (const char *, krb5_deltat *, int *, int); - -int edit_entry(kadm5_principal_ent_t, int *, kadm5_principal_ent_t, int); -void set_defaults(kadm5_principal_ent_t, int *, kadm5_principal_ent_t, int); -int set_entry(krb5_context, kadm5_principal_ent_t, int *, - const char *, const char *, const char *, - const char *, const char *); -int -foreach_principal(const char *, int (*)(krb5_principal, void*), - const char *, void *); - -int parse_des_key (const char *, krb5_key_data *, const char **); - -/* server.c */ - -krb5_error_code -kadmind_loop (krb5_context, krb5_auth_context, krb5_keytab, int); - -/* random_password.c */ - -void -random_password(char *, size_t); - -/* kadm_conn.c */ - -extern sig_atomic_t term_flag, doing_useful_work; - -void parse_ports(krb5_context, const char*); -int start_server(krb5_context); - -/* server.c */ - -krb5_error_code -kadmind_loop (krb5_context, krb5_auth_context, krb5_keytab, int); - -#endif /* __ADMIN_LOCL_H__ */ diff --git a/crypto/heimdal/kadmin/kadmind.8 b/crypto/heimdal/kadmin/kadmind.8 deleted file mode 100644 index 4715da9be664..000000000000 --- a/crypto/heimdal/kadmin/kadmind.8 +++ /dev/null @@ -1,178 +0,0 @@ -.\" Copyright (c) 2002 - 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kadmind.8 14370 2004-12-08 17:20:21Z lha $ -.\" -.Dd December 8, 2004 -.Dt KADMIND 8 -.Os HEIMDAL -.Sh NAME -.Nm kadmind -.Nd "server for administrative access to Kerberos database" -.Sh SYNOPSIS -.Nm -.Bk -words -.Oo Fl c Ar file \*(Ba Xo -.Fl -config-file= Ns Ar file -.Xc -.Oc -.Oo Fl k Ar file \*(Ba Xo -.Fl -key-file= Ns Ar file -.Xc -.Oc -.Op Fl -keytab= Ns Ar keytab -.Oo Fl r Ar realm \*(Ba Xo -.Fl -realm= Ns Ar realm -.Xc -.Oc -.Op Fl d | Fl -debug -.Oo Fl p Ar port \*(Ba Xo -.Fl -ports= Ns Ar port -.Xc -.Oc -.Ek -.Sh DESCRIPTION -.Nm -listens for requests for changes to the Kerberos database and performs -these, subject to permissions. When starting, if stdin is a socket it -assumes that it has been started by -.Xr inetd 8 , -otherwise it behaves as a daemon, forking processes for each new -connection. The -.Fl -debug -option causes -.Nm -to accept exactly one connection, which is useful for debugging. -.Pp -The -.Xr kpasswdd 8 -daemon is responsible for the Kerberos 5 password changing protocol -(used by -.Xr kpasswd 1 ) -. -.Pp -This daemon should only be run on the master server, and not on any -slaves. -.Pp -Principals are always allowed to change their own password and list -their own principal. Apart from that, doing any operation requires -permission explicitly added in the ACL file -.Pa /var/heimdal/kadmind.acl . -The format of this file is: -.Bd -ragged -.Va principal -.Va rights -.Op Va principal-pattern -.Ed -.Pp -Where rights is any (comma separated) combination of: -.Bl -bullet -compact -.It -change-password or cpw -.It -list -.It -delete -.It -modify -.It -add -.It -get -.It -all -.El -.Pp -And the optional -.Ar principal-pattern -restricts the rights to operations on principals that match the -glob-style pattern. -.Pp -Supported options: -.Bl -tag -width Ds -.It Xo -.Fl c Ar file , -.Fl -config-file= Ns Ar file -.Xc -location of config file -.It Xo -.Fl k Ar file , -.Fl -key-file= Ns Ar file -.Xc -location of master key file -.It Xo -.Fl -keytab= Ns Ar keytab -.Xc -what keytab to use -.It Xo -.Fl r Ar realm , -.Fl -realm= Ns Ar realm -.Xc -realm to use -.It Xo -.Fl d , -.Fl -debug -.Xc -enable debugging -.It Xo -.Fl p Ar port , -.Fl -ports= Ns Ar port -.Xc -ports to listen to. By default, if run as a daemon, it listens to port -749, but you can add any number of ports with this option. The port -string is a whitespace separated list of port specifications, with the -special string -.Dq + -representing the default port. -.El -.\".Sh ENVIRONMENT -.Sh FILES -.Pa /var/heimdal/kadmind.acl -.Sh EXAMPLES -This will cause -.Nm -to listen to port 4711 in addition to any -compiled in defaults: -.Pp -.D1 Nm Fl -ports Ns Li "=\*[q]+ 4711\*[q] &" -.Pp -This acl file will grant Joe all rights, and allow Mallory to view and -add host principals. -.Bd -literal -offset indent -joe/admin@EXAMPLE.COM all -mallory/admin@EXAMPLE.COM add,get host/*@EXAMPLE.COM -.Ed -.\".Sh DIAGNOSTICS -.Sh SEE ALSO -.Xr kpasswd 1 , -.Xr kadmin 8 , -.Xr kdc 8 , -.Xr kpasswdd 8 diff --git a/crypto/heimdal/kadmin/kadmind.c b/crypto/heimdal/kadmin/kadmind.c deleted file mode 100644 index 4d1c2ecc2672..000000000000 --- a/crypto/heimdal/kadmin/kadmind.c +++ /dev/null @@ -1,187 +0,0 @@ -/* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" - -RCSID("$Id: kadmind.c 22250 2007-12-09 05:57:31Z lha $"); - -static char *check_library = NULL; -static char *check_function = NULL; -static getarg_strings policy_libraries = { 0, NULL }; -static char *config_file; -static char *keytab_str = "HDB:"; -static int help_flag; -static int version_flag; -static int debug_flag; -static char *port_str; -char *realm; - -static struct getargs args[] = { - { - "config-file", 'c', arg_string, &config_file, - "location of config file", "file" - }, - { - "keytab", 0, arg_string, &keytab_str, - "what keytab to use", "keytab" - }, - { "realm", 'r', arg_string, &realm, - "realm to use", "realm" - }, -#ifdef HAVE_DLOPEN - { "check-library", 0, arg_string, &check_library, - "library to load password check function from", "library" }, - { "check-function", 0, arg_string, &check_function, - "password check function to load", "function" }, - { "policy-libraries", 0, arg_strings, &policy_libraries, - "password check function to load", "function" }, -#endif - { "debug", 'd', arg_flag, &debug_flag, - "enable debugging" - }, - { "ports", 'p', arg_string, &port_str, - "ports to listen to", "port" }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 'v', arg_flag, &version_flag } -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - -krb5_context context; - -static void -usage(int ret) -{ - arg_printusage (args, num_args, NULL, ""); - exit (ret); -} - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - char **files; - int optidx = 0; - int e, i; - krb5_log_facility *logfacility; - krb5_keytab keytab; - - setprogname(argv[0]); - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - while((e = getarg(args, num_args, argc, argv, &optidx))) - warnx("error at argument `%s'", argv[optidx]); - - if (help_flag) - usage (0); - - if (version_flag) { - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - if (config_file == NULL) { - asprintf(&config_file, "%s/kdc.conf", hdb_db_dir(context)); - if (config_file == NULL) - errx(1, "out of memory"); - } - - ret = krb5_prepend_config_files_default(config_file, &files); - if (ret) - krb5_err(context, 1, ret, "getting configuration files"); - - ret = krb5_set_config_files(context, files); - krb5_free_config_files(files); - if(ret) - krb5_err(context, 1, ret, "reading configuration files"); - - ret = krb5_openlog(context, "kadmind", &logfacility); - if (ret) - krb5_err(context, 1, ret, "krb5_openlog"); - ret = krb5_set_warn_dest(context, logfacility); - if (ret) - krb5_err(context, 1, ret, "krb5_set_warn_dest"); - - ret = krb5_kt_register(context, &hdb_kt_ops); - if(ret) - krb5_err(context, 1, ret, "krb5_kt_register"); - - ret = krb5_kt_resolve(context, keytab_str, &keytab); - if(ret) - krb5_err(context, 1, ret, "krb5_kt_resolve"); - - kadm5_setup_passwd_quality_check (context, check_library, check_function); - - for (i = 0; i < policy_libraries.num_strings; i++) { - ret = kadm5_add_passwd_quality_verifier(context, - policy_libraries.strings[i]); - if (ret) - krb5_err(context, 1, ret, "kadm5_add_passwd_quality_verifier"); - } - ret = kadm5_add_passwd_quality_verifier(context, NULL); - if (ret) - krb5_err(context, 1, ret, "kadm5_add_passwd_quality_verifier"); - - { - int fd = 0; - struct sockaddr_storage __ss; - struct sockaddr *sa = (struct sockaddr *)&__ss; - socklen_t sa_size = sizeof(__ss); - krb5_auth_context ac = NULL; - int debug_port; - - if(debug_flag) { - if(port_str == NULL) - debug_port = krb5_getportbyname (context, "kerberos-adm", - "tcp", 749); - else - debug_port = htons(atoi(port_str)); - mini_inetd(debug_port); - } else if(roken_getsockname(STDIN_FILENO, sa, &sa_size) < 0 && - errno == ENOTSOCK) { - parse_ports(context, port_str ? port_str : "+"); - pidfile(NULL); - start_server(context); - } - if(realm) - krb5_set_default_realm(context, realm); /* XXX */ - kadmind_loop(context, ac, keytab, fd); - } - return 0; -} diff --git a/crypto/heimdal/kadmin/load.c b/crypto/heimdal/kadmin/load.c deleted file mode 100644 index 30e6d93c0898..000000000000 --- a/crypto/heimdal/kadmin/load.c +++ /dev/null @@ -1,569 +0,0 @@ -/* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" -#include "kadmin-commands.h" -#include - -RCSID("$Id: load.c 16658 2006-01-25 12:29:46Z lha $"); - -struct entry { - char *principal; - char *key; - char *max_life; - char *max_renew; - char *created; - char *modified; - char *valid_start; - char *valid_end; - char *pw_end; - char *flags; - char *generation; - char *extensions; -}; - -static char * -skip_next(char *p) -{ - while(*p && !isspace((unsigned char)*p)) - p++; - *p++ = 0; - while(*p && isspace((unsigned char)*p)) - p++; - return p; -} - -/* - * Parse the time in `s', returning: - * -1 if error parsing - * 0 if none present - * 1 if parsed ok - */ - -static int -parse_time_string(time_t *t, const char *s) -{ - int year, month, date, hour, minute, second; - struct tm tm; - - if(strcmp(s, "-") == 0) - return 0; - if(sscanf(s, "%04d%02d%02d%02d%02d%02d", - &year, &month, &date, &hour, &minute, &second) != 6) - return -1; - tm.tm_year = year - 1900; - tm.tm_mon = month - 1; - tm.tm_mday = date; - tm.tm_hour = hour; - tm.tm_min = minute; - tm.tm_sec = second; - tm.tm_isdst = 0; - *t = timegm(&tm); - return 1; -} - -/* - * parse time, allocating space in *t if it's there - */ - -static int -parse_time_string_alloc (time_t **t, const char *s) -{ - time_t tmp; - int ret; - - *t = NULL; - ret = parse_time_string (&tmp, s); - if (ret == 1) { - *t = malloc (sizeof (**t)); - if (*t == NULL) - krb5_errx (context, 1, "malloc: out of memory"); - **t = tmp; - } - return ret; -} - -/* - * see parse_time_string for calling convention - */ - -static int -parse_integer(unsigned int *u, const char *s) -{ - if(strcmp(s, "-") == 0) - return 0; - if (sscanf(s, "%u", u) != 1) - return -1; - return 1; -} - -static int -parse_integer_alloc (unsigned int **u, const char *s) -{ - unsigned int tmp; - int ret; - - *u = NULL; - ret = parse_integer (&tmp, s); - if (ret == 1) { - *u = malloc (sizeof (**u)); - if (*u == NULL) - krb5_errx (context, 1, "malloc: out of memory"); - **u = tmp; - } - return ret; -} - -/* - * Parse dumped keys in `str' and store them in `ent' - * return -1 if parsing failed - */ - -static int -parse_keys(hdb_entry *ent, char *str) -{ - krb5_error_code ret; - int tmp; - char *p; - int i; - - p = strsep(&str, ":"); - if (sscanf(p, "%d", &tmp) != 1) - return 1; - ent->kvno = tmp; - p = strsep(&str, ":"); - while(p){ - Key *key; - key = realloc(ent->keys.val, - (ent->keys.len + 1) * sizeof(*ent->keys.val)); - if(key == NULL) - krb5_errx (context, 1, "realloc: out of memory"); - ent->keys.val = key; - key = ent->keys.val + ent->keys.len; - ent->keys.len++; - memset(key, 0, sizeof(*key)); - if(sscanf(p, "%d", &tmp) == 1) { - key->mkvno = malloc(sizeof(*key->mkvno)); - *key->mkvno = tmp; - } else - key->mkvno = NULL; - p = strsep(&str, ":"); - if (sscanf(p, "%d", &tmp) != 1) - return 1; - key->key.keytype = tmp; - p = strsep(&str, ":"); - ret = krb5_data_alloc(&key->key.keyvalue, (strlen(p) - 1) / 2 + 1); - if (ret) - krb5_err (context, 1, ret, "krb5_data_alloc"); - for(i = 0; i < strlen(p); i += 2) { - if(sscanf(p + i, "%02x", &tmp) != 1) - return 1; - ((u_char*)key->key.keyvalue.data)[i / 2] = tmp; - } - p = strsep(&str, ":"); - if(strcmp(p, "-") != 0){ - unsigned type; - size_t p_len; - - if(sscanf(p, "%u/", &type) != 1) - return 1; - p = strchr(p, '/'); - if(p == NULL) - return 1; - p++; - p_len = strlen(p); - - key->salt = malloc(sizeof(*key->salt)); - if (key->salt == NULL) - krb5_errx (context, 1, "malloc: out of memory"); - key->salt->type = type; - - if (p_len) { - if(*p == '\"') { - ret = krb5_data_copy(&key->salt->salt, p + 1, p_len - 2); - if (ret) - krb5_err (context, 1, ret, "krb5_data_copy"); - } else { - ret = krb5_data_alloc(&key->salt->salt, - (p_len - 1) / 2 + 1); - if (ret) - krb5_err (context, 1, ret, "krb5_data_alloc"); - for(i = 0; i < p_len; i += 2){ - if (sscanf(p + i, "%02x", &tmp) != 1) - return 1; - ((u_char*)key->salt->salt.data)[i / 2] = tmp; - } - } - } else - krb5_data_zero (&key->salt->salt); - } - p = strsep(&str, ":"); - } - return 0; -} - -/* - * see parse_time_string for calling convention - */ - -static int -parse_event(Event *ev, char *s) -{ - krb5_error_code ret; - char *p; - - if(strcmp(s, "-") == 0) - return 0; - memset(ev, 0, sizeof(*ev)); - p = strsep(&s, ":"); - if(parse_time_string(&ev->time, p) != 1) - return -1; - p = strsep(&s, ":"); - ret = krb5_parse_name(context, p, &ev->principal); - if (ret) - return -1; - return 1; -} - -static int -parse_event_alloc (Event **ev, char *s) -{ - Event tmp; - int ret; - - *ev = NULL; - ret = parse_event (&tmp, s); - if (ret == 1) { - *ev = malloc (sizeof (**ev)); - if (*ev == NULL) - krb5_errx (context, 1, "malloc: out of memory"); - **ev = tmp; - } - return ret; -} - -static int -parse_hdbflags2int(HDBFlags *f, const char *s) -{ - int ret; - unsigned int tmp; - - ret = parse_integer (&tmp, s); - if (ret == 1) - *f = int2HDBFlags (tmp); - return ret; -} - -static int -parse_generation(char *str, GENERATION **gen) -{ - char *p; - int v; - - if(strcmp(str, "-") == 0 || *str == '\0') { - *gen = NULL; - return 0; - } - *gen = calloc(1, sizeof(**gen)); - - p = strsep(&str, ":"); - if(parse_time_string(&(*gen)->time, p) != 1) - return -1; - p = strsep(&str, ":"); - if(sscanf(p, "%d", &v) != 1) - return -1; - (*gen)->usec = v; - p = strsep(&str, ":"); - if(sscanf(p, "%d", &v) != 1) - return -1; - (*gen)->gen = v - 1; /* XXX gets bumped in _hdb_store */ - return 0; -} - -static int -parse_extensions(char *str, HDB_extensions **e) -{ - char *p; - int ret; - - if(strcmp(str, "-") == 0 || *str == '\0') { - *e = NULL; - return 0; - } - *e = calloc(1, sizeof(**e)); - - p = strsep(&str, ":"); - - while (p) { - HDB_extension ext; - ssize_t len; - void *d; - - len = strlen(p); - d = malloc(len); - - len = hex_decode(p, d, len); - if (len < 0) - return -1; - - ret = decode_HDB_extension(d, len, &ext, NULL); - free(d); - if (ret) - return -1; - d = realloc((*e)->val, ((*e)->len + 1) * sizeof((*e)->val[0])); - if (d == NULL) - abort(); - (*e)->val = d; - (*e)->val[(*e)->len] = ext; - (*e)->len++; - - p = strsep(&str, ":"); - } - - return 0; -} - - -/* - * Parse the dump file in `filename' and create the database (merging - * iff merge) - */ - -static int -doit(const char *filename, int mergep) -{ - krb5_error_code ret; - FILE *f; - char s[8192]; /* XXX should fix this properly */ - char *p; - int line; - int flags = O_RDWR; - struct entry e; - hdb_entry_ex ent; - HDB *db = _kadm5_s_get_db(kadm_handle); - - f = fopen(filename, "r"); - if(f == NULL){ - krb5_warn(context, errno, "fopen(%s)", filename); - return 1; - } - ret = kadm5_log_truncate (kadm_handle); - if (ret) { - fclose (f); - krb5_warn(context, ret, "kadm5_log_truncate"); - return 1; - } - - if(!mergep) - flags |= O_CREAT | O_TRUNC; - ret = db->hdb_open(context, db, flags, 0600); - if(ret){ - krb5_warn(context, ret, "hdb_open"); - fclose(f); - return 1; - } - line = 0; - ret = 0; - while(fgets(s, sizeof(s), f) != NULL) { - ret = 0; - line++; - - p = s; - while (isspace((unsigned char)*p)) - p++; - - e.principal = p; - for(p = s; *p; p++){ - if(*p == '\\') - p++; - else if(isspace((unsigned char)*p)) { - *p = 0; - break; - } - } - p = skip_next(p); - - e.key = p; - p = skip_next(p); - - e.created = p; - p = skip_next(p); - - e.modified = p; - p = skip_next(p); - - e.valid_start = p; - p = skip_next(p); - - e.valid_end = p; - p = skip_next(p); - - e.pw_end = p; - p = skip_next(p); - - e.max_life = p; - p = skip_next(p); - - e.max_renew = p; - p = skip_next(p); - - e.flags = p; - p = skip_next(p); - - e.generation = p; - p = skip_next(p); - - e.extensions = p; - p = skip_next(p); - - memset(&ent, 0, sizeof(ent)); - ret = krb5_parse_name(context, e.principal, &ent.entry.principal); - if(ret) { - fprintf(stderr, "%s:%d:%s (%s)\n", - filename, - line, - krb5_get_err_text(context, ret), - e.principal); - continue; - } - - if (parse_keys(&ent.entry, e.key)) { - fprintf (stderr, "%s:%d:error parsing keys (%s)\n", - filename, line, e.key); - hdb_free_entry (context, &ent); - continue; - } - - if (parse_event(&ent.entry.created_by, e.created) == -1) { - fprintf (stderr, "%s:%d:error parsing created event (%s)\n", - filename, line, e.created); - hdb_free_entry (context, &ent); - continue; - } - if (parse_event_alloc (&ent.entry.modified_by, e.modified) == -1) { - fprintf (stderr, "%s:%d:error parsing event (%s)\n", - filename, line, e.modified); - hdb_free_entry (context, &ent); - continue; - } - if (parse_time_string_alloc (&ent.entry.valid_start, e.valid_start) == -1) { - fprintf (stderr, "%s:%d:error parsing time (%s)\n", - filename, line, e.valid_start); - hdb_free_entry (context, &ent); - continue; - } - if (parse_time_string_alloc (&ent.entry.valid_end, e.valid_end) == -1) { - fprintf (stderr, "%s:%d:error parsing time (%s)\n", - filename, line, e.valid_end); - hdb_free_entry (context, &ent); - continue; - } - if (parse_time_string_alloc (&ent.entry.pw_end, e.pw_end) == -1) { - fprintf (stderr, "%s:%d:error parsing time (%s)\n", - filename, line, e.pw_end); - hdb_free_entry (context, &ent); - continue; - } - - if (parse_integer_alloc (&ent.entry.max_life, e.max_life) == -1) { - fprintf (stderr, "%s:%d:error parsing lifetime (%s)\n", - filename, line, e.max_life); - hdb_free_entry (context, &ent); - continue; - - } - if (parse_integer_alloc (&ent.entry.max_renew, e.max_renew) == -1) { - fprintf (stderr, "%s:%d:error parsing lifetime (%s)\n", - filename, line, e.max_renew); - hdb_free_entry (context, &ent); - continue; - } - - if (parse_hdbflags2int (&ent.entry.flags, e.flags) != 1) { - fprintf (stderr, "%s:%d:error parsing flags (%s)\n", - filename, line, e.flags); - hdb_free_entry (context, &ent); - continue; - } - - if(parse_generation(e.generation, &ent.entry.generation) == -1) { - fprintf (stderr, "%s:%d:error parsing generation (%s)\n", - filename, line, e.generation); - hdb_free_entry (context, &ent); - continue; - } - - if(parse_extensions(e.extensions, &ent.entry.extensions) == -1) { - fprintf (stderr, "%s:%d:error parsing extension (%s)\n", - filename, line, e.extensions); - hdb_free_entry (context, &ent); - continue; - } - - ret = db->hdb_store(context, db, HDB_F_REPLACE, &ent); - hdb_free_entry (context, &ent); - if (ret) { - krb5_warn(context, ret, "db_store"); - break; - } - } - db->hdb_close(context, db); - fclose(f); - return ret != 0; -} - - -extern int local_flag; - -static int -loadit(int mergep, const char *name, int argc, char **argv) -{ - if(!local_flag) { - krb5_warnx(context, "%s is only available in local (-l) mode", name); - return 0; - } - - return doit(argv[0], mergep); -} - -int -load(void *opt, int argc, char **argv) -{ - return loadit(0, "load", argc, argv); -} - -int -merge(void *opt, int argc, char **argv) -{ - return loadit(1, "merge", argc, argv); -} diff --git a/crypto/heimdal/kadmin/mod.c b/crypto/heimdal/kadmin/mod.c deleted file mode 100644 index f5f9e0467a5b..000000000000 --- a/crypto/heimdal/kadmin/mod.c +++ /dev/null @@ -1,261 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" -#include "kadmin-commands.h" - -RCSID("$Id: mod.c 21968 2007-10-18 18:50:33Z lha $"); - -static void -add_tl(kadm5_principal_ent_rec *princ, int type, krb5_data *data) -{ - krb5_tl_data *tl, **ptl; - - tl = ecalloc(1, sizeof(*tl)); - tl->tl_data_next = NULL; - tl->tl_data_type = KRB5_TL_EXTENSION; - tl->tl_data_length = data->length; - tl->tl_data_contents = data->data; - - princ->n_tl_data++; - ptl = &princ->tl_data; - while (*ptl != NULL) - ptl = &(*ptl)->tl_data_next; - *ptl = tl; - - return; -} - -static void -add_constrained_delegation(krb5_context context, - kadm5_principal_ent_rec *princ, - struct getarg_strings *strings) -{ - krb5_error_code ret; - HDB_extension ext; - krb5_data buf; - size_t size; - - memset(&ext, 0, sizeof(ext)); - ext.mandatory = FALSE; - ext.data.element = choice_HDB_extension_data_allowed_to_delegate_to; - - if (strings->num_strings == 1 && strings->strings[0][0] == '\0') { - ext.data.u.allowed_to_delegate_to.val = NULL; - ext.data.u.allowed_to_delegate_to.len = 0; - } else { - krb5_principal p; - int i; - - ext.data.u.allowed_to_delegate_to.val = - calloc(strings->num_strings, - sizeof(ext.data.u.allowed_to_delegate_to.val[0])); - ext.data.u.allowed_to_delegate_to.len = strings->num_strings; - - for (i = 0; i < strings->num_strings; i++) { - ret = krb5_parse_name(context, strings->strings[i], &p); - ret = copy_Principal(p, &ext.data.u.allowed_to_delegate_to.val[i]); - krb5_free_principal(context, p); - } - } - - ASN1_MALLOC_ENCODE(HDB_extension, buf.data, buf.length, - &ext, &size, ret); - free_HDB_extension(&ext); - if (ret) - abort(); - if (buf.length != size) - abort(); - - add_tl(princ, KRB5_TL_EXTENSION, &buf); -} - -static void -add_aliases(krb5_context context, kadm5_principal_ent_rec *princ, - struct getarg_strings *strings) -{ - krb5_error_code ret; - HDB_extension ext; - krb5_data buf; - krb5_principal p; - size_t size; - int i; - - memset(&ext, 0, sizeof(ext)); - ext.mandatory = FALSE; - ext.data.element = choice_HDB_extension_data_aliases; - ext.data.u.aliases.case_insensitive = 0; - - if (strings->num_strings == 1 && strings->strings[0][0] == '\0') { - ext.data.u.aliases.aliases.val = NULL; - ext.data.u.aliases.aliases.len = 0; - } else { - ext.data.u.aliases.aliases.val = - calloc(strings->num_strings, - sizeof(ext.data.u.aliases.aliases.val[0])); - ext.data.u.aliases.aliases.len = strings->num_strings; - - for (i = 0; i < strings->num_strings; i++) { - ret = krb5_parse_name(context, strings->strings[i], &p); - ret = copy_Principal(p, &ext.data.u.aliases.aliases.val[i]); - krb5_free_principal(context, p); - } - } - - ASN1_MALLOC_ENCODE(HDB_extension, buf.data, buf.length, - &ext, &size, ret); - free_HDB_extension(&ext); - if (ret) - abort(); - if (buf.length != size) - abort(); - - add_tl(princ, KRB5_TL_EXTENSION, &buf); -} - -static void -add_pkinit_acl(krb5_context context, kadm5_principal_ent_rec *princ, - struct getarg_strings *strings) -{ - krb5_error_code ret; - HDB_extension ext; - krb5_data buf; - size_t size; - int i; - - memset(&ext, 0, sizeof(ext)); - ext.mandatory = FALSE; - ext.data.element = choice_HDB_extension_data_pkinit_acl; - ext.data.u.aliases.case_insensitive = 0; - - if (strings->num_strings == 1 && strings->strings[0][0] == '\0') { - ext.data.u.pkinit_acl.val = NULL; - ext.data.u.pkinit_acl.len = 0; - } else { - ext.data.u.pkinit_acl.val = - calloc(strings->num_strings, - sizeof(ext.data.u.pkinit_acl.val[0])); - ext.data.u.pkinit_acl.len = strings->num_strings; - - for (i = 0; i < strings->num_strings; i++) { - ext.data.u.pkinit_acl.val[i].subject = estrdup(strings->strings[i]); - } - } - - ASN1_MALLOC_ENCODE(HDB_extension, buf.data, buf.length, - &ext, &size, ret); - free_HDB_extension(&ext); - if (ret) - abort(); - if (buf.length != size) - abort(); - - add_tl(princ, KRB5_TL_EXTENSION, &buf); -} - -static int -do_mod_entry(krb5_principal principal, void *data) -{ - krb5_error_code ret; - kadm5_principal_ent_rec princ; - int mask = 0; - struct modify_options *e = data; - - memset (&princ, 0, sizeof(princ)); - ret = kadm5_get_principal(kadm_handle, principal, &princ, - KADM5_PRINCIPAL | KADM5_ATTRIBUTES | - KADM5_MAX_LIFE | KADM5_MAX_RLIFE | - KADM5_PRINC_EXPIRE_TIME | - KADM5_PW_EXPIRATION); - if(ret) - return ret; - - if(e->max_ticket_life_string || - e->max_renewable_life_string || - e->expiration_time_string || - e->pw_expiration_time_string || - e->attributes_string || - e->kvno_integer != -1 || - e->constrained_delegation_strings.num_strings || - e->alias_strings.num_strings || - e->pkinit_acl_strings.num_strings) { - ret = set_entry(context, &princ, &mask, - e->max_ticket_life_string, - e->max_renewable_life_string, - e->expiration_time_string, - e->pw_expiration_time_string, - e->attributes_string); - if(e->kvno_integer != -1) { - princ.kvno = e->kvno_integer; - mask |= KADM5_KVNO; - } - if (e->constrained_delegation_strings.num_strings) { - add_constrained_delegation(context, &princ, - &e->constrained_delegation_strings); - mask |= KADM5_TL_DATA; - } - if (e->alias_strings.num_strings) { - add_aliases(context, &princ, &e->alias_strings); - mask |= KADM5_TL_DATA; - } - if (e->pkinit_acl_strings.num_strings) { - add_pkinit_acl(context, &princ, &e->pkinit_acl_strings); - mask |= KADM5_TL_DATA; - } - - } else - ret = edit_entry(&princ, &mask, NULL, 0); - if(ret == 0) { - ret = kadm5_modify_principal(kadm_handle, &princ, mask); - if(ret) - krb5_warn(context, ret, "kadm5_modify_principal"); - } - - kadm5_free_principal_ent(kadm_handle, &princ); - return ret; -} - -int -mod_entry(struct modify_options *opt, int argc, char **argv) -{ - krb5_error_code ret = 0; - int i; - - for(i = 0; i < argc; i++) { - ret = foreach_principal(argv[i], do_mod_entry, "mod", opt); - if (ret) - break; - } - return ret != 0; -} - diff --git a/crypto/heimdal/kadmin/pw_quality.c b/crypto/heimdal/kadmin/pw_quality.c deleted file mode 100644 index 8d1e9cc11a88..000000000000 --- a/crypto/heimdal/kadmin/pw_quality.c +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Copyright (c) 2003-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" -#include "kadmin-commands.h" - -RCSID("$Id: pw_quality.c 14026 2004-07-05 11:41:22Z joda $"); - -int -password_quality(void *opt, int argc, char **argv) -{ - krb5_error_code ret; - krb5_principal principal; - krb5_data pw_data; - const char *s; - - ret = krb5_parse_name(context, argv[0], &principal); - if(ret){ - krb5_warn(context, ret, "krb5_parse_name(%s)", argv[0]); - return 0; - } - pw_data.data = argv[1]; - pw_data.length = strlen(argv[1]); - - s = kadm5_check_password_quality (context, principal, &pw_data); - if (s) - krb5_warnx(context, "kadm5_check_password_quality: %s", s); - - krb5_free_principal(context, principal); - - return 0; -} diff --git a/crypto/heimdal/kadmin/random_password.c b/crypto/heimdal/kadmin/random_password.c deleted file mode 100644 index d56dd941f39f..000000000000 --- a/crypto/heimdal/kadmin/random_password.c +++ /dev/null @@ -1,163 +0,0 @@ -/* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" - -RCSID("$Id: random_password.c 21745 2007-07-31 16:11:25Z lha $"); - -/* This file defines some a function that generates a random password, - that can be used when creating a large amount of principals (such - as for a batch of students). Since this is a political matter, you - should think about how secure generated passwords has to be. - - Both methods defined here will give you at least 55 bits of - entropy. - */ - -/* If you want OTP-style passwords, define OTP_STYLE */ - -#ifdef OTP_STYLE -#include -#else -static void generate_password(char **pw, int num_classes, ...); -#endif - -void -random_password(char *pw, size_t len) -{ -#ifdef OTP_STYLE - { - OtpKey newkey; - - krb5_generate_random_block(&newkey, sizeof(newkey)); - otp_print_stddict (newkey, pw, len); - strlwr(pw); - } -#else - char *pass; - generate_password(&pass, 3, - "abcdefghijklmnopqrstuvwxyz", 7, - "ABCDEFGHIJKLMNOPQRSTUVWXYZ", 2, - "@$%&*()-+=:,/<>1234567890", 1); - strlcpy(pw, pass, len); - memset(pass, 0, strlen(pass)); - free(pass); -#endif -} - -/* some helper functions */ - -#ifndef OTP_STYLE -/* return a random value in range 0-127 */ -static int -RND(unsigned char *key, int keylen, int *left) -{ - if(*left == 0){ - krb5_generate_random_block(key, keylen); - *left = keylen; - } - (*left)--; - return ((unsigned char*)key)[*left]; -} - -/* This a helper function that generates a random password with a - number of characters from a set of character classes. - - If there are n classes, and the size of each class is Pi, and the - number of characters from each class is Ni, the number of possible - passwords are (given that the character classes are disjoint): - - n n - ----- / ---- \ - | | Ni | \ | - | | Pi | \ Ni| ! - | | ---- * | / | - | | Ni! | /___ | - i=1 \ i=1 / - - Since it uses the RND function above, neither the size of each - class, nor the total length of the generated password should be - larger than 127 (without fixing RND). - - */ -static void -generate_password(char **pw, int num_classes, ...) -{ - struct { - const char *str; - int len; - int freq; - } *classes; - va_list ap; - int len, i; - unsigned char rbuf[8]; /* random buffer */ - int rleft = 0; - - *pw = NULL; - - classes = malloc(num_classes * sizeof(*classes)); - if(classes == NULL) - return; - va_start(ap, num_classes); - len = 0; - for(i = 0; i < num_classes; i++){ - classes[i].str = va_arg(ap, const char*); - classes[i].len = strlen(classes[i].str); - classes[i].freq = va_arg(ap, int); - len += classes[i].freq; - } - va_end(ap); - *pw = malloc(len + 1); - if(*pw == NULL) { - free(classes); - return; - } - for(i = 0; i < len; i++) { - int j; - int x = RND(rbuf, sizeof(rbuf), &rleft) % (len - i); - int t = 0; - for(j = 0; j < num_classes; j++) { - if(x < t + classes[j].freq) { - (*pw)[i] = classes[j].str[RND(rbuf, sizeof(rbuf), &rleft) - % classes[j].len]; - classes[j].freq--; - break; - } - t += classes[j].freq; - } - } - (*pw)[len] = '\0'; - memset(rbuf, 0, sizeof(rbuf)); - free(classes); -} -#endif diff --git a/crypto/heimdal/kadmin/rename.c b/crypto/heimdal/kadmin/rename.c deleted file mode 100644 index 9309db5c229c..000000000000 --- a/crypto/heimdal/kadmin/rename.c +++ /dev/null @@ -1,63 +0,0 @@ -/* - * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" -#include "kadmin-commands.h" - -RCSID("$Id: rename.c 17007 2006-04-07 13:11:24Z lha $"); - -int -rename_entry(void *opt, int argc, char **argv) -{ - krb5_error_code ret; - krb5_principal princ1, princ2; - - ret = krb5_parse_name(context, argv[0], &princ1); - if(ret){ - krb5_warn(context, ret, "krb5_parse_name(%s)", argv[0]); - return ret != 0; - } - ret = krb5_parse_name(context, argv[1], &princ2); - if(ret){ - krb5_free_principal(context, princ1); - krb5_warn(context, ret, "krb5_parse_name(%s)", argv[1]); - return ret != 0; - } - ret = kadm5_rename_principal(kadm_handle, princ1, princ2); - if(ret) - krb5_warn(context, ret, "rename"); - krb5_free_principal(context, princ1); - krb5_free_principal(context, princ2); - return ret != 0; -} - diff --git a/crypto/heimdal/kadmin/server.c b/crypto/heimdal/kadmin/server.c deleted file mode 100644 index 07dd9a5ad7b0..000000000000 --- a/crypto/heimdal/kadmin/server.c +++ /dev/null @@ -1,577 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" -#include - -RCSID("$Id: server.c 17611 2006-06-02 22:10:21Z lha $"); - -static kadm5_ret_t -kadmind_dispatch(void *kadm_handle, krb5_boolean initial, - krb5_data *in, krb5_data *out) -{ - kadm5_ret_t ret; - int32_t cmd, mask, tmp; - kadm5_server_context *context = kadm_handle; - char client[128], name[128], name2[128]; - char *op = ""; - krb5_principal princ, princ2; - kadm5_principal_ent_rec ent; - char *password, *expression; - krb5_keyblock *new_keys; - int n_keys; - char **princs; - int n_princs; - krb5_storage *sp; - - krb5_unparse_name_fixed(context->context, context->caller, - client, sizeof(client)); - - sp = krb5_storage_from_data(in); - - krb5_ret_int32(sp, &cmd); - switch(cmd){ - case kadm_get:{ - op = "GET"; - ret = krb5_ret_principal(sp, &princ); - if(ret) - goto fail; - ret = krb5_ret_int32(sp, &mask); - if(ret){ - krb5_free_principal(context->context, princ); - goto fail; - } - krb5_unparse_name_fixed(context->context, princ, name, sizeof(name)); - krb5_warnx(context->context, "%s: %s %s", client, op, name); - ret = _kadm5_acl_check_permission(context, KADM5_PRIV_GET, princ); - if(ret){ - krb5_free_principal(context->context, princ); - goto fail; - } - ret = kadm5_get_principal(kadm_handle, princ, &ent, mask); - krb5_storage_free(sp); - sp = krb5_storage_emem(); - krb5_store_int32(sp, ret); - if(ret == 0){ - kadm5_store_principal_ent(sp, &ent); - kadm5_free_principal_ent(kadm_handle, &ent); - } - krb5_free_principal(context->context, princ); - break; - } - case kadm_delete:{ - op = "DELETE"; - ret = krb5_ret_principal(sp, &princ); - if(ret) - goto fail; - krb5_unparse_name_fixed(context->context, princ, name, sizeof(name)); - krb5_warnx(context->context, "%s: %s %s", client, op, name); - ret = _kadm5_acl_check_permission(context, KADM5_PRIV_DELETE, princ); - if(ret){ - krb5_free_principal(context->context, princ); - goto fail; - } - ret = kadm5_delete_principal(kadm_handle, princ); - krb5_free_principal(context->context, princ); - krb5_storage_free(sp); - sp = krb5_storage_emem(); - krb5_store_int32(sp, ret); - break; - } - case kadm_create:{ - op = "CREATE"; - ret = kadm5_ret_principal_ent(sp, &ent); - if(ret) - goto fail; - ret = krb5_ret_int32(sp, &mask); - if(ret){ - kadm5_free_principal_ent(context->context, &ent); - goto fail; - } - ret = krb5_ret_string(sp, &password); - if(ret){ - kadm5_free_principal_ent(context->context, &ent); - goto fail; - } - krb5_unparse_name_fixed(context->context, ent.principal, - name, sizeof(name)); - krb5_warnx(context->context, "%s: %s %s", client, op, name); - ret = _kadm5_acl_check_permission(context, KADM5_PRIV_ADD, - ent.principal); - if(ret){ - kadm5_free_principal_ent(context->context, &ent); - memset(password, 0, strlen(password)); - free(password); - goto fail; - } - ret = kadm5_create_principal(kadm_handle, &ent, - mask, password); - kadm5_free_principal_ent(kadm_handle, &ent); - memset(password, 0, strlen(password)); - free(password); - krb5_storage_free(sp); - sp = krb5_storage_emem(); - krb5_store_int32(sp, ret); - break; - } - case kadm_modify:{ - op = "MODIFY"; - ret = kadm5_ret_principal_ent(sp, &ent); - if(ret) - goto fail; - ret = krb5_ret_int32(sp, &mask); - if(ret){ - kadm5_free_principal_ent(context, &ent); - goto fail; - } - krb5_unparse_name_fixed(context->context, ent.principal, - name, sizeof(name)); - krb5_warnx(context->context, "%s: %s %s", client, op, name); - ret = _kadm5_acl_check_permission(context, KADM5_PRIV_MODIFY, - ent.principal); - if(ret){ - kadm5_free_principal_ent(context, &ent); - goto fail; - } - ret = kadm5_modify_principal(kadm_handle, &ent, mask); - kadm5_free_principal_ent(kadm_handle, &ent); - krb5_storage_free(sp); - sp = krb5_storage_emem(); - krb5_store_int32(sp, ret); - break; - } - case kadm_rename:{ - op = "RENAME"; - ret = krb5_ret_principal(sp, &princ); - if(ret) - goto fail; - ret = krb5_ret_principal(sp, &princ2); - if(ret){ - krb5_free_principal(context->context, princ); - goto fail; - } - krb5_unparse_name_fixed(context->context, princ, name, sizeof(name)); - krb5_unparse_name_fixed(context->context, princ2, name2, sizeof(name2)); - krb5_warnx(context->context, "%s: %s %s -> %s", - client, op, name, name2); - ret = _kadm5_acl_check_permission(context, - KADM5_PRIV_ADD, - princ2) - || _kadm5_acl_check_permission(context, - KADM5_PRIV_DELETE, - princ); - if(ret){ - krb5_free_principal(context->context, princ); - krb5_free_principal(context->context, princ2); - goto fail; - } - ret = kadm5_rename_principal(kadm_handle, princ, princ2); - krb5_free_principal(context->context, princ); - krb5_free_principal(context->context, princ2); - krb5_storage_free(sp); - sp = krb5_storage_emem(); - krb5_store_int32(sp, ret); - break; - } - case kadm_chpass:{ - op = "CHPASS"; - ret = krb5_ret_principal(sp, &princ); - if(ret) - goto fail; - ret = krb5_ret_string(sp, &password); - if(ret){ - krb5_free_principal(context->context, princ); - goto fail; - } - krb5_unparse_name_fixed(context->context, princ, name, sizeof(name)); - krb5_warnx(context->context, "%s: %s %s", client, op, name); - - /* - * The change is allowed if at least one of: - - * a) it's for the principal him/herself and this was an - * initial ticket, but then, check with the password quality - * function. - * b) the user is on the CPW ACL. - */ - - if (initial - && krb5_principal_compare (context->context, context->caller, - princ)) - { - krb5_data pwd_data; - const char *pwd_reason; - - pwd_data.data = password; - pwd_data.length = strlen(password); - - pwd_reason = kadm5_check_password_quality (context->context, - princ, &pwd_data); - if (pwd_reason != NULL) - ret = KADM5_PASS_Q_DICT; - else - ret = 0; - } else - ret = _kadm5_acl_check_permission(context, KADM5_PRIV_CPW, princ); - - if(ret) { - krb5_free_principal(context->context, princ); - memset(password, 0, strlen(password)); - free(password); - goto fail; - } - ret = kadm5_chpass_principal(kadm_handle, princ, password); - krb5_free_principal(context->context, princ); - memset(password, 0, strlen(password)); - free(password); - krb5_storage_free(sp); - sp = krb5_storage_emem(); - krb5_store_int32(sp, ret); - break; - } - case kadm_chpass_with_key:{ - int i; - krb5_key_data *key_data; - int n_key_data; - - op = "CHPASS_WITH_KEY"; - ret = krb5_ret_principal(sp, &princ); - if(ret) - goto fail; - ret = krb5_ret_int32(sp, &n_key_data); - if (ret) { - krb5_free_principal(context->context, princ); - goto fail; - } - /* n_key_data will be squeezed into an int16_t below. */ - if (n_key_data < 0 || n_key_data >= 1 << 16 || - n_key_data > UINT_MAX/sizeof(*key_data)) { - ret = ERANGE; - krb5_free_principal(context->context, princ); - goto fail; - } - - key_data = malloc (n_key_data * sizeof(*key_data)); - if (key_data == NULL) { - ret = ENOMEM; - krb5_free_principal(context->context, princ); - goto fail; - } - - for (i = 0; i < n_key_data; ++i) { - ret = kadm5_ret_key_data (sp, &key_data[i]); - if (ret) { - int16_t dummy = i; - - kadm5_free_key_data (context, &dummy, key_data); - free (key_data); - krb5_free_principal(context->context, princ); - goto fail; - } - } - - krb5_unparse_name_fixed(context->context, princ, name, sizeof(name)); - krb5_warnx(context->context, "%s: %s %s", client, op, name); - - /* - * The change is only allowed if the user is on the CPW ACL, - * this it to force password quality check on the user. - */ - - ret = _kadm5_acl_check_permission(context, KADM5_PRIV_CPW, princ); - if(ret) { - int16_t dummy = n_key_data; - - kadm5_free_key_data (context, &dummy, key_data); - free (key_data); - krb5_free_principal(context->context, princ); - goto fail; - } - ret = kadm5_chpass_principal_with_key(kadm_handle, princ, - n_key_data, key_data); - { - int16_t dummy = n_key_data; - kadm5_free_key_data (context, &dummy, key_data); - } - free (key_data); - krb5_free_principal(context->context, princ); - krb5_storage_free(sp); - sp = krb5_storage_emem(); - krb5_store_int32(sp, ret); - break; - } - case kadm_randkey:{ - op = "RANDKEY"; - ret = krb5_ret_principal(sp, &princ); - if(ret) - goto fail; - krb5_unparse_name_fixed(context->context, princ, name, sizeof(name)); - krb5_warnx(context->context, "%s: %s %s", client, op, name); - /* - * The change is allowed if at least one of: - * a) it's for the principal him/herself and this was an initial ticket - * b) the user is on the CPW ACL. - */ - - if (initial - && krb5_principal_compare (context->context, context->caller, - princ)) - ret = 0; - else - ret = _kadm5_acl_check_permission(context, KADM5_PRIV_CPW, princ); - - if(ret) { - krb5_free_principal(context->context, princ); - goto fail; - } - ret = kadm5_randkey_principal(kadm_handle, princ, - &new_keys, &n_keys); - krb5_free_principal(context->context, princ); - krb5_storage_free(sp); - sp = krb5_storage_emem(); - krb5_store_int32(sp, ret); - if(ret == 0){ - int i; - krb5_store_int32(sp, n_keys); - for(i = 0; i < n_keys; i++){ - krb5_store_keyblock(sp, new_keys[i]); - krb5_free_keyblock_contents(context->context, &new_keys[i]); - } - } - break; - } - case kadm_get_privs:{ - uint32_t privs; - ret = kadm5_get_privs(kadm_handle, &privs); - krb5_storage_free(sp); - sp = krb5_storage_emem(); - krb5_store_int32(sp, ret); - if(ret == 0) - krb5_store_uint32(sp, privs); - break; - } - case kadm_get_princs:{ - op = "LIST"; - ret = krb5_ret_int32(sp, &tmp); - if(ret) - goto fail; - if(tmp){ - ret = krb5_ret_string(sp, &expression); - if(ret) - goto fail; - }else - expression = NULL; - krb5_warnx(context->context, "%s: %s %s", client, op, - expression ? expression : "*"); - ret = _kadm5_acl_check_permission(context, KADM5_PRIV_LIST, NULL); - if(ret){ - free(expression); - goto fail; - } - ret = kadm5_get_principals(kadm_handle, expression, &princs, &n_princs); - free(expression); - krb5_storage_free(sp); - sp = krb5_storage_emem(); - krb5_store_int32(sp, ret); - if(ret == 0){ - int i; - krb5_store_int32(sp, n_princs); - for(i = 0; i < n_princs; i++) - krb5_store_string(sp, princs[i]); - kadm5_free_name_list(kadm_handle, princs, &n_princs); - } - break; - } - default: - krb5_warnx(context->context, "%s: UNKNOWN OP %d", client, cmd); - krb5_storage_free(sp); - sp = krb5_storage_emem(); - krb5_store_int32(sp, KADM5_FAILURE); - break; - } - krb5_storage_to_data(sp, out); - krb5_storage_free(sp); - return 0; -fail: - krb5_warn(context->context, ret, "%s", op); - krb5_storage_seek(sp, 0, SEEK_SET); - krb5_store_int32(sp, ret); - krb5_storage_to_data(sp, out); - krb5_storage_free(sp); - return 0; -} - -static void -v5_loop (krb5_context context, - krb5_auth_context ac, - krb5_boolean initial, - void *kadm_handle, - int fd) -{ - krb5_error_code ret; - krb5_data in, out; - - for (;;) { - doing_useful_work = 0; - if(term_flag) - exit(0); - ret = krb5_read_priv_message(context, ac, &fd, &in); - if(ret == HEIM_ERR_EOF) - exit(0); - if(ret) - krb5_err(context, 1, ret, "krb5_read_priv_message"); - doing_useful_work = 1; - kadmind_dispatch(kadm_handle, initial, &in, &out); - krb5_data_free(&in); - ret = krb5_write_priv_message(context, ac, &fd, &out); - if(ret) - krb5_err(context, 1, ret, "krb5_write_priv_message"); - } -} - -static krb5_boolean -match_appl_version(const void *data, const char *appl_version) -{ - unsigned minor; - if(sscanf(appl_version, "KADM0.%u", &minor) != 1) - return 0; - *(unsigned*)data = minor; - return 1; -} - -static void -handle_v5(krb5_context context, - krb5_auth_context ac, - krb5_keytab keytab, - int len, - int fd) -{ - krb5_error_code ret; - u_char version[sizeof(KRB5_SENDAUTH_VERSION)]; - krb5_ticket *ticket; - char *server_name; - char *client; - void *kadm_handle; - ssize_t n; - krb5_boolean initial; - - unsigned kadm_version; - kadm5_config_params realm_params; - - if (len != sizeof(KRB5_SENDAUTH_VERSION)) - krb5_errx(context, 1, "bad sendauth len %d", len); - n = krb5_net_read(context, &fd, version, len); - if (n < 0) - krb5_err (context, 1, errno, "reading sendauth version"); - if (n == 0) - krb5_errx (context, 1, "EOF reading sendauth version"); - if(memcmp(version, KRB5_SENDAUTH_VERSION, len) != 0) - krb5_errx(context, 1, "bad sendauth version %.8s", version); - - ret = krb5_recvauth_match_version(context, &ac, &fd, - match_appl_version, &kadm_version, - NULL, KRB5_RECVAUTH_IGNORE_VERSION, - keytab, &ticket); - if(ret == KRB5_KT_NOTFOUND) - krb5_errx(context, 1, "krb5_recvauth: key not found"); - if(ret) - krb5_err(context, 1, ret, "krb5_recvauth"); - - ret = krb5_unparse_name (context, ticket->server, &server_name); - if (ret) - krb5_err (context, 1, ret, "krb5_unparse_name"); - - if (strncmp (server_name, KADM5_ADMIN_SERVICE, - strlen(KADM5_ADMIN_SERVICE)) != 0) - krb5_errx (context, 1, "ticket for strange principal (%s)", - server_name); - - free (server_name); - - memset(&realm_params, 0, sizeof(realm_params)); - - if(kadm_version == 1) { - krb5_data params; - ret = krb5_read_priv_message(context, ac, &fd, ¶ms); - if(ret) - krb5_err(context, 1, ret, "krb5_read_priv_message"); - _kadm5_unmarshal_params(context, ¶ms, &realm_params); - } - - initial = ticket->ticket.flags.initial; - ret = krb5_unparse_name(context, ticket->client, &client); - if (ret) - krb5_err (context, 1, ret, "krb5_unparse_name"); - krb5_free_ticket (context, ticket); - ret = kadm5_init_with_password_ctx(context, - client, - NULL, - KADM5_ADMIN_SERVICE, - &realm_params, - 0, 0, - &kadm_handle); - if(ret) - krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); - v5_loop (context, ac, initial, kadm_handle, fd); -} - -krb5_error_code -kadmind_loop(krb5_context context, - krb5_auth_context ac, - krb5_keytab keytab, - int fd) -{ - unsigned char tmp[4]; - ssize_t n; - unsigned long len; - - n = krb5_net_read(context, &fd, tmp, 4); - if(n == 0) - exit(0); - if(n < 0) - krb5_err(context, 1, errno, "read"); - _krb5_get_int(tmp, &len, 4); - /* this v4 test could probably also go away */ - if(len > 0xffff && (len & 0xffff) == ('K' << 8) + 'A') { - unsigned char v4reply[] = { - 0x00, 0x0c, - 'K', 'Y', 'O', 'U', 'L', 'O', 'S', 'E', - 0x95, 0xb7, 0xa7, 0x08 /* KADM_BAD_VER */ - }; - krb5_net_write(context, &fd, v4reply, sizeof(v4reply)); - krb5_errx(context, 1, "packet appears to be version 4"); - } else { - handle_v5(context, ac, keytab, len, fd); - } - return 0; -} diff --git a/crypto/heimdal/kadmin/stash.c b/crypto/heimdal/kadmin/stash.c deleted file mode 100644 index d5b65ee8d37a..000000000000 --- a/crypto/heimdal/kadmin/stash.c +++ /dev/null @@ -1,140 +0,0 @@ -/* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" -#include "kadmin-commands.h" - -RCSID("$Id: stash.c 22251 2007-12-09 05:58:43Z lha $"); - -extern int local_flag; - -int -stash(struct stash_options *opt, int argc, char **argv) -{ - char buf[1024]; - krb5_error_code ret; - krb5_enctype enctype; - hdb_master_key mkey; - - if(!local_flag) { - krb5_warnx(context, "stash is only available in local (-l) mode"); - return 0; - } - - ret = krb5_string_to_enctype(context, opt->enctype_string, &enctype); - if(ret) { - krb5_warn(context, ret, "%s", opt->enctype_string); - return 0; - } - - if(opt->key_file_string == NULL) { - asprintf(&opt->key_file_string, "%s/m-key", hdb_db_dir(context)); - if (opt->key_file_string == NULL) - errx(1, "out of memory"); - } - - ret = hdb_read_master_key(context, opt->key_file_string, &mkey); - if(ret && ret != ENOENT) { - krb5_warn(context, ret, "reading master key from %s", - opt->key_file_string); - return 0; - } - - if (opt->convert_file_flag) { - if (ret) - krb5_warn(context, ret, "reading master key from %s", - opt->key_file_string); - return 0; - } else { - krb5_keyblock key; - krb5_salt salt; - salt.salttype = KRB5_PW_SALT; - /* XXX better value? */ - salt.saltvalue.data = NULL; - salt.saltvalue.length = 0; - if(opt->master_key_fd_integer != -1) { - ssize_t n; - n = read(opt->master_key_fd_integer, buf, sizeof(buf)); - if(n == 0) - krb5_warnx(context, "end of file reading passphrase"); - else if(n < 0) - krb5_warn(context, errno, "reading passphrase"); - buf[n] = '\0'; - buf[strcspn(buf, "\r\n")] = '\0'; - } else { - if(UI_UTIL_read_pw_string(buf, sizeof(buf), "Master key: ", 1)) { - hdb_free_master_key(context, mkey); - return 0; - } - } - ret = krb5_string_to_key_salt(context, enctype, buf, salt, &key); - ret = hdb_add_master_key(context, &key, &mkey); - krb5_free_keyblock_contents(context, &key); - } - - { - char *new, *old; - asprintf(&old, "%s.old", opt->key_file_string); - asprintf(&new, "%s.new", opt->key_file_string); - if(old == NULL || new == NULL) { - ret = ENOMEM; - goto out; - } - - if(unlink(new) < 0 && errno != ENOENT) { - ret = errno; - goto out; - } - krb5_warnx(context, "writing key to \"%s\"", opt->key_file_string); - ret = hdb_write_master_key(context, new, mkey); - if(ret) - unlink(new); - else { - unlink(old); - if(link(opt->key_file_string, old) < 0 && errno != ENOENT) { - ret = errno; - unlink(new); - } else if(rename(new, opt->key_file_string) < 0) { - ret = errno; - } - } - out: - free(old); - free(new); - if(ret) - krb5_warn(context, errno, "writing master key file"); - } - - hdb_free_master_key(context, mkey); - return 0; -} diff --git a/crypto/heimdal/kadmin/test_util.c b/crypto/heimdal/kadmin/test_util.c deleted file mode 100644 index 0f59f60782e7..000000000000 --- a/crypto/heimdal/kadmin/test_util.c +++ /dev/null @@ -1,92 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "kadmin_locl.h" - -RCSID("$Id: test_util.c 19486 2006-12-22 17:25:59Z lha $"); - -krb5_context context; -void *kadm_handle; - -struct { - const char *str; - int ret; - time_t t; -} ts[] = { - { "2006-12-22 18:09:00", 0, 1166810940 }, - { "2006-12-22", 0, 1166831999 }, - { "2006-12-22 23:59:59", 0, 1166831999 } -}; - -static int -test_time(void) -{ - int i, errors = 0; - - for (i = 0; i < sizeof(ts)/sizeof(ts[0]); i++) { - time_t t; - int ret; - - ret = str2time_t (ts[i].str, &t); - if (ret != ts[i].ret) { - printf("%d: %d is wrong ret\n", i, ret); - errors++; - } - else if (t != ts[i].t) { - printf("%d: %d is wrong time\n", i, (int)t); - errors++; - } - } - - return errors; -} - - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - - setprogname(argv[0]); - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - ret = 0; - ret += test_time(); - - krb5_free_context(context); - - return ret; -} - diff --git a/crypto/heimdal/kadmin/util.c b/crypto/heimdal/kadmin/util.c deleted file mode 100644 index 3c12dcb835bc..000000000000 --- a/crypto/heimdal/kadmin/util.c +++ /dev/null @@ -1,664 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadmin_locl.h" -#include - -RCSID("$Id: util.c 21745 2007-07-31 16:11:25Z lha $"); - -/* - * util.c - functions for parsing, unparsing, and editing different - * types of data used in kadmin. - */ - -static int -get_response(const char *prompt, const char *def, char *buf, size_t len); - -/* - * attributes - */ - -struct units kdb_attrs[] = { - { "allow-digest", KRB5_KDB_ALLOW_DIGEST }, - { "allow-kerberos4", KRB5_KDB_ALLOW_KERBEROS4 }, - { "trusted-for-delegation", KRB5_KDB_TRUSTED_FOR_DELEGATION }, - { "ok-as-delegate", KRB5_KDB_OK_AS_DELEGATE }, - { "new-princ", KRB5_KDB_NEW_PRINC }, - { "support-desmd5", KRB5_KDB_SUPPORT_DESMD5 }, - { "pwchange-service", KRB5_KDB_PWCHANGE_SERVICE }, - { "disallow-svr", KRB5_KDB_DISALLOW_SVR }, - { "requires-pw-change", KRB5_KDB_REQUIRES_PWCHANGE }, - { "requires-hw-auth", KRB5_KDB_REQUIRES_HW_AUTH }, - { "requires-pre-auth", KRB5_KDB_REQUIRES_PRE_AUTH }, - { "disallow-all-tix", KRB5_KDB_DISALLOW_ALL_TIX }, - { "disallow-dup-skey", KRB5_KDB_DISALLOW_DUP_SKEY }, - { "disallow-proxiable", KRB5_KDB_DISALLOW_PROXIABLE }, - { "disallow-renewable", KRB5_KDB_DISALLOW_RENEWABLE }, - { "disallow-tgt-based", KRB5_KDB_DISALLOW_TGT_BASED }, - { "disallow-forwardable", KRB5_KDB_DISALLOW_FORWARDABLE }, - { "disallow-postdated", KRB5_KDB_DISALLOW_POSTDATED }, - { NULL } -}; - -/* - * convert the attributes in `attributes' into a printable string - * in `str, len' - */ - -void -attributes2str(krb5_flags attributes, char *str, size_t len) -{ - unparse_flags (attributes, kdb_attrs, str, len); -} - -/* - * convert the string in `str' into attributes in `flags' - * return 0 if parsed ok, else -1. - */ - -int -str2attributes(const char *str, krb5_flags *flags) -{ - int res; - - res = parse_flags (str, kdb_attrs, *flags); - if (res < 0) - return res; - else { - *flags = res; - return 0; - } -} - -/* - * try to parse the string `resp' into attributes in `attr', also - * setting the `bit' in `mask' if attributes are given and valid. - */ - -int -parse_attributes (const char *resp, krb5_flags *attr, int *mask, int bit) -{ - krb5_flags tmp = *attr; - - if (str2attributes(resp, &tmp) == 0) { - *attr = tmp; - if (mask) - *mask |= bit; - return 0; - } else if(*resp == '?') { - print_flags_table (kdb_attrs, stderr); - } else { - fprintf (stderr, "Unable to parse \"%s\"\n", resp); - } - return -1; -} - -/* - * allow the user to edit the attributes in `attr', prompting with `prompt' - */ - -int -edit_attributes (const char *prompt, krb5_flags *attr, int *mask, int bit) -{ - char buf[1024], resp[1024]; - - if (mask && (*mask & bit)) - return 0; - - attributes2str(*attr, buf, sizeof(buf)); - for (;;) { - if(get_response("Attributes", buf, resp, sizeof(resp)) != 0) - return 1; - if (resp[0] == '\0') - break; - if (parse_attributes (resp, attr, mask, bit) == 0) - break; - } - return 0; -} - -/* - * time_t - * the special value 0 means ``never'' - */ - -/* - * Convert the time `t' to a string representation in `str' (of max - * size `len'). If include_time also include time, otherwise just - * date. - */ - -void -time_t2str(time_t t, char *str, size_t len, int include_time) -{ - if(t) { - if(include_time) - strftime(str, len, "%Y-%m-%d %H:%M:%S UTC", gmtime(&t)); - else - strftime(str, len, "%Y-%m-%d", gmtime(&t)); - } else - snprintf(str, len, "never"); -} - -/* - * Convert the time representation in `str' to a time in `time'. - * Return 0 if succesful, else -1. - */ - -int -str2time_t (const char *str, time_t *t) -{ - const char *p; - struct tm tm, tm2; - - memset (&tm, 0, sizeof (tm)); - memset (&tm2, 0, sizeof (tm2)); - - if(strcasecmp(str, "never") == 0) { - *t = 0; - return 0; - } - - if(strcasecmp(str, "now") == 0) { - *t = time(NULL); - return 0; - } - - p = strptime (str, "%Y-%m-%d", &tm); - - if (p == NULL) - return -1; - - while(isspace((unsigned char)*p)) - p++; - - /* XXX this is really a bit optimistic, we should really complain - if there was a problem parsing the time */ - if(p[0] != '\0' && strptime (p, "%H:%M:%S", &tm2) != NULL) { - tm.tm_hour = tm2.tm_hour; - tm.tm_min = tm2.tm_min; - tm.tm_sec = tm2.tm_sec; - } else { - /* Do it on the end of the day */ - tm.tm_hour = 23; - tm.tm_min = 59; - tm.tm_sec = 59; - } - - *t = tm2time (tm, 0); - return 0; -} - -/* - * try to parse the time in `resp' storing it in `value' - */ - -int -parse_timet (const char *resp, krb5_timestamp *value, int *mask, int bit) -{ - time_t tmp; - - if (str2time_t(resp, &tmp) == 0) { - *value = tmp; - if(mask) - *mask |= bit; - return 0; - } - if(*resp != '?') - fprintf (stderr, "Unable to parse time \"%s\"\n", resp); - fprintf (stderr, "Print date on format YYYY-mm-dd [hh:mm:ss]\n"); - return -1; -} - -/* - * allow the user to edit the time in `value' - */ - -int -edit_timet (const char *prompt, krb5_timestamp *value, int *mask, int bit) -{ - char buf[1024], resp[1024]; - - if (mask && (*mask & bit)) - return 0; - - time_t2str (*value, buf, sizeof (buf), 0); - - for (;;) { - if(get_response(prompt, buf, resp, sizeof(resp)) != 0) - return 1; - if (parse_timet (resp, value, mask, bit) == 0) - break; - } - return 0; -} - -/* - * deltat - * the special value 0 means ``unlimited'' - */ - -/* - * convert the delta_t value in `t' into a printable form in `str, len' - */ - -void -deltat2str(unsigned t, char *str, size_t len) -{ - if(t == 0 || t == INT_MAX) - snprintf(str, len, "unlimited"); - else - unparse_time(t, str, len); -} - -/* - * parse the delta value in `str', storing result in `*delta' - * return 0 if ok, else -1 - */ - -int -str2deltat(const char *str, krb5_deltat *delta) -{ - int res; - - if(strcasecmp(str, "unlimited") == 0) { - *delta = 0; - return 0; - } - res = parse_time(str, "day"); - if (res < 0) - return res; - else { - *delta = res; - return 0; - } -} - -/* - * try to parse the string in `resp' into a deltad in `value' - * `mask' will get the bit `bit' set if a value was given. - */ - -int -parse_deltat (const char *resp, krb5_deltat *value, int *mask, int bit) -{ - krb5_deltat tmp; - - if (str2deltat(resp, &tmp) == 0) { - *value = tmp; - if (mask) - *mask |= bit; - return 0; - } else if(*resp == '?') { - print_time_table (stderr); - } else { - fprintf (stderr, "Unable to parse time \"%s\"\n", resp); - } - return -1; -} - -/* - * allow the user to edit the deltat in `value' - */ - -int -edit_deltat (const char *prompt, krb5_deltat *value, int *mask, int bit) -{ - char buf[1024], resp[1024]; - - if (mask && (*mask & bit)) - return 0; - - deltat2str(*value, buf, sizeof(buf)); - for (;;) { - if(get_response(prompt, buf, resp, sizeof(resp)) != 0) - return 1; - if (parse_deltat (resp, value, mask, bit) == 0) - break; - } - return 0; -} - -/* - * allow the user to edit `ent' - */ - -void -set_defaults(kadm5_principal_ent_t ent, int *mask, - kadm5_principal_ent_t default_ent, int default_mask) -{ - if (default_ent - && (default_mask & KADM5_MAX_LIFE) - && !(*mask & KADM5_MAX_LIFE)) - ent->max_life = default_ent->max_life; - - if (default_ent - && (default_mask & KADM5_MAX_RLIFE) - && !(*mask & KADM5_MAX_RLIFE)) - ent->max_renewable_life = default_ent->max_renewable_life; - - if (default_ent - && (default_mask & KADM5_PRINC_EXPIRE_TIME) - && !(*mask & KADM5_PRINC_EXPIRE_TIME)) - ent->princ_expire_time = default_ent->princ_expire_time; - - if (default_ent - && (default_mask & KADM5_PW_EXPIRATION) - && !(*mask & KADM5_PW_EXPIRATION)) - ent->pw_expiration = default_ent->pw_expiration; - - if (default_ent - && (default_mask & KADM5_ATTRIBUTES) - && !(*mask & KADM5_ATTRIBUTES)) - ent->attributes = default_ent->attributes & ~KRB5_KDB_DISALLOW_ALL_TIX; -} - -int -edit_entry(kadm5_principal_ent_t ent, int *mask, - kadm5_principal_ent_t default_ent, int default_mask) -{ - - set_defaults(ent, mask, default_ent, default_mask); - - if(edit_deltat ("Max ticket life", &ent->max_life, mask, - KADM5_MAX_LIFE) != 0) - return 1; - - if(edit_deltat ("Max renewable life", &ent->max_renewable_life, mask, - KADM5_MAX_RLIFE) != 0) - return 1; - - if(edit_timet ("Principal expiration time", &ent->princ_expire_time, mask, - KADM5_PRINC_EXPIRE_TIME) != 0) - return 1; - - if(edit_timet ("Password expiration time", &ent->pw_expiration, mask, - KADM5_PW_EXPIRATION) != 0) - return 1; - - if(edit_attributes ("Attributes", &ent->attributes, mask, - KADM5_ATTRIBUTES) != 0) - return 1; - - return 0; -} - -/* - * Parse the arguments, set the fields in `ent' and the `mask' for the - * entries having been set. - * Return 1 on failure and 0 on success. - */ - -int -set_entry(krb5_context context, - kadm5_principal_ent_t ent, - int *mask, - const char *max_ticket_life, - const char *max_renewable_life, - const char *expiration, - const char *pw_expiration, - const char *attributes) -{ - if (max_ticket_life != NULL) { - if (parse_deltat (max_ticket_life, &ent->max_life, - mask, KADM5_MAX_LIFE)) { - krb5_warnx (context, "unable to parse `%s'", max_ticket_life); - return 1; - } - } - if (max_renewable_life != NULL) { - if (parse_deltat (max_renewable_life, &ent->max_renewable_life, - mask, KADM5_MAX_RLIFE)) { - krb5_warnx (context, "unable to parse `%s'", max_renewable_life); - return 1; - } - } - - if (expiration) { - if (parse_timet (expiration, &ent->princ_expire_time, - mask, KADM5_PRINC_EXPIRE_TIME)) { - krb5_warnx (context, "unable to parse `%s'", expiration); - return 1; - } - } - if (pw_expiration) { - if (parse_timet (pw_expiration, &ent->pw_expiration, - mask, KADM5_PW_EXPIRATION)) { - krb5_warnx (context, "unable to parse `%s'", pw_expiration); - return 1; - } - } - if (attributes != NULL) { - if (parse_attributes (attributes, &ent->attributes, - mask, KADM5_ATTRIBUTES)) { - krb5_warnx (context, "unable to parse `%s'", attributes); - return 1; - } - } - return 0; -} - -/* - * Does `string' contain any globing characters? - */ - -static int -is_expression(const char *string) -{ - const char *p; - int quote = 0; - - for(p = string; *p; p++) { - if(quote) { - quote = 0; - continue; - } - if(*p == '\\') - quote++; - else if(strchr("[]*?", *p) != NULL) - return 1; - } - return 0; -} - -/* - * Loop over all principals matching exp. If any of calls to `func' - * failes, the first error is returned when all principals are - * processed. - */ -int -foreach_principal(const char *exp_str, - int (*func)(krb5_principal, void*), - const char *funcname, - void *data) -{ - char **princs; - int num_princs; - int i; - krb5_error_code saved_ret = 0, ret = 0; - krb5_principal princ_ent; - int is_expr; - - /* if this isn't an expression, there is no point in wading - through the whole database looking for matches */ - is_expr = is_expression(exp_str); - if(is_expr) - ret = kadm5_get_principals(kadm_handle, exp_str, &princs, &num_princs); - if(!is_expr || ret == KADM5_AUTH_LIST) { - /* we might be able to perform the requested opreration even - if we're not allowed to list principals */ - num_princs = 1; - princs = malloc(sizeof(*princs)); - if(princs == NULL) - return ENOMEM; - princs[0] = strdup(exp_str); - if(princs[0] == NULL){ - free(princs); - return ENOMEM; - } - } else if(ret) { - krb5_warn(context, ret, "kadm5_get_principals"); - return ret; - } - for(i = 0; i < num_princs; i++) { - ret = krb5_parse_name(context, princs[i], &princ_ent); - if(ret){ - krb5_warn(context, ret, "krb5_parse_name(%s)", princs[i]); - continue; - } - ret = (*func)(princ_ent, data); - if(ret) { - krb5_clear_error_string(context); - krb5_warn(context, ret, "%s %s", funcname, princs[i]); - if (saved_ret == 0) - saved_ret = ret; - } - krb5_free_principal(context, princ_ent); - } - if (ret == 0 && saved_ret != 0) - ret = saved_ret; - kadm5_free_name_list(kadm_handle, princs, &num_princs); - return ret; -} - -/* - * prompt with `prompt' and default value `def', and store the reply - * in `buf, len' - */ - -#include - -static jmp_buf jmpbuf; - -static void -interrupt(int sig) -{ - longjmp(jmpbuf, 1); -} - -static int -get_response(const char *prompt, const char *def, char *buf, size_t len) -{ - char *p; - void (*osig)(int); - - osig = signal(SIGINT, interrupt); - if(setjmp(jmpbuf)) { - signal(SIGINT, osig); - fprintf(stderr, "\n"); - return 1; - } - - fprintf(stderr, "%s [%s]:", prompt, def); - if(fgets(buf, len, stdin) == NULL) { - int save_errno = errno; - if(ferror(stdin)) - krb5_err(context, 1, save_errno, ""); - signal(SIGINT, osig); - return 1; - } - p = strchr(buf, '\n'); - if(p) - *p = '\0'; - if(strcmp(buf, "") == 0) - strlcpy(buf, def, len); - signal(SIGINT, osig); - return 0; -} - -/* - * return [0, 16) or -1 - */ - -static int -hex2n (char c) -{ - static char hexdigits[] = "0123456789abcdef"; - const char *p; - - p = strchr (hexdigits, tolower((unsigned char)c)); - if (p == NULL) - return -1; - else - return p - hexdigits; -} - -/* - * convert a key in a readable format into a keyblock. - * return 0 iff succesful, otherwise `err' should point to an error message - */ - -int -parse_des_key (const char *key_string, krb5_key_data *key_data, - const char **error) -{ - const char *p = key_string; - unsigned char bits[8]; - int i; - - if (strlen (key_string) != 16) { - *error = "bad length, should be 16 for DES key"; - return 1; - } - for (i = 0; i < 8; ++i) { - int d1, d2; - - d1 = hex2n(p[2 * i]); - d2 = hex2n(p[2 * i + 1]); - if (d1 < 0 || d2 < 0) { - *error = "non-hex character"; - return 1; - } - bits[i] = (d1 << 4) | d2; - } - for (i = 0; i < 3; ++i) { - key_data[i].key_data_ver = 2; - key_data[i].key_data_kvno = 0; - /* key */ - key_data[i].key_data_type[0] = ETYPE_DES_CBC_CRC; - key_data[i].key_data_length[0] = 8; - key_data[i].key_data_contents[0] = malloc(8); - if (key_data[i].key_data_contents[0] == NULL) { - *error = "malloc"; - return ENOMEM; - } - memcpy (key_data[i].key_data_contents[0], bits, 8); - /* salt */ - key_data[i].key_data_type[1] = KRB5_PW_SALT; - key_data[i].key_data_length[1] = 0; - key_data[i].key_data_contents[1] = NULL; - } - key_data[0].key_data_type[0] = ETYPE_DES_CBC_MD5; - key_data[1].key_data_type[0] = ETYPE_DES_CBC_MD4; - return 0; -} diff --git a/crypto/heimdal/kadmin/version4.c b/crypto/heimdal/kadmin/version4.c deleted file mode 100644 index ffa9c07f8582..000000000000 --- a/crypto/heimdal/kadmin/version4.c +++ /dev/null @@ -1,1016 +0,0 @@ -/* - * Copyright (c) 1999 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "kadmin_locl.h" -#include - -#define Principal krb4_Principal -#define kadm_get krb4_kadm_get -#undef ALLOC -#include -#include -#include -#include - -RCSID("$Id: version4.c,v 1.29.2.1 2004/04/29 12:29:23 lha Exp $"); - -#define KADM_NO_OPCODE -1 -#define KADM_NO_ENCRYPT -2 - -/* - * make an error packet if we fail encrypting - */ - -static void -make_you_lose_packet(int code, krb5_data *reply) -{ - krb5_data_alloc(reply, KADM_VERSIZE + 4); - memcpy(reply->data, KADM_ULOSE, KADM_VERSIZE); - _krb5_put_int((char*)reply->data + KADM_VERSIZE, code, 4); -} - -static int -ret_fields(krb5_storage *sp, char *fields) -{ - return krb5_storage_read(sp, fields, FLDSZ); -} - -static int -store_fields(krb5_storage *sp, char *fields) -{ - return krb5_storage_write(sp, fields, FLDSZ); -} - -static void -ret_vals(krb5_storage *sp, Kadm_vals *vals) -{ - int field; - char *tmp_string; - - memset(vals, 0, sizeof(*vals)); - - ret_fields(sp, vals->fields); - - for(field = 31; field >= 0; field--) { - if(IS_FIELD(field, vals->fields)) { - switch(field) { - case KADM_NAME: - krb5_ret_stringz(sp, &tmp_string); - strlcpy(vals->name, tmp_string, sizeof(vals->name)); - free(tmp_string); - break; - case KADM_INST: - krb5_ret_stringz(sp, &tmp_string); - strlcpy(vals->instance, tmp_string, - sizeof(vals->instance)); - free(tmp_string); - break; - case KADM_EXPDATE: - krb5_ret_int32(sp, &vals->exp_date); - break; - case KADM_ATTR: - krb5_ret_int16(sp, &vals->attributes); - break; - case KADM_MAXLIFE: - krb5_ret_int8(sp, &vals->max_life); - break; - case KADM_DESKEY: - krb5_ret_int32(sp, &vals->key_high); - krb5_ret_int32(sp, &vals->key_low); - break; -#ifdef EXTENDED_KADM - case KADM_MODDATE: - krb5_ret_int32(sp, &vals->mod_date); - break; - case KADM_MODNAME: - krb5_ret_stringz(sp, &tmp_string); - strlcpy(vals->mod_name, tmp_string, - sizeof(vals->mod_name)); - free(tmp_string); - break; - case KADM_MODINST: - krb5_ret_stringz(sp, &tmp_string); - strlcpy(vals->mod_instance, tmp_string, - sizeof(vals->mod_instance)); - free(tmp_string); - break; - case KADM_KVNO: - krb5_ret_int8(sp, &vals->key_version); - break; -#endif - default: - break; - } - } - } -} - -static void -store_vals(krb5_storage *sp, Kadm_vals *vals) -{ - int field; - - store_fields(sp, vals->fields); - - for(field = 31; field >= 0; field--) { - if(IS_FIELD(field, vals->fields)) { - switch(field) { - case KADM_NAME: - krb5_store_stringz(sp, vals->name); - break; - case KADM_INST: - krb5_store_stringz(sp, vals->instance); - break; - case KADM_EXPDATE: - krb5_store_int32(sp, vals->exp_date); - break; - case KADM_ATTR: - krb5_store_int16(sp, vals->attributes); - break; - case KADM_MAXLIFE: - krb5_store_int8(sp, vals->max_life); - break; - case KADM_DESKEY: - krb5_store_int32(sp, vals->key_high); - krb5_store_int32(sp, vals->key_low); - break; -#ifdef EXTENDED_KADM - case KADM_MODDATE: - krb5_store_int32(sp, vals->mod_date); - break; - case KADM_MODNAME: - krb5_store_stringz(sp, vals->mod_name); - break; - case KADM_MODINST: - krb5_store_stringz(sp, vals->mod_instance); - break; - case KADM_KVNO: - krb5_store_int8(sp, vals->key_version); - break; -#endif - default: - break; - } - } - } -} - -static int -flags_4_to_5(char *flags) -{ - int i; - int32_t mask = 0; - for(i = 31; i >= 0; i--) { - if(IS_FIELD(i, flags)) - switch(i) { - case KADM_NAME: - case KADM_INST: - mask |= KADM5_PRINCIPAL; - case KADM_EXPDATE: - mask |= KADM5_PRINC_EXPIRE_TIME; - case KADM_MAXLIFE: - mask |= KADM5_MAX_LIFE; -#ifdef EXTENDED_KADM - case KADM_KVNO: - mask |= KADM5_KEY_DATA; - case KADM_MODDATE: - mask |= KADM5_MOD_TIME; - case KADM_MODNAME: - case KADM_MODINST: - mask |= KADM5_MOD_NAME; -#endif - } - } - return mask; -} - -static void -ent_to_values(krb5_context context, - kadm5_principal_ent_t ent, - int32_t mask, - Kadm_vals *vals) -{ - krb5_error_code ret; - char realm[REALM_SZ]; - time_t exp = 0; - - memset(vals, 0, sizeof(*vals)); - if(mask & KADM5_PRINCIPAL) { - ret = krb5_524_conv_principal(context, ent->principal, - vals->name, vals->instance, realm); - SET_FIELD(KADM_NAME, vals->fields); - SET_FIELD(KADM_INST, vals->fields); - } - if(mask & KADM5_PRINC_EXPIRE_TIME) { - if(ent->princ_expire_time != 0) - exp = ent->princ_expire_time; - } - if(mask & KADM5_PW_EXPIRATION) { - if(ent->pw_expiration != 0 && (exp == 0 || exp > ent->pw_expiration)) - exp = ent->pw_expiration; - } - if(exp) { - vals->exp_date = exp; - SET_FIELD(KADM_EXPDATE, vals->fields); - } - if(mask & KADM5_MAX_LIFE) { - if(ent->max_life == 0) - vals->max_life = 255; - else - vals->max_life = krb_time_to_life(0, ent->max_life); - SET_FIELD(KADM_MAXLIFE, vals->fields); - } - if(mask & KADM5_KEY_DATA) { - if(ent->n_key_data > 0) { -#ifdef EXTENDED_KADM - vals->key_version = ent->key_data[0].key_data_kvno; - SET_FIELD(KADM_KVNO, vals->fields); -#endif - } - /* XXX the key itself? */ - } -#ifdef EXTENDED_KADM - if(mask & KADM5_MOD_TIME) { - vals->mod_date = ent->mod_date; - SET_FIELD(KADM_MODDATE, vals->fields); - } - if(mask & KADM5_MOD_NAME) { - krb5_524_conv_principal(context, ent->mod_name, - vals->mod_name, vals->mod_instance, realm); - SET_FIELD(KADM_MODNAME, vals->fields); - SET_FIELD(KADM_MODINST, vals->fields); - } -#endif -} - -/* - * convert the kadm4 values in `vals' to `ent' (and `mask') - */ - -static krb5_error_code -values_to_ent(krb5_context context, - Kadm_vals *vals, - kadm5_principal_ent_t ent, - int32_t *mask) -{ - krb5_error_code ret; - *mask = 0; - memset(ent, 0, sizeof(*ent)); - - if(IS_FIELD(KADM_NAME, vals->fields)) { - char *inst = NULL; - if(IS_FIELD(KADM_INST, vals->fields)) - inst = vals->instance; - ret = krb5_425_conv_principal(context, - vals->name, - inst, - NULL, - &ent->principal); - if(ret) - return ret; - *mask |= KADM5_PRINCIPAL; - } - if(IS_FIELD(KADM_EXPDATE, vals->fields)) { - ent->princ_expire_time = vals->exp_date; - *mask |= KADM5_PRINC_EXPIRE_TIME; - } - if(IS_FIELD(KADM_MAXLIFE, vals->fields)) { - ent->max_life = krb_life_to_time(0, vals->max_life); - *mask |= KADM5_MAX_LIFE; - } - - if(IS_FIELD(KADM_DESKEY, vals->fields)) { - int i; - ent->key_data = calloc(3, sizeof(*ent->key_data)); - if(ent->key_data == NULL) - return ENOMEM; - for(i = 0; i < 3; i++) { - u_int32_t key_low, key_high; - - ent->key_data[i].key_data_ver = 2; -#ifdef EXTENDED_KADM - if(IS_FIELD(KADM_KVNO, vals->fields)) - ent->key_data[i].key_data_kvno = vals->key_version; -#endif - ent->key_data[i].key_data_type[0] = ETYPE_DES_CBC_MD5; - ent->key_data[i].key_data_length[0] = 8; - if((ent->key_data[i].key_data_contents[0] = malloc(8)) == NULL) - return ENOMEM; - - key_low = ntohl(vals->key_low); - key_high = ntohl(vals->key_high); - memcpy(ent->key_data[i].key_data_contents[0], - &key_low, 4); - memcpy((char*)ent->key_data[i].key_data_contents[0] + 4, - &key_high, 4); - ent->key_data[i].key_data_type[1] = KRB5_PW_SALT; - ent->key_data[i].key_data_length[1] = 0; - ent->key_data[i].key_data_contents[1] = NULL; - } - ent->key_data[1].key_data_type[0] = ETYPE_DES_CBC_MD4; - ent->key_data[2].key_data_type[0] = ETYPE_DES_CBC_CRC; - ent->n_key_data = 3; - *mask |= KADM5_KEY_DATA; - } - -#ifdef EXTENDED_KADM - if(IS_FIELD(KADM_MODDATE, vals->fields)) { - ent->mod_date = vals->mod_date; - *mask |= KADM5_MOD_TIME; - } - if(IS_FIELD(KADM_MODNAME, vals->fields)) { - char *inst = NULL; - if(IS_FIELD(KADM_MODINST, vals->fields)) - inst = vals->mod_instance; - ret = krb5_425_conv_principal(context, - vals->mod_name, - inst, - NULL, - &ent->mod_name); - if(ret) - return ret; - *mask |= KADM5_MOD_NAME; - } -#endif - return 0; -} - -/* - * Try to translate a KADM5 error code into a v4 kadmin one. - */ - -static int -error_code(int ret) -{ - switch (ret) { - case 0: - return 0; - case KADM5_FAILURE : - case KADM5_AUTH_GET : - case KADM5_AUTH_ADD : - case KADM5_AUTH_MODIFY : - case KADM5_AUTH_DELETE : - case KADM5_AUTH_INSUFFICIENT : - return KADM_UNAUTH; - case KADM5_BAD_DB : - return KADM_UK_RERROR; - case KADM5_DUP : - return KADM_INUSE; - case KADM5_RPC_ERROR : - case KADM5_NO_SRV : - return KADM_NO_SERV; - case KADM5_NOT_INIT : - return KADM_NO_CONN; - case KADM5_UNK_PRINC : - return KADM_NOENTRY; - case KADM5_PASS_Q_TOOSHORT : -#ifdef KADM_PASS_Q_TOOSHORT - return KADM_PASS_Q_TOOSHORT; -#else - return KADM_INSECURE_PW; -#endif - case KADM5_PASS_Q_CLASS : -#ifdef KADM_PASS_Q_CLASS - return KADM_PASS_Q_CLASS; -#else - return KADM_INSECURE_PW; -#endif - case KADM5_PASS_Q_DICT : -#ifdef KADM_PASS_Q_DICT - return KADM_PASS_Q_DICT; -#else - return KADM_INSECURE_PW; -#endif - case KADM5_PASS_REUSE : - case KADM5_PASS_TOOSOON : - case KADM5_BAD_PASSWORD : - return KADM_INSECURE_PW; - case KADM5_PROTECT_PRINCIPAL : - return KADM_IMMUTABLE; - case KADM5_POLICY_REF : - case KADM5_INIT : - case KADM5_BAD_HIST_KEY : - case KADM5_UNK_POLICY : - case KADM5_BAD_MASK : - case KADM5_BAD_CLASS : - case KADM5_BAD_LENGTH : - case KADM5_BAD_POLICY : - case KADM5_BAD_PRINCIPAL : - case KADM5_BAD_AUX_ATTR : - case KADM5_BAD_HISTORY : - case KADM5_BAD_MIN_PASS_LIFE : - case KADM5_BAD_SERVER_HANDLE : - case KADM5_BAD_STRUCT_VERSION : - case KADM5_OLD_STRUCT_VERSION : - case KADM5_NEW_STRUCT_VERSION : - case KADM5_BAD_API_VERSION : - case KADM5_OLD_LIB_API_VERSION : - case KADM5_OLD_SERVER_API_VERSION : - case KADM5_NEW_LIB_API_VERSION : - case KADM5_NEW_SERVER_API_VERSION : - case KADM5_SECURE_PRINC_MISSING : - case KADM5_NO_RENAME_SALT : - case KADM5_BAD_CLIENT_PARAMS : - case KADM5_BAD_SERVER_PARAMS : - case KADM5_AUTH_LIST : - case KADM5_AUTH_CHANGEPW : - case KADM5_BAD_TL_TYPE : - case KADM5_MISSING_CONF_PARAMS : - case KADM5_BAD_SERVER_NAME : - default : - return KADM_UNAUTH; /* XXX */ - } -} - -/* - * server functions - */ - -static int -kadm_ser_cpw(krb5_context context, - void *kadm_handle, - krb5_principal principal, - const char *principal_string, - krb5_storage *message, - krb5_storage *reply) -{ - char key[8]; - char *password = NULL; - krb5_error_code ret; - - krb5_warnx(context, "v4-compat %s: CHPASS %s", - principal_string, principal_string); - - ret = krb5_storage_read(message, key + 4, 4); - ret = krb5_storage_read(message, key, 4); - ret = krb5_ret_stringz(message, &password); - - if(password) { - krb5_data pwd_data; - const char *tmp; - - pwd_data.data = password; - pwd_data.length = strlen(password); - - tmp = kadm5_check_password_quality (context, principal, &pwd_data); - - if (tmp != NULL) { - krb5_store_stringz (reply, (char *)tmp); - ret = KADM5_PASS_Q_DICT; - goto fail; - } - ret = kadm5_chpass_principal(kadm_handle, principal, password); - } else { - krb5_key_data key_data[3]; - int i; - for(i = 0; i < 3; i++) { - key_data[i].key_data_ver = 2; - key_data[i].key_data_kvno = 0; - /* key */ - key_data[i].key_data_type[0] = ETYPE_DES_CBC_CRC; - key_data[i].key_data_length[0] = 8; - key_data[i].key_data_contents[0] = malloc(8); - memcpy(key_data[i].key_data_contents[0], &key, 8); - /* salt */ - key_data[i].key_data_type[1] = KRB5_PW_SALT; - key_data[i].key_data_length[1] = 0; - key_data[i].key_data_contents[1] = NULL; - } - key_data[0].key_data_type[0] = ETYPE_DES_CBC_MD5; - key_data[1].key_data_type[0] = ETYPE_DES_CBC_MD4; - ret = kadm5_s_chpass_principal_with_key(kadm_handle, - principal, 3, key_data); - } - - if(ret != 0) { - krb5_store_stringz(reply, (char*)krb5_get_err_text(context, ret)); - goto fail; - } - return 0; -fail: - krb5_warn(context, ret, "v4-compat CHPASS"); - return error_code(ret); -} - -static int -kadm_ser_add(krb5_context context, - void *kadm_handle, - krb5_principal principal, - const char *principal_string, - krb5_storage *message, - krb5_storage *reply) -{ - int32_t mask; - kadm5_principal_ent_rec ent, out; - Kadm_vals values; - krb5_error_code ret; - char name[128]; - - ret_vals(message, &values); - - ret = values_to_ent(context, &values, &ent, &mask); - if(ret) - goto fail; - - krb5_unparse_name_fixed(context, ent.principal, name, sizeof(name)); - krb5_warnx(context, "v4-compat %s: ADD %s", - principal_string, name); - - ret = _kadm5_acl_check_permission (kadm_handle, KADM5_PRIV_ADD, - ent.principal); - if (ret) - goto fail; - - ret = kadm5_s_create_principal_with_key(kadm_handle, &ent, mask); - if(ret) { - kadm5_free_principal_ent(kadm_handle, &ent); - goto fail; - } - - mask = KADM5_PRINCIPAL | KADM5_PRINC_EXPIRE_TIME | KADM5_MAX_LIFE | - KADM5_KEY_DATA | KADM5_MOD_TIME | KADM5_MOD_NAME; - - kadm5_get_principal(kadm_handle, ent.principal, &out, mask); - ent_to_values(context, &out, mask, &values); - kadm5_free_principal_ent(kadm_handle, &ent); - kadm5_free_principal_ent(kadm_handle, &out); - store_vals(reply, &values); - return 0; -fail: - krb5_warn(context, ret, "v4-compat ADD"); - return error_code(ret); -} - -static int -kadm_ser_get(krb5_context context, - void *kadm_handle, - krb5_principal principal, - const char *principal_string, - krb5_storage *message, - krb5_storage *reply) -{ - krb5_error_code ret; - Kadm_vals values; - kadm5_principal_ent_rec ent, out; - int32_t mask; - char flags[FLDSZ]; - char name[128]; - - ret_vals(message, &values); - /* XXX BRAIN DAMAGE! these flags are not stored in the same order - as in the header */ - krb5_ret_int8(message, &flags[3]); - krb5_ret_int8(message, &flags[2]); - krb5_ret_int8(message, &flags[1]); - krb5_ret_int8(message, &flags[0]); - ret = values_to_ent(context, &values, &ent, &mask); - if(ret) - goto fail; - - krb5_unparse_name_fixed(context, ent.principal, name, sizeof(name)); - krb5_warnx(context, "v4-compat %s: GET %s", - principal_string, name); - - ret = _kadm5_acl_check_permission (kadm_handle, KADM5_PRIV_GET, - ent.principal); - if (ret) - goto fail; - - mask = flags_4_to_5(flags); - - ret = kadm5_get_principal(kadm_handle, ent.principal, &out, mask); - kadm5_free_principal_ent(kadm_handle, &ent); - - if (ret) - goto fail; - - ent_to_values(context, &out, mask, &values); - - kadm5_free_principal_ent(kadm_handle, &out); - - store_vals(reply, &values); - return 0; -fail: - krb5_warn(context, ret, "v4-compat GET"); - return error_code(ret); -} - -static int -kadm_ser_mod(krb5_context context, - void *kadm_handle, - krb5_principal principal, - const char *principal_string, - krb5_storage *message, - krb5_storage *reply) -{ - Kadm_vals values1, values2; - kadm5_principal_ent_rec ent, out; - int32_t mask; - krb5_error_code ret; - char name[128]; - - ret_vals(message, &values1); - /* why are the old values sent? is the mask the same in the old and - the new entry? */ - ret_vals(message, &values2); - - ret = values_to_ent(context, &values2, &ent, &mask); - if(ret) - goto fail; - - krb5_unparse_name_fixed(context, ent.principal, name, sizeof(name)); - krb5_warnx(context, "v4-compat %s: MOD %s", - principal_string, name); - - ret = _kadm5_acl_check_permission (kadm_handle, KADM5_PRIV_MODIFY, - ent.principal); - if (ret) - goto fail; - - ret = kadm5_s_modify_principal(kadm_handle, &ent, mask); - if(ret) { - kadm5_free_principal_ent(kadm_handle, &ent); - krb5_warn(context, ret, "kadm5_s_modify_principal"); - goto fail; - } - - ret = kadm5_get_principal(kadm_handle, ent.principal, &out, mask); - if(ret) { - kadm5_free_principal_ent(kadm_handle, &ent); - krb5_warn(context, ret, "kadm5_s_modify_principal"); - goto fail; - } - - ent_to_values(context, &out, mask, &values1); - - kadm5_free_principal_ent(kadm_handle, &ent); - kadm5_free_principal_ent(kadm_handle, &out); - - store_vals(reply, &values1); - return 0; -fail: - krb5_warn(context, ret, "v4-compat MOD"); - return error_code(ret); -} - -static int -kadm_ser_del(krb5_context context, - void *kadm_handle, - krb5_principal principal, - const char *principal_string, - krb5_storage *message, - krb5_storage *reply) -{ - Kadm_vals values; - kadm5_principal_ent_rec ent; - int32_t mask; - krb5_error_code ret; - char name[128]; - - ret_vals(message, &values); - - ret = values_to_ent(context, &values, &ent, &mask); - if(ret) - goto fail; - - krb5_unparse_name_fixed(context, ent.principal, name, sizeof(name)); - krb5_warnx(context, "v4-compat %s: DEL %s", - principal_string, name); - - ret = _kadm5_acl_check_permission (kadm_handle, KADM5_PRIV_DELETE, - ent.principal); - if (ret) - goto fail; - - ret = kadm5_delete_principal(kadm_handle, ent.principal); - - kadm5_free_principal_ent(kadm_handle, &ent); - - if (ret) - goto fail; - - return 0; -fail: - krb5_warn(context, ret, "v4-compat ADD"); - return error_code(ret); -} - -static int -dispatch(krb5_context context, - void *kadm_handle, - krb5_principal principal, - const char *principal_string, - krb5_data msg, - krb5_data *reply) -{ - int retval; - int8_t command; - krb5_storage *sp_in, *sp_out; - - sp_in = krb5_storage_from_data(&msg); - krb5_ret_int8(sp_in, &command); - - sp_out = krb5_storage_emem(); - krb5_storage_write(sp_out, KADM_VERSTR, KADM_VERSIZE); - krb5_store_int32(sp_out, 0); - - switch(command) { - case CHANGE_PW: - retval = kadm_ser_cpw(context, kadm_handle, principal, - principal_string, - sp_in, sp_out); - break; - case ADD_ENT: - retval = kadm_ser_add(context, kadm_handle, principal, - principal_string, - sp_in, sp_out); - break; - case GET_ENT: - retval = kadm_ser_get(context, kadm_handle, principal, - principal_string, - sp_in, sp_out); - break; - case MOD_ENT: - retval = kadm_ser_mod(context, kadm_handle, principal, - principal_string, - sp_in, sp_out); - break; - case DEL_ENT: - retval = kadm_ser_del(context, kadm_handle, principal, - principal_string, - sp_in, sp_out); - break; - default: - krb5_warnx(context, "v4-compat %s: unknown opcode: %d", - principal_string, command); - retval = KADM_NO_OPCODE; - break; - } - krb5_storage_free(sp_in); - if(retval) { - krb5_storage_seek(sp_out, KADM_VERSIZE, SEEK_SET); - krb5_store_int32(sp_out, retval); - } - krb5_storage_to_data(sp_out, reply); - krb5_storage_free(sp_out); - return retval; -} - -/* - * Decode a v4 kadmin packet in `message' and create a reply in `reply' - */ - -static void -decode_packet(krb5_context context, - krb5_keytab keytab, - struct sockaddr_in *admin_addr, - struct sockaddr_in *client_addr, - krb5_data message, - krb5_data *reply) -{ - int ret; - KTEXT_ST authent; - AUTH_DAT ad; - MSG_DAT msg_dat; - off_t off = 0; - unsigned long rlen; - char sname[] = "changepw", sinst[] = "kerberos"; - unsigned long checksum; - des_key_schedule schedule; - char *msg = message.data; - void *kadm_handle; - krb5_principal client; - char *client_str; - krb5_keytab_entry entry; - - if(message.length < KADM_VERSIZE + 4 - || strncmp(msg, KADM_VERSTR, KADM_VERSIZE) != 0) { - make_you_lose_packet (KADM_BAD_VER, reply); - return; - } - - off = KADM_VERSIZE; - off += _krb5_get_int(msg + off, &rlen, 4); - memset(&authent, 0, sizeof(authent)); - authent.length = message.length - rlen - KADM_VERSIZE - 4; - - if(rlen > message.length - KADM_VERSIZE - 4 - || authent.length > MAX_KTXT_LEN) { - krb5_warnx(context, "received bad rlen (%lu)", (unsigned long)rlen); - make_you_lose_packet (KADM_LENGTH_ERROR, reply); - return; - } - - memcpy(authent.dat, (char*)msg + off, authent.length); - off += authent.length; - - { - krb5_principal principal; - krb5_keyblock *key; - - ret = krb5_make_principal(context, &principal, NULL, - "changepw", "kerberos", NULL); - if (ret) { - krb5_warn (context, ret, "krb5_make_principal"); - make_you_lose_packet (KADM_NOMEM, reply); - return; - } - ret = krb5_kt_get_entry (context, keytab, principal, 0, - ETYPE_DES_CBC_MD5, &entry); - krb5_kt_close (context, keytab); - if (ret) { - krb5_free_principal(context, principal); - make_you_lose_packet (KADM_NO_AUTH, reply); - return; - } - ret = krb5_copy_keyblock (context, &entry.keyblock,& key); - krb5_kt_free_entry(context, &entry); - krb5_free_principal(context, principal); - if(ret) { - if(ret == KRB5_KT_NOTFOUND) - make_you_lose_packet(KADM_NO_AUTH, reply); - else - /* XXX */ - make_you_lose_packet(KADM_NO_AUTH, reply); - krb5_warn(context, ret, "krb5_kt_read_service_key"); - return; - } - - if(key->keyvalue.length != 8) - krb5_abortx(context, "key has wrong length (%lu)", - (unsigned long)key->keyvalue.length); - krb_set_key(key->keyvalue.data, 0); - krb5_free_keyblock(context, key); - } - - ret = krb_rd_req(&authent, sname, sinst, - client_addr->sin_addr.s_addr, &ad, NULL); - - if(ret) { - make_you_lose_packet(ERROR_TABLE_BASE_krb + ret, reply); - krb5_warnx(context, "krb_rd_req: %d", ret); - return; - } - - ret = krb5_425_conv_principal(context, ad.pname, ad.pinst, ad.prealm, - &client); - if (ret) { - krb5_warnx (context, "krb5_425_conv_principal: %d", ret); - make_you_lose_packet (KADM_NOMEM, reply); - return; - } - - krb5_unparse_name(context, client, &client_str); - - ret = kadm5_init_with_password_ctx(context, - client_str, - NULL, - KADM5_ADMIN_SERVICE, - NULL, 0, 0, - &kadm_handle); - if (ret) { - krb5_warn (context, ret, "kadm5_init_with_password_ctx"); - make_you_lose_packet (KADM_NOMEM, reply); - goto out; - } - - checksum = des_quad_cksum((void *)(msg + off), NULL, rlen, 0, &ad.session); - if(checksum != ad.checksum) { - krb5_warnx(context, "decode_packet: bad checksum"); - make_you_lose_packet (KADM_BAD_CHK, reply); - goto out; - } - des_set_key(&ad.session, schedule); - ret = krb_rd_priv(msg + off, rlen, schedule, &ad.session, - client_addr, admin_addr, &msg_dat); - if (ret) { - make_you_lose_packet (ERROR_TABLE_BASE_krb + ret, reply); - krb5_warnx(context, "krb_rd_priv: %d", ret); - goto out; - } - - { - krb5_data d, r; - int retval; - - d.data = msg_dat.app_data; - d.length = msg_dat.app_length; - - retval = dispatch(context, kadm_handle, - client, client_str, d, &r); - krb5_data_alloc(reply, r.length + 26); - reply->length = krb_mk_priv(r.data, reply->data, r.length, - schedule, &ad.session, - admin_addr, client_addr); - if((ssize_t)reply->length < 0) { - make_you_lose_packet(KADM_NO_ENCRYPT, reply); - goto out; - } - } -out: - krb5_free_principal(context, client); - free(client_str); -} - -void -handle_v4(krb5_context context, - krb5_keytab keytab, - int len, - int fd) -{ - int first = 1; - struct sockaddr_in admin_addr, client_addr; - socklen_t addr_len; - krb5_data message, reply; - ssize_t n; - - addr_len = sizeof(client_addr); - if (getsockname(fd, (struct sockaddr*)&admin_addr, &addr_len) < 0) - krb5_errx (context, 1, "getsockname"); - addr_len = sizeof(client_addr); - if (getpeername(fd, (struct sockaddr*)&client_addr, &addr_len) < 0) - krb5_errx (context, 1, "getpeername"); - - while(1) { - doing_useful_work = 0; - if(term_flag) - exit(0); - if(first) { - if (len < 2) - krb5_errx(context, 1, "received too short len (%d < 2)", len); - /* first time around, we have already read len, and two - bytes of the version string */ - krb5_data_alloc(&message, len); - memcpy(message.data, "KA", 2); - n = krb5_net_read(context, &fd, (char*)message.data + 2, - len - 2); - if (n == 0) - exit (0); - if (n < 0) - krb5_err (context, 1, errno, "krb5_net_read"); - first = 0; - } else { - char buf[2]; - unsigned long tmp; - ssize_t n; - - n = krb5_net_read(context, &fd, buf, sizeof(2)); - if (n == 0) - exit (0); - if (n < 0) - krb5_err (context, 1, errno, "krb5_net_read"); - _krb5_get_int(buf, &tmp, 2); - krb5_data_alloc(&message, tmp); - n = krb5_net_read(context, &fd, message.data, message.length); - if (n == 0) - krb5_errx (context, 1, "EOF in krb5_net_read"); - if (n < 0) - krb5_err (context, 1, errno, "krb5_net_read"); - } - doing_useful_work = 1; - decode_packet(context, keytab, &admin_addr, &client_addr, - message, &reply); - krb5_data_free(&message); - { - char buf[2]; - - _krb5_put_int(buf, reply.length, sizeof(buf)); - n = krb5_net_write(context, &fd, buf, sizeof(buf)); - if (n < 0) - krb5_err (context, 1, errno, "krb5_net_write"); - n = krb5_net_write(context, &fd, reply.data, reply.length); - if (n < 0) - krb5_err (context, 1, errno, "krb5_net_write"); - krb5_data_free(&reply); - } - } -} diff --git a/crypto/heimdal/kcm/Makefile.am b/crypto/heimdal/kcm/Makefile.am deleted file mode 100644 index baf89ac61926..000000000000 --- a/crypto/heimdal/kcm/Makefile.am +++ /dev/null @@ -1,44 +0,0 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_krb4) $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 - -libexec_PROGRAMS = kcm - -kcm_SOURCES = \ - acl.c \ - acquire.c \ - cache.c \ - client.c \ - config.c \ - connect.c \ - cursor.c \ - events.c \ - glue.c \ - headers.h \ - kcm_locl.h \ - kcm_protos.h \ - log.c \ - main.c \ - protocol.c \ - renew.c - -$(srcdir)/kcm_protos.h: - cd $(srcdir); perl ../cf/make-proto.pl -o kcm_protos.h -q -P comment $(kcm_SOURCES) || rm -f kcm_protos.h - -$(kcm_OBJECTS): $(srcdir)/kcm_protos.h - -man_MANS = kcm.8 - -LDADD = $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) \ - $(LIB_door_create) \ - $(LIB_pidfile) - -EXTRA_DIST = $(man_MANS) diff --git a/crypto/heimdal/kcm/Makefile.in b/crypto/heimdal/kcm/Makefile.in deleted file mode 100644 index c3996df70d65..000000000000 --- a/crypto/heimdal/kcm/Makefile.in +++ /dev/null @@ -1,868 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -libexec_PROGRAMS = kcm$(EXEEXT) -subdir = kcm -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(man8dir)" -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(libexec_PROGRAMS) -am_kcm_OBJECTS = acl.$(OBJEXT) acquire.$(OBJEXT) cache.$(OBJEXT) \ - client.$(OBJEXT) config.$(OBJEXT) connect.$(OBJEXT) \ - cursor.$(OBJEXT) events.$(OBJEXT) glue.$(OBJEXT) log.$(OBJEXT) \ - main.$(OBJEXT) protocol.$(OBJEXT) renew.$(OBJEXT) -kcm_OBJECTS = $(am_kcm_OBJECTS) -kcm_LDADD = $(LDADD) -am__DEPENDENCIES_1 = -kcm_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(kcm_SOURCES) -DIST_SOURCES = $(kcm_SOURCES) -man8dir = $(mandir)/man8 -MANS = $(man_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -kcm_SOURCES = \ - acl.c \ - acquire.c \ - cache.c \ - client.c \ - config.c \ - connect.c \ - cursor.c \ - events.c \ - glue.c \ - headers.h \ - kcm_locl.h \ - kcm_protos.h \ - log.c \ - main.c \ - protocol.c \ - renew.c - -man_MANS = kcm.8 -LDADD = $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) \ - $(LIB_door_create) \ - $(LIB_pidfile) - -EXTRA_DIST = $(man_MANS) -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps kcm/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps kcm/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-libexecPROGRAMS: $(libexec_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-libexecPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done - -clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -kcm$(EXEEXT): $(kcm_OBJECTS) $(kcm_DEPENDENCIES) - @rm -f kcm$(EXEEXT) - $(LINK) $(kcm_OBJECTS) $(kcm_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man8: $(man8_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(PROGRAMS) $(MANS) all-local -installdirs: - for dir in "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libexecPROGRAMS clean-libtool \ - mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-libexecPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man8 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-libexecPROGRAMS uninstall-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man8 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-generic clean-libexecPROGRAMS clean-libtool ctags \ - dist-hook distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am \ - install-libexecPROGRAMS install-man install-man8 install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-hook \ - uninstall-libexecPROGRAMS uninstall-man uninstall-man8 - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -$(srcdir)/kcm_protos.h: - cd $(srcdir); perl ../cf/make-proto.pl -o kcm_protos.h -q -P comment $(kcm_SOURCES) || rm -f kcm_protos.h - -$(kcm_OBJECTS): $(srcdir)/kcm_protos.h -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/kcm/acl.c b/crypto/heimdal/kcm/acl.c deleted file mode 100644 index 1b96204bd959..000000000000 --- a/crypto/heimdal/kcm/acl.c +++ /dev/null @@ -1,180 +0,0 @@ -/* - * Copyright (c) 2005, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kcm_locl.h" - -RCSID("$Id: acl.c 20472 2007-04-20 10:43:25Z lha $"); - -krb5_error_code -kcm_access(krb5_context context, - kcm_client *client, - kcm_operation opcode, - kcm_ccache ccache) -{ - int read_p = 0; - int write_p = 0; - uint16_t mask; - krb5_error_code ret; - - KCM_ASSERT_VALID(ccache); - - switch (opcode) { - case KCM_OP_INITIALIZE: - case KCM_OP_DESTROY: - case KCM_OP_STORE: - case KCM_OP_REMOVE_CRED: - case KCM_OP_SET_FLAGS: - case KCM_OP_CHOWN: - case KCM_OP_CHMOD: - case KCM_OP_GET_INITIAL_TICKET: - case KCM_OP_GET_TICKET: - write_p = 1; - read_p = 0; - break; - case KCM_OP_NOOP: - case KCM_OP_GET_NAME: - case KCM_OP_RESOLVE: - case KCM_OP_GEN_NEW: - case KCM_OP_RETRIEVE: - case KCM_OP_GET_PRINCIPAL: - case KCM_OP_GET_FIRST: - case KCM_OP_GET_NEXT: - case KCM_OP_END_GET: - case KCM_OP_MAX: - write_p = 0; - read_p = 1; - break; - } - - if (ccache->flags & KCM_FLAGS_OWNER_IS_SYSTEM) { - /* System caches cannot be reinitialized or destroyed by users */ - if (opcode == KCM_OP_INITIALIZE || - opcode == KCM_OP_DESTROY || - opcode == KCM_OP_REMOVE_CRED) { - ret = KRB5_FCC_PERM; - goto out; - } - - /* Let root always read system caches */ - if (client->uid == 0) { - ret = 0; - goto out; - } - } - - mask = 0; - - /* Root may do whatever they like */ - if (client->uid == ccache->uid || CLIENT_IS_ROOT(client)) { - if (read_p) - mask |= S_IRUSR; - if (write_p) - mask |= S_IWUSR; - } else if (client->gid == ccache->gid || CLIENT_IS_ROOT(client)) { - if (read_p) - mask |= S_IRGRP; - if (write_p) - mask |= S_IWGRP; - } else { - if (read_p) - mask |= S_IROTH; - if (write_p) - mask |= S_IWOTH; - } - - ret = ((ccache->mode & mask) == mask) ? 0 : KRB5_FCC_PERM; - -out: - if (ret) { - kcm_log(2, "Process %d is not permitted to call %s on cache %s", - client->pid, kcm_op2string(opcode), ccache->name); - } - - return ret; -} - -krb5_error_code -kcm_chmod(krb5_context context, - kcm_client *client, - kcm_ccache ccache, - uint16_t mode) -{ - KCM_ASSERT_VALID(ccache); - - /* System cache mode can only be set at startup */ - if (ccache->flags & KCM_FLAGS_OWNER_IS_SYSTEM) - return KRB5_FCC_PERM; - - if (ccache->uid != client->uid) - return KRB5_FCC_PERM; - - if (ccache->gid != client->gid) - return KRB5_FCC_PERM; - - HEIMDAL_MUTEX_lock(&ccache->mutex); - - ccache->mode = mode; - - HEIMDAL_MUTEX_unlock(&ccache->mutex); - - return 0; -} - -krb5_error_code -kcm_chown(krb5_context context, - kcm_client *client, - kcm_ccache ccache, - uid_t uid, - gid_t gid) -{ - KCM_ASSERT_VALID(ccache); - - /* System cache owner can only be set at startup */ - if (ccache->flags & KCM_FLAGS_OWNER_IS_SYSTEM) - return KRB5_FCC_PERM; - - if (ccache->uid != client->uid) - return KRB5_FCC_PERM; - - if (ccache->gid != client->gid) - return KRB5_FCC_PERM; - - HEIMDAL_MUTEX_lock(&ccache->mutex); - - ccache->uid = uid; - ccache->gid = gid; - - HEIMDAL_MUTEX_unlock(&ccache->mutex); - - return 0; -} - diff --git a/crypto/heimdal/kcm/acquire.c b/crypto/heimdal/kcm/acquire.c deleted file mode 100644 index 416881a3a13b..000000000000 --- a/crypto/heimdal/kcm/acquire.c +++ /dev/null @@ -1,531 +0,0 @@ -/* - * Copyright (c) 2005, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kcm_locl.h" - -RCSID("$Id: acquire.c 22118 2007-12-03 21:44:00Z lha $"); - -static krb5_error_code -change_pw_and_update_keytab(krb5_context context, kcm_ccache ccache); - -/* - * Get a new ticket using a keytab/cached key and swap it into - * an existing redentials cache - */ - -krb5_error_code -kcm_ccache_acquire(krb5_context context, - kcm_ccache ccache, - krb5_creds **credp) -{ - krb5_error_code ret = 0; - krb5_creds cred; - krb5_const_realm realm; - krb5_get_init_creds_opt opt; - krb5_ccache_data ccdata; - char *in_tkt_service = NULL; - int done = 0; - - memset(&cred, 0, sizeof(cred)); - - KCM_ASSERT_VALID(ccache); - - /* We need a cached key or keytab to acquire credentials */ - if (ccache->flags & KCM_FLAGS_USE_CACHED_KEY) { - if (ccache->key.keyblock.keyvalue.length == 0) - krb5_abortx(context, - "kcm_ccache_acquire: KCM_FLAGS_USE_CACHED_KEY without key"); - } else if (ccache->flags & KCM_FLAGS_USE_KEYTAB) { - if (ccache->key.keytab == NULL) - krb5_abortx(context, - "kcm_ccache_acquire: KCM_FLAGS_USE_KEYTAB without keytab"); - } else { - kcm_log(0, "Cannot acquire initial credentials for cache %s without key", - ccache->name); - return KRB5_FCC_INTERNAL; - } - - HEIMDAL_MUTEX_lock(&ccache->mutex); - - /* Fake up an internal ccache */ - kcm_internal_ccache(context, ccache, &ccdata); - - /* Now, actually acquire the creds */ - if (ccache->server != NULL) { - ret = krb5_unparse_name(context, ccache->server, &in_tkt_service); - if (ret) { - kcm_log(0, "Failed to unparse service principal name for cache %s: %s", - ccache->name, krb5_get_err_text(context, ret)); - return ret; - } - } - - realm = krb5_principal_get_realm(context, ccache->client); - - krb5_get_init_creds_opt_init(&opt); - krb5_get_init_creds_opt_set_default_flags(context, "kcm", realm, &opt); - if (ccache->tkt_life != 0) - krb5_get_init_creds_opt_set_tkt_life(&opt, ccache->tkt_life); - if (ccache->renew_life != 0) - krb5_get_init_creds_opt_set_renew_life(&opt, ccache->renew_life); - - if (ccache->flags & KCM_FLAGS_USE_CACHED_KEY) { - ret = krb5_get_init_creds_keyblock(context, - &cred, - ccache->client, - &ccache->key.keyblock, - 0, - in_tkt_service, - &opt); - } else { - /* loosely based on lib/krb5/init_creds_pw.c */ - while (!done) { - ret = krb5_get_init_creds_keytab(context, - &cred, - ccache->client, - ccache->key.keytab, - 0, - in_tkt_service, - &opt); - switch (ret) { - case KRB5KDC_ERR_KEY_EXPIRED: - if (in_tkt_service != NULL && - strcmp(in_tkt_service, "kadmin/changepw") == 0) { - goto out; - } - - ret = change_pw_and_update_keytab(context, ccache); - if (ret) - goto out; - break; - case 0: - default: - done = 1; - break; - } - } - } - - if (ret) { - kcm_log(0, "Failed to acquire credentials for cache %s: %s", - ccache->name, krb5_get_err_text(context, ret)); - if (in_tkt_service != NULL) - free(in_tkt_service); - goto out; - } - - if (in_tkt_service != NULL) - free(in_tkt_service); - - /* Swap them in */ - kcm_ccache_remove_creds_internal(context, ccache); - - ret = kcm_ccache_store_cred_internal(context, ccache, &cred, 0, credp); - if (ret) { - kcm_log(0, "Failed to store credentials for cache %s: %s", - ccache->name, krb5_get_err_text(context, ret)); - krb5_free_cred_contents(context, &cred); - goto out; - } - -out: - HEIMDAL_MUTEX_unlock(&ccache->mutex); - - return ret; -} - -static krb5_error_code -change_pw(krb5_context context, - kcm_ccache ccache, - char *cpn, - char *newpw) -{ - krb5_error_code ret; - krb5_creds cpw_cred; - int result_code; - krb5_data result_code_string; - krb5_data result_string; - krb5_get_init_creds_opt options; - - memset(&cpw_cred, 0, sizeof(cpw_cred)); - - krb5_get_init_creds_opt_init(&options); - krb5_get_init_creds_opt_set_tkt_life(&options, 60); - krb5_get_init_creds_opt_set_forwardable(&options, FALSE); - krb5_get_init_creds_opt_set_proxiable(&options, FALSE); - - krb5_data_zero(&result_code_string); - krb5_data_zero(&result_string); - - ret = krb5_get_init_creds_keytab(context, - &cpw_cred, - ccache->client, - ccache->key.keytab, - 0, - "kadmin/changepw", - &options); - if (ret) { - kcm_log(0, "Failed to acquire password change credentials " - "for principal %s: %s", - cpn, krb5_get_err_text(context, ret)); - goto out; - } - - ret = krb5_set_password(context, - &cpw_cred, - newpw, - ccache->client, - &result_code, - &result_code_string, - &result_string); - if (ret) { - kcm_log(0, "Failed to change password for principal %s: %s", - cpn, krb5_get_err_text(context, ret)); - goto out; - } - - if (result_code) { - kcm_log(0, "Failed to change password for principal %s: %.*s", - cpn, - (int)result_string.length, - result_string.length > 0 ? (char *)result_string.data : ""); - goto out; - } - -out: - krb5_data_free(&result_string); - krb5_data_free(&result_code_string); - krb5_free_cred_contents(context, &cpw_cred); - - return ret; -} - -struct kcm_keyseed_data { - krb5_salt salt; - const char *password; -}; - -static krb5_error_code -kcm_password_key_proc(krb5_context context, - krb5_enctype etype, - krb5_salt salt, - krb5_const_pointer keyseed, - krb5_keyblock **key) -{ - krb5_error_code ret; - struct kcm_keyseed_data *s = (struct kcm_keyseed_data *)keyseed; - - /* we may be called multiple times */ - krb5_free_salt(context, s->salt); - krb5_data_zero(&s->salt.saltvalue); - - /* stash the salt */ - s->salt.salttype = salt.salttype; - - ret = krb5_data_copy(&s->salt.saltvalue, - salt.saltvalue.data, - salt.saltvalue.length); - if (ret) - return ret; - - *key = (krb5_keyblock *)malloc(sizeof(**key)); - if (*key == NULL) { - return ENOMEM; - } - - ret = krb5_string_to_key_salt(context, etype, s->password, - s->salt, *key); - if (ret) { - free(*key); - *key = NULL; - } - - return ret; -} - -static krb5_error_code -get_salt_and_kvno(krb5_context context, - kcm_ccache ccache, - krb5_enctype *etypes, - char *cpn, - char *newpw, - krb5_salt *salt, - unsigned *kvno) -{ - krb5_error_code ret; - krb5_creds creds; - krb5_ccache_data ccdata; - krb5_flags options = 0; - krb5_kdc_rep reply; - struct kcm_keyseed_data s; - - memset(&creds, 0, sizeof(creds)); - memset(&reply, 0, sizeof(reply)); - - s.password = NULL; - s.salt.salttype = (int)ETYPE_NULL; - krb5_data_zero(&s.salt.saltvalue); - - *kvno = 0; - kcm_internal_ccache(context, ccache, &ccdata); - s.password = newpw; - - /* Do an AS-REQ to determine salt and key version number */ - ret = krb5_copy_principal(context, ccache->client, &creds.client); - if (ret) - return ret; - - /* Yes, get a ticket to ourselves */ - ret = krb5_copy_principal(context, ccache->client, &creds.server); - if (ret) { - krb5_free_principal(context, creds.client); - return ret; - } - - ret = krb5_get_in_tkt(context, - options, - NULL, - etypes, - NULL, - kcm_password_key_proc, - &s, - NULL, - NULL, - &creds, - &ccdata, - &reply); - if (ret) { - kcm_log(0, "Failed to get self ticket for principal %s: %s", - cpn, krb5_get_err_text(context, ret)); - krb5_free_salt(context, s.salt); - } else { - *salt = s.salt; /* retrieve stashed salt */ - if (reply.kdc_rep.enc_part.kvno != NULL) - *kvno = *(reply.kdc_rep.enc_part.kvno); - } - /* ccache may have been modified but it will get trashed anyway */ - - krb5_free_cred_contents(context, &creds); - krb5_free_kdc_rep(context, &reply); - - return ret; -} - -static krb5_error_code -update_keytab_entry(krb5_context context, - kcm_ccache ccache, - krb5_enctype etype, - char *cpn, - char *spn, - char *newpw, - krb5_salt salt, - unsigned kvno) -{ - krb5_error_code ret; - krb5_keytab_entry entry; - krb5_data pw; - - memset(&entry, 0, sizeof(entry)); - - pw.data = (char *)newpw; - pw.length = strlen(newpw); - - ret = krb5_string_to_key_data_salt(context, etype, pw, - salt, &entry.keyblock); - if (ret) { - kcm_log(0, "String to key conversion failed for principal %s " - "and etype %d: %s", - cpn, etype, krb5_get_err_text(context, ret)); - return ret; - } - - if (spn == NULL) { - ret = krb5_copy_principal(context, ccache->client, - &entry.principal); - if (ret) { - kcm_log(0, "Failed to copy principal name %s: %s", - cpn, krb5_get_err_text(context, ret)); - return ret; - } - } else { - ret = krb5_parse_name(context, spn, &entry.principal); - if (ret) { - kcm_log(0, "Failed to parse SPN alias %s: %s", - spn, krb5_get_err_text(context, ret)); - return ret; - } - } - - entry.vno = kvno; - entry.timestamp = time(NULL); - - ret = krb5_kt_add_entry(context, ccache->key.keytab, &entry); - if (ret) { - kcm_log(0, "Failed to update keytab for principal %s " - "and etype %d: %s", - cpn, etype, krb5_get_err_text(context, ret)); - } - - krb5_kt_free_entry(context, &entry); - - return ret; -} - -static krb5_error_code -update_keytab_entries(krb5_context context, - kcm_ccache ccache, - krb5_enctype *etypes, - char *cpn, - char *spn, - char *newpw, - krb5_salt salt, - unsigned kvno) -{ - krb5_error_code ret = 0; - int i; - - for (i = 0; etypes[i] != ETYPE_NULL; i++) { - ret = update_keytab_entry(context, ccache, etypes[i], - cpn, spn, newpw, salt, kvno); - if (ret) - break; - } - - return ret; -} - -static void -generate_random_pw(krb5_context context, - char *buf, - size_t bufsiz) -{ - unsigned char x[512], *p; - size_t i; - - memset(x, 0, sizeof(x)); - krb5_generate_random_block(x, sizeof(x)); - p = x; - - for (i = 0; i < bufsiz; i++) { - while (isprint(*p) == 0) - p++; - - if (p - x >= sizeof(x)) { - krb5_generate_random_block(x, sizeof(x)); - p = x; - } - buf[i] = (char)*p++; - } - buf[bufsiz - 1] = '\0'; - memset(x, 0, sizeof(x)); -} - -static krb5_error_code -change_pw_and_update_keytab(krb5_context context, - kcm_ccache ccache) -{ - char newpw[121]; - krb5_error_code ret; - unsigned kvno; - krb5_salt salt; - krb5_enctype *etypes = NULL; - int i; - char *cpn = NULL; - char **spns = NULL; - - krb5_data_zero(&salt.saltvalue); - - ret = krb5_unparse_name(context, ccache->client, &cpn); - if (ret) { - kcm_log(0, "Failed to unparse name: %s", - krb5_get_err_text(context, ret)); - goto out; - } - - ret = krb5_get_default_in_tkt_etypes(context, &etypes); - if (ret) { - kcm_log(0, "Failed to determine default encryption types: %s", - krb5_get_err_text(context, ret)); - goto out; - } - - /* Generate a random password (there is no set keys protocol) */ - generate_random_pw(context, newpw, sizeof(newpw)); - - /* Change it */ - ret = change_pw(context, ccache, cpn, newpw); - if (ret) - goto out; - - /* Do an AS-REQ to determine salt and key version number */ - ret = get_salt_and_kvno(context, ccache, etypes, cpn, newpw, - &salt, &kvno); - if (ret) { - kcm_log(0, "Failed to determine salting principal for principal %s: %s", - cpn, krb5_get_err_text(context, ret)); - goto out; - } - - /* Add canonical name */ - ret = update_keytab_entries(context, ccache, etypes, cpn, - NULL, newpw, salt, kvno); - if (ret) - goto out; - - /* Add SPN aliases, if any */ - spns = krb5_config_get_strings(context, NULL, "kcm", - "system_ccache", "spn_aliases", NULL); - if (spns != NULL) { - for (i = 0; spns[i] != NULL; i++) { - ret = update_keytab_entries(context, ccache, etypes, cpn, - spns[i], newpw, salt, kvno); - if (ret) - goto out; - } - } - - kcm_log(0, "Changed expired password for principal %s in cache %s", - cpn, ccache->name); - -out: - if (cpn != NULL) - free(cpn); - if (spns != NULL) - krb5_config_free_strings(spns); - if (etypes != NULL) - free(etypes); - krb5_free_salt(context, salt); - memset(newpw, 0, sizeof(newpw)); - - return ret; -} - diff --git a/crypto/heimdal/kcm/cache.c b/crypto/heimdal/kcm/cache.c deleted file mode 100644 index aeb30cca1fe9..000000000000 --- a/crypto/heimdal/kcm/cache.c +++ /dev/null @@ -1,636 +0,0 @@ -/* - * Copyright (c) 2005, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kcm_locl.h" - -RCSID("$Id: cache.c 14566 2005-02-06 01:22:49Z lukeh $"); - -static HEIMDAL_MUTEX ccache_mutex = HEIMDAL_MUTEX_INITIALIZER; -static kcm_ccache_data *ccache_head = NULL; -static unsigned int ccache_nextid = 0; - -char *kcm_ccache_nextid(pid_t pid, uid_t uid, gid_t gid) -{ - unsigned n; - char *name; - - HEIMDAL_MUTEX_lock(&ccache_mutex); - n = ++ccache_nextid; - HEIMDAL_MUTEX_unlock(&ccache_mutex); - - asprintf(&name, "%d:%u", uid, n); - - return name; -} - -static krb5_error_code -kcm_ccache_resolve_internal(krb5_context context, - const char *name, - kcm_ccache *ccache) -{ - kcm_ccache p; - krb5_error_code ret; - - *ccache = NULL; - - ret = KRB5_FCC_NOFILE; - - HEIMDAL_MUTEX_lock(&ccache_mutex); - - for (p = ccache_head; p != NULL; p = p->next) { - if ((p->flags & KCM_FLAGS_VALID) == 0) - continue; - if (strcmp(p->name, name) == 0) { - ret = 0; - break; - } - } - - if (ret == 0) { - kcm_retain_ccache(context, p); - *ccache = p; - } - - HEIMDAL_MUTEX_unlock(&ccache_mutex); - - return ret; -} - -krb5_error_code kcm_debug_ccache(krb5_context context) -{ - kcm_ccache p; - - for (p = ccache_head; p != NULL; p = p->next) { - char *cpn = NULL, *spn = NULL; - int ncreds = 0; - struct kcm_creds *k; - - if ((p->flags & KCM_FLAGS_VALID) == 0) { - kcm_log(7, "cache %08x: empty slot"); - continue; - } - - KCM_ASSERT_VALID(p); - - for (k = p->creds; k != NULL; k = k->next) - ncreds++; - - if (p->client != NULL) - krb5_unparse_name(context, p->client, &cpn); - if (p->server != NULL) - krb5_unparse_name(context, p->server, &spn); - - kcm_log(7, "cache %08x: name %s refcnt %d flags %04x mode %04o " - "uid %d gid %d client %s server %s ncreds %d", - p, p->name, p->refcnt, p->flags, p->mode, p->uid, p->gid, - (cpn == NULL) ? "" : cpn, - (spn == NULL) ? "" : spn, - ncreds); - - if (cpn != NULL) - free(cpn); - if (spn != NULL) - free(spn); - } - - return 0; -} - -static krb5_error_code -kcm_ccache_destroy_internal(krb5_context context, const char *name) -{ - kcm_ccache *p; - krb5_error_code ret; - - ret = KRB5_FCC_NOFILE; - - HEIMDAL_MUTEX_lock(&ccache_mutex); - for (p = &ccache_head; *p != NULL; p = &(*p)->next) { - if (((*p)->flags & KCM_FLAGS_VALID) == 0) - continue; - if (strcmp((*p)->name, name) == 0) { - ret = 0; - break; - } - } - - if (ret) - goto out; - - kcm_release_ccache(context, p); - -out: - HEIMDAL_MUTEX_unlock(&ccache_mutex); - - return ret; -} - -static krb5_error_code -kcm_ccache_alloc(krb5_context context, - const char *name, - kcm_ccache *ccache) -{ - kcm_ccache slot = NULL, p; - krb5_error_code ret; - int new_slot = 0; - - *ccache = NULL; - - /* First, check for duplicates */ - HEIMDAL_MUTEX_lock(&ccache_mutex); - ret = 0; - for (p = ccache_head; p != NULL; p = p->next) { - if (p->flags & KCM_FLAGS_VALID) { - if (strcmp(p->name, name) == 0) { - ret = KRB5_CC_WRITE; - break; - } - } else if (slot == NULL) - slot = p; - } - - if (ret) - goto out; - - /* - * Then try and find an empty slot - * XXX we need to recycle slots for this to actually do anything - */ - if (slot == NULL) { - for (; p != NULL; p = p->next) { - if ((p->flags & KCM_FLAGS_VALID) == 0) { - slot = p; - break; - } - } - - if (slot == NULL) { - slot = (kcm_ccache_data *)malloc(sizeof(*slot)); - if (slot == NULL) { - ret = KRB5_CC_NOMEM; - goto out; - } - slot->next = ccache_head; - HEIMDAL_MUTEX_init(&slot->mutex); - new_slot = 1; - } - } - - slot->name = strdup(name); - if (slot->name == NULL) { - ret = KRB5_CC_NOMEM; - goto out; - } - - slot->refcnt = 1; - slot->flags = KCM_FLAGS_VALID; - slot->mode = S_IRUSR | S_IWUSR; - slot->uid = -1; - slot->gid = -1; - slot->client = NULL; - slot->server = NULL; - slot->creds = NULL; - slot->n_cursor = 0; - slot->cursors = NULL; - slot->key.keytab = NULL; - slot->tkt_life = 0; - slot->renew_life = 0; - - if (new_slot) - ccache_head = slot; - - *ccache = slot; - - HEIMDAL_MUTEX_unlock(&ccache_mutex); - return 0; - -out: - HEIMDAL_MUTEX_unlock(&ccache_mutex); - if (new_slot && slot != NULL) { - HEIMDAL_MUTEX_destroy(&slot->mutex); - free(slot); - } - return ret; -} - -krb5_error_code -kcm_ccache_remove_creds_internal(krb5_context context, - kcm_ccache ccache) -{ - struct kcm_creds *k; - struct kcm_cursor *c; - - k = ccache->creds; - while (k != NULL) { - struct kcm_creds *old; - - krb5_free_cred_contents(context, &k->cred); - old = k; - k = k->next; - free(old); - } - ccache->creds = NULL; - - /* remove anything that would have pointed into the creds too */ - - ccache->n_cursor = 0; - - c = ccache->cursors; - while (c != NULL) { - struct kcm_cursor *old; - - old = c; - c = c->next; - free(old); - } - ccache->cursors = NULL; - - return 0; -} - -krb5_error_code -kcm_ccache_remove_creds(krb5_context context, - kcm_ccache ccache) -{ - krb5_error_code ret; - - KCM_ASSERT_VALID(ccache); - - HEIMDAL_MUTEX_lock(&ccache->mutex); - ret = kcm_ccache_remove_creds_internal(context, ccache); - HEIMDAL_MUTEX_unlock(&ccache->mutex); - - return ret; -} - -krb5_error_code -kcm_zero_ccache_data_internal(krb5_context context, - kcm_ccache_data *cache) -{ - if (cache->client != NULL) { - krb5_free_principal(context, cache->client); - cache->client = NULL; - } - - if (cache->server != NULL) { - krb5_free_principal(context, cache->server); - cache->server = NULL; - } - - kcm_ccache_remove_creds_internal(context, cache); - - return 0; -} - -krb5_error_code -kcm_zero_ccache_data(krb5_context context, - kcm_ccache cache) -{ - krb5_error_code ret; - - KCM_ASSERT_VALID(cache); - - HEIMDAL_MUTEX_lock(&cache->mutex); - ret = kcm_zero_ccache_data_internal(context, cache); - HEIMDAL_MUTEX_unlock(&cache->mutex); - - return ret; -} - -static krb5_error_code -kcm_free_ccache_data_internal(krb5_context context, - kcm_ccache_data *cache) -{ - KCM_ASSERT_VALID(cache); - - if (cache->name != NULL) { - free(cache->name); - cache->name = NULL; - } - - if (cache->flags & KCM_FLAGS_USE_KEYTAB) { - krb5_kt_close(context, cache->key.keytab); - cache->key.keytab = NULL; - } else if (cache->flags & KCM_FLAGS_USE_CACHED_KEY) { - krb5_free_keyblock_contents(context, &cache->key.keyblock); - krb5_keyblock_zero(&cache->key.keyblock); - } - - cache->flags = 0; - cache->mode = 0; - cache->uid = -1; - cache->gid = -1; - - kcm_zero_ccache_data_internal(context, cache); - - cache->tkt_life = 0; - cache->renew_life = 0; - - cache->next = NULL; - cache->refcnt = 0; - - HEIMDAL_MUTEX_unlock(&cache->mutex); - HEIMDAL_MUTEX_destroy(&cache->mutex); - - return 0; -} - -krb5_error_code -kcm_retain_ccache(krb5_context context, - kcm_ccache ccache) -{ - KCM_ASSERT_VALID(ccache); - - HEIMDAL_MUTEX_lock(&ccache->mutex); - ccache->refcnt++; - HEIMDAL_MUTEX_unlock(&ccache->mutex); - - return 0; -} - -krb5_error_code -kcm_release_ccache(krb5_context context, - kcm_ccache *ccache) -{ - kcm_ccache c = *ccache; - krb5_error_code ret = 0; - - KCM_ASSERT_VALID(c); - - HEIMDAL_MUTEX_lock(&c->mutex); - if (c->refcnt == 1) { - ret = kcm_free_ccache_data_internal(context, c); - if (ret == 0) - free(c); - } else { - c->refcnt--; - HEIMDAL_MUTEX_unlock(&c->mutex); - } - - *ccache = NULL; - - return ret; -} - -krb5_error_code -kcm_ccache_gen_new(krb5_context context, - pid_t pid, - uid_t uid, - gid_t gid, - kcm_ccache *ccache) -{ - krb5_error_code ret; - char *name; - - name = kcm_ccache_nextid(pid, uid, gid); - if (name == NULL) { - return KRB5_CC_NOMEM; - } - - ret = kcm_ccache_new(context, name, ccache); - - free(name); - return ret; -} - -krb5_error_code -kcm_ccache_new(krb5_context context, - const char *name, - kcm_ccache *ccache) -{ - krb5_error_code ret; - - ret = kcm_ccache_alloc(context, name, ccache); - if (ret == 0) { - /* - * one reference is held by the linked list, - * one by the caller - */ - kcm_retain_ccache(context, *ccache); - } - - return ret; -} - -krb5_error_code -kcm_ccache_resolve(krb5_context context, - const char *name, - kcm_ccache *ccache) -{ - krb5_error_code ret; - - ret = kcm_ccache_resolve_internal(context, name, ccache); - - return ret; -} - -krb5_error_code -kcm_ccache_destroy(krb5_context context, - const char *name) -{ - krb5_error_code ret; - - ret = kcm_ccache_destroy_internal(context, name); - - return ret; -} - -krb5_error_code -kcm_ccache_destroy_if_empty(krb5_context context, - kcm_ccache ccache) -{ - krb5_error_code ret; - - KCM_ASSERT_VALID(ccache); - - if (ccache->creds == NULL) { - ret = kcm_ccache_destroy_internal(context, ccache->name); - } else - ret = 0; - - return ret; -} - -krb5_error_code -kcm_ccache_store_cred(krb5_context context, - kcm_ccache ccache, - krb5_creds *creds, - int copy) -{ - krb5_error_code ret; - krb5_creds *tmp; - - KCM_ASSERT_VALID(ccache); - - HEIMDAL_MUTEX_lock(&ccache->mutex); - ret = kcm_ccache_store_cred_internal(context, ccache, creds, copy, &tmp); - HEIMDAL_MUTEX_unlock(&ccache->mutex); - - return ret; -} - -krb5_error_code -kcm_ccache_store_cred_internal(krb5_context context, - kcm_ccache ccache, - krb5_creds *creds, - int copy, - krb5_creds **credp) -{ - struct kcm_creds **c; - krb5_error_code ret; - - for (c = &ccache->creds; *c != NULL; c = &(*c)->next) - ; - - *c = (struct kcm_creds *)malloc(sizeof(struct kcm_creds)); - if (*c == NULL) { - return KRB5_CC_NOMEM; - } - - *credp = &(*c)->cred; - - if (copy) { - ret = krb5_copy_creds_contents(context, creds, *credp); - if (ret) { - free(*c); - *c = NULL; - } - } else { - **credp = *creds; - ret = 0; - } - - (*c)->next = NULL; - - return ret; -} - -static void -remove_cred(krb5_context context, - struct kcm_creds **c) -{ - struct kcm_creds *cred; - - cred = *c; - - *c = cred->next; - - krb5_free_cred_contents(context, &cred->cred); - free(cred); -} - -krb5_error_code -kcm_ccache_remove_cred_internal(krb5_context context, - kcm_ccache ccache, - krb5_flags whichfields, - const krb5_creds *mcreds) -{ - krb5_error_code ret; - struct kcm_creds **c; - - ret = KRB5_CC_NOTFOUND; - - for (c = &ccache->creds; *c != NULL; c = &(*c)->next) { - if (krb5_compare_creds(context, whichfields, mcreds, &(*c)->cred)) { - remove_cred(context, c); - ret = 0; - } - } - - return ret; -} - -krb5_error_code -kcm_ccache_remove_cred(krb5_context context, - kcm_ccache ccache, - krb5_flags whichfields, - const krb5_creds *mcreds) -{ - krb5_error_code ret; - - KCM_ASSERT_VALID(ccache); - - HEIMDAL_MUTEX_lock(&ccache->mutex); - ret = kcm_ccache_remove_cred_internal(context, ccache, whichfields, mcreds); - HEIMDAL_MUTEX_unlock(&ccache->mutex); - - return ret; -} - -krb5_error_code -kcm_ccache_retrieve_cred_internal(krb5_context context, - kcm_ccache ccache, - krb5_flags whichfields, - const krb5_creds *mcreds, - krb5_creds **creds) -{ - krb5_boolean match; - struct kcm_creds *c; - krb5_error_code ret; - - memset(creds, 0, sizeof(*creds)); - - ret = KRB5_CC_END; - - match = FALSE; - for (c = ccache->creds; c != NULL; c = c->next) { - match = krb5_compare_creds(context, whichfields, mcreds, &c->cred); - if (match) - break; - } - - if (match) { - ret = 0; - *creds = &c->cred; - } - - return ret; -} - -krb5_error_code -kcm_ccache_retrieve_cred(krb5_context context, - kcm_ccache ccache, - krb5_flags whichfields, - const krb5_creds *mcreds, - krb5_creds **credp) -{ - krb5_error_code ret; - - KCM_ASSERT_VALID(ccache); - - HEIMDAL_MUTEX_lock(&ccache->mutex); - ret = kcm_ccache_retrieve_cred_internal(context, ccache, - whichfields, mcreds, credp); - HEIMDAL_MUTEX_unlock(&ccache->mutex); - - return ret; -} diff --git a/crypto/heimdal/kcm/client.c b/crypto/heimdal/kcm/client.c deleted file mode 100644 index f0758949bafa..000000000000 --- a/crypto/heimdal/kcm/client.c +++ /dev/null @@ -1,185 +0,0 @@ -/* - * Copyright (c) 2005, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kcm_locl.h" -#include - -RCSID("$Id: client.c 20487 2007-04-21 06:25:06Z lha $"); - -krb5_error_code -kcm_ccache_resolve_client(krb5_context context, - kcm_client *client, - kcm_operation opcode, - const char *name, - kcm_ccache *ccache) -{ - krb5_error_code ret; - - ret = kcm_ccache_resolve(context, name, ccache); - if (ret) { - kcm_log(1, "Failed to resolve cache %s: %s", - name, krb5_get_err_text(context, ret)); - return ret; - } - - ret = kcm_access(context, client, opcode, *ccache); - if (ret) { - ret = KRB5_FCC_NOFILE; /* don't disclose */ - kcm_release_ccache(context, ccache); - } - - return ret; -} - -krb5_error_code -kcm_ccache_destroy_client(krb5_context context, - kcm_client *client, - const char *name) -{ - krb5_error_code ret; - kcm_ccache ccache; - - ret = kcm_ccache_resolve(context, name, &ccache); - if (ret) { - kcm_log(1, "Failed to resolve cache %s: %s", - name, krb5_get_err_text(context, ret)); - return ret; - } - - ret = kcm_access(context, client, KCM_OP_DESTROY, ccache); - if (ret) { - kcm_release_ccache(context, &ccache); - return ret; - } - - ret = kcm_ccache_destroy(context, ccache->name); - if (ret == 0) { - /* don't leave any events dangling */ - kcm_cleanup_events(context, ccache); - } - - kcm_release_ccache(context, &ccache); - return ret; -} - -krb5_error_code -kcm_ccache_new_client(krb5_context context, - kcm_client *client, - const char *name, - kcm_ccache *ccache_p) -{ - krb5_error_code ret; - kcm_ccache ccache; - - /* We insist the ccache name starts with UID or UID: */ - if (name_constraints != 0) { - char prefix[64]; - size_t prefix_len; - int bad = 1; - - snprintf(prefix, sizeof(prefix), "%ld:", (long)client->uid); - prefix_len = strlen(prefix); - - if (strncmp(name, prefix, prefix_len) == 0) - bad = 0; - else { - prefix[prefix_len - 1] = '\0'; - if (strcmp(name, prefix) == 0) - bad = 0; - } - - /* Allow root to create badly-named ccaches */ - if (bad && !CLIENT_IS_ROOT(client)) - return KRB5_CC_BADNAME; - } - - ret = kcm_ccache_resolve(context, name, &ccache); - if (ret == 0) { - if ((ccache->uid != client->uid || - ccache->gid != client->gid) && !CLIENT_IS_ROOT(client)) - return KRB5_FCC_PERM; - } else if (ret != KRB5_FCC_NOFILE && !(CLIENT_IS_ROOT(client) && ret == KRB5_FCC_PERM)) { - return ret; - } - - if (ret == KRB5_FCC_NOFILE) { - ret = kcm_ccache_new(context, name, &ccache); - if (ret) { - kcm_log(1, "Failed to initialize cache %s: %s", - name, krb5_get_err_text(context, ret)); - return ret; - } - - /* bind to current client */ - ccache->uid = client->uid; - ccache->gid = client->gid; - } else { - ret = kcm_zero_ccache_data(context, ccache); - if (ret) { - kcm_log(1, "Failed to empty cache %s: %s", - name, krb5_get_err_text(context, ret)); - kcm_release_ccache(context, &ccache); - return ret; - } - kcm_cleanup_events(context, ccache); - } - - ret = kcm_access(context, client, KCM_OP_INITIALIZE, ccache); - if (ret) { - kcm_release_ccache(context, &ccache); - kcm_ccache_destroy(context, name); - return ret; - } - - /* - * Finally, if the user is root and the cache was created under - * another user's name, chown the cache to that user and their - * default gid. - */ - if (CLIENT_IS_ROOT(client)) { - unsigned long uid; - int matches = sscanf(name,"%ld:",&uid); - if (matches == 0) - matches = sscanf(name,"%ld",&uid); - if (matches == 1) { - struct passwd *pwd = getpwuid(uid); - if (pwd != NULL) { - gid_t gid = pwd->pw_gid; - kcm_chown(context, client, ccache, uid, gid); - } - } - } - - *ccache_p = ccache; - return 0; -} - diff --git a/crypto/heimdal/kcm/config.c b/crypto/heimdal/kcm/config.c deleted file mode 100644 index 5de797eb4b33..000000000000 --- a/crypto/heimdal/kcm/config.c +++ /dev/null @@ -1,390 +0,0 @@ -/* - * Copyright (c) 2005, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kcm_locl.h" -#include -#include - -RCSID("$Id: config.c 15296 2005-05-30 10:17:43Z lha $"); - -static const char *config_file; /* location of kcm config file */ - -size_t max_request = 0; /* maximal size of a request */ -char *socket_path = NULL; -char *door_path = NULL; - -static char *max_request_str; /* `max_request' as a string */ - -int detach_from_console = -1; -#define DETACH_IS_DEFAULT FALSE - -static const char *system_cache_name = NULL; -static const char *system_keytab = NULL; -static const char *system_principal = NULL; -static const char *system_server = NULL; -static const char *system_perms = NULL; -static const char *system_user = NULL; -static const char *system_group = NULL; - -static const char *renew_life = NULL; -static const char *ticket_life = NULL; - -int disallow_getting_krbtgt = -1; -int name_constraints = -1; - -static int help_flag; -static int version_flag; - -static struct getargs args[] = { - { - "cache-name", 0, arg_string, &system_cache_name, - "system cache name", "cachename" - }, - { - "config-file", 'c', arg_string, &config_file, - "location of config file", "file" - }, - { - "group", 'g', arg_string, &system_group, - "system cache group", "group" - }, - { - "max-request", 0, arg_string, &max_request, - "max size for a kcm-request", "size" - }, -#if DETACH_IS_DEFAULT - { - "detach", 'D', arg_negative_flag, &detach_from_console, - "don't detach from console" - }, -#else - { - "detach", 0 , arg_flag, &detach_from_console, - "detach from console" - }, -#endif - { "help", 'h', arg_flag, &help_flag }, - { - "system-principal", 'k', arg_string, &system_principal, - "system principal name", "principal" - }, - { - "lifetime", 'l', arg_string, &ticket_life, - "lifetime of system tickets", "time" - }, - { - "mode", 'm', arg_string, &system_perms, - "octal mode of system cache", "mode" - }, - { - "name-constraints", 'n', arg_negative_flag, &name_constraints, - "disable credentials cache name constraints" - }, - { - "disallow-getting-krbtgt", 0, arg_flag, &disallow_getting_krbtgt, - "disable fetching krbtgt from the cache" - }, - { - "renewable-life", 'r', arg_string, &renew_life, - "renewable lifetime of system tickets", "time" - }, - { - "socket-path", 's', arg_string, &socket_path, - "path to kcm domain socket", "path" - }, -#ifdef HAVE_DOOR_CREATE - { - "door-path", 's', arg_string, &door_path, - "path to kcm door", "path" - }, -#endif - { - "server", 'S', arg_string, &system_server, - "server to get system ticket for", "principal" - }, - { - "keytab", 't', arg_string, &system_keytab, - "system keytab name", "keytab" - }, - { - "user", 'u', arg_string, &system_user, - "system cache owner", "user" - }, - { "version", 'v', arg_flag, &version_flag } -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage(int ret) -{ - arg_printusage (args, num_args, NULL, ""); - exit (ret); -} - -static int parse_owners(kcm_ccache ccache) -{ - uid_t uid = 0; - gid_t gid = 0; - struct passwd *pw; - struct group *gr; - int uid_p = 0; - int gid_p = 0; - - if (system_user != NULL) { - if (isdigit((unsigned char)system_user[0])) { - pw = getpwuid(atoi(system_user)); - } else { - pw = getpwnam(system_user); - } - if (pw == NULL) { - return errno; - } - - system_user = strdup(pw->pw_name); - if (system_user == NULL) { - return ENOMEM; - } - - uid = pw->pw_uid; uid_p = 1; - gid = pw->pw_gid; gid_p = 1; - } - - if (system_group != NULL) { - if (isdigit((unsigned char)system_group[0])) { - gr = getgrgid(atoi(system_group)); - } else { - gr = getgrnam(system_group); - } - if (gr == NULL) { - return errno; - } - - gid = gr->gr_gid; gid_p = 1; - } - - if (uid_p) - ccache->uid = uid; - else - ccache->uid = 0; /* geteuid() XXX */ - - if (gid_p) - ccache->gid = gid; - else - ccache->gid = 0; /* getegid() XXX */ - - return 0; -} - -static const char * -kcm_system_config_get_string(const char *string) -{ - return krb5_config_get_string(kcm_context, NULL, "kcm", - "system_ccache", string, NULL); -} - -static krb5_error_code -ccache_init_system(void) -{ - kcm_ccache ccache; - krb5_error_code ret; - - if (system_cache_name == NULL) - system_cache_name = kcm_system_config_get_string("cc_name"); - - ret = kcm_ccache_new(kcm_context, - system_cache_name ? system_cache_name : "SYSTEM", - &ccache); - if (ret) - return ret; - - ccache->flags |= KCM_FLAGS_OWNER_IS_SYSTEM; - ccache->flags |= KCM_FLAGS_USE_KEYTAB; - - ret = parse_owners(ccache); - if (ret) - return ret; - - ret = krb5_parse_name(kcm_context, system_principal, &ccache->client); - if (ret) { - kcm_release_ccache(kcm_context, &ccache); - return ret; - } - - if (system_server == NULL) - system_server = kcm_system_config_get_string("server"); - - if (system_server != NULL) { - ret = krb5_parse_name(kcm_context, system_server, &ccache->server); - if (ret) { - kcm_release_ccache(kcm_context, &ccache); - return ret; - } - } - - if (system_keytab == NULL) - system_keytab = kcm_system_config_get_string("keytab_name"); - - if (system_keytab != NULL) { - ret = krb5_kt_resolve(kcm_context, system_keytab, &ccache->key.keytab); - } else { - ret = krb5_kt_default(kcm_context, &ccache->key.keytab); - } - if (ret) { - kcm_release_ccache(kcm_context, &ccache); - return ret; - } - - if (renew_life == NULL) - renew_life = kcm_system_config_get_string("renew_life"); - - if (renew_life == NULL) - renew_life = "1 month"; - - if (renew_life != NULL) { - ccache->renew_life = parse_time(renew_life, "s"); - if (ccache->renew_life < 0) { - kcm_release_ccache(kcm_context, &ccache); - return EINVAL; - } - } - - if (ticket_life == NULL) - ticket_life = kcm_system_config_get_string("ticket_life"); - - if (ticket_life != NULL) { - ccache->tkt_life = parse_time(ticket_life, "s"); - if (ccache->tkt_life < 0) { - kcm_release_ccache(kcm_context, &ccache); - return EINVAL; - } - } - - if (system_perms == NULL) - system_perms = kcm_system_config_get_string("mode"); - - if (system_perms != NULL) { - int mode; - - if (sscanf(system_perms, "%o", &mode) != 1) - return EINVAL; - - ccache->mode = mode; - } - - if (disallow_getting_krbtgt == -1) { - disallow_getting_krbtgt = - krb5_config_get_bool_default(kcm_context, NULL, FALSE, "kcm", - "disallow-getting-krbtgt", NULL); - } - - /* enqueue default actions for credentials cache */ - ret = kcm_ccache_enqueue_default(kcm_context, ccache, NULL); - - kcm_release_ccache(kcm_context, &ccache); /* retained by event queue */ - - return ret; -} - -void -kcm_configure(int argc, char **argv) -{ - krb5_error_code ret; - int optind = 0; - const char *p; - - while(getarg(args, num_args, argc, argv, &optind)) - warnx("error at argument `%s'", argv[optind]); - - if(help_flag) - usage (0); - - if (version_flag) { - print_version(NULL); - exit(0); - } - - argc -= optind; - argv += optind; - - if (argc != 0) - usage(1); - - { - char **files; - - if(config_file == NULL) - config_file = _PATH_KCM_CONF; - - ret = krb5_prepend_config_files_default(config_file, &files); - if (ret) - krb5_err(kcm_context, 1, ret, "getting configuration files"); - - ret = krb5_set_config_files(kcm_context, files); - krb5_free_config_files(files); - if(ret) - krb5_err(kcm_context, 1, ret, "reading configuration files"); - } - - if(max_request_str) - max_request = parse_bytes(max_request_str, NULL); - - if(max_request == 0){ - p = krb5_config_get_string (kcm_context, - NULL, - "kcm", - "max-request", - NULL); - if(p) - max_request = parse_bytes(p, NULL); - } - - if (system_principal == NULL) { - system_principal = kcm_system_config_get_string("principal"); - } - - if (system_principal != NULL) { - ret = ccache_init_system(); - if (ret) - krb5_err(kcm_context, 1, ret, "initializing system ccache"); - } - - if(detach_from_console == -1) - detach_from_console = krb5_config_get_bool_default(kcm_context, NULL, - DETACH_IS_DEFAULT, - "kcm", - "detach", NULL); - kcm_openlog(); - if(max_request == 0) - max_request = 64 * 1024; -} - diff --git a/crypto/heimdal/kcm/connect.c b/crypto/heimdal/kcm/connect.c deleted file mode 100644 index b3a21aa66a0b..000000000000 --- a/crypto/heimdal/kcm/connect.c +++ /dev/null @@ -1,688 +0,0 @@ -/* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kcm_locl.h" - -RCSID("$Id: connect.c 16314 2005-11-29 19:03:50Z lha $"); - -struct descr { - int s; - int type; - char *path; - unsigned char *buf; - size_t size; - size_t len; - time_t timeout; - struct sockaddr_storage __ss; - struct sockaddr *sa; - socklen_t sock_len; - kcm_client peercred; -}; - -static void -init_descr(struct descr *d) -{ - memset(d, 0, sizeof(*d)); - d->sa = (struct sockaddr *)&d->__ss; - d->s = -1; -} - -/* - * re-initialize all `n' ->sa in `d'. - */ - -static void -reinit_descrs (struct descr *d, int n) -{ - int i; - - for (i = 0; i < n; ++i) - d[i].sa = (struct sockaddr *)&d[i].__ss; -} - -/* - * Update peer credentials from socket. - * - * SCM_CREDS can only be updated the first time there is read data to - * read from the filedescriptor, so if we read do it before this - * point, the cred data might not be is not there yet. - */ - -static int -update_client_creds(int s, kcm_client *peer) -{ -#ifdef GETPEERUCRED - /* Solaris 10 */ - { - ucred_t *peercred; - - if (getpeerucred(s, &peercred) != 0) { - peer->uid = ucred_geteuid(peercred); - peer->gid = ucred_getegid(peercred); - peer->pid = 0; - ucred_free(peercred); - return 0; - } - } -#endif -#ifdef GETPEEREID - /* FreeBSD, OpenBSD */ - { - uid_t uid; - gid_t gid; - - if (getpeereid(s, &uid, &gid) == 0) { - peer->uid = uid; - peer->gid = gid; - peer->pid = 0; - return 0; - } - } -#endif -#ifdef SO_PEERCRED - /* Linux */ - { - struct ucred pc; - socklen_t pclen = sizeof(pc); - - if (getsockopt(s, SOL_SOCKET, SO_PEERCRED, (void *)&pc, &pclen) == 0) { - peer->uid = pc.uid; - peer->gid = pc.gid; - peer->pid = pc.pid; - return 0; - } - } -#endif -#if defined(LOCAL_PEERCRED) && defined(XUCRED_VERSION) - { - struct xucred peercred; - socklen_t peercredlen = sizeof(peercred); - - if (getsockopt(s, LOCAL_PEERCRED, 1, - (void *)&peercred, &peercredlen) == 0 - && peercred.cr_version == XUCRED_VERSION) - { - peer->uid = peercred.cr_uid; - peer->gid = peercred.cr_gid; - peer->pid = 0; - return 0; - } - } -#endif -#if defined(SOCKCREDSIZE) && defined(SCM_CREDS) - /* NetBSD */ - if (peer->uid == -1) { - struct msghdr msg; - socklen_t crmsgsize; - void *crmsg; - struct cmsghdr *cmp; - struct sockcred *sc; - - memset(&msg, 0, sizeof(msg)); - crmsgsize = CMSG_SPACE(SOCKCREDSIZE(NGROUPS)); - if (crmsgsize == 0) - return 1 ; - - crmsg = malloc(crmsgsize); - if (crmsg == NULL) - goto failed_scm_creds; - - memset(crmsg, 0, crmsgsize); - - msg.msg_control = crmsg; - msg.msg_controllen = crmsgsize; - - if (recvmsg(s, &msg, 0) < 0) { - free(crmsg); - goto failed_scm_creds; - } - - if (msg.msg_controllen == 0 || (msg.msg_flags & MSG_CTRUNC) != 0) { - free(crmsg); - goto failed_scm_creds; - } - - cmp = CMSG_FIRSTHDR(&msg); - if (cmp->cmsg_level != SOL_SOCKET || cmp->cmsg_type != SCM_CREDS) { - free(crmsg); - goto failed_scm_creds; - } - - sc = (struct sockcred *)(void *)CMSG_DATA(cmp); - - peer->uid = sc->sc_euid; - peer->gid = sc->sc_egid; - peer->pid = 0; - - free(crmsg); - return 0; - } else { - /* we already got the cred, just return it */ - return 0; - } - failed_scm_creds: -#endif - krb5_warn(kcm_context, errno, "failed to determine peer identity"); - return 1; -} - - -/* - * Create the socket (family, type, port) in `d' - */ - -static void -init_socket(struct descr *d) -{ - struct sockaddr_un un; - struct sockaddr *sa = (struct sockaddr *)&un; - krb5_socklen_t sa_size = sizeof(un); - - init_descr (d); - - un.sun_family = AF_UNIX; - - if (socket_path != NULL) - d->path = socket_path; - else - d->path = _PATH_KCM_SOCKET; - - strlcpy(un.sun_path, d->path, sizeof(un.sun_path)); - - d->s = socket(AF_UNIX, SOCK_STREAM, 0); - if (d->s < 0){ - krb5_warn(kcm_context, errno, "socket(%d, %d, 0)", AF_UNIX, SOCK_STREAM); - d->s = -1; - return; - } -#if defined(HAVE_SETSOCKOPT) && defined(SOL_SOCKET) && defined(SO_REUSEADDR) - { - int one = 1; - setsockopt(d->s, SOL_SOCKET, SO_REUSEADDR, (void *)&one, sizeof(one)); - } -#endif -#ifdef LOCAL_CREDS - { - int one = 1; - setsockopt(d->s, 0, LOCAL_CREDS, (void *)&one, sizeof(one)); - } -#endif - - d->type = SOCK_STREAM; - - unlink(d->path); - - if (bind(d->s, sa, sa_size) < 0) { - krb5_warn(kcm_context, errno, "bind %s", un.sun_path); - close(d->s); - d->s = -1; - return; - } - - if (listen(d->s, SOMAXCONN) < 0) { - krb5_warn(kcm_context, errno, "listen %s", un.sun_path); - close(d->s); - d->s = -1; - return; - } - - chmod(d->path, 0777); - - return; -} - -/* - * Allocate descriptors for all the sockets that we should listen on - * and return the number of them. - */ - -static int -init_sockets(struct descr **desc) -{ - struct descr *d; - size_t num = 0; - - d = (struct descr *)malloc(sizeof(*d)); - if (d == NULL) { - krb5_errx(kcm_context, 1, "malloc failed"); - } - - init_socket(d); - if (d->s != -1) { - kcm_log(5, "listening on domain socket %s", d->path); - num++; - } - - reinit_descrs (d, num); - *desc = d; - - return num; -} - -/* - * handle the request in `buf, len', from `addr' (or `from' as a string), - * sending a reply in `reply'. - */ - -static int -process_request(unsigned char *buf, - size_t len, - krb5_data *reply, - kcm_client *client) -{ - krb5_data request; - - if (len < 4) { - kcm_log(1, "malformed request from process %d (too short)", - client->pid); - return -1; - } - - if (buf[0] != KCM_PROTOCOL_VERSION_MAJOR || - buf[1] != KCM_PROTOCOL_VERSION_MINOR) { - kcm_log(1, "incorrect protocol version %d.%d from process %d", - buf[0], buf[1], client->pid); - return -1; - } - - buf += 2; - len -= 2; - - /* buf is now pointing at opcode */ - - request.data = buf; - request.length = len; - - return kcm_dispatch(kcm_context, client, &request, reply); -} - -/* - * Handle the request in `buf, len' to socket `d' - */ - -static void -do_request(void *buf, size_t len, struct descr *d) -{ - krb5_error_code ret; - krb5_data reply; - - reply.length = 0; - - ret = process_request(buf, len, &reply, &d->peercred); - if (reply.length != 0) { - unsigned char len[4]; - struct msghdr msghdr; - struct iovec iov[2]; - - kcm_log(5, "sending %lu bytes to process %d", - (unsigned long)reply.length, - (int)d->peercred.pid); - - memset (&msghdr, 0, sizeof(msghdr)); - msghdr.msg_name = NULL; - msghdr.msg_namelen = 0; - msghdr.msg_iov = iov; - msghdr.msg_iovlen = sizeof(iov)/sizeof(*iov); -#if 0 - msghdr.msg_control = NULL; - msghdr.msg_controllen = 0; -#endif - - len[0] = (reply.length >> 24) & 0xff; - len[1] = (reply.length >> 16) & 0xff; - len[2] = (reply.length >> 8) & 0xff; - len[3] = reply.length & 0xff; - - iov[0].iov_base = (void*)len; - iov[0].iov_len = 4; - iov[1].iov_base = reply.data; - iov[1].iov_len = reply.length; - - if (sendmsg (d->s, &msghdr, 0) < 0) { - kcm_log (0, "sendmsg(%d): %d %s", (int)d->peercred.pid, - errno, strerror(errno)); - krb5_data_free(&reply); - return; - } - - krb5_data_free(&reply); - } - - if (ret) { - kcm_log(0, "Failed processing %lu byte request from process %d", - (unsigned long)len, d->peercred.pid); - } -} - -static void -clear_descr(struct descr *d) -{ - if(d->buf) - memset(d->buf, 0, d->size); - d->len = 0; - if(d->s != -1) - close(d->s); - d->s = -1; -} - -#define STREAM_TIMEOUT 4 - -/* - * accept a new stream connection on `d[parent]' and store it in `d[child]' - */ - -static void -add_new_stream (struct descr *d, int parent, int child) -{ - int s; - - if (child == -1) - return; - - d[child].peercred.pid = -1; - d[child].peercred.uid = -1; - d[child].peercred.gid = -1; - - d[child].sock_len = sizeof(d[child].__ss); - s = accept(d[parent].s, d[child].sa, &d[child].sock_len); - if(s < 0) { - krb5_warn(kcm_context, errno, "accept"); - return; - } - - if (s >= FD_SETSIZE) { - krb5_warnx(kcm_context, "socket FD too large"); - close (s); - return; - } - - d[child].s = s; - d[child].timeout = time(NULL) + STREAM_TIMEOUT; - d[child].type = SOCK_STREAM; -} - -/* - * Grow `d' to handle at least `n'. - * Return != 0 if fails - */ - -static int -grow_descr (struct descr *d, size_t n) -{ - if (d->size - d->len < n) { - unsigned char *tmp; - size_t grow; - - grow = max(1024, d->len + n); - if (d->size + grow > max_request) { - kcm_log(0, "Request exceeds max request size (%lu bytes).", - (unsigned long)d->size + grow); - clear_descr(d); - return -1; - } - tmp = realloc (d->buf, d->size + grow); - if (tmp == NULL) { - kcm_log(0, "Failed to re-allocate %lu bytes.", - (unsigned long)d->size + grow); - clear_descr(d); - return -1; - } - d->size += grow; - d->buf = tmp; - } - return 0; -} - -/* - * Handle incoming data to the stream socket in `d[index]' - */ - -static void -handle_stream(struct descr *d, int index, int min_free) -{ - unsigned char buf[1024]; - int n; - int ret = 0; - - if (d[index].timeout == 0) { - add_new_stream (d, index, min_free); - return; - } - - if (update_client_creds(d[index].s, &d[index].peercred)) { - krb5_warnx(kcm_context, "failed to update peer identity"); - clear_descr(d + index); - return; - } - - if (d[index].peercred.uid == -1) { - krb5_warnx(kcm_context, "failed to determine peer identity"); - clear_descr (d + index); - return; - } - - n = recvfrom(d[index].s, buf, sizeof(buf), 0, NULL, NULL); - if (n < 0) { - krb5_warn(kcm_context, errno, "recvfrom"); - return; - } else if (n == 0) { - krb5_warnx(kcm_context, "connection closed before end of data " - "after %lu bytes from process %ld", - (unsigned long) d[index].len, (long) d[index].peercred.pid); - clear_descr (d + index); - return; - } - if (grow_descr (&d[index], n)) - return; - memcpy(d[index].buf + d[index].len, buf, n); - d[index].len += n; - if (d[index].len > 4) { - krb5_storage *sp; - int32_t len; - - sp = krb5_storage_from_mem(d[index].buf, d[index].len); - if (sp == NULL) { - kcm_log (0, "krb5_storage_from_mem failed"); - ret = -1; - } else { - krb5_ret_int32(sp, &len); - krb5_storage_free(sp); - if (d[index].len - 4 >= len) { - memmove(d[index].buf, d[index].buf + 4, d[index].len - 4); - ret = 1; - } else - ret = 0; - } - } - if (ret < 0) - return; - else if (ret == 1) { - do_request(d[index].buf, d[index].len, &d[index]); - clear_descr(d + index); - } -} - -#ifdef HAVE_DOOR_CREATE - -static void -kcm_door_server(void *cookie, char *argp, size_t arg_size, - door_desc_t *dp, uint_t n_desc) -{ - kcm_client peercred; - door_cred_t cred; - krb5_error_code ret; - krb5_data reply; - size_t length; - char *p; - - reply.length = 0; - - p = NULL; - length = 0; - - if (door_cred(&cred) != 0) { - kcm_log(0, "door_cred failed with %s", strerror(errno)); - goto out; - } - - peercred.uid = cred.dc_euid; - peercred.gid = cred.dc_egid; - peercred.pid = cred.dc_pid; - - ret = process_request((unsigned char*)argp, arg_size, &reply, &peercred); - if (reply.length != 0) { - p = alloca(reply.length); /* XXX don't use alloca */ - if (p) { - memcpy(p, reply.data, reply.length); - length = reply.length; - } - krb5_data_free(&reply); - } - - out: - door_return(p, length, NULL, 0); -} - -static void -kcm_setup_door(void) -{ - int fd, ret; - char *path; - - fd = door_create(kcm_door_server, NULL, 0); - if (fd < 0) - krb5_err(kcm_context, 1, errno, "Failed to create door"); - - if (door_path != NULL) - path = door_path; - else - path = _PATH_KCM_DOOR; - - unlink(path); - ret = open(path, O_RDWR | O_CREAT, 0666); - if (ret < 0) - krb5_err(kcm_context, 1, errno, "Failed to create/open door"); - close(ret); - - ret = fattach(fd, path); - if (ret < 0) - krb5_err(kcm_context, 1, errno, "Failed to attach door"); - -} -#endif /* HAVE_DOOR_CREATE */ - - -void -kcm_loop(void) -{ - struct descr *d; - int ndescr; - -#ifdef HAVE_DOOR_CREATE - kcm_setup_door(); -#endif - - ndescr = init_sockets(&d); - if (ndescr <= 0) { - krb5_warnx(kcm_context, "No sockets!"); -#ifndef HAVE_DOOR_CREATE - exit(1); -#endif - } - while (exit_flag == 0){ - struct timeval tmout; - fd_set fds; - int min_free = -1; - int max_fd = 0; - int i; - - FD_ZERO(&fds); - for(i = 0; i < ndescr; i++) { - if (d[i].s >= 0){ - if(d[i].type == SOCK_STREAM && - d[i].timeout && d[i].timeout < time(NULL)) { - kcm_log(1, "Stream connection from %d expired after %lu bytes", - d[i].peercred.pid, (unsigned long)d[i].len); - clear_descr(&d[i]); - continue; - } - if (max_fd < d[i].s) - max_fd = d[i].s; - if (max_fd >= FD_SETSIZE) - krb5_errx(kcm_context, 1, "fd too large"); - FD_SET(d[i].s, &fds); - } else if (min_free < 0 || i < min_free) - min_free = i; - } - if (min_free == -1) { - struct descr *tmp; - tmp = realloc(d, (ndescr + 4) * sizeof(*d)); - if(tmp == NULL) - krb5_warnx(kcm_context, "No memory"); - else { - d = tmp; - reinit_descrs (d, ndescr); - memset(d + ndescr, 0, 4 * sizeof(*d)); - for(i = ndescr; i < ndescr + 4; i++) - init_descr (&d[i]); - min_free = ndescr; - ndescr += 4; - } - } - - tmout.tv_sec = STREAM_TIMEOUT; - tmout.tv_usec = 0; - switch (select(max_fd + 1, &fds, 0, 0, &tmout)){ - case 0: - kcm_run_events(kcm_context, time(NULL)); - break; - case -1: - if (errno != EINTR) - krb5_warn(kcm_context, errno, "select"); - break; - default: - for(i = 0; i < ndescr; i++) { - if(d[i].s >= 0 && FD_ISSET(d[i].s, &fds)) { - if (d[i].type == SOCK_STREAM) - handle_stream(d, i, min_free); - } - } - kcm_run_events(kcm_context, time(NULL)); - break; - } - } - if (d->path != NULL) - unlink(d->path); - free(d); -} - diff --git a/crypto/heimdal/kcm/cursor.c b/crypto/heimdal/kcm/cursor.c deleted file mode 100644 index 701f770219ff..000000000000 --- a/crypto/heimdal/kcm/cursor.c +++ /dev/null @@ -1,151 +0,0 @@ -/* - * Copyright (c) 2005, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kcm_locl.h" - -RCSID("$Id: cursor.c 17447 2006-05-05 10:52:01Z lha $"); - -krb5_error_code -kcm_cursor_new(krb5_context context, - pid_t pid, - kcm_ccache ccache, - uint32_t *cursor) -{ - kcm_cursor **p; - krb5_error_code ret; - - *cursor = 0; - - KCM_ASSERT_VALID(ccache); - - HEIMDAL_MUTEX_lock(&ccache->mutex); - for (p = &ccache->cursors; *p != NULL; p = &(*p)->next) - ; - - *p = (kcm_cursor *)malloc(sizeof(kcm_cursor)); - if (*p == NULL) { - ret = KRB5_CC_NOMEM; - goto out; - } - - (*p)->pid = pid; - (*p)->key = ++ccache->n_cursor; - (*p)->credp = ccache->creds; - (*p)->next = NULL; - - *cursor = (*p)->key; - - ret = 0; - -out: - HEIMDAL_MUTEX_unlock(&ccache->mutex); - - return ret; -} - -krb5_error_code -kcm_cursor_find(krb5_context context, - pid_t pid, - kcm_ccache ccache, - uint32_t key, - kcm_cursor **cursor) -{ - kcm_cursor *p; - krb5_error_code ret; - - KCM_ASSERT_VALID(ccache); - - if (key == 0) - return KRB5_CC_NOTFOUND; - - ret = KRB5_CC_END; - - HEIMDAL_MUTEX_lock(&ccache->mutex); - - for (p = ccache->cursors; p != NULL; p = p->next) { - if (p->key == key) { - if (p->pid != pid) - ret = KRB5_FCC_PERM; - else - ret = 0; - break; - } - } - - if (ret == 0) - *cursor = p; - - HEIMDAL_MUTEX_unlock(&ccache->mutex); - - return ret; -} - -krb5_error_code -kcm_cursor_delete(krb5_context context, - pid_t pid, - kcm_ccache ccache, - uint32_t key) -{ - kcm_cursor **p; - krb5_error_code ret; - - KCM_ASSERT_VALID(ccache); - - if (key == 0) - return KRB5_CC_NOTFOUND; - - ret = KRB5_CC_END; - - HEIMDAL_MUTEX_lock(&ccache->mutex); - - for (p = &ccache->cursors; *p != NULL; p = &(*p)->next) { - if ((*p)->key == key) { - if ((*p)->pid != pid) - ret = KRB5_FCC_PERM; - else - ret = 0; - break; - } - } - - if (ret == 0) { - kcm_cursor *x = *p; - - *p = x->next; - free(x); - } - - HEIMDAL_MUTEX_unlock(&ccache->mutex); - - return ret; -} - diff --git a/crypto/heimdal/kcm/events.c b/crypto/heimdal/kcm/events.c deleted file mode 100644 index f1110d110f20..000000000000 --- a/crypto/heimdal/kcm/events.c +++ /dev/null @@ -1,440 +0,0 @@ -/* - * Copyright (c) 2005, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kcm_locl.h" - -RCSID("$Id: events.c 15294 2005-05-30 01:43:23Z lukeh $"); - -/* thread-safe in case we multi-thread later */ -static HEIMDAL_MUTEX events_mutex = HEIMDAL_MUTEX_INITIALIZER; -static kcm_event *events_head = NULL; -static time_t last_run = 0; - -static char *action_strings[] = { - "NONE", "ACQUIRE_CREDS", "RENEW_CREDS", - "DESTROY_CREDS", "DESTROY_EMPTY_CACHE" }; - -krb5_error_code -kcm_enqueue_event(krb5_context context, - kcm_event *event) -{ - krb5_error_code ret; - - if (event->action == KCM_EVENT_NONE) { - return 0; - } - - HEIMDAL_MUTEX_lock(&events_mutex); - ret = kcm_enqueue_event_internal(context, event); - HEIMDAL_MUTEX_unlock(&events_mutex); - - return ret; -} - -static void -print_times(time_t time, char buf[64]) -{ - if (time) - strftime(buf, 64, "%m-%dT%H:%M", gmtime(&time)); - else - strlcpy(buf, "never", 64); -} - -static void -log_event(kcm_event *event, char *msg) -{ - char fire_time[64], expire_time[64]; - - print_times(event->fire_time, fire_time); - print_times(event->expire_time, expire_time); - - kcm_log(7, "%s event %08x: fire_time %s fire_count %d expire_time %s " - "backoff_time %d action %s cache %s", - msg, event, fire_time, event->fire_count, expire_time, - event->backoff_time, action_strings[event->action], - event->ccache->name); -} - -krb5_error_code -kcm_enqueue_event_internal(krb5_context context, - kcm_event *event) -{ - kcm_event **e; - - if (event->action == KCM_EVENT_NONE) - return 0; - - for (e = &events_head; *e != NULL; e = &(*e)->next) - ; - - *e = (kcm_event *)malloc(sizeof(kcm_event)); - if (*e == NULL) { - return KRB5_CC_NOMEM; - } - - (*e)->valid = 1; - (*e)->fire_time = event->fire_time; - (*e)->fire_count = 0; - (*e)->expire_time = event->expire_time; - (*e)->backoff_time = event->backoff_time; - - (*e)->action = event->action; - - kcm_retain_ccache(context, event->ccache); - (*e)->ccache = event->ccache; - (*e)->next = NULL; - - log_event(*e, "enqueuing"); - - return 0; -} - -/* - * Dump events list on SIGUSR2 - */ -krb5_error_code -kcm_debug_events(krb5_context context) -{ - kcm_event *e; - - for (e = events_head; e != NULL; e = e->next) - log_event(e, "debug"); - - return 0; -} - -krb5_error_code -kcm_enqueue_event_relative(krb5_context context, - kcm_event *event) -{ - krb5_error_code ret; - kcm_event e; - - e = *event; - e.backoff_time = e.fire_time; - e.fire_time += time(NULL); - - ret = kcm_enqueue_event(context, &e); - - return ret; -} - -static krb5_error_code -kcm_remove_event_internal(krb5_context context, - kcm_event **e) -{ - kcm_event *next; - - next = (*e)->next; - - (*e)->valid = 0; - (*e)->fire_time = 0; - (*e)->fire_count = 0; - (*e)->expire_time = 0; - (*e)->backoff_time = 0; - kcm_release_ccache(context, &(*e)->ccache); - (*e)->next = NULL; - free(*e); - - *e = next; - - return 0; -} - -static int -is_primary_credential_p(krb5_context context, - kcm_ccache ccache, - krb5_creds *newcred) -{ - krb5_flags whichfields; - - if (ccache->client == NULL) - return 0; - - if (newcred->client == NULL || - !krb5_principal_compare(context, ccache->client, newcred->client)) - return 0; - - /* XXX just checks whether it's the first credential in the cache */ - if (ccache->creds == NULL) - return 0; - - whichfields = KRB5_TC_MATCH_KEYTYPE | KRB5_TC_MATCH_FLAGS_EXACT | - KRB5_TC_MATCH_TIMES_EXACT | KRB5_TC_MATCH_AUTHDATA | - KRB5_TC_MATCH_2ND_TKT | KRB5_TC_MATCH_IS_SKEY; - - return krb5_compare_creds(context, whichfields, newcred, &ccache->creds->cred); -} - -/* - * Setup default events for a new credential - */ -static krb5_error_code -kcm_ccache_make_default_event(krb5_context context, - kcm_event *event, - krb5_creds *newcred) -{ - krb5_error_code ret = 0; - kcm_ccache ccache = event->ccache; - - event->fire_time = 0; - event->expire_time = 0; - event->backoff_time = KCM_EVENT_DEFAULT_BACKOFF_TIME; - - if (newcred == NULL) { - /* no creds, must be acquire creds request */ - if ((ccache->flags & KCM_MASK_KEY_PRESENT) == 0) { - kcm_log(0, "Cannot acquire credentials without a key"); - return KRB5_FCC_INTERNAL; - } - - event->fire_time = time(NULL); /* right away */ - event->action = KCM_EVENT_ACQUIRE_CREDS; - } else if (is_primary_credential_p(context, ccache, newcred)) { - if (newcred->flags.b.renewable) { - event->action = KCM_EVENT_RENEW_CREDS; - ccache->flags |= KCM_FLAGS_RENEWABLE; - } else { - if (ccache->flags & KCM_MASK_KEY_PRESENT) - event->action = KCM_EVENT_ACQUIRE_CREDS; - else - event->action = KCM_EVENT_NONE; - ccache->flags &= ~(KCM_FLAGS_RENEWABLE); - } - /* requeue with some slop factor */ - event->fire_time = newcred->times.endtime - KCM_EVENT_QUEUE_INTERVAL; - } else { - event->action = KCM_EVENT_NONE; - } - - return ret; -} - -krb5_error_code -kcm_ccache_enqueue_default(krb5_context context, - kcm_ccache ccache, - krb5_creds *newcred) -{ - kcm_event event; - krb5_error_code ret; - - memset(&event, 0, sizeof(event)); - event.ccache = ccache; - - ret = kcm_ccache_make_default_event(context, &event, newcred); - if (ret) - return ret; - - ret = kcm_enqueue_event_internal(context, &event); - if (ret) - return ret; - - return 0; -} - -krb5_error_code -kcm_remove_event(krb5_context context, - kcm_event *event) -{ - krb5_error_code ret; - kcm_event **e; - int found = 0; - - log_event(event, "removing"); - - HEIMDAL_MUTEX_lock(&events_mutex); - for (e = &events_head; *e != NULL; e = &(*e)->next) { - if (event == *e) { - *e = event->next; - found++; - break; - } - } - - if (!found) { - ret = KRB5_CC_NOTFOUND; - goto out; - } - - ret = kcm_remove_event_internal(context, &event); - -out: - HEIMDAL_MUTEX_unlock(&events_mutex); - - return ret; -} - -krb5_error_code -kcm_cleanup_events(krb5_context context, - kcm_ccache ccache) -{ - kcm_event **e; - - KCM_ASSERT_VALID(ccache); - - HEIMDAL_MUTEX_lock(&events_mutex); - - for (e = &events_head; *e != NULL; e = &(*e)->next) { - if ((*e)->valid && (*e)->ccache == ccache) { - kcm_remove_event_internal(context, e); - } - if (*e == NULL) - break; - } - - HEIMDAL_MUTEX_unlock(&events_mutex); - - return 0; -} - -static krb5_error_code -kcm_fire_event(krb5_context context, - kcm_event **e) -{ - kcm_event *event; - krb5_error_code ret; - krb5_creds *credp = NULL; - int oneshot = 1; - - event = *e; - - switch (event->action) { - case KCM_EVENT_ACQUIRE_CREDS: - ret = kcm_ccache_acquire(context, event->ccache, &credp); - oneshot = 0; - break; - case KCM_EVENT_RENEW_CREDS: - ret = kcm_ccache_refresh(context, event->ccache, &credp); - if (ret == KRB5KRB_AP_ERR_TKT_EXPIRED) { - ret = kcm_ccache_acquire(context, event->ccache, &credp); - } - oneshot = 0; - break; - case KCM_EVENT_DESTROY_CREDS: - ret = kcm_ccache_destroy(context, event->ccache->name); - break; - case KCM_EVENT_DESTROY_EMPTY_CACHE: - ret = kcm_ccache_destroy_if_empty(context, event->ccache); - break; - default: - ret = KRB5_FCC_INTERNAL; - break; - } - - event->fire_count++; - - if (ret) { - /* Reschedule failed event for another time */ - event->fire_time += event->backoff_time; - if (event->backoff_time < KCM_EVENT_MAX_BACKOFF_TIME) - event->backoff_time *= 2; - - /* Remove it if it would never get executed */ - if (event->expire_time && - event->fire_time > event->expire_time) - kcm_remove_event_internal(context, e); - } else { - if (!oneshot) { - char *cpn; - - if (krb5_unparse_name(context, event->ccache->client, - &cpn)) - cpn = NULL; - - kcm_log(0, "%s credentials in cache %s for principal %s", - (event->action == KCM_EVENT_ACQUIRE_CREDS) ? - "Acquired" : "Renewed", - event->ccache->name, - (cpn != NULL) ? cpn : ""); - - if (cpn != NULL) - free(cpn); - - /* Succeeded, but possibly replaced with another event */ - ret = kcm_ccache_make_default_event(context, event, credp); - if (ret || event->action == KCM_EVENT_NONE) - oneshot = 1; - else - log_event(event, "requeuing"); - } - if (oneshot) - kcm_remove_event_internal(context, e); - } - - return ret; -} - -krb5_error_code -kcm_run_events(krb5_context context, - time_t now) -{ - krb5_error_code ret; - kcm_event **e; - - HEIMDAL_MUTEX_lock(&events_mutex); - - /* Only run event queue every N seconds */ - if (now < last_run + KCM_EVENT_QUEUE_INTERVAL) { - HEIMDAL_MUTEX_unlock(&events_mutex); - return 0; - } - - /* go through events list, fire and expire */ - for (e = &events_head; *e != NULL; e = &(*e)->next) { - if ((*e)->valid == 0) - continue; - - if (now >= (*e)->fire_time) { - ret = kcm_fire_event(context, e); - if (ret) { - kcm_log(1, "Could not fire event for cache %s: %s", - (*e)->ccache->name, krb5_get_err_text(context, ret)); - } - } else if ((*e)->expire_time && now >= (*e)->expire_time) { - ret = kcm_remove_event_internal(context, e); - if (ret) { - kcm_log(1, "Could not expire event for cache %s: %s", - (*e)->ccache->name, krb5_get_err_text(context, ret)); - } - } - - if (*e == NULL) - break; - } - - last_run = now; - - HEIMDAL_MUTEX_unlock(&events_mutex); - - return 0; -} - diff --git a/crypto/heimdal/kcm/glue.c b/crypto/heimdal/kcm/glue.c deleted file mode 100644 index be217f344f4b..000000000000 --- a/crypto/heimdal/kcm/glue.c +++ /dev/null @@ -1,279 +0,0 @@ -/* - * Copyright (c) 2005, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kcm_locl.h" - -RCSID("$Id: glue.c 14566 2005-02-06 01:22:49Z lukeh $"); - -/* - * Server-side loopback glue for credentials cache operations; this - * must be initialized with kcm_internal_ccache(), it is not for real - * use. This entire file assumes the cache is locked, it does not do - * any concurrency checking for multithread applications. - */ - -#define KCMCACHE(X) ((kcm_ccache)(X)->data.data) -#define CACHENAME(X) (KCMCACHE(X)->name) - -static const char * -kcmss_get_name(krb5_context context, - krb5_ccache id) -{ - return CACHENAME(id); -} - -static krb5_error_code -kcmss_resolve(krb5_context context, krb5_ccache *id, const char *res) -{ - return KRB5_FCC_INTERNAL; -} - -static krb5_error_code -kcmss_gen_new(krb5_context context, krb5_ccache *id) -{ - return KRB5_FCC_INTERNAL; -} - -static krb5_error_code -kcmss_initialize(krb5_context context, - krb5_ccache id, - krb5_principal primary_principal) -{ - krb5_error_code ret; - kcm_ccache c = KCMCACHE(id); - - KCM_ASSERT_VALID(c); - - ret = kcm_zero_ccache_data_internal(context, c); - if (ret) - return ret; - - ret = krb5_copy_principal(context, primary_principal, - &c->client); - - return ret; -} - -static krb5_error_code -kcmss_close(krb5_context context, - krb5_ccache id) -{ - kcm_ccache c = KCMCACHE(id); - - KCM_ASSERT_VALID(c); - - id->data.data = NULL; - id->data.length = 0; - - return 0; -} - -static krb5_error_code -kcmss_destroy(krb5_context context, - krb5_ccache id) -{ - krb5_error_code ret; - kcm_ccache c = KCMCACHE(id); - - KCM_ASSERT_VALID(c); - - ret = kcm_ccache_destroy(context, CACHENAME(id)); - - return ret; -} - -static krb5_error_code -kcmss_store_cred(krb5_context context, - krb5_ccache id, - krb5_creds *creds) -{ - krb5_error_code ret; - kcm_ccache c = KCMCACHE(id); - krb5_creds *tmp; - - KCM_ASSERT_VALID(c); - - ret = kcm_ccache_store_cred_internal(context, c, creds, 1, &tmp); - - return ret; -} - -static krb5_error_code -kcmss_retrieve(krb5_context context, - krb5_ccache id, - krb5_flags which, - const krb5_creds *mcred, - krb5_creds *creds) -{ - krb5_error_code ret; - kcm_ccache c = KCMCACHE(id); - krb5_creds *credp; - - KCM_ASSERT_VALID(c); - - ret = kcm_ccache_retrieve_cred_internal(context, c, which, - mcred, &credp); - if (ret) - return ret; - - ret = krb5_copy_creds_contents(context, credp, creds); - if (ret) - return ret; - - return 0; -} - -static krb5_error_code -kcmss_get_principal(krb5_context context, - krb5_ccache id, - krb5_principal *principal) -{ - krb5_error_code ret; - kcm_ccache c = KCMCACHE(id); - - KCM_ASSERT_VALID(c); - - ret = krb5_copy_principal(context, c->client, - principal); - - return ret; -} - -static krb5_error_code -kcmss_get_first (krb5_context context, - krb5_ccache id, - krb5_cc_cursor *cursor) -{ - kcm_ccache c = KCMCACHE(id); - - KCM_ASSERT_VALID(c); - - *cursor = c->creds; - - return (*cursor == NULL) ? KRB5_CC_END : 0; -} - -static krb5_error_code -kcmss_get_next (krb5_context context, - krb5_ccache id, - krb5_cc_cursor *cursor, - krb5_creds *creds) -{ - krb5_error_code ret; - kcm_ccache c = KCMCACHE(id); - - KCM_ASSERT_VALID(c); - - ret = krb5_copy_creds_contents(context, - &((struct kcm_creds *)cursor)->cred, - creds); - if (ret) - return ret; - - *cursor = ((struct kcm_creds *)cursor)->next; - if (*cursor == 0) - ret = KRB5_CC_END; - - return ret; -} - -static krb5_error_code -kcmss_end_get (krb5_context context, - krb5_ccache id, - krb5_cc_cursor *cursor) -{ - *cursor = NULL; - return 0; -} - -static krb5_error_code -kcmss_remove_cred(krb5_context context, - krb5_ccache id, - krb5_flags which, - krb5_creds *cred) -{ - krb5_error_code ret; - kcm_ccache c = KCMCACHE(id); - - KCM_ASSERT_VALID(c); - - ret = kcm_ccache_remove_cred_internal(context, c, which, cred); - - return ret; -} - -static krb5_error_code -kcmss_set_flags(krb5_context context, - krb5_ccache id, - krb5_flags flags) -{ - return 0; -} - -static krb5_error_code -kcmss_get_version(krb5_context context, - krb5_ccache id) -{ - return 0; -} - -static const krb5_cc_ops krb5_kcmss_ops = { - "KCM", - kcmss_get_name, - kcmss_resolve, - kcmss_gen_new, - kcmss_initialize, - kcmss_destroy, - kcmss_close, - kcmss_store_cred, - kcmss_retrieve, - kcmss_get_principal, - kcmss_get_first, - kcmss_get_next, - kcmss_end_get, - kcmss_remove_cred, - kcmss_set_flags, - kcmss_get_version -}; - -krb5_error_code -kcm_internal_ccache(krb5_context context, - kcm_ccache c, - krb5_ccache id) -{ - id->ops = &krb5_kcmss_ops; - id->data.length = sizeof(*c); - id->data.data = c; - - return 0; -} - diff --git a/crypto/heimdal/kcm/headers.h b/crypto/heimdal/kcm/headers.h deleted file mode 100644 index 1042dd8d620d..000000000000 --- a/crypto/heimdal/kcm/headers.h +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright (c) 2005, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __HEADERS_H__ -#define __HEADERS_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include -#include -#include -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_SYS_SELECT_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_SYS_UN_H -#include -#endif -#ifdef HAVE_SYS_UCRED_H -#include -#endif -#ifdef HAVE_UTIL_H -#include -#endif -#ifdef HAVE_LIBUTIL_H -#include -#endif -#ifdef HAVE_GETPEERUCRED -#include -#endif -#ifdef HAVE_DOOR_CREATE -#include -#include -#endif -#include -#include -#include -#include -#include -#include -#include - -#endif /* __HEADERS_H__ */ - diff --git a/crypto/heimdal/kcm/kcm.8 b/crypto/heimdal/kcm/kcm.8 deleted file mode 100644 index 4a72eb382aa6..000000000000 --- a/crypto/heimdal/kcm/kcm.8 +++ /dev/null @@ -1,224 +0,0 @@ -.\" Copyright (c) 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kcm.8 15497 2005-06-20 13:32:44Z lha $ -.\" -.Dd May 29, 2005 -.Dt KCM 8 -.Os Heimdal -.Sh NAME -.Nm kcm -.Nd -is a process based credential cache for Kerberos tickets. -.Sh SYNOPSIS -.Nm -.Op Fl -cache-name= Ns Ar cachename -.Oo Fl c Ar file \*(Ba Xo -.Fl -config-file= Ns Ar file -.Xc -.Oc -.Oo Fl g Ar group \*(Ba Xo -.Fl -group= Ns Ar group -.Xc -.Oc -.Op Fl -max-request= Ns Ar size -.Op Fl -disallow-getting-krbtgt -.Op Fl -detach -.Op Fl h | Fl -help -.Oo Fl k Ar principal \*(Ba Xo -.Fl -system-principal= Ns Ar principal -.Xc -.Oc -.Oo Fl l Ar time \*(Ba Xo -.Fl -lifetime= Ns Ar time -.Xc -.Oc -.Oo Fl m Ar mode \*(Ba Xo -.Fl -mode= Ns Ar mode -.Xc -.Oc -.Op Fl n | Fl -no-name-constraints -.Oo Fl r Ar time \*(Ba Xo -.Fl -renewable-life= Ns Ar time -.Xc -.Oc -.Oo Fl s Ar path \*(Ba Xo -.Fl -socket-path= Ns Ar path -.Xc -.Oc -.Oo Xo -.Fl -door-path= Ns Ar path -.Xc -.Oc -.Oo Fl S Ar principal \*(Ba Xo -.Fl -server= Ns Ar principal -.Xc -.Oc -.Oo Fl t Ar keytab \*(Ba Xo -.Fl -keytab= Ns Ar keytab -.Xc -.Oc -.Oo Fl u Ar user \*(Ba Xo -.Fl -user= Ns Ar user -.Xc -.Oc -.Op Fl v | Fl -version -.Sh DESCRIPTION -.Nm -is a process based credential cache. -To use it, set the -.Ev KRB5CCNAME -enviroment variable to -.Ql KCM: Ns Ar uid -or add the stanza -.Bd -literal - -[libdefaults] - default_cc_name = KCM:%{uid} - -.Ed -to the -.Pa /etc/krb5.conf -configuration file and make sure -.Nm kcm -is started in the system startup files. -.Pp -The -.Nm -daemon can hold the credentials for all users in the system. Access -control is done with Unix-like permissions. The daemon checks the -access on all operations based on the uid and gid of the user. The -tickets are renewed as long as is permitted by the KDC's policy. -.Pp -The -.Nm -daemon can also keep a SYSTEM credential that server processes can -use to access services. One example of usage might be an nss_ldap -module that quickly needs to get credentials and doesn't want to renew -the ticket itself. -.Pp -Supported options: -.Bl -tag -width Ds -.It Xo -.Fl -cache-name= Ns Ar cachename -.Xc -system cache name -.It Xo -.Fl c Ar file , -.Fl -config-file= Ns Ar file -.Xc -location of config file -.It Xo -.Fl g Ar group , -.Fl -group= Ns Ar group -.Xc -system cache group -.It Xo -.Fl -max-request= Ns Ar size -.Xc -max size for a kcm-request -.It Xo -.Fl -disallow-getting-krbtgt -.Xc -disallow extracting any krbtgt from the -.Nm kcm -daemon. -.It Xo -.Fl -detach -.Xc -detach from console -.It Xo -.Fl h , -.Fl -help -.Xc -.It Xo -.Fl k Ar principal , -.Fl -system-principal= Ns Ar principal -.Xc -system principal name -.It Xo -.Fl l Ar time , -.Fl -lifetime= Ns Ar time -.Xc -lifetime of system tickets -.It Xo -.Fl m Ar mode , -.Fl -mode= Ns Ar mode -.Xc -octal mode of system cache -.It Xo -.Fl n , -.Fl -no-name-constraints -.Xc -disable credentials cache name constraints -.It Xo -.Fl r Ar time , -.Fl -renewable-life= Ns Ar time -.Xc -renewable lifetime of system tickets -.It Xo -.Fl s Ar path , -.Fl -socket-path= Ns Ar path -.Xc -path to kcm domain socket -.It Xo -.Fl -door-path= Ns Ar path -.Xc -path to kcm door socket -.It Xo -.Fl S Ar principal , -.Fl -server= Ns Ar principal -.Xc -server to get system ticket for -.It Xo -.Fl t Ar keytab , -.Fl -keytab= Ns Ar keytab -.Xc -system keytab name -.It Xo -.Fl u Ar user , -.Fl -user= Ns Ar user -.Xc -system cache owner -.It Xo -.Fl v , -.Fl -version -.Xc -.El -.\".Sh ENVIRONMENT -.\".Sh FILES -.\".Sh EXAMPLES -.\".Sh DIAGNOSTICS -.\".Sh SEE ALSO -.\".Sh STANDARDS -.\".Sh HISTORY -.\".Sh AUTHORS -.\".Sh BUGS diff --git a/crypto/heimdal/kcm/kcm_locl.h b/crypto/heimdal/kcm/kcm_locl.h deleted file mode 100644 index 75e55ee0b3f8..000000000000 --- a/crypto/heimdal/kcm/kcm_locl.h +++ /dev/null @@ -1,173 +0,0 @@ -/* - * Copyright (c) 2005, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * $Id: kcm_locl.h 20470 2007-04-20 10:41:11Z lha $ - */ - -#ifndef __KCM_LOCL_H__ -#define __KCM_LOCL_H__ - -#include "headers.h" - -#include - -#define KCM_LOG_REQUEST(_context, _client, _opcode) do { \ - kcm_log(1, "%s request by process %d/uid %d", \ - kcm_op2string(_opcode), (_client)->pid, (_client)->uid); \ - } while (0) - -#define KCM_LOG_REQUEST_NAME(_context, _client, _opcode, _name) do { \ - kcm_log(1, "%s request for cache %s by process %d/uid %d", \ - kcm_op2string(_opcode), (_name), (_client)->pid, (_client)->uid); \ - } while (0) - -/* Cache management */ - -#define KCM_FLAGS_VALID 0x0001 -#define KCM_FLAGS_USE_KEYTAB 0x0002 -#define KCM_FLAGS_RENEWABLE 0x0004 -#define KCM_FLAGS_OWNER_IS_SYSTEM 0x0008 -#define KCM_FLAGS_USE_CACHED_KEY 0x0010 - -#define KCM_MASK_KEY_PRESENT ( KCM_FLAGS_USE_KEYTAB | \ - KCM_FLAGS_USE_CACHED_KEY ) - -struct kcm_ccache_data; -struct kcm_creds; - -typedef struct kcm_cursor { - pid_t pid; - uint32_t key; - struct kcm_creds *credp; /* pointer to next credential */ - struct kcm_cursor *next; -} kcm_cursor; - -typedef struct kcm_ccache_data { - char *name; - unsigned refcnt; - uint16_t flags; - uint16_t mode; - uid_t uid; - gid_t gid; - krb5_principal client; /* primary client principal */ - krb5_principal server; /* primary server principal (TGS if NULL) */ - struct kcm_creds { - krb5_creds cred; /* XXX would be useful for have ACLs on creds */ - struct kcm_creds *next; - } *creds; - uint32_t n_cursor; - kcm_cursor *cursors; - krb5_deltat tkt_life; - krb5_deltat renew_life; - union { - krb5_keytab keytab; - krb5_keyblock keyblock; - } key; - HEIMDAL_MUTEX mutex; - struct kcm_ccache_data *next; -} kcm_ccache_data; - -#define KCM_ASSERT_VALID(_ccache) do { \ - if (((_ccache)->flags & KCM_FLAGS_VALID) == 0) \ - krb5_abortx(context, "kcm_free_ccache_data: ccache invalid"); \ - else if ((_ccache)->refcnt == 0) \ - krb5_abortx(context, "kcm_free_ccache_data: ccache refcnt == 0"); \ - } while (0) - -typedef kcm_ccache_data *kcm_ccache; - -/* Event management */ - -typedef struct kcm_event { - int valid; - time_t fire_time; - unsigned fire_count; - time_t expire_time; - time_t backoff_time; - enum { - KCM_EVENT_NONE = 0, - KCM_EVENT_ACQUIRE_CREDS, - KCM_EVENT_RENEW_CREDS, - KCM_EVENT_DESTROY_CREDS, - KCM_EVENT_DESTROY_EMPTY_CACHE - } action; - kcm_ccache ccache; - struct kcm_event *next; -} kcm_event; - -/* wakeup interval for event queue */ -#define KCM_EVENT_QUEUE_INTERVAL 60 -#define KCM_EVENT_DEFAULT_BACKOFF_TIME 5 -#define KCM_EVENT_MAX_BACKOFF_TIME (12 * 60 * 60) - - -/* Request format is LENGTH | MAJOR | MINOR | OPERATION | request */ -/* Response format is LENGTH | STATUS | response */ - -typedef struct kcm_client { - pid_t pid; - uid_t uid; - gid_t gid; -} kcm_client; - -#define CLIENT_IS_ROOT(client) ((client)->uid == 0) - -/* Dispatch table */ -/* passed in OPERATION | ... ; returns STATUS | ... */ -typedef krb5_error_code (*kcm_method)(krb5_context, kcm_client *, kcm_operation, krb5_storage *, krb5_storage *); - -struct kcm_op { - const char *name; - kcm_method method; -}; - -#define DEFAULT_LOG_DEST "0/FILE:" LOCALSTATEDIR "/log/kcmd.log" -#define _PATH_KCM_CONF SYSCONFDIR "/kcm.conf" - -extern krb5_context kcm_context; -extern char *socket_path; -extern char *door_path; -extern size_t max_request; -extern sig_atomic_t exit_flag; -extern int name_constraints; -extern int detach_from_console; -extern int disallow_getting_krbtgt; - -#if 0 -extern const krb5_cc_ops krb5_kcmss_ops; -#endif - -#include - -#endif /* __KCM_LOCL_H__ */ - diff --git a/crypto/heimdal/kcm/kcm_protos.h b/crypto/heimdal/kcm/kcm_protos.h deleted file mode 100644 index 0fcea7511f95..000000000000 --- a/crypto/heimdal/kcm/kcm_protos.h +++ /dev/null @@ -1,288 +0,0 @@ -/* This is a generated file */ -#ifndef __kcm_protos_h__ -#define __kcm_protos_h__ - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -krb5_error_code -kcm_access ( - krb5_context /*context*/, - kcm_client */*client*/, - kcm_operation /*opcode*/, - kcm_ccache /*ccache*/); - -krb5_error_code -kcm_ccache_acquire ( - krb5_context /*context*/, - kcm_ccache /*ccache*/, - krb5_creds **/*credp*/); - -krb5_error_code -kcm_ccache_destroy ( - krb5_context /*context*/, - const char */*name*/); - -krb5_error_code -kcm_ccache_destroy_client ( - krb5_context /*context*/, - kcm_client */*client*/, - const char */*name*/); - -krb5_error_code -kcm_ccache_destroy_if_empty ( - krb5_context /*context*/, - kcm_ccache /*ccache*/); - -krb5_error_code -kcm_ccache_enqueue_default ( - krb5_context /*context*/, - kcm_ccache /*ccache*/, - krb5_creds */*newcred*/); - -krb5_error_code -kcm_ccache_gen_new ( - krb5_context /*context*/, - pid_t /*pid*/, - uid_t /*uid*/, - gid_t /*gid*/, - kcm_ccache */*ccache*/); - -krb5_error_code -kcm_ccache_new ( - krb5_context /*context*/, - const char */*name*/, - kcm_ccache */*ccache*/); - -krb5_error_code -kcm_ccache_new_client ( - krb5_context /*context*/, - kcm_client */*client*/, - const char */*name*/, - kcm_ccache */*ccache_p*/); - -char *kcm_ccache_nextid ( - pid_t /*pid*/, - uid_t /*uid*/, - gid_t /*gid*/); - -krb5_error_code -kcm_ccache_refresh ( - krb5_context /*context*/, - kcm_ccache /*ccache*/, - krb5_creds **/*credp*/); - -krb5_error_code -kcm_ccache_remove_cred ( - krb5_context /*context*/, - kcm_ccache /*ccache*/, - krb5_flags /*whichfields*/, - const krb5_creds */*mcreds*/); - -krb5_error_code -kcm_ccache_remove_cred_internal ( - krb5_context /*context*/, - kcm_ccache /*ccache*/, - krb5_flags /*whichfields*/, - const krb5_creds */*mcreds*/); - -krb5_error_code -kcm_ccache_remove_creds ( - krb5_context /*context*/, - kcm_ccache /*ccache*/); - -krb5_error_code -kcm_ccache_remove_creds_internal ( - krb5_context /*context*/, - kcm_ccache /*ccache*/); - -krb5_error_code -kcm_ccache_resolve ( - krb5_context /*context*/, - const char */*name*/, - kcm_ccache */*ccache*/); - -krb5_error_code -kcm_ccache_resolve_client ( - krb5_context /*context*/, - kcm_client */*client*/, - kcm_operation /*opcode*/, - const char */*name*/, - kcm_ccache */*ccache*/); - -krb5_error_code -kcm_ccache_retrieve_cred ( - krb5_context /*context*/, - kcm_ccache /*ccache*/, - krb5_flags /*whichfields*/, - const krb5_creds */*mcreds*/, - krb5_creds **/*credp*/); - -krb5_error_code -kcm_ccache_retrieve_cred_internal ( - krb5_context /*context*/, - kcm_ccache /*ccache*/, - krb5_flags /*whichfields*/, - const krb5_creds */*mcreds*/, - krb5_creds **/*creds*/); - -krb5_error_code -kcm_ccache_store_cred ( - krb5_context /*context*/, - kcm_ccache /*ccache*/, - krb5_creds */*creds*/, - int /*copy*/); - -krb5_error_code -kcm_ccache_store_cred_internal ( - krb5_context /*context*/, - kcm_ccache /*ccache*/, - krb5_creds */*creds*/, - int /*copy*/, - krb5_creds **/*credp*/); - -krb5_error_code -kcm_chmod ( - krb5_context /*context*/, - kcm_client */*client*/, - kcm_ccache /*ccache*/, - uint16_t /*mode*/); - -krb5_error_code -kcm_chown ( - krb5_context /*context*/, - kcm_client */*client*/, - kcm_ccache /*ccache*/, - uid_t /*uid*/, - gid_t /*gid*/); - -krb5_error_code -kcm_cleanup_events ( - krb5_context /*context*/, - kcm_ccache /*ccache*/); - -void -kcm_configure ( - int /*argc*/, - char **/*argv*/); - -krb5_error_code -kcm_cursor_delete ( - krb5_context /*context*/, - pid_t /*pid*/, - kcm_ccache /*ccache*/, - uint32_t /*key*/); - -krb5_error_code -kcm_cursor_find ( - krb5_context /*context*/, - pid_t /*pid*/, - kcm_ccache /*ccache*/, - uint32_t /*key*/, - kcm_cursor **/*cursor*/); - -krb5_error_code -kcm_cursor_new ( - krb5_context /*context*/, - pid_t /*pid*/, - kcm_ccache /*ccache*/, - uint32_t */*cursor*/); - -krb5_error_code -kcm_debug_ccache (krb5_context /*context*/); - -krb5_error_code -kcm_debug_events (krb5_context /*context*/); - -krb5_error_code -kcm_dispatch ( - krb5_context /*context*/, - kcm_client */*client*/, - krb5_data */*req_data*/, - krb5_data */*resp_data*/); - -krb5_error_code -kcm_enqueue_event ( - krb5_context /*context*/, - kcm_event */*event*/); - -krb5_error_code -kcm_enqueue_event_internal ( - krb5_context /*context*/, - kcm_event */*event*/); - -krb5_error_code -kcm_enqueue_event_relative ( - krb5_context /*context*/, - kcm_event */*event*/); - -krb5_error_code -kcm_internal_ccache ( - krb5_context /*context*/, - kcm_ccache /*c*/, - krb5_ccache /*id*/); - -void -kcm_log ( - int /*level*/, - const char */*fmt*/, - ...); - -char* -kcm_log_msg ( - int /*level*/, - const char */*fmt*/, - ...); - -char* -kcm_log_msg_va ( - int /*level*/, - const char */*fmt*/, - va_list /*ap*/); - -void -kcm_loop (void); - -const char *kcm_op2string (kcm_operation /*opcode*/); - -void -kcm_openlog (void); - -krb5_error_code -kcm_release_ccache ( - krb5_context /*context*/, - kcm_ccache */*ccache*/); - -krb5_error_code -kcm_remove_event ( - krb5_context /*context*/, - kcm_event */*event*/); - -krb5_error_code -kcm_retain_ccache ( - krb5_context /*context*/, - kcm_ccache /*ccache*/); - -krb5_error_code -kcm_run_events ( - krb5_context /*context*/, - time_t /*now*/); - -krb5_error_code -kcm_zero_ccache_data ( - krb5_context /*context*/, - kcm_ccache /*cache*/); - -krb5_error_code -kcm_zero_ccache_data_internal ( - krb5_context /*context*/, - kcm_ccache_data */*cache*/); - -#ifdef __cplusplus -} -#endif - -#endif /* __kcm_protos_h__ */ diff --git a/crypto/heimdal/kcm/log.c b/crypto/heimdal/kcm/log.c deleted file mode 100644 index 351782eba87d..000000000000 --- a/crypto/heimdal/kcm/log.c +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kcm_locl.h" - -RCSID("$Id: log.c 14566 2005-02-06 01:22:49Z lukeh $"); - -static krb5_log_facility *logf; - -void -kcm_openlog(void) -{ - char **s = NULL, **p; - krb5_initlog(kcm_context, "kcm", &logf); - s = krb5_config_get_strings(kcm_context, NULL, "kcm", "logging", NULL); - if(s == NULL) - s = krb5_config_get_strings(kcm_context, NULL, "logging", "kcm", NULL); - if(s){ - for(p = s; *p; p++) - krb5_addlog_dest(kcm_context, logf, *p); - krb5_config_free_strings(s); - }else - krb5_addlog_dest(kcm_context, logf, DEFAULT_LOG_DEST); - krb5_set_warn_dest(kcm_context, logf); -} - -char* -kcm_log_msg_va(int level, const char *fmt, va_list ap) -{ - char *msg; - krb5_vlog_msg(kcm_context, logf, &msg, level, fmt, ap); - return msg; -} - -char* -kcm_log_msg(int level, const char *fmt, ...) -{ - va_list ap; - char *s; - va_start(ap, fmt); - s = kcm_log_msg_va(level, fmt, ap); - va_end(ap); - return s; -} - -void -kcm_log(int level, const char *fmt, ...) -{ - va_list ap; - char *s; - va_start(ap, fmt); - s = kcm_log_msg_va(level, fmt, ap); - if(s) free(s); - va_end(ap); -} diff --git a/crypto/heimdal/kcm/main.c b/crypto/heimdal/kcm/main.c deleted file mode 100644 index da88a2c653ce..000000000000 --- a/crypto/heimdal/kcm/main.c +++ /dev/null @@ -1,107 +0,0 @@ -/* - * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kcm_locl.h" - -RCSID("$Id: main.c 15298 2005-05-30 10:58:14Z lha $"); - -sig_atomic_t exit_flag = 0; - -krb5_context kcm_context = NULL; - -static RETSIGTYPE -sigterm(int sig) -{ - exit_flag = 1; -} - -static RETSIGTYPE -sigusr1(int sig) -{ - kcm_debug_ccache(kcm_context); -} - -static RETSIGTYPE -sigusr2(int sig) -{ - kcm_debug_events(kcm_context); -} - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - setprogname(argv[0]); - - ret = krb5_init_context(&kcm_context); - if (ret) { - errx (1, "krb5_init_context failed: %d", ret); - return ret; - } - - kcm_configure(argc, argv); - -#ifdef HAVE_SIGACTION - { - struct sigaction sa; - - sa.sa_flags = 0; - sa.sa_handler = sigterm; - sigemptyset(&sa.sa_mask); - - sigaction(SIGINT, &sa, NULL); - sigaction(SIGTERM, &sa, NULL); - - sa.sa_handler = sigusr1; - sigaction(SIGUSR1, &sa, NULL); - - sa.sa_handler = sigusr2; - sigaction(SIGUSR2, &sa, NULL); - - sa.sa_handler = SIG_IGN; - sigaction(SIGPIPE, &sa, NULL); - } -#else - signal(SIGINT, sigterm); - signal(SIGTERM, sigterm); - signal(SIGUSR1, sigusr1); - signal(SIGUSR2, sigusr2); - signal(SIGPIPE, SIG_IGN); -#endif - if (detach_from_console) - daemon(0, 0); - pidfile(NULL); - kcm_loop(); - krb5_free_context(kcm_context); - return 0; -} diff --git a/crypto/heimdal/kcm/protocol.c b/crypto/heimdal/kcm/protocol.c deleted file mode 100644 index bb3c6538f04c..000000000000 --- a/crypto/heimdal/kcm/protocol.c +++ /dev/null @@ -1,1046 +0,0 @@ -/* - * Copyright (c) 2005, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kcm_locl.h" - -RCSID("$Id: protocol.c 22112 2007-12-03 19:34:33Z lha $"); - -static krb5_error_code -kcm_op_noop(krb5_context context, - kcm_client *client, - kcm_operation opcode, - krb5_storage *request, - krb5_storage *response) -{ - KCM_LOG_REQUEST(context, client, opcode); - - return 0; -} - -/* - * Request: - * NameZ - * Response: - * NameZ - * - */ -static krb5_error_code -kcm_op_get_name(krb5_context context, - kcm_client *client, - kcm_operation opcode, - krb5_storage *request, - krb5_storage *response) - -{ - krb5_error_code ret; - char *name = NULL; - kcm_ccache ccache; - - ret = krb5_ret_stringz(request, &name); - if (ret) - return ret; - - KCM_LOG_REQUEST_NAME(context, client, opcode, name); - - ret = kcm_ccache_resolve_client(context, client, opcode, - name, &ccache); - if (ret) { - free(name); - return ret; - } - - ret = krb5_store_stringz(response, ccache->name); - if (ret) { - kcm_release_ccache(context, &ccache); - free(name); - return ret; - } - - free(name); - kcm_release_ccache(context, &ccache); - return 0; -} - -/* - * Request: - * - * Response: - * NameZ - */ -static krb5_error_code -kcm_op_gen_new(krb5_context context, - kcm_client *client, - kcm_operation opcode, - krb5_storage *request, - krb5_storage *response) -{ - krb5_error_code ret; - char *name; - - KCM_LOG_REQUEST(context, client, opcode); - - name = kcm_ccache_nextid(client->pid, client->uid, client->gid); - if (name == NULL) { - return KRB5_CC_NOMEM; - } - - ret = krb5_store_stringz(response, name); - free(name); - - return ret; -} - -/* - * Request: - * NameZ - * Principal - * - * Response: - * - */ -static krb5_error_code -kcm_op_initialize(krb5_context context, - kcm_client *client, - kcm_operation opcode, - krb5_storage *request, - krb5_storage *response) -{ - kcm_ccache ccache; - krb5_principal principal; - krb5_error_code ret; - char *name; -#if 0 - kcm_event event; -#endif - - KCM_LOG_REQUEST(context, client, opcode); - - ret = krb5_ret_stringz(request, &name); - if (ret) - return ret; - - ret = krb5_ret_principal(request, &principal); - if (ret) { - free(name); - return ret; - } - - ret = kcm_ccache_new_client(context, client, name, &ccache); - if (ret) { - free(name); - krb5_free_principal(context, principal); - return ret; - } - - ccache->client = principal; - - free(name); - -#if 0 - /* - * Create a new credentials cache. To mitigate DoS attacks we will - * expire it in 30 minutes unless it has some credentials added - * to it - */ - - event.fire_time = 30 * 60; - event.expire_time = 0; - event.backoff_time = 0; - event.action = KCM_EVENT_DESTROY_EMPTY_CACHE; - event.ccache = ccache; - - ret = kcm_enqueue_event_relative(context, &event); -#endif - - kcm_release_ccache(context, &ccache); - - return ret; -} - -/* - * Request: - * NameZ - * - * Response: - * - */ -static krb5_error_code -kcm_op_destroy(krb5_context context, - kcm_client *client, - kcm_operation opcode, - krb5_storage *request, - krb5_storage *response) -{ - krb5_error_code ret; - char *name; - - ret = krb5_ret_stringz(request, &name); - if (ret) - return ret; - - KCM_LOG_REQUEST_NAME(context, client, opcode, name); - - ret = kcm_ccache_destroy_client(context, client, name); - - free(name); - - return ret; -} - -/* - * Request: - * NameZ - * Creds - * - * Response: - * - */ -static krb5_error_code -kcm_op_store(krb5_context context, - kcm_client *client, - kcm_operation opcode, - krb5_storage *request, - krb5_storage *response) -{ - krb5_creds creds; - krb5_error_code ret; - kcm_ccache ccache; - char *name; - - ret = krb5_ret_stringz(request, &name); - if (ret) - return ret; - - KCM_LOG_REQUEST_NAME(context, client, opcode, name); - - ret = krb5_ret_creds(request, &creds); - if (ret) { - free(name); - return ret; - } - - ret = kcm_ccache_resolve_client(context, client, opcode, - name, &ccache); - if (ret) { - free(name); - krb5_free_cred_contents(context, &creds); - return ret; - } - - ret = kcm_ccache_store_cred(context, ccache, &creds, 0); - if (ret) { - free(name); - krb5_free_cred_contents(context, &creds); - kcm_release_ccache(context, &ccache); - return ret; - } - - kcm_ccache_enqueue_default(context, ccache, &creds); - - free(name); - kcm_release_ccache(context, &ccache); - - return 0; -} - -/* - * Request: - * NameZ - * WhichFields - * MatchCreds - * - * Response: - * Creds - * - */ -static krb5_error_code -kcm_op_retrieve(krb5_context context, - kcm_client *client, - kcm_operation opcode, - krb5_storage *request, - krb5_storage *response) -{ - uint32_t flags; - krb5_creds mcreds; - krb5_error_code ret; - kcm_ccache ccache; - char *name; - krb5_creds *credp; - int free_creds = 0; - - ret = krb5_ret_stringz(request, &name); - if (ret) - return ret; - - KCM_LOG_REQUEST_NAME(context, client, opcode, name); - - ret = krb5_ret_uint32(request, &flags); - if (ret) { - free(name); - return ret; - } - - ret = krb5_ret_creds_tag(request, &mcreds); - if (ret) { - free(name); - return ret; - } - - if (disallow_getting_krbtgt && - mcreds.server->name.name_string.len == 2 && - strcmp(mcreds.server->name.name_string.val[0], KRB5_TGS_NAME) == 0) - { - free(name); - krb5_free_cred_contents(context, &mcreds); - return KRB5_FCC_PERM; - } - - ret = kcm_ccache_resolve_client(context, client, opcode, - name, &ccache); - if (ret) { - free(name); - krb5_free_cred_contents(context, &mcreds); - return ret; - } - - ret = kcm_ccache_retrieve_cred(context, ccache, flags, - &mcreds, &credp); - if (ret && ((flags & KRB5_GC_CACHED) == 0)) { - krb5_ccache_data ccdata; - - /* try and acquire */ - HEIMDAL_MUTEX_lock(&ccache->mutex); - - /* Fake up an internal ccache */ - kcm_internal_ccache(context, ccache, &ccdata); - - /* glue cc layer will store creds */ - ret = krb5_get_credentials(context, 0, &ccdata, &mcreds, &credp); - if (ret == 0) - free_creds = 1; - - HEIMDAL_MUTEX_unlock(&ccache->mutex); - } - - if (ret == 0) { - ret = krb5_store_creds(response, credp); - } - - free(name); - krb5_free_cred_contents(context, &mcreds); - kcm_release_ccache(context, &ccache); - - if (free_creds) - krb5_free_cred_contents(context, credp); - - return ret; -} - -/* - * Request: - * NameZ - * - * Response: - * Principal - */ -static krb5_error_code -kcm_op_get_principal(krb5_context context, - kcm_client *client, - kcm_operation opcode, - krb5_storage *request, - krb5_storage *response) -{ - krb5_error_code ret; - kcm_ccache ccache; - char *name; - - ret = krb5_ret_stringz(request, &name); - if (ret) - return ret; - - KCM_LOG_REQUEST_NAME(context, client, opcode, name); - - ret = kcm_ccache_resolve_client(context, client, opcode, - name, &ccache); - if (ret) { - free(name); - return ret; - } - - if (ccache->client == NULL) - ret = KRB5_CC_NOTFOUND; - else - ret = krb5_store_principal(response, ccache->client); - - free(name); - kcm_release_ccache(context, &ccache); - - return 0; -} - -/* - * Request: - * NameZ - * - * Response: - * Cursor - * - */ -static krb5_error_code -kcm_op_get_first(krb5_context context, - kcm_client *client, - kcm_operation opcode, - krb5_storage *request, - krb5_storage *response) -{ - krb5_error_code ret; - kcm_ccache ccache; - uint32_t cursor; - char *name; - - ret = krb5_ret_stringz(request, &name); - if (ret) - return ret; - - KCM_LOG_REQUEST_NAME(context, client, opcode, name); - - ret = kcm_ccache_resolve_client(context, client, opcode, - name, &ccache); - if (ret) { - free(name); - return ret; - } - - ret = kcm_cursor_new(context, client->pid, ccache, &cursor); - if (ret) { - kcm_release_ccache(context, &ccache); - free(name); - return ret; - } - - ret = krb5_store_int32(response, cursor); - - free(name); - kcm_release_ccache(context, &ccache); - - return ret; -} - -/* - * Request: - * NameZ - * Cursor - * - * Response: - * Creds - */ -static krb5_error_code -kcm_op_get_next(krb5_context context, - kcm_client *client, - kcm_operation opcode, - krb5_storage *request, - krb5_storage *response) -{ - krb5_error_code ret; - kcm_ccache ccache; - char *name; - uint32_t cursor; - kcm_cursor *c; - - ret = krb5_ret_stringz(request, &name); - if (ret) - return ret; - - KCM_LOG_REQUEST_NAME(context, client, opcode, name); - - ret = krb5_ret_uint32(request, &cursor); - if (ret) { - free(name); - return ret; - } - - ret = kcm_ccache_resolve_client(context, client, opcode, - name, &ccache); - if (ret) { - free(name); - return ret; - } - - ret = kcm_cursor_find(context, client->pid, ccache, cursor, &c); - if (ret) { - kcm_release_ccache(context, &ccache); - free(name); - return ret; - } - - HEIMDAL_MUTEX_lock(&ccache->mutex); - if (c->credp == NULL) { - ret = KRB5_CC_END; - } else { - ret = krb5_store_creds(response, &c->credp->cred); - c->credp = c->credp->next; - } - HEIMDAL_MUTEX_unlock(&ccache->mutex); - - free(name); - kcm_release_ccache(context, &ccache); - - return ret; -} - -/* - * Request: - * NameZ - * Cursor - * - * Response: - * - */ -static krb5_error_code -kcm_op_end_get(krb5_context context, - kcm_client *client, - kcm_operation opcode, - krb5_storage *request, - krb5_storage *response) -{ - krb5_error_code ret; - kcm_ccache ccache; - uint32_t cursor; - char *name; - - ret = krb5_ret_stringz(request, &name); - if (ret) - return ret; - - KCM_LOG_REQUEST_NAME(context, client, opcode, name); - - ret = krb5_ret_uint32(request, &cursor); - if (ret) { - free(name); - return ret; - } - - ret = kcm_ccache_resolve_client(context, client, opcode, - name, &ccache); - if (ret) { - free(name); - return ret; - } - - ret = kcm_cursor_delete(context, client->pid, ccache, cursor); - - free(name); - kcm_release_ccache(context, &ccache); - - return ret; -} - -/* - * Request: - * NameZ - * WhichFields - * MatchCreds - * - * Response: - * - */ -static krb5_error_code -kcm_op_remove_cred(krb5_context context, - kcm_client *client, - kcm_operation opcode, - krb5_storage *request, - krb5_storage *response) -{ - uint32_t whichfields; - krb5_creds mcreds; - krb5_error_code ret; - kcm_ccache ccache; - char *name; - - ret = krb5_ret_stringz(request, &name); - if (ret) - return ret; - - KCM_LOG_REQUEST_NAME(context, client, opcode, name); - - ret = krb5_ret_uint32(request, &whichfields); - if (ret) { - free(name); - return ret; - } - - ret = krb5_ret_creds_tag(request, &mcreds); - if (ret) { - free(name); - return ret; - } - - ret = kcm_ccache_resolve_client(context, client, opcode, - name, &ccache); - if (ret) { - free(name); - krb5_free_cred_contents(context, &mcreds); - return ret; - } - - ret = kcm_ccache_remove_cred(context, ccache, whichfields, &mcreds); - - /* XXX need to remove any events that match */ - - free(name); - krb5_free_cred_contents(context, &mcreds); - kcm_release_ccache(context, &ccache); - - return ret; -} - -/* - * Request: - * NameZ - * Flags - * - * Response: - * - */ -static krb5_error_code -kcm_op_set_flags(krb5_context context, - kcm_client *client, - kcm_operation opcode, - krb5_storage *request, - krb5_storage *response) -{ - uint32_t flags; - krb5_error_code ret; - kcm_ccache ccache; - char *name; - - ret = krb5_ret_stringz(request, &name); - if (ret) - return ret; - - KCM_LOG_REQUEST_NAME(context, client, opcode, name); - - ret = krb5_ret_uint32(request, &flags); - if (ret) { - free(name); - return ret; - } - - ret = kcm_ccache_resolve_client(context, client, opcode, - name, &ccache); - if (ret) { - free(name); - return ret; - } - - /* we don't really support any flags yet */ - free(name); - kcm_release_ccache(context, &ccache); - - return 0; -} - -/* - * Request: - * NameZ - * UID - * GID - * - * Response: - * - */ -static krb5_error_code -kcm_op_chown(krb5_context context, - kcm_client *client, - kcm_operation opcode, - krb5_storage *request, - krb5_storage *response) -{ - uint32_t uid; - uint32_t gid; - krb5_error_code ret; - kcm_ccache ccache; - char *name; - - ret = krb5_ret_stringz(request, &name); - if (ret) - return ret; - - KCM_LOG_REQUEST_NAME(context, client, opcode, name); - - ret = krb5_ret_uint32(request, &uid); - if (ret) { - free(name); - return ret; - } - - ret = krb5_ret_uint32(request, &gid); - if (ret) { - free(name); - return ret; - } - - ret = kcm_ccache_resolve_client(context, client, opcode, - name, &ccache); - if (ret) { - free(name); - return ret; - } - - ret = kcm_chown(context, client, ccache, uid, gid); - - free(name); - kcm_release_ccache(context, &ccache); - - return ret; -} - -/* - * Request: - * NameZ - * Mode - * - * Response: - * - */ -static krb5_error_code -kcm_op_chmod(krb5_context context, - kcm_client *client, - kcm_operation opcode, - krb5_storage *request, - krb5_storage *response) -{ - uint16_t mode; - krb5_error_code ret; - kcm_ccache ccache; - char *name; - - ret = krb5_ret_stringz(request, &name); - if (ret) - return ret; - - KCM_LOG_REQUEST_NAME(context, client, opcode, name); - - ret = krb5_ret_uint16(request, &mode); - if (ret) { - free(name); - return ret; - } - - ret = kcm_ccache_resolve_client(context, client, opcode, - name, &ccache); - if (ret) { - free(name); - return ret; - } - - ret = kcm_chmod(context, client, ccache, mode); - - free(name); - kcm_release_ccache(context, &ccache); - - return ret; -} - -/* - * Protocol extensions for moving ticket acquisition responsibility - * from client to KCM follow. - */ - -/* - * Request: - * NameZ - * ServerPrincipalPresent - * ServerPrincipal OPTIONAL - * Key - * - * Repsonse: - * - */ -static krb5_error_code -kcm_op_get_initial_ticket(krb5_context context, - kcm_client *client, - kcm_operation opcode, - krb5_storage *request, - krb5_storage *response) -{ - krb5_error_code ret; - kcm_ccache ccache; - char *name; - int8_t not_tgt = 0; - krb5_principal server = NULL; - krb5_keyblock key; - - krb5_keyblock_zero(&key); - - ret = krb5_ret_stringz(request, &name); - if (ret) - return ret; - - KCM_LOG_REQUEST_NAME(context, client, opcode, name); - - ret = krb5_ret_int8(request, ¬_tgt); - if (ret) { - free(name); - return ret; - } - - if (not_tgt) { - ret = krb5_ret_principal(request, &server); - if (ret) { - free(name); - return ret; - } - } - - ret = krb5_ret_keyblock(request, &key); - if (ret) { - free(name); - if (server != NULL) - krb5_free_principal(context, server); - return ret; - } - - ret = kcm_ccache_resolve_client(context, client, opcode, - name, &ccache); - if (ret == 0) { - HEIMDAL_MUTEX_lock(&ccache->mutex); - - if (ccache->server != NULL) { - krb5_free_principal(context, ccache->server); - ccache->server = NULL; - } - - krb5_free_keyblock(context, &ccache->key.keyblock); - - ccache->server = server; - ccache->key.keyblock = key; - ccache->flags |= KCM_FLAGS_USE_CACHED_KEY; - - ret = kcm_ccache_enqueue_default(context, ccache, NULL); - if (ret) { - ccache->server = NULL; - krb5_keyblock_zero(&ccache->key.keyblock); - ccache->flags &= ~(KCM_FLAGS_USE_CACHED_KEY); - } - - HEIMDAL_MUTEX_unlock(&ccache->mutex); - } - - free(name); - - if (ret != 0) { - krb5_free_principal(context, server); - krb5_free_keyblock(context, &key); - } - - kcm_release_ccache(context, &ccache); - - return ret; -} - -/* - * Request: - * NameZ - * ServerPrincipal - * KDCFlags - * EncryptionType - * - * Repsonse: - * - */ -static krb5_error_code -kcm_op_get_ticket(krb5_context context, - kcm_client *client, - kcm_operation opcode, - krb5_storage *request, - krb5_storage *response) -{ - krb5_error_code ret; - kcm_ccache ccache; - char *name; - krb5_principal server = NULL; - krb5_ccache_data ccdata; - krb5_creds in, *out; - krb5_kdc_flags flags; - - memset(&in, 0, sizeof(in)); - - ret = krb5_ret_stringz(request, &name); - if (ret) - return ret; - - KCM_LOG_REQUEST_NAME(context, client, opcode, name); - - ret = krb5_ret_uint32(request, &flags.i); - if (ret) { - free(name); - return ret; - } - - ret = krb5_ret_int32(request, &in.session.keytype); - if (ret) { - free(name); - return ret; - } - - ret = krb5_ret_principal(request, &server); - if (ret) { - free(name); - return ret; - } - - ret = kcm_ccache_resolve_client(context, client, opcode, - name, &ccache); - if (ret) { - krb5_free_principal(context, server); - free(name); - return ret; - } - - HEIMDAL_MUTEX_lock(&ccache->mutex); - - /* Fake up an internal ccache */ - kcm_internal_ccache(context, ccache, &ccdata); - - in.client = ccache->client; - in.server = server; - in.times.endtime = 0; - - /* glue cc layer will store creds */ - ret = krb5_get_credentials_with_flags(context, 0, flags, - &ccdata, &in, &out); - - HEIMDAL_MUTEX_unlock(&ccache->mutex); - - if (ret == 0) - krb5_free_cred_contents(context, out); - - free(name); - - return ret; -} - -static struct kcm_op kcm_ops[] = { - { "NOOP", kcm_op_noop }, - { "GET_NAME", kcm_op_get_name }, - { "RESOLVE", kcm_op_noop }, - { "GEN_NEW", kcm_op_gen_new }, - { "INITIALIZE", kcm_op_initialize }, - { "DESTROY", kcm_op_destroy }, - { "STORE", kcm_op_store }, - { "RETRIEVE", kcm_op_retrieve }, - { "GET_PRINCIPAL", kcm_op_get_principal }, - { "GET_FIRST", kcm_op_get_first }, - { "GET_NEXT", kcm_op_get_next }, - { "END_GET", kcm_op_end_get }, - { "REMOVE_CRED", kcm_op_remove_cred }, - { "SET_FLAGS", kcm_op_set_flags }, - { "CHOWN", kcm_op_chown }, - { "CHMOD", kcm_op_chmod }, - { "GET_INITIAL_TICKET", kcm_op_get_initial_ticket }, - { "GET_TICKET", kcm_op_get_ticket } -}; - - -const char *kcm_op2string(kcm_operation opcode) -{ - if (opcode >= sizeof(kcm_ops)/sizeof(kcm_ops[0])) - return "Unknown operation"; - - return kcm_ops[opcode].name; -} - -krb5_error_code -kcm_dispatch(krb5_context context, - kcm_client *client, - krb5_data *req_data, - krb5_data *resp_data) -{ - krb5_error_code ret; - kcm_method method; - krb5_storage *req_sp = NULL; - krb5_storage *resp_sp = NULL; - uint16_t opcode; - - resp_sp = krb5_storage_emem(); - if (resp_sp == NULL) { - return ENOMEM; - } - - if (client->pid == -1) { - kcm_log(0, "Client had invalid process number"); - ret = KRB5_FCC_INTERNAL; - goto out; - } - - req_sp = krb5_storage_from_data(req_data); - if (req_sp == NULL) { - kcm_log(0, "Process %d: failed to initialize storage from data", - client->pid); - ret = KRB5_CC_IO; - goto out; - } - - ret = krb5_ret_uint16(req_sp, &opcode); - if (ret) { - kcm_log(0, "Process %d: didn't send a message", client->pid); - goto out; - } - - if (opcode >= sizeof(kcm_ops)/sizeof(kcm_ops[0])) { - kcm_log(0, "Process %d: invalid operation code %d", - client->pid, opcode); - ret = KRB5_FCC_INTERNAL; - goto out; - } - method = kcm_ops[opcode].method; - - /* seek past place for status code */ - krb5_storage_seek(resp_sp, 4, SEEK_SET); - - ret = (*method)(context, client, opcode, req_sp, resp_sp); - -out: - if (req_sp != NULL) { - krb5_storage_free(req_sp); - } - - krb5_storage_seek(resp_sp, 0, SEEK_SET); - krb5_store_int32(resp_sp, ret); - - ret = krb5_storage_to_data(resp_sp, resp_data); - krb5_storage_free(resp_sp); - - return ret; -} - diff --git a/crypto/heimdal/kcm/renew.c b/crypto/heimdal/kcm/renew.c deleted file mode 100644 index 945020913503..000000000000 --- a/crypto/heimdal/kcm/renew.c +++ /dev/null @@ -1,124 +0,0 @@ -/* - * Copyright (c) 2005, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kcm_locl.h" - -RCSID("$Id: renew.c 14566 2005-02-06 01:22:49Z lukeh $"); - -krb5_error_code -kcm_ccache_refresh(krb5_context context, - kcm_ccache ccache, - krb5_creds **credp) -{ - krb5_error_code ret; - krb5_creds in, *out; - krb5_kdc_flags flags; - krb5_const_realm realm; - krb5_ccache_data ccdata; - - memset(&in, 0, sizeof(in)); - - KCM_ASSERT_VALID(ccache); - - if (ccache->client == NULL) { - /* no primary principal */ - kcm_log(0, "Refresh credentials requested but no client principal"); - return KRB5_CC_NOTFOUND; - } - - HEIMDAL_MUTEX_lock(&ccache->mutex); - - /* Fake up an internal ccache */ - kcm_internal_ccache(context, ccache, &ccdata); - - /* Find principal */ - in.client = ccache->client; - - if (ccache->server != NULL) { - ret = krb5_copy_principal(context, ccache->server, &in.server); - if (ret) { - kcm_log(0, "Failed to copy service principal: %s", - krb5_get_err_text(context, ret)); - goto out; - } - } else { - realm = krb5_principal_get_realm(context, in.client); - ret = krb5_make_principal(context, &in.server, realm, - KRB5_TGS_NAME, realm, NULL); - if (ret) { - kcm_log(0, "Failed to make TGS principal for realm %s: %s", - realm, krb5_get_err_text(context, ret)); - goto out; - } - } - - if (ccache->tkt_life) - in.times.endtime = time(NULL) + ccache->tkt_life; - if (ccache->renew_life) - in.times.renew_till = time(NULL) + ccache->renew_life; - - flags.i = 0; - flags.b.renewable = TRUE; - flags.b.renew = TRUE; - - ret = krb5_get_kdc_cred(context, - &ccdata, - flags, - NULL, - NULL, - &in, - &out); - if (ret) { - kcm_log(0, "Failed to renew credentials for cache %s: %s", - ccache->name, krb5_get_err_text(context, ret)); - goto out; - } - - /* Swap them in */ - kcm_ccache_remove_creds_internal(context, ccache); - - ret = kcm_ccache_store_cred_internal(context, ccache, out, 0, credp); - if (ret) { - kcm_log(0, "Failed to store credentials for cache %s: %s", - ccache->name, krb5_get_err_text(context, ret)); - krb5_free_creds(context, out); - goto out; - } - - free(out); /* but not contents */ - -out: - HEIMDAL_MUTEX_unlock(&ccache->mutex); - - return ret; -} - diff --git a/crypto/heimdal/kdc/524.c b/crypto/heimdal/kdc/524.c deleted file mode 100644 index 3e4ad292537b..000000000000 --- a/crypto/heimdal/kdc/524.c +++ /dev/null @@ -1,400 +0,0 @@ -/* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" - -RCSID("$Id: 524.c 18270 2006-10-06 17:06:30Z lha $"); - -#include - -/* - * fetch the server from `t', returning the name in malloced memory in - * `spn' and the entry itself in `server' - */ - -static krb5_error_code -fetch_server (krb5_context context, - krb5_kdc_configuration *config, - const Ticket *t, - char **spn, - hdb_entry_ex **server, - const char *from) -{ - krb5_error_code ret; - krb5_principal sprinc; - - ret = _krb5_principalname2krb5_principal(context, &sprinc, - t->sname, t->realm); - if (ret) { - kdc_log(context, config, 0, "_krb5_principalname2krb5_principal: %s", - krb5_get_err_text(context, ret)); - return ret; - } - ret = krb5_unparse_name(context, sprinc, spn); - if (ret) { - krb5_free_principal(context, sprinc); - kdc_log(context, config, 0, "krb5_unparse_name: %s", - krb5_get_err_text(context, ret)); - return ret; - } - ret = _kdc_db_fetch(context, config, sprinc, HDB_F_GET_SERVER, - NULL, server); - krb5_free_principal(context, sprinc); - if (ret) { - kdc_log(context, config, 0, - "Request to convert ticket from %s for unknown principal %s: %s", - from, *spn, krb5_get_err_text(context, ret)); - if (ret == HDB_ERR_NOENTRY) - ret = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN; - return ret; - } - return 0; -} - -static krb5_error_code -log_524 (krb5_context context, - krb5_kdc_configuration *config, - const EncTicketPart *et, - const char *from, - const char *spn) -{ - krb5_principal client; - char *cpn; - krb5_error_code ret; - - ret = _krb5_principalname2krb5_principal(context, &client, - et->cname, et->crealm); - if (ret) { - kdc_log(context, config, 0, "_krb5_principalname2krb5_principal: %s", - krb5_get_err_text (context, ret)); - return ret; - } - ret = krb5_unparse_name(context, client, &cpn); - if (ret) { - krb5_free_principal(context, client); - kdc_log(context, config, 0, "krb5_unparse_name: %s", - krb5_get_err_text (context, ret)); - return ret; - } - kdc_log(context, config, 1, "524-REQ %s from %s for %s", cpn, from, spn); - free(cpn); - krb5_free_principal(context, client); - return 0; -} - -static krb5_error_code -verify_flags (krb5_context context, - krb5_kdc_configuration *config, - const EncTicketPart *et, - const char *spn) -{ - if(et->endtime < kdc_time){ - kdc_log(context, config, 0, "Ticket expired (%s)", spn); - return KRB5KRB_AP_ERR_TKT_EXPIRED; - } - if(et->flags.invalid){ - kdc_log(context, config, 0, "Ticket not valid (%s)", spn); - return KRB5KRB_AP_ERR_TKT_NYV; - } - return 0; -} - -/* - * set the `et->caddr' to the most appropriate address to use, where - * `addr' is the address the request was received from. - */ - -static krb5_error_code -set_address (krb5_context context, - krb5_kdc_configuration *config, - EncTicketPart *et, - struct sockaddr *addr, - const char *from) -{ - krb5_error_code ret; - krb5_address *v4_addr; - - v4_addr = malloc (sizeof(*v4_addr)); - if (v4_addr == NULL) - return ENOMEM; - - ret = krb5_sockaddr2address(context, addr, v4_addr); - if(ret) { - free (v4_addr); - kdc_log(context, config, 0, "Failed to convert address (%s)", from); - return ret; - } - - if (et->caddr && !krb5_address_search (context, v4_addr, et->caddr)) { - kdc_log(context, config, 0, "Incorrect network address (%s)", from); - krb5_free_address(context, v4_addr); - free (v4_addr); - return KRB5KRB_AP_ERR_BADADDR; - } - if(v4_addr->addr_type == KRB5_ADDRESS_INET) { - /* we need to collapse the addresses in the ticket to a - single address; best guess is to use the address the - connection came from */ - - if (et->caddr != NULL) { - free_HostAddresses(et->caddr); - } else { - et->caddr = malloc (sizeof (*et->caddr)); - if (et->caddr == NULL) { - krb5_free_address(context, v4_addr); - free(v4_addr); - return ENOMEM; - } - } - et->caddr->val = v4_addr; - et->caddr->len = 1; - } else { - krb5_free_address(context, v4_addr); - free(v4_addr); - } - return 0; -} - - -static krb5_error_code -encrypt_v4_ticket(krb5_context context, - krb5_kdc_configuration *config, - void *buf, - size_t len, - krb5_keyblock *skey, - EncryptedData *reply) -{ - krb5_crypto crypto; - krb5_error_code ret; - ret = krb5_crypto_init(context, skey, ETYPE_DES_PCBC_NONE, &crypto); - if (ret) { - free(buf); - kdc_log(context, config, 0, "krb5_crypto_init failed: %s", - krb5_get_err_text(context, ret)); - return ret; - } - - ret = krb5_encrypt_EncryptedData(context, - crypto, - KRB5_KU_TICKET, - buf, - len, - 0, - reply); - krb5_crypto_destroy(context, crypto); - if(ret) { - kdc_log(context, config, 0, "Failed to encrypt data: %s", - krb5_get_err_text(context, ret)); - return ret; - } - return 0; -} - -static krb5_error_code -encode_524_response(krb5_context context, - krb5_kdc_configuration *config, - const char *spn, const EncTicketPart et, - const Ticket *t, hdb_entry_ex *server, - EncryptedData *ticket, int *kvno) -{ - krb5_error_code ret; - int use_2b; - size_t len; - - use_2b = krb5_config_get_bool(context, NULL, "kdc", "use_2b", spn, NULL); - if(use_2b) { - ASN1_MALLOC_ENCODE(EncryptedData, - ticket->cipher.data, ticket->cipher.length, - &t->enc_part, &len, ret); - - if (ret) { - kdc_log(context, config, 0, - "Failed to encode v4 (2b) ticket (%s)", spn); - return ret; - } - - ticket->etype = 0; - ticket->kvno = NULL; - *kvno = 213; /* 2b's use this magic kvno */ - } else { - unsigned char buf[MAX_KTXT_LEN + 4 * 4]; - Key *skey; - - if (!config->enable_v4_cross_realm && strcmp (et.crealm, t->realm) != 0) { - kdc_log(context, config, 0, "524 cross-realm %s -> %s disabled", et.crealm, - t->realm); - return KRB5KDC_ERR_POLICY; - } - - ret = _kdc_encode_v4_ticket(context, config, - buf + sizeof(buf) - 1, sizeof(buf), - &et, &t->sname, &len); - if(ret){ - kdc_log(context, config, 0, - "Failed to encode v4 ticket (%s)", spn); - return ret; - } - ret = _kdc_get_des_key(context, server, TRUE, FALSE, &skey); - if(ret){ - kdc_log(context, config, 0, - "no suitable DES key for server (%s)", spn); - return ret; - } - ret = encrypt_v4_ticket(context, config, buf + sizeof(buf) - len, len, - &skey->key, ticket); - if(ret){ - kdc_log(context, config, 0, - "Failed to encrypt v4 ticket (%s)", spn); - return ret; - } - *kvno = server->entry.kvno; - } - - return 0; -} - -/* - * process a 5->4 request, based on `t', and received `from, addr', - * returning the reply in `reply' - */ - -krb5_error_code -_kdc_do_524(krb5_context context, - krb5_kdc_configuration *config, - const Ticket *t, krb5_data *reply, - const char *from, struct sockaddr *addr) -{ - krb5_error_code ret = 0; - krb5_crypto crypto; - hdb_entry_ex *server = NULL; - Key *skey; - krb5_data et_data; - EncTicketPart et; - EncryptedData ticket; - krb5_storage *sp; - char *spn = NULL; - unsigned char buf[MAX_KTXT_LEN + 4 * 4]; - size_t len; - int kvno = 0; - - if(!config->enable_524) { - ret = KRB5KDC_ERR_POLICY; - kdc_log(context, config, 0, - "Rejected ticket conversion request from %s", from); - goto out; - } - - ret = fetch_server (context, config, t, &spn, &server, from); - if (ret) { - goto out; - } - - ret = hdb_enctype2key(context, &server->entry, t->enc_part.etype, &skey); - if(ret){ - kdc_log(context, config, 0, - "No suitable key found for server (%s) from %s", spn, from); - goto out; - } - ret = krb5_crypto_init(context, &skey->key, 0, &crypto); - if (ret) { - kdc_log(context, config, 0, "krb5_crypto_init failed: %s", - krb5_get_err_text(context, ret)); - goto out; - } - ret = krb5_decrypt_EncryptedData (context, - crypto, - KRB5_KU_TICKET, - &t->enc_part, - &et_data); - krb5_crypto_destroy(context, crypto); - if(ret){ - kdc_log(context, config, 0, - "Failed to decrypt ticket from %s for %s", from, spn); - goto out; - } - ret = krb5_decode_EncTicketPart(context, et_data.data, et_data.length, - &et, &len); - krb5_data_free(&et_data); - if(ret){ - kdc_log(context, config, 0, - "Failed to decode ticket from %s for %s", from, spn); - goto out; - } - - ret = log_524 (context, config, &et, from, spn); - if (ret) { - free_EncTicketPart(&et); - goto out; - } - - ret = verify_flags (context, config, &et, spn); - if (ret) { - free_EncTicketPart(&et); - goto out; - } - - ret = set_address (context, config, &et, addr, from); - if (ret) { - free_EncTicketPart(&et); - goto out; - } - - ret = encode_524_response(context, config, spn, et, t, - server, &ticket, &kvno); - free_EncTicketPart(&et); - - out: - /* make reply */ - memset(buf, 0, sizeof(buf)); - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp) { - krb5_store_int32(sp, ret); - if(ret == 0){ - krb5_store_int32(sp, kvno); - krb5_store_data(sp, ticket.cipher); - /* Aargh! This is coded as a KTEXT_ST. */ - krb5_storage_seek(sp, MAX_KTXT_LEN - ticket.cipher.length, SEEK_CUR); - krb5_store_int32(sp, 0); /* mbz */ - free_EncryptedData(&ticket); - } - ret = krb5_storage_to_data(sp, reply); - reply->length = krb5_storage_seek(sp, 0, SEEK_CUR); - krb5_storage_free(sp); - } else - krb5_data_zero(reply); - if(spn) - free(spn); - if(server) - _kdc_free_ent (context, server); - return ret; -} diff --git a/crypto/heimdal/kdc/Makefile.am b/crypto/heimdal/kdc/Makefile.am deleted file mode 100644 index ff20bde9c572..000000000000 --- a/crypto/heimdal/kdc/Makefile.am +++ /dev/null @@ -1,122 +0,0 @@ -# $Id: Makefile.am 22489 2008-01-21 11:49:06Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_krb4) $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 - -lib_LTLIBRARIES = libkdc.la - -bin_PROGRAMS = string2key - -sbin_PROGRAMS = kstash - -libexec_PROGRAMS = hprop hpropd kdc - -noinst_PROGRAMS = kdc-replay - -man_MANS = kdc.8 kstash.8 hprop.8 hpropd.8 string2key.8 - -hprop_SOURCES = hprop.c mit_dump.c v4_dump.c hprop.h kadb.h -hpropd_SOURCES = hpropd.c hprop.h - -kstash_SOURCES = kstash.c headers.h - -string2key_SOURCES = string2key.c headers.h - -kdc_SOURCES = connect.c \ - config.c \ - main.c - -libkdc_la_SOURCES = \ - kdc-private.h \ - kdc-protos.h \ - default_config.c \ - set_dbinfo.c \ - digest.c \ - kdc_locl.h \ - kerberos5.c \ - krb5tgs.c \ - pkinit.c \ - log.c \ - misc.c \ - 524.c \ - kerberos4.c \ - kaserver.c \ - kx509.c \ - process.c \ - windc.c \ - rx.h - - -$(libkdc_la_OBJECTS): $(srcdir)/kdc-protos.h $(srcdir)/kdc-private.h - -libkdc_la_LDFLAGS = -version-info 2:0:0 - -if versionscript -libkdc_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map -endif -$(libkdc_la_OBJECTS): $(srcdir)/version-script.map - -$(srcdir)/kdc-protos.h: - cd $(srcdir) && perl ../cf/make-proto.pl -q -P comment -o kdc-protos.h $(libkdc_la_SOURCES) || rm -f kdc-protos.h - -$(srcdir)/kdc-private.h: - cd $(srcdir) && perl ../cf/make-proto.pl -q -P comment -p kdc-private.h $(libkdc_la_SOURCES) || rm -f kdc-private.h - - -hprop_LDADD = \ - $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_kdb) $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) \ - $(DBLIB) - -hpropd_LDADD = \ - $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_kdb) $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) \ - $(DBLIB) - -if PKINIT -LIB_pkinit = $(top_builddir)/lib/hx509/libhx509.la -endif - -libkdc_la_LIBADD = \ - $(LIB_pkinit) \ - $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_kdb) $(LIB_krb4) \ - $(top_builddir)/lib/ntlm/libheimntlm.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) \ - $(DBLIB) - -LDADD = $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) \ - $(DBLIB) - -kdc_LDADD = libkdc.la $(LDADD) $(LIB_pidfile) -kdc_replay_LDADD = $(kdc_LDADD) - -include_HEADERS = kdc.h kdc-protos.h - -krb5dir = $(includedir)/krb5 -krb5_HEADERS = windc_plugin.h - -build_HEADERZ = $(krb5_HEADERS) # XXX - -EXTRA_DIST = $(man_MANS) version-script.map diff --git a/crypto/heimdal/kdc/Makefile.in b/crypto/heimdal/kdc/Makefile.in deleted file mode 100644 index d7e623afe7e3..000000000000 --- a/crypto/heimdal/kdc/Makefile.in +++ /dev/null @@ -1,1151 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22489 2008-01-21 11:49:06Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - - - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(include_HEADERS) $(krb5_HEADERS) $(srcdir)/Makefile.am \ - $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -bin_PROGRAMS = string2key$(EXEEXT) -sbin_PROGRAMS = kstash$(EXEEXT) -libexec_PROGRAMS = hprop$(EXEEXT) hpropd$(EXEEXT) kdc$(EXEEXT) -noinst_PROGRAMS = kdc-replay$(EXEEXT) -@versionscript_TRUE@am__append_1 = $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map -subdir = kdc -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" \ - "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(sbindir)" \ - "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(includedir)" \ - "$(DESTDIR)$(krb5dir)" -libLTLIBRARIES_INSTALL = $(INSTALL) -LTLIBRARIES = $(lib_LTLIBRARIES) -am__DEPENDENCIES_1 = -libkdc_la_DEPENDENCIES = $(LIB_pkinit) \ - $(top_builddir)/lib/hdb/libhdb.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/ntlm/libheimntlm.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -am_libkdc_la_OBJECTS = default_config.lo set_dbinfo.lo digest.lo \ - kerberos5.lo krb5tgs.lo pkinit.lo log.lo misc.lo 524.lo \ - kerberos4.lo kaserver.lo kx509.lo process.lo windc.lo -libkdc_la_OBJECTS = $(am_libkdc_la_OBJECTS) -libkdc_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(libkdc_la_LDFLAGS) $(LDFLAGS) -o $@ -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(bin_PROGRAMS) $(libexec_PROGRAMS) $(noinst_PROGRAMS) \ - $(sbin_PROGRAMS) -am_hprop_OBJECTS = hprop.$(OBJEXT) mit_dump.$(OBJEXT) \ - v4_dump.$(OBJEXT) -hprop_OBJECTS = $(am_hprop_OBJECTS) -hprop_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -am_hpropd_OBJECTS = hpropd.$(OBJEXT) -hpropd_OBJECTS = $(am_hpropd_OBJECTS) -hpropd_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -am_kdc_OBJECTS = connect.$(OBJEXT) config.$(OBJEXT) main.$(OBJEXT) -kdc_OBJECTS = $(am_kdc_OBJECTS) -am__DEPENDENCIES_2 = $(top_builddir)/lib/hdb/libhdb.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -kdc_DEPENDENCIES = libkdc.la $(am__DEPENDENCIES_2) \ - $(am__DEPENDENCIES_1) -kdc_replay_SOURCES = kdc-replay.c -kdc_replay_OBJECTS = kdc-replay.$(OBJEXT) -am__DEPENDENCIES_3 = libkdc.la $(am__DEPENDENCIES_2) \ - $(am__DEPENDENCIES_1) -kdc_replay_DEPENDENCIES = $(am__DEPENDENCIES_3) -am_kstash_OBJECTS = kstash.$(OBJEXT) -kstash_OBJECTS = $(am_kstash_OBJECTS) -kstash_LDADD = $(LDADD) -kstash_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -am_string2key_OBJECTS = string2key.$(OBJEXT) -string2key_OBJECTS = $(am_string2key_OBJECTS) -string2key_LDADD = $(LDADD) -string2key_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(libkdc_la_SOURCES) $(hprop_SOURCES) $(hpropd_SOURCES) \ - $(kdc_SOURCES) kdc-replay.c $(kstash_SOURCES) \ - $(string2key_SOURCES) -DIST_SOURCES = $(libkdc_la_SOURCES) $(hprop_SOURCES) $(hpropd_SOURCES) \ - $(kdc_SOURCES) kdc-replay.c $(kstash_SOURCES) \ - $(string2key_SOURCES) -man8dir = $(mandir)/man8 -MANS = $(man_MANS) -includeHEADERS_INSTALL = $(INSTALL_HEADER) -krb5HEADERS_INSTALL = $(INSTALL_HEADER) -HEADERS = $(include_HEADERS) $(krb5_HEADERS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -lib_LTLIBRARIES = libkdc.la -man_MANS = kdc.8 kstash.8 hprop.8 hpropd.8 string2key.8 -hprop_SOURCES = hprop.c mit_dump.c v4_dump.c hprop.h kadb.h -hpropd_SOURCES = hpropd.c hprop.h -kstash_SOURCES = kstash.c headers.h -string2key_SOURCES = string2key.c headers.h -kdc_SOURCES = connect.c \ - config.c \ - main.c - -libkdc_la_SOURCES = \ - kdc-private.h \ - kdc-protos.h \ - default_config.c \ - set_dbinfo.c \ - digest.c \ - kdc_locl.h \ - kerberos5.c \ - krb5tgs.c \ - pkinit.c \ - log.c \ - misc.c \ - 524.c \ - kerberos4.c \ - kaserver.c \ - kx509.c \ - process.c \ - windc.c \ - rx.h - -libkdc_la_LDFLAGS = -version-info 2:0:0 $(am__append_1) -hprop_LDADD = \ - $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_kdb) $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) \ - $(DBLIB) - -hpropd_LDADD = \ - $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_kdb) $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) \ - $(DBLIB) - -@PKINIT_TRUE@LIB_pkinit = $(top_builddir)/lib/hx509/libhx509.la -libkdc_la_LIBADD = \ - $(LIB_pkinit) \ - $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_kdb) $(LIB_krb4) \ - $(top_builddir)/lib/ntlm/libheimntlm.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) \ - $(DBLIB) - -LDADD = $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) \ - $(DBLIB) - -kdc_LDADD = libkdc.la $(LDADD) $(LIB_pidfile) -kdc_replay_LDADD = $(kdc_LDADD) -include_HEADERS = kdc.h kdc-protos.h -krb5dir = $(includedir)/krb5 -krb5_HEADERS = windc_plugin.h -build_HEADERZ = $(krb5_HEADERS) # XXX -EXTRA_DIST = $(man_MANS) version-script.map -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps kdc/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps kdc/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-libLTLIBRARIES: $(lib_LTLIBRARIES) - @$(NORMAL_INSTALL) - test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ - else :; fi; \ - done - -uninstall-libLTLIBRARIES: - @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ - done - -clean-libLTLIBRARIES: - -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done -libkdc.la: $(libkdc_la_OBJECTS) $(libkdc_la_DEPENDENCIES) - $(libkdc_la_LINK) -rpath $(libdir) $(libkdc_la_OBJECTS) $(libkdc_la_LIBADD) $(LIBS) -install-binPROGRAMS: $(bin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-binPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done - -clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -install-libexecPROGRAMS: $(libexec_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-libexecPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done - -clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done - -clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -install-sbinPROGRAMS: $(sbin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(sbindir)" || $(MKDIR_P) "$(DESTDIR)$(sbindir)" - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-sbinPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(sbindir)/$$f'"; \ - rm -f "$(DESTDIR)$(sbindir)/$$f"; \ - done - -clean-sbinPROGRAMS: - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -hprop$(EXEEXT): $(hprop_OBJECTS) $(hprop_DEPENDENCIES) - @rm -f hprop$(EXEEXT) - $(LINK) $(hprop_OBJECTS) $(hprop_LDADD) $(LIBS) -hpropd$(EXEEXT): $(hpropd_OBJECTS) $(hpropd_DEPENDENCIES) - @rm -f hpropd$(EXEEXT) - $(LINK) $(hpropd_OBJECTS) $(hpropd_LDADD) $(LIBS) -kdc$(EXEEXT): $(kdc_OBJECTS) $(kdc_DEPENDENCIES) - @rm -f kdc$(EXEEXT) - $(LINK) $(kdc_OBJECTS) $(kdc_LDADD) $(LIBS) -kdc-replay$(EXEEXT): $(kdc_replay_OBJECTS) $(kdc_replay_DEPENDENCIES) - @rm -f kdc-replay$(EXEEXT) - $(LINK) $(kdc_replay_OBJECTS) $(kdc_replay_LDADD) $(LIBS) -kstash$(EXEEXT): $(kstash_OBJECTS) $(kstash_DEPENDENCIES) - @rm -f kstash$(EXEEXT) - $(LINK) $(kstash_OBJECTS) $(kstash_LDADD) $(LIBS) -string2key$(EXEEXT): $(string2key_OBJECTS) $(string2key_DEPENDENCIES) - @rm -f string2key$(EXEEXT) - $(LINK) $(string2key_OBJECTS) $(string2key_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man8: $(man8_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done -install-includeHEADERS: $(include_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ - done - -uninstall-includeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done -install-krb5HEADERS: $(krb5_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(krb5dir)" || $(MKDIR_P) "$(DESTDIR)$(krb5dir)" - @list='$(krb5_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(krb5HEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(krb5dir)/$$f'"; \ - $(krb5HEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(krb5dir)/$$f"; \ - done - -uninstall-krb5HEADERS: - @$(NORMAL_UNINSTALL) - @list='$(krb5_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(krb5dir)/$$f'"; \ - rm -f "$(DESTDIR)$(krb5dir)/$$f"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(MANS) $(HEADERS) \ - all-local -install-binPROGRAMS: install-libLTLIBRARIES - -installdirs: - for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(includedir)" "$(DESTDIR)$(krb5dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-binPROGRAMS clean-generic clean-libLTLIBRARIES \ - clean-libexecPROGRAMS clean-libtool clean-noinstPROGRAMS \ - clean-sbinPROGRAMS mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-includeHEADERS install-krb5HEADERS \ - install-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-binPROGRAMS install-libLTLIBRARIES \ - install-libexecPROGRAMS install-sbinPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man8 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-binPROGRAMS uninstall-includeHEADERS \ - uninstall-krb5HEADERS uninstall-libLTLIBRARIES \ - uninstall-libexecPROGRAMS uninstall-man uninstall-sbinPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man8 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-binPROGRAMS clean-generic clean-libLTLIBRARIES \ - clean-libexecPROGRAMS clean-libtool clean-noinstPROGRAMS \ - clean-sbinPROGRAMS ctags dist-hook distclean distclean-compile \ - distclean-generic distclean-libtool distclean-tags distdir dvi \ - dvi-am html html-am info info-am install install-am \ - install-binPROGRAMS install-data install-data-am \ - install-data-hook install-dvi install-dvi-am install-exec \ - install-exec-am install-exec-hook install-html install-html-am \ - install-includeHEADERS install-info install-info-am \ - install-krb5HEADERS install-libLTLIBRARIES \ - install-libexecPROGRAMS install-man install-man8 install-pdf \ - install-pdf-am install-ps install-ps-am install-sbinPROGRAMS \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ - pdf pdf-am ps ps-am tags uninstall uninstall-am \ - uninstall-binPROGRAMS uninstall-hook uninstall-includeHEADERS \ - uninstall-krb5HEADERS uninstall-libLTLIBRARIES \ - uninstall-libexecPROGRAMS uninstall-man uninstall-man8 \ - uninstall-sbinPROGRAMS - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -$(libkdc_la_OBJECTS): $(srcdir)/kdc-protos.h $(srcdir)/kdc-private.h -$(libkdc_la_OBJECTS): $(srcdir)/version-script.map - -$(srcdir)/kdc-protos.h: - cd $(srcdir) && perl ../cf/make-proto.pl -q -P comment -o kdc-protos.h $(libkdc_la_SOURCES) || rm -f kdc-protos.h - -$(srcdir)/kdc-private.h: - cd $(srcdir) && perl ../cf/make-proto.pl -q -P comment -p kdc-private.h $(libkdc_la_SOURCES) || rm -f kdc-private.h -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/kdc/config.c b/crypto/heimdal/kdc/config.c deleted file mode 100644 index a4d40fce4fa9..000000000000 --- a/crypto/heimdal/kdc/config.c +++ /dev/null @@ -1,322 +0,0 @@ -/* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" -#include -#include - -RCSID("$Id: config.c 22248 2007-12-08 23:52:12Z lha $"); - -struct dbinfo { - char *realm; - char *dbname; - char *mkey_file; - struct dbinfo *next; -}; - -static char *config_file; /* location of kdc config file */ - -static int require_preauth = -1; /* 1 == require preauth for all principals */ -static char *max_request_str; /* `max_request' as a string */ - -static int disable_des = -1; -static int enable_v4 = -1; -static int enable_kaserver = -1; -static int enable_524 = -1; -static int enable_v4_cross_realm = -1; - -static int builtin_hdb_flag; -static int help_flag; -static int version_flag; - -static struct getarg_strings addresses_str; /* addresses to listen on */ - -static char *v4_realm; - -static struct getargs args[] = { - { - "config-file", 'c', arg_string, &config_file, - "location of config file", "file" - }, - { - "require-preauth", 'p', arg_negative_flag, &require_preauth, - "don't require pa-data in as-reqs" - }, - { - "max-request", 0, arg_string, &max_request, - "max size for a kdc-request", "size" - }, - { "enable-http", 'H', arg_flag, &enable_http, "turn on HTTP support" }, - { "524", 0, arg_negative_flag, &enable_524, - "don't respond to 524 requests" - }, - { - "kaserver", 'K', arg_flag, &enable_kaserver, - "enable kaserver support" - }, - { "kerberos4", 0, arg_flag, &enable_v4, - "respond to kerberos 4 requests" - }, - { - "v4-realm", 'r', arg_string, &v4_realm, - "realm to serve v4-requests for" - }, - { "kerberos4-cross-realm", 0, arg_flag, - &enable_v4_cross_realm, - "respond to kerberos 4 requests from foreign realms" - }, - { "ports", 'P', arg_string, &port_str, - "ports to listen to", "portspec" - }, -#if DETACH_IS_DEFAULT - { - "detach", 'D', arg_negative_flag, &detach_from_console, - "don't detach from console" - }, -#else - { - "detach", 0 , arg_flag, &detach_from_console, - "detach from console" - }, -#endif - { "addresses", 0, arg_strings, &addresses_str, - "addresses to listen on", "list of addresses" }, - { "disable-des", 0, arg_flag, &disable_des, - "disable DES" }, - { "builtin-hdb", 0, arg_flag, &builtin_hdb_flag, - "list builtin hdb backends"}, - { "help", 'h', arg_flag, &help_flag }, - { "version", 'v', arg_flag, &version_flag } -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage(int ret) -{ - arg_printusage (args, num_args, NULL, ""); - exit (ret); -} - -static void -add_one_address (krb5_context context, const char *str, int first) -{ - krb5_error_code ret; - krb5_addresses tmp; - - ret = krb5_parse_address (context, str, &tmp); - if (ret) - krb5_err (context, 1, ret, "parse_address `%s'", str); - if (first) - krb5_copy_addresses(context, &tmp, &explicit_addresses); - else - krb5_append_addresses(context, &explicit_addresses, &tmp); - krb5_free_addresses (context, &tmp); -} - -krb5_kdc_configuration * -configure(krb5_context context, int argc, char **argv) -{ - krb5_kdc_configuration *config; - krb5_error_code ret; - int optidx = 0; - const char *p; - - while(getarg(args, num_args, argc, argv, &optidx)) - warnx("error at argument `%s'", argv[optidx]); - - if(help_flag) - usage (0); - - if (version_flag) { - print_version(NULL); - exit(0); - } - - if (builtin_hdb_flag) { - char *list; - ret = hdb_list_builtin(context, &list); - if (ret) - krb5_err(context, 1, ret, "listing builtin hdb backends"); - printf("builtin hdb backends: %s\n", list); - free(list); - exit(0); - } - - argc -= optidx; - argv += optidx; - - if (argc != 0) - usage(1); - - { - char **files; - - if (config_file == NULL) { - asprintf(&config_file, "%s/kdc.conf", hdb_db_dir(context)); - if (config_file == NULL) - errx(1, "out of memory"); - } - - ret = krb5_prepend_config_files_default(config_file, &files); - if (ret) - krb5_err(context, 1, ret, "getting configuration files"); - - ret = krb5_set_config_files(context, files); - krb5_free_config_files(files); - if(ret) - krb5_err(context, 1, ret, "reading configuration files"); - } - - ret = krb5_kdc_get_config(context, &config); - if (ret) - krb5_err(context, 1, ret, "krb5_kdc_default_config"); - - kdc_openlog(context, config); - - ret = krb5_kdc_set_dbinfo(context, config); - if (ret) - krb5_err(context, 1, ret, "krb5_kdc_set_dbinfo"); - - if(max_request_str) - max_request = parse_bytes(max_request_str, NULL); - - if(max_request == 0){ - p = krb5_config_get_string (context, - NULL, - "kdc", - "max-request", - NULL); - if(p) - max_request = parse_bytes(p, NULL); - } - - if(require_preauth != -1) - config->require_preauth = require_preauth; - - if(port_str == NULL){ - p = krb5_config_get_string(context, NULL, "kdc", "ports", NULL); - if (p != NULL) - port_str = strdup(p); - } - - explicit_addresses.len = 0; - - if (addresses_str.num_strings) { - int i; - - for (i = 0; i < addresses_str.num_strings; ++i) - add_one_address (context, addresses_str.strings[i], i == 0); - free_getarg_strings (&addresses_str); - } else { - char **foo = krb5_config_get_strings (context, NULL, - "kdc", "addresses", NULL); - - if (foo != NULL) { - add_one_address (context, *foo++, TRUE); - while (*foo) - add_one_address (context, *foo++, FALSE); - } - } - - if(enable_v4 != -1) - config->enable_v4 = enable_v4; - - if(enable_v4_cross_realm != -1) - config->enable_v4_cross_realm = enable_v4_cross_realm; - - if(enable_524 != -1) - config->enable_524 = enable_524; - - if(enable_http == -1) - enable_http = krb5_config_get_bool(context, NULL, "kdc", - "enable-http", NULL); - - if(request_log == NULL) - request_log = krb5_config_get_string(context, NULL, - "kdc", - "kdc-request-log", - NULL); - - if (krb5_config_get_string(context, NULL, "kdc", - "enforce-transited-policy", NULL)) - krb5_errx(context, 1, "enforce-transited-policy deprecated, " - "use [kdc]transited-policy instead"); - - if (enable_kaserver != -1) - config->enable_kaserver = enable_kaserver; - - if(detach_from_console == -1) - detach_from_console = krb5_config_get_bool_default(context, NULL, - DETACH_IS_DEFAULT, - "kdc", - "detach", NULL); - - if(max_request == 0) - max_request = 64 * 1024; - - if (port_str == NULL) - port_str = "+"; - - if (v4_realm) - config->v4_realm = v4_realm; - - if(config->v4_realm == NULL && (config->enable_kaserver || config->enable_v4)) - krb5_errx(context, 1, "Kerberos 4 enabled but no realm configured"); - - if(disable_des == -1) - disable_des = krb5_config_get_bool_default(context, NULL, - FALSE, - "kdc", - "disable-des", NULL); - if(disable_des) { - krb5_enctype_disable(context, ETYPE_DES_CBC_CRC); - krb5_enctype_disable(context, ETYPE_DES_CBC_MD4); - krb5_enctype_disable(context, ETYPE_DES_CBC_MD5); - krb5_enctype_disable(context, ETYPE_DES_CBC_NONE); - krb5_enctype_disable(context, ETYPE_DES_CFB64_NONE); - krb5_enctype_disable(context, ETYPE_DES_PCBC_NONE); - - kdc_log(context, config, - 0, "DES was disabled, turned off Kerberos V4, 524 " - "and kaserver"); - config->enable_v4 = 0; - config->enable_524 = 0; - config->enable_kaserver = 0; - } - - krb5_kdc_windc_init(context); - - return config; -} diff --git a/crypto/heimdal/kdc/connect.c b/crypto/heimdal/kdc/connect.c deleted file mode 100644 index c2df088342f4..000000000000 --- a/crypto/heimdal/kdc/connect.c +++ /dev/null @@ -1,900 +0,0 @@ -/* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" - -RCSID("$Id: connect.c 22434 2008-01-14 09:21:37Z lha $"); - -/* Should we enable the HTTP hack? */ -int enable_http = -1; - -/* Log over requests to the KDC */ -const char *request_log; - -/* A string describing on what ports to listen */ -const char *port_str; - -krb5_addresses explicit_addresses; - -size_t max_request; /* maximal size of a request */ - -/* - * a tuple describing on what to listen - */ - -struct port_desc{ - int family; - int type; - int port; -}; - -/* the current ones */ - -static struct port_desc *ports; -static int num_ports; - -/* - * add `family, port, protocol' to the list with duplicate suppresion. - */ - -static void -add_port(krb5_context context, - int family, int port, const char *protocol) -{ - int type; - int i; - - if(strcmp(protocol, "udp") == 0) - type = SOCK_DGRAM; - else if(strcmp(protocol, "tcp") == 0) - type = SOCK_STREAM; - else - return; - for(i = 0; i < num_ports; i++){ - if(ports[i].type == type - && ports[i].port == port - && ports[i].family == family) - return; - } - ports = realloc(ports, (num_ports + 1) * sizeof(*ports)); - if (ports == NULL) - krb5_err (context, 1, errno, "realloc"); - ports[num_ports].family = family; - ports[num_ports].type = type; - ports[num_ports].port = port; - num_ports++; -} - -/* - * add a triple but with service -> port lookup - * (this prints warnings for stuff that does not exist) - */ - -static void -add_port_service(krb5_context context, - int family, const char *service, int port, - const char *protocol) -{ - port = krb5_getportbyname (context, service, protocol, port); - add_port (context, family, port, protocol); -} - -/* - * add the port with service -> port lookup or string -> number - * (no warning is printed) - */ - -static void -add_port_string (krb5_context context, - int family, const char *str, const char *protocol) -{ - struct servent *sp; - int port; - - sp = roken_getservbyname (str, protocol); - if (sp != NULL) { - port = sp->s_port; - } else { - char *end; - - port = htons(strtol(str, &end, 0)); - if (end == str) - return; - } - add_port (context, family, port, protocol); -} - -/* - * add the standard collection of ports for `family' - */ - -static void -add_standard_ports (krb5_context context, - krb5_kdc_configuration *config, - int family) -{ - add_port_service(context, family, "kerberos", 88, "udp"); - add_port_service(context, family, "kerberos", 88, "tcp"); - add_port_service(context, family, "kerberos-sec", 88, "udp"); - add_port_service(context, family, "kerberos-sec", 88, "tcp"); - if(enable_http) - add_port_service(context, family, "http", 80, "tcp"); - if(config->enable_524) { - add_port_service(context, family, "krb524", 4444, "udp"); - add_port_service(context, family, "krb524", 4444, "tcp"); - } - if(config->enable_v4) { - add_port_service(context, family, "kerberos-iv", 750, "udp"); - add_port_service(context, family, "kerberos-iv", 750, "tcp"); - } - if (config->enable_kaserver) - add_port_service(context, family, "afs3-kaserver", 7004, "udp"); - if(config->enable_kx509) { - add_port_service(context, family, "kca_service", 9878, "udp"); - add_port_service(context, family, "kca_service", 9878, "tcp"); - } - -} - -/* - * parse the set of space-delimited ports in `str' and add them. - * "+" => all the standard ones - * otherwise it's port|service[/protocol] - */ - -static void -parse_ports(krb5_context context, - krb5_kdc_configuration *config, - const char *str) -{ - char *pos = NULL; - char *p; - char *str_copy = strdup (str); - - p = strtok_r(str_copy, " \t", &pos); - while(p != NULL) { - if(strcmp(p, "+") == 0) { -#ifdef HAVE_IPV6 - add_standard_ports(context, config, AF_INET6); -#endif - add_standard_ports(context, config, AF_INET); - } else { - char *q = strchr(p, '/'); - if(q){ - *q++ = 0; -#ifdef HAVE_IPV6 - add_port_string(context, AF_INET6, p, q); -#endif - add_port_string(context, AF_INET, p, q); - }else { -#ifdef HAVE_IPV6 - add_port_string(context, AF_INET6, p, "udp"); - add_port_string(context, AF_INET6, p, "tcp"); -#endif - add_port_string(context, AF_INET, p, "udp"); - add_port_string(context, AF_INET, p, "tcp"); - } - } - - p = strtok_r(NULL, " \t", &pos); - } - free (str_copy); -} - -/* - * every socket we listen on - */ - -struct descr { - int s; - int type; - int port; - unsigned char *buf; - size_t size; - size_t len; - time_t timeout; - struct sockaddr_storage __ss; - struct sockaddr *sa; - socklen_t sock_len; - char addr_string[128]; -}; - -static void -init_descr(struct descr *d) -{ - memset(d, 0, sizeof(*d)); - d->sa = (struct sockaddr *)&d->__ss; - d->s = -1; -} - -/* - * re-initialize all `n' ->sa in `d'. - */ - -static void -reinit_descrs (struct descr *d, int n) -{ - int i; - - for (i = 0; i < n; ++i) - d[i].sa = (struct sockaddr *)&d[i].__ss; -} - -/* - * Create the socket (family, type, port) in `d' - */ - -static void -init_socket(krb5_context context, - krb5_kdc_configuration *config, - struct descr *d, krb5_address *a, int family, int type, int port) -{ - krb5_error_code ret; - struct sockaddr_storage __ss; - struct sockaddr *sa = (struct sockaddr *)&__ss; - krb5_socklen_t sa_size = sizeof(__ss); - - init_descr (d); - - ret = krb5_addr2sockaddr (context, a, sa, &sa_size, port); - if (ret) { - krb5_warn(context, ret, "krb5_addr2sockaddr"); - close(d->s); - d->s = -1; - return; - } - - if (sa->sa_family != family) - return; - - d->s = socket(family, type, 0); - if(d->s < 0){ - krb5_warn(context, errno, "socket(%d, %d, 0)", family, type); - d->s = -1; - return; - } -#if defined(HAVE_SETSOCKOPT) && defined(SOL_SOCKET) && defined(SO_REUSEADDR) - { - int one = 1; - setsockopt(d->s, SOL_SOCKET, SO_REUSEADDR, (void *)&one, sizeof(one)); - } -#endif - d->type = type; - d->port = port; - - if(bind(d->s, sa, sa_size) < 0){ - char a_str[256]; - size_t len; - - krb5_print_address (a, a_str, sizeof(a_str), &len); - krb5_warn(context, errno, "bind %s/%d", a_str, ntohs(port)); - close(d->s); - d->s = -1; - return; - } - if(type == SOCK_STREAM && listen(d->s, SOMAXCONN) < 0){ - char a_str[256]; - size_t len; - - krb5_print_address (a, a_str, sizeof(a_str), &len); - krb5_warn(context, errno, "listen %s/%d", a_str, ntohs(port)); - close(d->s); - d->s = -1; - return; - } -} - -/* - * Allocate descriptors for all the sockets that we should listen on - * and return the number of them. - */ - -static int -init_sockets(krb5_context context, - krb5_kdc_configuration *config, - struct descr **desc) -{ - krb5_error_code ret; - int i, j; - struct descr *d; - int num = 0; - krb5_addresses addresses; - - if (explicit_addresses.len) { - addresses = explicit_addresses; - } else { - ret = krb5_get_all_server_addrs (context, &addresses); - if (ret) - krb5_err (context, 1, ret, "krb5_get_all_server_addrs"); - } - parse_ports(context, config, port_str); - d = malloc(addresses.len * num_ports * sizeof(*d)); - if (d == NULL) - krb5_errx(context, 1, "malloc(%lu) failed", - (unsigned long)num_ports * sizeof(*d)); - - for (i = 0; i < num_ports; i++){ - for (j = 0; j < addresses.len; ++j) { - init_socket(context, config, &d[num], &addresses.val[j], - ports[i].family, ports[i].type, ports[i].port); - if(d[num].s != -1){ - char a_str[80]; - size_t len; - - krb5_print_address (&addresses.val[j], a_str, - sizeof(a_str), &len); - - kdc_log(context, config, 5, "listening on %s port %u/%s", - a_str, - ntohs(ports[i].port), - (ports[i].type == SOCK_STREAM) ? "tcp" : "udp"); - /* XXX */ - num++; - } - } - } - krb5_free_addresses (context, &addresses); - d = realloc(d, num * sizeof(*d)); - if (d == NULL && num != 0) - krb5_errx(context, 1, "realloc(%lu) failed", - (unsigned long)num * sizeof(*d)); - reinit_descrs (d, num); - *desc = d; - return num; -} - -/* - * - */ - -static const char * -descr_type(struct descr *d) -{ - if (d->type == SOCK_DGRAM) - return "udp"; - else if (d->type == SOCK_STREAM) - return "tcp"; - return "unknown"; -} - -static void -addr_to_string(krb5_context context, - struct sockaddr *addr, size_t addr_len, char *str, size_t len) -{ - krb5_address a; - if(krb5_sockaddr2address(context, addr, &a) == 0) { - if(krb5_print_address(&a, str, len, &len) == 0) { - krb5_free_address(context, &a); - return; - } - krb5_free_address(context, &a); - } - snprintf(str, len, "", addr->sa_family); -} - -/* - * - */ - -static void -send_reply(krb5_context context, - krb5_kdc_configuration *config, - krb5_boolean prependlength, - struct descr *d, - krb5_data *reply) -{ - kdc_log(context, config, 5, - "sending %lu bytes to %s", (unsigned long)reply->length, - d->addr_string); - if(prependlength){ - unsigned char l[4]; - l[0] = (reply->length >> 24) & 0xff; - l[1] = (reply->length >> 16) & 0xff; - l[2] = (reply->length >> 8) & 0xff; - l[3] = reply->length & 0xff; - if(sendto(d->s, l, sizeof(l), 0, d->sa, d->sock_len) < 0) { - kdc_log (context, config, - 0, "sendto(%s): %s", d->addr_string, strerror(errno)); - return; - } - } - if(sendto(d->s, reply->data, reply->length, 0, d->sa, d->sock_len) < 0) { - kdc_log (context, config, - 0, "sendto(%s): %s", d->addr_string, strerror(errno)); - return; - } -} - -/* - * Handle the request in `buf, len' to socket `d' - */ - -static void -do_request(krb5_context context, - krb5_kdc_configuration *config, - void *buf, size_t len, krb5_boolean prependlength, - struct descr *d) -{ - krb5_error_code ret; - krb5_data reply; - int datagram_reply = (d->type == SOCK_DGRAM); - - krb5_kdc_update_time(NULL); - - krb5_data_zero(&reply); - ret = krb5_kdc_process_request(context, config, - buf, len, &reply, &prependlength, - d->addr_string, d->sa, - datagram_reply); - if(request_log) - krb5_kdc_save_request(context, request_log, buf, len, &reply, d->sa); - if(reply.length){ - send_reply(context, config, prependlength, d, &reply); - krb5_data_free(&reply); - } - if(ret) - kdc_log(context, config, 0, - "Failed processing %lu byte request from %s", - (unsigned long)len, d->addr_string); -} - -/* - * Handle incoming data to the UDP socket in `d' - */ - -static void -handle_udp(krb5_context context, - krb5_kdc_configuration *config, - struct descr *d) -{ - unsigned char *buf; - int n; - - buf = malloc(max_request); - if(buf == NULL){ - kdc_log(context, config, 0, "Failed to allocate %lu bytes", (unsigned long)max_request); - return; - } - - d->sock_len = sizeof(d->__ss); - n = recvfrom(d->s, buf, max_request, 0, d->sa, &d->sock_len); - if(n < 0) - krb5_warn(context, errno, "recvfrom"); - else { - addr_to_string (context, d->sa, d->sock_len, - d->addr_string, sizeof(d->addr_string)); - do_request(context, config, buf, n, FALSE, d); - } - free (buf); -} - -static void -clear_descr(struct descr *d) -{ - if(d->buf) - memset(d->buf, 0, d->size); - d->len = 0; - if(d->s != -1) - close(d->s); - d->s = -1; -} - - -/* remove HTTP %-quoting from buf */ -static int -de_http(char *buf) -{ - unsigned char *p, *q; - for(p = q = (unsigned char *)buf; *p; p++, q++) { - if(*p == '%' && isxdigit(p[1]) && isxdigit(p[2])) { - unsigned int x; - if(sscanf((char *)p + 1, "%2x", &x) != 1) - return -1; - *q = x; - p += 2; - } else - *q = *p; - } - *q = '\0'; - return 0; -} - -#define TCP_TIMEOUT 4 - -/* - * accept a new TCP connection on `d[parent]' and store it in `d[child]' - */ - -static void -add_new_tcp (krb5_context context, - krb5_kdc_configuration *config, - struct descr *d, int parent, int child) -{ - int s; - - if (child == -1) - return; - - d[child].sock_len = sizeof(d[child].__ss); - s = accept(d[parent].s, d[child].sa, &d[child].sock_len); - if(s < 0) { - krb5_warn(context, errno, "accept"); - return; - } - - if (s >= FD_SETSIZE) { - krb5_warnx(context, "socket FD too large"); - close (s); - return; - } - - d[child].s = s; - d[child].timeout = time(NULL) + TCP_TIMEOUT; - d[child].type = SOCK_STREAM; - addr_to_string (context, - d[child].sa, d[child].sock_len, - d[child].addr_string, sizeof(d[child].addr_string)); -} - -/* - * Grow `d' to handle at least `n'. - * Return != 0 if fails - */ - -static int -grow_descr (krb5_context context, - krb5_kdc_configuration *config, - struct descr *d, size_t n) -{ - if (d->size - d->len < n) { - unsigned char *tmp; - size_t grow; - - grow = max(1024, d->len + n); - if (d->size + grow > max_request) { - kdc_log(context, config, 0, "Request exceeds max request size (%lu bytes).", - (unsigned long)d->size + grow); - clear_descr(d); - return -1; - } - tmp = realloc (d->buf, d->size + grow); - if (tmp == NULL) { - kdc_log(context, config, 0, "Failed to re-allocate %lu bytes.", - (unsigned long)d->size + grow); - clear_descr(d); - return -1; - } - d->size += grow; - d->buf = tmp; - } - return 0; -} - -/* - * Try to handle the TCP data at `d->buf, d->len'. - * Return -1 if failed, 0 if succesful, and 1 if data is complete. - */ - -static int -handle_vanilla_tcp (krb5_context context, - krb5_kdc_configuration *config, - struct descr *d) -{ - krb5_storage *sp; - uint32_t len; - - sp = krb5_storage_from_mem(d->buf, d->len); - if (sp == NULL) { - kdc_log (context, config, 0, "krb5_storage_from_mem failed"); - return -1; - } - krb5_ret_uint32(sp, &len); - krb5_storage_free(sp); - if(d->len - 4 >= len) { - memmove(d->buf, d->buf + 4, d->len - 4); - d->len -= 4; - return 1; - } - return 0; -} - -/* - * Try to handle the TCP/HTTP data at `d->buf, d->len'. - * Return -1 if failed, 0 if succesful, and 1 if data is complete. - */ - -static int -handle_http_tcp (krb5_context context, - krb5_kdc_configuration *config, - struct descr *d) -{ - char *s, *p, *t; - void *data; - char *proto; - int len; - - s = (char *)d->buf; - - p = strstr(s, "\r\n"); - if (p == NULL) { - kdc_log(context, config, 0, "Malformed HTTP request from %s", d->addr_string); - return -1; - } - *p = 0; - - p = NULL; - t = strtok_r(s, " \t", &p); - if (t == NULL) { - kdc_log(context, config, 0, "Malformed HTTP request from %s", d->addr_string); - return -1; - } - t = strtok_r(NULL, " \t", &p); - if(t == NULL) { - kdc_log(context, config, 0, "Malformed HTTP request from %s", d->addr_string); - return -1; - } - data = malloc(strlen(t)); - if (data == NULL) { - kdc_log(context, config, 0, "Failed to allocate %lu bytes", - (unsigned long)strlen(t)); - return -1; - } - if(*t == '/') - t++; - if(de_http(t) != 0) { - kdc_log(context, config, 0, "Malformed HTTP request from %s", d->addr_string); - kdc_log(context, config, 5, "HTTP request: %s", t); - free(data); - return -1; - } - proto = strtok_r(NULL, " \t", &p); - if (proto == NULL) { - kdc_log(context, config, 0, "Malformed HTTP request from %s", d->addr_string); - free(data); - return -1; - } - len = base64_decode(t, data); - if(len <= 0){ - const char *msg = - " 404 Not found\r\n" - "Server: Heimdal/" VERSION "\r\n" - "Cache-Control: no-cache\r\n" - "Pragma: no-cache\r\n" - "Content-type: text/html\r\n" - "Content-transfer-encoding: 8bit\r\n\r\n" - "404 Not found\r\n" - "

404 Not found

\r\n" - "That page doesn't exist, maybe you are looking for " - "Heimdal?\r\n"; - kdc_log(context, config, 0, "HTTP request from %s is non KDC request", d->addr_string); - kdc_log(context, config, 5, "HTTP request: %s", t); - free(data); - if (write(d->s, proto, strlen(proto)) < 0) { - kdc_log(context, config, 0, "HTTP write failed: %s: %s", - d->addr_string, strerror(errno)); - return -1; - } - if (write(d->s, msg, strlen(msg)) < 0) { - kdc_log(context, config, 0, "HTTP write failed: %s: %s", - d->addr_string, strerror(errno)); - return -1; - } - return -1; - } - { - const char *msg = - " 200 OK\r\n" - "Server: Heimdal/" VERSION "\r\n" - "Cache-Control: no-cache\r\n" - "Pragma: no-cache\r\n" - "Content-type: application/octet-stream\r\n" - "Content-transfer-encoding: binary\r\n\r\n"; - if (write(d->s, proto, strlen(proto)) < 0) { - kdc_log(context, config, 0, "HTTP write failed: %s: %s", - d->addr_string, strerror(errno)); - return -1; - } - if (write(d->s, msg, strlen(msg)) < 0) { - kdc_log(context, config, 0, "HTTP write failed: %s: %s", - d->addr_string, strerror(errno)); - return -1; - } - } - memcpy(d->buf, data, len); - d->len = len; - free(data); - return 1; -} - -/* - * Handle incoming data to the TCP socket in `d[index]' - */ - -static void -handle_tcp(krb5_context context, - krb5_kdc_configuration *config, - struct descr *d, int idx, int min_free) -{ - unsigned char buf[1024]; - int n; - int ret = 0; - - if (d[idx].timeout == 0) { - add_new_tcp (context, config, d, idx, min_free); - return; - } - - n = recvfrom(d[idx].s, buf, sizeof(buf), 0, NULL, NULL); - if(n < 0){ - krb5_warn(context, errno, "recvfrom failed from %s to %s/%d", - d[idx].addr_string, descr_type(d + idx), - ntohs(d[idx].port)); - return; - } else if (n == 0) { - krb5_warnx(context, "connection closed before end of data after %lu " - "bytes from %s to %s/%d", (unsigned long)d[idx].len, - d[idx].addr_string, descr_type(d + idx), - ntohs(d[idx].port)); - clear_descr (d + idx); - return; - } - if (grow_descr (context, config, &d[idx], n)) - return; - memcpy(d[idx].buf + d[idx].len, buf, n); - d[idx].len += n; - if(d[idx].len > 4 && d[idx].buf[0] == 0) { - ret = handle_vanilla_tcp (context, config, &d[idx]); - } else if(enable_http && - d[idx].len >= 4 && - strncmp((char *)d[idx].buf, "GET ", 4) == 0 && - strncmp((char *)d[idx].buf + d[idx].len - 4, - "\r\n\r\n", 4) == 0) { - ret = handle_http_tcp (context, config, &d[idx]); - if (ret < 0) - clear_descr (d + idx); - } else if (d[idx].len > 4) { - kdc_log (context, config, - 0, "TCP data of strange type from %s to %s/%d", - d[idx].addr_string, descr_type(d + idx), - ntohs(d[idx].port)); - if (d[idx].buf[0] & 0x80) { - krb5_data reply; - - kdc_log (context, config, 0, "TCP extension not supported"); - - ret = krb5_mk_error(context, - KRB5KRB_ERR_FIELD_TOOLONG, - NULL, - NULL, - NULL, - NULL, - NULL, - NULL, - &reply); - if (ret == 0) { - send_reply(context, config, TRUE, d + idx, &reply); - krb5_data_free(&reply); - } - } - clear_descr(d + idx); - return; - } - if (ret < 0) - return; - else if (ret == 1) { - do_request(context, config, - d[idx].buf, d[idx].len, TRUE, &d[idx]); - clear_descr(d + idx); - } -} - -void -loop(krb5_context context, - krb5_kdc_configuration *config) -{ - struct descr *d; - int ndescr; - - ndescr = init_sockets(context, config, &d); - if(ndescr <= 0) - krb5_errx(context, 1, "No sockets!"); - kdc_log(context, config, 0, "KDC started"); - while(exit_flag == 0){ - struct timeval tmout; - fd_set fds; - int min_free = -1; - int max_fd = 0; - int i; - - FD_ZERO(&fds); - for(i = 0; i < ndescr; i++) { - if(d[i].s >= 0){ - if(d[i].type == SOCK_STREAM && - d[i].timeout && d[i].timeout < time(NULL)) { - kdc_log(context, config, 1, - "TCP-connection from %s expired after %lu bytes", - d[i].addr_string, (unsigned long)d[i].len); - clear_descr(&d[i]); - continue; - } - if(max_fd < d[i].s) - max_fd = d[i].s; - if (max_fd >= FD_SETSIZE) - krb5_errx(context, 1, "fd too large"); - FD_SET(d[i].s, &fds); - } else if(min_free < 0 || i < min_free) - min_free = i; - } - if(min_free == -1){ - struct descr *tmp; - tmp = realloc(d, (ndescr + 4) * sizeof(*d)); - if(tmp == NULL) - krb5_warnx(context, "No memory"); - else { - d = tmp; - reinit_descrs (d, ndescr); - memset(d + ndescr, 0, 4 * sizeof(*d)); - for(i = ndescr; i < ndescr + 4; i++) - init_descr (&d[i]); - min_free = ndescr; - ndescr += 4; - } - } - - tmout.tv_sec = TCP_TIMEOUT; - tmout.tv_usec = 0; - switch(select(max_fd + 1, &fds, 0, 0, &tmout)){ - case 0: - break; - case -1: - if (errno != EINTR) - krb5_warn(context, errno, "select"); - break; - default: - for(i = 0; i < ndescr; i++) - if(d[i].s >= 0 && FD_ISSET(d[i].s, &fds)) { - if(d[i].type == SOCK_DGRAM) - handle_udp(context, config, &d[i]); - else if(d[i].type == SOCK_STREAM) - handle_tcp(context, config, d, i, min_free); - } - } - } - if(exit_flag == SIGXCPU) - kdc_log(context, config, 0, "CPU time limit exceeded"); - else if(exit_flag == SIGINT || exit_flag == SIGTERM) - kdc_log(context, config, 0, "Terminated"); - else - kdc_log(context, config, 0, "Unexpected exit reason: %d", exit_flag); - free (d); -} diff --git a/crypto/heimdal/kdc/default_config.c b/crypto/heimdal/kdc/default_config.c deleted file mode 100644 index 5f336e3275db..000000000000 --- a/crypto/heimdal/kdc/default_config.c +++ /dev/null @@ -1,285 +0,0 @@ -/* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" -#include -#include - -RCSID("$Id: default_config.c 21405 2007-07-04 10:35:45Z lha $"); - -krb5_error_code -krb5_kdc_get_config(krb5_context context, krb5_kdc_configuration **config) -{ - krb5_kdc_configuration *c; - - c = calloc(1, sizeof(*c)); - if (c == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - c->require_preauth = TRUE; - c->kdc_warn_pwexpire = 0; - c->encode_as_rep_as_tgs_rep = FALSE; - c->check_ticket_addresses = TRUE; - c->allow_null_ticket_addresses = TRUE; - c->allow_anonymous = FALSE; - c->trpolicy = TRPOLICY_ALWAYS_CHECK; - c->enable_v4 = FALSE; - c->enable_kaserver = FALSE; - c->enable_524 = FALSE; - c->enable_v4_cross_realm = FALSE; - c->enable_pkinit = FALSE; - c->pkinit_princ_in_cert = TRUE; - c->pkinit_require_binding = TRUE; - c->db = NULL; - c->num_db = 0; - c->logf = NULL; - - c->require_preauth = - krb5_config_get_bool_default(context, NULL, - c->require_preauth, - "kdc", "require-preauth", NULL); - c->enable_v4 = - krb5_config_get_bool_default(context, NULL, - c->enable_v4, - "kdc", "enable-kerberos4", NULL); - c->enable_v4_cross_realm = - krb5_config_get_bool_default(context, NULL, - c->enable_v4_cross_realm, - "kdc", - "enable-kerberos4-cross-realm", NULL); - c->enable_524 = - krb5_config_get_bool_default(context, NULL, - c->enable_v4, - "kdc", "enable-524", NULL); - c->enable_digest = - krb5_config_get_bool_default(context, NULL, - FALSE, - "kdc", "enable-digest", NULL); - - { - const char *digests; - - digests = krb5_config_get_string(context, NULL, - "kdc", - "digests_allowed", NULL); - if (digests == NULL) - digests = "ntlm-v2"; - c->digests_allowed = parse_flags(digests,_kdc_digestunits, 0); - if (c->digests_allowed == -1) { - kdc_log(context, c, 0, - "unparsable digest units (%s), turning off digest", - digests); - c->enable_digest = 0; - } else if (c->digests_allowed == 0) { - kdc_log(context, c, 0, - "no digest enable, turning digest off", - digests); - c->enable_digest = 0; - } - } - - c->enable_kx509 = - krb5_config_get_bool_default(context, NULL, - FALSE, - "kdc", "enable-kx509", NULL); - - if (c->enable_kx509) { - c->kx509_template = - krb5_config_get_string(context, NULL, - "kdc", "kx509_template", NULL); - c->kx509_ca = - krb5_config_get_string(context, NULL, - "kdc", "kx509_ca", NULL); - if (c->kx509_ca == NULL || c->kx509_template == NULL) { - kdc_log(context, c, 0, - "missing kx509 configuration, turning off"); - c->enable_kx509 = FALSE; - } - } - - c->check_ticket_addresses = - krb5_config_get_bool_default(context, NULL, - c->check_ticket_addresses, - "kdc", - "check-ticket-addresses", NULL); - c->allow_null_ticket_addresses = - krb5_config_get_bool_default(context, NULL, - c->allow_null_ticket_addresses, - "kdc", - "allow-null-ticket-addresses", NULL); - - c->allow_anonymous = - krb5_config_get_bool_default(context, NULL, - c->allow_anonymous, - "kdc", - "allow-anonymous", NULL); - - c->max_datagram_reply_length = - krb5_config_get_int_default(context, - NULL, - 1400, - "kdc", - "max-kdc-datagram-reply-length", - NULL); - - { - const char *trpolicy_str; - - trpolicy_str = - krb5_config_get_string_default(context, NULL, "DEFAULT", "kdc", - "transited-policy", NULL); - if(strcasecmp(trpolicy_str, "always-check") == 0) { - c->trpolicy = TRPOLICY_ALWAYS_CHECK; - } else if(strcasecmp(trpolicy_str, "allow-per-principal") == 0) { - c->trpolicy = TRPOLICY_ALLOW_PER_PRINCIPAL; - } else if(strcasecmp(trpolicy_str, "always-honour-request") == 0) { - c->trpolicy = TRPOLICY_ALWAYS_HONOUR_REQUEST; - } else if(strcasecmp(trpolicy_str, "DEFAULT") == 0) { - /* default */ - } else { - kdc_log(context, c, 0, - "unknown transited-policy: %s, " - "reverting to default (always-check)", - trpolicy_str); - } - } - - { - const char *p; - p = krb5_config_get_string (context, NULL, - "kdc", - "v4-realm", - NULL); - if(p != NULL) { - c->v4_realm = strdup(p); - if (c->v4_realm == NULL) - krb5_errx(context, 1, "out of memory"); - } else { - c->v4_realm = NULL; - } - } - - c->enable_kaserver = - krb5_config_get_bool_default(context, - NULL, - c->enable_kaserver, - "kdc", "enable-kaserver", NULL); - - - c->encode_as_rep_as_tgs_rep = - krb5_config_get_bool_default(context, NULL, - c->encode_as_rep_as_tgs_rep, - "kdc", - "encode_as_rep_as_tgs_rep", NULL); - - c->kdc_warn_pwexpire = - krb5_config_get_time_default (context, NULL, - c->kdc_warn_pwexpire, - "kdc", "kdc_warn_pwexpire", NULL); - - -#ifdef PKINIT - c->enable_pkinit = - krb5_config_get_bool_default(context, - NULL, - c->enable_pkinit, - "kdc", - "enable-pkinit", - NULL); - if (c->enable_pkinit) { - const char *user_id, *anchors, *ocsp_file; - char **pool_list, **revoke_list; - - user_id = - krb5_config_get_string(context, NULL, - "kdc", "pkinit_identity", NULL); - if (user_id == NULL) - krb5_errx(context, 1, "pkinit enabled but no identity"); - - anchors = krb5_config_get_string(context, NULL, - "kdc", "pkinit_anchors", NULL); - if (anchors == NULL) - krb5_errx(context, 1, "pkinit enabled but no X509 anchors"); - - pool_list = - krb5_config_get_strings(context, NULL, - "kdc", "pkinit_pool", NULL); - - revoke_list = - krb5_config_get_strings(context, NULL, - "kdc", "pkinit_revoke", NULL); - - ocsp_file = - krb5_config_get_string(context, NULL, - "kdc", "pkinit_kdc_ocsp", NULL); - if (ocsp_file) { - c->pkinit_kdc_ocsp_file = strdup(ocsp_file); - if (c->pkinit_kdc_ocsp_file == NULL) - krb5_errx(context, 1, "out of memory"); - } - - _kdc_pk_initialize(context, c, user_id, anchors, - pool_list, revoke_list); - - krb5_config_free_strings(pool_list); - krb5_config_free_strings(revoke_list); - - c->pkinit_princ_in_cert = - krb5_config_get_bool_default(context, NULL, - c->pkinit_princ_in_cert, - "kdc", - "pkinit_principal_in_certificate", - NULL); - - c->pkinit_require_binding = - krb5_config_get_bool_default(context, NULL, - c->pkinit_require_binding, - "kdc", - "pkinit_win2k_require_binding", - NULL); - } - - c->pkinit_dh_min_bits = - krb5_config_get_int_default(context, NULL, - 0, - "kdc", "pkinit_dh_min_bits", NULL); - -#endif - - *config = c; - - return 0; -} diff --git a/crypto/heimdal/kdc/digest.c b/crypto/heimdal/kdc/digest.c deleted file mode 100644 index b845b0f9a894..000000000000 --- a/crypto/heimdal/kdc/digest.c +++ /dev/null @@ -1,1456 +0,0 @@ -/* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" -#include - -RCSID("$Id: digest.c 22374 2007-12-28 18:36:52Z lha $"); - -#define MS_CHAP_V2 0x20 -#define CHAP_MD5 0x10 -#define DIGEST_MD5 0x08 -#define NTLM_V2 0x04 -#define NTLM_V1_SESSION 0x02 -#define NTLM_V1 0x01 - -const struct units _kdc_digestunits[] = { - {"ms-chap-v2", 1U << 5}, - {"chap-md5", 1U << 4}, - {"digest-md5", 1U << 3}, - {"ntlm-v2", 1U << 2}, - {"ntlm-v1-session", 1U << 1}, - {"ntlm-v1", 1U << 0}, - {NULL, 0} -}; - - -static krb5_error_code -get_digest_key(krb5_context context, - krb5_kdc_configuration *config, - hdb_entry_ex *server, - krb5_crypto *crypto) -{ - krb5_error_code ret; - krb5_enctype enctype; - Key *key; - - ret = _kdc_get_preferred_key(context, - config, - server, - "digest-service", - &enctype, - &key); - if (ret) - return ret; - return krb5_crypto_init(context, &key->key, 0, crypto); -} - -/* - * - */ - -static char * -get_ntlm_targetname(krb5_context context, - hdb_entry_ex *client) -{ - char *targetname, *p; - - targetname = strdup(krb5_principal_get_realm(context, - client->entry.principal)); - if (targetname == NULL) - return NULL; - - p = strchr(targetname, '.'); - if (p) - *p = '\0'; - - strupr(targetname); - return targetname; -} - -static krb5_error_code -fill_targetinfo(krb5_context context, - char *targetname, - hdb_entry_ex *client, - krb5_data *data) -{ - struct ntlm_targetinfo ti; - krb5_error_code ret; - struct ntlm_buf d; - krb5_principal p; - const char *str; - - memset(&ti, 0, sizeof(ti)); - - ti.domainname = targetname; - p = client->entry.principal; - str = krb5_principal_get_comp_string(context, p, 0); - if (str != NULL && - (strcmp("host", str) == 0 || - strcmp("ftp", str) == 0 || - strcmp("imap", str) == 0 || - strcmp("pop", str) == 0 || - strcmp("smtp", str))) - { - str = krb5_principal_get_comp_string(context, p, 1); - ti.dnsservername = rk_UNCONST(str); - } - - ret = heim_ntlm_encode_targetinfo(&ti, 1, &d); - if (ret) - return ret; - - data->data = d.data; - data->length = d.length; - - return 0; -} - - -static const unsigned char ms_chap_v2_magic1[39] = { - 0x4D, 0x61, 0x67, 0x69, 0x63, 0x20, 0x73, 0x65, 0x72, 0x76, - 0x65, 0x72, 0x20, 0x74, 0x6F, 0x20, 0x63, 0x6C, 0x69, 0x65, - 0x6E, 0x74, 0x20, 0x73, 0x69, 0x67, 0x6E, 0x69, 0x6E, 0x67, - 0x20, 0x63, 0x6F, 0x6E, 0x73, 0x74, 0x61, 0x6E, 0x74 -}; -static const unsigned char ms_chap_v2_magic2[41] = { - 0x50, 0x61, 0x64, 0x20, 0x74, 0x6F, 0x20, 0x6D, 0x61, 0x6B, - 0x65, 0x20, 0x69, 0x74, 0x20, 0x64, 0x6F, 0x20, 0x6D, 0x6F, - 0x72, 0x65, 0x20, 0x74, 0x68, 0x61, 0x6E, 0x20, 0x6F, 0x6E, - 0x65, 0x20, 0x69, 0x74, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6F, - 0x6E -}; -static const unsigned char ms_rfc3079_magic1[27] = { - 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74, - 0x68, 0x65, 0x20, 0x4d, 0x50, 0x50, 0x45, 0x20, 0x4d, - 0x61, 0x73, 0x74, 0x65, 0x72, 0x20, 0x4b, 0x65, 0x79 -}; - -/* - * - */ - -static krb5_error_code -get_password_entry(krb5_context context, - krb5_kdc_configuration *config, - const char *username, - char **password) -{ - krb5_principal clientprincipal; - krb5_error_code ret; - hdb_entry_ex *user; - HDB *db; - - /* get username */ - ret = krb5_parse_name(context, username, &clientprincipal); - if (ret) - return ret; - - ret = _kdc_db_fetch(context, config, clientprincipal, - HDB_F_GET_CLIENT, &db, &user); - krb5_free_principal(context, clientprincipal); - if (ret) - return ret; - - ret = hdb_entry_get_password(context, db, &user->entry, password); - if (ret || password == NULL) { - if (ret == 0) { - ret = EINVAL; - krb5_set_error_string(context, "password missing"); - } - memset(user, 0, sizeof(*user)); - } - _kdc_free_ent (context, user); - return ret; -} - -/* - * - */ - -krb5_error_code -_kdc_do_digest(krb5_context context, - krb5_kdc_configuration *config, - const DigestREQ *req, krb5_data *reply, - const char *from, struct sockaddr *addr) -{ - krb5_error_code ret = 0; - krb5_ticket *ticket = NULL; - krb5_auth_context ac = NULL; - krb5_keytab id = NULL; - krb5_crypto crypto = NULL; - DigestReqInner ireq; - DigestRepInner r; - DigestREP rep; - krb5_flags ap_req_options; - krb5_data buf; - size_t size; - krb5_storage *sp = NULL; - Checksum res; - hdb_entry_ex *server = NULL, *user = NULL; - hdb_entry_ex *client = NULL; - char *client_name = NULL, *password = NULL; - krb5_data serverNonce; - - if(!config->enable_digest) { - kdc_log(context, config, 0, - "Rejected digest request (disabled) from %s", from); - return KRB5KDC_ERR_POLICY; - } - - krb5_data_zero(&buf); - krb5_data_zero(reply); - krb5_data_zero(&serverNonce); - memset(&ireq, 0, sizeof(ireq)); - memset(&r, 0, sizeof(r)); - memset(&rep, 0, sizeof(rep)); - - kdc_log(context, config, 0, "Digest request from %s", from); - - ret = krb5_kt_resolve(context, "HDB:", &id); - if (ret) { - kdc_log(context, config, 0, "Can't open database for digest"); - goto out; - } - - ret = krb5_rd_req(context, - &ac, - &req->apReq, - NULL, - id, - &ap_req_options, - &ticket); - if (ret) - goto out; - - /* check the server principal in the ticket matches digest/R@R */ - { - krb5_principal principal = NULL; - const char *p, *r; - - ret = krb5_ticket_get_server(context, ticket, &principal); - if (ret) - goto out; - - ret = EINVAL; - krb5_set_error_string(context, "Wrong digest server principal used"); - p = krb5_principal_get_comp_string(context, principal, 0); - if (p == NULL) { - krb5_free_principal(context, principal); - goto out; - } - if (strcmp(p, KRB5_DIGEST_NAME) != 0) { - krb5_free_principal(context, principal); - goto out; - } - - p = krb5_principal_get_comp_string(context, principal, 1); - if (p == NULL) { - krb5_free_principal(context, principal); - goto out; - } - r = krb5_principal_get_realm(context, principal); - if (r == NULL) { - krb5_free_principal(context, principal); - goto out; - } - if (strcmp(p, r) != 0) { - krb5_free_principal(context, principal); - goto out; - } - krb5_clear_error_string(context); - - ret = _kdc_db_fetch(context, config, principal, - HDB_F_GET_SERVER, NULL, &server); - if (ret) - goto out; - - krb5_free_principal(context, principal); - } - - /* check the client is allowed to do digest auth */ - { - krb5_principal principal = NULL; - - ret = krb5_ticket_get_client(context, ticket, &principal); - if (ret) - goto out; - - ret = krb5_unparse_name(context, principal, &client_name); - if (ret) { - krb5_free_principal(context, principal); - goto out; - } - - ret = _kdc_db_fetch(context, config, principal, - HDB_F_GET_CLIENT, NULL, &client); - krb5_free_principal(context, principal); - if (ret) - goto out; - - if (client->entry.flags.allow_digest == 0) { - kdc_log(context, config, 0, - "Client %s tried to use digest " - "but is not allowed to", - client_name); - krb5_set_error_string(context, - "Client is not permitted to use digest"); - ret = KRB5KDC_ERR_POLICY; - goto out; - } - } - - /* unpack request */ - { - krb5_keyblock *key; - - ret = krb5_auth_con_getremotesubkey(context, ac, &key); - if (ret) - goto out; - if (key == NULL) { - krb5_set_error_string(context, "digest: remote subkey not found"); - ret = EINVAL; - goto out; - } - - ret = krb5_crypto_init(context, key, 0, &crypto); - krb5_free_keyblock (context, key); - if (ret) - goto out; - } - - ret = krb5_decrypt_EncryptedData(context, crypto, KRB5_KU_DIGEST_ENCRYPT, - &req->innerReq, &buf); - krb5_crypto_destroy(context, crypto); - crypto = NULL; - if (ret) - goto out; - - ret = decode_DigestReqInner(buf.data, buf.length, &ireq, NULL); - krb5_data_free(&buf); - if (ret) { - krb5_set_error_string(context, "Failed to decode digest inner request"); - goto out; - } - - kdc_log(context, config, 0, "Valid digest request from %s (%s)", - client_name, from); - - /* - * Process the inner request - */ - - switch (ireq.element) { - case choice_DigestReqInner_init: { - unsigned char server_nonce[16], identifier; - - RAND_pseudo_bytes(&identifier, sizeof(identifier)); - RAND_pseudo_bytes(server_nonce, sizeof(server_nonce)); - - server_nonce[0] = kdc_time & 0xff; - server_nonce[1] = (kdc_time >> 8) & 0xff; - server_nonce[2] = (kdc_time >> 16) & 0xff; - server_nonce[3] = (kdc_time >> 24) & 0xff; - - r.element = choice_DigestRepInner_initReply; - - hex_encode(server_nonce, sizeof(server_nonce), &r.u.initReply.nonce); - if (r.u.initReply.nonce == NULL) { - krb5_set_error_string(context, "Failed to decode server nonce"); - ret = ENOMEM; - goto out; - } - - sp = krb5_storage_emem(); - if (sp == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "out of memory"); - goto out; - } - ret = krb5_store_stringz(sp, ireq.u.init.type); - if (ret) { - krb5_clear_error_string(context); - goto out; - } - - if (ireq.u.init.channel) { - char *s; - - asprintf(&s, "%s-%s:%s", r.u.initReply.nonce, - ireq.u.init.channel->cb_type, - ireq.u.init.channel->cb_binding); - if (s == NULL) { - krb5_set_error_string(context, "Failed to allocate " - "channel binding"); - ret = ENOMEM; - goto out; - } - free(r.u.initReply.nonce); - r.u.initReply.nonce = s; - } - - ret = krb5_store_stringz(sp, r.u.initReply.nonce); - if (ret) { - krb5_clear_error_string(context); - goto out; - } - - if (strcasecmp(ireq.u.init.type, "CHAP") == 0) { - r.u.initReply.identifier = - malloc(sizeof(*r.u.initReply.identifier)); - if (r.u.initReply.identifier == NULL) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - goto out; - } - - asprintf(r.u.initReply.identifier, "%02X", identifier & 0xff); - if (*r.u.initReply.identifier == NULL) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - goto out; - } - - } else - r.u.initReply.identifier = NULL; - - if (ireq.u.init.hostname) { - ret = krb5_store_stringz(sp, *ireq.u.init.hostname); - if (ret) { - krb5_clear_error_string(context); - goto out; - } - } - - ret = krb5_storage_to_data(sp, &buf); - if (ret) { - krb5_clear_error_string(context); - goto out; - } - - ret = get_digest_key(context, config, server, &crypto); - if (ret) - goto out; - - ret = krb5_create_checksum(context, - crypto, - KRB5_KU_DIGEST_OPAQUE, - 0, - buf.data, - buf.length, - &res); - krb5_crypto_destroy(context, crypto); - crypto = NULL; - krb5_data_free(&buf); - if (ret) - goto out; - - ASN1_MALLOC_ENCODE(Checksum, buf.data, buf.length, &res, &size, ret); - free_Checksum(&res); - if (ret) { - krb5_set_error_string(context, "Failed to encode " - "checksum in digest request"); - goto out; - } - if (size != buf.length) - krb5_abortx(context, "ASN1 internal error"); - - hex_encode(buf.data, buf.length, &r.u.initReply.opaque); - free(buf.data); - if (r.u.initReply.opaque == NULL) { - krb5_clear_error_string(context); - ret = ENOMEM; - goto out; - } - - kdc_log(context, config, 0, "Digest %s init request successful from %s", - ireq.u.init.type, from); - - break; - } - case choice_DigestReqInner_digestRequest: { - sp = krb5_storage_emem(); - if (sp == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "out of memory"); - goto out; - } - ret = krb5_store_stringz(sp, ireq.u.digestRequest.type); - if (ret) { - krb5_clear_error_string(context); - goto out; - } - - krb5_store_stringz(sp, ireq.u.digestRequest.serverNonce); - - if (ireq.u.digestRequest.hostname) { - ret = krb5_store_stringz(sp, *ireq.u.digestRequest.hostname); - if (ret) { - krb5_clear_error_string(context); - goto out; - } - } - - buf.length = strlen(ireq.u.digestRequest.opaque); - buf.data = malloc(buf.length); - if (buf.data == NULL) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - goto out; - } - - ret = hex_decode(ireq.u.digestRequest.opaque, buf.data, buf.length); - if (ret <= 0) { - krb5_set_error_string(context, "Failed to decode opaque"); - ret = ENOMEM; - goto out; - } - buf.length = ret; - - ret = decode_Checksum(buf.data, buf.length, &res, NULL); - free(buf.data); - if (ret) { - krb5_set_error_string(context, "Failed to decode digest Checksum"); - goto out; - } - - ret = krb5_storage_to_data(sp, &buf); - if (ret) { - krb5_clear_error_string(context); - goto out; - } - - serverNonce.length = strlen(ireq.u.digestRequest.serverNonce); - serverNonce.data = malloc(serverNonce.length); - if (serverNonce.data == NULL) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - goto out; - } - - /* - * CHAP does the checksum of the raw nonce, but do it for all - * types, since we need to check the timestamp. - */ - { - ssize_t ssize; - - ssize = hex_decode(ireq.u.digestRequest.serverNonce, - serverNonce.data, serverNonce.length); - if (ssize <= 0) { - krb5_set_error_string(context, "Failed to decode serverNonce"); - ret = ENOMEM; - goto out; - } - serverNonce.length = ssize; - } - - ret = get_digest_key(context, config, server, &crypto); - if (ret) - goto out; - - ret = krb5_verify_checksum(context, crypto, - KRB5_KU_DIGEST_OPAQUE, - buf.data, buf.length, &res); - krb5_crypto_destroy(context, crypto); - crypto = NULL; - if (ret) - goto out; - - /* verify time */ - { - unsigned char *p = serverNonce.data; - uint32_t t; - - if (serverNonce.length < 4) { - krb5_set_error_string(context, "server nonce too short"); - ret = EINVAL; - goto out; - } - t = p[0] | (p[1] << 8) | (p[2] << 16) | (p[3] << 24); - - if (abs((kdc_time & 0xffffffff) - t) > context->max_skew) { - krb5_set_error_string(context, "time screw in server nonce "); - ret = EINVAL; - goto out; - } - } - - if (strcasecmp(ireq.u.digestRequest.type, "CHAP") == 0) { - MD5_CTX ctx; - unsigned char md[MD5_DIGEST_LENGTH]; - char *mdx; - char id; - - if ((config->digests_allowed & CHAP_MD5) == 0) { - kdc_log(context, config, 0, "Digest CHAP MD5 not allowed"); - goto out; - } - - if (ireq.u.digestRequest.identifier == NULL) { - krb5_set_error_string(context, "Identifier missing " - "from CHAP request"); - ret = EINVAL; - goto out; - } - - if (hex_decode(*ireq.u.digestRequest.identifier, &id, 1) != 1) { - krb5_set_error_string(context, "failed to decode identifier"); - ret = EINVAL; - goto out; - } - - ret = get_password_entry(context, config, - ireq.u.digestRequest.username, - &password); - if (ret) - goto out; - - MD5_Init(&ctx); - MD5_Update(&ctx, &id, 1); - MD5_Update(&ctx, password, strlen(password)); - MD5_Update(&ctx, serverNonce.data, serverNonce.length); - MD5_Final(md, &ctx); - - hex_encode(md, sizeof(md), &mdx); - if (mdx == NULL) { - krb5_clear_error_string(context); - ret = ENOMEM; - goto out; - } - - r.element = choice_DigestRepInner_response; - - ret = strcasecmp(mdx, ireq.u.digestRequest.responseData); - free(mdx); - if (ret == 0) { - r.u.response.success = TRUE; - } else { - kdc_log(context, config, 0, - "CHAP reply mismatch for %s", - ireq.u.digestRequest.username); - r.u.response.success = FALSE; - } - - } else if (strcasecmp(ireq.u.digestRequest.type, "SASL-DIGEST-MD5") == 0) { - MD5_CTX ctx; - unsigned char md[MD5_DIGEST_LENGTH]; - char *mdx; - char *A1, *A2; - - if ((config->digests_allowed & DIGEST_MD5) == 0) { - kdc_log(context, config, 0, "Digest SASL MD5 not allowed"); - goto out; - } - - if (ireq.u.digestRequest.nonceCount == NULL) - goto out; - if (ireq.u.digestRequest.clientNonce == NULL) - goto out; - if (ireq.u.digestRequest.qop == NULL) - goto out; - if (ireq.u.digestRequest.realm == NULL) - goto out; - - ret = get_password_entry(context, config, - ireq.u.digestRequest.username, - &password); - if (ret) - goto failed; - - MD5_Init(&ctx); - MD5_Update(&ctx, ireq.u.digestRequest.username, - strlen(ireq.u.digestRequest.username)); - MD5_Update(&ctx, ":", 1); - MD5_Update(&ctx, *ireq.u.digestRequest.realm, - strlen(*ireq.u.digestRequest.realm)); - MD5_Update(&ctx, ":", 1); - MD5_Update(&ctx, password, strlen(password)); - MD5_Final(md, &ctx); - - MD5_Init(&ctx); - MD5_Update(&ctx, md, sizeof(md)); - MD5_Update(&ctx, ":", 1); - MD5_Update(&ctx, ireq.u.digestRequest.serverNonce, - strlen(ireq.u.digestRequest.serverNonce)); - MD5_Update(&ctx, ":", 1); - MD5_Update(&ctx, *ireq.u.digestRequest.nonceCount, - strlen(*ireq.u.digestRequest.nonceCount)); - if (ireq.u.digestRequest.authid) { - MD5_Update(&ctx, ":", 1); - MD5_Update(&ctx, *ireq.u.digestRequest.authid, - strlen(*ireq.u.digestRequest.authid)); - } - MD5_Final(md, &ctx); - hex_encode(md, sizeof(md), &A1); - if (A1 == NULL) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - goto failed; - } - - MD5_Init(&ctx); - MD5_Update(&ctx, "AUTHENTICATE:", sizeof("AUTHENTICATE:") - 1); - MD5_Update(&ctx, *ireq.u.digestRequest.uri, - strlen(*ireq.u.digestRequest.uri)); - - /* conf|int */ - if (strcmp(ireq.u.digestRequest.digest, "clear") != 0) { - static char conf_zeros[] = ":00000000000000000000000000000000"; - MD5_Update(&ctx, conf_zeros, sizeof(conf_zeros) - 1); - } - - MD5_Final(md, &ctx); - hex_encode(md, sizeof(md), &A2); - if (A2 == NULL) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - free(A1); - goto failed; - } - - MD5_Init(&ctx); - MD5_Update(&ctx, A1, strlen(A2)); - MD5_Update(&ctx, ":", 1); - MD5_Update(&ctx, ireq.u.digestRequest.serverNonce, - strlen(ireq.u.digestRequest.serverNonce)); - MD5_Update(&ctx, ":", 1); - MD5_Update(&ctx, *ireq.u.digestRequest.nonceCount, - strlen(*ireq.u.digestRequest.nonceCount)); - MD5_Update(&ctx, ":", 1); - MD5_Update(&ctx, *ireq.u.digestRequest.clientNonce, - strlen(*ireq.u.digestRequest.clientNonce)); - MD5_Update(&ctx, ":", 1); - MD5_Update(&ctx, *ireq.u.digestRequest.qop, - strlen(*ireq.u.digestRequest.qop)); - MD5_Update(&ctx, ":", 1); - MD5_Update(&ctx, A2, strlen(A2)); - - MD5_Final(md, &ctx); - - free(A1); - free(A2); - - hex_encode(md, sizeof(md), &mdx); - if (mdx == NULL) { - krb5_clear_error_string(context); - ret = ENOMEM; - goto out; - } - - r.element = choice_DigestRepInner_response; - ret = strcasecmp(mdx, ireq.u.digestRequest.responseData); - free(mdx); - if (ret == 0) { - r.u.response.success = TRUE; - } else { - kdc_log(context, config, 0, - "DIGEST-MD5 reply mismatch for %s", - ireq.u.digestRequest.username); - r.u.response.success = FALSE; - } - - } else if (strcasecmp(ireq.u.digestRequest.type, "MS-CHAP-V2") == 0) { - unsigned char md[SHA_DIGEST_LENGTH], challange[SHA_DIGEST_LENGTH]; - krb5_principal clientprincipal = NULL; - char *mdx; - const char *username; - struct ntlm_buf answer; - Key *key = NULL; - SHA_CTX ctx; - - if ((config->digests_allowed & MS_CHAP_V2) == 0) { - kdc_log(context, config, 0, "MS-CHAP-V2 not allowed"); - goto failed; - } - - if (ireq.u.digestRequest.clientNonce == NULL) { - krb5_set_error_string(context, - "MS-CHAP-V2 clientNonce missing"); - ret = EINVAL; - goto failed; - } - if (serverNonce.length != 16) { - krb5_set_error_string(context, - "MS-CHAP-V2 serverNonce wrong length"); - ret = EINVAL; - goto failed; - } - - /* strip of the domain component */ - username = strchr(ireq.u.digestRequest.username, '\\'); - if (username == NULL) - username = ireq.u.digestRequest.username; - else - username++; - - /* ChallangeHash */ - SHA1_Init(&ctx); - { - ssize_t ssize; - krb5_data clientNonce; - - clientNonce.length = strlen(*ireq.u.digestRequest.clientNonce); - clientNonce.data = malloc(clientNonce.length); - if (clientNonce.data == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "out of memory"); - goto out; - } - - ssize = hex_decode(*ireq.u.digestRequest.clientNonce, - clientNonce.data, clientNonce.length); - if (ssize != 16) { - krb5_set_error_string(context, - "Failed to decode clientNonce"); - ret = ENOMEM; - goto out; - } - SHA1_Update(&ctx, clientNonce.data, ssize); - free(clientNonce.data); - } - SHA1_Update(&ctx, serverNonce.data, serverNonce.length); - SHA1_Update(&ctx, username, strlen(username)); - SHA1_Final(challange, &ctx); - - /* NtPasswordHash */ - ret = krb5_parse_name(context, username, &clientprincipal); - if (ret) - goto failed; - - ret = _kdc_db_fetch(context, config, clientprincipal, - HDB_F_GET_CLIENT, NULL, &user); - krb5_free_principal(context, clientprincipal); - if (ret) { - krb5_set_error_string(context, - "MS-CHAP-V2 user %s not in database", - username); - goto failed; - } - - ret = hdb_enctype2key(context, &user->entry, - ETYPE_ARCFOUR_HMAC_MD5, &key); - if (ret) { - krb5_set_error_string(context, - "MS-CHAP-V2 missing arcfour key %s", - username); - goto failed; - } - - /* ChallengeResponse */ - ret = heim_ntlm_calculate_ntlm1(key->key.keyvalue.data, - key->key.keyvalue.length, - challange, &answer); - if (ret) { - krb5_set_error_string(context, "NTLM missing arcfour key"); - goto failed; - } - - hex_encode(answer.data, answer.length, &mdx); - if (mdx == NULL) { - free(answer.data); - krb5_clear_error_string(context); - ret = ENOMEM; - goto out; - } - - r.element = choice_DigestRepInner_response; - ret = strcasecmp(mdx, ireq.u.digestRequest.responseData); - if (ret == 0) { - r.u.response.success = TRUE; - } else { - kdc_log(context, config, 0, - "MS-CHAP-V2 hash mismatch for %s", - ireq.u.digestRequest.username); - r.u.response.success = FALSE; - } - free(mdx); - - if (r.u.response.success) { - unsigned char hashhash[MD4_DIGEST_LENGTH]; - - /* hashhash */ - { - MD4_CTX hctx; - - MD4_Init(&hctx); - MD4_Update(&hctx, key->key.keyvalue.data, - key->key.keyvalue.length); - MD4_Final(hashhash, &hctx); - } - - /* GenerateAuthenticatorResponse */ - SHA1_Init(&ctx); - SHA1_Update(&ctx, hashhash, sizeof(hashhash)); - SHA1_Update(&ctx, answer.data, answer.length); - SHA1_Update(&ctx, ms_chap_v2_magic1,sizeof(ms_chap_v2_magic1)); - SHA1_Final(md, &ctx); - - SHA1_Init(&ctx); - SHA1_Update(&ctx, md, sizeof(md)); - SHA1_Update(&ctx, challange, 8); - SHA1_Update(&ctx, ms_chap_v2_magic2, sizeof(ms_chap_v2_magic2)); - SHA1_Final(md, &ctx); - - r.u.response.rsp = calloc(1, sizeof(*r.u.response.rsp)); - if (r.u.response.rsp == NULL) { - free(answer.data); - krb5_clear_error_string(context); - ret = ENOMEM; - goto out; - } - - hex_encode(md, sizeof(md), r.u.response.rsp); - if (r.u.response.rsp == NULL) { - free(answer.data); - krb5_clear_error_string(context); - ret = ENOMEM; - goto out; - } - - /* get_master, rfc 3079 3.4 */ - SHA1_Init(&ctx); - SHA1_Update(&ctx, hashhash, 16); /* md4(hash) */ - SHA1_Update(&ctx, answer.data, answer.length); - SHA1_Update(&ctx, ms_rfc3079_magic1, sizeof(ms_rfc3079_magic1)); - SHA1_Final(md, &ctx); - - free(answer.data); - - r.u.response.session_key = - calloc(1, sizeof(*r.u.response.session_key)); - if (r.u.response.session_key == NULL) { - krb5_clear_error_string(context); - ret = ENOMEM; - goto out; - } - - ret = krb5_data_copy(r.u.response.session_key, md, 16); - if (ret) { - krb5_clear_error_string(context); - goto out; - } - } - - } else { - r.element = choice_DigestRepInner_error; - asprintf(&r.u.error.reason, "Unsupported digest type %s", - ireq.u.digestRequest.type); - if (r.u.error.reason == NULL) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - goto out; - } - r.u.error.code = EINVAL; - } - - kdc_log(context, config, 0, "Digest %s request successful %s", - ireq.u.digestRequest.type, ireq.u.digestRequest.username); - - break; - } - case choice_DigestReqInner_ntlmInit: - - if ((config->digests_allowed & (NTLM_V1|NTLM_V1_SESSION|NTLM_V2)) == 0) { - kdc_log(context, config, 0, "NTLM not allowed"); - goto failed; - } - - r.element = choice_DigestRepInner_ntlmInitReply; - - r.u.ntlmInitReply.flags = NTLM_NEG_UNICODE; - - if ((ireq.u.ntlmInit.flags & NTLM_NEG_UNICODE) == 0) { - kdc_log(context, config, 0, "NTLM client have no unicode"); - goto failed; - } - - if (ireq.u.ntlmInit.flags & NTLM_NEG_NTLM) - r.u.ntlmInitReply.flags |= NTLM_NEG_NTLM; - else { - kdc_log(context, config, 0, "NTLM client doesn't support NTLM"); - goto failed; - } - - r.u.ntlmInitReply.flags |= - NTLM_NEG_TARGET | - NTLM_TARGET_DOMAIN | - NTLM_ENC_128; - -#define ALL \ - NTLM_NEG_SIGN| \ - NTLM_NEG_SEAL| \ - NTLM_NEG_ALWAYS_SIGN| \ - NTLM_NEG_NTLM2_SESSION| \ - NTLM_NEG_KEYEX - - r.u.ntlmInitReply.flags |= (ireq.u.ntlmInit.flags & (ALL)); - -#undef ALL - - r.u.ntlmInitReply.targetname = - get_ntlm_targetname(context, client); - if (r.u.ntlmInitReply.targetname == NULL) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - goto out; - } - r.u.ntlmInitReply.challange.data = malloc(8); - if (r.u.ntlmInitReply.challange.data == NULL) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - goto out; - } - r.u.ntlmInitReply.challange.length = 8; - if (RAND_bytes(r.u.ntlmInitReply.challange.data, - r.u.ntlmInitReply.challange.length) != 1) - { - krb5_set_error_string(context, "out of random error"); - ret = ENOMEM; - goto out; - } - /* XXX fix targetinfo */ - ALLOC(r.u.ntlmInitReply.targetinfo); - if (r.u.ntlmInitReply.targetinfo == NULL) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - goto out; - } - - ret = fill_targetinfo(context, - r.u.ntlmInitReply.targetname, - client, - r.u.ntlmInitReply.targetinfo); - if (ret) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - goto out; - } - - /* - * Save data encryted in opaque for the second part of the - * ntlm authentication - */ - sp = krb5_storage_emem(); - if (sp == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "out of memory"); - goto out; - } - - ret = krb5_storage_write(sp, r.u.ntlmInitReply.challange.data, 8); - if (ret != 8) { - ret = ENOMEM; - krb5_set_error_string(context, "storage write challange"); - goto out; - } - ret = krb5_store_uint32(sp, r.u.ntlmInitReply.flags); - if (ret) { - krb5_clear_error_string(context); - goto out; - } - - ret = krb5_storage_to_data(sp, &buf); - if (ret) { - krb5_clear_error_string(context); - goto out; - } - - ret = get_digest_key(context, config, server, &crypto); - if (ret) - goto out; - - ret = krb5_encrypt(context, crypto, KRB5_KU_DIGEST_OPAQUE, - buf.data, buf.length, &r.u.ntlmInitReply.opaque); - krb5_data_free(&buf); - krb5_crypto_destroy(context, crypto); - crypto = NULL; - if (ret) - goto out; - - kdc_log(context, config, 0, "NTLM init from %s", from); - - break; - - case choice_DigestReqInner_ntlmRequest: { - krb5_principal clientprincipal; - unsigned char sessionkey[16]; - unsigned char challange[8]; - uint32_t flags; - Key *key = NULL; - int version; - - r.element = choice_DigestRepInner_ntlmResponse; - r.u.ntlmResponse.success = 0; - r.u.ntlmResponse.flags = 0; - r.u.ntlmResponse.sessionkey = NULL; - r.u.ntlmResponse.tickets = NULL; - - /* get username */ - ret = krb5_parse_name(context, - ireq.u.ntlmRequest.username, - &clientprincipal); - if (ret) - goto failed; - - ret = _kdc_db_fetch(context, config, clientprincipal, - HDB_F_GET_CLIENT, NULL, &user); - krb5_free_principal(context, clientprincipal); - if (ret) { - krb5_set_error_string(context, "NTLM user %s not in database", - ireq.u.ntlmRequest.username); - goto failed; - } - - ret = get_digest_key(context, config, server, &crypto); - if (ret) - goto failed; - - ret = krb5_decrypt(context, crypto, KRB5_KU_DIGEST_OPAQUE, - ireq.u.ntlmRequest.opaque.data, - ireq.u.ntlmRequest.opaque.length, &buf); - krb5_crypto_destroy(context, crypto); - crypto = NULL; - if (ret) { - kdc_log(context, config, 0, - "Failed to decrypt nonce from %s", from); - goto failed; - } - - sp = krb5_storage_from_data(&buf); - if (sp == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "out of memory"); - goto out; - } - - ret = krb5_storage_read(sp, challange, sizeof(challange)); - if (ret != sizeof(challange)) { - krb5_set_error_string(context, "NTLM storage read challange"); - ret = ENOMEM; - goto out; - } - ret = krb5_ret_uint32(sp, &flags); - if (ret) { - krb5_set_error_string(context, "NTLM storage read flags"); - goto out; - } - krb5_data_free(&buf); - - if ((flags & NTLM_NEG_NTLM) == 0) { - ret = EINVAL; - krb5_set_error_string(context, "NTLM not negotiated"); - goto out; - } - - ret = hdb_enctype2key(context, &user->entry, - ETYPE_ARCFOUR_HMAC_MD5, &key); - if (ret) { - krb5_set_error_string(context, "NTLM missing arcfour key"); - goto out; - } - - /* check if this is NTLMv2 */ - if (ireq.u.ntlmRequest.ntlm.length != 24) { - struct ntlm_buf infotarget, answer; - char *targetname; - - if ((config->digests_allowed & NTLM_V2) == 0) { - kdc_log(context, config, 0, "NTLM v2 not allowed"); - goto out; - } - - version = 2; - - targetname = get_ntlm_targetname(context, client); - if (targetname == NULL) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - goto out; - } - - answer.length = ireq.u.ntlmRequest.ntlm.length; - answer.data = ireq.u.ntlmRequest.ntlm.data; - - ret = heim_ntlm_verify_ntlm2(key->key.keyvalue.data, - key->key.keyvalue.length, - ireq.u.ntlmRequest.username, - targetname, - 0, - challange, - &answer, - &infotarget, - sessionkey); - free(targetname); - if (ret) { - krb5_set_error_string(context, "NTLM v2 verify failed"); - goto failed; - } - - /* XXX verify infotarget matches client (checksum ?) */ - - free(infotarget.data); - /* */ - - } else { - struct ntlm_buf answer; - - version = 1; - - if (flags & NTLM_NEG_NTLM2_SESSION) { - unsigned char sessionhash[MD5_DIGEST_LENGTH]; - MD5_CTX md5ctx; - - if ((config->digests_allowed & NTLM_V1_SESSION) == 0) { - kdc_log(context, config, 0, "NTLM v1-session not allowed"); - ret = EINVAL; - goto failed; - } - - if (ireq.u.ntlmRequest.lm.length != 24) { - krb5_set_error_string(context, "LM hash have wrong length " - "for NTLM session key"); - ret = EINVAL; - goto failed; - } - - MD5_Init(&md5ctx); - MD5_Update(&md5ctx, challange, sizeof(challange)); - MD5_Update(&md5ctx, ireq.u.ntlmRequest.lm.data, 8); - MD5_Final(sessionhash, &md5ctx); - memcpy(challange, sessionhash, sizeof(challange)); - } else { - if ((config->digests_allowed & NTLM_V1) == 0) { - kdc_log(context, config, 0, "NTLM v1 not allowed"); - goto failed; - } - } - - ret = heim_ntlm_calculate_ntlm1(key->key.keyvalue.data, - key->key.keyvalue.length, - challange, &answer); - if (ret) { - krb5_set_error_string(context, "NTLM missing arcfour key"); - goto failed; - } - - if (ireq.u.ntlmRequest.ntlm.length != answer.length || - memcmp(ireq.u.ntlmRequest.ntlm.data, answer.data, answer.length) != 0) - { - free(answer.data); - ret = EINVAL; - krb5_set_error_string(context, "NTLM hash mismatch"); - goto failed; - } - free(answer.data); - - { - MD4_CTX ctx; - - MD4_Init(&ctx); - MD4_Update(&ctx, - key->key.keyvalue.data, key->key.keyvalue.length); - MD4_Final(sessionkey, &ctx); - } - } - - if (ireq.u.ntlmRequest.sessionkey) { - unsigned char masterkey[MD4_DIGEST_LENGTH]; - RC4_KEY rc4; - size_t len; - - if ((flags & NTLM_NEG_KEYEX) == 0) { - krb5_set_error_string(context, - "NTLM client failed to neg key " - "exchange but still sent key"); - ret = EINVAL; - goto failed; - } - - len = ireq.u.ntlmRequest.sessionkey->length; - if (len != sizeof(masterkey)){ - krb5_set_error_string(context, - "NTLM master key wrong length: %lu", - (unsigned long)len); - goto failed; - } - - RC4_set_key(&rc4, sizeof(sessionkey), sessionkey); - - RC4(&rc4, sizeof(masterkey), - ireq.u.ntlmRequest.sessionkey->data, - masterkey); - memset(&rc4, 0, sizeof(rc4)); - - r.u.ntlmResponse.sessionkey = - malloc(sizeof(*r.u.ntlmResponse.sessionkey)); - if (r.u.ntlmResponse.sessionkey == NULL) { - krb5_set_error_string(context, "out of memory"); - goto out; - } - - ret = krb5_data_copy(r.u.ntlmResponse.sessionkey, - masterkey, sizeof(masterkey)); - if (ret) { - krb5_set_error_string(context, "out of memory"); - goto out; - } - } - - r.u.ntlmResponse.success = 1; - kdc_log(context, config, 0, "NTLM version %d successful for %s", - version, ireq.u.ntlmRequest.username); - break; - } - case choice_DigestReqInner_supportedMechs: - - kdc_log(context, config, 0, "digest supportedMechs from %s", from); - - r.element = choice_DigestRepInner_supportedMechs; - memset(&r.u.supportedMechs, 0, sizeof(r.u.supportedMechs)); - - if (config->digests_allowed & NTLM_V1) - r.u.supportedMechs.ntlm_v1 = 1; - if (config->digests_allowed & NTLM_V1_SESSION) - r.u.supportedMechs.ntlm_v1_session = 1; - if (config->digests_allowed & NTLM_V2) - r.u.supportedMechs.ntlm_v2 = 1; - if (config->digests_allowed & DIGEST_MD5) - r.u.supportedMechs.digest_md5 = 1; - if (config->digests_allowed & CHAP_MD5) - r.u.supportedMechs.chap_md5 = 1; - if (config->digests_allowed & MS_CHAP_V2) - r.u.supportedMechs.ms_chap_v2 = 1; - break; - - default: { - char *s; - krb5_set_error_string(context, "unknown operation to digest"); - ret = EINVAL; - - failed: - - s = krb5_get_error_message(context, ret); - if (s == NULL) { - krb5_clear_error_string(context); - goto out; - } - - kdc_log(context, config, 0, "Digest failed with: %s", s); - - r.element = choice_DigestRepInner_error; - r.u.error.reason = strdup("unknown error"); - krb5_free_error_string(context, s); - if (r.u.error.reason == NULL) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - goto out; - } - r.u.error.code = EINVAL; - break; - } - } - - ASN1_MALLOC_ENCODE(DigestRepInner, buf.data, buf.length, &r, &size, ret); - if (ret) { - krb5_set_error_string(context, "Failed to encode inner digest reply"); - goto out; - } - if (size != buf.length) - krb5_abortx(context, "ASN1 internal error"); - - krb5_auth_con_addflags(context, ac, KRB5_AUTH_CONTEXT_USE_SUBKEY, NULL); - - ret = krb5_mk_rep (context, ac, &rep.apRep); - if (ret) - goto out; - - { - krb5_keyblock *key; - - ret = krb5_auth_con_getlocalsubkey(context, ac, &key); - if (ret) - goto out; - - ret = krb5_crypto_init(context, key, 0, &crypto); - krb5_free_keyblock (context, key); - if (ret) - goto out; - } - - ret = krb5_encrypt_EncryptedData(context, crypto, KRB5_KU_DIGEST_ENCRYPT, - buf.data, buf.length, 0, - &rep.innerRep); - - ASN1_MALLOC_ENCODE(DigestREP, reply->data, reply->length, &rep, &size, ret); - if (ret) { - krb5_set_error_string(context, "Failed to encode digest reply"); - goto out; - } - if (size != reply->length) - krb5_abortx(context, "ASN1 internal error"); - - -out: - if (ac) - krb5_auth_con_free(context, ac); - if (ret) - krb5_warn(context, ret, "Digest request from %s failed", from); - if (ticket) - krb5_free_ticket(context, ticket); - if (id) - krb5_kt_close(context, id); - if (crypto) - krb5_crypto_destroy(context, crypto); - if (sp) - krb5_storage_free(sp); - if (user) - _kdc_free_ent (context, user); - if (server) - _kdc_free_ent (context, server); - if (client) - _kdc_free_ent (context, client); - if (password) { - memset(password, 0, strlen(password)); - free (password); - } - if (client_name) - free (client_name); - krb5_data_free(&buf); - krb5_data_free(&serverNonce); - free_DigestREP(&rep); - free_DigestRepInner(&r); - free_DigestReqInner(&ireq); - - return ret; -} diff --git a/crypto/heimdal/kdc/headers.h b/crypto/heimdal/kdc/headers.h deleted file mode 100644 index 64f6b6e438cb..000000000000 --- a/crypto/heimdal/kdc/headers.h +++ /dev/null @@ -1,109 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * $Id: headers.h 19658 2007-01-04 00:15:34Z lha $ - */ - -#ifndef __HEADERS_H__ -#define __HEADERS_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include -#include -#include -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_SYS_SELECT_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_SYS_WAIT_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_UTIL_H -#include -#endif -#ifdef HAVE_LIBUTIL_H -#include -#endif -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include - -#undef ALLOC -#define ALLOC(X) ((X) = malloc(sizeof(*(X)))) -#undef ALLOC_SEQ -#define ALLOC_SEQ(X, N) do { (X)->len = (N); \ -(X)->val = calloc((X)->len, sizeof(*(X)->val)); } while(0) - -#endif /* __HEADERS_H__ */ diff --git a/crypto/heimdal/kdc/hprop.8 b/crypto/heimdal/kdc/hprop.8 deleted file mode 100644 index 99fc9784bd91..000000000000 --- a/crypto/heimdal/kdc/hprop.8 +++ /dev/null @@ -1,190 +0,0 @@ -.\" Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: hprop.8 20456 2007-04-19 20:29:42Z lha $ -.\" -.Dd December 8, 2004 -.Dt HPROP 8 -.Os HEIMDAL -.Sh NAME -.Nm hprop -.Nd propagate the KDC database -.Sh SYNOPSIS -.Nm -.Bk -words -.Oo Fl m Ar file \*(Ba Xo -.Fl -master-key= Ns Pa file -.Xc -.Oc -.Oo Fl d Ar file \*(Ba Xo -.Fl -database= Ns Pa file -.Xc -.Oc -.Op Fl -source= Ns Ar heimdal|mit-dump|krb4-dump|kaserver -.Oo Fl r Ar string \*(Ba Xo -.Fl -v4-realm= Ns Ar string -.Xc -.Oc -.Oo Fl c Ar cell \*(Ba Xo -.Fl -cell= Ns Ar cell -.Xc -.Oc -.Op Fl S | Fl -kaspecials -.Oo Fl k Ar keytab \*(Ba Xo -.Fl -keytab= Ns Ar keytab -.Xc -.Oc -.Oo Fl R Ar string \*(Ba Xo -.Fl -v5-realm= Ns Ar string -.Xc -.Oc -.Op Fl D | Fl -decrypt -.Op Fl E | Fl -encrypt -.Op Fl n | Fl -stdout -.Op Fl v | Fl -verbose -.Op Fl -version -.Op Fl h | Fl -help -.Op Ar host Ns Op : Ns Ar port -.Ar ... -.Ek -.Sh DESCRIPTION -.Nm -takes a principal database in a specified format and converts it into -a stream of Heimdal database records. This stream can either be -written to standard out, or (more commonly) be propagated to a -.Xr hpropd 8 -server running on a different machine. -.Pp -If propagating, it connects to all -.Ar hosts -specified on the command by opening a TCP connection to port 754 -(service hprop) and sends the database in encrypted form. -.Pp -Supported options: -.Bl -tag -width Ds -.It Xo -.Fl m Ar file , -.Fl -master-key= Ns Pa file -.Xc -Where to find the master key to encrypt or decrypt keys with. -.It Xo -.Fl d Ar file , -.Fl -database= Ns Pa file -.Xc -The database to be propagated. -.It Xo -.Fl -source= Ns Ar heimdal|mit-dump|krb4-dump|kaserver -.Xc -Specifies the type of the source database. Alternatives include: -.Pp -.Bl -tag -width krb4-dump -compact -offset indent -.It heimdal -a Heimdal database -.It mit-dump -a MIT Kerberos 5 dump file -.It krb4-dump -a Kerberos 4 dump file -.It kaserver -an AFS kaserver database -.El -.It Xo -.Fl k Ar keytab , -.Fl -keytab= Ns Ar keytab -.Xc -The keytab to use for fetching the key to be used for authenticating -to the propagation daemon(s). The key -.Pa kadmin/hprop -is used from this keytab. The default is to fetch the key from the -KDC database. -.It Xo -.Fl R Ar string , -.Fl -v5-realm= Ns Ar string -.Xc -Local realm override. -.It Xo -.Fl D , -.Fl -decrypt -.Xc -The encryption keys in the database can either be in clear, or -encrypted with a master key. This option transmits the database with -unencrypted keys. -.It Xo -.Fl E , -.Fl -encrypt -.Xc -This option transmits the database with encrypted keys. -.It Xo -.Fl n , -.Fl -stdout -.Xc -Dump the database on stdout, in a format that can be fed to hpropd. -.El -.Pp -The following options are only valid if -.Nm hprop -is compiled with support for Kerberos 4 (kaserver). -.Bl -tag -width Ds -.It Xo -.Fl r Ar string , -.Fl -v4-realm= Ns Ar string -.Xc -v4 realm to use. -.It Xo -.Fl c Ar cell , -.Fl -cell= Ns Ar cell -.Xc -The AFS cell name, used if reading a kaserver database. -.It Xo -.Fl S , -.Fl -kaspecials -.Xc -Also dump the principals marked as special in the kaserver database. -.It Xo -.Fl K , -.Fl -ka-db -.Xc -Deprecated, identical to -.Sq --source=kaserver . -.El -.Sh EXAMPLES -The following will propagate a database to another machine (which -should run -.Xr hpropd 8 ): -.Bd -literal -offset indent -$ hprop slave-1 slave-2 -.Ed -.Pp -Convert a Kerberos 4 dump-file for use with a Heimdal KDC: -.Bd -literal -offset indent -$ hprop -n --source=krb4-dump -d /var/kerberos/principal.dump --master-key=/.k | hpropd -n -.Ed -.Sh SEE ALSO -.Xr hpropd 8 diff --git a/crypto/heimdal/kdc/hprop.c b/crypto/heimdal/kdc/hprop.c deleted file mode 100644 index e5b7fd11fb40..000000000000 --- a/crypto/heimdal/kdc/hprop.c +++ /dev/null @@ -1,807 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hprop.h" - -RCSID("$Id: hprop.c 21745 2007-07-31 16:11:25Z lha $"); - -static int version_flag; -static int help_flag; -static const char *ktname = HPROP_KEYTAB; -static const char *database; -static char *mkeyfile; -static int to_stdout; -static int verbose_flag; -static int encrypt_flag; -static int decrypt_flag; -static hdb_master_key mkey5; - -static char *source_type; - -static char *afs_cell; -static char *v4_realm; - -static int kaspecials_flag; -static int ka_use_null_salt; - -static char *local_realm=NULL; - -static int -open_socket(krb5_context context, const char *hostname, const char *port) -{ - struct addrinfo *ai, *a; - struct addrinfo hints; - int error; - - memset (&hints, 0, sizeof(hints)); - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = IPPROTO_TCP; - - error = getaddrinfo (hostname, port, &hints, &ai); - if (error) { - warnx ("%s: %s", hostname, gai_strerror(error)); - return -1; - } - - for (a = ai; a != NULL; a = a->ai_next) { - int s; - - s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (s < 0) - continue; - if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { - warn ("connect(%s)", hostname); - close (s); - continue; - } - freeaddrinfo (ai); - return s; - } - warnx ("failed to contact %s", hostname); - freeaddrinfo (ai); - return -1; -} - -krb5_error_code -v5_prop(krb5_context context, HDB *db, hdb_entry_ex *entry, void *appdata) -{ - krb5_error_code ret; - struct prop_data *pd = appdata; - krb5_data data; - - if(encrypt_flag) { - ret = hdb_seal_keys_mkey(context, &entry->entry, mkey5); - if (ret) { - krb5_warn(context, ret, "hdb_seal_keys_mkey"); - return ret; - } - } - if(decrypt_flag) { - ret = hdb_unseal_keys_mkey(context, &entry->entry, mkey5); - if (ret) { - krb5_warn(context, ret, "hdb_unseal_keys_mkey"); - return ret; - } - } - - ret = hdb_entry2value(context, &entry->entry, &data); - if(ret) { - krb5_warn(context, ret, "hdb_entry2value"); - return ret; - } - - if(to_stdout) - ret = krb5_write_message(context, &pd->sock, &data); - else - ret = krb5_write_priv_message(context, pd->auth_context, - &pd->sock, &data); - krb5_data_free(&data); - return ret; -} - -int -v4_prop(void *arg, struct v4_principal *p) -{ - struct prop_data *pd = arg; - hdb_entry_ex ent; - krb5_error_code ret; - - memset(&ent, 0, sizeof(ent)); - - ret = krb5_425_conv_principal(pd->context, p->name, p->instance, v4_realm, - &ent.entry.principal); - if(ret) { - krb5_warn(pd->context, ret, - "krb5_425_conv_principal %s.%s@%s", - p->name, p->instance, v4_realm); - return 0; - } - - if(verbose_flag) { - char *s; - krb5_unparse_name_short(pd->context, ent.entry.principal, &s); - krb5_warnx(pd->context, "%s.%s -> %s", p->name, p->instance, s); - free(s); - } - - ent.entry.kvno = p->kvno; - ent.entry.keys.len = 3; - ent.entry.keys.val = malloc(ent.entry.keys.len * sizeof(*ent.entry.keys.val)); - if (ent.entry.keys.val == NULL) - krb5_errx(pd->context, ENOMEM, "malloc"); - if(p->mkvno != -1) { - ent.entry.keys.val[0].mkvno = malloc (sizeof(*ent.entry.keys.val[0].mkvno)); - if (ent.entry.keys.val[0].mkvno == NULL) - krb5_errx(pd->context, ENOMEM, "malloc"); - *(ent.entry.keys.val[0].mkvno) = p->mkvno; - } else - ent.entry.keys.val[0].mkvno = NULL; - ent.entry.keys.val[0].salt = calloc(1, sizeof(*ent.entry.keys.val[0].salt)); - if (ent.entry.keys.val[0].salt == NULL) - krb5_errx(pd->context, ENOMEM, "calloc"); - ent.entry.keys.val[0].salt->type = KRB5_PADATA_PW_SALT; - ent.entry.keys.val[0].key.keytype = ETYPE_DES_CBC_MD5; - krb5_data_alloc(&ent.entry.keys.val[0].key.keyvalue, DES_KEY_SZ); - memcpy(ent.entry.keys.val[0].key.keyvalue.data, p->key, 8); - - copy_Key(&ent.entry.keys.val[0], &ent.entry.keys.val[1]); - ent.entry.keys.val[1].key.keytype = ETYPE_DES_CBC_MD4; - copy_Key(&ent.entry.keys.val[0], &ent.entry.keys.val[2]); - ent.entry.keys.val[2].key.keytype = ETYPE_DES_CBC_CRC; - - { - int life = _krb5_krb_life_to_time(0, p->max_life); - if(life == NEVERDATE){ - ent.entry.max_life = NULL; - } else { - /* clean up lifetime a bit */ - if(life > 86400) - life = (life + 86399) / 86400 * 86400; - else if(life > 3600) - life = (life + 3599) / 3600 * 3600; - ALLOC(ent.entry.max_life); - *ent.entry.max_life = life; - } - } - - ALLOC(ent.entry.valid_end); - *ent.entry.valid_end = p->exp_date; - - ret = krb5_make_principal(pd->context, &ent.entry.created_by.principal, - v4_realm, - "kadmin", - "hprop", - NULL); - if(ret){ - krb5_warn(pd->context, ret, "krb5_make_principal"); - ret = 0; - goto out; - } - ent.entry.created_by.time = time(NULL); - ALLOC(ent.entry.modified_by); - ret = krb5_425_conv_principal(pd->context, p->mod_name, p->mod_instance, - v4_realm, &ent.entry.modified_by->principal); - if(ret){ - krb5_warn(pd->context, ret, "%s.%s@%s", p->name, p->instance, v4_realm); - ent.entry.modified_by->principal = NULL; - ret = 0; - goto out; - } - ent.entry.modified_by->time = p->mod_date; - - ent.entry.flags.forwardable = 1; - ent.entry.flags.renewable = 1; - ent.entry.flags.proxiable = 1; - ent.entry.flags.postdate = 1; - ent.entry.flags.client = 1; - ent.entry.flags.server = 1; - - /* special case password changing service */ - if(strcmp(p->name, "changepw") == 0 && - strcmp(p->instance, "kerberos") == 0) { - ent.entry.flags.forwardable = 0; - ent.entry.flags.renewable = 0; - ent.entry.flags.proxiable = 0; - ent.entry.flags.postdate = 0; - ent.entry.flags.initial = 1; - ent.entry.flags.change_pw = 1; - } - - ret = v5_prop(pd->context, NULL, &ent, pd); - - if (strcmp (p->name, "krbtgt") == 0 - && strcmp (v4_realm, p->instance) != 0) { - krb5_free_principal (pd->context, ent.entry.principal); - ret = krb5_425_conv_principal (pd->context, p->name, - v4_realm, p->instance, - &ent.entry.principal); - if (ret == 0) - ret = v5_prop (pd->context, NULL, &ent, pd); - } - - out: - hdb_free_entry(pd->context, &ent); - return ret; -} - -#include "kadb.h" - -/* read a `ka_entry' from `fd' at offset `pos' */ -static void -read_block(krb5_context context, int fd, int32_t pos, void *buf, size_t len) -{ - krb5_error_code ret; -#ifdef HAVE_PREAD - if((ret = pread(fd, buf, len, 64 + pos)) < 0) - krb5_err(context, 1, errno, "pread(%u)", 64 + pos); -#else - if(lseek(fd, 64 + pos, SEEK_SET) == (off_t)-1) - krb5_err(context, 1, errno, "lseek(%u)", 64 + pos); - ret = read(fd, buf, len); - if(ret < 0) - krb5_err(context, 1, errno, "read(%lu)", (unsigned long)len); -#endif - if(ret != len) - krb5_errx(context, 1, "read(%lu) = %u", (unsigned long)len, ret); -} - -static int -ka_convert(struct prop_data *pd, int fd, struct ka_entry *ent) -{ - int32_t flags = ntohl(ent->flags); - krb5_error_code ret; - hdb_entry_ex hdb; - - if(!kaspecials_flag - && (flags & KAFNORMAL) == 0) /* remove special entries */ - return 0; - memset(&hdb, 0, sizeof(hdb)); - ret = krb5_425_conv_principal(pd->context, ent->name, ent->instance, - v4_realm, &hdb.entry.principal); - if(ret) { - krb5_warn(pd->context, ret, - "krb5_425_conv_principal (%s.%s@%s)", - ent->name, ent->instance, v4_realm); - return 0; - } - hdb.entry.kvno = ntohl(ent->kvno); - hdb.entry.keys.len = 3; - hdb.entry.keys.val = - malloc(hdb.entry.keys.len * sizeof(*hdb.entry.keys.val)); - if (hdb.entry.keys.val == NULL) - krb5_errx(pd->context, ENOMEM, "malloc"); - hdb.entry.keys.val[0].mkvno = NULL; - hdb.entry.keys.val[0].salt = calloc(1, sizeof(*hdb.entry.keys.val[0].salt)); - if (hdb.entry.keys.val[0].salt == NULL) - krb5_errx(pd->context, ENOMEM, "calloc"); - if (ka_use_null_salt) { - hdb.entry.keys.val[0].salt->type = hdb_pw_salt; - hdb.entry.keys.val[0].salt->salt.data = NULL; - hdb.entry.keys.val[0].salt->salt.length = 0; - } else { - hdb.entry.keys.val[0].salt->type = hdb_afs3_salt; - hdb.entry.keys.val[0].salt->salt.data = strdup(afs_cell); - if (hdb.entry.keys.val[0].salt->salt.data == NULL) - krb5_errx(pd->context, ENOMEM, "strdup"); - hdb.entry.keys.val[0].salt->salt.length = strlen(afs_cell); - } - - hdb.entry.keys.val[0].key.keytype = ETYPE_DES_CBC_MD5; - krb5_data_copy(&hdb.entry.keys.val[0].key.keyvalue, - ent->key, - sizeof(ent->key)); - copy_Key(&hdb.entry.keys.val[0], &hdb.entry.keys.val[1]); - hdb.entry.keys.val[1].key.keytype = ETYPE_DES_CBC_MD4; - copy_Key(&hdb.entry.keys.val[0], &hdb.entry.keys.val[2]); - hdb.entry.keys.val[2].key.keytype = ETYPE_DES_CBC_CRC; - - ALLOC(hdb.entry.max_life); - *hdb.entry.max_life = ntohl(ent->max_life); - - if(ntohl(ent->valid_end) != NEVERDATE && ntohl(ent->valid_end) != 0xffffffff) { - ALLOC(hdb.entry.valid_end); - *hdb.entry.valid_end = ntohl(ent->valid_end); - } - - if (ntohl(ent->pw_change) != NEVERDATE && - ent->pw_expire != 255 && - ent->pw_expire != 0) { - ALLOC(hdb.entry.pw_end); - *hdb.entry.pw_end = ntohl(ent->pw_change) - + 24 * 60 * 60 * ent->pw_expire; - } - - ret = krb5_make_principal(pd->context, &hdb.entry.created_by.principal, - v4_realm, - "kadmin", - "hprop", - NULL); - hdb.entry.created_by.time = time(NULL); - - if(ent->mod_ptr){ - struct ka_entry mod; - ALLOC(hdb.entry.modified_by); - read_block(pd->context, fd, ntohl(ent->mod_ptr), &mod, sizeof(mod)); - - krb5_425_conv_principal(pd->context, mod.name, mod.instance, v4_realm, - &hdb.entry.modified_by->principal); - hdb.entry.modified_by->time = ntohl(ent->mod_time); - memset(&mod, 0, sizeof(mod)); - } - - hdb.entry.flags.forwardable = 1; - hdb.entry.flags.renewable = 1; - hdb.entry.flags.proxiable = 1; - hdb.entry.flags.postdate = 1; - /* XXX - AFS 3.4a creates krbtgt.REALMOFCELL as NOTGS+NOSEAL */ - if (strcmp(ent->name, "krbtgt") == 0 && - (flags & (KAFNOTGS|KAFNOSEAL)) == (KAFNOTGS|KAFNOSEAL)) - flags &= ~(KAFNOTGS|KAFNOSEAL); - - hdb.entry.flags.client = (flags & KAFNOTGS) == 0; - hdb.entry.flags.server = (flags & KAFNOSEAL) == 0; - - ret = v5_prop(pd->context, NULL, &hdb, pd); - hdb_free_entry(pd->context, &hdb); - return ret; -} - -static int -ka_dump(struct prop_data *pd, const char *file) -{ - struct ka_header header; - int i; - int fd = open(file, O_RDONLY); - - if(fd < 0) - krb5_err(pd->context, 1, errno, "open(%s)", file); - read_block(pd->context, fd, 0, &header, sizeof(header)); - if(header.version1 != header.version2) - krb5_errx(pd->context, 1, "Version mismatch in header: %ld/%ld", - (long)ntohl(header.version1), (long)ntohl(header.version2)); - if(ntohl(header.version1) != 5) - krb5_errx(pd->context, 1, "Unknown database version %ld (expected 5)", - (long)ntohl(header.version1)); - for(i = 0; i < ntohl(header.hashsize); i++){ - int32_t pos = ntohl(header.hash[i]); - while(pos){ - struct ka_entry ent; - read_block(pd->context, fd, pos, &ent, sizeof(ent)); - ka_convert(pd, fd, &ent); - pos = ntohl(ent.next); - } - } - return 0; -} - - - -struct getargs args[] = { - { "master-key", 'm', arg_string, &mkeyfile, "v5 master key file", "file" }, - { "database", 'd', arg_string, &database, "database", "file" }, - { "source", 0, arg_string, &source_type, "type of database to read", - "heimdal" - "|mit-dump" - "|krb4-dump" - "|kaserver" - }, - - { "v4-realm", 'r', arg_string, &v4_realm, "v4 realm to use" }, - { "cell", 'c', arg_string, &afs_cell, "name of AFS cell" }, - { "kaspecials", 'S', arg_flag, &kaspecials_flag, "dump KASPECIAL keys"}, - { "keytab", 'k', arg_string, &ktname, "keytab to use for authentication", "keytab" }, - { "v5-realm", 'R', arg_string, &local_realm, "v5 realm to use" }, - { "decrypt", 'D', arg_flag, &decrypt_flag, "decrypt keys" }, - { "encrypt", 'E', arg_flag, &encrypt_flag, "encrypt keys" }, - { "stdout", 'n', arg_flag, &to_stdout, "dump to stdout" }, - { "verbose", 'v', arg_flag, &verbose_flag }, - { "version", 0, arg_flag, &version_flag }, - { "help", 'h', arg_flag, &help_flag } -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage(int ret) -{ - arg_printusage (args, num_args, NULL, "[host[:port]] ..."); - exit (ret); -} - -static void -get_creds(krb5_context context, krb5_ccache *cache) -{ - krb5_keytab keytab; - krb5_principal client; - krb5_error_code ret; - krb5_get_init_creds_opt *init_opts; - krb5_preauthtype preauth = KRB5_PADATA_ENC_TIMESTAMP; - krb5_creds creds; - - ret = krb5_kt_register(context, &hdb_kt_ops); - if(ret) krb5_err(context, 1, ret, "krb5_kt_register"); - - ret = krb5_kt_resolve(context, ktname, &keytab); - if(ret) krb5_err(context, 1, ret, "krb5_kt_resolve"); - - ret = krb5_make_principal(context, &client, NULL, - "kadmin", HPROP_NAME, NULL); - if(ret) krb5_err(context, 1, ret, "krb5_make_principal"); - - ret = krb5_get_init_creds_opt_alloc(context, &init_opts); - if(ret) krb5_err(context, 1, ret, "krb5_get_init_creds_opt_alloc"); - krb5_get_init_creds_opt_set_preauth_list(init_opts, &preauth, 1); - - ret = krb5_get_init_creds_keytab(context, &creds, client, keytab, 0, NULL, init_opts); - if(ret) krb5_err(context, 1, ret, "krb5_get_init_creds"); - - krb5_get_init_creds_opt_free(context, init_opts); - - ret = krb5_kt_close(context, keytab); - if(ret) krb5_err(context, 1, ret, "krb5_kt_close"); - - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, cache); - if(ret) krb5_err(context, 1, ret, "krb5_cc_gen_new"); - - ret = krb5_cc_initialize(context, *cache, client); - if(ret) krb5_err(context, 1, ret, "krb5_cc_initialize"); - - krb5_free_principal(context, client); - - ret = krb5_cc_store_cred(context, *cache, &creds); - if(ret) krb5_err(context, 1, ret, "krb5_cc_store_cred"); - - krb5_free_cred_contents(context, &creds); -} - -enum hprop_source { - HPROP_HEIMDAL = 1, - HPROP_KRB4_DUMP, - HPROP_KASERVER, - HPROP_MIT_DUMP -}; - -#define IS_TYPE_V4(X) ((X) == HPROP_KRB4_DUMP || (X) == HPROP_KASERVER) - -struct { - int type; - const char *name; -} types[] = { - { HPROP_HEIMDAL, "heimdal" }, - { HPROP_KRB4_DUMP, "krb4-dump" }, - { HPROP_KASERVER, "kaserver" }, - { HPROP_MIT_DUMP, "mit-dump" } -}; - -static int -parse_source_type(const char *s) -{ - int i; - for(i = 0; i < sizeof(types) / sizeof(types[0]); i++) { - if(strstr(types[i].name, s) == types[i].name) - return types[i].type; - } - return 0; -} - -static int -iterate (krb5_context context, - const char *database_name, - HDB *db, - int type, - struct prop_data *pd) -{ - int ret; - - switch(type) { - case HPROP_KRB4_DUMP: - ret = v4_prop_dump(pd, database_name); - if(ret) - krb5_warnx(context, "v4_prop_dump: %s", - krb5_get_err_text(context, ret)); - break; - case HPROP_KASERVER: - ret = ka_dump(pd, database_name); - if(ret) - krb5_warn(context, ret, "ka_dump"); - break; - case HPROP_MIT_DUMP: - ret = mit_prop_dump(pd, database_name); - if (ret) - krb5_warnx(context, "mit_prop_dump: %s", - krb5_get_err_text(context, ret)); - break; - case HPROP_HEIMDAL: - ret = hdb_foreach(context, db, HDB_F_DECRYPT, v5_prop, pd); - if(ret) - krb5_warn(context, ret, "hdb_foreach"); - break; - default: - krb5_errx(context, 1, "unknown prop type: %d", type); - } - return ret; -} - -static int -dump_database (krb5_context context, int type, - const char *database_name, HDB *db) -{ - krb5_error_code ret; - struct prop_data pd; - krb5_data data; - - pd.context = context; - pd.auth_context = NULL; - pd.sock = STDOUT_FILENO; - - ret = iterate (context, database_name, db, type, &pd); - if (ret) - krb5_errx(context, 1, "iterate failure"); - krb5_data_zero (&data); - ret = krb5_write_message (context, &pd.sock, &data); - if (ret) - krb5_err(context, 1, ret, "krb5_write_message"); - - return 0; -} - -static int -propagate_database (krb5_context context, int type, - const char *database_name, - HDB *db, krb5_ccache ccache, - int optidx, int argc, char **argv) -{ - krb5_principal server; - krb5_error_code ret; - int i, failed = 0; - - for(i = optidx; i < argc; i++){ - krb5_auth_context auth_context; - int fd; - struct prop_data pd; - krb5_data data; - - char *port, portstr[NI_MAXSERV]; - char *host = argv[i]; - - port = strchr(host, ':'); - if(port == NULL) { - snprintf(portstr, sizeof(portstr), "%u", - ntohs(krb5_getportbyname (context, "hprop", "tcp", - HPROP_PORT))); - port = portstr; - } else - *port++ = '\0'; - - fd = open_socket(context, host, port); - if(fd < 0) { - failed++; - krb5_warn (context, errno, "connect %s", host); - continue; - } - - ret = krb5_sname_to_principal(context, argv[i], - HPROP_NAME, KRB5_NT_SRV_HST, &server); - if(ret) { - failed++; - krb5_warn(context, ret, "krb5_sname_to_principal(%s)", host); - close(fd); - continue; - } - - if (local_realm) { - krb5_realm my_realm; - krb5_get_default_realm(context,&my_realm); - - free (*krb5_princ_realm(context, server)); - krb5_princ_set_realm(context,server,&my_realm); - } - - auth_context = NULL; - ret = krb5_sendauth(context, - &auth_context, - &fd, - HPROP_VERSION, - NULL, - server, - AP_OPTS_MUTUAL_REQUIRED | AP_OPTS_USE_SUBKEY, - NULL, /* in_data */ - NULL, /* in_creds */ - ccache, - NULL, - NULL, - NULL); - - krb5_free_principal(context, server); - - if(ret) { - failed++; - krb5_warn(context, ret, "krb5_sendauth (%s)", host); - close(fd); - goto next_host; - } - - pd.context = context; - pd.auth_context = auth_context; - pd.sock = fd; - - ret = iterate (context, database_name, db, type, &pd); - if (ret) { - krb5_warnx(context, "iterate to host %s failed", host); - failed++; - goto next_host; - } - - krb5_data_zero (&data); - ret = krb5_write_priv_message(context, auth_context, &fd, &data); - if(ret) { - krb5_warn(context, ret, "krb5_write_priv_message"); - failed++; - goto next_host; - } - - ret = krb5_read_priv_message(context, auth_context, &fd, &data); - if(ret) { - krb5_warn(context, ret, "krb5_read_priv_message: %s", host); - failed++; - goto next_host; - } else - krb5_data_free (&data); - - next_host: - krb5_auth_con_free(context, auth_context); - close(fd); - } - if (failed) - return 1; - return 0; -} - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - krb5_context context; - krb5_ccache ccache = NULL; - HDB *db = NULL; - int optidx = 0; - - int type, exit_code; - - setprogname(argv[0]); - - if(getarg(args, num_args, argc, argv, &optidx)) - usage(1); - - if(help_flag) - usage(0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - ret = krb5_init_context(&context); - if(ret) - exit(1); - - if(local_realm) - krb5_set_default_realm(context, local_realm); - - if(v4_realm == NULL) { - ret = krb5_get_default_realm(context, &v4_realm); - if(ret) - krb5_err(context, 1, ret, "krb5_get_default_realm"); - } - - if(afs_cell == NULL) { - afs_cell = strdup(v4_realm); - if(afs_cell == NULL) - krb5_errx(context, 1, "out of memory"); - strlwr(afs_cell); - } - - - if(encrypt_flag && decrypt_flag) - krb5_errx(context, 1, - "only one of `--encrypt' and `--decrypt' is meaningful"); - - if(source_type != NULL) { - type = parse_source_type(source_type); - if(type == 0) - krb5_errx(context, 1, "unknown source type `%s'", source_type); - } else - type = HPROP_HEIMDAL; - - if(!to_stdout) - get_creds(context, &ccache); - - if(decrypt_flag || encrypt_flag) { - ret = hdb_read_master_key(context, mkeyfile, &mkey5); - if(ret && ret != ENOENT) - krb5_err(context, 1, ret, "hdb_read_master_key"); - if(ret) - krb5_errx(context, 1, "No master key file found"); - } - - if (IS_TYPE_V4(type) && v4_realm == NULL) - krb5_errx(context, 1, "Its a Kerberos 4 database " - "but no realm configured"); - - switch(type) { - case HPROP_KASERVER: - if (database == NULL) - database = DEFAULT_DATABASE; - ka_use_null_salt = krb5_config_get_bool_default(context, NULL, FALSE, - "hprop", - "afs_uses_null_salt", - NULL); - - break; - case HPROP_KRB4_DUMP: - if (database == NULL) - krb5_errx(context, 1, "no dump file specified"); - - break; - case HPROP_MIT_DUMP: - if (database == NULL) - krb5_errx(context, 1, "no dump file specified"); - break; - case HPROP_HEIMDAL: - ret = hdb_create (context, &db, database); - if(ret) - krb5_err(context, 1, ret, "hdb_create: %s", database); - ret = db->hdb_open(context, db, O_RDONLY, 0); - if(ret) - krb5_err(context, 1, ret, "db->hdb_open"); - break; - default: - krb5_errx(context, 1, "unknown dump type `%d'", type); - break; - } - - if (to_stdout) - exit_code = dump_database (context, type, database, db); - else - exit_code = propagate_database (context, type, database, - db, ccache, optidx, argc, argv); - - if(ccache != NULL) - krb5_cc_destroy(context, ccache); - - if(db != NULL) - (*db->hdb_destroy)(context, db); - - krb5_free_context(context); - return exit_code; -} diff --git a/crypto/heimdal/kdc/hprop.h b/crypto/heimdal/kdc/hprop.h deleted file mode 100644 index d43d04c21539..000000000000 --- a/crypto/heimdal/kdc/hprop.h +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: hprop.h 16378 2005-12-12 12:40:12Z lha $ */ - -#ifndef __HPROP_H__ -#define __HPROP_H__ - -#include "headers.h" - -struct prop_data{ - krb5_context context; - krb5_auth_context auth_context; - int sock; -}; - -#define HPROP_VERSION "hprop-0.0" -#define HPROP_NAME "hprop" -#define HPROP_KEYTAB "HDB:" -#define HPROP_PORT 754 - -#ifndef NEVERDATE -#define NEVERDATE ((1U << 31) - 1) -#endif - -krb5_error_code v5_prop(krb5_context, HDB*, hdb_entry_ex*, void*); -int mit_prop_dump(void*, const char*); - -struct v4_principal { - char name[64]; - char instance[64]; - DES_cblock key; - int kvno; - int mkvno; - time_t exp_date; - time_t mod_date; - char mod_name[64]; - char mod_instance[64]; - int max_life; -}; - -int v4_prop(void*, struct v4_principal*); -int v4_prop_dump(void *arg, const char*); - -#endif /* __HPROP_H__ */ diff --git a/crypto/heimdal/kdc/hpropd.8 b/crypto/heimdal/kdc/hpropd.8 deleted file mode 100644 index 74a3dad816d7..000000000000 --- a/crypto/heimdal/kdc/hpropd.8 +++ /dev/null @@ -1,107 +0,0 @@ -.\" Copyright (c) 1997, 2000 - 2003 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: hpropd.8 14381 2004-12-10 09:44:05Z lha $ -.\" -.Dd August 27, 1997 -.Dt HPROPD 8 -.Os HEIMDAL -.Sh NAME -.Nm hpropd -.Nd receive a propagated database -.Sh SYNOPSIS -.Nm -.Bk -words -.Oo Fl d Ar file \*(Ba Xo -.Fl -database= Ns Ar file -.Xc -.Oc -.Op Fl n | Fl -stdin -.Op Fl -print -.Op Fl i | Fl -no-inetd -.Oo Fl k Ar keytab \*(Ba Xo -.Fl -keytab= Ns Ar keytab -.Xc -.Oc -.Op Fl 4 | Fl -v4dump -.Ek -.Sh DESCRIPTION -.Nm -receives a database sent by -.Nm hprop . -and writes it as a local database. -.Pp -By default, -.Nm -expects to be started from -.Nm inetd -if stdin is a socket and expects to receive the dumped database over -stdin otherwise. -If the database is sent over the network, it is authenticated and -encrypted. -Only connections authenticated with the principal -.Nm kadmin Ns / Ns Nm hprop -are accepted. -.Pp -Options supported: -.Bl -tag -width Ds -.It Xo -.Fl d Ar file , -.Fl -database= Ns Ar file -.Xc -database -.It Xo -.Fl n , -.Fl -stdin -.Xc -read from stdin -.It Xo -.Fl -print -.Xc -print dump to stdout -.It Xo -.Fl i , -.Fl -no-inetd -.Xc -not started from inetd -.It Xo -.Fl k Ar keytab , -.Fl -keytab= Ns Ar keytab -.Xc -keytab to use for authentication -.It Xo -.Fl 4 , -.Fl -v4dump -.Xc -create v4 type DB -.El -.Sh SEE ALSO -.Xr hprop 8 diff --git a/crypto/heimdal/kdc/hpropd.c b/crypto/heimdal/kdc/hpropd.c deleted file mode 100644 index 12a976657210..000000000000 --- a/crypto/heimdal/kdc/hpropd.c +++ /dev/null @@ -1,271 +0,0 @@ -/* - * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hprop.h" - -RCSID("$Id: hpropd.c 22245 2007-12-08 23:48:52Z lha $"); - -static int inetd_flag = -1; -static int help_flag; -static int version_flag; -static int print_dump; -static const char *database; -static int from_stdin; -static char *local_realm; -static char *ktname = NULL; - -struct getargs args[] = { - { "database", 'd', arg_string, &database, "database", "file" }, - { "stdin", 'n', arg_flag, &from_stdin, "read from stdin" }, - { "print", 0, arg_flag, &print_dump, "print dump to stdout" }, - { "inetd", 'i', arg_negative_flag, &inetd_flag, - "Not started from inetd" }, - { "keytab", 'k', arg_string, &ktname, "keytab to use for authentication", "keytab" }, - { "realm", 'r', arg_string, &local_realm, "realm to use" }, - { "version", 0, arg_flag, &version_flag, NULL, NULL }, - { "help", 'h', arg_flag, &help_flag, NULL, NULL} -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage(int ret) -{ - arg_printusage (args, num_args, NULL, ""); - exit (ret); -} - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - krb5_context context; - krb5_auth_context ac = NULL; - krb5_principal c1, c2; - krb5_authenticator authent; - krb5_keytab keytab; - int fd; - HDB *db; - int optidx = 0; - char *tmp_db; - krb5_log_facility *fac; - int nprincs; - - setprogname(argv[0]); - - ret = krb5_init_context(&context); - if(ret) - exit(1); - - ret = krb5_openlog(context, "hpropd", &fac); - if(ret) - ; - krb5_set_warn_dest(context, fac); - - if(getarg(args, num_args, argc, argv, &optidx)) - usage(1); - - if(local_realm != NULL) - krb5_set_default_realm(context, local_realm); - - if(help_flag) - usage(0); - if(version_flag) { - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - if (argc != 0) - usage(1); - - if (database == NULL) - database = hdb_default_db(context); - - if(from_stdin) - fd = STDIN_FILENO; - else { - struct sockaddr_storage ss; - struct sockaddr *sa = (struct sockaddr *)&ss; - socklen_t sin_len = sizeof(ss); - char addr_name[256]; - krb5_ticket *ticket; - char *server; - - fd = STDIN_FILENO; - if (inetd_flag == -1) { - if (getpeername (fd, sa, &sin_len) < 0) - inetd_flag = 0; - else - inetd_flag = 1; - } - if (!inetd_flag) { - mini_inetd (krb5_getportbyname (context, "hprop", "tcp", - HPROP_PORT)); - } - sin_len = sizeof(ss); - if(getpeername(fd, sa, &sin_len) < 0) - krb5_err(context, 1, errno, "getpeername"); - - if (inet_ntop(sa->sa_family, - socket_get_address (sa), - addr_name, - sizeof(addr_name)) == NULL) - strlcpy (addr_name, "unknown address", - sizeof(addr_name)); - - krb5_log(context, fac, 0, "Connection from %s", addr_name); - - ret = krb5_kt_register(context, &hdb_kt_ops); - if(ret) - krb5_err(context, 1, ret, "krb5_kt_register"); - - if (ktname != NULL) { - ret = krb5_kt_resolve(context, ktname, &keytab); - if (ret) - krb5_err (context, 1, ret, "krb5_kt_resolve %s", ktname); - } else { - ret = krb5_kt_default (context, &keytab); - if (ret) - krb5_err (context, 1, ret, "krb5_kt_default"); - } - - ret = krb5_recvauth(context, &ac, &fd, HPROP_VERSION, NULL, - 0, keytab, &ticket); - if(ret) - krb5_err(context, 1, ret, "krb5_recvauth"); - - ret = krb5_unparse_name(context, ticket->server, &server); - if (ret) - krb5_err(context, 1, ret, "krb5_unparse_name"); - if (strncmp(server, "hprop/", 5) != 0) - krb5_errx(context, 1, "ticket not for hprop (%s)", server); - - free(server); - krb5_free_ticket (context, ticket); - - ret = krb5_auth_con_getauthenticator(context, ac, &authent); - if(ret) - krb5_err(context, 1, ret, "krb5_auth_con_getauthenticator"); - - ret = krb5_make_principal(context, &c1, NULL, "kadmin", "hprop", NULL); - if(ret) - krb5_err(context, 1, ret, "krb5_make_principal"); - _krb5_principalname2krb5_principal(context, &c2, - authent->cname, authent->crealm); - if(!krb5_principal_compare(context, c1, c2)) { - char *s; - ret = krb5_unparse_name(context, c2, &s); - if (ret) - s = "unparseable name"; - krb5_errx(context, 1, "Unauthorized connection from %s", s); - } - krb5_free_principal(context, c1); - krb5_free_principal(context, c2); - - ret = krb5_kt_close(context, keytab); - if(ret) - krb5_err(context, 1, ret, "krb5_kt_close"); - } - - if(!print_dump) { - asprintf(&tmp_db, "%s~", database); - - ret = hdb_create(context, &db, tmp_db); - if(ret) - krb5_err(context, 1, ret, "hdb_create(%s)", tmp_db); - ret = db->hdb_open(context, db, O_RDWR | O_CREAT | O_TRUNC, 0600); - if(ret) - krb5_err(context, 1, ret, "hdb_open(%s)", tmp_db); - } - - nprincs = 0; - while(1){ - krb5_data data; - hdb_entry_ex entry; - - if(from_stdin) { - ret = krb5_read_message(context, &fd, &data); - if(ret != 0 && ret != HEIM_ERR_EOF) - krb5_err(context, 1, ret, "krb5_read_message"); - } else { - ret = krb5_read_priv_message(context, ac, &fd, &data); - if(ret) - krb5_err(context, 1, ret, "krb5_read_priv_message"); - } - - if(ret == HEIM_ERR_EOF || data.length == 0) { - if(!from_stdin) { - data.data = NULL; - data.length = 0; - krb5_write_priv_message(context, ac, &fd, &data); - } - if(!print_dump) { - ret = db->hdb_rename(context, db, database); - if(ret) - krb5_err(context, 1, ret, "db_rename"); - ret = db->hdb_close(context, db); - if(ret) - krb5_err(context, 1, ret, "db_close"); - } - break; - } - memset(&entry, 0, sizeof(entry)); - ret = hdb_value2entry(context, &data, &entry.entry); - krb5_data_free(&data); - if(ret) - krb5_err(context, 1, ret, "hdb_value2entry"); - if(print_dump) - hdb_print_entry(context, db, &entry, stdout); - else { - ret = db->hdb_store(context, db, 0, &entry); - if(ret == HDB_ERR_EXISTS) { - char *s; - ret = krb5_unparse_name(context, entry.entry.principal, &s); - if (ret) - s = strdup("unparseable name"); - krb5_warnx(context, "Entry exists: %s", s); - free(s); - } else if(ret) - krb5_err(context, 1, ret, "db_store"); - else - nprincs++; - } - hdb_free_entry(context, &entry); - } - if (!print_dump) - krb5_log(context, fac, 0, "Received %d principals", nprincs); - exit(0); -} diff --git a/crypto/heimdal/kdc/kadb.h b/crypto/heimdal/kdc/kadb.h deleted file mode 100644 index 4b59abe1cf97..000000000000 --- a/crypto/heimdal/kdc/kadb.h +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: kadb.h 7997 2000-03-03 12:36:26Z assar $ */ - -#ifndef __kadb_h__ -#define __kadb_h__ - -#define HASHSIZE 8191 - -struct ka_header { - int32_t version1; /* file format version, should - match version2 */ - int32_t size; - int32_t free_ptr; - int32_t eof_ptr; - int32_t kvno_ptr; - int32_t stats[8]; - int32_t admin_accounts; - int32_t special_keys_version; - int32_t hashsize; /* allocated size of hash */ - int32_t hash[HASHSIZE]; - int32_t version2; -}; - -struct ka_entry { - int32_t flags; /* see below */ - int32_t next; /* next in hash list */ - int32_t valid_end; /* expiration date */ - int32_t mod_time; /* time last modified */ - int32_t mod_ptr; /* pointer to modifier */ - int32_t pw_change; /* last pw change */ - int32_t max_life; /* max ticket life */ - int32_t kvno; - int32_t foo2[2]; /* huh? */ - char name[64]; - char instance[64]; - char key[8]; - u_char pw_expire; /* # days before password expires */ - u_char spare; - u_char attempts; - u_char locktime; -}; - -#define KAFNORMAL (1<<0) -#define KAFADMIN (1<<2) /* an administrator */ -#define KAFNOTGS (1<<3) /* ! allow principal to get or use TGT */ -#define KAFNOSEAL (1<<5) /* ! allow principal as server in GetTicket */ -#define KAFNOCPW (1<<6) /* ! allow principal to change its own key */ -#define KAFSPECIAL (1<<8) /* set if special AuthServer principal */ - -#define DEFAULT_DATABASE "/usr/afs/db/kaserver.DB0" - -#endif /* __kadb_h__ */ diff --git a/crypto/heimdal/kdc/kaserver.c b/crypto/heimdal/kdc/kaserver.c deleted file mode 100644 index 27f497ea6643..000000000000 --- a/crypto/heimdal/kdc/kaserver.c +++ /dev/null @@ -1,951 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" - -RCSID("$Id: kaserver.c 21654 2007-07-21 17:30:18Z lha $"); - -#include -#include - -#define KA_AUTHENTICATION_SERVICE 731 -#define KA_TICKET_GRANTING_SERVICE 732 -#define KA_MAINTENANCE_SERVICE 733 - -#define AUTHENTICATE_OLD 1 -#define CHANGEPASSWORD 2 -#define GETTICKET_OLD 3 -#define SETPASSWORD 4 -#define SETFIELDS 5 -#define CREATEUSER 6 -#define DELETEUSER 7 -#define GETENTRY 8 -#define LISTENTRY 9 -#define GETSTATS 10 -#define DEBUG 11 -#define GETPASSWORD 12 -#define GETRANDOMKEY 13 -#define AUTHENTICATE 21 -#define AUTHENTICATE_V2 22 -#define GETTICKET 23 - -/* XXX - Where do we get these? */ - -#define RXGEN_OPCODE (-455) - -#define KADATABASEINCONSISTENT (180480L) -#define KAEXIST (180481L) -#define KAIO (180482L) -#define KACREATEFAIL (180483L) -#define KANOENT (180484L) -#define KAEMPTY (180485L) -#define KABADNAME (180486L) -#define KABADINDEX (180487L) -#define KANOAUTH (180488L) -#define KAANSWERTOOLONG (180489L) -#define KABADREQUEST (180490L) -#define KAOLDINTERFACE (180491L) -#define KABADARGUMENT (180492L) -#define KABADCMD (180493L) -#define KANOKEYS (180494L) -#define KAREADPW (180495L) -#define KABADKEY (180496L) -#define KAUBIKINIT (180497L) -#define KAUBIKCALL (180498L) -#define KABADPROTOCOL (180499L) -#define KANOCELLS (180500L) -#define KANOCELL (180501L) -#define KATOOMANYUBIKS (180502L) -#define KATOOMANYKEYS (180503L) -#define KABADTICKET (180504L) -#define KAUNKNOWNKEY (180505L) -#define KAKEYCACHEINVALID (180506L) -#define KABADSERVER (180507L) -#define KABADUSER (180508L) -#define KABADCPW (180509L) -#define KABADCREATE (180510L) -#define KANOTICKET (180511L) -#define KAASSOCUSER (180512L) -#define KANOTSPECIAL (180513L) -#define KACLOCKSKEW (180514L) -#define KANORECURSE (180515L) -#define KARXFAIL (180516L) -#define KANULLPASSWORD (180517L) -#define KAINTERNALERROR (180518L) -#define KAPWEXPIRED (180519L) -#define KAREUSED (180520L) -#define KATOOSOON (180521L) -#define KALOCKED (180522L) - - -static krb5_error_code -decode_rx_header (krb5_storage *sp, - struct rx_header *h) -{ - krb5_error_code ret; - - ret = krb5_ret_uint32(sp, &h->epoch); - if (ret) return ret; - ret = krb5_ret_uint32(sp, &h->connid); - if (ret) return ret; - ret = krb5_ret_uint32(sp, &h->callid); - if (ret) return ret; - ret = krb5_ret_uint32(sp, &h->seqno); - if (ret) return ret; - ret = krb5_ret_uint32(sp, &h->serialno); - if (ret) return ret; - ret = krb5_ret_uint8(sp, &h->type); - if (ret) return ret; - ret = krb5_ret_uint8(sp, &h->flags); - if (ret) return ret; - ret = krb5_ret_uint8(sp, &h->status); - if (ret) return ret; - ret = krb5_ret_uint8(sp, &h->secindex); - if (ret) return ret; - ret = krb5_ret_uint16(sp, &h->reserved); - if (ret) return ret; - ret = krb5_ret_uint16(sp, &h->serviceid); - if (ret) return ret; - - return 0; -} - -static krb5_error_code -encode_rx_header (struct rx_header *h, - krb5_storage *sp) -{ - krb5_error_code ret; - - ret = krb5_store_uint32(sp, h->epoch); - if (ret) return ret; - ret = krb5_store_uint32(sp, h->connid); - if (ret) return ret; - ret = krb5_store_uint32(sp, h->callid); - if (ret) return ret; - ret = krb5_store_uint32(sp, h->seqno); - if (ret) return ret; - ret = krb5_store_uint32(sp, h->serialno); - if (ret) return ret; - ret = krb5_store_uint8(sp, h->type); - if (ret) return ret; - ret = krb5_store_uint8(sp, h->flags); - if (ret) return ret; - ret = krb5_store_uint8(sp, h->status); - if (ret) return ret; - ret = krb5_store_uint8(sp, h->secindex); - if (ret) return ret; - ret = krb5_store_uint16(sp, h->reserved); - if (ret) return ret; - ret = krb5_store_uint16(sp, h->serviceid); - if (ret) return ret; - - return 0; -} - -static void -init_reply_header (struct rx_header *hdr, - struct rx_header *reply_hdr, - u_char type, - u_char flags) -{ - reply_hdr->epoch = hdr->epoch; - reply_hdr->connid = hdr->connid; - reply_hdr->callid = hdr->callid; - reply_hdr->seqno = 1; - reply_hdr->serialno = 1; - reply_hdr->type = type; - reply_hdr->flags = flags; - reply_hdr->status = 0; - reply_hdr->secindex = 0; - reply_hdr->reserved = 0; - reply_hdr->serviceid = hdr->serviceid; -} - -/* - * Create an error `reply´ using for the packet `hdr' with the error - * `error´ code. - */ -static void -make_error_reply (struct rx_header *hdr, - uint32_t error, - krb5_data *reply) - -{ - struct rx_header reply_hdr; - krb5_error_code ret; - krb5_storage *sp; - - init_reply_header (hdr, &reply_hdr, HT_ABORT, HF_LAST); - sp = krb5_storage_emem(); - if (sp == NULL) - return; - ret = encode_rx_header (&reply_hdr, sp); - if (ret) - return; - krb5_store_int32(sp, error); - krb5_storage_to_data (sp, reply); - krb5_storage_free (sp); -} - -static krb5_error_code -krb5_ret_xdr_data(krb5_storage *sp, - krb5_data *data) -{ - int ret; - int size; - ret = krb5_ret_int32(sp, &size); - if(ret) - return ret; - if(size < 0) - return ERANGE; - data->length = size; - if (size) { - u_char foo[4]; - size_t pad = (4 - size % 4) % 4; - - data->data = malloc(size); - if (data->data == NULL) - return ENOMEM; - ret = krb5_storage_read(sp, data->data, size); - if(ret != size) - return (ret < 0)? errno : KRB5_CC_END; - if (pad) { - ret = krb5_storage_read(sp, foo, pad); - if (ret != pad) - return (ret < 0)? errno : KRB5_CC_END; - } - } else - data->data = NULL; - return 0; -} - -static krb5_error_code -krb5_store_xdr_data(krb5_storage *sp, - krb5_data data) -{ - u_char zero[4] = {0, 0, 0, 0}; - int ret; - size_t pad; - - ret = krb5_store_int32(sp, data.length); - if(ret < 0) - return ret; - ret = krb5_storage_write(sp, data.data, data.length); - if(ret != data.length){ - if(ret < 0) - return errno; - return KRB5_CC_END; - } - pad = (4 - data.length % 4) % 4; - if (pad) { - ret = krb5_storage_write(sp, zero, pad); - if (ret != pad) { - if (ret < 0) - return errno; - return KRB5_CC_END; - } - } - return 0; -} - - -static krb5_error_code -create_reply_ticket (krb5_context context, - struct rx_header *hdr, - Key *skey, - char *name, char *instance, char *realm, - struct sockaddr_in *addr, - int life, - int kvno, - int32_t max_seq_len, - const char *sname, const char *sinstance, - uint32_t challenge, - const char *label, - krb5_keyblock *key, - krb5_data *reply) -{ - krb5_error_code ret; - krb5_data ticket; - krb5_keyblock session; - krb5_storage *sp; - krb5_data enc_data; - struct rx_header reply_hdr; - char zero[8]; - size_t pad; - unsigned fyrtiosjuelva; - - /* create the ticket */ - - krb5_generate_random_keyblock(context, ETYPE_DES_PCBC_NONE, &session); - - _krb5_krb_create_ticket(context, - 0, - name, - instance, - realm, - addr->sin_addr.s_addr, - &session, - life, - kdc_time, - sname, - sinstance, - &skey->key, - &ticket); - - /* create the encrypted part of the reply */ - sp = krb5_storage_emem (); - krb5_generate_random_block(&fyrtiosjuelva, sizeof(fyrtiosjuelva)); - fyrtiosjuelva &= 0xffffffff; - krb5_store_int32 (sp, fyrtiosjuelva); - krb5_store_int32 (sp, challenge); - krb5_storage_write (sp, session.keyvalue.data, 8); - krb5_free_keyblock_contents(context, &session); - krb5_store_int32 (sp, kdc_time); - krb5_store_int32 (sp, kdc_time + _krb5_krb_life_to_time (0, life)); - krb5_store_int32 (sp, kvno); - krb5_store_int32 (sp, ticket.length); - krb5_store_stringz (sp, name); - krb5_store_stringz (sp, instance); -#if 1 /* XXX - Why shouldn't the realm go here? */ - krb5_store_stringz (sp, ""); -#else - krb5_store_stringz (sp, realm); -#endif - krb5_store_stringz (sp, sname); - krb5_store_stringz (sp, sinstance); - krb5_storage_write (sp, ticket.data, ticket.length); - krb5_storage_write (sp, label, strlen(label)); - - /* pad to DES block */ - memset (zero, 0, sizeof(zero)); - pad = (8 - krb5_storage_seek (sp, 0, SEEK_CUR) % 8) % 8; - krb5_storage_write (sp, zero, pad); - - krb5_storage_to_data (sp, &enc_data); - krb5_storage_free (sp); - - if (enc_data.length > max_seq_len) { - krb5_data_free (&enc_data); - make_error_reply (hdr, KAANSWERTOOLONG, reply); - return 0; - } - - /* encrypt it */ - { - DES_key_schedule schedule; - DES_cblock deskey; - - memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - DES_set_key (&deskey, &schedule); - DES_pcbc_encrypt (enc_data.data, - enc_data.data, - enc_data.length, - &schedule, - &deskey, - DES_ENCRYPT); - memset (&schedule, 0, sizeof(schedule)); - memset (&deskey, 0, sizeof(deskey)); - } - - /* create the reply packet */ - init_reply_header (hdr, &reply_hdr, HT_DATA, HF_LAST); - sp = krb5_storage_emem (); - ret = encode_rx_header (&reply_hdr, sp); - krb5_store_int32 (sp, max_seq_len); - krb5_store_xdr_data (sp, enc_data); - krb5_data_free (&enc_data); - krb5_storage_to_data (sp, reply); - krb5_storage_free (sp); - return 0; -} - -static krb5_error_code -unparse_auth_args (krb5_storage *sp, - char **name, - char **instance, - time_t *start_time, - time_t *end_time, - krb5_data *request, - int32_t *max_seq_len) -{ - krb5_data data; - int32_t tmp; - - krb5_ret_xdr_data (sp, &data); - *name = malloc(data.length + 1); - if (*name == NULL) - return ENOMEM; - memcpy (*name, data.data, data.length); - (*name)[data.length] = '\0'; - krb5_data_free (&data); - - krb5_ret_xdr_data (sp, &data); - *instance = malloc(data.length + 1); - if (*instance == NULL) { - free (*name); - return ENOMEM; - } - memcpy (*instance, data.data, data.length); - (*instance)[data.length] = '\0'; - krb5_data_free (&data); - - krb5_ret_int32 (sp, &tmp); - *start_time = tmp; - krb5_ret_int32 (sp, &tmp); - *end_time = tmp; - krb5_ret_xdr_data (sp, request); - krb5_ret_int32 (sp, max_seq_len); - /* ignore the rest */ - return 0; -} - -static void -do_authenticate (krb5_context context, - krb5_kdc_configuration *config, - struct rx_header *hdr, - krb5_storage *sp, - struct sockaddr_in *addr, - const char *from, - krb5_data *reply) -{ - krb5_error_code ret; - char *name = NULL; - char *instance = NULL; - time_t start_time; - time_t end_time; - krb5_data request; - int32_t max_seq_len; - hdb_entry_ex *client_entry = NULL; - hdb_entry_ex *server_entry = NULL; - Key *ckey = NULL; - Key *skey = NULL; - krb5_storage *reply_sp; - time_t max_life; - uint8_t life; - int32_t chal; - char client_name[256]; - char server_name[256]; - - krb5_data_zero (&request); - - ret = unparse_auth_args (sp, &name, &instance, &start_time, &end_time, - &request, &max_seq_len); - if (ret != 0 || request.length < 8) { - make_error_reply (hdr, KABADREQUEST, reply); - goto out; - } - - snprintf (client_name, sizeof(client_name), "%s.%s@%s", - name, instance, config->v4_realm); - snprintf (server_name, sizeof(server_name), "%s.%s@%s", - "krbtgt", config->v4_realm, config->v4_realm); - - kdc_log(context, config, 0, "AS-REQ (kaserver) %s from %s for %s", - client_name, from, server_name); - - ret = _kdc_db_fetch4 (context, config, name, instance, - config->v4_realm, HDB_F_GET_CLIENT, - &client_entry); - if (ret) { - kdc_log(context, config, 0, "Client not found in database: %s: %s", - client_name, krb5_get_err_text(context, ret)); - make_error_reply (hdr, KANOENT, reply); - goto out; - } - - ret = _kdc_db_fetch4 (context, config, "krbtgt", - config->v4_realm, config->v4_realm, - HDB_F_GET_KRBTGT, &server_entry); - if (ret) { - kdc_log(context, config, 0, "Server not found in database: %s: %s", - server_name, krb5_get_err_text(context, ret)); - make_error_reply (hdr, KANOENT, reply); - goto out; - } - - ret = _kdc_check_flags (context, config, - client_entry, client_name, - server_entry, server_name, - TRUE); - if (ret) { - make_error_reply (hdr, KAPWEXPIRED, reply); - goto out; - } - - /* find a DES key */ - ret = _kdc_get_des_key(context, client_entry, FALSE, TRUE, &ckey); - if(ret){ - kdc_log(context, config, 0, "no suitable DES key for client"); - make_error_reply (hdr, KANOKEYS, reply); - goto out; - } - - /* find a DES key */ - ret = _kdc_get_des_key(context, server_entry, TRUE, TRUE, &skey); - if(ret){ - kdc_log(context, config, 0, "no suitable DES key for server"); - make_error_reply (hdr, KANOKEYS, reply); - goto out; - } - - { - DES_cblock key; - DES_key_schedule schedule; - - /* try to decode the `request' */ - memcpy (&key, ckey->key.keyvalue.data, sizeof(key)); - DES_set_key (&key, &schedule); - DES_pcbc_encrypt (request.data, - request.data, - request.length, - &schedule, - &key, - DES_DECRYPT); - memset (&schedule, 0, sizeof(schedule)); - memset (&key, 0, sizeof(key)); - } - - /* check for the magic label */ - if (memcmp ((char *)request.data + 4, "gTGS", 4) != 0) { - kdc_log(context, config, 0, "preauth failed for %s", client_name); - make_error_reply (hdr, KABADREQUEST, reply); - goto out; - } - - reply_sp = krb5_storage_from_mem (request.data, 4); - krb5_ret_int32 (reply_sp, &chal); - krb5_storage_free (reply_sp); - - if (abs(chal - kdc_time) > context->max_skew) { - make_error_reply (hdr, KACLOCKSKEW, reply); - goto out; - } - - /* life */ - max_life = end_time - kdc_time; - /* end_time - kdc_time can sometimes be non-positive due to slight - time skew between client and server. Let's make sure it is postive */ - if(max_life < 1) - max_life = 1; - if (client_entry->entry.max_life) - max_life = min(max_life, *client_entry->entry.max_life); - if (server_entry->entry.max_life) - max_life = min(max_life, *server_entry->entry.max_life); - - life = krb_time_to_life(kdc_time, kdc_time + max_life); - - create_reply_ticket (context, - hdr, skey, - name, instance, config->v4_realm, - addr, life, server_entry->entry.kvno, - max_seq_len, - "krbtgt", config->v4_realm, - chal + 1, "tgsT", - &ckey->key, reply); - - out: - if (request.length) { - memset (request.data, 0, request.length); - krb5_data_free (&request); - } - if (name) - free (name); - if (instance) - free (instance); - if (client_entry) - _kdc_free_ent (context, client_entry); - if (server_entry) - _kdc_free_ent (context, server_entry); -} - -static krb5_error_code -unparse_getticket_args (krb5_storage *sp, - int *kvno, - char **auth_domain, - krb5_data *ticket, - char **name, - char **instance, - krb5_data *times, - int32_t *max_seq_len) -{ - krb5_data data; - int32_t tmp; - - krb5_ret_int32 (sp, &tmp); - *kvno = tmp; - - krb5_ret_xdr_data (sp, &data); - *auth_domain = malloc(data.length + 1); - if (*auth_domain == NULL) - return ENOMEM; - memcpy (*auth_domain, data.data, data.length); - (*auth_domain)[data.length] = '\0'; - krb5_data_free (&data); - - krb5_ret_xdr_data (sp, ticket); - - krb5_ret_xdr_data (sp, &data); - *name = malloc(data.length + 1); - if (*name == NULL) { - free (*auth_domain); - return ENOMEM; - } - memcpy (*name, data.data, data.length); - (*name)[data.length] = '\0'; - krb5_data_free (&data); - - krb5_ret_xdr_data (sp, &data); - *instance = malloc(data.length + 1); - if (*instance == NULL) { - free (*auth_domain); - free (*name); - return ENOMEM; - } - memcpy (*instance, data.data, data.length); - (*instance)[data.length] = '\0'; - krb5_data_free (&data); - - krb5_ret_xdr_data (sp, times); - - krb5_ret_int32 (sp, max_seq_len); - /* ignore the rest */ - return 0; -} - -static void -do_getticket (krb5_context context, - krb5_kdc_configuration *config, - struct rx_header *hdr, - krb5_storage *sp, - struct sockaddr_in *addr, - const char *from, - krb5_data *reply) -{ - krb5_error_code ret; - int kvno; - char *auth_domain = NULL; - krb5_data aticket; - char *name = NULL; - char *instance = NULL; - krb5_data times; - int32_t max_seq_len; - hdb_entry_ex *server_entry = NULL; - hdb_entry_ex *client_entry = NULL; - hdb_entry_ex *krbtgt_entry = NULL; - Key *kkey = NULL; - Key *skey = NULL; - DES_cblock key; - DES_key_schedule schedule; - DES_cblock session; - time_t max_life; - int8_t life; - time_t start_time, end_time; - char server_name[256]; - char client_name[256]; - struct _krb5_krb_auth_data ad; - - krb5_data_zero (&aticket); - krb5_data_zero (×); - - memset(&ad, 0, sizeof(ad)); - - unparse_getticket_args (sp, &kvno, &auth_domain, &aticket, - &name, &instance, ×, &max_seq_len); - if (times.length < 8) { - make_error_reply (hdr, KABADREQUEST, reply); - goto out; - - } - - snprintf (server_name, sizeof(server_name), - "%s.%s@%s", name, instance, config->v4_realm); - - ret = _kdc_db_fetch4 (context, config, name, instance, - config->v4_realm, HDB_F_GET_SERVER, &server_entry); - if (ret) { - kdc_log(context, config, 0, "Server not found in database: %s: %s", - server_name, krb5_get_err_text(context, ret)); - make_error_reply (hdr, KANOENT, reply); - goto out; - } - - ret = _kdc_db_fetch4 (context, config, "krbtgt", - config->v4_realm, config->v4_realm, HDB_F_GET_KRBTGT, &krbtgt_entry); - if (ret) { - kdc_log(context, config, 0, - "Server not found in database: %s.%s@%s: %s", - "krbtgt", config->v4_realm, config->v4_realm, - krb5_get_err_text(context, ret)); - make_error_reply (hdr, KANOENT, reply); - goto out; - } - - /* find a DES key */ - ret = _kdc_get_des_key(context, krbtgt_entry, TRUE, TRUE, &kkey); - if(ret){ - kdc_log(context, config, 0, "no suitable DES key for krbtgt"); - make_error_reply (hdr, KANOKEYS, reply); - goto out; - } - - /* find a DES key */ - ret = _kdc_get_des_key(context, server_entry, TRUE, TRUE, &skey); - if(ret){ - kdc_log(context, config, 0, "no suitable DES key for server"); - make_error_reply (hdr, KANOKEYS, reply); - goto out; - } - - /* decrypt the incoming ticket */ - memcpy (&key, kkey->key.keyvalue.data, sizeof(key)); - - /* unpack the ticket */ - { - char *sname = NULL; - char *sinstance = NULL; - - ret = _krb5_krb_decomp_ticket(context, &aticket, &kkey->key, - config->v4_realm, &sname, - &sinstance, &ad); - if (ret) { - kdc_log(context, config, 0, - "kaserver: decomp failed for %s.%s with %d", - sname, sinstance, ret); - make_error_reply (hdr, KABADTICKET, reply); - goto out; - } - - if (strcmp (sname, "krbtgt") != 0 - || strcmp (sinstance, config->v4_realm) != 0) { - kdc_log(context, config, 0, "no TGT: %s.%s for %s.%s@%s", - sname, sinstance, - ad.pname, ad.pinst, ad.prealm); - make_error_reply (hdr, KABADTICKET, reply); - free(sname); - free(sinstance); - goto out; - } - free(sname); - free(sinstance); - - if (kdc_time > _krb5_krb_life_to_time(ad.time_sec, ad.life)) { - kdc_log(context, config, 0, "TGT expired: %s.%s@%s", - ad.pname, ad.pinst, ad.prealm); - make_error_reply (hdr, KABADTICKET, reply); - goto out; - } - } - - snprintf (client_name, sizeof(client_name), - "%s.%s@%s", ad.pname, ad.pinst, ad.prealm); - - kdc_log(context, config, 0, "TGS-REQ (kaserver) %s from %s for %s", - client_name, from, server_name); - - ret = _kdc_db_fetch4 (context, config, - ad.pname, ad.pinst, ad.prealm, HDB_F_GET_CLIENT, - &client_entry); - if(ret && ret != HDB_ERR_NOENTRY) { - kdc_log(context, config, 0, - "Client not found in database: (krb4) %s: %s", - client_name, krb5_get_err_text(context, ret)); - make_error_reply (hdr, KANOENT, reply); - goto out; - } - if (client_entry == NULL && strcmp(ad.prealm, config->v4_realm) == 0) { - kdc_log(context, config, 0, - "Local client not found in database: (krb4) " - "%s", client_name); - make_error_reply (hdr, KANOENT, reply); - goto out; - } - - ret = _kdc_check_flags (context, config, - client_entry, client_name, - server_entry, server_name, - FALSE); - if (ret) { - make_error_reply (hdr, KAPWEXPIRED, reply); - goto out; - } - - /* decrypt the times */ - memcpy(&session, ad.session.keyvalue.data, sizeof(session)); - DES_set_key (&session, &schedule); - DES_ecb_encrypt (times.data, - times.data, - &schedule, - DES_DECRYPT); - memset (&schedule, 0, sizeof(schedule)); - memset (&session, 0, sizeof(session)); - - /* and extract them */ - { - krb5_storage *tsp; - int32_t tmp; - - tsp = krb5_storage_from_mem (times.data, times.length); - krb5_ret_int32 (tsp, &tmp); - start_time = tmp; - krb5_ret_int32 (tsp, &tmp); - end_time = tmp; - krb5_storage_free (tsp); - } - - /* life */ - max_life = end_time - kdc_time; - /* end_time - kdc_time can sometimes be non-positive due to slight - time skew between client and server. Let's make sure it is postive */ - if(max_life < 1) - max_life = 1; - if (krbtgt_entry->entry.max_life) - max_life = min(max_life, *krbtgt_entry->entry.max_life); - if (server_entry->entry.max_life) - max_life = min(max_life, *server_entry->entry.max_life); - /* if this is a cross realm request, the client_entry will likely - be NULL */ - if (client_entry && client_entry->entry.max_life) - max_life = min(max_life, *client_entry->entry.max_life); - - life = _krb5_krb_time_to_life(kdc_time, kdc_time + max_life); - - create_reply_ticket (context, - hdr, skey, - ad.pname, ad.pinst, ad.prealm, - addr, life, server_entry->entry.kvno, - max_seq_len, - name, instance, - 0, "gtkt", - &ad.session, reply); - - out: - _krb5_krb_free_auth_data(context, &ad); - if (aticket.length) { - memset (aticket.data, 0, aticket.length); - krb5_data_free (&aticket); - } - if (times.length) { - memset (times.data, 0, times.length); - krb5_data_free (×); - } - if (auth_domain) - free (auth_domain); - if (name) - free (name); - if (instance) - free (instance); - if (krbtgt_entry) - _kdc_free_ent (context, krbtgt_entry); - if (server_entry) - _kdc_free_ent (context, server_entry); -} - -krb5_error_code -_kdc_do_kaserver(krb5_context context, - krb5_kdc_configuration *config, - unsigned char *buf, - size_t len, - krb5_data *reply, - const char *from, - struct sockaddr_in *addr) -{ - krb5_error_code ret = 0; - struct rx_header hdr; - uint32_t op; - krb5_storage *sp; - - if (len < RX_HEADER_SIZE) - return -1; - sp = krb5_storage_from_mem (buf, len); - - ret = decode_rx_header (sp, &hdr); - if (ret) - goto out; - buf += RX_HEADER_SIZE; - len -= RX_HEADER_SIZE; - - switch (hdr.type) { - case HT_DATA : - break; - case HT_ACK : - case HT_BUSY : - case HT_ABORT : - case HT_ACKALL : - case HT_CHAL : - case HT_RESP : - case HT_DEBUG : - default: - /* drop */ - goto out; - } - - - if (hdr.serviceid != KA_AUTHENTICATION_SERVICE - && hdr.serviceid != KA_TICKET_GRANTING_SERVICE) { - ret = -1; - goto out; - } - - ret = krb5_ret_uint32(sp, &op); - if (ret) - goto out; - switch (op) { - case AUTHENTICATE : - case AUTHENTICATE_V2 : - do_authenticate (context, config, &hdr, sp, addr, from, reply); - break; - case GETTICKET : - do_getticket (context, config, &hdr, sp, addr, from, reply); - break; - case AUTHENTICATE_OLD : - case CHANGEPASSWORD : - case GETTICKET_OLD : - case SETPASSWORD : - case SETFIELDS : - case CREATEUSER : - case DELETEUSER : - case GETENTRY : - case LISTENTRY : - case GETSTATS : - case DEBUG : - case GETPASSWORD : - case GETRANDOMKEY : - default : - make_error_reply (&hdr, RXGEN_OPCODE, reply); - break; - } - -out: - krb5_storage_free (sp); - return ret; -} diff --git a/crypto/heimdal/kdc/kdc-private.h b/crypto/heimdal/kdc/kdc-private.h deleted file mode 100644 index 030be9ae58ba..000000000000 --- a/crypto/heimdal/kdc/kdc-private.h +++ /dev/null @@ -1,286 +0,0 @@ -/* This is a generated file */ -#ifndef __kdc_private_h__ -#define __kdc_private_h__ - -#include - -krb5_error_code -_kdc_add_KRB5SignedPath ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - hdb_entry_ex */*krbtgt*/, - krb5_enctype /*enctype*/, - krb5_const_principal /*server*/, - KRB5SignedPathPrincipals */*principals*/, - EncTicketPart */*tkt*/); - -krb5_error_code -_kdc_add_inital_verified_cas ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - pk_client_params */*params*/, - EncTicketPart */*tkt*/); - -krb5_error_code -_kdc_as_rep ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - KDC_REQ */*req*/, - const krb5_data */*req_buffer*/, - krb5_data */*reply*/, - const char */*from*/, - struct sockaddr */*from_addr*/, - int /*datagram_reply*/); - -krb5_boolean -_kdc_check_addresses ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - HostAddresses */*addresses*/, - const struct sockaddr */*from*/); - -krb5_error_code -_kdc_check_flags ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - hdb_entry_ex */*client_ex*/, - const char */*client_name*/, - hdb_entry_ex */*server_ex*/, - const char */*server_name*/, - krb5_boolean /*is_as_req*/); - -krb5_error_code -_kdc_db_fetch ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - krb5_const_principal /*principal*/, - unsigned /*flags*/, - HDB **/*db*/, - hdb_entry_ex **/*h*/); - -krb5_error_code -_kdc_db_fetch4 ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - const char */*name*/, - const char */*instance*/, - const char */*realm*/, - unsigned /*flags*/, - hdb_entry_ex **/*ent*/); - -krb5_error_code -_kdc_do_524 ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - const Ticket */*t*/, - krb5_data */*reply*/, - const char */*from*/, - struct sockaddr */*addr*/); - -krb5_error_code -_kdc_do_digest ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - const DigestREQ */*req*/, - krb5_data */*reply*/, - const char */*from*/, - struct sockaddr */*addr*/); - -krb5_error_code -_kdc_do_kaserver ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - unsigned char */*buf*/, - size_t /*len*/, - krb5_data */*reply*/, - const char */*from*/, - struct sockaddr_in */*addr*/); - -krb5_error_code -_kdc_do_kx509 ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - const Kx509Request */*req*/, - krb5_data */*reply*/, - const char */*from*/, - struct sockaddr */*addr*/); - -krb5_error_code -_kdc_do_version4 ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - unsigned char */*buf*/, - size_t /*len*/, - krb5_data */*reply*/, - const char */*from*/, - struct sockaddr_in */*addr*/); - -krb5_error_code -_kdc_encode_reply ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - KDC_REP */*rep*/, - const EncTicketPart */*et*/, - EncKDCRepPart */*ek*/, - krb5_enctype /*etype*/, - int /*skvno*/, - const EncryptionKey */*skey*/, - int /*ckvno*/, - const EncryptionKey */*ckey*/, - const char **/*e_text*/, - krb5_data */*reply*/); - -krb5_error_code -_kdc_encode_v4_ticket ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - void */*buf*/, - size_t /*len*/, - const EncTicketPart */*et*/, - const PrincipalName */*service*/, - size_t */*size*/); - -krb5_error_code -_kdc_find_etype ( - krb5_context /*context*/, - const hdb_entry_ex */*princ*/, - krb5_enctype */*etypes*/, - unsigned /*len*/, - Key **/*ret_key*/, - krb5_enctype */*ret_etype*/); - -const PA_DATA* -_kdc_find_padata ( - const KDC_REQ */*req*/, - int */*start*/, - int /*type*/); - -void -_kdc_fix_time (time_t **/*t*/); - -void -_kdc_free_ent ( - krb5_context /*context*/, - hdb_entry_ex */*ent*/); - -krb5_error_code -_kdc_get_des_key ( - krb5_context /*context*/, - hdb_entry_ex */*principal*/, - krb5_boolean /*is_server*/, - krb5_boolean /*prefer_afs_key*/, - Key **/*ret_key*/); - -krb5_error_code -_kdc_get_preferred_key ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - hdb_entry_ex */*h*/, - const char */*name*/, - krb5_enctype */*enctype*/, - Key **/*key*/); - -void -_kdc_log_timestamp ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - const char */*type*/, - KerberosTime /*authtime*/, - KerberosTime */*starttime*/, - KerberosTime /*endtime*/, - KerberosTime */*renew_till*/); - -krb5_error_code -_kdc_make_anonymous_principalname (PrincipalName */*pn*/); - -int -_kdc_maybe_version4 ( - unsigned char */*buf*/, - int /*len*/); - -krb5_error_code -_kdc_pac_generate ( - krb5_context /*context*/, - hdb_entry_ex */*client*/, - krb5_pac */*pac*/); - -krb5_error_code -_kdc_pac_verify ( - krb5_context /*context*/, - const krb5_principal /*client_principal*/, - hdb_entry_ex */*client*/, - hdb_entry_ex */*server*/, - krb5_pac */*pac*/); - -krb5_error_code -_kdc_pk_check_client ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - const hdb_entry_ex */*client*/, - pk_client_params */*client_params*/, - char **/*subject_name*/); - -void -_kdc_pk_free_client_param ( - krb5_context /*context*/, - pk_client_params */*client_params*/); - -krb5_error_code -_kdc_pk_initialize ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - const char */*user_id*/, - const char */*anchors*/, - char **/*pool*/, - char **/*revoke_list*/); - -krb5_error_code -_kdc_pk_mk_pa_reply ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - pk_client_params */*client_params*/, - const hdb_entry_ex */*client*/, - const KDC_REQ */*req*/, - const krb5_data */*req_buffer*/, - krb5_keyblock **/*reply_key*/, - METHOD_DATA */*md*/); - -krb5_error_code -_kdc_pk_rd_padata ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - const KDC_REQ */*req*/, - const PA_DATA */*pa*/, - pk_client_params **/*ret_params*/); - -krb5_error_code -_kdc_tgs_rep ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - KDC_REQ */*req*/, - krb5_data */*data*/, - const char */*from*/, - struct sockaddr */*from_addr*/, - int /*datagram_reply*/); - -krb5_error_code -_kdc_tkt_add_if_relevant_ad ( - krb5_context /*context*/, - EncTicketPart */*tkt*/, - int /*type*/, - const krb5_data */*data*/); - -krb5_error_code -_kdc_try_kx509_request ( - void */*ptr*/, - size_t /*len*/, - Kx509Request */*req*/, - size_t */*size*/); - -krb5_error_code -_kdc_windc_client_access ( - krb5_context /*context*/, - struct hdb_entry_ex */*client*/, - KDC_REQ */*req*/); - -#endif /* __kdc_private_h__ */ diff --git a/crypto/heimdal/kdc/kdc-protos.h b/crypto/heimdal/kdc/kdc-protos.h deleted file mode 100644 index 15e8c29f4cb1..000000000000 --- a/crypto/heimdal/kdc/kdc-protos.h +++ /dev/null @@ -1,92 +0,0 @@ -/* This is a generated file */ -#ifndef __kdc_protos_h__ -#define __kdc_protos_h__ - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -void -kdc_log ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - int /*level*/, - const char */*fmt*/, - ...); - -char* -kdc_log_msg ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - int /*level*/, - const char */*fmt*/, - ...); - -char* -kdc_log_msg_va ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - int /*level*/, - const char */*fmt*/, - va_list /*ap*/); - -void -kdc_openlog ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/); - -krb5_error_code -krb5_kdc_get_config ( - krb5_context /*context*/, - krb5_kdc_configuration **/*config*/); - -int -krb5_kdc_process_krb5_request ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - unsigned char */*buf*/, - size_t /*len*/, - krb5_data */*reply*/, - const char */*from*/, - struct sockaddr */*addr*/, - int /*datagram_reply*/); - -int -krb5_kdc_process_request ( - krb5_context /*context*/, - krb5_kdc_configuration */*config*/, - unsigned char */*buf*/, - size_t /*len*/, - krb5_data */*reply*/, - krb5_boolean */*prependlength*/, - const char */*from*/, - struct sockaddr */*addr*/, - int /*datagram_reply*/); - -int -krb5_kdc_save_request ( - krb5_context /*context*/, - const char */*fn*/, - const unsigned char */*buf*/, - size_t /*len*/, - const krb5_data */*reply*/, - const struct sockaddr */*sa*/); - -krb5_error_code -krb5_kdc_set_dbinfo ( - krb5_context /*context*/, - struct krb5_kdc_configuration */*c*/); - -void -krb5_kdc_update_time (struct timeval */*tv*/); - -krb5_error_code -krb5_kdc_windc_init (krb5_context /*context*/); - -#ifdef __cplusplus -} -#endif - -#endif /* __kdc_protos_h__ */ diff --git a/crypto/heimdal/kdc/kdc-replay.c b/crypto/heimdal/kdc/kdc-replay.c deleted file mode 100644 index 966831dca3f0..000000000000 --- a/crypto/heimdal/kdc/kdc-replay.c +++ /dev/null @@ -1,197 +0,0 @@ -/* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" - -RCSID("$Id: kdc-replay.c 21945 2007-10-03 21:52:24Z lha $"); - -static int version_flag; -static int help_flag; - -struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 'h', arg_flag, &help_flag } -}; - -const static int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage(int ret) -{ - arg_printusage (args, num_args, NULL, "kdc-request-log-file"); - exit (ret); -} - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - krb5_context context; - krb5_kdc_configuration *config; - krb5_storage *sp; - int fd, optidx = 0; - - setprogname(argv[0]); - - if(getarg(args, num_args, argc, argv, &optidx)) - usage(1); - - if(help_flag) - usage(0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed to parse configuration file"); - - ret = krb5_kdc_get_config(context, &config); - if (ret) - krb5_err(context, 1, ret, "krb5_kdc_default_config"); - - kdc_openlog(context, config); - - ret = krb5_kdc_set_dbinfo(context, config); - if (ret) - krb5_err(context, 1, ret, "krb5_kdc_set_dbinfo"); - - if (argc != 2) - errx(1, "argc != 2"); - - printf("kdc replay\n"); - - fd = open(argv[1], O_RDONLY); - if (fd < 0) - err(1, "open: %s", argv[1]); - - sp = krb5_storage_from_fd(fd); - if (sp == NULL) - krb5_errx(context, 1, "krb5_storage_from_fd"); - - while(1) { - struct sockaddr_storage sa; - krb5_socklen_t salen = sizeof(sa); - struct timeval tv; - krb5_address a; - krb5_data d, r; - uint32_t t, clty, tag; - char astr[80]; - - ret = krb5_ret_uint32(sp, &t); - if (ret == HEIM_ERR_EOF) - break; - else if (ret) - krb5_errx(context, 1, "krb5_ret_uint32(version)"); - if (t != 1) - krb5_errx(context, 1, "version not 1"); - ret = krb5_ret_uint32(sp, &t); - if (ret) - krb5_errx(context, 1, "krb5_ret_uint32(time)"); - ret = krb5_ret_address(sp, &a); - if (ret) - krb5_errx(context, 1, "krb5_ret_address"); - ret = krb5_ret_data(sp, &d); - if (ret) - krb5_errx(context, 1, "krb5_ret_data"); - ret = krb5_ret_uint32(sp, &clty); - if (ret) - krb5_errx(context, 1, "krb5_ret_uint32(class|type)"); - ret = krb5_ret_uint32(sp, &tag); - if (ret) - krb5_errx(context, 1, "krb5_ret_uint32(tag)"); - - - ret = krb5_addr2sockaddr (context, &a, (struct sockaddr *)&sa, - &salen, 88); - if (ret == KRB5_PROG_ATYPE_NOSUPP) - goto out; - else if (ret) - krb5_err(context, 1, ret, "krb5_addr2sockaddr"); - - ret = krb5_print_address(&a, astr, sizeof(astr), NULL); - if (ret) - krb5_err(context, 1, ret, "krb5_print_address"); - - printf("processing request from %s, %lu bytes\n", - astr, (unsigned long)d.length); - - r.length = 0; - r.data = NULL; - - tv.tv_sec = t; - tv.tv_usec = 0; - - krb5_kdc_update_time(&tv); - krb5_set_real_time(context, tv.tv_sec, 0); - - ret = krb5_kdc_process_request(context, config, d.data, d.length, - &r, NULL, astr, - (struct sockaddr *)&sa, 0); - if (ret) - krb5_err(context, 1, ret, "krb5_kdc_process_request"); - - if (r.length) { - Der_class cl; - Der_type ty; - unsigned int tag2; - ret = der_get_tag (r.data, r.length, - &cl, &ty, &tag2, NULL); - if (MAKE_TAG(cl, ty, 0) != clty) - krb5_errx(context, 1, "class|type mismatch: %d != %d", - (int)MAKE_TAG(cl, ty, 0), (int)clty); - if (tag != tag2) - krb5_errx(context, 1, "tag mismatch"); - - krb5_data_free(&r); - } else { - if (clty != 0xffffffff) - krb5_errx(context, 1, "clty not invalid"); - if (tag != 0xffffffff) - krb5_errx(context, 1, "tag not invalid"); - } - - out: - krb5_data_free(&d); - krb5_free_address(context, &a); - } - - krb5_storage_free(sp); - krb5_free_context(context); - - printf("done\n"); - - return 0; -} diff --git a/crypto/heimdal/kdc/kdc.8 b/crypto/heimdal/kdc/kdc.8 deleted file mode 100644 index 331682f1cd6b..000000000000 --- a/crypto/heimdal/kdc/kdc.8 +++ /dev/null @@ -1,262 +0,0 @@ -.\" Copyright (c) 2003 - 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kdc.8 18419 2006-10-12 10:05:57Z lha $ -.\" -.Dd August 24, 2006 -.Dt KDC 8 -.Os HEIMDAL -.Sh NAME -.Nm kdc -.Nd Kerberos 5 server -.Sh SYNOPSIS -.Nm -.Bk -words -.Oo Fl c Ar file \*(Ba Xo -.Fl -config-file= Ns Ar file -.Xc -.Oc -.Op Fl p | Fl -no-require-preauth -.Op Fl -max-request= Ns Ar size -.Op Fl H | Fl -enable-http -.Op Fl -no-524 -.Op Fl -kerberos4 -.Op Fl -kerberos4-cross-realm -.Oo Fl r Ar string \*(Ba Xo -.Fl -v4-realm= Ns Ar string -.Xc -.Oc -.Op Fl K | Fl -kaserver -.Oo Fl P Ar portspec \*(Ba Xo -.Fl -ports= Ns Ar portspec -.Xc -.Oc -.Op Fl -detach -.Op Fl -disable-DES -.Op Fl -addresses= Ns Ar list of addresses -.Ek -.Sh DESCRIPTION -.Nm -serves requests for tickets. -When it starts, it first checks the flags passed, any options that are -not specified with a command line flag are taken from a config file, -or from a default compiled-in value. -.Pp -Options supported: -.Bl -tag -width Ds -.It Xo -.Fl c Ar file , -.Fl -config-file= Ns Ar file -.Xc -Specifies the location of the config file, the default is -.Pa /var/heimdal/kdc.conf . -This is the only value that can't be specified in the config file. -.It Xo -.Fl p , -.Fl -no-require-preauth -.Xc -Turn off the requirement for pre-autentication in the initial AS-REQ -for all principals. -The use of pre-authentication makes it more difficult to do offline -password attacks. -You might want to turn it off if you have clients -that don't support pre-authentication. -Since the version 4 protocol doesn't support any pre-authentication, -serving version 4 clients is just about the same as not requiring -pre-athentication. -The default is to require pre-authentication. -Adding the require-preauth per principal is a more flexible way of -handling this. -.It Xo -.Fl -max-request= Ns Ar size -.Xc -Gives an upper limit on the size of the requests that the kdc is -willing to handle. -.It Xo -.Fl H , -.Fl -enable-http -.Xc -Makes the kdc listen on port 80 and handle requests encapsulated in HTTP. -.It Xo -.Fl -no-524 -.Xc -don't respond to 524 requests -.It Xo -.Fl -kerberos4 -.Xc -respond to Kerberos 4 requests -.It Xo -.Fl -kerberos4-cross-realm -.Xc -respond to Kerberos 4 requests from foreign realms. -This is a known security hole and should not be enabled unless you -understand the consequences and are willing to live with them. -.It Xo -.Fl r Ar string , -.Fl -v4-realm= Ns Ar string -.Xc -What realm this server should act as when dealing with version 4 -requests. -The database can contain any number of realms, but since the version 4 -protocol doesn't contain a realm for the server, it must be explicitly -specified. -The default is whatever is returned by -.Fn krb_get_lrealm . -This option is only availabe if the KDC has been compiled with version -4 support. -.It Xo -.Fl K , -.Fl -kaserver -.Xc -Enable kaserver emulation (in case it's compiled in). -.It Xo -.Fl P Ar portspec , -.Fl -ports= Ns Ar portspec -.Xc -Specifies the set of ports the KDC should listen on. -It is given as a -white-space separated list of services or port numbers. -.It Fl -addresses= Ns Ar list of addresses -The list of addresses to listen for requests on. -By default, the kdc will listen on all the locally configured -addresses. -If only a subset is desired, or the automatic detection fails, this -option might be used. -.It Fl -detach -detach from pty and run as a daemon. -.It Fl -disable-DES -disable add des encryption types, makes the kdc not use them. -.El -.Pp -All activities are logged to one or more destinations, see -.Xr krb5.conf 5 , -and -.Xr krb5_openlog 3 . -The entity used for logging is -.Nm kdc . -.Sh CONFIGURATION FILE -The configuration file has the same syntax as -.Xr krb5.conf 5 , -but will be read before -.Pa /etc/krb5.conf , -so it may override settings found there. -Options specific to the KDC only are found in the -.Dq [kdc] -section. -All the command-line options can preferably be added in the -configuration file. -The only difference is the pre-authentication flag, which has to be -specified as: -.Pp -.Dl require-preauth = no -.Pp -(in fact you can specify the option as -.Fl -require-preauth=no ) . -.Pp -And there are some configuration options which do not have -command-line equivalents: -.Bl -tag -width "xxx" -offset indent -.It Li enable-digest = Va boolean -turn on support for digest processing in the KDC. -The default is FALSE. -.It Li check-ticket-addresses = Va boolean -Check the addresses in the ticket when processing TGS requests. -The default is TRUE. -.It Li allow-null-ticket-addresses = Va boolean -Permit tickets with no addresses. -This option is only relevant when check-ticket-addresses is TRUE. -.It Li allow-anonymous = Va boolean -Permit anonymous tickets with no addresses. -.It Li max-kdc-datagram-reply-length = Va number -Maximum packet size the UDP rely that the KDC will transmit, instead -the KDC sends back a reply telling the client to use TCP instead. -.It Li transited-policy = Xo -.Li always-check \*(Ba -.Li allow-per-principal | -.Li always-honour-request -.Xc -This controls how KDC requests with the -.Li disable-transited-check -flag are handled. It can be one of: -.Bl -tag -width "xxx" -offset indent -.It Li always-check -Always check transited encoding, this is the default. -.It Li allow-per-principal -Currently this is identical to -.Li always-check . -In a future release, it will be possible to mark a principal as able -to handle unchecked requests. -.It Li always-honour-request -Always do what the client asked. -In a future release, it will be possible to force a check per -principal. -.El -.It encode_as_rep_as_tgs_rep = Va boolean -Encode AS-Rep as TGS-Rep to be bug-compatible with old DCE code. -The Heimdal clients allow both. -.It kdc_warn_pwexpire = Va time -How long before password/principal expiration the KDC should start -sending out warning messages. -.El -.Pp -The configuration file is only read when the -.Nm -is started. -If changes made to the configuration file are to take effect, the -.Nm -needs to be restarted. -.Pp -An example of a config file: -.Bd -literal -offset indent -[kdc] - require-preauth = no - v4-realm = FOO.SE -.Ed -.Sh BUGS -If the machine running the KDC has new addresses added to it, the KDC -will have to be restarted to listen to them. -The reason it doesn't just listen to wildcarded (like INADDR_ANY) -addresses, is that the replies has to come from the same address they -were sent to, and most OS:es doesn't pass this information to the -application. -If your normal mode of operation require that you add and remove -addresses, the best option is probably to listen to a wildcarded TCP -socket, and make sure your clients use TCP to connect. -For instance, this will listen to IPv4 TCP port 88 only: -.Bd -literal -offset indent -kdc --addresses=0.0.0.0 --ports="88/tcp" -.Ed -.Pp -There should be a way to specify protocol, port, and address triplets, -not just addresses and protocol, port tuples. -.Sh SEE ALSO -.Xr kinit 1 , -.Xr krb5.conf 5 diff --git a/crypto/heimdal/kdc/kdc.h b/crypto/heimdal/kdc/kdc.h deleted file mode 100644 index 6c129f38f520..000000000000 --- a/crypto/heimdal/kdc/kdc.h +++ /dev/null @@ -1,96 +0,0 @@ -/* - * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * - * Copyright (c) 2005 Andrew Bartlett - * - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * $Id: kdc.h 21287 2007-06-25 14:09:03Z lha $ - */ - -#ifndef __KDC_H__ -#define __KDC_H__ - -#include - -enum krb5_kdc_trpolicy { - TRPOLICY_ALWAYS_CHECK, - TRPOLICY_ALLOW_PER_PRINCIPAL, - TRPOLICY_ALWAYS_HONOUR_REQUEST -}; - -typedef struct krb5_kdc_configuration { - krb5_boolean require_preauth; /* require preauth for all principals */ - time_t kdc_warn_pwexpire; /* time before expiration to print a warning */ - - struct HDB **db; - int num_db; - - krb5_boolean encode_as_rep_as_tgs_rep; /* bug compatibility */ - - krb5_boolean check_ticket_addresses; - krb5_boolean allow_null_ticket_addresses; - krb5_boolean allow_anonymous; - enum krb5_kdc_trpolicy trpolicy; - - char *v4_realm; - krb5_boolean enable_v4; - krb5_boolean enable_v4_cross_realm; - krb5_boolean enable_v4_per_principal; - - krb5_boolean enable_kaserver; - - krb5_boolean enable_524; - - krb5_boolean enable_pkinit; - krb5_boolean pkinit_princ_in_cert; - char *pkinit_kdc_ocsp_file; - int pkinit_dh_min_bits; - int pkinit_require_binding; - - krb5_log_facility *logf; - - int enable_digest; - int digests_allowed; - - size_t max_datagram_reply_length; - - int enable_kx509; - const char *kx509_template; - const char *kx509_ca; - -} krb5_kdc_configuration; - -#include - -#endif diff --git a/crypto/heimdal/kdc/kdc_locl.h b/crypto/heimdal/kdc/kdc_locl.h deleted file mode 100644 index fe0523665a4d..000000000000 --- a/crypto/heimdal/kdc/kdc_locl.h +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * $Id: kdc_locl.h 22247 2007-12-08 23:49:41Z lha $ - */ - -#ifndef __KDC_LOCL_H__ -#define __KDC_LOCL_H__ - -#include "headers.h" -#include "kdc.h" - -typedef struct pk_client_params pk_client_params; -#include - -extern sig_atomic_t exit_flag; -extern size_t max_request; -extern const char *request_log; -extern const char *port_str; -extern krb5_addresses explicit_addresses; - -extern int enable_http; - -#define DETACH_IS_DEFAULT FALSE - -extern int detach_from_console; - -extern const struct units _kdc_digestunits[]; - -#define KDC_LOG_FILE "kdc.log" - -extern struct timeval _kdc_now; -#define kdc_time (_kdc_now.tv_sec) - -void -loop(krb5_context context, krb5_kdc_configuration *config); - -krb5_kdc_configuration * -configure(krb5_context context, int argc, char **argv); - -#endif /* __KDC_LOCL_H__ */ diff --git a/crypto/heimdal/kdc/kerberos4.c b/crypto/heimdal/kdc/kerberos4.c deleted file mode 100644 index cbba64945b3e..000000000000 --- a/crypto/heimdal/kdc/kerberos4.c +++ /dev/null @@ -1,805 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" - -#include - -RCSID("$Id: kerberos4.c 21577 2007-07-16 08:14:06Z lha $"); - -#ifndef swap32 -static uint32_t -swap32(uint32_t x) -{ - return ((x << 24) & 0xff000000) | - ((x << 8) & 0xff0000) | - ((x >> 8) & 0xff00) | - ((x >> 24) & 0xff); -} -#endif /* swap32 */ - -int -_kdc_maybe_version4(unsigned char *buf, int len) -{ - return len > 0 && *buf == 4; -} - -static void -make_err_reply(krb5_context context, krb5_data *reply, - int code, const char *msg) -{ - _krb5_krb_cr_err_reply(context, "", "", "", - kdc_time, code, msg, reply); -} - -struct valid_princ_ctx { - krb5_kdc_configuration *config; - unsigned flags; -}; - -static krb5_boolean -valid_princ(krb5_context context, - void *funcctx, - krb5_principal princ) -{ - struct valid_princ_ctx *ctx = funcctx; - krb5_error_code ret; - char *s; - hdb_entry_ex *ent; - - ret = krb5_unparse_name(context, princ, &s); - if (ret) - return FALSE; - ret = _kdc_db_fetch(context, ctx->config, princ, ctx->flags, NULL, &ent); - if (ret) { - kdc_log(context, ctx->config, 7, "Lookup %s failed: %s", s, - krb5_get_err_text (context, ret)); - free(s); - return FALSE; - } - kdc_log(context, ctx->config, 7, "Lookup %s succeeded", s); - free(s); - _kdc_free_ent(context, ent); - return TRUE; -} - -krb5_error_code -_kdc_db_fetch4(krb5_context context, - krb5_kdc_configuration *config, - const char *name, const char *instance, const char *realm, - unsigned flags, - hdb_entry_ex **ent) -{ - krb5_principal p; - krb5_error_code ret; - struct valid_princ_ctx ctx; - - ctx.config = config; - ctx.flags = flags; - - ret = krb5_425_conv_principal_ext2(context, name, instance, realm, - valid_princ, &ctx, 0, &p); - if(ret) - return ret; - ret = _kdc_db_fetch(context, config, p, flags, NULL, ent); - krb5_free_principal(context, p); - return ret; -} - -#define RCHECK(X, L) if(X){make_err_reply(context, reply, KFAILURE, "Packet too short"); goto L;} - -/* - * Process the v4 request in `buf, len' (received from `addr' - * (with string `from'). - * Return an error code and a reply in `reply'. - */ - -krb5_error_code -_kdc_do_version4(krb5_context context, - krb5_kdc_configuration *config, - unsigned char *buf, - size_t len, - krb5_data *reply, - const char *from, - struct sockaddr_in *addr) -{ - krb5_storage *sp; - krb5_error_code ret; - hdb_entry_ex *client = NULL, *server = NULL; - Key *ckey, *skey; - int8_t pvno; - int8_t msg_type; - int lsb; - char *name = NULL, *inst = NULL, *realm = NULL; - char *sname = NULL, *sinst = NULL; - int32_t req_time; - time_t max_life; - uint8_t life; - char client_name[256]; - char server_name[256]; - - if(!config->enable_v4) { - kdc_log(context, config, 0, - "Rejected version 4 request from %s", from); - make_err_reply(context, reply, KRB4ET_KDC_GEN_ERR, - "Function not enabled"); - return 0; - } - - sp = krb5_storage_from_mem(buf, len); - RCHECK(krb5_ret_int8(sp, &pvno), out); - if(pvno != 4){ - kdc_log(context, config, 0, - "Protocol version mismatch (krb4) (%d)", pvno); - make_err_reply(context, reply, KRB4ET_KDC_PKT_VER, "protocol mismatch"); - goto out; - } - RCHECK(krb5_ret_int8(sp, &msg_type), out); - lsb = msg_type & 1; - msg_type &= ~1; - switch(msg_type){ - case AUTH_MSG_KDC_REQUEST: { - krb5_data ticket, cipher; - krb5_keyblock session; - - krb5_data_zero(&ticket); - krb5_data_zero(&cipher); - - RCHECK(krb5_ret_stringz(sp, &name), out1); - RCHECK(krb5_ret_stringz(sp, &inst), out1); - RCHECK(krb5_ret_stringz(sp, &realm), out1); - RCHECK(krb5_ret_int32(sp, &req_time), out1); - if(lsb) - req_time = swap32(req_time); - RCHECK(krb5_ret_uint8(sp, &life), out1); - RCHECK(krb5_ret_stringz(sp, &sname), out1); - RCHECK(krb5_ret_stringz(sp, &sinst), out1); - snprintf (client_name, sizeof(client_name), - "%s.%s@%s", name, inst, realm); - snprintf (server_name, sizeof(server_name), - "%s.%s@%s", sname, sinst, config->v4_realm); - - kdc_log(context, config, 0, "AS-REQ (krb4) %s from %s for %s", - client_name, from, server_name); - - ret = _kdc_db_fetch4(context, config, name, inst, realm, - HDB_F_GET_CLIENT, &client); - if(ret) { - kdc_log(context, config, 0, "Client not found in database: %s: %s", - client_name, krb5_get_err_text(context, ret)); - make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN, - "principal unknown"); - goto out1; - } - ret = _kdc_db_fetch4(context, config, sname, sinst, config->v4_realm, - HDB_F_GET_SERVER, &server); - if(ret){ - kdc_log(context, config, 0, "Server not found in database: %s: %s", - server_name, krb5_get_err_text(context, ret)); - make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN, - "principal unknown"); - goto out1; - } - - ret = _kdc_check_flags (context, config, - client, client_name, - server, server_name, - TRUE); - if (ret) { - /* good error code? */ - make_err_reply(context, reply, KRB4ET_KDC_NAME_EXP, - "operation not allowed"); - goto out1; - } - - if (config->enable_v4_per_principal && - client->entry.flags.allow_kerberos4 == 0) - { - kdc_log(context, config, 0, - "Per principal Kerberos 4 flag not turned on for %s", - client_name); - make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY, - "allow kerberos4 flag required"); - goto out1; - } - - /* - * There's no way to do pre-authentication in v4 and thus no - * good error code to return if preauthentication is required. - */ - - if (config->require_preauth - || client->entry.flags.require_preauth - || server->entry.flags.require_preauth) { - kdc_log(context, config, 0, - "Pre-authentication required for v4-request: " - "%s for %s", - client_name, server_name); - make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY, - "preauth required"); - goto out1; - } - - ret = _kdc_get_des_key(context, client, FALSE, FALSE, &ckey); - if(ret){ - kdc_log(context, config, 0, "no suitable DES key for client"); - make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY, - "no suitable DES key for client"); - goto out1; - } - -#if 0 - /* this is not necessary with the new code in libkrb */ - /* find a properly salted key */ - while(ckey->salt == NULL || ckey->salt->salt.length != 0) - ret = hdb_next_keytype2key(context, &client->entry, KEYTYPE_DES, &ckey); - if(ret){ - kdc_log(context, config, 0, "No version-4 salted key in database -- %s.%s@%s", - name, inst, realm); - make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY, - "No version-4 salted key in database"); - goto out1; - } -#endif - - ret = _kdc_get_des_key(context, server, TRUE, FALSE, &skey); - if(ret){ - kdc_log(context, config, 0, "no suitable DES key for server"); - make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY, - "no suitable DES key for server"); - goto out1; - } - - max_life = _krb5_krb_life_to_time(0, life); - if(client->entry.max_life) - max_life = min(max_life, *client->entry.max_life); - if(server->entry.max_life) - max_life = min(max_life, *server->entry.max_life); - - life = krb_time_to_life(kdc_time, kdc_time + max_life); - - ret = krb5_generate_random_keyblock(context, - ETYPE_DES_PCBC_NONE, - &session); - if (ret) { - make_err_reply(context, reply, KFAILURE, - "Not enough random i KDC"); - goto out1; - } - - ret = _krb5_krb_create_ticket(context, - 0, - name, - inst, - config->v4_realm, - addr->sin_addr.s_addr, - &session, - life, - kdc_time, - sname, - sinst, - &skey->key, - &ticket); - if (ret) { - krb5_free_keyblock_contents(context, &session); - make_err_reply(context, reply, KFAILURE, - "failed to create v4 ticket"); - goto out1; - } - - ret = _krb5_krb_create_ciph(context, - &session, - sname, - sinst, - config->v4_realm, - life, - server->entry.kvno % 255, - &ticket, - kdc_time, - &ckey->key, - &cipher); - krb5_free_keyblock_contents(context, &session); - krb5_data_free(&ticket); - if (ret) { - make_err_reply(context, reply, KFAILURE, - "Failed to create v4 cipher"); - goto out1; - } - - ret = _krb5_krb_create_auth_reply(context, - name, - inst, - realm, - req_time, - 0, - client->entry.pw_end ? *client->entry.pw_end : 0, - client->entry.kvno % 256, - &cipher, - reply); - krb5_data_free(&cipher); - - out1: - break; - } - case AUTH_MSG_APPL_REQUEST: { - struct _krb5_krb_auth_data ad; - int8_t kvno; - int8_t ticket_len; - int8_t req_len; - krb5_data auth; - int32_t address; - size_t pos; - krb5_principal tgt_princ = NULL; - hdb_entry_ex *tgt = NULL; - Key *tkey; - time_t max_end, actual_end, issue_time; - - memset(&ad, 0, sizeof(ad)); - krb5_data_zero(&auth); - - RCHECK(krb5_ret_int8(sp, &kvno), out2); - RCHECK(krb5_ret_stringz(sp, &realm), out2); - - ret = krb5_425_conv_principal(context, "krbtgt", realm, - config->v4_realm, - &tgt_princ); - if(ret){ - kdc_log(context, config, 0, - "Converting krbtgt principal (krb4): %s", - krb5_get_err_text(context, ret)); - make_err_reply(context, reply, KFAILURE, - "Failed to convert v4 principal (krbtgt)"); - goto out2; - } - - ret = _kdc_db_fetch(context, config, tgt_princ, - HDB_F_GET_KRBTGT, NULL, &tgt); - if(ret){ - char *s; - s = kdc_log_msg(context, config, 0, "Ticket-granting ticket not " - "found in database (krb4): krbtgt.%s@%s: %s", - realm, config->v4_realm, - krb5_get_err_text(context, ret)); - make_err_reply(context, reply, KFAILURE, s); - free(s); - goto out2; - } - - if(tgt->entry.kvno % 256 != kvno){ - kdc_log(context, config, 0, - "tgs-req (krb4) with old kvno %d (current %d) for " - "krbtgt.%s@%s", kvno, tgt->entry.kvno % 256, - realm, config->v4_realm); - make_err_reply(context, reply, KRB4ET_KDC_AUTH_EXP, - "old krbtgt kvno used"); - goto out2; - } - - ret = _kdc_get_des_key(context, tgt, TRUE, FALSE, &tkey); - if(ret){ - kdc_log(context, config, 0, - "no suitable DES key for krbtgt (krb4)"); - make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY, - "no suitable DES key for krbtgt"); - goto out2; - } - - RCHECK(krb5_ret_int8(sp, &ticket_len), out2); - RCHECK(krb5_ret_int8(sp, &req_len), out2); - - pos = krb5_storage_seek(sp, ticket_len + req_len, SEEK_CUR); - - auth.data = buf; - auth.length = pos; - - if (config->check_ticket_addresses) - address = addr->sin_addr.s_addr; - else - address = 0; - - ret = _krb5_krb_rd_req(context, &auth, "krbtgt", realm, - config->v4_realm, - address, &tkey->key, &ad); - if(ret){ - kdc_log(context, config, 0, "krb_rd_req: %d", ret); - make_err_reply(context, reply, ret, "failed to parse request"); - goto out2; - } - - RCHECK(krb5_ret_int32(sp, &req_time), out2); - if(lsb) - req_time = swap32(req_time); - RCHECK(krb5_ret_uint8(sp, &life), out2); - RCHECK(krb5_ret_stringz(sp, &sname), out2); - RCHECK(krb5_ret_stringz(sp, &sinst), out2); - snprintf (server_name, sizeof(server_name), - "%s.%s@%s", - sname, sinst, config->v4_realm); - snprintf (client_name, sizeof(client_name), - "%s.%s@%s", - ad.pname, ad.pinst, ad.prealm); - - kdc_log(context, config, 0, "TGS-REQ (krb4) %s from %s for %s", - client_name, from, server_name); - - if(strcmp(ad.prealm, realm)){ - kdc_log(context, config, 0, - "Can't hop realms (krb4) %s -> %s", realm, ad.prealm); - make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN, - "Can't hop realms"); - goto out2; - } - - if (!config->enable_v4_cross_realm && strcmp(realm, config->v4_realm) != 0) { - kdc_log(context, config, 0, - "krb4 Cross-realm %s -> %s disabled", - realm, config->v4_realm); - make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN, - "Can't hop realms"); - goto out2; - } - - if(strcmp(sname, "changepw") == 0){ - kdc_log(context, config, 0, - "Bad request for changepw ticket (krb4)"); - make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN, - "Can't authorize password change based on TGT"); - goto out2; - } - - ret = _kdc_db_fetch4(context, config, ad.pname, ad.pinst, ad.prealm, - HDB_F_GET_CLIENT, &client); - if(ret && ret != HDB_ERR_NOENTRY) { - char *s; - s = kdc_log_msg(context, config, 0, - "Client not found in database: (krb4) %s: %s", - client_name, krb5_get_err_text(context, ret)); - make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN, s); - free(s); - goto out2; - } - if (client == NULL && strcmp(ad.prealm, config->v4_realm) == 0) { - char *s; - s = kdc_log_msg(context, config, 0, - "Local client not found in database: (krb4) " - "%s", client_name); - make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN, s); - free(s); - goto out2; - } - - ret = _kdc_db_fetch4(context, config, sname, sinst, config->v4_realm, - HDB_F_GET_SERVER, &server); - if(ret){ - char *s; - s = kdc_log_msg(context, config, 0, - "Server not found in database (krb4): %s: %s", - server_name, krb5_get_err_text(context, ret)); - make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN, s); - free(s); - goto out2; - } - - ret = _kdc_check_flags (context, config, - client, client_name, - server, server_name, - FALSE); - if (ret) { - make_err_reply(context, reply, KRB4ET_KDC_NAME_EXP, - "operation not allowed"); - goto out2; - } - - ret = _kdc_get_des_key(context, server, TRUE, FALSE, &skey); - if(ret){ - kdc_log(context, config, 0, - "no suitable DES key for server (krb4)"); - make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY, - "no suitable DES key for server"); - goto out2; - } - - max_end = _krb5_krb_life_to_time(ad.time_sec, ad.life); - max_end = min(max_end, _krb5_krb_life_to_time(kdc_time, life)); - if(server->entry.max_life) - max_end = min(max_end, kdc_time + *server->entry.max_life); - if(client && client->entry.max_life) - max_end = min(max_end, kdc_time + *client->entry.max_life); - life = min(life, krb_time_to_life(kdc_time, max_end)); - - issue_time = kdc_time; - actual_end = _krb5_krb_life_to_time(issue_time, life); - while (actual_end > max_end && life > 1) { - /* move them into the next earlier lifetime bracket */ - life--; - actual_end = _krb5_krb_life_to_time(issue_time, life); - } - if (actual_end > max_end) { - /* if life <= 1 and it's still too long, backdate the ticket */ - issue_time -= actual_end - max_end; - } - - { - krb5_data ticket, cipher; - krb5_keyblock session; - - krb5_data_zero(&ticket); - krb5_data_zero(&cipher); - - ret = krb5_generate_random_keyblock(context, - ETYPE_DES_PCBC_NONE, - &session); - if (ret) { - make_err_reply(context, reply, KFAILURE, - "Not enough random i KDC"); - goto out2; - } - - ret = _krb5_krb_create_ticket(context, - 0, - ad.pname, - ad.pinst, - ad.prealm, - addr->sin_addr.s_addr, - &session, - life, - issue_time, - sname, - sinst, - &skey->key, - &ticket); - if (ret) { - krb5_free_keyblock_contents(context, &session); - make_err_reply(context, reply, KFAILURE, - "failed to create v4 ticket"); - goto out2; - } - - ret = _krb5_krb_create_ciph(context, - &session, - sname, - sinst, - config->v4_realm, - life, - server->entry.kvno % 255, - &ticket, - issue_time, - &ad.session, - &cipher); - krb5_free_keyblock_contents(context, &session); - if (ret) { - make_err_reply(context, reply, KFAILURE, - "failed to create v4 cipher"); - goto out2; - } - - ret = _krb5_krb_create_auth_reply(context, - ad.pname, - ad.pinst, - ad.prealm, - req_time, - 0, - 0, - 0, - &cipher, - reply); - krb5_data_free(&cipher); - } - out2: - _krb5_krb_free_auth_data(context, &ad); - if(tgt_princ) - krb5_free_principal(context, tgt_princ); - if(tgt) - _kdc_free_ent(context, tgt); - break; - } - case AUTH_MSG_ERR_REPLY: - break; - default: - kdc_log(context, config, 0, "Unknown message type (krb4): %d from %s", - msg_type, from); - - make_err_reply(context, reply, KFAILURE, "Unknown message type"); - } - out: - if(name) - free(name); - if(inst) - free(inst); - if(realm) - free(realm); - if(sname) - free(sname); - if(sinst) - free(sinst); - if(client) - _kdc_free_ent(context, client); - if(server) - _kdc_free_ent(context, server); - krb5_storage_free(sp); - return 0; -} - -krb5_error_code -_kdc_encode_v4_ticket(krb5_context context, - krb5_kdc_configuration *config, - void *buf, size_t len, const EncTicketPart *et, - const PrincipalName *service, size_t *size) -{ - krb5_storage *sp; - krb5_error_code ret; - char name[40], inst[40], realm[40]; - char sname[40], sinst[40]; - - { - krb5_principal princ; - _krb5_principalname2krb5_principal(context, - &princ, - *service, - et->crealm); - ret = krb5_524_conv_principal(context, - princ, - sname, - sinst, - realm); - krb5_free_principal(context, princ); - if(ret) - return ret; - - _krb5_principalname2krb5_principal(context, - &princ, - et->cname, - et->crealm); - - ret = krb5_524_conv_principal(context, - princ, - name, - inst, - realm); - krb5_free_principal(context, princ); - } - if(ret) - return ret; - - sp = krb5_storage_emem(); - - krb5_store_int8(sp, 0); /* flags */ - krb5_store_stringz(sp, name); - krb5_store_stringz(sp, inst); - krb5_store_stringz(sp, realm); - { - unsigned char tmp[4] = { 0, 0, 0, 0 }; - int i; - if(et->caddr){ - for(i = 0; i < et->caddr->len; i++) - if(et->caddr->val[i].addr_type == AF_INET && - et->caddr->val[i].address.length == 4){ - memcpy(tmp, et->caddr->val[i].address.data, 4); - break; - } - } - krb5_storage_write(sp, tmp, sizeof(tmp)); - } - - if((et->key.keytype != ETYPE_DES_CBC_MD5 && - et->key.keytype != ETYPE_DES_CBC_MD4 && - et->key.keytype != ETYPE_DES_CBC_CRC) || - et->key.keyvalue.length != 8) - return -1; - krb5_storage_write(sp, et->key.keyvalue.data, 8); - - { - time_t start = et->starttime ? *et->starttime : et->authtime; - krb5_store_int8(sp, krb_time_to_life(start, et->endtime)); - krb5_store_int32(sp, start); - } - - krb5_store_stringz(sp, sname); - krb5_store_stringz(sp, sinst); - - { - krb5_data data; - krb5_storage_to_data(sp, &data); - krb5_storage_free(sp); - *size = (data.length + 7) & ~7; /* pad to 8 bytes */ - if(*size > len) - return -1; - memset((unsigned char*)buf - *size + 1, 0, *size); - memcpy((unsigned char*)buf - *size + 1, data.data, data.length); - krb5_data_free(&data); - } - return 0; -} - -krb5_error_code -_kdc_get_des_key(krb5_context context, - hdb_entry_ex *principal, krb5_boolean is_server, - krb5_boolean prefer_afs_key, Key **ret_key) -{ - Key *v5_key = NULL, *v4_key = NULL, *afs_key = NULL, *server_key = NULL; - int i; - krb5_enctype etypes[] = { ETYPE_DES_CBC_MD5, - ETYPE_DES_CBC_MD4, - ETYPE_DES_CBC_CRC }; - - for(i = 0; - i < sizeof(etypes)/sizeof(etypes[0]) - && (v5_key == NULL || v4_key == NULL || - afs_key == NULL || server_key == NULL); - ++i) { - Key *key = NULL; - while(hdb_next_enctype2key(context, &principal->entry, etypes[i], &key) == 0) { - if(key->salt == NULL) { - if(v5_key == NULL) - v5_key = key; - } else if(key->salt->type == hdb_pw_salt && - key->salt->salt.length == 0) { - if(v4_key == NULL) - v4_key = key; - } else if(key->salt->type == hdb_afs3_salt) { - if(afs_key == NULL) - afs_key = key; - } else if(server_key == NULL) - server_key = key; - } - } - - if(prefer_afs_key) { - if(afs_key) - *ret_key = afs_key; - else if(v4_key) - *ret_key = v4_key; - else if(v5_key) - *ret_key = v5_key; - else if(is_server && server_key) - *ret_key = server_key; - else - return KRB4ET_KDC_NULL_KEY; - } else { - if(v4_key) - *ret_key = v4_key; - else if(afs_key) - *ret_key = afs_key; - else if(v5_key) - *ret_key = v5_key; - else if(is_server && server_key) - *ret_key = server_key; - else - return KRB4ET_KDC_NULL_KEY; - } - - if((*ret_key)->key.keyvalue.length == 0) - return KRB4ET_KDC_NULL_KEY; - return 0; -} - diff --git a/crypto/heimdal/kdc/kerberos5.c b/crypto/heimdal/kdc/kerberos5.c deleted file mode 100644 index 9582cd85ec38..000000000000 --- a/crypto/heimdal/kdc/kerberos5.c +++ /dev/null @@ -1,1852 +0,0 @@ -/* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" - -RCSID("$Id: kerberos5.c 22071 2007-11-14 20:04:50Z lha $"); - -#define MAX_TIME ((time_t)((1U << 31) - 1)) - -void -_kdc_fix_time(time_t **t) -{ - if(*t == NULL){ - ALLOC(*t); - **t = MAX_TIME; - } - if(**t == 0) **t = MAX_TIME; /* fix for old clients */ -} - -static int -realloc_method_data(METHOD_DATA *md) -{ - PA_DATA *pa; - pa = realloc(md->val, (md->len + 1) * sizeof(*md->val)); - if(pa == NULL) - return ENOMEM; - md->val = pa; - md->len++; - return 0; -} - -static void -set_salt_padata (METHOD_DATA *md, Salt *salt) -{ - if (salt) { - realloc_method_data(md); - md->val[md->len - 1].padata_type = salt->type; - der_copy_octet_string(&salt->salt, - &md->val[md->len - 1].padata_value); - } -} - -const PA_DATA* -_kdc_find_padata(const KDC_REQ *req, int *start, int type) -{ - if (req->padata == NULL) - return NULL; - - while(*start < req->padata->len){ - (*start)++; - if(req->padata->val[*start - 1].padata_type == type) - return &req->padata->val[*start - 1]; - } - return NULL; -} - -/* - * Detect if `key' is the using the the precomputed `default_salt'. - */ - -static krb5_boolean -is_default_salt_p(const krb5_salt *default_salt, const Key *key) -{ - if (key->salt == NULL) - return TRUE; - if (default_salt->salttype != key->salt->type) - return FALSE; - if (krb5_data_cmp(&default_salt->saltvalue, &key->salt->salt)) - return FALSE; - return TRUE; -} - -/* - * return the first appropriate key of `princ' in `ret_key'. Look for - * all the etypes in (`etypes', `len'), stopping as soon as we find - * one, but preferring one that has default salt - */ - -krb5_error_code -_kdc_find_etype(krb5_context context, const hdb_entry_ex *princ, - krb5_enctype *etypes, unsigned len, - Key **ret_key, krb5_enctype *ret_etype) -{ - int i; - krb5_error_code ret = KRB5KDC_ERR_ETYPE_NOSUPP; - krb5_salt def_salt; - - krb5_get_pw_salt (context, princ->entry.principal, &def_salt); - - for(i = 0; ret != 0 && i < len ; i++) { - Key *key = NULL; - - if (krb5_enctype_valid(context, etypes[i]) != 0) - continue; - - while (hdb_next_enctype2key(context, &princ->entry, etypes[i], &key) == 0) { - if (key->key.keyvalue.length == 0) { - ret = KRB5KDC_ERR_NULL_KEY; - continue; - } - *ret_key = key; - *ret_etype = etypes[i]; - ret = 0; - if (is_default_salt_p(&def_salt, key)) { - krb5_free_salt (context, def_salt); - return ret; - } - } - } - krb5_free_salt (context, def_salt); - return ret; -} - -krb5_error_code -_kdc_make_anonymous_principalname (PrincipalName *pn) -{ - pn->name_type = KRB5_NT_PRINCIPAL; - pn->name_string.len = 1; - pn->name_string.val = malloc(sizeof(*pn->name_string.val)); - if (pn->name_string.val == NULL) - return ENOMEM; - pn->name_string.val[0] = strdup("anonymous"); - if (pn->name_string.val[0] == NULL) { - free(pn->name_string.val); - pn->name_string.val = NULL; - return ENOMEM; - } - return 0; -} - -void -_kdc_log_timestamp(krb5_context context, - krb5_kdc_configuration *config, - const char *type, - KerberosTime authtime, KerberosTime *starttime, - KerberosTime endtime, KerberosTime *renew_till) -{ - char authtime_str[100], starttime_str[100], - endtime_str[100], renewtime_str[100]; - - krb5_format_time(context, authtime, - authtime_str, sizeof(authtime_str), TRUE); - if (starttime) - krb5_format_time(context, *starttime, - starttime_str, sizeof(starttime_str), TRUE); - else - strlcpy(starttime_str, "unset", sizeof(starttime_str)); - krb5_format_time(context, endtime, - endtime_str, sizeof(endtime_str), TRUE); - if (renew_till) - krb5_format_time(context, *renew_till, - renewtime_str, sizeof(renewtime_str), TRUE); - else - strlcpy(renewtime_str, "unset", sizeof(renewtime_str)); - - kdc_log(context, config, 5, - "%s authtime: %s starttime: %s endtime: %s renew till: %s", - type, authtime_str, starttime_str, endtime_str, renewtime_str); -} - -static void -log_patypes(krb5_context context, - krb5_kdc_configuration *config, - METHOD_DATA *padata) -{ - struct rk_strpool *p = NULL; - char *str; - int i; - - for (i = 0; i < padata->len; i++) { - switch(padata->val[i].padata_type) { - case KRB5_PADATA_PK_AS_REQ: - p = rk_strpoolprintf(p, "PK-INIT(ietf)"); - break; - case KRB5_PADATA_PK_AS_REQ_WIN: - p = rk_strpoolprintf(p, "PK-INIT(win2k)"); - break; - case KRB5_PADATA_PA_PK_OCSP_RESPONSE: - p = rk_strpoolprintf(p, "OCSP"); - break; - case KRB5_PADATA_ENC_TIMESTAMP: - p = rk_strpoolprintf(p, "encrypted-timestamp"); - break; - default: - p = rk_strpoolprintf(p, "%d", padata->val[i].padata_type); - break; - } - if (p && i + 1 < padata->len) - p = rk_strpoolprintf(p, ", "); - if (p == NULL) { - kdc_log(context, config, 0, "out of memory"); - return; - } - } - if (p == NULL) - p = rk_strpoolprintf(p, "none"); - - str = rk_strpoolcollect(p); - kdc_log(context, config, 0, "Client sent patypes: %s", str); - free(str); -} - -/* - * - */ - - -krb5_error_code -_kdc_encode_reply(krb5_context context, - krb5_kdc_configuration *config, - KDC_REP *rep, const EncTicketPart *et, EncKDCRepPart *ek, - krb5_enctype etype, - int skvno, const EncryptionKey *skey, - int ckvno, const EncryptionKey *ckey, - const char **e_text, - krb5_data *reply) -{ - unsigned char *buf; - size_t buf_size; - size_t len; - krb5_error_code ret; - krb5_crypto crypto; - - ASN1_MALLOC_ENCODE(EncTicketPart, buf, buf_size, et, &len, ret); - if(ret) { - kdc_log(context, config, 0, "Failed to encode ticket: %s", - krb5_get_err_text(context, ret)); - return ret; - } - if(buf_size != len) { - free(buf); - kdc_log(context, config, 0, "Internal error in ASN.1 encoder"); - *e_text = "KDC internal error"; - return KRB5KRB_ERR_GENERIC; - } - - ret = krb5_crypto_init(context, skey, etype, &crypto); - if (ret) { - free(buf); - kdc_log(context, config, 0, "krb5_crypto_init failed: %s", - krb5_get_err_text(context, ret)); - return ret; - } - - ret = krb5_encrypt_EncryptedData(context, - crypto, - KRB5_KU_TICKET, - buf, - len, - skvno, - &rep->ticket.enc_part); - free(buf); - krb5_crypto_destroy(context, crypto); - if(ret) { - kdc_log(context, config, 0, "Failed to encrypt data: %s", - krb5_get_err_text(context, ret)); - return ret; - } - - if(rep->msg_type == krb_as_rep && !config->encode_as_rep_as_tgs_rep) - ASN1_MALLOC_ENCODE(EncASRepPart, buf, buf_size, ek, &len, ret); - else - ASN1_MALLOC_ENCODE(EncTGSRepPart, buf, buf_size, ek, &len, ret); - if(ret) { - kdc_log(context, config, 0, "Failed to encode KDC-REP: %s", - krb5_get_err_text(context, ret)); - return ret; - } - if(buf_size != len) { - free(buf); - kdc_log(context, config, 0, "Internal error in ASN.1 encoder"); - *e_text = "KDC internal error"; - return KRB5KRB_ERR_GENERIC; - } - ret = krb5_crypto_init(context, ckey, 0, &crypto); - if (ret) { - free(buf); - kdc_log(context, config, 0, "krb5_crypto_init failed: %s", - krb5_get_err_text(context, ret)); - return ret; - } - if(rep->msg_type == krb_as_rep) { - krb5_encrypt_EncryptedData(context, - crypto, - KRB5_KU_AS_REP_ENC_PART, - buf, - len, - ckvno, - &rep->enc_part); - free(buf); - ASN1_MALLOC_ENCODE(AS_REP, buf, buf_size, rep, &len, ret); - } else { - krb5_encrypt_EncryptedData(context, - crypto, - KRB5_KU_TGS_REP_ENC_PART_SESSION, - buf, - len, - ckvno, - &rep->enc_part); - free(buf); - ASN1_MALLOC_ENCODE(TGS_REP, buf, buf_size, rep, &len, ret); - } - krb5_crypto_destroy(context, crypto); - if(ret) { - kdc_log(context, config, 0, "Failed to encode KDC-REP: %s", - krb5_get_err_text(context, ret)); - return ret; - } - if(buf_size != len) { - free(buf); - kdc_log(context, config, 0, "Internal error in ASN.1 encoder"); - *e_text = "KDC internal error"; - return KRB5KRB_ERR_GENERIC; - } - reply->data = buf; - reply->length = buf_size; - return 0; -} - -/* - * Return 1 if the client have only older enctypes, this is for - * determining if the server should send ETYPE_INFO2 or not. - */ - -static int -older_enctype(krb5_enctype enctype) -{ - switch (enctype) { - case ETYPE_DES_CBC_CRC: - case ETYPE_DES_CBC_MD4: - case ETYPE_DES_CBC_MD5: - case ETYPE_DES3_CBC_SHA1: - case ETYPE_ARCFOUR_HMAC_MD5: - case ETYPE_ARCFOUR_HMAC_MD5_56: - /* - * The following three is "old" windows enctypes and is needed for - * windows 2000 hosts. - */ - case ETYPE_ARCFOUR_MD4: - case ETYPE_ARCFOUR_HMAC_OLD: - case ETYPE_ARCFOUR_HMAC_OLD_EXP: - return 1; - default: - return 0; - } -} - -static int -only_older_enctype_p(const KDC_REQ *req) -{ - int i; - - for(i = 0; i < req->req_body.etype.len; i++) { - if (!older_enctype(req->req_body.etype.val[i])) - return 0; - } - return 1; -} - -/* - * - */ - -static krb5_error_code -make_etype_info_entry(krb5_context context, ETYPE_INFO_ENTRY *ent, Key *key) -{ - ent->etype = key->key.keytype; - if(key->salt){ -#if 0 - ALLOC(ent->salttype); - - if(key->salt->type == hdb_pw_salt) - *ent->salttype = 0; /* or 1? or NULL? */ - else if(key->salt->type == hdb_afs3_salt) - *ent->salttype = 2; - else { - kdc_log(context, config, 0, "unknown salt-type: %d", - key->salt->type); - return KRB5KRB_ERR_GENERIC; - } - /* according to `the specs', we can't send a salt if - we have AFS3 salted key, but that requires that you - *know* what cell you are using (e.g by assuming - that the cell is the same as the realm in lower - case) */ -#elif 0 - ALLOC(ent->salttype); - *ent->salttype = key->salt->type; -#else - /* - * We shouldn't sent salttype since it is incompatible with the - * specification and it breaks windows clients. The afs - * salting problem is solved by using KRB5-PADATA-AFS3-SALT - * implemented in Heimdal 0.7 and later. - */ - ent->salttype = NULL; -#endif - krb5_copy_data(context, &key->salt->salt, - &ent->salt); - } else { - /* we return no salt type at all, as that should indicate - * the default salt type and make everybody happy. some - * systems (like w2k) dislike being told the salt type - * here. */ - - ent->salttype = NULL; - ent->salt = NULL; - } - return 0; -} - -static krb5_error_code -get_pa_etype_info(krb5_context context, - krb5_kdc_configuration *config, - METHOD_DATA *md, hdb_entry *client, - ENCTYPE *etypes, unsigned int etypes_len) -{ - krb5_error_code ret = 0; - int i, j; - unsigned int n = 0; - ETYPE_INFO pa; - unsigned char *buf; - size_t len; - - - pa.len = client->keys.len; - if(pa.len > UINT_MAX/sizeof(*pa.val)) - return ERANGE; - pa.val = malloc(pa.len * sizeof(*pa.val)); - if(pa.val == NULL) - return ENOMEM; - memset(pa.val, 0, pa.len * sizeof(*pa.val)); - - for(i = 0; i < client->keys.len; i++) { - for (j = 0; j < n; j++) - if (pa.val[j].etype == client->keys.val[i].key.keytype) - goto skip1; - for(j = 0; j < etypes_len; j++) { - if(client->keys.val[i].key.keytype == etypes[j]) { - if (krb5_enctype_valid(context, etypes[j]) != 0) - continue; - if (!older_enctype(etypes[j])) - continue; - if (n >= pa.len) - krb5_abortx(context, "internal error: n >= p.len"); - if((ret = make_etype_info_entry(context, - &pa.val[n++], - &client->keys.val[i])) != 0) { - free_ETYPE_INFO(&pa); - return ret; - } - break; - } - } - skip1:; - } - for(i = 0; i < client->keys.len; i++) { - /* already added? */ - for(j = 0; j < etypes_len; j++) { - if(client->keys.val[i].key.keytype == etypes[j]) - goto skip2; - } - if (krb5_enctype_valid(context, client->keys.val[i].key.keytype) != 0) - continue; - if (!older_enctype(etypes[j])) - continue; - if (n >= pa.len) - krb5_abortx(context, "internal error: n >= p.len"); - if((ret = make_etype_info_entry(context, - &pa.val[n++], - &client->keys.val[i])) != 0) { - free_ETYPE_INFO(&pa); - return ret; - } - skip2:; - } - - if(n < pa.len) { - /* stripped out dups, newer enctypes, and not valid enctypes */ - pa.len = n; - } - - ASN1_MALLOC_ENCODE(ETYPE_INFO, buf, len, &pa, &len, ret); - free_ETYPE_INFO(&pa); - if(ret) - return ret; - ret = realloc_method_data(md); - if(ret) { - free(buf); - return ret; - } - md->val[md->len - 1].padata_type = KRB5_PADATA_ETYPE_INFO; - md->val[md->len - 1].padata_value.length = len; - md->val[md->len - 1].padata_value.data = buf; - return 0; -} - -/* - * - */ - -extern int _krb5_AES_string_to_default_iterator; - -static krb5_error_code -make_etype_info2_entry(ETYPE_INFO2_ENTRY *ent, Key *key) -{ - ent->etype = key->key.keytype; - if(key->salt) { - ALLOC(ent->salt); - if (ent->salt == NULL) - return ENOMEM; - *ent->salt = malloc(key->salt->salt.length + 1); - if (*ent->salt == NULL) { - free(ent->salt); - ent->salt = NULL; - return ENOMEM; - } - memcpy(*ent->salt, key->salt->salt.data, key->salt->salt.length); - (*ent->salt)[key->salt->salt.length] = '\0'; - } else - ent->salt = NULL; - - ent->s2kparams = NULL; - - switch (key->key.keytype) { - case ETYPE_AES128_CTS_HMAC_SHA1_96: - case ETYPE_AES256_CTS_HMAC_SHA1_96: - ALLOC(ent->s2kparams); - if (ent->s2kparams == NULL) - return ENOMEM; - ent->s2kparams->length = 4; - ent->s2kparams->data = malloc(ent->s2kparams->length); - if (ent->s2kparams->data == NULL) { - free(ent->s2kparams); - ent->s2kparams = NULL; - return ENOMEM; - } - _krb5_put_int(ent->s2kparams->data, - _krb5_AES_string_to_default_iterator, - ent->s2kparams->length); - break; - case ETYPE_DES_CBC_CRC: - case ETYPE_DES_CBC_MD4: - case ETYPE_DES_CBC_MD5: - /* Check if this was a AFS3 salted key */ - if(key->salt && key->salt->type == hdb_afs3_salt){ - ALLOC(ent->s2kparams); - if (ent->s2kparams == NULL) - return ENOMEM; - ent->s2kparams->length = 1; - ent->s2kparams->data = malloc(ent->s2kparams->length); - if (ent->s2kparams->data == NULL) { - free(ent->s2kparams); - ent->s2kparams = NULL; - return ENOMEM; - } - _krb5_put_int(ent->s2kparams->data, - 1, - ent->s2kparams->length); - } - break; - default: - break; - } - return 0; -} - -/* - * Return an ETYPE-INFO2. Enctypes are storted the same way as in the - * database (client supported enctypes first, then the unsupported - * enctypes). - */ - -static krb5_error_code -get_pa_etype_info2(krb5_context context, - krb5_kdc_configuration *config, - METHOD_DATA *md, hdb_entry *client, - ENCTYPE *etypes, unsigned int etypes_len) -{ - krb5_error_code ret = 0; - int i, j; - unsigned int n = 0; - ETYPE_INFO2 pa; - unsigned char *buf; - size_t len; - - pa.len = client->keys.len; - if(pa.len > UINT_MAX/sizeof(*pa.val)) - return ERANGE; - pa.val = malloc(pa.len * sizeof(*pa.val)); - if(pa.val == NULL) - return ENOMEM; - memset(pa.val, 0, pa.len * sizeof(*pa.val)); - - for(i = 0; i < client->keys.len; i++) { - for (j = 0; j < n; j++) - if (pa.val[j].etype == client->keys.val[i].key.keytype) - goto skip1; - for(j = 0; j < etypes_len; j++) { - if(client->keys.val[i].key.keytype == etypes[j]) { - if (krb5_enctype_valid(context, etypes[j]) != 0) - continue; - if (n >= pa.len) - krb5_abortx(context, "internal error: n >= p.len"); - if((ret = make_etype_info2_entry(&pa.val[n++], - &client->keys.val[i])) != 0) { - free_ETYPE_INFO2(&pa); - return ret; - } - break; - } - } - skip1:; - } - /* send enctypes that the client doesn't know about too */ - for(i = 0; i < client->keys.len; i++) { - /* already added? */ - for(j = 0; j < etypes_len; j++) { - if(client->keys.val[i].key.keytype == etypes[j]) - goto skip2; - } - if (krb5_enctype_valid(context, client->keys.val[i].key.keytype) != 0) - continue; - if (n >= pa.len) - krb5_abortx(context, "internal error: n >= p.len"); - if((ret = make_etype_info2_entry(&pa.val[n++], - &client->keys.val[i])) != 0) { - free_ETYPE_INFO2(&pa); - return ret; - } - skip2:; - } - - if(n < pa.len) { - /* stripped out dups, and not valid enctypes */ - pa.len = n; - } - - ASN1_MALLOC_ENCODE(ETYPE_INFO2, buf, len, &pa, &len, ret); - free_ETYPE_INFO2(&pa); - if(ret) - return ret; - ret = realloc_method_data(md); - if(ret) { - free(buf); - return ret; - } - md->val[md->len - 1].padata_type = KRB5_PADATA_ETYPE_INFO2; - md->val[md->len - 1].padata_value.length = len; - md->val[md->len - 1].padata_value.data = buf; - return 0; -} - -/* - * - */ - -static void -log_as_req(krb5_context context, - krb5_kdc_configuration *config, - krb5_enctype cetype, - krb5_enctype setype, - const KDC_REQ_BODY *b) -{ - krb5_error_code ret; - struct rk_strpool *p = NULL; - char *str; - int i; - - for (i = 0; i < b->etype.len; i++) { - ret = krb5_enctype_to_string(context, b->etype.val[i], &str); - if (ret == 0) { - p = rk_strpoolprintf(p, "%s", str); - free(str); - } else - p = rk_strpoolprintf(p, "%d", b->etype.val[i]); - if (p && i + 1 < b->etype.len) - p = rk_strpoolprintf(p, ", "); - if (p == NULL) { - kdc_log(context, config, 0, "out of memory"); - return; - } - } - if (p == NULL) - p = rk_strpoolprintf(p, "no encryption types"); - - str = rk_strpoolcollect(p); - kdc_log(context, config, 0, "Client supported enctypes: %s", str); - free(str); - - { - char *cet; - char *set; - - ret = krb5_enctype_to_string(context, cetype, &cet); - if(ret == 0) { - ret = krb5_enctype_to_string(context, setype, &set); - if (ret == 0) { - kdc_log(context, config, 5, "Using %s/%s", cet, set); - free(set); - } - free(cet); - } - if (ret != 0) - kdc_log(context, config, 5, "Using e-types %d/%d", cetype, setype); - } - - { - char fixedstr[128]; - unparse_flags(KDCOptions2int(b->kdc_options), asn1_KDCOptions_units(), - fixedstr, sizeof(fixedstr)); - if(*fixedstr) - kdc_log(context, config, 2, "Requested flags: %s", fixedstr); - } -} - -/* - * verify the flags on `client' and `server', returning 0 - * if they are OK and generating an error messages and returning - * and error code otherwise. - */ - -krb5_error_code -_kdc_check_flags(krb5_context context, - krb5_kdc_configuration *config, - hdb_entry_ex *client_ex, const char *client_name, - hdb_entry_ex *server_ex, const char *server_name, - krb5_boolean is_as_req) -{ - if(client_ex != NULL) { - hdb_entry *client = &client_ex->entry; - - /* check client */ - if (client->flags.invalid) { - kdc_log(context, config, 0, - "Client (%s) has invalid bit set", client_name); - return KRB5KDC_ERR_POLICY; - } - - if(!client->flags.client){ - kdc_log(context, config, 0, - "Principal may not act as client -- %s", client_name); - return KRB5KDC_ERR_POLICY; - } - - if (client->valid_start && *client->valid_start > kdc_time) { - char starttime_str[100]; - krb5_format_time(context, *client->valid_start, - starttime_str, sizeof(starttime_str), TRUE); - kdc_log(context, config, 0, - "Client not yet valid until %s -- %s", - starttime_str, client_name); - return KRB5KDC_ERR_CLIENT_NOTYET; - } - - if (client->valid_end && *client->valid_end < kdc_time) { - char endtime_str[100]; - krb5_format_time(context, *client->valid_end, - endtime_str, sizeof(endtime_str), TRUE); - kdc_log(context, config, 0, - "Client expired at %s -- %s", - endtime_str, client_name); - return KRB5KDC_ERR_NAME_EXP; - } - - if (client->pw_end && *client->pw_end < kdc_time - && (server_ex == NULL || !server_ex->entry.flags.change_pw)) { - char pwend_str[100]; - krb5_format_time(context, *client->pw_end, - pwend_str, sizeof(pwend_str), TRUE); - kdc_log(context, config, 0, - "Client's key has expired at %s -- %s", - pwend_str, client_name); - return KRB5KDC_ERR_KEY_EXPIRED; - } - } - - /* check server */ - - if (server_ex != NULL) { - hdb_entry *server = &server_ex->entry; - - if (server->flags.invalid) { - kdc_log(context, config, 0, - "Server has invalid flag set -- %s", server_name); - return KRB5KDC_ERR_POLICY; - } - - if(!server->flags.server){ - kdc_log(context, config, 0, - "Principal may not act as server -- %s", server_name); - return KRB5KDC_ERR_POLICY; - } - - if(!is_as_req && server->flags.initial) { - kdc_log(context, config, 0, - "AS-REQ is required for server -- %s", server_name); - return KRB5KDC_ERR_POLICY; - } - - if (server->valid_start && *server->valid_start > kdc_time) { - char starttime_str[100]; - krb5_format_time(context, *server->valid_start, - starttime_str, sizeof(starttime_str), TRUE); - kdc_log(context, config, 0, - "Server not yet valid until %s -- %s", - starttime_str, server_name); - return KRB5KDC_ERR_SERVICE_NOTYET; - } - - if (server->valid_end && *server->valid_end < kdc_time) { - char endtime_str[100]; - krb5_format_time(context, *server->valid_end, - endtime_str, sizeof(endtime_str), TRUE); - kdc_log(context, config, 0, - "Server expired at %s -- %s", - endtime_str, server_name); - return KRB5KDC_ERR_SERVICE_EXP; - } - - if (server->pw_end && *server->pw_end < kdc_time) { - char pwend_str[100]; - krb5_format_time(context, *server->pw_end, - pwend_str, sizeof(pwend_str), TRUE); - kdc_log(context, config, 0, - "Server's key has expired at -- %s", - pwend_str, server_name); - return KRB5KDC_ERR_KEY_EXPIRED; - } - } - return 0; -} - -/* - * Return TRUE if `from' is part of `addresses' taking into consideration - * the configuration variables that tells us how strict we should be about - * these checks - */ - -krb5_boolean -_kdc_check_addresses(krb5_context context, - krb5_kdc_configuration *config, - HostAddresses *addresses, const struct sockaddr *from) -{ - krb5_error_code ret; - krb5_address addr; - krb5_boolean result; - krb5_boolean only_netbios = TRUE; - int i; - - if(config->check_ticket_addresses == 0) - return TRUE; - - if(addresses == NULL) - return config->allow_null_ticket_addresses; - - for (i = 0; i < addresses->len; ++i) { - if (addresses->val[i].addr_type != KRB5_ADDRESS_NETBIOS) { - only_netbios = FALSE; - } - } - - /* Windows sends it's netbios name, which I can only assume is - * used for the 'allowed workstations' check. This is painful, - * but we still want to check IP addresses if they happen to be - * present. - */ - - if(only_netbios) - return config->allow_null_ticket_addresses; - - ret = krb5_sockaddr2address (context, from, &addr); - if(ret) - return FALSE; - - result = krb5_address_search(context, &addr, addresses); - krb5_free_address (context, &addr); - return result; -} - -/* - * - */ - -static krb5_boolean -send_pac_p(krb5_context context, KDC_REQ *req) -{ - krb5_error_code ret; - PA_PAC_REQUEST pacreq; - const PA_DATA *pa; - int i = 0; - - pa = _kdc_find_padata(req, &i, KRB5_PADATA_PA_PAC_REQUEST); - if (pa == NULL) - return TRUE; - - ret = decode_PA_PAC_REQUEST(pa->padata_value.data, - pa->padata_value.length, - &pacreq, - NULL); - if (ret) - return TRUE; - i = pacreq.include_pac; - free_PA_PAC_REQUEST(&pacreq); - if (i == 0) - return FALSE; - return TRUE; -} - -/* - * - */ - -krb5_error_code -_kdc_as_rep(krb5_context context, - krb5_kdc_configuration *config, - KDC_REQ *req, - const krb5_data *req_buffer, - krb5_data *reply, - const char *from, - struct sockaddr *from_addr, - int datagram_reply) -{ - KDC_REQ_BODY *b = &req->req_body; - AS_REP rep; - KDCOptions f = b->kdc_options; - hdb_entry_ex *client = NULL, *server = NULL; - krb5_enctype cetype, setype, sessionetype; - krb5_data e_data; - EncTicketPart et; - EncKDCRepPart ek; - krb5_principal client_princ = NULL, server_princ = NULL; - char *client_name = NULL, *server_name = NULL; - krb5_error_code ret = 0; - const char *e_text = NULL; - krb5_crypto crypto; - Key *ckey, *skey; - EncryptionKey *reply_key; - int flags = 0; -#ifdef PKINIT - pk_client_params *pkp = NULL; -#endif - - memset(&rep, 0, sizeof(rep)); - krb5_data_zero(&e_data); - - if (f.canonicalize) - flags |= HDB_F_CANON; - - if(b->sname == NULL){ - ret = KRB5KRB_ERR_GENERIC; - e_text = "No server in request"; - } else{ - ret = _krb5_principalname2krb5_principal (context, - &server_princ, - *(b->sname), - b->realm); - if (ret == 0) - ret = krb5_unparse_name(context, server_princ, &server_name); - } - if (ret) { - kdc_log(context, config, 0, - "AS-REQ malformed server name from %s", from); - goto out; - } - - if(b->cname == NULL){ - ret = KRB5KRB_ERR_GENERIC; - e_text = "No client in request"; - } else { - - if (b->cname->name_type == KRB5_NT_ENTERPRISE_PRINCIPAL) { - if (b->cname->name_string.len != 1) { - kdc_log(context, config, 0, - "AS-REQ malformed canon request from %s, " - "enterprise name with %d name components", - from, b->cname->name_string.len); - ret = KRB5_PARSE_MALFORMED; - goto out; - } - ret = krb5_parse_name(context, b->cname->name_string.val[0], - &client_princ); - if (ret) - goto out; - } else { - ret = _krb5_principalname2krb5_principal (context, - &client_princ, - *(b->cname), - b->realm); - if (ret) - goto out; - } - ret = krb5_unparse_name(context, client_princ, &client_name); - } - if (ret) { - kdc_log(context, config, 0, - "AS-REQ malformed client name from %s", from); - goto out; - } - - kdc_log(context, config, 0, "AS-REQ %s from %s for %s", - client_name, from, server_name); - - ret = _kdc_db_fetch(context, config, client_princ, - HDB_F_GET_CLIENT | flags, NULL, &client); - if(ret){ - kdc_log(context, config, 0, "UNKNOWN -- %s: %s", client_name, - krb5_get_err_text(context, ret)); - ret = KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN; - goto out; - } - - ret = _kdc_db_fetch(context, config, server_princ, - HDB_F_GET_SERVER|HDB_F_GET_KRBTGT, - NULL, &server); - if(ret){ - kdc_log(context, config, 0, "UNKNOWN -- %s: %s", server_name, - krb5_get_err_text(context, ret)); - ret = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN; - goto out; - } - - ret = _kdc_windc_client_access(context, client, req); - if(ret) - goto out; - - ret = _kdc_check_flags(context, config, - client, client_name, - server, server_name, - TRUE); - if(ret) - goto out; - - memset(&et, 0, sizeof(et)); - memset(&ek, 0, sizeof(ek)); - - if(req->padata){ - int i; - const PA_DATA *pa; - int found_pa = 0; - - log_patypes(context, config, req->padata); - -#ifdef PKINIT - kdc_log(context, config, 5, - "Looking for PKINIT pa-data -- %s", client_name); - - e_text = "No PKINIT PA found"; - - i = 0; - if ((pa = _kdc_find_padata(req, &i, KRB5_PADATA_PK_AS_REQ))) - ; - if (pa == NULL) { - i = 0; - if((pa = _kdc_find_padata(req, &i, KRB5_PADATA_PK_AS_REQ_WIN))) - ; - } - if (pa) { - char *client_cert = NULL; - - ret = _kdc_pk_rd_padata(context, config, req, pa, &pkp); - if (ret) { - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - kdc_log(context, config, 5, - "Failed to decode PKINIT PA-DATA -- %s", - client_name); - goto ts_enc; - } - if (ret == 0 && pkp == NULL) - goto ts_enc; - - ret = _kdc_pk_check_client(context, - config, - client, - pkp, - &client_cert); - if (ret) { - e_text = "PKINIT certificate not allowed to " - "impersonate principal"; - _kdc_pk_free_client_param(context, pkp); - - kdc_log(context, config, 0, "%s", e_text); - pkp = NULL; - goto out; - } - found_pa = 1; - et.flags.pre_authent = 1; - kdc_log(context, config, 0, - "PKINIT pre-authentication succeeded -- %s using %s", - client_name, client_cert); - free(client_cert); - if (pkp) - goto preauth_done; - } - ts_enc: -#endif - kdc_log(context, config, 5, "Looking for ENC-TS pa-data -- %s", - client_name); - - i = 0; - e_text = "No ENC-TS found"; - while((pa = _kdc_find_padata(req, &i, KRB5_PADATA_ENC_TIMESTAMP))){ - krb5_data ts_data; - PA_ENC_TS_ENC p; - size_t len; - EncryptedData enc_data; - Key *pa_key; - char *str; - - found_pa = 1; - - ret = decode_EncryptedData(pa->padata_value.data, - pa->padata_value.length, - &enc_data, - &len); - if (ret) { - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - kdc_log(context, config, 5, "Failed to decode PA-DATA -- %s", - client_name); - goto out; - } - - ret = hdb_enctype2key(context, &client->entry, - enc_data.etype, &pa_key); - if(ret){ - char *estr; - e_text = "No key matches pa-data"; - ret = KRB5KDC_ERR_ETYPE_NOSUPP; - if(krb5_enctype_to_string(context, enc_data.etype, &estr)) - estr = NULL; - if(estr == NULL) - kdc_log(context, config, 5, - "No client key matching pa-data (%d) -- %s", - enc_data.etype, client_name); - else - kdc_log(context, config, 5, - "No client key matching pa-data (%s) -- %s", - estr, client_name); - free(estr); - - free_EncryptedData(&enc_data); - continue; - } - - try_next_key: - ret = krb5_crypto_init(context, &pa_key->key, 0, &crypto); - if (ret) { - kdc_log(context, config, 0, "krb5_crypto_init failed: %s", - krb5_get_err_text(context, ret)); - free_EncryptedData(&enc_data); - continue; - } - - ret = krb5_decrypt_EncryptedData (context, - crypto, - KRB5_KU_PA_ENC_TIMESTAMP, - &enc_data, - &ts_data); - krb5_crypto_destroy(context, crypto); - if(ret){ - krb5_error_code ret2; - ret2 = krb5_enctype_to_string(context, - pa_key->key.keytype, &str); - if (ret2) - str = NULL; - kdc_log(context, config, 5, - "Failed to decrypt PA-DATA -- %s " - "(enctype %s) error %s", - client_name, - str ? str : "unknown enctype", - krb5_get_err_text(context, ret)); - free(str); - - if(hdb_next_enctype2key(context, &client->entry, - enc_data.etype, &pa_key) == 0) - goto try_next_key; - e_text = "Failed to decrypt PA-DATA"; - - free_EncryptedData(&enc_data); - ret = KRB5KDC_ERR_PREAUTH_FAILED; - continue; - } - free_EncryptedData(&enc_data); - ret = decode_PA_ENC_TS_ENC(ts_data.data, - ts_data.length, - &p, - &len); - krb5_data_free(&ts_data); - if(ret){ - e_text = "Failed to decode PA-ENC-TS-ENC"; - ret = KRB5KDC_ERR_PREAUTH_FAILED; - kdc_log(context, config, - 5, "Failed to decode PA-ENC-TS_ENC -- %s", - client_name); - continue; - } - free_PA_ENC_TS_ENC(&p); - if (abs(kdc_time - p.patimestamp) > context->max_skew) { - char client_time[100]; - - krb5_format_time(context, p.patimestamp, - client_time, sizeof(client_time), TRUE); - - ret = KRB5KRB_AP_ERR_SKEW; - kdc_log(context, config, 0, - "Too large time skew, " - "client time %s is out by %u > %u seconds -- %s", - client_time, - (unsigned)abs(kdc_time - p.patimestamp), - context->max_skew, - client_name); -#if 0 - /* This code is from samba, needs testing */ - /* - * the following is needed to make windows clients - * to retry using the timestamp in the error message - * - * this is maybe a bug in windows to not trying when e_text - * is present... - */ - e_text = NULL; -#else - e_text = "Too large time skew"; -#endif - goto out; - } - et.flags.pre_authent = 1; - - ret = krb5_enctype_to_string(context,pa_key->key.keytype, &str); - if (ret) - str = NULL; - - kdc_log(context, config, 2, - "ENC-TS Pre-authentication succeeded -- %s using %s", - client_name, str ? str : "unknown enctype"); - free(str); - break; - } -#ifdef PKINIT - preauth_done: -#endif - if(found_pa == 0 && config->require_preauth) - goto use_pa; - /* We come here if we found a pa-enc-timestamp, but if there - was some problem with it, other than too large skew */ - if(found_pa && et.flags.pre_authent == 0){ - kdc_log(context, config, 0, "%s -- %s", e_text, client_name); - e_text = NULL; - goto out; - } - }else if (config->require_preauth - || client->entry.flags.require_preauth - || server->entry.flags.require_preauth) { - METHOD_DATA method_data; - PA_DATA *pa; - unsigned char *buf; - size_t len; - - use_pa: - method_data.len = 0; - method_data.val = NULL; - - ret = realloc_method_data(&method_data); - pa = &method_data.val[method_data.len-1]; - pa->padata_type = KRB5_PADATA_ENC_TIMESTAMP; - pa->padata_value.length = 0; - pa->padata_value.data = NULL; - -#ifdef PKINIT - ret = realloc_method_data(&method_data); - pa = &method_data.val[method_data.len-1]; - pa->padata_type = KRB5_PADATA_PK_AS_REQ; - pa->padata_value.length = 0; - pa->padata_value.data = NULL; - - ret = realloc_method_data(&method_data); - pa = &method_data.val[method_data.len-1]; - pa->padata_type = KRB5_PADATA_PK_AS_REQ_WIN; - pa->padata_value.length = 0; - pa->padata_value.data = NULL; -#endif - - /* - * RFC4120 requires: - * - If the client only knows about old enctypes, then send - * both info replies (we send 'info' first in the list). - * - If the client is 'modern', because it knows about 'new' - * enctype types, then only send the 'info2' reply. - */ - - /* XXX check ret */ - if (only_older_enctype_p(req)) - ret = get_pa_etype_info(context, config, - &method_data, &client->entry, - b->etype.val, b->etype.len); - /* XXX check ret */ - ret = get_pa_etype_info2(context, config, &method_data, - &client->entry, b->etype.val, b->etype.len); - - - ASN1_MALLOC_ENCODE(METHOD_DATA, buf, len, &method_data, &len, ret); - free_METHOD_DATA(&method_data); - - e_data.data = buf; - e_data.length = len; - e_text ="Need to use PA-ENC-TIMESTAMP/PA-PK-AS-REQ", - - ret = KRB5KDC_ERR_PREAUTH_REQUIRED; - - kdc_log(context, config, 0, - "No preauth found, returning PREAUTH-REQUIRED -- %s", - client_name); - goto out; - } - - /* - * Find the client key (for preauth ENC-TS verification and reply - * encryption). Then the best encryption type for the KDC and - * last the best session key that shared between the client and - * KDC runtime enctypes. - */ - - ret = _kdc_find_etype(context, client, b->etype.val, b->etype.len, - &ckey, &cetype); - if (ret) { - kdc_log(context, config, 0, - "Client (%s) has no support for etypes", client_name); - goto out; - } - - ret = _kdc_get_preferred_key(context, config, - server, server_name, - &setype, &skey); - if(ret) - goto out; - - /* - * Select a session enctype from the list of the crypto systems - * supported enctype, is supported by the client and is one of the - * enctype of the enctype of the krbtgt. - * - * The later is used as a hint what enctype all KDC are supporting - * to make sure a newer version of KDC wont generate a session - * enctype that and older version of a KDC in the same realm can't - * decrypt. - * - * But if the KDC admin is paranoid and doesn't want to have "no - * the best" enctypes on the krbtgt, lets save the best pick from - * the client list and hope that that will work for any other - * KDCs. - */ - { - const krb5_enctype *p; - krb5_enctype clientbest = ETYPE_NULL; - int i, j; - - p = krb5_kerberos_enctypes(context); - - sessionetype = ETYPE_NULL; - - for (i = 0; p[i] != ETYPE_NULL && sessionetype == ETYPE_NULL; i++) { - if (krb5_enctype_valid(context, p[i]) != 0) - continue; - - for (j = 0; j < b->etype.len && sessionetype == ETYPE_NULL; j++) { - Key *dummy; - /* check with client */ - if (p[i] != b->etype.val[j]) - continue; - /* save best of union of { client, crypto system } */ - if (clientbest == ETYPE_NULL) - clientbest = p[i]; - /* check with krbtgt */ - ret = hdb_enctype2key(context, &server->entry, p[i], &dummy); - if (ret) - continue; - sessionetype = p[i]; - } - } - /* if krbtgt had no shared keys with client, pick clients best */ - if (clientbest != ETYPE_NULL && sessionetype == ETYPE_NULL) { - sessionetype = clientbest; - } else if (sessionetype == ETYPE_NULL) { - kdc_log(context, config, 0, - "Client (%s) from %s has no common enctypes with KDC" - "to use for the session key", - client_name, from); - goto out; - } - } - - log_as_req(context, config, cetype, setype, b); - - if(f.renew || f.validate || f.proxy || f.forwarded || f.enc_tkt_in_skey - || (f.request_anonymous && !config->allow_anonymous)) { - ret = KRB5KDC_ERR_BADOPTION; - kdc_log(context, config, 0, "Bad KDC options -- %s", client_name); - goto out; - } - - rep.pvno = 5; - rep.msg_type = krb_as_rep; - copy_Realm(&client->entry.principal->realm, &rep.crealm); - if (f.request_anonymous) - _kdc_make_anonymous_principalname (&rep.cname); - else - _krb5_principal2principalname(&rep.cname, - client->entry.principal); - rep.ticket.tkt_vno = 5; - copy_Realm(&server->entry.principal->realm, &rep.ticket.realm); - _krb5_principal2principalname(&rep.ticket.sname, - server->entry.principal); - /* java 1.6 expects the name to be the same type, lets allow that - * uncomplicated name-types. */ -#define CNT(sp,t) (((sp)->sname->name_type) == KRB5_NT_##t) - if (CNT(b, UNKNOWN) || CNT(b, PRINCIPAL) || CNT(b, SRV_INST) || CNT(b, SRV_HST) || CNT(b, SRV_XHST)) - rep.ticket.sname.name_type = b->sname->name_type; -#undef CNT - - et.flags.initial = 1; - if(client->entry.flags.forwardable && server->entry.flags.forwardable) - et.flags.forwardable = f.forwardable; - else if (f.forwardable) { - ret = KRB5KDC_ERR_POLICY; - kdc_log(context, config, 0, - "Ticket may not be forwardable -- %s", client_name); - goto out; - } - if(client->entry.flags.proxiable && server->entry.flags.proxiable) - et.flags.proxiable = f.proxiable; - else if (f.proxiable) { - ret = KRB5KDC_ERR_POLICY; - kdc_log(context, config, 0, - "Ticket may not be proxiable -- %s", client_name); - goto out; - } - if(client->entry.flags.postdate && server->entry.flags.postdate) - et.flags.may_postdate = f.allow_postdate; - else if (f.allow_postdate){ - ret = KRB5KDC_ERR_POLICY; - kdc_log(context, config, 0, - "Ticket may not be postdatable -- %s", client_name); - goto out; - } - - /* check for valid set of addresses */ - if(!_kdc_check_addresses(context, config, b->addresses, from_addr)) { - ret = KRB5KRB_AP_ERR_BADADDR; - kdc_log(context, config, 0, - "Bad address list requested -- %s", client_name); - goto out; - } - - ret = krb5_generate_random_keyblock(context, sessionetype, &et.key); - if (ret) - goto out; - copy_PrincipalName(&rep.cname, &et.cname); - copy_Realm(&rep.crealm, &et.crealm); - - { - time_t start; - time_t t; - - start = et.authtime = kdc_time; - - if(f.postdated && req->req_body.from){ - ALLOC(et.starttime); - start = *et.starttime = *req->req_body.from; - et.flags.invalid = 1; - et.flags.postdated = 1; /* XXX ??? */ - } - _kdc_fix_time(&b->till); - t = *b->till; - - /* be careful not overflowing */ - - if(client->entry.max_life) - t = start + min(t - start, *client->entry.max_life); - if(server->entry.max_life) - t = start + min(t - start, *server->entry.max_life); -#if 0 - t = min(t, start + realm->max_life); -#endif - et.endtime = t; - if(f.renewable_ok && et.endtime < *b->till){ - f.renewable = 1; - if(b->rtime == NULL){ - ALLOC(b->rtime); - *b->rtime = 0; - } - if(*b->rtime < *b->till) - *b->rtime = *b->till; - } - if(f.renewable && b->rtime){ - t = *b->rtime; - if(t == 0) - t = MAX_TIME; - if(client->entry.max_renew) - t = start + min(t - start, *client->entry.max_renew); - if(server->entry.max_renew) - t = start + min(t - start, *server->entry.max_renew); -#if 0 - t = min(t, start + realm->max_renew); -#endif - ALLOC(et.renew_till); - *et.renew_till = t; - et.flags.renewable = 1; - } - } - - if (f.request_anonymous) - et.flags.anonymous = 1; - - if(b->addresses){ - ALLOC(et.caddr); - copy_HostAddresses(b->addresses, et.caddr); - } - - et.transited.tr_type = DOMAIN_X500_COMPRESS; - krb5_data_zero(&et.transited.contents); - - copy_EncryptionKey(&et.key, &ek.key); - - /* The MIT ASN.1 library (obviously) doesn't tell lengths encoded - * as 0 and as 0x80 (meaning indefinite length) apart, and is thus - * incapable of correctly decoding SEQUENCE OF's of zero length. - * - * To fix this, always send at least one no-op last_req - * - * If there's a pw_end or valid_end we will use that, - * otherwise just a dummy lr. - */ - ek.last_req.val = malloc(2 * sizeof(*ek.last_req.val)); - if (ek.last_req.val == NULL) { - ret = ENOMEM; - goto out; - } - ek.last_req.len = 0; - if (client->entry.pw_end - && (config->kdc_warn_pwexpire == 0 - || kdc_time + config->kdc_warn_pwexpire >= *client->entry.pw_end)) { - ek.last_req.val[ek.last_req.len].lr_type = LR_PW_EXPTIME; - ek.last_req.val[ek.last_req.len].lr_value = *client->entry.pw_end; - ++ek.last_req.len; - } - if (client->entry.valid_end) { - ek.last_req.val[ek.last_req.len].lr_type = LR_ACCT_EXPTIME; - ek.last_req.val[ek.last_req.len].lr_value = *client->entry.valid_end; - ++ek.last_req.len; - } - if (ek.last_req.len == 0) { - ek.last_req.val[ek.last_req.len].lr_type = LR_NONE; - ek.last_req.val[ek.last_req.len].lr_value = 0; - ++ek.last_req.len; - } - ek.nonce = b->nonce; - if (client->entry.valid_end || client->entry.pw_end) { - ALLOC(ek.key_expiration); - if (client->entry.valid_end) { - if (client->entry.pw_end) - *ek.key_expiration = min(*client->entry.valid_end, - *client->entry.pw_end); - else - *ek.key_expiration = *client->entry.valid_end; - } else - *ek.key_expiration = *client->entry.pw_end; - } else - ek.key_expiration = NULL; - ek.flags = et.flags; - ek.authtime = et.authtime; - if (et.starttime) { - ALLOC(ek.starttime); - *ek.starttime = *et.starttime; - } - ek.endtime = et.endtime; - if (et.renew_till) { - ALLOC(ek.renew_till); - *ek.renew_till = *et.renew_till; - } - copy_Realm(&rep.ticket.realm, &ek.srealm); - copy_PrincipalName(&rep.ticket.sname, &ek.sname); - if(et.caddr){ - ALLOC(ek.caddr); - copy_HostAddresses(et.caddr, ek.caddr); - } - - ALLOC(rep.padata); - rep.padata->len = 0; - rep.padata->val = NULL; - - reply_key = &ckey->key; -#if PKINIT - if (pkp) { - ret = _kdc_pk_mk_pa_reply(context, config, pkp, client, - req, req_buffer, - &reply_key, rep.padata); - if (ret) - goto out; - ret = _kdc_add_inital_verified_cas(context, - config, - pkp, - &et); - if (ret) - goto out; - } -#endif - - set_salt_padata (rep.padata, ckey->salt); - - /* Add signing of alias referral */ - if (f.canonicalize) { - PA_ClientCanonicalized canon; - krb5_data data; - PA_DATA pa; - krb5_crypto crypto; - size_t len; - - memset(&canon, 0, sizeof(canon)); - - canon.names.requested_name = *b->cname; - canon.names.real_name = client->entry.principal->name; - - ASN1_MALLOC_ENCODE(PA_ClientCanonicalizedNames, data.data, data.length, - &canon.names, &len, ret); - if (ret) - goto out; - if (data.length != len) - krb5_abortx(context, "internal asn.1 error"); - - /* sign using "returned session key" */ - ret = krb5_crypto_init(context, &et.key, 0, &crypto); - if (ret) { - free(data.data); - goto out; - } - - ret = krb5_create_checksum(context, crypto, - KRB5_KU_CANONICALIZED_NAMES, 0, - data.data, data.length, - &canon.canon_checksum); - free(data.data); - krb5_crypto_destroy(context, crypto); - if (ret) - goto out; - - ASN1_MALLOC_ENCODE(PA_ClientCanonicalized, data.data, data.length, - &canon, &len, ret); - free_Checksum(&canon.canon_checksum); - if (ret) - goto out; - if (data.length != len) - krb5_abortx(context, "internal asn.1 error"); - - pa.padata_type = KRB5_PADATA_CLIENT_CANONICALIZED; - pa.padata_value = data; - ret = add_METHOD_DATA(rep.padata, &pa); - free(data.data); - if (ret) - goto out; - } - - if (rep.padata->len == 0) { - free(rep.padata); - rep.padata = NULL; - } - - /* Add the PAC */ - if (send_pac_p(context, req)) { - krb5_pac p = NULL; - krb5_data data; - - ret = _kdc_pac_generate(context, client, &p); - if (ret) { - kdc_log(context, config, 0, "PAC generation failed for -- %s", - client_name); - goto out; - } - if (p != NULL) { - ret = _krb5_pac_sign(context, p, et.authtime, - client->entry.principal, - &skey->key, /* Server key */ - &skey->key, /* FIXME: should be krbtgt key */ - &data); - krb5_pac_free(context, p); - if (ret) { - kdc_log(context, config, 0, "PAC signing failed for -- %s", - client_name); - goto out; - } - - ret = _kdc_tkt_add_if_relevant_ad(context, &et, - KRB5_AUTHDATA_WIN2K_PAC, - &data); - krb5_data_free(&data); - if (ret) - goto out; - } - } - - _kdc_log_timestamp(context, config, "AS-REQ", et.authtime, et.starttime, - et.endtime, et.renew_till); - - /* do this as the last thing since this signs the EncTicketPart */ - ret = _kdc_add_KRB5SignedPath(context, - config, - server, - setype, - NULL, - NULL, - &et); - if (ret) - goto out; - - ret = _kdc_encode_reply(context, config, - &rep, &et, &ek, setype, server->entry.kvno, - &skey->key, client->entry.kvno, - reply_key, &e_text, reply); - free_EncTicketPart(&et); - free_EncKDCRepPart(&ek); - if (ret) - goto out; - - /* */ - if (datagram_reply && reply->length > config->max_datagram_reply_length) { - krb5_data_free(reply); - ret = KRB5KRB_ERR_RESPONSE_TOO_BIG; - e_text = "Reply packet too large"; - } - -out: - free_AS_REP(&rep); - if(ret){ - krb5_mk_error(context, - ret, - e_text, - (e_data.data ? &e_data : NULL), - client_princ, - server_princ, - NULL, - NULL, - reply); - ret = 0; - } -#ifdef PKINIT - if (pkp) - _kdc_pk_free_client_param(context, pkp); -#endif - if (e_data.data) - free(e_data.data); - if (client_princ) - krb5_free_principal(context, client_princ); - free(client_name); - if (server_princ) - krb5_free_principal(context, server_princ); - free(server_name); - if(client) - _kdc_free_ent(context, client); - if(server) - _kdc_free_ent(context, server); - return ret; -} - -/* - * Add the AuthorizationData `data´ of `type´ to the last element in - * the sequence of authorization_data in `tkt´ wrapped in an IF_RELEVANT - */ - -krb5_error_code -_kdc_tkt_add_if_relevant_ad(krb5_context context, - EncTicketPart *tkt, - int type, - const krb5_data *data) -{ - krb5_error_code ret; - size_t size; - - if (tkt->authorization_data == NULL) { - tkt->authorization_data = calloc(1, sizeof(*tkt->authorization_data)); - if (tkt->authorization_data == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - } - - /* add the entry to the last element */ - { - AuthorizationData ad = { 0, NULL }; - AuthorizationDataElement ade; - - ade.ad_type = type; - ade.ad_data = *data; - - ret = add_AuthorizationData(&ad, &ade); - if (ret) { - krb5_set_error_string(context, "add AuthorizationData failed"); - return ret; - } - - ade.ad_type = KRB5_AUTHDATA_IF_RELEVANT; - - ASN1_MALLOC_ENCODE(AuthorizationData, - ade.ad_data.data, ade.ad_data.length, - &ad, &size, ret); - free_AuthorizationData(&ad); - if (ret) { - krb5_set_error_string(context, "ASN.1 encode of " - "AuthorizationData failed"); - return ret; - } - if (ade.ad_data.length != size) - krb5_abortx(context, "internal asn.1 encoder error"); - - ret = add_AuthorizationData(tkt->authorization_data, &ade); - der_free_octet_string(&ade.ad_data); - if (ret) { - krb5_set_error_string(context, "add AuthorizationData failed"); - return ret; - } - } - - return 0; -} diff --git a/crypto/heimdal/kdc/krb5tgs.c b/crypto/heimdal/kdc/krb5tgs.c deleted file mode 100644 index 32bdee9799ca..000000000000 --- a/crypto/heimdal/kdc/krb5tgs.c +++ /dev/null @@ -1,1914 +0,0 @@ -/* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" - -RCSID("$Id: krb5tgs.c 22071 2007-11-14 20:04:50Z lha $"); - -/* - * return the realm of a krbtgt-ticket or NULL - */ - -static Realm -get_krbtgt_realm(const PrincipalName *p) -{ - if(p->name_string.len == 2 - && strcmp(p->name_string.val[0], KRB5_TGS_NAME) == 0) - return p->name_string.val[1]; - else - return NULL; -} - -/* - * The KDC might add a signed path to the ticket authorization data - * field. This is to avoid server impersonating clients and the - * request constrained delegation. - * - * This is done by storing a KRB5_AUTHDATA_IF_RELEVANT with a single - * entry of type KRB5SignedPath. - */ - -static krb5_error_code -find_KRB5SignedPath(krb5_context context, - const AuthorizationData *ad, - krb5_data *data) -{ - AuthorizationData child; - krb5_error_code ret; - int pos; - - if (ad == NULL || ad->len == 0) - return KRB5KDC_ERR_PADATA_TYPE_NOSUPP; - - pos = ad->len - 1; - - if (ad->val[pos].ad_type != KRB5_AUTHDATA_IF_RELEVANT) - return KRB5KDC_ERR_PADATA_TYPE_NOSUPP; - - ret = decode_AuthorizationData(ad->val[pos].ad_data.data, - ad->val[pos].ad_data.length, - &child, - NULL); - if (ret) { - krb5_set_error_string(context, "Failed to decode " - "IF_RELEVANT with %d", ret); - return ret; - } - - if (child.len != 1) { - free_AuthorizationData(&child); - return KRB5KDC_ERR_PADATA_TYPE_NOSUPP; - } - - if (child.val[0].ad_type != KRB5_AUTHDATA_SIGNTICKET) { - free_AuthorizationData(&child); - return KRB5KDC_ERR_PADATA_TYPE_NOSUPP; - } - - if (data) - ret = der_copy_octet_string(&child.val[0].ad_data, data); - free_AuthorizationData(&child); - return ret; -} - -krb5_error_code -_kdc_add_KRB5SignedPath(krb5_context context, - krb5_kdc_configuration *config, - hdb_entry_ex *krbtgt, - krb5_enctype enctype, - krb5_const_principal server, - KRB5SignedPathPrincipals *principals, - EncTicketPart *tkt) -{ - krb5_error_code ret; - KRB5SignedPath sp; - krb5_data data; - krb5_crypto crypto = NULL; - size_t size; - - if (server && principals) { - ret = add_KRB5SignedPathPrincipals(principals, server); - if (ret) - return ret; - } - - { - KRB5SignedPathData spd; - - spd.encticket = *tkt; - spd.delegated = principals; - - ASN1_MALLOC_ENCODE(KRB5SignedPathData, data.data, data.length, - &spd, &size, ret); - if (ret) - return ret; - if (data.length != size) - krb5_abortx(context, "internal asn.1 encoder error"); - } - - { - Key *key; - ret = hdb_enctype2key(context, &krbtgt->entry, enctype, &key); - if (ret == 0) - ret = krb5_crypto_init(context, &key->key, 0, &crypto); - if (ret) { - free(data.data); - return ret; - } - } - - /* - * Fill in KRB5SignedPath - */ - - sp.etype = enctype; - sp.delegated = principals; - - ret = krb5_create_checksum(context, crypto, KRB5_KU_KRB5SIGNEDPATH, 0, - data.data, data.length, &sp.cksum); - krb5_crypto_destroy(context, crypto); - free(data.data); - if (ret) - return ret; - - ASN1_MALLOC_ENCODE(KRB5SignedPath, data.data, data.length, &sp, &size, ret); - free_Checksum(&sp.cksum); - if (ret) - return ret; - if (data.length != size) - krb5_abortx(context, "internal asn.1 encoder error"); - - - /* - * Add IF-RELEVANT(KRB5SignedPath) to the last slot in - * authorization data field. - */ - - ret = _kdc_tkt_add_if_relevant_ad(context, tkt, - KRB5_AUTHDATA_SIGNTICKET, &data); - krb5_data_free(&data); - - return ret; -} - -static krb5_error_code -check_KRB5SignedPath(krb5_context context, - krb5_kdc_configuration *config, - hdb_entry_ex *krbtgt, - EncTicketPart *tkt, - KRB5SignedPathPrincipals **delegated, - int require_signedpath) -{ - krb5_error_code ret; - krb5_data data; - krb5_crypto crypto = NULL; - - *delegated = NULL; - - ret = find_KRB5SignedPath(context, tkt->authorization_data, &data); - if (ret == 0) { - KRB5SignedPathData spd; - KRB5SignedPath sp; - AuthorizationData *ad; - size_t size; - - ret = decode_KRB5SignedPath(data.data, data.length, &sp, NULL); - krb5_data_free(&data); - if (ret) - return ret; - - spd.encticket = *tkt; - /* the KRB5SignedPath is the last entry */ - ad = spd.encticket.authorization_data; - if (--ad->len == 0) - spd.encticket.authorization_data = NULL; - spd.delegated = sp.delegated; - - ASN1_MALLOC_ENCODE(KRB5SignedPathData, data.data, data.length, - &spd, &size, ret); - ad->len++; - spd.encticket.authorization_data = ad; - if (ret) { - free_KRB5SignedPath(&sp); - return ret; - } - if (data.length != size) - krb5_abortx(context, "internal asn.1 encoder error"); - - { - Key *key; - ret = hdb_enctype2key(context, &krbtgt->entry, sp.etype, &key); - if (ret == 0) - ret = krb5_crypto_init(context, &key->key, 0, &crypto); - if (ret) { - free(data.data); - free_KRB5SignedPath(&sp); - return ret; - } - } - ret = krb5_verify_checksum(context, crypto, KRB5_KU_KRB5SIGNEDPATH, - data.data, data.length, - &sp.cksum); - krb5_crypto_destroy(context, crypto); - free(data.data); - if (ret) { - free_KRB5SignedPath(&sp); - return ret; - } - - if (sp.delegated) { - - *delegated = malloc(sizeof(*sp.delegated)); - if (*delegated == NULL) { - free_KRB5SignedPath(&sp); - return ENOMEM; - } - - ret = copy_KRB5SignedPathPrincipals(*delegated, sp.delegated); - if (ret) { - free_KRB5SignedPath(&sp); - free(*delegated); - *delegated = NULL; - return ret; - } - } - free_KRB5SignedPath(&sp); - - } else { - if (require_signedpath) - return KRB5KDC_ERR_BADOPTION; - } - - return 0; -} - -/* - * - */ - -static krb5_error_code -check_PAC(krb5_context context, - krb5_kdc_configuration *config, - const krb5_principal client_principal, - hdb_entry_ex *client, - hdb_entry_ex *server, - const EncryptionKey *server_key, - const EncryptionKey *krbtgt_key, - EncTicketPart *tkt, - krb5_data *rspac, - int *require_signedpath) -{ - AuthorizationData *ad = tkt->authorization_data; - unsigned i, j; - krb5_error_code ret; - - if (ad == NULL || ad->len == 0) - return 0; - - for (i = 0; i < ad->len; i++) { - AuthorizationData child; - - if (ad->val[i].ad_type != KRB5_AUTHDATA_IF_RELEVANT) - continue; - - ret = decode_AuthorizationData(ad->val[i].ad_data.data, - ad->val[i].ad_data.length, - &child, - NULL); - if (ret) { - krb5_set_error_string(context, "Failed to decode " - "IF_RELEVANT with %d", ret); - return ret; - } - for (j = 0; j < child.len; j++) { - - if (child.val[j].ad_type == KRB5_AUTHDATA_WIN2K_PAC) { - krb5_pac pac; - - /* Found PAC */ - ret = krb5_pac_parse(context, - child.val[j].ad_data.data, - child.val[j].ad_data.length, - &pac); - free_AuthorizationData(&child); - if (ret) - return ret; - - ret = krb5_pac_verify(context, pac, tkt->authtime, - client_principal, - krbtgt_key, NULL); - if (ret) { - krb5_pac_free(context, pac); - return ret; - } - - ret = _kdc_pac_verify(context, client_principal, - client, server, &pac); - if (ret) { - krb5_pac_free(context, pac); - return ret; - } - *require_signedpath = 0; - - ret = _krb5_pac_sign(context, pac, tkt->authtime, - client_principal, - server_key, krbtgt_key, rspac); - - krb5_pac_free(context, pac); - - return ret; - } - } - free_AuthorizationData(&child); - } - return 0; -} - -/* - * - */ - -static krb5_error_code -check_tgs_flags(krb5_context context, - krb5_kdc_configuration *config, - KDC_REQ_BODY *b, const EncTicketPart *tgt, EncTicketPart *et) -{ - KDCOptions f = b->kdc_options; - - if(f.validate){ - if(!tgt->flags.invalid || tgt->starttime == NULL){ - kdc_log(context, config, 0, - "Bad request to validate ticket"); - return KRB5KDC_ERR_BADOPTION; - } - if(*tgt->starttime > kdc_time){ - kdc_log(context, config, 0, - "Early request to validate ticket"); - return KRB5KRB_AP_ERR_TKT_NYV; - } - /* XXX tkt = tgt */ - et->flags.invalid = 0; - }else if(tgt->flags.invalid){ - kdc_log(context, config, 0, - "Ticket-granting ticket has INVALID flag set"); - return KRB5KRB_AP_ERR_TKT_INVALID; - } - - if(f.forwardable){ - if(!tgt->flags.forwardable){ - kdc_log(context, config, 0, - "Bad request for forwardable ticket"); - return KRB5KDC_ERR_BADOPTION; - } - et->flags.forwardable = 1; - } - if(f.forwarded){ - if(!tgt->flags.forwardable){ - kdc_log(context, config, 0, - "Request to forward non-forwardable ticket"); - return KRB5KDC_ERR_BADOPTION; - } - et->flags.forwarded = 1; - et->caddr = b->addresses; - } - if(tgt->flags.forwarded) - et->flags.forwarded = 1; - - if(f.proxiable){ - if(!tgt->flags.proxiable){ - kdc_log(context, config, 0, - "Bad request for proxiable ticket"); - return KRB5KDC_ERR_BADOPTION; - } - et->flags.proxiable = 1; - } - if(f.proxy){ - if(!tgt->flags.proxiable){ - kdc_log(context, config, 0, - "Request to proxy non-proxiable ticket"); - return KRB5KDC_ERR_BADOPTION; - } - et->flags.proxy = 1; - et->caddr = b->addresses; - } - if(tgt->flags.proxy) - et->flags.proxy = 1; - - if(f.allow_postdate){ - if(!tgt->flags.may_postdate){ - kdc_log(context, config, 0, - "Bad request for post-datable ticket"); - return KRB5KDC_ERR_BADOPTION; - } - et->flags.may_postdate = 1; - } - if(f.postdated){ - if(!tgt->flags.may_postdate){ - kdc_log(context, config, 0, - "Bad request for postdated ticket"); - return KRB5KDC_ERR_BADOPTION; - } - if(b->from) - *et->starttime = *b->from; - et->flags.postdated = 1; - et->flags.invalid = 1; - }else if(b->from && *b->from > kdc_time + context->max_skew){ - kdc_log(context, config, 0, "Ticket cannot be postdated"); - return KRB5KDC_ERR_CANNOT_POSTDATE; - } - - if(f.renewable){ - if(!tgt->flags.renewable){ - kdc_log(context, config, 0, - "Bad request for renewable ticket"); - return KRB5KDC_ERR_BADOPTION; - } - et->flags.renewable = 1; - ALLOC(et->renew_till); - _kdc_fix_time(&b->rtime); - *et->renew_till = *b->rtime; - } - if(f.renew){ - time_t old_life; - if(!tgt->flags.renewable || tgt->renew_till == NULL){ - kdc_log(context, config, 0, - "Request to renew non-renewable ticket"); - return KRB5KDC_ERR_BADOPTION; - } - old_life = tgt->endtime; - if(tgt->starttime) - old_life -= *tgt->starttime; - else - old_life -= tgt->authtime; - et->endtime = *et->starttime + old_life; - if (et->renew_till != NULL) - et->endtime = min(*et->renew_till, et->endtime); - } - -#if 0 - /* checks for excess flags */ - if(f.request_anonymous && !config->allow_anonymous){ - kdc_log(context, config, 0, - "Request for anonymous ticket"); - return KRB5KDC_ERR_BADOPTION; - } -#endif - return 0; -} - -/* - * - */ - -static krb5_error_code -check_constrained_delegation(krb5_context context, - krb5_kdc_configuration *config, - hdb_entry_ex *client, - krb5_const_principal server) -{ - const HDB_Ext_Constrained_delegation_acl *acl; - krb5_error_code ret; - int i; - - ret = hdb_entry_get_ConstrainedDelegACL(&client->entry, &acl); - if (ret) { - krb5_clear_error_string(context); - return ret; - } - - if (acl) { - for (i = 0; i < acl->len; i++) { - if (krb5_principal_compare(context, server, &acl->val[i]) == TRUE) - return 0; - } - } - kdc_log(context, config, 0, - "Bad request for constrained delegation"); - return KRB5KDC_ERR_BADOPTION; -} - -/* - * - */ - -static krb5_error_code -verify_flags (krb5_context context, - krb5_kdc_configuration *config, - const EncTicketPart *et, - const char *pstr) -{ - if(et->endtime < kdc_time){ - kdc_log(context, config, 0, "Ticket expired (%s)", pstr); - return KRB5KRB_AP_ERR_TKT_EXPIRED; - } - if(et->flags.invalid){ - kdc_log(context, config, 0, "Ticket not valid (%s)", pstr); - return KRB5KRB_AP_ERR_TKT_NYV; - } - return 0; -} - -/* - * - */ - -static krb5_error_code -fix_transited_encoding(krb5_context context, - krb5_kdc_configuration *config, - krb5_boolean check_policy, - const TransitedEncoding *tr, - EncTicketPart *et, - const char *client_realm, - const char *server_realm, - const char *tgt_realm) -{ - krb5_error_code ret = 0; - char **realms, **tmp; - int num_realms; - int i; - - switch (tr->tr_type) { - case DOMAIN_X500_COMPRESS: - break; - case 0: - /* - * Allow empty content of type 0 because that is was Microsoft - * generates in their TGT. - */ - if (tr->contents.length == 0) - break; - kdc_log(context, config, 0, - "Transited type 0 with non empty content"); - return KRB5KDC_ERR_TRTYPE_NOSUPP; - default: - kdc_log(context, config, 0, - "Unknown transited type: %u", tr->tr_type); - return KRB5KDC_ERR_TRTYPE_NOSUPP; - } - - ret = krb5_domain_x500_decode(context, - tr->contents, - &realms, - &num_realms, - client_realm, - server_realm); - if(ret){ - krb5_warn(context, ret, - "Decoding transited encoding"); - return ret; - } - if(strcmp(client_realm, tgt_realm) && strcmp(server_realm, tgt_realm)) { - /* not us, so add the previous realm to transited set */ - if (num_realms < 0 || num_realms + 1 > UINT_MAX/sizeof(*realms)) { - ret = ERANGE; - goto free_realms; - } - tmp = realloc(realms, (num_realms + 1) * sizeof(*realms)); - if(tmp == NULL){ - ret = ENOMEM; - goto free_realms; - } - realms = tmp; - realms[num_realms] = strdup(tgt_realm); - if(realms[num_realms] == NULL){ - ret = ENOMEM; - goto free_realms; - } - num_realms++; - } - if(num_realms == 0) { - if(strcmp(client_realm, server_realm)) - kdc_log(context, config, 0, - "cross-realm %s -> %s", client_realm, server_realm); - } else { - size_t l = 0; - char *rs; - for(i = 0; i < num_realms; i++) - l += strlen(realms[i]) + 2; - rs = malloc(l); - if(rs != NULL) { - *rs = '\0'; - for(i = 0; i < num_realms; i++) { - if(i > 0) - strlcat(rs, ", ", l); - strlcat(rs, realms[i], l); - } - kdc_log(context, config, 0, - "cross-realm %s -> %s via [%s]", - client_realm, server_realm, rs); - free(rs); - } - } - if(check_policy) { - ret = krb5_check_transited(context, client_realm, - server_realm, - realms, num_realms, NULL); - if(ret) { - krb5_warn(context, ret, "cross-realm %s -> %s", - client_realm, server_realm); - goto free_realms; - } - et->flags.transited_policy_checked = 1; - } - et->transited.tr_type = DOMAIN_X500_COMPRESS; - ret = krb5_domain_x500_encode(realms, num_realms, &et->transited.contents); - if(ret) - krb5_warn(context, ret, "Encoding transited encoding"); - free_realms: - for(i = 0; i < num_realms; i++) - free(realms[i]); - free(realms); - return ret; -} - - -static krb5_error_code -tgs_make_reply(krb5_context context, - krb5_kdc_configuration *config, - KDC_REQ_BODY *b, - krb5_const_principal tgt_name, - const EncTicketPart *tgt, - const EncryptionKey *serverkey, - const krb5_keyblock *sessionkey, - krb5_kvno kvno, - AuthorizationData *auth_data, - hdb_entry_ex *server, - const char *server_name, - hdb_entry_ex *client, - krb5_principal client_principal, - hdb_entry_ex *krbtgt, - krb5_enctype krbtgt_etype, - KRB5SignedPathPrincipals *spp, - const krb5_data *rspac, - const char **e_text, - krb5_data *reply) -{ - KDC_REP rep; - EncKDCRepPart ek; - EncTicketPart et; - KDCOptions f = b->kdc_options; - krb5_error_code ret; - - memset(&rep, 0, sizeof(rep)); - memset(&et, 0, sizeof(et)); - memset(&ek, 0, sizeof(ek)); - - rep.pvno = 5; - rep.msg_type = krb_tgs_rep; - - et.authtime = tgt->authtime; - _kdc_fix_time(&b->till); - et.endtime = min(tgt->endtime, *b->till); - ALLOC(et.starttime); - *et.starttime = kdc_time; - - ret = check_tgs_flags(context, config, b, tgt, &et); - if(ret) - goto out; - - /* We should check the transited encoding if: - 1) the request doesn't ask not to be checked - 2) globally enforcing a check - 3) principal requires checking - 4) we allow non-check per-principal, but principal isn't marked as allowing this - 5) we don't globally allow this - */ - -#define GLOBAL_FORCE_TRANSITED_CHECK \ - (config->trpolicy == TRPOLICY_ALWAYS_CHECK) -#define GLOBAL_ALLOW_PER_PRINCIPAL \ - (config->trpolicy == TRPOLICY_ALLOW_PER_PRINCIPAL) -#define GLOBAL_ALLOW_DISABLE_TRANSITED_CHECK \ - (config->trpolicy == TRPOLICY_ALWAYS_HONOUR_REQUEST) - -/* these will consult the database in future release */ -#define PRINCIPAL_FORCE_TRANSITED_CHECK(P) 0 -#define PRINCIPAL_ALLOW_DISABLE_TRANSITED_CHECK(P) 0 - - ret = fix_transited_encoding(context, config, - !f.disable_transited_check || - GLOBAL_FORCE_TRANSITED_CHECK || - PRINCIPAL_FORCE_TRANSITED_CHECK(server) || - !((GLOBAL_ALLOW_PER_PRINCIPAL && - PRINCIPAL_ALLOW_DISABLE_TRANSITED_CHECK(server)) || - GLOBAL_ALLOW_DISABLE_TRANSITED_CHECK), - &tgt->transited, &et, - *krb5_princ_realm(context, client_principal), - *krb5_princ_realm(context, server->entry.principal), - *krb5_princ_realm(context, krbtgt->entry.principal)); - if(ret) - goto out; - - copy_Realm(krb5_princ_realm(context, server->entry.principal), - &rep.ticket.realm); - _krb5_principal2principalname(&rep.ticket.sname, server->entry.principal); - copy_Realm(&tgt_name->realm, &rep.crealm); -/* - if (f.request_anonymous) - _kdc_make_anonymous_principalname (&rep.cname); - else */ - - copy_PrincipalName(&tgt_name->name, &rep.cname); - rep.ticket.tkt_vno = 5; - - ek.caddr = et.caddr; - if(et.caddr == NULL) - et.caddr = tgt->caddr; - - { - time_t life; - life = et.endtime - *et.starttime; - if(client && client->entry.max_life) - life = min(life, *client->entry.max_life); - if(server->entry.max_life) - life = min(life, *server->entry.max_life); - et.endtime = *et.starttime + life; - } - if(f.renewable_ok && tgt->flags.renewable && - et.renew_till == NULL && et.endtime < *b->till){ - et.flags.renewable = 1; - ALLOC(et.renew_till); - *et.renew_till = *b->till; - } - if(et.renew_till){ - time_t renew; - renew = *et.renew_till - et.authtime; - if(client && client->entry.max_renew) - renew = min(renew, *client->entry.max_renew); - if(server->entry.max_renew) - renew = min(renew, *server->entry.max_renew); - *et.renew_till = et.authtime + renew; - } - - if(et.renew_till){ - *et.renew_till = min(*et.renew_till, *tgt->renew_till); - *et.starttime = min(*et.starttime, *et.renew_till); - et.endtime = min(et.endtime, *et.renew_till); - } - - *et.starttime = min(*et.starttime, et.endtime); - - if(*et.starttime == et.endtime){ - ret = KRB5KDC_ERR_NEVER_VALID; - goto out; - } - if(et.renew_till && et.endtime == *et.renew_till){ - free(et.renew_till); - et.renew_till = NULL; - et.flags.renewable = 0; - } - - et.flags.pre_authent = tgt->flags.pre_authent; - et.flags.hw_authent = tgt->flags.hw_authent; - et.flags.anonymous = tgt->flags.anonymous; - et.flags.ok_as_delegate = server->entry.flags.ok_as_delegate; - - if (auth_data) { - /* XXX Check enc-authorization-data */ - et.authorization_data = calloc(1, sizeof(*et.authorization_data)); - if (et.authorization_data == NULL) { - ret = ENOMEM; - goto out; - } - ret = copy_AuthorizationData(auth_data, et.authorization_data); - if (ret) - goto out; - - /* Filter out type KRB5SignedPath */ - ret = find_KRB5SignedPath(context, et.authorization_data, NULL); - if (ret == 0) { - if (et.authorization_data->len == 1) { - free_AuthorizationData(et.authorization_data); - free(et.authorization_data); - et.authorization_data = NULL; - } else { - AuthorizationData *ad = et.authorization_data; - free_AuthorizationDataElement(&ad->val[ad->len - 1]); - ad->len--; - } - } - } - - if(rspac->length) { - /* - * No not need to filter out the any PAC from the - * auth_data since it's signed by the KDC. - */ - ret = _kdc_tkt_add_if_relevant_ad(context, &et, - KRB5_AUTHDATA_WIN2K_PAC, - rspac); - if (ret) - goto out; - } - - ret = krb5_copy_keyblock_contents(context, sessionkey, &et.key); - if (ret) - goto out; - et.crealm = tgt->crealm; - et.cname = tgt_name->name; - - ek.key = et.key; - /* MIT must have at least one last_req */ - ek.last_req.len = 1; - ek.last_req.val = calloc(1, sizeof(*ek.last_req.val)); - if (ek.last_req.val == NULL) { - ret = ENOMEM; - goto out; - } - ek.nonce = b->nonce; - ek.flags = et.flags; - ek.authtime = et.authtime; - ek.starttime = et.starttime; - ek.endtime = et.endtime; - ek.renew_till = et.renew_till; - ek.srealm = rep.ticket.realm; - ek.sname = rep.ticket.sname; - - _kdc_log_timestamp(context, config, "TGS-REQ", et.authtime, et.starttime, - et.endtime, et.renew_till); - - /* Don't sign cross realm tickets, they can't be checked anyway */ - { - char *r = get_krbtgt_realm(&ek.sname); - - if (r == NULL || strcmp(r, ek.srealm) == 0) { - ret = _kdc_add_KRB5SignedPath(context, - config, - krbtgt, - krbtgt_etype, - NULL, - spp, - &et); - if (ret) - goto out; - } - } - - /* It is somewhat unclear where the etype in the following - encryption should come from. What we have is a session - key in the passed tgt, and a list of preferred etypes - *for the new ticket*. Should we pick the best possible - etype, given the keytype in the tgt, or should we look - at the etype list here as well? What if the tgt - session key is DES3 and we want a ticket with a (say) - CAST session key. Should the DES3 etype be added to the - etype list, even if we don't want a session key with - DES3? */ - ret = _kdc_encode_reply(context, config, - &rep, &et, &ek, et.key.keytype, - kvno, - serverkey, 0, &tgt->key, e_text, reply); -out: - free_TGS_REP(&rep); - free_TransitedEncoding(&et.transited); - if(et.starttime) - free(et.starttime); - if(et.renew_till) - free(et.renew_till); - if(et.authorization_data) { - free_AuthorizationData(et.authorization_data); - free(et.authorization_data); - } - free_LastReq(&ek.last_req); - memset(et.key.keyvalue.data, 0, et.key.keyvalue.length); - free_EncryptionKey(&et.key); - return ret; -} - -static krb5_error_code -tgs_check_authenticator(krb5_context context, - krb5_kdc_configuration *config, - krb5_auth_context ac, - KDC_REQ_BODY *b, - const char **e_text, - krb5_keyblock *key) -{ - krb5_authenticator auth; - size_t len; - unsigned char *buf; - size_t buf_size; - krb5_error_code ret; - krb5_crypto crypto; - - krb5_auth_con_getauthenticator(context, ac, &auth); - if(auth->cksum == NULL){ - kdc_log(context, config, 0, "No authenticator in request"); - ret = KRB5KRB_AP_ERR_INAPP_CKSUM; - goto out; - } - /* - * according to RFC1510 it doesn't need to be keyed, - * but according to the latest draft it needs to. - */ - if ( -#if 0 -!krb5_checksum_is_keyed(context, auth->cksum->cksumtype) - || -#endif - !krb5_checksum_is_collision_proof(context, auth->cksum->cksumtype)) { - kdc_log(context, config, 0, "Bad checksum type in authenticator: %d", - auth->cksum->cksumtype); - ret = KRB5KRB_AP_ERR_INAPP_CKSUM; - goto out; - } - - /* XXX should not re-encode this */ - ASN1_MALLOC_ENCODE(KDC_REQ_BODY, buf, buf_size, b, &len, ret); - if(ret){ - kdc_log(context, config, 0, "Failed to encode KDC-REQ-BODY: %s", - krb5_get_err_text(context, ret)); - goto out; - } - if(buf_size != len) { - free(buf); - kdc_log(context, config, 0, "Internal error in ASN.1 encoder"); - *e_text = "KDC internal error"; - ret = KRB5KRB_ERR_GENERIC; - goto out; - } - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) { - free(buf); - kdc_log(context, config, 0, "krb5_crypto_init failed: %s", - krb5_get_err_text(context, ret)); - goto out; - } - ret = krb5_verify_checksum(context, - crypto, - KRB5_KU_TGS_REQ_AUTH_CKSUM, - buf, - len, - auth->cksum); - free(buf); - krb5_crypto_destroy(context, crypto); - if(ret){ - kdc_log(context, config, 0, - "Failed to verify authenticator checksum: %s", - krb5_get_err_text(context, ret)); - } -out: - free_Authenticator(auth); - free(auth); - return ret; -} - -/* - * - */ - -static const char * -find_rpath(krb5_context context, Realm crealm, Realm srealm) -{ - const char *new_realm = krb5_config_get_string(context, - NULL, - "capaths", - crealm, - srealm, - NULL); - return new_realm; -} - - -static krb5_boolean -need_referral(krb5_context context, krb5_principal server, krb5_realm **realms) -{ - if(server->name.name_type != KRB5_NT_SRV_INST || - server->name.name_string.len != 2) - return FALSE; - - return _krb5_get_host_realm_int(context, server->name.name_string.val[1], - FALSE, realms) == 0; -} - -static krb5_error_code -tgs_parse_request(krb5_context context, - krb5_kdc_configuration *config, - KDC_REQ_BODY *b, - const PA_DATA *tgs_req, - hdb_entry_ex **krbtgt, - krb5_enctype *krbtgt_etype, - krb5_ticket **ticket, - const char **e_text, - const char *from, - const struct sockaddr *from_addr, - time_t **csec, - int **cusec, - AuthorizationData **auth_data) -{ - krb5_ap_req ap_req; - krb5_error_code ret; - krb5_principal princ; - krb5_auth_context ac = NULL; - krb5_flags ap_req_options; - krb5_flags verify_ap_req_flags; - krb5_crypto crypto; - Key *tkey; - - *auth_data = NULL; - *csec = NULL; - *cusec = NULL; - - memset(&ap_req, 0, sizeof(ap_req)); - ret = krb5_decode_ap_req(context, &tgs_req->padata_value, &ap_req); - if(ret){ - kdc_log(context, config, 0, "Failed to decode AP-REQ: %s", - krb5_get_err_text(context, ret)); - goto out; - } - - if(!get_krbtgt_realm(&ap_req.ticket.sname)){ - /* XXX check for ticket.sname == req.sname */ - kdc_log(context, config, 0, "PA-DATA is not a ticket-granting ticket"); - ret = KRB5KDC_ERR_POLICY; /* ? */ - goto out; - } - - _krb5_principalname2krb5_principal(context, - &princ, - ap_req.ticket.sname, - ap_req.ticket.realm); - - ret = _kdc_db_fetch(context, config, princ, HDB_F_GET_KRBTGT, NULL, krbtgt); - - if(ret) { - char *p; - ret = krb5_unparse_name(context, princ, &p); - if (ret != 0) - p = ""; - krb5_free_principal(context, princ); - kdc_log(context, config, 0, - "Ticket-granting ticket not found in database: %s: %s", - p, krb5_get_err_text(context, ret)); - if (ret == 0) - free(p); - ret = KRB5KRB_AP_ERR_NOT_US; - goto out; - } - - if(ap_req.ticket.enc_part.kvno && - *ap_req.ticket.enc_part.kvno != (*krbtgt)->entry.kvno){ - char *p; - - ret = krb5_unparse_name (context, princ, &p); - krb5_free_principal(context, princ); - if (ret != 0) - p = ""; - kdc_log(context, config, 0, - "Ticket kvno = %d, DB kvno = %d (%s)", - *ap_req.ticket.enc_part.kvno, - (*krbtgt)->entry.kvno, - p); - if (ret == 0) - free (p); - ret = KRB5KRB_AP_ERR_BADKEYVER; - goto out; - } - - *krbtgt_etype = ap_req.ticket.enc_part.etype; - - ret = hdb_enctype2key(context, &(*krbtgt)->entry, - ap_req.ticket.enc_part.etype, &tkey); - if(ret){ - char *str = NULL, *p = NULL; - - krb5_enctype_to_string(context, ap_req.ticket.enc_part.etype, &str); - krb5_unparse_name(context, princ, &p); - kdc_log(context, config, 0, - "No server key with enctype %s found for %s", - str ? str : "", - p ? p : ""); - free(str); - free(p); - ret = KRB5KRB_AP_ERR_BADKEYVER; - goto out; - } - - if (b->kdc_options.validate) - verify_ap_req_flags = KRB5_VERIFY_AP_REQ_IGNORE_INVALID; - else - verify_ap_req_flags = 0; - - ret = krb5_verify_ap_req2(context, - &ac, - &ap_req, - princ, - &tkey->key, - verify_ap_req_flags, - &ap_req_options, - ticket, - KRB5_KU_TGS_REQ_AUTH); - - krb5_free_principal(context, princ); - if(ret) { - kdc_log(context, config, 0, "Failed to verify AP-REQ: %s", - krb5_get_err_text(context, ret)); - goto out; - } - - { - krb5_authenticator auth; - - ret = krb5_auth_con_getauthenticator(context, ac, &auth); - if (ret == 0) { - *csec = malloc(sizeof(**csec)); - if (*csec == NULL) { - krb5_free_authenticator(context, &auth); - kdc_log(context, config, 0, "malloc failed"); - goto out; - } - **csec = auth->ctime; - *cusec = malloc(sizeof(**cusec)); - if (*cusec == NULL) { - krb5_free_authenticator(context, &auth); - kdc_log(context, config, 0, "malloc failed"); - goto out; - } - **cusec = auth->cusec; - krb5_free_authenticator(context, &auth); - } - } - - ret = tgs_check_authenticator(context, config, - ac, b, e_text, &(*ticket)->ticket.key); - if (ret) { - krb5_auth_con_free(context, ac); - goto out; - } - - if (b->enc_authorization_data) { - unsigned usage = KRB5_KU_TGS_REQ_AUTH_DAT_SUBKEY; - krb5_keyblock *subkey; - krb5_data ad; - - ret = krb5_auth_con_getremotesubkey(context, - ac, - &subkey); - if(ret){ - krb5_auth_con_free(context, ac); - kdc_log(context, config, 0, "Failed to get remote subkey: %s", - krb5_get_err_text(context, ret)); - goto out; - } - if(subkey == NULL){ - usage = KRB5_KU_TGS_REQ_AUTH_DAT_SESSION; - ret = krb5_auth_con_getkey(context, ac, &subkey); - if(ret) { - krb5_auth_con_free(context, ac); - kdc_log(context, config, 0, "Failed to get session key: %s", - krb5_get_err_text(context, ret)); - goto out; - } - } - if(subkey == NULL){ - krb5_auth_con_free(context, ac); - kdc_log(context, config, 0, - "Failed to get key for enc-authorization-data"); - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; /* ? */ - goto out; - } - ret = krb5_crypto_init(context, subkey, 0, &crypto); - if (ret) { - krb5_auth_con_free(context, ac); - kdc_log(context, config, 0, "krb5_crypto_init failed: %s", - krb5_get_err_text(context, ret)); - goto out; - } - ret = krb5_decrypt_EncryptedData (context, - crypto, - usage, - b->enc_authorization_data, - &ad); - krb5_crypto_destroy(context, crypto); - if(ret){ - krb5_auth_con_free(context, ac); - kdc_log(context, config, 0, - "Failed to decrypt enc-authorization-data"); - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; /* ? */ - goto out; - } - krb5_free_keyblock(context, subkey); - ALLOC(*auth_data); - if (*auth_data == NULL) { - krb5_auth_con_free(context, ac); - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; /* ? */ - goto out; - } - ret = decode_AuthorizationData(ad.data, ad.length, *auth_data, NULL); - if(ret){ - krb5_auth_con_free(context, ac); - free(*auth_data); - *auth_data = NULL; - kdc_log(context, config, 0, "Failed to decode authorization data"); - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; /* ? */ - goto out; - } - } - - krb5_auth_con_free(context, ac); - -out: - free_AP_REQ(&ap_req); - - return ret; -} - -static krb5_error_code -tgs_build_reply(krb5_context context, - krb5_kdc_configuration *config, - KDC_REQ *req, - KDC_REQ_BODY *b, - hdb_entry_ex *krbtgt, - krb5_enctype krbtgt_etype, - krb5_ticket *ticket, - krb5_data *reply, - const char *from, - const char **e_text, - AuthorizationData *auth_data, - const struct sockaddr *from_addr, - int datagram_reply) -{ - krb5_error_code ret; - krb5_principal cp = NULL, sp = NULL; - krb5_principal client_principal = NULL; - char *spn = NULL, *cpn = NULL; - hdb_entry_ex *server = NULL, *client = NULL; - EncTicketPart *tgt = &ticket->ticket; - KRB5SignedPathPrincipals *spp = NULL; - const EncryptionKey *ekey; - krb5_keyblock sessionkey; - krb5_kvno kvno; - krb5_data rspac; - int cross_realm = 0; - - PrincipalName *s; - Realm r; - int nloop = 0; - EncTicketPart adtkt; - char opt_str[128]; - int require_signedpath = 0; - - memset(&sessionkey, 0, sizeof(sessionkey)); - memset(&adtkt, 0, sizeof(adtkt)); - krb5_data_zero(&rspac); - - s = b->sname; - r = b->realm; - - if(b->kdc_options.enc_tkt_in_skey){ - Ticket *t; - hdb_entry_ex *uu; - krb5_principal p; - Key *uukey; - - if(b->additional_tickets == NULL || - b->additional_tickets->len == 0){ - ret = KRB5KDC_ERR_BADOPTION; /* ? */ - kdc_log(context, config, 0, - "No second ticket present in request"); - goto out; - } - t = &b->additional_tickets->val[0]; - if(!get_krbtgt_realm(&t->sname)){ - kdc_log(context, config, 0, - "Additional ticket is not a ticket-granting ticket"); - ret = KRB5KDC_ERR_POLICY; - goto out; - } - _krb5_principalname2krb5_principal(context, &p, t->sname, t->realm); - ret = _kdc_db_fetch(context, config, p, - HDB_F_GET_CLIENT|HDB_F_GET_SERVER, - NULL, &uu); - krb5_free_principal(context, p); - if(ret){ - if (ret == HDB_ERR_NOENTRY) - ret = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN; - goto out; - } - ret = hdb_enctype2key(context, &uu->entry, - t->enc_part.etype, &uukey); - if(ret){ - _kdc_free_ent(context, uu); - ret = KRB5KDC_ERR_ETYPE_NOSUPP; /* XXX */ - goto out; - } - ret = krb5_decrypt_ticket(context, t, &uukey->key, &adtkt, 0); - _kdc_free_ent(context, uu); - if(ret) - goto out; - - ret = verify_flags(context, config, &adtkt, spn); - if (ret) - goto out; - - s = &adtkt.cname; - r = adtkt.crealm; - } - - _krb5_principalname2krb5_principal(context, &sp, *s, r); - ret = krb5_unparse_name(context, sp, &spn); - if (ret) - goto out; - _krb5_principalname2krb5_principal(context, &cp, tgt->cname, tgt->crealm); - ret = krb5_unparse_name(context, cp, &cpn); - if (ret) - goto out; - unparse_flags (KDCOptions2int(b->kdc_options), - asn1_KDCOptions_units(), - opt_str, sizeof(opt_str)); - if(*opt_str) - kdc_log(context, config, 0, - "TGS-REQ %s from %s for %s [%s]", - cpn, from, spn, opt_str); - else - kdc_log(context, config, 0, - "TGS-REQ %s from %s for %s", cpn, from, spn); - - /* - * Fetch server - */ - -server_lookup: - ret = _kdc_db_fetch(context, config, sp, HDB_F_GET_SERVER, NULL, &server); - - if(ret){ - const char *new_rlm; - Realm req_rlm; - krb5_realm *realms; - - if ((req_rlm = get_krbtgt_realm(&sp->name)) != NULL) { - if(nloop++ < 2) { - new_rlm = find_rpath(context, tgt->crealm, req_rlm); - if(new_rlm) { - kdc_log(context, config, 5, "krbtgt for realm %s " - "not found, trying %s", - req_rlm, new_rlm); - krb5_free_principal(context, sp); - free(spn); - krb5_make_principal(context, &sp, r, - KRB5_TGS_NAME, new_rlm, NULL); - ret = krb5_unparse_name(context, sp, &spn); - if (ret) - goto out; - auth_data = NULL; /* ms don't handle AD in referals */ - goto server_lookup; - } - } - } else if(need_referral(context, sp, &realms)) { - if (strcmp(realms[0], sp->realm) != 0) { - kdc_log(context, config, 5, - "Returning a referral to realm %s for " - "server %s that was not found", - realms[0], spn); - krb5_free_principal(context, sp); - free(spn); - krb5_make_principal(context, &sp, r, KRB5_TGS_NAME, - realms[0], NULL); - ret = krb5_unparse_name(context, sp, &spn); - if (ret) - goto out; - krb5_free_host_realm(context, realms); - auth_data = NULL; /* ms don't handle AD in referals */ - goto server_lookup; - } - krb5_free_host_realm(context, realms); - } - kdc_log(context, config, 0, - "Server not found in database: %s: %s", spn, - krb5_get_err_text(context, ret)); - if (ret == HDB_ERR_NOENTRY) - ret = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN; - goto out; - } - - ret = _kdc_db_fetch(context, config, cp, HDB_F_GET_CLIENT, NULL, &client); - if(ret) { - const char *krbtgt_realm; - - /* - * If the client belongs to the same realm as our krbtgt, it - * should exist in the local database. - * - */ - - krbtgt_realm = - krb5_principal_get_comp_string(context, - krbtgt->entry.principal, 1); - - if(strcmp(krb5_principal_get_realm(context, cp), krbtgt_realm) == 0) { - if (ret == HDB_ERR_NOENTRY) - ret = KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN; - kdc_log(context, config, 1, "Client no longer in database: %s", - cpn); - goto out; - } - - kdc_log(context, config, 1, "Client not found in database: %s: %s", - cpn, krb5_get_err_text(context, ret)); - - cross_realm = 1; - } - - /* - * Check that service is in the same realm as the krbtgt. If it's - * not the same, it's someone that is using a uni-directional trust - * backward. - */ - - if (strcmp(krb5_principal_get_realm(context, sp), - krb5_principal_get_comp_string(context, - krbtgt->entry.principal, - 1)) != 0) { - char *tpn; - ret = krb5_unparse_name(context, krbtgt->entry.principal, &tpn); - kdc_log(context, config, 0, - "Request with wrong krbtgt: %s", - (ret == 0) ? tpn : ""); - if(ret == 0) - free(tpn); - ret = KRB5KRB_AP_ERR_NOT_US; - goto out; - } - - /* - * - */ - - client_principal = cp; - - if (client) { - const PA_DATA *sdata; - int i = 0; - - sdata = _kdc_find_padata(req, &i, KRB5_PADATA_S4U2SELF); - if (sdata) { - krb5_crypto crypto; - krb5_data datack; - PA_S4U2Self self; - char *selfcpn = NULL; - const char *str; - - ret = decode_PA_S4U2Self(sdata->padata_value.data, - sdata->padata_value.length, - &self, NULL); - if (ret) { - kdc_log(context, config, 0, "Failed to decode PA-S4U2Self"); - goto out; - } - - ret = _krb5_s4u2self_to_checksumdata(context, &self, &datack); - if (ret) - goto out; - - ret = krb5_crypto_init(context, &tgt->key, 0, &crypto); - if (ret) { - free_PA_S4U2Self(&self); - krb5_data_free(&datack); - kdc_log(context, config, 0, "krb5_crypto_init failed: %s", - krb5_get_err_text(context, ret)); - goto out; - } - - ret = krb5_verify_checksum(context, - crypto, - KRB5_KU_OTHER_CKSUM, - datack.data, - datack.length, - &self.cksum); - krb5_data_free(&datack); - krb5_crypto_destroy(context, crypto); - if (ret) { - free_PA_S4U2Self(&self); - kdc_log(context, config, 0, - "krb5_verify_checksum failed for S4U2Self: %s", - krb5_get_err_text(context, ret)); - goto out; - } - - ret = _krb5_principalname2krb5_principal(context, - &client_principal, - self.name, - self.realm); - free_PA_S4U2Self(&self); - if (ret) - goto out; - - ret = krb5_unparse_name(context, client_principal, &selfcpn); - if (ret) - goto out; - - /* - * Check that service doing the impersonating is - * requesting a ticket to it-self. - */ - if (krb5_principal_compare(context, cp, sp) != TRUE) { - kdc_log(context, config, 0, "S4U2Self: %s is not allowed " - "to impersonate some other user " - "(tried for user %s to service %s)", - cpn, selfcpn, spn); - free(selfcpn); - ret = KRB5KDC_ERR_BADOPTION; /* ? */ - goto out; - } - - /* - * If the service isn't trusted for authentication to - * delegation, remove the forward flag. - */ - - if (client->entry.flags.trusted_for_delegation) { - str = "[forwardable]"; - } else { - b->kdc_options.forwardable = 0; - str = ""; - } - kdc_log(context, config, 0, "s4u2self %s impersonating %s to " - "service %s %s", cpn, selfcpn, spn, str); - free(selfcpn); - } - } - - /* - * Constrained delegation - */ - - if (client != NULL - && b->additional_tickets != NULL - && b->additional_tickets->len != 0 - && b->kdc_options.enc_tkt_in_skey == 0) - { - Key *clientkey; - Ticket *t; - char *str; - - t = &b->additional_tickets->val[0]; - - ret = hdb_enctype2key(context, &client->entry, - t->enc_part.etype, &clientkey); - if(ret){ - ret = KRB5KDC_ERR_ETYPE_NOSUPP; /* XXX */ - goto out; - } - - ret = krb5_decrypt_ticket(context, t, &clientkey->key, &adtkt, 0); - if (ret) { - kdc_log(context, config, 0, - "failed to decrypt ticket for " - "constrained delegation from %s to %s ", spn, cpn); - goto out; - } - - /* check that ticket is valid */ - - if (adtkt.flags.forwardable == 0) { - kdc_log(context, config, 0, - "Missing forwardable flag on ticket for " - "constrained delegation from %s to %s ", spn, cpn); - ret = KRB5KDC_ERR_ETYPE_NOSUPP; /* XXX */ - goto out; - } - - ret = check_constrained_delegation(context, config, client, sp); - if (ret) { - kdc_log(context, config, 0, - "constrained delegation from %s to %s not allowed", - spn, cpn); - goto out; - } - - ret = _krb5_principalname2krb5_principal(context, - &client_principal, - adtkt.cname, - adtkt.crealm); - if (ret) - goto out; - - ret = krb5_unparse_name(context, client_principal, &str); - if (ret) - goto out; - - ret = verify_flags(context, config, &adtkt, str); - if (ret) { - free(str); - goto out; - } - - /* - * Check KRB5SignedPath in authorization data and add new entry to - * make sure servers can't fake a ticket to us. - */ - - ret = check_KRB5SignedPath(context, - config, - krbtgt, - &adtkt, - &spp, - 1); - if (ret) { - kdc_log(context, config, 0, - "KRB5SignedPath check from service %s failed " - "for delegation to %s for client %s " - "from %s failed with %s", - spn, str, cpn, from, krb5_get_err_text(context, ret)); - free(str); - goto out; - } - - kdc_log(context, config, 0, "constrained delegation for %s " - "from %s to %s", str, cpn, spn); - free(str); - - /* - * Also require that the KDC have issue the service's krbtgt - * used to do the request. - */ - require_signedpath = 1; - } - - /* - * Check flags - */ - - ret = _kdc_check_flags(context, config, - client, cpn, - server, spn, - FALSE); - if(ret) - goto out; - - if((b->kdc_options.validate || b->kdc_options.renew) && - !krb5_principal_compare(context, - krbtgt->entry.principal, - server->entry.principal)){ - kdc_log(context, config, 0, "Inconsistent request."); - ret = KRB5KDC_ERR_SERVER_NOMATCH; - goto out; - } - - /* check for valid set of addresses */ - if(!_kdc_check_addresses(context, config, tgt->caddr, from_addr)) { - ret = KRB5KRB_AP_ERR_BADADDR; - kdc_log(context, config, 0, "Request from wrong address"); - goto out; - } - - /* - * Select enctype, return key and kvno. - */ - - { - krb5_enctype etype; - - if(b->kdc_options.enc_tkt_in_skey) { - int i; - ekey = &adtkt.key; - for(i = 0; i < b->etype.len; i++) - if (b->etype.val[i] == adtkt.key.keytype) - break; - if(i == b->etype.len) { - krb5_clear_error_string(context); - return KRB5KDC_ERR_ETYPE_NOSUPP; - } - etype = b->etype.val[i]; - kvno = 0; - } else { - Key *skey; - - ret = _kdc_find_etype(context, server, b->etype.val, b->etype.len, - &skey, &etype); - if(ret) { - kdc_log(context, config, 0, - "Server (%s) has no support for etypes", spp); - return ret; - } - ekey = &skey->key; - kvno = server->entry.kvno; - } - - ret = krb5_generate_random_keyblock(context, etype, &sessionkey); - if (ret) - goto out; - } - - /* check PAC if not cross realm and if there is one */ - if (!cross_realm) { - Key *tkey; - - ret = hdb_enctype2key(context, &krbtgt->entry, - krbtgt_etype, &tkey); - if(ret) { - kdc_log(context, config, 0, - "Failed to find key for krbtgt PAC check"); - goto out; - } - - ret = check_PAC(context, config, client_principal, - client, server, ekey, &tkey->key, - tgt, &rspac, &require_signedpath); - if (ret) { - kdc_log(context, config, 0, - "Verify PAC failed for %s (%s) from %s with %s", - spn, cpn, from, krb5_get_err_text(context, ret)); - goto out; - } - } - - /* also check the krbtgt for signature */ - ret = check_KRB5SignedPath(context, - config, - krbtgt, - tgt, - &spp, - require_signedpath); - if (ret) { - kdc_log(context, config, 0, - "KRB5SignedPath check failed for %s (%s) from %s with %s", - spn, cpn, from, krb5_get_err_text(context, ret)); - goto out; - } - - /* - * - */ - - ret = tgs_make_reply(context, - config, - b, - client_principal, - tgt, - ekey, - &sessionkey, - kvno, - auth_data, - server, - spn, - client, - cp, - krbtgt, - krbtgt_etype, - spp, - &rspac, - e_text, - reply); - -out: - free(spn); - free(cpn); - - krb5_data_free(&rspac); - krb5_free_keyblock_contents(context, &sessionkey); - if(server) - _kdc_free_ent(context, server); - if(client) - _kdc_free_ent(context, client); - - if (client_principal && client_principal != cp) - krb5_free_principal(context, client_principal); - if (cp) - krb5_free_principal(context, cp); - if (sp) - krb5_free_principal(context, sp); - - free_EncTicketPart(&adtkt); - - return ret; -} - -/* - * - */ - -krb5_error_code -_kdc_tgs_rep(krb5_context context, - krb5_kdc_configuration *config, - KDC_REQ *req, - krb5_data *data, - const char *from, - struct sockaddr *from_addr, - int datagram_reply) -{ - AuthorizationData *auth_data = NULL; - krb5_error_code ret; - int i = 0; - const PA_DATA *tgs_req; - - hdb_entry_ex *krbtgt = NULL; - krb5_ticket *ticket = NULL; - const char *e_text = NULL; - krb5_enctype krbtgt_etype = ETYPE_NULL; - - time_t *csec = NULL; - int *cusec = NULL; - - if(req->padata == NULL){ - ret = KRB5KDC_ERR_PREAUTH_REQUIRED; /* XXX ??? */ - kdc_log(context, config, 0, - "TGS-REQ from %s without PA-DATA", from); - goto out; - } - - tgs_req = _kdc_find_padata(req, &i, KRB5_PADATA_TGS_REQ); - - if(tgs_req == NULL){ - ret = KRB5KDC_ERR_PADATA_TYPE_NOSUPP; - - kdc_log(context, config, 0, - "TGS-REQ from %s without PA-TGS-REQ", from); - goto out; - } - ret = tgs_parse_request(context, config, - &req->req_body, tgs_req, - &krbtgt, - &krbtgt_etype, - &ticket, - &e_text, - from, from_addr, - &csec, &cusec, - &auth_data); - if (ret) { - kdc_log(context, config, 0, - "Failed parsing TGS-REQ from %s", from); - goto out; - } - - ret = tgs_build_reply(context, - config, - req, - &req->req_body, - krbtgt, - krbtgt_etype, - ticket, - data, - from, - &e_text, - auth_data, - from_addr, - datagram_reply); - if (ret) { - kdc_log(context, config, 0, - "Failed building TGS-REP to %s", from); - goto out; - } - - /* */ - if (datagram_reply && data->length > config->max_datagram_reply_length) { - krb5_data_free(data); - ret = KRB5KRB_ERR_RESPONSE_TOO_BIG; - e_text = "Reply packet too large"; - } - -out: - if(ret && data->data == NULL){ - krb5_mk_error(context, - ret, - NULL, - NULL, - NULL, - NULL, - csec, - cusec, - data); - } - free(csec); - free(cusec); - if (ticket) - krb5_free_ticket(context, ticket); - if(krbtgt) - _kdc_free_ent(context, krbtgt); - - if (auth_data) { - free_AuthorizationData(auth_data); - free(auth_data); - } - - return 0; -} diff --git a/crypto/heimdal/kdc/kstash.8 b/crypto/heimdal/kdc/kstash.8 deleted file mode 100644 index f30eac693d0a..000000000000 --- a/crypto/heimdal/kdc/kstash.8 +++ /dev/null @@ -1,104 +0,0 @@ -.\" Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kstash.8 20316 2007-04-11 11:53:20Z lha $ -.\" -.Dd April 10, 2007 -.Dt KSTASH 8 -.Os HEIMDAL -.Sh NAME -.Nm kstash -.Nd "store the KDC master password in a file" -.Sh SYNOPSIS -.Nm -.Bk -words -.Oo Fl e Ar string \*(Ba Xo -.Fl -enctype= Ns Ar string -.Xc -.Oc -.Oo Fl k Ar file \*(Ba Xo -.Fl -key-file= Ns Ar file -.Xc -.Oc -.Op Fl -convert-file -.Op Fl -random-key -.Op Fl -master-key-fd= Ns Ar fd -.Op Fl -random-key -.Op Fl h | Fl -help -.Op Fl -version -.Ek -.Sh DESCRIPTION -.Nm -reads the Kerberos master key and stores it in a file that will be -used by the KDC. -.Pp -Supported options: -.Bl -tag -width Ds -.It Xo -.Fl e Ar string , -.Fl -enctype= Ns Ar string -.Xc -the encryption type to use, defaults to DES3-CBC-SHA1. -.It Xo -.Fl k Ar file , -.Fl -key-file= Ns Ar file -.Xc -the name of the master key file. -.It Xo -.Fl -convert-file -.Xc -don't ask for a new master key, just read an old master key file, and -write it back in the new keyfile format. -.It Xo -.Fl -random-key -.Xc -generate a random master key. -.It Xo -.Fl -master-key-fd= Ns Ar fd -.Xc -filedescriptor to read passphrase from, if not specified the -passphrase will be read from the terminal. -.El -.\".Sh ENVIRONMENT -.Sh FILES -.Pa /var/heimdal/m-key -is the default keyfile if no other keyfile is specified. -The format of a Heimdal master key is the same as a keytab, so -.Nm ktutil -list can be used to list the content of the file. -.\".Sh EXAMPLES -.\".Sh DIAGNOSTICS -.Sh SEE ALSO -.Xr kdc 8 -.\".Sh STANDARDS -.\".Sh HISTORY -.\".Sh AUTHORS -.\".Sh BUGS diff --git a/crypto/heimdal/kdc/kstash.c b/crypto/heimdal/kdc/kstash.c deleted file mode 100644 index 9e499a1093a2..000000000000 --- a/crypto/heimdal/kdc/kstash.c +++ /dev/null @@ -1,165 +0,0 @@ -/* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "headers.h" - -RCSID("$Id: kstash.c 22244 2007-12-08 23:47:42Z lha $"); - -krb5_context context; - -static char *keyfile; -static int convert_flag; -static int help_flag; -static int version_flag; - -static int master_key_fd = -1; -static int random_key_flag; - -static const char *enctype_str = "des3-cbc-sha1"; - -static struct getargs args[] = { - { "enctype", 'e', arg_string, &enctype_str, "encryption type" }, - { "key-file", 'k', arg_string, &keyfile, "master key file", "file" }, - { "convert-file", 0, arg_flag, &convert_flag, - "just convert keyfile to new format" }, - { "master-key-fd", 0, arg_integer, &master_key_fd, - "filedescriptor to read passphrase from", "fd" }, - { "random-key", 0, arg_flag, &random_key_flag, "generate a random master key" }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 0, arg_flag, &version_flag } -}; - -int num_args = sizeof(args) / sizeof(args[0]); - -int -main(int argc, char **argv) -{ - char buf[1024]; - krb5_error_code ret; - - krb5_enctype enctype; - - hdb_master_key mkey; - - krb5_program_setup(&context, argc, argv, args, num_args, NULL); - - if(help_flag) - krb5_std_usage(0, args, num_args); - if(version_flag){ - print_version(NULL); - exit(0); - } - - if (master_key_fd != -1 && random_key_flag) - krb5_errx(context, 1, "random-key and master-key-fd " - "is mutual exclusive"); - - if (keyfile == NULL) - asprintf(&keyfile, "%s/m-key", hdb_db_dir(context)); - - ret = krb5_string_to_enctype(context, enctype_str, &enctype); - if(ret) - krb5_err(context, 1, ret, "krb5_string_to_enctype"); - - ret = hdb_read_master_key(context, keyfile, &mkey); - if(ret && ret != ENOENT) - krb5_err(context, 1, ret, "reading master key from %s", keyfile); - - if (convert_flag) { - if (ret) - krb5_err(context, 1, ret, "reading master key from %s", keyfile); - } else { - krb5_keyblock key; - krb5_salt salt; - salt.salttype = KRB5_PW_SALT; - /* XXX better value? */ - salt.saltvalue.data = NULL; - salt.saltvalue.length = 0; - if (random_key_flag) { - ret = krb5_generate_random_keyblock(context, enctype, &key); - if (ret) - krb5_err(context, 1, ret, "krb5_generate_random_keyblock"); - - } else { - if(master_key_fd != -1) { - ssize_t n; - n = read(master_key_fd, buf, sizeof(buf)); - if(n <= 0) - krb5_err(context, 1, errno, "failed to read passphrase"); - buf[n] = '\0'; - buf[strcspn(buf, "\r\n")] = '\0'; - - } else { - if(UI_UTIL_read_pw_string(buf, sizeof(buf), "Master key: ", 1)) - exit(1); - } - krb5_string_to_key_salt(context, enctype, buf, salt, &key); - } - ret = hdb_add_master_key(context, &key, &mkey); - - krb5_free_keyblock_contents(context, &key); - - } - - { - char *new, *old; - asprintf(&old, "%s.old", keyfile); - asprintf(&new, "%s.new", keyfile); - if(unlink(new) < 0 && errno != ENOENT) { - ret = errno; - goto out; - } - krb5_warnx(context, "writing key to `%s'", keyfile); - ret = hdb_write_master_key(context, new, mkey); - if(ret) - unlink(new); - else { - unlink(old); - if(link(keyfile, old) < 0 && errno != ENOENT) { - ret = errno; - unlink(new); - } else if(rename(new, keyfile) < 0) { - ret = errno; - } - } - out: - free(old); - free(new); - if(ret) - krb5_warn(context, errno, "writing master key file"); - } - - hdb_free_master_key(context, mkey); - - exit(ret != 0); -} diff --git a/crypto/heimdal/kdc/kx509.c b/crypto/heimdal/kdc/kx509.c deleted file mode 100644 index b1b861efef88..000000000000 --- a/crypto/heimdal/kdc/kx509.c +++ /dev/null @@ -1,460 +0,0 @@ -/* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" -#include -#include -#include - -RCSID("$Id: kx509.c 21607 2007-07-17 07:04:52Z lha $"); - -/* - * - */ - -krb5_error_code -_kdc_try_kx509_request(void *ptr, size_t len, Kx509Request *req, size_t *size) -{ - if (len < 4) - return -1; - if (memcmp("\x00\x00\x02\x00", ptr, 4) != 0) - return -1; - return decode_Kx509Request(((unsigned char *)ptr) + 4, len - 4, req, size); -} - -/* - * - */ - -static const unsigned char version_2_0[4] = {0 , 0, 2, 0}; - -static krb5_error_code -verify_req_hash(krb5_context context, - const Kx509Request *req, - krb5_keyblock *key) -{ - unsigned char digest[SHA_DIGEST_LENGTH]; - HMAC_CTX ctx; - - if (req->pk_hash.length != sizeof(digest)) { - krb5_set_error_string(context, "pk-hash have wrong length: %lu", - (unsigned long)req->pk_hash.length); - return KRB5KDC_ERR_PREAUTH_FAILED; - } - - HMAC_CTX_init(&ctx); - HMAC_Init_ex(&ctx, - key->keyvalue.data, key->keyvalue.length, - EVP_sha1(), NULL); - if (sizeof(digest) != HMAC_size(&ctx)) - krb5_abortx(context, "runtime error, hmac buffer wrong size in kx509"); - HMAC_Update(&ctx, version_2_0, sizeof(version_2_0)); - HMAC_Update(&ctx, req->pk_key.data, req->pk_key.length); - HMAC_Final(&ctx, digest, 0); - HMAC_CTX_cleanup(&ctx); - - if (memcmp(req->pk_hash.data, digest, sizeof(digest)) != 0) { - krb5_set_error_string(context, "pk-hash is not correct"); - return KRB5KDC_ERR_PREAUTH_FAILED; - } - return 0; -} - -static krb5_error_code -calculate_reply_hash(krb5_context context, - krb5_keyblock *key, - Kx509Response *rep) -{ - HMAC_CTX ctx; - - HMAC_CTX_init(&ctx); - - HMAC_Init_ex(&ctx, - key->keyvalue.data, key->keyvalue.length, - EVP_sha1(), NULL); - rep->hash->length = HMAC_size(&ctx); - rep->hash->data = malloc(rep->hash->length); - if (rep->hash->data == NULL) { - HMAC_CTX_cleanup(&ctx); - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - - HMAC_Update(&ctx, version_2_0, sizeof(version_2_0)); - if (rep->error_code) { - int32_t t = *rep->error_code; - do { - unsigned char p = (t & 0xff); - HMAC_Update(&ctx, &p, 1); - t >>= 8; - } while (t); - } - if (rep->certificate) - HMAC_Update(&ctx, rep->certificate->data, rep->certificate->length); - if (rep->e_text) - HMAC_Update(&ctx, (unsigned char *)*rep->e_text, strlen(*rep->e_text)); - - HMAC_Final(&ctx, rep->hash->data, 0); - HMAC_CTX_cleanup(&ctx); - - return 0; -} - -/* - * Build a certifate for `principal´ that will expire at `endtime´. - */ - -static krb5_error_code -build_certificate(krb5_context context, - krb5_kdc_configuration *config, - const krb5_data *key, - time_t endtime, - krb5_principal principal, - krb5_data *certificate) -{ - hx509_context hxctx = NULL; - hx509_ca_tbs tbs = NULL; - hx509_env env = NULL; - hx509_cert cert = NULL; - hx509_cert signer = NULL; - int ret; - - if (krb5_principal_get_comp_string(context, principal, 1) != NULL) { - kdc_log(context, config, 0, "Principal is not a user"); - return EINVAL; - } - - ret = hx509_context_init(&hxctx); - if (ret) - goto out; - - ret = hx509_env_init(hxctx, &env); - if (ret) - goto out; - - ret = hx509_env_add(hxctx, env, "principal-name", - krb5_principal_get_comp_string(context, principal, 0)); - if (ret) - goto out; - - { - hx509_certs certs; - hx509_query *q; - - ret = hx509_certs_init(hxctx, config->kx509_ca, 0, - NULL, &certs); - if (ret) { - kdc_log(context, config, 0, "Failed to load CA %s", - config->kx509_ca); - goto out; - } - ret = hx509_query_alloc(hxctx, &q); - if (ret) { - hx509_certs_free(&certs); - goto out; - } - - hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); - hx509_query_match_option(q, HX509_QUERY_OPTION_KU_KEYCERTSIGN); - - ret = hx509_certs_find(hxctx, certs, q, &signer); - hx509_query_free(hxctx, q); - hx509_certs_free(&certs); - if (ret) { - kdc_log(context, config, 0, "Failed to find a CA in %s", - config->kx509_ca); - goto out; - } - } - - ret = hx509_ca_tbs_init(hxctx, &tbs); - if (ret) - goto out; - - { - SubjectPublicKeyInfo spki; - heim_any any; - - memset(&spki, 0, sizeof(spki)); - - spki.subjectPublicKey.data = key->data; - spki.subjectPublicKey.length = key->length * 8; - - ret = der_copy_oid(oid_id_pkcs1_rsaEncryption(), - &spki.algorithm.algorithm); - - any.data = "\x05\x00"; - any.length = 2; - spki.algorithm.parameters = &any; - - ret = hx509_ca_tbs_set_spki(hxctx, tbs, &spki); - der_free_oid(&spki.algorithm.algorithm); - if (ret) - goto out; - } - - { - hx509_certs certs; - hx509_cert template; - - ret = hx509_certs_init(hxctx, config->kx509_template, 0, - NULL, &certs); - if (ret) { - kdc_log(context, config, 0, "Failed to load template %s", - config->kx509_template); - goto out; - } - ret = hx509_get_one_cert(hxctx, certs, &template); - hx509_certs_free(&certs); - if (ret) { - kdc_log(context, config, 0, "Failed to find template in %s", - config->kx509_template); - goto out; - } - ret = hx509_ca_tbs_set_template(hxctx, tbs, - HX509_CA_TEMPLATE_SUBJECT| - HX509_CA_TEMPLATE_KU| - HX509_CA_TEMPLATE_EKU, - template); - hx509_cert_free(template); - if (ret) - goto out; - } - - hx509_ca_tbs_set_notAfter(hxctx, tbs, endtime); - - hx509_ca_tbs_subject_expand(hxctx, tbs, env); - hx509_env_free(&env); - - ret = hx509_ca_sign(hxctx, tbs, signer, &cert); - hx509_cert_free(signer); - if (ret) - goto out; - - hx509_ca_tbs_free(&tbs); - - ret = hx509_cert_binary(hxctx, cert, certificate); - hx509_cert_free(cert); - if (ret) - goto out; - - hx509_context_free(&hxctx); - - return 0; -out: - if (env) - hx509_env_free(&env); - if (tbs) - hx509_ca_tbs_free(&tbs); - if (signer) - hx509_cert_free(signer); - if (hxctx) - hx509_context_free(&hxctx); - krb5_set_error_string(context, "cert creation failed"); - return ret; -} - -/* - * - */ - -krb5_error_code -_kdc_do_kx509(krb5_context context, - krb5_kdc_configuration *config, - const Kx509Request *req, krb5_data *reply, - const char *from, struct sockaddr *addr) -{ - krb5_error_code ret; - krb5_ticket *ticket = NULL; - krb5_flags ap_req_options; - krb5_auth_context ac = NULL; - krb5_keytab id = NULL; - krb5_principal sprincipal = NULL, cprincipal = NULL; - char *cname = NULL; - Kx509Response rep; - size_t size; - krb5_keyblock *key = NULL; - - krb5_data_zero(reply); - memset(&rep, 0, sizeof(rep)); - - if(!config->enable_kx509) { - kdc_log(context, config, 0, - "Rejected kx509 request (disabled) from %s", from); - return KRB5KDC_ERR_POLICY; - } - - kdc_log(context, config, 0, "Kx509 request from %s", from); - - ret = krb5_kt_resolve(context, "HDB:", &id); - if (ret) { - kdc_log(context, config, 0, "Can't open database for digest"); - goto out; - } - - ret = krb5_rd_req(context, - &ac, - &req->authenticator, - NULL, - id, - &ap_req_options, - &ticket); - if (ret) - goto out; - - ret = krb5_ticket_get_client(context, ticket, &cprincipal); - if (ret) - goto out; - - ret = krb5_unparse_name(context, cprincipal, &cname); - if (ret) - goto out; - - /* verify server principal */ - - ret = krb5_sname_to_principal(context, NULL, "kca_service", - KRB5_NT_UNKNOWN, &sprincipal); - if (ret) - goto out; - - { - krb5_principal principal = NULL; - - ret = krb5_ticket_get_server(context, ticket, &principal); - if (ret) - goto out; - - ret = krb5_principal_compare(context, sprincipal, principal); - krb5_free_principal(context, principal); - if (ret != TRUE) { - ret = KRB5KDC_ERR_SERVER_NOMATCH; - krb5_set_error_string(context, - "User %s used wrong Kx509 service principal", - cname); - goto out; - } - } - - ret = krb5_auth_con_getkey(context, ac, &key); - if (ret || key == NULL) { - krb5_set_error_string(context, "Kx509 can't get session key"); - goto out; - } - - ret = verify_req_hash(context, req, key); - if (ret) - goto out; - - /* Verify that the key is encoded RSA key */ - { - RSAPublicKey key; - size_t size; - - ret = decode_RSAPublicKey(req->pk_key.data, req->pk_key.length, - &key, &size); - if (ret) - goto out; - free_RSAPublicKey(&key); - if (size != req->pk_key.length) - ; - } - - ALLOC(rep.certificate); - if (rep.certificate == NULL) - goto out; - krb5_data_zero(rep.certificate); - ALLOC(rep.hash); - if (rep.hash == NULL) - goto out; - krb5_data_zero(rep.hash); - - ret = build_certificate(context, config, &req->pk_key, - krb5_ticket_get_endtime(context, ticket), - cprincipal, rep.certificate); - if (ret) - goto out; - - ret = calculate_reply_hash(context, key, &rep); - if (ret) - goto out; - - /* - * Encode reply, [ version | Kx509Response ] - */ - - { - krb5_data data; - - ASN1_MALLOC_ENCODE(Kx509Response, data.data, data.length, &rep, - &size, ret); - if (ret) { - krb5_set_error_string(context, "Failed to encode kx509 reply"); - goto out; - } - if (size != data.length) - krb5_abortx(context, "ASN1 internal error"); - - ret = krb5_data_alloc(reply, data.length + sizeof(version_2_0)); - if (ret) { - free(data.data); - goto out; - } - memcpy(reply->data, version_2_0, sizeof(version_2_0)); - memcpy(((unsigned char *)reply->data) + sizeof(version_2_0), - data.data, data.length); - free(data.data); - } - - kdc_log(context, config, 0, "Successful Kx509 request for %s", cname); - -out: - if (ac) - krb5_auth_con_free(context, ac); - if (ret) - krb5_warn(context, ret, "Kx509 request from %s failed", from); - if (ticket) - krb5_free_ticket(context, ticket); - if (id) - krb5_kt_close(context, id); - if (sprincipal) - krb5_free_principal(context, sprincipal); - if (cprincipal) - krb5_free_principal(context, cprincipal); - if (key) - krb5_free_keyblock (context, key); - if (cname) - free(cname); - free_Kx509Response(&rep); - - return 0; -} diff --git a/crypto/heimdal/kdc/log.c b/crypto/heimdal/kdc/log.c deleted file mode 100644 index 8cf967fbfb8b..000000000000 --- a/crypto/heimdal/kdc/log.c +++ /dev/null @@ -1,93 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" -RCSID("$Id: log.c 22254 2007-12-09 06:01:05Z lha $"); - -void -kdc_openlog(krb5_context context, - krb5_kdc_configuration *config) -{ - char **s = NULL, **p; - krb5_initlog(context, "kdc", &config->logf); - s = krb5_config_get_strings(context, NULL, "kdc", "logging", NULL); - if(s == NULL) - s = krb5_config_get_strings(context, NULL, "logging", "kdc", NULL); - if(s){ - for(p = s; *p; p++) - krb5_addlog_dest(context, config->logf, *p); - krb5_config_free_strings(s); - }else { - char *s; - asprintf(&s, "0-1/FILE:%s/%s", hdb_db_dir(context), KDC_LOG_FILE); - krb5_addlog_dest(context, config->logf, s); - free(s); - } - krb5_set_warn_dest(context, config->logf); -} - -char* -kdc_log_msg_va(krb5_context context, - krb5_kdc_configuration *config, - int level, const char *fmt, va_list ap) -{ - char *msg; - krb5_vlog_msg(context, config->logf, &msg, level, fmt, ap); - return msg; -} - -char* -kdc_log_msg(krb5_context context, - krb5_kdc_configuration *config, - int level, const char *fmt, ...) -{ - va_list ap; - char *s; - va_start(ap, fmt); - s = kdc_log_msg_va(context, config, level, fmt, ap); - va_end(ap); - return s; -} - -void -kdc_log(krb5_context context, - krb5_kdc_configuration *config, - int level, const char *fmt, ...) -{ - va_list ap; - char *s; - va_start(ap, fmt); - s = kdc_log_msg_va(context, config, level, fmt, ap); - if(s) free(s); - va_end(ap); -} diff --git a/crypto/heimdal/kdc/main.c b/crypto/heimdal/kdc/main.c deleted file mode 100644 index 9195b0488952..000000000000 --- a/crypto/heimdal/kdc/main.c +++ /dev/null @@ -1,99 +0,0 @@ -/* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" -#ifdef HAVE_UTIL_H -#include -#endif - -RCSID("$Id: main.c 20454 2007-04-19 20:21:51Z lha $"); - -sig_atomic_t exit_flag = 0; - -int detach_from_console = -1; - -static RETSIGTYPE -sigterm(int sig) -{ - exit_flag = sig; -} - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - krb5_context context; - krb5_kdc_configuration *config; - - setprogname(argv[0]); - - ret = krb5_init_context(&context); - if (ret == KRB5_CONFIG_BADFORMAT) - errx (1, "krb5_init_context failed to parse configuration file"); - else if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - ret = krb5_kt_register(context, &hdb_kt_ops); - if (ret) - errx (1, "krb5_kt_register(HDB) failed: %d", ret); - - config = configure(context, argc, argv); - -#ifdef HAVE_SIGACTION - { - struct sigaction sa; - - sa.sa_flags = 0; - sa.sa_handler = sigterm; - sigemptyset(&sa.sa_mask); - - sigaction(SIGINT, &sa, NULL); - sigaction(SIGTERM, &sa, NULL); - sigaction(SIGXCPU, &sa, NULL); - - sa.sa_handler = SIG_IGN; - sigaction(SIGPIPE, &sa, NULL); - } -#else - signal(SIGINT, sigterm); - signal(SIGTERM, sigterm); - signal(SIGXCPU, sigterm); - signal(SIGPIPE, SIG_IGN); -#endif - if (detach_from_console) - daemon(0, 0); - pidfile(NULL); - loop(context, config); - krb5_free_context(context); - return 0; -} diff --git a/crypto/heimdal/kdc/misc.c b/crypto/heimdal/kdc/misc.c deleted file mode 100644 index 072df4404297..000000000000 --- a/crypto/heimdal/kdc/misc.c +++ /dev/null @@ -1,122 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" - -RCSID("$Id: misc.c 21106 2007-06-18 10:18:11Z lha $"); - -struct timeval _kdc_now; - -krb5_error_code -_kdc_db_fetch(krb5_context context, - krb5_kdc_configuration *config, - krb5_const_principal principal, - unsigned flags, - HDB **db, - hdb_entry_ex **h) -{ - hdb_entry_ex *ent; - krb5_error_code ret; - int i; - - ent = calloc (1, sizeof (*ent)); - if (ent == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - - for(i = 0; i < config->num_db; i++) { - ret = config->db[i]->hdb_open(context, config->db[i], O_RDONLY, 0); - if (ret) { - kdc_log(context, config, 0, "Failed to open database: %s", - krb5_get_err_text(context, ret)); - continue; - } - ret = config->db[i]->hdb_fetch(context, - config->db[i], - principal, - flags | HDB_F_DECRYPT, - ent); - config->db[i]->hdb_close(context, config->db[i]); - if(ret == 0) { - if (db) - *db = config->db[i]; - *h = ent; - return 0; - } - } - free(ent); - krb5_set_error_string(context, "no such entry found in hdb"); - return HDB_ERR_NOENTRY; -} - -void -_kdc_free_ent(krb5_context context, hdb_entry_ex *ent) -{ - hdb_free_entry (context, ent); - free (ent); -} - -/* - * Use the order list of preferred encryption types and sort the - * available keys and return the most preferred key. - */ - -krb5_error_code -_kdc_get_preferred_key(krb5_context context, - krb5_kdc_configuration *config, - hdb_entry_ex *h, - const char *name, - krb5_enctype *enctype, - Key **key) -{ - const krb5_enctype *p; - krb5_error_code ret; - int i; - - p = krb5_kerberos_enctypes(context); - - for (i = 0; p[i] != ETYPE_NULL; i++) { - if (krb5_enctype_valid(context, p[i]) != 0) - continue; - ret = hdb_enctype2key(context, &h->entry, p[i], key); - if (ret == 0) { - *enctype = p[i]; - return 0; - } - } - - krb5_set_error_string(context, "No valid kerberos key found for %s", name); - return EINVAL; -} - diff --git a/crypto/heimdal/kdc/mit_dump.c b/crypto/heimdal/kdc/mit_dump.c deleted file mode 100644 index dd2f5d78c8e9..000000000000 --- a/crypto/heimdal/kdc/mit_dump.c +++ /dev/null @@ -1,373 +0,0 @@ -/* - * Copyright (c) 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hprop.h" - -RCSID("$Id: mit_dump.c 21745 2007-07-31 16:11:25Z lha $"); - -/* -can have any number of princ stanzas. -format is as follows (only \n indicates newlines) -princ\t%d\t (%d is KRB5_KDB_V1_BASE_LENGTH, always 38) -%d\t (strlen of principal e.g. shadow/foo@ANDREW.CMU.EDU) -%d\t (number of tl_data) -%d\t (number of key data, e.g. how many keys for this user) -%d\t (extra data length) -%s\t (principal name) -%d\t (attributes) -%d\t (max lifetime, seconds) -%d\t (max renewable life, seconds) -%d\t (expiration, seconds since epoch or 2145830400 for never) -%d\t (password expiration, seconds, 0 for never) -%d\t (last successful auth, seconds since epoch) -%d\t (last failed auth, per above) -%d\t (failed auth count) -foreach tl_data 0 to number of tl_data - 1 as above - %d\t%d\t (data type, data length) - foreach tl_data 0 to length-1 - %02x (tl data contents[element n]) - except if tl_data length is 0 - %d (always -1) - \t -foreach key 0 to number of keys - 1 as above - %d\t%d\t (key data version, kvno) - foreach version 0 to key data version - 1 (a key or a salt) - %d\t%d\t(data type for this key, data length for this key) - foreach key data length 0 to length-1 - %02x (key data contents[element n]) - except if key_data length is 0 - %d (always -1) - \t -foreach extra data length 0 to length - 1 - %02x (extra data part) -unless no extra data - %d (always -1) -;\n - -*/ - -static int -hex_to_octet_string(const char *ptr, krb5_data *data) -{ - int i; - unsigned int v; - for(i = 0; i < data->length; i++) { - if(sscanf(ptr + 2 * i, "%02x", &v) != 1) - return -1; - ((unsigned char*)data->data)[i] = v; - } - return 2 * i; -} - -static char * -nexttoken(char **p) -{ - char *q; - do { - q = strsep(p, " \t"); - } while(q && *q == '\0'); - return q; -} - -static size_t -getdata(char **p, unsigned char *buf, size_t len) -{ - size_t i; - int v; - char *q = nexttoken(p); - i = 0; - while(*q && i < len) { - if(sscanf(q, "%02x", &v) != 1) - break; - buf[i++] = v; - q += 2; - } - return i; -} - -static int -getint(char **p) -{ - int val; - char *q = nexttoken(p); - sscanf(q, "%d", &val); - return val; -} - -#include - -static void -attr_to_flags(unsigned attr, HDBFlags *flags) -{ - flags->postdate = !(attr & KRB5_KDB_DISALLOW_POSTDATED); - flags->forwardable = !(attr & KRB5_KDB_DISALLOW_FORWARDABLE); - flags->initial = !!(attr & KRB5_KDB_DISALLOW_TGT_BASED); - flags->renewable = !(attr & KRB5_KDB_DISALLOW_RENEWABLE); - flags->proxiable = !(attr & KRB5_KDB_DISALLOW_PROXIABLE); - /* DUP_SKEY */ - flags->invalid = !!(attr & KRB5_KDB_DISALLOW_ALL_TIX); - flags->require_preauth = !!(attr & KRB5_KDB_REQUIRES_PRE_AUTH); - /* HW_AUTH */ - flags->server = !(attr & KRB5_KDB_DISALLOW_SVR); - flags->change_pw = !!(attr & KRB5_KDB_PWCHANGE_SERVICE); - flags->client = 1; /* XXX */ -} - -#define KRB5_KDB_SALTTYPE_NORMAL 0 -#define KRB5_KDB_SALTTYPE_V4 1 -#define KRB5_KDB_SALTTYPE_NOREALM 2 -#define KRB5_KDB_SALTTYPE_ONLYREALM 3 -#define KRB5_KDB_SALTTYPE_SPECIAL 4 -#define KRB5_KDB_SALTTYPE_AFS3 5 - -static krb5_error_code -fix_salt(krb5_context context, hdb_entry *ent, int key_num) -{ - krb5_error_code ret; - Salt *salt = ent->keys.val[key_num].salt; - /* fix salt type */ - switch((int)salt->type) { - case KRB5_KDB_SALTTYPE_NORMAL: - salt->type = KRB5_PADATA_PW_SALT; - break; - case KRB5_KDB_SALTTYPE_V4: - krb5_data_free(&salt->salt); - salt->type = KRB5_PADATA_PW_SALT; - break; - case KRB5_KDB_SALTTYPE_NOREALM: - { - size_t len; - int i; - char *p; - - len = 0; - for (i = 0; i < ent->principal->name.name_string.len; ++i) - len += strlen(ent->principal->name.name_string.val[i]); - ret = krb5_data_alloc (&salt->salt, len); - if (ret) - return ret; - p = salt->salt.data; - for (i = 0; i < ent->principal->name.name_string.len; ++i) { - memcpy (p, - ent->principal->name.name_string.val[i], - strlen(ent->principal->name.name_string.val[i])); - p += strlen(ent->principal->name.name_string.val[i]); - } - - salt->type = KRB5_PADATA_PW_SALT; - break; - } - case KRB5_KDB_SALTTYPE_ONLYREALM: - krb5_data_free(&salt->salt); - ret = krb5_data_copy(&salt->salt, - ent->principal->realm, - strlen(ent->principal->realm)); - if(ret) - return ret; - salt->type = KRB5_PADATA_PW_SALT; - break; - case KRB5_KDB_SALTTYPE_SPECIAL: - salt->type = KRB5_PADATA_PW_SALT; - break; - case KRB5_KDB_SALTTYPE_AFS3: - krb5_data_free(&salt->salt); - ret = krb5_data_copy(&salt->salt, - ent->principal->realm, - strlen(ent->principal->realm)); - if(ret) - return ret; - salt->type = KRB5_PADATA_AFS3_SALT; - break; - default: - abort(); - } - return 0; -} - -int -mit_prop_dump(void *arg, const char *file) -{ - krb5_error_code ret; - char line [2048]; - FILE *f; - int lineno = 0; - struct hdb_entry_ex ent; - - struct prop_data *pd = arg; - - f = fopen(file, "r"); - if(f == NULL) - return errno; - - while(fgets(line, sizeof(line), f)) { - char *p = line, *q; - - int i; - - int num_tl_data; - int num_key_data; - int extra_data_length; - int attributes; - - int tmp; - - lineno++; - - memset(&ent, 0, sizeof(ent)); - - q = nexttoken(&p); - if(strcmp(q, "kdb5_util") == 0) { - int major; - q = nexttoken(&p); /* load_dump */ - if(strcmp(q, "load_dump")) - errx(1, "line %d: unknown version", lineno); - q = nexttoken(&p); /* load_dump */ - if(strcmp(q, "version")) - errx(1, "line %d: unknown version", lineno); - q = nexttoken(&p); /* x.0 */ - if(sscanf(q, "%d", &major) != 1) - errx(1, "line %d: unknown version", lineno); - if(major != 4) - errx(1, "unknown dump file format, got %d, expected 4", major); - continue; - } else if(strcmp(q, "princ") != 0) { - warnx("line %d: not a principal", lineno); - continue; - } - tmp = getint(&p); - if(tmp != 38) { - warnx("line %d: bad base length %d != 38", lineno, tmp); - continue; - } - q = nexttoken(&p); /* length of principal */ - num_tl_data = getint(&p); /* number of tl-data */ - num_key_data = getint(&p); /* number of key-data */ - extra_data_length = getint(&p); /* length of extra data */ - q = nexttoken(&p); /* principal name */ - krb5_parse_name(pd->context, q, &ent.entry.principal); - attributes = getint(&p); /* attributes */ - attr_to_flags(attributes, &ent.entry.flags); - tmp = getint(&p); /* max life */ - if(tmp != 0) { - ALLOC(ent.entry.max_life); - *ent.entry.max_life = tmp; - } - tmp = getint(&p); /* max renewable life */ - if(tmp != 0) { - ALLOC(ent.entry.max_renew); - *ent.entry.max_renew = tmp; - } - tmp = getint(&p); /* expiration */ - if(tmp != 0 && tmp != 2145830400) { - ALLOC(ent.entry.valid_end); - *ent.entry.valid_end = tmp; - } - tmp = getint(&p); /* pw expiration */ - if(tmp != 0) { - ALLOC(ent.entry.pw_end); - *ent.entry.pw_end = tmp; - } - q = nexttoken(&p); /* last auth */ - q = nexttoken(&p); /* last failed auth */ - q = nexttoken(&p); /* fail auth count */ - for(i = 0; i < num_tl_data; i++) { - unsigned long val; - int tl_type, tl_length; - unsigned char *buf; - krb5_principal princ; - - tl_type = getint(&p); /* data type */ - tl_length = getint(&p); /* data length */ - -#define mit_KRB5_TL_LAST_PWD_CHANGE 1 -#define mit_KRB5_TL_MOD_PRINC 2 - switch(tl_type) { - case mit_KRB5_TL_MOD_PRINC: - buf = malloc(tl_length); - if (buf == NULL) - errx(ENOMEM, "malloc"); - getdata(&p, buf, tl_length); /* data itself */ - val = buf[0] | (buf[1] << 8) | (buf[2] << 16) | (buf[3] << 24); - ret = krb5_parse_name(pd->context, (char *)buf + 4, &princ); - free(buf); - ALLOC(ent.entry.modified_by); - ent.entry.modified_by->time = val; - ent.entry.modified_by->principal = princ; - break; - default: - nexttoken(&p); - break; - } - } - ALLOC_SEQ(&ent.entry.keys, num_key_data); - for(i = 0; i < num_key_data; i++) { - int key_versions; - key_versions = getint(&p); /* key data version */ - ent.entry.kvno = getint(&p); /* XXX kvno */ - - ALLOC(ent.entry.keys.val[i].mkvno); - *ent.entry.keys.val[i].mkvno = 0; - - /* key version 0 -- actual key */ - ent.entry.keys.val[i].key.keytype = getint(&p); /* key type */ - tmp = getint(&p); /* key length */ - /* the first two bytes of the key is the key length -- - skip it */ - krb5_data_alloc(&ent.entry.keys.val[i].key.keyvalue, tmp - 2); - q = nexttoken(&p); /* key itself */ - hex_to_octet_string(q + 4, &ent.entry.keys.val[i].key.keyvalue); - - if(key_versions > 1) { - /* key version 1 -- optional salt */ - ALLOC(ent.entry.keys.val[i].salt); - ent.entry.keys.val[i].salt->type = getint(&p); /* salt type */ - tmp = getint(&p); /* salt length */ - if(tmp > 0) { - krb5_data_alloc(&ent.entry.keys.val[i].salt->salt, tmp - 2); - q = nexttoken(&p); /* salt itself */ - hex_to_octet_string(q + 4, - &ent.entry.keys.val[i].salt->salt); - } else { - ent.entry.keys.val[i].salt->salt.length = 0; - ent.entry.keys.val[i].salt->salt.data = NULL; - tmp = getint(&p); /* -1, if no data. */ - } - fix_salt(pd->context, &ent.entry, i); - } - } - q = nexttoken(&p); /* extra data */ - v5_prop(pd->context, NULL, &ent, arg); - } - fclose(f); - return 0; -} diff --git a/crypto/heimdal/kdc/pkinit.c b/crypto/heimdal/kdc/pkinit.c deleted file mode 100644 index bf248af588fc..000000000000 --- a/crypto/heimdal/kdc/pkinit.c +++ /dev/null @@ -1,1673 +0,0 @@ -/* - * Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" - -RCSID("$Id: pkinit.c 22243 2007-12-08 23:39:30Z lha $"); - -#ifdef PKINIT - -#include -#include -#include -#include - -#include -#include "crypto-headers.h" - -/* XXX copied from lib/krb5/pkinit.c */ -struct krb5_pk_identity { - hx509_context hx509ctx; - hx509_verify_ctx verify_ctx; - hx509_certs certs; - hx509_certs anchors; - hx509_certs certpool; - hx509_revoke_ctx revoke; -}; - -enum pkinit_type { - PKINIT_COMPAT_WIN2K = 1, - PKINIT_COMPAT_27 = 3 -}; - -struct pk_client_params { - enum pkinit_type type; - BIGNUM *dh_public_key; - hx509_cert cert; - unsigned nonce; - DH *dh; - EncryptionKey reply_key; - char *dh_group_name; - hx509_peer_info peer; - hx509_certs client_anchors; -}; - -struct pk_principal_mapping { - unsigned int len; - struct pk_allowed_princ { - krb5_principal principal; - char *subject; - } *val; -}; - -static struct krb5_pk_identity *kdc_identity; -static struct pk_principal_mapping principal_mappings; -static struct krb5_dh_moduli **moduli; - -static struct { - krb5_data data; - time_t expire; - time_t next_update; -} ocsp; - -/* - * - */ - -static krb5_error_code -pk_check_pkauthenticator_win2k(krb5_context context, - PKAuthenticator_Win2k *a, - const KDC_REQ *req) -{ - krb5_timestamp now; - - krb5_timeofday (context, &now); - - /* XXX cusec */ - if (a->ctime == 0 || abs(a->ctime - now) > context->max_skew) { - krb5_clear_error_string(context); - return KRB5KRB_AP_ERR_SKEW; - } - return 0; -} - -static krb5_error_code -pk_check_pkauthenticator(krb5_context context, - PKAuthenticator *a, - const KDC_REQ *req) -{ - u_char *buf = NULL; - size_t buf_size; - krb5_error_code ret; - size_t len; - krb5_timestamp now; - Checksum checksum; - - krb5_timeofday (context, &now); - - /* XXX cusec */ - if (a->ctime == 0 || abs(a->ctime - now) > context->max_skew) { - krb5_clear_error_string(context); - return KRB5KRB_AP_ERR_SKEW; - } - - ASN1_MALLOC_ENCODE(KDC_REQ_BODY, buf, buf_size, &req->req_body, &len, ret); - if (ret) { - krb5_clear_error_string(context); - return ret; - } - if (buf_size != len) - krb5_abortx(context, "Internal error in ASN.1 encoder"); - - ret = krb5_create_checksum(context, - NULL, - 0, - CKSUMTYPE_SHA1, - buf, - len, - &checksum); - free(buf); - if (ret) { - krb5_clear_error_string(context); - return ret; - } - - if (a->paChecksum == NULL) { - krb5_clear_error_string(context); - ret = KRB5_KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED; - goto out; - } - - if (der_heim_octet_string_cmp(a->paChecksum, &checksum.checksum) != 0) { - krb5_clear_error_string(context); - ret = KRB5KRB_ERR_GENERIC; - } - -out: - free_Checksum(&checksum); - - return ret; -} - -void -_kdc_pk_free_client_param(krb5_context context, - pk_client_params *client_params) -{ - if (client_params->cert) - hx509_cert_free(client_params->cert); - if (client_params->dh) - DH_free(client_params->dh); - if (client_params->dh_public_key) - BN_free(client_params->dh_public_key); - krb5_free_keyblock_contents(context, &client_params->reply_key); - if (client_params->dh_group_name) - free(client_params->dh_group_name); - if (client_params->peer) - hx509_peer_info_free(client_params->peer); - if (client_params->client_anchors) - hx509_certs_free(&client_params->client_anchors); - memset(client_params, 0, sizeof(*client_params)); - free(client_params); -} - -static krb5_error_code -generate_dh_keyblock(krb5_context context, pk_client_params *client_params, - krb5_enctype enctype, krb5_keyblock *reply_key) -{ - unsigned char *dh_gen_key = NULL; - krb5_keyblock key; - krb5_error_code ret; - size_t dh_gen_keylen, size; - - memset(&key, 0, sizeof(key)); - - if (!DH_generate_key(client_params->dh)) { - krb5_set_error_string(context, "Can't generate Diffie-Hellman keys"); - ret = KRB5KRB_ERR_GENERIC; - goto out; - } - if (client_params->dh_public_key == NULL) { - krb5_set_error_string(context, "dh_public_key"); - ret = KRB5KRB_ERR_GENERIC; - goto out; - } - - dh_gen_keylen = DH_size(client_params->dh); - size = BN_num_bytes(client_params->dh->p); - if (size < dh_gen_keylen) - size = dh_gen_keylen; - - dh_gen_key = malloc(size); - if (dh_gen_key == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - memset(dh_gen_key, 0, size - dh_gen_keylen); - - dh_gen_keylen = DH_compute_key(dh_gen_key + (size - dh_gen_keylen), - client_params->dh_public_key, - client_params->dh); - if (dh_gen_keylen == -1) { - krb5_set_error_string(context, "Can't compute Diffie-Hellman key"); - ret = KRB5KRB_ERR_GENERIC; - goto out; - } - - ret = _krb5_pk_octetstring2key(context, - enctype, - dh_gen_key, dh_gen_keylen, - NULL, NULL, - reply_key); - - out: - if (dh_gen_key) - free(dh_gen_key); - if (key.keyvalue.data) - krb5_free_keyblock_contents(context, &key); - - return ret; -} - -static BIGNUM * -integer_to_BN(krb5_context context, const char *field, heim_integer *f) -{ - BIGNUM *bn; - - bn = BN_bin2bn((const unsigned char *)f->data, f->length, NULL); - if (bn == NULL) { - krb5_set_error_string(context, "PKINIT: parsing BN failed %s", field); - return NULL; - } - BN_set_negative(bn, f->negative); - return bn; -} - -static krb5_error_code -get_dh_param(krb5_context context, - krb5_kdc_configuration *config, - SubjectPublicKeyInfo *dh_key_info, - pk_client_params *client_params) -{ - DomainParameters dhparam; - DH *dh = NULL; - krb5_error_code ret; - - memset(&dhparam, 0, sizeof(dhparam)); - - if (der_heim_oid_cmp(&dh_key_info->algorithm.algorithm, oid_id_dhpublicnumber())) { - krb5_set_error_string(context, - "PKINIT invalid oid in clientPublicValue"); - return KRB5_BADMSGTYPE; - } - - if (dh_key_info->algorithm.parameters == NULL) { - krb5_set_error_string(context, "PKINIT missing algorithm parameter " - "in clientPublicValue"); - return KRB5_BADMSGTYPE; - } - - ret = decode_DomainParameters(dh_key_info->algorithm.parameters->data, - dh_key_info->algorithm.parameters->length, - &dhparam, - NULL); - if (ret) { - krb5_set_error_string(context, "Can't decode algorithm " - "parameters in clientPublicValue"); - goto out; - } - - if ((dh_key_info->subjectPublicKey.length % 8) != 0) { - ret = KRB5_BADMSGTYPE; - krb5_set_error_string(context, "PKINIT: subjectPublicKey not aligned " - "to 8 bit boundary"); - goto out; - } - - - ret = _krb5_dh_group_ok(context, config->pkinit_dh_min_bits, - &dhparam.p, &dhparam.g, &dhparam.q, moduli, - &client_params->dh_group_name); - if (ret) { - /* XXX send back proposal of better group */ - goto out; - } - - dh = DH_new(); - if (dh == NULL) { - krb5_set_error_string(context, "Cannot create DH structure"); - ret = ENOMEM; - goto out; - } - ret = KRB5_BADMSGTYPE; - dh->p = integer_to_BN(context, "DH prime", &dhparam.p); - if (dh->p == NULL) - goto out; - dh->g = integer_to_BN(context, "DH base", &dhparam.g); - if (dh->g == NULL) - goto out; - dh->q = integer_to_BN(context, "DH p-1 factor", &dhparam.q); - if (dh->g == NULL) - goto out; - - { - heim_integer glue; - size_t size; - - ret = decode_DHPublicKey(dh_key_info->subjectPublicKey.data, - dh_key_info->subjectPublicKey.length / 8, - &glue, - &size); - if (ret) { - krb5_clear_error_string(context); - return ret; - } - - client_params->dh_public_key = integer_to_BN(context, - "subjectPublicKey", - &glue); - der_free_heim_integer(&glue); - if (client_params->dh_public_key == NULL) - goto out; - } - - client_params->dh = dh; - dh = NULL; - ret = 0; - - out: - if (dh) - DH_free(dh); - free_DomainParameters(&dhparam); - return ret; -} - -krb5_error_code -_kdc_pk_rd_padata(krb5_context context, - krb5_kdc_configuration *config, - const KDC_REQ *req, - const PA_DATA *pa, - pk_client_params **ret_params) -{ - pk_client_params *client_params; - krb5_error_code ret; - heim_oid eContentType = { 0, NULL }, contentInfoOid = { 0, NULL }; - krb5_data eContent = { 0, NULL }; - krb5_data signed_content = { 0, NULL }; - const char *type = "unknown type"; - int have_data = 0; - - *ret_params = NULL; - - if (!config->enable_pkinit) { - kdc_log(context, config, 0, "PK-INIT request but PK-INIT not enabled"); - krb5_clear_error_string(context); - return 0; - } - - hx509_verify_set_time(kdc_identity->verify_ctx, _kdc_now.tv_sec); - - client_params = calloc(1, sizeof(*client_params)); - if (client_params == NULL) { - krb5_clear_error_string(context); - ret = ENOMEM; - goto out; - } - - if (pa->padata_type == KRB5_PADATA_PK_AS_REQ_WIN) { - PA_PK_AS_REQ_Win2k r; - - type = "PK-INIT-Win2k"; - - ret = decode_PA_PK_AS_REQ_Win2k(pa->padata_value.data, - pa->padata_value.length, - &r, - NULL); - if (ret) { - krb5_set_error_string(context, "Can't decode " - "PK-AS-REQ-Win2k: %d", ret); - goto out; - } - - ret = hx509_cms_unwrap_ContentInfo(&r.signed_auth_pack, - &contentInfoOid, - &signed_content, - &have_data); - free_PA_PK_AS_REQ_Win2k(&r); - if (ret) { - krb5_set_error_string(context, "Can't decode PK-AS-REQ: %d", ret); - goto out; - } - - } else if (pa->padata_type == KRB5_PADATA_PK_AS_REQ) { - PA_PK_AS_REQ r; - - type = "PK-INIT-IETF"; - - ret = decode_PA_PK_AS_REQ(pa->padata_value.data, - pa->padata_value.length, - &r, - NULL); - if (ret) { - krb5_set_error_string(context, "Can't decode PK-AS-REQ: %d", ret); - goto out; - } - - /* XXX look at r.kdcPkId */ - if (r.trustedCertifiers) { - ExternalPrincipalIdentifiers *edi = r.trustedCertifiers; - unsigned int i; - - ret = hx509_certs_init(kdc_identity->hx509ctx, - "MEMORY:client-anchors", - 0, NULL, - &client_params->client_anchors); - if (ret) { - krb5_set_error_string(context, "Can't allocate client anchors: %d", ret); - goto out; - - } - for (i = 0; i < edi->len; i++) { - IssuerAndSerialNumber iasn; - hx509_query *q; - hx509_cert cert; - size_t size; - - if (edi->val[i].issuerAndSerialNumber == NULL) - continue; - - ret = hx509_query_alloc(kdc_identity->hx509ctx, &q); - if (ret) { - krb5_set_error_string(context, - "Failed to allocate hx509_query"); - goto out; - } - - ret = decode_IssuerAndSerialNumber(edi->val[i].issuerAndSerialNumber->data, - edi->val[i].issuerAndSerialNumber->length, - &iasn, - &size); - if (ret) { - hx509_query_free(kdc_identity->hx509ctx, q); - continue; - } - ret = hx509_query_match_issuer_serial(q, &iasn.issuer, &iasn.serialNumber); - free_IssuerAndSerialNumber(&iasn); - if (ret) - continue; - - ret = hx509_certs_find(kdc_identity->hx509ctx, - kdc_identity->certs, - q, - &cert); - hx509_query_free(kdc_identity->hx509ctx, q); - if (ret) - continue; - hx509_certs_add(kdc_identity->hx509ctx, - client_params->client_anchors, cert); - hx509_cert_free(cert); - } - } - - ret = hx509_cms_unwrap_ContentInfo(&r.signedAuthPack, - &contentInfoOid, - &signed_content, - &have_data); - free_PA_PK_AS_REQ(&r); - if (ret) { - krb5_set_error_string(context, "Can't unwrap ContentInfo: %d", ret); - goto out; - } - - } else { - krb5_clear_error_string(context); - ret = KRB5KDC_ERR_PADATA_TYPE_NOSUPP; - goto out; - } - - ret = der_heim_oid_cmp(&contentInfoOid, oid_id_pkcs7_signedData()); - if (ret != 0) { - krb5_set_error_string(context, "PK-AS-REQ-Win2k invalid content " - "type oid"); - ret = KRB5KRB_ERR_GENERIC; - goto out; - } - - if (!have_data) { - krb5_set_error_string(context, - "PK-AS-REQ-Win2k no signed auth pack"); - ret = KRB5KRB_ERR_GENERIC; - goto out; - } - - { - hx509_certs signer_certs; - - ret = hx509_cms_verify_signed(kdc_identity->hx509ctx, - kdc_identity->verify_ctx, - signed_content.data, - signed_content.length, - NULL, - kdc_identity->certpool, - &eContentType, - &eContent, - &signer_certs); - if (ret) { - char *s = hx509_get_error_string(kdc_identity->hx509ctx, ret); - krb5_warnx(context, "PKINIT: failed to verify signature: %s: %d", - s, ret); - free(s); - goto out; - } - - ret = hx509_get_one_cert(kdc_identity->hx509ctx, signer_certs, - &client_params->cert); - hx509_certs_free(&signer_certs); - if (ret) - goto out; - } - - /* Signature is correct, now verify the signed message */ - if (der_heim_oid_cmp(&eContentType, oid_id_pkcs7_data()) != 0 && - der_heim_oid_cmp(&eContentType, oid_id_pkauthdata()) != 0) - { - krb5_set_error_string(context, "got wrong oid for pkauthdata"); - ret = KRB5_BADMSGTYPE; - goto out; - } - - if (pa->padata_type == KRB5_PADATA_PK_AS_REQ_WIN) { - AuthPack_Win2k ap; - - ret = decode_AuthPack_Win2k(eContent.data, - eContent.length, - &ap, - NULL); - if (ret) { - krb5_set_error_string(context, "can't decode AuthPack: %d", ret); - goto out; - } - - ret = pk_check_pkauthenticator_win2k(context, - &ap.pkAuthenticator, - req); - if (ret) { - free_AuthPack_Win2k(&ap); - goto out; - } - - client_params->type = PKINIT_COMPAT_WIN2K; - client_params->nonce = ap.pkAuthenticator.nonce; - - if (ap.clientPublicValue) { - krb5_set_error_string(context, "DH not supported for windows"); - ret = KRB5KRB_ERR_GENERIC; - goto out; - } - free_AuthPack_Win2k(&ap); - - } else if (pa->padata_type == KRB5_PADATA_PK_AS_REQ) { - AuthPack ap; - - ret = decode_AuthPack(eContent.data, - eContent.length, - &ap, - NULL); - if (ret) { - krb5_set_error_string(context, "can't decode AuthPack: %d", ret); - free_AuthPack(&ap); - goto out; - } - - ret = pk_check_pkauthenticator(context, - &ap.pkAuthenticator, - req); - if (ret) { - free_AuthPack(&ap); - goto out; - } - - client_params->type = PKINIT_COMPAT_27; - client_params->nonce = ap.pkAuthenticator.nonce; - - if (ap.clientPublicValue) { - ret = get_dh_param(context, config, - ap.clientPublicValue, client_params); - if (ret) { - free_AuthPack(&ap); - goto out; - } - } - - if (ap.supportedCMSTypes) { - ret = hx509_peer_info_alloc(kdc_identity->hx509ctx, - &client_params->peer); - if (ret) { - free_AuthPack(&ap); - goto out; - } - ret = hx509_peer_info_set_cms_algs(kdc_identity->hx509ctx, - client_params->peer, - ap.supportedCMSTypes->val, - ap.supportedCMSTypes->len); - if (ret) { - free_AuthPack(&ap); - goto out; - } - } - free_AuthPack(&ap); - } else - krb5_abortx(context, "internal pkinit error"); - - kdc_log(context, config, 0, "PK-INIT request of type %s", type); - -out: - if (ret) - krb5_warn(context, ret, "PKINIT"); - - if (signed_content.data) - free(signed_content.data); - krb5_data_free(&eContent); - der_free_oid(&eContentType); - der_free_oid(&contentInfoOid); - if (ret) - _kdc_pk_free_client_param(context, client_params); - else - *ret_params = client_params; - return ret; -} - -/* - * - */ - -static krb5_error_code -BN_to_integer(krb5_context context, BIGNUM *bn, heim_integer *integer) -{ - integer->length = BN_num_bytes(bn); - integer->data = malloc(integer->length); - if (integer->data == NULL) { - krb5_clear_error_string(context); - return ENOMEM; - } - BN_bn2bin(bn, integer->data); - integer->negative = BN_is_negative(bn); - return 0; -} - -static krb5_error_code -pk_mk_pa_reply_enckey(krb5_context context, - krb5_kdc_configuration *config, - pk_client_params *client_params, - const KDC_REQ *req, - const krb5_data *req_buffer, - krb5_keyblock *reply_key, - ContentInfo *content_info) -{ - const heim_oid *envelopedAlg = NULL, *sdAlg = NULL; - krb5_error_code ret; - krb5_data buf, signed_data; - size_t size; - int do_win2k = 0; - - krb5_data_zero(&buf); - krb5_data_zero(&signed_data); - - /* - * If the message client is a win2k-type but it send pa data - * 09-binding it expects a IETF (checksum) reply so there can be - * no replay attacks. - */ - - switch (client_params->type) { - case PKINIT_COMPAT_WIN2K: { - int i = 0; - if (_kdc_find_padata(req, &i, KRB5_PADATA_PK_AS_09_BINDING) == NULL - && config->pkinit_require_binding == 0) - { - do_win2k = 1; - } - break; - } - case PKINIT_COMPAT_27: - break; - default: - krb5_abortx(context, "internal pkinit error"); - } - - if (do_win2k) { - ReplyKeyPack_Win2k kp; - memset(&kp, 0, sizeof(kp)); - - envelopedAlg = oid_id_rsadsi_des_ede3_cbc(); - sdAlg = oid_id_pkcs7_data(); - - ret = copy_EncryptionKey(reply_key, &kp.replyKey); - if (ret) { - krb5_clear_error_string(context); - goto out; - } - kp.nonce = client_params->nonce; - - ASN1_MALLOC_ENCODE(ReplyKeyPack_Win2k, - buf.data, buf.length, - &kp, &size,ret); - free_ReplyKeyPack_Win2k(&kp); - } else { - krb5_crypto ascrypto; - ReplyKeyPack kp; - memset(&kp, 0, sizeof(kp)); - - sdAlg = oid_id_pkrkeydata(); - - ret = copy_EncryptionKey(reply_key, &kp.replyKey); - if (ret) { - krb5_clear_error_string(context); - goto out; - } - - ret = krb5_crypto_init(context, reply_key, 0, &ascrypto); - if (ret) { - krb5_clear_error_string(context); - goto out; - } - - ret = krb5_create_checksum(context, ascrypto, 6, 0, - req_buffer->data, req_buffer->length, - &kp.asChecksum); - if (ret) { - krb5_clear_error_string(context); - goto out; - } - - ret = krb5_crypto_destroy(context, ascrypto); - if (ret) { - krb5_clear_error_string(context); - goto out; - } - ASN1_MALLOC_ENCODE(ReplyKeyPack, buf.data, buf.length, &kp, &size,ret); - free_ReplyKeyPack(&kp); - } - if (ret) { - krb5_set_error_string(context, "ASN.1 encoding of ReplyKeyPack " - "failed (%d)", ret); - goto out; - } - if (buf.length != size) - krb5_abortx(context, "Internal ASN.1 encoder error"); - - { - hx509_query *q; - hx509_cert cert; - - ret = hx509_query_alloc(kdc_identity->hx509ctx, &q); - if (ret) - goto out; - - hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); - hx509_query_match_option(q, HX509_QUERY_OPTION_KU_DIGITALSIGNATURE); - - ret = hx509_certs_find(kdc_identity->hx509ctx, - kdc_identity->certs, - q, - &cert); - hx509_query_free(kdc_identity->hx509ctx, q); - if (ret) - goto out; - - ret = hx509_cms_create_signed_1(kdc_identity->hx509ctx, - 0, - sdAlg, - buf.data, - buf.length, - NULL, - cert, - client_params->peer, - client_params->client_anchors, - kdc_identity->certpool, - &signed_data); - hx509_cert_free(cert); - } - - krb5_data_free(&buf); - if (ret) - goto out; - - if (client_params->type == PKINIT_COMPAT_WIN2K) { - ret = hx509_cms_wrap_ContentInfo(oid_id_pkcs7_signedData(), - &signed_data, - &buf); - if (ret) - goto out; - krb5_data_free(&signed_data); - signed_data = buf; - } - - ret = hx509_cms_envelope_1(kdc_identity->hx509ctx, - 0, - client_params->cert, - signed_data.data, signed_data.length, - envelopedAlg, - oid_id_pkcs7_signedData(), &buf); - if (ret) - goto out; - - ret = _krb5_pk_mk_ContentInfo(context, - &buf, - oid_id_pkcs7_envelopedData(), - content_info); -out: - krb5_data_free(&buf); - krb5_data_free(&signed_data); - return ret; -} - -/* - * - */ - -static krb5_error_code -pk_mk_pa_reply_dh(krb5_context context, - DH *kdc_dh, - pk_client_params *client_params, - krb5_keyblock *reply_key, - ContentInfo *content_info, - hx509_cert *kdc_cert) -{ - KDCDHKeyInfo dh_info; - krb5_data signed_data, buf; - ContentInfo contentinfo; - krb5_error_code ret; - size_t size; - heim_integer i; - - memset(&contentinfo, 0, sizeof(contentinfo)); - memset(&dh_info, 0, sizeof(dh_info)); - krb5_data_zero(&buf); - krb5_data_zero(&signed_data); - - *kdc_cert = NULL; - - ret = BN_to_integer(context, kdc_dh->pub_key, &i); - if (ret) - return ret; - - ASN1_MALLOC_ENCODE(DHPublicKey, buf.data, buf.length, &i, &size, ret); - if (ret) { - krb5_set_error_string(context, "ASN.1 encoding of " - "DHPublicKey failed (%d)", ret); - krb5_clear_error_string(context); - return ret; - } - if (buf.length != size) - krb5_abortx(context, "Internal ASN.1 encoder error"); - - dh_info.subjectPublicKey.length = buf.length * 8; - dh_info.subjectPublicKey.data = buf.data; - - dh_info.nonce = client_params->nonce; - - ASN1_MALLOC_ENCODE(KDCDHKeyInfo, buf.data, buf.length, &dh_info, &size, - ret); - if (ret) { - krb5_set_error_string(context, "ASN.1 encoding of " - "KdcDHKeyInfo failed (%d)", ret); - goto out; - } - if (buf.length != size) - krb5_abortx(context, "Internal ASN.1 encoder error"); - - /* - * Create the SignedData structure and sign the KdcDHKeyInfo - * filled in above - */ - - { - hx509_query *q; - hx509_cert cert; - - ret = hx509_query_alloc(kdc_identity->hx509ctx, &q); - if (ret) - goto out; - - hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); - hx509_query_match_option(q, HX509_QUERY_OPTION_KU_DIGITALSIGNATURE); - - ret = hx509_certs_find(kdc_identity->hx509ctx, - kdc_identity->certs, - q, - &cert); - hx509_query_free(kdc_identity->hx509ctx, q); - if (ret) - goto out; - - ret = hx509_cms_create_signed_1(kdc_identity->hx509ctx, - 0, - oid_id_pkdhkeydata(), - buf.data, - buf.length, - NULL, - cert, - client_params->peer, - client_params->client_anchors, - kdc_identity->certpool, - &signed_data); - *kdc_cert = cert; - } - if (ret) - goto out; - - ret = _krb5_pk_mk_ContentInfo(context, - &signed_data, - oid_id_pkcs7_signedData(), - content_info); - if (ret) - goto out; - - out: - if (ret && *kdc_cert) { - hx509_cert_free(*kdc_cert); - *kdc_cert = NULL; - } - - krb5_data_free(&buf); - krb5_data_free(&signed_data); - free_KDCDHKeyInfo(&dh_info); - - return ret; -} - -/* - * - */ - -krb5_error_code -_kdc_pk_mk_pa_reply(krb5_context context, - krb5_kdc_configuration *config, - pk_client_params *client_params, - const hdb_entry_ex *client, - const KDC_REQ *req, - const krb5_data *req_buffer, - krb5_keyblock **reply_key, - METHOD_DATA *md) -{ - krb5_error_code ret; - void *buf; - size_t len, size; - krb5_enctype enctype; - int pa_type; - hx509_cert kdc_cert = NULL; - int i; - - if (!config->enable_pkinit) { - krb5_clear_error_string(context); - return 0; - } - - if (req->req_body.etype.len > 0) { - for (i = 0; i < req->req_body.etype.len; i++) - if (krb5_enctype_valid(context, req->req_body.etype.val[i]) == 0) - break; - if (req->req_body.etype.len <= i) { - ret = KRB5KRB_ERR_GENERIC; - krb5_set_error_string(context, - "No valid enctype available from client"); - goto out; - } - enctype = req->req_body.etype.val[i]; - } else - enctype = ETYPE_DES3_CBC_SHA1; - - if (client_params->type == PKINIT_COMPAT_27) { - PA_PK_AS_REP rep; - const char *type, *other = ""; - - memset(&rep, 0, sizeof(rep)); - - pa_type = KRB5_PADATA_PK_AS_REP; - - if (client_params->dh == NULL) { - ContentInfo info; - - type = "enckey"; - - rep.element = choice_PA_PK_AS_REP_encKeyPack; - - ret = krb5_generate_random_keyblock(context, enctype, - &client_params->reply_key); - if (ret) { - free_PA_PK_AS_REP(&rep); - goto out; - } - ret = pk_mk_pa_reply_enckey(context, - config, - client_params, - req, - req_buffer, - &client_params->reply_key, - &info); - if (ret) { - free_PA_PK_AS_REP(&rep); - goto out; - } - ASN1_MALLOC_ENCODE(ContentInfo, rep.u.encKeyPack.data, - rep.u.encKeyPack.length, &info, &size, - ret); - free_ContentInfo(&info); - if (ret) { - krb5_set_error_string(context, "encoding of Key ContentInfo " - "failed %d", ret); - free_PA_PK_AS_REP(&rep); - goto out; - } - if (rep.u.encKeyPack.length != size) - krb5_abortx(context, "Internal ASN.1 encoder error"); - - } else { - ContentInfo info; - - type = "dh"; - if (client_params->dh_group_name) - other = client_params->dh_group_name; - - rep.element = choice_PA_PK_AS_REP_dhInfo; - - ret = generate_dh_keyblock(context, client_params, enctype, - &client_params->reply_key); - if (ret) - return ret; - - ret = pk_mk_pa_reply_dh(context, client_params->dh, - client_params, - &client_params->reply_key, - &info, - &kdc_cert); - - ASN1_MALLOC_ENCODE(ContentInfo, rep.u.dhInfo.dhSignedData.data, - rep.u.dhInfo.dhSignedData.length, &info, &size, - ret); - free_ContentInfo(&info); - if (ret) { - krb5_set_error_string(context, "encoding of Key ContentInfo " - "failed %d", ret); - free_PA_PK_AS_REP(&rep); - goto out; - } - if (rep.u.encKeyPack.length != size) - krb5_abortx(context, "Internal ASN.1 encoder error"); - - } - if (ret) { - free_PA_PK_AS_REP(&rep); - goto out; - } - - ASN1_MALLOC_ENCODE(PA_PK_AS_REP, buf, len, &rep, &size, ret); - free_PA_PK_AS_REP(&rep); - if (ret) { - krb5_set_error_string(context, "encode PA-PK-AS-REP failed %d", - ret); - goto out; - } - if (len != size) - krb5_abortx(context, "Internal ASN.1 encoder error"); - - kdc_log(context, config, 0, "PK-INIT using %s %s", type, other); - - } else if (client_params->type == PKINIT_COMPAT_WIN2K) { - PA_PK_AS_REP_Win2k rep; - ContentInfo info; - - if (client_params->dh) { - krb5_set_error_string(context, "Windows PK-INIT doesn't support DH"); - ret = KRB5KRB_ERR_GENERIC; - goto out; - } - - memset(&rep, 0, sizeof(rep)); - - pa_type = KRB5_PADATA_PK_AS_REP_19; - rep.element = choice_PA_PK_AS_REP_encKeyPack; - - ret = krb5_generate_random_keyblock(context, enctype, - &client_params->reply_key); - if (ret) { - free_PA_PK_AS_REP_Win2k(&rep); - goto out; - } - ret = pk_mk_pa_reply_enckey(context, - config, - client_params, - req, - req_buffer, - &client_params->reply_key, - &info); - if (ret) { - free_PA_PK_AS_REP_Win2k(&rep); - goto out; - } - ASN1_MALLOC_ENCODE(ContentInfo, rep.u.encKeyPack.data, - rep.u.encKeyPack.length, &info, &size, - ret); - free_ContentInfo(&info); - if (ret) { - krb5_set_error_string(context, "encoding of Key ContentInfo " - "failed %d", ret); - free_PA_PK_AS_REP_Win2k(&rep); - goto out; - } - if (rep.u.encKeyPack.length != size) - krb5_abortx(context, "Internal ASN.1 encoder error"); - - ASN1_MALLOC_ENCODE(PA_PK_AS_REP_Win2k, buf, len, &rep, &size, ret); - free_PA_PK_AS_REP_Win2k(&rep); - if (ret) { - krb5_set_error_string(context, - "encode PA-PK-AS-REP-Win2k failed %d", ret); - goto out; - } - if (len != size) - krb5_abortx(context, "Internal ASN.1 encoder error"); - - } else - krb5_abortx(context, "PK-INIT internal error"); - - - ret = krb5_padata_add(context, md, pa_type, buf, len); - if (ret) { - krb5_set_error_string(context, "failed adding PA-PK-AS-REP %d", ret); - free(buf); - goto out; - } - - if (config->pkinit_kdc_ocsp_file) { - - if (ocsp.expire == 0 && ocsp.next_update > kdc_time) { - struct stat sb; - int fd; - - krb5_data_free(&ocsp.data); - - ocsp.expire = 0; - ocsp.next_update = kdc_time + 60 * 5; - - fd = open(config->pkinit_kdc_ocsp_file, O_RDONLY); - if (fd < 0) { - kdc_log(context, config, 0, - "PK-INIT failed to open ocsp data file %d", errno); - goto out_ocsp; - } - ret = fstat(fd, &sb); - if (ret) { - ret = errno; - close(fd); - kdc_log(context, config, 0, - "PK-INIT failed to stat ocsp data %d", ret); - goto out_ocsp; - } - - ret = krb5_data_alloc(&ocsp.data, sb.st_size); - if (ret) { - close(fd); - kdc_log(context, config, 0, - "PK-INIT failed to stat ocsp data %d", ret); - goto out_ocsp; - } - ocsp.data.length = sb.st_size; - ret = read(fd, ocsp.data.data, sb.st_size); - close(fd); - if (ret != sb.st_size) { - kdc_log(context, config, 0, - "PK-INIT failed to read ocsp data %d", errno); - goto out_ocsp; - } - - ret = hx509_ocsp_verify(kdc_identity->hx509ctx, - kdc_time, - kdc_cert, - 0, - ocsp.data.data, ocsp.data.length, - &ocsp.expire); - if (ret) { - kdc_log(context, config, 0, - "PK-INIT failed to verify ocsp data %d", ret); - krb5_data_free(&ocsp.data); - ocsp.expire = 0; - } else if (ocsp.expire > 180) { - ocsp.expire -= 180; /* refetch the ocsp before it expire */ - ocsp.next_update = ocsp.expire; - } else { - ocsp.next_update = kdc_time; - } - out_ocsp: - ret = 0; - } - - if (ocsp.expire != 0 && ocsp.expire > kdc_time) { - - ret = krb5_padata_add(context, md, - KRB5_PADATA_PA_PK_OCSP_RESPONSE, - ocsp.data.data, ocsp.data.length); - if (ret) { - krb5_set_error_string(context, - "Failed adding OCSP response %d", ret); - goto out; - } - } - } - -out: - if (kdc_cert) - hx509_cert_free(kdc_cert); - - if (ret == 0) - *reply_key = &client_params->reply_key; - return ret; -} - -static int -match_rfc_san(krb5_context context, - krb5_kdc_configuration *config, - hx509_context hx509ctx, - hx509_cert client_cert, - krb5_const_principal match) -{ - hx509_octet_string_list list; - int ret, i, found = 0; - - memset(&list, 0 , sizeof(list)); - - ret = hx509_cert_find_subjectAltName_otherName(hx509ctx, - client_cert, - oid_id_pkinit_san(), - &list); - if (ret) - goto out; - - for (i = 0; !found && i < list.len; i++) { - krb5_principal_data principal; - KRB5PrincipalName kn; - size_t size; - - ret = decode_KRB5PrincipalName(list.val[i].data, - list.val[i].length, - &kn, &size); - if (ret) { - kdc_log(context, config, 0, - "Decoding kerberos name in certificate failed: %s", - krb5_get_err_text(context, ret)); - break; - } - if (size != list.val[i].length) { - kdc_log(context, config, 0, - "Decoding kerberos name have extra bits on the end"); - return KRB5_KDC_ERR_CLIENT_NAME_MISMATCH; - } - - principal.name = kn.principalName; - principal.realm = kn.realm; - - if (krb5_principal_compare(context, &principal, match) == TRUE) - found = 1; - free_KRB5PrincipalName(&kn); - } - -out: - hx509_free_octet_string_list(&list); - if (ret) - return ret; - - if (!found) - return KRB5_KDC_ERR_CLIENT_NAME_MISMATCH; - - return 0; -} - -static int -match_ms_upn_san(krb5_context context, - krb5_kdc_configuration *config, - hx509_context hx509ctx, - hx509_cert client_cert, - krb5_const_principal match) -{ - hx509_octet_string_list list; - krb5_principal principal = NULL; - int ret, found = 0; - MS_UPN_SAN upn; - size_t size; - - memset(&list, 0 , sizeof(list)); - - ret = hx509_cert_find_subjectAltName_otherName(hx509ctx, - client_cert, - oid_id_pkinit_ms_san(), - &list); - if (ret) - goto out; - - if (list.len != 1) { - kdc_log(context, config, 0, - "More then one PK-INIT MS UPN SAN"); - goto out; - } - - ret = decode_MS_UPN_SAN(list.val[0].data, list.val[0].length, &upn, &size); - if (ret) { - kdc_log(context, config, 0, "Decode of MS-UPN-SAN failed"); - goto out; - } - - kdc_log(context, config, 0, "found MS UPN SAN: %s", upn); - - ret = krb5_parse_name(context, upn, &principal); - free_MS_UPN_SAN(&upn); - if (ret) { - kdc_log(context, config, 0, "Failed to parse principal in MS UPN SAN"); - goto out; - } - - /* - * This is very wrong, but will do for now, should really and a - * plugin to the windc layer to very this ACL. - */ - strupr(principal->realm); - - if (krb5_principal_compare(context, principal, match) == TRUE) - found = 1; - -out: - if (principal) - krb5_free_principal(context, principal); - hx509_free_octet_string_list(&list); - if (ret) - return ret; - - if (!found) - return KRB5_KDC_ERR_CLIENT_NAME_MISMATCH; - - return 0; -} - -krb5_error_code -_kdc_pk_check_client(krb5_context context, - krb5_kdc_configuration *config, - const hdb_entry_ex *client, - pk_client_params *client_params, - char **subject_name) -{ - const HDB_Ext_PKINIT_acl *acl; - krb5_error_code ret; - hx509_name name; - int i; - - ret = hx509_cert_get_base_subject(kdc_identity->hx509ctx, - client_params->cert, - &name); - if (ret) - return ret; - - ret = hx509_name_to_string(name, subject_name); - hx509_name_free(&name); - if (ret) - return ret; - - kdc_log(context, config, 0, - "Trying to authorize PK-INIT subject DN %s", - *subject_name); - - if (config->pkinit_princ_in_cert) { - ret = match_rfc_san(context, config, - kdc_identity->hx509ctx, - client_params->cert, - client->entry.principal); - if (ret == 0) { - kdc_log(context, config, 5, - "Found matching PK-INIT SAN in certificate"); - return 0; - } - ret = match_ms_upn_san(context, config, - kdc_identity->hx509ctx, - client_params->cert, - client->entry.principal); - if (ret == 0) { - kdc_log(context, config, 5, - "Found matching MS UPN SAN in certificate"); - return 0; - } - } - - ret = hdb_entry_get_pkinit_acl(&client->entry, &acl); - if (ret == 0 && acl != NULL) { - /* - * Cheat here and compare the generated name with the string - * and not the reverse. - */ - for (i = 0; i < acl->len; i++) { - if (strcmp(*subject_name, acl->val[0].subject) != 0) - continue; - - /* Don't support isser and anchor checking right now */ - if (acl->val[0].issuer) - continue; - if (acl->val[0].anchor) - continue; - - kdc_log(context, config, 5, - "Found matching PK-INIT database ACL"); - return 0; - } - } - - for (i = 0; i < principal_mappings.len; i++) { - krb5_boolean b; - - b = krb5_principal_compare(context, - client->entry.principal, - principal_mappings.val[i].principal); - if (b == FALSE) - continue; - if (strcmp(principal_mappings.val[i].subject, *subject_name) != 0) - continue; - kdc_log(context, config, 5, - "Found matching PK-INIT FILE ACL"); - return 0; - } - - krb5_set_error_string(context, - "PKINIT no matching principals for %s", - *subject_name); - - kdc_log(context, config, 5, - "PKINIT no matching principals for %s", - *subject_name); - - free(*subject_name); - *subject_name = NULL; - - return KRB5_KDC_ERR_CLIENT_NAME_MISMATCH; -} - -static krb5_error_code -add_principal_mapping(krb5_context context, - const char *principal_name, - const char * subject) -{ - struct pk_allowed_princ *tmp; - krb5_principal principal; - krb5_error_code ret; - - tmp = realloc(principal_mappings.val, - (principal_mappings.len + 1) * sizeof(*tmp)); - if (tmp == NULL) - return ENOMEM; - principal_mappings.val = tmp; - - ret = krb5_parse_name(context, principal_name, &principal); - if (ret) - return ret; - - principal_mappings.val[principal_mappings.len].principal = principal; - - principal_mappings.val[principal_mappings.len].subject = strdup(subject); - if (principal_mappings.val[principal_mappings.len].subject == NULL) { - krb5_free_principal(context, principal); - return ENOMEM; - } - principal_mappings.len++; - - return 0; -} - -krb5_error_code -_kdc_add_inital_verified_cas(krb5_context context, - krb5_kdc_configuration *config, - pk_client_params *params, - EncTicketPart *tkt) -{ - AD_INITIAL_VERIFIED_CAS cas; - krb5_error_code ret; - krb5_data data; - size_t size; - - memset(&cas, 0, sizeof(cas)); - - /* XXX add CAs to cas here */ - - ASN1_MALLOC_ENCODE(AD_INITIAL_VERIFIED_CAS, data.data, data.length, - &cas, &size, ret); - if (ret) - return ret; - if (data.length != size) - krb5_abortx(context, "internal asn.1 encoder error"); - - ret = _kdc_tkt_add_if_relevant_ad(context, tkt, - KRB5_AUTHDATA_INITIAL_VERIFIED_CAS, - &data); - krb5_data_free(&data); - return ret; -} - -/* - * - */ - -static void -load_mappings(krb5_context context, const char *fn) -{ - krb5_error_code ret; - char buf[1024]; - unsigned long lineno = 0; - FILE *f; - - f = fopen(fn, "r"); - if (f == NULL) - return; - - while (fgets(buf, sizeof(buf), f) != NULL) { - char *subject_name, *p; - - buf[strcspn(buf, "\n")] = '\0'; - lineno++; - - p = buf + strspn(buf, " \t"); - - if (*p == '#' || *p == '\0') - continue; - - subject_name = strchr(p, ':'); - if (subject_name == NULL) { - krb5_warnx(context, "pkinit mapping file line %lu " - "missing \":\" :%s", - lineno, buf); - continue; - } - *subject_name++ = '\0'; - - ret = add_principal_mapping(context, p, subject_name); - if (ret) { - krb5_warn(context, ret, "failed to add line %lu \":\" :%s\n", - lineno, buf); - continue; - } - } - - fclose(f); -} - -/* - * - */ - -krb5_error_code -_kdc_pk_initialize(krb5_context context, - krb5_kdc_configuration *config, - const char *user_id, - const char *anchors, - char **pool, - char **revoke_list) -{ - const char *file; - char *fn = NULL; - krb5_error_code ret; - - file = krb5_config_get_string(context, NULL, - "libdefaults", "moduli", NULL); - - ret = _krb5_parse_moduli(context, file, &moduli); - if (ret) - krb5_err(context, 1, ret, "PKINIT: failed to load modidi file"); - - principal_mappings.len = 0; - principal_mappings.val = NULL; - - ret = _krb5_pk_load_id(context, - &kdc_identity, - user_id, - anchors, - pool, - revoke_list, - NULL, - NULL, - NULL); - if (ret) { - krb5_warn(context, ret, "PKINIT: "); - config->enable_pkinit = 0; - return ret; - } - - { - hx509_query *q; - hx509_cert cert; - - ret = hx509_query_alloc(kdc_identity->hx509ctx, &q); - if (ret) { - krb5_warnx(context, "PKINIT: out of memory"); - return ENOMEM; - } - - hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); - hx509_query_match_option(q, HX509_QUERY_OPTION_KU_DIGITALSIGNATURE); - - ret = hx509_certs_find(kdc_identity->hx509ctx, - kdc_identity->certs, - q, - &cert); - hx509_query_free(kdc_identity->hx509ctx, q); - if (ret == 0) { - if (hx509_cert_check_eku(kdc_identity->hx509ctx, cert, - oid_id_pkkdcekuoid(), 0)) - krb5_warnx(context, "WARNING Found KDC certificate " - "is missing the PK-INIT KDC EKU, this is bad for " - "interoperability."); - hx509_cert_free(cert); - } else - krb5_warnx(context, "PKINIT: failed to find a signing " - "certifiate with a public key"); - } - - ret = krb5_config_get_bool_default(context, - NULL, - FALSE, - "kdc", - "pkinit_allow_proxy_certificate", - NULL); - _krb5_pk_allow_proxy_certificate(kdc_identity, ret); - - file = krb5_config_get_string(context, - NULL, - "kdc", - "pkinit_mappings_file", - NULL); - if (file == NULL) { - asprintf(&fn, "%s/pki-mapping", hdb_db_dir(context)); - file = fn; - } - - load_mappings(context, file); - if (fn) - free(fn); - - return 0; -} - -#endif /* PKINIT */ diff --git a/crypto/heimdal/kdc/process.c b/crypto/heimdal/kdc/process.c deleted file mode 100644 index 1d0a01a215d1..000000000000 --- a/crypto/heimdal/kdc/process.c +++ /dev/null @@ -1,219 +0,0 @@ -/* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" - -RCSID("$Id: process.c 20959 2007-06-07 04:46:06Z lha $"); - -/* - * - */ - -void -krb5_kdc_update_time(struct timeval *tv) -{ - if (tv == NULL) - gettimeofday(&_kdc_now, NULL); - else - _kdc_now = *tv; -} - -/* - * handle the request in `buf, len', from `addr' (or `from' as a string), - * sending a reply in `reply'. - */ - -int -krb5_kdc_process_request(krb5_context context, - krb5_kdc_configuration *config, - unsigned char *buf, - size_t len, - krb5_data *reply, - krb5_boolean *prependlength, - const char *from, - struct sockaddr *addr, - int datagram_reply) -{ - KDC_REQ req; - Ticket ticket; - DigestREQ digestreq; - Kx509Request kx509req; - krb5_error_code ret; - size_t i; - - if(decode_AS_REQ(buf, len, &req, &i) == 0){ - krb5_data req_buffer; - - req_buffer.data = buf; - req_buffer.length = len; - - ret = _kdc_as_rep(context, config, &req, &req_buffer, - reply, from, addr, datagram_reply); - free_AS_REQ(&req); - return ret; - }else if(decode_TGS_REQ(buf, len, &req, &i) == 0){ - ret = _kdc_tgs_rep(context, config, &req, reply, from, addr, datagram_reply); - free_TGS_REQ(&req); - return ret; - }else if(decode_Ticket(buf, len, &ticket, &i) == 0){ - ret = _kdc_do_524(context, config, &ticket, reply, from, addr); - free_Ticket(&ticket); - return ret; - }else if(decode_DigestREQ(buf, len, &digestreq, &i) == 0){ - ret = _kdc_do_digest(context, config, &digestreq, reply, from, addr); - free_DigestREQ(&digestreq); - return ret; - } else if (_kdc_try_kx509_request(buf, len, &kx509req, &i) == 0) { - ret = _kdc_do_kx509(context, config, &kx509req, reply, from, addr); - free_Kx509Request(&kx509req); - return ret; - } else if(_kdc_maybe_version4(buf, len)){ - *prependlength = FALSE; /* elbitapmoc sdrawkcab XXX */ - _kdc_do_version4(context, config, buf, len, reply, from, - (struct sockaddr_in*)addr); - return 0; - } else if (config->enable_kaserver) { - ret = _kdc_do_kaserver(context, config, buf, len, reply, from, - (struct sockaddr_in*)addr); - return ret; - } - - return -1; -} - -/* - * handle the request in `buf, len', from `addr' (or `from' as a string), - * sending a reply in `reply'. - * - * This only processes krb5 requests - */ - -int -krb5_kdc_process_krb5_request(krb5_context context, - krb5_kdc_configuration *config, - unsigned char *buf, - size_t len, - krb5_data *reply, - const char *from, - struct sockaddr *addr, - int datagram_reply) -{ - KDC_REQ req; - krb5_error_code ret; - size_t i; - - if(decode_AS_REQ(buf, len, &req, &i) == 0){ - krb5_data req_buffer; - - req_buffer.data = buf; - req_buffer.length = len; - - ret = _kdc_as_rep(context, config, &req, &req_buffer, - reply, from, addr, datagram_reply); - free_AS_REQ(&req); - return ret; - }else if(decode_TGS_REQ(buf, len, &req, &i) == 0){ - ret = _kdc_tgs_rep(context, config, &req, reply, from, addr, datagram_reply); - free_TGS_REQ(&req); - return ret; - } - return -1; -} - -/* - * - */ - -int -krb5_kdc_save_request(krb5_context context, - const char *fn, - const unsigned char *buf, - size_t len, - const krb5_data *reply, - const struct sockaddr *sa) -{ - krb5_storage *sp; - krb5_address a; - int fd, ret; - uint32_t t; - krb5_data d; - - memset(&a, 0, sizeof(a)); - - d.data = rk_UNCONST(buf); - d.length = len; - t = _kdc_now.tv_sec; - - fd = open(fn, O_WRONLY|O_CREAT|O_APPEND, 0600); - if (fd < 0) { - krb5_set_error_string(context, "Failed to open: %s", fn); - return errno; - } - - sp = krb5_storage_from_fd(fd); - close(fd); - if (sp == NULL) { - krb5_set_error_string(context, "Storage failed to open fd"); - return ENOMEM; - } - - ret = krb5_sockaddr2address(context, sa, &a); - if (ret) - goto out; - - krb5_store_uint32(sp, 1); - krb5_store_uint32(sp, t); - krb5_store_address(sp, a); - krb5_store_data(sp, d); - { - Der_class cl; - Der_type ty; - unsigned int tag; - ret = der_get_tag (reply->data, reply->length, - &cl, &ty, &tag, NULL); - if (ret) { - krb5_store_uint32(sp, 0xffffffff); - krb5_store_uint32(sp, 0xffffffff); - } else { - krb5_store_uint32(sp, MAKE_TAG(cl, ty, 0)); - krb5_store_uint32(sp, tag); - } - } - - krb5_free_address(context, &a); -out: - krb5_storage_free(sp); - - return 0; -} diff --git a/crypto/heimdal/kdc/rx.h b/crypto/heimdal/kdc/rx.h deleted file mode 100644 index 18806d79dae6..000000000000 --- a/crypto/heimdal/kdc/rx.h +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: rx.h 17447 2006-05-05 10:52:01Z lha $ */ - -#ifndef __RX_H__ -#define __RX_H__ - -/* header of a RPC packet */ - -enum rx_header_type { - HT_DATA = 1, - HT_ACK = 2, - HT_BUSY = 3, - HT_ABORT = 4, - HT_ACKALL = 5, - HT_CHAL = 6, - HT_RESP = 7, - HT_DEBUG = 8 -}; - -/* For flags in header */ - -enum rx_header_flag { - HF_CLIENT_INITIATED = 1, - HF_REQ_ACK = 2, - HF_LAST = 4, - HF_MORE = 8 -}; - -struct rx_header { - uint32_t epoch; - uint32_t connid; /* And channel ID */ - uint32_t callid; - uint32_t seqno; - uint32_t serialno; - u_char type; - u_char flags; - u_char status; - u_char secindex; - uint16_t reserved; /* ??? verifier? */ - uint16_t serviceid; -/* This should be the other way around according to everything but */ -/* tcpdump */ -}; - -#define RX_HEADER_SIZE 28 - -#endif /* __RX_H__ */ diff --git a/crypto/heimdal/kdc/set_dbinfo.c b/crypto/heimdal/kdc/set_dbinfo.c deleted file mode 100644 index 651f4c4a4b21..000000000000 --- a/crypto/heimdal/kdc/set_dbinfo.c +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" - -RCSID("$Id: default_config.c 21296 2007-06-25 14:49:11Z lha $"); - -krb5_error_code -krb5_kdc_set_dbinfo(krb5_context context, struct krb5_kdc_configuration *c) -{ - struct hdb_dbinfo *info, *d; - krb5_error_code ret; - int i; - - /* fetch the databases */ - ret = hdb_get_dbinfo(context, &info); - if (ret) - return ret; - - d = NULL; - while ((d = hdb_dbinfo_get_next(info, d)) != NULL) { - void *ptr; - - ptr = realloc(c->db, (c->num_db + 1) * sizeof(*c->db)); - if (ptr == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "out of memory"); - goto out; - } - c->db = ptr; - - ret = hdb_create(context, &c->db[c->num_db], - hdb_dbinfo_get_dbname(context, d)); - if(ret) - goto out; - - ret = hdb_set_master_keyfile(context, c->db[c->num_db], - hdb_dbinfo_get_mkey_file(context, d)); - if (ret) - goto out; - - c->num_db++; - - kdc_log(context, c, 0, "label: %s", - hdb_dbinfo_get_label(context, d)); - kdc_log(context, c, 0, "\tdbname: %s", - hdb_dbinfo_get_dbname(context, d)); - kdc_log(context, c, 0, "\tmkey_file: %s", - hdb_dbinfo_get_mkey_file(context, d)); - kdc_log(context, c, 0, "\tacl_file: %s", - hdb_dbinfo_get_acl_file(context, d)); - } - hdb_free_dbinfo(context, &info); - - return 0; -out: - for (i = 0; i < c->num_db; i++) - if (c->db[i] && c->db[i]->hdb_destroy) - (*c->db[i]->hdb_destroy)(context, c->db[i]); - c->num_db = 0; - free(c->db); - c->db = NULL; - - hdb_free_dbinfo(context, &info); - - return ret; -} - - diff --git a/crypto/heimdal/kdc/string2key.8 b/crypto/heimdal/kdc/string2key.8 deleted file mode 100644 index 8f2d562cc809..000000000000 --- a/crypto/heimdal/kdc/string2key.8 +++ /dev/null @@ -1,110 +0,0 @@ -.\" Copyright (c) 2000 - 2002 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: string2key.8 11648 2003-02-16 21:10:32Z lha $ -.\" -.Dd March 4, 2000 -.Dt STRING2KEY 8 -.Os HEIMDAL -.Sh NAME -.Nm string2key -.Nd map a password into a key -.Sh SYNOPSIS -.Nm -.Op Fl 5 | Fl -version5 -.Op Fl 4 | Fl -version4 -.Op Fl a | Fl -afs -.Oo Fl c Ar cell \*(Ba Xo -.Fl -cell= Ns Ar cell -.Xc -.Oc -.Oo Fl w Ar password \*(Ba Xo -.Fl -password= Ns Ar password -.Xc -.Oc -.Oo Fl p Ar principal \*(Ba Xo -.Fl -principal= Ns Ar principal -.Xc -.Oc -.Oo Fl k Ar string \*(Ba Xo -.Fl -keytype= Ns Ar string -.Xc -.Oc -.Ar password -.Sh DESCRIPTION -.Nm -performs the string-to-key function. -This is useful when you want to handle the raw key instead of the password. -Supported options: -.Bl -tag -width Ds -.It Xo -.Fl 5 , -.Fl -version5 -.Xc -Output Kerberos v5 string-to-key -.It Xo -.Fl 4 , -.Fl -version4 -.Xc -Output Kerberos v4 string-to-key -.It Xo -.Fl a , -.Fl -afs -.Xc -Output AFS string-to-key -.It Xo -.Fl c Ar cell , -.Fl -cell= Ns Ar cell -.Xc -AFS cell to use -.It Xo -.Fl w Ar password , -.Fl -password= Ns Ar password -.Xc -Password to use -.It Xo -.Fl p Ar principal , -.Fl -principal= Ns Ar principal -.Xc -Kerberos v5 principal to use -.It Xo -.Fl k Ar string , -.Fl -keytype= Ns Ar string -.Xc -Keytype -.It Xo -.Fl -version -.Xc -print version -.It Xo -.Fl -help -.Xc -.El diff --git a/crypto/heimdal/kdc/string2key.c b/crypto/heimdal/kdc/string2key.c deleted file mode 100644 index 4211bf7a93f5..000000000000 --- a/crypto/heimdal/kdc/string2key.c +++ /dev/null @@ -1,201 +0,0 @@ -/* - * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "headers.h" -#include - -RCSID("$Id: string2key.c 19213 2006-12-04 23:36:36Z lha $"); - -int version5; -int version4; -int afs; -char *principal; -char *cell; -char *password; -const char *keytype_str = "des3-cbc-sha1"; -int version; -int help; - -struct getargs args[] = { - { "version5", '5', arg_flag, &version5, "Output Kerberos v5 string-to-key" }, - { "version4", '4', arg_flag, &version4, "Output Kerberos v4 string-to-key" }, - { "afs", 'a', arg_flag, &afs, "Output AFS string-to-key" }, - { "cell", 'c', arg_string, &cell, "AFS cell to use", "cell" }, - { "password", 'w', arg_string, &password, "Password to use", "password" }, - { "principal",'p', arg_string, &principal, "Kerberos v5 principal to use", "principal" }, - { "keytype", 'k', arg_string, &keytype_str, "Keytype" }, - { "version", 0, arg_flag, &version, "print version" }, - { "help", 0, arg_flag, &help, NULL } -}; - -int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage(int status) -{ - arg_printusage (args, num_args, NULL, "password"); - exit(status); -} - -static void -tokey(krb5_context context, - krb5_enctype enctype, - const char *pw, - krb5_salt salt, - const char *label) -{ - krb5_error_code ret; - int i; - krb5_keyblock key; - char *e; - - ret = krb5_string_to_key_salt(context, enctype, pw, salt, &key); - if (ret) - krb5_err(context, 1, ret, "krb5_string_to_key_salt"); - ret = krb5_enctype_to_string(context, enctype, &e); - if (ret) - krb5_err(context, 1, ret, "krb5_enctype_to_string"); - printf(label, e); - printf(": "); - for(i = 0; i < key.keyvalue.length; i++) - printf("%02x", ((unsigned char*)key.keyvalue.data)[i]); - printf("\n"); - krb5_free_keyblock_contents(context, &key); - free(e); -} - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_principal princ; - krb5_salt salt; - int optidx; - char buf[1024]; - krb5_enctype etype; - krb5_error_code ret; - - optidx = krb5_program_setup(&context, argc, argv, args, num_args, NULL); - - if(help) - usage(0); - - if(version){ - print_version (NULL); - return 0; - } - - argc -= optidx; - argv += optidx; - - if (argc > 1) - usage(1); - - if(!version5 && !version4 && !afs) - version5 = 1; - - ret = krb5_string_to_enctype(context, keytype_str, &etype); - if(ret) { - krb5_keytype keytype; - int *etypes; - unsigned num; - char *str; - ret = krb5_string_to_keytype(context, keytype_str, &keytype); - if(ret) - krb5_err(context, 1, ret, "%s", keytype_str); - ret = krb5_keytype_to_enctypes(context, keytype, &num, &etypes); - if(ret) - krb5_err(context, 1, ret, "%s", keytype_str); - if(num == 0) - krb5_errx(context, 1, "there are no encryption types for that keytype"); - etype = etypes[0]; - krb5_enctype_to_string(context, etype, &str); - keytype_str = str; - if(num > 1 && version5) - krb5_warnx(context, "ambiguous keytype, using %s", keytype_str); - } - - if((etype != ETYPE_DES_CBC_CRC && - etype != ETYPE_DES_CBC_MD4 && - etype != ETYPE_DES_CBC_MD5) && - (afs || version4)) { - if(!version5) { - etype = ETYPE_DES_CBC_CRC; - } else { - krb5_errx(context, 1, - "DES is the only valid keytype for AFS and Kerberos 4"); - } - } - - if(version5 && principal == NULL){ - printf("Kerberos v5 principal: "); - if(fgets(buf, sizeof(buf), stdin) == NULL) - return 1; - buf[strcspn(buf, "\r\n")] = '\0'; - principal = estrdup(buf); - } - if(afs && cell == NULL){ - printf("AFS cell: "); - if(fgets(buf, sizeof(buf), stdin) == NULL) - return 1; - buf[strcspn(buf, "\r\n")] = '\0'; - cell = estrdup(buf); - } - if(argv[0]) - password = argv[0]; - if(password == NULL){ - if(UI_UTIL_read_pw_string(buf, sizeof(buf), "Password: ", 0)) - return 1; - password = buf; - } - - if(version5){ - krb5_parse_name(context, principal, &princ); - krb5_get_pw_salt(context, princ, &salt); - tokey(context, etype, password, salt, "Kerberos 5 (%s)"); - krb5_free_salt(context, salt); - } - if(version4){ - salt.salttype = KRB5_PW_SALT; - salt.saltvalue.length = 0; - salt.saltvalue.data = NULL; - tokey(context, ETYPE_DES_CBC_MD5, password, salt, "Kerberos 4"); - } - if(afs){ - salt.salttype = KRB5_AFS3_SALT; - salt.saltvalue.length = strlen(cell); - salt.saltvalue.data = cell; - tokey(context, ETYPE_DES_CBC_MD5, password, salt, "AFS"); - } - return 0; -} diff --git a/crypto/heimdal/kdc/v4_dump.c b/crypto/heimdal/kdc/v4_dump.c deleted file mode 100644 index 93c56f87f27f..000000000000 --- a/crypto/heimdal/kdc/v4_dump.c +++ /dev/null @@ -1,143 +0,0 @@ -/* - * Copyright (c) 2000 - 2001, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hprop.h" - -RCSID("$Id: v4_dump.c 17023 2006-04-09 17:41:47Z lha $"); - -static time_t -time_parse(const char *cp) -{ - char wbuf[5]; - struct tm tp; - int local; - - memset(&tp, 0, sizeof(tp)); /* clear out the struct */ - - /* new format is YYYYMMDDHHMM UTC, - old format is YYMMDDHHMM local time */ - if (strlen(cp) > 10) { /* new format */ - strlcpy(wbuf, cp, sizeof(wbuf)); - tp.tm_year = atoi(wbuf) - 1900; - cp += 4; - local = 0; - } else { - wbuf[0] = *cp++; - wbuf[1] = *cp++; - wbuf[2] = '\0'; - tp.tm_year = atoi(wbuf); - if(tp.tm_year < 38) - tp.tm_year += 100; - local = 1; - } - - wbuf[0] = *cp++; - wbuf[1] = *cp++; - wbuf[2] = 0; - tp.tm_mon = atoi(wbuf) - 1; - - wbuf[0] = *cp++; - wbuf[1] = *cp++; - tp.tm_mday = atoi(wbuf); - - wbuf[0] = *cp++; - wbuf[1] = *cp++; - tp.tm_hour = atoi(wbuf); - - wbuf[0] = *cp++; - wbuf[1] = *cp++; - tp.tm_min = atoi(wbuf); - - return(tm2time(tp, local)); -} - -/* convert a version 4 dump file */ -int -v4_prop_dump(void *arg, const char *file) -{ - char buf [1024]; - FILE *f; - int lineno = 0; - - f = fopen(file, "r"); - if(f == NULL) - return errno; - - while(fgets(buf, sizeof(buf), f)) { - int ret; - unsigned long key[2]; /* yes, long */ - char exp_date[64], mod_date[64]; - struct v4_principal pr; - int attributes; - - memset(&pr, 0, sizeof(pr)); - errno = 0; - lineno++; - ret = sscanf(buf, "%63s %63s %d %d %d %d %lx %lx %63s %63s %63s %63s", - pr.name, pr.instance, - &pr.max_life, &pr.mkvno, &pr.kvno, - &attributes, - &key[0], &key[1], - exp_date, mod_date, - pr.mod_name, pr.mod_instance); - if(ret != 12){ - warnx("Line %d malformed (ignored)", lineno); - continue; - } - if(attributes != 0) { - warnx("Line %d (%s.%s) has non-zero attributes - skipping", - lineno, pr.name, pr.instance); - continue; - } - pr.key[0] = (key[0] >> 24) & 0xff; - pr.key[1] = (key[0] >> 16) & 0xff; - pr.key[2] = (key[0] >> 8) & 0xff; - pr.key[3] = (key[0] >> 0) & 0xff; - pr.key[4] = (key[1] >> 24) & 0xff; - pr.key[5] = (key[1] >> 16) & 0xff; - pr.key[6] = (key[1] >> 8) & 0xff; - pr.key[7] = (key[1] >> 0) & 0xff; - pr.exp_date = time_parse(exp_date); - pr.mod_date = time_parse(mod_date); - if (pr.instance[0] == '*') - pr.instance[0] = '\0'; - if (pr.mod_name[0] == '*') - pr.mod_name[0] = '\0'; - if (pr.mod_instance[0] == '*') - pr.mod_instance[0] = '\0'; - v4_prop(arg, &pr); - memset(&pr, 0, sizeof(pr)); - } - fclose(f); - return 0; -} diff --git a/crypto/heimdal/kdc/version-script.map b/crypto/heimdal/kdc/version-script.map deleted file mode 100644 index 2612b8ed261e..000000000000 --- a/crypto/heimdal/kdc/version-script.map +++ /dev/null @@ -1,18 +0,0 @@ -# $Id: version-script.map 21110 2007-06-18 10:52:20Z lha $ - -HEIMDAL_KDC_1.0 { - global: - kdc_log; - kdc_log_msg; - kdc_log_msg_va; - kdc_openlog; - krb5_kdc_windc_init; - krb5_kdc_get_config; - krb5_kdc_set_dbinfo; - krb5_kdc_process_krb5_request; - krb5_kdc_process_request; - krb5_kdc_save_request; - krb5_kdc_update_time; - local: - *; -}; diff --git a/crypto/heimdal/kdc/windc.c b/crypto/heimdal/kdc/windc.c deleted file mode 100644 index 395ab7343284..000000000000 --- a/crypto/heimdal/kdc/windc.c +++ /dev/null @@ -1,109 +0,0 @@ -/* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdc_locl.h" - -RCSID("$Id: windc.c 20559 2007-04-24 16:00:07Z lha $"); - -static krb5plugin_windc_ftable *windcft; -static void *windcctx; - -/* - * Pick the first WINDC module that we find. - */ - -krb5_error_code -krb5_kdc_windc_init(krb5_context context) -{ - struct krb5_plugin *list = NULL, *e; - krb5_error_code ret; - - ret = _krb5_plugin_find(context, PLUGIN_TYPE_DATA, "windc", &list); - if(ret != 0 || list == NULL) - return 0; - - for (e = list; e != NULL; e = _krb5_plugin_get_next(e)) { - - windcft = _krb5_plugin_get_symbol(e); - if (windcft->minor_version < KRB5_WINDC_PLUGING_MINOR) - continue; - - (*windcft->init)(context, &windcctx); - break; - } - if (e == NULL) { - _krb5_plugin_free(list); - krb5_set_error_string(context, "Did not find any WINDC plugin"); - windcft = NULL; - return ENOENT; - } - - return 0; -} - - -krb5_error_code -_kdc_pac_generate(krb5_context context, - hdb_entry_ex *client, - krb5_pac *pac) -{ - *pac = NULL; - if (windcft == NULL) - return 0; - return (windcft->pac_generate)(windcctx, context, client, pac); -} - -krb5_error_code -_kdc_pac_verify(krb5_context context, - const krb5_principal client_principal, - hdb_entry_ex *client, - hdb_entry_ex *server, - krb5_pac *pac) -{ - if (windcft == NULL) { - krb5_set_error_string(context, "Can't verify PAC, no function"); - return EINVAL; - } - return (windcft->pac_verify)(windcctx, context, - client_principal, client, server, pac); -} - -krb5_error_code -_kdc_windc_client_access(krb5_context context, - struct hdb_entry_ex *client, - KDC_REQ *req) -{ - if (windcft == NULL) - return 0; - return (windcft->client_access)(windcctx, context, client, req); -} diff --git a/crypto/heimdal/kdc/windc_plugin.h b/crypto/heimdal/kdc/windc_plugin.h deleted file mode 100644 index ec480cf950c6..000000000000 --- a/crypto/heimdal/kdc/windc_plugin.h +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: windc_plugin.h 19798 2007-01-10 15:24:51Z lha $ */ - -#ifndef HEIMDAL_KRB5_PAC_PLUGIN_H -#define HEIMDAL_KRB5_PAC_PLUGIN_H 1 - -#include - -/* - * The PAC generate function should allocate a krb5_pac using - * krb5_pac_init and fill in the PAC structure for the principal using - * krb5_pac_add_buffer. - * - * The PAC verify function should verify all components in the PAC - * using krb5_pac_get_types and krb5_pac_get_buffer for all types. - * - * Check client access function check if the client is authorized. - */ - -struct hdb_entry_ex; - -typedef krb5_error_code -(*krb5plugin_windc_pac_generate)(void *, krb5_context, - struct hdb_entry_ex *, krb5_pac *); - -typedef krb5_error_code -(*krb5plugin_windc_pac_verify)(void *, krb5_context, - const krb5_principal, - struct hdb_entry_ex *, - struct hdb_entry_ex *, - krb5_pac *); - -typedef krb5_error_code -(*krb5plugin_windc_client_access)( - void *, krb5_context, struct hdb_entry_ex *, KDC_REQ *); - - -#define KRB5_WINDC_PLUGING_MINOR 2 - -typedef struct krb5plugin_windc_ftable { - int minor_version; - krb5_error_code (*init)(krb5_context, void **); - void (*fini)(void *); - krb5plugin_windc_pac_generate pac_generate; - krb5plugin_windc_pac_verify pac_verify; - krb5plugin_windc_client_access client_access; -} krb5plugin_windc_ftable; - -#endif /* HEIMDAL_KRB5_PAC_PLUGIN_H */ - diff --git a/crypto/heimdal/kpasswd/Makefile.am b/crypto/heimdal/kpasswd/Makefile.am deleted file mode 100644 index ecfb752e39dd..000000000000 --- a/crypto/heimdal/kpasswd/Makefile.am +++ /dev/null @@ -1,33 +0,0 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_hcrypto) - -man_MANS = kpasswd.1 kpasswdd.8 - -bin_PROGRAMS = kpasswd - -kpasswd_SOURCES = kpasswd.c kpasswd_locl.h - -libexec_PROGRAMS = kpasswdd - -noinst_PROGRAMS = kpasswd-generator - -kpasswdd_SOURCES = kpasswdd.c kpasswd_locl.h - -kpasswdd_LDADD = \ - $(top_builddir)/lib/kadm5/libkadm5srv.la \ - $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ - $(LDADD) \ - $(LIB_pidfile) \ - $(LIB_dlopen) \ - $(DBLIB) - -LDADD = $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) - -EXTRA_DIST = $(man_MANS) diff --git a/crypto/heimdal/kpasswd/Makefile.in b/crypto/heimdal/kpasswd/Makefile.in deleted file mode 100644 index 5c0e6db071db..000000000000 --- a/crypto/heimdal/kpasswd/Makefile.in +++ /dev/null @@ -1,956 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -bin_PROGRAMS = kpasswd$(EXEEXT) -libexec_PROGRAMS = kpasswdd$(EXEEXT) -noinst_PROGRAMS = kpasswd-generator$(EXEEXT) -subdir = kpasswd -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)" \ - "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man8dir)" -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(bin_PROGRAMS) $(libexec_PROGRAMS) $(noinst_PROGRAMS) -am_kpasswd_OBJECTS = kpasswd.$(OBJEXT) -kpasswd_OBJECTS = $(am_kpasswd_OBJECTS) -kpasswd_LDADD = $(LDADD) -am__DEPENDENCIES_1 = -kpasswd_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) -kpasswd_generator_SOURCES = kpasswd-generator.c -kpasswd_generator_OBJECTS = kpasswd-generator.$(OBJEXT) -kpasswd_generator_LDADD = $(LDADD) -kpasswd_generator_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) -am_kpasswdd_OBJECTS = kpasswdd.$(OBJEXT) -kpasswdd_OBJECTS = $(am_kpasswdd_OBJECTS) -am__DEPENDENCIES_2 = $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) -kpasswdd_DEPENDENCIES = $(top_builddir)/lib/kadm5/libkadm5srv.la \ - $(top_builddir)/lib/hdb/libhdb.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(kpasswd_SOURCES) kpasswd-generator.c $(kpasswdd_SOURCES) -DIST_SOURCES = $(kpasswd_SOURCES) kpasswd-generator.c \ - $(kpasswdd_SOURCES) -man1dir = $(mandir)/man1 -man8dir = $(mandir)/man8 -MANS = $(man_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_hcrypto) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -man_MANS = kpasswd.1 kpasswdd.8 -kpasswd_SOURCES = kpasswd.c kpasswd_locl.h -kpasswdd_SOURCES = kpasswdd.c kpasswd_locl.h -kpasswdd_LDADD = \ - $(top_builddir)/lib/kadm5/libkadm5srv.la \ - $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ - $(LDADD) \ - $(LIB_pidfile) \ - $(LIB_dlopen) \ - $(DBLIB) - -LDADD = $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) - -EXTRA_DIST = $(man_MANS) -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps kpasswd/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps kpasswd/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-binPROGRAMS: $(bin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-binPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done - -clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -install-libexecPROGRAMS: $(libexec_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-libexecPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done - -clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done - -clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -kpasswd$(EXEEXT): $(kpasswd_OBJECTS) $(kpasswd_DEPENDENCIES) - @rm -f kpasswd$(EXEEXT) - $(LINK) $(kpasswd_OBJECTS) $(kpasswd_LDADD) $(LIBS) -kpasswd-generator$(EXEEXT): $(kpasswd_generator_OBJECTS) $(kpasswd_generator_DEPENDENCIES) - @rm -f kpasswd-generator$(EXEEXT) - $(LINK) $(kpasswd_generator_OBJECTS) $(kpasswd_generator_LDADD) $(LIBS) -kpasswdd$(EXEEXT): $(kpasswdd_OBJECTS) $(kpasswdd_DEPENDENCIES) - @rm -f kpasswdd$(EXEEXT) - $(LINK) $(kpasswdd_OBJECTS) $(kpasswdd_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done -install-man8: $(man8_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(PROGRAMS) $(MANS) all-local -installdirs: - for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \ - clean-libtool clean-noinstPROGRAMS mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-binPROGRAMS install-libexecPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man1 install-man8 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-binPROGRAMS uninstall-libexecPROGRAMS \ - uninstall-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man1 uninstall-man8 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \ - clean-libtool clean-noinstPROGRAMS ctags dist-hook distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-binPROGRAMS install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am \ - install-libexecPROGRAMS install-man install-man1 install-man8 \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ - pdf pdf-am ps ps-am tags uninstall uninstall-am \ - uninstall-binPROGRAMS uninstall-hook uninstall-libexecPROGRAMS \ - uninstall-man uninstall-man1 uninstall-man8 - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/kpasswd/kpasswd-generator.c b/crypto/heimdal/kpasswd/kpasswd-generator.c deleted file mode 100644 index e37f86980fe6..000000000000 --- a/crypto/heimdal/kpasswd/kpasswd-generator.c +++ /dev/null @@ -1,202 +0,0 @@ -/* - * Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kpasswd_locl.h" - -RCSID("$Id: kpasswd-generator.c 19233 2006-12-06 08:04:05Z lha $"); - -static unsigned -read_words (const char *filename, char ***ret_w) -{ - unsigned n, alloc; - FILE *f; - char buf[256]; - char **w = NULL; - - f = fopen (filename, "r"); - if (f == NULL) - err (1, "cannot open %s", filename); - alloc = n = 0; - while (fgets (buf, sizeof(buf), f) != NULL) { - buf[strcspn(buf, "\r\n")] = '\0'; - if (n >= alloc) { - alloc += 16; - w = erealloc (w, alloc * sizeof(char **)); - } - w[n++] = estrdup (buf); - } - *ret_w = w; - if (n == 0) - errx(1, "%s is an empty file, no words to try", filename); - return n; -} - -static int -nop_prompter (krb5_context context, - void *data, - const char *name, - const char *banner, - int num_prompts, - krb5_prompt prompts[]) -{ - return 0; -} - -static void -generate_requests (const char *filename, unsigned nreq) -{ - krb5_context context; - krb5_error_code ret; - int i; - char **words; - unsigned nwords; - - ret = krb5_init_context (&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - nwords = read_words (filename, &words); - - for (i = 0; i < nreq; ++i) { - char *name = words[rand() % nwords]; - krb5_get_init_creds_opt *opt; - krb5_creds cred; - krb5_principal principal; - int result_code; - krb5_data result_code_string, result_string; - char *old_pwd, *new_pwd; - - krb5_get_init_creds_opt_alloc (context, &opt); - krb5_get_init_creds_opt_set_tkt_life (opt, 300); - krb5_get_init_creds_opt_set_forwardable (opt, FALSE); - krb5_get_init_creds_opt_set_proxiable (opt, FALSE); - - ret = krb5_parse_name (context, name, &principal); - if (ret) - krb5_err (context, 1, ret, "krb5_parse_name %s", name); - - asprintf (&old_pwd, "%s", name); - asprintf (&new_pwd, "%s2", name); - - ret = krb5_get_init_creds_password (context, - &cred, - principal, - old_pwd, - nop_prompter, - NULL, - 0, - "kadmin/changepw", - opt); - if( ret == KRB5KRB_AP_ERR_BAD_INTEGRITY - || ret == KRB5KRB_AP_ERR_MODIFIED) { - char *tmp; - - tmp = new_pwd; - new_pwd = old_pwd; - old_pwd = tmp; - - ret = krb5_get_init_creds_password (context, - &cred, - principal, - old_pwd, - nop_prompter, - NULL, - 0, - "kadmin/changepw", - opt); - } - if (ret) - krb5_err (context, 1, ret, "krb5_get_init_creds_password"); - - krb5_free_principal (context, principal); - - ret = krb5_change_password (context, &cred, new_pwd, - &result_code, - &result_code_string, - &result_string); - if (ret) - krb5_err (context, 1, ret, "krb5_change_password"); - - free (old_pwd); - free (new_pwd); - krb5_free_cred_contents (context, &cred); - krb5_get_init_creds_opt_free(context, opt); - } -} - -static int version_flag = 0; -static int help_flag = 0; - -static struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - "file [number]"); - exit (ret); -} - -int -main(int argc, char **argv) -{ - int optind = 0; - int nreq; - char *end; - - setprogname(argv[0]); - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)) - usage(1); - if (help_flag) - usage (0); - if (version_flag) { - print_version(NULL); - return 0; - } - argc -= optind; - argv += optind; - - if (argc != 2) - usage (1); - srand (0); - nreq = strtol (argv[1], &end, 0); - if (argv[1] == end || *end != '\0') - usage (1); - generate_requests (argv[0], nreq); - return 0; -} diff --git a/crypto/heimdal/kpasswd/kpasswd.1 b/crypto/heimdal/kpasswd/kpasswd.1 deleted file mode 100644 index 6d2c7c9227dc..000000000000 --- a/crypto/heimdal/kpasswd/kpasswd.1 +++ /dev/null @@ -1,68 +0,0 @@ -.\" Copyright (c) 1997, 2000 - 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kpasswd.1 14478 2005-01-05 16:08:58Z lha $ -.\" -.Dd January 5, 2005 -.Dt KPASSWD 1 -.Os HEIMDAL -.Sh NAME -.Nm kpasswd -.Nd Kerberos 5 password changing program -.Sh SYNOPSIS -.Nm -.Op Fl -admin-principal= Ns Ar principal -.Oo Fl c Ar cache \*(Ba Xo -.Fl -cache= Ns Ar cache -.Xc -.Oc -.Op Ar principal ... -.Sh DESCRIPTION -.Nm -is the client for changing passwords. -.Pp -If administrator principal is given that principal is used to change -the password. -.Pp -Multiple passwords for different users can be changed at the same time, -then the administrator principal will be used. -If the administrator isn't specified on the command prompt, the -principal of the default credential cache will be used. -.Pp -If a credential cache is given, the -.Fl -admin-principal -flag is ignored and use the default name of the credential cache is -used instead. -.Sh DIAGNOSTICS -If the password quality check fails or some other error occurs, an -explanation is printed. -.Sh SEE ALSO -.Xr kpasswdd 8 diff --git a/crypto/heimdal/kpasswd/kpasswd.c b/crypto/heimdal/kpasswd/kpasswd.c deleted file mode 100644 index b844628f6f08..000000000000 --- a/crypto/heimdal/kpasswd/kpasswd.c +++ /dev/null @@ -1,247 +0,0 @@ -/* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kpasswd_locl.h" -RCSID("$Id: kpasswd.c 19078 2006-11-20 18:12:41Z lha $"); - -static int version_flag; -static int help_flag; -static char *admin_principal_str; -static char *cred_cache_str; - -static struct getargs args[] = { - { "admin-principal", 0, arg_string, &admin_principal_str }, - { "cache", 'c', arg_string, &cred_cache_str }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; - -static void -usage (int ret, struct getargs *a, int num_args) -{ - arg_printusage (a, num_args, NULL, "[principal ...]"); - exit (ret); -} - -static int -change_password(krb5_context context, - krb5_principal principal, - krb5_ccache id) -{ - krb5_data result_code_string, result_string; - int result_code; - krb5_error_code ret; - char pwbuf[BUFSIZ]; - char *msg, *name; - - krb5_data_zero (&result_code_string); - krb5_data_zero (&result_string); - - name = msg = NULL; - if (principal == NULL) - asprintf(&msg, "New password: "); - else { - ret = krb5_unparse_name(context, principal, &name); - if (ret) - krb5_err(context, 1, ret, "krb5_unparse_name"); - - asprintf(&msg, "New password for %s: ", name); - } - - if (msg == NULL) - krb5_errx (context, 1, "out of memory"); - - ret = UI_UTIL_read_pw_string (pwbuf, sizeof(pwbuf), msg, 1); - free(msg); - if (name) - free(name); - if (ret != 0) { - return 1; - } - - ret = krb5_set_password_using_ccache (context, id, pwbuf, - principal, - &result_code, - &result_code_string, - &result_string); - if (ret) { - krb5_warn (context, ret, "krb5_set_password_using_ccache"); - return 1; - } - - printf ("%s%s%.*s\n", krb5_passwd_result_to_string(context, result_code), - result_string.length > 0 ? " : " : "", - (int)result_string.length, - result_string.length > 0 ? (char *)result_string.data : ""); - - krb5_data_free (&result_code_string); - krb5_data_free (&result_string); - - return ret != 0; -} - - -int -main (int argc, char **argv) -{ - krb5_error_code ret; - krb5_context context; - krb5_principal principal; - int optind = 0; - krb5_get_init_creds_opt *opt; - krb5_ccache id = NULL; - int exit_value; - - optind = krb5_program_setup(&context, argc, argv, - args, sizeof(args) / sizeof(args[0]), usage); - - if (help_flag) - usage (0, args, sizeof(args) / sizeof(args[0])); - - if(version_flag){ - print_version (NULL); - exit(0); - } - - argc -= optind; - argv += optind; - - ret = krb5_init_context (&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - ret = krb5_get_init_creds_opt_alloc (context, &opt); - if (ret) - krb5_err(context, 1, ret, "krb5_get_init_creds_opt_alloc"); - - krb5_get_init_creds_opt_set_tkt_life (opt, 300); - krb5_get_init_creds_opt_set_forwardable (opt, FALSE); - krb5_get_init_creds_opt_set_proxiable (opt, FALSE); - - if (cred_cache_str) { - ret = krb5_cc_resolve(context, cred_cache_str, &id); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_resolve"); - } else { - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &id); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_gen_new"); - } - - if (cred_cache_str == NULL) { - krb5_principal admin_principal = NULL; - krb5_creds cred; - - if (admin_principal_str) { - ret = krb5_parse_name (context, admin_principal_str, - &admin_principal); - if (ret) - krb5_err (context, 1, ret, "krb5_parse_name"); - } else if (argc == 1) { - ret = krb5_parse_name (context, argv[0], &admin_principal); - if (ret) - krb5_err (context, 1, ret, "krb5_parse_name"); - } else { - ret = krb5_get_default_principal (context, &admin_principal); - if (ret) - krb5_err (context, 1, ret, "krb5_get_default_principal"); - } - - ret = krb5_get_init_creds_password (context, - &cred, - admin_principal, - NULL, - krb5_prompter_posix, - NULL, - 0, - "kadmin/changepw", - opt); - switch (ret) { - case 0: - break; - case KRB5_LIBOS_PWDINTR : - return 1; - case KRB5KRB_AP_ERR_BAD_INTEGRITY : - case KRB5KRB_AP_ERR_MODIFIED : - krb5_errx(context, 1, "Password incorrect"); - break; - default: - krb5_err(context, 1, ret, "krb5_get_init_creds"); - } - - krb5_get_init_creds_opt_free(context, opt); - - ret = krb5_cc_initialize(context, id, admin_principal); - krb5_free_principal(context, admin_principal); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_initialize"); - - ret = krb5_cc_store_cred(context, id, &cred); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_store_cred"); - - krb5_free_cred_contents (context, &cred); - } - - if (argc == 0) { - exit_value = change_password(context, NULL, id); - } else { - exit_value = 0; - - while (argc-- > 0) { - - ret = krb5_parse_name (context, argv[0], &principal); - if (ret) - krb5_err (context, 1, ret, "krb5_parse_name"); - - ret = change_password(context, principal, id); - if (ret) - exit_value = 1; - krb5_free_principal(context, principal); - argv++; - } - } - - if (cred_cache_str == NULL) { - ret = krb5_cc_destroy(context, id); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_destroy"); - } else { - ret = krb5_cc_close(context, id); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_close"); - } - - krb5_free_context (context); - return ret; -} diff --git a/crypto/heimdal/kpasswd/kpasswd_locl.h b/crypto/heimdal/kpasswd/kpasswd_locl.h deleted file mode 100644 index b797ceb26de9..000000000000 --- a/crypto/heimdal/kpasswd/kpasswd_locl.h +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: kpasswd_locl.h 11444 2002-09-10 20:03:49Z joda $ */ - -#ifndef __KPASSWD_LOCL_H__ -#define __KPASSWD_LOCL_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_SYS_UIO_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_PWD_H -#include -#endif -#ifdef HAVE_SYS_TIME_H -#include -#endif -#ifdef HAVE_SYS_SELECT_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif - -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_ERRNO_H -#include -#endif -#ifdef HAVE_DLFCN_H -#include -#endif -#ifdef HAVE_UTIL_H -#include -#endif -#ifdef HAVE_LIBUTIL_H -#include -#endif -#include -#include -#include -#include -#include "crypto-headers.h" /* for des_read_pw_string */ - -#endif /* __KPASSWD_LOCL_H__ */ diff --git a/crypto/heimdal/kpasswd/kpasswdd.8 b/crypto/heimdal/kpasswd/kpasswdd.8 deleted file mode 100644 index ab750bd4993c..000000000000 --- a/crypto/heimdal/kpasswd/kpasswdd.8 +++ /dev/null @@ -1,96 +0,0 @@ -.\" $Id: kpasswdd.8 14481 2005-01-05 18:07:44Z lha $ -.\" -.Dd April 19, 1999 -.Dt KPASSWDD 8 -.Os HEIMDAL -.Sh NAME -.Nm kpasswdd -.Nd Kerberos 5 password changing server -.Sh SYNOPSIS -.Nm -.Bk -words -.Op Fl -addresses= Ns Ar address -.Op Fl -check-library= Ns Ar library -.Op Fl -check-function= Ns Ar function -.Oo Fl k Ar kspec \*(Ba Xo -.Fl -keytab= Ns Ar kspec -.Xc -.Oc -.Oo Fl r Ar realm \*(Ba Xo -.Fl -realm= Ns Ar realm -.Xc -.Oc -.Oo Fl p Ar string \*(Ba Xo -.Fl -port= Ns Ar string -.Xc -.Oc -.Op Fl -version -.Op Fl -help -.Ek -.Sh DESCRIPTION -.Nm -serves request for password changes. It listens on UDP port 464 -(service kpasswd) and processes requests when they arrive. It changes -the database directly and should thus only run on the master KDC. -.Pp -Supported options: -.Bl -tag -width Ds -.It Xo -.Fl -addresses= Ns Ar address -.Xc -For each till the argument is given, add the address to what kpasswdd -should listen too. -.It Xo -.Fl -check-library= Ns Ar library -.Xc -If your system has support for dynamic loading of shared libraries, -you can use an external function to check password quality. This -option specifies which library to load. -.It Xo -.Fl -check-function= Ns Ar function -.Xc -This is the function to call in the loaded library. The function -should look like this: -.Pp -.Ft const char * -.Fn passwd_check "krb5_context context" "krb5_principal principal" "krb5_data *password" -.Pp -.Fa context -is an initialized context; -.Fa principal -is the one who tries to change passwords, and -.Fa password -is the new password. Note that the password (in -.Fa password->data ) -is not zero terminated. -.It Xo -.Fl k Ar kspec , -.Fl -keytab= Ns Ar kspec -.Xc -Keytab to get authentication key from. -.It Xo -.Fl r Ar realm , -.Fl -realm= Ns Ar realm -.Xc -Default realm. -.It Xo -.Fl p Ar string , -.Fl -port= Ns Ar string -.Xc -Port to listen on (default service kpasswd - 464). -.El -.Sh DIAGNOSTICS -If an error occurs, the error message is returned to the user and/or -logged to syslog. -.Sh BUGS -The default password quality checks are too basic. -.Sh SEE ALSO -.Xr kpasswd 1 , -.Xr kdc 8 -.\".Sh ENVIRONMENT -.\".Sh FILES -.\".Sh EXAMPLES -.\".Sh SEE ALSO -.\".Sh STANDARDS -.\".Sh HISTORY -.\".Sh AUTHORS diff --git a/crypto/heimdal/kpasswd/kpasswdd.c b/crypto/heimdal/kpasswd/kpasswdd.c deleted file mode 100644 index 5b4119c897b5..000000000000 --- a/crypto/heimdal/kpasswd/kpasswdd.c +++ /dev/null @@ -1,859 +0,0 @@ -/* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kpasswd_locl.h" -RCSID("$Id: kpasswdd.c 22252 2007-12-09 05:59:34Z lha $"); - -#include -#ifdef HAVE_SYS_UN_H -#include -#endif -#include -#include - -static krb5_context context; -static krb5_log_facility *log_facility; - -static struct getarg_strings addresses_str; -krb5_addresses explicit_addresses; - -static sig_atomic_t exit_flag = 0; - -static void -add_one_address (const char *str, int first) -{ - krb5_error_code ret; - krb5_addresses tmp; - - ret = krb5_parse_address (context, str, &tmp); - if (ret) - krb5_err (context, 1, ret, "parse_address `%s'", str); - if (first) - krb5_copy_addresses(context, &tmp, &explicit_addresses); - else - krb5_append_addresses(context, &explicit_addresses, &tmp); - krb5_free_addresses (context, &tmp); -} - -static void -send_reply (int s, - struct sockaddr *sa, - int sa_size, - krb5_data *ap_rep, - krb5_data *rest) -{ - struct msghdr msghdr; - struct iovec iov[3]; - uint16_t len, ap_rep_len; - u_char header[6]; - u_char *p; - - if (ap_rep) - ap_rep_len = ap_rep->length; - else - ap_rep_len = 0; - - len = 6 + ap_rep_len + rest->length; - p = header; - *p++ = (len >> 8) & 0xFF; - *p++ = (len >> 0) & 0xFF; - *p++ = 0; - *p++ = 1; - *p++ = (ap_rep_len >> 8) & 0xFF; - *p++ = (ap_rep_len >> 0) & 0xFF; - - memset (&msghdr, 0, sizeof(msghdr)); - msghdr.msg_name = (void *)sa; - msghdr.msg_namelen = sa_size; - msghdr.msg_iov = iov; - msghdr.msg_iovlen = sizeof(iov)/sizeof(*iov); -#if 0 - msghdr.msg_control = NULL; - msghdr.msg_controllen = 0; -#endif - - iov[0].iov_base = (char *)header; - iov[0].iov_len = 6; - if (ap_rep_len) { - iov[1].iov_base = ap_rep->data; - iov[1].iov_len = ap_rep->length; - } else { - iov[1].iov_base = NULL; - iov[1].iov_len = 0; - } - iov[2].iov_base = rest->data; - iov[2].iov_len = rest->length; - - if (sendmsg (s, &msghdr, 0) < 0) - krb5_warn (context, errno, "sendmsg"); -} - -static int -make_result (krb5_data *data, - uint16_t result_code, - const char *expl) -{ - char *str; - krb5_data_zero (data); - - data->length = asprintf (&str, - "%c%c%s", - (result_code >> 8) & 0xFF, - result_code & 0xFF, - expl); - - if (str == NULL) { - krb5_warnx (context, "Out of memory generating error reply"); - return 1; - } - data->data = str; - return 0; -} - -static void -reply_error (krb5_realm realm, - int s, - struct sockaddr *sa, - int sa_size, - krb5_error_code error_code, - uint16_t result_code, - const char *expl) -{ - krb5_error_code ret; - krb5_data error_data; - krb5_data e_data; - krb5_principal server = NULL; - - if (make_result(&e_data, result_code, expl)) - return; - - if (realm) { - ret = krb5_make_principal (context, &server, realm, - "kadmin", "changepw", NULL); - if (ret) { - krb5_data_free (&e_data); - return; - } - } - - ret = krb5_mk_error (context, - error_code, - NULL, - &e_data, - NULL, - server, - NULL, - NULL, - &error_data); - if (server) - krb5_free_principal(context, server); - krb5_data_free (&e_data); - if (ret) { - krb5_warn (context, ret, "Could not even generate error reply"); - return; - } - send_reply (s, sa, sa_size, NULL, &error_data); - krb5_data_free (&error_data); -} - -static void -reply_priv (krb5_auth_context auth_context, - int s, - struct sockaddr *sa, - int sa_size, - uint16_t result_code, - const char *expl) -{ - krb5_error_code ret; - krb5_data krb_priv_data; - krb5_data ap_rep_data; - krb5_data e_data; - - ret = krb5_mk_rep (context, - auth_context, - &ap_rep_data); - if (ret) { - krb5_warn (context, ret, "Could not even generate error reply"); - return; - } - - if (make_result(&e_data, result_code, expl)) - return; - - ret = krb5_mk_priv (context, - auth_context, - &e_data, - &krb_priv_data, - NULL); - krb5_data_free (&e_data); - if (ret) { - krb5_warn (context, ret, "Could not even generate error reply"); - return; - } - send_reply (s, sa, sa_size, &ap_rep_data, &krb_priv_data); - krb5_data_free (&ap_rep_data); - krb5_data_free (&krb_priv_data); -} - -/* - * Change the password for `principal', sending the reply back on `s' - * (`sa', `sa_size') to `pwd_data'. - */ - -static void -change (krb5_auth_context auth_context, - krb5_principal admin_principal, - uint16_t version, - int s, - struct sockaddr *sa, - int sa_size, - krb5_data *in_data) -{ - krb5_error_code ret; - char *client = NULL, *admin = NULL; - const char *pwd_reason; - kadm5_config_params conf; - void *kadm5_handle = NULL; - krb5_principal principal; - krb5_data *pwd_data = NULL; - char *tmp; - ChangePasswdDataMS chpw; - - memset (&conf, 0, sizeof(conf)); - memset(&chpw, 0, sizeof(chpw)); - - if (version == KRB5_KPASSWD_VERS_CHANGEPW) { - ret = krb5_copy_data(context, in_data, &pwd_data); - if (ret) { - krb5_warn (context, ret, "krb5_copy_data"); - reply_priv (auth_context, s, sa, sa_size, KRB5_KPASSWD_MALFORMED, - "out out memory copying password"); - return; - } - principal = admin_principal; - } else if (version == KRB5_KPASSWD_VERS_SETPW) { - size_t len; - - ret = decode_ChangePasswdDataMS(in_data->data, in_data->length, - &chpw, &len); - if (ret) { - krb5_warn (context, ret, "decode_ChangePasswdDataMS"); - reply_priv (auth_context, s, sa, sa_size, KRB5_KPASSWD_MALFORMED, - "malformed ChangePasswdData"); - return; - } - - - ret = krb5_copy_data(context, &chpw.newpasswd, &pwd_data); - if (ret) { - krb5_warn (context, ret, "krb5_copy_data"); - reply_priv (auth_context, s, sa, sa_size, KRB5_KPASSWD_MALFORMED, - "out out memory copying password"); - goto out; - } - - if (chpw.targname == NULL && chpw.targrealm != NULL) { - krb5_warn (context, ret, "kadm5_init_with_password_ctx"); - reply_priv (auth_context, s, sa, sa_size, - KRB5_KPASSWD_MALFORMED, - "targrealm but not targname"); - goto out; - } - - if (chpw.targname) { - krb5_principal_data princ; - - princ.name = *chpw.targname; - princ.realm = *chpw.targrealm; - if (princ.realm == NULL) { - ret = krb5_get_default_realm(context, &princ.realm); - - if (ret) { - krb5_warnx (context, - "kadm5_init_with_password_ctx: " - "failed to allocate realm"); - reply_priv (auth_context, s, sa, sa_size, - KRB5_KPASSWD_SOFTERROR, - "failed to allocate realm"); - goto out; - } - } - ret = krb5_copy_principal(context, &princ, &principal); - if (*chpw.targrealm == NULL) - free(princ.realm); - if (ret) { - krb5_warn(context, ret, "krb5_copy_principal"); - reply_priv(auth_context, s, sa, sa_size, - KRB5_KPASSWD_HARDERROR, - "failed to allocate principal"); - goto out; - } - } else - principal = admin_principal; - } else { - krb5_warnx (context, "kadm5_init_with_password_ctx: unknown proto"); - reply_priv (auth_context, s, sa, sa_size, - KRB5_KPASSWD_HARDERROR, - "Unknown protocol used"); - return; - } - - ret = krb5_unparse_name (context, admin_principal, &admin); - if (ret) { - krb5_warn (context, ret, "unparse_name failed"); - reply_priv (auth_context, s, sa, sa_size, - KRB5_KPASSWD_HARDERROR, "out of memory error"); - goto out; - } - - conf.realm = principal->realm; - conf.mask |= KADM5_CONFIG_REALM; - - ret = kadm5_init_with_password_ctx(context, - admin, - NULL, - KADM5_ADMIN_SERVICE, - &conf, 0, 0, - &kadm5_handle); - if (ret) { - krb5_warn (context, ret, "kadm5_init_with_password_ctx"); - reply_priv (auth_context, s, sa, sa_size, 2, - "Internal error"); - goto out; - } - - ret = krb5_unparse_name(context, principal, &client); - if (ret) { - krb5_warn (context, ret, "unparse_name failed"); - reply_priv (auth_context, s, sa, sa_size, - KRB5_KPASSWD_HARDERROR, "out of memory error"); - goto out; - } - - /* - * Check password quality if not changing as administrator - */ - - if (krb5_principal_compare(context, admin_principal, principal) == TRUE) { - - pwd_reason = kadm5_check_password_quality (context, principal, - pwd_data); - if (pwd_reason != NULL ) { - krb5_warnx (context, - "%s didn't pass password quality check with error: %s", - client, pwd_reason); - reply_priv (auth_context, s, sa, sa_size, - KRB5_KPASSWD_SOFTERROR, pwd_reason); - goto out; - } - krb5_warnx (context, "Changing password for %s", client); - } else { - ret = _kadm5_acl_check_permission(kadm5_handle, KADM5_PRIV_CPW, - principal); - if (ret) { - krb5_warn (context, ret, - "Check ACL failed for %s for changing %s password", - admin, client); - reply_priv (auth_context, s, sa, sa_size, - KRB5_KPASSWD_HARDERROR, "permission denied"); - goto out; - } - krb5_warnx (context, "%s is changing password for %s", admin, client); - } - - ret = krb5_data_realloc(pwd_data, pwd_data->length + 1); - if (ret) { - krb5_warn (context, ret, "malloc: out of memory"); - reply_priv (auth_context, s, sa, sa_size, KRB5_KPASSWD_HARDERROR, - "Internal error"); - goto out; - } - tmp = pwd_data->data; - tmp[pwd_data->length - 1] = '\0'; - - ret = kadm5_s_chpass_principal_cond (kadm5_handle, principal, tmp); - krb5_free_data (context, pwd_data); - pwd_data = NULL; - if (ret) { - char *str = krb5_get_error_message(context, ret); - krb5_warnx(context, "kadm5_s_chpass_principal_cond: %s", str); - reply_priv (auth_context, s, sa, sa_size, KRB5_KPASSWD_SOFTERROR, - str ? str : "Internal error"); - krb5_free_error_string(context, str); - goto out; - } - reply_priv (auth_context, s, sa, sa_size, KRB5_KPASSWD_SUCCESS, - "Password changed"); -out: - free_ChangePasswdDataMS(&chpw); - if (admin) - free(admin); - if (client) - free(client); - if (pwd_data) - krb5_free_data(context, pwd_data); - if (kadm5_handle) - kadm5_destroy (kadm5_handle); -} - -static int -verify (krb5_auth_context *auth_context, - krb5_realm *realms, - krb5_keytab keytab, - krb5_ticket **ticket, - krb5_data *out_data, - uint16_t *version, - int s, - struct sockaddr *sa, - int sa_size, - u_char *msg, - size_t len) -{ - krb5_error_code ret; - uint16_t pkt_len, pkt_ver, ap_req_len; - krb5_data ap_req_data; - krb5_data krb_priv_data; - krb5_realm *r; - - pkt_len = (msg[0] << 8) | (msg[1]); - pkt_ver = (msg[2] << 8) | (msg[3]); - ap_req_len = (msg[4] << 8) | (msg[5]); - if (pkt_len != len) { - krb5_warnx (context, "Strange len: %ld != %ld", - (long)pkt_len, (long)len); - reply_error (NULL, s, sa, sa_size, 0, 1, "Bad request"); - return 1; - } - if (pkt_ver != KRB5_KPASSWD_VERS_CHANGEPW && - pkt_ver != KRB5_KPASSWD_VERS_SETPW) { - krb5_warnx (context, "Bad version (%d)", pkt_ver); - reply_error (NULL, s, sa, sa_size, 0, 1, "Wrong program version"); - return 1; - } - *version = pkt_ver; - - ap_req_data.data = msg + 6; - ap_req_data.length = ap_req_len; - - ret = krb5_rd_req (context, - auth_context, - &ap_req_data, - NULL, - keytab, - NULL, - ticket); - if (ret) { - krb5_warn (context, ret, "krb5_rd_req"); - reply_error (NULL, s, sa, sa_size, ret, 3, "Authentication failed"); - return 1; - } - - /* verify realm and principal */ - for (r = realms; *r != NULL; r++) { - krb5_principal principal; - krb5_boolean same; - - ret = krb5_make_principal (context, - &principal, - *r, - "kadmin", - "changepw", - NULL); - if (ret) - krb5_err (context, 1, ret, "krb5_make_principal"); - - same = krb5_principal_compare(context, principal, (*ticket)->server); - krb5_free_principal(context, principal); - if (same == TRUE) - break; - } - if (*r == NULL) { - char *str; - krb5_unparse_name(context, (*ticket)->server, &str); - krb5_warnx (context, "client used not valid principal %s", str); - free(str); - reply_error (NULL, s, sa, sa_size, ret, 1, - "Bad request"); - goto out; - } - - if (strcmp((*ticket)->server->realm, (*ticket)->client->realm) != 0) { - krb5_warnx (context, "server realm (%s) not same a client realm (%s)", - (*ticket)->server->realm, (*ticket)->client->realm); - reply_error ((*ticket)->server->realm, s, sa, sa_size, ret, 1, - "Bad request"); - goto out; - } - - if (!(*ticket)->ticket.flags.initial) { - krb5_warnx (context, "initial flag not set"); - reply_error ((*ticket)->server->realm, s, sa, sa_size, ret, 1, - "Bad request"); - goto out; - } - krb_priv_data.data = msg + 6 + ap_req_len; - krb_priv_data.length = len - 6 - ap_req_len; - - ret = krb5_rd_priv (context, - *auth_context, - &krb_priv_data, - out_data, - NULL); - - if (ret) { - krb5_warn (context, ret, "krb5_rd_priv"); - reply_error ((*ticket)->server->realm, s, sa, sa_size, ret, 3, - "Bad request"); - goto out; - } - return 0; -out: - krb5_free_ticket (context, *ticket); - ticket = NULL; - return 1; -} - -static void -process (krb5_realm *realms, - krb5_keytab keytab, - int s, - krb5_address *this_addr, - struct sockaddr *sa, - int sa_size, - u_char *msg, - int len) -{ - krb5_error_code ret; - krb5_auth_context auth_context = NULL; - krb5_data out_data; - krb5_ticket *ticket; - krb5_address other_addr; - uint16_t version; - - - krb5_data_zero (&out_data); - - ret = krb5_auth_con_init (context, &auth_context); - if (ret) { - krb5_warn (context, ret, "krb5_auth_con_init"); - return; - } - - krb5_auth_con_setflags (context, auth_context, - KRB5_AUTH_CONTEXT_DO_SEQUENCE); - - ret = krb5_sockaddr2address (context, sa, &other_addr); - if (ret) { - krb5_warn (context, ret, "krb5_sockaddr2address"); - goto out; - } - - ret = krb5_auth_con_setaddrs (context, - auth_context, - this_addr, - &other_addr); - krb5_free_address (context, &other_addr); - if (ret) { - krb5_warn (context, ret, "krb5_auth_con_setaddr"); - goto out; - } - - if (verify (&auth_context, realms, keytab, &ticket, &out_data, - &version, s, sa, sa_size, msg, len) == 0) { - change (auth_context, - ticket->client, - version, - s, - sa, sa_size, - &out_data); - memset (out_data.data, 0, out_data.length); - krb5_free_ticket (context, ticket); - } - -out: - krb5_data_free (&out_data); - krb5_auth_con_free (context, auth_context); -} - -static int -doit (krb5_keytab keytab, int port) -{ - krb5_error_code ret; - int *sockets; - int maxfd; - krb5_realm *realms; - krb5_addresses addrs; - unsigned n, i; - fd_set real_fdset; - struct sockaddr_storage __ss; - struct sockaddr *sa = (struct sockaddr *)&__ss; - - ret = krb5_get_default_realms(context, &realms); - if (ret) - krb5_err (context, 1, ret, "krb5_get_default_realms"); - - if (explicit_addresses.len) { - addrs = explicit_addresses; - } else { - ret = krb5_get_all_server_addrs (context, &addrs); - if (ret) - krb5_err (context, 1, ret, "krb5_get_all_server_addrs"); - } - n = addrs.len; - - sockets = malloc (n * sizeof(*sockets)); - if (sockets == NULL) - krb5_errx (context, 1, "out of memory"); - maxfd = -1; - FD_ZERO(&real_fdset); - for (i = 0; i < n; ++i) { - krb5_socklen_t sa_size = sizeof(__ss); - - krb5_addr2sockaddr (context, &addrs.val[i], sa, &sa_size, port); - - sockets[i] = socket (sa->sa_family, SOCK_DGRAM, 0); - if (sockets[i] < 0) - krb5_err (context, 1, errno, "socket"); - if (bind (sockets[i], sa, sa_size) < 0) { - char str[128]; - size_t len; - int save_errno = errno; - - ret = krb5_print_address (&addrs.val[i], str, sizeof(str), &len); - if (ret) - strlcpy(str, "unknown address", sizeof(str)); - krb5_warn (context, save_errno, "bind(%s)", str); - continue; - } - maxfd = max (maxfd, sockets[i]); - if (maxfd >= FD_SETSIZE) - krb5_errx (context, 1, "fd too large"); - FD_SET(sockets[i], &real_fdset); - } - if (maxfd == -1) - krb5_errx (context, 1, "No sockets!"); - - while(exit_flag == 0) { - int ret; - fd_set fdset = real_fdset; - - ret = select (maxfd + 1, &fdset, NULL, NULL, NULL); - if (ret < 0) { - if (errno == EINTR) - continue; - else - krb5_err (context, 1, errno, "select"); - } - for (i = 0; i < n; ++i) - if (FD_ISSET(sockets[i], &fdset)) { - u_char buf[BUFSIZ]; - socklen_t addrlen = sizeof(__ss); - - ret = recvfrom (sockets[i], buf, sizeof(buf), 0, - sa, &addrlen); - if (ret < 0) { - if(errno == EINTR) - break; - else - krb5_err (context, 1, errno, "recvfrom"); - } - - process (realms, keytab, sockets[i], - &addrs.val[i], - sa, addrlen, - buf, ret); - } - } - - for (i = 0; i < n; ++i) - close(sockets[i]); - free(sockets); - - krb5_free_addresses (context, &addrs); - krb5_free_host_realm (context, realms); - krb5_free_context (context); - return 0; -} - -static RETSIGTYPE -sigterm(int sig) -{ - exit_flag = 1; -} - -static const char *check_library = NULL; -static const char *check_function = NULL; -static getarg_strings policy_libraries = { 0, NULL }; -static char *keytab_str = "HDB:"; -static char *realm_str; -static int version_flag; -static int help_flag; -static char *port_str; -static char *config_file; - -struct getargs args[] = { -#ifdef HAVE_DLOPEN - { "check-library", 0, arg_string, &check_library, - "library to load password check function from", "library" }, - { "check-function", 0, arg_string, &check_function, - "password check function to load", "function" }, - { "policy-libraries", 0, arg_strings, &policy_libraries, - "password check function to load", "function" }, -#endif - { "addresses", 0, arg_strings, &addresses_str, - "addresses to listen on", "list of addresses" }, - { "keytab", 'k', arg_string, &keytab_str, - "keytab to get authentication key from", "kspec" }, - { "config-file", 'c', arg_string, &config_file }, - { "realm", 'r', arg_string, &realm_str, "default realm", "realm" }, - { "port", 'p', arg_string, &port_str, "port" }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; -int num_args = sizeof(args) / sizeof(args[0]); - -int -main (int argc, char **argv) -{ - int optind; - krb5_keytab keytab; - krb5_error_code ret; - char **files; - int port, i; - - optind = krb5_program_setup(&context, argc, argv, args, num_args, NULL); - - if(help_flag) - krb5_std_usage(0, args, num_args); - if(version_flag) { - print_version(NULL); - exit(0); - } - - if (config_file == NULL) { - asprintf(&config_file, "%s/kdc.conf", hdb_db_dir(context)); - if (config_file == NULL) - errx(1, "out of memory"); - } - - ret = krb5_prepend_config_files_default(config_file, &files); - if (ret) - krb5_err(context, 1, ret, "getting configuration files"); - - ret = krb5_set_config_files(context, files); - krb5_free_config_files(files); - if (ret) - krb5_err(context, 1, ret, "reading configuration files"); - - if(realm_str) - krb5_set_default_realm(context, realm_str); - - krb5_openlog (context, "kpasswdd", &log_facility); - krb5_set_warn_dest(context, log_facility); - - if (port_str != NULL) { - struct servent *s = roken_getservbyname (port_str, "udp"); - - if (s != NULL) - port = s->s_port; - else { - char *ptr; - - port = strtol (port_str, &ptr, 10); - if (port == 0 && ptr == port_str) - krb5_errx (context, 1, "bad port `%s'", port_str); - port = htons(port); - } - } else - port = krb5_getportbyname (context, "kpasswd", "udp", KPASSWD_PORT); - - ret = krb5_kt_register(context, &hdb_kt_ops); - if(ret) - krb5_err(context, 1, ret, "krb5_kt_register"); - - ret = krb5_kt_resolve(context, keytab_str, &keytab); - if(ret) - krb5_err(context, 1, ret, "%s", keytab_str); - - kadm5_setup_passwd_quality_check (context, check_library, check_function); - - for (i = 0; i < policy_libraries.num_strings; i++) { - ret = kadm5_add_passwd_quality_verifier(context, - policy_libraries.strings[i]); - if (ret) - krb5_err(context, 1, ret, "kadm5_add_passwd_quality_verifier"); - } - ret = kadm5_add_passwd_quality_verifier(context, NULL); - if (ret) - krb5_err(context, 1, ret, "kadm5_add_passwd_quality_verifier"); - - - explicit_addresses.len = 0; - - if (addresses_str.num_strings) { - int i; - - for (i = 0; i < addresses_str.num_strings; ++i) - add_one_address (addresses_str.strings[i], i == 0); - free_getarg_strings (&addresses_str); - } else { - char **foo = krb5_config_get_strings (context, NULL, - "kdc", "addresses", NULL); - - if (foo != NULL) { - add_one_address (*foo++, TRUE); - while (*foo) - add_one_address (*foo++, FALSE); - } - } - -#ifdef HAVE_SIGACTION - { - struct sigaction sa; - - sa.sa_flags = 0; - sa.sa_handler = sigterm; - sigemptyset(&sa.sa_mask); - - sigaction(SIGINT, &sa, NULL); - sigaction(SIGTERM, &sa, NULL); - } -#else - signal(SIGINT, sigterm); - signal(SIGTERM, sigterm); -#endif - - pidfile(NULL); - - return doit (keytab, port); -} diff --git a/crypto/heimdal/krb5.conf b/crypto/heimdal/krb5.conf deleted file mode 100644 index c9f4c44a5e4f..000000000000 --- a/crypto/heimdal/krb5.conf +++ /dev/null @@ -1,26 +0,0 @@ -[libdefaults] - default_realm = MY.REALM - clockskew = 300 - v4_instance_resolve = false - v4_name_convert = { - host = { - rcmd = host - ftp = ftp - } - plain = { - something = something-else - } - } - -[realms] - MY.REALM = { - kdc = MY.COMPUTER - } - OTHER.REALM = { - v4_instance_convert = { - kerberos = kerberos - computer = computer.some.other.domain - } - } -[domain_realm] - .my.domain = MY.REALM diff --git a/crypto/heimdal/kuser/Makefile.am b/crypto/heimdal/kuser/Makefile.am deleted file mode 100644 index 619d8f8562dd..000000000000 --- a/crypto/heimdal/kuser/Makefile.am +++ /dev/null @@ -1,64 +0,0 @@ -# $Id: Makefile.am 22285 2007-12-13 20:40:57Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 - -man_MANS = \ - kinit.1 \ - klist.1 \ - kdestroy.1 \ - kgetcred.1 \ - kimpersonate.1 - -SLC = $(top_builddir)/lib/sl/slc - -bin_PROGRAMS = kinit klist kdestroy kgetcred -libexec_PROGRAMS = kdigest kimpersonate - -noinst_PROGRAMS = kverify kdecode_ticket generate-requests copy_cred_cache - -kinit_LDADD = \ - $(LIB_kafs) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/ntlm/libheimntlm.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) - -kdestroy_LDADD = $(kinit_LDADD) - -klist_LDADD = $(kinit_LDADD) - -kimpersonate_LDADD = $(kinit_LDADD) - -dist_kdigest_SOURCES = kdigest.c -nodist_kdigest_SOURCES = kdigest-commands.c - -kdigest_LDADD = \ - $(top_builddir)/lib/ntlm/libheimntlm.la \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(top_builddir)/lib/sl/libsl.la \ - $(LIB_roken) - -$(kdigest_OBJECTS): kdigest-commands.h - -CLEANFILES = kdigest-commands.h kdigest-commands.c - -kdigest-commands.c kdigest-commands.h: kdigest-commands.in - $(SLC) $(srcdir)/kdigest-commands.in - -LDADD = \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) - -# make sure install-exec-hook doesn't have any commands in Makefile.am.common -install-exec-hook: - (cd $(DESTDIR)$(bindir) && rm -f kauth && $(LN_S) kinit kauth) - -EXTRA_DIST = $(man_MANS) kuser_locl.h kdigest-commands.in copy_cred_cache.1 - diff --git a/crypto/heimdal/kuser/Makefile.in b/crypto/heimdal/kuser/Makefile.in deleted file mode 100644 index 8616bf3869ef..000000000000 --- a/crypto/heimdal/kuser/Makefile.in +++ /dev/null @@ -1,1002 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22285 2007-12-13 20:40:57Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -bin_PROGRAMS = kinit$(EXEEXT) klist$(EXEEXT) kdestroy$(EXEEXT) \ - kgetcred$(EXEEXT) -libexec_PROGRAMS = kdigest$(EXEEXT) kimpersonate$(EXEEXT) -noinst_PROGRAMS = kverify$(EXEEXT) kdecode_ticket$(EXEEXT) \ - generate-requests$(EXEEXT) copy_cred_cache$(EXEEXT) -subdir = kuser -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)" \ - "$(DESTDIR)$(man1dir)" -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(bin_PROGRAMS) $(libexec_PROGRAMS) $(noinst_PROGRAMS) -copy_cred_cache_SOURCES = copy_cred_cache.c -copy_cred_cache_OBJECTS = copy_cred_cache.$(OBJEXT) -copy_cred_cache_LDADD = $(LDADD) -am__DEPENDENCIES_1 = -copy_cred_cache_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) -generate_requests_SOURCES = generate-requests.c -generate_requests_OBJECTS = generate-requests.$(OBJEXT) -generate_requests_LDADD = $(LDADD) -generate_requests_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) -kdecode_ticket_SOURCES = kdecode_ticket.c -kdecode_ticket_OBJECTS = kdecode_ticket.$(OBJEXT) -kdecode_ticket_LDADD = $(LDADD) -kdecode_ticket_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) -kdestroy_SOURCES = kdestroy.c -kdestroy_OBJECTS = kdestroy.$(OBJEXT) -am__DEPENDENCIES_2 = $(top_builddir)/lib/kafs/libkafs.la \ - $(am__DEPENDENCIES_1) -am__DEPENDENCIES_3 = $(am__DEPENDENCIES_2) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/ntlm/libheimntlm.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -kdestroy_DEPENDENCIES = $(am__DEPENDENCIES_3) -dist_kdigest_OBJECTS = kdigest.$(OBJEXT) -nodist_kdigest_OBJECTS = kdigest-commands.$(OBJEXT) -kdigest_OBJECTS = $(dist_kdigest_OBJECTS) $(nodist_kdigest_OBJECTS) -kdigest_DEPENDENCIES = $(top_builddir)/lib/ntlm/libheimntlm.la \ - $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(top_builddir)/lib/sl/libsl.la $(am__DEPENDENCIES_1) -kgetcred_SOURCES = kgetcred.c -kgetcred_OBJECTS = kgetcred.$(OBJEXT) -kgetcred_LDADD = $(LDADD) -kgetcred_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) -kimpersonate_SOURCES = kimpersonate.c -kimpersonate_OBJECTS = kimpersonate.$(OBJEXT) -kimpersonate_DEPENDENCIES = $(am__DEPENDENCIES_3) -kinit_SOURCES = kinit.c -kinit_OBJECTS = kinit.$(OBJEXT) -kinit_DEPENDENCIES = $(am__DEPENDENCIES_2) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/ntlm/libheimntlm.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -klist_SOURCES = klist.c -klist_OBJECTS = klist.$(OBJEXT) -klist_DEPENDENCIES = $(am__DEPENDENCIES_3) -kverify_SOURCES = kverify.c -kverify_OBJECTS = kverify.$(OBJEXT) -kverify_LDADD = $(LDADD) -kverify_DEPENDENCIES = $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = copy_cred_cache.c generate-requests.c kdecode_ticket.c \ - kdestroy.c $(dist_kdigest_SOURCES) $(nodist_kdigest_SOURCES) \ - kgetcred.c kimpersonate.c kinit.c klist.c kverify.c -DIST_SOURCES = copy_cred_cache.c generate-requests.c kdecode_ticket.c \ - kdestroy.c $(dist_kdigest_SOURCES) kgetcred.c kimpersonate.c \ - kinit.c klist.c kverify.c -man1dir = $(mandir)/man1 -MANS = $(man_MANS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_hcrypto) -I$(srcdir)/../lib/krb5 -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -man_MANS = \ - kinit.1 \ - klist.1 \ - kdestroy.1 \ - kgetcred.1 \ - kimpersonate.1 - -SLC = $(top_builddir)/lib/sl/slc -kinit_LDADD = \ - $(LIB_kafs) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/ntlm/libheimntlm.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) - -kdestroy_LDADD = $(kinit_LDADD) -klist_LDADD = $(kinit_LDADD) -kimpersonate_LDADD = $(kinit_LDADD) -dist_kdigest_SOURCES = kdigest.c -nodist_kdigest_SOURCES = kdigest-commands.c -kdigest_LDADD = \ - $(top_builddir)/lib/ntlm/libheimntlm.la \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(top_builddir)/lib/sl/libsl.la \ - $(LIB_roken) - -CLEANFILES = kdigest-commands.h kdigest-commands.c -LDADD = \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) - -EXTRA_DIST = $(man_MANS) kuser_locl.h kdigest-commands.in copy_cred_cache.1 -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps kuser/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps kuser/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-binPROGRAMS: $(bin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-binPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done - -clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -install-libexecPROGRAMS: $(libexec_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-libexecPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done - -clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done - -clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -copy_cred_cache$(EXEEXT): $(copy_cred_cache_OBJECTS) $(copy_cred_cache_DEPENDENCIES) - @rm -f copy_cred_cache$(EXEEXT) - $(LINK) $(copy_cred_cache_OBJECTS) $(copy_cred_cache_LDADD) $(LIBS) -generate-requests$(EXEEXT): $(generate_requests_OBJECTS) $(generate_requests_DEPENDENCIES) - @rm -f generate-requests$(EXEEXT) - $(LINK) $(generate_requests_OBJECTS) $(generate_requests_LDADD) $(LIBS) -kdecode_ticket$(EXEEXT): $(kdecode_ticket_OBJECTS) $(kdecode_ticket_DEPENDENCIES) - @rm -f kdecode_ticket$(EXEEXT) - $(LINK) $(kdecode_ticket_OBJECTS) $(kdecode_ticket_LDADD) $(LIBS) -kdestroy$(EXEEXT): $(kdestroy_OBJECTS) $(kdestroy_DEPENDENCIES) - @rm -f kdestroy$(EXEEXT) - $(LINK) $(kdestroy_OBJECTS) $(kdestroy_LDADD) $(LIBS) -kdigest$(EXEEXT): $(kdigest_OBJECTS) $(kdigest_DEPENDENCIES) - @rm -f kdigest$(EXEEXT) - $(LINK) $(kdigest_OBJECTS) $(kdigest_LDADD) $(LIBS) -kgetcred$(EXEEXT): $(kgetcred_OBJECTS) $(kgetcred_DEPENDENCIES) - @rm -f kgetcred$(EXEEXT) - $(LINK) $(kgetcred_OBJECTS) $(kgetcred_LDADD) $(LIBS) -kimpersonate$(EXEEXT): $(kimpersonate_OBJECTS) $(kimpersonate_DEPENDENCIES) - @rm -f kimpersonate$(EXEEXT) - $(LINK) $(kimpersonate_OBJECTS) $(kimpersonate_LDADD) $(LIBS) -kinit$(EXEEXT): $(kinit_OBJECTS) $(kinit_DEPENDENCIES) - @rm -f kinit$(EXEEXT) - $(LINK) $(kinit_OBJECTS) $(kinit_LDADD) $(LIBS) -klist$(EXEEXT): $(klist_OBJECTS) $(klist_DEPENDENCIES) - @rm -f klist$(EXEEXT) - $(LINK) $(klist_OBJECTS) $(klist_LDADD) $(LIBS) -kverify$(EXEEXT): $(kverify_OBJECTS) $(kverify_DEPENDENCIES) - @rm -f kverify$(EXEEXT) - $(LINK) $(kverify_OBJECTS) $(kverify_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(PROGRAMS) $(MANS) all-local -installdirs: - for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(man1dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \ - clean-libtool clean-noinstPROGRAMS mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-binPROGRAMS install-libexecPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man1 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-binPROGRAMS uninstall-libexecPROGRAMS \ - uninstall-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man1 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \ - clean-libtool clean-noinstPROGRAMS ctags dist-hook distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-binPROGRAMS install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am \ - install-libexecPROGRAMS install-man install-man1 install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-binPROGRAMS \ - uninstall-hook uninstall-libexecPROGRAMS uninstall-man \ - uninstall-man1 - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -$(kdigest_OBJECTS): kdigest-commands.h - -kdigest-commands.c kdigest-commands.h: kdigest-commands.in - $(SLC) $(srcdir)/kdigest-commands.in - -# make sure install-exec-hook doesn't have any commands in Makefile.am.common -install-exec-hook: - (cd $(DESTDIR)$(bindir) && rm -f kauth && $(LN_S) kinit kauth) -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/kuser/copy_cred_cache.1 b/crypto/heimdal/kuser/copy_cred_cache.1 deleted file mode 100644 index b589735b7888..000000000000 --- a/crypto/heimdal/kuser/copy_cred_cache.1 +++ /dev/null @@ -1,97 +0,0 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: copy_cred_cache.1 13783 2004-04-25 16:03:45Z joda $ -.\" -.Dd April 24, 2004 -.Dt COPY_CRED_CACHE 1 -.Os HEIMDAL -.Sh NAME -.Nm copy_cred_cache -.Nd -copy credentials from one cache to another -.Sh SYNOPSIS -.Nm -.Op Fl -krbtgt-only -.Op Fl -service= Ns Ar principal -.Op Fl -enctype= Ns Ar enctype -.Op Fl -flags= Ns Ar ticketflags -.Op Fl -valid-for= Ns Ar time -.Op Fl -fcache-version= Ns Ar integer -.Op Aq Ar from-cache -.Aq Ar to-cache -.Sh DESCRIPTION -.Nm -copies credentials from -.Aq Ar from-cache -(or the default cache) to -.Aq Ar to-cache . -.Pp -Supported options: -.Bl -tag -width Ds -.It Fl -krbtgt-only -Copies only krbtgt credentials for the client's realm. This is -equivalent to -.Fl -service= Ns Li krbtgt/ Ns Ao Ar CLIENTREALM Ac Ns Li @ Ns Ao Ar CLIENTREALM Ac . -.It Fl -service= Ns Ar principal -Copies only credentials matching this service principal. -.It Fl -enctype= Ns Ar enctype -Copies only credentials a matching enctype. -.It Fl -flags= Ns Ar ticketflags -Copies only credentials with these ticket flags set. -.It Fl -valid-for= Ns Ar time -Copies only credentials that are valid for at least this long. This -does not take renewable creds into account. -.It Fl -fcache-version= Ns Ar integer -The created cache, If a standard -.Li FILE -cache is created, it will have this file format version. -.El -.\".Sh ENVIRONMENT -.\".Sh FILES -.Sh EXAMPLES -To copy only credentials that are valid for at least one day and with -the -.Li initial -flag set, try something like: -.Bd -literal -offset indent -$ copy_cred_cache --valid-for=1d --flags=initial FILE:/some/cache -.Ed -.Sh DIAGNOSTICS -The -.Nm -utility exits 0 on success, and \*[Gt]0 if an error occurs, or of no -credentials where actually copied. -.\".Sh SEE ALSO -.\".Sh STANDARDS -.\".Sh HISTORY -.\".Sh AUTHORS -.\".Sh BUGS diff --git a/crypto/heimdal/kuser/copy_cred_cache.c b/crypto/heimdal/kuser/copy_cred_cache.c deleted file mode 100644 index 8faf82d41ff4..000000000000 --- a/crypto/heimdal/kuser/copy_cred_cache.c +++ /dev/null @@ -1,215 +0,0 @@ -/* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: copy_cred_cache.c 15542 2005-07-01 07:20:54Z lha $"); -#endif - -#include -#include -#include -#include -#include -#include - -static int krbtgt_only_flag; -static char *service_string; -static char *enctype_string; -static char *flags_string; -static char *valid_string; -static int fcache_version; -static int help_flag; -static int version_flag; - -static struct getargs args[] = { - { "krbtgt-only", 0, arg_flag, &krbtgt_only_flag, - "only copy local krbtgt" }, - { "service", 0, arg_string, &service_string, - "limit to this service", "principal" }, - { "enctype", 0, arg_string, &enctype_string, - "limit to this enctype", "enctype" }, - { "flags", 0, arg_string, &flags_string, - "limit to these flags", "ticketflags" }, - { "valid-for", 0, arg_string, &valid_string, - "limit to creds valid for at least this long", "time" }, - { "fcache-version", 0, arg_integer, &fcache_version, - "file cache version to create" }, - { "version", 0, arg_flag, &version_flag }, - { "help", 'h', arg_flag, &help_flag } -}; - -static void -usage(int ret) -{ - arg_printusage(args, - sizeof(args) / sizeof(*args), - NULL, - "[from-cache] to-cache"); - exit(ret); -} - -static int32_t -bitswap32(int32_t b) -{ - int32_t r = 0; - int i; - for (i = 0; i < 32; i++) { - r = r << 1 | (b & 1); - b = b >> 1; - } - return r; -} - -static void -parse_ticket_flags(krb5_context context, - const char *string, krb5_ticket_flags *ret_flags) -{ - TicketFlags ff; - int flags = parse_flags(string, asn1_TicketFlags_units(), 0); - if (flags == -1) /* XXX */ - krb5_errx(context, 1, "bad flags specified: \"%s\"", string); - - memset(&ff, 0, sizeof(ff)); - ff.proxy = 1; - if (parse_flags("proxy", asn1_TicketFlags_units(), 0) == TicketFlags2int(ff)) - ret_flags->i = flags; - else - ret_flags->i = bitswap32(flags); -} - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - krb5_context context; - int optidx = 0; - const char *from_name, *to_name; - krb5_ccache from_ccache, to_ccache; - krb5_flags whichfields = 0; - krb5_creds mcreds; - unsigned int matched; - - setprogname(argv[0]); - - memset(&mcreds, 0, sizeof(mcreds)); - - if (getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage(0); - - if (version_flag) { - print_version(NULL); - exit(0); - } - argc -= optidx; - argv += optidx; - - if (argc < 1 || argc > 2) - usage(1); - - if (krb5_init_context(&context)) - errx(1, "krb5_init_context failed"); - - if (service_string) { - ret = krb5_parse_name(context, service_string, &mcreds.server); - if (ret) - krb5_err(context, 1, ret, "%s", service_string); - } - if (enctype_string) { - krb5_enctype enctype; - ret = krb5_string_to_enctype(context, enctype_string, &enctype); - if (ret) - krb5_err(context, 1, ret, "%s", enctype_string); - whichfields |= KRB5_TC_MATCH_KEYTYPE; - mcreds.session.keytype = enctype; - } - if (flags_string) { - parse_ticket_flags(context, flags_string, &mcreds.flags); - whichfields |= KRB5_TC_MATCH_FLAGS; - } - if (valid_string) { - time_t t = parse_time(valid_string, "s"); - if(t < 0) - errx(1, "unknown time \"%s\"", valid_string); - mcreds.times.endtime = time(NULL) + t; - whichfields |= KRB5_TC_MATCH_TIMES; - } - if (fcache_version) - krb5_set_fcache_version(context, fcache_version); - - if (argc == 1) { - from_name = krb5_cc_default_name(context); - to_name = argv[0]; - } else { - from_name = argv[0]; - to_name = argv[1]; - } - - ret = krb5_cc_resolve(context, from_name, &from_ccache); - if (ret) - krb5_err(context, 1, ret, "%s", from_name); - - if (krbtgt_only_flag) { - krb5_principal client; - ret = krb5_cc_get_principal(context, from_ccache, &client); - if (ret) - krb5_err(context, 1, ret, "getting default principal"); - ret = krb5_make_principal(context, &mcreds.server, - krb5_principal_get_realm(context, client), - KRB5_TGS_NAME, - krb5_principal_get_realm(context, client), - NULL); - if (ret) - krb5_err(context, 1, ret, "constructing krbtgt principal"); - krb5_free_principal(context, client); - } - ret = krb5_cc_resolve(context, to_name, &to_ccache); - if (ret) - krb5_err(context, 1, ret, "%s", to_name); - - ret = krb5_cc_copy_cache_match(context, from_ccache, to_ccache, - whichfields, &mcreds, &matched); - if (ret) - krb5_err(context, 1, ret, "copying cred cache"); - - krb5_cc_close(context, from_ccache); - if(matched == 0) - krb5_cc_destroy(context, to_ccache); - else - krb5_cc_close(context, to_ccache); - krb5_free_context(context); - return matched == 0; -} diff --git a/crypto/heimdal/kuser/generate-requests.c b/crypto/heimdal/kuser/generate-requests.c deleted file mode 100644 index 95d8dc968bbf..000000000000 --- a/crypto/heimdal/kuser/generate-requests.c +++ /dev/null @@ -1,161 +0,0 @@ -/* - * Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kuser_locl.h" - -RCSID("$Id: generate-requests.c 19233 2006-12-06 08:04:05Z lha $"); - -static krb5_error_code -null_key_proc (krb5_context context, - krb5_enctype type, - krb5_salt salt, - krb5_const_pointer keyseed, - krb5_keyblock **key) -{ - return ENOTTY; -} - -static unsigned -read_words (const char *filename, char ***ret_w) -{ - unsigned n, alloc; - FILE *f; - char buf[256]; - char **w = NULL; - - f = fopen (filename, "r"); - if (f == NULL) - err (1, "cannot open %s", filename); - alloc = n = 0; - while (fgets (buf, sizeof(buf), f) != NULL) { - buf[strcspn(buf, "\r\n")] = '\0'; - if (n >= alloc) { - alloc += 16; - w = erealloc (w, alloc * sizeof(char **)); - } - w[n++] = estrdup (buf); - } - *ret_w = w; - if (n == 0) - errx(1, "%s is an empty file, no words to try", filename); - return n; -} - -static void -generate_requests (const char *filename, unsigned nreq) -{ - krb5_context context; - krb5_error_code ret; - krb5_creds cred; - int i; - char **words; - unsigned nwords; - - ret = krb5_init_context (&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - nwords = read_words (filename, &words); - - for (i = 0; i < nreq; ++i) { - char *name = words[rand() % nwords]; - krb5_realm *client_realm; - - memset(&cred, 0, sizeof(cred)); - - ret = krb5_parse_name (context, name, &cred.client); - if (ret) - krb5_err (context, 1, ret, "krb5_parse_name %s", name); - client_realm = krb5_princ_realm (context, cred.client); - - ret = krb5_make_principal(context, &cred.server, *client_realm, - KRB5_TGS_NAME, *client_realm, NULL); - if (ret) - krb5_err (context, 1, ret, "krb5_make_principal"); - - ret = krb5_get_in_cred (context, 0, NULL, NULL, NULL, NULL, - null_key_proc, NULL, NULL, NULL, - &cred, NULL); - krb5_free_cred_contents (context, &cred); - } -} - -static int version_flag = 0; -static int help_flag = 0; - -static struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - "file number"); - exit (ret); -} - -int -main(int argc, char **argv) -{ - int optidx = 0; - int nreq; - char *end; - - setprogname(argv[0]); - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag) { - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - if (argc != 2) - usage (1); - srand (0); - nreq = strtol (argv[1], &end, 0); - if (argv[1] == end || *end != '\0') - usage (1); - generate_requests (argv[0], nreq); - return 0; -} diff --git a/crypto/heimdal/kuser/kauth_options.c b/crypto/heimdal/kuser/kauth_options.c deleted file mode 100644 index c432d32ac14a..000000000000 --- a/crypto/heimdal/kuser/kauth_options.c +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kuser_locl.h" -RCSID("$Id: kauth_options.c,v 1.2 1999/12/02 17:05:00 joda Exp $"); - -#ifdef KRB4 -int do_afslog = 1; -int get_v4_tgt = 1; -#endif diff --git a/crypto/heimdal/kuser/kdecode_ticket.c b/crypto/heimdal/kuser/kdecode_ticket.c deleted file mode 100644 index 968478d34779..000000000000 --- a/crypto/heimdal/kuser/kdecode_ticket.c +++ /dev/null @@ -1,162 +0,0 @@ -/* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kuser_locl.h" - -RCSID("$Id: kdecode_ticket.c 15541 2005-07-01 07:14:58Z lha $"); - -static char *etype_str; -static int version_flag; -static int help_flag; - -static void -print_and_decode_tkt (krb5_context context, - krb5_data *ticket, - krb5_principal server, - krb5_enctype enctype) -{ - krb5_error_code ret; - krb5_crypto crypto; - krb5_data dec_data; - size_t len; - EncTicketPart decr_part; - krb5_keyblock key; - Ticket tkt; - - ret = decode_Ticket (ticket->data, ticket->length, &tkt, &len); - if (ret) - krb5_err (context, 1, ret, "decode_Ticket"); - - ret = krb5_string_to_key (context, enctype, "foo", server, &key); - if (ret) - krb5_err (context, 1, ret, "krb5_string_to_key"); - - ret = krb5_crypto_init(context, &key, 0, &crypto); - if (ret) - krb5_err (context, 1, ret, "krb5_crypto_init"); - - ret = krb5_decrypt_EncryptedData (context, crypto, KRB5_KU_TICKET, - &tkt.enc_part, &dec_data); - krb5_crypto_destroy (context, crypto); - if (ret) - krb5_err (context, 1, ret, "krb5_decrypt_EncryptedData"); - ret = krb5_decode_EncTicketPart (context, dec_data.data, dec_data.length, - &decr_part, &len); - krb5_data_free (&dec_data); - if (ret) - krb5_err (context, 1, ret, "krb5_decode_EncTicketPart"); -} - -struct getargs args[] = { - { "enctype", 'e', arg_string, &etype_str, - "encryption type to use", "enctype"}, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - "service"); - exit (ret); -} - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - krb5_context context; - krb5_ccache cache; - krb5_creds in, *out; - int optidx = 0; - - setprogname (argv[0]); - - ret = krb5_init_context (&context); - if (ret) - errx(1, "krb5_init_context failed: %d", ret); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag) { - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - if (argc != 1) - usage (1); - - ret = krb5_cc_default(context, &cache); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_default"); - - memset(&in, 0, sizeof(in)); - - if (etype_str) { - krb5_enctype enctype; - - ret = krb5_string_to_enctype(context, etype_str, &enctype); - if (ret) - krb5_errx (context, 1, "unrecognized enctype: %s", etype_str); - in.session.keytype = enctype; - } - - ret = krb5_cc_get_principal(context, cache, &in.client); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_get_principal"); - - ret = krb5_parse_name(context, argv[0], &in.server); - if (ret) - krb5_err (context, 1, ret, "krb5_parse_name %s", argv[0]); - - in.times.endtime = 0; - ret = krb5_get_credentials(context, 0, cache, &in, &out); - if (ret) - krb5_err (context, 1, ret, "krb5_get_credentials"); - - print_and_decode_tkt (context, &out->ticket, out->server, - out->session.keytype); - - krb5_free_cred_contents(context, out); - return 0; -} diff --git a/crypto/heimdal/kuser/kdestroy.1 b/crypto/heimdal/kuser/kdestroy.1 deleted file mode 100644 index 5e187019ba45..000000000000 --- a/crypto/heimdal/kuser/kdestroy.1 +++ /dev/null @@ -1,71 +0,0 @@ -.\" Copyright (c) 1997, 1999, 2001, 2004, 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kdestroy.1 22071 2007-11-14 20:04:50Z lha $ -.\" -.Dd April 27, 2006 -.Dt KDESTROY 1 -.Os HEIMDAL -.Sh NAME -.Nm kdestroy -.Nd remove one credental or destroy the current ticket file -.Sh SYNOPSIS -.Nm -.Bk -words -.Op Fl c Ar cachefile -.Op Fl -credential= Ns Ar principal -.Op Fl -cache= Ns Ar cachefile -.Op Fl -no-unlog -.Op Fl -no-delete-v4 -.Op Fl -version -.Op Fl -help -.Ek -.Sh DESCRIPTION -.Nm -remove one or the current set of tickets. -.Pp -Supported options: -.Bl -tag -width Ds -.It Fl credential= Ns Ar principal -remove -.Fa principal -from the credential cache if it exists. -.It Fl c Ar cachefile -.It Fl cache= Ns Ar cachefile -The cache file to remove. -.It Fl -no-unlog -Do not remove AFS tokens. -.It Fl -no-delete-v4 -Do not remove v4 tickets. -.El -.Sh SEE ALSO -.Xr kinit 1 , -.Xr klist 1 diff --git a/crypto/heimdal/kuser/kdestroy.c b/crypto/heimdal/kuser/kdestroy.c deleted file mode 100644 index 5358fcd67d92..000000000000 --- a/crypto/heimdal/kuser/kdestroy.c +++ /dev/null @@ -1,150 +0,0 @@ -/* - * Copyright (c) 1997 - 2000, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kuser_locl.h" -RCSID("$Id: kdestroy.c 20458 2007-04-19 20:41:27Z lha $"); - -static const char *cache; -static const char *credential; -static int help_flag; -static int version_flag; -static int unlog_flag = 1; -static int dest_tkt_flag = 1; - -struct getargs args[] = { - { "credential", 0, arg_string, &credential, - "remove one credential", "principal" }, - { "cache", 'c', arg_string, &cache, "cache to destroy", "cache" }, - { "unlog", 0, arg_negative_flag, &unlog_flag, - "do not destroy tokens", NULL }, - { "delete-v4", 0, arg_negative_flag, &dest_tkt_flag, - "do not destroy v4 tickets", NULL }, - { "version", 0, arg_flag, &version_flag, NULL, NULL }, - { "help", 'h', arg_flag, &help_flag, NULL, NULL} -}; - -int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage (int status) -{ - arg_printusage (args, num_args, NULL, ""); - exit (status); -} - -int -main (int argc, char **argv) -{ - krb5_error_code ret; - krb5_context context; - krb5_ccache ccache; - int optidx = 0; - int exit_val = 0; - - setprogname (argv[0]); - - if(getarg(args, num_args, argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - if (argc != 0) - usage (1); - - ret = krb5_init_context (&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - if(cache == NULL) { - cache = krb5_cc_default_name(context); - if (cache == NULL) { - warnx ("krb5_cc_default_name: %s", krb5_get_err_text(context, ret)); - exit(1); - } - } - - ret = krb5_cc_resolve(context, - cache, - &ccache); - - if (ret == 0) { - if (credential) { - krb5_creds mcred; - - krb5_cc_clear_mcred(&mcred); - - ret = krb5_parse_name(context, credential, &mcred.server); - if (ret) - krb5_err(context, 1, ret, - "Can't parse principal %s", credential); - - ret = krb5_cc_remove_cred(context, ccache, 0, &mcred); - if (ret) - krb5_err(context, 1, ret, - "Failed to remove principal %s", credential); - - krb5_cc_close(context, ccache); - krb5_free_principal(context, mcred.server); - krb5_free_context(context); - return 0; - } - - ret = krb5_cc_destroy (context, ccache); - if (ret) { - warnx ("krb5_cc_destroy: %s", krb5_get_err_text(context, ret)); - exit_val = 1; - } - } else { - warnx ("krb5_cc_resolve(%s): %s", cache, - krb5_get_err_text(context, ret)); - exit_val = 1; - } - - krb5_free_context (context); - - if (unlog_flag && k_hasafs ()) { - if (k_unlog ()) - exit_val = 1; - } - - return exit_val; -} diff --git a/crypto/heimdal/kuser/kdigest-commands.in b/crypto/heimdal/kuser/kdigest-commands.in deleted file mode 100644 index c980b188eddd..000000000000 --- a/crypto/heimdal/kuser/kdigest-commands.in +++ /dev/null @@ -1,280 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $Id: kdigest-commands.in 22157 2007-12-04 20:03:29Z lha $ */ - -command = { - name = "digest-probe" - option = { - long = "realm" - type = "string" - help = "Kerberos realm to communicate with" - } - help = "probe what mech is allowed/supported for this server" -} -command = { - name = "digest-server-init" - option = { - long = "type" - type = "string" - help = "digest type" - default = "sasl" - } - option = { - long = "kerberos-realm" - type = "string" - argument = "realm" - help = "" - } - option = { - long = "digest" - type = "string" - argument = "digest-type" - help = "digest type to use in the algorithm" - } - option = { - long = "cb-type" - type = "string" - argument = "type" - help = "type of channel bindings" - } - option = { - long = "cb-value" - type = "string" - argument = "value" - help = "value of channel bindings" - } - option = { - long = "hostname" - type = "string" - argument = "hostname" - help = "hostname of the server" - } - option = { - long = "realm" - type = "string" - help = "Kerberos realm to communicate with" - } - help = "Sets up a digest context and return initial parameters" -} -command = { - name = "digest-server-request" - option = { - long = "type" - type = "string" - help = "digest type" - default = "sasl" - } - option = { - long = "kerberos-realm" - type = "string" - argument = "realm" - help = "" - } - option = { - long = "username" - type = "string" - argument = "name" - help = "digest type" - } - option = { - long = "server-nonce" - type = "string" - argument = "nonce" - help = "" - } - option = { - long = "server-identifier" - type = "string" - argument = "nonce" - help = "" - } - option = { - long = "client-nonce" - type = "string" - argument = "nonce" - help = "" - } - option = { - long = "client-response" - type = "string" - argument = "response" - help = "" - } - option = { - long = "opaque" - type = "string" - argument = "string" - help = "" - } - option = { - long = "authentication-name" - type = "string" - argument = "name" - help = "" - } - option = { - long = "realm" - type = "string" - argument = "realm" - help = "" - } - option = { - long = "method" - type = "string" - argument = "method" - help = "" - } - option = { - long = "uri" - type = "string" - argument = "uri" - help = "" - } - option = { - long = "nounce-count" - type = "string" - argument = "count" - help = "" - } - option = { - long = "qop" - type = "string" - argument = "qop" - help = "" - } - option = { - long = "ccache" - type = "string" - argument = "ccache" - help = "Where the the credential cache is created when the KDC returns tickets" - } - help = "Completes digest negotiation and return final parameters" -} -command = { - name = "digest-client-request" - option = { - long = "type" - type = "string" - help = "digest type" - default = "sasl" - } - option = { - long = "username" - type = "string" - argument = "name" - help = "digest type" - } - option = { - long = "password" - type = "string" - argument = "password" - } - option = { - long = "server-nonce" - type = "string" - argument = "nonce" - help = "" - } - option = { - long = "server-identifier" - type = "string" - argument = "nonce" - help = "" - } - option = { - long = "client-nonce" - type = "string" - argument = "nonce" - help = "" - } - option = { - long = "opaque" - type = "string" - argument = "string" - help = "" - } - option = { - long = "realm" - type = "string" - argument = "realm" - help = "" - } - option = { - long = "method" - type = "string" - argument = "method" - help = "" - } - option = { - long = "uri" - type = "string" - argument = "uri" - help = "" - } - option = { - long = "nounce-count" - type = "string" - argument = "count" - help = "" - } - option = { - long = "qop" - type = "string" - argument = "qop" - help = "" - } - help = "Client part of a digest exchange" -} -command = { - name = "ntlm-server-init" - option = { - long = "version" - type = "integer" - help = "ntlm version" - default = "1" - } - option = { - long = "kerberos-realm" - type = "string" - help = "Kerberos realm to communicate with" - } - help = "Sets up a digest context and return initial parameters" -} -command = { - name = "help" - name = "?" - argument = "[command]" - min_args = "0" - max_args = "1" - help = "Help! I need somebody." -} diff --git a/crypto/heimdal/kuser/kdigest.c b/crypto/heimdal/kuser/kdigest.c deleted file mode 100644 index 418aedb71441..000000000000 --- a/crypto/heimdal/kuser/kdigest.c +++ /dev/null @@ -1,551 +0,0 @@ -/* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kuser_locl.h" -RCSID("$Id: kdigest.c 22158 2007-12-04 20:04:01Z lha $"); -#include -#include -#include -#include -#include "crypto-headers.h" - -static int version_flag = 0; -static int help_flag = 0; -static char *ccache_string; -static krb5_ccache id; - -static struct getargs args[] = { - {"ccache", 0, arg_string, &ccache_string, "credential cache", NULL }, - {"version", 0, arg_flag, &version_flag, "print version", NULL }, - {"help", 0, arg_flag, &help_flag, NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, sizeof(args)/sizeof(*args), - NULL, ""); - exit (ret); -} - -static krb5_context context; - -int -digest_probe(struct digest_probe_options *opt, - int argc, char ** argv) -{ - krb5_error_code ret; - krb5_realm realm; - unsigned flags; - - realm = opt->realm_string; - - if (realm == NULL) - errx(1, "realm missing"); - - ret = krb5_digest_probe(context, realm, id, &flags); - if (ret) - krb5_err(context, 1, ret, "digest_probe"); - - printf("flags: %u\n", flags); - - return 0; -} - -int -digest_server_init(struct digest_server_init_options *opt, - int argc, char ** argv) -{ - krb5_error_code ret; - krb5_digest digest; - - ret = krb5_digest_alloc(context, &digest); - if (ret) - krb5_err(context, 1, ret, "digest_alloc"); - - ret = krb5_digest_set_type(context, digest, opt->type_string); - if (ret) - krb5_err(context, 1, ret, "krb5_digest_set_type"); - - if (opt->cb_type_string && opt->cb_value_string) { - ret = krb5_digest_set_server_cb(context, digest, - opt->cb_type_string, - opt->cb_value_string); - if (ret) - krb5_err(context, 1, ret, "krb5_digest_set_server_cb"); - } - ret = krb5_digest_init_request(context, - digest, - opt->kerberos_realm_string, - id); - if (ret) - krb5_err(context, 1, ret, "krb5_digest_init_request"); - - printf("type=%s\n", opt->type_string); - printf("server-nonce=%s\n", - krb5_digest_get_server_nonce(context, digest)); - { - const char *s = krb5_digest_get_identifier(context, digest); - if (s) - printf("identifier=%s\n", s); - } - printf("opaque=%s\n", krb5_digest_get_opaque(context, digest)); - - return 0; -} - -int -digest_server_request(struct digest_server_request_options *opt, - int argc, char **argv) -{ - krb5_error_code ret; - krb5_digest digest; - const char *status, *rsp; - krb5_data session_key; - - if (opt->server_nonce_string == NULL) - errx(1, "server nonce missing"); - if (opt->type_string == NULL) - errx(1, "type missing"); - if (opt->opaque_string == NULL) - errx(1, "opaque missing"); - if (opt->client_response_string == NULL) - errx(1, "client response missing"); - - ret = krb5_digest_alloc(context, &digest); - if (ret) - krb5_err(context, 1, ret, "digest_alloc"); - - if (strcasecmp(opt->type_string, "CHAP") == 0) { - if (opt->server_identifier_string == NULL) - errx(1, "server identifier missing"); - - ret = krb5_digest_set_identifier(context, digest, - opt->server_identifier_string); - if (ret) - krb5_err(context, 1, ret, "krb5_digest_set_type"); - } - - ret = krb5_digest_set_type(context, digest, opt->type_string); - if (ret) - krb5_err(context, 1, ret, "krb5_digest_set_type"); - - ret = krb5_digest_set_username(context, digest, opt->username_string); - if (ret) - krb5_err(context, 1, ret, "krb5_digest_set_username"); - - ret = krb5_digest_set_server_nonce(context, digest, - opt->server_nonce_string); - if (ret) - krb5_err(context, 1, ret, "krb5_digest_set_server_nonce"); - - if(opt->client_nonce_string) { - ret = krb5_digest_set_client_nonce(context, digest, - opt->client_nonce_string); - if (ret) - krb5_err(context, 1, ret, "krb5_digest_set_client_nonce"); - } - - - ret = krb5_digest_set_opaque(context, digest, opt->opaque_string); - if (ret) - krb5_err(context, 1, ret, "krb5_digest_set_opaque"); - - ret = krb5_digest_set_responseData(context, digest, - opt->client_response_string); - if (ret) - krb5_err(context, 1, ret, "krb5_digest_set_responseData"); - - ret = krb5_digest_request(context, digest, - opt->kerberos_realm_string, id); - if (ret) - krb5_err(context, 1, ret, "krb5_digest_request"); - - status = krb5_digest_rep_get_status(context, digest) ? "ok" : "failed"; - rsp = krb5_digest_get_rsp(context, digest); - - printf("status=%s\n", status); - if (rsp) - printf("rsp=%s\n", rsp); - printf("tickets=no\n"); - - ret = krb5_digest_get_session_key(context, digest, &session_key); - if (ret) - krb5_err(context, 1, ret, "krb5_digest_get_session_key"); - - if (session_key.length) { - char *key; - hex_encode(session_key.data, session_key.length, &key); - if (key == NULL) - krb5_errx(context, 1, "hex_encode"); - krb5_data_free(&session_key); - printf("session-key=%s\n", key); - free(key); - } - - return 0; -} - -static void -client_chap(const void *server_nonce, size_t snoncelen, - unsigned char server_identifier, - const char *password) -{ - MD5_CTX ctx; - unsigned char md[MD5_DIGEST_LENGTH]; - char *h; - - MD5_Init(&ctx); - MD5_Update(&ctx, &server_identifier, 1); - MD5_Update(&ctx, password, strlen(password)); - MD5_Update(&ctx, server_nonce, snoncelen); - MD5_Final(md, &ctx); - - hex_encode(md, 16, &h); - - printf("responseData=%s\n", h); - free(h); -} - -static const unsigned char ms_chap_v2_magic1[39] = { - 0x4D, 0x61, 0x67, 0x69, 0x63, 0x20, 0x73, 0x65, 0x72, 0x76, - 0x65, 0x72, 0x20, 0x74, 0x6F, 0x20, 0x63, 0x6C, 0x69, 0x65, - 0x6E, 0x74, 0x20, 0x73, 0x69, 0x67, 0x6E, 0x69, 0x6E, 0x67, - 0x20, 0x63, 0x6F, 0x6E, 0x73, 0x74, 0x61, 0x6E, 0x74 -}; -static const unsigned char ms_chap_v2_magic2[41] = { - 0x50, 0x61, 0x64, 0x20, 0x74, 0x6F, 0x20, 0x6D, 0x61, 0x6B, - 0x65, 0x20, 0x69, 0x74, 0x20, 0x64, 0x6F, 0x20, 0x6D, 0x6F, - 0x72, 0x65, 0x20, 0x74, 0x68, 0x61, 0x6E, 0x20, 0x6F, 0x6E, - 0x65, 0x20, 0x69, 0x74, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6F, - 0x6E -}; -static const unsigned char ms_rfc3079_magic1[27] = { - 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74, - 0x68, 0x65, 0x20, 0x4d, 0x50, 0x50, 0x45, 0x20, 0x4d, - 0x61, 0x73, 0x74, 0x65, 0x72, 0x20, 0x4b, 0x65, 0x79 -}; - -static void -client_mschapv2(const void *server_nonce, size_t snoncelen, - const void *client_nonce, size_t cnoncelen, - const char *username, - const char *password) -{ - SHA_CTX ctx; - MD4_CTX hctx; - unsigned char md[SHA_DIGEST_LENGTH], challange[SHA_DIGEST_LENGTH]; - unsigned char hmd[MD4_DIGEST_LENGTH]; - struct ntlm_buf answer; - int i, len, ret; - char *h; - - SHA1_Init(&ctx); - SHA1_Update(&ctx, client_nonce, cnoncelen); - SHA1_Update(&ctx, server_nonce, snoncelen); - SHA1_Update(&ctx, username, strlen(username)); - SHA1_Final(md, &ctx); - - MD4_Init(&hctx); - len = strlen(password); - for (i = 0; i < len; i++) { - MD4_Update(&hctx, &password[i], 1); - MD4_Update(&hctx, &password[len], 1); - } - MD4_Final(hmd, &hctx); - - /* ChallengeResponse */ - ret = heim_ntlm_calculate_ntlm1(hmd, sizeof(hmd), md, &answer); - if (ret) - errx(1, "heim_ntlm_calculate_ntlm1"); - - hex_encode(answer.data, answer.length, &h); - printf("responseData=%s\n", h); - free(h); - - /* PasswordHash */ - MD4_Init(&hctx); - MD4_Update(&hctx, hmd, sizeof(hmd)); - MD4_Final(hmd, &hctx); - - /* GenerateAuthenticatorResponse */ - SHA1_Init(&ctx); - SHA1_Update(&ctx, hmd, sizeof(hmd)); - SHA1_Update(&ctx, answer.data, answer.length); - SHA1_Update(&ctx, ms_chap_v2_magic1, sizeof(ms_chap_v2_magic1)); - SHA1_Final(md, &ctx); - - /* ChallengeHash */ - SHA1_Init(&ctx); - SHA1_Update(&ctx, client_nonce, cnoncelen); - SHA1_Update(&ctx, server_nonce, snoncelen); - SHA1_Update(&ctx, username, strlen(username)); - SHA1_Final(challange, &ctx); - - SHA1_Init(&ctx); - SHA1_Update(&ctx, md, sizeof(md)); - SHA1_Update(&ctx, challange, 8); - SHA1_Update(&ctx, ms_chap_v2_magic2, sizeof(ms_chap_v2_magic2)); - SHA1_Final(md, &ctx); - - hex_encode(md, sizeof(md), &h); - printf("AuthenticatorResponse=%s\n", h); - free(h); - - /* get_master, rfc 3079 3.4 */ - SHA1_Init(&ctx); - SHA1_Update(&ctx, hmd, sizeof(hmd)); - SHA1_Update(&ctx, answer.data, answer.length); - SHA1_Update(&ctx, ms_rfc3079_magic1, sizeof(ms_rfc3079_magic1)); - SHA1_Final(md, &ctx); - - free(answer.data); - - hex_encode(md, 16, &h); - printf("session-key=%s\n", h); - free(h); -} - - -int -digest_client_request(struct digest_client_request_options *opt, - int argc, char **argv) -{ - char *server_nonce, *client_nonce = NULL, server_identifier; - ssize_t snoncelen, cnoncelen = 0; - - if (opt->server_nonce_string == NULL) - errx(1, "server nonce missing"); - if (opt->password_string == NULL) - errx(1, "password missing"); - - if (opt->opaque_string == NULL) - errx(1, "opaque missing"); - - snoncelen = strlen(opt->server_nonce_string); - server_nonce = malloc(snoncelen); - if (server_nonce == NULL) - errx(1, "server_nonce"); - - snoncelen = hex_decode(opt->server_nonce_string, server_nonce, snoncelen); - if (snoncelen <= 0) - errx(1, "server nonce wrong"); - - if (opt->client_nonce_string) { - cnoncelen = strlen(opt->client_nonce_string); - client_nonce = malloc(cnoncelen); - if (client_nonce == NULL) - errx(1, "client_nonce"); - - cnoncelen = hex_decode(opt->client_nonce_string, - client_nonce, cnoncelen); - if (cnoncelen <= 0) - errx(1, "client nonce wrong"); - } - - if (opt->server_identifier_string) { - int ret; - - ret = hex_decode(opt->server_identifier_string, &server_identifier, 1); - if (ret != 1) - errx(1, "server identifier wrong length"); - } - - if (strcasecmp(opt->type_string, "CHAP") == 0) { - if (opt->server_identifier_string == NULL) - errx(1, "server identifier missing"); - - client_chap(server_nonce, snoncelen, server_identifier, - opt->password_string); - - } else if (strcasecmp(opt->type_string, "MS-CHAP-V2") == 0) { - if (opt->client_nonce_string == NULL) - errx(1, "client nonce missing"); - if (opt->username_string == NULL) - errx(1, "client nonce missing"); - - client_mschapv2(server_nonce, snoncelen, - client_nonce, cnoncelen, - opt->username_string, - opt->password_string); - } - - - return 0; -} - -#include - -int -ntlm_server_init(struct ntlm_server_init_options *opt, - int argc, char ** argv) -{ - krb5_error_code ret; - krb5_ntlm ntlm; - struct ntlm_type2 type2; - krb5_data challange, opaque; - struct ntlm_buf data; - char *s; - - memset(&type2, 0, sizeof(type2)); - - ret = krb5_ntlm_alloc(context, &ntlm); - if (ret) - krb5_err(context, 1, ret, "krb5_ntlm_alloc"); - - ret = krb5_ntlm_init_request(context, - ntlm, - opt->kerberos_realm_string, - id, - NTLM_NEG_UNICODE|NTLM_NEG_NTLM, - "NUTCRACKER", - "L"); - if (ret) - krb5_err(context, 1, ret, "krb5_ntlm_init_request"); - - /* - * - */ - - ret = krb5_ntlm_init_get_challange(context, ntlm, &challange); - if (ret) - krb5_err(context, 1, ret, "krb5_ntlm_init_get_challange"); - - if (challange.length != sizeof(type2.challange)) - krb5_errx(context, 1, "ntlm challange have wrong length"); - memcpy(type2.challange, challange.data, sizeof(type2.challange)); - krb5_data_free(&challange); - - ret = krb5_ntlm_init_get_flags(context, ntlm, &type2.flags); - if (ret) - krb5_err(context, 1, ret, "krb5_ntlm_init_get_flags"); - - krb5_ntlm_init_get_targetname(context, ntlm, &type2.targetname); - type2.targetinfo.data = "\x00\x00"; - type2.targetinfo.length = 2; - - ret = heim_ntlm_encode_type2(&type2, &data); - if (ret) - krb5_errx(context, 1, "heim_ntlm_encode_type2"); - - free(type2.targetname); - - /* - * - */ - - base64_encode(data.data, data.length, &s); - free(data.data); - printf("type2=%s\n", s); - free(s); - - /* - * - */ - - ret = krb5_ntlm_init_get_opaque(context, ntlm, &opaque); - if (ret) - krb5_err(context, 1, ret, "krb5_ntlm_init_get_opaque"); - - base64_encode(opaque.data, opaque.length, &s); - krb5_data_free(&opaque); - printf("opaque=%s\n", s); - free(s); - - /* - * - */ - - krb5_ntlm_free(context, ntlm); - - return 0; -} - - -/* - * - */ - -int -help(void *opt, int argc, char **argv) -{ - sl_slc_help(commands, argc, argv); - return 0; -} - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - int optidx = 0; - - setprogname(argv[0]); - - ret = krb5_init_context (&context); - if (ret == KRB5_CONFIG_BADFORMAT) - errx (1, "krb5_init_context failed to parse configuration file"); - else if (ret) - errx(1, "krb5_init_context failed: %d", ret); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - if (argc == 0) { - help(NULL, argc, argv); - return 1; - } - - if (ccache_string) { - ret = krb5_cc_resolve(context, ccache_string, &id); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_resolve"); - } - - ret = sl_command (commands, argc, argv); - if (ret == -1) { - help(NULL, argc, argv); - return 1; - } - return ret; -} diff --git a/crypto/heimdal/kuser/kgetcred.1 b/crypto/heimdal/kuser/kgetcred.1 deleted file mode 100644 index 1949ff7e0bbb..000000000000 --- a/crypto/heimdal/kuser/kgetcred.1 +++ /dev/null @@ -1,91 +0,0 @@ -.\" Copyright (c) 1999, 2001 - 2002 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kgetcred.1 14090 2004-08-05 18:49:47Z lha $ -.\" -.Dd March 12, 2004 -.Dt KGETCRED 1 -.Os HEIMDAL -.Sh NAME -.Nm kgetcred -.Nd "get a ticket for a particular service" -.Sh SYNOPSIS -.Nm -.Op Fl -canonicalize -.Oo Fl c cache \*(Ba Xo -.Fl -cache= Ns Ar cache -.Xc -.Oc -.Oo Fl e Ar enctype \*(Ba Xo -.Fl -enctype= Ns Ar enctype -.Xc -.Oc -.Op Fl -no-transit-check -.Op Fl -version -.Op Fl -help -.Ar service -.Sh DESCRIPTION -.Nm -obtains a ticket for a service. -Usually tickets for services are obtained automatically when needed -but sometimes for some odd reason you want to obtain a particular -ticket or of a special type. -.Pp -Supported options: -.Bl -tag -width Ds -.It Xo -.Fl -canonicalize -.Xc -requests that the KDC canonicalize the principal. -.It Xo -.Fl c Ar cache , -.Fl -cache= Ns Ar cache -.Xc -the credential cache to use. -.It Xo -.Fl e Ar enctype , -.Fl -enctype= Ns Ar enctype -.Xc -encryption type to use. -.It Xo -.Fl -no-transit-check -.Xc -requests that the KDC doesn't do trasnit checking. -.It Xo -.Fl -version -.Xc -.It Xo -.Fl -help -.Xc -.El -.Sh SEE ALSO -.Xr kinit 1 , -.Xr klist 1 diff --git a/crypto/heimdal/kuser/kgetcred.c b/crypto/heimdal/kuser/kgetcred.c deleted file mode 100644 index a842e002da54..000000000000 --- a/crypto/heimdal/kuser/kgetcred.c +++ /dev/null @@ -1,228 +0,0 @@ -/* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kuser_locl.h" - -RCSID("$Id: kgetcred.c 22276 2007-12-12 02:42:31Z lha $"); - -static char *cache_str; -static char *out_cache_str; -static char *delegation_cred_str; -static char *etype_str; -static int transit_flag = 1; -static int forwardable_flag; -static char *impersonate_str; -static char *nametype_str; -static int version_flag; -static int help_flag; - -struct getargs args[] = { - { "cache", 'c', arg_string, &cache_str, - "credential cache to use", "cache"}, - { "out-cache", 0, arg_string, &out_cache_str, - "credential cache to store credential in", "cache"}, - { "delegation-credential-cache",0,arg_string, &delegation_cred_str, - "where to find the ticket use for delegation", "cache"}, - { "forwardable", 0, arg_flag, &forwardable_flag, - "forwardable ticket requested"}, - { "transit-check", 0, arg_negative_flag, &transit_flag }, - { "enctype", 'e', arg_string, &etype_str, - "encryption type to use", "enctype"}, - { "impersonate", 0, arg_string, &impersonate_str, - "client to impersonate", "principal"}, - { "name-type", 0, arg_string, &nametype_str }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - "service"); - exit (ret); -} - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - krb5_context context; - krb5_ccache cache; - krb5_creds *out; - int optidx = 0; - krb5_get_creds_opt opt; - krb5_principal server; - krb5_principal impersonate = NULL; - - setprogname (argv[0]); - - ret = krb5_init_context (&context); - if (ret) - errx(1, "krb5_init_context failed: %d", ret); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag) { - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - if (argc != 1) - usage (1); - - if(cache_str) { - ret = krb5_cc_resolve(context, cache_str, &cache); - if (ret) - krb5_err (context, 1, ret, "%s", cache_str); - } else { - ret = krb5_cc_default (context, &cache); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_resolve"); - } - - ret = krb5_get_creds_opt_alloc(context, &opt); - if (ret) - krb5_err (context, 1, ret, "krb5_get_creds_opt_alloc"); - - if (etype_str) { - krb5_enctype enctype; - - ret = krb5_string_to_enctype(context, etype_str, &enctype); - if (ret) - krb5_errx (context, 1, "unrecognized enctype: %s", etype_str); - krb5_get_creds_opt_set_enctype(context, opt, enctype); - } - - if (impersonate_str) { - ret = krb5_parse_name(context, impersonate_str, &impersonate); - if (ret) - krb5_err (context, 1, ret, "krb5_parse_name %s", impersonate_str); - krb5_get_creds_opt_set_impersonate(context, opt, impersonate); - krb5_get_creds_opt_add_options(context, opt, KRB5_GC_NO_STORE); - } - - if (out_cache_str) - krb5_get_creds_opt_add_options(context, opt, KRB5_GC_NO_STORE); - - if (forwardable_flag) - krb5_get_creds_opt_add_options(context, opt, KRB5_GC_FORWARDABLE); - if (!transit_flag) - krb5_get_creds_opt_add_options(context, opt, KRB5_GC_NO_TRANSIT_CHECK); - - if (delegation_cred_str) { - krb5_ccache id; - krb5_creds c, mc; - Ticket ticket; - - krb5_cc_clear_mcred(&mc); - ret = krb5_cc_get_principal(context, cache, &mc.server); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_get_principal"); - - ret = krb5_cc_resolve(context, delegation_cred_str, &id); - if(ret) - krb5_err (context, 1, ret, "krb5_cc_resolve"); - - ret = krb5_cc_retrieve_cred(context, id, 0, &mc, &c); - if(ret) - krb5_err (context, 1, ret, "krb5_cc_retrieve_cred"); - - ret = decode_Ticket(c.ticket.data, c.ticket.length, &ticket, NULL); - if (ret) { - krb5_clear_error_string(context); - krb5_err (context, 1, ret, "decode_Ticket"); - } - krb5_free_cred_contents(context, &c); - - ret = krb5_get_creds_opt_set_ticket(context, opt, &ticket); - if(ret) - krb5_err (context, 1, ret, "krb5_get_creds_opt_set_ticket"); - free_Ticket(&ticket); - - krb5_cc_close (context, id); - krb5_free_principal(context, mc.server); - - krb5_get_creds_opt_add_options(context, opt, - KRB5_GC_CONSTRAINED_DELEGATION); - } - - ret = krb5_parse_name(context, argv[0], &server); - if (ret) - krb5_err (context, 1, ret, "krb5_parse_name %s", argv[0]); - - if (nametype_str) { - ret = krb5_parse_nametype(context, nametype_str, - &server->name.name_type); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_nametype"); - } - - ret = krb5_get_creds(context, opt, cache, server, &out); - if (ret) - krb5_err (context, 1, ret, "krb5_get_creds"); - - if (out_cache_str) { - krb5_ccache id; - - ret = krb5_cc_resolve(context, out_cache_str, &id); - if(ret) - krb5_err (context, 1, ret, "krb5_cc_resolve"); - - ret = krb5_cc_initialize(context, id, out->client); - if(ret) - krb5_err (context, 1, ret, "krb5_cc_initialize"); - - ret = krb5_cc_store_cred(context, id, out); - if(ret) - krb5_err (context, 1, ret, "krb5_cc_store_cred"); - krb5_cc_close (context, id); - } - - krb5_free_creds(context, out); - krb5_free_principal(context, server); - krb5_get_creds_opt_free(context, opt); - krb5_cc_close (context, cache); - krb5_free_context (context); - - return 0; -} diff --git a/crypto/heimdal/kuser/kimpersonate.1 b/crypto/heimdal/kuser/kimpersonate.1 deleted file mode 100644 index b9cd8d61488f..000000000000 --- a/crypto/heimdal/kuser/kimpersonate.1 +++ /dev/null @@ -1,152 +0,0 @@ -.\" Copyright (c) 2002 - 2007 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kimpersonate.1 20259 2007-02-17 23:49:54Z lha $ -.\" -.Dd September 18, 2006 -.Dt KERBEROS 1 -.Os Heimdal -.Sh NAME -.Nm kimpersonate -.Nd -impersonate a user when there exist a srvtab, keyfile or KeyFile -.Sh SYNOPSIS -.Nm -.Oo Fl s Ar string \*(Ba Xo -.Fl -server= Ns Ar string Oc -.Xc -.Oo Fl c Ar string \*(Ba Xo -.Fl -client= Ns Ar string Oc -.Xc -.Oo Fl k Ar string \*(Ba Xo -.Fl -keytab= Ns Ar string Oc -.Xc -.Op Fl 5 | Fl -krb5 -.Oo Fl e Ar integer \*(Ba Xo -.Fl -expire-time= Ns Ar integer Oc -.Xc -.Oo Fl a Ar string \*(Ba Xo -.Fl -client-address= Ns Ar string Oc -.Xc -.Oo Fl t Ar string \*(Ba Xo -.Fl -enc-type= Ns Ar string Oc -.Xc -.Oo Fl f Ar string \*(Ba Xo -.Fl -ticket-flags= Ns Ar string Oc -.Xc -.Op Fl -verbose -.Op Fl -version -.Op Fl -help -.Sh DESCRIPTION -The -.Nm -program creates a "fake" ticket using the service-key of the service. -The service key can be read from a Kerberos 5 keytab, AFS KeyFile or -(if compiled with support for Kerberos 4) a Kerberos 4 srvtab. -Supported options: -.Bl -tag -width Ds -.It Xo -.Fl s Ar string Ns , -.Fl -server= Ns Ar string -.Xc -name of server principal -.It Xo -.Fl c Ar string Ns , -.Fl -client= Ns Ar string -.Xc -name of client principal -.It Xo -.Fl k Ar string Ns , -.Fl -keytab= Ns Ar string -.Xc -name of keytab file -.It Xo -.Fl 5 Ns , -.Fl -krb5 -.Xc -create a Kerberos 5 ticket -.It Xo -.Fl e Ar integer Ns , -.Fl -expire-time= Ns Ar integer -.Xc -lifetime of ticket in seconds -.It Xo -.Fl a Ar string Ns , -.Fl -client-address= Ns Ar string -.Xc -address of client -.It Xo -.Fl t Ar string Ns , -.Fl -enc-type= Ns Ar string -.Xc -encryption type -.It Xo -.Fl f Ar string Ns , -.Fl -ticket-flags= Ns Ar string -.Xc -ticket flags for krb5 ticket -.It Xo -.Fl -verbose -.Xc -Verbose output -.It Xo -.Fl -version -.Xc -Print version -.It Xo -.Fl -help -.Xc -.El -.Sh FILES -Uses -.Pa /etc/krb5.keytab, -.Pa /etc/srvtab -and -.Pa /usr/afs/etc/KeyFile -when avalible and the the -.Fl k -is used with appropriate prefix. -.Sh EXAMPLES -.Nm -can be used in -.Nm samba -root preexec option -or for debugging. -.Nm --s host/hummel.e.kth.se@E.KTH.SE -c lha@E.KTH.SE -5 -will create a Kerberos 5 ticket for lha@E.KTH.SE for the host -hummel.e.kth.se if there exists a keytab entry for it in -.Pa /etc/krb5.keytab . -.Sh SEE ALSO -.Xr kinit 1 , -.Xr klist 1 -.Sh AUTHORS -Love Hornquist Astrand diff --git a/crypto/heimdal/kuser/kimpersonate.c b/crypto/heimdal/kuser/kimpersonate.c deleted file mode 100644 index 9ef99aff9f11..000000000000 --- a/crypto/heimdal/kuser/kimpersonate.c +++ /dev/null @@ -1,330 +0,0 @@ -/* - * Copyright (c) 2000 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kuser_locl.h" -RCSID("$Id: kimpersonate.c 22117 2007-12-03 21:24:16Z lha $"); -#include - -static char *client_principal_str = NULL; -static krb5_principal client_principal; -static char *server_principal_str = NULL; -static krb5_principal server_principal; - -static char *ccache_str = NULL; - -static char *ticket_flags_str = NULL; -static TicketFlags ticket_flags; -static char *keytab_file = NULL; -static char *enc_type = "des-cbc-md5"; -static int expiration_time = 3600; -static struct getarg_strings client_addresses; -static int version_flag = 0; -static int help_flag = 0; -static int use_krb5 = 1; - -/* - * - */ - -static void -encode_ticket (krb5_context context, - EncryptionKey *skey, - krb5_enctype etype, - int skvno, - krb5_creds *cred) -{ - size_t len, size; - char *buf; - krb5_error_code ret; - krb5_crypto crypto; - EncryptedData enc_part; - EncTicketPart et; - Ticket ticket; - - memset (&enc_part, 0, sizeof(enc_part)); - memset (&ticket, 0, sizeof(ticket)); - - /* - * Set up `enc_part' - */ - - et.flags = cred->flags.b; - et.key = cred->session; - et.crealm = *krb5_princ_realm (context, cred->client); - copy_PrincipalName(&cred->client->name, &et.cname); - { - krb5_data empty_string; - - krb5_data_zero(&empty_string); - et.transited.tr_type = DOMAIN_X500_COMPRESS; - et.transited.contents = empty_string; - } - et.authtime = cred->times.authtime; - et.starttime = NULL; - et.endtime = cred->times.endtime; - et.renew_till = NULL; - et.caddr = &cred->addresses; - et.authorization_data = NULL; /* XXX allow random authorization_data */ - - /* - * Encrypt `enc_part' of ticket with service key - */ - - ASN1_MALLOC_ENCODE(EncTicketPart, buf, len, &et, &size, ret); - if (ret) - krb5_err(context, 1, ret, "EncTicketPart"); - - krb5_crypto_init(context, skey, etype, &crypto); - krb5_encrypt_EncryptedData (context, - crypto, - KRB5_KU_TICKET, - buf, - len, - skvno, - &ticket.enc_part); - free(buf); - krb5_crypto_destroy(context, crypto); - - /* - * Encode ticket - */ - - ticket.tkt_vno = 5; - ticket.realm = *krb5_princ_realm (context, cred->server); - copy_PrincipalName(&cred->server->name, &ticket.sname); - - ASN1_MALLOC_ENCODE(Ticket, buf, len, &ticket, &size, ret); - if(ret) - krb5_err (context, 1, ret, "encode_Ticket"); - - krb5_data_copy(&cred->ticket, buf, len); -} - -/* - * - */ - -static int -create_krb5_tickets (krb5_context context, krb5_keytab kt) -{ - krb5_error_code ret; - krb5_keytab_entry entry; - krb5_creds cred; - krb5_enctype etype; - krb5_ccache ccache; - - memset (&cred, 0, sizeof(cred)); - - ret = krb5_string_to_enctype (context, enc_type, &etype); - if (ret) - krb5_err (context, 1, ret, "krb5_string_to_enctype"); - ret = krb5_kt_get_entry (context, kt, server_principal, - 0, etype, &entry); - if (ret) - krb5_err (context, 1, ret, "krb5_kt_get_entry"); - - /* - * setup cred - */ - - - ret = krb5_copy_principal (context, client_principal, &cred.client); - if (ret) - krb5_err (context, 1, ret, "krb5_copy_principal"); - ret = krb5_copy_principal (context, server_principal, &cred.server); - if (ret) - krb5_err (context, 1, ret, "krb5_copy_principal"); - krb5_generate_random_keyblock(context, etype, &cred.session); - - cred.times.authtime = time(NULL); - cred.times.starttime = time(NULL); - cred.times.endtime = time(NULL) + expiration_time; - cred.times.renew_till = 0; - krb5_data_zero(&cred.second_ticket); - - ret = krb5_get_all_client_addrs (context, &cred.addresses); - if (ret) - krb5_err (context, 1, ret, "krb5_get_all_client_addrs"); - cred.flags.b = ticket_flags; - - - /* - * Encode encrypted part of ticket - */ - - encode_ticket (context, &entry.keyblock, etype, entry.vno, &cred); - - /* - * Write to cc - */ - - if (ccache_str) { - ret = krb5_cc_resolve(context, ccache_str, &ccache); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_resolve"); - } else { - ret = krb5_cc_default (context, &ccache); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_default"); - } - - ret = krb5_cc_initialize (context, ccache, cred.client); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_initialize"); - - ret = krb5_cc_store_cred (context, ccache, &cred); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_store_cred"); - - krb5_free_cred_contents (context, &cred); - krb5_cc_close (context, ccache); - - return 0; -} - -/* - * - */ - -static void -setup_env (krb5_context context, krb5_keytab *kt) -{ - krb5_error_code ret; - - if (keytab_file) - ret = krb5_kt_resolve (context, keytab_file, kt); - else - ret = krb5_kt_default (context, kt); - if (ret) - krb5_err (context, 1, ret, "resolving keytab"); - - if (client_principal_str == NULL) - krb5_errx (context, 1, "missing client principal"); - ret = krb5_parse_name (context, client_principal_str, &client_principal); - if (ret) - krb5_err (context, 1, ret, "resolvning client name"); - - if (server_principal_str == NULL) - krb5_errx (context, 1, "missing server principal"); - ret = krb5_parse_name (context, server_principal_str, &server_principal); - if (ret) - krb5_err (context, 1, ret, "resolvning client name"); - - if (ticket_flags_str) { - int ticket_flags_int; - - ticket_flags_int = parse_flags(ticket_flags_str, - asn1_TicketFlags_units(), 0); - if (ticket_flags_int <= 0) { - krb5_warnx (context, "bad ticket flags: `%s'", ticket_flags_str); - print_flags_table (asn1_TicketFlags_units(), stderr); - exit (1); - } - if (ticket_flags_int) - ticket_flags = int2TicketFlags (ticket_flags_int); - } -} - -/* - * - */ - -struct getargs args[] = { - { "ccache", 0, arg_string, &ccache_str, - "name of kerberos 5 credential cache", "cache-name"}, - { "server", 's', arg_string, &server_principal_str, - "name of server principal" }, - { "client", 'c', arg_string, &client_principal_str, - "name of client principal" }, - { "keytab", 'k', arg_string, &keytab_file, - "name of keytab file" }, - { "krb5", '5', arg_flag, &use_krb5, - "create a kerberos 5 ticket"}, - { "expire-time", 'e', arg_integer, &expiration_time, - "lifetime of ticket in seconds" }, - { "client-addresses", 'a', arg_strings, &client_addresses, - "addresses of client" }, - { "enc-type", 't', arg_string, &enc_type, - "encryption type" }, - { "ticket-flags", 'f', arg_string, &ticket_flags_str, - "ticket flags for krb5 ticket" }, - { "version", 0, arg_flag, &version_flag, "Print version", - NULL }, - { "help", 0, arg_flag, &help_flag, NULL, - NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args) / sizeof(args[0]), - NULL, - ""); - exit (ret); -} - -int -main (int argc, char **argv) -{ - int optind = 0; - krb5_error_code ret; - krb5_context context; - krb5_keytab kt; - - setprogname (argv[0]); - - ret = krb5_init_context (&context); - if (ret) - errx(1, "krb5_init_context failed: %u", ret); - - if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, - &optind)) - usage (1); - - if (help_flag) - usage (0); - - if (version_flag) { - print_version(NULL); - return 0; - } - - setup_env (context, &kt); - - if (use_krb5) - create_krb5_tickets (context, kt); - - krb5_kt_close (context, kt); - return 0; -} diff --git a/crypto/heimdal/kuser/kinit.1 b/crypto/heimdal/kuser/kinit.1 deleted file mode 100644 index 01fac262a685..000000000000 --- a/crypto/heimdal/kuser/kinit.1 +++ /dev/null @@ -1,291 +0,0 @@ -.\" Copyright (c) 1998 - 2003, 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kinit.1 17822 2006-07-10 14:46:58Z lha $ -.\" -.Dd April 25, 2006 -.Dt KINIT 1 -.Os HEIMDAL -.Sh NAME -.Nm kinit -.Nm kauth -.Nd acquire initial tickets -.Sh SYNOPSIS -.Nm kinit -.Op Fl 4 | Fl -524init -.Op Fl 9 | Fl -524convert -.Op Fl -afslog -.Oo Fl c Ar cachename \*(Ba Xo -.Fl -cache= Ns Ar cachename -.Xc -.Oc -.Op Fl f | Fl -forwardable -.Oo Fl t Ar keytabname \*(Ba Xo -.Fl -keytab= Ns Ar keytabname -.Xc -.Oc -.Oo Fl l Ar time \*(Ba Xo -.Fl -lifetime= Ns Ar time -.Xc -.Oc -.Op Fl p | Fl -proxiable -.Op Fl R | Fl -renew -.Op Fl -renewable -.Oo Fl r Ar time \*(Ba Xo -.Fl -renewable-life= Ns Ar time -.Xc -.Oc -.Oo Fl S Ar principal \*(Ba Xo -.Fl -server= Ns Ar principal -.Xc -.Oc -.Oo Fl s Ar time \*(Ba Xo -.Fl -start-time= Ns Ar time -.Xc -.Oc -.Op Fl k | Fl -use-keytab -.Op Fl v | Fl -validate -.Oo Fl e Ar enctypes \*(Ba Xo -.Fl -enctypes= Ns Ar enctypes -.Xc -.Oc -.Oo Fl a Ar addresses \*(Ba Xo -.Fl -extra-addresses= Ns Ar addresses -.Xc -.Oc -.Op Fl -password-file= Ns Ar filename -.Op Fl -fcache-version= Ns Ar version-number -.Op Fl A | Fl -no-addresses -.Op Fl -anonymous -.Op Fl -version -.Op Fl -help -.Op Ar principal Op Ar command -.Sh DESCRIPTION -.Nm -is used to authenticate to the Kerberos server as -.Ar principal , -or if none is given, a system generated default (typically your login -name at the default realm), and acquire a ticket granting ticket that -can later be used to obtain tickets for other services. -.Pp -If you have compiled -.Nm kinit -with Kerberos 4 support and you have a -Kerberos 4 server, -.Nm -will detect this and get you Kerberos 4 tickets. -.Pp -Supported options: -.Bl -tag -width Ds -.It Xo -.Fl c Ar cachename -.Fl -cache= Ns Ar cachename -.Xc -The credentials cache to put the acquired ticket in, if other than -default. -.It Xo -.Fl f , -.Fl -forwardable -.Xc -Get ticket that can be forwarded to another host. -.It Xo -.Fl t Ar keytabname , -.Fl -keytab= Ns Ar keytabname -.Xc -Don't ask for a password, but instead get the key from the specified -keytab. -.It Xo -.Fl l Ar time , -.Fl -lifetime= Ns Ar time -.Xc -Specifies the lifetime of the ticket. -The argument can either be in seconds, or a more human readable string -like -.Sq 1h . -.It Xo -.Fl p , -.Fl -proxiable -.Xc -Request tickets with the proxiable flag set. -.It Xo -.Fl R , -.Fl -renew -.Xc -Try to renew ticket. -The ticket must have the -.Sq renewable -flag set, and must not be expired. -.It Fl -renewable -The same as -.Fl -renewable-life , -with an infinite time. -.It Xo -.Fl r Ar time , -.Fl -renewable-life= Ns Ar time -.Xc -The max renewable ticket life. -.It Xo -.Fl S Ar principal , -.Fl -server= Ns Ar principal -.Xc -Get a ticket for a service other than krbtgt/LOCAL.REALM. -.It Xo -.Fl s Ar time , -.Fl -start-time= Ns Ar time -.Xc -Obtain a ticket that starts to be valid -.Ar time -(which can really be a generic time specification, like -.Sq 1h ) -seconds into the future. -.It Xo -.Fl k , -.Fl -use-keytab -.Xc -The same as -.Fl -keytab , -but with the default keytab name (normally -.Ar FILE:/etc/krb5.keytab ) . -.It Xo -.Fl v , -.Fl -validate -.Xc -Try to validate an invalid ticket. -.It Xo -.Fl e , -.Fl -enctypes= Ns Ar enctypes -.Xc -Request tickets with this particular enctype. -.It Xo -.Fl -password-file= Ns Ar filename -.Xc -read the password from the first line of -.Ar filename . -If the -.Ar filename -is -.Ar STDIN , -the password will be read from the standard input. -.It Xo -.Fl -fcache-version= Ns Ar version-number -.Xc -Create a credentials cache of version -.Ar version-number . -.It Xo -.Fl a , -.Fl -extra-addresses= Ns Ar enctypes -.Xc -Adds a set of addresses that will, in addition to the systems local -addresses, be put in the ticket. -This can be useful if all addresses a client can use can't be -automatically figured out. -One such example is if the client is behind a firewall. -Also settable via -.Li libdefaults/extra_addresses -in -.Xr krb5.conf 5 . -.It Xo -.Fl A , -.Fl -no-addresses -.Xc -Request a ticket with no addresses. -.It Xo -.Fl -anonymous -.Xc -Request an anonymous ticket (which means that the ticket will be -issued to an anonymous principal, typically -.Dq anonymous@REALM ) . -.El -.Pp -The following options are only available if -.Nm -has been compiled with support for Kerberos 4. -.Bl -tag -width Ds -.It Xo -.Fl 4 , -.Fl -524init -.Xc -Try to convert the obtained Kerberos 5 krbtgt to a version 4 -compatible ticket. -It will store this ticket in the default Kerberos 4 ticket file. -.It Xo -.Fl 9 , -.Fl -524convert -.Xc -only convert ticket to version 4 -.It Fl -afslog -Gets AFS tickets, converts them to version 4 format, and stores them -in the kernel. -Only useful if you have AFS. -.El -.Pp -The -.Ar forwardable , -.Ar proxiable , -.Ar ticket_life , -and -.Ar renewable_life -options can be set to a default value from the -.Dv appdefaults -section in krb5.conf, see -.Xr krb5_appdefault 3 . -.Pp -If a -.Ar command -is given, -.Nm kinit -will set up new credentials caches, and AFS PAG, and then run the given -command. -When it finishes the credentials will be removed. -.Sh ENVIRONMENT -.Bl -tag -width Ds -.It Ev KRB5CCNAME -Specifies the default credentials cache. -.It Ev KRB5_CONFIG -The file name of -.Pa krb5.conf , -the default being -.Pa /etc/krb5.conf . -.It Ev KRBTKFILE -Specifies the Kerberos 4 ticket file to store version 4 tickets in. -.El -.\".Sh FILES -.\".Sh EXAMPLES -.\".Sh DIAGNOSTICS -.Sh SEE ALSO -.Xr kdestroy 1 , -.Xr klist 1 , -.Xr krb5_appdefault 3 , -.Xr krb5.conf 5 -.\".Sh STANDARDS -.\".Sh HISTORY -.\".Sh AUTHORS -.\".Sh BUGS diff --git a/crypto/heimdal/kuser/kinit.c b/crypto/heimdal/kuser/kinit.c deleted file mode 100644 index 267630985908..000000000000 --- a/crypto/heimdal/kuser/kinit.c +++ /dev/null @@ -1,852 +0,0 @@ -/* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kuser_locl.h" -RCSID("$Id: kinit.c 22116 2007-12-03 21:22:58Z lha $"); - -#include "krb5-v4compat.h" - -#include "heimntlm.h" - -int forwardable_flag = -1; -int proxiable_flag = -1; -int renewable_flag = -1; -int renew_flag = 0; -int pac_flag = -1; -int validate_flag = 0; -int version_flag = 0; -int help_flag = 0; -int addrs_flag = -1; -struct getarg_strings extra_addresses; -int anonymous_flag = 0; -char *lifetime = NULL; -char *renew_life = NULL; -char *server_str = NULL; -char *cred_cache = NULL; -char *start_str = NULL; -struct getarg_strings etype_str; -int use_keytab = 0; -char *keytab_str = NULL; -int do_afslog = -1; -int get_v4_tgt = -1; -int convert_524 = 0; -int fcache_version; -char *password_file = NULL; -char *pk_user_id = NULL; -char *pk_x509_anchors = NULL; -int pk_use_enckey = 0; -static int canonicalize_flag = 0; -static char *ntlm_domain; - -static char *krb4_cc_name; - -static struct getargs args[] = { - /* - * used by MIT - * a: ~A - * V: verbose - * F: ~f - * P: ~p - * C: v4 cache name? - * 5: - */ - { "524init", '4', arg_flag, &get_v4_tgt, - "obtain version 4 TGT" }, - - { "524convert", '9', arg_flag, &convert_524, - "only convert ticket to version 4" }, - - { "afslog", 0 , arg_flag, &do_afslog, - "obtain afs tokens" }, - - { "cache", 'c', arg_string, &cred_cache, - "credentials cache", "cachename" }, - - { "forwardable", 'f', arg_flag, &forwardable_flag, - "get forwardable tickets"}, - - { "keytab", 't', arg_string, &keytab_str, - "keytab to use", "keytabname" }, - - { "lifetime", 'l', arg_string, &lifetime, - "lifetime of tickets", "time"}, - - { "proxiable", 'p', arg_flag, &proxiable_flag, - "get proxiable tickets" }, - - { "renew", 'R', arg_flag, &renew_flag, - "renew TGT" }, - - { "renewable", 0, arg_flag, &renewable_flag, - "get renewable tickets" }, - - { "renewable-life", 'r', arg_string, &renew_life, - "renewable lifetime of tickets", "time" }, - - { "server", 'S', arg_string, &server_str, - "server to get ticket for", "principal" }, - - { "start-time", 's', arg_string, &start_str, - "when ticket gets valid", "time" }, - - { "use-keytab", 'k', arg_flag, &use_keytab, - "get key from keytab" }, - - { "validate", 'v', arg_flag, &validate_flag, - "validate TGT" }, - - { "enctypes", 'e', arg_strings, &etype_str, - "encryption types to use", "enctypes" }, - - { "fcache-version", 0, arg_integer, &fcache_version, - "file cache version to create" }, - - { "addresses", 'A', arg_negative_flag, &addrs_flag, - "request a ticket with no addresses" }, - - { "extra-addresses",'a', arg_strings, &extra_addresses, - "include these extra addresses", "addresses" }, - - { "anonymous", 0, arg_flag, &anonymous_flag, - "request an anonymous ticket" }, - - { "request-pac", 0, arg_flag, &pac_flag, - "request a Windows PAC" }, - - { "password-file", 0, arg_string, &password_file, - "read the password from a file" }, - - { "canonicalize",0, arg_flag, &canonicalize_flag, - "canonicalize client principal" }, -#ifdef PKINIT - { "pk-user", 'C', arg_string, &pk_user_id, - "principal's public/private/certificate identifier", "id" }, - - { "x509-anchors", 'D', arg_string, &pk_x509_anchors, - "directory with CA certificates", "directory" }, - - { "pk-use-enckey", 0, arg_flag, &pk_use_enckey, - "Use RSA encrypted reply (instead of DH)" }, -#endif - { "ntlm-domain", 0, arg_string, &ntlm_domain, - "NTLM domain", "domain" }, - - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - "[principal [command]]"); - exit (ret); -} - -static krb5_error_code -get_server(krb5_context context, - krb5_principal client, - const char *server, - krb5_principal *princ) -{ - krb5_realm *client_realm; - if(server) - return krb5_parse_name(context, server, princ); - - client_realm = krb5_princ_realm (context, client); - return krb5_make_principal(context, princ, *client_realm, - KRB5_TGS_NAME, *client_realm, NULL); -} - -static krb5_error_code -do_524init(krb5_context context, krb5_ccache ccache, - krb5_creds *creds, const char *server) -{ - krb5_error_code ret; - - struct credentials c; - krb5_creds in_creds, *real_creds; - - if(creds != NULL) - real_creds = creds; - else { - krb5_principal client; - krb5_cc_get_principal(context, ccache, &client); - memset(&in_creds, 0, sizeof(in_creds)); - ret = get_server(context, client, server, &in_creds.server); - if(ret) { - krb5_free_principal(context, client); - return ret; - } - in_creds.client = client; - ret = krb5_get_credentials(context, 0, ccache, &in_creds, &real_creds); - krb5_free_principal(context, client); - krb5_free_principal(context, in_creds.server); - if(ret) - return ret; - } - ret = krb524_convert_creds_kdc_ccache(context, ccache, real_creds, &c); - if(ret) - krb5_warn(context, ret, "converting creds"); - else { - krb5_error_code tret = _krb5_krb_tf_setup(context, &c, NULL, 0); - if(tret) - krb5_warn(context, tret, "saving v4 creds"); - } - - if(creds == NULL) - krb5_free_creds(context, real_creds); - memset(&c, 0, sizeof(c)); - - return ret; -} - -static int -renew_validate(krb5_context context, - int renew, - int validate, - krb5_ccache cache, - const char *server, - krb5_deltat life) -{ - krb5_error_code ret; - krb5_creds in, *out = NULL; - krb5_kdc_flags flags; - - memset(&in, 0, sizeof(in)); - - ret = krb5_cc_get_principal(context, cache, &in.client); - if(ret) { - krb5_warn(context, ret, "krb5_cc_get_principal"); - return ret; - } - ret = get_server(context, in.client, server, &in.server); - if(ret) { - krb5_warn(context, ret, "get_server"); - goto out; - } - - if (renew) { - /* - * no need to check the error here, it's only to be - * friendly to the user - */ - krb5_get_credentials(context, KRB5_GC_CACHED, cache, &in, &out); - } - - flags.i = 0; - flags.b.renewable = flags.b.renew = renew; - flags.b.validate = validate; - - if (forwardable_flag != -1) - flags.b.forwardable = forwardable_flag; - else if (out) - flags.b.forwardable = out->flags.b.forwardable; - - if (proxiable_flag != -1) - flags.b.proxiable = proxiable_flag; - else if (out) - flags.b.proxiable = out->flags.b.proxiable; - - if (anonymous_flag != -1) - flags.b.request_anonymous = anonymous_flag; - if(life) - in.times.endtime = time(NULL) + life; - - if (out) { - krb5_free_creds (context, out); - out = NULL; - } - - - ret = krb5_get_kdc_cred(context, - cache, - flags, - NULL, - NULL, - &in, - &out); - if(ret) { - krb5_warn(context, ret, "krb5_get_kdc_cred"); - goto out; - } - ret = krb5_cc_initialize(context, cache, in.client); - if(ret) { - krb5_free_creds (context, out); - krb5_warn(context, ret, "krb5_cc_initialize"); - goto out; - } - ret = krb5_cc_store_cred(context, cache, out); - - if(ret == 0 && server == NULL) { - /* only do this if it's a general renew-my-tgt request */ - if(get_v4_tgt) - do_524init(context, cache, out, NULL); - if(do_afslog && k_hasafs()) - krb5_afslog(context, cache, NULL, NULL); - } - - krb5_free_creds (context, out); - if(ret) { - krb5_warn(context, ret, "krb5_cc_store_cred"); - goto out; - } -out: - krb5_free_cred_contents(context, &in); - return ret; -} - -static krb5_error_code -store_ntlmkey(krb5_context context, krb5_ccache id, - const char *domain, krb5_const_principal client, - struct ntlm_buf *buf) -{ - krb5_error_code ret; - krb5_creds cred; - - memset(&cred, 0, sizeof(cred)); - - ret = krb5_make_principal(context, &cred.server, - krb5_principal_get_realm(context, client), - "@ntlm-key", domain, NULL); - if (ret) - goto out; - ret = krb5_copy_principal(context, client, &cred.client); - if (ret) - goto out; - - cred.times.authtime = time(NULL); - cred.times.endtime = time(NULL) + 3600 * 24 * 30; /* XXX */ - cred.session.keytype = ENCTYPE_ARCFOUR_HMAC_MD5; - ret = krb5_data_copy(&cred.session.keyvalue, buf->data, buf->length); - if (ret) - goto out; - - ret = krb5_cc_store_cred(context, id, &cred); - -out: - krb5_free_cred_contents (context, &cred); - return 0; -} - -static krb5_error_code -get_new_tickets(krb5_context context, - krb5_principal principal, - krb5_ccache ccache, - krb5_deltat ticket_life, - int interactive) -{ - krb5_error_code ret; - krb5_get_init_creds_opt *opt; - krb5_creds cred; - char passwd[256]; - krb5_deltat start_time = 0; - krb5_deltat renew = 0; - char *renewstr = NULL; - krb5_enctype *enctype = NULL; - struct ntlm_buf ntlmkey; - krb5_ccache tempccache; - - memset(&ntlmkey, 0, sizeof(ntlmkey)); - passwd[0] = '\0'; - - if (password_file) { - FILE *f; - - if (strcasecmp("STDIN", password_file) == 0) - f = stdin; - else - f = fopen(password_file, "r"); - if (f == NULL) - krb5_errx(context, 1, "Failed to open the password file %s", - password_file); - - if (fgets(passwd, sizeof(passwd), f) == NULL) - krb5_errx(context, 1, - "Failed to read password from file %s", password_file); - if (f != stdin) - fclose(f); - passwd[strcspn(passwd, "\n")] = '\0'; - } - - - memset(&cred, 0, sizeof(cred)); - - ret = krb5_get_init_creds_opt_alloc (context, &opt); - if (ret) - krb5_err(context, 1, ret, "krb5_get_init_creds_opt_alloc"); - - krb5_get_init_creds_opt_set_default_flags(context, "kinit", - krb5_principal_get_realm(context, principal), opt); - - if(forwardable_flag != -1) - krb5_get_init_creds_opt_set_forwardable (opt, forwardable_flag); - if(proxiable_flag != -1) - krb5_get_init_creds_opt_set_proxiable (opt, proxiable_flag); - if(anonymous_flag != -1) - krb5_get_init_creds_opt_set_anonymous (opt, anonymous_flag); - if (pac_flag != -1) - krb5_get_init_creds_opt_set_pac_request(context, opt, - pac_flag ? TRUE : FALSE); - if (canonicalize_flag) - krb5_get_init_creds_opt_set_canonicalize(context, opt, TRUE); - if (pk_user_id) { - ret = krb5_get_init_creds_opt_set_pkinit(context, opt, - principal, - pk_user_id, - pk_x509_anchors, - NULL, - NULL, - pk_use_enckey ? 2 : 0, - krb5_prompter_posix, - NULL, - passwd); - if (ret) - krb5_err(context, 1, ret, "krb5_get_init_creds_opt_set_pkinit"); - } - - if (addrs_flag != -1) - krb5_get_init_creds_opt_set_addressless(context, opt, - addrs_flag ? FALSE : TRUE); - - if (renew_life == NULL && renewable_flag) - renewstr = "1 month"; - if (renew_life) - renewstr = renew_life; - if (renewstr) { - renew = parse_time (renewstr, "s"); - if (renew < 0) - errx (1, "unparsable time: %s", renewstr); - - krb5_get_init_creds_opt_set_renew_life (opt, renew); - } - - if(ticket_life != 0) - krb5_get_init_creds_opt_set_tkt_life (opt, ticket_life); - - if(start_str) { - int tmp = parse_time (start_str, "s"); - if (tmp < 0) - errx (1, "unparsable time: %s", start_str); - - start_time = tmp; - } - - if(etype_str.num_strings) { - int i; - - enctype = malloc(etype_str.num_strings * sizeof(*enctype)); - if(enctype == NULL) - errx(1, "out of memory"); - for(i = 0; i < etype_str.num_strings; i++) { - ret = krb5_string_to_enctype(context, - etype_str.strings[i], - &enctype[i]); - if(ret) - errx(1, "unrecognized enctype: %s", etype_str.strings[i]); - } - krb5_get_init_creds_opt_set_etype_list(opt, enctype, - etype_str.num_strings); - } - - if(use_keytab || keytab_str) { - krb5_keytab kt; - if(keytab_str) - ret = krb5_kt_resolve(context, keytab_str, &kt); - else - ret = krb5_kt_default(context, &kt); - if (ret) - krb5_err (context, 1, ret, "resolving keytab"); - ret = krb5_get_init_creds_keytab (context, - &cred, - principal, - kt, - start_time, - server_str, - opt); - krb5_kt_close(context, kt); - } else if (pk_user_id) { - ret = krb5_get_init_creds_password (context, - &cred, - principal, - passwd, - krb5_prompter_posix, - NULL, - start_time, - server_str, - opt); - } else if (!interactive) { - krb5_warnx(context, "Not interactive, failed to get initial ticket"); - krb5_get_init_creds_opt_free(context, opt); - return 0; - } else { - - if (passwd[0] == '\0') { - char *p, *prompt; - - krb5_unparse_name (context, principal, &p); - asprintf (&prompt, "%s's Password: ", p); - free (p); - - if (UI_UTIL_read_pw_string(passwd, sizeof(passwd)-1, prompt, 0)){ - memset(passwd, 0, sizeof(passwd)); - exit(1); - } - free (prompt); - } - - - ret = krb5_get_init_creds_password (context, - &cred, - principal, - passwd, - krb5_prompter_posix, - NULL, - start_time, - server_str, - opt); - } - krb5_get_init_creds_opt_free(context, opt); - if (ntlm_domain && passwd[0]) - heim_ntlm_nt_key(passwd, &ntlmkey); - memset(passwd, 0, sizeof(passwd)); - - switch(ret){ - case 0: - break; - case KRB5_LIBOS_PWDINTR: /* don't print anything if it was just C-c:ed */ - exit(1); - case KRB5KRB_AP_ERR_BAD_INTEGRITY: - case KRB5KRB_AP_ERR_MODIFIED: - case KRB5KDC_ERR_PREAUTH_FAILED: - krb5_errx(context, 1, "Password incorrect"); - break; - case KRB5KRB_AP_ERR_V4_REPLY: - krb5_errx(context, 1, "Looks like a Kerberos 4 reply"); - break; - default: - krb5_err(context, 1, ret, "krb5_get_init_creds"); - } - - if(ticket_life != 0) { - if(abs(cred.times.endtime - cred.times.starttime - ticket_life) > 30) { - char life[64]; - unparse_time_approx(cred.times.endtime - cred.times.starttime, - life, sizeof(life)); - krb5_warnx(context, "NOTICE: ticket lifetime is %s", life); - } - } - if(renew_life) { - if(abs(cred.times.renew_till - cred.times.starttime - renew) > 30) { - char life[64]; - unparse_time_approx(cred.times.renew_till - cred.times.starttime, - life, sizeof(life)); - krb5_warnx(context, "NOTICE: ticket renewable lifetime is %s", - life); - } - } - - ret = krb5_cc_new_unique(context, krb5_cc_get_type(context, ccache), - NULL, &tempccache); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_new_unique"); - - ret = krb5_cc_initialize (context, tempccache, cred.client); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_initialize"); - - ret = krb5_cc_store_cred (context, tempccache, &cred); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_store_cred"); - - krb5_free_cred_contents (context, &cred); - - ret = krb5_cc_move(context, tempccache, ccache); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_move"); - - if (ntlm_domain && ntlmkey.data) - store_ntlmkey(context, ccache, ntlm_domain, principal, &ntlmkey); - - if (enctype) - free(enctype); - - return 0; -} - -static time_t -ticket_lifetime(krb5_context context, krb5_ccache cache, - krb5_principal client, const char *server) -{ - krb5_creds in_cred, *cred; - krb5_error_code ret; - time_t timeout; - - memset(&in_cred, 0, sizeof(in_cred)); - - ret = krb5_cc_get_principal(context, cache, &in_cred.client); - if(ret) { - krb5_warn(context, ret, "krb5_cc_get_principal"); - return 0; - } - ret = get_server(context, in_cred.client, server, &in_cred.server); - if(ret) { - krb5_free_principal(context, in_cred.client); - krb5_warn(context, ret, "get_server"); - return 0; - } - - ret = krb5_get_credentials(context, KRB5_GC_CACHED, - cache, &in_cred, &cred); - krb5_free_principal(context, in_cred.client); - krb5_free_principal(context, in_cred.server); - if(ret) { - krb5_warn(context, ret, "krb5_get_credentials"); - return 0; - } - timeout = cred->times.endtime - cred->times.starttime; - if (timeout < 0) - timeout = 0; - krb5_free_creds(context, cred); - return timeout; -} - -struct renew_ctx { - krb5_context context; - krb5_ccache ccache; - krb5_principal principal; - krb5_deltat ticket_life; -}; - -static time_t -renew_func(void *ptr) -{ - struct renew_ctx *ctx = ptr; - krb5_error_code ret; - time_t expire; - int new_tickets = 0; - - if (renewable_flag) { - ret = renew_validate(ctx->context, renewable_flag, validate_flag, - ctx->ccache, server_str, ctx->ticket_life); - if (ret) - new_tickets = 1; - } else - new_tickets = 1; - - if (new_tickets) - get_new_tickets(ctx->context, ctx->principal, - ctx->ccache, ctx->ticket_life, 0); - - if(get_v4_tgt || convert_524) - do_524init(ctx->context, ctx->ccache, NULL, server_str); - if(do_afslog && k_hasafs()) - krb5_afslog(ctx->context, ctx->ccache, NULL, NULL); - - expire = ticket_lifetime(ctx->context, ctx->ccache, ctx->principal, - server_str) / 2; - return expire + 1; -} - -int -main (int argc, char **argv) -{ - krb5_error_code ret; - krb5_context context; - krb5_ccache ccache; - krb5_principal principal; - int optidx = 0; - krb5_deltat ticket_life = 0; - int parseflags = 0; - - setprogname (argv[0]); - - ret = krb5_init_context (&context); - if (ret == KRB5_CONFIG_BADFORMAT) - errx (1, "krb5_init_context failed to parse configuration file"); - else if (ret) - errx(1, "krb5_init_context failed: %d", ret); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag) { - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - if (canonicalize_flag) - parseflags |= KRB5_PRINCIPAL_PARSE_ENTERPRISE; - - if (argv[0]) { - ret = krb5_parse_name_flags (context, argv[0], parseflags, &principal); - if (ret) - krb5_err (context, 1, ret, "krb5_parse_name"); - } else { - ret = krb5_get_default_principal (context, &principal); - if (ret) - krb5_err (context, 1, ret, "krb5_get_default_principal"); - } - - if(fcache_version) - krb5_set_fcache_version(context, fcache_version); - - if(renewable_flag == -1) - /* this seems somewhat pointless, but whatever */ - krb5_appdefault_boolean(context, "kinit", - krb5_principal_get_realm(context, principal), - "renewable", FALSE, &renewable_flag); - if(get_v4_tgt == -1) - krb5_appdefault_boolean(context, "kinit", - krb5_principal_get_realm(context, principal), - "krb4_get_tickets", FALSE, &get_v4_tgt); - if(do_afslog == -1) - krb5_appdefault_boolean(context, "kinit", - krb5_principal_get_realm(context, principal), - "afslog", TRUE, &do_afslog); - - if(cred_cache) - ret = krb5_cc_resolve(context, cred_cache, &ccache); - else { - if(argc > 1) { - char s[1024]; - ret = krb5_cc_gen_new(context, &krb5_fcc_ops, &ccache); - if(ret) - krb5_err(context, 1, ret, "creating cred cache"); - snprintf(s, sizeof(s), "%s:%s", - krb5_cc_get_type(context, ccache), - krb5_cc_get_name(context, ccache)); - setenv("KRB5CCNAME", s, 1); - if (get_v4_tgt) { - int fd; - if (asprintf(&krb4_cc_name, "%s_XXXXXX", TKT_ROOT) < 0) - krb5_errx(context, 1, "out of memory"); - if((fd = mkstemp(krb4_cc_name)) >= 0) { - close(fd); - setenv("KRBTKFILE", krb4_cc_name, 1); - } else { - free(krb4_cc_name); - krb4_cc_name = NULL; - } - } - } else { - ret = krb5_cc_cache_match(context, principal, NULL, &ccache); - if (ret) - ret = krb5_cc_default (context, &ccache); - } - } - if (ret) - krb5_err (context, 1, ret, "resolving credentials cache"); - - if(argc > 1 && k_hasafs ()) - k_setpag(); - - if (lifetime) { - int tmp = parse_time (lifetime, "s"); - if (tmp < 0) - errx (1, "unparsable time: %s", lifetime); - - ticket_life = tmp; - } - - if(addrs_flag == 0 && extra_addresses.num_strings > 0) - krb5_errx(context, 1, "specifying both extra addresses and " - "no addresses makes no sense"); - { - int i; - krb5_addresses addresses; - memset(&addresses, 0, sizeof(addresses)); - for(i = 0; i < extra_addresses.num_strings; i++) { - ret = krb5_parse_address(context, extra_addresses.strings[i], - &addresses); - if (ret == 0) { - krb5_add_extra_addresses(context, &addresses); - krb5_free_addresses(context, &addresses); - } - } - free_getarg_strings(&extra_addresses); - } - - if(renew_flag || validate_flag) { - ret = renew_validate(context, renew_flag, validate_flag, - ccache, server_str, ticket_life); - exit(ret != 0); - } - - if(!convert_524) - get_new_tickets(context, principal, ccache, ticket_life, 1); - - if(get_v4_tgt || convert_524) - do_524init(context, ccache, NULL, server_str); - if(do_afslog && k_hasafs()) - krb5_afslog(context, ccache, NULL, NULL); - if(argc > 1) { - struct renew_ctx ctx; - time_t timeout; - - timeout = ticket_lifetime(context, ccache, principal, server_str) / 2; - - ctx.context = context; - ctx.ccache = ccache; - ctx.principal = principal; - ctx.ticket_life = ticket_life; - - ret = simple_execvp_timed(argv[1], argv+1, - renew_func, &ctx, timeout); -#define EX_NOEXEC 126 -#define EX_NOTFOUND 127 - if(ret == EX_NOEXEC) - krb5_warnx(context, "permission denied: %s", argv[1]); - else if(ret == EX_NOTFOUND) - krb5_warnx(context, "command not found: %s", argv[1]); - - krb5_cc_destroy(context, ccache); - _krb5_krb_dest_tkt(context, krb4_cc_name); - if(k_hasafs()) - k_unlog(); - } else { - krb5_cc_close (context, ccache); - ret = 0; - } - krb5_free_principal(context, principal); - krb5_free_context (context); - return ret; -} diff --git a/crypto/heimdal/kuser/kinit_options.c b/crypto/heimdal/kuser/kinit_options.c deleted file mode 100644 index 5a7dcd98753d..000000000000 --- a/crypto/heimdal/kuser/kinit_options.c +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kuser_locl.h" -RCSID("$Id: kinit_options.c,v 1.2 1999/12/02 17:05:01 joda Exp $"); - -#ifdef KRB4 -int do_afslog = 0; -int get_v4_tgt = 0; -#endif diff --git a/crypto/heimdal/kuser/klist.1 b/crypto/heimdal/kuser/klist.1 deleted file mode 100644 index 65ed7d36aa17..000000000000 --- a/crypto/heimdal/kuser/klist.1 +++ /dev/null @@ -1,154 +0,0 @@ -.\" Copyright (c) 2000 - 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: klist.1 20458 2007-04-19 20:41:27Z lha $ -.\" -.Dd October 6, 2005 -.Dt KLIST 1 -.Os HEIMDAL -.Sh NAME -.Nm klist -.Nd list Kerberos credentials -.Sh SYNOPSIS -.Nm -.Bk -words -.Oo Fl c Ar cache \*(Ba Xo -.Fl -cache= Ns Ar cache -.Xc -.Oc -.Op Fl s | Fl t | Fl -test -.Op Fl T | Fl -tokens -.Op Fl 5 | Fl -v5 -.Op Fl v | Fl -verbose -.Op Fl l | Fl -list-caches -.Op Fl f -.Op Fl -version -.Op Fl -help -.Ek -.Sh DESCRIPTION -.Nm -reads and displays the current tickets in the credential cache (also -known as the ticket file). -.Pp -Options supported: -.Bl -tag -width Ds -.It Xo -.Fl c Ar cache , -.Fl -cache= Ns Ar cache -.Xc -credential cache to list -.It Xo -.Fl s , -.Fl t , -.Fl -test -.Xc -Test for there being an active and valid TGT for the local realm of -the user in the credential cache. -.It Xo -.Fl T , -.Fl -tokens -.Xc -display AFS tokens -.It Xo -.Fl 5 , -.Fl -v5 -.Xc -display v5 cred cache (this is the default) -.It Fl f -Include ticket flags in short form, each character stands for a -specific flag, as follows: -.Bl -tag -width XXX -compact -offset indent -.It F -forwardable -.It f -forwarded -.It P -proxiable -.It p -proxied -.It D -postdate-able -.It d -postdated -.It R -renewable -.It I -initial -.It i -invalid -.It A -pre-authenticated -.It H -hardware authenticated -.El -.Pp -This information is also output with the -.Fl -verbose -option, but in a more verbose way. -.It Xo -.Fl v , -.Fl -verbose -.Xc -Verbose output. Include all possible information: -.Bl -tag -width XXXX -offset indent -.It Server -the principal the ticket is for -.It Ticket etype -the encryption type used in the ticket, followed by the key version of -the ticket, if it is available -.It Session key -the encryption type of the session key, if it's different from the -encryption type of the ticket -.It Auth time -the time the authentication exchange took place -.It Start time -the time that this ticket is valid from (only printed if it's -different from the auth time) -.It End time -when the ticket expires, if it has already expired this is also noted -.It Renew till -the maximum possible end time of any ticket derived from this one -.It Ticket flags -the flags set on the ticket -.It Addresses -the set of addresses from which this ticket is valid -.El -.It Xo -.Fl l , -.Fl -list-caches -.Xc -List the credential caches for the current users, not all cache types -supports listing multiple caches. -.Pp -.El -.Sh SEE ALSO -.Xr kdestroy 1 , -.Xr kinit 1 diff --git a/crypto/heimdal/kuser/klist.c b/crypto/heimdal/kuser/klist.c deleted file mode 100644 index 3148ddc275e2..000000000000 --- a/crypto/heimdal/kuser/klist.c +++ /dev/null @@ -1,639 +0,0 @@ -/* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kuser_locl.h" -#include "rtbl.h" - -RCSID("$Id: klist.c 20516 2007-04-22 10:40:41Z lha $"); - -static char* -printable_time(time_t t) -{ - static char s[128]; - strlcpy(s, ctime(&t)+ 4, sizeof(s)); - s[15] = 0; - return s; -} - -static char* -printable_time_long(time_t t) -{ - static char s[128]; - strlcpy(s, ctime(&t)+ 4, sizeof(s)); - s[20] = 0; - return s; -} - -#define COL_ISSUED " Issued" -#define COL_EXPIRES " Expires" -#define COL_FLAGS "Flags" -#define COL_PRINCIPAL " Principal" -#define COL_PRINCIPAL_KVNO " Principal (kvno)" -#define COL_CACHENAME " Cache name" - -static void -print_cred(krb5_context context, krb5_creds *cred, rtbl_t ct, int do_flags) -{ - char *str; - krb5_error_code ret; - krb5_timestamp sec; - - krb5_timeofday (context, &sec); - - - if(cred->times.starttime) - rtbl_add_column_entry(ct, COL_ISSUED, - printable_time(cred->times.starttime)); - else - rtbl_add_column_entry(ct, COL_ISSUED, - printable_time(cred->times.authtime)); - - if(cred->times.endtime > sec) - rtbl_add_column_entry(ct, COL_EXPIRES, - printable_time(cred->times.endtime)); - else - rtbl_add_column_entry(ct, COL_EXPIRES, ">>>Expired<<<"); - ret = krb5_unparse_name (context, cred->server, &str); - if (ret) - krb5_err(context, 1, ret, "krb5_unparse_name"); - rtbl_add_column_entry(ct, COL_PRINCIPAL, str); - if(do_flags) { - char s[16], *sp = s; - if(cred->flags.b.forwardable) - *sp++ = 'F'; - if(cred->flags.b.forwarded) - *sp++ = 'f'; - if(cred->flags.b.proxiable) - *sp++ = 'P'; - if(cred->flags.b.proxy) - *sp++ = 'p'; - if(cred->flags.b.may_postdate) - *sp++ = 'D'; - if(cred->flags.b.postdated) - *sp++ = 'd'; - if(cred->flags.b.renewable) - *sp++ = 'R'; - if(cred->flags.b.initial) - *sp++ = 'I'; - if(cred->flags.b.invalid) - *sp++ = 'i'; - if(cred->flags.b.pre_authent) - *sp++ = 'A'; - if(cred->flags.b.hw_authent) - *sp++ = 'H'; - *sp++ = '\0'; - rtbl_add_column_entry(ct, COL_FLAGS, s); - } - free(str); -} - -static void -print_cred_verbose(krb5_context context, krb5_creds *cred) -{ - int j; - char *str; - krb5_error_code ret; - int first_flag; - krb5_timestamp sec; - - krb5_timeofday (context, &sec); - - ret = krb5_unparse_name(context, cred->server, &str); - if(ret) - exit(1); - printf("Server: %s\n", str); - free (str); - - ret = krb5_unparse_name(context, cred->client, &str); - if(ret) - exit(1); - printf("Client: %s\n", str); - free (str); - - { - Ticket t; - size_t len; - char *s; - - decode_Ticket(cred->ticket.data, cred->ticket.length, &t, &len); - ret = krb5_enctype_to_string(context, t.enc_part.etype, &s); - printf("Ticket etype: "); - if (ret == 0) { - printf("%s", s); - free(s); - } else { - printf("unknown(%d)", t.enc_part.etype); - } - if(t.enc_part.kvno) - printf(", kvno %d", *t.enc_part.kvno); - printf("\n"); - if(cred->session.keytype != t.enc_part.etype) { - ret = krb5_enctype_to_string(context, cred->session.keytype, &str); - if(ret) - krb5_warn(context, ret, "session keytype"); - else { - printf("Session key: %s\n", str); - free(str); - } - } - free_Ticket(&t); - printf("Ticket length: %lu\n", (unsigned long)cred->ticket.length); - } - printf("Auth time: %s\n", printable_time_long(cred->times.authtime)); - if(cred->times.authtime != cred->times.starttime) - printf("Start time: %s\n", printable_time_long(cred->times.starttime)); - printf("End time: %s", printable_time_long(cred->times.endtime)); - if(sec > cred->times.endtime) - printf(" (expired)"); - printf("\n"); - if(cred->flags.b.renewable) - printf("Renew till: %s\n", - printable_time_long(cred->times.renew_till)); - printf("Ticket flags: "); -#define PRINT_FLAG2(f, s) if(cred->flags.b.f) { if(!first_flag) printf(", "); printf("%s", #s); first_flag = 0; } -#define PRINT_FLAG(f) PRINT_FLAG2(f, f) - first_flag = 1; - PRINT_FLAG(forwardable); - PRINT_FLAG(forwarded); - PRINT_FLAG(proxiable); - PRINT_FLAG(proxy); - PRINT_FLAG2(may_postdate, may-postdate); - PRINT_FLAG(postdated); - PRINT_FLAG(invalid); - PRINT_FLAG(renewable); - PRINT_FLAG(initial); - PRINT_FLAG2(pre_authent, pre-authenticated); - PRINT_FLAG2(hw_authent, hw-authenticated); - PRINT_FLAG2(transited_policy_checked, transited-policy-checked); - PRINT_FLAG2(ok_as_delegate, ok-as-delegate); - PRINT_FLAG(anonymous); - printf("\n"); - printf("Addresses: "); - if (cred->addresses.len != 0) { - for(j = 0; j < cred->addresses.len; j++){ - char buf[128]; - size_t len; - if(j) printf(", "); - ret = krb5_print_address(&cred->addresses.val[j], - buf, sizeof(buf), &len); - - if(ret == 0) - printf("%s", buf); - } - } else { - printf("addressless"); - } - printf("\n\n"); -} - -/* - * Print all tickets in `ccache' on stdout, verbosily iff do_verbose. - */ - -static void -print_tickets (krb5_context context, - krb5_ccache ccache, - krb5_principal principal, - int do_verbose, - int do_flags, - int do_hidden) -{ - krb5_error_code ret; - char *str; - krb5_cc_cursor cursor; - krb5_creds creds; - int32_t sec, usec; - - rtbl_t ct = NULL; - - ret = krb5_unparse_name (context, principal, &str); - if (ret) - krb5_err (context, 1, ret, "krb5_unparse_name"); - - printf ("%17s: %s:%s\n", - "Credentials cache", - krb5_cc_get_type(context, ccache), - krb5_cc_get_name(context, ccache)); - printf ("%17s: %s\n", "Principal", str); - free (str); - - if(do_verbose) - printf ("%17s: %d\n", "Cache version", - krb5_cc_get_version(context, ccache)); - - krb5_get_kdc_sec_offset(context, &sec, &usec); - - if (do_verbose && sec != 0) { - char buf[BUFSIZ]; - int val; - int sig; - - val = sec; - sig = 1; - if (val < 0) { - sig = -1; - val = -val; - } - - unparse_time (val, buf, sizeof(buf)); - - printf ("%17s: %s%s\n", "KDC time offset", - sig == -1 ? "-" : "", buf); - } - - printf("\n"); - - ret = krb5_cc_start_seq_get (context, ccache, &cursor); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_start_seq_get"); - - if(!do_verbose) { - ct = rtbl_create(); - rtbl_add_column(ct, COL_ISSUED, 0); - rtbl_add_column(ct, COL_EXPIRES, 0); - if(do_flags) - rtbl_add_column(ct, COL_FLAGS, 0); - rtbl_add_column(ct, COL_PRINCIPAL, 0); - rtbl_set_separator(ct, " "); - } - while ((ret = krb5_cc_next_cred (context, - ccache, - &cursor, - &creds)) == 0) { - const char *str; - str = krb5_principal_get_comp_string(context, creds.server, 0); - if (!do_hidden && str && str[0] == '@') { - ; - }else if(do_verbose){ - print_cred_verbose(context, &creds); - }else{ - print_cred(context, &creds, ct, do_flags); - } - krb5_free_cred_contents (context, &creds); - } - if(ret != KRB5_CC_END) - krb5_err(context, 1, ret, "krb5_cc_get_next"); - ret = krb5_cc_end_seq_get (context, ccache, &cursor); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_end_seq_get"); - if(!do_verbose) { - rtbl_format(ct, stdout); - rtbl_destroy(ct); - } -} - -/* - * Check if there's a tgt for the realm of `principal' and ccache and - * if so return 0, else 1 - */ - -static int -check_for_tgt (krb5_context context, - krb5_ccache ccache, - krb5_principal principal, - time_t *expiration) -{ - krb5_error_code ret; - krb5_creds pattern; - krb5_creds creds; - krb5_realm *client_realm; - int expired; - - krb5_cc_clear_mcred(&pattern); - - client_realm = krb5_princ_realm (context, principal); - - ret = krb5_make_principal (context, &pattern.server, - *client_realm, KRB5_TGS_NAME, *client_realm, - NULL); - if (ret) - krb5_err (context, 1, ret, "krb5_make_principal"); - pattern.client = principal; - - ret = krb5_cc_retrieve_cred (context, ccache, 0, &pattern, &creds); - krb5_free_principal (context, pattern.server); - if (ret) { - if (ret == KRB5_CC_END) - return 1; - krb5_err (context, 1, ret, "krb5_cc_retrieve_cred"); - } - - expired = time(NULL) > creds.times.endtime; - - if (expiration) - *expiration = creds.times.endtime; - - krb5_free_cred_contents (context, &creds); - - return expired; -} - -/* - * Print a list of all AFS tokens - */ - -static void -display_tokens(int do_verbose) -{ - uint32_t i; - unsigned char t[4096]; - struct ViceIoctl parms; - - parms.in = (void *)&i; - parms.in_size = sizeof(i); - parms.out = (void *)t; - parms.out_size = sizeof(t); - - for (i = 0;; i++) { - int32_t size_secret_tok, size_public_tok; - unsigned char *cell; - struct ClearToken ct; - unsigned char *r = t; - struct timeval tv; - char buf1[20], buf2[20]; - - if(k_pioctl(NULL, VIOCGETTOK, &parms, 0) < 0) { - if(errno == EDOM) - break; - continue; - } - if(parms.out_size > sizeof(t)) - continue; - if(parms.out_size < sizeof(size_secret_tok)) - continue; - t[min(parms.out_size,sizeof(t)-1)] = 0; - memcpy(&size_secret_tok, r, sizeof(size_secret_tok)); - /* dont bother about the secret token */ - r += size_secret_tok + sizeof(size_secret_tok); - if (parms.out_size < (r - t) + sizeof(size_public_tok)) - continue; - memcpy(&size_public_tok, r, sizeof(size_public_tok)); - r += sizeof(size_public_tok); - if (parms.out_size < (r - t) + size_public_tok + sizeof(int32_t)) - continue; - memcpy(&ct, r, size_public_tok); - r += size_public_tok; - /* there is a int32_t with length of cellname, but we dont read it */ - r += sizeof(int32_t); - cell = r; - - gettimeofday (&tv, NULL); - strlcpy (buf1, printable_time(ct.BeginTimestamp), - sizeof(buf1)); - if (do_verbose || tv.tv_sec < ct.EndTimestamp) - strlcpy (buf2, printable_time(ct.EndTimestamp), - sizeof(buf2)); - else - strlcpy (buf2, ">>> Expired <<<", sizeof(buf2)); - - printf("%s %s ", buf1, buf2); - - if ((ct.EndTimestamp - ct.BeginTimestamp) & 1) - printf("User's (AFS ID %d) tokens for %s", ct.ViceId, cell); - else - printf("Tokens for %s", cell); - if (do_verbose) - printf(" (%d)", ct.AuthHandle); - putchar('\n'); - } -} - -/* - * display the ccache in `cred_cache' - */ - -static int -display_v5_ccache (const char *cred_cache, int do_test, int do_verbose, - int do_flags, int do_hidden) -{ - krb5_error_code ret; - krb5_context context; - krb5_ccache ccache; - krb5_principal principal; - int exit_status = 0; - - ret = krb5_init_context (&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - if(cred_cache) { - ret = krb5_cc_resolve(context, cred_cache, &ccache); - if (ret) - krb5_err (context, 1, ret, "%s", cred_cache); - } else { - ret = krb5_cc_default (context, &ccache); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_resolve"); - } - - ret = krb5_cc_get_principal (context, ccache, &principal); - if (ret) { - if(ret == ENOENT) { - if (!do_test) - krb5_warnx(context, "No ticket file: %s", - krb5_cc_get_name(context, ccache)); - return 1; - } else - krb5_err (context, 1, ret, "krb5_cc_get_principal"); - } - if (do_test) - exit_status = check_for_tgt (context, ccache, principal, NULL); - else - print_tickets (context, ccache, principal, do_verbose, - do_flags, do_hidden); - - ret = krb5_cc_close (context, ccache); - if (ret) - krb5_err (context, 1, ret, "krb5_cc_close"); - - krb5_free_principal (context, principal); - krb5_free_context (context); - return exit_status; -} - -/* - * - */ - -static int -list_caches(void) -{ - krb5_cc_cache_cursor cursor; - krb5_context context; - krb5_error_code ret; - krb5_ccache id; - rtbl_t ct; - - ret = krb5_init_context (&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - ret = krb5_cc_cache_get_first (context, NULL, &cursor); - if (ret == KRB5_CC_NOSUPP) - return 0; - else if (ret) - krb5_err (context, 1, ret, "krb5_cc_cache_get_first"); - - ct = rtbl_create(); - rtbl_add_column(ct, COL_PRINCIPAL, 0); - rtbl_add_column(ct, COL_CACHENAME, 0); - rtbl_add_column(ct, COL_EXPIRES, 0); - rtbl_set_prefix(ct, " "); - rtbl_set_column_prefix(ct, COL_PRINCIPAL, ""); - - while ((ret = krb5_cc_cache_next (context, cursor, &id)) == 0) { - krb5_principal principal; - char *name; - - ret = krb5_cc_get_principal(context, id, &principal); - if (ret == 0) { - time_t t; - int expired = check_for_tgt (context, id, principal, &t); - - ret = krb5_unparse_name(context, principal, &name); - if (ret == 0) { - rtbl_add_column_entry(ct, COL_PRINCIPAL, name); - rtbl_add_column_entry(ct, COL_CACHENAME, - krb5_cc_get_name(context, id)); - rtbl_add_column_entry(ct, COL_EXPIRES, - expired ? ">>> Expired <<<" : - printable_time(t)); - free(name); - krb5_free_principal(context, principal); - } - } - krb5_cc_close(context, id); - } - - krb5_cc_cache_end_seq_get(context, cursor); - - rtbl_format(ct, stdout); - rtbl_destroy(ct); - - return 0; -} - -/* - * - */ - -static int version_flag = 0; -static int help_flag = 0; -static int do_verbose = 0; -static int do_list_caches = 0; -static int do_test = 0; -static int do_tokens = 0; -static int do_v5 = 1; -static char *cred_cache; -static int do_flags = 0; -static int do_hidden = 0; - -static struct getargs args[] = { - { NULL, 'f', arg_flag, &do_flags }, - { "cache", 'c', arg_string, &cred_cache, - "credentials cache to list", "cache" }, - { "test", 't', arg_flag, &do_test, - "test for having tickets", NULL }, - { NULL, 's', arg_flag, &do_test }, - { "tokens", 'T', arg_flag, &do_tokens, - "display AFS tokens", NULL }, - { "v5", '5', arg_flag, &do_v5, - "display v5 cred cache", NULL}, - { "list-caches", 'l', arg_flag, &do_list_caches, - "verbose output", NULL }, - { "verbose", 'v', arg_flag, &do_verbose, - "verbose output", NULL }, - { "hidden", 0, arg_flag, &do_hidden, - "display hidden credentials", NULL }, - { NULL, 'a', arg_flag, &do_verbose }, - { NULL, 'n', arg_flag, &do_verbose }, - { "version", 0, arg_flag, &version_flag, - "print version", NULL }, - { "help", 0, arg_flag, &help_flag, - NULL, NULL} -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - ""); - exit (ret); -} - -int -main (int argc, char **argv) -{ - int optidx = 0; - int exit_status = 0; - - setprogname (argv[0]); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - if (argc != 0) - usage (1); - - if (do_list_caches) { - exit_status = list_caches(); - return exit_status; - } - - if (do_v5) - exit_status = display_v5_ccache (cred_cache, do_test, - do_verbose, do_flags, do_hidden); - - if (!do_test) { - if (do_tokens && k_hasafs ()) { - if (do_v5) - printf ("\n"); - display_tokens (do_verbose); - } - } - - return exit_status; -} diff --git a/crypto/heimdal/kuser/kuser_locl.h b/crypto/heimdal/kuser/kuser_locl.h deleted file mode 100644 index 36ea01a9a59f..000000000000 --- a/crypto/heimdal/kuser/kuser_locl.h +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: kuser_locl.h 20458 2007-04-19 20:41:27Z lha $ */ - -#ifndef __KUSER_LOCL_H__ -#define __KUSER_LOCL_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_PWD_H -#include -#endif -#ifdef HAVE_SYS_TIME_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif - -#ifdef HAVE_ARPA_INET_H -#include -#endif -#include -#include -#include -#include -#include - -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 -#include -#endif -#ifdef HAVE_SYS_IOCCOM_H -#include -#endif -#include -#include "crypto-headers.h" /* for des_read_pw_string */ - -#endif /* __KUSER_LOCL_H__ */ diff --git a/crypto/heimdal/kuser/kverify.c b/crypto/heimdal/kuser/kverify.c deleted file mode 100644 index 888658d95294..000000000000 --- a/crypto/heimdal/kuser/kverify.c +++ /dev/null @@ -1,128 +0,0 @@ -/* - * Copyright (c) 1997 - 2005, 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kuser_locl.h" - -RCSID("$Id: kverify.c 19920 2007-01-15 23:21:32Z lha $"); - -static int help_flag = 0; -static int version_flag = 0; - -static struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - "[principal]"); - exit (ret); -} - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - krb5_creds cred; - krb5_preauthtype pre_auth_types[] = {KRB5_PADATA_ENC_TIMESTAMP}; - krb5_get_init_creds_opt *get_options; - krb5_verify_init_creds_opt verify_options; - krb5_principal principal = NULL; - int optidx = 0; - - setprogname (argv[0]); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag) { - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - ret = krb5_get_init_creds_opt_alloc (context, &get_options); - if (ret) - krb5_err(context, 1, ret, "krb5_get_init_creds_opt_alloc"); - - krb5_get_init_creds_opt_set_preauth_list (get_options, - pre_auth_types, - 1); - - krb5_verify_init_creds_opt_init (&verify_options); - - if (argc) { - ret = krb5_parse_name(context, argv[0], &principal); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name: %s", argv[0]); - } - - ret = krb5_get_init_creds_password (context, - &cred, - principal, - NULL, - krb5_prompter_posix, - NULL, - 0, - NULL, - get_options); - if (ret) - errx (1, "krb5_get_init_creds: %s", krb5_get_err_text(context, ret)); - - ret = krb5_verify_init_creds (context, - &cred, - NULL, - NULL, - NULL, - &verify_options); - if (ret) - errx (1, "krb5_verify_init_creds: %s", - krb5_get_err_text(context, ret)); - krb5_free_cred_contents (context, &cred); - krb5_free_context (context); - return 0; -} diff --git a/crypto/heimdal/lib/45/45_locl.h b/crypto/heimdal/lib/45/45_locl.h deleted file mode 100644 index 8104179d5bba..000000000000 --- a/crypto/heimdal/lib/45/45_locl.h +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __45_LOCL_H__ -#define __45_LOCL_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include - -#ifdef HAVE_SYS_TIME_H -#include -#endif - -#include -#include -#include - -#endif /* __45_LOCL_H__ */ diff --git a/crypto/heimdal/lib/45/Makefile.am b/crypto/heimdal/lib/45/Makefile.am deleted file mode 100644 index 7ffa8c3ba67a..000000000000 --- a/crypto/heimdal/lib/45/Makefile.am +++ /dev/null @@ -1,11 +0,0 @@ -# $Id: Makefile.am 14164 2004-08-26 11:55:29Z joda $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_krb4) - -lib_LIBRARIES = @EXTRA_LIB45@ - -EXTRA_LIBRARIES = lib45.a - -lib45_a_SOURCES = get_ad_tkt.c mk_req.c 45_locl.h diff --git a/crypto/heimdal/lib/45/Makefile.in b/crypto/heimdal/lib/45/Makefile.in deleted file mode 100644 index fc6ff540cd48..000000000000 --- a/crypto/heimdal/lib/45/Makefile.in +++ /dev/null @@ -1,787 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 14164 2004-08-26 11:55:29Z joda $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = lib/45 -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(libdir)" -libLIBRARIES_INSTALL = $(INSTALL_DATA) -LIBRARIES = $(lib_LIBRARIES) -ARFLAGS = cru -lib45_a_AR = $(AR) $(ARFLAGS) -lib45_a_LIBADD = -am_lib45_a_OBJECTS = get_ad_tkt.$(OBJEXT) mk_req.$(OBJEXT) -lib45_a_OBJECTS = $(am_lib45_a_OBJECTS) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(lib45_a_SOURCES) -DIST_SOURCES = $(lib45_a_SOURCES) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -lib_LIBRARIES = @EXTRA_LIB45@ -EXTRA_LIBRARIES = lib45.a -lib45_a_SOURCES = get_ad_tkt.c mk_req.c 45_locl.h -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/45/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/45/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-libLIBRARIES: $(lib_LIBRARIES) - @$(NORMAL_INSTALL) - test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LIBRARIES)'; for p in $$list; do \ - if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(libLIBRARIES_INSTALL) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(libLIBRARIES_INSTALL) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ - else :; fi; \ - done - @$(POST_INSTALL) - @list='$(lib_LIBRARIES)'; for p in $$list; do \ - if test -f $$p; then \ - p=$(am__strip_dir) \ - echo " $(RANLIB) '$(DESTDIR)$(libdir)/$$p'"; \ - $(RANLIB) "$(DESTDIR)$(libdir)/$$p"; \ - else :; fi; \ - done - -uninstall-libLIBRARIES: - @$(NORMAL_UNINSTALL) - @list='$(lib_LIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - rm -f "$(DESTDIR)$(libdir)/$$p"; \ - done - -clean-libLIBRARIES: - -test -z "$(lib_LIBRARIES)" || rm -f $(lib_LIBRARIES) -lib45.a: $(lib45_a_OBJECTS) $(lib45_a_DEPENDENCIES) - -rm -f lib45.a - $(lib45_a_AR) lib45.a $(lib45_a_OBJECTS) $(lib45_a_LIBADD) - $(RANLIB) lib45.a - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(LIBRARIES) all-local -installdirs: - for dir in "$(DESTDIR)$(libdir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libLIBRARIES clean-libtool \ - mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-libLIBRARIES - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-libLIBRARIES - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-generic clean-libLIBRARIES clean-libtool ctags \ - dist-hook distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am \ - install-libLIBRARIES install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-hook \ - uninstall-libLIBRARIES - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/lib/45/get_ad_tkt.c b/crypto/heimdal/lib/45/get_ad_tkt.c deleted file mode 100644 index 0d142353eb64..000000000000 --- a/crypto/heimdal/lib/45/get_ad_tkt.c +++ /dev/null @@ -1,116 +0,0 @@ -/* - * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "45_locl.h" - -RCSID("$Id: get_ad_tkt.c 10113 2001-06-18 13:11:33Z assar $"); - -/* get an additional version 4 ticket via the 524 protocol */ - -#ifndef NEVERDATE -#define NEVERDATE ((unsigned long)0x7fffffffL) -#endif - -int -get_ad_tkt(char *service, char *sinstance, char *realm, int lifetime) -{ - krb5_error_code ret; - int code; - krb5_context context; - krb5_ccache id; - krb5_creds in_creds, *out_creds; - CREDENTIALS cred; - time_t now; - char pname[ANAME_SZ], pinst[INST_SZ], prealm[REALM_SZ]; - - ret = krb5_init_context(&context); - if(ret) - return KFAILURE; - ret = krb5_cc_default(context, &id); - if(ret){ - krb5_free_context(context); - return KFAILURE; - } - memset(&in_creds, 0, sizeof(in_creds)); - now = time(NULL); - in_creds.times.endtime = krb_life_to_time(time(NULL), lifetime); - if(in_creds.times.endtime == NEVERDATE) - in_creds.times.endtime = 0; - ret = krb5_cc_get_principal(context, id, &in_creds.client); - if(ret){ - krb5_cc_close(context, id); - krb5_free_context(context); - return KFAILURE; - } - ret = krb5_524_conv_principal(context, in_creds.client, - pname, pinst, prealm); - if(ret){ - krb5_free_principal(context, in_creds.client); - krb5_cc_close(context, id); - krb5_free_context(context); - return KFAILURE; - } - ret = krb5_425_conv_principal(context, service, sinstance, realm, - &in_creds.server); - if(ret){ - krb5_free_principal(context, in_creds.client); - krb5_cc_close(context, id); - krb5_free_context(context); - return KFAILURE; - } - ret = krb5_get_credentials(context, - 0, - id, - &in_creds, - &out_creds); - krb5_free_principal(context, in_creds.client); - krb5_free_principal(context, in_creds.server); - if(ret){ - krb5_cc_close(context, id); - krb5_free_context(context); - return KFAILURE; - } - ret = krb524_convert_creds_kdc_ccache(context, id, out_creds, &cred); - krb5_cc_close(context, id); - krb5_free_context(context); - krb5_free_creds(context, out_creds); - if(ret) - return KFAILURE; - code = save_credentials(cred.service, cred.instance, cred.realm, - cred.session, cred.lifetime, cred.kvno, - &cred.ticket_st, now); - if(code == NO_TKT_FIL) - code = tf_setup(&cred, pname, pinst); - memset(&cred.session, 0, sizeof(cred.session)); - return code; -} diff --git a/crypto/heimdal/lib/45/mk_req.c b/crypto/heimdal/lib/45/mk_req.c deleted file mode 100644 index af63f0b653b8..000000000000 --- a/crypto/heimdal/lib/45/mk_req.c +++ /dev/null @@ -1,139 +0,0 @@ -/* - * Copyright (c) 1997 - 2000, 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* implementation of krb_mk_req that uses 524 protocol */ - -#include "45_locl.h" - -RCSID("$Id: mk_req.c 17445 2006-05-05 10:37:46Z lha $"); - -static int lifetime = 255; - -static void -build_request(KTEXT req, - const char *name, const char *inst, const char *realm, - uint32_t checksum) -{ - struct timeval tv; - krb5_storage *sp; - krb5_data data; - sp = krb5_storage_emem(); - krb5_store_stringz(sp, name); - krb5_store_stringz(sp, inst); - krb5_store_stringz(sp, realm); - krb5_store_int32(sp, checksum); - gettimeofday(&tv, NULL); - krb5_store_int8(sp, tv.tv_usec / 5000); - krb5_store_int32(sp, tv.tv_sec); - krb5_storage_to_data(sp, &data); - krb5_storage_free(sp); - memcpy(req->dat, data.data, data.length); - req->length = (data.length + 7) & ~7; - krb5_data_free(&data); -} - -#ifdef KRB_MK_REQ_CONST -int -krb_mk_req(KTEXT authent, - const char *service, const char *instance, const char *realm, - int32_t checksum) -#else -int -krb_mk_req(KTEXT authent, - char *service, char *instance, char *realm, - int32_t checksum) - -#endif -{ - CREDENTIALS cr; - KTEXT_ST req; - krb5_storage *sp; - int code; - /* XXX get user realm */ - const char *myrealm = realm; - krb5_data a; - - code = krb_get_cred(service, instance, realm, &cr); - if(code || time(NULL) > krb_life_to_time(cr.issue_date, cr.lifetime)){ - code = get_ad_tkt((char *)service, - (char *)instance, (char *)realm, lifetime); - if(code == KSUCCESS) - code = krb_get_cred(service, instance, realm, &cr); - } - - if(code) - return code; - - sp = krb5_storage_emem(); - - krb5_store_int8(sp, KRB_PROT_VERSION); - krb5_store_int8(sp, AUTH_MSG_APPL_REQUEST); - - krb5_store_int8(sp, cr.kvno); - krb5_store_stringz(sp, realm); - krb5_store_int8(sp, cr.ticket_st.length); - - build_request(&req, cr.pname, cr.pinst, myrealm, checksum); - encrypt_ktext(&req, &cr.session, DES_ENCRYPT); - - krb5_store_int8(sp, req.length); - - krb5_storage_write(sp, cr.ticket_st.dat, cr.ticket_st.length); - krb5_storage_write(sp, req.dat, req.length); - krb5_storage_to_data(sp, &a); - krb5_storage_free(sp); - memcpy(authent->dat, a.data, a.length); - authent->length = a.length; - krb5_data_free(&a); - - memset(&cr, 0, sizeof(cr)); - memset(&req, 0, sizeof(req)); - - return KSUCCESS; -} - -/* - * krb_set_lifetime sets the default lifetime for additional tickets - * obtained via krb_mk_req(). - * - * It returns the previous value of the default lifetime. - */ - -int -krb_set_lifetime(int newval) -{ - int olife = lifetime; - - lifetime = newval; - return(olife); -} diff --git a/crypto/heimdal/lib/Makefile.am b/crypto/heimdal/lib/Makefile.am deleted file mode 100644 index f1e26e1f2a05..000000000000 --- a/crypto/heimdal/lib/Makefile.am +++ /dev/null @@ -1,22 +0,0 @@ -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -include $(top_srcdir)/Makefile.am.common - -if KRB4 -dir_45 = 45 -endif -if OTP -dir_otp = otp -endif -if DCE -dir_dce = kdfs -endif -if COM_ERR -dir_com_err = com_err -endif -if !HAVE_OPENSSL -dir_hcrypto = hcrypto -endif - -SUBDIRS = roken vers editline $(dir_com_err) sl asn1 $(dir_hcrypto) hx509 \ - krb5 ntlm kafs gssapi hdb kadm5 auth $(dir_45) $(dir_otp) $(dir_dce) diff --git a/crypto/heimdal/lib/Makefile.in b/crypto/heimdal/lib/Makefile.in deleted file mode 100644 index 6884c24a0e2b..000000000000 --- a/crypto/heimdal/lib/Makefile.in +++ /dev/null @@ -1,823 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 20466 2007-04-20 08:29:05Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = lib -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ - html-recursive info-recursive install-data-recursive \ - install-dvi-recursive install-exec-recursive \ - install-html-recursive install-info-recursive \ - install-pdf-recursive install-ps-recursive install-recursive \ - installcheck-recursive installdirs-recursive pdf-recursive \ - ps-recursive uninstall-recursive -RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ - distclean-recursive maintainer-clean-recursive -ETAGS = etags -CTAGS = ctags -DIST_SUBDIRS = roken vers editline com_err sl asn1 hcrypto hx509 krb5 \ - ntlm kafs gssapi hdb kadm5 auth 45 otp kdfs -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -@KRB4_TRUE@dir_45 = 45 -@OTP_TRUE@dir_otp = otp -@DCE_TRUE@dir_dce = kdfs -@COM_ERR_TRUE@dir_com_err = com_err -@HAVE_OPENSSL_FALSE@dir_hcrypto = hcrypto -SUBDIRS = roken vers editline $(dir_com_err) sl asn1 $(dir_hcrypto) hx509 \ - krb5 ntlm kafs gssapi hdb kadm5 auth $(dir_45) $(dir_otp) $(dir_dce) - -all: all-recursive - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -# This directory's subdirectories are mostly independent; you can cd -# into them and run `make' without going through this Makefile. -# To change the values of `make' variables: instead of editing Makefiles, -# (1) if the variable is set in `config.status', edit `config.status' -# (which will cause the Makefiles to be regenerated when you run `make'); -# (2) otherwise, pass the desired values on the `make' command line. -$(RECURSIVE_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - target=`echo $@ | sed s/-recursive//`; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - dot_seen=yes; \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done; \ - if test "$$dot_seen" = "no"; then \ - $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ - fi; test -z "$$fail" - -$(RECURSIVE_CLEAN_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - case "$@" in \ - distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ - *) list='$(SUBDIRS)' ;; \ - esac; \ - rev=''; for subdir in $$list; do \ - if test "$$subdir" = "."; then :; else \ - rev="$$subdir $$rev"; \ - fi; \ - done; \ - rev="$$rev ."; \ - target=`echo $@ | sed s/-recursive//`; \ - for subdir in $$rev; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done && test -z "$$fail" -tags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ - done -ctags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ - include_option=--etags-include; \ - empty_fix=.; \ - else \ - include_option=--include; \ - empty_fix=; \ - fi; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test ! -f $$subdir/TAGS || \ - tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ - fi; \ - done; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test -d "$(distdir)/$$subdir" \ - || $(MKDIR_P) "$(distdir)/$$subdir" \ - || exit 1; \ - distdir=`$(am__cd) $(distdir) && pwd`; \ - top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ - (cd $$subdir && \ - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$$top_distdir" \ - distdir="$$distdir/$$subdir" \ - am__remove_distdir=: \ - am__skip_length_check=: \ - distdir) \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-recursive -all-am: Makefile all-local -installdirs: installdirs-recursive -installdirs-am: -install: install-recursive -install-exec: install-exec-recursive -install-data: install-data-recursive -uninstall: uninstall-recursive - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-recursive -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-recursive - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-recursive - -rm -f Makefile -distclean-am: clean-am distclean-generic distclean-tags - -dvi: dvi-recursive - -dvi-am: - -html: html-recursive - -info: info-recursive - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-recursive - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-recursive - -install-info: install-info-recursive - -install-man: - -install-pdf: install-pdf-recursive - -install-ps: install-ps-recursive - -installcheck-am: - -maintainer-clean: maintainer-clean-recursive - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-recursive - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-recursive - -pdf-am: - -ps: ps-recursive - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ - install-data-am install-exec-am install-strip uninstall-am - -.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ - all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool ctags ctags-recursive dist-hook \ - distclean distclean-generic distclean-libtool distclean-tags \ - distdir dvi dvi-am html html-am info info-am install \ - install-am install-data install-data-am install-data-hook \ - install-dvi install-dvi-am install-exec install-exec-am \ - install-exec-hook install-html install-html-am install-info \ - install-info-am install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs installdirs-am maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags tags-recursive \ - uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/lib/asn1/CMS.asn1 b/crypto/heimdal/lib/asn1/CMS.asn1 deleted file mode 100644 index 685f0b189831..000000000000 --- a/crypto/heimdal/lib/asn1/CMS.asn1 +++ /dev/null @@ -1,157 +0,0 @@ --- From RFC 3369 -- --- $Id: CMS.asn1 18054 2006-09-07 12:20:42Z lha $ -- - -CMS DEFINITIONS ::= BEGIN - -IMPORTS CertificateSerialNumber, AlgorithmIdentifier, Name, - Attribute, Certificate, Name, SubjectKeyIdentifier FROM rfc2459 - heim_any, heim_any_set FROM heim; - -id-pkcs7 OBJECT IDENTIFIER ::= { iso(1) member-body(2) - us(840) rsadsi(113549) pkcs(1) pkcs7(7) } - -id-pkcs7-data OBJECT IDENTIFIER ::= { id-pkcs7 1 } -id-pkcs7-signedData OBJECT IDENTIFIER ::= { id-pkcs7 2 } -id-pkcs7-envelopedData OBJECT IDENTIFIER ::= { id-pkcs7 3 } -id-pkcs7-signedAndEnvelopedData OBJECT IDENTIFIER ::= { id-pkcs7 4 } -id-pkcs7-digestedData OBJECT IDENTIFIER ::= { id-pkcs7 5 } -id-pkcs7-encryptedData OBJECT IDENTIFIER ::= { id-pkcs7 6 } - -CMSVersion ::= INTEGER { - CMSVersion_v0(0), - CMSVersion_v1(1), - CMSVersion_v2(2), - CMSVersion_v3(3), - CMSVersion_v4(4) -} - -DigestAlgorithmIdentifier ::= AlgorithmIdentifier -DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier -SignatureAlgorithmIdentifier ::= AlgorithmIdentifier - -ContentType ::= OBJECT IDENTIFIER -MessageDigest ::= OCTET STRING - -ContentInfo ::= SEQUENCE { - contentType ContentType, - content [0] EXPLICIT heim_any OPTIONAL -- DEFINED BY contentType -} - -EncapsulatedContentInfo ::= SEQUENCE { - eContentType ContentType, - eContent [0] EXPLICIT OCTET STRING OPTIONAL -} - -CertificateSet ::= SET OF heim_any - -CertificateList ::= Certificate - -CertificateRevocationLists ::= SET OF CertificateList - -IssuerAndSerialNumber ::= SEQUENCE { - issuer Name, - serialNumber CertificateSerialNumber -} - --- RecipientIdentifier is same as SignerIdentifier, --- lets glue them togheter and save some bytes and share code for them - -CMSIdentifier ::= CHOICE { - issuerAndSerialNumber IssuerAndSerialNumber, - subjectKeyIdentifier [0] SubjectKeyIdentifier -} - -SignerIdentifier ::= CMSIdentifier -RecipientIdentifier ::= CMSIdentifier - ---- CMSAttributes are the combined UnsignedAttributes and SignedAttributes ---- to store space and share code - -CMSAttributes ::= SET OF Attribute -- SIZE (1..MAX) - -SignatureValue ::= OCTET STRING - -SignerInfo ::= SEQUENCE { - version CMSVersion, - sid SignerIdentifier, - digestAlgorithm DigestAlgorithmIdentifier, - signedAttrs [0] IMPLICIT -- CMSAttributes -- - SET OF Attribute OPTIONAL, - signatureAlgorithm SignatureAlgorithmIdentifier, - signature SignatureValue, - unsignedAttrs [1] IMPLICIT -- CMSAttributes -- - SET OF Attribute OPTIONAL -} - -SignerInfos ::= SET OF SignerInfo - -SignedData ::= SEQUENCE { - version CMSVersion, - digestAlgorithms DigestAlgorithmIdentifiers, - encapContentInfo EncapsulatedContentInfo, - certificates [0] IMPLICIT -- CertificateSet -- - SET OF heim_any OPTIONAL, - crls [1] IMPLICIT -- CertificateRevocationLists -- - heim_any OPTIONAL, - signerInfos SignerInfos -} - -OriginatorInfo ::= SEQUENCE { - certs [0] IMPLICIT -- CertificateSet -- - SET OF heim_any OPTIONAL, - crls [1] IMPLICIT --CertificateRevocationLists -- - heim_any OPTIONAL -} - -KeyEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier -ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier - -EncryptedKey ::= OCTET STRING - -KeyTransRecipientInfo ::= SEQUENCE { - version CMSVersion, -- always set to 0 or 2 - rid RecipientIdentifier, - keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, - encryptedKey EncryptedKey -} - -RecipientInfo ::= KeyTransRecipientInfo - -RecipientInfos ::= SET OF RecipientInfo - -EncryptedContent ::= OCTET STRING - -EncryptedContentInfo ::= SEQUENCE { - contentType ContentType, - contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier, - encryptedContent [0] IMPLICIT OCTET STRING OPTIONAL -} - -UnprotectedAttributes ::= SET OF Attribute -- SIZE (1..MAX) - -CMSEncryptedData ::= SEQUENCE { - version CMSVersion, - encryptedContentInfo EncryptedContentInfo, - unprotectedAttrs [1] IMPLICIT -- UnprotectedAttributes -- - heim_any OPTIONAL -} - -EnvelopedData ::= SEQUENCE { - version CMSVersion, - originatorInfo [0] IMPLICIT -- OriginatorInfo -- heim_any OPTIONAL, - recipientInfos RecipientInfos, - encryptedContentInfo EncryptedContentInfo, - unprotectedAttrs [1] IMPLICIT -- UnprotectedAttributes -- - heim_any OPTIONAL -} - --- Data ::= OCTET STRING - -CMSRC2CBCParameter ::= SEQUENCE { - rc2ParameterVersion INTEGER (0..4294967295), - iv OCTET STRING -- exactly 8 octets -} - -CMSCBCParameter ::= OCTET STRING - -END diff --git a/crypto/heimdal/lib/asn1/ChangeLog b/crypto/heimdal/lib/asn1/ChangeLog deleted file mode 100644 index 9039e253fedf..000000000000 --- a/crypto/heimdal/lib/asn1/ChangeLog +++ /dev/null @@ -1,1649 +0,0 @@ -2008-01-13 Love Hörnquist Åstrand - - * asn1-common.h gen.c der.c gen_encode.c: add and use der_{malloc,free} - -2007-12-13 Love Hörnquist Åstrand - - * libasn1.h: remove, not used. - -2007-12-04 Love Hörnquist Åstrand - - * Makefile.am: Add DigestTypes, add --seq to antoher type. - - * digest.asn1: Add supportedMechs request. - -2007-10-18 Love Hörnquist Åstrand - - * k5.asn1: Some "old" windows enctypes. From Andy Polyakov. - -2007-07-23 Love Hörnquist Åstrand - - * Makefile.am: Fold in pk-init-alg-agilty. - - * pkinit.asn1: Fold in pk-init-alg-agilty. - -2007-07-16 Love Hörnquist Åstrand - - * parse.y: Passe object id is its part of the module defintion - statement. - -2007-07-14 Love Hörnquist Åstrand - - * check-gen.c: test SEQ OF SIZE (...) - - * Makefile.am: Include more sizeof tests. - -2007-07-12 Love Hörnquist Åstrand - - * try to avoid aliasing of pointers enum {} vs int - -2007-07-10 Love Hörnquist Åstrand - - * test.asn1: Test SIZE attribute for SEQ and OCTET STRING - - * parse.y (OctetStringType): add SIZE to OCTET STRING. - - * Makefile.am: New library version. - -2007-07-02 Love Hörnquist Åstrand - - * rfc2459.asn1: Re-add size limits. - - * k5.asn1: Add size limits from RFC 4120. - - * gen_decode.c: Check range on SEQ OF and OCTET STRING. - - * asn1_err.et (min|max|exact) constraints. - - * parse.y: Parse size limitations to SEQ OF. - -2007-06-28 Love Hörnquist Åstrand - - * Makefile.am: Add AuthorityInfoAccessSyntax. - - * rfc2459.asn1: Add AuthorityInfoAccessSyntax. - - * rfc2459.asn1: Add authorityInfoAccess, rename proxyCertInfo. - - * Makefile.am: Add authorityInfoAccess, rename proxyCertInfo. - -2007-06-27 Love Hörnquist Åstrand - - * der_get.c (der_get_time): avoid using wrapping of octet_string - and realloc. - - * der_get.c: No need to undef timetm, we don't use it any more. - - * timegm.c: Fix spelling caused by too much query-replace. - - * gen.c: Include for UINT_MAX. - - * gen_decode.c: Check for multipication overrun. - - * gen_encode.c: Paranoia check in buffer overun in output - function. - - * check-der.c: Test boolean. - - * check-der.c: test universal strings. - - * check-der.c: Test failure cases for der_get_tag. - - * check-der.c: test dates from last century. - - * check-der.c: Move zero length integercheck to a better place. - - * check-der.c: Test zero length integer. - -2007-06-18 Love Hörnquist Åstrand - - * check-der.c: Init data to something. - -2007-06-15 Love Hörnquist Åstrand - - * k5.asn1: Add KRB5-AUTHDATA-INITIAL-VERIFIED-CAS. - -2007-06-13 Love Hörnquist Åstrand - - * pkinit.asn1: Make the pkinit nonce signed (like the kerberos - nonce). - -2007-06-03 Love Hörnquist Åstrand - - * check-der.c: Free more memory. - - * der_format.c: Don't accect zero length hex numbers. - - * check-der.c: Also free right memory. - - * main.c: Close asn1 file when done. - - * check-der.c: more check for der_parse_hex_heim_integer - - * der_format.c (der_parse_hex_heim_integer): check length before - reading data. - - * check-gen.c (test_authenticator): free memory - -2007-05-31 Love Hörnquist Åstrand - - * Makefile.am: add MS-UPN-SAN - - * pkinit.asn1: add MS-UPN-SAN - - * rfc2459.asn1: Do evil things to handle IMPLICIT encoded - structures. Add id-ms-client-authentication. - -2007-05-30 Love Hörnquist Åstrand - - * Makefile.am: Add asn1_id_ms_cert_enroll_domaincontroller.x - -2007-05-10 Love Hörnquist Åstrand - - * gen.c: Add struct units; as a forward declaration. Pointed out - by Marcus Watts. - - * rfc2459.asn1: Netscape extentions - - * Makefile.am: add U.S. Federal PKI Common Policy Framework - - * rfc2459.asn1: add U.S. Federal PKI Common Policy Framework - -2007-04-24 Love Hörnquist Åstrand - - * gen_seq.c: Handle the case of resize to 0 and realloc that - returns NULL. - - * check-gen.c (check_seq): free seq. - -2007-04-19 Love Hörnquist Åstrand - - * check-der.c (test_heim_oid_format_same): avoid leaking memory in - the non failure case too - -2007-04-16 Love Hörnquist Åstrand - - * Makefile.am: remove extra ^Q - -2007-04-11 Love Hörnquist Åstrand - - * der_get.c: Allow trailing NULs. We allow this since MIT Kerberos - sends an strings in the NEED_PREAUTH case that includes a trailing - NUL. - -2007-02-17 Love Hörnquist Åstrand - - - * Makefile.am: Add PA-ClientCanonicalized and friends. - - * k5.asn1: Add PA-ClientCanonicalized and friends. - -2007-02-08 Love Hörnquist Åstrand - - * check-der.c: Drop one over INT_MAX test-case. - -2007-02-05 Love Hörnquist Åstrand - - * pkinit.asn1: add id-pkinit-ms-eku - - * pkinit.asn1: fill in more bits of id-pkinit-ms-san - -2007-02-02 Love Hörnquist Åstrand - - * digest.asn1: rename hash-a1 to session key - -2007-02-01 Love Hörnquist Åstrand - - * digest.asn1: Add elements to send in requestResponse to KDC and - get status of the request. - -2007-01-31 Love Hörnquist Åstrand - - * Makefile.am: seq rules for CRLDistributionPoints - -2007-01-30 Love Hörnquist Åstrand - - * Makefile.am: add CRLDistributionPoints and friends - -2007-01-20 Love Hörnquist Åstrand - - * check-der.c: check BMPstring oddlength more - - * check-der.c: Test for NUL char in string in GENERAL STRING. - - * der_get.c: Check for NUL characters in string and return - ASN1_BAD_CHARACTER error-code if we find them. - - * asn1_err.et: Add BAD_CHARACTER error. - -2007-01-16 Love Hörnquist Åstrand - - * Makefile.am: Add id-at-streetAddress. - - * rfc2459.asn1: Add id-at-streetAddress. - -2007-01-12 Love Hörnquist Åstrand - - * rfc2459.asn1: Add PKIXXmppAddr and id-pkix-on-xmppAddr. - -2006-12-30 Love Hörnquist Åstrand - - * Makefile.am: Add id-pkix-kp oids. - - * rfc2459.asn1: Add id-pkix-kp oids. - -2006-12-29 Love Hörnquist Åstrand - - * gen_encode.c: Named bit strings have this horrible, disgusting, - compress bits until they are no longer really there but stuff in - an initial octet anyway encoding scheme. Try to get it right and - calculate the initial octet runtime instead of compiletime. - - * check-gen.c: Check all other silly bitstring combinations. - - * Makefile.am: Add --sequence=Extensions to rfc2459. - -2006-12-28 Love Hörnquist Åstrand - - * kx509.asn1: Add kx509. - - * Makefile.am: Add kx509. - - * Add VisibleString parsing - -2006-12-15 Love Hörnquist Åstrand - - * Makefile.am: Add ntlm files. - - * digest.asn1: Add bits for handling NTLM. - -2006-12-08 Love Hörnquist Åstrand - - * Makefile.am: add pkix proxy cert policy lang oids - - * rfc2459.asn1: add pkix proxy cert policy lang oids - -2006-12-07 Love Hörnquist Åstrand - - * rfc2459.asn1: unbreak id-pe-proxyCertInfo - - * rfc2459.asn1: Add id-pkix-on-dnsSRV and related oids - -2006-11-28 Love Hörnquist Åstrand - - * Makefile.am: Add explicit depenency to LIB_roken for libasn1.la, - make AIX happy. - -2006-11-27 Love Hörnquist Åstrand - - * der_format.c (der_print_heim_oid): oid with zero length is - invalid, fail to print. - -2006-11-24 Love Hörnquist Åstrand - - * der_format.c (der_print_heim_oid): use delim when printing. - -2006-11-21 Love Hörnquist Åstrand - - * k5.asn1: Make KRB5-PADATA-S4U2SELF pa type 129. - -2006-10-24 Love Hörnquist Åstrand - - * asn1_err.et: add EXTRA_DATA - -2006-10-21 Love Hörnquist Åstrand - - * check-gen.c: avoid leaking memory - - * check-der.c: avoid leaking memory - - * der_format.c (der_parse_heim_oid): avoid leaking memory - - * check-common.c: Print size_t as (unsigned long) and cast. - - * check-common.c: Try to align data, IA64's gets upset if its - unaligned. - - * lex.l: add missing */ - - * lex.c: need %e for hpux lex - -2006-10-20 Love Hörnquist Åstrand - - * Makefile.am: remove dups from gen_files_test, add check-timegm. - - * Makefile.am: include more test.asn1 built files - - * Makefile.am: More files, now for make check. - -2006-10-19 Love Hörnquist Åstrand - - * Makefile.am: Add missing files - - * Makefile.am (asn1_compile_SOURCES): add gen_locl.h - - * check-timegm.c: Add check for _der_timegm. - - * der_get.c (generalizedtime2time): always use _der_timegm. - - * timegm.c: make more strict - - * der_locl.h: Rename timegm to _der_timegm. - -2006-10-17 Love Hörnquist Åstrand - - * timegm.c: vJust fail if tm_mon is out of range for now XXXX this - is wrong. - -2006-10-16 Love Hörnquist Åstrand - - * Makefile.am: extra depencies on der-protos.h - -2006-10-14 Love Hörnquist Åstrand - - * check-der.c: Prefix primitive types with der_. - - * timegm.c: rename the buildin timegm to _der_timegm - - * heim_asn1.h: move prototype away from here. - - * der_format.c: Add der_parse_heim_oid - - * gen_free.c: prefix primitive types with der_ - - * der_copy.c: prefix primitive types with der_ - - * gen_length.c: prefix primitive types with der_ - - * der_length.c: prefix primitive types with der_ - - * der_cmp.c: prefix primitive types with der_ - - * gen_free.c: prefix primitive types with der_ - - * der_free.c: prefix primitive types with der_ - - * gen_copy.c: prefix primitive types with der_ - - * der_copy.c: rename copy_ to der_copy_ - - * Makefile.am: Add der-protos.h to nodist_include_HEADERS. - - * der.h: use newly built - - * Makefile.am: Generate der prototypes. - - * gen.c: move any definitions here. - - * asn1-common.h: move any definitions here. - - * der.h: remove der_parse_oid prototype, it was never implemented. - - * der.h: New der_print_heim_oid signature. Test - der_parse_heim_oid - - * check-der.c: New der_print_heim_oid signature. Test - der_parse_heim_oid - -2006-10-07 Love Hörnquist Åstrand - - * lex.l: Grow an even larger output table size. - - * Makefile.am: split build files into dist_ and noinst_ SOURCES - -2006-10-04 Love Hörnquist Åstrand - - * gen_seq.c: In generation of remove_TYPE: if you just removed the - last element, you must not memmove memory beyond the array. From - Andrew Bartlett - -2006-10-01 Love Hörnquist Åstrand - - * lex.l: Grow (%p, %a, %n) tables for Solaris 10 lex. From Harald - Barth. - -2006-09-24 Love Hörnquist Åstrand - - * gen_decode.c (decode_type): drop unused variable realtype. - -2006-09-11 Love Hörnquist Åstrand - - * Makefile.am: Add KRB5SignedPath and friends. - - * k5.asn1: Add KRB5SignedPath and friends. - - * Makefile.am: Add new sequence generation for GeneralNames. - -2006-09-07 Love Hörnquist Åstrand - - * CMS.asn1 (CMSVersion): rename versions from v0 to CMSVersion_v0, - ... - -2006-09-05 Love Hörnquist Åstrand - - * Makefile.am: Add TESTSeqOf for testing sequence generation code. - - * check-gen.c: Add sequence tests. - - * test.asn1: Add TESTSeqOf for testing sequence generation code. - - * gen_seq.c: fix warning. - - * gen_seq.c: make generated data work - - * setchgpw2.asn1: enctype is part of the krb5 module now, use that - instead of locally defining it. - - * Makefile.am: asn1_compile += gen_seq.c - - * gen_locl.h: add new prototypes, remove unused ones. - - * gen.c: Generate sequence function. - - * main.c: add --sequence - - * gen_seq.c: Add generated add_ and remove_ for "SEQUENCE OF - TType". I'm tried of writing realloc(foo->data, - sizeof(foo->data[0]) + (foo->len + 1)); Only generated for those - type that is enabled by the command flag --sequence. - -2006-08-25 Love Hörnquist Åstrand - - * digest.asn1 (DigestRequest): add authid - - * digest.asn1: Comment describing on how to communicate the sasl - int/conf mode. - -2006-08-23 Love Hörnquist Åstrand - - * digest.asn1: Add some missing fields needed for digest. - -2006-08-21 Love Hörnquist Åstrand - - * digest.asn1: Tweak to make consisten and more easier to use. - -2006-07-20 Love Hörnquist Åstrand - - * Makefile.am: Remove CMS symmetric encryption support. Add - DigestProtocol. - - * digest.asn1: DigestProtocol - - * k5.asn1: Remove CMS symmetric encryption support. - -2006-06-22 Love Hörnquist Åstrand - - * check-der.c (check_fail_heim_integer): disable test - - * der_get.c (der_get_heim_integer): revert part of previous - - * der_get.c (der_get_heim_integer): Add more checks - - * asn1_print.c: Add printing of bignums and use der_print_heim_oid - - * check-der.c (test_heim_oid_format_same): add printing on failure - - * check-der.c: Add one check for heim_int, add checking for oid - printing - -2006-06-06 Love Hörnquist Åstrand - - * Makefile.am: Impersonation support bits (and sort) - - * k5.asn1: Impersonation support bits. - -2006-05-13 Love Hörnquist Åstrand - - * der_format.c (der_parse_hex_heim_integer): avoid shadowing. - -2006-04-29 Love Hörnquist Åstrand - - * Makefile.am: Add ExternalPrincipalIdentifiers, shared between - several elements. - - * pkinit.asn1: Add ExternalPrincipalIdentifiers, shared between - several elements. - -2006-04-28 Love Hörnquist Åstrand - - * parse.y: Add missing ;'s, found by bison on a SuSE 8.2 machine. - -2006-04-26 Love Hörnquist Åstrand - - * Makefile.am: Add definitions from RFC 3820, Proxy Certificate - Profile. - - * rfc2459.asn1: Add definitions from RFC 3820, Proxy Certificate - Profile. - -2006-04-24 Love Hörnquist Åstrand - - * rfc2459.asn1: Add id-Userid - - * Makefile.am: Add UID and email - - * pkcs9.asn1: Add id-pkcs9-emailAddress - - * Makefile.am: Add attribute type oids from X520 and RFC 2247 DC - oid - - * rfc2459.asn1: Add attribute type oids from X520 and RFC 2247 DC - oid - -2006-04-21 Love Hörnquist Åstrand - - * Makefile.am: add sha-1 and sha-2 - - * rfc2459.asn1: add sha-1 and sha-2 - -2006-04-15 Love Hörnquist Åstrand - - * Makefile.am: Add id-pkcs1-sha256WithRSAEncryption and friends - - * rfc2459.asn1: Add id-pkcs1-sha256WithRSAEncryption and friends - - * CMS.asn1: Turn CMSRC2CBCParameter.rc2ParameterVersion into a - constrained integer - -2006-04-08 Love Hörnquist Åstrand - - * hash.c (hashtabnew): check for NULL before setting structure. - Coverity, NetBSD CID#4 - -2006-03-31 Love Hörnquist Åstrand - - * Makefile.am: gen_files_rfc2459 += asn1_ExtKeyUsage.x - - * rfc2459.asn1: Add ExtKeyUsage. - - * gen.c (generate_header_of_codefile): remove unused variable. - -2006-03-30 Love Hörnquist Åstrand - - * gen.c: Put all the IMPORTed headers into the headerfile to avoid - hidden depencies. - -2006-03-27 Love Hörnquist Åstrand - - * Makefile.am: Add id-pkinit-ms-san. - - * pkinit.asn1: Add id-pkinit-ms-san. - - * k5.asn1 (PADATA-TYPE): Add KRB5-PADATA-PA-PK-OCSP-RESPONSE - -2006-03-26 Love Hörnquist Åstrand - - * Makefile.am: Add pkinit-san. - - * pkinit.asn1: Rename id-pksan to id-pkinit-san - -2006-03-08 Love Hörnquist Åstrand - - * gen.c (init_generate): Nothing in the generated files needs - timegm(), so no need to provide a prototype for it. - -2006-02-13 Love Hörnquist Åstrand - - * pkinit.asn1: paChecksum is now OPTIONAL so it can be upgraded to - something better then SHA1 - -2006-01-31 Love Hörnquist Åstrand - - * extra.c: Stub-generator now generates alloc statements for - tagless ANY OPTIONAL, remove workaround. - - * check-gen.c: check for "tagless ANY OPTIONAL" - - * test.asn1: check for "tagless ANY OPTIONAL" - -2006-01-30 Love Hörnquist Åstrand - - * der.h: UniversalString and BMPString are both implemented. - - * der.h: Remove , after the last element of enum. - - * asn1_gen.c: Spelling. - -2006-01-20 Love Hörnquist Åstrand - - * der_length.c (length_heim_integer): Try handle negative length - of integers better. - - * der_get.c (der_get_heim_integer): handle negative integers. - - * check-der.c: check heim_integer. - -2006-01-18 Love Hörnquist Åstrand - - * Makefile.am: Its cRLReason, not cRLReasons - - * canthandle.asn1: "Allocation is done on CONTEXT tags" works just - fine. - - * rfc2459.asn1: Add CRL structures and OIDs. - - * Makefile.am: Add CRL and TESTAlloc structures and OIDs. - - * check-gen.c: Check OPTIONAL context-tagless elements. - - * test.asn1: Check OPTIONAL context-tagless elements. - - * der_cmp.c (heim_integer_cmp): make it work with negative - numbers. - -2006-01-17 Love Hörnquist Åstrand - - * check-der.c: check that der_parse_hex_heim_integer() handles odd - length numbers. - - * der_format.c (der_parse_hex_heim_integer): make more resiliant - to errors, handle odd length numbers. - -2006-01-13 Love Hörnquist Åstrand - - * Makefile.am: Add RSAPrivateKey - - * rfc2459.asn1: Add RSAPrivateKey. - -2006-01-05 Love Hörnquist Åstrand - - * der_copy.c (copy_heim_integer): copy the negative flag - -2005-12-14 Love Hörnquist Åstrand - - * parse.y: Drop ExceptionSpec for now, its not used. - -2005-12-06 Love Hörnquist Åstrand - - * test.asn1: Add test string for constraints. - - * symbol.h: Add support for part of the Constraint-s - - * gen.c: Set new constraints pointer in Type to NULL for inline - constructed types. - - * parse.y: Add support for parsing part of the Constraint-s - -2005-10-29 Love Hörnquist Åstrand - - * Makefile.am: Add some X9.57 (DSA) oids, sort lines - - * rfc2459.asn1: Add some X9.57 (DSA) oids. - -2005-10-07 Love Hörnquist Åstrand - - * Makefile.am: Remove pk-init-19 support. - - * pkinit.asn1: Fix comment - - * check-der.c: Add tests for parse and print functions for - heim_integer. - - * Makefile.am: Add parse and print functions for heim_integer. - - * der_format.c: Add parse and print functions for heim_integer. - - * der.h: Add parse and print functions for heim_integer. - -2005-09-22 Love Hörnquist Åstrand - - * Makefile.am (gen_files_rfc2459) += asn1_DHPublicKey.x - - * rfc2459.asn1: Add DHPublicKey, and INTEGER to for storing the DH - public key in the SubjectPublicKeyInfo.subjectPublicKey BIT - STRING. - -2005-09-20 Love Hörnquist Åstrand - - * gen_decode.c: TSequenceOf/TSetOf: Increase the length of the - array after successful decoding the next element, so that the - array don't contain heap-data. - -2005-09-13 Love Hörnquist Åstrand - - * check-der.c: Avoid empty array initiators. - - * pkcs8.asn1 (PKCS8PrivateKeyInfo): Inline SET OF to avoid - compiler "feature" - - * check-common.c: Avoid signedness warnings. - - * check-common.h: Makes bytes native platform signed to avoid - casting everywhere - - * check-der.c: Don't depend on malloc(very-very-larger-value) will - fail. Cast to unsigned long before printing size_t. - - * check-gen.c: Don't depend on malloc(very-very-larger-value) will - fail. - - * check-gen.c: Fix signedness warnings. - - * lex.l: unput() have to hanppen in actions for flex 2.5.31, can - do them in user code sesction, so move up handle_comment and - handle_string into action, not much sharing was done anyway. - -2005-09-09 Love Hörnquist Åstrand - - * check-der.c (test_one_int): len and len_len is size_t - -2005-08-23 Love Hörnquist Åstrand - - * gen_encode.c: Change name of oldret for each instance its used - to avoid shadow warning. From: Stefan Metzmacher - . - - * gen_length.c: Change name of oldret for each instance its used - to avoid shadow warning. From: Stefan Metzmacher - . - - * gen_decode.c: Change name of oldret for each instance its used - to avoid shadow warning. From: Stefan Metzmacher - . - - * parse.y: Const poision yyerror. - - * gen.c: Const poision. - -2005-08-22 Love Hörnquist Åstrand - - * k5.asn1: Add KRB5-PADATA-PK-AS-09-BINDING, client send - this (with an empty pa-data.padata-value) to tell the KDC that the - client support the binding the PA-REP to the AS-REQ packet. This - is to fix the problem lack of binding the AS-REQ to the PK-AS-REP - in pre PK-INIT-27. The nonce is replaced with a asCheckSum. - -2005-08-11 Love Hörnquist Åstrand - - * canthandle.asn1: Allocation is done on CONTEXT tags. - - * asn1_gen.c: rename optind to optidx to avoid shadow warnings - -2005-07-28 Love Hörnquist Åstrand - - * rfc2459.asn1: add id-rsadsi-rc2-cbc - - * Makefile.am: add another oid for rc2 - -2005-07-27 Love Hörnquist Åstrand - - * check-der.c: Make variable initiation constant by moving them to - global context - - * check-gen.c: change to c89 comment - -2005-07-27 Love Hörnquist Åstrand - - * Makefile.am: remove duplicate asn1_CMSAttributes.x - -2005-07-26 Love Hörnquist Åstrand - - * asn1_print.c: rename optind to optidx - - * Makefile.am: Update to pkinit-27 - - * pkinit.asn1: Update to pkinit-27 - -2005-07-25 Love Hörnquist Åstrand - - * check-der.c: make it work for non c99 compilers too - - * check-der.c: start testing BIT STRING - - * der_cmp.c (heim_bit_string_cmp): try handle corner cases better - - * gen_free.c (free_type): free bignum integers - -2005-07-23 Love Hörnquist Åstrand - - * Makefile.am: add PKCS12-OctetString - - * pkcs12.asn1: add PKCS12-OctetString - - * Makefile.am: add new files - - * rfc2459.asn1: include SET OF in Attribute to make the type more - useful - - * CMS.asn1: handle IMPLICIT and share some common structures - -2005-07-21 Love Hörnquist Åstrand - - * rfc2459.asn1: Include enough workarounds that this even might - work. - - * check-gen.c: Two implicit tests, one with all structures inlined - - * test.asn1: fix workaround for IMPLICIT CONS case - - * canthandle.asn1: fix workaround for IMPLICIT CONS case - - * asn1_print.c: hint that there are IMPLICIT content when we find - it - - * check-gen.c: Added #ifdef out test for IMPLICIT tagging. - - * Makefile.am: test several IMPLICIT tag level deep - - * test.asn1: test several IMPLICIT tag level deep - - * test.asn1: tests for IMPLICIT - - * Makefile.am: tests for IMPLICIT - - * canthandle.asn1: Expand on what is wrong with the IMPLICIT - tagging - - * rfc2459.asn1: some of the structure are in the IMPLICIT TAGS - module - -2005-07-19 Love Hörnquist Åstrand - - * asn1_print.c: print size_t by casting to unsigned long and use - right printf format tags are unsigned integers - - * gen.c (generate_constant): oid elements are unsigned - - * gen_decode.c (decode_type): tagdatalen should be an size_t. - - * extra.c (decode_heim_any): tag is unsigned int. - - * der_get.c (der_match_tag): tag is unsigned int. - - * gen_length.c (length_type): cast size_t argument to unsigned - long and use appropriate printf format - - * check-der.c (check_fail_bitstring): check for length overflow - - * der_get.c: rewrite integer overflow tests w/o SIZE_T_MAX - - * check-common.c (generic_decode_fail): only copy in if checklen - its less then 0xffffff and larger than 0. - - * gen_decode.c (find_tag): find external references, we can't - handle those, so tell user that instead of crashing - -2005-07-18 Dave Love - - * extra.c (free_heim_any_set): Fix return. - - * gen_decode.c (find_tag): Fix return in TType case. - -2005-07-13 Love Hörnquist Åstrand - - * gen_encode.c (TChoice): add () to make sure variable expression - is evaluated correctly - - * gen_length.c (TChoice): add () to make sure variable expression - is evaluated correctly - - * k5.asn1: reapply 1.43 that got lost in the merge: rename pvno to - krb5-pvno - -2005-07-12 Love Hörnquist Åstrand - - * gen_decode.c (decode_type): TChoice: set the label - - * check-gen.c (cmp_Name): do at least some checking - - * gen_locl.h: rename function filename() to get_filename() to - avoid shadowing - - * lex.l: rename function filename() to get_filename() to avoid - shadowing - - * gen.c: rename function filename() to get_filename() to avoid - shadowing - - * check-der.c: add failure checks for large oid elements - - * check-gen.c: add failure checks for tag (and large tags) - - * der_get.c: Check for integer overflows in tags and oid elements. - -2005-07-10 Assar Westerlund - - * gen_decode.c: Fix decoding of choices to select which branch to - try based on the tag and return an error if that branch fails. - - * check-gen.c: Fix short choice test cases. - -2005-07-09 Assar Westerlund - - * symbol.c: - * parse.y: - * main.c: - * lex.l: - * gen_length.c: - * gen_free.c: - * gen_encode.c: - * gen_decode.c: - * gen_copy.c: - * gen.c: - * extra.c: - * check-gen.c: - * check-der.c: - * check-common.c: - * asn1_print.c: - * asn1_gen.c: - Use emalloc, ecalloc, and estrdup. - Check return value from asprintf. - Make sure that malloc(0) returning NULL is not treated as an - error. - -2005-07-10 Love Hörnquist Åstrand - - * check-gen.c: test cases for CHOICE, its too liberal right now, - it don't fail hard on failure on after it successfully decoded the - first tag in a choice branch - - * asn1_gen.c: calculate the basename for the output file, - pretty-print tag number - - * test.gen: sample for asn1_gen - - * check-gen.c: check errors in SEQUENCE - - * Makefile.am: build asn1_gen, TESTSeq and new, and class/type/tag - string<->num converter. - - * test.asn1: TESTSeq, for testing SEQUENCE - - * asn1_gen.c: generator for asn1 data - - * asn1_print.c: use class/type/tag string<->num converter. - - * der.c: Add class/type/tag string<->num converter. - - * der.h: Add class/type/tag string<->num converter. - Prototypes/structures for new time bits. - -2005-07-09 Love Hörnquist Åstrand - - * der_get.c (der_get_unsigned) check for length overflow - (der_get_integer) ditto - (der_get_general_string) ditto - - * der_get.c: check for overruns using SIZE_T_MAX - - * check-der.c: check BIT STRING and OBJECT IDENTIFIER error cases - - * check-common.c (generic_decode_fail): allocate 4K for the over - sized memory test - - * der_get.c (der_get_oid): check for integer overruns and - unterminated oid correctly - - * check-common.h (map_alloc, generic_decode_fail): prototypes - - * check-common.c (map_alloc): make input buffer const - (generic_decode_fail): verify decoding failures - -2005-07-05 Love Hörnquist Åstrand - - * gen_encode.c: split up the printf for SET OF, also use the - generate name for the symbol in the SET OF, if not, the name might - contain non valid variable name characters (like -) - -2005-07-04 Love Hörnquist Åstrand - - * Makefile.am: move pkcs12 defines into their own namespace - - * pkcs12.asn1: move pkcs12 defines into their own namespace - - * pkcs9.asn1: add PKCS9-friendlyName with workaround for SET OF - bug - - * heim_asn1.h: reuse heim_octet_string for heim_any types - - * main.c: use optidx, handle the case where name is missing and - use base of filename then - - * asn1-common.h: include ASN1_MALLOC_ENCODE - - * gen_decode.c: use less context so lower indentention level, add - missing {} where needed - -2005-07-02 Love Hörnquist Åstrand - - * gen_copy.c: Use a global variable to keep track of if the 'goto - fail' was used, and use that to only generate the label if needed. - - * asn1_print.c: do indefinite form loop detection and stop after - 10000 recursive indefinite forms, stops crashing due to running - out of stack - - * asn1_print.c: catch badly formated indefinite length data - (missing EndOfContent tag) add (negative) indent flag to speed up - testing - -2005-07-01 Love Hörnquist Åstrand - - * canthandle.asn1: Can't handle primitives in CHOICE - - * gen_decode.c: Check if malloc failes - - * gen_copy.c: Make sure to free memory on failure - - * gen_decode.c: Check if malloc failes, rename "reallen" to - tagdatalen since that is what it is. - -2005-05-29 Love Hörnquist Åstrand - - * prefix Der_class with ASN1_C_ to avoid problems with system - headerfiles that pollute the name space - -2005-05-20 Love Hörnquist Åstrand - - * pkcs12.asn1: add PKCS12CertBag - - * pkcs9.asn1: add pkcs9 certtype x509 certificate - - * Makefile.am: add pkcs12 certbag and pkcs9 certtype x509 - certificate - - * pkcs12.asn1: split off PKCS12Attributes from SafeBag so it can - be reused - - * Makefile.am: add PKCS12Attributes - -2005-05-10 Love Hörnquist Åstrand - - * canthandle.asn1: fix tags in example - -2005-05-02 Love Hörnquist Åstrand - - * pkinit.asn1: Let the Windows nonce be an int32 (signed), if not - it will fail when using Windows PK-INIT. - -2005-05-01 Love Hörnquist Åstrand - - * Makefile.am: add pkcs12-PBEParams - - * pkcs12.asn1: add pkcs12-PBEParams - - * parse.y: objid_element: exit when the condition fails - -2005-04-26 Love Hörnquist Åstrand - - * gen_glue.c: 1.8: switch the units variable to a - function. gcc-4.1 needs the size of the structure if its defined - as extern struct units foo_units[] an we don't want to include - in the generate headerfile - -2005-03-20 Love Hörnquist Åstrand - - * Makefile.am: add the des-ede3-cbc oid that ansi x9.52 uses - - * rfc2459.asn1: add the des-ede3-cbc oid that ansi x9.52 uses - - * Makefile.am: add oids for x509 - - * rfc2459.asn1: add oids now when the compiler can handle them - -2005-03-19 Love Hörnquist Åstrand - - * Makefile.am: add pkcs9 files - - * pkcs9.asn1: add small number of oids from pkcs9 - -2005-03-14 Love Hörnquist Åstrand - - * Makefile.am: add a bunch of pkcs1/pkcs2/pkcs3/aes oids - - * rfc2459.asn1: add a bunch of pkcs1/pkcs2/pkcs3/aes oids - -2005-03-10 Love Hörnquist Åstrand - - * k5.asn1: merge pa-numbers - -2005-03-09 Love Hörnquist Åstrand - - * Makefile.am: add oid's - - * rfc2459.asn1: add encryption oids - - * CMS.asn1: add signedAndEnvelopedData oid - - * pkcs12.asn1: add pkcs12 oids - - * CMS.asn1: add pkcs7 oids - -2005-03-08 Love Hörnquist Åstrand - - * gen.c (generate_header_of_codefile): break out the header - section generation - (generate_constant): generate a function that return the oid - inside a heim_oid - - * parse.y: fix the ordering of the oid's - - * parse.y: handle OBJECT IDENTIFIER as value construct - -2005-02-24 Love Hörnquist Åstrand - - * Preserve content of CHOICE element that is unknown if ellipsis - was used when defining the structure - -2005-02-13 Love Hörnquist Åstrand - - * parse.y: use ANS1_TAILQ macros - - * *.[ch]: use ASN1_TAILQ macros - - * asn1_queue.h: inline bsd sys/queue.h and rename TAILQ to - ASN1_TAILQ to avoid problems with name polluting headerfiles - -2005-01-19 Love Hörnquist Åstrand - - * gen.c: pull in - -2005-01-10 Love Hörnquist Åstrand - - * Add BMPString and UniversalString - - * k5.asn1 (EtypeList): make INTEGER constrained (use krb5int32) - -2005-01-07 Love Hörnquist Åstrand - - * rfc2459.asn1: add GeneralNames - -2004-11-21 Love Hörnquist Åstrand - - * gen.c: use unsigned integer for len of SequenceOf/SetOf and - bitstring names - -2004-11-10 Love Hörnquist Åstrand - - * Makefile.am: switch to krb5int32 and krb5uint32 - - * Unify that three integer types TInteger TUInteger and TBigInteger. - Start to use constrained integers where appropriate. - -2004-10-13 Love Hörnquist Åstrand - - * CMS.asn1: remove no longer used commented out elements - - * gen_glue.c: make units structures const - -2004-10-12 Love Hörnquist Åstrand - - * lex.l: handle hex number with [a-fA-F] in them - -2004-10-07 Love Hörnquist Åstrand - - * gen_free.c: free _save for CHOICE too - - * rfc2459.asn1: use Name and not heim_any - - * gen_decode.c: if malloc for _save failes, goto fail so we free - the structure - - * gen_copy.c: copy _save for CHOICE too - - * gen.c: add _save for CHOICE too - - * CMS.asn1: RecipientIdentifier and SignerIdentifier is the same - name is CMSIdentifier and add glue for that so we can share code - use Name and not heim_any - -2004-10-03 Love Hörnquist Åstrand - - * Makefile.am: drop AlgorithmIdentifierNonOpt add - {RC2CBC,}CBCParameter here where they belong - - * CMS.asn1: add {RC2CBC,}CBCParameter here where they belong - - * rfc2459.asn1: drop AlgorithmIdentifierNonOpt - - * rfc2459.asn1: stop using AlgorithmIdentifierNonOpt hint that we - really want to use Name and some MS stuff - -2004-09-05 Love Hörnquist Åstrand - - * asn1_print.c: handle end of content, this is part BER support, - however, OCTET STRING need some tweeking too. - - * der.h: add UT_EndOfContent - - * test.asn1: test asn1 spec file - - * check-gen.c: check larget tags - - * Makefile.am: add test asn1 spec file that we can use for testing - constructs that doesn't exists in already existing spec (like - large tags) - - * der_put.c (der_put_tag): make sure there are space for the head - tag when we are dealing with large tags (>30) - - * check-gen.c: add test for tag length - - * check-common.c: export the map_ functions for OVERRUN/UNDERRUN - detection restore the SIGSEGV handler when test is done - - * check-common.h: export the map_ functions for OVERRUN/UNDERRUN - detection - - * gen_decode.c: check that the tag-length is not longer the length - use forwstr on some more places - - * parse.y: revert part of 1.14.2.21, multiple IMPORT isn't allowed - - * pkinit.asn1: correct usage of IMPORT - - * CMS.asn1: correct usage of IMPORT - - * pkcs8.asn1: pkcs8, encrypting private key - - * pkcs12.asn1: pkcs12, key/crl/certificate file transport PDU - - * Makefile.am: add pkcs8 and pkcs12 - - * der_free.c: reset length when freing primitives - - * CMS.asn1: add EncryptedData - -2004-08-26 Love Hörnquist Åstrand - - * gen_decode.c (decode_type): if the entry is already optional - when parsing a tag and we allocate the structure, not pass down - optional since that will case the subtype's decode_type also to - allocate an entry. and we'll leak an entry. Bug from Luke Howard - . While here, use calloc. - -2004-04-29 Love Hörnquist Åstrand - - * k5.asn1: shift the last added etypes one step so rc2 doesn't - stomp on cram-md5 - -2004-04-26 Love Hörnquist Åstrand - - * k5.asn1: add ETYPE_AESNNN_CBC_NONE - - * CMS.asn1: add CMS symmetrical parameters moved to k5.asn1 - - * k5.asn1: add CMS symmetrical parameters here, more nametypes - enctype rc2-cbc - -2004-04-25 Love Hörnquist Åstrand - - * gen_decode.c: free data on decode failure - -2004-04-24 Love Hörnquist Åstrand - - * Makefile.am: add CBCParameter and RC2CBCParameter - - * CMS.asn1: add CBCParameter and RC2CBCParameter - -2004-04-20 Love Hörnquist Åstrand - - * check-der.c: add simple test for oid's, used to trigger malloc - bugs in you have picky malloc (like valgrind/purify/third) - - * der_get.c (der_get_oid): handle all oid components being smaller - then 127 and allocate one extra element since first byte is split - to to elements. - -2004-04-16 Love Hörnquist Åstrand - - * canthandle.asn1: one thing handled - - * gen_decode.c: handle OPTIONAL CONS-tag-less elements - - * der_length.c (length_len): since length is no longer the same as - an unsigned, do the length counting here. ("unsigned" is zero - padded when most significate bit is set, length is not) - -2004-04-12 Love Hörnquist Åstrand - - * canthandle.asn1: document by example what the encoder can't - handle right now - - * Makefile.am: add more stuff needed whem implementing x509 - preserve TBSCertificate - - * rfc2459.asn1: add more stuff needed whem implementing x509 - - * CMS.asn1: move some type to rfc2459.asn1 where they belong (and - import them) - - * gen.c: preserve the raw data when asked too - - * gen_decode.c: preserve the raw data when asked too - - * gen_copy.c: preserve the raw data when asked too - - * gen_free.c: preserve the raw data when asked too - - * gen_locl.h: add preserve_type - - * heim_asn1.h: add heim_any_cmp - - * main.c: add flag --preserve-binary=Symbol1,Symbol2,... that make - the compiler generate stubs to save the raw data, its not used - right now when generating the stat - - * k5.asn1: Windows uses PADATA 15 for the request too - - * extra.c: add heim_any_cmp - - * der_put.c: implement UTCtime correctly - - * der_locl.h: remove #ifdef HAVE_TIMEGM\ntimegm\n#endif here from - der.h so one day der.h can get installed - - * der_length.c: implement UTCtime correctly - - * der_get.c: implement UTCtime correctly, prefix dce_fix with - _heim_fix - - * der_copy.c: make copy_bit_string work again - - * der_cmp.c: add octet_string, integer, bit_string cmp functions - - * der.h: hide away more symbols, add more _cmp functions - -2004-03-06 Love Hörnquist Åstrand - - * Makefile.am: add more pkix types make k5 use rfc150 bitstrings, - everything else use der bitstrings - - * main.c: as a compile time option, handle no rfc1510 bitstrings - - * gen_locl.h: rfc1510 bitstrings flag - - * gen_length.c: as a compile time option, handle no rfc1510 - bitstrings - - * gen_encode.c: as a compile time option, handle no rfc1510 - bitstrings - - * gen_decode.c: handle no rfc1510 bitstrings - - * check-gen.c: test for bitstrings - - * rfc2459.asn1: add Certificates and KeyUsage - -2004-02-22 Love Hörnquist Åstrand - - * pkinit.asn1: use Name from PKIX - - * rfc2459.asn1: add more silly string types to DirectoryString - - * gen_encode.c: add checks for data overflow when encoding - TBitString with members encode SET OF correctly by bytewise - sorting the members - - * gen_decode.c: add checks for data overrun when encoding - TBitString with members - - * der_put.c: add _heim_der_set_sort - - * der_cmp.c: rename oid_cmp to heim_oid_cmp - - * der.h: rename oid_cmp to heim_oid_cmp, add _heim_der_set_sort - - * check-gen.c: add check for Name and (commented out) heim_integer - - * check-der.c: test for "der_length.c: Fix len_unsigned for - certain negative integers, it got the length wrong" , from - Panasas, Inc. - - * der_length.c: Fix len_unsigned for certain negative integers, it - got the length wrong, fix from Panasas, Inc. - - rename len_int and len_unsigned to _heim_\& - - * gen_length.c: 1.14: (length_type): TSequenceOf: add up the size - of all the elements, don't use just the size of the last element. - -2004-02-20 Love Hörnquist Åstrand - - * rfc2459.asn1: include defintion of Name - - * pkinit.asn1: no need for ContentType, its cms internal - - * CMS.asn1: move ContentInfo to CMS - - * pkinit.asn1: update to pk-init-18, move ContentInfo to CMS - - * Makefile.am: align with pk-init-18, move contentinfo to cms - -2004-02-17 Love Hörnquist Åstrand - - * der_get.c: rewrite previous commit - - * der_get.c (der_get_heim_integer): handle positive integer - starting with 0 - - * der_length.c (der_put_heim_integer): try handle negative - integers better (?) - - * der_put.c (der_put_heim_integer): try handle negative integers - better - - * der_get.c (der_get_heim_integer): dont abort on negative integer just - return ASN1_OVERRUN for now - - * parse.y: add ia5string, and printablestring - - * gen_length.c: add ia5string, and printablestring - - * gen_free.c: add ia5string, and printablestring - - * gen_decode.c: add ia5string, and printablestring - - * gen_copy.c: add ia5string, and printablestring - - * gen.c: add ia5string, printablestring, and utf8string change - implemetation of heim_integer and store the data as bigendian byte - array with a external flag for signedness - - * der_put.c: add ia5string, printablestring, and utf8string change - implemetation of heim_integer and store the data as bigendian byte - array with a external flag for signedness - - * der_length.c: add ia5string, printablestring, and utf8string - change implemetation of heim_integer and store the data as - bigendian byte array with a external flag for signedness - - * der_get.c: add ia5string, printablestring, and utf8string change - implemetation of heim_integer and store the data as bigendian byte - array with a external flag for signedness - - * der_free.c: add ia5string, printablestring, and utf8string - - * der_copy.c: add ia5string, printablestring, and utf8string - - * der.h: add ia5string, printablestring, and utf8string - - * asn1-common.h: add signedness flag to heim_integer, add - ia5string and printablestring - -2004-02-13 Love Hörnquist Åstrand - - * rfc2459.asn1: use BIGINTEGER where appropriate - - * setchgpw2.asn1: spelling and add op-req again - -2004-02-12 Love Hörnquist Åstrand - - * Makefile.am: clean up better - -2004-02-11 Love Hörnquist Åstrand - - * gen_decode.c (decode_type): TTag, don't overshare the reallen - variable - - * Makefile.am: adapt to log file name change - - * gen.c: genereate log file name based on base name - -2003-11-26 Love Hörnquist Åstrand - - * Makefile.am: += asn1_AlgorithmIdentifierNonOpt.x - - * rfc2459.asn1: add AlgorithmIdentifierNonOpt and use it where - it's needed, make DomainParameters.validationParms heim_any as a - hack. Both are workarounds for the problem with heimdal's asn1 - compiler have with decoing context tagless OPTIONALs. - - * pkinit.asn1: don't import AlgorithmIdentifier - -2003-11-25 Love Hörnquist Åstrand - - * der_put.c (der_put_bit_string): make it work somewhat better - (should really prune off all trailing zeros) - - * gen_encode.c (encode_type): bit string is not a constructed type - - * der_length.c (length_bit_string): calculate right length for - bitstrings - -2003-11-24 Love Hörnquist Åstrand - - * der_cmp.c (oid_cmp): compare the whole array, not just - length/sizeof(component) - - * check-common.c: mmap the scratch areas, mprotect before and - after, align data to the edge of the mprotect()ed area to provoke - bugs - - * Makefile.am: add DomainParameters, ValidationParms - - * rfc2459.asn1: add DomainParameters, ValidationParms - - * check-der.c: add free function - - * check-common.h: add free function - - * check-common.c: add free function - - * check-gen.c: check KRB-ERROR - - * asn1_print.c: check end of tag_names loop into APPL class tags - -2003-11-23 Love Hörnquist Åstrand - - * der_put.c (der_put_generalized_time): check size, not *size - -2003-11-11 Love Hörnquist Åstrand - - * gen_decode.c (decode_type/TBitString): skip over - skipped-bits-in-last-octet octet - - * gen_glue.c (generate_units): generate units in reverse order to - keep unparse_units happy - -2003-11-08 Love Hörnquist Åstrand - - * Makefile.am: generate all silly pkinit files - - * pkinit.asn1: make it work again, add strange ms structures - - * k5.asn1: PROV-SRV-LOCATION, PacketCable provisioning server - location, PKT-SP-SEC-I09-030728 - - * asn1-common.h: add bit string - - * der_put.c: add bit string and utctime - - * gen.c: add bit string and utctime - - * gen_copy.c: add bit string and utctime - - * der_copy.c: add bit string - - * gen_decode.c: add utctime and bitstring - - * gen_encode.c: add utctime and bitstring - - * gen_free.c: add utctime and bitstring - - * gen_glue.c: don't generate glue for member-less bit strings - - * der_cmp.c: compare function for oids - - * gen_length.c: add utc time, make bit string work for bits - strings w/o any members - - * der_cmp.c: compare function for oids - - * der.h: update boolean prototypes add utctime and bit_string - - * der_free.c: add free_bit_string - - * der_get.c: add bit string and utctime - - * der_length.c: add bit string and utctime, fix memory leak in - length_generalized_time - - * CMS.asn1: make EncryptedContentInfo.encryptedContent a OCTET - STRING to make the generator do the right thing with IMPLICIT - mumble OPTIONAL, make CertificateSet a heim_any_set - - * extra.c, heim_asn1.h: add any_set, instead of just consuming one - der object, its consumes the rest of the data avaible - - * extra.c, heim_asn1.h: extern implementation of ANY, decoder - needs to have hack removed when generator handles tagless optional - data - - * pkinit.asn1: add KdcDHKeyInfo-Win2k - -2003-11-07 Love Hörnquist Åstrand - - * der_copy.c (copy_oid): copy all components - - * parse.y: parse UTCTime, allow multiple IMPORT - - * symbol.h: add TUTCTime - - * rfc2459.asn1: update - - * x509.asn1: update - - * pkinit.asn1: update - - * CMS.asn1: new file - - * asn1_print.c: print some more lengths, check length before - steping out in the void, parse SET, only go down CONTEXT of type - CONS (not PRIM) - -2003-09-17 Love Hörnquist Åstrand - - * gen_encode.c (TChoice, TSequence): code element in reverse - order... - -2003-09-16 Love Hörnquist Åstrand - - * gen.c: store NULL's as int's for now - - * parse.y: remove dup of type def of UsefulType - -2003-09-11 Love Hörnquist Åstrand - - * gen_decode.c (decode_type): if malloc failes, return ENOMEM - -2003-09-10 Love Hörnquist Åstrand - - * parse.y: kw_UTF8String is a token put tag around the OID - - * asn1_print.c (UT_Integer): when the integer is larger then int - can handle, just print BIG INT and its size - -2003-09-10 Love Hörnquist Åstrand - - * gen_decode.c (decode_type): TTag, try to generate prettier code - in the non optional case, also remember to update length - -2003-01-22 Johan Danielsson - - * gen_decode.c: add flag to decode broken DCE BER encoding - - * gen_locl.h: add flag to decode broken DCE BER encoding - - * main.c: add flag to decode broken DCE BER encoding - diff --git a/crypto/heimdal/lib/asn1/Makefile.am b/crypto/heimdal/lib/asn1/Makefile.am deleted file mode 100644 index af300f0679cd..000000000000 --- a/crypto/heimdal/lib/asn1/Makefile.am +++ /dev/null @@ -1,610 +0,0 @@ -# $Id: Makefile.am 22445 2008-01-14 21:23:36Z lha $ - -include $(top_srcdir)/Makefile.am.common - -YFLAGS = -d -t - -lib_LTLIBRARIES = libasn1.la -libasn1_la_LDFLAGS = -version-info 8:0:0 - -libasn1_la_LIBADD = \ - @LIB_com_err@ \ - $(LIBADD_roken) - -BUILT_SOURCES = \ - $(gen_files_rfc2459:.x=.c) \ - $(gen_files_cms:.x=.c) \ - $(gen_files_k5:.x=.c) \ - $(gen_files_pkinit:.x=.c) \ - $(gen_files_pkcs8:.x=.c) \ - $(gen_files_pkcs9:.x=.c) \ - $(gen_files_pkcs12:.x=.c) \ - $(gen_files_digest:.x=.c) \ - $(gen_files_kx509:.x=.c) \ - asn1_err.h \ - asn1_err.c - -gen_files_k5 = \ - asn1_AD_AND_OR.x \ - asn1_AD_IF_RELEVANT.x \ - asn1_AD_KDCIssued.x \ - asn1_AD_MANDATORY_FOR_KDC.x \ - asn1_AD_LoginAlias.x \ - asn1_APOptions.x \ - asn1_AP_REP.x \ - asn1_AP_REQ.x \ - asn1_AS_REP.x \ - asn1_AS_REQ.x \ - asn1_AUTHDATA_TYPE.x \ - asn1_Authenticator.x \ - asn1_AuthorizationData.x \ - asn1_AuthorizationDataElement.x \ - asn1_CKSUMTYPE.x \ - asn1_ChangePasswdDataMS.x \ - asn1_Checksum.x \ - asn1_ENCTYPE.x \ - asn1_ETYPE_INFO.x \ - asn1_ETYPE_INFO2.x \ - asn1_ETYPE_INFO2_ENTRY.x \ - asn1_ETYPE_INFO_ENTRY.x \ - asn1_EncAPRepPart.x \ - asn1_EncASRepPart.x \ - asn1_EncKDCRepPart.x \ - asn1_EncKrbCredPart.x \ - asn1_EncKrbPrivPart.x \ - asn1_EncTGSRepPart.x \ - asn1_EncTicketPart.x \ - asn1_EncryptedData.x \ - asn1_EncryptionKey.x \ - asn1_EtypeList.x \ - asn1_HostAddress.x \ - asn1_HostAddresses.x \ - asn1_KDCOptions.x \ - asn1_KDC_REP.x \ - asn1_KDC_REQ.x \ - asn1_KDC_REQ_BODY.x \ - asn1_KRB_CRED.x \ - asn1_KRB_ERROR.x \ - asn1_KRB_PRIV.x \ - asn1_KRB_SAFE.x \ - asn1_KRB_SAFE_BODY.x \ - asn1_KerberosString.x \ - asn1_KerberosTime.x \ - asn1_KrbCredInfo.x \ - asn1_LR_TYPE.x \ - asn1_LastReq.x \ - asn1_MESSAGE_TYPE.x \ - asn1_METHOD_DATA.x \ - asn1_NAME_TYPE.x \ - asn1_PADATA_TYPE.x \ - asn1_PA_DATA.x \ - asn1_PA_ENC_SAM_RESPONSE_ENC.x \ - asn1_PA_ENC_TS_ENC.x \ - asn1_PA_PAC_REQUEST.x \ - asn1_PA_S4U2Self.x \ - asn1_PA_SAM_CHALLENGE_2.x \ - asn1_PA_SAM_CHALLENGE_2_BODY.x \ - asn1_PA_SAM_REDIRECT.x \ - asn1_PA_SAM_RESPONSE_2.x \ - asn1_PA_SAM_TYPE.x \ - asn1_PA_ClientCanonicalized.x \ - asn1_PA_ClientCanonicalizedNames.x \ - asn1_PA_SvrReferralData.x \ - asn1_PROV_SRV_LOCATION.x \ - asn1_Principal.x \ - asn1_PrincipalName.x \ - asn1_Realm.x \ - asn1_SAMFlags.x \ - asn1_TGS_REP.x \ - asn1_TGS_REQ.x \ - asn1_TYPED_DATA.x \ - asn1_Ticket.x \ - asn1_TicketFlags.x \ - asn1_TransitedEncoding.x \ - asn1_TypedData.x \ - asn1_krb5int32.x \ - asn1_krb5uint32.x \ - asn1_KRB5SignedPathData.x \ - asn1_KRB5SignedPathPrincipals.x \ - asn1_KRB5SignedPath.x - -gen_files_cms = \ - asn1_CMSAttributes.x \ - asn1_CMSCBCParameter.x \ - asn1_CMSEncryptedData.x \ - asn1_CMSIdentifier.x \ - asn1_CMSRC2CBCParameter.x \ - asn1_CMSVersion.x \ - asn1_CertificateList.x \ - asn1_CertificateRevocationLists.x \ - asn1_CertificateSet.x \ - asn1_ContentEncryptionAlgorithmIdentifier.x \ - asn1_ContentInfo.x \ - asn1_ContentType.x \ - asn1_DigestAlgorithmIdentifier.x \ - asn1_DigestAlgorithmIdentifiers.x \ - asn1_EncapsulatedContentInfo.x \ - asn1_EncryptedContent.x \ - asn1_EncryptedContentInfo.x \ - asn1_EncryptedKey.x \ - asn1_EnvelopedData.x \ - asn1_IssuerAndSerialNumber.x \ - asn1_KeyEncryptionAlgorithmIdentifier.x \ - asn1_KeyTransRecipientInfo.x \ - asn1_MessageDigest.x \ - asn1_OriginatorInfo.x \ - asn1_RecipientIdentifier.x \ - asn1_RecipientInfo.x \ - asn1_RecipientInfos.x \ - asn1_SignatureAlgorithmIdentifier.x \ - asn1_SignatureValue.x \ - asn1_SignedData.x \ - asn1_SignerIdentifier.x \ - asn1_SignerInfo.x \ - asn1_SignerInfos.x \ - asn1_id_pkcs7.x \ - asn1_id_pkcs7_data.x \ - asn1_id_pkcs7_digestedData.x \ - asn1_id_pkcs7_encryptedData.x \ - asn1_id_pkcs7_envelopedData.x \ - asn1_id_pkcs7_signedAndEnvelopedData.x \ - asn1_id_pkcs7_signedData.x \ - asn1_UnprotectedAttributes.x - -gen_files_rfc2459 = \ - asn1_Version.x \ - asn1_id_pkcs_1.x \ - asn1_id_pkcs1_rsaEncryption.x \ - asn1_id_pkcs1_md2WithRSAEncryption.x \ - asn1_id_pkcs1_md5WithRSAEncryption.x \ - asn1_id_pkcs1_sha1WithRSAEncryption.x \ - asn1_id_pkcs1_sha256WithRSAEncryption.x \ - asn1_id_pkcs1_sha384WithRSAEncryption.x \ - asn1_id_pkcs1_sha512WithRSAEncryption.x \ - asn1_id_heim_rsa_pkcs1_x509.x \ - asn1_id_pkcs_2.x \ - asn1_id_pkcs2_md2.x \ - asn1_id_pkcs2_md4.x \ - asn1_id_pkcs2_md5.x \ - asn1_id_rsa_digestAlgorithm.x \ - asn1_id_rsa_digest_md2.x \ - asn1_id_rsa_digest_md4.x \ - asn1_id_rsa_digest_md5.x \ - asn1_id_pkcs_3.x \ - asn1_id_pkcs3_rc2_cbc.x \ - asn1_id_pkcs3_rc4.x \ - asn1_id_pkcs3_des_ede3_cbc.x \ - asn1_id_rsadsi_encalg.x \ - asn1_id_rsadsi_rc2_cbc.x \ - asn1_id_rsadsi_des_ede3_cbc.x \ - asn1_id_secsig_sha_1.x \ - asn1_id_nistAlgorithm.x \ - asn1_id_nist_aes_algs.x \ - asn1_id_aes_128_cbc.x \ - asn1_id_aes_192_cbc.x \ - asn1_id_aes_256_cbc.x \ - asn1_id_nist_sha_algs.x \ - asn1_id_sha256.x \ - asn1_id_sha224.x \ - asn1_id_sha384.x \ - asn1_id_sha512.x \ - asn1_id_dhpublicnumber.x \ - asn1_id_x9_57.x \ - asn1_id_dsa.x \ - asn1_id_dsa_with_sha1.x \ - asn1_id_x520_at.x \ - asn1_id_at_commonName.x \ - asn1_id_at_surname.x \ - asn1_id_at_serialNumber.x \ - asn1_id_at_countryName.x \ - asn1_id_at_localityName.x \ - asn1_id_at_streetAddress.x \ - asn1_id_at_stateOrProvinceName.x \ - asn1_id_at_organizationName.x \ - asn1_id_at_organizationalUnitName.x \ - asn1_id_at_name.x \ - asn1_id_at_givenName.x \ - asn1_id_at_initials.x \ - asn1_id_at_generationQualifier.x \ - asn1_id_at_pseudonym.x \ - asn1_id_Userid.x \ - asn1_id_domainComponent.x \ - asn1_id_x509_ce.x \ - asn1_id_uspkicommon_card_id.x \ - asn1_id_uspkicommon_piv_interim.x \ - asn1_id_netscape.x \ - asn1_id_netscape_cert_comment.x \ - asn1_id_ms_cert_enroll_domaincontroller.x \ - asn1_id_ms_client_authentication.x \ - asn1_AlgorithmIdentifier.x \ - asn1_AttributeType.x \ - asn1_AttributeValue.x \ - asn1_TeletexStringx.x \ - asn1_DirectoryString.x \ - asn1_Attribute.x \ - asn1_AttributeTypeAndValue.x \ - asn1_AuthorityInfoAccessSyntax.x \ - asn1_AccessDescription.x \ - asn1_RelativeDistinguishedName.x \ - asn1_RDNSequence.x \ - asn1_Name.x \ - asn1_CertificateSerialNumber.x \ - asn1_Time.x \ - asn1_Validity.x \ - asn1_UniqueIdentifier.x \ - asn1_SubjectPublicKeyInfo.x \ - asn1_Extension.x \ - asn1_Extensions.x \ - asn1_TBSCertificate.x \ - asn1_Certificate.x \ - asn1_Certificates.x \ - asn1_ValidationParms.x \ - asn1_DomainParameters.x \ - asn1_DHPublicKey.x \ - asn1_OtherName.x \ - asn1_GeneralName.x \ - asn1_GeneralNames.x \ - asn1_id_x509_ce_keyUsage.x \ - asn1_KeyUsage.x \ - asn1_id_x509_ce_authorityKeyIdentifier.x \ - asn1_KeyIdentifier.x \ - asn1_AuthorityKeyIdentifier.x \ - asn1_id_x509_ce_subjectKeyIdentifier.x \ - asn1_SubjectKeyIdentifier.x \ - asn1_id_x509_ce_basicConstraints.x \ - asn1_BasicConstraints.x \ - asn1_id_x509_ce_nameConstraints.x \ - asn1_BaseDistance.x \ - asn1_GeneralSubtree.x \ - asn1_GeneralSubtrees.x \ - asn1_NameConstraints.x \ - asn1_id_x509_ce_privateKeyUsagePeriod.x \ - asn1_id_x509_ce_certificatePolicies.x \ - asn1_id_x509_ce_policyMappings.x \ - asn1_id_x509_ce_subjectAltName.x \ - asn1_id_x509_ce_issuerAltName.x \ - asn1_id_x509_ce_subjectDirectoryAttributes.x \ - asn1_id_x509_ce_policyConstraints.x \ - asn1_id_x509_ce_extKeyUsage.x \ - asn1_ExtKeyUsage.x \ - asn1_id_x509_ce_cRLDistributionPoints.x \ - asn1_id_x509_ce_deltaCRLIndicator.x \ - asn1_id_x509_ce_issuingDistributionPoint.x \ - asn1_id_x509_ce_holdInstructionCode.x \ - asn1_id_x509_ce_invalidityDate.x \ - asn1_id_x509_ce_certificateIssuer.x \ - asn1_id_x509_ce_inhibitAnyPolicy.x \ - asn1_DistributionPointReasonFlags.x \ - asn1_DistributionPointName.x \ - asn1_DistributionPoint.x \ - asn1_CRLDistributionPoints.x \ - asn1_DSASigValue.x \ - asn1_DSAPublicKey.x \ - asn1_DSAParams.x \ - asn1_RSAPublicKey.x \ - asn1_RSAPrivateKey.x \ - asn1_DigestInfo.x \ - asn1_TBSCRLCertList.x \ - asn1_CRLCertificateList.x \ - asn1_id_x509_ce_cRLNumber.x \ - asn1_id_x509_ce_freshestCRL.x \ - asn1_id_x509_ce_cRLReason.x \ - asn1_CRLReason.x \ - asn1_PKIXXmppAddr.x \ - asn1_id_pkix.x \ - asn1_id_pkix_on.x \ - asn1_id_pkix_on_dnsSRV.x \ - asn1_id_pkix_on_xmppAddr.x \ - asn1_id_pkix_kp.x \ - asn1_id_pkix_kp_serverAuth.x \ - asn1_id_pkix_kp_clientAuth.x \ - asn1_id_pkix_kp_emailProtection.x \ - asn1_id_pkix_kp_timeStamping.x \ - asn1_id_pkix_kp_OCSPSigning.x \ - asn1_id_pkix_pe.x \ - asn1_id_pkix_pe_authorityInfoAccess.x \ - asn1_id_pkix_pe_proxyCertInfo.x \ - asn1_id_pkix_ppl.x \ - asn1_id_pkix_ppl_anyLanguage.x \ - asn1_id_pkix_ppl_inheritAll.x \ - asn1_id_pkix_ppl_independent.x \ - asn1_ProxyPolicy.x \ - asn1_ProxyCertInfo.x - -gen_files_pkinit = \ - asn1_id_pkinit.x \ - asn1_id_pkauthdata.x \ - asn1_id_pkdhkeydata.x \ - asn1_id_pkrkeydata.x \ - asn1_id_pkekuoid.x \ - asn1_id_pkkdcekuoid.x \ - asn1_id_pkinit_san.x \ - asn1_id_pkinit_ms_eku.x \ - asn1_id_pkinit_ms_san.x \ - asn1_MS_UPN_SAN.x \ - asn1_DHNonce.x \ - asn1_KDFAlgorithmId.x \ - asn1_TrustedCA.x \ - asn1_ExternalPrincipalIdentifier.x \ - asn1_ExternalPrincipalIdentifiers.x \ - asn1_PA_PK_AS_REQ.x \ - asn1_PKAuthenticator.x \ - asn1_AuthPack.x \ - asn1_TD_TRUSTED_CERTIFIERS.x \ - asn1_TD_INVALID_CERTIFICATES.x \ - asn1_KRB5PrincipalName.x \ - asn1_AD_INITIAL_VERIFIED_CAS.x \ - asn1_DHRepInfo.x \ - asn1_PA_PK_AS_REP.x \ - asn1_KDCDHKeyInfo.x \ - asn1_ReplyKeyPack.x \ - asn1_TD_DH_PARAMETERS.x \ - asn1_PKAuthenticator_Win2k.x \ - asn1_AuthPack_Win2k.x \ - asn1_TrustedCA_Win2k.x \ - asn1_PA_PK_AS_REQ_Win2k.x \ - asn1_PA_PK_AS_REP_Win2k.x \ - asn1_KDCDHKeyInfo_Win2k.x \ - asn1_ReplyKeyPack_Win2k.x \ - asn1_PkinitSuppPubInfo.x - -gen_files_pkcs12 = \ - asn1_id_pkcs_12.x \ - asn1_id_pkcs_12PbeIds.x \ - asn1_id_pbeWithSHAAnd128BitRC4.x \ - asn1_id_pbeWithSHAAnd40BitRC4.x \ - asn1_id_pbeWithSHAAnd3_KeyTripleDES_CBC.x \ - asn1_id_pbeWithSHAAnd2_KeyTripleDES_CBC.x \ - asn1_id_pbeWithSHAAnd128BitRC2_CBC.x \ - asn1_id_pbewithSHAAnd40BitRC2_CBC.x \ - asn1_id_pkcs12_bagtypes.x \ - asn1_id_pkcs12_keyBag.x \ - asn1_id_pkcs12_pkcs8ShroudedKeyBag.x \ - asn1_id_pkcs12_certBag.x \ - asn1_id_pkcs12_crlBag.x \ - asn1_id_pkcs12_secretBag.x \ - asn1_id_pkcs12_safeContentsBag.x \ - asn1_PKCS12_MacData.x \ - asn1_PKCS12_PFX.x \ - asn1_PKCS12_AuthenticatedSafe.x \ - asn1_PKCS12_CertBag.x \ - asn1_PKCS12_Attribute.x \ - asn1_PKCS12_Attributes.x \ - asn1_PKCS12_SafeBag.x \ - asn1_PKCS12_SafeContents.x \ - asn1_PKCS12_OctetString.x \ - asn1_PKCS12_PBEParams.x - -gen_files_pkcs8 = \ - asn1_PKCS8PrivateKeyAlgorithmIdentifier.x \ - asn1_PKCS8PrivateKey.x \ - asn1_PKCS8PrivateKeyInfo.x \ - asn1_PKCS8Attributes.x \ - asn1_PKCS8EncryptedPrivateKeyInfo.x \ - asn1_PKCS8EncryptedData.x - -gen_files_pkcs9 = \ - asn1_id_pkcs_9.x \ - asn1_id_pkcs9_contentType.x \ - asn1_id_pkcs9_emailAddress.x \ - asn1_id_pkcs9_messageDigest.x \ - asn1_id_pkcs9_signingTime.x \ - asn1_id_pkcs9_countersignature.x \ - asn1_id_pkcs_9_at_friendlyName.x \ - asn1_id_pkcs_9_at_localKeyId.x \ - asn1_id_pkcs_9_at_certTypes.x \ - asn1_id_pkcs_9_at_certTypes_x509.x \ - asn1_PKCS9_BMPString.x \ - asn1_PKCS9_friendlyName.x - -gen_files_test = \ - asn1_TESTAlloc.x \ - asn1_TESTAllocInner.x \ - asn1_TESTCONTAINING.x \ - asn1_TESTCONTAININGENCODEDBY.x \ - asn1_TESTCONTAININGENCODEDBY2.x \ - asn1_TESTChoice1.x \ - asn1_TESTChoice2.x \ - asn1_TESTDer.x \ - asn1_TESTENCODEDBY.x \ - asn1_TESTImplicit.x \ - asn1_TESTImplicit2.x \ - asn1_TESTInteger.x \ - asn1_TESTInteger2.x \ - asn1_TESTInteger3.x \ - asn1_TESTLargeTag.x \ - asn1_TESTSeq.x \ - asn1_TESTUSERCONSTRAINED.x \ - asn1_TESTSeqOf.x \ - asn1_TESTOSSize1.x \ - asn1_TESTSeqSizeOf1.x \ - asn1_TESTSeqSizeOf2.x \ - asn1_TESTSeqSizeOf3.x \ - asn1_TESTSeqSizeOf4.x - -gen_files_digest = \ - asn1_DigestError.x \ - asn1_DigestInit.x \ - asn1_DigestInitReply.x \ - asn1_DigestREP.x \ - asn1_DigestREQ.x \ - asn1_DigestRepInner.x \ - asn1_DigestReqInner.x \ - asn1_DigestRequest.x \ - asn1_DigestResponse.x \ - asn1_DigestTypes.x \ - asn1_NTLMInit.x \ - asn1_NTLMInitReply.x \ - asn1_NTLMRequest.x \ - asn1_NTLMResponse.x - -gen_files_kx509 = \ - asn1_Kx509Response.x \ - asn1_Kx509Request.x - -noinst_PROGRAMS = asn1_compile asn1_print asn1_gen - -TESTS = check-der check-gen check-timegm -check_PROGRAMS = $(TESTS) - -asn1_gen_SOURCES = asn1_gen.c -asn1_print_SOURCES = asn1_print.c -check_der_SOURCES = check-der.c check-common.c check-common.h - -dist_check_gen_SOURCES = check-gen.c check-common.c check-common.h -nodist_check_gen_SOURCES = $(gen_files_test:.x=.c) - -asn1_compile_SOURCES = \ - asn1-common.h \ - asn1_queue.h \ - der.h \ - gen.c \ - gen_copy.c \ - gen_decode.c \ - gen_encode.c \ - gen_free.c \ - gen_glue.c \ - gen_length.c \ - gen_locl.h \ - gen_seq.c \ - hash.c \ - hash.h \ - lex.l \ - lex.h \ - main.c \ - parse.y \ - symbol.c \ - symbol.h - -dist_libasn1_la_SOURCES = \ - der-protos.h \ - der_locl.h \ - der.c \ - der.h \ - der_get.c \ - der_put.c \ - der_free.c \ - der_length.c \ - der_copy.c \ - der_cmp.c \ - der_format.c \ - heim_asn1.h \ - extra.c \ - timegm.c - -nodist_libasn1_la_SOURCES = $(BUILT_SOURCES) - -asn1_compile_LDADD = \ - $(LIB_roken) $(LEXLIB) - -check_der_LDADD = \ - libasn1.la \ - $(LIB_roken) - -check_gen_LDADD = $(check_der_LDADD) -asn1_print_LDADD = $(check_der_LDADD) -asn1_gen_LDADD = $(check_der_LDADD) -check_timegm_LDADD = $(check_der_LDADD) - -CLEANFILES = \ - $(BUILT_SOURCES) \ - $(gen_files_rfc2459) \ - $(gen_files_cms) \ - $(gen_files_k5) \ - $(gen_files_pkinit) \ - $(gen_files_pkcs8) \ - $(gen_files_pkcs9) \ - $(gen_files_pkcs12) \ - $(gen_files_digest) \ - $(gen_files_kx509) \ - $(gen_files_test) $(nodist_check_gen_SOURCES) \ - rfc2459_asn1_files rfc2459_asn1.h \ - cms_asn1_files cms_asn1.h \ - krb5_asn1_files krb5_asn1.h \ - pkinit_asn1_files pkinit_asn1.h \ - pkcs8_asn1_files pkcs8_asn1.h \ - pkcs9_asn1_files pkcs9_asn1.h \ - pkcs12_asn1_files pkcs12_asn1.h \ - digest_asn1_files digest_asn1.h \ - kx509_asn1_files kx509_asn1.h \ - test_asn1_files test_asn1.h - -dist_include_HEADERS = der.h heim_asn1.h der-protos.h - -nodist_include_HEADERS = asn1_err.h -nodist_include_HEADERS += krb5_asn1.h -nodist_include_HEADERS += pkinit_asn1.h -nodist_include_HEADERS += cms_asn1.h -nodist_include_HEADERS += rfc2459_asn1.h -nodist_include_HEADERS += pkcs8_asn1.h -nodist_include_HEADERS += pkcs9_asn1.h -nodist_include_HEADERS += pkcs12_asn1.h -nodist_include_HEADERS += digest_asn1.h -nodist_include_HEADERS += kx509_asn1.h - -$(asn1_compile_OBJECTS): parse.h parse.c $(srcdir)/der-protos.h -$(libasn1_la_OBJECTS): krb5_asn1.h asn1_err.h $(srcdir)/der-protos.h -$(check_gen_OBJECTS): test_asn1.h -$(asn1_print_OBJECTS): krb5_asn1.h - -parse.h: parse.c - -$(gen_files_k5) krb5_asn1.h: krb5_asn1_files -$(gen_files_pkinit) pkinit_asn1.h: pkinit_asn1_files -$(gen_files_pkcs8) pkcs8_asn1.h: pkcs8_asn1_files -$(gen_files_pkcs9) pkcs9_asn1.h: pkcs9_asn1_files -$(gen_files_pkcs12) pkcs12_asn1.h: pkcs12_asn1_files -$(gen_files_digest) digest_asn1.h: digest_asn1_files -$(gen_files_kx509) kx509_asn1.h: kx509_asn1_files -$(gen_files_rfc2459) rfc2459_asn1.h: rfc2459_asn1_files -$(gen_files_cms) cms_asn1.h: cms_asn1_files -$(gen_files_test) test_asn1.h: test_asn1_files - -rfc2459_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/rfc2459.asn1 - ./asn1_compile$(EXEEXT) --preserve-binary=TBSCertificate --preserve-binary=TBSCRLCertList --preserve-binary=Name --sequence=GeneralNames --sequence=Extensions --sequence=CRLDistributionPoints $(srcdir)/rfc2459.asn1 rfc2459_asn1 || (rm -f rfc2459_asn1_files ; exit 1) - -cms_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/CMS.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/CMS.asn1 cms_asn1 || (rm -f cms_asn1_files ; exit 1) - -krb5_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/k5.asn1 - ./asn1_compile$(EXEEXT) --encode-rfc1510-bit-string --sequence=KRB5SignedPathPrincipals --sequence=AuthorizationData --sequence=METHOD-DATA --sequence=ETYPE-INFO --sequence=ETYPE-INFO2 $(srcdir)/k5.asn1 krb5_asn1 || (rm -f krb5_asn1_files ; exit 1) - -pkinit_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkinit.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/pkinit.asn1 pkinit_asn1 || (rm -f pkinit_asn1_files ; exit 1) - -pkcs8_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkcs8.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/pkcs8.asn1 pkcs8_asn1 || (rm -f pkcs8_asn1_files ; exit 1) - -pkcs9_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkcs9.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/pkcs9.asn1 pkcs9_asn1 || (rm -f pkcs9_asn1_files ; exit 1) - -pkcs12_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkcs12.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/pkcs12.asn1 pkcs12_asn1 || (rm -f pkcs12_asn1_files ; exit 1) - -digest_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/digest.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/digest.asn1 digest_asn1 || (rm -f digest_asn1_files ; exit 1) - -kx509_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/kx509.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/kx509.asn1 kx509_asn1 || (rm -f kx509_asn1_files ; exit 1) - -test_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/test.asn1 - ./asn1_compile$(EXEEXT) --sequence=TESTSeqOf $(srcdir)/test.asn1 test_asn1 || (rm -f test_asn1_files ; exit 1) - -EXTRA_DIST = \ - asn1_err.et \ - canthandle.asn1 \ - CMS.asn1 \ - digest.asn1 \ - k5.asn1 \ - kx509.asn1 \ - test.asn1 \ - setchgpw2.asn1 \ - pkcs12.asn1 \ - pkcs8.asn1 \ - pkcs9.asn1 \ - pkinit.asn1 \ - rfc2459.asn1 \ - test.gen - -$(srcdir)/der-protos.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o der-protos.h $(dist_libasn1_la_SOURCES) || rm -f der-protos.h diff --git a/crypto/heimdal/lib/asn1/Makefile.in b/crypto/heimdal/lib/asn1/Makefile.in deleted file mode 100644 index 0a3783a9b601..000000000000 --- a/crypto/heimdal/lib/asn1/Makefile.in +++ /dev/null @@ -1,1801 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22445 2008-01-14 21:23:36Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - - - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(dist_include_HEADERS) $(srcdir)/Makefile.am \ - $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog lex.c parse.c \ - parse.h -noinst_PROGRAMS = asn1_compile$(EXEEXT) asn1_print$(EXEEXT) \ - asn1_gen$(EXEEXT) -TESTS = check-der$(EXEEXT) check-gen$(EXEEXT) check-timegm$(EXEEXT) -check_PROGRAMS = $(am__EXEEXT_1) -subdir = lib/asn1 -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)" \ - "$(DESTDIR)$(includedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) -LTLIBRARIES = $(lib_LTLIBRARIES) -am__DEPENDENCIES_1 = -libasn1_la_DEPENDENCIES = $(am__DEPENDENCIES_1) -dist_libasn1_la_OBJECTS = der.lo der_get.lo der_put.lo der_free.lo \ - der_length.lo der_copy.lo der_cmp.lo der_format.lo extra.lo \ - timegm.lo -am__objects_1 = asn1_Version.lo asn1_id_pkcs_1.lo \ - asn1_id_pkcs1_rsaEncryption.lo \ - asn1_id_pkcs1_md2WithRSAEncryption.lo \ - asn1_id_pkcs1_md5WithRSAEncryption.lo \ - asn1_id_pkcs1_sha1WithRSAEncryption.lo \ - asn1_id_pkcs1_sha256WithRSAEncryption.lo \ - asn1_id_pkcs1_sha384WithRSAEncryption.lo \ - asn1_id_pkcs1_sha512WithRSAEncryption.lo \ - asn1_id_heim_rsa_pkcs1_x509.lo asn1_id_pkcs_2.lo \ - asn1_id_pkcs2_md2.lo asn1_id_pkcs2_md4.lo asn1_id_pkcs2_md5.lo \ - asn1_id_rsa_digestAlgorithm.lo asn1_id_rsa_digest_md2.lo \ - asn1_id_rsa_digest_md4.lo asn1_id_rsa_digest_md5.lo \ - asn1_id_pkcs_3.lo asn1_id_pkcs3_rc2_cbc.lo \ - asn1_id_pkcs3_rc4.lo asn1_id_pkcs3_des_ede3_cbc.lo \ - asn1_id_rsadsi_encalg.lo asn1_id_rsadsi_rc2_cbc.lo \ - asn1_id_rsadsi_des_ede3_cbc.lo asn1_id_secsig_sha_1.lo \ - asn1_id_nistAlgorithm.lo asn1_id_nist_aes_algs.lo \ - asn1_id_aes_128_cbc.lo asn1_id_aes_192_cbc.lo \ - asn1_id_aes_256_cbc.lo asn1_id_nist_sha_algs.lo \ - asn1_id_sha256.lo asn1_id_sha224.lo asn1_id_sha384.lo \ - asn1_id_sha512.lo asn1_id_dhpublicnumber.lo asn1_id_x9_57.lo \ - asn1_id_dsa.lo asn1_id_dsa_with_sha1.lo asn1_id_x520_at.lo \ - asn1_id_at_commonName.lo asn1_id_at_surname.lo \ - asn1_id_at_serialNumber.lo asn1_id_at_countryName.lo \ - asn1_id_at_localityName.lo asn1_id_at_streetAddress.lo \ - asn1_id_at_stateOrProvinceName.lo \ - asn1_id_at_organizationName.lo \ - asn1_id_at_organizationalUnitName.lo asn1_id_at_name.lo \ - asn1_id_at_givenName.lo asn1_id_at_initials.lo \ - asn1_id_at_generationQualifier.lo asn1_id_at_pseudonym.lo \ - asn1_id_Userid.lo asn1_id_domainComponent.lo \ - asn1_id_x509_ce.lo asn1_id_uspkicommon_card_id.lo \ - asn1_id_uspkicommon_piv_interim.lo asn1_id_netscape.lo \ - asn1_id_netscape_cert_comment.lo \ - asn1_id_ms_cert_enroll_domaincontroller.lo \ - asn1_id_ms_client_authentication.lo \ - asn1_AlgorithmIdentifier.lo asn1_AttributeType.lo \ - asn1_AttributeValue.lo asn1_TeletexStringx.lo \ - asn1_DirectoryString.lo asn1_Attribute.lo \ - asn1_AttributeTypeAndValue.lo \ - asn1_AuthorityInfoAccessSyntax.lo asn1_AccessDescription.lo \ - asn1_RelativeDistinguishedName.lo asn1_RDNSequence.lo \ - asn1_Name.lo asn1_CertificateSerialNumber.lo asn1_Time.lo \ - asn1_Validity.lo asn1_UniqueIdentifier.lo \ - asn1_SubjectPublicKeyInfo.lo asn1_Extension.lo \ - asn1_Extensions.lo asn1_TBSCertificate.lo asn1_Certificate.lo \ - asn1_Certificates.lo asn1_ValidationParms.lo \ - asn1_DomainParameters.lo asn1_DHPublicKey.lo asn1_OtherName.lo \ - asn1_GeneralName.lo asn1_GeneralNames.lo \ - asn1_id_x509_ce_keyUsage.lo asn1_KeyUsage.lo \ - asn1_id_x509_ce_authorityKeyIdentifier.lo \ - asn1_KeyIdentifier.lo asn1_AuthorityKeyIdentifier.lo \ - asn1_id_x509_ce_subjectKeyIdentifier.lo \ - asn1_SubjectKeyIdentifier.lo \ - asn1_id_x509_ce_basicConstraints.lo asn1_BasicConstraints.lo \ - asn1_id_x509_ce_nameConstraints.lo asn1_BaseDistance.lo \ - asn1_GeneralSubtree.lo asn1_GeneralSubtrees.lo \ - asn1_NameConstraints.lo \ - asn1_id_x509_ce_privateKeyUsagePeriod.lo \ - asn1_id_x509_ce_certificatePolicies.lo \ - asn1_id_x509_ce_policyMappings.lo \ - asn1_id_x509_ce_subjectAltName.lo \ - asn1_id_x509_ce_issuerAltName.lo \ - asn1_id_x509_ce_subjectDirectoryAttributes.lo \ - asn1_id_x509_ce_policyConstraints.lo \ - asn1_id_x509_ce_extKeyUsage.lo asn1_ExtKeyUsage.lo \ - asn1_id_x509_ce_cRLDistributionPoints.lo \ - asn1_id_x509_ce_deltaCRLIndicator.lo \ - asn1_id_x509_ce_issuingDistributionPoint.lo \ - asn1_id_x509_ce_holdInstructionCode.lo \ - asn1_id_x509_ce_invalidityDate.lo \ - asn1_id_x509_ce_certificateIssuer.lo \ - asn1_id_x509_ce_inhibitAnyPolicy.lo \ - asn1_DistributionPointReasonFlags.lo \ - asn1_DistributionPointName.lo asn1_DistributionPoint.lo \ - asn1_CRLDistributionPoints.lo asn1_DSASigValue.lo \ - asn1_DSAPublicKey.lo asn1_DSAParams.lo asn1_RSAPublicKey.lo \ - asn1_RSAPrivateKey.lo asn1_DigestInfo.lo \ - asn1_TBSCRLCertList.lo asn1_CRLCertificateList.lo \ - asn1_id_x509_ce_cRLNumber.lo asn1_id_x509_ce_freshestCRL.lo \ - asn1_id_x509_ce_cRLReason.lo asn1_CRLReason.lo \ - asn1_PKIXXmppAddr.lo asn1_id_pkix.lo asn1_id_pkix_on.lo \ - asn1_id_pkix_on_dnsSRV.lo asn1_id_pkix_on_xmppAddr.lo \ - asn1_id_pkix_kp.lo asn1_id_pkix_kp_serverAuth.lo \ - asn1_id_pkix_kp_clientAuth.lo \ - asn1_id_pkix_kp_emailProtection.lo \ - asn1_id_pkix_kp_timeStamping.lo asn1_id_pkix_kp_OCSPSigning.lo \ - asn1_id_pkix_pe.lo asn1_id_pkix_pe_authorityInfoAccess.lo \ - asn1_id_pkix_pe_proxyCertInfo.lo asn1_id_pkix_ppl.lo \ - asn1_id_pkix_ppl_anyLanguage.lo asn1_id_pkix_ppl_inheritAll.lo \ - asn1_id_pkix_ppl_independent.lo asn1_ProxyPolicy.lo \ - asn1_ProxyCertInfo.lo -am__objects_2 = asn1_CMSAttributes.lo asn1_CMSCBCParameter.lo \ - asn1_CMSEncryptedData.lo asn1_CMSIdentifier.lo \ - asn1_CMSRC2CBCParameter.lo asn1_CMSVersion.lo \ - asn1_CertificateList.lo asn1_CertificateRevocationLists.lo \ - asn1_CertificateSet.lo \ - asn1_ContentEncryptionAlgorithmIdentifier.lo \ - asn1_ContentInfo.lo asn1_ContentType.lo \ - asn1_DigestAlgorithmIdentifier.lo \ - asn1_DigestAlgorithmIdentifiers.lo \ - asn1_EncapsulatedContentInfo.lo asn1_EncryptedContent.lo \ - asn1_EncryptedContentInfo.lo asn1_EncryptedKey.lo \ - asn1_EnvelopedData.lo asn1_IssuerAndSerialNumber.lo \ - asn1_KeyEncryptionAlgorithmIdentifier.lo \ - asn1_KeyTransRecipientInfo.lo asn1_MessageDigest.lo \ - asn1_OriginatorInfo.lo asn1_RecipientIdentifier.lo \ - asn1_RecipientInfo.lo asn1_RecipientInfos.lo \ - asn1_SignatureAlgorithmIdentifier.lo asn1_SignatureValue.lo \ - asn1_SignedData.lo asn1_SignerIdentifier.lo asn1_SignerInfo.lo \ - asn1_SignerInfos.lo asn1_id_pkcs7.lo asn1_id_pkcs7_data.lo \ - asn1_id_pkcs7_digestedData.lo asn1_id_pkcs7_encryptedData.lo \ - asn1_id_pkcs7_envelopedData.lo \ - asn1_id_pkcs7_signedAndEnvelopedData.lo \ - asn1_id_pkcs7_signedData.lo asn1_UnprotectedAttributes.lo -am__objects_3 = asn1_AD_AND_OR.lo asn1_AD_IF_RELEVANT.lo \ - asn1_AD_KDCIssued.lo asn1_AD_MANDATORY_FOR_KDC.lo \ - asn1_AD_LoginAlias.lo asn1_APOptions.lo asn1_AP_REP.lo \ - asn1_AP_REQ.lo asn1_AS_REP.lo asn1_AS_REQ.lo \ - asn1_AUTHDATA_TYPE.lo asn1_Authenticator.lo \ - asn1_AuthorizationData.lo asn1_AuthorizationDataElement.lo \ - asn1_CKSUMTYPE.lo asn1_ChangePasswdDataMS.lo asn1_Checksum.lo \ - asn1_ENCTYPE.lo asn1_ETYPE_INFO.lo asn1_ETYPE_INFO2.lo \ - asn1_ETYPE_INFO2_ENTRY.lo asn1_ETYPE_INFO_ENTRY.lo \ - asn1_EncAPRepPart.lo asn1_EncASRepPart.lo \ - asn1_EncKDCRepPart.lo asn1_EncKrbCredPart.lo \ - asn1_EncKrbPrivPart.lo asn1_EncTGSRepPart.lo \ - asn1_EncTicketPart.lo asn1_EncryptedData.lo \ - asn1_EncryptionKey.lo asn1_EtypeList.lo asn1_HostAddress.lo \ - asn1_HostAddresses.lo asn1_KDCOptions.lo asn1_KDC_REP.lo \ - asn1_KDC_REQ.lo asn1_KDC_REQ_BODY.lo asn1_KRB_CRED.lo \ - asn1_KRB_ERROR.lo asn1_KRB_PRIV.lo asn1_KRB_SAFE.lo \ - asn1_KRB_SAFE_BODY.lo asn1_KerberosString.lo \ - asn1_KerberosTime.lo asn1_KrbCredInfo.lo asn1_LR_TYPE.lo \ - asn1_LastReq.lo asn1_MESSAGE_TYPE.lo asn1_METHOD_DATA.lo \ - asn1_NAME_TYPE.lo asn1_PADATA_TYPE.lo asn1_PA_DATA.lo \ - asn1_PA_ENC_SAM_RESPONSE_ENC.lo asn1_PA_ENC_TS_ENC.lo \ - asn1_PA_PAC_REQUEST.lo asn1_PA_S4U2Self.lo \ - asn1_PA_SAM_CHALLENGE_2.lo asn1_PA_SAM_CHALLENGE_2_BODY.lo \ - asn1_PA_SAM_REDIRECT.lo asn1_PA_SAM_RESPONSE_2.lo \ - asn1_PA_SAM_TYPE.lo asn1_PA_ClientCanonicalized.lo \ - asn1_PA_ClientCanonicalizedNames.lo asn1_PA_SvrReferralData.lo \ - asn1_PROV_SRV_LOCATION.lo asn1_Principal.lo \ - asn1_PrincipalName.lo asn1_Realm.lo asn1_SAMFlags.lo \ - asn1_TGS_REP.lo asn1_TGS_REQ.lo asn1_TYPED_DATA.lo \ - asn1_Ticket.lo asn1_TicketFlags.lo asn1_TransitedEncoding.lo \ - asn1_TypedData.lo asn1_krb5int32.lo asn1_krb5uint32.lo \ - asn1_KRB5SignedPathData.lo asn1_KRB5SignedPathPrincipals.lo \ - asn1_KRB5SignedPath.lo -am__objects_4 = asn1_id_pkinit.lo asn1_id_pkauthdata.lo \ - asn1_id_pkdhkeydata.lo asn1_id_pkrkeydata.lo \ - asn1_id_pkekuoid.lo asn1_id_pkkdcekuoid.lo \ - asn1_id_pkinit_san.lo asn1_id_pkinit_ms_eku.lo \ - asn1_id_pkinit_ms_san.lo asn1_MS_UPN_SAN.lo asn1_DHNonce.lo \ - asn1_KDFAlgorithmId.lo asn1_TrustedCA.lo \ - asn1_ExternalPrincipalIdentifier.lo \ - asn1_ExternalPrincipalIdentifiers.lo asn1_PA_PK_AS_REQ.lo \ - asn1_PKAuthenticator.lo asn1_AuthPack.lo \ - asn1_TD_TRUSTED_CERTIFIERS.lo asn1_TD_INVALID_CERTIFICATES.lo \ - asn1_KRB5PrincipalName.lo asn1_AD_INITIAL_VERIFIED_CAS.lo \ - asn1_DHRepInfo.lo asn1_PA_PK_AS_REP.lo asn1_KDCDHKeyInfo.lo \ - asn1_ReplyKeyPack.lo asn1_TD_DH_PARAMETERS.lo \ - asn1_PKAuthenticator_Win2k.lo asn1_AuthPack_Win2k.lo \ - asn1_TrustedCA_Win2k.lo asn1_PA_PK_AS_REQ_Win2k.lo \ - asn1_PA_PK_AS_REP_Win2k.lo asn1_KDCDHKeyInfo_Win2k.lo \ - asn1_ReplyKeyPack_Win2k.lo asn1_PkinitSuppPubInfo.lo -am__objects_5 = asn1_PKCS8PrivateKeyAlgorithmIdentifier.lo \ - asn1_PKCS8PrivateKey.lo asn1_PKCS8PrivateKeyInfo.lo \ - asn1_PKCS8Attributes.lo asn1_PKCS8EncryptedPrivateKeyInfo.lo \ - asn1_PKCS8EncryptedData.lo -am__objects_6 = asn1_id_pkcs_9.lo asn1_id_pkcs9_contentType.lo \ - asn1_id_pkcs9_emailAddress.lo asn1_id_pkcs9_messageDigest.lo \ - asn1_id_pkcs9_signingTime.lo asn1_id_pkcs9_countersignature.lo \ - asn1_id_pkcs_9_at_friendlyName.lo \ - asn1_id_pkcs_9_at_localKeyId.lo asn1_id_pkcs_9_at_certTypes.lo \ - asn1_id_pkcs_9_at_certTypes_x509.lo asn1_PKCS9_BMPString.lo \ - asn1_PKCS9_friendlyName.lo -am__objects_7 = asn1_id_pkcs_12.lo asn1_id_pkcs_12PbeIds.lo \ - asn1_id_pbeWithSHAAnd128BitRC4.lo \ - asn1_id_pbeWithSHAAnd40BitRC4.lo \ - asn1_id_pbeWithSHAAnd3_KeyTripleDES_CBC.lo \ - asn1_id_pbeWithSHAAnd2_KeyTripleDES_CBC.lo \ - asn1_id_pbeWithSHAAnd128BitRC2_CBC.lo \ - asn1_id_pbewithSHAAnd40BitRC2_CBC.lo \ - asn1_id_pkcs12_bagtypes.lo asn1_id_pkcs12_keyBag.lo \ - asn1_id_pkcs12_pkcs8ShroudedKeyBag.lo \ - asn1_id_pkcs12_certBag.lo asn1_id_pkcs12_crlBag.lo \ - asn1_id_pkcs12_secretBag.lo asn1_id_pkcs12_safeContentsBag.lo \ - asn1_PKCS12_MacData.lo asn1_PKCS12_PFX.lo \ - asn1_PKCS12_AuthenticatedSafe.lo asn1_PKCS12_CertBag.lo \ - asn1_PKCS12_Attribute.lo asn1_PKCS12_Attributes.lo \ - asn1_PKCS12_SafeBag.lo asn1_PKCS12_SafeContents.lo \ - asn1_PKCS12_OctetString.lo asn1_PKCS12_PBEParams.lo -am__objects_8 = asn1_DigestError.lo asn1_DigestInit.lo \ - asn1_DigestInitReply.lo asn1_DigestREP.lo asn1_DigestREQ.lo \ - asn1_DigestRepInner.lo asn1_DigestReqInner.lo \ - asn1_DigestRequest.lo asn1_DigestResponse.lo \ - asn1_DigestTypes.lo asn1_NTLMInit.lo asn1_NTLMInitReply.lo \ - asn1_NTLMRequest.lo asn1_NTLMResponse.lo -am__objects_9 = asn1_Kx509Response.lo asn1_Kx509Request.lo -am__objects_10 = $(am__objects_1) $(am__objects_2) $(am__objects_3) \ - $(am__objects_4) $(am__objects_5) $(am__objects_6) \ - $(am__objects_7) $(am__objects_8) $(am__objects_9) asn1_err.lo -nodist_libasn1_la_OBJECTS = $(am__objects_10) -libasn1_la_OBJECTS = $(dist_libasn1_la_OBJECTS) \ - $(nodist_libasn1_la_OBJECTS) -libasn1_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(libasn1_la_LDFLAGS) $(LDFLAGS) -o $@ -am__EXEEXT_1 = check-der$(EXEEXT) check-gen$(EXEEXT) \ - check-timegm$(EXEEXT) -PROGRAMS = $(noinst_PROGRAMS) -am_asn1_compile_OBJECTS = gen.$(OBJEXT) gen_copy.$(OBJEXT) \ - gen_decode.$(OBJEXT) gen_encode.$(OBJEXT) gen_free.$(OBJEXT) \ - gen_glue.$(OBJEXT) gen_length.$(OBJEXT) gen_seq.$(OBJEXT) \ - hash.$(OBJEXT) lex.$(OBJEXT) main.$(OBJEXT) parse.$(OBJEXT) \ - symbol.$(OBJEXT) -asn1_compile_OBJECTS = $(am_asn1_compile_OBJECTS) -asn1_compile_DEPENDENCIES = $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -am_asn1_gen_OBJECTS = asn1_gen.$(OBJEXT) -asn1_gen_OBJECTS = $(am_asn1_gen_OBJECTS) -am__DEPENDENCIES_2 = libasn1.la $(am__DEPENDENCIES_1) -asn1_gen_DEPENDENCIES = $(am__DEPENDENCIES_2) -am_asn1_print_OBJECTS = asn1_print.$(OBJEXT) -asn1_print_OBJECTS = $(am_asn1_print_OBJECTS) -asn1_print_DEPENDENCIES = $(am__DEPENDENCIES_2) -am_check_der_OBJECTS = check-der.$(OBJEXT) check-common.$(OBJEXT) -check_der_OBJECTS = $(am_check_der_OBJECTS) -check_der_DEPENDENCIES = libasn1.la $(am__DEPENDENCIES_1) -dist_check_gen_OBJECTS = check-gen.$(OBJEXT) check-common.$(OBJEXT) -am__objects_11 = asn1_TESTAlloc.$(OBJEXT) \ - asn1_TESTAllocInner.$(OBJEXT) asn1_TESTCONTAINING.$(OBJEXT) \ - asn1_TESTCONTAININGENCODEDBY.$(OBJEXT) \ - asn1_TESTCONTAININGENCODEDBY2.$(OBJEXT) \ - asn1_TESTChoice1.$(OBJEXT) asn1_TESTChoice2.$(OBJEXT) \ - asn1_TESTDer.$(OBJEXT) asn1_TESTENCODEDBY.$(OBJEXT) \ - asn1_TESTImplicit.$(OBJEXT) asn1_TESTImplicit2.$(OBJEXT) \ - asn1_TESTInteger.$(OBJEXT) asn1_TESTInteger2.$(OBJEXT) \ - asn1_TESTInteger3.$(OBJEXT) asn1_TESTLargeTag.$(OBJEXT) \ - asn1_TESTSeq.$(OBJEXT) asn1_TESTUSERCONSTRAINED.$(OBJEXT) \ - asn1_TESTSeqOf.$(OBJEXT) asn1_TESTOSSize1.$(OBJEXT) \ - asn1_TESTSeqSizeOf1.$(OBJEXT) asn1_TESTSeqSizeOf2.$(OBJEXT) \ - asn1_TESTSeqSizeOf3.$(OBJEXT) asn1_TESTSeqSizeOf4.$(OBJEXT) -nodist_check_gen_OBJECTS = $(am__objects_11) -check_gen_OBJECTS = $(dist_check_gen_OBJECTS) \ - $(nodist_check_gen_OBJECTS) -check_gen_DEPENDENCIES = $(am__DEPENDENCIES_2) -check_timegm_SOURCES = check-timegm.c -check_timegm_OBJECTS = check-timegm.$(OBJEXT) -check_timegm_DEPENDENCIES = $(am__DEPENDENCIES_2) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -@MAINTAINER_MODE_FALSE@am__skiplex = test -f $@ || -LEXCOMPILE = $(LEX) $(LFLAGS) $(AM_LFLAGS) -LTLEXCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(LEX) $(LFLAGS) $(AM_LFLAGS) -YLWRAP = $(top_srcdir)/ylwrap -@MAINTAINER_MODE_FALSE@am__skipyacc = test -f $@ || -YACCCOMPILE = $(YACC) $(YFLAGS) $(AM_YFLAGS) -LTYACCCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(YACC) $(YFLAGS) $(AM_YFLAGS) -SOURCES = $(dist_libasn1_la_SOURCES) $(nodist_libasn1_la_SOURCES) \ - $(asn1_compile_SOURCES) $(asn1_gen_SOURCES) \ - $(asn1_print_SOURCES) $(check_der_SOURCES) \ - $(dist_check_gen_SOURCES) $(nodist_check_gen_SOURCES) \ - check-timegm.c -DIST_SOURCES = $(dist_libasn1_la_SOURCES) $(asn1_compile_SOURCES) \ - $(asn1_gen_SOURCES) $(asn1_print_SOURCES) $(check_der_SOURCES) \ - $(dist_check_gen_SOURCES) check-timegm.c -dist_includeHEADERS_INSTALL = $(INSTALL_HEADER) -nodist_includeHEADERS_INSTALL = $(INSTALL_HEADER) -HEADERS = $(dist_include_HEADERS) $(nodist_include_HEADERS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = -d -t -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -lib_LTLIBRARIES = libasn1.la -libasn1_la_LDFLAGS = -version-info 8:0:0 -libasn1_la_LIBADD = \ - @LIB_com_err@ \ - $(LIBADD_roken) - -BUILT_SOURCES = \ - $(gen_files_rfc2459:.x=.c) \ - $(gen_files_cms:.x=.c) \ - $(gen_files_k5:.x=.c) \ - $(gen_files_pkinit:.x=.c) \ - $(gen_files_pkcs8:.x=.c) \ - $(gen_files_pkcs9:.x=.c) \ - $(gen_files_pkcs12:.x=.c) \ - $(gen_files_digest:.x=.c) \ - $(gen_files_kx509:.x=.c) \ - asn1_err.h \ - asn1_err.c - -gen_files_k5 = \ - asn1_AD_AND_OR.x \ - asn1_AD_IF_RELEVANT.x \ - asn1_AD_KDCIssued.x \ - asn1_AD_MANDATORY_FOR_KDC.x \ - asn1_AD_LoginAlias.x \ - asn1_APOptions.x \ - asn1_AP_REP.x \ - asn1_AP_REQ.x \ - asn1_AS_REP.x \ - asn1_AS_REQ.x \ - asn1_AUTHDATA_TYPE.x \ - asn1_Authenticator.x \ - asn1_AuthorizationData.x \ - asn1_AuthorizationDataElement.x \ - asn1_CKSUMTYPE.x \ - asn1_ChangePasswdDataMS.x \ - asn1_Checksum.x \ - asn1_ENCTYPE.x \ - asn1_ETYPE_INFO.x \ - asn1_ETYPE_INFO2.x \ - asn1_ETYPE_INFO2_ENTRY.x \ - asn1_ETYPE_INFO_ENTRY.x \ - asn1_EncAPRepPart.x \ - asn1_EncASRepPart.x \ - asn1_EncKDCRepPart.x \ - asn1_EncKrbCredPart.x \ - asn1_EncKrbPrivPart.x \ - asn1_EncTGSRepPart.x \ - asn1_EncTicketPart.x \ - asn1_EncryptedData.x \ - asn1_EncryptionKey.x \ - asn1_EtypeList.x \ - asn1_HostAddress.x \ - asn1_HostAddresses.x \ - asn1_KDCOptions.x \ - asn1_KDC_REP.x \ - asn1_KDC_REQ.x \ - asn1_KDC_REQ_BODY.x \ - asn1_KRB_CRED.x \ - asn1_KRB_ERROR.x \ - asn1_KRB_PRIV.x \ - asn1_KRB_SAFE.x \ - asn1_KRB_SAFE_BODY.x \ - asn1_KerberosString.x \ - asn1_KerberosTime.x \ - asn1_KrbCredInfo.x \ - asn1_LR_TYPE.x \ - asn1_LastReq.x \ - asn1_MESSAGE_TYPE.x \ - asn1_METHOD_DATA.x \ - asn1_NAME_TYPE.x \ - asn1_PADATA_TYPE.x \ - asn1_PA_DATA.x \ - asn1_PA_ENC_SAM_RESPONSE_ENC.x \ - asn1_PA_ENC_TS_ENC.x \ - asn1_PA_PAC_REQUEST.x \ - asn1_PA_S4U2Self.x \ - asn1_PA_SAM_CHALLENGE_2.x \ - asn1_PA_SAM_CHALLENGE_2_BODY.x \ - asn1_PA_SAM_REDIRECT.x \ - asn1_PA_SAM_RESPONSE_2.x \ - asn1_PA_SAM_TYPE.x \ - asn1_PA_ClientCanonicalized.x \ - asn1_PA_ClientCanonicalizedNames.x \ - asn1_PA_SvrReferralData.x \ - asn1_PROV_SRV_LOCATION.x \ - asn1_Principal.x \ - asn1_PrincipalName.x \ - asn1_Realm.x \ - asn1_SAMFlags.x \ - asn1_TGS_REP.x \ - asn1_TGS_REQ.x \ - asn1_TYPED_DATA.x \ - asn1_Ticket.x \ - asn1_TicketFlags.x \ - asn1_TransitedEncoding.x \ - asn1_TypedData.x \ - asn1_krb5int32.x \ - asn1_krb5uint32.x \ - asn1_KRB5SignedPathData.x \ - asn1_KRB5SignedPathPrincipals.x \ - asn1_KRB5SignedPath.x - -gen_files_cms = \ - asn1_CMSAttributes.x \ - asn1_CMSCBCParameter.x \ - asn1_CMSEncryptedData.x \ - asn1_CMSIdentifier.x \ - asn1_CMSRC2CBCParameter.x \ - asn1_CMSVersion.x \ - asn1_CertificateList.x \ - asn1_CertificateRevocationLists.x \ - asn1_CertificateSet.x \ - asn1_ContentEncryptionAlgorithmIdentifier.x \ - asn1_ContentInfo.x \ - asn1_ContentType.x \ - asn1_DigestAlgorithmIdentifier.x \ - asn1_DigestAlgorithmIdentifiers.x \ - asn1_EncapsulatedContentInfo.x \ - asn1_EncryptedContent.x \ - asn1_EncryptedContentInfo.x \ - asn1_EncryptedKey.x \ - asn1_EnvelopedData.x \ - asn1_IssuerAndSerialNumber.x \ - asn1_KeyEncryptionAlgorithmIdentifier.x \ - asn1_KeyTransRecipientInfo.x \ - asn1_MessageDigest.x \ - asn1_OriginatorInfo.x \ - asn1_RecipientIdentifier.x \ - asn1_RecipientInfo.x \ - asn1_RecipientInfos.x \ - asn1_SignatureAlgorithmIdentifier.x \ - asn1_SignatureValue.x \ - asn1_SignedData.x \ - asn1_SignerIdentifier.x \ - asn1_SignerInfo.x \ - asn1_SignerInfos.x \ - asn1_id_pkcs7.x \ - asn1_id_pkcs7_data.x \ - asn1_id_pkcs7_digestedData.x \ - asn1_id_pkcs7_encryptedData.x \ - asn1_id_pkcs7_envelopedData.x \ - asn1_id_pkcs7_signedAndEnvelopedData.x \ - asn1_id_pkcs7_signedData.x \ - asn1_UnprotectedAttributes.x - -gen_files_rfc2459 = \ - asn1_Version.x \ - asn1_id_pkcs_1.x \ - asn1_id_pkcs1_rsaEncryption.x \ - asn1_id_pkcs1_md2WithRSAEncryption.x \ - asn1_id_pkcs1_md5WithRSAEncryption.x \ - asn1_id_pkcs1_sha1WithRSAEncryption.x \ - asn1_id_pkcs1_sha256WithRSAEncryption.x \ - asn1_id_pkcs1_sha384WithRSAEncryption.x \ - asn1_id_pkcs1_sha512WithRSAEncryption.x \ - asn1_id_heim_rsa_pkcs1_x509.x \ - asn1_id_pkcs_2.x \ - asn1_id_pkcs2_md2.x \ - asn1_id_pkcs2_md4.x \ - asn1_id_pkcs2_md5.x \ - asn1_id_rsa_digestAlgorithm.x \ - asn1_id_rsa_digest_md2.x \ - asn1_id_rsa_digest_md4.x \ - asn1_id_rsa_digest_md5.x \ - asn1_id_pkcs_3.x \ - asn1_id_pkcs3_rc2_cbc.x \ - asn1_id_pkcs3_rc4.x \ - asn1_id_pkcs3_des_ede3_cbc.x \ - asn1_id_rsadsi_encalg.x \ - asn1_id_rsadsi_rc2_cbc.x \ - asn1_id_rsadsi_des_ede3_cbc.x \ - asn1_id_secsig_sha_1.x \ - asn1_id_nistAlgorithm.x \ - asn1_id_nist_aes_algs.x \ - asn1_id_aes_128_cbc.x \ - asn1_id_aes_192_cbc.x \ - asn1_id_aes_256_cbc.x \ - asn1_id_nist_sha_algs.x \ - asn1_id_sha256.x \ - asn1_id_sha224.x \ - asn1_id_sha384.x \ - asn1_id_sha512.x \ - asn1_id_dhpublicnumber.x \ - asn1_id_x9_57.x \ - asn1_id_dsa.x \ - asn1_id_dsa_with_sha1.x \ - asn1_id_x520_at.x \ - asn1_id_at_commonName.x \ - asn1_id_at_surname.x \ - asn1_id_at_serialNumber.x \ - asn1_id_at_countryName.x \ - asn1_id_at_localityName.x \ - asn1_id_at_streetAddress.x \ - asn1_id_at_stateOrProvinceName.x \ - asn1_id_at_organizationName.x \ - asn1_id_at_organizationalUnitName.x \ - asn1_id_at_name.x \ - asn1_id_at_givenName.x \ - asn1_id_at_initials.x \ - asn1_id_at_generationQualifier.x \ - asn1_id_at_pseudonym.x \ - asn1_id_Userid.x \ - asn1_id_domainComponent.x \ - asn1_id_x509_ce.x \ - asn1_id_uspkicommon_card_id.x \ - asn1_id_uspkicommon_piv_interim.x \ - asn1_id_netscape.x \ - asn1_id_netscape_cert_comment.x \ - asn1_id_ms_cert_enroll_domaincontroller.x \ - asn1_id_ms_client_authentication.x \ - asn1_AlgorithmIdentifier.x \ - asn1_AttributeType.x \ - asn1_AttributeValue.x \ - asn1_TeletexStringx.x \ - asn1_DirectoryString.x \ - asn1_Attribute.x \ - asn1_AttributeTypeAndValue.x \ - asn1_AuthorityInfoAccessSyntax.x \ - asn1_AccessDescription.x \ - asn1_RelativeDistinguishedName.x \ - asn1_RDNSequence.x \ - asn1_Name.x \ - asn1_CertificateSerialNumber.x \ - asn1_Time.x \ - asn1_Validity.x \ - asn1_UniqueIdentifier.x \ - asn1_SubjectPublicKeyInfo.x \ - asn1_Extension.x \ - asn1_Extensions.x \ - asn1_TBSCertificate.x \ - asn1_Certificate.x \ - asn1_Certificates.x \ - asn1_ValidationParms.x \ - asn1_DomainParameters.x \ - asn1_DHPublicKey.x \ - asn1_OtherName.x \ - asn1_GeneralName.x \ - asn1_GeneralNames.x \ - asn1_id_x509_ce_keyUsage.x \ - asn1_KeyUsage.x \ - asn1_id_x509_ce_authorityKeyIdentifier.x \ - asn1_KeyIdentifier.x \ - asn1_AuthorityKeyIdentifier.x \ - asn1_id_x509_ce_subjectKeyIdentifier.x \ - asn1_SubjectKeyIdentifier.x \ - asn1_id_x509_ce_basicConstraints.x \ - asn1_BasicConstraints.x \ - asn1_id_x509_ce_nameConstraints.x \ - asn1_BaseDistance.x \ - asn1_GeneralSubtree.x \ - asn1_GeneralSubtrees.x \ - asn1_NameConstraints.x \ - asn1_id_x509_ce_privateKeyUsagePeriod.x \ - asn1_id_x509_ce_certificatePolicies.x \ - asn1_id_x509_ce_policyMappings.x \ - asn1_id_x509_ce_subjectAltName.x \ - asn1_id_x509_ce_issuerAltName.x \ - asn1_id_x509_ce_subjectDirectoryAttributes.x \ - asn1_id_x509_ce_policyConstraints.x \ - asn1_id_x509_ce_extKeyUsage.x \ - asn1_ExtKeyUsage.x \ - asn1_id_x509_ce_cRLDistributionPoints.x \ - asn1_id_x509_ce_deltaCRLIndicator.x \ - asn1_id_x509_ce_issuingDistributionPoint.x \ - asn1_id_x509_ce_holdInstructionCode.x \ - asn1_id_x509_ce_invalidityDate.x \ - asn1_id_x509_ce_certificateIssuer.x \ - asn1_id_x509_ce_inhibitAnyPolicy.x \ - asn1_DistributionPointReasonFlags.x \ - asn1_DistributionPointName.x \ - asn1_DistributionPoint.x \ - asn1_CRLDistributionPoints.x \ - asn1_DSASigValue.x \ - asn1_DSAPublicKey.x \ - asn1_DSAParams.x \ - asn1_RSAPublicKey.x \ - asn1_RSAPrivateKey.x \ - asn1_DigestInfo.x \ - asn1_TBSCRLCertList.x \ - asn1_CRLCertificateList.x \ - asn1_id_x509_ce_cRLNumber.x \ - asn1_id_x509_ce_freshestCRL.x \ - asn1_id_x509_ce_cRLReason.x \ - asn1_CRLReason.x \ - asn1_PKIXXmppAddr.x \ - asn1_id_pkix.x \ - asn1_id_pkix_on.x \ - asn1_id_pkix_on_dnsSRV.x \ - asn1_id_pkix_on_xmppAddr.x \ - asn1_id_pkix_kp.x \ - asn1_id_pkix_kp_serverAuth.x \ - asn1_id_pkix_kp_clientAuth.x \ - asn1_id_pkix_kp_emailProtection.x \ - asn1_id_pkix_kp_timeStamping.x \ - asn1_id_pkix_kp_OCSPSigning.x \ - asn1_id_pkix_pe.x \ - asn1_id_pkix_pe_authorityInfoAccess.x \ - asn1_id_pkix_pe_proxyCertInfo.x \ - asn1_id_pkix_ppl.x \ - asn1_id_pkix_ppl_anyLanguage.x \ - asn1_id_pkix_ppl_inheritAll.x \ - asn1_id_pkix_ppl_independent.x \ - asn1_ProxyPolicy.x \ - asn1_ProxyCertInfo.x - -gen_files_pkinit = \ - asn1_id_pkinit.x \ - asn1_id_pkauthdata.x \ - asn1_id_pkdhkeydata.x \ - asn1_id_pkrkeydata.x \ - asn1_id_pkekuoid.x \ - asn1_id_pkkdcekuoid.x \ - asn1_id_pkinit_san.x \ - asn1_id_pkinit_ms_eku.x \ - asn1_id_pkinit_ms_san.x \ - asn1_MS_UPN_SAN.x \ - asn1_DHNonce.x \ - asn1_KDFAlgorithmId.x \ - asn1_TrustedCA.x \ - asn1_ExternalPrincipalIdentifier.x \ - asn1_ExternalPrincipalIdentifiers.x \ - asn1_PA_PK_AS_REQ.x \ - asn1_PKAuthenticator.x \ - asn1_AuthPack.x \ - asn1_TD_TRUSTED_CERTIFIERS.x \ - asn1_TD_INVALID_CERTIFICATES.x \ - asn1_KRB5PrincipalName.x \ - asn1_AD_INITIAL_VERIFIED_CAS.x \ - asn1_DHRepInfo.x \ - asn1_PA_PK_AS_REP.x \ - asn1_KDCDHKeyInfo.x \ - asn1_ReplyKeyPack.x \ - asn1_TD_DH_PARAMETERS.x \ - asn1_PKAuthenticator_Win2k.x \ - asn1_AuthPack_Win2k.x \ - asn1_TrustedCA_Win2k.x \ - asn1_PA_PK_AS_REQ_Win2k.x \ - asn1_PA_PK_AS_REP_Win2k.x \ - asn1_KDCDHKeyInfo_Win2k.x \ - asn1_ReplyKeyPack_Win2k.x \ - asn1_PkinitSuppPubInfo.x - -gen_files_pkcs12 = \ - asn1_id_pkcs_12.x \ - asn1_id_pkcs_12PbeIds.x \ - asn1_id_pbeWithSHAAnd128BitRC4.x \ - asn1_id_pbeWithSHAAnd40BitRC4.x \ - asn1_id_pbeWithSHAAnd3_KeyTripleDES_CBC.x \ - asn1_id_pbeWithSHAAnd2_KeyTripleDES_CBC.x \ - asn1_id_pbeWithSHAAnd128BitRC2_CBC.x \ - asn1_id_pbewithSHAAnd40BitRC2_CBC.x \ - asn1_id_pkcs12_bagtypes.x \ - asn1_id_pkcs12_keyBag.x \ - asn1_id_pkcs12_pkcs8ShroudedKeyBag.x \ - asn1_id_pkcs12_certBag.x \ - asn1_id_pkcs12_crlBag.x \ - asn1_id_pkcs12_secretBag.x \ - asn1_id_pkcs12_safeContentsBag.x \ - asn1_PKCS12_MacData.x \ - asn1_PKCS12_PFX.x \ - asn1_PKCS12_AuthenticatedSafe.x \ - asn1_PKCS12_CertBag.x \ - asn1_PKCS12_Attribute.x \ - asn1_PKCS12_Attributes.x \ - asn1_PKCS12_SafeBag.x \ - asn1_PKCS12_SafeContents.x \ - asn1_PKCS12_OctetString.x \ - asn1_PKCS12_PBEParams.x - -gen_files_pkcs8 = \ - asn1_PKCS8PrivateKeyAlgorithmIdentifier.x \ - asn1_PKCS8PrivateKey.x \ - asn1_PKCS8PrivateKeyInfo.x \ - asn1_PKCS8Attributes.x \ - asn1_PKCS8EncryptedPrivateKeyInfo.x \ - asn1_PKCS8EncryptedData.x - -gen_files_pkcs9 = \ - asn1_id_pkcs_9.x \ - asn1_id_pkcs9_contentType.x \ - asn1_id_pkcs9_emailAddress.x \ - asn1_id_pkcs9_messageDigest.x \ - asn1_id_pkcs9_signingTime.x \ - asn1_id_pkcs9_countersignature.x \ - asn1_id_pkcs_9_at_friendlyName.x \ - asn1_id_pkcs_9_at_localKeyId.x \ - asn1_id_pkcs_9_at_certTypes.x \ - asn1_id_pkcs_9_at_certTypes_x509.x \ - asn1_PKCS9_BMPString.x \ - asn1_PKCS9_friendlyName.x - -gen_files_test = \ - asn1_TESTAlloc.x \ - asn1_TESTAllocInner.x \ - asn1_TESTCONTAINING.x \ - asn1_TESTCONTAININGENCODEDBY.x \ - asn1_TESTCONTAININGENCODEDBY2.x \ - asn1_TESTChoice1.x \ - asn1_TESTChoice2.x \ - asn1_TESTDer.x \ - asn1_TESTENCODEDBY.x \ - asn1_TESTImplicit.x \ - asn1_TESTImplicit2.x \ - asn1_TESTInteger.x \ - asn1_TESTInteger2.x \ - asn1_TESTInteger3.x \ - asn1_TESTLargeTag.x \ - asn1_TESTSeq.x \ - asn1_TESTUSERCONSTRAINED.x \ - asn1_TESTSeqOf.x \ - asn1_TESTOSSize1.x \ - asn1_TESTSeqSizeOf1.x \ - asn1_TESTSeqSizeOf2.x \ - asn1_TESTSeqSizeOf3.x \ - asn1_TESTSeqSizeOf4.x - -gen_files_digest = \ - asn1_DigestError.x \ - asn1_DigestInit.x \ - asn1_DigestInitReply.x \ - asn1_DigestREP.x \ - asn1_DigestREQ.x \ - asn1_DigestRepInner.x \ - asn1_DigestReqInner.x \ - asn1_DigestRequest.x \ - asn1_DigestResponse.x \ - asn1_DigestTypes.x \ - asn1_NTLMInit.x \ - asn1_NTLMInitReply.x \ - asn1_NTLMRequest.x \ - asn1_NTLMResponse.x - -gen_files_kx509 = \ - asn1_Kx509Response.x \ - asn1_Kx509Request.x - -asn1_gen_SOURCES = asn1_gen.c -asn1_print_SOURCES = asn1_print.c -check_der_SOURCES = check-der.c check-common.c check-common.h -dist_check_gen_SOURCES = check-gen.c check-common.c check-common.h -nodist_check_gen_SOURCES = $(gen_files_test:.x=.c) -asn1_compile_SOURCES = \ - asn1-common.h \ - asn1_queue.h \ - der.h \ - gen.c \ - gen_copy.c \ - gen_decode.c \ - gen_encode.c \ - gen_free.c \ - gen_glue.c \ - gen_length.c \ - gen_locl.h \ - gen_seq.c \ - hash.c \ - hash.h \ - lex.l \ - lex.h \ - main.c \ - parse.y \ - symbol.c \ - symbol.h - -dist_libasn1_la_SOURCES = \ - der-protos.h \ - der_locl.h \ - der.c \ - der.h \ - der_get.c \ - der_put.c \ - der_free.c \ - der_length.c \ - der_copy.c \ - der_cmp.c \ - der_format.c \ - heim_asn1.h \ - extra.c \ - timegm.c - -nodist_libasn1_la_SOURCES = $(BUILT_SOURCES) -asn1_compile_LDADD = \ - $(LIB_roken) $(LEXLIB) - -check_der_LDADD = \ - libasn1.la \ - $(LIB_roken) - -check_gen_LDADD = $(check_der_LDADD) -asn1_print_LDADD = $(check_der_LDADD) -asn1_gen_LDADD = $(check_der_LDADD) -check_timegm_LDADD = $(check_der_LDADD) -CLEANFILES = \ - $(BUILT_SOURCES) \ - $(gen_files_rfc2459) \ - $(gen_files_cms) \ - $(gen_files_k5) \ - $(gen_files_pkinit) \ - $(gen_files_pkcs8) \ - $(gen_files_pkcs9) \ - $(gen_files_pkcs12) \ - $(gen_files_digest) \ - $(gen_files_kx509) \ - $(gen_files_test) $(nodist_check_gen_SOURCES) \ - rfc2459_asn1_files rfc2459_asn1.h \ - cms_asn1_files cms_asn1.h \ - krb5_asn1_files krb5_asn1.h \ - pkinit_asn1_files pkinit_asn1.h \ - pkcs8_asn1_files pkcs8_asn1.h \ - pkcs9_asn1_files pkcs9_asn1.h \ - pkcs12_asn1_files pkcs12_asn1.h \ - digest_asn1_files digest_asn1.h \ - kx509_asn1_files kx509_asn1.h \ - test_asn1_files test_asn1.h - -dist_include_HEADERS = der.h heim_asn1.h der-protos.h -nodist_include_HEADERS = asn1_err.h krb5_asn1.h pkinit_asn1.h \ - cms_asn1.h rfc2459_asn1.h pkcs8_asn1.h pkcs9_asn1.h \ - pkcs12_asn1.h digest_asn1.h kx509_asn1.h -EXTRA_DIST = \ - asn1_err.et \ - canthandle.asn1 \ - CMS.asn1 \ - digest.asn1 \ - k5.asn1 \ - kx509.asn1 \ - test.asn1 \ - setchgpw2.asn1 \ - pkcs12.asn1 \ - pkcs8.asn1 \ - pkcs9.asn1 \ - pkinit.asn1 \ - rfc2459.asn1 \ - test.gen - -all: $(BUILT_SOURCES) - $(MAKE) $(AM_MAKEFLAGS) all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .l .lo .o .obj .y -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/asn1/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/asn1/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-libLTLIBRARIES: $(lib_LTLIBRARIES) - @$(NORMAL_INSTALL) - test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ - else :; fi; \ - done - -uninstall-libLTLIBRARIES: - @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ - done - -clean-libLTLIBRARIES: - -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done -libasn1.la: $(libasn1_la_OBJECTS) $(libasn1_la_DEPENDENCIES) - $(libasn1_la_LINK) -rpath $(libdir) $(libasn1_la_OBJECTS) $(libasn1_la_LIBADD) $(LIBS) - -clean-checkPROGRAMS: - @list='$(check_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done - -clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -asn1_compile$(EXEEXT): $(asn1_compile_OBJECTS) $(asn1_compile_DEPENDENCIES) - @rm -f asn1_compile$(EXEEXT) - $(LINK) $(asn1_compile_OBJECTS) $(asn1_compile_LDADD) $(LIBS) -asn1_gen$(EXEEXT): $(asn1_gen_OBJECTS) $(asn1_gen_DEPENDENCIES) - @rm -f asn1_gen$(EXEEXT) - $(LINK) $(asn1_gen_OBJECTS) $(asn1_gen_LDADD) $(LIBS) -asn1_print$(EXEEXT): $(asn1_print_OBJECTS) $(asn1_print_DEPENDENCIES) - @rm -f asn1_print$(EXEEXT) - $(LINK) $(asn1_print_OBJECTS) $(asn1_print_LDADD) $(LIBS) -check-der$(EXEEXT): $(check_der_OBJECTS) $(check_der_DEPENDENCIES) - @rm -f check-der$(EXEEXT) - $(LINK) $(check_der_OBJECTS) $(check_der_LDADD) $(LIBS) -check-gen$(EXEEXT): $(check_gen_OBJECTS) $(check_gen_DEPENDENCIES) - @rm -f check-gen$(EXEEXT) - $(LINK) $(check_gen_OBJECTS) $(check_gen_LDADD) $(LIBS) -check-timegm$(EXEEXT): $(check_timegm_OBJECTS) $(check_timegm_DEPENDENCIES) - @rm -f check-timegm$(EXEEXT) - $(LINK) $(check_timegm_OBJECTS) $(check_timegm_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -.l.c: - $(am__skiplex) $(SHELL) $(YLWRAP) $< $(LEX_OUTPUT_ROOT).c $@ -- $(LEXCOMPILE) - -.y.c: - $(am__skipyacc) $(SHELL) $(YLWRAP) $< y.tab.c $@ y.tab.h $*.h y.output $*.output -- $(YACCCOMPILE) - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-dist_includeHEADERS: $(dist_include_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(dist_include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(dist_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(dist_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ - done - -uninstall-dist_includeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(dist_include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done -install-nodist_includeHEADERS: $(nodist_include_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(nodist_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(nodist_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ - done - -uninstall-nodist_includeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ - srcdir=$(srcdir); export srcdir; \ - list=' $(TESTS) '; \ - if test -n "$$list"; then \ - for tst in $$list; do \ - if test -f ./$$tst; then dir=./; \ - elif test -f $$tst; then dir=; \ - else dir="$(srcdir)/"; fi; \ - if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xpass=`expr $$xpass + 1`; \ - failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ - ;; \ - *) \ - echo "PASS: $$tst"; \ - ;; \ - esac; \ - elif test $$? -ne 77; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ - ;; \ - *) \ - failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ - ;; \ - esac; \ - else \ - skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ - fi; \ - else \ - if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ - else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ - fi; \ - fi; \ - dashes="$$banner"; \ - skipped=""; \ - if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ - test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$skipped"; \ - fi; \ - report=""; \ - if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ - report="Please report to $(PACKAGE_BUGREPORT)"; \ - test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$report"; \ - fi; \ - dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - test -z "$$skipped" || echo "$$skipped"; \ - test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0; \ - else :; fi - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) - $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local -check: $(BUILT_SOURCES) - $(MAKE) $(AM_MAKEFLAGS) check-am -all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local -installdirs: - for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: $(BUILT_SOURCES) - $(MAKE) $(AM_MAKEFLAGS) install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." - -rm -f lex.c - -rm -f parse.c - -rm -f parse.h - -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) -clean: clean-am - -clean-am: clean-checkPROGRAMS clean-generic clean-libLTLIBRARIES \ - clean-libtool clean-noinstPROGRAMS mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-dist_includeHEADERS \ - install-nodist_includeHEADERS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-libLTLIBRARIES - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-dist_includeHEADERS uninstall-libLTLIBRARIES \ - uninstall-nodist_includeHEADERS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \ - check-local clean clean-checkPROGRAMS clean-generic \ - clean-libLTLIBRARIES clean-libtool clean-noinstPROGRAMS ctags \ - dist-hook distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dist_includeHEADERS \ - install-dvi install-dvi-am install-exec install-exec-am \ - install-exec-hook install-html install-html-am install-info \ - install-info-am install-libLTLIBRARIES install-man \ - install-nodist_includeHEADERS install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-dist_includeHEADERS \ - uninstall-hook uninstall-libLTLIBRARIES \ - uninstall-nodist_includeHEADERS - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -$(asn1_compile_OBJECTS): parse.h parse.c $(srcdir)/der-protos.h -$(libasn1_la_OBJECTS): krb5_asn1.h asn1_err.h $(srcdir)/der-protos.h -$(check_gen_OBJECTS): test_asn1.h -$(asn1_print_OBJECTS): krb5_asn1.h - -parse.h: parse.c - -$(gen_files_k5) krb5_asn1.h: krb5_asn1_files -$(gen_files_pkinit) pkinit_asn1.h: pkinit_asn1_files -$(gen_files_pkcs8) pkcs8_asn1.h: pkcs8_asn1_files -$(gen_files_pkcs9) pkcs9_asn1.h: pkcs9_asn1_files -$(gen_files_pkcs12) pkcs12_asn1.h: pkcs12_asn1_files -$(gen_files_digest) digest_asn1.h: digest_asn1_files -$(gen_files_kx509) kx509_asn1.h: kx509_asn1_files -$(gen_files_rfc2459) rfc2459_asn1.h: rfc2459_asn1_files -$(gen_files_cms) cms_asn1.h: cms_asn1_files -$(gen_files_test) test_asn1.h: test_asn1_files - -rfc2459_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/rfc2459.asn1 - ./asn1_compile$(EXEEXT) --preserve-binary=TBSCertificate --preserve-binary=TBSCRLCertList --preserve-binary=Name --sequence=GeneralNames --sequence=Extensions --sequence=CRLDistributionPoints $(srcdir)/rfc2459.asn1 rfc2459_asn1 || (rm -f rfc2459_asn1_files ; exit 1) - -cms_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/CMS.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/CMS.asn1 cms_asn1 || (rm -f cms_asn1_files ; exit 1) - -krb5_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/k5.asn1 - ./asn1_compile$(EXEEXT) --encode-rfc1510-bit-string --sequence=KRB5SignedPathPrincipals --sequence=AuthorizationData --sequence=METHOD-DATA --sequence=ETYPE-INFO --sequence=ETYPE-INFO2 $(srcdir)/k5.asn1 krb5_asn1 || (rm -f krb5_asn1_files ; exit 1) - -pkinit_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkinit.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/pkinit.asn1 pkinit_asn1 || (rm -f pkinit_asn1_files ; exit 1) - -pkcs8_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkcs8.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/pkcs8.asn1 pkcs8_asn1 || (rm -f pkcs8_asn1_files ; exit 1) - -pkcs9_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkcs9.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/pkcs9.asn1 pkcs9_asn1 || (rm -f pkcs9_asn1_files ; exit 1) - -pkcs12_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkcs12.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/pkcs12.asn1 pkcs12_asn1 || (rm -f pkcs12_asn1_files ; exit 1) - -digest_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/digest.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/digest.asn1 digest_asn1 || (rm -f digest_asn1_files ; exit 1) - -kx509_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/kx509.asn1 - ./asn1_compile$(EXEEXT) $(srcdir)/kx509.asn1 kx509_asn1 || (rm -f kx509_asn1_files ; exit 1) - -test_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/test.asn1 - ./asn1_compile$(EXEEXT) --sequence=TESTSeqOf $(srcdir)/test.asn1 test_asn1 || (rm -f test_asn1_files ; exit 1) - -$(srcdir)/der-protos.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o der-protos.h $(dist_libasn1_la_SOURCES) || rm -f der-protos.h -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/lib/asn1/asn1-common.h b/crypto/heimdal/lib/asn1/asn1-common.h deleted file mode 100644 index 5789e0f22dfb..000000000000 --- a/crypto/heimdal/lib/asn1/asn1-common.h +++ /dev/null @@ -1,66 +0,0 @@ -/* $Id: asn1-common.h 22429 2008-01-13 10:25:50Z lha $ */ - -#include -#include - -#ifndef __asn1_common_definitions__ -#define __asn1_common_definitions__ - -typedef struct heim_integer { - size_t length; - void *data; - int negative; -} heim_integer; - -typedef struct heim_octet_string { - size_t length; - void *data; -} heim_octet_string; - -typedef char *heim_general_string; -typedef char *heim_utf8_string; -typedef char *heim_printable_string; -typedef char *heim_ia5_string; - -typedef struct heim_bmp_string { - size_t length; - uint16_t *data; -} heim_bmp_string; - -typedef struct heim_universal_string { - size_t length; - uint32_t *data; -} heim_universal_string; - -typedef char *heim_visible_string; - -typedef struct heim_oid { - size_t length; - unsigned *components; -} heim_oid; - -typedef struct heim_bit_string { - size_t length; - void *data; -} heim_bit_string; - -typedef struct heim_octet_string heim_any; -typedef struct heim_octet_string heim_any_set; - -#define ASN1_MALLOC_ENCODE(T, B, BL, S, L, R) \ - do { \ - (BL) = length_##T((S)); \ - (B) = malloc((BL)); \ - if((B) == NULL) { \ - (R) = ENOMEM; \ - } else { \ - (R) = encode_##T(((unsigned char*)(B)) + (BL) - 1, (BL), \ - (S), (L)); \ - if((R) != 0) { \ - free((B)); \ - (B) = NULL; \ - } \ - } \ - } while (0) - -#endif diff --git a/crypto/heimdal/lib/asn1/asn1_err.et b/crypto/heimdal/lib/asn1/asn1_err.et deleted file mode 100644 index c624e218e7cc..000000000000 --- a/crypto/heimdal/lib/asn1/asn1_err.et +++ /dev/null @@ -1,25 +0,0 @@ -# -# Error messages for the asn.1 library -# -# This might look like a com_err file, but is not -# -id "$Id: asn1_err.et 21394 2007-07-02 10:14:43Z lha $" - -error_table asn1 -prefix ASN1 -error_code BAD_TIMEFORMAT, "ASN.1 failed call to system time library" -error_code MISSING_FIELD, "ASN.1 structure is missing a required field" -error_code MISPLACED_FIELD, "ASN.1 unexpected field number" -error_code TYPE_MISMATCH, "ASN.1 type numbers are inconsistent" -error_code OVERFLOW, "ASN.1 value too large" -error_code OVERRUN, "ASN.1 encoding ended unexpectedly" -error_code BAD_ID, "ASN.1 identifier doesn't match expected value" -error_code BAD_LENGTH, "ASN.1 length doesn't match expected value" -error_code BAD_FORMAT, "ASN.1 badly-formatted encoding" -error_code PARSE_ERROR, "ASN.1 parse error" -error_code EXTRA_DATA, "ASN.1 extra data past end of end structure" -error_code BAD_CHARACTER, "ASN.1 invalid character in string" -error_code MIN_CONSTRAINT, "ASN.1 too few elements" -error_code MAX_CONSTRAINT, "ASN.1 too many elements" -error_code EXACT_CONSTRAINT, "ASN.1 wrong number of elements" -end diff --git a/crypto/heimdal/lib/asn1/asn1_gen.c b/crypto/heimdal/lib/asn1/asn1_gen.c deleted file mode 100644 index 65b382e6daf0..000000000000 --- a/crypto/heimdal/lib/asn1/asn1_gen.c +++ /dev/null @@ -1,187 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "der_locl.h" -#include -#include -#include -#include -#include -#include -#include - -RCSID("$Id: asn1_gen.c 16666 2006-01-30 15:06:03Z lha $"); - -static int -doit(const char *fn) -{ - char buf[2048]; - char *fnout; - const char *bname; - unsigned long line = 0; - FILE *f, *fout; - size_t offset = 0; - - f = fopen(fn, "r"); - if (f == NULL) - err(1, "fopen"); - - bname = strrchr(fn, '/'); - if (bname) - bname++; - else - bname = fn; - - asprintf(&fnout, "%s.out", bname); - if (fnout == NULL) - errx(1, "malloc"); - - fout = fopen(fnout, "w"); - if (fout == NULL) - err(1, "fopen: output file"); - - while (fgets(buf, sizeof(buf), f) != NULL) { - char *ptr, *class, *type, *tag, *length, *data, *foo; - int ret, l, c, ty, ta; - unsigned char p[6], *pdata; - size_t sz; - - line++; - - buf[strcspn(buf, "\r\n")] = '\0'; - if (buf[0] == '#' || buf[0] == '\0') - continue; - - ptr = buf; - while (isspace((unsigned char)*ptr)) - ptr++; - - class = strtok_r(ptr, " \t\n", &foo); - if (class == NULL) errx(1, "class missing on line %lu", line); - type = strtok_r(NULL, " \t\n", &foo); - if (type == NULL) errx(1, "type missing on line %lu", line); - tag = strtok_r(NULL, " \t\n", &foo); - if (tag == NULL) errx(1, "tag missing on line %lu", line); - length = strtok_r(NULL, " \t\n", &foo); - if (length == NULL) errx(1, "length missing on line %lu", line); - data = strtok_r(NULL, " \t\n", &foo); - - c = der_get_class_num(class); - if (c == -1) errx(1, "no valid class on line %lu", line); - ty = der_get_type_num(type); - if (ty == -1) errx(1, "no valid type on line %lu", line); - ta = der_get_tag_num(tag); - if (ta == -1) - ta = atoi(tag); - - l = atoi(length); - - printf("line: %3lu offset: %3lu class: %d type: %d " - "tag: %3d length: %3d %s\n", - line, (unsigned long)offset, c, ty, ta, l, - data ? "" : ""); - - ret = der_put_length_and_tag(p + sizeof(p) - 1, sizeof(p), - l, - c, - ty, - ta, - &sz); - if (ret) - errx(1, "der_put_length_and_tag: %d", ret); - - if (fwrite(p + sizeof(p) - sz , sz, 1, fout) != 1) - err(1, "fwrite length/tag failed"); - offset += sz; - - if (data) { - size_t datalen; - - datalen = strlen(data) / 2; - pdata = emalloc(sz); - - if (hex_decode(data, pdata, datalen) != datalen) - errx(1, "failed to decode data"); - - if (fwrite(pdata, datalen, 1, fout) != 1) - err(1, "fwrite data failed"); - offset += datalen; - - free(pdata); - } - } - printf("line: eof offset: %lu\n", (unsigned long)offset); - - fclose(fout); - fclose(f); - return 0; -} - - -static int version_flag; -static int help_flag; -struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; -int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage(int code) -{ - arg_printusage(args, num_args, NULL, "parse-file"); - exit(code); -} - -int -main(int argc, char **argv) -{ - int optidx = 0; - - setprogname (argv[0]); - - if(getarg(args, num_args, argc, argv, &optidx)) - usage(1); - if(help_flag) - usage(0); - if(version_flag) { - print_version(NULL); - exit(0); - } - argv += optidx; - argc -= optidx; - if (argc != 1) - usage (1); - - return doit (argv[0]); -} diff --git a/crypto/heimdal/lib/asn1/asn1_print.c b/crypto/heimdal/lib/asn1/asn1_print.c deleted file mode 100644 index e00bf10c80f4..000000000000 --- a/crypto/heimdal/lib/asn1/asn1_print.c +++ /dev/null @@ -1,304 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "der_locl.h" -#include -#include -#include -#include -#include -#include - -RCSID("$Id: asn1_print.c 19539 2006-12-28 17:15:05Z lha $"); - -static int indent_flag = 1; - -static unsigned long indefinite_form_loop; -static unsigned long indefinite_form_loop_max = 10000; - -static size_t -loop (unsigned char *buf, size_t len, int indent) -{ - unsigned char *start_buf = buf; - - while (len > 0) { - int ret; - Der_class class; - Der_type type; - unsigned int tag; - size_t sz; - size_t length; - size_t loop_length = 0; - int end_tag = 0; - const char *tagname; - - ret = der_get_tag (buf, len, &class, &type, &tag, &sz); - if (ret) - errx (1, "der_get_tag: %s", error_message (ret)); - if (sz > len) - errx (1, "unreasonable length (%u) > %u", - (unsigned)sz, (unsigned)len); - buf += sz; - len -= sz; - if (indent_flag) { - int i; - for (i = 0; i < indent; ++i) - printf (" "); - } - printf ("%s %s ", der_get_class_name(class), der_get_type_name(type)); - tagname = der_get_tag_name(tag); - if (class == ASN1_C_UNIV && tagname != NULL) - printf ("%s = ", tagname); - else - printf ("tag %d = ", tag); - ret = der_get_length (buf, len, &length, &sz); - if (ret) - errx (1, "der_get_tag: %s", error_message (ret)); - if (sz > len) - errx (1, "unreasonable tag length (%u) > %u", - (unsigned)sz, (unsigned)len); - buf += sz; - len -= sz; - if (length == ASN1_INDEFINITE) { - if ((class == ASN1_C_UNIV && type == PRIM && tag == UT_OctetString) || - (class == ASN1_C_CONTEXT && type == CONS) || - (class == ASN1_C_UNIV && type == CONS && tag == UT_Sequence) || - (class == ASN1_C_UNIV && type == CONS && tag == UT_Set)) { - printf("*INDEFINITE FORM*"); - } else { - fflush(stdout); - errx(1, "indef form used on unsupported object"); - } - end_tag = 1; - if (indefinite_form_loop > indefinite_form_loop_max) - errx(1, "indefinite form used recursively more then %lu " - "times, aborting", indefinite_form_loop_max); - indefinite_form_loop++; - length = len; - } else if (length > len) { - printf("\n"); - fflush(stdout); - errx (1, "unreasonable inner length (%u) > %u", - (unsigned)length, (unsigned)len); - } - if (class == ASN1_C_CONTEXT || class == ASN1_C_APPL) { - printf ("%lu bytes [%u]", (unsigned long)length, tag); - if (type == CONS) { - printf("\n"); - loop_length = loop (buf, length, indent + 2); - } else { - printf(" IMPLICIT content\n"); - } - } else if (class == ASN1_C_UNIV) { - switch (tag) { - case UT_EndOfContent: - printf (" INDEFINITE length was %lu\n", - (unsigned long)(buf - start_buf)); - break; - case UT_Set : - case UT_Sequence : - printf ("%lu bytes {\n", (unsigned long)length); - loop_length = loop (buf, length, indent + 2); - if (indent_flag) { - int i; - for (i = 0; i < indent; ++i) - printf (" "); - printf ("}\n"); - } else - printf ("} indent = %d\n", indent / 2); - break; - case UT_Integer : { - int val; - - if (length <= sizeof(val)) { - ret = der_get_integer (buf, length, &val, NULL); - if (ret) - errx (1, "der_get_integer: %s", error_message (ret)); - printf ("integer %d\n", val); - } else { - heim_integer vali; - char *p; - - ret = der_get_heim_integer(buf, length, &vali, NULL); - if (ret) - errx (1, "der_get_heim_integer: %s", - error_message (ret)); - ret = der_print_hex_heim_integer(&vali, &p); - if (ret) - errx (1, "der_print_hex_heim_integer: %s", - error_message (ret)); - printf ("BIG NUM integer: length %lu %s\n", - (unsigned long)length, p); - free(p); - } - break; - } - case UT_OctetString : { - heim_octet_string str; - int i; - unsigned char *uc; - - ret = der_get_octet_string (buf, length, &str, NULL); - if (ret) - errx (1, "der_get_octet_string: %s", error_message (ret)); - printf ("(length %lu), ", (unsigned long)length); - uc = (unsigned char *)str.data; - for (i = 0; i < min(16,length); ++i) - printf ("%02x", uc[i]); - printf ("\n"); - free (str.data); - break; - } - case UT_GeneralizedTime : - case UT_GeneralString : - case UT_PrintableString : - case UT_VisibleString : { - heim_general_string str; - - ret = der_get_general_string (buf, length, &str, NULL); - if (ret) - errx (1, "der_get_general_string: %s", - error_message (ret)); - printf ("\"%s\"\n", str); - free (str); - break; - } - case UT_OID: { - heim_oid o; - char *p; - - ret = der_get_oid(buf, length, &o, NULL); - if (ret) - errx (1, "der_get_oid: %s", error_message (ret)); - ret = der_print_heim_oid(&o, '.', &p); - der_free_oid(&o); - if (ret) - errx (1, "der_print_heim_oid: %s", error_message (ret)); - printf("%s\n", p); - free(p); - - break; - } - case UT_Enumerated: { - int num; - - ret = der_get_integer (buf, length, &num, NULL); - if (ret) - errx (1, "der_get_enum: %s", error_message (ret)); - - printf("%u\n", num); - break; - } - default : - printf ("%lu bytes\n", (unsigned long)length); - break; - } - } - if (end_tag) { - if (loop_length == 0) - errx(1, "zero length INDEFINITE data ? indent = %d\n", - indent / 2); - if (loop_length < length) - length = loop_length; - if (indefinite_form_loop == 0) - errx(1, "internal error in indefinite form loop detection"); - indefinite_form_loop--; - } else if (loop_length) - errx(1, "internal error for INDEFINITE form"); - buf += length; - len -= length; - } - return 0; -} - -static int -doit (const char *filename) -{ - int fd = open (filename, O_RDONLY); - struct stat sb; - unsigned char *buf; - size_t len; - int ret; - - if(fd < 0) - err (1, "opening %s for read", filename); - if (fstat (fd, &sb) < 0) - err (1, "stat %s", filename); - len = sb.st_size; - buf = emalloc (len); - if (read (fd, buf, len) != len) - errx (1, "read failed"); - close (fd); - ret = loop (buf, len, 0); - free (buf); - return 0; -} - - -static int version_flag; -static int help_flag; -struct getargs args[] = { - { "indent", 0, arg_negative_flag, &indent_flag }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; -int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage(int code) -{ - arg_printusage(args, num_args, NULL, "dump-file"); - exit(code); -} - -int -main(int argc, char **argv) -{ - int optidx = 0; - - setprogname (argv[0]); - initialize_asn1_error_table (); - if(getarg(args, num_args, argc, argv, &optidx)) - usage(1); - if(help_flag) - usage(0); - if(version_flag) { - print_version(NULL); - exit(0); - } - argv += optidx; - argc -= optidx; - if (argc != 1) - usage (1); - return doit (argv[0]); -} diff --git a/crypto/heimdal/lib/asn1/asn1_queue.h b/crypto/heimdal/lib/asn1/asn1_queue.h deleted file mode 100644 index 3659b3859d0d..000000000000 --- a/crypto/heimdal/lib/asn1/asn1_queue.h +++ /dev/null @@ -1,167 +0,0 @@ -/* $NetBSD: queue.h,v 1.38 2004/04/18 14:12:05 lukem Exp $ */ -/* $Id: asn1_queue.h 15617 2005-07-12 06:27:42Z lha $ */ - -/* - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)queue.h 8.5 (Berkeley) 8/20/94 - */ - -#ifndef _ASN1_QUEUE_H_ -#define _ASN1_QUEUE_H_ - -/* - * Tail queue definitions. - */ -#define ASN1_TAILQ_HEAD(name, type) \ -struct name { \ - struct type *tqh_first; /* first element */ \ - struct type **tqh_last; /* addr of last next element */ \ -} - -#define ASN1_TAILQ_HEAD_INITIALIZER(head) \ - { NULL, &(head).tqh_first } -#define ASN1_TAILQ_ENTRY(type) \ -struct { \ - struct type *tqe_next; /* next element */ \ - struct type **tqe_prev; /* address of previous next element */ \ -} - -/* - * Tail queue functions. - */ -#if defined(_KERNEL) && defined(QUEUEDEBUG) -#define QUEUEDEBUG_ASN1_TAILQ_INSERT_HEAD(head, elm, field) \ - if ((head)->tqh_first && \ - (head)->tqh_first->field.tqe_prev != &(head)->tqh_first) \ - panic("ASN1_TAILQ_INSERT_HEAD %p %s:%d", (head), __FILE__, __LINE__); -#define QUEUEDEBUG_ASN1_TAILQ_INSERT_TAIL(head, elm, field) \ - if (*(head)->tqh_last != NULL) \ - panic("ASN1_TAILQ_INSERT_TAIL %p %s:%d", (head), __FILE__, __LINE__); -#define QUEUEDEBUG_ASN1_TAILQ_OP(elm, field) \ - if ((elm)->field.tqe_next && \ - (elm)->field.tqe_next->field.tqe_prev != \ - &(elm)->field.tqe_next) \ - panic("ASN1_TAILQ_* forw %p %s:%d", (elm), __FILE__, __LINE__);\ - if (*(elm)->field.tqe_prev != (elm)) \ - panic("ASN1_TAILQ_* back %p %s:%d", (elm), __FILE__, __LINE__); -#define QUEUEDEBUG_ASN1_TAILQ_PREREMOVE(head, elm, field) \ - if ((elm)->field.tqe_next == NULL && \ - (head)->tqh_last != &(elm)->field.tqe_next) \ - panic("ASN1_TAILQ_PREREMOVE head %p elm %p %s:%d", \ - (head), (elm), __FILE__, __LINE__); -#define QUEUEDEBUG_ASN1_TAILQ_POSTREMOVE(elm, field) \ - (elm)->field.tqe_next = (void *)1L; \ - (elm)->field.tqe_prev = (void *)1L; -#else -#define QUEUEDEBUG_ASN1_TAILQ_INSERT_HEAD(head, elm, field) -#define QUEUEDEBUG_ASN1_TAILQ_INSERT_TAIL(head, elm, field) -#define QUEUEDEBUG_ASN1_TAILQ_OP(elm, field) -#define QUEUEDEBUG_ASN1_TAILQ_PREREMOVE(head, elm, field) -#define QUEUEDEBUG_ASN1_TAILQ_POSTREMOVE(elm, field) -#endif - -#define ASN1_TAILQ_INIT(head) do { \ - (head)->tqh_first = NULL; \ - (head)->tqh_last = &(head)->tqh_first; \ -} while (/*CONSTCOND*/0) - -#define ASN1_TAILQ_INSERT_HEAD(head, elm, field) do { \ - QUEUEDEBUG_ASN1_TAILQ_INSERT_HEAD((head), (elm), field) \ - if (((elm)->field.tqe_next = (head)->tqh_first) != NULL) \ - (head)->tqh_first->field.tqe_prev = \ - &(elm)->field.tqe_next; \ - else \ - (head)->tqh_last = &(elm)->field.tqe_next; \ - (head)->tqh_first = (elm); \ - (elm)->field.tqe_prev = &(head)->tqh_first; \ -} while (/*CONSTCOND*/0) - -#define ASN1_TAILQ_INSERT_TAIL(head, elm, field) do { \ - QUEUEDEBUG_ASN1_TAILQ_INSERT_TAIL((head), (elm), field) \ - (elm)->field.tqe_next = NULL; \ - (elm)->field.tqe_prev = (head)->tqh_last; \ - *(head)->tqh_last = (elm); \ - (head)->tqh_last = &(elm)->field.tqe_next; \ -} while (/*CONSTCOND*/0) - -#define ASN1_TAILQ_INSERT_AFTER(head, listelm, elm, field) do { \ - QUEUEDEBUG_ASN1_TAILQ_OP((listelm), field) \ - if (((elm)->field.tqe_next = (listelm)->field.tqe_next) != NULL)\ - (elm)->field.tqe_next->field.tqe_prev = \ - &(elm)->field.tqe_next; \ - else \ - (head)->tqh_last = &(elm)->field.tqe_next; \ - (listelm)->field.tqe_next = (elm); \ - (elm)->field.tqe_prev = &(listelm)->field.tqe_next; \ -} while (/*CONSTCOND*/0) - -#define ASN1_TAILQ_INSERT_BEFORE(listelm, elm, field) do { \ - QUEUEDEBUG_ASN1_TAILQ_OP((listelm), field) \ - (elm)->field.tqe_prev = (listelm)->field.tqe_prev; \ - (elm)->field.tqe_next = (listelm); \ - *(listelm)->field.tqe_prev = (elm); \ - (listelm)->field.tqe_prev = &(elm)->field.tqe_next; \ -} while (/*CONSTCOND*/0) - -#define ASN1_TAILQ_REMOVE(head, elm, field) do { \ - QUEUEDEBUG_ASN1_TAILQ_PREREMOVE((head), (elm), field) \ - QUEUEDEBUG_ASN1_TAILQ_OP((elm), field) \ - if (((elm)->field.tqe_next) != NULL) \ - (elm)->field.tqe_next->field.tqe_prev = \ - (elm)->field.tqe_prev; \ - else \ - (head)->tqh_last = (elm)->field.tqe_prev; \ - *(elm)->field.tqe_prev = (elm)->field.tqe_next; \ - QUEUEDEBUG_ASN1_TAILQ_POSTREMOVE((elm), field); \ -} while (/*CONSTCOND*/0) - -#define ASN1_TAILQ_FOREACH(var, head, field) \ - for ((var) = ((head)->tqh_first); \ - (var); \ - (var) = ((var)->field.tqe_next)) - -#define ASN1_TAILQ_FOREACH_REVERSE(var, head, headname, field) \ - for ((var) = (*(((struct headname *)((head)->tqh_last))->tqh_last)); \ - (var); \ - (var) = (*(((struct headname *)((var)->field.tqe_prev))->tqh_last))) - -/* - * Tail queue access methods. - */ -#define ASN1_TAILQ_EMPTY(head) ((head)->tqh_first == NULL) -#define ASN1_TAILQ_FIRST(head) ((head)->tqh_first) -#define ASN1_TAILQ_NEXT(elm, field) ((elm)->field.tqe_next) - -#define ASN1_TAILQ_LAST(head, headname) \ - (*(((struct headname *)((head)->tqh_last))->tqh_last)) -#define ASN1_TAILQ_PREV(elm, headname, field) \ - (*(((struct headname *)((elm)->field.tqe_prev))->tqh_last)) - - -#endif /* !_ASN1_QUEUE_H_ */ diff --git a/crypto/heimdal/lib/asn1/canthandle.asn1 b/crypto/heimdal/lib/asn1/canthandle.asn1 deleted file mode 100644 index 5ba3e3880c2e..000000000000 --- a/crypto/heimdal/lib/asn1/canthandle.asn1 +++ /dev/null @@ -1,34 +0,0 @@ --- $Id: canthandle.asn1 22071 2007-11-14 20:04:50Z lha $ -- - -CANTHANDLE DEFINITIONS ::= BEGIN - --- Code the tag [1] but not the [ CONTEXT CONS UT_Sequence ] for Kaka2 --- Workaround: use inline the structure directly --- Code the tag [2] but it should be primitive since KAKA3 is --- Workaround: use the INTEGER type directly - -Kaka2 ::= SEQUENCE { - kaka2-1 [0] INTEGER -} - -Kaka3 ::= INTEGER - -Foo ::= SEQUENCE { - kaka1 [0] IMPLICIT INTEGER OPTIONAL, - kaka2 [1] IMPLICIT Kaka2 OPTIONAL, - kaka3 [2] IMPLICIT Kaka3 OPTIONAL -} - --- Don't code kaka if it's 1 --- Workaround is to use OPTIONAL and check for in the encoder stubs - -Bar ::= SEQUENCE { - kaka [0] INTEGER DEFAULT 1 -} - --- Can't handle primitives in SET OF --- Workaround is to define a type that is only an integer and use that - -Baz ::= SET OF INTEGER - -END diff --git a/crypto/heimdal/lib/asn1/check-common.c b/crypto/heimdal/lib/asn1/check-common.c deleted file mode 100644 index adf95f6a9f63..000000000000 --- a/crypto/heimdal/lib/asn1/check-common.c +++ /dev/null @@ -1,376 +0,0 @@ -/* - * Copyright (c) 1999 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#ifdef HAVE_SYS_MMAN_H -#include -#endif -#include -#include -#include -#include - -#include "check-common.h" - -RCSID("$Id: check-common.c 18751 2006-10-21 14:49:13Z lha $"); - -struct map_page { - void *start; - size_t size; - void *data_start; - size_t data_size; - enum map_type type; -}; - -/* #undef HAVE_MMAP */ - -void * -map_alloc(enum map_type type, const void *buf, - size_t size, struct map_page **map) -{ -#ifndef HAVE_MMAP - unsigned char *p; - size_t len = size + sizeof(long) * 2; - int i; - - *map = ecalloc(1, sizeof(**map)); - - p = emalloc(len); - (*map)->type = type; - (*map)->start = p; - (*map)->size = len; - (*map)->data_start = p + sizeof(long); - for (i = sizeof(long); i > 0; i--) - p[sizeof(long) - i] = 0xff - i; - for (i = sizeof(long); i > 0; i--) - p[len - i] = 0xff - i; -#else - unsigned char *p; - int flags, ret, fd; - size_t pagesize = getpagesize(); - - *map = ecalloc(1, sizeof(**map)); - - (*map)->type = type; - -#ifdef MAP_ANON - flags = MAP_ANON; - fd = -1; -#else - flags = 0; - fd = open ("/dev/zero", O_RDONLY); - if(fd < 0) - err (1, "open /dev/zero"); -#endif - flags |= MAP_PRIVATE; - - (*map)->size = size + pagesize - (size % pagesize) + pagesize * 2; - - p = (unsigned char *)mmap(0, (*map)->size, PROT_READ | PROT_WRITE, - flags, fd, 0); - if (p == (unsigned char *)MAP_FAILED) - err (1, "mmap"); - - (*map)->start = p; - - ret = mprotect (p, pagesize, 0); - if (ret < 0) - err (1, "mprotect"); - - ret = mprotect (p + (*map)->size - pagesize, pagesize, 0); - if (ret < 0) - err (1, "mprotect"); - - switch (type) { - case OVERRUN: - (*map)->data_start = p + (*map)->size - pagesize - size; - break; - case UNDERRUN: - (*map)->data_start = p + pagesize; - break; - default: - abort(); - } -#endif - (*map)->data_size = size; - if (buf) - memcpy((*map)->data_start, buf, size); - return (*map)->data_start; -} - -void -map_free(struct map_page *map, const char *test_name, const char *map_name) -{ -#ifndef HAVE_MMAP - unsigned char *p = map->start; - int i; - - for (i = sizeof(long); i > 0; i--) - if (p[sizeof(long) - i] != 0xff - i) - errx(1, "%s: %s underrun %d\n", test_name, map_name, i); - for (i = sizeof(long); i > 0; i--) - if (p[map->size - i] != 0xff - i) - errx(1, "%s: %s overrun %lu\n", test_name, map_name, - (unsigned long)map->size - i); - free(map->start); -#else - int ret; - - ret = munmap (map->start, map->size); - if (ret < 0) - err (1, "munmap"); -#endif - free(map); -} - -static void -print_bytes (unsigned const char *buf, size_t len) -{ - int i; - - for (i = 0; i < len; ++i) - printf ("%02x ", buf[i]); -} - -#ifndef MAP_FAILED -#define MAP_FAILED (-1) -#endif - -static char *current_test = ""; -static char *current_state = ""; - -static RETSIGTYPE -segv_handler(int sig) -{ - int fd; - char msg[] = "SIGSEGV i current test: "; - - fd = open("/dev/stdout", O_WRONLY, 0600); - if (fd >= 0) { - write(fd, msg, sizeof(msg)); - write(fd, current_test, strlen(current_test)); - write(fd, " ", 1); - write(fd, current_state, strlen(current_state)); - write(fd, "\n", 1); - close(fd); - } - _exit(1); -} - -int -generic_test (const struct test_case *tests, - unsigned ntests, - size_t data_size, - int (*encode)(unsigned char *, size_t, void *, size_t *), - int (*length)(void *), - int (*decode)(unsigned char *, size_t, void *, size_t *), - int (*free_data)(void *), - int (*cmp)(void *a, void *b)) -{ - unsigned char *buf, *buf2; - int i; - int failures = 0; - void *data; - struct map_page *data_map, *buf_map, *buf2_map; - - struct sigaction sa, osa; - - for (i = 0; i < ntests; ++i) { - int ret; - size_t sz, consumed_sz, length_sz, buf_sz; - - current_test = tests[i].name; - - current_state = "init"; - - sigemptyset (&sa.sa_mask); - sa.sa_flags = 0; -#ifdef SA_RESETHAND - sa.sa_flags |= SA_RESETHAND; -#endif - sa.sa_handler = segv_handler; - sigaction (SIGSEGV, &sa, &osa); - - data = map_alloc(OVERRUN, NULL, data_size, &data_map); - - buf_sz = tests[i].byte_len; - buf = map_alloc(UNDERRUN, NULL, buf_sz, &buf_map); - - current_state = "encode"; - ret = (*encode) (buf + buf_sz - 1, buf_sz, - tests[i].val, &sz); - if (ret != 0) { - printf ("encoding of %s failed %d\n", tests[i].name, ret); - ++failures; - continue; - } - if (sz != tests[i].byte_len) { - printf ("encoding of %s has wrong len (%lu != %lu)\n", - tests[i].name, - (unsigned long)sz, (unsigned long)tests[i].byte_len); - ++failures; - continue; - } - - current_state = "length"; - length_sz = (*length) (tests[i].val); - if (sz != length_sz) { - printf ("length for %s is bad (%lu != %lu)\n", - tests[i].name, (unsigned long)length_sz, (unsigned long)sz); - ++failures; - continue; - } - - current_state = "memcmp"; - if (memcmp (buf, tests[i].bytes, tests[i].byte_len) != 0) { - printf ("encoding of %s has bad bytes:\n" - "correct: ", tests[i].name); - print_bytes ((unsigned char *)tests[i].bytes, tests[i].byte_len); - printf ("\nactual: "); - print_bytes (buf, sz); - printf ("\n"); - ++failures; - continue; - } - - buf2 = map_alloc(OVERRUN, buf, sz, &buf2_map); - - current_state = "decode"; - ret = (*decode) (buf2, sz, data, &consumed_sz); - if (ret != 0) { - printf ("decoding of %s failed %d\n", tests[i].name, ret); - ++failures; - continue; - } - if (sz != consumed_sz) { - printf ("different length decoding %s (%ld != %ld)\n", - tests[i].name, - (unsigned long)sz, (unsigned long)consumed_sz); - ++failures; - continue; - } - current_state = "cmp"; - if ((*cmp)(data, tests[i].val) != 0) { - printf ("%s: comparison failed\n", tests[i].name); - ++failures; - continue; - } - current_state = "free"; - if (free_data) - (*free_data)(data); - - current_state = "free"; - map_free(buf_map, tests[i].name, "encode"); - map_free(buf2_map, tests[i].name, "decode"); - map_free(data_map, tests[i].name, "data"); - - sigaction (SIGSEGV, &osa, NULL); - } - current_state = "done"; - return failures; -} - -/* - * check for failures - * - * a test size (byte_len) of -1 means that the test tries to trigger a - * integer overflow (and later a malloc of to little memory), just - * allocate some memory and hope that is enough for that test. - */ - -int -generic_decode_fail (const struct test_case *tests, - unsigned ntests, - size_t data_size, - int (*decode)(unsigned char *, size_t, void *, size_t *)) -{ - unsigned char *buf; - int i; - int failures = 0; - void *data; - struct map_page *data_map, *buf_map; - - struct sigaction sa, osa; - - for (i = 0; i < ntests; ++i) { - int ret; - size_t sz; - const void *bytes; - - current_test = tests[i].name; - - current_state = "init"; - - sigemptyset (&sa.sa_mask); - sa.sa_flags = 0; -#ifdef SA_RESETHAND - sa.sa_flags |= SA_RESETHAND; -#endif - sa.sa_handler = segv_handler; - sigaction (SIGSEGV, &sa, &osa); - - data = map_alloc(OVERRUN, NULL, data_size, &data_map); - - if (tests[i].byte_len < 0xffffff && tests[i].byte_len >= 0) { - sz = tests[i].byte_len; - bytes = tests[i].bytes; - } else { - sz = 4096; - bytes = NULL; - } - - buf = map_alloc(OVERRUN, bytes, sz, &buf_map); - - if (tests[i].byte_len == -1) - memset(buf, 0, sz); - - current_state = "decode"; - ret = (*decode) (buf, tests[i].byte_len, data, &sz); - if (ret == 0) { - printf ("sucessfully decoded %s\n", tests[i].name); - ++failures; - continue; - } - - current_state = "free"; - if (buf) - map_free(buf_map, tests[i].name, "encode"); - map_free(data_map, tests[i].name, "data"); - - sigaction (SIGSEGV, &osa, NULL); - } - current_state = "done"; - return failures; -} diff --git a/crypto/heimdal/lib/asn1/check-common.h b/crypto/heimdal/lib/asn1/check-common.h deleted file mode 100644 index b1cb647e6ab6..000000000000 --- a/crypto/heimdal/lib/asn1/check-common.h +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright (c) 1999 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -struct test_case { - void *val; - int byte_len; - const char *bytes; - char *name; -}; - -typedef int (*generic_encode)(unsigned char *, size_t, void *, size_t *); -typedef int (*generic_length)(void *); -typedef int (*generic_decode)(unsigned char *, size_t, void *, size_t *); -typedef int (*generic_free)(void *); - -int -generic_test (const struct test_case *tests, - unsigned ntests, - size_t data_size, - int (*encode)(unsigned char *, size_t, void *, size_t *), - int (*length)(void *), - int (*decode)(unsigned char *, size_t, void *, size_t *), - int (*free_data)(void *), - int (*cmp)(void *a, void *b)); - -int -generic_decode_fail(const struct test_case *tests, - unsigned ntests, - size_t data_size, - int (*decode)(unsigned char *, size_t, void *, size_t *)); - - -struct map_page; - -enum map_type { OVERRUN, UNDERRUN }; - -struct map_page; - -void * map_alloc(enum map_type, const void *, size_t, struct map_page **); -void map_free(struct map_page *, const char *, const char *); diff --git a/crypto/heimdal/lib/asn1/check-der.c b/crypto/heimdal/lib/asn1/check-der.c deleted file mode 100644 index 9ba260145e1d..000000000000 --- a/crypto/heimdal/lib/asn1/check-der.c +++ /dev/null @@ -1,1089 +0,0 @@ -/* - * Copyright (c) 1999 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "der_locl.h" -#include -#include - -#include -#include -#include - -#include "check-common.h" - -RCSID("$Id: check-der.c 21359 2007-06-27 08:15:41Z lha $"); - -static int -cmp_integer (void *a, void *b) -{ - int *ia = (int *)a; - int *ib = (int *)b; - - return *ib - *ia; -} - -static int -test_integer (void) -{ - struct test_case tests[] = { - {NULL, 1, "\x00"}, - {NULL, 1, "\x7f"}, - {NULL, 2, "\x00\x80"}, - {NULL, 2, "\x01\x00"}, - {NULL, 1, "\x80"}, - {NULL, 2, "\xff\x7f"}, - {NULL, 1, "\xff"}, - {NULL, 2, "\xff\x01"}, - {NULL, 2, "\x00\xff"}, - {NULL, 4, "\x7f\xff\xff\xff"} - }; - - int values[] = {0, 127, 128, 256, -128, -129, -1, -255, 255, - 0x7fffffff}; - int i, ret; - int ntests = sizeof(tests) / sizeof(*tests); - - for (i = 0; i < ntests; ++i) { - tests[i].val = &values[i]; - asprintf (&tests[i].name, "integer %d", values[i]); - if (tests[i].name == NULL) - errx(1, "malloc"); - } - - ret = generic_test (tests, ntests, sizeof(int), - (generic_encode)der_put_integer, - (generic_length) der_length_integer, - (generic_decode)der_get_integer, - (generic_free)NULL, - cmp_integer); - - for (i = 0; i < ntests; ++i) - free (tests[i].name); - return ret; -} - -static int -test_one_int(int val) -{ - int ret, dval; - unsigned char *buf; - size_t len_len, len; - - len = _heim_len_int(val); - - buf = emalloc(len + 2); - - buf[0] = '\xff'; - buf[len + 1] = '\xff'; - memset(buf + 1, 0, len); - - ret = der_put_integer(buf + 1 + len - 1, len, &val, &len_len); - if (ret) { - printf("integer %d encode failed %d\n", val, ret); - return 1; - } - if (len != len_len) { - printf("integer %d encode fail with %d len %lu, result len %lu\n", - val, ret, (unsigned long)len, (unsigned long)len_len); - return 1; - } - - ret = der_get_integer(buf + 1, len, &dval, &len_len); - if (ret) { - printf("integer %d decode failed %d\n", val, ret); - return 1; - } - if (len != len_len) { - printf("integer %d decoded diffrent len %lu != %lu", - val, (unsigned long)len, (unsigned long)len_len); - return 1; - } - if (val != dval) { - printf("decode decoded to diffrent value %d != %d", - val, dval); - return 1; - } - - if (buf[0] != (unsigned char)'\xff') { - printf("precanary dead %d\n", val); - return 1; - } - if (buf[len + 1] != (unsigned char)'\xff') { - printf("postecanary dead %d\n", val); - return 1; - } - free(buf); - return 0; -} - -static int -test_integer_more (void) -{ - int i, n1, n2, n3, n4, n5, n6; - - n2 = 0; - for (i = 0; i < (sizeof(int) * 8); i++) { - n1 = 0x01 << i; - n2 = n2 | n1; - n3 = ~n1; - n4 = ~n2; - n5 = (-1) & ~(0x3f << i); - n6 = (-1) & ~(0x7f << i); - - test_one_int(n1); - test_one_int(n2); - test_one_int(n3); - test_one_int(n4); - test_one_int(n5); - test_one_int(n6); - } - return 0; -} - -static int -cmp_unsigned (void *a, void *b) -{ - return *(unsigned int*)b - *(unsigned int*)a; -} - -static int -test_unsigned (void) -{ - struct test_case tests[] = { - {NULL, 1, "\x00"}, - {NULL, 1, "\x7f"}, - {NULL, 2, "\x00\x80"}, - {NULL, 2, "\x01\x00"}, - {NULL, 2, "\x02\x00"}, - {NULL, 3, "\x00\x80\x00"}, - {NULL, 5, "\x00\x80\x00\x00\x00"}, - {NULL, 4, "\x7f\xff\xff\xff"} - }; - - unsigned int values[] = {0, 127, 128, 256, 512, 32768, - 0x80000000, 0x7fffffff}; - int i, ret; - int ntests = sizeof(tests) / sizeof(*tests); - - for (i = 0; i < ntests; ++i) { - tests[i].val = &values[i]; - asprintf (&tests[i].name, "unsigned %u", values[i]); - if (tests[i].name == NULL) - errx(1, "malloc"); - } - - ret = generic_test (tests, ntests, sizeof(int), - (generic_encode)der_put_unsigned, - (generic_length)der_length_unsigned, - (generic_decode)der_get_unsigned, - (generic_free)NULL, - cmp_unsigned); - for (i = 0; i < ntests; ++i) - free (tests[i].name); - return ret; -} - -static int -cmp_octet_string (void *a, void *b) -{ - heim_octet_string *oa = (heim_octet_string *)a; - heim_octet_string *ob = (heim_octet_string *)b; - - if (oa->length != ob->length) - return ob->length - oa->length; - - return (memcmp (oa->data, ob->data, oa->length)); -} - -static int -test_octet_string (void) -{ - heim_octet_string s1 = {8, "\x01\x23\x45\x67\x89\xab\xcd\xef"}; - - struct test_case tests[] = { - {NULL, 8, "\x01\x23\x45\x67\x89\xab\xcd\xef"} - }; - int ntests = sizeof(tests) / sizeof(*tests); - int ret; - - tests[0].val = &s1; - asprintf (&tests[0].name, "a octet string"); - if (tests[0].name == NULL) - errx(1, "malloc"); - - ret = generic_test (tests, ntests, sizeof(heim_octet_string), - (generic_encode)der_put_octet_string, - (generic_length)der_length_octet_string, - (generic_decode)der_get_octet_string, - (generic_free)der_free_octet_string, - cmp_octet_string); - free(tests[0].name); - return ret; -} - -static int -cmp_bmp_string (void *a, void *b) -{ - heim_bmp_string *oa = (heim_bmp_string *)a; - heim_bmp_string *ob = (heim_bmp_string *)b; - - return der_heim_bmp_string_cmp(oa, ob); -} - -static uint16_t bmp_d1[] = { 32 }; -static uint16_t bmp_d2[] = { 32, 32 }; - -static int -test_bmp_string (void) -{ - heim_bmp_string s1 = { 1, bmp_d1 }; - heim_bmp_string s2 = { 2, bmp_d2 }; - - struct test_case tests[] = { - {NULL, 2, "\x00\x20"}, - {NULL, 4, "\x00\x20\x00\x20"} - }; - int ntests = sizeof(tests) / sizeof(*tests); - int ret; - - tests[0].val = &s1; - asprintf (&tests[0].name, "a bmp string"); - if (tests[0].name == NULL) - errx(1, "malloc"); - tests[1].val = &s2; - asprintf (&tests[1].name, "second bmp string"); - if (tests[1].name == NULL) - errx(1, "malloc"); - - ret = generic_test (tests, ntests, sizeof(heim_bmp_string), - (generic_encode)der_put_bmp_string, - (generic_length)der_length_bmp_string, - (generic_decode)der_get_bmp_string, - (generic_free)der_free_bmp_string, - cmp_bmp_string); - free(tests[0].name); - free(tests[1].name); - return ret; -} - -static int -cmp_universal_string (void *a, void *b) -{ - heim_universal_string *oa = (heim_universal_string *)a; - heim_universal_string *ob = (heim_universal_string *)b; - - return der_heim_universal_string_cmp(oa, ob); -} - -static uint32_t universal_d1[] = { 32 }; -static uint32_t universal_d2[] = { 32, 32 }; - -static int -test_universal_string (void) -{ - heim_universal_string s1 = { 1, universal_d1 }; - heim_universal_string s2 = { 2, universal_d2 }; - - struct test_case tests[] = { - {NULL, 4, "\x00\x00\x00\x20"}, - {NULL, 8, "\x00\x00\x00\x20\x00\x00\x00\x20"} - }; - int ntests = sizeof(tests) / sizeof(*tests); - int ret; - - tests[0].val = &s1; - asprintf (&tests[0].name, "a universal string"); - if (tests[0].name == NULL) - errx(1, "malloc"); - tests[1].val = &s2; - asprintf (&tests[1].name, "second universal string"); - if (tests[1].name == NULL) - errx(1, "malloc"); - - ret = generic_test (tests, ntests, sizeof(heim_universal_string), - (generic_encode)der_put_universal_string, - (generic_length)der_length_universal_string, - (generic_decode)der_get_universal_string, - (generic_free)der_free_universal_string, - cmp_universal_string); - free(tests[0].name); - free(tests[1].name); - return ret; -} - -static int -cmp_general_string (void *a, void *b) -{ - char **sa = (char **)a; - char **sb = (char **)b; - - return strcmp (*sa, *sb); -} - -static int -test_general_string (void) -{ - char *s1 = "Test User 1"; - - struct test_case tests[] = { - {NULL, 11, "\x54\x65\x73\x74\x20\x55\x73\x65\x72\x20\x31"} - }; - int ret, ntests = sizeof(tests) / sizeof(*tests); - - tests[0].val = &s1; - asprintf (&tests[0].name, "the string \"%s\"", s1); - if (tests[0].name == NULL) - errx(1, "malloc"); - - ret = generic_test (tests, ntests, sizeof(unsigned char *), - (generic_encode)der_put_general_string, - (generic_length)der_length_general_string, - (generic_decode)der_get_general_string, - (generic_free)der_free_general_string, - cmp_general_string); - free(tests[0].name); - return ret; -} - -static int -cmp_generalized_time (void *a, void *b) -{ - time_t *ta = (time_t *)a; - time_t *tb = (time_t *)b; - - return *tb - *ta; -} - -static int -test_generalized_time (void) -{ - struct test_case tests[] = { - {NULL, 15, "19700101000000Z"}, - {NULL, 15, "19851106210627Z"} - }; - time_t values[] = {0, 500159187}; - int i, ret; - int ntests = sizeof(tests) / sizeof(*tests); - - for (i = 0; i < ntests; ++i) { - tests[i].val = &values[i]; - asprintf (&tests[i].name, "time %d", (int)values[i]); - if (tests[i].name == NULL) - errx(1, "malloc"); - } - - ret = generic_test (tests, ntests, sizeof(time_t), - (generic_encode)der_put_generalized_time, - (generic_length)der_length_generalized_time, - (generic_decode)der_get_generalized_time, - (generic_free)NULL, - cmp_generalized_time); - for (i = 0; i < ntests; ++i) - free(tests[i].name); - return ret; -} - -static int -test_cmp_oid (void *a, void *b) -{ - return der_heim_oid_cmp((heim_oid *)a, (heim_oid *)b); -} - -static unsigned oid_comp1[] = { 1, 1, 1 }; -static unsigned oid_comp2[] = { 1, 1 }; -static unsigned oid_comp3[] = { 6, 15, 1 }; -static unsigned oid_comp4[] = { 6, 15 }; - -static int -test_oid (void) -{ - struct test_case tests[] = { - {NULL, 2, "\x29\x01"}, - {NULL, 1, "\x29"}, - {NULL, 2, "\xff\x01"}, - {NULL, 1, "\xff"} - }; - heim_oid values[] = { - { 3, oid_comp1 }, - { 2, oid_comp2 }, - { 3, oid_comp3 }, - { 2, oid_comp4 } - }; - int i, ret; - int ntests = sizeof(tests) / sizeof(*tests); - - for (i = 0; i < ntests; ++i) { - tests[i].val = &values[i]; - asprintf (&tests[i].name, "oid %d", i); - if (tests[i].name == NULL) - errx(1, "malloc"); - } - - ret = generic_test (tests, ntests, sizeof(heim_oid), - (generic_encode)der_put_oid, - (generic_length)der_length_oid, - (generic_decode)der_get_oid, - (generic_free)der_free_oid, - test_cmp_oid); - for (i = 0; i < ntests; ++i) - free(tests[i].name); - return ret; -} - -static int -test_cmp_bit_string (void *a, void *b) -{ - return der_heim_bit_string_cmp((heim_bit_string *)a, (heim_bit_string *)b); -} - -static int -test_bit_string (void) -{ - struct test_case tests[] = { - {NULL, 1, "\x00"} - }; - heim_bit_string values[] = { - { 0, "" } - }; - int i, ret; - int ntests = sizeof(tests) / sizeof(*tests); - - for (i = 0; i < ntests; ++i) { - tests[i].val = &values[i]; - asprintf (&tests[i].name, "bit_string %d", i); - if (tests[i].name == NULL) - errx(1, "malloc"); - } - - ret = generic_test (tests, ntests, sizeof(heim_bit_string), - (generic_encode)der_put_bit_string, - (generic_length)der_length_bit_string, - (generic_decode)der_get_bit_string, - (generic_free)der_free_bit_string, - test_cmp_bit_string); - for (i = 0; i < ntests; ++i) - free(tests[i].name); - return ret; -} - -static int -test_cmp_heim_integer (void *a, void *b) -{ - return der_heim_integer_cmp((heim_integer *)a, (heim_integer *)b); -} - -static int -test_heim_integer (void) -{ - struct test_case tests[] = { - {NULL, 2, "\xfe\x01"}, - {NULL, 2, "\xef\x01"}, - {NULL, 3, "\xff\x00\xff"}, - {NULL, 3, "\xff\x01\x00"}, - {NULL, 1, "\x00"}, - {NULL, 1, "\x01"}, - {NULL, 2, "\x00\x80"} - }; - - heim_integer values[] = { - { 2, "\x01\xff", 1 }, - { 2, "\x10\xff", 1 }, - { 2, "\xff\x01", 1 }, - { 2, "\xff\x00", 1 }, - { 0, "", 0 }, - { 1, "\x01", 0 }, - { 1, "\x80", 0 } - }; - int i, ret; - int ntests = sizeof(tests) / sizeof(tests[0]); - size_t size; - heim_integer i2; - - for (i = 0; i < ntests; ++i) { - tests[i].val = &values[i]; - asprintf (&tests[i].name, "heim_integer %d", i); - if (tests[i].name == NULL) - errx(1, "malloc"); - } - - ret = generic_test (tests, ntests, sizeof(heim_integer), - (generic_encode)der_put_heim_integer, - (generic_length)der_length_heim_integer, - (generic_decode)der_get_heim_integer, - (generic_free)der_free_heim_integer, - test_cmp_heim_integer); - for (i = 0; i < ntests; ++i) - free (tests[i].name); - if (ret) - return ret; - - /* test zero length integer (BER format) */ - ret = der_get_heim_integer(NULL, 0, &i2, &size); - if (ret) - errx(1, "der_get_heim_integer"); - if (i2.length != 0) - errx(1, "der_get_heim_integer wrong length"); - der_free_heim_integer(&i2); - - return 0; -} - -static int -test_cmp_boolean (void *a, void *b) -{ - return !!*(int *)a != !!*(int *)b; -} - -static int -test_boolean (void) -{ - struct test_case tests[] = { - {NULL, 1, "\xff"}, - {NULL, 1, "\x00"} - }; - - int values[] = { 1, 0 }; - int i, ret; - int ntests = sizeof(tests) / sizeof(tests[0]); - size_t size; - heim_integer i2; - - for (i = 0; i < ntests; ++i) { - tests[i].val = &values[i]; - asprintf (&tests[i].name, "heim_boolean %d", i); - if (tests[i].name == NULL) - errx(1, "malloc"); - } - - ret = generic_test (tests, ntests, sizeof(int), - (generic_encode)der_put_boolean, - (generic_length)der_length_boolean, - (generic_decode)der_get_boolean, - (generic_free)NULL, - test_cmp_boolean); - for (i = 0; i < ntests; ++i) - free (tests[i].name); - if (ret) - return ret; - - /* test zero length integer (BER format) */ - ret = der_get_heim_integer(NULL, 0, &i2, &size); - if (ret) - errx(1, "der_get_heim_integer"); - if (i2.length != 0) - errx(1, "der_get_heim_integer wrong length"); - der_free_heim_integer(&i2); - - return 0; -} - -static int -check_fail_unsigned(void) -{ - struct test_case tests[] = { - {NULL, sizeof(unsigned) + 1, - "\x01\x01\x01\x01\x01\x01\x01\x01\x01", "data overrun" } - }; - int ntests = sizeof(tests) / sizeof(*tests); - - return generic_decode_fail(tests, ntests, sizeof(unsigned), - (generic_decode)der_get_unsigned); -} - -static int -check_fail_integer(void) -{ - struct test_case tests[] = { - {NULL, sizeof(int) + 1, - "\x01\x01\x01\x01\x01\x01\x01\x01\x01", "data overrun" } - }; - int ntests = sizeof(tests) / sizeof(*tests); - - return generic_decode_fail(tests, ntests, sizeof(int), - (generic_decode)der_get_integer); -} - -static int -check_fail_length(void) -{ - struct test_case tests[] = { - {NULL, 0, "", "empty input data"}, - {NULL, 1, "\x82", "internal length overrun" } - }; - int ntests = sizeof(tests) / sizeof(*tests); - - return generic_decode_fail(tests, ntests, sizeof(size_t), - (generic_decode)der_get_length); -} - -static int -check_fail_boolean(void) -{ - struct test_case tests[] = { - {NULL, 0, "", "empty input data"} - }; - int ntests = sizeof(tests) / sizeof(*tests); - - return generic_decode_fail(tests, ntests, sizeof(int), - (generic_decode)der_get_boolean); -} - -static int -check_fail_general_string(void) -{ - struct test_case tests[] = { - { NULL, 3, "A\x00i", "NUL char in string"} - }; - int ntests = sizeof(tests) / sizeof(*tests); - - return generic_decode_fail(tests, ntests, sizeof(heim_general_string), - (generic_decode)der_get_general_string); -} - -static int -check_fail_bmp_string(void) -{ - struct test_case tests[] = { - {NULL, 1, "\x00", "odd (1) length bmpstring"}, - {NULL, 3, "\x00\x00\x00", "odd (3) length bmpstring"} - }; - int ntests = sizeof(tests) / sizeof(*tests); - - return generic_decode_fail(tests, ntests, sizeof(heim_bmp_string), - (generic_decode)der_get_bmp_string); -} - -static int -check_fail_universal_string(void) -{ - struct test_case tests[] = { - {NULL, 1, "\x00", "x & 3 == 1 universal string"}, - {NULL, 2, "\x00\x00", "x & 3 == 2 universal string"}, - {NULL, 3, "\x00\x00\x00", "x & 3 == 3 universal string"}, - {NULL, 5, "\x00\x00\x00\x00\x00", "x & 3 == 1 universal string"}, - {NULL, 6, "\x00\x00\x00\x00\x00\x00", "x & 3 == 2 universal string"}, - {NULL, 7, "\x00\x00\x00\x00\x00\x00\x00", "x & 3 == 3 universal string"} - }; - int ntests = sizeof(tests) / sizeof(*tests); - - return generic_decode_fail(tests, ntests, sizeof(heim_universal_string), - (generic_decode)der_get_universal_string); -} - -static int -check_fail_heim_integer(void) -{ -#if 0 - struct test_case tests[] = { - }; - int ntests = sizeof(tests) / sizeof(*tests); - - return generic_decode_fail(tests, ntests, sizeof(heim_integer), - (generic_decode)der_get_heim_integer); -#else - return 0; -#endif -} - -static int -check_fail_generalized_time(void) -{ - struct test_case tests[] = { - {NULL, 1, "\x00", "no time"} - }; - int ntests = sizeof(tests) / sizeof(*tests); - - return generic_decode_fail(tests, ntests, sizeof(time_t), - (generic_decode)der_get_generalized_time); -} - -static int -check_fail_oid(void) -{ - struct test_case tests[] = { - {NULL, 0, "", "empty input data"}, - {NULL, 2, "\x00\x80", "last byte continuation" }, - {NULL, 11, "\x00\x81\x80\x80\x80\x80\x80\x80\x80\x80\x00", - "oid element overflow" } - }; - int ntests = sizeof(tests) / sizeof(*tests); - - return generic_decode_fail(tests, ntests, sizeof(heim_oid), - (generic_decode)der_get_oid); -} - -static int -check_fail_bitstring(void) -{ - struct test_case tests[] = { - {NULL, 0, "", "empty input data"}, - {NULL, 1, "\x08", "larger then 8 bits trailer"}, - {NULL, 1, "\x01", "to few bytes for bits"}, - {NULL, -2, "\x00", "length overrun"}, - {NULL, -1, "", "length to short"} - }; - int ntests = sizeof(tests) / sizeof(*tests); - - return generic_decode_fail(tests, ntests, sizeof(heim_bit_string), - (generic_decode)der_get_bit_string); -} - -static int -check_heim_integer_same(const char *p, const char *norm_p, heim_integer *i) -{ - heim_integer i2; - char *str; - int ret; - - ret = der_print_hex_heim_integer(i, &str); - if (ret) - errx(1, "der_print_hex_heim_integer: %d", ret); - - if (strcmp(str, norm_p) != 0) - errx(1, "der_print_hex_heim_integer: %s != %s", str, p); - - ret = der_parse_hex_heim_integer(str, &i2); - if (ret) - errx(1, "der_parse_hex_heim_integer: %d", ret); - - if (der_heim_integer_cmp(i, &i2) != 0) - errx(1, "der_heim_integer_cmp: p %s", p); - - der_free_heim_integer(&i2); - free(str); - - ret = der_parse_hex_heim_integer(p, &i2); - if (ret) - errx(1, "der_parse_hex_heim_integer: %d", ret); - - if (der_heim_integer_cmp(i, &i2) != 0) - errx(1, "der_heim_integer_cmp: norm"); - - der_free_heim_integer(&i2); - - return 0; -} - -static int -test_heim_int_format(void) -{ - heim_integer i = { 1, "\x10", 0 }; - heim_integer i2 = { 1, "\x10", 1 }; - heim_integer i3 = { 1, "\01", 0 }; - char *p = - "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1" - "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD" - "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245" - "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED" - "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE65381" - "FFFFFFFF" "FFFFFFFF"; - heim_integer bni = { - 128, - "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xC9\x0F\xDA\xA2" - "\x21\x68\xC2\x34\xC4\xC6\x62\x8B\x80\xDC\x1C\xD1" - "\x29\x02\x4E\x08\x8A\x67\xCC\x74\x02\x0B\xBE\xA6" - "\x3B\x13\x9B\x22\x51\x4A\x08\x79\x8E\x34\x04\xDD" - "\xEF\x95\x19\xB3\xCD\x3A\x43\x1B\x30\x2B\x0A\x6D" - "\xF2\x5F\x14\x37\x4F\xE1\x35\x6D\x6D\x51\xC2\x45" - "\xE4\x85\xB5\x76\x62\x5E\x7E\xC6\xF4\x4C\x42\xE9" - "\xA6\x37\xED\x6B\x0B\xFF\x5C\xB6\xF4\x06\xB7\xED" - "\xEE\x38\x6B\xFB\x5A\x89\x9F\xA5\xAE\x9F\x24\x11" - "\x7C\x4B\x1F\xE6\x49\x28\x66\x51\xEC\xE6\x53\x81" - "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF", - 0 - }; - heim_integer f; - int ret = 0; - - ret += check_heim_integer_same(p, p, &bni); - ret += check_heim_integer_same("10", "10", &i); - ret += check_heim_integer_same("00000010", "10", &i); - ret += check_heim_integer_same("-10", "-10", &i2); - ret += check_heim_integer_same("-00000010", "-10", &i2); - ret += check_heim_integer_same("01", "01", &i3); - ret += check_heim_integer_same("1", "01", &i3); - - { - int r; - r = der_parse_hex_heim_integer("-", &f); - if (r == 0) { - der_free_heim_integer(&f); - ret++; - } - /* used to cause UMR */ - r = der_parse_hex_heim_integer("00", &f); - if (r == 0) - der_free_heim_integer(&f); - else - ret++; - } - - return ret; -} - -static int -test_heim_oid_format_same(const char *str, const heim_oid *oid) -{ - int ret; - char *p; - heim_oid o2; - - ret = der_print_heim_oid(oid, ' ', &p); - if (ret) { - printf("fail to print oid: %s\n", str); - return 1; - } - ret = strcmp(p, str); - if (ret) { - printf("oid %s != formated oid %s\n", str, p); - free(p); - return ret; - } - - ret = der_parse_heim_oid(p, " ", &o2); - if (ret) { - printf("failed to parse %s\n", p); - free(p); - return ret; - } - free(p); - ret = der_heim_oid_cmp(&o2, oid); - der_free_oid(&o2); - - return ret; -} - -static unsigned sha1_oid_tree[] = { 1, 3, 14, 3, 2, 26 }; - -static int -test_heim_oid_format(void) -{ - heim_oid sha1 = { 6, sha1_oid_tree }; - int ret = 0; - - ret += test_heim_oid_format_same("1 3 14 3 2 26", &sha1); - - return ret; -} - -static int -check_trailing_nul(void) -{ - int i, ret; - struct { - int fail; - const unsigned char *p; - size_t len; - const char *s; - size_t size; - } foo[] = { - { 1, (const unsigned char *)"foo\x00o", 5, NULL, 0 }, - { 1, (const unsigned char *)"\x00o", 2, NULL, 0 }, - { 0, (const unsigned char *)"\x00\x00\x00\x00\x00", 5, "", 5 }, - { 0, (const unsigned char *)"\x00", 1, "", 1 }, - { 0, (const unsigned char *)"", 0, "", 0 }, - { 0, (const unsigned char *)"foo\x00\x00", 5, "foo", 5 }, - { 0, (const unsigned char *)"foo\0", 4, "foo", 4 }, - { 0, (const unsigned char *)"foo", 3, "foo", 3 } - }; - - for (i = 0; i < sizeof(foo)/sizeof(foo[0]); i++) { - char *s; - size_t size; - ret = der_get_general_string(foo[i].p, foo[i].len, &s, &size); - if (foo[i].fail) { - if (ret == 0) - errx(1, "check %d NULL didn't fail", i); - continue; - } - if (ret) - errx(1, "NULL check %d der_get_general_string failed", i); - if (foo[i].size != size) - errx(1, "NUL check i = %d size failed", i); - if (strcmp(foo[i].s, s) != 0) - errx(1, "NUL check i = %d content failed", i); - free(s); - } - return 0; -} - -static int -test_misc_cmp(void) -{ - int ret; - - /* diffrent lengths are diffrent */ - { - const heim_octet_string os1 = { 1, "a" } , os2 = { 0, NULL }; - ret = der_heim_octet_string_cmp(&os1, &os2); - if (ret == 0) - return 1; - } - /* diffrent data are diffrent */ - { - const heim_octet_string os1 = { 1, "a" } , os2 = { 1, "b" }; - ret = der_heim_octet_string_cmp(&os1, &os2); - if (ret == 0) - return 1; - } - /* diffrent lengths are diffrent */ - { - const heim_bit_string bs1 = { 8, "a" } , bs2 = { 7, "a" }; - ret = der_heim_bit_string_cmp(&bs1, &bs2); - if (ret == 0) - return 1; - } - /* diffrent data are diffrent */ - { - const heim_bit_string bs1 = { 7, "\x0f" } , bs2 = { 7, "\x02" }; - ret = der_heim_bit_string_cmp(&bs1, &bs2); - if (ret == 0) - return 1; - } - /* diffrent lengths are diffrent */ - { - uint16_t data = 1; - heim_bmp_string bs1 = { 1, NULL } , bs2 = { 0, NULL }; - bs1.data = &data; - ret = der_heim_bmp_string_cmp(&bs1, &bs2); - if (ret == 0) - return 1; - } - /* diffrent lengths are diffrent */ - { - uint32_t data; - heim_universal_string us1 = { 1, NULL } , us2 = { 0, NULL }; - us1.data = &data; - ret = der_heim_universal_string_cmp(&us1, &us2); - if (ret == 0) - return 1; - } - /* same */ - { - uint32_t data = (uint32_t)'a'; - heim_universal_string us1 = { 1, NULL } , us2 = { 1, NULL }; - us1.data = &data; - us2.data = &data; - ret = der_heim_universal_string_cmp(&us1, &us2); - if (ret != 0) - return 1; - } - - return 0; -} - -static int -corner_generalized_time(void) -{ - const char *str = "760520140000Z"; - size_t size; - time_t t; - int ret; - - ret = der_get_generalized_time((const unsigned char*)str, strlen(str), - &t, &size); - if (ret) - return 1; - return 0; -} - -static int -corner_tag(void) -{ - struct { - int ok; - const char *ptr; - size_t len; - } tests[] = { - { 1, "\x00", 1 }, - { 0, "\xff", 1 }, - { 0, "\xff\xff\xff\xff\xff\xff\xff\xff", 8 } - }; - int i, ret; - Der_class cl; - Der_type ty; - unsigned int tag; - size_t size; - - for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) { - ret = der_get_tag((const unsigned char*)tests[i].ptr, - tests[i].len, &cl, &ty, &tag, &size); - if (ret) { - if (tests[i].ok) - errx(1, "failed while shouldn't"); - } else { - if (!tests[i].ok) - errx(1, "passed while shouldn't"); - } - } - return 0; -} - -int -main(int argc, char **argv) -{ - int ret = 0; - - ret += test_integer (); - ret += test_integer_more(); - ret += test_unsigned (); - ret += test_octet_string (); - ret += test_bmp_string (); - ret += test_universal_string (); - ret += test_general_string (); - ret += test_generalized_time (); - ret += test_oid (); - ret += test_bit_string(); - ret += test_heim_integer(); - ret += test_boolean(); - - ret += check_fail_unsigned(); - ret += check_fail_integer(); - ret += check_fail_length(); - ret += check_fail_boolean(); - ret += check_fail_general_string(); - ret += check_fail_bmp_string(); - ret += check_fail_universal_string(); - ret += check_fail_heim_integer(); - ret += check_fail_generalized_time(); - ret += check_fail_oid(); - ret += check_fail_bitstring(); - ret += test_heim_int_format(); - ret += test_heim_oid_format(); - ret += check_trailing_nul(); - ret += test_misc_cmp(); - ret += corner_generalized_time(); - ret += corner_tag(); - - return ret; -} diff --git a/crypto/heimdal/lib/asn1/check-gen.c b/crypto/heimdal/lib/asn1/check-gen.c deleted file mode 100644 index a18a21d087e5..000000000000 --- a/crypto/heimdal/lib/asn1/check-gen.c +++ /dev/null @@ -1,955 +0,0 @@ -/* - * Copyright (c) 1999 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -#include "check-common.h" - -RCSID("$Id: check-gen.c 21539 2007-07-14 16:12:04Z lha $"); - -static char *lha_principal[] = { "lha" }; -static char *lharoot_princ[] = { "lha", "root" }; -static char *datan_princ[] = { "host", "nutcracker.e.kth.se" }; -static char *nada_tgt_principal[] = { "krbtgt", "NADA.KTH.SE" }; - - -#define IF_OPT_COMPARE(ac,bc,e) \ - if (((ac)->e == NULL && (bc)->e != NULL) || (((ac)->e != NULL && (bc)->e == NULL))) return 1; if ((ab)->e) -#define COMPARE_OPT_STRING(ac,bc,e) \ - do { if (strcmp(*(ac)->e, *(bc)->e) != 0) return 1; } while(0) -#define COMPARE_OPT_OCTECT_STRING(ac,bc,e) \ - do { if ((ac)->e->length != (bc)->e->length || memcmp((ac)->e->data, (bc)->e->data, (ac)->e->length) != 0) return 1; } while(0) -#define COMPARE_STRING(ac,bc,e) \ - do { if (strcmp((ac)->e, (bc)->e) != 0) return 1; } while(0) -#define COMPARE_INTEGER(ac,bc,e) \ - do { if ((ac)->e != (bc)->e) return 1; } while(0) -#define COMPARE_MEM(ac,bc,e,len) \ - do { if (memcmp((ac)->e, (bc)->e,len) != 0) return 1; } while(0) - -static int -cmp_principal (void *a, void *b) -{ - Principal *pa = a; - Principal *pb = b; - int i; - - COMPARE_STRING(pa,pb,realm); - COMPARE_INTEGER(pa,pb,name.name_type); - COMPARE_INTEGER(pa,pb,name.name_string.len); - - for (i = 0; i < pa->name.name_string.len; i++) - COMPARE_STRING(pa,pb,name.name_string.val[i]); - - return 0; -} - -static int -test_principal (void) -{ - - struct test_case tests[] = { - { NULL, 29, - "\x30\x1b\xa0\x10\x30\x0e\xa0\x03\x02\x01\x01\xa1\x07\x30\x05\x1b" - "\x03\x6c\x68\x61\xa1\x07\x1b\x05\x53\x55\x2e\x53\x45" - }, - { NULL, 35, - "\x30\x21\xa0\x16\x30\x14\xa0\x03\x02\x01\x01\xa1\x0d\x30\x0b\x1b" - "\x03\x6c\x68\x61\x1b\x04\x72\x6f\x6f\x74\xa1\x07\x1b\x05\x53\x55" - "\x2e\x53\x45" - }, - { NULL, 54, - "\x30\x34\xa0\x26\x30\x24\xa0\x03\x02\x01\x03\xa1\x1d\x30\x1b\x1b" - "\x04\x68\x6f\x73\x74\x1b\x13\x6e\x75\x74\x63\x72\x61\x63\x6b\x65" - "\x72\x2e\x65\x2e\x6b\x74\x68\x2e\x73\x65\xa1\x0a\x1b\x08\x45\x2e" - "\x4b\x54\x48\x2e\x53\x45" - } - }; - - - Principal values[] = { - { { KRB5_NT_PRINCIPAL, { 1, lha_principal } }, "SU.SE" }, - { { KRB5_NT_PRINCIPAL, { 2, lharoot_princ } }, "SU.SE" }, - { { KRB5_NT_SRV_HST, { 2, datan_princ } }, "E.KTH.SE" } - }; - int i, ret; - int ntests = sizeof(tests) / sizeof(*tests); - - for (i = 0; i < ntests; ++i) { - tests[i].val = &values[i]; - asprintf (&tests[i].name, "Principal %d", i); - } - - ret = generic_test (tests, ntests, sizeof(Principal), - (generic_encode)encode_Principal, - (generic_length)length_Principal, - (generic_decode)decode_Principal, - (generic_free)free_Principal, - cmp_principal); - for (i = 0; i < ntests; ++i) - free (tests[i].name); - - return ret; -} - -static int -cmp_authenticator (void *a, void *b) -{ - Authenticator *aa = a; - Authenticator *ab = b; - int i; - - COMPARE_INTEGER(aa,ab,authenticator_vno); - COMPARE_STRING(aa,ab,crealm); - - COMPARE_INTEGER(aa,ab,cname.name_type); - COMPARE_INTEGER(aa,ab,cname.name_string.len); - - for (i = 0; i < aa->cname.name_string.len; i++) - COMPARE_STRING(aa,ab,cname.name_string.val[i]); - - return 0; -} - -static int -test_authenticator (void) -{ - struct test_case tests[] = { - { NULL, 63, - "\x62\x3d\x30\x3b\xa0\x03\x02\x01\x05\xa1\x0a\x1b\x08" - "\x45\x2e\x4b\x54\x48\x2e\x53\x45\xa2\x10\x30\x0e\xa0" - "\x03\x02\x01\x01\xa1\x07\x30\x05\x1b\x03\x6c\x68\x61" - "\xa4\x03\x02\x01\x0a\xa5\x11\x18\x0f\x31\x39\x37\x30" - "\x30\x31\x30\x31\x30\x30\x30\x31\x33\x39\x5a" - }, - { NULL, 67, - "\x62\x41\x30\x3f\xa0\x03\x02\x01\x05\xa1\x07\x1b\x05" - "\x53\x55\x2e\x53\x45\xa2\x16\x30\x14\xa0\x03\x02\x01" - "\x01\xa1\x0d\x30\x0b\x1b\x03\x6c\x68\x61\x1b\x04\x72" - "\x6f\x6f\x74\xa4\x04\x02\x02\x01\x24\xa5\x11\x18\x0f" - "\x31\x39\x37\x30\x30\x31\x30\x31\x30\x30\x31\x36\x33" - "\x39\x5a" - } - }; - - Authenticator values[] = { - { 5, "E.KTH.SE", { KRB5_NT_PRINCIPAL, { 1, lha_principal } }, - NULL, 10, 99, NULL, NULL, NULL }, - { 5, "SU.SE", { KRB5_NT_PRINCIPAL, { 2, lharoot_princ } }, - NULL, 292, 999, NULL, NULL, NULL } - }; - int i, ret; - int ntests = sizeof(tests) / sizeof(*tests); - - for (i = 0; i < ntests; ++i) { - tests[i].val = &values[i]; - asprintf (&tests[i].name, "Authenticator %d", i); - } - - ret = generic_test (tests, ntests, sizeof(Authenticator), - (generic_encode)encode_Authenticator, - (generic_length)length_Authenticator, - (generic_decode)decode_Authenticator, - (generic_free)free_Authenticator, - cmp_authenticator); - for (i = 0; i < ntests; ++i) - free(tests[i].name); - - return ret; -} - -static int -cmp_KRB_ERROR (void *a, void *b) -{ - KRB_ERROR *aa = a; - KRB_ERROR *ab = b; - int i; - - COMPARE_INTEGER(aa,ab,pvno); - COMPARE_INTEGER(aa,ab,msg_type); - - IF_OPT_COMPARE(aa,ab,ctime) { - COMPARE_INTEGER(aa,ab,ctime); - } - IF_OPT_COMPARE(aa,ab,cusec) { - COMPARE_INTEGER(aa,ab,cusec); - } - COMPARE_INTEGER(aa,ab,stime); - COMPARE_INTEGER(aa,ab,susec); - COMPARE_INTEGER(aa,ab,error_code); - - IF_OPT_COMPARE(aa,ab,crealm) { - COMPARE_OPT_STRING(aa,ab,crealm); - } -#if 0 - IF_OPT_COMPARE(aa,ab,cname) { - COMPARE_OPT_STRING(aa,ab,cname); - } -#endif - COMPARE_STRING(aa,ab,realm); - - COMPARE_INTEGER(aa,ab,sname.name_string.len); - for (i = 0; i < aa->sname.name_string.len; i++) - COMPARE_STRING(aa,ab,sname.name_string.val[i]); - - IF_OPT_COMPARE(aa,ab,e_text) { - COMPARE_OPT_STRING(aa,ab,e_text); - } - IF_OPT_COMPARE(aa,ab,e_data) { - /* COMPARE_OPT_OCTECT_STRING(aa,ab,e_data); */ - } - - return 0; -} - -static int -test_krb_error (void) -{ - struct test_case tests[] = { - { NULL, 127, - "\x7e\x7d\x30\x7b\xa0\x03\x02\x01\x05\xa1\x03\x02\x01\x1e\xa4\x11" - "\x18\x0f\x32\x30\x30\x33\x31\x31\x32\x34\x30\x30\x31\x31\x31\x39" - "\x5a\xa5\x05\x02\x03\x04\xed\xa5\xa6\x03\x02\x01\x1f\xa7\x0d\x1b" - "\x0b\x4e\x41\x44\x41\x2e\x4b\x54\x48\x2e\x53\x45\xa8\x10\x30\x0e" - "\xa0\x03\x02\x01\x01\xa1\x07\x30\x05\x1b\x03\x6c\x68\x61\xa9\x0d" - "\x1b\x0b\x4e\x41\x44\x41\x2e\x4b\x54\x48\x2e\x53\x45\xaa\x20\x30" - "\x1e\xa0\x03\x02\x01\x01\xa1\x17\x30\x15\x1b\x06\x6b\x72\x62\x74" - "\x67\x74\x1b\x0b\x4e\x41\x44\x41\x2e\x4b\x54\x48\x2e\x53\x45", - "KRB-ERROR Test 1" - } - }; - int ntests = sizeof(tests) / sizeof(*tests); - KRB_ERROR e1; - PrincipalName lhaprincipalname = { 1, { 1, lha_principal } }; - PrincipalName tgtprincipalname = { 1, { 2, nada_tgt_principal } }; - char *realm = "NADA.KTH.SE"; - - e1.pvno = 5; - e1.msg_type = 30; - e1.ctime = NULL; - e1.cusec = NULL; - e1.stime = 1069632679; - e1.susec = 322981; - e1.error_code = 31; - e1.crealm = &realm; - e1.cname = &lhaprincipalname; - e1.realm = "NADA.KTH.SE"; - e1.sname = tgtprincipalname; - e1.e_text = NULL; - e1.e_data = NULL; - - tests[0].val = &e1; - - return generic_test (tests, ntests, sizeof(KRB_ERROR), - (generic_encode)encode_KRB_ERROR, - (generic_length)length_KRB_ERROR, - (generic_decode)decode_KRB_ERROR, - (generic_free)free_KRB_ERROR, - cmp_KRB_ERROR); -} - -static int -cmp_Name (void *a, void *b) -{ - Name *aa = a; - Name *ab = b; - - COMPARE_INTEGER(aa,ab,element); - - return 0; -} - -static int -test_Name (void) -{ - struct test_case tests[] = { - { NULL, 35, - "\x30\x21\x31\x1f\x30\x0b\x06\x03\x55\x04\x03\x13\x04\x4c\x6f\x76" - "\x65\x30\x10\x06\x03\x55\x04\x07\x13\x09\x53\x54\x4f\x43\x4b\x48" - "\x4f\x4c\x4d", - "Name CN=Love+L=STOCKHOLM" - }, - { NULL, 35, - "\x30\x21\x31\x1f\x30\x0b\x06\x03\x55\x04\x03\x13\x04\x4c\x6f\x76" - "\x65\x30\x10\x06\x03\x55\x04\x07\x13\x09\x53\x54\x4f\x43\x4b\x48" - "\x4f\x4c\x4d", - "Name L=STOCKHOLM+CN=Love" - } - }; - - int ntests = sizeof(tests) / sizeof(*tests); - Name n1, n2; - RelativeDistinguishedName rdn1[1]; - RelativeDistinguishedName rdn2[1]; - AttributeTypeAndValue atv1[2]; - AttributeTypeAndValue atv2[2]; - unsigned cmp_CN[] = { 2, 5, 4, 3 }; - unsigned cmp_L[] = { 2, 5, 4, 7 }; - - /* n1 */ - n1.element = choice_Name_rdnSequence; - n1.u.rdnSequence.val = rdn1; - n1.u.rdnSequence.len = sizeof(rdn1)/sizeof(rdn1[0]); - rdn1[0].val = atv1; - rdn1[0].len = sizeof(atv1)/sizeof(atv1[0]); - - atv1[0].type.length = sizeof(cmp_CN)/sizeof(cmp_CN[0]); - atv1[0].type.components = cmp_CN; - atv1[0].value.element = choice_DirectoryString_printableString; - atv1[0].value.u.printableString = "Love"; - - atv1[1].type.length = sizeof(cmp_L)/sizeof(cmp_L[0]); - atv1[1].type.components = cmp_L; - atv1[1].value.element = choice_DirectoryString_printableString; - atv1[1].value.u.printableString = "STOCKHOLM"; - - /* n2 */ - n2.element = choice_Name_rdnSequence; - n2.u.rdnSequence.val = rdn2; - n2.u.rdnSequence.len = sizeof(rdn2)/sizeof(rdn2[0]); - rdn2[0].val = atv2; - rdn2[0].len = sizeof(atv2)/sizeof(atv2[0]); - - atv2[0].type.length = sizeof(cmp_L)/sizeof(cmp_L[0]); - atv2[0].type.components = cmp_L; - atv2[0].value.element = choice_DirectoryString_printableString; - atv2[0].value.u.printableString = "STOCKHOLM"; - - atv2[1].type.length = sizeof(cmp_CN)/sizeof(cmp_CN[0]); - atv2[1].type.components = cmp_CN; - atv2[1].value.element = choice_DirectoryString_printableString; - atv2[1].value.u.printableString = "Love"; - - /* */ - tests[0].val = &n1; - tests[1].val = &n2; - - return generic_test (tests, ntests, sizeof(Name), - (generic_encode)encode_Name, - (generic_length)length_Name, - (generic_decode)decode_Name, - (generic_free)free_Name, - cmp_Name); -} - -static int -cmp_KeyUsage (void *a, void *b) -{ - KeyUsage *aa = a; - KeyUsage *ab = b; - - return KeyUsage2int(*aa) != KeyUsage2int(*ab); -} - -static int -test_bit_string (void) -{ - struct test_case tests[] = { - { NULL, 4, - "\x03\x02\x07\x80", - "bitstring 1" - }, - { NULL, 4, - "\x03\x02\x05\xa0", - "bitstring 2" - }, - { NULL, 5, - "\x03\x03\x07\x00\x80", - "bitstring 3" - }, - { NULL, 3, - "\x03\x01\x00", - "bitstring 4" - } - }; - - int ntests = sizeof(tests) / sizeof(*tests); - KeyUsage ku1, ku2, ku3, ku4; - - memset(&ku1, 0, sizeof(ku1)); - ku1.digitalSignature = 1; - tests[0].val = &ku1; - - memset(&ku2, 0, sizeof(ku2)); - ku2.digitalSignature = 1; - ku2.keyEncipherment = 1; - tests[1].val = &ku2; - - memset(&ku3, 0, sizeof(ku3)); - ku3.decipherOnly = 1; - tests[2].val = &ku3; - - memset(&ku4, 0, sizeof(ku4)); - tests[3].val = &ku4; - - - return generic_test (tests, ntests, sizeof(KeyUsage), - (generic_encode)encode_KeyUsage, - (generic_length)length_KeyUsage, - (generic_decode)decode_KeyUsage, - (generic_free)free_KeyUsage, - cmp_KeyUsage); -} - -static int -cmp_TESTLargeTag (void *a, void *b) -{ - TESTLargeTag *aa = a; - TESTLargeTag *ab = b; - - COMPARE_INTEGER(aa,ab,foo); - return 0; -} - -static int -test_large_tag (void) -{ - struct test_case tests[] = { - { NULL, 8, "\x30\x06\xbf\x7f\x03\x02\x01\x01", "large tag 1" } - }; - - int ntests = sizeof(tests) / sizeof(*tests); - TESTLargeTag lt1; - - memset(<1, 0, sizeof(lt1)); - lt1.foo = 1; - - tests[0].val = <1; - - return generic_test (tests, ntests, sizeof(TESTLargeTag), - (generic_encode)encode_TESTLargeTag, - (generic_length)length_TESTLargeTag, - (generic_decode)decode_TESTLargeTag, - (generic_free)free_TESTLargeTag, - cmp_TESTLargeTag); -} - -struct test_data { - int ok; - size_t len; - size_t expected_len; - void *data; -}; - -static int -check_tag_length(void) -{ - struct test_data td[] = { - { 1, 3, 3, "\x02\x01\x00"}, - { 1, 3, 3, "\x02\x01\x7f"}, - { 1, 4, 4, "\x02\x02\x00\x80"}, - { 1, 4, 4, "\x02\x02\x01\x00"}, - { 1, 4, 4, "\x02\x02\x02\x00"}, - { 0, 3, 0, "\x02\x02\x00"}, - { 0, 3, 0, "\x02\x7f\x7f"}, - { 0, 4, 0, "\x02\x03\x00\x80"}, - { 0, 4, 0, "\x02\x7f\x01\x00"}, - { 0, 5, 0, "\x02\xff\x7f\x02\x00"} - }; - size_t sz; - krb5uint32 values[] = {0, 127, 128, 256, 512, - 0, 127, 128, 256, 512 }; - krb5uint32 u; - int i, ret, failed = 0; - void *buf; - - for (i = 0; i < sizeof(td)/sizeof(td[0]); i++) { - struct map_page *page; - - buf = map_alloc(OVERRUN, td[i].data, td[i].len, &page); - - ret = decode_krb5uint32(buf, td[i].len, &u, &sz); - if (ret) { - if (td[i].ok) { - printf("failed with tag len test %d\n", i); - failed = 1; - } - } else { - if (td[i].ok == 0) { - printf("failed with success for tag len test %d\n", i); - failed = 1; - } - if (td[i].expected_len != sz) { - printf("wrong expected size for tag test %d\n", i); - failed = 1; - } - if (values[i] != u) { - printf("wrong value for tag test %d\n", i); - failed = 1; - } - } - map_free(page, "test", "decode"); - } - return failed; -} - -static int -cmp_TESTChoice (void *a, void *b) -{ - return 0; -} - -static int -test_choice (void) -{ - struct test_case tests[] = { - { NULL, 5, "\xa1\x03\x02\x01\x01", "large choice 1" }, - { NULL, 5, "\xa2\x03\x02\x01\x02", "large choice 2" } - }; - - int ret = 0, ntests = sizeof(tests) / sizeof(*tests); - TESTChoice1 c1; - TESTChoice1 c2_1; - TESTChoice2 c2_2; - - memset(&c1, 0, sizeof(c1)); - c1.element = choice_TESTChoice1_i1; - c1.u.i1 = 1; - tests[0].val = &c1; - - memset(&c2_1, 0, sizeof(c2_1)); - c2_1.element = choice_TESTChoice1_i2; - c2_1.u.i2 = 2; - tests[1].val = &c2_1; - - ret += generic_test (tests, ntests, sizeof(TESTChoice1), - (generic_encode)encode_TESTChoice1, - (generic_length)length_TESTChoice1, - (generic_decode)decode_TESTChoice1, - (generic_free)free_TESTChoice1, - cmp_TESTChoice); - - memset(&c2_2, 0, sizeof(c2_2)); - c2_2.element = choice_TESTChoice2_asn1_ellipsis; - c2_2.u.asn1_ellipsis.data = "\xa2\x03\x02\x01\x02"; - c2_2.u.asn1_ellipsis.length = 5; - tests[1].val = &c2_2; - - ret += generic_test (tests, ntests, sizeof(TESTChoice2), - (generic_encode)encode_TESTChoice2, - (generic_length)length_TESTChoice2, - (generic_decode)decode_TESTChoice2, - (generic_free)free_TESTChoice2, - cmp_TESTChoice); - - return ret; -} - -static int -cmp_TESTImplicit (void *a, void *b) -{ - TESTImplicit *aa = a; - TESTImplicit *ab = b; - - COMPARE_INTEGER(aa,ab,ti1); - COMPARE_INTEGER(aa,ab,ti2.foo); - COMPARE_INTEGER(aa,ab,ti3); - return 0; -} - -/* -UNIV CONS Sequence 14 - CONTEXT PRIM 0 1 00 - CONTEXT CONS 1 6 - CONTEXT CONS 127 3 - UNIV PRIM Integer 1 02 - CONTEXT PRIM 2 1 03 -*/ - -static int -test_implicit (void) -{ - struct test_case tests[] = { - { NULL, 16, - "\x30\x0e\x80\x01\x00\xa1\x06\xbf" - "\x7f\x03\x02\x01\x02\x82\x01\x03", - "implicit 1" } - }; - - int ret = 0, ntests = sizeof(tests) / sizeof(*tests); - TESTImplicit c0; - - memset(&c0, 0, sizeof(c0)); - c0.ti1 = 0; - c0.ti2.foo = 2; - c0.ti3 = 3; - tests[0].val = &c0; - - ret += generic_test (tests, ntests, sizeof(TESTImplicit), - (generic_encode)encode_TESTImplicit, - (generic_length)length_TESTImplicit, - (generic_decode)decode_TESTImplicit, - (generic_free)free_TESTImplicit, - cmp_TESTImplicit); - -#ifdef IMPLICIT_TAGGING_WORKS - ret += generic_test (tests, ntests, sizeof(TESTImplicit2), - (generic_encode)encode_TESTImplicit2, - (generic_length)length_TESTImplicit2, - (generic_decode)decode_TESTImplicit2, - (generic_free)free_TESTImplicit2, - cmp_TESTImplicit); - -#endif /* IMPLICIT_TAGGING_WORKS */ - return ret; -} - -static int -cmp_TESTAlloc (void *a, void *b) -{ - TESTAlloc *aa = a; - TESTAlloc *ab = b; - - IF_OPT_COMPARE(aa,ab,tagless) { - COMPARE_INTEGER(aa,ab,tagless->ai); - } - - COMPARE_INTEGER(aa,ab,three); - - IF_OPT_COMPARE(aa,ab,tagless2) { - COMPARE_OPT_OCTECT_STRING(aa, ab, tagless2); - } - - return 0; -} - -/* -UNIV CONS Sequence 12 - UNIV CONS Sequence 5 - CONTEXT CONS 0 3 - UNIV PRIM Integer 1 01 - CONTEXT CONS 1 3 - UNIV PRIM Integer 1 03 - -UNIV CONS Sequence 5 - CONTEXT CONS 1 3 - UNIV PRIM Integer 1 03 - -UNIV CONS Sequence 8 - CONTEXT CONS 1 3 - UNIV PRIM Integer 1 04 - UNIV PRIM Integer 1 05 - -*/ - -static int -test_taglessalloc (void) -{ - struct test_case tests[] = { - { NULL, 14, - "\x30\x0c\x30\x05\xa0\x03\x02\x01\x01\xa1\x03\x02\x01\x03", - "alloc 1" }, - { NULL, 7, - "\x30\x05\xa1\x03\x02\x01\x03", - "alloc 2" }, - { NULL, 10, - "\x30\x08\xa1\x03\x02\x01\x04\x02\x01\x05", - "alloc 3" } - }; - - int ret = 0, ntests = sizeof(tests) / sizeof(*tests); - TESTAlloc c1, c2, c3; - heim_any any3; - - memset(&c1, 0, sizeof(c1)); - c1.tagless = ecalloc(1, sizeof(*c1.tagless)); - c1.tagless->ai = 1; - c1.three = 3; - tests[0].val = &c1; - - memset(&c2, 0, sizeof(c2)); - c2.tagless = NULL; - c2.three = 3; - tests[1].val = &c2; - - memset(&c3, 0, sizeof(c3)); - c3.tagless = NULL; - c3.three = 4; - c3.tagless2 = &any3; - any3.data = "\x02\x01\x05"; - any3.length = 3; - tests[2].val = &c3; - - ret += generic_test (tests, ntests, sizeof(TESTAlloc), - (generic_encode)encode_TESTAlloc, - (generic_length)length_TESTAlloc, - (generic_decode)decode_TESTAlloc, - (generic_free)free_TESTAlloc, - cmp_TESTAlloc); - - free(c1.tagless); - - return ret; -} - - -static int -check_fail_largetag(void) -{ - struct test_case tests[] = { - {NULL, 14, "\x30\x0c\xbf\x87\xff\xff\xff\xff\xff\x7f\x03\x02\x01\x01", - "tag overflow"}, - {NULL, 0, "", "empty buffer"}, - {NULL, 7, "\x30\x05\xa1\x03\x02\x02\x01", - "one too short" }, - {NULL, 7, "\x30\x04\xa1\x03\x02\x02\x01" - "two too short" }, - {NULL, 7, "\x30\x03\xa1\x03\x02\x02\x01", - "three too short" }, - {NULL, 7, "\x30\x02\xa1\x03\x02\x02\x01", - "four too short" }, - {NULL, 7, "\x30\x01\xa1\x03\x02\x02\x01", - "five too short" }, - {NULL, 7, "\x30\x00\xa1\x03\x02\x02\x01", - "six too short" }, - {NULL, 7, "\x30\x05\xa1\x04\x02\x02\x01", - "inner one too long" }, - {NULL, 7, "\x30\x00\xa1\x02\x02\x02\x01", - "inner one too short" }, - {NULL, 8, "\x30\x05\xbf\x7f\x03\x02\x02\x01", - "inner one too short"}, - {NULL, 8, "\x30\x06\xbf\x64\x03\x02\x01\x01", - "wrong tag"}, - {NULL, 10, "\x30\x08\xbf\x9a\x9b\x38\x03\x02\x01\x01", - "still wrong tag"} - }; - int ntests = sizeof(tests) / sizeof(*tests); - - return generic_decode_fail(tests, ntests, sizeof(TESTLargeTag), - (generic_decode)decode_TESTLargeTag); -} - - -static int -check_fail_sequence(void) -{ - struct test_case tests[] = { - {NULL, 0, "", "empty buffer"}, - {NULL, 24, - "\x30\x16\xa0\x03\x02\x01\x01\xa1\x08\x30\x06\xbf\x7f\x03\x02\x01\x01" - "\x02\x01\x01\xa2\x03\x02\x01\x01" - "missing one byte from the end, internal length ok"}, - {NULL, 25, - "\x30\x18\xa0\x03\x02\x01\x01\xa1\x08\x30\x06\xbf\x7f\x03\x02\x01\x01" - "\x02\x01\x01\xa2\x03\x02\x01\x01", - "inner length one byte too long"}, - {NULL, 24, - "\x30\x17\xa0\x03\x02\x01\x01\xa1\x08\x30\x06\xbf\x7f\x03\x02\x01" - "\x01\x02\x01\x01\xa2\x03\x02\x01\x01", - "correct buffer but missing one too short"} - }; - int ntests = sizeof(tests) / sizeof(*tests); - - return generic_decode_fail(tests, ntests, sizeof(TESTSeq), - (generic_decode)decode_TESTSeq); -} - -static int -check_fail_choice(void) -{ - struct test_case tests[] = { - {NULL, 6, - "\xa1\x02\x02\x01\x01", - "one too short"}, - {NULL, 6, - "\xa1\x03\x02\x02\x01", - "one too short inner"} - }; - int ntests = sizeof(tests) / sizeof(*tests); - - return generic_decode_fail(tests, ntests, sizeof(TESTChoice1), - (generic_decode)decode_TESTChoice1); -} - -static int -check_seq(void) -{ - TESTSeqOf seq; - TESTInteger i; - int ret; - - seq.val = NULL; - seq.len = 0; - - ret = add_TESTSeqOf(&seq, &i); - if (ret) { printf("failed adding\n"); goto out; } - ret = add_TESTSeqOf(&seq, &i); - if (ret) { printf("failed adding\n"); goto out; } - ret = add_TESTSeqOf(&seq, &i); - if (ret) { printf("failed adding\n"); goto out; } - ret = add_TESTSeqOf(&seq, &i); - if (ret) { printf("failed adding\n"); goto out; } - - ret = remove_TESTSeqOf(&seq, seq.len - 1); - if (ret) { printf("failed removing\n"); goto out; } - ret = remove_TESTSeqOf(&seq, 2); - if (ret) { printf("failed removing\n"); goto out; } - ret = remove_TESTSeqOf(&seq, 0); - if (ret) { printf("failed removing\n"); goto out; } - ret = remove_TESTSeqOf(&seq, 0); - if (ret) { printf("failed removing\n"); goto out; } - ret = remove_TESTSeqOf(&seq, 0); - if (ret == 0) { - printf("can remove from empty list"); - return 1; - } - - if (seq.len != 0) { - printf("seq not empty!"); - return 1; - } - free_TESTSeqOf(&seq); - ret = 0; - -out: - - return ret; -} - -#define test_seq_of(type, ok, ptr) \ -{ \ - heim_octet_string os; \ - size_t size; \ - type decode; \ - ASN1_MALLOC_ENCODE(type, os.data, os.length, ptr, &size, ret); \ - if (ret) \ - return ret; \ - if (os.length != size) \ - abort(); \ - ret = decode_##type(os.data, os.length, &decode, &size); \ - free(os.data); \ - if (ret) { \ - if (ok) \ - return 1; \ - } else { \ - free_##type(&decode); \ - if (!ok) \ - return 1; \ - if (size != 0) \ - return 1; \ - } \ - return 0; \ -} - -static int -check_seq_of_size(void) -{ - TESTInteger integers[4] = { 1, 2, 3, 4 }; - int ret; - - { - TESTSeqSizeOf1 ssof1f1 = { 1, integers }; - TESTSeqSizeOf1 ssof1ok1 = { 2, integers }; - TESTSeqSizeOf1 ssof1f2 = { 3, integers }; - - test_seq_of(TESTSeqSizeOf1, 0, &ssof1f1); - test_seq_of(TESTSeqSizeOf1, 1, &ssof1ok1); - test_seq_of(TESTSeqSizeOf1, 0, &ssof1f2); - } - { - TESTSeqSizeOf2 ssof2f1 = { 0, NULL }; - TESTSeqSizeOf2 ssof2ok1 = { 1, integers }; - TESTSeqSizeOf2 ssof2ok2 = { 2, integers }; - TESTSeqSizeOf2 ssof2f2 = { 3, integers }; - - test_seq_of(TESTSeqSizeOf2, 0, &ssof2f1); - test_seq_of(TESTSeqSizeOf2, 1, &ssof2ok1); - test_seq_of(TESTSeqSizeOf2, 1, &ssof2ok2); - test_seq_of(TESTSeqSizeOf2, 0, &ssof2f2); - } - { - TESTSeqSizeOf3 ssof3f1 = { 0, NULL }; - TESTSeqSizeOf3 ssof3ok1 = { 1, integers }; - TESTSeqSizeOf3 ssof3ok2 = { 2, integers }; - - test_seq_of(TESTSeqSizeOf3, 0, &ssof3f1); - test_seq_of(TESTSeqSizeOf3, 1, &ssof3ok1); - test_seq_of(TESTSeqSizeOf3, 1, &ssof3ok2); - } - { - TESTSeqSizeOf4 ssof4ok1 = { 0, NULL }; - TESTSeqSizeOf4 ssof4ok2 = { 1, integers }; - TESTSeqSizeOf4 ssof4ok3 = { 2, integers }; - TESTSeqSizeOf4 ssof4f1 = { 3, integers }; - - test_seq_of(TESTSeqSizeOf4, 1, &ssof4ok1); - test_seq_of(TESTSeqSizeOf4, 1, &ssof4ok2); - test_seq_of(TESTSeqSizeOf4, 1, &ssof4ok3); - test_seq_of(TESTSeqSizeOf4, 0, &ssof4f1); - } - - return 0; -} - - - -int -main(int argc, char **argv) -{ - int ret = 0; - - ret += test_principal (); - ret += test_authenticator(); - ret += test_krb_error(); - ret += test_Name(); - ret += test_bit_string(); - - ret += check_tag_length(); - ret += test_large_tag(); - ret += test_choice(); - - ret += test_implicit(); - ret += test_taglessalloc(); - - ret += check_fail_largetag(); - ret += check_fail_sequence(); - ret += check_fail_choice(); - - ret += check_seq(); - ret += check_seq_of_size(); - - return ret; -} diff --git a/crypto/heimdal/lib/asn1/check-timegm.c b/crypto/heimdal/lib/asn1/check-timegm.c deleted file mode 100644 index 7d33455a3c56..000000000000 --- a/crypto/heimdal/lib/asn1/check-timegm.c +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: check-timegm.c 18610 2006-10-19 16:33:24Z lha $"); - -static int -test_timegm(void) -{ - int ret = 0; - struct tm tm; - time_t t; - - memset(&tm, 0, sizeof(tm)); - tm.tm_year = 106; - tm.tm_mon = 9; - tm.tm_mday = 1; - tm.tm_hour = 10; - tm.tm_min = 3; - - t = _der_timegm(&tm); - if (t != 1159696980) - ret += 1; - - tm.tm_mday = 0; - t = _der_timegm(&tm); - if (t != -1) - ret += 1; - - return ret; -} - -int -main(int argc, char **argv) -{ - int ret = 0; - - ret += test_timegm(); - - return ret; -} diff --git a/crypto/heimdal/lib/asn1/der-protos.h b/crypto/heimdal/lib/asn1/der-protos.h deleted file mode 100644 index 7bfe02ebb449..000000000000 --- a/crypto/heimdal/lib/asn1/der-protos.h +++ /dev/null @@ -1,567 +0,0 @@ -/* This is a generated file */ -#ifndef __der_protos_h__ -#define __der_protos_h__ - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -int -copy_heim_any ( - const heim_any */*from*/, - heim_any */*to*/); - -int -copy_heim_any_set ( - const heim_any_set */*from*/, - heim_any_set */*to*/); - -int -decode_heim_any ( - const unsigned char */*p*/, - size_t /*len*/, - heim_any */*data*/, - size_t */*size*/); - -int -decode_heim_any_set ( - const unsigned char */*p*/, - size_t /*len*/, - heim_any_set */*data*/, - size_t */*size*/); - -int -der_copy_bit_string ( - const heim_bit_string */*from*/, - heim_bit_string */*to*/); - -int -der_copy_bmp_string ( - const heim_bmp_string */*from*/, - heim_bmp_string */*to*/); - -int -der_copy_general_string ( - const heim_general_string */*from*/, - heim_general_string */*to*/); - -int -der_copy_heim_integer ( - const heim_integer */*from*/, - heim_integer */*to*/); - -int -der_copy_ia5_string ( - const heim_printable_string */*from*/, - heim_printable_string */*to*/); - -int -der_copy_octet_string ( - const heim_octet_string */*from*/, - heim_octet_string */*to*/); - -int -der_copy_oid ( - const heim_oid */*from*/, - heim_oid */*to*/); - -int -der_copy_printable_string ( - const heim_printable_string */*from*/, - heim_printable_string */*to*/); - -int -der_copy_universal_string ( - const heim_universal_string */*from*/, - heim_universal_string */*to*/); - -int -der_copy_utf8string ( - const heim_utf8_string */*from*/, - heim_utf8_string */*to*/); - -int -der_copy_visible_string ( - const heim_visible_string */*from*/, - heim_visible_string */*to*/); - -void -der_free_bit_string (heim_bit_string */*k*/); - -void -der_free_bmp_string (heim_bmp_string */*k*/); - -void -der_free_general_string (heim_general_string */*str*/); - -void -der_free_heim_integer (heim_integer */*k*/); - -void -der_free_ia5_string (heim_ia5_string */*str*/); - -void -der_free_octet_string (heim_octet_string */*k*/); - -void -der_free_oid (heim_oid */*k*/); - -void -der_free_printable_string (heim_printable_string */*str*/); - -void -der_free_universal_string (heim_universal_string */*k*/); - -void -der_free_utf8string (heim_utf8_string */*str*/); - -void -der_free_visible_string (heim_visible_string */*str*/); - -int -der_get_bit_string ( - const unsigned char */*p*/, - size_t /*len*/, - heim_bit_string */*data*/, - size_t */*size*/); - -int -der_get_bmp_string ( - const unsigned char */*p*/, - size_t /*len*/, - heim_bmp_string */*data*/, - size_t */*size*/); - -int -der_get_boolean ( - const unsigned char */*p*/, - size_t /*len*/, - int */*data*/, - size_t */*size*/); - -const char * -der_get_class_name (unsigned /*num*/); - -int -der_get_class_num (const char */*name*/); - -int -der_get_general_string ( - const unsigned char */*p*/, - size_t /*len*/, - heim_general_string */*str*/, - size_t */*size*/); - -int -der_get_generalized_time ( - const unsigned char */*p*/, - size_t /*len*/, - time_t */*data*/, - size_t */*size*/); - -int -der_get_heim_integer ( - const unsigned char */*p*/, - size_t /*len*/, - heim_integer */*data*/, - size_t */*size*/); - -int -der_get_ia5_string ( - const unsigned char */*p*/, - size_t /*len*/, - heim_ia5_string */*str*/, - size_t */*size*/); - -int -der_get_integer ( - const unsigned char */*p*/, - size_t /*len*/, - int */*ret*/, - size_t */*size*/); - -int -der_get_length ( - const unsigned char */*p*/, - size_t /*len*/, - size_t */*val*/, - size_t */*size*/); - -int -der_get_octet_string ( - const unsigned char */*p*/, - size_t /*len*/, - heim_octet_string */*data*/, - size_t */*size*/); - -int -der_get_oid ( - const unsigned char */*p*/, - size_t /*len*/, - heim_oid */*data*/, - size_t */*size*/); - -int -der_get_printable_string ( - const unsigned char */*p*/, - size_t /*len*/, - heim_printable_string */*str*/, - size_t */*size*/); - -int -der_get_tag ( - const unsigned char */*p*/, - size_t /*len*/, - Der_class */*class*/, - Der_type */*type*/, - unsigned int */*tag*/, - size_t */*size*/); - -const char * -der_get_tag_name (unsigned /*num*/); - -int -der_get_tag_num (const char */*name*/); - -const char * -der_get_type_name (unsigned /*num*/); - -int -der_get_type_num (const char */*name*/); - -int -der_get_universal_string ( - const unsigned char */*p*/, - size_t /*len*/, - heim_universal_string */*data*/, - size_t */*size*/); - -int -der_get_unsigned ( - const unsigned char */*p*/, - size_t /*len*/, - unsigned */*ret*/, - size_t */*size*/); - -int -der_get_utctime ( - const unsigned char */*p*/, - size_t /*len*/, - time_t */*data*/, - size_t */*size*/); - -int -der_get_utf8string ( - const unsigned char */*p*/, - size_t /*len*/, - heim_utf8_string */*str*/, - size_t */*size*/); - -int -der_get_visible_string ( - const unsigned char */*p*/, - size_t /*len*/, - heim_visible_string */*str*/, - size_t */*size*/); - -int -der_heim_bit_string_cmp ( - const heim_bit_string */*p*/, - const heim_bit_string */*q*/); - -int -der_heim_bmp_string_cmp ( - const heim_bmp_string */*p*/, - const heim_bmp_string */*q*/); - -int -der_heim_integer_cmp ( - const heim_integer */*p*/, - const heim_integer */*q*/); - -int -der_heim_octet_string_cmp ( - const heim_octet_string */*p*/, - const heim_octet_string */*q*/); - -int -der_heim_oid_cmp ( - const heim_oid */*p*/, - const heim_oid */*q*/); - -int -der_heim_universal_string_cmp ( - const heim_universal_string */*p*/, - const heim_universal_string */*q*/); - -size_t -der_length_bit_string (const heim_bit_string */*k*/); - -size_t -der_length_bmp_string (const heim_bmp_string */*data*/); - -size_t -der_length_boolean (const int */*k*/); - -size_t -der_length_enumerated (const unsigned */*data*/); - -size_t -der_length_general_string (const heim_general_string */*data*/); - -size_t -der_length_generalized_time (const time_t */*t*/); - -size_t -der_length_heim_integer (const heim_integer */*k*/); - -size_t -der_length_ia5_string (const heim_ia5_string */*data*/); - -size_t -der_length_integer (const int */*data*/); - -size_t -der_length_len (size_t /*len*/); - -size_t -der_length_octet_string (const heim_octet_string */*k*/); - -size_t -der_length_oid (const heim_oid */*k*/); - -size_t -der_length_printable_string (const heim_printable_string */*data*/); - -size_t -der_length_universal_string (const heim_universal_string */*data*/); - -size_t -der_length_unsigned (const unsigned */*data*/); - -size_t -der_length_utctime (const time_t */*t*/); - -size_t -der_length_utf8string (const heim_utf8_string */*data*/); - -size_t -der_length_visible_string (const heim_visible_string */*data*/); - -int -der_match_tag ( - const unsigned char */*p*/, - size_t /*len*/, - Der_class /*class*/, - Der_type /*type*/, - unsigned int /*tag*/, - size_t */*size*/); - -int -der_match_tag_and_length ( - const unsigned char */*p*/, - size_t /*len*/, - Der_class /*class*/, - Der_type /*type*/, - unsigned int /*tag*/, - size_t */*length_ret*/, - size_t */*size*/); - -int -der_parse_heim_oid ( - const char */*str*/, - const char */*sep*/, - heim_oid */*data*/); - -int -der_parse_hex_heim_integer ( - const char */*p*/, - heim_integer */*data*/); - -int -der_print_heim_oid ( - const heim_oid */*oid*/, - char /*delim*/, - char **/*str*/); - -int -der_print_hex_heim_integer ( - const heim_integer */*data*/, - char **/*p*/); - -int -der_put_bit_string ( - unsigned char */*p*/, - size_t /*len*/, - const heim_bit_string */*data*/, - size_t */*size*/); - -int -der_put_bmp_string ( - unsigned char */*p*/, - size_t /*len*/, - const heim_bmp_string */*data*/, - size_t */*size*/); - -int -der_put_boolean ( - unsigned char */*p*/, - size_t /*len*/, - const int */*data*/, - size_t */*size*/); - -int -der_put_general_string ( - unsigned char */*p*/, - size_t /*len*/, - const heim_general_string */*str*/, - size_t */*size*/); - -int -der_put_generalized_time ( - unsigned char */*p*/, - size_t /*len*/, - const time_t */*data*/, - size_t */*size*/); - -int -der_put_heim_integer ( - unsigned char */*p*/, - size_t /*len*/, - const heim_integer */*data*/, - size_t */*size*/); - -int -der_put_ia5_string ( - unsigned char */*p*/, - size_t /*len*/, - const heim_ia5_string */*str*/, - size_t */*size*/); - -int -der_put_integer ( - unsigned char */*p*/, - size_t /*len*/, - const int */*v*/, - size_t */*size*/); - -int -der_put_length ( - unsigned char */*p*/, - size_t /*len*/, - size_t /*val*/, - size_t */*size*/); - -int -der_put_length_and_tag ( - unsigned char */*p*/, - size_t /*len*/, - size_t /*len_val*/, - Der_class /*class*/, - Der_type /*type*/, - unsigned int /*tag*/, - size_t */*size*/); - -int -der_put_octet_string ( - unsigned char */*p*/, - size_t /*len*/, - const heim_octet_string */*data*/, - size_t */*size*/); - -int -der_put_oid ( - unsigned char */*p*/, - size_t /*len*/, - const heim_oid */*data*/, - size_t */*size*/); - -int -der_put_printable_string ( - unsigned char */*p*/, - size_t /*len*/, - const heim_printable_string */*str*/, - size_t */*size*/); - -int -der_put_tag ( - unsigned char */*p*/, - size_t /*len*/, - Der_class /*class*/, - Der_type /*type*/, - unsigned int /*tag*/, - size_t */*size*/); - -int -der_put_universal_string ( - unsigned char */*p*/, - size_t /*len*/, - const heim_universal_string */*data*/, - size_t */*size*/); - -int -der_put_unsigned ( - unsigned char */*p*/, - size_t /*len*/, - const unsigned */*v*/, - size_t */*size*/); - -int -der_put_utctime ( - unsigned char */*p*/, - size_t /*len*/, - const time_t */*data*/, - size_t */*size*/); - -int -der_put_utf8string ( - unsigned char */*p*/, - size_t /*len*/, - const heim_utf8_string */*str*/, - size_t */*size*/); - -int -der_put_visible_string ( - unsigned char */*p*/, - size_t /*len*/, - const heim_visible_string */*str*/, - size_t */*size*/); - -int -encode_heim_any ( - unsigned char */*p*/, - size_t /*len*/, - const heim_any */*data*/, - size_t */*size*/); - -int -encode_heim_any_set ( - unsigned char */*p*/, - size_t /*len*/, - const heim_any_set */*data*/, - size_t */*size*/); - -void -free_heim_any (heim_any */*data*/); - -void -free_heim_any_set (heim_any_set */*data*/); - -int -heim_any_cmp ( - const heim_any_set */*p*/, - const heim_any_set */*q*/); - -size_t -length_heim_any (const heim_any */*data*/); - -size_t -length_heim_any_set (const heim_any */*data*/); - -#ifdef __cplusplus -} -#endif - -#endif /* __der_protos_h__ */ diff --git a/crypto/heimdal/lib/asn1/der.c b/crypto/heimdal/lib/asn1/der.c deleted file mode 100644 index 120dc086afc9..000000000000 --- a/crypto/heimdal/lib/asn1/der.c +++ /dev/null @@ -1,142 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "der_locl.h" -#include -#include -#include -#include -#include - -RCSID("$Id: der.c 22429 2008-01-13 10:25:50Z lha $"); - - -static const char *class_names[] = { - "UNIV", /* 0 */ - "APPL", /* 1 */ - "CONTEXT", /* 2 */ - "PRIVATE" /* 3 */ -}; - -static const char *type_names[] = { - "PRIM", /* 0 */ - "CONS" /* 1 */ -}; - -static const char *tag_names[] = { - "EndOfContent", /* 0 */ - "Boolean", /* 1 */ - "Integer", /* 2 */ - "BitString", /* 3 */ - "OctetString", /* 4 */ - "Null", /* 5 */ - "ObjectID", /* 6 */ - NULL, /* 7 */ - NULL, /* 8 */ - NULL, /* 9 */ - "Enumerated", /* 10 */ - NULL, /* 11 */ - NULL, /* 12 */ - NULL, /* 13 */ - NULL, /* 14 */ - NULL, /* 15 */ - "Sequence", /* 16 */ - "Set", /* 17 */ - NULL, /* 18 */ - "PrintableString", /* 19 */ - NULL, /* 20 */ - NULL, /* 21 */ - "IA5String", /* 22 */ - "UTCTime", /* 23 */ - "GeneralizedTime", /* 24 */ - NULL, /* 25 */ - "VisibleString", /* 26 */ - "GeneralString", /* 27 */ - NULL, /* 28 */ - NULL, /* 29 */ - "BMPString" /* 30 */ -}; - -static int -get_type(const char *name, const char *list[], unsigned len) -{ - unsigned i; - for (i = 0; i < len; i++) - if (list[i] && strcasecmp(list[i], name) == 0) - return i; - return -1; -} - -#define SIZEOF_ARRAY(a) (sizeof((a))/sizeof((a)[0])) - -const char * -der_get_class_name(unsigned num) -{ - if (num >= SIZEOF_ARRAY(class_names)) - return NULL; - return class_names[num]; -} - -int -der_get_class_num(const char *name) -{ - return get_type(name, class_names, SIZEOF_ARRAY(class_names)); -} - -const char * -der_get_type_name(unsigned num) -{ - if (num >= SIZEOF_ARRAY(type_names)) - return NULL; - return type_names[num]; -} - -int -der_get_type_num(const char *name) -{ - return get_type(name, type_names, SIZEOF_ARRAY(type_names)); -} - -const char * -der_get_tag_name(unsigned num) -{ - if (num >= SIZEOF_ARRAY(tag_names)) - return NULL; - return tag_names[num]; -} - -int -der_get_tag_num(const char *name) -{ - return get_type(name, tag_names, SIZEOF_ARRAY(tag_names)); -} diff --git a/crypto/heimdal/lib/asn1/der.h b/crypto/heimdal/lib/asn1/der.h deleted file mode 100644 index 13e39320d4ec..000000000000 --- a/crypto/heimdal/lib/asn1/der.h +++ /dev/null @@ -1,103 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: der.h 18437 2006-10-14 05:16:08Z lha $ */ - -#ifndef __DER_H__ -#define __DER_H__ - -typedef enum { - ASN1_C_UNIV = 0, - ASN1_C_APPL = 1, - ASN1_C_CONTEXT = 2, - ASN1_C_PRIVATE = 3 -} Der_class; - -typedef enum {PRIM = 0, CONS = 1} Der_type; - -#define MAKE_TAG(CLASS, TYPE, TAG) (((CLASS) << 6) | ((TYPE) << 5) | (TAG)) - -/* Universal tags */ - -enum { - UT_EndOfContent = 0, - UT_Boolean = 1, - UT_Integer = 2, - UT_BitString = 3, - UT_OctetString = 4, - UT_Null = 5, - UT_OID = 6, - UT_Enumerated = 10, - UT_UTF8String = 12, - UT_Sequence = 16, - UT_Set = 17, - UT_PrintableString = 19, - UT_IA5String = 22, - UT_UTCTime = 23, - UT_GeneralizedTime = 24, - UT_UniversalString = 25, - UT_VisibleString = 26, - UT_GeneralString = 27, - UT_BMPString = 30, - /* unsupported types */ - UT_ObjectDescriptor = 7, - UT_External = 8, - UT_Real = 9, - UT_EmbeddedPDV = 11, - UT_RelativeOID = 13, - UT_NumericString = 18, - UT_TeletexString = 20, - UT_VideotexString = 21, - UT_GraphicString = 25 -}; - -#define ASN1_INDEFINITE 0xdce0deed - -typedef struct heim_der_time_t { - time_t dt_sec; - unsigned long dt_nsec; -} heim_der_time_t; - -typedef struct heim_ber_time_t { - time_t bt_sec; - unsigned bt_nsec; - int bt_zone; -} heim_ber_time_t; - -#include - -int _heim_fix_dce(size_t reallen, size_t *len); -int _heim_der_set_sort(const void *, const void *); -int _heim_time2generalizedtime (time_t, heim_octet_string *, int); - -#endif /* __DER_H__ */ diff --git a/crypto/heimdal/lib/asn1/der_cmp.c b/crypto/heimdal/lib/asn1/der_cmp.c deleted file mode 100644 index f27f03c02bd3..000000000000 --- a/crypto/heimdal/lib/asn1/der_cmp.c +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright (c) 2003-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "der_locl.h" - -int -der_heim_oid_cmp(const heim_oid *p, const heim_oid *q) -{ - if (p->length != q->length) - return p->length - q->length; - return memcmp(p->components, - q->components, - p->length * sizeof(*p->components)); -} - -int -der_heim_octet_string_cmp(const heim_octet_string *p, - const heim_octet_string *q) -{ - if (p->length != q->length) - return p->length - q->length; - return memcmp(p->data, q->data, p->length); -} - -int -der_heim_bit_string_cmp(const heim_bit_string *p, - const heim_bit_string *q) -{ - int i, r1, r2; - if (p->length != q->length) - return p->length - q->length; - i = memcmp(p->data, q->data, p->length / 8); - if (i) - return i; - if ((p->length % 8) == 0) - return 0; - i = (p->length / 8); - r1 = ((unsigned char *)p->data)[i]; - r2 = ((unsigned char *)q->data)[i]; - i = 8 - (p->length % 8); - r1 = r1 >> i; - r2 = r2 >> i; - return r1 - r2; -} - -int -der_heim_integer_cmp(const heim_integer *p, - const heim_integer *q) -{ - if (p->negative != q->negative) - return q->negative - p->negative; - if (p->length != q->length) - return p->length - q->length; - return memcmp(p->data, q->data, p->length); -} - -int -der_heim_bmp_string_cmp(const heim_bmp_string *p, const heim_bmp_string *q) -{ - if (p->length != q->length) - return p->length - q->length; - return memcmp(p->data, q->data, q->length * sizeof(q->data[0])); -} - -int -der_heim_universal_string_cmp(const heim_universal_string *p, - const heim_universal_string *q) -{ - if (p->length != q->length) - return p->length - q->length; - return memcmp(p->data, q->data, q->length * sizeof(q->data[0])); -} diff --git a/crypto/heimdal/lib/asn1/der_copy.c b/crypto/heimdal/lib/asn1/der_copy.c deleted file mode 100644 index 04c4531ca578..000000000000 --- a/crypto/heimdal/lib/asn1/der_copy.c +++ /dev/null @@ -1,145 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "der_locl.h" - -RCSID("$Id: der_copy.c 19539 2006-12-28 17:15:05Z lha $"); - -int -der_copy_general_string (const heim_general_string *from, - heim_general_string *to) -{ - *to = strdup(*from); - if(*to == NULL) - return ENOMEM; - return 0; -} - -int -der_copy_utf8string (const heim_utf8_string *from, heim_utf8_string *to) -{ - return der_copy_general_string(from, to); -} - -int -der_copy_printable_string (const heim_printable_string *from, - heim_printable_string *to) -{ - return der_copy_general_string(from, to); -} - -int -der_copy_ia5_string (const heim_printable_string *from, - heim_printable_string *to) -{ - return der_copy_general_string(from, to); -} - -int -der_copy_bmp_string (const heim_bmp_string *from, heim_bmp_string *to) -{ - to->length = from->length; - to->data = malloc(to->length * sizeof(to->data[0])); - if(to->length != 0 && to->data == NULL) - return ENOMEM; - memcpy(to->data, from->data, to->length * sizeof(to->data[0])); - return 0; -} - -int -der_copy_universal_string (const heim_universal_string *from, - heim_universal_string *to) -{ - to->length = from->length; - to->data = malloc(to->length * sizeof(to->data[0])); - if(to->length != 0 && to->data == NULL) - return ENOMEM; - memcpy(to->data, from->data, to->length * sizeof(to->data[0])); - return 0; -} - -int -der_copy_visible_string (const heim_visible_string *from, - heim_visible_string *to) -{ - return der_copy_general_string(from, to); -} - -int -der_copy_octet_string (const heim_octet_string *from, heim_octet_string *to) -{ - to->length = from->length; - to->data = malloc(to->length); - if(to->length != 0 && to->data == NULL) - return ENOMEM; - memcpy(to->data, from->data, to->length); - return 0; -} - -int -der_copy_heim_integer (const heim_integer *from, heim_integer *to) -{ - to->length = from->length; - to->data = malloc(to->length); - if(to->length != 0 && to->data == NULL) - return ENOMEM; - memcpy(to->data, from->data, to->length); - to->negative = from->negative; - return 0; -} - -int -der_copy_oid (const heim_oid *from, heim_oid *to) -{ - to->length = from->length; - to->components = malloc(to->length * sizeof(*to->components)); - if (to->length != 0 && to->components == NULL) - return ENOMEM; - memcpy(to->components, from->components, - to->length * sizeof(*to->components)); - return 0; -} - -int -der_copy_bit_string (const heim_bit_string *from, heim_bit_string *to) -{ - size_t len; - - len = (from->length + 7) / 8; - to->length = from->length; - to->data = malloc(len); - if(len != 0 && to->data == NULL) - return ENOMEM; - memcpy(to->data, from->data, len); - return 0; -} diff --git a/crypto/heimdal/lib/asn1/der_format.c b/crypto/heimdal/lib/asn1/der_format.c deleted file mode 100644 index 6908bddcc26e..000000000000 --- a/crypto/heimdal/lib/asn1/der_format.c +++ /dev/null @@ -1,170 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "der_locl.h" -#include - -RCSID("$Id: der_format.c 20861 2007-06-03 20:18:29Z lha $"); - -int -der_parse_hex_heim_integer (const char *p, heim_integer *data) -{ - ssize_t len; - - data->length = 0; - data->negative = 0; - data->data = NULL; - - if (*p == '-') { - p++; - data->negative = 1; - } - - len = strlen(p); - if (len <= 0) { - data->data = NULL; - data->length = 0; - return EINVAL; - } - - data->length = (len / 2) + 1; - data->data = malloc(data->length); - if (data->data == NULL) { - data->length = 0; - return ENOMEM; - } - - len = hex_decode(p, data->data, data->length); - if (len < 0) { - free(data->data); - data->data = NULL; - data->length = 0; - return EINVAL; - } - - { - unsigned char *q = data->data; - while(len > 0 && *q == 0) { - q++; - len--; - } - data->length = len; - memmove(data->data, q, len); - } - return 0; -} - -int -der_print_hex_heim_integer (const heim_integer *data, char **p) -{ - ssize_t len; - char *q; - - len = hex_encode(data->data, data->length, p); - if (len < 0) - return ENOMEM; - - if (data->negative) { - len = asprintf(&q, "-%s", *p); - free(*p); - if (len < 0) - return ENOMEM; - *p = q; - } - return 0; -} - -int -der_print_heim_oid (const heim_oid *oid, char delim, char **str) -{ - struct rk_strpool *p = NULL; - int i; - - if (oid->length == 0) - return EINVAL; - - for (i = 0; i < oid->length ; i++) { - p = rk_strpoolprintf(p, "%d", oid->components[i]); - if (p && i < oid->length - 1) - p = rk_strpoolprintf(p, "%c", delim); - if (p == NULL) { - *str = NULL; - return ENOMEM; - } - } - - *str = rk_strpoolcollect(p); - if (*str == NULL) - return ENOMEM; - return 0; -} - -int -der_parse_heim_oid (const char *str, const char *sep, heim_oid *data) -{ - char *s, *w, *brkt, *endptr; - unsigned int *c; - long l; - - data->length = 0; - data->components = NULL; - - if (sep == NULL) - sep = "."; - - s = strdup(str); - - for (w = strtok_r(s, sep, &brkt); - w != NULL; - w = strtok_r(NULL, sep, &brkt)) { - - c = realloc(data->components, - (data->length + 1) * sizeof(data->components[0])); - if (c == NULL) { - der_free_oid(data); - free(s); - return ENOMEM; - } - data->components = c; - - l = strtol(w, &endptr, 10); - if (*endptr != '\0' || l < 0 || l > INT_MAX) { - der_free_oid(data); - free(s); - return EINVAL; - } - data->components[data->length++] = l; - } - free(s); - return 0; -} diff --git a/crypto/heimdal/lib/asn1/der_free.c b/crypto/heimdal/lib/asn1/der_free.c deleted file mode 100644 index 851cb1d40775..000000000000 --- a/crypto/heimdal/lib/asn1/der_free.c +++ /dev/null @@ -1,119 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "der_locl.h" - -RCSID("$Id: der_free.c 19539 2006-12-28 17:15:05Z lha $"); - -void -der_free_general_string (heim_general_string *str) -{ - free(*str); - *str = NULL; -} - -void -der_free_utf8string (heim_utf8_string *str) -{ - free(*str); - *str = NULL; -} - -void -der_free_printable_string (heim_printable_string *str) -{ - free(*str); - *str = NULL; -} - -void -der_free_ia5_string (heim_ia5_string *str) -{ - free(*str); - *str = NULL; -} - -void -der_free_bmp_string (heim_bmp_string *k) -{ - free(k->data); - k->data = NULL; - k->length = 0; -} - -void -der_free_universal_string (heim_universal_string *k) -{ - free(k->data); - k->data = NULL; - k->length = 0; -} - -void -der_free_visible_string (heim_visible_string *str) -{ - free(*str); - *str = NULL; -} - -void -der_free_octet_string (heim_octet_string *k) -{ - free(k->data); - k->data = NULL; - k->length = 0; -} - -void -der_free_heim_integer (heim_integer *k) -{ - free(k->data); - k->data = NULL; - k->length = 0; -} - -void -der_free_oid (heim_oid *k) -{ - free(k->components); - k->components = NULL; - k->length = 0; -} - -void -der_free_bit_string (heim_bit_string *k) -{ - free(k->data); - k->data = NULL; - k->length = 0; -} diff --git a/crypto/heimdal/lib/asn1/der_get.c b/crypto/heimdal/lib/asn1/der_get.c deleted file mode 100644 index f232ce9a296d..000000000000 --- a/crypto/heimdal/lib/asn1/der_get.c +++ /dev/null @@ -1,546 +0,0 @@ -/* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "der_locl.h" - -RCSID("$Id: der_get.c 21369 2007-06-27 10:14:39Z lha $"); - -#include - -/* - * All decoding functions take a pointer `p' to first position in - * which to read, from the left, `len' which means the maximum number - * of characters we are able to read, `ret' were the value will be - * returned and `size' where the number of used bytes is stored. - * Either 0 or an error code is returned. - */ - -int -der_get_unsigned (const unsigned char *p, size_t len, - unsigned *ret, size_t *size) -{ - unsigned val = 0; - size_t oldlen = len; - - if (len == sizeof(unsigned) + 1 && p[0] == 0) - ; - else if (len > sizeof(unsigned)) - return ASN1_OVERRUN; - - while (len--) - val = val * 256 + *p++; - *ret = val; - if(size) *size = oldlen; - return 0; -} - -int -der_get_integer (const unsigned char *p, size_t len, - int *ret, size_t *size) -{ - int val = 0; - size_t oldlen = len; - - if (len > sizeof(int)) - return ASN1_OVERRUN; - - if (len > 0) { - val = (signed char)*p++; - while (--len) - val = val * 256 + *p++; - } - *ret = val; - if(size) *size = oldlen; - return 0; -} - -int -der_get_length (const unsigned char *p, size_t len, - size_t *val, size_t *size) -{ - size_t v; - - if (len <= 0) - return ASN1_OVERRUN; - --len; - v = *p++; - if (v < 128) { - *val = v; - if(size) *size = 1; - } else { - int e; - size_t l; - unsigned tmp; - - if(v == 0x80){ - *val = ASN1_INDEFINITE; - if(size) *size = 1; - return 0; - } - v &= 0x7F; - if (len < v) - return ASN1_OVERRUN; - e = der_get_unsigned (p, v, &tmp, &l); - if(e) return e; - *val = tmp; - if(size) *size = l + 1; - } - return 0; -} - -int -der_get_boolean(const unsigned char *p, size_t len, int *data, size_t *size) -{ - if(len < 1) - return ASN1_OVERRUN; - if(*p != 0) - *data = 1; - else - *data = 0; - *size = 1; - return 0; -} - -int -der_get_general_string (const unsigned char *p, size_t len, - heim_general_string *str, size_t *size) -{ - const unsigned char *p1; - char *s; - - p1 = memchr(p, 0, len); - if (p1 != NULL) { - /* - * Allow trailing NULs. We allow this since MIT Kerberos sends - * an strings in the NEED_PREAUTH case that includes a - * trailing NUL. - */ - while (p1 - p < len && *p1 == '\0') - p1++; - if (p1 - p != len) - return ASN1_BAD_CHARACTER; - } - if (len > len + 1) - return ASN1_BAD_LENGTH; - - s = malloc (len + 1); - if (s == NULL) - return ENOMEM; - memcpy (s, p, len); - s[len] = '\0'; - *str = s; - if(size) *size = len; - return 0; -} - -int -der_get_utf8string (const unsigned char *p, size_t len, - heim_utf8_string *str, size_t *size) -{ - return der_get_general_string(p, len, str, size); -} - -int -der_get_printable_string (const unsigned char *p, size_t len, - heim_printable_string *str, size_t *size) -{ - return der_get_general_string(p, len, str, size); -} - -int -der_get_ia5_string (const unsigned char *p, size_t len, - heim_ia5_string *str, size_t *size) -{ - return der_get_general_string(p, len, str, size); -} - -int -der_get_bmp_string (const unsigned char *p, size_t len, - heim_bmp_string *data, size_t *size) -{ - size_t i; - - if (len & 1) - return ASN1_BAD_FORMAT; - data->length = len / 2; - if (data->length > UINT_MAX/sizeof(data->data[0])) - return ERANGE; - data->data = malloc(data->length * sizeof(data->data[0])); - if (data->data == NULL && data->length != 0) - return ENOMEM; - - for (i = 0; i < data->length; i++) { - data->data[i] = (p[0] << 8) | p[1]; - p += 2; - } - if (size) *size = len; - - return 0; -} - -int -der_get_universal_string (const unsigned char *p, size_t len, - heim_universal_string *data, size_t *size) -{ - size_t i; - - if (len & 3) - return ASN1_BAD_FORMAT; - data->length = len / 4; - if (data->length > UINT_MAX/sizeof(data->data[0])) - return ERANGE; - data->data = malloc(data->length * sizeof(data->data[0])); - if (data->data == NULL && data->length != 0) - return ENOMEM; - - for (i = 0; i < data->length; i++) { - data->data[i] = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; - p += 4; - } - if (size) *size = len; - return 0; -} - -int -der_get_visible_string (const unsigned char *p, size_t len, - heim_visible_string *str, size_t *size) -{ - return der_get_general_string(p, len, str, size); -} - -int -der_get_octet_string (const unsigned char *p, size_t len, - heim_octet_string *data, size_t *size) -{ - data->length = len; - data->data = malloc(len); - if (data->data == NULL && data->length != 0) - return ENOMEM; - memcpy (data->data, p, len); - if(size) *size = len; - return 0; -} - -int -der_get_heim_integer (const unsigned char *p, size_t len, - heim_integer *data, size_t *size) -{ - data->length = 0; - data->negative = 0; - data->data = NULL; - - if (len == 0) { - if (size) - *size = 0; - return 0; - } - if (p[0] & 0x80) { - unsigned char *q; - int carry = 1; - data->negative = 1; - - data->length = len; - - if (p[0] == 0xff) { - p++; - data->length--; - } - data->data = malloc(data->length); - if (data->data == NULL) { - data->length = 0; - if (size) - *size = 0; - return ENOMEM; - } - q = &((unsigned char*)data->data)[data->length - 1]; - p += data->length - 1; - while (q >= (unsigned char*)data->data) { - *q = *p ^ 0xff; - if (carry) - carry = !++*q; - p--; - q--; - } - } else { - data->negative = 0; - data->length = len; - - if (p[0] == 0) { - p++; - data->length--; - } - data->data = malloc(data->length); - if (data->data == NULL && data->length != 0) { - data->length = 0; - if (size) - *size = 0; - return ENOMEM; - } - memcpy(data->data, p, data->length); - } - if (size) - *size = len; - return 0; -} - -static int -generalizedtime2time (const char *s, time_t *t) -{ - struct tm tm; - - memset(&tm, 0, sizeof(tm)); - if (sscanf (s, "%04d%02d%02d%02d%02d%02dZ", - &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour, - &tm.tm_min, &tm.tm_sec) != 6) { - if (sscanf (s, "%02d%02d%02d%02d%02d%02dZ", - &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour, - &tm.tm_min, &tm.tm_sec) != 6) - return ASN1_BAD_TIMEFORMAT; - if (tm.tm_year < 50) - tm.tm_year += 2000; - else - tm.tm_year += 1900; - } - tm.tm_year -= 1900; - tm.tm_mon -= 1; - *t = _der_timegm (&tm); - return 0; -} - -static int -der_get_time (const unsigned char *p, size_t len, - time_t *data, size_t *size) -{ - char *times; - int e; - - if (len > len + 1 || len == 0) - return ASN1_BAD_LENGTH; - - times = malloc(len + 1); - if (times == NULL) - return ENOMEM; - memcpy(times, p, len); - times[len] = '\0'; - e = generalizedtime2time(times, data); - free (times); - if(size) *size = len; - return e; -} - -int -der_get_generalized_time (const unsigned char *p, size_t len, - time_t *data, size_t *size) -{ - return der_get_time(p, len, data, size); -} - -int -der_get_utctime (const unsigned char *p, size_t len, - time_t *data, size_t *size) -{ - return der_get_time(p, len, data, size); -} - -int -der_get_oid (const unsigned char *p, size_t len, - heim_oid *data, size_t *size) -{ - size_t n; - size_t oldlen = len; - - if (len < 1) - return ASN1_OVERRUN; - - if (len > len + 1) - return ASN1_BAD_LENGTH; - - if (len + 1 > UINT_MAX/sizeof(data->components[0])) - return ERANGE; - - data->components = malloc((len + 1) * sizeof(data->components[0])); - if (data->components == NULL) - return ENOMEM; - data->components[0] = (*p) / 40; - data->components[1] = (*p) % 40; - --len; - ++p; - for (n = 2; len > 0; ++n) { - unsigned u = 0, u1; - - do { - --len; - u1 = u * 128 + (*p++ % 128); - /* check that we don't overflow the element */ - if (u1 < u) { - der_free_oid(data); - return ASN1_OVERRUN; - } - u = u1; - } while (len > 0 && p[-1] & 0x80); - data->components[n] = u; - } - if (n > 2 && p[-1] & 0x80) { - der_free_oid (data); - return ASN1_OVERRUN; - } - data->length = n; - if (size) - *size = oldlen; - return 0; -} - -int -der_get_tag (const unsigned char *p, size_t len, - Der_class *class, Der_type *type, - unsigned int *tag, size_t *size) -{ - size_t ret = 0; - if (len < 1) - return ASN1_OVERRUN; - *class = (Der_class)(((*p) >> 6) & 0x03); - *type = (Der_type)(((*p) >> 5) & 0x01); - *tag = (*p) & 0x1f; - p++; len--; ret++; - if(*tag == 0x1f) { - unsigned int continuation; - unsigned int tag1; - *tag = 0; - do { - if(len < 1) - return ASN1_OVERRUN; - continuation = *p & 128; - tag1 = *tag * 128 + (*p % 128); - /* check that we don't overflow the tag */ - if (tag1 < *tag) - return ASN1_OVERFLOW; - *tag = tag1; - p++; len--; ret++; - } while(continuation); - } - if(size) *size = ret; - return 0; -} - -int -der_match_tag (const unsigned char *p, size_t len, - Der_class class, Der_type type, - unsigned int tag, size_t *size) -{ - size_t l; - Der_class thisclass; - Der_type thistype; - unsigned int thistag; - int e; - - e = der_get_tag (p, len, &thisclass, &thistype, &thistag, &l); - if (e) return e; - if (class != thisclass || type != thistype) - return ASN1_BAD_ID; - if(tag > thistag) - return ASN1_MISPLACED_FIELD; - if(tag < thistag) - return ASN1_MISSING_FIELD; - if(size) *size = l; - return 0; -} - -int -der_match_tag_and_length (const unsigned char *p, size_t len, - Der_class class, Der_type type, unsigned int tag, - size_t *length_ret, size_t *size) -{ - size_t l, ret = 0; - int e; - - e = der_match_tag (p, len, class, type, tag, &l); - if (e) return e; - p += l; - len -= l; - ret += l; - e = der_get_length (p, len, length_ret, &l); - if (e) return e; - p += l; - len -= l; - ret += l; - if(size) *size = ret; - return 0; -} - -/* - * Old versions of DCE was based on a very early beta of the MIT code, - * which used MAVROS for ASN.1 encoding. MAVROS had the interesting - * feature that it encoded data in the forward direction, which has - * it's problems, since you have no idea how long the data will be - * until after you're done. MAVROS solved this by reserving one byte - * for length, and later, if the actual length was longer, it reverted - * to indefinite, BER style, lengths. The version of MAVROS used by - * the DCE people could apparently generate correct X.509 DER encodings, and - * did this by making space for the length after encoding, but - * unfortunately this feature wasn't used with Kerberos. - */ - -int -_heim_fix_dce(size_t reallen, size_t *len) -{ - if(reallen == ASN1_INDEFINITE) - return 1; - if(*len < reallen) - return -1; - *len = reallen; - return 0; -} - -int -der_get_bit_string (const unsigned char *p, size_t len, - heim_bit_string *data, size_t *size) -{ - if (len < 1) - return ASN1_OVERRUN; - if (p[0] > 7) - return ASN1_BAD_FORMAT; - if (len - 1 == 0 && p[0] != 0) - return ASN1_BAD_FORMAT; - /* check if any of the three upper bits are set - * any of them will cause a interger overrun */ - if ((len - 1) >> (sizeof(len) * 8 - 3)) - return ASN1_OVERRUN; - data->length = (len - 1) * 8; - data->data = malloc(len - 1); - if (data->data == NULL && (len - 1) != 0) - return ENOMEM; - memcpy (data->data, p + 1, len - 1); - data->length -= p[0]; - if(size) *size = len; - return 0; -} diff --git a/crypto/heimdal/lib/asn1/der_length.c b/crypto/heimdal/lib/asn1/der_length.c deleted file mode 100644 index a7f8f593a20e..000000000000 --- a/crypto/heimdal/lib/asn1/der_length.c +++ /dev/null @@ -1,232 +0,0 @@ -/* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "der_locl.h" - -RCSID("$Id: der_length.c 19539 2006-12-28 17:15:05Z lha $"); - -size_t -_heim_len_unsigned (unsigned val) -{ - size_t ret = 0; - int last_val_gt_128; - - do { - ++ret; - last_val_gt_128 = (val >= 128); - val /= 256; - } while (val); - - if(last_val_gt_128) - ret++; - - return ret; -} - -size_t -_heim_len_int (int val) -{ - unsigned char q; - size_t ret = 0; - - if (val >= 0) { - do { - q = val % 256; - ret++; - val /= 256; - } while(val); - if(q >= 128) - ret++; - } else { - val = ~val; - do { - q = ~(val % 256); - ret++; - val /= 256; - } while(val); - if(q < 128) - ret++; - } - return ret; -} - -static size_t -len_oid (const heim_oid *oid) -{ - size_t ret = 1; - int n; - - for (n = 2; n < oid->length; ++n) { - unsigned u = oid->components[n]; - - do { - ++ret; - u /= 128; - } while(u > 0); - } - return ret; -} - -size_t -der_length_len (size_t len) -{ - if (len < 128) - return 1; - else { - int ret = 0; - do { - ++ret; - len /= 256; - } while (len); - return ret + 1; - } -} - -size_t -der_length_integer (const int *data) -{ - return _heim_len_int (*data); -} - -size_t -der_length_unsigned (const unsigned *data) -{ - return _heim_len_unsigned(*data); -} - -size_t -der_length_enumerated (const unsigned *data) -{ - return _heim_len_int (*data); -} - -size_t -der_length_general_string (const heim_general_string *data) -{ - return strlen(*data); -} - -size_t -der_length_utf8string (const heim_utf8_string *data) -{ - return strlen(*data); -} - -size_t -der_length_printable_string (const heim_printable_string *data) -{ - return strlen(*data); -} - -size_t -der_length_ia5_string (const heim_ia5_string *data) -{ - return strlen(*data); -} - -size_t -der_length_bmp_string (const heim_bmp_string *data) -{ - return data->length * 2; -} - -size_t -der_length_universal_string (const heim_universal_string *data) -{ - return data->length * 4; -} - -size_t -der_length_visible_string (const heim_visible_string *data) -{ - return strlen(*data); -} - -size_t -der_length_octet_string (const heim_octet_string *k) -{ - return k->length; -} - -size_t -der_length_heim_integer (const heim_integer *k) -{ - if (k->length == 0) - return 1; - if (k->negative) - return k->length + (((~(((unsigned char *)k->data)[0])) & 0x80) ? 0 : 1); - else - return k->length + ((((unsigned char *)k->data)[0] & 0x80) ? 1 : 0); -} - -size_t -der_length_oid (const heim_oid *k) -{ - return len_oid (k); -} - -size_t -der_length_generalized_time (const time_t *t) -{ - heim_octet_string k; - size_t ret; - - _heim_time2generalizedtime (*t, &k, 1); - ret = k.length; - free(k.data); - return ret; -} - -size_t -der_length_utctime (const time_t *t) -{ - heim_octet_string k; - size_t ret; - - _heim_time2generalizedtime (*t, &k, 0); - ret = k.length; - free(k.data); - return ret; -} - -size_t -der_length_boolean (const int *k) -{ - return 1; -} - -size_t -der_length_bit_string (const heim_bit_string *k) -{ - return (k->length + 7) / 8 + 1; -} diff --git a/crypto/heimdal/lib/asn1/der_locl.h b/crypto/heimdal/lib/asn1/der_locl.h deleted file mode 100644 index 5b97557d74a3..000000000000 --- a/crypto/heimdal/lib/asn1/der_locl.h +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright (c) 1997 - 2002, 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: der_locl.h 18608 2006-10-19 16:24:02Z lha $ */ - -#ifndef __DER_LOCL_H__ -#define __DER_LOCL_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -time_t _der_timegm (struct tm *); -size_t _heim_len_unsigned (unsigned); -size_t _heim_len_int (int); - -#endif /* __DER_LOCL_H__ */ diff --git a/crypto/heimdal/lib/asn1/der_put.c b/crypto/heimdal/lib/asn1/der_put.c deleted file mode 100644 index 1fdbfe1305d6..000000000000 --- a/crypto/heimdal/lib/asn1/der_put.c +++ /dev/null @@ -1,483 +0,0 @@ -/* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "der_locl.h" - -RCSID("$Id: der_put.c 19539 2006-12-28 17:15:05Z lha $"); - -/* - * All encoding functions take a pointer `p' to first position in - * which to write, from the right, `len' which means the maximum - * number of characters we are able to write. The function returns - * the number of characters written in `size' (if non-NULL). - * The return value is 0 or an error. - */ - -int -der_put_unsigned (unsigned char *p, size_t len, const unsigned *v, size_t *size) -{ - unsigned char *base = p; - unsigned val = *v; - - if (val) { - while (len > 0 && val) { - *p-- = val % 256; - val /= 256; - --len; - } - if (val != 0) - return ASN1_OVERFLOW; - else { - if(p[1] >= 128) { - if(len < 1) - return ASN1_OVERFLOW; - *p-- = 0; - } - *size = base - p; - return 0; - } - } else if (len < 1) - return ASN1_OVERFLOW; - else { - *p = 0; - *size = 1; - return 0; - } -} - -int -der_put_integer (unsigned char *p, size_t len, const int *v, size_t *size) -{ - unsigned char *base = p; - int val = *v; - - if(val >= 0) { - do { - if(len < 1) - return ASN1_OVERFLOW; - *p-- = val % 256; - len--; - val /= 256; - } while(val); - if(p[1] >= 128) { - if(len < 1) - return ASN1_OVERFLOW; - *p-- = 0; - len--; - } - } else { - val = ~val; - do { - if(len < 1) - return ASN1_OVERFLOW; - *p-- = ~(val % 256); - len--; - val /= 256; - } while(val); - if(p[1] < 128) { - if(len < 1) - return ASN1_OVERFLOW; - *p-- = 0xff; - len--; - } - } - *size = base - p; - return 0; -} - - -int -der_put_length (unsigned char *p, size_t len, size_t val, size_t *size) -{ - if (len < 1) - return ASN1_OVERFLOW; - - if (val < 128) { - *p = val; - *size = 1; - } else { - size_t l = 0; - - while(val > 0) { - if(len < 2) - return ASN1_OVERFLOW; - *p-- = val % 256; - val /= 256; - len--; - l++; - } - *p = 0x80 | l; - if(size) - *size = l + 1; - } - return 0; -} - -int -der_put_boolean(unsigned char *p, size_t len, const int *data, size_t *size) -{ - if(len < 1) - return ASN1_OVERFLOW; - if(*data != 0) - *p = 0xff; - else - *p = 0; - *size = 1; - return 0; -} - -int -der_put_general_string (unsigned char *p, size_t len, - const heim_general_string *str, size_t *size) -{ - size_t slen = strlen(*str); - - if (len < slen) - return ASN1_OVERFLOW; - p -= slen; - len -= slen; - memcpy (p+1, *str, slen); - *size = slen; - return 0; -} - -int -der_put_utf8string (unsigned char *p, size_t len, - const heim_utf8_string *str, size_t *size) -{ - return der_put_general_string(p, len, str, size); -} - -int -der_put_printable_string (unsigned char *p, size_t len, - const heim_printable_string *str, size_t *size) -{ - return der_put_general_string(p, len, str, size); -} - -int -der_put_ia5_string (unsigned char *p, size_t len, - const heim_ia5_string *str, size_t *size) -{ - return der_put_general_string(p, len, str, size); -} - -int -der_put_bmp_string (unsigned char *p, size_t len, - const heim_bmp_string *data, size_t *size) -{ - size_t i; - if (len / 2 < data->length) - return ASN1_OVERFLOW; - p -= data->length * 2; - len -= data->length * 2; - for (i = 0; i < data->length; i++) { - p[1] = (data->data[i] >> 8) & 0xff; - p[2] = data->data[i] & 0xff; - p += 2; - } - if (size) *size = data->length * 2; - return 0; -} - -int -der_put_universal_string (unsigned char *p, size_t len, - const heim_universal_string *data, size_t *size) -{ - size_t i; - if (len / 4 < data->length) - return ASN1_OVERFLOW; - p -= data->length * 4; - len -= data->length * 4; - for (i = 0; i < data->length; i++) { - p[1] = (data->data[i] >> 24) & 0xff; - p[2] = (data->data[i] >> 16) & 0xff; - p[3] = (data->data[i] >> 8) & 0xff; - p[4] = data->data[i] & 0xff; - p += 4; - } - if (size) *size = data->length * 4; - return 0; -} - -int -der_put_visible_string (unsigned char *p, size_t len, - const heim_visible_string *str, size_t *size) -{ - return der_put_general_string(p, len, str, size); -} - -int -der_put_octet_string (unsigned char *p, size_t len, - const heim_octet_string *data, size_t *size) -{ - if (len < data->length) - return ASN1_OVERFLOW; - p -= data->length; - len -= data->length; - memcpy (p+1, data->data, data->length); - *size = data->length; - return 0; -} - -int -der_put_heim_integer (unsigned char *p, size_t len, - const heim_integer *data, size_t *size) -{ - unsigned char *buf = data->data; - int hibitset = 0; - - if (data->length == 0) { - if (len < 1) - return ASN1_OVERFLOW; - *p-- = 0; - if (size) - *size = 1; - return 0; - } - if (len < data->length) - return ASN1_OVERFLOW; - - len -= data->length; - - if (data->negative) { - int i, carry; - for (i = data->length - 1, carry = 1; i >= 0; i--) { - *p = buf[i] ^ 0xff; - if (carry) - carry = !++*p; - p--; - } - if (p[1] < 128) { - if (len < 1) - return ASN1_OVERFLOW; - *p-- = 0xff; - len--; - hibitset = 1; - } - } else { - p -= data->length; - memcpy(p + 1, buf, data->length); - - if (p[1] >= 128) { - if (len < 1) - return ASN1_OVERFLOW; - p[0] = 0; - len--; - hibitset = 1; - } - } - if (size) - *size = data->length + hibitset; - return 0; -} - -int -der_put_generalized_time (unsigned char *p, size_t len, - const time_t *data, size_t *size) -{ - heim_octet_string k; - size_t l; - int e; - - e = _heim_time2generalizedtime (*data, &k, 1); - if (e) - return e; - e = der_put_octet_string(p, len, &k, &l); - free(k.data); - if(e) - return e; - if(size) - *size = l; - return 0; -} - -int -der_put_utctime (unsigned char *p, size_t len, - const time_t *data, size_t *size) -{ - heim_octet_string k; - size_t l; - int e; - - e = _heim_time2generalizedtime (*data, &k, 0); - if (e) - return e; - e = der_put_octet_string(p, len, &k, &l); - free(k.data); - if(e) - return e; - if(size) - *size = l; - return 0; -} - -int -der_put_oid (unsigned char *p, size_t len, - const heim_oid *data, size_t *size) -{ - unsigned char *base = p; - int n; - - for (n = data->length - 1; n >= 2; --n) { - unsigned u = data->components[n]; - - if (len < 1) - return ASN1_OVERFLOW; - *p-- = u % 128; - u /= 128; - --len; - while (u > 0) { - if (len < 1) - return ASN1_OVERFLOW; - *p-- = 128 + u % 128; - u /= 128; - --len; - } - } - if (len < 1) - return ASN1_OVERFLOW; - *p-- = 40 * data->components[0] + data->components[1]; - *size = base - p; - return 0; -} - -int -der_put_tag (unsigned char *p, size_t len, Der_class class, Der_type type, - unsigned int tag, size_t *size) -{ - if (tag <= 30) { - if (len < 1) - return ASN1_OVERFLOW; - *p = MAKE_TAG(class, type, tag); - *size = 1; - } else { - size_t ret = 0; - unsigned int continuation = 0; - - do { - if (len < 1) - return ASN1_OVERFLOW; - *p-- = tag % 128 | continuation; - len--; - ret++; - tag /= 128; - continuation = 0x80; - } while(tag > 0); - if (len < 1) - return ASN1_OVERFLOW; - *p-- = MAKE_TAG(class, type, 0x1f); - ret++; - *size = ret; - } - return 0; -} - -int -der_put_length_and_tag (unsigned char *p, size_t len, size_t len_val, - Der_class class, Der_type type, - unsigned int tag, size_t *size) -{ - size_t ret = 0; - size_t l; - int e; - - e = der_put_length (p, len, len_val, &l); - if(e) - return e; - p -= l; - len -= l; - ret += l; - e = der_put_tag (p, len, class, type, tag, &l); - if(e) - return e; - p -= l; - len -= l; - ret += l; - *size = ret; - return 0; -} - -int -_heim_time2generalizedtime (time_t t, heim_octet_string *s, int gtimep) -{ - struct tm *tm; - const size_t len = gtimep ? 15 : 13; - - s->data = malloc(len + 1); - if (s->data == NULL) - return ENOMEM; - s->length = len; - tm = gmtime (&t); - if (gtimep) - snprintf (s->data, len + 1, "%04d%02d%02d%02d%02d%02dZ", - tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday, - tm->tm_hour, tm->tm_min, tm->tm_sec); - else - snprintf (s->data, len + 1, "%02d%02d%02d%02d%02d%02dZ", - tm->tm_year % 100, tm->tm_mon + 1, tm->tm_mday, - tm->tm_hour, tm->tm_min, tm->tm_sec); - - return 0; -} - -int -der_put_bit_string (unsigned char *p, size_t len, - const heim_bit_string *data, size_t *size) -{ - size_t data_size = (data->length + 7) / 8; - if (len < data_size + 1) - return ASN1_OVERFLOW; - p -= data_size + 1; - len -= data_size + 1; - memcpy (p+2, data->data, data_size); - if (data->length && (data->length % 8) != 0) - p[1] = 8 - (data->length % 8); - else - p[1] = 0; - *size = data_size + 1; - return 0; -} - -int -_heim_der_set_sort(const void *a1, const void *a2) -{ - const struct heim_octet_string *s1 = a1, *s2 = a2; - int ret; - - ret = memcmp(s1->data, s2->data, - s1->length < s2->length ? s1->length : s2->length); - if(ret) - return ret; - return s1->length - s2->length; -} diff --git a/crypto/heimdal/lib/asn1/digest.asn1 b/crypto/heimdal/lib/asn1/digest.asn1 deleted file mode 100644 index eafe48ea5aee..000000000000 --- a/crypto/heimdal/lib/asn1/digest.asn1 +++ /dev/null @@ -1,164 +0,0 @@ --- $Id: digest.asn1 22152 2007-12-04 19:59:18Z lha $ - -DIGEST DEFINITIONS ::= -BEGIN - -IMPORTS EncryptedData, Principal FROM krb5; - -DigestTypes ::= BIT STRING { - ntlm-v1(0), - ntlm-v1-session(1), - ntlm-v2(2), - digest-md5(3), - chap-md5(4), - ms-chap-v2(5) -} - -DigestInit ::= SEQUENCE { - type UTF8String, -- http, sasl, chap, cram-md5 -- - channel [0] SEQUENCE { - cb-type UTF8String, - cb-binding UTF8String - } OPTIONAL, - hostname [1] UTF8String OPTIONAL -- for chap/cram-md5 -} - -DigestInitReply ::= SEQUENCE { - nonce UTF8String, -- service nonce/challange - opaque UTF8String, -- server state - identifier [0] UTF8String OPTIONAL -} - - -DigestRequest ::= SEQUENCE { - type UTF8String, -- http, sasl-md5, chap, cram-md5 -- - digest UTF8String, -- http:md5/md5-sess sasl:clear/int/conf -- - username UTF8String, -- username user used - responseData UTF8String, -- client response - authid [0] UTF8String OPTIONAL, - authentication-user [1] Principal OPTIONAL, -- principal to get key from - realm [2] UTF8String OPTIONAL, - method [3] UTF8String OPTIONAL, - uri [4] UTF8String OPTIONAL, - serverNonce UTF8String, -- same as "DigestInitReply.nonce" - clientNonce [5] UTF8String OPTIONAL, - nonceCount [6] UTF8String OPTIONAL, - qop [7] UTF8String OPTIONAL, - identifier [8] UTF8String OPTIONAL, - hostname [9] UTF8String OPTIONAL, - opaque UTF8String -- same as "DigestInitReply.opaque" -} --- opaque = hex(cksum(type|serverNonce|identifier|hostname,digest-key)) --- serverNonce = hex(time[4bytes]random[12bytes])(-cbType:cbBinding) - - -DigestError ::= SEQUENCE { - reason UTF8String, - code INTEGER (-2147483648..2147483647) -} - -DigestResponse ::= SEQUENCE { - success BOOLEAN, - rsp [0] UTF8String OPTIONAL, - tickets [1] SEQUENCE OF OCTET STRING OPTIONAL, - channel [2] SEQUENCE { - cb-type UTF8String, - cb-binding UTF8String - } OPTIONAL, - session-key [3] OCTET STRING OPTIONAL -} - -NTLMInit ::= SEQUENCE { - flags [0] INTEGER (0..4294967295), - hostname [1] UTF8String OPTIONAL, - domain [1] UTF8String OPTIONAL -} - -NTLMInitReply ::= SEQUENCE { - flags [0] INTEGER (0..4294967295), - opaque [1] OCTET STRING, - targetname [2] UTF8String, - challange [3] OCTET STRING, - targetinfo [4] OCTET STRING OPTIONAL -} - -NTLMRequest ::= SEQUENCE { - flags [0] INTEGER (0..4294967295), - opaque [1] OCTET STRING, - username [2] UTF8String, - targetname [3] UTF8String, - targetinfo [4] OCTET STRING OPTIONAL, - lm [5] OCTET STRING, - ntlm [6] OCTET STRING, - sessionkey [7] OCTET STRING OPTIONAL -} - -NTLMResponse ::= SEQUENCE { - success [0] BOOLEAN, - flags [1] INTEGER (0..4294967295), - sessionkey [2] OCTET STRING OPTIONAL, - tickets [3] SEQUENCE OF OCTET STRING OPTIONAL -} - -DigestReqInner ::= CHOICE { - init [0] DigestInit, - digestRequest [1] DigestRequest, - ntlmInit [2] NTLMInit, - ntlmRequest [3] NTLMRequest, - supportedMechs [4] NULL -} - -DigestREQ ::= [APPLICATION 128] SEQUENCE { - apReq [0] OCTET STRING, - innerReq [1] EncryptedData -} - -DigestRepInner ::= CHOICE { - error [0] DigestError, - initReply [1] DigestInitReply, - response [2] DigestResponse, - ntlmInitReply [3] NTLMInitReply, - ntlmResponse [4] NTLMResponse, - supportedMechs [5] DigestTypes, - ... -} - -DigestREP ::= [APPLICATION 129] SEQUENCE { - apRep [0] OCTET STRING, - innerRep [1] EncryptedData -} - - --- HTTP - --- md5 --- A1 = unq(username-value) ":" unq(realm-value) ":" passwd --- md5-sess --- A1 = HEX(H(unq(username-value) ":" unq(realm-value) ":" passwd ) ":" unq(nonce-value) ":" unq(cnonce-value)) - --- qop == auth --- A2 = Method ":" digest-uri-value --- qop == auth-int --- A2 = Method ":" digest-uri-value ":" H(entity-body) - --- request-digest = HEX(KD(HEX(H(A1)), --- unq(nonce-value) ":" nc-value ":" unq(cnonce-value) ":" unq(qop-value) ":" HEX(H(A2)))) --- no "qop" --- request-digest = HEX(KD(HEX(H(A1)), unq(nonce-value) ":" HEX(H(A2)))) - - --- SASL: --- SS = H( { unq(username-value), ":", unq(realm-value), ":", password } ) --- A1 = { SS, ":", unq(nonce-value), ":", unq(cnonce-value) } --- A1 = { SS, ":", unq(nonce-value), ":", unq(cnonce-value), ":", unq(authzid-value) } - --- A2 = "AUTHENTICATE:", ":", digest-uri-value --- qop == auth-int,auth-conf --- A2 = "AUTHENTICATE:", ":", digest-uri-value, ":00000000000000000000000000000000" - --- response-value = HEX( KD ( HEX(H(A1)), --- { unq(nonce-value), ":" nc-value, ":", --- unq(cnonce-value), ":", qop-value, ":", --- HEX(H(A2)) })) - -END diff --git a/crypto/heimdal/lib/asn1/extra.c b/crypto/heimdal/lib/asn1/extra.c deleted file mode 100644 index e29a43787851..000000000000 --- a/crypto/heimdal/lib/asn1/extra.c +++ /dev/null @@ -1,155 +0,0 @@ -/* - * Copyright (c) 2003 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "der_locl.h" -#include "heim_asn1.h" - -RCSID("$Id: extra.c 16672 2006-01-31 09:44:54Z lha $"); - -int -encode_heim_any(unsigned char *p, size_t len, - const heim_any *data, size_t *size) -{ - if (data->length > len) - return ASN1_OVERFLOW; - p -= data->length; - len -= data->length; - memcpy (p+1, data->data, data->length); - *size = data->length; - return 0; -} - -int -decode_heim_any(const unsigned char *p, size_t len, - heim_any *data, size_t *size) -{ - size_t len_len, length, l; - Der_class thisclass; - Der_type thistype; - unsigned int thistag; - int e; - - memset(data, 0, sizeof(*data)); - - e = der_get_tag (p, len, &thisclass, &thistype, &thistag, &l); - if (e) return e; - if (l > len) - return ASN1_OVERFLOW; - e = der_get_length(p + l, len - l, &length, &len_len); - if (e) return e; - if (length + len_len + l > len) - return ASN1_OVERFLOW; - - data->data = malloc(length + len_len + l); - if (data->data == NULL) - return ENOMEM; - data->length = length + len_len + l; - memcpy(data->data, p, length + len_len + l); - - if (size) - *size = length + len_len + l; - - return 0; -} - -void -free_heim_any(heim_any *data) -{ - free(data->data); - data->data = NULL; -} - -size_t -length_heim_any(const heim_any *data) -{ - return data->length; -} - -int -copy_heim_any(const heim_any *from, heim_any *to) -{ - to->data = malloc(from->length); - if (to->data == NULL && from->length != 0) - return ENOMEM; - memcpy(to->data, from->data, from->length); - to->length = from->length; - return 0; -} - -int -encode_heim_any_set(unsigned char *p, size_t len, - const heim_any_set *data, size_t *size) -{ - return encode_heim_any(p, len, data, size); -} - - -int -decode_heim_any_set(const unsigned char *p, size_t len, - heim_any_set *data, size_t *size) -{ - memset(data, 0, sizeof(*data)); - data->data = malloc(len); - if (data->data == NULL && len != 0) - return ENOMEM; - data->length = len; - memcpy(data->data, p, len); - if (size) *size = len; - return 0; -} - -void -free_heim_any_set(heim_any_set *data) -{ - free_heim_any(data); -} - -size_t -length_heim_any_set(const heim_any *data) -{ - return length_heim_any(data); -} - -int -copy_heim_any_set(const heim_any_set *from, heim_any_set *to) -{ - return copy_heim_any(from, to); -} - -int -heim_any_cmp(const heim_any_set *p, const heim_any_set *q) -{ - if (p->length != q->length) - return p->length - q->length; - return memcmp(p->data, q->data, p->length); -} diff --git a/crypto/heimdal/lib/asn1/gen.c b/crypto/heimdal/lib/asn1/gen.c deleted file mode 100644 index 499f8eab363b..000000000000 --- a/crypto/heimdal/lib/asn1/gen.c +++ /dev/null @@ -1,797 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gen_locl.h" - -RCSID("$Id: gen.c 22429 2008-01-13 10:25:50Z lha $"); - -FILE *headerfile, *codefile, *logfile; - -#define STEM "asn1" - -static const char *orig_filename; -static char *header; -static const char *headerbase = STEM; - -/* - * list of all IMPORTs - */ - -struct import { - const char *module; - struct import *next; -}; - -static struct import *imports = NULL; - -void -add_import (const char *module) -{ - struct import *tmp = emalloc (sizeof(*tmp)); - - tmp->module = module; - tmp->next = imports; - imports = tmp; - - fprintf (headerfile, "#include <%s_asn1.h>\n", module); -} - -const char * -get_filename (void) -{ - return orig_filename; -} - -void -init_generate (const char *filename, const char *base) -{ - char *fn; - - orig_filename = filename; - if (base != NULL) { - headerbase = strdup(base); - if (headerbase == NULL) - errx(1, "strdup"); - } - asprintf(&header, "%s.h", headerbase); - if (header == NULL) - errx(1, "malloc"); - headerfile = fopen (header, "w"); - if (headerfile == NULL) - err (1, "open %s", header); - fprintf (headerfile, - "/* Generated from %s */\n" - "/* Do not edit */\n\n", - filename); - fprintf (headerfile, - "#ifndef __%s_h__\n" - "#define __%s_h__\n\n", headerbase, headerbase); - fprintf (headerfile, - "#include \n" - "#include \n\n"); - fprintf (headerfile, - "#ifndef __asn1_common_definitions__\n" - "#define __asn1_common_definitions__\n\n"); - fprintf (headerfile, - "typedef struct heim_integer {\n" - " size_t length;\n" - " void *data;\n" - " int negative;\n" - "} heim_integer;\n\n"); - fprintf (headerfile, - "typedef struct heim_octet_string {\n" - " size_t length;\n" - " void *data;\n" - "} heim_octet_string;\n\n"); - fprintf (headerfile, - "typedef char *heim_general_string;\n\n" - ); - fprintf (headerfile, - "typedef char *heim_utf8_string;\n\n" - ); - fprintf (headerfile, - "typedef char *heim_printable_string;\n\n" - ); - fprintf (headerfile, - "typedef char *heim_ia5_string;\n\n" - ); - fprintf (headerfile, - "typedef struct heim_bmp_string {\n" - " size_t length;\n" - " uint16_t *data;\n" - "} heim_bmp_string;\n\n"); - fprintf (headerfile, - "typedef struct heim_universal_string {\n" - " size_t length;\n" - " uint32_t *data;\n" - "} heim_universal_string;\n\n"); - fprintf (headerfile, - "typedef char *heim_visible_string;\n\n" - ); - fprintf (headerfile, - "typedef struct heim_oid {\n" - " size_t length;\n" - " unsigned *components;\n" - "} heim_oid;\n\n"); - fprintf (headerfile, - "typedef struct heim_bit_string {\n" - " size_t length;\n" - " void *data;\n" - "} heim_bit_string;\n\n"); - fprintf (headerfile, - "typedef struct heim_octet_string heim_any;\n" - "typedef struct heim_octet_string heim_any_set;\n\n"); - fputs("#define ASN1_MALLOC_ENCODE(T, B, BL, S, L, R) \\\n" - " do { \\\n" - " (BL) = length_##T((S)); \\\n" - " (B) = malloc((BL)); \\\n" - " if((B) == NULL) { \\\n" - " (R) = ENOMEM; \\\n" - " } else { \\\n" - " (R) = encode_##T(((unsigned char*)(B)) + (BL) - 1, (BL), \\\n" - " (S), (L)); \\\n" - " if((R) != 0) { \\\n" - " free((B)); \\\n" - " (B) = NULL; \\\n" - " } \\\n" - " } \\\n" - " } while (0)\n\n", - headerfile); - fprintf (headerfile, "struct units;\n\n"); - fprintf (headerfile, "#endif\n\n"); - asprintf(&fn, "%s_files", base); - if (fn == NULL) - errx(1, "malloc"); - logfile = fopen(fn, "w"); - if (logfile == NULL) - err (1, "open %s", fn); -} - -void -close_generate (void) -{ - fprintf (headerfile, "#endif /* __%s_h__ */\n", headerbase); - - fclose (headerfile); - fprintf (logfile, "\n"); - fclose (logfile); -} - -void -gen_assign_defval(const char *var, struct value *val) -{ - switch(val->type) { - case stringvalue: - fprintf(codefile, "if((%s = strdup(\"%s\")) == NULL)\nreturn ENOMEM;\n", var, val->u.stringvalue); - break; - case integervalue: - fprintf(codefile, "%s = %d;\n", var, val->u.integervalue); - break; - case booleanvalue: - if(val->u.booleanvalue) - fprintf(codefile, "%s = TRUE;\n", var); - else - fprintf(codefile, "%s = FALSE;\n", var); - break; - default: - abort(); - } -} - -void -gen_compare_defval(const char *var, struct value *val) -{ - switch(val->type) { - case stringvalue: - fprintf(codefile, "if(strcmp(%s, \"%s\") != 0)\n", var, val->u.stringvalue); - break; - case integervalue: - fprintf(codefile, "if(%s != %d)\n", var, val->u.integervalue); - break; - case booleanvalue: - if(val->u.booleanvalue) - fprintf(codefile, "if(!%s)\n", var); - else - fprintf(codefile, "if(%s)\n", var); - break; - default: - abort(); - } -} - -static void -generate_header_of_codefile(const char *name) -{ - char *filename; - - if (codefile != NULL) - abort(); - - asprintf (&filename, "%s_%s.x", STEM, name); - if (filename == NULL) - errx(1, "malloc"); - codefile = fopen (filename, "w"); - if (codefile == NULL) - err (1, "fopen %s", filename); - fprintf(logfile, "%s ", filename); - free(filename); - fprintf (codefile, - "/* Generated from %s */\n" - "/* Do not edit */\n\n" - "#include \n" - "#include \n" - "#include \n" - "#include \n" - "#include \n" - "#include \n" - "#include \n", - orig_filename); - - fprintf (codefile, - "#include <%s.h>\n", - headerbase); - fprintf (codefile, - "#include \n" - "#include \n" - "#include \n\n"); - -} - -static void -close_codefile(void) -{ - if (codefile == NULL) - abort(); - - fclose(codefile); - codefile = NULL; -} - - -void -generate_constant (const Symbol *s) -{ - switch(s->value->type) { - case booleanvalue: - break; - case integervalue: - fprintf (headerfile, "enum { %s = %d };\n\n", - s->gen_name, s->value->u.integervalue); - break; - case nullvalue: - break; - case stringvalue: - break; - case objectidentifiervalue: { - struct objid *o, **list; - int i, len; - - generate_header_of_codefile(s->gen_name); - - len = 0; - for (o = s->value->u.objectidentifiervalue; o != NULL; o = o->next) - len++; - list = emalloc(sizeof(*list) * len); - - i = 0; - for (o = s->value->u.objectidentifiervalue; o != NULL; o = o->next) - list[i++] = o; - - fprintf (headerfile, "/* OBJECT IDENTIFIER %s ::= { ", s->name); - for (i = len - 1 ; i >= 0; i--) { - o = list[i]; - fprintf(headerfile, "%s(%d) ", - o->label ? o->label : "label-less", o->value); - } - - fprintf (headerfile, "} */\n"); - fprintf (headerfile, "const heim_oid *oid_%s(void);\n\n", - s->gen_name); - - fprintf (codefile, "static unsigned oid_%s_variable_num[%d] = {", - s->gen_name, len); - for (i = len - 1 ; i >= 0; i--) { - fprintf(codefile, "%d%s ", list[i]->value, i > 0 ? "," : ""); - } - fprintf(codefile, "};\n"); - - fprintf (codefile, "static const heim_oid oid_%s_variable = " - "{ %d, oid_%s_variable_num };\n\n", - s->gen_name, len, s->gen_name); - - fprintf (codefile, "const heim_oid *oid_%s(void)\n" - "{\n" - "return &oid_%s_variable;\n" - "}\n\n", - s->gen_name, s->gen_name); - - close_codefile(); - - break; - } - default: - abort(); - } -} - -static void -space(int level) -{ - while(level-- > 0) - fprintf(headerfile, " "); -} - -static const char * -last_member_p(struct member *m) -{ - struct member *n = ASN1_TAILQ_NEXT(m, members); - if (n == NULL) - return ""; - if (n->ellipsis && ASN1_TAILQ_NEXT(n, members) == NULL) - return ""; - return ","; -} - -static struct member * -have_ellipsis(Type *t) -{ - struct member *m; - ASN1_TAILQ_FOREACH(m, t->members, members) { - if (m->ellipsis) - return m; - } - return NULL; -} - -static void -define_asn1 (int level, Type *t) -{ - switch (t->type) { - case TType: - fprintf (headerfile, "%s", t->symbol->name); - break; - case TInteger: - if(t->members == NULL) { - fprintf (headerfile, "INTEGER"); - if (t->range) - fprintf (headerfile, " (%d..%d)", - t->range->min, t->range->max); - } else { - Member *m; - fprintf (headerfile, "INTEGER {\n"); - ASN1_TAILQ_FOREACH(m, t->members, members) { - space (level + 1); - fprintf(headerfile, "%s(%d)%s\n", m->gen_name, m->val, - last_member_p(m)); - } - space(level); - fprintf (headerfile, "}"); - } - break; - case TBoolean: - fprintf (headerfile, "BOOLEAN"); - break; - case TOctetString: - fprintf (headerfile, "OCTET STRING"); - break; - case TEnumerated : - case TBitString: { - Member *m; - - space(level); - if(t->type == TBitString) - fprintf (headerfile, "BIT STRING {\n"); - else - fprintf (headerfile, "ENUMERATED {\n"); - ASN1_TAILQ_FOREACH(m, t->members, members) { - space(level + 1); - fprintf (headerfile, "%s(%d)%s\n", m->name, m->val, - last_member_p(m)); - } - space(level); - fprintf (headerfile, "}"); - break; - } - case TChoice: - case TSet: - case TSequence: { - Member *m; - int max_width = 0; - - if(t->type == TChoice) - fprintf(headerfile, "CHOICE {\n"); - else if(t->type == TSet) - fprintf(headerfile, "SET {\n"); - else - fprintf(headerfile, "SEQUENCE {\n"); - ASN1_TAILQ_FOREACH(m, t->members, members) { - if(strlen(m->name) > max_width) - max_width = strlen(m->name); - } - max_width += 3; - if(max_width < 16) max_width = 16; - ASN1_TAILQ_FOREACH(m, t->members, members) { - int width = max_width; - space(level + 1); - if (m->ellipsis) { - fprintf (headerfile, "..."); - } else { - width -= fprintf(headerfile, "%s", m->name); - fprintf(headerfile, "%*s", width, ""); - define_asn1(level + 1, m->type); - if(m->optional) - fprintf(headerfile, " OPTIONAL"); - } - if(last_member_p(m)) - fprintf (headerfile, ","); - fprintf (headerfile, "\n"); - } - space(level); - fprintf (headerfile, "}"); - break; - } - case TSequenceOf: - fprintf (headerfile, "SEQUENCE OF "); - define_asn1 (0, t->subtype); - break; - case TSetOf: - fprintf (headerfile, "SET OF "); - define_asn1 (0, t->subtype); - break; - case TGeneralizedTime: - fprintf (headerfile, "GeneralizedTime"); - break; - case TGeneralString: - fprintf (headerfile, "GeneralString"); - break; - case TTag: { - const char *classnames[] = { "UNIVERSAL ", "APPLICATION ", - "" /* CONTEXT */, "PRIVATE " }; - if(t->tag.tagclass != ASN1_C_UNIV) - fprintf (headerfile, "[%s%d] ", - classnames[t->tag.tagclass], - t->tag.tagvalue); - if(t->tag.tagenv == TE_IMPLICIT) - fprintf (headerfile, "IMPLICIT "); - define_asn1 (level, t->subtype); - break; - } - case TUTCTime: - fprintf (headerfile, "UTCTime"); - break; - case TUTF8String: - space(level); - fprintf (headerfile, "UTF8String"); - break; - case TPrintableString: - space(level); - fprintf (headerfile, "PrintableString"); - break; - case TIA5String: - space(level); - fprintf (headerfile, "IA5String"); - break; - case TBMPString: - space(level); - fprintf (headerfile, "BMPString"); - break; - case TUniversalString: - space(level); - fprintf (headerfile, "UniversalString"); - break; - case TVisibleString: - space(level); - fprintf (headerfile, "VisibleString"); - break; - case TOID : - space(level); - fprintf(headerfile, "OBJECT IDENTIFIER"); - break; - case TNull: - space(level); - fprintf (headerfile, "NULL"); - break; - default: - abort (); - } -} - -static void -define_type (int level, const char *name, Type *t, int typedefp, int preservep) -{ - switch (t->type) { - case TType: - space(level); - fprintf (headerfile, "%s %s;\n", t->symbol->gen_name, name); - break; - case TInteger: - space(level); - if(t->members) { - Member *m; - fprintf (headerfile, "enum %s {\n", typedefp ? name : ""); - ASN1_TAILQ_FOREACH(m, t->members, members) { - space (level + 1); - fprintf(headerfile, "%s = %d%s\n", m->gen_name, m->val, - last_member_p(m)); - } - fprintf (headerfile, "} %s;\n", name); - } else if (t->range == NULL) { - fprintf (headerfile, "heim_integer %s;\n", name); - } else if (t->range->min == INT_MIN && t->range->max == INT_MAX) { - fprintf (headerfile, "int %s;\n", name); - } else if (t->range->min == 0 && t->range->max == UINT_MAX) { - fprintf (headerfile, "unsigned int %s;\n", name); - } else if (t->range->min == 0 && t->range->max == INT_MAX) { - fprintf (headerfile, "unsigned int %s;\n", name); - } else - errx(1, "%s: unsupported range %d -> %d", - name, t->range->min, t->range->max); - break; - case TBoolean: - space(level); - fprintf (headerfile, "int %s;\n", name); - break; - case TOctetString: - space(level); - fprintf (headerfile, "heim_octet_string %s;\n", name); - break; - case TBitString: { - Member *m; - Type i; - struct range range = { 0, INT_MAX }; - - i.type = TInteger; - i.range = ⦥ - i.members = NULL; - i.constraint = NULL; - - space(level); - if(ASN1_TAILQ_EMPTY(t->members)) - fprintf (headerfile, "heim_bit_string %s;\n", name); - else { - fprintf (headerfile, "struct %s {\n", typedefp ? name : ""); - ASN1_TAILQ_FOREACH(m, t->members, members) { - char *n; - - asprintf (&n, "%s:1", m->gen_name); - if (n == NULL) - errx(1, "malloc"); - define_type (level + 1, n, &i, FALSE, FALSE); - free (n); - } - space(level); - fprintf (headerfile, "} %s;\n\n", name); - } - break; - } - case TEnumerated: { - Member *m; - - space(level); - fprintf (headerfile, "enum %s {\n", typedefp ? name : ""); - ASN1_TAILQ_FOREACH(m, t->members, members) { - space(level + 1); - if (m->ellipsis) - fprintf (headerfile, "/* ... */\n"); - else - fprintf (headerfile, "%s = %d%s\n", m->gen_name, m->val, - last_member_p(m)); - } - space(level); - fprintf (headerfile, "} %s;\n\n", name); - break; - } - case TSet: - case TSequence: { - Member *m; - - space(level); - fprintf (headerfile, "struct %s {\n", typedefp ? name : ""); - if (t->type == TSequence && preservep) { - space(level + 1); - fprintf(headerfile, "heim_octet_string _save;\n"); - } - ASN1_TAILQ_FOREACH(m, t->members, members) { - if (m->ellipsis) { - ; - } else if (m->optional) { - char *n; - - asprintf (&n, "*%s", m->gen_name); - if (n == NULL) - errx(1, "malloc"); - define_type (level + 1, n, m->type, FALSE, FALSE); - free (n); - } else - define_type (level + 1, m->gen_name, m->type, FALSE, FALSE); - } - space(level); - fprintf (headerfile, "} %s;\n", name); - break; - } - case TSetOf: - case TSequenceOf: { - Type i; - struct range range = { 0, INT_MAX }; - - i.type = TInteger; - i.range = ⦥ - i.members = NULL; - i.constraint = NULL; - - space(level); - fprintf (headerfile, "struct %s {\n", typedefp ? name : ""); - define_type (level + 1, "len", &i, FALSE, FALSE); - define_type (level + 1, "*val", t->subtype, FALSE, FALSE); - space(level); - fprintf (headerfile, "} %s;\n", name); - break; - } - case TGeneralizedTime: - space(level); - fprintf (headerfile, "time_t %s;\n", name); - break; - case TGeneralString: - space(level); - fprintf (headerfile, "heim_general_string %s;\n", name); - break; - case TTag: - define_type (level, name, t->subtype, typedefp, preservep); - break; - case TChoice: { - int first = 1; - Member *m; - - space(level); - fprintf (headerfile, "struct %s {\n", typedefp ? name : ""); - if (preservep) { - space(level + 1); - fprintf(headerfile, "heim_octet_string _save;\n"); - } - space(level + 1); - fprintf (headerfile, "enum {\n"); - m = have_ellipsis(t); - if (m) { - space(level + 2); - fprintf (headerfile, "%s = 0,\n", m->label); - first = 0; - } - ASN1_TAILQ_FOREACH(m, t->members, members) { - space(level + 2); - if (m->ellipsis) - fprintf (headerfile, "/* ... */\n"); - else - fprintf (headerfile, "%s%s%s\n", m->label, - first ? " = 1" : "", - last_member_p(m)); - first = 0; - } - space(level + 1); - fprintf (headerfile, "} element;\n"); - space(level + 1); - fprintf (headerfile, "union {\n"); - ASN1_TAILQ_FOREACH(m, t->members, members) { - if (m->ellipsis) { - space(level + 2); - fprintf(headerfile, "heim_octet_string asn1_ellipsis;\n"); - } else if (m->optional) { - char *n; - - asprintf (&n, "*%s", m->gen_name); - if (n == NULL) - errx(1, "malloc"); - define_type (level + 2, n, m->type, FALSE, FALSE); - free (n); - } else - define_type (level + 2, m->gen_name, m->type, FALSE, FALSE); - } - space(level + 1); - fprintf (headerfile, "} u;\n"); - space(level); - fprintf (headerfile, "} %s;\n", name); - break; - } - case TUTCTime: - space(level); - fprintf (headerfile, "time_t %s;\n", name); - break; - case TUTF8String: - space(level); - fprintf (headerfile, "heim_utf8_string %s;\n", name); - break; - case TPrintableString: - space(level); - fprintf (headerfile, "heim_printable_string %s;\n", name); - break; - case TIA5String: - space(level); - fprintf (headerfile, "heim_ia5_string %s;\n", name); - break; - case TBMPString: - space(level); - fprintf (headerfile, "heim_bmp_string %s;\n", name); - break; - case TUniversalString: - space(level); - fprintf (headerfile, "heim_universal_string %s;\n", name); - break; - case TVisibleString: - space(level); - fprintf (headerfile, "heim_visible_string %s;\n", name); - break; - case TOID : - space(level); - fprintf (headerfile, "heim_oid %s;\n", name); - break; - case TNull: - space(level); - fprintf (headerfile, "int %s;\n", name); - break; - default: - abort (); - } -} - -static void -generate_type_header (const Symbol *s) -{ - int preservep = preserve_type(s->name) ? TRUE : FALSE; - - fprintf (headerfile, "/*\n"); - fprintf (headerfile, "%s ::= ", s->name); - define_asn1 (0, s->type); - fprintf (headerfile, "\n*/\n\n"); - - fprintf (headerfile, "typedef "); - define_type (0, s->gen_name, s->type, TRUE, preservep); - - fprintf (headerfile, "\n"); -} - - -void -generate_type (const Symbol *s) -{ - generate_header_of_codefile(s->gen_name); - - generate_type_header (s); - generate_type_encode (s); - generate_type_decode (s); - generate_type_free (s); - generate_type_length (s); - generate_type_copy (s); - generate_type_seq (s); - generate_glue (s->type, s->gen_name); - fprintf(headerfile, "\n\n"); - close_codefile(); -} diff --git a/crypto/heimdal/lib/asn1/gen.h b/crypto/heimdal/lib/asn1/gen.h deleted file mode 100644 index 369b6e392acd..000000000000 --- a/crypto/heimdal/lib/asn1/gen.h +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: gen.h,v 1.4 1999/12/02 17:05:02 joda Exp $ */ - -#include -#include "symbol.h" - diff --git a/crypto/heimdal/lib/asn1/gen_copy.c b/crypto/heimdal/lib/asn1/gen_copy.c deleted file mode 100644 index abf11859d5f4..000000000000 --- a/crypto/heimdal/lib/asn1/gen_copy.c +++ /dev/null @@ -1,249 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gen_locl.h" - -RCSID("$Id: gen_copy.c 19539 2006-12-28 17:15:05Z lha $"); - -static int used_fail; - -static void -copy_primitive (const char *typename, const char *from, const char *to) -{ - fprintf (codefile, "if(der_copy_%s(%s, %s)) goto fail;\n", - typename, from, to); - used_fail++; -} - -static void -copy_type (const char *from, const char *to, const Type *t, int preserve) -{ - switch (t->type) { - case TType: -#if 0 - copy_type (from, to, t->symbol->type, preserve); -#endif - fprintf (codefile, "if(copy_%s(%s, %s)) goto fail;\n", - t->symbol->gen_name, from, to); - used_fail++; - break; - case TInteger: - if (t->range == NULL && t->members == NULL) { - copy_primitive ("heim_integer", from, to); - break; - } - case TBoolean: - case TEnumerated : - fprintf(codefile, "*(%s) = *(%s);\n", to, from); - break; - case TOctetString: - copy_primitive ("octet_string", from, to); - break; - case TBitString: - if (ASN1_TAILQ_EMPTY(t->members)) - copy_primitive ("bit_string", from, to); - else - fprintf(codefile, "*(%s) = *(%s);\n", to, from); - break; - case TSet: - case TSequence: - case TChoice: { - Member *m, *have_ellipsis = NULL; - - if(t->members == NULL) - break; - - if ((t->type == TSequence || t->type == TChoice) && preserve) { - fprintf(codefile, - "{ int ret;\n" - "ret = der_copy_octet_string(&(%s)->_save, &(%s)->_save);\n" - "if (ret) goto fail;\n" - "}\n", - from, to); - used_fail++; - } - - if(t->type == TChoice) { - fprintf(codefile, "(%s)->element = (%s)->element;\n", to, from); - fprintf(codefile, "switch((%s)->element) {\n", from); - } - - ASN1_TAILQ_FOREACH(m, t->members, members) { - char *fs; - char *ts; - - if (m->ellipsis) { - have_ellipsis = m; - continue; - } - - if(t->type == TChoice) - fprintf(codefile, "case %s:\n", m->label); - - asprintf (&fs, "%s(%s)->%s%s", - m->optional ? "" : "&", from, - t->type == TChoice ? "u." : "", m->gen_name); - if (fs == NULL) - errx(1, "malloc"); - asprintf (&ts, "%s(%s)->%s%s", - m->optional ? "" : "&", to, - t->type == TChoice ? "u." : "", m->gen_name); - if (ts == NULL) - errx(1, "malloc"); - if(m->optional){ - fprintf(codefile, "if(%s) {\n", fs); - fprintf(codefile, "%s = malloc(sizeof(*%s));\n", ts, ts); - fprintf(codefile, "if(%s == NULL) goto fail;\n", ts); - used_fail++; - } - copy_type (fs, ts, m->type, FALSE); - if(m->optional){ - fprintf(codefile, "}else\n"); - fprintf(codefile, "%s = NULL;\n", ts); - } - free (fs); - free (ts); - if(t->type == TChoice) - fprintf(codefile, "break;\n"); - } - if(t->type == TChoice) { - if (have_ellipsis) { - fprintf(codefile, "case %s: {\n" - "int ret;\n" - "ret=der_copy_octet_string(&(%s)->u.%s, &(%s)->u.%s);\n" - "if (ret) goto fail;\n" - "break;\n" - "}\n", - have_ellipsis->label, - from, have_ellipsis->gen_name, - to, have_ellipsis->gen_name); - used_fail++; - } - fprintf(codefile, "}\n"); - } - break; - } - case TSetOf: - case TSequenceOf: { - char *f; - char *T; - - fprintf (codefile, "if(((%s)->val = " - "malloc((%s)->len * sizeof(*(%s)->val))) == NULL && (%s)->len != 0)\n", - to, from, to, from); - fprintf (codefile, "goto fail;\n"); - used_fail++; - fprintf(codefile, - "for((%s)->len = 0; (%s)->len < (%s)->len; (%s)->len++){\n", - to, to, from, to); - asprintf(&f, "&(%s)->val[(%s)->len]", from, to); - if (f == NULL) - errx(1, "malloc"); - asprintf(&T, "&(%s)->val[(%s)->len]", to, to); - if (T == NULL) - errx(1, "malloc"); - copy_type(f, T, t->subtype, FALSE); - fprintf(codefile, "}\n"); - free(f); - free(T); - break; - } - case TGeneralizedTime: - fprintf(codefile, "*(%s) = *(%s);\n", to, from); - break; - case TGeneralString: - copy_primitive ("general_string", from, to); - break; - case TUTCTime: - fprintf(codefile, "*(%s) = *(%s);\n", to, from); - break; - case TUTF8String: - copy_primitive ("utf8string", from, to); - break; - case TPrintableString: - copy_primitive ("printable_string", from, to); - break; - case TIA5String: - copy_primitive ("ia5_string", from, to); - break; - case TBMPString: - copy_primitive ("bmp_string", from, to); - break; - case TUniversalString: - copy_primitive ("universal_string", from, to); - break; - case TVisibleString: - copy_primitive ("visible_string", from, to); - break; - case TTag: - copy_type (from, to, t->subtype, preserve); - break; - case TOID: - copy_primitive ("oid", from, to); - break; - case TNull: - break; - default : - abort (); - } -} - -void -generate_type_copy (const Symbol *s) -{ - int preserve = preserve_type(s->name) ? TRUE : FALSE; - - used_fail = 0; - - fprintf (headerfile, - "int copy_%s (const %s *, %s *);\n", - s->gen_name, s->gen_name, s->gen_name); - - fprintf (codefile, "int\n" - "copy_%s(const %s *from, %s *to)\n" - "{\n" - "memset(to, 0, sizeof(*to));\n", - s->gen_name, s->gen_name, s->gen_name); - copy_type ("from", "to", s->type, preserve); - fprintf (codefile, "return 0;\n"); - - if (used_fail) - fprintf (codefile, "fail:\n" - "free_%s(to);\n" - "return ENOMEM;\n", - s->gen_name); - - fprintf(codefile, - "}\n\n"); -} - diff --git a/crypto/heimdal/lib/asn1/gen_decode.c b/crypto/heimdal/lib/asn1/gen_decode.c deleted file mode 100644 index face9ba47a04..000000000000 --- a/crypto/heimdal/lib/asn1/gen_decode.c +++ /dev/null @@ -1,720 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gen_locl.h" -#include "lex.h" - -RCSID("$Id: gen_decode.c 21503 2007-07-12 11:57:19Z lha $"); - -static void -decode_primitive (const char *typename, const char *name, const char *forwstr) -{ -#if 0 - fprintf (codefile, - "e = decode_%s(p, len, %s, &l);\n" - "%s;\n", - typename, - name, - forwstr); -#else - fprintf (codefile, - "e = der_get_%s(p, len, %s, &l);\n" - "if(e) %s;\np += l; len -= l; ret += l;\n", - typename, - name, - forwstr); -#endif -} - -static int -is_primitive_type(int type) -{ - switch(type) { - case TInteger: - case TBoolean: - case TOctetString: - case TBitString: - case TEnumerated: - case TGeneralizedTime: - case TGeneralString: - case TOID: - case TUTCTime: - case TUTF8String: - case TPrintableString: - case TIA5String: - case TBMPString: - case TUniversalString: - case TVisibleString: - case TNull: - return 1; - default: - return 0; - } -} - -static void -find_tag (const Type *t, - Der_class *cl, Der_type *ty, unsigned *tag) -{ - switch (t->type) { - case TBitString: - *cl = ASN1_C_UNIV; - *ty = PRIM; - *tag = UT_BitString; - break; - case TBoolean: - *cl = ASN1_C_UNIV; - *ty = PRIM; - *tag = UT_Boolean; - break; - case TChoice: - errx(1, "Cannot have recursive CHOICE"); - case TEnumerated: - *cl = ASN1_C_UNIV; - *ty = PRIM; - *tag = UT_Enumerated; - break; - case TGeneralString: - *cl = ASN1_C_UNIV; - *ty = PRIM; - *tag = UT_GeneralString; - break; - case TGeneralizedTime: - *cl = ASN1_C_UNIV; - *ty = PRIM; - *tag = UT_GeneralizedTime; - break; - case TIA5String: - *cl = ASN1_C_UNIV; - *ty = PRIM; - *tag = UT_IA5String; - break; - case TInteger: - *cl = ASN1_C_UNIV; - *ty = PRIM; - *tag = UT_Integer; - break; - case TNull: - *cl = ASN1_C_UNIV; - *ty = PRIM; - *tag = UT_Null; - break; - case TOID: - *cl = ASN1_C_UNIV; - *ty = PRIM; - *tag = UT_OID; - break; - case TOctetString: - *cl = ASN1_C_UNIV; - *ty = PRIM; - *tag = UT_OctetString; - break; - case TPrintableString: - *cl = ASN1_C_UNIV; - *ty = PRIM; - *tag = UT_PrintableString; - break; - case TSequence: - case TSequenceOf: - *cl = ASN1_C_UNIV; - *ty = CONS; - *tag = UT_Sequence; - break; - case TSet: - case TSetOf: - *cl = ASN1_C_UNIV; - *ty = CONS; - *tag = UT_Set; - break; - case TTag: - *cl = t->tag.tagclass; - *ty = is_primitive_type(t->subtype->type) ? PRIM : CONS; - *tag = t->tag.tagvalue; - break; - case TType: - if ((t->symbol->stype == Stype && t->symbol->type == NULL) - || t->symbol->stype == SUndefined) { - error_message("%s is imported or still undefined, " - " can't generate tag checking data in CHOICE " - "without this information", - t->symbol->name); - exit(1); - } - find_tag(t->symbol->type, cl, ty, tag); - return; - case TUTCTime: - *cl = ASN1_C_UNIV; - *ty = PRIM; - *tag = UT_UTCTime; - break; - case TUTF8String: - *cl = ASN1_C_UNIV; - *ty = PRIM; - *tag = UT_UTF8String; - break; - case TBMPString: - *cl = ASN1_C_UNIV; - *ty = PRIM; - *tag = UT_BMPString; - break; - case TUniversalString: - *cl = ASN1_C_UNIV; - *ty = PRIM; - *tag = UT_UniversalString; - break; - case TVisibleString: - *cl = ASN1_C_UNIV; - *ty = PRIM; - *tag = UT_VisibleString; - break; - default: - abort(); - } -} - -static void -range_check(const char *name, - const char *length, - const char *forwstr, - struct range *r) -{ - if (r->min == r->max + 2 || r->min < r->max) - fprintf (codefile, - "if ((%s)->%s > %d) {\n" - "e = ASN1_MAX_CONSTRAINT; %s;\n" - "}\n", - name, length, r->max, forwstr); - if (r->min - 1 == r->max || r->min < r->max) - fprintf (codefile, - "if ((%s)->%s < %d) {\n" - "e = ASN1_MIN_CONSTRAINT; %s;\n" - "}\n", - name, length, r->min, forwstr); - if (r->max == r->min) - fprintf (codefile, - "if ((%s)->%s != %d) {\n" - "e = ASN1_EXACT_CONSTRAINT; %s;\n" - "}\n", - name, length, r->min, forwstr); -} - -static int -decode_type (const char *name, const Type *t, int optional, - const char *forwstr, const char *tmpstr) -{ - switch (t->type) { - case TType: { - if (optional) - fprintf(codefile, - "%s = calloc(1, sizeof(*%s));\n" - "if (%s == NULL) %s;\n", - name, name, name, forwstr); - fprintf (codefile, - "e = decode_%s(p, len, %s, &l);\n", - t->symbol->gen_name, name); - if (optional) { - fprintf (codefile, - "if(e) {\n" - "free(%s);\n" - "%s = NULL;\n" - "} else {\n" - "p += l; len -= l; ret += l;\n" - "}\n", - name, name); - } else { - fprintf (codefile, - "if(e) %s;\n", - forwstr); - fprintf (codefile, - "p += l; len -= l; ret += l;\n"); - } - break; - } - case TInteger: - if(t->members) { - fprintf(codefile, - "{\n" - "int enumint;\n"); - decode_primitive ("integer", "&enumint", forwstr); - fprintf(codefile, - "*%s = enumint;\n" - "}\n", - name); - } else if (t->range == NULL) { - decode_primitive ("heim_integer", name, forwstr); - } else if (t->range->min == INT_MIN && t->range->max == INT_MAX) { - decode_primitive ("integer", name, forwstr); - } else if (t->range->min == 0 && t->range->max == UINT_MAX) { - decode_primitive ("unsigned", name, forwstr); - } else if (t->range->min == 0 && t->range->max == INT_MAX) { - decode_primitive ("unsigned", name, forwstr); - } else - errx(1, "%s: unsupported range %d -> %d", - name, t->range->min, t->range->max); - break; - case TBoolean: - decode_primitive ("boolean", name, forwstr); - break; - case TEnumerated: - decode_primitive ("enumerated", name, forwstr); - break; - case TOctetString: - decode_primitive ("octet_string", name, forwstr); - if (t->range) - range_check(name, "length", forwstr, t->range); - break; - case TBitString: { - Member *m; - int pos = 0; - - if (ASN1_TAILQ_EMPTY(t->members)) { - decode_primitive ("bit_string", name, forwstr); - break; - } - fprintf(codefile, - "if (len < 1) return ASN1_OVERRUN;\n" - "p++; len--; ret++;\n"); - fprintf(codefile, - "do {\n" - "if (len < 1) break;\n"); - ASN1_TAILQ_FOREACH(m, t->members, members) { - while (m->val / 8 > pos / 8) { - fprintf (codefile, - "p++; len--; ret++;\n" - "if (len < 1) break;\n"); - pos += 8; - } - fprintf (codefile, - "(%s)->%s = (*p >> %d) & 1;\n", - name, m->gen_name, 7 - m->val % 8); - } - fprintf(codefile, - "} while(0);\n"); - fprintf (codefile, - "p += len; ret += len;\n"); - break; - } - case TSequence: { - Member *m; - - if (t->members == NULL) - break; - - ASN1_TAILQ_FOREACH(m, t->members, members) { - char *s; - - if (m->ellipsis) - continue; - - asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", - name, m->gen_name); - if (s == NULL) - errx(1, "malloc"); - decode_type (s, m->type, m->optional, forwstr, m->gen_name); - free (s); - } - - break; - } - case TSet: { - Member *m; - unsigned int memno; - - if(t->members == NULL) - break; - - fprintf(codefile, "{\n"); - fprintf(codefile, "unsigned int members = 0;\n"); - fprintf(codefile, "while(len > 0) {\n"); - fprintf(codefile, - "Der_class class;\n" - "Der_type type;\n" - "int tag;\n" - "e = der_get_tag (p, len, &class, &type, &tag, NULL);\n" - "if(e) %s;\n", forwstr); - fprintf(codefile, "switch (MAKE_TAG(class, type, tag)) {\n"); - memno = 0; - ASN1_TAILQ_FOREACH(m, t->members, members) { - char *s; - - assert(m->type->type == TTag); - - fprintf(codefile, "case MAKE_TAG(%s, %s, %s):\n", - classname(m->type->tag.tagclass), - is_primitive_type(m->type->subtype->type) ? "PRIM" : "CONS", - valuename(m->type->tag.tagclass, m->type->tag.tagvalue)); - - asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", name, m->gen_name); - if (s == NULL) - errx(1, "malloc"); - if(m->optional) - fprintf(codefile, - "%s = calloc(1, sizeof(*%s));\n" - "if (%s == NULL) { e = ENOMEM; %s; }\n", - s, s, s, forwstr); - decode_type (s, m->type, 0, forwstr, m->gen_name); - free (s); - - fprintf(codefile, "members |= (1 << %d);\n", memno); - memno++; - fprintf(codefile, "break;\n"); - } - fprintf(codefile, - "default:\n" - "return ASN1_MISPLACED_FIELD;\n" - "break;\n"); - fprintf(codefile, "}\n"); - fprintf(codefile, "}\n"); - memno = 0; - ASN1_TAILQ_FOREACH(m, t->members, members) { - char *s; - - asprintf (&s, "%s->%s", name, m->gen_name); - if (s == NULL) - errx(1, "malloc"); - fprintf(codefile, "if((members & (1 << %d)) == 0)\n", memno); - if(m->optional) - fprintf(codefile, "%s = NULL;\n", s); - else if(m->defval) - gen_assign_defval(s, m->defval); - else - fprintf(codefile, "return ASN1_MISSING_FIELD;\n"); - free(s); - memno++; - } - fprintf(codefile, "}\n"); - break; - } - case TSetOf: - case TSequenceOf: { - char *n; - char *sname; - - fprintf (codefile, - "{\n" - "size_t %s_origlen = len;\n" - "size_t %s_oldret = ret;\n" - "size_t %s_olen = 0;\n" - "void *%s_tmp;\n" - "ret = 0;\n" - "(%s)->len = 0;\n" - "(%s)->val = NULL;\n", - tmpstr, - tmpstr, - tmpstr, - tmpstr, - name, - name); - - fprintf (codefile, - "while(ret < %s_origlen) {\n" - "size_t %s_nlen = %s_olen + sizeof(*((%s)->val));\n" - "if (%s_olen > %s_nlen) { e = ASN1_OVERFLOW; %s; }\n" - "%s_olen = %s_nlen;\n" - "%s_tmp = realloc((%s)->val, %s_olen);\n" - "if (%s_tmp == NULL) { e = ENOMEM; %s; }\n" - "(%s)->val = %s_tmp;\n", - tmpstr, - tmpstr, tmpstr, name, - tmpstr, tmpstr, forwstr, - tmpstr, tmpstr, - tmpstr, name, tmpstr, - tmpstr, forwstr, - name, tmpstr); - - asprintf (&n, "&(%s)->val[(%s)->len]", name, name); - if (n == NULL) - errx(1, "malloc"); - asprintf (&sname, "%s_s_of", tmpstr); - if (sname == NULL) - errx(1, "malloc"); - decode_type (n, t->subtype, 0, forwstr, sname); - fprintf (codefile, - "(%s)->len++;\n" - "len = %s_origlen - ret;\n" - "}\n" - "ret += %s_oldret;\n" - "}\n", - name, - tmpstr, tmpstr); - if (t->range) - range_check(name, "len", forwstr, t->range); - free (n); - free (sname); - break; - } - case TGeneralizedTime: - decode_primitive ("generalized_time", name, forwstr); - break; - case TGeneralString: - decode_primitive ("general_string", name, forwstr); - break; - case TTag:{ - char *tname; - - fprintf(codefile, - "{\n" - "size_t %s_datalen, %s_oldlen;\n", - tmpstr, tmpstr); - if(dce_fix) - fprintf(codefile, - "int dce_fix;\n"); - fprintf(codefile, "e = der_match_tag_and_length(p, len, %s, %s, %s, " - "&%s_datalen, &l);\n", - classname(t->tag.tagclass), - is_primitive_type(t->subtype->type) ? "PRIM" : "CONS", - valuename(t->tag.tagclass, t->tag.tagvalue), - tmpstr); - if(optional) { - fprintf(codefile, - "if(e) {\n" - "%s = NULL;\n" - "} else {\n" - "%s = calloc(1, sizeof(*%s));\n" - "if (%s == NULL) { e = ENOMEM; %s; }\n", - name, name, name, name, forwstr); - } else { - fprintf(codefile, "if(e) %s;\n", forwstr); - } - fprintf (codefile, - "p += l; len -= l; ret += l;\n" - "%s_oldlen = len;\n", - tmpstr); - if(dce_fix) - fprintf (codefile, - "if((dce_fix = _heim_fix_dce(%s_datalen, &len)) < 0)\n" - "{ e = ASN1_BAD_FORMAT; %s; }\n", - tmpstr, forwstr); - else - fprintf(codefile, - "if (%s_datalen > len) { e = ASN1_OVERRUN; %s; }\n" - "len = %s_datalen;\n", tmpstr, forwstr, tmpstr); - asprintf (&tname, "%s_Tag", tmpstr); - if (tname == NULL) - errx(1, "malloc"); - decode_type (name, t->subtype, 0, forwstr, tname); - if(dce_fix) - fprintf(codefile, - "if(dce_fix){\n" - "e = der_match_tag_and_length (p, len, " - "(Der_class)0,(Der_type)0, UT_EndOfContent, " - "&%s_datalen, &l);\n" - "if(e) %s;\np += l; len -= l; ret += l;\n" - "} else \n", tmpstr, forwstr); - fprintf(codefile, - "len = %s_oldlen - %s_datalen;\n", - tmpstr, tmpstr); - if(optional) - fprintf(codefile, - "}\n"); - fprintf(codefile, - "}\n"); - free(tname); - break; - } - case TChoice: { - Member *m, *have_ellipsis = NULL; - const char *els = ""; - - if (t->members == NULL) - break; - - ASN1_TAILQ_FOREACH(m, t->members, members) { - const Type *tt = m->type; - char *s; - Der_class cl; - Der_type ty; - unsigned tag; - - if (m->ellipsis) { - have_ellipsis = m; - continue; - } - - find_tag(tt, &cl, &ty, &tag); - - fprintf(codefile, - "%sif (der_match_tag(p, len, %s, %s, %s, NULL) == 0) {\n", - els, - classname(cl), - ty ? "CONS" : "PRIM", - valuename(cl, tag)); - asprintf (&s, "%s(%s)->u.%s", m->optional ? "" : "&", - name, m->gen_name); - if (s == NULL) - errx(1, "malloc"); - decode_type (s, m->type, m->optional, forwstr, m->gen_name); - fprintf(codefile, - "(%s)->element = %s;\n", - name, m->label); - free(s); - fprintf(codefile, - "}\n"); - els = "else "; - } - if (have_ellipsis) { - fprintf(codefile, - "else {\n" - "(%s)->u.%s.data = calloc(1, len);\n" - "if ((%s)->u.%s.data == NULL) {\n" - "e = ENOMEM; %s;\n" - "}\n" - "(%s)->u.%s.length = len;\n" - "memcpy((%s)->u.%s.data, p, len);\n" - "(%s)->element = %s;\n" - "p += len;\n" - "ret += len;\n" - "len -= len;\n" - "}\n", - name, have_ellipsis->gen_name, - name, have_ellipsis->gen_name, - forwstr, - name, have_ellipsis->gen_name, - name, have_ellipsis->gen_name, - name, have_ellipsis->label); - } else { - fprintf(codefile, - "else {\n" - "e = ASN1_PARSE_ERROR;\n" - "%s;\n" - "}\n", - forwstr); - } - break; - } - case TUTCTime: - decode_primitive ("utctime", name, forwstr); - break; - case TUTF8String: - decode_primitive ("utf8string", name, forwstr); - break; - case TPrintableString: - decode_primitive ("printable_string", name, forwstr); - break; - case TIA5String: - decode_primitive ("ia5_string", name, forwstr); - break; - case TBMPString: - decode_primitive ("bmp_string", name, forwstr); - break; - case TUniversalString: - decode_primitive ("universal_string", name, forwstr); - break; - case TVisibleString: - decode_primitive ("visible_string", name, forwstr); - break; - case TNull: - fprintf (codefile, "/* NULL */\n"); - break; - case TOID: - decode_primitive ("oid", name, forwstr); - break; - default : - abort (); - } - return 0; -} - -void -generate_type_decode (const Symbol *s) -{ - int preserve = preserve_type(s->name) ? TRUE : FALSE; - - fprintf (headerfile, - "int " - "decode_%s(const unsigned char *, size_t, %s *, size_t *);\n", - s->gen_name, s->gen_name); - - fprintf (codefile, "int\n" - "decode_%s(const unsigned char *p," - " size_t len, %s *data, size_t *size)\n" - "{\n", - s->gen_name, s->gen_name); - - switch (s->type->type) { - case TInteger: - case TBoolean: - case TOctetString: - case TOID: - case TGeneralizedTime: - case TGeneralString: - case TUTF8String: - case TPrintableString: - case TIA5String: - case TBMPString: - case TUniversalString: - case TVisibleString: - case TUTCTime: - case TNull: - case TEnumerated: - case TBitString: - case TSequence: - case TSequenceOf: - case TSet: - case TSetOf: - case TTag: - case TType: - case TChoice: - fprintf (codefile, - "size_t ret = 0;\n" - "size_t l;\n" - "int e;\n"); - if (preserve) - fprintf (codefile, "const unsigned char *begin = p;\n"); - - fprintf (codefile, "\n"); - fprintf (codefile, "memset(data, 0, sizeof(*data));\n"); /* hack to avoid `unused variable' */ - - decode_type ("data", s->type, 0, "goto fail", "Top"); - if (preserve) - fprintf (codefile, - "data->_save.data = calloc(1, ret);\n" - "if (data->_save.data == NULL) { \n" - "e = ENOMEM; goto fail; \n" - "}\n" - "data->_save.length = ret;\n" - "memcpy(data->_save.data, begin, ret);\n"); - fprintf (codefile, - "if(size) *size = ret;\n" - "return 0;\n"); - fprintf (codefile, - "fail:\n" - "free_%s(data);\n" - "return e;\n", - s->gen_name); - break; - default: - abort (); - } - fprintf (codefile, "}\n\n"); -} diff --git a/crypto/heimdal/lib/asn1/gen_encode.c b/crypto/heimdal/lib/asn1/gen_encode.c deleted file mode 100644 index 08f1a9449f8b..000000000000 --- a/crypto/heimdal/lib/asn1/gen_encode.c +++ /dev/null @@ -1,557 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gen_locl.h" - -RCSID("$Id: gen_encode.c 22429 2008-01-13 10:25:50Z lha $"); - -static void -encode_primitive (const char *typename, const char *name) -{ - fprintf (codefile, - "e = der_put_%s(p, len, %s, &l);\n" - "if (e) return e;\np -= l; len -= l; ret += l;\n\n", - typename, - name); -} - -const char * -classname(Der_class class) -{ - const char *cn[] = { "ASN1_C_UNIV", "ASN1_C_APPL", - "ASN1_C_CONTEXT", "ASN1_C_PRIV" }; - if(class < ASN1_C_UNIV || class > ASN1_C_PRIVATE) - return "???"; - return cn[class]; -} - - -const char * -valuename(Der_class class, int value) -{ - static char s[32]; - struct { - int value; - const char *s; - } *p, values[] = { -#define X(Y) { Y, #Y } - X(UT_BMPString), - X(UT_BitString), - X(UT_Boolean), - X(UT_EmbeddedPDV), - X(UT_Enumerated), - X(UT_External), - X(UT_GeneralString), - X(UT_GeneralizedTime), - X(UT_GraphicString), - X(UT_IA5String), - X(UT_Integer), - X(UT_Null), - X(UT_NumericString), - X(UT_OID), - X(UT_ObjectDescriptor), - X(UT_OctetString), - X(UT_PrintableString), - X(UT_Real), - X(UT_RelativeOID), - X(UT_Sequence), - X(UT_Set), - X(UT_TeletexString), - X(UT_UTCTime), - X(UT_UTF8String), - X(UT_UniversalString), - X(UT_VideotexString), - X(UT_VisibleString), -#undef X - { -1, NULL } - }; - if(class == ASN1_C_UNIV) { - for(p = values; p->value != -1; p++) - if(p->value == value) - return p->s; - } - snprintf(s, sizeof(s), "%d", value); - return s; -} - -static int -encode_type (const char *name, const Type *t, const char *tmpstr) -{ - int constructed = 1; - - switch (t->type) { - case TType: -#if 0 - encode_type (name, t->symbol->type); -#endif - fprintf (codefile, - "e = encode_%s(p, len, %s, &l);\n" - "if (e) return e;\np -= l; len -= l; ret += l;\n\n", - t->symbol->gen_name, name); - break; - case TInteger: - if(t->members) { - fprintf(codefile, - "{\n" - "int enumint = (int)*%s;\n", - name); - encode_primitive ("integer", "&enumint"); - fprintf(codefile, "}\n;"); - } else if (t->range == NULL) { - encode_primitive ("heim_integer", name); - } else if (t->range->min == INT_MIN && t->range->max == INT_MAX) { - encode_primitive ("integer", name); - } else if (t->range->min == 0 && t->range->max == UINT_MAX) { - encode_primitive ("unsigned", name); - } else if (t->range->min == 0 && t->range->max == INT_MAX) { - encode_primitive ("unsigned", name); - } else - errx(1, "%s: unsupported range %d -> %d", - name, t->range->min, t->range->max); - constructed = 0; - break; - case TBoolean: - encode_primitive ("boolean", name); - constructed = 0; - break; - case TOctetString: - encode_primitive ("octet_string", name); - constructed = 0; - break; - case TBitString: { - Member *m; - int pos; - - if (ASN1_TAILQ_EMPTY(t->members)) { - encode_primitive("bit_string", name); - constructed = 0; - break; - } - - fprintf (codefile, "{\n" - "unsigned char c = 0;\n"); - if (!rfc1510_bitstring) - fprintf (codefile, - "int rest = 0;\n" - "int bit_set = 0;\n"); -#if 0 - pos = t->members->prev->val; - /* fix for buggy MIT (and OSF?) code */ - if (pos > 31) - abort (); -#endif - /* - * It seems that if we do not always set pos to 31 here, the MIT - * code will do the wrong thing. - * - * I hate ASN.1 (and DER), but I hate it even more when everybody - * has to screw it up differently. - */ - pos = ASN1_TAILQ_LAST(t->members, memhead)->val; - if (rfc1510_bitstring) { - if (pos < 31) - pos = 31; - } - - ASN1_TAILQ_FOREACH_REVERSE(m, t->members, memhead, members) { - while (m->val / 8 < pos / 8) { - if (!rfc1510_bitstring) - fprintf (codefile, - "if (c != 0 || bit_set) {\n"); - fprintf (codefile, - "if (len < 1) return ASN1_OVERFLOW;\n" - "*p-- = c; len--; ret++;\n"); - if (!rfc1510_bitstring) - fprintf (codefile, - "if (!bit_set) {\n" - "rest = 0;\n" - "while(c) { \n" - "if (c & 1) break;\n" - "c = c >> 1;\n" - "rest++;\n" - "}\n" - "bit_set = 1;\n" - "}\n" - "}\n"); - fprintf (codefile, - "c = 0;\n"); - pos -= 8; - } - fprintf (codefile, - "if((%s)->%s) {\n" - "c |= 1<<%d;\n", - name, m->gen_name, 7 - m->val % 8); - fprintf (codefile, - "}\n"); - } - - if (!rfc1510_bitstring) - fprintf (codefile, - "if (c != 0 || bit_set) {\n"); - fprintf (codefile, - "if (len < 1) return ASN1_OVERFLOW;\n" - "*p-- = c; len--; ret++;\n"); - if (!rfc1510_bitstring) - fprintf (codefile, - "if (!bit_set) {\n" - "rest = 0;\n" - "if(c) { \n" - "while(c) { \n" - "if (c & 1) break;\n" - "c = c >> 1;\n" - "rest++;\n" - "}\n" - "}\n" - "}\n" - "}\n"); - - fprintf (codefile, - "if (len < 1) return ASN1_OVERFLOW;\n" - "*p-- = %s;\n" - "len -= 1;\n" - "ret += 1;\n" - "}\n\n", - rfc1510_bitstring ? "0" : "rest"); - constructed = 0; - break; - } - case TEnumerated : { - encode_primitive ("enumerated", name); - constructed = 0; - break; - } - - case TSet: - case TSequence: { - Member *m; - - if (t->members == NULL) - break; - - ASN1_TAILQ_FOREACH_REVERSE(m, t->members, memhead, members) { - char *s; - - if (m->ellipsis) - continue; - - asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", name, m->gen_name); - if (s == NULL) - errx(1, "malloc"); - fprintf(codefile, "/* %s */\n", m->name); - if (m->optional) - fprintf (codefile, - "if(%s) ", - s); - else if(m->defval) - gen_compare_defval(s + 1, m->defval); - fprintf (codefile, "{\n"); - fprintf (codefile, "size_t %s_oldret = ret;\n", tmpstr); - fprintf (codefile, "ret = 0;\n"); - encode_type (s, m->type, m->gen_name); - fprintf (codefile, "ret += %s_oldret;\n", tmpstr); - fprintf (codefile, "}\n"); - free (s); - } - break; - } - case TSetOf: { - - fprintf(codefile, - "{\n" - "struct heim_octet_string *val;\n" - "size_t elen, totallen = 0;\n" - "int eret;\n"); - - fprintf(codefile, - "if ((%s)->len > UINT_MAX/sizeof(val[0]))\n" - "return ERANGE;\n", - name); - - fprintf(codefile, - "val = malloc(sizeof(val[0]) * (%s)->len);\n" - "if (val == NULL && (%s)->len != 0) return ENOMEM;\n", - name, name); - - fprintf(codefile, - "for(i = 0; i < (%s)->len; i++) {\n", - name); - - fprintf(codefile, - "ASN1_MALLOC_ENCODE(%s, val[i].data, " - "val[i].length, &(%s)->val[i], &elen, eret);\n", - t->subtype->symbol->gen_name, - name); - - fprintf(codefile, - "if(eret) {\n" - "i--;\n" - "while (i >= 0) {\n" - "free(val[i].data);\n" - "i--;\n" - "}\n" - "free(val);\n" - "return eret;\n" - "}\n" - "totallen += elen;\n" - "}\n"); - - fprintf(codefile, - "if (totallen > len) {\n" - "for (i = 0; i < (%s)->len; i++) {\n" - "free(val[i].data);\n" - "}\n" - "free(val);\n" - "return ASN1_OVERFLOW;\n" - "}\n", - name); - - fprintf(codefile, - "qsort(val, (%s)->len, sizeof(val[0]), _heim_der_set_sort);\n", - name); - - fprintf (codefile, - "for(i = (%s)->len - 1; i >= 0; --i) {\n" - "p -= val[i].length;\n" - "ret += val[i].length;\n" - "memcpy(p + 1, val[i].data, val[i].length);\n" - "free(val[i].data);\n" - "}\n" - "free(val);\n" - "}\n", - name); - break; - } - case TSequenceOf: { - char *n; - char *sname; - - fprintf (codefile, - "for(i = (%s)->len - 1; i >= 0; --i) {\n" - "size_t %s_for_oldret = ret;\n" - "ret = 0;\n", - name, tmpstr); - asprintf (&n, "&(%s)->val[i]", name); - if (n == NULL) - errx(1, "malloc"); - asprintf (&sname, "%s_S_Of", tmpstr); - if (sname == NULL) - errx(1, "malloc"); - encode_type (n, t->subtype, sname); - fprintf (codefile, - "ret += %s_for_oldret;\n" - "}\n", - tmpstr); - free (n); - free (sname); - break; - } - case TGeneralizedTime: - encode_primitive ("generalized_time", name); - constructed = 0; - break; - case TGeneralString: - encode_primitive ("general_string", name); - constructed = 0; - break; - case TTag: { - char *tname; - int c; - asprintf (&tname, "%s_tag", tmpstr); - if (tname == NULL) - errx(1, "malloc"); - c = encode_type (name, t->subtype, tname); - fprintf (codefile, - "e = der_put_length_and_tag (p, len, ret, %s, %s, %s, &l);\n" - "if (e) return e;\np -= l; len -= l; ret += l;\n\n", - classname(t->tag.tagclass), - c ? "CONS" : "PRIM", - valuename(t->tag.tagclass, t->tag.tagvalue)); - free (tname); - break; - } - case TChoice:{ - Member *m, *have_ellipsis = NULL; - char *s; - - if (t->members == NULL) - break; - - fprintf(codefile, "\n"); - - asprintf (&s, "(%s)", name); - if (s == NULL) - errx(1, "malloc"); - fprintf(codefile, "switch(%s->element) {\n", s); - - ASN1_TAILQ_FOREACH_REVERSE(m, t->members, memhead, members) { - char *s2; - - if (m->ellipsis) { - have_ellipsis = m; - continue; - } - - fprintf (codefile, "case %s: {", m->label); - asprintf(&s2, "%s(%s)->u.%s", m->optional ? "" : "&", - s, m->gen_name); - if (s2 == NULL) - errx(1, "malloc"); - if (m->optional) - fprintf (codefile, "if(%s) {\n", s2); - fprintf (codefile, "size_t %s_oldret = ret;\n", tmpstr); - fprintf (codefile, "ret = 0;\n"); - constructed = encode_type (s2, m->type, m->gen_name); - fprintf (codefile, "ret += %s_oldret;\n", tmpstr); - if(m->optional) - fprintf (codefile, "}\n"); - fprintf(codefile, "break;\n"); - fprintf(codefile, "}\n"); - free (s2); - } - free (s); - if (have_ellipsis) { - fprintf(codefile, - "case %s: {\n" - "if (len < (%s)->u.%s.length)\n" - "return ASN1_OVERFLOW;\n" - "p -= (%s)->u.%s.length;\n" - "ret += (%s)->u.%s.length;\n" - "memcpy(p + 1, (%s)->u.%s.data, (%s)->u.%s.length);\n" - "break;\n" - "}\n", - have_ellipsis->label, - name, have_ellipsis->gen_name, - name, have_ellipsis->gen_name, - name, have_ellipsis->gen_name, - name, have_ellipsis->gen_name, - name, have_ellipsis->gen_name); - } - fprintf(codefile, "};\n"); - break; - } - case TOID: - encode_primitive ("oid", name); - constructed = 0; - break; - case TUTCTime: - encode_primitive ("utctime", name); - constructed = 0; - break; - case TUTF8String: - encode_primitive ("utf8string", name); - constructed = 0; - break; - case TPrintableString: - encode_primitive ("printable_string", name); - constructed = 0; - break; - case TIA5String: - encode_primitive ("ia5_string", name); - constructed = 0; - break; - case TBMPString: - encode_primitive ("bmp_string", name); - constructed = 0; - break; - case TUniversalString: - encode_primitive ("universal_string", name); - constructed = 0; - break; - case TVisibleString: - encode_primitive ("visible_string", name); - constructed = 0; - break; - case TNull: - fprintf (codefile, "/* NULL */\n"); - constructed = 0; - break; - default: - abort (); - } - return constructed; -} - -void -generate_type_encode (const Symbol *s) -{ - fprintf (headerfile, - "int " - "encode_%s(unsigned char *, size_t, const %s *, size_t *);\n", - s->gen_name, s->gen_name); - - fprintf (codefile, "int\n" - "encode_%s(unsigned char *p, size_t len," - " const %s *data, size_t *size)\n" - "{\n", - s->gen_name, s->gen_name); - - switch (s->type->type) { - case TInteger: - case TBoolean: - case TOctetString: - case TGeneralizedTime: - case TGeneralString: - case TUTCTime: - case TUTF8String: - case TPrintableString: - case TIA5String: - case TBMPString: - case TUniversalString: - case TVisibleString: - case TNull: - case TBitString: - case TEnumerated: - case TOID: - case TSequence: - case TSequenceOf: - case TSet: - case TSetOf: - case TTag: - case TType: - case TChoice: - fprintf (codefile, - "size_t ret = 0;\n" - "size_t l;\n" - "int i, e;\n\n"); - fprintf(codefile, "i = 0;\n"); /* hack to avoid `unused variable' */ - - encode_type("data", s->type, "Top"); - - fprintf (codefile, "*size = ret;\n" - "return 0;\n"); - break; - default: - abort (); - } - fprintf (codefile, "}\n\n"); -} diff --git a/crypto/heimdal/lib/asn1/gen_free.c b/crypto/heimdal/lib/asn1/gen_free.c deleted file mode 100644 index d667c5d31aad..000000000000 --- a/crypto/heimdal/lib/asn1/gen_free.c +++ /dev/null @@ -1,194 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gen_locl.h" - -RCSID("$Id: gen_free.c 19539 2006-12-28 17:15:05Z lha $"); - -static void -free_primitive (const char *typename, const char *name) -{ - fprintf (codefile, "der_free_%s(%s);\n", typename, name); -} - -static void -free_type (const char *name, const Type *t, int preserve) -{ - switch (t->type) { - case TType: -#if 0 - free_type (name, t->symbol->type, preserve); -#endif - fprintf (codefile, "free_%s(%s);\n", t->symbol->gen_name, name); - break; - case TInteger: - if (t->range == NULL && t->members == NULL) { - free_primitive ("heim_integer", name); - break; - } - case TBoolean: - case TEnumerated : - case TNull: - case TGeneralizedTime: - case TUTCTime: - break; - case TBitString: - if (ASN1_TAILQ_EMPTY(t->members)) - free_primitive("bit_string", name); - break; - case TOctetString: - free_primitive ("octet_string", name); - break; - case TChoice: - case TSet: - case TSequence: { - Member *m, *have_ellipsis = NULL; - - if (t->members == NULL) - break; - - if ((t->type == TSequence || t->type == TChoice) && preserve) - fprintf(codefile, "der_free_octet_string(&data->_save);\n"); - - if(t->type == TChoice) - fprintf(codefile, "switch((%s)->element) {\n", name); - - ASN1_TAILQ_FOREACH(m, t->members, members) { - char *s; - - if (m->ellipsis){ - have_ellipsis = m; - continue; - } - - if(t->type == TChoice) - fprintf(codefile, "case %s:\n", m->label); - asprintf (&s, "%s(%s)->%s%s", - m->optional ? "" : "&", name, - t->type == TChoice ? "u." : "", m->gen_name); - if (s == NULL) - errx(1, "malloc"); - if(m->optional) - fprintf(codefile, "if(%s) {\n", s); - free_type (s, m->type, FALSE); - if(m->optional) - fprintf(codefile, - "free(%s);\n" - "%s = NULL;\n" - "}\n",s, s); - free (s); - if(t->type == TChoice) - fprintf(codefile, "break;\n"); - } - - if(t->type == TChoice) { - if (have_ellipsis) - fprintf(codefile, - "case %s:\n" - "der_free_octet_string(&(%s)->u.%s);\n" - "break;", - have_ellipsis->label, - name, have_ellipsis->gen_name); - fprintf(codefile, "}\n"); - } - break; - } - case TSetOf: - case TSequenceOf: { - char *n; - - fprintf (codefile, "while((%s)->len){\n", name); - asprintf (&n, "&(%s)->val[(%s)->len-1]", name, name); - if (n == NULL) - errx(1, "malloc"); - free_type(n, t->subtype, FALSE); - fprintf(codefile, - "(%s)->len--;\n" - "}\n", - name); - fprintf(codefile, - "free((%s)->val);\n" - "(%s)->val = NULL;\n", name, name); - free(n); - break; - } - case TGeneralString: - free_primitive ("general_string", name); - break; - case TUTF8String: - free_primitive ("utf8string", name); - break; - case TPrintableString: - free_primitive ("printable_string", name); - break; - case TIA5String: - free_primitive ("ia5_string", name); - break; - case TBMPString: - free_primitive ("bmp_string", name); - break; - case TUniversalString: - free_primitive ("universal_string", name); - break; - case TVisibleString: - free_primitive ("visible_string", name); - break; - case TTag: - free_type (name, t->subtype, preserve); - break; - case TOID : - free_primitive ("oid", name); - break; - default : - abort (); - } -} - -void -generate_type_free (const Symbol *s) -{ - int preserve = preserve_type(s->name) ? TRUE : FALSE; - - fprintf (headerfile, - "void free_%s (%s *);\n", - s->gen_name, s->gen_name); - - fprintf (codefile, "void\n" - "free_%s(%s *data)\n" - "{\n", - s->gen_name, s->gen_name); - - free_type ("data", s->type, preserve); - fprintf (codefile, "}\n\n"); -} - diff --git a/crypto/heimdal/lib/asn1/gen_glue.c b/crypto/heimdal/lib/asn1/gen_glue.c deleted file mode 100644 index 8d8bd152a3b7..000000000000 --- a/crypto/heimdal/lib/asn1/gen_glue.c +++ /dev/null @@ -1,140 +0,0 @@ -/* - * Copyright (c) 1997, 1999, 2000, 2003 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gen_locl.h" - -RCSID("$Id: gen_glue.c 15617 2005-07-12 06:27:42Z lha $"); - -static void -generate_2int (const Type *t, const char *gen_name) -{ - Member *m; - - fprintf (headerfile, - "unsigned %s2int(%s);\n", - gen_name, gen_name); - - fprintf (codefile, - "unsigned %s2int(%s f)\n" - "{\n" - "unsigned r = 0;\n", - gen_name, gen_name); - - ASN1_TAILQ_FOREACH(m, t->members, members) { - fprintf (codefile, "if(f.%s) r |= (1U << %d);\n", - m->gen_name, m->val); - } - fprintf (codefile, "return r;\n" - "}\n\n"); -} - -static void -generate_int2 (const Type *t, const char *gen_name) -{ - Member *m; - - fprintf (headerfile, - "%s int2%s(unsigned);\n", - gen_name, gen_name); - - fprintf (codefile, - "%s int2%s(unsigned n)\n" - "{\n" - "\t%s flags;\n\n", - gen_name, gen_name, gen_name); - - if(t->members) { - ASN1_TAILQ_FOREACH(m, t->members, members) { - fprintf (codefile, "\tflags.%s = (n >> %d) & 1;\n", - m->gen_name, m->val); - } - } - fprintf (codefile, "\treturn flags;\n" - "}\n\n"); -} - -/* - * This depends on the bit string being declared in increasing order - */ - -static void -generate_units (const Type *t, const char *gen_name) -{ - Member *m; - - fprintf (headerfile, - "const struct units * asn1_%s_units(void);", - gen_name); - - fprintf (codefile, - "static struct units %s_units[] = {\n", - gen_name); - - if(t->members) { - ASN1_TAILQ_FOREACH_REVERSE(m, t->members, memhead, members) { - fprintf (codefile, - "\t{\"%s\",\t1U << %d},\n", m->gen_name, m->val); - } - } - - fprintf (codefile, - "\t{NULL,\t0}\n" - "};\n\n"); - - fprintf (codefile, - "const struct units * asn1_%s_units(void){\n" - "return %s_units;\n" - "}\n\n", - gen_name, gen_name); - - -} - -void -generate_glue (const Type *t, const char *gen_name) -{ - switch(t->type) { - case TTag: - generate_glue(t->subtype, gen_name); - break; - case TBitString : - if (!ASN1_TAILQ_EMPTY(t->members)) { - generate_2int (t, gen_name); - generate_int2 (t, gen_name); - generate_units (t, gen_name); - } - break; - default : - break; - } -} diff --git a/crypto/heimdal/lib/asn1/gen_length.c b/crypto/heimdal/lib/asn1/gen_length.c deleted file mode 100644 index 4cb5d45089f5..000000000000 --- a/crypto/heimdal/lib/asn1/gen_length.c +++ /dev/null @@ -1,283 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gen_locl.h" - -RCSID("$Id: gen_length.c 21503 2007-07-12 11:57:19Z lha $"); - -static void -length_primitive (const char *typename, - const char *name, - const char *variable) -{ - fprintf (codefile, "%s += der_length_%s(%s);\n", variable, typename, name); -} - -static size_t -length_tag(unsigned int tag) -{ - size_t len = 0; - - if(tag <= 30) - return 1; - while(tag) { - tag /= 128; - len++; - } - return len + 1; -} - - -static int -length_type (const char *name, const Type *t, - const char *variable, const char *tmpstr) -{ - switch (t->type) { - case TType: -#if 0 - length_type (name, t->symbol->type); -#endif - fprintf (codefile, "%s += length_%s(%s);\n", - variable, t->symbol->gen_name, name); - break; - case TInteger: - if(t->members) { - fprintf(codefile, - "{\n" - "int enumint = *%s;\n", name); - length_primitive ("integer", "&enumint", variable); - fprintf(codefile, "}\n"); - } else if (t->range == NULL) { - length_primitive ("heim_integer", name, variable); - } else if (t->range->min == INT_MIN && t->range->max == INT_MAX) { - length_primitive ("integer", name, variable); - } else if (t->range->min == 0 && t->range->max == UINT_MAX) { - length_primitive ("unsigned", name, variable); - } else if (t->range->min == 0 && t->range->max == INT_MAX) { - length_primitive ("unsigned", name, variable); - } else - errx(1, "%s: unsupported range %d -> %d", - name, t->range->min, t->range->max); - - break; - case TBoolean: - fprintf (codefile, "%s += 1;\n", variable); - break; - case TEnumerated : - length_primitive ("enumerated", name, variable); - break; - case TOctetString: - length_primitive ("octet_string", name, variable); - break; - case TBitString: { - if (ASN1_TAILQ_EMPTY(t->members)) - length_primitive("bit_string", name, variable); - else { - if (!rfc1510_bitstring) { - Member *m; - int pos = ASN1_TAILQ_LAST(t->members, memhead)->val; - - fprintf(codefile, - "do {\n"); - ASN1_TAILQ_FOREACH_REVERSE(m, t->members, memhead, members) { - while (m->val / 8 < pos / 8) { - pos -= 8; - } - fprintf (codefile, - "if((%s)->%s) { %s += %d; break; }\n", - name, m->gen_name, variable, (pos + 8) / 8); - } - fprintf(codefile, - "} while(0);\n"); - fprintf (codefile, "%s += 1;\n", variable); - } else { - fprintf (codefile, "%s += 5;\n", variable); - } - } - break; - } - case TSet: - case TSequence: - case TChoice: { - Member *m, *have_ellipsis = NULL; - - if (t->members == NULL) - break; - - if(t->type == TChoice) - fprintf (codefile, "switch((%s)->element) {\n", name); - - ASN1_TAILQ_FOREACH(m, t->members, members) { - char *s; - - if (m->ellipsis) { - have_ellipsis = m; - continue; - } - - if(t->type == TChoice) - fprintf(codefile, "case %s:\n", m->label); - - asprintf (&s, "%s(%s)->%s%s", - m->optional ? "" : "&", name, - t->type == TChoice ? "u." : "", m->gen_name); - if (s == NULL) - errx(1, "malloc"); - if (m->optional) - fprintf (codefile, "if(%s)", s); - else if(m->defval) - gen_compare_defval(s + 1, m->defval); - fprintf (codefile, "{\n" - "size_t %s_oldret = %s;\n" - "%s = 0;\n", tmpstr, variable, variable); - length_type (s, m->type, "ret", m->gen_name); - fprintf (codefile, "ret += %s_oldret;\n", tmpstr); - fprintf (codefile, "}\n"); - free (s); - if(t->type == TChoice) - fprintf(codefile, "break;\n"); - } - if(t->type == TChoice) { - if (have_ellipsis) - fprintf(codefile, - "case %s:\n" - "ret += (%s)->u.%s.length;\n" - "break;\n", - have_ellipsis->label, - name, - have_ellipsis->gen_name); - fprintf (codefile, "}\n"); /* switch */ - } - break; - } - case TSetOf: - case TSequenceOf: { - char *n; - char *sname; - - fprintf (codefile, - "{\n" - "int %s_oldret = %s;\n" - "int i;\n" - "%s = 0;\n", - tmpstr, variable, variable); - - fprintf (codefile, "for(i = (%s)->len - 1; i >= 0; --i){\n", name); - fprintf (codefile, "int %s_for_oldret = %s;\n" - "%s = 0;\n", tmpstr, variable, variable); - asprintf (&n, "&(%s)->val[i]", name); - if (n == NULL) - errx(1, "malloc"); - asprintf (&sname, "%s_S_Of", tmpstr); - if (sname == NULL) - errx(1, "malloc"); - length_type(n, t->subtype, variable, sname); - fprintf (codefile, "%s += %s_for_oldret;\n", - variable, tmpstr); - fprintf (codefile, "}\n"); - - fprintf (codefile, - "%s += %s_oldret;\n" - "}\n", variable, tmpstr); - free(n); - free(sname); - break; - } - case TGeneralizedTime: - length_primitive ("generalized_time", name, variable); - break; - case TGeneralString: - length_primitive ("general_string", name, variable); - break; - case TUTCTime: - length_primitive ("utctime", name, variable); - break; - case TUTF8String: - length_primitive ("utf8string", name, variable); - break; - case TPrintableString: - length_primitive ("printable_string", name, variable); - break; - case TIA5String: - length_primitive ("ia5_string", name, variable); - break; - case TBMPString: - length_primitive ("bmp_string", name, variable); - break; - case TUniversalString: - length_primitive ("universal_string", name, variable); - break; - case TVisibleString: - length_primitive ("visible_string", name, variable); - break; - case TNull: - fprintf (codefile, "/* NULL */\n"); - break; - case TTag:{ - char *tname; - asprintf(&tname, "%s_tag", tmpstr); - if (tname == NULL) - errx(1, "malloc"); - length_type (name, t->subtype, variable, tname); - fprintf (codefile, "ret += %lu + der_length_len (ret);\n", - (unsigned long)length_tag(t->tag.tagvalue)); - free(tname); - break; - } - case TOID: - length_primitive ("oid", name, variable); - break; - default : - abort (); - } - return 0; -} - -void -generate_type_length (const Symbol *s) -{ - fprintf (headerfile, - "size_t length_%s(const %s *);\n", - s->gen_name, s->gen_name); - - fprintf (codefile, - "size_t\n" - "length_%s(const %s *data)\n" - "{\n" - "size_t ret = 0;\n", - s->gen_name, s->gen_name); - - length_type ("data", s->type, "ret", "Top"); - fprintf (codefile, "return ret;\n}\n\n"); -} - diff --git a/crypto/heimdal/lib/asn1/gen_locl.h b/crypto/heimdal/lib/asn1/gen_locl.h deleted file mode 100644 index 8cd4dbad5a84..000000000000 --- a/crypto/heimdal/lib/asn1/gen_locl.h +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: gen_locl.h 18008 2006-09-05 12:29:18Z lha $ */ - -#ifndef __GEN_LOCL_H__ -#define __GEN_LOCL_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "hash.h" -#include "symbol.h" -#include "asn1-common.h" -#include "der.h" - -void generate_type (const Symbol *); -void generate_constant (const Symbol *); -void generate_type_encode (const Symbol *); -void generate_type_decode (const Symbol *); -void generate_type_free (const Symbol *); -void generate_type_length (const Symbol *); -void generate_type_copy (const Symbol *); -void generate_type_seq (const Symbol *); -void generate_glue (const Type *, const char*); - -const char *classname(Der_class); -const char *valuename(Der_class, int); - -void gen_compare_defval(const char *, struct value *); -void gen_assign_defval(const char *, struct value *); - - -void init_generate (const char *, const char *); -const char *get_filename (void); -void close_generate(void); -void add_import(const char *); -int yyparse(void); - -int preserve_type(const char *); -int seq_type(const char *); - -extern FILE *headerfile, *codefile, *logfile; -extern int dce_fix; -extern int rfc1510_bitstring; - -extern int error_flag; - -#endif /* __GEN_LOCL_H__ */ diff --git a/crypto/heimdal/lib/asn1/gen_seq.c b/crypto/heimdal/lib/asn1/gen_seq.c deleted file mode 100644 index 54776752c2e3..000000000000 --- a/crypto/heimdal/lib/asn1/gen_seq.c +++ /dev/null @@ -1,119 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gen_locl.h" - -RCSID("$Id: gen_seq.c 20561 2007-04-24 16:14:30Z lha $"); - -void -generate_type_seq (const Symbol *s) -{ - char *subname; - Type *type; - - if (!seq_type(s->name)) - return; - type = s->type; - while(type->type == TTag) - type = type->subtype; - - if (type->type != TSequenceOf) { - printf("%s not seq of %d\n", s->name, (int)type->type); - return; - } - - /* - * Require the subtype to be a type so we can name it and use - * copy_/free_ - */ - - if (type->subtype->type != TType) { - fprintf(stderr, "%s subtype is not a type, can't generate " - "sequence code for this case: %d\n", - s->name, (int)type->subtype->type); - exit(1); - } - - subname = type->subtype->symbol->gen_name; - - fprintf (headerfile, - "int add_%s (%s *, const %s *);\n" - "int remove_%s (%s *, unsigned int);\n", - s->gen_name, s->gen_name, subname, - s->gen_name, s->gen_name); - - fprintf (codefile, "int\n" - "add_%s(%s *data, const %s *element)\n" - "{\n", - s->gen_name, s->gen_name, subname); - - fprintf (codefile, - "int ret;\n" - "void *ptr;\n" - "\n" - "ptr = realloc(data->val, \n" - "\t(data->len + 1) * sizeof(data->val[0]));\n" - "if (ptr == NULL) return ENOMEM;\n" - "data->val = ptr;\n\n" - "ret = copy_%s(element, &data->val[data->len]);\n" - "if (ret) return ret;\n" - "data->len++;\n" - "return 0;\n", - subname); - - fprintf (codefile, "}\n\n"); - - fprintf (codefile, "int\n" - "remove_%s(%s *data, unsigned int element)\n" - "{\n", - s->gen_name, s->gen_name); - - fprintf (codefile, - "void *ptr;\n" - "\n" - "if (data->len == 0 || element >= data->len)\n" - "\treturn ASN1_OVERRUN;\n" - "free_%s(&data->val[element]);\n" - "data->len--;\n" - /* don't move if its the last element */ - "if (element < data->len)\n" - "\tmemmove(&data->val[element], &data->val[element + 1], \n" - "\t\tsizeof(data->val[0]) * data->len);\n" - /* resize but don't care about failures since it doesn't matter */ - "ptr = realloc(data->val, data->len * sizeof(data->val[0]));\n" - "if (ptr != NULL || data->len == 0) data->val = ptr;\n" - "return 0;\n", - subname); - - fprintf (codefile, "}\n\n"); -} diff --git a/crypto/heimdal/lib/asn1/hash.c b/crypto/heimdal/lib/asn1/hash.c deleted file mode 100644 index eeb6b6d63dc9..000000000000 --- a/crypto/heimdal/lib/asn1/hash.c +++ /dev/null @@ -1,206 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * Hash table functions - */ - -#include "gen_locl.h" - -RCSID("$Id: hash.c 17016 2006-04-07 22:16:00Z lha $"); - -static Hashentry *_search(Hashtab * htab, /* The hash table */ - void *ptr); /* And key */ - -Hashtab * -hashtabnew(int sz, - int (*cmp) (void *, void *), - unsigned (*hash) (void *)) -{ - Hashtab *htab; - int i; - - assert(sz > 0); - - htab = (Hashtab *) malloc(sizeof(Hashtab) + (sz - 1) * sizeof(Hashentry *)); - if (htab == NULL) - return NULL; - - for (i = 0; i < sz; ++i) - htab->tab[i] = NULL; - - htab->cmp = cmp; - htab->hash = hash; - htab->sz = sz; - return htab; -} - -/* Intern search function */ - -static Hashentry * -_search(Hashtab * htab, void *ptr) -{ - Hashentry *hptr; - - assert(htab && ptr); - - for (hptr = htab->tab[(*htab->hash) (ptr) % htab->sz]; - hptr; - hptr = hptr->next) - if ((*htab->cmp) (ptr, hptr->ptr) == 0) - break; - return hptr; -} - -/* Search for element in hash table */ - -void * -hashtabsearch(Hashtab * htab, void *ptr) -{ - Hashentry *tmp; - - tmp = _search(htab, ptr); - return tmp ? tmp->ptr : tmp; -} - -/* add element to hash table */ -/* if already there, set new value */ -/* !NULL if succesful */ - -void * -hashtabadd(Hashtab * htab, void *ptr) -{ - Hashentry *h = _search(htab, ptr); - Hashentry **tabptr; - - assert(htab && ptr); - - if (h) - free((void *) h->ptr); - else { - h = (Hashentry *) malloc(sizeof(Hashentry)); - if (h == NULL) { - return NULL; - } - tabptr = &htab->tab[(*htab->hash) (ptr) % htab->sz]; - h->next = *tabptr; - *tabptr = h; - h->prev = tabptr; - if (h->next) - h->next->prev = &h->next; - } - h->ptr = ptr; - return h; -} - -/* delete element with key key. Iff freep, free Hashentry->ptr */ - -int -_hashtabdel(Hashtab * htab, void *ptr, int freep) -{ - Hashentry *h; - - assert(htab && ptr); - - h = _search(htab, ptr); - if (h) { - if (freep) - free(h->ptr); - if ((*(h->prev) = h->next)) - h->next->prev = h->prev; - free(h); - return 0; - } else - return -1; -} - -/* Do something for each element */ - -void -hashtabforeach(Hashtab * htab, int (*func) (void *ptr, void *arg), - void *arg) -{ - Hashentry **h, *g; - - assert(htab); - - for (h = htab->tab; h < &htab->tab[htab->sz]; ++h) - for (g = *h; g; g = g->next) - if ((*func) (g->ptr, arg)) - return; -} - -/* standard hash-functions for strings */ - -unsigned -hashadd(const char *s) -{ /* Standard hash function */ - unsigned i; - - assert(s); - - for (i = 0; *s; ++s) - i += *s; - return i; -} - -unsigned -hashcaseadd(const char *s) -{ /* Standard hash function */ - unsigned i; - - assert(s); - - for (i = 0; *s; ++s) - i += toupper((unsigned char)*s); - return i; -} - -#define TWELVE (sizeof(unsigned)) -#define SEVENTYFIVE (6*sizeof(unsigned)) -#define HIGH_BITS (~((unsigned)(~0) >> TWELVE)) - -unsigned -hashjpw(const char *ss) -{ /* another hash function */ - unsigned h = 0; - unsigned g; - const unsigned char *s = (const unsigned char *)ss; - - for (; *s; ++s) { - h = (h << TWELVE) + *s; - if ((g = h & HIGH_BITS)) - h = (h ^ (g >> SEVENTYFIVE)) & ~HIGH_BITS; - } - return h; -} diff --git a/crypto/heimdal/lib/asn1/hash.h b/crypto/heimdal/lib/asn1/hash.h deleted file mode 100644 index 10d8ce99b0b5..000000000000 --- a/crypto/heimdal/lib/asn1/hash.h +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * hash.h. Header file for hash table functions - */ - -/* $Id: hash.h 7464 1999-12-02 17:05:13Z joda $ */ - -struct hashentry { /* Entry in bucket */ - struct hashentry **prev; - struct hashentry *next; - void *ptr; -}; - -typedef struct hashentry Hashentry; - -struct hashtab { /* Hash table */ - int (*cmp)(void *, void *); /* Compare function */ - unsigned (*hash)(void *); /* hash function */ - int sz; /* Size */ - Hashentry *tab[1]; /* The table */ -}; - -typedef struct hashtab Hashtab; - -/* prototypes */ - -Hashtab *hashtabnew(int sz, - int (*cmp)(void *, void *), - unsigned (*hash)(void *)); /* Make new hash table */ - -void *hashtabsearch(Hashtab *htab, /* The hash table */ - void *ptr); /* The key */ - - -void *hashtabadd(Hashtab *htab, /* The hash table */ - void *ptr); /* The element */ - -int _hashtabdel(Hashtab *htab, /* The table */ - void *ptr, /* Key */ - int freep); /* Free data part? */ - -void hashtabforeach(Hashtab *htab, - int (*func)(void *ptr, void *arg), - void *arg); - -unsigned hashadd(const char *s); /* Standard hash function */ -unsigned hashcaseadd(const char *s); /* Standard hash function */ -unsigned hashjpw(const char *s); /* another hash function */ - -/* macros */ - - /* Don't free space */ -#define hashtabdel(htab,key) _hashtabdel(htab,key,FALSE) - -#define hashtabfree(htab,key) _hashtabdel(htab,key,TRUE) /* Do! */ diff --git a/crypto/heimdal/lib/asn1/heim_asn1.h b/crypto/heimdal/lib/asn1/heim_asn1.h deleted file mode 100644 index afee6f421886..000000000000 --- a/crypto/heimdal/lib/asn1/heim_asn1.h +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 2003-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __HEIM_ANY_H__ -#define __HEIM_ANY_H__ 1 - -int encode_heim_any(unsigned char *, size_t, const heim_any *, size_t *); -int decode_heim_any(const unsigned char *, size_t, heim_any *, size_t *); -void free_heim_any(heim_any *); -size_t length_heim_any(const heim_any *); -int copy_heim_any(const heim_any *, heim_any *); - -int encode_heim_any_set(unsigned char *, size_t, - const heim_any_set *, size_t *); -int decode_heim_any_set(const unsigned char *, size_t, - heim_any_set *,size_t *); -void free_heim_any_set(heim_any_set *); -size_t length_heim_any_set(const heim_any_set *); -int copy_heim_any_set(const heim_any_set *, heim_any_set *); -int heim_any_cmp(const heim_any_set *, const heim_any_set *); - -#endif /* __HEIM_ANY_H__ */ diff --git a/crypto/heimdal/lib/asn1/k5.asn1 b/crypto/heimdal/lib/asn1/k5.asn1 deleted file mode 100644 index 18f1e1541b5f..000000000000 --- a/crypto/heimdal/lib/asn1/k5.asn1 +++ /dev/null @@ -1,659 +0,0 @@ --- $Id: k5.asn1 21965 2007-10-18 18:24:36Z lha $ - -KERBEROS5 DEFINITIONS ::= -BEGIN - -NAME-TYPE ::= INTEGER { - KRB5_NT_UNKNOWN(0), -- Name type not known - KRB5_NT_PRINCIPAL(1), -- Just the name of the principal as in - KRB5_NT_SRV_INST(2), -- Service and other unique instance (krbtgt) - KRB5_NT_SRV_HST(3), -- Service with host name as instance - KRB5_NT_SRV_XHST(4), -- Service with host as remaining components - KRB5_NT_UID(5), -- Unique ID - KRB5_NT_X500_PRINCIPAL(6), -- PKINIT - KRB5_NT_SMTP_NAME(7), -- Name in form of SMTP email name - KRB5_NT_ENTERPRISE_PRINCIPAL(10), -- Windows 2000 UPN - KRB5_NT_ENT_PRINCIPAL_AND_ID(-130), -- Windows 2000 UPN and SID - KRB5_NT_MS_PRINCIPAL(-128), -- NT 4 style name - KRB5_NT_MS_PRINCIPAL_AND_ID(-129) -- NT style name and SID -} - --- message types - -MESSAGE-TYPE ::= INTEGER { - krb-as-req(10), -- Request for initial authentication - krb-as-rep(11), -- Response to KRB_AS_REQ request - krb-tgs-req(12), -- Request for authentication based on TGT - krb-tgs-rep(13), -- Response to KRB_TGS_REQ request - krb-ap-req(14), -- application request to server - krb-ap-rep(15), -- Response to KRB_AP_REQ_MUTUAL - krb-safe(20), -- Safe (checksummed) application message - krb-priv(21), -- Private (encrypted) application message - krb-cred(22), -- Private (encrypted) message to forward credentials - krb-error(30) -- Error response -} - - --- pa-data types - -PADATA-TYPE ::= INTEGER { - KRB5-PADATA-NONE(0), - KRB5-PADATA-TGS-REQ(1), - KRB5-PADATA-AP-REQ(1), - KRB5-PADATA-ENC-TIMESTAMP(2), - KRB5-PADATA-PW-SALT(3), - KRB5-PADATA-ENC-UNIX-TIME(5), - KRB5-PADATA-SANDIA-SECUREID(6), - KRB5-PADATA-SESAME(7), - KRB5-PADATA-OSF-DCE(8), - KRB5-PADATA-CYBERSAFE-SECUREID(9), - KRB5-PADATA-AFS3-SALT(10), - KRB5-PADATA-ETYPE-INFO(11), - KRB5-PADATA-SAM-CHALLENGE(12), -- (sam/otp) - KRB5-PADATA-SAM-RESPONSE(13), -- (sam/otp) - KRB5-PADATA-PK-AS-REQ-19(14), -- (PKINIT-19) - KRB5-PADATA-PK-AS-REP-19(15), -- (PKINIT-19) - KRB5-PADATA-PK-AS-REQ-WIN(15), -- (PKINIT - old number) - KRB5-PADATA-PK-AS-REQ(16), -- (PKINIT-25) - KRB5-PADATA-PK-AS-REP(17), -- (PKINIT-25) - KRB5-PADATA-PA-PK-OCSP-RESPONSE(18), - KRB5-PADATA-ETYPE-INFO2(19), - KRB5-PADATA-USE-SPECIFIED-KVNO(20), - KRB5-PADATA-SVR-REFERRAL-INFO(20), --- old ms referral number - KRB5-PADATA-SAM-REDIRECT(21), -- (sam/otp) - KRB5-PADATA-GET-FROM-TYPED-DATA(22), - KRB5-PADATA-SAM-ETYPE-INFO(23), - KRB5-PADATA-SERVER-REFERRAL(25), - KRB5-PADATA-TD-KRB-PRINCIPAL(102), -- PrincipalName - KRB5-PADATA-PK-TD-TRUSTED-CERTIFIERS(104), -- PKINIT - KRB5-PADATA-PK-TD-CERTIFICATE-INDEX(105), -- PKINIT - KRB5-PADATA-TD-APP-DEFINED-ERROR(106), -- application specific - KRB5-PADATA-TD-REQ-NONCE(107), -- INTEGER - KRB5-PADATA-TD-REQ-SEQ(108), -- INTEGER - KRB5-PADATA-PA-PAC-REQUEST(128), -- jbrezak@exchange.microsoft.com - KRB5-PADATA-S4U2SELF(129), - KRB5-PADATA-PK-AS-09-BINDING(132), -- client send this to - -- tell KDC that is supports - -- the asCheckSum in the - -- PK-AS-REP - KRB5-PADATA-CLIENT-CANONICALIZED(133) -- -} - -AUTHDATA-TYPE ::= INTEGER { - KRB5-AUTHDATA-IF-RELEVANT(1), - KRB5-AUTHDATA-INTENDED-FOR_SERVER(2), - KRB5-AUTHDATA-INTENDED-FOR-APPLICATION-CLASS(3), - KRB5-AUTHDATA-KDC-ISSUED(4), - KRB5-AUTHDATA-AND-OR(5), - KRB5-AUTHDATA-MANDATORY-TICKET-EXTENSIONS(6), - KRB5-AUTHDATA-IN-TICKET-EXTENSIONS(7), - KRB5-AUTHDATA-MANDATORY-FOR-KDC(8), - KRB5-AUTHDATA-INITIAL-VERIFIED-CAS(9), - KRB5-AUTHDATA-OSF-DCE(64), - KRB5-AUTHDATA-SESAME(65), - KRB5-AUTHDATA-OSF-DCE-PKI-CERTID(66), - KRB5-AUTHDATA-WIN2K-PAC(128), - KRB5-AUTHDATA-GSS-API-ETYPE-NEGOTIATION(129), -- Authenticator only - KRB5-AUTHDATA-SIGNTICKET(-17) -} - --- checksumtypes - -CKSUMTYPE ::= INTEGER { - CKSUMTYPE_NONE(0), - CKSUMTYPE_CRC32(1), - CKSUMTYPE_RSA_MD4(2), - CKSUMTYPE_RSA_MD4_DES(3), - CKSUMTYPE_DES_MAC(4), - CKSUMTYPE_DES_MAC_K(5), - CKSUMTYPE_RSA_MD4_DES_K(6), - CKSUMTYPE_RSA_MD5(7), - CKSUMTYPE_RSA_MD5_DES(8), - CKSUMTYPE_RSA_MD5_DES3(9), - CKSUMTYPE_SHA1_OTHER(10), - CKSUMTYPE_HMAC_SHA1_DES3(12), - CKSUMTYPE_SHA1(14), - CKSUMTYPE_HMAC_SHA1_96_AES_128(15), - CKSUMTYPE_HMAC_SHA1_96_AES_256(16), - CKSUMTYPE_GSSAPI(0x8003), - CKSUMTYPE_HMAC_MD5(-138), -- unofficial microsoft number - CKSUMTYPE_HMAC_MD5_ENC(-1138) -- even more unofficial -} - ---enctypes -ENCTYPE ::= INTEGER { - ETYPE_NULL(0), - ETYPE_DES_CBC_CRC(1), - ETYPE_DES_CBC_MD4(2), - ETYPE_DES_CBC_MD5(3), - ETYPE_DES3_CBC_MD5(5), - ETYPE_OLD_DES3_CBC_SHA1(7), - ETYPE_SIGN_DSA_GENERATE(8), - ETYPE_ENCRYPT_RSA_PRIV(9), - ETYPE_ENCRYPT_RSA_PUB(10), - ETYPE_DES3_CBC_SHA1(16), -- with key derivation - ETYPE_AES128_CTS_HMAC_SHA1_96(17), - ETYPE_AES256_CTS_HMAC_SHA1_96(18), - ETYPE_ARCFOUR_HMAC_MD5(23), - ETYPE_ARCFOUR_HMAC_MD5_56(24), - ETYPE_ENCTYPE_PK_CROSS(48), --- some "old" windows types - ETYPE_ARCFOUR_MD4(-128), - ETYPE_ARCFOUR_HMAC_OLD(-133), - ETYPE_ARCFOUR_HMAC_OLD_EXP(-135), --- these are for Heimdal internal use - ETYPE_DES_CBC_NONE(-0x1000), - ETYPE_DES3_CBC_NONE(-0x1001), - ETYPE_DES_CFB64_NONE(-0x1002), - ETYPE_DES_PCBC_NONE(-0x1003), - ETYPE_DIGEST_MD5_NONE(-0x1004), -- private use, lukeh@padl.com - ETYPE_CRAM_MD5_NONE(-0x1005) -- private use, lukeh@padl.com -} - - - - --- this is sugar to make something ASN1 does not have: unsigned - -krb5uint32 ::= INTEGER (0..4294967295) -krb5int32 ::= INTEGER (-2147483648..2147483647) - -KerberosString ::= GeneralString - -Realm ::= GeneralString -PrincipalName ::= SEQUENCE { - name-type[0] NAME-TYPE, - name-string[1] SEQUENCE OF GeneralString -} - --- this is not part of RFC1510 -Principal ::= SEQUENCE { - name[0] PrincipalName, - realm[1] Realm -} - -HostAddress ::= SEQUENCE { - addr-type[0] krb5int32, - address[1] OCTET STRING -} - --- This is from RFC1510. --- --- HostAddresses ::= SEQUENCE OF SEQUENCE { --- addr-type[0] krb5int32, --- address[1] OCTET STRING --- } - --- This seems much better. -HostAddresses ::= SEQUENCE OF HostAddress - - -KerberosTime ::= GeneralizedTime -- Specifying UTC time zone (Z) - -AuthorizationDataElement ::= SEQUENCE { - ad-type[0] krb5int32, - ad-data[1] OCTET STRING -} - -AuthorizationData ::= SEQUENCE OF AuthorizationDataElement - -APOptions ::= BIT STRING { - reserved(0), - use-session-key(1), - mutual-required(2) -} - -TicketFlags ::= BIT STRING { - reserved(0), - forwardable(1), - forwarded(2), - proxiable(3), - proxy(4), - may-postdate(5), - postdated(6), - invalid(7), - renewable(8), - initial(9), - pre-authent(10), - hw-authent(11), - transited-policy-checked(12), - ok-as-delegate(13), - anonymous(14) -} - -KDCOptions ::= BIT STRING { - reserved(0), - forwardable(1), - forwarded(2), - proxiable(3), - proxy(4), - allow-postdate(5), - postdated(6), - unused7(7), - renewable(8), - unused9(9), - unused10(10), - unused11(11), - request-anonymous(14), - canonicalize(15), - constrained-delegation(16), -- ms extension - disable-transited-check(26), - renewable-ok(27), - enc-tkt-in-skey(28), - renew(30), - validate(31) -} - -LR-TYPE ::= INTEGER { - LR_NONE(0), -- no information - LR_INITIAL_TGT(1), -- last initial TGT request - LR_INITIAL(2), -- last initial request - LR_ISSUE_USE_TGT(3), -- time of newest TGT used - LR_RENEWAL(4), -- time of last renewal - LR_REQUEST(5), -- time of last request (of any type) - LR_PW_EXPTIME(6), -- expiration time of password - LR_ACCT_EXPTIME(7) -- expiration time of account -} - -LastReq ::= SEQUENCE OF SEQUENCE { - lr-type[0] LR-TYPE, - lr-value[1] KerberosTime -} - - -EncryptedData ::= SEQUENCE { - etype[0] ENCTYPE, -- EncryptionType - kvno[1] krb5int32 OPTIONAL, - cipher[2] OCTET STRING -- ciphertext -} - -EncryptionKey ::= SEQUENCE { - keytype[0] krb5int32, - keyvalue[1] OCTET STRING -} - --- encoded Transited field -TransitedEncoding ::= SEQUENCE { - tr-type[0] krb5int32, -- must be registered - contents[1] OCTET STRING -} - -Ticket ::= [APPLICATION 1] SEQUENCE { - tkt-vno[0] krb5int32, - realm[1] Realm, - sname[2] PrincipalName, - enc-part[3] EncryptedData -} --- Encrypted part of ticket -EncTicketPart ::= [APPLICATION 3] SEQUENCE { - flags[0] TicketFlags, - key[1] EncryptionKey, - crealm[2] Realm, - cname[3] PrincipalName, - transited[4] TransitedEncoding, - authtime[5] KerberosTime, - starttime[6] KerberosTime OPTIONAL, - endtime[7] KerberosTime, - renew-till[8] KerberosTime OPTIONAL, - caddr[9] HostAddresses OPTIONAL, - authorization-data[10] AuthorizationData OPTIONAL -} - -Checksum ::= SEQUENCE { - cksumtype[0] CKSUMTYPE, - checksum[1] OCTET STRING -} - -Authenticator ::= [APPLICATION 2] SEQUENCE { - authenticator-vno[0] krb5int32, - crealm[1] Realm, - cname[2] PrincipalName, - cksum[3] Checksum OPTIONAL, - cusec[4] krb5int32, - ctime[5] KerberosTime, - subkey[6] EncryptionKey OPTIONAL, - seq-number[7] krb5uint32 OPTIONAL, - authorization-data[8] AuthorizationData OPTIONAL -} - -PA-DATA ::= SEQUENCE { - -- might be encoded AP-REQ - padata-type[1] PADATA-TYPE, - padata-value[2] OCTET STRING -} - -ETYPE-INFO-ENTRY ::= SEQUENCE { - etype[0] ENCTYPE, - salt[1] OCTET STRING OPTIONAL, - salttype[2] krb5int32 OPTIONAL -} - -ETYPE-INFO ::= SEQUENCE OF ETYPE-INFO-ENTRY - -ETYPE-INFO2-ENTRY ::= SEQUENCE { - etype[0] ENCTYPE, - salt[1] KerberosString OPTIONAL, - s2kparams[2] OCTET STRING OPTIONAL -} - -ETYPE-INFO2 ::= SEQUENCE SIZE (1..MAX) OF ETYPE-INFO2-ENTRY - -METHOD-DATA ::= SEQUENCE OF PA-DATA - -TypedData ::= SEQUENCE { - data-type[0] krb5int32, - data-value[1] OCTET STRING OPTIONAL -} - -TYPED-DATA ::= SEQUENCE SIZE (1..MAX) OF TypedData - -KDC-REQ-BODY ::= SEQUENCE { - kdc-options[0] KDCOptions, - cname[1] PrincipalName OPTIONAL, -- Used only in AS-REQ - realm[2] Realm, -- Server's realm - -- Also client's in AS-REQ - sname[3] PrincipalName OPTIONAL, - from[4] KerberosTime OPTIONAL, - till[5] KerberosTime OPTIONAL, - rtime[6] KerberosTime OPTIONAL, - nonce[7] krb5int32, - etype[8] SEQUENCE OF ENCTYPE, -- EncryptionType, - -- in preference order - addresses[9] HostAddresses OPTIONAL, - enc-authorization-data[10] EncryptedData OPTIONAL, - -- Encrypted AuthorizationData encoding - additional-tickets[11] SEQUENCE OF Ticket OPTIONAL -} - -KDC-REQ ::= SEQUENCE { - pvno[1] krb5int32, - msg-type[2] MESSAGE-TYPE, - padata[3] METHOD-DATA OPTIONAL, - req-body[4] KDC-REQ-BODY -} - -AS-REQ ::= [APPLICATION 10] KDC-REQ -TGS-REQ ::= [APPLICATION 12] KDC-REQ - --- padata-type ::= PA-ENC-TIMESTAMP --- padata-value ::= EncryptedData - PA-ENC-TS-ENC - -PA-ENC-TS-ENC ::= SEQUENCE { - patimestamp[0] KerberosTime, -- client's time - pausec[1] krb5int32 OPTIONAL -} - --- draft-brezak-win2k-krb-authz-01 -PA-PAC-REQUEST ::= SEQUENCE { - include-pac[0] BOOLEAN -- Indicates whether a PAC - -- should be included or not -} - --- PacketCable provisioning server location, PKT-SP-SEC-I09-030728.pdf -PROV-SRV-LOCATION ::= GeneralString - -KDC-REP ::= SEQUENCE { - pvno[0] krb5int32, - msg-type[1] MESSAGE-TYPE, - padata[2] METHOD-DATA OPTIONAL, - crealm[3] Realm, - cname[4] PrincipalName, - ticket[5] Ticket, - enc-part[6] EncryptedData -} - -AS-REP ::= [APPLICATION 11] KDC-REP -TGS-REP ::= [APPLICATION 13] KDC-REP - -EncKDCRepPart ::= SEQUENCE { - key[0] EncryptionKey, - last-req[1] LastReq, - nonce[2] krb5int32, - key-expiration[3] KerberosTime OPTIONAL, - flags[4] TicketFlags, - authtime[5] KerberosTime, - starttime[6] KerberosTime OPTIONAL, - endtime[7] KerberosTime, - renew-till[8] KerberosTime OPTIONAL, - srealm[9] Realm, - sname[10] PrincipalName, - caddr[11] HostAddresses OPTIONAL, - encrypted-pa-data[12] METHOD-DATA OPTIONAL -} - -EncASRepPart ::= [APPLICATION 25] EncKDCRepPart -EncTGSRepPart ::= [APPLICATION 26] EncKDCRepPart - -AP-REQ ::= [APPLICATION 14] SEQUENCE { - pvno[0] krb5int32, - msg-type[1] MESSAGE-TYPE, - ap-options[2] APOptions, - ticket[3] Ticket, - authenticator[4] EncryptedData -} - -AP-REP ::= [APPLICATION 15] SEQUENCE { - pvno[0] krb5int32, - msg-type[1] MESSAGE-TYPE, - enc-part[2] EncryptedData -} - -EncAPRepPart ::= [APPLICATION 27] SEQUENCE { - ctime[0] KerberosTime, - cusec[1] krb5int32, - subkey[2] EncryptionKey OPTIONAL, - seq-number[3] krb5uint32 OPTIONAL -} - -KRB-SAFE-BODY ::= SEQUENCE { - user-data[0] OCTET STRING, - timestamp[1] KerberosTime OPTIONAL, - usec[2] krb5int32 OPTIONAL, - seq-number[3] krb5uint32 OPTIONAL, - s-address[4] HostAddress OPTIONAL, - r-address[5] HostAddress OPTIONAL -} - -KRB-SAFE ::= [APPLICATION 20] SEQUENCE { - pvno[0] krb5int32, - msg-type[1] MESSAGE-TYPE, - safe-body[2] KRB-SAFE-BODY, - cksum[3] Checksum -} - -KRB-PRIV ::= [APPLICATION 21] SEQUENCE { - pvno[0] krb5int32, - msg-type[1] MESSAGE-TYPE, - enc-part[3] EncryptedData -} -EncKrbPrivPart ::= [APPLICATION 28] SEQUENCE { - user-data[0] OCTET STRING, - timestamp[1] KerberosTime OPTIONAL, - usec[2] krb5int32 OPTIONAL, - seq-number[3] krb5uint32 OPTIONAL, - s-address[4] HostAddress OPTIONAL, -- sender's addr - r-address[5] HostAddress OPTIONAL -- recip's addr -} - -KRB-CRED ::= [APPLICATION 22] SEQUENCE { - pvno[0] krb5int32, - msg-type[1] MESSAGE-TYPE, -- KRB_CRED - tickets[2] SEQUENCE OF Ticket, - enc-part[3] EncryptedData -} - -KrbCredInfo ::= SEQUENCE { - key[0] EncryptionKey, - prealm[1] Realm OPTIONAL, - pname[2] PrincipalName OPTIONAL, - flags[3] TicketFlags OPTIONAL, - authtime[4] KerberosTime OPTIONAL, - starttime[5] KerberosTime OPTIONAL, - endtime[6] KerberosTime OPTIONAL, - renew-till[7] KerberosTime OPTIONAL, - srealm[8] Realm OPTIONAL, - sname[9] PrincipalName OPTIONAL, - caddr[10] HostAddresses OPTIONAL -} - -EncKrbCredPart ::= [APPLICATION 29] SEQUENCE { - ticket-info[0] SEQUENCE OF KrbCredInfo, - nonce[1] krb5int32 OPTIONAL, - timestamp[2] KerberosTime OPTIONAL, - usec[3] krb5int32 OPTIONAL, - s-address[4] HostAddress OPTIONAL, - r-address[5] HostAddress OPTIONAL -} - -KRB-ERROR ::= [APPLICATION 30] SEQUENCE { - pvno[0] krb5int32, - msg-type[1] MESSAGE-TYPE, - ctime[2] KerberosTime OPTIONAL, - cusec[3] krb5int32 OPTIONAL, - stime[4] KerberosTime, - susec[5] krb5int32, - error-code[6] krb5int32, - crealm[7] Realm OPTIONAL, - cname[8] PrincipalName OPTIONAL, - realm[9] Realm, -- Correct realm - sname[10] PrincipalName, -- Correct name - e-text[11] GeneralString OPTIONAL, - e-data[12] OCTET STRING OPTIONAL -} - -ChangePasswdDataMS ::= SEQUENCE { - newpasswd[0] OCTET STRING, - targname[1] PrincipalName OPTIONAL, - targrealm[2] Realm OPTIONAL -} - -EtypeList ::= SEQUENCE OF krb5int32 - -- the client's proposed enctype list in - -- decreasing preference order, favorite choice first - -krb5-pvno krb5int32 ::= 5 -- current Kerberos protocol version number - --- transited encodings - -DOMAIN-X500-COMPRESS krb5int32 ::= 1 - --- authorization data primitives - -AD-IF-RELEVANT ::= AuthorizationData - -AD-KDCIssued ::= SEQUENCE { - ad-checksum[0] Checksum, - i-realm[1] Realm OPTIONAL, - i-sname[2] PrincipalName OPTIONAL, - elements[3] AuthorizationData -} - -AD-AND-OR ::= SEQUENCE { - condition-count[0] INTEGER, - elements[1] AuthorizationData -} - -AD-MANDATORY-FOR-KDC ::= AuthorizationData - --- PA-SAM-RESPONSE-2/PA-SAM-RESPONSE-2 - -PA-SAM-TYPE ::= INTEGER { - PA_SAM_TYPE_ENIGMA(1), -- Enigma Logic - PA_SAM_TYPE_DIGI_PATH(2), -- Digital Pathways - PA_SAM_TYPE_SKEY_K0(3), -- S/key where KDC has key 0 - PA_SAM_TYPE_SKEY(4), -- Traditional S/Key - PA_SAM_TYPE_SECURID(5), -- Security Dynamics - PA_SAM_TYPE_CRYPTOCARD(6) -- CRYPTOCard -} - -PA-SAM-REDIRECT ::= HostAddresses - -SAMFlags ::= BIT STRING { - use-sad-as-key(0), - send-encrypted-sad(1), - must-pk-encrypt-sad(2) -} - -PA-SAM-CHALLENGE-2-BODY ::= SEQUENCE { - sam-type[0] krb5int32, - sam-flags[1] SAMFlags, - sam-type-name[2] GeneralString OPTIONAL, - sam-track-id[3] GeneralString OPTIONAL, - sam-challenge-label[4] GeneralString OPTIONAL, - sam-challenge[5] GeneralString OPTIONAL, - sam-response-prompt[6] GeneralString OPTIONAL, - sam-pk-for-sad[7] EncryptionKey OPTIONAL, - sam-nonce[8] krb5int32, - sam-etype[9] krb5int32, - ... -} - -PA-SAM-CHALLENGE-2 ::= SEQUENCE { - sam-body[0] PA-SAM-CHALLENGE-2-BODY, - sam-cksum[1] SEQUENCE OF Checksum, -- (1..MAX) - ... -} - -PA-SAM-RESPONSE-2 ::= SEQUENCE { - sam-type[0] krb5int32, - sam-flags[1] SAMFlags, - sam-track-id[2] GeneralString OPTIONAL, - sam-enc-nonce-or-sad[3] EncryptedData, -- PA-ENC-SAM-RESPONSE-ENC - sam-nonce[4] krb5int32, - ... -} - -PA-ENC-SAM-RESPONSE-ENC ::= SEQUENCE { - sam-nonce[0] krb5int32, - sam-sad[1] GeneralString OPTIONAL, - ... -} - -PA-S4U2Self ::= SEQUENCE { - name[0] PrincipalName, - realm[1] Realm, - cksum[2] Checksum, - auth[3] GeneralString -} - -KRB5SignedPathPrincipals ::= SEQUENCE OF Principal - --- never encoded on the wire, just used to checksum over -KRB5SignedPathData ::= SEQUENCE { - encticket[0] EncTicketPart, - delegated[1] KRB5SignedPathPrincipals OPTIONAL -} - -KRB5SignedPath ::= SEQUENCE { - -- DERcoded KRB5SignedPathData - -- krbtgt key (etype), KeyUsage = XXX - etype[0] ENCTYPE, - cksum[1] Checksum, - -- srvs delegated though - delegated[2] KRB5SignedPathPrincipals OPTIONAL -} - -PA-ClientCanonicalizedNames ::= SEQUENCE{ - requested-name [0] PrincipalName, - real-name [1] PrincipalName -} - -PA-ClientCanonicalized ::= SEQUENCE { - names [0] PA-ClientCanonicalizedNames, - canon-checksum [1] Checksum -} - -AD-LoginAlias ::= SEQUENCE { -- ad-type number TBD -- - login-alias [0] PrincipalName, - checksum [1] Checksum -} - --- old ms referral -PA-SvrReferralData ::= SEQUENCE { - referred-name [1] PrincipalName OPTIONAL, - referred-realm [0] Realm -} - -END - --- etags -r '/\([A-Za-z][-A-Za-z0-9]*\).*::=/\1/' k5.asn1 diff --git a/crypto/heimdal/lib/asn1/kx509.asn1 b/crypto/heimdal/lib/asn1/kx509.asn1 deleted file mode 100644 index fc6a696dab3a..000000000000 --- a/crypto/heimdal/lib/asn1/kx509.asn1 +++ /dev/null @@ -1,20 +0,0 @@ --- $Id: kx509.asn1 19546 2006-12-28 21:05:23Z lha $ - -KX509 DEFINITIONS ::= -BEGIN - -Kx509Request ::= SEQUENCE { - authenticator OCTET STRING, - pk-hash OCTET STRING, - pk-key OCTET STRING -} - -Kx509Response ::= SEQUENCE { - error-code[0] INTEGER (-2147483648..2147483647) - OPTIONAL -- DEFAULT 0 --, - hash[1] OCTET STRING OPTIONAL, - certificate[2] OCTET STRING OPTIONAL, - e-text[3] VisibleString OPTIONAL -} - -END diff --git a/crypto/heimdal/lib/asn1/lex.c b/crypto/heimdal/lib/asn1/lex.c deleted file mode 100644 index 812bce16acb9..000000000000 --- a/crypto/heimdal/lib/asn1/lex.c +++ /dev/null @@ -1,2693 +0,0 @@ - -#line 3 "lex.c" - -#define YY_INT_ALIGNED short int - -/* A lexical scanner generated by flex */ - -#define FLEX_SCANNER -#define YY_FLEX_MAJOR_VERSION 2 -#define YY_FLEX_MINOR_VERSION 5 -#define YY_FLEX_SUBMINOR_VERSION 33 -#if YY_FLEX_SUBMINOR_VERSION > 0 -#define FLEX_BETA -#endif - -/* First, we deal with platform-specific or compiler-specific issues. */ - -/* begin standard C headers. */ -#include -#include -#include -#include - -/* end standard C headers. */ - -/* flex integer type definitions */ - -#ifndef FLEXINT_H -#define FLEXINT_H - -/* C99 systems have . Non-C99 systems may or may not. */ - -#if __STDC_VERSION__ >= 199901L - -/* C99 says to define __STDC_LIMIT_MACROS before including stdint.h, - * if you want the limit (max/min) macros for int types. - */ -#ifndef __STDC_LIMIT_MACROS -#define __STDC_LIMIT_MACROS 1 -#endif - -#include -typedef int8_t flex_int8_t; -typedef uint8_t flex_uint8_t; -typedef int16_t flex_int16_t; -typedef uint16_t flex_uint16_t; -typedef int32_t flex_int32_t; -typedef uint32_t flex_uint32_t; -#else -typedef signed char flex_int8_t; -typedef short int flex_int16_t; -typedef int flex_int32_t; -typedef unsigned char flex_uint8_t; -typedef unsigned short int flex_uint16_t; -typedef unsigned int flex_uint32_t; -#endif /* ! C99 */ - -/* Limits of integral types. */ -#ifndef INT8_MIN -#define INT8_MIN (-128) -#endif -#ifndef INT16_MIN -#define INT16_MIN (-32767-1) -#endif -#ifndef INT32_MIN -#define INT32_MIN (-2147483647-1) -#endif -#ifndef INT8_MAX -#define INT8_MAX (127) -#endif -#ifndef INT16_MAX -#define INT16_MAX (32767) -#endif -#ifndef INT32_MAX -#define INT32_MAX (2147483647) -#endif -#ifndef UINT8_MAX -#define UINT8_MAX (255U) -#endif -#ifndef UINT16_MAX -#define UINT16_MAX (65535U) -#endif -#ifndef UINT32_MAX -#define UINT32_MAX (4294967295U) -#endif - -#endif /* ! FLEXINT_H */ - -#ifdef __cplusplus - -/* The "const" storage-class-modifier is valid. */ -#define YY_USE_CONST - -#else /* ! __cplusplus */ - -#if __STDC__ - -#define YY_USE_CONST - -#endif /* __STDC__ */ -#endif /* ! __cplusplus */ - -#ifdef YY_USE_CONST -#define yyconst const -#else -#define yyconst -#endif - -/* Returned upon end-of-file. */ -#define YY_NULL 0 - -/* Promotes a possibly negative, possibly signed char to an unsigned - * integer for use as an array index. If the signed char is negative, - * we want to instead treat it as an 8-bit unsigned char, hence the - * double cast. - */ -#define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c) - -/* Enter a start condition. This macro really ought to take a parameter, - * but we do it the disgusting crufty way forced on us by the ()-less - * definition of BEGIN. - */ -#define BEGIN (yy_start) = 1 + 2 * - -/* Translate the current start state into a value that can be later handed - * to BEGIN to return to the state. The YYSTATE alias is for lex - * compatibility. - */ -#define YY_START (((yy_start) - 1) / 2) -#define YYSTATE YY_START - -/* Action number for EOF rule of a given start state. */ -#define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1) - -/* Special action meaning "start processing a new file". */ -#define YY_NEW_FILE yyrestart(yyin ) - -#define YY_END_OF_BUFFER_CHAR 0 - -/* Size of default input buffer. */ -#ifndef YY_BUF_SIZE -#define YY_BUF_SIZE 16384 -#endif - -/* The state buf must be large enough to hold one state per character in the main buffer. - */ -#define YY_STATE_BUF_SIZE ((YY_BUF_SIZE + 2) * sizeof(yy_state_type)) - -#ifndef YY_TYPEDEF_YY_BUFFER_STATE -#define YY_TYPEDEF_YY_BUFFER_STATE -typedef struct yy_buffer_state *YY_BUFFER_STATE; -#endif - -extern int yyleng; - -extern FILE *yyin, *yyout; - -#define EOB_ACT_CONTINUE_SCAN 0 -#define EOB_ACT_END_OF_FILE 1 -#define EOB_ACT_LAST_MATCH 2 - - #define YY_LESS_LINENO(n) - -/* Return all but the first "n" matched characters back to the input stream. */ -#define yyless(n) \ - do \ - { \ - /* Undo effects of setting up yytext. */ \ - int yyless_macro_arg = (n); \ - YY_LESS_LINENO(yyless_macro_arg);\ - *yy_cp = (yy_hold_char); \ - YY_RESTORE_YY_MORE_OFFSET \ - (yy_c_buf_p) = yy_cp = yy_bp + yyless_macro_arg - YY_MORE_ADJ; \ - YY_DO_BEFORE_ACTION; /* set up yytext again */ \ - } \ - while ( 0 ) - -#define unput(c) yyunput( c, (yytext_ptr) ) - -/* The following is because we cannot portably get our hands on size_t - * (without autoconf's help, which isn't available because we want - * flex-generated scanners to compile on their own). - */ - -#ifndef YY_TYPEDEF_YY_SIZE_T -#define YY_TYPEDEF_YY_SIZE_T -typedef unsigned int yy_size_t; -#endif - -#ifndef YY_STRUCT_YY_BUFFER_STATE -#define YY_STRUCT_YY_BUFFER_STATE -struct yy_buffer_state - { - FILE *yy_input_file; - - char *yy_ch_buf; /* input buffer */ - char *yy_buf_pos; /* current position in input buffer */ - - /* Size of input buffer in bytes, not including room for EOB - * characters. - */ - yy_size_t yy_buf_size; - - /* Number of characters read into yy_ch_buf, not including EOB - * characters. - */ - int yy_n_chars; - - /* Whether we "own" the buffer - i.e., we know we created it, - * and can realloc() it to grow it, and should free() it to - * delete it. - */ - int yy_is_our_buffer; - - /* Whether this is an "interactive" input source; if so, and - * if we're using stdio for input, then we want to use getc() - * instead of fread(), to make sure we stop fetching input after - * each newline. - */ - int yy_is_interactive; - - /* Whether we're considered to be at the beginning of a line. - * If so, '^' rules will be active on the next match, otherwise - * not. - */ - int yy_at_bol; - - int yy_bs_lineno; /**< The line count. */ - int yy_bs_column; /**< The column count. */ - - /* Whether to try to fill the input buffer when we reach the - * end of it. - */ - int yy_fill_buffer; - - int yy_buffer_status; - -#define YY_BUFFER_NEW 0 -#define YY_BUFFER_NORMAL 1 - /* When an EOF's been seen but there's still some text to process - * then we mark the buffer as YY_EOF_PENDING, to indicate that we - * shouldn't try reading from the input source any more. We might - * still have a bunch of tokens to match, though, because of - * possible backing-up. - * - * When we actually see the EOF, we change the status to "new" - * (via yyrestart()), so that the user can continue scanning by - * just pointing yyin at a new input file. - */ -#define YY_BUFFER_EOF_PENDING 2 - - }; -#endif /* !YY_STRUCT_YY_BUFFER_STATE */ - -/* Stack of input buffers. */ -static size_t yy_buffer_stack_top = 0; /**< index of top of stack. */ -static size_t yy_buffer_stack_max = 0; /**< capacity of stack. */ -static YY_BUFFER_STATE * yy_buffer_stack = 0; /**< Stack as an array. */ - -/* We provide macros for accessing buffer states in case in the - * future we want to put the buffer states in a more general - * "scanner state". - * - * Returns the top of the stack, or NULL. - */ -#define YY_CURRENT_BUFFER ( (yy_buffer_stack) \ - ? (yy_buffer_stack)[(yy_buffer_stack_top)] \ - : NULL) - -/* Same as previous macro, but useful when we know that the buffer stack is not - * NULL or when we need an lvalue. For internal use only. - */ -#define YY_CURRENT_BUFFER_LVALUE (yy_buffer_stack)[(yy_buffer_stack_top)] - -/* yy_hold_char holds the character lost when yytext is formed. */ -static char yy_hold_char; -static int yy_n_chars; /* number of characters read into yy_ch_buf */ -int yyleng; - -/* Points to current character in buffer. */ -static char *yy_c_buf_p = (char *) 0; -static int yy_init = 0; /* whether we need to initialize */ -static int yy_start = 0; /* start state number */ - -/* Flag which is used to allow yywrap()'s to do buffer switches - * instead of setting up a fresh yyin. A bit of a hack ... - */ -static int yy_did_buffer_switch_on_eof; - -void yyrestart (FILE *input_file ); -void yy_switch_to_buffer (YY_BUFFER_STATE new_buffer ); -YY_BUFFER_STATE yy_create_buffer (FILE *file,int size ); -void yy_delete_buffer (YY_BUFFER_STATE b ); -void yy_flush_buffer (YY_BUFFER_STATE b ); -void yypush_buffer_state (YY_BUFFER_STATE new_buffer ); -void yypop_buffer_state (void ); - -static void yyensure_buffer_stack (void ); -static void yy_load_buffer_state (void ); -static void yy_init_buffer (YY_BUFFER_STATE b,FILE *file ); - -#define YY_FLUSH_BUFFER yy_flush_buffer(YY_CURRENT_BUFFER ) - -YY_BUFFER_STATE yy_scan_buffer (char *base,yy_size_t size ); -YY_BUFFER_STATE yy_scan_string (yyconst char *yy_str ); -YY_BUFFER_STATE yy_scan_bytes (yyconst char *bytes,int len ); - -void *yyalloc (yy_size_t ); -void *yyrealloc (void *,yy_size_t ); -void yyfree (void * ); - -#define yy_new_buffer yy_create_buffer - -#define yy_set_interactive(is_interactive) \ - { \ - if ( ! YY_CURRENT_BUFFER ){ \ - yyensure_buffer_stack (); \ - YY_CURRENT_BUFFER_LVALUE = \ - yy_create_buffer(yyin,YY_BUF_SIZE ); \ - } \ - YY_CURRENT_BUFFER_LVALUE->yy_is_interactive = is_interactive; \ - } - -#define yy_set_bol(at_bol) \ - { \ - if ( ! YY_CURRENT_BUFFER ){\ - yyensure_buffer_stack (); \ - YY_CURRENT_BUFFER_LVALUE = \ - yy_create_buffer(yyin,YY_BUF_SIZE ); \ - } \ - YY_CURRENT_BUFFER_LVALUE->yy_at_bol = at_bol; \ - } - -#define YY_AT_BOL() (YY_CURRENT_BUFFER_LVALUE->yy_at_bol) - -/* Begin user sect3 */ - -typedef unsigned char YY_CHAR; - -FILE *yyin = (FILE *) 0, *yyout = (FILE *) 0; - -typedef int yy_state_type; - -extern int yylineno; - -int yylineno = 1; - -extern char *yytext; -#define yytext_ptr yytext - -static yy_state_type yy_get_previous_state (void ); -static yy_state_type yy_try_NUL_trans (yy_state_type current_state ); -static int yy_get_next_buffer (void ); -static void yy_fatal_error (yyconst char msg[] ); - -/* Done after the current pattern has been matched and before the - * corresponding action - sets up yytext. - */ -#define YY_DO_BEFORE_ACTION \ - (yytext_ptr) = yy_bp; \ - yyleng = (size_t) (yy_cp - yy_bp); \ - (yy_hold_char) = *yy_cp; \ - *yy_cp = '\0'; \ - (yy_c_buf_p) = yy_cp; - -#define YY_NUM_RULES 95 -#define YY_END_OF_BUFFER 96 -/* This struct is not used in this scanner, - but its presence is necessary. */ -struct yy_trans_info - { - flex_int32_t yy_verify; - flex_int32_t yy_nxt; - }; -static yyconst flex_int16_t yy_accept[568] = - { 0, - 0, 0, 96, 94, 90, 91, 87, 81, 81, 94, - 94, 88, 88, 94, 89, 89, 89, 89, 89, 89, - 89, 89, 89, 89, 89, 89, 89, 89, 89, 89, - 89, 89, 89, 82, 83, 85, 88, 88, 93, 86, - 0, 0, 89, 89, 89, 89, 89, 89, 89, 89, - 89, 10, 89, 89, 89, 89, 89, 89, 89, 89, - 89, 89, 89, 89, 89, 89, 89, 89, 89, 89, - 89, 89, 89, 89, 51, 89, 89, 89, 89, 89, - 89, 89, 89, 89, 89, 89, 89, 89, 89, 89, - 89, 89, 89, 89, 89, 89, 89, 92, 88, 84, - - 89, 3, 89, 89, 89, 7, 89, 89, 89, 89, - 89, 89, 89, 89, 89, 89, 22, 89, 89, 89, - 89, 89, 89, 89, 89, 89, 89, 89, 89, 89, - 89, 89, 44, 45, 89, 89, 89, 89, 89, 89, - 89, 55, 89, 89, 89, 89, 89, 89, 89, 63, - 89, 89, 89, 89, 89, 89, 89, 89, 89, 89, - 89, 89, 89, 89, 89, 89, 89, 89, 89, 89, - 89, 89, 89, 89, 89, 89, 89, 89, 89, 89, - 89, 89, 89, 89, 89, 89, 89, 89, 30, 89, - 89, 89, 89, 89, 89, 89, 89, 89, 89, 89, - - 47, 89, 89, 89, 89, 89, 89, 89, 89, 89, - 89, 60, 89, 89, 64, 89, 89, 89, 68, 69, - 89, 89, 89, 89, 89, 89, 89, 89, 89, 89, - 80, 89, 89, 89, 89, 6, 89, 89, 89, 89, - 13, 89, 89, 89, 89, 89, 89, 89, 89, 89, - 89, 89, 89, 89, 29, 89, 89, 89, 89, 89, - 89, 89, 89, 89, 89, 89, 89, 89, 89, 50, - 89, 89, 89, 89, 89, 89, 89, 89, 89, 89, - 89, 89, 89, 89, 72, 89, 89, 89, 89, 89, - 89, 89, 1, 89, 89, 89, 89, 89, 89, 12, - - 89, 89, 89, 89, 89, 89, 89, 89, 24, 89, - 89, 89, 89, 89, 89, 89, 89, 89, 89, 89, - 89, 89, 89, 89, 89, 89, 89, 49, 89, 89, - 89, 89, 89, 89, 89, 89, 89, 65, 66, 89, - 89, 89, 73, 89, 89, 89, 89, 89, 89, 89, - 89, 89, 89, 9, 89, 89, 89, 89, 18, 89, - 89, 21, 89, 89, 26, 89, 89, 89, 89, 89, - 89, 89, 37, 38, 89, 89, 41, 89, 89, 89, - 89, 89, 89, 54, 89, 57, 58, 89, 89, 89, - 89, 89, 89, 89, 75, 89, 89, 89, 89, 89, - - 89, 89, 89, 89, 89, 89, 89, 89, 20, 89, - 25, 89, 28, 89, 89, 89, 89, 89, 36, 39, - 40, 89, 89, 89, 89, 52, 89, 89, 89, 89, - 62, 89, 89, 89, 89, 89, 89, 89, 89, 89, - 89, 5, 8, 11, 14, 89, 89, 89, 89, 89, - 89, 89, 89, 34, 89, 89, 89, 89, 89, 89, - 89, 89, 89, 67, 89, 89, 74, 89, 89, 89, - 89, 89, 89, 15, 89, 17, 89, 23, 89, 89, - 89, 89, 35, 89, 89, 89, 89, 89, 89, 89, - 89, 89, 89, 76, 89, 89, 89, 89, 4, 16, - - 19, 89, 89, 89, 89, 89, 89, 89, 89, 89, - 89, 89, 89, 89, 89, 89, 89, 89, 89, 89, - 89, 89, 89, 42, 43, 89, 89, 89, 89, 89, - 61, 89, 89, 89, 89, 89, 89, 27, 31, 89, - 33, 89, 48, 89, 56, 89, 89, 71, 89, 89, - 79, 89, 89, 46, 89, 89, 89, 89, 78, 2, - 32, 89, 59, 70, 77, 53, 0 - } ; - -static yyconst flex_int32_t yy_ec[256] = - { 0, - 1, 1, 1, 1, 1, 1, 1, 1, 2, 3, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 2, 1, 4, 1, 1, 1, 1, 1, 5, - 5, 6, 1, 5, 7, 8, 9, 10, 11, 12, - 12, 13, 14, 15, 12, 16, 12, 17, 5, 1, - 18, 1, 1, 1, 19, 20, 21, 22, 23, 24, - 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, - 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, - 45, 1, 46, 1, 47, 1, 48, 49, 50, 51, - - 52, 53, 54, 55, 56, 57, 29, 58, 59, 60, - 61, 62, 29, 63, 64, 65, 66, 67, 29, 68, - 29, 69, 5, 5, 5, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1 - } ; - -static yyconst flex_int32_t yy_meta[70] = - { 0, - 1, 1, 1, 1, 1, 1, 2, 1, 1, 3, - 3, 3, 3, 3, 3, 3, 1, 1, 3, 3, - 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 1, 1, 2, 3, 3, 3, - 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2 - } ; - -static yyconst flex_int16_t yy_base[570] = - { 0, - 0, 0, 636, 637, 637, 637, 637, 637, 63, 627, - 628, 70, 77, 616, 74, 72, 76, 609, 65, 81, - 49, 0, 92, 91, 32, 101, 97, 608, 103, 113, - 99, 574, 602, 637, 637, 637, 156, 163, 620, 637, - 0, 609, 0, 589, 595, 590, 585, 597, 583, 586, - 586, 0, 101, 599, 108, 593, 596, 122, 124, 585, - 581, 553, 564, 597, 587, 575, 115, 575, 565, 574, - 575, 545, 575, 564, 0, 563, 543, 561, 558, 558, - 124, 540, 161, 119, 551, 558, 561, 581, 566, 551, - 555, 530, 560, 160, 530, 91, 547, 637, 0, 637, - - 125, 0, 554, 550, 555, 0, 544, 550, 543, 551, - 540, 542, 145, 166, 552, 541, 0, 542, 549, 156, - 548, 533, 538, 516, 505, 529, 533, 157, 534, 525, - 539, 546, 0, 521, 529, 506, 534, 533, 528, 502, - 515, 0, 515, 514, 510, 489, 518, 528, 507, 0, - 522, 517, 505, 505, 504, 517, 516, 486, 159, 499, - 520, 468, 482, 477, 506, 499, 494, 502, 497, 495, - 461, 502, 505, 502, 485, 488, 482, 500, 479, 485, - 494, 493, 491, 479, 485, 475, 164, 487, 0, 446, - 453, 442, 468, 478, 468, 464, 483, 170, 488, 463, - - 0, 436, 477, 459, 463, 445, 471, 486, 469, 472, - 425, 0, 451, 465, 0, 455, 467, 420, 0, 0, - 477, 418, 450, 442, 457, 423, 441, 425, 415, 426, - 0, 436, 454, 451, 452, 0, 407, 450, 447, 444, - 0, 434, 429, 437, 433, 435, 439, 437, 423, 420, - 436, 418, 418, 422, 0, 405, 396, 388, 423, 180, - 411, 426, 415, 423, 408, 429, 436, 386, 403, 0, - 408, 374, 402, 410, 404, 397, 386, 406, 400, 406, - 388, 366, 401, 375, 0, 403, 389, 365, 358, 359, - 356, 362, 0, 398, 399, 379, 360, 383, 376, 0, - - 390, 393, 379, 372, 371, 385, 385, 387, 0, 378, - 367, 376, 383, 343, 350, 343, 374, 370, 374, 358, - 371, 372, 356, 368, 353, 362, 338, 0, 368, 364, - 353, 352, 345, 359, 332, 340, 358, 0, 0, 322, - 355, 308, 0, 338, 322, 310, 308, 319, 318, 331, - 330, 340, 306, 0, 342, 332, 336, 335, 0, 334, - 338, 0, 321, 320, 0, 337, 326, 151, 318, 294, - 326, 314, 0, 0, 314, 327, 0, 328, 283, 315, - 309, 315, 292, 0, 319, 0, 0, 284, 318, 317, - 279, 315, 300, 317, 0, 279, 286, 265, 295, 324, - - 303, 308, 274, 291, 288, 293, 292, 290, 0, 299, - 0, 294, 0, 255, 250, 253, 263, 293, 0, 0, - 0, 277, 251, 289, 247, 0, 247, 283, 257, 261, - 0, 253, 274, 240, 274, 243, 244, 264, 235, 262, - 265, 0, 0, 0, 260, 273, 270, 262, 271, 262, - 228, 238, 226, 0, 252, 260, 230, 258, 221, 233, - 250, 244, 247, 0, 241, 215, 0, 223, 239, 210, - 211, 230, 240, 0, 249, 0, 233, 0, 242, 212, - 216, 210, 0, 232, 204, 231, 206, 198, 233, 194, - 231, 230, 200, 0, 190, 191, 197, 220, 0, 0, - - 0, 213, 190, 211, 188, 215, 192, 218, 184, 187, - 204, 178, 218, 215, 178, 174, 180, 175, 196, 190, - 178, 175, 176, 0, 0, 191, 174, 165, 180, 166, - 0, 194, 166, 163, 158, 163, 197, 0, 0, 156, - 0, 171, 0, 148, 0, 152, 188, 0, 150, 155, - 0, 166, 153, 0, 143, 148, 162, 143, 0, 0, - 0, 101, 0, 0, 0, 0, 637, 223, 69 - } ; - -static yyconst flex_int16_t yy_def[570] = - { 0, - 567, 1, 567, 567, 567, 567, 567, 567, 567, 567, - 567, 567, 567, 567, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 567, 567, 567, 567, 567, 567, 567, - 569, 567, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 567, 569, 567, - - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 568, 568, 568, 568, - 568, 568, 568, 568, 568, 568, 0, 567, 567 - } ; - -static yyconst flex_int16_t yy_nxt[707] = - { 0, - 4, 5, 6, 7, 8, 4, 9, 10, 11, 12, - 13, 13, 13, 13, 13, 13, 14, 4, 15, 16, - 17, 18, 19, 20, 21, 22, 23, 22, 22, 22, - 24, 25, 26, 27, 22, 28, 29, 30, 31, 32, - 33, 22, 22, 22, 34, 35, 4, 22, 22, 22, - 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, - 22, 22, 22, 22, 22, 22, 22, 22, 22, 36, - 71, 99, 37, 38, 38, 38, 38, 38, 38, 38, - 38, 38, 38, 38, 38, 38, 38, 38, 38, 38, - 38, 38, 38, 44, 48, 57, 58, 72, 49, 60, - - 62, 53, 50, 45, 51, 54, 59, 46, 55, 69, - 64, 63, 47, 65, 52, 78, 61, 70, 79, 109, - 73, 74, 66, 67, 75, 84, 80, 88, 68, 85, - 93, 89, 81, 110, 76, 129, 94, 41, 112, 113, - 86, 163, 116, 117, 119, 87, 144, 166, 90, 77, - 145, 130, 131, 149, 164, 91, 150, 120, 95, 82, - 118, 121, 167, 566, 92, 38, 38, 38, 38, 38, - 38, 38, 38, 38, 38, 38, 38, 38, 38, 147, - 160, 177, 178, 161, 179, 185, 194, 414, 186, 195, - 148, 223, 180, 224, 264, 253, 565, 564, 225, 254, - - 318, 563, 319, 562, 561, 265, 415, 560, 559, 558, - 557, 556, 555, 554, 553, 552, 551, 550, 549, 548, - 547, 546, 545, 41, 43, 43, 544, 543, 542, 541, - 540, 539, 538, 537, 536, 535, 534, 533, 532, 531, - 530, 529, 528, 527, 526, 525, 524, 523, 522, 521, - 520, 519, 518, 517, 516, 515, 514, 513, 512, 511, - 510, 509, 508, 507, 506, 505, 504, 503, 502, 501, - 500, 499, 498, 497, 496, 495, 494, 493, 492, 491, - 490, 489, 488, 487, 486, 485, 484, 483, 482, 481, - 480, 479, 478, 477, 476, 475, 474, 473, 472, 471, - - 470, 469, 468, 467, 466, 465, 464, 463, 462, 461, - 460, 459, 458, 457, 456, 455, 454, 453, 452, 451, - 450, 449, 448, 447, 446, 445, 444, 443, 442, 441, - 440, 439, 438, 437, 436, 435, 434, 433, 432, 431, - 430, 429, 428, 427, 426, 425, 424, 423, 422, 421, - 420, 419, 418, 417, 416, 413, 412, 411, 410, 409, - 408, 407, 406, 405, 404, 403, 402, 401, 400, 399, - 398, 397, 396, 395, 394, 393, 392, 391, 390, 389, - 388, 387, 386, 385, 384, 383, 382, 381, 380, 379, - 378, 377, 376, 375, 374, 373, 372, 371, 370, 369, - - 368, 367, 366, 365, 364, 363, 362, 361, 360, 359, - 358, 357, 356, 355, 354, 353, 352, 351, 350, 349, - 348, 347, 346, 345, 344, 343, 342, 341, 340, 339, - 338, 337, 336, 335, 334, 333, 332, 331, 330, 329, - 328, 327, 326, 325, 324, 323, 322, 321, 320, 317, - 316, 315, 314, 313, 312, 311, 310, 309, 308, 307, - 306, 305, 304, 303, 302, 301, 300, 299, 298, 297, - 296, 295, 294, 293, 292, 291, 290, 289, 288, 287, - 286, 285, 284, 283, 282, 281, 280, 279, 278, 277, - 276, 275, 274, 273, 272, 271, 270, 269, 268, 267, - - 266, 263, 262, 261, 260, 259, 258, 257, 256, 255, - 252, 251, 250, 249, 248, 247, 246, 245, 244, 243, - 242, 241, 240, 239, 238, 237, 236, 235, 234, 233, - 232, 231, 230, 229, 228, 227, 226, 222, 221, 220, - 219, 218, 217, 216, 215, 214, 213, 212, 211, 210, - 209, 208, 207, 206, 205, 204, 203, 202, 201, 200, - 199, 198, 197, 196, 193, 192, 191, 190, 189, 188, - 187, 184, 183, 182, 181, 176, 175, 174, 173, 172, - 171, 170, 169, 168, 165, 162, 159, 158, 157, 156, - 155, 154, 153, 152, 151, 146, 143, 142, 141, 140, - - 139, 138, 137, 136, 135, 134, 133, 132, 128, 127, - 126, 125, 124, 123, 122, 115, 114, 111, 108, 107, - 106, 105, 104, 103, 102, 101, 100, 98, 97, 96, - 83, 56, 42, 40, 39, 567, 3, 567, 567, 567, - 567, 567, 567, 567, 567, 567, 567, 567, 567, 567, - 567, 567, 567, 567, 567, 567, 567, 567, 567, 567, - 567, 567, 567, 567, 567, 567, 567, 567, 567, 567, - 567, 567, 567, 567, 567, 567, 567, 567, 567, 567, - 567, 567, 567, 567, 567, 567, 567, 567, 567, 567, - 567, 567, 567, 567, 567, 567, 567, 567, 567, 567, - - 567, 567, 567, 567, 567, 567 - } ; - -static yyconst flex_int16_t yy_chk[707] = - { 0, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 9, - 25, 569, 9, 9, 9, 9, 9, 9, 9, 12, - 12, 12, 12, 12, 12, 12, 13, 13, 13, 13, - 13, 13, 13, 15, 16, 19, 19, 25, 16, 20, - - 21, 17, 16, 15, 16, 17, 19, 15, 17, 24, - 23, 21, 15, 23, 16, 27, 20, 24, 27, 53, - 26, 26, 23, 23, 26, 29, 27, 30, 23, 29, - 31, 30, 27, 53, 26, 67, 31, 12, 55, 55, - 29, 96, 58, 58, 59, 29, 81, 101, 30, 26, - 81, 67, 67, 84, 96, 30, 84, 59, 31, 27, - 58, 59, 101, 562, 30, 37, 37, 37, 37, 37, - 37, 37, 38, 38, 38, 38, 38, 38, 38, 83, - 94, 113, 113, 94, 114, 120, 128, 368, 120, 128, - 83, 159, 114, 159, 198, 187, 558, 557, 159, 187, - - 260, 556, 260, 555, 553, 198, 368, 552, 550, 549, - 547, 546, 544, 542, 540, 537, 536, 535, 534, 533, - 532, 530, 529, 37, 568, 568, 528, 527, 526, 523, - 522, 521, 520, 519, 518, 517, 516, 515, 514, 513, - 512, 511, 510, 509, 508, 507, 506, 505, 504, 503, - 502, 498, 497, 496, 495, 493, 492, 491, 490, 489, - 488, 487, 486, 485, 484, 482, 481, 480, 479, 477, - 475, 473, 472, 471, 470, 469, 468, 466, 465, 463, - 462, 461, 460, 459, 458, 457, 456, 455, 453, 452, - 451, 450, 449, 448, 447, 446, 445, 441, 440, 439, - - 438, 437, 436, 435, 434, 433, 432, 430, 429, 428, - 427, 425, 424, 423, 422, 418, 417, 416, 415, 414, - 412, 410, 408, 407, 406, 405, 404, 403, 402, 401, - 400, 399, 398, 397, 396, 394, 393, 392, 391, 390, - 389, 388, 385, 383, 382, 381, 380, 379, 378, 376, - 375, 372, 371, 370, 369, 367, 366, 364, 363, 361, - 360, 358, 357, 356, 355, 353, 352, 351, 350, 349, - 348, 347, 346, 345, 344, 342, 341, 340, 337, 336, - 335, 334, 333, 332, 331, 330, 329, 327, 326, 325, - 324, 323, 322, 321, 320, 319, 318, 317, 316, 315, - - 314, 313, 312, 311, 310, 308, 307, 306, 305, 304, - 303, 302, 301, 299, 298, 297, 296, 295, 294, 292, - 291, 290, 289, 288, 287, 286, 284, 283, 282, 281, - 280, 279, 278, 277, 276, 275, 274, 273, 272, 271, - 269, 268, 267, 266, 265, 264, 263, 262, 261, 259, - 258, 257, 256, 254, 253, 252, 251, 250, 249, 248, - 247, 246, 245, 244, 243, 242, 240, 239, 238, 237, - 235, 234, 233, 232, 230, 229, 228, 227, 226, 225, - 224, 223, 222, 221, 218, 217, 216, 214, 213, 211, - 210, 209, 208, 207, 206, 205, 204, 203, 202, 200, - - 199, 197, 196, 195, 194, 193, 192, 191, 190, 188, - 186, 185, 184, 183, 182, 181, 180, 179, 178, 177, - 176, 175, 174, 173, 172, 171, 170, 169, 168, 167, - 166, 165, 164, 163, 162, 161, 160, 158, 157, 156, - 155, 154, 153, 152, 151, 149, 148, 147, 146, 145, - 144, 143, 141, 140, 139, 138, 137, 136, 135, 134, - 132, 131, 130, 129, 127, 126, 125, 124, 123, 122, - 121, 119, 118, 116, 115, 112, 111, 110, 109, 108, - 107, 105, 104, 103, 97, 95, 93, 92, 91, 90, - 89, 88, 87, 86, 85, 82, 80, 79, 78, 77, - - 76, 74, 73, 72, 71, 70, 69, 68, 66, 65, - 64, 63, 62, 61, 60, 57, 56, 54, 51, 50, - 49, 48, 47, 46, 45, 44, 42, 39, 33, 32, - 28, 18, 14, 11, 10, 3, 567, 567, 567, 567, - 567, 567, 567, 567, 567, 567, 567, 567, 567, 567, - 567, 567, 567, 567, 567, 567, 567, 567, 567, 567, - 567, 567, 567, 567, 567, 567, 567, 567, 567, 567, - 567, 567, 567, 567, 567, 567, 567, 567, 567, 567, - 567, 567, 567, 567, 567, 567, 567, 567, 567, 567, - 567, 567, 567, 567, 567, 567, 567, 567, 567, 567, - - 567, 567, 567, 567, 567, 567 - } ; - -static yy_state_type yy_last_accepting_state; -static char *yy_last_accepting_cpos; - -extern int yy_flex_debug; -int yy_flex_debug = 0; - -/* The intent behind this definition is that it'll catch - * any uses of REJECT which flex missed. - */ -#define REJECT reject_used_but_not_detected -#define yymore() yymore_used_but_not_detected -#define YY_MORE_ADJ 0 -#define YY_RESTORE_YY_MORE_OFFSET -char *yytext; -#line 1 "lex.l" -#line 2 "lex.l" -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: lex.l 18738 2006-10-21 11:57:22Z lha $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#undef ECHO -#include "symbol.h" -#include "parse.h" -#include "lex.h" -#include "gen_locl.h" - -static unsigned lineno = 1; - -#undef ECHO - -static void unterminated(const char *, unsigned); - -/* This is for broken old lexes (solaris 10 and hpux) */ -#line 855 "lex.c" - -#define INITIAL 0 - -#ifndef YY_NO_UNISTD_H -/* Special case for "unistd.h", since it is non-ANSI. We include it way - * down here because we want the user's section 1 to have been scanned first. - * The user has a chance to override it with an option. - */ -#include -#endif - -#ifndef YY_EXTRA_TYPE -#define YY_EXTRA_TYPE void * -#endif - -static int yy_init_globals (void ); - -/* Macros after this point can all be overridden by user definitions in - * section 1. - */ - -#ifndef YY_SKIP_YYWRAP -#ifdef __cplusplus -extern "C" int yywrap (void ); -#else -extern int yywrap (void ); -#endif -#endif - - static void yyunput (int c,char *buf_ptr ); - -#ifndef yytext_ptr -static void yy_flex_strncpy (char *,yyconst char *,int ); -#endif - -#ifdef YY_NEED_STRLEN -static int yy_flex_strlen (yyconst char * ); -#endif - -#ifndef YY_NO_INPUT - -#ifdef __cplusplus -static int yyinput (void ); -#else -static int input (void ); -#endif - -#endif - -/* Amount of stuff to slurp up with each read. */ -#ifndef YY_READ_BUF_SIZE -#define YY_READ_BUF_SIZE 8192 -#endif - -/* Copy whatever the last rule matched to the standard output. */ -#ifndef ECHO -/* This used to be an fputs(), but since the string might contain NUL's, - * we now use fwrite(). - */ -#define ECHO (void) fwrite( yytext, yyleng, 1, yyout ) -#endif - -/* Gets input and stuffs it into "buf". number of characters read, or YY_NULL, - * is returned in "result". - */ -#ifndef YY_INPUT -#define YY_INPUT(buf,result,max_size) \ - if ( YY_CURRENT_BUFFER_LVALUE->yy_is_interactive ) \ - { \ - int c = '*'; \ - size_t n; \ - for ( n = 0; n < max_size && \ - (c = getc( yyin )) != EOF && c != '\n'; ++n ) \ - buf[n] = (char) c; \ - if ( c == '\n' ) \ - buf[n++] = (char) c; \ - if ( c == EOF && ferror( yyin ) ) \ - YY_FATAL_ERROR( "input in flex scanner failed" ); \ - result = n; \ - } \ - else \ - { \ - errno=0; \ - while ( (result = fread(buf, 1, max_size, yyin))==0 && ferror(yyin)) \ - { \ - if( errno != EINTR) \ - { \ - YY_FATAL_ERROR( "input in flex scanner failed" ); \ - break; \ - } \ - errno=0; \ - clearerr(yyin); \ - } \ - }\ -\ - -#endif - -/* No semi-colon after return; correct usage is to write "yyterminate();" - - * we don't want an extra ';' after the "return" because that will cause - * some compilers to complain about unreachable statements. - */ -#ifndef yyterminate -#define yyterminate() return YY_NULL -#endif - -/* Number of entries by which start-condition stack grows. */ -#ifndef YY_START_STACK_INCR -#define YY_START_STACK_INCR 25 -#endif - -/* Report a fatal error. */ -#ifndef YY_FATAL_ERROR -#define YY_FATAL_ERROR(msg) yy_fatal_error( msg ) -#endif - -/* end tables serialization structures and prototypes */ - -/* Default declaration of generated scanner - a define so the user can - * easily add parameters. - */ -#ifndef YY_DECL -#define YY_DECL_IS_OURS 1 - -extern int yylex (void); - -#define YY_DECL int yylex (void) -#endif /* !YY_DECL */ - -/* Code executed at the beginning of each rule, after yytext and yyleng - * have been set up. - */ -#ifndef YY_USER_ACTION -#define YY_USER_ACTION -#endif - -/* Code executed at the end of each rule. */ -#ifndef YY_BREAK -#define YY_BREAK break; -#endif - -#define YY_RULE_SETUP \ - YY_USER_ACTION - -/** The main scanner function which does all the work. - */ -YY_DECL -{ - register yy_state_type yy_current_state; - register char *yy_cp, *yy_bp; - register int yy_act; - -#line 68 "lex.l" - -#line 1010 "lex.c" - - if ( !(yy_init) ) - { - (yy_init) = 1; - -#ifdef YY_USER_INIT - YY_USER_INIT; -#endif - - if ( ! (yy_start) ) - (yy_start) = 1; /* first start state */ - - if ( ! yyin ) - yyin = stdin; - - if ( ! yyout ) - yyout = stdout; - - if ( ! YY_CURRENT_BUFFER ) { - yyensure_buffer_stack (); - YY_CURRENT_BUFFER_LVALUE = - yy_create_buffer(yyin,YY_BUF_SIZE ); - } - - yy_load_buffer_state( ); - } - - while ( 1 ) /* loops until end-of-file is reached */ - { - yy_cp = (yy_c_buf_p); - - /* Support of yytext. */ - *yy_cp = (yy_hold_char); - - /* yy_bp points to the position in yy_ch_buf of the start of - * the current run. - */ - yy_bp = yy_cp; - - yy_current_state = (yy_start); -yy_match: - do - { - register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)]; - if ( yy_accept[yy_current_state] ) - { - (yy_last_accepting_state) = yy_current_state; - (yy_last_accepting_cpos) = yy_cp; - } - while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) - { - yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 568 ) - yy_c = yy_meta[(unsigned int) yy_c]; - } - yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - ++yy_cp; - } - while ( yy_base[yy_current_state] != 637 ); - -yy_find_action: - yy_act = yy_accept[yy_current_state]; - if ( yy_act == 0 ) - { /* have to back up */ - yy_cp = (yy_last_accepting_cpos); - yy_current_state = (yy_last_accepting_state); - yy_act = yy_accept[yy_current_state]; - } - - YY_DO_BEFORE_ACTION; - -do_action: /* This label is used only to access EOF actions. */ - - switch ( yy_act ) - { /* beginning of action switch */ - case 0: /* must back up */ - /* undo the effects of YY_DO_BEFORE_ACTION */ - *yy_cp = (yy_hold_char); - yy_cp = (yy_last_accepting_cpos); - yy_current_state = (yy_last_accepting_state); - goto yy_find_action; - -case 1: -YY_RULE_SETUP -#line 69 "lex.l" -{ return kw_ABSENT; } - YY_BREAK -case 2: -YY_RULE_SETUP -#line 70 "lex.l" -{ return kw_ABSTRACT_SYNTAX; } - YY_BREAK -case 3: -YY_RULE_SETUP -#line 71 "lex.l" -{ return kw_ALL; } - YY_BREAK -case 4: -YY_RULE_SETUP -#line 72 "lex.l" -{ return kw_APPLICATION; } - YY_BREAK -case 5: -YY_RULE_SETUP -#line 73 "lex.l" -{ return kw_AUTOMATIC; } - YY_BREAK -case 6: -YY_RULE_SETUP -#line 74 "lex.l" -{ return kw_BEGIN; } - YY_BREAK -case 7: -YY_RULE_SETUP -#line 75 "lex.l" -{ return kw_BIT; } - YY_BREAK -case 8: -YY_RULE_SETUP -#line 76 "lex.l" -{ return kw_BMPString; } - YY_BREAK -case 9: -YY_RULE_SETUP -#line 77 "lex.l" -{ return kw_BOOLEAN; } - YY_BREAK -case 10: -YY_RULE_SETUP -#line 78 "lex.l" -{ return kw_BY; } - YY_BREAK -case 11: -YY_RULE_SETUP -#line 79 "lex.l" -{ return kw_CHARACTER; } - YY_BREAK -case 12: -YY_RULE_SETUP -#line 80 "lex.l" -{ return kw_CHOICE; } - YY_BREAK -case 13: -YY_RULE_SETUP -#line 81 "lex.l" -{ return kw_CLASS; } - YY_BREAK -case 14: -YY_RULE_SETUP -#line 82 "lex.l" -{ return kw_COMPONENT; } - YY_BREAK -case 15: -YY_RULE_SETUP -#line 83 "lex.l" -{ return kw_COMPONENTS; } - YY_BREAK -case 16: -YY_RULE_SETUP -#line 84 "lex.l" -{ return kw_CONSTRAINED; } - YY_BREAK -case 17: -YY_RULE_SETUP -#line 85 "lex.l" -{ return kw_CONTAINING; } - YY_BREAK -case 18: -YY_RULE_SETUP -#line 86 "lex.l" -{ return kw_DEFAULT; } - YY_BREAK -case 19: -YY_RULE_SETUP -#line 87 "lex.l" -{ return kw_DEFINITIONS; } - YY_BREAK -case 20: -YY_RULE_SETUP -#line 88 "lex.l" -{ return kw_EMBEDDED; } - YY_BREAK -case 21: -YY_RULE_SETUP -#line 89 "lex.l" -{ return kw_ENCODED; } - YY_BREAK -case 22: -YY_RULE_SETUP -#line 90 "lex.l" -{ return kw_END; } - YY_BREAK -case 23: -YY_RULE_SETUP -#line 91 "lex.l" -{ return kw_ENUMERATED; } - YY_BREAK -case 24: -YY_RULE_SETUP -#line 92 "lex.l" -{ return kw_EXCEPT; } - YY_BREAK -case 25: -YY_RULE_SETUP -#line 93 "lex.l" -{ return kw_EXPLICIT; } - YY_BREAK -case 26: -YY_RULE_SETUP -#line 94 "lex.l" -{ return kw_EXPORTS; } - YY_BREAK -case 27: -YY_RULE_SETUP -#line 95 "lex.l" -{ return kw_EXTENSIBILITY; } - YY_BREAK -case 28: -YY_RULE_SETUP -#line 96 "lex.l" -{ return kw_EXTERNAL; } - YY_BREAK -case 29: -YY_RULE_SETUP -#line 97 "lex.l" -{ return kw_FALSE; } - YY_BREAK -case 30: -YY_RULE_SETUP -#line 98 "lex.l" -{ return kw_FROM; } - YY_BREAK -case 31: -YY_RULE_SETUP -#line 99 "lex.l" -{ return kw_GeneralString; } - YY_BREAK -case 32: -YY_RULE_SETUP -#line 100 "lex.l" -{ return kw_GeneralizedTime; } - YY_BREAK -case 33: -YY_RULE_SETUP -#line 101 "lex.l" -{ return kw_GraphicString; } - YY_BREAK -case 34: -YY_RULE_SETUP -#line 102 "lex.l" -{ return kw_IA5String; } - YY_BREAK -case 35: -YY_RULE_SETUP -#line 103 "lex.l" -{ return kw_IDENTIFIER; } - YY_BREAK -case 36: -YY_RULE_SETUP -#line 104 "lex.l" -{ return kw_IMPLICIT; } - YY_BREAK -case 37: -YY_RULE_SETUP -#line 105 "lex.l" -{ return kw_IMPLIED; } - YY_BREAK -case 38: -YY_RULE_SETUP -#line 106 "lex.l" -{ return kw_IMPORTS; } - YY_BREAK -case 39: -YY_RULE_SETUP -#line 107 "lex.l" -{ return kw_INCLUDES; } - YY_BREAK -case 40: -YY_RULE_SETUP -#line 108 "lex.l" -{ return kw_INSTANCE; } - YY_BREAK -case 41: -YY_RULE_SETUP -#line 109 "lex.l" -{ return kw_INTEGER; } - YY_BREAK -case 42: -YY_RULE_SETUP -#line 110 "lex.l" -{ return kw_INTERSECTION; } - YY_BREAK -case 43: -YY_RULE_SETUP -#line 111 "lex.l" -{ return kw_ISO646String; } - YY_BREAK -case 44: -YY_RULE_SETUP -#line 112 "lex.l" -{ return kw_MAX; } - YY_BREAK -case 45: -YY_RULE_SETUP -#line 113 "lex.l" -{ return kw_MIN; } - YY_BREAK -case 46: -YY_RULE_SETUP -#line 114 "lex.l" -{ return kw_MINUS_INFINITY; } - YY_BREAK -case 47: -YY_RULE_SETUP -#line 115 "lex.l" -{ return kw_NULL; } - YY_BREAK -case 48: -YY_RULE_SETUP -#line 116 "lex.l" -{ return kw_NumericString; } - YY_BREAK -case 49: -YY_RULE_SETUP -#line 117 "lex.l" -{ return kw_OBJECT; } - YY_BREAK -case 50: -YY_RULE_SETUP -#line 118 "lex.l" -{ return kw_OCTET; } - YY_BREAK -case 51: -YY_RULE_SETUP -#line 119 "lex.l" -{ return kw_OF; } - YY_BREAK -case 52: -YY_RULE_SETUP -#line 120 "lex.l" -{ return kw_OPTIONAL; } - YY_BREAK -case 53: -YY_RULE_SETUP -#line 121 "lex.l" -{ return kw_ObjectDescriptor; } - YY_BREAK -case 54: -YY_RULE_SETUP -#line 122 "lex.l" -{ return kw_PATTERN; } - YY_BREAK -case 55: -YY_RULE_SETUP -#line 123 "lex.l" -{ return kw_PDV; } - YY_BREAK -case 56: -YY_RULE_SETUP -#line 124 "lex.l" -{ return kw_PLUS_INFINITY; } - YY_BREAK -case 57: -YY_RULE_SETUP -#line 125 "lex.l" -{ return kw_PRESENT; } - YY_BREAK -case 58: -YY_RULE_SETUP -#line 126 "lex.l" -{ return kw_PRIVATE; } - YY_BREAK -case 59: -YY_RULE_SETUP -#line 127 "lex.l" -{ return kw_PrintableString; } - YY_BREAK -case 60: -YY_RULE_SETUP -#line 128 "lex.l" -{ return kw_REAL; } - YY_BREAK -case 61: -YY_RULE_SETUP -#line 129 "lex.l" -{ return kw_RELATIVE_OID; } - YY_BREAK -case 62: -YY_RULE_SETUP -#line 130 "lex.l" -{ return kw_SEQUENCE; } - YY_BREAK -case 63: -YY_RULE_SETUP -#line 131 "lex.l" -{ return kw_SET; } - YY_BREAK -case 64: -YY_RULE_SETUP -#line 132 "lex.l" -{ return kw_SIZE; } - YY_BREAK -case 65: -YY_RULE_SETUP -#line 133 "lex.l" -{ return kw_STRING; } - YY_BREAK -case 66: -YY_RULE_SETUP -#line 134 "lex.l" -{ return kw_SYNTAX; } - YY_BREAK -case 67: -YY_RULE_SETUP -#line 135 "lex.l" -{ return kw_T61String; } - YY_BREAK -case 68: -YY_RULE_SETUP -#line 136 "lex.l" -{ return kw_TAGS; } - YY_BREAK -case 69: -YY_RULE_SETUP -#line 137 "lex.l" -{ return kw_TRUE; } - YY_BREAK -case 70: -YY_RULE_SETUP -#line 138 "lex.l" -{ return kw_TYPE_IDENTIFIER; } - YY_BREAK -case 71: -YY_RULE_SETUP -#line 139 "lex.l" -{ return kw_TeletexString; } - YY_BREAK -case 72: -YY_RULE_SETUP -#line 140 "lex.l" -{ return kw_UNION; } - YY_BREAK -case 73: -YY_RULE_SETUP -#line 141 "lex.l" -{ return kw_UNIQUE; } - YY_BREAK -case 74: -YY_RULE_SETUP -#line 142 "lex.l" -{ return kw_UNIVERSAL; } - YY_BREAK -case 75: -YY_RULE_SETUP -#line 143 "lex.l" -{ return kw_UTCTime; } - YY_BREAK -case 76: -YY_RULE_SETUP -#line 144 "lex.l" -{ return kw_UTF8String; } - YY_BREAK -case 77: -YY_RULE_SETUP -#line 145 "lex.l" -{ return kw_UniversalString; } - YY_BREAK -case 78: -YY_RULE_SETUP -#line 146 "lex.l" -{ return kw_VideotexString; } - YY_BREAK -case 79: -YY_RULE_SETUP -#line 147 "lex.l" -{ return kw_VisibleString; } - YY_BREAK -case 80: -YY_RULE_SETUP -#line 148 "lex.l" -{ return kw_WITH; } - YY_BREAK -case 81: -YY_RULE_SETUP -#line 149 "lex.l" -{ return *yytext; } - YY_BREAK -case 82: -YY_RULE_SETUP -#line 150 "lex.l" -{ return *yytext; } - YY_BREAK -case 83: -YY_RULE_SETUP -#line 151 "lex.l" -{ return *yytext; } - YY_BREAK -case 84: -YY_RULE_SETUP -#line 152 "lex.l" -{ return EEQUAL; } - YY_BREAK -case 85: -YY_RULE_SETUP -#line 153 "lex.l" -{ - int c, start_lineno = lineno; - int f = 0; - while((c = input()) != EOF) { - if(f && c == '-') - break; - if(c == '-') { - f = 1; - continue; - } - if(c == '\n') { - lineno++; - break; - } - f = 0; - } - if(c == EOF) - unterminated("comment", start_lineno); - } - YY_BREAK -case 86: -YY_RULE_SETUP -#line 172 "lex.l" -{ - int c, start_lineno = lineno; - int level = 1; - int seen_star = 0; - int seen_slash = 0; - while((c = input()) != EOF) { - if(c == '/') { - if(seen_star) { - if(--level == 0) - break; - seen_star = 0; - continue; - } - seen_slash = 1; - continue; - } - if(seen_star && c == '/') { - if(--level == 0) - break; - seen_star = 0; - continue; - } - if(c == '*') { - if(seen_slash) { - level++; - seen_star = seen_slash = 0; - continue; - } - seen_star = 1; - continue; - } - seen_star = seen_slash = 0; - if(c == '\n') { - lineno++; - continue; - } - } - if(c == EOF) - unterminated("comment", start_lineno); - } - YY_BREAK -case 87: -YY_RULE_SETUP -#line 212 "lex.l" -{ - int start_lineno = lineno; - int c; - char buf[1024]; - char *p = buf; - int f = 0; - int skip_ws = 0; - - while((c = input()) != EOF) { - if(isspace(c) && skip_ws) { - if(c == '\n') - lineno++; - continue; - } - skip_ws = 0; - - if(c == '"') { - if(f) { - *p++ = '"'; - f = 0; - } else - f = 1; - continue; - } - if(f == 1) { - unput(c); - break; - } - if(c == '\n') { - lineno++; - while(p > buf && isspace((unsigned char)p[-1])) - p--; - skip_ws = 1; - continue; - } - *p++ = c; - } - if(c == EOF) - unterminated("string", start_lineno); - *p++ = '\0'; - fprintf(stderr, "string -- %s\n", buf); - yylval.name = estrdup(buf); - return STRING; - } - YY_BREAK -case 88: -YY_RULE_SETUP -#line 257 "lex.l" -{ char *e, *y = yytext; - yylval.constant = strtol((const char *)yytext, - &e, 0); - if(e == y) - error_message("malformed constant (%s)", yytext); - else - return NUMBER; - } - YY_BREAK -case 89: -YY_RULE_SETUP -#line 265 "lex.l" -{ - yylval.name = estrdup ((const char *)yytext); - return IDENTIFIER; - } - YY_BREAK -case 90: -YY_RULE_SETUP -#line 269 "lex.l" -; - YY_BREAK -case 91: -/* rule 91 can match eol */ -YY_RULE_SETUP -#line 270 "lex.l" -{ ++lineno; } - YY_BREAK -case 92: -YY_RULE_SETUP -#line 271 "lex.l" -{ return ELLIPSIS; } - YY_BREAK -case 93: -YY_RULE_SETUP -#line 272 "lex.l" -{ return RANGE; } - YY_BREAK -case 94: -YY_RULE_SETUP -#line 273 "lex.l" -{ error_message("Ignoring char(%c)\n", *yytext); } - YY_BREAK -case 95: -YY_RULE_SETUP -#line 274 "lex.l" -ECHO; - YY_BREAK -#line 1679 "lex.c" -case YY_STATE_EOF(INITIAL): - yyterminate(); - - case YY_END_OF_BUFFER: - { - /* Amount of text matched not including the EOB char. */ - int yy_amount_of_matched_text = (int) (yy_cp - (yytext_ptr)) - 1; - - /* Undo the effects of YY_DO_BEFORE_ACTION. */ - *yy_cp = (yy_hold_char); - YY_RESTORE_YY_MORE_OFFSET - - if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_NEW ) - { - /* We're scanning a new file or input source. It's - * possible that this happened because the user - * just pointed yyin at a new source and called - * yylex(). If so, then we have to assure - * consistency between YY_CURRENT_BUFFER and our - * globals. Here is the right place to do so, because - * this is the first action (other than possibly a - * back-up) that will match for the new input source. - */ - (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_n_chars; - YY_CURRENT_BUFFER_LVALUE->yy_input_file = yyin; - YY_CURRENT_BUFFER_LVALUE->yy_buffer_status = YY_BUFFER_NORMAL; - } - - /* Note that here we test for yy_c_buf_p "<=" to the position - * of the first EOB in the buffer, since yy_c_buf_p will - * already have been incremented past the NUL character - * (since all states make transitions on EOB to the - * end-of-buffer state). Contrast this with the test - * in input(). - */ - if ( (yy_c_buf_p) <= &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] ) - { /* This was really a NUL. */ - yy_state_type yy_next_state; - - (yy_c_buf_p) = (yytext_ptr) + yy_amount_of_matched_text; - - yy_current_state = yy_get_previous_state( ); - - /* Okay, we're now positioned to make the NUL - * transition. We couldn't have - * yy_get_previous_state() go ahead and do it - * for us because it doesn't know how to deal - * with the possibility of jamming (and we don't - * want to build jamming into it because then it - * will run more slowly). - */ - - yy_next_state = yy_try_NUL_trans( yy_current_state ); - - yy_bp = (yytext_ptr) + YY_MORE_ADJ; - - if ( yy_next_state ) - { - /* Consume the NUL. */ - yy_cp = ++(yy_c_buf_p); - yy_current_state = yy_next_state; - goto yy_match; - } - - else - { - yy_cp = (yy_c_buf_p); - goto yy_find_action; - } - } - - else switch ( yy_get_next_buffer( ) ) - { - case EOB_ACT_END_OF_FILE: - { - (yy_did_buffer_switch_on_eof) = 0; - - if ( yywrap( ) ) - { - /* Note: because we've taken care in - * yy_get_next_buffer() to have set up - * yytext, we can now set up - * yy_c_buf_p so that if some total - * hoser (like flex itself) wants to - * call the scanner after we return the - * YY_NULL, it'll still work - another - * YY_NULL will get returned. - */ - (yy_c_buf_p) = (yytext_ptr) + YY_MORE_ADJ; - - yy_act = YY_STATE_EOF(YY_START); - goto do_action; - } - - else - { - if ( ! (yy_did_buffer_switch_on_eof) ) - YY_NEW_FILE; - } - break; - } - - case EOB_ACT_CONTINUE_SCAN: - (yy_c_buf_p) = - (yytext_ptr) + yy_amount_of_matched_text; - - yy_current_state = yy_get_previous_state( ); - - yy_cp = (yy_c_buf_p); - yy_bp = (yytext_ptr) + YY_MORE_ADJ; - goto yy_match; - - case EOB_ACT_LAST_MATCH: - (yy_c_buf_p) = - &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)]; - - yy_current_state = yy_get_previous_state( ); - - yy_cp = (yy_c_buf_p); - yy_bp = (yytext_ptr) + YY_MORE_ADJ; - goto yy_find_action; - } - break; - } - - default: - YY_FATAL_ERROR( - "fatal flex scanner internal error--no action found" ); - } /* end of action switch */ - } /* end of scanning one token */ -} /* end of yylex */ - -/* yy_get_next_buffer - try to read in a new buffer - * - * Returns a code representing an action: - * EOB_ACT_LAST_MATCH - - * EOB_ACT_CONTINUE_SCAN - continue scanning from current position - * EOB_ACT_END_OF_FILE - end of file - */ -static int yy_get_next_buffer (void) -{ - register char *dest = YY_CURRENT_BUFFER_LVALUE->yy_ch_buf; - register char *source = (yytext_ptr); - register int number_to_move, i; - int ret_val; - - if ( (yy_c_buf_p) > &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] ) - YY_FATAL_ERROR( - "fatal flex scanner internal error--end of buffer missed" ); - - if ( YY_CURRENT_BUFFER_LVALUE->yy_fill_buffer == 0 ) - { /* Don't try to fill the buffer, so this is an EOF. */ - if ( (yy_c_buf_p) - (yytext_ptr) - YY_MORE_ADJ == 1 ) - { - /* We matched a single character, the EOB, so - * treat this as a final EOF. - */ - return EOB_ACT_END_OF_FILE; - } - - else - { - /* We matched some text prior to the EOB, first - * process it. - */ - return EOB_ACT_LAST_MATCH; - } - } - - /* Try to read more data. */ - - /* First move last chars to start of buffer. */ - number_to_move = (int) ((yy_c_buf_p) - (yytext_ptr)) - 1; - - for ( i = 0; i < number_to_move; ++i ) - *(dest++) = *(source++); - - if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_EOF_PENDING ) - /* don't do the read, it's not guaranteed to return an EOF, - * just force an EOF - */ - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars) = 0; - - else - { - int num_to_read = - YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1; - - while ( num_to_read <= 0 ) - { /* Not enough room in the buffer - grow it. */ - - /* just a shorter name for the current buffer */ - YY_BUFFER_STATE b = YY_CURRENT_BUFFER; - - int yy_c_buf_p_offset = - (int) ((yy_c_buf_p) - b->yy_ch_buf); - - if ( b->yy_is_our_buffer ) - { - int new_size = b->yy_buf_size * 2; - - if ( new_size <= 0 ) - b->yy_buf_size += b->yy_buf_size / 8; - else - b->yy_buf_size *= 2; - - b->yy_ch_buf = (char *) - /* Include room in for 2 EOB chars. */ - yyrealloc((void *) b->yy_ch_buf,b->yy_buf_size + 2 ); - } - else - /* Can't grow it, we don't own it. */ - b->yy_ch_buf = 0; - - if ( ! b->yy_ch_buf ) - YY_FATAL_ERROR( - "fatal error - scanner input buffer overflow" ); - - (yy_c_buf_p) = &b->yy_ch_buf[yy_c_buf_p_offset]; - - num_to_read = YY_CURRENT_BUFFER_LVALUE->yy_buf_size - - number_to_move - 1; - - } - - if ( num_to_read > YY_READ_BUF_SIZE ) - num_to_read = YY_READ_BUF_SIZE; - - /* Read in more data. */ - YY_INPUT( (&YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move]), - (yy_n_chars), num_to_read ); - - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars); - } - - if ( (yy_n_chars) == 0 ) - { - if ( number_to_move == YY_MORE_ADJ ) - { - ret_val = EOB_ACT_END_OF_FILE; - yyrestart(yyin ); - } - - else - { - ret_val = EOB_ACT_LAST_MATCH; - YY_CURRENT_BUFFER_LVALUE->yy_buffer_status = - YY_BUFFER_EOF_PENDING; - } - } - - else - ret_val = EOB_ACT_CONTINUE_SCAN; - - (yy_n_chars) += number_to_move; - YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] = YY_END_OF_BUFFER_CHAR; - YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] = YY_END_OF_BUFFER_CHAR; - - (yytext_ptr) = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[0]; - - return ret_val; -} - -/* yy_get_previous_state - get the state just before the EOB char was reached */ - - static yy_state_type yy_get_previous_state (void) -{ - register yy_state_type yy_current_state; - register char *yy_cp; - - yy_current_state = (yy_start); - - for ( yy_cp = (yytext_ptr) + YY_MORE_ADJ; yy_cp < (yy_c_buf_p); ++yy_cp ) - { - register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1); - if ( yy_accept[yy_current_state] ) - { - (yy_last_accepting_state) = yy_current_state; - (yy_last_accepting_cpos) = yy_cp; - } - while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) - { - yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 568 ) - yy_c = yy_meta[(unsigned int) yy_c]; - } - yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - } - - return yy_current_state; -} - -/* yy_try_NUL_trans - try to make a transition on the NUL character - * - * synopsis - * next_state = yy_try_NUL_trans( current_state ); - */ - static yy_state_type yy_try_NUL_trans (yy_state_type yy_current_state ) -{ - register int yy_is_jam; - register char *yy_cp = (yy_c_buf_p); - - register YY_CHAR yy_c = 1; - if ( yy_accept[yy_current_state] ) - { - (yy_last_accepting_state) = yy_current_state; - (yy_last_accepting_cpos) = yy_cp; - } - while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) - { - yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 568 ) - yy_c = yy_meta[(unsigned int) yy_c]; - } - yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - yy_is_jam = (yy_current_state == 567); - - return yy_is_jam ? 0 : yy_current_state; -} - - static void yyunput (int c, register char * yy_bp ) -{ - register char *yy_cp; - - yy_cp = (yy_c_buf_p); - - /* undo effects of setting up yytext */ - *yy_cp = (yy_hold_char); - - if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 ) - { /* need to shift things up to make room */ - /* +2 for EOB chars. */ - register int number_to_move = (yy_n_chars) + 2; - register char *dest = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[ - YY_CURRENT_BUFFER_LVALUE->yy_buf_size + 2]; - register char *source = - &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move]; - - while ( source > YY_CURRENT_BUFFER_LVALUE->yy_ch_buf ) - *--dest = *--source; - - yy_cp += (int) (dest - source); - yy_bp += (int) (dest - source); - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = - (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_buf_size; - - if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 ) - YY_FATAL_ERROR( "flex scanner push-back overflow" ); - } - - *--yy_cp = (char) c; - - (yytext_ptr) = yy_bp; - (yy_hold_char) = *yy_cp; - (yy_c_buf_p) = yy_cp; -} - -#ifndef YY_NO_INPUT -#ifdef __cplusplus - static int yyinput (void) -#else - static int input (void) -#endif - -{ - int c; - - *(yy_c_buf_p) = (yy_hold_char); - - if ( *(yy_c_buf_p) == YY_END_OF_BUFFER_CHAR ) - { - /* yy_c_buf_p now points to the character we want to return. - * If this occurs *before* the EOB characters, then it's a - * valid NUL; if not, then we've hit the end of the buffer. - */ - if ( (yy_c_buf_p) < &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] ) - /* This was really a NUL. */ - *(yy_c_buf_p) = '\0'; - - else - { /* need more input */ - int offset = (yy_c_buf_p) - (yytext_ptr); - ++(yy_c_buf_p); - - switch ( yy_get_next_buffer( ) ) - { - case EOB_ACT_LAST_MATCH: - /* This happens because yy_g_n_b() - * sees that we've accumulated a - * token and flags that we need to - * try matching the token before - * proceeding. But for input(), - * there's no matching to consider. - * So convert the EOB_ACT_LAST_MATCH - * to EOB_ACT_END_OF_FILE. - */ - - /* Reset buffer status. */ - yyrestart(yyin ); - - /*FALLTHROUGH*/ - - case EOB_ACT_END_OF_FILE: - { - if ( yywrap( ) ) - return 0; - - if ( ! (yy_did_buffer_switch_on_eof) ) - YY_NEW_FILE; -#ifdef __cplusplus - return yyinput(); -#else - return input(); -#endif - } - - case EOB_ACT_CONTINUE_SCAN: - (yy_c_buf_p) = (yytext_ptr) + offset; - break; - } - } - } - - c = *(unsigned char *) (yy_c_buf_p); /* cast for 8-bit char's */ - *(yy_c_buf_p) = '\0'; /* preserve yytext */ - (yy_hold_char) = *++(yy_c_buf_p); - - return c; -} -#endif /* ifndef YY_NO_INPUT */ - -/** Immediately switch to a different input stream. - * @param input_file A readable stream. - * - * @note This function does not reset the start condition to @c INITIAL . - */ - void yyrestart (FILE * input_file ) -{ - - if ( ! YY_CURRENT_BUFFER ){ - yyensure_buffer_stack (); - YY_CURRENT_BUFFER_LVALUE = - yy_create_buffer(yyin,YY_BUF_SIZE ); - } - - yy_init_buffer(YY_CURRENT_BUFFER,input_file ); - yy_load_buffer_state( ); -} - -/** Switch to a different input buffer. - * @param new_buffer The new input buffer. - * - */ - void yy_switch_to_buffer (YY_BUFFER_STATE new_buffer ) -{ - - /* TODO. We should be able to replace this entire function body - * with - * yypop_buffer_state(); - * yypush_buffer_state(new_buffer); - */ - yyensure_buffer_stack (); - if ( YY_CURRENT_BUFFER == new_buffer ) - return; - - if ( YY_CURRENT_BUFFER ) - { - /* Flush out information for old buffer. */ - *(yy_c_buf_p) = (yy_hold_char); - YY_CURRENT_BUFFER_LVALUE->yy_buf_pos = (yy_c_buf_p); - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars); - } - - YY_CURRENT_BUFFER_LVALUE = new_buffer; - yy_load_buffer_state( ); - - /* We don't actually know whether we did this switch during - * EOF (yywrap()) processing, but the only time this flag - * is looked at is after yywrap() is called, so it's safe - * to go ahead and always set it. - */ - (yy_did_buffer_switch_on_eof) = 1; -} - -static void yy_load_buffer_state (void) -{ - (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_n_chars; - (yytext_ptr) = (yy_c_buf_p) = YY_CURRENT_BUFFER_LVALUE->yy_buf_pos; - yyin = YY_CURRENT_BUFFER_LVALUE->yy_input_file; - (yy_hold_char) = *(yy_c_buf_p); -} - -/** Allocate and initialize an input buffer state. - * @param file A readable stream. - * @param size The character buffer size in bytes. When in doubt, use @c YY_BUF_SIZE. - * - * @return the allocated buffer state. - */ - YY_BUFFER_STATE yy_create_buffer (FILE * file, int size ) -{ - YY_BUFFER_STATE b; - - b = (YY_BUFFER_STATE) yyalloc(sizeof( struct yy_buffer_state ) ); - if ( ! b ) - YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); - - b->yy_buf_size = size; - - /* yy_ch_buf has to be 2 characters longer than the size given because - * we need to put in 2 end-of-buffer characters. - */ - b->yy_ch_buf = (char *) yyalloc(b->yy_buf_size + 2 ); - if ( ! b->yy_ch_buf ) - YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); - - b->yy_is_our_buffer = 1; - - yy_init_buffer(b,file ); - - return b; -} - -/** Destroy the buffer. - * @param b a buffer created with yy_create_buffer() - * - */ - void yy_delete_buffer (YY_BUFFER_STATE b ) -{ - - if ( ! b ) - return; - - if ( b == YY_CURRENT_BUFFER ) /* Not sure if we should pop here. */ - YY_CURRENT_BUFFER_LVALUE = (YY_BUFFER_STATE) 0; - - if ( b->yy_is_our_buffer ) - yyfree((void *) b->yy_ch_buf ); - - yyfree((void *) b ); -} - -#ifndef __cplusplus -extern int isatty (int ); -#endif /* __cplusplus */ - -/* Initializes or reinitializes a buffer. - * This function is sometimes called more than once on the same buffer, - * such as during a yyrestart() or at EOF. - */ - static void yy_init_buffer (YY_BUFFER_STATE b, FILE * file ) - -{ - int oerrno = errno; - - yy_flush_buffer(b ); - - b->yy_input_file = file; - b->yy_fill_buffer = 1; - - /* If b is the current buffer, then yy_init_buffer was _probably_ - * called from yyrestart() or through yy_get_next_buffer. - * In that case, we don't want to reset the lineno or column. - */ - if (b != YY_CURRENT_BUFFER){ - b->yy_bs_lineno = 1; - b->yy_bs_column = 0; - } - - b->yy_is_interactive = file ? (isatty( fileno(file) ) > 0) : 0; - - errno = oerrno; -} - -/** Discard all buffered characters. On the next scan, YY_INPUT will be called. - * @param b the buffer state to be flushed, usually @c YY_CURRENT_BUFFER. - * - */ - void yy_flush_buffer (YY_BUFFER_STATE b ) -{ - if ( ! b ) - return; - - b->yy_n_chars = 0; - - /* We always need two end-of-buffer characters. The first causes - * a transition to the end-of-buffer state. The second causes - * a jam in that state. - */ - b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR; - b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR; - - b->yy_buf_pos = &b->yy_ch_buf[0]; - - b->yy_at_bol = 1; - b->yy_buffer_status = YY_BUFFER_NEW; - - if ( b == YY_CURRENT_BUFFER ) - yy_load_buffer_state( ); -} - -/** Pushes the new state onto the stack. The new state becomes - * the current state. This function will allocate the stack - * if necessary. - * @param new_buffer The new state. - * - */ -void yypush_buffer_state (YY_BUFFER_STATE new_buffer ) -{ - if (new_buffer == NULL) - return; - - yyensure_buffer_stack(); - - /* This block is copied from yy_switch_to_buffer. */ - if ( YY_CURRENT_BUFFER ) - { - /* Flush out information for old buffer. */ - *(yy_c_buf_p) = (yy_hold_char); - YY_CURRENT_BUFFER_LVALUE->yy_buf_pos = (yy_c_buf_p); - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars); - } - - /* Only push if top exists. Otherwise, replace top. */ - if (YY_CURRENT_BUFFER) - (yy_buffer_stack_top)++; - YY_CURRENT_BUFFER_LVALUE = new_buffer; - - /* copied from yy_switch_to_buffer. */ - yy_load_buffer_state( ); - (yy_did_buffer_switch_on_eof) = 1; -} - -/** Removes and deletes the top of the stack, if present. - * The next element becomes the new top. - * - */ -void yypop_buffer_state (void) -{ - if (!YY_CURRENT_BUFFER) - return; - - yy_delete_buffer(YY_CURRENT_BUFFER ); - YY_CURRENT_BUFFER_LVALUE = NULL; - if ((yy_buffer_stack_top) > 0) - --(yy_buffer_stack_top); - - if (YY_CURRENT_BUFFER) { - yy_load_buffer_state( ); - (yy_did_buffer_switch_on_eof) = 1; - } -} - -/* Allocates the stack if it does not exist. - * Guarantees space for at least one push. - */ -static void yyensure_buffer_stack (void) -{ - int num_to_alloc; - - if (!(yy_buffer_stack)) { - - /* First allocation is just for 2 elements, since we don't know if this - * scanner will even need a stack. We use 2 instead of 1 to avoid an - * immediate realloc on the next call. - */ - num_to_alloc = 1; - (yy_buffer_stack) = (struct yy_buffer_state**)yyalloc - (num_to_alloc * sizeof(struct yy_buffer_state*) - ); - - memset((yy_buffer_stack), 0, num_to_alloc * sizeof(struct yy_buffer_state*)); - - (yy_buffer_stack_max) = num_to_alloc; - (yy_buffer_stack_top) = 0; - return; - } - - if ((yy_buffer_stack_top) >= ((yy_buffer_stack_max)) - 1){ - - /* Increase the buffer to prepare for a possible push. */ - int grow_size = 8 /* arbitrary grow size */; - - num_to_alloc = (yy_buffer_stack_max) + grow_size; - (yy_buffer_stack) = (struct yy_buffer_state**)yyrealloc - ((yy_buffer_stack), - num_to_alloc * sizeof(struct yy_buffer_state*) - ); - - /* zero only the new slots.*/ - memset((yy_buffer_stack) + (yy_buffer_stack_max), 0, grow_size * sizeof(struct yy_buffer_state*)); - (yy_buffer_stack_max) = num_to_alloc; - } -} - -/** Setup the input buffer state to scan directly from a user-specified character buffer. - * @param base the character buffer - * @param size the size in bytes of the character buffer - * - * @return the newly allocated buffer state object. - */ -YY_BUFFER_STATE yy_scan_buffer (char * base, yy_size_t size ) -{ - YY_BUFFER_STATE b; - - if ( size < 2 || - base[size-2] != YY_END_OF_BUFFER_CHAR || - base[size-1] != YY_END_OF_BUFFER_CHAR ) - /* They forgot to leave room for the EOB's. */ - return 0; - - b = (YY_BUFFER_STATE) yyalloc(sizeof( struct yy_buffer_state ) ); - if ( ! b ) - YY_FATAL_ERROR( "out of dynamic memory in yy_scan_buffer()" ); - - b->yy_buf_size = size - 2; /* "- 2" to take care of EOB's */ - b->yy_buf_pos = b->yy_ch_buf = base; - b->yy_is_our_buffer = 0; - b->yy_input_file = 0; - b->yy_n_chars = b->yy_buf_size; - b->yy_is_interactive = 0; - b->yy_at_bol = 1; - b->yy_fill_buffer = 0; - b->yy_buffer_status = YY_BUFFER_NEW; - - yy_switch_to_buffer(b ); - - return b; -} - -/** Setup the input buffer state to scan a string. The next call to yylex() will - * scan from a @e copy of @a str. - * @param str a NUL-terminated string to scan - * - * @return the newly allocated buffer state object. - * @note If you want to scan bytes that may contain NUL values, then use - * yy_scan_bytes() instead. - */ -YY_BUFFER_STATE yy_scan_string (yyconst char * yystr ) -{ - - return yy_scan_bytes(yystr,strlen(yystr) ); -} - -/** Setup the input buffer state to scan the given bytes. The next call to yylex() will - * scan from a @e copy of @a bytes. - * @param bytes the byte buffer to scan - * @param len the number of bytes in the buffer pointed to by @a bytes. - * - * @return the newly allocated buffer state object. - */ -YY_BUFFER_STATE yy_scan_bytes (yyconst char * yybytes, int _yybytes_len ) -{ - YY_BUFFER_STATE b; - char *buf; - yy_size_t n; - int i; - - /* Get memory for full buffer, including space for trailing EOB's. */ - n = _yybytes_len + 2; - buf = (char *) yyalloc(n ); - if ( ! buf ) - YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" ); - - for ( i = 0; i < _yybytes_len; ++i ) - buf[i] = yybytes[i]; - - buf[_yybytes_len] = buf[_yybytes_len+1] = YY_END_OF_BUFFER_CHAR; - - b = yy_scan_buffer(buf,n ); - if ( ! b ) - YY_FATAL_ERROR( "bad buffer in yy_scan_bytes()" ); - - /* It's okay to grow etc. this buffer, and we should throw it - * away when we're done. - */ - b->yy_is_our_buffer = 1; - - return b; -} - -#ifndef YY_EXIT_FAILURE -#define YY_EXIT_FAILURE 2 -#endif - -static void yy_fatal_error (yyconst char* msg ) -{ - (void) fprintf( stderr, "%s\n", msg ); - exit( YY_EXIT_FAILURE ); -} - -/* Redefine yyless() so it works in section 3 code. */ - -#undef yyless -#define yyless(n) \ - do \ - { \ - /* Undo effects of setting up yytext. */ \ - int yyless_macro_arg = (n); \ - YY_LESS_LINENO(yyless_macro_arg);\ - yytext[yyleng] = (yy_hold_char); \ - (yy_c_buf_p) = yytext + yyless_macro_arg; \ - (yy_hold_char) = *(yy_c_buf_p); \ - *(yy_c_buf_p) = '\0'; \ - yyleng = yyless_macro_arg; \ - } \ - while ( 0 ) - -/* Accessor methods (get/set functions) to struct members. */ - -/** Get the current line number. - * - */ -int yyget_lineno (void) -{ - - return yylineno; -} - -/** Get the input stream. - * - */ -FILE *yyget_in (void) -{ - return yyin; -} - -/** Get the output stream. - * - */ -FILE *yyget_out (void) -{ - return yyout; -} - -/** Get the length of the current token. - * - */ -int yyget_leng (void) -{ - return yyleng; -} - -/** Get the current token. - * - */ - -char *yyget_text (void) -{ - return yytext; -} - -/** Set the current line number. - * @param line_number - * - */ -void yyset_lineno (int line_number ) -{ - - yylineno = line_number; -} - -/** Set the input stream. This does not discard the current - * input buffer. - * @param in_str A readable stream. - * - * @see yy_switch_to_buffer - */ -void yyset_in (FILE * in_str ) -{ - yyin = in_str ; -} - -void yyset_out (FILE * out_str ) -{ - yyout = out_str ; -} - -int yyget_debug (void) -{ - return yy_flex_debug; -} - -void yyset_debug (int bdebug ) -{ - yy_flex_debug = bdebug ; -} - -static int yy_init_globals (void) -{ - /* Initialization is the same as for the non-reentrant scanner. - * This function is called from yylex_destroy(), so don't allocate here. - */ - - (yy_buffer_stack) = 0; - (yy_buffer_stack_top) = 0; - (yy_buffer_stack_max) = 0; - (yy_c_buf_p) = (char *) 0; - (yy_init) = 0; - (yy_start) = 0; - -/* Defined in main.c */ -#ifdef YY_STDINIT - yyin = stdin; - yyout = stdout; -#else - yyin = (FILE *) 0; - yyout = (FILE *) 0; -#endif - - /* For future reference: Set errno on error, since we are called by - * yylex_init() - */ - return 0; -} - -/* yylex_destroy is for both reentrant and non-reentrant scanners. */ -int yylex_destroy (void) -{ - - /* Pop the buffer stack, destroying each element. */ - while(YY_CURRENT_BUFFER){ - yy_delete_buffer(YY_CURRENT_BUFFER ); - YY_CURRENT_BUFFER_LVALUE = NULL; - yypop_buffer_state(); - } - - /* Destroy the stack itself. */ - yyfree((yy_buffer_stack) ); - (yy_buffer_stack) = NULL; - - /* Reset the globals. This is important in a non-reentrant scanner so the next time - * yylex() is called, initialization will occur. */ - yy_init_globals( ); - - return 0; -} - -/* - * Internal utility routines. - */ - -#ifndef yytext_ptr -static void yy_flex_strncpy (char* s1, yyconst char * s2, int n ) -{ - register int i; - for ( i = 0; i < n; ++i ) - s1[i] = s2[i]; -} -#endif - -#ifdef YY_NEED_STRLEN -static int yy_flex_strlen (yyconst char * s ) -{ - register int n; - for ( n = 0; s[n]; ++n ) - ; - - return n; -} -#endif - -void *yyalloc (yy_size_t size ) -{ - return (void *) malloc( size ); -} - -void *yyrealloc (void * ptr, yy_size_t size ) -{ - /* The cast to (char *) in the following accommodates both - * implementations that use char* generic pointers, and those - * that use void* generic pointers. It works with the latter - * because both ANSI C and C++ allow castless assignment from - * any pointer type to void*, and deal with argument conversions - * as though doing an assignment. - */ - return (void *) realloc( (char *) ptr, size ); -} - -void yyfree (void * ptr ) -{ - free( (char *) ptr ); /* see yyrealloc() for (char *) cast */ -} - -#define YYTABLES_NAME "yytables" - -#line 274 "lex.l" - - - -#ifndef yywrap /* XXX */ -int -yywrap () -{ - return 1; -} -#endif - -void -error_message (const char *format, ...) -{ - va_list args; - - va_start (args, format); - fprintf (stderr, "%s:%d: ", get_filename(), lineno); - vfprintf (stderr, format, args); - va_end (args); - error_flag++; -} - -static void -unterminated(const char *type, unsigned start_lineno) -{ - error_message("unterminated %s, possibly started on line %d\n", type, start_lineno); -} - diff --git a/crypto/heimdal/lib/asn1/lex.h b/crypto/heimdal/lib/asn1/lex.h deleted file mode 100644 index 7aececf6d7a0..000000000000 --- a/crypto/heimdal/lib/asn1/lex.h +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: lex.h 15617 2005-07-12 06:27:42Z lha $ */ - -#include - -void error_message (const char *, ...) -__attribute__ ((format (printf, 1, 2))); -extern int error_flag; - -int yylex(void); diff --git a/crypto/heimdal/lib/asn1/lex.l b/crypto/heimdal/lib/asn1/lex.l deleted file mode 100644 index ec744220e9c0..000000000000 --- a/crypto/heimdal/lib/asn1/lex.l +++ /dev/null @@ -1,300 +0,0 @@ -%{ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: lex.l 18738 2006-10-21 11:57:22Z lha $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#undef ECHO -#include "symbol.h" -#include "parse.h" -#include "lex.h" -#include "gen_locl.h" - -static unsigned lineno = 1; - -#undef ECHO - -static void unterminated(const char *, unsigned); - -%} - -/* This is for broken old lexes (solaris 10 and hpux) */ -%e 2000 -%p 5000 -%a 5000 -%n 1000 -%o 10000 - -%% -ABSENT { return kw_ABSENT; } -ABSTRACT-SYNTAX { return kw_ABSTRACT_SYNTAX; } -ALL { return kw_ALL; } -APPLICATION { return kw_APPLICATION; } -AUTOMATIC { return kw_AUTOMATIC; } -BEGIN { return kw_BEGIN; } -BIT { return kw_BIT; } -BMPString { return kw_BMPString; } -BOOLEAN { return kw_BOOLEAN; } -BY { return kw_BY; } -CHARACTER { return kw_CHARACTER; } -CHOICE { return kw_CHOICE; } -CLASS { return kw_CLASS; } -COMPONENT { return kw_COMPONENT; } -COMPONENTS { return kw_COMPONENTS; } -CONSTRAINED { return kw_CONSTRAINED; } -CONTAINING { return kw_CONTAINING; } -DEFAULT { return kw_DEFAULT; } -DEFINITIONS { return kw_DEFINITIONS; } -EMBEDDED { return kw_EMBEDDED; } -ENCODED { return kw_ENCODED; } -END { return kw_END; } -ENUMERATED { return kw_ENUMERATED; } -EXCEPT { return kw_EXCEPT; } -EXPLICIT { return kw_EXPLICIT; } -EXPORTS { return kw_EXPORTS; } -EXTENSIBILITY { return kw_EXTENSIBILITY; } -EXTERNAL { return kw_EXTERNAL; } -FALSE { return kw_FALSE; } -FROM { return kw_FROM; } -GeneralString { return kw_GeneralString; } -GeneralizedTime { return kw_GeneralizedTime; } -GraphicString { return kw_GraphicString; } -IA5String { return kw_IA5String; } -IDENTIFIER { return kw_IDENTIFIER; } -IMPLICIT { return kw_IMPLICIT; } -IMPLIED { return kw_IMPLIED; } -IMPORTS { return kw_IMPORTS; } -INCLUDES { return kw_INCLUDES; } -INSTANCE { return kw_INSTANCE; } -INTEGER { return kw_INTEGER; } -INTERSECTION { return kw_INTERSECTION; } -ISO646String { return kw_ISO646String; } -MAX { return kw_MAX; } -MIN { return kw_MIN; } -MINUS-INFINITY { return kw_MINUS_INFINITY; } -NULL { return kw_NULL; } -NumericString { return kw_NumericString; } -OBJECT { return kw_OBJECT; } -OCTET { return kw_OCTET; } -OF { return kw_OF; } -OPTIONAL { return kw_OPTIONAL; } -ObjectDescriptor { return kw_ObjectDescriptor; } -PATTERN { return kw_PATTERN; } -PDV { return kw_PDV; } -PLUS-INFINITY { return kw_PLUS_INFINITY; } -PRESENT { return kw_PRESENT; } -PRIVATE { return kw_PRIVATE; } -PrintableString { return kw_PrintableString; } -REAL { return kw_REAL; } -RELATIVE_OID { return kw_RELATIVE_OID; } -SEQUENCE { return kw_SEQUENCE; } -SET { return kw_SET; } -SIZE { return kw_SIZE; } -STRING { return kw_STRING; } -SYNTAX { return kw_SYNTAX; } -T61String { return kw_T61String; } -TAGS { return kw_TAGS; } -TRUE { return kw_TRUE; } -TYPE-IDENTIFIER { return kw_TYPE_IDENTIFIER; } -TeletexString { return kw_TeletexString; } -UNION { return kw_UNION; } -UNIQUE { return kw_UNIQUE; } -UNIVERSAL { return kw_UNIVERSAL; } -UTCTime { return kw_UTCTime; } -UTF8String { return kw_UTF8String; } -UniversalString { return kw_UniversalString; } -VideotexString { return kw_VideotexString; } -VisibleString { return kw_VisibleString; } -WITH { return kw_WITH; } -[-,;{}()|] { return *yytext; } -"[" { return *yytext; } -"]" { return *yytext; } -::= { return EEQUAL; } --- { - int c, start_lineno = lineno; - int f = 0; - while((c = input()) != EOF) { - if(f && c == '-') - break; - if(c == '-') { - f = 1; - continue; - } - if(c == '\n') { - lineno++; - break; - } - f = 0; - } - if(c == EOF) - unterminated("comment", start_lineno); - } -\/\* { - int c, start_lineno = lineno; - int level = 1; - int seen_star = 0; - int seen_slash = 0; - while((c = input()) != EOF) { - if(c == '/') { - if(seen_star) { - if(--level == 0) - break; - seen_star = 0; - continue; - } - seen_slash = 1; - continue; - } - if(seen_star && c == '/') { - if(--level == 0) - break; - seen_star = 0; - continue; - } - if(c == '*') { - if(seen_slash) { - level++; - seen_star = seen_slash = 0; - continue; - } - seen_star = 1; - continue; - } - seen_star = seen_slash = 0; - if(c == '\n') { - lineno++; - continue; - } - } - if(c == EOF) - unterminated("comment", start_lineno); - } -"\"" { - int start_lineno = lineno; - int c; - char buf[1024]; - char *p = buf; - int f = 0; - int skip_ws = 0; - - while((c = input()) != EOF) { - if(isspace(c) && skip_ws) { - if(c == '\n') - lineno++; - continue; - } - skip_ws = 0; - - if(c == '"') { - if(f) { - *p++ = '"'; - f = 0; - } else - f = 1; - continue; - } - if(f == 1) { - unput(c); - break; - } - if(c == '\n') { - lineno++; - while(p > buf && isspace((unsigned char)p[-1])) - p--; - skip_ws = 1; - continue; - } - *p++ = c; - } - if(c == EOF) - unterminated("string", start_lineno); - *p++ = '\0'; - fprintf(stderr, "string -- %s\n", buf); - yylval.name = estrdup(buf); - return STRING; - } - --?0x[0-9A-Fa-f]+|-?[0-9]+ { char *e, *y = yytext; - yylval.constant = strtol((const char *)yytext, - &e, 0); - if(e == y) - error_message("malformed constant (%s)", yytext); - else - return NUMBER; - } -[A-Za-z][-A-Za-z0-9_]* { - yylval.name = estrdup ((const char *)yytext); - return IDENTIFIER; - } -[ \t] ; -\n { ++lineno; } -\.\.\. { return ELLIPSIS; } -\.\. { return RANGE; } -. { error_message("Ignoring char(%c)\n", *yytext); } -%% - -#ifndef yywrap /* XXX */ -int -yywrap () -{ - return 1; -} -#endif - -void -error_message (const char *format, ...) -{ - va_list args; - - va_start (args, format); - fprintf (stderr, "%s:%d: ", get_filename(), lineno); - vfprintf (stderr, format, args); - va_end (args); - error_flag++; -} - -static void -unterminated(const char *type, unsigned start_lineno) -{ - error_message("unterminated %s, possibly started on line %d\n", type, start_lineno); -} diff --git a/crypto/heimdal/lib/asn1/main.c b/crypto/heimdal/lib/asn1/main.c deleted file mode 100644 index 3b4a8122cada..000000000000 --- a/crypto/heimdal/lib/asn1/main.c +++ /dev/null @@ -1,133 +0,0 @@ -/* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gen_locl.h" -#include -#include "lex.h" - -RCSID("$Id: main.c 20858 2007-06-03 18:56:41Z lha $"); - -extern FILE *yyin; - -static getarg_strings preserve; -static getarg_strings seq; - -int -preserve_type(const char *p) -{ - int i; - for (i = 0; i < preserve.num_strings; i++) - if (strcmp(preserve.strings[i], p) == 0) - return 1; - return 0; -} - -int -seq_type(const char *p) -{ - int i; - for (i = 0; i < seq.num_strings; i++) - if (strcmp(seq.strings[i], p) == 0) - return 1; - return 0; -} - -int dce_fix; -int rfc1510_bitstring; -int version_flag; -int help_flag; -struct getargs args[] = { - { "encode-rfc1510-bit-string", 0, arg_flag, &rfc1510_bitstring }, - { "decode-dce-ber", 0, arg_flag, &dce_fix }, - { "preserve-binary", 0, arg_strings, &preserve }, - { "sequence", 0, arg_strings, &seq }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; -int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage(int code) -{ - arg_printusage(args, num_args, NULL, "[asn1-file [name]]"); - exit(code); -} - -int error_flag; - -int -main(int argc, char **argv) -{ - int ret; - const char *file; - const char *name = NULL; - int optidx = 0; - - setprogname(argv[0]); - if(getarg(args, num_args, argc, argv, &optidx)) - usage(1); - if(help_flag) - usage(0); - if(version_flag) { - print_version(NULL); - exit(0); - } - if (argc == optidx) { - file = "stdin"; - name = "stdin"; - yyin = stdin; - } else { - file = argv[optidx]; - yyin = fopen (file, "r"); - if (yyin == NULL) - err (1, "open %s", file); - if (argc == optidx + 1) { - char *p; - name = estrdup(file); - p = strrchr(name, '.'); - if (p) - *p = '\0'; - } else - name = argv[optidx + 1]; - } - - init_generate (file, name); - initsym (); - ret = yyparse (); - if(ret != 0 || error_flag != 0) - exit(1); - close_generate (); - if (argc != optidx) - fclose(yyin); - return 0; -} diff --git a/crypto/heimdal/lib/asn1/parse.c b/crypto/heimdal/lib/asn1/parse.c deleted file mode 100644 index 9800d54de838..000000000000 --- a/crypto/heimdal/lib/asn1/parse.c +++ /dev/null @@ -1,2831 +0,0 @@ -/* A Bison parser, made by GNU Bison 2.3. */ - -/* Skeleton implementation for Bison's Yacc-like parsers in C - - Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 - Free Software Foundation, Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2, or (at your option) - any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, - Boston, MA 02110-1301, USA. */ - -/* As a special exception, you may create a larger work that contains - part or all of the Bison parser skeleton and distribute that work - under terms of your choice, so long as that work isn't itself a - parser generator using the skeleton or a modified version thereof - as a parser skeleton. Alternatively, if you modify or redistribute - the parser skeleton itself, you may (at your option) remove this - special exception, which will cause the skeleton and the resulting - Bison output files to be licensed under the GNU General Public - License without this special exception. - - This special exception was added by the Free Software Foundation in - version 2.2 of Bison. */ - -/* C LALR(1) parser skeleton written by Richard Stallman, by - simplifying the original so-called "semantic" parser. */ - -/* All symbols defined below should begin with yy or YY, to avoid - infringing on user name space. This should be done even for local - variables, as they might otherwise be expanded by user macros. - There are some unavoidable exceptions within include files to - define necessary library symbols; they are noted "INFRINGES ON - USER NAME SPACE" below. */ - -/* Identify Bison output. */ -#define YYBISON 1 - -/* Bison version. */ -#define YYBISON_VERSION "2.3" - -/* Skeleton name. */ -#define YYSKELETON_NAME "yacc.c" - -/* Pure parsers. */ -#define YYPURE 0 - -/* Using locations. */ -#define YYLSP_NEEDED 0 - - - -/* Tokens. */ -#ifndef YYTOKENTYPE -# define YYTOKENTYPE - /* Put the tokens into the symbol table, so that GDB and other debuggers - know about them. */ - enum yytokentype { - kw_ABSENT = 258, - kw_ABSTRACT_SYNTAX = 259, - kw_ALL = 260, - kw_APPLICATION = 261, - kw_AUTOMATIC = 262, - kw_BEGIN = 263, - kw_BIT = 264, - kw_BMPString = 265, - kw_BOOLEAN = 266, - kw_BY = 267, - kw_CHARACTER = 268, - kw_CHOICE = 269, - kw_CLASS = 270, - kw_COMPONENT = 271, - kw_COMPONENTS = 272, - kw_CONSTRAINED = 273, - kw_CONTAINING = 274, - kw_DEFAULT = 275, - kw_DEFINITIONS = 276, - kw_EMBEDDED = 277, - kw_ENCODED = 278, - kw_END = 279, - kw_ENUMERATED = 280, - kw_EXCEPT = 281, - kw_EXPLICIT = 282, - kw_EXPORTS = 283, - kw_EXTENSIBILITY = 284, - kw_EXTERNAL = 285, - kw_FALSE = 286, - kw_FROM = 287, - kw_GeneralString = 288, - kw_GeneralizedTime = 289, - kw_GraphicString = 290, - kw_IA5String = 291, - kw_IDENTIFIER = 292, - kw_IMPLICIT = 293, - kw_IMPLIED = 294, - kw_IMPORTS = 295, - kw_INCLUDES = 296, - kw_INSTANCE = 297, - kw_INTEGER = 298, - kw_INTERSECTION = 299, - kw_ISO646String = 300, - kw_MAX = 301, - kw_MIN = 302, - kw_MINUS_INFINITY = 303, - kw_NULL = 304, - kw_NumericString = 305, - kw_OBJECT = 306, - kw_OCTET = 307, - kw_OF = 308, - kw_OPTIONAL = 309, - kw_ObjectDescriptor = 310, - kw_PATTERN = 311, - kw_PDV = 312, - kw_PLUS_INFINITY = 313, - kw_PRESENT = 314, - kw_PRIVATE = 315, - kw_PrintableString = 316, - kw_REAL = 317, - kw_RELATIVE_OID = 318, - kw_SEQUENCE = 319, - kw_SET = 320, - kw_SIZE = 321, - kw_STRING = 322, - kw_SYNTAX = 323, - kw_T61String = 324, - kw_TAGS = 325, - kw_TRUE = 326, - kw_TYPE_IDENTIFIER = 327, - kw_TeletexString = 328, - kw_UNION = 329, - kw_UNIQUE = 330, - kw_UNIVERSAL = 331, - kw_UTCTime = 332, - kw_UTF8String = 333, - kw_UniversalString = 334, - kw_VideotexString = 335, - kw_VisibleString = 336, - kw_WITH = 337, - RANGE = 338, - EEQUAL = 339, - ELLIPSIS = 340, - IDENTIFIER = 341, - referencename = 342, - STRING = 343, - NUMBER = 344 - }; -#endif -/* Tokens. */ -#define kw_ABSENT 258 -#define kw_ABSTRACT_SYNTAX 259 -#define kw_ALL 260 -#define kw_APPLICATION 261 -#define kw_AUTOMATIC 262 -#define kw_BEGIN 263 -#define kw_BIT 264 -#define kw_BMPString 265 -#define kw_BOOLEAN 266 -#define kw_BY 267 -#define kw_CHARACTER 268 -#define kw_CHOICE 269 -#define kw_CLASS 270 -#define kw_COMPONENT 271 -#define kw_COMPONENTS 272 -#define kw_CONSTRAINED 273 -#define kw_CONTAINING 274 -#define kw_DEFAULT 275 -#define kw_DEFINITIONS 276 -#define kw_EMBEDDED 277 -#define kw_ENCODED 278 -#define kw_END 279 -#define kw_ENUMERATED 280 -#define kw_EXCEPT 281 -#define kw_EXPLICIT 282 -#define kw_EXPORTS 283 -#define kw_EXTENSIBILITY 284 -#define kw_EXTERNAL 285 -#define kw_FALSE 286 -#define kw_FROM 287 -#define kw_GeneralString 288 -#define kw_GeneralizedTime 289 -#define kw_GraphicString 290 -#define kw_IA5String 291 -#define kw_IDENTIFIER 292 -#define kw_IMPLICIT 293 -#define kw_IMPLIED 294 -#define kw_IMPORTS 295 -#define kw_INCLUDES 296 -#define kw_INSTANCE 297 -#define kw_INTEGER 298 -#define kw_INTERSECTION 299 -#define kw_ISO646String 300 -#define kw_MAX 301 -#define kw_MIN 302 -#define kw_MINUS_INFINITY 303 -#define kw_NULL 304 -#define kw_NumericString 305 -#define kw_OBJECT 306 -#define kw_OCTET 307 -#define kw_OF 308 -#define kw_OPTIONAL 309 -#define kw_ObjectDescriptor 310 -#define kw_PATTERN 311 -#define kw_PDV 312 -#define kw_PLUS_INFINITY 313 -#define kw_PRESENT 314 -#define kw_PRIVATE 315 -#define kw_PrintableString 316 -#define kw_REAL 317 -#define kw_RELATIVE_OID 318 -#define kw_SEQUENCE 319 -#define kw_SET 320 -#define kw_SIZE 321 -#define kw_STRING 322 -#define kw_SYNTAX 323 -#define kw_T61String 324 -#define kw_TAGS 325 -#define kw_TRUE 326 -#define kw_TYPE_IDENTIFIER 327 -#define kw_TeletexString 328 -#define kw_UNION 329 -#define kw_UNIQUE 330 -#define kw_UNIVERSAL 331 -#define kw_UTCTime 332 -#define kw_UTF8String 333 -#define kw_UniversalString 334 -#define kw_VideotexString 335 -#define kw_VisibleString 336 -#define kw_WITH 337 -#define RANGE 338 -#define EEQUAL 339 -#define ELLIPSIS 340 -#define IDENTIFIER 341 -#define referencename 342 -#define STRING 343 -#define NUMBER 344 - - - - -/* Copy the first part of user declarations. */ -#line 36 "parse.y" - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include "symbol.h" -#include "lex.h" -#include "gen_locl.h" -#include "der.h" - -RCSID("$Id: parse.y 21597 2007-07-16 18:48:58Z lha $"); - -static Type *new_type (Typetype t); -static struct constraint_spec *new_constraint_spec(enum ctype); -static Type *new_tag(int tagclass, int tagvalue, int tagenv, Type *oldtype); -void yyerror (const char *); -static struct objid *new_objid(const char *label, int value); -static void add_oid_to_tail(struct objid *, struct objid *); -static void fix_labels(Symbol *s); - -struct string_list { - char *string; - struct string_list *next; -}; - - - -/* Enabling traces. */ -#ifndef YYDEBUG -# define YYDEBUG 1 -#endif - -/* Enabling verbose error messages. */ -#ifdef YYERROR_VERBOSE -# undef YYERROR_VERBOSE -# define YYERROR_VERBOSE 1 -#else -# define YYERROR_VERBOSE 0 -#endif - -/* Enabling the token table. */ -#ifndef YYTOKEN_TABLE -# define YYTOKEN_TABLE 0 -#endif - -#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED -typedef union YYSTYPE -#line 65 "parse.y" -{ - int constant; - struct value *value; - struct range *range; - char *name; - Type *type; - Member *member; - struct objid *objid; - char *defval; - struct string_list *sl; - struct tagtype tag; - struct memhead *members; - struct constraint_spec *constraint_spec; -} -/* Line 193 of yacc.c. */ -#line 318 "parse.c" - YYSTYPE; -# define yystype YYSTYPE /* obsolescent; will be withdrawn */ -# define YYSTYPE_IS_DECLARED 1 -# define YYSTYPE_IS_TRIVIAL 1 -#endif - - - -/* Copy the second part of user declarations. */ - - -/* Line 216 of yacc.c. */ -#line 331 "parse.c" - -#ifdef short -# undef short -#endif - -#ifdef YYTYPE_UINT8 -typedef YYTYPE_UINT8 yytype_uint8; -#else -typedef unsigned char yytype_uint8; -#endif - -#ifdef YYTYPE_INT8 -typedef YYTYPE_INT8 yytype_int8; -#elif (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -typedef signed char yytype_int8; -#else -typedef short int yytype_int8; -#endif - -#ifdef YYTYPE_UINT16 -typedef YYTYPE_UINT16 yytype_uint16; -#else -typedef unsigned short int yytype_uint16; -#endif - -#ifdef YYTYPE_INT16 -typedef YYTYPE_INT16 yytype_int16; -#else -typedef short int yytype_int16; -#endif - -#ifndef YYSIZE_T -# ifdef __SIZE_TYPE__ -# define YYSIZE_T __SIZE_TYPE__ -# elif defined size_t -# define YYSIZE_T size_t -# elif ! defined YYSIZE_T && (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -# include /* INFRINGES ON USER NAME SPACE */ -# define YYSIZE_T size_t -# else -# define YYSIZE_T unsigned int -# endif -#endif - -#define YYSIZE_MAXIMUM ((YYSIZE_T) -1) - -#ifndef YY_ -# if defined YYENABLE_NLS && YYENABLE_NLS -# if ENABLE_NLS -# include /* INFRINGES ON USER NAME SPACE */ -# define YY_(msgid) dgettext ("bison-runtime", msgid) -# endif -# endif -# ifndef YY_ -# define YY_(msgid) msgid -# endif -#endif - -/* Suppress unused-variable warnings by "using" E. */ -#if ! defined lint || defined __GNUC__ -# define YYUSE(e) ((void) (e)) -#else -# define YYUSE(e) /* empty */ -#endif - -/* Identity function, used to suppress warnings about constant conditions. */ -#ifndef lint -# define YYID(n) (n) -#else -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static int -YYID (int i) -#else -static int -YYID (i) - int i; -#endif -{ - return i; -} -#endif - -#if ! defined yyoverflow || YYERROR_VERBOSE - -/* The parser invokes alloca or malloc; define the necessary symbols. */ - -# ifdef YYSTACK_USE_ALLOCA -# if YYSTACK_USE_ALLOCA -# ifdef __GNUC__ -# define YYSTACK_ALLOC __builtin_alloca -# elif defined __BUILTIN_VA_ARG_INCR -# include /* INFRINGES ON USER NAME SPACE */ -# elif defined _AIX -# define YYSTACK_ALLOC __alloca -# elif defined _MSC_VER -# include /* INFRINGES ON USER NAME SPACE */ -# define alloca _alloca -# else -# define YYSTACK_ALLOC alloca -# if ! defined _ALLOCA_H && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -# include /* INFRINGES ON USER NAME SPACE */ -# ifndef _STDLIB_H -# define _STDLIB_H 1 -# endif -# endif -# endif -# endif -# endif - -# ifdef YYSTACK_ALLOC - /* Pacify GCC's `empty if-body' warning. */ -# define YYSTACK_FREE(Ptr) do { /* empty */; } while (YYID (0)) -# ifndef YYSTACK_ALLOC_MAXIMUM - /* The OS might guarantee only one guard page at the bottom of the stack, - and a page size can be as small as 4096 bytes. So we cannot safely - invoke alloca (N) if N exceeds 4096. Use a slightly smaller number - to allow for a few compiler-allocated temporary stack slots. */ -# define YYSTACK_ALLOC_MAXIMUM 4032 /* reasonable circa 2006 */ -# endif -# else -# define YYSTACK_ALLOC YYMALLOC -# define YYSTACK_FREE YYFREE -# ifndef YYSTACK_ALLOC_MAXIMUM -# define YYSTACK_ALLOC_MAXIMUM YYSIZE_MAXIMUM -# endif -# if (defined __cplusplus && ! defined _STDLIB_H \ - && ! ((defined YYMALLOC || defined malloc) \ - && (defined YYFREE || defined free))) -# include /* INFRINGES ON USER NAME SPACE */ -# ifndef _STDLIB_H -# define _STDLIB_H 1 -# endif -# endif -# ifndef YYMALLOC -# define YYMALLOC malloc -# if ! defined malloc && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -void *malloc (YYSIZE_T); /* INFRINGES ON USER NAME SPACE */ -# endif -# endif -# ifndef YYFREE -# define YYFREE free -# if ! defined free && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -void free (void *); /* INFRINGES ON USER NAME SPACE */ -# endif -# endif -# endif -#endif /* ! defined yyoverflow || YYERROR_VERBOSE */ - - -#if (! defined yyoverflow \ - && (! defined __cplusplus \ - || (defined YYSTYPE_IS_TRIVIAL && YYSTYPE_IS_TRIVIAL))) - -/* A type that is properly aligned for any stack member. */ -union yyalloc -{ - yytype_int16 yyss; - YYSTYPE yyvs; - }; - -/* The size of the maximum gap between one aligned stack and the next. */ -# define YYSTACK_GAP_MAXIMUM (sizeof (union yyalloc) - 1) - -/* The size of an array large to enough to hold all stacks, each with - N elements. */ -# define YYSTACK_BYTES(N) \ - ((N) * (sizeof (yytype_int16) + sizeof (YYSTYPE)) \ - + YYSTACK_GAP_MAXIMUM) - -/* Copy COUNT objects from FROM to TO. The source and destination do - not overlap. */ -# ifndef YYCOPY -# if defined __GNUC__ && 1 < __GNUC__ -# define YYCOPY(To, From, Count) \ - __builtin_memcpy (To, From, (Count) * sizeof (*(From))) -# else -# define YYCOPY(To, From, Count) \ - do \ - { \ - YYSIZE_T yyi; \ - for (yyi = 0; yyi < (Count); yyi++) \ - (To)[yyi] = (From)[yyi]; \ - } \ - while (YYID (0)) -# endif -# endif - -/* Relocate STACK from its old location to the new one. The - local variables YYSIZE and YYSTACKSIZE give the old and new number of - elements in the stack, and YYPTR gives the new location of the - stack. Advance YYPTR to a properly aligned location for the next - stack. */ -# define YYSTACK_RELOCATE(Stack) \ - do \ - { \ - YYSIZE_T yynewbytes; \ - YYCOPY (&yyptr->Stack, Stack, yysize); \ - Stack = &yyptr->Stack; \ - yynewbytes = yystacksize * sizeof (*Stack) + YYSTACK_GAP_MAXIMUM; \ - yyptr += yynewbytes / sizeof (*yyptr); \ - } \ - while (YYID (0)) - -#endif - -/* YYFINAL -- State number of the termination state. */ -#define YYFINAL 6 -/* YYLAST -- Last index in YYTABLE. */ -#define YYLAST 195 - -/* YYNTOKENS -- Number of terminals. */ -#define YYNTOKENS 98 -/* YYNNTS -- Number of nonterminals. */ -#define YYNNTS 68 -/* YYNRULES -- Number of rules. */ -#define YYNRULES 136 -/* YYNRULES -- Number of states. */ -#define YYNSTATES 214 - -/* YYTRANSLATE(YYLEX) -- Bison symbol number corresponding to YYLEX. */ -#define YYUNDEFTOK 2 -#define YYMAXUTOK 344 - -#define YYTRANSLATE(YYX) \ - ((unsigned int) (YYX) <= YYMAXUTOK ? yytranslate[YYX] : YYUNDEFTOK) - -/* YYTRANSLATE[YYLEX] -- Bison symbol number corresponding to YYLEX. */ -static const yytype_uint8 yytranslate[] = -{ - 0, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 92, 93, 2, 2, 91, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 90, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 96, 2, 97, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 94, 2, 95, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 1, 2, 3, 4, - 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, - 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, - 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, - 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, - 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, - 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, - 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, - 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, - 85, 86, 87, 88, 89 -}; - -#if YYDEBUG -/* YYPRHS[YYN] -- Index of the first RHS symbol of rule number YYN in - YYRHS. */ -static const yytype_uint16 yyprhs[] = -{ - 0, 0, 3, 13, 16, 19, 22, 23, 26, 27, - 30, 31, 35, 36, 38, 39, 41, 44, 49, 51, - 54, 56, 58, 62, 64, 68, 70, 72, 74, 76, - 78, 80, 82, 84, 86, 88, 90, 92, 94, 96, - 98, 100, 102, 104, 110, 116, 122, 126, 128, 131, - 136, 138, 142, 146, 151, 156, 158, 161, 167, 170, - 174, 176, 177, 180, 185, 189, 194, 199, 203, 207, - 212, 214, 216, 218, 220, 222, 225, 229, 231, 233, - 235, 238, 242, 248, 253, 257, 262, 263, 265, 267, - 269, 270, 272, 274, 279, 281, 283, 285, 287, 289, - 291, 293, 295, 297, 301, 305, 308, 310, 313, 317, - 319, 323, 328, 330, 331, 335, 336, 339, 344, 346, - 348, 350, 352, 354, 356, 358, 360, 362, 364, 366, - 368, 370, 372, 374, 376, 378, 380 -}; - -/* YYRHS -- A `-1'-separated list of the rules' RHS. */ -static const yytype_int16 yyrhs[] = -{ - 99, 0, -1, 86, 151, 21, 100, 101, 84, 8, - 102, 24, -1, 27, 70, -1, 38, 70, -1, 7, - 70, -1, -1, 29, 39, -1, -1, 103, 107, -1, - -1, 40, 104, 90, -1, -1, 105, -1, -1, 106, - -1, 105, 106, -1, 109, 32, 86, 151, -1, 108, - -1, 108, 107, -1, 110, -1, 143, -1, 86, 91, - 109, -1, 86, -1, 86, 84, 111, -1, 112, -1, - 130, -1, 133, -1, 120, -1, 113, -1, 144, -1, - 129, -1, 118, -1, 115, -1, 123, -1, 121, -1, - 122, -1, 125, -1, 126, -1, 127, -1, 128, -1, - 139, -1, 11, -1, 92, 155, 83, 155, 93, -1, - 92, 155, 83, 46, 93, -1, 92, 47, 83, 155, - 93, -1, 92, 155, 93, -1, 43, -1, 43, 114, - -1, 43, 94, 116, 95, -1, 117, -1, 116, 91, - 117, -1, 116, 91, 85, -1, 86, 92, 163, 93, - -1, 25, 94, 119, 95, -1, 116, -1, 9, 67, - -1, 9, 67, 94, 149, 95, -1, 51, 37, -1, - 52, 67, 124, -1, 49, -1, -1, 66, 114, -1, - 64, 94, 146, 95, -1, 64, 94, 95, -1, 64, - 124, 53, 111, -1, 65, 94, 146, 95, -1, 65, - 94, 95, -1, 65, 53, 111, -1, 14, 94, 146, - 95, -1, 131, -1, 132, -1, 86, -1, 34, -1, - 77, -1, 111, 134, -1, 92, 135, 93, -1, 136, - -1, 137, -1, 138, -1, 19, 111, -1, 23, 12, - 155, -1, 19, 111, 23, 12, 155, -1, 18, 12, - 94, 95, -1, 140, 142, 111, -1, 96, 141, 89, - 97, -1, -1, 76, -1, 6, -1, 60, -1, -1, - 27, -1, 38, -1, 86, 111, 84, 155, -1, 145, - -1, 33, -1, 78, -1, 61, -1, 81, -1, 36, - -1, 10, -1, 79, -1, 148, -1, 146, 91, 148, - -1, 146, 91, 85, -1, 86, 111, -1, 147, -1, - 147, 54, -1, 147, 20, 155, -1, 150, -1, 149, - 91, 150, -1, 86, 92, 89, 93, -1, 152, -1, - -1, 94, 153, 95, -1, -1, 154, 153, -1, 86, - 92, 89, 93, -1, 86, -1, 89, -1, 156, -1, - 157, -1, 161, -1, 160, -1, 162, -1, 165, -1, - 164, -1, 158, -1, 159, -1, 86, -1, 88, -1, - 71, -1, 31, -1, 163, -1, 89, -1, 49, -1, - 152, -1 -}; - -/* YYRLINE[YYN] -- source line where rule number YYN was defined. */ -static const yytype_uint16 yyrline[] = -{ - 0, 233, 233, 240, 241, 243, 245, 248, 250, 253, - 254, 257, 258, 261, 262, 265, 266, 269, 280, 281, - 284, 285, 288, 294, 302, 312, 313, 314, 317, 318, - 319, 320, 321, 322, 323, 324, 325, 326, 327, 328, - 329, 330, 333, 340, 350, 358, 366, 377, 382, 388, - 396, 402, 407, 411, 424, 432, 435, 442, 450, 456, - 465, 473, 474, 479, 485, 493, 502, 508, 516, 524, - 531, 532, 535, 546, 551, 558, 574, 580, 583, 584, - 587, 593, 601, 611, 617, 630, 639, 642, 646, 650, - 657, 660, 664, 671, 682, 685, 690, 695, 700, 705, - 710, 715, 723, 729, 734, 745, 756, 762, 768, 776, - 782, 789, 802, 803, 806, 813, 816, 827, 831, 842, - 848, 849, 852, 853, 854, 855, 856, 859, 862, 865, - 876, 884, 890, 898, 906, 909, 914 -}; -#endif - -#if YYDEBUG || YYERROR_VERBOSE || YYTOKEN_TABLE -/* YYTNAME[SYMBOL-NUM] -- String name of the symbol SYMBOL-NUM. - First, the terminals, then, starting at YYNTOKENS, nonterminals. */ -static const char *const yytname[] = -{ - "$end", "error", "$undefined", "kw_ABSENT", "kw_ABSTRACT_SYNTAX", - "kw_ALL", "kw_APPLICATION", "kw_AUTOMATIC", "kw_BEGIN", "kw_BIT", - "kw_BMPString", "kw_BOOLEAN", "kw_BY", "kw_CHARACTER", "kw_CHOICE", - "kw_CLASS", "kw_COMPONENT", "kw_COMPONENTS", "kw_CONSTRAINED", - "kw_CONTAINING", "kw_DEFAULT", "kw_DEFINITIONS", "kw_EMBEDDED", - "kw_ENCODED", "kw_END", "kw_ENUMERATED", "kw_EXCEPT", "kw_EXPLICIT", - "kw_EXPORTS", "kw_EXTENSIBILITY", "kw_EXTERNAL", "kw_FALSE", "kw_FROM", - "kw_GeneralString", "kw_GeneralizedTime", "kw_GraphicString", - "kw_IA5String", "kw_IDENTIFIER", "kw_IMPLICIT", "kw_IMPLIED", - "kw_IMPORTS", "kw_INCLUDES", "kw_INSTANCE", "kw_INTEGER", - "kw_INTERSECTION", "kw_ISO646String", "kw_MAX", "kw_MIN", - "kw_MINUS_INFINITY", "kw_NULL", "kw_NumericString", "kw_OBJECT", - "kw_OCTET", "kw_OF", "kw_OPTIONAL", "kw_ObjectDescriptor", "kw_PATTERN", - "kw_PDV", "kw_PLUS_INFINITY", "kw_PRESENT", "kw_PRIVATE", - "kw_PrintableString", "kw_REAL", "kw_RELATIVE_OID", "kw_SEQUENCE", - "kw_SET", "kw_SIZE", "kw_STRING", "kw_SYNTAX", "kw_T61String", "kw_TAGS", - "kw_TRUE", "kw_TYPE_IDENTIFIER", "kw_TeletexString", "kw_UNION", - "kw_UNIQUE", "kw_UNIVERSAL", "kw_UTCTime", "kw_UTF8String", - "kw_UniversalString", "kw_VideotexString", "kw_VisibleString", "kw_WITH", - "RANGE", "EEQUAL", "ELLIPSIS", "IDENTIFIER", "referencename", "STRING", - "NUMBER", "';'", "','", "'('", "')'", "'{'", "'}'", "'['", "']'", - "$accept", "ModuleDefinition", "TagDefault", "ExtensionDefault", - "ModuleBody", "Imports", "SymbolsImported", "SymbolsFromModuleList", - "SymbolsFromModule", "AssignmentList", "Assignment", "referencenames", - "TypeAssignment", "Type", "BuiltinType", "BooleanType", "range", - "IntegerType", "NamedNumberList", "NamedNumber", "EnumeratedType", - "Enumerations", "BitStringType", "ObjectIdentifierType", - "OctetStringType", "NullType", "size", "SequenceType", "SequenceOfType", - "SetType", "SetOfType", "ChoiceType", "ReferencedType", "DefinedType", - "UsefulType", "ConstrainedType", "Constraint", "ConstraintSpec", - "GeneralConstraint", "ContentsConstraint", "UserDefinedConstraint", - "TaggedType", "Tag", "Class", "tagenv", "ValueAssignment", - "CharacterStringType", "RestrictedCharactedStringType", - "ComponentTypeList", "NamedType", "ComponentType", "NamedBitList", - "NamedBit", "objid_opt", "objid", "objid_list", "objid_element", "Value", - "BuiltinValue", "ReferencedValue", "DefinedValue", "Valuereference", - "CharacterStringValue", "BooleanValue", "IntegerValue", "SignedNumber", - "NullValue", "ObjectIdentifierValue", 0 -}; -#endif - -# ifdef YYPRINT -/* YYTOKNUM[YYLEX-NUM] -- Internal token number corresponding to - token YYLEX-NUM. */ -static const yytype_uint16 yytoknum[] = -{ - 0, 256, 257, 258, 259, 260, 261, 262, 263, 264, - 265, 266, 267, 268, 269, 270, 271, 272, 273, 274, - 275, 276, 277, 278, 279, 280, 281, 282, 283, 284, - 285, 286, 287, 288, 289, 290, 291, 292, 293, 294, - 295, 296, 297, 298, 299, 300, 301, 302, 303, 304, - 305, 306, 307, 308, 309, 310, 311, 312, 313, 314, - 315, 316, 317, 318, 319, 320, 321, 322, 323, 324, - 325, 326, 327, 328, 329, 330, 331, 332, 333, 334, - 335, 336, 337, 338, 339, 340, 341, 342, 343, 344, - 59, 44, 40, 41, 123, 125, 91, 93 -}; -# endif - -/* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */ -static const yytype_uint8 yyr1[] = -{ - 0, 98, 99, 100, 100, 100, 100, 101, 101, 102, - 102, 103, 103, 104, 104, 105, 105, 106, 107, 107, - 108, 108, 109, 109, 110, 111, 111, 111, 112, 112, - 112, 112, 112, 112, 112, 112, 112, 112, 112, 112, - 112, 112, 113, 114, 114, 114, 114, 115, 115, 115, - 116, 116, 116, 117, 118, 119, 120, 120, 121, 122, - 123, 124, 124, 125, 125, 126, 127, 127, 128, 129, - 130, 130, 131, 132, 132, 133, 134, 135, 136, 136, - 137, 137, 137, 138, 139, 140, 141, 141, 141, 141, - 142, 142, 142, 143, 144, 145, 145, 145, 145, 145, - 145, 145, 146, 146, 146, 147, 148, 148, 148, 149, - 149, 150, 151, 151, 152, 153, 153, 154, 154, 154, - 155, 155, 156, 156, 156, 156, 156, 157, 158, 159, - 160, 161, 161, 162, 163, 164, 165 -}; - -/* YYR2[YYN] -- Number of symbols composing right hand side of rule YYN. */ -static const yytype_uint8 yyr2[] = -{ - 0, 2, 9, 2, 2, 2, 0, 2, 0, 2, - 0, 3, 0, 1, 0, 1, 2, 4, 1, 2, - 1, 1, 3, 1, 3, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 5, 5, 5, 3, 1, 2, 4, - 1, 3, 3, 4, 4, 1, 2, 5, 2, 3, - 1, 0, 2, 4, 3, 4, 4, 3, 3, 4, - 1, 1, 1, 1, 1, 2, 3, 1, 1, 1, - 2, 3, 5, 4, 3, 4, 0, 1, 1, 1, - 0, 1, 1, 4, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 3, 3, 2, 1, 2, 3, 1, - 3, 4, 1, 0, 3, 0, 2, 4, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1 -}; - -/* YYDEFACT[STATE-NAME] -- Default rule to reduce with in state - STATE-NUM when YYTABLE doesn't specify something else to do. Zero - means the default is an error. */ -static const yytype_uint8 yydefact[] = -{ - 0, 113, 0, 115, 0, 112, 1, 118, 119, 0, - 115, 6, 0, 114, 116, 0, 0, 0, 8, 0, - 5, 3, 4, 0, 0, 117, 7, 0, 10, 14, - 0, 0, 23, 0, 13, 15, 0, 2, 0, 9, - 18, 20, 21, 0, 11, 16, 0, 0, 100, 42, - 0, 0, 95, 73, 99, 47, 60, 0, 0, 97, - 61, 0, 74, 96, 101, 98, 0, 72, 86, 0, - 25, 29, 33, 32, 28, 35, 36, 34, 37, 38, - 39, 40, 31, 26, 70, 71, 27, 41, 90, 30, - 94, 19, 22, 113, 56, 0, 0, 0, 0, 48, - 58, 61, 0, 0, 0, 0, 0, 24, 88, 89, - 87, 0, 0, 0, 75, 91, 92, 0, 17, 0, - 0, 0, 106, 102, 0, 55, 50, 0, 132, 0, - 135, 131, 129, 130, 134, 136, 0, 120, 121, 127, - 128, 123, 122, 124, 133, 126, 125, 0, 59, 62, - 64, 0, 0, 68, 67, 0, 0, 93, 0, 0, - 0, 0, 77, 78, 79, 84, 0, 0, 109, 105, - 0, 69, 0, 107, 0, 0, 54, 0, 0, 46, - 49, 63, 65, 66, 85, 0, 80, 0, 76, 0, - 0, 57, 104, 103, 108, 0, 52, 51, 0, 0, - 0, 0, 0, 81, 0, 110, 53, 45, 44, 43, - 83, 0, 111, 82 -}; - -/* YYDEFGOTO[NTERM-NUM]. */ -static const yytype_int16 yydefgoto[] = -{ - -1, 2, 18, 24, 30, 31, 33, 34, 35, 39, - 40, 36, 41, 69, 70, 71, 99, 72, 125, 126, - 73, 127, 74, 75, 76, 77, 104, 78, 79, 80, - 81, 82, 83, 84, 85, 86, 114, 161, 162, 163, - 164, 87, 88, 111, 117, 42, 89, 90, 121, 122, - 123, 167, 168, 4, 135, 9, 10, 136, 137, 138, - 139, 140, 141, 142, 143, 144, 145, 146 -}; - -/* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing - STATE-NUM. */ -#define YYPACT_NINF -113 -static const yytype_int16 yypact[] = -{ - -74, -67, 38, -69, 23, -113, -113, -44, -113, -41, - -69, 4, -26, -113, -113, -3, 1, 10, 52, -10, - -113, -113, -113, 45, 13, -113, -113, 77, -35, 15, - 64, 19, 17, 20, 15, -113, 85, -113, 25, -113, - 19, -113, -113, 15, -113, -113, 27, 47, -113, -113, - 26, 29, -113, -113, -113, -30, -113, 89, 61, -113, - -57, -47, -113, -113, -113, -113, 82, -113, -4, -68, - -113, -113, -113, -113, -113, -113, -113, -113, -113, -113, - -113, -113, -113, -113, -113, -113, -113, -113, -17, -113, - -113, -113, -113, -67, 35, 33, 46, 51, 46, -113, - -113, 69, 44, -73, 88, 82, -72, 56, -113, -113, - -113, 49, 93, 7, -113, -113, -113, 82, -113, 58, - 82, -76, -13, -113, 57, 59, -113, 60, -113, 68, - -113, -113, -113, -113, -113, -113, -75, -113, -113, -113, - -113, -113, -113, -113, -113, -113, -113, -63, -113, -113, - -113, -62, 82, 56, -113, -46, 65, -113, 141, 82, - 142, 63, -113, -113, -113, 56, 66, -38, -113, 56, - -16, -113, 93, -113, 76, -7, -113, 93, 81, -113, - -113, -113, 56, -113, -113, 72, -19, 93, -113, 83, - 58, -113, -113, -113, -113, 78, -113, -113, 80, 84, - 87, 62, 162, -113, 90, -113, -113, -113, -113, -113, - -113, 93, -113, -113 -}; - -/* YYPGOTO[NTERM-NUM]. */ -static const yytype_int16 yypgoto[] = -{ - -113, -113, -113, -113, -113, -113, -113, -113, 150, 136, - -113, 143, -113, -65, -113, -113, 86, -113, 91, 16, - -113, -113, -113, -113, -113, -113, 92, -113, -113, -113, - -113, -113, -113, -113, -113, -113, -113, -113, -113, -113, - -113, -113, -113, -113, -113, -113, -113, -113, -60, -113, - 22, -113, -5, 97, 2, 184, -113, -112, -113, -113, - -113, -113, -113, -113, -113, 21, -113, -113 -}; - -/* YYTABLE[YYPACT[STATE-NUM]]. What to do in state STATE-NUM. If - positive, shift that token. If negative, reduce the rule which - number is the opposite. If zero, do what YYDEFACT says. - If YYTABLE_NINF, syntax error. */ -#define YYTABLE_NINF -13 -static const yytype_int16 yytable[] = -{ - 157, 107, 108, 5, 202, 29, 105, 172, 178, 102, - 115, 15, 1, 120, 120, 170, 112, 7, 179, 171, - 8, 116, 150, 154, 113, 158, 159, 3, 175, 170, - 160, 16, 180, 181, 47, 48, 49, 103, 6, 50, - 153, 173, 17, 151, 11, 170, 155, 106, 12, 183, - 51, -12, 165, 190, 13, 169, 109, 191, 52, 53, - 194, 54, 97, 19, 98, 198, 200, 20, 55, 192, - 120, 21, 110, 113, 56, 203, 57, 58, 196, 124, - 22, 23, 128, 25, 26, 28, 59, 182, 37, 60, - 61, 47, 48, 49, 186, 5, 50, 27, 129, 213, - 130, 32, 62, 63, 64, 38, 65, 51, 43, 66, - 44, 67, 128, 93, 94, 52, 53, 46, 54, 120, - 95, 68, 131, 96, 128, 55, 100, 199, 101, 119, - 130, 56, 124, 57, 58, 102, 97, 132, 156, 133, - 134, 152, 130, 59, 166, 3, 60, 61, 113, 174, - 175, 177, 131, 185, 187, 176, 188, 210, 189, 62, - 63, 64, 184, 65, 131, 134, 201, 132, 67, 133, - 134, 206, 204, 207, 211, 3, 91, 208, 68, 132, - 209, 133, 134, 212, 45, 205, 92, 3, 149, 147, - 118, 197, 193, 148, 14, 195 -}; - -static const yytype_uint8 yycheck[] = -{ - 112, 66, 6, 1, 23, 40, 53, 20, 83, 66, - 27, 7, 86, 86, 86, 91, 84, 86, 93, 95, - 89, 38, 95, 95, 92, 18, 19, 94, 91, 91, - 23, 27, 95, 95, 9, 10, 11, 94, 0, 14, - 105, 54, 38, 103, 21, 91, 106, 94, 92, 95, - 25, 86, 117, 91, 95, 120, 60, 95, 33, 34, - 172, 36, 92, 89, 94, 177, 178, 70, 43, 85, - 86, 70, 76, 92, 49, 187, 51, 52, 85, 86, - 70, 29, 31, 93, 39, 8, 61, 152, 24, 64, - 65, 9, 10, 11, 159, 93, 14, 84, 47, 211, - 49, 86, 77, 78, 79, 86, 81, 25, 91, 84, - 90, 86, 31, 86, 67, 33, 34, 32, 36, 86, - 94, 96, 71, 94, 31, 43, 37, 46, 67, 94, - 49, 49, 86, 51, 52, 66, 92, 86, 89, 88, - 89, 53, 49, 61, 86, 94, 64, 65, 92, 92, - 91, 83, 71, 12, 12, 95, 93, 95, 92, 77, - 78, 79, 97, 81, 71, 89, 94, 86, 86, 88, - 89, 93, 89, 93, 12, 94, 40, 93, 96, 86, - 93, 88, 89, 93, 34, 190, 43, 94, 102, 98, - 93, 175, 170, 101, 10, 174 -}; - -/* YYSTOS[STATE-NUM] -- The (internal number of the) accessing - symbol of state STATE-NUM. */ -static const yytype_uint8 yystos[] = -{ - 0, 86, 99, 94, 151, 152, 0, 86, 89, 153, - 154, 21, 92, 95, 153, 7, 27, 38, 100, 89, - 70, 70, 70, 29, 101, 93, 39, 84, 8, 40, - 102, 103, 86, 104, 105, 106, 109, 24, 86, 107, - 108, 110, 143, 91, 90, 106, 32, 9, 10, 11, - 14, 25, 33, 34, 36, 43, 49, 51, 52, 61, - 64, 65, 77, 78, 79, 81, 84, 86, 96, 111, - 112, 113, 115, 118, 120, 121, 122, 123, 125, 126, - 127, 128, 129, 130, 131, 132, 133, 139, 140, 144, - 145, 107, 109, 86, 67, 94, 94, 92, 94, 114, - 37, 67, 66, 94, 124, 53, 94, 111, 6, 60, - 76, 141, 84, 92, 134, 27, 38, 142, 151, 94, - 86, 146, 147, 148, 86, 116, 117, 119, 31, 47, - 49, 71, 86, 88, 89, 152, 155, 156, 157, 158, - 159, 160, 161, 162, 163, 164, 165, 116, 124, 114, - 95, 146, 53, 111, 95, 146, 89, 155, 18, 19, - 23, 135, 136, 137, 138, 111, 86, 149, 150, 111, - 91, 95, 20, 54, 92, 91, 95, 83, 83, 93, - 95, 95, 111, 95, 97, 12, 111, 12, 93, 92, - 91, 95, 85, 148, 155, 163, 85, 117, 155, 46, - 155, 94, 23, 155, 89, 150, 93, 93, 93, 93, - 95, 12, 93, 155 -}; - -#define yyerrok (yyerrstatus = 0) -#define yyclearin (yychar = YYEMPTY) -#define YYEMPTY (-2) -#define YYEOF 0 - -#define YYACCEPT goto yyacceptlab -#define YYABORT goto yyabortlab -#define YYERROR goto yyerrorlab - - -/* Like YYERROR except do call yyerror. This remains here temporarily - to ease the transition to the new meaning of YYERROR, for GCC. - Once GCC version 2 has supplanted version 1, this can go. */ - -#define YYFAIL goto yyerrlab - -#define YYRECOVERING() (!!yyerrstatus) - -#define YYBACKUP(Token, Value) \ -do \ - if (yychar == YYEMPTY && yylen == 1) \ - { \ - yychar = (Token); \ - yylval = (Value); \ - yytoken = YYTRANSLATE (yychar); \ - YYPOPSTACK (1); \ - goto yybackup; \ - } \ - else \ - { \ - yyerror (YY_("syntax error: cannot back up")); \ - YYERROR; \ - } \ -while (YYID (0)) - - -#define YYTERROR 1 -#define YYERRCODE 256 - - -/* YYLLOC_DEFAULT -- Set CURRENT to span from RHS[1] to RHS[N]. - If N is 0, then set CURRENT to the empty location which ends - the previous symbol: RHS[0] (always defined). */ - -#define YYRHSLOC(Rhs, K) ((Rhs)[K]) -#ifndef YYLLOC_DEFAULT -# define YYLLOC_DEFAULT(Current, Rhs, N) \ - do \ - if (YYID (N)) \ - { \ - (Current).first_line = YYRHSLOC (Rhs, 1).first_line; \ - (Current).first_column = YYRHSLOC (Rhs, 1).first_column; \ - (Current).last_line = YYRHSLOC (Rhs, N).last_line; \ - (Current).last_column = YYRHSLOC (Rhs, N).last_column; \ - } \ - else \ - { \ - (Current).first_line = (Current).last_line = \ - YYRHSLOC (Rhs, 0).last_line; \ - (Current).first_column = (Current).last_column = \ - YYRHSLOC (Rhs, 0).last_column; \ - } \ - while (YYID (0)) -#endif - - -/* YY_LOCATION_PRINT -- Print the location on the stream. - This macro was not mandated originally: define only if we know - we won't break user code: when these are the locations we know. */ - -#ifndef YY_LOCATION_PRINT -# if defined YYLTYPE_IS_TRIVIAL && YYLTYPE_IS_TRIVIAL -# define YY_LOCATION_PRINT(File, Loc) \ - fprintf (File, "%d.%d-%d.%d", \ - (Loc).first_line, (Loc).first_column, \ - (Loc).last_line, (Loc).last_column) -# else -# define YY_LOCATION_PRINT(File, Loc) ((void) 0) -# endif -#endif - - -/* YYLEX -- calling `yylex' with the right arguments. */ - -#ifdef YYLEX_PARAM -# define YYLEX yylex (YYLEX_PARAM) -#else -# define YYLEX yylex () -#endif - -/* Enable debugging if requested. */ -#if YYDEBUG - -# ifndef YYFPRINTF -# include /* INFRINGES ON USER NAME SPACE */ -# define YYFPRINTF fprintf -# endif - -# define YYDPRINTF(Args) \ -do { \ - if (yydebug) \ - YYFPRINTF Args; \ -} while (YYID (0)) - -# define YY_SYMBOL_PRINT(Title, Type, Value, Location) \ -do { \ - if (yydebug) \ - { \ - YYFPRINTF (stderr, "%s ", Title); \ - yy_symbol_print (stderr, \ - Type, Value); \ - YYFPRINTF (stderr, "\n"); \ - } \ -} while (YYID (0)) - - -/*--------------------------------. -| Print this symbol on YYOUTPUT. | -`--------------------------------*/ - -/*ARGSUSED*/ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yy_symbol_value_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep) -#else -static void -yy_symbol_value_print (yyoutput, yytype, yyvaluep) - FILE *yyoutput; - int yytype; - YYSTYPE const * const yyvaluep; -#endif -{ - if (!yyvaluep) - return; -# ifdef YYPRINT - if (yytype < YYNTOKENS) - YYPRINT (yyoutput, yytoknum[yytype], *yyvaluep); -# else - YYUSE (yyoutput); -# endif - switch (yytype) - { - default: - break; - } -} - - -/*--------------------------------. -| Print this symbol on YYOUTPUT. | -`--------------------------------*/ - -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yy_symbol_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep) -#else -static void -yy_symbol_print (yyoutput, yytype, yyvaluep) - FILE *yyoutput; - int yytype; - YYSTYPE const * const yyvaluep; -#endif -{ - if (yytype < YYNTOKENS) - YYFPRINTF (yyoutput, "token %s (", yytname[yytype]); - else - YYFPRINTF (yyoutput, "nterm %s (", yytname[yytype]); - - yy_symbol_value_print (yyoutput, yytype, yyvaluep); - YYFPRINTF (yyoutput, ")"); -} - -/*------------------------------------------------------------------. -| yy_stack_print -- Print the state stack from its BOTTOM up to its | -| TOP (included). | -`------------------------------------------------------------------*/ - -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yy_stack_print (yytype_int16 *bottom, yytype_int16 *top) -#else -static void -yy_stack_print (bottom, top) - yytype_int16 *bottom; - yytype_int16 *top; -#endif -{ - YYFPRINTF (stderr, "Stack now"); - for (; bottom <= top; ++bottom) - YYFPRINTF (stderr, " %d", *bottom); - YYFPRINTF (stderr, "\n"); -} - -# define YY_STACK_PRINT(Bottom, Top) \ -do { \ - if (yydebug) \ - yy_stack_print ((Bottom), (Top)); \ -} while (YYID (0)) - - -/*------------------------------------------------. -| Report that the YYRULE is going to be reduced. | -`------------------------------------------------*/ - -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yy_reduce_print (YYSTYPE *yyvsp, int yyrule) -#else -static void -yy_reduce_print (yyvsp, yyrule) - YYSTYPE *yyvsp; - int yyrule; -#endif -{ - int yynrhs = yyr2[yyrule]; - int yyi; - unsigned long int yylno = yyrline[yyrule]; - YYFPRINTF (stderr, "Reducing stack by rule %d (line %lu):\n", - yyrule - 1, yylno); - /* The symbols being reduced. */ - for (yyi = 0; yyi < yynrhs; yyi++) - { - fprintf (stderr, " $%d = ", yyi + 1); - yy_symbol_print (stderr, yyrhs[yyprhs[yyrule] + yyi], - &(yyvsp[(yyi + 1) - (yynrhs)]) - ); - fprintf (stderr, "\n"); - } -} - -# define YY_REDUCE_PRINT(Rule) \ -do { \ - if (yydebug) \ - yy_reduce_print (yyvsp, Rule); \ -} while (YYID (0)) - -/* Nonzero means print parse trace. It is left uninitialized so that - multiple parsers can coexist. */ -int yydebug; -#else /* !YYDEBUG */ -# define YYDPRINTF(Args) -# define YY_SYMBOL_PRINT(Title, Type, Value, Location) -# define YY_STACK_PRINT(Bottom, Top) -# define YY_REDUCE_PRINT(Rule) -#endif /* !YYDEBUG */ - - -/* YYINITDEPTH -- initial size of the parser's stacks. */ -#ifndef YYINITDEPTH -# define YYINITDEPTH 200 -#endif - -/* YYMAXDEPTH -- maximum size the stacks can grow to (effective only - if the built-in stack extension method is used). - - Do not make this value too large; the results are undefined if - YYSTACK_ALLOC_MAXIMUM < YYSTACK_BYTES (YYMAXDEPTH) - evaluated with infinite-precision integer arithmetic. */ - -#ifndef YYMAXDEPTH -# define YYMAXDEPTH 10000 -#endif - - - -#if YYERROR_VERBOSE - -# ifndef yystrlen -# if defined __GLIBC__ && defined _STRING_H -# define yystrlen strlen -# else -/* Return the length of YYSTR. */ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static YYSIZE_T -yystrlen (const char *yystr) -#else -static YYSIZE_T -yystrlen (yystr) - const char *yystr; -#endif -{ - YYSIZE_T yylen; - for (yylen = 0; yystr[yylen]; yylen++) - continue; - return yylen; -} -# endif -# endif - -# ifndef yystpcpy -# if defined __GLIBC__ && defined _STRING_H && defined _GNU_SOURCE -# define yystpcpy stpcpy -# else -/* Copy YYSRC to YYDEST, returning the address of the terminating '\0' in - YYDEST. */ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static char * -yystpcpy (char *yydest, const char *yysrc) -#else -static char * -yystpcpy (yydest, yysrc) - char *yydest; - const char *yysrc; -#endif -{ - char *yyd = yydest; - const char *yys = yysrc; - - while ((*yyd++ = *yys++) != '\0') - continue; - - return yyd - 1; -} -# endif -# endif - -# ifndef yytnamerr -/* Copy to YYRES the contents of YYSTR after stripping away unnecessary - quotes and backslashes, so that it's suitable for yyerror. The - heuristic is that double-quoting is unnecessary unless the string - contains an apostrophe, a comma, or backslash (other than - backslash-backslash). YYSTR is taken from yytname. If YYRES is - null, do not copy; instead, return the length of what the result - would have been. */ -static YYSIZE_T -yytnamerr (char *yyres, const char *yystr) -{ - if (*yystr == '"') - { - YYSIZE_T yyn = 0; - char const *yyp = yystr; - - for (;;) - switch (*++yyp) - { - case '\'': - case ',': - goto do_not_strip_quotes; - - case '\\': - if (*++yyp != '\\') - goto do_not_strip_quotes; - /* Fall through. */ - default: - if (yyres) - yyres[yyn] = *yyp; - yyn++; - break; - - case '"': - if (yyres) - yyres[yyn] = '\0'; - return yyn; - } - do_not_strip_quotes: ; - } - - if (! yyres) - return yystrlen (yystr); - - return yystpcpy (yyres, yystr) - yyres; -} -# endif - -/* Copy into YYRESULT an error message about the unexpected token - YYCHAR while in state YYSTATE. Return the number of bytes copied, - including the terminating null byte. If YYRESULT is null, do not - copy anything; just return the number of bytes that would be - copied. As a special case, return 0 if an ordinary "syntax error" - message will do. Return YYSIZE_MAXIMUM if overflow occurs during - size calculation. */ -static YYSIZE_T -yysyntax_error (char *yyresult, int yystate, int yychar) -{ - int yyn = yypact[yystate]; - - if (! (YYPACT_NINF < yyn && yyn <= YYLAST)) - return 0; - else - { - int yytype = YYTRANSLATE (yychar); - YYSIZE_T yysize0 = yytnamerr (0, yytname[yytype]); - YYSIZE_T yysize = yysize0; - YYSIZE_T yysize1; - int yysize_overflow = 0; - enum { YYERROR_VERBOSE_ARGS_MAXIMUM = 5 }; - char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM]; - int yyx; - -# if 0 - /* This is so xgettext sees the translatable formats that are - constructed on the fly. */ - YY_("syntax error, unexpected %s"); - YY_("syntax error, unexpected %s, expecting %s"); - YY_("syntax error, unexpected %s, expecting %s or %s"); - YY_("syntax error, unexpected %s, expecting %s or %s or %s"); - YY_("syntax error, unexpected %s, expecting %s or %s or %s or %s"); -# endif - char *yyfmt; - char const *yyf; - static char const yyunexpected[] = "syntax error, unexpected %s"; - static char const yyexpecting[] = ", expecting %s"; - static char const yyor[] = " or %s"; - char yyformat[sizeof yyunexpected - + sizeof yyexpecting - 1 - + ((YYERROR_VERBOSE_ARGS_MAXIMUM - 2) - * (sizeof yyor - 1))]; - char const *yyprefix = yyexpecting; - - /* Start YYX at -YYN if negative to avoid negative indexes in - YYCHECK. */ - int yyxbegin = yyn < 0 ? -yyn : 0; - - /* Stay within bounds of both yycheck and yytname. */ - int yychecklim = YYLAST - yyn + 1; - int yyxend = yychecklim < YYNTOKENS ? yychecklim : YYNTOKENS; - int yycount = 1; - - yyarg[0] = yytname[yytype]; - yyfmt = yystpcpy (yyformat, yyunexpected); - - for (yyx = yyxbegin; yyx < yyxend; ++yyx) - if (yycheck[yyx + yyn] == yyx && yyx != YYTERROR) - { - if (yycount == YYERROR_VERBOSE_ARGS_MAXIMUM) - { - yycount = 1; - yysize = yysize0; - yyformat[sizeof yyunexpected - 1] = '\0'; - break; - } - yyarg[yycount++] = yytname[yyx]; - yysize1 = yysize + yytnamerr (0, yytname[yyx]); - yysize_overflow |= (yysize1 < yysize); - yysize = yysize1; - yyfmt = yystpcpy (yyfmt, yyprefix); - yyprefix = yyor; - } - - yyf = YY_(yyformat); - yysize1 = yysize + yystrlen (yyf); - yysize_overflow |= (yysize1 < yysize); - yysize = yysize1; - - if (yysize_overflow) - return YYSIZE_MAXIMUM; - - if (yyresult) - { - /* Avoid sprintf, as that infringes on the user's name space. - Don't have undefined behavior even if the translation - produced a string with the wrong number of "%s"s. */ - char *yyp = yyresult; - int yyi = 0; - while ((*yyp = *yyf) != '\0') - { - if (*yyp == '%' && yyf[1] == 's' && yyi < yycount) - { - yyp += yytnamerr (yyp, yyarg[yyi++]); - yyf += 2; - } - else - { - yyp++; - yyf++; - } - } - } - return yysize; - } -} -#endif /* YYERROR_VERBOSE */ - - -/*-----------------------------------------------. -| Release the memory associated to this symbol. | -`-----------------------------------------------*/ - -/*ARGSUSED*/ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yydestruct (const char *yymsg, int yytype, YYSTYPE *yyvaluep) -#else -static void -yydestruct (yymsg, yytype, yyvaluep) - const char *yymsg; - int yytype; - YYSTYPE *yyvaluep; -#endif -{ - YYUSE (yyvaluep); - - if (!yymsg) - yymsg = "Deleting"; - YY_SYMBOL_PRINT (yymsg, yytype, yyvaluep, yylocationp); - - switch (yytype) - { - - default: - break; - } -} - - -/* Prevent warnings from -Wmissing-prototypes. */ - -#ifdef YYPARSE_PARAM -#if defined __STDC__ || defined __cplusplus -int yyparse (void *YYPARSE_PARAM); -#else -int yyparse (); -#endif -#else /* ! YYPARSE_PARAM */ -#if defined __STDC__ || defined __cplusplus -int yyparse (void); -#else -int yyparse (); -#endif -#endif /* ! YYPARSE_PARAM */ - - - -/* The look-ahead symbol. */ -int yychar; - -/* The semantic value of the look-ahead symbol. */ -YYSTYPE yylval; - -/* Number of syntax errors so far. */ -int yynerrs; - - - -/*----------. -| yyparse. | -`----------*/ - -#ifdef YYPARSE_PARAM -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -int -yyparse (void *YYPARSE_PARAM) -#else -int -yyparse (YYPARSE_PARAM) - void *YYPARSE_PARAM; -#endif -#else /* ! YYPARSE_PARAM */ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -int -yyparse (void) -#else -int -yyparse () - -#endif -#endif -{ - - int yystate; - int yyn; - int yyresult; - /* Number of tokens to shift before error messages enabled. */ - int yyerrstatus; - /* Look-ahead token as an internal (translated) token number. */ - int yytoken = 0; -#if YYERROR_VERBOSE - /* Buffer for error messages, and its allocated size. */ - char yymsgbuf[128]; - char *yymsg = yymsgbuf; - YYSIZE_T yymsg_alloc = sizeof yymsgbuf; -#endif - - /* Three stacks and their tools: - `yyss': related to states, - `yyvs': related to semantic values, - `yyls': related to locations. - - Refer to the stacks thru separate pointers, to allow yyoverflow - to reallocate them elsewhere. */ - - /* The state stack. */ - yytype_int16 yyssa[YYINITDEPTH]; - yytype_int16 *yyss = yyssa; - yytype_int16 *yyssp; - - /* The semantic value stack. */ - YYSTYPE yyvsa[YYINITDEPTH]; - YYSTYPE *yyvs = yyvsa; - YYSTYPE *yyvsp; - - - -#define YYPOPSTACK(N) (yyvsp -= (N), yyssp -= (N)) - - YYSIZE_T yystacksize = YYINITDEPTH; - - /* The variables used to return semantic value and location from the - action routines. */ - YYSTYPE yyval; - - - /* The number of symbols on the RHS of the reduced rule. - Keep to zero when no symbol should be popped. */ - int yylen = 0; - - YYDPRINTF ((stderr, "Starting parse\n")); - - yystate = 0; - yyerrstatus = 0; - yynerrs = 0; - yychar = YYEMPTY; /* Cause a token to be read. */ - - /* Initialize stack pointers. - Waste one element of value and location stack - so that they stay on the same level as the state stack. - The wasted elements are never initialized. */ - - yyssp = yyss; - yyvsp = yyvs; - - goto yysetstate; - -/*------------------------------------------------------------. -| yynewstate -- Push a new state, which is found in yystate. | -`------------------------------------------------------------*/ - yynewstate: - /* In all cases, when you get here, the value and location stacks - have just been pushed. So pushing a state here evens the stacks. */ - yyssp++; - - yysetstate: - *yyssp = yystate; - - if (yyss + yystacksize - 1 <= yyssp) - { - /* Get the current used size of the three stacks, in elements. */ - YYSIZE_T yysize = yyssp - yyss + 1; - -#ifdef yyoverflow - { - /* Give user a chance to reallocate the stack. Use copies of - these so that the &'s don't force the real ones into - memory. */ - YYSTYPE *yyvs1 = yyvs; - yytype_int16 *yyss1 = yyss; - - - /* Each stack pointer address is followed by the size of the - data in use in that stack, in bytes. This used to be a - conditional around just the two extra args, but that might - be undefined if yyoverflow is a macro. */ - yyoverflow (YY_("memory exhausted"), - &yyss1, yysize * sizeof (*yyssp), - &yyvs1, yysize * sizeof (*yyvsp), - - &yystacksize); - - yyss = yyss1; - yyvs = yyvs1; - } -#else /* no yyoverflow */ -# ifndef YYSTACK_RELOCATE - goto yyexhaustedlab; -# else - /* Extend the stack our own way. */ - if (YYMAXDEPTH <= yystacksize) - goto yyexhaustedlab; - yystacksize *= 2; - if (YYMAXDEPTH < yystacksize) - yystacksize = YYMAXDEPTH; - - { - yytype_int16 *yyss1 = yyss; - union yyalloc *yyptr = - (union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize)); - if (! yyptr) - goto yyexhaustedlab; - YYSTACK_RELOCATE (yyss); - YYSTACK_RELOCATE (yyvs); - -# undef YYSTACK_RELOCATE - if (yyss1 != yyssa) - YYSTACK_FREE (yyss1); - } -# endif -#endif /* no yyoverflow */ - - yyssp = yyss + yysize - 1; - yyvsp = yyvs + yysize - 1; - - - YYDPRINTF ((stderr, "Stack size increased to %lu\n", - (unsigned long int) yystacksize)); - - if (yyss + yystacksize - 1 <= yyssp) - YYABORT; - } - - YYDPRINTF ((stderr, "Entering state %d\n", yystate)); - - goto yybackup; - -/*-----------. -| yybackup. | -`-----------*/ -yybackup: - - /* Do appropriate processing given the current state. Read a - look-ahead token if we need one and don't already have one. */ - - /* First try to decide what to do without reference to look-ahead token. */ - yyn = yypact[yystate]; - if (yyn == YYPACT_NINF) - goto yydefault; - - /* Not known => get a look-ahead token if don't already have one. */ - - /* YYCHAR is either YYEMPTY or YYEOF or a valid look-ahead symbol. */ - if (yychar == YYEMPTY) - { - YYDPRINTF ((stderr, "Reading a token: ")); - yychar = YYLEX; - } - - if (yychar <= YYEOF) - { - yychar = yytoken = YYEOF; - YYDPRINTF ((stderr, "Now at end of input.\n")); - } - else - { - yytoken = YYTRANSLATE (yychar); - YY_SYMBOL_PRINT ("Next token is", yytoken, &yylval, &yylloc); - } - - /* If the proper action on seeing token YYTOKEN is to reduce or to - detect an error, take that action. */ - yyn += yytoken; - if (yyn < 0 || YYLAST < yyn || yycheck[yyn] != yytoken) - goto yydefault; - yyn = yytable[yyn]; - if (yyn <= 0) - { - if (yyn == 0 || yyn == YYTABLE_NINF) - goto yyerrlab; - yyn = -yyn; - goto yyreduce; - } - - if (yyn == YYFINAL) - YYACCEPT; - - /* Count tokens shifted since error; after three, turn off error - status. */ - if (yyerrstatus) - yyerrstatus--; - - /* Shift the look-ahead token. */ - YY_SYMBOL_PRINT ("Shifting", yytoken, &yylval, &yylloc); - - /* Discard the shifted token unless it is eof. */ - if (yychar != YYEOF) - yychar = YYEMPTY; - - yystate = yyn; - *++yyvsp = yylval; - - goto yynewstate; - - -/*-----------------------------------------------------------. -| yydefault -- do the default action for the current state. | -`-----------------------------------------------------------*/ -yydefault: - yyn = yydefact[yystate]; - if (yyn == 0) - goto yyerrlab; - goto yyreduce; - - -/*-----------------------------. -| yyreduce -- Do a reduction. | -`-----------------------------*/ -yyreduce: - /* yyn is the number of a rule to reduce with. */ - yylen = yyr2[yyn]; - - /* If YYLEN is nonzero, implement the default value of the action: - `$$ = $1'. - - Otherwise, the following line sets YYVAL to garbage. - This behavior is undocumented and Bison - users should not rely upon it. Assigning to YYVAL - unconditionally makes the parser a bit smaller, and it avoids a - GCC warning that YYVAL may be used uninitialized. */ - yyval = yyvsp[1-yylen]; - - - YY_REDUCE_PRINT (yyn); - switch (yyn) - { - case 2: -#line 235 "parse.y" - { - checkundefined(); - } - break; - - case 4: -#line 242 "parse.y" - { error_message("implicit tagging is not supported"); } - break; - - case 5: -#line 244 "parse.y" - { error_message("automatic tagging is not supported"); } - break; - - case 7: -#line 249 "parse.y" - { error_message("no extensibility options supported"); } - break; - - case 17: -#line 270 "parse.y" - { - struct string_list *sl; - for(sl = (yyvsp[(1) - (4)].sl); sl != NULL; sl = sl->next) { - Symbol *s = addsym(sl->string); - s->stype = Stype; - } - add_import((yyvsp[(3) - (4)].name)); - } - break; - - case 22: -#line 289 "parse.y" - { - (yyval.sl) = emalloc(sizeof(*(yyval.sl))); - (yyval.sl)->string = (yyvsp[(1) - (3)].name); - (yyval.sl)->next = (yyvsp[(3) - (3)].sl); - } - break; - - case 23: -#line 295 "parse.y" - { - (yyval.sl) = emalloc(sizeof(*(yyval.sl))); - (yyval.sl)->string = (yyvsp[(1) - (1)].name); - (yyval.sl)->next = NULL; - } - break; - - case 24: -#line 303 "parse.y" - { - Symbol *s = addsym ((yyvsp[(1) - (3)].name)); - s->stype = Stype; - s->type = (yyvsp[(3) - (3)].type); - fix_labels(s); - generate_type (s); - } - break; - - case 42: -#line 334 "parse.y" - { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_Boolean, - TE_EXPLICIT, new_type(TBoolean)); - } - break; - - case 43: -#line 341 "parse.y" - { - if((yyvsp[(2) - (5)].value)->type != integervalue) - error_message("Non-integer used in first part of range"); - if((yyvsp[(2) - (5)].value)->type != integervalue) - error_message("Non-integer in second part of range"); - (yyval.range) = ecalloc(1, sizeof(*(yyval.range))); - (yyval.range)->min = (yyvsp[(2) - (5)].value)->u.integervalue; - (yyval.range)->max = (yyvsp[(4) - (5)].value)->u.integervalue; - } - break; - - case 44: -#line 351 "parse.y" - { - if((yyvsp[(2) - (5)].value)->type != integervalue) - error_message("Non-integer in first part of range"); - (yyval.range) = ecalloc(1, sizeof(*(yyval.range))); - (yyval.range)->min = (yyvsp[(2) - (5)].value)->u.integervalue; - (yyval.range)->max = (yyvsp[(2) - (5)].value)->u.integervalue - 1; - } - break; - - case 45: -#line 359 "parse.y" - { - if((yyvsp[(4) - (5)].value)->type != integervalue) - error_message("Non-integer in second part of range"); - (yyval.range) = ecalloc(1, sizeof(*(yyval.range))); - (yyval.range)->min = (yyvsp[(4) - (5)].value)->u.integervalue + 2; - (yyval.range)->max = (yyvsp[(4) - (5)].value)->u.integervalue; - } - break; - - case 46: -#line 367 "parse.y" - { - if((yyvsp[(2) - (3)].value)->type != integervalue) - error_message("Non-integer used in limit"); - (yyval.range) = ecalloc(1, sizeof(*(yyval.range))); - (yyval.range)->min = (yyvsp[(2) - (3)].value)->u.integervalue; - (yyval.range)->max = (yyvsp[(2) - (3)].value)->u.integervalue; - } - break; - - case 47: -#line 378 "parse.y" - { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_Integer, - TE_EXPLICIT, new_type(TInteger)); - } - break; - - case 48: -#line 383 "parse.y" - { - (yyval.type) = new_type(TInteger); - (yyval.type)->range = (yyvsp[(2) - (2)].range); - (yyval.type) = new_tag(ASN1_C_UNIV, UT_Integer, TE_EXPLICIT, (yyval.type)); - } - break; - - case 49: -#line 389 "parse.y" - { - (yyval.type) = new_type(TInteger); - (yyval.type)->members = (yyvsp[(3) - (4)].members); - (yyval.type) = new_tag(ASN1_C_UNIV, UT_Integer, TE_EXPLICIT, (yyval.type)); - } - break; - - case 50: -#line 397 "parse.y" - { - (yyval.members) = emalloc(sizeof(*(yyval.members))); - ASN1_TAILQ_INIT((yyval.members)); - ASN1_TAILQ_INSERT_HEAD((yyval.members), (yyvsp[(1) - (1)].member), members); - } - break; - - case 51: -#line 403 "parse.y" - { - ASN1_TAILQ_INSERT_TAIL((yyvsp[(1) - (3)].members), (yyvsp[(3) - (3)].member), members); - (yyval.members) = (yyvsp[(1) - (3)].members); - } - break; - - case 52: -#line 408 "parse.y" - { (yyval.members) = (yyvsp[(1) - (3)].members); } - break; - - case 53: -#line 412 "parse.y" - { - (yyval.member) = emalloc(sizeof(*(yyval.member))); - (yyval.member)->name = (yyvsp[(1) - (4)].name); - (yyval.member)->gen_name = estrdup((yyvsp[(1) - (4)].name)); - output_name ((yyval.member)->gen_name); - (yyval.member)->val = (yyvsp[(3) - (4)].constant); - (yyval.member)->optional = 0; - (yyval.member)->ellipsis = 0; - (yyval.member)->type = NULL; - } - break; - - case 54: -#line 425 "parse.y" - { - (yyval.type) = new_type(TInteger); - (yyval.type)->members = (yyvsp[(3) - (4)].members); - (yyval.type) = new_tag(ASN1_C_UNIV, UT_Enumerated, TE_EXPLICIT, (yyval.type)); - } - break; - - case 56: -#line 436 "parse.y" - { - (yyval.type) = new_type(TBitString); - (yyval.type)->members = emalloc(sizeof(*(yyval.type)->members)); - ASN1_TAILQ_INIT((yyval.type)->members); - (yyval.type) = new_tag(ASN1_C_UNIV, UT_BitString, TE_EXPLICIT, (yyval.type)); - } - break; - - case 57: -#line 443 "parse.y" - { - (yyval.type) = new_type(TBitString); - (yyval.type)->members = (yyvsp[(4) - (5)].members); - (yyval.type) = new_tag(ASN1_C_UNIV, UT_BitString, TE_EXPLICIT, (yyval.type)); - } - break; - - case 58: -#line 451 "parse.y" - { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_OID, - TE_EXPLICIT, new_type(TOID)); - } - break; - - case 59: -#line 457 "parse.y" - { - Type *t = new_type(TOctetString); - t->range = (yyvsp[(3) - (3)].range); - (yyval.type) = new_tag(ASN1_C_UNIV, UT_OctetString, - TE_EXPLICIT, t); - } - break; - - case 60: -#line 466 "parse.y" - { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_Null, - TE_EXPLICIT, new_type(TNull)); - } - break; - - case 61: -#line 473 "parse.y" - { (yyval.range) = NULL; } - break; - - case 62: -#line 475 "parse.y" - { (yyval.range) = (yyvsp[(2) - (2)].range); } - break; - - case 63: -#line 480 "parse.y" - { - (yyval.type) = new_type(TSequence); - (yyval.type)->members = (yyvsp[(3) - (4)].members); - (yyval.type) = new_tag(ASN1_C_UNIV, UT_Sequence, TE_EXPLICIT, (yyval.type)); - } - break; - - case 64: -#line 486 "parse.y" - { - (yyval.type) = new_type(TSequence); - (yyval.type)->members = NULL; - (yyval.type) = new_tag(ASN1_C_UNIV, UT_Sequence, TE_EXPLICIT, (yyval.type)); - } - break; - - case 65: -#line 494 "parse.y" - { - (yyval.type) = new_type(TSequenceOf); - (yyval.type)->range = (yyvsp[(2) - (4)].range); - (yyval.type)->subtype = (yyvsp[(4) - (4)].type); - (yyval.type) = new_tag(ASN1_C_UNIV, UT_Sequence, TE_EXPLICIT, (yyval.type)); - } - break; - - case 66: -#line 503 "parse.y" - { - (yyval.type) = new_type(TSet); - (yyval.type)->members = (yyvsp[(3) - (4)].members); - (yyval.type) = new_tag(ASN1_C_UNIV, UT_Set, TE_EXPLICIT, (yyval.type)); - } - break; - - case 67: -#line 509 "parse.y" - { - (yyval.type) = new_type(TSet); - (yyval.type)->members = NULL; - (yyval.type) = new_tag(ASN1_C_UNIV, UT_Set, TE_EXPLICIT, (yyval.type)); - } - break; - - case 68: -#line 517 "parse.y" - { - (yyval.type) = new_type(TSetOf); - (yyval.type)->subtype = (yyvsp[(3) - (3)].type); - (yyval.type) = new_tag(ASN1_C_UNIV, UT_Set, TE_EXPLICIT, (yyval.type)); - } - break; - - case 69: -#line 525 "parse.y" - { - (yyval.type) = new_type(TChoice); - (yyval.type)->members = (yyvsp[(3) - (4)].members); - } - break; - - case 72: -#line 536 "parse.y" - { - Symbol *s = addsym((yyvsp[(1) - (1)].name)); - (yyval.type) = new_type(TType); - if(s->stype != Stype && s->stype != SUndefined) - error_message ("%s is not a type\n", (yyvsp[(1) - (1)].name)); - else - (yyval.type)->symbol = s; - } - break; - - case 73: -#line 547 "parse.y" - { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_GeneralizedTime, - TE_EXPLICIT, new_type(TGeneralizedTime)); - } - break; - - case 74: -#line 552 "parse.y" - { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_UTCTime, - TE_EXPLICIT, new_type(TUTCTime)); - } - break; - - case 75: -#line 559 "parse.y" - { - /* if (Constraint.type == contentConstrant) { - assert(Constraint.u.constraint.type == octetstring|bitstring-w/o-NamedBitList); // remember to check type reference too - if (Constraint.u.constraint.type) { - assert((Constraint.u.constraint.type.length % 8) == 0); - } - } - if (Constraint.u.constraint.encoding) { - type == der-oid|ber-oid - } - */ - } - break; - - case 76: -#line 575 "parse.y" - { - (yyval.constraint_spec) = (yyvsp[(2) - (3)].constraint_spec); - } - break; - - case 80: -#line 588 "parse.y" - { - (yyval.constraint_spec) = new_constraint_spec(CT_CONTENTS); - (yyval.constraint_spec)->u.content.type = (yyvsp[(2) - (2)].type); - (yyval.constraint_spec)->u.content.encoding = NULL; - } - break; - - case 81: -#line 594 "parse.y" - { - if ((yyvsp[(3) - (3)].value)->type != objectidentifiervalue) - error_message("Non-OID used in ENCODED BY constraint"); - (yyval.constraint_spec) = new_constraint_spec(CT_CONTENTS); - (yyval.constraint_spec)->u.content.type = NULL; - (yyval.constraint_spec)->u.content.encoding = (yyvsp[(3) - (3)].value); - } - break; - - case 82: -#line 602 "parse.y" - { - if ((yyvsp[(5) - (5)].value)->type != objectidentifiervalue) - error_message("Non-OID used in ENCODED BY constraint"); - (yyval.constraint_spec) = new_constraint_spec(CT_CONTENTS); - (yyval.constraint_spec)->u.content.type = (yyvsp[(2) - (5)].type); - (yyval.constraint_spec)->u.content.encoding = (yyvsp[(5) - (5)].value); - } - break; - - case 83: -#line 612 "parse.y" - { - (yyval.constraint_spec) = new_constraint_spec(CT_USER); - } - break; - - case 84: -#line 618 "parse.y" - { - (yyval.type) = new_type(TTag); - (yyval.type)->tag = (yyvsp[(1) - (3)].tag); - (yyval.type)->tag.tagenv = (yyvsp[(2) - (3)].constant); - if((yyvsp[(3) - (3)].type)->type == TTag && (yyvsp[(2) - (3)].constant) == TE_IMPLICIT) { - (yyval.type)->subtype = (yyvsp[(3) - (3)].type)->subtype; - free((yyvsp[(3) - (3)].type)); - } else - (yyval.type)->subtype = (yyvsp[(3) - (3)].type); - } - break; - - case 85: -#line 631 "parse.y" - { - (yyval.tag).tagclass = (yyvsp[(2) - (4)].constant); - (yyval.tag).tagvalue = (yyvsp[(3) - (4)].constant); - (yyval.tag).tagenv = TE_EXPLICIT; - } - break; - - case 86: -#line 639 "parse.y" - { - (yyval.constant) = ASN1_C_CONTEXT; - } - break; - - case 87: -#line 643 "parse.y" - { - (yyval.constant) = ASN1_C_UNIV; - } - break; - - case 88: -#line 647 "parse.y" - { - (yyval.constant) = ASN1_C_APPL; - } - break; - - case 89: -#line 651 "parse.y" - { - (yyval.constant) = ASN1_C_PRIVATE; - } - break; - - case 90: -#line 657 "parse.y" - { - (yyval.constant) = TE_EXPLICIT; - } - break; - - case 91: -#line 661 "parse.y" - { - (yyval.constant) = TE_EXPLICIT; - } - break; - - case 92: -#line 665 "parse.y" - { - (yyval.constant) = TE_IMPLICIT; - } - break; - - case 93: -#line 672 "parse.y" - { - Symbol *s; - s = addsym ((yyvsp[(1) - (4)].name)); - - s->stype = SValue; - s->value = (yyvsp[(4) - (4)].value); - generate_constant (s); - } - break; - - case 95: -#line 686 "parse.y" - { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_GeneralString, - TE_EXPLICIT, new_type(TGeneralString)); - } - break; - - case 96: -#line 691 "parse.y" - { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_UTF8String, - TE_EXPLICIT, new_type(TUTF8String)); - } - break; - - case 97: -#line 696 "parse.y" - { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_PrintableString, - TE_EXPLICIT, new_type(TPrintableString)); - } - break; - - case 98: -#line 701 "parse.y" - { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_VisibleString, - TE_EXPLICIT, new_type(TVisibleString)); - } - break; - - case 99: -#line 706 "parse.y" - { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_IA5String, - TE_EXPLICIT, new_type(TIA5String)); - } - break; - - case 100: -#line 711 "parse.y" - { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_BMPString, - TE_EXPLICIT, new_type(TBMPString)); - } - break; - - case 101: -#line 716 "parse.y" - { - (yyval.type) = new_tag(ASN1_C_UNIV, UT_UniversalString, - TE_EXPLICIT, new_type(TUniversalString)); - } - break; - - case 102: -#line 724 "parse.y" - { - (yyval.members) = emalloc(sizeof(*(yyval.members))); - ASN1_TAILQ_INIT((yyval.members)); - ASN1_TAILQ_INSERT_HEAD((yyval.members), (yyvsp[(1) - (1)].member), members); - } - break; - - case 103: -#line 730 "parse.y" - { - ASN1_TAILQ_INSERT_TAIL((yyvsp[(1) - (3)].members), (yyvsp[(3) - (3)].member), members); - (yyval.members) = (yyvsp[(1) - (3)].members); - } - break; - - case 104: -#line 735 "parse.y" - { - struct member *m = ecalloc(1, sizeof(*m)); - m->name = estrdup("..."); - m->gen_name = estrdup("asn1_ellipsis"); - m->ellipsis = 1; - ASN1_TAILQ_INSERT_TAIL((yyvsp[(1) - (3)].members), m, members); - (yyval.members) = (yyvsp[(1) - (3)].members); - } - break; - - case 105: -#line 746 "parse.y" - { - (yyval.member) = emalloc(sizeof(*(yyval.member))); - (yyval.member)->name = (yyvsp[(1) - (2)].name); - (yyval.member)->gen_name = estrdup((yyvsp[(1) - (2)].name)); - output_name ((yyval.member)->gen_name); - (yyval.member)->type = (yyvsp[(2) - (2)].type); - (yyval.member)->ellipsis = 0; - } - break; - - case 106: -#line 757 "parse.y" - { - (yyval.member) = (yyvsp[(1) - (1)].member); - (yyval.member)->optional = 0; - (yyval.member)->defval = NULL; - } - break; - - case 107: -#line 763 "parse.y" - { - (yyval.member) = (yyvsp[(1) - (2)].member); - (yyval.member)->optional = 1; - (yyval.member)->defval = NULL; - } - break; - - case 108: -#line 769 "parse.y" - { - (yyval.member) = (yyvsp[(1) - (3)].member); - (yyval.member)->optional = 0; - (yyval.member)->defval = (yyvsp[(3) - (3)].value); - } - break; - - case 109: -#line 777 "parse.y" - { - (yyval.members) = emalloc(sizeof(*(yyval.members))); - ASN1_TAILQ_INIT((yyval.members)); - ASN1_TAILQ_INSERT_HEAD((yyval.members), (yyvsp[(1) - (1)].member), members); - } - break; - - case 110: -#line 783 "parse.y" - { - ASN1_TAILQ_INSERT_TAIL((yyvsp[(1) - (3)].members), (yyvsp[(3) - (3)].member), members); - (yyval.members) = (yyvsp[(1) - (3)].members); - } - break; - - case 111: -#line 790 "parse.y" - { - (yyval.member) = emalloc(sizeof(*(yyval.member))); - (yyval.member)->name = (yyvsp[(1) - (4)].name); - (yyval.member)->gen_name = estrdup((yyvsp[(1) - (4)].name)); - output_name ((yyval.member)->gen_name); - (yyval.member)->val = (yyvsp[(3) - (4)].constant); - (yyval.member)->optional = 0; - (yyval.member)->ellipsis = 0; - (yyval.member)->type = NULL; - } - break; - - case 113: -#line 803 "parse.y" - { (yyval.objid) = NULL; } - break; - - case 114: -#line 807 "parse.y" - { - (yyval.objid) = (yyvsp[(2) - (3)].objid); - } - break; - - case 115: -#line 813 "parse.y" - { - (yyval.objid) = NULL; - } - break; - - case 116: -#line 817 "parse.y" - { - if ((yyvsp[(2) - (2)].objid)) { - (yyval.objid) = (yyvsp[(2) - (2)].objid); - add_oid_to_tail((yyvsp[(2) - (2)].objid), (yyvsp[(1) - (2)].objid)); - } else { - (yyval.objid) = (yyvsp[(1) - (2)].objid); - } - } - break; - - case 117: -#line 828 "parse.y" - { - (yyval.objid) = new_objid((yyvsp[(1) - (4)].name), (yyvsp[(3) - (4)].constant)); - } - break; - - case 118: -#line 832 "parse.y" - { - Symbol *s = addsym((yyvsp[(1) - (1)].name)); - if(s->stype != SValue || - s->value->type != objectidentifiervalue) { - error_message("%s is not an object identifier\n", - s->name); - exit(1); - } - (yyval.objid) = s->value->u.objectidentifiervalue; - } - break; - - case 119: -#line 843 "parse.y" - { - (yyval.objid) = new_objid(NULL, (yyvsp[(1) - (1)].constant)); - } - break; - - case 129: -#line 866 "parse.y" - { - Symbol *s = addsym((yyvsp[(1) - (1)].name)); - if(s->stype != SValue) - error_message ("%s is not a value\n", - s->name); - else - (yyval.value) = s->value; - } - break; - - case 130: -#line 877 "parse.y" - { - (yyval.value) = emalloc(sizeof(*(yyval.value))); - (yyval.value)->type = stringvalue; - (yyval.value)->u.stringvalue = (yyvsp[(1) - (1)].name); - } - break; - - case 131: -#line 885 "parse.y" - { - (yyval.value) = emalloc(sizeof(*(yyval.value))); - (yyval.value)->type = booleanvalue; - (yyval.value)->u.booleanvalue = 0; - } - break; - - case 132: -#line 891 "parse.y" - { - (yyval.value) = emalloc(sizeof(*(yyval.value))); - (yyval.value)->type = booleanvalue; - (yyval.value)->u.booleanvalue = 0; - } - break; - - case 133: -#line 899 "parse.y" - { - (yyval.value) = emalloc(sizeof(*(yyval.value))); - (yyval.value)->type = integervalue; - (yyval.value)->u.integervalue = (yyvsp[(1) - (1)].constant); - } - break; - - case 135: -#line 910 "parse.y" - { - } - break; - - case 136: -#line 915 "parse.y" - { - (yyval.value) = emalloc(sizeof(*(yyval.value))); - (yyval.value)->type = objectidentifiervalue; - (yyval.value)->u.objectidentifiervalue = (yyvsp[(1) - (1)].objid); - } - break; - - -/* Line 1267 of yacc.c. */ -#line 2523 "parse.c" - default: break; - } - YY_SYMBOL_PRINT ("-> $$ =", yyr1[yyn], &yyval, &yyloc); - - YYPOPSTACK (yylen); - yylen = 0; - YY_STACK_PRINT (yyss, yyssp); - - *++yyvsp = yyval; - - - /* Now `shift' the result of the reduction. Determine what state - that goes to, based on the state we popped back to and the rule - number reduced by. */ - - yyn = yyr1[yyn]; - - yystate = yypgoto[yyn - YYNTOKENS] + *yyssp; - if (0 <= yystate && yystate <= YYLAST && yycheck[yystate] == *yyssp) - yystate = yytable[yystate]; - else - yystate = yydefgoto[yyn - YYNTOKENS]; - - goto yynewstate; - - -/*------------------------------------. -| yyerrlab -- here on detecting error | -`------------------------------------*/ -yyerrlab: - /* If not already recovering from an error, report this error. */ - if (!yyerrstatus) - { - ++yynerrs; -#if ! YYERROR_VERBOSE - yyerror (YY_("syntax error")); -#else - { - YYSIZE_T yysize = yysyntax_error (0, yystate, yychar); - if (yymsg_alloc < yysize && yymsg_alloc < YYSTACK_ALLOC_MAXIMUM) - { - YYSIZE_T yyalloc = 2 * yysize; - if (! (yysize <= yyalloc && yyalloc <= YYSTACK_ALLOC_MAXIMUM)) - yyalloc = YYSTACK_ALLOC_MAXIMUM; - if (yymsg != yymsgbuf) - YYSTACK_FREE (yymsg); - yymsg = (char *) YYSTACK_ALLOC (yyalloc); - if (yymsg) - yymsg_alloc = yyalloc; - else - { - yymsg = yymsgbuf; - yymsg_alloc = sizeof yymsgbuf; - } - } - - if (0 < yysize && yysize <= yymsg_alloc) - { - (void) yysyntax_error (yymsg, yystate, yychar); - yyerror (yymsg); - } - else - { - yyerror (YY_("syntax error")); - if (yysize != 0) - goto yyexhaustedlab; - } - } -#endif - } - - - - if (yyerrstatus == 3) - { - /* If just tried and failed to reuse look-ahead token after an - error, discard it. */ - - if (yychar <= YYEOF) - { - /* Return failure if at end of input. */ - if (yychar == YYEOF) - YYABORT; - } - else - { - yydestruct ("Error: discarding", - yytoken, &yylval); - yychar = YYEMPTY; - } - } - - /* Else will try to reuse look-ahead token after shifting the error - token. */ - goto yyerrlab1; - - -/*---------------------------------------------------. -| yyerrorlab -- error raised explicitly by YYERROR. | -`---------------------------------------------------*/ -yyerrorlab: - - /* Pacify compilers like GCC when the user code never invokes - YYERROR and the label yyerrorlab therefore never appears in user - code. */ - if (/*CONSTCOND*/ 0) - goto yyerrorlab; - - /* Do not reclaim the symbols of the rule which action triggered - this YYERROR. */ - YYPOPSTACK (yylen); - yylen = 0; - YY_STACK_PRINT (yyss, yyssp); - yystate = *yyssp; - goto yyerrlab1; - - -/*-------------------------------------------------------------. -| yyerrlab1 -- common code for both syntax error and YYERROR. | -`-------------------------------------------------------------*/ -yyerrlab1: - yyerrstatus = 3; /* Each real token shifted decrements this. */ - - for (;;) - { - yyn = yypact[yystate]; - if (yyn != YYPACT_NINF) - { - yyn += YYTERROR; - if (0 <= yyn && yyn <= YYLAST && yycheck[yyn] == YYTERROR) - { - yyn = yytable[yyn]; - if (0 < yyn) - break; - } - } - - /* Pop the current state because it cannot handle the error token. */ - if (yyssp == yyss) - YYABORT; - - - yydestruct ("Error: popping", - yystos[yystate], yyvsp); - YYPOPSTACK (1); - yystate = *yyssp; - YY_STACK_PRINT (yyss, yyssp); - } - - if (yyn == YYFINAL) - YYACCEPT; - - *++yyvsp = yylval; - - - /* Shift the error token. */ - YY_SYMBOL_PRINT ("Shifting", yystos[yyn], yyvsp, yylsp); - - yystate = yyn; - goto yynewstate; - - -/*-------------------------------------. -| yyacceptlab -- YYACCEPT comes here. | -`-------------------------------------*/ -yyacceptlab: - yyresult = 0; - goto yyreturn; - -/*-----------------------------------. -| yyabortlab -- YYABORT comes here. | -`-----------------------------------*/ -yyabortlab: - yyresult = 1; - goto yyreturn; - -#ifndef yyoverflow -/*-------------------------------------------------. -| yyexhaustedlab -- memory exhaustion comes here. | -`-------------------------------------------------*/ -yyexhaustedlab: - yyerror (YY_("memory exhausted")); - yyresult = 2; - /* Fall through. */ -#endif - -yyreturn: - if (yychar != YYEOF && yychar != YYEMPTY) - yydestruct ("Cleanup: discarding lookahead", - yytoken, &yylval); - /* Do not reclaim the symbols of the rule which action triggered - this YYABORT or YYACCEPT. */ - YYPOPSTACK (yylen); - YY_STACK_PRINT (yyss, yyssp); - while (yyssp != yyss) - { - yydestruct ("Cleanup: popping", - yystos[*yyssp], yyvsp); - YYPOPSTACK (1); - } -#ifndef yyoverflow - if (yyss != yyssa) - YYSTACK_FREE (yyss); -#endif -#if YYERROR_VERBOSE - if (yymsg != yymsgbuf) - YYSTACK_FREE (yymsg); -#endif - /* Make sure YYID is used. */ - return YYID (yyresult); -} - - -#line 922 "parse.y" - - -void -yyerror (const char *s) -{ - error_message ("%s\n", s); -} - -static Type * -new_tag(int tagclass, int tagvalue, int tagenv, Type *oldtype) -{ - Type *t; - if(oldtype->type == TTag && oldtype->tag.tagenv == TE_IMPLICIT) { - t = oldtype; - oldtype = oldtype->subtype; /* XXX */ - } else - t = new_type (TTag); - - t->tag.tagclass = tagclass; - t->tag.tagvalue = tagvalue; - t->tag.tagenv = tagenv; - t->subtype = oldtype; - return t; -} - -static struct objid * -new_objid(const char *label, int value) -{ - struct objid *s; - s = emalloc(sizeof(*s)); - s->label = label; - s->value = value; - s->next = NULL; - return s; -} - -static void -add_oid_to_tail(struct objid *head, struct objid *tail) -{ - struct objid *o; - o = head; - while (o->next) - o = o->next; - o->next = tail; -} - -static Type * -new_type (Typetype tt) -{ - Type *t = ecalloc(1, sizeof(*t)); - t->type = tt; - return t; -} - -static struct constraint_spec * -new_constraint_spec(enum ctype ct) -{ - struct constraint_spec *c = ecalloc(1, sizeof(*c)); - c->ctype = ct; - return c; -} - -static void fix_labels2(Type *t, const char *prefix); -static void fix_labels1(struct memhead *members, const char *prefix) -{ - Member *m; - - if(members == NULL) - return; - ASN1_TAILQ_FOREACH(m, members, members) { - asprintf(&m->label, "%s_%s", prefix, m->gen_name); - if (m->label == NULL) - errx(1, "malloc"); - if(m->type != NULL) - fix_labels2(m->type, m->label); - } -} - -static void fix_labels2(Type *t, const char *prefix) -{ - for(; t; t = t->subtype) - fix_labels1(t->members, prefix); -} - -static void -fix_labels(Symbol *s) -{ - char *p; - asprintf(&p, "choice_%s", s->gen_name); - if (p == NULL) - errx(1, "malloc"); - fix_labels2(s->type, p); - free(p); -} - diff --git a/crypto/heimdal/lib/asn1/parse.h b/crypto/heimdal/lib/asn1/parse.h deleted file mode 100644 index 45b06c59d5d6..000000000000 --- a/crypto/heimdal/lib/asn1/parse.h +++ /dev/null @@ -1,249 +0,0 @@ -/* A Bison parser, made by GNU Bison 2.3. */ - -/* Skeleton interface for Bison's Yacc-like parsers in C - - Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 - Free Software Foundation, Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2, or (at your option) - any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, - Boston, MA 02110-1301, USA. */ - -/* As a special exception, you may create a larger work that contains - part or all of the Bison parser skeleton and distribute that work - under terms of your choice, so long as that work isn't itself a - parser generator using the skeleton or a modified version thereof - as a parser skeleton. Alternatively, if you modify or redistribute - the parser skeleton itself, you may (at your option) remove this - special exception, which will cause the skeleton and the resulting - Bison output files to be licensed under the GNU General Public - License without this special exception. - - This special exception was added by the Free Software Foundation in - version 2.2 of Bison. */ - -/* Tokens. */ -#ifndef YYTOKENTYPE -# define YYTOKENTYPE - /* Put the tokens into the symbol table, so that GDB and other debuggers - know about them. */ - enum yytokentype { - kw_ABSENT = 258, - kw_ABSTRACT_SYNTAX = 259, - kw_ALL = 260, - kw_APPLICATION = 261, - kw_AUTOMATIC = 262, - kw_BEGIN = 263, - kw_BIT = 264, - kw_BMPString = 265, - kw_BOOLEAN = 266, - kw_BY = 267, - kw_CHARACTER = 268, - kw_CHOICE = 269, - kw_CLASS = 270, - kw_COMPONENT = 271, - kw_COMPONENTS = 272, - kw_CONSTRAINED = 273, - kw_CONTAINING = 274, - kw_DEFAULT = 275, - kw_DEFINITIONS = 276, - kw_EMBEDDED = 277, - kw_ENCODED = 278, - kw_END = 279, - kw_ENUMERATED = 280, - kw_EXCEPT = 281, - kw_EXPLICIT = 282, - kw_EXPORTS = 283, - kw_EXTENSIBILITY = 284, - kw_EXTERNAL = 285, - kw_FALSE = 286, - kw_FROM = 287, - kw_GeneralString = 288, - kw_GeneralizedTime = 289, - kw_GraphicString = 290, - kw_IA5String = 291, - kw_IDENTIFIER = 292, - kw_IMPLICIT = 293, - kw_IMPLIED = 294, - kw_IMPORTS = 295, - kw_INCLUDES = 296, - kw_INSTANCE = 297, - kw_INTEGER = 298, - kw_INTERSECTION = 299, - kw_ISO646String = 300, - kw_MAX = 301, - kw_MIN = 302, - kw_MINUS_INFINITY = 303, - kw_NULL = 304, - kw_NumericString = 305, - kw_OBJECT = 306, - kw_OCTET = 307, - kw_OF = 308, - kw_OPTIONAL = 309, - kw_ObjectDescriptor = 310, - kw_PATTERN = 311, - kw_PDV = 312, - kw_PLUS_INFINITY = 313, - kw_PRESENT = 314, - kw_PRIVATE = 315, - kw_PrintableString = 316, - kw_REAL = 317, - kw_RELATIVE_OID = 318, - kw_SEQUENCE = 319, - kw_SET = 320, - kw_SIZE = 321, - kw_STRING = 322, - kw_SYNTAX = 323, - kw_T61String = 324, - kw_TAGS = 325, - kw_TRUE = 326, - kw_TYPE_IDENTIFIER = 327, - kw_TeletexString = 328, - kw_UNION = 329, - kw_UNIQUE = 330, - kw_UNIVERSAL = 331, - kw_UTCTime = 332, - kw_UTF8String = 333, - kw_UniversalString = 334, - kw_VideotexString = 335, - kw_VisibleString = 336, - kw_WITH = 337, - RANGE = 338, - EEQUAL = 339, - ELLIPSIS = 340, - IDENTIFIER = 341, - referencename = 342, - STRING = 343, - NUMBER = 344 - }; -#endif -/* Tokens. */ -#define kw_ABSENT 258 -#define kw_ABSTRACT_SYNTAX 259 -#define kw_ALL 260 -#define kw_APPLICATION 261 -#define kw_AUTOMATIC 262 -#define kw_BEGIN 263 -#define kw_BIT 264 -#define kw_BMPString 265 -#define kw_BOOLEAN 266 -#define kw_BY 267 -#define kw_CHARACTER 268 -#define kw_CHOICE 269 -#define kw_CLASS 270 -#define kw_COMPONENT 271 -#define kw_COMPONENTS 272 -#define kw_CONSTRAINED 273 -#define kw_CONTAINING 274 -#define kw_DEFAULT 275 -#define kw_DEFINITIONS 276 -#define kw_EMBEDDED 277 -#define kw_ENCODED 278 -#define kw_END 279 -#define kw_ENUMERATED 280 -#define kw_EXCEPT 281 -#define kw_EXPLICIT 282 -#define kw_EXPORTS 283 -#define kw_EXTENSIBILITY 284 -#define kw_EXTERNAL 285 -#define kw_FALSE 286 -#define kw_FROM 287 -#define kw_GeneralString 288 -#define kw_GeneralizedTime 289 -#define kw_GraphicString 290 -#define kw_IA5String 291 -#define kw_IDENTIFIER 292 -#define kw_IMPLICIT 293 -#define kw_IMPLIED 294 -#define kw_IMPORTS 295 -#define kw_INCLUDES 296 -#define kw_INSTANCE 297 -#define kw_INTEGER 298 -#define kw_INTERSECTION 299 -#define kw_ISO646String 300 -#define kw_MAX 301 -#define kw_MIN 302 -#define kw_MINUS_INFINITY 303 -#define kw_NULL 304 -#define kw_NumericString 305 -#define kw_OBJECT 306 -#define kw_OCTET 307 -#define kw_OF 308 -#define kw_OPTIONAL 309 -#define kw_ObjectDescriptor 310 -#define kw_PATTERN 311 -#define kw_PDV 312 -#define kw_PLUS_INFINITY 313 -#define kw_PRESENT 314 -#define kw_PRIVATE 315 -#define kw_PrintableString 316 -#define kw_REAL 317 -#define kw_RELATIVE_OID 318 -#define kw_SEQUENCE 319 -#define kw_SET 320 -#define kw_SIZE 321 -#define kw_STRING 322 -#define kw_SYNTAX 323 -#define kw_T61String 324 -#define kw_TAGS 325 -#define kw_TRUE 326 -#define kw_TYPE_IDENTIFIER 327 -#define kw_TeletexString 328 -#define kw_UNION 329 -#define kw_UNIQUE 330 -#define kw_UNIVERSAL 331 -#define kw_UTCTime 332 -#define kw_UTF8String 333 -#define kw_UniversalString 334 -#define kw_VideotexString 335 -#define kw_VisibleString 336 -#define kw_WITH 337 -#define RANGE 338 -#define EEQUAL 339 -#define ELLIPSIS 340 -#define IDENTIFIER 341 -#define referencename 342 -#define STRING 343 -#define NUMBER 344 - - - - -#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED -typedef union YYSTYPE -#line 65 "parse.y" -{ - int constant; - struct value *value; - struct range *range; - char *name; - Type *type; - Member *member; - struct objid *objid; - char *defval; - struct string_list *sl; - struct tagtype tag; - struct memhead *members; - struct constraint_spec *constraint_spec; -} -/* Line 1529 of yacc.c. */ -#line 242 "parse.h" - YYSTYPE; -# define yystype YYSTYPE /* obsolescent; will be withdrawn */ -# define YYSTYPE_IS_DECLARED 1 -# define YYSTYPE_IS_TRIVIAL 1 -#endif - -extern YYSTYPE yylval; - diff --git a/crypto/heimdal/lib/asn1/parse.y b/crypto/heimdal/lib/asn1/parse.y deleted file mode 100644 index 772f2b1bc1c3..000000000000 --- a/crypto/heimdal/lib/asn1/parse.y +++ /dev/null @@ -1,1015 +0,0 @@ -/* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: parse.y 21597 2007-07-16 18:48:58Z lha $ */ - -%{ -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include "symbol.h" -#include "lex.h" -#include "gen_locl.h" -#include "der.h" - -RCSID("$Id: parse.y 21597 2007-07-16 18:48:58Z lha $"); - -static Type *new_type (Typetype t); -static struct constraint_spec *new_constraint_spec(enum ctype); -static Type *new_tag(int tagclass, int tagvalue, int tagenv, Type *oldtype); -void yyerror (const char *); -static struct objid *new_objid(const char *label, int value); -static void add_oid_to_tail(struct objid *, struct objid *); -static void fix_labels(Symbol *s); - -struct string_list { - char *string; - struct string_list *next; -}; - -%} - -%union { - int constant; - struct value *value; - struct range *range; - char *name; - Type *type; - Member *member; - struct objid *objid; - char *defval; - struct string_list *sl; - struct tagtype tag; - struct memhead *members; - struct constraint_spec *constraint_spec; -} - -%token kw_ABSENT -%token kw_ABSTRACT_SYNTAX -%token kw_ALL -%token kw_APPLICATION -%token kw_AUTOMATIC -%token kw_BEGIN -%token kw_BIT -%token kw_BMPString -%token kw_BOOLEAN -%token kw_BY -%token kw_CHARACTER -%token kw_CHOICE -%token kw_CLASS -%token kw_COMPONENT -%token kw_COMPONENTS -%token kw_CONSTRAINED -%token kw_CONTAINING -%token kw_DEFAULT -%token kw_DEFINITIONS -%token kw_EMBEDDED -%token kw_ENCODED -%token kw_END -%token kw_ENUMERATED -%token kw_EXCEPT -%token kw_EXPLICIT -%token kw_EXPORTS -%token kw_EXTENSIBILITY -%token kw_EXTERNAL -%token kw_FALSE -%token kw_FROM -%token kw_GeneralString -%token kw_GeneralizedTime -%token kw_GraphicString -%token kw_IA5String -%token kw_IDENTIFIER -%token kw_IMPLICIT -%token kw_IMPLIED -%token kw_IMPORTS -%token kw_INCLUDES -%token kw_INSTANCE -%token kw_INTEGER -%token kw_INTERSECTION -%token kw_ISO646String -%token kw_MAX -%token kw_MIN -%token kw_MINUS_INFINITY -%token kw_NULL -%token kw_NumericString -%token kw_OBJECT -%token kw_OCTET -%token kw_OF -%token kw_OPTIONAL -%token kw_ObjectDescriptor -%token kw_PATTERN -%token kw_PDV -%token kw_PLUS_INFINITY -%token kw_PRESENT -%token kw_PRIVATE -%token kw_PrintableString -%token kw_REAL -%token kw_RELATIVE_OID -%token kw_SEQUENCE -%token kw_SET -%token kw_SIZE -%token kw_STRING -%token kw_SYNTAX -%token kw_T61String -%token kw_TAGS -%token kw_TRUE -%token kw_TYPE_IDENTIFIER -%token kw_TeletexString -%token kw_UNION -%token kw_UNIQUE -%token kw_UNIVERSAL -%token kw_UTCTime -%token kw_UTF8String -%token kw_UniversalString -%token kw_VideotexString -%token kw_VisibleString -%token kw_WITH - -%token RANGE -%token EEQUAL -%token ELLIPSIS - -%token IDENTIFIER referencename -%token STRING - -%token NUMBER -%type SignedNumber -%type Class tagenv - -%type Value -%type BuiltinValue -%type IntegerValue -%type BooleanValue -%type ObjectIdentifierValue -%type CharacterStringValue -%type NullValue -%type DefinedValue -%type ReferencedValue -%type Valuereference - -%type Type -%type BuiltinType -%type BitStringType -%type BooleanType -%type ChoiceType -%type ConstrainedType -%type EnumeratedType -%type IntegerType -%type NullType -%type OctetStringType -%type SequenceType -%type SequenceOfType -%type SetType -%type SetOfType -%type TaggedType -%type ReferencedType -%type DefinedType -%type UsefulType -%type ObjectIdentifierType -%type CharacterStringType -%type RestrictedCharactedStringType - -%type Tag - -%type ComponentType -%type NamedBit -%type NamedNumber -%type NamedType -%type ComponentTypeList -%type Enumerations -%type NamedBitList -%type NamedNumberList - -%type objid objid_list objid_element objid_opt -%type range size - -%type referencenames - -%type Constraint -%type ConstraintSpec -%type GeneralConstraint -%type ContentsConstraint -%type UserDefinedConstraint - - - -%start ModuleDefinition - -%% - -ModuleDefinition: IDENTIFIER objid_opt kw_DEFINITIONS TagDefault ExtensionDefault - EEQUAL kw_BEGIN ModuleBody kw_END - { - checkundefined(); - } - ; - -TagDefault : kw_EXPLICIT kw_TAGS - | kw_IMPLICIT kw_TAGS - { error_message("implicit tagging is not supported"); } - | kw_AUTOMATIC kw_TAGS - { error_message("automatic tagging is not supported"); } - | /* empty */ - ; - -ExtensionDefault: kw_EXTENSIBILITY kw_IMPLIED - { error_message("no extensibility options supported"); } - | /* empty */ - ; - -ModuleBody : /* Exports */ Imports AssignmentList - | /* empty */ - ; - -Imports : kw_IMPORTS SymbolsImported ';' - | /* empty */ - ; - -SymbolsImported : SymbolsFromModuleList - | /* empty */ - ; - -SymbolsFromModuleList: SymbolsFromModule - | SymbolsFromModuleList SymbolsFromModule - ; - -SymbolsFromModule: referencenames kw_FROM IDENTIFIER objid_opt - { - struct string_list *sl; - for(sl = $1; sl != NULL; sl = sl->next) { - Symbol *s = addsym(sl->string); - s->stype = Stype; - } - add_import($3); - } - ; - -AssignmentList : Assignment - | Assignment AssignmentList - ; - -Assignment : TypeAssignment - | ValueAssignment - ; - -referencenames : IDENTIFIER ',' referencenames - { - $$ = emalloc(sizeof(*$$)); - $$->string = $1; - $$->next = $3; - } - | IDENTIFIER - { - $$ = emalloc(sizeof(*$$)); - $$->string = $1; - $$->next = NULL; - } - ; - -TypeAssignment : IDENTIFIER EEQUAL Type - { - Symbol *s = addsym ($1); - s->stype = Stype; - s->type = $3; - fix_labels(s); - generate_type (s); - } - ; - -Type : BuiltinType - | ReferencedType - | ConstrainedType - ; - -BuiltinType : BitStringType - | BooleanType - | CharacterStringType - | ChoiceType - | EnumeratedType - | IntegerType - | NullType - | ObjectIdentifierType - | OctetStringType - | SequenceType - | SequenceOfType - | SetType - | SetOfType - | TaggedType - ; - -BooleanType : kw_BOOLEAN - { - $$ = new_tag(ASN1_C_UNIV, UT_Boolean, - TE_EXPLICIT, new_type(TBoolean)); - } - ; - -range : '(' Value RANGE Value ')' - { - if($2->type != integervalue) - error_message("Non-integer used in first part of range"); - if($2->type != integervalue) - error_message("Non-integer in second part of range"); - $$ = ecalloc(1, sizeof(*$$)); - $$->min = $2->u.integervalue; - $$->max = $4->u.integervalue; - } - | '(' Value RANGE kw_MAX ')' - { - if($2->type != integervalue) - error_message("Non-integer in first part of range"); - $$ = ecalloc(1, sizeof(*$$)); - $$->min = $2->u.integervalue; - $$->max = $2->u.integervalue - 1; - } - | '(' kw_MIN RANGE Value ')' - { - if($4->type != integervalue) - error_message("Non-integer in second part of range"); - $$ = ecalloc(1, sizeof(*$$)); - $$->min = $4->u.integervalue + 2; - $$->max = $4->u.integervalue; - } - | '(' Value ')' - { - if($2->type != integervalue) - error_message("Non-integer used in limit"); - $$ = ecalloc(1, sizeof(*$$)); - $$->min = $2->u.integervalue; - $$->max = $2->u.integervalue; - } - ; - - -IntegerType : kw_INTEGER - { - $$ = new_tag(ASN1_C_UNIV, UT_Integer, - TE_EXPLICIT, new_type(TInteger)); - } - | kw_INTEGER range - { - $$ = new_type(TInteger); - $$->range = $2; - $$ = new_tag(ASN1_C_UNIV, UT_Integer, TE_EXPLICIT, $$); - } - | kw_INTEGER '{' NamedNumberList '}' - { - $$ = new_type(TInteger); - $$->members = $3; - $$ = new_tag(ASN1_C_UNIV, UT_Integer, TE_EXPLICIT, $$); - } - ; - -NamedNumberList : NamedNumber - { - $$ = emalloc(sizeof(*$$)); - ASN1_TAILQ_INIT($$); - ASN1_TAILQ_INSERT_HEAD($$, $1, members); - } - | NamedNumberList ',' NamedNumber - { - ASN1_TAILQ_INSERT_TAIL($1, $3, members); - $$ = $1; - } - | NamedNumberList ',' ELLIPSIS - { $$ = $1; } /* XXX used for Enumerations */ - ; - -NamedNumber : IDENTIFIER '(' SignedNumber ')' - { - $$ = emalloc(sizeof(*$$)); - $$->name = $1; - $$->gen_name = estrdup($1); - output_name ($$->gen_name); - $$->val = $3; - $$->optional = 0; - $$->ellipsis = 0; - $$->type = NULL; - } - ; - -EnumeratedType : kw_ENUMERATED '{' Enumerations '}' - { - $$ = new_type(TInteger); - $$->members = $3; - $$ = new_tag(ASN1_C_UNIV, UT_Enumerated, TE_EXPLICIT, $$); - } - ; - -Enumerations : NamedNumberList /* XXX */ - ; - -BitStringType : kw_BIT kw_STRING - { - $$ = new_type(TBitString); - $$->members = emalloc(sizeof(*$$->members)); - ASN1_TAILQ_INIT($$->members); - $$ = new_tag(ASN1_C_UNIV, UT_BitString, TE_EXPLICIT, $$); - } - | kw_BIT kw_STRING '{' NamedBitList '}' - { - $$ = new_type(TBitString); - $$->members = $4; - $$ = new_tag(ASN1_C_UNIV, UT_BitString, TE_EXPLICIT, $$); - } - ; - -ObjectIdentifierType: kw_OBJECT kw_IDENTIFIER - { - $$ = new_tag(ASN1_C_UNIV, UT_OID, - TE_EXPLICIT, new_type(TOID)); - } - ; -OctetStringType : kw_OCTET kw_STRING size - { - Type *t = new_type(TOctetString); - t->range = $3; - $$ = new_tag(ASN1_C_UNIV, UT_OctetString, - TE_EXPLICIT, t); - } - ; - -NullType : kw_NULL - { - $$ = new_tag(ASN1_C_UNIV, UT_Null, - TE_EXPLICIT, new_type(TNull)); - } - ; - -size : - { $$ = NULL; } - | kw_SIZE range - { $$ = $2; } - ; - - -SequenceType : kw_SEQUENCE '{' /* ComponentTypeLists */ ComponentTypeList '}' - { - $$ = new_type(TSequence); - $$->members = $3; - $$ = new_tag(ASN1_C_UNIV, UT_Sequence, TE_EXPLICIT, $$); - } - | kw_SEQUENCE '{' '}' - { - $$ = new_type(TSequence); - $$->members = NULL; - $$ = new_tag(ASN1_C_UNIV, UT_Sequence, TE_EXPLICIT, $$); - } - ; - -SequenceOfType : kw_SEQUENCE size kw_OF Type - { - $$ = new_type(TSequenceOf); - $$->range = $2; - $$->subtype = $4; - $$ = new_tag(ASN1_C_UNIV, UT_Sequence, TE_EXPLICIT, $$); - } - ; - -SetType : kw_SET '{' /* ComponentTypeLists */ ComponentTypeList '}' - { - $$ = new_type(TSet); - $$->members = $3; - $$ = new_tag(ASN1_C_UNIV, UT_Set, TE_EXPLICIT, $$); - } - | kw_SET '{' '}' - { - $$ = new_type(TSet); - $$->members = NULL; - $$ = new_tag(ASN1_C_UNIV, UT_Set, TE_EXPLICIT, $$); - } - ; - -SetOfType : kw_SET kw_OF Type - { - $$ = new_type(TSetOf); - $$->subtype = $3; - $$ = new_tag(ASN1_C_UNIV, UT_Set, TE_EXPLICIT, $$); - } - ; - -ChoiceType : kw_CHOICE '{' /* AlternativeTypeLists */ ComponentTypeList '}' - { - $$ = new_type(TChoice); - $$->members = $3; - } - ; - -ReferencedType : DefinedType - | UsefulType - ; - -DefinedType : IDENTIFIER - { - Symbol *s = addsym($1); - $$ = new_type(TType); - if(s->stype != Stype && s->stype != SUndefined) - error_message ("%s is not a type\n", $1); - else - $$->symbol = s; - } - ; - -UsefulType : kw_GeneralizedTime - { - $$ = new_tag(ASN1_C_UNIV, UT_GeneralizedTime, - TE_EXPLICIT, new_type(TGeneralizedTime)); - } - | kw_UTCTime - { - $$ = new_tag(ASN1_C_UNIV, UT_UTCTime, - TE_EXPLICIT, new_type(TUTCTime)); - } - ; - -ConstrainedType : Type Constraint - { - /* if (Constraint.type == contentConstrant) { - assert(Constraint.u.constraint.type == octetstring|bitstring-w/o-NamedBitList); // remember to check type reference too - if (Constraint.u.constraint.type) { - assert((Constraint.u.constraint.type.length % 8) == 0); - } - } - if (Constraint.u.constraint.encoding) { - type == der-oid|ber-oid - } - */ - } - ; - - -Constraint : '(' ConstraintSpec ')' - { - $$ = $2; - } - ; - -ConstraintSpec : GeneralConstraint - ; - -GeneralConstraint: ContentsConstraint - | UserDefinedConstraint - ; - -ContentsConstraint: kw_CONTAINING Type - { - $$ = new_constraint_spec(CT_CONTENTS); - $$->u.content.type = $2; - $$->u.content.encoding = NULL; - } - | kw_ENCODED kw_BY Value - { - if ($3->type != objectidentifiervalue) - error_message("Non-OID used in ENCODED BY constraint"); - $$ = new_constraint_spec(CT_CONTENTS); - $$->u.content.type = NULL; - $$->u.content.encoding = $3; - } - | kw_CONTAINING Type kw_ENCODED kw_BY Value - { - if ($5->type != objectidentifiervalue) - error_message("Non-OID used in ENCODED BY constraint"); - $$ = new_constraint_spec(CT_CONTENTS); - $$->u.content.type = $2; - $$->u.content.encoding = $5; - } - ; - -UserDefinedConstraint: kw_CONSTRAINED kw_BY '{' '}' - { - $$ = new_constraint_spec(CT_USER); - } - ; - -TaggedType : Tag tagenv Type - { - $$ = new_type(TTag); - $$->tag = $1; - $$->tag.tagenv = $2; - if($3->type == TTag && $2 == TE_IMPLICIT) { - $$->subtype = $3->subtype; - free($3); - } else - $$->subtype = $3; - } - ; - -Tag : '[' Class NUMBER ']' - { - $$.tagclass = $2; - $$.tagvalue = $3; - $$.tagenv = TE_EXPLICIT; - } - ; - -Class : /* */ - { - $$ = ASN1_C_CONTEXT; - } - | kw_UNIVERSAL - { - $$ = ASN1_C_UNIV; - } - | kw_APPLICATION - { - $$ = ASN1_C_APPL; - } - | kw_PRIVATE - { - $$ = ASN1_C_PRIVATE; - } - ; - -tagenv : /* */ - { - $$ = TE_EXPLICIT; - } - | kw_EXPLICIT - { - $$ = TE_EXPLICIT; - } - | kw_IMPLICIT - { - $$ = TE_IMPLICIT; - } - ; - - -ValueAssignment : IDENTIFIER Type EEQUAL Value - { - Symbol *s; - s = addsym ($1); - - s->stype = SValue; - s->value = $4; - generate_constant (s); - } - ; - -CharacterStringType: RestrictedCharactedStringType - ; - -RestrictedCharactedStringType: kw_GeneralString - { - $$ = new_tag(ASN1_C_UNIV, UT_GeneralString, - TE_EXPLICIT, new_type(TGeneralString)); - } - | kw_UTF8String - { - $$ = new_tag(ASN1_C_UNIV, UT_UTF8String, - TE_EXPLICIT, new_type(TUTF8String)); - } - | kw_PrintableString - { - $$ = new_tag(ASN1_C_UNIV, UT_PrintableString, - TE_EXPLICIT, new_type(TPrintableString)); - } - | kw_VisibleString - { - $$ = new_tag(ASN1_C_UNIV, UT_VisibleString, - TE_EXPLICIT, new_type(TVisibleString)); - } - | kw_IA5String - { - $$ = new_tag(ASN1_C_UNIV, UT_IA5String, - TE_EXPLICIT, new_type(TIA5String)); - } - | kw_BMPString - { - $$ = new_tag(ASN1_C_UNIV, UT_BMPString, - TE_EXPLICIT, new_type(TBMPString)); - } - | kw_UniversalString - { - $$ = new_tag(ASN1_C_UNIV, UT_UniversalString, - TE_EXPLICIT, new_type(TUniversalString)); - } - - ; - -ComponentTypeList: ComponentType - { - $$ = emalloc(sizeof(*$$)); - ASN1_TAILQ_INIT($$); - ASN1_TAILQ_INSERT_HEAD($$, $1, members); - } - | ComponentTypeList ',' ComponentType - { - ASN1_TAILQ_INSERT_TAIL($1, $3, members); - $$ = $1; - } - | ComponentTypeList ',' ELLIPSIS - { - struct member *m = ecalloc(1, sizeof(*m)); - m->name = estrdup("..."); - m->gen_name = estrdup("asn1_ellipsis"); - m->ellipsis = 1; - ASN1_TAILQ_INSERT_TAIL($1, m, members); - $$ = $1; - } - ; - -NamedType : IDENTIFIER Type - { - $$ = emalloc(sizeof(*$$)); - $$->name = $1; - $$->gen_name = estrdup($1); - output_name ($$->gen_name); - $$->type = $2; - $$->ellipsis = 0; - } - ; - -ComponentType : NamedType - { - $$ = $1; - $$->optional = 0; - $$->defval = NULL; - } - | NamedType kw_OPTIONAL - { - $$ = $1; - $$->optional = 1; - $$->defval = NULL; - } - | NamedType kw_DEFAULT Value - { - $$ = $1; - $$->optional = 0; - $$->defval = $3; - } - ; - -NamedBitList : NamedBit - { - $$ = emalloc(sizeof(*$$)); - ASN1_TAILQ_INIT($$); - ASN1_TAILQ_INSERT_HEAD($$, $1, members); - } - | NamedBitList ',' NamedBit - { - ASN1_TAILQ_INSERT_TAIL($1, $3, members); - $$ = $1; - } - ; - -NamedBit : IDENTIFIER '(' NUMBER ')' - { - $$ = emalloc(sizeof(*$$)); - $$->name = $1; - $$->gen_name = estrdup($1); - output_name ($$->gen_name); - $$->val = $3; - $$->optional = 0; - $$->ellipsis = 0; - $$->type = NULL; - } - ; - -objid_opt : objid - | /* empty */ { $$ = NULL; } - ; - -objid : '{' objid_list '}' - { - $$ = $2; - } - ; - -objid_list : /* empty */ - { - $$ = NULL; - } - | objid_element objid_list - { - if ($2) { - $$ = $2; - add_oid_to_tail($2, $1); - } else { - $$ = $1; - } - } - ; - -objid_element : IDENTIFIER '(' NUMBER ')' - { - $$ = new_objid($1, $3); - } - | IDENTIFIER - { - Symbol *s = addsym($1); - if(s->stype != SValue || - s->value->type != objectidentifiervalue) { - error_message("%s is not an object identifier\n", - s->name); - exit(1); - } - $$ = s->value->u.objectidentifiervalue; - } - | NUMBER - { - $$ = new_objid(NULL, $1); - } - ; - -Value : BuiltinValue - | ReferencedValue - ; - -BuiltinValue : BooleanValue - | CharacterStringValue - | IntegerValue - | ObjectIdentifierValue - | NullValue - ; - -ReferencedValue : DefinedValue - ; - -DefinedValue : Valuereference - ; - -Valuereference : IDENTIFIER - { - Symbol *s = addsym($1); - if(s->stype != SValue) - error_message ("%s is not a value\n", - s->name); - else - $$ = s->value; - } - ; - -CharacterStringValue: STRING - { - $$ = emalloc(sizeof(*$$)); - $$->type = stringvalue; - $$->u.stringvalue = $1; - } - ; - -BooleanValue : kw_TRUE - { - $$ = emalloc(sizeof(*$$)); - $$->type = booleanvalue; - $$->u.booleanvalue = 0; - } - | kw_FALSE - { - $$ = emalloc(sizeof(*$$)); - $$->type = booleanvalue; - $$->u.booleanvalue = 0; - } - ; - -IntegerValue : SignedNumber - { - $$ = emalloc(sizeof(*$$)); - $$->type = integervalue; - $$->u.integervalue = $1; - } - ; - -SignedNumber : NUMBER - ; - -NullValue : kw_NULL - { - } - ; - -ObjectIdentifierValue: objid - { - $$ = emalloc(sizeof(*$$)); - $$->type = objectidentifiervalue; - $$->u.objectidentifiervalue = $1; - } - ; - -%% - -void -yyerror (const char *s) -{ - error_message ("%s\n", s); -} - -static Type * -new_tag(int tagclass, int tagvalue, int tagenv, Type *oldtype) -{ - Type *t; - if(oldtype->type == TTag && oldtype->tag.tagenv == TE_IMPLICIT) { - t = oldtype; - oldtype = oldtype->subtype; /* XXX */ - } else - t = new_type (TTag); - - t->tag.tagclass = tagclass; - t->tag.tagvalue = tagvalue; - t->tag.tagenv = tagenv; - t->subtype = oldtype; - return t; -} - -static struct objid * -new_objid(const char *label, int value) -{ - struct objid *s; - s = emalloc(sizeof(*s)); - s->label = label; - s->value = value; - s->next = NULL; - return s; -} - -static void -add_oid_to_tail(struct objid *head, struct objid *tail) -{ - struct objid *o; - o = head; - while (o->next) - o = o->next; - o->next = tail; -} - -static Type * -new_type (Typetype tt) -{ - Type *t = ecalloc(1, sizeof(*t)); - t->type = tt; - return t; -} - -static struct constraint_spec * -new_constraint_spec(enum ctype ct) -{ - struct constraint_spec *c = ecalloc(1, sizeof(*c)); - c->ctype = ct; - return c; -} - -static void fix_labels2(Type *t, const char *prefix); -static void fix_labels1(struct memhead *members, const char *prefix) -{ - Member *m; - - if(members == NULL) - return; - ASN1_TAILQ_FOREACH(m, members, members) { - asprintf(&m->label, "%s_%s", prefix, m->gen_name); - if (m->label == NULL) - errx(1, "malloc"); - if(m->type != NULL) - fix_labels2(m->type, m->label); - } -} - -static void fix_labels2(Type *t, const char *prefix) -{ - for(; t; t = t->subtype) - fix_labels1(t->members, prefix); -} - -static void -fix_labels(Symbol *s) -{ - char *p; - asprintf(&p, "choice_%s", s->gen_name); - if (p == NULL) - errx(1, "malloc"); - fix_labels2(s->type, p); - free(p); -} diff --git a/crypto/heimdal/lib/asn1/pkcs12.asn1 b/crypto/heimdal/lib/asn1/pkcs12.asn1 deleted file mode 100644 index 37fe03e58e8a..000000000000 --- a/crypto/heimdal/lib/asn1/pkcs12.asn1 +++ /dev/null @@ -1,81 +0,0 @@ --- $Id: pkcs12.asn1 15715 2005-07-23 11:08:47Z lha $ -- - -PKCS12 DEFINITIONS ::= - -BEGIN - -IMPORTS ContentInfo FROM cms - DigestInfo FROM rfc2459 - heim_any, heim_any_set FROM heim; - --- The PFX PDU - -id-pkcs-12 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) - rsadsi(113549) pkcs(1) pkcs-12(12) } - -id-pkcs-12PbeIds OBJECT IDENTIFIER ::= { id-pkcs-12 1} -id-pbeWithSHAAnd128BitRC4 OBJECT IDENTIFIER ::= { id-pkcs-12PbeIds 1} -id-pbeWithSHAAnd40BitRC4 OBJECT IDENTIFIER ::= { id-pkcs-12PbeIds 2} -id-pbeWithSHAAnd3-KeyTripleDES-CBC OBJECT IDENTIFIER ::= { id-pkcs-12PbeIds 3} -id-pbeWithSHAAnd2-KeyTripleDES-CBC OBJECT IDENTIFIER ::= { id-pkcs-12PbeIds 4} -id-pbeWithSHAAnd128BitRC2-CBC OBJECT IDENTIFIER ::= { id-pkcs-12PbeIds 5} -id-pbewithSHAAnd40BitRC2-CBC OBJECT IDENTIFIER ::= { id-pkcs-12PbeIds 6} - -id-pkcs12-bagtypes OBJECT IDENTIFIER ::= { id-pkcs-12 10 1} - -id-pkcs12-keyBag OBJECT IDENTIFIER ::= { id-pkcs12-bagtypes 1 } -id-pkcs12-pkcs8ShroudedKeyBag OBJECT IDENTIFIER ::= { id-pkcs12-bagtypes 2 } -id-pkcs12-certBag OBJECT IDENTIFIER ::= { id-pkcs12-bagtypes 3 } -id-pkcs12-crlBag OBJECT IDENTIFIER ::= { id-pkcs12-bagtypes 4 } -id-pkcs12-secretBag OBJECT IDENTIFIER ::= { id-pkcs12-bagtypes 5 } -id-pkcs12-safeContentsBag OBJECT IDENTIFIER ::= { id-pkcs12-bagtypes 6 } - - -PKCS12-MacData ::= SEQUENCE { - mac DigestInfo, - macSalt OCTET STRING, - iterations INTEGER OPTIONAL -} - -PKCS12-PFX ::= SEQUENCE { - version INTEGER, - authSafe ContentInfo, - macData PKCS12-MacData OPTIONAL -} - -PKCS12-AuthenticatedSafe ::= SEQUENCE OF ContentInfo - -- Data if unencrypted - -- EncryptedData if password-encrypted - -- EnvelopedData if public key-encrypted - -PKCS12-Attribute ::= SEQUENCE { - attrId OBJECT IDENTIFIER, - attrValues -- SET OF -- heim_any_set -} - -PKCS12-Attributes ::= SET OF PKCS12-Attribute - -PKCS12-SafeBag ::= SEQUENCE { - bagId OBJECT IDENTIFIER, - bagValue [0] heim_any, - bagAttributes PKCS12-Attributes OPTIONAL -} - -PKCS12-SafeContents ::= SEQUENCE OF PKCS12-SafeBag - -PKCS12-CertBag ::= SEQUENCE { - certType OBJECT IDENTIFIER, - certValue [0] heim_any -} - -PKCS12-PBEParams ::= SEQUENCE { - salt OCTET STRING, - iterations INTEGER (0..4294967295) OPTIONAL -} - -PKCS12-OctetString ::= OCTET STRING - --- KeyBag ::= PrivateKeyInfo --- PKCS8ShroudedKeyBag ::= EncryptedPrivateKeyInfo - -END diff --git a/crypto/heimdal/lib/asn1/pkcs8.asn1 b/crypto/heimdal/lib/asn1/pkcs8.asn1 deleted file mode 100644 index 911e727c7085..000000000000 --- a/crypto/heimdal/lib/asn1/pkcs8.asn1 +++ /dev/null @@ -1,30 +0,0 @@ --- $Id: pkcs8.asn1 16060 2005-09-13 19:41:29Z lha $ -- - -PKCS8 DEFINITIONS ::= - -BEGIN - -IMPORTS Attribute, AlgorithmIdentifier FROM rfc2459 - heim_any, heim_any_set FROM heim; - -PKCS8PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier - -PKCS8PrivateKey ::= OCTET STRING - -PKCS8Attributes ::= SET OF Attribute - -PKCS8PrivateKeyInfo ::= SEQUENCE { - version INTEGER, - privateKeyAlgorithm PKCS8PrivateKeyAlgorithmIdentifier, - privateKey PKCS8PrivateKey, - attributes [0] IMPLICIT SET OF Attribute OPTIONAL -} - -PKCS8EncryptedData ::= OCTET STRING - -PKCS8EncryptedPrivateKeyInfo ::= SEQUENCE { - encryptionAlgorithm AlgorithmIdentifier, - encryptedData PKCS8EncryptedData -} - -END diff --git a/crypto/heimdal/lib/asn1/pkcs9.asn1 b/crypto/heimdal/lib/asn1/pkcs9.asn1 deleted file mode 100644 index d985e91f3c03..000000000000 --- a/crypto/heimdal/lib/asn1/pkcs9.asn1 +++ /dev/null @@ -1,28 +0,0 @@ --- $Id: pkcs9.asn1 17202 2006-04-24 08:59:10Z lha $ -- - -PKCS9 DEFINITIONS ::= - -BEGIN - --- The PFX PDU - -id-pkcs-9 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) - rsadsi(113549) pkcs(1) pkcs-9(9) } - -id-pkcs9-emailAddress OBJECT IDENTIFIER ::= {id-pkcs-9 1 } -id-pkcs9-contentType OBJECT IDENTIFIER ::= {id-pkcs-9 3 } -id-pkcs9-messageDigest OBJECT IDENTIFIER ::= {id-pkcs-9 4 } -id-pkcs9-signingTime OBJECT IDENTIFIER ::= {id-pkcs-9 5 } -id-pkcs9-countersignature OBJECT IDENTIFIER ::= {id-pkcs-9 6 } - -id-pkcs-9-at-friendlyName OBJECT IDENTIFIER ::= {id-pkcs-9 20} -id-pkcs-9-at-localKeyId OBJECT IDENTIFIER ::= {id-pkcs-9 21} -id-pkcs-9-at-certTypes OBJECT IDENTIFIER ::= {id-pkcs-9 22} -id-pkcs-9-at-certTypes-x509 OBJECT IDENTIFIER ::= {id-pkcs-9-at-certTypes 1} - -PKCS9-BMPString ::= BMPString - -PKCS9-friendlyName ::= SET OF PKCS9-BMPString - -END - diff --git a/crypto/heimdal/lib/asn1/pkinit.asn1 b/crypto/heimdal/lib/asn1/pkinit.asn1 deleted file mode 100644 index 989b26581b3a..000000000000 --- a/crypto/heimdal/lib/asn1/pkinit.asn1 +++ /dev/null @@ -1,182 +0,0 @@ --- $Id$ -- - -PKINIT DEFINITIONS ::= BEGIN - -IMPORTS EncryptionKey, PrincipalName, Realm, KerberosTime, Checksum, Ticket FROM krb5 - IssuerAndSerialNumber, ContentInfo FROM cms - SubjectPublicKeyInfo, AlgorithmIdentifier FROM rfc2459 - heim_any FROM heim; - -id-pkinit OBJECT IDENTIFIER ::= - { iso (1) org (3) dod (6) internet (1) security (5) - kerberosv5 (2) pkinit (3) } - -id-pkauthdata OBJECT IDENTIFIER ::= { id-pkinit 1 } -id-pkdhkeydata OBJECT IDENTIFIER ::= { id-pkinit 2 } -id-pkrkeydata OBJECT IDENTIFIER ::= { id-pkinit 3 } -id-pkekuoid OBJECT IDENTIFIER ::= { id-pkinit 4 } -id-pkkdcekuoid OBJECT IDENTIFIER ::= { id-pkinit 5 } - -id-pkinit-san OBJECT IDENTIFIER ::= - { iso(1) org(3) dod(6) internet(1) security(5) kerberosv5(2) - x509-sanan(2) } - -id-pkinit-ms-eku OBJECT IDENTIFIER ::= - { iso(1) org(3) dod(6) internet(1) private(4) - enterprise(1) microsoft(311) 20 2 2 } - -id-pkinit-ms-san OBJECT IDENTIFIER ::= - { iso(1) org(3) dod(6) internet(1) private(4) - enterprise(1) microsoft(311) 20 2 3 } - -MS-UPN-SAN ::= UTF8String - -pa-pk-as-req INTEGER ::= 16 -pa-pk-as-rep INTEGER ::= 17 - -td-trusted-certifiers INTEGER ::= 104 -td-invalid-certificates INTEGER ::= 105 -td-dh-parameters INTEGER ::= 109 - -DHNonce ::= OCTET STRING - -KDFAlgorithmId ::= SEQUENCE { - kdf-id [0] OBJECT IDENTIFIER, - ... -} - -TrustedCA ::= SEQUENCE { - caName [0] IMPLICIT OCTET STRING, - certificateSerialNumber [1] INTEGER OPTIONAL, - subjectKeyIdentifier [2] OCTET STRING OPTIONAL, - ... -} - -ExternalPrincipalIdentifier ::= SEQUENCE { - subjectName [0] IMPLICIT OCTET STRING OPTIONAL, - issuerAndSerialNumber [1] IMPLICIT OCTET STRING OPTIONAL, - subjectKeyIdentifier [2] IMPLICIT OCTET STRING OPTIONAL, - ... -} - -ExternalPrincipalIdentifiers ::= SEQUENCE OF ExternalPrincipalIdentifier - -PA-PK-AS-REQ ::= SEQUENCE { - signedAuthPack [0] IMPLICIT OCTET STRING, - trustedCertifiers [1] ExternalPrincipalIdentifiers OPTIONAL, - kdcPkId [2] IMPLICIT OCTET STRING OPTIONAL, - ... -} - -PKAuthenticator ::= SEQUENCE { - cusec [0] INTEGER -- (0..999999) --, - ctime [1] KerberosTime, - nonce [2] INTEGER (0..4294967295), - paChecksum [3] OCTET STRING OPTIONAL, - ... -} - -AuthPack ::= SEQUENCE { - pkAuthenticator [0] PKAuthenticator, - clientPublicValue [1] SubjectPublicKeyInfo OPTIONAL, - supportedCMSTypes [2] SEQUENCE OF AlgorithmIdentifier OPTIONAL, - clientDHNonce [3] DHNonce OPTIONAL, - ..., - supportedKDFs [4] SEQUENCE OF KDFAlgorithmId OPTIONAL, - ... -} - -TD-TRUSTED-CERTIFIERS ::= ExternalPrincipalIdentifiers -TD-INVALID-CERTIFICATES ::= ExternalPrincipalIdentifiers - -KRB5PrincipalName ::= SEQUENCE { - realm [0] Realm, - principalName [1] PrincipalName -} - -AD-INITIAL-VERIFIED-CAS ::= SEQUENCE OF ExternalPrincipalIdentifier - -DHRepInfo ::= SEQUENCE { - dhSignedData [0] IMPLICIT OCTET STRING, - serverDHNonce [1] DHNonce OPTIONAL, - ..., - kdf [2] KDFAlgorithmId OPTIONAL, - ... -} - -PA-PK-AS-REP ::= CHOICE { - dhInfo [0] DHRepInfo, - encKeyPack [1] IMPLICIT OCTET STRING, - ... -} - -KDCDHKeyInfo ::= SEQUENCE { - subjectPublicKey [0] BIT STRING, - nonce [1] INTEGER (0..4294967295), - dhKeyExpiration [2] KerberosTime OPTIONAL, - ... -} - -ReplyKeyPack ::= SEQUENCE { - replyKey [0] EncryptionKey, - asChecksum [1] Checksum, - ... -} - -TD-DH-PARAMETERS ::= SEQUENCE OF AlgorithmIdentifier - - --- Windows compat glue -- - -PKAuthenticator-Win2k ::= SEQUENCE { - kdcName [0] PrincipalName, - kdcRealm [1] Realm, - cusec [2] INTEGER (0..4294967295), - ctime [3] KerberosTime, - nonce [4] INTEGER (-2147483648..2147483647) -} - -AuthPack-Win2k ::= SEQUENCE { - pkAuthenticator [0] PKAuthenticator-Win2k, - clientPublicValue [1] SubjectPublicKeyInfo OPTIONAL -} - - -TrustedCA-Win2k ::= CHOICE { - caName [1] heim_any, - issuerAndSerial [2] IssuerAndSerialNumber -} - -PA-PK-AS-REQ-Win2k ::= SEQUENCE { - signed-auth-pack [0] IMPLICIT OCTET STRING, - trusted-certifiers [2] SEQUENCE OF TrustedCA-Win2k OPTIONAL, - kdc-cert [3] IMPLICIT OCTET STRING OPTIONAL, - encryption-cert [4] IMPLICIT OCTET STRING OPTIONAL -} - -PA-PK-AS-REP-Win2k ::= CHOICE { - dhSignedData [0] IMPLICIT OCTET STRING, - encKeyPack [1] IMPLICIT OCTET STRING -} - - -KDCDHKeyInfo-Win2k ::= SEQUENCE { - nonce [0] INTEGER (-2147483648..2147483647), - subjectPublicKey [2] BIT STRING -} - -ReplyKeyPack-Win2k ::= SEQUENCE { - replyKey [0] EncryptionKey, - nonce [1] INTEGER (-2147483648..2147483647), - ... -} - -PkinitSuppPubInfo ::= SEQUENCE { - enctype [0] INTEGER (-2147483648..2147483647), - as-REQ [1] OCTET STRING, - pk-as-rep [2] OCTET STRING, - ticket [3] Ticket, - ... -} - -END diff --git a/crypto/heimdal/lib/asn1/rfc2459.asn1 b/crypto/heimdal/lib/asn1/rfc2459.asn1 deleted file mode 100644 index 8e24f0740b8a..000000000000 --- a/crypto/heimdal/lib/asn1/rfc2459.asn1 +++ /dev/null @@ -1,506 +0,0 @@ --- $Id$ -- --- Definitions from rfc2459/rfc3280 - -RFC2459 DEFINITIONS ::= BEGIN - -IMPORTS heim_any FROM heim; - -Version ::= INTEGER { - rfc3280_version_1(0), - rfc3280_version_2(1), - rfc3280_version_3(2) -} - -id-pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) - rsadsi(113549) pkcs(1) 1 } -id-pkcs1-rsaEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 1 } -id-pkcs1-md2WithRSAEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 2 } -id-pkcs1-md5WithRSAEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 4 } -id-pkcs1-sha1WithRSAEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 5 } -id-pkcs1-sha256WithRSAEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 11 } -id-pkcs1-sha384WithRSAEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 12 } -id-pkcs1-sha512WithRSAEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 13 } - -id-heim-rsa-pkcs1-x509 OBJECT IDENTIFIER ::= { 1 2 752 43 16 1 } - -id-pkcs-2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) - rsadsi(113549) pkcs(1) 2 } -id-pkcs2-md2 OBJECT IDENTIFIER ::= { id-pkcs-2 2 } -id-pkcs2-md4 OBJECT IDENTIFIER ::= { id-pkcs-2 4 } -id-pkcs2-md5 OBJECT IDENTIFIER ::= { id-pkcs-2 5 } - -id-rsa-digestAlgorithm OBJECT IDENTIFIER ::= -{ iso(1) member-body(2) us(840) rsadsi(113549) 2 } - -id-rsa-digest-md2 OBJECT IDENTIFIER ::= { id-rsa-digestAlgorithm 2 } -id-rsa-digest-md4 OBJECT IDENTIFIER ::= { id-rsa-digestAlgorithm 4 } -id-rsa-digest-md5 OBJECT IDENTIFIER ::= { id-rsa-digestAlgorithm 5 } - -id-pkcs-3 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) - rsadsi(113549) pkcs(1) 3 } - -id-pkcs3-rc2-cbc OBJECT IDENTIFIER ::= { id-pkcs-3 2 } -id-pkcs3-rc4 OBJECT IDENTIFIER ::= { id-pkcs-3 4 } -id-pkcs3-des-ede3-cbc OBJECT IDENTIFIER ::= { id-pkcs-3 7 } - -id-rsadsi-encalg OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) - rsadsi(113549) 3 } - -id-rsadsi-rc2-cbc OBJECT IDENTIFIER ::= { id-rsadsi-encalg 2 } -id-rsadsi-des-ede3-cbc OBJECT IDENTIFIER ::= { id-rsadsi-encalg 7 } - -id-secsig-sha-1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) - oiw(14) secsig(3) algorithm(2) 26 } - -id-nistAlgorithm OBJECT IDENTIFIER ::= { - joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) 4 } - -id-nist-aes-algs OBJECT IDENTIFIER ::= { id-nistAlgorithm 1 } - -id-aes-128-cbc OBJECT IDENTIFIER ::= { id-nist-aes-algs 2 } -id-aes-192-cbc OBJECT IDENTIFIER ::= { id-nist-aes-algs 22 } -id-aes-256-cbc OBJECT IDENTIFIER ::= { id-nist-aes-algs 42 } - -id-nist-sha-algs OBJECT IDENTIFIER ::= { id-nistAlgorithm 2 } - -id-sha256 OBJECT IDENTIFIER ::= { id-nist-sha-algs 1 } -id-sha224 OBJECT IDENTIFIER ::= { id-nist-sha-algs 4 } -id-sha384 OBJECT IDENTIFIER ::= { id-nist-sha-algs 2 } -id-sha512 OBJECT IDENTIFIER ::= { id-nist-sha-algs 3 } - -id-dhpublicnumber OBJECT IDENTIFIER ::= { - iso(1) member-body(2) us(840) ansi-x942(10046) - number-type(2) 1 } - -id-x9-57 OBJECT IDENTIFIER ::= { - iso(1) member-body(2) us(840) ansi-x942(10046) - 4 } - -id-dsa OBJECT IDENTIFIER ::= { id-x9-57 1 } -id-dsa-with-sha1 OBJECT IDENTIFIER ::= { id-x9-57 3 } - --- x.520 names types - -id-x520-at OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) ds(5) 4 } - -id-at-commonName OBJECT IDENTIFIER ::= { id-x520-at 3 } -id-at-surname OBJECT IDENTIFIER ::= { id-x520-at 4 } -id-at-serialNumber OBJECT IDENTIFIER ::= { id-x520-at 5 } -id-at-countryName OBJECT IDENTIFIER ::= { id-x520-at 6 } -id-at-localityName OBJECT IDENTIFIER ::= { id-x520-at 7 } -id-at-stateOrProvinceName OBJECT IDENTIFIER ::= { id-x520-at 8 } -id-at-streetAddress OBJECT IDENTIFIER ::= { id-x520-at 9 } -id-at-organizationName OBJECT IDENTIFIER ::= { id-x520-at 10 } -id-at-organizationalUnitName OBJECT IDENTIFIER ::= { id-x520-at 11 } -id-at-name OBJECT IDENTIFIER ::= { id-x520-at 41 } -id-at-givenName OBJECT IDENTIFIER ::= { id-x520-at 42 } -id-at-initials OBJECT IDENTIFIER ::= { id-x520-at 43 } -id-at-generationQualifier OBJECT IDENTIFIER ::= { id-x520-at 44 } -id-at-pseudonym OBJECT IDENTIFIER ::= { id-x520-at 65 } --- RFC 2247 -id-Userid OBJECT IDENTIFIER ::= - { 0 9 2342 19200300 100 1 1 } -id-domainComponent OBJECT IDENTIFIER ::= - { 0 9 2342 19200300 100 1 25 } - - --- rfc3280 - -id-x509-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29} - -AlgorithmIdentifier ::= SEQUENCE { - algorithm OBJECT IDENTIFIER, - parameters heim_any OPTIONAL -} - -AttributeType ::= OBJECT IDENTIFIER - -AttributeValue ::= heim_any - -TeletexStringx ::= [UNIVERSAL 20] IMPLICIT OCTET STRING - -DirectoryString ::= CHOICE { - ia5String IA5String, - teletexString TeletexStringx, - printableString PrintableString, - universalString UniversalString, - utf8String UTF8String, - bmpString BMPString -} - -Attribute ::= SEQUENCE { - type AttributeType, - value SET OF -- AttributeValue -- heim_any -} - -AttributeTypeAndValue ::= SEQUENCE { - type AttributeType, - value DirectoryString -} - -RelativeDistinguishedName ::= SET OF AttributeTypeAndValue - -RDNSequence ::= SEQUENCE OF RelativeDistinguishedName - -Name ::= CHOICE { - rdnSequence RDNSequence -} - -CertificateSerialNumber ::= INTEGER - -Time ::= CHOICE { - utcTime UTCTime, - generalTime GeneralizedTime -} - -Validity ::= SEQUENCE { - notBefore Time, - notAfter Time -} - -UniqueIdentifier ::= BIT STRING - -SubjectPublicKeyInfo ::= SEQUENCE { - algorithm AlgorithmIdentifier, - subjectPublicKey BIT STRING -} - -Extension ::= SEQUENCE { - extnID OBJECT IDENTIFIER, - critical BOOLEAN OPTIONAL, -- DEFAULT FALSE XXX - extnValue OCTET STRING -} - -Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension - -TBSCertificate ::= SEQUENCE { - version [0] Version OPTIONAL, -- EXPLICIT nnn DEFAULT 1, - serialNumber CertificateSerialNumber, - signature AlgorithmIdentifier, - issuer Name, - validity Validity, - subject Name, - subjectPublicKeyInfo SubjectPublicKeyInfo, - issuerUniqueID [1] IMPLICIT BIT STRING -- UniqueIdentifier -- OPTIONAL, - -- If present, version shall be v2 or v3 - subjectUniqueID [2] IMPLICIT BIT STRING -- UniqueIdentifier -- OPTIONAL, - -- If present, version shall be v2 or v3 - extensions [3] EXPLICIT Extensions OPTIONAL - -- If present, version shall be v3 -} - -Certificate ::= SEQUENCE { - tbsCertificate TBSCertificate, - signatureAlgorithm AlgorithmIdentifier, - signatureValue BIT STRING -} - -Certificates ::= SEQUENCE OF Certificate - -ValidationParms ::= SEQUENCE { - seed BIT STRING, - pgenCounter INTEGER -} - -DomainParameters ::= SEQUENCE { - p INTEGER, -- odd prime, p=jq +1 - g INTEGER, -- generator, g - q INTEGER, -- factor of p-1 - j INTEGER OPTIONAL, -- subgroup factor - validationParms ValidationParms OPTIONAL -- ValidationParms -} - -DHPublicKey ::= INTEGER - -OtherName ::= SEQUENCE { - type-id OBJECT IDENTIFIER, - value [0] EXPLICIT heim_any -} - -GeneralName ::= CHOICE { - otherName [0] IMPLICIT -- OtherName -- SEQUENCE { - type-id OBJECT IDENTIFIER, - value [0] EXPLICIT heim_any - }, - rfc822Name [1] IMPLICIT IA5String, - dNSName [2] IMPLICIT IA5String, --- x400Address [3] IMPLICIT ORAddress,-- - directoryName [4] IMPLICIT -- Name -- CHOICE { - rdnSequence RDNSequence - }, --- ediPartyName [5] IMPLICIT EDIPartyName, -- - uniformResourceIdentifier [6] IMPLICIT IA5String, - iPAddress [7] IMPLICIT OCTET STRING, - registeredID [8] IMPLICIT OBJECT IDENTIFIER -} - -GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName - -id-x509-ce-keyUsage OBJECT IDENTIFIER ::= { id-x509-ce 15 } - -KeyUsage ::= BIT STRING { - digitalSignature (0), - nonRepudiation (1), - keyEncipherment (2), - dataEncipherment (3), - keyAgreement (4), - keyCertSign (5), - cRLSign (6), - encipherOnly (7), - decipherOnly (8) -} - -id-x509-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-x509-ce 35 } - -KeyIdentifier ::= OCTET STRING - -AuthorityKeyIdentifier ::= SEQUENCE { - keyIdentifier [0] IMPLICIT OCTET STRING OPTIONAL, - authorityCertIssuer [1] IMPLICIT -- GeneralName -- - SEQUENCE -- SIZE (1..MAX) -- OF GeneralName OPTIONAL, - authorityCertSerialNumber [2] IMPLICIT INTEGER OPTIONAL -} - -id-x509-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-x509-ce 14 } - -SubjectKeyIdentifier ::= KeyIdentifier - -id-x509-ce-basicConstraints OBJECT IDENTIFIER ::= { id-x509-ce 19 } - -BasicConstraints ::= SEQUENCE { - cA BOOLEAN OPTIONAL -- DEFAULT FALSE --, - pathLenConstraint INTEGER (0..4294967295) OPTIONAL -} - -id-x509-ce-nameConstraints OBJECT IDENTIFIER ::= { id-x509-ce 30 } - -BaseDistance ::= INTEGER -- (0..MAX) -- - -GeneralSubtree ::= SEQUENCE { - base GeneralName, - minimum [0] IMPLICIT -- BaseDistance -- INTEGER OPTIONAL -- DEFAULT 0 --, - maximum [1] IMPLICIT -- BaseDistance -- INTEGER OPTIONAL -} - -GeneralSubtrees ::= SEQUENCE -- SIZE (1..MAX) -- OF GeneralSubtree - -NameConstraints ::= SEQUENCE { - permittedSubtrees [0] IMPLICIT -- GeneralSubtrees -- SEQUENCE OF GeneralSubtree OPTIONAL, - excludedSubtrees [1] IMPLICIT -- GeneralSubtrees -- SEQUENCE OF GeneralSubtree OPTIONAL -} - -id-x509-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= { id-x509-ce 16 } -id-x509-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-x509-ce 32 } -id-x509-ce-policyMappings OBJECT IDENTIFIER ::= { id-x509-ce 33 } -id-x509-ce-subjectAltName OBJECT IDENTIFIER ::= { id-x509-ce 17 } -id-x509-ce-issuerAltName OBJECT IDENTIFIER ::= { id-x509-ce 18 } -id-x509-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-x509-ce 9 } -id-x509-ce-policyConstraints OBJECT IDENTIFIER ::= { id-x509-ce 36 } - -id-x509-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-x509-ce 37} - -ExtKeyUsage ::= SEQUENCE OF OBJECT IDENTIFIER - -id-x509-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= { id-x509-ce 31 } -id-x509-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= { id-x509-ce 27 } -id-x509-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= { id-x509-ce 28 } -id-x509-ce-holdInstructionCode OBJECT IDENTIFIER ::= { id-x509-ce 23 } -id-x509-ce-invalidityDate OBJECT IDENTIFIER ::= { id-x509-ce 24 } -id-x509-ce-certificateIssuer OBJECT IDENTIFIER ::= { id-x509-ce 29 } -id-x509-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-x509-ce 54 } - -DistributionPointReasonFlags ::= BIT STRING { - unused (0), - keyCompromise (1), - cACompromise (2), - affiliationChanged (3), - superseded (4), - cessationOfOperation (5), - certificateHold (6), - privilegeWithdrawn (7), - aACompromise (8) -} - -DistributionPointName ::= CHOICE { - fullName [0] IMPLICIT -- GeneralNames -- SEQUENCE SIZE (1..MAX) OF GeneralName, - nameRelativeToCRLIssuer [1] RelativeDistinguishedName -} - -DistributionPoint ::= SEQUENCE { - distributionPoint [0] IMPLICIT heim_any -- DistributionPointName -- OPTIONAL, - reasons [1] IMPLICIT heim_any -- DistributionPointReasonFlags -- OPTIONAL, - cRLIssuer [2] IMPLICIT heim_any -- GeneralNames -- OPTIONAL -} - -CRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint - - --- rfc3279 - -DSASigValue ::= SEQUENCE { - r INTEGER, - s INTEGER -} - -DSAPublicKey ::= INTEGER - -DSAParams ::= SEQUENCE { - p INTEGER, - q INTEGER, - g INTEGER -} - --- really pkcs1 - -RSAPublicKey ::= SEQUENCE { - modulus INTEGER, -- n - publicExponent INTEGER -- e -} - -RSAPrivateKey ::= SEQUENCE { - version INTEGER (0..4294967295), - modulus INTEGER, -- n - publicExponent INTEGER, -- e - privateExponent INTEGER, -- d - prime1 INTEGER, -- p - prime2 INTEGER, -- q - exponent1 INTEGER, -- d mod (p-1) - exponent2 INTEGER, -- d mod (q-1) - coefficient INTEGER -- (inverse of q) mod p -} - -DigestInfo ::= SEQUENCE { - digestAlgorithm AlgorithmIdentifier, - digest OCTET STRING -} - --- some ms ext - --- szOID_ENROLL_CERTTYPE_EXTENSION "1.3.6.1.4.1.311.20.2" is Encoded as a - --- UNICODESTRING (0x1E tag) - --- szOID_CERTIFICATE_TEMPLATE "1.3.6.1.4.1.311.21.7" is Encoded as: - --- TemplateVersion ::= INTEGER (0..4294967295) - --- CertificateTemplate ::= SEQUENCE { --- templateID OBJECT IDENTIFIER, --- templateMajorVersion TemplateVersion, --- templateMinorVersion TemplateVersion OPTIONAL --- } - - --- --- CRL --- - -TBSCRLCertList ::= SEQUENCE { - version Version OPTIONAL, -- if present, MUST be v2 - signature AlgorithmIdentifier, - issuer Name, - thisUpdate Time, - nextUpdate Time OPTIONAL, - revokedCertificates SEQUENCE OF SEQUENCE { - userCertificate CertificateSerialNumber, - revocationDate Time, - crlEntryExtensions Extensions OPTIONAL - -- if present, MUST be v2 - } OPTIONAL, - crlExtensions [0] EXPLICIT Extensions OPTIONAL - -- if present, MUST be v2 -} - - -CRLCertificateList ::= SEQUENCE { - tbsCertList TBSCRLCertList, - signatureAlgorithm AlgorithmIdentifier, - signatureValue BIT STRING -} - -id-x509-ce-cRLNumber OBJECT IDENTIFIER ::= { id-x509-ce 20 } -id-x509-ce-freshestCRL OBJECT IDENTIFIER ::= { id-x509-ce 46 } -id-x509-ce-cRLReason OBJECT IDENTIFIER ::= { id-x509-ce 21 } - -CRLReason ::= ENUMERATED { - unspecified (0), - keyCompromise (1), - cACompromise (2), - affiliationChanged (3), - superseded (4), - cessationOfOperation (5), - certificateHold (6), - removeFromCRL (8), - privilegeWithdrawn (9), - aACompromise (10) -} - -PKIXXmppAddr ::= UTF8String - -id-pkix OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) - dod(6) internet(1) security(5) mechanisms(5) pkix(7) } - -id-pkix-on OBJECT IDENTIFIER ::= { id-pkix 8 } -id-pkix-on-xmppAddr OBJECT IDENTIFIER ::= { id-pkix-on 5 } -id-pkix-on-dnsSRV OBJECT IDENTIFIER ::= { id-pkix-on 7 } - -id-pkix-kp OBJECT IDENTIFIER ::= { id-pkix 3 } -id-pkix-kp-serverAuth OBJECT IDENTIFIER ::= { id-pkix-kp 1 } -id-pkix-kp-clientAuth OBJECT IDENTIFIER ::= { id-pkix-kp 2 } -id-pkix-kp-emailProtection OBJECT IDENTIFIER ::= { id-pkix-kp 4 } -id-pkix-kp-timeStamping OBJECT IDENTIFIER ::= { id-pkix-kp 8 } -id-pkix-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-pkix-kp 9 } - -id-pkix-pe OBJECT IDENTIFIER ::= { id-pkix 1 } - -id-pkix-pe-authorityInfoAccess OBJECT IDENTIFIER ::= { id-pkix-pe 1 } - -AccessDescription ::= SEQUENCE { - accessMethod OBJECT IDENTIFIER, - accessLocation GeneralName -} - -AuthorityInfoAccessSyntax ::= SEQUENCE SIZE (1..MAX) OF AccessDescription - --- RFC 3820 Proxy Certificate Profile - -id-pkix-pe-proxyCertInfo OBJECT IDENTIFIER ::= { id-pkix-pe 14 } - -id-pkix-ppl OBJECT IDENTIFIER ::= { id-pkix 21 } - -id-pkix-ppl-anyLanguage OBJECT IDENTIFIER ::= { id-pkix-ppl 0 } -id-pkix-ppl-inheritAll OBJECT IDENTIFIER ::= { id-pkix-ppl 1 } -id-pkix-ppl-independent OBJECT IDENTIFIER ::= { id-pkix-ppl 2 } - -ProxyPolicy ::= SEQUENCE { - policyLanguage OBJECT IDENTIFIER, - policy OCTET STRING OPTIONAL -} - -ProxyCertInfo ::= SEQUENCE { - pCPathLenConstraint INTEGER (0..4294967295) OPTIONAL, -- really MAX - proxyPolicy ProxyPolicy -} - ---- U.S. Federal PKI Common Policy Framework --- Card Authentication key -id-uspkicommon-card-id OBJECT IDENTIFIER ::= { 2 16 840 1 101 3 6 6 } -id-uspkicommon-piv-interim OBJECT IDENTIFIER ::= { 2 16 840 1 101 3 6 9 1 } - ---- Netscape extentions - -id-netscape OBJECT IDENTIFIER ::= - { joint-iso-itu-t(2) country(16) us(840) organization(1) netscape(113730) } -id-netscape-cert-comment OBJECT IDENTIFIER ::= { id-netscape 1 13 } - ---- MS extentions - -id-ms-cert-enroll-domaincontroller OBJECT IDENTIFIER ::= - { 1 3 6 1 4 1 311 20 2 } - -id-ms-client-authentication OBJECT IDENTIFIER ::= - { 1 3 6 1 5 5 7 3 2 } - --- DER:1e:20:00:44:00:6f:00:6d:00:61:00:69:00:6e:00:43:00:6f:00:6e:00:74:00:72:00:6f:00:6c:00:6c:00:65:00:72 - -END diff --git a/crypto/heimdal/lib/asn1/setchgpw2.asn1 b/crypto/heimdal/lib/asn1/setchgpw2.asn1 deleted file mode 100644 index 7db385423383..000000000000 --- a/crypto/heimdal/lib/asn1/setchgpw2.asn1 +++ /dev/null @@ -1,193 +0,0 @@ --- $Id: setchgpw2.asn1 18010 2006-09-05 12:31:59Z lha $ - -SETCHGPW2 DEFINITIONS ::= -BEGIN - -IMPORTS PrincipalName, Realm, ENCTYPE FROM krb5; - -ProtocolErrorCode ::= ENUMERATED { - generic-error(0), - unsupported-major-version(1), - unsupported-minor-version(2), - unsupported-operation(3), - authorization-failed(4), - initial-ticket-required(5), - target-principal-unknown(6), - ... -} - -Key ::= SEQUENCE { - enc-type[0] INTEGER, - key[1] OCTET STRING, - ... -} - -Language-Tag ::= UTF8String -- Constrained by RFC3066 - -LangTaggedText ::= SEQUENCE { - language[0] Language-Tag OPTIONAL, - text[1] UTF8String, - ... -} - --- NULL Op - -Req-null ::= NULL -Rep-null ::= NULL -Err-null ::= NULL - --- Change password -Req-change-pw ::= SEQUENCE { - old-pw[0] UTF8String, - new-pw[1] UTF8String OPTIONAL, - etypes[2] SEQUENCE OF ENCTYPE OPTIONAL, - ... -} - -Rep-change-pw ::= SEQUENCE { - info-text[0] UTF8String OPTIONAL, - new-pw[1] UTF8String OPTIONAL, - etypes[2] SEQUENCE OF ENCTYPE OPTIONAL -} - -Err-change-pw ::= SEQUENCE { - help-text[0] UTF8String OPTIONAL, - code[1] ENUMERATED { - generic(0), - wont-generate-new-pw(1), - old-pw-incorrect(2), - new-pw-rejected-geneneric(3), - pw-change-too-short(4), - ... - }, - suggested-new-pw[2] UTF8String OPTIONAL, - ... -} - --- Change/Set keys -Req-set-keys ::= SEQUENCE { - etypes[0] SEQUENCE OF ENCTYPE, - entropy[1] OCTET STRING, - ... -} - -Rep-set-keys ::= SEQUENCE { - info-text[0] UTF8String OPTIONAL, - kvno[1] INTEGER, - keys[2] SEQUENCE OF Key, - aliases[3] SEQUENCE OF SEQUENCE { - name[0] PrincipalName, - realm[1] Realm OPTIONAL, - ... - }, - ... -} - -Err-set-keys ::= SEQUENCE { - help-text[0] UTF8String OPTIONAL, - enctypes[1] SEQUENCE OF ENCTYPE OPTIONAL, - code[1] ENUMERATED { - etype-no-support(0), - ... - }, - ... -} - --- Get password policy -Req-get-pw-policy ::= NULL - -Rep-get-pw-policy ::= SEQUENCE { - help-text[0] UTF8String OPTIONAL, - policy-name[1] UTF8String OPTIONAL, - description[2] UTF8String OPTIONAL, - ... -} - -Err-get-pw-policy ::= NULL - --- Get principal aliases -Req-get-princ-aliases ::= NULL - -Rep-get-princ-aliases ::= SEQUENCE { - help-text[0] UTF8String OPTIONAL, - aliases[1] SEQUENCE OF SEQUENCE { - name[0] PrincipalName, - realm[1] Realm OPTIONAL, - ... - } OPTIONAL, - ... -} - -Err-get-princ-aliases ::= NULL - --- Get list of encryption types supported by KDC for new types -Req-get-supported-etypes ::= NULL - -Rep-get-supported-etypes ::= SEQUENCE OF ENCTYPE - -Err-get-supported-etypes ::= NULL - --- Choice switch - -Op-req ::= CHOICE { - null[0] Req-null, - change-pw[1] Req-change-pw, - set-keys[2] Req-set-keys, - get-pw-policy[3] Req-get-pw-policy, - get-princ-aliases[4] Req-get-princ-aliases, - get-supported-etypes[5] Req-get-supported-etypes, - ... -} - -Op-rep ::= CHOICE { - null[0] Rep-null, - change-pw[1] Rep-change-pw, - set-keys[2] Rep-set-keys, - get-pw-policy[3] Rep-get-pw-policy, - get-princ-aliases[4] Rep-get-princ-aliases, - get-supported-etypes[5] Rep-get-supported-etypes, - ... -} - -Op-error ::= CHOICE { - null[0] Err-null, - change-pw[1] Err-change-pw, - set-keys[2] Err-set-keys, - get-pw-policy[3] Err-get-pw-policy, - get-princ-aliases[4] Err-get-princ-aliases, - get-supported-etypes[5] Err-get-supported-etypes, - ... -} - - -Request ::= [ APPLICATION 0 ] SEQUENCE { - pvno-major[0] INTEGER DEFAULT 2, - pvno-minor[1] INTEGER DEFAULT 0, - languages[2] SEQUENCE OF Language-Tag OPTIONAL, - targ-name[3] PrincipalName OPTIONAL, - targ-realm[4] Realm OPTIONAL, - operation[5] Op-Req, - ... -} - -Response ::= [ APPLICATION 1 ] SEQUENCE { - pvno-major[0] INTEGER DEFAULT 2, - pvno-minor[1] INTEGER DEFAULT 0, - language[2] Language-Tag DEFAULT "i-default", - result[3] Op-rep OPTIONAL, - ... -} - -Error-Response ::= [ APPLICATION 2 ] SEQUENCE { - pvno-major[0] INTEGER DEFAULT 2, - pvno-minor[1] INTEGER DEFAULT 0, - language[2] Language-Tag DEFAULT "i-default", - error-code[3] ProtocolErrorCode, - help-text[4] UTF8String OPTIONAL, - op-error[5] Op-error OP-ERROR, - ... -} - -END - --- etags -r '/\([A-Za-z][-A-Za-z0-9]*\).*::=/\1/' setchgpw2.asn1 diff --git a/crypto/heimdal/lib/asn1/symbol.c b/crypto/heimdal/lib/asn1/symbol.c deleted file mode 100644 index 9407915c19b7..000000000000 --- a/crypto/heimdal/lib/asn1/symbol.c +++ /dev/null @@ -1,110 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gen_locl.h" -#include "lex.h" - -RCSID("$Id: symbol.c 15617 2005-07-12 06:27:42Z lha $"); - -static Hashtab *htab; - -static int -cmp(void *a, void *b) -{ - Symbol *s1 = (Symbol *) a; - Symbol *s2 = (Symbol *) b; - - return strcmp(s1->name, s2->name); -} - -static unsigned -hash(void *a) -{ - Symbol *s = (Symbol *) a; - - return hashjpw(s->name); -} - -void -initsym(void) -{ - htab = hashtabnew(101, cmp, hash); -} - - -void -output_name(char *s) -{ - char *p; - - for (p = s; *p; ++p) - if (*p == '-') - *p = '_'; -} - -Symbol * -addsym(char *name) -{ - Symbol key, *s; - - key.name = name; - s = (Symbol *) hashtabsearch(htab, (void *) &key); - if (s == NULL) { - s = (Symbol *) emalloc(sizeof(*s)); - s->name = name; - s->gen_name = estrdup(name); - output_name(s->gen_name); - s->stype = SUndefined; - hashtabadd(htab, s); - } - return s; -} - -static int -checkfunc(void *ptr, void *arg) -{ - Symbol *s = ptr; - if (s->stype == SUndefined) { - error_message("%s is still undefined\n", s->name); - *(int *) arg = 1; - } - return 0; -} - -int -checkundefined(void) -{ - int f = 0; - hashtabforeach(htab, checkfunc, &f); - return f; -} diff --git a/crypto/heimdal/lib/asn1/symbol.h b/crypto/heimdal/lib/asn1/symbol.h deleted file mode 100644 index d07caf559042..000000000000 --- a/crypto/heimdal/lib/asn1/symbol.h +++ /dev/null @@ -1,161 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: symbol.h 19539 2006-12-28 17:15:05Z lha $ */ - -#ifndef _SYMBOL_H -#define _SYMBOL_H - -#include "asn1_queue.h" - -enum typetype { - TBitString, - TBoolean, - TChoice, - TEnumerated, - TGeneralString, - TGeneralizedTime, - TIA5String, - TInteger, - TNull, - TOID, - TOctetString, - TPrintableString, - TSequence, - TSequenceOf, - TSet, - TSetOf, - TTag, - TType, - TUTCTime, - TUTF8String, - TBMPString, - TUniversalString, - TVisibleString -}; - -typedef enum typetype Typetype; - -struct type; - -struct value { - enum { booleanvalue, - nullvalue, - integervalue, - stringvalue, - objectidentifiervalue - } type; - union { - int booleanvalue; - int integervalue; - char *stringvalue; - struct objid *objectidentifiervalue; - } u; -}; - -struct member { - char *name; - char *gen_name; - char *label; - int val; - int optional; - int ellipsis; - struct type *type; - ASN1_TAILQ_ENTRY(member) members; - struct value *defval; -}; - -typedef struct member Member; - -ASN1_TAILQ_HEAD(memhead, member); - -struct symbol; - -struct tagtype { - int tagclass; - int tagvalue; - enum { TE_IMPLICIT, TE_EXPLICIT } tagenv; -}; - -struct range { - int min; - int max; -}; - -enum ctype { CT_CONTENTS, CT_USER } ; - -struct constraint_spec; - -struct type { - Typetype type; - struct memhead *members; - struct symbol *symbol; - struct type *subtype; - struct tagtype tag; - struct range *range; - struct constraint_spec *constraint; -}; - -typedef struct type Type; - -struct constraint_spec { - enum ctype ctype; - union { - struct { - Type *type; - struct value *encoding; - } content; - } u; -}; - -struct objid { - const char *label; - int value; - struct objid *next; -}; - -struct symbol { - char *name; - char *gen_name; - enum { SUndefined, SValue, Stype } stype; - struct value *value; - Type *type; -}; - -typedef struct symbol Symbol; - -void initsym (void); -Symbol *addsym (char *); -void output_name (char *); -int checkundefined(void); -#endif diff --git a/crypto/heimdal/lib/asn1/test.asn1 b/crypto/heimdal/lib/asn1/test.asn1 deleted file mode 100644 index b2f58a20c2ce..000000000000 --- a/crypto/heimdal/lib/asn1/test.asn1 +++ /dev/null @@ -1,95 +0,0 @@ --- $Id: test.asn1 21455 2007-07-10 12:51:19Z lha $ -- - -TEST DEFINITIONS ::= - -BEGIN - -IMPORTS heim_any FROM heim; - -TESTLargeTag ::= SEQUENCE { - foo[127] INTEGER (-2147483648..2147483647) -} - -TESTSeq ::= SEQUENCE { - tag0[0] INTEGER (-2147483648..2147483647), - tag1[1] TESTLargeTag, - tagless INTEGER (-2147483648..2147483647), - tag3[2] INTEGER (-2147483648..2147483647) -} - -TESTChoice1 ::= CHOICE { - i1[1] INTEGER (-2147483648..2147483647), - i2[2] INTEGER (-2147483648..2147483647), - ... -} - -TESTChoice2 ::= CHOICE { - i1[1] INTEGER (-2147483648..2147483647), - ... -} - -TESTInteger ::= INTEGER (-2147483648..2147483647) - -TESTInteger2 ::= [4] IMPLICIT TESTInteger -TESTInteger3 ::= [5] IMPLICIT TESTInteger2 - -TESTImplicit ::= SEQUENCE { - ti1[0] IMPLICIT INTEGER (-2147483648..2147483647), - ti2[1] IMPLICIT SEQUENCE { - foo[127] INTEGER (-2147483648..2147483647) - }, - ti3[2] IMPLICIT [5] IMPLICIT [4] IMPLICIT INTEGER (-2147483648..2147483647) -} - -TESTImplicit2 ::= SEQUENCE { - ti1[0] IMPLICIT TESTInteger, - ti2[1] IMPLICIT TESTLargeTag, - ti3[2] IMPLICIT TESTInteger3 -} - -TESTAllocInner ::= SEQUENCE { - ai[0] TESTInteger -} - -TESTAlloc ::= SEQUENCE { - tagless TESTAllocInner OPTIONAL, - three [1] INTEGER (-2147483648..2147483647), - tagless2 heim_any OPTIONAL -} - - -TESTCONTAINING ::= OCTET STRING ( CONTAINING INTEGER ) -TESTENCODEDBY ::= OCTET STRING ( ENCODED BY - { joint-iso-itu-t(2) asn(1) ber-derived(2) distinguished-encoding(1) } -) - -TESTDer OBJECT IDENTIFIER ::= { - joint-iso-itu-t(2) asn(1) ber-derived(2) distinguished-encoding(1) -} - -TESTCONTAININGENCODEDBY ::= OCTET STRING ( CONTAINING INTEGER ENCODED BY - { joint-iso-itu-t(2) asn(1) ber-derived(2) distinguished-encoding(1) } -) - -TESTCONTAININGENCODEDBY2 ::= OCTET STRING ( - CONTAINING INTEGER ENCODED BY TESTDer -) - - -TESTValue1 INTEGER ::= 1 - -TESTUSERCONSTRAINED ::= OCTET STRING (CONSTRAINED BY { -- meh -- }) --- TESTUSERCONSTRAINED2 ::= OCTET STRING (CONSTRAINED BY { TESTInteger }) --- TESTUSERCONSTRAINED3 ::= OCTET STRING (CONSTRAINED BY { INTEGER }) --- TESTUSERCONSTRAINED4 ::= OCTET STRING (CONSTRAINED BY { INTEGER : 1 }) - -TESTSeqOf ::= SEQUENCE OF TESTInteger - -TESTSeqSizeOf1 ::= SEQUENCE SIZE (2) OF TESTInteger -TESTSeqSizeOf2 ::= SEQUENCE SIZE (1..2) OF TESTInteger -TESTSeqSizeOf3 ::= SEQUENCE SIZE (1..MAX) OF TESTInteger -TESTSeqSizeOf4 ::= SEQUENCE SIZE (MIN..2) OF TESTInteger - -TESTOSSize1 ::= OCTET STRING SIZE (1..2) - -END diff --git a/crypto/heimdal/lib/asn1/test.gen b/crypto/heimdal/lib/asn1/test.gen deleted file mode 100644 index d0fc7d98a44b..000000000000 --- a/crypto/heimdal/lib/asn1/test.gen +++ /dev/null @@ -1,14 +0,0 @@ -# $Id: test.gen 15617 2005-07-12 06:27:42Z lha $ -# Sample for TESTSeq in test.asn1 -# - -UNIV CONS Sequence 23 - CONTEXT CONS 0 3 - UNIV PRIM Integer 1 01 - CONTEXT CONS 1 8 - UNIV CONS Sequence 6 - CONTEXT CONS 127 3 - UNIV PRIM Integer 1 01 - UNIV PRIM Integer 1 01 - CONTEXT CONS 2 3 - UNIV PRIM Integer 1 01 diff --git a/crypto/heimdal/lib/asn1/timegm.c b/crypto/heimdal/lib/asn1/timegm.c deleted file mode 100644 index 33b9684a5d87..000000000000 --- a/crypto/heimdal/lib/asn1/timegm.c +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "der_locl.h" - -RCSID("$Id: timegm.c 21366 2007-06-27 10:06:22Z lha $"); - -static int -is_leap(unsigned y) -{ - y += 1900; - return (y % 4) == 0 && ((y % 100) != 0 || (y % 400) == 0); -} - -/* - * This is a simplifed version of timegm(3) that doesn't accept out of - * bound values that timegm(3) normally accepts but those are not - * valid in asn1 encodings. - */ - -time_t -_der_timegm (struct tm *tm) -{ - static const unsigned ndays[2][12] ={ - {31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}, - {31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}}; - time_t res = 0; - unsigned i; - - if (tm->tm_year < 0) - return -1; - if (tm->tm_mon < 0 || tm->tm_mon > 11) - return -1; - if (tm->tm_mday < 1 || tm->tm_mday > ndays[is_leap(tm->tm_year)][tm->tm_mon]) - return -1; - if (tm->tm_hour < 0 || tm->tm_hour > 23) - return -1; - if (tm->tm_min < 0 || tm->tm_min > 59) - return -1; - if (tm->tm_sec < 0 || tm->tm_sec > 59) - return -1; - - for (i = 70; i < tm->tm_year; ++i) - res += is_leap(i) ? 366 : 365; - - for (i = 0; i < tm->tm_mon; ++i) - res += ndays[is_leap(tm->tm_year)][i]; - res += tm->tm_mday - 1; - res *= 24; - res += tm->tm_hour; - res *= 60; - res += tm->tm_min; - res *= 60; - res += tm->tm_sec; - return res; -} diff --git a/crypto/heimdal/lib/asn1/x509.asn1 b/crypto/heimdal/lib/asn1/x509.asn1 deleted file mode 100644 index 4a15844c8563..000000000000 --- a/crypto/heimdal/lib/asn1/x509.asn1 +++ /dev/null @@ -1,23 +0,0 @@ -X509 DEFINITIONS ::= BEGIN - -CertificateSerialNumber ::= INTEGER -- X.509 '97 - -AttributeType ::= OBJECT-IDENTIFIER - -AttributeValue ::= OCTET STRING --ANY DEFINED BY AttributeType - -AttributeTypeAndValue ::= SEQUENCE { - type AttributeType, - value AttributeValue -} - -RelativeDistinguishedName ::= --SET -SEQUENCE OF AttributeTypeAndValue - -RDNSequence ::= SEQUENCE OF RelativeDistinguishedName - -Name ::= CHOICE { -- RFC2459 - x RDNSequence -} - -END \ No newline at end of file diff --git a/crypto/heimdal/lib/auth/ChangeLog b/crypto/heimdal/lib/auth/ChangeLog deleted file mode 100644 index 1ef62c092f49..000000000000 --- a/crypto/heimdal/lib/auth/ChangeLog +++ /dev/null @@ -1,206 +0,0 @@ -2007-12-14 Love Hörnquist Åstrand - - * sia/Makefile.am: One EXTRA_DIST is enought, from dave love. - - * pam/Makefile.am: Add SRCS to EXTRA_DIST - - * afskauthlib/Makefile.am: SRCS - -2006-10-22 Love Hörnquist Åstrand - - * pam/Makefile.am: use libtool to build binaries - -2005-05-02 Dave Love - - * afskauthlib/Makefile.am (afskauthlib.so): Use libtool. - (.c.o): Use CC (like SIA module), not COMPILE. - -2005-04-19 Love Hörnquist Åstrand - - * sia/sia.c: fix getpw*_r calls, they return 0 even when the entry - isn't found and instead make it with setting return pointer to - NULL. From Luke Mewburn - -2004-09-08 Johan Danielsson - - * afskauthlib/verify.c: use krb5_appdefault_boolean instead of - krb5_config_get_bool - -2003-09-23 Love Hörnquist Åstrand - - * sia/sia.c: Add support for AFS when using Kerberos 5, From: - Sergio.Gelato@astro.su.se - -2003-07-07 Love Hörnquist Åstrand - - * pam/Makefile.am: XXX inline COMPILE since automake wont add it - - * afskauthlib/verify.c (verify_krb5): use krb5_cc_clear_mcred - -2003-05-08 Love Hörnquist Åstrand - - * sia/Makefile.am: inline COMPILE since (modern) automake doesn't - add it by itself for some reason - -2003-04-30 Love Hörnquist Åstrand - - * afskauthlib/Makefile.am: always includes kafs now that its built - -2003-03-27 Love Hörnquist Åstrand - - * sia/Makefile.am: libkafs is always built now, lets include it - -2002-05-19 Johan Danielsson - - * pam/Makefile.am: set SUFFIXES with += - -2001-10-27 Assar Westerlund - - * pam/Makefile.am: actually build the pam module - -2001-09-18 Johan Danielsson - - * sia/Makefile.am: also don't compress krb5 library, at least - siacfg fails with compressed libraries - -2001-09-13 Assar Westerlund - - * sia/sia.c: move krb5_error_code inside a ifdef KRB5 - * sia/sia_locl.h: move roken.h earlier to grab definition of - socklen_t - -2001-08-28 Johan Danielsson - - * sia/krb5_matrix.conf: athena -> heimdal - -2001-07-17 Assar Westerlund - - * sia/Makefile.am: use make-rpath to sort rpath arguments - -2001-07-15 Assar Westerlund - - * afskauthlib/Makefile.am: use LIB_des, so that we link with - libcrypto/libdes from krb4 - -2001-07-12 Assar Westerlund - - * sia/Makefile.am: use $(CC) instead of ld for linking - -2001-07-06 Assar Westerlund - - * sia/Makefile.am: use LDFLAGS, and conditional libdes - -2001-03-06 Assar Westerlund - - * sia/Makefile.am: make sure of using -rpath and not -R when - calling ld - -2001-02-15 Assar Westerlund - - * pam/pam.c (psyslog): do not log to console - -2001-01-29 Assar Westerlund - - * sia/Makefile.am (libsia_krb5.so): actually run ld in the case - shared library case - -2000-12-31 Assar Westerlund - - * sia/sia.c (siad_ses_init): handle krb5_init_context failure - consistently - * afskauthlib/verify.c (verify_krb5): handle krb5_init_context - failure consistently - -2000-11-30 Johan Danielsson - - * afskauthlib/Makefile.am: use libtool - - * afskauthlib/Makefile.am: work with krb4 only - -2000-07-30 Johan Danielsson - - * sia/Makefile.am: don't compress library, since 5.0 seems to have - a problem with this - -2000-07-02 Assar Westerlund - - * afskauthlib/verify.c: fixes for pag setting - -1999-12-30 Assar Westerlund - - * sia/Makefile.am: try to link with shared libraries if we don't - find any static ones - -1999-12-20 Johan Danielsson - - * sia/sia.c: don't use string concatenation with TKT_ROOT - -1999-11-15 Assar Westerlund - - * */lib/Makefile.in: set LIBNAME. From Enrico Scholz - - -1999-10-17 Assar Westerlund - - * afskauthlib/verify.c (verify_krb5): need realm for v5 -> v4 - -1999-10-03 Assar Westerlund - - * afskauthlib/verify.c (verify_krb5): update to new - krb524_convert_creds_kdc - -1999-09-28 Assar Westerlund - - * sia/sia.c (doauth): use krb5_get_local_realms and - krb5_verify_user_lrealm - - * afskauthlib/verify.c (verify_krb5): remove krb5_kuserok. use - krb5_verify_user_lrealm - -1999-08-27 Johan Danielsson - - * pam/Makefile.in: link with res_search/dn_expand libraries - -1999-08-11 Johan Danielsson - - * afskauthlib/verify.c: make this compile w/o krb4 - -1999-08-04 Assar Westerlund - - * afskauthlib/verify.c: incorporate patches from Miroslav Ruda - - -Thu Apr 8 14:35:34 1999 Johan Danielsson - - * sia/sia.c: remove definition of KRB_VERIFY_USER (moved to - config.h) - - * sia/Makefile.am: make it build w/o krb4 - - * afskauthlib/verify.c: add krb5 support - - * afskauthlib/Makefile.am: build afskauthlib.so - -Wed Apr 7 14:06:22 1999 Johan Danielsson - - * sia/sia.c: make it compile w/o krb4 - - * sia/Makefile.am: make it compile w/o krb4 - -Thu Apr 1 18:09:23 1999 Johan Danielsson - - * sia/sia_locl.h: POSIX_GETPWNAM_R is defined in config.h - -Sun Mar 21 14:08:30 1999 Johan Danielsson - - * sia/Makefile.in: add posix_getpw.c - - * sia/Makefile.am: makefile for sia - - * sia/posix_getpw.c: move from sia.c - - * sia/sia_locl.h: merge with krb5 version - - * sia/sia.c: merge with krb5 version - - * sia/sia5.c: remove unused variables diff --git a/crypto/heimdal/lib/auth/Makefile.am b/crypto/heimdal/lib/auth/Makefile.am deleted file mode 100644 index c62903c7d1b3..000000000000 --- a/crypto/heimdal/lib/auth/Makefile.am +++ /dev/null @@ -1,6 +0,0 @@ -# $Id: Makefile.am 5683 1999-03-21 17:11:08Z joda $ - -include $(top_srcdir)/Makefile.am.common - -SUBDIRS = @LIB_AUTH_SUBDIRS@ -DIST_SUBDIRS = afskauthlib pam sia diff --git a/crypto/heimdal/lib/auth/Makefile.in b/crypto/heimdal/lib/auth/Makefile.in deleted file mode 100644 index d7200ce6a3b9..000000000000 --- a/crypto/heimdal/lib/auth/Makefile.in +++ /dev/null @@ -1,815 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 5683 1999-03-21 17:11:08Z joda $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog -subdir = lib/auth -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ - html-recursive info-recursive install-data-recursive \ - install-dvi-recursive install-exec-recursive \ - install-html-recursive install-info-recursive \ - install-pdf-recursive install-ps-recursive install-recursive \ - installcheck-recursive installdirs-recursive pdf-recursive \ - ps-recursive uninstall-recursive -RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ - distclean-recursive maintainer-clean-recursive -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -SUBDIRS = @LIB_AUTH_SUBDIRS@ -DIST_SUBDIRS = afskauthlib pam sia -all: all-recursive - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/auth/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/auth/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -# This directory's subdirectories are mostly independent; you can cd -# into them and run `make' without going through this Makefile. -# To change the values of `make' variables: instead of editing Makefiles, -# (1) if the variable is set in `config.status', edit `config.status' -# (which will cause the Makefiles to be regenerated when you run `make'); -# (2) otherwise, pass the desired values on the `make' command line. -$(RECURSIVE_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - target=`echo $@ | sed s/-recursive//`; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - dot_seen=yes; \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done; \ - if test "$$dot_seen" = "no"; then \ - $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ - fi; test -z "$$fail" - -$(RECURSIVE_CLEAN_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - case "$@" in \ - distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ - *) list='$(SUBDIRS)' ;; \ - esac; \ - rev=''; for subdir in $$list; do \ - if test "$$subdir" = "."; then :; else \ - rev="$$subdir $$rev"; \ - fi; \ - done; \ - rev="$$rev ."; \ - target=`echo $@ | sed s/-recursive//`; \ - for subdir in $$rev; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done && test -z "$$fail" -tags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ - done -ctags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ - include_option=--etags-include; \ - empty_fix=.; \ - else \ - include_option=--include; \ - empty_fix=; \ - fi; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test ! -f $$subdir/TAGS || \ - tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ - fi; \ - done; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test -d "$(distdir)/$$subdir" \ - || $(MKDIR_P) "$(distdir)/$$subdir" \ - || exit 1; \ - distdir=`$(am__cd) $(distdir) && pwd`; \ - top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ - (cd $$subdir && \ - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$$top_distdir" \ - distdir="$$distdir/$$subdir" \ - am__remove_distdir=: \ - am__skip_length_check=: \ - distdir) \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-recursive -all-am: Makefile all-local -installdirs: installdirs-recursive -installdirs-am: -install: install-recursive -install-exec: install-exec-recursive -install-data: install-data-recursive -uninstall: uninstall-recursive - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-recursive -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-recursive - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-recursive - -rm -f Makefile -distclean-am: clean-am distclean-generic distclean-tags - -dvi: dvi-recursive - -dvi-am: - -html: html-recursive - -info: info-recursive - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-recursive - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-recursive - -install-info: install-info-recursive - -install-man: - -install-pdf: install-pdf-recursive - -install-ps: install-ps-recursive - -installcheck-am: - -maintainer-clean: maintainer-clean-recursive - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-recursive - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-recursive - -pdf-am: - -ps: ps-recursive - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ - install-data-am install-exec-am install-strip uninstall-am - -.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ - all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool ctags ctags-recursive dist-hook \ - distclean distclean-generic distclean-libtool distclean-tags \ - distdir dvi dvi-am html html-am info info-am install \ - install-am install-data install-data-am install-data-hook \ - install-dvi install-dvi-am install-exec install-exec-am \ - install-exec-hook install-html install-html-am install-info \ - install-info-am install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs installdirs-am maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags tags-recursive \ - uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/lib/auth/afskauthlib/Makefile.am b/crypto/heimdal/lib/auth/afskauthlib/Makefile.am deleted file mode 100644 index 1eec4f5d1633..000000000000 --- a/crypto/heimdal/lib/auth/afskauthlib/Makefile.am +++ /dev/null @@ -1,51 +0,0 @@ -# $Id: Makefile.am 22298 2007-12-14 06:38:06Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_krb4) - -DEFS = @DEFS@ - -foodir = $(libdir) -foo_DATA = afskauthlib.so - -SUFFIXES += .c .o - -SRCS = verify.c -OBJS = verify.o - -CLEANFILES = $(foo_DATA) $(OBJS) so_locations - -afskauthlib.so: $(OBJS) - $(LIBTOOL) --mode=link $(CC) -shared -o $@ $(OBJS) $(L) $(LDFLAGS) - -.c.o: - $(CC) $(DEFS) $(DEFAULT_AM_CPPFLAGS) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) \ - -c `test -f '$<' || echo '$(srcdir)/'`$< - -KAFS = $(top_builddir)/lib/kafs/libkafs.la - -if KRB5 -L = \ - $(KAFS) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/roken/libroken.la \ - -lc - -else - -L = \ - $(KAFS) \ - $(LIB_krb4) \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/roken/libroken.la \ - -lc -endif - -$(OBJS): $(top_builddir)/include/config.h - -EXTRA_DIST = $(SRCS) diff --git a/crypto/heimdal/lib/auth/afskauthlib/Makefile.in b/crypto/heimdal/lib/auth/afskauthlib/Makefile.in deleted file mode 100644 index 89c966ad8137..000000000000 --- a/crypto/heimdal/lib/auth/afskauthlib/Makefile.in +++ /dev/null @@ -1,723 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22298 2007-12-14 06:38:06Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = lib/auth/afskauthlib -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(foodir)" -fooDATA_INSTALL = $(INSTALL_DATA) -DATA = $(foo_DATA) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .o -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -foodir = $(libdir) -foo_DATA = afskauthlib.so -SRCS = verify.c -OBJS = verify.o -CLEANFILES = $(foo_DATA) $(OBJS) so_locations -KAFS = $(top_builddir)/lib/kafs/libkafs.la -@KRB5_FALSE@L = \ -@KRB5_FALSE@ $(KAFS) \ -@KRB5_FALSE@ $(LIB_krb4) \ -@KRB5_FALSE@ $(LIB_hcrypto) \ -@KRB5_FALSE@ $(top_builddir)/lib/roken/libroken.la \ -@KRB5_FALSE@ -lc - -@KRB5_TRUE@L = \ -@KRB5_TRUE@ $(KAFS) \ -@KRB5_TRUE@ $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la \ -@KRB5_TRUE@ $(LIB_krb4) \ -@KRB5_TRUE@ $(LIB_hcrypto) \ -@KRB5_TRUE@ $(top_builddir)/lib/roken/libroken.la \ -@KRB5_TRUE@ -lc - -EXTRA_DIST = $(SRCS) -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .o -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/auth/afskauthlib/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/auth/afskauthlib/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-fooDATA: $(foo_DATA) - @$(NORMAL_INSTALL) - test -z "$(foodir)" || $(MKDIR_P) "$(DESTDIR)$(foodir)" - @list='$(foo_DATA)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(fooDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(foodir)/$$f'"; \ - $(fooDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(foodir)/$$f"; \ - done - -uninstall-fooDATA: - @$(NORMAL_UNINSTALL) - @list='$(foo_DATA)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(foodir)/$$f'"; \ - rm -f "$(DESTDIR)$(foodir)/$$f"; \ - done -tags: TAGS -TAGS: - -ctags: CTAGS -CTAGS: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(DATA) all-local -installdirs: - for dir in "$(DESTDIR)$(foodir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-fooDATA - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-fooDATA - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool dist-hook distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-fooDATA \ - install-html install-html-am install-info install-info-am \ - install-man install-pdf install-pdf-am install-ps \ - install-ps-am install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \ - ps ps-am uninstall uninstall-am uninstall-fooDATA \ - uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -afskauthlib.so: $(OBJS) - $(LIBTOOL) --mode=link $(CC) -shared -o $@ $(OBJS) $(L) $(LDFLAGS) - -.c.o: - $(CC) $(DEFS) $(DEFAULT_AM_CPPFLAGS) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) \ - -c `test -f '$<' || echo '$(srcdir)/'`$< - -$(OBJS): $(top_builddir)/include/config.h -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/lib/auth/afskauthlib/verify.c b/crypto/heimdal/lib/auth/afskauthlib/verify.c deleted file mode 100644 index ff0141b2f6b2..000000000000 --- a/crypto/heimdal/lib/auth/afskauthlib/verify.c +++ /dev/null @@ -1,307 +0,0 @@ -/* - * Copyright (c) 1995-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: verify.c 14203 2004-09-08 09:02:59Z joda $"); -#endif -#include -#include -#include -#ifdef KRB5 -#include -#endif -#ifdef KRB4 -#include -#include -#endif -#include - -#ifdef KRB5 -static char krb5ccname[128]; -#endif -#ifdef KRB4 -static char krbtkfile[128]; -#endif - -/* - In some cases is afs_gettktstring called twice (once before - afs_verify and once after afs_verify). - In some cases (rlogin with access allowed via .rhosts) - afs_verify is not called! - So we can't rely on correct value in krbtkfile in some - cases! -*/ - -static int correct_tkfilename=0; -static int pag_set=0; - -#ifdef KRB4 -static void -set_krbtkfile(uid_t uid) -{ - snprintf (krbtkfile, sizeof(krbtkfile), "%s%d", TKT_ROOT, (unsigned)uid); - krb_set_tkt_string (krbtkfile); - correct_tkfilename = 1; -} -#endif - -/* XXX this has to be the default cache name, since the KRB5CCNAME - * environment variable isn't exported by login/xdm - */ - -#ifdef KRB5 -static void -set_krb5ccname(uid_t uid) -{ - snprintf (krb5ccname, sizeof(krb5ccname), "FILE:/tmp/krb5cc_%d", uid); -#ifdef KRB4 - snprintf (krbtkfile, sizeof(krbtkfile), "%s%d", TKT_ROOT, (unsigned)uid); -#endif - correct_tkfilename = 1; -} -#endif - -static void -set_spec_krbtkfile(void) -{ - int fd; -#ifdef KRB4 - snprintf (krbtkfile, sizeof(krbtkfile), "%s_XXXXXX", TKT_ROOT); - fd = mkstemp(krbtkfile); - close(fd); - unlink(krbtkfile); - krb_set_tkt_string (krbtkfile); -#endif -#ifdef KRB5 - snprintf(krb5ccname, sizeof(krb5ccname),"FILE:/tmp/krb5cc_XXXXXX"); - fd=mkstemp(krb5ccname+5); - close(fd); - unlink(krb5ccname+5); -#endif -} - -#ifdef KRB5 -static int -verify_krb5(struct passwd *pwd, - char *password, - int32_t *exp, - int quiet) -{ - krb5_context context; - krb5_error_code ret; - krb5_ccache ccache; - krb5_principal principal; - - ret = krb5_init_context(&context); - if (ret) { - syslog(LOG_AUTH|LOG_DEBUG, "krb5_init_context failed: %d", ret); - goto out; - } - - ret = krb5_parse_name (context, pwd->pw_name, &principal); - if (ret) { - syslog(LOG_AUTH|LOG_DEBUG, "krb5_parse_name: %s", - krb5_get_err_text(context, ret)); - goto out; - } - - set_krb5ccname(pwd->pw_uid); - ret = krb5_cc_resolve(context, krb5ccname, &ccache); - if(ret) { - syslog(LOG_AUTH|LOG_DEBUG, "krb5_cc_resolve: %s", - krb5_get_err_text(context, ret)); - goto out; - } - - ret = krb5_verify_user_lrealm(context, - principal, - ccache, - password, - TRUE, - NULL); - if(ret) { - syslog(LOG_AUTH|LOG_DEBUG, "krb5_verify_user: %s", - krb5_get_err_text(context, ret)); - goto out; - } - - if(chown(krb5_cc_get_name(context, ccache), pwd->pw_uid, pwd->pw_gid)) { - syslog(LOG_AUTH|LOG_DEBUG, "chown: %s", - krb5_get_err_text(context, errno)); - goto out; - } - -#ifdef KRB4 - { - krb5_realm realm = NULL; - krb5_boolean get_v4_tgt; - - krb5_get_default_realm(context, &realm); - krb5_appdefault_boolean(context, "afskauthlib", - realm, - "krb4_get_tickets", FALSE, &get_v4_tgt); - if (get_v4_tgt) { - CREDENTIALS c; - krb5_creds mcred, cred; - - krb5_cc_clear_mcred(&mcred); - - krb5_make_principal(context, &mcred.server, realm, - "krbtgt", - realm, - NULL); - ret = krb5_cc_retrieve_cred(context, ccache, 0, &mcred, &cred); - if(ret == 0) { - ret = krb524_convert_creds_kdc_ccache(context, ccache, &cred, &c); - if(ret) - krb5_warn(context, ret, "converting creds"); - else { - set_krbtkfile(pwd->pw_uid); - tf_setup(&c, c.pname, c.pinst); - } - memset(&c, 0, sizeof(c)); - krb5_free_cred_contents(context, &cred); - } else - syslog(LOG_AUTH|LOG_DEBUG, "krb5_cc_retrieve_cred: %s", - krb5_get_err_text(context, ret)); - - krb5_free_principal(context, mcred.server); - } - free (realm); - if (!pag_set && k_hasafs()) { - k_setpag(); - pag_set = 1; - } - - if (pag_set) - krb5_afslog_uid_home(context, ccache, NULL, NULL, - pwd->pw_uid, pwd->pw_dir); - } -#endif - out: - if(ret && !quiet) - printf ("%s\n", krb5_get_err_text (context, ret)); - return ret; -} -#endif - -#ifdef KRB4 -static int -verify_krb4(struct passwd *pwd, - char *password, - int32_t *exp, - int quiet) -{ - int ret = 1; - char lrealm[REALM_SZ]; - - if (krb_get_lrealm (lrealm, 1) != KFAILURE) { - set_krbtkfile(pwd->pw_uid); - ret = krb_verify_user (pwd->pw_name, "", lrealm, password, - KRB_VERIFY_SECURE, NULL); - if (ret == KSUCCESS) { - if (!pag_set && k_hasafs()) { - k_setpag (); - pag_set = 1; - } - if (pag_set) - krb_afslog_uid_home (0, 0, pwd->pw_uid, pwd->pw_dir); - } else if (!quiet) - printf ("%s\n", krb_get_err_text (ret)); - } - return ret; -} -#endif - -int -afs_verify(char *name, - char *password, - int32_t *exp, - int quiet) -{ - int ret = 1; - struct passwd *pwd = k_getpwnam (name); - - if(pwd == NULL) - return 1; - - if (!pag_set && k_hasafs()) { - k_setpag(); - pag_set=1; - } - - if (ret) - ret = unix_verify_user (name, password); -#ifdef KRB5 - if (ret) - ret = verify_krb5(pwd, password, exp, quiet); -#endif -#ifdef KRB4 - if(ret) - ret = verify_krb4(pwd, password, exp, quiet); -#endif - return ret; -} - -char * -afs_gettktstring (void) -{ - char *ptr; - struct passwd *pwd; - - if (!correct_tkfilename) { - ptr = getenv("LOGNAME"); - if (ptr != NULL && ((pwd = getpwnam(ptr)) != NULL)) { - set_krb5ccname(pwd->pw_uid); -#ifdef KRB4 - set_krbtkfile(pwd->pw_uid); - if (!pag_set && k_hasafs()) { - k_setpag(); - pag_set=1; - } -#endif - } else { - set_spec_krbtkfile(); - } - } -#ifdef KRB5 - esetenv("KRB5CCNAME",krb5ccname,1); -#endif -#ifdef KRB4 - esetenv("KRBTKFILE",krbtkfile,1); - return krbtkfile; -#else - return ""; -#endif -} diff --git a/crypto/heimdal/lib/auth/pam/Makefile.am b/crypto/heimdal/lib/auth/pam/Makefile.am deleted file mode 100644 index c4d0eb545b7e..000000000000 --- a/crypto/heimdal/lib/auth/pam/Makefile.am +++ /dev/null @@ -1,69 +0,0 @@ -# $Id: Makefile.am 22299 2007-12-14 06:39:19Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_krb4) - -WFLAGS += $(WFLAGS_NOIMPLICITINT) - -DEFS = @DEFS@ - -## this is horribly ugly, but automake/libtool doesn't allow us to -## unconditionally build shared libraries, and it does not allow us to -## link with non-installed libraries - -if KRB4 -KAFS=$(top_builddir)/lib/kafs/.libs/libkafs.a -KAFS_S=$(top_builddir)/lib/kafs/.libs/libkafs.so - -L = \ - $(KAFS) \ - $(top_builddir)/lib/krb/.libs/libkrb.a \ - $(LIB_hcrypto_a) \ - $(top_builddir)/lib/roken/.libs/libroken.a \ - -lc - -L_shared = \ - $(KAFS_S) \ - $(top_builddir)/lib/krb/.libs/libkrb.so \ - $(LIB_hcrypto_so) \ - $(top_builddir)/lib/roken/.libs/libroken.so \ - $(LIB_getpwnam_r) \ - -lc - -MOD = pam_krb4.so - -endif - -foodir = $(libdir) -foo_DATA = $(MOD) - -LDFLAGS = @LDFLAGS@ - -SRCS = pam.c -OBJS = pam.o - -pam_krb4.so: $(OBJS) - @if test -f $(top_builddir)/lib/krb/.libs/libkrb.a; then \ - echo "$(LIBTOOL) --mode=link --tag=CC $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L)"; \ - $(LIBTOOL) --mode=link --tag=CC $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \ - elif test -f $(top_builddir)/lib/krb/.libs/libkrb.so; then \ - echo "$(LIBTOOL) --mode=link --tag=CC $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared)"; \ - $(LIBTOOL) --mode=link --tag=CC $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \ - else \ - echo "missing libraries"; exit 1; \ - fi - -CLEANFILES = $(MOD) $(OBJS) - -SUFFIXES += .c .o - -# XXX inline COMPILE since automake wont add it - -.c.o: - $(LIBTOOL) --mode=compile --tag=CC $(CC) \ - $(DEFS) $(DEFAULT_AM_CPPFLAGS) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) \ - -c `test -f '$<' || echo '$(srcdir)/'`$< - -EXTRA_DIST = pam.conf.add $(SRCS) diff --git a/crypto/heimdal/lib/auth/pam/Makefile.in b/crypto/heimdal/lib/auth/pam/Makefile.in deleted file mode 100644 index 0f9e084267b5..000000000000 --- a/crypto/heimdal/lib/auth/pam/Makefile.in +++ /dev/null @@ -1,733 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22299 2007-12-14 06:39:19Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = lib/auth/pam -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(foodir)" -fooDATA_INSTALL = $(INSTALL_DATA) -DATA = $(foo_DATA) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ $(WFLAGS_NOIMPLICITINT) -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .o -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -@KRB4_TRUE@KAFS = $(top_builddir)/lib/kafs/.libs/libkafs.a -@KRB4_TRUE@KAFS_S = $(top_builddir)/lib/kafs/.libs/libkafs.so -@KRB4_TRUE@L = \ -@KRB4_TRUE@ $(KAFS) \ -@KRB4_TRUE@ $(top_builddir)/lib/krb/.libs/libkrb.a \ -@KRB4_TRUE@ $(LIB_hcrypto_a) \ -@KRB4_TRUE@ $(top_builddir)/lib/roken/.libs/libroken.a \ -@KRB4_TRUE@ -lc - -@KRB4_TRUE@L_shared = \ -@KRB4_TRUE@ $(KAFS_S) \ -@KRB4_TRUE@ $(top_builddir)/lib/krb/.libs/libkrb.so \ -@KRB4_TRUE@ $(LIB_hcrypto_so) \ -@KRB4_TRUE@ $(top_builddir)/lib/roken/.libs/libroken.so \ -@KRB4_TRUE@ $(LIB_getpwnam_r) \ -@KRB4_TRUE@ -lc - -@KRB4_TRUE@MOD = pam_krb4.so -foodir = $(libdir) -foo_DATA = $(MOD) -SRCS = pam.c -OBJS = pam.o -CLEANFILES = $(MOD) $(OBJS) -EXTRA_DIST = pam.conf.add $(SRCS) -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .o -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/auth/pam/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/auth/pam/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-fooDATA: $(foo_DATA) - @$(NORMAL_INSTALL) - test -z "$(foodir)" || $(MKDIR_P) "$(DESTDIR)$(foodir)" - @list='$(foo_DATA)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(fooDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(foodir)/$$f'"; \ - $(fooDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(foodir)/$$f"; \ - done - -uninstall-fooDATA: - @$(NORMAL_UNINSTALL) - @list='$(foo_DATA)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(foodir)/$$f'"; \ - rm -f "$(DESTDIR)$(foodir)/$$f"; \ - done -tags: TAGS -TAGS: - -ctags: CTAGS -CTAGS: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(DATA) all-local -installdirs: - for dir in "$(DESTDIR)$(foodir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-fooDATA - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-fooDATA - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool dist-hook distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-fooDATA \ - install-html install-html-am install-info install-info-am \ - install-man install-pdf install-pdf-am install-ps \ - install-ps-am install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \ - ps ps-am uninstall uninstall-am uninstall-fooDATA \ - uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -pam_krb4.so: $(OBJS) - @if test -f $(top_builddir)/lib/krb/.libs/libkrb.a; then \ - echo "$(LIBTOOL) --mode=link --tag=CC $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L)"; \ - $(LIBTOOL) --mode=link --tag=CC $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \ - elif test -f $(top_builddir)/lib/krb/.libs/libkrb.so; then \ - echo "$(LIBTOOL) --mode=link --tag=CC $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared)"; \ - $(LIBTOOL) --mode=link --tag=CC $(CC) -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \ - else \ - echo "missing libraries"; exit 1; \ - fi - -# XXX inline COMPILE since automake wont add it - -.c.o: - $(LIBTOOL) --mode=compile --tag=CC $(CC) \ - $(DEFS) $(DEFAULT_AM_CPPFLAGS) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) \ - -c `test -f '$<' || echo '$(srcdir)/'`$< -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/lib/auth/pam/pam.c b/crypto/heimdal/lib/auth/pam/pam.c deleted file mode 100644 index ed5071b78851..000000000000 --- a/crypto/heimdal/lib/auth/pam/pam.c +++ /dev/null @@ -1,443 +0,0 @@ -/* - * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: pam.c 11417 2002-09-09 15:57:24Z joda $"); -#endif - -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#ifndef PAM_AUTHTOK_RECOVERY_ERR /* Fix linsux typo. */ -#define PAM_AUTHTOK_RECOVERY_ERR PAM_AUTHTOK_RECOVER_ERR -#endif - -#include -#include -#include - -#if 0 -/* Debugging PAM modules is a royal pain, truss helps. */ -#define DEBUG(msg) (access(msg " at line", __LINE__)) -#endif - -static void -psyslog(int level, const char *format, ...) -{ - va_list args; - va_start(args, format); - openlog("pam_krb4", LOG_PID, LOG_AUTH); - vsyslog(level, format, args); - va_end(args); - closelog(); -} - -enum { - KRB4_DEBUG, - KRB4_USE_FIRST_PASS, - KRB4_TRY_FIRST_PASS, - KRB4_IGNORE_ROOT, - KRB4_NO_VERIFY, - KRB4_REAFSLOG, - KRB4_CTRLS /* Number of ctrl arguments defined. */ -}; - -#define KRB4_DEFAULTS 0 - -static int ctrl_flags = KRB4_DEFAULTS; -#define ctrl_on(x) (krb4_args[x].flag & ctrl_flags) -#define ctrl_off(x) (!ctrl_on(x)) - -typedef struct -{ - const char *token; - unsigned int flag; -} krb4_ctrls_t; - -static krb4_ctrls_t krb4_args[KRB4_CTRLS] = -{ - /* KRB4_DEBUG */ { "debug", 0x01 }, - /* KRB4_USE_FIRST_PASS */ { "use_first_pass", 0x02 }, - /* KRB4_TRY_FIRST_PASS */ { "try_first_pass", 0x04 }, - /* KRB4_IGNORE_ROOT */ { "ignore_root", 0x08 }, - /* KRB4_NO_VERIFY */ { "no_verify", 0x10 }, - /* KRB4_REAFSLOG */ { "reafslog", 0x20 }, -}; - -static void -parse_ctrl(int argc, const char **argv) -{ - int i, j; - - ctrl_flags = KRB4_DEFAULTS; - for (i = 0; i < argc; i++) - { - for (j = 0; j < KRB4_CTRLS; j++) - if (strcmp(argv[i], krb4_args[j].token) == 0) - break; - - if (j >= KRB4_CTRLS) - psyslog(LOG_ALERT, "unrecognized option [%s]", *argv); - else - ctrl_flags |= krb4_args[j].flag; - } -} - -static void -pdeb(const char *format, ...) -{ - va_list args; - if (ctrl_off(KRB4_DEBUG)) - return; - va_start(args, format); - openlog("pam_krb4", LOG_PID, LOG_AUTH); - vsyslog(LOG_DEBUG, format, args); - va_end(args); - closelog(); -} - -#define ENTRY(func) pdeb("%s() flags = %d ruid = %d euid = %d", func, flags, getuid(), geteuid()) - -static void -set_tkt_string(uid_t uid) -{ - char buf[128]; - - snprintf(buf, sizeof(buf), "%s%u", TKT_ROOT, (unsigned)uid); - krb_set_tkt_string(buf); - -#if 0 - /* pam_set_data+pam_get_data are not guaranteed to work, grr. */ - pam_set_data(pamh, "KRBTKFILE", strdup(t), cleanup); - if (pam_get_data(pamh, "KRBTKFILE", (const void**)&tkt) == PAM_SUCCESS) - { - pam_putenv(pamh, var); - } -#endif - - /* We don't want to inherit this variable. - * If we still do, it must have a sane value. */ - if (getenv("KRBTKFILE") != 0) - { - char *var = malloc(sizeof(buf)); - snprintf(var, sizeof(buf), "KRBTKFILE=%s", tkt_string()); - putenv(var); - /* free(var); XXX */ - } -} - -static int -verify_pass(pam_handle_t *pamh, - const char *name, - const char *inst, - const char *pass) -{ - char realm[REALM_SZ]; - int ret, krb_verify, old_euid, old_ruid; - - krb_get_lrealm(realm, 1); - if (ctrl_on(KRB4_NO_VERIFY)) - krb_verify = KRB_VERIFY_SECURE_FAIL; - else - krb_verify = KRB_VERIFY_SECURE; - old_ruid = getuid(); - old_euid = geteuid(); - setreuid(0, 0); - ret = krb_verify_user(name, inst, realm, pass, krb_verify, NULL); - pdeb("krb_verify_user(`%s', `%s', `%s', pw, %d, NULL) returns %s", - name, inst, realm, krb_verify, - krb_get_err_text(ret)); - setreuid(old_ruid, old_euid); - if (getuid() != old_ruid || geteuid() != old_euid) - { - psyslog(LOG_ALERT , "setreuid(%d, %d) failed at line %d", - old_ruid, old_euid, __LINE__); - exit(1); - } - - switch(ret) { - case KSUCCESS: - return PAM_SUCCESS; - case KDC_PR_UNKNOWN: - return PAM_USER_UNKNOWN; - case SKDC_CANT: - case SKDC_RETRY: - case RD_AP_TIME: - return PAM_AUTHINFO_UNAVAIL; - default: - return PAM_AUTH_ERR; - } -} - -static int -krb4_auth(pam_handle_t *pamh, - int flags, - const char *name, - const char *inst, - struct pam_conv *conv) -{ - struct pam_response *resp; - char prompt[128]; - struct pam_message msg, *pmsg = &msg; - int ret; - - if (ctrl_on(KRB4_TRY_FIRST_PASS) || ctrl_on(KRB4_USE_FIRST_PASS)) - { - char *pass = 0; - ret = pam_get_item(pamh, PAM_AUTHTOK, (void **) &pass); - if (ret != PAM_SUCCESS) - { - psyslog(LOG_ERR , "pam_get_item returned error to get-password"); - return ret; - } - else if (pass != 0 && verify_pass(pamh, name, inst, pass) == PAM_SUCCESS) - return PAM_SUCCESS; - else if (ctrl_on(KRB4_USE_FIRST_PASS)) - return PAM_AUTHTOK_RECOVERY_ERR; /* Wrong password! */ - else - /* We tried the first password but it didn't work, cont. */; - } - - msg.msg_style = PAM_PROMPT_ECHO_OFF; - if (*inst == 0) - snprintf(prompt, sizeof(prompt), "%s's Password: ", name); - else - snprintf(prompt, sizeof(prompt), "%s.%s's Password: ", name, inst); - msg.msg = prompt; - - ret = conv->conv(1, &pmsg, &resp, conv->appdata_ptr); - if (ret != PAM_SUCCESS) - return ret; - - ret = verify_pass(pamh, name, inst, resp->resp); - if (ret == PAM_SUCCESS) - { - memset(resp->resp, 0, strlen(resp->resp)); /* Erase password! */ - free(resp->resp); - free(resp); - } - else - { - pam_set_item(pamh, PAM_AUTHTOK, resp->resp); /* Save password. */ - /* free(resp->resp); XXX */ - /* free(resp); XXX */ - } - - return ret; -} - -int -pam_sm_authenticate(pam_handle_t *pamh, - int flags, - int argc, - const char **argv) -{ - char *user; - int ret; - struct pam_conv *conv; - struct passwd *pw; - uid_t uid = -1; - const char *name, *inst; - char realm[REALM_SZ]; - realm[0] = 0; - - parse_ctrl(argc, argv); - ENTRY("pam_sm_authenticate"); - - ret = pam_get_user(pamh, &user, "login: "); - if (ret != PAM_SUCCESS) - return ret; - - if (ctrl_on(KRB4_IGNORE_ROOT) && strcmp(user, "root") == 0) - return PAM_AUTHINFO_UNAVAIL; - - ret = pam_get_item(pamh, PAM_CONV, (void*)&conv); - if (ret != PAM_SUCCESS) - return ret; - - pw = getpwnam(user); - if (pw != 0) - { - uid = pw->pw_uid; - set_tkt_string(uid); - } - - if (strcmp(user, "root") == 0 && getuid() != 0) - { - pw = getpwuid(getuid()); - if (pw != 0) - { - name = strdup(pw->pw_name); - inst = "root"; - } - } - else - { - name = user; - inst = ""; - } - - ret = krb4_auth(pamh, flags, name, inst, conv); - - /* - * The realm was lost inside krb_verify_user() so we can't simply do - * a krb_kuserok() when inst != "". - */ - if (ret == PAM_SUCCESS && inst[0] != 0) - { - uid_t old_euid = geteuid(); - uid_t old_ruid = getuid(); - - setreuid(0, 0); /* To read ticket file. */ - if (krb_get_tf_fullname(tkt_string(), 0, 0, realm) != KSUCCESS) - ret = PAM_SERVICE_ERR; - else if (krb_kuserok(name, inst, realm, user) != KSUCCESS) - { - setreuid(0, uid); /* To read ~/.klogin. */ - if (krb_kuserok(name, inst, realm, user) != KSUCCESS) - ret = PAM_PERM_DENIED; - } - - if (ret != PAM_SUCCESS) - { - dest_tkt(); /* Passwd known, ok to kill ticket. */ - psyslog(LOG_NOTICE, - "%s.%s@%s is not allowed to log in as %s", - name, inst, realm, user); - } - - setreuid(old_ruid, old_euid); - if (getuid() != old_ruid || geteuid() != old_euid) - { - psyslog(LOG_ALERT , "setreuid(%d, %d) failed at line %d", - old_ruid, old_euid, __LINE__); - exit(1); - } - } - - if (ret == PAM_SUCCESS) - { - psyslog(LOG_INFO, - "%s.%s@%s authenticated as user %s", - name, inst, realm, user); - if (chown(tkt_string(), uid, -1) == -1) - { - dest_tkt(); - psyslog(LOG_ALERT , "chown(%s, %d, -1) failed", tkt_string(), uid); - exit(1); - } - } - - /* - * Kludge alert!!! Sun dtlogin unlock screen fails to call - * pam_setcred(3) with PAM_REFRESH_CRED after a successful - * authentication attempt, sic. - * - * This hack is designed as a workaround to that problem. - */ - if (ctrl_on(KRB4_REAFSLOG)) - if (ret == PAM_SUCCESS) - pam_sm_setcred(pamh, PAM_REFRESH_CRED, argc, argv); - - return ret; -} - -int -pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) -{ - parse_ctrl(argc, argv); - ENTRY("pam_sm_setcred"); - - switch (flags & ~PAM_SILENT) { - case 0: - case PAM_ESTABLISH_CRED: - if (k_hasafs()) - k_setpag(); - /* Fall through, fill PAG with credentials below. */ - case PAM_REINITIALIZE_CRED: - case PAM_REFRESH_CRED: - if (k_hasafs()) - { - void *user = 0; - - if (pam_get_item(pamh, PAM_USER, &user) == PAM_SUCCESS) - { - struct passwd *pw = getpwnam((char *)user); - if (pw != 0) - krb_afslog_uid_home(/*cell*/ 0,/*realm_hint*/ 0, - pw->pw_uid, pw->pw_dir); - } - } - break; - case PAM_DELETE_CRED: - dest_tkt(); - if (k_hasafs()) - k_unlog(); - break; - default: - psyslog(LOG_ALERT , "pam_sm_setcred: unknown flags 0x%x", flags); - break; - } - - return PAM_SUCCESS; -} - -int -pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) -{ - parse_ctrl(argc, argv); - ENTRY("pam_sm_open_session"); - - return PAM_SUCCESS; -} - - -int -pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char**argv) -{ - parse_ctrl(argc, argv); - ENTRY("pam_sm_close_session"); - - /* This isn't really kosher, but it's handy. */ - pam_sm_setcred(pamh, PAM_DELETE_CRED, argc, argv); - - return PAM_SUCCESS; -} diff --git a/crypto/heimdal/lib/auth/pam/pam.conf.add b/crypto/heimdal/lib/auth/pam/pam.conf.add deleted file mode 100644 index 7db3e3d85a30..000000000000 --- a/crypto/heimdal/lib/auth/pam/pam.conf.add +++ /dev/null @@ -1,97 +0,0 @@ -To enable PAM in dtlogin and /bin/login under SunOS 5.6 apply this patch: - ---- /etc/pam.conf.DIST Mon Jul 20 15:37:46 1998 -+++ /etc/pam.conf Tue Feb 15 19:39:12 2000 -@@ -4,15 +4,19 @@ - # - # Authentication management - # -+login auth sufficient /usr/athena/lib/pam_krb4.so - login auth required /usr/lib/security/pam_unix.so.1 - login auth required /usr/lib/security/pam_dial_auth.so.1 - # - rlogin auth sufficient /usr/lib/security/pam_rhosts_auth.so.1 - rlogin auth required /usr/lib/security/pam_unix.so.1 - # -+dtlogin auth sufficient /usr/athena/lib/pam_krb4.so - dtlogin auth required /usr/lib/security/pam_unix.so.1 - # - rsh auth required /usr/lib/security/pam_rhosts_auth.so.1 -+# Reafslog is for dtlogin lock display -+other auth sufficient /usr/athena/lib/pam_krb4.so reafslog - other auth required /usr/lib/security/pam_unix.so.1 - # - # Account management -@@ -24,6 +28,8 @@ - # - # Session management - # -+dtlogin session required /usr/athena/lib/pam_krb4.so -+login session required /usr/athena/lib/pam_krb4.so - other session required /usr/lib/security/pam_unix.so.1 - # - # Password management ---------------------------------------------------------------------------- -To enable PAM in /bin/login and xdm under Red Hat 6.? apply these patches: - ---- /etc/pam.d/login~ Tue Dec 7 12:01:35 1999 -+++ /etc/pam.d/login Wed May 31 16:27:55 2000 -@@ -1,9 +1,12 @@ - #%PAM-1.0 -+# Updated to work with kerberos -+auth sufficient /usr/athena/lib/pam_krb4.so.1.0.1 - auth required /lib/security/pam_securetty.so - auth required /lib/security/pam_pwdb.so shadow nullok - auth required /lib/security/pam_nologin.so - account required /lib/security/pam_pwdb.so - password required /lib/security/pam_cracklib.so - password required /lib/security/pam_pwdb.so nullok use_authtok md5 shadow -+session required /usr/athena/lib/pam_krb4.so.1.0.1 - session required /lib/security/pam_pwdb.so - session optional /lib/security/pam_console.so ---- /etc/pam.d/xdm~ Wed May 31 16:33:54 2000 -+++ /etc/pam.d/xdm Wed May 31 16:28:29 2000 -@@ -1,8 +1,11 @@ - #%PAM-1.0 -+# Updated to work with kerberos -+auth sufficient /usr/athena/lib/pam_krb4.so.1.0.1 - auth required /lib/security/pam_pwdb.so shadow nullok - auth required /lib/security/pam_nologin.so - account required /lib/security/pam_pwdb.so - password required /lib/security/pam_cracklib.so - password required /lib/security/pam_pwdb.so shadow nullok use_authtok -+session required /usr/athena/lib/pam_krb4.so.1.0.1 - session required /lib/security/pam_pwdb.so - session optional /lib/security/pam_console.so ---- /etc/pam.d/gdm~ Wed May 31 16:33:54 2000 -+++ /etc/pam.d/gdm Wed May 31 16:34:28 2000 -@@ -1,8 +1,11 @@ - #%PAM-1.0 -+# Updated to work with kerberos -+auth sufficient /usr/athena/lib/pam_krb4.so.1.0.1 - auth required /lib/security/pam_pwdb.so shadow nullok - auth required /lib/security/pam_nologin.so - account required /lib/security/pam_pwdb.so - password required /lib/security/pam_cracklib.so - password required /lib/security/pam_pwdb.so shadow nullok use_authtok -+session required /usr/athena/lib/pam_krb4.so.1.0.1 - session required /lib/security/pam_pwdb.so - session optional /lib/security/pam_console.so - --------------------------------------------------------------------------- - -This stuff may work under some other system. - -# To get this to work, you will have to add entries to /etc/pam.conf -# -# To make login kerberos-aware, you might change pam.conf to look -# like: - -# login authorization -login auth sufficient /lib/security/pam_krb4.so -login auth required /lib/security/pam_securetty.so -login auth required /lib/security/pam_unix_auth.so -login account required /lib/security/pam_unix_acct.so -login password required /lib/security/pam_unix_passwd.so -login session required /lib/security/pam_krb4.so -login session required /lib/security/pam_unix_session.so diff --git a/crypto/heimdal/lib/auth/sia/Makefile.am b/crypto/heimdal/lib/auth/sia/Makefile.am deleted file mode 100644 index 7b6aeddf2f6a..000000000000 --- a/crypto/heimdal/lib/auth/sia/Makefile.am +++ /dev/null @@ -1,116 +0,0 @@ -# $Id: Makefile.am 22304 2007-12-14 12:18:18Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_krb4) - -WFLAGS += $(WFLAGS_NOIMPLICITINT) - -DEFS = @DEFS@ - -## this is horribly ugly, but automake/libtool doesn't allow us to -## unconditionally build shared libraries, and it does not allow us to -## link with non-installed libraries - -KAFS=$(top_builddir)/lib/kafs/.libs/libkafs.a -KAFS_S=$(top_builddir)/lib/kafs/.libs/libkafs.so - -if KRB5 -L = \ - $(KAFS) \ - $(top_builddir)/lib/krb5/.libs/libkrb5.a \ - $(top_builddir)/lib/asn1/.libs/libasn1.a \ - $(LIB_krb4) \ - $(LIB_hcrypto_a) \ - $(LIB_com_err_a) \ - $(top_builddir)/lib/roken/.libs/libroken.a \ - $(LIB_getpwnam_r) \ - -lc - -L_shared = \ - $(KAFS_S) \ - $(top_builddir)/lib/krb5/.libs/libkrb5.so \ - $(top_builddir)/lib/asn1/.libs/libasn1.so \ - $(LIB_krb4) \ - $(LIB_hcrypto_so) \ - $(LIB_com_err_so) \ - $(top_builddir)/lib/roken/.libs/libroken.so \ - $(LIB_getpwnam_r) \ - -lc - -MOD = libsia_krb5.so - -else - -L = \ - $(KAFS) \ - $(top_builddir)/lib/kadm/.libs/libkadm.a \ - $(top_builddir)/lib/krb/.libs/libkrb.a \ - $(LIB_hcrypto_a) \ - $(top_builddir)/lib/com_err/.libs/libcom_err.a \ - $(top_builddir)/lib/roken/.libs/libroken.a \ - $(LIB_getpwnam_r) \ - -lc - -L_shared = \ - $(KAFS_S) \ - $(top_builddir)/lib/kadm/.libs/libkadm.so \ - $(top_builddir)/lib/krb/.libs/libkrb.so \ - $(LIB_hcrypto_so) \ - $(top_builddir)/lib/com_err/.libs/libcom_err.so \ - $(top_builddir)/lib/roken/.libs/libroken.so \ - $(LIB_getpwnam_r) \ - -lc - -MOD = libsia_krb4.so - -endif - -foodir = $(libdir) -foo_DATA = $(MOD) - -LDFLAGS = @LDFLAGS@ -rpath $(libdir) -Wl,-hidden -Wl,-exported_symbol -Wl,siad_\* - -SRCS = sia.c posix_getpw.c sia_locl.h -OBJS = sia.o posix_getpw.o - -libsia_krb5.so: $(OBJS) - @if test -f $(top_builddir)/lib/krb5/.libs/libkrb5.a; then \ - echo "$(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L)`"; \ - $(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L)`; \ - elif test -f $(top_builddir)/lib/krb5/.libs/libkrb5.so; then \ - echo "$(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L_shared)`"; \ - $(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L_shared)`; \ - else \ - echo "missing libraries"; exit 1; \ - fi - ostrip -x $@ - -libsia_krb4.so: $(OBJS) - @if test -f $(top_builddir)/lib/krb/.libs/libkrb.a; then \ - echo "$(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L)`"; \ - $(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L)`; \ - elif test -f $(top_builddir)/lib/krb/.libs/libkrb.so; then \ - echo "$(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L_shared)`"; \ - $(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L_shared)`; \ - else \ - echo "missing libraries"; exit 1; \ - fi - ostrip -x $@ - -CLEANFILES = $(MOD) $(OBJS) so_locations - -SUFFIXES += .c .o - -# XXX inline COMPILE since automake wont add it - -.c.o: - $(CC) $(DEFS) $(DEFAULT_AM_CPPFLAGS) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) \ - -c `test -f '$<' || echo '$(srcdir)/'`$< - -EXTRA_DIST = sia.c sia_locl.h posix_getpw.c \ - krb4_matrix.conf krb4+c2_matrix.conf \ - krb5_matrix.conf krb5+c2_matrix.conf \ - security.patch \ - make-rpath $(SRCS) diff --git a/crypto/heimdal/lib/auth/sia/Makefile.in b/crypto/heimdal/lib/auth/sia/Makefile.in deleted file mode 100644 index 88f62579821b..000000000000 --- a/crypto/heimdal/lib/auth/sia/Makefile.in +++ /dev/null @@ -1,778 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22304 2007-12-14 12:18:18Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = lib/auth/sia -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(foodir)" -fooDATA_INSTALL = $(INSTALL_DATA) -DATA = $(foo_DATA) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -rpath $(libdir) -Wl,-hidden -Wl,-exported_symbol -Wl,siad_\* -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ $(WFLAGS_NOIMPLICITINT) -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .o -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -KAFS = $(top_builddir)/lib/kafs/.libs/libkafs.a -KAFS_S = $(top_builddir)/lib/kafs/.libs/libkafs.so -@KRB5_FALSE@L = \ -@KRB5_FALSE@ $(KAFS) \ -@KRB5_FALSE@ $(top_builddir)/lib/kadm/.libs/libkadm.a \ -@KRB5_FALSE@ $(top_builddir)/lib/krb/.libs/libkrb.a \ -@KRB5_FALSE@ $(LIB_hcrypto_a) \ -@KRB5_FALSE@ $(top_builddir)/lib/com_err/.libs/libcom_err.a \ -@KRB5_FALSE@ $(top_builddir)/lib/roken/.libs/libroken.a \ -@KRB5_FALSE@ $(LIB_getpwnam_r) \ -@KRB5_FALSE@ -lc - -@KRB5_TRUE@L = \ -@KRB5_TRUE@ $(KAFS) \ -@KRB5_TRUE@ $(top_builddir)/lib/krb5/.libs/libkrb5.a \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/.libs/libasn1.a \ -@KRB5_TRUE@ $(LIB_krb4) \ -@KRB5_TRUE@ $(LIB_hcrypto_a) \ -@KRB5_TRUE@ $(LIB_com_err_a) \ -@KRB5_TRUE@ $(top_builddir)/lib/roken/.libs/libroken.a \ -@KRB5_TRUE@ $(LIB_getpwnam_r) \ -@KRB5_TRUE@ -lc - -@KRB5_FALSE@L_shared = \ -@KRB5_FALSE@ $(KAFS_S) \ -@KRB5_FALSE@ $(top_builddir)/lib/kadm/.libs/libkadm.so \ -@KRB5_FALSE@ $(top_builddir)/lib/krb/.libs/libkrb.so \ -@KRB5_FALSE@ $(LIB_hcrypto_so) \ -@KRB5_FALSE@ $(top_builddir)/lib/com_err/.libs/libcom_err.so \ -@KRB5_FALSE@ $(top_builddir)/lib/roken/.libs/libroken.so \ -@KRB5_FALSE@ $(LIB_getpwnam_r) \ -@KRB5_FALSE@ -lc - -@KRB5_TRUE@L_shared = \ -@KRB5_TRUE@ $(KAFS_S) \ -@KRB5_TRUE@ $(top_builddir)/lib/krb5/.libs/libkrb5.so \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/.libs/libasn1.so \ -@KRB5_TRUE@ $(LIB_krb4) \ -@KRB5_TRUE@ $(LIB_hcrypto_so) \ -@KRB5_TRUE@ $(LIB_com_err_so) \ -@KRB5_TRUE@ $(top_builddir)/lib/roken/.libs/libroken.so \ -@KRB5_TRUE@ $(LIB_getpwnam_r) \ -@KRB5_TRUE@ -lc - -@KRB5_FALSE@MOD = libsia_krb4.so -@KRB5_TRUE@MOD = libsia_krb5.so -foodir = $(libdir) -foo_DATA = $(MOD) -SRCS = sia.c posix_getpw.c sia_locl.h -OBJS = sia.o posix_getpw.o -CLEANFILES = $(MOD) $(OBJS) so_locations -EXTRA_DIST = sia.c sia_locl.h posix_getpw.c \ - krb4_matrix.conf krb4+c2_matrix.conf \ - krb5_matrix.conf krb5+c2_matrix.conf \ - security.patch \ - make-rpath $(SRCS) - -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .o -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/auth/sia/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/auth/sia/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-fooDATA: $(foo_DATA) - @$(NORMAL_INSTALL) - test -z "$(foodir)" || $(MKDIR_P) "$(DESTDIR)$(foodir)" - @list='$(foo_DATA)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(fooDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(foodir)/$$f'"; \ - $(fooDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(foodir)/$$f"; \ - done - -uninstall-fooDATA: - @$(NORMAL_UNINSTALL) - @list='$(foo_DATA)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(foodir)/$$f'"; \ - rm -f "$(DESTDIR)$(foodir)/$$f"; \ - done -tags: TAGS -TAGS: - -ctags: CTAGS -CTAGS: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(DATA) all-local -installdirs: - for dir in "$(DESTDIR)$(foodir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-fooDATA - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-fooDATA - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool dist-hook distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-fooDATA \ - install-html install-html-am install-info install-info-am \ - install-man install-pdf install-pdf-am install-ps \ - install-ps-am install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \ - ps ps-am uninstall uninstall-am uninstall-fooDATA \ - uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -libsia_krb5.so: $(OBJS) - @if test -f $(top_builddir)/lib/krb5/.libs/libkrb5.a; then \ - echo "$(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L)`"; \ - $(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L)`; \ - elif test -f $(top_builddir)/lib/krb5/.libs/libkrb5.so; then \ - echo "$(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L_shared)`"; \ - $(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L_shared)`; \ - else \ - echo "missing libraries"; exit 1; \ - fi - ostrip -x $@ - -libsia_krb4.so: $(OBJS) - @if test -f $(top_builddir)/lib/krb/.libs/libkrb.a; then \ - echo "$(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L)`"; \ - $(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L)`; \ - elif test -f $(top_builddir)/lib/krb/.libs/libkrb.so; then \ - echo "$(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L_shared)`"; \ - $(CC) -shared -o $@ `$(SHELL) $(srcdir)/make-rpath $(LDFLAGS) $(OBJS) $(L_shared)`; \ - else \ - echo "missing libraries"; exit 1; \ - fi - ostrip -x $@ - -# XXX inline COMPILE since automake wont add it - -.c.o: - $(CC) $(DEFS) $(DEFAULT_AM_CPPFLAGS) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) \ - -c `test -f '$<' || echo '$(srcdir)/'`$< -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/lib/auth/sia/krb4+c2_matrix.conf b/crypto/heimdal/lib/auth/sia/krb4+c2_matrix.conf deleted file mode 100644 index 47b5cd4fba2e..000000000000 --- a/crypto/heimdal/lib/auth/sia/krb4+c2_matrix.conf +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright (c) 1998 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. - -# $Id: krb4+c2_matrix.conf 7463 1999-12-02 16:58:55Z joda $ - -# sia matrix configuration file (Kerberos 4 + C2) - -siad_init=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) -siad_chk_invoker=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_init=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_authent=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_estab=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_launch=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_suauthent=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_reauthent=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_chg_finger=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_chg_password=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_chg_shell=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_getpwent=(BSD,libc.so) -siad_getpwuid=(BSD,libc.so) -siad_getpwnam=(BSD,libc.so) -siad_setpwent=(BSD,libc.so) -siad_endpwent=(BSD,libc.so) -siad_getgrent=(BSD,libc.so) -siad_getgrgid=(BSD,libc.so) -siad_getgrnam=(BSD,libc.so) -siad_setgrent=(BSD,libc.so) -siad_endgrent=(BSD,libc.so) -siad_ses_release=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_chk_user=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) diff --git a/crypto/heimdal/lib/auth/sia/krb4_matrix.conf b/crypto/heimdal/lib/auth/sia/krb4_matrix.conf deleted file mode 100644 index 17d6d13978af..000000000000 --- a/crypto/heimdal/lib/auth/sia/krb4_matrix.conf +++ /dev/null @@ -1,59 +0,0 @@ -# Copyright (c) 1998 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. - -# $Id: krb4_matrix.conf 7463 1999-12-02 16:58:55Z joda $ - -# sia matrix configuration file (Kerberos 4 + BSD) - -siad_init=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) -siad_chk_invoker=(BSD,libc.so) -siad_ses_init=(KRB4,/usr/athena/lib/libsia_krb4.so) -siad_ses_authent=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) -siad_ses_estab=(BSD,libc.so) -siad_ses_launch=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) -siad_ses_suauthent=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) -siad_ses_reauthent=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) -siad_chg_finger=(BSD,libc.so) -siad_chg_password=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) -siad_chg_shell=(BSD,libc.so) -siad_getpwent=(BSD,libc.so) -siad_getpwuid=(BSD,libc.so) -siad_getpwnam=(BSD,libc.so) -siad_setpwent=(BSD,libc.so) -siad_endpwent=(BSD,libc.so) -siad_getgrent=(BSD,libc.so) -siad_getgrgid=(BSD,libc.so) -siad_getgrnam=(BSD,libc.so) -siad_setgrent=(BSD,libc.so) -siad_endgrent=(BSD,libc.so) -siad_ses_release=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) -siad_chk_user=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) - diff --git a/crypto/heimdal/lib/auth/sia/krb5+c2_matrix.conf b/crypto/heimdal/lib/auth/sia/krb5+c2_matrix.conf deleted file mode 100644 index ada8ba507abb..000000000000 --- a/crypto/heimdal/lib/auth/sia/krb5+c2_matrix.conf +++ /dev/null @@ -1,27 +0,0 @@ -# $Id: krb5+c2_matrix.conf 5254 1998-11-26 20:58:18Z assar $ - -# sia matrix configuration file (Kerberos 5 + C2) - -siad_init=(KRB5,/usr/athena/lib/libsia_krb5.so)(BSD,libc.so) -siad_chk_invoker=(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_init=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_authent=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_estab=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_launch=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_suauthent=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_reauthent=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_chg_finger=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_chg_password=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_chg_shell=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_getpwent=(BSD,libc.so) -siad_getpwuid=(BSD,libc.so) -siad_getpwnam=(BSD,libc.so) -siad_setpwent=(BSD,libc.so) -siad_endpwent=(BSD,libc.so) -siad_getgrent=(BSD,libc.so) -siad_getgrgid=(BSD,libc.so) -siad_getgrnam=(BSD,libc.so) -siad_setgrent=(BSD,libc.so) -siad_endgrent=(BSD,libc.so) -siad_ses_release=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_chk_user=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) diff --git a/crypto/heimdal/lib/auth/sia/krb5_matrix.conf b/crypto/heimdal/lib/auth/sia/krb5_matrix.conf deleted file mode 100644 index ab07956fb9ce..000000000000 --- a/crypto/heimdal/lib/auth/sia/krb5_matrix.conf +++ /dev/null @@ -1,27 +0,0 @@ -# $Id: krb5_matrix.conf 10576 2001-08-28 08:49:20Z joda $ - -# sia matrix configuration file (Kerberos 5 + BSD) - -siad_init=(KRB5,/usr/heimdal/lib/libsia_krb5.so)(BSD,libc.so) -siad_chk_invoker=(BSD,libc.so) -siad_ses_init=(KRB5,/usr/heimdal/lib/libsia_krb5.so) -siad_ses_authent=(KRB5,/usr/heimdal/lib/libsia_krb5.so)(BSD,libc.so) -siad_ses_estab=(BSD,libc.so) -siad_ses_launch=(KRB5,/usr/heimdal/lib/libsia_krb5.so)(BSD,libc.so) -siad_ses_suauthent=(KRB5,/usr/heimdal/lib/libsia_krb5.so)(BSD,libc.so) -siad_ses_reauthent=(BSD,libc.so) -siad_chg_finger=(BSD,libc.so) -siad_chg_password=(BSD,libc.so) -siad_chg_shell=(BSD,libc.so) -siad_getpwent=(BSD,libc.so) -siad_getpwuid=(BSD,libc.so) -siad_getpwnam=(BSD,libc.so) -siad_setpwent=(BSD,libc.so) -siad_endpwent=(BSD,libc.so) -siad_getgrent=(BSD,libc.so) -siad_getgrgid=(BSD,libc.so) -siad_getgrnam=(BSD,libc.so) -siad_setgrent=(BSD,libc.so) -siad_endgrent=(BSD,libc.so) -siad_ses_release=(KRB5,/usr/heimdal/lib/libsia_krb5.so)(BSD,libc.so) -siad_chk_user=(BSD,libc.so) diff --git a/crypto/heimdal/lib/auth/sia/make-rpath b/crypto/heimdal/lib/auth/sia/make-rpath deleted file mode 100755 index 4aa297eeeb62..000000000000 --- a/crypto/heimdal/lib/auth/sia/make-rpath +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/sh -# $Id: make-rpath 10345 2001-07-17 15:15:31Z assar $ -rlist= -rest= -while test $# -gt 0; do -case $1 in --R|-rpath) - if test "$rlist"; then - rlist="${rlist}:$2" - else - rlist="$2" - fi - shift 2 - ;; --R*) - d=`echo $1 | sed 's,^-R,,'` - if test "$rlist"; then - rlist="${rlist}:${d}" - else - rlist="${d}" - fi - shift - ;; -*) - rest="${rest} $1" - shift - ;; -esac -done -rpath= -if test "$rlist"; then - rpath="-rpath $rlist " -fi -echo "${rpath}${rest}" diff --git a/crypto/heimdal/lib/auth/sia/posix_getpw.c b/crypto/heimdal/lib/auth/sia/posix_getpw.c deleted file mode 100644 index 65d7a2ef1d3c..000000000000 --- a/crypto/heimdal/lib/auth/sia/posix_getpw.c +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "sia_locl.h" - -RCSID("$Id: posix_getpw.c 5680 1999-03-21 17:07:02Z joda $"); - -#ifndef POSIX_GETPWNAM_R -/* - * These functions translate from the old Digital UNIX 3.x interface - * to POSIX.1c. - */ - -int -posix_getpwnam_r(const char *name, struct passwd *pwd, - char *buffer, int len, struct passwd **result) -{ - int ret = getpwnam_r(name, pwd, buffer, len); - if(ret == 0) - *result = pwd; - else{ - *result = NULL; - ret = _Geterrno(); - if(ret == 0){ - ret = ERANGE; - _Seterrno(ret); - } - } - return ret; -} - -int -posix_getpwuid_r(uid_t uid, struct passwd *pwd, - char *buffer, int len, struct passwd **result) -{ - int ret = getpwuid_r(uid, pwd, buffer, len); - if(ret == 0) - *result = pwd; - else{ - *result = NULL; - ret = _Geterrno(); - if(ret == 0){ - ret = ERANGE; - _Seterrno(ret); - } - } - return ret; -} -#endif /* POSIX_GETPWNAM_R */ diff --git a/crypto/heimdal/lib/auth/sia/security.patch b/crypto/heimdal/lib/auth/sia/security.patch deleted file mode 100644 index c407876d6362..000000000000 --- a/crypto/heimdal/lib/auth/sia/security.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- /sbin/init.d/security~ Tue Aug 20 22:44:09 1996 -+++ /sbin/init.d/security Fri Nov 1 14:52:56 1996 -@@ -49,7 +49,7 @@ - SECURITY=BASE - fi - ;; -- BASE) -+ BASE|KRB4) - ;; - *) - echo "security configuration set to default (BASE)." diff --git a/crypto/heimdal/lib/auth/sia/sia.c b/crypto/heimdal/lib/auth/sia/sia.c deleted file mode 100644 index 640b868cb61a..000000000000 --- a/crypto/heimdal/lib/auth/sia/sia.c +++ /dev/null @@ -1,703 +0,0 @@ -/* - * Copyright (c) 1995-2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "sia_locl.h" - -RCSID("$Id: sia.c 14838 2005-04-19 04:41:07Z lha $"); - -int -siad_init(void) -{ - return SIADSUCCESS; -} - -int -siad_chk_invoker(void) -{ - SIA_DEBUG(("DEBUG", "siad_chk_invoker")); - return SIADFAIL; -} - -int -siad_ses_init(SIAENTITY *entity, int pkgind) -{ - struct state *s = malloc(sizeof(*s)); - - SIA_DEBUG(("DEBUG", "siad_ses_init")); - if(s == NULL) - return SIADFAIL; - memset(s, 0, sizeof(*s)); -#ifdef SIA_KRB5 - { - krb5_error_code ret; - ret = krb5_init_context(&s->context); - if (ret) - return SIADFAIL; - } -#endif - entity->mech[pkgind] = (int*)s; - return SIADSUCCESS; -} - -static int -setup_name(SIAENTITY *e, prompt_t *p) -{ - SIA_DEBUG(("DEBUG", "setup_name")); - e->name = malloc(SIANAMEMIN + 1); - if(e->name == NULL){ - SIA_DEBUG(("DEBUG", "failed to malloc %u bytes", SIANAMEMIN+1)); - return SIADFAIL; - } - p->prompt = (unsigned char*)"login: "; - p->result = (unsigned char*)e->name; - p->min_result_length = 1; - p->max_result_length = SIANAMEMIN; - p->control_flags = 0; - return SIADSUCCESS; -} - -static int -setup_password(SIAENTITY *e, prompt_t *p) -{ - SIA_DEBUG(("DEBUG", "setup_password")); - e->password = malloc(SIAMXPASSWORD + 1); - if(e->password == NULL){ - SIA_DEBUG(("DEBUG", "failed to malloc %u bytes", SIAMXPASSWORD+1)); - return SIADFAIL; - } - p->prompt = (unsigned char*)"Password: "; - p->result = (unsigned char*)e->password; - p->min_result_length = 0; - p->max_result_length = SIAMXPASSWORD; - p->control_flags = SIARESINVIS; - return SIADSUCCESS; -} - - -static int -doauth(SIAENTITY *entity, int pkgind, char *name) -{ - struct passwd pw, *pwd; - char pwbuf[1024]; - struct state *s = (struct state*)entity->mech[pkgind]; -#ifdef SIA_KRB5 - krb5_realm *realms, *r; - krb5_principal principal; - krb5_ccache ccache; - krb5_error_code ret; -#endif -#ifdef SIA_KRB4 - char realm[REALM_SZ]; - char *toname, *toinst; - int ret; - struct passwd fpw, *fpwd; - char fpwbuf[1024]; - int secure; -#endif - - if(getpwnam_r(name, &pw, pwbuf, sizeof(pwbuf), &pwd) != 0 || pwd == NULL){ - SIA_DEBUG(("DEBUG", "failed to getpwnam(%s)", name)); - return SIADFAIL; - } - -#ifdef SIA_KRB5 - ret = krb5_get_default_realms(s->context, &realms); - - for (r = realms; *r != NULL; ++r) { - krb5_make_principal (s->context, &principal, *r, entity->name, NULL); - - if(krb5_kuserok(s->context, principal, entity->name)) - break; - } - krb5_free_host_realm (s->context, realms); - if (*r == NULL) - return SIADFAIL; - - sprintf(s->ticket, "FILE:/tmp/krb5_cc%d_%d", pwd->pw_uid, getpid()); - ret = krb5_cc_resolve(s->context, s->ticket, &ccache); - if(ret) - return SIADFAIL; -#endif - -#ifdef SIA_KRB4 - snprintf(s->ticket, sizeof(s->ticket), - "%s%u_%u", TKT_ROOT, (unsigned)pwd->pw_uid, (unsigned)getpid()); - krb_get_lrealm(realm, 1); - toname = name; - toinst = ""; - if(entity->authtype == SIA_A_SUAUTH){ - uid_t ouid; -#ifdef HAVE_SIAENTITY_OUID - ouid = entity->ouid; -#else - ouid = getuid(); -#endif - if(getpwuid_r(ouid, &fpw, fpwbuf, sizeof(fpwbuf), &fpwd) != 0 || fpwd == NULL){ - SIA_DEBUG(("DEBUG", "failed to getpwuid(%u)", ouid)); - return SIADFAIL; - } - snprintf(s->ticket, sizeof(s->ticket), "%s_%s_to_%s_%d", - TKT_ROOT, fpwd->pw_name, pwd->pw_name, getpid()); - if(strcmp(pwd->pw_name, "root") == 0){ - toname = fpwd->pw_name; - toinst = pwd->pw_name; - } - } - if(entity->authtype == SIA_A_REAUTH) - snprintf(s->ticket, sizeof(s->ticket), "%s", tkt_string()); - - krb_set_tkt_string(s->ticket); - - setuid(0); /* XXX fix for fix in tf_util.c */ - if(krb_kuserok(toname, toinst, realm, name)){ - SIA_DEBUG(("DEBUG", "%s.%s@%s is not allowed to login as %s", - toname, toinst, realm, name)); - return SIADFAIL; - } -#endif -#ifdef SIA_KRB5 - ret = krb5_verify_user_lrealm(s->context, principal, ccache, - entity->password, 1, NULL); - if(ret){ - /* if this is most likely a local user (such as - root), just silently return failure when the - principal doesn't exist */ - if(ret != KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN && - ret != KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN) - SIALOG("WARNING", "krb5_verify_user(%s): %s", - entity->name, error_message(ret)); - return SIADFAIL; - } -#endif -#ifdef SIA_KRB4 - if (getuid () == 0) - secure = KRB_VERIFY_SECURE; - else - secure = KRB_VERIFY_NOT_SECURE; - - ret = krb_verify_user(toname, toinst, realm, - entity->password, secure, NULL); - if(ret){ - SIA_DEBUG(("DEBUG", "krb_verify_user: %s", krb_get_err_text(ret))); - if(ret != KDC_PR_UNKNOWN) - /* since this is most likely a local user (such as - root), just silently return failure when the - principal doesn't exist */ - SIALOG("WARNING", "krb_verify_user(%s.%s): %s", - toname, toinst, krb_get_err_text(ret)); - return SIADFAIL; - } -#endif - if(sia_make_entity_pwd(pwd, entity) == SIAFAIL) - return SIADFAIL; - s->valid = 1; - return SIADSUCCESS; -} - - -static int -common_auth(sia_collect_func_t *collect, - SIAENTITY *entity, - int siastat, - int pkgind) -{ - prompt_t prompts[2], *pr; - char *name; - - SIA_DEBUG(("DEBUG", "common_auth")); - if((siastat == SIADSUCCESS) && (geteuid() == 0)) - return SIADSUCCESS; - if(entity == NULL) { - SIA_DEBUG(("DEBUG", "entity == NULL")); - return SIADFAIL | SIADSTOP; - } - name = entity->name; - if(entity->acctname) - name = entity->acctname; - - if((collect != NULL) && entity->colinput) { - int num; - pr = prompts; - if(name == NULL){ - if(setup_name(entity, pr) != SIADSUCCESS) - return SIADFAIL; - pr++; - } - if(entity->password == NULL){ - if(setup_password(entity, pr) != SIADSUCCESS) - return SIADFAIL; - pr++; - } - num = pr - prompts; - if(num == 1){ - if((*collect)(240, SIAONELINER, (unsigned char*)"", num, - prompts) != SIACOLSUCCESS){ - SIA_DEBUG(("DEBUG", "collect failed")); - return SIADFAIL | SIADSTOP; - } - } else if(num > 0){ - if((*collect)(0, SIAFORM, (unsigned char*)"", num, - prompts) != SIACOLSUCCESS){ - SIA_DEBUG(("DEBUG", "collect failed")); - return SIADFAIL | SIADSTOP; - } - } - } - if(name == NULL) - name = entity->name; - if(name == NULL || name[0] == '\0'){ - SIA_DEBUG(("DEBUG", "name is null")); - return SIADFAIL; - } - - if(entity->password == NULL || strlen(entity->password) > SIAMXPASSWORD){ - SIA_DEBUG(("DEBUG", "entity->password is null")); - return SIADFAIL; - } - - return doauth(entity, pkgind, name); -} - - -int -siad_ses_authent(sia_collect_func_t *collect, - SIAENTITY *entity, - int siastat, - int pkgind) -{ - SIA_DEBUG(("DEBUG", "siad_ses_authent")); - return common_auth(collect, entity, siastat, pkgind); -} - -int -siad_ses_estab(sia_collect_func_t *collect, - SIAENTITY *entity, int pkgind) -{ - SIA_DEBUG(("DEBUG", "siad_ses_estab")); - return SIADFAIL; -} - -int -siad_ses_launch(sia_collect_func_t *collect, - SIAENTITY *entity, - int pkgind) -{ - static char env[MaxPathLen]; - struct state *s = (struct state*)entity->mech[pkgind]; - SIA_DEBUG(("DEBUG", "siad_ses_launch")); - if(s->valid){ -#ifdef SIA_KRB5 - chown(s->ticket + sizeof("FILE:") - 1, - entity->pwd->pw_uid, - entity->pwd->pw_gid); - snprintf(env, sizeof(env), "KRB5CCNAME=%s", s->ticket); -#endif -#ifdef SIA_KRB4 - chown(s->ticket, entity->pwd->pw_uid, entity->pwd->pw_gid); - snprintf(env, sizeof(env), "KRBTKFILE=%s", s->ticket); -#endif - putenv(env); - } -#ifdef SIA_KRB5 - if (k_hasafs()) { - char cell[64]; - krb5_ccache ccache; - if(krb5_cc_resolve(s->context, s->ticket, &ccache) == 0) { - k_setpag(); - if(k_afs_cell_of_file(entity->pwd->pw_dir, cell, sizeof(cell)) == 0) - krb5_afslog(s->context, ccache, cell, 0); - krb5_afslog_home(s->context, ccache, 0, 0, entity->pwd->pw_dir); - } - } -#endif -#ifdef SIA_KRB4 - if (k_hasafs()) { - char cell[64]; - k_setpag(); - if(k_afs_cell_of_file(entity->pwd->pw_dir, cell, sizeof(cell)) == 0) - krb_afslog(cell, 0); - krb_afslog_home(0, 0, entity->pwd->pw_dir); - } -#endif - return SIADSUCCESS; -} - -int -siad_ses_release(SIAENTITY *entity, int pkgind) -{ - SIA_DEBUG(("DEBUG", "siad_ses_release")); - if(entity->mech[pkgind]){ -#ifdef SIA_KRB5 - struct state *s = (struct state*)entity->mech[pkgind]; - krb5_free_context(s->context); -#endif - free(entity->mech[pkgind]); - } - return SIADSUCCESS; -} - -int -siad_ses_suauthent(sia_collect_func_t *collect, - SIAENTITY *entity, - int siastat, - int pkgind) -{ - SIA_DEBUG(("DEBUG", "siad_ses_suauth")); - if(geteuid() != 0) - return SIADFAIL; - if(entity->name == NULL) - return SIADFAIL; - if(entity->name[0] == '\0') { - free(entity->name); - entity->name = strdup("root"); - if (entity->name == NULL) - return SIADFAIL; - } - return common_auth(collect, entity, siastat, pkgind); -} - -int -siad_ses_reauthent (sia_collect_func_t *collect, - SIAENTITY *entity, - int siastat, - int pkgind) -{ - int ret; - SIA_DEBUG(("DEBUG", "siad_ses_reauthent")); - if(entity == NULL || entity->name == NULL) - return SIADFAIL; - ret = common_auth(collect, entity, siastat, pkgind); - if((ret & SIADSUCCESS)){ - /* launch isn't (always?) called when doing reauth, so we must - duplicate some code here... */ - struct state *s = (struct state*)entity->mech[pkgind]; - chown(s->ticket, entity->pwd->pw_uid, entity->pwd->pw_gid); -#ifdef SIA_KRB5 - if (k_hasafs()) { - char cell[64]; - krb5_ccache ccache; - if(krb5_cc_resolve(s->context, s->ticket, &ccache) == 0) { - k_setpag(); - if(k_afs_cell_of_file(entity->pwd->pw_dir, - cell, sizeof(cell)) == 0) - krb5_afslog(s->context, ccache, cell, 0); - krb5_afslog_home(s->context, ccache, 0, 0, entity->pwd->pw_dir); - } - } -#endif -#ifdef SIA_KRB4 - if(k_hasafs()) { - char cell[64]; - if(k_afs_cell_of_file(entity->pwd->pw_dir, - cell, sizeof(cell)) == 0) - krb_afslog(cell, 0); - krb_afslog_home(0, 0, entity->pwd->pw_dir); - } -#endif - } - return ret; -} - -int -siad_chg_finger (sia_collect_func_t *collect, - const char *username, - int argc, - char *argv[]) -{ - SIA_DEBUG(("DEBUG", "siad_chg_finger")); - return SIADFAIL; -} - -#ifdef SIA_KRB5 -int -siad_chg_password (sia_collect_func_t *collect, - const char *username, - int argc, - char *argv[]) -{ - return SIADFAIL; -} -#endif - -#ifdef SIA_KRB4 -static void -sia_message(sia_collect_func_t *collect, int rendition, - const char *title, const char *message) -{ - prompt_t prompt; - prompt.prompt = (unsigned char*)message; - (*collect)(0, rendition, (unsigned char*)title, 1, &prompt); -} - -static int -init_change(sia_collect_func_t *collect, krb_principal *princ) -{ - prompt_t prompt; - char old_pw[MAX_KPW_LEN+1]; - char *msg; - char tktstring[128]; - int ret; - - SIA_DEBUG(("DEBUG", "init_change")); - prompt.prompt = (unsigned char*)"Old password: "; - prompt.result = (unsigned char*)old_pw; - prompt.min_result_length = 0; - prompt.max_result_length = sizeof(old_pw) - 1; - prompt.control_flags = SIARESINVIS; - asprintf(&msg, "Changing password for %s", krb_unparse_name(princ)); - if(msg == NULL){ - SIA_DEBUG(("DEBUG", "out of memory")); - return SIADFAIL; - } - ret = (*collect)(60, SIAONELINER, (unsigned char*)msg, 1, &prompt); - free(msg); - SIA_DEBUG(("DEBUG", "ret = %d", ret)); - if(ret != SIACOLSUCCESS) - return SIADFAIL; - snprintf(tktstring, sizeof(tktstring), - "%s_cpw_%u", TKT_ROOT, (unsigned)getpid()); - krb_set_tkt_string(tktstring); - - ret = krb_get_pw_in_tkt(princ->name, princ->instance, princ->realm, - PWSERV_NAME, KADM_SINST, 1, old_pw); - if (ret != KSUCCESS) { - SIA_DEBUG(("DEBUG", "krb_get_pw_in_tkt: %s", krb_get_err_text(ret))); - if (ret == INTK_BADPW) - sia_message(collect, SIAWARNING, "", "Incorrect old password."); - else - sia_message(collect, SIAWARNING, "", "Kerberos error."); - memset(old_pw, 0, sizeof(old_pw)); - return SIADFAIL; - } - if(chown(tktstring, getuid(), -1) < 0){ - dest_tkt(); - return SIADFAIL; - } - memset(old_pw, 0, sizeof(old_pw)); - return SIADSUCCESS; -} - -int -siad_chg_password (sia_collect_func_t *collect, - const char *username, - int argc, - char *argv[]) -{ - prompt_t prompts[2]; - krb_principal princ; - int ret; - char new_pw1[MAX_KPW_LEN+1]; - char new_pw2[MAX_KPW_LEN+1]; - static struct et_list *et_list; - - setprogname(argv[0]); - - SIA_DEBUG(("DEBUG", "siad_chg_password")); - if(collect == NULL) - return SIADFAIL; - - if(username == NULL) - username = getlogin(); - - ret = krb_parse_name(username, &princ); - if(ret) - return SIADFAIL; - if(princ.realm[0] == '\0') - krb_get_lrealm(princ.realm, 1); - - if(et_list == NULL) { - initialize_kadm_error_table_r(&et_list); - initialize_krb_error_table_r(&et_list); - } - - ret = init_change(collect, &princ); - if(ret != SIADSUCCESS) - return ret; - -again: - prompts[0].prompt = (unsigned char*)"New password: "; - prompts[0].result = (unsigned char*)new_pw1; - prompts[0].min_result_length = MIN_KPW_LEN; - prompts[0].max_result_length = sizeof(new_pw1) - 1; - prompts[0].control_flags = SIARESINVIS; - prompts[1].prompt = (unsigned char*)"Verify new password: "; - prompts[1].result = (unsigned char*)new_pw2; - prompts[1].min_result_length = MIN_KPW_LEN; - prompts[1].max_result_length = sizeof(new_pw2) - 1; - prompts[1].control_flags = SIARESINVIS; - if((*collect)(120, SIAFORM, (unsigned char*)"", 2, prompts) != - SIACOLSUCCESS) { - dest_tkt(); - return SIADFAIL; - } - if(strcmp(new_pw1, new_pw2) != 0){ - sia_message(collect, SIAWARNING, "", "Password mismatch."); - goto again; - } - ret = kadm_check_pw(new_pw1); - if(ret) { - sia_message(collect, SIAWARNING, "", com_right(et_list, ret)); - goto again; - } - - memset(new_pw2, 0, sizeof(new_pw2)); - ret = kadm_init_link (PWSERV_NAME, KRB_MASTER, princ.realm); - if (ret != KADM_SUCCESS) - sia_message(collect, SIAWARNING, "Error initing kadmin connection", - com_right(et_list, ret)); - else { - des_cblock newkey; - char *pw_msg; /* message from server */ - - des_string_to_key(new_pw1, &newkey); - ret = kadm_change_pw_plain((unsigned char*)&newkey, new_pw1, &pw_msg); - memset(newkey, 0, sizeof(newkey)); - - if (ret == KADM_INSECURE_PW) - sia_message(collect, SIAWARNING, "Insecure password", pw_msg); - else if (ret != KADM_SUCCESS) - sia_message(collect, SIAWARNING, "Error changing password", - com_right(et_list, ret)); - } - memset(new_pw1, 0, sizeof(new_pw1)); - - if (ret != KADM_SUCCESS) - sia_message(collect, SIAWARNING, "", "Password NOT changed."); - else - sia_message(collect, SIAINFO, "", "Password changed."); - - dest_tkt(); - if(ret) - return SIADFAIL; - return SIADSUCCESS; -} -#endif - -int -siad_chg_shell (sia_collect_func_t *collect, - const char *username, - int argc, - char *argv[]) -{ - return SIADFAIL; -} - -int -siad_getpwent(struct passwd *result, - char *buf, - int bufsize, - struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_getpwuid (uid_t uid, - struct passwd *result, - char *buf, - int bufsize, - struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_getpwnam (const char *name, - struct passwd *result, - char *buf, - int bufsize, - struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_setpwent (struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_endpwent (struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_getgrent(struct group *result, - char *buf, - int bufsize, - struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_getgrgid (gid_t gid, - struct group *result, - char *buf, - int bufsize, - struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_getgrnam (const char *name, - struct group *result, - char *buf, - int bufsize, - struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_setgrent (struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_endgrent (struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_chk_user (const char *logname, int checkflag) -{ - if(checkflag != CHGPASSWD) - return SIADFAIL; - return SIADSUCCESS; -} diff --git a/crypto/heimdal/lib/auth/sia/sia_locl.h b/crypto/heimdal/lib/auth/sia/sia_locl.h deleted file mode 100644 index 81e84395792c..000000000000 --- a/crypto/heimdal/lib/auth/sia/sia_locl.h +++ /dev/null @@ -1,93 +0,0 @@ -/* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -/* $Id: sia_locl.h 10688 2001-09-13 01:15:34Z assar $ */ - -#ifndef __sia_locl_h__ -#define __sia_locl_h__ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#ifdef KRB5 -#define SIA_KRB5 -#elif defined(KRB4) -#define SIA_KRB4 -#endif - -#ifdef SIA_KRB5 -#include -#include -#endif -#ifdef SIA_KRB4 -#include -#include -#include -#include -#endif -#ifdef KRB4 -#include -#endif - -#ifndef POSIX_GETPWNAM_R - -#define getpwnam_r posix_getpwnam_r -#define getpwuid_r posix_getpwuid_r - -#endif /* POSIX_GETPWNAM_R */ - -#ifndef DEBUG -#define SIA_DEBUG(X) -#else -#define SIA_DEBUG(X) SIALOG X -#endif - -struct state{ -#ifdef SIA_KRB5 - krb5_context context; - krb5_auth_context auth_context; -#endif - char ticket[MaxPathLen]; - int valid; -}; - -#endif /* __sia_locl_h__ */ diff --git a/crypto/heimdal/lib/com_err/ChangeLog b/crypto/heimdal/lib/com_err/ChangeLog deleted file mode 100644 index dbeb8fb6bedd..000000000000 --- a/crypto/heimdal/lib/com_err/ChangeLog +++ /dev/null @@ -1,235 +0,0 @@ -2007-07-17 Love Hörnquist Åstrand - - * Makefile.am: split source files in dist and nodist. - -2007-07-16 Love Hörnquist Åstrand - - * Makefile.am: Only do roken rename for the library. - -2007-07-15 Love Hörnquist Åstrand - - * Makefile.am: use version script. - - * version-script.map: use version script. - -2007-07-10 Love Hörnquist Åstrand - - * Makefile.am: New library version. - -2006-10-19 Love Hörnquist Åstrand - - * Makefile.am (compile_et_SOURCES): add lex.h - -2005-12-12 Love Hörnquist Åstrand - - * com_err.3: Document the _r functions. - -2005-07-07 Love Hörnquist Åstrand - - * com_err.h: Include for va_list to help AIX 5.2. - -2005-06-16 Love Hörnquist Åstrand - - * parse.y: rename base to base_id since flex defines a function - with the argument base - - * compile_et.h: rename base to base_id since flex defines a - function with the argument base - - * compile_et.c: rename base to base_id since flex defines a - function with the argument base - - * parse.y (name2number): rename base to num to avoid shadowing - - * compile_et.c: rename optind to optidx - -2005-05-16 Love Hörnquist Åstrand - - * parse.y: check allocation errors - - * lex.l: check allocation errors correctly - - * compile_et.h: include - - * (main): compile_et.c: use strlcpy - -2005-04-29 Dave Love - - * Makefile.am (LDADD): Add libcom_err.la - -2005-04-24 Love Hörnquist Åstrand - - * include strlcpy and *printf and use them - -2005-02-03 Love Hörnquist Åstrand - - * com_right.h: de-__P - - * com_err.h: de-__P - -2002-08-20 Johan Danielsson - - * compile_et.c: don't add comma after last enum member - -2002-08-12 Johan Danielsson - - * compile_et.c: just declare er_list directly instead of including - com_right in generated header files - -2002-03-11 Assar Westerlund - - * Makefile.am (libcom_err_la_LDFLAGS): set version to 2:1:1 - -2002-03-10 Assar Westerlund - - * com_err.c (error_message): do not call strerror with a negative error - -2001-05-17 Assar Westerlund - - * Makefile.am: bump version to 2:0:1 - -2001-05-11 Assar Westerlund - - * com_err.h (add_to_error_table): add prototype - * com_err.c (add_to_error_table): new function, from Derrick J - Brashear - -2001-05-06 Assar Westerlund - - * com_err.h: add printf formats for gcc - -2001-02-28 Johan Danielsson - - * error.c (initialize_error_table_r): put table at end of the list - -2001-02-15 Assar Westerlund - - * com_err.c (default_proc): add printf attributes - -2000-08-16 Assar Westerlund - - * Makefile.am: bump version to 1:1:0 - -2000-07-31 Assar Westerlund - - * com_right.h (initialize_error_table_r): fix prototype - -2000-04-05 Assar Westerlund - - * com_err.c (_et_lit): explicitly initialize it to NULL to make - dyld on Darwin/MacOS X happy - -2000-01-16 Assar Westerlund - - * com_err.h: remove __P definition (now in com_right.h). this - file always includes com_right.h so that's where it should reside. - * com_right.h: moved __P here and added it to the function - prototypes - * com_err.h (error_table_name): add __P - -1999-07-03 Assar Westerlund - - * parse.y (statement): use asprintf - -1999-06-13 Assar Westerlund - - * Makefile.in: make it solaris make vpath-safe - -Thu Apr 1 11:13:53 1999 Johan Danielsson - - * compile_et.c: use getargs - -Sat Mar 20 00:16:30 1999 Assar Westerlund - - * compile_et.c: static-ize - -Thu Mar 18 11:22:13 1999 Johan Danielsson - - * Makefile.am: include Makefile.am.common - -Tue Mar 16 22:30:05 1999 Assar Westerlund - - * parse.y: use YYACCEPT instead of return - -Sat Mar 13 22:22:56 1999 Assar Westerlund - - * compile_et.c (generate_h): cast when calling is* to get rid of a - warning - -Thu Mar 11 15:00:51 1999 Johan Danielsson - - * parse.y: prototype for error_message - -Sun Nov 22 10:39:02 1998 Assar Westerlund - - * compile_et.h: include ctype and roken - - * compile_et.c: include err.h - (generate_h): remove unused variable - - * Makefile.in (WFLAGS): set - -Fri Nov 20 06:58:59 1998 Assar Westerlund - - * lex.l: undef ECHO to work around AIX lex bug - -Sun Sep 27 02:23:59 1998 Johan Danielsson - - * com_err.c (error_message): try to pass code to strerror, to see - if it might be an errno code (this if broken, but some MIT code - seems to expect this behaviour) - -Sat Sep 26 17:42:39 1998 Johan Danielsson - - * compile_et.c: -> "foo_err.h" - -Tue Jun 30 17:17:36 1998 Assar Westerlund - - * Makefile.in: add str{cpy,cat}_truncate - -Mon May 25 05:24:39 1998 Assar Westerlund - - * Makefile.in (clean): try to remove shared library debris - -Sun Apr 19 09:50:17 1998 Assar Westerlund - - * Makefile.in: add symlink magic for linux - -Sun Apr 5 09:22:11 1998 Assar Westerlund - - * parse.y: define alloca to malloc in case we're using bison but - don't have alloca - -Tue Mar 24 05:13:01 1998 Assar Westerlund - - * Makefile.in: link with snprintf (From Derrick J Brashear - ) - -Fri Feb 27 05:01:42 1998 Assar Westerlund - - * parse.y: initialize ec->next - -Thu Feb 26 02:22:25 1998 Assar Westerlund - - * Makefile.am: @LEXLIB@ - -Sat Feb 21 15:18:54 1998 assar westerlund - - * Makefile.in: set YACC and LEX - -Tue Feb 17 22:20:27 1998 Bjoern Groenvall - - * com_right.h: Change typedefs so that one may mix MIT compile_et - generated code with krb4 dito. - -Tue Feb 17 16:30:55 1998 Johan Danielsson - - * compile_et.c (generate): Always return a value. - - * parse.y: Files don't have to end with `end'. - -Mon Feb 16 16:09:20 1998 Johan Danielsson - - * lex.l (getstring): Replace getc() with input(). - - * Makefile.am: Fixes for new compile_et. diff --git a/crypto/heimdal/lib/com_err/Makefile.am b/crypto/heimdal/lib/com_err/Makefile.am deleted file mode 100644 index 64d497656fec..000000000000 --- a/crypto/heimdal/lib/com_err/Makefile.am +++ /dev/null @@ -1,39 +0,0 @@ -# $Id: Makefile.am 21619 2007-07-17 07:34:00Z lha $ - -include $(top_srcdir)/Makefile.am.common - -YFLAGS = -d - -lib_LTLIBRARIES = libcom_err.la -libcom_err_la_LDFLAGS = -version-info 2:3:1 - -if versionscript -libcom_err_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map -endif - -bin_PROGRAMS = compile_et - -include_HEADERS = com_err.h com_right.h - -compile_et_SOURCES = compile_et.c compile_et.h parse.y lex.l lex.h - -libcom_err_la_CPPFLAGS = $(ROKEN_RENAME) -dist_libcom_err_la_SOURCES = error.c com_err.c roken_rename.h - -if do_roken_rename -nodist_libcom_err_la_SOURCES = snprintf.c strlcpy.c -endif - -$(compile_et_OBJECTS): parse.h parse.c ## XXX broken automake 1.4s - -compile_et_LDADD = \ - libcom_err.la \ - $(LIB_roken) \ - $(LEXLIB) - -snprintf.c: - $(LN_S) $(srcdir)/../roken/snprintf.c . -strlcpy.c: - $(LN_S) $(srcdir)/../roken/strlcpy.c . - -EXTRA_DIST = version-script.map diff --git a/crypto/heimdal/lib/com_err/Makefile.in b/crypto/heimdal/lib/com_err/Makefile.in deleted file mode 100644 index 2581001abd20..000000000000 --- a/crypto/heimdal/lib/com_err/Makefile.in +++ /dev/null @@ -1,910 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 21619 2007-07-17 07:34:00Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - - - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(include_HEADERS) $(srcdir)/Makefile.am \ - $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog lex.c parse.c \ - parse.h -@versionscript_TRUE@am__append_1 = $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map -bin_PROGRAMS = compile_et$(EXEEXT) -subdir = lib/com_err -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" \ - "$(DESTDIR)$(includedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) -LTLIBRARIES = $(lib_LTLIBRARIES) -libcom_err_la_LIBADD = -dist_libcom_err_la_OBJECTS = libcom_err_la-error.lo \ - libcom_err_la-com_err.lo -@do_roken_rename_TRUE@nodist_libcom_err_la_OBJECTS = \ -@do_roken_rename_TRUE@ libcom_err_la-snprintf.lo \ -@do_roken_rename_TRUE@ libcom_err_la-strlcpy.lo -libcom_err_la_OBJECTS = $(dist_libcom_err_la_OBJECTS) \ - $(nodist_libcom_err_la_OBJECTS) -libcom_err_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(libcom_err_la_LDFLAGS) $(LDFLAGS) -o $@ -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(bin_PROGRAMS) -am_compile_et_OBJECTS = compile_et.$(OBJEXT) parse.$(OBJEXT) \ - lex.$(OBJEXT) -compile_et_OBJECTS = $(am_compile_et_OBJECTS) -am__DEPENDENCIES_1 = -compile_et_DEPENDENCIES = libcom_err.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -@MAINTAINER_MODE_FALSE@am__skiplex = test -f $@ || -LEXCOMPILE = $(LEX) $(LFLAGS) $(AM_LFLAGS) -LTLEXCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(LEX) $(LFLAGS) $(AM_LFLAGS) -YLWRAP = $(top_srcdir)/ylwrap -@MAINTAINER_MODE_FALSE@am__skipyacc = test -f $@ || -YACCCOMPILE = $(YACC) $(YFLAGS) $(AM_YFLAGS) -LTYACCCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(YACC) $(YFLAGS) $(AM_YFLAGS) -SOURCES = $(dist_libcom_err_la_SOURCES) \ - $(nodist_libcom_err_la_SOURCES) $(compile_et_SOURCES) -DIST_SOURCES = $(dist_libcom_err_la_SOURCES) $(compile_et_SOURCES) -includeHEADERS_INSTALL = $(INSTALL_HEADER) -HEADERS = $(include_HEADERS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = -d -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -lib_LTLIBRARIES = libcom_err.la -libcom_err_la_LDFLAGS = -version-info 2:3:1 $(am__append_1) -include_HEADERS = com_err.h com_right.h -compile_et_SOURCES = compile_et.c compile_et.h parse.y lex.l lex.h -libcom_err_la_CPPFLAGS = $(ROKEN_RENAME) -dist_libcom_err_la_SOURCES = error.c com_err.c roken_rename.h -@do_roken_rename_TRUE@nodist_libcom_err_la_SOURCES = snprintf.c strlcpy.c -compile_et_LDADD = \ - libcom_err.la \ - $(LIB_roken) \ - $(LEXLIB) - -EXTRA_DIST = version-script.map -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .l .lo .o .obj .y -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/com_err/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/com_err/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-libLTLIBRARIES: $(lib_LTLIBRARIES) - @$(NORMAL_INSTALL) - test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ - else :; fi; \ - done - -uninstall-libLTLIBRARIES: - @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ - done - -clean-libLTLIBRARIES: - -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done -libcom_err.la: $(libcom_err_la_OBJECTS) $(libcom_err_la_DEPENDENCIES) - $(libcom_err_la_LINK) -rpath $(libdir) $(libcom_err_la_OBJECTS) $(libcom_err_la_LIBADD) $(LIBS) -install-binPROGRAMS: $(bin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-binPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done - -clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -parse.h: parse.c - @if test ! -f $@; then \ - rm -f parse.c; \ - $(MAKE) $(AM_MAKEFLAGS) parse.c; \ - else :; fi -compile_et$(EXEEXT): $(compile_et_OBJECTS) $(compile_et_DEPENDENCIES) - @rm -f compile_et$(EXEEXT) - $(LINK) $(compile_et_OBJECTS) $(compile_et_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -libcom_err_la-error.lo: error.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcom_err_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libcom_err_la-error.lo `test -f 'error.c' || echo '$(srcdir)/'`error.c - -libcom_err_la-com_err.lo: com_err.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcom_err_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libcom_err_la-com_err.lo `test -f 'com_err.c' || echo '$(srcdir)/'`com_err.c - -libcom_err_la-snprintf.lo: snprintf.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcom_err_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libcom_err_la-snprintf.lo `test -f 'snprintf.c' || echo '$(srcdir)/'`snprintf.c - -libcom_err_la-strlcpy.lo: strlcpy.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcom_err_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libcom_err_la-strlcpy.lo `test -f 'strlcpy.c' || echo '$(srcdir)/'`strlcpy.c - -.l.c: - $(am__skiplex) $(SHELL) $(YLWRAP) $< $(LEX_OUTPUT_ROOT).c $@ -- $(LEXCOMPILE) - -.y.c: - $(am__skipyacc) $(SHELL) $(YLWRAP) $< y.tab.c $@ y.tab.h $*.h y.output $*.output -- $(YACCCOMPILE) - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-includeHEADERS: $(include_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ - done - -uninstall-includeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local -install-binPROGRAMS: install-libLTLIBRARIES - -installdirs: - for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(includedir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." - -rm -f lex.c - -rm -f parse.c - -rm -f parse.h -clean: clean-am - -clean-am: clean-binPROGRAMS clean-generic clean-libLTLIBRARIES \ - clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-includeHEADERS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-binPROGRAMS install-libLTLIBRARIES - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-binPROGRAMS uninstall-includeHEADERS \ - uninstall-libLTLIBRARIES - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-binPROGRAMS clean-generic clean-libLTLIBRARIES \ - clean-libtool ctags dist-hook distclean distclean-compile \ - distclean-generic distclean-libtool distclean-tags distdir dvi \ - dvi-am html html-am info info-am install install-am \ - install-binPROGRAMS install-data install-data-am \ - install-data-hook install-dvi install-dvi-am install-exec \ - install-exec-am install-exec-hook install-html install-html-am \ - install-includeHEADERS install-info install-info-am \ - install-libLTLIBRARIES install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-binPROGRAMS \ - uninstall-hook uninstall-includeHEADERS \ - uninstall-libLTLIBRARIES - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -$(compile_et_OBJECTS): parse.h parse.c ## XXX broken automake 1.4s - -snprintf.c: - $(LN_S) $(srcdir)/../roken/snprintf.c . -strlcpy.c: - $(LN_S) $(srcdir)/../roken/strlcpy.c . -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/lib/com_err/com_err.c b/crypto/heimdal/lib/com_err/com_err.c deleted file mode 100644 index faf4294cdd8f..000000000000 --- a/crypto/heimdal/lib/com_err/com_err.c +++ /dev/null @@ -1,172 +0,0 @@ -/* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: com_err.c 14930 2005-04-24 19:43:06Z lha $"); -#endif -#include -#include -#include -#include -#include "com_err.h" - -struct et_list *_et_list = NULL; - - -const char * -error_message (long code) -{ - static char msg[128]; - const char *p = com_right(_et_list, code); - if (p == NULL) { - if (code < 0) - snprintf(msg, sizeof(msg), "Unknown error %ld", code); - else - p = strerror(code); - } - if (p != NULL && *p != '\0') { - strlcpy(msg, p, sizeof(msg)); - } else - snprintf(msg, sizeof(msg), "Unknown error %ld", code); - return msg; -} - -int -init_error_table(const char **msgs, long base, int count) -{ - initialize_error_table_r(&_et_list, msgs, count, base); - return 0; -} - -static void -default_proc (const char *whoami, long code, const char *fmt, va_list args) - __attribute__((__format__(__printf__, 3, 0))); - -static void -default_proc (const char *whoami, long code, const char *fmt, va_list args) -{ - if (whoami) - fprintf(stderr, "%s: ", whoami); - if (code) - fprintf(stderr, "%s ", error_message(code)); - if (fmt) - vfprintf(stderr, fmt, args); - fprintf(stderr, "\r\n"); /* ??? */ -} - -static errf com_err_hook = default_proc; - -void -com_err_va (const char *whoami, - long code, - const char *fmt, - va_list args) -{ - (*com_err_hook) (whoami, code, fmt, args); -} - -void -com_err (const char *whoami, - long code, - const char *fmt, - ...) -{ - va_list ap; - va_start(ap, fmt); - com_err_va (whoami, code, fmt, ap); - va_end(ap); -} - -errf -set_com_err_hook (errf new) -{ - errf old = com_err_hook; - - if (new) - com_err_hook = new; - else - com_err_hook = default_proc; - - return old; -} - -errf -reset_com_err_hook (void) -{ - return set_com_err_hook(NULL); -} - -#define ERRCODE_RANGE 8 /* # of bits to shift table number */ -#define BITS_PER_CHAR 6 /* # bits to shift per character in name */ - -static const char char_set[] = - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_"; - -static char buf[6]; - -const char * -error_table_name(int num) -{ - int ch; - int i; - char *p; - - /* num = aa aaa abb bbb bcc ccc cdd ddd d?? ??? ??? */ - p = buf; - num >>= ERRCODE_RANGE; - /* num = ?? ??? ??? aaa aaa bbb bbb ccc ccc ddd ddd */ - num &= 077777777; - /* num = 00 000 000 aaa aaa bbb bbb ccc ccc ddd ddd */ - for (i = 4; i >= 0; i--) { - ch = (num >> BITS_PER_CHAR * i) & ((1 << BITS_PER_CHAR) - 1); - if (ch != 0) - *p++ = char_set[ch-1]; - } - *p = '\0'; - return(buf); -} - -void -add_to_error_table(struct et_list *new_table) -{ - struct et_list *et; - - for (et = _et_list; et; et = et->next) { - if (et->table->base == new_table->table->base) - return; - } - - new_table->next = _et_list; - _et_list = new_table; -} diff --git a/crypto/heimdal/lib/com_err/com_err.h b/crypto/heimdal/lib/com_err/com_err.h deleted file mode 100644 index bdd764f7e982..000000000000 --- a/crypto/heimdal/lib/com_err/com_err.h +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: com_err.h 15566 2005-07-07 14:58:07Z lha $ */ - -/* MIT compatible com_err library */ - -#ifndef __COM_ERR_H__ -#define __COM_ERR_H__ - -#include -#include - -#if !defined(__GNUC__) && !defined(__attribute__) -#define __attribute__(X) -#endif - -typedef void (*errf) (const char *, long, const char *, va_list); - -const char * error_message (long); -int init_error_table (const char**, long, int); - -void com_err_va (const char *, long, const char *, va_list) - __attribute__((format(printf, 3, 0))); - -void com_err (const char *, long, const char *, ...) - __attribute__((format(printf, 3, 4))); - -errf set_com_err_hook (errf); -errf reset_com_err_hook (void); - -const char *error_table_name (int num); - -void add_to_error_table (struct et_list *new_table); - -#endif /* __COM_ERR_H__ */ diff --git a/crypto/heimdal/lib/com_err/com_right.h b/crypto/heimdal/lib/com_err/com_right.h deleted file mode 100644 index 4d929da866b3..000000000000 --- a/crypto/heimdal/lib/com_err/com_right.h +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: com_right.h 14551 2005-02-03 08:45:13Z lha $ */ - -#ifndef __COM_RIGHT_H__ -#define __COM_RIGHT_H__ - -#ifdef __STDC__ -#include -#endif - -struct error_table { - char const * const * msgs; - long base; - int n_msgs; -}; -struct et_list { - struct et_list *next; - struct error_table *table; -}; -extern struct et_list *_et_list; - -const char *com_right (struct et_list *list, long code); -void initialize_error_table_r (struct et_list **, const char **, int, long); -void free_error_table (struct et_list *); - -#endif /* __COM_RIGHT_H__ */ diff --git a/crypto/heimdal/lib/com_err/compile_et.c b/crypto/heimdal/lib/com_err/compile_et.c deleted file mode 100644 index 105765482265..000000000000 --- a/crypto/heimdal/lib/com_err/compile_et.c +++ /dev/null @@ -1,236 +0,0 @@ -/* - * Copyright (c) 1998-2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#undef ROKEN_RENAME -#include "compile_et.h" -#include - -RCSID("$Id: compile_et.c 15426 2005-06-16 19:21:42Z lha $"); - -#include -#include -#include "parse.h" - -int numerror; -extern FILE *yyin; - -extern void yyparse(void); - -long base_id; -int number; -char *prefix; -char *id_str; - -char name[128]; -char Basename[128]; - -#ifdef YYDEBUG -extern int yydebug = 1; -#endif - -char *filename; -char hfn[128]; -char cfn[128]; - -struct error_code *codes = NULL; - -static int -generate_c(void) -{ - int n; - struct error_code *ec; - - FILE *c_file = fopen(cfn, "w"); - if(c_file == NULL) - return 1; - - fprintf(c_file, "/* Generated from %s */\n", filename); - if(id_str) - fprintf(c_file, "/* %s */\n", id_str); - fprintf(c_file, "\n"); - fprintf(c_file, "#include \n"); - fprintf(c_file, "#include \n"); - fprintf(c_file, "#include \"%s\"\n", hfn); - fprintf(c_file, "\n"); - - fprintf(c_file, "static const char *%s_error_strings[] = {\n", name); - - for(ec = codes, n = 0; ec; ec = ec->next, n++) { - while(n < ec->number) { - fprintf(c_file, "\t/* %03d */ \"Reserved %s error (%d)\",\n", - n, name, n); - n++; - - } - fprintf(c_file, "\t/* %03d */ \"%s\",\n", ec->number, ec->string); - } - - fprintf(c_file, "\tNULL\n"); - fprintf(c_file, "};\n"); - fprintf(c_file, "\n"); - fprintf(c_file, "#define num_errors %d\n", number); - fprintf(c_file, "\n"); - fprintf(c_file, - "void initialize_%s_error_table_r(struct et_list **list)\n", - name); - fprintf(c_file, "{\n"); - fprintf(c_file, - " initialize_error_table_r(list, %s_error_strings, " - "num_errors, ERROR_TABLE_BASE_%s);\n", name, name); - fprintf(c_file, "}\n"); - fprintf(c_file, "\n"); - fprintf(c_file, "void initialize_%s_error_table(void)\n", name); - fprintf(c_file, "{\n"); - fprintf(c_file, - " init_error_table(%s_error_strings, ERROR_TABLE_BASE_%s, " - "num_errors);\n", name, name); - fprintf(c_file, "}\n"); - - fclose(c_file); - return 0; -} - -static int -generate_h(void) -{ - struct error_code *ec; - char fn[128]; - FILE *h_file = fopen(hfn, "w"); - char *p; - - if(h_file == NULL) - return 1; - - snprintf(fn, sizeof(fn), "__%s__", hfn); - for(p = fn; *p; p++) - if(!isalnum((unsigned char)*p)) - *p = '_'; - - fprintf(h_file, "/* Generated from %s */\n", filename); - if(id_str) - fprintf(h_file, "/* %s */\n", id_str); - fprintf(h_file, "\n"); - fprintf(h_file, "#ifndef %s\n", fn); - fprintf(h_file, "#define %s\n", fn); - fprintf(h_file, "\n"); - fprintf(h_file, "struct et_list;\n"); - fprintf(h_file, "\n"); - fprintf(h_file, - "void initialize_%s_error_table_r(struct et_list **);\n", - name); - fprintf(h_file, "\n"); - fprintf(h_file, "void initialize_%s_error_table(void);\n", name); - fprintf(h_file, "#define init_%s_err_tbl initialize_%s_error_table\n", - name, name); - fprintf(h_file, "\n"); - fprintf(h_file, "typedef enum %s_error_number{\n", name); - - for(ec = codes; ec; ec = ec->next) { - fprintf(h_file, "\t%s = %ld%s\n", ec->name, base_id + ec->number, - (ec->next != NULL) ? "," : ""); - } - - fprintf(h_file, "} %s_error_number;\n", name); - fprintf(h_file, "\n"); - fprintf(h_file, "#define ERROR_TABLE_BASE_%s %ld\n", name, base_id); - fprintf(h_file, "\n"); - fprintf(h_file, "#endif /* %s */\n", fn); - - - fclose(h_file); - return 0; -} - -static int -generate(void) -{ - return generate_c() || generate_h(); -} - -int version_flag; -int help_flag; -struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; -int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage(int code) -{ - arg_printusage(args, num_args, NULL, "error-table"); - exit(code); -} - -int -main(int argc, char **argv) -{ - char *p; - int optidx = 0; - - setprogname(argv[0]); - if(getarg(args, num_args, argc, argv, &optidx)) - usage(1); - if(help_flag) - usage(0); - if(version_flag) { - print_version(NULL); - exit(0); - } - - if(optidx == argc) - usage(1); - filename = argv[optidx]; - yyin = fopen(filename, "r"); - if(yyin == NULL) - err(1, "%s", filename); - - - p = strrchr(filename, '/'); - if(p) - p++; - else - p = filename; - strlcpy(Basename, p, sizeof(Basename)); - - Basename[strcspn(Basename, ".")] = '\0'; - - snprintf(hfn, sizeof(hfn), "%s.h", Basename); - snprintf(cfn, sizeof(cfn), "%s.c", Basename); - - yyparse(); - if(numerror) - return 1; - - return generate(); -} diff --git a/crypto/heimdal/lib/com_err/compile_et.h b/crypto/heimdal/lib/com_err/compile_et.h deleted file mode 100644 index 1c7de5a08b69..000000000000 --- a/crypto/heimdal/lib/com_err/compile_et.h +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: compile_et.h 15426 2005-06-16 19:21:42Z lha $ */ - -#ifndef __COMPILE_ET_H__ -#define __COMPILE_ET_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include -#include -#include - -extern long base_id; -extern int number; -extern char *prefix; -extern char name[128]; -extern char *id_str; -extern char *filename; -extern int numerror; - -struct error_code { - unsigned number; - char *name; - char *string; - struct error_code *next, **tail; -}; - -extern struct error_code *codes; - -#define APPEND(L, V) \ -do { \ - if((L) == NULL) { \ - (L) = (V); \ - (L)->tail = &(V)->next; \ - (L)->next = NULL; \ - }else{ \ - *(L)->tail = (V); \ - (L)->tail = &(V)->next; \ - } \ -}while(0) - -#endif /* __COMPILE_ET_H__ */ diff --git a/crypto/heimdal/lib/com_err/error.c b/crypto/heimdal/lib/com_err/error.c deleted file mode 100644 index 051078025c56..000000000000 --- a/crypto/heimdal/lib/com_err/error.c +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: error.c 9724 2001-02-28 20:00:13Z joda $"); -#endif -#include -#include -#include -#include - -const char * -com_right(struct et_list *list, long code) -{ - struct et_list *p; - for (p = list; p; p = p->next) { - if (code >= p->table->base && code < p->table->base + p->table->n_msgs) - return p->table->msgs[code - p->table->base]; - } - return NULL; -} - -struct foobar { - struct et_list etl; - struct error_table et; -}; - -void -initialize_error_table_r(struct et_list **list, - const char **messages, - int num_errors, - long base) -{ - struct et_list *et, **end; - struct foobar *f; - for (end = list, et = *list; et; end = &et->next, et = et->next) - if (et->table->msgs == messages) - return; - f = malloc(sizeof(*f)); - if (f == NULL) - return; - et = &f->etl; - et->table = &f->et; - et->table->msgs = messages; - et->table->n_msgs = num_errors; - et->table->base = base; - et->next = NULL; - *end = et; -} - - -void -free_error_table(struct et_list *et) -{ - while(et){ - struct et_list *p = et; - et = et->next; - free(p); - } -} diff --git a/crypto/heimdal/lib/com_err/lex.c b/crypto/heimdal/lib/com_err/lex.c deleted file mode 100644 index 8f756d39c998..000000000000 --- a/crypto/heimdal/lib/com_err/lex.c +++ /dev/null @@ -1,1896 +0,0 @@ - -#line 3 "lex.c" - -#define YY_INT_ALIGNED short int - -/* A lexical scanner generated by flex */ - -#define FLEX_SCANNER -#define YY_FLEX_MAJOR_VERSION 2 -#define YY_FLEX_MINOR_VERSION 5 -#define YY_FLEX_SUBMINOR_VERSION 33 -#if YY_FLEX_SUBMINOR_VERSION > 0 -#define FLEX_BETA -#endif - -/* First, we deal with platform-specific or compiler-specific issues. */ - -/* begin standard C headers. */ -#include -#include -#include -#include - -/* end standard C headers. */ - -/* flex integer type definitions */ - -#ifndef FLEXINT_H -#define FLEXINT_H - -/* C99 systems have . Non-C99 systems may or may not. */ - -#if __STDC_VERSION__ >= 199901L - -/* C99 says to define __STDC_LIMIT_MACROS before including stdint.h, - * if you want the limit (max/min) macros for int types. - */ -#ifndef __STDC_LIMIT_MACROS -#define __STDC_LIMIT_MACROS 1 -#endif - -#include -typedef int8_t flex_int8_t; -typedef uint8_t flex_uint8_t; -typedef int16_t flex_int16_t; -typedef uint16_t flex_uint16_t; -typedef int32_t flex_int32_t; -typedef uint32_t flex_uint32_t; -#else -typedef signed char flex_int8_t; -typedef short int flex_int16_t; -typedef int flex_int32_t; -typedef unsigned char flex_uint8_t; -typedef unsigned short int flex_uint16_t; -typedef unsigned int flex_uint32_t; -#endif /* ! C99 */ - -/* Limits of integral types. */ -#ifndef INT8_MIN -#define INT8_MIN (-128) -#endif -#ifndef INT16_MIN -#define INT16_MIN (-32767-1) -#endif -#ifndef INT32_MIN -#define INT32_MIN (-2147483647-1) -#endif -#ifndef INT8_MAX -#define INT8_MAX (127) -#endif -#ifndef INT16_MAX -#define INT16_MAX (32767) -#endif -#ifndef INT32_MAX -#define INT32_MAX (2147483647) -#endif -#ifndef UINT8_MAX -#define UINT8_MAX (255U) -#endif -#ifndef UINT16_MAX -#define UINT16_MAX (65535U) -#endif -#ifndef UINT32_MAX -#define UINT32_MAX (4294967295U) -#endif - -#endif /* ! FLEXINT_H */ - -#ifdef __cplusplus - -/* The "const" storage-class-modifier is valid. */ -#define YY_USE_CONST - -#else /* ! __cplusplus */ - -#if __STDC__ - -#define YY_USE_CONST - -#endif /* __STDC__ */ -#endif /* ! __cplusplus */ - -#ifdef YY_USE_CONST -#define yyconst const -#else -#define yyconst -#endif - -/* Returned upon end-of-file. */ -#define YY_NULL 0 - -/* Promotes a possibly negative, possibly signed char to an unsigned - * integer for use as an array index. If the signed char is negative, - * we want to instead treat it as an 8-bit unsigned char, hence the - * double cast. - */ -#define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c) - -/* Enter a start condition. This macro really ought to take a parameter, - * but we do it the disgusting crufty way forced on us by the ()-less - * definition of BEGIN. - */ -#define BEGIN (yy_start) = 1 + 2 * - -/* Translate the current start state into a value that can be later handed - * to BEGIN to return to the state. The YYSTATE alias is for lex - * compatibility. - */ -#define YY_START (((yy_start) - 1) / 2) -#define YYSTATE YY_START - -/* Action number for EOF rule of a given start state. */ -#define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1) - -/* Special action meaning "start processing a new file". */ -#define YY_NEW_FILE yyrestart(yyin ) - -#define YY_END_OF_BUFFER_CHAR 0 - -/* Size of default input buffer. */ -#ifndef YY_BUF_SIZE -#define YY_BUF_SIZE 16384 -#endif - -/* The state buf must be large enough to hold one state per character in the main buffer. - */ -#define YY_STATE_BUF_SIZE ((YY_BUF_SIZE + 2) * sizeof(yy_state_type)) - -#ifndef YY_TYPEDEF_YY_BUFFER_STATE -#define YY_TYPEDEF_YY_BUFFER_STATE -typedef struct yy_buffer_state *YY_BUFFER_STATE; -#endif - -extern int yyleng; - -extern FILE *yyin, *yyout; - -#define EOB_ACT_CONTINUE_SCAN 0 -#define EOB_ACT_END_OF_FILE 1 -#define EOB_ACT_LAST_MATCH 2 - - #define YY_LESS_LINENO(n) - -/* Return all but the first "n" matched characters back to the input stream. */ -#define yyless(n) \ - do \ - { \ - /* Undo effects of setting up yytext. */ \ - int yyless_macro_arg = (n); \ - YY_LESS_LINENO(yyless_macro_arg);\ - *yy_cp = (yy_hold_char); \ - YY_RESTORE_YY_MORE_OFFSET \ - (yy_c_buf_p) = yy_cp = yy_bp + yyless_macro_arg - YY_MORE_ADJ; \ - YY_DO_BEFORE_ACTION; /* set up yytext again */ \ - } \ - while ( 0 ) - -#define unput(c) yyunput( c, (yytext_ptr) ) - -/* The following is because we cannot portably get our hands on size_t - * (without autoconf's help, which isn't available because we want - * flex-generated scanners to compile on their own). - */ - -#ifndef YY_TYPEDEF_YY_SIZE_T -#define YY_TYPEDEF_YY_SIZE_T -typedef unsigned int yy_size_t; -#endif - -#ifndef YY_STRUCT_YY_BUFFER_STATE -#define YY_STRUCT_YY_BUFFER_STATE -struct yy_buffer_state - { - FILE *yy_input_file; - - char *yy_ch_buf; /* input buffer */ - char *yy_buf_pos; /* current position in input buffer */ - - /* Size of input buffer in bytes, not including room for EOB - * characters. - */ - yy_size_t yy_buf_size; - - /* Number of characters read into yy_ch_buf, not including EOB - * characters. - */ - int yy_n_chars; - - /* Whether we "own" the buffer - i.e., we know we created it, - * and can realloc() it to grow it, and should free() it to - * delete it. - */ - int yy_is_our_buffer; - - /* Whether this is an "interactive" input source; if so, and - * if we're using stdio for input, then we want to use getc() - * instead of fread(), to make sure we stop fetching input after - * each newline. - */ - int yy_is_interactive; - - /* Whether we're considered to be at the beginning of a line. - * If so, '^' rules will be active on the next match, otherwise - * not. - */ - int yy_at_bol; - - int yy_bs_lineno; /**< The line count. */ - int yy_bs_column; /**< The column count. */ - - /* Whether to try to fill the input buffer when we reach the - * end of it. - */ - int yy_fill_buffer; - - int yy_buffer_status; - -#define YY_BUFFER_NEW 0 -#define YY_BUFFER_NORMAL 1 - /* When an EOF's been seen but there's still some text to process - * then we mark the buffer as YY_EOF_PENDING, to indicate that we - * shouldn't try reading from the input source any more. We might - * still have a bunch of tokens to match, though, because of - * possible backing-up. - * - * When we actually see the EOF, we change the status to "new" - * (via yyrestart()), so that the user can continue scanning by - * just pointing yyin at a new input file. - */ -#define YY_BUFFER_EOF_PENDING 2 - - }; -#endif /* !YY_STRUCT_YY_BUFFER_STATE */ - -/* Stack of input buffers. */ -static size_t yy_buffer_stack_top = 0; /**< index of top of stack. */ -static size_t yy_buffer_stack_max = 0; /**< capacity of stack. */ -static YY_BUFFER_STATE * yy_buffer_stack = 0; /**< Stack as an array. */ - -/* We provide macros for accessing buffer states in case in the - * future we want to put the buffer states in a more general - * "scanner state". - * - * Returns the top of the stack, or NULL. - */ -#define YY_CURRENT_BUFFER ( (yy_buffer_stack) \ - ? (yy_buffer_stack)[(yy_buffer_stack_top)] \ - : NULL) - -/* Same as previous macro, but useful when we know that the buffer stack is not - * NULL or when we need an lvalue. For internal use only. - */ -#define YY_CURRENT_BUFFER_LVALUE (yy_buffer_stack)[(yy_buffer_stack_top)] - -/* yy_hold_char holds the character lost when yytext is formed. */ -static char yy_hold_char; -static int yy_n_chars; /* number of characters read into yy_ch_buf */ -int yyleng; - -/* Points to current character in buffer. */ -static char *yy_c_buf_p = (char *) 0; -static int yy_init = 0; /* whether we need to initialize */ -static int yy_start = 0; /* start state number */ - -/* Flag which is used to allow yywrap()'s to do buffer switches - * instead of setting up a fresh yyin. A bit of a hack ... - */ -static int yy_did_buffer_switch_on_eof; - -void yyrestart (FILE *input_file ); -void yy_switch_to_buffer (YY_BUFFER_STATE new_buffer ); -YY_BUFFER_STATE yy_create_buffer (FILE *file,int size ); -void yy_delete_buffer (YY_BUFFER_STATE b ); -void yy_flush_buffer (YY_BUFFER_STATE b ); -void yypush_buffer_state (YY_BUFFER_STATE new_buffer ); -void yypop_buffer_state (void ); - -static void yyensure_buffer_stack (void ); -static void yy_load_buffer_state (void ); -static void yy_init_buffer (YY_BUFFER_STATE b,FILE *file ); - -#define YY_FLUSH_BUFFER yy_flush_buffer(YY_CURRENT_BUFFER ) - -YY_BUFFER_STATE yy_scan_buffer (char *base,yy_size_t size ); -YY_BUFFER_STATE yy_scan_string (yyconst char *yy_str ); -YY_BUFFER_STATE yy_scan_bytes (yyconst char *bytes,int len ); - -void *yyalloc (yy_size_t ); -void *yyrealloc (void *,yy_size_t ); -void yyfree (void * ); - -#define yy_new_buffer yy_create_buffer - -#define yy_set_interactive(is_interactive) \ - { \ - if ( ! YY_CURRENT_BUFFER ){ \ - yyensure_buffer_stack (); \ - YY_CURRENT_BUFFER_LVALUE = \ - yy_create_buffer(yyin,YY_BUF_SIZE ); \ - } \ - YY_CURRENT_BUFFER_LVALUE->yy_is_interactive = is_interactive; \ - } - -#define yy_set_bol(at_bol) \ - { \ - if ( ! YY_CURRENT_BUFFER ){\ - yyensure_buffer_stack (); \ - YY_CURRENT_BUFFER_LVALUE = \ - yy_create_buffer(yyin,YY_BUF_SIZE ); \ - } \ - YY_CURRENT_BUFFER_LVALUE->yy_at_bol = at_bol; \ - } - -#define YY_AT_BOL() (YY_CURRENT_BUFFER_LVALUE->yy_at_bol) - -/* Begin user sect3 */ - -typedef unsigned char YY_CHAR; - -FILE *yyin = (FILE *) 0, *yyout = (FILE *) 0; - -typedef int yy_state_type; - -extern int yylineno; - -int yylineno = 1; - -extern char *yytext; -#define yytext_ptr yytext - -static yy_state_type yy_get_previous_state (void ); -static yy_state_type yy_try_NUL_trans (yy_state_type current_state ); -static int yy_get_next_buffer (void ); -static void yy_fatal_error (yyconst char msg[] ); - -/* Done after the current pattern has been matched and before the - * corresponding action - sets up yytext. - */ -#define YY_DO_BEFORE_ACTION \ - (yytext_ptr) = yy_bp; \ - yyleng = (size_t) (yy_cp - yy_bp); \ - (yy_hold_char) = *yy_cp; \ - *yy_cp = '\0'; \ - (yy_c_buf_p) = yy_cp; - -#define YY_NUM_RULES 16 -#define YY_END_OF_BUFFER 17 -/* This struct is not used in this scanner, - but its presence is necessary. */ -struct yy_trans_info - { - flex_int32_t yy_verify; - flex_int32_t yy_nxt; - }; -static yyconst flex_int16_t yy_accept[46] = - { 0, - 0, 0, 17, 15, 11, 12, 13, 10, 9, 14, - 14, 14, 14, 10, 9, 14, 3, 14, 14, 1, - 7, 14, 14, 8, 14, 14, 14, 14, 14, 14, - 14, 6, 14, 14, 5, 14, 14, 14, 14, 14, - 14, 4, 14, 2, 0 - } ; - -static yyconst flex_int32_t yy_ec[256] = - { 0, - 1, 1, 1, 1, 1, 1, 1, 1, 2, 3, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 2, 1, 4, 5, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 6, 6, 6, - 6, 6, 6, 6, 6, 6, 6, 1, 1, 1, - 1, 1, 1, 1, 7, 7, 7, 7, 7, 7, - 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, - 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, - 1, 1, 1, 1, 8, 1, 9, 10, 11, 12, - - 13, 14, 7, 7, 15, 7, 7, 16, 7, 17, - 18, 19, 7, 20, 7, 21, 7, 7, 7, 22, - 7, 7, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1 - } ; - -static yyconst flex_int32_t yy_meta[23] = - { 0, - 1, 1, 2, 1, 1, 3, 3, 3, 3, 3, - 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, - 3, 3 - } ; - -static yyconst flex_int16_t yy_base[48] = - { 0, - 0, 0, 56, 57, 57, 57, 57, 0, 49, 0, - 12, 13, 34, 0, 47, 0, 0, 40, 31, 0, - 0, 38, 36, 0, 30, 34, 32, 25, 22, 28, - 34, 0, 19, 13, 0, 22, 30, 26, 26, 18, - 12, 0, 14, 0, 57, 34, 23 - } ; - -static yyconst flex_int16_t yy_def[48] = - { 0, - 45, 1, 45, 45, 45, 45, 45, 46, 47, 47, - 47, 47, 47, 46, 47, 47, 47, 47, 47, 47, - 47, 47, 47, 47, 47, 47, 47, 47, 47, 47, - 47, 47, 47, 47, 47, 47, 47, 47, 47, 47, - 47, 47, 47, 47, 0, 45, 45 - } ; - -static yyconst flex_int16_t yy_nxt[80] = - { 0, - 4, 5, 6, 7, 8, 9, 10, 10, 10, 10, - 10, 10, 11, 10, 12, 10, 10, 10, 13, 10, - 10, 10, 17, 36, 21, 16, 44, 43, 18, 22, - 42, 19, 20, 37, 14, 41, 14, 40, 39, 38, - 35, 34, 33, 32, 31, 30, 29, 28, 27, 26, - 25, 24, 15, 23, 15, 45, 3, 45, 45, 45, - 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, - 45, 45, 45, 45, 45, 45, 45, 45, 45 - } ; - -static yyconst flex_int16_t yy_chk[80] = - { 0, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 11, 34, 12, 47, 43, 41, 11, 12, - 40, 11, 11, 34, 46, 39, 46, 38, 37, 36, - 33, 31, 30, 29, 28, 27, 26, 25, 23, 22, - 19, 18, 15, 13, 9, 3, 45, 45, 45, 45, - 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, - 45, 45, 45, 45, 45, 45, 45, 45, 45 - } ; - -static yy_state_type yy_last_accepting_state; -static char *yy_last_accepting_cpos; - -extern int yy_flex_debug; -int yy_flex_debug = 0; - -/* The intent behind this definition is that it'll catch - * any uses of REJECT which flex missed. - */ -#define REJECT reject_used_but_not_detected -#define yymore() yymore_used_but_not_detected -#define YY_MORE_ADJ 0 -#define YY_RESTORE_YY_MORE_OFFSET -char *yytext; -#line 1 "lex.l" -#line 2 "lex.l" -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * This is to handle the definition of this symbol in some AIX - * headers, which will conflict with the definition that lex will - * generate for it. It's only a problem for AIX lex. - */ - -#undef ECHO - -#include "compile_et.h" -#include "parse.h" -#include "lex.h" - -RCSID("$Id: lex.l 15143 2005-05-16 08:52:54Z lha $"); - -static unsigned lineno = 1; -static int getstring(void); - -#define YY_NO_UNPUT - -#undef ECHO - -#line 536 "lex.c" - -#define INITIAL 0 - -#ifndef YY_NO_UNISTD_H -/* Special case for "unistd.h", since it is non-ANSI. We include it way - * down here because we want the user's section 1 to have been scanned first. - * The user has a chance to override it with an option. - */ -#include -#endif - -#ifndef YY_EXTRA_TYPE -#define YY_EXTRA_TYPE void * -#endif - -static int yy_init_globals (void ); - -/* Macros after this point can all be overridden by user definitions in - * section 1. - */ - -#ifndef YY_SKIP_YYWRAP -#ifdef __cplusplus -extern "C" int yywrap (void ); -#else -extern int yywrap (void ); -#endif -#endif - - static void yyunput (int c,char *buf_ptr ); - -#ifndef yytext_ptr -static void yy_flex_strncpy (char *,yyconst char *,int ); -#endif - -#ifdef YY_NEED_STRLEN -static int yy_flex_strlen (yyconst char * ); -#endif - -#ifndef YY_NO_INPUT - -#ifdef __cplusplus -static int yyinput (void ); -#else -static int input (void ); -#endif - -#endif - -/* Amount of stuff to slurp up with each read. */ -#ifndef YY_READ_BUF_SIZE -#define YY_READ_BUF_SIZE 8192 -#endif - -/* Copy whatever the last rule matched to the standard output. */ -#ifndef ECHO -/* This used to be an fputs(), but since the string might contain NUL's, - * we now use fwrite(). - */ -#define ECHO (void) fwrite( yytext, yyleng, 1, yyout ) -#endif - -/* Gets input and stuffs it into "buf". number of characters read, or YY_NULL, - * is returned in "result". - */ -#ifndef YY_INPUT -#define YY_INPUT(buf,result,max_size) \ - if ( YY_CURRENT_BUFFER_LVALUE->yy_is_interactive ) \ - { \ - int c = '*'; \ - size_t n; \ - for ( n = 0; n < max_size && \ - (c = getc( yyin )) != EOF && c != '\n'; ++n ) \ - buf[n] = (char) c; \ - if ( c == '\n' ) \ - buf[n++] = (char) c; \ - if ( c == EOF && ferror( yyin ) ) \ - YY_FATAL_ERROR( "input in flex scanner failed" ); \ - result = n; \ - } \ - else \ - { \ - errno=0; \ - while ( (result = fread(buf, 1, max_size, yyin))==0 && ferror(yyin)) \ - { \ - if( errno != EINTR) \ - { \ - YY_FATAL_ERROR( "input in flex scanner failed" ); \ - break; \ - } \ - errno=0; \ - clearerr(yyin); \ - } \ - }\ -\ - -#endif - -/* No semi-colon after return; correct usage is to write "yyterminate();" - - * we don't want an extra ';' after the "return" because that will cause - * some compilers to complain about unreachable statements. - */ -#ifndef yyterminate -#define yyterminate() return YY_NULL -#endif - -/* Number of entries by which start-condition stack grows. */ -#ifndef YY_START_STACK_INCR -#define YY_START_STACK_INCR 25 -#endif - -/* Report a fatal error. */ -#ifndef YY_FATAL_ERROR -#define YY_FATAL_ERROR(msg) yy_fatal_error( msg ) -#endif - -/* end tables serialization structures and prototypes */ - -/* Default declaration of generated scanner - a define so the user can - * easily add parameters. - */ -#ifndef YY_DECL -#define YY_DECL_IS_OURS 1 - -extern int yylex (void); - -#define YY_DECL int yylex (void) -#endif /* !YY_DECL */ - -/* Code executed at the beginning of each rule, after yytext and yyleng - * have been set up. - */ -#ifndef YY_USER_ACTION -#define YY_USER_ACTION -#endif - -/* Code executed at the end of each rule. */ -#ifndef YY_BREAK -#define YY_BREAK break; -#endif - -#define YY_RULE_SETUP \ - YY_USER_ACTION - -/** The main scanner function which does all the work. - */ -YY_DECL -{ - register yy_state_type yy_current_state; - register char *yy_cp, *yy_bp; - register int yy_act; - -#line 59 "lex.l" - -#line 691 "lex.c" - - if ( !(yy_init) ) - { - (yy_init) = 1; - -#ifdef YY_USER_INIT - YY_USER_INIT; -#endif - - if ( ! (yy_start) ) - (yy_start) = 1; /* first start state */ - - if ( ! yyin ) - yyin = stdin; - - if ( ! yyout ) - yyout = stdout; - - if ( ! YY_CURRENT_BUFFER ) { - yyensure_buffer_stack (); - YY_CURRENT_BUFFER_LVALUE = - yy_create_buffer(yyin,YY_BUF_SIZE ); - } - - yy_load_buffer_state( ); - } - - while ( 1 ) /* loops until end-of-file is reached */ - { - yy_cp = (yy_c_buf_p); - - /* Support of yytext. */ - *yy_cp = (yy_hold_char); - - /* yy_bp points to the position in yy_ch_buf of the start of - * the current run. - */ - yy_bp = yy_cp; - - yy_current_state = (yy_start); -yy_match: - do - { - register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)]; - if ( yy_accept[yy_current_state] ) - { - (yy_last_accepting_state) = yy_current_state; - (yy_last_accepting_cpos) = yy_cp; - } - while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) - { - yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 46 ) - yy_c = yy_meta[(unsigned int) yy_c]; - } - yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - ++yy_cp; - } - while ( yy_base[yy_current_state] != 57 ); - -yy_find_action: - yy_act = yy_accept[yy_current_state]; - if ( yy_act == 0 ) - { /* have to back up */ - yy_cp = (yy_last_accepting_cpos); - yy_current_state = (yy_last_accepting_state); - yy_act = yy_accept[yy_current_state]; - } - - YY_DO_BEFORE_ACTION; - -do_action: /* This label is used only to access EOF actions. */ - - switch ( yy_act ) - { /* beginning of action switch */ - case 0: /* must back up */ - /* undo the effects of YY_DO_BEFORE_ACTION */ - *yy_cp = (yy_hold_char); - yy_cp = (yy_last_accepting_cpos); - yy_current_state = (yy_last_accepting_state); - goto yy_find_action; - -case 1: -YY_RULE_SETUP -#line 60 "lex.l" -{ return ET; } - YY_BREAK -case 2: -YY_RULE_SETUP -#line 61 "lex.l" -{ return ET; } - YY_BREAK -case 3: -YY_RULE_SETUP -#line 62 "lex.l" -{ return EC; } - YY_BREAK -case 4: -YY_RULE_SETUP -#line 63 "lex.l" -{ return EC; } - YY_BREAK -case 5: -YY_RULE_SETUP -#line 64 "lex.l" -{ return PREFIX; } - YY_BREAK -case 6: -YY_RULE_SETUP -#line 65 "lex.l" -{ return INDEX; } - YY_BREAK -case 7: -YY_RULE_SETUP -#line 66 "lex.l" -{ return ID; } - YY_BREAK -case 8: -YY_RULE_SETUP -#line 67 "lex.l" -{ return END; } - YY_BREAK -case 9: -YY_RULE_SETUP -#line 68 "lex.l" -{ yylval.number = atoi(yytext); return NUMBER; } - YY_BREAK -case 10: -YY_RULE_SETUP -#line 69 "lex.l" -; - YY_BREAK -case 11: -YY_RULE_SETUP -#line 70 "lex.l" -; - YY_BREAK -case 12: -/* rule 12 can match eol */ -YY_RULE_SETUP -#line 71 "lex.l" -{ lineno++; } - YY_BREAK -case 13: -YY_RULE_SETUP -#line 72 "lex.l" -{ return getstring(); } - YY_BREAK -case 14: -YY_RULE_SETUP -#line 73 "lex.l" -{ yylval.string = strdup(yytext); return STRING; } - YY_BREAK -case 15: -YY_RULE_SETUP -#line 74 "lex.l" -{ return *yytext; } - YY_BREAK -case 16: -YY_RULE_SETUP -#line 75 "lex.l" -ECHO; - YY_BREAK -#line 855 "lex.c" -case YY_STATE_EOF(INITIAL): - yyterminate(); - - case YY_END_OF_BUFFER: - { - /* Amount of text matched not including the EOB char. */ - int yy_amount_of_matched_text = (int) (yy_cp - (yytext_ptr)) - 1; - - /* Undo the effects of YY_DO_BEFORE_ACTION. */ - *yy_cp = (yy_hold_char); - YY_RESTORE_YY_MORE_OFFSET - - if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_NEW ) - { - /* We're scanning a new file or input source. It's - * possible that this happened because the user - * just pointed yyin at a new source and called - * yylex(). If so, then we have to assure - * consistency between YY_CURRENT_BUFFER and our - * globals. Here is the right place to do so, because - * this is the first action (other than possibly a - * back-up) that will match for the new input source. - */ - (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_n_chars; - YY_CURRENT_BUFFER_LVALUE->yy_input_file = yyin; - YY_CURRENT_BUFFER_LVALUE->yy_buffer_status = YY_BUFFER_NORMAL; - } - - /* Note that here we test for yy_c_buf_p "<=" to the position - * of the first EOB in the buffer, since yy_c_buf_p will - * already have been incremented past the NUL character - * (since all states make transitions on EOB to the - * end-of-buffer state). Contrast this with the test - * in input(). - */ - if ( (yy_c_buf_p) <= &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] ) - { /* This was really a NUL. */ - yy_state_type yy_next_state; - - (yy_c_buf_p) = (yytext_ptr) + yy_amount_of_matched_text; - - yy_current_state = yy_get_previous_state( ); - - /* Okay, we're now positioned to make the NUL - * transition. We couldn't have - * yy_get_previous_state() go ahead and do it - * for us because it doesn't know how to deal - * with the possibility of jamming (and we don't - * want to build jamming into it because then it - * will run more slowly). - */ - - yy_next_state = yy_try_NUL_trans( yy_current_state ); - - yy_bp = (yytext_ptr) + YY_MORE_ADJ; - - if ( yy_next_state ) - { - /* Consume the NUL. */ - yy_cp = ++(yy_c_buf_p); - yy_current_state = yy_next_state; - goto yy_match; - } - - else - { - yy_cp = (yy_c_buf_p); - goto yy_find_action; - } - } - - else switch ( yy_get_next_buffer( ) ) - { - case EOB_ACT_END_OF_FILE: - { - (yy_did_buffer_switch_on_eof) = 0; - - if ( yywrap( ) ) - { - /* Note: because we've taken care in - * yy_get_next_buffer() to have set up - * yytext, we can now set up - * yy_c_buf_p so that if some total - * hoser (like flex itself) wants to - * call the scanner after we return the - * YY_NULL, it'll still work - another - * YY_NULL will get returned. - */ - (yy_c_buf_p) = (yytext_ptr) + YY_MORE_ADJ; - - yy_act = YY_STATE_EOF(YY_START); - goto do_action; - } - - else - { - if ( ! (yy_did_buffer_switch_on_eof) ) - YY_NEW_FILE; - } - break; - } - - case EOB_ACT_CONTINUE_SCAN: - (yy_c_buf_p) = - (yytext_ptr) + yy_amount_of_matched_text; - - yy_current_state = yy_get_previous_state( ); - - yy_cp = (yy_c_buf_p); - yy_bp = (yytext_ptr) + YY_MORE_ADJ; - goto yy_match; - - case EOB_ACT_LAST_MATCH: - (yy_c_buf_p) = - &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)]; - - yy_current_state = yy_get_previous_state( ); - - yy_cp = (yy_c_buf_p); - yy_bp = (yytext_ptr) + YY_MORE_ADJ; - goto yy_find_action; - } - break; - } - - default: - YY_FATAL_ERROR( - "fatal flex scanner internal error--no action found" ); - } /* end of action switch */ - } /* end of scanning one token */ -} /* end of yylex */ - -/* yy_get_next_buffer - try to read in a new buffer - * - * Returns a code representing an action: - * EOB_ACT_LAST_MATCH - - * EOB_ACT_CONTINUE_SCAN - continue scanning from current position - * EOB_ACT_END_OF_FILE - end of file - */ -static int yy_get_next_buffer (void) -{ - register char *dest = YY_CURRENT_BUFFER_LVALUE->yy_ch_buf; - register char *source = (yytext_ptr); - register int number_to_move, i; - int ret_val; - - if ( (yy_c_buf_p) > &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] ) - YY_FATAL_ERROR( - "fatal flex scanner internal error--end of buffer missed" ); - - if ( YY_CURRENT_BUFFER_LVALUE->yy_fill_buffer == 0 ) - { /* Don't try to fill the buffer, so this is an EOF. */ - if ( (yy_c_buf_p) - (yytext_ptr) - YY_MORE_ADJ == 1 ) - { - /* We matched a single character, the EOB, so - * treat this as a final EOF. - */ - return EOB_ACT_END_OF_FILE; - } - - else - { - /* We matched some text prior to the EOB, first - * process it. - */ - return EOB_ACT_LAST_MATCH; - } - } - - /* Try to read more data. */ - - /* First move last chars to start of buffer. */ - number_to_move = (int) ((yy_c_buf_p) - (yytext_ptr)) - 1; - - for ( i = 0; i < number_to_move; ++i ) - *(dest++) = *(source++); - - if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_EOF_PENDING ) - /* don't do the read, it's not guaranteed to return an EOF, - * just force an EOF - */ - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars) = 0; - - else - { - int num_to_read = - YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1; - - while ( num_to_read <= 0 ) - { /* Not enough room in the buffer - grow it. */ - - /* just a shorter name for the current buffer */ - YY_BUFFER_STATE b = YY_CURRENT_BUFFER; - - int yy_c_buf_p_offset = - (int) ((yy_c_buf_p) - b->yy_ch_buf); - - if ( b->yy_is_our_buffer ) - { - int new_size = b->yy_buf_size * 2; - - if ( new_size <= 0 ) - b->yy_buf_size += b->yy_buf_size / 8; - else - b->yy_buf_size *= 2; - - b->yy_ch_buf = (char *) - /* Include room in for 2 EOB chars. */ - yyrealloc((void *) b->yy_ch_buf,b->yy_buf_size + 2 ); - } - else - /* Can't grow it, we don't own it. */ - b->yy_ch_buf = 0; - - if ( ! b->yy_ch_buf ) - YY_FATAL_ERROR( - "fatal error - scanner input buffer overflow" ); - - (yy_c_buf_p) = &b->yy_ch_buf[yy_c_buf_p_offset]; - - num_to_read = YY_CURRENT_BUFFER_LVALUE->yy_buf_size - - number_to_move - 1; - - } - - if ( num_to_read > YY_READ_BUF_SIZE ) - num_to_read = YY_READ_BUF_SIZE; - - /* Read in more data. */ - YY_INPUT( (&YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move]), - (yy_n_chars), num_to_read ); - - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars); - } - - if ( (yy_n_chars) == 0 ) - { - if ( number_to_move == YY_MORE_ADJ ) - { - ret_val = EOB_ACT_END_OF_FILE; - yyrestart(yyin ); - } - - else - { - ret_val = EOB_ACT_LAST_MATCH; - YY_CURRENT_BUFFER_LVALUE->yy_buffer_status = - YY_BUFFER_EOF_PENDING; - } - } - - else - ret_val = EOB_ACT_CONTINUE_SCAN; - - (yy_n_chars) += number_to_move; - YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] = YY_END_OF_BUFFER_CHAR; - YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] = YY_END_OF_BUFFER_CHAR; - - (yytext_ptr) = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[0]; - - return ret_val; -} - -/* yy_get_previous_state - get the state just before the EOB char was reached */ - - static yy_state_type yy_get_previous_state (void) -{ - register yy_state_type yy_current_state; - register char *yy_cp; - - yy_current_state = (yy_start); - - for ( yy_cp = (yytext_ptr) + YY_MORE_ADJ; yy_cp < (yy_c_buf_p); ++yy_cp ) - { - register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1); - if ( yy_accept[yy_current_state] ) - { - (yy_last_accepting_state) = yy_current_state; - (yy_last_accepting_cpos) = yy_cp; - } - while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) - { - yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 46 ) - yy_c = yy_meta[(unsigned int) yy_c]; - } - yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - } - - return yy_current_state; -} - -/* yy_try_NUL_trans - try to make a transition on the NUL character - * - * synopsis - * next_state = yy_try_NUL_trans( current_state ); - */ - static yy_state_type yy_try_NUL_trans (yy_state_type yy_current_state ) -{ - register int yy_is_jam; - register char *yy_cp = (yy_c_buf_p); - - register YY_CHAR yy_c = 1; - if ( yy_accept[yy_current_state] ) - { - (yy_last_accepting_state) = yy_current_state; - (yy_last_accepting_cpos) = yy_cp; - } - while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) - { - yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 46 ) - yy_c = yy_meta[(unsigned int) yy_c]; - } - yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - yy_is_jam = (yy_current_state == 45); - - return yy_is_jam ? 0 : yy_current_state; -} - - static void yyunput (int c, register char * yy_bp ) -{ - register char *yy_cp; - - yy_cp = (yy_c_buf_p); - - /* undo effects of setting up yytext */ - *yy_cp = (yy_hold_char); - - if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 ) - { /* need to shift things up to make room */ - /* +2 for EOB chars. */ - register int number_to_move = (yy_n_chars) + 2; - register char *dest = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[ - YY_CURRENT_BUFFER_LVALUE->yy_buf_size + 2]; - register char *source = - &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move]; - - while ( source > YY_CURRENT_BUFFER_LVALUE->yy_ch_buf ) - *--dest = *--source; - - yy_cp += (int) (dest - source); - yy_bp += (int) (dest - source); - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = - (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_buf_size; - - if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 ) - YY_FATAL_ERROR( "flex scanner push-back overflow" ); - } - - *--yy_cp = (char) c; - - (yytext_ptr) = yy_bp; - (yy_hold_char) = *yy_cp; - (yy_c_buf_p) = yy_cp; -} - -#ifndef YY_NO_INPUT -#ifdef __cplusplus - static int yyinput (void) -#else - static int input (void) -#endif - -{ - int c; - - *(yy_c_buf_p) = (yy_hold_char); - - if ( *(yy_c_buf_p) == YY_END_OF_BUFFER_CHAR ) - { - /* yy_c_buf_p now points to the character we want to return. - * If this occurs *before* the EOB characters, then it's a - * valid NUL; if not, then we've hit the end of the buffer. - */ - if ( (yy_c_buf_p) < &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] ) - /* This was really a NUL. */ - *(yy_c_buf_p) = '\0'; - - else - { /* need more input */ - int offset = (yy_c_buf_p) - (yytext_ptr); - ++(yy_c_buf_p); - - switch ( yy_get_next_buffer( ) ) - { - case EOB_ACT_LAST_MATCH: - /* This happens because yy_g_n_b() - * sees that we've accumulated a - * token and flags that we need to - * try matching the token before - * proceeding. But for input(), - * there's no matching to consider. - * So convert the EOB_ACT_LAST_MATCH - * to EOB_ACT_END_OF_FILE. - */ - - /* Reset buffer status. */ - yyrestart(yyin ); - - /*FALLTHROUGH*/ - - case EOB_ACT_END_OF_FILE: - { - if ( yywrap( ) ) - return 0; - - if ( ! (yy_did_buffer_switch_on_eof) ) - YY_NEW_FILE; -#ifdef __cplusplus - return yyinput(); -#else - return input(); -#endif - } - - case EOB_ACT_CONTINUE_SCAN: - (yy_c_buf_p) = (yytext_ptr) + offset; - break; - } - } - } - - c = *(unsigned char *) (yy_c_buf_p); /* cast for 8-bit char's */ - *(yy_c_buf_p) = '\0'; /* preserve yytext */ - (yy_hold_char) = *++(yy_c_buf_p); - - return c; -} -#endif /* ifndef YY_NO_INPUT */ - -/** Immediately switch to a different input stream. - * @param input_file A readable stream. - * - * @note This function does not reset the start condition to @c INITIAL . - */ - void yyrestart (FILE * input_file ) -{ - - if ( ! YY_CURRENT_BUFFER ){ - yyensure_buffer_stack (); - YY_CURRENT_BUFFER_LVALUE = - yy_create_buffer(yyin,YY_BUF_SIZE ); - } - - yy_init_buffer(YY_CURRENT_BUFFER,input_file ); - yy_load_buffer_state( ); -} - -/** Switch to a different input buffer. - * @param new_buffer The new input buffer. - * - */ - void yy_switch_to_buffer (YY_BUFFER_STATE new_buffer ) -{ - - /* TODO. We should be able to replace this entire function body - * with - * yypop_buffer_state(); - * yypush_buffer_state(new_buffer); - */ - yyensure_buffer_stack (); - if ( YY_CURRENT_BUFFER == new_buffer ) - return; - - if ( YY_CURRENT_BUFFER ) - { - /* Flush out information for old buffer. */ - *(yy_c_buf_p) = (yy_hold_char); - YY_CURRENT_BUFFER_LVALUE->yy_buf_pos = (yy_c_buf_p); - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars); - } - - YY_CURRENT_BUFFER_LVALUE = new_buffer; - yy_load_buffer_state( ); - - /* We don't actually know whether we did this switch during - * EOF (yywrap()) processing, but the only time this flag - * is looked at is after yywrap() is called, so it's safe - * to go ahead and always set it. - */ - (yy_did_buffer_switch_on_eof) = 1; -} - -static void yy_load_buffer_state (void) -{ - (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_n_chars; - (yytext_ptr) = (yy_c_buf_p) = YY_CURRENT_BUFFER_LVALUE->yy_buf_pos; - yyin = YY_CURRENT_BUFFER_LVALUE->yy_input_file; - (yy_hold_char) = *(yy_c_buf_p); -} - -/** Allocate and initialize an input buffer state. - * @param file A readable stream. - * @param size The character buffer size in bytes. When in doubt, use @c YY_BUF_SIZE. - * - * @return the allocated buffer state. - */ - YY_BUFFER_STATE yy_create_buffer (FILE * file, int size ) -{ - YY_BUFFER_STATE b; - - b = (YY_BUFFER_STATE) yyalloc(sizeof( struct yy_buffer_state ) ); - if ( ! b ) - YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); - - b->yy_buf_size = size; - - /* yy_ch_buf has to be 2 characters longer than the size given because - * we need to put in 2 end-of-buffer characters. - */ - b->yy_ch_buf = (char *) yyalloc(b->yy_buf_size + 2 ); - if ( ! b->yy_ch_buf ) - YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); - - b->yy_is_our_buffer = 1; - - yy_init_buffer(b,file ); - - return b; -} - -/** Destroy the buffer. - * @param b a buffer created with yy_create_buffer() - * - */ - void yy_delete_buffer (YY_BUFFER_STATE b ) -{ - - if ( ! b ) - return; - - if ( b == YY_CURRENT_BUFFER ) /* Not sure if we should pop here. */ - YY_CURRENT_BUFFER_LVALUE = (YY_BUFFER_STATE) 0; - - if ( b->yy_is_our_buffer ) - yyfree((void *) b->yy_ch_buf ); - - yyfree((void *) b ); -} - -#ifndef __cplusplus -extern int isatty (int ); -#endif /* __cplusplus */ - -/* Initializes or reinitializes a buffer. - * This function is sometimes called more than once on the same buffer, - * such as during a yyrestart() or at EOF. - */ - static void yy_init_buffer (YY_BUFFER_STATE b, FILE * file ) - -{ - int oerrno = errno; - - yy_flush_buffer(b ); - - b->yy_input_file = file; - b->yy_fill_buffer = 1; - - /* If b is the current buffer, then yy_init_buffer was _probably_ - * called from yyrestart() or through yy_get_next_buffer. - * In that case, we don't want to reset the lineno or column. - */ - if (b != YY_CURRENT_BUFFER){ - b->yy_bs_lineno = 1; - b->yy_bs_column = 0; - } - - b->yy_is_interactive = file ? (isatty( fileno(file) ) > 0) : 0; - - errno = oerrno; -} - -/** Discard all buffered characters. On the next scan, YY_INPUT will be called. - * @param b the buffer state to be flushed, usually @c YY_CURRENT_BUFFER. - * - */ - void yy_flush_buffer (YY_BUFFER_STATE b ) -{ - if ( ! b ) - return; - - b->yy_n_chars = 0; - - /* We always need two end-of-buffer characters. The first causes - * a transition to the end-of-buffer state. The second causes - * a jam in that state. - */ - b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR; - b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR; - - b->yy_buf_pos = &b->yy_ch_buf[0]; - - b->yy_at_bol = 1; - b->yy_buffer_status = YY_BUFFER_NEW; - - if ( b == YY_CURRENT_BUFFER ) - yy_load_buffer_state( ); -} - -/** Pushes the new state onto the stack. The new state becomes - * the current state. This function will allocate the stack - * if necessary. - * @param new_buffer The new state. - * - */ -void yypush_buffer_state (YY_BUFFER_STATE new_buffer ) -{ - if (new_buffer == NULL) - return; - - yyensure_buffer_stack(); - - /* This block is copied from yy_switch_to_buffer. */ - if ( YY_CURRENT_BUFFER ) - { - /* Flush out information for old buffer. */ - *(yy_c_buf_p) = (yy_hold_char); - YY_CURRENT_BUFFER_LVALUE->yy_buf_pos = (yy_c_buf_p); - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars); - } - - /* Only push if top exists. Otherwise, replace top. */ - if (YY_CURRENT_BUFFER) - (yy_buffer_stack_top)++; - YY_CURRENT_BUFFER_LVALUE = new_buffer; - - /* copied from yy_switch_to_buffer. */ - yy_load_buffer_state( ); - (yy_did_buffer_switch_on_eof) = 1; -} - -/** Removes and deletes the top of the stack, if present. - * The next element becomes the new top. - * - */ -void yypop_buffer_state (void) -{ - if (!YY_CURRENT_BUFFER) - return; - - yy_delete_buffer(YY_CURRENT_BUFFER ); - YY_CURRENT_BUFFER_LVALUE = NULL; - if ((yy_buffer_stack_top) > 0) - --(yy_buffer_stack_top); - - if (YY_CURRENT_BUFFER) { - yy_load_buffer_state( ); - (yy_did_buffer_switch_on_eof) = 1; - } -} - -/* Allocates the stack if it does not exist. - * Guarantees space for at least one push. - */ -static void yyensure_buffer_stack (void) -{ - int num_to_alloc; - - if (!(yy_buffer_stack)) { - - /* First allocation is just for 2 elements, since we don't know if this - * scanner will even need a stack. We use 2 instead of 1 to avoid an - * immediate realloc on the next call. - */ - num_to_alloc = 1; - (yy_buffer_stack) = (struct yy_buffer_state**)yyalloc - (num_to_alloc * sizeof(struct yy_buffer_state*) - ); - - memset((yy_buffer_stack), 0, num_to_alloc * sizeof(struct yy_buffer_state*)); - - (yy_buffer_stack_max) = num_to_alloc; - (yy_buffer_stack_top) = 0; - return; - } - - if ((yy_buffer_stack_top) >= ((yy_buffer_stack_max)) - 1){ - - /* Increase the buffer to prepare for a possible push. */ - int grow_size = 8 /* arbitrary grow size */; - - num_to_alloc = (yy_buffer_stack_max) + grow_size; - (yy_buffer_stack) = (struct yy_buffer_state**)yyrealloc - ((yy_buffer_stack), - num_to_alloc * sizeof(struct yy_buffer_state*) - ); - - /* zero only the new slots.*/ - memset((yy_buffer_stack) + (yy_buffer_stack_max), 0, grow_size * sizeof(struct yy_buffer_state*)); - (yy_buffer_stack_max) = num_to_alloc; - } -} - -/** Setup the input buffer state to scan directly from a user-specified character buffer. - * @param base the character buffer - * @param size the size in bytes of the character buffer - * - * @return the newly allocated buffer state object. - */ -YY_BUFFER_STATE yy_scan_buffer (char * base, yy_size_t size ) -{ - YY_BUFFER_STATE b; - - if ( size < 2 || - base[size-2] != YY_END_OF_BUFFER_CHAR || - base[size-1] != YY_END_OF_BUFFER_CHAR ) - /* They forgot to leave room for the EOB's. */ - return 0; - - b = (YY_BUFFER_STATE) yyalloc(sizeof( struct yy_buffer_state ) ); - if ( ! b ) - YY_FATAL_ERROR( "out of dynamic memory in yy_scan_buffer()" ); - - b->yy_buf_size = size - 2; /* "- 2" to take care of EOB's */ - b->yy_buf_pos = b->yy_ch_buf = base; - b->yy_is_our_buffer = 0; - b->yy_input_file = 0; - b->yy_n_chars = b->yy_buf_size; - b->yy_is_interactive = 0; - b->yy_at_bol = 1; - b->yy_fill_buffer = 0; - b->yy_buffer_status = YY_BUFFER_NEW; - - yy_switch_to_buffer(b ); - - return b; -} - -/** Setup the input buffer state to scan a string. The next call to yylex() will - * scan from a @e copy of @a str. - * @param str a NUL-terminated string to scan - * - * @return the newly allocated buffer state object. - * @note If you want to scan bytes that may contain NUL values, then use - * yy_scan_bytes() instead. - */ -YY_BUFFER_STATE yy_scan_string (yyconst char * yystr ) -{ - - return yy_scan_bytes(yystr,strlen(yystr) ); -} - -/** Setup the input buffer state to scan the given bytes. The next call to yylex() will - * scan from a @e copy of @a bytes. - * @param bytes the byte buffer to scan - * @param len the number of bytes in the buffer pointed to by @a bytes. - * - * @return the newly allocated buffer state object. - */ -YY_BUFFER_STATE yy_scan_bytes (yyconst char * yybytes, int _yybytes_len ) -{ - YY_BUFFER_STATE b; - char *buf; - yy_size_t n; - int i; - - /* Get memory for full buffer, including space for trailing EOB's. */ - n = _yybytes_len + 2; - buf = (char *) yyalloc(n ); - if ( ! buf ) - YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" ); - - for ( i = 0; i < _yybytes_len; ++i ) - buf[i] = yybytes[i]; - - buf[_yybytes_len] = buf[_yybytes_len+1] = YY_END_OF_BUFFER_CHAR; - - b = yy_scan_buffer(buf,n ); - if ( ! b ) - YY_FATAL_ERROR( "bad buffer in yy_scan_bytes()" ); - - /* It's okay to grow etc. this buffer, and we should throw it - * away when we're done. - */ - b->yy_is_our_buffer = 1; - - return b; -} - -#ifndef YY_EXIT_FAILURE -#define YY_EXIT_FAILURE 2 -#endif - -static void yy_fatal_error (yyconst char* msg ) -{ - (void) fprintf( stderr, "%s\n", msg ); - exit( YY_EXIT_FAILURE ); -} - -/* Redefine yyless() so it works in section 3 code. */ - -#undef yyless -#define yyless(n) \ - do \ - { \ - /* Undo effects of setting up yytext. */ \ - int yyless_macro_arg = (n); \ - YY_LESS_LINENO(yyless_macro_arg);\ - yytext[yyleng] = (yy_hold_char); \ - (yy_c_buf_p) = yytext + yyless_macro_arg; \ - (yy_hold_char) = *(yy_c_buf_p); \ - *(yy_c_buf_p) = '\0'; \ - yyleng = yyless_macro_arg; \ - } \ - while ( 0 ) - -/* Accessor methods (get/set functions) to struct members. */ - -/** Get the current line number. - * - */ -int yyget_lineno (void) -{ - - return yylineno; -} - -/** Get the input stream. - * - */ -FILE *yyget_in (void) -{ - return yyin; -} - -/** Get the output stream. - * - */ -FILE *yyget_out (void) -{ - return yyout; -} - -/** Get the length of the current token. - * - */ -int yyget_leng (void) -{ - return yyleng; -} - -/** Get the current token. - * - */ - -char *yyget_text (void) -{ - return yytext; -} - -/** Set the current line number. - * @param line_number - * - */ -void yyset_lineno (int line_number ) -{ - - yylineno = line_number; -} - -/** Set the input stream. This does not discard the current - * input buffer. - * @param in_str A readable stream. - * - * @see yy_switch_to_buffer - */ -void yyset_in (FILE * in_str ) -{ - yyin = in_str ; -} - -void yyset_out (FILE * out_str ) -{ - yyout = out_str ; -} - -int yyget_debug (void) -{ - return yy_flex_debug; -} - -void yyset_debug (int bdebug ) -{ - yy_flex_debug = bdebug ; -} - -static int yy_init_globals (void) -{ - /* Initialization is the same as for the non-reentrant scanner. - * This function is called from yylex_destroy(), so don't allocate here. - */ - - (yy_buffer_stack) = 0; - (yy_buffer_stack_top) = 0; - (yy_buffer_stack_max) = 0; - (yy_c_buf_p) = (char *) 0; - (yy_init) = 0; - (yy_start) = 0; - -/* Defined in main.c */ -#ifdef YY_STDINIT - yyin = stdin; - yyout = stdout; -#else - yyin = (FILE *) 0; - yyout = (FILE *) 0; -#endif - - /* For future reference: Set errno on error, since we are called by - * yylex_init() - */ - return 0; -} - -/* yylex_destroy is for both reentrant and non-reentrant scanners. */ -int yylex_destroy (void) -{ - - /* Pop the buffer stack, destroying each element. */ - while(YY_CURRENT_BUFFER){ - yy_delete_buffer(YY_CURRENT_BUFFER ); - YY_CURRENT_BUFFER_LVALUE = NULL; - yypop_buffer_state(); - } - - /* Destroy the stack itself. */ - yyfree((yy_buffer_stack) ); - (yy_buffer_stack) = NULL; - - /* Reset the globals. This is important in a non-reentrant scanner so the next time - * yylex() is called, initialization will occur. */ - yy_init_globals( ); - - return 0; -} - -/* - * Internal utility routines. - */ - -#ifndef yytext_ptr -static void yy_flex_strncpy (char* s1, yyconst char * s2, int n ) -{ - register int i; - for ( i = 0; i < n; ++i ) - s1[i] = s2[i]; -} -#endif - -#ifdef YY_NEED_STRLEN -static int yy_flex_strlen (yyconst char * s ) -{ - register int n; - for ( n = 0; s[n]; ++n ) - ; - - return n; -} -#endif - -void *yyalloc (yy_size_t size ) -{ - return (void *) malloc( size ); -} - -void *yyrealloc (void * ptr, yy_size_t size ) -{ - /* The cast to (char *) in the following accommodates both - * implementations that use char* generic pointers, and those - * that use void* generic pointers. It works with the latter - * because both ANSI C and C++ allow castless assignment from - * any pointer type to void*, and deal with argument conversions - * as though doing an assignment. - */ - return (void *) realloc( (char *) ptr, size ); -} - -void yyfree (void * ptr ) -{ - free( (char *) ptr ); /* see yyrealloc() for (char *) cast */ -} - -#define YYTABLES_NAME "yytables" - -#line 75 "lex.l" - - - -#ifndef yywrap /* XXX */ -int -yywrap () -{ - return 1; -} -#endif - -static int -getstring(void) -{ - char x[128]; - int i = 0; - int c; - int quote = 0; - while(i < sizeof(x) - 1 && (c = input()) != EOF){ - if(quote) { - x[i++] = c; - quote = 0; - continue; - } - if(c == '\n'){ - error_message("unterminated string"); - lineno++; - break; - } - if(c == '\\'){ - quote++; - continue; - } - if(c == '\"') - break; - x[i++] = c; - } - x[i] = '\0'; - yylval.string = strdup(x); - if (yylval.string == NULL) - err(1, "malloc"); - return STRING; -} - -void -error_message (const char *format, ...) -{ - va_list args; - - va_start (args, format); - fprintf (stderr, "%s:%d:", filename, lineno); - vfprintf (stderr, format, args); - va_end (args); - numerror++; -} - diff --git a/crypto/heimdal/lib/com_err/lex.h b/crypto/heimdal/lib/com_err/lex.h deleted file mode 100644 index 89f0387655f4..000000000000 --- a/crypto/heimdal/lib/com_err/lex.h +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: lex.h 8451 2000-06-22 00:42:52Z assar $ */ - -void error_message (const char *, ...) -__attribute__ ((format (printf, 1, 2))); - -int yylex(void); diff --git a/crypto/heimdal/lib/com_err/lex.l b/crypto/heimdal/lib/com_err/lex.l deleted file mode 100644 index 08aef516b304..000000000000 --- a/crypto/heimdal/lib/com_err/lex.l +++ /dev/null @@ -1,128 +0,0 @@ -%{ -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * This is to handle the definition of this symbol in some AIX - * headers, which will conflict with the definition that lex will - * generate for it. It's only a problem for AIX lex. - */ - -#undef ECHO - -#include "compile_et.h" -#include "parse.h" -#include "lex.h" - -RCSID("$Id: lex.l 15143 2005-05-16 08:52:54Z lha $"); - -static unsigned lineno = 1; -static int getstring(void); - -#define YY_NO_UNPUT - -#undef ECHO - -%} - - -%% -et { return ET; } -error_table { return ET; } -ec { return EC; } -error_code { return EC; } -prefix { return PREFIX; } -index { return INDEX; } -id { return ID; } -end { return END; } -[0-9]+ { yylval.number = atoi(yytext); return NUMBER; } -#[^\n]* ; -[ \t] ; -\n { lineno++; } -\" { return getstring(); } -[a-zA-Z0-9_]+ { yylval.string = strdup(yytext); return STRING; } -. { return *yytext; } -%% - -#ifndef yywrap /* XXX */ -int -yywrap () -{ - return 1; -} -#endif - -static int -getstring(void) -{ - char x[128]; - int i = 0; - int c; - int quote = 0; - while(i < sizeof(x) - 1 && (c = input()) != EOF){ - if(quote) { - x[i++] = c; - quote = 0; - continue; - } - if(c == '\n'){ - error_message("unterminated string"); - lineno++; - break; - } - if(c == '\\'){ - quote++; - continue; - } - if(c == '\"') - break; - x[i++] = c; - } - x[i] = '\0'; - yylval.string = strdup(x); - if (yylval.string == NULL) - err(1, "malloc"); - return STRING; -} - -void -error_message (const char *format, ...) -{ - va_list args; - - va_start (args, format); - fprintf (stderr, "%s:%d:", filename, lineno); - vfprintf (stderr, format, args); - va_end (args); - numerror++; -} diff --git a/crypto/heimdal/lib/com_err/parse.c b/crypto/heimdal/lib/com_err/parse.c deleted file mode 100644 index 32cff630d407..000000000000 --- a/crypto/heimdal/lib/com_err/parse.c +++ /dev/null @@ -1,1716 +0,0 @@ -/* A Bison parser, made by GNU Bison 2.3. */ - -/* Skeleton implementation for Bison's Yacc-like parsers in C - - Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 - Free Software Foundation, Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2, or (at your option) - any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, - Boston, MA 02110-1301, USA. */ - -/* As a special exception, you may create a larger work that contains - part or all of the Bison parser skeleton and distribute that work - under terms of your choice, so long as that work isn't itself a - parser generator using the skeleton or a modified version thereof - as a parser skeleton. Alternatively, if you modify or redistribute - the parser skeleton itself, you may (at your option) remove this - special exception, which will cause the skeleton and the resulting - Bison output files to be licensed under the GNU General Public - License without this special exception. - - This special exception was added by the Free Software Foundation in - version 2.2 of Bison. */ - -/* C LALR(1) parser skeleton written by Richard Stallman, by - simplifying the original so-called "semantic" parser. */ - -/* All symbols defined below should begin with yy or YY, to avoid - infringing on user name space. This should be done even for local - variables, as they might otherwise be expanded by user macros. - There are some unavoidable exceptions within include files to - define necessary library symbols; they are noted "INFRINGES ON - USER NAME SPACE" below. */ - -/* Identify Bison output. */ -#define YYBISON 1 - -/* Bison version. */ -#define YYBISON_VERSION "2.3" - -/* Skeleton name. */ -#define YYSKELETON_NAME "yacc.c" - -/* Pure parsers. */ -#define YYPURE 0 - -/* Using locations. */ -#define YYLSP_NEEDED 0 - - - -/* Tokens. */ -#ifndef YYTOKENTYPE -# define YYTOKENTYPE - /* Put the tokens into the symbol table, so that GDB and other debuggers - know about them. */ - enum yytokentype { - ET = 258, - INDEX = 259, - PREFIX = 260, - EC = 261, - ID = 262, - END = 263, - STRING = 264, - NUMBER = 265 - }; -#endif -/* Tokens. */ -#define ET 258 -#define INDEX 259 -#define PREFIX 260 -#define EC 261 -#define ID 262 -#define END 263 -#define STRING 264 -#define NUMBER 265 - - - - -/* Copy the first part of user declarations. */ -#line 1 "parse.y" - -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "compile_et.h" -#include "lex.h" - -RCSID("$Id: parse.y 15426 2005-06-16 19:21:42Z lha $"); - -void yyerror (char *s); -static long name2number(const char *str); - -extern char *yytext; - -/* This is for bison */ - -#if !defined(alloca) && !defined(HAVE_ALLOCA) -#define alloca(x) malloc(x) -#endif - - - -/* Enabling traces. */ -#ifndef YYDEBUG -# define YYDEBUG 0 -#endif - -/* Enabling verbose error messages. */ -#ifdef YYERROR_VERBOSE -# undef YYERROR_VERBOSE -# define YYERROR_VERBOSE 1 -#else -# define YYERROR_VERBOSE 0 -#endif - -/* Enabling the token table. */ -#ifndef YYTOKEN_TABLE -# define YYTOKEN_TABLE 0 -#endif - -#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED -typedef union YYSTYPE -#line 53 "parse.y" -{ - char *string; - int number; -} -/* Line 193 of yacc.c. */ -#line 173 "parse.c" - YYSTYPE; -# define yystype YYSTYPE /* obsolescent; will be withdrawn */ -# define YYSTYPE_IS_DECLARED 1 -# define YYSTYPE_IS_TRIVIAL 1 -#endif - - - -/* Copy the second part of user declarations. */ - - -/* Line 216 of yacc.c. */ -#line 186 "parse.c" - -#ifdef short -# undef short -#endif - -#ifdef YYTYPE_UINT8 -typedef YYTYPE_UINT8 yytype_uint8; -#else -typedef unsigned char yytype_uint8; -#endif - -#ifdef YYTYPE_INT8 -typedef YYTYPE_INT8 yytype_int8; -#elif (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -typedef signed char yytype_int8; -#else -typedef short int yytype_int8; -#endif - -#ifdef YYTYPE_UINT16 -typedef YYTYPE_UINT16 yytype_uint16; -#else -typedef unsigned short int yytype_uint16; -#endif - -#ifdef YYTYPE_INT16 -typedef YYTYPE_INT16 yytype_int16; -#else -typedef short int yytype_int16; -#endif - -#ifndef YYSIZE_T -# ifdef __SIZE_TYPE__ -# define YYSIZE_T __SIZE_TYPE__ -# elif defined size_t -# define YYSIZE_T size_t -# elif ! defined YYSIZE_T && (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -# include /* INFRINGES ON USER NAME SPACE */ -# define YYSIZE_T size_t -# else -# define YYSIZE_T unsigned int -# endif -#endif - -#define YYSIZE_MAXIMUM ((YYSIZE_T) -1) - -#ifndef YY_ -# if defined YYENABLE_NLS && YYENABLE_NLS -# if ENABLE_NLS -# include /* INFRINGES ON USER NAME SPACE */ -# define YY_(msgid) dgettext ("bison-runtime", msgid) -# endif -# endif -# ifndef YY_ -# define YY_(msgid) msgid -# endif -#endif - -/* Suppress unused-variable warnings by "using" E. */ -#if ! defined lint || defined __GNUC__ -# define YYUSE(e) ((void) (e)) -#else -# define YYUSE(e) /* empty */ -#endif - -/* Identity function, used to suppress warnings about constant conditions. */ -#ifndef lint -# define YYID(n) (n) -#else -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static int -YYID (int i) -#else -static int -YYID (i) - int i; -#endif -{ - return i; -} -#endif - -#if ! defined yyoverflow || YYERROR_VERBOSE - -/* The parser invokes alloca or malloc; define the necessary symbols. */ - -# ifdef YYSTACK_USE_ALLOCA -# if YYSTACK_USE_ALLOCA -# ifdef __GNUC__ -# define YYSTACK_ALLOC __builtin_alloca -# elif defined __BUILTIN_VA_ARG_INCR -# include /* INFRINGES ON USER NAME SPACE */ -# elif defined _AIX -# define YYSTACK_ALLOC __alloca -# elif defined _MSC_VER -# include /* INFRINGES ON USER NAME SPACE */ -# define alloca _alloca -# else -# define YYSTACK_ALLOC alloca -# if ! defined _ALLOCA_H && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -# include /* INFRINGES ON USER NAME SPACE */ -# ifndef _STDLIB_H -# define _STDLIB_H 1 -# endif -# endif -# endif -# endif -# endif - -# ifdef YYSTACK_ALLOC - /* Pacify GCC's `empty if-body' warning. */ -# define YYSTACK_FREE(Ptr) do { /* empty */; } while (YYID (0)) -# ifndef YYSTACK_ALLOC_MAXIMUM - /* The OS might guarantee only one guard page at the bottom of the stack, - and a page size can be as small as 4096 bytes. So we cannot safely - invoke alloca (N) if N exceeds 4096. Use a slightly smaller number - to allow for a few compiler-allocated temporary stack slots. */ -# define YYSTACK_ALLOC_MAXIMUM 4032 /* reasonable circa 2006 */ -# endif -# else -# define YYSTACK_ALLOC YYMALLOC -# define YYSTACK_FREE YYFREE -# ifndef YYSTACK_ALLOC_MAXIMUM -# define YYSTACK_ALLOC_MAXIMUM YYSIZE_MAXIMUM -# endif -# if (defined __cplusplus && ! defined _STDLIB_H \ - && ! ((defined YYMALLOC || defined malloc) \ - && (defined YYFREE || defined free))) -# include /* INFRINGES ON USER NAME SPACE */ -# ifndef _STDLIB_H -# define _STDLIB_H 1 -# endif -# endif -# ifndef YYMALLOC -# define YYMALLOC malloc -# if ! defined malloc && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -void *malloc (YYSIZE_T); /* INFRINGES ON USER NAME SPACE */ -# endif -# endif -# ifndef YYFREE -# define YYFREE free -# if ! defined free && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -void free (void *); /* INFRINGES ON USER NAME SPACE */ -# endif -# endif -# endif -#endif /* ! defined yyoverflow || YYERROR_VERBOSE */ - - -#if (! defined yyoverflow \ - && (! defined __cplusplus \ - || (defined YYSTYPE_IS_TRIVIAL && YYSTYPE_IS_TRIVIAL))) - -/* A type that is properly aligned for any stack member. */ -union yyalloc -{ - yytype_int16 yyss; - YYSTYPE yyvs; - }; - -/* The size of the maximum gap between one aligned stack and the next. */ -# define YYSTACK_GAP_MAXIMUM (sizeof (union yyalloc) - 1) - -/* The size of an array large to enough to hold all stacks, each with - N elements. */ -# define YYSTACK_BYTES(N) \ - ((N) * (sizeof (yytype_int16) + sizeof (YYSTYPE)) \ - + YYSTACK_GAP_MAXIMUM) - -/* Copy COUNT objects from FROM to TO. The source and destination do - not overlap. */ -# ifndef YYCOPY -# if defined __GNUC__ && 1 < __GNUC__ -# define YYCOPY(To, From, Count) \ - __builtin_memcpy (To, From, (Count) * sizeof (*(From))) -# else -# define YYCOPY(To, From, Count) \ - do \ - { \ - YYSIZE_T yyi; \ - for (yyi = 0; yyi < (Count); yyi++) \ - (To)[yyi] = (From)[yyi]; \ - } \ - while (YYID (0)) -# endif -# endif - -/* Relocate STACK from its old location to the new one. The - local variables YYSIZE and YYSTACKSIZE give the old and new number of - elements in the stack, and YYPTR gives the new location of the - stack. Advance YYPTR to a properly aligned location for the next - stack. */ -# define YYSTACK_RELOCATE(Stack) \ - do \ - { \ - YYSIZE_T yynewbytes; \ - YYCOPY (&yyptr->Stack, Stack, yysize); \ - Stack = &yyptr->Stack; \ - yynewbytes = yystacksize * sizeof (*Stack) + YYSTACK_GAP_MAXIMUM; \ - yyptr += yynewbytes / sizeof (*yyptr); \ - } \ - while (YYID (0)) - -#endif - -/* YYFINAL -- State number of the termination state. */ -#define YYFINAL 9 -/* YYLAST -- Last index in YYTABLE. */ -#define YYLAST 23 - -/* YYNTOKENS -- Number of terminals. */ -#define YYNTOKENS 12 -/* YYNNTS -- Number of nonterminals. */ -#define YYNNTS 7 -/* YYNRULES -- Number of rules. */ -#define YYNRULES 15 -/* YYNRULES -- Number of states. */ -#define YYNSTATES 24 - -/* YYTRANSLATE(YYLEX) -- Bison symbol number corresponding to YYLEX. */ -#define YYUNDEFTOK 2 -#define YYMAXUTOK 265 - -#define YYTRANSLATE(YYX) \ - ((unsigned int) (YYX) <= YYMAXUTOK ? yytranslate[YYX] : YYUNDEFTOK) - -/* YYTRANSLATE[YYLEX] -- Bison symbol number corresponding to YYLEX. */ -static const yytype_uint8 yytranslate[] = -{ - 0, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 11, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 1, 2, 3, 4, - 5, 6, 7, 8, 9, 10 -}; - -#if YYDEBUG -/* YYPRHS[YYN] -- Index of the first RHS symbol of rule number YYN in - YYRHS. */ -static const yytype_uint8 yyprhs[] = -{ - 0, 0, 3, 4, 7, 10, 12, 15, 18, 22, - 24, 27, 30, 33, 35, 40 -}; - -/* YYRHS -- A `-1'-separated list of the rules' RHS. */ -static const yytype_int8 yyrhs[] = -{ - 13, 0, -1, -1, 14, 17, -1, 15, 16, -1, - 16, -1, 7, 9, -1, 3, 9, -1, 3, 9, - 9, -1, 18, -1, 17, 18, -1, 4, 10, -1, - 5, 9, -1, 5, -1, 6, 9, 11, 9, -1, - 8, -1 -}; - -/* YYRLINE[YYN] -- source line where rule number YYN was defined. */ -static const yytype_uint8 yyrline[] = -{ - 0, 64, 64, 65, 68, 69, 72, 78, 84, 93, - 94, 97, 101, 109, 116, 136 -}; -#endif - -#if YYDEBUG || YYERROR_VERBOSE || YYTOKEN_TABLE -/* YYTNAME[SYMBOL-NUM] -- String name of the symbol SYMBOL-NUM. - First, the terminals, then, starting at YYNTOKENS, nonterminals. */ -static const char *const yytname[] = -{ - "$end", "error", "$undefined", "ET", "INDEX", "PREFIX", "EC", "ID", - "END", "STRING", "NUMBER", "','", "$accept", "file", "header", "id", - "et", "statements", "statement", 0 -}; -#endif - -# ifdef YYPRINT -/* YYTOKNUM[YYLEX-NUM] -- Internal token number corresponding to - token YYLEX-NUM. */ -static const yytype_uint16 yytoknum[] = -{ - 0, 256, 257, 258, 259, 260, 261, 262, 263, 264, - 265, 44 -}; -# endif - -/* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */ -static const yytype_uint8 yyr1[] = -{ - 0, 12, 13, 13, 14, 14, 15, 16, 16, 17, - 17, 18, 18, 18, 18, 18 -}; - -/* YYR2[YYN] -- Number of symbols composing right hand side of rule YYN. */ -static const yytype_uint8 yyr2[] = -{ - 0, 2, 0, 2, 2, 1, 2, 2, 3, 1, - 2, 2, 2, 1, 4, 1 -}; - -/* YYDEFACT[STATE-NAME] -- Default rule to reduce with in state - STATE-NUM when YYTABLE doesn't specify something else to do. Zero - means the default is an error. */ -static const yytype_uint8 yydefact[] = -{ - 2, 0, 0, 0, 0, 0, 5, 7, 6, 1, - 0, 13, 0, 15, 3, 9, 4, 8, 11, 12, - 0, 10, 0, 14 -}; - -/* YYDEFGOTO[NTERM-NUM]. */ -static const yytype_int8 yydefgoto[] = -{ - -1, 3, 4, 5, 6, 14, 15 -}; - -/* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing - STATE-NUM. */ -#define YYPACT_NINF -5 -static const yytype_int8 yypact[] = -{ - 0, -3, -1, 5, -4, 6, -5, 1, -5, -5, - 2, 4, 7, -5, -4, -5, -5, -5, -5, -5, - 3, -5, 8, -5 -}; - -/* YYPGOTO[NTERM-NUM]. */ -static const yytype_int8 yypgoto[] = -{ - -5, -5, -5, -5, 10, -5, 9 -}; - -/* YYTABLE[YYPACT[STATE-NUM]]. What to do in state STATE-NUM. If - positive, shift that token. If negative, reduce the rule which - number is the opposite. If zero, do what YYDEFACT says. - If YYTABLE_NINF, syntax error. */ -#define YYTABLE_NINF -1 -static const yytype_uint8 yytable[] = -{ - 10, 11, 12, 1, 13, 9, 7, 2, 8, 1, - 17, 0, 18, 19, 22, 16, 20, 23, 0, 0, - 0, 0, 0, 21 -}; - -static const yytype_int8 yycheck[] = -{ - 4, 5, 6, 3, 8, 0, 9, 7, 9, 3, - 9, -1, 10, 9, 11, 5, 9, 9, -1, -1, - -1, -1, -1, 14 -}; - -/* YYSTOS[STATE-NUM] -- The (internal number of the) accessing - symbol of state STATE-NUM. */ -static const yytype_uint8 yystos[] = -{ - 0, 3, 7, 13, 14, 15, 16, 9, 9, 0, - 4, 5, 6, 8, 17, 18, 16, 9, 10, 9, - 9, 18, 11, 9 -}; - -#define yyerrok (yyerrstatus = 0) -#define yyclearin (yychar = YYEMPTY) -#define YYEMPTY (-2) -#define YYEOF 0 - -#define YYACCEPT goto yyacceptlab -#define YYABORT goto yyabortlab -#define YYERROR goto yyerrorlab - - -/* Like YYERROR except do call yyerror. This remains here temporarily - to ease the transition to the new meaning of YYERROR, for GCC. - Once GCC version 2 has supplanted version 1, this can go. */ - -#define YYFAIL goto yyerrlab - -#define YYRECOVERING() (!!yyerrstatus) - -#define YYBACKUP(Token, Value) \ -do \ - if (yychar == YYEMPTY && yylen == 1) \ - { \ - yychar = (Token); \ - yylval = (Value); \ - yytoken = YYTRANSLATE (yychar); \ - YYPOPSTACK (1); \ - goto yybackup; \ - } \ - else \ - { \ - yyerror (YY_("syntax error: cannot back up")); \ - YYERROR; \ - } \ -while (YYID (0)) - - -#define YYTERROR 1 -#define YYERRCODE 256 - - -/* YYLLOC_DEFAULT -- Set CURRENT to span from RHS[1] to RHS[N]. - If N is 0, then set CURRENT to the empty location which ends - the previous symbol: RHS[0] (always defined). */ - -#define YYRHSLOC(Rhs, K) ((Rhs)[K]) -#ifndef YYLLOC_DEFAULT -# define YYLLOC_DEFAULT(Current, Rhs, N) \ - do \ - if (YYID (N)) \ - { \ - (Current).first_line = YYRHSLOC (Rhs, 1).first_line; \ - (Current).first_column = YYRHSLOC (Rhs, 1).first_column; \ - (Current).last_line = YYRHSLOC (Rhs, N).last_line; \ - (Current).last_column = YYRHSLOC (Rhs, N).last_column; \ - } \ - else \ - { \ - (Current).first_line = (Current).last_line = \ - YYRHSLOC (Rhs, 0).last_line; \ - (Current).first_column = (Current).last_column = \ - YYRHSLOC (Rhs, 0).last_column; \ - } \ - while (YYID (0)) -#endif - - -/* YY_LOCATION_PRINT -- Print the location on the stream. - This macro was not mandated originally: define only if we know - we won't break user code: when these are the locations we know. */ - -#ifndef YY_LOCATION_PRINT -# if defined YYLTYPE_IS_TRIVIAL && YYLTYPE_IS_TRIVIAL -# define YY_LOCATION_PRINT(File, Loc) \ - fprintf (File, "%d.%d-%d.%d", \ - (Loc).first_line, (Loc).first_column, \ - (Loc).last_line, (Loc).last_column) -# else -# define YY_LOCATION_PRINT(File, Loc) ((void) 0) -# endif -#endif - - -/* YYLEX -- calling `yylex' with the right arguments. */ - -#ifdef YYLEX_PARAM -# define YYLEX yylex (YYLEX_PARAM) -#else -# define YYLEX yylex () -#endif - -/* Enable debugging if requested. */ -#if YYDEBUG - -# ifndef YYFPRINTF -# include /* INFRINGES ON USER NAME SPACE */ -# define YYFPRINTF fprintf -# endif - -# define YYDPRINTF(Args) \ -do { \ - if (yydebug) \ - YYFPRINTF Args; \ -} while (YYID (0)) - -# define YY_SYMBOL_PRINT(Title, Type, Value, Location) \ -do { \ - if (yydebug) \ - { \ - YYFPRINTF (stderr, "%s ", Title); \ - yy_symbol_print (stderr, \ - Type, Value); \ - YYFPRINTF (stderr, "\n"); \ - } \ -} while (YYID (0)) - - -/*--------------------------------. -| Print this symbol on YYOUTPUT. | -`--------------------------------*/ - -/*ARGSUSED*/ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yy_symbol_value_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep) -#else -static void -yy_symbol_value_print (yyoutput, yytype, yyvaluep) - FILE *yyoutput; - int yytype; - YYSTYPE const * const yyvaluep; -#endif -{ - if (!yyvaluep) - return; -# ifdef YYPRINT - if (yytype < YYNTOKENS) - YYPRINT (yyoutput, yytoknum[yytype], *yyvaluep); -# else - YYUSE (yyoutput); -# endif - switch (yytype) - { - default: - break; - } -} - - -/*--------------------------------. -| Print this symbol on YYOUTPUT. | -`--------------------------------*/ - -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yy_symbol_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep) -#else -static void -yy_symbol_print (yyoutput, yytype, yyvaluep) - FILE *yyoutput; - int yytype; - YYSTYPE const * const yyvaluep; -#endif -{ - if (yytype < YYNTOKENS) - YYFPRINTF (yyoutput, "token %s (", yytname[yytype]); - else - YYFPRINTF (yyoutput, "nterm %s (", yytname[yytype]); - - yy_symbol_value_print (yyoutput, yytype, yyvaluep); - YYFPRINTF (yyoutput, ")"); -} - -/*------------------------------------------------------------------. -| yy_stack_print -- Print the state stack from its BOTTOM up to its | -| TOP (included). | -`------------------------------------------------------------------*/ - -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yy_stack_print (yytype_int16 *bottom, yytype_int16 *top) -#else -static void -yy_stack_print (bottom, top) - yytype_int16 *bottom; - yytype_int16 *top; -#endif -{ - YYFPRINTF (stderr, "Stack now"); - for (; bottom <= top; ++bottom) - YYFPRINTF (stderr, " %d", *bottom); - YYFPRINTF (stderr, "\n"); -} - -# define YY_STACK_PRINT(Bottom, Top) \ -do { \ - if (yydebug) \ - yy_stack_print ((Bottom), (Top)); \ -} while (YYID (0)) - - -/*------------------------------------------------. -| Report that the YYRULE is going to be reduced. | -`------------------------------------------------*/ - -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yy_reduce_print (YYSTYPE *yyvsp, int yyrule) -#else -static void -yy_reduce_print (yyvsp, yyrule) - YYSTYPE *yyvsp; - int yyrule; -#endif -{ - int yynrhs = yyr2[yyrule]; - int yyi; - unsigned long int yylno = yyrline[yyrule]; - YYFPRINTF (stderr, "Reducing stack by rule %d (line %lu):\n", - yyrule - 1, yylno); - /* The symbols being reduced. */ - for (yyi = 0; yyi < yynrhs; yyi++) - { - fprintf (stderr, " $%d = ", yyi + 1); - yy_symbol_print (stderr, yyrhs[yyprhs[yyrule] + yyi], - &(yyvsp[(yyi + 1) - (yynrhs)]) - ); - fprintf (stderr, "\n"); - } -} - -# define YY_REDUCE_PRINT(Rule) \ -do { \ - if (yydebug) \ - yy_reduce_print (yyvsp, Rule); \ -} while (YYID (0)) - -/* Nonzero means print parse trace. It is left uninitialized so that - multiple parsers can coexist. */ -int yydebug; -#else /* !YYDEBUG */ -# define YYDPRINTF(Args) -# define YY_SYMBOL_PRINT(Title, Type, Value, Location) -# define YY_STACK_PRINT(Bottom, Top) -# define YY_REDUCE_PRINT(Rule) -#endif /* !YYDEBUG */ - - -/* YYINITDEPTH -- initial size of the parser's stacks. */ -#ifndef YYINITDEPTH -# define YYINITDEPTH 200 -#endif - -/* YYMAXDEPTH -- maximum size the stacks can grow to (effective only - if the built-in stack extension method is used). - - Do not make this value too large; the results are undefined if - YYSTACK_ALLOC_MAXIMUM < YYSTACK_BYTES (YYMAXDEPTH) - evaluated with infinite-precision integer arithmetic. */ - -#ifndef YYMAXDEPTH -# define YYMAXDEPTH 10000 -#endif - - - -#if YYERROR_VERBOSE - -# ifndef yystrlen -# if defined __GLIBC__ && defined _STRING_H -# define yystrlen strlen -# else -/* Return the length of YYSTR. */ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static YYSIZE_T -yystrlen (const char *yystr) -#else -static YYSIZE_T -yystrlen (yystr) - const char *yystr; -#endif -{ - YYSIZE_T yylen; - for (yylen = 0; yystr[yylen]; yylen++) - continue; - return yylen; -} -# endif -# endif - -# ifndef yystpcpy -# if defined __GLIBC__ && defined _STRING_H && defined _GNU_SOURCE -# define yystpcpy stpcpy -# else -/* Copy YYSRC to YYDEST, returning the address of the terminating '\0' in - YYDEST. */ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static char * -yystpcpy (char *yydest, const char *yysrc) -#else -static char * -yystpcpy (yydest, yysrc) - char *yydest; - const char *yysrc; -#endif -{ - char *yyd = yydest; - const char *yys = yysrc; - - while ((*yyd++ = *yys++) != '\0') - continue; - - return yyd - 1; -} -# endif -# endif - -# ifndef yytnamerr -/* Copy to YYRES the contents of YYSTR after stripping away unnecessary - quotes and backslashes, so that it's suitable for yyerror. The - heuristic is that double-quoting is unnecessary unless the string - contains an apostrophe, a comma, or backslash (other than - backslash-backslash). YYSTR is taken from yytname. If YYRES is - null, do not copy; instead, return the length of what the result - would have been. */ -static YYSIZE_T -yytnamerr (char *yyres, const char *yystr) -{ - if (*yystr == '"') - { - YYSIZE_T yyn = 0; - char const *yyp = yystr; - - for (;;) - switch (*++yyp) - { - case '\'': - case ',': - goto do_not_strip_quotes; - - case '\\': - if (*++yyp != '\\') - goto do_not_strip_quotes; - /* Fall through. */ - default: - if (yyres) - yyres[yyn] = *yyp; - yyn++; - break; - - case '"': - if (yyres) - yyres[yyn] = '\0'; - return yyn; - } - do_not_strip_quotes: ; - } - - if (! yyres) - return yystrlen (yystr); - - return yystpcpy (yyres, yystr) - yyres; -} -# endif - -/* Copy into YYRESULT an error message about the unexpected token - YYCHAR while in state YYSTATE. Return the number of bytes copied, - including the terminating null byte. If YYRESULT is null, do not - copy anything; just return the number of bytes that would be - copied. As a special case, return 0 if an ordinary "syntax error" - message will do. Return YYSIZE_MAXIMUM if overflow occurs during - size calculation. */ -static YYSIZE_T -yysyntax_error (char *yyresult, int yystate, int yychar) -{ - int yyn = yypact[yystate]; - - if (! (YYPACT_NINF < yyn && yyn <= YYLAST)) - return 0; - else - { - int yytype = YYTRANSLATE (yychar); - YYSIZE_T yysize0 = yytnamerr (0, yytname[yytype]); - YYSIZE_T yysize = yysize0; - YYSIZE_T yysize1; - int yysize_overflow = 0; - enum { YYERROR_VERBOSE_ARGS_MAXIMUM = 5 }; - char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM]; - int yyx; - -# if 0 - /* This is so xgettext sees the translatable formats that are - constructed on the fly. */ - YY_("syntax error, unexpected %s"); - YY_("syntax error, unexpected %s, expecting %s"); - YY_("syntax error, unexpected %s, expecting %s or %s"); - YY_("syntax error, unexpected %s, expecting %s or %s or %s"); - YY_("syntax error, unexpected %s, expecting %s or %s or %s or %s"); -# endif - char *yyfmt; - char const *yyf; - static char const yyunexpected[] = "syntax error, unexpected %s"; - static char const yyexpecting[] = ", expecting %s"; - static char const yyor[] = " or %s"; - char yyformat[sizeof yyunexpected - + sizeof yyexpecting - 1 - + ((YYERROR_VERBOSE_ARGS_MAXIMUM - 2) - * (sizeof yyor - 1))]; - char const *yyprefix = yyexpecting; - - /* Start YYX at -YYN if negative to avoid negative indexes in - YYCHECK. */ - int yyxbegin = yyn < 0 ? -yyn : 0; - - /* Stay within bounds of both yycheck and yytname. */ - int yychecklim = YYLAST - yyn + 1; - int yyxend = yychecklim < YYNTOKENS ? yychecklim : YYNTOKENS; - int yycount = 1; - - yyarg[0] = yytname[yytype]; - yyfmt = yystpcpy (yyformat, yyunexpected); - - for (yyx = yyxbegin; yyx < yyxend; ++yyx) - if (yycheck[yyx + yyn] == yyx && yyx != YYTERROR) - { - if (yycount == YYERROR_VERBOSE_ARGS_MAXIMUM) - { - yycount = 1; - yysize = yysize0; - yyformat[sizeof yyunexpected - 1] = '\0'; - break; - } - yyarg[yycount++] = yytname[yyx]; - yysize1 = yysize + yytnamerr (0, yytname[yyx]); - yysize_overflow |= (yysize1 < yysize); - yysize = yysize1; - yyfmt = yystpcpy (yyfmt, yyprefix); - yyprefix = yyor; - } - - yyf = YY_(yyformat); - yysize1 = yysize + yystrlen (yyf); - yysize_overflow |= (yysize1 < yysize); - yysize = yysize1; - - if (yysize_overflow) - return YYSIZE_MAXIMUM; - - if (yyresult) - { - /* Avoid sprintf, as that infringes on the user's name space. - Don't have undefined behavior even if the translation - produced a string with the wrong number of "%s"s. */ - char *yyp = yyresult; - int yyi = 0; - while ((*yyp = *yyf) != '\0') - { - if (*yyp == '%' && yyf[1] == 's' && yyi < yycount) - { - yyp += yytnamerr (yyp, yyarg[yyi++]); - yyf += 2; - } - else - { - yyp++; - yyf++; - } - } - } - return yysize; - } -} -#endif /* YYERROR_VERBOSE */ - - -/*-----------------------------------------------. -| Release the memory associated to this symbol. | -`-----------------------------------------------*/ - -/*ARGSUSED*/ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yydestruct (const char *yymsg, int yytype, YYSTYPE *yyvaluep) -#else -static void -yydestruct (yymsg, yytype, yyvaluep) - const char *yymsg; - int yytype; - YYSTYPE *yyvaluep; -#endif -{ - YYUSE (yyvaluep); - - if (!yymsg) - yymsg = "Deleting"; - YY_SYMBOL_PRINT (yymsg, yytype, yyvaluep, yylocationp); - - switch (yytype) - { - - default: - break; - } -} - - -/* Prevent warnings from -Wmissing-prototypes. */ - -#ifdef YYPARSE_PARAM -#if defined __STDC__ || defined __cplusplus -int yyparse (void *YYPARSE_PARAM); -#else -int yyparse (); -#endif -#else /* ! YYPARSE_PARAM */ -#if defined __STDC__ || defined __cplusplus -int yyparse (void); -#else -int yyparse (); -#endif -#endif /* ! YYPARSE_PARAM */ - - - -/* The look-ahead symbol. */ -int yychar; - -/* The semantic value of the look-ahead symbol. */ -YYSTYPE yylval; - -/* Number of syntax errors so far. */ -int yynerrs; - - - -/*----------. -| yyparse. | -`----------*/ - -#ifdef YYPARSE_PARAM -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -int -yyparse (void *YYPARSE_PARAM) -#else -int -yyparse (YYPARSE_PARAM) - void *YYPARSE_PARAM; -#endif -#else /* ! YYPARSE_PARAM */ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -int -yyparse (void) -#else -int -yyparse () - -#endif -#endif -{ - - int yystate; - int yyn; - int yyresult; - /* Number of tokens to shift before error messages enabled. */ - int yyerrstatus; - /* Look-ahead token as an internal (translated) token number. */ - int yytoken = 0; -#if YYERROR_VERBOSE - /* Buffer for error messages, and its allocated size. */ - char yymsgbuf[128]; - char *yymsg = yymsgbuf; - YYSIZE_T yymsg_alloc = sizeof yymsgbuf; -#endif - - /* Three stacks and their tools: - `yyss': related to states, - `yyvs': related to semantic values, - `yyls': related to locations. - - Refer to the stacks thru separate pointers, to allow yyoverflow - to reallocate them elsewhere. */ - - /* The state stack. */ - yytype_int16 yyssa[YYINITDEPTH]; - yytype_int16 *yyss = yyssa; - yytype_int16 *yyssp; - - /* The semantic value stack. */ - YYSTYPE yyvsa[YYINITDEPTH]; - YYSTYPE *yyvs = yyvsa; - YYSTYPE *yyvsp; - - - -#define YYPOPSTACK(N) (yyvsp -= (N), yyssp -= (N)) - - YYSIZE_T yystacksize = YYINITDEPTH; - - /* The variables used to return semantic value and location from the - action routines. */ - YYSTYPE yyval; - - - /* The number of symbols on the RHS of the reduced rule. - Keep to zero when no symbol should be popped. */ - int yylen = 0; - - YYDPRINTF ((stderr, "Starting parse\n")); - - yystate = 0; - yyerrstatus = 0; - yynerrs = 0; - yychar = YYEMPTY; /* Cause a token to be read. */ - - /* Initialize stack pointers. - Waste one element of value and location stack - so that they stay on the same level as the state stack. - The wasted elements are never initialized. */ - - yyssp = yyss; - yyvsp = yyvs; - - goto yysetstate; - -/*------------------------------------------------------------. -| yynewstate -- Push a new state, which is found in yystate. | -`------------------------------------------------------------*/ - yynewstate: - /* In all cases, when you get here, the value and location stacks - have just been pushed. So pushing a state here evens the stacks. */ - yyssp++; - - yysetstate: - *yyssp = yystate; - - if (yyss + yystacksize - 1 <= yyssp) - { - /* Get the current used size of the three stacks, in elements. */ - YYSIZE_T yysize = yyssp - yyss + 1; - -#ifdef yyoverflow - { - /* Give user a chance to reallocate the stack. Use copies of - these so that the &'s don't force the real ones into - memory. */ - YYSTYPE *yyvs1 = yyvs; - yytype_int16 *yyss1 = yyss; - - - /* Each stack pointer address is followed by the size of the - data in use in that stack, in bytes. This used to be a - conditional around just the two extra args, but that might - be undefined if yyoverflow is a macro. */ - yyoverflow (YY_("memory exhausted"), - &yyss1, yysize * sizeof (*yyssp), - &yyvs1, yysize * sizeof (*yyvsp), - - &yystacksize); - - yyss = yyss1; - yyvs = yyvs1; - } -#else /* no yyoverflow */ -# ifndef YYSTACK_RELOCATE - goto yyexhaustedlab; -# else - /* Extend the stack our own way. */ - if (YYMAXDEPTH <= yystacksize) - goto yyexhaustedlab; - yystacksize *= 2; - if (YYMAXDEPTH < yystacksize) - yystacksize = YYMAXDEPTH; - - { - yytype_int16 *yyss1 = yyss; - union yyalloc *yyptr = - (union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize)); - if (! yyptr) - goto yyexhaustedlab; - YYSTACK_RELOCATE (yyss); - YYSTACK_RELOCATE (yyvs); - -# undef YYSTACK_RELOCATE - if (yyss1 != yyssa) - YYSTACK_FREE (yyss1); - } -# endif -#endif /* no yyoverflow */ - - yyssp = yyss + yysize - 1; - yyvsp = yyvs + yysize - 1; - - - YYDPRINTF ((stderr, "Stack size increased to %lu\n", - (unsigned long int) yystacksize)); - - if (yyss + yystacksize - 1 <= yyssp) - YYABORT; - } - - YYDPRINTF ((stderr, "Entering state %d\n", yystate)); - - goto yybackup; - -/*-----------. -| yybackup. | -`-----------*/ -yybackup: - - /* Do appropriate processing given the current state. Read a - look-ahead token if we need one and don't already have one. */ - - /* First try to decide what to do without reference to look-ahead token. */ - yyn = yypact[yystate]; - if (yyn == YYPACT_NINF) - goto yydefault; - - /* Not known => get a look-ahead token if don't already have one. */ - - /* YYCHAR is either YYEMPTY or YYEOF or a valid look-ahead symbol. */ - if (yychar == YYEMPTY) - { - YYDPRINTF ((stderr, "Reading a token: ")); - yychar = YYLEX; - } - - if (yychar <= YYEOF) - { - yychar = yytoken = YYEOF; - YYDPRINTF ((stderr, "Now at end of input.\n")); - } - else - { - yytoken = YYTRANSLATE (yychar); - YY_SYMBOL_PRINT ("Next token is", yytoken, &yylval, &yylloc); - } - - /* If the proper action on seeing token YYTOKEN is to reduce or to - detect an error, take that action. */ - yyn += yytoken; - if (yyn < 0 || YYLAST < yyn || yycheck[yyn] != yytoken) - goto yydefault; - yyn = yytable[yyn]; - if (yyn <= 0) - { - if (yyn == 0 || yyn == YYTABLE_NINF) - goto yyerrlab; - yyn = -yyn; - goto yyreduce; - } - - if (yyn == YYFINAL) - YYACCEPT; - - /* Count tokens shifted since error; after three, turn off error - status. */ - if (yyerrstatus) - yyerrstatus--; - - /* Shift the look-ahead token. */ - YY_SYMBOL_PRINT ("Shifting", yytoken, &yylval, &yylloc); - - /* Discard the shifted token unless it is eof. */ - if (yychar != YYEOF) - yychar = YYEMPTY; - - yystate = yyn; - *++yyvsp = yylval; - - goto yynewstate; - - -/*-----------------------------------------------------------. -| yydefault -- do the default action for the current state. | -`-----------------------------------------------------------*/ -yydefault: - yyn = yydefact[yystate]; - if (yyn == 0) - goto yyerrlab; - goto yyreduce; - - -/*-----------------------------. -| yyreduce -- Do a reduction. | -`-----------------------------*/ -yyreduce: - /* yyn is the number of a rule to reduce with. */ - yylen = yyr2[yyn]; - - /* If YYLEN is nonzero, implement the default value of the action: - `$$ = $1'. - - Otherwise, the following line sets YYVAL to garbage. - This behavior is undocumented and Bison - users should not rely upon it. Assigning to YYVAL - unconditionally makes the parser a bit smaller, and it avoids a - GCC warning that YYVAL may be used uninitialized. */ - yyval = yyvsp[1-yylen]; - - - YY_REDUCE_PRINT (yyn); - switch (yyn) - { - case 6: -#line 73 "parse.y" - { - id_str = (yyvsp[(2) - (2)].string); - } - break; - - case 7: -#line 79 "parse.y" - { - base_id = name2number((yyvsp[(2) - (2)].string)); - strlcpy(name, (yyvsp[(2) - (2)].string), sizeof(name)); - free((yyvsp[(2) - (2)].string)); - } - break; - - case 8: -#line 85 "parse.y" - { - base_id = name2number((yyvsp[(2) - (3)].string)); - strlcpy(name, (yyvsp[(3) - (3)].string), sizeof(name)); - free((yyvsp[(2) - (3)].string)); - free((yyvsp[(3) - (3)].string)); - } - break; - - case 11: -#line 98 "parse.y" - { - number = (yyvsp[(2) - (2)].number); - } - break; - - case 12: -#line 102 "parse.y" - { - free(prefix); - asprintf (&prefix, "%s_", (yyvsp[(2) - (2)].string)); - if (prefix == NULL) - errx(1, "malloc"); - free((yyvsp[(2) - (2)].string)); - } - break; - - case 13: -#line 110 "parse.y" - { - prefix = realloc(prefix, 1); - if (prefix == NULL) - errx(1, "malloc"); - *prefix = '\0'; - } - break; - - case 14: -#line 117 "parse.y" - { - struct error_code *ec = malloc(sizeof(*ec)); - - if (ec == NULL) - errx(1, "malloc"); - - ec->next = NULL; - ec->number = number; - if(prefix && *prefix != '\0') { - asprintf (&ec->name, "%s%s", prefix, (yyvsp[(2) - (4)].string)); - if (ec->name == NULL) - errx(1, "malloc"); - free((yyvsp[(2) - (4)].string)); - } else - ec->name = (yyvsp[(2) - (4)].string); - ec->string = (yyvsp[(4) - (4)].string); - APPEND(codes, ec); - number++; - } - break; - - case 15: -#line 137 "parse.y" - { - YYACCEPT; - } - break; - - -/* Line 1267 of yacc.c. */ -#line 1470 "parse.c" - default: break; - } - YY_SYMBOL_PRINT ("-> $$ =", yyr1[yyn], &yyval, &yyloc); - - YYPOPSTACK (yylen); - yylen = 0; - YY_STACK_PRINT (yyss, yyssp); - - *++yyvsp = yyval; - - - /* Now `shift' the result of the reduction. Determine what state - that goes to, based on the state we popped back to and the rule - number reduced by. */ - - yyn = yyr1[yyn]; - - yystate = yypgoto[yyn - YYNTOKENS] + *yyssp; - if (0 <= yystate && yystate <= YYLAST && yycheck[yystate] == *yyssp) - yystate = yytable[yystate]; - else - yystate = yydefgoto[yyn - YYNTOKENS]; - - goto yynewstate; - - -/*------------------------------------. -| yyerrlab -- here on detecting error | -`------------------------------------*/ -yyerrlab: - /* If not already recovering from an error, report this error. */ - if (!yyerrstatus) - { - ++yynerrs; -#if ! YYERROR_VERBOSE - yyerror (YY_("syntax error")); -#else - { - YYSIZE_T yysize = yysyntax_error (0, yystate, yychar); - if (yymsg_alloc < yysize && yymsg_alloc < YYSTACK_ALLOC_MAXIMUM) - { - YYSIZE_T yyalloc = 2 * yysize; - if (! (yysize <= yyalloc && yyalloc <= YYSTACK_ALLOC_MAXIMUM)) - yyalloc = YYSTACK_ALLOC_MAXIMUM; - if (yymsg != yymsgbuf) - YYSTACK_FREE (yymsg); - yymsg = (char *) YYSTACK_ALLOC (yyalloc); - if (yymsg) - yymsg_alloc = yyalloc; - else - { - yymsg = yymsgbuf; - yymsg_alloc = sizeof yymsgbuf; - } - } - - if (0 < yysize && yysize <= yymsg_alloc) - { - (void) yysyntax_error (yymsg, yystate, yychar); - yyerror (yymsg); - } - else - { - yyerror (YY_("syntax error")); - if (yysize != 0) - goto yyexhaustedlab; - } - } -#endif - } - - - - if (yyerrstatus == 3) - { - /* If just tried and failed to reuse look-ahead token after an - error, discard it. */ - - if (yychar <= YYEOF) - { - /* Return failure if at end of input. */ - if (yychar == YYEOF) - YYABORT; - } - else - { - yydestruct ("Error: discarding", - yytoken, &yylval); - yychar = YYEMPTY; - } - } - - /* Else will try to reuse look-ahead token after shifting the error - token. */ - goto yyerrlab1; - - -/*---------------------------------------------------. -| yyerrorlab -- error raised explicitly by YYERROR. | -`---------------------------------------------------*/ -yyerrorlab: - - /* Pacify compilers like GCC when the user code never invokes - YYERROR and the label yyerrorlab therefore never appears in user - code. */ - if (/*CONSTCOND*/ 0) - goto yyerrorlab; - - /* Do not reclaim the symbols of the rule which action triggered - this YYERROR. */ - YYPOPSTACK (yylen); - yylen = 0; - YY_STACK_PRINT (yyss, yyssp); - yystate = *yyssp; - goto yyerrlab1; - - -/*-------------------------------------------------------------. -| yyerrlab1 -- common code for both syntax error and YYERROR. | -`-------------------------------------------------------------*/ -yyerrlab1: - yyerrstatus = 3; /* Each real token shifted decrements this. */ - - for (;;) - { - yyn = yypact[yystate]; - if (yyn != YYPACT_NINF) - { - yyn += YYTERROR; - if (0 <= yyn && yyn <= YYLAST && yycheck[yyn] == YYTERROR) - { - yyn = yytable[yyn]; - if (0 < yyn) - break; - } - } - - /* Pop the current state because it cannot handle the error token. */ - if (yyssp == yyss) - YYABORT; - - - yydestruct ("Error: popping", - yystos[yystate], yyvsp); - YYPOPSTACK (1); - yystate = *yyssp; - YY_STACK_PRINT (yyss, yyssp); - } - - if (yyn == YYFINAL) - YYACCEPT; - - *++yyvsp = yylval; - - - /* Shift the error token. */ - YY_SYMBOL_PRINT ("Shifting", yystos[yyn], yyvsp, yylsp); - - yystate = yyn; - goto yynewstate; - - -/*-------------------------------------. -| yyacceptlab -- YYACCEPT comes here. | -`-------------------------------------*/ -yyacceptlab: - yyresult = 0; - goto yyreturn; - -/*-----------------------------------. -| yyabortlab -- YYABORT comes here. | -`-----------------------------------*/ -yyabortlab: - yyresult = 1; - goto yyreturn; - -#ifndef yyoverflow -/*-------------------------------------------------. -| yyexhaustedlab -- memory exhaustion comes here. | -`-------------------------------------------------*/ -yyexhaustedlab: - yyerror (YY_("memory exhausted")); - yyresult = 2; - /* Fall through. */ -#endif - -yyreturn: - if (yychar != YYEOF && yychar != YYEMPTY) - yydestruct ("Cleanup: discarding lookahead", - yytoken, &yylval); - /* Do not reclaim the symbols of the rule which action triggered - this YYABORT or YYACCEPT. */ - YYPOPSTACK (yylen); - YY_STACK_PRINT (yyss, yyssp); - while (yyssp != yyss) - { - yydestruct ("Cleanup: popping", - yystos[*yyssp], yyvsp); - YYPOPSTACK (1); - } -#ifndef yyoverflow - if (yyss != yyssa) - YYSTACK_FREE (yyss); -#endif -#if YYERROR_VERBOSE - if (yymsg != yymsgbuf) - YYSTACK_FREE (yymsg); -#endif - /* Make sure YYID is used. */ - return YYID (yyresult); -} - - -#line 142 "parse.y" - - -static long -name2number(const char *str) -{ - const char *p; - long num = 0; - const char *x = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" - "abcdefghijklmnopqrstuvwxyz0123456789_"; - if(strlen(str) > 4) { - yyerror("table name too long"); - return 0; - } - for(p = str; *p; p++){ - char *q = strchr(x, *p); - if(q == NULL) { - yyerror("invalid character in table name"); - return 0; - } - num = (num << 6) + (q - x) + 1; - } - num <<= 8; - if(num > 0x7fffffff) - num = -(0xffffffff - num + 1); - return num; -} - -void -yyerror (char *s) -{ - error_message ("%s\n", s); -} - diff --git a/crypto/heimdal/lib/com_err/parse.h b/crypto/heimdal/lib/com_err/parse.h deleted file mode 100644 index 23d7e0c7d98c..000000000000 --- a/crypto/heimdal/lib/com_err/parse.h +++ /dev/null @@ -1,81 +0,0 @@ -/* A Bison parser, made by GNU Bison 2.3. */ - -/* Skeleton interface for Bison's Yacc-like parsers in C - - Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 - Free Software Foundation, Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2, or (at your option) - any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, - Boston, MA 02110-1301, USA. */ - -/* As a special exception, you may create a larger work that contains - part or all of the Bison parser skeleton and distribute that work - under terms of your choice, so long as that work isn't itself a - parser generator using the skeleton or a modified version thereof - as a parser skeleton. Alternatively, if you modify or redistribute - the parser skeleton itself, you may (at your option) remove this - special exception, which will cause the skeleton and the resulting - Bison output files to be licensed under the GNU General Public - License without this special exception. - - This special exception was added by the Free Software Foundation in - version 2.2 of Bison. */ - -/* Tokens. */ -#ifndef YYTOKENTYPE -# define YYTOKENTYPE - /* Put the tokens into the symbol table, so that GDB and other debuggers - know about them. */ - enum yytokentype { - ET = 258, - INDEX = 259, - PREFIX = 260, - EC = 261, - ID = 262, - END = 263, - STRING = 264, - NUMBER = 265 - }; -#endif -/* Tokens. */ -#define ET 258 -#define INDEX 259 -#define PREFIX 260 -#define EC 261 -#define ID 262 -#define END 263 -#define STRING 264 -#define NUMBER 265 - - - - -#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED -typedef union YYSTYPE -#line 53 "parse.y" -{ - char *string; - int number; -} -/* Line 1529 of yacc.c. */ -#line 74 "parse.h" - YYSTYPE; -# define yystype YYSTYPE /* obsolescent; will be withdrawn */ -# define YYSTYPE_IS_DECLARED 1 -# define YYSTYPE_IS_TRIVIAL 1 -#endif - -extern YYSTYPE yylval; - diff --git a/crypto/heimdal/lib/com_err/parse.y b/crypto/heimdal/lib/com_err/parse.y deleted file mode 100644 index 315931389fe4..000000000000 --- a/crypto/heimdal/lib/com_err/parse.y +++ /dev/null @@ -1,173 +0,0 @@ -%{ -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "compile_et.h" -#include "lex.h" - -RCSID("$Id: parse.y 15426 2005-06-16 19:21:42Z lha $"); - -void yyerror (char *s); -static long name2number(const char *str); - -extern char *yytext; - -/* This is for bison */ - -#if !defined(alloca) && !defined(HAVE_ALLOCA) -#define alloca(x) malloc(x) -#endif - -%} - -%union { - char *string; - int number; -} - -%token ET INDEX PREFIX EC ID END -%token STRING -%token NUMBER - -%% - -file : /* */ - | header statements - ; - -header : id et - | et - ; - -id : ID STRING - { - id_str = $2; - } - ; - -et : ET STRING - { - base_id = name2number($2); - strlcpy(name, $2, sizeof(name)); - free($2); - } - | ET STRING STRING - { - base_id = name2number($2); - strlcpy(name, $3, sizeof(name)); - free($2); - free($3); - } - ; - -statements : statement - | statements statement - ; - -statement : INDEX NUMBER - { - number = $2; - } - | PREFIX STRING - { - free(prefix); - asprintf (&prefix, "%s_", $2); - if (prefix == NULL) - errx(1, "malloc"); - free($2); - } - | PREFIX - { - prefix = realloc(prefix, 1); - if (prefix == NULL) - errx(1, "malloc"); - *prefix = '\0'; - } - | EC STRING ',' STRING - { - struct error_code *ec = malloc(sizeof(*ec)); - - if (ec == NULL) - errx(1, "malloc"); - - ec->next = NULL; - ec->number = number; - if(prefix && *prefix != '\0') { - asprintf (&ec->name, "%s%s", prefix, $2); - if (ec->name == NULL) - errx(1, "malloc"); - free($2); - } else - ec->name = $2; - ec->string = $4; - APPEND(codes, ec); - number++; - } - | END - { - YYACCEPT; - } - ; - -%% - -static long -name2number(const char *str) -{ - const char *p; - long num = 0; - const char *x = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" - "abcdefghijklmnopqrstuvwxyz0123456789_"; - if(strlen(str) > 4) { - yyerror("table name too long"); - return 0; - } - for(p = str; *p; p++){ - char *q = strchr(x, *p); - if(q == NULL) { - yyerror("invalid character in table name"); - return 0; - } - num = (num << 6) + (q - x) + 1; - } - num <<= 8; - if(num > 0x7fffffff) - num = -(0xffffffff - num + 1); - return num; -} - -void -yyerror (char *s) -{ - error_message ("%s\n", s); -} diff --git a/crypto/heimdal/lib/com_err/roken_rename.h b/crypto/heimdal/lib/com_err/roken_rename.h deleted file mode 100644 index 7c9b0ee10e94..000000000000 --- a/crypto/heimdal/lib/com_err/roken_rename.h +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: roken_rename.h 14930 2005-04-24 19:43:06Z lha $ */ - -#ifndef __roken_rename_h__ -#define __roken_rename_h__ - -#ifndef HAVE_SNPRINTF -#define snprintf _com_err_snprintf -#endif -#ifndef HAVE_VSNPRINTF -#define vsnprintf _com_err_vsnprintf -#endif -#ifndef HAVE_ASPRINTF -#define asprintf _com_err_asprintf -#endif -#ifndef HAVE_ASNPRINTF -#define asnprintf _com_err_asnprintf -#endif -#ifndef HAVE_VASPRINTF -#define vasprintf _com_err_vasprintf -#endif -#ifndef HAVE_VASNPRINTF -#define vasnprintf _com_err_vasnprintf -#endif -#ifndef HAVE_STRLCPY -#define strlcpy _com_err_strlcpy -#endif - - -#endif /* __roken_rename_h__ */ diff --git a/crypto/heimdal/lib/com_err/version-script.map b/crypto/heimdal/lib/com_err/version-script.map deleted file mode 100644 index 43e2e020c0ce..000000000000 --- a/crypto/heimdal/lib/com_err/version-script.map +++ /dev/null @@ -1,18 +0,0 @@ -# $Id$ - -HEIMDAL_COM_ERR_1.0 { - global: - com_right; - free_error_table; - initialize_error_table_r; - add_to_error_table; - com_err; - com_err_va; - error_message; - error_table_name; - init_error_table; - reset_com_err_hook; - set_com_err_hook; - local: - *; -}; diff --git a/crypto/heimdal/lib/gssapi/8003.c b/crypto/heimdal/lib/gssapi/8003.c deleted file mode 100644 index 3b481822b8cd..000000000000 --- a/crypto/heimdal/lib/gssapi/8003.c +++ /dev/null @@ -1,251 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: 8003.c,v 1.12.2.2 2003/09/18 21:30:57 lha Exp $"); - -krb5_error_code -gssapi_encode_om_uint32(OM_uint32 n, u_char *p) -{ - p[0] = (n >> 0) & 0xFF; - p[1] = (n >> 8) & 0xFF; - p[2] = (n >> 16) & 0xFF; - p[3] = (n >> 24) & 0xFF; - return 0; -} - -krb5_error_code -gssapi_encode_be_om_uint32(OM_uint32 n, u_char *p) -{ - p[0] = (n >> 24) & 0xFF; - p[1] = (n >> 16) & 0xFF; - p[2] = (n >> 8) & 0xFF; - p[3] = (n >> 0) & 0xFF; - return 0; -} - -krb5_error_code -gssapi_decode_om_uint32(u_char *p, OM_uint32 *n) -{ - *n = (p[0] << 0) | (p[1] << 8) | (p[2] << 16) | (p[3] << 24); - return 0; -} - -krb5_error_code -gssapi_decode_be_om_uint32(u_char *p, OM_uint32 *n) -{ - *n = (p[0] <<24) | (p[1] << 16) | (p[2] << 8) | (p[3] << 0); - return 0; -} - -static krb5_error_code -hash_input_chan_bindings (const gss_channel_bindings_t b, - u_char *p) -{ - u_char num[4]; - MD5_CTX md5; - - MD5_Init(&md5); - gssapi_encode_om_uint32 (b->initiator_addrtype, num); - MD5_Update (&md5, num, sizeof(num)); - gssapi_encode_om_uint32 (b->initiator_address.length, num); - MD5_Update (&md5, num, sizeof(num)); - if (b->initiator_address.length) - MD5_Update (&md5, - b->initiator_address.value, - b->initiator_address.length); - gssapi_encode_om_uint32 (b->acceptor_addrtype, num); - MD5_Update (&md5, num, sizeof(num)); - gssapi_encode_om_uint32 (b->acceptor_address.length, num); - MD5_Update (&md5, num, sizeof(num)); - if (b->acceptor_address.length) - MD5_Update (&md5, - b->acceptor_address.value, - b->acceptor_address.length); - gssapi_encode_om_uint32 (b->application_data.length, num); - MD5_Update (&md5, num, sizeof(num)); - if (b->application_data.length) - MD5_Update (&md5, - b->application_data.value, - b->application_data.length); - MD5_Final (p, &md5); - return 0; -} - -/* - * create a checksum over the chanel bindings in - * `input_chan_bindings', `flags' and `fwd_data' and return it in - * `result' - */ - -OM_uint32 -gssapi_krb5_create_8003_checksum ( - OM_uint32 *minor_status, - const gss_channel_bindings_t input_chan_bindings, - OM_uint32 flags, - const krb5_data *fwd_data, - Checksum *result) -{ - u_char *p; - - /* - * see rfc1964 (section 1.1.1 (Initial Token), and the checksum value - * field's format) */ - result->cksumtype = 0x8003; - if (fwd_data->length > 0 && (flags & GSS_C_DELEG_FLAG)) - result->checksum.length = 24 + 4 + fwd_data->length; - else - result->checksum.length = 24; - result->checksum.data = malloc (result->checksum.length); - if (result->checksum.data == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - p = result->checksum.data; - gssapi_encode_om_uint32 (16, p); - p += 4; - if (input_chan_bindings == GSS_C_NO_CHANNEL_BINDINGS) { - memset (p, 0, 16); - } else { - hash_input_chan_bindings (input_chan_bindings, p); - } - p += 16; - gssapi_encode_om_uint32 (flags, p); - p += 4; - - if (fwd_data->length > 0 && (flags & GSS_C_DELEG_FLAG)) { -#if 0 - u_char *tmp; - - result->checksum.length = 28 + fwd_data->length; - tmp = realloc(result->checksum.data, result->checksum.length); - if (tmp == NULL) - return ENOMEM; - result->checksum.data = tmp; - - p = (u_char*)result->checksum.data + 24; -#endif - *p++ = (1 >> 0) & 0xFF; /* DlgOpt */ /* == 1 */ - *p++ = (1 >> 8) & 0xFF; /* DlgOpt */ /* == 0 */ - *p++ = (fwd_data->length >> 0) & 0xFF; /* Dlgth */ - *p++ = (fwd_data->length >> 8) & 0xFF; /* Dlgth */ - memcpy(p, (unsigned char *) fwd_data->data, fwd_data->length); - - p += fwd_data->length; - } - - return GSS_S_COMPLETE; -} - -/* - * verify the checksum in `cksum' over `input_chan_bindings' - * returning `flags' and `fwd_data' - */ - -OM_uint32 -gssapi_krb5_verify_8003_checksum( - OM_uint32 *minor_status, - const gss_channel_bindings_t input_chan_bindings, - const Checksum *cksum, - OM_uint32 *flags, - krb5_data *fwd_data) -{ - unsigned char hash[16]; - unsigned char *p; - OM_uint32 length; - int DlgOpt; - static unsigned char zeros[16]; - - /* XXX should handle checksums > 24 bytes */ - if(cksum->cksumtype != 0x8003 || cksum->checksum.length < 24) { - *minor_status = 0; - return GSS_S_BAD_BINDINGS; - } - - p = cksum->checksum.data; - gssapi_decode_om_uint32(p, &length); - if(length != sizeof(hash)) { - *minor_status = 0; - return GSS_S_BAD_BINDINGS; - } - - p += 4; - - if (input_chan_bindings != GSS_C_NO_CHANNEL_BINDINGS - && memcmp(p, zeros, sizeof(zeros)) != 0) { - if(hash_input_chan_bindings(input_chan_bindings, hash) != 0) { - *minor_status = 0; - return GSS_S_BAD_BINDINGS; - } - if(memcmp(hash, p, sizeof(hash)) != 0) { - *minor_status = 0; - return GSS_S_BAD_BINDINGS; - } - } - - p += sizeof(hash); - - gssapi_decode_om_uint32(p, flags); - p += 4; - - if (cksum->checksum.length > 24 && (*flags & GSS_C_DELEG_FLAG)) { - if(cksum->checksum.length < 28) { - *minor_status = 0; - return GSS_S_BAD_BINDINGS; - } - - DlgOpt = (p[0] << 0) | (p[1] << 8); - p += 2; - if (DlgOpt != 1) { - *minor_status = 0; - return GSS_S_BAD_BINDINGS; - } - - fwd_data->length = (p[0] << 0) | (p[1] << 8); - p += 2; - if(cksum->checksum.length < 28 + fwd_data->length) { - *minor_status = 0; - return GSS_S_BAD_BINDINGS; - } - fwd_data->data = malloc(fwd_data->length); - if (fwd_data->data == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - memcpy(fwd_data->data, p, fwd_data->length); - } - - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ChangeLog b/crypto/heimdal/lib/gssapi/ChangeLog deleted file mode 100644 index 3a0c39f8763b..000000000000 --- a/crypto/heimdal/lib/gssapi/ChangeLog +++ /dev/null @@ -1,2863 +0,0 @@ -2008-01-13 Love Hörnquist Åstrand - - * test_ntlm.c: Test source name (and make the acceptor in ntlm gss - mech useful). - -2007-12-30 Love Hörnquist Åstrand - - * ntlm/init_sec_context.c: Don't confuse target name and source - name, make regressiont tests pass again. - -2007-12-29 Love Hörnquist Åstrand - - * ntlm: clean up name handling - -2007-12-04 Love Hörnquist Åstrand - - * ntlm/init_sec_context.c: Use credential if it was passed in. - - * ntlm/acquire_cred.c: Check if there is initial creds with - _gss_ntlm_get_user_cred(). - - * ntlm/init_sec_context.c: Add _gss_ntlm_get_user_info() that - return the user info so it can be used by external modules. - - * ntlm/inquire_cred.c: use the right error code. - - * ntlm/inquire_cred.c: Return GSS_C_NO_CREDENTIAL if there is no - credential, ntlm have (not yet) a default credential. - - * mech/gss_release_oid_set.c: Avoid trying to deref NULL, from - Phil Fisher. - -2007-12-03 Love Hörnquist Åstrand - - * test_acquire_cred.c: Always try to fetch cred (even with - GSS_C_NO_NAME). - -2007-08-09 Love Hörnquist Åstrand - - * mech/gss_krb5.c: Readd gss_krb5_get_tkt_flags. - -2007-08-08 Love Hörnquist Åstrand - - * spnego/compat.c (_gss_spnego_internal_delete_sec_context): - release ctx->target_name too From Rafal Malinowski. - -2007-07-26 Love Hörnquist Åstrand - - * mech/gss_mech_switch.c: Don't try to do dlopen if system doesn't - have dlopen. From Rune of Chalmers. - -2007-07-10 Love Hörnquist Åstrand - - * mech/gss_duplicate_name.c: New signature of _gss_find_mn. - - * mech/gss_init_sec_context.c: New signature of _gss_find_mn. - - * mech/gss_acquire_cred.c: New signature of _gss_find_mn. - - * mech/name.h: New signature of _gss_find_mn. - - * mech/gss_canonicalize_name.c: New signature of _gss_find_mn. - - * mech/gss_compare_name.c: New signature of _gss_find_mn. - - * mech/gss_add_cred.c: New signature of _gss_find_mn. - - * mech/gss_names.c (_gss_find_mn): Return an error code for - caller. - - * spnego/accept_sec_context.c: remove checks that are done by the - previous function. - - * Makefile.am: New library version. - -2007-07-04 Love Hörnquist Åstrand - - * mech/gss_oid_to_str.c: Refuse to print GSS_C_NULL_OID, from - Rafal Malinowski. - - * spnego/spnego.asn1: Indent and make NegTokenInit and - NegTokenResp extendable. - -2007-06-21 Love Hörnquist Åstrand - - * ntlm/inquire_cred.c: Implement _gss_ntlm_inquire_cred. - - * mech/gss_display_status.c: Provide message for GSS_S_COMPLETE. - - * mech/context.c: If the canned string is "", its no use to the - user, make it fall back to the default error string. - -2007-06-20 Love Hörnquist Åstrand - - * mech/gss_display_name.c (gss_display_name): no name -> - fail. From Rafal Malinswski. - - * spnego/accept_sec_context.c: Wrap name in a spnego_name instead - of just a copy of the underlaying object. From Rafal Malinswski. - - * spnego/accept_sec_context.c: Handle underlaying mech not - returning mn. - - * mech/gss_accept_sec_context.c: Handle underlaying mech not - returning mn. - - * spnego/accept_sec_context.c: Make sure src_name is always set to - GSS_C_NO_NAME when returning. - - * krb5/acquire_cred.c (acquire_acceptor_cred): don't claim - everything is well on failure. From Phil Fisher. - - * mech/gss_duplicate_name.c: catch error (and ignore it) - - * ntlm/init_sec_context.c: Use heim_ntlm_calculate_ntlm2_sess. - - * mech/gss_accept_sec_context.c: Only wrap the delegated cred if - we got a delegated mech cred. From Rafal Malinowski. - - * spnego/accept_sec_context.c: Only wrap the delegated cred if we - are going to return it to the consumer. From Rafal Malinowski. - - * spnego/accept_sec_context.c: Fixed memory leak pointed out by - Rafal Malinowski, also while here moved to use NegotiationToken - for decoding. - -2007-06-18 Love Hörnquist Åstrand - - * krb5/prf.c (_gsskrb5_pseudo_random): add missing break. - - * krb5/release_name.c: Set *minor_status unconditionallty, its - done later anyway. - - * spnego/accept_sec_context.c: Init get_mic to 0. - - * mech/gss_set_cred_option.c: Free memory in failure case, found - by beam. - - * mech/gss_inquire_context.c: Handle mech_type being NULL. - - * mech/gss_inquire_cred_by_mech.c: Handle cred_name being NULL. - - * mech/gss_krb5.c: Free memory in error case, found by beam. - -2007-06-12 Love Hörnquist Åstrand - - * ntlm/inquire_context.c: Use ctx->gssflags for flags. - - * krb5/display_name.c: Use KRB5_PRINCIPAL_UNPARSE_DISPLAY, this is - not ment for machine consumption. - -2007-06-09 Love Hörnquist Åstrand - - * ntlm/digest.c (kdc_alloc): free memory on failure, pointed out - by Rafal Malinowski. - - * ntlm/digest.c (kdc_destroy): free context when done, pointed out - by Rafal Malinowski. - - * spnego/context_stubs.c (_gss_spnego_display_name): if input_name - is null, fail. From Rafal Malinowski. - -2007-06-04 Love Hörnquist Åstrand - - * ntlm/digest.c: Free memory when done. - -2007-06-02 Love Hörnquist Åstrand - - * test_ntlm.c: Test both with and without keyex. - - * ntlm/digest.c: If we didn't set session key, don't expect one - back. - - * test_ntlm.c: Set keyex flag and calculate session key. - -2007-05-31 Love Hörnquist Åstrand - - * spnego/accept_sec_context.c: Use the return value before is - overwritten by later calls. From Rafal Malinowski - - * krb5/release_cred.c: Give an minor_status argument to - gss_release_oid_set. From Rafal Malinowski - -2007-05-30 Love Hörnquist Åstrand - - * ntlm/accept_sec_context.c: Catch errors and return the up the - stack. - - * test_kcred.c: more testing of lifetimes - -2007-05-17 Love Hörnquist Åstrand - - * Makefile.am: Drop the gss oid_set function for the krb5 mech, - use the mech glue versions instead. Pointed out by Rafal - Malinowski. - - * krb5: Use gss oid_set functions from mechglue - -2007-05-14 Love Hörnquist Åstrand - - * ntlm/accept_sec_context.c: Set session key only if we are - returned a session key. Found by David Love. - -2007-05-13 Love Hörnquist Åstrand - - * krb5/prf.c: switched MIN to min to make compile on solaris, - pointed out by David Love. - -2007-05-09 Love Hörnquist Åstrand - - * krb5/inquire_cred_by_mech.c: Fill in all of the variables if - they are passed in. Pointed out by Phil Fisher. - -2007-05-08 Love Hörnquist Åstrand - - * krb5/inquire_cred.c: Fix copy and paste error, bug spotted by - from Phil Fisher. - - * mech: dont keep track of gc_usage, just figure it out at - gss_inquire_cred() time - - * mech/gss_mech_switch.c (add_builtin): ok for - __gss_mech_initialize() to return NULL - - * test_kcred.c: more correct tests - - * spnego/cred_stubs.c (gss_inquire_cred*): wrap the name with a - spnego_name. - - * ntlm/inquire_cred.c: make ntlm gss_inquire_cred fail for now, - need to find default cred and friends. - - * krb5/inquire_cred_by_mech.c: reimplement - -2007-05-07 Love Hörnquist Åstrand - - * ntlm/acquire_cred.c: drop unused variable. - - * ntlm/acquire_cred.c: Reimplement. - - * Makefile.am: add ntlm/digest.c - - * ntlm: split out backend ntlm server processing - -2007-04-24 Love Hörnquist Åstrand - - * ntlm/delete_sec_context.c (_gss_ntlm_delete_sec_context): free - credcache when done - -2007-04-22 Love Hörnquist Åstrand - - * ntlm/init_sec_context.c: ntlm-key credential entry is prefix with @ - - * ntlm/init_sec_context.c (get_user_ccache): pick up the ntlm - creds from the krb5 credential cache. - -2007-04-21 Love Hörnquist Åstrand - - * ntlm/delete_sec_context.c: free the key stored in the context - - * ntlm/ntlm.h: switch password for a key - - * test_oid.c: Switch oid to one that is exported. - -2007-04-20 Love Hörnquist Åstrand - - * ntlm/init_sec_context.c: move where hash is calculated to make - it easier to add ccache support. - - * Makefile.am: Add version-script.map to EXTRA_DIST. - -2007-04-19 Love Hörnquist Åstrand - - * Makefile.am: Unconfuse newer versions of automake that doesn't - know the diffrence between depenences and setting variables. foo: - vs foo=. - - * test_ntlm.c: delete sec context when done. - - * version-script.map: export more symbols. - - * Makefile.am: add version script if ld supports it - - * version-script.map: add version script if ld supports it - -2007-04-18 Love Hörnquist Åstrand - - * Makefile.am: test_acquire_cred need test_common.[ch] - - * test_acquire_cred.c: add more test options. - - * krb5/external.c: add GSS_KRB5_CCACHE_NAME_X - - * gssapi/gssapi_krb5.h: add GSS_KRB5_CCACHE_NAME_X - - * krb5/set_sec_context_option.c: refactor code, implement - GSS_KRB5_CCACHE_NAME_X - - * mech/gss_krb5.c: reimplement gss_krb5_ccache_name - -2007-04-17 Love Hörnquist Åstrand - - * spnego/cred_stubs.c: Need to import spnego name before we can - use it as a gss_name_t. - - * test_acquire_cred.c: use this test as part of the regression - suite. - - * mech/gss_acquire_cred.c (gss_acquire_cred): dont init - cred->gc_mc every time in the loop. - -2007-04-15 Love Hörnquist Åstrand - - * Makefile.am: add test_common.h - -2007-02-16 Love Hörnquist Åstrand - - * gss_acquire_cred.3: Add link for - gsskrb5_register_acceptor_identity. - -2007-02-08 Love Hörnquist Åstrand - - * krb5/copy_ccache.c: Try to leak less memory in the failure case. - -2007-01-31 Love Hörnquist Åstrand - - * mech/gss_display_status.c: Use right printf formater. - - * test_*.[ch]: split out the error printing function and try to - return better errors - -2007-01-30 Love Hörnquist Åstrand - - * krb5/init_sec_context.c: revert 1.75: (init_auth): only turn on - GSS_C_CONF_FLAG and GSS_C_INT_FLAG if the caller requseted it. - - This is because Kerberos always support INT|CONF, matches behavior - with MS and MIT. The creates problems for the GSS-SPNEGO mech. - -2007-01-24 Love Hörnquist Åstrand - - * krb5/prf.c: constrain desired_output_len - - * krb5/external.c (krb5_mech): add _gsskrb5_pseudo_random - - * mech/gss_pseudo_random.c: Catch error from underlaying mech on - failure. - - * Makefile.am: Add krb5/prf.c - - * krb5/prf.c: gss_pseudo_random for krb5 - - * test_context.c: Checks for gss_pseudo_random. - - * krb5/gkrb5_err.et: add KG_INPUT_TOO_LONG - - * Makefile.am: Add mech/gss_pseudo_random.c - - * gssapi/gssapi.h: try to load pseudo_random - - * mech/gss_mech_switch.c: try to load pseudo_random - - * mech/gss_pseudo_random.c: Add gss_pseudo_random. - - * gssapi_mech.h: Add hook for gm_pseudo_random. - -2007-01-17 Love Hörnquist Åstrand - - * test_context.c: Don't assume bufer from gss_display_status is - ok. - - * mech/gss_wrap_size_limit.c: Reset out variables. - - * mech/gss_wrap.c: Reset out variables. - - * mech/gss_verify_mic.c: Reset out variables. - - * mech/gss_utils.c: Reset out variables. - - * mech/gss_release_oid_set.c: Reset out variables. - - * mech/gss_release_cred.c: Reset out variables. - - * mech/gss_release_buffer.c: Reset variables. - - * mech/gss_oid_to_str.c: Reset out variables. - - * mech/gss_inquire_sec_context_by_oid.c: Fix reset out variables. - - * mech/gss_mech_switch.c: Reset out variables. - - * mech/gss_inquire_sec_context_by_oid.c: Reset out variables. - - * mech/gss_inquire_names_for_mech.c: Reset out variables. - - * mech/gss_inquire_cred_by_oid.c: Reset out variables. - - * mech/gss_inquire_cred_by_oid.c: Reset out variables. - - * mech/gss_inquire_cred_by_mech.c: Reset out variables. - - * mech/gss_inquire_cred.c: Reset out variables, fix memory leak. - - * mech/gss_inquire_context.c: Reset out variables. - - * mech/gss_init_sec_context.c: Zero out outbuffer on failure. - - * mech/gss_import_name.c: Reset out variables. - - * mech/gss_import_name.c: Reset out variables. - - * mech/gss_get_mic.c: Reset out variables. - - * mech/gss_export_name.c: Reset out variables. - - * mech/gss_encapsulate_token.c: Reset out variables. - - * mech/gss_duplicate_oid.c: Reset out variables. - - * mech/gss_duplicate_oid.c: Reset out variables. - - * mech/gss_duplicate_name.c: Reset out variables. - - * mech/gss_display_status.c: Reset out variables. - - * mech/gss_display_name.c: Reset out variables. - - * mech/gss_delete_sec_context.c: Reset out variables using propper - macros. - - * mech/gss_decapsulate_token.c: Reset out variables using propper - macros. - - * mech/gss_add_cred.c: Reset out variables. - - * mech/gss_acquire_cred.c: Reset out variables. - - * mech/gss_accept_sec_context.c: Reset out variables using propper - macros. - - * mech/gss_init_sec_context.c: Reset out variables. - - * mech/mech_locl.h (_mg_buffer_zero): new macro that zaps a - gss_buffer_t - -2007-01-16 Love Hörnquist Åstrand - - * mech: sprinkel _gss_mg_error - - * mech/gss_display_status.c (gss_display_status): use - _gss_mg_get_error to fetch the error from underlaying mech, if it - failes, let do the regular dance for GSS-CODE version and a - generic print-the-error code for MECH-CODE. - - * mech/gss_oid_to_str.c: Don't include the NUL in the length of - the string. - - * mech/context.h: Protoypes for _gss_mg_. - - * mech/context.c: Glue to catch the error from the lower gss-api - layer and save that for later so gss_display_status() can show the - error. - - * gss.c: Detect NTLM. - -2007-01-11 Love Hörnquist Åstrand - - * mech/gss_accept_sec_context.c: spelling - -2007-01-04 Love Hörnquist Åstrand - - * Makefile.am: Include build (private) prototypes header files. - - * Makefile.am (ntlmsrc): add ntlm/ntlm-private.h - -2006-12-28 Love Hörnquist Åstrand - - * ntlm/accept_sec_context.c: Pass signseal argument to - _gss_ntlm_set_key. - - * ntlm/init_sec_context.c: Pass signseal argument to - _gss_ntlm_set_key. - - * ntlm/crypto.c (_gss_ntlm_set_key): add signseal argument - - * test_ntlm.c: add ntlmv2 test - - * ntlm/ntlm.h: break out struct ntlmv2_key; - - * ntlm/crypto.c (_gss_ntlm_set_key): set ntlm v2 keys. - - * ntlm/accept_sec_context.c: Set dummy ntlmv2 keys and Check TI. - - * ntlm/ntlm.h: NTLMv2 keys. - - * ntlm/crypto.c: NTLMv2 sign and verify. - -2006-12-20 Love Hörnquist Åstrand - - * ntlm/accept_sec_context.c: Don't send targetinfo now. - - * ntlm/init_sec_context.c: Build ntlmv2 answer buffer. - - * ntlm/init_sec_context.c: Leak less memory. - - * ntlm/init_sec_context.c: Announce that we support key exchange. - - * ntlm/init_sec_context.c: Add NTLM_NEG_NTLM2_SESSION, NTLMv2 - session security (disable because missing sign and seal). - -2006-12-19 Love Hörnquist Åstrand - - * ntlm/accept_sec_context.c: split RC4 send and recv keystreams - - * ntlm/init_sec_context.c: split RC4 send and recv keystreams - - * ntlm/ntlm.h: split RC4 send and recv keystreams - - * ntlm/crypto.c: Implement SEAL. - - * ntlm/crypto.c: move gss_wrap/gss_unwrap here - - * test_context.c: request INT and CONF from the gss layer, test - get and verify MIC. - - * ntlm/ntlm.h: add crypto bits. - - * ntlm/accept_sec_context.c: Save session master key. - - * Makefile.am: Move get and verify mic to the same file (crypto.c) - since they share code. - - * ntlm/crypto.c: Move get and verify mic to the same file since - they share code, implement NTLM v1 and dummy signatures. - - * ntlm/init_sec_context.c: pass on GSS_C_CONF_FLAG and - GSS_C_INTEG_FLAG, save the session master key - - * spnego/accept_sec_context.c: try using gss_accept_sec_context() - on the opportunistic token instead of guessing the acceptor name - and do gss_acquire_cred, this make SPNEGO work like before. - -2006-12-18 Love Hörnquist Åstrand - - * ntlm/init_sec_context.c: Calculate the NTLM version 1 "master" - key. - - * spnego/accept_sec_context.c: Resurect negHints for the acceptor - sends first packet. - - * Makefile.am: Add "windows" versions of the NegTokenInitWin and - friends. - - * test_context.c: add --wrapunwrap flag - - * spnego/compat.c: move _gss_spnego_indicate_mechtypelist() to - compat.c, use the sequence types of MechTypeList, make - add_mech_type() static. - - * spnego/accept_sec_context.c: move - _gss_spnego_indicate_mechtypelist() to compat.c - - * Makefile.am: Generate sequence code for MechTypeList - - * spnego: check that the generated acceptor mechlist is acceptable too - - * spnego/init_sec_context.c: Abstract out the initiator filter - function, it will be needed for the acceptor too. - - * spnego/accept_sec_context.c: Abstract out the initiator filter - function, it will be needed for the acceptor too. Remove negHints. - - * test_context.c: allow asserting return mech - - * ntlm/accept_sec_context.c: add _gss_ntlm_allocate_ctx - - * ntlm/acquire_cred.c: Check that the KDC seem to there and - answering us, we can't do better then that wen checking if we will - accept the credential. - - * ntlm/get_mic.c: return GSS_S_UNAVAILABLE - - * mech/utils.h: add _gss_free_oid, reverse of _gss_copy_oid - - * mech/gss_utils.c: add _gss_free_oid, reverse of _gss_copy_oid - - * spnego/spnego.asn1: Its very sad, but NegHints its are not part - of the NegTokenInit, this makes SPNEGO acceptor life a lot harder. - - * spnego: try harder to handle names better. handle missing - acceptor and initator creds better (ie dont propose/accept mech - that there are no credentials for) split NegTokenInit and - NegTokenResp in acceptor - -2006-12-16 Love Hörnquist Åstrand - - * ntlm/import_name.c: Allocate the buffer from the right length. - -2006-12-15 Love Hörnquist Åstrand - - * ntlm/init_sec_context.c (init_sec_context): Tell the other side - what domain we think we are talking to. - - * ntlm/delete_sec_context.c: free username and password - - * ntlm/release_name.c (_gss_ntlm_release_name): free name. - - * ntlm/import_name.c (_gss_ntlm_import_name): add support for - GSS_C_NT_HOSTBASED_SERVICE names - - * ntlm/ntlm.h: Add ntlm_name. - - * test_context.c: allow testing of ntlm. - - * gssapi_mech.h: add __gss_ntlm_initialize - - * ntlm/accept_sec_context.c (handle_type3): verify that the kdc - approved of the ntlm exchange too - - * mech/gss_mech_switch.c: Add the builtin ntlm mech - - * test_ntlm.c: NTLM test app. - - * mech/gss_accept_sec_context.c: Add detection of NTLMSSP. - - * gssapi/gssapi.h: add ntlm mech oid - - * ntlm/external.c: Switch OID to the ms ntlmssp oid - - * Makefile.am: Add ntlm gss-api module. - - * ntlm/accept_sec_context.c: Catch more error errors. - - * ntlm/accept_sec_context.c: Check after a credential to use. - -2006-12-14 Love Hörnquist Åstrand - - * krb5/set_sec_context_option.c (GSS_KRB5_SET_DEFAULT_REALM_X): - don't fail on success. Bug report from Stefan Metzmacher. - -2006-12-13 Love Hörnquist Åstrand - - * krb5/init_sec_context.c (init_auth): only turn on - GSS_C_CONF_FLAG and GSS_C_INT_FLAG if the caller requseted it. - From Stefan Metzmacher. - -2006-12-11 Love Hörnquist Åstrand - - * Makefile.am (libgssapi_la_OBJECTS): depends on gssapi_asn1.h - spnego_asn1.h. - -2006-11-20 Love Hörnquist Åstrand - - * krb5/acquire_cred.c: Make krb5_get_init_creds_opt_free take a - context argument. - -2006-11-16 Love Hörnquist Åstrand - - * test_context.c: Test that token keys are the same, return - actual_mech. - -2006-11-15 Love Hörnquist Åstrand - - * spnego/spnego_locl.h: Make bitfields unsigned, add maybe_open. - - * spnego/accept_sec_context.c: Use ASN.1 encoder functions to - encode CHOICE structure now that we can handle it. - - * spnego/init_sec_context.c: Use ASN.1 encoder functions to encode - CHOICE structure now that we can handle it. - - * spnego/accept_sec_context.c (_gss_spnego_accept_sec_context): - send back ad accept_completed when the security context is ->open, - w/o this the client doesn't know that the server have completed - the transaction. - - * test_context.c: Add delegate flag and check that the delegated - cred works. - - * spnego/init_sec_context.c: Keep track of the opportunistic token - in the inital message, it might be a complete gss-api context, in - that case we'll get back accept_completed without any token. With - this change, krb5 w/o mutual authentication works. - - * spnego/accept_sec_context.c: Use ASN.1 encoder functions to - encode CHOICE structure now that we can handle it. - - * spnego/accept_sec_context.c: Filter out SPNEGO from the out - supported mechs list and make sure we don't select that for the - preferred mechamism. - -2006-11-14 Love Hörnquist Åstrand - - * mech/gss_init_sec_context.c (_gss_mech_cred_find): break out the - cred finding to its own function - - * krb5/wrap.c: Better error strings, from Andrew Bartlet. - -2006-11-13 Love Hörnquist Åstrand - - * test_context.c: Create our own krb5_context. - - * krb5: Switch from using a specific error message context in the - TLS to have a whole krb5_context in TLS. This have some - interestion side-effekts for the configruration setting options - since they operate on per-thread basis now. - - * mech/gss_set_cred_option.c: When calling ->gm_set_cred_option - and checking for success, use GSS_S_COMPLETE. From Andrew Bartlet. - -2006-11-12 Love Hörnquist Åstrand - - * Makefile.am: Help solaris make even more. - - * Makefile.am: Help solaris make. - -2006-11-09 Love Hörnquist Åstrand - - * Makefile.am: remove include $(srcdir)/Makefile-digest.am for now - - * mech/gss_accept_sec_context.c: Try better guessing what is mech - we are going to select by looking harder at the input_token, idea - from Luke Howard's mechglue branch. - - * Makefile.am: libgssapi_la_OBJECTS: add depency on gkrb5_err.h - - * gssapi/gssapi_krb5.h: add GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X - - * mech/gss_krb5.c: implement gss_krb5_set_allowable_enctypes - - * gssapi/gssapi.h: GSS_KRB5_S_ - - * krb5/gsskrb5_locl.h: Include . - - * gssapi/gssapi_krb5.h: Add gss_krb5_set_allowable_enctypes. - - * Makefile.am: Build and install gkrb5_err.h - - * krb5/gkrb5_err.et: Move the GSS_KRB5_S error here. - -2006-11-08 Love Hörnquist Åstrand - - * mech/gss_krb5.c: Add gsskrb5_set_default_realm. - - * krb5/set_sec_context_option.c: Support - GSS_KRB5_SET_DEFAULT_REALM_X. - - * gssapi/gssapi_krb5.h: add GSS_KRB5_SET_DEFAULT_REALM_X - - * krb5/external.c: add GSS_KRB5_SET_DEFAULT_REALM_X - -2006-11-07 Love Hörnquist Åstrand - - * test_context.c: rename krb5_[gs]et_time_wrap to - krb5_[gs]et_max_time_skew - - * krb5/copy_ccache.c: _gsskrb5_extract_authz_data_from_sec_context - no longer used, bye bye - - * mech/gss_krb5.c: No depenency of the krb5 gssapi mech. - - * mech/gss_krb5.c (gsskrb5_extract_authtime_from_sec_context): use - _gsskrb5_decode_om_uint32. From Andrew Bartlet. - - * mech/gss_krb5.c: Add dummy gss_krb5_set_allowable_enctypes for - now. - - * spnego/spnego_locl.h: Include for compatiblity. - - * krb5/arcfour.c: Use IS_DCE_STYLE flag. There is no padding in - DCE-STYLE, don't try to use to. From Andrew Bartlett. - - * test_context.c: test wrap/unwrap, add flag for dce-style and - mutual auth, also support multi-roundtrip sessions - - * krb5/gsskrb5_locl.h: Add IS_DCE_STYLE macro. - - * krb5/accept_sec_context.c (gsskrb5_acceptor_start): use - krb5_rd_req_ctx - - * mech/gss_krb5.c (gsskrb5_get_subkey): return the per message - token subkey - - * krb5/inquire_sec_context_by_oid.c: check if there is any key at - all - -2006-11-06 Love Hörnquist Åstrand - - * krb5/inquire_sec_context_by_oid.c: Set more error strings, use - right enum for acceptor subkey. From Andrew Bartlett. - -2006-11-04 Love Hörnquist Åstrand - - * test_context.c: Test gsskrb5_extract_service_keyblock, needed in - PAC valication. From Andrew Bartlett - - * mech/gss_krb5.c: Add gsskrb5_extract_authz_data_from_sec_context - and keyblock extraction functions. - - * gssapi/gssapi_krb5.h: Add extraction of keyblock function, from - Andrew Bartlett. - - * krb5/external.c: Add GSS_KRB5_GET_SERVICE_KEYBLOCK_X - -2006-11-03 Love Hörnquist Åstrand - - * test_context.c: Rename various routines and constants from - canonize to canonicalize. From Andrew Bartlett - - * mech/gss_krb5.c: Rename various routines and constants from - canonize to canonicalize. From Andrew Bartlett - - * krb5/set_sec_context_option.c: Rename various routines and - constants from canonize to canonicalize. From Andrew Bartlett - - * krb5/external.c: Rename various routines and constants from - canonize to canonicalize. From Andrew Bartlett - - * gssapi/gssapi_krb5.h: Rename various routines and constants from - canonize to canonicalize. From Andrew Bartlett - -2006-10-25 Love Hörnquist Åstrand - - * krb5/accept_sec_context.c (gsskrb5_accept_delegated_token): need - to free ccache - -2006-10-24 Love Hörnquist Åstrand - - * test_context.c (loop): free target_name - - * mech/gss_accept_sec_context.c: SLIST_INIT the ->gc_mc' - - * mech/gss_acquire_cred.c : SLIST_INIT the ->gc_mc' - - * krb5/init_sec_context.c: Avoid leaking memory. - - * mech/gss_buffer_set.c (gss_release_buffer_set): don't leak the - ->elements memory. - - * test_context.c: make compile - - * krb5/cfx.c (_gssapi_verify_mic_cfx): always free crypto context. - - * krb5/set_cred_option.c (import_cred): free sp - -2006-10-22 Love Hörnquist Åstrand - - * mech/gss_add_oid_set_member.c: Use old implementation of - gss_add_oid_set_member, it leaks less memory. - - * krb5/test_cfx.c: free krb5_crypto. - - * krb5/test_cfx.c: free krb5_context - - * mech/gss_release_name.c (gss_release_name): free input_name - it-self. - -2006-10-21 Love Hörnquist Åstrand - - * test_context.c: Call setprogname. - - * mech/gss_krb5.c: Add gsskrb5_extract_authtime_from_sec_context. - - * gssapi/gssapi_krb5.h: add - gsskrb5_extract_authtime_from_sec_context - -2006-10-20 Love Hörnquist Åstrand - - * krb5/inquire_sec_context_by_oid.c: Add get_authtime. - - * krb5/external.c: add GSS_KRB5_GET_AUTHTIME_X - - * gssapi/gssapi_krb5.h: add GSS_KRB5_GET_AUTHTIME_X - - * krb5/set_sec_context_option.c: Implement GSS_KRB5_SEND_TO_KDC_X. - - * mech/gss_krb5.c: Add gsskrb5_set_send_to_kdc - - * gssapi/gssapi_krb5.h: Add GSS_KRB5_SEND_TO_KDC_X and - gsskrb5_set_send_to_kdc - - * krb5/external.c: add GSS_KRB5_SEND_TO_KDC_X - - * Makefile.am: more files - -2006-10-19 Love Hörnquist Åstrand - - * Makefile.am: remove spnego/gssapi_spnego.h, its now in gssapi/ - - * test_context.c: Allow specifing mech. - - * krb5/external.c: add GSS_SASL_DIGEST_MD5_MECHANISM (for now) - - * gssapi/gssapi.h: Rename GSS_DIGEST_MECHANISM to - GSS_SASL_DIGEST_MD5_MECHANISM - -2006-10-18 Love Hörnquist Åstrand - - * mech/gssapi.asn1: Make it into a heim_any_set, its doesn't - except a tag. - - * mech/gssapi.asn1: GSSAPIContextToken is IMPLICIT SEQUENCE - - * gssapi/gssapi_krb5.h: add GSS_KRB5_GET_ACCEPTOR_SUBKEY_X - - * krb5/external.c: Add GSS_KRB5_GET_ACCEPTOR_SUBKEY_X. - - * gssapi/gssapi_krb5.h: add GSS_KRB5_GET_INITIATOR_SUBKEY_X and - GSS_KRB5_GET_SUBKEY_X - - * krb5/external.c: add GSS_KRB5_GET_INITIATOR_SUBKEY_X, - GSS_KRB5_GET_SUBKEY_X - -2006-10-17 Love Hörnquist Åstrand - - * test_context.c: Support switching on name type oid's - - * test_context.c: add test for dns canon flag - - * mech/gss_krb5.c: Add gsskrb5_set_dns_canonlize. - - * gssapi/gssapi_krb5.h: remove gss_krb5_compat_des3_mic - - * gssapi/gssapi_krb5.h: Add gsskrb5_set_dns_canonlize. - - * krb5/set_sec_context_option.c: implement - GSS_KRB5_SET_DNS_CANONIZE_X - - * gssapi/gssapi_krb5.h: add GSS_KRB5_SET_DNS_CANONIZE_X - - * krb5/external.c: add GSS_KRB5_SET_DNS_CANONIZE_X - - * mech/gss_krb5.c: add bits to make lucid context work - -2006-10-14 Love Hörnquist Åstrand - - * mech/gss_oid_to_str.c: Prefix der primitives with der_. - - * krb5/inquire_sec_context_by_oid.c: Prefix der primitives with - der_. - - * krb5/encapsulate.c: Prefix der primitives with der_. - - * mech/gss_oid_to_str.c: New der_print_heim_oid signature. - -2006-10-12 Love Hörnquist Åstrand - - * Makefile.am: add test_context - - * krb5/inquire_sec_context_by_oid.c: Make it work. - - * test_oid.c: Test lucid oid. - - * gssapi/gssapi.h: Add OM_uint64_t. - - * krb5/inquire_sec_context_by_oid.c: Add lucid interface. - - * krb5/external.c: Add lucid interface, renumber oids to my - delegated space. - - * mech/gss_krb5.c: Add lucid interface. - - * gssapi/gssapi_krb5.h: Add lucid interface. - - * spnego/spnego_locl.h: Maybe include . - -2006-10-09 Love Hörnquist Åstrand - - * mech/gss_mech_switch.c: define RTLD_LOCAL to 0 if not defined. - -2006-10-08 Love Hörnquist Åstrand - - * Makefile.am: install gssapi_krb5.H and gssapi_spnego.h - - * gssapi/gssapi_krb5.h: Move krb5 stuff to . - - * gssapi/gssapi.h: Move krb5 stuff to . - - * Makefile.am: Drop some -I no longer needed. - - * gssapi/gssapi_spnego.h: Move gssapi_spengo.h over here. - - * krb5: reference all include files using 'krb5/' - -2006-10-07 Love Hörnquist Åstrand - - * gssapi.h: Add file inclusion protection. - - * gssapi/gssapi.h: Correct header file inclusion protection. - - * gssapi/gssapi.h: Move the gssapi.h from lib/gssapi/ to - lib/gssapi/gssapi/ to please automake. - - * spnego/spnego_locl.h: Maybe include . - - * mech/mech_locl.h: Include . - - * Makefile.am: split build files into dist_ and noinst_ SOURCES - -2006-10-06 Love Hörnquist Åstrand - - * gss.c: #if 0 out unused code. - - * mech/gss_mech_switch.c: Cast argument to ctype(3) functions - to (unsigned char). - -2006-10-05 Love Hörnquist Åstrand - - * mech/name.h: remove - - * mech/mech_switch.h: remove - - * mech/cred.h: remove - -2006-10-02 Love Hörnquist Åstrand - - * krb5/arcfour.c: Thinker more with header lengths. - - * krb5/arcfour.c: Improve the calcucation of header - lengths. DCE-STYLE data is also padded so remove if (1 || ...) - code. - - * krb5/wrap.c (_gsskrb5_wrap_size_limit): use - _gssapi_wrap_size_arcfour for arcfour - - * krb5/arcfour.c: Move _gssapi_wrap_size_arcfour here. - - * Makefile.am: Split all mech to diffrent mechsrc variables. - - * spnego/context_stubs.c: Make internal function static (and - rename). - -2006-10-01 Love Hörnquist Åstrand - - * krb5/inquire_cred.c: Fix "if (x) lock(y)" bug. From Harald - Barth. - - * spnego/spnego_locl.h: Include for MAXHOSTNAMELEN. - -2006-09-25 Love Hörnquist Åstrand - - * krb5/arcfour.c: Add wrap support, interrop with itself but not - w2k3s-sp1 - - * krb5/gsskrb5_locl.h: move the arcfour specific stuff to the - arcfour header. - - * krb5/arcfour.c: Support DCE-style unwrap, tested with - w2k3server-sp1. - - * mech/gss_accept_sec_context.c (gss_accept_sec_context): if the - token doesn't start with [APPLICATION 0] SEQUENCE, lets assume its - a DCE-style kerberos 5 connection. XXX this needs to be made - better in cause we get another GSS-API protocol violating - protocol. It should be possible to detach the Kerberos DCE-style - since it starts with a AP-REQ PDU, but that have to wait for now. - -2006-09-22 Love Hörnquist Åstrand - - * gssapi.h: Add GSS_C flags from - draft-brezak-win2k-krb-rc4-hmac-04.txt. - - * krb5/delete_sec_context.c: Free service_keyblock and fwd_data, - indent. - - * krb5/accept_sec_context.c: Merge of the acceptor part from the - samba patch by Stefan Metzmacher and Andrew Bartlet. - - * krb5/init_sec_context.c: Add GSS_C_DCE_STYLE. - - * krb5/{init_sec_context.c,gsskrb5_locl.h}: merge most of the - initiator part from the samba patch by Stefan Metzmacher and - Andrew Bartlet (still missing DCE/RPC support) - -2006-08-28 Love Hörnquist Åstrand - - * gss.c (help): use sl_slc_help(). - -2006-07-22 Love Hörnquist Åstrand - - * gss-commands.in: rename command to supported-mechanisms - - * Makefile.am: Make gss objects depend on the slc built - gss-commands.h - -2006-07-20 Love Hörnquist Åstrand - - * gss-commands.in: add slc commands for gss - - * krb5/gsskrb5_locl.h: Remove dup prototype of _gsskrb5_init() - - * Makefile.am: Add test_cfx - - * krb5/external.c: add GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X - - * krb5/set_sec_context_option.c: catch - GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X - - * krb5/accept_sec_context.c: reimplement - gsskrb5_register_acceptor_identity - - * mech/gss_krb5.c: implement gsskrb5_register_acceptor_identity - - * mech/gss_inquire_mechs_for_name.c: call _gss_load_mech - - * mech/gss_inquire_cred.c (gss_inquire_cred): call _gss_load_mech - - * mech/gss_mech_switch.c: Make _gss_load_mech() atomic and run - only once, this have the side effect that _gss_mechs and - _gss_mech_oids is only initialized once, so if just the users of - these two global variables calls _gss_load_mech() first, it will - act as a barrier and make sure the variables are never changed and - we don't need to lock them. - - * mech/utils.h: no need to mark functions extern. - - * mech/name.h: no need to mark _gss_find_mn extern. - -2006-07-19 Love Hörnquist Åstrand - - * krb5/cfx.c: Redo the wrap length calculations. - - * krb5/test_cfx.c: test max_wrap_size in cfx.c - - * mech/gss_display_status.c: Handle more error codes. - -2006-07-07 Love Hörnquist Åstrand - - * mech/mech_locl.h: Include and "mechqueue.h" - - * mech/mechqueue.h: Add SLIST macros. - - * krb5/inquire_context.c: Don't free return values on success. - - * krb5/inquire_cred.c (_gsskrb5_inquire_cred): When cred provided - is the default cred, acquire the acceptor cred and initator cred - in two diffrent steps and then query them for the information, - this way, the code wont fail if there are no keytab, but there is - a credential cache. - - * mech/gss_inquire_cred.c: move the check if we found any cred - where it matter for both cases - (default cred and provided cred) - - * mech/gss_init_sec_context.c: If the desired mechanism can't - convert the name to a MN, fail with GSS_S_BAD_NAME rather then a - NULL de-reference. - -2006-07-06 Love Hörnquist Åstrand - - * spnego/external.c: readd gss_spnego_inquire_names_for_mech - - * spnego/spnego_locl.h: reimplement - gss_spnego_inquire_names_for_mech add support function - _gss_spnego_supported_mechs - - * spnego/context_stubs.h: reimplement - gss_spnego_inquire_names_for_mech add support function - _gss_spnego_supported_mechs - - * spnego/context_stubs.c: drop gss_spnego_indicate_mechs - - * mech/gss_indicate_mechs.c: if the underlaying mech doesn't - support gss_indicate_mechs, use the oid in the mechswitch - structure - - * spnego/external.c: let the mech glue layer implement - gss_indicate_mechs - - * spnego/cred_stubs.c (gss_spnego_acquire_cred): don't care about - desired_mechs, get our own list with indicate_mechs and remove - ourself. - -2006-07-05 Love Hörnquist Åstrand - - * spnego/external.c: remove gss_spnego_inquire_names_for_mech, let - the mechglue layer implement it - - * spnego/context_stubs.c: remove gss_spnego_inquire_names_for_mech, let - the mechglue layer implement it - - * spnego/spnego_locl.c: remove gss_spnego_inquire_names_for_mech, let - the mechglue layer implement it - -2006-07-01 Love Hörnquist Åstrand - - * mech/gss_set_cred_option.c: fix argument to gss_release_cred - -2006-06-30 Love Hörnquist Åstrand - - * krb5/init_sec_context.c: Make work on compilers that are - somewhat more picky then gcc4 (like gcc2.95) - - * krb5/init_sec_context.c (do_delegation): use KDCOptions2int to - convert fwd_flags to an integer, since otherwise int2KDCOptions in - krb5_get_forwarded_creds wont do the right thing. - - * mech/gss_set_cred_option.c (gss_set_cred_option): free memory on - failure - - * krb5/set_sec_context_option.c (_gsskrb5_set_sec_context_option): - init global kerberos context - - * krb5/set_cred_option.c (_gsskrb5_set_cred_option): init global - kerberos context - - * mech/gss_accept_sec_context.c: Insert the delegated sub cred on - the delegated cred handle, not cred handle - - * mech/gss_accept_sec_context.c (gss_accept_sec_context): handle - the case where ret_flags == NULL - - * mech/gss_mech_switch.c (add_builtin): set - _gss_mech_switch->gm_mech_oid - - * mech/gss_set_cred_option.c (gss_set_cred_option): laod mechs - - * test_cred.c (gss_print_errors): don't try to print error when - gss_display_status failed - - * Makefile.am: Add mech/gss_release_oid.c - - * mech/gss_release_oid.c: Add gss_release_oid, reverse of - gss_duplicate_oid - - * spnego/compat.c: preferred_mech_type was allocated with - gss_duplicate_oid in one place and assigned static varianbles a - the second place. change that static assignement to - gss_duplicate_oid and bring back gss_release_oid. - - * spnego/compat.c (_gss_spnego_delete_sec_context): don't release - preferred_mech_type and negotiated_mech_type, they where never - allocated from the begining. - -2006-06-29 Love Hörnquist Åstrand - - * mech/gss_import_name.c (gss_import_name): avoid - type-punned/strict aliasing rules - - * mech/gss_add_cred.c: avoid type-punned/strict aliasing rules - - * gssapi.h: Make gss_name_t an opaque type. - - * krb5: make gss_name_t an opaque type - - * krb5/set_cred_option.c: Add - - * mech/gss_set_cred_option.c (gss_set_cred_option): support the - case where *cred_handle == NULL - - * mech/gss_krb5.c (gss_krb5_import_cred): make sure cred is - GSS_C_NO_CREDENTIAL on failure. - - * mech/gss_acquire_cred.c (gss_acquire_cred): if desired_mechs is - NO_OID_SET, there is a need to load the mechs, so always do that. - -2006-06-28 Love Hörnquist Åstrand - - * krb5/inquire_cred_by_oid.c: Reimplement GSS_KRB5_COPY_CCACHE_X - to instead pass a fullname to the credential, then resolve and - copy out the content, and then close the cred. - - * mech/gss_krb5.c: Reimplement GSS_KRB5_COPY_CCACHE_X to instead - pass a fullname to the credential, then resolve and copy out the - content, and then close the cred. - - * krb5/inquire_cred_by_oid.c: make "work", GSS_KRB5_COPY_CCACHE_X - interface needs to be re-done, currently its utterly broken. - - * mech/gss_set_cred_option.c: Make work. - - * krb5/external.c: Add _gsskrb5_set_{sec_context,cred}_option - - * mech/gss_krb5.c (gss_krb5_import_cred): implement - - * Makefile.am: Add gss_set_{sec_context,cred}_option and sort - - * mech/gss_set_{sec_context,cred}_option.c: add - - * gssapi.h: Add GSS_KRB5_IMPORT_CRED_X - - * test_*.c: make compile again - - * Makefile.am: Add lib dependencies and test programs - - * spnego: remove dependency on libkrb5 - - * mech: Bug fixes, cleanup, compiler warnings, restructure code. - - * spnego: Rename gss_context_id_t and gss_cred_id_t to local names - - * krb5: repro copy the krb5 files here - - * mech: import Doug Rabson mechglue from freebsd - - * spnego: Import Luke Howard's SPNEGO from the mechglue branch - -2006-06-22 Love Hörnquist Åstrand - - * gssapi.h: Add oid_to_str. - - * Makefile.am: add oid_to_str and test_oid - - * oid_to_str.c: Add gss_oid_to_str - - * test_oid.c: Add test for gss_oid_to_str() - -2006-05-13 Love Hörnquist Åstrand - - * verify_mic.c: Less pointer signedness warnings. - - * unwrap.c: Less pointer signedness warnings. - - * arcfour.c: Less pointer signedness warnings. - - * gssapi_locl.h: Use const void * to instead of unsigned char * to - avoid pointer signedness warnings. - - * encapsulate.c: Use const void * to instead of unsigned char * to - avoid pointer signedness warnings. - - * decapsulate.c: Use const void * to instead of unsigned char * to - avoid pointer signedness warnings. - - * decapsulate.c: Less pointer signedness warnings. - - * cfx.c: Less pointer signedness warnings. - - * init_sec_context.c: Less pointer signedness warnings (partly by - using the new asn.1 CHOICE decoder) - - * import_sec_context.c: Less pointer signedness warnings. - -2006-05-09 Love Hörnquist Åstrand - - * accept_sec_context.c (gsskrb5_is_cfx): always set is_cfx. From - Andrew Abartlet. - -2006-05-08 Love Hörnquist Åstrand - - * get_mic.c (mic_des3): make sure message_buffer doesn't point to - free()ed memory on failure. Pointed out by IBM checker. - -2006-05-05 Love Hörnquist Åstrand - - * Rename u_intXX_t to uintXX_t - -2006-05-04 Love Hörnquist Åstrand - - * cfx.c: Less pointer signedness warnings. - - * arcfour.c: Avoid pointer signedness warnings. - - * gssapi_locl.h (gssapi_decode_*): make data argument const void * - - * 8003.c (gssapi_decode_*): make data argument const void * - -2006-04-12 Love Hörnquist Åstrand - - * export_sec_context.c: Export sequence order element. From Wynn - Wilkes . - - * import_sec_context.c: Import sequence order element. From Wynn - Wilkes . - - * sequence.c (_gssapi_msg_order_import,_gssapi_msg_order_export): - New functions, used by {import,export}_sec_context. From Wynn - Wilkes . - - * test_sequence.c: Add test for import/export sequence. - -2006-04-09 Love Hörnquist Åstrand - - * add_cred.c: Check that cred != GSS_C_NO_CREDENTIAL, this is a - standard conformance failure, but much better then a crash. - -2006-04-02 Love Hörnquist Åstrand - - * get_mic.c (get_mic*)_: make sure message_token is cleaned on - error, found by IBM checker. - - * wrap.c (wrap*): Reset output_buffer on error, found by IBM - checker. - -2006-02-15 Love Hörnquist Åstrand - - * import_name.c: Accept both GSS_C_NT_HOSTBASED_SERVICE and - GSS_C_NT_HOSTBASED_SERVICE_X as nametype for hostbased names. - -2006-01-16 Love Hörnquist Åstrand - - * delete_sec_context.c (gss_delete_sec_context): if the context - handle is GSS_C_NO_CONTEXT, don't fall over. - -2005-12-12 Love Hörnquist Åstrand - - * gss_acquire_cred.3: Replace gss_krb5_import_ccache with - gss_krb5_import_cred and add more references - -2005-12-05 Love Hörnquist Åstrand - - * gssapi.h: Change gss_krb5_import_ccache to gss_krb5_import_cred, - it can handle keytabs too. - - * add_cred.c (gss_add_cred): avoid deadlock - - * context_time.c (gssapi_lifetime_left): define the 0 lifetime as - GSS_C_INDEFINITE. - -2005-12-01 Love Hörnquist Åstrand - - * acquire_cred.c (acquire_acceptor_cred): only check if principal - exists if we got called with principal as an argument. - - * acquire_cred.c (acquire_acceptor_cred): check that the acceptor - exists in the keytab before returning ok. - -2005-11-29 Love Hörnquist Åstrand - - * copy_ccache.c (gss_krb5_import_cred): fix buglet, from Andrew - Bartlett. - -2005-11-25 Love Hörnquist Åstrand - - * test_kcred.c: Rename gss_krb5_import_ccache to - gss_krb5_import_cred. - - * copy_ccache.c: Rename gss_krb5_import_ccache to - gss_krb5_import_cred and let it grow code to handle keytabs too. - -2005-11-02 Love Hörnquist Åstrand - - * init_sec_context.c: Change sematics of ok-as-delegate to match - windows if - [gssapi]realm/ok-as-delegate=true is set, otherwise keep old - sematics. - - * release_cred.c (gss_release_cred): use - GSS_CF_DESTROY_CRED_ON_RELEASE to decide if the cache should be - krb5_cc_destroy-ed - - * acquire_cred.c (acquire_initiator_cred): - GSS_CF_DESTROY_CRED_ON_RELEASE on created credentials. - - * accept_sec_context.c (gsskrb5_accept_delegated_token): rewrite - to use gss_krb5_import_ccache - -2005-11-01 Love Hörnquist Åstrand - - * arcfour.c: Remove signedness warnings. - -2005-10-31 Love Hörnquist Åstrand - - * gss_acquire_cred.3: Document that gss_krb5_import_ccache is copy - by reference. - - * copy_ccache.c (gss_krb5_import_ccache): Instead of making a copy - of the ccache, make a reference by getting the name and resolving - the name. This way the cache is shared, this flipp side is of - course that if someone calls krb5_cc_destroy the cache is lost for - everyone. - - * test_kcred.c: Remove memory leaks. - -2005-10-26 Love Hörnquist Åstrand - - * Makefile.am: build test_kcred - - * gss_acquire_cred.3: Document gss_krb5_import_ccache - - * gssapi.3: Sort and add gss_krb5_import_ccache. - - * acquire_cred.c (_gssapi_krb5_ccache_lifetime): break out code - used to extract lifetime from a credential cache - - * gssapi_locl.h: Add _gssapi_krb5_ccache_lifetime, used to extract - lifetime from a credential cache. - - * gssapi.h: add gss_krb5_import_ccache, reverse of - gss_krb5_copy_ccache - - * copy_ccache.c: add gss_krb5_import_ccache, reverse of - gss_krb5_copy_ccache - - * test_kcred.c: test gss_krb5_import_ccache - -2005-10-21 Love Hörnquist Åstrand - - * acquire_cred.c (acquire_initiator_cred): use krb5_cc_cache_match - to find a matching creditial cache, if that failes, fallback to - the default cache. - -2005-10-12 Love Hörnquist Åstrand - - * gssapi_locl.h: Add gssapi_krb5_set_status and - gssapi_krb5_clear_status - - * init_sec_context.c (spnego_reply): Don't pass back raw Kerberos - errors, use GSS-API errors instead. From Michael B Allen. - - * display_status.c: Add gssapi_krb5_clear_status, - gssapi_krb5_set_status for handling error messages. - -2005-08-23 Love Hörnquist Åstrand - - * external.c: Use rk_UNCONST to avoid const warning. - - * display_status.c: Constify strings to avoid warnings. - -2005-08-11 Love Hörnquist Åstrand - - * init_sec_context.c: avoid warnings, update (c) - -2005-07-13 Love Hörnquist Åstrand - - * init_sec_context.c (spnego_initial): use NegotiationToken - encoder now that we have one with the new asn1. compiler. - - * Makefile.am: the new asn.1 compiler includes the modules name in - the depend file - -2005-06-16 Love Hörnquist Åstrand - - * decapsulate.c: use rk_UNCONST - - * ccache_name.c: rename to avoid shadowing - - * gssapi_locl.h: give kret in GSSAPI_KRB5_INIT a more unique name - - * process_context_token.c: use rk_UNCONST to unconstify - - * test_cred.c: rename optind to optidx - -2005-05-30 Love Hörnquist Åstrand - - * init_sec_context.c (init_auth): honor ok-as-delegate if local - configuration approves - - * gssapi_locl.h: prototype for _gss_check_compat - - * compat.c: export check_compat as _gss_check_compat - -2005-05-29 Love Hörnquist Åstrand - - * init_sec_context.c: Prefix Der_class with ASN1_C_ to avoid - problems with system headerfiles that pollute the name space. - - * accept_sec_context.c: Prefix Der_class with ASN1_C_ to avoid - problems with system headerfiles that pollute the name space. - -2005-05-17 Love Hörnquist Åstrand - - * init_sec_context.c (init_auth): set - KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED (for java compatibility), - also while here, use krb5_auth_con_addflags - -2005-05-06 Love Hörnquist Åstrand - - * arcfour.c (_gssapi_wrap_arcfour): fix calculating the encap - length. From: Tom Maher - -2005-05-02 Dave Love - - * test_cred.c (main): Call setprogname. - -2005-04-27 Love Hörnquist Åstrand - - * prefix all sequence symbols with _, they are not part of the - GSS-API api. By comment from Wynn Wilkes - -2005-04-10 Love Hörnquist Åstrand - - * accept_sec_context.c: break out the processing of the delegated - credential to a separate function to make error handling easier, - move the credential handling to after other setup is done - - * test_sequence.c: make less verbose in case of success - - * Makefile.am: add test_sequence to TESTS - -2005-04-01 Love Hörnquist Åstrand - - * 8003.c (gssapi_krb5_verify_8003_checksum): check that cksum - isn't NULL From: Nicolas Pouvesle - -2005-03-21 Love Hörnquist Åstrand - - * Makefile.am: use $(LIB_roken) - -2005-03-16 Love Hörnquist Åstrand - - * display_status.c (gssapi_krb5_set_error_string): pass in the - krb5_context to krb5_free_error_string - -2005-03-15 Love Hörnquist Åstrand - - * display_status.c (gssapi_krb5_set_error_string): don't misuse - the krb5_get_error_string api - -2005-03-01 Love Hörnquist Åstrand - - * compat.c (_gss_DES3_get_mic_compat): don't unlock mutex - here. Bug reported by Stefan Metzmacher - -2005-02-21 Luke Howard - - * init_sec_context.c: don't call krb5_get_credentials() with - KRB5_TC_MATCH_KEYTYPE, it can lead to the credentials cache - growing indefinitely as no key is found with KEYTYPE_NULL - - * compat.c: remove GSS_C_EXPECTING_MECH_LIST_MIC_FLAG, it is - no longer used (however the mechListMIC behaviour is broken, - rfc2478bis support requires the code in the mechglue branch) - - * init_sec_context.c: remove GSS_C_EXPECTING_MECH_LIST_MIC_FLAG - - * gssapi.h: remove GSS_C_EXPECTING_MECH_LIST_MIC_FLAG - -2005-01-05 Luke Howard - - * 8003.c: use symbolic name for checksum type - - * accept_sec_context.c: allow client to indicate - that subkey should be used - - * acquire_cred.c: plug leak - - * get_mic.c: use gss_krb5_get_subkey() instead - of gss_krb5_get_{local,remote}key(), support - KEYTYPE_ARCFOUR_56 - - * gssapi_local.c: use gss_krb5_get_subkey(), - support KEYTYPE_ARCFOUR_56 - - * import_sec_context.c: plug leak - - * unwrap.c: use gss_krb5_get_subkey(), - support KEYTYPE_ARCFOUR_56 - - * verify_mic.c: use gss_krb5_get_subkey(), - support KEYTYPE_ARCFOUR_56 - - * wrap.c: use gss_krb5_get_subkey(), - support KEYTYPE_ARCFOUR_56 - -2004-11-30 Love Hörnquist Åstrand - - * inquire_cred.c: Reverse order of HEIMDAL_MUTEX_unlock and - gss_release_cred to avoid deadlock, from Luke Howard - . - -2004-09-06 Love Hörnquist Åstrand - - * gss_acquire_cred.3: gss_krb5_extract_authz_data_from_sec_context - was renamed to gsskrb5_extract_authz_data_from_sec_context - -2004-08-07 Love Hörnquist Åstrand - - * unwrap.c: mutex buglet, From: Luke Howard - - * arcfour.c: mutex buglet, From: Luke Howard - -2004-05-06 Love Hörnquist Åstrand - - * gssapi.3: spelling from Josef El-Rayes while - here, write some text about the SPNEGO situation - -2004-04-08 Love Hörnquist Åstrand - - * cfx.c: s/CTXAcceptorSubkey/CFXAcceptorSubkey/ - -2004-04-07 Love Hörnquist Åstrand - - * gssapi.h: add GSS_C_EXPECTING_MECH_LIST_MIC_FLAG From: Luke - Howard - - * init_sec_context.c (spnego_reply): use - _gss_spnego_require_mechlist_mic to figure out if we need to check - MechListMIC; From: Luke Howard - - * accept_sec_context.c (send_accept): use - _gss_spnego_require_mechlist_mic to figure out if we need to send - MechListMIC; From: Luke Howard - - * gssapi_locl.h: add _gss_spnego_require_mechlist_mic - From: Luke Howard - - * compat.c: add _gss_spnego_require_mechlist_mic for compatibility - with MS SPNEGO, From: Luke Howard - -2004-04-05 Love Hörnquist Åstrand - - * accept_sec_context.c (gsskrb5_is_cfx): krb5_keyblock->keytype is - an enctype, not keytype - - * accept_sec_context.c: use ASN1_MALLOC_ENCODE - - * init_sec_context.c: avoid the malloc loop and just allocate the - propper amount of data - - * init_sec_context.c (spnego_initial): handle mech_token better - -2004-03-19 Love Hörnquist Åstrand - - * gssapi.h: add gss_krb5_get_tkt_flags - - * Makefile.am: add ticket_flags.c - - * ticket_flags.c: Get ticket-flags from acceptor ticket From: Luke - Howard - - * gss_acquire_cred.3: document gss_krb5_get_tkt_flags - -2004-03-14 Love Hörnquist Åstrand - - * acquire_cred.c (gss_acquire_cred): check usage before even - bothering to process it, add both keytab and initial tgt if - requested - - * wrap.c: support cfx, try to handle acceptor asserted subkey - - * unwrap.c: support cfx, try to handle acceptor asserted subkey - - * verify_mic.c: support cfx - - * get_mic.c: support cfx - - * test_sequence.c: handle changed signature of - gssapi_msg_order_create - - * import_sec_context.c: handle acceptor asserted subkey - - * init_sec_context.c: handle acceptor asserted subkey - - * accept_sec_context.c: handle acceptor asserted subkey - - * sequence.c: add dummy use_64 argument to gssapi_msg_order_create - - * gssapi_locl.h: add partial support for CFX - - * Makefile.am (noinst_PROGRAMS) += test_cred - - * test_cred.c: gssapi credential testing - - * test_acquire_cred.c: fix comment - -2004-03-07 Love Hörnquist Åstrand - - * arcfour.h: drop structures for message formats, no longer used - - * arcfour.c: comment describing message formats - - * accept_sec_context.c (spnego_accept_sec_context): make sure the - length of the choice element doesn't overrun us - - * init_sec_context.c (spnego_reply): make sure the length of the - choice element doesn't overrun us - - * spnego.asn1: move NegotiationToken to avoid warning - - * spnego.asn1: uncomment NegotiationToken - - * Makefile.am: spnego_files += asn1_NegotiationToken.x - -2004-01-25 Love Hörnquist Åstrand - - * gssapi.h: add gss_krb5_ccache_name - - * Makefile.am (libgssapi_la_SOURCES): += ccache_name.c - - * ccache_name.c (gss_krb5_ccache_name): help function enable to - set krb5 name, using out_name argument makes function no longer - thread-safe - - * gssapi.3: add missing gss_krb5_ references - - * gss_acquire_cred.3: document gss_krb5_ccache_name - -2003-12-12 Love Hörnquist Åstrand - - * cfx.c: make rrc a modulus operation if its longer then the - length of the message, noticed by Sam Hartman - -2003-12-07 Love Hörnquist Åstrand - - * accept_sec_context.c: use krb5_auth_con_addflags - -2003-12-05 Love Hörnquist Åstrand - - * cfx.c: Wrap token id was in wrong order, found by Sam Hartman - -2003-12-04 Love Hörnquist Åstrand - - * cfx.c: add AcceptorSubkey (but no code understand it yet) ignore - unknown token flags - -2003-11-22 Love Hörnquist Åstrand - - * accept_sec_context.c: Don't require timestamp to be set on - delegated token, its already protected by the outer token (and - windows doesn't alway send it) Pointed out by Zi-Bin Yang - on heimdal-discuss - -2003-11-14 Love Hörnquist Åstrand - - * cfx.c: fix {} error, pointed out by Liqiang Zhu - -2003-11-10 Love Hörnquist Åstrand - - * cfx.c: Sequence number should be stored in bigendian order From: - Luke Howard - -2003-11-09 Love Hörnquist Åstrand - - * delete_sec_context.c (gss_delete_sec_context): don't free - ticket, krb5_free_ticket does that now - -2003-11-06 Love Hörnquist Åstrand - - * cfx.c: checksum the header last in MIC token, update to -03 - From: Luke Howard - -2003-10-07 Love Hörnquist Åstrand - - * add_cred.c: If its a MEMORY cc, make a copy. We need to do this - since now gss_release_cred will destroy the cred. This should be - really be solved a better way. - - * acquire_cred.c (gss_release_cred): if its a mcc, destroy it - rather the just release it Found by: "Zi-Bin Yang" - - - * acquire_cred.c (acquire_initiator_cred): use kret instead of ret - where appropriate - -2003-09-30 Love Hörnquist Åstrand - - * gss_acquire_cred.3: spelling - From: jmc - -2003-09-23 Love Hörnquist Åstrand - - * cfx.c: - EC and RRC are big-endian, not little-endian - The - default is now to rotate regardless of GSS_C_DCE_STYLE. There are - no longer any references to GSS_C_DCE_STYLE. - rrc_rotate() - avoids allocating memory on the heap if rrc <= 256 - From: Luke Howard - -2003-09-22 Love Hörnquist Åstrand - - * cfx.[ch]: rrc_rotate() was untested and broken, fix it. - Set and verify wrap Token->Filler. - Correct token ID for wrap tokens, - were accidentally swapped with delete tokens. - From: Luke Howard - -2003-09-21 Love Hörnquist Åstrand - - * cfx.[ch]: no ASN.1-ish header on per-message tokens - From: Luke Howard - -2003-09-19 Love Hörnquist Åstrand - - * arcfour.h: remove depenency on gss_arcfour_mic_token and - gss_arcfour_warp_token - - * arcfour.c: remove depenency on gss_arcfour_mic_token and - gss_arcfour_warp_token - -2003-09-18 Love Hörnquist Åstrand - - * 8003.c: remove #if 0'ed code - -2003-09-17 Love Hörnquist Åstrand - - * accept_sec_context.c (gsskrb5_accept_sec_context): set sequence - number when not requesting mutual auth From: Luke Howard - - - * init_sec_context.c (init_auth): set sequence number when not - requesting mutual auth From: Luke Howard - -2003-09-16 Love Hörnquist Åstrand - - * arcfour.c (*): set minor_status - (gss_wrap): set conf_state to conf_req_flags on success - From: Luke Howard - - * wrap.c (gss_wrap_size_limit): use existing function From: Luke - Howard - -2003-09-12 Love Hörnquist Åstrand - - * indicate_mechs.c (gss_indicate_mechs): in case of error, free - mech_set - - * indicate_mechs.c (gss_indicate_mechs): add SPNEGO - -2003-09-10 Love Hörnquist Åstrand - - * init_sec_context.c (spnego_initial): catch errors and return - them - - * init_sec_context.c (spnego_initial): add #if 0 out version of - the CHOICE branch encoding, also where here, free no longer used - memory - -2003-09-09 Love Hörnquist Åstrand - - * gss_acquire_cred.3: support GSS_SPNEGO_MECHANISM - - * accept_sec_context.c: SPNEGO doesn't include gss wrapping on - SubsequentContextToken like the Kerberos 5 mech does. - - * init_sec_context.c (spnego_reply): SPNEGO doesn't include gss - wrapping on SubsequentContextToken like the Kerberos 5 mech - does. Lets check for it anyway. - - * accept_sec_context.c: Add support for SPNEGO on the initator - side. Implementation initially from Assar Westerlund, passes - though quite a lot of hands before I commited it. - - * init_sec_context.c: Add support for SPNEGO on the initator side. - Tested with ldap server on a Windows 2000 DC. Implementation - initially from Assar Westerlund, passes though quite a lot of - hands before I commited it. - - * gssapi.h: export GSS_SPNEGO_MECHANISM - - * gssapi_locl.h: include spnego_as.h add prototype for - gssapi_krb5_get_mech - - * decapsulate.c (gssapi_krb5_get_mech): make non static - - * Makefile.am: build SPNEGO file - -2003-09-08 Love Hörnquist Åstrand - - * external.c: SPENGO and IAKERB oids - - * spnego.asn1: SPENGO ASN1 - -2003-09-05 Love Hörnquist Åstrand - - * cfx.c: RRC also need to be zero before wraping them - From: Luke Howard - -2003-09-04 Love Hörnquist Åstrand - - * encapsulate.c (gssapi_krb5_encap_length): don't return void - -2003-09-03 Love Hörnquist Åstrand - - * verify_mic.c: switch from the des_ to the DES_ api - - * get_mic.c: switch from the des_ to the DES_ api - - * unwrap.c: switch from the des_ to the DES_ api - - * wrap.c: switch from the des_ to the DES_ api - - * cfx.c: EC is not included in the checksum since the length might - change depending on the data. From: Luke Howard - - * acquire_cred.c: use - krb5_get_init_creds_opt_alloc/krb5_get_init_creds_opt_free - -2003-09-01 Love Hörnquist Åstrand - - * copy_ccache.c: rename - gss_krb5_extract_authz_data_from_sec_context to - gsskrb5_extract_authz_data_from_sec_context - - * gssapi.h: rename gss_krb5_extract_authz_data_from_sec_context to - gsskrb5_extract_authz_data_from_sec_context - -2003-08-31 Love Hörnquist Åstrand - - * copy_ccache.c (gss_krb5_extract_authz_data_from_sec_context): - check that we have a ticket before we start to use it - - * gss_acquire_cred.3: document - gss_krb5_extract_authz_data_from_sec_context - - * gssapi.h (gss_krb5_extract_authz_data_from_sec_context): - return the kerberos authorizationdata, from idea of Luke Howard - - * copy_ccache.c (gss_krb5_extract_authz_data_from_sec_context): - return the kerberos authorizationdata, from idea of Luke Howard - - * verify_mic.c (gss_verify_mic_internal): switch type and key - argument - -2003-08-30 Love Hörnquist Åstrand - - * cfx.[ch]: draft-ietf-krb-wg-gssapi-cfx-01.txt implemetation - From: Luke Howard - -2003-08-28 Love Hörnquist Åstrand - - * arcfour.c (arcfour_mic_cksum): use free_Checksum to free the - checksum - - * arcfour.h: swap two last arguments to verify_mic for consistency - with des3 - - * wrap.c,unwrap.c,get_mic.c,verify_mic.c,cfx.c,cfx.h: - prefix cfx symbols with _gssapi_ - - * arcfour.c: release the right buffer - - * arcfour.c: rename token structure in consistency with rest of - GSS-API From: Luke Howard - - * unwrap.c (unwrap_des3): use _gssapi_verify_pad - (unwrap_des): use _gssapi_verify_pad - - * arcfour.c (_gssapi_wrap_arcfour): set the correct padding - (_gssapi_unwrap_arcfour): verify and strip padding - - * gssapi_locl.h: added _gssapi_verify_pad - - * decapsulate.c (_gssapi_verify_pad): verify padding of a gss - wrapped message and return its length - - * arcfour.c: support KEYTYPE_ARCFOUR_56 keys, from Luke Howard - - - * arcfour.c: use right seal alg, inherit keytype from parent key - - * arcfour.c: include the confounder in the checksum use the right - key usage number for warped/unwraped tokens - - * gssapi.h: add gss_krb5_nt_general_name as an mit compat glue - (same as GSS_KRB5_NT_PRINCIPAL_NAME) - - * unwrap.c: hook in arcfour unwrap - - * wrap.c: hook in arcfour wrap - - * verify_mic.c: hook in arcfour verify_mic - - * get_mic.c: hook in arcfour get_mic - - * arcfour.c: implement wrap/unwarp - - * gssapi_locl.h: add gssapi_{en,de}code_be_om_uint32 - - * 8003.c: add gssapi_{en,de}code_be_om_uint32 - -2003-08-27 Love Hörnquist Åstrand - - * arcfour.c (_gssapi_verify_mic_arcfour): Do the checksum on right - area. Swap filler check, it was reversed. - - * Makefile.am (libgssapi_la_SOURCES): += arcfour.c - - * gssapi_locl.h: include "arcfour.h" - - * arcfour.c: arcfour gss-api mech, get_mic/verify_mic working - - * arcfour.h: arcfour gss-api mech, get_mic/verify_mic working - -2003-08-26 Love Hörnquist Åstrand - - * gssapi_locl.h: always include cfx.h add prototype for - _gssapi_decapsulate - - * cfx.[ch]: Implementation of draft-ietf-krb-wg-gssapi-cfx-00.txt - from Luke Howard - - * decapsulate.c: add _gssapi_decapsulate, from Luke Howard - - -2003-08-25 Love Hörnquist Åstrand - - * unwrap.c: encap/decap now takes a oid if the enctype/keytype is - arcfour, return error add hook for cfx - - * verify_mic.c: encap/decap now takes a oid if the enctype/keytype - is arcfour, return error add hook for cfx - - * get_mic.c: encap/decap now takes a oid if the enctype/keytype is - arcfour, return error add hook for cfx - - * accept_sec_context.c: encap/decap now takes a oid - - * init_sec_context.c: encap/decap now takes a oid - - * gssapi_locl.h: include cfx.h if we need it lifetime is a - OM_uint32, depend on gssapi interface add all new encap/decap - functions - - * decapsulate.c: add decap functions that doesn't take the token - type also make all decap function take the oid mech that they - should use - - * encapsulate.c: add encap functions that doesn't take the token - type also make all encap function take the oid mech that they - should use - - * sequence.c (elem_insert): fix a off by one index counter - - * inquire_cred.c (gss_inquire_cred): handle cred_handle being - GSS_C_NO_CREDENTIAL and use the default cred then. - -2003-08-19 Love Hörnquist Åstrand - - * gss_acquire_cred.3: break out extensions and document - gsskrb5_register_acceptor_identity - -2003-08-18 Love Hörnquist Åstrand - - * test_acquire_cred.c (print_time): time is returned in seconds - from now, not unix time - -2003-08-17 Love Hörnquist Åstrand - - * compat.c (check_compat): avoid leaking principal when finding a - match - - * address_to_krb5addr.c: sa_size argument to krb5_addr2sockaddr is - a krb5_socklen_t - - * acquire_cred.c (gss_acquire_cred): 4th argument to - gss_test_oid_set_member is a int - -2003-07-22 Love Hörnquist Åstrand - - * init_sec_context.c (repl_mutual): don't set kerberos error where - there was no kerberos error - - * gssapi_locl.h: Add destruction/creation prototypes and structure - for the thread specific storage. - - * display_status.c: use thread specific storage to set/get the - kerberos error message - - * init.c: Provide locking around the creation of the global - krb5_context. Add destruction/creation functions for the thread - specific storage that the error string handling is using. - -2003-07-20 Love Hörnquist Åstrand - - * gss_acquire_cred.3: add missing prototype and missing .Ft - arguments - -2003-06-17 Love Hörnquist Åstrand - - * verify_mic.c: reorder code so sequence numbers can can be used - - * unwrap.c: reorder code so sequence numbers can can be used - - * sequence.c: remove unused function, indent, add - gssapi_msg_order_f that filter gss flags to gss_msg_order flags - - * gssapi_locl.h: prototypes for - gssapi_{encode_om_uint32,decode_om_uint32} add sequence number - verifier prototypes - - * delete_sec_context.c: destroy sequence number verifier - - * init_sec_context.c: remember to free data use sequence number - verifier - - * accept_sec_context.c: don't clear output_token twice remember to - free data use sequence number verifier - - * 8003.c: export and rename encode_om_uint32/decode_om_uint32 and - start to use them - -2003-06-09 Johan Danielsson - - * Makefile.am: can't have sequence.c in two different places - -2003-06-06 Love Hörnquist Åstrand - - * test_sequence.c: check rollover, print summery - - * wrap.c (sub_wrap_size): gss_wrap_size_limit() has - req_output_size and max_input_size around the wrong way -- it - returns the output token size for a given input size, rather than - the maximum input size for a given output token size. - - From: Luke Howard - -2003-06-05 Love Hörnquist Åstrand - - * gssapi_locl.h: add prototypes for sequence.c - - * Makefile.am (libgssapi_la_SOURCES): add sequence.c - (test_sequence): build - - * sequence.c: sequence number checks, order and replay - * test_sequence.c: sequence number checks, order and replay - -2003-06-03 Love Hörnquist Åstrand - - * accept_sec_context.c (gss_accept_sec_context): make sure time is - returned in seconds from now, not in kerberos time - - * acquire_cred.c (gss_aquire_cred): make sure time is returned in - seconds from now, not in kerberos time - - * init_sec_context.c (init_auth): if the cred is expired before we - tries to create a token, fail so the peer doesn't need reject us - (*): make sure time is returned in seconds from now, - not in kerberos time - (repl_mutual): remember to unlock the context mutex - - * context_time.c (gss_context_time): remove unused variable - - * verify_mic.c: make sure minor_status is always set, pointed out - by Luke Howard - -2003-05-21 Love Hörnquist Åstrand - - * *.[ch]: do some basic locking (no reference counting so contexts - can be removed while still used) - - don't export gss_ctx_id_t_desc_struct and gss_cred_id_t_desc_struct - - make sure all lifetime are returned in seconds left until expired, - not in unix epoch - - * gss_acquire_cred.3: document argument lifetime_rec to function - gss_inquire_context - -2003-05-17 Love Hörnquist Åstrand - - * test_acquire_cred.c: test gss_add_cred more then once - -2003-05-06 Love Hörnquist Åstrand - - * gssapi.h: if __cplusplus, wrap the extern variable (just to be - safe) and functions in extern "C" { } - -2003-04-30 Love Hörnquist Åstrand - - * gssapi.3: more about the des3 mic mess - - * verify_mic.c (verify_mic_des3): always check if the mic is the - correct mic or the mic that old heimdal would have generated - -2003-04-28 Jacques Vidrine - - * verify_mic.c (verify_mic_des3): If MIC verification fails, - retry using the `old' MIC computation (with zero IV). - -2003-04-26 Love Hörnquist Åstrand - - * gss_acquire_cred.3: more about difference between comparing IN - and MN - - * gss_acquire_cred.3: more about name type and access control - -2003-04-25 Love Hörnquist Åstrand - - * gss_acquire_cred.3: document gss_context_time - - * context_time.c: if lifetime of context have expired, set - time_rec to 0 and return GSS_S_CONTEXT_EXPIRED - - * gssapi.3: document [gssapi]correct_des3_mic - [gssapi]broken_des3_mic - - * gss_acquire_cred.3: document gss_krb5_compat_des3_mic - - * compat.c (gss_krb5_compat_des3_mic): enable turning on/off des3 - mic compat - (_gss_DES3_get_mic_compat): handle [gssapi]correct_des3_mic too - - * gssapi.h (gss_krb5_compat_des3_mic): new function, turn on/off - des3 mic compat - (GSS_C_KRB5_COMPAT_DES3_MIC): cpp symbol that exists if - gss_krb5_compat_des3_mic exists - -2003-04-24 Love Hörnquist Åstrand - - * Makefile.am: (libgssapi_la_LDFLAGS): update major - version of gssapi for incompatiblity in 3des getmic support - -2003-04-23 Love Hörnquist Åstrand - - * Makefile.am: test_acquire_cred_LDADD: use libgssapi.la not - ./libgssapi.la (make make -jN work) - -2003-04-16 Love Hörnquist Åstrand - - * gssapi.3: spelling - - * gss_acquire_cred.3: Change .Fd #include to .In - header.h, from Thomas Klausner - - -2003-04-06 Love Hörnquist Åstrand - - * gss_acquire_cred.3: spelling - - * Makefile.am: remove stuff that sneaked in with last commit - - * acquire_cred.c (acquire_initiator_cred): if the requested name - isn't in the ccache, also check keytab. Extact the krbtgt for the - default realm to check how long the credentials will last. - - * add_cred.c (gss_add_cred): don't create a new ccache, just open - the old one; better check if output handle is compatible with new - (copied) handle - - * test_acquire_cred.c: test gss_add_cred too - -2003-04-03 Love Hörnquist Åstrand - - * Makefile.am: build test_acquire_cred - - * test_acquire_cred.c: simple gss_acquire_cred test - -2003-04-02 Love Hörnquist Åstrand - - * gss_acquire_cred.3: s/gssapi/GSS-API/ - -2003-03-19 Love Hörnquist Åstrand - - * gss_acquire_cred.3: document v1 interface (and that they are - obsolete) - -2003-03-18 Love Hörnquist Åstrand - - * gss_acquire_cred.3: list supported mechanism and nametypes - -2003-03-16 Love Hörnquist Åstrand - - * gss_acquire_cred.3: text about gss_display_name - - * Makefile.am (libgssapi_la_LDFLAGS): bump to 3:6:2 - (libgssapi_la_SOURCES): add all new functions - - * gssapi.3: now that we have a functions, uncomment the missing - ones - - * gss_acquire_cred.3: now that we have a functions, uncomment the - missing ones - - * process_context_token.c: implement gss_process_context_token - - * inquire_names_for_mech.c: implement gss_inquire_names_for_mech - - * inquire_mechs_for_name.c: implement gss_inquire_mechs_for_name - - * inquire_cred_by_mech.c: implement gss_inquire_cred_by_mech - - * add_cred.c: implement gss_add_cred - - * acquire_cred.c (gss_acquire_cred): more testing of input - argument, make sure output arguments are ok, since we don't know - the time_rec (for now), set it to time_req - - * export_sec_context.c: send lifetime, also set minor_status - - * get_mic.c: set minor_status - - * import_sec_context.c (gss_import_sec_context): add error - checking, pick up lifetime (if there is no lifetime, use - GSS_C_INDEFINITE) - - * init_sec_context.c: take care to set export value to something - sane before we start so caller will have harmless values in them - if then function fails - - * release_buffer.c (gss_release_buffer): set minor_status - - * wrap.c: make sure minor_status get set - - * verify_mic.c (gss_verify_mic_internal): rename verify_mic to - gss_verify_mic_internal and let it take the type as an argument, - (gss_verify_mic): call gss_verify_mic_internal - set minor_status - - * unwrap.c: set minor_status - - * test_oid_set_member.c (gss_test_oid_set_member): use - gss_oid_equal - - * release_oid_set.c (gss_release_oid_set): set minor_status - - * release_name.c (gss_release_name): set minor_status - - * release_cred.c (gss_release_cred): set minor_status - - * add_oid_set_member.c (gss_add_oid_set_member): set minor_status - - * compare_name.c (gss_compare_name): set minor_status - - * compat.c (check_compat): make sure ret have a defined value - - * context_time.c (gss_context_time): set minor_status - - * copy_ccache.c (gss_krb5_copy_ccache): set minor_status - - * create_emtpy_oid_set.c (gss_create_empty_oid_set): set - minor_status - - * delete_sec_context.c (gss_delete_sec_context): set minor_status - - * display_name.c (gss_display_name): set minor_status - - * display_status.c (gss_display_status): use gss_oid_equal, handle - supplementary errors - - * duplicate_name.c (gss_duplicate_name): set minor_status - - * inquire_context.c (gss_inquire_context): set lifetime_rec now - when we know it, set minor_status - - * inquire_cred.c (gss_inquire_cred): take care to set export value - to something sane before we start so caller will have harmless - values in them if the function fails - - * accept_sec_context.c (gss_accept_sec_context): take care to set - export value to something sane before we start so caller will have - harmless values in them if then function fails, set lifetime from - ticket expiration date - - * indicate_mechs.c (gss_indicate_mechs): use - gss_create_empty_oid_set and gss_add_oid_set_member - - * gssapi.h (gss_ctx_id_t_desc): store the lifetime in the cred, - since there is no ticket transfered in the exported context - - * export_name.c (gss_export_name): export name with - GSS_C_NT_EXPORT_NAME wrapping, not just the principal - - * import_name.c (import_export_name): new function, parses a - GSS_C_NT_EXPORT_NAME - (import_krb5_name): factor out common code of parsing krb5 name - (gss_oid_equal): rename from oid_equal - - * gssapi_locl.h: add prototypes for gss_oid_equal and - gss_verify_mic_internal - - * gssapi.h: comment out the argument names - -2003-03-15 Love Hörnquist Åstrand - - * gssapi.3: add LIST OF FUNCTIONS and copyright/license - - * Makefile.am: s/gss_aquire_cred.3/gss_acquire_cred.3/ - - * Makefile.am: man_MANS += gss_aquire_cred.3 - -2003-03-14 Love Hörnquist Åstrand - - * gss_aquire_cred.3: the gssapi api manpage - -2003-03-03 Love Hörnquist Åstrand - - * inquire_context.c: (gss_inquire_context): rename argument open - to open_context - - * gssapi.h (gss_inquire_context): rename argument open to open_context - -2003-02-27 Love Hörnquist Åstrand - - * init_sec_context.c (do_delegation): remove unused variable - subkey - - * gssapi.3: all 0.5.x version had broken token delegation - -2003-02-21 Love Hörnquist Åstrand - - * (init_auth): only generate one subkey - -2003-01-27 Love Hörnquist Åstrand - - * verify_mic.c (verify_mic_des3): fix 3des verify_mic to conform - to rfc (and mit kerberos), provide backward compat hook - - * get_mic.c (mic_des3): fix 3des get_mic to conform to rfc (and - mit kerberos), provide backward compat hook - - * init_sec_context.c (init_auth): check if we need compat for - older get_mic/verify_mic - - * gssapi_locl.h: add prototype for _gss_DES3_get_mic_compat - - * gssapi.h (more_flags): add COMPAT_OLD_DES3 - - * Makefile.am: add gssapi.3 and compat.c - - * gssapi.3: add gssapi COMPATIBILITY documentation - - * accept_sec_context.c (gss_accept_sec_context): check if we need - compat for older get_mic/verify_mic - - * compat.c: check for compatiblity with other heimdal's 3des - get_mic/verify_mic - -2002-10-31 Johan Danielsson - - * check return value from gssapi_krb5_init - - * 8003.c (gssapi_krb5_verify_8003_checksum): check size of input - -2002-09-03 Johan Danielsson - - * wrap.c (wrap_des3): use ETYPE_DES3_CBC_NONE - - * unwrap.c (unwrap_des3): use ETYPE_DES3_CBC_NONE - -2002-09-02 Johan Danielsson - - * init_sec_context.c: we need to generate a local subkey here - -2002-08-20 Jacques Vidrine - - * acquire_cred.c, inquire_cred.c, release_cred.c: Use default - credential resolution if gss_acquire_cred is called with - GSS_C_NO_NAME. - -2002-06-20 Jacques Vidrine - - * import_name.c: Compare name types by value if pointers do - not match. Reported by: "Douglas E. Engert" - -2002-05-20 Jacques Vidrine - - * verify_mic.c (gss_verify_mic), unwrap.c (gss_unwrap): initialize - the qop_state parameter. from Doug Rabson - -2002-05-09 Jacques Vidrine - - * acquire_cred.c: handle GSS_C_INITIATE/GSS_C_ACCEPT/GSS_C_BOTH - -2002-05-08 Jacques Vidrine - - * acquire_cred.c: initialize gssapi; handle null desired_name - -2002-03-22 Johan Danielsson - - * Makefile.am: remove non-functional stuff accidentally committed - -2002-03-11 Assar Westerlund - - * Makefile.am (libgssapi_la_LDFLAGS): bump version to 3:5:2 - * 8003.c (gssapi_krb5_verify_8003_checksum): handle zero channel - bindings - -2001-10-31 Jacques Vidrine - - * get_mic.c (mic_des3): MIC computation using DES3/SHA1 - was bogusly appending the message buffer to the result, - overwriting a heap buffer in the process. - -2001-08-29 Assar Westerlund - - * 8003.c (gssapi_krb5_verify_8003_checksum, - gssapi_krb5_create_8003_checksum): make more consistent by always - returning an gssapi error and setting minor status. update - callers - -2001-08-28 Jacques Vidrine - - * accept_sec_context.c: Create a cache for delegated credentials - when needed. - -2001-08-28 Assar Westerlund - - * Makefile.am (libgssapi_la_LDFLAGS): set version to 3:4:2 - -2001-08-23 Assar Westerlund - - * *.c: handle minor_status more consistently - - * display_status.c (gss_display_status): handle krb5_get_err_text - failing - -2001-08-15 Johan Danielsson - - * gssapi_locl.h: fix prototype for gssapi_krb5_init - -2001-08-13 Johan Danielsson - - * accept_sec_context.c (gsskrb5_register_acceptor_identity): init - context and check return value from kt_resolve - - * init.c: return error code - -2001-07-19 Assar Westerlund - - * Makefile.am (libgssapi_la_LDFLAGS): update to 3:3:2 - -2001-07-12 Assar Westerlund - - * Makefile.am (libgssapi_la_LIBADD): add required library - dependencies - -2001-07-06 Assar Westerlund - - * accept_sec_context.c (gsskrb5_register_acceptor_identity): set - the keytab to be used for gss_acquire_cred too' - -2001-07-03 Assar Westerlund - - * Makefile.am (libgssapi_la_LDFLAGS): set version to 3:2:2 - -2001-06-18 Assar Westerlund - - * wrap.c: replace gss_krb5_getsomekey with gss_krb5_get_localkey - and gss_krb5_get_remotekey - * verify_mic.c: update krb5_auth_con function names use - gss_krb5_get_remotekey - * unwrap.c: replace gss_krb5_getsomekey with gss_krb5_get_localkey - and gss_krb5_get_remotekey - * gssapi_locl.h (gss_krb5_get_remotekey, gss_krb5_get_localkey): - add prototypes - * get_mic.c: update krb5_auth_con function names. use - gss_krb5_get_localkey - * accept_sec_context.c: update krb5_auth_con function names - -2001-05-17 Assar Westerlund - - * Makefile.am: bump version to 3:1:2 - -2001-05-14 Assar Westerlund - - * address_to_krb5addr.c: adapt to new address functions - -2001-05-11 Assar Westerlund - - * try to return the error string from libkrb5 where applicable - -2001-05-08 Assar Westerlund - - * delete_sec_context.c (gss_delete_sec_context): remember to free - the memory used by the ticket itself. from - -2001-05-04 Assar Westerlund - - * gssapi_locl.h: add config.h for completeness - * gssapi.h: remove config.h, this is an installed header file - sys/types.h is not needed either - -2001-03-12 Assar Westerlund - - * acquire_cred.c (gss_acquire_cred): remove memory leaks. from - Jason R Thorpe - -2001-02-18 Assar Westerlund - - * accept_sec_context.c (gss_accept_sec_context): either return - gss_name NULL-ed or set - - * import_name.c: set minor_status in some cases where it was not - done - -2001-02-15 Assar Westerlund - - * wrap.c: use krb5_generate_random_block for the confounders - -2001-01-30 Assar Westerlund - - * Makefile.am (libgssapi_la_LDFLAGS): bump version to 3:0:2 - * acquire_cred.c, init_sec_context.c, release_cred.c: add support - for getting creds from a keytab, from fvdl@netbsd.org - - * copy_ccache.c: add gss_krb5_copy_ccache - -2001-01-27 Assar Westerlund - - * get_mic.c: cast parameters to des function to non-const pointers - to handle the case where these functions actually take non-const - des_cblock * - -2001-01-09 Assar Westerlund - - * accept_sec_context.c (gss_accept_sec_context): use krb5_rd_cred2 - instead of krb5_rd_cred - -2000-12-11 Assar Westerlund - - * Makefile.am (libgssapi_la_LDFLAGS): bump to 2:3:1 - -2000-12-08 Assar Westerlund - - * wrap.c (wrap_des3): use the checksum as ivec when encrypting the - sequence number - * unwrap.c (unwrap_des3): use the checksum as ivec when encrypting - the sequence number - * init_sec_context.c (init_auth): always zero fwd_data - -2000-12-06 Johan Danielsson - - * accept_sec_context.c: de-pointerise auth_context parameter to - krb5_mk_rep - -2000-11-15 Assar Westerlund - - * init_sec_context.c (init_auth): update to new - krb5_build_authenticator - -2000-09-19 Assar Westerlund - - * Makefile.am (libgssapi_la_LDFLAGS): bump to 2:2:1 - -2000-08-27 Assar Westerlund - - * init_sec_context.c: actually pay attention to `time_req' - * init_sec_context.c: re-organize. leak less memory. - * gssapi_locl.h (gssapi_krb5_encapsulate, gss_krb5_getsomekey): - update prototypes add assert.h - * gssapi.h (GSS_KRB5_CONF_C_QOP_DES, GSS_KRB5_CONF_C_QOP_DES3_KD): - add - * verify_mic.c: re-organize and add 3DES code - * wrap.c: re-organize and add 3DES code - * unwrap.c: re-organize and add 3DES code - * get_mic.c: re-organize and add 3DES code - * encapsulate.c (gssapi_krb5_encapsulate): do not free `in_data', - let the caller do that. fix the callers. - -2000-08-16 Assar Westerlund - - * Makefile.am: bump version to 2:1:1 - -2000-07-29 Assar Westerlund - - * decapsulate.c (gssapi_krb5_verify_header): sanity-check length - -2000-07-25 Johan Danielsson - - * Makefile.am: bump version to 2:0:1 - -2000-07-22 Assar Westerlund - - * gssapi.h: update OID for GSS_C_NT_HOSTBASED_SERVICE and other - details from rfc2744 - -2000-06-29 Assar Westerlund - - * address_to_krb5addr.c (gss_address_to_krb5addr): actually use - `int' instead of `sa_family_t' for the address family. - -2000-06-21 Assar Westerlund - - * add support for token delegation. From Daniel Kouril - and Miroslav Ruda - -2000-05-15 Assar Westerlund - - * Makefile.am (libgssapi_la_LDFLAGS): set version to 1:1:1 - -2000-04-12 Assar Westerlund - - * release_oid_set.c (gss_release_oid_set): clear set for - robustness. From GOMBAS Gabor - * release_name.c (gss_release_name): reset input_name for - robustness. From GOMBAS Gabor - * release_buffer.c (gss_release_buffer): set value to NULL to be - more robust. From GOMBAS Gabor - * add_oid_set_member.c (gss_add_oid_set_member): actually check if - the oid is a member first. leave the oid_set unchanged if realloc - fails. - -2000-02-13 Assar Westerlund - - * Makefile.am: set version to 1:0:1 - -2000-02-12 Assar Westerlund - - * gssapi_locl.h: add flags for import/export - * import_sec_context.c (import_sec_context: add flags for what - fields are included. do not include the authenticator for now. - * export_sec_context.c (export_sec_context: add flags for what - fields are included. do not include the authenticator for now. - * accept_sec_context.c (gss_accept_sec_context): set target in - context_handle - -2000-02-11 Assar Westerlund - - * delete_sec_context.c (gss_delete_sec_context): set context to - GSS_C_NO_CONTEXT - - * Makefile.am: add {export,import}_sec_context.c - * export_sec_context.c: new file - * import_sec_context.c: new file - * accept_sec_context.c (gss_accept_sec_context): set trans flag - -2000-02-07 Assar Westerlund - - * Makefile.am: set version to 0:5:0 - -2000-01-26 Assar Westerlund - - * delete_sec_context.c (gss_delete_sec_context): handle a NULL - output_token - - * wrap.c: update to pseudo-standard APIs for md4,md5,sha. some - changes to libdes calls to make them more portable. - * verify_mic.c: update to pseudo-standard APIs for md4,md5,sha. - some changes to libdes calls to make them more portable. - * unwrap.c: update to pseudo-standard APIs for md4,md5,sha. some - changes to libdes calls to make them more portable. - * get_mic.c: update to pseudo-standard APIs for md4,md5,sha. some - changes to libdes calls to make them more portable. - * 8003.c: update to pseudo-standard APIs for md4,md5,sha. - -2000-01-06 Assar Westerlund - - * Makefile.am: set version to 0:4:0 - -1999-12-26 Assar Westerlund - - * accept_sec_context.c (gss_accept_sec_context): always set - `output_token' - * init_sec_context.c (init_auth): always initialize `output_token' - * delete_sec_context.c (gss_delete_sec_context): always set - `output_token' - -1999-12-06 Assar Westerlund - - * Makefile.am: bump version to 0:3:0 - -1999-10-20 Assar Westerlund - - * Makefile.am: set version to 0:2:0 - -1999-09-21 Assar Westerlund - - * init_sec_context.c (gss_init_sec_context): initialize `ticket' - - * gssapi.h (gss_ctx_id_t_desc): add ticket in here. ick. - - * delete_sec_context.c (gss_delete_sec_context): free ticket - - * accept_sec_context.c (gss_accept_sec_context): stove away - `krb5_ticket' in context so that ugly programs such as - gss_nt_server can get at it. uck. - -1999-09-20 Johan Danielsson - - * accept_sec_context.c: set minor_status - -1999-08-04 Assar Westerlund - - * display_status.c (calling_error, routine_error): right shift the - code to make it possible to index into the arrays - -1999-07-28 Assar Westerlund - - * gssapi.h (GSS_C_AF_INET6): add - - * import_name.c (import_hostbased_name): set minor_status - -1999-07-26 Assar Westerlund - - * Makefile.am: set version to 0:1:0 - -Wed Apr 7 14:05:15 1999 Johan Danielsson - - * display_status.c: set minor_status - - * init_sec_context.c: set minor_status - - * lib/gssapi/init.c: remove donep (check gssapi_krb5_context - directly) - diff --git a/crypto/heimdal/lib/gssapi/Makefile.am b/crypto/heimdal/lib/gssapi/Makefile.am deleted file mode 100644 index 23264828221c..000000000000 --- a/crypto/heimdal/lib/gssapi/Makefile.am +++ /dev/null @@ -1,313 +0,0 @@ -# $Id: Makefile.am 22399 2008-01-11 14:25:47Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AUTOMAKE_OPTIONS = subdir-objects - -AM_CPPFLAGS += -I$(srcdir)/../krb5 \ - -I$(srcdir) \ - -I$(srcdir)/mech \ - $(INCLUDE_hcrypto) \ - $(INCLUDE_krb4) - -lib_LTLIBRARIES = libgssapi.la - -krb5src = \ - krb5/8003.c \ - krb5/accept_sec_context.c \ - krb5/acquire_cred.c \ - krb5/add_cred.c \ - krb5/address_to_krb5addr.c \ - krb5/arcfour.c \ - krb5/canonicalize_name.c \ - krb5/ccache_name.c \ - krb5/cfx.c \ - krb5/cfx.h \ - krb5/compare_name.c \ - krb5/compat.c \ - krb5/context_time.c \ - krb5/copy_ccache.c \ - krb5/decapsulate.c \ - krb5/delete_sec_context.c \ - krb5/display_name.c \ - krb5/display_status.c \ - krb5/duplicate_name.c \ - krb5/encapsulate.c \ - krb5/export_name.c \ - krb5/export_sec_context.c \ - krb5/external.c \ - krb5/get_mic.c \ - krb5/gsskrb5_locl.h \ - krb5/gsskrb5-private.h \ - krb5/import_name.c \ - krb5/import_sec_context.c \ - krb5/indicate_mechs.c \ - krb5/init.c \ - krb5/init_sec_context.c \ - krb5/inquire_context.c \ - krb5/inquire_cred.c \ - krb5/inquire_cred_by_mech.c \ - krb5/inquire_cred_by_oid.c \ - krb5/inquire_mechs_for_name.c \ - krb5/inquire_names_for_mech.c \ - krb5/inquire_sec_context_by_oid.c \ - krb5/process_context_token.c \ - krb5/prf.c \ - krb5/release_buffer.c \ - krb5/release_cred.c \ - krb5/release_name.c \ - krb5/sequence.c \ - krb5/set_cred_option.c \ - krb5/set_sec_context_option.c \ - krb5/ticket_flags.c \ - krb5/unwrap.c \ - krb5/v1.c \ - krb5/verify_mic.c \ - krb5/wrap.c - -mechsrc = \ - mech/context.h \ - mech/context.c \ - mech/cred.h \ - mech/gss_accept_sec_context.c \ - mech/gss_acquire_cred.c \ - mech/gss_add_cred.c \ - mech/gss_add_oid_set_member.c \ - mech/gss_buffer_set.c \ - mech/gss_canonicalize_name.c \ - mech/gss_compare_name.c \ - mech/gss_context_time.c \ - mech/gss_create_empty_oid_set.c \ - mech/gss_decapsulate_token.c \ - mech/gss_delete_sec_context.c \ - mech/gss_display_name.c \ - mech/gss_display_status.c \ - mech/gss_duplicate_name.c \ - mech/gss_duplicate_oid.c \ - mech/gss_encapsulate_token.c \ - mech/gss_export_name.c \ - mech/gss_export_sec_context.c \ - mech/gss_get_mic.c \ - mech/gss_import_name.c \ - mech/gss_import_sec_context.c \ - mech/gss_indicate_mechs.c \ - mech/gss_init_sec_context.c \ - mech/gss_inquire_context.c \ - mech/gss_inquire_cred.c \ - mech/gss_inquire_cred_by_mech.c \ - mech/gss_inquire_cred_by_oid.c \ - mech/gss_inquire_mechs_for_name.c \ - mech/gss_inquire_names_for_mech.c \ - mech/gss_krb5.c \ - mech/gss_mech_switch.c \ - mech/gss_names.c \ - mech/gss_oid_equal.c \ - mech/gss_oid_to_str.c \ - mech/gss_process_context_token.c \ - mech/gss_pseudo_random.c \ - mech/gss_release_buffer.c \ - mech/gss_release_cred.c \ - mech/gss_release_name.c \ - mech/gss_release_oid.c \ - mech/gss_release_oid_set.c \ - mech/gss_seal.c \ - mech/gss_set_cred_option.c \ - mech/gss_set_sec_context_option.c \ - mech/gss_sign.c \ - mech/gss_test_oid_set_member.c \ - mech/gss_unseal.c \ - mech/gss_unwrap.c \ - mech/gss_utils.c \ - mech/gss_verify.c \ - mech/gss_verify_mic.c \ - mech/gss_wrap.c \ - mech/gss_wrap_size_limit.c \ - mech/gss_inquire_sec_context_by_oid.c \ - mech/mech_switch.h \ - mech/mechqueue.h \ - mech/mech_locl.h \ - mech/name.h \ - mech/utils.h - -spnegosrc = \ - spnego/accept_sec_context.c \ - spnego/compat.c \ - spnego/context_stubs.c \ - spnego/cred_stubs.c \ - spnego/external.c \ - spnego/init_sec_context.c \ - spnego/spnego_locl.h \ - spnego/spnego-private.h - -ntlmsrc = \ - ntlm/accept_sec_context.c \ - ntlm/acquire_cred.c \ - ntlm/add_cred.c \ - ntlm/canonicalize_name.c \ - ntlm/compare_name.c \ - ntlm/context_time.c \ - ntlm/crypto.c \ - ntlm/delete_sec_context.c \ - ntlm/display_name.c \ - ntlm/display_status.c \ - ntlm/duplicate_name.c \ - ntlm/export_name.c \ - ntlm/export_sec_context.c \ - ntlm/external.c \ - ntlm/ntlm.h \ - ntlm/ntlm-private.h \ - ntlm/import_name.c \ - ntlm/import_sec_context.c \ - ntlm/indicate_mechs.c \ - ntlm/init_sec_context.c \ - ntlm/inquire_context.c \ - ntlm/inquire_cred.c \ - ntlm/inquire_cred_by_mech.c \ - ntlm/inquire_mechs_for_name.c \ - ntlm/inquire_names_for_mech.c \ - ntlm/process_context_token.c \ - ntlm/release_cred.c \ - ntlm/release_name.c \ - ntlm/digest.c - -$(srcdir)/ntlm/ntlm-private.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p ntlm/ntlm-private.h $(ntlmsrc) || rm -f ntlm/ntlm-private.h - -dist_libgssapi_la_SOURCES = \ - $(krb5src) \ - $(mechsrc) \ - $(ntlmsrc) \ - $(spnegosrc) - -nodist_libgssapi_la_SOURCES = \ - gkrb5_err.c \ - gkrb5_err.h \ - $(BUILT_SOURCES) - -libgssapi_la_LDFLAGS = -version-info 2:0:0 - -if versionscript -libgssapi_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map -endif - -libgssapi_la_LIBADD = \ - $(top_builddir)/lib/ntlm/libheimntlm.la \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_com_err) \ - $(LIB_hcrypto) \ - $(LIBADD_roken) - -man_MANS = gssapi.3 gss_acquire_cred.3 mech/mech.5 - -include_HEADERS = gssapi.h -noinst_HEADERS = \ - gssapi_mech.h \ - ntlm/ntlm-private.h \ - spnego/spnego-private.h \ - krb5/gsskrb5-private.h -nobase_include_HEADERS = \ - gssapi/gssapi.h \ - gssapi/gssapi_krb5.h \ - gssapi/gssapi_spnego.h - -gssapidir = $(includedir)/gssapi -nodist_gssapi_HEADERS = gkrb5_err.h - -gssapi_files = asn1_GSSAPIContextToken.x - -spnego_files = \ - asn1_ContextFlags.x \ - asn1_MechType.x \ - asn1_MechTypeList.x \ - asn1_NegotiationToken.x \ - asn1_NegotiationTokenWin.x \ - asn1_NegHints.x \ - asn1_NegTokenInit.x \ - asn1_NegTokenInitWin.x \ - asn1_NegTokenResp.x - -$(libgssapi_la_OBJECTS): $(srcdir)/krb5/gsskrb5-private.h -$(libgssapi_la_OBJECTS): $(srcdir)/spnego/spnego-private.h -$(libgssapi_la_OBJECTS): $(srcdir)/ntlm/ntlm-private.h - -$(libgssapi_la_OBJECTS): $(srcdir)/version-script.map - -BUILT_SOURCES = $(spnego_files:.x=.c) $(gssapi_files:.x=.c) - -CLEANFILES = $(BUILT_SOURCES) \ - gkrb5_err.h gkrb5_err.c \ - $(spnego_files) spnego_asn1.h spnego_asn1_files \ - $(gssapi_files) gssapi_asn1.h gssapi_asn1_files \ - gss-commands.h gss-commands.c - -$(spnego_files) spnego_asn1.h: spnego_asn1_files -$(gssapi_files) gssapi_asn1.h: gssapi_asn1_files - -spnego_asn1_files: ../asn1/asn1_compile$(EXEEXT) $(srcdir)/spnego/spnego.asn1 - ../asn1/asn1_compile$(EXEEXT) --sequence=MechTypeList $(srcdir)/spnego/spnego.asn1 spnego_asn1 - -gssapi_asn1_files: ../asn1/asn1_compile$(EXEEXT) $(srcdir)/mech/gssapi.asn1 - ../asn1/asn1_compile$(EXEEXT) $(srcdir)/mech/gssapi.asn1 gssapi_asn1 - -$(srcdir)/krb5/gsskrb5-private.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p krb5/gsskrb5-private.h $(krb5src) || rm -f krb5/gsskrb5-private.h - -$(srcdir)/spnego/spnego-private.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p spnego/spnego-private.h $(spnegosrc) || rm -f spnego/spnego-private.h - - -TESTS = test_oid test_names test_cfx -# test_sequence - -test_cfx_SOURCES = krb5/test_cfx.c - -check_PROGRAMS = test_acquire_cred $(TESTS) - -bin_PROGRAMS = gss -noinst_PROGRAMS = test_cred test_kcred test_context test_ntlm - -test_context_SOURCES = test_context.c test_common.c test_common.h -test_ntlm_SOURCES = test_ntlm.c test_common.c test_common.h -test_acquire_cred_SOURCES = test_acquire_cred.c test_common.c test_common.h - -test_ntlm_LDADD = \ - $(top_builddir)/lib/ntlm/libheimntlm.la \ - $(LDADD) - -LDADD = libgssapi.la \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_roken) - -# gss - -dist_gss_SOURCES = gss.c -nodist_gss_SOURCES = gss-commands.c gss-commands.h - -gss_LDADD = libgssapi.la \ - $(top_builddir)/lib/sl/libsl.la \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_readline) \ - $(LIB_roken) - -SLC = $(top_builddir)/lib/sl/slc - -gss-commands.c gss-commands.h: gss-commands.in - $(SLC) $(srcdir)/gss-commands.in - -$(gss_OBJECTS): gss-commands.h - -EXTRA_DIST = \ - $(man_MANS) \ - krb5/gkrb5_err.et \ - mech/gssapi.asn1 \ - spnego/spnego.asn1 \ - version-script.map \ - gss-commands.in - -# to help stupid solaris make - -$(libgssapi_la_OBJECTS): gkrb5_err.h gssapi_asn1.h spnego_asn1.h - -gkrb5_err.h gkrb5_err.c: $(srcdir)/krb5/gkrb5_err.et - $(COMPILE_ET) $(srcdir)/krb5/gkrb5_err.et diff --git a/crypto/heimdal/lib/gssapi/Makefile.in b/crypto/heimdal/lib/gssapi/Makefile.in deleted file mode 100644 index 9886d49b185b..000000000000 --- a/crypto/heimdal/lib/gssapi/Makefile.in +++ /dev/null @@ -1,1960 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22399 2008-01-11 14:25:47Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - - - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(include_HEADERS) $(nobase_include_HEADERS) \ - $(noinst_HEADERS) $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog -@versionscript_TRUE@am__append_1 = $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map -TESTS = test_oid$(EXEEXT) test_names$(EXEEXT) test_cfx$(EXEEXT) -check_PROGRAMS = test_acquire_cred$(EXEEXT) $(am__EXEEXT_1) -bin_PROGRAMS = gss$(EXEEXT) -noinst_PROGRAMS = test_cred$(EXEEXT) test_kcred$(EXEEXT) \ - test_context$(EXEEXT) test_ntlm$(EXEEXT) -subdir = lib/gssapi -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" \ - "$(DESTDIR)$(man3dir)" "$(DESTDIR)$(man5dir)" \ - "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)" \ - "$(DESTDIR)$(gssapidir)" -libLTLIBRARIES_INSTALL = $(INSTALL) -LTLIBRARIES = $(lib_LTLIBRARIES) -am__DEPENDENCIES_1 = -libgssapi_la_DEPENDENCIES = $(top_builddir)/lib/ntlm/libheimntlm.la \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -am__dirstamp = $(am__leading_dot)dirstamp -am__objects_1 = krb5/8003.lo krb5/accept_sec_context.lo \ - krb5/acquire_cred.lo krb5/add_cred.lo \ - krb5/address_to_krb5addr.lo krb5/arcfour.lo \ - krb5/canonicalize_name.lo krb5/ccache_name.lo krb5/cfx.lo \ - krb5/compare_name.lo krb5/compat.lo krb5/context_time.lo \ - krb5/copy_ccache.lo krb5/decapsulate.lo \ - krb5/delete_sec_context.lo krb5/display_name.lo \ - krb5/display_status.lo krb5/duplicate_name.lo \ - krb5/encapsulate.lo krb5/export_name.lo \ - krb5/export_sec_context.lo krb5/external.lo krb5/get_mic.lo \ - krb5/import_name.lo krb5/import_sec_context.lo \ - krb5/indicate_mechs.lo krb5/init.lo krb5/init_sec_context.lo \ - krb5/inquire_context.lo krb5/inquire_cred.lo \ - krb5/inquire_cred_by_mech.lo krb5/inquire_cred_by_oid.lo \ - krb5/inquire_mechs_for_name.lo krb5/inquire_names_for_mech.lo \ - krb5/inquire_sec_context_by_oid.lo \ - krb5/process_context_token.lo krb5/prf.lo \ - krb5/release_buffer.lo krb5/release_cred.lo \ - krb5/release_name.lo krb5/sequence.lo krb5/set_cred_option.lo \ - krb5/set_sec_context_option.lo krb5/ticket_flags.lo \ - krb5/unwrap.lo krb5/v1.lo krb5/verify_mic.lo krb5/wrap.lo -am__objects_2 = mech/context.lo mech/gss_accept_sec_context.lo \ - mech/gss_acquire_cred.lo mech/gss_add_cred.lo \ - mech/gss_add_oid_set_member.lo mech/gss_buffer_set.lo \ - mech/gss_canonicalize_name.lo mech/gss_compare_name.lo \ - mech/gss_context_time.lo mech/gss_create_empty_oid_set.lo \ - mech/gss_decapsulate_token.lo mech/gss_delete_sec_context.lo \ - mech/gss_display_name.lo mech/gss_display_status.lo \ - mech/gss_duplicate_name.lo mech/gss_duplicate_oid.lo \ - mech/gss_encapsulate_token.lo mech/gss_export_name.lo \ - mech/gss_export_sec_context.lo mech/gss_get_mic.lo \ - mech/gss_import_name.lo mech/gss_import_sec_context.lo \ - mech/gss_indicate_mechs.lo mech/gss_init_sec_context.lo \ - mech/gss_inquire_context.lo mech/gss_inquire_cred.lo \ - mech/gss_inquire_cred_by_mech.lo \ - mech/gss_inquire_cred_by_oid.lo \ - mech/gss_inquire_mechs_for_name.lo \ - mech/gss_inquire_names_for_mech.lo mech/gss_krb5.lo \ - mech/gss_mech_switch.lo mech/gss_names.lo \ - mech/gss_oid_equal.lo mech/gss_oid_to_str.lo \ - mech/gss_process_context_token.lo mech/gss_pseudo_random.lo \ - mech/gss_release_buffer.lo mech/gss_release_cred.lo \ - mech/gss_release_name.lo mech/gss_release_oid.lo \ - mech/gss_release_oid_set.lo mech/gss_seal.lo \ - mech/gss_set_cred_option.lo mech/gss_set_sec_context_option.lo \ - mech/gss_sign.lo mech/gss_test_oid_set_member.lo \ - mech/gss_unseal.lo mech/gss_unwrap.lo mech/gss_utils.lo \ - mech/gss_verify.lo mech/gss_verify_mic.lo mech/gss_wrap.lo \ - mech/gss_wrap_size_limit.lo \ - mech/gss_inquire_sec_context_by_oid.lo -am__objects_3 = ntlm/accept_sec_context.lo ntlm/acquire_cred.lo \ - ntlm/add_cred.lo ntlm/canonicalize_name.lo \ - ntlm/compare_name.lo ntlm/context_time.lo ntlm/crypto.lo \ - ntlm/delete_sec_context.lo ntlm/display_name.lo \ - ntlm/display_status.lo ntlm/duplicate_name.lo \ - ntlm/export_name.lo ntlm/export_sec_context.lo \ - ntlm/external.lo ntlm/import_name.lo \ - ntlm/import_sec_context.lo ntlm/indicate_mechs.lo \ - ntlm/init_sec_context.lo ntlm/inquire_context.lo \ - ntlm/inquire_cred.lo ntlm/inquire_cred_by_mech.lo \ - ntlm/inquire_mechs_for_name.lo ntlm/inquire_names_for_mech.lo \ - ntlm/process_context_token.lo ntlm/release_cred.lo \ - ntlm/release_name.lo ntlm/digest.lo -am__objects_4 = spnego/accept_sec_context.lo spnego/compat.lo \ - spnego/context_stubs.lo spnego/cred_stubs.lo \ - spnego/external.lo spnego/init_sec_context.lo -dist_libgssapi_la_OBJECTS = $(am__objects_1) $(am__objects_2) \ - $(am__objects_3) $(am__objects_4) -am__objects_5 = asn1_ContextFlags.lo asn1_MechType.lo \ - asn1_MechTypeList.lo asn1_NegotiationToken.lo \ - asn1_NegotiationTokenWin.lo asn1_NegHints.lo \ - asn1_NegTokenInit.lo asn1_NegTokenInitWin.lo \ - asn1_NegTokenResp.lo -am__objects_6 = asn1_GSSAPIContextToken.lo -am__objects_7 = $(am__objects_5) $(am__objects_6) -nodist_libgssapi_la_OBJECTS = gkrb5_err.lo $(am__objects_7) -libgssapi_la_OBJECTS = $(dist_libgssapi_la_OBJECTS) \ - $(nodist_libgssapi_la_OBJECTS) -libgssapi_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(libgssapi_la_LDFLAGS) $(LDFLAGS) -o $@ -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -am__EXEEXT_1 = test_oid$(EXEEXT) test_names$(EXEEXT) test_cfx$(EXEEXT) -PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS) -dist_gss_OBJECTS = gss.$(OBJEXT) -nodist_gss_OBJECTS = gss-commands.$(OBJEXT) -gss_OBJECTS = $(dist_gss_OBJECTS) $(nodist_gss_OBJECTS) -gss_DEPENDENCIES = libgssapi.la $(top_builddir)/lib/sl/libsl.la \ - $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -am_test_acquire_cred_OBJECTS = test_acquire_cred.$(OBJEXT) \ - test_common.$(OBJEXT) -test_acquire_cred_OBJECTS = $(am_test_acquire_cred_OBJECTS) -test_acquire_cred_LDADD = $(LDADD) -test_acquire_cred_DEPENDENCIES = libgssapi.la \ - $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) -am_test_cfx_OBJECTS = krb5/test_cfx.$(OBJEXT) -test_cfx_OBJECTS = $(am_test_cfx_OBJECTS) -test_cfx_LDADD = $(LDADD) -test_cfx_DEPENDENCIES = libgssapi.la \ - $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) -am_test_context_OBJECTS = test_context.$(OBJEXT) test_common.$(OBJEXT) -test_context_OBJECTS = $(am_test_context_OBJECTS) -test_context_LDADD = $(LDADD) -test_context_DEPENDENCIES = libgssapi.la \ - $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) -test_cred_SOURCES = test_cred.c -test_cred_OBJECTS = test_cred.$(OBJEXT) -test_cred_LDADD = $(LDADD) -test_cred_DEPENDENCIES = libgssapi.la \ - $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) -test_kcred_SOURCES = test_kcred.c -test_kcred_OBJECTS = test_kcred.$(OBJEXT) -test_kcred_LDADD = $(LDADD) -test_kcred_DEPENDENCIES = libgssapi.la \ - $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) -test_names_SOURCES = test_names.c -test_names_OBJECTS = test_names.$(OBJEXT) -test_names_LDADD = $(LDADD) -test_names_DEPENDENCIES = libgssapi.la \ - $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) -am_test_ntlm_OBJECTS = test_ntlm.$(OBJEXT) test_common.$(OBJEXT) -test_ntlm_OBJECTS = $(am_test_ntlm_OBJECTS) -am__DEPENDENCIES_2 = libgssapi.la $(top_builddir)/lib/krb5/libkrb5.la \ - $(am__DEPENDENCIES_1) -test_ntlm_DEPENDENCIES = $(top_builddir)/lib/ntlm/libheimntlm.la \ - $(am__DEPENDENCIES_2) -test_oid_SOURCES = test_oid.c -test_oid_OBJECTS = test_oid.$(OBJEXT) -test_oid_LDADD = $(LDADD) -test_oid_DEPENDENCIES = libgssapi.la \ - $(top_builddir)/lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(dist_libgssapi_la_SOURCES) $(nodist_libgssapi_la_SOURCES) \ - $(dist_gss_SOURCES) $(nodist_gss_SOURCES) \ - $(test_acquire_cred_SOURCES) $(test_cfx_SOURCES) \ - $(test_context_SOURCES) test_cred.c test_kcred.c test_names.c \ - $(test_ntlm_SOURCES) test_oid.c -DIST_SOURCES = $(dist_libgssapi_la_SOURCES) $(dist_gss_SOURCES) \ - $(test_acquire_cred_SOURCES) $(test_cfx_SOURCES) \ - $(test_context_SOURCES) test_cred.c test_kcred.c test_names.c \ - $(test_ntlm_SOURCES) test_oid.c -man3dir = $(mandir)/man3 -man5dir = $(mandir)/man5 -MANS = $(man_MANS) -includeHEADERS_INSTALL = $(INSTALL_HEADER) -nobase_includeHEADERS_INSTALL = $(install_sh_DATA) -nodist_gssapiHEADERS_INSTALL = $(INSTALL_HEADER) -HEADERS = $(include_HEADERS) $(nobase_include_HEADERS) \ - $(nodist_gssapi_HEADERS) $(noinst_HEADERS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - -I$(srcdir)/../krb5 -I$(srcdir) -I$(srcdir)/mech \ - $(INCLUDE_hcrypto) $(INCLUDE_krb4) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -AUTOMAKE_OPTIONS = subdir-objects -lib_LTLIBRARIES = libgssapi.la -krb5src = \ - krb5/8003.c \ - krb5/accept_sec_context.c \ - krb5/acquire_cred.c \ - krb5/add_cred.c \ - krb5/address_to_krb5addr.c \ - krb5/arcfour.c \ - krb5/canonicalize_name.c \ - krb5/ccache_name.c \ - krb5/cfx.c \ - krb5/cfx.h \ - krb5/compare_name.c \ - krb5/compat.c \ - krb5/context_time.c \ - krb5/copy_ccache.c \ - krb5/decapsulate.c \ - krb5/delete_sec_context.c \ - krb5/display_name.c \ - krb5/display_status.c \ - krb5/duplicate_name.c \ - krb5/encapsulate.c \ - krb5/export_name.c \ - krb5/export_sec_context.c \ - krb5/external.c \ - krb5/get_mic.c \ - krb5/gsskrb5_locl.h \ - krb5/gsskrb5-private.h \ - krb5/import_name.c \ - krb5/import_sec_context.c \ - krb5/indicate_mechs.c \ - krb5/init.c \ - krb5/init_sec_context.c \ - krb5/inquire_context.c \ - krb5/inquire_cred.c \ - krb5/inquire_cred_by_mech.c \ - krb5/inquire_cred_by_oid.c \ - krb5/inquire_mechs_for_name.c \ - krb5/inquire_names_for_mech.c \ - krb5/inquire_sec_context_by_oid.c \ - krb5/process_context_token.c \ - krb5/prf.c \ - krb5/release_buffer.c \ - krb5/release_cred.c \ - krb5/release_name.c \ - krb5/sequence.c \ - krb5/set_cred_option.c \ - krb5/set_sec_context_option.c \ - krb5/ticket_flags.c \ - krb5/unwrap.c \ - krb5/v1.c \ - krb5/verify_mic.c \ - krb5/wrap.c - -mechsrc = \ - mech/context.h \ - mech/context.c \ - mech/cred.h \ - mech/gss_accept_sec_context.c \ - mech/gss_acquire_cred.c \ - mech/gss_add_cred.c \ - mech/gss_add_oid_set_member.c \ - mech/gss_buffer_set.c \ - mech/gss_canonicalize_name.c \ - mech/gss_compare_name.c \ - mech/gss_context_time.c \ - mech/gss_create_empty_oid_set.c \ - mech/gss_decapsulate_token.c \ - mech/gss_delete_sec_context.c \ - mech/gss_display_name.c \ - mech/gss_display_status.c \ - mech/gss_duplicate_name.c \ - mech/gss_duplicate_oid.c \ - mech/gss_encapsulate_token.c \ - mech/gss_export_name.c \ - mech/gss_export_sec_context.c \ - mech/gss_get_mic.c \ - mech/gss_import_name.c \ - mech/gss_import_sec_context.c \ - mech/gss_indicate_mechs.c \ - mech/gss_init_sec_context.c \ - mech/gss_inquire_context.c \ - mech/gss_inquire_cred.c \ - mech/gss_inquire_cred_by_mech.c \ - mech/gss_inquire_cred_by_oid.c \ - mech/gss_inquire_mechs_for_name.c \ - mech/gss_inquire_names_for_mech.c \ - mech/gss_krb5.c \ - mech/gss_mech_switch.c \ - mech/gss_names.c \ - mech/gss_oid_equal.c \ - mech/gss_oid_to_str.c \ - mech/gss_process_context_token.c \ - mech/gss_pseudo_random.c \ - mech/gss_release_buffer.c \ - mech/gss_release_cred.c \ - mech/gss_release_name.c \ - mech/gss_release_oid.c \ - mech/gss_release_oid_set.c \ - mech/gss_seal.c \ - mech/gss_set_cred_option.c \ - mech/gss_set_sec_context_option.c \ - mech/gss_sign.c \ - mech/gss_test_oid_set_member.c \ - mech/gss_unseal.c \ - mech/gss_unwrap.c \ - mech/gss_utils.c \ - mech/gss_verify.c \ - mech/gss_verify_mic.c \ - mech/gss_wrap.c \ - mech/gss_wrap_size_limit.c \ - mech/gss_inquire_sec_context_by_oid.c \ - mech/mech_switch.h \ - mech/mechqueue.h \ - mech/mech_locl.h \ - mech/name.h \ - mech/utils.h - -spnegosrc = \ - spnego/accept_sec_context.c \ - spnego/compat.c \ - spnego/context_stubs.c \ - spnego/cred_stubs.c \ - spnego/external.c \ - spnego/init_sec_context.c \ - spnego/spnego_locl.h \ - spnego/spnego-private.h - -ntlmsrc = \ - ntlm/accept_sec_context.c \ - ntlm/acquire_cred.c \ - ntlm/add_cred.c \ - ntlm/canonicalize_name.c \ - ntlm/compare_name.c \ - ntlm/context_time.c \ - ntlm/crypto.c \ - ntlm/delete_sec_context.c \ - ntlm/display_name.c \ - ntlm/display_status.c \ - ntlm/duplicate_name.c \ - ntlm/export_name.c \ - ntlm/export_sec_context.c \ - ntlm/external.c \ - ntlm/ntlm.h \ - ntlm/ntlm-private.h \ - ntlm/import_name.c \ - ntlm/import_sec_context.c \ - ntlm/indicate_mechs.c \ - ntlm/init_sec_context.c \ - ntlm/inquire_context.c \ - ntlm/inquire_cred.c \ - ntlm/inquire_cred_by_mech.c \ - ntlm/inquire_mechs_for_name.c \ - ntlm/inquire_names_for_mech.c \ - ntlm/process_context_token.c \ - ntlm/release_cred.c \ - ntlm/release_name.c \ - ntlm/digest.c - -dist_libgssapi_la_SOURCES = \ - $(krb5src) \ - $(mechsrc) \ - $(ntlmsrc) \ - $(spnegosrc) - -nodist_libgssapi_la_SOURCES = \ - gkrb5_err.c \ - gkrb5_err.h \ - $(BUILT_SOURCES) - -libgssapi_la_LDFLAGS = -version-info 2:0:0 $(am__append_1) -libgssapi_la_LIBADD = \ - $(top_builddir)/lib/ntlm/libheimntlm.la \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_com_err) \ - $(LIB_hcrypto) \ - $(LIBADD_roken) - -man_MANS = gssapi.3 gss_acquire_cred.3 mech/mech.5 -include_HEADERS = gssapi.h -noinst_HEADERS = \ - gssapi_mech.h \ - ntlm/ntlm-private.h \ - spnego/spnego-private.h \ - krb5/gsskrb5-private.h - -nobase_include_HEADERS = \ - gssapi/gssapi.h \ - gssapi/gssapi_krb5.h \ - gssapi/gssapi_spnego.h - -gssapidir = $(includedir)/gssapi -nodist_gssapi_HEADERS = gkrb5_err.h -gssapi_files = asn1_GSSAPIContextToken.x -spnego_files = \ - asn1_ContextFlags.x \ - asn1_MechType.x \ - asn1_MechTypeList.x \ - asn1_NegotiationToken.x \ - asn1_NegotiationTokenWin.x \ - asn1_NegHints.x \ - asn1_NegTokenInit.x \ - asn1_NegTokenInitWin.x \ - asn1_NegTokenResp.x - -BUILT_SOURCES = $(spnego_files:.x=.c) $(gssapi_files:.x=.c) -CLEANFILES = $(BUILT_SOURCES) \ - gkrb5_err.h gkrb5_err.c \ - $(spnego_files) spnego_asn1.h spnego_asn1_files \ - $(gssapi_files) gssapi_asn1.h gssapi_asn1_files \ - gss-commands.h gss-commands.c - -# test_sequence -test_cfx_SOURCES = krb5/test_cfx.c -test_context_SOURCES = test_context.c test_common.c test_common.h -test_ntlm_SOURCES = test_ntlm.c test_common.c test_common.h -test_acquire_cred_SOURCES = test_acquire_cred.c test_common.c test_common.h -test_ntlm_LDADD = \ - $(top_builddir)/lib/ntlm/libheimntlm.la \ - $(LDADD) - -LDADD = libgssapi.la \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_roken) - - -# gss -dist_gss_SOURCES = gss.c -nodist_gss_SOURCES = gss-commands.c gss-commands.h -gss_LDADD = libgssapi.la \ - $(top_builddir)/lib/sl/libsl.la \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(LIB_readline) \ - $(LIB_roken) - -SLC = $(top_builddir)/lib/sl/slc -EXTRA_DIST = \ - $(man_MANS) \ - krb5/gkrb5_err.et \ - mech/gssapi.asn1 \ - spnego/spnego.asn1 \ - version-script.map \ - gss-commands.in - -all: $(BUILT_SOURCES) - $(MAKE) $(AM_MAKEFLAGS) all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/gssapi/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/gssapi/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-libLTLIBRARIES: $(lib_LTLIBRARIES) - @$(NORMAL_INSTALL) - test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ - else :; fi; \ - done - -uninstall-libLTLIBRARIES: - @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ - done - -clean-libLTLIBRARIES: - -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done -krb5/$(am__dirstamp): - @$(MKDIR_P) krb5 - @: > krb5/$(am__dirstamp) -krb5/8003.lo: krb5/$(am__dirstamp) -krb5/accept_sec_context.lo: krb5/$(am__dirstamp) -krb5/acquire_cred.lo: krb5/$(am__dirstamp) -krb5/add_cred.lo: krb5/$(am__dirstamp) -krb5/address_to_krb5addr.lo: krb5/$(am__dirstamp) -krb5/arcfour.lo: krb5/$(am__dirstamp) -krb5/canonicalize_name.lo: krb5/$(am__dirstamp) -krb5/ccache_name.lo: krb5/$(am__dirstamp) -krb5/cfx.lo: krb5/$(am__dirstamp) -krb5/compare_name.lo: krb5/$(am__dirstamp) -krb5/compat.lo: krb5/$(am__dirstamp) -krb5/context_time.lo: krb5/$(am__dirstamp) -krb5/copy_ccache.lo: krb5/$(am__dirstamp) -krb5/decapsulate.lo: krb5/$(am__dirstamp) -krb5/delete_sec_context.lo: krb5/$(am__dirstamp) -krb5/display_name.lo: krb5/$(am__dirstamp) -krb5/display_status.lo: krb5/$(am__dirstamp) -krb5/duplicate_name.lo: krb5/$(am__dirstamp) -krb5/encapsulate.lo: krb5/$(am__dirstamp) -krb5/export_name.lo: krb5/$(am__dirstamp) -krb5/export_sec_context.lo: krb5/$(am__dirstamp) -krb5/external.lo: krb5/$(am__dirstamp) -krb5/get_mic.lo: krb5/$(am__dirstamp) -krb5/import_name.lo: krb5/$(am__dirstamp) -krb5/import_sec_context.lo: krb5/$(am__dirstamp) -krb5/indicate_mechs.lo: krb5/$(am__dirstamp) -krb5/init.lo: krb5/$(am__dirstamp) -krb5/init_sec_context.lo: krb5/$(am__dirstamp) -krb5/inquire_context.lo: krb5/$(am__dirstamp) -krb5/inquire_cred.lo: krb5/$(am__dirstamp) -krb5/inquire_cred_by_mech.lo: krb5/$(am__dirstamp) -krb5/inquire_cred_by_oid.lo: krb5/$(am__dirstamp) -krb5/inquire_mechs_for_name.lo: krb5/$(am__dirstamp) -krb5/inquire_names_for_mech.lo: krb5/$(am__dirstamp) -krb5/inquire_sec_context_by_oid.lo: krb5/$(am__dirstamp) -krb5/process_context_token.lo: krb5/$(am__dirstamp) -krb5/prf.lo: krb5/$(am__dirstamp) -krb5/release_buffer.lo: krb5/$(am__dirstamp) -krb5/release_cred.lo: krb5/$(am__dirstamp) -krb5/release_name.lo: krb5/$(am__dirstamp) -krb5/sequence.lo: krb5/$(am__dirstamp) -krb5/set_cred_option.lo: krb5/$(am__dirstamp) -krb5/set_sec_context_option.lo: krb5/$(am__dirstamp) -krb5/ticket_flags.lo: krb5/$(am__dirstamp) -krb5/unwrap.lo: krb5/$(am__dirstamp) -krb5/v1.lo: krb5/$(am__dirstamp) -krb5/verify_mic.lo: krb5/$(am__dirstamp) -krb5/wrap.lo: krb5/$(am__dirstamp) -mech/$(am__dirstamp): - @$(MKDIR_P) mech - @: > mech/$(am__dirstamp) -mech/context.lo: mech/$(am__dirstamp) -mech/gss_accept_sec_context.lo: mech/$(am__dirstamp) -mech/gss_acquire_cred.lo: mech/$(am__dirstamp) -mech/gss_add_cred.lo: mech/$(am__dirstamp) -mech/gss_add_oid_set_member.lo: mech/$(am__dirstamp) -mech/gss_buffer_set.lo: mech/$(am__dirstamp) -mech/gss_canonicalize_name.lo: mech/$(am__dirstamp) -mech/gss_compare_name.lo: mech/$(am__dirstamp) -mech/gss_context_time.lo: mech/$(am__dirstamp) -mech/gss_create_empty_oid_set.lo: mech/$(am__dirstamp) -mech/gss_decapsulate_token.lo: mech/$(am__dirstamp) -mech/gss_delete_sec_context.lo: mech/$(am__dirstamp) -mech/gss_display_name.lo: mech/$(am__dirstamp) -mech/gss_display_status.lo: mech/$(am__dirstamp) -mech/gss_duplicate_name.lo: mech/$(am__dirstamp) -mech/gss_duplicate_oid.lo: mech/$(am__dirstamp) -mech/gss_encapsulate_token.lo: mech/$(am__dirstamp) -mech/gss_export_name.lo: mech/$(am__dirstamp) -mech/gss_export_sec_context.lo: mech/$(am__dirstamp) -mech/gss_get_mic.lo: mech/$(am__dirstamp) -mech/gss_import_name.lo: mech/$(am__dirstamp) -mech/gss_import_sec_context.lo: mech/$(am__dirstamp) -mech/gss_indicate_mechs.lo: mech/$(am__dirstamp) -mech/gss_init_sec_context.lo: mech/$(am__dirstamp) -mech/gss_inquire_context.lo: mech/$(am__dirstamp) -mech/gss_inquire_cred.lo: mech/$(am__dirstamp) -mech/gss_inquire_cred_by_mech.lo: mech/$(am__dirstamp) -mech/gss_inquire_cred_by_oid.lo: mech/$(am__dirstamp) -mech/gss_inquire_mechs_for_name.lo: mech/$(am__dirstamp) -mech/gss_inquire_names_for_mech.lo: mech/$(am__dirstamp) -mech/gss_krb5.lo: mech/$(am__dirstamp) -mech/gss_mech_switch.lo: mech/$(am__dirstamp) -mech/gss_names.lo: mech/$(am__dirstamp) -mech/gss_oid_equal.lo: mech/$(am__dirstamp) -mech/gss_oid_to_str.lo: mech/$(am__dirstamp) -mech/gss_process_context_token.lo: mech/$(am__dirstamp) -mech/gss_pseudo_random.lo: mech/$(am__dirstamp) -mech/gss_release_buffer.lo: mech/$(am__dirstamp) -mech/gss_release_cred.lo: mech/$(am__dirstamp) -mech/gss_release_name.lo: mech/$(am__dirstamp) -mech/gss_release_oid.lo: mech/$(am__dirstamp) -mech/gss_release_oid_set.lo: mech/$(am__dirstamp) -mech/gss_seal.lo: mech/$(am__dirstamp) -mech/gss_set_cred_option.lo: mech/$(am__dirstamp) -mech/gss_set_sec_context_option.lo: mech/$(am__dirstamp) -mech/gss_sign.lo: mech/$(am__dirstamp) -mech/gss_test_oid_set_member.lo: mech/$(am__dirstamp) -mech/gss_unseal.lo: mech/$(am__dirstamp) -mech/gss_unwrap.lo: mech/$(am__dirstamp) -mech/gss_utils.lo: mech/$(am__dirstamp) -mech/gss_verify.lo: mech/$(am__dirstamp) -mech/gss_verify_mic.lo: mech/$(am__dirstamp) -mech/gss_wrap.lo: mech/$(am__dirstamp) -mech/gss_wrap_size_limit.lo: mech/$(am__dirstamp) -mech/gss_inquire_sec_context_by_oid.lo: mech/$(am__dirstamp) -ntlm/$(am__dirstamp): - @$(MKDIR_P) ntlm - @: > ntlm/$(am__dirstamp) -ntlm/accept_sec_context.lo: ntlm/$(am__dirstamp) -ntlm/acquire_cred.lo: ntlm/$(am__dirstamp) -ntlm/add_cred.lo: ntlm/$(am__dirstamp) -ntlm/canonicalize_name.lo: ntlm/$(am__dirstamp) -ntlm/compare_name.lo: ntlm/$(am__dirstamp) -ntlm/context_time.lo: ntlm/$(am__dirstamp) -ntlm/crypto.lo: ntlm/$(am__dirstamp) -ntlm/delete_sec_context.lo: ntlm/$(am__dirstamp) -ntlm/display_name.lo: ntlm/$(am__dirstamp) -ntlm/display_status.lo: ntlm/$(am__dirstamp) -ntlm/duplicate_name.lo: ntlm/$(am__dirstamp) -ntlm/export_name.lo: ntlm/$(am__dirstamp) -ntlm/export_sec_context.lo: ntlm/$(am__dirstamp) -ntlm/external.lo: ntlm/$(am__dirstamp) -ntlm/import_name.lo: ntlm/$(am__dirstamp) -ntlm/import_sec_context.lo: ntlm/$(am__dirstamp) -ntlm/indicate_mechs.lo: ntlm/$(am__dirstamp) -ntlm/init_sec_context.lo: ntlm/$(am__dirstamp) -ntlm/inquire_context.lo: ntlm/$(am__dirstamp) -ntlm/inquire_cred.lo: ntlm/$(am__dirstamp) -ntlm/inquire_cred_by_mech.lo: ntlm/$(am__dirstamp) -ntlm/inquire_mechs_for_name.lo: ntlm/$(am__dirstamp) -ntlm/inquire_names_for_mech.lo: ntlm/$(am__dirstamp) -ntlm/process_context_token.lo: ntlm/$(am__dirstamp) -ntlm/release_cred.lo: ntlm/$(am__dirstamp) -ntlm/release_name.lo: ntlm/$(am__dirstamp) -ntlm/digest.lo: ntlm/$(am__dirstamp) -spnego/$(am__dirstamp): - @$(MKDIR_P) spnego - @: > spnego/$(am__dirstamp) -spnego/accept_sec_context.lo: spnego/$(am__dirstamp) -spnego/compat.lo: spnego/$(am__dirstamp) -spnego/context_stubs.lo: spnego/$(am__dirstamp) -spnego/cred_stubs.lo: spnego/$(am__dirstamp) -spnego/external.lo: spnego/$(am__dirstamp) -spnego/init_sec_context.lo: spnego/$(am__dirstamp) -libgssapi.la: $(libgssapi_la_OBJECTS) $(libgssapi_la_DEPENDENCIES) - $(libgssapi_la_LINK) -rpath $(libdir) $(libgssapi_la_OBJECTS) $(libgssapi_la_LIBADD) $(LIBS) -install-binPROGRAMS: $(bin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-binPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done - -clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done - -clean-checkPROGRAMS: - @list='$(check_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done - -clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -gss$(EXEEXT): $(gss_OBJECTS) $(gss_DEPENDENCIES) - @rm -f gss$(EXEEXT) - $(LINK) $(gss_OBJECTS) $(gss_LDADD) $(LIBS) -test_acquire_cred$(EXEEXT): $(test_acquire_cred_OBJECTS) $(test_acquire_cred_DEPENDENCIES) - @rm -f test_acquire_cred$(EXEEXT) - $(LINK) $(test_acquire_cred_OBJECTS) $(test_acquire_cred_LDADD) $(LIBS) -krb5/test_cfx.$(OBJEXT): krb5/$(am__dirstamp) -test_cfx$(EXEEXT): $(test_cfx_OBJECTS) $(test_cfx_DEPENDENCIES) - @rm -f test_cfx$(EXEEXT) - $(LINK) $(test_cfx_OBJECTS) $(test_cfx_LDADD) $(LIBS) -test_context$(EXEEXT): $(test_context_OBJECTS) $(test_context_DEPENDENCIES) - @rm -f test_context$(EXEEXT) - $(LINK) $(test_context_OBJECTS) $(test_context_LDADD) $(LIBS) -test_cred$(EXEEXT): $(test_cred_OBJECTS) $(test_cred_DEPENDENCIES) - @rm -f test_cred$(EXEEXT) - $(LINK) $(test_cred_OBJECTS) $(test_cred_LDADD) $(LIBS) -test_kcred$(EXEEXT): $(test_kcred_OBJECTS) $(test_kcred_DEPENDENCIES) - @rm -f test_kcred$(EXEEXT) - $(LINK) $(test_kcred_OBJECTS) $(test_kcred_LDADD) $(LIBS) -test_names$(EXEEXT): $(test_names_OBJECTS) $(test_names_DEPENDENCIES) - @rm -f test_names$(EXEEXT) - $(LINK) $(test_names_OBJECTS) $(test_names_LDADD) $(LIBS) -test_ntlm$(EXEEXT): $(test_ntlm_OBJECTS) $(test_ntlm_DEPENDENCIES) - @rm -f test_ntlm$(EXEEXT) - $(LINK) $(test_ntlm_OBJECTS) $(test_ntlm_LDADD) $(LIBS) -test_oid$(EXEEXT): $(test_oid_OBJECTS) $(test_oid_DEPENDENCIES) - @rm -f test_oid$(EXEEXT) - $(LINK) $(test_oid_OBJECTS) $(test_oid_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -rm -f krb5/8003.$(OBJEXT) - -rm -f krb5/8003.lo - -rm -f krb5/accept_sec_context.$(OBJEXT) - -rm -f krb5/accept_sec_context.lo - -rm -f krb5/acquire_cred.$(OBJEXT) - -rm -f krb5/acquire_cred.lo - -rm -f krb5/add_cred.$(OBJEXT) - -rm -f krb5/add_cred.lo - -rm -f krb5/address_to_krb5addr.$(OBJEXT) - -rm -f krb5/address_to_krb5addr.lo - -rm -f krb5/arcfour.$(OBJEXT) - -rm -f krb5/arcfour.lo - -rm -f krb5/canonicalize_name.$(OBJEXT) - -rm -f krb5/canonicalize_name.lo - -rm -f krb5/ccache_name.$(OBJEXT) - -rm -f krb5/ccache_name.lo - -rm -f krb5/cfx.$(OBJEXT) - -rm -f krb5/cfx.lo - -rm -f krb5/compare_name.$(OBJEXT) - -rm -f krb5/compare_name.lo - -rm -f krb5/compat.$(OBJEXT) - -rm -f krb5/compat.lo - -rm -f krb5/context_time.$(OBJEXT) - -rm -f krb5/context_time.lo - -rm -f krb5/copy_ccache.$(OBJEXT) - -rm -f krb5/copy_ccache.lo - -rm -f krb5/decapsulate.$(OBJEXT) - -rm -f krb5/decapsulate.lo - -rm -f krb5/delete_sec_context.$(OBJEXT) - -rm -f krb5/delete_sec_context.lo - -rm -f krb5/display_name.$(OBJEXT) - -rm -f krb5/display_name.lo - -rm -f krb5/display_status.$(OBJEXT) - -rm -f krb5/display_status.lo - -rm -f krb5/duplicate_name.$(OBJEXT) - -rm -f krb5/duplicate_name.lo - -rm -f krb5/encapsulate.$(OBJEXT) - -rm -f krb5/encapsulate.lo - -rm -f krb5/export_name.$(OBJEXT) - -rm -f krb5/export_name.lo - -rm -f krb5/export_sec_context.$(OBJEXT) - -rm -f krb5/export_sec_context.lo - -rm -f krb5/external.$(OBJEXT) - -rm -f krb5/external.lo - -rm -f krb5/get_mic.$(OBJEXT) - -rm -f krb5/get_mic.lo - -rm -f krb5/import_name.$(OBJEXT) - -rm -f krb5/import_name.lo - -rm -f krb5/import_sec_context.$(OBJEXT) - -rm -f krb5/import_sec_context.lo - -rm -f krb5/indicate_mechs.$(OBJEXT) - -rm -f krb5/indicate_mechs.lo - -rm -f krb5/init.$(OBJEXT) - -rm -f krb5/init.lo - -rm -f krb5/init_sec_context.$(OBJEXT) - -rm -f krb5/init_sec_context.lo - -rm -f krb5/inquire_context.$(OBJEXT) - -rm -f krb5/inquire_context.lo - -rm -f krb5/inquire_cred.$(OBJEXT) - -rm -f krb5/inquire_cred.lo - -rm -f krb5/inquire_cred_by_mech.$(OBJEXT) - -rm -f krb5/inquire_cred_by_mech.lo - -rm -f krb5/inquire_cred_by_oid.$(OBJEXT) - -rm -f krb5/inquire_cred_by_oid.lo - -rm -f krb5/inquire_mechs_for_name.$(OBJEXT) - -rm -f krb5/inquire_mechs_for_name.lo - -rm -f krb5/inquire_names_for_mech.$(OBJEXT) - -rm -f krb5/inquire_names_for_mech.lo - -rm -f krb5/inquire_sec_context_by_oid.$(OBJEXT) - -rm -f krb5/inquire_sec_context_by_oid.lo - -rm -f krb5/prf.$(OBJEXT) - -rm -f krb5/prf.lo - -rm -f krb5/process_context_token.$(OBJEXT) - -rm -f krb5/process_context_token.lo - -rm -f krb5/release_buffer.$(OBJEXT) - -rm -f krb5/release_buffer.lo - -rm -f krb5/release_cred.$(OBJEXT) - -rm -f krb5/release_cred.lo - -rm -f krb5/release_name.$(OBJEXT) - -rm -f krb5/release_name.lo - -rm -f krb5/sequence.$(OBJEXT) - -rm -f krb5/sequence.lo - -rm -f krb5/set_cred_option.$(OBJEXT) - -rm -f krb5/set_cred_option.lo - -rm -f krb5/set_sec_context_option.$(OBJEXT) - -rm -f krb5/set_sec_context_option.lo - -rm -f krb5/test_cfx.$(OBJEXT) - -rm -f krb5/ticket_flags.$(OBJEXT) - -rm -f krb5/ticket_flags.lo - -rm -f krb5/unwrap.$(OBJEXT) - -rm -f krb5/unwrap.lo - -rm -f krb5/v1.$(OBJEXT) - -rm -f krb5/v1.lo - -rm -f krb5/verify_mic.$(OBJEXT) - -rm -f krb5/verify_mic.lo - -rm -f krb5/wrap.$(OBJEXT) - -rm -f krb5/wrap.lo - -rm -f mech/context.$(OBJEXT) - -rm -f mech/context.lo - -rm -f mech/gss_accept_sec_context.$(OBJEXT) - -rm -f mech/gss_accept_sec_context.lo - -rm -f mech/gss_acquire_cred.$(OBJEXT) - -rm -f mech/gss_acquire_cred.lo - -rm -f mech/gss_add_cred.$(OBJEXT) - -rm -f mech/gss_add_cred.lo - -rm -f mech/gss_add_oid_set_member.$(OBJEXT) - -rm -f mech/gss_add_oid_set_member.lo - -rm -f mech/gss_buffer_set.$(OBJEXT) - -rm -f mech/gss_buffer_set.lo - -rm -f mech/gss_canonicalize_name.$(OBJEXT) - -rm -f mech/gss_canonicalize_name.lo - -rm -f mech/gss_compare_name.$(OBJEXT) - -rm -f mech/gss_compare_name.lo - -rm -f mech/gss_context_time.$(OBJEXT) - -rm -f mech/gss_context_time.lo - -rm -f mech/gss_create_empty_oid_set.$(OBJEXT) - -rm -f mech/gss_create_empty_oid_set.lo - -rm -f mech/gss_decapsulate_token.$(OBJEXT) - -rm -f mech/gss_decapsulate_token.lo - -rm -f mech/gss_delete_sec_context.$(OBJEXT) - -rm -f mech/gss_delete_sec_context.lo - -rm -f mech/gss_display_name.$(OBJEXT) - -rm -f mech/gss_display_name.lo - -rm -f mech/gss_display_status.$(OBJEXT) - -rm -f mech/gss_display_status.lo - -rm -f mech/gss_duplicate_name.$(OBJEXT) - -rm -f mech/gss_duplicate_name.lo - -rm -f mech/gss_duplicate_oid.$(OBJEXT) - -rm -f mech/gss_duplicate_oid.lo - -rm -f mech/gss_encapsulate_token.$(OBJEXT) - -rm -f mech/gss_encapsulate_token.lo - -rm -f mech/gss_export_name.$(OBJEXT) - -rm -f mech/gss_export_name.lo - -rm -f mech/gss_export_sec_context.$(OBJEXT) - -rm -f mech/gss_export_sec_context.lo - -rm -f mech/gss_get_mic.$(OBJEXT) - -rm -f mech/gss_get_mic.lo - -rm -f mech/gss_import_name.$(OBJEXT) - -rm -f mech/gss_import_name.lo - -rm -f mech/gss_import_sec_context.$(OBJEXT) - -rm -f mech/gss_import_sec_context.lo - -rm -f mech/gss_indicate_mechs.$(OBJEXT) - -rm -f mech/gss_indicate_mechs.lo - -rm -f mech/gss_init_sec_context.$(OBJEXT) - -rm -f mech/gss_init_sec_context.lo - -rm -f mech/gss_inquire_context.$(OBJEXT) - -rm -f mech/gss_inquire_context.lo - -rm -f mech/gss_inquire_cred.$(OBJEXT) - -rm -f mech/gss_inquire_cred.lo - -rm -f mech/gss_inquire_cred_by_mech.$(OBJEXT) - -rm -f mech/gss_inquire_cred_by_mech.lo - -rm -f mech/gss_inquire_cred_by_oid.$(OBJEXT) - -rm -f mech/gss_inquire_cred_by_oid.lo - -rm -f mech/gss_inquire_mechs_for_name.$(OBJEXT) - -rm -f mech/gss_inquire_mechs_for_name.lo - -rm -f mech/gss_inquire_names_for_mech.$(OBJEXT) - -rm -f mech/gss_inquire_names_for_mech.lo - -rm -f mech/gss_inquire_sec_context_by_oid.$(OBJEXT) - -rm -f mech/gss_inquire_sec_context_by_oid.lo - -rm -f mech/gss_krb5.$(OBJEXT) - -rm -f mech/gss_krb5.lo - -rm -f mech/gss_mech_switch.$(OBJEXT) - -rm -f mech/gss_mech_switch.lo - -rm -f mech/gss_names.$(OBJEXT) - -rm -f mech/gss_names.lo - -rm -f mech/gss_oid_equal.$(OBJEXT) - -rm -f mech/gss_oid_equal.lo - -rm -f mech/gss_oid_to_str.$(OBJEXT) - -rm -f mech/gss_oid_to_str.lo - -rm -f mech/gss_process_context_token.$(OBJEXT) - -rm -f mech/gss_process_context_token.lo - -rm -f mech/gss_pseudo_random.$(OBJEXT) - -rm -f mech/gss_pseudo_random.lo - -rm -f mech/gss_release_buffer.$(OBJEXT) - -rm -f mech/gss_release_buffer.lo - -rm -f mech/gss_release_cred.$(OBJEXT) - -rm -f mech/gss_release_cred.lo - -rm -f mech/gss_release_name.$(OBJEXT) - -rm -f mech/gss_release_name.lo - -rm -f mech/gss_release_oid.$(OBJEXT) - -rm -f mech/gss_release_oid.lo - -rm -f mech/gss_release_oid_set.$(OBJEXT) - -rm -f mech/gss_release_oid_set.lo - -rm -f mech/gss_seal.$(OBJEXT) - -rm -f mech/gss_seal.lo - -rm -f mech/gss_set_cred_option.$(OBJEXT) - -rm -f mech/gss_set_cred_option.lo - -rm -f mech/gss_set_sec_context_option.$(OBJEXT) - -rm -f mech/gss_set_sec_context_option.lo - -rm -f mech/gss_sign.$(OBJEXT) - -rm -f mech/gss_sign.lo - -rm -f mech/gss_test_oid_set_member.$(OBJEXT) - -rm -f mech/gss_test_oid_set_member.lo - -rm -f mech/gss_unseal.$(OBJEXT) - -rm -f mech/gss_unseal.lo - -rm -f mech/gss_unwrap.$(OBJEXT) - -rm -f mech/gss_unwrap.lo - -rm -f mech/gss_utils.$(OBJEXT) - -rm -f mech/gss_utils.lo - -rm -f mech/gss_verify.$(OBJEXT) - -rm -f mech/gss_verify.lo - -rm -f mech/gss_verify_mic.$(OBJEXT) - -rm -f mech/gss_verify_mic.lo - -rm -f mech/gss_wrap.$(OBJEXT) - -rm -f mech/gss_wrap.lo - -rm -f mech/gss_wrap_size_limit.$(OBJEXT) - -rm -f mech/gss_wrap_size_limit.lo - -rm -f ntlm/accept_sec_context.$(OBJEXT) - -rm -f ntlm/accept_sec_context.lo - -rm -f ntlm/acquire_cred.$(OBJEXT) - -rm -f ntlm/acquire_cred.lo - -rm -f ntlm/add_cred.$(OBJEXT) - -rm -f ntlm/add_cred.lo - -rm -f ntlm/canonicalize_name.$(OBJEXT) - -rm -f ntlm/canonicalize_name.lo - -rm -f ntlm/compare_name.$(OBJEXT) - -rm -f ntlm/compare_name.lo - -rm -f ntlm/context_time.$(OBJEXT) - -rm -f ntlm/context_time.lo - -rm -f ntlm/crypto.$(OBJEXT) - -rm -f ntlm/crypto.lo - -rm -f ntlm/delete_sec_context.$(OBJEXT) - -rm -f ntlm/delete_sec_context.lo - -rm -f ntlm/digest.$(OBJEXT) - -rm -f ntlm/digest.lo - -rm -f ntlm/display_name.$(OBJEXT) - -rm -f ntlm/display_name.lo - -rm -f ntlm/display_status.$(OBJEXT) - -rm -f ntlm/display_status.lo - -rm -f ntlm/duplicate_name.$(OBJEXT) - -rm -f ntlm/duplicate_name.lo - -rm -f ntlm/export_name.$(OBJEXT) - -rm -f ntlm/export_name.lo - -rm -f ntlm/export_sec_context.$(OBJEXT) - -rm -f ntlm/export_sec_context.lo - -rm -f ntlm/external.$(OBJEXT) - -rm -f ntlm/external.lo - -rm -f ntlm/import_name.$(OBJEXT) - -rm -f ntlm/import_name.lo - -rm -f ntlm/import_sec_context.$(OBJEXT) - -rm -f ntlm/import_sec_context.lo - -rm -f ntlm/indicate_mechs.$(OBJEXT) - -rm -f ntlm/indicate_mechs.lo - -rm -f ntlm/init_sec_context.$(OBJEXT) - -rm -f ntlm/init_sec_context.lo - -rm -f ntlm/inquire_context.$(OBJEXT) - -rm -f ntlm/inquire_context.lo - -rm -f ntlm/inquire_cred.$(OBJEXT) - -rm -f ntlm/inquire_cred.lo - -rm -f ntlm/inquire_cred_by_mech.$(OBJEXT) - -rm -f ntlm/inquire_cred_by_mech.lo - -rm -f ntlm/inquire_mechs_for_name.$(OBJEXT) - -rm -f ntlm/inquire_mechs_for_name.lo - -rm -f ntlm/inquire_names_for_mech.$(OBJEXT) - -rm -f ntlm/inquire_names_for_mech.lo - -rm -f ntlm/process_context_token.$(OBJEXT) - -rm -f ntlm/process_context_token.lo - -rm -f ntlm/release_cred.$(OBJEXT) - -rm -f ntlm/release_cred.lo - -rm -f ntlm/release_name.$(OBJEXT) - -rm -f ntlm/release_name.lo - -rm -f spnego/accept_sec_context.$(OBJEXT) - -rm -f spnego/accept_sec_context.lo - -rm -f spnego/compat.$(OBJEXT) - -rm -f spnego/compat.lo - -rm -f spnego/context_stubs.$(OBJEXT) - -rm -f spnego/context_stubs.lo - -rm -f spnego/cred_stubs.$(OBJEXT) - -rm -f spnego/cred_stubs.lo - -rm -f spnego/external.$(OBJEXT) - -rm -f spnego/external.lo - -rm -f spnego/init_sec_context.$(OBJEXT) - -rm -f spnego/init_sec_context.lo - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c -o $@ $< - -.c.obj: - $(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -rm -rf krb5/.libs krb5/_libs - -rm -rf mech/.libs mech/_libs - -rm -rf ntlm/.libs ntlm/_libs - -rm -rf spnego/.libs spnego/_libs -install-man3: $(man3_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man3dir)" || $(MKDIR_P) "$(DESTDIR)$(man3dir)" - @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.3*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 3*) ;; \ - *) ext='3' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst"; \ - done -uninstall-man3: - @$(NORMAL_UNINSTALL) - @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.3*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 3*) ;; \ - *) ext='3' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man3dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man3dir)/$$inst"; \ - done -install-man5: $(man5_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man5dir)" || $(MKDIR_P) "$(DESTDIR)$(man5dir)" - @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.5*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 5*) ;; \ - *) ext='5' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst"; \ - done -uninstall-man5: - @$(NORMAL_UNINSTALL) - @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.5*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 5*) ;; \ - *) ext='5' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man5dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man5dir)/$$inst"; \ - done -install-includeHEADERS: $(include_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ - done - -uninstall-includeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done -install-nobase_includeHEADERS: $(nobase_include_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @$(am__vpath_adj_setup) \ - list='$(nobase_include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - $(am__vpath_adj) \ - echo " $(nobase_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(nobase_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ - done - -uninstall-nobase_includeHEADERS: - @$(NORMAL_UNINSTALL) - @$(am__vpath_adj_setup) \ - list='$(nobase_include_HEADERS)'; for p in $$list; do \ - $(am__vpath_adj) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done -install-nodist_gssapiHEADERS: $(nodist_gssapi_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(gssapidir)" || $(MKDIR_P) "$(DESTDIR)$(gssapidir)" - @list='$(nodist_gssapi_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(nodist_gssapiHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(gssapidir)/$$f'"; \ - $(nodist_gssapiHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(gssapidir)/$$f"; \ - done - -uninstall-nodist_gssapiHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(nodist_gssapi_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(gssapidir)/$$f'"; \ - rm -f "$(DESTDIR)$(gssapidir)/$$f"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ - srcdir=$(srcdir); export srcdir; \ - list=' $(TESTS) '; \ - if test -n "$$list"; then \ - for tst in $$list; do \ - if test -f ./$$tst; then dir=./; \ - elif test -f $$tst; then dir=; \ - else dir="$(srcdir)/"; fi; \ - if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xpass=`expr $$xpass + 1`; \ - failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ - ;; \ - *) \ - echo "PASS: $$tst"; \ - ;; \ - esac; \ - elif test $$? -ne 77; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ - ;; \ - *) \ - failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ - ;; \ - esac; \ - else \ - skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ - fi; \ - else \ - if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ - else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ - fi; \ - fi; \ - dashes="$$banner"; \ - skipped=""; \ - if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ - test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$skipped"; \ - fi; \ - report=""; \ - if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ - report="Please report to $(PACKAGE_BUGREPORT)"; \ - test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$report"; \ - fi; \ - dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - test -z "$$skipped" || echo "$$skipped"; \ - test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0; \ - else :; fi - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) - $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local -check: $(BUILT_SOURCES) - $(MAKE) $(AM_MAKEFLAGS) check-am -all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(MANS) $(HEADERS) \ - all-local -install-binPROGRAMS: install-libLTLIBRARIES - -installdirs: - for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man3dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)" "$(DESTDIR)$(gssapidir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: $(BUILT_SOURCES) - $(MAKE) $(AM_MAKEFLAGS) install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -rm -f krb5/$(am__dirstamp) - -rm -f mech/$(am__dirstamp) - -rm -f ntlm/$(am__dirstamp) - -rm -f spnego/$(am__dirstamp) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." - -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) -clean: clean-am - -clean-am: clean-binPROGRAMS clean-checkPROGRAMS clean-generic \ - clean-libLTLIBRARIES clean-libtool clean-noinstPROGRAMS \ - mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-includeHEADERS install-man \ - install-nobase_includeHEADERS install-nodist_gssapiHEADERS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-binPROGRAMS install-libLTLIBRARIES - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man3 install-man5 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-binPROGRAMS uninstall-includeHEADERS \ - uninstall-libLTLIBRARIES uninstall-man \ - uninstall-nobase_includeHEADERS uninstall-nodist_gssapiHEADERS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man3 uninstall-man5 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \ - check-local clean clean-binPROGRAMS clean-checkPROGRAMS \ - clean-generic clean-libLTLIBRARIES clean-libtool \ - clean-noinstPROGRAMS ctags dist-hook distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-binPROGRAMS install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-includeHEADERS install-info \ - install-info-am install-libLTLIBRARIES install-man \ - install-man3 install-man5 install-nobase_includeHEADERS \ - install-nodist_gssapiHEADERS install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-binPROGRAMS \ - uninstall-hook uninstall-includeHEADERS \ - uninstall-libLTLIBRARIES uninstall-man uninstall-man3 \ - uninstall-man5 uninstall-nobase_includeHEADERS \ - uninstall-nodist_gssapiHEADERS - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -$(srcdir)/ntlm/ntlm-private.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p ntlm/ntlm-private.h $(ntlmsrc) || rm -f ntlm/ntlm-private.h - -$(libgssapi_la_OBJECTS): $(srcdir)/krb5/gsskrb5-private.h -$(libgssapi_la_OBJECTS): $(srcdir)/spnego/spnego-private.h -$(libgssapi_la_OBJECTS): $(srcdir)/ntlm/ntlm-private.h - -$(libgssapi_la_OBJECTS): $(srcdir)/version-script.map - -$(spnego_files) spnego_asn1.h: spnego_asn1_files -$(gssapi_files) gssapi_asn1.h: gssapi_asn1_files - -spnego_asn1_files: ../asn1/asn1_compile$(EXEEXT) $(srcdir)/spnego/spnego.asn1 - ../asn1/asn1_compile$(EXEEXT) --sequence=MechTypeList $(srcdir)/spnego/spnego.asn1 spnego_asn1 - -gssapi_asn1_files: ../asn1/asn1_compile$(EXEEXT) $(srcdir)/mech/gssapi.asn1 - ../asn1/asn1_compile$(EXEEXT) $(srcdir)/mech/gssapi.asn1 gssapi_asn1 - -$(srcdir)/krb5/gsskrb5-private.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p krb5/gsskrb5-private.h $(krb5src) || rm -f krb5/gsskrb5-private.h - -$(srcdir)/spnego/spnego-private.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p spnego/spnego-private.h $(spnegosrc) || rm -f spnego/spnego-private.h - -gss-commands.c gss-commands.h: gss-commands.in - $(SLC) $(srcdir)/gss-commands.in - -$(gss_OBJECTS): gss-commands.h - -# to help stupid solaris make - -$(libgssapi_la_OBJECTS): gkrb5_err.h gssapi_asn1.h spnego_asn1.h - -gkrb5_err.h gkrb5_err.c: $(srcdir)/krb5/gkrb5_err.et - $(COMPILE_ET) $(srcdir)/krb5/gkrb5_err.et -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/lib/gssapi/accept_sec_context.c b/crypto/heimdal/lib/gssapi/accept_sec_context.c deleted file mode 100644 index d923c36fd574..000000000000 --- a/crypto/heimdal/lib/gssapi/accept_sec_context.c +++ /dev/null @@ -1,445 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: accept_sec_context.c,v 1.33.2.2 2003/12/19 00:37:06 lha Exp $"); - -krb5_keytab gssapi_krb5_keytab; - -OM_uint32 -gsskrb5_register_acceptor_identity (const char *identity) -{ - krb5_error_code ret; - char *p; - - ret = gssapi_krb5_init(); - if(ret) - return GSS_S_FAILURE; - - if(gssapi_krb5_keytab != NULL) { - krb5_kt_close(gssapi_krb5_context, gssapi_krb5_keytab); - gssapi_krb5_keytab = NULL; - } - asprintf(&p, "FILE:%s", identity); - if(p == NULL) - return GSS_S_FAILURE; - ret = krb5_kt_resolve(gssapi_krb5_context, p, &gssapi_krb5_keytab); - free(p); - if(ret) - return GSS_S_FAILURE; - return GSS_S_COMPLETE; -} - -OM_uint32 -gss_accept_sec_context - (OM_uint32 * minor_status, - gss_ctx_id_t * context_handle, - const gss_cred_id_t acceptor_cred_handle, - const gss_buffer_t input_token_buffer, - const gss_channel_bindings_t input_chan_bindings, - gss_name_t * src_name, - gss_OID * mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec, - gss_cred_id_t * delegated_cred_handle - ) -{ - krb5_error_code kret; - OM_uint32 ret = GSS_S_COMPLETE; - krb5_data indata; - krb5_flags ap_options; - OM_uint32 flags; - krb5_ticket *ticket = NULL; - krb5_keytab keytab = NULL; - krb5_data fwd_data; - OM_uint32 minor; - - GSSAPI_KRB5_INIT(); - - krb5_data_zero (&fwd_data); - output_token->length = 0; - output_token->value = NULL; - - if (src_name != NULL) - *src_name = NULL; - if (mech_type) - *mech_type = GSS_KRB5_MECHANISM; - - if (*context_handle == GSS_C_NO_CONTEXT) { - *context_handle = malloc(sizeof(**context_handle)); - if (*context_handle == GSS_C_NO_CONTEXT) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - } - - (*context_handle)->auth_context = NULL; - (*context_handle)->source = NULL; - (*context_handle)->target = NULL; - (*context_handle)->flags = 0; - (*context_handle)->more_flags = 0; - (*context_handle)->ticket = NULL; - (*context_handle)->lifetime = GSS_C_INDEFINITE; - - kret = krb5_auth_con_init (gssapi_krb5_context, - &(*context_handle)->auth_context); - if (kret) { - ret = GSS_S_FAILURE; - *minor_status = kret; - gssapi_krb5_set_error_string (); - goto failure; - } - - if (input_chan_bindings != GSS_C_NO_CHANNEL_BINDINGS - && input_chan_bindings->application_data.length == - 2 * sizeof((*context_handle)->auth_context->local_port) - ) { - - /* Port numbers are expected to be in application_data.value, - * initator's port first */ - - krb5_address initiator_addr, acceptor_addr; - - memset(&initiator_addr, 0, sizeof(initiator_addr)); - memset(&acceptor_addr, 0, sizeof(acceptor_addr)); - - (*context_handle)->auth_context->remote_port = - *(int16_t *) input_chan_bindings->application_data.value; - - (*context_handle)->auth_context->local_port = - *((int16_t *) input_chan_bindings->application_data.value + 1); - - - kret = gss_address_to_krb5addr(input_chan_bindings->acceptor_addrtype, - &input_chan_bindings->acceptor_address, - (*context_handle)->auth_context->local_port, - &acceptor_addr); - if (kret) { - gssapi_krb5_set_error_string (); - ret = GSS_S_BAD_BINDINGS; - *minor_status = kret; - goto failure; - } - - kret = gss_address_to_krb5addr(input_chan_bindings->initiator_addrtype, - &input_chan_bindings->initiator_address, - (*context_handle)->auth_context->remote_port, - &initiator_addr); - if (kret) { - krb5_free_address (gssapi_krb5_context, &acceptor_addr); - gssapi_krb5_set_error_string (); - ret = GSS_S_BAD_BINDINGS; - *minor_status = kret; - goto failure; - } - - kret = krb5_auth_con_setaddrs(gssapi_krb5_context, - (*context_handle)->auth_context, - &acceptor_addr, /* local address */ - &initiator_addr); /* remote address */ - - krb5_free_address (gssapi_krb5_context, &initiator_addr); - krb5_free_address (gssapi_krb5_context, &acceptor_addr); - -#if 0 - free(input_chan_bindings->application_data.value); - input_chan_bindings->application_data.value = NULL; - input_chan_bindings->application_data.length = 0; -#endif - - if (kret) { - gssapi_krb5_set_error_string (); - ret = GSS_S_BAD_BINDINGS; - *minor_status = kret; - goto failure; - } - } - - - - { - int32_t tmp; - - krb5_auth_con_getflags(gssapi_krb5_context, - (*context_handle)->auth_context, - &tmp); - tmp |= KRB5_AUTH_CONTEXT_DO_SEQUENCE; - krb5_auth_con_setflags(gssapi_krb5_context, - (*context_handle)->auth_context, - tmp); - } - - ret = gssapi_krb5_decapsulate (minor_status, - input_token_buffer, - &indata, - "\x01\x00"); - if (ret) - goto failure; - - if (acceptor_cred_handle == GSS_C_NO_CREDENTIAL) { - if (gssapi_krb5_keytab != NULL) { - keytab = gssapi_krb5_keytab; - } - } else if (acceptor_cred_handle->keytab != NULL) { - keytab = acceptor_cred_handle->keytab; - } - - kret = krb5_rd_req (gssapi_krb5_context, - &(*context_handle)->auth_context, - &indata, - (acceptor_cred_handle == GSS_C_NO_CREDENTIAL) ? NULL - : acceptor_cred_handle->principal, - keytab, - &ap_options, - &ticket); - if (kret) { - ret = GSS_S_FAILURE; - *minor_status = kret; - gssapi_krb5_set_error_string (); - goto failure; - } - - kret = krb5_copy_principal (gssapi_krb5_context, - ticket->client, - &(*context_handle)->source); - if (kret) { - ret = GSS_S_FAILURE; - *minor_status = kret; - gssapi_krb5_set_error_string (); - goto failure; - } - - kret = krb5_copy_principal (gssapi_krb5_context, - ticket->server, - &(*context_handle)->target); - if (kret) { - ret = GSS_S_FAILURE; - *minor_status = kret; - gssapi_krb5_set_error_string (); - goto failure; - } - - ret = _gss_DES3_get_mic_compat(minor_status, *context_handle); - if (ret) - goto failure; - - if (src_name != NULL) { - kret = krb5_copy_principal (gssapi_krb5_context, - ticket->client, - src_name); - if (kret) { - ret = GSS_S_FAILURE; - *minor_status = kret; - gssapi_krb5_set_error_string (); - goto failure; - } - } - - { - krb5_authenticator authenticator; - - kret = krb5_auth_con_getauthenticator(gssapi_krb5_context, - (*context_handle)->auth_context, - &authenticator); - if(kret) { - ret = GSS_S_FAILURE; - *minor_status = kret; - gssapi_krb5_set_error_string (); - goto failure; - } - - ret = gssapi_krb5_verify_8003_checksum(minor_status, - input_chan_bindings, - authenticator->cksum, - &flags, - &fwd_data); - krb5_free_authenticator(gssapi_krb5_context, &authenticator); - if (ret) - goto failure; - } - - if (fwd_data.length > 0 && (flags & GSS_C_DELEG_FLAG)) { - krb5_ccache ccache; - int32_t ac_flags; - - if (delegated_cred_handle == NULL) - /* XXX Create a new delegated_cred_handle? */ - kret = krb5_cc_default (gssapi_krb5_context, &ccache); - else if (*delegated_cred_handle == NULL) { - if ((*delegated_cred_handle = - calloc(1, sizeof(**delegated_cred_handle))) == NULL) { - ret = GSS_S_FAILURE; - *minor_status = ENOMEM; - krb5_set_error_string(gssapi_krb5_context, "out of memory"); - gssapi_krb5_set_error_string(); - goto failure; - } - if ((ret = gss_duplicate_name(minor_status, ticket->client, - &(*delegated_cred_handle)->principal)) != 0) { - flags &= ~GSS_C_DELEG_FLAG; - free(*delegated_cred_handle); - *delegated_cred_handle = NULL; - goto end_fwd; - } - } - if (delegated_cred_handle != NULL && - (*delegated_cred_handle)->ccache == NULL) { - kret = krb5_cc_gen_new (gssapi_krb5_context, - &krb5_mcc_ops, - &(*delegated_cred_handle)->ccache); - ccache = (*delegated_cred_handle)->ccache; - } - if (delegated_cred_handle != NULL && - (*delegated_cred_handle)->mechanisms == NULL) { - ret = gss_create_empty_oid_set(minor_status, - &(*delegated_cred_handle)->mechanisms); - if (ret) - goto failure; - ret = gss_add_oid_set_member(minor_status, GSS_KRB5_MECHANISM, - &(*delegated_cred_handle)->mechanisms); - if (ret) - goto failure; - } - - if (kret) { - flags &= ~GSS_C_DELEG_FLAG; - goto end_fwd; - } - - kret = krb5_cc_initialize(gssapi_krb5_context, - ccache, - *src_name); - if (kret) { - flags &= ~GSS_C_DELEG_FLAG; - goto end_fwd; - } - - krb5_auth_con_getflags(gssapi_krb5_context, - (*context_handle)->auth_context, - &ac_flags); - krb5_auth_con_setflags(gssapi_krb5_context, - (*context_handle)->auth_context, - ac_flags & ~KRB5_AUTH_CONTEXT_DO_TIME); - kret = krb5_rd_cred2(gssapi_krb5_context, - (*context_handle)->auth_context, - ccache, - &fwd_data); - krb5_auth_con_setflags(gssapi_krb5_context, - (*context_handle)->auth_context, - ac_flags); - if (kret) { - flags &= ~GSS_C_DELEG_FLAG; - goto end_fwd; - } - - end_fwd: - free(fwd_data.data); - } - - - flags |= GSS_C_TRANS_FLAG; - - if (ret_flags) - *ret_flags = flags; - (*context_handle)->lifetime = ticket->ticket.endtime; - (*context_handle)->flags = flags; - (*context_handle)->more_flags |= OPEN; - - if (mech_type) - *mech_type = GSS_KRB5_MECHANISM; - - if (time_rec) { - ret = gssapi_lifetime_left(minor_status, - (*context_handle)->lifetime, - time_rec); - if (ret) - goto failure; - } - - if(flags & GSS_C_MUTUAL_FLAG) { - krb5_data outbuf; - - kret = krb5_mk_rep (gssapi_krb5_context, - (*context_handle)->auth_context, - &outbuf); - if (kret) { - ret = GSS_S_FAILURE; - *minor_status = kret; - gssapi_krb5_set_error_string (); - goto failure; - } - ret = gssapi_krb5_encapsulate (minor_status, - &outbuf, - output_token, - "\x02\x00"); - krb5_data_free (&outbuf); - if (ret) - goto failure; - } else { - output_token->length = 0; - output_token->value = NULL; - } - - (*context_handle)->ticket = ticket; - ticket = NULL; - -#if 0 - krb5_free_ticket (context, ticket); -#endif - - *minor_status = 0; - return GSS_S_COMPLETE; - - failure: - if (fwd_data.length > 0) - free(fwd_data.data); - if (ticket != NULL) - krb5_free_ticket (gssapi_krb5_context, ticket); - krb5_auth_con_free (gssapi_krb5_context, - (*context_handle)->auth_context); - if((*context_handle)->source) - krb5_free_principal (gssapi_krb5_context, - (*context_handle)->source); - if((*context_handle)->target) - krb5_free_principal (gssapi_krb5_context, - (*context_handle)->target); - free (*context_handle); - if (src_name != NULL) { - gss_release_name (&minor, src_name); - *src_name = NULL; - } - *context_handle = GSS_C_NO_CONTEXT; - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/acquire_cred.c b/crypto/heimdal/lib/gssapi/acquire_cred.c deleted file mode 100644 index dfe2b4cca5cb..000000000000 --- a/crypto/heimdal/lib/gssapi/acquire_cred.c +++ /dev/null @@ -1,309 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: acquire_cred.c,v 1.13.2.1 2003/08/15 14:18:24 lha Exp $"); - -static krb5_error_code -get_keytab(krb5_keytab *keytab) -{ - char kt_name[256]; - krb5_error_code kret; - - if (gssapi_krb5_keytab != NULL) { - kret = krb5_kt_get_name(gssapi_krb5_context, - gssapi_krb5_keytab, - kt_name, sizeof(kt_name)); - if (kret == 0) - kret = krb5_kt_resolve(gssapi_krb5_context, kt_name, keytab); - } else - kret = krb5_kt_default(gssapi_krb5_context, keytab); - return (kret); -} - -static OM_uint32 acquire_initiator_cred - (OM_uint32 * minor_status, - const gss_name_t desired_name, - OM_uint32 time_req, - const gss_OID_set desired_mechs, - gss_cred_usage_t cred_usage, - gss_cred_id_t handle, - gss_OID_set * actual_mechs, - OM_uint32 * time_rec - ) -{ - OM_uint32 ret; - krb5_creds cred; - krb5_principal def_princ; - krb5_get_init_creds_opt opt; - krb5_ccache ccache; - krb5_keytab keytab; - krb5_error_code kret; - - keytab = NULL; - ccache = NULL; - def_princ = NULL; - ret = GSS_S_FAILURE; - memset(&cred, 0, sizeof(cred)); - - kret = krb5_cc_default(gssapi_krb5_context, &ccache); - if (kret) - goto end; - kret = krb5_cc_get_principal(gssapi_krb5_context, ccache, - &def_princ); - if (kret != 0) { - /* we'll try to use a keytab below */ - krb5_cc_destroy(gssapi_krb5_context, ccache); - ccache = NULL; - kret = 0; - } else if (handle->principal == NULL) { - kret = krb5_copy_principal(gssapi_krb5_context, def_princ, - &handle->principal); - if (kret) - goto end; - } else if (handle->principal != NULL && - krb5_principal_compare(gssapi_krb5_context, handle->principal, - def_princ) == FALSE) { - /* Before failing, lets check the keytab */ - krb5_free_principal(gssapi_krb5_context, def_princ); - def_princ = NULL; - } - if (def_princ == NULL) { - /* We have no existing credentials cache, - * so attempt to get a TGT using a keytab. - */ - if (handle->principal == NULL) { - kret = krb5_get_default_principal(gssapi_krb5_context, - &handle->principal); - if (kret) - goto end; - } - kret = get_keytab(&keytab); - if (kret) - goto end; - krb5_get_init_creds_opt_init(&opt); - kret = krb5_get_init_creds_keytab(gssapi_krb5_context, &cred, - handle->principal, keytab, 0, NULL, &opt); - if (kret) - goto end; - kret = krb5_cc_gen_new(gssapi_krb5_context, &krb5_mcc_ops, - &ccache); - if (kret) - goto end; - kret = krb5_cc_initialize(gssapi_krb5_context, ccache, cred.client); - if (kret) - goto end; - kret = krb5_cc_store_cred(gssapi_krb5_context, ccache, &cred); - if (kret) - goto end; - handle->lifetime = cred.times.endtime; - } else { - krb5_creds in_cred, *out_cred; - krb5_const_realm realm; - - memset(&in_cred, 0, sizeof(in_cred)); - in_cred.client = handle->principal; - - realm = krb5_principal_get_realm(gssapi_krb5_context, - handle->principal); - if (realm == NULL) { - kret = KRB5_PRINC_NOMATCH; /* XXX */ - goto end; - } - - kret = krb5_make_principal(gssapi_krb5_context, &in_cred.server, - realm, KRB5_TGS_NAME, realm, NULL); - if (kret) - goto end; - - kret = krb5_get_credentials(gssapi_krb5_context, 0, - ccache, &in_cred, &out_cred); - krb5_free_principal(gssapi_krb5_context, in_cred.server); - if (kret) - goto end; - - handle->lifetime = out_cred->times.endtime; - krb5_free_creds(gssapi_krb5_context, out_cred); - } - - handle->ccache = ccache; - ret = GSS_S_COMPLETE; - -end: - if (cred.client != NULL) - krb5_free_creds_contents(gssapi_krb5_context, &cred); - if (def_princ != NULL) - krb5_free_principal(gssapi_krb5_context, def_princ); - if (keytab != NULL) - krb5_kt_close(gssapi_krb5_context, keytab); - if (ret != GSS_S_COMPLETE) { - if (ccache != NULL) - krb5_cc_close(gssapi_krb5_context, ccache); - if (kret != 0) { - *minor_status = kret; - gssapi_krb5_set_error_string (); - } - } - return (ret); -} - -static OM_uint32 acquire_acceptor_cred - (OM_uint32 * minor_status, - const gss_name_t desired_name, - OM_uint32 time_req, - const gss_OID_set desired_mechs, - gss_cred_usage_t cred_usage, - gss_cred_id_t handle, - gss_OID_set * actual_mechs, - OM_uint32 * time_rec - ) -{ - OM_uint32 ret; - krb5_error_code kret; - - kret = 0; - ret = GSS_S_FAILURE; - kret = get_keytab(&handle->keytab); - if (kret) - goto end; - ret = GSS_S_COMPLETE; - -end: - if (ret != GSS_S_COMPLETE) { - if (handle->keytab != NULL) - krb5_kt_close(gssapi_krb5_context, handle->keytab); - if (kret != 0) { - *minor_status = kret; - gssapi_krb5_set_error_string (); - } - } - return (ret); -} - -OM_uint32 gss_acquire_cred - (OM_uint32 * minor_status, - const gss_name_t desired_name, - OM_uint32 time_req, - const gss_OID_set desired_mechs, - gss_cred_usage_t cred_usage, - gss_cred_id_t * output_cred_handle, - gss_OID_set * actual_mechs, - OM_uint32 * time_rec - ) -{ - gss_cred_id_t handle; - OM_uint32 ret; - - GSSAPI_KRB5_INIT (); - - *output_cred_handle = NULL; - if (time_rec) - *time_rec = 0; - if (actual_mechs) - *actual_mechs = GSS_C_NO_OID_SET; - - if (desired_mechs) { - OM_uint32 present = 0; - - ret = gss_test_oid_set_member(minor_status, GSS_KRB5_MECHANISM, - desired_mechs, &present); - if (ret) - return ret; - if (!present) { - *minor_status = 0; - return GSS_S_BAD_MECH; - } - } - - handle = (gss_cred_id_t)malloc(sizeof(*handle)); - if (handle == GSS_C_NO_CREDENTIAL) { - *minor_status = ENOMEM; - return (GSS_S_FAILURE); - } - - memset(handle, 0, sizeof (*handle)); - - if (desired_name != GSS_C_NO_NAME) { - ret = gss_duplicate_name(minor_status, desired_name, - &handle->principal); - if (ret != GSS_S_COMPLETE) { - free(handle); - return (ret); - } - } - if (cred_usage == GSS_C_INITIATE || cred_usage == GSS_C_BOTH) { - ret = acquire_initiator_cred(minor_status, desired_name, time_req, - desired_mechs, cred_usage, handle, actual_mechs, time_rec); - if (ret != GSS_S_COMPLETE) { - free(handle); - return (ret); - } - } else if (cred_usage == GSS_C_ACCEPT || cred_usage == GSS_C_BOTH) { - ret = acquire_acceptor_cred(minor_status, desired_name, time_req, - desired_mechs, cred_usage, handle, actual_mechs, time_rec); - if (ret != GSS_S_COMPLETE) { - free(handle); - return (ret); - } - } else { - free(handle); - *minor_status = GSS_KRB5_S_G_BAD_USAGE; - return GSS_S_FAILURE; - } - ret = gss_create_empty_oid_set(minor_status, &handle->mechanisms); - if (ret == GSS_S_COMPLETE) - ret = gss_add_oid_set_member(minor_status, GSS_KRB5_MECHANISM, - &handle->mechanisms); - if (ret == GSS_S_COMPLETE) - ret = gss_inquire_cred(minor_status, handle, NULL, time_rec, NULL, - actual_mechs); - if (ret != GSS_S_COMPLETE) { - if (handle->mechanisms != NULL) - gss_release_oid_set(NULL, &handle->mechanisms); - free(handle); - return (ret); - } - *minor_status = 0; - if (time_rec) { - ret = gssapi_lifetime_left(minor_status, - handle->lifetime, - time_rec); - - if (ret) - return ret; - } - handle->usage = cred_usage; - *output_cred_handle = handle; - return (GSS_S_COMPLETE); -} diff --git a/crypto/heimdal/lib/gssapi/add_cred.c b/crypto/heimdal/lib/gssapi/add_cred.c deleted file mode 100644 index 53d4f3370696..000000000000 --- a/crypto/heimdal/lib/gssapi/add_cred.c +++ /dev/null @@ -1,234 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: add_cred.c,v 1.2.2.1 2003/10/21 21:00:47 lha Exp $"); - -OM_uint32 gss_add_cred ( - OM_uint32 *minor_status, - const gss_cred_id_t input_cred_handle, - const gss_name_t desired_name, - const gss_OID desired_mech, - gss_cred_usage_t cred_usage, - OM_uint32 initiator_time_req, - OM_uint32 acceptor_time_req, - gss_cred_id_t *output_cred_handle, - gss_OID_set *actual_mechs, - OM_uint32 *initiator_time_rec, - OM_uint32 *acceptor_time_rec) -{ - OM_uint32 ret, lifetime; - gss_cred_id_t cred, handle; - - handle = NULL; - cred = input_cred_handle; - - if (gss_oid_equal(desired_mech, GSS_KRB5_MECHANISM) == 0) { - *minor_status = 0; - return GSS_S_BAD_MECH; - } - - if (cred == GSS_C_NO_CREDENTIAL && output_cred_handle == NULL) { - *minor_status = 0; - return GSS_S_NO_CRED; - } - - /* check if requested output usage is compatible with output usage */ - if (output_cred_handle != NULL && - (cred->usage != cred_usage && cred->usage != GSS_C_BOTH)) { - *minor_status = GSS_KRB5_S_G_BAD_USAGE; - return(GSS_S_FAILURE); - } - - /* check that we have the same name */ - if (desired_name != GSS_C_NO_NAME && - krb5_principal_compare(gssapi_krb5_context, desired_name, - cred->principal) != FALSE) { - *minor_status = 0; - return GSS_S_BAD_NAME; - } - - /* make a copy */ - if (output_cred_handle) { - - handle = (gss_cred_id_t)malloc(sizeof(*handle)); - if (handle == GSS_C_NO_CREDENTIAL) { - *minor_status = ENOMEM; - return (GSS_S_FAILURE); - } - - memset(handle, 0, sizeof (*handle)); - - handle->usage = cred_usage; - handle->lifetime = cred->lifetime; - handle->principal = NULL; - handle->keytab = NULL; - handle->ccache = NULL; - handle->mechanisms = NULL; - - ret = GSS_S_FAILURE; - - ret = gss_duplicate_name(minor_status, cred->principal, - &handle->principal); - if (ret) { - free(handle); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - if (cred->keytab) { - krb5_error_code kret; - char name[KRB5_KT_PREFIX_MAX_LEN + MAXPATHLEN]; - int len; - - ret = GSS_S_FAILURE; - - kret = krb5_kt_get_type(gssapi_krb5_context, cred->keytab, - name, KRB5_KT_PREFIX_MAX_LEN); - if (kret) { - *minor_status = kret; - goto failure; - } - len = strlen(name); - name[len++] = ':'; - - kret = krb5_kt_get_name(gssapi_krb5_context, cred->keytab, - name + len, - sizeof(name) - len); - if (kret) { - *minor_status = kret; - goto failure; - } - - kret = krb5_kt_resolve(gssapi_krb5_context, name, - &handle->keytab); - if (kret){ - *minor_status = kret; - goto failure; - } - } - - if (cred->ccache) { - krb5_error_code kret; - const char *type, *name; - char *type_name; - - ret = GSS_S_FAILURE; - - type = krb5_cc_get_type(gssapi_krb5_context, cred->ccache); - if (type == NULL){ - *minor_status = ENOMEM; - goto failure; - } - - if (strcmp(type, "MEMORY") == 0) { - ret = krb5_cc_gen_new(gssapi_krb5_context, &krb5_mcc_ops, - &handle->ccache); - if (ret) { - *minor_status = ret; - goto failure; - } - - ret = krb5_cc_copy_cache(gssapi_krb5_context, cred->ccache, - handle->ccache); - if (ret) { - *minor_status = ret; - goto failure; - } - - } else { - - name = krb5_cc_get_name(gssapi_krb5_context, cred->ccache); - if (name == NULL) { - *minor_status = ENOMEM; - goto failure; - } - - asprintf(&type_name, "%s:%s", type, name); - if (type_name == NULL) { - *minor_status = ENOMEM; - goto failure; - } - - kret = krb5_cc_resolve(gssapi_krb5_context, type_name, - &handle->ccache); - free(type_name); - if (kret) { - *minor_status = kret; - goto failure; - } - } - } - - ret = gss_create_empty_oid_set(minor_status, &handle->mechanisms); - if (ret) - goto failure; - - ret = gss_add_oid_set_member(minor_status, GSS_KRB5_MECHANISM, - &handle->mechanisms); - if (ret) - goto failure; - } - - ret = gss_inquire_cred(minor_status, cred, NULL, &lifetime, - NULL, actual_mechs); - if (ret) - goto failure; - - if (initiator_time_rec) - *initiator_time_rec = lifetime; - if (acceptor_time_rec) - *acceptor_time_rec = lifetime; - - if (output_cred_handle) - *output_cred_handle = handle; - - *minor_status = 0; - return ret; - - failure: - - if (handle) { - if (handle->principal) - gss_release_name(NULL, &handle->principal); - if (handle->keytab) - krb5_kt_close(gssapi_krb5_context, handle->keytab); - if (handle->ccache) - krb5_cc_destroy(gssapi_krb5_context, handle->ccache); - if (handle->mechanisms) - gss_release_oid_set(NULL, &handle->mechanisms); - free(handle); - } - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/add_oid_set_member.c b/crypto/heimdal/lib/gssapi/add_oid_set_member.c deleted file mode 100644 index ed654fc8c5b8..000000000000 --- a/crypto/heimdal/lib/gssapi/add_oid_set_member.c +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 1997 - 2001, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: add_oid_set_member.c,v 1.8 2003/03/16 17:50:49 lha Exp $"); - -OM_uint32 gss_add_oid_set_member ( - OM_uint32 * minor_status, - const gss_OID member_oid, - gss_OID_set * oid_set - ) -{ - gss_OID tmp; - size_t n; - OM_uint32 res; - int present; - - res = gss_test_oid_set_member(minor_status, member_oid, *oid_set, &present); - if (res != GSS_S_COMPLETE) - return res; - - if (present) { - *minor_status = 0; - return GSS_S_COMPLETE; - } - - n = (*oid_set)->count + 1; - tmp = realloc ((*oid_set)->elements, n * sizeof(gss_OID_desc)); - if (tmp == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - (*oid_set)->elements = tmp; - (*oid_set)->count = n; - (*oid_set)->elements[n-1] = *member_oid; - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/address_to_krb5addr.c b/crypto/heimdal/lib/gssapi/address_to_krb5addr.c deleted file mode 100644 index c8041aa93626..000000000000 --- a/crypto/heimdal/lib/gssapi/address_to_krb5addr.c +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -#include - -krb5_error_code -gss_address_to_krb5addr(OM_uint32 gss_addr_type, - gss_buffer_desc *gss_addr, - int16_t port, - krb5_address *address) -{ - int addr_type; - struct sockaddr sa; - int sa_size = sizeof(sa); - krb5_error_code problem; - - if (gss_addr == NULL) - return GSS_S_FAILURE; - - switch (gss_addr_type) { -#ifdef HAVE_IPV6 - case GSS_C_AF_INET6: addr_type = AF_INET6; - break; -#endif /* HAVE_IPV6 */ - - case GSS_C_AF_INET: addr_type = AF_INET; - break; - default: - return GSS_S_FAILURE; - } - - problem = krb5_h_addr2sockaddr (gssapi_krb5_context, - addr_type, - gss_addr->value, - &sa, - &sa_size, - port); - if (problem) - return GSS_S_FAILURE; - - problem = krb5_sockaddr2address (gssapi_krb5_context, &sa, address); - - return problem; -} diff --git a/crypto/heimdal/lib/gssapi/arcfour.c b/crypto/heimdal/lib/gssapi/arcfour.c deleted file mode 100644 index 66d688ca0b58..000000000000 --- a/crypto/heimdal/lib/gssapi/arcfour.c +++ /dev/null @@ -1,623 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -/* - * Implements draft-brezak-win2k-krb-rc4-hmac-04.txt - */ - -RCSID("$Id: arcfour.c,v 1.12.2.3 2003/09/19 15:15:11 lha Exp $"); - -static krb5_error_code -arcfour_mic_key(krb5_context context, krb5_keyblock *key, - void *cksum_data, size_t cksum_size, - void *key6_data, size_t key6_size) -{ - krb5_error_code ret; - - Checksum cksum_k5; - krb5_keyblock key5; - char k5_data[16]; - - Checksum cksum_k6; - - char T[4]; - - memset(T, 0, 4); - cksum_k5.checksum.data = k5_data; - cksum_k5.checksum.length = sizeof(k5_data); - - if (key->keytype == KEYTYPE_ARCFOUR_56) { - char L40[14] = "fortybits"; - - memcpy(L40 + 10, T, sizeof(T)); - ret = krb5_hmac(context, CKSUMTYPE_RSA_MD5, - L40, 14, 0, key, &cksum_k5); - memset(&k5_data[7], 0xAB, 9); - } else { - ret = krb5_hmac(context, CKSUMTYPE_RSA_MD5, - T, 4, 0, key, &cksum_k5); - } - if (ret) - return ret; - - key5.keytype = KEYTYPE_ARCFOUR; - key5.keyvalue = cksum_k5.checksum; - - cksum_k6.checksum.data = key6_data; - cksum_k6.checksum.length = key6_size; - - return krb5_hmac(context, CKSUMTYPE_RSA_MD5, - cksum_data, cksum_size, 0, &key5, &cksum_k6); -} - - -static krb5_error_code -arcfour_mic_cksum(krb5_keyblock *key, unsigned usage, - u_char *sgn_cksum, size_t sgn_cksum_sz, - const char *v1, size_t l1, - const void *v2, size_t l2, - const void *v3, size_t l3) -{ - Checksum CKSUM; - u_char *ptr; - size_t len; - krb5_crypto crypto; - krb5_error_code ret; - - assert(sgn_cksum_sz == 8); - - len = l1 + l2 + l3; - - ptr = malloc(len); - if (ptr == NULL) - return ENOMEM; - - memcpy(ptr, v1, l1); - memcpy(ptr + l1, v2, l2); - memcpy(ptr + l1 + l2, v3, l3); - - ret = krb5_crypto_init(gssapi_krb5_context, key, 0, &crypto); - if (ret) { - free(ptr); - return ret; - } - - ret = krb5_create_checksum(gssapi_krb5_context, - crypto, - usage, - 0, - ptr, len, - &CKSUM); - free(ptr); - if (ret == 0) { - memcpy(sgn_cksum, CKSUM.checksum.data, sgn_cksum_sz); - free_Checksum(&CKSUM); - } - krb5_crypto_destroy(gssapi_krb5_context, crypto); - - return ret; -} - - -OM_uint32 -_gssapi_get_mic_arcfour(OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - gss_qop_t qop_req, - const gss_buffer_t message_buffer, - gss_buffer_t message_token, - krb5_keyblock *key) -{ - krb5_error_code ret; - int32_t seq_number; - size_t len, total_len; - u_char k6_data[16], *p0, *p; - RC4_KEY rc4_key; - - gssapi_krb5_encap_length (22, &len, &total_len); - - message_token->length = total_len; - message_token->value = malloc (total_len); - if (message_token->value == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - p0 = _gssapi_make_mech_header(message_token->value, - len); - p = p0; - - *p++ = 0x01; /* TOK_ID */ - *p++ = 0x01; - *p++ = 0x11; /* SGN_ALG */ - *p++ = 0x00; - *p++ = 0xff; /* Filler */ - *p++ = 0xff; - *p++ = 0xff; - *p++ = 0xff; - - p = NULL; - - ret = arcfour_mic_cksum(key, KRB5_KU_USAGE_SIGN, - p0 + 16, 8, /* SGN_CKSUM */ - p0, 8, /* TOK_ID, SGN_ALG, Filer */ - message_buffer->value, message_buffer->length, - NULL, 0); - if (ret) { - gss_release_buffer(minor_status, message_token); - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = arcfour_mic_key(gssapi_krb5_context, key, - p0 + 16, 8, /* SGN_CKSUM */ - k6_data, sizeof(k6_data)); - if (ret) { - gss_release_buffer(minor_status, message_token); - *minor_status = ret; - return GSS_S_FAILURE; - } - - krb5_auth_con_getlocalseqnumber (gssapi_krb5_context, - context_handle->auth_context, - &seq_number); - p = p0 + 8; /* SND_SEQ */ - gssapi_encode_be_om_uint32(seq_number, p); - - krb5_auth_con_setlocalseqnumber (gssapi_krb5_context, - context_handle->auth_context, - ++seq_number); - - memset (p + 4, (context_handle->more_flags & LOCAL) ? 0 : 0xff, 4); - - RC4_set_key (&rc4_key, sizeof(k6_data), k6_data); - RC4 (&rc4_key, 8, p, p); - - memset(&rc4_key, 0, sizeof(rc4_key)); - memset(k6_data, 0, sizeof(k6_data)); - - *minor_status = 0; - return GSS_S_COMPLETE; -} - - -OM_uint32 -_gssapi_verify_mic_arcfour(OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t message_buffer, - const gss_buffer_t token_buffer, - gss_qop_t * qop_state, - krb5_keyblock *key, - char *type) -{ - krb5_error_code ret; - int32_t seq_number, seq_number2; - OM_uint32 omret; - char cksum_data[8], k6_data[16], SND_SEQ[8]; - u_char *p; - int cmp; - - if (qop_state) - *qop_state = 0; - - p = token_buffer->value; - omret = gssapi_krb5_verify_header (&p, - token_buffer->length, - type); - if (omret) - return omret; - - if (memcmp(p, "\x11\x00", 2) != 0) /* SGN_ALG = HMAC MD5 ARCFOUR */ - return GSS_S_BAD_SIG; - p += 2; - if (memcmp (p, "\xff\xff\xff\xff", 4) != 0) - return GSS_S_BAD_MIC; - p += 4; - - ret = arcfour_mic_cksum(key, KRB5_KU_USAGE_SIGN, - cksum_data, sizeof(cksum_data), - p - 8, 8, - message_buffer->value, message_buffer->length, - NULL, 0); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = arcfour_mic_key(gssapi_krb5_context, key, - cksum_data, sizeof(cksum_data), - k6_data, sizeof(k6_data)); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - cmp = memcmp(cksum_data, p + 8, 8); - if (cmp) { - *minor_status = 0; - return GSS_S_BAD_MIC; - } - - { - RC4_KEY rc4_key; - - RC4_set_key (&rc4_key, sizeof(k6_data), k6_data); - RC4 (&rc4_key, 8, p, SND_SEQ); - - memset(&rc4_key, 0, sizeof(rc4_key)); - memset(k6_data, 0, sizeof(k6_data)); - } - - gssapi_decode_be_om_uint32(SND_SEQ, &seq_number); - - if (context_handle->more_flags & LOCAL) - cmp = memcmp(&SND_SEQ[4], "\xff\xff\xff\xff", 4); - else - cmp = memcmp(&SND_SEQ[4], "\x00\x00\x00\x00", 4); - - memset(SND_SEQ, 0, sizeof(SND_SEQ)); - if (cmp != 0) { - *minor_status = 0; - return GSS_S_BAD_MIC; - } - - krb5_auth_con_getlocalseqnumber (gssapi_krb5_context, - context_handle->auth_context, - &seq_number2); - - if (seq_number != seq_number2) { - *minor_status = 0; - return GSS_S_UNSEQ_TOKEN; - } - - krb5_auth_con_setlocalseqnumber (gssapi_krb5_context, - context_handle->auth_context, - ++seq_number2); - - *minor_status = 0; - return GSS_S_COMPLETE; -} - -OM_uint32 -_gssapi_wrap_arcfour(OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - int conf_req_flag, - gss_qop_t qop_req, - const gss_buffer_t input_message_buffer, - int * conf_state, - gss_buffer_t output_message_buffer, - krb5_keyblock *key) -{ - u_char Klocaldata[16], k6_data[16], *p, *p0; - size_t len, total_len, datalen; - krb5_keyblock Klocal; - krb5_error_code ret; - int32_t seq_number; - - if (conf_state) - *conf_state = 0; - - datalen = input_message_buffer->length + 1 /* padding */; - len = datalen + 30; - gssapi_krb5_encap_length (len, &len, &total_len); - - output_message_buffer->length = total_len; - output_message_buffer->value = malloc (total_len); - if (output_message_buffer->value == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - p0 = _gssapi_make_mech_header(output_message_buffer->value, - len); - p = p0; - - *p++ = 0x02; /* TOK_ID */ - *p++ = 0x01; - *p++ = 0x11; /* SGN_ALG */ - *p++ = 0x00; - if (conf_req_flag) { - *p++ = 0x10; /* SEAL_ALG */ - *p++ = 0x00; - } else { - *p++ = 0xff; /* SEAL_ALG */ - *p++ = 0xff; - } - *p++ = 0xff; /* Filler */ - *p++ = 0xff; - - p = NULL; - - krb5_auth_con_getlocalseqnumber (gssapi_krb5_context, - context_handle->auth_context, - &seq_number); - - gssapi_encode_be_om_uint32(seq_number, p0 + 8); - - krb5_auth_con_setlocalseqnumber (gssapi_krb5_context, - context_handle->auth_context, - ++seq_number); - - memset (p0 + 8 + 4, - (context_handle->more_flags & LOCAL) ? 0 : 0xff, - 4); - - krb5_generate_random_block(p0 + 24, 8); /* fill in Confounder */ - - /* p points to data */ - p = p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE; - memcpy(p, input_message_buffer->value, input_message_buffer->length); - p[input_message_buffer->length] = 1; /* PADDING */ - - ret = arcfour_mic_cksum(key, KRB5_KU_USAGE_SEAL, - p0 + 16, 8, /* SGN_CKSUM */ - p0, 8, /* TOK_ID, SGN_ALG, SEAL_ALG, Filler */ - p0 + 24, 8, /* Confounder */ - p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE, - datalen); - if (ret) { - *minor_status = ret; - gss_release_buffer(minor_status, output_message_buffer); - return GSS_S_FAILURE; - } - - { - int i; - - Klocal.keytype = key->keytype; - Klocal.keyvalue.data = Klocaldata; - Klocal.keyvalue.length = sizeof(Klocaldata); - - for (i = 0; i < 16; i++) - Klocaldata[i] = ((u_char *)key->keyvalue.data)[i] ^ 0xF0; - } - ret = arcfour_mic_key(gssapi_krb5_context, &Klocal, - p0 + 8, 4, /* SND_SEQ */ - k6_data, sizeof(k6_data)); - memset(Klocaldata, 0, sizeof(Klocaldata)); - if (ret) { - gss_release_buffer(minor_status, output_message_buffer); - *minor_status = ret; - return GSS_S_FAILURE; - } - - - if(conf_req_flag) { - RC4_KEY rc4_key; - - RC4_set_key (&rc4_key, sizeof(k6_data), k6_data); - /* XXX ? */ - RC4 (&rc4_key, 8 + datalen, p0 + 24, p0 + 24); /* Confounder + data */ - memset(&rc4_key, 0, sizeof(rc4_key)); - } - memset(k6_data, 0, sizeof(k6_data)); - - ret = arcfour_mic_key(gssapi_krb5_context, key, - p0 + 16, 8, /* SGN_CKSUM */ - k6_data, sizeof(k6_data)); - if (ret) { - gss_release_buffer(minor_status, output_message_buffer); - *minor_status = ret; - return GSS_S_FAILURE; - } - - { - RC4_KEY rc4_key; - - RC4_set_key (&rc4_key, sizeof(k6_data), k6_data); - RC4 (&rc4_key, 8, p0 + 8, p0 + 8); /* SND_SEQ */ - memset(&rc4_key, 0, sizeof(rc4_key)); - memset(k6_data, 0, sizeof(k6_data)); - } - - if (conf_state) - *conf_state = conf_req_flag; - - *minor_status = 0; - return GSS_S_COMPLETE; -} - -OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t input_message_buffer, - gss_buffer_t output_message_buffer, - int *conf_state, - gss_qop_t *qop_state, - krb5_keyblock *key) -{ - u_char Klocaldata[16]; - krb5_keyblock Klocal; - krb5_error_code ret; - int32_t seq_number, seq_number2; - size_t datalen; - OM_uint32 omret; - char k6_data[16], SND_SEQ[8], Confounder[8]; - char cksum_data[8]; - u_char *p, *p0; - int cmp; - int conf_flag; - size_t padlen; - - if (conf_state) - *conf_state = 0; - if (qop_state) - *qop_state = 0; - - p0 = input_message_buffer->value; - omret = _gssapi_verify_mech_header(&p0, - input_message_buffer->length); - if (omret) - return omret; - p = p0; - - datalen = input_message_buffer->length - - (p - ((u_char *)input_message_buffer->value)) - - GSS_ARCFOUR_WRAP_TOKEN_SIZE; - - if (memcmp(p, "\x02\x01", 2) != 0) - return GSS_S_BAD_SIG; - p += 2; - if (memcmp(p, "\x11\x00", 2) != 0) /* SGN_ALG = HMAC MD5 ARCFOUR */ - return GSS_S_BAD_SIG; - p += 2; - - if (memcmp (p, "\x10\x00", 2) == 0) - conf_flag = 1; - else if (memcmp (p, "\xff\xff", 2) == 0) - conf_flag = 0; - else - return GSS_S_BAD_SIG; - - p += 2; - if (memcmp (p, "\xff\xff", 2) != 0) - return GSS_S_BAD_MIC; - p = NULL; - - ret = arcfour_mic_key(gssapi_krb5_context, key, - p0 + 16, 8, /* SGN_CKSUM */ - k6_data, sizeof(k6_data)); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - { - RC4_KEY rc4_key; - - RC4_set_key (&rc4_key, sizeof(k6_data), k6_data); - RC4 (&rc4_key, 8, p0 + 8, SND_SEQ); /* SND_SEQ */ - memset(&rc4_key, 0, sizeof(rc4_key)); - memset(k6_data, 0, sizeof(k6_data)); - } - - gssapi_decode_be_om_uint32(SND_SEQ, &seq_number); - - if (context_handle->more_flags & LOCAL) - cmp = memcmp(&SND_SEQ[4], "\xff\xff\xff\xff", 4); - else - cmp = memcmp(&SND_SEQ[4], "\x00\x00\x00\x00", 4); - - if (cmp != 0) { - *minor_status = 0; - return GSS_S_BAD_MIC; - } - - { - int i; - - Klocal.keytype = key->keytype; - Klocal.keyvalue.data = Klocaldata; - Klocal.keyvalue.length = sizeof(Klocaldata); - - for (i = 0; i < 16; i++) - Klocaldata[i] = ((u_char *)key->keyvalue.data)[i] ^ 0xF0; - } - ret = arcfour_mic_key(gssapi_krb5_context, &Klocal, - SND_SEQ, 4, - k6_data, sizeof(k6_data)); - memset(Klocaldata, 0, sizeof(Klocaldata)); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - output_message_buffer->value = malloc(datalen); - if (output_message_buffer->value == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - output_message_buffer->length = datalen; - - if(conf_flag) { - RC4_KEY rc4_key; - - RC4_set_key (&rc4_key, sizeof(k6_data), k6_data); - RC4 (&rc4_key, 8, p0 + 24, Confounder); /* Confounder */ - RC4 (&rc4_key, datalen, p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE, - output_message_buffer->value); - memset(&rc4_key, 0, sizeof(rc4_key)); - } else { - memcpy(Confounder, p0 + 24, 8); /* Confounder */ - memcpy(output_message_buffer->value, - p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE, - datalen); - } - memset(k6_data, 0, sizeof(k6_data)); - - ret = _gssapi_verify_pad(output_message_buffer, datalen, &padlen); - if (ret) { - gss_release_buffer(minor_status, output_message_buffer); - *minor_status = 0; - return ret; - } - output_message_buffer->length -= padlen; - - ret = arcfour_mic_cksum(key, KRB5_KU_USAGE_SEAL, - cksum_data, sizeof(cksum_data), - p0, 8, - Confounder, sizeof(Confounder), - output_message_buffer->value, - output_message_buffer->length + padlen); - if (ret) { - gss_release_buffer(minor_status, output_message_buffer); - *minor_status = ret; - return GSS_S_FAILURE; - } - - cmp = memcmp(cksum_data, p0 + 16, 8); /* SGN_CKSUM */ - if (cmp) { - gss_release_buffer(minor_status, output_message_buffer); - *minor_status = 0; - return GSS_S_BAD_MIC; - } - - krb5_auth_getremoteseqnumber (gssapi_krb5_context, - context_handle->auth_context, - &seq_number2); - - if (seq_number != seq_number2) { - *minor_status = 0; - return GSS_S_UNSEQ_TOKEN; - } - - krb5_auth_con_setremoteseqnumber (gssapi_krb5_context, - context_handle->auth_context, - ++seq_number2); - - if (conf_state) - *conf_state = conf_flag; - - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/arcfour.h b/crypto/heimdal/lib/gssapi/arcfour.h deleted file mode 100644 index 88bdfb119f44..000000000000 --- a/crypto/heimdal/lib/gssapi/arcfour.h +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: arcfour.h,v 1.3.2.2 2003/09/19 15:14:14 lha Exp $ */ - -#ifndef GSSAPI_ARCFOUR_H_ -#define GSSAPI_ARCFOUR_H_ 1 - -/* - * The arcfour message have the following formats, these are only here - * for reference and is not used. - */ - -#if 0 -typedef struct gss_arcfour_mic_token { - u_char TOK_ID[2]; /* 01 01 */ - u_char SGN_ALG[2]; /* 11 00 */ - u_char Filler[4]; - u_char SND_SEQ[8]; - u_char SGN_CKSUM[8]; -} gss_arcfour_mic_token_desc, *gss_arcfour_mic_token; - -typedef struct gss_arcfour_wrap_token { - u_char TOK_ID[2]; /* 02 01 */ - u_char SGN_ALG[2]; - u_char SEAL_ALG[2]; - u_char Filler[2]; - u_char SND_SEQ[8]; - u_char SGN_CKSUM[8]; - u_char Confounder[8]; -} gss_arcfour_wrap_token_desc, *gss_arcfour_wrap_token; -#endif - -#define GSS_ARCFOUR_WRAP_TOKEN_SIZE 32 - -OM_uint32 _gssapi_wrap_arcfour(OM_uint32 *minor_status, - const gss_ctx_id_t context_handle, - int conf_req_flag, - gss_qop_t qop_req, - const gss_buffer_t input_message_buffer, - int *conf_state, - gss_buffer_t output_message_buffer, - krb5_keyblock *key); - -OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t input_message_buffer, - gss_buffer_t output_message_buffer, - int *conf_state, - gss_qop_t *qop_state, - krb5_keyblock *key); - -OM_uint32 _gssapi_get_mic_arcfour(OM_uint32 *minor_status, - const gss_ctx_id_t context_handle, - gss_qop_t qop_req, - const gss_buffer_t message_buffer, - gss_buffer_t message_token, - krb5_keyblock *key); - -OM_uint32 _gssapi_verify_mic_arcfour(OM_uint32 *minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t message_buffer, - const gss_buffer_t token_buffer, - gss_qop_t *qop_state, - krb5_keyblock *key, - char *type); - -#endif /* GSSAPI_ARCFOUR_H_ */ diff --git a/crypto/heimdal/lib/gssapi/canonicalize_name.c b/crypto/heimdal/lib/gssapi/canonicalize_name.c deleted file mode 100644 index afa39f3a4f96..000000000000 --- a/crypto/heimdal/lib/gssapi/canonicalize_name.c +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: canonicalize_name.c,v 1.2 1999/12/02 17:05:03 joda Exp $"); - -OM_uint32 gss_canonicalize_name ( - OM_uint32 * minor_status, - const gss_name_t input_name, - const gss_OID mech_type, - gss_name_t * output_name - ) -{ - return gss_duplicate_name (minor_status, input_name, output_name); -} diff --git a/crypto/heimdal/lib/gssapi/compare_name.c b/crypto/heimdal/lib/gssapi/compare_name.c deleted file mode 100644 index da494b0d10b4..000000000000 --- a/crypto/heimdal/lib/gssapi/compare_name.c +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: compare_name.c,v 1.4 2003/03/16 17:50:07 lha Exp $"); - -OM_uint32 gss_compare_name - (OM_uint32 * minor_status, - const gss_name_t name1, - const gss_name_t name2, - int * name_equal - ) -{ - GSSAPI_KRB5_INIT(); - - *name_equal = krb5_principal_compare (gssapi_krb5_context, - name1, name2); - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/compat.c b/crypto/heimdal/lib/gssapi/compat.c deleted file mode 100644 index 311b1cb71a1e..000000000000 --- a/crypto/heimdal/lib/gssapi/compat.c +++ /dev/null @@ -1,113 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: compat.c,v 1.2.2.2 2003/04/28 13:58:09 lha Exp $"); - - -static krb5_error_code -check_compat(OM_uint32 *minor_status, gss_name_t name, - const char *option, krb5_boolean *compat, - krb5_boolean match_val) -{ - krb5_error_code ret = 0; - char **p, **q; - krb5_principal match; - - - p = krb5_config_get_strings(gssapi_krb5_context, NULL, "gssapi", - option, NULL); - if(p == NULL) - return 0; - - for(q = p; *q; q++) { - - ret = krb5_parse_name(gssapi_krb5_context, *q, &match); - if (ret) - break; - - if (krb5_principal_match(gssapi_krb5_context, name, match)) { - *compat = match_val; - break; - } - - krb5_free_principal(gssapi_krb5_context, match); - } - krb5_config_free_strings(p); - - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - return 0; -} - -OM_uint32 -_gss_DES3_get_mic_compat(OM_uint32 *minor_status, gss_ctx_id_t ctx) -{ - krb5_boolean use_compat = TRUE; - OM_uint32 ret; - - if ((ctx->more_flags & COMPAT_OLD_DES3_SELECTED) == 0) { - ret = check_compat(minor_status, ctx->target, - "broken_des3_mic", &use_compat, TRUE); - if (ret) - return ret; - ret = check_compat(minor_status, ctx->target, - "correct_des3_mic", &use_compat, FALSE); - if (ret) - return ret; - - if (use_compat) - ctx->more_flags |= COMPAT_OLD_DES3; - ctx->more_flags |= COMPAT_OLD_DES3_SELECTED; - } - return 0; -} - -OM_uint32 -gss_krb5_compat_des3_mic(OM_uint32 *minor_status, gss_ctx_id_t ctx, int on) -{ - *minor_status = 0; - - if (on) { - ctx->more_flags |= COMPAT_OLD_DES3; - } else { - ctx->more_flags &= ~COMPAT_OLD_DES3; - } - ctx->more_flags |= COMPAT_OLD_DES3_SELECTED; - - return 0; -} diff --git a/crypto/heimdal/lib/gssapi/context_time.c b/crypto/heimdal/lib/gssapi/context_time.c deleted file mode 100644 index daeb25f26d00..000000000000 --- a/crypto/heimdal/lib/gssapi/context_time.c +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: context_time.c,v 1.7.2.1 2003/08/15 14:25:50 lha Exp $"); - -OM_uint32 -gssapi_lifetime_left(OM_uint32 *minor_status, - OM_uint32 lifetime, - OM_uint32 *lifetime_rec) -{ - krb5_timestamp timeret; - krb5_error_code kret; - - kret = krb5_timeofday(gssapi_krb5_context, &timeret); - if (kret) { - *minor_status = kret; - gssapi_krb5_set_error_string (); - return GSS_S_FAILURE; - } - - if (lifetime < timeret) - *lifetime_rec = 0; - else - *lifetime_rec = lifetime - timeret; - - return GSS_S_COMPLETE; -} - - -OM_uint32 gss_context_time - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - OM_uint32 * time_rec - ) -{ - OM_uint32 lifetime; - OM_uint32 major_status; - - GSSAPI_KRB5_INIT (); - - lifetime = context_handle->lifetime; - - major_status = gssapi_lifetime_left(minor_status, lifetime, time_rec); - if (major_status != GSS_S_COMPLETE) - return major_status; - - *minor_status = 0; - - if (*time_rec == 0) - return GSS_S_CONTEXT_EXPIRED; - - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/copy_ccache.c b/crypto/heimdal/lib/gssapi/copy_ccache.c deleted file mode 100644 index 2ffe0656d8cb..000000000000 --- a/crypto/heimdal/lib/gssapi/copy_ccache.c +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Copyright (c) 2000 - 2001, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: copy_ccache.c,v 1.3 2003/03/16 17:47:44 lha Exp $"); - -OM_uint32 -gss_krb5_copy_ccache(OM_uint32 *minor_status, - gss_cred_id_t cred, - krb5_ccache out) -{ - krb5_error_code kret; - - if (cred->ccache == NULL) { - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - - kret = krb5_cc_copy_cache(gssapi_krb5_context, cred->ccache, out); - if (kret) { - *minor_status = kret; - gssapi_krb5_set_error_string (); - return GSS_S_FAILURE; - } - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/create_emtpy_oid_set.c b/crypto/heimdal/lib/gssapi/create_emtpy_oid_set.c deleted file mode 100644 index 1a25e0d7815e..000000000000 --- a/crypto/heimdal/lib/gssapi/create_emtpy_oid_set.c +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 1997 - 2001, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: create_emtpy_oid_set.c,v 1.5 2003/03/16 17:47:07 lha Exp $"); - -OM_uint32 gss_create_empty_oid_set ( - OM_uint32 * minor_status, - gss_OID_set * oid_set - ) -{ - *oid_set = malloc(sizeof(**oid_set)); - if (*oid_set == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - (*oid_set)->count = 0; - (*oid_set)->elements = NULL; - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/decapsulate.c b/crypto/heimdal/lib/gssapi/decapsulate.c deleted file mode 100644 index 242545352880..000000000000 --- a/crypto/heimdal/lib/gssapi/decapsulate.c +++ /dev/null @@ -1,184 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: decapsulate.c,v 1.7.6.1 2003/09/18 22:00:41 lha Exp $"); - -OM_uint32 -gssapi_krb5_verify_header(u_char **str, - size_t total_len, - char *type) -{ - size_t len, len_len, mech_len, foo; - int e; - u_char *p = *str; - - if (total_len < 1) - return GSS_S_DEFECTIVE_TOKEN; - if (*p++ != 0x60) - return GSS_S_DEFECTIVE_TOKEN; - e = der_get_length (p, total_len - 1, &len, &len_len); - if (e || 1 + len_len + len != total_len) - return GSS_S_DEFECTIVE_TOKEN; - p += len_len; - if (*p++ != 0x06) - return GSS_S_DEFECTIVE_TOKEN; - e = der_get_length (p, total_len - 1 - len_len - 1, - &mech_len, &foo); - if (e) - return GSS_S_DEFECTIVE_TOKEN; - p += foo; - if (mech_len != GSS_KRB5_MECHANISM->length) - return GSS_S_BAD_MECH; - if (memcmp(p, - GSS_KRB5_MECHANISM->elements, - GSS_KRB5_MECHANISM->length) != 0) - return GSS_S_BAD_MECH; - p += mech_len; - if (memcmp (p, type, 2) != 0) - return GSS_S_DEFECTIVE_TOKEN; - p += 2; - *str = p; - return GSS_S_COMPLETE; -} - -static ssize_t -gssapi_krb5_get_mech (const u_char *ptr, - size_t total_len, - const u_char **mech_ret) -{ - size_t len, len_len, mech_len, foo; - const u_char *p = ptr; - int e; - - if (total_len < 1) - return -1; - if (*p++ != 0x60) - return -1; - e = der_get_length (p, total_len - 1, &len, &len_len); - if (e || 1 + len_len + len != total_len) - return -1; - p += len_len; - if (*p++ != 0x06) - return -1; - e = der_get_length (p, total_len - 1 - len_len - 1, - &mech_len, &foo); - if (e) - return -1; - p += foo; - *mech_ret = p; - return mech_len; -} - -OM_uint32 -_gssapi_verify_mech_header(u_char **str, - size_t total_len) -{ - const u_char *p; - ssize_t mech_len; - - mech_len = gssapi_krb5_get_mech (*str, total_len, &p); - if (mech_len < 0) - return GSS_S_DEFECTIVE_TOKEN; - - if (mech_len != GSS_KRB5_MECHANISM->length) - return GSS_S_BAD_MECH; - if (memcmp(p, - GSS_KRB5_MECHANISM->elements, - GSS_KRB5_MECHANISM->length) != 0) - return GSS_S_BAD_MECH; - p += mech_len; - *str = (char *)p; - return GSS_S_COMPLETE; -} - -/* - * Remove the GSS-API wrapping from `in_token' giving `out_data. - * Does not copy data, so just free `in_token'. - */ - -OM_uint32 -gssapi_krb5_decapsulate( - OM_uint32 *minor_status, - gss_buffer_t input_token_buffer, - krb5_data *out_data, - char *type -) -{ - u_char *p; - OM_uint32 ret; - - p = input_token_buffer->value; - ret = gssapi_krb5_verify_header(&p, - input_token_buffer->length, - type); - if (ret) { - *minor_status = 0; - return ret; - } - - out_data->length = input_token_buffer->length - - (p - (u_char *)input_token_buffer->value); - out_data->data = p; - return GSS_S_COMPLETE; -} - -/* - * Verify padding of a gss wrapped message and return its length. - */ - -OM_uint32 -_gssapi_verify_pad(gss_buffer_t wrapped_token, - size_t datalen, - size_t *padlen) -{ - u_char *pad; - size_t padlength; - int i; - - pad = (u_char *)wrapped_token->value + wrapped_token->length - 1; - padlength = *pad; - - if (padlength > datalen) - return GSS_S_BAD_MECH; - - for (i = padlength; i > 0 && *pad == padlength; i--, pad--) - ; - if (i != 0) - return GSS_S_BAD_MIC; - - *padlen = padlength; - - return 0; -} diff --git a/crypto/heimdal/lib/gssapi/delete_sec_context.c b/crypto/heimdal/lib/gssapi/delete_sec_context.c deleted file mode 100644 index 2df1f39749c8..000000000000 --- a/crypto/heimdal/lib/gssapi/delete_sec_context.c +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: delete_sec_context.c,v 1.11 2003/03/16 17:46:40 lha Exp $"); - -OM_uint32 gss_delete_sec_context - (OM_uint32 * minor_status, - gss_ctx_id_t * context_handle, - gss_buffer_t output_token - ) -{ - GSSAPI_KRB5_INIT (); - - if (output_token) { - output_token->length = 0; - output_token->value = NULL; - } - - krb5_auth_con_free (gssapi_krb5_context, - (*context_handle)->auth_context); - if((*context_handle)->source) - krb5_free_principal (gssapi_krb5_context, - (*context_handle)->source); - if((*context_handle)->target) - krb5_free_principal (gssapi_krb5_context, - (*context_handle)->target); - if ((*context_handle)->ticket) { - krb5_free_ticket (gssapi_krb5_context, - (*context_handle)->ticket); - free((*context_handle)->ticket); - } - - free (*context_handle); - *context_handle = GSS_C_NO_CONTEXT; - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/display_name.c b/crypto/heimdal/lib/gssapi/display_name.c deleted file mode 100644 index 27a232fd3cf6..000000000000 --- a/crypto/heimdal/lib/gssapi/display_name.c +++ /dev/null @@ -1,73 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: display_name.c,v 1.9 2003/03/16 17:46:11 lha Exp $"); - -OM_uint32 gss_display_name - (OM_uint32 * minor_status, - const gss_name_t input_name, - gss_buffer_t output_name_buffer, - gss_OID * output_name_type - ) -{ - krb5_error_code kret; - char *buf; - size_t len; - - GSSAPI_KRB5_INIT (); - kret = krb5_unparse_name (gssapi_krb5_context, - input_name, - &buf); - if (kret) { - *minor_status = kret; - gssapi_krb5_set_error_string (); - return GSS_S_FAILURE; - } - len = strlen (buf); - output_name_buffer->length = len; - output_name_buffer->value = malloc(len + 1); - if (output_name_buffer->value == NULL) { - free (buf); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - memcpy (output_name_buffer->value, buf, len); - ((char *)output_name_buffer->value)[len] = '\0'; - free (buf); - if (output_name_type) - *output_name_type = GSS_KRB5_NT_PRINCIPAL_NAME; - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/display_status.c b/crypto/heimdal/lib/gssapi/display_status.c deleted file mode 100644 index d266fa46bf93..000000000000 --- a/crypto/heimdal/lib/gssapi/display_status.c +++ /dev/null @@ -1,187 +0,0 @@ -/* - * Copyright (c) 1998 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: display_status.c,v 1.9 2003/03/16 17:45:36 lha Exp $"); - -static char *krb5_error_string; - -static char * -calling_error(OM_uint32 v) -{ - static char *msgs[] = { - NULL, /* 0 */ - "A required input parameter could not be read.", /* */ - "A required output parameter could not be written.", /* */ - "A parameter was malformed" - }; - - v >>= GSS_C_CALLING_ERROR_OFFSET; - - if (v == 0) - return ""; - else if (v >= sizeof(msgs)/sizeof(*msgs)) - return "unknown calling error"; - else - return msgs[v]; -} - -static char * -routine_error(OM_uint32 v) -{ - static char *msgs[] = { - NULL, /* 0 */ - "An unsupported mechanism was requested", - "An invalid name was supplied", - "A supplied name was of an unsupported type", - "Incorrect channel bindings were supplied", - "An invalid status code was supplied", - "A token had an invalid MIC", - "No credentials were supplied, " - "or the credentials were unavailable or inaccessible.", - "No context has been established", - "A token was invalid", - "A credential was invalid", - "The referenced credentials have expired", - "The context has expired", - "Miscellaneous failure (see text)", - "The quality-of-protection requested could not be provide", - "The operation is forbidden by local security policy", - "The operation or option is not available", - "The requested credential element already exists", - "The provided name was not a mechanism name.", - }; - - v >>= GSS_C_ROUTINE_ERROR_OFFSET; - - if (v == 0) - return ""; - else if (v >= sizeof(msgs)/sizeof(*msgs)) - return "unknown routine error"; - else - return msgs[v]; -} - -static char * -supplementary_error(OM_uint32 v) -{ - static char *msgs[] = { - "normal completion", - "continuation call to routine required", - "duplicate per-message token detected", - "timed-out per-message token detected", - "reordered (early) per-message token detected", - "skipped predecessor token(s) detected" - }; - - v >>= GSS_C_SUPPLEMENTARY_OFFSET; - - if (v >= sizeof(msgs)/sizeof(*msgs)) - return "unknown routine error"; - else - return msgs[v]; -} - -void -gssapi_krb5_set_error_string (void) -{ - krb5_error_string = krb5_get_error_string(gssapi_krb5_context); -} - -char * -gssapi_krb5_get_error_string (void) -{ - char *ret = krb5_error_string; - krb5_error_string = NULL; - return ret; -} - -OM_uint32 gss_display_status - (OM_uint32 *minor_status, - OM_uint32 status_value, - int status_type, - const gss_OID mech_type, - OM_uint32 *message_context, - gss_buffer_t status_string) -{ - char *buf; - - GSSAPI_KRB5_INIT (); - - status_string->length = 0; - status_string->value = NULL; - - if (gss_oid_equal(mech_type, GSS_C_NO_OID) == 0 && - gss_oid_equal(mech_type, GSS_KRB5_MECHANISM) == 0) { - *minor_status = 0; - return GSS_C_GSS_CODE; - } - - if (status_type == GSS_C_GSS_CODE) { - if (GSS_SUPPLEMENTARY_INFO(status_value)) - asprintf(&buf, "%s", - supplementary_error(GSS_SUPPLEMENTARY_INFO(status_value))); - else - asprintf (&buf, "%s %s", - calling_error(GSS_CALLING_ERROR(status_value)), - routine_error(GSS_ROUTINE_ERROR(status_value))); - } else if (status_type == GSS_C_MECH_CODE) { - buf = gssapi_krb5_get_error_string (); - if (buf == NULL) { - const char *tmp = krb5_get_err_text (gssapi_krb5_context, - status_value); - if (tmp == NULL) - asprintf(&buf, "unknown mech error-code %u", - (unsigned)status_value); - else - buf = strdup(tmp); - } - } else { - *minor_status = EINVAL; - return GSS_S_BAD_STATUS; - } - - if (buf == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - *message_context = 0; - *minor_status = 0; - - status_string->length = strlen(buf); - status_string->value = buf; - - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/duplicate_name.c b/crypto/heimdal/lib/gssapi/duplicate_name.c deleted file mode 100644 index 2b54e90ec89d..000000000000 --- a/crypto/heimdal/lib/gssapi/duplicate_name.c +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: duplicate_name.c,v 1.7 2003/03/16 17:44:26 lha Exp $"); - -OM_uint32 gss_duplicate_name ( - OM_uint32 * minor_status, - const gss_name_t src_name, - gss_name_t * dest_name - ) -{ - krb5_error_code kret; - - GSSAPI_KRB5_INIT (); - - kret = krb5_copy_principal (gssapi_krb5_context, - src_name, - dest_name); - if (kret) { - *minor_status = kret; - gssapi_krb5_set_error_string (); - return GSS_S_FAILURE; - } else { - *minor_status = 0; - return GSS_S_COMPLETE; - } -} diff --git a/crypto/heimdal/lib/gssapi/encapsulate.c b/crypto/heimdal/lib/gssapi/encapsulate.c deleted file mode 100644 index f3cd1e49f42b..000000000000 --- a/crypto/heimdal/lib/gssapi/encapsulate.c +++ /dev/null @@ -1,122 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: encapsulate.c,v 1.6.6.1 2003/09/18 21:47:44 lha Exp $"); - -void -gssapi_krb5_encap_length (size_t data_len, - size_t *len, - size_t *total_len) -{ - size_t len_len; - - *len = 1 + 1 + GSS_KRB5_MECHANISM->length + 2 + data_len; - - len_len = length_len(*len); - - *total_len = 1 + len_len + *len; -} - -u_char * -gssapi_krb5_make_header (u_char *p, - size_t len, - u_char *type) -{ - int e; - size_t len_len, foo; - - *p++ = 0x60; - len_len = length_len(len); - e = der_put_length (p + len_len - 1, len_len, len, &foo); - if(e || foo != len_len) - abort (); - p += len_len; - *p++ = 0x06; - *p++ = GSS_KRB5_MECHANISM->length; - memcpy (p, GSS_KRB5_MECHANISM->elements, GSS_KRB5_MECHANISM->length); - p += GSS_KRB5_MECHANISM->length; - memcpy (p, type, 2); - p += 2; - return p; -} - -u_char * -_gssapi_make_mech_header(u_char *p, - size_t len) -{ - int e; - size_t len_len, foo; - - *p++ = 0x60; - len_len = length_len(len); - e = der_put_length (p + len_len - 1, len_len, len, &foo); - if(e || foo != len_len) - abort (); - p += len_len; - *p++ = 0x06; - *p++ = GSS_KRB5_MECHANISM->length; - memcpy (p, GSS_KRB5_MECHANISM->elements, GSS_KRB5_MECHANISM->length); - p += GSS_KRB5_MECHANISM->length; - return p; -} - -/* - * Give it a krb5_data and it will encapsulate with extra GSS-API wrappings. - */ - -OM_uint32 -gssapi_krb5_encapsulate( - OM_uint32 *minor_status, - const krb5_data *in_data, - gss_buffer_t output_token, - u_char *type -) -{ - size_t len, outer_len; - u_char *p; - - gssapi_krb5_encap_length (in_data->length, &len, &outer_len); - - output_token->length = outer_len; - output_token->value = malloc (outer_len); - if (output_token->value == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - p = gssapi_krb5_make_header (output_token->value, len, type); - memcpy (p, in_data->data, in_data->length); - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/export_name.c b/crypto/heimdal/lib/gssapi/export_name.c deleted file mode 100644 index c5fcbd4fd0cf..000000000000 --- a/crypto/heimdal/lib/gssapi/export_name.c +++ /dev/null @@ -1,94 +0,0 @@ -/* - * Copyright (c) 1997, 1999, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: export_name.c,v 1.5 2003/03/16 17:34:46 lha Exp $"); - -OM_uint32 gss_export_name - (OM_uint32 * minor_status, - const gss_name_t input_name, - gss_buffer_t exported_name - ) -{ - krb5_error_code kret; - char *buf, *name; - size_t len; - - GSSAPI_KRB5_INIT (); - kret = krb5_unparse_name (gssapi_krb5_context, - input_name, - &name); - if (kret) { - *minor_status = kret; - gssapi_krb5_set_error_string (); - return GSS_S_FAILURE; - } - len = strlen (name); - - exported_name->length = 10 + len + GSS_KRB5_MECHANISM->length; - exported_name->value = malloc(exported_name->length); - if (exported_name->value == NULL) { - free (name); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - /* TOK, MECH_OID_LEN, DER(MECH_OID), NAME_LEN, NAME */ - - buf = exported_name->value; - memcpy(buf, "\x04\x01", 2); - buf += 2; - buf[0] = ((GSS_KRB5_MECHANISM->length + 2) >> 8) & 0xff; - buf[1] = (GSS_KRB5_MECHANISM->length + 2) & 0xff; - buf+= 2; - buf[0] = 0x06; - buf[1] = (GSS_KRB5_MECHANISM->length) & 0xFF; - buf+= 2; - - memcpy(buf, GSS_KRB5_MECHANISM->elements, GSS_KRB5_MECHANISM->length); - buf += GSS_KRB5_MECHANISM->length; - - buf[0] = (len >> 24) & 0xff; - buf[1] = (len >> 16) & 0xff; - buf[2] = (len >> 8) & 0xff; - buf[3] = (len) & 0xff; - buf += 4; - - memcpy (buf, name, len); - - free (name); - - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/export_sec_context.c b/crypto/heimdal/lib/gssapi/export_sec_context.c deleted file mode 100644 index c7e626524282..000000000000 --- a/crypto/heimdal/lib/gssapi/export_sec_context.c +++ /dev/null @@ -1,223 +0,0 @@ -/* - * Copyright (c) 1999 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: export_sec_context.c,v 1.6 2003/03/16 18:02:52 lha Exp $"); - -OM_uint32 -gss_export_sec_context ( - OM_uint32 * minor_status, - gss_ctx_id_t * context_handle, - gss_buffer_t interprocess_token - ) -{ - krb5_storage *sp; - krb5_auth_context ac; - OM_uint32 ret = GSS_S_COMPLETE; - krb5_data data; - gss_buffer_desc buffer; - int flags; - OM_uint32 minor; - krb5_error_code kret; - - GSSAPI_KRB5_INIT (); - if (!((*context_handle)->flags & GSS_C_TRANS_FLAG)) { - *minor_status = 0; - return GSS_S_UNAVAILABLE; - } - - sp = krb5_storage_emem (); - if (sp == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - ac = (*context_handle)->auth_context; - - /* flagging included fields */ - - flags = 0; - if (ac->local_address) - flags |= SC_LOCAL_ADDRESS; - if (ac->remote_address) - flags |= SC_REMOTE_ADDRESS; - if (ac->keyblock) - flags |= SC_KEYBLOCK; - if (ac->local_subkey) - flags |= SC_LOCAL_SUBKEY; - if (ac->remote_subkey) - flags |= SC_REMOTE_SUBKEY; - - kret = krb5_store_int32 (sp, flags); - if (kret) { - *minor_status = kret; - goto failure; - } - - /* marshall auth context */ - - kret = krb5_store_int32 (sp, ac->flags); - if (kret) { - *minor_status = kret; - goto failure; - } - if (ac->local_address) { - kret = krb5_store_address (sp, *ac->local_address); - if (kret) { - *minor_status = kret; - goto failure; - } - } - if (ac->remote_address) { - kret = krb5_store_address (sp, *ac->remote_address); - if (kret) { - *minor_status = kret; - goto failure; - } - } - kret = krb5_store_int16 (sp, ac->local_port); - if (kret) { - *minor_status = kret; - goto failure; - } - kret = krb5_store_int16 (sp, ac->remote_port); - if (kret) { - *minor_status = kret; - goto failure; - } - if (ac->keyblock) { - kret = krb5_store_keyblock (sp, *ac->keyblock); - if (kret) { - *minor_status = kret; - goto failure; - } - } - if (ac->local_subkey) { - kret = krb5_store_keyblock (sp, *ac->local_subkey); - if (kret) { - *minor_status = kret; - goto failure; - } - } - if (ac->remote_subkey) { - kret = krb5_store_keyblock (sp, *ac->remote_subkey); - if (kret) { - *minor_status = kret; - goto failure; - } - } - kret = krb5_store_int32 (sp, ac->local_seqnumber); - if (kret) { - *minor_status = kret; - goto failure; - } - kret = krb5_store_int32 (sp, ac->remote_seqnumber); - if (kret) { - *minor_status = kret; - goto failure; - } - - kret = krb5_store_int32 (sp, ac->keytype); - if (kret) { - *minor_status = kret; - goto failure; - } - kret = krb5_store_int32 (sp, ac->cksumtype); - if (kret) { - *minor_status = kret; - goto failure; - } - - /* names */ - - ret = gss_export_name (minor_status, (*context_handle)->source, &buffer); - if (ret) - goto failure; - data.data = buffer.value; - data.length = buffer.length; - kret = krb5_store_data (sp, data); - gss_release_buffer (&minor, &buffer); - if (kret) { - *minor_status = kret; - goto failure; - } - - ret = gss_export_name (minor_status, (*context_handle)->target, &buffer); - if (ret) - goto failure; - data.data = buffer.value; - data.length = buffer.length; - - ret = GSS_S_FAILURE; - - kret = krb5_store_data (sp, data); - gss_release_buffer (&minor, &buffer); - if (kret) { - *minor_status = kret; - goto failure; - } - - kret = krb5_store_int32 (sp, (*context_handle)->flags); - if (kret) { - *minor_status = kret; - goto failure; - } - kret = krb5_store_int32 (sp, (*context_handle)->more_flags); - if (kret) { - *minor_status = kret; - goto failure; - } - kret = krb5_store_int32 (sp, (*context_handle)->lifetime); - if (kret) { - *minor_status = kret; - goto failure; - } - - kret = krb5_storage_to_data (sp, &data); - krb5_storage_free (sp); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } - interprocess_token->length = data.length; - interprocess_token->value = data.data; - ret = gss_delete_sec_context (minor_status, context_handle, - GSS_C_NO_BUFFER); - if (ret != GSS_S_COMPLETE) - gss_release_buffer (NULL, interprocess_token); - *minor_status = 0; - return ret; - failure: - krb5_storage_free (sp); - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/external.c b/crypto/heimdal/lib/gssapi/external.c deleted file mode 100644 index dca35ea94318..000000000000 --- a/crypto/heimdal/lib/gssapi/external.c +++ /dev/null @@ -1,235 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: external.c,v 1.5 2000/07/22 03:45:28 assar Exp $"); - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" - * "\x01\x02\x01\x01"}, - * corresponding to an object-identifier value of - * {iso(1) member-body(2) United States(840) mit(113554) - * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant - * GSS_C_NT_USER_NAME should be initialized to point - * to that gss_OID_desc. - */ - -static gss_OID_desc gss_c_nt_user_name_oid_desc = -{10, (void *)"\x2a\x86\x48\x86\xf7\x12" - "\x01\x02\x01\x01"}; - -gss_OID GSS_C_NT_USER_NAME = &gss_c_nt_user_name_oid_desc; - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" - * "\x01\x02\x01\x02"}, - * corresponding to an object-identifier value of - * {iso(1) member-body(2) United States(840) mit(113554) - * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}. - * The constant GSS_C_NT_MACHINE_UID_NAME should be - * initialized to point to that gss_OID_desc. - */ - -static gss_OID_desc gss_c_nt_machine_uid_name_oid_desc = -{10, (void *)"\x2a\x86\x48\x86\xf7\x12" - "\x01\x02\x01\x02"}; - -gss_OID GSS_C_NT_MACHINE_UID_NAME = &gss_c_nt_machine_uid_name_oid_desc; - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" - * "\x01\x02\x01\x03"}, - * corresponding to an object-identifier value of - * {iso(1) member-body(2) United States(840) mit(113554) - * infosys(1) gssapi(2) generic(1) string_uid_name(3)}. - * The constant GSS_C_NT_STRING_UID_NAME should be - * initialized to point to that gss_OID_desc. - */ - -static gss_OID_desc gss_c_nt_string_uid_name_oid_desc = -{10, (void *)"\x2a\x86\x48\x86\xf7\x12" - "\x01\x02\x01\x03"}; - -gss_OID GSS_C_NT_STRING_UID_NAME = &gss_c_nt_string_uid_name_oid_desc; - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, - * corresponding to an object-identifier value of - * {iso(1) org(3) dod(6) internet(1) security(5) - * nametypes(6) gss-host-based-services(2)). The constant - * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point - * to that gss_OID_desc. This is a deprecated OID value, and - * implementations wishing to support hostbased-service names - * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID, - * defined below, to identify such names; - * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym - * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input - * parameter, but should not be emitted by GSS-API - * implementations - */ - -static gss_OID_desc gss_c_nt_hostbased_service_x_oid_desc = -{6, (void *)"\x2b\x06\x01\x05\x06\x02"}; - -gss_OID GSS_C_NT_HOSTBASED_SERVICE_X = &gss_c_nt_hostbased_service_x_oid_desc; - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" - * "\x01\x02\x01\x04"}, corresponding to an - * object-identifier value of {iso(1) member-body(2) - * Unites States(840) mit(113554) infosys(1) gssapi(2) - * generic(1) service_name(4)}. The constant - * GSS_C_NT_HOSTBASED_SERVICE should be initialized - * to point to that gss_OID_desc. - */ -static gss_OID_desc gss_c_nt_hostbased_service_oid_desc = -{10, (void *)"\x2a\x86\x48\x86\xf7\x12" "\x01\x02\x01\x04"}; - -gss_OID GSS_C_NT_HOSTBASED_SERVICE = &gss_c_nt_hostbased_service_oid_desc; - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {6, (void *)"\x2b\x06\01\x05\x06\x03"}, - * corresponding to an object identifier value of - * {1(iso), 3(org), 6(dod), 1(internet), 5(security), - * 6(nametypes), 3(gss-anonymous-name)}. The constant - * and GSS_C_NT_ANONYMOUS should be initialized to point - * to that gss_OID_desc. - */ - -static gss_OID_desc gss_c_nt_anonymous_oid_desc = -{6, (void *)"\x2b\x06\01\x05\x06\x03"}; - -gss_OID GSS_C_NT_ANONYMOUS = &gss_c_nt_anonymous_oid_desc; - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {6, (void *)"\x2b\x06\x01\x05\x06\x04"}, - * corresponding to an object-identifier value of - * {1(iso), 3(org), 6(dod), 1(internet), 5(security), - * 6(nametypes), 4(gss-api-exported-name)}. The constant - * GSS_C_NT_EXPORT_NAME should be initialized to point - * to that gss_OID_desc. - */ - -static gss_OID_desc gss_c_nt_export_name_oid_desc = -{6, (void *)"\x2b\x06\x01\x05\x06\x04"}; - -gss_OID GSS_C_NT_EXPORT_NAME = &gss_c_nt_export_name_oid_desc; - -/* - * This name form shall be represented by the Object Identifier {iso(1) - * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) - * krb5(2) krb5_name(1)}. The recommended symbolic name for this type - * is "GSS_KRB5_NT_PRINCIPAL_NAME". - */ - -static gss_OID_desc gss_krb5_nt_principal_name_oid_desc = -{10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x01"}; - -gss_OID GSS_KRB5_NT_PRINCIPAL_NAME = &gss_krb5_nt_principal_name_oid_desc; - -/* - * This name form shall be represented by the Object Identifier {iso(1) - * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) - * generic(1) user_name(1)}. The recommended symbolic name for this - * type is "GSS_KRB5_NT_USER_NAME". - */ - -gss_OID GSS_KRB5_NT_USER_NAME = &gss_c_nt_user_name_oid_desc; - -/* - * This name form shall be represented by the Object Identifier {iso(1) - * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) - * generic(1) machine_uid_name(2)}. The recommended symbolic name for - * this type is "GSS_KRB5_NT_MACHINE_UID_NAME". - */ - -gss_OID GSS_KRB5_NT_MACHINE_UID_NAME = &gss_c_nt_machine_uid_name_oid_desc; - -/* - * This name form shall be represented by the Object Identifier {iso(1) - * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) - * generic(1) string_uid_name(3)}. The recommended symbolic name for - * this type is "GSS_KRB5_NT_STRING_UID_NAME". - */ - -gss_OID GSS_KRB5_NT_STRING_UID_NAME = &gss_c_nt_string_uid_name_oid_desc; - -/* - * To support ongoing experimentation, testing, and evolution of the - * specification, the Kerberos V5 GSS-API mechanism as defined in this - * and any successor memos will be identified with the following Object - * Identifier, as defined in RFC-1510, until the specification is - * advanced to the level of Proposed Standard RFC: - * - * {iso(1), org(3), dod(5), internet(1), security(5), kerberosv5(2)} - * - * Upon advancement to the level of Proposed Standard RFC, the Kerberos - * V5 GSS-API mechanism will be identified by an Object Identifier - * having the value: - * - * {iso(1) member-body(2) United States(840) mit(113554) infosys(1) - * gssapi(2) krb5(2)} - */ - -#if 0 /* This is the old OID */ - -static gss_OID_desc gss_krb5_mechanism_oid_desc = -{5, (void *)"\x2b\x05\x01\x05\x02"}; - -#endif - -static gss_OID_desc gss_krb5_mechanism_oid_desc = -{9, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02"}; - -gss_OID GSS_KRB5_MECHANISM = &gss_krb5_mechanism_oid_desc; - -/* - * Context for krb5 calls. - */ - -krb5_context gssapi_krb5_context; diff --git a/crypto/heimdal/lib/gssapi/get_mic.c b/crypto/heimdal/lib/gssapi/get_mic.c deleted file mode 100644 index 7f5b37e02572..000000000000 --- a/crypto/heimdal/lib/gssapi/get_mic.c +++ /dev/null @@ -1,295 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: get_mic.c,v 1.21.2.1 2003/09/18 22:05:12 lha Exp $"); - -static OM_uint32 -mic_des - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - gss_qop_t qop_req, - const gss_buffer_t message_buffer, - gss_buffer_t message_token, - krb5_keyblock *key - ) -{ - u_char *p; - MD5_CTX md5; - u_char hash[16]; - des_key_schedule schedule; - des_cblock deskey; - des_cblock zero; - int32_t seq_number; - size_t len, total_len; - - gssapi_krb5_encap_length (22, &len, &total_len); - - message_token->length = total_len; - message_token->value = malloc (total_len); - if (message_token->value == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - p = gssapi_krb5_make_header(message_token->value, - len, - "\x01\x01"); /* TOK_ID */ - - memcpy (p, "\x00\x00", 2); /* SGN_ALG = DES MAC MD5 */ - p += 2; - - memcpy (p, "\xff\xff\xff\xff", 4); /* Filler */ - p += 4; - - /* Fill in later (SND-SEQ) */ - memset (p, 0, 16); - p += 16; - - /* checksum */ - MD5_Init (&md5); - MD5_Update (&md5, p - 24, 8); - MD5_Update (&md5, message_buffer->value, message_buffer->length); - MD5_Final (hash, &md5); - - memset (&zero, 0, sizeof(zero)); - memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - des_set_key (&deskey, schedule); - des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), - schedule, &zero); - memcpy (p - 8, hash, 8); /* SGN_CKSUM */ - - /* sequence number */ - krb5_auth_con_getlocalseqnumber (gssapi_krb5_context, - context_handle->auth_context, - &seq_number); - - p -= 16; /* SND_SEQ */ - p[0] = (seq_number >> 0) & 0xFF; - p[1] = (seq_number >> 8) & 0xFF; - p[2] = (seq_number >> 16) & 0xFF; - p[3] = (seq_number >> 24) & 0xFF; - memset (p + 4, - (context_handle->more_flags & LOCAL) ? 0 : 0xFF, - 4); - - des_set_key (&deskey, schedule); - des_cbc_encrypt ((void *)p, (void *)p, 8, - schedule, (des_cblock *)(p + 8), DES_ENCRYPT); - - krb5_auth_con_setlocalseqnumber (gssapi_krb5_context, - context_handle->auth_context, - ++seq_number); - - memset (deskey, 0, sizeof(deskey)); - memset (schedule, 0, sizeof(schedule)); - - *minor_status = 0; - return GSS_S_COMPLETE; -} - -static OM_uint32 -mic_des3 - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - gss_qop_t qop_req, - const gss_buffer_t message_buffer, - gss_buffer_t message_token, - krb5_keyblock *key - ) -{ - u_char *p; - Checksum cksum; - u_char seq[8]; - - int32_t seq_number; - size_t len, total_len; - - krb5_crypto crypto; - krb5_error_code kret; - krb5_data encdata; - char *tmp; - char ivec[8]; - - gssapi_krb5_encap_length (36, &len, &total_len); - - message_token->length = total_len; - message_token->value = malloc (total_len); - if (message_token->value == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - p = gssapi_krb5_make_header(message_token->value, - len, - "\x01\x01"); /* TOK-ID */ - - memcpy (p, "\x04\x00", 2); /* SGN_ALG = HMAC SHA1 DES3-KD */ - p += 2; - - memcpy (p, "\xff\xff\xff\xff", 4); /* filler */ - p += 4; - - /* this should be done in parts */ - - tmp = malloc (message_buffer->length + 8); - if (tmp == NULL) { - free (message_token->value); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - memcpy (tmp, p - 8, 8); - memcpy (tmp + 8, message_buffer->value, message_buffer->length); - - kret = krb5_crypto_init(gssapi_krb5_context, key, 0, &crypto); - if (kret) { - free (message_token->value); - free (tmp); - gssapi_krb5_set_error_string (); - *minor_status = kret; - return GSS_S_FAILURE; - } - - kret = krb5_create_checksum (gssapi_krb5_context, - crypto, - KRB5_KU_USAGE_SIGN, - 0, - tmp, - message_buffer->length + 8, - &cksum); - free (tmp); - krb5_crypto_destroy (gssapi_krb5_context, crypto); - if (kret) { - free (message_token->value); - gssapi_krb5_set_error_string (); - *minor_status = kret; - return GSS_S_FAILURE; - } - - memcpy (p + 8, cksum.checksum.data, cksum.checksum.length); - - /* sequence number */ - krb5_auth_con_getlocalseqnumber (gssapi_krb5_context, - context_handle->auth_context, - &seq_number); - - seq[0] = (seq_number >> 0) & 0xFF; - seq[1] = (seq_number >> 8) & 0xFF; - seq[2] = (seq_number >> 16) & 0xFF; - seq[3] = (seq_number >> 24) & 0xFF; - memset (seq + 4, - (context_handle->more_flags & LOCAL) ? 0 : 0xFF, - 4); - - kret = krb5_crypto_init(gssapi_krb5_context, key, - ETYPE_DES3_CBC_NONE, &crypto); - if (kret) { - free (message_token->value); - gssapi_krb5_set_error_string (); - *minor_status = kret; - return GSS_S_FAILURE; - } - - if (context_handle->more_flags & COMPAT_OLD_DES3) - memset(ivec, 0, 8); - else - memcpy(ivec, p + 8, 8); - - kret = krb5_encrypt_ivec (gssapi_krb5_context, - crypto, - KRB5_KU_USAGE_SEQ, - seq, 8, &encdata, ivec); - krb5_crypto_destroy (gssapi_krb5_context, crypto); - if (kret) { - free (message_token->value); - gssapi_krb5_set_error_string (); - *minor_status = kret; - return GSS_S_FAILURE; - } - - assert (encdata.length == 8); - - memcpy (p, encdata.data, encdata.length); - krb5_data_free (&encdata); - - krb5_auth_con_setlocalseqnumber (gssapi_krb5_context, - context_handle->auth_context, - ++seq_number); - - free_Checksum (&cksum); - *minor_status = 0; - return GSS_S_COMPLETE; -} - -OM_uint32 gss_get_mic - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - gss_qop_t qop_req, - const gss_buffer_t message_buffer, - gss_buffer_t message_token - ) -{ - krb5_keyblock *key; - OM_uint32 ret; - krb5_keytype keytype; - - ret = gss_krb5_get_localkey(context_handle, &key); - if (ret) { - gssapi_krb5_set_error_string (); - *minor_status = ret; - return GSS_S_FAILURE; - } - krb5_enctype_to_keytype (gssapi_krb5_context, key->keytype, &keytype); - - switch (keytype) { - case KEYTYPE_DES : - ret = mic_des (minor_status, context_handle, qop_req, - message_buffer, message_token, key); - break; - case KEYTYPE_DES3 : - ret = mic_des3 (minor_status, context_handle, qop_req, - message_buffer, message_token, key); - break; - case KEYTYPE_ARCFOUR: - ret = _gssapi_get_mic_arcfour (minor_status, context_handle, qop_req, - message_buffer, message_token, key); - break; - default : - *minor_status = KRB5_PROG_ETYPE_NOSUPP; - ret = GSS_S_FAILURE; - break; - } - krb5_free_keyblock (gssapi_krb5_context, key); - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/gss-commands.in b/crypto/heimdal/lib/gssapi/gss-commands.in deleted file mode 100644 index 2204f2afa89a..000000000000 --- a/crypto/heimdal/lib/gssapi/gss-commands.in +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $Id: gss-commands.in 17870 2006-07-22 14:48:58Z lha $ */ - -command = { - name = "supported-mechanisms" - help = "Print the supported mechanisms" -} -command = { - name = "help" - name = "?" - argument = "[command]" - min_args = "0" - max_args = "1" - help = "Help! I need somebody." -} diff --git a/crypto/heimdal/lib/gssapi/gss.c b/crypto/heimdal/lib/gssapi/gss.c deleted file mode 100644 index 739e8306363b..000000000000 --- a/crypto/heimdal/lib/gssapi/gss.c +++ /dev/null @@ -1,205 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include -#include -#include -#include - -RCSID("$Id: gss.c 19922 2007-01-16 09:32:03Z lha $"); - -static int version_flag = 0; -static int help_flag = 0; - -static struct getargs args[] = { - {"version", 0, arg_flag, &version_flag, "print version", NULL }, - {"help", 0, arg_flag, &help_flag, NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, sizeof(args)/sizeof(*args), - NULL, "service@host"); - exit (ret); -} - -#define COL_OID "OID" -#define COL_NAME "Name" - -int -supported_mechanisms(void *argptr, int argc, char **argv) -{ - OM_uint32 maj_stat, min_stat; - gss_OID_set mechs; - rtbl_t ct; - size_t i; - - maj_stat = gss_indicate_mechs(&min_stat, &mechs); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_indicate_mechs failed"); - - printf("Supported mechanisms:\n"); - - ct = rtbl_create(); - if (ct == NULL) - errx(1, "rtbl_create"); - - rtbl_set_separator(ct, " "); - rtbl_add_column(ct, COL_OID, 0); - rtbl_add_column(ct, COL_NAME, 0); - - for (i = 0; i < mechs->count; i++) { - gss_buffer_desc name; - - maj_stat = gss_oid_to_str(&min_stat, &mechs->elements[i], &name); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_oid_to_str failed"); - - rtbl_add_column_entryv(ct, COL_OID, "%.*s", - (int)name.length, (char *)name.value); - gss_release_buffer(&min_stat, &name); - - if (gss_oid_equal(&mechs->elements[i], GSS_KRB5_MECHANISM)) - rtbl_add_column_entry(ct, COL_NAME, "Kerberos 5"); - else if (gss_oid_equal(&mechs->elements[i], GSS_SPNEGO_MECHANISM)) - rtbl_add_column_entry(ct, COL_NAME, "SPNEGO"); - else if (gss_oid_equal(&mechs->elements[i], GSS_NTLM_MECHANISM)) - rtbl_add_column_entry(ct, COL_NAME, "NTLM"); - } - gss_release_oid_set(&min_stat, &mechs); - - rtbl_format(ct, stdout); - rtbl_destroy(ct); - - return 0; -} - -#if 0 -/* - * - */ - -#define DOVEDOT_MAJOR_VERSION 1 -#define DOVEDOT_MINOR_VERSION 0 - -/* - S: MECH mech mech-parameters - S: MECH mech mech-parameters - S: VERSION major minor - S: CPID pid - S: CUID pid - S: ... - S: DONE - C: VERSION major minor - C: CPID pid - - C: AUTH id method service= resp= - C: CONT id message - - S: OK id user= - S: FAIL id reason= - S: CONTINUE id message -*/ - -int -dovecot_server(void *argptr, int argc, char **argv) -{ - krb5_storage *sp; - int fd = 0; - - sp = krb5_storage_from_fd(fd); - if (sp == NULL) - errx(1, "krb5_storage_from_fd"); - - krb5_store_stringnl(sp, "MECH\tGSSAPI"); - krb5_store_stringnl(sp, "VERSION\t1\t0"); - krb5_store_stringnl(sp, "DONE"); - - while (1) { - char *cmd; - if (krb5_ret_stringnl(sp, &cmd) != 0) - break; - printf("cmd: %s\n", cmd); - free(cmd); - } - return 0; -} -#endif - -/* - * - */ - -int -help(void *opt, int argc, char **argv) -{ - sl_slc_help(commands, argc, argv); - return 0; -} - -int -main(int argc, char **argv) -{ - int optidx = 0; - - setprogname(argv[0]); - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - if (argc == 0) { - help(NULL, argc, argv); - return 1; - } - - return sl_command (commands, argc, argv); -} diff --git a/crypto/heimdal/lib/gssapi/gss_acquire_cred.3 b/crypto/heimdal/lib/gssapi/gss_acquire_cred.3 deleted file mode 100644 index d2a04d93fbb4..000000000000 --- a/crypto/heimdal/lib/gssapi/gss_acquire_cred.3 +++ /dev/null @@ -1,688 +0,0 @@ -.\" Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: gss_acquire_cred.3 20235 2007-02-16 11:19:03Z lha $ -.\" -.Dd October 26, 2005 -.Dt GSS_ACQUIRE_CRED 3 -.Os HEIMDAL -.Sh NAME -.Nm gss_accept_sec_context , -.Nm gss_acquire_cred , -.Nm gss_add_cred , -.Nm gss_add_oid_set_member , -.Nm gss_canonicalize_name , -.Nm gss_compare_name , -.Nm gss_context_time , -.Nm gss_create_empty_oid_set , -.Nm gss_delete_sec_context , -.Nm gss_display_name , -.Nm gss_display_status , -.Nm gss_duplicate_name , -.Nm gss_export_name , -.Nm gss_export_sec_context , -.Nm gss_get_mic , -.Nm gss_import_name , -.Nm gss_import_sec_context , -.Nm gss_indicate_mechs , -.Nm gss_init_sec_context , -.Nm gss_inquire_context , -.Nm gss_inquire_cred , -.Nm gss_inquire_cred_by_mech , -.Nm gss_inquire_mechs_for_name , -.Nm gss_inquire_names_for_mech , -.Nm gss_krb5_ccache_name , -.Nm gss_krb5_compat_des3_mic , -.Nm gss_krb5_copy_ccache , -.Nm gss_krb5_import_cred -.Nm gsskrb5_extract_authz_data_from_sec_context , -.Nm gsskrb5_register_acceptor_identity , -.Nm gss_krb5_import_ccache , -.Nm gss_krb5_get_tkt_flags , -.Nm gss_process_context_token , -.Nm gss_release_buffer , -.Nm gss_release_cred , -.Nm gss_release_name , -.Nm gss_release_oid_set , -.Nm gss_seal , -.Nm gss_sign , -.Nm gss_test_oid_set_member , -.Nm gss_unseal , -.Nm gss_unwrap , -.Nm gss_verify , -.Nm gss_verify_mic , -.Nm gss_wrap , -.Nm gss_wrap_size_limit -.Nd Generic Security Service Application Program Interface library -.Sh LIBRARY -GSS-API library (libgssapi, -lgssapi) -.Sh SYNOPSIS -.In gssapi.h -.Pp -.Ft OM_uint32 -.Fo gss_accept_sec_context -.Fa "OM_uint32 * minor_status" -.Fa "gss_ctx_id_t * context_handle" -.Fa "const gss_cred_id_t acceptor_cred_handle" -.Fa "const gss_buffer_t input_token_buffer" -.Fa "const gss_channel_bindings_t input_chan_bindings" -.Fa "gss_name_t * src_name" -.Fa "gss_OID * mech_type" -.Fa "gss_buffer_t output_token" -.Fa "OM_uint32 * ret_flags" -.Fa "OM_uint32 * time_rec" -.Fa "gss_cred_id_t * delegated_cred_handle" -.Fc -.Pp -.Ft OM_uint32 -.Fo gss_acquire_cred -.Fa "OM_uint32 * minor_status" -.Fa "const gss_name_t desired_name" -.Fa "OM_uint32 time_req" -.Fa "const gss_OID_set desired_mechs" -.Fa "gss_cred_usage_t cred_usage" -.Fa "gss_cred_id_t * output_cred_handle" -.Fa "gss_OID_set * actual_mechs" -.Fa "OM_uint32 * time_rec" -.Fc -.Ft OM_uint32 -.Fo gss_add_cred -.Fa "OM_uint32 *minor_status" -.Fa "const gss_cred_id_t input_cred_handle" -.Fa "const gss_name_t desired_name" -.Fa "const gss_OID desired_mech" -.Fa "gss_cred_usage_t cred_usage" -.Fa "OM_uint32 initiator_time_req" -.Fa "OM_uint32 acceptor_time_req" -.Fa "gss_cred_id_t *output_cred_handle" -.Fa "gss_OID_set *actual_mechs" -.Fa "OM_uint32 *initiator_time_rec" -.Fa "OM_uint32 *acceptor_time_rec" -.Fc -.Ft OM_uint32 -.Fo gss_add_oid_set_member -.Fa "OM_uint32 * minor_status" -.Fa "const gss_OID member_oid" -.Fa "gss_OID_set * oid_set" -.Fc -.Ft OM_uint32 -.Fo gss_canonicalize_name -.Fa "OM_uint32 * minor_status" -.Fa "const gss_name_t input_name" -.Fa "const gss_OID mech_type" -.Fa "gss_name_t * output_name" -.Fc -.Ft OM_uint32 -.Fo gss_compare_name -.Fa "OM_uint32 * minor_status" -.Fa "const gss_name_t name1" -.Fa "const gss_name_t name2" -.Fa "int * name_equal" -.Fc -.Ft OM_uint32 -.Fo gss_context_time -.Fa "OM_uint32 * minor_status" -.Fa "const gss_ctx_id_t context_handle" -.Fa "OM_uint32 * time_rec" -.Fc -.Ft OM_uint32 -.Fo gss_create_empty_oid_set -.Fa "OM_uint32 * minor_status" -.Fa "gss_OID_set * oid_set" -.Fc -.Ft OM_uint32 -.Fo gss_delete_sec_context -.Fa "OM_uint32 * minor_status" -.Fa "gss_ctx_id_t * context_handle" -.Fa "gss_buffer_t output_token" -.Fc -.Ft OM_uint32 -.Fo gss_display_name -.Fa "OM_uint32 * minor_status" -.Fa "const gss_name_t input_name" -.Fa "gss_buffer_t output_name_buffer" -.Fa "gss_OID * output_name_type" -.Fc -.Ft OM_uint32 -.Fo gss_display_status -.Fa "OM_uint32 *minor_status" -.Fa "OM_uint32 status_value" -.Fa "int status_type" -.Fa "const gss_OID mech_type" -.Fa "OM_uint32 *message_context" -.Fa "gss_buffer_t status_string" -.Fc -.Ft OM_uint32 -.Fo gss_duplicate_name -.Fa "OM_uint32 * minor_status" -.Fa "const gss_name_t src_name" -.Fa "gss_name_t * dest_name" -.Fc -.Ft OM_uint32 -.Fo gss_export_name -.Fa "OM_uint32 * minor_status" -.Fa "const gss_name_t input_name" -.Fa "gss_buffer_t exported_name" -.Fc -.Ft OM_uint32 -.Fo gss_export_sec_context -.Fa "OM_uint32 * minor_status" -.Fa "gss_ctx_id_t * context_handle" -.Fa "gss_buffer_t interprocess_token" -.Fc -.Ft OM_uint32 -.Fo gss_get_mic -.Fa "OM_uint32 * minor_status" -.Fa "const gss_ctx_id_t context_handle" -.Fa "gss_qop_t qop_req" -.Fa "const gss_buffer_t message_buffer" -.Fa "gss_buffer_t message_token" -.Fc -.Ft OM_uint32 -.Fo gss_import_name -.Fa "OM_uint32 * minor_status" -.Fa "const gss_buffer_t input_name_buffer" -.Fa "const gss_OID input_name_type" -.Fa "gss_name_t * output_name" -.Fc -.Ft OM_uint32 -.Fo gss_import_sec_context -.Fa "OM_uint32 * minor_status" -.Fa "const gss_buffer_t interprocess_token" -.Fa "gss_ctx_id_t * context_handle" -.Fc -.Ft OM_uint32 -.Fo gss_indicate_mechs -.Fa "OM_uint32 * minor_status" -.Fa "gss_OID_set * mech_set" -.Fc -.Ft OM_uint32 -.Fo gss_init_sec_context -.Fa "OM_uint32 * minor_status" -.Fa "const gss_cred_id_t initiator_cred_handle" -.Fa "gss_ctx_id_t * context_handle" -.Fa "const gss_name_t target_name" -.Fa "const gss_OID mech_type" -.Fa "OM_uint32 req_flags" -.Fa "OM_uint32 time_req" -.Fa "const gss_channel_bindings_t input_chan_bindings" -.Fa "const gss_buffer_t input_token" -.Fa "gss_OID * actual_mech_type" -.Fa "gss_buffer_t output_token" -.Fa "OM_uint32 * ret_flags" -.Fa "OM_uint32 * time_rec" -.Fc -.Ft OM_uint32 -.Fo gss_inquire_context -.Fa "OM_uint32 * minor_status" -.Fa "const gss_ctx_id_t context_handle" -.Fa "gss_name_t * src_name" -.Fa "gss_name_t * targ_name" -.Fa "OM_uint32 * lifetime_rec" -.Fa "gss_OID * mech_type" -.Fa "OM_uint32 * ctx_flags" -.Fa "int * locally_initiated" -.Fa "int * open_context" -.Fc -.Ft OM_uint32 -.Fo gss_inquire_cred -.Fa "OM_uint32 * minor_status" -.Fa "const gss_cred_id_t cred_handle" -.Fa "gss_name_t * name" -.Fa "OM_uint32 * lifetime" -.Fa "gss_cred_usage_t * cred_usage" -.Fa "gss_OID_set * mechanisms" -.Fc -.Ft OM_uint32 -.Fo gss_inquire_cred_by_mech -.Fa "OM_uint32 * minor_status" -.Fa "const gss_cred_id_t cred_handle" -.Fa "const gss_OID mech_type" -.Fa "gss_name_t * name" -.Fa "OM_uint32 * initiator_lifetime" -.Fa "OM_uint32 * acceptor_lifetime" -.Fa "gss_cred_usage_t * cred_usage" -.Fc -.Ft OM_uint32 -.Fo gss_inquire_mechs_for_name -.Fa "OM_uint32 * minor_status" -.Fa "const gss_name_t input_name" -.Fa "gss_OID_set * mech_types" -.Fc -.Ft OM_uint32 -.Fo gss_inquire_names_for_mech -.Fa "OM_uint32 * minor_status" -.Fa "const gss_OID mechanism" -.Fa "gss_OID_set * name_types" -.Fc -.Ft OM_uint32 -.Fo gss_krb5_ccache_name -.Fa "OM_uint32 *minor" -.Fa "const char *name" -.Fa "const char **old_name" -.Fc -.Ft OM_uint32 -.Fo gss_krb5_copy_ccache -.Fa "OM_uint32 *minor" -.Fa "gss_cred_id_t cred" -.Fa "krb5_ccache out" -.Fc -.Ft OM_uint32 -.Fo gss_krb5_import_cred -.Fa "OM_uint32 *minor_status" -.Fa "krb5_ccache id" -.Fa "krb5_principal keytab_principal" -.Fa "krb5_keytab keytab" -.Fa "gss_cred_id_t *cred" -.Fc -.Ft OM_uint32 -.Fo gss_krb5_compat_des3_mic -.Fa "OM_uint32 * minor_status" -.Fa "gss_ctx_id_t context_handle" -.Fa "int onoff" -.Fc -.Ft OM_uint32 -.Fo gsskrb5_extract_authz_data_from_sec_context -.Fa "OM_uint32 *minor_status" -.Fa "gss_ctx_id_t context_handle" -.Fa "int ad_type" -.Fa "gss_buffer_t ad_data" -.Fc -.Ft OM_uint32 -.Fo gsskrb5_register_acceptor_identity -.Fa "const char *identity" -.Fc -.Ft OM_uint32 -.Fo gss_krb5_import_cache -.Fa "OM_uint32 *minor" -.Fa "krb5_ccache id" -.Fa "krb5_keytab keytab" -.Fa "gss_cred_id_t *cred" -.Fc -.Ft OM_uint32 -.Fo gss_krb5_get_tkt_flags -.Fa "OM_uint32 *minor_status" -.Fa "gss_ctx_id_t context_handle" -.Fa "OM_uint32 *tkt_flags" -.Fc -.Ft OM_uint32 -.Fo gss_process_context_token -.Fa "OM_uint32 * minor_status" -.Fa "const gss_ctx_id_t context_handle" -.Fa "const gss_buffer_t token_buffer" -.Fc -.Ft OM_uint32 -.Fo gss_release_buffer -.Fa "OM_uint32 * minor_status" -.Fa "gss_buffer_t buffer" -.Fc -.Ft OM_uint32 -.Fo gss_release_cred -.Fa "OM_uint32 * minor_status" -.Fa "gss_cred_id_t * cred_handle" -.Fc -.Ft OM_uint32 -.Fo gss_release_name -.Fa "OM_uint32 * minor_status" -.Fa "gss_name_t * input_name" -.Fc -.Ft OM_uint32 -.Fo gss_release_oid_set -.Fa "OM_uint32 * minor_status" -.Fa "gss_OID_set * set" -.Fc -.Ft OM_uint32 -.Fo gss_seal -.Fa "OM_uint32 * minor_status" -.Fa "gss_ctx_id_t context_handle" -.Fa "int conf_req_flag" -.Fa "int qop_req" -.Fa "gss_buffer_t input_message_buffer" -.Fa "int * conf_state" -.Fa "gss_buffer_t output_message_buffer" -.Fc -.Ft OM_uint32 -.Fo gss_sign -.Fa "OM_uint32 * minor_status" -.Fa "gss_ctx_id_t context_handle" -.Fa "int qop_req" -.Fa "gss_buffer_t message_buffer" -.Fa "gss_buffer_t message_token" -.Fc -.Ft OM_uint32 -.Fo gss_test_oid_set_member -.Fa "OM_uint32 * minor_status" -.Fa "const gss_OID member" -.Fa "const gss_OID_set set" -.Fa "int * present" -.Fc -.Ft OM_uint32 -.Fo gss_unseal -.Fa "OM_uint32 * minor_status" -.Fa "gss_ctx_id_t context_handle" -.Fa "gss_buffer_t input_message_buffer" -.Fa "gss_buffer_t output_message_buffer" -.Fa "int * conf_state" -.Fa "int * qop_state" -.Fc -.Ft OM_uint32 -.Fo gss_unwrap -.Fa "OM_uint32 * minor_status" -.Fa "const gss_ctx_id_t context_handle" -.Fa "const gss_buffer_t input_message_buffer" -.Fa "gss_buffer_t output_message_buffer" -.Fa "int * conf_state" -.Fa "gss_qop_t * qop_state" -.Fc -.Ft OM_uint32 -.Fo gss_verify -.Fa "OM_uint32 * minor_status" -.Fa "gss_ctx_id_t context_handle" -.Fa "gss_buffer_t message_buffer" -.Fa "gss_buffer_t token_buffer" -.Fa "int * qop_state" -.Fc -.Ft OM_uint32 -.Fo gss_verify_mic -.Fa "OM_uint32 * minor_status" -.Fa "const gss_ctx_id_t context_handle" -.Fa "const gss_buffer_t message_buffer" -.Fa "const gss_buffer_t token_buffer" -.Fa "gss_qop_t * qop_state" -.Fc -.Ft OM_uint32 -.Fo gss_wrap -.Fa "OM_uint32 * minor_status" -.Fa "const gss_ctx_id_t context_handle" -.Fa "int conf_req_flag" -.Fa "gss_qop_t qop_req" -.Fa "const gss_buffer_t input_message_buffer" -.Fa "int * conf_state" -.Fa "gss_buffer_t output_message_buffer" -.Fc -.Ft OM_uint32 -.Fo gss_wrap_size_limit -.Fa "OM_uint32 * minor_status" -.Fa "const gss_ctx_id_t context_handle" -.Fa "int conf_req_flag" -.Fa "gss_qop_t qop_req" -.Fa "OM_uint32 req_output_size" -.Fa "OM_uint32 * max_input_size" -.Fc -.Sh DESCRIPTION -Generic Security Service API (GSS-API) version 2, and its C binding, -is described in -.Li RFC2743 -and -.Li RFC2744 . -Version 1 (deprecated) of the C binding is described in -.Li RFC1509 . -.Pp -Heimdals GSS-API implementation supports the following mechanisms -.Bl -bullet -.It -.Li GSS_KRB5_MECHANISM -.It -.Li GSS_SPNEGO_MECHANISM -.El -.Pp -GSS-API have generic name types that all mechanism are supposed to -implement (if possible): -.Bl -bullet -.It -.Li GSS_C_NT_USER_NAME -.It -.Li GSS_C_NT_MACHINE_UID_NAME -.It -.Li GSS_C_NT_STRING_UID_NAME -.It -.Li GSS_C_NT_HOSTBASED_SERVICE -.It -.Li GSS_C_NT_ANONYMOUS -.It -.Li GSS_C_NT_EXPORT_NAME -.El -.Pp -GSS-API implementations that supports Kerberos 5 have some additional -name types: -.Bl -bullet -.It -.Li GSS_KRB5_NT_PRINCIPAL_NAME -.It -.Li GSS_KRB5_NT_USER_NAME -.It -.Li GSS_KRB5_NT_MACHINE_UID_NAME -.It -.Li GSS_KRB5_NT_STRING_UID_NAME -.El -.Pp -In GSS-API, names have two forms, internal names and contiguous string -names. -.Bl -bullet -.It -.Li Internal name and mechanism name -.Pp -Internal names are implementation specific representation of -a GSS-API name. -.Li Mechanism names -special form of internal names corresponds to one and only one mechanism. -.Pp -In GSS-API an internal name is stored in a -.Dv gss_name_t . -.It -.Li Contiguous string name and exported name -.Pp -Contiguous string names are gssapi names stored in a -.Dv OCTET STRING -that together with a name type identifier (OID) uniquely specifies a -gss-name. -A special form of the contiguous string name is the exported name that -have a OID embedded in the string to make it unique. -Exported name have the nametype -.Dv GSS_C_NT_EXPORT_NAME . -.Pp -In GSS-API an contiguous string name is stored in a -.Dv gss_buffer_t . -.Pp -Exported names also have the property that they are specified by the -mechanism itself and compatible between diffrent GSS-API -implementations. -.El -.Sh ACCESS CONTROL -There are two ways of comparing GSS-API names, either comparing two -internal names with each other or two contiguous string names with -either other. -.Pp -To compare two internal names with each other, import (if needed) the -names with -.Fn gss_import_name -into the GSS-API implementation and the compare the imported name with -.Fn gss_compare_name . -.Pp -Importing names can be slow, so when its possible to store exported -names in the access control list, comparing contiguous string name -might be better. -.Pp -when comparing contiguous string name, first export them into a -.Dv GSS_C_NT_EXPORT_NAME -name with -.Fn gss_export_name -and then compare with -.Xr memcmp 3 . -.Pp -Note that there are might be a difference between the two methods of -comparing names. -The first (using -.Fn gss_compare_name ) -will compare to (unauthenticated) names are the same. -The second will compare if a mechanism will authenticate them as the -same principal. -.Pp -For example, if -.Fn gss_import_name -name was used with -.Dv GSS_C_NO_OID -the default syntax is used for all mechanism the GSS-API -implementation supports. -When compare the imported name of -.Dv GSS_C_NO_OID -it may match serveral mechanism names (MN). -.Pp -The resulting name from -.Fn gss_display_name -must not be used for acccess control. -.Sh FUNCTIONS -.Fn gss_display_name -takes the gss name in -.Fa input_name -and puts a printable form in -.Fa output_name_buffer . -.Fa output_name_buffer -should be freed when done using -.Fn gss_release_buffer . -.Fa output_name_type -can either be -.Dv NULL -or a pointer to a -.Li gss_OID -and will in the latter case contain the OID type of the name. -The name must only be used for printing. -If access control is needed, see section -.Sx ACCESS CONTROL . -.Pp -.Fn gss_inquire_context -returns information about the context. -Information is available even after the context have expired. -.Fa lifetime_rec -argument is set to -.Dv GSS_C_INDEFINITE -(dont expire) or the number of seconds that the context is still valid. -A value of 0 means that the context is expired. -.Fa mech_type -argument should be considered readonly and must not be released. -.Fa src_name -and -.Fn dest_name -are both mechanims names and must be released with -.Fn gss_release_name -when no longer used. -.Pp -.Nm gss_context_time -will return the amount of time (in seconds) of the context is still -valid. -If its expired -.Fa time_rec -will be set to 0 and -.Dv GSS_S_CONTEXT_EXPIRED -returned. -.Pp -.Fn gss_sign , -.Fn gss_verify , -.Fn gss_seal , -and -.Fn gss_unseal -are part of the GSS-API V1 interface and are obsolete. -The functions should not be used for new applications. -They are provided so that version 1 applications can link against the -library. -.Sh EXTENSIONS -.Fn gss_krb5_ccache_name -sets the internal kerberos 5 credential cache name to -.Fa name . -The old name is returned in -.Fa old_name , -and must not be freed. -The data allocated for -.Fa old_name -is free upon next call to -.Fn gss_krb5_ccache_name . -This function is not threadsafe if -.Fa old_name -argument is used. -.Pp -.Fn gss_krb5_copy_ccache -will extract the krb5 credentials that are transferred from the -initiator to the acceptor when using token delegation in the Kerberos -mechanism. -The acceptor receives the delegated token in the last argument to -.Fn gss_accept_sec_context . -.Pp -.Fn gss_krb5_import_cred -will import the krb5 credentials (both keytab and/or credential cache) -into gss credential so it can be used withing GSS-API. -The -.Fa ccache -is copied by reference and thus shared, so if the credential is destroyed -with -.Fa krb5_cc_destroy , -all users of thep -.Fa gss_cred_id_t -returned by -.Fn gss_krb5_import_ccache -will fail. -.Pp -.Fn gsskrb5_register_acceptor_identity -sets the Kerberos 5 filebased keytab that the acceptor will use. The -.Fa identifier -is the file name. -.Pp -.Fn gsskrb5_extract_authz_data_from_sec_context -extracts the Kerberos authorizationdata that may be stored within the -context. -Tha caller must free the returned buffer -.Fa ad_data -with -.Fn gss_release_buffer -upon success. -.Pp -.Fn gss_krb5_get_tkt_flags -return the ticket flags for the kerberos ticket receive when -authenticating the initiator. -Only valid on the acceptor context. -.Pp -.Fn gss_krb5_compat_des3_mic -turns on or off the compatibility with older version of Heimdal using -des3 get and verify mic, this is way to programmatically set the -[gssapi]broken_des3_mic and [gssapi]correct_des3_mic flags (see -COMPATIBILITY section in -.Xr gssapi 3 ) . -If the CPP symbol -.Dv GSS_C_KRB5_COMPAT_DES3_MIC -is present, -.Fn gss_krb5_compat_des3_mic -exists. -.Fn gss_krb5_compat_des3_mic -will be removed in a later version of the GSS-API library. -.Sh SEE ALSO -.Xr gssapi 3 , -.Xr krb5 3 , -.Xr krb5_ccache 3 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/gssapi/gssapi.3 b/crypto/heimdal/lib/gssapi/gssapi.3 deleted file mode 100644 index 0241ee786a16..000000000000 --- a/crypto/heimdal/lib/gssapi/gssapi.3 +++ /dev/null @@ -1,177 +0,0 @@ -.\" Copyright (c) 2003 - 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: gssapi.3 22071 2007-11-14 20:04:50Z lha $ -.\" -.Dd April 20, 2005 -.Dt GSSAPI 3 -.Os -.Sh NAME -.Nm gssapi -.Nd Generic Security Service Application Program Interface library -.Sh LIBRARY -GSS-API Library (libgssapi, -lgssapi) -.Sh DESCRIPTION -The Generic Security Service Application Program Interface (GSS-API) -provides security services to callers in a generic fashion, -supportable with a range of underlying mechanisms and technologies and -hence allowing source-level portability of applications to different -environments. -.Pp -The GSS-API implementation in Heimdal implements the Kerberos 5 and -the SPNEGO GSS-API security mechanisms. -.Sh LIST OF FUNCTIONS -These functions constitute the gssapi library, -.Em libgssapi . -Declarations for these functions may be obtained from the include file -.Pa gssapi.h . -.sp 2 -.nf -.ta \w'gss_inquire_names_for_mech'u+2n +\w'Description goes here'u -\fIName/Page\fP \fIDescription\fP -.ta \w'gss_inquire_names_for_mech'u+2n +\w'Description goes here'u+6nC -.sp 5p -gss_accept_sec_context.3 -gss_acquire_cred.3 -gss_add_cred.3 -gss_add_oid_set_member.3 -gss_canonicalize_name.3 -gss_compare_name.3 -gss_context_time.3 -gss_create_empty_oid_set.3 -gss_delete_sec_context.3 -gss_display_name.3 -gss_display_status.3 -gss_duplicate_name.3 -gss_export_name.3 -gss_export_sec_context.3 -gss_get_mic.3 -gss_import_name.3 -gss_import_sec_context.3 -gss_indicate_mechs.3 -gss_init_sec_context.3 -gss_inquire_context.3 -gss_inquire_cred.3 -gss_inquire_cred_by_mech.3 -gss_inquire_mechs_for_name.3 -gss_inquire_names_for_mech.3 -gss_krb5_ccache_name.3 -gss_krb5_compat_des3_mic.3 -gss_krb5_copy_ccache.3 -gss_krb5_extract_authz_data_from_sec_context.3 -gss_krb5_import_ccache.3 -gss_process_context_token.3 -gss_release_buffer.3 -gss_release_cred.3 -gss_release_name.3 -gss_release_oid_set.3 -gss_seal.3 -gss_sign.3 -gss_test_oid_set_member.3 -gss_unseal.3 -gss_unwrap.3 -gss_verify.3 -gss_verify_mic.3 -gss_wrap.3 -gss_wrap_size_limit.3 -.ta -.Fi -.Sh COMPATIBILITY -The -.Nm Heimdal -GSS-API implementation had a bug in releases before 0.6 that made it -fail to inter-operate when using DES3 with other GSS-API -implementations when using -.Fn gss_get_mic -/ -.Fn gss_verify_mic . -It is possible to modify the behavior of the generator of the MIC with -the -.Pa krb5.conf -configuration file so that old clients/servers will still -work. -.Pp -New clients/servers will try both the old and new MIC in Heimdal 0.6. -In 0.7 it will check only if configured - the compatibility code will -be removed in 0.8. -.Pp -Heimdal 0.6 still generates by default the broken GSS-API DES3 mic, -this will change in 0.7 to generate correct des3 mic. -.Pp -To turn on compatibility with older clients and servers, change the -.Nm [gssapi] -.Ar broken_des3_mic -in -.Pa krb5.conf -that contains a list of globbing expressions that will be matched -against the server name. -To turn off generation of the old (incompatible) mic of the MIC use -.Nm [gssapi] -.Ar correct_des3_mic . -.Pp -If a match for a entry is in both -.Nm [gssapi] -.Ar correct_des3_mic -and -.Nm [gssapi] -.Ar broken_des3_mic , -the later will override. -.Pp -This config option modifies behaviour for both clients and servers. -.Pp -Microsoft implemented SPNEGO to Windows2000, however, they manage to -get it wrong, their implementation didn't fill in the MechListMIC in -the reply token with the right content. -There is a work around for this problem, but not all implementation -support it. -.Pp -Heimdal defaults to correct SPNEGO when the the kerberos -implementation uses CFX, or when it is configured by the user. -To turn on compatibility with peers, use option -.Nm [gssapi] -.Ar require_mechlist_mic . -.Sh EXAMPLES -.Bd -literal -offset indent -[gssapi] - broken_des3_mic = cvs/*@SU.SE - broken_des3_mic = host/*@E.KTH.SE - correct_des3_mic = host/*@SU.SE - require_mechlist_mic = host/*@SU.SE -.Ed -.Sh BUGS -All of 0.5.x versions of -.Nm heimdal -had broken token delegations in the client side, the server side was -correct. -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5.conf 5 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/gssapi/gssapi.h b/crypto/heimdal/lib/gssapi/gssapi.h deleted file mode 100644 index ae0274fd6bba..000000000000 --- a/crypto/heimdal/lib/gssapi/gssapi.h +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: gssapi.h 18332 2006-10-07 20:57:15Z lha $ */ - -#ifndef GSSAPI_H_ -#define GSSAPI_H_ - -#include - -#endif diff --git a/crypto/heimdal/lib/gssapi/gssapi/gssapi.h b/crypto/heimdal/lib/gssapi/gssapi/gssapi.h deleted file mode 100644 index fbc638c48fca..000000000000 --- a/crypto/heimdal/lib/gssapi/gssapi/gssapi.h +++ /dev/null @@ -1,809 +0,0 @@ -/* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: gssapi.h 21004 2007-06-08 01:53:10Z lha $ */ - -#ifndef GSSAPI_GSSAPI_H_ -#define GSSAPI_GSSAPI_H_ - -/* - * First, include stddef.h to get size_t defined. - */ -#include - -#include - -/* - * Now define the three implementation-dependent types. - */ - -typedef uint32_t OM_uint32; -typedef uint64_t OM_uint64; - -typedef uint32_t gss_uint32; - -struct gss_name_t_desc_struct; -typedef struct gss_name_t_desc_struct *gss_name_t; - -struct gss_ctx_id_t_desc_struct; -typedef struct gss_ctx_id_t_desc_struct *gss_ctx_id_t; - -typedef struct gss_OID_desc_struct { - OM_uint32 length; - void *elements; -} gss_OID_desc, *gss_OID; - -typedef struct gss_OID_set_desc_struct { - size_t count; - gss_OID elements; -} gss_OID_set_desc, *gss_OID_set; - -typedef int gss_cred_usage_t; - -struct gss_cred_id_t_desc_struct; -typedef struct gss_cred_id_t_desc_struct *gss_cred_id_t; - -typedef struct gss_buffer_desc_struct { - size_t length; - void *value; -} gss_buffer_desc, *gss_buffer_t; - -typedef struct gss_channel_bindings_struct { - OM_uint32 initiator_addrtype; - gss_buffer_desc initiator_address; - OM_uint32 acceptor_addrtype; - gss_buffer_desc acceptor_address; - gss_buffer_desc application_data; -} *gss_channel_bindings_t; - -/* GGF extension data types */ -typedef struct gss_buffer_set_desc_struct { - size_t count; - gss_buffer_desc *elements; -} gss_buffer_set_desc, *gss_buffer_set_t; - -/* - * For now, define a QOP-type as an OM_uint32 - */ -typedef OM_uint32 gss_qop_t; - -/* - * Flag bits for context-level services. - */ -#define GSS_C_DELEG_FLAG 1 -#define GSS_C_MUTUAL_FLAG 2 -#define GSS_C_REPLAY_FLAG 4 -#define GSS_C_SEQUENCE_FLAG 8 -#define GSS_C_CONF_FLAG 16 -#define GSS_C_INTEG_FLAG 32 -#define GSS_C_ANON_FLAG 64 -#define GSS_C_PROT_READY_FLAG 128 -#define GSS_C_TRANS_FLAG 256 - -#define GSS_C_DCE_STYLE 4096 -#define GSS_C_IDENTIFY_FLAG 8192 -#define GSS_C_EXTENDED_ERROR_FLAG 16384 - -/* - * Credential usage options - */ -#define GSS_C_BOTH 0 -#define GSS_C_INITIATE 1 -#define GSS_C_ACCEPT 2 - -/* - * Status code types for gss_display_status - */ -#define GSS_C_GSS_CODE 1 -#define GSS_C_MECH_CODE 2 - -/* - * The constant definitions for channel-bindings address families - */ -#define GSS_C_AF_UNSPEC 0 -#define GSS_C_AF_LOCAL 1 -#define GSS_C_AF_INET 2 -#define GSS_C_AF_IMPLINK 3 -#define GSS_C_AF_PUP 4 -#define GSS_C_AF_CHAOS 5 -#define GSS_C_AF_NS 6 -#define GSS_C_AF_NBS 7 -#define GSS_C_AF_ECMA 8 -#define GSS_C_AF_DATAKIT 9 -#define GSS_C_AF_CCITT 10 -#define GSS_C_AF_SNA 11 -#define GSS_C_AF_DECnet 12 -#define GSS_C_AF_DLI 13 -#define GSS_C_AF_LAT 14 -#define GSS_C_AF_HYLINK 15 -#define GSS_C_AF_APPLETALK 16 -#define GSS_C_AF_BSC 17 -#define GSS_C_AF_DSS 18 -#define GSS_C_AF_OSI 19 -#define GSS_C_AF_X25 21 -#define GSS_C_AF_INET6 24 - -#define GSS_C_AF_NULLADDR 255 - -/* - * Various Null values - */ -#define GSS_C_NO_NAME ((gss_name_t) 0) -#define GSS_C_NO_BUFFER ((gss_buffer_t) 0) -#define GSS_C_NO_BUFFER_SET ((gss_buffer_set_t) 0) -#define GSS_C_NO_OID ((gss_OID) 0) -#define GSS_C_NO_OID_SET ((gss_OID_set) 0) -#define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0) -#define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0) -#define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0) -#define GSS_C_EMPTY_BUFFER {0, NULL} - -/* - * Some alternate names for a couple of the above - * values. These are defined for V1 compatibility. - */ -#define GSS_C_NULL_OID GSS_C_NO_OID -#define GSS_C_NULL_OID_SET GSS_C_NO_OID_SET - -/* - * Define the default Quality of Protection for per-message - * services. Note that an implementation that offers multiple - * levels of QOP may define GSS_C_QOP_DEFAULT to be either zero - * (as done here) to mean "default protection", or to a specific - * explicit QOP value. However, a value of 0 should always be - * interpreted by a GSSAPI implementation as a request for the - * default protection level. - */ -#define GSS_C_QOP_DEFAULT 0 - -#define GSS_KRB5_CONF_C_QOP_DES 0x0100 -#define GSS_KRB5_CONF_C_QOP_DES3_KD 0x0200 - -/* - * Expiration time of 2^32-1 seconds means infinite lifetime for a - * credential or security context - */ -#define GSS_C_INDEFINITE 0xfffffffful - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" - * "\x01\x02\x01\x01"}, - * corresponding to an object-identifier value of - * {iso(1) member-body(2) United States(840) mit(113554) - * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant - * GSS_C_NT_USER_NAME should be initialized to point - * to that gss_OID_desc. - */ -extern gss_OID GSS_C_NT_USER_NAME; - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" - * "\x01\x02\x01\x02"}, - * corresponding to an object-identifier value of - * {iso(1) member-body(2) United States(840) mit(113554) - * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}. - * The constant GSS_C_NT_MACHINE_UID_NAME should be - * initialized to point to that gss_OID_desc. - */ -extern gss_OID GSS_C_NT_MACHINE_UID_NAME; - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" - * "\x01\x02\x01\x03"}, - * corresponding to an object-identifier value of - * {iso(1) member-body(2) United States(840) mit(113554) - * infosys(1) gssapi(2) generic(1) string_uid_name(3)}. - * The constant GSS_C_NT_STRING_UID_NAME should be - * initialized to point to that gss_OID_desc. - */ -extern gss_OID GSS_C_NT_STRING_UID_NAME; - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, - * corresponding to an object-identifier value of - * {iso(1) org(3) dod(6) internet(1) security(5) - * nametypes(6) gss-host-based-services(2)). The constant - * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point - * to that gss_OID_desc. This is a deprecated OID value, and - * implementations wishing to support hostbased-service names - * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID, - * defined below, to identify such names; - * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym - * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input - * parameter, but should not be emitted by GSS-API - * implementations - */ -extern gss_OID GSS_C_NT_HOSTBASED_SERVICE_X; - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" - * "\x01\x02\x01\x04"}, corresponding to an - * object-identifier value of {iso(1) member-body(2) - * Unites States(840) mit(113554) infosys(1) gssapi(2) - * generic(1) service_name(4)}. The constant - * GSS_C_NT_HOSTBASED_SERVICE should be initialized - * to point to that gss_OID_desc. - */ -extern gss_OID GSS_C_NT_HOSTBASED_SERVICE; - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {6, (void *)"\x2b\x06\01\x05\x06\x03"}, - * corresponding to an object identifier value of - * {1(iso), 3(org), 6(dod), 1(internet), 5(security), - * 6(nametypes), 3(gss-anonymous-name)}. The constant - * and GSS_C_NT_ANONYMOUS should be initialized to point - * to that gss_OID_desc. - */ -extern gss_OID GSS_C_NT_ANONYMOUS; - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {6, (void *)"\x2b\x06\x01\x05\x06\x04"}, - * corresponding to an object-identifier value of - * {1(iso), 3(org), 6(dod), 1(internet), 5(security), - * 6(nametypes), 4(gss-api-exported-name)}. The constant - * GSS_C_NT_EXPORT_NAME should be initialized to point - * to that gss_OID_desc. - */ -extern gss_OID GSS_C_NT_EXPORT_NAME; - -/* - * Digest mechanism - */ - -extern gss_OID GSS_SASL_DIGEST_MD5_MECHANISM; - -/* - * NTLM mechanism - */ - -extern gss_OID GSS_NTLM_MECHANISM; - -/* Major status codes */ - -#define GSS_S_COMPLETE 0 - -/* - * Some "helper" definitions to make the status code macros obvious. - */ -#define GSS_C_CALLING_ERROR_OFFSET 24 -#define GSS_C_ROUTINE_ERROR_OFFSET 16 -#define GSS_C_SUPPLEMENTARY_OFFSET 0 -#define GSS_C_CALLING_ERROR_MASK 0377ul -#define GSS_C_ROUTINE_ERROR_MASK 0377ul -#define GSS_C_SUPPLEMENTARY_MASK 0177777ul - -/* - * The macros that test status codes for error conditions. - * Note that the GSS_ERROR() macro has changed slightly from - * the V1 GSSAPI so that it now evaluates its argument - * only once. - */ -#define GSS_CALLING_ERROR(x) \ - (x & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET)) -#define GSS_ROUTINE_ERROR(x) \ - (x & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)) -#define GSS_SUPPLEMENTARY_INFO(x) \ - (x & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET)) -#define GSS_ERROR(x) \ - (x & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \ - (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))) - -/* - * Now the actual status code definitions - */ - -/* - * Calling errors: - */ -#define GSS_S_CALL_INACCESSIBLE_READ \ - (1ul << GSS_C_CALLING_ERROR_OFFSET) -#define GSS_S_CALL_INACCESSIBLE_WRITE \ - (2ul << GSS_C_CALLING_ERROR_OFFSET) -#define GSS_S_CALL_BAD_STRUCTURE \ - (3ul << GSS_C_CALLING_ERROR_OFFSET) - -/* - * Routine errors: - */ -#define GSS_S_BAD_MECH (1ul << GSS_C_ROUTINE_ERROR_OFFSET) -#define GSS_S_BAD_NAME (2ul << GSS_C_ROUTINE_ERROR_OFFSET) -#define GSS_S_BAD_NAMETYPE (3ul << GSS_C_ROUTINE_ERROR_OFFSET) - -#define GSS_S_BAD_BINDINGS (4ul << GSS_C_ROUTINE_ERROR_OFFSET) -#define GSS_S_BAD_STATUS (5ul << GSS_C_ROUTINE_ERROR_OFFSET) -#define GSS_S_BAD_SIG (6ul << GSS_C_ROUTINE_ERROR_OFFSET) -#define GSS_S_BAD_MIC GSS_S_BAD_SIG -#define GSS_S_NO_CRED (7ul << GSS_C_ROUTINE_ERROR_OFFSET) -#define GSS_S_NO_CONTEXT (8ul << GSS_C_ROUTINE_ERROR_OFFSET) -#define GSS_S_DEFECTIVE_TOKEN (9ul << GSS_C_ROUTINE_ERROR_OFFSET) -#define GSS_S_DEFECTIVE_CREDENTIAL (10ul << GSS_C_ROUTINE_ERROR_OFFSET) -#define GSS_S_CREDENTIALS_EXPIRED (11ul << GSS_C_ROUTINE_ERROR_OFFSET) -#define GSS_S_CONTEXT_EXPIRED (12ul << GSS_C_ROUTINE_ERROR_OFFSET) -#define GSS_S_FAILURE (13ul << GSS_C_ROUTINE_ERROR_OFFSET) -#define GSS_S_BAD_QOP (14ul << GSS_C_ROUTINE_ERROR_OFFSET) -#define GSS_S_UNAUTHORIZED (15ul << GSS_C_ROUTINE_ERROR_OFFSET) -#define GSS_S_UNAVAILABLE (16ul << GSS_C_ROUTINE_ERROR_OFFSET) -#define GSS_S_DUPLICATE_ELEMENT (17ul << GSS_C_ROUTINE_ERROR_OFFSET) -#define GSS_S_NAME_NOT_MN (18ul << GSS_C_ROUTINE_ERROR_OFFSET) - -/* - * Supplementary info bits: - */ -#define GSS_S_CONTINUE_NEEDED (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 0)) -#define GSS_S_DUPLICATE_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 1)) -#define GSS_S_OLD_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 2)) -#define GSS_S_UNSEQ_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 3)) -#define GSS_S_GAP_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 4)) - -/* - * Finally, function prototypes for the GSS-API routines. - */ - -OM_uint32 gss_acquire_cred - (OM_uint32 * /*minor_status*/, - const gss_name_t /*desired_name*/, - OM_uint32 /*time_req*/, - const gss_OID_set /*desired_mechs*/, - gss_cred_usage_t /*cred_usage*/, - gss_cred_id_t * /*output_cred_handle*/, - gss_OID_set * /*actual_mechs*/, - OM_uint32 * /*time_rec*/ - ); - -OM_uint32 gss_release_cred - (OM_uint32 * /*minor_status*/, - gss_cred_id_t * /*cred_handle*/ - ); - -OM_uint32 gss_init_sec_context - (OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*initiator_cred_handle*/, - gss_ctx_id_t * /*context_handle*/, - const gss_name_t /*target_name*/, - const gss_OID /*mech_type*/, - OM_uint32 /*req_flags*/, - OM_uint32 /*time_req*/, - const gss_channel_bindings_t /*input_chan_bindings*/, - const gss_buffer_t /*input_token*/, - gss_OID * /*actual_mech_type*/, - gss_buffer_t /*output_token*/, - OM_uint32 * /*ret_flags*/, - OM_uint32 * /*time_rec*/ - ); - -OM_uint32 gss_accept_sec_context - (OM_uint32 * /*minor_status*/, - gss_ctx_id_t * /*context_handle*/, - const gss_cred_id_t /*acceptor_cred_handle*/, - const gss_buffer_t /*input_token_buffer*/, - const gss_channel_bindings_t /*input_chan_bindings*/, - gss_name_t * /*src_name*/, - gss_OID * /*mech_type*/, - gss_buffer_t /*output_token*/, - OM_uint32 * /*ret_flags*/, - OM_uint32 * /*time_rec*/, - gss_cred_id_t * /*delegated_cred_handle*/ - ); - -OM_uint32 gss_process_context_token - (OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - const gss_buffer_t /*token_buffer*/ - ); - -OM_uint32 gss_delete_sec_context - (OM_uint32 * /*minor_status*/, - gss_ctx_id_t * /*context_handle*/, - gss_buffer_t /*output_token*/ - ); - -OM_uint32 gss_context_time - (OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - OM_uint32 * /*time_rec*/ - ); - -OM_uint32 gss_get_mic - (OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - gss_qop_t /*qop_req*/, - const gss_buffer_t /*message_buffer*/, - gss_buffer_t /*message_token*/ - ); - -OM_uint32 gss_verify_mic - (OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - const gss_buffer_t /*message_buffer*/, - const gss_buffer_t /*token_buffer*/, - gss_qop_t * /*qop_state*/ - ); - -OM_uint32 gss_wrap - (OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - int /*conf_req_flag*/, - gss_qop_t /*qop_req*/, - const gss_buffer_t /*input_message_buffer*/, - int * /*conf_state*/, - gss_buffer_t /*output_message_buffer*/ - ); - -OM_uint32 gss_unwrap - (OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - const gss_buffer_t /*input_message_buffer*/, - gss_buffer_t /*output_message_buffer*/, - int * /*conf_state*/, - gss_qop_t * /*qop_state*/ - ); - -OM_uint32 gss_display_status - (OM_uint32 * /*minor_status*/, - OM_uint32 /*status_value*/, - int /*status_type*/, - const gss_OID /*mech_type*/, - OM_uint32 * /*message_context*/, - gss_buffer_t /*status_string*/ - ); - -OM_uint32 gss_indicate_mechs - (OM_uint32 * /*minor_status*/, - gss_OID_set * /*mech_set*/ - ); - -OM_uint32 gss_compare_name - (OM_uint32 * /*minor_status*/, - const gss_name_t /*name1*/, - const gss_name_t /*name2*/, - int * /*name_equal*/ - ); - -OM_uint32 gss_display_name - (OM_uint32 * /*minor_status*/, - const gss_name_t /*input_name*/, - gss_buffer_t /*output_name_buffer*/, - gss_OID * /*output_name_type*/ - ); - -OM_uint32 gss_import_name - (OM_uint32 * /*minor_status*/, - const gss_buffer_t /*input_name_buffer*/, - const gss_OID /*input_name_type*/, - gss_name_t * /*output_name*/ - ); - -OM_uint32 gss_export_name - (OM_uint32 * /*minor_status*/, - const gss_name_t /*input_name*/, - gss_buffer_t /*exported_name*/ - ); - -OM_uint32 gss_release_name - (OM_uint32 * /*minor_status*/, - gss_name_t * /*input_name*/ - ); - -OM_uint32 gss_release_buffer - (OM_uint32 * /*minor_status*/, - gss_buffer_t /*buffer*/ - ); - -OM_uint32 gss_release_oid_set - (OM_uint32 * /*minor_status*/, - gss_OID_set * /*set*/ - ); - -OM_uint32 gss_inquire_cred - (OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*cred_handle*/, - gss_name_t * /*name*/, - OM_uint32 * /*lifetime*/, - gss_cred_usage_t * /*cred_usage*/, - gss_OID_set * /*mechanisms*/ - ); - -OM_uint32 gss_inquire_context ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - gss_name_t * /*src_name*/, - gss_name_t * /*targ_name*/, - OM_uint32 * /*lifetime_rec*/, - gss_OID * /*mech_type*/, - OM_uint32 * /*ctx_flags*/, - int * /*locally_initiated*/, - int * /*open_context*/ - ); - -OM_uint32 gss_wrap_size_limit ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - int /*conf_req_flag*/, - gss_qop_t /*qop_req*/, - OM_uint32 /*req_output_size*/, - OM_uint32 * /*max_input_size*/ - ); - -OM_uint32 gss_add_cred ( - OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*input_cred_handle*/, - const gss_name_t /*desired_name*/, - const gss_OID /*desired_mech*/, - gss_cred_usage_t /*cred_usage*/, - OM_uint32 /*initiator_time_req*/, - OM_uint32 /*acceptor_time_req*/, - gss_cred_id_t * /*output_cred_handle*/, - gss_OID_set * /*actual_mechs*/, - OM_uint32 * /*initiator_time_rec*/, - OM_uint32 * /*acceptor_time_rec*/ - ); - -OM_uint32 gss_inquire_cred_by_mech ( - OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*cred_handle*/, - const gss_OID /*mech_type*/, - gss_name_t * /*name*/, - OM_uint32 * /*initiator_lifetime*/, - OM_uint32 * /*acceptor_lifetime*/, - gss_cred_usage_t * /*cred_usage*/ - ); - -OM_uint32 gss_export_sec_context ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t * /*context_handle*/, - gss_buffer_t /*interprocess_token*/ - ); - -OM_uint32 gss_import_sec_context ( - OM_uint32 * /*minor_status*/, - const gss_buffer_t /*interprocess_token*/, - gss_ctx_id_t * /*context_handle*/ - ); - -OM_uint32 gss_create_empty_oid_set ( - OM_uint32 * /*minor_status*/, - gss_OID_set * /*oid_set*/ - ); - -OM_uint32 gss_add_oid_set_member ( - OM_uint32 * /*minor_status*/, - const gss_OID /*member_oid*/, - gss_OID_set * /*oid_set*/ - ); - -OM_uint32 gss_test_oid_set_member ( - OM_uint32 * /*minor_status*/, - const gss_OID /*member*/, - const gss_OID_set /*set*/, - int * /*present*/ - ); - -OM_uint32 gss_inquire_names_for_mech ( - OM_uint32 * /*minor_status*/, - const gss_OID /*mechanism*/, - gss_OID_set * /*name_types*/ - ); - -OM_uint32 gss_inquire_mechs_for_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*input_name*/, - gss_OID_set * /*mech_types*/ - ); - -OM_uint32 gss_canonicalize_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*input_name*/, - const gss_OID /*mech_type*/, - gss_name_t * /*output_name*/ - ); - -OM_uint32 gss_duplicate_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*src_name*/, - gss_name_t * /*dest_name*/ - ); - -OM_uint32 gss_duplicate_oid ( - OM_uint32 * /* minor_status */, - gss_OID /* src_oid */, - gss_OID * /* dest_oid */ - ); -OM_uint32 -gss_release_oid - (OM_uint32 * /*minor_status*/, - gss_OID * /* oid */ - ); - -OM_uint32 -gss_oid_to_str( - OM_uint32 * /*minor_status*/, - gss_OID /* oid */, - gss_buffer_t /* str */ - ); - -OM_uint32 -gss_inquire_sec_context_by_oid( - OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_OID desired_object, - gss_buffer_set_t *data_set - ); - -OM_uint32 -gss_set_sec_context_option (OM_uint32 *minor_status, - gss_ctx_id_t *context_handle, - const gss_OID desired_object, - const gss_buffer_t value); - -OM_uint32 -gss_set_cred_option (OM_uint32 *minor_status, - gss_cred_id_t *cred_handle, - const gss_OID object, - const gss_buffer_t value); - -int -gss_oid_equal(const gss_OID a, const gss_OID b); - -OM_uint32 -gss_create_empty_buffer_set - (OM_uint32 * minor_status, - gss_buffer_set_t *buffer_set); - -OM_uint32 -gss_add_buffer_set_member - (OM_uint32 * minor_status, - const gss_buffer_t member_buffer, - gss_buffer_set_t *buffer_set); - -OM_uint32 -gss_release_buffer_set - (OM_uint32 * minor_status, - gss_buffer_set_t *buffer_set); - -OM_uint32 -gss_inquire_cred_by_oid(OM_uint32 *minor_status, - const gss_cred_id_t cred_handle, - const gss_OID desired_object, - gss_buffer_set_t *data_set); - -/* - * RFC 4401 - */ - -#define GSS_C_PRF_KEY_FULL 0 -#define GSS_C_PRF_KEY_PARTIAL 1 - -OM_uint32 -gss_pseudo_random - (OM_uint32 *minor_status, - gss_ctx_id_t context, - int prf_key, - const gss_buffer_t prf_in, - ssize_t desired_output_len, - gss_buffer_t prf_out - ); - -/* - * The following routines are obsolete variants of gss_get_mic, - * gss_verify_mic, gss_wrap and gss_unwrap. They should be - * provided by GSSAPI V2 implementations for backwards - * compatibility with V1 applications. Distinct entrypoints - * (as opposed to #defines) should be provided, both to allow - * GSSAPI V1 applications to link against GSSAPI V2 implementations, - * and to retain the slight parameter type differences between the - * obsolete versions of these routines and their current forms. - */ - -OM_uint32 gss_sign - (OM_uint32 * /*minor_status*/, - gss_ctx_id_t /*context_handle*/, - int /*qop_req*/, - gss_buffer_t /*message_buffer*/, - gss_buffer_t /*message_token*/ - ); - -OM_uint32 gss_verify - (OM_uint32 * /*minor_status*/, - gss_ctx_id_t /*context_handle*/, - gss_buffer_t /*message_buffer*/, - gss_buffer_t /*token_buffer*/, - int * /*qop_state*/ - ); - -OM_uint32 gss_seal - (OM_uint32 * /*minor_status*/, - gss_ctx_id_t /*context_handle*/, - int /*conf_req_flag*/, - int /*qop_req*/, - gss_buffer_t /*input_message_buffer*/, - int * /*conf_state*/, - gss_buffer_t /*output_message_buffer*/ - ); - -OM_uint32 gss_unseal - (OM_uint32 * /*minor_status*/, - gss_ctx_id_t /*context_handle*/, - gss_buffer_t /*input_message_buffer*/, - gss_buffer_t /*output_message_buffer*/, - int * /*conf_state*/, - int * /*qop_state*/ - ); - -/* - * - */ - -OM_uint32 -gss_inquire_sec_context_by_oid (OM_uint32 *minor_status, - const gss_ctx_id_t context_handle, - const gss_OID desired_object, - gss_buffer_set_t *data_set); - -OM_uint32 -gss_encapsulate_token(gss_buffer_t /* input_token */, - gss_OID /* oid */, - gss_buffer_t /* output_token */); - -OM_uint32 -gss_decapsulate_token(gss_buffer_t /* input_token */, - gss_OID /* oid */, - gss_buffer_t /* output_token */); - - - -#ifdef __cplusplus -} -#endif - -#include -#include - -#endif /* GSSAPI_GSSAPI_H_ */ diff --git a/crypto/heimdal/lib/gssapi/gssapi/gssapi_krb5.h b/crypto/heimdal/lib/gssapi/gssapi/gssapi_krb5.h deleted file mode 100644 index cca529fe26ff..000000000000 --- a/crypto/heimdal/lib/gssapi/gssapi/gssapi_krb5.h +++ /dev/null @@ -1,220 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: gssapi_krb5.h 20385 2007-04-18 08:51:32Z lha $ */ - -#ifndef GSSAPI_KRB5_H_ -#define GSSAPI_KRB5_H_ - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * This is for kerberos5 names. - */ - -extern gss_OID GSS_KRB5_NT_PRINCIPAL_NAME; -extern gss_OID GSS_KRB5_NT_USER_NAME; -extern gss_OID GSS_KRB5_NT_MACHINE_UID_NAME; -extern gss_OID GSS_KRB5_NT_STRING_UID_NAME; - -extern gss_OID GSS_KRB5_MECHANISM; - -/* for compatibility with MIT api */ - -#define gss_mech_krb5 GSS_KRB5_MECHANISM -#define gss_krb5_nt_general_name GSS_KRB5_NT_PRINCIPAL_NAME - -/* Extensions set contexts options */ -extern gss_OID GSS_KRB5_COPY_CCACHE_X; -extern gss_OID GSS_KRB5_COMPAT_DES3_MIC_X; -extern gss_OID GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X; -extern gss_OID GSS_KRB5_SET_DNS_CANONICALIZE_X; -extern gss_OID GSS_KRB5_SEND_TO_KDC_X; -extern gss_OID GSS_KRB5_SET_DEFAULT_REALM_X; -extern gss_OID GSS_KRB5_CCACHE_NAME_X; -/* Extensions inquire context */ -extern gss_OID GSS_KRB5_GET_TKT_FLAGS_X; -extern gss_OID GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X; -extern gss_OID GSS_C_PEER_HAS_UPDATED_SPNEGO; -extern gss_OID GSS_KRB5_EXPORT_LUCID_CONTEXT_X; -extern gss_OID GSS_KRB5_EXPORT_LUCID_CONTEXT_V1_X; -extern gss_OID GSS_KRB5_GET_SUBKEY_X; -extern gss_OID GSS_KRB5_GET_INITIATOR_SUBKEY_X; -extern gss_OID GSS_KRB5_GET_ACCEPTOR_SUBKEY_X; -extern gss_OID GSS_KRB5_GET_AUTHTIME_X; -extern gss_OID GSS_KRB5_GET_SERVICE_KEYBLOCK_X; -/* Extensions creds */ -extern gss_OID GSS_KRB5_IMPORT_CRED_X; -extern gss_OID GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X; - -/* - * kerberos mechanism specific functions - */ - -struct krb5_keytab_data; -struct krb5_ccache_data; -struct Principal; - -OM_uint32 -gss_krb5_ccache_name(OM_uint32 * /*minor_status*/, - const char * /*name */, - const char ** /*out_name */); - -OM_uint32 gsskrb5_register_acceptor_identity - (const char */*identity*/); - -OM_uint32 gss_krb5_copy_ccache - (OM_uint32 */*minor*/, - gss_cred_id_t /*cred*/, - struct krb5_ccache_data */*out*/); - -OM_uint32 -gss_krb5_import_cred(OM_uint32 */*minor*/, - struct krb5_ccache_data * /*in*/, - struct Principal * /*keytab_principal*/, - struct krb5_keytab_data * /*keytab*/, - gss_cred_id_t */*out*/); - -OM_uint32 gss_krb5_get_tkt_flags - (OM_uint32 */*minor*/, - gss_ctx_id_t /*context_handle*/, - OM_uint32 */*tkt_flags*/); - -OM_uint32 -gsskrb5_extract_authz_data_from_sec_context - (OM_uint32 * /*minor_status*/, - gss_ctx_id_t /*context_handle*/, - int /*ad_type*/, - gss_buffer_t /*ad_data*/); - -OM_uint32 -gsskrb5_set_dns_canonicalize(int); - -struct gsskrb5_send_to_kdc { - void *func; - void *ptr; -}; - -OM_uint32 -gsskrb5_set_send_to_kdc(struct gsskrb5_send_to_kdc *); - -OM_uint32 -gsskrb5_set_default_realm(const char *); - -OM_uint32 -gsskrb5_extract_authtime_from_sec_context(OM_uint32 *, gss_ctx_id_t, time_t *); - -struct EncryptionKey; - -OM_uint32 -gsskrb5_extract_service_keyblock(OM_uint32 *minor_status, - gss_ctx_id_t context_handle, - struct EncryptionKey **out); -OM_uint32 -gsskrb5_get_initiator_subkey(OM_uint32 *minor_status, - gss_ctx_id_t context_handle, - struct EncryptionKey **out); -OM_uint32 -gsskrb5_get_subkey(OM_uint32 *minor_status, - gss_ctx_id_t context_handle, - struct EncryptionKey **out); - -/* - * Lucid - NFSv4 interface to GSS-API KRB5 to expose key material to - * do GSS content token handling in-kernel. - */ - -typedef struct gss_krb5_lucid_key { - OM_uint32 type; - OM_uint32 length; - void * data; -} gss_krb5_lucid_key_t; - -typedef struct gss_krb5_rfc1964_keydata { - OM_uint32 sign_alg; - OM_uint32 seal_alg; - gss_krb5_lucid_key_t ctx_key; -} gss_krb5_rfc1964_keydata_t; - -typedef struct gss_krb5_cfx_keydata { - OM_uint32 have_acceptor_subkey; - gss_krb5_lucid_key_t ctx_key; - gss_krb5_lucid_key_t acceptor_subkey; -} gss_krb5_cfx_keydata_t; - -typedef struct gss_krb5_lucid_context_v1 { - OM_uint32 version; - OM_uint32 initiate; - OM_uint32 endtime; - OM_uint64 send_seq; - OM_uint64 recv_seq; - OM_uint32 protocol; - gss_krb5_rfc1964_keydata_t rfc1964_kd; - gss_krb5_cfx_keydata_t cfx_kd; -} gss_krb5_lucid_context_v1_t; - -typedef struct gss_krb5_lucid_context_version { - OM_uint32 version; /* Structure version number */ -} gss_krb5_lucid_context_version_t; - -/* - * Function declarations - */ - -OM_uint32 -gss_krb5_export_lucid_sec_context(OM_uint32 *minor_status, - gss_ctx_id_t *context_handle, - OM_uint32 version, - void **kctx); - - -OM_uint32 -gss_krb5_free_lucid_sec_context(OM_uint32 *minor_status, - void *kctx); - - -OM_uint32 -gss_krb5_set_allowable_enctypes(OM_uint32 *minor_status, - gss_cred_id_t cred, - OM_uint32 num_enctypes, - int32_t *enctypes); - -#ifdef __cplusplus -} -#endif - -#endif /* GSSAPI_SPNEGO_H_ */ diff --git a/crypto/heimdal/lib/gssapi/gssapi/gssapi_spnego.h b/crypto/heimdal/lib/gssapi/gssapi/gssapi_spnego.h deleted file mode 100644 index fbb7906369be..000000000000 --- a/crypto/heimdal/lib/gssapi/gssapi/gssapi_spnego.h +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: gssapi_spnego.h 18335 2006-10-07 22:26:21Z lha $ */ - -#ifndef GSSAPI_SPNEGO_H_ -#define GSSAPI_SPNEGO_H_ - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * RFC2478, SPNEGO: - * The security mechanism of the initial - * negotiation token is identified by the Object Identifier - * iso.org.dod.internet.security.mechanism.snego (1.3.6.1.5.5.2). - */ -extern gss_OID GSS_SPNEGO_MECHANISM; -#define gss_mech_spnego GSS_SPNEGO_MECHANISM - -#ifdef __cplusplus -} -#endif - -#endif /* GSSAPI_SPNEGO_H_ */ diff --git a/crypto/heimdal/lib/gssapi/gssapi_locl.h b/crypto/heimdal/lib/gssapi/gssapi_locl.h deleted file mode 100644 index 154c4b120d4c..000000000000 --- a/crypto/heimdal/lib/gssapi/gssapi_locl.h +++ /dev/null @@ -1,179 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: gssapi_locl.h,v 1.24.2.5 2003/09/18 22:01:52 lha Exp $ */ - -#ifndef GSSAPI_LOCL_H -#define GSSAPI_LOCL_H - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include - -#include "arcfour.h" - -extern krb5_context gssapi_krb5_context; - -extern krb5_keytab gssapi_krb5_keytab; - -krb5_error_code gssapi_krb5_init (void); - -#define GSSAPI_KRB5_INIT() do { \ - krb5_error_code kret; \ - if((kret = gssapi_krb5_init ()) != 0) { \ - *minor_status = kret; \ - return GSS_S_FAILURE; \ - } \ -} while (0) - -OM_uint32 -gssapi_krb5_create_8003_checksum ( - OM_uint32 *minor_status, - const gss_channel_bindings_t input_chan_bindings, - OM_uint32 flags, - const krb5_data *fwd_data, - Checksum *result); - -OM_uint32 -gssapi_krb5_verify_8003_checksum ( - OM_uint32 *minor_status, - const gss_channel_bindings_t input_chan_bindings, - const Checksum *cksum, - OM_uint32 *flags, - krb5_data *fwd_data); - -OM_uint32 -gssapi_krb5_encapsulate( - OM_uint32 *minor_status, - const krb5_data *in_data, - gss_buffer_t output_token, - u_char *type); - -u_char * -_gssapi_make_mech_header(u_char *p, - size_t len); - -OM_uint32 -gssapi_krb5_decapsulate( - OM_uint32 *minor_status, - gss_buffer_t input_token_buffer, - krb5_data *out_data, - char *type); - -void -gssapi_krb5_encap_length (size_t data_len, - size_t *len, - size_t *total_len); - -u_char * -gssapi_krb5_make_header (u_char *p, - size_t len, - u_char *type); - -OM_uint32 -gssapi_krb5_verify_header(u_char **str, - size_t total_len, - char *type); - - -OM_uint32 -_gssapi_verify_mech_header(u_char **str, - size_t total_len); - -OM_uint32 -_gssapi_verify_pad(gss_buffer_t, size_t, size_t *); - -OM_uint32 -gss_verify_mic_internal(OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t message_buffer, - const gss_buffer_t token_buffer, - gss_qop_t * qop_state, - char * type); - -OM_uint32 -gss_krb5_get_remotekey(const gss_ctx_id_t context_handle, - krb5_keyblock **key); - -OM_uint32 -gss_krb5_get_localkey(const gss_ctx_id_t context_handle, - krb5_keyblock **key); - -krb5_error_code -gss_address_to_krb5addr(OM_uint32 gss_addr_type, - gss_buffer_desc *gss_addr, - int16_t port, - krb5_address *address); - -/* sec_context flags */ - -#define SC_LOCAL_ADDRESS 0x01 -#define SC_REMOTE_ADDRESS 0x02 -#define SC_KEYBLOCK 0x04 -#define SC_LOCAL_SUBKEY 0x08 -#define SC_REMOTE_SUBKEY 0x10 - -int -gss_oid_equal(const gss_OID a, const gss_OID b); - -void -gssapi_krb5_set_error_string (void); - -char * -gssapi_krb5_get_error_string (void); - -OM_uint32 -_gss_DES3_get_mic_compat(OM_uint32 *minor_status, gss_ctx_id_t ctx); - -OM_uint32 -gssapi_lifetime_left(OM_uint32 *, OM_uint32, OM_uint32 *); - -/* 8003 */ - -krb5_error_code -gssapi_encode_om_uint32(OM_uint32, u_char *); - -krb5_error_code -gssapi_encode_be_om_uint32(OM_uint32, u_char *); - -krb5_error_code -gssapi_decode_om_uint32(u_char *, OM_uint32 *); - -krb5_error_code -gssapi_decode_be_om_uint32(u_char *, OM_uint32 *); - -#endif diff --git a/crypto/heimdal/lib/gssapi/gssapi_mech.h b/crypto/heimdal/lib/gssapi/gssapi_mech.h deleted file mode 100644 index 3704099e0f7c..000000000000 --- a/crypto/heimdal/lib/gssapi/gssapi_mech.h +++ /dev/null @@ -1,359 +0,0 @@ -/*- - * Copyright (c) 2005 Doug Rabson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef GSSAPI_MECH_H -#define GSSAPI_MECH_H 1 - -#include - -typedef OM_uint32 _gss_acquire_cred_t - (OM_uint32 *, /* minor_status */ - const gss_name_t, /* desired_name */ - OM_uint32, /* time_req */ - const gss_OID_set, /* desired_mechs */ - gss_cred_usage_t, /* cred_usage */ - gss_cred_id_t *, /* output_cred_handle */ - gss_OID_set *, /* actual_mechs */ - OM_uint32 * /* time_rec */ - ); - -typedef OM_uint32 _gss_release_cred_t - (OM_uint32 *, /* minor_status */ - gss_cred_id_t * /* cred_handle */ - ); - -typedef OM_uint32 _gss_init_sec_context_t - (OM_uint32 *, /* minor_status */ - const gss_cred_id_t, /* initiator_cred_handle */ - gss_ctx_id_t *, /* context_handle */ - const gss_name_t, /* target_name */ - const gss_OID, /* mech_type */ - OM_uint32, /* req_flags */ - OM_uint32, /* time_req */ - const gss_channel_bindings_t, - /* input_chan_bindings */ - const gss_buffer_t, /* input_token */ - gss_OID *, /* actual_mech_type */ - gss_buffer_t, /* output_token */ - OM_uint32 *, /* ret_flags */ - OM_uint32 * /* time_rec */ - ); - -typedef OM_uint32 _gss_accept_sec_context_t - (OM_uint32 *, /* minor_status */ - gss_ctx_id_t *, /* context_handle */ - const gss_cred_id_t, /* acceptor_cred_handle */ - const gss_buffer_t, /* input_token_buffer */ - const gss_channel_bindings_t, - /* input_chan_bindings */ - gss_name_t *, /* src_name */ - gss_OID *, /* mech_type */ - gss_buffer_t, /* output_token */ - OM_uint32 *, /* ret_flags */ - OM_uint32 *, /* time_rec */ - gss_cred_id_t * /* delegated_cred_handle */ - ); - -typedef OM_uint32 _gss_process_context_token_t - (OM_uint32 *, /* minor_status */ - const gss_ctx_id_t, /* context_handle */ - const gss_buffer_t /* token_buffer */ - ); - -typedef OM_uint32 _gss_delete_sec_context_t - (OM_uint32 *, /* minor_status */ - gss_ctx_id_t *, /* context_handle */ - gss_buffer_t /* output_token */ - ); - -typedef OM_uint32 _gss_context_time_t - (OM_uint32 *, /* minor_status */ - const gss_ctx_id_t, /* context_handle */ - OM_uint32 * /* time_rec */ - ); - -typedef OM_uint32 _gss_get_mic_t - (OM_uint32 *, /* minor_status */ - const gss_ctx_id_t, /* context_handle */ - gss_qop_t, /* qop_req */ - const gss_buffer_t, /* message_buffer */ - gss_buffer_t /* message_token */ - ); - -typedef OM_uint32 _gss_verify_mic_t - (OM_uint32 *, /* minor_status */ - const gss_ctx_id_t, /* context_handle */ - const gss_buffer_t, /* message_buffer */ - const gss_buffer_t, /* token_buffer */ - gss_qop_t * /* qop_state */ - ); - -typedef OM_uint32 _gss_wrap_t - (OM_uint32 *, /* minor_status */ - const gss_ctx_id_t, /* context_handle */ - int, /* conf_req_flag */ - gss_qop_t, /* qop_req */ - const gss_buffer_t, /* input_message_buffer */ - int *, /* conf_state */ - gss_buffer_t /* output_message_buffer */ - ); - -typedef OM_uint32 _gss_unwrap_t - (OM_uint32 *, /* minor_status */ - const gss_ctx_id_t, /* context_handle */ - const gss_buffer_t, /* input_message_buffer */ - gss_buffer_t, /* output_message_buffer */ - int *, /* conf_state */ - gss_qop_t * /* qop_state */ - ); - -typedef OM_uint32 _gss_display_status_t - (OM_uint32 *, /* minor_status */ - OM_uint32, /* status_value */ - int, /* status_type */ - const gss_OID, /* mech_type */ - OM_uint32 *, /* message_context */ - gss_buffer_t /* status_string */ - ); - -typedef OM_uint32 _gss_indicate_mechs_t - (OM_uint32 *, /* minor_status */ - gss_OID_set * /* mech_set */ - ); - -typedef OM_uint32 _gss_compare_name_t - (OM_uint32 *, /* minor_status */ - const gss_name_t, /* name1 */ - const gss_name_t, /* name2 */ - int * /* name_equal */ - ); - -typedef OM_uint32 _gss_display_name_t - (OM_uint32 *, /* minor_status */ - const gss_name_t, /* input_name */ - gss_buffer_t, /* output_name_buffer */ - gss_OID * /* output_name_type */ - ); - -typedef OM_uint32 _gss_import_name_t - (OM_uint32 *, /* minor_status */ - const gss_buffer_t, /* input_name_buffer */ - const gss_OID, /* input_name_type */ - gss_name_t * /* output_name */ - ); - -typedef OM_uint32 _gss_export_name_t - (OM_uint32 *, /* minor_status */ - const gss_name_t, /* input_name */ - gss_buffer_t /* exported_name */ - ); - -typedef OM_uint32 _gss_release_name_t - (OM_uint32 *, /* minor_status */ - gss_name_t * /* input_name */ - ); - -typedef OM_uint32 _gss_inquire_cred_t - (OM_uint32 *, /* minor_status */ - const gss_cred_id_t, /* cred_handle */ - gss_name_t *, /* name */ - OM_uint32 *, /* lifetime */ - gss_cred_usage_t *, /* cred_usage */ - gss_OID_set * /* mechanisms */ - ); - -typedef OM_uint32 _gss_inquire_context_t - (OM_uint32 *, /* minor_status */ - const gss_ctx_id_t, /* context_handle */ - gss_name_t *, /* src_name */ - gss_name_t *, /* targ_name */ - OM_uint32 *, /* lifetime_rec */ - gss_OID *, /* mech_type */ - OM_uint32 *, /* ctx_flags */ - int *, /* locally_initiated */ - int * /* open */ - ); - -typedef OM_uint32 _gss_wrap_size_limit_t - (OM_uint32 *, /* minor_status */ - const gss_ctx_id_t, /* context_handle */ - int, /* conf_req_flag */ - gss_qop_t, /* qop_req */ - OM_uint32, /* req_output_size */ - OM_uint32 * /* max_input_size */ - ); - -typedef OM_uint32 _gss_add_cred_t ( - OM_uint32 *, /* minor_status */ - const gss_cred_id_t, /* input_cred_handle */ - const gss_name_t, /* desired_name */ - const gss_OID, /* desired_mech */ - gss_cred_usage_t, /* cred_usage */ - OM_uint32, /* initiator_time_req */ - OM_uint32, /* acceptor_time_req */ - gss_cred_id_t *, /* output_cred_handle */ - gss_OID_set *, /* actual_mechs */ - OM_uint32 *, /* initiator_time_rec */ - OM_uint32 * /* acceptor_time_rec */ - ); - -typedef OM_uint32 _gss_inquire_cred_by_mech_t ( - OM_uint32 *, /* minor_status */ - const gss_cred_id_t, /* cred_handle */ - const gss_OID, /* mech_type */ - gss_name_t *, /* name */ - OM_uint32 *, /* initiator_lifetime */ - OM_uint32 *, /* acceptor_lifetime */ - gss_cred_usage_t * /* cred_usage */ - ); - -typedef OM_uint32 _gss_export_sec_context_t ( - OM_uint32 *, /* minor_status */ - gss_ctx_id_t *, /* context_handle */ - gss_buffer_t /* interprocess_token */ - ); - -typedef OM_uint32 _gss_import_sec_context_t ( - OM_uint32 *, /* minor_status */ - const gss_buffer_t, /* interprocess_token */ - gss_ctx_id_t * /* context_handle */ - ); - -typedef OM_uint32 _gss_inquire_names_for_mech_t ( - OM_uint32 *, /* minor_status */ - const gss_OID, /* mechanism */ - gss_OID_set * /* name_types */ - ); - -typedef OM_uint32 _gss_inquire_mechs_for_name_t ( - OM_uint32 *, /* minor_status */ - const gss_name_t, /* input_name */ - gss_OID_set * /* mech_types */ - ); - -typedef OM_uint32 _gss_canonicalize_name_t ( - OM_uint32 *, /* minor_status */ - const gss_name_t, /* input_name */ - const gss_OID, /* mech_type */ - gss_name_t * /* output_name */ - ); - -typedef OM_uint32 _gss_duplicate_name_t ( - OM_uint32 *, /* minor_status */ - const gss_name_t, /* src_name */ - gss_name_t * /* dest_name */ - ); - -typedef OM_uint32 _gss_inquire_sec_context_by_oid ( - OM_uint32 *minor_status, - const gss_ctx_id_t context_handle, - const gss_OID desired_object, - gss_buffer_set_t *data_set - ); - -typedef OM_uint32 _gss_inquire_cred_by_oid ( - OM_uint32 *minor_status, - const gss_cred_id_t cred, - const gss_OID desired_object, - gss_buffer_set_t *data_set - ); - -typedef OM_uint32 _gss_set_sec_context_option ( - OM_uint32 *minor_status, - gss_ctx_id_t *cred_handle, - const gss_OID desired_object, - const gss_buffer_t value - ); - -typedef OM_uint32 _gss_set_cred_option ( - OM_uint32 *minor_status, - gss_cred_id_t *cred_handle, - const gss_OID desired_object, - const gss_buffer_t value - ); - - -typedef OM_uint32 _gss_pseudo_random( - OM_uint32 *minor_status, - gss_ctx_id_t context, - int prf_key, - const gss_buffer_t prf_in, - ssize_t desired_output_len, - gss_buffer_t prf_out - ); - -#define GMI_VERSION 1 - -typedef struct gssapi_mech_interface_desc { - unsigned gm_version; - const char *gm_name; - gss_OID_desc gm_mech_oid; - _gss_acquire_cred_t *gm_acquire_cred; - _gss_release_cred_t *gm_release_cred; - _gss_init_sec_context_t *gm_init_sec_context; - _gss_accept_sec_context_t *gm_accept_sec_context; - _gss_process_context_token_t *gm_process_context_token; - _gss_delete_sec_context_t *gm_delete_sec_context; - _gss_context_time_t *gm_context_time; - _gss_get_mic_t *gm_get_mic; - _gss_verify_mic_t *gm_verify_mic; - _gss_wrap_t *gm_wrap; - _gss_unwrap_t *gm_unwrap; - _gss_display_status_t *gm_display_status; - _gss_indicate_mechs_t *gm_indicate_mechs; - _gss_compare_name_t *gm_compare_name; - _gss_display_name_t *gm_display_name; - _gss_import_name_t *gm_import_name; - _gss_export_name_t *gm_export_name; - _gss_release_name_t *gm_release_name; - _gss_inquire_cred_t *gm_inquire_cred; - _gss_inquire_context_t *gm_inquire_context; - _gss_wrap_size_limit_t *gm_wrap_size_limit; - _gss_add_cred_t *gm_add_cred; - _gss_inquire_cred_by_mech_t *gm_inquire_cred_by_mech; - _gss_export_sec_context_t *gm_export_sec_context; - _gss_import_sec_context_t *gm_import_sec_context; - _gss_inquire_names_for_mech_t *gm_inquire_names_for_mech; - _gss_inquire_mechs_for_name_t *gm_inquire_mechs_for_name; - _gss_canonicalize_name_t *gm_canonicalize_name; - _gss_duplicate_name_t *gm_duplicate_name; - _gss_inquire_sec_context_by_oid *gm_inquire_sec_context_by_oid; - _gss_inquire_cred_by_oid *gm_inquire_cred_by_oid; - _gss_set_sec_context_option *gm_set_sec_context_option; - _gss_set_cred_option *gm_set_cred_option; - _gss_pseudo_random *gm_pseudo_random; -} gssapi_mech_interface_desc, *gssapi_mech_interface; - -gssapi_mech_interface -__gss_get_mechanism(gss_OID /* oid */); - -gssapi_mech_interface __gss_spnego_initialize(void); -gssapi_mech_interface __gss_krb5_initialize(void); -gssapi_mech_interface __gss_ntlm_initialize(void); - -#endif /* GSSAPI_MECH_H */ diff --git a/crypto/heimdal/lib/gssapi/import_name.c b/crypto/heimdal/lib/gssapi/import_name.c deleted file mode 100644 index 423e75714664..000000000000 --- a/crypto/heimdal/lib/gssapi/import_name.c +++ /dev/null @@ -1,229 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: import_name.c,v 1.13 2003/03/16 17:33:31 lha Exp $"); - -static OM_uint32 -parse_krb5_name (OM_uint32 *minor_status, - const char *name, - gss_name_t *output_name) -{ - krb5_error_code kerr; - - kerr = krb5_parse_name (gssapi_krb5_context, name, output_name); - - if (kerr == 0) - return GSS_S_COMPLETE; - else if (kerr == KRB5_PARSE_ILLCHAR || kerr == KRB5_PARSE_MALFORMED) { - gssapi_krb5_set_error_string (); - *minor_status = kerr; - return GSS_S_BAD_NAME; - } else { - gssapi_krb5_set_error_string (); - *minor_status = kerr; - return GSS_S_FAILURE; - } -} - -static OM_uint32 -import_krb5_name (OM_uint32 *minor_status, - const gss_buffer_t input_name_buffer, - gss_name_t *output_name) -{ - OM_uint32 ret; - char *tmp; - - tmp = malloc (input_name_buffer->length + 1); - if (tmp == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - memcpy (tmp, - input_name_buffer->value, - input_name_buffer->length); - tmp[input_name_buffer->length] = '\0'; - - ret = parse_krb5_name(minor_status, tmp, output_name); - free(tmp); - - return ret; -} - -static OM_uint32 -import_hostbased_name (OM_uint32 *minor_status, - const gss_buffer_t input_name_buffer, - gss_name_t *output_name) -{ - krb5_error_code kerr; - char *tmp; - char *p; - char *host; - char local_hostname[MAXHOSTNAMELEN]; - - *output_name = NULL; - - tmp = malloc (input_name_buffer->length + 1); - if (tmp == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - memcpy (tmp, - input_name_buffer->value, - input_name_buffer->length); - tmp[input_name_buffer->length] = '\0'; - - p = strchr (tmp, '@'); - if (p != NULL) { - *p = '\0'; - host = p + 1; - } else { - if (gethostname(local_hostname, sizeof(local_hostname)) < 0) { - *minor_status = errno; - free (tmp); - return GSS_S_FAILURE; - } - host = local_hostname; - } - - kerr = krb5_sname_to_principal (gssapi_krb5_context, - host, - tmp, - KRB5_NT_SRV_HST, - output_name); - free (tmp); - *minor_status = kerr; - if (kerr == 0) - return GSS_S_COMPLETE; - else if (kerr == KRB5_PARSE_ILLCHAR || kerr == KRB5_PARSE_MALFORMED) { - gssapi_krb5_set_error_string (); - *minor_status = kerr; - return GSS_S_BAD_NAME; - } else { - gssapi_krb5_set_error_string (); - *minor_status = kerr; - return GSS_S_FAILURE; - } -} - -static OM_uint32 -import_export_name (OM_uint32 *minor_status, - const gss_buffer_t input_name_buffer, - gss_name_t *output_name) -{ - unsigned char *p; - uint32_t length; - OM_uint32 ret; - char *name; - - if (input_name_buffer->length < 10 + GSS_KRB5_MECHANISM->length) - return GSS_S_BAD_NAME; - - /* TOK, MECH_OID_LEN, DER(MECH_OID), NAME_LEN, NAME */ - - p = input_name_buffer->value; - - if (memcmp(&p[0], "\x04\x01\x00", 3) != 0 || - p[3] != GSS_KRB5_MECHANISM->length + 2 || - p[4] != 0x06 || - p[5] != GSS_KRB5_MECHANISM->length || - memcmp(&p[6], GSS_KRB5_MECHANISM->elements, - GSS_KRB5_MECHANISM->length) != 0) - return GSS_S_BAD_NAME; - - p += 6 + GSS_KRB5_MECHANISM->length; - - length = p[0] << 24 | p[1] << 16 | p[2] << 8 | p[3]; - p += 4; - - if (length > input_name_buffer->length - 10 - GSS_KRB5_MECHANISM->length) - return GSS_S_BAD_NAME; - - name = malloc(length + 1); - if (name == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - memcpy(name, p, length); - name[length] = '\0'; - - ret = parse_krb5_name(minor_status, name, output_name); - free(name); - - return ret; -} - -int -gss_oid_equal(const gss_OID a, const gss_OID b) -{ - if (a == b) - return 1; - else if (a == GSS_C_NO_OID || b == GSS_C_NO_OID || a->length != b->length) - return 0; - else - return memcmp(a->elements, b->elements, a->length) == 0; -} - -OM_uint32 gss_import_name - (OM_uint32 * minor_status, - const gss_buffer_t input_name_buffer, - const gss_OID input_name_type, - gss_name_t * output_name - ) -{ - GSSAPI_KRB5_INIT (); - - *minor_status = 0; - *output_name = GSS_C_NO_NAME; - - if (gss_oid_equal(input_name_type, GSS_C_NT_HOSTBASED_SERVICE)) - return import_hostbased_name (minor_status, - input_name_buffer, - output_name); - else if (gss_oid_equal(input_name_type, GSS_C_NO_OID) - || gss_oid_equal(input_name_type, GSS_C_NT_USER_NAME) - || gss_oid_equal(input_name_type, GSS_KRB5_NT_PRINCIPAL_NAME)) - /* default printable syntax */ - return import_krb5_name (minor_status, - input_name_buffer, - output_name); - else if (gss_oid_equal(input_name_type, GSS_C_NT_EXPORT_NAME)) { - return import_export_name(minor_status, - input_name_buffer, - output_name); - } else { - *minor_status = 0; - return GSS_S_BAD_NAMETYPE; - } -} diff --git a/crypto/heimdal/lib/gssapi/import_sec_context.c b/crypto/heimdal/lib/gssapi/import_sec_context.c deleted file mode 100644 index 2daa5736ca8d..000000000000 --- a/crypto/heimdal/lib/gssapi/import_sec_context.c +++ /dev/null @@ -1,212 +0,0 @@ -/* - * Copyright (c) 1999 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: import_sec_context.c,v 1.7 2003/03/16 18:01:32 lha Exp $"); - -OM_uint32 -gss_import_sec_context ( - OM_uint32 * minor_status, - const gss_buffer_t interprocess_token, - gss_ctx_id_t * context_handle - ) -{ - OM_uint32 ret = GSS_S_FAILURE; - krb5_error_code kret; - krb5_storage *sp; - krb5_auth_context ac; - krb5_address local, remote; - krb5_address *localp, *remotep; - krb5_data data; - gss_buffer_desc buffer; - krb5_keyblock keyblock; - int32_t tmp; - int32_t flags; - OM_uint32 minor; - - GSSAPI_KRB5_INIT (); - - localp = remotep = NULL; - - sp = krb5_storage_from_mem (interprocess_token->value, - interprocess_token->length); - if (sp == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - *context_handle = malloc(sizeof(**context_handle)); - if (*context_handle == NULL) { - *minor_status = ENOMEM; - krb5_storage_free (sp); - return GSS_S_FAILURE; - } - memset (*context_handle, 0, sizeof(**context_handle)); - - kret = krb5_auth_con_init (gssapi_krb5_context, - &(*context_handle)->auth_context); - if (kret) { - gssapi_krb5_set_error_string (); - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } - - /* flags */ - - *minor_status = 0; - - if (krb5_ret_int32 (sp, &flags) != 0) - goto failure; - - /* retrieve the auth context */ - - ac = (*context_handle)->auth_context; - krb5_ret_int32 (sp, &ac->flags); - if (flags & SC_LOCAL_ADDRESS) { - if (krb5_ret_address (sp, localp = &local) != 0) - goto failure; - } - - if (flags & SC_REMOTE_ADDRESS) { - if (krb5_ret_address (sp, remotep = &remote) != 0) - goto failure; - } - - krb5_auth_con_setaddrs (gssapi_krb5_context, ac, localp, remotep); - if (localp) - krb5_free_address (gssapi_krb5_context, localp); - if (remotep) - krb5_free_address (gssapi_krb5_context, remotep); - localp = remotep = NULL; - - if (krb5_ret_int16 (sp, &ac->local_port) != 0) - goto failure; - - if (krb5_ret_int16 (sp, &ac->remote_port) != 0) - goto failure; - if (flags & SC_KEYBLOCK) { - if (krb5_ret_keyblock (sp, &keyblock) != 0) - goto failure; - krb5_auth_con_setkey (gssapi_krb5_context, ac, &keyblock); - krb5_free_keyblock_contents (gssapi_krb5_context, &keyblock); - } - if (flags & SC_LOCAL_SUBKEY) { - if (krb5_ret_keyblock (sp, &keyblock) != 0) - goto failure; - krb5_auth_con_setlocalsubkey (gssapi_krb5_context, ac, &keyblock); - krb5_free_keyblock_contents (gssapi_krb5_context, &keyblock); - } - if (flags & SC_REMOTE_SUBKEY) { - if (krb5_ret_keyblock (sp, &keyblock) != 0) - goto failure; - krb5_auth_con_setremotesubkey (gssapi_krb5_context, ac, &keyblock); - krb5_free_keyblock_contents (gssapi_krb5_context, &keyblock); - } - if (krb5_ret_int32 (sp, &ac->local_seqnumber)) - goto failure; - if (krb5_ret_int32 (sp, &ac->remote_seqnumber)) - goto failure; - - if (krb5_ret_int32 (sp, &tmp) != 0) - goto failure; - ac->keytype = tmp; - if (krb5_ret_int32 (sp, &tmp) != 0) - goto failure; - ac->cksumtype = tmp; - - /* names */ - - if (krb5_ret_data (sp, &data)) - goto failure; - buffer.value = data.data; - buffer.length = data.length; - - ret = gss_import_name (minor_status, &buffer, GSS_C_NT_EXPORT_NAME, - &(*context_handle)->source); - if (ret) { - ret = gss_import_name (minor_status, &buffer, GSS_C_NO_OID, - &(*context_handle)->source); - if (ret) { - krb5_data_free (&data); - goto failure; - } - } - krb5_data_free (&data); - - if (krb5_ret_data (sp, &data) != 0) - goto failure; - buffer.value = data.data; - buffer.length = data.length; - - ret = gss_import_name (minor_status, &buffer, GSS_C_NT_EXPORT_NAME, - &(*context_handle)->target); - if (ret) { - ret = gss_import_name (minor_status, &buffer, GSS_C_NO_OID, - &(*context_handle)->target); - if (ret) { - krb5_data_free (&data); - goto failure; - } - } - krb5_data_free (&data); - - if (krb5_ret_int32 (sp, &tmp)) - goto failure; - (*context_handle)->flags = tmp; - if (krb5_ret_int32 (sp, &tmp)) - goto failure; - (*context_handle)->more_flags = tmp; - if (krb5_ret_int32 (sp, &tmp) == 0) - (*context_handle)->lifetime = tmp; - else - (*context_handle)->lifetime = GSS_C_INDEFINITE; - - return GSS_S_COMPLETE; - -failure: - krb5_auth_con_free (gssapi_krb5_context, - (*context_handle)->auth_context); - if ((*context_handle)->source != NULL) - gss_release_name(&minor, &(*context_handle)->source); - if ((*context_handle)->target != NULL) - gss_release_name(&minor, &(*context_handle)->target); - if (localp) - krb5_free_address (gssapi_krb5_context, localp); - if (remotep) - krb5_free_address (gssapi_krb5_context, remotep); - free (*context_handle); - *context_handle = GSS_C_NO_CONTEXT; - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/indicate_mechs.c b/crypto/heimdal/lib/gssapi/indicate_mechs.c deleted file mode 100644 index 89191bb93514..000000000000 --- a/crypto/heimdal/lib/gssapi/indicate_mechs.c +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 1997 - 2001, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: indicate_mechs.c,v 1.5 2003/03/16 17:38:20 lha Exp $"); - -OM_uint32 gss_indicate_mechs - (OM_uint32 * minor_status, - gss_OID_set * mech_set - ) -{ - OM_uint32 ret; - - ret = gss_create_empty_oid_set(minor_status, mech_set); - if (ret) - return ret; - - ret = gss_add_oid_set_member(minor_status, GSS_KRB5_MECHANISM, mech_set); - if (ret) - return ret; - - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/init.c b/crypto/heimdal/lib/gssapi/init.c deleted file mode 100644 index ddc0d7090a92..000000000000 --- a/crypto/heimdal/lib/gssapi/init.c +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: init.c,v 1.6 2001/08/13 13:14:07 joda Exp $"); - -krb5_error_code -gssapi_krb5_init (void) -{ - if(gssapi_krb5_context == NULL) - return krb5_init_context (&gssapi_krb5_context); - return 0; -} diff --git a/crypto/heimdal/lib/gssapi/init_sec_context.c b/crypto/heimdal/lib/gssapi/init_sec_context.c deleted file mode 100644 index 72286a399fbf..000000000000 --- a/crypto/heimdal/lib/gssapi/init_sec_context.c +++ /dev/null @@ -1,578 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: init_sec_context.c,v 1.36.2.1 2003/08/15 14:21:18 lha Exp $"); - -/* - * copy the addresses from `input_chan_bindings' (if any) to - * the auth context `ac' - */ - -static OM_uint32 -set_addresses (krb5_auth_context ac, - const gss_channel_bindings_t input_chan_bindings) -{ - /* Port numbers are expected to be in application_data.value, - * initator's port first */ - - krb5_address initiator_addr, acceptor_addr; - krb5_error_code kret; - - if (input_chan_bindings == GSS_C_NO_CHANNEL_BINDINGS - || input_chan_bindings->application_data.length != - 2 * sizeof(ac->local_port)) - return 0; - - memset(&initiator_addr, 0, sizeof(initiator_addr)); - memset(&acceptor_addr, 0, sizeof(acceptor_addr)); - - ac->local_port = - *(int16_t *) input_chan_bindings->application_data.value; - - ac->remote_port = - *((int16_t *) input_chan_bindings->application_data.value + 1); - - kret = gss_address_to_krb5addr(input_chan_bindings->acceptor_addrtype, - &input_chan_bindings->acceptor_address, - ac->remote_port, - &acceptor_addr); - if (kret) - return kret; - - kret = gss_address_to_krb5addr(input_chan_bindings->initiator_addrtype, - &input_chan_bindings->initiator_address, - ac->local_port, - &initiator_addr); - if (kret) { - krb5_free_address (gssapi_krb5_context, &acceptor_addr); - return kret; - } - - kret = krb5_auth_con_setaddrs(gssapi_krb5_context, - ac, - &initiator_addr, /* local address */ - &acceptor_addr); /* remote address */ - - krb5_free_address (gssapi_krb5_context, &initiator_addr); - krb5_free_address (gssapi_krb5_context, &acceptor_addr); - -#if 0 - free(input_chan_bindings->application_data.value); - input_chan_bindings->application_data.value = NULL; - input_chan_bindings->application_data.length = 0; -#endif - - return kret; -} - -/* - * handle delegated creds in init-sec-context - */ - -static void -do_delegation (krb5_auth_context ac, - krb5_ccache ccache, - krb5_creds *cred, - const gss_name_t target_name, - krb5_data *fwd_data, - int *flags) -{ - krb5_creds creds; - krb5_kdc_flags fwd_flags; - krb5_error_code kret; - - memset (&creds, 0, sizeof(creds)); - krb5_data_zero (fwd_data); - - kret = krb5_cc_get_principal(gssapi_krb5_context, ccache, &creds.client); - if (kret) - goto out; - - kret = krb5_build_principal(gssapi_krb5_context, - &creds.server, - strlen(creds.client->realm), - creds.client->realm, - KRB5_TGS_NAME, - creds.client->realm, - NULL); - if (kret) - goto out; - - creds.times.endtime = 0; - - fwd_flags.i = 0; - fwd_flags.b.forwarded = 1; - fwd_flags.b.forwardable = 1; - - if ( /*target_name->name.name_type != KRB5_NT_SRV_HST ||*/ - target_name->name.name_string.len < 2) - goto out; - - kret = krb5_get_forwarded_creds(gssapi_krb5_context, - ac, - ccache, - fwd_flags.i, - target_name->name.name_string.val[1], - &creds, - fwd_data); - - out: - if (kret) - *flags &= ~GSS_C_DELEG_FLAG; - else - *flags |= GSS_C_DELEG_FLAG; - - if (creds.client) - krb5_free_principal(gssapi_krb5_context, creds.client); - if (creds.server) - krb5_free_principal(gssapi_krb5_context, creds.server); -} - -/* - * first stage of init-sec-context - */ - -static OM_uint32 -init_auth -(OM_uint32 * minor_status, - const gss_cred_id_t initiator_cred_handle, - gss_ctx_id_t * context_handle, - const gss_name_t target_name, - const gss_OID mech_type, - OM_uint32 req_flags, - OM_uint32 time_req, - const gss_channel_bindings_t input_chan_bindings, - const gss_buffer_t input_token, - gss_OID * actual_mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec - ) -{ - OM_uint32 ret = GSS_S_FAILURE; - krb5_error_code kret; - krb5_flags ap_options; - krb5_creds this_cred, *cred; - krb5_data outbuf; - krb5_ccache ccache; - u_int32_t flags; - Authenticator *auth; - krb5_data authenticator; - Checksum cksum; - krb5_enctype enctype; - krb5_data fwd_data; - OM_uint32 lifetime_rec; - - krb5_data_zero(&outbuf); - krb5_data_zero(&fwd_data); - - *minor_status = 0; - - *context_handle = malloc(sizeof(**context_handle)); - if (*context_handle == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - (*context_handle)->auth_context = NULL; - (*context_handle)->source = NULL; - (*context_handle)->target = NULL; - (*context_handle)->flags = 0; - (*context_handle)->more_flags = 0; - (*context_handle)->ticket = NULL; - (*context_handle)->lifetime = GSS_C_INDEFINITE; - - kret = krb5_auth_con_init (gssapi_krb5_context, - &(*context_handle)->auth_context); - if (kret) { - gssapi_krb5_set_error_string (); - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } - - kret = set_addresses ((*context_handle)->auth_context, - input_chan_bindings); - if (kret) { - *minor_status = kret; - ret = GSS_S_BAD_BINDINGS; - goto failure; - } - - { - int32_t tmp; - - krb5_auth_con_getflags(gssapi_krb5_context, - (*context_handle)->auth_context, - &tmp); - tmp |= KRB5_AUTH_CONTEXT_DO_SEQUENCE; - krb5_auth_con_setflags(gssapi_krb5_context, - (*context_handle)->auth_context, - tmp); - } - - if (actual_mech_type) - *actual_mech_type = GSS_KRB5_MECHANISM; - - if (initiator_cred_handle == GSS_C_NO_CREDENTIAL) { - kret = krb5_cc_default (gssapi_krb5_context, &ccache); - if (kret) { - gssapi_krb5_set_error_string (); - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } - } else - ccache = initiator_cred_handle->ccache; - - kret = krb5_cc_get_principal (gssapi_krb5_context, - ccache, - &(*context_handle)->source); - if (kret) { - gssapi_krb5_set_error_string (); - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } - - kret = krb5_copy_principal (gssapi_krb5_context, - target_name, - &(*context_handle)->target); - if (kret) { - gssapi_krb5_set_error_string (); - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } - - ret = _gss_DES3_get_mic_compat(minor_status, *context_handle); - if (ret) - goto failure; - - - memset(&this_cred, 0, sizeof(this_cred)); - this_cred.client = (*context_handle)->source; - this_cred.server = (*context_handle)->target; - if (time_req && time_req != GSS_C_INDEFINITE) { - krb5_timestamp ts; - - krb5_timeofday (gssapi_krb5_context, &ts); - this_cred.times.endtime = ts + time_req; - } else - this_cred.times.endtime = 0; - this_cred.session.keytype = 0; - - kret = krb5_get_credentials (gssapi_krb5_context, - KRB5_TC_MATCH_KEYTYPE, - ccache, - &this_cred, - &cred); - - if (kret) { - gssapi_krb5_set_error_string (); - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } - - (*context_handle)->lifetime = cred->times.endtime; - - ret = gssapi_lifetime_left(minor_status, - (*context_handle)->lifetime, - &lifetime_rec); - if (ret) { - goto failure; - } - - if (lifetime_rec == 0) { - *minor_status = 0; - ret = GSS_S_CONTEXT_EXPIRED; - goto failure; - } - - krb5_auth_con_setkey(gssapi_krb5_context, - (*context_handle)->auth_context, - &cred->session); - - kret = krb5_auth_con_generatelocalsubkey(gssapi_krb5_context, - (*context_handle)->auth_context, - &cred->session); - if(kret) { - gssapi_krb5_set_error_string (); - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } - - flags = 0; - ap_options = 0; - if (req_flags & GSS_C_DELEG_FLAG) - do_delegation ((*context_handle)->auth_context, - ccache, cred, target_name, &fwd_data, &flags); - - if (req_flags & GSS_C_MUTUAL_FLAG) { - flags |= GSS_C_MUTUAL_FLAG; - ap_options |= AP_OPTS_MUTUAL_REQUIRED; - } - - if (req_flags & GSS_C_REPLAY_FLAG) - ; /* XXX */ - if (req_flags & GSS_C_SEQUENCE_FLAG) - ; /* XXX */ - if (req_flags & GSS_C_ANON_FLAG) - ; /* XXX */ - flags |= GSS_C_CONF_FLAG; - flags |= GSS_C_INTEG_FLAG; - flags |= GSS_C_SEQUENCE_FLAG; - flags |= GSS_C_TRANS_FLAG; - - if (ret_flags) - *ret_flags = flags; - (*context_handle)->flags = flags; - (*context_handle)->more_flags |= LOCAL; - - ret = gssapi_krb5_create_8003_checksum (minor_status, - input_chan_bindings, - flags, - &fwd_data, - &cksum); - krb5_data_free (&fwd_data); - if (ret) - goto failure; - -#if 1 - enctype = (*context_handle)->auth_context->keyblock->keytype; -#else - if ((*context_handle)->auth_context->enctype) - enctype = (*context_handle)->auth_context->enctype; - else { - kret = krb5_keytype_to_enctype(gssapi_krb5_context, - (*context_handle)->auth_context->keyblock->keytype, - &enctype); - if (kret) - return kret; - } -#endif - - kret = krb5_build_authenticator (gssapi_krb5_context, - (*context_handle)->auth_context, - enctype, - cred, - &cksum, - &auth, - &authenticator, - KRB5_KU_AP_REQ_AUTH); - - if (kret) { - gssapi_krb5_set_error_string (); - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } - - kret = krb5_build_ap_req (gssapi_krb5_context, - enctype, - cred, - ap_options, - authenticator, - &outbuf); - - if (kret) { - gssapi_krb5_set_error_string (); - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } - - ret = gssapi_krb5_encapsulate (minor_status, &outbuf, output_token, - "\x01\x00"); - if (ret) - goto failure; - - krb5_data_free (&outbuf); - - if (flags & GSS_C_MUTUAL_FLAG) { - return GSS_S_CONTINUE_NEEDED; - } else { - if (time_rec) - *time_rec = lifetime_rec; - - (*context_handle)->more_flags |= OPEN; - return GSS_S_COMPLETE; - } - - failure: - krb5_auth_con_free (gssapi_krb5_context, - (*context_handle)->auth_context); - if((*context_handle)->source) - krb5_free_principal (gssapi_krb5_context, - (*context_handle)->source); - if((*context_handle)->target) - krb5_free_principal (gssapi_krb5_context, - (*context_handle)->target); - free (*context_handle); - krb5_data_free (&outbuf); - *context_handle = GSS_C_NO_CONTEXT; - return ret; -} - -static OM_uint32 -repl_mutual - (OM_uint32 * minor_status, - const gss_cred_id_t initiator_cred_handle, - gss_ctx_id_t * context_handle, - const gss_name_t target_name, - const gss_OID mech_type, - OM_uint32 req_flags, - OM_uint32 time_req, - const gss_channel_bindings_t input_chan_bindings, - const gss_buffer_t input_token, - gss_OID * actual_mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec - ) -{ - OM_uint32 ret; - krb5_error_code kret; - krb5_data indata; - krb5_ap_rep_enc_part *repl; - - output_token->length = 0; - output_token->value = NULL; - - if (actual_mech_type) - *actual_mech_type = GSS_KRB5_MECHANISM; - - ret = gssapi_krb5_decapsulate (minor_status, input_token, &indata, - "\x02\x00"); - if (ret) - /* XXX - Handle AP_ERROR */ - return ret; - - kret = krb5_rd_rep (gssapi_krb5_context, - (*context_handle)->auth_context, - &indata, - &repl); - if (kret) { - gssapi_krb5_set_error_string (); - *minor_status = kret; - return GSS_S_FAILURE; - } - krb5_free_ap_rep_enc_part (gssapi_krb5_context, - repl); - - (*context_handle)->more_flags |= OPEN; - - *minor_status = 0; - if (time_rec) { - ret = gssapi_lifetime_left(minor_status, - (*context_handle)->lifetime, - time_rec); - } else { - ret = GSS_S_COMPLETE; - } - if (ret_flags) - *ret_flags = (*context_handle)->flags; - - return ret; -} - -/* - * gss_init_sec_context - */ - -OM_uint32 gss_init_sec_context - (OM_uint32 * minor_status, - const gss_cred_id_t initiator_cred_handle, - gss_ctx_id_t * context_handle, - const gss_name_t target_name, - const gss_OID mech_type, - OM_uint32 req_flags, - OM_uint32 time_req, - const gss_channel_bindings_t input_chan_bindings, - const gss_buffer_t input_token, - gss_OID * actual_mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec - ) -{ - GSSAPI_KRB5_INIT (); - - output_token->length = 0; - output_token->value = NULL; - - if (ret_flags) - *ret_flags = 0; - if (time_rec) - *time_rec = 0; - - if (target_name == GSS_C_NO_NAME) { - if (actual_mech_type) - *actual_mech_type = GSS_C_NO_OID; - *minor_status = 0; - return GSS_S_BAD_NAME; - } - - if (input_token == GSS_C_NO_BUFFER || input_token->length == 0) - return init_auth (minor_status, - initiator_cred_handle, - context_handle, - target_name, - mech_type, - req_flags, - time_req, - input_chan_bindings, - input_token, - actual_mech_type, - output_token, - ret_flags, - time_rec); - else - return repl_mutual(minor_status, - initiator_cred_handle, - context_handle, - target_name, - mech_type, - req_flags, - time_req, - input_chan_bindings, - input_token, - actual_mech_type, - output_token, - ret_flags, - time_rec); -} diff --git a/crypto/heimdal/lib/gssapi/inquire_context.c b/crypto/heimdal/lib/gssapi/inquire_context.c deleted file mode 100644 index 95cd2c576e6b..000000000000 --- a/crypto/heimdal/lib/gssapi/inquire_context.c +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Copyright (c) 1997, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: inquire_context.c,v 1.5 2003/03/16 17:43:30 lha Exp $"); - -OM_uint32 gss_inquire_context ( - OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - gss_name_t * src_name, - gss_name_t * targ_name, - OM_uint32 * lifetime_rec, - gss_OID * mech_type, - OM_uint32 * ctx_flags, - int * locally_initiated, - int * open_context - ) -{ - OM_uint32 ret; - - if (src_name) { - ret = gss_duplicate_name (minor_status, - context_handle->source, - src_name); - if (ret) - return ret; - } - - if (targ_name) { - ret = gss_duplicate_name (minor_status, - context_handle->target, - targ_name); - if (ret) - return ret; - } - - if (lifetime_rec) - *lifetime_rec = context_handle->lifetime; - - if (mech_type) - *mech_type = GSS_KRB5_MECHANISM; - - if (ctx_flags) - *ctx_flags = context_handle->flags; - - if (locally_initiated) - *locally_initiated = context_handle->more_flags & LOCAL; - - if (open_context) - *open_context = context_handle->more_flags & OPEN; - - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/inquire_cred.c b/crypto/heimdal/lib/gssapi/inquire_cred.c deleted file mode 100644 index 4938d564e587..000000000000 --- a/crypto/heimdal/lib/gssapi/inquire_cred.c +++ /dev/null @@ -1,97 +0,0 @@ -/* - * Copyright (c) 1997, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: inquire_cred.c,v 1.4 2003/03/16 17:42:14 lha Exp $"); - -OM_uint32 gss_inquire_cred - (OM_uint32 * minor_status, - const gss_cred_id_t cred_handle, - gss_name_t * name, - OM_uint32 * lifetime, - gss_cred_usage_t * cred_usage, - gss_OID_set * mechanisms - ) -{ - OM_uint32 ret; - - *minor_status = 0; - - if (name) - *name = NULL; - if (mechanisms) - *mechanisms = GSS_C_NO_OID_SET; - - if (cred_handle == GSS_C_NO_CREDENTIAL) { - return GSS_S_FAILURE; - } - - if (name != NULL) { - if (cred_handle->principal != NULL) { - ret = gss_duplicate_name(minor_status, cred_handle->principal, - name); - if (ret) - return ret; - } else if (cred_handle->usage == GSS_C_ACCEPT) { - *minor_status = krb5_sname_to_principal(gssapi_krb5_context, NULL, - NULL, KRB5_NT_SRV_HST, name); - if (*minor_status) - return GSS_S_FAILURE; - } else { - *minor_status = krb5_get_default_principal(gssapi_krb5_context, - name); - if (*minor_status) - return GSS_S_FAILURE; - } - } - if (lifetime != NULL) { - *lifetime = cred_handle->lifetime; - } - if (cred_usage != NULL) { - *cred_usage = cred_handle->usage; - } - if (mechanisms != NULL) { - ret = gss_create_empty_oid_set(minor_status, mechanisms); - if (ret) { - return ret; - } - ret = gss_add_oid_set_member(minor_status, - &cred_handle->mechanisms->elements[0], - mechanisms); - if (ret) { - return ret; - } - } - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/inquire_cred_by_mech.c b/crypto/heimdal/lib/gssapi/inquire_cred_by_mech.c deleted file mode 100644 index b09d1e1d5f6c..000000000000 --- a/crypto/heimdal/lib/gssapi/inquire_cred_by_mech.c +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: inquire_cred_by_mech.c,v 1.1 2003/03/16 18:11:16 lha Exp $"); - -OM_uint32 gss_inquire_cred_by_mech ( - OM_uint32 * minor_status, - const gss_cred_id_t cred_handle, - const gss_OID mech_type, - gss_name_t * name, - OM_uint32 * initiator_lifetime, - OM_uint32 * acceptor_lifetime, - gss_cred_usage_t * cred_usage - ) -{ - OM_uint32 ret; - OM_uint32 lifetime; - - if (gss_oid_equal(mech_type, GSS_C_NO_OID) == 0 && - gss_oid_equal(mech_type, GSS_KRB5_MECHANISM) == 0) { - *minor_status = EINVAL; - return GSS_S_BAD_MECH; - } - - ret = gss_inquire_cred (minor_status, - cred_handle, - name, - &lifetime, - cred_usage, - NULL); - - if (ret == 0 && cred_handle != GSS_C_NO_CREDENTIAL) { - gss_cred_usage_t usage; - - usage = cred_handle->usage; - - if (initiator_lifetime) { - if (usage == GSS_C_INITIATE || usage == GSS_C_BOTH) - *initiator_lifetime = lifetime; - } - if (acceptor_lifetime) { - if (usage == GSS_C_ACCEPT || usage == GSS_C_BOTH) - *acceptor_lifetime = lifetime; - } - } - - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/inquire_mechs_for_name.c b/crypto/heimdal/lib/gssapi/inquire_mechs_for_name.c deleted file mode 100644 index 67ebb04db4de..000000000000 --- a/crypto/heimdal/lib/gssapi/inquire_mechs_for_name.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: inquire_mechs_for_name.c,v 1.1 2003/03/16 18:12:33 lha Exp $"); - -OM_uint32 gss_inquire_mechs_for_name ( - OM_uint32 * minor_status, - const gss_name_t input_name, - gss_OID_set * mech_types - ) -{ - OM_uint32 ret; - - ret = gss_create_empty_oid_set(minor_status, mech_types); - if (ret) - return ret; - - ret = gss_add_oid_set_member(minor_status, - GSS_KRB5_MECHANISM, - mech_types); - if (ret) - gss_release_oid_set(NULL, mech_types); - - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/inquire_names_for_mech.c b/crypto/heimdal/lib/gssapi/inquire_names_for_mech.c deleted file mode 100644 index 0e93de685444..000000000000 --- a/crypto/heimdal/lib/gssapi/inquire_names_for_mech.c +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: inquire_names_for_mech.c,v 1.1 2003/03/16 18:15:29 lha Exp $"); - - -static gss_OID *name_list[] = { - &GSS_C_NT_HOSTBASED_SERVICE, - &GSS_C_NT_USER_NAME, - &GSS_KRB5_NT_PRINCIPAL_NAME, - &GSS_C_NT_EXPORT_NAME, - NULL -}; - -OM_uint32 gss_inquire_names_for_mech ( - OM_uint32 * minor_status, - const gss_OID mechanism, - gss_OID_set * name_types - ) -{ - OM_uint32 ret; - int i; - - *minor_status = 0; - - if (gss_oid_equal(mechanism, GSS_KRB5_MECHANISM) == 0 && - gss_oid_equal(mechanism, GSS_C_NULL_OID) == 0) { - *name_types = GSS_C_NO_OID_SET; - return GSS_S_BAD_MECH; - } - - ret = gss_create_empty_oid_set(minor_status, name_types); - if (ret != GSS_S_COMPLETE) - return ret; - - for (i = 0; name_list[i] != NULL; i++) { - ret = gss_add_oid_set_member(minor_status, - *(name_list[i]), - name_types); - if (ret != GSS_S_COMPLETE) - break; - } - - if (ret != GSS_S_COMPLETE) - gss_release_oid_set(NULL, name_types); - - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/8003.c b/crypto/heimdal/lib/gssapi/krb5/8003.c deleted file mode 100644 index 619cbf97fcbd..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/8003.c +++ /dev/null @@ -1,248 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: 8003.c 18334 2006-10-07 22:16:04Z lha $"); - -krb5_error_code -_gsskrb5_encode_om_uint32(OM_uint32 n, u_char *p) -{ - p[0] = (n >> 0) & 0xFF; - p[1] = (n >> 8) & 0xFF; - p[2] = (n >> 16) & 0xFF; - p[3] = (n >> 24) & 0xFF; - return 0; -} - -krb5_error_code -_gsskrb5_encode_be_om_uint32(OM_uint32 n, u_char *p) -{ - p[0] = (n >> 24) & 0xFF; - p[1] = (n >> 16) & 0xFF; - p[2] = (n >> 8) & 0xFF; - p[3] = (n >> 0) & 0xFF; - return 0; -} - -krb5_error_code -_gsskrb5_decode_om_uint32(const void *ptr, OM_uint32 *n) -{ - const u_char *p = ptr; - *n = (p[0] << 0) | (p[1] << 8) | (p[2] << 16) | (p[3] << 24); - return 0; -} - -krb5_error_code -_gsskrb5_decode_be_om_uint32(const void *ptr, OM_uint32 *n) -{ - const u_char *p = ptr; - *n = (p[0] <<24) | (p[1] << 16) | (p[2] << 8) | (p[3] << 0); - return 0; -} - -static krb5_error_code -hash_input_chan_bindings (const gss_channel_bindings_t b, - u_char *p) -{ - u_char num[4]; - MD5_CTX md5; - - MD5_Init(&md5); - _gsskrb5_encode_om_uint32 (b->initiator_addrtype, num); - MD5_Update (&md5, num, sizeof(num)); - _gsskrb5_encode_om_uint32 (b->initiator_address.length, num); - MD5_Update (&md5, num, sizeof(num)); - if (b->initiator_address.length) - MD5_Update (&md5, - b->initiator_address.value, - b->initiator_address.length); - _gsskrb5_encode_om_uint32 (b->acceptor_addrtype, num); - MD5_Update (&md5, num, sizeof(num)); - _gsskrb5_encode_om_uint32 (b->acceptor_address.length, num); - MD5_Update (&md5, num, sizeof(num)); - if (b->acceptor_address.length) - MD5_Update (&md5, - b->acceptor_address.value, - b->acceptor_address.length); - _gsskrb5_encode_om_uint32 (b->application_data.length, num); - MD5_Update (&md5, num, sizeof(num)); - if (b->application_data.length) - MD5_Update (&md5, - b->application_data.value, - b->application_data.length); - MD5_Final (p, &md5); - return 0; -} - -/* - * create a checksum over the chanel bindings in - * `input_chan_bindings', `flags' and `fwd_data' and return it in - * `result' - */ - -OM_uint32 -_gsskrb5_create_8003_checksum ( - OM_uint32 *minor_status, - const gss_channel_bindings_t input_chan_bindings, - OM_uint32 flags, - const krb5_data *fwd_data, - Checksum *result) -{ - u_char *p; - - /* - * see rfc1964 (section 1.1.1 (Initial Token), and the checksum value - * field's format) */ - result->cksumtype = CKSUMTYPE_GSSAPI; - if (fwd_data->length > 0 && (flags & GSS_C_DELEG_FLAG)) - result->checksum.length = 24 + 4 + fwd_data->length; - else - result->checksum.length = 24; - result->checksum.data = malloc (result->checksum.length); - if (result->checksum.data == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - p = result->checksum.data; - _gsskrb5_encode_om_uint32 (16, p); - p += 4; - if (input_chan_bindings == GSS_C_NO_CHANNEL_BINDINGS) { - memset (p, 0, 16); - } else { - hash_input_chan_bindings (input_chan_bindings, p); - } - p += 16; - _gsskrb5_encode_om_uint32 (flags, p); - p += 4; - - if (fwd_data->length > 0 && (flags & GSS_C_DELEG_FLAG)) { - - *p++ = (1 >> 0) & 0xFF; /* DlgOpt */ /* == 1 */ - *p++ = (1 >> 8) & 0xFF; /* DlgOpt */ /* == 0 */ - *p++ = (fwd_data->length >> 0) & 0xFF; /* Dlgth */ - *p++ = (fwd_data->length >> 8) & 0xFF; /* Dlgth */ - memcpy(p, (unsigned char *) fwd_data->data, fwd_data->length); - - p += fwd_data->length; - } - - return GSS_S_COMPLETE; -} - -/* - * verify the checksum in `cksum' over `input_chan_bindings' - * returning `flags' and `fwd_data' - */ - -OM_uint32 -_gsskrb5_verify_8003_checksum( - OM_uint32 *minor_status, - const gss_channel_bindings_t input_chan_bindings, - const Checksum *cksum, - OM_uint32 *flags, - krb5_data *fwd_data) -{ - unsigned char hash[16]; - unsigned char *p; - OM_uint32 length; - int DlgOpt; - static unsigned char zeros[16]; - - if (cksum == NULL) { - *minor_status = 0; - return GSS_S_BAD_BINDINGS; - } - - /* XXX should handle checksums > 24 bytes */ - if(cksum->cksumtype != CKSUMTYPE_GSSAPI || cksum->checksum.length < 24) { - *minor_status = 0; - return GSS_S_BAD_BINDINGS; - } - - p = cksum->checksum.data; - _gsskrb5_decode_om_uint32(p, &length); - if(length != sizeof(hash)) { - *minor_status = 0; - return GSS_S_BAD_BINDINGS; - } - - p += 4; - - if (input_chan_bindings != GSS_C_NO_CHANNEL_BINDINGS - && memcmp(p, zeros, sizeof(zeros)) != 0) { - if(hash_input_chan_bindings(input_chan_bindings, hash) != 0) { - *minor_status = 0; - return GSS_S_BAD_BINDINGS; - } - if(memcmp(hash, p, sizeof(hash)) != 0) { - *minor_status = 0; - return GSS_S_BAD_BINDINGS; - } - } - - p += sizeof(hash); - - _gsskrb5_decode_om_uint32(p, flags); - p += 4; - - if (cksum->checksum.length > 24 && (*flags & GSS_C_DELEG_FLAG)) { - if(cksum->checksum.length < 28) { - *minor_status = 0; - return GSS_S_BAD_BINDINGS; - } - - DlgOpt = (p[0] << 0) | (p[1] << 8); - p += 2; - if (DlgOpt != 1) { - *minor_status = 0; - return GSS_S_BAD_BINDINGS; - } - - fwd_data->length = (p[0] << 0) | (p[1] << 8); - p += 2; - if(cksum->checksum.length < 28 + fwd_data->length) { - *minor_status = 0; - return GSS_S_BAD_BINDINGS; - } - fwd_data->data = malloc(fwd_data->length); - if (fwd_data->data == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - memcpy(fwd_data->data, p, fwd_data->length); - } - - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/accept_sec_context.c b/crypto/heimdal/lib/gssapi/krb5/accept_sec_context.c deleted file mode 100644 index 73b93ceba4c6..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/accept_sec_context.c +++ /dev/null @@ -1,801 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: accept_sec_context.c 20199 2007-02-07 22:36:39Z lha $"); - -HEIMDAL_MUTEX gssapi_keytab_mutex = HEIMDAL_MUTEX_INITIALIZER; -krb5_keytab _gsskrb5_keytab; - -OM_uint32 -_gsskrb5_register_acceptor_identity (const char *identity) -{ - krb5_context context; - krb5_error_code ret; - - ret = _gsskrb5_init(&context); - if(ret) - return GSS_S_FAILURE; - - HEIMDAL_MUTEX_lock(&gssapi_keytab_mutex); - - if(_gsskrb5_keytab != NULL) { - krb5_kt_close(context, _gsskrb5_keytab); - _gsskrb5_keytab = NULL; - } - if (identity == NULL) { - ret = krb5_kt_default(context, &_gsskrb5_keytab); - } else { - char *p; - - asprintf(&p, "FILE:%s", identity); - if(p == NULL) { - HEIMDAL_MUTEX_unlock(&gssapi_keytab_mutex); - return GSS_S_FAILURE; - } - ret = krb5_kt_resolve(context, p, &_gsskrb5_keytab); - free(p); - } - HEIMDAL_MUTEX_unlock(&gssapi_keytab_mutex); - if(ret) - return GSS_S_FAILURE; - return GSS_S_COMPLETE; -} - -void -_gsskrb5i_is_cfx(gsskrb5_ctx ctx, int *is_cfx) -{ - krb5_keyblock *key; - int acceptor = (ctx->more_flags & LOCAL) == 0; - - *is_cfx = 0; - - if (acceptor) { - if (ctx->auth_context->local_subkey) - key = ctx->auth_context->local_subkey; - else - key = ctx->auth_context->remote_subkey; - } else { - if (ctx->auth_context->remote_subkey) - key = ctx->auth_context->remote_subkey; - else - key = ctx->auth_context->local_subkey; - } - if (key == NULL) - key = ctx->auth_context->keyblock; - - if (key == NULL) - return; - - switch (key->keytype) { - case ETYPE_DES_CBC_CRC: - case ETYPE_DES_CBC_MD4: - case ETYPE_DES_CBC_MD5: - case ETYPE_DES3_CBC_MD5: - case ETYPE_DES3_CBC_SHA1: - case ETYPE_ARCFOUR_HMAC_MD5: - case ETYPE_ARCFOUR_HMAC_MD5_56: - break; - default : - *is_cfx = 1; - if ((acceptor && ctx->auth_context->local_subkey) || - (!acceptor && ctx->auth_context->remote_subkey)) - ctx->more_flags |= ACCEPTOR_SUBKEY; - break; - } -} - - -static OM_uint32 -gsskrb5_accept_delegated_token -(OM_uint32 * minor_status, - gsskrb5_ctx ctx, - krb5_context context, - gss_cred_id_t * delegated_cred_handle - ) -{ - krb5_ccache ccache = NULL; - krb5_error_code kret; - int32_t ac_flags, ret = GSS_S_COMPLETE; - - *minor_status = 0; - - /* XXX Create a new delegated_cred_handle? */ - if (delegated_cred_handle == NULL) { - kret = krb5_cc_default (context, &ccache); - } else { - *delegated_cred_handle = NULL; - kret = krb5_cc_gen_new (context, &krb5_mcc_ops, &ccache); - } - if (kret) { - ctx->flags &= ~GSS_C_DELEG_FLAG; - goto out; - } - - kret = krb5_cc_initialize(context, ccache, ctx->source); - if (kret) { - ctx->flags &= ~GSS_C_DELEG_FLAG; - goto out; - } - - krb5_auth_con_removeflags(context, - ctx->auth_context, - KRB5_AUTH_CONTEXT_DO_TIME, - &ac_flags); - kret = krb5_rd_cred2(context, - ctx->auth_context, - ccache, - &ctx->fwd_data); - krb5_auth_con_setflags(context, - ctx->auth_context, - ac_flags); - if (kret) { - ctx->flags &= ~GSS_C_DELEG_FLAG; - ret = GSS_S_FAILURE; - *minor_status = kret; - goto out; - } - - if (delegated_cred_handle) { - gsskrb5_cred handle; - - ret = _gsskrb5_import_cred(minor_status, - ccache, - NULL, - NULL, - delegated_cred_handle); - if (ret != GSS_S_COMPLETE) - goto out; - - handle = (gsskrb5_cred) *delegated_cred_handle; - - handle->cred_flags |= GSS_CF_DESTROY_CRED_ON_RELEASE; - krb5_cc_close(context, ccache); - ccache = NULL; - } - -out: - if (ccache) { - /* Don't destroy the default cred cache */ - if (delegated_cred_handle == NULL) - krb5_cc_close(context, ccache); - else - krb5_cc_destroy(context, ccache); - } - return ret; -} - -static OM_uint32 -gsskrb5_acceptor_ready(OM_uint32 * minor_status, - gsskrb5_ctx ctx, - krb5_context context, - gss_cred_id_t *delegated_cred_handle) -{ - OM_uint32 ret; - int32_t seq_number; - int is_cfx = 0; - - krb5_auth_getremoteseqnumber (context, - ctx->auth_context, - &seq_number); - - _gsskrb5i_is_cfx(ctx, &is_cfx); - - ret = _gssapi_msg_order_create(minor_status, - &ctx->order, - _gssapi_msg_order_f(ctx->flags), - seq_number, 0, is_cfx); - if (ret) - return ret; - - /* - * If requested, set local sequence num to remote sequence if this - * isn't a mutual authentication context - */ - if (!(ctx->flags & GSS_C_MUTUAL_FLAG) && _gssapi_msg_order_f(ctx->flags)) { - krb5_auth_con_setlocalseqnumber(context, - ctx->auth_context, - seq_number); - } - - /* - * We should handle the delegation ticket, in case it's there - */ - if (ctx->fwd_data.length > 0 && (ctx->flags & GSS_C_DELEG_FLAG)) { - ret = gsskrb5_accept_delegated_token(minor_status, - ctx, - context, - delegated_cred_handle); - if (ret) - return ret; - } else { - /* Well, looks like it wasn't there after all */ - ctx->flags &= ~GSS_C_DELEG_FLAG; - } - - ctx->state = ACCEPTOR_READY; - ctx->more_flags |= OPEN; - - return GSS_S_COMPLETE; -} - -static OM_uint32 -gsskrb5_acceptor_start(OM_uint32 * minor_status, - gsskrb5_ctx ctx, - krb5_context context, - const gss_cred_id_t acceptor_cred_handle, - const gss_buffer_t input_token_buffer, - const gss_channel_bindings_t input_chan_bindings, - gss_name_t * src_name, - gss_OID * mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec, - gss_cred_id_t * delegated_cred_handle) -{ - krb5_error_code kret; - OM_uint32 ret = GSS_S_COMPLETE; - krb5_data indata; - krb5_flags ap_options; - krb5_keytab keytab = NULL; - int is_cfx = 0; - const gsskrb5_cred acceptor_cred = (gsskrb5_cred)acceptor_cred_handle; - - /* - * We may, or may not, have an escapsulation. - */ - ret = _gsskrb5_decapsulate (minor_status, - input_token_buffer, - &indata, - "\x01\x00", - GSS_KRB5_MECHANISM); - - if (ret) { - /* Assume that there is no OID wrapping. */ - indata.length = input_token_buffer->length; - indata.data = input_token_buffer->value; - } - - /* - * We need to get our keytab - */ - if (acceptor_cred == NULL) { - if (_gsskrb5_keytab != NULL) - keytab = _gsskrb5_keytab; - } else if (acceptor_cred->keytab != NULL) { - keytab = acceptor_cred->keytab; - } - - /* - * We need to check the ticket and create the AP-REP packet - */ - - { - krb5_rd_req_in_ctx in = NULL; - krb5_rd_req_out_ctx out = NULL; - - kret = krb5_rd_req_in_ctx_alloc(context, &in); - if (kret == 0) - kret = krb5_rd_req_in_set_keytab(context, in, keytab); - if (kret) { - if (in) - krb5_rd_req_in_ctx_free(context, in); - ret = GSS_S_FAILURE; - *minor_status = kret; - return ret; - } - - kret = krb5_rd_req_ctx(context, - &ctx->auth_context, - &indata, - (acceptor_cred_handle == GSS_C_NO_CREDENTIAL) ? NULL : acceptor_cred->principal, - in, &out); - krb5_rd_req_in_ctx_free(context, in); - if (kret) { - ret = GSS_S_FAILURE; - *minor_status = kret; - return ret; - } - - /* - * We need to remember some data on the context_handle. - */ - kret = krb5_rd_req_out_get_ap_req_options(context, out, - &ap_options); - if (kret == 0) - kret = krb5_rd_req_out_get_ticket(context, out, - &ctx->ticket); - if (kret == 0) - kret = krb5_rd_req_out_get_keyblock(context, out, - &ctx->service_keyblock); - ctx->lifetime = ctx->ticket->ticket.endtime; - - krb5_rd_req_out_ctx_free(context, out); - if (kret) { - ret = GSS_S_FAILURE; - *minor_status = kret; - return ret; - } - } - - - /* - * We need to copy the principal names to the context and the - * calling layer. - */ - kret = krb5_copy_principal(context, - ctx->ticket->client, - &ctx->source); - if (kret) { - ret = GSS_S_FAILURE; - *minor_status = kret; - } - - kret = krb5_copy_principal(context, - ctx->ticket->server, - &ctx->target); - if (kret) { - ret = GSS_S_FAILURE; - *minor_status = kret; - return ret; - } - - /* - * We need to setup some compat stuff, this assumes that - * context_handle->target is already set. - */ - ret = _gss_DES3_get_mic_compat(minor_status, ctx, context); - if (ret) - return ret; - - if (src_name != NULL) { - kret = krb5_copy_principal (context, - ctx->ticket->client, - (gsskrb5_name*)src_name); - if (kret) { - ret = GSS_S_FAILURE; - *minor_status = kret; - return ret; - } - } - - /* - * We need to get the flags out of the 8003 checksum. - */ - { - krb5_authenticator authenticator; - - kret = krb5_auth_con_getauthenticator(context, - ctx->auth_context, - &authenticator); - if(kret) { - ret = GSS_S_FAILURE; - *minor_status = kret; - return ret; - } - - if (authenticator->cksum->cksumtype == CKSUMTYPE_GSSAPI) { - ret = _gsskrb5_verify_8003_checksum(minor_status, - input_chan_bindings, - authenticator->cksum, - &ctx->flags, - &ctx->fwd_data); - - krb5_free_authenticator(context, &authenticator); - if (ret) { - return ret; - } - } else { - krb5_crypto crypto; - - kret = krb5_crypto_init(context, - ctx->auth_context->keyblock, - 0, &crypto); - if(kret) { - krb5_free_authenticator(context, &authenticator); - - ret = GSS_S_FAILURE; - *minor_status = kret; - return ret; - } - - /* - * Windows accepts Samba3's use of a kerberos, rather than - * GSSAPI checksum here - */ - - kret = krb5_verify_checksum(context, - crypto, KRB5_KU_AP_REQ_AUTH_CKSUM, NULL, 0, - authenticator->cksum); - krb5_free_authenticator(context, &authenticator); - krb5_crypto_destroy(context, crypto); - - if(kret) { - ret = GSS_S_BAD_SIG; - *minor_status = kret; - return ret; - } - - /* - * Samba style get some flags (but not DCE-STYLE) - */ - ctx->flags = - GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG; - } - } - - if(ctx->flags & GSS_C_MUTUAL_FLAG) { - krb5_data outbuf; - - _gsskrb5i_is_cfx(ctx, &is_cfx); - - if (is_cfx != 0 - || (ap_options & AP_OPTS_USE_SUBKEY)) { - kret = krb5_auth_con_addflags(context, - ctx->auth_context, - KRB5_AUTH_CONTEXT_USE_SUBKEY, - NULL); - ctx->more_flags |= ACCEPTOR_SUBKEY; - } - - kret = krb5_mk_rep(context, - ctx->auth_context, - &outbuf); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } - - if (IS_DCE_STYLE(ctx)) { - output_token->length = outbuf.length; - output_token->value = outbuf.data; - } else { - ret = _gsskrb5_encapsulate(minor_status, - &outbuf, - output_token, - "\x02\x00", - GSS_KRB5_MECHANISM); - krb5_data_free (&outbuf); - if (ret) - return ret; - } - } - - ctx->flags |= GSS_C_TRANS_FLAG; - - /* Remember the flags */ - - ctx->lifetime = ctx->ticket->ticket.endtime; - ctx->more_flags |= OPEN; - - if (mech_type) - *mech_type = GSS_KRB5_MECHANISM; - - if (time_rec) { - ret = _gsskrb5_lifetime_left(minor_status, - context, - ctx->lifetime, - time_rec); - if (ret) { - return ret; - } - } - - /* - * When GSS_C_DCE_STYLE is in use, we need ask for a AP-REP from - * the client. - */ - if (IS_DCE_STYLE(ctx)) { - /* - * Return flags to caller, but we haven't processed - * delgations yet - */ - if (ret_flags) - *ret_flags = (ctx->flags & ~GSS_C_DELEG_FLAG); - - ctx->state = ACCEPTOR_WAIT_FOR_DCESTYLE; - return GSS_S_CONTINUE_NEEDED; - } - - ret = gsskrb5_acceptor_ready(minor_status, ctx, context, - delegated_cred_handle); - - if (ret_flags) - *ret_flags = ctx->flags; - - return ret; -} - -static OM_uint32 -acceptor_wait_for_dcestyle(OM_uint32 * minor_status, - gsskrb5_ctx ctx, - krb5_context context, - const gss_cred_id_t acceptor_cred_handle, - const gss_buffer_t input_token_buffer, - const gss_channel_bindings_t input_chan_bindings, - gss_name_t * src_name, - gss_OID * mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec, - gss_cred_id_t * delegated_cred_handle) -{ - OM_uint32 ret; - krb5_error_code kret; - krb5_data inbuf; - int32_t r_seq_number, l_seq_number; - - /* - * We know it's GSS_C_DCE_STYLE so we don't need to decapsulate the AP_REP - */ - - inbuf.length = input_token_buffer->length; - inbuf.data = input_token_buffer->value; - - /* - * We need to remeber the old remote seq_number, then check if the - * client has replied with our local seq_number, and then reset - * the remote seq_number to the old value - */ - { - kret = krb5_auth_con_getlocalseqnumber(context, - ctx->auth_context, - &l_seq_number); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } - - kret = krb5_auth_getremoteseqnumber(context, - ctx->auth_context, - &r_seq_number); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } - - kret = krb5_auth_con_setremoteseqnumber(context, - ctx->auth_context, - l_seq_number); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } - } - - /* - * We need to verify the AP_REP, but we need to flag that this is - * DCE_STYLE, so don't check the timestamps this time, but put the - * flag DO_TIME back afterward. - */ - { - krb5_ap_rep_enc_part *repl; - int32_t auth_flags; - - krb5_auth_con_removeflags(context, - ctx->auth_context, - KRB5_AUTH_CONTEXT_DO_TIME, - &auth_flags); - - kret = krb5_rd_rep(context, ctx->auth_context, &inbuf, &repl); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } - krb5_free_ap_rep_enc_part(context, repl); - krb5_auth_con_setflags(context, ctx->auth_context, auth_flags); - } - - /* We need to check the liftime */ - { - OM_uint32 lifetime_rec; - - ret = _gsskrb5_lifetime_left(minor_status, - context, - ctx->lifetime, - &lifetime_rec); - if (ret) { - return ret; - } - if (lifetime_rec == 0) { - return GSS_S_CONTEXT_EXPIRED; - } - - if (time_rec) *time_rec = lifetime_rec; - } - - /* We need to give the caller the flags which are in use */ - if (ret_flags) *ret_flags = ctx->flags; - - if (src_name) { - kret = krb5_copy_principal(context, - ctx->source, - (gsskrb5_name*)src_name); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } - } - - /* - * After the krb5_rd_rep() the remote and local seq_number should - * be the same, because the client just replies the seq_number - * from our AP-REP in its AP-REP, but then the client uses the - * seq_number from its AP-REQ for GSS_wrap() - */ - { - int32_t tmp_r_seq_number, tmp_l_seq_number; - - kret = krb5_auth_getremoteseqnumber(context, - ctx->auth_context, - &tmp_r_seq_number); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } - - kret = krb5_auth_con_getlocalseqnumber(context, - ctx->auth_context, - &tmp_l_seq_number); - if (kret) { - - *minor_status = kret; - return GSS_S_FAILURE; - } - - /* - * Here we check if the client has responsed with our local seq_number, - */ - if (tmp_r_seq_number != tmp_l_seq_number) { - return GSS_S_UNSEQ_TOKEN; - } - } - - /* - * We need to reset the remote seq_number, because the client will use, - * the old one for the GSS_wrap() calls - */ - { - kret = krb5_auth_con_setremoteseqnumber(context, - ctx->auth_context, - r_seq_number); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } - } - - return gsskrb5_acceptor_ready(minor_status, ctx, context, - delegated_cred_handle); -} - - -OM_uint32 -_gsskrb5_accept_sec_context(OM_uint32 * minor_status, - gss_ctx_id_t * context_handle, - const gss_cred_id_t acceptor_cred_handle, - const gss_buffer_t input_token_buffer, - const gss_channel_bindings_t input_chan_bindings, - gss_name_t * src_name, - gss_OID * mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec, - gss_cred_id_t * delegated_cred_handle) -{ - krb5_context context; - OM_uint32 ret; - gsskrb5_ctx ctx; - - GSSAPI_KRB5_INIT(&context); - - output_token->length = 0; - output_token->value = NULL; - - if (src_name != NULL) - *src_name = NULL; - if (mech_type) - *mech_type = GSS_KRB5_MECHANISM; - - if (*context_handle == GSS_C_NO_CONTEXT) { - ret = _gsskrb5_create_ctx(minor_status, - context_handle, - context, - input_chan_bindings, - ACCEPTOR_START); - if (ret) - return ret; - } - - ctx = (gsskrb5_ctx)*context_handle; - - - /* - * TODO: check the channel_bindings - * (above just sets them to krb5 layer) - */ - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - - switch (ctx->state) { - case ACCEPTOR_START: - ret = gsskrb5_acceptor_start(minor_status, - ctx, - context, - acceptor_cred_handle, - input_token_buffer, - input_chan_bindings, - src_name, - mech_type, - output_token, - ret_flags, - time_rec, - delegated_cred_handle); - break; - case ACCEPTOR_WAIT_FOR_DCESTYLE: - ret = acceptor_wait_for_dcestyle(minor_status, - ctx, - context, - acceptor_cred_handle, - input_token_buffer, - input_chan_bindings, - src_name, - mech_type, - output_token, - ret_flags, - time_rec, - delegated_cred_handle); - break; - case ACCEPTOR_READY: - /* - * If we get there, the caller have called - * gss_accept_sec_context() one time too many. - */ - ret = GSS_S_BAD_STATUS; - break; - default: - /* TODO: is this correct here? --metze */ - ret = GSS_S_BAD_STATUS; - break; - } - - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - - if (GSS_ERROR(ret)) { - OM_uint32 min2; - _gsskrb5_delete_sec_context(&min2, context_handle, GSS_C_NO_BUFFER); - } - - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/acquire_cred.c b/crypto/heimdal/lib/gssapi/krb5/acquire_cred.c deleted file mode 100644 index 6e13a4287b62..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/acquire_cred.c +++ /dev/null @@ -1,398 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: acquire_cred.c 22124 2007-12-04 00:03:52Z lha $"); - -OM_uint32 -__gsskrb5_ccache_lifetime(OM_uint32 *minor_status, - krb5_context context, - krb5_ccache id, - krb5_principal principal, - OM_uint32 *lifetime) -{ - krb5_creds in_cred, *out_cred; - krb5_const_realm realm; - krb5_error_code kret; - - memset(&in_cred, 0, sizeof(in_cred)); - in_cred.client = principal; - - realm = krb5_principal_get_realm(context, principal); - if (realm == NULL) { - _gsskrb5_clear_status (); - *minor_status = KRB5_PRINC_NOMATCH; /* XXX */ - return GSS_S_FAILURE; - } - - kret = krb5_make_principal(context, &in_cred.server, - realm, KRB5_TGS_NAME, realm, NULL); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } - - kret = krb5_get_credentials(context, 0, - id, &in_cred, &out_cred); - krb5_free_principal(context, in_cred.server); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } - - *lifetime = out_cred->times.endtime; - krb5_free_creds(context, out_cred); - - return GSS_S_COMPLETE; -} - - - - -static krb5_error_code -get_keytab(krb5_context context, krb5_keytab *keytab) -{ - char kt_name[256]; - krb5_error_code kret; - - HEIMDAL_MUTEX_lock(&gssapi_keytab_mutex); - - if (_gsskrb5_keytab != NULL) { - kret = krb5_kt_get_name(context, - _gsskrb5_keytab, - kt_name, sizeof(kt_name)); - if (kret == 0) - kret = krb5_kt_resolve(context, kt_name, keytab); - } else - kret = krb5_kt_default(context, keytab); - - HEIMDAL_MUTEX_unlock(&gssapi_keytab_mutex); - - return (kret); -} - -static OM_uint32 acquire_initiator_cred - (OM_uint32 * minor_status, - krb5_context context, - const gss_name_t desired_name, - OM_uint32 time_req, - const gss_OID_set desired_mechs, - gss_cred_usage_t cred_usage, - gsskrb5_cred handle, - gss_OID_set * actual_mechs, - OM_uint32 * time_rec - ) -{ - OM_uint32 ret; - krb5_creds cred; - krb5_principal def_princ; - krb5_get_init_creds_opt *opt; - krb5_ccache ccache; - krb5_keytab keytab; - krb5_error_code kret; - - keytab = NULL; - ccache = NULL; - def_princ = NULL; - ret = GSS_S_FAILURE; - memset(&cred, 0, sizeof(cred)); - - /* If we have a preferred principal, lets try to find it in all - * caches, otherwise, fall back to default cache. Ignore - * errors. */ - if (handle->principal) - kret = krb5_cc_cache_match (context, - handle->principal, - NULL, - &ccache); - - if (ccache == NULL) { - kret = krb5_cc_default(context, &ccache); - if (kret) - goto end; - } - kret = krb5_cc_get_principal(context, ccache, - &def_princ); - if (kret != 0) { - /* we'll try to use a keytab below */ - krb5_cc_destroy(context, ccache); - ccache = NULL; - kret = 0; - } else if (handle->principal == NULL) { - kret = krb5_copy_principal(context, def_princ, - &handle->principal); - if (kret) - goto end; - } else if (handle->principal != NULL && - krb5_principal_compare(context, handle->principal, - def_princ) == FALSE) { - /* Before failing, lets check the keytab */ - krb5_free_principal(context, def_princ); - def_princ = NULL; - } - if (def_princ == NULL) { - /* We have no existing credentials cache, - * so attempt to get a TGT using a keytab. - */ - if (handle->principal == NULL) { - kret = krb5_get_default_principal(context, - &handle->principal); - if (kret) - goto end; - } - kret = get_keytab(context, &keytab); - if (kret) - goto end; - kret = krb5_get_init_creds_opt_alloc(context, &opt); - if (kret) - goto end; - kret = krb5_get_init_creds_keytab(context, &cred, - handle->principal, keytab, 0, NULL, opt); - krb5_get_init_creds_opt_free(context, opt); - if (kret) - goto end; - kret = krb5_cc_gen_new(context, &krb5_mcc_ops, - &ccache); - if (kret) - goto end; - kret = krb5_cc_initialize(context, ccache, cred.client); - if (kret) - goto end; - kret = krb5_cc_store_cred(context, ccache, &cred); - if (kret) - goto end; - handle->lifetime = cred.times.endtime; - handle->cred_flags |= GSS_CF_DESTROY_CRED_ON_RELEASE; - } else { - - ret = __gsskrb5_ccache_lifetime(minor_status, - context, - ccache, - handle->principal, - &handle->lifetime); - if (ret != GSS_S_COMPLETE) - goto end; - kret = 0; - } - - handle->ccache = ccache; - ret = GSS_S_COMPLETE; - -end: - if (cred.client != NULL) - krb5_free_cred_contents(context, &cred); - if (def_princ != NULL) - krb5_free_principal(context, def_princ); - if (keytab != NULL) - krb5_kt_close(context, keytab); - if (ret != GSS_S_COMPLETE) { - if (ccache != NULL) - krb5_cc_close(context, ccache); - if (kret != 0) { - *minor_status = kret; - } - } - return (ret); -} - -static OM_uint32 acquire_acceptor_cred - (OM_uint32 * minor_status, - krb5_context context, - const gss_name_t desired_name, - OM_uint32 time_req, - const gss_OID_set desired_mechs, - gss_cred_usage_t cred_usage, - gsskrb5_cred handle, - gss_OID_set * actual_mechs, - OM_uint32 * time_rec - ) -{ - OM_uint32 ret; - krb5_error_code kret; - - kret = 0; - ret = GSS_S_FAILURE; - kret = get_keytab(context, &handle->keytab); - if (kret) - goto end; - - /* check that the requested principal exists in the keytab */ - if (handle->principal) { - krb5_keytab_entry entry; - - kret = krb5_kt_get_entry(context, handle->keytab, - handle->principal, 0, 0, &entry); - if (kret) - goto end; - krb5_kt_free_entry(context, &entry); - ret = GSS_S_COMPLETE; - } else { - /* - * Check if there is at least one entry in the keytab before - * declaring it as an useful keytab. - */ - krb5_keytab_entry tmp; - krb5_kt_cursor c; - - kret = krb5_kt_start_seq_get (context, handle->keytab, &c); - if (kret) - goto end; - if (krb5_kt_next_entry(context, handle->keytab, &tmp, &c) == 0) { - krb5_kt_free_entry(context, &tmp); - ret = GSS_S_COMPLETE; /* ok found one entry */ - } - krb5_kt_end_seq_get (context, handle->keytab, &c); - } -end: - if (ret != GSS_S_COMPLETE) { - if (handle->keytab != NULL) - krb5_kt_close(context, handle->keytab); - if (kret != 0) { - *minor_status = kret; - } - } - return (ret); -} - -OM_uint32 _gsskrb5_acquire_cred -(OM_uint32 * minor_status, - const gss_name_t desired_name, - OM_uint32 time_req, - const gss_OID_set desired_mechs, - gss_cred_usage_t cred_usage, - gss_cred_id_t * output_cred_handle, - gss_OID_set * actual_mechs, - OM_uint32 * time_rec - ) -{ - krb5_context context; - gsskrb5_cred handle; - OM_uint32 ret; - - if (cred_usage != GSS_C_ACCEPT && cred_usage != GSS_C_INITIATE && cred_usage != GSS_C_BOTH) { - *minor_status = GSS_KRB5_S_G_BAD_USAGE; - return GSS_S_FAILURE; - } - - GSSAPI_KRB5_INIT(&context); - - *output_cred_handle = NULL; - if (time_rec) - *time_rec = 0; - if (actual_mechs) - *actual_mechs = GSS_C_NO_OID_SET; - - if (desired_mechs) { - int present = 0; - - ret = gss_test_oid_set_member(minor_status, GSS_KRB5_MECHANISM, - desired_mechs, &present); - if (ret) - return ret; - if (!present) { - *minor_status = 0; - return GSS_S_BAD_MECH; - } - } - - handle = calloc(1, sizeof(*handle)); - if (handle == NULL) { - *minor_status = ENOMEM; - return (GSS_S_FAILURE); - } - - HEIMDAL_MUTEX_init(&handle->cred_id_mutex); - - if (desired_name != GSS_C_NO_NAME) { - krb5_principal name = (krb5_principal)desired_name; - ret = krb5_copy_principal(context, name, &handle->principal); - if (ret) { - HEIMDAL_MUTEX_destroy(&handle->cred_id_mutex); - *minor_status = ret; - free(handle); - return GSS_S_FAILURE; - } - } - if (cred_usage == GSS_C_INITIATE || cred_usage == GSS_C_BOTH) { - ret = acquire_initiator_cred(minor_status, context, - desired_name, time_req, - desired_mechs, cred_usage, handle, - actual_mechs, time_rec); - if (ret != GSS_S_COMPLETE) { - HEIMDAL_MUTEX_destroy(&handle->cred_id_mutex); - krb5_free_principal(context, handle->principal); - free(handle); - return (ret); - } - } - if (cred_usage == GSS_C_ACCEPT || cred_usage == GSS_C_BOTH) { - ret = acquire_acceptor_cred(minor_status, context, - desired_name, time_req, - desired_mechs, cred_usage, handle, actual_mechs, time_rec); - if (ret != GSS_S_COMPLETE) { - HEIMDAL_MUTEX_destroy(&handle->cred_id_mutex); - krb5_free_principal(context, handle->principal); - free(handle); - return (ret); - } - } - ret = gss_create_empty_oid_set(minor_status, &handle->mechanisms); - if (ret == GSS_S_COMPLETE) - ret = gss_add_oid_set_member(minor_status, GSS_KRB5_MECHANISM, - &handle->mechanisms); - if (ret == GSS_S_COMPLETE) - ret = _gsskrb5_inquire_cred(minor_status, (gss_cred_id_t)handle, - NULL, time_rec, NULL, actual_mechs); - if (ret != GSS_S_COMPLETE) { - if (handle->mechanisms != NULL) - gss_release_oid_set(NULL, &handle->mechanisms); - HEIMDAL_MUTEX_destroy(&handle->cred_id_mutex); - krb5_free_principal(context, handle->principal); - free(handle); - return (ret); - } - *minor_status = 0; - if (time_rec) { - ret = _gsskrb5_lifetime_left(minor_status, - context, - handle->lifetime, - time_rec); - - if (ret) - return ret; - } - handle->usage = cred_usage; - *output_cred_handle = (gss_cred_id_t)handle; - return (GSS_S_COMPLETE); -} diff --git a/crypto/heimdal/lib/gssapi/krb5/add_cred.c b/crypto/heimdal/lib/gssapi/krb5/add_cred.c deleted file mode 100644 index 9a1045a889f6..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/add_cred.c +++ /dev/null @@ -1,252 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: add_cred.c 20688 2007-05-17 18:44:31Z lha $"); - -OM_uint32 _gsskrb5_add_cred ( - OM_uint32 *minor_status, - const gss_cred_id_t input_cred_handle, - const gss_name_t desired_name, - const gss_OID desired_mech, - gss_cred_usage_t cred_usage, - OM_uint32 initiator_time_req, - OM_uint32 acceptor_time_req, - gss_cred_id_t *output_cred_handle, - gss_OID_set *actual_mechs, - OM_uint32 *initiator_time_rec, - OM_uint32 *acceptor_time_rec) -{ - krb5_context context; - OM_uint32 ret, lifetime; - gsskrb5_cred cred, handle; - krb5_const_principal dname; - - handle = NULL; - cred = (gsskrb5_cred)input_cred_handle; - dname = (krb5_const_principal)desired_name; - - GSSAPI_KRB5_INIT (&context); - - if (gss_oid_equal(desired_mech, GSS_KRB5_MECHANISM) == 0) { - *minor_status = 0; - return GSS_S_BAD_MECH; - } - - if (cred == NULL && output_cred_handle == NULL) { - *minor_status = 0; - return GSS_S_NO_CRED; - } - - if (cred == NULL) { /* XXX standard conformance failure */ - *minor_status = 0; - return GSS_S_NO_CRED; - } - - /* check if requested output usage is compatible with output usage */ - if (output_cred_handle != NULL) { - HEIMDAL_MUTEX_lock(&cred->cred_id_mutex); - if (cred->usage != cred_usage && cred->usage != GSS_C_BOTH) { - HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); - *minor_status = GSS_KRB5_S_G_BAD_USAGE; - return(GSS_S_FAILURE); - } - } - - /* check that we have the same name */ - if (dname != NULL && - krb5_principal_compare(context, dname, - cred->principal) != FALSE) { - if (output_cred_handle) - HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); - *minor_status = 0; - return GSS_S_BAD_NAME; - } - - /* make a copy */ - if (output_cred_handle) { - krb5_error_code kret; - - handle = calloc(1, sizeof(*handle)); - if (handle == NULL) { - HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); - *minor_status = ENOMEM; - return (GSS_S_FAILURE); - } - - handle->usage = cred_usage; - handle->lifetime = cred->lifetime; - handle->principal = NULL; - handle->keytab = NULL; - handle->ccache = NULL; - handle->mechanisms = NULL; - HEIMDAL_MUTEX_init(&handle->cred_id_mutex); - - ret = GSS_S_FAILURE; - - kret = krb5_copy_principal(context, cred->principal, - &handle->principal); - if (kret) { - HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); - free(handle); - *minor_status = kret; - return GSS_S_FAILURE; - } - - if (cred->keytab) { - char name[KRB5_KT_PREFIX_MAX_LEN + MAXPATHLEN]; - int len; - - ret = GSS_S_FAILURE; - - kret = krb5_kt_get_type(context, cred->keytab, - name, KRB5_KT_PREFIX_MAX_LEN); - if (kret) { - *minor_status = kret; - goto failure; - } - len = strlen(name); - name[len++] = ':'; - - kret = krb5_kt_get_name(context, cred->keytab, - name + len, - sizeof(name) - len); - if (kret) { - *minor_status = kret; - goto failure; - } - - kret = krb5_kt_resolve(context, name, - &handle->keytab); - if (kret){ - *minor_status = kret; - goto failure; - } - } - - if (cred->ccache) { - const char *type, *name; - char *type_name; - - ret = GSS_S_FAILURE; - - type = krb5_cc_get_type(context, cred->ccache); - if (type == NULL){ - *minor_status = ENOMEM; - goto failure; - } - - if (strcmp(type, "MEMORY") == 0) { - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, - &handle->ccache); - if (ret) { - *minor_status = ret; - goto failure; - } - - ret = krb5_cc_copy_cache(context, cred->ccache, - handle->ccache); - if (ret) { - *minor_status = ret; - goto failure; - } - - } else { - name = krb5_cc_get_name(context, cred->ccache); - if (name == NULL) { - *minor_status = ENOMEM; - goto failure; - } - - asprintf(&type_name, "%s:%s", type, name); - if (type_name == NULL) { - *minor_status = ENOMEM; - goto failure; - } - - kret = krb5_cc_resolve(context, type_name, - &handle->ccache); - free(type_name); - if (kret) { - *minor_status = kret; - goto failure; - } - } - } - ret = gss_create_empty_oid_set(minor_status, &handle->mechanisms); - if (ret) - goto failure; - - ret = gss_add_oid_set_member(minor_status, GSS_KRB5_MECHANISM, - &handle->mechanisms); - if (ret) - goto failure; - } - - HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); - - ret = _gsskrb5_inquire_cred(minor_status, (gss_cred_id_t)cred, - NULL, &lifetime, NULL, actual_mechs); - if (ret) - goto failure; - - if (initiator_time_rec) - *initiator_time_rec = lifetime; - if (acceptor_time_rec) - *acceptor_time_rec = lifetime; - - if (output_cred_handle) { - *output_cred_handle = (gss_cred_id_t)handle; - } - - *minor_status = 0; - return ret; - - failure: - - if (handle) { - if (handle->principal) - krb5_free_principal(context, handle->principal); - if (handle->keytab) - krb5_kt_close(context, handle->keytab); - if (handle->ccache) - krb5_cc_destroy(context, handle->ccache); - if (handle->mechanisms) - gss_release_oid_set(NULL, &handle->mechanisms); - free(handle); - } - if (output_cred_handle) - HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/address_to_krb5addr.c b/crypto/heimdal/lib/gssapi/krb5/address_to_krb5addr.c deleted file mode 100644 index 18a90fe9a762..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/address_to_krb5addr.c +++ /dev/null @@ -1,77 +0,0 @@ -/* - * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -#include - -krb5_error_code -_gsskrb5i_address_to_krb5addr(krb5_context context, - OM_uint32 gss_addr_type, - gss_buffer_desc *gss_addr, - int16_t port, - krb5_address *address) -{ - int addr_type; - struct sockaddr sa; - krb5_socklen_t sa_size = sizeof(sa); - krb5_error_code problem; - - if (gss_addr == NULL) - return GSS_S_FAILURE; - - switch (gss_addr_type) { -#ifdef HAVE_IPV6 - case GSS_C_AF_INET6: addr_type = AF_INET6; - break; -#endif /* HAVE_IPV6 */ - - case GSS_C_AF_INET: addr_type = AF_INET; - break; - default: - return GSS_S_FAILURE; - } - - problem = krb5_h_addr2sockaddr (context, - addr_type, - gss_addr->value, - &sa, - &sa_size, - port); - if (problem) - return GSS_S_FAILURE; - - problem = krb5_sockaddr2address (context, &sa, address); - - return problem; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/arcfour.c b/crypto/heimdal/lib/gssapi/krb5/arcfour.c deleted file mode 100644 index 032da36ebc86..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/arcfour.c +++ /dev/null @@ -1,760 +0,0 @@ -/* - * Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: arcfour.c 19031 2006-11-13 18:02:57Z lha $"); - -/* - * Implements draft-brezak-win2k-krb-rc4-hmac-04.txt - * - * The arcfour message have the following formats: - * - * MIC token - * TOK_ID[2] = 01 01 - * SGN_ALG[2] = 11 00 - * Filler[4] - * SND_SEQ[8] - * SGN_CKSUM[8] - * - * WRAP token - * TOK_ID[2] = 02 01 - * SGN_ALG[2]; - * SEAL_ALG[2] - * Filler[2] - * SND_SEQ[2] - * SGN_CKSUM[8] - * Confounder[8] - */ - -/* - * WRAP in DCE-style have a fixed size header, the oid and length over - * the WRAP header is a total of - * GSS_ARCFOUR_WRAP_TOKEN_DCE_DER_HEADER_SIZE + - * GSS_ARCFOUR_WRAP_TOKEN_SIZE byte (ie total of 45 bytes overhead, - * remember the 2 bytes from APPL [0] SEQ). - */ - -#define GSS_ARCFOUR_WRAP_TOKEN_SIZE 32 -#define GSS_ARCFOUR_WRAP_TOKEN_DCE_DER_HEADER_SIZE 13 - - -static krb5_error_code -arcfour_mic_key(krb5_context context, krb5_keyblock *key, - void *cksum_data, size_t cksum_size, - void *key6_data, size_t key6_size) -{ - krb5_error_code ret; - - Checksum cksum_k5; - krb5_keyblock key5; - char k5_data[16]; - - Checksum cksum_k6; - - char T[4]; - - memset(T, 0, 4); - cksum_k5.checksum.data = k5_data; - cksum_k5.checksum.length = sizeof(k5_data); - - if (key->keytype == KEYTYPE_ARCFOUR_56) { - char L40[14] = "fortybits"; - - memcpy(L40 + 10, T, sizeof(T)); - ret = krb5_hmac(context, CKSUMTYPE_RSA_MD5, - L40, 14, 0, key, &cksum_k5); - memset(&k5_data[7], 0xAB, 9); - } else { - ret = krb5_hmac(context, CKSUMTYPE_RSA_MD5, - T, 4, 0, key, &cksum_k5); - } - if (ret) - return ret; - - key5.keytype = KEYTYPE_ARCFOUR; - key5.keyvalue = cksum_k5.checksum; - - cksum_k6.checksum.data = key6_data; - cksum_k6.checksum.length = key6_size; - - return krb5_hmac(context, CKSUMTYPE_RSA_MD5, - cksum_data, cksum_size, 0, &key5, &cksum_k6); -} - - -static krb5_error_code -arcfour_mic_cksum(krb5_context context, - krb5_keyblock *key, unsigned usage, - u_char *sgn_cksum, size_t sgn_cksum_sz, - const u_char *v1, size_t l1, - const void *v2, size_t l2, - const void *v3, size_t l3) -{ - Checksum CKSUM; - u_char *ptr; - size_t len; - krb5_crypto crypto; - krb5_error_code ret; - - assert(sgn_cksum_sz == 8); - - len = l1 + l2 + l3; - - ptr = malloc(len); - if (ptr == NULL) - return ENOMEM; - - memcpy(ptr, v1, l1); - memcpy(ptr + l1, v2, l2); - memcpy(ptr + l1 + l2, v3, l3); - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) { - free(ptr); - return ret; - } - - ret = krb5_create_checksum(context, - crypto, - usage, - 0, - ptr, len, - &CKSUM); - free(ptr); - if (ret == 0) { - memcpy(sgn_cksum, CKSUM.checksum.data, sgn_cksum_sz); - free_Checksum(&CKSUM); - } - krb5_crypto_destroy(context, crypto); - - return ret; -} - - -OM_uint32 -_gssapi_get_mic_arcfour(OM_uint32 * minor_status, - const gsskrb5_ctx context_handle, - krb5_context context, - gss_qop_t qop_req, - const gss_buffer_t message_buffer, - gss_buffer_t message_token, - krb5_keyblock *key) -{ - krb5_error_code ret; - int32_t seq_number; - size_t len, total_len; - u_char k6_data[16], *p0, *p; - RC4_KEY rc4_key; - - _gsskrb5_encap_length (22, &len, &total_len, GSS_KRB5_MECHANISM); - - message_token->length = total_len; - message_token->value = malloc (total_len); - if (message_token->value == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - p0 = _gssapi_make_mech_header(message_token->value, - len, - GSS_KRB5_MECHANISM); - p = p0; - - *p++ = 0x01; /* TOK_ID */ - *p++ = 0x01; - *p++ = 0x11; /* SGN_ALG */ - *p++ = 0x00; - *p++ = 0xff; /* Filler */ - *p++ = 0xff; - *p++ = 0xff; - *p++ = 0xff; - - p = NULL; - - ret = arcfour_mic_cksum(context, - key, KRB5_KU_USAGE_SIGN, - p0 + 16, 8, /* SGN_CKSUM */ - p0, 8, /* TOK_ID, SGN_ALG, Filer */ - message_buffer->value, message_buffer->length, - NULL, 0); - if (ret) { - _gsskrb5_release_buffer(minor_status, message_token); - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = arcfour_mic_key(context, key, - p0 + 16, 8, /* SGN_CKSUM */ - k6_data, sizeof(k6_data)); - if (ret) { - _gsskrb5_release_buffer(minor_status, message_token); - *minor_status = ret; - return GSS_S_FAILURE; - } - - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - krb5_auth_con_getlocalseqnumber (context, - context_handle->auth_context, - &seq_number); - p = p0 + 8; /* SND_SEQ */ - _gsskrb5_encode_be_om_uint32(seq_number, p); - - krb5_auth_con_setlocalseqnumber (context, - context_handle->auth_context, - ++seq_number); - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - - memset (p + 4, (context_handle->more_flags & LOCAL) ? 0 : 0xff, 4); - - RC4_set_key (&rc4_key, sizeof(k6_data), k6_data); - RC4 (&rc4_key, 8, p, p); - - memset(&rc4_key, 0, sizeof(rc4_key)); - memset(k6_data, 0, sizeof(k6_data)); - - *minor_status = 0; - return GSS_S_COMPLETE; -} - - -OM_uint32 -_gssapi_verify_mic_arcfour(OM_uint32 * minor_status, - const gsskrb5_ctx context_handle, - krb5_context context, - const gss_buffer_t message_buffer, - const gss_buffer_t token_buffer, - gss_qop_t * qop_state, - krb5_keyblock *key, - char *type) -{ - krb5_error_code ret; - uint32_t seq_number; - OM_uint32 omret; - u_char SND_SEQ[8], cksum_data[8], *p; - char k6_data[16]; - int cmp; - - if (qop_state) - *qop_state = 0; - - p = token_buffer->value; - omret = _gsskrb5_verify_header (&p, - token_buffer->length, - (u_char *)type, - GSS_KRB5_MECHANISM); - if (omret) - return omret; - - if (memcmp(p, "\x11\x00", 2) != 0) /* SGN_ALG = HMAC MD5 ARCFOUR */ - return GSS_S_BAD_SIG; - p += 2; - if (memcmp (p, "\xff\xff\xff\xff", 4) != 0) - return GSS_S_BAD_MIC; - p += 4; - - ret = arcfour_mic_cksum(context, - key, KRB5_KU_USAGE_SIGN, - cksum_data, sizeof(cksum_data), - p - 8, 8, - message_buffer->value, message_buffer->length, - NULL, 0); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = arcfour_mic_key(context, key, - cksum_data, sizeof(cksum_data), - k6_data, sizeof(k6_data)); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - cmp = memcmp(cksum_data, p + 8, 8); - if (cmp) { - *minor_status = 0; - return GSS_S_BAD_MIC; - } - - { - RC4_KEY rc4_key; - - RC4_set_key (&rc4_key, sizeof(k6_data), (void*)k6_data); - RC4 (&rc4_key, 8, p, SND_SEQ); - - memset(&rc4_key, 0, sizeof(rc4_key)); - memset(k6_data, 0, sizeof(k6_data)); - } - - _gsskrb5_decode_be_om_uint32(SND_SEQ, &seq_number); - - if (context_handle->more_flags & LOCAL) - cmp = memcmp(&SND_SEQ[4], "\xff\xff\xff\xff", 4); - else - cmp = memcmp(&SND_SEQ[4], "\x00\x00\x00\x00", 4); - - memset(SND_SEQ, 0, sizeof(SND_SEQ)); - if (cmp != 0) { - *minor_status = 0; - return GSS_S_BAD_MIC; - } - - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - omret = _gssapi_msg_order_check(context_handle->order, seq_number); - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - if (omret) - return omret; - - *minor_status = 0; - return GSS_S_COMPLETE; -} - -OM_uint32 -_gssapi_wrap_arcfour(OM_uint32 * minor_status, - const gsskrb5_ctx context_handle, - krb5_context context, - int conf_req_flag, - gss_qop_t qop_req, - const gss_buffer_t input_message_buffer, - int * conf_state, - gss_buffer_t output_message_buffer, - krb5_keyblock *key) -{ - u_char Klocaldata[16], k6_data[16], *p, *p0; - size_t len, total_len, datalen; - krb5_keyblock Klocal; - krb5_error_code ret; - int32_t seq_number; - - if (conf_state) - *conf_state = 0; - - datalen = input_message_buffer->length; - - if (IS_DCE_STYLE(context_handle)) { - len = GSS_ARCFOUR_WRAP_TOKEN_SIZE; - _gssapi_encap_length(len, &len, &total_len, GSS_KRB5_MECHANISM); - total_len += datalen; - } else { - datalen += 1; /* padding */ - len = datalen + GSS_ARCFOUR_WRAP_TOKEN_SIZE; - _gssapi_encap_length(len, &len, &total_len, GSS_KRB5_MECHANISM); - } - - output_message_buffer->length = total_len; - output_message_buffer->value = malloc (total_len); - if (output_message_buffer->value == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - p0 = _gssapi_make_mech_header(output_message_buffer->value, - len, - GSS_KRB5_MECHANISM); - p = p0; - - *p++ = 0x02; /* TOK_ID */ - *p++ = 0x01; - *p++ = 0x11; /* SGN_ALG */ - *p++ = 0x00; - if (conf_req_flag) { - *p++ = 0x10; /* SEAL_ALG */ - *p++ = 0x00; - } else { - *p++ = 0xff; /* SEAL_ALG */ - *p++ = 0xff; - } - *p++ = 0xff; /* Filler */ - *p++ = 0xff; - - p = NULL; - - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - krb5_auth_con_getlocalseqnumber (context, - context_handle->auth_context, - &seq_number); - - _gsskrb5_encode_be_om_uint32(seq_number, p0 + 8); - - krb5_auth_con_setlocalseqnumber (context, - context_handle->auth_context, - ++seq_number); - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - - memset (p0 + 8 + 4, - (context_handle->more_flags & LOCAL) ? 0 : 0xff, - 4); - - krb5_generate_random_block(p0 + 24, 8); /* fill in Confounder */ - - /* p points to data */ - p = p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE; - memcpy(p, input_message_buffer->value, input_message_buffer->length); - - if (!IS_DCE_STYLE(context_handle)) - p[input_message_buffer->length] = 1; /* padding */ - - ret = arcfour_mic_cksum(context, - key, KRB5_KU_USAGE_SEAL, - p0 + 16, 8, /* SGN_CKSUM */ - p0, 8, /* TOK_ID, SGN_ALG, SEAL_ALG, Filler */ - p0 + 24, 8, /* Confounder */ - p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE, - datalen); - if (ret) { - *minor_status = ret; - _gsskrb5_release_buffer(minor_status, output_message_buffer); - return GSS_S_FAILURE; - } - - { - int i; - - Klocal.keytype = key->keytype; - Klocal.keyvalue.data = Klocaldata; - Klocal.keyvalue.length = sizeof(Klocaldata); - - for (i = 0; i < 16; i++) - Klocaldata[i] = ((u_char *)key->keyvalue.data)[i] ^ 0xF0; - } - ret = arcfour_mic_key(context, &Klocal, - p0 + 8, 4, /* SND_SEQ */ - k6_data, sizeof(k6_data)); - memset(Klocaldata, 0, sizeof(Klocaldata)); - if (ret) { - _gsskrb5_release_buffer(minor_status, output_message_buffer); - *minor_status = ret; - return GSS_S_FAILURE; - } - - - if(conf_req_flag) { - RC4_KEY rc4_key; - - RC4_set_key (&rc4_key, sizeof(k6_data), (void *)k6_data); - /* XXX ? */ - RC4 (&rc4_key, 8 + datalen, p0 + 24, p0 + 24); /* Confounder + data */ - memset(&rc4_key, 0, sizeof(rc4_key)); - } - memset(k6_data, 0, sizeof(k6_data)); - - ret = arcfour_mic_key(context, key, - p0 + 16, 8, /* SGN_CKSUM */ - k6_data, sizeof(k6_data)); - if (ret) { - _gsskrb5_release_buffer(minor_status, output_message_buffer); - *minor_status = ret; - return GSS_S_FAILURE; - } - - { - RC4_KEY rc4_key; - - RC4_set_key (&rc4_key, sizeof(k6_data), k6_data); - RC4 (&rc4_key, 8, p0 + 8, p0 + 8); /* SND_SEQ */ - memset(&rc4_key, 0, sizeof(rc4_key)); - memset(k6_data, 0, sizeof(k6_data)); - } - - if (conf_state) - *conf_state = conf_req_flag; - - *minor_status = 0; - return GSS_S_COMPLETE; -} - -OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status, - const gsskrb5_ctx context_handle, - krb5_context context, - const gss_buffer_t input_message_buffer, - gss_buffer_t output_message_buffer, - int *conf_state, - gss_qop_t *qop_state, - krb5_keyblock *key) -{ - u_char Klocaldata[16]; - krb5_keyblock Klocal; - krb5_error_code ret; - uint32_t seq_number; - size_t datalen; - OM_uint32 omret; - u_char k6_data[16], SND_SEQ[8], Confounder[8]; - u_char cksum_data[8]; - u_char *p, *p0; - int cmp; - int conf_flag; - size_t padlen = 0, len; - - if (conf_state) - *conf_state = 0; - if (qop_state) - *qop_state = 0; - - p0 = input_message_buffer->value; - - if (IS_DCE_STYLE(context_handle)) { - len = GSS_ARCFOUR_WRAP_TOKEN_SIZE + - GSS_ARCFOUR_WRAP_TOKEN_DCE_DER_HEADER_SIZE; - if (input_message_buffer->length < len) - return GSS_S_BAD_MECH; - } else { - len = input_message_buffer->length; - } - - omret = _gssapi_verify_mech_header(&p0, - len, - GSS_KRB5_MECHANISM); - if (omret) - return omret; - - /* length of mech header */ - len = (p0 - (u_char *)input_message_buffer->value) + - GSS_ARCFOUR_WRAP_TOKEN_SIZE; - - if (len > input_message_buffer->length) - return GSS_S_BAD_MECH; - - /* length of data */ - datalen = input_message_buffer->length - len; - - p = p0; - - if (memcmp(p, "\x02\x01", 2) != 0) - return GSS_S_BAD_SIG; - p += 2; - if (memcmp(p, "\x11\x00", 2) != 0) /* SGN_ALG = HMAC MD5 ARCFOUR */ - return GSS_S_BAD_SIG; - p += 2; - - if (memcmp (p, "\x10\x00", 2) == 0) - conf_flag = 1; - else if (memcmp (p, "\xff\xff", 2) == 0) - conf_flag = 0; - else - return GSS_S_BAD_SIG; - - p += 2; - if (memcmp (p, "\xff\xff", 2) != 0) - return GSS_S_BAD_MIC; - p = NULL; - - ret = arcfour_mic_key(context, key, - p0 + 16, 8, /* SGN_CKSUM */ - k6_data, sizeof(k6_data)); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - { - RC4_KEY rc4_key; - - RC4_set_key (&rc4_key, sizeof(k6_data), k6_data); - RC4 (&rc4_key, 8, p0 + 8, SND_SEQ); /* SND_SEQ */ - memset(&rc4_key, 0, sizeof(rc4_key)); - memset(k6_data, 0, sizeof(k6_data)); - } - - _gsskrb5_decode_be_om_uint32(SND_SEQ, &seq_number); - - if (context_handle->more_flags & LOCAL) - cmp = memcmp(&SND_SEQ[4], "\xff\xff\xff\xff", 4); - else - cmp = memcmp(&SND_SEQ[4], "\x00\x00\x00\x00", 4); - - if (cmp != 0) { - *minor_status = 0; - return GSS_S_BAD_MIC; - } - - { - int i; - - Klocal.keytype = key->keytype; - Klocal.keyvalue.data = Klocaldata; - Klocal.keyvalue.length = sizeof(Klocaldata); - - for (i = 0; i < 16; i++) - Klocaldata[i] = ((u_char *)key->keyvalue.data)[i] ^ 0xF0; - } - ret = arcfour_mic_key(context, &Klocal, - SND_SEQ, 4, - k6_data, sizeof(k6_data)); - memset(Klocaldata, 0, sizeof(Klocaldata)); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - output_message_buffer->value = malloc(datalen); - if (output_message_buffer->value == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - output_message_buffer->length = datalen; - - if(conf_flag) { - RC4_KEY rc4_key; - - RC4_set_key (&rc4_key, sizeof(k6_data), k6_data); - RC4 (&rc4_key, 8, p0 + 24, Confounder); /* Confounder */ - RC4 (&rc4_key, datalen, p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE, - output_message_buffer->value); - memset(&rc4_key, 0, sizeof(rc4_key)); - } else { - memcpy(Confounder, p0 + 24, 8); /* Confounder */ - memcpy(output_message_buffer->value, - p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE, - datalen); - } - memset(k6_data, 0, sizeof(k6_data)); - - if (!IS_DCE_STYLE(context_handle)) { - ret = _gssapi_verify_pad(output_message_buffer, datalen, &padlen); - if (ret) { - _gsskrb5_release_buffer(minor_status, output_message_buffer); - *minor_status = 0; - return ret; - } - output_message_buffer->length -= padlen; - } - - ret = arcfour_mic_cksum(context, - key, KRB5_KU_USAGE_SEAL, - cksum_data, sizeof(cksum_data), - p0, 8, - Confounder, sizeof(Confounder), - output_message_buffer->value, - output_message_buffer->length + padlen); - if (ret) { - _gsskrb5_release_buffer(minor_status, output_message_buffer); - *minor_status = ret; - return GSS_S_FAILURE; - } - - cmp = memcmp(cksum_data, p0 + 16, 8); /* SGN_CKSUM */ - if (cmp) { - _gsskrb5_release_buffer(minor_status, output_message_buffer); - *minor_status = 0; - return GSS_S_BAD_MIC; - } - - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - omret = _gssapi_msg_order_check(context_handle->order, seq_number); - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - if (omret) - return omret; - - if (conf_state) - *conf_state = conf_flag; - - *minor_status = 0; - return GSS_S_COMPLETE; -} - -static OM_uint32 -max_wrap_length_arcfour(const gsskrb5_ctx ctx, - krb5_crypto crypto, - size_t input_length, - OM_uint32 *max_input_size) -{ - /* - * if GSS_C_DCE_STYLE is in use: - * - we only need to encapsulate the WRAP token - * However, since this is a fixed since, we just - */ - if (IS_DCE_STYLE(ctx)) { - size_t len, total_len; - - len = GSS_ARCFOUR_WRAP_TOKEN_SIZE; - _gssapi_encap_length(len, &len, &total_len, GSS_KRB5_MECHANISM); - - if (input_length < len) - *max_input_size = 0; - else - *max_input_size = input_length - len; - - } else { - size_t extrasize = GSS_ARCFOUR_WRAP_TOKEN_SIZE; - size_t blocksize = 8; - size_t len, total_len; - - len = 8 + input_length + blocksize + extrasize; - - _gsskrb5_encap_length(len, &len, &total_len, GSS_KRB5_MECHANISM); - - total_len -= input_length; /* token length */ - if (total_len < input_length) { - *max_input_size = (input_length - total_len); - (*max_input_size) &= (~(OM_uint32)(blocksize - 1)); - } else { - *max_input_size = 0; - } - } - - return GSS_S_COMPLETE; -} - -OM_uint32 -_gssapi_wrap_size_arcfour(OM_uint32 *minor_status, - const gsskrb5_ctx ctx, - krb5_context context, - int conf_req_flag, - gss_qop_t qop_req, - OM_uint32 req_output_size, - OM_uint32 *max_input_size, - krb5_keyblock *key) -{ - krb5_error_code ret; - krb5_crypto crypto; - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret != 0) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = max_wrap_length_arcfour(ctx, crypto, - req_output_size, max_input_size); - if (ret != 0) { - *minor_status = ret; - krb5_crypto_destroy(context, crypto); - return GSS_S_FAILURE; - } - - krb5_crypto_destroy(context, crypto); - - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/canonicalize_name.c b/crypto/heimdal/lib/gssapi/krb5/canonicalize_name.c deleted file mode 100644 index c1744abd3bec..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/canonicalize_name.c +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: canonicalize_name.c 18334 2006-10-07 22:16:04Z lha $"); - -OM_uint32 _gsskrb5_canonicalize_name ( - OM_uint32 * minor_status, - const gss_name_t input_name, - const gss_OID mech_type, - gss_name_t * output_name - ) -{ - return _gsskrb5_duplicate_name (minor_status, input_name, output_name); -} diff --git a/crypto/heimdal/lib/gssapi/krb5/ccache_name.c b/crypto/heimdal/lib/gssapi/krb5/ccache_name.c deleted file mode 100644 index 6f332463553c..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/ccache_name.c +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: ccache_name.c 19031 2006-11-13 18:02:57Z lha $"); - -char *last_out_name; - -OM_uint32 -_gsskrb5_krb5_ccache_name(OM_uint32 *minor_status, - const char *name, - const char **out_name) -{ - krb5_context context; - krb5_error_code kret; - - *minor_status = 0; - - GSSAPI_KRB5_INIT(&context); - - if (out_name) { - const char *n; - - if (last_out_name) { - free(last_out_name); - last_out_name = NULL; - } - - n = krb5_cc_default_name(context); - if (n == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - last_out_name = strdup(n); - if (last_out_name == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - *out_name = last_out_name; - } - - kret = krb5_cc_set_default_name(context, name); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/cfx.c b/crypto/heimdal/lib/gssapi/krb5/cfx.c deleted file mode 100644 index 6452f802ab84..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/cfx.c +++ /dev/null @@ -1,878 +0,0 @@ -/* - * Copyright (c) 2003, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: cfx.c 19031 2006-11-13 18:02:57Z lha $"); - -/* - * Implementation of draft-ietf-krb-wg-gssapi-cfx-06.txt - */ - -#define CFXSentByAcceptor (1 << 0) -#define CFXSealed (1 << 1) -#define CFXAcceptorSubkey (1 << 2) - -krb5_error_code -_gsskrb5cfx_wrap_length_cfx(krb5_context context, - krb5_crypto crypto, - int conf_req_flag, - size_t input_length, - size_t *output_length, - size_t *cksumsize, - uint16_t *padlength) -{ - krb5_error_code ret; - krb5_cksumtype type; - - /* 16-byte header is always first */ - *output_length = sizeof(gss_cfx_wrap_token_desc); - *padlength = 0; - - ret = krb5_crypto_get_checksum_type(context, crypto, &type); - if (ret) - return ret; - - ret = krb5_checksumsize(context, type, cksumsize); - if (ret) - return ret; - - if (conf_req_flag) { - size_t padsize; - - /* Header is concatenated with data before encryption */ - input_length += sizeof(gss_cfx_wrap_token_desc); - - ret = krb5_crypto_getpadsize(context, crypto, &padsize); - if (ret) { - return ret; - } - if (padsize > 1) { - /* XXX check this */ - *padlength = padsize - (input_length % padsize); - - /* We add the pad ourselves (noted here for completeness only) */ - input_length += *padlength; - } - - *output_length += krb5_get_wrapped_length(context, - crypto, input_length); - } else { - /* Checksum is concatenated with data */ - *output_length += input_length + *cksumsize; - } - - assert(*output_length > input_length); - - return 0; -} - -krb5_error_code -_gsskrb5cfx_max_wrap_length_cfx(krb5_context context, - krb5_crypto crypto, - int conf_req_flag, - size_t input_length, - OM_uint32 *output_length) -{ - krb5_error_code ret; - - *output_length = 0; - - /* 16-byte header is always first */ - if (input_length < 16) - return 0; - input_length -= 16; - - if (conf_req_flag) { - size_t wrapped_size, sz; - - wrapped_size = input_length + 1; - do { - wrapped_size--; - sz = krb5_get_wrapped_length(context, - crypto, wrapped_size); - } while (wrapped_size && sz > input_length); - if (wrapped_size == 0) { - *output_length = 0; - return 0; - } - - /* inner header */ - if (wrapped_size < 16) { - *output_length = 0; - return 0; - } - wrapped_size -= 16; - - *output_length = wrapped_size; - } else { - krb5_cksumtype type; - size_t cksumsize; - - ret = krb5_crypto_get_checksum_type(context, crypto, &type); - if (ret) - return ret; - - ret = krb5_checksumsize(context, type, &cksumsize); - if (ret) - return ret; - - if (input_length < cksumsize) - return 0; - - /* Checksum is concatenated with data */ - *output_length = input_length - cksumsize; - } - - return 0; -} - - -OM_uint32 _gssapi_wrap_size_cfx(OM_uint32 *minor_status, - const gsskrb5_ctx context_handle, - krb5_context context, - int conf_req_flag, - gss_qop_t qop_req, - OM_uint32 req_output_size, - OM_uint32 *max_input_size, - krb5_keyblock *key) -{ - krb5_error_code ret; - krb5_crypto crypto; - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret != 0) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = _gsskrb5cfx_max_wrap_length_cfx(context, crypto, conf_req_flag, - req_output_size, max_input_size); - if (ret != 0) { - *minor_status = ret; - krb5_crypto_destroy(context, crypto); - return GSS_S_FAILURE; - } - - krb5_crypto_destroy(context, crypto); - - return GSS_S_COMPLETE; -} - -/* - * Rotate "rrc" bytes to the front or back - */ - -static krb5_error_code -rrc_rotate(void *data, size_t len, uint16_t rrc, krb5_boolean unrotate) -{ - u_char *tmp, buf[256]; - size_t left; - - if (len == 0) - return 0; - - rrc %= len; - - if (rrc == 0) - return 0; - - left = len - rrc; - - if (rrc <= sizeof(buf)) { - tmp = buf; - } else { - tmp = malloc(rrc); - if (tmp == NULL) - return ENOMEM; - } - - if (unrotate) { - memcpy(tmp, data, rrc); - memmove(data, (u_char *)data + rrc, left); - memcpy((u_char *)data + left, tmp, rrc); - } else { - memcpy(tmp, (u_char *)data + left, rrc); - memmove((u_char *)data + rrc, data, left); - memcpy(data, tmp, rrc); - } - - if (rrc > sizeof(buf)) - free(tmp); - - return 0; -} - -OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status, - const gsskrb5_ctx context_handle, - krb5_context context, - int conf_req_flag, - gss_qop_t qop_req, - const gss_buffer_t input_message_buffer, - int *conf_state, - gss_buffer_t output_message_buffer, - krb5_keyblock *key) -{ - krb5_crypto crypto; - gss_cfx_wrap_token token; - krb5_error_code ret; - unsigned usage; - krb5_data cipher; - size_t wrapped_len, cksumsize; - uint16_t padlength, rrc = 0; - int32_t seq_number; - u_char *p; - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret != 0) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = _gsskrb5cfx_wrap_length_cfx(context, - crypto, conf_req_flag, - input_message_buffer->length, - &wrapped_len, &cksumsize, &padlength); - if (ret != 0) { - *minor_status = ret; - krb5_crypto_destroy(context, crypto); - return GSS_S_FAILURE; - } - - /* Always rotate encrypted token (if any) and checksum to header */ - rrc = (conf_req_flag ? sizeof(*token) : 0) + (uint16_t)cksumsize; - - output_message_buffer->length = wrapped_len; - output_message_buffer->value = malloc(output_message_buffer->length); - if (output_message_buffer->value == NULL) { - *minor_status = ENOMEM; - krb5_crypto_destroy(context, crypto); - return GSS_S_FAILURE; - } - - p = output_message_buffer->value; - token = (gss_cfx_wrap_token)p; - token->TOK_ID[0] = 0x05; - token->TOK_ID[1] = 0x04; - token->Flags = 0; - token->Filler = 0xFF; - if ((context_handle->more_flags & LOCAL) == 0) - token->Flags |= CFXSentByAcceptor; - if (context_handle->more_flags & ACCEPTOR_SUBKEY) - token->Flags |= CFXAcceptorSubkey; - if (conf_req_flag) { - /* - * In Wrap tokens with confidentiality, the EC field is - * used to encode the size (in bytes) of the random filler. - */ - token->Flags |= CFXSealed; - token->EC[0] = (padlength >> 8) & 0xFF; - token->EC[1] = (padlength >> 0) & 0xFF; - } else { - /* - * In Wrap tokens without confidentiality, the EC field is - * used to encode the size (in bytes) of the trailing - * checksum. - * - * This is not used in the checksum calcuation itself, - * because the checksum length could potentially vary - * depending on the data length. - */ - token->EC[0] = 0; - token->EC[1] = 0; - } - - /* - * In Wrap tokens that provide for confidentiality, the RRC - * field in the header contains the hex value 00 00 before - * encryption. - * - * In Wrap tokens that do not provide for confidentiality, - * both the EC and RRC fields in the appended checksum - * contain the hex value 00 00 for the purpose of calculating - * the checksum. - */ - token->RRC[0] = 0; - token->RRC[1] = 0; - - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - krb5_auth_con_getlocalseqnumber(context, - context_handle->auth_context, - &seq_number); - _gsskrb5_encode_be_om_uint32(0, &token->SND_SEQ[0]); - _gsskrb5_encode_be_om_uint32(seq_number, &token->SND_SEQ[4]); - krb5_auth_con_setlocalseqnumber(context, - context_handle->auth_context, - ++seq_number); - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - - /* - * If confidentiality is requested, the token header is - * appended to the plaintext before encryption; the resulting - * token is {"header" | encrypt(plaintext | pad | "header")}. - * - * If no confidentiality is requested, the checksum is - * calculated over the plaintext concatenated with the - * token header. - */ - if (context_handle->more_flags & LOCAL) { - usage = KRB5_KU_USAGE_INITIATOR_SEAL; - } else { - usage = KRB5_KU_USAGE_ACCEPTOR_SEAL; - } - - if (conf_req_flag) { - /* - * Any necessary padding is added here to ensure that the - * encrypted token header is always at the end of the - * ciphertext. - * - * The specification does not require that the padding - * bytes are initialized. - */ - p += sizeof(*token); - memcpy(p, input_message_buffer->value, input_message_buffer->length); - memset(p + input_message_buffer->length, 0xFF, padlength); - memcpy(p + input_message_buffer->length + padlength, - token, sizeof(*token)); - - ret = krb5_encrypt(context, crypto, - usage, p, - input_message_buffer->length + padlength + - sizeof(*token), - &cipher); - if (ret != 0) { - *minor_status = ret; - krb5_crypto_destroy(context, crypto); - _gsskrb5_release_buffer(minor_status, output_message_buffer); - return GSS_S_FAILURE; - } - assert(sizeof(*token) + cipher.length == wrapped_len); - token->RRC[0] = (rrc >> 8) & 0xFF; - token->RRC[1] = (rrc >> 0) & 0xFF; - - ret = rrc_rotate(cipher.data, cipher.length, rrc, FALSE); - if (ret != 0) { - *minor_status = ret; - krb5_crypto_destroy(context, crypto); - _gsskrb5_release_buffer(minor_status, output_message_buffer); - return GSS_S_FAILURE; - } - memcpy(p, cipher.data, cipher.length); - krb5_data_free(&cipher); - } else { - char *buf; - Checksum cksum; - - buf = malloc(input_message_buffer->length + sizeof(*token)); - if (buf == NULL) { - *minor_status = ENOMEM; - krb5_crypto_destroy(context, crypto); - _gsskrb5_release_buffer(minor_status, output_message_buffer); - return GSS_S_FAILURE; - } - memcpy(buf, input_message_buffer->value, input_message_buffer->length); - memcpy(buf + input_message_buffer->length, token, sizeof(*token)); - - ret = krb5_create_checksum(context, crypto, - usage, 0, buf, - input_message_buffer->length + - sizeof(*token), - &cksum); - if (ret != 0) { - *minor_status = ret; - krb5_crypto_destroy(context, crypto); - _gsskrb5_release_buffer(minor_status, output_message_buffer); - free(buf); - return GSS_S_FAILURE; - } - - free(buf); - - assert(cksum.checksum.length == cksumsize); - token->EC[0] = (cksum.checksum.length >> 8) & 0xFF; - token->EC[1] = (cksum.checksum.length >> 0) & 0xFF; - token->RRC[0] = (rrc >> 8) & 0xFF; - token->RRC[1] = (rrc >> 0) & 0xFF; - - p += sizeof(*token); - memcpy(p, input_message_buffer->value, input_message_buffer->length); - memcpy(p + input_message_buffer->length, - cksum.checksum.data, cksum.checksum.length); - - ret = rrc_rotate(p, - input_message_buffer->length + cksum.checksum.length, rrc, FALSE); - if (ret != 0) { - *minor_status = ret; - krb5_crypto_destroy(context, crypto); - _gsskrb5_release_buffer(minor_status, output_message_buffer); - free_Checksum(&cksum); - return GSS_S_FAILURE; - } - free_Checksum(&cksum); - } - - krb5_crypto_destroy(context, crypto); - - if (conf_state != NULL) { - *conf_state = conf_req_flag; - } - - *minor_status = 0; - return GSS_S_COMPLETE; -} - -OM_uint32 _gssapi_unwrap_cfx(OM_uint32 *minor_status, - const gsskrb5_ctx context_handle, - krb5_context context, - const gss_buffer_t input_message_buffer, - gss_buffer_t output_message_buffer, - int *conf_state, - gss_qop_t *qop_state, - krb5_keyblock *key) -{ - krb5_crypto crypto; - gss_cfx_wrap_token token; - u_char token_flags; - krb5_error_code ret; - unsigned usage; - krb5_data data; - uint16_t ec, rrc; - OM_uint32 seq_number_lo, seq_number_hi; - size_t len; - u_char *p; - - *minor_status = 0; - - if (input_message_buffer->length < sizeof(*token)) { - return GSS_S_DEFECTIVE_TOKEN; - } - - p = input_message_buffer->value; - - token = (gss_cfx_wrap_token)p; - - if (token->TOK_ID[0] != 0x05 || token->TOK_ID[1] != 0x04) { - return GSS_S_DEFECTIVE_TOKEN; - } - - /* Ignore unknown flags */ - token_flags = token->Flags & - (CFXSentByAcceptor | CFXSealed | CFXAcceptorSubkey); - - if (token_flags & CFXSentByAcceptor) { - if ((context_handle->more_flags & LOCAL) == 0) - return GSS_S_DEFECTIVE_TOKEN; - } - - if (context_handle->more_flags & ACCEPTOR_SUBKEY) { - if ((token_flags & CFXAcceptorSubkey) == 0) - return GSS_S_DEFECTIVE_TOKEN; - } else { - if (token_flags & CFXAcceptorSubkey) - return GSS_S_DEFECTIVE_TOKEN; - } - - if (token->Filler != 0xFF) { - return GSS_S_DEFECTIVE_TOKEN; - } - - if (conf_state != NULL) { - *conf_state = (token_flags & CFXSealed) ? 1 : 0; - } - - ec = (token->EC[0] << 8) | token->EC[1]; - rrc = (token->RRC[0] << 8) | token->RRC[1]; - - /* - * Check sequence number - */ - _gsskrb5_decode_be_om_uint32(&token->SND_SEQ[0], &seq_number_hi); - _gsskrb5_decode_be_om_uint32(&token->SND_SEQ[4], &seq_number_lo); - if (seq_number_hi) { - /* no support for 64-bit sequence numbers */ - *minor_status = ERANGE; - return GSS_S_UNSEQ_TOKEN; - } - - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - ret = _gssapi_msg_order_check(context_handle->order, seq_number_lo); - if (ret != 0) { - *minor_status = 0; - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - _gsskrb5_release_buffer(minor_status, output_message_buffer); - return ret; - } - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - - /* - * Decrypt and/or verify checksum - */ - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret != 0) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - if (context_handle->more_flags & LOCAL) { - usage = KRB5_KU_USAGE_ACCEPTOR_SEAL; - } else { - usage = KRB5_KU_USAGE_INITIATOR_SEAL; - } - - p += sizeof(*token); - len = input_message_buffer->length; - len -= (p - (u_char *)input_message_buffer->value); - - /* Rotate by RRC; bogus to do this in-place XXX */ - *minor_status = rrc_rotate(p, len, rrc, TRUE); - if (*minor_status != 0) { - krb5_crypto_destroy(context, crypto); - return GSS_S_FAILURE; - } - - if (token_flags & CFXSealed) { - ret = krb5_decrypt(context, crypto, usage, - p, len, &data); - if (ret != 0) { - *minor_status = ret; - krb5_crypto_destroy(context, crypto); - return GSS_S_BAD_MIC; - } - - /* Check that there is room for the pad and token header */ - if (data.length < ec + sizeof(*token)) { - krb5_crypto_destroy(context, crypto); - krb5_data_free(&data); - return GSS_S_DEFECTIVE_TOKEN; - } - p = data.data; - p += data.length - sizeof(*token); - - /* RRC is unprotected; don't modify input buffer */ - ((gss_cfx_wrap_token)p)->RRC[0] = token->RRC[0]; - ((gss_cfx_wrap_token)p)->RRC[1] = token->RRC[1]; - - /* Check the integrity of the header */ - if (memcmp(p, token, sizeof(*token)) != 0) { - krb5_crypto_destroy(context, crypto); - krb5_data_free(&data); - return GSS_S_BAD_MIC; - } - - output_message_buffer->value = data.data; - output_message_buffer->length = data.length - ec - sizeof(*token); - } else { - Checksum cksum; - - /* Determine checksum type */ - ret = krb5_crypto_get_checksum_type(context, - crypto, &cksum.cksumtype); - if (ret != 0) { - *minor_status = ret; - krb5_crypto_destroy(context, crypto); - return GSS_S_FAILURE; - } - - cksum.checksum.length = ec; - - /* Check we have at least as much data as the checksum */ - if (len < cksum.checksum.length) { - *minor_status = ERANGE; - krb5_crypto_destroy(context, crypto); - return GSS_S_BAD_MIC; - } - - /* Length now is of the plaintext only, no checksum */ - len -= cksum.checksum.length; - cksum.checksum.data = p + len; - - output_message_buffer->length = len; /* for later */ - output_message_buffer->value = malloc(len + sizeof(*token)); - if (output_message_buffer->value == NULL) { - *minor_status = ENOMEM; - krb5_crypto_destroy(context, crypto); - return GSS_S_FAILURE; - } - - /* Checksum is over (plaintext-data | "header") */ - memcpy(output_message_buffer->value, p, len); - memcpy((u_char *)output_message_buffer->value + len, - token, sizeof(*token)); - - /* EC is not included in checksum calculation */ - token = (gss_cfx_wrap_token)((u_char *)output_message_buffer->value + - len); - token->EC[0] = 0; - token->EC[1] = 0; - token->RRC[0] = 0; - token->RRC[1] = 0; - - ret = krb5_verify_checksum(context, crypto, - usage, - output_message_buffer->value, - len + sizeof(*token), - &cksum); - if (ret != 0) { - *minor_status = ret; - krb5_crypto_destroy(context, crypto); - _gsskrb5_release_buffer(minor_status, output_message_buffer); - return GSS_S_BAD_MIC; - } - } - - krb5_crypto_destroy(context, crypto); - - if (qop_state != NULL) { - *qop_state = GSS_C_QOP_DEFAULT; - } - - *minor_status = 0; - return GSS_S_COMPLETE; -} - -OM_uint32 _gssapi_mic_cfx(OM_uint32 *minor_status, - const gsskrb5_ctx context_handle, - krb5_context context, - gss_qop_t qop_req, - const gss_buffer_t message_buffer, - gss_buffer_t message_token, - krb5_keyblock *key) -{ - krb5_crypto crypto; - gss_cfx_mic_token token; - krb5_error_code ret; - unsigned usage; - Checksum cksum; - u_char *buf; - size_t len; - int32_t seq_number; - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret != 0) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - len = message_buffer->length + sizeof(*token); - buf = malloc(len); - if (buf == NULL) { - *minor_status = ENOMEM; - krb5_crypto_destroy(context, crypto); - return GSS_S_FAILURE; - } - - memcpy(buf, message_buffer->value, message_buffer->length); - - token = (gss_cfx_mic_token)(buf + message_buffer->length); - token->TOK_ID[0] = 0x04; - token->TOK_ID[1] = 0x04; - token->Flags = 0; - if ((context_handle->more_flags & LOCAL) == 0) - token->Flags |= CFXSentByAcceptor; - if (context_handle->more_flags & ACCEPTOR_SUBKEY) - token->Flags |= CFXAcceptorSubkey; - memset(token->Filler, 0xFF, 5); - - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - krb5_auth_con_getlocalseqnumber(context, - context_handle->auth_context, - &seq_number); - _gsskrb5_encode_be_om_uint32(0, &token->SND_SEQ[0]); - _gsskrb5_encode_be_om_uint32(seq_number, &token->SND_SEQ[4]); - krb5_auth_con_setlocalseqnumber(context, - context_handle->auth_context, - ++seq_number); - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - - if (context_handle->more_flags & LOCAL) { - usage = KRB5_KU_USAGE_INITIATOR_SIGN; - } else { - usage = KRB5_KU_USAGE_ACCEPTOR_SIGN; - } - - ret = krb5_create_checksum(context, crypto, - usage, 0, buf, len, &cksum); - if (ret != 0) { - *minor_status = ret; - krb5_crypto_destroy(context, crypto); - free(buf); - return GSS_S_FAILURE; - } - krb5_crypto_destroy(context, crypto); - - /* Determine MIC length */ - message_token->length = sizeof(*token) + cksum.checksum.length; - message_token->value = malloc(message_token->length); - if (message_token->value == NULL) { - *minor_status = ENOMEM; - free_Checksum(&cksum); - free(buf); - return GSS_S_FAILURE; - } - - /* Token is { "header" | get_mic("header" | plaintext-data) } */ - memcpy(message_token->value, token, sizeof(*token)); - memcpy((u_char *)message_token->value + sizeof(*token), - cksum.checksum.data, cksum.checksum.length); - - free_Checksum(&cksum); - free(buf); - - *minor_status = 0; - return GSS_S_COMPLETE; -} - -OM_uint32 _gssapi_verify_mic_cfx(OM_uint32 *minor_status, - const gsskrb5_ctx context_handle, - krb5_context context, - const gss_buffer_t message_buffer, - const gss_buffer_t token_buffer, - gss_qop_t *qop_state, - krb5_keyblock *key) -{ - krb5_crypto crypto; - gss_cfx_mic_token token; - u_char token_flags; - krb5_error_code ret; - unsigned usage; - OM_uint32 seq_number_lo, seq_number_hi; - u_char *buf, *p; - Checksum cksum; - - *minor_status = 0; - - if (token_buffer->length < sizeof(*token)) { - return GSS_S_DEFECTIVE_TOKEN; - } - - p = token_buffer->value; - - token = (gss_cfx_mic_token)p; - - if (token->TOK_ID[0] != 0x04 || token->TOK_ID[1] != 0x04) { - return GSS_S_DEFECTIVE_TOKEN; - } - - /* Ignore unknown flags */ - token_flags = token->Flags & (CFXSentByAcceptor | CFXAcceptorSubkey); - - if (token_flags & CFXSentByAcceptor) { - if ((context_handle->more_flags & LOCAL) == 0) - return GSS_S_DEFECTIVE_TOKEN; - } - if (context_handle->more_flags & ACCEPTOR_SUBKEY) { - if ((token_flags & CFXAcceptorSubkey) == 0) - return GSS_S_DEFECTIVE_TOKEN; - } else { - if (token_flags & CFXAcceptorSubkey) - return GSS_S_DEFECTIVE_TOKEN; - } - - if (memcmp(token->Filler, "\xff\xff\xff\xff\xff", 5) != 0) { - return GSS_S_DEFECTIVE_TOKEN; - } - - /* - * Check sequence number - */ - _gsskrb5_decode_be_om_uint32(&token->SND_SEQ[0], &seq_number_hi); - _gsskrb5_decode_be_om_uint32(&token->SND_SEQ[4], &seq_number_lo); - if (seq_number_hi) { - *minor_status = ERANGE; - return GSS_S_UNSEQ_TOKEN; - } - - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - ret = _gssapi_msg_order_check(context_handle->order, seq_number_lo); - if (ret != 0) { - *minor_status = 0; - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - return ret; - } - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - - /* - * Verify checksum - */ - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret != 0) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = krb5_crypto_get_checksum_type(context, crypto, - &cksum.cksumtype); - if (ret != 0) { - *minor_status = ret; - krb5_crypto_destroy(context, crypto); - return GSS_S_FAILURE; - } - - cksum.checksum.data = p + sizeof(*token); - cksum.checksum.length = token_buffer->length - sizeof(*token); - - if (context_handle->more_flags & LOCAL) { - usage = KRB5_KU_USAGE_ACCEPTOR_SIGN; - } else { - usage = KRB5_KU_USAGE_INITIATOR_SIGN; - } - - buf = malloc(message_buffer->length + sizeof(*token)); - if (buf == NULL) { - *minor_status = ENOMEM; - krb5_crypto_destroy(context, crypto); - return GSS_S_FAILURE; - } - memcpy(buf, message_buffer->value, message_buffer->length); - memcpy(buf + message_buffer->length, token, sizeof(*token)); - - ret = krb5_verify_checksum(context, crypto, - usage, - buf, - sizeof(*token) + message_buffer->length, - &cksum); - krb5_crypto_destroy(context, crypto); - if (ret != 0) { - *minor_status = ret; - free(buf); - return GSS_S_BAD_MIC; - } - - free(buf); - - if (qop_state != NULL) { - *qop_state = GSS_C_QOP_DEFAULT; - } - - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/cfx.h b/crypto/heimdal/lib/gssapi/krb5/cfx.h deleted file mode 100644 index 672704a8418d..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/cfx.h +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copyright (c) 2003, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: cfx.h 19031 2006-11-13 18:02:57Z lha $ */ - -#ifndef GSSAPI_CFX_H_ -#define GSSAPI_CFX_H_ 1 - -/* - * Implementation of draft-ietf-krb-wg-gssapi-cfx-01.txt - */ - -typedef struct gss_cfx_mic_token_desc_struct { - u_char TOK_ID[2]; /* 04 04 */ - u_char Flags; - u_char Filler[5]; - u_char SND_SEQ[8]; -} gss_cfx_mic_token_desc, *gss_cfx_mic_token; - -typedef struct gss_cfx_wrap_token_desc_struct { - u_char TOK_ID[2]; /* 04 05 */ - u_char Flags; - u_char Filler; - u_char EC[2]; - u_char RRC[2]; - u_char SND_SEQ[8]; -} gss_cfx_wrap_token_desc, *gss_cfx_wrap_token; - -typedef struct gss_cfx_delete_token_desc_struct { - u_char TOK_ID[2]; /* 05 04 */ - u_char Flags; - u_char Filler[5]; - u_char SND_SEQ[8]; -} gss_cfx_delete_token_desc, *gss_cfx_delete_token; - -#endif /* GSSAPI_CFX_H_ */ diff --git a/crypto/heimdal/lib/gssapi/krb5/compare_name.c b/crypto/heimdal/lib/gssapi/krb5/compare_name.c deleted file mode 100644 index 3f3b59d11621..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/compare_name.c +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: compare_name.c 19031 2006-11-13 18:02:57Z lha $"); - -OM_uint32 _gsskrb5_compare_name - (OM_uint32 * minor_status, - const gss_name_t name1, - const gss_name_t name2, - int * name_equal - ) -{ - krb5_const_principal princ1 = (krb5_const_principal)name1; - krb5_const_principal princ2 = (krb5_const_principal)name2; - krb5_context context; - - GSSAPI_KRB5_INIT(&context); - - *name_equal = krb5_principal_compare (context, - princ1, princ2); - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/compat.c b/crypto/heimdal/lib/gssapi/krb5/compat.c deleted file mode 100644 index a0f075621a49..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/compat.c +++ /dev/null @@ -1,128 +0,0 @@ -/* - * Copyright (c) 2003 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: compat.c 19031 2006-11-13 18:02:57Z lha $"); - - -static krb5_error_code -check_compat(OM_uint32 *minor_status, - krb5_context context, krb5_const_principal name, - const char *option, krb5_boolean *compat, - krb5_boolean match_val) -{ - krb5_error_code ret = 0; - char **p, **q; - krb5_principal match; - - - p = krb5_config_get_strings(context, NULL, "gssapi", - option, NULL); - if(p == NULL) - return 0; - - match = NULL; - for(q = p; *q; q++) { - ret = krb5_parse_name(context, *q, &match); - if (ret) - break; - - if (krb5_principal_match(context, name, match)) { - *compat = match_val; - break; - } - - krb5_free_principal(context, match); - match = NULL; - } - if (match) - krb5_free_principal(context, match); - krb5_config_free_strings(p); - - if (ret) { - if (minor_status) - *minor_status = ret; - return GSS_S_FAILURE; - } - - return 0; -} - -/* - * ctx->ctx_id_mutex is assumed to be locked - */ - -OM_uint32 -_gss_DES3_get_mic_compat(OM_uint32 *minor_status, - gsskrb5_ctx ctx, - krb5_context context) -{ - krb5_boolean use_compat = FALSE; - OM_uint32 ret; - - if ((ctx->more_flags & COMPAT_OLD_DES3_SELECTED) == 0) { - ret = check_compat(minor_status, context, ctx->target, - "broken_des3_mic", &use_compat, TRUE); - if (ret) - return ret; - ret = check_compat(minor_status, context, ctx->target, - "correct_des3_mic", &use_compat, FALSE); - if (ret) - return ret; - - if (use_compat) - ctx->more_flags |= COMPAT_OLD_DES3; - ctx->more_flags |= COMPAT_OLD_DES3_SELECTED; - } - return 0; -} - -#if 0 -OM_uint32 -gss_krb5_compat_des3_mic(OM_uint32 *minor_status, gss_ctx_id_t ctx, int on) -{ - *minor_status = 0; - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - if (on) { - ctx->more_flags |= COMPAT_OLD_DES3; - } else { - ctx->more_flags &= ~COMPAT_OLD_DES3; - } - ctx->more_flags |= COMPAT_OLD_DES3_SELECTED; - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - - return 0; -} -#endif diff --git a/crypto/heimdal/lib/gssapi/krb5/context_time.c b/crypto/heimdal/lib/gssapi/krb5/context_time.c deleted file mode 100644 index b57ac7854e69..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/context_time.c +++ /dev/null @@ -1,95 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: context_time.c 19031 2006-11-13 18:02:57Z lha $"); - -OM_uint32 -_gsskrb5_lifetime_left(OM_uint32 *minor_status, - krb5_context context, - OM_uint32 lifetime, - OM_uint32 *lifetime_rec) -{ - krb5_timestamp timeret; - krb5_error_code kret; - - if (lifetime == 0) { - *lifetime_rec = GSS_C_INDEFINITE; - return GSS_S_COMPLETE; - } - - kret = krb5_timeofday(context, &timeret); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } - - if (lifetime < timeret) - *lifetime_rec = 0; - else - *lifetime_rec = lifetime - timeret; - - return GSS_S_COMPLETE; -} - - -OM_uint32 _gsskrb5_context_time - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - OM_uint32 * time_rec - ) -{ - krb5_context context; - OM_uint32 lifetime; - OM_uint32 major_status; - const gsskrb5_ctx ctx = (const gsskrb5_ctx) context_handle; - - GSSAPI_KRB5_INIT (&context); - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - lifetime = ctx->lifetime; - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - - major_status = _gsskrb5_lifetime_left(minor_status, context, - lifetime, time_rec); - if (major_status != GSS_S_COMPLETE) - return major_status; - - *minor_status = 0; - - if (*time_rec == 0) - return GSS_S_CONTEXT_EXPIRED; - - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/copy_ccache.c b/crypto/heimdal/lib/gssapi/krb5/copy_ccache.c deleted file mode 100644 index 66d797c19933..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/copy_ccache.c +++ /dev/null @@ -1,195 +0,0 @@ -/* - * Copyright (c) 2000 - 2001, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: copy_ccache.c 20688 2007-05-17 18:44:31Z lha $"); - -#if 0 -OM_uint32 -gss_krb5_copy_ccache(OM_uint32 *minor_status, - krb5_context context, - gss_cred_id_t cred, - krb5_ccache out) -{ - krb5_error_code kret; - - HEIMDAL_MUTEX_lock(&cred->cred_id_mutex); - - if (cred->ccache == NULL) { - HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - - kret = krb5_cc_copy_cache(context, cred->ccache, out); - HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } - *minor_status = 0; - return GSS_S_COMPLETE; -} -#endif - - -OM_uint32 -_gsskrb5_import_cred(OM_uint32 *minor_status, - krb5_ccache id, - krb5_principal keytab_principal, - krb5_keytab keytab, - gss_cred_id_t *cred) -{ - krb5_context context; - krb5_error_code kret; - gsskrb5_cred handle; - OM_uint32 ret; - - *cred = NULL; - - GSSAPI_KRB5_INIT (&context); - - handle = calloc(1, sizeof(*handle)); - if (handle == NULL) { - _gsskrb5_clear_status (); - *minor_status = ENOMEM; - return (GSS_S_FAILURE); - } - HEIMDAL_MUTEX_init(&handle->cred_id_mutex); - - handle->usage = 0; - - if (id) { - char *str; - - handle->usage |= GSS_C_INITIATE; - - kret = krb5_cc_get_principal(context, id, - &handle->principal); - if (kret) { - free(handle); - *minor_status = kret; - return GSS_S_FAILURE; - } - - if (keytab_principal) { - krb5_boolean match; - - match = krb5_principal_compare(context, - handle->principal, - keytab_principal); - if (match == FALSE) { - krb5_free_principal(context, handle->principal); - free(handle); - _gsskrb5_clear_status (); - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - } - - ret = __gsskrb5_ccache_lifetime(minor_status, - context, - id, - handle->principal, - &handle->lifetime); - if (ret != GSS_S_COMPLETE) { - krb5_free_principal(context, handle->principal); - free(handle); - return ret; - } - - - kret = krb5_cc_get_full_name(context, id, &str); - if (kret) - goto out; - - kret = krb5_cc_resolve(context, str, &handle->ccache); - free(str); - if (kret) - goto out; - } - - - if (keytab) { - char *str; - - handle->usage |= GSS_C_ACCEPT; - - if (keytab_principal && handle->principal == NULL) { - kret = krb5_copy_principal(context, - keytab_principal, - &handle->principal); - if (kret) - goto out; - } - - kret = krb5_kt_get_full_name(context, keytab, &str); - if (kret) - goto out; - - kret = krb5_kt_resolve(context, str, &handle->keytab); - free(str); - if (kret) - goto out; - } - - - if (id || keytab) { - ret = gss_create_empty_oid_set(minor_status, &handle->mechanisms); - if (ret == GSS_S_COMPLETE) - ret = gss_add_oid_set_member(minor_status, GSS_KRB5_MECHANISM, - &handle->mechanisms); - if (ret != GSS_S_COMPLETE) { - kret = *minor_status; - goto out; - } - } - - *minor_status = 0; - *cred = (gss_cred_id_t)handle; - return GSS_S_COMPLETE; - -out: - gss_release_oid_set(minor_status, &handle->mechanisms); - if (handle->ccache) - krb5_cc_close(context, handle->ccache); - if (handle->keytab) - krb5_kt_close(context, handle->keytab); - if (handle->principal) - krb5_free_principal(context, handle->principal); - HEIMDAL_MUTEX_destroy(&handle->cred_id_mutex); - free(handle); - *minor_status = kret; - return GSS_S_FAILURE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/decapsulate.c b/crypto/heimdal/lib/gssapi/krb5/decapsulate.c deleted file mode 100644 index 39176faff442..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/decapsulate.c +++ /dev/null @@ -1,209 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: decapsulate.c 18334 2006-10-07 22:16:04Z lha $"); - -/* - * return the length of the mechanism in token or -1 - * (which implies that the token was bad - GSS_S_DEFECTIVE_TOKEN - */ - -ssize_t -_gsskrb5_get_mech (const u_char *ptr, - size_t total_len, - const u_char **mech_ret) -{ - size_t len, len_len, mech_len, foo; - const u_char *p = ptr; - int e; - - if (total_len < 1) - return -1; - if (*p++ != 0x60) - return -1; - e = der_get_length (p, total_len - 1, &len, &len_len); - if (e || 1 + len_len + len != total_len) - return -1; - p += len_len; - if (*p++ != 0x06) - return -1; - e = der_get_length (p, total_len - 1 - len_len - 1, - &mech_len, &foo); - if (e) - return -1; - p += foo; - *mech_ret = p; - return mech_len; -} - -OM_uint32 -_gssapi_verify_mech_header(u_char **str, - size_t total_len, - gss_OID mech) -{ - const u_char *p; - ssize_t mech_len; - - mech_len = _gsskrb5_get_mech (*str, total_len, &p); - if (mech_len < 0) - return GSS_S_DEFECTIVE_TOKEN; - - if (mech_len != mech->length) - return GSS_S_BAD_MECH; - if (memcmp(p, - mech->elements, - mech->length) != 0) - return GSS_S_BAD_MECH; - p += mech_len; - *str = rk_UNCONST(p); - return GSS_S_COMPLETE; -} - -OM_uint32 -_gsskrb5_verify_header(u_char **str, - size_t total_len, - const void *type, - gss_OID oid) -{ - OM_uint32 ret; - size_t len; - u_char *p = *str; - - ret = _gssapi_verify_mech_header(str, total_len, oid); - if (ret) - return ret; - - len = total_len - (*str - p); - - if (len < 2) - return GSS_S_DEFECTIVE_TOKEN; - - if (memcmp (*str, type, 2) != 0) - return GSS_S_DEFECTIVE_TOKEN; - *str += 2; - - return 0; -} - -/* - * Remove the GSS-API wrapping from `in_token' giving `out_data. - * Does not copy data, so just free `in_token'. - */ - -OM_uint32 -_gssapi_decapsulate( - OM_uint32 *minor_status, - gss_buffer_t input_token_buffer, - krb5_data *out_data, - const gss_OID mech -) -{ - u_char *p; - OM_uint32 ret; - - p = input_token_buffer->value; - ret = _gssapi_verify_mech_header(&p, - input_token_buffer->length, - mech); - if (ret) { - *minor_status = 0; - return ret; - } - - out_data->length = input_token_buffer->length - - (p - (u_char *)input_token_buffer->value); - out_data->data = p; - return GSS_S_COMPLETE; -} - -/* - * Remove the GSS-API wrapping from `in_token' giving `out_data. - * Does not copy data, so just free `in_token'. - */ - -OM_uint32 -_gsskrb5_decapsulate(OM_uint32 *minor_status, - gss_buffer_t input_token_buffer, - krb5_data *out_data, - const void *type, - gss_OID oid) -{ - u_char *p; - OM_uint32 ret; - - p = input_token_buffer->value; - ret = _gsskrb5_verify_header(&p, - input_token_buffer->length, - type, - oid); - if (ret) { - *minor_status = 0; - return ret; - } - - out_data->length = input_token_buffer->length - - (p - (u_char *)input_token_buffer->value); - out_data->data = p; - return GSS_S_COMPLETE; -} - -/* - * Verify padding of a gss wrapped message and return its length. - */ - -OM_uint32 -_gssapi_verify_pad(gss_buffer_t wrapped_token, - size_t datalen, - size_t *padlen) -{ - u_char *pad; - size_t padlength; - int i; - - pad = (u_char *)wrapped_token->value + wrapped_token->length - 1; - padlength = *pad; - - if (padlength > datalen) - return GSS_S_BAD_MECH; - - for (i = padlength; i > 0 && *pad == padlength; i--, pad--) - ; - if (i != 0) - return GSS_S_BAD_MIC; - - *padlen = padlength; - - return 0; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/delete_sec_context.c b/crypto/heimdal/lib/gssapi/krb5/delete_sec_context.c deleted file mode 100644 index abad98655026..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/delete_sec_context.c +++ /dev/null @@ -1,81 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: delete_sec_context.c 19031 2006-11-13 18:02:57Z lha $"); - -OM_uint32 -_gsskrb5_delete_sec_context(OM_uint32 * minor_status, - gss_ctx_id_t * context_handle, - gss_buffer_t output_token) -{ - krb5_context context; - gsskrb5_ctx ctx; - - GSSAPI_KRB5_INIT (&context); - - *minor_status = 0; - - if (output_token) { - output_token->length = 0; - output_token->value = NULL; - } - - if (*context_handle == GSS_C_NO_CONTEXT) - return GSS_S_COMPLETE; - - ctx = (gsskrb5_ctx) *context_handle; - *context_handle = GSS_C_NO_CONTEXT; - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - - krb5_auth_con_free (context, ctx->auth_context); - if(ctx->source) - krb5_free_principal (context, ctx->source); - if(ctx->target) - krb5_free_principal (context, ctx->target); - if (ctx->ticket) - krb5_free_ticket (context, ctx->ticket); - if(ctx->order) - _gssapi_msg_order_destroy(&ctx->order); - if (ctx->service_keyblock) - krb5_free_keyblock (context, ctx->service_keyblock); - krb5_data_free(&ctx->fwd_data); - - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - HEIMDAL_MUTEX_destroy(&ctx->ctx_id_mutex); - memset(ctx, 0, sizeof(*ctx)); - free (ctx); - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/display_name.c b/crypto/heimdal/lib/gssapi/krb5/display_name.c deleted file mode 100644 index 727c447d2a06..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/display_name.c +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: display_name.c 21077 2007-06-12 22:42:56Z lha $"); - -OM_uint32 _gsskrb5_display_name - (OM_uint32 * minor_status, - const gss_name_t input_name, - gss_buffer_t output_name_buffer, - gss_OID * output_name_type - ) -{ - krb5_context context; - krb5_const_principal name = (krb5_const_principal)input_name; - krb5_error_code kret; - char *buf; - size_t len; - - GSSAPI_KRB5_INIT (&context); - - kret = krb5_unparse_name_flags (context, name, - KRB5_PRINCIPAL_UNPARSE_DISPLAY, &buf); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } - len = strlen (buf); - output_name_buffer->length = len; - output_name_buffer->value = malloc(len + 1); - if (output_name_buffer->value == NULL) { - free (buf); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - memcpy (output_name_buffer->value, buf, len); - ((char *)output_name_buffer->value)[len] = '\0'; - free (buf); - if (output_name_type) - *output_name_type = GSS_KRB5_NT_PRINCIPAL_NAME; - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/display_status.c b/crypto/heimdal/lib/gssapi/krb5/display_status.c deleted file mode 100644 index c0192522a72a..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/display_status.c +++ /dev/null @@ -1,200 +0,0 @@ -/* - * Copyright (c) 1998 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: display_status.c 19031 2006-11-13 18:02:57Z lha $"); - -static const char * -calling_error(OM_uint32 v) -{ - static const char *msgs[] = { - NULL, /* 0 */ - "A required input parameter could not be read.", /* */ - "A required output parameter could not be written.", /* */ - "A parameter was malformed" - }; - - v >>= GSS_C_CALLING_ERROR_OFFSET; - - if (v == 0) - return ""; - else if (v >= sizeof(msgs)/sizeof(*msgs)) - return "unknown calling error"; - else - return msgs[v]; -} - -static const char * -routine_error(OM_uint32 v) -{ - static const char *msgs[] = { - NULL, /* 0 */ - "An unsupported mechanism was requested", - "An invalid name was supplied", - "A supplied name was of an unsupported type", - "Incorrect channel bindings were supplied", - "An invalid status code was supplied", - "A token had an invalid MIC", - "No credentials were supplied, " - "or the credentials were unavailable or inaccessible.", - "No context has been established", - "A token was invalid", - "A credential was invalid", - "The referenced credentials have expired", - "The context has expired", - "Miscellaneous failure (see text)", - "The quality-of-protection requested could not be provide", - "The operation is forbidden by local security policy", - "The operation or option is not available", - "The requested credential element already exists", - "The provided name was not a mechanism name.", - }; - - v >>= GSS_C_ROUTINE_ERROR_OFFSET; - - if (v == 0) - return ""; - else if (v >= sizeof(msgs)/sizeof(*msgs)) - return "unknown routine error"; - else - return msgs[v]; -} - -static const char * -supplementary_error(OM_uint32 v) -{ - static const char *msgs[] = { - "normal completion", - "continuation call to routine required", - "duplicate per-message token detected", - "timed-out per-message token detected", - "reordered (early) per-message token detected", - "skipped predecessor token(s) detected" - }; - - v >>= GSS_C_SUPPLEMENTARY_OFFSET; - - if (v >= sizeof(msgs)/sizeof(*msgs)) - return "unknown routine error"; - else - return msgs[v]; -} - -void -_gsskrb5_clear_status (void) -{ - krb5_context context; - - if (_gsskrb5_init (&context) != 0) - return; - krb5_clear_error_string(context); -} - -void -_gsskrb5_set_status (const char *fmt, ...) -{ - krb5_context context; - va_list args; - char *str; - - if (_gsskrb5_init (&context) != 0) - return; - - va_start(args, fmt); - vasprintf(&str, fmt, args); - va_end(args); - if (str) { - krb5_set_error_string(context, str); - free(str); - } -} - -OM_uint32 _gsskrb5_display_status -(OM_uint32 *minor_status, - OM_uint32 status_value, - int status_type, - const gss_OID mech_type, - OM_uint32 *message_context, - gss_buffer_t status_string) -{ - krb5_context context; - char *buf; - - GSSAPI_KRB5_INIT (&context); - - status_string->length = 0; - status_string->value = NULL; - - if (gss_oid_equal(mech_type, GSS_C_NO_OID) == 0 && - gss_oid_equal(mech_type, GSS_KRB5_MECHANISM) == 0) { - *minor_status = 0; - return GSS_C_GSS_CODE; - } - - if (status_type == GSS_C_GSS_CODE) { - if (GSS_SUPPLEMENTARY_INFO(status_value)) - asprintf(&buf, "%s", - supplementary_error(GSS_SUPPLEMENTARY_INFO(status_value))); - else - asprintf (&buf, "%s %s", - calling_error(GSS_CALLING_ERROR(status_value)), - routine_error(GSS_ROUTINE_ERROR(status_value))); - } else if (status_type == GSS_C_MECH_CODE) { - buf = krb5_get_error_string(context); - if (buf == NULL) { - const char *tmp = krb5_get_err_text (context, status_value); - if (tmp == NULL) - asprintf(&buf, "unknown mech error-code %u", - (unsigned)status_value); - else - buf = strdup(tmp); - } - } else { - *minor_status = EINVAL; - return GSS_S_BAD_STATUS; - } - - if (buf == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - *message_context = 0; - *minor_status = 0; - - status_string->length = strlen(buf); - status_string->value = buf; - - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/duplicate_name.c b/crypto/heimdal/lib/gssapi/krb5/duplicate_name.c deleted file mode 100644 index 7337f1ab72b8..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/duplicate_name.c +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: duplicate_name.c 19031 2006-11-13 18:02:57Z lha $"); - -OM_uint32 _gsskrb5_duplicate_name ( - OM_uint32 * minor_status, - const gss_name_t src_name, - gss_name_t * dest_name - ) -{ - krb5_context context; - krb5_const_principal src = (krb5_const_principal)src_name; - krb5_principal *dest = (krb5_principal *)dest_name; - krb5_error_code kret; - - GSSAPI_KRB5_INIT (&context); - - kret = krb5_copy_principal (context, src, dest); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } else { - *minor_status = 0; - return GSS_S_COMPLETE; - } -} diff --git a/crypto/heimdal/lib/gssapi/krb5/encapsulate.c b/crypto/heimdal/lib/gssapi/krb5/encapsulate.c deleted file mode 100644 index 58dcb5c9c4b2..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/encapsulate.c +++ /dev/null @@ -1,155 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: encapsulate.c 18459 2006-10-14 10:12:16Z lha $"); - -void -_gssapi_encap_length (size_t data_len, - size_t *len, - size_t *total_len, - const gss_OID mech) -{ - size_t len_len; - - *len = 1 + 1 + mech->length + data_len; - - len_len = der_length_len(*len); - - *total_len = 1 + len_len + *len; -} - -void -_gsskrb5_encap_length (size_t data_len, - size_t *len, - size_t *total_len, - const gss_OID mech) -{ - _gssapi_encap_length(data_len + 2, len, total_len, mech); -} - -void * -_gsskrb5_make_header (void *ptr, - size_t len, - const void *type, - const gss_OID mech) -{ - u_char *p = ptr; - p = _gssapi_make_mech_header(p, len, mech); - memcpy (p, type, 2); - p += 2; - return p; -} - -void * -_gssapi_make_mech_header(void *ptr, - size_t len, - const gss_OID mech) -{ - u_char *p = ptr; - int e; - size_t len_len, foo; - - *p++ = 0x60; - len_len = der_length_len(len); - e = der_put_length (p + len_len - 1, len_len, len, &foo); - if(e || foo != len_len) - abort (); - p += len_len; - *p++ = 0x06; - *p++ = mech->length; - memcpy (p, mech->elements, mech->length); - p += mech->length; - return p; -} - -/* - * Give it a krb5_data and it will encapsulate with extra GSS-API wrappings. - */ - -OM_uint32 -_gssapi_encapsulate( - OM_uint32 *minor_status, - const krb5_data *in_data, - gss_buffer_t output_token, - const gss_OID mech -) -{ - size_t len, outer_len; - void *p; - - _gssapi_encap_length (in_data->length, &len, &outer_len, mech); - - output_token->length = outer_len; - output_token->value = malloc (outer_len); - if (output_token->value == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - p = _gssapi_make_mech_header (output_token->value, len, mech); - memcpy (p, in_data->data, in_data->length); - return GSS_S_COMPLETE; -} - -/* - * Give it a krb5_data and it will encapsulate with extra GSS-API krb5 - * wrappings. - */ - -OM_uint32 -_gsskrb5_encapsulate( - OM_uint32 *minor_status, - const krb5_data *in_data, - gss_buffer_t output_token, - const void *type, - const gss_OID mech -) -{ - size_t len, outer_len; - u_char *p; - - _gsskrb5_encap_length (in_data->length, &len, &outer_len, mech); - - output_token->length = outer_len; - output_token->value = malloc (outer_len); - if (output_token->value == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - p = _gsskrb5_make_header (output_token->value, len, type, mech); - memcpy (p, in_data->data, in_data->length); - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/export_name.c b/crypto/heimdal/lib/gssapi/krb5/export_name.c deleted file mode 100644 index efa45a2638bf..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/export_name.c +++ /dev/null @@ -1,94 +0,0 @@ -/* - * Copyright (c) 1997, 1999, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: export_name.c 19031 2006-11-13 18:02:57Z lha $"); - -OM_uint32 _gsskrb5_export_name - (OM_uint32 * minor_status, - const gss_name_t input_name, - gss_buffer_t exported_name - ) -{ - krb5_context context; - krb5_const_principal princ = (krb5_const_principal)input_name; - krb5_error_code kret; - char *buf, *name; - size_t len; - - GSSAPI_KRB5_INIT (&context); - - kret = krb5_unparse_name (context, princ, &name); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } - len = strlen (name); - - exported_name->length = 10 + len + GSS_KRB5_MECHANISM->length; - exported_name->value = malloc(exported_name->length); - if (exported_name->value == NULL) { - free (name); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - /* TOK, MECH_OID_LEN, DER(MECH_OID), NAME_LEN, NAME */ - - buf = exported_name->value; - memcpy(buf, "\x04\x01", 2); - buf += 2; - buf[0] = ((GSS_KRB5_MECHANISM->length + 2) >> 8) & 0xff; - buf[1] = (GSS_KRB5_MECHANISM->length + 2) & 0xff; - buf+= 2; - buf[0] = 0x06; - buf[1] = (GSS_KRB5_MECHANISM->length) & 0xFF; - buf+= 2; - - memcpy(buf, GSS_KRB5_MECHANISM->elements, GSS_KRB5_MECHANISM->length); - buf += GSS_KRB5_MECHANISM->length; - - buf[0] = (len >> 24) & 0xff; - buf[1] = (len >> 16) & 0xff; - buf[2] = (len >> 8) & 0xff; - buf[3] = (len) & 0xff; - buf += 4; - - memcpy (buf, name, len); - - free (name); - - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/export_sec_context.c b/crypto/heimdal/lib/gssapi/krb5/export_sec_context.c deleted file mode 100644 index 00218617a07b..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/export_sec_context.c +++ /dev/null @@ -1,240 +0,0 @@ -/* - * Copyright (c) 1999 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: export_sec_context.c 19031 2006-11-13 18:02:57Z lha $"); - -OM_uint32 -_gsskrb5_export_sec_context ( - OM_uint32 * minor_status, - gss_ctx_id_t * context_handle, - gss_buffer_t interprocess_token - ) -{ - krb5_context context; - const gsskrb5_ctx ctx = (const gsskrb5_ctx) *context_handle; - krb5_storage *sp; - krb5_auth_context ac; - OM_uint32 ret = GSS_S_COMPLETE; - krb5_data data; - gss_buffer_desc buffer; - int flags; - OM_uint32 minor; - krb5_error_code kret; - - GSSAPI_KRB5_INIT (&context); - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - - if (!(ctx->flags & GSS_C_TRANS_FLAG)) { - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - *minor_status = 0; - return GSS_S_UNAVAILABLE; - } - - sp = krb5_storage_emem (); - if (sp == NULL) { - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - ac = ctx->auth_context; - - /* flagging included fields */ - - flags = 0; - if (ac->local_address) - flags |= SC_LOCAL_ADDRESS; - if (ac->remote_address) - flags |= SC_REMOTE_ADDRESS; - if (ac->keyblock) - flags |= SC_KEYBLOCK; - if (ac->local_subkey) - flags |= SC_LOCAL_SUBKEY; - if (ac->remote_subkey) - flags |= SC_REMOTE_SUBKEY; - - kret = krb5_store_int32 (sp, flags); - if (kret) { - *minor_status = kret; - goto failure; - } - - /* marshall auth context */ - - kret = krb5_store_int32 (sp, ac->flags); - if (kret) { - *minor_status = kret; - goto failure; - } - if (ac->local_address) { - kret = krb5_store_address (sp, *ac->local_address); - if (kret) { - *minor_status = kret; - goto failure; - } - } - if (ac->remote_address) { - kret = krb5_store_address (sp, *ac->remote_address); - if (kret) { - *minor_status = kret; - goto failure; - } - } - kret = krb5_store_int16 (sp, ac->local_port); - if (kret) { - *minor_status = kret; - goto failure; - } - kret = krb5_store_int16 (sp, ac->remote_port); - if (kret) { - *minor_status = kret; - goto failure; - } - if (ac->keyblock) { - kret = krb5_store_keyblock (sp, *ac->keyblock); - if (kret) { - *minor_status = kret; - goto failure; - } - } - if (ac->local_subkey) { - kret = krb5_store_keyblock (sp, *ac->local_subkey); - if (kret) { - *minor_status = kret; - goto failure; - } - } - if (ac->remote_subkey) { - kret = krb5_store_keyblock (sp, *ac->remote_subkey); - if (kret) { - *minor_status = kret; - goto failure; - } - } - kret = krb5_store_int32 (sp, ac->local_seqnumber); - if (kret) { - *minor_status = kret; - goto failure; - } - kret = krb5_store_int32 (sp, ac->remote_seqnumber); - if (kret) { - *minor_status = kret; - goto failure; - } - - kret = krb5_store_int32 (sp, ac->keytype); - if (kret) { - *minor_status = kret; - goto failure; - } - kret = krb5_store_int32 (sp, ac->cksumtype); - if (kret) { - *minor_status = kret; - goto failure; - } - - /* names */ - - ret = _gsskrb5_export_name (minor_status, - (gss_name_t)ctx->source, &buffer); - if (ret) - goto failure; - data.data = buffer.value; - data.length = buffer.length; - kret = krb5_store_data (sp, data); - _gsskrb5_release_buffer (&minor, &buffer); - if (kret) { - *minor_status = kret; - goto failure; - } - - ret = _gsskrb5_export_name (minor_status, - (gss_name_t)ctx->target, &buffer); - if (ret) - goto failure; - data.data = buffer.value; - data.length = buffer.length; - - ret = GSS_S_FAILURE; - - kret = krb5_store_data (sp, data); - _gsskrb5_release_buffer (&minor, &buffer); - if (kret) { - *minor_status = kret; - goto failure; - } - - kret = krb5_store_int32 (sp, ctx->flags); - if (kret) { - *minor_status = kret; - goto failure; - } - kret = krb5_store_int32 (sp, ctx->more_flags); - if (kret) { - *minor_status = kret; - goto failure; - } - kret = krb5_store_int32 (sp, ctx->lifetime); - if (kret) { - *minor_status = kret; - goto failure; - } - kret = _gssapi_msg_order_export(sp, ctx->order); - if (kret ) { - *minor_status = kret; - goto failure; - } - - kret = krb5_storage_to_data (sp, &data); - krb5_storage_free (sp); - if (kret) { - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - *minor_status = kret; - return GSS_S_FAILURE; - } - interprocess_token->length = data.length; - interprocess_token->value = data.data; - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - ret = _gsskrb5_delete_sec_context (minor_status, context_handle, - GSS_C_NO_BUFFER); - if (ret != GSS_S_COMPLETE) - _gsskrb5_release_buffer (NULL, interprocess_token); - *minor_status = 0; - return ret; - failure: - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - krb5_storage_free (sp); - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/external.c b/crypto/heimdal/lib/gssapi/krb5/external.c deleted file mode 100644 index 03fe61dc5744..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/external.c +++ /dev/null @@ -1,425 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" -#include - -RCSID("$Id: external.c 22128 2007-12-04 00:56:55Z lha $"); - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" - * "\x01\x02\x01\x01"}, - * corresponding to an object-identifier value of - * {iso(1) member-body(2) United States(840) mit(113554) - * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant - * GSS_C_NT_USER_NAME should be initialized to point - * to that gss_OID_desc. - */ - -static gss_OID_desc gss_c_nt_user_name_oid_desc = -{10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12" "\x01\x02\x01\x01")}; - -gss_OID GSS_C_NT_USER_NAME = &gss_c_nt_user_name_oid_desc; - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" - * "\x01\x02\x01\x02"}, - * corresponding to an object-identifier value of - * {iso(1) member-body(2) United States(840) mit(113554) - * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}. - * The constant GSS_C_NT_MACHINE_UID_NAME should be - * initialized to point to that gss_OID_desc. - */ - -static gss_OID_desc gss_c_nt_machine_uid_name_oid_desc = -{10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12" "\x01\x02\x01\x02")}; - -gss_OID GSS_C_NT_MACHINE_UID_NAME = &gss_c_nt_machine_uid_name_oid_desc; - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" - * "\x01\x02\x01\x03"}, - * corresponding to an object-identifier value of - * {iso(1) member-body(2) United States(840) mit(113554) - * infosys(1) gssapi(2) generic(1) string_uid_name(3)}. - * The constant GSS_C_NT_STRING_UID_NAME should be - * initialized to point to that gss_OID_desc. - */ - -static gss_OID_desc gss_c_nt_string_uid_name_oid_desc = -{10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12" "\x01\x02\x01\x03")}; - -gss_OID GSS_C_NT_STRING_UID_NAME = &gss_c_nt_string_uid_name_oid_desc; - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, - * corresponding to an object-identifier value of - * {iso(1) org(3) dod(6) internet(1) security(5) - * nametypes(6) gss-host-based-services(2)). The constant - * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point - * to that gss_OID_desc. This is a deprecated OID value, and - * implementations wishing to support hostbased-service names - * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID, - * defined below, to identify such names; - * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym - * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input - * parameter, but should not be emitted by GSS-API - * implementations - */ - -static gss_OID_desc gss_c_nt_hostbased_service_x_oid_desc = -{6, rk_UNCONST("\x2b\x06\x01\x05\x06\x02")}; - -gss_OID GSS_C_NT_HOSTBASED_SERVICE_X = &gss_c_nt_hostbased_service_x_oid_desc; - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" - * "\x01\x02\x01\x04"}, corresponding to an - * object-identifier value of {iso(1) member-body(2) - * Unites States(840) mit(113554) infosys(1) gssapi(2) - * generic(1) service_name(4)}. The constant - * GSS_C_NT_HOSTBASED_SERVICE should be initialized - * to point to that gss_OID_desc. - */ -static gss_OID_desc gss_c_nt_hostbased_service_oid_desc = -{10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12" "\x01\x02\x01\x04")}; - -gss_OID GSS_C_NT_HOSTBASED_SERVICE = &gss_c_nt_hostbased_service_oid_desc; - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {6, (void *)"\x2b\x06\01\x05\x06\x03"}, - * corresponding to an object identifier value of - * {1(iso), 3(org), 6(dod), 1(internet), 5(security), - * 6(nametypes), 3(gss-anonymous-name)}. The constant - * and GSS_C_NT_ANONYMOUS should be initialized to point - * to that gss_OID_desc. - */ - -static gss_OID_desc gss_c_nt_anonymous_oid_desc = -{6, rk_UNCONST("\x2b\x06\01\x05\x06\x03")}; - -gss_OID GSS_C_NT_ANONYMOUS = &gss_c_nt_anonymous_oid_desc; - -/* - * The implementation must reserve static storage for a - * gss_OID_desc object containing the value - * {6, (void *)"\x2b\x06\x01\x05\x06\x04"}, - * corresponding to an object-identifier value of - * {1(iso), 3(org), 6(dod), 1(internet), 5(security), - * 6(nametypes), 4(gss-api-exported-name)}. The constant - * GSS_C_NT_EXPORT_NAME should be initialized to point - * to that gss_OID_desc. - */ - -static gss_OID_desc gss_c_nt_export_name_oid_desc = -{6, rk_UNCONST("\x2b\x06\x01\x05\x06\x04") }; - -gss_OID GSS_C_NT_EXPORT_NAME = &gss_c_nt_export_name_oid_desc; - -/* - * This name form shall be represented by the Object Identifier {iso(1) - * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) - * krb5(2) krb5_name(1)}. The recommended symbolic name for this type - * is "GSS_KRB5_NT_PRINCIPAL_NAME". - */ - -static gss_OID_desc gss_krb5_nt_principal_name_oid_desc = -{10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x01") }; - -gss_OID GSS_KRB5_NT_PRINCIPAL_NAME = &gss_krb5_nt_principal_name_oid_desc; - -/* - * This name form shall be represented by the Object Identifier {iso(1) - * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) - * generic(1) user_name(1)}. The recommended symbolic name for this - * type is "GSS_KRB5_NT_USER_NAME". - */ - -gss_OID GSS_KRB5_NT_USER_NAME = &gss_c_nt_user_name_oid_desc; - -/* - * This name form shall be represented by the Object Identifier {iso(1) - * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) - * generic(1) machine_uid_name(2)}. The recommended symbolic name for - * this type is "GSS_KRB5_NT_MACHINE_UID_NAME". - */ - -gss_OID GSS_KRB5_NT_MACHINE_UID_NAME = &gss_c_nt_machine_uid_name_oid_desc; - -/* - * This name form shall be represented by the Object Identifier {iso(1) - * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) - * generic(1) string_uid_name(3)}. The recommended symbolic name for - * this type is "GSS_KRB5_NT_STRING_UID_NAME". - */ - -gss_OID GSS_KRB5_NT_STRING_UID_NAME = &gss_c_nt_string_uid_name_oid_desc; - -/* - * To support ongoing experimentation, testing, and evolution of the - * specification, the Kerberos V5 GSS-API mechanism as defined in this - * and any successor memos will be identified with the following Object - * Identifier, as defined in RFC-1510, until the specification is - * advanced to the level of Proposed Standard RFC: - * - * {iso(1), org(3), dod(5), internet(1), security(5), kerberosv5(2)} - * - * Upon advancement to the level of Proposed Standard RFC, the Kerberos - * V5 GSS-API mechanism will be identified by an Object Identifier - * having the value: - * - * {iso(1) member-body(2) United States(840) mit(113554) infosys(1) - * gssapi(2) krb5(2)} - */ - -#if 0 /* This is the old OID */ - -static gss_OID_desc gss_krb5_mechanism_oid_desc = -{5, rk_UNCONST("\x2b\x05\x01\x05\x02")}; - -#endif - -static gss_OID_desc gss_krb5_mechanism_oid_desc = -{9, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02") }; - -gss_OID GSS_KRB5_MECHANISM = &gss_krb5_mechanism_oid_desc; - -/* - * draft-ietf-cat-iakerb-09, IAKERB: - * The mechanism ID for IAKERB proxy GSS-API Kerberos, in accordance - * with the mechanism proposed by SPNEGO [7] for negotiating protocol - * variations, is: {iso(1) org(3) dod(6) internet(1) security(5) - * mechanisms(5) iakerb(10) iakerbProxyProtocol(1)}. The proposed - * mechanism ID for IAKERB minimum messages GSS-API Kerberos, in - * accordance with the mechanism proposed by SPNEGO for negotiating - * protocol variations, is: {iso(1) org(3) dod(6) internet(1) - * security(5) mechanisms(5) iakerb(10) - * iakerbMinimumMessagesProtocol(2)}. - */ - -static gss_OID_desc gss_iakerb_proxy_mechanism_oid_desc = -{7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0a\x01")}; - -gss_OID GSS_IAKERB_PROXY_MECHANISM = &gss_iakerb_proxy_mechanism_oid_desc; - -static gss_OID_desc gss_iakerb_min_msg_mechanism_oid_desc = -{7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0a\x02") }; - -gss_OID GSS_IAKERB_MIN_MSG_MECHANISM = &gss_iakerb_min_msg_mechanism_oid_desc; - -/* - * - */ - -static gss_OID_desc gss_c_peer_has_updated_spnego_oid_desc = -{9, (void *)"\x2b\x06\x01\x04\x01\xa9\x4a\x13\x05"}; - -gss_OID GSS_C_PEER_HAS_UPDATED_SPNEGO = &gss_c_peer_has_updated_spnego_oid_desc; - -/* - * 1.2.752.43.13 Heimdal GSS-API Extentions - */ - -/* 1.2.752.43.13.1 */ -static gss_OID_desc gss_krb5_copy_ccache_x_oid_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x01")}; - -gss_OID GSS_KRB5_COPY_CCACHE_X = &gss_krb5_copy_ccache_x_oid_desc; - -/* 1.2.752.43.13.2 */ -static gss_OID_desc gss_krb5_get_tkt_flags_x_oid_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x02")}; - -gss_OID GSS_KRB5_GET_TKT_FLAGS_X = &gss_krb5_get_tkt_flags_x_oid_desc; - -/* 1.2.752.43.13.3 */ -static gss_OID_desc gss_krb5_extract_authz_data_from_sec_context_x_oid_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x03")}; - -gss_OID GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X = &gss_krb5_extract_authz_data_from_sec_context_x_oid_desc; - -/* 1.2.752.43.13.4 */ -static gss_OID_desc gss_krb5_compat_des3_mic_x_oid_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x04")}; - -gss_OID GSS_KRB5_COMPAT_DES3_MIC_X = &gss_krb5_compat_des3_mic_x_oid_desc; - -/* 1.2.752.43.13.5 */ -static gss_OID_desc gss_krb5_register_acceptor_identity_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x05")}; - -gss_OID GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X = &gss_krb5_register_acceptor_identity_x_desc; - -/* 1.2.752.43.13.6 */ -static gss_OID_desc gss_krb5_export_lucid_context_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x06")}; - -gss_OID GSS_KRB5_EXPORT_LUCID_CONTEXT_X = &gss_krb5_export_lucid_context_x_desc; - -/* 1.2.752.43.13.6.1 */ -static gss_OID_desc gss_krb5_export_lucid_context_v1_x_desc = -{7, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x06\x01")}; - -gss_OID GSS_KRB5_EXPORT_LUCID_CONTEXT_V1_X = &gss_krb5_export_lucid_context_v1_x_desc; - -/* 1.2.752.43.13.7 */ -static gss_OID_desc gss_krb5_set_dns_canonicalize_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x07")}; - -gss_OID GSS_KRB5_SET_DNS_CANONICALIZE_X = &gss_krb5_set_dns_canonicalize_x_desc; - -/* 1.2.752.43.13.8 */ -static gss_OID_desc gss_krb5_get_subkey_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x08")}; - -gss_OID GSS_KRB5_GET_SUBKEY_X = &gss_krb5_get_subkey_x_desc; - -/* 1.2.752.43.13.9 */ -static gss_OID_desc gss_krb5_get_initiator_subkey_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x09")}; - -gss_OID GSS_KRB5_GET_INITIATOR_SUBKEY_X = &gss_krb5_get_initiator_subkey_x_desc; - -/* 1.2.752.43.13.10 */ -static gss_OID_desc gss_krb5_get_acceptor_subkey_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0a")}; - -gss_OID GSS_KRB5_GET_ACCEPTOR_SUBKEY_X = &gss_krb5_get_acceptor_subkey_x_desc; - -/* 1.2.752.43.13.11 */ -static gss_OID_desc gss_krb5_send_to_kdc_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0b")}; - -gss_OID GSS_KRB5_SEND_TO_KDC_X = &gss_krb5_send_to_kdc_x_desc; - -/* 1.2.752.43.13.12 */ -static gss_OID_desc gss_krb5_get_authtime_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0c")}; - -gss_OID GSS_KRB5_GET_AUTHTIME_X = &gss_krb5_get_authtime_x_desc; - -/* 1.2.752.43.13.13 */ -static gss_OID_desc gss_krb5_get_service_keyblock_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0d")}; - -gss_OID GSS_KRB5_GET_SERVICE_KEYBLOCK_X = &gss_krb5_get_service_keyblock_x_desc; - -/* 1.2.752.43.13.14 */ -static gss_OID_desc gss_krb5_set_allowable_enctypes_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0e")}; - -gss_OID GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X = &gss_krb5_set_allowable_enctypes_x_desc; - -/* 1.2.752.43.13.15 */ -static gss_OID_desc gss_krb5_set_default_realm_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0f")}; - -gss_OID GSS_KRB5_SET_DEFAULT_REALM_X = &gss_krb5_set_default_realm_x_desc; - -/* 1.2.752.43.13.16 */ -static gss_OID_desc gss_krb5_ccache_name_x_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x10")}; - -gss_OID GSS_KRB5_CCACHE_NAME_X = &gss_krb5_ccache_name_x_desc; - -/* 1.2.752.43.14.1 */ -static gss_OID_desc gss_sasl_digest_md5_mechanism_desc = -{6, rk_UNCONST("\x2a\x85\x70\x2b\x0e\x01") }; - -gss_OID GSS_SASL_DIGEST_MD5_MECHANISM = &gss_sasl_digest_md5_mechanism_desc; - -/* - * Context for krb5 calls. - */ - -/* - * - */ - -static gssapi_mech_interface_desc krb5_mech = { - GMI_VERSION, - "kerberos 5", - {9, "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02" }, - _gsskrb5_acquire_cred, - _gsskrb5_release_cred, - _gsskrb5_init_sec_context, - _gsskrb5_accept_sec_context, - _gsskrb5_process_context_token, - _gsskrb5_delete_sec_context, - _gsskrb5_context_time, - _gsskrb5_get_mic, - _gsskrb5_verify_mic, - _gsskrb5_wrap, - _gsskrb5_unwrap, - _gsskrb5_display_status, - _gsskrb5_indicate_mechs, - _gsskrb5_compare_name, - _gsskrb5_display_name, - _gsskrb5_import_name, - _gsskrb5_export_name, - _gsskrb5_release_name, - _gsskrb5_inquire_cred, - _gsskrb5_inquire_context, - _gsskrb5_wrap_size_limit, - _gsskrb5_add_cred, - _gsskrb5_inquire_cred_by_mech, - _gsskrb5_export_sec_context, - _gsskrb5_import_sec_context, - _gsskrb5_inquire_names_for_mech, - _gsskrb5_inquire_mechs_for_name, - _gsskrb5_canonicalize_name, - _gsskrb5_duplicate_name, - _gsskrb5_inquire_sec_context_by_oid, - _gsskrb5_inquire_cred_by_oid, - _gsskrb5_set_sec_context_option, - _gsskrb5_set_cred_option, - _gsskrb5_pseudo_random -}; - -gssapi_mech_interface -__gss_krb5_initialize(void) -{ - return &krb5_mech; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/get_mic.c b/crypto/heimdal/lib/gssapi/krb5/get_mic.c deleted file mode 100644 index 133481ffe173..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/get_mic.c +++ /dev/null @@ -1,317 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: get_mic.c 19031 2006-11-13 18:02:57Z lha $"); - -static OM_uint32 -mic_des - (OM_uint32 * minor_status, - const gsskrb5_ctx ctx, - krb5_context context, - gss_qop_t qop_req, - const gss_buffer_t message_buffer, - gss_buffer_t message_token, - krb5_keyblock *key - ) -{ - u_char *p; - MD5_CTX md5; - u_char hash[16]; - DES_key_schedule schedule; - DES_cblock deskey; - DES_cblock zero; - int32_t seq_number; - size_t len, total_len; - - _gsskrb5_encap_length (22, &len, &total_len, GSS_KRB5_MECHANISM); - - message_token->length = total_len; - message_token->value = malloc (total_len); - if (message_token->value == NULL) { - message_token->length = 0; - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - p = _gsskrb5_make_header(message_token->value, - len, - "\x01\x01", /* TOK_ID */ - GSS_KRB5_MECHANISM); - - memcpy (p, "\x00\x00", 2); /* SGN_ALG = DES MAC MD5 */ - p += 2; - - memcpy (p, "\xff\xff\xff\xff", 4); /* Filler */ - p += 4; - - /* Fill in later (SND-SEQ) */ - memset (p, 0, 16); - p += 16; - - /* checksum */ - MD5_Init (&md5); - MD5_Update (&md5, p - 24, 8); - MD5_Update (&md5, message_buffer->value, message_buffer->length); - MD5_Final (hash, &md5); - - memset (&zero, 0, sizeof(zero)); - memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - DES_set_key (&deskey, &schedule); - DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), - &schedule, &zero); - memcpy (p - 8, hash, 8); /* SGN_CKSUM */ - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - /* sequence number */ - krb5_auth_con_getlocalseqnumber (context, - ctx->auth_context, - &seq_number); - - p -= 16; /* SND_SEQ */ - p[0] = (seq_number >> 0) & 0xFF; - p[1] = (seq_number >> 8) & 0xFF; - p[2] = (seq_number >> 16) & 0xFF; - p[3] = (seq_number >> 24) & 0xFF; - memset (p + 4, - (ctx->more_flags & LOCAL) ? 0 : 0xFF, - 4); - - DES_set_key (&deskey, &schedule); - DES_cbc_encrypt ((void *)p, (void *)p, 8, - &schedule, (DES_cblock *)(p + 8), DES_ENCRYPT); - - krb5_auth_con_setlocalseqnumber (context, - ctx->auth_context, - ++seq_number); - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - - memset (deskey, 0, sizeof(deskey)); - memset (&schedule, 0, sizeof(schedule)); - - *minor_status = 0; - return GSS_S_COMPLETE; -} - -static OM_uint32 -mic_des3 - (OM_uint32 * minor_status, - const gsskrb5_ctx ctx, - krb5_context context, - gss_qop_t qop_req, - const gss_buffer_t message_buffer, - gss_buffer_t message_token, - krb5_keyblock *key - ) -{ - u_char *p; - Checksum cksum; - u_char seq[8]; - - int32_t seq_number; - size_t len, total_len; - - krb5_crypto crypto; - krb5_error_code kret; - krb5_data encdata; - char *tmp; - char ivec[8]; - - _gsskrb5_encap_length (36, &len, &total_len, GSS_KRB5_MECHANISM); - - message_token->length = total_len; - message_token->value = malloc (total_len); - if (message_token->value == NULL) { - message_token->length = 0; - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - p = _gsskrb5_make_header(message_token->value, - len, - "\x01\x01", /* TOK-ID */ - GSS_KRB5_MECHANISM); - - memcpy (p, "\x04\x00", 2); /* SGN_ALG = HMAC SHA1 DES3-KD */ - p += 2; - - memcpy (p, "\xff\xff\xff\xff", 4); /* filler */ - p += 4; - - /* this should be done in parts */ - - tmp = malloc (message_buffer->length + 8); - if (tmp == NULL) { - free (message_token->value); - message_token->value = NULL; - message_token->length = 0; - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - memcpy (tmp, p - 8, 8); - memcpy (tmp + 8, message_buffer->value, message_buffer->length); - - kret = krb5_crypto_init(context, key, 0, &crypto); - if (kret) { - free (message_token->value); - message_token->value = NULL; - message_token->length = 0; - free (tmp); - *minor_status = kret; - return GSS_S_FAILURE; - } - - kret = krb5_create_checksum (context, - crypto, - KRB5_KU_USAGE_SIGN, - 0, - tmp, - message_buffer->length + 8, - &cksum); - free (tmp); - krb5_crypto_destroy (context, crypto); - if (kret) { - free (message_token->value); - message_token->value = NULL; - message_token->length = 0; - *minor_status = kret; - return GSS_S_FAILURE; - } - - memcpy (p + 8, cksum.checksum.data, cksum.checksum.length); - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - /* sequence number */ - krb5_auth_con_getlocalseqnumber (context, - ctx->auth_context, - &seq_number); - - seq[0] = (seq_number >> 0) & 0xFF; - seq[1] = (seq_number >> 8) & 0xFF; - seq[2] = (seq_number >> 16) & 0xFF; - seq[3] = (seq_number >> 24) & 0xFF; - memset (seq + 4, - (ctx->more_flags & LOCAL) ? 0 : 0xFF, - 4); - - kret = krb5_crypto_init(context, key, - ETYPE_DES3_CBC_NONE, &crypto); - if (kret) { - free (message_token->value); - message_token->value = NULL; - message_token->length = 0; - *minor_status = kret; - return GSS_S_FAILURE; - } - - if (ctx->more_flags & COMPAT_OLD_DES3) - memset(ivec, 0, 8); - else - memcpy(ivec, p + 8, 8); - - kret = krb5_encrypt_ivec (context, - crypto, - KRB5_KU_USAGE_SEQ, - seq, 8, &encdata, ivec); - krb5_crypto_destroy (context, crypto); - if (kret) { - free (message_token->value); - message_token->value = NULL; - message_token->length = 0; - *minor_status = kret; - return GSS_S_FAILURE; - } - - assert (encdata.length == 8); - - memcpy (p, encdata.data, encdata.length); - krb5_data_free (&encdata); - - krb5_auth_con_setlocalseqnumber (context, - ctx->auth_context, - ++seq_number); - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - - free_Checksum (&cksum); - *minor_status = 0; - return GSS_S_COMPLETE; -} - -OM_uint32 _gsskrb5_get_mic - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - gss_qop_t qop_req, - const gss_buffer_t message_buffer, - gss_buffer_t message_token - ) -{ - krb5_context context; - const gsskrb5_ctx ctx = (const gsskrb5_ctx) context_handle; - krb5_keyblock *key; - OM_uint32 ret; - krb5_keytype keytype; - - GSSAPI_KRB5_INIT (&context); - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - ret = _gsskrb5i_get_token_key(ctx, context, &key); - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - krb5_enctype_to_keytype (context, key->keytype, &keytype); - - switch (keytype) { - case KEYTYPE_DES : - ret = mic_des (minor_status, ctx, context, qop_req, - message_buffer, message_token, key); - break; - case KEYTYPE_DES3 : - ret = mic_des3 (minor_status, ctx, context, qop_req, - message_buffer, message_token, key); - break; - case KEYTYPE_ARCFOUR: - case KEYTYPE_ARCFOUR_56: - ret = _gssapi_get_mic_arcfour (minor_status, ctx, context, qop_req, - message_buffer, message_token, key); - break; - default : - ret = _gssapi_mic_cfx (minor_status, ctx, context, qop_req, - message_buffer, message_token, key); - break; - } - krb5_free_keyblock (context, key); - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/gkrb5_err.et b/crypto/heimdal/lib/gssapi/krb5/gkrb5_err.et deleted file mode 100644 index dbfdbdf2f122..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/gkrb5_err.et +++ /dev/null @@ -1,31 +0,0 @@ -# -# extended gss krb5 error messages -# - -id "$Id: gkrb5_err.et 20049 2007-01-24 00:14:24Z lha $" - -error_table gk5 - -prefix GSS_KRB5_S - -error_code G_BAD_SERVICE_NAME, "No @ in SERVICE-NAME name string" -error_code G_BAD_STRING_UID, "STRING-UID-NAME contains nondigits" -error_code G_NOUSER, "UID does not resolve to username" -error_code G_VALIDATE_FAILED, "Validation error" -error_code G_BUFFER_ALLOC, "Couldn't allocate gss_buffer_t data" -error_code G_BAD_MSG_CTX, "Message context invalid" -error_code G_WRONG_SIZE, "Buffer is the wrong size" -error_code G_BAD_USAGE, "Credential usage type is unknown" -error_code G_UNKNOWN_QOP, "Unknown quality of protection specified" - -index 128 - -error_code KG_CCACHE_NOMATCH, "Principal in credential cache does not match desired name" -error_code KG_KEYTAB_NOMATCH, "No principal in keytab matches desired name" -error_code KG_TGT_MISSING, "Credential cache has no TGT" -error_code KG_NO_SUBKEY, "Authenticator has no subkey" -error_code KG_CONTEXT_ESTABLISHED, "Context is already fully established" -error_code KG_BAD_SIGN_TYPE, "Unknown signature type in token" -error_code KG_BAD_LENGTH, "Invalid field length in token" -error_code KG_CTX_INCOMPLETE, "Attempt to use incomplete security context" -error_code KG_INPUT_TOO_LONG, "Input too long" diff --git a/crypto/heimdal/lib/gssapi/krb5/gsskrb5-private.h b/crypto/heimdal/lib/gssapi/krb5/gsskrb5-private.h deleted file mode 100644 index c2239f134625..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/gsskrb5-private.h +++ /dev/null @@ -1,703 +0,0 @@ -/* This is a generated file */ -#ifndef __gsskrb5_private_h__ -#define __gsskrb5_private_h__ - -#include - -gssapi_mech_interface -__gss_krb5_initialize (void); - -OM_uint32 -__gsskrb5_ccache_lifetime ( - OM_uint32 */*minor_status*/, - krb5_context /*context*/, - krb5_ccache /*id*/, - krb5_principal /*principal*/, - OM_uint32 */*lifetime*/); - -OM_uint32 -_gss_DES3_get_mic_compat ( - OM_uint32 */*minor_status*/, - gsskrb5_ctx /*ctx*/, - krb5_context /*context*/); - -OM_uint32 -_gssapi_decapsulate ( - OM_uint32 */*minor_status*/, - gss_buffer_t /*input_token_buffer*/, - krb5_data */*out_data*/, - const gss_OID mech ); - -void -_gssapi_encap_length ( - size_t /*data_len*/, - size_t */*len*/, - size_t */*total_len*/, - const gss_OID /*mech*/); - -OM_uint32 -_gssapi_encapsulate ( - OM_uint32 */*minor_status*/, - const krb5_data */*in_data*/, - gss_buffer_t /*output_token*/, - const gss_OID mech ); - -OM_uint32 -_gssapi_get_mic_arcfour ( - OM_uint32 * /*minor_status*/, - const gsskrb5_ctx /*context_handle*/, - krb5_context /*context*/, - gss_qop_t /*qop_req*/, - const gss_buffer_t /*message_buffer*/, - gss_buffer_t /*message_token*/, - krb5_keyblock */*key*/); - -void * -_gssapi_make_mech_header ( - void */*ptr*/, - size_t /*len*/, - const gss_OID /*mech*/); - -OM_uint32 -_gssapi_mic_cfx ( - OM_uint32 */*minor_status*/, - const gsskrb5_ctx /*context_handle*/, - krb5_context /*context*/, - gss_qop_t /*qop_req*/, - const gss_buffer_t /*message_buffer*/, - gss_buffer_t /*message_token*/, - krb5_keyblock */*key*/); - -OM_uint32 -_gssapi_msg_order_check ( - struct gss_msg_order */*o*/, - OM_uint32 /*seq_num*/); - -OM_uint32 -_gssapi_msg_order_create ( - OM_uint32 */*minor_status*/, - struct gss_msg_order **/*o*/, - OM_uint32 /*flags*/, - OM_uint32 /*seq_num*/, - OM_uint32 /*jitter_window*/, - int /*use_64*/); - -OM_uint32 -_gssapi_msg_order_destroy (struct gss_msg_order **/*m*/); - -krb5_error_code -_gssapi_msg_order_export ( - krb5_storage */*sp*/, - struct gss_msg_order */*o*/); - -OM_uint32 -_gssapi_msg_order_f (OM_uint32 /*flags*/); - -OM_uint32 -_gssapi_msg_order_import ( - OM_uint32 */*minor_status*/, - krb5_storage */*sp*/, - struct gss_msg_order **/*o*/); - -OM_uint32 -_gssapi_unwrap_arcfour ( - OM_uint32 */*minor_status*/, - const gsskrb5_ctx /*context_handle*/, - krb5_context /*context*/, - const gss_buffer_t /*input_message_buffer*/, - gss_buffer_t /*output_message_buffer*/, - int */*conf_state*/, - gss_qop_t */*qop_state*/, - krb5_keyblock */*key*/); - -OM_uint32 -_gssapi_unwrap_cfx ( - OM_uint32 */*minor_status*/, - const gsskrb5_ctx /*context_handle*/, - krb5_context /*context*/, - const gss_buffer_t /*input_message_buffer*/, - gss_buffer_t /*output_message_buffer*/, - int */*conf_state*/, - gss_qop_t */*qop_state*/, - krb5_keyblock */*key*/); - -OM_uint32 -_gssapi_verify_mech_header ( - u_char **/*str*/, - size_t /*total_len*/, - gss_OID /*mech*/); - -OM_uint32 -_gssapi_verify_mic_arcfour ( - OM_uint32 * /*minor_status*/, - const gsskrb5_ctx /*context_handle*/, - krb5_context /*context*/, - const gss_buffer_t /*message_buffer*/, - const gss_buffer_t /*token_buffer*/, - gss_qop_t * /*qop_state*/, - krb5_keyblock */*key*/, - char */*type*/); - -OM_uint32 -_gssapi_verify_mic_cfx ( - OM_uint32 */*minor_status*/, - const gsskrb5_ctx /*context_handle*/, - krb5_context /*context*/, - const gss_buffer_t /*message_buffer*/, - const gss_buffer_t /*token_buffer*/, - gss_qop_t */*qop_state*/, - krb5_keyblock */*key*/); - -OM_uint32 -_gssapi_verify_pad ( - gss_buffer_t /*wrapped_token*/, - size_t /*datalen*/, - size_t */*padlen*/); - -OM_uint32 -_gssapi_wrap_arcfour ( - OM_uint32 * /*minor_status*/, - const gsskrb5_ctx /*context_handle*/, - krb5_context /*context*/, - int /*conf_req_flag*/, - gss_qop_t /*qop_req*/, - const gss_buffer_t /*input_message_buffer*/, - int * /*conf_state*/, - gss_buffer_t /*output_message_buffer*/, - krb5_keyblock */*key*/); - -OM_uint32 -_gssapi_wrap_cfx ( - OM_uint32 */*minor_status*/, - const gsskrb5_ctx /*context_handle*/, - krb5_context /*context*/, - int /*conf_req_flag*/, - gss_qop_t /*qop_req*/, - const gss_buffer_t /*input_message_buffer*/, - int */*conf_state*/, - gss_buffer_t /*output_message_buffer*/, - krb5_keyblock */*key*/); - -OM_uint32 -_gssapi_wrap_size_arcfour ( - OM_uint32 */*minor_status*/, - const gsskrb5_ctx /*ctx*/, - krb5_context /*context*/, - int /*conf_req_flag*/, - gss_qop_t /*qop_req*/, - OM_uint32 /*req_output_size*/, - OM_uint32 */*max_input_size*/, - krb5_keyblock */*key*/); - -OM_uint32 -_gssapi_wrap_size_cfx ( - OM_uint32 */*minor_status*/, - const gsskrb5_ctx /*context_handle*/, - krb5_context /*context*/, - int /*conf_req_flag*/, - gss_qop_t /*qop_req*/, - OM_uint32 /*req_output_size*/, - OM_uint32 */*max_input_size*/, - krb5_keyblock */*key*/); - -OM_uint32 -_gsskrb5_accept_sec_context ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t * /*context_handle*/, - const gss_cred_id_t /*acceptor_cred_handle*/, - const gss_buffer_t /*input_token_buffer*/, - const gss_channel_bindings_t /*input_chan_bindings*/, - gss_name_t * /*src_name*/, - gss_OID * /*mech_type*/, - gss_buffer_t /*output_token*/, - OM_uint32 * /*ret_flags*/, - OM_uint32 * /*time_rec*/, - gss_cred_id_t * /*delegated_cred_handle*/); - -OM_uint32 -_gsskrb5_acquire_cred ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*desired_name*/, - OM_uint32 /*time_req*/, - const gss_OID_set /*desired_mechs*/, - gss_cred_usage_t /*cred_usage*/, - gss_cred_id_t * /*output_cred_handle*/, - gss_OID_set * /*actual_mechs*/, - OM_uint32 * time_rec ); - -OM_uint32 -_gsskrb5_add_cred ( - OM_uint32 */*minor_status*/, - const gss_cred_id_t /*input_cred_handle*/, - const gss_name_t /*desired_name*/, - const gss_OID /*desired_mech*/, - gss_cred_usage_t /*cred_usage*/, - OM_uint32 /*initiator_time_req*/, - OM_uint32 /*acceptor_time_req*/, - gss_cred_id_t */*output_cred_handle*/, - gss_OID_set */*actual_mechs*/, - OM_uint32 */*initiator_time_rec*/, - OM_uint32 */*acceptor_time_rec*/); - -OM_uint32 -_gsskrb5_canonicalize_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*input_name*/, - const gss_OID /*mech_type*/, - gss_name_t * output_name ); - -void -_gsskrb5_clear_status (void); - -OM_uint32 -_gsskrb5_compare_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*name1*/, - const gss_name_t /*name2*/, - int * name_equal ); - -OM_uint32 -_gsskrb5_context_time ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - OM_uint32 * time_rec ); - -OM_uint32 -_gsskrb5_create_8003_checksum ( - OM_uint32 */*minor_status*/, - const gss_channel_bindings_t /*input_chan_bindings*/, - OM_uint32 /*flags*/, - const krb5_data */*fwd_data*/, - Checksum */*result*/); - -OM_uint32 -_gsskrb5_create_ctx ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t * /*context_handle*/, - krb5_context /*context*/, - const gss_channel_bindings_t /*input_chan_bindings*/, - enum gss_ctx_id_t_state /*state*/); - -OM_uint32 -_gsskrb5_decapsulate ( - OM_uint32 */*minor_status*/, - gss_buffer_t /*input_token_buffer*/, - krb5_data */*out_data*/, - const void */*type*/, - gss_OID /*oid*/); - -krb5_error_code -_gsskrb5_decode_be_om_uint32 ( - const void */*ptr*/, - OM_uint32 */*n*/); - -krb5_error_code -_gsskrb5_decode_om_uint32 ( - const void */*ptr*/, - OM_uint32 */*n*/); - -OM_uint32 -_gsskrb5_delete_sec_context ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t * /*context_handle*/, - gss_buffer_t /*output_token*/); - -OM_uint32 -_gsskrb5_display_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*input_name*/, - gss_buffer_t /*output_name_buffer*/, - gss_OID * output_name_type ); - -OM_uint32 -_gsskrb5_display_status ( - OM_uint32 */*minor_status*/, - OM_uint32 /*status_value*/, - int /*status_type*/, - const gss_OID /*mech_type*/, - OM_uint32 */*message_context*/, - gss_buffer_t /*status_string*/); - -OM_uint32 -_gsskrb5_duplicate_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*src_name*/, - gss_name_t * dest_name ); - -void -_gsskrb5_encap_length ( - size_t /*data_len*/, - size_t */*len*/, - size_t */*total_len*/, - const gss_OID /*mech*/); - -OM_uint32 -_gsskrb5_encapsulate ( - OM_uint32 */*minor_status*/, - const krb5_data */*in_data*/, - gss_buffer_t /*output_token*/, - const void */*type*/, - const gss_OID mech ); - -krb5_error_code -_gsskrb5_encode_be_om_uint32 ( - OM_uint32 /*n*/, - u_char */*p*/); - -krb5_error_code -_gsskrb5_encode_om_uint32 ( - OM_uint32 /*n*/, - u_char */*p*/); - -OM_uint32 -_gsskrb5_export_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*input_name*/, - gss_buffer_t exported_name ); - -OM_uint32 -_gsskrb5_export_sec_context ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t * /*context_handle*/, - gss_buffer_t interprocess_token ); - -ssize_t -_gsskrb5_get_mech ( - const u_char */*ptr*/, - size_t /*total_len*/, - const u_char **/*mech_ret*/); - -OM_uint32 -_gsskrb5_get_mic ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - gss_qop_t /*qop_req*/, - const gss_buffer_t /*message_buffer*/, - gss_buffer_t message_token ); - -OM_uint32 -_gsskrb5_get_tkt_flags ( - OM_uint32 */*minor_status*/, - gsskrb5_ctx /*ctx*/, - OM_uint32 */*tkt_flags*/); - -OM_uint32 -_gsskrb5_import_cred ( - OM_uint32 */*minor_status*/, - krb5_ccache /*id*/, - krb5_principal /*keytab_principal*/, - krb5_keytab /*keytab*/, - gss_cred_id_t */*cred*/); - -OM_uint32 -_gsskrb5_import_name ( - OM_uint32 * /*minor_status*/, - const gss_buffer_t /*input_name_buffer*/, - const gss_OID /*input_name_type*/, - gss_name_t * output_name ); - -OM_uint32 -_gsskrb5_import_sec_context ( - OM_uint32 * /*minor_status*/, - const gss_buffer_t /*interprocess_token*/, - gss_ctx_id_t * context_handle ); - -OM_uint32 -_gsskrb5_indicate_mechs ( - OM_uint32 * /*minor_status*/, - gss_OID_set * mech_set ); - -krb5_error_code -_gsskrb5_init (krb5_context */*context*/); - -OM_uint32 -_gsskrb5_init_sec_context ( - OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*initiator_cred_handle*/, - gss_ctx_id_t * /*context_handle*/, - const gss_name_t /*target_name*/, - const gss_OID /*mech_type*/, - OM_uint32 /*req_flags*/, - OM_uint32 /*time_req*/, - const gss_channel_bindings_t /*input_chan_bindings*/, - const gss_buffer_t /*input_token*/, - gss_OID * /*actual_mech_type*/, - gss_buffer_t /*output_token*/, - OM_uint32 * /*ret_flags*/, - OM_uint32 * time_rec ); - -OM_uint32 -_gsskrb5_inquire_context ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - gss_name_t * /*src_name*/, - gss_name_t * /*targ_name*/, - OM_uint32 * /*lifetime_rec*/, - gss_OID * /*mech_type*/, - OM_uint32 * /*ctx_flags*/, - int * /*locally_initiated*/, - int * open_context ); - -OM_uint32 -_gsskrb5_inquire_cred ( - OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*cred_handle*/, - gss_name_t * /*output_name*/, - OM_uint32 * /*lifetime*/, - gss_cred_usage_t * /*cred_usage*/, - gss_OID_set * mechanisms ); - -OM_uint32 -_gsskrb5_inquire_cred_by_mech ( - OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*cred_handle*/, - const gss_OID /*mech_type*/, - gss_name_t * /*name*/, - OM_uint32 * /*initiator_lifetime*/, - OM_uint32 * /*acceptor_lifetime*/, - gss_cred_usage_t * cred_usage ); - -OM_uint32 -_gsskrb5_inquire_cred_by_oid ( - OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*cred_handle*/, - const gss_OID /*desired_object*/, - gss_buffer_set_t */*data_set*/); - -OM_uint32 -_gsskrb5_inquire_mechs_for_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*input_name*/, - gss_OID_set * mech_types ); - -OM_uint32 -_gsskrb5_inquire_names_for_mech ( - OM_uint32 * /*minor_status*/, - const gss_OID /*mechanism*/, - gss_OID_set * name_types ); - -OM_uint32 -_gsskrb5_inquire_sec_context_by_oid ( - OM_uint32 */*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - const gss_OID /*desired_object*/, - gss_buffer_set_t */*data_set*/); - -OM_uint32 -_gsskrb5_krb5_ccache_name ( - OM_uint32 */*minor_status*/, - const char */*name*/, - const char **/*out_name*/); - -OM_uint32 -_gsskrb5_lifetime_left ( - OM_uint32 */*minor_status*/, - krb5_context /*context*/, - OM_uint32 /*lifetime*/, - OM_uint32 */*lifetime_rec*/); - -void * -_gsskrb5_make_header ( - void */*ptr*/, - size_t /*len*/, - const void */*type*/, - const gss_OID /*mech*/); - -OM_uint32 -_gsskrb5_process_context_token ( - OM_uint32 */*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - const gss_buffer_t token_buffer ); - -OM_uint32 -_gsskrb5_pseudo_random ( - OM_uint32 */*minor_status*/, - gss_ctx_id_t /*context_handle*/, - int /*prf_key*/, - const gss_buffer_t /*prf_in*/, - ssize_t /*desired_output_len*/, - gss_buffer_t /*prf_out*/); - -OM_uint32 -_gsskrb5_register_acceptor_identity (const char */*identity*/); - -OM_uint32 -_gsskrb5_release_buffer ( - OM_uint32 * /*minor_status*/, - gss_buffer_t buffer ); - -OM_uint32 -_gsskrb5_release_cred ( - OM_uint32 * /*minor_status*/, - gss_cred_id_t * cred_handle ); - -OM_uint32 -_gsskrb5_release_name ( - OM_uint32 * /*minor_status*/, - gss_name_t * input_name ); - -OM_uint32 -_gsskrb5_seal ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t /*context_handle*/, - int /*conf_req_flag*/, - int /*qop_req*/, - gss_buffer_t /*input_message_buffer*/, - int * /*conf_state*/, - gss_buffer_t output_message_buffer ); - -OM_uint32 -_gsskrb5_set_cred_option ( - OM_uint32 */*minor_status*/, - gss_cred_id_t */*cred_handle*/, - const gss_OID /*desired_object*/, - const gss_buffer_t /*value*/); - -OM_uint32 -_gsskrb5_set_sec_context_option ( - OM_uint32 */*minor_status*/, - gss_ctx_id_t */*context_handle*/, - const gss_OID /*desired_object*/, - const gss_buffer_t /*value*/); - -void -_gsskrb5_set_status ( - const char */*fmt*/, - ...); - -OM_uint32 -_gsskrb5_sign ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t /*context_handle*/, - int /*qop_req*/, - gss_buffer_t /*message_buffer*/, - gss_buffer_t message_token ); - -OM_uint32 -_gsskrb5_unseal ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t /*context_handle*/, - gss_buffer_t /*input_message_buffer*/, - gss_buffer_t /*output_message_buffer*/, - int * /*conf_state*/, - int * qop_state ); - -OM_uint32 -_gsskrb5_unwrap ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - const gss_buffer_t /*input_message_buffer*/, - gss_buffer_t /*output_message_buffer*/, - int * /*conf_state*/, - gss_qop_t * qop_state ); - -OM_uint32 -_gsskrb5_verify ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t /*context_handle*/, - gss_buffer_t /*message_buffer*/, - gss_buffer_t /*token_buffer*/, - int * qop_state ); - -OM_uint32 -_gsskrb5_verify_8003_checksum ( - OM_uint32 */*minor_status*/, - const gss_channel_bindings_t /*input_chan_bindings*/, - const Checksum */*cksum*/, - OM_uint32 */*flags*/, - krb5_data */*fwd_data*/); - -OM_uint32 -_gsskrb5_verify_header ( - u_char **/*str*/, - size_t /*total_len*/, - const void */*type*/, - gss_OID /*oid*/); - -OM_uint32 -_gsskrb5_verify_mic ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - const gss_buffer_t /*message_buffer*/, - const gss_buffer_t /*token_buffer*/, - gss_qop_t * qop_state ); - -OM_uint32 -_gsskrb5_verify_mic_internal ( - OM_uint32 * /*minor_status*/, - const gsskrb5_ctx /*context_handle*/, - krb5_context /*context*/, - const gss_buffer_t /*message_buffer*/, - const gss_buffer_t /*token_buffer*/, - gss_qop_t * /*qop_state*/, - char * type ); - -OM_uint32 -_gsskrb5_wrap ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - int /*conf_req_flag*/, - gss_qop_t /*qop_req*/, - const gss_buffer_t /*input_message_buffer*/, - int * /*conf_state*/, - gss_buffer_t output_message_buffer ); - -OM_uint32 -_gsskrb5_wrap_size_limit ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - int /*conf_req_flag*/, - gss_qop_t /*qop_req*/, - OM_uint32 /*req_output_size*/, - OM_uint32 * max_input_size ); - -krb5_error_code -_gsskrb5cfx_max_wrap_length_cfx ( - krb5_context /*context*/, - krb5_crypto /*crypto*/, - int /*conf_req_flag*/, - size_t /*input_length*/, - OM_uint32 */*output_length*/); - -krb5_error_code -_gsskrb5cfx_wrap_length_cfx ( - krb5_context /*context*/, - krb5_crypto /*crypto*/, - int /*conf_req_flag*/, - size_t /*input_length*/, - size_t */*output_length*/, - size_t */*cksumsize*/, - uint16_t */*padlength*/); - -krb5_error_code -_gsskrb5i_address_to_krb5addr ( - krb5_context /*context*/, - OM_uint32 /*gss_addr_type*/, - gss_buffer_desc */*gss_addr*/, - int16_t /*port*/, - krb5_address */*address*/); - -krb5_error_code -_gsskrb5i_get_acceptor_subkey ( - const gsskrb5_ctx /*ctx*/, - krb5_context /*context*/, - krb5_keyblock **/*key*/); - -krb5_error_code -_gsskrb5i_get_initiator_subkey ( - const gsskrb5_ctx /*ctx*/, - krb5_context /*context*/, - krb5_keyblock **/*key*/); - -OM_uint32 -_gsskrb5i_get_token_key ( - const gsskrb5_ctx /*ctx*/, - krb5_context /*context*/, - krb5_keyblock **/*key*/); - -void -_gsskrb5i_is_cfx ( - gsskrb5_ctx /*ctx*/, - int */*is_cfx*/); - -#endif /* __gsskrb5_private_h__ */ diff --git a/crypto/heimdal/lib/gssapi/krb5/gsskrb5_locl.h b/crypto/heimdal/lib/gssapi/krb5/gsskrb5_locl.h deleted file mode 100644 index 6ffb6070352f..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/gsskrb5_locl.h +++ /dev/null @@ -1,134 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: gsskrb5_locl.h 20324 2007-04-12 16:46:01Z lha $ */ - -#ifndef GSSKRB5_LOCL_H -#define GSSKRB5_LOCL_H - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include - -#include "cfx.h" - -/* - * - */ - -struct gss_msg_order; - -typedef struct { - struct krb5_auth_context_data *auth_context; - krb5_principal source, target; -#define IS_DCE_STYLE(ctx) (((ctx)->flags & GSS_C_DCE_STYLE) != 0) - OM_uint32 flags; - enum { LOCAL = 1, OPEN = 2, - COMPAT_OLD_DES3 = 4, - COMPAT_OLD_DES3_SELECTED = 8, - ACCEPTOR_SUBKEY = 16 - } more_flags; - enum gss_ctx_id_t_state { - /* initiator states */ - INITIATOR_START, - INITIATOR_WAIT_FOR_MUTAL, - INITIATOR_READY, - /* acceptor states */ - ACCEPTOR_START, - ACCEPTOR_WAIT_FOR_DCESTYLE, - ACCEPTOR_READY - } state; - struct krb5_ticket *ticket; - OM_uint32 lifetime; - HEIMDAL_MUTEX ctx_id_mutex; - struct gss_msg_order *order; - krb5_keyblock *service_keyblock; - krb5_data fwd_data; -} *gsskrb5_ctx; - -typedef struct { - krb5_principal principal; - int cred_flags; -#define GSS_CF_DESTROY_CRED_ON_RELEASE 1 - struct krb5_keytab_data *keytab; - OM_uint32 lifetime; - gss_cred_usage_t usage; - gss_OID_set mechanisms; - struct krb5_ccache_data *ccache; - HEIMDAL_MUTEX cred_id_mutex; - krb5_enctype *enctypes; -} *gsskrb5_cred; - -typedef struct Principal *gsskrb5_name; - -/* - * - */ - -extern krb5_keytab _gsskrb5_keytab; -extern HEIMDAL_MUTEX gssapi_keytab_mutex; - -struct gssapi_thr_context { - HEIMDAL_MUTEX mutex; - char *error_string; -}; - -/* - * Prototypes - */ - -#include - -#define GSSAPI_KRB5_INIT(ctx) do { \ - krb5_error_code kret_gss_init; \ - if((kret_gss_init = _gsskrb5_init (ctx)) != 0) { \ - *minor_status = kret_gss_init; \ - return GSS_S_FAILURE; \ - } \ -} while (0) - -/* sec_context flags */ - -#define SC_LOCAL_ADDRESS 0x01 -#define SC_REMOTE_ADDRESS 0x02 -#define SC_KEYBLOCK 0x04 -#define SC_LOCAL_SUBKEY 0x08 -#define SC_REMOTE_SUBKEY 0x10 - -#endif diff --git a/crypto/heimdal/lib/gssapi/krb5/import_name.c b/crypto/heimdal/lib/gssapi/krb5/import_name.c deleted file mode 100644 index bf31db923256..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/import_name.c +++ /dev/null @@ -1,225 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: import_name.c 19031 2006-11-13 18:02:57Z lha $"); - -static OM_uint32 -parse_krb5_name (OM_uint32 *minor_status, - krb5_context context, - const char *name, - gss_name_t *output_name) -{ - krb5_principal princ; - krb5_error_code kerr; - - kerr = krb5_parse_name (context, name, &princ); - - if (kerr == 0) { - *output_name = (gss_name_t)princ; - return GSS_S_COMPLETE; - } - *minor_status = kerr; - - if (kerr == KRB5_PARSE_ILLCHAR || kerr == KRB5_PARSE_MALFORMED) - return GSS_S_BAD_NAME; - - return GSS_S_FAILURE; -} - -static OM_uint32 -import_krb5_name (OM_uint32 *minor_status, - krb5_context context, - const gss_buffer_t input_name_buffer, - gss_name_t *output_name) -{ - OM_uint32 ret; - char *tmp; - - tmp = malloc (input_name_buffer->length + 1); - if (tmp == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - memcpy (tmp, - input_name_buffer->value, - input_name_buffer->length); - tmp[input_name_buffer->length] = '\0'; - - ret = parse_krb5_name(minor_status, context, tmp, output_name); - free(tmp); - - return ret; -} - -static OM_uint32 -import_hostbased_name (OM_uint32 *minor_status, - krb5_context context, - const gss_buffer_t input_name_buffer, - gss_name_t *output_name) -{ - krb5_error_code kerr; - char *tmp; - char *p; - char *host; - char local_hostname[MAXHOSTNAMELEN]; - krb5_principal princ = NULL; - - tmp = malloc (input_name_buffer->length + 1); - if (tmp == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - memcpy (tmp, - input_name_buffer->value, - input_name_buffer->length); - tmp[input_name_buffer->length] = '\0'; - - p = strchr (tmp, '@'); - if (p != NULL) { - *p = '\0'; - host = p + 1; - } else { - if (gethostname(local_hostname, sizeof(local_hostname)) < 0) { - *minor_status = errno; - free (tmp); - return GSS_S_FAILURE; - } - host = local_hostname; - } - - kerr = krb5_sname_to_principal (context, - host, - tmp, - KRB5_NT_SRV_HST, - &princ); - free (tmp); - *minor_status = kerr; - if (kerr == 0) { - *output_name = (gss_name_t)princ; - return GSS_S_COMPLETE; - } - - if (kerr == KRB5_PARSE_ILLCHAR || kerr == KRB5_PARSE_MALFORMED) - return GSS_S_BAD_NAME; - - return GSS_S_FAILURE; -} - -static OM_uint32 -import_export_name (OM_uint32 *minor_status, - krb5_context context, - const gss_buffer_t input_name_buffer, - gss_name_t *output_name) -{ - unsigned char *p; - uint32_t length; - OM_uint32 ret; - char *name; - - if (input_name_buffer->length < 10 + GSS_KRB5_MECHANISM->length) - return GSS_S_BAD_NAME; - - /* TOK, MECH_OID_LEN, DER(MECH_OID), NAME_LEN, NAME */ - - p = input_name_buffer->value; - - if (memcmp(&p[0], "\x04\x01\x00", 3) != 0 || - p[3] != GSS_KRB5_MECHANISM->length + 2 || - p[4] != 0x06 || - p[5] != GSS_KRB5_MECHANISM->length || - memcmp(&p[6], GSS_KRB5_MECHANISM->elements, - GSS_KRB5_MECHANISM->length) != 0) - return GSS_S_BAD_NAME; - - p += 6 + GSS_KRB5_MECHANISM->length; - - length = p[0] << 24 | p[1] << 16 | p[2] << 8 | p[3]; - p += 4; - - if (length > input_name_buffer->length - 10 - GSS_KRB5_MECHANISM->length) - return GSS_S_BAD_NAME; - - name = malloc(length + 1); - if (name == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - memcpy(name, p, length); - name[length] = '\0'; - - ret = parse_krb5_name(minor_status, context, name, output_name); - free(name); - - return ret; -} - -OM_uint32 _gsskrb5_import_name - (OM_uint32 * minor_status, - const gss_buffer_t input_name_buffer, - const gss_OID input_name_type, - gss_name_t * output_name - ) -{ - krb5_context context; - - *minor_status = 0; - *output_name = GSS_C_NO_NAME; - - GSSAPI_KRB5_INIT (&context); - - if (gss_oid_equal(input_name_type, GSS_C_NT_HOSTBASED_SERVICE) || - gss_oid_equal(input_name_type, GSS_C_NT_HOSTBASED_SERVICE_X)) - return import_hostbased_name (minor_status, - context, - input_name_buffer, - output_name); - else if (gss_oid_equal(input_name_type, GSS_C_NO_OID) - || gss_oid_equal(input_name_type, GSS_C_NT_USER_NAME) - || gss_oid_equal(input_name_type, GSS_KRB5_NT_PRINCIPAL_NAME)) - /* default printable syntax */ - return import_krb5_name (minor_status, - context, - input_name_buffer, - output_name); - else if (gss_oid_equal(input_name_type, GSS_C_NT_EXPORT_NAME)) { - return import_export_name(minor_status, - context, - input_name_buffer, - output_name); - } else { - *minor_status = 0; - return GSS_S_BAD_NAMETYPE; - } -} diff --git a/crypto/heimdal/lib/gssapi/krb5/import_sec_context.c b/crypto/heimdal/lib/gssapi/krb5/import_sec_context.c deleted file mode 100644 index 3300036a81b3..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/import_sec_context.c +++ /dev/null @@ -1,229 +0,0 @@ -/* - * Copyright (c) 1999 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: import_sec_context.c 19031 2006-11-13 18:02:57Z lha $"); - -OM_uint32 -_gsskrb5_import_sec_context ( - OM_uint32 * minor_status, - const gss_buffer_t interprocess_token, - gss_ctx_id_t * context_handle - ) -{ - OM_uint32 ret = GSS_S_FAILURE; - krb5_context context; - krb5_error_code kret; - krb5_storage *sp; - krb5_auth_context ac; - krb5_address local, remote; - krb5_address *localp, *remotep; - krb5_data data; - gss_buffer_desc buffer; - krb5_keyblock keyblock; - int32_t tmp; - int32_t flags; - gsskrb5_ctx ctx; - gss_name_t name; - - GSSAPI_KRB5_INIT (&context); - - *context_handle = GSS_C_NO_CONTEXT; - - localp = remotep = NULL; - - sp = krb5_storage_from_mem (interprocess_token->value, - interprocess_token->length); - if (sp == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - ctx = calloc(1, sizeof(*ctx)); - if (ctx == NULL) { - *minor_status = ENOMEM; - krb5_storage_free (sp); - return GSS_S_FAILURE; - } - HEIMDAL_MUTEX_init(&ctx->ctx_id_mutex); - - kret = krb5_auth_con_init (context, - &ctx->auth_context); - if (kret) { - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } - - /* flags */ - - *minor_status = 0; - - if (krb5_ret_int32 (sp, &flags) != 0) - goto failure; - - /* retrieve the auth context */ - - ac = ctx->auth_context; - if (krb5_ret_uint32 (sp, &ac->flags) != 0) - goto failure; - if (flags & SC_LOCAL_ADDRESS) { - if (krb5_ret_address (sp, localp = &local) != 0) - goto failure; - } - - if (flags & SC_REMOTE_ADDRESS) { - if (krb5_ret_address (sp, remotep = &remote) != 0) - goto failure; - } - - krb5_auth_con_setaddrs (context, ac, localp, remotep); - if (localp) - krb5_free_address (context, localp); - if (remotep) - krb5_free_address (context, remotep); - localp = remotep = NULL; - - if (krb5_ret_int16 (sp, &ac->local_port) != 0) - goto failure; - - if (krb5_ret_int16 (sp, &ac->remote_port) != 0) - goto failure; - if (flags & SC_KEYBLOCK) { - if (krb5_ret_keyblock (sp, &keyblock) != 0) - goto failure; - krb5_auth_con_setkey (context, ac, &keyblock); - krb5_free_keyblock_contents (context, &keyblock); - } - if (flags & SC_LOCAL_SUBKEY) { - if (krb5_ret_keyblock (sp, &keyblock) != 0) - goto failure; - krb5_auth_con_setlocalsubkey (context, ac, &keyblock); - krb5_free_keyblock_contents (context, &keyblock); - } - if (flags & SC_REMOTE_SUBKEY) { - if (krb5_ret_keyblock (sp, &keyblock) != 0) - goto failure; - krb5_auth_con_setremotesubkey (context, ac, &keyblock); - krb5_free_keyblock_contents (context, &keyblock); - } - if (krb5_ret_uint32 (sp, &ac->local_seqnumber)) - goto failure; - if (krb5_ret_uint32 (sp, &ac->remote_seqnumber)) - goto failure; - - if (krb5_ret_int32 (sp, &tmp) != 0) - goto failure; - ac->keytype = tmp; - if (krb5_ret_int32 (sp, &tmp) != 0) - goto failure; - ac->cksumtype = tmp; - - /* names */ - - if (krb5_ret_data (sp, &data)) - goto failure; - buffer.value = data.data; - buffer.length = data.length; - - ret = _gsskrb5_import_name (minor_status, &buffer, GSS_C_NT_EXPORT_NAME, - &name); - if (ret) { - ret = _gsskrb5_import_name (minor_status, &buffer, GSS_C_NO_OID, - &name); - if (ret) { - krb5_data_free (&data); - goto failure; - } - } - ctx->source = (krb5_principal)name; - krb5_data_free (&data); - - if (krb5_ret_data (sp, &data) != 0) - goto failure; - buffer.value = data.data; - buffer.length = data.length; - - ret = _gsskrb5_import_name (minor_status, &buffer, GSS_C_NT_EXPORT_NAME, - &name); - if (ret) { - ret = _gsskrb5_import_name (minor_status, &buffer, GSS_C_NO_OID, - &name); - if (ret) { - krb5_data_free (&data); - goto failure; - } - } - ctx->target = (krb5_principal)name; - krb5_data_free (&data); - - if (krb5_ret_int32 (sp, &tmp)) - goto failure; - ctx->flags = tmp; - if (krb5_ret_int32 (sp, &tmp)) - goto failure; - ctx->more_flags = tmp; - if (krb5_ret_int32 (sp, &tmp)) - goto failure; - ctx->lifetime = tmp; - - ret = _gssapi_msg_order_import(minor_status, sp, &ctx->order); - if (ret) - goto failure; - - krb5_storage_free (sp); - - *context_handle = (gss_ctx_id_t)ctx; - - return GSS_S_COMPLETE; - -failure: - krb5_auth_con_free (context, - ctx->auth_context); - if (ctx->source != NULL) - krb5_free_principal(context, ctx->source); - if (ctx->target != NULL) - krb5_free_principal(context, ctx->target); - if (localp) - krb5_free_address (context, localp); - if (remotep) - krb5_free_address (context, remotep); - if(ctx->order) - _gssapi_msg_order_destroy(&ctx->order); - HEIMDAL_MUTEX_destroy(&ctx->ctx_id_mutex); - krb5_storage_free (sp); - free (ctx); - *context_handle = GSS_C_NO_CONTEXT; - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/indicate_mechs.c b/crypto/heimdal/lib/gssapi/krb5/indicate_mechs.c deleted file mode 100644 index eb886c24d347..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/indicate_mechs.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 1997 - 2001, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: indicate_mechs.c 20688 2007-05-17 18:44:31Z lha $"); - -OM_uint32 _gsskrb5_indicate_mechs - (OM_uint32 * minor_status, - gss_OID_set * mech_set - ) -{ - OM_uint32 ret, junk; - - ret = gss_create_empty_oid_set(minor_status, mech_set); - if (ret) - return ret; - - ret = gss_add_oid_set_member(minor_status, GSS_KRB5_MECHANISM, mech_set); - if (ret) { - gss_release_oid_set(&junk, mech_set); - return ret; - } - - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/init.c b/crypto/heimdal/lib/gssapi/krb5/init.c deleted file mode 100644 index 3bbdcc8ff1a2..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/init.c +++ /dev/null @@ -1,83 +0,0 @@ -/* - * Copyright (c) 1997 - 2001, 2003, 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: init.c 19031 2006-11-13 18:02:57Z lha $"); - -static HEIMDAL_MUTEX context_mutex = HEIMDAL_MUTEX_INITIALIZER; -static int created_key; -static HEIMDAL_thread_key context_key; - -static void -destroy_context(void *ptr) -{ - krb5_context context = ptr; - - if (context == NULL) - return; - krb5_free_context(context); -} - -krb5_error_code -_gsskrb5_init (krb5_context *context) -{ - krb5_error_code ret = 0; - - HEIMDAL_MUTEX_lock(&context_mutex); - - if (!created_key) { - HEIMDAL_key_create(&context_key, destroy_context, ret); - if (ret) { - HEIMDAL_MUTEX_unlock(&context_mutex); - return ret; - } - created_key = 1; - } - HEIMDAL_MUTEX_unlock(&context_mutex); - - *context = HEIMDAL_getspecific(context_key); - if (*context == NULL) { - - ret = krb5_init_context(context); - if (ret == 0) { - HEIMDAL_setspecific(context_key, *context, ret); - if (ret) { - krb5_free_context(*context); - *context = NULL; - } - } - } - - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/init_sec_context.c b/crypto/heimdal/lib/gssapi/krb5/init_sec_context.c deleted file mode 100644 index 05f7978e4337..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/init_sec_context.c +++ /dev/null @@ -1,811 +0,0 @@ -/* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: init_sec_context.c 22071 2007-11-14 20:04:50Z lha $"); - -/* - * copy the addresses from `input_chan_bindings' (if any) to - * the auth context `ac' - */ - -static OM_uint32 -set_addresses (krb5_context context, - krb5_auth_context ac, - const gss_channel_bindings_t input_chan_bindings) -{ - /* Port numbers are expected to be in application_data.value, - * initator's port first */ - - krb5_address initiator_addr, acceptor_addr; - krb5_error_code kret; - - if (input_chan_bindings == GSS_C_NO_CHANNEL_BINDINGS - || input_chan_bindings->application_data.length != - 2 * sizeof(ac->local_port)) - return 0; - - memset(&initiator_addr, 0, sizeof(initiator_addr)); - memset(&acceptor_addr, 0, sizeof(acceptor_addr)); - - ac->local_port = - *(int16_t *) input_chan_bindings->application_data.value; - - ac->remote_port = - *((int16_t *) input_chan_bindings->application_data.value + 1); - - kret = _gsskrb5i_address_to_krb5addr(context, - input_chan_bindings->acceptor_addrtype, - &input_chan_bindings->acceptor_address, - ac->remote_port, - &acceptor_addr); - if (kret) - return kret; - - kret = _gsskrb5i_address_to_krb5addr(context, - input_chan_bindings->initiator_addrtype, - &input_chan_bindings->initiator_address, - ac->local_port, - &initiator_addr); - if (kret) { - krb5_free_address (context, &acceptor_addr); - return kret; - } - - kret = krb5_auth_con_setaddrs(context, - ac, - &initiator_addr, /* local address */ - &acceptor_addr); /* remote address */ - - krb5_free_address (context, &initiator_addr); - krb5_free_address (context, &acceptor_addr); - -#if 0 - free(input_chan_bindings->application_data.value); - input_chan_bindings->application_data.value = NULL; - input_chan_bindings->application_data.length = 0; -#endif - - return kret; -} - -OM_uint32 -_gsskrb5_create_ctx( - OM_uint32 * minor_status, - gss_ctx_id_t * context_handle, - krb5_context context, - const gss_channel_bindings_t input_chan_bindings, - enum gss_ctx_id_t_state state) -{ - krb5_error_code kret; - gsskrb5_ctx ctx; - - *context_handle = NULL; - - ctx = malloc(sizeof(*ctx)); - if (ctx == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - ctx->auth_context = NULL; - ctx->source = NULL; - ctx->target = NULL; - ctx->state = state; - ctx->flags = 0; - ctx->more_flags = 0; - ctx->service_keyblock = NULL; - ctx->ticket = NULL; - krb5_data_zero(&ctx->fwd_data); - ctx->lifetime = GSS_C_INDEFINITE; - ctx->order = NULL; - HEIMDAL_MUTEX_init(&ctx->ctx_id_mutex); - - kret = krb5_auth_con_init (context, &ctx->auth_context); - if (kret) { - *minor_status = kret; - - HEIMDAL_MUTEX_destroy(&ctx->ctx_id_mutex); - - return GSS_S_FAILURE; - } - - kret = set_addresses(context, ctx->auth_context, input_chan_bindings); - if (kret) { - *minor_status = kret; - - HEIMDAL_MUTEX_destroy(&ctx->ctx_id_mutex); - - krb5_auth_con_free(context, ctx->auth_context); - - return GSS_S_BAD_BINDINGS; - } - - /* - * We need a sequence number - */ - - krb5_auth_con_addflags(context, - ctx->auth_context, - KRB5_AUTH_CONTEXT_DO_SEQUENCE | - KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED, - NULL); - - *context_handle = (gss_ctx_id_t)ctx; - - return GSS_S_COMPLETE; -} - - -static OM_uint32 -gsskrb5_get_creds( - OM_uint32 * minor_status, - krb5_context context, - krb5_ccache ccache, - gsskrb5_ctx ctx, - krb5_const_principal target_name, - OM_uint32 time_req, - OM_uint32 * time_rec, - krb5_creds ** cred) -{ - OM_uint32 ret; - krb5_error_code kret; - krb5_creds this_cred; - OM_uint32 lifetime_rec; - - *cred = NULL; - - memset(&this_cred, 0, sizeof(this_cred)); - this_cred.client = ctx->source; - this_cred.server = ctx->target; - - if (time_req && time_req != GSS_C_INDEFINITE) { - krb5_timestamp ts; - - krb5_timeofday (context, &ts); - this_cred.times.endtime = ts + time_req; - } else { - this_cred.times.endtime = 0; - } - - this_cred.session.keytype = KEYTYPE_NULL; - - kret = krb5_get_credentials(context, - 0, - ccache, - &this_cred, - cred); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } - - ctx->lifetime = (*cred)->times.endtime; - - ret = _gsskrb5_lifetime_left(minor_status, context, - ctx->lifetime, &lifetime_rec); - if (ret) return ret; - - if (lifetime_rec == 0) { - *minor_status = 0; - return GSS_S_CONTEXT_EXPIRED; - } - - if (time_rec) *time_rec = lifetime_rec; - - return GSS_S_COMPLETE; -} - -static OM_uint32 -gsskrb5_initiator_ready( - OM_uint32 * minor_status, - gsskrb5_ctx ctx, - krb5_context context) -{ - OM_uint32 ret; - int32_t seq_number; - int is_cfx = 0; - OM_uint32 flags = ctx->flags; - - krb5_auth_getremoteseqnumber (context, - ctx->auth_context, - &seq_number); - - _gsskrb5i_is_cfx(ctx, &is_cfx); - - ret = _gssapi_msg_order_create(minor_status, - &ctx->order, - _gssapi_msg_order_f(flags), - seq_number, 0, is_cfx); - if (ret) return ret; - - ctx->state = INITIATOR_READY; - ctx->more_flags |= OPEN; - - return GSS_S_COMPLETE; -} - -/* - * handle delegated creds in init-sec-context - */ - -static void -do_delegation (krb5_context context, - krb5_auth_context ac, - krb5_ccache ccache, - krb5_creds *cred, - krb5_const_principal name, - krb5_data *fwd_data, - uint32_t *flags) -{ - krb5_creds creds; - KDCOptions fwd_flags; - krb5_error_code kret; - - memset (&creds, 0, sizeof(creds)); - krb5_data_zero (fwd_data); - - kret = krb5_cc_get_principal(context, ccache, &creds.client); - if (kret) - goto out; - - kret = krb5_build_principal(context, - &creds.server, - strlen(creds.client->realm), - creds.client->realm, - KRB5_TGS_NAME, - creds.client->realm, - NULL); - if (kret) - goto out; - - creds.times.endtime = 0; - - memset(&fwd_flags, 0, sizeof(fwd_flags)); - fwd_flags.forwarded = 1; - fwd_flags.forwardable = 1; - - if ( /*target_name->name.name_type != KRB5_NT_SRV_HST ||*/ - name->name.name_string.len < 2) - goto out; - - kret = krb5_get_forwarded_creds(context, - ac, - ccache, - KDCOptions2int(fwd_flags), - name->name.name_string.val[1], - &creds, - fwd_data); - - out: - if (kret) - *flags &= ~GSS_C_DELEG_FLAG; - else - *flags |= GSS_C_DELEG_FLAG; - - if (creds.client) - krb5_free_principal(context, creds.client); - if (creds.server) - krb5_free_principal(context, creds.server); -} - -/* - * first stage of init-sec-context - */ - -static OM_uint32 -init_auth -(OM_uint32 * minor_status, - gsskrb5_cred initiator_cred_handle, - gsskrb5_ctx ctx, - krb5_context context, - krb5_const_principal name, - const gss_OID mech_type, - OM_uint32 req_flags, - OM_uint32 time_req, - const gss_channel_bindings_t input_chan_bindings, - const gss_buffer_t input_token, - gss_OID * actual_mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec - ) -{ - OM_uint32 ret = GSS_S_FAILURE; - krb5_error_code kret; - krb5_flags ap_options; - krb5_creds *cred = NULL; - krb5_data outbuf; - krb5_ccache ccache = NULL; - uint32_t flags; - krb5_data authenticator; - Checksum cksum; - krb5_enctype enctype; - krb5_data fwd_data; - OM_uint32 lifetime_rec; - - krb5_data_zero(&outbuf); - krb5_data_zero(&fwd_data); - - *minor_status = 0; - - if (actual_mech_type) - *actual_mech_type = GSS_KRB5_MECHANISM; - - if (initiator_cred_handle == NULL) { - kret = krb5_cc_default (context, &ccache); - if (kret) { - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } - } else - ccache = initiator_cred_handle->ccache; - - kret = krb5_cc_get_principal (context, ccache, &ctx->source); - if (kret) { - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } - - kret = krb5_copy_principal (context, name, &ctx->target); - if (kret) { - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } - - ret = _gss_DES3_get_mic_compat(minor_status, ctx, context); - if (ret) - goto failure; - - - /* - * This is hideous glue for (NFS) clients that wants to limit the - * available enctypes to what it can support (encryption in - * kernel). If there is no enctypes selected for this credential, - * reset it to the default set of enctypes. - */ - { - krb5_enctype *enctypes = NULL; - - if (initiator_cred_handle && initiator_cred_handle->enctypes) - enctypes = initiator_cred_handle->enctypes; - krb5_set_default_in_tkt_etypes(context, enctypes); - } - - ret = gsskrb5_get_creds(minor_status, - context, - ccache, - ctx, - ctx->target, - time_req, - time_rec, - &cred); - if (ret) - goto failure; - - ctx->lifetime = cred->times.endtime; - - ret = _gsskrb5_lifetime_left(minor_status, - context, - ctx->lifetime, - &lifetime_rec); - if (ret) { - goto failure; - } - - if (lifetime_rec == 0) { - *minor_status = 0; - ret = GSS_S_CONTEXT_EXPIRED; - goto failure; - } - - krb5_auth_con_setkey(context, - ctx->auth_context, - &cred->session); - - kret = krb5_auth_con_generatelocalsubkey(context, - ctx->auth_context, - &cred->session); - if(kret) { - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } - - /* - * If the credential doesn't have ok-as-delegate, check what local - * policy say about ok-as-delegate, default is FALSE that makes - * code ignore the KDC setting and follow what the application - * requested. If it is TRUE, strip of the GSS_C_DELEG_FLAG if the - * KDC doesn't set ok-as-delegate. - */ - if (!cred->flags.b.ok_as_delegate) { - krb5_boolean delegate; - - krb5_appdefault_boolean(context, - "gssapi", name->realm, - "ok-as-delegate", FALSE, &delegate); - if (delegate) - req_flags &= ~GSS_C_DELEG_FLAG; - } - - flags = 0; - ap_options = 0; - if (req_flags & GSS_C_DELEG_FLAG) - do_delegation (context, - ctx->auth_context, - ccache, cred, name, &fwd_data, &flags); - - if (req_flags & GSS_C_MUTUAL_FLAG) { - flags |= GSS_C_MUTUAL_FLAG; - ap_options |= AP_OPTS_MUTUAL_REQUIRED; - } - - if (req_flags & GSS_C_REPLAY_FLAG) - flags |= GSS_C_REPLAY_FLAG; - if (req_flags & GSS_C_SEQUENCE_FLAG) - flags |= GSS_C_SEQUENCE_FLAG; - if (req_flags & GSS_C_ANON_FLAG) - ; /* XXX */ - if (req_flags & GSS_C_DCE_STYLE) { - /* GSS_C_DCE_STYLE implies GSS_C_MUTUAL_FLAG */ - flags |= GSS_C_DCE_STYLE | GSS_C_MUTUAL_FLAG; - ap_options |= AP_OPTS_MUTUAL_REQUIRED; - } - if (req_flags & GSS_C_IDENTIFY_FLAG) - flags |= GSS_C_IDENTIFY_FLAG; - if (req_flags & GSS_C_EXTENDED_ERROR_FLAG) - flags |= GSS_C_EXTENDED_ERROR_FLAG; - - flags |= GSS_C_CONF_FLAG; - flags |= GSS_C_INTEG_FLAG; - flags |= GSS_C_TRANS_FLAG; - - if (ret_flags) - *ret_flags = flags; - ctx->flags = flags; - ctx->more_flags |= LOCAL; - - ret = _gsskrb5_create_8003_checksum (minor_status, - input_chan_bindings, - flags, - &fwd_data, - &cksum); - krb5_data_free (&fwd_data); - if (ret) - goto failure; - - enctype = ctx->auth_context->keyblock->keytype; - - kret = krb5_build_authenticator (context, - ctx->auth_context, - enctype, - cred, - &cksum, - NULL, - &authenticator, - KRB5_KU_AP_REQ_AUTH); - - if (kret) { - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } - - kret = krb5_build_ap_req (context, - enctype, - cred, - ap_options, - authenticator, - &outbuf); - - if (kret) { - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } - - ret = _gsskrb5_encapsulate (minor_status, &outbuf, output_token, - (u_char *)"\x01\x00", GSS_KRB5_MECHANISM); - if (ret) - goto failure; - - krb5_data_free (&outbuf); - krb5_free_creds(context, cred); - free_Checksum(&cksum); - if (initiator_cred_handle == NULL) - krb5_cc_close(context, ccache); - - if (flags & GSS_C_MUTUAL_FLAG) { - ctx->state = INITIATOR_WAIT_FOR_MUTAL; - return GSS_S_CONTINUE_NEEDED; - } - - return gsskrb5_initiator_ready(minor_status, ctx, context); -failure: - if(cred) - krb5_free_creds(context, cred); - if (ccache && initiator_cred_handle == NULL) - krb5_cc_close(context, ccache); - - return ret; - -} - -static OM_uint32 -repl_mutual -(OM_uint32 * minor_status, - gsskrb5_ctx ctx, - krb5_context context, - const gss_OID mech_type, - OM_uint32 req_flags, - OM_uint32 time_req, - const gss_channel_bindings_t input_chan_bindings, - const gss_buffer_t input_token, - gss_OID * actual_mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec - ) -{ - OM_uint32 ret; - krb5_error_code kret; - krb5_data indata; - krb5_ap_rep_enc_part *repl; - int is_cfx = 0; - - output_token->length = 0; - output_token->value = NULL; - - if (actual_mech_type) - *actual_mech_type = GSS_KRB5_MECHANISM; - - if (ctx->flags & GSS_C_DCE_STYLE) { - /* There is no OID wrapping. */ - indata.length = input_token->length; - indata.data = input_token->value; - } else { - ret = _gsskrb5_decapsulate (minor_status, - input_token, - &indata, - "\x02\x00", - GSS_KRB5_MECHANISM); - if (ret) { - /* XXX - Handle AP_ERROR */ - return ret; - } - } - - kret = krb5_rd_rep (context, - ctx->auth_context, - &indata, - &repl); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } - krb5_free_ap_rep_enc_part (context, - repl); - - _gsskrb5i_is_cfx(ctx, &is_cfx); - if (is_cfx) { - krb5_keyblock *key = NULL; - - kret = krb5_auth_con_getremotesubkey(context, - ctx->auth_context, - &key); - if (kret == 0 && key != NULL) { - ctx->more_flags |= ACCEPTOR_SUBKEY; - krb5_free_keyblock (context, key); - } - } - - - *minor_status = 0; - if (time_rec) { - ret = _gsskrb5_lifetime_left(minor_status, - context, - ctx->lifetime, - time_rec); - } else { - ret = GSS_S_COMPLETE; - } - if (ret_flags) - *ret_flags = ctx->flags; - - if (req_flags & GSS_C_DCE_STYLE) { - int32_t con_flags; - krb5_data outbuf; - - /* Do don't do sequence number for the mk-rep */ - krb5_auth_con_removeflags(context, - ctx->auth_context, - KRB5_AUTH_CONTEXT_DO_SEQUENCE, - &con_flags); - - kret = krb5_mk_rep(context, - ctx->auth_context, - &outbuf); - if (kret) { - *minor_status = kret; - return GSS_S_FAILURE; - } - - output_token->length = outbuf.length; - output_token->value = outbuf.data; - - krb5_auth_con_removeflags(context, - ctx->auth_context, - KRB5_AUTH_CONTEXT_DO_SEQUENCE, - NULL); - } - - return gsskrb5_initiator_ready(minor_status, ctx, context); -} - -/* - * gss_init_sec_context - */ - -OM_uint32 _gsskrb5_init_sec_context -(OM_uint32 * minor_status, - const gss_cred_id_t initiator_cred_handle, - gss_ctx_id_t * context_handle, - const gss_name_t target_name, - const gss_OID mech_type, - OM_uint32 req_flags, - OM_uint32 time_req, - const gss_channel_bindings_t input_chan_bindings, - const gss_buffer_t input_token, - gss_OID * actual_mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec - ) -{ - krb5_context context; - gsskrb5_cred cred = (gsskrb5_cred)initiator_cred_handle; - krb5_const_principal name = (krb5_const_principal)target_name; - gsskrb5_ctx ctx; - OM_uint32 ret; - - GSSAPI_KRB5_INIT (&context); - - output_token->length = 0; - output_token->value = NULL; - - if (context_handle == NULL) { - *minor_status = 0; - return GSS_S_FAILURE | GSS_S_CALL_BAD_STRUCTURE; - } - - if (ret_flags) - *ret_flags = 0; - if (time_rec) - *time_rec = 0; - - if (target_name == GSS_C_NO_NAME) { - if (actual_mech_type) - *actual_mech_type = GSS_C_NO_OID; - *minor_status = 0; - return GSS_S_BAD_NAME; - } - - if (mech_type != GSS_C_NO_OID && - !gss_oid_equal(mech_type, GSS_KRB5_MECHANISM)) - return GSS_S_BAD_MECH; - - if (input_token == GSS_C_NO_BUFFER || input_token->length == 0) { - OM_uint32 ret; - - if (*context_handle != GSS_C_NO_CONTEXT) { - *minor_status = 0; - return GSS_S_FAILURE | GSS_S_CALL_BAD_STRUCTURE; - } - - ret = _gsskrb5_create_ctx(minor_status, - context_handle, - context, - input_chan_bindings, - INITIATOR_START); - if (ret) - return ret; - } - - if (*context_handle == GSS_C_NO_CONTEXT) { - *minor_status = 0; - return GSS_S_FAILURE | GSS_S_CALL_BAD_STRUCTURE; - } - - ctx = (gsskrb5_ctx) *context_handle; - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - - switch (ctx->state) { - case INITIATOR_START: - ret = init_auth(minor_status, - cred, - ctx, - context, - name, - mech_type, - req_flags, - time_req, - input_chan_bindings, - input_token, - actual_mech_type, - output_token, - ret_flags, - time_rec); - break; - case INITIATOR_WAIT_FOR_MUTAL: - ret = repl_mutual(minor_status, - ctx, - context, - mech_type, - req_flags, - time_req, - input_chan_bindings, - input_token, - actual_mech_type, - output_token, - ret_flags, - time_rec); - break; - case INITIATOR_READY: - /* - * If we get there, the caller have called - * gss_init_sec_context() one time too many. - */ - *minor_status = 0; - ret = GSS_S_BAD_STATUS; - break; - default: - *minor_status = 0; - ret = GSS_S_BAD_STATUS; - break; - } - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - - /* destroy context in case of error */ - if (GSS_ERROR(ret)) { - OM_uint32 min2; - _gsskrb5_delete_sec_context(&min2, context_handle, GSS_C_NO_BUFFER); - } - - return ret; - -} diff --git a/crypto/heimdal/lib/gssapi/krb5/inquire_context.c b/crypto/heimdal/lib/gssapi/krb5/inquire_context.c deleted file mode 100644 index 41430568b005..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/inquire_context.c +++ /dev/null @@ -1,112 +0,0 @@ -/* - * Copyright (c) 1997, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: inquire_context.c 19031 2006-11-13 18:02:57Z lha $"); - -OM_uint32 _gsskrb5_inquire_context ( - OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - gss_name_t * src_name, - gss_name_t * targ_name, - OM_uint32 * lifetime_rec, - gss_OID * mech_type, - OM_uint32 * ctx_flags, - int * locally_initiated, - int * open_context - ) -{ - krb5_context context; - OM_uint32 ret; - gsskrb5_ctx ctx = (gsskrb5_ctx)context_handle; - gss_name_t name; - - if (src_name) - *src_name = GSS_C_NO_NAME; - if (targ_name) - *targ_name = GSS_C_NO_NAME; - - GSSAPI_KRB5_INIT (&context); - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - - if (src_name) { - name = (gss_name_t)ctx->source; - ret = _gsskrb5_duplicate_name (minor_status, name, src_name); - if (ret) - goto failed; - } - - if (targ_name) { - name = (gss_name_t)ctx->target; - ret = _gsskrb5_duplicate_name (minor_status, name, targ_name); - if (ret) - goto failed; - } - - if (lifetime_rec) { - ret = _gsskrb5_lifetime_left(minor_status, - context, - ctx->lifetime, - lifetime_rec); - if (ret) - goto failed; - } - - if (mech_type) - *mech_type = GSS_KRB5_MECHANISM; - - if (ctx_flags) - *ctx_flags = ctx->flags; - - if (locally_initiated) - *locally_initiated = ctx->more_flags & LOCAL; - - if (open_context) - *open_context = ctx->more_flags & OPEN; - - *minor_status = 0; - - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - return GSS_S_COMPLETE; - -failed: - if (src_name) - _gsskrb5_release_name(NULL, src_name); - if (targ_name) - _gsskrb5_release_name(NULL, targ_name); - - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/inquire_cred.c b/crypto/heimdal/lib/gssapi/krb5/inquire_cred.c deleted file mode 100644 index 47bf71e686ff..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/inquire_cred.c +++ /dev/null @@ -1,182 +0,0 @@ -/* - * Copyright (c) 1997, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: inquire_cred.c 20688 2007-05-17 18:44:31Z lha $"); - -OM_uint32 _gsskrb5_inquire_cred -(OM_uint32 * minor_status, - const gss_cred_id_t cred_handle, - gss_name_t * output_name, - OM_uint32 * lifetime, - gss_cred_usage_t * cred_usage, - gss_OID_set * mechanisms - ) -{ - krb5_context context; - gss_cred_id_t aqcred_init = GSS_C_NO_CREDENTIAL; - gss_cred_id_t aqcred_accept = GSS_C_NO_CREDENTIAL; - gsskrb5_cred acred = NULL, icred = NULL; - OM_uint32 ret; - - *minor_status = 0; - - if (output_name) - *output_name = NULL; - if (mechanisms) - *mechanisms = GSS_C_NO_OID_SET; - - GSSAPI_KRB5_INIT (&context); - - if (cred_handle == GSS_C_NO_CREDENTIAL) { - ret = _gsskrb5_acquire_cred(minor_status, - GSS_C_NO_NAME, - GSS_C_INDEFINITE, - GSS_C_NO_OID_SET, - GSS_C_ACCEPT, - &aqcred_accept, - NULL, - NULL); - if (ret == GSS_S_COMPLETE) - acred = (gsskrb5_cred)aqcred_accept; - - ret = _gsskrb5_acquire_cred(minor_status, - GSS_C_NO_NAME, - GSS_C_INDEFINITE, - GSS_C_NO_OID_SET, - GSS_C_INITIATE, - &aqcred_init, - NULL, - NULL); - if (ret == GSS_S_COMPLETE) - icred = (gsskrb5_cred)aqcred_init; - - if (icred == NULL && acred == NULL) { - *minor_status = 0; - return GSS_S_NO_CRED; - } - } else - acred = (gsskrb5_cred)cred_handle; - - if (acred) - HEIMDAL_MUTEX_lock(&acred->cred_id_mutex); - if (icred) - HEIMDAL_MUTEX_lock(&icred->cred_id_mutex); - - if (output_name != NULL) { - if (icred && icred->principal != NULL) { - gss_name_t name; - - if (acred && acred->principal) - name = (gss_name_t)acred->principal; - else - name = (gss_name_t)icred->principal; - - ret = _gsskrb5_duplicate_name(minor_status, name, output_name); - if (ret) - goto out; - } else if (acred && acred->usage == GSS_C_ACCEPT) { - krb5_principal princ; - *minor_status = krb5_sname_to_principal(context, NULL, - NULL, KRB5_NT_SRV_HST, - &princ); - if (*minor_status) { - ret = GSS_S_FAILURE; - goto out; - } - *output_name = (gss_name_t)princ; - } else { - krb5_principal princ; - *minor_status = krb5_get_default_principal(context, - &princ); - if (*minor_status) { - ret = GSS_S_FAILURE; - goto out; - } - *output_name = (gss_name_t)princ; - } - } - if (lifetime != NULL) { - OM_uint32 alife = GSS_C_INDEFINITE, ilife = GSS_C_INDEFINITE; - - if (acred) alife = acred->lifetime; - if (icred) ilife = icred->lifetime; - - ret = _gsskrb5_lifetime_left(minor_status, - context, - min(alife,ilife), - lifetime); - if (ret) - goto out; - } - if (cred_usage != NULL) { - if (acred && icred) - *cred_usage = GSS_C_BOTH; - else if (acred) - *cred_usage = GSS_C_ACCEPT; - else if (icred) - *cred_usage = GSS_C_INITIATE; - else - abort(); - } - - if (mechanisms != NULL) { - ret = gss_create_empty_oid_set(minor_status, mechanisms); - if (ret) - goto out; - if (acred) - ret = gss_add_oid_set_member(minor_status, - &acred->mechanisms->elements[0], - mechanisms); - if (ret == GSS_S_COMPLETE && icred) - ret = gss_add_oid_set_member(minor_status, - &icred->mechanisms->elements[0], - mechanisms); - if (ret) - goto out; - } - ret = GSS_S_COMPLETE; -out: - if (acred) - HEIMDAL_MUTEX_unlock(&acred->cred_id_mutex); - if (icred) - HEIMDAL_MUTEX_unlock(&icred->cred_id_mutex); - - if (aqcred_init != GSS_C_NO_CREDENTIAL) - ret = _gsskrb5_release_cred(minor_status, &aqcred_init); - if (aqcred_accept != GSS_C_NO_CREDENTIAL) - ret = _gsskrb5_release_cred(minor_status, &aqcred_accept); - - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/inquire_cred_by_mech.c b/crypto/heimdal/lib/gssapi/krb5/inquire_cred_by_mech.c deleted file mode 100644 index a8af2145bea8..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/inquire_cred_by_mech.c +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Copyright (c) 2003, 2006, 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: inquire_cred_by_mech.c 20634 2007-05-09 15:33:01Z lha $"); - -OM_uint32 _gsskrb5_inquire_cred_by_mech ( - OM_uint32 * minor_status, - const gss_cred_id_t cred_handle, - const gss_OID mech_type, - gss_name_t * name, - OM_uint32 * initiator_lifetime, - OM_uint32 * acceptor_lifetime, - gss_cred_usage_t * cred_usage - ) -{ - gss_cred_usage_t usage; - OM_uint32 maj_stat; - OM_uint32 lifetime; - - maj_stat = - _gsskrb5_inquire_cred (minor_status, cred_handle, - name, &lifetime, &usage, NULL); - if (maj_stat) - return maj_stat; - - if (initiator_lifetime) { - if (usage == GSS_C_INITIATE || usage == GSS_C_BOTH) - *initiator_lifetime = lifetime; - else - *initiator_lifetime = 0; - } - - if (acceptor_lifetime) { - if (usage == GSS_C_ACCEPT || usage == GSS_C_BOTH) - *acceptor_lifetime = lifetime; - else - *acceptor_lifetime = 0; - } - - if (cred_usage) - *cred_usage = usage; - - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/inquire_cred_by_oid.c b/crypto/heimdal/lib/gssapi/krb5/inquire_cred_by_oid.c deleted file mode 100644 index da50b11d934a..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/inquire_cred_by_oid.c +++ /dev/null @@ -1,83 +0,0 @@ -/* - * Copyright (c) 2004, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: inquire_cred_by_oid.c 19031 2006-11-13 18:02:57Z lha $"); - -OM_uint32 _gsskrb5_inquire_cred_by_oid - (OM_uint32 * minor_status, - const gss_cred_id_t cred_handle, - const gss_OID desired_object, - gss_buffer_set_t *data_set) -{ - krb5_context context; - gsskrb5_cred cred = (gsskrb5_cred)cred_handle; - krb5_error_code ret; - gss_buffer_desc buffer; - char *str; - - GSSAPI_KRB5_INIT (&context); - - if (gss_oid_equal(desired_object, GSS_KRB5_COPY_CCACHE_X) == 0) { - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - - HEIMDAL_MUTEX_lock(&cred->cred_id_mutex); - - if (cred->ccache == NULL) { - HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - - ret = krb5_cc_get_full_name(context, cred->ccache, &str); - HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - buffer.value = str; - buffer.length = strlen(str); - - ret = gss_add_buffer_set_member(minor_status, &buffer, data_set); - if (ret != GSS_S_COMPLETE) - _gsskrb5_clear_status (); - - free(str); - - *minor_status = 0; - return GSS_S_COMPLETE; -} - diff --git a/crypto/heimdal/lib/gssapi/krb5/inquire_mechs_for_name.c b/crypto/heimdal/lib/gssapi/krb5/inquire_mechs_for_name.c deleted file mode 100644 index 0ce051f19c0c..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/inquire_mechs_for_name.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: inquire_mechs_for_name.c 20688 2007-05-17 18:44:31Z lha $"); - -OM_uint32 _gsskrb5_inquire_mechs_for_name ( - OM_uint32 * minor_status, - const gss_name_t input_name, - gss_OID_set * mech_types - ) -{ - OM_uint32 ret; - - ret = gss_create_empty_oid_set(minor_status, mech_types); - if (ret) - return ret; - - ret = gss_add_oid_set_member(minor_status, - GSS_KRB5_MECHANISM, - mech_types); - if (ret) - gss_release_oid_set(NULL, mech_types); - - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/inquire_names_for_mech.c b/crypto/heimdal/lib/gssapi/krb5/inquire_names_for_mech.c deleted file mode 100644 index 64abd3c34a9f..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/inquire_names_for_mech.c +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: inquire_names_for_mech.c 20688 2007-05-17 18:44:31Z lha $"); - - -static gss_OID *name_list[] = { - &GSS_C_NT_HOSTBASED_SERVICE, - &GSS_C_NT_USER_NAME, - &GSS_KRB5_NT_PRINCIPAL_NAME, - &GSS_C_NT_EXPORT_NAME, - NULL -}; - -OM_uint32 _gsskrb5_inquire_names_for_mech ( - OM_uint32 * minor_status, - const gss_OID mechanism, - gss_OID_set * name_types - ) -{ - OM_uint32 ret; - int i; - - *minor_status = 0; - - if (gss_oid_equal(mechanism, GSS_KRB5_MECHANISM) == 0 && - gss_oid_equal(mechanism, GSS_C_NULL_OID) == 0) { - *name_types = GSS_C_NO_OID_SET; - return GSS_S_BAD_MECH; - } - - ret = gss_create_empty_oid_set(minor_status, name_types); - if (ret != GSS_S_COMPLETE) - return ret; - - for (i = 0; name_list[i] != NULL; i++) { - ret = gss_add_oid_set_member(minor_status, - *(name_list[i]), - name_types); - if (ret != GSS_S_COMPLETE) - break; - } - - if (ret != GSS_S_COMPLETE) - gss_release_oid_set(NULL, name_types); - - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/inquire_sec_context_by_oid.c b/crypto/heimdal/lib/gssapi/krb5/inquire_sec_context_by_oid.c deleted file mode 100644 index 5ca7536e6a39..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/inquire_sec_context_by_oid.c +++ /dev/null @@ -1,557 +0,0 @@ -/* - * Copyright (c) 2004, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: inquire_sec_context_by_oid.c 19031 2006-11-13 18:02:57Z lha $"); - -static int -oid_prefix_equal(gss_OID oid_enc, gss_OID prefix_enc, unsigned *suffix) -{ - int ret; - heim_oid oid; - heim_oid prefix; - - *suffix = 0; - - ret = der_get_oid(oid_enc->elements, oid_enc->length, - &oid, NULL); - if (ret) { - return 0; - } - - ret = der_get_oid(prefix_enc->elements, prefix_enc->length, - &prefix, NULL); - if (ret) { - der_free_oid(&oid); - return 0; - } - - ret = 0; - - if (oid.length - 1 == prefix.length) { - *suffix = oid.components[oid.length - 1]; - oid.length--; - ret = (der_heim_oid_cmp(&oid, &prefix) == 0); - oid.length++; - } - - der_free_oid(&oid); - der_free_oid(&prefix); - - return ret; -} - -static OM_uint32 inquire_sec_context_tkt_flags - (OM_uint32 *minor_status, - const gsskrb5_ctx context_handle, - gss_buffer_set_t *data_set) -{ - OM_uint32 tkt_flags; - unsigned char buf[4]; - gss_buffer_desc value; - - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - - if (context_handle->ticket == NULL) { - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - _gsskrb5_set_status("No ticket from which to obtain flags"); - *minor_status = EINVAL; - return GSS_S_BAD_MECH; - } - - tkt_flags = TicketFlags2int(context_handle->ticket->ticket.flags); - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - - _gsskrb5_encode_om_uint32(tkt_flags, buf); - value.length = sizeof(buf); - value.value = buf; - - return gss_add_buffer_set_member(minor_status, - &value, - data_set); -} - -enum keytype { ACCEPTOR_KEY, INITIATOR_KEY, TOKEN_KEY }; - -static OM_uint32 inquire_sec_context_get_subkey - (OM_uint32 *minor_status, - const gsskrb5_ctx context_handle, - krb5_context context, - enum keytype keytype, - gss_buffer_set_t *data_set) -{ - krb5_keyblock *key = NULL; - krb5_storage *sp = NULL; - krb5_data data; - OM_uint32 maj_stat = GSS_S_COMPLETE; - krb5_error_code ret; - - krb5_data_zero(&data); - - sp = krb5_storage_emem(); - if (sp == NULL) { - _gsskrb5_clear_status(); - ret = ENOMEM; - goto out; - } - - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - switch(keytype) { - case ACCEPTOR_KEY: - ret = _gsskrb5i_get_acceptor_subkey(context_handle, context, &key); - break; - case INITIATOR_KEY: - ret = _gsskrb5i_get_initiator_subkey(context_handle, context, &key); - break; - case TOKEN_KEY: - ret = _gsskrb5i_get_token_key(context_handle, context, &key); - break; - default: - _gsskrb5_set_status("%d is not a valid subkey type", keytype); - ret = EINVAL; - break; - } - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - if (ret) - goto out; - if (key == NULL) { - _gsskrb5_set_status("have no subkey of type %d", keytype); - ret = EINVAL; - goto out; - } - - ret = krb5_store_keyblock(sp, *key); - krb5_free_keyblock (context, key); - if (ret) - goto out; - - ret = krb5_storage_to_data(sp, &data); - if (ret) - goto out; - - { - gss_buffer_desc value; - - value.length = data.length; - value.value = data.data; - - maj_stat = gss_add_buffer_set_member(minor_status, - &value, - data_set); - } - -out: - krb5_data_free(&data); - if (sp) - krb5_storage_free(sp); - if (ret) { - *minor_status = ret; - maj_stat = GSS_S_FAILURE; - } - return maj_stat; -} - -static OM_uint32 inquire_sec_context_authz_data - (OM_uint32 *minor_status, - const gsskrb5_ctx context_handle, - krb5_context context, - unsigned ad_type, - gss_buffer_set_t *data_set) -{ - krb5_data data; - gss_buffer_desc ad_data; - OM_uint32 ret; - - *minor_status = 0; - *data_set = GSS_C_NO_BUFFER_SET; - - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - if (context_handle->ticket == NULL) { - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - *minor_status = EINVAL; - _gsskrb5_set_status("No ticket to obtain authz data from"); - return GSS_S_NO_CONTEXT; - } - - ret = krb5_ticket_get_authorization_data_type(context, - context_handle->ticket, - ad_type, - &data); - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - ad_data.value = data.data; - ad_data.length = data.length; - - ret = gss_add_buffer_set_member(minor_status, - &ad_data, - data_set); - - krb5_data_free(&data); - - return ret; -} - -static OM_uint32 inquire_sec_context_has_updated_spnego - (OM_uint32 *minor_status, - const gsskrb5_ctx context_handle, - gss_buffer_set_t *data_set) -{ - int is_updated = 0; - - *minor_status = 0; - *data_set = GSS_C_NO_BUFFER_SET; - - /* - * For Windows SPNEGO implementations, both the initiator and the - * acceptor are assumed to have been updated if a "newer" [CLAR] or - * different enctype is negotiated for use by the Kerberos GSS-API - * mechanism. - */ - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - _gsskrb5i_is_cfx(context_handle, &is_updated); - if (is_updated == 0) { - krb5_keyblock *acceptor_subkey; - - if (context_handle->more_flags & LOCAL) - acceptor_subkey = context_handle->auth_context->remote_subkey; - else - acceptor_subkey = context_handle->auth_context->local_subkey; - - if (acceptor_subkey != NULL) - is_updated = (acceptor_subkey->keytype != - context_handle->auth_context->keyblock->keytype); - } - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - - return is_updated ? GSS_S_COMPLETE : GSS_S_FAILURE; -} - -/* - * - */ - -static OM_uint32 -export_lucid_sec_context_v1(OM_uint32 *minor_status, - gsskrb5_ctx context_handle, - krb5_context context, - gss_buffer_set_t *data_set) -{ - krb5_storage *sp = NULL; - OM_uint32 major_status = GSS_S_COMPLETE; - krb5_error_code ret; - krb5_keyblock *key = NULL; - int32_t number; - int is_cfx; - krb5_data data; - - *minor_status = 0; - - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - - _gsskrb5i_is_cfx(context_handle, &is_cfx); - - sp = krb5_storage_emem(); - if (sp == NULL) { - _gsskrb5_clear_status(); - ret = ENOMEM; - goto out; - } - - ret = krb5_store_int32(sp, 1); - if (ret) goto out; - ret = krb5_store_int32(sp, (context_handle->more_flags & LOCAL) ? 1 : 0); - if (ret) goto out; - ret = krb5_store_int32(sp, context_handle->lifetime); - if (ret) goto out; - krb5_auth_con_getlocalseqnumber (context, - context_handle->auth_context, - &number); - ret = krb5_store_uint32(sp, (uint32_t)0); /* store top half as zero */ - ret = krb5_store_uint32(sp, (uint32_t)number); - krb5_auth_getremoteseqnumber (context, - context_handle->auth_context, - &number); - ret = krb5_store_uint32(sp, (uint32_t)0); /* store top half as zero */ - ret = krb5_store_uint32(sp, (uint32_t)number); - ret = krb5_store_int32(sp, (is_cfx) ? 1 : 0); - if (ret) goto out; - - ret = _gsskrb5i_get_token_key(context_handle, context, &key); - if (ret) goto out; - - if (is_cfx == 0) { - int sign_alg, seal_alg; - - switch (key->keytype) { - case ETYPE_DES_CBC_CRC: - case ETYPE_DES_CBC_MD4: - case ETYPE_DES_CBC_MD5: - sign_alg = 0; - seal_alg = 0; - break; - case ETYPE_DES3_CBC_MD5: - case ETYPE_DES3_CBC_SHA1: - sign_alg = 4; - seal_alg = 2; - break; - case ETYPE_ARCFOUR_HMAC_MD5: - case ETYPE_ARCFOUR_HMAC_MD5_56: - sign_alg = 17; - seal_alg = 16; - break; - default: - sign_alg = -1; - seal_alg = -1; - break; - } - ret = krb5_store_int32(sp, sign_alg); - if (ret) goto out; - ret = krb5_store_int32(sp, seal_alg); - if (ret) goto out; - /* ctx_key */ - ret = krb5_store_keyblock(sp, *key); - if (ret) goto out; - } else { - int subkey_p = (context_handle->more_flags & ACCEPTOR_SUBKEY) ? 1 : 0; - - /* have_acceptor_subkey */ - ret = krb5_store_int32(sp, subkey_p); - if (ret) goto out; - /* ctx_key */ - ret = krb5_store_keyblock(sp, *key); - if (ret) goto out; - /* acceptor_subkey */ - if (subkey_p) { - ret = krb5_store_keyblock(sp, *key); - if (ret) goto out; - } - } - ret = krb5_storage_to_data(sp, &data); - if (ret) goto out; - - { - gss_buffer_desc ad_data; - - ad_data.value = data.data; - ad_data.length = data.length; - - ret = gss_add_buffer_set_member(minor_status, &ad_data, data_set); - krb5_data_free(&data); - if (ret) - goto out; - } - -out: - if (key) - krb5_free_keyblock (context, key); - if (sp) - krb5_storage_free(sp); - if (ret) { - *minor_status = ret; - major_status = GSS_S_FAILURE; - } - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - return major_status; -} - -static OM_uint32 -get_authtime(OM_uint32 *minor_status, - gsskrb5_ctx ctx, - gss_buffer_set_t *data_set) - -{ - gss_buffer_desc value; - unsigned char buf[4]; - OM_uint32 authtime; - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - if (ctx->ticket == NULL) { - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - _gsskrb5_set_status("No ticket to obtain auth time from"); - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - - authtime = ctx->ticket->ticket.authtime; - - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - - _gsskrb5_encode_om_uint32(authtime, buf); - value.length = sizeof(buf); - value.value = buf; - - return gss_add_buffer_set_member(minor_status, - &value, - data_set); -} - - -static OM_uint32 -get_service_keyblock - (OM_uint32 *minor_status, - gsskrb5_ctx ctx, - gss_buffer_set_t *data_set) -{ - krb5_storage *sp = NULL; - krb5_data data; - OM_uint32 maj_stat = GSS_S_COMPLETE; - krb5_error_code ret = EINVAL; - - sp = krb5_storage_emem(); - if (sp == NULL) { - _gsskrb5_clear_status(); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - if (ctx->service_keyblock == NULL) { - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - _gsskrb5_set_status("No service keyblock on gssapi context"); - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - - krb5_data_zero(&data); - - ret = krb5_store_keyblock(sp, *ctx->service_keyblock); - - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - - if (ret) - goto out; - - ret = krb5_storage_to_data(sp, &data); - if (ret) - goto out; - - { - gss_buffer_desc value; - - value.length = data.length; - value.value = data.data; - - maj_stat = gss_add_buffer_set_member(minor_status, - &value, - data_set); - } - -out: - krb5_data_free(&data); - if (sp) - krb5_storage_free(sp); - if (ret) { - *minor_status = ret; - maj_stat = GSS_S_FAILURE; - } - return maj_stat; -} -/* - * - */ - -OM_uint32 _gsskrb5_inquire_sec_context_by_oid - (OM_uint32 *minor_status, - const gss_ctx_id_t context_handle, - const gss_OID desired_object, - gss_buffer_set_t *data_set) -{ - krb5_context context; - const gsskrb5_ctx ctx = (const gsskrb5_ctx) context_handle; - unsigned suffix; - - if (ctx == NULL) { - *minor_status = EINVAL; - return GSS_S_NO_CONTEXT; - } - - GSSAPI_KRB5_INIT (&context); - - if (gss_oid_equal(desired_object, GSS_KRB5_GET_TKT_FLAGS_X)) { - return inquire_sec_context_tkt_flags(minor_status, - ctx, - data_set); - } else if (gss_oid_equal(desired_object, GSS_C_PEER_HAS_UPDATED_SPNEGO)) { - return inquire_sec_context_has_updated_spnego(minor_status, - ctx, - data_set); - } else if (gss_oid_equal(desired_object, GSS_KRB5_GET_SUBKEY_X)) { - return inquire_sec_context_get_subkey(minor_status, - ctx, - context, - TOKEN_KEY, - data_set); - } else if (gss_oid_equal(desired_object, GSS_KRB5_GET_INITIATOR_SUBKEY_X)) { - return inquire_sec_context_get_subkey(minor_status, - ctx, - context, - INITIATOR_KEY, - data_set); - } else if (gss_oid_equal(desired_object, GSS_KRB5_GET_ACCEPTOR_SUBKEY_X)) { - return inquire_sec_context_get_subkey(minor_status, - ctx, - context, - ACCEPTOR_KEY, - data_set); - } else if (gss_oid_equal(desired_object, GSS_KRB5_GET_AUTHTIME_X)) { - return get_authtime(minor_status, ctx, data_set); - } else if (oid_prefix_equal(desired_object, - GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X, - &suffix)) { - return inquire_sec_context_authz_data(minor_status, - ctx, - context, - suffix, - data_set); - } else if (oid_prefix_equal(desired_object, - GSS_KRB5_EXPORT_LUCID_CONTEXT_X, - &suffix)) { - if (suffix == 1) - return export_lucid_sec_context_v1(minor_status, - ctx, - context, - data_set); - *minor_status = 0; - return GSS_S_FAILURE; - } else if (gss_oid_equal(desired_object, GSS_KRB5_GET_SERVICE_KEYBLOCK_X)) { - return get_service_keyblock(minor_status, ctx, data_set); - } else { - *minor_status = 0; - return GSS_S_FAILURE; - } -} - diff --git a/crypto/heimdal/lib/gssapi/krb5/prf.c b/crypto/heimdal/lib/gssapi/krb5/prf.c deleted file mode 100644 index f79c9374a9c7..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/prf.c +++ /dev/null @@ -1,143 +0,0 @@ -/* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: prf.c 21129 2007-06-18 20:28:44Z lha $"); - -OM_uint32 -_gsskrb5_pseudo_random(OM_uint32 *minor_status, - gss_ctx_id_t context_handle, - int prf_key, - const gss_buffer_t prf_in, - ssize_t desired_output_len, - gss_buffer_t prf_out) -{ - gsskrb5_ctx ctx = (gsskrb5_ctx)context_handle; - krb5_context context; - krb5_error_code ret; - krb5_crypto crypto; - krb5_data input, output; - uint32_t num; - unsigned char *p; - krb5_keyblock *key = NULL; - - if (ctx == NULL) { - *minor_status = 0; - return GSS_S_NO_CONTEXT; - } - - if (desired_output_len <= 0) { - *minor_status = 0; - return GSS_S_FAILURE; - } - - GSSAPI_KRB5_INIT (&context); - - switch(prf_key) { - case GSS_C_PRF_KEY_FULL: - _gsskrb5i_get_acceptor_subkey(ctx, context, &key); - break; - case GSS_C_PRF_KEY_PARTIAL: - _gsskrb5i_get_initiator_subkey(ctx, context, &key); - break; - default: - _gsskrb5_set_status("unknown kerberos prf_key"); - *minor_status = 0; - return GSS_S_FAILURE; - } - - if (key == NULL) { - _gsskrb5_set_status("no prf_key found"); - *minor_status = 0; - return GSS_S_FAILURE; - } - - ret = krb5_crypto_init(context, key, 0, &crypto); - krb5_free_keyblock (context, key); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - prf_out->value = malloc(desired_output_len); - if (prf_out->value == NULL) { - _gsskrb5_set_status("Out of memory"); - *minor_status = GSS_KRB5_S_KG_INPUT_TOO_LONG; - krb5_crypto_destroy(context, crypto); - return GSS_S_FAILURE; - } - prf_out->length = desired_output_len; - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - - input.length = prf_in->length + 4; - input.data = malloc(prf_in->length + 4); - if (input.data == NULL) { - OM_uint32 junk; - _gsskrb5_set_status("Out of memory"); - *minor_status = GSS_KRB5_S_KG_INPUT_TOO_LONG; - gss_release_buffer(&junk, prf_out); - krb5_crypto_destroy(context, crypto); - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - return GSS_S_FAILURE; - } - memcpy(((unsigned char *)input.data) + 4, prf_in->value, prf_in->length); - - num = 0; - p = prf_out->value; - while(desired_output_len > 0) { - _gsskrb5_encode_om_uint32(num, input.data); - ret = krb5_crypto_prf(context, crypto, &input, &output); - if (ret) { - OM_uint32 junk; - *minor_status = ret; - free(input.data); - gss_release_buffer(&junk, prf_out); - krb5_crypto_destroy(context, crypto); - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - return GSS_S_FAILURE; - } - memcpy(p, output.data, min(desired_output_len, output.length)); - p += output.length; - desired_output_len -= output.length; - krb5_data_free(&output); - num++; - } - - krb5_crypto_destroy(context, crypto); - - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/process_context_token.c b/crypto/heimdal/lib/gssapi/krb5/process_context_token.c deleted file mode 100644 index 15638f57fcc5..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/process_context_token.c +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: process_context_token.c 19031 2006-11-13 18:02:57Z lha $"); - -OM_uint32 _gsskrb5_process_context_token ( - OM_uint32 *minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t token_buffer - ) -{ - krb5_context context; - OM_uint32 ret = GSS_S_FAILURE; - gss_buffer_desc empty_buffer; - gss_qop_t qop_state; - - empty_buffer.length = 0; - empty_buffer.value = NULL; - - GSSAPI_KRB5_INIT (&context); - - qop_state = GSS_C_QOP_DEFAULT; - - ret = _gsskrb5_verify_mic_internal(minor_status, - (gsskrb5_ctx)context_handle, - context, - token_buffer, &empty_buffer, - GSS_C_QOP_DEFAULT, "\x01\x02"); - - if (ret == GSS_S_COMPLETE) - ret = _gsskrb5_delete_sec_context(minor_status, - rk_UNCONST(&context_handle), - GSS_C_NO_BUFFER); - if (ret == GSS_S_COMPLETE) - *minor_status = 0; - - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/release_buffer.c b/crypto/heimdal/lib/gssapi/krb5/release_buffer.c deleted file mode 100644 index 5dff62631ab4..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/release_buffer.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 1997 - 2000, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: release_buffer.c 18334 2006-10-07 22:16:04Z lha $"); - -OM_uint32 _gsskrb5_release_buffer - (OM_uint32 * minor_status, - gss_buffer_t buffer - ) -{ - *minor_status = 0; - free (buffer->value); - buffer->value = NULL; - buffer->length = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/release_cred.c b/crypto/heimdal/lib/gssapi/krb5/release_cred.c deleted file mode 100644 index ab5695b097b1..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/release_cred.c +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: release_cred.c 20753 2007-05-31 22:50:06Z lha $"); - -OM_uint32 _gsskrb5_release_cred - (OM_uint32 * minor_status, - gss_cred_id_t * cred_handle - ) -{ - krb5_context context; - gsskrb5_cred cred; - OM_uint32 junk; - - *minor_status = 0; - - if (*cred_handle == NULL) - return GSS_S_COMPLETE; - - cred = (gsskrb5_cred)*cred_handle; - *cred_handle = GSS_C_NO_CREDENTIAL; - - GSSAPI_KRB5_INIT (&context); - - HEIMDAL_MUTEX_lock(&cred->cred_id_mutex); - - if (cred->principal != NULL) - krb5_free_principal(context, cred->principal); - if (cred->keytab != NULL) - krb5_kt_close(context, cred->keytab); - if (cred->ccache != NULL) { - const krb5_cc_ops *ops; - ops = krb5_cc_get_ops(context, cred->ccache); - if (cred->cred_flags & GSS_CF_DESTROY_CRED_ON_RELEASE) - krb5_cc_destroy(context, cred->ccache); - else - krb5_cc_close(context, cred->ccache); - } - gss_release_oid_set(&junk, &cred->mechanisms); - if (cred->enctypes) - free(cred->enctypes); - HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); - HEIMDAL_MUTEX_destroy(&cred->cred_id_mutex); - memset(cred, 0, sizeof(*cred)); - free(cred); - return GSS_S_COMPLETE; -} - diff --git a/crypto/heimdal/lib/gssapi/krb5/release_name.c b/crypto/heimdal/lib/gssapi/krb5/release_name.c deleted file mode 100644 index 80b91930fd37..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/release_name.c +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: release_name.c 21128 2007-06-18 20:26:50Z lha $"); - -OM_uint32 _gsskrb5_release_name - (OM_uint32 * minor_status, - gss_name_t * input_name - ) -{ - krb5_context context; - krb5_principal name = (krb5_principal)*input_name; - - *minor_status = 0; - - GSSAPI_KRB5_INIT (&context); - - *input_name = GSS_C_NO_NAME; - - krb5_free_principal(context, name); - - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/sequence.c b/crypto/heimdal/lib/gssapi/krb5/sequence.c deleted file mode 100644 index 677a3c8d0778..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/sequence.c +++ /dev/null @@ -1,294 +0,0 @@ -/* - * Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: sequence.c 18334 2006-10-07 22:16:04Z lha $"); - -#define DEFAULT_JITTER_WINDOW 20 - -struct gss_msg_order { - OM_uint32 flags; - OM_uint32 start; - OM_uint32 length; - OM_uint32 jitter_window; - OM_uint32 first_seq; - OM_uint32 elem[1]; -}; - - -/* - * - */ - -static OM_uint32 -msg_order_alloc(OM_uint32 *minor_status, - struct gss_msg_order **o, - OM_uint32 jitter_window) -{ - size_t len; - - len = jitter_window * sizeof((*o)->elem[0]); - len += sizeof(**o); - len -= sizeof((*o)->elem[0]); - - *o = calloc(1, len); - if (*o == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - *minor_status = 0; - return GSS_S_COMPLETE; -} - -/* - * - */ - -OM_uint32 -_gssapi_msg_order_create(OM_uint32 *minor_status, - struct gss_msg_order **o, - OM_uint32 flags, - OM_uint32 seq_num, - OM_uint32 jitter_window, - int use_64) -{ - OM_uint32 ret; - - if (jitter_window == 0) - jitter_window = DEFAULT_JITTER_WINDOW; - - ret = msg_order_alloc(minor_status, o, jitter_window); - if(ret != GSS_S_COMPLETE) - return ret; - - (*o)->flags = flags; - (*o)->length = 0; - (*o)->first_seq = seq_num; - (*o)->jitter_window = jitter_window; - (*o)->elem[0] = seq_num - 1; - - *minor_status = 0; - return GSS_S_COMPLETE; -} - -OM_uint32 -_gssapi_msg_order_destroy(struct gss_msg_order **m) -{ - free(*m); - *m = NULL; - return GSS_S_COMPLETE; -} - -static void -elem_set(struct gss_msg_order *o, unsigned int slot, OM_uint32 val) -{ - o->elem[slot % o->jitter_window] = val; -} - -static void -elem_insert(struct gss_msg_order *o, - unsigned int after_slot, - OM_uint32 seq_num) -{ - assert(o->jitter_window > after_slot); - - if (o->length > after_slot) - memmove(&o->elem[after_slot + 1], &o->elem[after_slot], - (o->length - after_slot - 1) * sizeof(o->elem[0])); - - elem_set(o, after_slot, seq_num); - - if (o->length < o->jitter_window) - o->length++; -} - -/* rule 1: expected sequence number */ -/* rule 2: > expected sequence number */ -/* rule 3: seqnum < seqnum(first) */ -/* rule 4+5: seqnum in [seqnum(first),seqnum(last)] */ - -OM_uint32 -_gssapi_msg_order_check(struct gss_msg_order *o, OM_uint32 seq_num) -{ - OM_uint32 r; - int i; - - if (o == NULL) - return GSS_S_COMPLETE; - - if ((o->flags & (GSS_C_REPLAY_FLAG|GSS_C_SEQUENCE_FLAG)) == 0) - return GSS_S_COMPLETE; - - /* check if the packet is the next in order */ - if (o->elem[0] == seq_num - 1) { - elem_insert(o, 0, seq_num); - return GSS_S_COMPLETE; - } - - r = (o->flags & (GSS_C_REPLAY_FLAG|GSS_C_SEQUENCE_FLAG))==GSS_C_REPLAY_FLAG; - - /* sequence number larger then largest sequence number - * or smaller then the first sequence number */ - if (seq_num > o->elem[0] - || seq_num < o->first_seq - || o->length == 0) - { - elem_insert(o, 0, seq_num); - if (r) { - return GSS_S_COMPLETE; - } else { - return GSS_S_GAP_TOKEN; - } - } - - assert(o->length > 0); - - /* sequence number smaller the first sequence number */ - if (seq_num < o->elem[o->length - 1]) { - if (r) - return(GSS_S_OLD_TOKEN); - else - return(GSS_S_UNSEQ_TOKEN); - } - - if (seq_num == o->elem[o->length - 1]) { - return GSS_S_DUPLICATE_TOKEN; - } - - for (i = 0; i < o->length - 1; i++) { - if (o->elem[i] == seq_num) - return GSS_S_DUPLICATE_TOKEN; - if (o->elem[i + 1] < seq_num && o->elem[i] < seq_num) { - elem_insert(o, i, seq_num); - if (r) - return GSS_S_COMPLETE; - else - return GSS_S_UNSEQ_TOKEN; - } - } - - return GSS_S_FAILURE; -} - -OM_uint32 -_gssapi_msg_order_f(OM_uint32 flags) -{ - return flags & (GSS_C_SEQUENCE_FLAG|GSS_C_REPLAY_FLAG); -} - -/* - * Translate `o` into inter-process format and export in to `sp'. - */ - -krb5_error_code -_gssapi_msg_order_export(krb5_storage *sp, struct gss_msg_order *o) -{ - krb5_error_code kret; - OM_uint32 i; - - kret = krb5_store_int32(sp, o->flags); - if (kret) - return kret; - kret = krb5_store_int32(sp, o->start); - if (kret) - return kret; - kret = krb5_store_int32(sp, o->length); - if (kret) - return kret; - kret = krb5_store_int32(sp, o->jitter_window); - if (kret) - return kret; - kret = krb5_store_int32(sp, o->first_seq); - if (kret) - return kret; - - for (i = 0; i < o->jitter_window; i++) { - kret = krb5_store_int32(sp, o->elem[i]); - if (kret) - return kret; - } - - return 0; -} - -OM_uint32 -_gssapi_msg_order_import(OM_uint32 *minor_status, - krb5_storage *sp, - struct gss_msg_order **o) -{ - OM_uint32 ret; - krb5_error_code kret; - int32_t i, flags, start, length, jitter_window, first_seq; - - kret = krb5_ret_int32(sp, &flags); - if (kret) - goto failed; - ret = krb5_ret_int32(sp, &start); - if (kret) - goto failed; - ret = krb5_ret_int32(sp, &length); - if (kret) - goto failed; - ret = krb5_ret_int32(sp, &jitter_window); - if (kret) - goto failed; - ret = krb5_ret_int32(sp, &first_seq); - if (kret) - goto failed; - - ret = msg_order_alloc(minor_status, o, jitter_window); - if (ret != GSS_S_COMPLETE) - return ret; - - (*o)->flags = flags; - (*o)->start = start; - (*o)->length = length; - (*o)->jitter_window = jitter_window; - (*o)->first_seq = first_seq; - - for( i = 0; i < jitter_window; i++ ) { - kret = krb5_ret_int32(sp, (int32_t*)&((*o)->elem[i])); - if (kret) - goto failed; - } - - *minor_status = 0; - return GSS_S_COMPLETE; - -failed: - _gssapi_msg_order_destroy(o); - *minor_status = kret; - return GSS_S_FAILURE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/set_cred_option.c b/crypto/heimdal/lib/gssapi/krb5/set_cred_option.c deleted file mode 100644 index d0ca1c4d95dd..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/set_cred_option.c +++ /dev/null @@ -1,229 +0,0 @@ -/* - * Copyright (c) 2004, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: set_cred_option.c 20325 2007-04-12 16:49:17Z lha $"); - -static gss_OID_desc gss_krb5_import_cred_x_oid_desc = -{9, (void *)"\x2b\x06\x01\x04\x01\xa9\x4a\x13\x04"}; /* XXX */ - -gss_OID GSS_KRB5_IMPORT_CRED_X = &gss_krb5_import_cred_x_oid_desc; - -static OM_uint32 -import_cred(OM_uint32 *minor_status, - krb5_context context, - gss_cred_id_t *cred_handle, - const gss_buffer_t value) -{ - OM_uint32 major_stat; - krb5_error_code ret; - krb5_principal keytab_principal = NULL; - krb5_keytab keytab = NULL; - krb5_storage *sp = NULL; - krb5_ccache id = NULL; - char *str; - - if (cred_handle == NULL || *cred_handle != GSS_C_NO_CREDENTIAL) { - *minor_status = 0; - return GSS_S_FAILURE; - } - - sp = krb5_storage_from_mem(value->value, value->length); - if (sp == NULL) { - *minor_status = 0; - return GSS_S_FAILURE; - } - - /* credential cache name */ - ret = krb5_ret_string(sp, &str); - if (ret) { - *minor_status = ret; - major_stat = GSS_S_FAILURE; - goto out; - } - if (str[0]) { - ret = krb5_cc_resolve(context, str, &id); - if (ret) { - *minor_status = ret; - major_stat = GSS_S_FAILURE; - goto out; - } - } - free(str); - str = NULL; - - /* keytab principal name */ - ret = krb5_ret_string(sp, &str); - if (ret == 0 && str[0]) - ret = krb5_parse_name(context, str, &keytab_principal); - if (ret) { - *minor_status = ret; - major_stat = GSS_S_FAILURE; - goto out; - } - free(str); - str = NULL; - - /* keytab principal */ - ret = krb5_ret_string(sp, &str); - if (ret) { - *minor_status = ret; - major_stat = GSS_S_FAILURE; - goto out; - } - if (str[0]) { - ret = krb5_kt_resolve(context, str, &keytab); - if (ret) { - *minor_status = ret; - major_stat = GSS_S_FAILURE; - goto out; - } - } - free(str); - str = NULL; - - major_stat = _gsskrb5_import_cred(minor_status, id, keytab_principal, - keytab, cred_handle); -out: - if (id) - krb5_cc_close(context, id); - if (keytab_principal) - krb5_free_principal(context, keytab_principal); - if (keytab) - krb5_kt_close(context, keytab); - if (str) - free(str); - if (sp) - krb5_storage_free(sp); - - return major_stat; -} - - -static OM_uint32 -allowed_enctypes(OM_uint32 *minor_status, - krb5_context context, - gss_cred_id_t *cred_handle, - const gss_buffer_t value) -{ - OM_uint32 major_stat; - krb5_error_code ret; - size_t len, i; - krb5_enctype *enctypes = NULL; - krb5_storage *sp = NULL; - gsskrb5_cred cred; - - if (cred_handle == NULL || *cred_handle == GSS_C_NO_CREDENTIAL) { - *minor_status = 0; - return GSS_S_FAILURE; - } - - cred = (gsskrb5_cred)*cred_handle; - - if ((value->length % 4) != 0) { - *minor_status = 0; - major_stat = GSS_S_FAILURE; - goto out; - } - - len = value->length / 4; - enctypes = malloc((len + 1) * 4); - if (enctypes == NULL) { - *minor_status = ENOMEM; - major_stat = GSS_S_FAILURE; - goto out; - } - - sp = krb5_storage_from_mem(value->value, value->length); - if (sp == NULL) { - *minor_status = ENOMEM; - major_stat = GSS_S_FAILURE; - goto out; - } - - for (i = 0; i < len; i++) { - uint32_t e; - - ret = krb5_ret_uint32(sp, &e); - if (ret) { - *minor_status = ret; - major_stat = GSS_S_FAILURE; - goto out; - } - enctypes[i] = e; - } - enctypes[i] = 0; - - if (cred->enctypes) - free(cred->enctypes); - cred->enctypes = enctypes; - - krb5_storage_free(sp); - - return GSS_S_COMPLETE; - -out: - if (sp) - krb5_storage_free(sp); - if (enctypes) - free(enctypes); - - return major_stat; -} - - -OM_uint32 -_gsskrb5_set_cred_option - (OM_uint32 *minor_status, - gss_cred_id_t *cred_handle, - const gss_OID desired_object, - const gss_buffer_t value) -{ - krb5_context context; - - GSSAPI_KRB5_INIT (&context); - - if (value == GSS_C_NO_BUFFER) { - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - - if (gss_oid_equal(desired_object, GSS_KRB5_IMPORT_CRED_X)) - return import_cred(minor_status, context, cred_handle, value); - - if (gss_oid_equal(desired_object, GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X)) - return allowed_enctypes(minor_status, context, cred_handle, value); - - *minor_status = EINVAL; - return GSS_S_FAILURE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/set_sec_context_option.c b/crypto/heimdal/lib/gssapi/krb5/set_sec_context_option.c deleted file mode 100644 index 50441a11ad3c..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/set_sec_context_option.c +++ /dev/null @@ -1,192 +0,0 @@ -/* - * Copyright (c) 2004, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * glue routine for _gsskrb5_inquire_sec_context_by_oid - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: set_sec_context_option.c 20384 2007-04-18 08:51:06Z lha $"); - -static OM_uint32 -get_bool(OM_uint32 *minor_status, - const gss_buffer_t value, - int *flag) -{ - if (value->value == NULL || value->length != 1) { - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - *flag = *((const char *)value->value) != 0; - return GSS_S_COMPLETE; -} - -static OM_uint32 -get_string(OM_uint32 *minor_status, - const gss_buffer_t value, - char **str) -{ - if (value == NULL || value->length == 0) { - *str = NULL; - } else { - *str = malloc(value->length + 1); - if (*str == NULL) { - *minor_status = 0; - return GSS_S_UNAVAILABLE; - } - memcpy(*str, value->value, value->length); - (*str)[value->length] = '\0'; - } - return GSS_S_COMPLETE; -} - -OM_uint32 -_gsskrb5_set_sec_context_option - (OM_uint32 *minor_status, - gss_ctx_id_t *context_handle, - const gss_OID desired_object, - const gss_buffer_t value) -{ - krb5_context context; - OM_uint32 maj_stat; - - GSSAPI_KRB5_INIT (&context); - - if (value == GSS_C_NO_BUFFER) { - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - - if (gss_oid_equal(desired_object, GSS_KRB5_COMPAT_DES3_MIC_X)) { - gsskrb5_ctx ctx; - int flag; - - if (*context_handle == GSS_C_NO_CONTEXT) { - *minor_status = EINVAL; - return GSS_S_NO_CONTEXT; - } - - maj_stat = get_bool(minor_status, value, &flag); - if (maj_stat != GSS_S_COMPLETE) - return maj_stat; - - ctx = (gsskrb5_ctx)*context_handle; - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - if (flag) - ctx->more_flags |= COMPAT_OLD_DES3; - else - ctx->more_flags &= ~COMPAT_OLD_DES3; - ctx->more_flags |= COMPAT_OLD_DES3_SELECTED; - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - return GSS_S_COMPLETE; - } else if (gss_oid_equal(desired_object, GSS_KRB5_SET_DNS_CANONICALIZE_X)) { - int flag; - - maj_stat = get_bool(minor_status, value, &flag); - if (maj_stat != GSS_S_COMPLETE) - return maj_stat; - - krb5_set_dns_canonicalize_hostname(context, flag); - return GSS_S_COMPLETE; - - } else if (gss_oid_equal(desired_object, GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X)) { - char *str; - - maj_stat = get_string(minor_status, value, &str); - if (maj_stat != GSS_S_COMPLETE) - return maj_stat; - - _gsskrb5_register_acceptor_identity(str); - free(str); - - *minor_status = 0; - return GSS_S_COMPLETE; - - } else if (gss_oid_equal(desired_object, GSS_KRB5_SET_DEFAULT_REALM_X)) { - char *str; - - maj_stat = get_string(minor_status, value, &str); - if (maj_stat != GSS_S_COMPLETE) - return maj_stat; - if (str == NULL) { - *minor_status = 0; - return GSS_S_CALL_INACCESSIBLE_READ; - } - - krb5_set_default_realm(context, str); - free(str); - - *minor_status = 0; - return GSS_S_COMPLETE; - - } else if (gss_oid_equal(desired_object, GSS_KRB5_SEND_TO_KDC_X)) { - - if (value == NULL || value->length == 0) { - krb5_set_send_to_kdc_func(context, NULL, NULL); - } else { - struct gsskrb5_send_to_kdc c; - - if (value->length != sizeof(c)) { - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - memcpy(&c, value->value, sizeof(c)); - krb5_set_send_to_kdc_func(context, - (krb5_send_to_kdc_func)c.func, - c.ptr); - } - - *minor_status = 0; - return GSS_S_COMPLETE; - } else if (gss_oid_equal(desired_object, GSS_KRB5_CCACHE_NAME_X)) { - char *str; - - maj_stat = get_string(minor_status, value, &str); - if (maj_stat != GSS_S_COMPLETE) - return maj_stat; - if (str == NULL) { - *minor_status = 0; - return GSS_S_CALL_INACCESSIBLE_READ; - } - - *minor_status = krb5_cc_set_default_name(context, str); - free(str); - if (*minor_status) - return GSS_S_FAILURE; - - return GSS_S_COMPLETE; - } - - *minor_status = EINVAL; - return GSS_S_FAILURE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/test_cfx.c b/crypto/heimdal/lib/gssapi/krb5/test_cfx.c deleted file mode 100644 index b4536228a6e1..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/test_cfx.c +++ /dev/null @@ -1,159 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: test_cfx.c 19031 2006-11-13 18:02:57Z lha $"); - -struct range { - size_t lower; - size_t upper; -}; - -struct range tests[] = { - { 0, 1040 }, - { 2040, 2080 }, - { 4080, 5000 }, - { 8180, 8292 }, - { 9980, 10010 } -}; - -static void -test_range(const struct range *r, int integ, - krb5_context context, krb5_crypto crypto) -{ - krb5_error_code ret; - size_t size, rsize; - - for (size = r->lower; size < r->upper; size++) { - OM_uint32 max_wrap_size; - size_t cksumsize; - uint16_t padsize; - - ret = _gsskrb5cfx_max_wrap_length_cfx(context, - crypto, - integ, - size, - &max_wrap_size); - if (ret) - krb5_errx(context, 1, "_gsskrb5cfx_max_wrap_length_cfx: %d", ret); - if (max_wrap_size == 0) - continue; - - ret = _gsskrb5cfx_wrap_length_cfx(context, - crypto, - integ, - max_wrap_size, - &rsize, &cksumsize, &padsize); - if (ret) - krb5_errx(context, 1, "_gsskrb5cfx_wrap_length_cfx: %d", ret); - - if (size < rsize) - krb5_errx(context, 1, - "size (%d) < rsize (%d) for max_wrap_size %d", - (int)size, (int)rsize, (int)max_wrap_size); - } -} - -static void -test_special(krb5_context context, krb5_crypto crypto, - int integ, size_t testsize) -{ - krb5_error_code ret; - size_t rsize; - OM_uint32 max_wrap_size; - size_t cksumsize; - uint16_t padsize; - - ret = _gsskrb5cfx_max_wrap_length_cfx(context, - crypto, - integ, - testsize, - &max_wrap_size); - if (ret) - krb5_errx(context, 1, "_gsskrb5cfx_max_wrap_length_cfx: %d", ret); - - ret = _gsskrb5cfx_wrap_length_cfx(context, - crypto, - integ, - max_wrap_size, - &rsize, &cksumsize, &padsize); - if (ret) - krb5_errx(context, 1, "_gsskrb5cfx_wrap_length_cfx: %d", ret); - - if (testsize < rsize) - krb5_errx(context, 1, - "testsize (%d) < rsize (%d) for max_wrap_size %d", - (int)testsize, (int)rsize, (int)max_wrap_size); -} - - - - -int -main(int argc, char **argv) -{ - krb5_keyblock keyblock; - krb5_error_code ret; - krb5_context context; - krb5_crypto crypto; - int i; - - ret = krb5_init_context(&context); - if (ret) - errx(1, "krb5_context_init: %d", ret); - - ret = krb5_generate_random_keyblock(context, - ENCTYPE_AES256_CTS_HMAC_SHA1_96, - &keyblock); - if (ret) - krb5_err(context, 1, ret, "krb5_generate_random_keyblock"); - - ret = krb5_crypto_init(context, &keyblock, 0, &crypto); - if (ret) - krb5_err(context, 1, ret, "krb5_crypto_init"); - - test_special(context, crypto, 1, 60); - test_special(context, crypto, 0, 60); - - for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) { - test_range(&tests[i], 1, context, crypto); - test_range(&tests[i], 0, context, crypto); - } - - krb5_free_keyblock_contents(context, &keyblock); - krb5_crypto_destroy(context, crypto); - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/ticket_flags.c b/crypto/heimdal/lib/gssapi/krb5/ticket_flags.c deleted file mode 100644 index 51d8159262af..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/ticket_flags.c +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: ticket_flags.c 18334 2006-10-07 22:16:04Z lha $"); - -OM_uint32 -_gsskrb5_get_tkt_flags(OM_uint32 *minor_status, - gsskrb5_ctx ctx, - OM_uint32 *tkt_flags) -{ - if (ctx == NULL) { - *minor_status = EINVAL; - return GSS_S_NO_CONTEXT; - } - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - - if (ctx->ticket == NULL) { - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - *minor_status = EINVAL; - return GSS_S_BAD_MECH; - } - - *tkt_flags = TicketFlags2int(ctx->ticket->ticket.flags); - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/unwrap.c b/crypto/heimdal/lib/gssapi/krb5/unwrap.c deleted file mode 100644 index d0a33d86fbfc..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/unwrap.c +++ /dev/null @@ -1,413 +0,0 @@ -/* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: unwrap.c 19031 2006-11-13 18:02:57Z lha $"); - -static OM_uint32 -unwrap_des - (OM_uint32 * minor_status, - const gsskrb5_ctx context_handle, - const gss_buffer_t input_message_buffer, - gss_buffer_t output_message_buffer, - int * conf_state, - gss_qop_t * qop_state, - krb5_keyblock *key - ) -{ - u_char *p, *seq; - size_t len; - MD5_CTX md5; - u_char hash[16]; - DES_key_schedule schedule; - DES_cblock deskey; - DES_cblock zero; - int i; - uint32_t seq_number; - size_t padlength; - OM_uint32 ret; - int cstate; - int cmp; - - p = input_message_buffer->value; - ret = _gsskrb5_verify_header (&p, - input_message_buffer->length, - "\x02\x01", - GSS_KRB5_MECHANISM); - if (ret) - return ret; - - if (memcmp (p, "\x00\x00", 2) != 0) - return GSS_S_BAD_SIG; - p += 2; - if (memcmp (p, "\x00\x00", 2) == 0) { - cstate = 1; - } else if (memcmp (p, "\xFF\xFF", 2) == 0) { - cstate = 0; - } else - return GSS_S_BAD_MIC; - p += 2; - if(conf_state != NULL) - *conf_state = cstate; - if (memcmp (p, "\xff\xff", 2) != 0) - return GSS_S_DEFECTIVE_TOKEN; - p += 2; - p += 16; - - len = p - (u_char *)input_message_buffer->value; - - if(cstate) { - /* decrypt data */ - memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - - for (i = 0; i < sizeof(deskey); ++i) - deskey[i] ^= 0xf0; - DES_set_key (&deskey, &schedule); - memset (&zero, 0, sizeof(zero)); - DES_cbc_encrypt ((void *)p, - (void *)p, - input_message_buffer->length - len, - &schedule, - &zero, - DES_DECRYPT); - - memset (deskey, 0, sizeof(deskey)); - memset (&schedule, 0, sizeof(schedule)); - } - /* check pad */ - ret = _gssapi_verify_pad(input_message_buffer, - input_message_buffer->length - len, - &padlength); - if (ret) - return ret; - - MD5_Init (&md5); - MD5_Update (&md5, p - 24, 8); - MD5_Update (&md5, p, input_message_buffer->length - len); - MD5_Final (hash, &md5); - - memset (&zero, 0, sizeof(zero)); - memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - DES_set_key (&deskey, &schedule); - DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), - &schedule, &zero); - if (memcmp (p - 8, hash, 8) != 0) - return GSS_S_BAD_MIC; - - /* verify sequence number */ - - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - - p -= 16; - DES_set_key (&deskey, &schedule); - DES_cbc_encrypt ((void *)p, (void *)p, 8, - &schedule, (DES_cblock *)hash, DES_DECRYPT); - - memset (deskey, 0, sizeof(deskey)); - memset (&schedule, 0, sizeof(schedule)); - - seq = p; - _gsskrb5_decode_om_uint32(seq, &seq_number); - - if (context_handle->more_flags & LOCAL) - cmp = memcmp(&seq[4], "\xff\xff\xff\xff", 4); - else - cmp = memcmp(&seq[4], "\x00\x00\x00\x00", 4); - - if (cmp != 0) { - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - return GSS_S_BAD_MIC; - } - - ret = _gssapi_msg_order_check(context_handle->order, seq_number); - if (ret) { - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - return ret; - } - - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - - /* copy out data */ - - output_message_buffer->length = input_message_buffer->length - - len - padlength - 8; - output_message_buffer->value = malloc(output_message_buffer->length); - if(output_message_buffer->length != 0 && output_message_buffer->value == NULL) - return GSS_S_FAILURE; - memcpy (output_message_buffer->value, - p + 24, - output_message_buffer->length); - return GSS_S_COMPLETE; -} - -static OM_uint32 -unwrap_des3 - (OM_uint32 * minor_status, - const gsskrb5_ctx context_handle, - krb5_context context, - const gss_buffer_t input_message_buffer, - gss_buffer_t output_message_buffer, - int * conf_state, - gss_qop_t * qop_state, - krb5_keyblock *key - ) -{ - u_char *p; - size_t len; - u_char *seq; - krb5_data seq_data; - u_char cksum[20]; - uint32_t seq_number; - size_t padlength; - OM_uint32 ret; - int cstate; - krb5_crypto crypto; - Checksum csum; - int cmp; - - p = input_message_buffer->value; - ret = _gsskrb5_verify_header (&p, - input_message_buffer->length, - "\x02\x01", - GSS_KRB5_MECHANISM); - if (ret) - return ret; - - if (memcmp (p, "\x04\x00", 2) != 0) /* HMAC SHA1 DES3_KD */ - return GSS_S_BAD_SIG; - p += 2; - if (memcmp (p, "\x02\x00", 2) == 0) { - cstate = 1; - } else if (memcmp (p, "\xff\xff", 2) == 0) { - cstate = 0; - } else - return GSS_S_BAD_MIC; - p += 2; - if(conf_state != NULL) - *conf_state = cstate; - if (memcmp (p, "\xff\xff", 2) != 0) - return GSS_S_DEFECTIVE_TOKEN; - p += 2; - p += 28; - - len = p - (u_char *)input_message_buffer->value; - - if(cstate) { - /* decrypt data */ - krb5_data tmp; - - ret = krb5_crypto_init(context, key, - ETYPE_DES3_CBC_NONE, &crypto); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - ret = krb5_decrypt(context, crypto, KRB5_KU_USAGE_SEAL, - p, input_message_buffer->length - len, &tmp); - krb5_crypto_destroy(context, crypto); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - assert (tmp.length == input_message_buffer->length - len); - - memcpy (p, tmp.data, tmp.length); - krb5_data_free(&tmp); - } - /* check pad */ - ret = _gssapi_verify_pad(input_message_buffer, - input_message_buffer->length - len, - &padlength); - if (ret) - return ret; - - /* verify sequence number */ - - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - - p -= 28; - - ret = krb5_crypto_init(context, key, - ETYPE_DES3_CBC_NONE, &crypto); - if (ret) { - *minor_status = ret; - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - return GSS_S_FAILURE; - } - { - DES_cblock ivec; - - memcpy(&ivec, p + 8, 8); - ret = krb5_decrypt_ivec (context, - crypto, - KRB5_KU_USAGE_SEQ, - p, 8, &seq_data, - &ivec); - } - krb5_crypto_destroy (context, crypto); - if (ret) { - *minor_status = ret; - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - return GSS_S_FAILURE; - } - if (seq_data.length != 8) { - krb5_data_free (&seq_data); - *minor_status = 0; - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - return GSS_S_BAD_MIC; - } - - seq = seq_data.data; - _gsskrb5_decode_om_uint32(seq, &seq_number); - - if (context_handle->more_flags & LOCAL) - cmp = memcmp(&seq[4], "\xff\xff\xff\xff", 4); - else - cmp = memcmp(&seq[4], "\x00\x00\x00\x00", 4); - - krb5_data_free (&seq_data); - if (cmp != 0) { - *minor_status = 0; - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - return GSS_S_BAD_MIC; - } - - ret = _gssapi_msg_order_check(context_handle->order, seq_number); - if (ret) { - *minor_status = 0; - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - return ret; - } - - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - - /* verify checksum */ - - memcpy (cksum, p + 8, 20); - - memcpy (p + 20, p - 8, 8); - - csum.cksumtype = CKSUMTYPE_HMAC_SHA1_DES3; - csum.checksum.length = 20; - csum.checksum.data = cksum; - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = krb5_verify_checksum (context, crypto, - KRB5_KU_USAGE_SIGN, - p + 20, - input_message_buffer->length - len + 8, - &csum); - krb5_crypto_destroy (context, crypto); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - /* copy out data */ - - output_message_buffer->length = input_message_buffer->length - - len - padlength - 8; - output_message_buffer->value = malloc(output_message_buffer->length); - if(output_message_buffer->length != 0 && output_message_buffer->value == NULL) - return GSS_S_FAILURE; - memcpy (output_message_buffer->value, - p + 36, - output_message_buffer->length); - return GSS_S_COMPLETE; -} - -OM_uint32 _gsskrb5_unwrap - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t input_message_buffer, - gss_buffer_t output_message_buffer, - int * conf_state, - gss_qop_t * qop_state - ) -{ - krb5_keyblock *key; - krb5_context context; - OM_uint32 ret; - krb5_keytype keytype; - gsskrb5_ctx ctx = (gsskrb5_ctx) context_handle; - - output_message_buffer->value = NULL; - output_message_buffer->length = 0; - - GSSAPI_KRB5_INIT (&context); - - if (qop_state != NULL) - *qop_state = GSS_C_QOP_DEFAULT; - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - ret = _gsskrb5i_get_token_key(ctx, context, &key); - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - krb5_enctype_to_keytype (context, key->keytype, &keytype); - - *minor_status = 0; - - switch (keytype) { - case KEYTYPE_DES : - ret = unwrap_des (minor_status, ctx, - input_message_buffer, output_message_buffer, - conf_state, qop_state, key); - break; - case KEYTYPE_DES3 : - ret = unwrap_des3 (minor_status, ctx, context, - input_message_buffer, output_message_buffer, - conf_state, qop_state, key); - break; - case KEYTYPE_ARCFOUR: - case KEYTYPE_ARCFOUR_56: - ret = _gssapi_unwrap_arcfour (minor_status, ctx, context, - input_message_buffer, output_message_buffer, - conf_state, qop_state, key); - break; - default : - ret = _gssapi_unwrap_cfx (minor_status, ctx, context, - input_message_buffer, output_message_buffer, - conf_state, qop_state, key); - break; - } - krb5_free_keyblock (context, key); - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/v1.c b/crypto/heimdal/lib/gssapi/krb5/v1.c deleted file mode 100644 index c5ebeb9dd77e..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/v1.c +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: v1.c 18334 2006-10-07 22:16:04Z lha $"); - -/* These functions are for V1 compatibility */ - -OM_uint32 _gsskrb5_sign - (OM_uint32 * minor_status, - gss_ctx_id_t context_handle, - int qop_req, - gss_buffer_t message_buffer, - gss_buffer_t message_token - ) -{ - return _gsskrb5_get_mic(minor_status, - context_handle, - (gss_qop_t)qop_req, - message_buffer, - message_token); -} - -OM_uint32 _gsskrb5_verify - (OM_uint32 * minor_status, - gss_ctx_id_t context_handle, - gss_buffer_t message_buffer, - gss_buffer_t token_buffer, - int * qop_state - ) -{ - return _gsskrb5_verify_mic(minor_status, - context_handle, - message_buffer, - token_buffer, - (gss_qop_t *)qop_state); -} - -OM_uint32 _gsskrb5_seal - (OM_uint32 * minor_status, - gss_ctx_id_t context_handle, - int conf_req_flag, - int qop_req, - gss_buffer_t input_message_buffer, - int * conf_state, - gss_buffer_t output_message_buffer - ) -{ - return _gsskrb5_wrap(minor_status, - context_handle, - conf_req_flag, - (gss_qop_t)qop_req, - input_message_buffer, - conf_state, - output_message_buffer); -} - -OM_uint32 _gsskrb5_unseal - (OM_uint32 * minor_status, - gss_ctx_id_t context_handle, - gss_buffer_t input_message_buffer, - gss_buffer_t output_message_buffer, - int * conf_state, - int * qop_state - ) -{ - return _gsskrb5_unwrap(minor_status, - context_handle, - input_message_buffer, - output_message_buffer, - conf_state, - (gss_qop_t *)qop_state); -} diff --git a/crypto/heimdal/lib/gssapi/krb5/verify_mic.c b/crypto/heimdal/lib/gssapi/krb5/verify_mic.c deleted file mode 100644 index 52381afcc28a..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/verify_mic.c +++ /dev/null @@ -1,344 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: verify_mic.c 19031 2006-11-13 18:02:57Z lha $"); - -static OM_uint32 -verify_mic_des - (OM_uint32 * minor_status, - const gsskrb5_ctx context_handle, - krb5_context context, - const gss_buffer_t message_buffer, - const gss_buffer_t token_buffer, - gss_qop_t * qop_state, - krb5_keyblock *key, - char *type - ) -{ - u_char *p; - MD5_CTX md5; - u_char hash[16], *seq; - DES_key_schedule schedule; - DES_cblock zero; - DES_cblock deskey; - uint32_t seq_number; - OM_uint32 ret; - int cmp; - - p = token_buffer->value; - ret = _gsskrb5_verify_header (&p, - token_buffer->length, - type, - GSS_KRB5_MECHANISM); - if (ret) - return ret; - - if (memcmp(p, "\x00\x00", 2) != 0) - return GSS_S_BAD_SIG; - p += 2; - if (memcmp (p, "\xff\xff\xff\xff", 4) != 0) - return GSS_S_BAD_MIC; - p += 4; - p += 16; - - /* verify checksum */ - MD5_Init (&md5); - MD5_Update (&md5, p - 24, 8); - MD5_Update (&md5, message_buffer->value, - message_buffer->length); - MD5_Final (hash, &md5); - - memset (&zero, 0, sizeof(zero)); - memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - - DES_set_key (&deskey, &schedule); - DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), - &schedule, &zero); - if (memcmp (p - 8, hash, 8) != 0) { - memset (deskey, 0, sizeof(deskey)); - memset (&schedule, 0, sizeof(schedule)); - return GSS_S_BAD_MIC; - } - - /* verify sequence number */ - - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - - p -= 16; - DES_set_key (&deskey, &schedule); - DES_cbc_encrypt ((void *)p, (void *)p, 8, - &schedule, (DES_cblock *)hash, DES_DECRYPT); - - memset (deskey, 0, sizeof(deskey)); - memset (&schedule, 0, sizeof(schedule)); - - seq = p; - _gsskrb5_decode_om_uint32(seq, &seq_number); - - if (context_handle->more_flags & LOCAL) - cmp = memcmp(&seq[4], "\xff\xff\xff\xff", 4); - else - cmp = memcmp(&seq[4], "\x00\x00\x00\x00", 4); - - if (cmp != 0) { - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - return GSS_S_BAD_MIC; - } - - ret = _gssapi_msg_order_check(context_handle->order, seq_number); - if (ret) { - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - return ret; - } - - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - - return GSS_S_COMPLETE; -} - -static OM_uint32 -verify_mic_des3 - (OM_uint32 * minor_status, - const gsskrb5_ctx context_handle, - krb5_context context, - const gss_buffer_t message_buffer, - const gss_buffer_t token_buffer, - gss_qop_t * qop_state, - krb5_keyblock *key, - char *type - ) -{ - u_char *p; - u_char *seq; - uint32_t seq_number; - OM_uint32 ret; - krb5_crypto crypto; - krb5_data seq_data; - int cmp, docompat; - Checksum csum; - char *tmp; - char ivec[8]; - - p = token_buffer->value; - ret = _gsskrb5_verify_header (&p, - token_buffer->length, - type, - GSS_KRB5_MECHANISM); - if (ret) - return ret; - - if (memcmp(p, "\x04\x00", 2) != 0) /* SGN_ALG = HMAC SHA1 DES3-KD */ - return GSS_S_BAD_SIG; - p += 2; - if (memcmp (p, "\xff\xff\xff\xff", 4) != 0) - return GSS_S_BAD_MIC; - p += 4; - - ret = krb5_crypto_init(context, key, - ETYPE_DES3_CBC_NONE, &crypto); - if (ret){ - *minor_status = ret; - return GSS_S_FAILURE; - } - - /* verify sequence number */ - docompat = 0; -retry: - if (docompat) - memset(ivec, 0, 8); - else - memcpy(ivec, p + 8, 8); - - ret = krb5_decrypt_ivec (context, - crypto, - KRB5_KU_USAGE_SEQ, - p, 8, &seq_data, ivec); - if (ret) { - if (docompat++) { - krb5_crypto_destroy (context, crypto); - *minor_status = ret; - return GSS_S_FAILURE; - } else - goto retry; - } - - if (seq_data.length != 8) { - krb5_data_free (&seq_data); - if (docompat++) { - krb5_crypto_destroy (context, crypto); - return GSS_S_BAD_MIC; - } else - goto retry; - } - - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - - seq = seq_data.data; - _gsskrb5_decode_om_uint32(seq, &seq_number); - - if (context_handle->more_flags & LOCAL) - cmp = memcmp(&seq[4], "\xff\xff\xff\xff", 4); - else - cmp = memcmp(&seq[4], "\x00\x00\x00\x00", 4); - - krb5_data_free (&seq_data); - if (cmp != 0) { - krb5_crypto_destroy (context, crypto); - *minor_status = 0; - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - return GSS_S_BAD_MIC; - } - - ret = _gssapi_msg_order_check(context_handle->order, seq_number); - if (ret) { - krb5_crypto_destroy (context, crypto); - *minor_status = 0; - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - return ret; - } - - /* verify checksum */ - - tmp = malloc (message_buffer->length + 8); - if (tmp == NULL) { - krb5_crypto_destroy (context, crypto); - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - memcpy (tmp, p - 8, 8); - memcpy (tmp + 8, message_buffer->value, message_buffer->length); - - csum.cksumtype = CKSUMTYPE_HMAC_SHA1_DES3; - csum.checksum.length = 20; - csum.checksum.data = p + 8; - - ret = krb5_verify_checksum (context, crypto, - KRB5_KU_USAGE_SIGN, - tmp, message_buffer->length + 8, - &csum); - free (tmp); - if (ret) { - krb5_crypto_destroy (context, crypto); - *minor_status = ret; - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - return GSS_S_BAD_MIC; - } - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - - krb5_crypto_destroy (context, crypto); - return GSS_S_COMPLETE; -} - -OM_uint32 -_gsskrb5_verify_mic_internal - (OM_uint32 * minor_status, - const gsskrb5_ctx context_handle, - krb5_context context, - const gss_buffer_t message_buffer, - const gss_buffer_t token_buffer, - gss_qop_t * qop_state, - char * type - ) -{ - krb5_keyblock *key; - OM_uint32 ret; - krb5_keytype keytype; - - HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); - ret = _gsskrb5i_get_token_key(context_handle, context, &key); - HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - *minor_status = 0; - krb5_enctype_to_keytype (context, key->keytype, &keytype); - switch (keytype) { - case KEYTYPE_DES : - ret = verify_mic_des (minor_status, context_handle, context, - message_buffer, token_buffer, qop_state, key, - type); - break; - case KEYTYPE_DES3 : - ret = verify_mic_des3 (minor_status, context_handle, context, - message_buffer, token_buffer, qop_state, key, - type); - break; - case KEYTYPE_ARCFOUR : - case KEYTYPE_ARCFOUR_56 : - ret = _gssapi_verify_mic_arcfour (minor_status, context_handle, - context, - message_buffer, token_buffer, - qop_state, key, type); - break; - default : - ret = _gssapi_verify_mic_cfx (minor_status, context_handle, - context, - message_buffer, token_buffer, qop_state, - key); - break; - } - krb5_free_keyblock (context, key); - - return ret; -} - -OM_uint32 -_gsskrb5_verify_mic - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t message_buffer, - const gss_buffer_t token_buffer, - gss_qop_t * qop_state - ) -{ - krb5_context context; - OM_uint32 ret; - - GSSAPI_KRB5_INIT (&context); - - if (qop_state != NULL) - *qop_state = GSS_C_QOP_DEFAULT; - - ret = _gsskrb5_verify_mic_internal(minor_status, - (gsskrb5_ctx)context_handle, - context, - message_buffer, token_buffer, - qop_state, "\x01\x01"); - - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/krb5/wrap.c b/crypto/heimdal/lib/gssapi/krb5/wrap.c deleted file mode 100644 index d41379870ae9..000000000000 --- a/crypto/heimdal/lib/gssapi/krb5/wrap.c +++ /dev/null @@ -1,551 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" - -RCSID("$Id: wrap.c 19035 2006-11-14 09:49:56Z lha $"); - -/* - * Return initiator subkey, or if that doesn't exists, the subkey. - */ - -krb5_error_code -_gsskrb5i_get_initiator_subkey(const gsskrb5_ctx ctx, - krb5_context context, - krb5_keyblock **key) -{ - krb5_error_code ret; - *key = NULL; - - if (ctx->more_flags & LOCAL) { - ret = krb5_auth_con_getlocalsubkey(context, - ctx->auth_context, - key); - } else { - ret = krb5_auth_con_getremotesubkey(context, - ctx->auth_context, - key); - } - if (ret == 0 && *key == NULL) - ret = krb5_auth_con_getkey(context, - ctx->auth_context, - key); - if (ret == 0 && *key == NULL) { - krb5_set_error_string(context, "No initiator subkey available"); - return GSS_KRB5_S_KG_NO_SUBKEY; - } - return ret; -} - -krb5_error_code -_gsskrb5i_get_acceptor_subkey(const gsskrb5_ctx ctx, - krb5_context context, - krb5_keyblock **key) -{ - krb5_error_code ret; - *key = NULL; - - if (ctx->more_flags & LOCAL) { - ret = krb5_auth_con_getremotesubkey(context, - ctx->auth_context, - key); - } else { - ret = krb5_auth_con_getlocalsubkey(context, - ctx->auth_context, - key); - } - if (ret == 0 && *key == NULL) { - krb5_set_error_string(context, "No acceptor subkey available"); - return GSS_KRB5_S_KG_NO_SUBKEY; - } - return ret; -} - -OM_uint32 -_gsskrb5i_get_token_key(const gsskrb5_ctx ctx, - krb5_context context, - krb5_keyblock **key) -{ - _gsskrb5i_get_acceptor_subkey(ctx, context, key); - if(*key == NULL) { - /* - * Only use the initiator subkey or ticket session key if an - * acceptor subkey was not required. - */ - if ((ctx->more_flags & ACCEPTOR_SUBKEY) == 0) - _gsskrb5i_get_initiator_subkey(ctx, context, key); - } - if (*key == NULL) { - krb5_set_error_string(context, "No token key available"); - return GSS_KRB5_S_KG_NO_SUBKEY; - } - return 0; -} - -static OM_uint32 -sub_wrap_size ( - OM_uint32 req_output_size, - OM_uint32 * max_input_size, - int blocksize, - int extrasize - ) -{ - size_t len, total_len; - - len = 8 + req_output_size + blocksize + extrasize; - - _gsskrb5_encap_length(len, &len, &total_len, GSS_KRB5_MECHANISM); - - total_len -= req_output_size; /* token length */ - if (total_len < req_output_size) { - *max_input_size = (req_output_size - total_len); - (*max_input_size) &= (~(OM_uint32)(blocksize - 1)); - } else { - *max_input_size = 0; - } - return GSS_S_COMPLETE; -} - -OM_uint32 -_gsskrb5_wrap_size_limit ( - OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - int conf_req_flag, - gss_qop_t qop_req, - OM_uint32 req_output_size, - OM_uint32 * max_input_size - ) -{ - krb5_context context; - krb5_keyblock *key; - OM_uint32 ret; - krb5_keytype keytype; - const gsskrb5_ctx ctx = (const gsskrb5_ctx) context_handle; - - GSSAPI_KRB5_INIT (&context); - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - ret = _gsskrb5i_get_token_key(ctx, context, &key); - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - krb5_enctype_to_keytype (context, key->keytype, &keytype); - - switch (keytype) { - case KEYTYPE_DES : - ret = sub_wrap_size(req_output_size, max_input_size, 8, 22); - break; - case KEYTYPE_ARCFOUR: - case KEYTYPE_ARCFOUR_56: - ret = _gssapi_wrap_size_arcfour(minor_status, ctx, context, - conf_req_flag, qop_req, - req_output_size, max_input_size, key); - break; - case KEYTYPE_DES3 : - ret = sub_wrap_size(req_output_size, max_input_size, 8, 34); - break; - default : - ret = _gssapi_wrap_size_cfx(minor_status, ctx, context, - conf_req_flag, qop_req, - req_output_size, max_input_size, key); - break; - } - krb5_free_keyblock (context, key); - *minor_status = 0; - return ret; -} - -static OM_uint32 -wrap_des - (OM_uint32 * minor_status, - const gsskrb5_ctx ctx, - krb5_context context, - int conf_req_flag, - gss_qop_t qop_req, - const gss_buffer_t input_message_buffer, - int * conf_state, - gss_buffer_t output_message_buffer, - krb5_keyblock *key - ) -{ - u_char *p; - MD5_CTX md5; - u_char hash[16]; - DES_key_schedule schedule; - DES_cblock deskey; - DES_cblock zero; - int i; - int32_t seq_number; - size_t len, total_len, padlength, datalen; - - padlength = 8 - (input_message_buffer->length % 8); - datalen = input_message_buffer->length + padlength + 8; - len = datalen + 22; - _gsskrb5_encap_length (len, &len, &total_len, GSS_KRB5_MECHANISM); - - output_message_buffer->length = total_len; - output_message_buffer->value = malloc (total_len); - if (output_message_buffer->value == NULL) { - output_message_buffer->length = 0; - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - p = _gsskrb5_make_header(output_message_buffer->value, - len, - "\x02\x01", /* TOK_ID */ - GSS_KRB5_MECHANISM); - - /* SGN_ALG */ - memcpy (p, "\x00\x00", 2); - p += 2; - /* SEAL_ALG */ - if(conf_req_flag) - memcpy (p, "\x00\x00", 2); - else - memcpy (p, "\xff\xff", 2); - p += 2; - /* Filler */ - memcpy (p, "\xff\xff", 2); - p += 2; - - /* fill in later */ - memset (p, 0, 16); - p += 16; - - /* confounder + data + pad */ - krb5_generate_random_block(p, 8); - memcpy (p + 8, input_message_buffer->value, - input_message_buffer->length); - memset (p + 8 + input_message_buffer->length, padlength, padlength); - - /* checksum */ - MD5_Init (&md5); - MD5_Update (&md5, p - 24, 8); - MD5_Update (&md5, p, datalen); - MD5_Final (hash, &md5); - - memset (&zero, 0, sizeof(zero)); - memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - DES_set_key (&deskey, &schedule); - DES_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), - &schedule, &zero); - memcpy (p - 8, hash, 8); - - /* sequence number */ - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - krb5_auth_con_getlocalseqnumber (context, - ctx->auth_context, - &seq_number); - - p -= 16; - p[0] = (seq_number >> 0) & 0xFF; - p[1] = (seq_number >> 8) & 0xFF; - p[2] = (seq_number >> 16) & 0xFF; - p[3] = (seq_number >> 24) & 0xFF; - memset (p + 4, - (ctx->more_flags & LOCAL) ? 0 : 0xFF, - 4); - - DES_set_key (&deskey, &schedule); - DES_cbc_encrypt ((void *)p, (void *)p, 8, - &schedule, (DES_cblock *)(p + 8), DES_ENCRYPT); - - krb5_auth_con_setlocalseqnumber (context, - ctx->auth_context, - ++seq_number); - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - - /* encrypt the data */ - p += 16; - - if(conf_req_flag) { - memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - - for (i = 0; i < sizeof(deskey); ++i) - deskey[i] ^= 0xf0; - DES_set_key (&deskey, &schedule); - memset (&zero, 0, sizeof(zero)); - DES_cbc_encrypt ((void *)p, - (void *)p, - datalen, - &schedule, - &zero, - DES_ENCRYPT); - } - memset (deskey, 0, sizeof(deskey)); - memset (&schedule, 0, sizeof(schedule)); - - if(conf_state != NULL) - *conf_state = conf_req_flag; - *minor_status = 0; - return GSS_S_COMPLETE; -} - -static OM_uint32 -wrap_des3 - (OM_uint32 * minor_status, - const gsskrb5_ctx ctx, - krb5_context context, - int conf_req_flag, - gss_qop_t qop_req, - const gss_buffer_t input_message_buffer, - int * conf_state, - gss_buffer_t output_message_buffer, - krb5_keyblock *key - ) -{ - u_char *p; - u_char seq[8]; - int32_t seq_number; - size_t len, total_len, padlength, datalen; - uint32_t ret; - krb5_crypto crypto; - Checksum cksum; - krb5_data encdata; - - padlength = 8 - (input_message_buffer->length % 8); - datalen = input_message_buffer->length + padlength + 8; - len = datalen + 34; - _gsskrb5_encap_length (len, &len, &total_len, GSS_KRB5_MECHANISM); - - output_message_buffer->length = total_len; - output_message_buffer->value = malloc (total_len); - if (output_message_buffer->value == NULL) { - output_message_buffer->length = 0; - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - p = _gsskrb5_make_header(output_message_buffer->value, - len, - "\x02\x01", /* TOK_ID */ - GSS_KRB5_MECHANISM); - - /* SGN_ALG */ - memcpy (p, "\x04\x00", 2); /* HMAC SHA1 DES3-KD */ - p += 2; - /* SEAL_ALG */ - if(conf_req_flag) - memcpy (p, "\x02\x00", 2); /* DES3-KD */ - else - memcpy (p, "\xff\xff", 2); - p += 2; - /* Filler */ - memcpy (p, "\xff\xff", 2); - p += 2; - - /* calculate checksum (the above + confounder + data + pad) */ - - memcpy (p + 20, p - 8, 8); - krb5_generate_random_block(p + 28, 8); - memcpy (p + 28 + 8, input_message_buffer->value, - input_message_buffer->length); - memset (p + 28 + 8 + input_message_buffer->length, padlength, padlength); - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) { - free (output_message_buffer->value); - output_message_buffer->length = 0; - output_message_buffer->value = NULL; - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = krb5_create_checksum (context, - crypto, - KRB5_KU_USAGE_SIGN, - 0, - p + 20, - datalen + 8, - &cksum); - krb5_crypto_destroy (context, crypto); - if (ret) { - free (output_message_buffer->value); - output_message_buffer->length = 0; - output_message_buffer->value = NULL; - *minor_status = ret; - return GSS_S_FAILURE; - } - - /* zero out SND_SEQ + SGN_CKSUM in case */ - memset (p, 0, 28); - - memcpy (p + 8, cksum.checksum.data, cksum.checksum.length); - free_Checksum (&cksum); - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - /* sequence number */ - krb5_auth_con_getlocalseqnumber (context, - ctx->auth_context, - &seq_number); - - seq[0] = (seq_number >> 0) & 0xFF; - seq[1] = (seq_number >> 8) & 0xFF; - seq[2] = (seq_number >> 16) & 0xFF; - seq[3] = (seq_number >> 24) & 0xFF; - memset (seq + 4, - (ctx->more_flags & LOCAL) ? 0 : 0xFF, - 4); - - - ret = krb5_crypto_init(context, key, ETYPE_DES3_CBC_NONE, - &crypto); - if (ret) { - free (output_message_buffer->value); - output_message_buffer->length = 0; - output_message_buffer->value = NULL; - *minor_status = ret; - return GSS_S_FAILURE; - } - - { - DES_cblock ivec; - - memcpy (&ivec, p + 8, 8); - ret = krb5_encrypt_ivec (context, - crypto, - KRB5_KU_USAGE_SEQ, - seq, 8, &encdata, - &ivec); - } - krb5_crypto_destroy (context, crypto); - if (ret) { - free (output_message_buffer->value); - output_message_buffer->length = 0; - output_message_buffer->value = NULL; - *minor_status = ret; - return GSS_S_FAILURE; - } - - assert (encdata.length == 8); - - memcpy (p, encdata.data, encdata.length); - krb5_data_free (&encdata); - - krb5_auth_con_setlocalseqnumber (context, - ctx->auth_context, - ++seq_number); - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - - /* encrypt the data */ - p += 28; - - if(conf_req_flag) { - krb5_data tmp; - - ret = krb5_crypto_init(context, key, - ETYPE_DES3_CBC_NONE, &crypto); - if (ret) { - free (output_message_buffer->value); - output_message_buffer->length = 0; - output_message_buffer->value = NULL; - *minor_status = ret; - return GSS_S_FAILURE; - } - ret = krb5_encrypt(context, crypto, KRB5_KU_USAGE_SEAL, - p, datalen, &tmp); - krb5_crypto_destroy(context, crypto); - if (ret) { - free (output_message_buffer->value); - output_message_buffer->length = 0; - output_message_buffer->value = NULL; - *minor_status = ret; - return GSS_S_FAILURE; - } - assert (tmp.length == datalen); - - memcpy (p, tmp.data, datalen); - krb5_data_free(&tmp); - } - if(conf_state != NULL) - *conf_state = conf_req_flag; - *minor_status = 0; - return GSS_S_COMPLETE; -} - -OM_uint32 _gsskrb5_wrap - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - int conf_req_flag, - gss_qop_t qop_req, - const gss_buffer_t input_message_buffer, - int * conf_state, - gss_buffer_t output_message_buffer - ) -{ - krb5_context context; - krb5_keyblock *key; - OM_uint32 ret; - krb5_keytype keytype; - const gsskrb5_ctx ctx = (const gsskrb5_ctx) context_handle; - - GSSAPI_KRB5_INIT (&context); - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - ret = _gsskrb5i_get_token_key(ctx, context, &key); - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - krb5_enctype_to_keytype (context, key->keytype, &keytype); - - switch (keytype) { - case KEYTYPE_DES : - ret = wrap_des (minor_status, ctx, context, conf_req_flag, - qop_req, input_message_buffer, conf_state, - output_message_buffer, key); - break; - case KEYTYPE_DES3 : - ret = wrap_des3 (minor_status, ctx, context, conf_req_flag, - qop_req, input_message_buffer, conf_state, - output_message_buffer, key); - break; - case KEYTYPE_ARCFOUR: - case KEYTYPE_ARCFOUR_56: - ret = _gssapi_wrap_arcfour (minor_status, ctx, context, conf_req_flag, - qop_req, input_message_buffer, conf_state, - output_message_buffer, key); - break; - default : - ret = _gssapi_wrap_cfx (minor_status, ctx, context, conf_req_flag, - qop_req, input_message_buffer, conf_state, - output_message_buffer, key); - break; - } - krb5_free_keyblock (context, key); - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/accept_sec_context.c b/crypto/heimdal/lib/gssapi/ntlm/accept_sec_context.c deleted file mode 100644 index 79fc53826dec..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/accept_sec_context.c +++ /dev/null @@ -1,257 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: accept_sec_context.c 22521 2008-01-24 11:53:18Z lha $"); - -/* - * - */ - -OM_uint32 -_gss_ntlm_allocate_ctx(OM_uint32 *minor_status, ntlm_ctx *ctx) -{ - OM_uint32 maj_stat; - - *ctx = calloc(1, sizeof(**ctx)); - - (*ctx)->server = &ntlmsspi_kdc_digest; - - maj_stat = (*(*ctx)->server->nsi_init)(minor_status, &(*ctx)->ictx); - if (maj_stat != GSS_S_COMPLETE) - return maj_stat; - - return GSS_S_COMPLETE; -} - -/* - * - */ - -OM_uint32 -_gss_ntlm_accept_sec_context -(OM_uint32 * minor_status, - gss_ctx_id_t * context_handle, - const gss_cred_id_t acceptor_cred_handle, - const gss_buffer_t input_token_buffer, - const gss_channel_bindings_t input_chan_bindings, - gss_name_t * src_name, - gss_OID * mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec, - gss_cred_id_t * delegated_cred_handle - ) -{ - krb5_error_code ret; - struct ntlm_buf data; - ntlm_ctx ctx; - - output_token->value = NULL; - output_token->length = 0; - - *minor_status = 0; - - if (context_handle == NULL) - return GSS_S_FAILURE; - - if (input_token_buffer == GSS_C_NO_BUFFER) - return GSS_S_FAILURE; - - if (src_name) - *src_name = GSS_C_NO_NAME; - if (mech_type) - *mech_type = GSS_C_NO_OID; - if (ret_flags) - *ret_flags = 0; - if (time_rec) - *time_rec = 0; - if (delegated_cred_handle) - *delegated_cred_handle = GSS_C_NO_CREDENTIAL; - - if (*context_handle == GSS_C_NO_CONTEXT) { - struct ntlm_type1 type1; - OM_uint32 major_status; - OM_uint32 retflags; - struct ntlm_buf out; - - major_status = _gss_ntlm_allocate_ctx(minor_status, &ctx); - if (major_status) - return major_status; - *context_handle = (gss_ctx_id_t)ctx; - - /* check if the mechs is allowed by remote service */ - major_status = (*ctx->server->nsi_probe)(minor_status, ctx->ictx, NULL); - if (major_status) { - _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); - return major_status; - } - - data.data = input_token_buffer->value; - data.length = input_token_buffer->length; - - ret = heim_ntlm_decode_type1(&data, &type1); - if (ret) { - _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - if ((type1.flags & NTLM_NEG_UNICODE) == 0) { - heim_ntlm_free_type1(&type1); - _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - - if (type1.flags & NTLM_NEG_SIGN) - ctx->gssflags |= GSS_C_CONF_FLAG; - if (type1.flags & NTLM_NEG_SIGN) - ctx->gssflags |= GSS_C_INTEG_FLAG; - - major_status = (*ctx->server->nsi_type2)(minor_status, - ctx->ictx, - type1.flags, - type1.hostname, - type1.domain, - &retflags, - &out); - heim_ntlm_free_type1(&type1); - if (major_status != GSS_S_COMPLETE) { - OM_uint32 junk; - _gss_ntlm_delete_sec_context(&junk, context_handle, NULL); - return major_status; - } - - output_token->value = malloc(out.length); - if (output_token->value == NULL) { - OM_uint32 junk; - _gss_ntlm_delete_sec_context(&junk, context_handle, NULL); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - memcpy(output_token->value, out.data, out.length); - output_token->length = out.length; - - ctx->flags = retflags; - - return GSS_S_CONTINUE_NEEDED; - } else { - OM_uint32 maj_stat; - struct ntlm_type3 type3; - struct ntlm_buf session; - - ctx = (ntlm_ctx)*context_handle; - - data.data = input_token_buffer->value; - data.length = input_token_buffer->length; - - ret = heim_ntlm_decode_type3(&data, 1, &type3); - if (ret) { - _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - maj_stat = (*ctx->server->nsi_type3)(minor_status, - ctx->ictx, - &type3, - &session); - if (maj_stat) { - heim_ntlm_free_type3(&type3); - _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); - return maj_stat; - } - - if (src_name) { - ntlm_name n = calloc(1, sizeof(*n)); - if (n) { - n->user = strdup(type3.username); - n->domain = strdup(type3.targetname); - } - if (n == NULL || n->user == NULL || n->domain == NULL) { - heim_ntlm_free_type3(&type3); - _gss_ntlm_delete_sec_context(minor_status, - context_handle, NULL); - return maj_stat; - } - *src_name = (gss_name_t)n; - } - - heim_ntlm_free_type3(&type3); - - ret = krb5_data_copy(&ctx->sessionkey, - session.data, session.length); - if (ret) { - _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - if (session.length != 0) { - - ctx->status |= STATUS_SESSIONKEY; - - if (ctx->flags & NTLM_NEG_NTLM2_SESSION) { - _gss_ntlm_set_key(&ctx->u.v2.send, 1, - (ctx->flags & NTLM_NEG_KEYEX), - ctx->sessionkey.data, - ctx->sessionkey.length); - _gss_ntlm_set_key(&ctx->u.v2.recv, 0, - (ctx->flags & NTLM_NEG_KEYEX), - ctx->sessionkey.data, - ctx->sessionkey.length); - } else { - RC4_set_key(&ctx->u.v1.crypto_send.key, - ctx->sessionkey.length, - ctx->sessionkey.data); - RC4_set_key(&ctx->u.v1.crypto_recv.key, - ctx->sessionkey.length, - ctx->sessionkey.data); - } - } - - if (mech_type) - *mech_type = GSS_NTLM_MECHANISM; - if (time_rec) - *time_rec = GSS_C_INDEFINITE; - - ctx->status |= STATUS_OPEN; - - if (ret_flags) - *ret_flags = ctx->gssflags; - - return GSS_S_COMPLETE; - } -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/acquire_cred.c b/crypto/heimdal/lib/gssapi/ntlm/acquire_cred.c deleted file mode 100644 index 8e17d4fb182b..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/acquire_cred.c +++ /dev/null @@ -1,94 +0,0 @@ -/* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: acquire_cred.c 22380 2007-12-29 18:42:56Z lha $"); - -OM_uint32 _gss_ntlm_acquire_cred - (OM_uint32 * min_stat, - const gss_name_t desired_name, - OM_uint32 time_req, - const gss_OID_set desired_mechs, - gss_cred_usage_t cred_usage, - gss_cred_id_t * output_cred_handle, - gss_OID_set * actual_mechs, - OM_uint32 * time_rec - ) -{ - ntlm_name name = (ntlm_name) desired_name; - OM_uint32 maj_stat; - ntlm_ctx ctx; - - *min_stat = 0; - if (output_cred_handle) - *output_cred_handle = GSS_C_NO_CREDENTIAL; - if (actual_mechs) - *actual_mechs = GSS_C_NO_OID_SET; - if (time_rec) - *time_rec = GSS_C_INDEFINITE; - - if (desired_name == NULL) - return GSS_S_NO_CRED; - - if (cred_usage == GSS_C_BOTH || cred_usage == GSS_C_ACCEPT) { - - maj_stat = _gss_ntlm_allocate_ctx(min_stat, &ctx); - if (maj_stat != GSS_S_COMPLETE) - return maj_stat; - - maj_stat = (*ctx->server->nsi_probe)(min_stat, ctx->ictx, - name->domain); - - if (maj_stat) - return maj_stat; - - { - gss_ctx_id_t context = (gss_ctx_id_t)ctx; - _gss_ntlm_delete_sec_context(min_stat, &context, NULL); - *min_stat = 0; - } - } - if (cred_usage == GSS_C_BOTH || cred_usage == GSS_C_INITIATE) { - ntlm_cred cred; - - *min_stat = _gss_ntlm_get_user_cred(name, &cred); - if (*min_stat) - return GSS_S_FAILURE; - cred->usage = cred_usage; - - *output_cred_handle = (gss_cred_id_t)cred; - } - - return (GSS_S_COMPLETE); -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/add_cred.c b/crypto/heimdal/lib/gssapi/ntlm/add_cred.c deleted file mode 100644 index 11a25811116a..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/add_cred.c +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: add_cred.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_add_cred ( - OM_uint32 *minor_status, - const gss_cred_id_t input_cred_handle, - const gss_name_t desired_name, - const gss_OID desired_mech, - gss_cred_usage_t cred_usage, - OM_uint32 initiator_time_req, - OM_uint32 acceptor_time_req, - gss_cred_id_t *output_cred_handle, - gss_OID_set *actual_mechs, - OM_uint32 *initiator_time_rec, - OM_uint32 *acceptor_time_rec) -{ - if (minor_status) - *minor_status = 0; - if (output_cred_handle) - *output_cred_handle = GSS_C_NO_CREDENTIAL; - if (actual_mechs) - *actual_mechs = GSS_C_NO_OID_SET; - if (initiator_time_rec) - *initiator_time_rec = 0; - if (acceptor_time_rec) - *acceptor_time_rec = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/canonicalize_name.c b/crypto/heimdal/lib/gssapi/ntlm/canonicalize_name.c deleted file mode 100644 index 8eaa8702fb8e..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/canonicalize_name.c +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: canonicalize_name.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_canonicalize_name ( - OM_uint32 * minor_status, - const gss_name_t input_name, - const gss_OID mech_type, - gss_name_t * output_name - ) -{ - return gss_duplicate_name (minor_status, input_name, output_name); -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/compare_name.c b/crypto/heimdal/lib/gssapi/ntlm/compare_name.c deleted file mode 100644 index d2c2d8b21327..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/compare_name.c +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: compare_name.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_compare_name - (OM_uint32 * minor_status, - const gss_name_t name1, - const gss_name_t name2, - int * name_equal - ) -{ - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/context_time.c b/crypto/heimdal/lib/gssapi/ntlm/context_time.c deleted file mode 100644 index a6895cbe8727..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/context_time.c +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: context_time.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_context_time - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - OM_uint32 * time_rec - ) -{ - if (time_rec) - *time_rec = GSS_C_INDEFINITE; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/crypto.c b/crypto/heimdal/lib/gssapi/ntlm/crypto.c deleted file mode 100644 index b05246ca52f4..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/crypto.c +++ /dev/null @@ -1,595 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: crypto.c 19535 2006-12-28 14:49:01Z lha $"); - -uint32_t -_krb5_crc_update (const char *p, size_t len, uint32_t res); -void -_krb5_crc_init_table(void); - -/* - * - */ - -static void -encode_le_uint32(uint32_t n, unsigned char *p) -{ - p[0] = (n >> 0) & 0xFF; - p[1] = (n >> 8) & 0xFF; - p[2] = (n >> 16) & 0xFF; - p[3] = (n >> 24) & 0xFF; -} - - -static void -decode_le_uint32(const void *ptr, uint32_t *n) -{ - const unsigned char *p = ptr; - *n = (p[0] << 0) | (p[1] << 8) | (p[2] << 16) | (p[3] << 24); -} - -/* - * - */ - -const char a2i_signmagic[] = - "session key to server-to-client signing key magic constant"; -const char a2i_sealmagic[] = - "session key to server-to-client sealing key magic constant"; -const char i2a_signmagic[] = - "session key to client-to-server signing key magic constant"; -const char i2a_sealmagic[] = - "session key to client-to-server sealing key magic constant"; - - -void -_gss_ntlm_set_key(struct ntlmv2_key *key, int acceptor, int sealsign, - unsigned char *data, size_t len) -{ - unsigned char out[16]; - MD5_CTX ctx; - const char *signmagic; - const char *sealmagic; - - if (acceptor) { - signmagic = a2i_signmagic; - sealmagic = a2i_sealmagic; - } else { - signmagic = i2a_signmagic; - sealmagic = i2a_sealmagic; - } - - key->seq = 0; - - MD5_Init(&ctx); - MD5_Update(&ctx, data, len); - MD5_Update(&ctx, signmagic, strlen(signmagic) + 1); - MD5_Final(key->signkey, &ctx); - - MD5_Init(&ctx); - MD5_Update(&ctx, data, len); - MD5_Update(&ctx, sealmagic, strlen(sealmagic) + 1); - MD5_Final(out, &ctx); - - RC4_set_key(&key->sealkey, 16, out); - if (sealsign) - key->signsealkey = &key->sealkey; -} - -/* - * - */ - -static OM_uint32 -v1_sign_message(gss_buffer_t in, - RC4_KEY *signkey, - uint32_t seq, - unsigned char out[16]) -{ - unsigned char sigature[12]; - uint32_t crc; - - _krb5_crc_init_table(); - crc = _krb5_crc_update(in->value, in->length, 0); - - encode_le_uint32(0, &sigature[0]); - encode_le_uint32(crc, &sigature[4]); - encode_le_uint32(seq, &sigature[8]); - - encode_le_uint32(1, out); /* version */ - RC4(signkey, sizeof(sigature), sigature, out + 4); - - if (RAND_bytes(out + 4, 4) != 1) - return GSS_S_UNAVAILABLE; - - return 0; -} - - -static OM_uint32 -v2_sign_message(gss_buffer_t in, - unsigned char signkey[16], - RC4_KEY *sealkey, - uint32_t seq, - unsigned char out[16]) -{ - unsigned char hmac[16]; - unsigned int hmaclen; - HMAC_CTX c; - - HMAC_CTX_init(&c); - HMAC_Init_ex(&c, signkey, 16, EVP_md5(), NULL); - - encode_le_uint32(seq, hmac); - HMAC_Update(&c, hmac, 4); - HMAC_Update(&c, in->value, in->length); - HMAC_Final(&c, hmac, &hmaclen); - HMAC_CTX_cleanup(&c); - - encode_le_uint32(1, &out[0]); - if (sealkey) - RC4(sealkey, 8, hmac, &out[4]); - else - memcpy(&out[4], hmac, 8); - - memset(&out[12], 0, 4); - - return GSS_S_COMPLETE; -} - -static OM_uint32 -v2_verify_message(gss_buffer_t in, - unsigned char signkey[16], - RC4_KEY *sealkey, - uint32_t seq, - const unsigned char checksum[16]) -{ - OM_uint32 ret; - unsigned char out[16]; - - ret = v2_sign_message(in, signkey, sealkey, seq, out); - if (ret) - return ret; - - if (memcmp(checksum, out, 16) != 0) - return GSS_S_BAD_MIC; - - return GSS_S_COMPLETE; -} - -static OM_uint32 -v2_seal_message(const gss_buffer_t in, - unsigned char signkey[16], - uint32_t seq, - RC4_KEY *sealkey, - gss_buffer_t out) -{ - unsigned char *p; - OM_uint32 ret; - - if (in->length + 16 < in->length) - return EINVAL; - - p = malloc(in->length + 16); - if (p == NULL) - return ENOMEM; - - RC4(sealkey, in->length, in->value, p); - - ret = v2_sign_message(in, signkey, sealkey, seq, &p[in->length]); - if (ret) { - free(p); - return ret; - } - - out->value = p; - out->length = in->length + 16; - - return 0; -} - -static OM_uint32 -v2_unseal_message(gss_buffer_t in, - unsigned char signkey[16], - uint32_t seq, - RC4_KEY *sealkey, - gss_buffer_t out) -{ - OM_uint32 ret; - - if (in->length < 16) - return GSS_S_BAD_MIC; - - out->length = in->length - 16; - out->value = malloc(out->length); - if (out->value == NULL) - return GSS_S_BAD_MIC; - - RC4(sealkey, out->length, in->value, out->value); - - ret = v2_verify_message(out, signkey, sealkey, seq, - ((const unsigned char *)in->value) + out->length); - if (ret) { - OM_uint32 junk; - gss_release_buffer(&junk, out); - } - return ret; -} - -/* - * - */ - -#define CTX_FLAGS_ISSET(_ctx,_flags) \ - (((_ctx)->flags & (_flags)) == (_flags)) - -/* - * - */ - -OM_uint32 _gss_ntlm_get_mic - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - gss_qop_t qop_req, - const gss_buffer_t message_buffer, - gss_buffer_t message_token - ) -{ - ntlm_ctx ctx = (ntlm_ctx)context_handle; - OM_uint32 junk; - - if (minor_status) - *minor_status = 0; - if (message_token) { - message_token->length = 0; - message_token->value = NULL; - } - - message_token->value = malloc(16); - message_token->length = 16; - if (message_token->value == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - if (CTX_FLAGS_ISSET(ctx, NTLM_NEG_SIGN|NTLM_NEG_NTLM2_SESSION)) { - OM_uint32 ret; - - if ((ctx->status & STATUS_SESSIONKEY) == 0) { - gss_release_buffer(&junk, message_token); - return GSS_S_UNAVAILABLE; - } - - ret = v2_sign_message(message_buffer, - ctx->u.v2.send.signkey, - ctx->u.v2.send.signsealkey, - ctx->u.v2.send.seq++, - message_token->value); - if (ret) - gss_release_buffer(&junk, message_token); - return ret; - - } else if (CTX_FLAGS_ISSET(ctx, NTLM_NEG_SIGN)) { - OM_uint32 ret; - - if ((ctx->status & STATUS_SESSIONKEY) == 0) { - gss_release_buffer(&junk, message_token); - return GSS_S_UNAVAILABLE; - } - - ret = v1_sign_message(message_buffer, - &ctx->u.v1.crypto_send.key, - ctx->u.v1.crypto_send.seq++, - message_token->value); - if (ret) - gss_release_buffer(&junk, message_token); - return ret; - - } else if (CTX_FLAGS_ISSET(ctx, NTLM_NEG_ALWAYS_SIGN)) { - unsigned char *sigature; - - sigature = message_token->value; - - encode_le_uint32(1, &sigature[0]); /* version */ - encode_le_uint32(0, &sigature[4]); - encode_le_uint32(0, &sigature[8]); - encode_le_uint32(0, &sigature[12]); - - return GSS_S_COMPLETE; - } - gss_release_buffer(&junk, message_token); - - return GSS_S_UNAVAILABLE; -} - -/* - * - */ - -OM_uint32 -_gss_ntlm_verify_mic - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t message_buffer, - const gss_buffer_t token_buffer, - gss_qop_t * qop_state - ) -{ - ntlm_ctx ctx = (ntlm_ctx)context_handle; - - if (qop_state != NULL) - *qop_state = GSS_C_QOP_DEFAULT; - *minor_status = 0; - - if (token_buffer->length != 16) - return GSS_S_BAD_MIC; - - if (CTX_FLAGS_ISSET(ctx, NTLM_NEG_SIGN|NTLM_NEG_NTLM2_SESSION)) { - OM_uint32 ret; - - if ((ctx->status & STATUS_SESSIONKEY) == 0) - return GSS_S_UNAVAILABLE; - - ret = v2_verify_message(message_buffer, - ctx->u.v2.recv.signkey, - ctx->u.v2.recv.signsealkey, - ctx->u.v2.recv.seq++, - token_buffer->value); - if (ret) - return ret; - - return GSS_S_COMPLETE; - } else if (CTX_FLAGS_ISSET(ctx, NTLM_NEG_SIGN)) { - - unsigned char sigature[12]; - uint32_t crc, num; - - if ((ctx->status & STATUS_SESSIONKEY) == 0) - return GSS_S_UNAVAILABLE; - - decode_le_uint32(token_buffer->value, &num); - if (num != 1) - return GSS_S_BAD_MIC; - - RC4(&ctx->u.v1.crypto_recv.key, sizeof(sigature), - ((unsigned char *)token_buffer->value) + 4, sigature); - - _krb5_crc_init_table(); - crc = _krb5_crc_update(message_buffer->value, - message_buffer->length, 0); - /* skip first 4 bytes in the encrypted checksum */ - decode_le_uint32(&sigature[4], &num); - if (num != crc) - return GSS_S_BAD_MIC; - decode_le_uint32(&sigature[8], &num); - if (ctx->u.v1.crypto_recv.seq != num) - return GSS_S_BAD_MIC; - ctx->u.v1.crypto_recv.seq++; - - return GSS_S_COMPLETE; - } else if (ctx->flags & NTLM_NEG_ALWAYS_SIGN) { - uint32_t num; - unsigned char *p; - - p = (unsigned char*)(token_buffer->value); - - decode_le_uint32(&p[0], &num); /* version */ - if (num != 1) return GSS_S_BAD_MIC; - decode_le_uint32(&p[4], &num); - if (num != 0) return GSS_S_BAD_MIC; - decode_le_uint32(&p[8], &num); - if (num != 0) return GSS_S_BAD_MIC; - decode_le_uint32(&p[12], &num); - if (num != 0) return GSS_S_BAD_MIC; - - return GSS_S_COMPLETE; - } - - return GSS_S_UNAVAILABLE; -} - -/* - * - */ - -OM_uint32 -_gss_ntlm_wrap_size_limit ( - OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - int conf_req_flag, - gss_qop_t qop_req, - OM_uint32 req_output_size, - OM_uint32 * max_input_size - ) -{ - ntlm_ctx ctx = (ntlm_ctx)context_handle; - - *minor_status = 0; - - if(ctx->flags & NTLM_NEG_SEAL) { - - if (req_output_size < 16) - *max_input_size = 0; - else - *max_input_size = req_output_size - 16; - - return GSS_S_COMPLETE; - } - - return GSS_S_UNAVAILABLE; -} - -/* - * - */ - -OM_uint32 _gss_ntlm_wrap -(OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - int conf_req_flag, - gss_qop_t qop_req, - const gss_buffer_t input_message_buffer, - int * conf_state, - gss_buffer_t output_message_buffer - ) -{ - ntlm_ctx ctx = (ntlm_ctx)context_handle; - OM_uint32 ret; - - if (minor_status) - *minor_status = 0; - if (conf_state) - *conf_state = 0; - if (output_message_buffer == GSS_C_NO_BUFFER) - return GSS_S_FAILURE; - - - if (CTX_FLAGS_ISSET(ctx, NTLM_NEG_SEAL|NTLM_NEG_NTLM2_SESSION)) { - - return v2_seal_message(input_message_buffer, - ctx->u.v2.send.signkey, - ctx->u.v2.send.seq++, - &ctx->u.v2.send.sealkey, - output_message_buffer); - - } else if (CTX_FLAGS_ISSET(ctx, NTLM_NEG_SEAL)) { - gss_buffer_desc trailer; - OM_uint32 junk; - - output_message_buffer->length = input_message_buffer->length + 16; - output_message_buffer->value = malloc(output_message_buffer->length); - if (output_message_buffer->value == NULL) { - output_message_buffer->length = 0; - return GSS_S_FAILURE; - } - - - RC4(&ctx->u.v1.crypto_send.key, input_message_buffer->length, - input_message_buffer->value, output_message_buffer->value); - - ret = _gss_ntlm_get_mic(minor_status, context_handle, - 0, input_message_buffer, - &trailer); - if (ret) { - gss_release_buffer(&junk, output_message_buffer); - return ret; - } - if (trailer.length != 16) { - gss_release_buffer(&junk, output_message_buffer); - gss_release_buffer(&junk, &trailer); - return GSS_S_FAILURE; - } - memcpy(((unsigned char *)output_message_buffer->value) + - input_message_buffer->length, - trailer.value, trailer.length); - gss_release_buffer(&junk, &trailer); - - return GSS_S_COMPLETE; - } - - return GSS_S_UNAVAILABLE; -} - -/* - * - */ - -OM_uint32 _gss_ntlm_unwrap - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t input_message_buffer, - gss_buffer_t output_message_buffer, - int * conf_state, - gss_qop_t * qop_state - ) -{ - ntlm_ctx ctx = (ntlm_ctx)context_handle; - OM_uint32 ret; - - if (minor_status) - *minor_status = 0; - if (output_message_buffer) { - output_message_buffer->value = NULL; - output_message_buffer->length = 0; - } - if (conf_state) - *conf_state = 0; - if (qop_state) - *qop_state = 0; - - if (CTX_FLAGS_ISSET(ctx, NTLM_NEG_SEAL|NTLM_NEG_NTLM2_SESSION)) { - - return v2_unseal_message(input_message_buffer, - ctx->u.v2.recv.signkey, - ctx->u.v2.recv.seq++, - &ctx->u.v2.recv.sealkey, - output_message_buffer); - - } else if (CTX_FLAGS_ISSET(ctx, NTLM_NEG_SEAL)) { - - gss_buffer_desc trailer; - OM_uint32 junk; - - if (input_message_buffer->length < 16) - return GSS_S_BAD_MIC; - - output_message_buffer->length = input_message_buffer->length - 16; - output_message_buffer->value = malloc(output_message_buffer->length); - if (output_message_buffer->value == NULL) { - output_message_buffer->length = 0; - return GSS_S_FAILURE; - } - - RC4(&ctx->u.v1.crypto_recv.key, output_message_buffer->length, - input_message_buffer->value, output_message_buffer->value); - - trailer.value = ((unsigned char *)input_message_buffer->value) + - output_message_buffer->length; - trailer.length = 16; - - ret = _gss_ntlm_verify_mic(minor_status, context_handle, - output_message_buffer, - &trailer, NULL); - if (ret) { - gss_release_buffer(&junk, output_message_buffer); - return ret; - } - - return GSS_S_COMPLETE; - } - - return GSS_S_UNAVAILABLE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/delete_sec_context.c b/crypto/heimdal/lib/gssapi/ntlm/delete_sec_context.c deleted file mode 100644 index c51f227051fe..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/delete_sec_context.c +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: delete_sec_context.c 22163 2007-12-04 21:25:06Z lha $"); - -OM_uint32 _gss_ntlm_delete_sec_context - (OM_uint32 * minor_status, - gss_ctx_id_t * context_handle, - gss_buffer_t output_token - ) -{ - if (context_handle) { - ntlm_ctx ctx = (ntlm_ctx)*context_handle; - gss_cred_id_t cred = (gss_cred_id_t)ctx->client; - - *context_handle = GSS_C_NO_CONTEXT; - - if (ctx->server) - (*ctx->server->nsi_destroy)(minor_status, ctx->ictx); - - _gss_ntlm_release_cred(NULL, &cred); - - memset(ctx, 0, sizeof(*ctx)); - free(ctx); - } - if (output_token) { - output_token->length = 0; - output_token->value = NULL; - } - - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/digest.c b/crypto/heimdal/lib/gssapi/ntlm/digest.c deleted file mode 100644 index fecf4a5b2799..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/digest.c +++ /dev/null @@ -1,435 +0,0 @@ -/* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: digest.c 22169 2007-12-04 22:19:16Z lha $"); - -/* - * - */ - -struct ntlmkrb5 { - krb5_context context; - krb5_ntlm ntlm; - krb5_realm kerberos_realm; - krb5_ccache id; - krb5_data opaque; - int destroy; - OM_uint32 flags; - struct ntlm_buf key; - krb5_data sessionkey; -}; - -static OM_uint32 kdc_destroy(OM_uint32 *, void *); - -/* - * Get credential cache that the ntlm code can use to talk to the KDC - * using the digest API. - */ - -static krb5_error_code -get_ccache(krb5_context context, int *destroy, krb5_ccache *id) -{ - krb5_principal principal = NULL; - krb5_error_code ret; - krb5_keytab kt = NULL; - - *id = NULL; - - if (!issuid()) { - const char *cache; - - cache = getenv("NTLM_ACCEPTOR_CCACHE"); - if (cache) { - ret = krb5_cc_resolve(context, cache, id); - if (ret) - goto out; - return 0; - } - } - - ret = krb5_sname_to_principal(context, NULL, "host", - KRB5_NT_SRV_HST, &principal); - if (ret) - goto out; - - ret = krb5_cc_cache_match(context, principal, NULL, id); - if (ret == 0) - return 0; - - /* did not find in default credcache, lets try default keytab */ - ret = krb5_kt_default(context, &kt); - if (ret) - goto out; - - /* XXX check in keytab */ - { - krb5_get_init_creds_opt *opt; - krb5_creds cred; - - memset(&cred, 0, sizeof(cred)); - - ret = krb5_cc_new_unique(context, "MEMORY", NULL, id); - if (ret) - goto out; - *destroy = 1; - ret = krb5_get_init_creds_opt_alloc(context, &opt); - if (ret) - goto out; - ret = krb5_get_init_creds_keytab (context, - &cred, - principal, - kt, - 0, - NULL, - opt); - krb5_get_init_creds_opt_free(context, opt); - if (ret) - goto out; - ret = krb5_cc_initialize (context, *id, cred.client); - if (ret) { - krb5_free_cred_contents (context, &cred); - goto out; - } - ret = krb5_cc_store_cred (context, *id, &cred); - krb5_free_cred_contents (context, &cred); - if (ret) - goto out; - } - - krb5_kt_close(context, kt); - - return 0; - -out: - if (*destroy) - krb5_cc_destroy(context, *id); - else - krb5_cc_close(context, *id); - - *id = NULL; - - if (kt) - krb5_kt_close(context, kt); - - if (principal) - krb5_free_principal(context, principal); - return ret; -} - -/* - * - */ - -static OM_uint32 -kdc_alloc(OM_uint32 *minor, void **ctx) -{ - krb5_error_code ret; - struct ntlmkrb5 *c; - OM_uint32 junk; - - c = calloc(1, sizeof(*c)); - if (c == NULL) { - *minor = ENOMEM; - return GSS_S_FAILURE; - } - - ret = krb5_init_context(&c->context); - if (ret) { - kdc_destroy(&junk, c); - *minor = ret; - return GSS_S_FAILURE; - } - - ret = get_ccache(c->context, &c->destroy, &c->id); - if (ret) { - kdc_destroy(&junk, c); - *minor = ret; - return GSS_S_FAILURE; - } - - ret = krb5_ntlm_alloc(c->context, &c->ntlm); - if (ret) { - kdc_destroy(&junk, c); - *minor = ret; - return GSS_S_FAILURE; - } - - *ctx = c; - - return GSS_S_COMPLETE; -} - -static int -kdc_probe(OM_uint32 *minor, void *ctx, const char *realm) -{ - struct ntlmkrb5 *c = ctx; - krb5_error_code ret; - unsigned flags; - - ret = krb5_digest_probe(c->context, rk_UNCONST(realm), c->id, &flags); - if (ret) - return ret; - - if ((flags & (1|2|4)) == 0) - return EINVAL; - - return 0; -} - -/* - * - */ - -static OM_uint32 -kdc_destroy(OM_uint32 *minor, void *ctx) -{ - struct ntlmkrb5 *c = ctx; - krb5_data_free(&c->opaque); - krb5_data_free(&c->sessionkey); - if (c->ntlm) - krb5_ntlm_free(c->context, c->ntlm); - if (c->id) { - if (c->destroy) - krb5_cc_destroy(c->context, c->id); - else - krb5_cc_close(c->context, c->id); - } - if (c->context) - krb5_free_context(c->context); - memset(c, 0, sizeof(*c)); - free(c); - - return GSS_S_COMPLETE; -} - -/* - * - */ - -static OM_uint32 -kdc_type2(OM_uint32 *minor_status, - void *ctx, - uint32_t flags, - const char *hostname, - const char *domain, - uint32_t *ret_flags, - struct ntlm_buf *out) -{ - struct ntlmkrb5 *c = ctx; - krb5_error_code ret; - struct ntlm_type2 type2; - krb5_data challange; - struct ntlm_buf data; - krb5_data ti; - - memset(&type2, 0, sizeof(type2)); - - /* - * Request data for type 2 packet from the KDC. - */ - ret = krb5_ntlm_init_request(c->context, - c->ntlm, - NULL, - c->id, - flags, - hostname, - domain); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - /* - * - */ - - ret = krb5_ntlm_init_get_opaque(c->context, c->ntlm, &c->opaque); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - /* - * - */ - - ret = krb5_ntlm_init_get_flags(c->context, c->ntlm, &type2.flags); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - *ret_flags = type2.flags; - - ret = krb5_ntlm_init_get_challange(c->context, c->ntlm, &challange); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - if (challange.length != sizeof(type2.challange)) { - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - memcpy(type2.challange, challange.data, sizeof(type2.challange)); - krb5_data_free(&challange); - - ret = krb5_ntlm_init_get_targetname(c->context, c->ntlm, - &type2.targetname); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = krb5_ntlm_init_get_targetinfo(c->context, c->ntlm, &ti); - if (ret) { - free(type2.targetname); - *minor_status = ret; - return GSS_S_FAILURE; - } - - type2.targetinfo.data = ti.data; - type2.targetinfo.length = ti.length; - - ret = heim_ntlm_encode_type2(&type2, &data); - free(type2.targetname); - krb5_data_free(&ti); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } - - out->data = data.data; - out->length = data.length; - - return GSS_S_COMPLETE; -} - -/* - * - */ - -static OM_uint32 -kdc_type3(OM_uint32 *minor_status, - void *ctx, - const struct ntlm_type3 *type3, - struct ntlm_buf *sessionkey) -{ - struct ntlmkrb5 *c = ctx; - krb5_error_code ret; - - sessionkey->data = NULL; - sessionkey->length = 0; - - ret = krb5_ntlm_req_set_flags(c->context, c->ntlm, type3->flags); - if (ret) goto out; - ret = krb5_ntlm_req_set_username(c->context, c->ntlm, type3->username); - if (ret) goto out; - ret = krb5_ntlm_req_set_targetname(c->context, c->ntlm, - type3->targetname); - if (ret) goto out; - ret = krb5_ntlm_req_set_lm(c->context, c->ntlm, - type3->lm.data, type3->lm.length); - if (ret) goto out; - ret = krb5_ntlm_req_set_ntlm(c->context, c->ntlm, - type3->ntlm.data, type3->ntlm.length); - if (ret) goto out; - ret = krb5_ntlm_req_set_opaque(c->context, c->ntlm, &c->opaque); - if (ret) goto out; - - if (type3->sessionkey.length) { - ret = krb5_ntlm_req_set_session(c->context, c->ntlm, - type3->sessionkey.data, - type3->sessionkey.length); - if (ret) goto out; - } - - /* - * Verify with the KDC the type3 packet is ok - */ - ret = krb5_ntlm_request(c->context, - c->ntlm, - NULL, - c->id); - if (ret) - goto out; - - if (krb5_ntlm_rep_get_status(c->context, c->ntlm) != TRUE) { - ret = EINVAL; - goto out; - } - - if (type3->sessionkey.length) { - ret = krb5_ntlm_rep_get_sessionkey(c->context, - c->ntlm, - &c->sessionkey); - if (ret) - goto out; - - sessionkey->data = c->sessionkey.data; - sessionkey->length = c->sessionkey.length; - } - - return 0; - - out: - *minor_status = ret; - return GSS_S_FAILURE; -} - -/* - * - */ - -static void -kdc_free_buffer(struct ntlm_buf *sessionkey) -{ - if (sessionkey->data) - free(sessionkey->data); - sessionkey->data = NULL; - sessionkey->length = 0; -} - -/* - * - */ - -struct ntlm_server_interface ntlmsspi_kdc_digest = { - kdc_alloc, - kdc_destroy, - kdc_probe, - kdc_type2, - kdc_type3, - kdc_free_buffer -}; diff --git a/crypto/heimdal/lib/gssapi/ntlm/display_name.c b/crypto/heimdal/lib/gssapi/ntlm/display_name.c deleted file mode 100644 index a04d96c4510f..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/display_name.c +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: display_name.c 22373 2007-12-28 18:36:06Z lha $"); - -OM_uint32 _gss_ntlm_display_name - (OM_uint32 * minor_status, - const gss_name_t input_name, - gss_buffer_t output_name_buffer, - gss_OID * output_name_type - ) -{ - *minor_status = 0; - - if (output_name_type) - *output_name_type = GSS_NTLM_MECHANISM; - - if (output_name_buffer) { - ntlm_name n = (ntlm_name)input_name; - char *str; - int len; - - output_name_buffer->length = 0; - output_name_buffer->value = NULL; - - if (n == NULL) { - *minor_status = 0; - return GSS_S_BAD_NAME; - } - - len = asprintf(&str, "%s@%s", n->user, n->domain); - if (str == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - output_name_buffer->length = len; - output_name_buffer->value = str; - } - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/display_status.c b/crypto/heimdal/lib/gssapi/ntlm/display_status.c deleted file mode 100644 index 70be5ebe4985..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/display_status.c +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 1998 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: display_status.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_display_status - (OM_uint32 *minor_status, - OM_uint32 status_value, - int status_type, - const gss_OID mech_type, - OM_uint32 *message_context, - gss_buffer_t status_string) -{ - if (minor_status) - *minor_status = 0; - if (status_string) { - status_string->length = 0; - status_string->value = NULL; - } - if (message_context) - *message_context = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/duplicate_name.c b/crypto/heimdal/lib/gssapi/ntlm/duplicate_name.c deleted file mode 100644 index 2b2f7dd65fe1..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/duplicate_name.c +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: duplicate_name.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_duplicate_name ( - OM_uint32 * minor_status, - const gss_name_t src_name, - gss_name_t * dest_name - ) -{ - if (minor_status) - *minor_status = 0; - if (dest_name) - *dest_name = NULL; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/export_name.c b/crypto/heimdal/lib/gssapi/ntlm/export_name.c deleted file mode 100644 index f0941b1ce625..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/export_name.c +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright (c) 1997, 1999, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: export_name.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_export_name - (OM_uint32 * minor_status, - const gss_name_t input_name, - gss_buffer_t exported_name - ) -{ - if (minor_status) - *minor_status = 0; - if (exported_name) { - exported_name->length = 0; - exported_name->value = NULL; - } - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/export_sec_context.c b/crypto/heimdal/lib/gssapi/ntlm/export_sec_context.c deleted file mode 100644 index 99a7be19ab27..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/export_sec_context.c +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 1999 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: export_sec_context.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 -_gss_ntlm_export_sec_context ( - OM_uint32 * minor_status, - gss_ctx_id_t * context_handle, - gss_buffer_t interprocess_token - ) -{ - if (minor_status) - *minor_status = 0; - if (interprocess_token) { - interprocess_token->length = 0; - interprocess_token->value = NULL; - } - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/external.c b/crypto/heimdal/lib/gssapi/ntlm/external.c deleted file mode 100644 index 8f86032796a9..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/external.c +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: external.c 19359 2006-12-15 20:01:48Z lha $"); - -static gssapi_mech_interface_desc ntlm_mech = { - GMI_VERSION, - "ntlm", - {10, rk_UNCONST("\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a") }, - _gss_ntlm_acquire_cred, - _gss_ntlm_release_cred, - _gss_ntlm_init_sec_context, - _gss_ntlm_accept_sec_context, - _gss_ntlm_process_context_token, - _gss_ntlm_delete_sec_context, - _gss_ntlm_context_time, - _gss_ntlm_get_mic, - _gss_ntlm_verify_mic, - _gss_ntlm_wrap, - _gss_ntlm_unwrap, - _gss_ntlm_display_status, - NULL, - _gss_ntlm_compare_name, - _gss_ntlm_display_name, - _gss_ntlm_import_name, - _gss_ntlm_export_name, - _gss_ntlm_release_name, - _gss_ntlm_inquire_cred, - _gss_ntlm_inquire_context, - _gss_ntlm_wrap_size_limit, - _gss_ntlm_add_cred, - _gss_ntlm_inquire_cred_by_mech, - _gss_ntlm_export_sec_context, - _gss_ntlm_import_sec_context, - _gss_ntlm_inquire_names_for_mech, - _gss_ntlm_inquire_mechs_for_name, - _gss_ntlm_canonicalize_name, - _gss_ntlm_duplicate_name -}; - -gssapi_mech_interface -__gss_ntlm_initialize(void) -{ - return &ntlm_mech; -} - -static gss_OID_desc _gss_ntlm_mechanism_desc = -{10, rk_UNCONST("\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a") }; - -gss_OID GSS_NTLM_MECHANISM = &_gss_ntlm_mechanism_desc; diff --git a/crypto/heimdal/lib/gssapi/ntlm/import_name.c b/crypto/heimdal/lib/gssapi/ntlm/import_name.c deleted file mode 100644 index 91cba082eadf..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/import_name.c +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: import_name.c 22373 2007-12-28 18:36:06Z lha $"); - -OM_uint32 _gss_ntlm_import_name - (OM_uint32 * minor_status, - const gss_buffer_t input_name_buffer, - const gss_OID input_name_type, - gss_name_t * output_name - ) -{ - char *name, *p, *p2; - ntlm_name n; - - *minor_status = 0; - - if (output_name) - *output_name = GSS_C_NO_NAME; - - if (!gss_oid_equal(input_name_type, GSS_C_NT_HOSTBASED_SERVICE)) - return GSS_S_BAD_NAMETYPE; - - name = malloc(input_name_buffer->length + 1); - if (name == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - memcpy(name, input_name_buffer->value, input_name_buffer->length); - name[input_name_buffer->length] = '\0'; - - /* find "domain" part of the name and uppercase it */ - p = strchr(name, '@'); - if (p == NULL) - return GSS_S_BAD_NAME; - p[0] = '\0'; - p++; - p2 = strchr(p, '.'); - if (p2 && p2[1] != '\0') { - p = p2 + 1; - p2 = strchr(p, '.'); - if (p2) - *p2 = '\0'; - } - strupr(p); - - n = calloc(1, sizeof(*n)); - if (name == NULL) { - free(name); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - n->user = strdup(name); - n->domain = strdup(p); - - free(name); - - if (n->user == NULL || n->domain == NULL) { - free(n->user); - free(n->domain); - free(n); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - *output_name = (gss_name_t)n; - - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/import_sec_context.c b/crypto/heimdal/lib/gssapi/ntlm/import_sec_context.c deleted file mode 100644 index cde0a011f0ce..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/import_sec_context.c +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (c) 1999 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: import_sec_context.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 -_gss_ntlm_import_sec_context ( - OM_uint32 * minor_status, - const gss_buffer_t interprocess_token, - gss_ctx_id_t * context_handle - ) -{ - if (minor_status) - *minor_status = 0; - if (context_handle) - *context_handle = GSS_C_NO_CONTEXT; - return GSS_S_FAILURE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/indicate_mechs.c b/crypto/heimdal/lib/gssapi/ntlm/indicate_mechs.c deleted file mode 100644 index 64171631edc9..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/indicate_mechs.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: indicate_mechs.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_indicate_mechs -(OM_uint32 * minor_status, - gss_OID_set * mech_set - ) -{ - if (minor_status) - *minor_status = 0; - if (mech_set) - *mech_set = GSS_C_NO_OID_SET; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/init_sec_context.c b/crypto/heimdal/lib/gssapi/ntlm/init_sec_context.c deleted file mode 100644 index 140dbece8435..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/init_sec_context.c +++ /dev/null @@ -1,508 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: init_sec_context.c 22382 2007-12-30 12:13:17Z lha $"); - -static int -from_file(const char *fn, const char *target_domain, - char **username, struct ntlm_buf *key) -{ - char *str, buf[1024]; - FILE *f; - - f = fopen(fn, "r"); - if (f == NULL) - return ENOENT; - - while (fgets(buf, sizeof(buf), f) != NULL) { - char *d, *u, *p; - buf[strcspn(buf, "\r\n")] = '\0'; - if (buf[0] == '#') - continue; - str = NULL; - d = strtok_r(buf, ":", &str); - if (d && strcasecmp(target_domain, d) != 0) - continue; - u = strtok_r(NULL, ":", &str); - p = strtok_r(NULL, ":", &str); - if (u == NULL || p == NULL) - continue; - - *username = strdup(u); - - heim_ntlm_nt_key(p, key); - - memset(buf, 0, sizeof(buf)); - fclose(f); - return 0; - } - memset(buf, 0, sizeof(buf)); - fclose(f); - return ENOENT; -} - -static int -get_user_file(const ntlm_name target_name, - char **username, struct ntlm_buf *key) -{ - const char *fn; - - if (issuid()) - return ENOENT; - - fn = getenv("NTLM_USER_FILE"); - if (fn == NULL) - return ENOENT; - if (from_file(fn, target_name->domain, username, key) == 0) - return 0; - - return ENOENT; -} - -/* - * Pick up the ntlm cred from the default krb5 credential cache. - */ - -static int -get_user_ccache(const ntlm_name name, char **username, struct ntlm_buf *key) -{ - krb5_principal client; - krb5_context context = NULL; - krb5_error_code ret; - krb5_ccache id = NULL; - krb5_creds mcreds, creds; - - *username = NULL; - key->length = 0; - key->data = NULL; - - memset(&creds, 0, sizeof(creds)); - memset(&mcreds, 0, sizeof(mcreds)); - - ret = krb5_init_context(&context); - if (ret) - return ret; - - ret = krb5_cc_default(context, &id); - if (ret) - goto out; - - ret = krb5_cc_get_principal(context, id, &client); - if (ret) - goto out; - - ret = krb5_unparse_name_flags(context, client, - KRB5_PRINCIPAL_UNPARSE_NO_REALM, - username); - if (ret) - goto out; - - ret = krb5_make_principal(context, &mcreds.server, - krb5_principal_get_realm(context, client), - "@ntlm-key", name->domain, NULL); - krb5_free_principal(context, client); - if (ret) - goto out; - - mcreds.session.keytype = ENCTYPE_ARCFOUR_HMAC_MD5; - ret = krb5_cc_retrieve_cred(context, id, KRB5_TC_MATCH_KEYTYPE, - &mcreds, &creds); - if (ret) { - char *s = krb5_get_error_message(context, ret); - krb5_free_error_string(context, s); - goto out; - } - - key->data = malloc(creds.session.keyvalue.length); - if (key->data == NULL) - goto out; - key->length = creds.session.keyvalue.length; - memcpy(key->data, creds.session.keyvalue.data, key->length); - - krb5_free_cred_contents(context, &creds); - - return 0; - -out: - if (*username) { - free(*username); - *username = NULL; - } - krb5_free_cred_contents(context, &creds); - if (mcreds.server) - krb5_free_principal(context, mcreds.server); - if (id) - krb5_cc_close(context, id); - if (context) - krb5_free_context(context); - - return ret; -} - -int -_gss_ntlm_get_user_cred(const ntlm_name target_name, - ntlm_cred *rcred) -{ - ntlm_cred cred; - int ret; - - cred = calloc(1, sizeof(*cred)); - if (cred == NULL) - return ENOMEM; - - ret = get_user_file(target_name, &cred->username, &cred->key); - if (ret) - ret = get_user_ccache(target_name, &cred->username, &cred->key); - if (ret) { - free(cred); - return ret; - } - - cred->domain = strdup(target_name->domain); - *rcred = cred; - - return ret; -} - -static int -_gss_copy_cred(ntlm_cred from, ntlm_cred *to) -{ - *to = calloc(1, sizeof(*to)); - if (*to == NULL) - return ENOMEM; - (*to)->username = strdup(from->username); - if ((*to)->username == NULL) { - free(*to); - return ENOMEM; - } - (*to)->domain = strdup(from->domain); - if ((*to)->domain == NULL) { - free((*to)->username); - free(*to); - return ENOMEM; - } - (*to)->key.data = malloc(from->key.length); - if ((*to)->key.data == NULL) { - free((*to)->domain); - free((*to)->username); - free(*to); - return ENOMEM; - } - memcpy((*to)->key.data, from->key.data, from->key.length); - (*to)->key.length = from->key.length; - - return 0; -} - -OM_uint32 -_gss_ntlm_init_sec_context - (OM_uint32 * minor_status, - const gss_cred_id_t initiator_cred_handle, - gss_ctx_id_t * context_handle, - const gss_name_t target_name, - const gss_OID mech_type, - OM_uint32 req_flags, - OM_uint32 time_req, - const gss_channel_bindings_t input_chan_bindings, - const gss_buffer_t input_token, - gss_OID * actual_mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec - ) -{ - ntlm_ctx ctx; - ntlm_name name = (ntlm_name)target_name; - - *minor_status = 0; - - if (ret_flags) - *ret_flags = 0; - if (time_rec) - *time_rec = 0; - if (actual_mech_type) - *actual_mech_type = GSS_C_NO_OID; - - if (*context_handle == GSS_C_NO_CONTEXT) { - struct ntlm_type1 type1; - struct ntlm_buf data; - uint32_t flags = 0; - int ret; - - ctx = calloc(1, sizeof(*ctx)); - if (ctx == NULL) { - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - *context_handle = (gss_ctx_id_t)ctx; - - if (initiator_cred_handle != GSS_C_NO_CREDENTIAL) { - ntlm_cred cred = (ntlm_cred)initiator_cred_handle; - ret = _gss_copy_cred(cred, &ctx->client); - } else - ret = _gss_ntlm_get_user_cred(name, &ctx->client); - - if (ret) { - _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - if (req_flags & GSS_C_CONF_FLAG) - flags |= NTLM_NEG_SEAL; - if (req_flags & GSS_C_INTEG_FLAG) - flags |= NTLM_NEG_SIGN; - else - flags |= NTLM_NEG_ALWAYS_SIGN; - - flags |= NTLM_NEG_UNICODE; - flags |= NTLM_NEG_NTLM; - flags |= NTLM_NEG_NTLM2_SESSION; - flags |= NTLM_NEG_KEYEX; - - memset(&type1, 0, sizeof(type1)); - - type1.flags = flags; - type1.domain = name->domain; - type1.hostname = NULL; - type1.os[0] = 0; - type1.os[1] = 0; - - ret = heim_ntlm_encode_type1(&type1, &data); - if (ret) { - _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - output_token->value = data.data; - output_token->length = data.length; - - return GSS_S_CONTINUE_NEEDED; - } else { - krb5_error_code ret; - struct ntlm_type2 type2; - struct ntlm_type3 type3; - struct ntlm_buf data; - - ctx = (ntlm_ctx)*context_handle; - - data.data = input_token->value; - data.length = input_token->length; - - ret = heim_ntlm_decode_type2(&data, &type2); - if (ret) { - _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - ctx->flags = type2.flags; - - /* XXX check that type2.targetinfo matches `target_name´ */ - /* XXX check verify targetinfo buffer */ - - memset(&type3, 0, sizeof(type3)); - - type3.username = ctx->client->username; - type3.flags = type2.flags; - type3.targetname = type2.targetname; - type3.ws = rk_UNCONST("workstation"); - - /* - * NTLM Version 1 if no targetinfo buffer. - */ - - if (1 || type2.targetinfo.length == 0) { - struct ntlm_buf sessionkey; - - if (type2.flags & NTLM_NEG_NTLM2_SESSION) { - unsigned char nonce[8]; - - if (RAND_bytes(nonce, sizeof(nonce)) != 1) { - _gss_ntlm_delete_sec_context(minor_status, - context_handle, NULL); - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - - ret = heim_ntlm_calculate_ntlm2_sess(nonce, - type2.challange, - ctx->client->key.data, - &type3.lm, - &type3.ntlm); - } else { - ret = heim_ntlm_calculate_ntlm1(ctx->client->key.data, - ctx->client->key.length, - type2.challange, - &type3.ntlm); - - } - if (ret) { - _gss_ntlm_delete_sec_context(minor_status,context_handle,NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = heim_ntlm_build_ntlm1_master(ctx->client->key.data, - ctx->client->key.length, - &sessionkey, - &type3.sessionkey); - if (ret) { - if (type3.lm.data) - free(type3.lm.data); - if (type3.ntlm.data) - free(type3.ntlm.data); - _gss_ntlm_delete_sec_context(minor_status,context_handle,NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = krb5_data_copy(&ctx->sessionkey, - sessionkey.data, sessionkey.length); - free(sessionkey.data); - if (ret) { - if (type3.lm.data) - free(type3.lm.data); - if (type3.ntlm.data) - free(type3.ntlm.data); - _gss_ntlm_delete_sec_context(minor_status,context_handle,NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - ctx->status |= STATUS_SESSIONKEY; - - } else { - struct ntlm_buf sessionkey; - unsigned char ntlmv2[16]; - struct ntlm_targetinfo ti; - - /* verify infotarget */ - - ret = heim_ntlm_decode_targetinfo(&type2.targetinfo, 1, &ti); - if(ret) { - _gss_ntlm_delete_sec_context(minor_status, - context_handle, NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - if (ti.domainname && strcmp(ti.domainname, name->domain) != 0) { - _gss_ntlm_delete_sec_context(minor_status, - context_handle, NULL); - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - - ret = heim_ntlm_calculate_ntlm2(ctx->client->key.data, - ctx->client->key.length, - ctx->client->username, - name->domain, - type2.challange, - &type2.targetinfo, - ntlmv2, - &type3.ntlm); - if (ret) { - _gss_ntlm_delete_sec_context(minor_status, - context_handle, NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = heim_ntlm_build_ntlm1_master(ntlmv2, sizeof(ntlmv2), - &sessionkey, - &type3.sessionkey); - memset(ntlmv2, 0, sizeof(ntlmv2)); - if (ret) { - _gss_ntlm_delete_sec_context(minor_status, - context_handle, NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - ctx->flags |= NTLM_NEG_NTLM2_SESSION; - - ret = krb5_data_copy(&ctx->sessionkey, - sessionkey.data, sessionkey.length); - free(sessionkey.data); - } - - if (ctx->flags & NTLM_NEG_NTLM2_SESSION) { - ctx->status |= STATUS_SESSIONKEY; - _gss_ntlm_set_key(&ctx->u.v2.send, 0, (ctx->flags & NTLM_NEG_KEYEX), - ctx->sessionkey.data, - ctx->sessionkey.length); - _gss_ntlm_set_key(&ctx->u.v2.recv, 1, (ctx->flags & NTLM_NEG_KEYEX), - ctx->sessionkey.data, - ctx->sessionkey.length); - } else { - ctx->status |= STATUS_SESSIONKEY; - RC4_set_key(&ctx->u.v1.crypto_recv.key, - ctx->sessionkey.length, - ctx->sessionkey.data); - RC4_set_key(&ctx->u.v1.crypto_send.key, - ctx->sessionkey.length, - ctx->sessionkey.data); - } - - - - ret = heim_ntlm_encode_type3(&type3, &data); - free(type3.sessionkey.data); - if (type3.lm.data) - free(type3.lm.data); - if (type3.ntlm.data) - free(type3.ntlm.data); - if (ret) { - _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL); - *minor_status = ret; - return GSS_S_FAILURE; - } - - output_token->length = data.length; - output_token->value = data.data; - - if (actual_mech_type) - *actual_mech_type = GSS_NTLM_MECHANISM; - if (ret_flags) - *ret_flags = 0; - if (time_rec) - *time_rec = GSS_C_INDEFINITE; - - ctx->status |= STATUS_OPEN; - - return GSS_S_COMPLETE; - } -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/inquire_context.c b/crypto/heimdal/lib/gssapi/ntlm/inquire_context.c deleted file mode 100644 index fe6b32272f70..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/inquire_context.c +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: inquire_context.c 21079 2007-06-13 00:25:25Z lha $"); - -OM_uint32 _gss_ntlm_inquire_context ( - OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - gss_name_t * src_name, - gss_name_t * targ_name, - OM_uint32 * lifetime_rec, - gss_OID * mech_type, - OM_uint32 * ctx_flags, - int * locally_initiated, - int * open_context - ) -{ - ntlm_ctx ctx = (ntlm_ctx)context_handle; - - *minor_status = 0; - if (src_name) - *src_name = GSS_C_NO_NAME; - if (targ_name) - *targ_name = GSS_C_NO_NAME; - if (lifetime_rec) - *lifetime_rec = GSS_C_INDEFINITE; - if (mech_type) - *mech_type = GSS_NTLM_MECHANISM; - if (ctx_flags) - *ctx_flags = ctx->gssflags; - if (locally_initiated) - *locally_initiated = (ctx->status & STATUS_CLIENT) ? 1 : 0; - if (open_context) - *open_context = (ctx->status & STATUS_OPEN) ? 1 : 0; - - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/inquire_cred.c b/crypto/heimdal/lib/gssapi/ntlm/inquire_cred.c deleted file mode 100644 index 1d49b5070d87..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/inquire_cred.c +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: inquire_cred.c 22148 2007-12-04 17:59:29Z lha $"); - -OM_uint32 _gss_ntlm_inquire_cred - (OM_uint32 * minor_status, - const gss_cred_id_t cred_handle, - gss_name_t * name, - OM_uint32 * lifetime, - gss_cred_usage_t * cred_usage, - gss_OID_set * mechanisms - ) -{ - OM_uint32 ret, junk; - - if (minor_status) - *minor_status = 0; - if (name) - *name = GSS_C_NO_NAME; - if (lifetime) - *lifetime = GSS_C_INDEFINITE; - if (cred_usage) - *cred_usage = 0; - if (mechanisms) - *mechanisms = GSS_C_NO_OID_SET; - - if (cred_handle == GSS_C_NO_CREDENTIAL) - return GSS_S_NO_CRED; - - if (mechanisms) { - ret = gss_create_empty_oid_set(minor_status, mechanisms); - if (ret) - goto out; - ret = gss_add_oid_set_member(minor_status, - GSS_NTLM_MECHANISM, - mechanisms); - if (ret) - goto out; - } - - return GSS_S_COMPLETE; -out: - gss_release_oid_set(&junk, mechanisms); - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/inquire_cred_by_mech.c b/crypto/heimdal/lib/gssapi/ntlm/inquire_cred_by_mech.c deleted file mode 100644 index 572c6fef759c..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/inquire_cred_by_mech.c +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: inquire_cred_by_mech.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_inquire_cred_by_mech ( - OM_uint32 * minor_status, - const gss_cred_id_t cred_handle, - const gss_OID mech_type, - gss_name_t * name, - OM_uint32 * initiator_lifetime, - OM_uint32 * acceptor_lifetime, - gss_cred_usage_t * cred_usage - ) -{ - if (minor_status) - *minor_status = 0; - if (name) - *name = GSS_C_NO_NAME; - if (initiator_lifetime) - *initiator_lifetime = 0; - if (acceptor_lifetime) - *acceptor_lifetime = 0; - if (cred_usage) - *cred_usage = 0; - return GSS_S_UNAVAILABLE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/inquire_mechs_for_name.c b/crypto/heimdal/lib/gssapi/ntlm/inquire_mechs_for_name.c deleted file mode 100644 index 8bee4836d3fb..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/inquire_mechs_for_name.c +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: inquire_mechs_for_name.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_inquire_mechs_for_name ( - OM_uint32 * minor_status, - const gss_name_t input_name, - gss_OID_set * mech_types - ) -{ - if (minor_status) - *minor_status = 0; - if (mech_types) - *mech_types = GSS_C_NO_OID_SET; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/inquire_names_for_mech.c b/crypto/heimdal/lib/gssapi/ntlm/inquire_names_for_mech.c deleted file mode 100644 index ebf624de7628..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/inquire_names_for_mech.c +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: inquire_names_for_mech.c 19334 2006-12-14 12:17:34Z lha $"); - - -OM_uint32 _gss_ntlm_inquire_names_for_mech ( - OM_uint32 * minor_status, - const gss_OID mechanism, - gss_OID_set * name_types - ) -{ - OM_uint32 ret; - - ret = gss_create_empty_oid_set(minor_status, name_types); - if (ret != GSS_S_COMPLETE) - return ret; - - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/ntlm-private.h b/crypto/heimdal/lib/gssapi/ntlm/ntlm-private.h deleted file mode 100644 index cc6c4007856d..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/ntlm-private.h +++ /dev/null @@ -1,264 +0,0 @@ -/* This is a generated file */ -#ifndef __ntlm_private_h__ -#define __ntlm_private_h__ - -#include - -gssapi_mech_interface -__gss_ntlm_initialize (void); - -OM_uint32 -_gss_ntlm_accept_sec_context ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t * /*context_handle*/, - const gss_cred_id_t /*acceptor_cred_handle*/, - const gss_buffer_t /*input_token_buffer*/, - const gss_channel_bindings_t /*input_chan_bindings*/, - gss_name_t * /*src_name*/, - gss_OID * /*mech_type*/, - gss_buffer_t /*output_token*/, - OM_uint32 * /*ret_flags*/, - OM_uint32 * /*time_rec*/, - gss_cred_id_t * delegated_cred_handle ); - -OM_uint32 -_gss_ntlm_acquire_cred ( - OM_uint32 * /*min_stat*/, - const gss_name_t /*desired_name*/, - OM_uint32 /*time_req*/, - const gss_OID_set /*desired_mechs*/, - gss_cred_usage_t /*cred_usage*/, - gss_cred_id_t * /*output_cred_handle*/, - gss_OID_set * /*actual_mechs*/, - OM_uint32 * time_rec ); - -OM_uint32 -_gss_ntlm_add_cred ( - OM_uint32 */*minor_status*/, - const gss_cred_id_t /*input_cred_handle*/, - const gss_name_t /*desired_name*/, - const gss_OID /*desired_mech*/, - gss_cred_usage_t /*cred_usage*/, - OM_uint32 /*initiator_time_req*/, - OM_uint32 /*acceptor_time_req*/, - gss_cred_id_t */*output_cred_handle*/, - gss_OID_set */*actual_mechs*/, - OM_uint32 */*initiator_time_rec*/, - OM_uint32 */*acceptor_time_rec*/); - -OM_uint32 -_gss_ntlm_allocate_ctx ( - OM_uint32 */*minor_status*/, - ntlm_ctx */*ctx*/); - -OM_uint32 -_gss_ntlm_canonicalize_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*input_name*/, - const gss_OID /*mech_type*/, - gss_name_t * output_name ); - -OM_uint32 -_gss_ntlm_compare_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*name1*/, - const gss_name_t /*name2*/, - int * name_equal ); - -OM_uint32 -_gss_ntlm_context_time ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - OM_uint32 * time_rec ); - -OM_uint32 -_gss_ntlm_delete_sec_context ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t * /*context_handle*/, - gss_buffer_t output_token ); - -OM_uint32 -_gss_ntlm_display_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*input_name*/, - gss_buffer_t /*output_name_buffer*/, - gss_OID * output_name_type ); - -OM_uint32 -_gss_ntlm_display_status ( - OM_uint32 */*minor_status*/, - OM_uint32 /*status_value*/, - int /*status_type*/, - const gss_OID /*mech_type*/, - OM_uint32 */*message_context*/, - gss_buffer_t /*status_string*/); - -OM_uint32 -_gss_ntlm_duplicate_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*src_name*/, - gss_name_t * dest_name ); - -OM_uint32 -_gss_ntlm_export_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*input_name*/, - gss_buffer_t exported_name ); - -OM_uint32 -_gss_ntlm_export_sec_context ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t * /*context_handle*/, - gss_buffer_t interprocess_token ); - -OM_uint32 -_gss_ntlm_get_mic ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - gss_qop_t /*qop_req*/, - const gss_buffer_t /*message_buffer*/, - gss_buffer_t message_token ); - -int -_gss_ntlm_get_user_cred ( - const ntlm_name /*target_name*/, - ntlm_cred */*rcred*/); - -OM_uint32 -_gss_ntlm_import_name ( - OM_uint32 * /*minor_status*/, - const gss_buffer_t /*input_name_buffer*/, - const gss_OID /*input_name_type*/, - gss_name_t * output_name ); - -OM_uint32 -_gss_ntlm_import_sec_context ( - OM_uint32 * /*minor_status*/, - const gss_buffer_t /*interprocess_token*/, - gss_ctx_id_t * context_handle ); - -OM_uint32 -_gss_ntlm_indicate_mechs ( - OM_uint32 * /*minor_status*/, - gss_OID_set * mech_set ); - -OM_uint32 -_gss_ntlm_init_sec_context ( - OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*initiator_cred_handle*/, - gss_ctx_id_t * /*context_handle*/, - const gss_name_t /*target_name*/, - const gss_OID /*mech_type*/, - OM_uint32 /*req_flags*/, - OM_uint32 /*time_req*/, - const gss_channel_bindings_t /*input_chan_bindings*/, - const gss_buffer_t /*input_token*/, - gss_OID * /*actual_mech_type*/, - gss_buffer_t /*output_token*/, - OM_uint32 * /*ret_flags*/, - OM_uint32 * time_rec ); - -OM_uint32 -_gss_ntlm_inquire_context ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - gss_name_t * /*src_name*/, - gss_name_t * /*targ_name*/, - OM_uint32 * /*lifetime_rec*/, - gss_OID * /*mech_type*/, - OM_uint32 * /*ctx_flags*/, - int * /*locally_initiated*/, - int * open_context ); - -OM_uint32 -_gss_ntlm_inquire_cred ( - OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*cred_handle*/, - gss_name_t * /*name*/, - OM_uint32 * /*lifetime*/, - gss_cred_usage_t * /*cred_usage*/, - gss_OID_set * mechanisms ); - -OM_uint32 -_gss_ntlm_inquire_cred_by_mech ( - OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*cred_handle*/, - const gss_OID /*mech_type*/, - gss_name_t * /*name*/, - OM_uint32 * /*initiator_lifetime*/, - OM_uint32 * /*acceptor_lifetime*/, - gss_cred_usage_t * cred_usage ); - -OM_uint32 -_gss_ntlm_inquire_mechs_for_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*input_name*/, - gss_OID_set * mech_types ); - -OM_uint32 -_gss_ntlm_inquire_names_for_mech ( - OM_uint32 * /*minor_status*/, - const gss_OID /*mechanism*/, - gss_OID_set * name_types ); - -OM_uint32 -_gss_ntlm_process_context_token ( - OM_uint32 */*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - const gss_buffer_t token_buffer ); - -OM_uint32 -_gss_ntlm_release_cred ( - OM_uint32 * /*minor_status*/, - gss_cred_id_t * cred_handle ); - -OM_uint32 -_gss_ntlm_release_name ( - OM_uint32 * /*minor_status*/, - gss_name_t * input_name ); - -void -_gss_ntlm_set_key ( - struct ntlmv2_key */*key*/, - int /*acceptor*/, - int /*sealsign*/, - unsigned char */*data*/, - size_t /*len*/); - -OM_uint32 -_gss_ntlm_unwrap ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - const gss_buffer_t /*input_message_buffer*/, - gss_buffer_t /*output_message_buffer*/, - int * /*conf_state*/, - gss_qop_t * qop_state ); - -OM_uint32 -_gss_ntlm_verify_mic ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - const gss_buffer_t /*message_buffer*/, - const gss_buffer_t /*token_buffer*/, - gss_qop_t * qop_state ); - -OM_uint32 -_gss_ntlm_wrap ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - int /*conf_req_flag*/, - gss_qop_t /*qop_req*/, - const gss_buffer_t /*input_message_buffer*/, - int * /*conf_state*/, - gss_buffer_t output_message_buffer ); - -OM_uint32 -_gss_ntlm_wrap_size_limit ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - int /*conf_req_flag*/, - gss_qop_t /*qop_req*/, - OM_uint32 /*req_output_size*/, - OM_uint32 * max_input_size ); - -#endif /* __ntlm_private_h__ */ diff --git a/crypto/heimdal/lib/gssapi/ntlm/ntlm.h b/crypto/heimdal/lib/gssapi/ntlm/ntlm.h deleted file mode 100644 index 5713b72e2b33..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/ntlm.h +++ /dev/null @@ -1,139 +0,0 @@ -/* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: ntlm.h 22373 2007-12-28 18:36:06Z lha $ */ - -#ifndef NTLM_NTLM_H -#define NTLM_NTLM_H - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include - -#include -#include - -#include -#include -#include - -#include - -#include "crypto-headers.h" - -typedef OM_uint32 -(*ntlm_interface_init)(OM_uint32 *, void **); - -typedef OM_uint32 -(*ntlm_interface_destroy)(OM_uint32 *, void *); - -typedef int -(*ntlm_interface_probe)(OM_uint32 *, void *, const char *); - -typedef OM_uint32 -(*ntlm_interface_type2)(OM_uint32 *, void *, uint32_t, const char *, - const char *, uint32_t *, struct ntlm_buf *); - -typedef OM_uint32 -(*ntlm_interface_type3)(OM_uint32 *, void *, const struct ntlm_type3 *, - struct ntlm_buf *); - -typedef void -(*ntlm_interface_free_buffer)(struct ntlm_buf *); - -struct ntlm_server_interface { - ntlm_interface_init nsi_init; - ntlm_interface_destroy nsi_destroy; - ntlm_interface_probe nsi_probe; - ntlm_interface_type2 nsi_type2; - ntlm_interface_type3 nsi_type3; - ntlm_interface_free_buffer nsi_free_buffer; -}; - - -struct ntlmv2_key { - uint32_t seq; - RC4_KEY sealkey; - RC4_KEY *signsealkey; - unsigned char signkey[16]; -}; - -extern struct ntlm_server_interface ntlmsspi_kdc_digest; - -typedef struct ntlm_cred { - gss_cred_usage_t usage; - char *username; - char *domain; - struct ntlm_buf key; -} *ntlm_cred; - -typedef struct { - struct ntlm_server_interface *server; - void *ictx; - ntlm_cred client; - OM_uint32 gssflags; - uint32_t flags; - uint32_t status; -#define STATUS_OPEN 1 -#define STATUS_CLIENT 2 -#define STATUS_SESSIONKEY 4 - krb5_data sessionkey; - - union { - struct { - struct { - uint32_t seq; - RC4_KEY key; - } crypto_send, crypto_recv; - } v1; - struct { - struct ntlmv2_key send, recv; - } v2; - } u; -} *ntlm_ctx; - -typedef struct { - char *user; - char *domain; -} *ntlm_name; - -#include - - -#endif /* NTLM_NTLM_H */ diff --git a/crypto/heimdal/lib/gssapi/ntlm/process_context_token.c b/crypto/heimdal/lib/gssapi/ntlm/process_context_token.c deleted file mode 100644 index 33c1072208a4..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/process_context_token.c +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: process_context_token.c 19334 2006-12-14 12:17:34Z lha $"); - -OM_uint32 _gss_ntlm_process_context_token ( - OM_uint32 *minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t token_buffer - ) -{ - *minor_status = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/ntlm/release_cred.c b/crypto/heimdal/lib/gssapi/ntlm/release_cred.c deleted file mode 100644 index a63e5687408e..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/release_cred.c +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: release_cred.c 22163 2007-12-04 21:25:06Z lha $"); - -OM_uint32 _gss_ntlm_release_cred - (OM_uint32 * minor_status, - gss_cred_id_t * cred_handle - ) -{ - ntlm_cred cred; - - if (minor_status) - *minor_status = 0; - - if (cred_handle == NULL || *cred_handle == GSS_C_NO_CREDENTIAL) - return GSS_S_COMPLETE; - - cred = (ntlm_cred)*cred_handle; - *cred_handle = GSS_C_NO_CREDENTIAL; - - if (cred->username) - free(cred->username); - if (cred->domain) - free(cred->domain); - if (cred->key.data) { - memset(cred->key.data, 0, cred->key.length); - free(cred->key.data); - } - - return GSS_S_COMPLETE; -} - diff --git a/crypto/heimdal/lib/gssapi/ntlm/release_name.c b/crypto/heimdal/lib/gssapi/ntlm/release_name.c deleted file mode 100644 index 687d9fde50c5..000000000000 --- a/crypto/heimdal/lib/gssapi/ntlm/release_name.c +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ntlm/ntlm.h" - -RCSID("$Id: release_name.c 22373 2007-12-28 18:36:06Z lha $"); - -OM_uint32 _gss_ntlm_release_name - (OM_uint32 * minor_status, - gss_name_t * input_name - ) -{ - if (minor_status) - *minor_status = 0; - if (input_name) { - ntlm_name n = (ntlm_name)*input_name; - *input_name = GSS_C_NO_NAME; - free(n->user); - free(n->domain); - free(n); - } - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/process_context_token.c b/crypto/heimdal/lib/gssapi/process_context_token.c deleted file mode 100644 index 0cec33cc3e6f..000000000000 --- a/crypto/heimdal/lib/gssapi/process_context_token.c +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: process_context_token.c,v 1.1 2003/03/16 18:19:05 lha Exp $"); - -OM_uint32 gss_process_context_token ( - OM_uint32 *minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t token_buffer - ) -{ - OM_uint32 ret = GSS_S_FAILURE; - gss_buffer_desc empty_buffer; - gss_qop_t qop_state; - - empty_buffer.length = 0; - empty_buffer.value = NULL; - - qop_state = GSS_C_QOP_DEFAULT; - - ret = gss_verify_mic_internal(minor_status, context_handle, - token_buffer, &empty_buffer, - GSS_C_QOP_DEFAULT, "\x01\x02"); - - if (ret == GSS_S_COMPLETE) - ret = gss_delete_sec_context(minor_status, - (gss_ctx_id_t *)&context_handle, - GSS_C_NO_BUFFER); - if (ret == GSS_S_COMPLETE) - *minor_status = 0; - - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/release_buffer.c b/crypto/heimdal/lib/gssapi/release_buffer.c deleted file mode 100644 index 258b76f62768..000000000000 --- a/crypto/heimdal/lib/gssapi/release_buffer.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 1997 - 2000, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: release_buffer.c,v 1.5 2003/03/16 17:58:20 lha Exp $"); - -OM_uint32 gss_release_buffer - (OM_uint32 * minor_status, - gss_buffer_t buffer - ) -{ - *minor_status = 0; - free (buffer->value); - buffer->value = NULL; - buffer->length = 0; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/release_cred.c b/crypto/heimdal/lib/gssapi/release_cred.c deleted file mode 100644 index 01cbb6a0f9d9..000000000000 --- a/crypto/heimdal/lib/gssapi/release_cred.c +++ /dev/null @@ -1,68 +0,0 @@ -/* - * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: release_cred.c,v 1.8.2.1 2003/10/07 01:08:21 lha Exp $"); - -OM_uint32 gss_release_cred - (OM_uint32 * minor_status, - gss_cred_id_t * cred_handle - ) -{ - *minor_status = 0; - - if (*cred_handle == GSS_C_NO_CREDENTIAL) { - return GSS_S_COMPLETE; - } - - GSSAPI_KRB5_INIT (); - - if ((*cred_handle)->principal != NULL) - krb5_free_principal(gssapi_krb5_context, (*cred_handle)->principal); - if ((*cred_handle)->keytab != NULL) - krb5_kt_close(gssapi_krb5_context, (*cred_handle)->keytab); - if ((*cred_handle)->ccache != NULL) { - const krb5_cc_ops *ops; - ops = krb5_cc_get_ops(gssapi_krb5_context, (*cred_handle)->ccache); - if (ops == &krb5_mcc_ops) - krb5_cc_destroy(gssapi_krb5_context, (*cred_handle)->ccache); - else - krb5_cc_close(gssapi_krb5_context, (*cred_handle)->ccache); - } - gss_release_oid_set(NULL, &(*cred_handle)->mechanisms); - free(*cred_handle); - *cred_handle = GSS_C_NO_CREDENTIAL; - return GSS_S_COMPLETE; -} - diff --git a/crypto/heimdal/lib/gssapi/release_name.c b/crypto/heimdal/lib/gssapi/release_name.c deleted file mode 100644 index 6894ffae49c2..000000000000 --- a/crypto/heimdal/lib/gssapi/release_name.c +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: release_name.c,v 1.7 2003/03/16 17:52:48 lha Exp $"); - -OM_uint32 gss_release_name - (OM_uint32 * minor_status, - gss_name_t * input_name - ) -{ - GSSAPI_KRB5_INIT (); - if (minor_status) - *minor_status = 0; - krb5_free_principal(gssapi_krb5_context, - *input_name); - *input_name = GSS_C_NO_NAME; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/release_oid_set.c b/crypto/heimdal/lib/gssapi/release_oid_set.c deleted file mode 100644 index 04eb01565f79..000000000000 --- a/crypto/heimdal/lib/gssapi/release_oid_set.c +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 1997 - 2000, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: release_oid_set.c,v 1.5 2003/03/16 17:53:25 lha Exp $"); - -OM_uint32 gss_release_oid_set - (OM_uint32 * minor_status, - gss_OID_set * set - ) -{ - if (minor_status) - *minor_status = 0; - free ((*set)->elements); - free (*set); - *set = GSS_C_NO_OID_SET; - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/spnego/accept_sec_context.c b/crypto/heimdal/lib/gssapi/spnego/accept_sec_context.c deleted file mode 100644 index 1afe26f1e39d..000000000000 --- a/crypto/heimdal/lib/gssapi/spnego/accept_sec_context.c +++ /dev/null @@ -1,1024 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * Portions Copyright (c) 2004 PADL Software Pty Ltd. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "spnego/spnego_locl.h" - -RCSID("$Id: accept_sec_context.c 21461 2007-07-10 14:01:13Z lha $"); - -static OM_uint32 -send_reject (OM_uint32 *minor_status, - gss_buffer_t output_token) -{ - NegotiationToken nt; - size_t size; - - nt.element = choice_NegotiationToken_negTokenResp; - - ALLOC(nt.u.negTokenResp.negResult, 1); - if (nt.u.negTokenResp.negResult == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - *(nt.u.negTokenResp.negResult) = reject; - nt.u.negTokenResp.supportedMech = NULL; - nt.u.negTokenResp.responseToken = NULL; - nt.u.negTokenResp.mechListMIC = NULL; - - ASN1_MALLOC_ENCODE(NegotiationToken, - output_token->value, output_token->length, &nt, - &size, *minor_status); - free_NegotiationToken(&nt); - if (*minor_status != 0) - return GSS_S_FAILURE; - - return GSS_S_BAD_MECH; -} - -static OM_uint32 -acceptor_approved(gss_name_t target_name, gss_OID mech) -{ - gss_cred_id_t cred = GSS_C_NO_CREDENTIAL; - gss_OID_set oidset; - OM_uint32 junk, ret; - - if (target_name == GSS_C_NO_NAME) - return GSS_S_COMPLETE; - - gss_create_empty_oid_set(&junk, &oidset); - gss_add_oid_set_member(&junk, mech, &oidset); - - ret = gss_acquire_cred(&junk, target_name, GSS_C_INDEFINITE, oidset, - GSS_C_ACCEPT, &cred, NULL, NULL); - gss_release_oid_set(&junk, &oidset); - if (ret != GSS_S_COMPLETE) - return ret; - gss_release_cred(&junk, &cred); - - return GSS_S_COMPLETE; -} - -static OM_uint32 -send_supported_mechs (OM_uint32 *minor_status, - gss_buffer_t output_token) -{ - NegotiationTokenWin nt; - char hostname[MAXHOSTNAMELEN + 1], *p; - gss_buffer_desc name_buf; - gss_OID name_type; - gss_name_t target_princ; - gss_name_t canon_princ; - OM_uint32 minor; - size_t buf_len; - gss_buffer_desc data; - OM_uint32 ret; - - memset(&nt, 0, sizeof(nt)); - - nt.element = choice_NegotiationTokenWin_negTokenInit; - nt.u.negTokenInit.reqFlags = NULL; - nt.u.negTokenInit.mechToken = NULL; - nt.u.negTokenInit.negHints = NULL; - - ret = _gss_spnego_indicate_mechtypelist(minor_status, GSS_C_NO_NAME, - acceptor_approved, 1, NULL, - &nt.u.negTokenInit.mechTypes, NULL); - if (ret != GSS_S_COMPLETE) { - return ret; - } - - memset(&target_princ, 0, sizeof(target_princ)); - if (gethostname(hostname, sizeof(hostname) - 2) != 0) { - *minor_status = errno; - free_NegotiationTokenWin(&nt); - return GSS_S_FAILURE; - } - hostname[sizeof(hostname) - 1] = '\0'; - - /* Send the constructed SAM name for this host */ - for (p = hostname; *p != '\0' && *p != '.'; p++) { - *p = toupper((unsigned char)*p); - } - *p++ = '$'; - *p = '\0'; - - name_buf.length = strlen(hostname); - name_buf.value = hostname; - - ret = gss_import_name(minor_status, &name_buf, - GSS_C_NO_OID, - &target_princ); - if (ret != GSS_S_COMPLETE) { - free_NegotiationTokenWin(&nt); - return ret; - } - - name_buf.length = 0; - name_buf.value = NULL; - - /* Canonicalize the name using the preferred mechanism */ - ret = gss_canonicalize_name(minor_status, - target_princ, - GSS_C_NO_OID, - &canon_princ); - if (ret != GSS_S_COMPLETE) { - free_NegotiationTokenWin(&nt); - gss_release_name(&minor, &target_princ); - return ret; - } - - ret = gss_display_name(minor_status, canon_princ, - &name_buf, &name_type); - if (ret != GSS_S_COMPLETE) { - free_NegotiationTokenWin(&nt); - gss_release_name(&minor, &canon_princ); - gss_release_name(&minor, &target_princ); - return ret; - } - - gss_release_name(&minor, &canon_princ); - gss_release_name(&minor, &target_princ); - - ALLOC(nt.u.negTokenInit.negHints, 1); - if (nt.u.negTokenInit.negHints == NULL) { - *minor_status = ENOMEM; - gss_release_buffer(&minor, &name_buf); - free_NegotiationTokenWin(&nt); - return GSS_S_FAILURE; - } - - ALLOC(nt.u.negTokenInit.negHints->hintName, 1); - if (nt.u.negTokenInit.negHints->hintName == NULL) { - *minor_status = ENOMEM; - gss_release_buffer(&minor, &name_buf); - free_NegotiationTokenWin(&nt); - return GSS_S_FAILURE; - } - - *(nt.u.negTokenInit.negHints->hintName) = name_buf.value; - name_buf.value = NULL; - nt.u.negTokenInit.negHints->hintAddress = NULL; - - ASN1_MALLOC_ENCODE(NegotiationTokenWin, - data.value, data.length, &nt, &buf_len, ret); - free_NegotiationTokenWin(&nt); - if (ret) { - return ret; - } - if (data.length != buf_len) - abort(); - - ret = gss_encapsulate_token(&data, GSS_SPNEGO_MECHANISM, output_token); - - free (data.value); - - if (ret != GSS_S_COMPLETE) - return ret; - - *minor_status = 0; - - return GSS_S_CONTINUE_NEEDED; -} - -static OM_uint32 -send_accept (OM_uint32 *minor_status, - gssspnego_ctx context_handle, - gss_buffer_t mech_token, - int initial_response, - gss_buffer_t mech_buf, - gss_buffer_t output_token) -{ - NegotiationToken nt; - OM_uint32 ret; - gss_buffer_desc mech_mic_buf; - size_t size; - - memset(&nt, 0, sizeof(nt)); - - nt.element = choice_NegotiationToken_negTokenResp; - - ALLOC(nt.u.negTokenResp.negResult, 1); - if (nt.u.negTokenResp.negResult == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - if (context_handle->open) { - if (mech_token != GSS_C_NO_BUFFER - && mech_token->length != 0 - && mech_buf != GSS_C_NO_BUFFER) - *(nt.u.negTokenResp.negResult) = accept_incomplete; - else - *(nt.u.negTokenResp.negResult) = accept_completed; - } else { - if (initial_response && context_handle->require_mic) - *(nt.u.negTokenResp.negResult) = request_mic; - else - *(nt.u.negTokenResp.negResult) = accept_incomplete; - } - - if (initial_response) { - ALLOC(nt.u.negTokenResp.supportedMech, 1); - if (nt.u.negTokenResp.supportedMech == NULL) { - free_NegotiationToken(&nt); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - ret = der_get_oid(context_handle->preferred_mech_type->elements, - context_handle->preferred_mech_type->length, - nt.u.negTokenResp.supportedMech, - NULL); - if (ret) { - free_NegotiationToken(&nt); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - } else { - nt.u.negTokenResp.supportedMech = NULL; - } - - if (mech_token != GSS_C_NO_BUFFER && mech_token->length != 0) { - ALLOC(nt.u.negTokenResp.responseToken, 1); - if (nt.u.negTokenResp.responseToken == NULL) { - free_NegotiationToken(&nt); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - nt.u.negTokenResp.responseToken->length = mech_token->length; - nt.u.negTokenResp.responseToken->data = mech_token->value; - mech_token->length = 0; - mech_token->value = NULL; - } else { - nt.u.negTokenResp.responseToken = NULL; - } - - if (mech_buf != GSS_C_NO_BUFFER) { - ret = gss_get_mic(minor_status, - context_handle->negotiated_ctx_id, - 0, - mech_buf, - &mech_mic_buf); - if (ret == GSS_S_COMPLETE) { - ALLOC(nt.u.negTokenResp.mechListMIC, 1); - if (nt.u.negTokenResp.mechListMIC == NULL) { - gss_release_buffer(minor_status, &mech_mic_buf); - free_NegotiationToken(&nt); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - nt.u.negTokenResp.mechListMIC->length = mech_mic_buf.length; - nt.u.negTokenResp.mechListMIC->data = mech_mic_buf.value; - } else if (ret == GSS_S_UNAVAILABLE) { - nt.u.negTokenResp.mechListMIC = NULL; - } else { - free_NegotiationToken(&nt); - return ret; - } - - } else - nt.u.negTokenResp.mechListMIC = NULL; - - ASN1_MALLOC_ENCODE(NegotiationToken, - output_token->value, output_token->length, - &nt, &size, ret); - if (ret) { - free_NegotiationToken(&nt); - *minor_status = ret; - return GSS_S_FAILURE; - } - - /* - * The response should not be encapsulated, because - * it is a SubsequentContextToken (note though RFC 1964 - * specifies encapsulation for all _Kerberos_ tokens). - */ - - if (*(nt.u.negTokenResp.negResult) == accept_completed) - ret = GSS_S_COMPLETE; - else - ret = GSS_S_CONTINUE_NEEDED; - free_NegotiationToken(&nt); - return ret; -} - - -static OM_uint32 -verify_mechlist_mic - (OM_uint32 *minor_status, - gssspnego_ctx context_handle, - gss_buffer_t mech_buf, - heim_octet_string *mechListMIC - ) -{ - OM_uint32 ret; - gss_buffer_desc mic_buf; - - if (context_handle->verified_mic) { - /* This doesn't make sense, we've already verified it? */ - *minor_status = 0; - return GSS_S_DUPLICATE_TOKEN; - } - - if (mechListMIC == NULL) { - *minor_status = 0; - return GSS_S_DEFECTIVE_TOKEN; - } - - mic_buf.length = mechListMIC->length; - mic_buf.value = mechListMIC->data; - - ret = gss_verify_mic(minor_status, - context_handle->negotiated_ctx_id, - mech_buf, - &mic_buf, - NULL); - - if (ret != GSS_S_COMPLETE) - ret = GSS_S_DEFECTIVE_TOKEN; - - return ret; -} - -static OM_uint32 -select_mech(OM_uint32 *minor_status, MechType *mechType, int verify_p, - gss_OID *mech_p) -{ - char mechbuf[64]; - size_t mech_len; - gss_OID_desc oid; - OM_uint32 ret, junk; - - ret = der_put_oid ((unsigned char *)mechbuf + sizeof(mechbuf) - 1, - sizeof(mechbuf), - mechType, - &mech_len); - if (ret) { - return GSS_S_DEFECTIVE_TOKEN; - } - - oid.length = mech_len; - oid.elements = mechbuf + sizeof(mechbuf) - mech_len; - - if (gss_oid_equal(&oid, GSS_SPNEGO_MECHANISM)) { - return GSS_S_BAD_MECH; - } - - *minor_status = 0; - - /* Translate broken MS Kebreros OID */ - if (gss_oid_equal(&oid, &_gss_spnego_mskrb_mechanism_oid_desc)) { - gssapi_mech_interface mech; - - mech = __gss_get_mechanism(&_gss_spnego_krb5_mechanism_oid_desc); - if (mech == NULL) - return GSS_S_BAD_MECH; - - ret = gss_duplicate_oid(minor_status, - &_gss_spnego_mskrb_mechanism_oid_desc, - mech_p); - } else { - gssapi_mech_interface mech; - - mech = __gss_get_mechanism(&oid); - if (mech == NULL) - return GSS_S_BAD_MECH; - - ret = gss_duplicate_oid(minor_status, - &mech->gm_mech_oid, - mech_p); - } - - if (verify_p) { - gss_name_t name = GSS_C_NO_NAME; - gss_buffer_desc namebuf; - char *str = NULL, *host, hostname[MAXHOSTNAMELEN]; - - host = getenv("GSSAPI_SPNEGO_NAME"); - if (host == NULL || issuid()) { - if (gethostname(hostname, sizeof(hostname)) != 0) { - *minor_status = errno; - return GSS_S_FAILURE; - } - asprintf(&str, "host@%s", hostname); - host = str; - } - - namebuf.length = strlen(host); - namebuf.value = host; - - ret = gss_import_name(minor_status, &namebuf, - GSS_C_NT_HOSTBASED_SERVICE, &name); - if (str) - free(str); - if (ret != GSS_S_COMPLETE) - return ret; - - ret = acceptor_approved(name, *mech_p); - gss_release_name(&junk, &name); - } - - return ret; -} - - -static OM_uint32 -acceptor_complete(OM_uint32 * minor_status, - gssspnego_ctx ctx, - int *get_mic, - gss_buffer_t mech_buf, - gss_buffer_t mech_input_token, - gss_buffer_t mech_output_token, - heim_octet_string *mic, - gss_buffer_t output_token) -{ - OM_uint32 ret; - int require_mic, verify_mic; - gss_buffer_desc buf; - - buf.length = 0; - buf.value = NULL; - - ret = _gss_spnego_require_mechlist_mic(minor_status, ctx, &require_mic); - if (ret) - return ret; - - ctx->require_mic = require_mic; - - if (mic != NULL) - require_mic = 1; - - if (ctx->open && require_mic) { - if (mech_input_token == GSS_C_NO_BUFFER) { /* Even/One */ - verify_mic = 1; - *get_mic = 0; - } else if (mech_output_token != GSS_C_NO_BUFFER && - mech_output_token->length == 0) { /* Odd */ - *get_mic = verify_mic = 1; - } else { /* Even/One */ - verify_mic = 0; - *get_mic = 1; - } - - if (verify_mic || get_mic) { - int eret; - size_t buf_len; - - ASN1_MALLOC_ENCODE(MechTypeList, - mech_buf->value, mech_buf->length, - &ctx->initiator_mech_types, &buf_len, eret); - if (eret) { - *minor_status = eret; - return GSS_S_FAILURE; - } - if (buf.length != buf_len) - abort(); - } - - if (verify_mic) { - ret = verify_mechlist_mic(minor_status, ctx, mech_buf, mic); - if (ret) { - if (get_mic) - send_reject (minor_status, output_token); - if (buf.value) - free(buf.value); - return ret; - } - ctx->verified_mic = 1; - } - if (buf.value) - free(buf.value); - - } else - *get_mic = verify_mic = 0; - - return GSS_S_COMPLETE; -} - - -static OM_uint32 -acceptor_start - (OM_uint32 * minor_status, - gss_ctx_id_t * context_handle, - const gss_cred_id_t acceptor_cred_handle, - const gss_buffer_t input_token_buffer, - const gss_channel_bindings_t input_chan_bindings, - gss_name_t * src_name, - gss_OID * mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec, - gss_cred_id_t *delegated_cred_handle - ) -{ - OM_uint32 ret, junk, minor; - NegotiationToken nt; - size_t nt_len; - NegTokenInit *ni; - int i; - gss_buffer_desc data; - gss_buffer_t mech_input_token = GSS_C_NO_BUFFER; - gss_buffer_desc mech_output_token; - gss_buffer_desc mech_buf; - gss_OID preferred_mech_type = GSS_C_NO_OID; - gssspnego_ctx ctx; - gssspnego_cred acceptor_cred = (gssspnego_cred)acceptor_cred_handle; - int get_mic = 0; - int first_ok = 0; - - mech_output_token.value = NULL; - mech_output_token.length = 0; - mech_buf.value = NULL; - - if (input_token_buffer->length == 0) - return send_supported_mechs (minor_status, output_token); - - ret = _gss_spnego_alloc_sec_context(minor_status, context_handle); - if (ret != GSS_S_COMPLETE) - return ret; - - ctx = (gssspnego_ctx)*context_handle; - - /* - * The GSS-API encapsulation is only present on the initial - * context token (negTokenInit). - */ - ret = gss_decapsulate_token (input_token_buffer, - GSS_SPNEGO_MECHANISM, - &data); - if (ret) - return ret; - - ret = decode_NegotiationToken(data.value, data.length, &nt, &nt_len); - gss_release_buffer(minor_status, &data); - if (ret) { - *minor_status = ret; - return GSS_S_DEFECTIVE_TOKEN; - } - if (nt.element != choice_NegotiationToken_negTokenInit) { - *minor_status = 0; - return GSS_S_DEFECTIVE_TOKEN; - } - ni = &nt.u.negTokenInit; - - if (ni->mechTypes.len < 1) { - free_NegotiationToken(&nt); - *minor_status = 0; - return GSS_S_DEFECTIVE_TOKEN; - } - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - - ret = copy_MechTypeList(&ni->mechTypes, &ctx->initiator_mech_types); - if (ret) { - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - free_NegotiationToken(&nt); - *minor_status = ret; - return GSS_S_FAILURE; - } - - /* - * First we try the opportunistic token if we have support for it, - * don't try to verify we have credential for the token, - * gss_accept_sec_context will (hopefully) tell us that. - * If that failes, - */ - - ret = select_mech(minor_status, - &ni->mechTypes.val[0], - 0, - &preferred_mech_type); - - if (ret == 0 && ni->mechToken != NULL) { - gss_cred_id_t mech_delegated_cred = GSS_C_NO_CREDENTIAL; - gss_cred_id_t mech_cred; - gss_buffer_desc ibuf; - - ibuf.length = ni->mechToken->length; - ibuf.value = ni->mechToken->data; - mech_input_token = &ibuf; - - if (acceptor_cred != NULL) - mech_cred = acceptor_cred->negotiated_cred_id; - else - mech_cred = GSS_C_NO_CREDENTIAL; - - if (ctx->mech_src_name != GSS_C_NO_NAME) - gss_release_name(&minor, &ctx->mech_src_name); - - if (ctx->delegated_cred_id != GSS_C_NO_CREDENTIAL) - _gss_spnego_release_cred(&minor, &ctx->delegated_cred_id); - - ret = gss_accept_sec_context(&minor, - &ctx->negotiated_ctx_id, - mech_cred, - mech_input_token, - input_chan_bindings, - &ctx->mech_src_name, - &ctx->negotiated_mech_type, - &mech_output_token, - &ctx->mech_flags, - &ctx->mech_time_rec, - &mech_delegated_cred); - if (ret == GSS_S_COMPLETE || ret == GSS_S_CONTINUE_NEEDED) { - ctx->preferred_mech_type = preferred_mech_type; - ctx->negotiated_mech_type = preferred_mech_type; - if (ret == GSS_S_COMPLETE) - ctx->open = 1; - - if (mech_delegated_cred && delegated_cred_handle) - ret = _gss_spnego_alloc_cred(minor_status, - mech_delegated_cred, - delegated_cred_handle); - else - gss_release_cred(&junk, &mech_delegated_cred); - - ret = acceptor_complete(minor_status, - ctx, - &get_mic, - &mech_buf, - mech_input_token, - &mech_output_token, - ni->mechListMIC, - output_token); - if (ret != GSS_S_COMPLETE) - goto out; - - first_ok = 1; - } - } - - /* - * If opportunistic token failed, lets try the other mechs. - */ - - if (!first_ok) { - - /* Call glue layer to find first mech we support */ - for (i = 1; i < ni->mechTypes.len; ++i) { - ret = select_mech(minor_status, - &ni->mechTypes.val[i], - 1, - &preferred_mech_type); - if (ret == 0) - break; - } - if (preferred_mech_type == GSS_C_NO_OID) { - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - free_NegotiationToken(&nt); - return GSS_S_BAD_MECH; - } - - ctx->preferred_mech_type = preferred_mech_type; - ctx->negotiated_mech_type = preferred_mech_type; - } - - /* - * The initial token always have a response - */ - - ret = send_accept (minor_status, - ctx, - &mech_output_token, - 1, - get_mic ? &mech_buf : NULL, - output_token); - if (ret) - goto out; - -out: - if (mech_output_token.value != NULL) - gss_release_buffer(&minor, &mech_output_token); - if (mech_buf.value != NULL) { - free(mech_buf.value); - mech_buf.value = NULL; - } - free_NegotiationToken(&nt); - - - if (ret == GSS_S_COMPLETE) { - if (src_name != NULL && ctx->mech_src_name != NULL) { - spnego_name name; - - name = calloc(1, sizeof(*name)); - if (name) { - name->mech = ctx->mech_src_name; - ctx->mech_src_name = NULL; - *src_name = (gss_name_t)name; - } - } - if (delegated_cred_handle != NULL) { - *delegated_cred_handle = ctx->delegated_cred_id; - ctx->delegated_cred_id = GSS_C_NO_CREDENTIAL; - } - } - - if (mech_type != NULL) - *mech_type = ctx->negotiated_mech_type; - if (ret_flags != NULL) - *ret_flags = ctx->mech_flags; - if (time_rec != NULL) - *time_rec = ctx->mech_time_rec; - - if (ret == GSS_S_COMPLETE || ret == GSS_S_CONTINUE_NEEDED) { - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - return ret; - } - - _gss_spnego_internal_delete_sec_context(&minor, context_handle, - GSS_C_NO_BUFFER); - - return ret; -} - - -static OM_uint32 -acceptor_continue - (OM_uint32 * minor_status, - gss_ctx_id_t * context_handle, - const gss_cred_id_t acceptor_cred_handle, - const gss_buffer_t input_token_buffer, - const gss_channel_bindings_t input_chan_bindings, - gss_name_t * src_name, - gss_OID * mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec, - gss_cred_id_t *delegated_cred_handle - ) -{ - OM_uint32 ret, ret2, minor; - NegotiationToken nt; - size_t nt_len; - NegTokenResp *na; - unsigned int negResult = accept_incomplete; - gss_buffer_t mech_input_token = GSS_C_NO_BUFFER; - gss_buffer_t mech_output_token = GSS_C_NO_BUFFER; - gss_buffer_desc mech_buf; - gssspnego_ctx ctx; - gssspnego_cred acceptor_cred = (gssspnego_cred)acceptor_cred_handle; - - mech_buf.value = NULL; - - ctx = (gssspnego_ctx)*context_handle; - - /* - * The GSS-API encapsulation is only present on the initial - * context token (negTokenInit). - */ - - ret = decode_NegotiationToken(input_token_buffer->value, - input_token_buffer->length, - &nt, &nt_len); - if (ret) { - *minor_status = ret; - return GSS_S_DEFECTIVE_TOKEN; - } - if (nt.element != choice_NegotiationToken_negTokenResp) { - *minor_status = 0; - return GSS_S_DEFECTIVE_TOKEN; - } - na = &nt.u.negTokenResp; - - if (na->negResult != NULL) { - negResult = *(na->negResult); - } - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - - { - gss_buffer_desc ibuf, obuf; - int require_mic, get_mic = 0; - int require_response; - heim_octet_string *mic; - - if (na->responseToken != NULL) { - ibuf.length = na->responseToken->length; - ibuf.value = na->responseToken->data; - mech_input_token = &ibuf; - } else { - ibuf.value = NULL; - ibuf.length = 0; - } - - if (mech_input_token != GSS_C_NO_BUFFER) { - gss_cred_id_t mech_cred; - gss_cred_id_t mech_delegated_cred; - gss_cred_id_t *mech_delegated_cred_p; - - if (acceptor_cred != NULL) - mech_cred = acceptor_cred->negotiated_cred_id; - else - mech_cred = GSS_C_NO_CREDENTIAL; - - if (delegated_cred_handle != NULL) { - mech_delegated_cred = GSS_C_NO_CREDENTIAL; - mech_delegated_cred_p = &mech_delegated_cred; - } else { - mech_delegated_cred_p = NULL; - } - - if (ctx->mech_src_name != GSS_C_NO_NAME) - gss_release_name(&minor, &ctx->mech_src_name); - - if (ctx->delegated_cred_id != GSS_C_NO_CREDENTIAL) - _gss_spnego_release_cred(&minor, &ctx->delegated_cred_id); - - ret = gss_accept_sec_context(&minor, - &ctx->negotiated_ctx_id, - mech_cred, - mech_input_token, - input_chan_bindings, - &ctx->mech_src_name, - &ctx->negotiated_mech_type, - &obuf, - &ctx->mech_flags, - &ctx->mech_time_rec, - mech_delegated_cred_p); - if (ret == GSS_S_COMPLETE || ret == GSS_S_CONTINUE_NEEDED) { - if (mech_delegated_cred_p != NULL && - mech_delegated_cred != GSS_C_NO_CREDENTIAL) { - ret2 = _gss_spnego_alloc_cred(minor_status, - mech_delegated_cred, - &ctx->delegated_cred_id); - if (ret2 != GSS_S_COMPLETE) - ret = ret2; - } - mech_output_token = &obuf; - } - if (ret != GSS_S_COMPLETE && ret != GSS_S_CONTINUE_NEEDED) { - free_NegotiationToken(&nt); - send_reject (minor_status, output_token); - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - return ret; - } - if (ret == GSS_S_COMPLETE) - ctx->open = 1; - } else - ret = GSS_S_COMPLETE; - - ret2 = _gss_spnego_require_mechlist_mic(minor_status, - ctx, - &require_mic); - if (ret2) - goto out; - - ctx->require_mic = require_mic; - - mic = na->mechListMIC; - if (mic != NULL) - require_mic = 1; - - if (ret == GSS_S_COMPLETE) - ret = acceptor_complete(minor_status, - ctx, - &get_mic, - &mech_buf, - mech_input_token, - mech_output_token, - na->mechListMIC, - output_token); - - if (ctx->mech_flags & GSS_C_DCE_STYLE) - require_response = (negResult != accept_completed); - else - require_response = 0; - - /* - * Check whether we need to send a result: there should be only - * one accept_completed response sent in the entire negotiation - */ - if ((mech_output_token != GSS_C_NO_BUFFER && - mech_output_token->length != 0) - || (ctx->open && negResult == accept_incomplete) - || require_response - || get_mic) { - ret2 = send_accept (minor_status, - ctx, - mech_output_token, - 0, - get_mic ? &mech_buf : NULL, - output_token); - if (ret2) - goto out; - } - - out: - if (ret2 != GSS_S_COMPLETE) - ret = ret2; - if (mech_output_token != NULL) - gss_release_buffer(&minor, mech_output_token); - if (mech_buf.value != NULL) - free(mech_buf.value); - free_NegotiationToken(&nt); - } - - if (ret == GSS_S_COMPLETE) { - if (src_name != NULL && ctx->mech_src_name != NULL) { - spnego_name name; - - name = calloc(1, sizeof(*name)); - if (name) { - name->mech = ctx->mech_src_name; - ctx->mech_src_name = NULL; - *src_name = (gss_name_t)name; - } - } - if (delegated_cred_handle != NULL) { - *delegated_cred_handle = ctx->delegated_cred_id; - ctx->delegated_cred_id = GSS_C_NO_CREDENTIAL; - } - } - - if (mech_type != NULL) - *mech_type = ctx->negotiated_mech_type; - if (ret_flags != NULL) - *ret_flags = ctx->mech_flags; - if (time_rec != NULL) - *time_rec = ctx->mech_time_rec; - - if (ret == GSS_S_COMPLETE || ret == GSS_S_CONTINUE_NEEDED) { - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - return ret; - } - - _gss_spnego_internal_delete_sec_context(&minor, context_handle, - GSS_C_NO_BUFFER); - - return ret; -} - -OM_uint32 -_gss_spnego_accept_sec_context - (OM_uint32 * minor_status, - gss_ctx_id_t * context_handle, - const gss_cred_id_t acceptor_cred_handle, - const gss_buffer_t input_token_buffer, - const gss_channel_bindings_t input_chan_bindings, - gss_name_t * src_name, - gss_OID * mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec, - gss_cred_id_t *delegated_cred_handle - ) -{ - _gss_accept_sec_context_t *func; - - *minor_status = 0; - - output_token->length = 0; - output_token->value = NULL; - - if (src_name != NULL) - *src_name = GSS_C_NO_NAME; - if (mech_type != NULL) - *mech_type = GSS_C_NO_OID; - if (ret_flags != NULL) - *ret_flags = 0; - if (time_rec != NULL) - *time_rec = 0; - if (delegated_cred_handle != NULL) - *delegated_cred_handle = GSS_C_NO_CREDENTIAL; - - - if (*context_handle == GSS_C_NO_CONTEXT) - func = acceptor_start; - else - func = acceptor_continue; - - - return (*func)(minor_status, context_handle, acceptor_cred_handle, - input_token_buffer, input_chan_bindings, - src_name, mech_type, output_token, ret_flags, - time_rec, delegated_cred_handle); -} diff --git a/crypto/heimdal/lib/gssapi/spnego/compat.c b/crypto/heimdal/lib/gssapi/spnego/compat.c deleted file mode 100644 index 287f4f760ed7..000000000000 --- a/crypto/heimdal/lib/gssapi/spnego/compat.c +++ /dev/null @@ -1,322 +0,0 @@ -/* - * Copyright (c) 2004, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "spnego/spnego_locl.h" - -RCSID("$Id: compat.c 21866 2007-08-08 11:31:29Z lha $"); - -/* - * Apparently Microsoft got the OID wrong, and used - * 1.2.840.48018.1.2.2 instead. We need both this and - * the correct Kerberos OID here in order to deal with - * this. Because this is manifest in SPNEGO only I'd - * prefer to deal with this here rather than inside the - * Kerberos mechanism. - */ -gss_OID_desc _gss_spnego_mskrb_mechanism_oid_desc = - {9, (void *)"\x2a\x86\x48\x82\xf7\x12\x01\x02\x02"}; - -gss_OID_desc _gss_spnego_krb5_mechanism_oid_desc = - {9, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02"}; - -/* - * Allocate a SPNEGO context handle - */ -OM_uint32 _gss_spnego_alloc_sec_context (OM_uint32 * minor_status, - gss_ctx_id_t *context_handle) -{ - gssspnego_ctx ctx; - - ctx = calloc(1, sizeof(*ctx)); - if (ctx == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - ctx->initiator_mech_types.len = 0; - ctx->initiator_mech_types.val = NULL; - ctx->preferred_mech_type = GSS_C_NO_OID; - ctx->negotiated_mech_type = GSS_C_NO_OID; - ctx->negotiated_ctx_id = GSS_C_NO_CONTEXT; - - /* - * Cache these so we can return them before returning - * GSS_S_COMPLETE, even if the mechanism has itself - * completed earlier - */ - ctx->mech_flags = 0; - ctx->mech_time_rec = 0; - ctx->mech_src_name = GSS_C_NO_NAME; - ctx->delegated_cred_id = GSS_C_NO_CREDENTIAL; - - ctx->open = 0; - ctx->local = 0; - ctx->require_mic = 0; - ctx->verified_mic = 0; - - HEIMDAL_MUTEX_init(&ctx->ctx_id_mutex); - - *context_handle = (gss_ctx_id_t)ctx; - - return GSS_S_COMPLETE; -} - -/* - * Free a SPNEGO context handle. The caller must have acquired - * the lock before this is called. - */ -OM_uint32 _gss_spnego_internal_delete_sec_context - (OM_uint32 *minor_status, - gss_ctx_id_t *context_handle, - gss_buffer_t output_token - ) -{ - gssspnego_ctx ctx; - OM_uint32 ret, minor; - - *minor_status = 0; - - if (context_handle == NULL) { - return GSS_S_NO_CONTEXT; - } - - if (output_token != GSS_C_NO_BUFFER) { - output_token->length = 0; - output_token->value = NULL; - } - - ctx = (gssspnego_ctx)*context_handle; - *context_handle = GSS_C_NO_CONTEXT; - - if (ctx == NULL) { - return GSS_S_NO_CONTEXT; - } - - if (ctx->initiator_mech_types.val != NULL) - free_MechTypeList(&ctx->initiator_mech_types); - - _gss_spnego_release_cred(&minor, &ctx->delegated_cred_id); - - gss_release_oid(&minor, &ctx->preferred_mech_type); - ctx->negotiated_mech_type = GSS_C_NO_OID; - - gss_release_name(&minor, &ctx->target_name); - gss_release_name(&minor, &ctx->mech_src_name); - - if (ctx->negotiated_ctx_id != GSS_C_NO_CONTEXT) { - ret = gss_delete_sec_context(minor_status, - &ctx->negotiated_ctx_id, - output_token); - ctx->negotiated_ctx_id = GSS_C_NO_CONTEXT; - } else { - ret = GSS_S_COMPLETE; - } - - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - HEIMDAL_MUTEX_destroy(&ctx->ctx_id_mutex); - - free(ctx); - *context_handle = NULL; - - return ret; -} - -/* - * For compatability with the Windows SPNEGO implementation, the - * default is to ignore the mechListMIC unless CFX is used and - * a non-preferred mechanism was negotiated - */ - -OM_uint32 -_gss_spnego_require_mechlist_mic(OM_uint32 *minor_status, - gssspnego_ctx ctx, - int *require_mic) -{ - gss_buffer_set_t buffer_set = GSS_C_NO_BUFFER_SET; - OM_uint32 minor; - - *minor_status = 0; - *require_mic = 0; - - if (ctx == NULL) { - return GSS_S_COMPLETE; - } - - if (ctx->require_mic) { - /* Acceptor requested it: mandatory to honour */ - *require_mic = 1; - return GSS_S_COMPLETE; - } - - /* - * Check whether peer indicated implicit support for updated SPNEGO - * (eg. in the Kerberos case by using CFX) - */ - if (gss_inquire_sec_context_by_oid(&minor, ctx->negotiated_ctx_id, - GSS_C_PEER_HAS_UPDATED_SPNEGO, - &buffer_set) == GSS_S_COMPLETE) { - *require_mic = 1; - gss_release_buffer_set(&minor, &buffer_set); - } - - /* Safe-to-omit MIC rules follow */ - if (*require_mic) { - if (gss_oid_equal(ctx->negotiated_mech_type, ctx->preferred_mech_type)) { - *require_mic = 0; - } else if (gss_oid_equal(ctx->negotiated_mech_type, &_gss_spnego_krb5_mechanism_oid_desc) && - gss_oid_equal(ctx->preferred_mech_type, &_gss_spnego_mskrb_mechanism_oid_desc)) { - *require_mic = 0; - } - } - - return GSS_S_COMPLETE; -} - -static int -add_mech_type(gss_OID mech_type, - int includeMSCompatOID, - MechTypeList *mechtypelist) -{ - MechType mech; - int ret; - - if (gss_oid_equal(mech_type, GSS_SPNEGO_MECHANISM)) - return 0; - - if (includeMSCompatOID && - gss_oid_equal(mech_type, &_gss_spnego_krb5_mechanism_oid_desc)) { - ret = der_get_oid(_gss_spnego_mskrb_mechanism_oid_desc.elements, - _gss_spnego_mskrb_mechanism_oid_desc.length, - &mech, - NULL); - if (ret) - return ret; - ret = add_MechTypeList(mechtypelist, &mech); - free_MechType(&mech); - if (ret) - return ret; - } - ret = der_get_oid(mech_type->elements, mech_type->length, &mech, NULL); - if (ret) - return ret; - ret = add_MechTypeList(mechtypelist, &mech); - free_MechType(&mech); - return ret; -} - - -OM_uint32 -_gss_spnego_indicate_mechtypelist (OM_uint32 *minor_status, - gss_name_t target_name, - OM_uint32 (*func)(gss_name_t, gss_OID), - int includeMSCompatOID, - const gssspnego_cred cred_handle, - MechTypeList *mechtypelist, - gss_OID *preferred_mech) -{ - gss_OID_set supported_mechs = GSS_C_NO_OID_SET; - gss_OID first_mech = GSS_C_NO_OID; - OM_uint32 ret; - int i; - - mechtypelist->len = 0; - mechtypelist->val = NULL; - - if (cred_handle != NULL) { - ret = gss_inquire_cred(minor_status, - cred_handle->negotiated_cred_id, - NULL, - NULL, - NULL, - &supported_mechs); - } else { - ret = gss_indicate_mechs(minor_status, &supported_mechs); - } - - if (ret != GSS_S_COMPLETE) { - return ret; - } - - if (supported_mechs->count == 0) { - *minor_status = ENOENT; - gss_release_oid_set(minor_status, &supported_mechs); - return GSS_S_FAILURE; - } - - ret = (*func)(target_name, GSS_KRB5_MECHANISM); - if (ret == GSS_S_COMPLETE) { - ret = add_mech_type(GSS_KRB5_MECHANISM, - includeMSCompatOID, - mechtypelist); - if (!GSS_ERROR(ret)) - first_mech = GSS_KRB5_MECHANISM; - } - ret = GSS_S_COMPLETE; - - for (i = 0; i < supported_mechs->count; i++) { - OM_uint32 subret; - if (gss_oid_equal(&supported_mechs->elements[i], GSS_SPNEGO_MECHANISM)) - continue; - if (gss_oid_equal(&supported_mechs->elements[i], GSS_KRB5_MECHANISM)) - continue; - - subret = (*func)(target_name, &supported_mechs->elements[i]); - if (subret != GSS_S_COMPLETE) - continue; - - ret = add_mech_type(&supported_mechs->elements[i], - includeMSCompatOID, - mechtypelist); - if (ret != 0) { - *minor_status = ret; - ret = GSS_S_FAILURE; - break; - } - if (first_mech == GSS_C_NO_OID) - first_mech = &supported_mechs->elements[i]; - } - - if (mechtypelist->len == 0) { - gss_release_oid_set(minor_status, &supported_mechs); - *minor_status = 0; - return GSS_S_BAD_MECH; - } - - if (preferred_mech != NULL) { - ret = gss_duplicate_oid(minor_status, first_mech, preferred_mech); - if (ret != GSS_S_COMPLETE) - free_MechTypeList(mechtypelist); - } - gss_release_oid_set(minor_status, &supported_mechs); - - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/spnego/context_stubs.c b/crypto/heimdal/lib/gssapi/spnego/context_stubs.c deleted file mode 100644 index 3535c7bb3596..000000000000 --- a/crypto/heimdal/lib/gssapi/spnego/context_stubs.c +++ /dev/null @@ -1,903 +0,0 @@ -/* - * Copyright (c) 2004, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "spnego/spnego_locl.h" - -RCSID("$Id: context_stubs.c 21035 2007-06-09 15:32:47Z lha $"); - -static OM_uint32 -spnego_supported_mechs(OM_uint32 *minor_status, gss_OID_set *mechs) -{ - OM_uint32 ret, junk; - gss_OID_set m; - int i; - - ret = gss_indicate_mechs(minor_status, &m); - if (ret != GSS_S_COMPLETE) - return ret; - - ret = gss_create_empty_oid_set(minor_status, mechs); - if (ret != GSS_S_COMPLETE) { - gss_release_oid_set(&junk, &m); - return ret; - } - - for (i = 0; i < m->count; i++) { - if (gss_oid_equal(&m->elements[i], GSS_SPNEGO_MECHANISM)) - continue; - - ret = gss_add_oid_set_member(minor_status, &m->elements[i], mechs); - if (ret) { - gss_release_oid_set(&junk, &m); - gss_release_oid_set(&junk, mechs); - return ret; - } - } - return ret; -} - - - -OM_uint32 _gss_spnego_process_context_token - (OM_uint32 *minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t token_buffer - ) -{ - gss_ctx_id_t context ; - gssspnego_ctx ctx; - OM_uint32 ret; - - if (context_handle == GSS_C_NO_CONTEXT) - return GSS_S_NO_CONTEXT; - - context = context_handle; - ctx = (gssspnego_ctx)context_handle; - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - - ret = gss_process_context_token(minor_status, - ctx->negotiated_ctx_id, - token_buffer); - if (ret != GSS_S_COMPLETE) { - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - return ret; - } - - ctx->negotiated_ctx_id = GSS_C_NO_CONTEXT; - - return _gss_spnego_internal_delete_sec_context(minor_status, - &context, - GSS_C_NO_BUFFER); -} - -OM_uint32 _gss_spnego_delete_sec_context - (OM_uint32 *minor_status, - gss_ctx_id_t *context_handle, - gss_buffer_t output_token - ) -{ - gssspnego_ctx ctx; - - if (context_handle == NULL || *context_handle == GSS_C_NO_CONTEXT) - return GSS_S_NO_CONTEXT; - - ctx = (gssspnego_ctx)*context_handle; - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - - return _gss_spnego_internal_delete_sec_context(minor_status, - context_handle, - output_token); -} - -OM_uint32 _gss_spnego_context_time - (OM_uint32 *minor_status, - const gss_ctx_id_t context_handle, - OM_uint32 *time_rec - ) -{ - gssspnego_ctx ctx; - *minor_status = 0; - - if (context_handle == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - return gss_context_time(minor_status, - ctx->negotiated_ctx_id, - time_rec); -} - -OM_uint32 _gss_spnego_get_mic - (OM_uint32 *minor_status, - const gss_ctx_id_t context_handle, - gss_qop_t qop_req, - const gss_buffer_t message_buffer, - gss_buffer_t message_token - ) -{ - gssspnego_ctx ctx; - - *minor_status = 0; - - if (context_handle == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - return gss_get_mic(minor_status, ctx->negotiated_ctx_id, - qop_req, message_buffer, message_token); -} - -OM_uint32 _gss_spnego_verify_mic - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t message_buffer, - const gss_buffer_t token_buffer, - gss_qop_t * qop_state - ) -{ - gssspnego_ctx ctx; - - *minor_status = 0; - - if (context_handle == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - return gss_verify_mic(minor_status, - ctx->negotiated_ctx_id, - message_buffer, - token_buffer, - qop_state); -} - -OM_uint32 _gss_spnego_wrap - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - int conf_req_flag, - gss_qop_t qop_req, - const gss_buffer_t input_message_buffer, - int * conf_state, - gss_buffer_t output_message_buffer - ) -{ - gssspnego_ctx ctx; - - *minor_status = 0; - - if (context_handle == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - return gss_wrap(minor_status, - ctx->negotiated_ctx_id, - conf_req_flag, - qop_req, - input_message_buffer, - conf_state, - output_message_buffer); -} - -OM_uint32 _gss_spnego_unwrap - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t input_message_buffer, - gss_buffer_t output_message_buffer, - int * conf_state, - gss_qop_t * qop_state - ) -{ - gssspnego_ctx ctx; - - *minor_status = 0; - - if (context_handle == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - return gss_unwrap(minor_status, - ctx->negotiated_ctx_id, - input_message_buffer, - output_message_buffer, - conf_state, - qop_state); -} - -OM_uint32 _gss_spnego_display_status - (OM_uint32 * minor_status, - OM_uint32 status_value, - int status_type, - const gss_OID mech_type, - OM_uint32 * message_context, - gss_buffer_t status_string - ) -{ - return GSS_S_FAILURE; -} - -OM_uint32 _gss_spnego_compare_name - (OM_uint32 *minor_status, - const gss_name_t name1, - const gss_name_t name2, - int * name_equal - ) -{ - spnego_name n1 = (spnego_name)name1; - spnego_name n2 = (spnego_name)name2; - - *name_equal = 0; - - if (!gss_oid_equal(&n1->type, &n2->type)) - return GSS_S_COMPLETE; - if (n1->value.length != n2->value.length) - return GSS_S_COMPLETE; - if (memcmp(n1->value.value, n2->value.value, n2->value.length) != 0) - return GSS_S_COMPLETE; - - *name_equal = 1; - - return GSS_S_COMPLETE; -} - -OM_uint32 _gss_spnego_display_name - (OM_uint32 * minor_status, - const gss_name_t input_name, - gss_buffer_t output_name_buffer, - gss_OID * output_name_type - ) -{ - spnego_name name = (spnego_name)input_name; - - *minor_status = 0; - - if (name == NULL || name->mech == GSS_C_NO_NAME) - return GSS_S_FAILURE; - - return gss_display_name(minor_status, name->mech, - output_name_buffer, output_name_type); -} - -OM_uint32 _gss_spnego_import_name - (OM_uint32 * minor_status, - const gss_buffer_t name_buffer, - const gss_OID name_type, - gss_name_t * output_name - ) -{ - spnego_name name; - OM_uint32 maj_stat; - - *minor_status = 0; - - name = calloc(1, sizeof(*name)); - if (name == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - maj_stat = _gss_copy_oid(minor_status, name_type, &name->type); - if (maj_stat) { - free(name); - return GSS_S_FAILURE; - } - - maj_stat = _gss_copy_buffer(minor_status, name_buffer, &name->value); - if (maj_stat) { - gss_name_t rname = (gss_name_t)name; - _gss_spnego_release_name(minor_status, &rname); - return GSS_S_FAILURE; - } - name->mech = GSS_C_NO_NAME; - *output_name = (gss_name_t)name; - - return GSS_S_COMPLETE; -} - -OM_uint32 _gss_spnego_export_name - (OM_uint32 * minor_status, - const gss_name_t input_name, - gss_buffer_t exported_name - ) -{ - spnego_name name; - *minor_status = 0; - - if (input_name == GSS_C_NO_NAME) - return GSS_S_BAD_NAME; - - name = (spnego_name)input_name; - if (name->mech == GSS_C_NO_NAME) - return GSS_S_BAD_NAME; - - return gss_export_name(minor_status, name->mech, exported_name); -} - -OM_uint32 _gss_spnego_release_name - (OM_uint32 * minor_status, - gss_name_t * input_name - ) -{ - *minor_status = 0; - - if (*input_name != GSS_C_NO_NAME) { - OM_uint32 junk; - spnego_name name = (spnego_name)*input_name; - _gss_free_oid(&junk, &name->type); - gss_release_buffer(&junk, &name->value); - if (name->mech != GSS_C_NO_NAME) - gss_release_name(&junk, &name->mech); - free(name); - - *input_name = GSS_C_NO_NAME; - } - return GSS_S_COMPLETE; -} - -OM_uint32 _gss_spnego_inquire_context ( - OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - gss_name_t * src_name, - gss_name_t * targ_name, - OM_uint32 * lifetime_rec, - gss_OID * mech_type, - OM_uint32 * ctx_flags, - int * locally_initiated, - int * open_context - ) -{ - gssspnego_ctx ctx; - - *minor_status = 0; - - if (context_handle == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - return gss_inquire_context(minor_status, - ctx->negotiated_ctx_id, - src_name, - targ_name, - lifetime_rec, - mech_type, - ctx_flags, - locally_initiated, - open_context); -} - -OM_uint32 _gss_spnego_wrap_size_limit ( - OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - int conf_req_flag, - gss_qop_t qop_req, - OM_uint32 req_output_size, - OM_uint32 * max_input_size - ) -{ - gssspnego_ctx ctx; - - *minor_status = 0; - - if (context_handle == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - return gss_wrap_size_limit(minor_status, - ctx->negotiated_ctx_id, - conf_req_flag, - qop_req, - req_output_size, - max_input_size); -} - -OM_uint32 _gss_spnego_export_sec_context ( - OM_uint32 * minor_status, - gss_ctx_id_t * context_handle, - gss_buffer_t interprocess_token - ) -{ - gssspnego_ctx ctx; - OM_uint32 ret; - - *minor_status = 0; - - if (context_handle == NULL) { - return GSS_S_NO_CONTEXT; - } - - ctx = (gssspnego_ctx)*context_handle; - - if (ctx == NULL) - return GSS_S_NO_CONTEXT; - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - return GSS_S_NO_CONTEXT; - } - - ret = gss_export_sec_context(minor_status, - &ctx->negotiated_ctx_id, - interprocess_token); - if (ret == GSS_S_COMPLETE) { - ret = _gss_spnego_internal_delete_sec_context(minor_status, - context_handle, - GSS_C_NO_BUFFER); - if (ret == GSS_S_COMPLETE) - return GSS_S_COMPLETE; - } - - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - - return ret; -} - -OM_uint32 _gss_spnego_import_sec_context ( - OM_uint32 * minor_status, - const gss_buffer_t interprocess_token, - gss_ctx_id_t *context_handle - ) -{ - OM_uint32 ret, minor; - gss_ctx_id_t context; - gssspnego_ctx ctx; - - ret = _gss_spnego_alloc_sec_context(minor_status, &context); - if (ret != GSS_S_COMPLETE) { - return ret; - } - ctx = (gssspnego_ctx)context; - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - - ret = gss_import_sec_context(minor_status, - interprocess_token, - &ctx->negotiated_ctx_id); - if (ret != GSS_S_COMPLETE) { - _gss_spnego_internal_delete_sec_context(&minor, context_handle, GSS_C_NO_BUFFER); - return ret; - } - - ctx->open = 1; - /* don't bother filling in the rest of the fields */ - - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - - *context_handle = (gss_ctx_id_t)ctx; - - return GSS_S_COMPLETE; -} - -OM_uint32 _gss_spnego_inquire_names_for_mech ( - OM_uint32 * minor_status, - const gss_OID mechanism, - gss_OID_set * name_types - ) -{ - gss_OID_set mechs, names, n; - OM_uint32 ret, junk; - int i, j; - - *name_types = NULL; - - ret = spnego_supported_mechs(minor_status, &mechs); - if (ret != GSS_S_COMPLETE) - return ret; - - ret = gss_create_empty_oid_set(minor_status, &names); - if (ret != GSS_S_COMPLETE) - goto out; - - for (i = 0; i < mechs->count; i++) { - ret = gss_inquire_names_for_mech(minor_status, - &mechs->elements[i], - &n); - if (ret) - continue; - - for (j = 0; j < n->count; j++) - gss_add_oid_set_member(minor_status, - &n->elements[j], - &names); - gss_release_oid_set(&junk, &n); - } - - ret = GSS_S_COMPLETE; - *name_types = names; -out: - - gss_release_oid_set(&junk, &mechs); - - return GSS_S_COMPLETE; -} - -OM_uint32 _gss_spnego_inquire_mechs_for_name ( - OM_uint32 * minor_status, - const gss_name_t input_name, - gss_OID_set * mech_types - ) -{ - OM_uint32 ret, junk; - - ret = gss_create_empty_oid_set(minor_status, mech_types); - if (ret) - return ret; - - ret = gss_add_oid_set_member(minor_status, - GSS_SPNEGO_MECHANISM, - mech_types); - if (ret) - gss_release_oid_set(&junk, mech_types); - - return ret; -} - -OM_uint32 _gss_spnego_canonicalize_name ( - OM_uint32 * minor_status, - const gss_name_t input_name, - const gss_OID mech_type, - gss_name_t * output_name - ) -{ - /* XXX */ - return gss_duplicate_name(minor_status, input_name, output_name); -} - -OM_uint32 _gss_spnego_duplicate_name ( - OM_uint32 * minor_status, - const gss_name_t src_name, - gss_name_t * dest_name - ) -{ - return gss_duplicate_name(minor_status, src_name, dest_name); -} - -OM_uint32 _gss_spnego_sign - (OM_uint32 * minor_status, - gss_ctx_id_t context_handle, - int qop_req, - gss_buffer_t message_buffer, - gss_buffer_t message_token - ) -{ - gssspnego_ctx ctx; - - *minor_status = 0; - - if (context_handle == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - return gss_sign(minor_status, - ctx->negotiated_ctx_id, - qop_req, - message_buffer, - message_token); -} - -OM_uint32 _gss_spnego_verify - (OM_uint32 * minor_status, - gss_ctx_id_t context_handle, - gss_buffer_t message_buffer, - gss_buffer_t token_buffer, - int * qop_state - ) -{ - gssspnego_ctx ctx; - - *minor_status = 0; - - if (context_handle == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - return gss_verify(minor_status, - ctx->negotiated_ctx_id, - message_buffer, - token_buffer, - qop_state); -} - -OM_uint32 _gss_spnego_seal - (OM_uint32 * minor_status, - gss_ctx_id_t context_handle, - int conf_req_flag, - int qop_req, - gss_buffer_t input_message_buffer, - int * conf_state, - gss_buffer_t output_message_buffer - ) -{ - gssspnego_ctx ctx; - - *minor_status = 0; - - if (context_handle == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - return gss_seal(minor_status, - ctx->negotiated_ctx_id, - conf_req_flag, - qop_req, - input_message_buffer, - conf_state, - output_message_buffer); -} - -OM_uint32 _gss_spnego_unseal - (OM_uint32 * minor_status, - gss_ctx_id_t context_handle, - gss_buffer_t input_message_buffer, - gss_buffer_t output_message_buffer, - int * conf_state, - int * qop_state - ) -{ - gssspnego_ctx ctx; - - *minor_status = 0; - - if (context_handle == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - return gss_unseal(minor_status, - ctx->negotiated_ctx_id, - input_message_buffer, - output_message_buffer, - conf_state, - qop_state); -} - -#if 0 -OM_uint32 _gss_spnego_unwrap_ex - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t token_header_buffer, - const gss_buffer_t associated_data_buffer, - const gss_buffer_t input_message_buffer, - gss_buffer_t output_message_buffer, - int * conf_state, - gss_qop_t * qop_state) -{ - gssspnego_ctx ctx; - - *minor_status = 0; - - if (context_handle == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - return gss_unwrap_ex(minor_status, - ctx->negotiated_ctx_id, - token_header_buffer, - associated_data_buffer, - input_message_buffer, - output_message_buffer, - conf_state, - qop_state); -} - -OM_uint32 _gss_spnego_wrap_ex - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - int conf_req_flag, - gss_qop_t qop_req, - const gss_buffer_t associated_data_buffer, - const gss_buffer_t input_message_buffer, - int * conf_state, - gss_buffer_t output_token_buffer, - gss_buffer_t output_message_buffer - ) -{ - gssspnego_ctx ctx; - - *minor_status = 0; - - if (context_handle == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - if ((ctx->mech_flags & GSS_C_DCE_STYLE) == 0 && - associated_data_buffer->length != input_message_buffer->length) { - *minor_status = EINVAL; - return GSS_S_BAD_QOP; - } - - return gss_wrap_ex(minor_status, - ctx->negotiated_ctx_id, - conf_req_flag, - qop_req, - associated_data_buffer, - input_message_buffer, - conf_state, - output_token_buffer, - output_message_buffer); -} - -OM_uint32 _gss_spnego_complete_auth_token - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - gss_buffer_t input_message_buffer) -{ - gssspnego_ctx ctx; - - *minor_status = 0; - - if (context_handle == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - return gss_complete_auth_token(minor_status, - ctx->negotiated_ctx_id, - input_message_buffer); -} -#endif - -OM_uint32 _gss_spnego_inquire_sec_context_by_oid - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_OID desired_object, - gss_buffer_set_t *data_set) -{ - gssspnego_ctx ctx; - - *minor_status = 0; - - if (context_handle == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - return gss_inquire_sec_context_by_oid(minor_status, - ctx->negotiated_ctx_id, - desired_object, - data_set); -} - -OM_uint32 _gss_spnego_set_sec_context_option - (OM_uint32 * minor_status, - gss_ctx_id_t * context_handle, - const gss_OID desired_object, - const gss_buffer_t value) -{ - gssspnego_ctx ctx; - - *minor_status = 0; - - if (context_handle == NULL || *context_handle == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - ctx = (gssspnego_ctx)context_handle; - - if (ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - return GSS_S_NO_CONTEXT; - } - - return gss_set_sec_context_option(minor_status, - &ctx->negotiated_ctx_id, - desired_object, - value); -} - diff --git a/crypto/heimdal/lib/gssapi/spnego/cred_stubs.c b/crypto/heimdal/lib/gssapi/spnego/cred_stubs.c deleted file mode 100644 index 2362e9901963..000000000000 --- a/crypto/heimdal/lib/gssapi/spnego/cred_stubs.c +++ /dev/null @@ -1,336 +0,0 @@ -/* - * Copyright (c) 2004, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "spnego/spnego_locl.h" - -RCSID("$Id: cred_stubs.c 20619 2007-05-08 13:43:45Z lha $"); - -OM_uint32 -_gss_spnego_release_cred(OM_uint32 *minor_status, gss_cred_id_t *cred_handle) -{ - gssspnego_cred cred; - OM_uint32 ret; - - *minor_status = 0; - - if (*cred_handle == GSS_C_NO_CREDENTIAL) { - return GSS_S_COMPLETE; - } - cred = (gssspnego_cred)*cred_handle; - - ret = gss_release_cred(minor_status, &cred->negotiated_cred_id); - - free(cred); - *cred_handle = GSS_C_NO_CREDENTIAL; - - return ret; -} - -OM_uint32 -_gss_spnego_alloc_cred(OM_uint32 *minor_status, - gss_cred_id_t mech_cred_handle, - gss_cred_id_t *cred_handle) -{ - gssspnego_cred cred; - - if (*cred_handle != GSS_C_NO_CREDENTIAL) { - *minor_status = EINVAL; - return GSS_S_FAILURE; - } - - cred = calloc(1, sizeof(*cred)); - if (cred == NULL) { - *cred_handle = GSS_C_NO_CREDENTIAL; - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - cred->negotiated_cred_id = mech_cred_handle; - - *cred_handle = (gss_cred_id_t)cred; - - return GSS_S_COMPLETE; -} - -/* - * For now, just a simple wrapper that avoids recursion. When - * we support gss_{get,set}_neg_mechs() we will need to expose - * more functionality. - */ -OM_uint32 _gss_spnego_acquire_cred -(OM_uint32 *minor_status, - const gss_name_t desired_name, - OM_uint32 time_req, - const gss_OID_set desired_mechs, - gss_cred_usage_t cred_usage, - gss_cred_id_t * output_cred_handle, - gss_OID_set * actual_mechs, - OM_uint32 * time_rec - ) -{ - const spnego_name dname = (const spnego_name)desired_name; - gss_name_t name = GSS_C_NO_NAME; - OM_uint32 ret, tmp; - gss_OID_set_desc actual_desired_mechs; - gss_OID_set mechs; - int i, j; - gss_cred_id_t cred_handle = GSS_C_NO_CREDENTIAL; - gssspnego_cred cred; - - *output_cred_handle = GSS_C_NO_CREDENTIAL; - - if (dname) { - ret = gss_import_name(minor_status, &dname->value, &dname->type, &name); - if (ret) { - return ret; - } - } - - ret = gss_indicate_mechs(minor_status, &mechs); - if (ret != GSS_S_COMPLETE) { - gss_release_name(minor_status, &name); - return ret; - } - - /* Remove ourselves from this list */ - actual_desired_mechs.count = mechs->count; - actual_desired_mechs.elements = malloc(actual_desired_mechs.count * - sizeof(gss_OID_desc)); - if (actual_desired_mechs.elements == NULL) { - *minor_status = ENOMEM; - ret = GSS_S_FAILURE; - goto out; - } - - for (i = 0, j = 0; i < mechs->count; i++) { - if (gss_oid_equal(&mechs->elements[i], GSS_SPNEGO_MECHANISM)) - continue; - - actual_desired_mechs.elements[j] = mechs->elements[i]; - j++; - } - actual_desired_mechs.count = j; - - ret = _gss_spnego_alloc_cred(minor_status, GSS_C_NO_CREDENTIAL, - &cred_handle); - if (ret != GSS_S_COMPLETE) - goto out; - - cred = (gssspnego_cred)cred_handle; - ret = gss_acquire_cred(minor_status, name, - time_req, &actual_desired_mechs, - cred_usage, - &cred->negotiated_cred_id, - actual_mechs, time_rec); - if (ret != GSS_S_COMPLETE) - goto out; - - *output_cred_handle = cred_handle; - -out: - gss_release_name(minor_status, &name); - gss_release_oid_set(&tmp, &mechs); - if (actual_desired_mechs.elements != NULL) { - free(actual_desired_mechs.elements); - } - if (ret != GSS_S_COMPLETE) { - _gss_spnego_release_cred(&tmp, &cred_handle); - } - - return ret; -} - -OM_uint32 _gss_spnego_inquire_cred - (OM_uint32 * minor_status, - const gss_cred_id_t cred_handle, - gss_name_t * name, - OM_uint32 * lifetime, - gss_cred_usage_t * cred_usage, - gss_OID_set * mechanisms - ) -{ - gssspnego_cred cred; - spnego_name sname = NULL; - OM_uint32 ret; - - if (cred_handle == GSS_C_NO_CREDENTIAL) { - *minor_status = 0; - return GSS_S_NO_CRED; - } - - if (name) { - sname = calloc(1, sizeof(*sname)); - if (sname == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - } - - cred = (gssspnego_cred)cred_handle; - - ret = gss_inquire_cred(minor_status, - cred->negotiated_cred_id, - sname ? &sname->mech : NULL, - lifetime, - cred_usage, - mechanisms); - if (ret) { - if (sname) - free(sname); - return ret; - } - if (name) - *name = (gss_name_t)sname; - - return ret; -} - -OM_uint32 _gss_spnego_add_cred ( - OM_uint32 * minor_status, - const gss_cred_id_t input_cred_handle, - const gss_name_t desired_name, - const gss_OID desired_mech, - gss_cred_usage_t cred_usage, - OM_uint32 initiator_time_req, - OM_uint32 acceptor_time_req, - gss_cred_id_t * output_cred_handle, - gss_OID_set * actual_mechs, - OM_uint32 * initiator_time_rec, - OM_uint32 * acceptor_time_rec - ) -{ - gss_cred_id_t spnego_output_cred_handle = GSS_C_NO_CREDENTIAL; - OM_uint32 ret, tmp; - gssspnego_cred input_cred, output_cred; - - *output_cred_handle = GSS_C_NO_CREDENTIAL; - - ret = _gss_spnego_alloc_cred(minor_status, GSS_C_NO_CREDENTIAL, - &spnego_output_cred_handle); - if (ret) - return ret; - - input_cred = (gssspnego_cred)input_cred_handle; - output_cred = (gssspnego_cred)spnego_output_cred_handle; - - ret = gss_add_cred(minor_status, - input_cred->negotiated_cred_id, - desired_name, - desired_mech, - cred_usage, - initiator_time_req, - acceptor_time_req, - &output_cred->negotiated_cred_id, - actual_mechs, - initiator_time_rec, - acceptor_time_rec); - if (ret) { - _gss_spnego_release_cred(&tmp, &spnego_output_cred_handle); - return ret; - } - - *output_cred_handle = spnego_output_cred_handle; - - return GSS_S_COMPLETE; -} - -OM_uint32 _gss_spnego_inquire_cred_by_mech ( - OM_uint32 * minor_status, - const gss_cred_id_t cred_handle, - const gss_OID mech_type, - gss_name_t * name, - OM_uint32 * initiator_lifetime, - OM_uint32 * acceptor_lifetime, - gss_cred_usage_t * cred_usage - ) -{ - gssspnego_cred cred; - spnego_name sname = NULL; - OM_uint32 ret; - - if (cred_handle == GSS_C_NO_CREDENTIAL) { - *minor_status = 0; - return GSS_S_NO_CRED; - } - - if (name) { - sname = calloc(1, sizeof(*sname)); - if (sname == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - } - - cred = (gssspnego_cred)cred_handle; - - ret = gss_inquire_cred_by_mech(minor_status, - cred->negotiated_cred_id, - mech_type, - sname ? &sname->mech : NULL, - initiator_lifetime, - acceptor_lifetime, - cred_usage); - - if (ret) { - if (sname) - free(sname); - return ret; - } - if (name) - *name = (gss_name_t)sname; - - return GSS_S_COMPLETE; -} - -OM_uint32 _gss_spnego_inquire_cred_by_oid - (OM_uint32 * minor_status, - const gss_cred_id_t cred_handle, - const gss_OID desired_object, - gss_buffer_set_t *data_set) -{ - gssspnego_cred cred; - OM_uint32 ret; - - if (cred_handle == GSS_C_NO_CREDENTIAL) { - *minor_status = 0; - return GSS_S_NO_CRED; - } - cred = (gssspnego_cred)cred_handle; - - ret = gss_inquire_cred_by_oid(minor_status, - cred->negotiated_cred_id, - desired_object, - data_set); - - return ret; -} - diff --git a/crypto/heimdal/lib/gssapi/spnego/external.c b/crypto/heimdal/lib/gssapi/spnego/external.c deleted file mode 100644 index fbc231f3aebb..000000000000 --- a/crypto/heimdal/lib/gssapi/spnego/external.c +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright (c) 2004, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "spnego/spnego_locl.h" -#include - -RCSID("$Id: external.c 18336 2006-10-07 22:27:13Z lha $"); - -/* - * RFC2478, SPNEGO: - * The security mechanism of the initial - * negotiation token is identified by the Object Identifier - * iso.org.dod.internet.security.mechanism.snego (1.3.6.1.5.5.2). - */ - -static gssapi_mech_interface_desc spnego_mech = { - GMI_VERSION, - "spnego", - {6, (void *)"\x2b\x06\x01\x05\x05\x02"}, - _gss_spnego_acquire_cred, - _gss_spnego_release_cred, - _gss_spnego_init_sec_context, - _gss_spnego_accept_sec_context, - _gss_spnego_process_context_token, - _gss_spnego_internal_delete_sec_context, - _gss_spnego_context_time, - _gss_spnego_get_mic, - _gss_spnego_verify_mic, - _gss_spnego_wrap, - _gss_spnego_unwrap, - _gss_spnego_display_status, - NULL, - _gss_spnego_compare_name, - _gss_spnego_display_name, - _gss_spnego_import_name, - _gss_spnego_export_name, - _gss_spnego_release_name, - _gss_spnego_inquire_cred, - _gss_spnego_inquire_context, - _gss_spnego_wrap_size_limit, - _gss_spnego_add_cred, - _gss_spnego_inquire_cred_by_mech, - _gss_spnego_export_sec_context, - _gss_spnego_import_sec_context, - _gss_spnego_inquire_names_for_mech, - _gss_spnego_inquire_mechs_for_name, - _gss_spnego_canonicalize_name, - _gss_spnego_duplicate_name -}; - -gssapi_mech_interface -__gss_spnego_initialize(void) -{ - return &spnego_mech; -} - -static gss_OID_desc _gss_spnego_mechanism_desc = - {6, (void *)"\x2b\x06\x01\x05\x05\x02"}; - -gss_OID GSS_SPNEGO_MECHANISM = &_gss_spnego_mechanism_desc; diff --git a/crypto/heimdal/lib/gssapi/spnego/init_sec_context.c b/crypto/heimdal/lib/gssapi/spnego/init_sec_context.c deleted file mode 100644 index 7c74981e664e..000000000000 --- a/crypto/heimdal/lib/gssapi/spnego/init_sec_context.c +++ /dev/null @@ -1,663 +0,0 @@ -/* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * Portions Copyright (c) 2004 PADL Software Pty Ltd. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "spnego/spnego_locl.h" - -RCSID("$Id: init_sec_context.c 19411 2006-12-18 15:42:03Z lha $"); - -/* - * Is target_name an sane target for `mech´. - */ - -static OM_uint32 -initiator_approved(gss_name_t target_name, gss_OID mech) -{ - OM_uint32 min_stat, maj_stat; - gss_ctx_id_t ctx = GSS_C_NO_CONTEXT; - gss_buffer_desc out; - - maj_stat = gss_init_sec_context(&min_stat, - GSS_C_NO_CREDENTIAL, - &ctx, - target_name, - mech, - 0, - GSS_C_INDEFINITE, - GSS_C_NO_CHANNEL_BINDINGS, - GSS_C_NO_BUFFER, - NULL, - &out, - NULL, - NULL); - if (GSS_ERROR(maj_stat)) - return GSS_S_BAD_MECH; - gss_release_buffer(&min_stat, &out); - gss_delete_sec_context(&min_stat, &ctx, NULL); - - return GSS_S_COMPLETE; -} - -/* - * Send a reply. Note that we only need to send a reply if we - * need to send a MIC or a mechanism token. Otherwise, we can - * return an empty buffer. - * - * The return value of this will be returned to the API, so it - * must return GSS_S_CONTINUE_NEEDED if a token was generated. - */ -static OM_uint32 -spnego_reply_internal(OM_uint32 *minor_status, - gssspnego_ctx context_handle, - const gss_buffer_t mech_buf, - gss_buffer_t mech_token, - gss_buffer_t output_token) -{ - NegotiationToken nt; - gss_buffer_desc mic_buf; - OM_uint32 ret; - size_t size; - - if (mech_buf == GSS_C_NO_BUFFER && mech_token->length == 0) { - output_token->length = 0; - output_token->value = NULL; - - return context_handle->open ? GSS_S_COMPLETE : GSS_S_FAILURE; - } - - memset(&nt, 0, sizeof(nt)); - - nt.element = choice_NegotiationToken_negTokenResp; - - ALLOC(nt.u.negTokenResp.negResult, 1); - if (nt.u.negTokenResp.negResult == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - nt.u.negTokenResp.supportedMech = NULL; - - output_token->length = 0; - output_token->value = NULL; - - if (mech_token->length == 0) { - nt.u.negTokenResp.responseToken = NULL; - *(nt.u.negTokenResp.negResult) = accept_completed; - } else { - ALLOC(nt.u.negTokenResp.responseToken, 1); - if (nt.u.negTokenResp.responseToken == NULL) { - free_NegotiationToken(&nt); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - nt.u.negTokenResp.responseToken->length = mech_token->length; - nt.u.negTokenResp.responseToken->data = mech_token->value; - mech_token->length = 0; - mech_token->value = NULL; - - *(nt.u.negTokenResp.negResult) = accept_incomplete; - } - - if (mech_buf != GSS_C_NO_BUFFER) { - - ret = gss_get_mic(minor_status, - context_handle->negotiated_ctx_id, - 0, - mech_buf, - &mic_buf); - if (ret == GSS_S_COMPLETE) { - ALLOC(nt.u.negTokenResp.mechListMIC, 1); - if (nt.u.negTokenResp.mechListMIC == NULL) { - gss_release_buffer(minor_status, &mic_buf); - free_NegotiationToken(&nt); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - nt.u.negTokenResp.mechListMIC->length = mic_buf.length; - nt.u.negTokenResp.mechListMIC->data = mic_buf.value; - } else if (ret == GSS_S_UNAVAILABLE) { - nt.u.negTokenResp.mechListMIC = NULL; - } if (ret) { - free_NegotiationToken(&nt); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - } else { - nt.u.negTokenResp.mechListMIC = NULL; - } - - ASN1_MALLOC_ENCODE(NegotiationToken, - output_token->value, output_token->length, - &nt, &size, ret); - if (ret) { - free_NegotiationToken(&nt); - *minor_status = ret; - return GSS_S_FAILURE; - } - - if (*(nt.u.negTokenResp.negResult) == accept_completed) - ret = GSS_S_COMPLETE; - else - ret = GSS_S_CONTINUE_NEEDED; - - free_NegotiationToken(&nt); - return ret; -} - -static OM_uint32 -spnego_initial - (OM_uint32 * minor_status, - gssspnego_cred cred, - gss_ctx_id_t * context_handle, - const gss_name_t target_name, - const gss_OID mech_type, - OM_uint32 req_flags, - OM_uint32 time_req, - const gss_channel_bindings_t input_chan_bindings, - const gss_buffer_t input_token, - gss_OID * actual_mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec - ) -{ - NegTokenInit ni; - int ret; - OM_uint32 sub, minor; - gss_buffer_desc mech_token; - u_char *buf; - size_t buf_size, buf_len; - gss_buffer_desc data; - size_t ni_len; - gss_ctx_id_t context; - gssspnego_ctx ctx; - spnego_name name = (spnego_name)target_name; - - *minor_status = 0; - - memset (&ni, 0, sizeof(ni)); - - *context_handle = GSS_C_NO_CONTEXT; - - if (target_name == GSS_C_NO_NAME) - return GSS_S_BAD_NAME; - - sub = _gss_spnego_alloc_sec_context(&minor, &context); - if (GSS_ERROR(sub)) { - *minor_status = minor; - return sub; - } - ctx = (gssspnego_ctx)context; - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - - ctx->local = 1; - - sub = gss_import_name(&minor, &name->value, &name->type, &ctx->target_name); - if (GSS_ERROR(sub)) { - *minor_status = minor; - _gss_spnego_internal_delete_sec_context(&minor, &context, GSS_C_NO_BUFFER); - return sub; - } - - sub = _gss_spnego_indicate_mechtypelist(&minor, - ctx->target_name, - initiator_approved, - 0, - cred, - &ni.mechTypes, - &ctx->preferred_mech_type); - if (GSS_ERROR(sub)) { - *minor_status = minor; - _gss_spnego_internal_delete_sec_context(&minor, &context, GSS_C_NO_BUFFER); - return sub; - } - - ni.reqFlags = NULL; - - /* - * If we have a credential handle, use it to select the mechanism - * that we will use - */ - - /* generate optimistic token */ - sub = gss_init_sec_context(&minor, - (cred != NULL) ? cred->negotiated_cred_id : - GSS_C_NO_CREDENTIAL, - &ctx->negotiated_ctx_id, - ctx->target_name, - ctx->preferred_mech_type, - req_flags, - time_req, - input_chan_bindings, - input_token, - &ctx->negotiated_mech_type, - &mech_token, - &ctx->mech_flags, - &ctx->mech_time_rec); - if (GSS_ERROR(sub)) { - free_NegTokenInit(&ni); - *minor_status = minor; - _gss_spnego_internal_delete_sec_context(&minor, &context, GSS_C_NO_BUFFER); - return sub; - } - if (sub == GSS_S_COMPLETE) - ctx->maybe_open = 1; - - if (mech_token.length != 0) { - ALLOC(ni.mechToken, 1); - if (ni.mechToken == NULL) { - free_NegTokenInit(&ni); - gss_release_buffer(&minor, &mech_token); - _gss_spnego_internal_delete_sec_context(&minor, &context, GSS_C_NO_BUFFER); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - ni.mechToken->length = mech_token.length; - ni.mechToken->data = malloc(mech_token.length); - if (ni.mechToken->data == NULL && mech_token.length != 0) { - free_NegTokenInit(&ni); - gss_release_buffer(&minor, &mech_token); - *minor_status = ENOMEM; - _gss_spnego_internal_delete_sec_context(&minor, &context, GSS_C_NO_BUFFER); - return GSS_S_FAILURE; - } - memcpy(ni.mechToken->data, mech_token.value, mech_token.length); - gss_release_buffer(&minor, &mech_token); - } else - ni.mechToken = NULL; - - ni.mechListMIC = NULL; - - ni_len = length_NegTokenInit(&ni); - buf_size = 1 + der_length_len(ni_len) + ni_len; - - buf = malloc(buf_size); - if (buf == NULL) { - free_NegTokenInit(&ni); - *minor_status = ENOMEM; - _gss_spnego_internal_delete_sec_context(&minor, &context, GSS_C_NO_BUFFER); - return GSS_S_FAILURE; - } - - ret = encode_NegTokenInit(buf + buf_size - 1, - ni_len, - &ni, &buf_len); - if (ret == 0 && ni_len != buf_len) - abort(); - - if (ret == 0) { - size_t tmp; - - ret = der_put_length_and_tag(buf + buf_size - buf_len - 1, - buf_size - buf_len, - buf_len, - ASN1_C_CONTEXT, - CONS, - 0, - &tmp); - if (ret == 0 && tmp + buf_len != buf_size) - abort(); - } - if (ret) { - *minor_status = ret; - free(buf); - free_NegTokenInit(&ni); - _gss_spnego_internal_delete_sec_context(&minor, &context, GSS_C_NO_BUFFER); - return GSS_S_FAILURE; - } - - data.value = buf; - data.length = buf_size; - - ctx->initiator_mech_types.len = ni.mechTypes.len; - ctx->initiator_mech_types.val = ni.mechTypes.val; - ni.mechTypes.len = 0; - ni.mechTypes.val = NULL; - - free_NegTokenInit(&ni); - - sub = gss_encapsulate_token(&data, - GSS_SPNEGO_MECHANISM, - output_token); - free (buf); - - if (sub) { - _gss_spnego_internal_delete_sec_context(&minor, &context, GSS_C_NO_BUFFER); - return sub; - } - - if (actual_mech_type) - *actual_mech_type = ctx->negotiated_mech_type; - if (ret_flags) - *ret_flags = ctx->mech_flags; - if (time_rec) - *time_rec = ctx->mech_time_rec; - - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - - *context_handle = context; - - return GSS_S_CONTINUE_NEEDED; -} - -static OM_uint32 -spnego_reply - (OM_uint32 * minor_status, - const gssspnego_cred cred, - gss_ctx_id_t * context_handle, - const gss_name_t target_name, - const gss_OID mech_type, - OM_uint32 req_flags, - OM_uint32 time_req, - const gss_channel_bindings_t input_chan_bindings, - const gss_buffer_t input_token, - gss_OID * actual_mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec - ) -{ - OM_uint32 ret, minor; - NegTokenResp resp; - size_t len, taglen; - gss_OID_desc mech; - int require_mic; - size_t buf_len; - gss_buffer_desc mic_buf, mech_buf; - gss_buffer_desc mech_output_token; - gssspnego_ctx ctx; - - *minor_status = 0; - - ctx = (gssspnego_ctx)*context_handle; - - output_token->length = 0; - output_token->value = NULL; - - mech_output_token.length = 0; - mech_output_token.value = NULL; - - mech_buf.value = NULL; - mech_buf.length = 0; - - ret = der_match_tag_and_length(input_token->value, input_token->length, - ASN1_C_CONTEXT, CONS, 1, &len, &taglen); - if (ret) - return ret; - - if (len > input_token->length - taglen) - return ASN1_OVERRUN; - - ret = decode_NegTokenResp((const unsigned char *)input_token->value+taglen, - len, &resp, NULL); - if (ret) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - if (resp.negResult == NULL - || *(resp.negResult) == reject - /* || resp.supportedMech == NULL */ - ) - { - free_NegTokenResp(&resp); - return GSS_S_BAD_MECH; - } - - /* - * Pick up the mechanism that the acceptor selected, only allow it - * to be sent in packet. - */ - - HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - - if (resp.supportedMech) { - - if (ctx->oidlen) { - free_NegTokenResp(&resp); - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - return GSS_S_BAD_MECH; - } - ret = der_put_oid(ctx->oidbuf + sizeof(ctx->oidbuf) - 1, - sizeof(ctx->oidbuf), - resp.supportedMech, - &ctx->oidlen); - /* Avoid recursively embedded SPNEGO */ - if (ret || (ctx->oidlen == GSS_SPNEGO_MECHANISM->length && - memcmp(ctx->oidbuf + sizeof(ctx->oidbuf) - ctx->oidlen, - GSS_SPNEGO_MECHANISM->elements, - ctx->oidlen) == 0)) - { - free_NegTokenResp(&resp); - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - return GSS_S_BAD_MECH; - } - - /* check if the acceptor took our optimistic token */ - if (ctx->oidlen != ctx->preferred_mech_type->length || - memcmp(ctx->oidbuf + sizeof(ctx->oidbuf) - ctx->oidlen, - ctx->preferred_mech_type->elements, - ctx->oidlen) != 0) - { - gss_delete_sec_context(&minor, &ctx->negotiated_ctx_id, - GSS_C_NO_BUFFER); - ctx->negotiated_ctx_id = GSS_C_NO_CONTEXT; - } - } else if (ctx->oidlen == 0) { - free_NegTokenResp(&resp); - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - return GSS_S_BAD_MECH; - } - - if (resp.responseToken != NULL || - ctx->negotiated_ctx_id == GSS_C_NO_CONTEXT) { - gss_buffer_desc mech_input_token; - - if (resp.responseToken) { - mech_input_token.length = resp.responseToken->length; - mech_input_token.value = resp.responseToken->data; - } else { - mech_input_token.length = 0; - mech_input_token.value = NULL; - } - - - mech.length = ctx->oidlen; - mech.elements = ctx->oidbuf + sizeof(ctx->oidbuf) - ctx->oidlen; - - /* Fall through as if the negotiated mechanism - was requested explicitly */ - ret = gss_init_sec_context(&minor, - (cred != NULL) ? cred->negotiated_cred_id : - GSS_C_NO_CREDENTIAL, - &ctx->negotiated_ctx_id, - ctx->target_name, - &mech, - req_flags, - time_req, - input_chan_bindings, - &mech_input_token, - &ctx->negotiated_mech_type, - &mech_output_token, - &ctx->mech_flags, - &ctx->mech_time_rec); - if (GSS_ERROR(ret)) { - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - free_NegTokenResp(&resp); - *minor_status = minor; - return ret; - } - if (ret == GSS_S_COMPLETE) { - ctx->open = 1; - } - } else if (*(resp.negResult) == accept_completed) { - if (ctx->maybe_open) - ctx->open = 1; - } - - if (*(resp.negResult) == request_mic) { - ctx->require_mic = 1; - } - - if (ctx->open) { - /* - * Verify the mechListMIC if one was provided or CFX was - * used and a non-preferred mechanism was selected - */ - if (resp.mechListMIC != NULL) { - require_mic = 1; - } else { - ret = _gss_spnego_require_mechlist_mic(minor_status, ctx, - &require_mic); - if (ret) { - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - free_NegTokenResp(&resp); - gss_release_buffer(&minor, &mech_output_token); - return ret; - } - } - } else { - require_mic = 0; - } - - if (require_mic) { - ASN1_MALLOC_ENCODE(MechTypeList, mech_buf.value, mech_buf.length, - &ctx->initiator_mech_types, &buf_len, ret); - if (ret) { - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - free_NegTokenResp(&resp); - gss_release_buffer(&minor, &mech_output_token); - *minor_status = ret; - return GSS_S_FAILURE; - } - if (mech_buf.length != buf_len) - abort(); - - if (resp.mechListMIC == NULL) { - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - free(mech_buf.value); - free_NegTokenResp(&resp); - *minor_status = 0; - return GSS_S_DEFECTIVE_TOKEN; - } - mic_buf.length = resp.mechListMIC->length; - mic_buf.value = resp.mechListMIC->data; - - if (mech_output_token.length == 0) { - ret = gss_verify_mic(minor_status, - ctx->negotiated_ctx_id, - &mech_buf, - &mic_buf, - NULL); - if (ret) { - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - free(mech_buf.value); - gss_release_buffer(&minor, &mech_output_token); - free_NegTokenResp(&resp); - return GSS_S_DEFECTIVE_TOKEN; - } - ctx->verified_mic = 1; - } - } - - ret = spnego_reply_internal(minor_status, ctx, - require_mic ? &mech_buf : NULL, - &mech_output_token, - output_token); - - if (mech_buf.value != NULL) - free(mech_buf.value); - - free_NegTokenResp(&resp); - gss_release_buffer(&minor, &mech_output_token); - - if (actual_mech_type) - *actual_mech_type = ctx->negotiated_mech_type; - if (ret_flags) - *ret_flags = ctx->mech_flags; - if (time_rec) - *time_rec = ctx->mech_time_rec; - - HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); - return ret; -} - -OM_uint32 _gss_spnego_init_sec_context - (OM_uint32 * minor_status, - const gss_cred_id_t initiator_cred_handle, - gss_ctx_id_t * context_handle, - const gss_name_t target_name, - const gss_OID mech_type, - OM_uint32 req_flags, - OM_uint32 time_req, - const gss_channel_bindings_t input_chan_bindings, - const gss_buffer_t input_token, - gss_OID * actual_mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec - ) -{ - gssspnego_cred cred = (gssspnego_cred)initiator_cred_handle; - - if (*context_handle == GSS_C_NO_CONTEXT) - return spnego_initial (minor_status, - cred, - context_handle, - target_name, - mech_type, - req_flags, - time_req, - input_chan_bindings, - input_token, - actual_mech_type, - output_token, - ret_flags, - time_rec); - else - return spnego_reply (minor_status, - cred, - context_handle, - target_name, - mech_type, - req_flags, - time_req, - input_chan_bindings, - input_token, - actual_mech_type, - output_token, - ret_flags, - time_rec); -} - diff --git a/crypto/heimdal/lib/gssapi/spnego/spnego-private.h b/crypto/heimdal/lib/gssapi/spnego/spnego-private.h deleted file mode 100644 index d80db0018adf..000000000000 --- a/crypto/heimdal/lib/gssapi/spnego/spnego-private.h +++ /dev/null @@ -1,330 +0,0 @@ -/* This is a generated file */ -#ifndef __spnego_private_h__ -#define __spnego_private_h__ - -#include - -gssapi_mech_interface -__gss_spnego_initialize (void); - -OM_uint32 -_gss_spnego_accept_sec_context ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t * /*context_handle*/, - const gss_cred_id_t /*acceptor_cred_handle*/, - const gss_buffer_t /*input_token_buffer*/, - const gss_channel_bindings_t /*input_chan_bindings*/, - gss_name_t * /*src_name*/, - gss_OID * /*mech_type*/, - gss_buffer_t /*output_token*/, - OM_uint32 * /*ret_flags*/, - OM_uint32 * /*time_rec*/, - gss_cred_id_t *delegated_cred_handle ); - -OM_uint32 -_gss_spnego_acquire_cred ( - OM_uint32 */*minor_status*/, - const gss_name_t /*desired_name*/, - OM_uint32 /*time_req*/, - const gss_OID_set /*desired_mechs*/, - gss_cred_usage_t /*cred_usage*/, - gss_cred_id_t * /*output_cred_handle*/, - gss_OID_set * /*actual_mechs*/, - OM_uint32 * time_rec ); - -OM_uint32 -_gss_spnego_add_cred ( - OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*input_cred_handle*/, - const gss_name_t /*desired_name*/, - const gss_OID /*desired_mech*/, - gss_cred_usage_t /*cred_usage*/, - OM_uint32 /*initiator_time_req*/, - OM_uint32 /*acceptor_time_req*/, - gss_cred_id_t * /*output_cred_handle*/, - gss_OID_set * /*actual_mechs*/, - OM_uint32 * /*initiator_time_rec*/, - OM_uint32 * acceptor_time_rec ); - -OM_uint32 -_gss_spnego_alloc_cred ( - OM_uint32 */*minor_status*/, - gss_cred_id_t /*mech_cred_handle*/, - gss_cred_id_t */*cred_handle*/); - -OM_uint32 -_gss_spnego_alloc_sec_context ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t */*context_handle*/); - -OM_uint32 -_gss_spnego_canonicalize_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*input_name*/, - const gss_OID /*mech_type*/, - gss_name_t * output_name ); - -OM_uint32 -_gss_spnego_compare_name ( - OM_uint32 */*minor_status*/, - const gss_name_t /*name1*/, - const gss_name_t /*name2*/, - int * name_equal ); - -OM_uint32 -_gss_spnego_context_time ( - OM_uint32 */*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - OM_uint32 *time_rec ); - -OM_uint32 -_gss_spnego_delete_sec_context ( - OM_uint32 */*minor_status*/, - gss_ctx_id_t */*context_handle*/, - gss_buffer_t output_token ); - -OM_uint32 -_gss_spnego_display_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*input_name*/, - gss_buffer_t /*output_name_buffer*/, - gss_OID * output_name_type ); - -OM_uint32 -_gss_spnego_display_status ( - OM_uint32 * /*minor_status*/, - OM_uint32 /*status_value*/, - int /*status_type*/, - const gss_OID /*mech_type*/, - OM_uint32 * /*message_context*/, - gss_buffer_t status_string ); - -OM_uint32 -_gss_spnego_duplicate_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*src_name*/, - gss_name_t * dest_name ); - -OM_uint32 -_gss_spnego_export_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*input_name*/, - gss_buffer_t exported_name ); - -OM_uint32 -_gss_spnego_export_sec_context ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t * /*context_handle*/, - gss_buffer_t interprocess_token ); - -OM_uint32 -_gss_spnego_get_mic ( - OM_uint32 */*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - gss_qop_t /*qop_req*/, - const gss_buffer_t /*message_buffer*/, - gss_buffer_t message_token ); - -OM_uint32 -_gss_spnego_import_name ( - OM_uint32 * /*minor_status*/, - const gss_buffer_t /*name_buffer*/, - const gss_OID /*name_type*/, - gss_name_t * output_name ); - -OM_uint32 -_gss_spnego_import_sec_context ( - OM_uint32 * /*minor_status*/, - const gss_buffer_t /*interprocess_token*/, - gss_ctx_id_t *context_handle ); - -OM_uint32 -_gss_spnego_indicate_mechtypelist ( - OM_uint32 */*minor_status*/, - gss_name_t /*target_name*/, - OM_uint32 (*/*func*/)(gss_name_t, gss_OID), - int /*includeMSCompatOID*/, - const gssspnego_cred /*cred_handle*/, - MechTypeList */*mechtypelist*/, - gss_OID */*preferred_mech*/); - -OM_uint32 -_gss_spnego_init_sec_context ( - OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*initiator_cred_handle*/, - gss_ctx_id_t * /*context_handle*/, - const gss_name_t /*target_name*/, - const gss_OID /*mech_type*/, - OM_uint32 /*req_flags*/, - OM_uint32 /*time_req*/, - const gss_channel_bindings_t /*input_chan_bindings*/, - const gss_buffer_t /*input_token*/, - gss_OID * /*actual_mech_type*/, - gss_buffer_t /*output_token*/, - OM_uint32 * /*ret_flags*/, - OM_uint32 * time_rec ); - -OM_uint32 -_gss_spnego_inquire_context ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - gss_name_t * /*src_name*/, - gss_name_t * /*targ_name*/, - OM_uint32 * /*lifetime_rec*/, - gss_OID * /*mech_type*/, - OM_uint32 * /*ctx_flags*/, - int * /*locally_initiated*/, - int * open_context ); - -OM_uint32 -_gss_spnego_inquire_cred ( - OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*cred_handle*/, - gss_name_t * /*name*/, - OM_uint32 * /*lifetime*/, - gss_cred_usage_t * /*cred_usage*/, - gss_OID_set * mechanisms ); - -OM_uint32 -_gss_spnego_inquire_cred_by_mech ( - OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*cred_handle*/, - const gss_OID /*mech_type*/, - gss_name_t * /*name*/, - OM_uint32 * /*initiator_lifetime*/, - OM_uint32 * /*acceptor_lifetime*/, - gss_cred_usage_t * cred_usage ); - -OM_uint32 -_gss_spnego_inquire_cred_by_oid ( - OM_uint32 * /*minor_status*/, - const gss_cred_id_t /*cred_handle*/, - const gss_OID /*desired_object*/, - gss_buffer_set_t */*data_set*/); - -OM_uint32 -_gss_spnego_inquire_mechs_for_name ( - OM_uint32 * /*minor_status*/, - const gss_name_t /*input_name*/, - gss_OID_set * mech_types ); - -OM_uint32 -_gss_spnego_inquire_names_for_mech ( - OM_uint32 * /*minor_status*/, - const gss_OID /*mechanism*/, - gss_OID_set * name_types ); - -OM_uint32 -_gss_spnego_inquire_sec_context_by_oid ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - const gss_OID /*desired_object*/, - gss_buffer_set_t */*data_set*/); - -OM_uint32 -_gss_spnego_internal_delete_sec_context ( - OM_uint32 */*minor_status*/, - gss_ctx_id_t */*context_handle*/, - gss_buffer_t output_token ); - -OM_uint32 -_gss_spnego_process_context_token ( - OM_uint32 */*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - const gss_buffer_t token_buffer ); - -OM_uint32 -_gss_spnego_release_cred ( - OM_uint32 */*minor_status*/, - gss_cred_id_t */*cred_handle*/); - -OM_uint32 -_gss_spnego_release_name ( - OM_uint32 * /*minor_status*/, - gss_name_t * input_name ); - -OM_uint32 -_gss_spnego_require_mechlist_mic ( - OM_uint32 */*minor_status*/, - gssspnego_ctx /*ctx*/, - int */*require_mic*/); - -OM_uint32 -_gss_spnego_seal ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t /*context_handle*/, - int /*conf_req_flag*/, - int /*qop_req*/, - gss_buffer_t /*input_message_buffer*/, - int * /*conf_state*/, - gss_buffer_t output_message_buffer ); - -OM_uint32 -_gss_spnego_set_sec_context_option ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t * /*context_handle*/, - const gss_OID /*desired_object*/, - const gss_buffer_t /*value*/); - -OM_uint32 -_gss_spnego_sign ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t /*context_handle*/, - int /*qop_req*/, - gss_buffer_t /*message_buffer*/, - gss_buffer_t message_token ); - -OM_uint32 -_gss_spnego_unseal ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t /*context_handle*/, - gss_buffer_t /*input_message_buffer*/, - gss_buffer_t /*output_message_buffer*/, - int * /*conf_state*/, - int * qop_state ); - -OM_uint32 -_gss_spnego_unwrap ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - const gss_buffer_t /*input_message_buffer*/, - gss_buffer_t /*output_message_buffer*/, - int * /*conf_state*/, - gss_qop_t * qop_state ); - -OM_uint32 -_gss_spnego_verify ( - OM_uint32 * /*minor_status*/, - gss_ctx_id_t /*context_handle*/, - gss_buffer_t /*message_buffer*/, - gss_buffer_t /*token_buffer*/, - int * qop_state ); - -OM_uint32 -_gss_spnego_verify_mic ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - const gss_buffer_t /*message_buffer*/, - const gss_buffer_t /*token_buffer*/, - gss_qop_t * qop_state ); - -OM_uint32 -_gss_spnego_wrap ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - int /*conf_req_flag*/, - gss_qop_t /*qop_req*/, - const gss_buffer_t /*input_message_buffer*/, - int * /*conf_state*/, - gss_buffer_t output_message_buffer ); - -OM_uint32 -_gss_spnego_wrap_size_limit ( - OM_uint32 * /*minor_status*/, - const gss_ctx_id_t /*context_handle*/, - int /*conf_req_flag*/, - gss_qop_t /*qop_req*/, - OM_uint32 /*req_output_size*/, - OM_uint32 * max_input_size ); - -#endif /* __spnego_private_h__ */ diff --git a/crypto/heimdal/lib/gssapi/spnego/spnego.asn1 b/crypto/heimdal/lib/gssapi/spnego/spnego.asn1 deleted file mode 100644 index 058f10ba3ad1..000000000000 --- a/crypto/heimdal/lib/gssapi/spnego/spnego.asn1 +++ /dev/null @@ -1,63 +0,0 @@ --- $Id: spnego.asn1 21403 2007-07-04 08:13:12Z lha $ - -SPNEGO DEFINITIONS ::= -BEGIN - -MechType::= OBJECT IDENTIFIER - -MechTypeList ::= SEQUENCE OF MechType - -ContextFlags ::= BIT STRING { - delegFlag (0), - mutualFlag (1), - replayFlag (2), - sequenceFlag (3), - anonFlag (4), - confFlag (5), - integFlag (6) -} - -NegHints ::= SEQUENCE { - hintName [0] GeneralString OPTIONAL, - hintAddress [1] OCTET STRING OPTIONAL -} - -NegTokenInitWin ::= SEQUENCE { - mechTypes [0] MechTypeList, - reqFlags [1] ContextFlags OPTIONAL, - mechToken [2] OCTET STRING OPTIONAL, - negHints [3] NegHints OPTIONAL -} - -NegTokenInit ::= SEQUENCE { - mechTypes [0] MechTypeList, - reqFlags [1] ContextFlags OPTIONAL, - mechToken [2] OCTET STRING OPTIONAL, - mechListMIC [3] OCTET STRING OPTIONAL, - ... -} - --- NB: negResult is not OPTIONAL in the new SPNEGO spec but --- Windows clients do not always send it -NegTokenResp ::= SEQUENCE { - negResult [0] ENUMERATED { - accept_completed (0), - accept_incomplete (1), - reject (2), - request-mic (3) } OPTIONAL, - supportedMech [1] MechType OPTIONAL, - responseToken [2] OCTET STRING OPTIONAL, - mechListMIC [3] OCTET STRING OPTIONAL, - ... -} - -NegotiationToken ::= CHOICE { - negTokenInit[0] NegTokenInit, - negTokenResp[1] NegTokenResp -} - -NegotiationTokenWin ::= CHOICE { - negTokenInit[0] NegTokenInitWin -} - -END diff --git a/crypto/heimdal/lib/gssapi/spnego/spnego_locl.h b/crypto/heimdal/lib/gssapi/spnego/spnego_locl.h deleted file mode 100644 index 44b24688e18f..000000000000 --- a/crypto/heimdal/lib/gssapi/spnego/spnego_locl.h +++ /dev/null @@ -1,115 +0,0 @@ -/* - * Copyright (c) 2004, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: spnego_locl.h 19411 2006-12-18 15:42:03Z lha $ */ - -#ifndef SPNEGO_LOCL_H -#define SPNEGO_LOCL_H - -#ifdef HAVE_CONFIG_H -#include -#endif - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif - -#ifdef HAVE_PTHREAD_H -#include -#endif - -#include -#include -#include -#include -#include -#include -#include -#ifdef HAVE_NETDB_H -#include -#endif - -#include -#include - -#include - -#include "spnego_asn1.h" -#include "mech/utils.h" -#include - -#include - -#define ALLOC(X, N) (X) = calloc((N), sizeof(*(X))) - -typedef struct { - gss_cred_id_t negotiated_cred_id; -} *gssspnego_cred; - -typedef struct { - MechTypeList initiator_mech_types; - gss_OID preferred_mech_type; - gss_OID negotiated_mech_type; - gss_ctx_id_t negotiated_ctx_id; - OM_uint32 mech_flags; - OM_uint32 mech_time_rec; - gss_name_t mech_src_name; - gss_cred_id_t delegated_cred_id; - unsigned int open : 1; - unsigned int local : 1; - unsigned int require_mic : 1; - unsigned int verified_mic : 1; - unsigned int maybe_open : 1; - HEIMDAL_MUTEX ctx_id_mutex; - - gss_name_t target_name; - - u_char oidbuf[17]; - size_t oidlen; - -} *gssspnego_ctx; - -typedef struct { - gss_OID_desc type; - gss_buffer_desc value; - gss_name_t mech; -} *spnego_name; - -extern gss_OID_desc _gss_spnego_mskrb_mechanism_oid_desc; -extern gss_OID_desc _gss_spnego_krb5_mechanism_oid_desc; - -#include - -#endif /* SPNEGO_LOCL_H */ diff --git a/crypto/heimdal/lib/gssapi/test_acquire_cred.c b/crypto/heimdal/lib/gssapi/test_acquire_cred.c deleted file mode 100644 index fd2bc32dd52b..000000000000 --- a/crypto/heimdal/lib/gssapi/test_acquire_cred.c +++ /dev/null @@ -1,253 +0,0 @@ -/* - * Copyright (c) 2003-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include -#include -#include -#include - -#include "test_common.h" - -RCSID("$Id: test_acquire_cred.c 22129 2007-12-04 01:13:13Z lha $"); - -static void -print_time(OM_uint32 time_rec) -{ - if (time_rec == GSS_C_INDEFINITE) { - printf("cred never expire\n"); - } else { - time_t t = time_rec + time(NULL); - printf("expiration time: %s", ctime(&t)); - } -} - -#if 0 - -static void -test_add(gss_cred_id_t cred_handle) -{ - OM_uint32 major_status, minor_status; - gss_cred_id_t copy_cred; - OM_uint32 time_rec; - - major_status = gss_add_cred (&minor_status, - cred_handle, - GSS_C_NO_NAME, - GSS_KRB5_MECHANISM, - GSS_C_INITIATE, - 0, - 0, - ©_cred, - NULL, - &time_rec, - NULL); - - if (GSS_ERROR(major_status)) - errx(1, "add_cred failed"); - - print_time(time_rec); - - major_status = gss_release_cred(&minor_status, - ©_cred); - if (GSS_ERROR(major_status)) - errx(1, "release_cred failed"); -} - -static void -copy_cred(void) -{ - OM_uint32 major_status, minor_status; - gss_cred_id_t cred_handle; - OM_uint32 time_rec; - - major_status = gss_acquire_cred(&minor_status, - GSS_C_NO_NAME, - 0, - NULL, - GSS_C_INITIATE, - &cred_handle, - NULL, - &time_rec); - if (GSS_ERROR(major_status)) - errx(1, "acquire_cred failed"); - - print_time(time_rec); - - test_add(cred_handle); - test_add(cred_handle); - test_add(cred_handle); - - major_status = gss_release_cred(&minor_status, - &cred_handle); - if (GSS_ERROR(major_status)) - errx(1, "release_cred failed"); -} -#endif - -static void -acquire_cred_service(const char *service, - gss_OID nametype, - int flags) -{ - OM_uint32 major_status, minor_status; - gss_cred_id_t cred_handle; - OM_uint32 time_rec; - gss_buffer_desc name_buffer; - gss_name_t name = GSS_C_NO_NAME; - - if (service) { - name_buffer.value = rk_UNCONST(service); - name_buffer.length = strlen(service); - - major_status = gss_import_name(&minor_status, - &name_buffer, - nametype, - &name); - if (GSS_ERROR(major_status)) - errx(1, "import_name failed"); - } - - major_status = gss_acquire_cred(&minor_status, - name, - 0, - NULL, - flags, - &cred_handle, - NULL, - &time_rec); - if (GSS_ERROR(major_status)) { - warnx("acquire_cred failed: %s", - gssapi_err(major_status, minor_status, GSS_C_NO_OID)); - } else { - print_time(time_rec); - gss_release_cred(&minor_status, &cred_handle); - } - - if (name != GSS_C_NO_NAME) - gss_release_name(&minor_status, &name); - - if (GSS_ERROR(major_status)) - exit(1); -} - -static int version_flag = 0; -static int help_flag = 0; -static char *acquire_name; -static char *acquire_type; -static char *name_type; -static char *ccache; - -static struct getargs args[] = { - {"acquire-name", 0, arg_string, &acquire_name, "name", NULL }, - {"acquire-type", 0, arg_string, &acquire_type, "type", NULL }, - {"ccache", 0, arg_string, &ccache, "name", NULL }, - {"name-type", 0, arg_string, &name_type, "type", NULL }, - {"version", 0, arg_flag, &version_flag, "print version", NULL }, - {"help", 0, arg_flag, &help_flag, NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, sizeof(args)/sizeof(*args), NULL, ""); - exit (ret); -} - -int -main(int argc, char **argv) -{ - int optidx = 0; - OM_uint32 flag; - gss_OID type; - - setprogname(argv[0]); - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - if (argc != 0) - usage(1); - - if (acquire_type) { - if (strcasecmp(acquire_type, "both") == 0) - flag = GSS_C_BOTH; - else if (strcasecmp(acquire_type, "accept") == 0) - flag = GSS_C_ACCEPT; - else if (strcasecmp(acquire_type, "initiate") == 0) - flag = GSS_C_INITIATE; - else - errx(1, "unknown type %s", acquire_type); - } else - flag = GSS_C_ACCEPT; - - if (name_type) { - if (strcasecmp("hostbased-service", name_type) == 0) - type = GSS_C_NT_HOSTBASED_SERVICE; - else if (strcasecmp("user-name", name_type) == 0) - type = GSS_C_NT_USER_NAME; - else - errx(1, "unknown name type %s", name_type); - } else - type = GSS_C_NT_HOSTBASED_SERVICE; - - if (ccache) { - OM_uint32 major_status, minor_status; - major_status = gss_krb5_ccache_name(&minor_status, - ccache, NULL); - if (GSS_ERROR(major_status)) - errx(1, "gss_krb5_ccache_name %s", - gssapi_err(major_status, minor_status, GSS_C_NO_OID)); - } - - acquire_cred_service(acquire_name, type, flag); - - return 0; -} diff --git a/crypto/heimdal/lib/gssapi/test_common.c b/crypto/heimdal/lib/gssapi/test_common.c deleted file mode 100644 index 329180f23387..000000000000 --- a/crypto/heimdal/lib/gssapi/test_common.c +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" -#include -#include "test_common.h" - -RCSID("$Id: test_common.c 20075 2007-01-31 06:05:19Z lha $"); - -char * -gssapi_err(OM_uint32 maj_stat, OM_uint32 min_stat, gss_OID mech) -{ - OM_uint32 disp_min_stat, disp_maj_stat; - gss_buffer_desc maj_error_message; - gss_buffer_desc min_error_message; - OM_uint32 msg_ctx = 0; - - char *ret = NULL; - - maj_error_message.length = 0; - maj_error_message.value = NULL; - min_error_message.length = 0; - min_error_message.value = NULL; - - disp_maj_stat = gss_display_status(&disp_min_stat, maj_stat, - GSS_C_GSS_CODE, - mech, &msg_ctx, &maj_error_message); - disp_maj_stat = gss_display_status(&disp_min_stat, min_stat, - GSS_C_MECH_CODE, - mech, &msg_ctx, &min_error_message); - asprintf(&ret, "gss-code: %lu %.*s\nmech-code: %lu %.*s", - (unsigned long)maj_stat, - (int)maj_error_message.length, - (char *)maj_error_message.value, - (unsigned long)min_stat, - (int)min_error_message.length, - (char *)min_error_message.value); - - gss_release_buffer(&disp_min_stat, &maj_error_message); - gss_release_buffer(&disp_min_stat, &min_error_message); - - return ret; -} - diff --git a/crypto/heimdal/lib/gssapi/test_common.h b/crypto/heimdal/lib/gssapi/test_common.h deleted file mode 100644 index 8e78a5d30ec4..000000000000 --- a/crypto/heimdal/lib/gssapi/test_common.h +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -/* $Id: test_common.h 20075 2007-01-31 06:05:19Z lha $ */ - -char * gssapi_err(OM_uint32, OM_uint32, gss_OID); diff --git a/crypto/heimdal/lib/gssapi/test_context.c b/crypto/heimdal/lib/gssapi/test_context.c deleted file mode 100644 index e02535aec22a..000000000000 --- a/crypto/heimdal/lib/gssapi/test_context.c +++ /dev/null @@ -1,542 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "krb5/gsskrb5_locl.h" -#include -#include -#include "test_common.h" - -RCSID("$Id: test_context.c 20075 2007-01-31 06:05:19Z lha $"); - -static char *type_string; -static char *mech_string; -static char *ret_mech_string; -static int dns_canon_flag = -1; -static int mutual_auth_flag = 0; -static int dce_style_flag = 0; -static int wrapunwrap_flag = 0; -static int getverifymic_flag = 0; -static int deleg_flag = 0; -static int version_flag = 0; -static int verbose_flag = 0; -static int help_flag = 0; - -static struct { - const char *name; - gss_OID *oid; -} o2n[] = { - { "krb5", &GSS_KRB5_MECHANISM }, - { "spnego", &GSS_SPNEGO_MECHANISM }, - { "ntlm", &GSS_NTLM_MECHANISM }, - { "sasl-digest-md5", &GSS_SASL_DIGEST_MD5_MECHANISM } -}; - -static gss_OID -string_to_oid(const char *name) -{ - int i; - for (i = 0; i < sizeof(o2n)/sizeof(o2n[0]); i++) - if (strcasecmp(name, o2n[i].name) == 0) - return *o2n[i].oid; - errx(1, "name %s not unknown", name); -} - -static const char * -oid_to_string(const gss_OID oid) -{ - int i; - for (i = 0; i < sizeof(o2n)/sizeof(o2n[0]); i++) - if (gss_oid_equal(oid, *o2n[i].oid)) - return o2n[i].name; - return "unknown oid"; -} - -static void -loop(gss_OID mechoid, - gss_OID nameoid, const char *target, - gss_cred_id_t init_cred, - gss_ctx_id_t *sctx, gss_ctx_id_t *cctx, - gss_OID *actual_mech, - gss_cred_id_t *deleg_cred) -{ - int server_done = 0, client_done = 0; - OM_uint32 maj_stat, min_stat; - gss_name_t gss_target_name; - gss_buffer_desc input_token, output_token; - OM_uint32 flags = 0, ret_cflags, ret_sflags; - gss_OID actual_mech_client; - gss_OID actual_mech_server; - - *actual_mech = GSS_C_NO_OID; - - flags |= GSS_C_INTEG_FLAG; - flags |= GSS_C_CONF_FLAG; - - if (mutual_auth_flag) - flags |= GSS_C_MUTUAL_FLAG; - if (dce_style_flag) - flags |= GSS_C_DCE_STYLE; - if (deleg_flag) - flags |= GSS_C_DELEG_FLAG; - - input_token.value = rk_UNCONST(target); - input_token.length = strlen(target); - - maj_stat = gss_import_name(&min_stat, - &input_token, - nameoid, - &gss_target_name); - if (GSS_ERROR(maj_stat)) - err(1, "import name creds failed with: %d", maj_stat); - - input_token.length = 0; - input_token.value = NULL; - - while (!server_done || !client_done) { - - maj_stat = gss_init_sec_context(&min_stat, - init_cred, - cctx, - gss_target_name, - mechoid, - flags, - 0, - NULL, - &input_token, - &actual_mech_client, - &output_token, - &ret_cflags, - NULL); - if (GSS_ERROR(maj_stat)) - errx(1, "init_sec_context: %s", - gssapi_err(maj_stat, min_stat, mechoid)); - if (maj_stat & GSS_S_CONTINUE_NEEDED) - ; - else - client_done = 1; - - if (client_done && server_done) - break; - - if (input_token.length != 0) - gss_release_buffer(&min_stat, &input_token); - - maj_stat = gss_accept_sec_context(&min_stat, - sctx, - GSS_C_NO_CREDENTIAL, - &output_token, - GSS_C_NO_CHANNEL_BINDINGS, - NULL, - &actual_mech_server, - &input_token, - &ret_sflags, - NULL, - deleg_cred); - if (GSS_ERROR(maj_stat)) - errx(1, "accept_sec_context: %s", - gssapi_err(maj_stat, min_stat, actual_mech_server)); - - if (verbose_flag) - printf("%.*s", (int)input_token.length, (char *)input_token.value); - - if (output_token.length != 0) - gss_release_buffer(&min_stat, &output_token); - - if (maj_stat & GSS_S_CONTINUE_NEEDED) - ; - else - server_done = 1; - } - if (output_token.length != 0) - gss_release_buffer(&min_stat, &output_token); - if (input_token.length != 0) - gss_release_buffer(&min_stat, &input_token); - gss_release_name(&min_stat, &gss_target_name); - - if (gss_oid_equal(actual_mech_server, actual_mech_client) == 0) - errx(1, "mech mismatch"); - *actual_mech = actual_mech_server; -} - -static void -wrapunwrap(gss_ctx_id_t cctx, gss_ctx_id_t sctx, gss_OID mechoid) -{ - gss_buffer_desc input_token, output_token, output_token2; - OM_uint32 min_stat, maj_stat; - int32_t flags = 0; - gss_qop_t qop_state; - int conf_state; - - input_token.value = "foo"; - input_token.length = 3; - - maj_stat = gss_wrap(&min_stat, cctx, flags, 0, &input_token, - &conf_state, &output_token); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_wrap failed: %s", - gssapi_err(maj_stat, min_stat, mechoid)); - - maj_stat = gss_unwrap(&min_stat, sctx, &output_token, - &output_token2, &conf_state, &qop_state); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_unwrap failed: %s", - gssapi_err(maj_stat, min_stat, mechoid)); -} - -static void -getverifymic(gss_ctx_id_t cctx, gss_ctx_id_t sctx, gss_OID mechoid) -{ - gss_buffer_desc input_token, output_token; - OM_uint32 min_stat, maj_stat; - gss_qop_t qop_state; - - input_token.value = "bar"; - input_token.length = 3; - - maj_stat = gss_get_mic(&min_stat, cctx, 0, &input_token, - &output_token); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_get_mic failed: %s", - gssapi_err(maj_stat, min_stat, mechoid)); - - maj_stat = gss_verify_mic(&min_stat, sctx, &input_token, - &output_token, &qop_state); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_verify_mic failed: %s", - gssapi_err(maj_stat, min_stat, mechoid)); -} - - -/* - * - */ - -static struct getargs args[] = { - {"name-type",0, arg_string, &type_string, "type of name", NULL }, - {"mech-type",0, arg_string, &mech_string, "type of mech", NULL }, - {"ret-mech-type",0, arg_string, &ret_mech_string, - "type of return mech", NULL }, - {"dns-canonicalize",0,arg_negative_flag, &dns_canon_flag, - "use dns to canonicalize", NULL }, - {"mutual-auth",0, arg_flag, &mutual_auth_flag,"mutual auth", NULL }, - {"dce-style",0, arg_flag, &dce_style_flag, "dce-style", NULL }, - {"wrapunwrap",0, arg_flag, &wrapunwrap_flag, "wrap/unwrap", NULL }, - {"getverifymic",0, arg_flag, &getverifymic_flag, - "get and verify mic", NULL }, - {"delegate",0, arg_flag, &deleg_flag, "delegate credential", NULL }, - {"version", 0, arg_flag, &version_flag, "print version", NULL }, - {"verbose", 'v', arg_flag, &verbose_flag, "verbose", NULL }, - {"help", 0, arg_flag, &help_flag, NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, sizeof(args)/sizeof(*args), - NULL, "service@host"); - exit (ret); -} - -int -main(int argc, char **argv) -{ - int optind = 0; - OM_uint32 min_stat, maj_stat; - gss_ctx_id_t cctx, sctx; - void *ctx; - gss_OID nameoid, mechoid, actual_mech; - gss_cred_id_t deleg_cred = GSS_C_NO_CREDENTIAL; - - setprogname(argv[0]); - - cctx = sctx = GSS_C_NO_CONTEXT; - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optind; - argv += optind; - - if (argc != 1) - usage(1); - - if (dns_canon_flag != -1) - gsskrb5_set_dns_canonicalize(dns_canon_flag); - - if (type_string == NULL) - nameoid = GSS_C_NT_HOSTBASED_SERVICE; - else if (strcmp(type_string, "hostbased-service") == 0) - nameoid = GSS_C_NT_HOSTBASED_SERVICE; - else if (strcmp(type_string, "krb5-principal-name") == 0) - nameoid = GSS_KRB5_NT_PRINCIPAL_NAME; - else - errx(1, "%s not suppported", type_string); - - if (mech_string == NULL) - mechoid = GSS_KRB5_MECHANISM; - else - mechoid = string_to_oid(mech_string); - - loop(mechoid, nameoid, argv[0], GSS_C_NO_CREDENTIAL, - &sctx, &cctx, &actual_mech, &deleg_cred); - - if (verbose_flag) - printf("resulting mech: %s\n", oid_to_string(actual_mech)); - - if (ret_mech_string) { - gss_OID retoid; - - retoid = string_to_oid(ret_mech_string); - - if (gss_oid_equal(retoid, actual_mech) == 0) - errx(1, "actual_mech mech is not the expected type %s", - ret_mech_string); - } - - /* XXX should be actual_mech */ - if (gss_oid_equal(mechoid, GSS_KRB5_MECHANISM)) { - krb5_context context; - time_t time, skew; - gss_buffer_desc authz_data; - gss_buffer_desc in, out1, out2; - krb5_keyblock *keyblock, *keyblock2; - krb5_timestamp now; - krb5_error_code ret; - - ret = krb5_init_context(&context); - if (ret) - errx(1, "krb5_init_context"); - - ret = krb5_timeofday(context, &now); - if (ret) - errx(1, "krb5_timeofday failed"); - - /* client */ - maj_stat = gss_krb5_export_lucid_sec_context(&min_stat, - &cctx, - 1, /* version */ - &ctx); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_krb5_export_lucid_sec_context failed: %s", - gssapi_err(maj_stat, min_stat, actual_mech)); - - - maj_stat = gss_krb5_free_lucid_sec_context(&maj_stat, ctx); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_krb5_free_lucid_sec_context failed: %s", - gssapi_err(maj_stat, min_stat, actual_mech)); - - /* server */ - maj_stat = gss_krb5_export_lucid_sec_context(&min_stat, - &sctx, - 1, /* version */ - &ctx); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_krb5_export_lucid_sec_context failed: %s", - gssapi_err(maj_stat, min_stat, actual_mech)); - maj_stat = gss_krb5_free_lucid_sec_context(&min_stat, ctx); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_krb5_free_lucid_sec_context failed: %s", - gssapi_err(maj_stat, min_stat, actual_mech)); - - maj_stat = gsskrb5_extract_authtime_from_sec_context(&min_stat, - sctx, - &time); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gsskrb5_extract_authtime_from_sec_context failed: %s", - gssapi_err(maj_stat, min_stat, actual_mech)); - - skew = abs(time - now); - if (skew > krb5_get_max_time_skew(context)) { - errx(1, "gsskrb5_extract_authtime_from_sec_context failed: " - "time skew too great %llu > %llu", - (unsigned long long)skew, - (unsigned long long)krb5_get_max_time_skew(context)); - } - - maj_stat = gsskrb5_extract_service_keyblock(&min_stat, - sctx, - &keyblock); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gsskrb5_export_service_keyblock failed: %s", - gssapi_err(maj_stat, min_stat, actual_mech)); - - krb5_free_keyblock(context, keyblock); - - maj_stat = gsskrb5_get_subkey(&min_stat, - sctx, - &keyblock); - if (maj_stat != GSS_S_COMPLETE - && (!(maj_stat == GSS_S_FAILURE && min_stat == GSS_KRB5_S_KG_NO_SUBKEY))) - errx(1, "gsskrb5_get_subkey server failed: %s", - gssapi_err(maj_stat, min_stat, actual_mech)); - - if (maj_stat != GSS_S_COMPLETE) - keyblock = NULL; - - maj_stat = gsskrb5_get_subkey(&min_stat, - cctx, - &keyblock2); - if (maj_stat != GSS_S_COMPLETE - && (!(maj_stat == GSS_S_FAILURE && min_stat == GSS_KRB5_S_KG_NO_SUBKEY))) - errx(1, "gsskrb5_get_subkey client failed: %s", - gssapi_err(maj_stat, min_stat, actual_mech)); - - if (maj_stat != GSS_S_COMPLETE) - keyblock2 = NULL; - - if (keyblock || keyblock2) { - if (keyblock == NULL) - errx(1, "server missing token keyblock"); - if (keyblock2 == NULL) - errx(1, "client missing token keyblock"); - - if (keyblock->keytype != keyblock2->keytype) - errx(1, "enctype mismatch"); - if (keyblock->keyvalue.length != keyblock2->keyvalue.length) - errx(1, "key length mismatch"); - if (memcmp(keyblock->keyvalue.data, keyblock2->keyvalue.data, - keyblock2->keyvalue.length) != 0) - errx(1, "key data mismatch"); - } - - if (keyblock) - krb5_free_keyblock(context, keyblock); - if (keyblock2) - krb5_free_keyblock(context, keyblock2); - - maj_stat = gsskrb5_get_initiator_subkey(&min_stat, - sctx, - &keyblock); - if (maj_stat != GSS_S_COMPLETE - && (!(maj_stat == GSS_S_FAILURE && min_stat == GSS_KRB5_S_KG_NO_SUBKEY))) - errx(1, "gsskrb5_get_initiator_subkey failed: %s", - gssapi_err(maj_stat, min_stat, actual_mech)); - - if (maj_stat == GSS_S_COMPLETE) - krb5_free_keyblock(context, keyblock); - - maj_stat = gsskrb5_extract_authz_data_from_sec_context(&min_stat, - sctx, - 128, - &authz_data); - if (maj_stat == GSS_S_COMPLETE) - gss_release_buffer(&min_stat, &authz_data); - - krb5_free_context(context); - - - memset(&out1, 0, sizeof(out1)); - memset(&out2, 0, sizeof(out2)); - - in.value = "foo"; - in.length = 3; - - gss_pseudo_random(&min_stat, sctx, GSS_C_PRF_KEY_FULL, &in, - 100, &out1); - gss_pseudo_random(&min_stat, cctx, GSS_C_PRF_KEY_FULL, &in, - 100, &out2); - - if (out1.length != out2.length) - errx(1, "prf len mismatch"); - if (memcmp(out1.value, out2.value, out1.length) != 0) - errx(1, "prf data mismatch"); - - gss_release_buffer(&min_stat, &out1); - - gss_pseudo_random(&min_stat, sctx, GSS_C_PRF_KEY_FULL, &in, - 100, &out1); - - if (out1.length != out2.length) - errx(1, "prf len mismatch"); - if (memcmp(out1.value, out2.value, out1.length) != 0) - errx(1, "prf data mismatch"); - - gss_release_buffer(&min_stat, &out1); - gss_release_buffer(&min_stat, &out2); - - in.value = "bar"; - in.length = 3; - - gss_pseudo_random(&min_stat, sctx, GSS_C_PRF_KEY_PARTIAL, &in, - 100, &out1); - gss_pseudo_random(&min_stat, cctx, GSS_C_PRF_KEY_PARTIAL, &in, - 100, &out2); - - if (out1.length != out2.length) - errx(1, "prf len mismatch"); - if (memcmp(out1.value, out2.value, out1.length) != 0) - errx(1, "prf data mismatch"); - - gss_release_buffer(&min_stat, &out1); - gss_release_buffer(&min_stat, &out2); - - wrapunwrap_flag = 1; - getverifymic_flag = 1; - } - - if (wrapunwrap_flag) { - wrapunwrap(cctx, sctx, actual_mech); - wrapunwrap(cctx, sctx, actual_mech); - wrapunwrap(sctx, cctx, actual_mech); - wrapunwrap(sctx, cctx, actual_mech); - } - if (getverifymic_flag) { - getverifymic(cctx, sctx, actual_mech); - getverifymic(cctx, sctx, actual_mech); - getverifymic(sctx, cctx, actual_mech); - getverifymic(sctx, cctx, actual_mech); - } - - gss_delete_sec_context(&min_stat, &cctx, NULL); - gss_delete_sec_context(&min_stat, &sctx, NULL); - - if (deleg_cred != GSS_C_NO_CREDENTIAL) { - - loop(mechoid, nameoid, argv[0], deleg_cred, &cctx, &sctx, &actual_mech, NULL); - - gss_delete_sec_context(&min_stat, &cctx, NULL); - gss_delete_sec_context(&min_stat, &sctx, NULL); - - } - - return 0; -} diff --git a/crypto/heimdal/lib/gssapi/test_cred.c b/crypto/heimdal/lib/gssapi/test_cred.c deleted file mode 100644 index 5ecc89f360f9..000000000000 --- a/crypto/heimdal/lib/gssapi/test_cred.c +++ /dev/null @@ -1,229 +0,0 @@ -/* - * Copyright (c) 2003-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include -#include -#include -#include - -RCSID("$Id: test_cred.c 17750 2006-06-30 11:55:28Z lha $"); - -static void -gss_print_errors (int min_stat) -{ - OM_uint32 new_stat; - OM_uint32 msg_ctx = 0; - gss_buffer_desc status_string; - OM_uint32 ret; - - do { - ret = gss_display_status (&new_stat, - min_stat, - GSS_C_MECH_CODE, - GSS_C_NO_OID, - &msg_ctx, - &status_string); - if (!GSS_ERROR(ret)) { - fprintf (stderr, "%s\n", (char *)status_string.value); - gss_release_buffer (&new_stat, &status_string); - } - } while (!GSS_ERROR(ret) && msg_ctx != 0); -} - -static void -gss_err(int exitval, int status, const char *fmt, ...) -{ - va_list args; - - va_start(args, fmt); - vwarnx (fmt, args); - gss_print_errors (status); - va_end(args); - exit (exitval); -} - -static void -acquire_release_loop(gss_name_t name, int counter, gss_cred_usage_t usage) -{ - OM_uint32 maj_stat, min_stat; - gss_cred_id_t cred; - int i; - - for (i = 0; i < counter; i++) { - maj_stat = gss_acquire_cred(&min_stat, name, - GSS_C_INDEFINITE, - GSS_C_NO_OID_SET, - usage, - &cred, - NULL, - NULL); - if (maj_stat != GSS_S_COMPLETE) - gss_err(1, min_stat, "aquire %d %d != GSS_S_COMPLETE", - i, (int)maj_stat); - - maj_stat = gss_release_cred(&min_stat, &cred); - if (maj_stat != GSS_S_COMPLETE) - gss_err(1, min_stat, "release %d %d != GSS_S_COMPLETE", - i, (int)maj_stat); - } -} - - -static void -acquire_add_release_add(gss_name_t name, gss_cred_usage_t usage) -{ - OM_uint32 maj_stat, min_stat; - gss_cred_id_t cred, cred2, cred3; - - maj_stat = gss_acquire_cred(&min_stat, name, - GSS_C_INDEFINITE, - GSS_C_NO_OID_SET, - usage, - &cred, - NULL, - NULL); - if (maj_stat != GSS_S_COMPLETE) - gss_err(1, min_stat, "aquire %d != GSS_S_COMPLETE", (int)maj_stat); - - maj_stat = gss_add_cred(&min_stat, - cred, - GSS_C_NO_NAME, - GSS_KRB5_MECHANISM, - usage, - GSS_C_INDEFINITE, - GSS_C_INDEFINITE, - &cred2, - NULL, - NULL, - NULL); - - if (maj_stat != GSS_S_COMPLETE) - gss_err(1, min_stat, "add_cred %d != GSS_S_COMPLETE", (int)maj_stat); - - maj_stat = gss_release_cred(&min_stat, &cred); - if (maj_stat != GSS_S_COMPLETE) - gss_err(1, min_stat, "release %d != GSS_S_COMPLETE", (int)maj_stat); - - maj_stat = gss_add_cred(&min_stat, - cred2, - GSS_C_NO_NAME, - GSS_KRB5_MECHANISM, - GSS_C_BOTH, - GSS_C_INDEFINITE, - GSS_C_INDEFINITE, - &cred3, - NULL, - NULL, - NULL); - - maj_stat = gss_release_cred(&min_stat, &cred2); - if (maj_stat != GSS_S_COMPLETE) - gss_err(1, min_stat, "release 2 %d != GSS_S_COMPLETE", (int)maj_stat); - - maj_stat = gss_release_cred(&min_stat, &cred3); - if (maj_stat != GSS_S_COMPLETE) - gss_err(1, min_stat, "release 2 %d != GSS_S_COMPLETE", (int)maj_stat); -} - -static int version_flag = 0; -static int help_flag = 0; - -static struct getargs args[] = { - {"version", 0, arg_flag, &version_flag, "print version", NULL }, - {"help", 0, arg_flag, &help_flag, NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, sizeof(args)/sizeof(*args), - NULL, "service@host"); - exit (ret); -} - - -int -main(int argc, char **argv) -{ - struct gss_buffer_desc_struct name_buffer; - OM_uint32 maj_stat, min_stat; - gss_name_t name; - int optidx = 0; - - setprogname(argv[0]); - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - if (argc < 1) - errx(1, "argc < 1"); - - name_buffer.value = argv[0]; - name_buffer.length = strlen(argv[0]); - - maj_stat = gss_import_name(&min_stat, &name_buffer, - GSS_C_NT_HOSTBASED_SERVICE, - &name); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "import name error"); - - acquire_release_loop(name, 100, GSS_C_ACCEPT); - acquire_release_loop(name, 100, GSS_C_INITIATE); - acquire_release_loop(name, 100, GSS_C_BOTH); - - acquire_add_release_add(name, GSS_C_ACCEPT); - acquire_add_release_add(name, GSS_C_INITIATE); - acquire_add_release_add(name, GSS_C_BOTH); - - gss_release_name(&min_stat, &name); - - return 0; -} diff --git a/crypto/heimdal/lib/gssapi/test_kcred.c b/crypto/heimdal/lib/gssapi/test_kcred.c deleted file mode 100644 index b774b0431ff9..000000000000 --- a/crypto/heimdal/lib/gssapi/test_kcred.c +++ /dev/null @@ -1,186 +0,0 @@ -/* - * Copyright (c) 2003-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -RCSID("$Id: test_kcred.c 20694 2007-05-30 13:58:46Z lha $"); - -static int version_flag = 0; -static int help_flag = 0; - -static void -copy_import(void) -{ - gss_cred_id_t cred1, cred2; - OM_uint32 maj_stat, min_stat; - gss_name_t name1, name2; - OM_uint32 lifetime1, lifetime2; - gss_cred_usage_t usage1, usage2; - gss_OID_set mechs1, mechs2; - krb5_ccache id; - krb5_error_code ret; - krb5_context context; - int equal; - - maj_stat = gss_acquire_cred(&min_stat, GSS_C_NO_NAME, GSS_C_INDEFINITE, - GSS_C_NO_OID_SET, GSS_C_INITIATE, - &cred1, NULL, NULL); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_acquire_cred"); - - maj_stat = gss_inquire_cred(&min_stat, cred1, &name1, &lifetime1, - &usage1, &mechs1); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_inquire_cred"); - - ret = krb5_init_context(&context); - if (ret) - errx(1, "krb5_init_context"); - - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &id); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_gen_new"); - - maj_stat = gss_krb5_copy_ccache(&min_stat, cred1, id); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_krb5_copy_ccache"); - - maj_stat = gss_krb5_import_cred(&min_stat, id, NULL, NULL, &cred2); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_krb5_import_cred"); - - maj_stat = gss_inquire_cred(&min_stat, cred2, &name2, &lifetime2, - &usage2, &mechs2); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_inquire_cred 2"); - - maj_stat = gss_compare_name(&min_stat, name1, name2, &equal); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_compare_name"); - if (!equal) - errx(1, "names not equal"); - - if (lifetime1 != lifetime2) - errx(1, "lifetime not equal %lu != %lu", - (unsigned long)lifetime1, (unsigned long)lifetime2); - - if (usage1 != usage2) { - /* as long any of them is both are everything it ok */ - if (usage1 != GSS_C_BOTH && usage2 != GSS_C_BOTH) - errx(1, "usages disjoined"); - } - - gss_release_name(&min_stat, &name2); - gss_release_oid_set(&min_stat, &mechs2); - - maj_stat = gss_inquire_cred(&min_stat, cred2, &name2, &lifetime2, - &usage2, &mechs2); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_inquire_cred"); - - maj_stat = gss_compare_name(&min_stat, name1, name2, &equal); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_compare_name"); - if (!equal) - errx(1, "names not equal"); - - if (lifetime1 != lifetime2) - errx(1, "lifetime not equal %lu != %lu", - (unsigned long)lifetime1, (unsigned long)lifetime2); - - gss_release_cred(&min_stat, &cred1); - gss_release_cred(&min_stat, &cred2); - - gss_release_name(&min_stat, &name1); - gss_release_name(&min_stat, &name2); - -#if 0 - compare(mechs1, mechs2); -#endif - - gss_release_oid_set(&min_stat, &mechs1); - gss_release_oid_set(&min_stat, &mechs2); - - krb5_cc_destroy(context, id); - krb5_free_context(context); -} - -static struct getargs args[] = { - {"version", 0, arg_flag, &version_flag, "print version", NULL }, - {"help", 0, arg_flag, &help_flag, NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, sizeof(args)/sizeof(*args), - NULL, ""); - exit (ret); -} - -int -main(int argc, char **argv) -{ - int optidx = 0; - - setprogname(argv[0]); - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - copy_import(); - - return 0; -} diff --git a/crypto/heimdal/lib/gssapi/test_names.c b/crypto/heimdal/lib/gssapi/test_names.c deleted file mode 100644 index abc47690b008..000000000000 --- a/crypto/heimdal/lib/gssapi/test_names.c +++ /dev/null @@ -1,233 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include -#include -#include -#include - -RCSID("$Id: test_names.c 17856 2006-07-20 05:13:25Z lha $"); - -static void -gss_print_errors (int min_stat) -{ - OM_uint32 new_stat; - OM_uint32 msg_ctx = 0; - gss_buffer_desc status_string; - OM_uint32 ret; - - do { - ret = gss_display_status (&new_stat, - min_stat, - GSS_C_MECH_CODE, - GSS_C_NO_OID, - &msg_ctx, - &status_string); - if (!GSS_ERROR(ret)) { - fprintf (stderr, "%s\n", (char *)status_string.value); - gss_release_buffer (&new_stat, &status_string); - } - } while (!GSS_ERROR(ret) && msg_ctx != 0); -} - -static void -gss_err(int exitval, int status, const char *fmt, ...) -{ - va_list args; - - va_start(args, fmt); - vwarnx (fmt, args); - gss_print_errors (status); - va_end(args); - exit (exitval); -} - -static int version_flag = 0; -static int help_flag = 0; - -static struct getargs args[] = { - {"version", 0, arg_flag, &version_flag, "print version", NULL }, - {"help", 0, arg_flag, &help_flag, NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, sizeof(args)/sizeof(*args), - NULL, "service@host"); - exit (ret); -} - - -int -main(int argc, char **argv) -{ - gss_buffer_desc name_buffer; - OM_uint32 maj_stat, min_stat; - gss_name_t name, MNname, MNname2; - int optidx = 0; - char *str; - int len, equal; - - setprogname(argv[0]); - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - /* - * test import/export - */ - - len = asprintf(&str, "ftp@freeze-arrow.mit.edu"); - if (len == -1) - errx(1, "asprintf"); - - name_buffer.value = str; - name_buffer.length = len; - - maj_stat = gss_import_name(&min_stat, &name_buffer, - GSS_C_NT_HOSTBASED_SERVICE, - &name); - if (maj_stat != GSS_S_COMPLETE) - gss_err(1, min_stat, "import name error"); - free(str); - - maj_stat = gss_canonicalize_name (&min_stat, - name, - GSS_KRB5_MECHANISM, - &MNname); - if (maj_stat != GSS_S_COMPLETE) - gss_err(1, min_stat, "canonicalize name error"); - - maj_stat = gss_export_name(&min_stat, - MNname, - &name_buffer); - if (maj_stat != GSS_S_COMPLETE) - gss_err(1, min_stat, "export name error (KRB5)"); - - /* - * Import the exported name and compare - */ - - maj_stat = gss_import_name(&min_stat, &name_buffer, - GSS_C_NT_EXPORT_NAME, - &MNname2); - if (maj_stat != GSS_S_COMPLETE) - gss_err(1, min_stat, "import name error (exported KRB5 name)"); - - - maj_stat = gss_compare_name(&min_stat, MNname, MNname2, &equal); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_compare_name"); - if (!equal) - errx(1, "names not equal"); - - gss_release_name(&min_stat, &MNname2); - gss_release_buffer(&min_stat, &name_buffer); - gss_release_name(&min_stat, &MNname); - gss_release_name(&min_stat, &name); - - /* - * Import oid less name and compare to mech name. - * Dovecot SASL lib does this. - */ - - len = asprintf(&str, "lha"); - if (len == -1) - errx(1, "asprintf"); - - name_buffer.value = str; - name_buffer.length = len; - - maj_stat = gss_import_name(&min_stat, &name_buffer, - GSS_C_NO_OID, - &name); - if (maj_stat != GSS_S_COMPLETE) - gss_err(1, min_stat, "import (no oid) name error"); - - maj_stat = gss_import_name(&min_stat, &name_buffer, - GSS_KRB5_NT_USER_NAME, - &MNname); - if (maj_stat != GSS_S_COMPLETE) - gss_err(1, min_stat, "import (krb5 mn) name error"); - - free(str); - - maj_stat = gss_compare_name(&min_stat, name, MNname, &equal); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "gss_compare_name"); - if (!equal) - errx(1, "names not equal"); - - gss_release_name(&min_stat, &MNname); - gss_release_name(&min_stat, &name); - -#if 0 - maj_stat = gss_canonicalize_name (&min_stat, - name, - GSS_SPNEGO_MECHANISM, - &MNname); - if (maj_stat != GSS_S_COMPLETE) - gss_err(1, min_stat, "canonicalize name error"); - - - maj_stat = gss_export_name(&maj_stat, - MNname, - &name_buffer); - if (maj_stat != GSS_S_COMPLETE) - gss_err(1, min_stat, "export name error (SPNEGO)"); - - gss_release_name(&min_stat, &MNname); - gss_release_buffer(&min_stat, &name_buffer); -#endif - - return 0; -} diff --git a/crypto/heimdal/lib/gssapi/test_ntlm.c b/crypto/heimdal/lib/gssapi/test_ntlm.c deleted file mode 100644 index 9bd0d1ee1cf0..000000000000 --- a/crypto/heimdal/lib/gssapi/test_ntlm.c +++ /dev/null @@ -1,339 +0,0 @@ -/* - * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "config.h" - -#include -#include -#include -#include -#include -#include "test_common.h" - -RCSID("$Id: test_ntlm.c 22423 2008-01-13 09:45:03Z lha $"); - -#include -#include - -static int -test_libntlm_v1(int flags) -{ - const char *user = "foo", - *domain = "mydomain", - *password = "digestpassword"; - OM_uint32 maj_stat, min_stat; - gss_ctx_id_t ctx = GSS_C_NO_CONTEXT; - gss_buffer_desc input, output; - struct ntlm_type1 type1; - struct ntlm_type2 type2; - struct ntlm_type3 type3; - struct ntlm_buf data; - krb5_error_code ret; - gss_name_t src_name = GSS_C_NO_NAME; - - memset(&type1, 0, sizeof(type1)); - memset(&type2, 0, sizeof(type2)); - memset(&type3, 0, sizeof(type3)); - - type1.flags = NTLM_NEG_UNICODE|NTLM_NEG_TARGET|NTLM_NEG_NTLM|flags; - type1.domain = strdup(domain); - type1.hostname = NULL; - type1.os[0] = 0; - type1.os[1] = 0; - - ret = heim_ntlm_encode_type1(&type1, &data); - if (ret) - errx(1, "heim_ntlm_encode_type1"); - - input.value = data.data; - input.length = data.length; - - output.length = 0; - output.value = NULL; - - maj_stat = gss_accept_sec_context(&min_stat, - &ctx, - GSS_C_NO_CREDENTIAL, - &input, - GSS_C_NO_CHANNEL_BINDINGS, - NULL, - NULL, - &output, - NULL, - NULL, - NULL); - free(data.data); - if (GSS_ERROR(maj_stat)) - errx(1, "accept_sec_context v1: %s", - gssapi_err(maj_stat, min_stat, GSS_C_NO_OID)); - - if (output.length == 0) - errx(1, "output.length == 0"); - - data.data = output.value; - data.length = output.length; - - ret = heim_ntlm_decode_type2(&data, &type2); - if (ret) - errx(1, "heim_ntlm_decode_type2"); - - gss_release_buffer(&min_stat, &output); - - type3.flags = type2.flags; - type3.username = rk_UNCONST(user); - type3.targetname = type2.targetname; - type3.ws = rk_UNCONST("workstation"); - - { - struct ntlm_buf key; - - heim_ntlm_nt_key(password, &key); - - heim_ntlm_calculate_ntlm1(key.data, key.length, - type2.challange, - &type3.ntlm); - - if (flags & NTLM_NEG_KEYEX) { - struct ntlm_buf sessionkey; - heim_ntlm_build_ntlm1_master(key.data, key.length, - &sessionkey, - &type3.sessionkey); - free(sessionkey.data); - } - free(key.data); - } - - ret = heim_ntlm_encode_type3(&type3, &data); - if (ret) - errx(1, "heim_ntlm_encode_type3"); - - input.length = data.length; - input.value = data.data; - - maj_stat = gss_accept_sec_context(&min_stat, - &ctx, - GSS_C_NO_CREDENTIAL, - &input, - GSS_C_NO_CHANNEL_BINDINGS, - &src_name, - NULL, - &output, - NULL, - NULL, - NULL); - free(input.value); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "accept_sec_context v1 2 %s", - gssapi_err(maj_stat, min_stat, GSS_C_NO_OID)); - - gss_release_buffer(&min_stat, &output); - gss_delete_sec_context(&min_stat, &ctx, NULL); - - if (src_name == GSS_C_NO_NAME) - errx(1, "no source name!"); - - gss_display_name(&min_stat, src_name, &output, NULL); - - printf("src_name: %.*s\n", (int)output.length, (char*)output.value); - - gss_release_name(&min_stat, &src_name); - gss_release_buffer(&min_stat, &output); - - return 0; -} - -static int -test_libntlm_v2(int flags) -{ - const char *user = "foo", - *domain = "mydomain", - *password = "digestpassword"; - OM_uint32 maj_stat, min_stat; - gss_ctx_id_t ctx = GSS_C_NO_CONTEXT; - gss_buffer_desc input, output; - struct ntlm_type1 type1; - struct ntlm_type2 type2; - struct ntlm_type3 type3; - struct ntlm_buf data; - krb5_error_code ret; - - memset(&type1, 0, sizeof(type1)); - memset(&type2, 0, sizeof(type2)); - memset(&type3, 0, sizeof(type3)); - - type1.flags = NTLM_NEG_UNICODE|NTLM_NEG_NTLM|flags; - type1.domain = strdup(domain); - type1.hostname = NULL; - type1.os[0] = 0; - type1.os[1] = 0; - - ret = heim_ntlm_encode_type1(&type1, &data); - if (ret) - errx(1, "heim_ntlm_encode_type1"); - - input.value = data.data; - input.length = data.length; - - output.length = 0; - output.value = NULL; - - maj_stat = gss_accept_sec_context(&min_stat, - &ctx, - GSS_C_NO_CREDENTIAL, - &input, - GSS_C_NO_CHANNEL_BINDINGS, - NULL, - NULL, - &output, - NULL, - NULL, - NULL); - free(data.data); - if (GSS_ERROR(maj_stat)) - errx(1, "accept_sec_context v2 %s", - gssapi_err(maj_stat, min_stat, GSS_C_NO_OID)); - - if (output.length == 0) - errx(1, "output.length == 0"); - - data.data = output.value; - data.length = output.length; - - ret = heim_ntlm_decode_type2(&data, &type2); - if (ret) - errx(1, "heim_ntlm_decode_type2"); - - type3.flags = type2.flags; - type3.username = rk_UNCONST(user); - type3.targetname = type2.targetname; - type3.ws = rk_UNCONST("workstation"); - - { - struct ntlm_buf key; - unsigned char ntlmv2[16]; - - heim_ntlm_nt_key(password, &key); - - heim_ntlm_calculate_ntlm2(key.data, key.length, - user, - type2.targetname, - type2.challange, - &type2.targetinfo, - ntlmv2, - &type3.ntlm); - free(key.data); - - if (flags & NTLM_NEG_KEYEX) { - struct ntlm_buf sessionkey; - heim_ntlm_build_ntlm1_master(ntlmv2, sizeof(ntlmv2), - &sessionkey, - &type3.sessionkey); - free(sessionkey.data); - } - } - - ret = heim_ntlm_encode_type3(&type3, &data); - if (ret) - errx(1, "heim_ntlm_encode_type3"); - - input.length = data.length; - input.value = data.data; - - maj_stat = gss_accept_sec_context(&min_stat, - &ctx, - GSS_C_NO_CREDENTIAL, - &input, - GSS_C_NO_CHANNEL_BINDINGS, - NULL, - NULL, - &output, - NULL, - NULL, - NULL); - free(input.value); - if (maj_stat != GSS_S_COMPLETE) - errx(1, "accept_sec_context v2 2 %s", - gssapi_err(maj_stat, min_stat, GSS_C_NO_OID)); - - gss_delete_sec_context(&min_stat, &ctx, NULL); - - return 0; -} - - - -static int version_flag = 0; -static int help_flag = 0; - -static struct getargs args[] = { - {"version", 0, arg_flag, &version_flag, "print version", NULL }, - {"help", 0, arg_flag, &help_flag, NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, sizeof(args)/sizeof(*args), - NULL, ""); - exit (ret); -} - -int -main(int argc, char **argv) -{ - int ret = 0, optind = 0; - - setprogname(argv[0]); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optind; - argv += optind; - - ret += test_libntlm_v1(0); - ret += test_libntlm_v1(NTLM_NEG_KEYEX); - - ret += test_libntlm_v2(0); - ret += test_libntlm_v2(NTLM_NEG_KEYEX); - - return 0; -} diff --git a/crypto/heimdal/lib/gssapi/test_oid.c b/crypto/heimdal/lib/gssapi/test_oid.c deleted file mode 100644 index 3beb30cb0a21..000000000000 --- a/crypto/heimdal/lib/gssapi/test_oid.c +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include - -RCSID("$Id: test_oid.c 20488 2007-04-21 06:29:11Z lha $"); - -int -main(int argc, char **argv) -{ - OM_uint32 minor_status, maj_stat; - gss_buffer_desc data; - int ret; - - maj_stat = gss_oid_to_str(&minor_status, GSS_KRB5_MECHANISM, &data); - if (GSS_ERROR(maj_stat)) - errx(1, "gss_oid_to_str failed"); - - ret = strcmp(data.value, "1 2 840 113554 1 2 2"); - gss_release_buffer(&maj_stat, &data); - if (ret) - return 1; - - maj_stat = gss_oid_to_str(&minor_status, GSS_C_NT_EXPORT_NAME, &data); - if (GSS_ERROR(maj_stat)) - errx(1, "gss_oid_to_str failed"); - - ret = strcmp(data.value, "1 3 6 1 5 6 4"); - gss_release_buffer(&maj_stat, &data); - if (ret) - return 1; - - return 0; -} diff --git a/crypto/heimdal/lib/gssapi/test_oid_set_member.c b/crypto/heimdal/lib/gssapi/test_oid_set_member.c deleted file mode 100644 index e747c5acc108..000000000000 --- a/crypto/heimdal/lib/gssapi/test_oid_set_member.c +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 1997, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: test_oid_set_member.c,v 1.5 2003/03/16 17:54:06 lha Exp $"); - -OM_uint32 gss_test_oid_set_member ( - OM_uint32 * minor_status, - const gss_OID member, - const gss_OID_set set, - int * present - ) -{ - size_t i; - - *minor_status = 0; - *present = 0; - for (i = 0; i < set->count; ++i) - if (gss_oid_equal(member, &set->elements[i]) != 0) { - *present = 1; - break; - } - return GSS_S_COMPLETE; -} diff --git a/crypto/heimdal/lib/gssapi/unwrap.c b/crypto/heimdal/lib/gssapi/unwrap.c deleted file mode 100644 index b798438dc614..000000000000 --- a/crypto/heimdal/lib/gssapi/unwrap.c +++ /dev/null @@ -1,422 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: unwrap.c,v 1.22.2.1 2003/09/18 22:05:22 lha Exp $"); - -OM_uint32 -gss_krb5_get_remotekey(const gss_ctx_id_t context_handle, - krb5_keyblock **key) -{ - krb5_keyblock *skey; - - krb5_auth_con_getremotesubkey(gssapi_krb5_context, - context_handle->auth_context, - &skey); - if(skey == NULL) - krb5_auth_con_getlocalsubkey(gssapi_krb5_context, - context_handle->auth_context, - &skey); - if(skey == NULL) - krb5_auth_con_getkey(gssapi_krb5_context, - context_handle->auth_context, - &skey); - if(skey == NULL) - return GSS_KRB5_S_KG_NO_SUBKEY; /* XXX */ - *key = skey; - return 0; -} - -static OM_uint32 -unwrap_des - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t input_message_buffer, - gss_buffer_t output_message_buffer, - int * conf_state, - gss_qop_t * qop_state, - krb5_keyblock *key - ) -{ - u_char *p, *pad; - size_t len; - MD5_CTX md5; - u_char hash[16], seq_data[8]; - des_key_schedule schedule; - des_cblock deskey; - des_cblock zero; - int i; - int32_t seq_number; - size_t padlength; - OM_uint32 ret; - int cstate; - - p = input_message_buffer->value; - ret = gssapi_krb5_verify_header (&p, - input_message_buffer->length, - "\x02\x01"); - if (ret) - return ret; - - if (memcmp (p, "\x00\x00", 2) != 0) - return GSS_S_BAD_SIG; - p += 2; - if (memcmp (p, "\x00\x00", 2) == 0) { - cstate = 1; - } else if (memcmp (p, "\xFF\xFF", 2) == 0) { - cstate = 0; - } else - return GSS_S_BAD_MIC; - p += 2; - if(conf_state != NULL) - *conf_state = cstate; - if (memcmp (p, "\xff\xff", 2) != 0) - return GSS_S_DEFECTIVE_TOKEN; - p += 2; - p += 16; - - len = p - (u_char *)input_message_buffer->value; - - if(cstate) { - /* decrypt data */ - memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - - for (i = 0; i < sizeof(deskey); ++i) - deskey[i] ^= 0xf0; - des_set_key (&deskey, schedule); - memset (&zero, 0, sizeof(zero)); - des_cbc_encrypt ((void *)p, - (void *)p, - input_message_buffer->length - len, - schedule, - &zero, - DES_DECRYPT); - - memset (deskey, 0, sizeof(deskey)); - memset (schedule, 0, sizeof(schedule)); - } - /* check pad */ - - pad = (u_char *)input_message_buffer->value + input_message_buffer->length - 1; - padlength = *pad; - - for (i = padlength; i > 0 && *pad == padlength; i--, pad--) - ; - if (i != 0) - return GSS_S_BAD_MIC; - - MD5_Init (&md5); - MD5_Update (&md5, p - 24, 8); - MD5_Update (&md5, p, input_message_buffer->length - len); - MD5_Final (hash, &md5); - - memset (&zero, 0, sizeof(zero)); - memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - des_set_key (&deskey, schedule); - des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), - schedule, &zero); - if (memcmp (p - 8, hash, 8) != 0) - return GSS_S_BAD_MIC; - - /* verify sequence number */ - - krb5_auth_getremoteseqnumber (gssapi_krb5_context, - context_handle->auth_context, - &seq_number); - seq_data[0] = (seq_number >> 0) & 0xFF; - seq_data[1] = (seq_number >> 8) & 0xFF; - seq_data[2] = (seq_number >> 16) & 0xFF; - seq_data[3] = (seq_number >> 24) & 0xFF; - memset (seq_data + 4, - (context_handle->more_flags & LOCAL) ? 0xFF : 0, - 4); - - p -= 16; - des_set_key (&deskey, schedule); - des_cbc_encrypt ((void *)p, (void *)p, 8, - schedule, (des_cblock *)hash, DES_DECRYPT); - - memset (deskey, 0, sizeof(deskey)); - memset (schedule, 0, sizeof(schedule)); - - if (memcmp (p, seq_data, 8) != 0) { - return GSS_S_BAD_MIC; - } - - krb5_auth_con_setremoteseqnumber (gssapi_krb5_context, - context_handle->auth_context, - ++seq_number); - - /* copy out data */ - - output_message_buffer->length = input_message_buffer->length - - len - padlength - 8; - output_message_buffer->value = malloc(output_message_buffer->length); - if(output_message_buffer->length != 0 && output_message_buffer->value == NULL) - return GSS_S_FAILURE; - memcpy (output_message_buffer->value, - p + 24, - output_message_buffer->length); - return GSS_S_COMPLETE; -} - -static OM_uint32 -unwrap_des3 - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t input_message_buffer, - gss_buffer_t output_message_buffer, - int * conf_state, - gss_qop_t * qop_state, - krb5_keyblock *key - ) -{ - u_char *p, *pad; - size_t len; - u_char seq[8]; - krb5_data seq_data; - u_char cksum[20]; - int i; - int32_t seq_number; - size_t padlength; - OM_uint32 ret; - int cstate; - krb5_crypto crypto; - Checksum csum; - int cmp; - - p = input_message_buffer->value; - ret = gssapi_krb5_verify_header (&p, - input_message_buffer->length, - "\x02\x01"); - if (ret) - return ret; - - if (memcmp (p, "\x04\x00", 2) != 0) /* HMAC SHA1 DES3_KD */ - return GSS_S_BAD_SIG; - p += 2; - if (memcmp (p, "\x02\x00", 2) == 0) { - cstate = 1; - } else if (memcmp (p, "\xff\xff", 2) == 0) { - cstate = 0; - } else - return GSS_S_BAD_MIC; - p += 2; - if(conf_state != NULL) - *conf_state = cstate; - if (memcmp (p, "\xff\xff", 2) != 0) - return GSS_S_DEFECTIVE_TOKEN; - p += 2; - p += 28; - - len = p - (u_char *)input_message_buffer->value; - - if(cstate) { - /* decrypt data */ - krb5_data tmp; - - ret = krb5_crypto_init(gssapi_krb5_context, key, - ETYPE_DES3_CBC_NONE, &crypto); - if (ret) { - gssapi_krb5_set_error_string (); - *minor_status = ret; - return GSS_S_FAILURE; - } - ret = krb5_decrypt(gssapi_krb5_context, crypto, KRB5_KU_USAGE_SEAL, - p, input_message_buffer->length - len, &tmp); - krb5_crypto_destroy(gssapi_krb5_context, crypto); - if (ret) { - gssapi_krb5_set_error_string (); - *minor_status = ret; - return GSS_S_FAILURE; - } - assert (tmp.length == input_message_buffer->length - len); - - memcpy (p, tmp.data, tmp.length); - krb5_data_free(&tmp); - } - /* check pad */ - - pad = (u_char *)input_message_buffer->value + input_message_buffer->length - 1; - padlength = *pad; - - for (i = padlength; i > 0 && *pad == padlength; i--, pad--) - ; - if (i != 0) - return GSS_S_BAD_MIC; - - /* verify sequence number */ - - krb5_auth_getremoteseqnumber (gssapi_krb5_context, - context_handle->auth_context, - &seq_number); - seq[0] = (seq_number >> 0) & 0xFF; - seq[1] = (seq_number >> 8) & 0xFF; - seq[2] = (seq_number >> 16) & 0xFF; - seq[3] = (seq_number >> 24) & 0xFF; - memset (seq + 4, - (context_handle->more_flags & LOCAL) ? 0xFF : 0, - 4); - - p -= 28; - - ret = krb5_crypto_init(gssapi_krb5_context, key, - ETYPE_DES3_CBC_NONE, &crypto); - if (ret) { - gssapi_krb5_set_error_string (); - *minor_status = ret; - return GSS_S_FAILURE; - } - { - des_cblock ivec; - - memcpy(&ivec, p + 8, 8); - ret = krb5_decrypt_ivec (gssapi_krb5_context, - crypto, - KRB5_KU_USAGE_SEQ, - p, 8, &seq_data, - &ivec); - } - krb5_crypto_destroy (gssapi_krb5_context, crypto); - if (ret) { - gssapi_krb5_set_error_string (); - *minor_status = ret; - return GSS_S_FAILURE; - } - if (seq_data.length != 8) { - krb5_data_free (&seq_data); - return GSS_S_BAD_MIC; - } - - cmp = memcmp (seq, seq_data.data, seq_data.length); - krb5_data_free (&seq_data); - if (cmp != 0) { - return GSS_S_BAD_MIC; - } - - krb5_auth_con_setremoteseqnumber (gssapi_krb5_context, - context_handle->auth_context, - ++seq_number); - - /* verify checksum */ - - memcpy (cksum, p + 8, 20); - - memcpy (p + 20, p - 8, 8); - - csum.cksumtype = CKSUMTYPE_HMAC_SHA1_DES3; - csum.checksum.length = 20; - csum.checksum.data = cksum; - - ret = krb5_crypto_init(gssapi_krb5_context, key, 0, &crypto); - if (ret) { - gssapi_krb5_set_error_string (); - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = krb5_verify_checksum (gssapi_krb5_context, crypto, - KRB5_KU_USAGE_SIGN, - p + 20, - input_message_buffer->length - len + 8, - &csum); - krb5_crypto_destroy (gssapi_krb5_context, crypto); - if (ret) { - gssapi_krb5_set_error_string (); - *minor_status = ret; - return GSS_S_FAILURE; - } - - /* copy out data */ - - output_message_buffer->length = input_message_buffer->length - - len - padlength - 8; - output_message_buffer->value = malloc(output_message_buffer->length); - if(output_message_buffer->length != 0 && output_message_buffer->value == NULL) - return GSS_S_FAILURE; - memcpy (output_message_buffer->value, - p + 36, - output_message_buffer->length); - return GSS_S_COMPLETE; -} - -OM_uint32 gss_unwrap - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t input_message_buffer, - gss_buffer_t output_message_buffer, - int * conf_state, - gss_qop_t * qop_state - ) -{ - krb5_keyblock *key; - OM_uint32 ret; - krb5_keytype keytype; - - if (qop_state != NULL) - *qop_state = GSS_C_QOP_DEFAULT; - ret = gss_krb5_get_remotekey(context_handle, &key); - if (ret) { - gssapi_krb5_set_error_string (); - *minor_status = ret; - return GSS_S_FAILURE; - } - krb5_enctype_to_keytype (gssapi_krb5_context, key->keytype, &keytype); - - *minor_status = 0; - - switch (keytype) { - case KEYTYPE_DES : - ret = unwrap_des (minor_status, context_handle, - input_message_buffer, output_message_buffer, - conf_state, qop_state, key); - break; - case KEYTYPE_DES3 : - ret = unwrap_des3 (minor_status, context_handle, - input_message_buffer, output_message_buffer, - conf_state, qop_state, key); - break; - case KEYTYPE_ARCFOUR: - ret = _gssapi_unwrap_arcfour (minor_status, context_handle, - input_message_buffer, output_message_buffer, - conf_state, qop_state, key); - break; - default : - *minor_status = KRB5_PROG_ETYPE_NOSUPP; - ret = GSS_S_FAILURE; - break; - } - krb5_free_keyblock (gssapi_krb5_context, key); - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/v1.c b/crypto/heimdal/lib/gssapi/v1.c deleted file mode 100644 index 34091ea71572..000000000000 --- a/crypto/heimdal/lib/gssapi/v1.c +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: v1.c,v 1.2 1999/12/02 17:05:04 joda Exp $"); - -/* These functions are for V1 compatibility */ - -OM_uint32 gss_sign - (OM_uint32 * minor_status, - gss_ctx_id_t context_handle, - int qop_req, - gss_buffer_t message_buffer, - gss_buffer_t message_token - ) -{ - return gss_get_mic(minor_status, - context_handle, - (gss_qop_t)qop_req, - message_buffer, - message_token); -} - -OM_uint32 gss_verify - (OM_uint32 * minor_status, - gss_ctx_id_t context_handle, - gss_buffer_t message_buffer, - gss_buffer_t token_buffer, - int * qop_state - ) -{ - return gss_verify_mic(minor_status, - context_handle, - message_buffer, - token_buffer, - (gss_qop_t *)qop_state); -} - -OM_uint32 gss_seal - (OM_uint32 * minor_status, - gss_ctx_id_t context_handle, - int conf_req_flag, - int qop_req, - gss_buffer_t input_message_buffer, - int * conf_state, - gss_buffer_t output_message_buffer - ) -{ - return gss_wrap(minor_status, - context_handle, - conf_req_flag, - (gss_qop_t)qop_req, - input_message_buffer, - conf_state, - output_message_buffer); -} - -OM_uint32 gss_unseal - (OM_uint32 * minor_status, - gss_ctx_id_t context_handle, - gss_buffer_t input_message_buffer, - gss_buffer_t output_message_buffer, - int * conf_state, - int * qop_state - ) -{ - return gss_unwrap(minor_status, - context_handle, - input_message_buffer, - output_message_buffer, - conf_state, - (gss_qop_t *)qop_state); -} diff --git a/crypto/heimdal/lib/gssapi/verify_mic.c b/crypto/heimdal/lib/gssapi/verify_mic.c deleted file mode 100644 index aef2d07da6bf..000000000000 --- a/crypto/heimdal/lib/gssapi/verify_mic.c +++ /dev/null @@ -1,322 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: verify_mic.c,v 1.18.2.4 2003/09/18 22:05:34 lha Exp $"); - -static OM_uint32 -verify_mic_des - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t message_buffer, - const gss_buffer_t token_buffer, - gss_qop_t * qop_state, - krb5_keyblock *key, - char *type - ) -{ - u_char *p; - MD5_CTX md5; - u_char hash[16], seq_data[8]; - des_key_schedule schedule; - des_cblock zero; - des_cblock deskey; - int32_t seq_number; - OM_uint32 ret; - - p = token_buffer->value; - ret = gssapi_krb5_verify_header (&p, - token_buffer->length, - type); - if (ret) - return ret; - - if (memcmp(p, "\x00\x00", 2) != 0) - return GSS_S_BAD_SIG; - p += 2; - if (memcmp (p, "\xff\xff\xff\xff", 4) != 0) - return GSS_S_BAD_MIC; - p += 4; - p += 16; - - /* verify checksum */ - MD5_Init (&md5); - MD5_Update (&md5, p - 24, 8); - MD5_Update (&md5, message_buffer->value, - message_buffer->length); - MD5_Final (hash, &md5); - - memset (&zero, 0, sizeof(zero)); - memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - - des_set_key (&deskey, schedule); - des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), - schedule, &zero); - if (memcmp (p - 8, hash, 8) != 0) { - memset (deskey, 0, sizeof(deskey)); - memset (schedule, 0, sizeof(schedule)); - return GSS_S_BAD_MIC; - } - - /* verify sequence number */ - - krb5_auth_getremoteseqnumber (gssapi_krb5_context, - context_handle->auth_context, - &seq_number); - seq_data[0] = (seq_number >> 0) & 0xFF; - seq_data[1] = (seq_number >> 8) & 0xFF; - seq_data[2] = (seq_number >> 16) & 0xFF; - seq_data[3] = (seq_number >> 24) & 0xFF; - memset (seq_data + 4, - (context_handle->more_flags & LOCAL) ? 0xFF : 0, - 4); - - p -= 16; - des_set_key (&deskey, schedule); - des_cbc_encrypt ((void *)p, (void *)p, 8, - schedule, (des_cblock *)hash, DES_DECRYPT); - - memset (deskey, 0, sizeof(deskey)); - memset (schedule, 0, sizeof(schedule)); - - if (memcmp (p, seq_data, 8) != 0) { - return GSS_S_BAD_MIC; - } - - krb5_auth_con_setremoteseqnumber (gssapi_krb5_context, - context_handle->auth_context, - ++seq_number); - - return GSS_S_COMPLETE; -} - -static OM_uint32 -verify_mic_des3 - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t message_buffer, - const gss_buffer_t token_buffer, - gss_qop_t * qop_state, - krb5_keyblock *key, - char *type - ) -{ - u_char *p; - u_char seq[8]; - int32_t seq_number; - OM_uint32 ret; - krb5_crypto crypto; - krb5_data seq_data; - int cmp, docompat; - Checksum csum; - char *tmp; - char ivec[8]; - - p = token_buffer->value; - ret = gssapi_krb5_verify_header (&p, - token_buffer->length, - type); - if (ret) - return ret; - - if (memcmp(p, "\x04\x00", 2) != 0) /* SGN_ALG = HMAC SHA1 DES3-KD */ - return GSS_S_BAD_SIG; - p += 2; - if (memcmp (p, "\xff\xff\xff\xff", 4) != 0) - return GSS_S_BAD_MIC; - p += 4; - - ret = krb5_crypto_init(gssapi_krb5_context, key, - ETYPE_DES3_CBC_NONE, &crypto); - if (ret){ - gssapi_krb5_set_error_string (); - *minor_status = ret; - return GSS_S_FAILURE; - } - - /* verify sequence number */ - docompat = 0; -retry: - if (docompat) - memset(ivec, 0, 8); - else - memcpy(ivec, p + 8, 8); - - ret = krb5_decrypt_ivec (gssapi_krb5_context, - crypto, - KRB5_KU_USAGE_SEQ, - p, 8, &seq_data, ivec); - if (ret) { - if (docompat++) { - gssapi_krb5_set_error_string (); - krb5_crypto_destroy (gssapi_krb5_context, crypto); - *minor_status = ret; - return GSS_S_FAILURE; - } else - goto retry; - } - - if (seq_data.length != 8) { - krb5_data_free (&seq_data); - if (docompat++) { - krb5_crypto_destroy (gssapi_krb5_context, crypto); - return GSS_S_BAD_MIC; - } else - goto retry; - } - - krb5_auth_getremoteseqnumber (gssapi_krb5_context, - context_handle->auth_context, - &seq_number); - seq[0] = (seq_number >> 0) & 0xFF; - seq[1] = (seq_number >> 8) & 0xFF; - seq[2] = (seq_number >> 16) & 0xFF; - seq[3] = (seq_number >> 24) & 0xFF; - memset (seq + 4, - (context_handle->more_flags & LOCAL) ? 0xFF : 0, - 4); - cmp = memcmp (seq, seq_data.data, seq_data.length); - krb5_data_free (&seq_data); - if (cmp != 0) { - if (docompat++) { - krb5_crypto_destroy (gssapi_krb5_context, crypto); - return GSS_S_BAD_MIC; - } else - goto retry; - } - - /* verify checksum */ - - tmp = malloc (message_buffer->length + 8); - if (tmp == NULL) { - krb5_crypto_destroy (gssapi_krb5_context, crypto); - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - memcpy (tmp, p - 8, 8); - memcpy (tmp + 8, message_buffer->value, message_buffer->length); - - csum.cksumtype = CKSUMTYPE_HMAC_SHA1_DES3; - csum.checksum.length = 20; - csum.checksum.data = p + 8; - - ret = krb5_verify_checksum (gssapi_krb5_context, crypto, - KRB5_KU_USAGE_SIGN, - tmp, message_buffer->length + 8, - &csum); - free (tmp); - if (ret) { - gssapi_krb5_set_error_string (); - krb5_crypto_destroy (gssapi_krb5_context, crypto); - *minor_status = ret; - return GSS_S_BAD_MIC; - } - - krb5_auth_con_setremoteseqnumber (gssapi_krb5_context, - context_handle->auth_context, - ++seq_number); - - krb5_crypto_destroy (gssapi_krb5_context, crypto); - return GSS_S_COMPLETE; -} - -OM_uint32 -gss_verify_mic_internal - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t message_buffer, - const gss_buffer_t token_buffer, - gss_qop_t * qop_state, - char * type - ) -{ - krb5_keyblock *key; - OM_uint32 ret; - krb5_keytype keytype; - - ret = gss_krb5_get_remotekey(context_handle, &key); - if (ret) { - gssapi_krb5_set_error_string (); - *minor_status = ret; - return GSS_S_FAILURE; - } - *minor_status = 0; - krb5_enctype_to_keytype (gssapi_krb5_context, key->keytype, &keytype); - switch (keytype) { - case KEYTYPE_DES : - ret = verify_mic_des (minor_status, context_handle, - message_buffer, token_buffer, qop_state, key, - type); - break; - case KEYTYPE_DES3 : - ret = verify_mic_des3 (minor_status, context_handle, - message_buffer, token_buffer, qop_state, key, - type); - break; - case KEYTYPE_ARCFOUR : - ret = _gssapi_verify_mic_arcfour (minor_status, context_handle, - message_buffer, token_buffer, - qop_state, key, type); - break; - default : - *minor_status = KRB5_PROG_ETYPE_NOSUPP; - ret = GSS_S_FAILURE; - break; - } - krb5_free_keyblock (gssapi_krb5_context, key); - - return ret; -} - -OM_uint32 -gss_verify_mic - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - const gss_buffer_t message_buffer, - const gss_buffer_t token_buffer, - gss_qop_t * qop_state - ) -{ - OM_uint32 ret; - - if (qop_state != NULL) - *qop_state = GSS_C_QOP_DEFAULT; - - ret = gss_verify_mic_internal(minor_status, context_handle, - message_buffer, token_buffer, - qop_state, "\x01\x01"); - - return ret; -} diff --git a/crypto/heimdal/lib/gssapi/version-script.map b/crypto/heimdal/lib/gssapi/version-script.map deleted file mode 100644 index 43ea73fdb094..000000000000 --- a/crypto/heimdal/lib/gssapi/version-script.map +++ /dev/null @@ -1,97 +0,0 @@ -# $Id: version-script.map 20493 2007-04-21 07:56:20Z lha $ - -HEIMDAL_GSS_1.0 { - global: - GSS_KRB5_MECHANISM; - GSS_NTLM_MECHANISM; - GSS_SPNEGO_MECHANISM; - GSS_SASL_DIGEST_MD5_MECHANISM; - GSS_C_NT_ANONYMOUS; - GSS_C_NT_EXPORT_NAME; - GSS_C_NT_HOSTBASED_SERVICE; - GSS_C_NT_HOSTBASED_SERVICE_X; - GSS_C_NT_MACHINE_UID_NAME; - GSS_C_NT_STRING_UID_NAME; - GSS_C_NT_USER_NAME; - GSS_KRB5_NT_PRINCIPAL_NAME; - GSS_KRB5_NT_USER_NAME; - GSS_KRB5_NT_MACHINE_UID_NAME; - GSS_KRB5_NT_STRING_UID_NAME; - gss_acquire_cred; - gss_release_cred; - gss_init_sec_context; - gss_accept_sec_context; - gss_process_context_token; - gss_delete_sec_context; - gss_context_time; - gss_get_mic; - gss_verify_mic; - gss_wrap; - gss_unwrap; - gss_display_status; - gss_indicate_mechs; - gss_compare_name; - gss_display_name; - gss_import_name; - gss_export_name; - gss_release_name; - gss_release_buffer; - gss_release_oid_set; - gss_inquire_cred; - gss_inquire_context; - gss_wrap_size_limit; - gss_add_cred; - gss_inquire_cred_by_mech; - gss_export_sec_context; - gss_import_sec_context; - gss_create_empty_oid_set; - gss_add_oid_set_member; - gss_test_oid_set_member; - gss_inquire_names_for_mech; - gss_inquire_mechs_for_name; - gss_canonicalize_name; - gss_duplicate_name; - gss_duplicate_oid; - gss_release_oid; - gss_oid_to_str; - gss_inquire_sec_context_by_oid; - gss_set_sec_context_option; - gss_set_cred_option; - gss_oid_equal; - gss_create_empty_buffer_set; - gss_add_buffer_set_member; - gss_release_buffer_set; - gss_inquire_cred_by_oid; - gss_pseudo_random; - gss_sign; - gss_verify; - gss_seal; - gss_unseal; - gss_inquire_sec_context_by_oid; - gss_encapsulate_token; - gss_decapsulate_token; - gss_krb5_ccache_name; - gsskrb5_register_acceptor_identity; - gss_krb5_copy_ccache; - gss_krb5_import_cred; - gss_krb5_get_tkt_flags; - gsskrb5_extract_authz_data_from_sec_context; - gsskrb5_set_dns_canonicalize; - gsskrb5_set_send_to_kdc; - gsskrb5_set_default_realm; - gsskrb5_extract_authtime_from_sec_context; - gsskrb5_extract_service_keyblock; - gsskrb5_get_initiator_subkey; - gsskrb5_get_subkey; - gss_krb5_export_lucid_sec_context; - gss_krb5_free_lucid_sec_context; - gss_krb5_set_allowable_enctypes; - - # _gsskrb5cfx_ are really internal symbols, but export - # then now to make testing easier. - _gsskrb5cfx_max_wrap_length_cfx; - _gsskrb5cfx_wrap_length_cfx; - - local: - *; -}; diff --git a/crypto/heimdal/lib/gssapi/wrap.c b/crypto/heimdal/lib/gssapi/wrap.c deleted file mode 100644 index a0f9d2ff52ea..000000000000 --- a/crypto/heimdal/lib/gssapi/wrap.c +++ /dev/null @@ -1,454 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "gssapi_locl.h" - -RCSID("$Id: wrap.c,v 1.21.2.1 2003/09/18 22:05:45 lha Exp $"); - -OM_uint32 -gss_krb5_get_localkey(const gss_ctx_id_t context_handle, - krb5_keyblock **key) -{ - krb5_keyblock *skey; - - krb5_auth_con_getlocalsubkey(gssapi_krb5_context, - context_handle->auth_context, - &skey); - if(skey == NULL) - krb5_auth_con_getremotesubkey(gssapi_krb5_context, - context_handle->auth_context, - &skey); - if(skey == NULL) - krb5_auth_con_getkey(gssapi_krb5_context, - context_handle->auth_context, - &skey); - if(skey == NULL) - return GSS_S_FAILURE; - *key = skey; - return 0; -} - -static OM_uint32 -sub_wrap_size ( - OM_uint32 req_output_size, - OM_uint32 * max_input_size, - int blocksize, - int extrasize - ) -{ - size_t len, total_len, padlength; - padlength = blocksize - (req_output_size % blocksize); - len = req_output_size + 8 + padlength + extrasize; - gssapi_krb5_encap_length(len, &len, &total_len); - *max_input_size = (OM_uint32)total_len; - return GSS_S_COMPLETE; -} - -OM_uint32 -gss_wrap_size_limit ( - OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - int conf_req_flag, - gss_qop_t qop_req, - OM_uint32 req_output_size, - OM_uint32 * max_input_size - ) -{ - krb5_keyblock *key; - OM_uint32 ret; - krb5_keytype keytype; - - ret = gss_krb5_get_localkey(context_handle, &key); - if (ret) { - gssapi_krb5_set_error_string (); - *minor_status = ret; - return GSS_S_FAILURE; - } - krb5_enctype_to_keytype (gssapi_krb5_context, key->keytype, &keytype); - - switch (keytype) { - case KEYTYPE_DES : - case KEYTYPE_ARCFOUR: - ret = sub_wrap_size(req_output_size, max_input_size, 8, 22); - break; - case KEYTYPE_DES3 : - ret = sub_wrap_size(req_output_size, max_input_size, 8, 34); - break; - default : - *minor_status = KRB5_PROG_ETYPE_NOSUPP; - ret = GSS_S_FAILURE; - break; - } - krb5_free_keyblock (gssapi_krb5_context, key); - *minor_status = 0; - return ret; -} - -static OM_uint32 -wrap_des - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - int conf_req_flag, - gss_qop_t qop_req, - const gss_buffer_t input_message_buffer, - int * conf_state, - gss_buffer_t output_message_buffer, - krb5_keyblock *key - ) -{ - u_char *p; - MD5_CTX md5; - u_char hash[16]; - des_key_schedule schedule; - des_cblock deskey; - des_cblock zero; - int i; - int32_t seq_number; - size_t len, total_len, padlength, datalen; - - padlength = 8 - (input_message_buffer->length % 8); - datalen = input_message_buffer->length + padlength + 8; - len = datalen + 22; - gssapi_krb5_encap_length (len, &len, &total_len); - - output_message_buffer->length = total_len; - output_message_buffer->value = malloc (total_len); - if (output_message_buffer->value == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - p = gssapi_krb5_make_header(output_message_buffer->value, - len, - "\x02\x01"); /* TOK_ID */ - - /* SGN_ALG */ - memcpy (p, "\x00\x00", 2); - p += 2; - /* SEAL_ALG */ - if(conf_req_flag) - memcpy (p, "\x00\x00", 2); - else - memcpy (p, "\xff\xff", 2); - p += 2; - /* Filler */ - memcpy (p, "\xff\xff", 2); - p += 2; - - /* fill in later */ - memset (p, 0, 16); - p += 16; - - /* confounder + data + pad */ - krb5_generate_random_block(p, 8); - memcpy (p + 8, input_message_buffer->value, - input_message_buffer->length); - memset (p + 8 + input_message_buffer->length, padlength, padlength); - - /* checksum */ - MD5_Init (&md5); - MD5_Update (&md5, p - 24, 8); - MD5_Update (&md5, p, datalen); - MD5_Final (hash, &md5); - - memset (&zero, 0, sizeof(zero)); - memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - des_set_key (&deskey, schedule); - des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), - schedule, &zero); - memcpy (p - 8, hash, 8); - - /* sequence number */ - krb5_auth_con_getlocalseqnumber (gssapi_krb5_context, - context_handle->auth_context, - &seq_number); - - p -= 16; - p[0] = (seq_number >> 0) & 0xFF; - p[1] = (seq_number >> 8) & 0xFF; - p[2] = (seq_number >> 16) & 0xFF; - p[3] = (seq_number >> 24) & 0xFF; - memset (p + 4, - (context_handle->more_flags & LOCAL) ? 0 : 0xFF, - 4); - - des_set_key (&deskey, schedule); - des_cbc_encrypt ((void *)p, (void *)p, 8, - schedule, (des_cblock *)(p + 8), DES_ENCRYPT); - - krb5_auth_con_setlocalseqnumber (gssapi_krb5_context, - context_handle->auth_context, - ++seq_number); - - /* encrypt the data */ - p += 16; - - if(conf_req_flag) { - memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); - - for (i = 0; i < sizeof(deskey); ++i) - deskey[i] ^= 0xf0; - des_set_key (&deskey, schedule); - memset (&zero, 0, sizeof(zero)); - des_cbc_encrypt ((void *)p, - (void *)p, - datalen, - schedule, - &zero, - DES_ENCRYPT); - - memset (deskey, 0, sizeof(deskey)); - memset (schedule, 0, sizeof(schedule)); - } - if(conf_state != NULL) - *conf_state = conf_req_flag; - *minor_status = 0; - return GSS_S_COMPLETE; -} - -static OM_uint32 -wrap_des3 - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - int conf_req_flag, - gss_qop_t qop_req, - const gss_buffer_t input_message_buffer, - int * conf_state, - gss_buffer_t output_message_buffer, - krb5_keyblock *key - ) -{ - u_char *p; - u_char seq[8]; - int32_t seq_number; - size_t len, total_len, padlength, datalen; - u_int32_t ret; - krb5_crypto crypto; - Checksum cksum; - krb5_data encdata; - - padlength = 8 - (input_message_buffer->length % 8); - datalen = input_message_buffer->length + padlength + 8; - len = datalen + 34; - gssapi_krb5_encap_length (len, &len, &total_len); - - output_message_buffer->length = total_len; - output_message_buffer->value = malloc (total_len); - if (output_message_buffer->value == NULL) { - *minor_status = ENOMEM; - return GSS_S_FAILURE; - } - - p = gssapi_krb5_make_header(output_message_buffer->value, - len, - "\x02\x01"); /* TOK_ID */ - - /* SGN_ALG */ - memcpy (p, "\x04\x00", 2); /* HMAC SHA1 DES3-KD */ - p += 2; - /* SEAL_ALG */ - if(conf_req_flag) - memcpy (p, "\x02\x00", 2); /* DES3-KD */ - else - memcpy (p, "\xff\xff", 2); - p += 2; - /* Filler */ - memcpy (p, "\xff\xff", 2); - p += 2; - - /* calculate checksum (the above + confounder + data + pad) */ - - memcpy (p + 20, p - 8, 8); - krb5_generate_random_block(p + 28, 8); - memcpy (p + 28 + 8, input_message_buffer->value, - input_message_buffer->length); - memset (p + 28 + 8 + input_message_buffer->length, padlength, padlength); - - ret = krb5_crypto_init(gssapi_krb5_context, key, 0, &crypto); - if (ret) { - gssapi_krb5_set_error_string (); - free (output_message_buffer->value); - *minor_status = ret; - return GSS_S_FAILURE; - } - - ret = krb5_create_checksum (gssapi_krb5_context, - crypto, - KRB5_KU_USAGE_SIGN, - 0, - p + 20, - datalen + 8, - &cksum); - krb5_crypto_destroy (gssapi_krb5_context, crypto); - if (ret) { - gssapi_krb5_set_error_string (); - free (output_message_buffer->value); - *minor_status = ret; - return GSS_S_FAILURE; - } - - /* zero out SND_SEQ + SGN_CKSUM in case */ - memset (p, 0, 28); - - memcpy (p + 8, cksum.checksum.data, cksum.checksum.length); - free_Checksum (&cksum); - - /* sequence number */ - krb5_auth_con_getlocalseqnumber (gssapi_krb5_context, - context_handle->auth_context, - &seq_number); - - seq[0] = (seq_number >> 0) & 0xFF; - seq[1] = (seq_number >> 8) & 0xFF; - seq[2] = (seq_number >> 16) & 0xFF; - seq[3] = (seq_number >> 24) & 0xFF; - memset (seq + 4, - (context_handle->more_flags & LOCAL) ? 0 : 0xFF, - 4); - - - ret = krb5_crypto_init(gssapi_krb5_context, key, ETYPE_DES3_CBC_NONE, - &crypto); - if (ret) { - free (output_message_buffer->value); - *minor_status = ret; - return GSS_S_FAILURE; - } - - { - des_cblock ivec; - - memcpy (&ivec, p + 8, 8); - ret = krb5_encrypt_ivec (gssapi_krb5_context, - crypto, - KRB5_KU_USAGE_SEQ, - seq, 8, &encdata, - &ivec); - } - krb5_crypto_destroy (gssapi_krb5_context, crypto); - if (ret) { - gssapi_krb5_set_error_string (); - free (output_message_buffer->value); - *minor_status = ret; - return GSS_S_FAILURE; - } - - assert (encdata.length == 8); - - memcpy (p, encdata.data, encdata.length); - krb5_data_free (&encdata); - - krb5_auth_con_setlocalseqnumber (gssapi_krb5_context, - context_handle->auth_context, - ++seq_number); - - /* encrypt the data */ - p += 28; - - if(conf_req_flag) { - krb5_data tmp; - - ret = krb5_crypto_init(gssapi_krb5_context, key, - ETYPE_DES3_CBC_NONE, &crypto); - if (ret) { - gssapi_krb5_set_error_string (); - free (output_message_buffer->value); - *minor_status = ret; - return GSS_S_FAILURE; - } - ret = krb5_encrypt(gssapi_krb5_context, crypto, KRB5_KU_USAGE_SEAL, - p, datalen, &tmp); - krb5_crypto_destroy(gssapi_krb5_context, crypto); - if (ret) { - gssapi_krb5_set_error_string (); - free (output_message_buffer->value); - *minor_status = ret; - return GSS_S_FAILURE; - } - assert (tmp.length == datalen); - - memcpy (p, tmp.data, datalen); - krb5_data_free(&tmp); - } - if(conf_state != NULL) - *conf_state = conf_req_flag; - *minor_status = 0; - return GSS_S_COMPLETE; -} - -OM_uint32 gss_wrap - (OM_uint32 * minor_status, - const gss_ctx_id_t context_handle, - int conf_req_flag, - gss_qop_t qop_req, - const gss_buffer_t input_message_buffer, - int * conf_state, - gss_buffer_t output_message_buffer - ) -{ - krb5_keyblock *key; - OM_uint32 ret; - krb5_keytype keytype; - - ret = gss_krb5_get_localkey(context_handle, &key); - if (ret) { - gssapi_krb5_set_error_string (); - *minor_status = ret; - return GSS_S_FAILURE; - } - krb5_enctype_to_keytype (gssapi_krb5_context, key->keytype, &keytype); - - switch (keytype) { - case KEYTYPE_DES : - ret = wrap_des (minor_status, context_handle, conf_req_flag, - qop_req, input_message_buffer, conf_state, - output_message_buffer, key); - break; - case KEYTYPE_DES3 : - ret = wrap_des3 (minor_status, context_handle, conf_req_flag, - qop_req, input_message_buffer, conf_state, - output_message_buffer, key); - break; - case KEYTYPE_ARCFOUR: - ret = _gssapi_wrap_arcfour (minor_status, context_handle, conf_req_flag, - qop_req, input_message_buffer, conf_state, - output_message_buffer, key); - break; - default : - *minor_status = KRB5_PROG_ETYPE_NOSUPP; - ret = GSS_S_FAILURE; - break; - } - krb5_free_keyblock (gssapi_krb5_context, key); - return ret; -} diff --git a/crypto/heimdal/lib/hdb/Makefile.am b/crypto/heimdal/lib/hdb/Makefile.am deleted file mode 100644 index f66cd06fec05..000000000000 --- a/crypto/heimdal/lib/hdb/Makefile.am +++ /dev/null @@ -1,115 +0,0 @@ -# $Id: Makefile.am 22490 2008-01-21 11:49:33Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += -I../asn1 -I$(srcdir)/../asn1 $(INCLUDE_hcrypto) - -BUILT_SOURCES = \ - $(gen_files_hdb:.x=.c) \ - hdb_err.c \ - hdb_err.h - -gen_files_hdb = \ - asn1_Salt.x \ - asn1_Key.x \ - asn1_Event.x \ - asn1_HDBFlags.x \ - asn1_GENERATION.x \ - asn1_HDB_Ext_PKINIT_acl.x \ - asn1_HDB_Ext_PKINIT_hash.x \ - asn1_HDB_Ext_Constrained_delegation_acl.x \ - asn1_HDB_Ext_Lan_Manager_OWF.x \ - asn1_HDB_Ext_Password.x \ - asn1_HDB_Ext_Aliases.x \ - asn1_HDB_extension.x \ - asn1_HDB_extensions.x \ - asn1_hdb_entry.x \ - asn1_hdb_entry_alias.x - -CLEANFILES = $(BUILT_SOURCES) $(gen_files_hdb) hdb_asn1.h hdb_asn1_files - -LDADD = libhdb.la \ - $(LIB_openldap) \ - ../krb5/libkrb5.la \ - ../asn1/libasn1.la \ - $(LIB_hcrypto) \ - $(LIB_roken) \ - $(LIB_ldopen) - -if OPENLDAP_MODULE - -ldap_so = hdb_ldap.la -hdb_ldap_la_SOURCES = hdb-ldap.c -hdb_ldap_la_LDFLAGS = -module - -else - -ldap = hdb-ldap.c - -endif - - -lib_LTLIBRARIES = libhdb.la $(ldap_so) -libhdb_la_LDFLAGS = -version-info 11:0:2 - -noinst_PROGRAMS = test_dbinfo - -dist_libhdb_la_SOURCES = \ - common.c \ - db.c \ - db3.c \ - ext.c \ - $(ldap) \ - hdb.c \ - hdb_locl.h \ - hdb-private.h \ - keys.c \ - keytab.c \ - dbinfo.c \ - mkey.c \ - ndbm.c \ - print.c - -nodist_libhdb_la_SOURCES = $(BUILT_SOURCES) - -AM_CPPFLAGS += $(INCLUDE_openldap) - -include_HEADERS = hdb.h hdb-protos.h -nodist_include_HEADERS = hdb_err.h hdb_asn1.h - -libhdb_la_CPPFLAGS = -DHDB_DB_DIR=\"$(DIR_hdbdir)\" - -libhdb_la_LIBADD = \ - $(LIB_com_err) \ - ../krb5/libkrb5.la \ - ../asn1/libasn1.la \ - $(LIBADD_roken) \ - $(LIB_openldap) \ - $(LIB_dlopen) \ - $(DBLIB) \ - $(LIB_NDBM) - -$(libhdb_la_OBJECTS): $(srcdir)/hdb-protos.h $(srcdir)/hdb-private.h - -$(srcdir)/hdb-protos.h: - cd $(srcdir); perl ../../cf/make-proto.pl -q -P comment -o hdb-protos.h $(dist_libhdb_la_SOURCES) || rm -f hdb-protos.h - -$(srcdir)/hdb-private.h: - cd $(srcdir); perl ../../cf/make-proto.pl -q -P comment -p hdb-private.h $(dist_libhdb_la_SOURCES) || rm -f hdb-private.h - -$(gen_files_hdb) hdb_asn1.h: hdb_asn1_files - -hdb_asn1_files: ../asn1/asn1_compile$(EXEEXT) $(srcdir)/hdb.asn1 - ../asn1/asn1_compile$(EXEEXT) $(srcdir)/hdb.asn1 hdb_asn1 - -$(libhdb_la_OBJECTS): hdb_asn1.h hdb_err.h - -test_dbinfo_SOURCES = test_dbinfo.c - -test_dbinfo_LIBS = libhdb.la - -# to help stupid solaris make - -hdb_err.h: hdb_err.et - -EXTRA_DIST = hdb.asn1 hdb_err.et hdb.schema diff --git a/crypto/heimdal/lib/hdb/Makefile.in b/crypto/heimdal/lib/hdb/Makefile.in deleted file mode 100644 index cb0f9169c42d..000000000000 --- a/crypto/heimdal/lib/hdb/Makefile.in +++ /dev/null @@ -1,1060 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22490 2008-01-21 11:49:33Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - - - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(include_HEADERS) $(srcdir)/Makefile.am \ - $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -noinst_PROGRAMS = test_dbinfo$(EXEEXT) -subdir = lib/hdb -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)" \ - "$(DESTDIR)$(includedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) -LTLIBRARIES = $(lib_LTLIBRARIES) -hdb_ldap_la_LIBADD = -am__hdb_ldap_la_SOURCES_DIST = hdb-ldap.c -@OPENLDAP_MODULE_TRUE@am_hdb_ldap_la_OBJECTS = hdb-ldap.lo -hdb_ldap_la_OBJECTS = $(am_hdb_ldap_la_OBJECTS) -hdb_ldap_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(hdb_ldap_la_LDFLAGS) $(LDFLAGS) -o $@ -@OPENLDAP_MODULE_TRUE@am_hdb_ldap_la_rpath = -rpath $(libdir) -am__DEPENDENCIES_1 = -libhdb_la_DEPENDENCIES = $(am__DEPENDENCIES_1) ../krb5/libkrb5.la \ - ../asn1/libasn1.la $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -am__dist_libhdb_la_SOURCES_DIST = common.c db.c db3.c ext.c hdb-ldap.c \ - hdb.c hdb_locl.h hdb-private.h keys.c keytab.c dbinfo.c mkey.c \ - ndbm.c print.c -@OPENLDAP_MODULE_FALSE@am__objects_1 = libhdb_la-hdb-ldap.lo -dist_libhdb_la_OBJECTS = libhdb_la-common.lo libhdb_la-db.lo \ - libhdb_la-db3.lo libhdb_la-ext.lo $(am__objects_1) \ - libhdb_la-hdb.lo libhdb_la-keys.lo libhdb_la-keytab.lo \ - libhdb_la-dbinfo.lo libhdb_la-mkey.lo libhdb_la-ndbm.lo \ - libhdb_la-print.lo -am__objects_2 = libhdb_la-asn1_Salt.lo libhdb_la-asn1_Key.lo \ - libhdb_la-asn1_Event.lo libhdb_la-asn1_HDBFlags.lo \ - libhdb_la-asn1_GENERATION.lo \ - libhdb_la-asn1_HDB_Ext_PKINIT_acl.lo \ - libhdb_la-asn1_HDB_Ext_PKINIT_hash.lo \ - libhdb_la-asn1_HDB_Ext_Constrained_delegation_acl.lo \ - libhdb_la-asn1_HDB_Ext_Lan_Manager_OWF.lo \ - libhdb_la-asn1_HDB_Ext_Password.lo \ - libhdb_la-asn1_HDB_Ext_Aliases.lo \ - libhdb_la-asn1_HDB_extension.lo \ - libhdb_la-asn1_HDB_extensions.lo libhdb_la-asn1_hdb_entry.lo \ - libhdb_la-asn1_hdb_entry_alias.lo -am__objects_3 = $(am__objects_2) libhdb_la-hdb_err.lo -nodist_libhdb_la_OBJECTS = $(am__objects_3) -libhdb_la_OBJECTS = $(dist_libhdb_la_OBJECTS) \ - $(nodist_libhdb_la_OBJECTS) -libhdb_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(libhdb_la_LDFLAGS) $(LDFLAGS) -o $@ -PROGRAMS = $(noinst_PROGRAMS) -am_test_dbinfo_OBJECTS = test_dbinfo.$(OBJEXT) -test_dbinfo_OBJECTS = $(am_test_dbinfo_OBJECTS) -test_dbinfo_LDADD = $(LDADD) -test_dbinfo_DEPENDENCIES = libhdb.la $(am__DEPENDENCIES_1) \ - ../krb5/libkrb5.la ../asn1/libasn1.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(hdb_ldap_la_SOURCES) $(dist_libhdb_la_SOURCES) \ - $(nodist_libhdb_la_SOURCES) $(test_dbinfo_SOURCES) -DIST_SOURCES = $(am__hdb_ldap_la_SOURCES_DIST) \ - $(am__dist_libhdb_la_SOURCES_DIST) $(test_dbinfo_SOURCES) -includeHEADERS_INSTALL = $(INSTALL_HEADER) -nodist_includeHEADERS_INSTALL = $(INSTALL_HEADER) -HEADERS = $(include_HEADERS) $(nodist_include_HEADERS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -I../asn1 \ - -I$(srcdir)/../asn1 $(INCLUDE_hcrypto) $(INCLUDE_openldap) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -BUILT_SOURCES = \ - $(gen_files_hdb:.x=.c) \ - hdb_err.c \ - hdb_err.h - -gen_files_hdb = \ - asn1_Salt.x \ - asn1_Key.x \ - asn1_Event.x \ - asn1_HDBFlags.x \ - asn1_GENERATION.x \ - asn1_HDB_Ext_PKINIT_acl.x \ - asn1_HDB_Ext_PKINIT_hash.x \ - asn1_HDB_Ext_Constrained_delegation_acl.x \ - asn1_HDB_Ext_Lan_Manager_OWF.x \ - asn1_HDB_Ext_Password.x \ - asn1_HDB_Ext_Aliases.x \ - asn1_HDB_extension.x \ - asn1_HDB_extensions.x \ - asn1_hdb_entry.x \ - asn1_hdb_entry_alias.x - -CLEANFILES = $(BUILT_SOURCES) $(gen_files_hdb) hdb_asn1.h hdb_asn1_files -LDADD = libhdb.la \ - $(LIB_openldap) \ - ../krb5/libkrb5.la \ - ../asn1/libasn1.la \ - $(LIB_hcrypto) \ - $(LIB_roken) \ - $(LIB_ldopen) - -@OPENLDAP_MODULE_TRUE@ldap_so = hdb_ldap.la -@OPENLDAP_MODULE_TRUE@hdb_ldap_la_SOURCES = hdb-ldap.c -@OPENLDAP_MODULE_TRUE@hdb_ldap_la_LDFLAGS = -module -@OPENLDAP_MODULE_FALSE@ldap = hdb-ldap.c -lib_LTLIBRARIES = libhdb.la $(ldap_so) -libhdb_la_LDFLAGS = -version-info 11:0:2 -dist_libhdb_la_SOURCES = \ - common.c \ - db.c \ - db3.c \ - ext.c \ - $(ldap) \ - hdb.c \ - hdb_locl.h \ - hdb-private.h \ - keys.c \ - keytab.c \ - dbinfo.c \ - mkey.c \ - ndbm.c \ - print.c - -nodist_libhdb_la_SOURCES = $(BUILT_SOURCES) -include_HEADERS = hdb.h hdb-protos.h -nodist_include_HEADERS = hdb_err.h hdb_asn1.h -libhdb_la_CPPFLAGS = -DHDB_DB_DIR=\"$(DIR_hdbdir)\" -libhdb_la_LIBADD = \ - $(LIB_com_err) \ - ../krb5/libkrb5.la \ - ../asn1/libasn1.la \ - $(LIBADD_roken) \ - $(LIB_openldap) \ - $(LIB_dlopen) \ - $(DBLIB) \ - $(LIB_NDBM) - -test_dbinfo_SOURCES = test_dbinfo.c -test_dbinfo_LIBS = libhdb.la -EXTRA_DIST = hdb.asn1 hdb_err.et hdb.schema -all: $(BUILT_SOURCES) - $(MAKE) $(AM_MAKEFLAGS) all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/hdb/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/hdb/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-libLTLIBRARIES: $(lib_LTLIBRARIES) - @$(NORMAL_INSTALL) - test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ - else :; fi; \ - done - -uninstall-libLTLIBRARIES: - @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ - done - -clean-libLTLIBRARIES: - -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done -hdb_ldap.la: $(hdb_ldap_la_OBJECTS) $(hdb_ldap_la_DEPENDENCIES) - $(hdb_ldap_la_LINK) $(am_hdb_ldap_la_rpath) $(hdb_ldap_la_OBJECTS) $(hdb_ldap_la_LIBADD) $(LIBS) -libhdb.la: $(libhdb_la_OBJECTS) $(libhdb_la_DEPENDENCIES) - $(libhdb_la_LINK) -rpath $(libdir) $(libhdb_la_OBJECTS) $(libhdb_la_LIBADD) $(LIBS) - -clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -test_dbinfo$(EXEEXT): $(test_dbinfo_OBJECTS) $(test_dbinfo_DEPENDENCIES) - @rm -f test_dbinfo$(EXEEXT) - $(LINK) $(test_dbinfo_OBJECTS) $(test_dbinfo_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -libhdb_la-common.lo: common.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-common.lo `test -f 'common.c' || echo '$(srcdir)/'`common.c - -libhdb_la-db.lo: db.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-db.lo `test -f 'db.c' || echo '$(srcdir)/'`db.c - -libhdb_la-db3.lo: db3.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-db3.lo `test -f 'db3.c' || echo '$(srcdir)/'`db3.c - -libhdb_la-ext.lo: ext.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-ext.lo `test -f 'ext.c' || echo '$(srcdir)/'`ext.c - -libhdb_la-hdb-ldap.lo: hdb-ldap.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-hdb-ldap.lo `test -f 'hdb-ldap.c' || echo '$(srcdir)/'`hdb-ldap.c - -libhdb_la-hdb.lo: hdb.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-hdb.lo `test -f 'hdb.c' || echo '$(srcdir)/'`hdb.c - -libhdb_la-keys.lo: keys.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-keys.lo `test -f 'keys.c' || echo '$(srcdir)/'`keys.c - -libhdb_la-keytab.lo: keytab.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-keytab.lo `test -f 'keytab.c' || echo '$(srcdir)/'`keytab.c - -libhdb_la-dbinfo.lo: dbinfo.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-dbinfo.lo `test -f 'dbinfo.c' || echo '$(srcdir)/'`dbinfo.c - -libhdb_la-mkey.lo: mkey.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-mkey.lo `test -f 'mkey.c' || echo '$(srcdir)/'`mkey.c - -libhdb_la-ndbm.lo: ndbm.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-ndbm.lo `test -f 'ndbm.c' || echo '$(srcdir)/'`ndbm.c - -libhdb_la-print.lo: print.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-print.lo `test -f 'print.c' || echo '$(srcdir)/'`print.c - -libhdb_la-asn1_Salt.lo: asn1_Salt.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_Salt.lo `test -f 'asn1_Salt.c' || echo '$(srcdir)/'`asn1_Salt.c - -libhdb_la-asn1_Key.lo: asn1_Key.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_Key.lo `test -f 'asn1_Key.c' || echo '$(srcdir)/'`asn1_Key.c - -libhdb_la-asn1_Event.lo: asn1_Event.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_Event.lo `test -f 'asn1_Event.c' || echo '$(srcdir)/'`asn1_Event.c - -libhdb_la-asn1_HDBFlags.lo: asn1_HDBFlags.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_HDBFlags.lo `test -f 'asn1_HDBFlags.c' || echo '$(srcdir)/'`asn1_HDBFlags.c - -libhdb_la-asn1_GENERATION.lo: asn1_GENERATION.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_GENERATION.lo `test -f 'asn1_GENERATION.c' || echo '$(srcdir)/'`asn1_GENERATION.c - -libhdb_la-asn1_HDB_Ext_PKINIT_acl.lo: asn1_HDB_Ext_PKINIT_acl.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_HDB_Ext_PKINIT_acl.lo `test -f 'asn1_HDB_Ext_PKINIT_acl.c' || echo '$(srcdir)/'`asn1_HDB_Ext_PKINIT_acl.c - -libhdb_la-asn1_HDB_Ext_PKINIT_hash.lo: asn1_HDB_Ext_PKINIT_hash.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_HDB_Ext_PKINIT_hash.lo `test -f 'asn1_HDB_Ext_PKINIT_hash.c' || echo '$(srcdir)/'`asn1_HDB_Ext_PKINIT_hash.c - -libhdb_la-asn1_HDB_Ext_Constrained_delegation_acl.lo: asn1_HDB_Ext_Constrained_delegation_acl.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_HDB_Ext_Constrained_delegation_acl.lo `test -f 'asn1_HDB_Ext_Constrained_delegation_acl.c' || echo '$(srcdir)/'`asn1_HDB_Ext_Constrained_delegation_acl.c - -libhdb_la-asn1_HDB_Ext_Lan_Manager_OWF.lo: asn1_HDB_Ext_Lan_Manager_OWF.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_HDB_Ext_Lan_Manager_OWF.lo `test -f 'asn1_HDB_Ext_Lan_Manager_OWF.c' || echo '$(srcdir)/'`asn1_HDB_Ext_Lan_Manager_OWF.c - -libhdb_la-asn1_HDB_Ext_Password.lo: asn1_HDB_Ext_Password.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_HDB_Ext_Password.lo `test -f 'asn1_HDB_Ext_Password.c' || echo '$(srcdir)/'`asn1_HDB_Ext_Password.c - -libhdb_la-asn1_HDB_Ext_Aliases.lo: asn1_HDB_Ext_Aliases.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_HDB_Ext_Aliases.lo `test -f 'asn1_HDB_Ext_Aliases.c' || echo '$(srcdir)/'`asn1_HDB_Ext_Aliases.c - -libhdb_la-asn1_HDB_extension.lo: asn1_HDB_extension.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_HDB_extension.lo `test -f 'asn1_HDB_extension.c' || echo '$(srcdir)/'`asn1_HDB_extension.c - -libhdb_la-asn1_HDB_extensions.lo: asn1_HDB_extensions.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_HDB_extensions.lo `test -f 'asn1_HDB_extensions.c' || echo '$(srcdir)/'`asn1_HDB_extensions.c - -libhdb_la-asn1_hdb_entry.lo: asn1_hdb_entry.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_hdb_entry.lo `test -f 'asn1_hdb_entry.c' || echo '$(srcdir)/'`asn1_hdb_entry.c - -libhdb_la-asn1_hdb_entry_alias.lo: asn1_hdb_entry_alias.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-asn1_hdb_entry_alias.lo `test -f 'asn1_hdb_entry_alias.c' || echo '$(srcdir)/'`asn1_hdb_entry_alias.c - -libhdb_la-hdb_err.lo: hdb_err.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhdb_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhdb_la-hdb_err.lo `test -f 'hdb_err.c' || echo '$(srcdir)/'`hdb_err.c - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-includeHEADERS: $(include_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ - done - -uninstall-includeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done -install-nodist_includeHEADERS: $(nodist_include_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(nodist_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(nodist_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ - done - -uninstall-nodist_includeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: $(BUILT_SOURCES) - $(MAKE) $(AM_MAKEFLAGS) check-am -all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local -installdirs: - for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: $(BUILT_SOURCES) - $(MAKE) $(AM_MAKEFLAGS) install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." - -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) -clean: clean-am - -clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \ - clean-noinstPROGRAMS mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-includeHEADERS install-nodist_includeHEADERS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-libLTLIBRARIES - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-includeHEADERS uninstall-libLTLIBRARIES \ - uninstall-nodist_includeHEADERS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-generic clean-libLTLIBRARIES clean-libtool \ - clean-noinstPROGRAMS ctags dist-hook distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am \ - install-data-hook install-dvi install-dvi-am install-exec \ - install-exec-am install-exec-hook install-html install-html-am \ - install-includeHEADERS install-info install-info-am \ - install-libLTLIBRARIES install-man \ - install-nodist_includeHEADERS install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-hook \ - uninstall-includeHEADERS uninstall-libLTLIBRARIES \ - uninstall-nodist_includeHEADERS - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -$(libhdb_la_OBJECTS): $(srcdir)/hdb-protos.h $(srcdir)/hdb-private.h - -$(srcdir)/hdb-protos.h: - cd $(srcdir); perl ../../cf/make-proto.pl -q -P comment -o hdb-protos.h $(dist_libhdb_la_SOURCES) || rm -f hdb-protos.h - -$(srcdir)/hdb-private.h: - cd $(srcdir); perl ../../cf/make-proto.pl -q -P comment -p hdb-private.h $(dist_libhdb_la_SOURCES) || rm -f hdb-private.h - -$(gen_files_hdb) hdb_asn1.h: hdb_asn1_files - -hdb_asn1_files: ../asn1/asn1_compile$(EXEEXT) $(srcdir)/hdb.asn1 - ../asn1/asn1_compile$(EXEEXT) $(srcdir)/hdb.asn1 hdb_asn1 - -$(libhdb_la_OBJECTS): hdb_asn1.h hdb_err.h - -# to help stupid solaris make - -hdb_err.h: hdb_err.et -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/lib/hdb/common.c b/crypto/heimdal/lib/hdb/common.c deleted file mode 100644 index 680b666564b8..000000000000 --- a/crypto/heimdal/lib/hdb/common.c +++ /dev/null @@ -1,283 +0,0 @@ -/* - * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hdb_locl.h" - -RCSID("$Id: common.c 20236 2007-02-16 23:52:29Z lha $"); - -int -hdb_principal2key(krb5_context context, krb5_const_principal p, krb5_data *key) -{ - Principal new; - size_t len; - int ret; - - ret = copy_Principal(p, &new); - if(ret) - return ret; - new.name.name_type = 0; - - ASN1_MALLOC_ENCODE(Principal, key->data, key->length, &new, &len, ret); - if (ret == 0 && key->length != len) - krb5_abortx(context, "internal asn.1 encoder error"); - free_Principal(&new); - return ret; -} - -int -hdb_key2principal(krb5_context context, krb5_data *key, krb5_principal p) -{ - return decode_Principal(key->data, key->length, p, NULL); -} - -int -hdb_entry2value(krb5_context context, const hdb_entry *ent, krb5_data *value) -{ - size_t len; - int ret; - - ASN1_MALLOC_ENCODE(hdb_entry, value->data, value->length, ent, &len, ret); - if (ret == 0 && value->length != len) - krb5_abortx(context, "internal asn.1 encoder error"); - return ret; -} - -int -hdb_value2entry(krb5_context context, krb5_data *value, hdb_entry *ent) -{ - return decode_hdb_entry(value->data, value->length, ent, NULL); -} - -int -hdb_entry_alias2value(krb5_context context, - const hdb_entry_alias *alias, - krb5_data *value) -{ - size_t len; - int ret; - - ASN1_MALLOC_ENCODE(hdb_entry_alias, value->data, value->length, - alias, &len, ret); - if (ret == 0 && value->length != len) - krb5_abortx(context, "internal asn.1 encoder error"); - return ret; -} - -int -hdb_value2entry_alias(krb5_context context, krb5_data *value, - hdb_entry_alias *ent) -{ - return decode_hdb_entry_alias(value->data, value->length, ent, NULL); -} - -krb5_error_code -_hdb_fetch(krb5_context context, HDB *db, krb5_const_principal principal, - unsigned flags, hdb_entry_ex *entry) -{ - krb5_data key, value; - int code; - - hdb_principal2key(context, principal, &key); - code = db->hdb__get(context, db, key, &value); - krb5_data_free(&key); - if(code) - return code; - code = hdb_value2entry(context, &value, &entry->entry); - if (code == ASN1_BAD_ID && (flags & HDB_F_CANON) == 0) { - krb5_data_free(&value); - return HDB_ERR_NOENTRY; - } else if (code == ASN1_BAD_ID) { - hdb_entry_alias alias; - - code = hdb_value2entry_alias(context, &value, &alias); - if (code) { - krb5_data_free(&value); - return code; - } - hdb_principal2key(context, alias.principal, &key); - krb5_data_free(&value); - free_hdb_entry_alias(&alias); - - code = db->hdb__get(context, db, key, &value); - krb5_data_free(&key); - if (code) - return code; - code = hdb_value2entry(context, &value, &entry->entry); - if (code) { - krb5_data_free(&value); - return code; - } - } - krb5_data_free(&value); - if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) { - code = hdb_unseal_keys (context, db, &entry->entry); - if (code) - hdb_free_entry(context, entry); - } - return code; -} - -static krb5_error_code -hdb_remove_aliases(krb5_context context, HDB *db, krb5_data *key) -{ - const HDB_Ext_Aliases *aliases; - krb5_error_code code; - hdb_entry oldentry; - krb5_data value; - int i; - - code = db->hdb__get(context, db, *key, &value); - if (code == HDB_ERR_NOENTRY) - return 0; - else if (code) - return code; - - code = hdb_value2entry(context, &value, &oldentry); - krb5_data_free(&value); - if (code) - return code; - - code = hdb_entry_get_aliases(&oldentry, &aliases); - if (code || aliases == NULL) { - free_hdb_entry(&oldentry); - return code; - } - for (i = 0; i < aliases->aliases.len; i++) { - krb5_data akey; - - hdb_principal2key(context, &aliases->aliases.val[i], &akey); - code = db->hdb__del(context, db, akey); - krb5_data_free(&akey); - if (code) { - free_hdb_entry(&oldentry); - return code; - } - } - free_hdb_entry(&oldentry); - return 0; -} - -static krb5_error_code -hdb_add_aliases(krb5_context context, HDB *db, - unsigned flags, hdb_entry_ex *entry) -{ - const HDB_Ext_Aliases *aliases; - krb5_error_code code; - krb5_data key, value; - int i; - - code = hdb_entry_get_aliases(&entry->entry, &aliases); - if (code || aliases == NULL) - return code; - - for (i = 0; i < aliases->aliases.len; i++) { - hdb_entry_alias entryalias; - entryalias.principal = entry->entry.principal; - - hdb_principal2key(context, &aliases->aliases.val[i], &key); - code = hdb_entry_alias2value(context, &entryalias, &value); - if (code) { - krb5_data_free(&key); - return code; - } - code = db->hdb__put(context, db, flags, key, value); - krb5_data_free(&key); - krb5_data_free(&value); - if (code) - return code; - } - return 0; -} - -krb5_error_code -_hdb_store(krb5_context context, HDB *db, unsigned flags, hdb_entry_ex *entry) -{ - krb5_data key, value; - int code; - - if(entry->entry.generation == NULL) { - struct timeval t; - entry->entry.generation = malloc(sizeof(*entry->entry.generation)); - if(entry->entry.generation == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - gettimeofday(&t, NULL); - entry->entry.generation->time = t.tv_sec; - entry->entry.generation->usec = t.tv_usec; - entry->entry.generation->gen = 0; - } else - entry->entry.generation->gen++; - hdb_principal2key(context, entry->entry.principal, &key); - code = hdb_seal_keys(context, db, &entry->entry); - if (code) { - krb5_data_free(&key); - return code; - } - - /* remove aliases */ - code = hdb_remove_aliases(context, db, &key); - if (code) { - krb5_data_free(&key); - return code; - } - hdb_entry2value(context, &entry->entry, &value); - code = db->hdb__put(context, db, flags & HDB_F_REPLACE, key, value); - krb5_data_free(&value); - krb5_data_free(&key); - if (code) - return code; - - code = hdb_add_aliases(context, db, flags, entry); - - return code; -} - -krb5_error_code -_hdb_remove(krb5_context context, HDB *db, krb5_const_principal principal) -{ - krb5_data key; - int code; - - hdb_principal2key(context, principal, &key); - - code = hdb_remove_aliases(context, db, &key); - if (code) { - krb5_data_free(&key); - return code; - } - code = db->hdb__del(context, db, key); - krb5_data_free(&key); - return code; -} - diff --git a/crypto/heimdal/lib/hdb/convert_db.c b/crypto/heimdal/lib/hdb/convert_db.c deleted file mode 100644 index 0b300a55fcce..000000000000 --- a/crypto/heimdal/lib/hdb/convert_db.c +++ /dev/null @@ -1,213 +0,0 @@ -/* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -/* Converts a database from version 0.0* to 0.1. This is done by - * making three copies of each DES key (DES-CBC-CRC, DES-CBC-MD4, and - * DES-CBC-MD5). - * - * Use with care. - */ - -#include "hdb_locl.h" -#include -#include - -RCSID("$Id: convert_db.c,v 1.12 2001/02/20 01:44:53 assar Exp $"); - -static krb5_error_code -update_keytypes(krb5_context context, HDB *db, hdb_entry *entry, void *data) -{ - int i; - int n = 0; - Key *k; - int save_len; - Key *save_val; - HDB *new = data; - krb5_error_code ret; - - for(i = 0; i < entry->keys.len; i++) - if(entry->keys.val[i].key.keytype == KEYTYPE_DES) - n += 2; - else if(entry->keys.val[i].key.keytype == KEYTYPE_DES3) - n += 1; - k = malloc(sizeof(*k) * (entry->keys.len + n)); - n = 0; - for(i = 0; i < entry->keys.len; i++) { - copy_Key(&entry->keys.val[i], &k[n]); - if(entry->keys.val[i].key.keytype == KEYTYPE_DES) { - copy_Key(&entry->keys.val[i], &k[n+1]); - k[n+1].key.keytype = ETYPE_DES_CBC_MD4; - copy_Key(&entry->keys.val[i], &k[n+2]); - k[n+2].key.keytype = ETYPE_DES_CBC_MD5; - n += 2; - } - else if(entry->keys.val[i].key.keytype == KEYTYPE_DES3) { - copy_Key(&entry->keys.val[i], &k[n+1]); - k[n+1].key.keytype = ETYPE_DES3_CBC_MD5; - n += 1; - } - n++; - } - save_len = entry->keys.len; - save_val = entry->keys.val; - entry->keys.len = n; - entry->keys.val = k; - ret = new->store(context, new, HDB_F_REPLACE, entry); - entry->keys.len = save_len; - entry->keys.val = save_val; - for(i = 0; i < n; i++) - free_Key(&k[i]); - free(k); - return 0; -} - -static krb5_error_code -update_version2(krb5_context context, HDB *db, hdb_entry *entry, void *data) -{ - HDB *new = data; - if(!db->master_key_set) { - int i; - for(i = 0; i < entry->keys.len; i++) { - free(entry->keys.val[i].mkvno); - entry->keys.val[i].mkvno = NULL; - } - } - new->store(context, new, HDB_F_REPLACE, entry); - return 0; -} - -char *old_database = HDB_DEFAULT_DB; -char *new_database = HDB_DEFAULT_DB ".new"; -char *mkeyfile; -int update_version; -int help_flag; -int version_flag; - -struct getargs args[] = { - { "old-database", 0, arg_string, &old_database, - "name of database to convert", "file" }, - { "new-database", 0, arg_string, &new_database, - "name of converted database", "file" }, - { "master-key", 0, arg_string, &mkeyfile, - "v5 master key file", "file" }, - { "update-version", 0, arg_flag, &update_version, - "update the database to the current version" }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 0, arg_flag, &version_flag } -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - krb5_context context; - HDB *db, *new; - int optind = 0; - int master_key_set = 0; - - setprogname(argv[0]); - - if(getarg(args, num_args, argc, argv, &optind)) - krb5_std_usage(1, args, num_args); - - if(help_flag) - krb5_std_usage(0, args, num_args); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - ret = krb5_init_context(&context); - if(ret != 0) - errx(1, "krb5_init_context failed: %d", ret); - - ret = hdb_create(context, &db, old_database); - if(ret != 0) - krb5_err(context, 1, ret, "hdb_create"); - - ret = hdb_set_master_keyfile(context, db, mkeyfile); - if (ret) - krb5_err(context, 1, ret, "hdb_set_master_keyfile"); - master_key_set = 1; - ret = hdb_create(context, &new, new_database); - if(ret != 0) - krb5_err(context, 1, ret, "hdb_create"); - if (master_key_set) { - ret = hdb_set_master_keyfile(context, new, mkeyfile); - if (ret) - krb5_err(context, 1, ret, "hdb_set_master_keyfile"); - } - ret = db->open(context, db, O_RDONLY, 0); - if(ret == HDB_ERR_BADVERSION) { - krb5_data tag; - krb5_data version; - int foo; - unsigned ver; - tag.data = HDB_DB_FORMAT_ENTRY; - tag.length = strlen(tag.data); - ret = (*db->_get)(context, db, tag, &version); - if(ret) - krb5_errx(context, 1, "database is wrong version, " - "but couldn't find version key (%s)", - HDB_DB_FORMAT_ENTRY); - foo = sscanf(version.data, "%u", &ver); - krb5_data_free (&version); - if(foo != 1) - krb5_errx(context, 1, "database version is not a number"); - if(ver == 1 && HDB_DB_FORMAT == 2) { - krb5_warnx(context, "will upgrade database from version %d to %d", - ver, HDB_DB_FORMAT); - krb5_warnx(context, "rerun to do other conversions"); - update_version = 1; - } else - krb5_errx(context, 1, - "don't know how to upgrade from version %d to %d", - ver, HDB_DB_FORMAT); - } else if(ret) - krb5_err(context, 1, ret, "%s", old_database); - ret = new->open(context, new, O_CREAT|O_EXCL|O_RDWR, 0600); - if(ret) - krb5_err(context, 1, ret, "%s", new_database); - if(update_version) - ret = hdb_foreach(context, db, 0, update_version2, new); - else - ret = hdb_foreach(context, db, 0, update_keytypes, new); - if(ret != 0) - krb5_err(context, 1, ret, "hdb_foreach"); - db->close(context, db); - new->close(context, new); - krb5_warnx(context, "wrote converted database to `%s'", new_database); - return 0; -} diff --git a/crypto/heimdal/lib/hdb/db.c b/crypto/heimdal/lib/hdb/db.c deleted file mode 100644 index 870f0431cf3a..000000000000 --- a/crypto/heimdal/lib/hdb/db.c +++ /dev/null @@ -1,337 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hdb_locl.h" - -RCSID("$Id: db.c 20215 2007-02-09 21:59:53Z lha $"); - -#if HAVE_DB1 - -#if defined(HAVE_DB_185_H) -#include -#elif defined(HAVE_DB_H) -#include -#endif - -static krb5_error_code -DB_close(krb5_context context, HDB *db) -{ - DB *d = (DB*)db->hdb_db; - (*d->close)(d); - return 0; -} - -static krb5_error_code -DB_destroy(krb5_context context, HDB *db) -{ - krb5_error_code ret; - - ret = hdb_clear_master_key (context, db); - free(db->hdb_name); - free(db); - return ret; -} - -static krb5_error_code -DB_lock(krb5_context context, HDB *db, int operation) -{ - DB *d = (DB*)db->hdb_db; - int fd = (*d->fd)(d); - if(fd < 0) { - krb5_set_error_string(context, - "Can't lock database: %s", db->hdb_name); - return HDB_ERR_CANT_LOCK_DB; - } - return hdb_lock(fd, operation); -} - -static krb5_error_code -DB_unlock(krb5_context context, HDB *db) -{ - DB *d = (DB*)db->hdb_db; - int fd = (*d->fd)(d); - if(fd < 0) { - krb5_set_error_string(context, - "Can't unlock database: %s", db->hdb_name); - return HDB_ERR_CANT_LOCK_DB; - } - return hdb_unlock(fd); -} - - -static krb5_error_code -DB_seq(krb5_context context, HDB *db, - unsigned flags, hdb_entry_ex *entry, int flag) -{ - DB *d = (DB*)db->hdb_db; - DBT key, value; - krb5_data key_data, data; - int code; - - code = db->hdb_lock(context, db, HDB_RLOCK); - if(code == -1) { - krb5_set_error_string(context, "Database %s in use", db->hdb_name); - return HDB_ERR_DB_INUSE; - } - code = (*d->seq)(d, &key, &value, flag); - db->hdb_unlock(context, db); /* XXX check value */ - if(code == -1) { - code = errno; - krb5_set_error_string(context, "Database %s seq error: %s", - db->hdb_name, strerror(code)); - return code; - } - if(code == 1) { - krb5_clear_error_string(context); - return HDB_ERR_NOENTRY; - } - - key_data.data = key.data; - key_data.length = key.size; - data.data = value.data; - data.length = value.size; - memset(entry, 0, sizeof(*entry)); - if (hdb_value2entry(context, &data, &entry->entry)) - return DB_seq(context, db, flags, entry, R_NEXT); - if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) { - code = hdb_unseal_keys (context, db, &entry->entry); - if (code) - hdb_free_entry (context, entry); - } - if (code == 0 && entry->entry.principal == NULL) { - entry->entry.principal = malloc(sizeof(*entry->entry.principal)); - if (entry->entry.principal == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - code = ENOMEM; - hdb_free_entry (context, entry); - } else { - hdb_key2principal(context, &key_data, entry->entry.principal); - } - } - return code; -} - - -static krb5_error_code -DB_firstkey(krb5_context context, HDB *db, unsigned flags, hdb_entry_ex *entry) -{ - return DB_seq(context, db, flags, entry, R_FIRST); -} - - -static krb5_error_code -DB_nextkey(krb5_context context, HDB *db, unsigned flags, hdb_entry_ex *entry) -{ - return DB_seq(context, db, flags, entry, R_NEXT); -} - -static krb5_error_code -DB_rename(krb5_context context, HDB *db, const char *new_name) -{ - int ret; - char *old, *new; - - asprintf(&old, "%s.db", db->hdb_name); - asprintf(&new, "%s.db", new_name); - ret = rename(old, new); - free(old); - free(new); - if(ret) - return errno; - - free(db->hdb_name); - db->hdb_name = strdup(new_name); - return 0; -} - -static krb5_error_code -DB__get(krb5_context context, HDB *db, krb5_data key, krb5_data *reply) -{ - DB *d = (DB*)db->hdb_db; - DBT k, v; - int code; - - k.data = key.data; - k.size = key.length; - code = db->hdb_lock(context, db, HDB_RLOCK); - if(code) - return code; - code = (*d->get)(d, &k, &v, 0); - db->hdb_unlock(context, db); - if(code < 0) { - code = errno; - krb5_set_error_string(context, "Database %s get error: %s", - db->hdb_name, strerror(code)); - return code; - } - if(code == 1) { - krb5_clear_error_string(context); - return HDB_ERR_NOENTRY; - } - - krb5_data_copy(reply, v.data, v.size); - return 0; -} - -static krb5_error_code -DB__put(krb5_context context, HDB *db, int replace, - krb5_data key, krb5_data value) -{ - DB *d = (DB*)db->hdb_db; - DBT k, v; - int code; - - k.data = key.data; - k.size = key.length; - v.data = value.data; - v.size = value.length; - code = db->hdb_lock(context, db, HDB_WLOCK); - if(code) - return code; - code = (*d->put)(d, &k, &v, replace ? 0 : R_NOOVERWRITE); - db->hdb_unlock(context, db); - if(code < 0) { - code = errno; - krb5_set_error_string(context, "Database %s put error: %s", - db->hdb_name, strerror(code)); - return code; - } - if(code == 1) { - krb5_clear_error_string(context); - return HDB_ERR_EXISTS; - } - return 0; -} - -static krb5_error_code -DB__del(krb5_context context, HDB *db, krb5_data key) -{ - DB *d = (DB*)db->hdb_db; - DBT k; - krb5_error_code code; - k.data = key.data; - k.size = key.length; - code = db->hdb_lock(context, db, HDB_WLOCK); - if(code) - return code; - code = (*d->del)(d, &k, 0); - db->hdb_unlock(context, db); - if(code == 1) { - code = errno; - krb5_set_error_string(context, "Database %s put error: %s", - db->hdb_name, strerror(code)); - return code; - } - if(code < 0) - return errno; - return 0; -} - -static krb5_error_code -DB_open(krb5_context context, HDB *db, int flags, mode_t mode) -{ - char *fn; - krb5_error_code ret; - - asprintf(&fn, "%s.db", db->hdb_name); - if (fn == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - db->hdb_db = dbopen(fn, flags, mode, DB_BTREE, NULL); - free(fn); - /* try to open without .db extension */ - if(db->hdb_db == NULL && errno == ENOENT) - db->hdb_db = dbopen(db->hdb_name, flags, mode, DB_BTREE, NULL); - if(db->hdb_db == NULL) { - ret = errno; - krb5_set_error_string(context, "dbopen (%s): %s", - db->hdb_name, strerror(ret)); - return ret; - } - if((flags & O_ACCMODE) == O_RDONLY) - ret = hdb_check_db_format(context, db); - else - ret = hdb_init_db(context, db); - if(ret == HDB_ERR_NOENTRY) { - krb5_clear_error_string(context); - return 0; - } - if (ret) { - DB_close(context, db); - krb5_set_error_string(context, "hdb_open: failed %s database %s", - (flags & O_ACCMODE) == O_RDONLY ? - "checking format of" : "initialize", - db->hdb_name); - } - return ret; -} - -krb5_error_code -hdb_db_create(krb5_context context, HDB **db, - const char *filename) -{ - *db = calloc(1, sizeof(**db)); - if (*db == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - (*db)->hdb_db = NULL; - (*db)->hdb_name = strdup(filename); - if ((*db)->hdb_name == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - free(*db); - *db = NULL; - return ENOMEM; - } - (*db)->hdb_master_key_set = 0; - (*db)->hdb_openp = 0; - (*db)->hdb_open = DB_open; - (*db)->hdb_close = DB_close; - (*db)->hdb_fetch = _hdb_fetch; - (*db)->hdb_store = _hdb_store; - (*db)->hdb_remove = _hdb_remove; - (*db)->hdb_firstkey = DB_firstkey; - (*db)->hdb_nextkey= DB_nextkey; - (*db)->hdb_lock = DB_lock; - (*db)->hdb_unlock = DB_unlock; - (*db)->hdb_rename = DB_rename; - (*db)->hdb__get = DB__get; - (*db)->hdb__put = DB__put; - (*db)->hdb__del = DB__del; - (*db)->hdb_destroy = DB_destroy; - return 0; -} - -#endif /* HAVE_DB1 */ diff --git a/crypto/heimdal/lib/hdb/db3.c b/crypto/heimdal/lib/hdb/db3.c deleted file mode 100644 index 45ccbef79198..000000000000 --- a/crypto/heimdal/lib/hdb/db3.c +++ /dev/null @@ -1,358 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hdb_locl.h" - -RCSID("$Id: db3.c 21610 2007-07-17 07:10:45Z lha $"); - -#if HAVE_DB3 - -#ifdef HAVE_DB4_DB_H -#include -#elif defined(HAVE_DB3_DB_H) -#include -#else -#include -#endif - -static krb5_error_code -DB_close(krb5_context context, HDB *db) -{ - DB *d = (DB*)db->hdb_db; - DBC *dbcp = (DBC*)db->hdb_dbc; - - (*dbcp->c_close)(dbcp); - db->hdb_dbc = 0; - (*d->close)(d, 0); - return 0; -} - -static krb5_error_code -DB_destroy(krb5_context context, HDB *db) -{ - krb5_error_code ret; - - ret = hdb_clear_master_key (context, db); - free(db->hdb_name); - free(db); - return ret; -} - -static krb5_error_code -DB_lock(krb5_context context, HDB *db, int operation) -{ - DB *d = (DB*)db->hdb_db; - int fd; - if ((*d->fd)(d, &fd)) - return HDB_ERR_CANT_LOCK_DB; - return hdb_lock(fd, operation); -} - -static krb5_error_code -DB_unlock(krb5_context context, HDB *db) -{ - DB *d = (DB*)db->hdb_db; - int fd; - if ((*d->fd)(d, &fd)) - return HDB_ERR_CANT_LOCK_DB; - return hdb_unlock(fd); -} - - -static krb5_error_code -DB_seq(krb5_context context, HDB *db, - unsigned flags, hdb_entry_ex *entry, int flag) -{ - DBT key, value; - DBC *dbcp = db->hdb_dbc; - krb5_data key_data, data; - int code; - - memset(&key, 0, sizeof(DBT)); - memset(&value, 0, sizeof(DBT)); - if ((*db->hdb_lock)(context, db, HDB_RLOCK)) - return HDB_ERR_DB_INUSE; - code = (*dbcp->c_get)(dbcp, &key, &value, flag); - (*db->hdb_unlock)(context, db); /* XXX check value */ - if (code == DB_NOTFOUND) - return HDB_ERR_NOENTRY; - if (code) - return code; - - key_data.data = key.data; - key_data.length = key.size; - data.data = value.data; - data.length = value.size; - memset(entry, 0, sizeof(*entry)); - if (hdb_value2entry(context, &data, &entry->entry)) - return DB_seq(context, db, flags, entry, DB_NEXT); - if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) { - code = hdb_unseal_keys (context, db, &entry->entry); - if (code) - hdb_free_entry (context, entry); - } - if (entry->entry.principal == NULL) { - entry->entry.principal = malloc(sizeof(*entry->entry.principal)); - if (entry->entry.principal == NULL) { - hdb_free_entry (context, entry); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } else { - hdb_key2principal(context, &key_data, entry->entry.principal); - } - } - return 0; -} - - -static krb5_error_code -DB_firstkey(krb5_context context, HDB *db, unsigned flags, hdb_entry_ex *entry) -{ - return DB_seq(context, db, flags, entry, DB_FIRST); -} - - -static krb5_error_code -DB_nextkey(krb5_context context, HDB *db, unsigned flags, hdb_entry_ex *entry) -{ - return DB_seq(context, db, flags, entry, DB_NEXT); -} - -static krb5_error_code -DB_rename(krb5_context context, HDB *db, const char *new_name) -{ - int ret; - char *old, *new; - - asprintf(&old, "%s.db", db->hdb_name); - asprintf(&new, "%s.db", new_name); - ret = rename(old, new); - free(old); - free(new); - if(ret) - return errno; - - free(db->hdb_name); - db->hdb_name = strdup(new_name); - return 0; -} - -static krb5_error_code -DB__get(krb5_context context, HDB *db, krb5_data key, krb5_data *reply) -{ - DB *d = (DB*)db->hdb_db; - DBT k, v; - int code; - - memset(&k, 0, sizeof(DBT)); - memset(&v, 0, sizeof(DBT)); - k.data = key.data; - k.size = key.length; - k.flags = 0; - if ((code = (*db->hdb_lock)(context, db, HDB_RLOCK))) - return code; - code = (*d->get)(d, NULL, &k, &v, 0); - (*db->hdb_unlock)(context, db); - if(code == DB_NOTFOUND) - return HDB_ERR_NOENTRY; - if(code) - return code; - - krb5_data_copy(reply, v.data, v.size); - return 0; -} - -static krb5_error_code -DB__put(krb5_context context, HDB *db, int replace, - krb5_data key, krb5_data value) -{ - DB *d = (DB*)db->hdb_db; - DBT k, v; - int code; - - memset(&k, 0, sizeof(DBT)); - memset(&v, 0, sizeof(DBT)); - k.data = key.data; - k.size = key.length; - k.flags = 0; - v.data = value.data; - v.size = value.length; - v.flags = 0; - if ((code = (*db->hdb_lock)(context, db, HDB_WLOCK))) - return code; - code = (*d->put)(d, NULL, &k, &v, replace ? 0 : DB_NOOVERWRITE); - (*db->hdb_unlock)(context, db); - if(code == DB_KEYEXIST) - return HDB_ERR_EXISTS; - if(code) - return errno; - return 0; -} - -static krb5_error_code -DB__del(krb5_context context, HDB *db, krb5_data key) -{ - DB *d = (DB*)db->hdb_db; - DBT k; - krb5_error_code code; - memset(&k, 0, sizeof(DBT)); - k.data = key.data; - k.size = key.length; - k.flags = 0; - code = (*db->hdb_lock)(context, db, HDB_WLOCK); - if(code) - return code; - code = (*d->del)(d, NULL, &k, 0); - (*db->hdb_unlock)(context, db); - if(code == DB_NOTFOUND) - return HDB_ERR_NOENTRY; - if(code) - return code; - return 0; -} - -static krb5_error_code -DB_open(krb5_context context, HDB *db, int flags, mode_t mode) -{ - DBC *dbc = NULL; - char *fn; - krb5_error_code ret; - DB *d; - int myflags = 0; - - if (flags & O_CREAT) - myflags |= DB_CREATE; - - if (flags & O_EXCL) - myflags |= DB_EXCL; - - if((flags & O_ACCMODE) == O_RDONLY) - myflags |= DB_RDONLY; - - if (flags & O_TRUNC) - myflags |= DB_TRUNCATE; - - asprintf(&fn, "%s.db", db->hdb_name); - if (fn == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - db_create(&d, NULL, 0); - db->hdb_db = d; - -#if (DB_VERSION_MAJOR >= 4) && (DB_VERSION_MINOR >= 1) - ret = (*d->open)(db->hdb_db, NULL, fn, NULL, DB_BTREE, myflags, mode); -#else - ret = (*d->open)(db->hdb_db, fn, NULL, DB_BTREE, myflags, mode); -#endif - - if (ret == ENOENT) { - /* try to open without .db extension */ -#if (DB_VERSION_MAJOR >= 4) && (DB_VERSION_MINOR >= 1) - ret = (*d->open)(db->hdb_db, NULL, db->hdb_name, NULL, DB_BTREE, - myflags, mode); -#else - ret = (*d->open)(db->hdb_db, db->hdb_name, NULL, DB_BTREE, - myflags, mode); -#endif - } - - if (ret) { - free(fn); - krb5_set_error_string(context, "opening %s: %s", - db->hdb_name, strerror(ret)); - return ret; - } - free(fn); - - ret = (*d->cursor)(d, NULL, &dbc, 0); - if (ret) { - krb5_set_error_string(context, "d->cursor: %s", strerror(ret)); - return ret; - } - db->hdb_dbc = dbc; - - if((flags & O_ACCMODE) == O_RDONLY) - ret = hdb_check_db_format(context, db); - else - ret = hdb_init_db(context, db); - if(ret == HDB_ERR_NOENTRY) - return 0; - if (ret) { - DB_close(context, db); - krb5_set_error_string(context, "hdb_open: failed %s database %s", - (flags & O_ACCMODE) == O_RDONLY ? - "checking format of" : "initialize", - db->hdb_name); - } - - return ret; -} - -krb5_error_code -hdb_db_create(krb5_context context, HDB **db, - const char *filename) -{ - *db = calloc(1, sizeof(**db)); - if (*db == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - (*db)->hdb_db = NULL; - (*db)->hdb_name = strdup(filename); - if ((*db)->hdb_name == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - free(*db); - *db = NULL; - return ENOMEM; - } - (*db)->hdb_master_key_set = 0; - (*db)->hdb_openp = 0; - (*db)->hdb_open = DB_open; - (*db)->hdb_close = DB_close; - (*db)->hdb_fetch = _hdb_fetch; - (*db)->hdb_store = _hdb_store; - (*db)->hdb_remove = _hdb_remove; - (*db)->hdb_firstkey = DB_firstkey; - (*db)->hdb_nextkey= DB_nextkey; - (*db)->hdb_lock = DB_lock; - (*db)->hdb_unlock = DB_unlock; - (*db)->hdb_rename = DB_rename; - (*db)->hdb__get = DB__get; - (*db)->hdb__put = DB__put; - (*db)->hdb__del = DB__del; - (*db)->hdb_destroy = DB_destroy; - return 0; -} -#endif /* HAVE_DB3 */ diff --git a/crypto/heimdal/lib/hdb/dbinfo.c b/crypto/heimdal/lib/hdb/dbinfo.c deleted file mode 100644 index d43e31b39ad3..000000000000 --- a/crypto/heimdal/lib/hdb/dbinfo.c +++ /dev/null @@ -1,266 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hdb_locl.h" - -RCSID("$Id: dbinfo.c 22306 2007-12-14 12:22:38Z lha $"); - -struct hdb_dbinfo { - char *label; - char *realm; - char *dbname; - char *mkey_file; - char *acl_file; - char *log_file; - const krb5_config_binding *binding; - struct hdb_dbinfo *next; -}; - -static int -get_dbinfo(krb5_context context, - const krb5_config_binding *db_binding, - const char *label, - struct hdb_dbinfo **db) -{ - struct hdb_dbinfo *di; - const char *p; - - *db = NULL; - - p = krb5_config_get_string(context, db_binding, "dbname", NULL); - if(p == NULL) - return 0; - - di = calloc(1, sizeof(*di)); - if (di == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - di->label = strdup(label); - di->dbname = strdup(p); - - p = krb5_config_get_string(context, db_binding, "realm", NULL); - if(p) - di->realm = strdup(p); - p = krb5_config_get_string(context, db_binding, "mkey_file", NULL); - if(p) - di->mkey_file = strdup(p); - p = krb5_config_get_string(context, db_binding, "acl_file", NULL); - if(p) - di->acl_file = strdup(p); - p = krb5_config_get_string(context, db_binding, "log_file", NULL); - if(p) - di->log_file = strdup(p); - - di->binding = db_binding; - - *db = di; - return 0; -} - - -int -hdb_get_dbinfo(krb5_context context, struct hdb_dbinfo **dbp) -{ - const krb5_config_binding *db_binding; - struct hdb_dbinfo *di, **dt, *databases; - const char *default_dbname = HDB_DEFAULT_DB; - const char *default_mkey = HDB_DB_DIR "/m-key"; - const char *default_acl = HDB_DB_DIR "/kadmind.acl"; - const char *p; - int ret; - - *dbp = NULL; - dt = NULL; - databases = NULL; - - db_binding = krb5_config_get(context, NULL, krb5_config_list, - "kdc", - "database", - NULL); - if (db_binding) { - - ret = get_dbinfo(context, db_binding, "default", &di); - if (ret == 0 && di) { - databases = di; - dt = &di->next; - } - - for ( ; db_binding != NULL; db_binding = db_binding->next) { - - if (db_binding->type != krb5_config_list) - continue; - - ret = get_dbinfo(context, db_binding->u.list, - db_binding->name, &di); - if (ret) - krb5_err(context, 1, ret, "failed getting realm"); - - if (di == NULL) - continue; - - if (dt) - *dt = di; - else - databases = di; - dt = &di->next; - - } - } - - if(databases == NULL) { - /* if there are none specified, create one and use defaults */ - di = calloc(1, sizeof(*di)); - databases = di; - di->label = strdup("default"); - } - - for(di = databases; di; di = di->next) { - if(di->dbname == NULL) { - di->dbname = strdup(default_dbname); - if (di->mkey_file == NULL) - di->mkey_file = strdup(default_mkey); - } - if(di->mkey_file == NULL) { - p = strrchr(di->dbname, '.'); - if(p == NULL || strchr(p, '/') != NULL) - /* final pathname component does not contain a . */ - asprintf(&di->mkey_file, "%s.mkey", di->dbname); - else - /* the filename is something.else, replace .else with - .mkey */ - asprintf(&di->mkey_file, "%.*s.mkey", - (int)(p - di->dbname), di->dbname); - } - if(di->acl_file == NULL) - di->acl_file = strdup(default_acl); - } - *dbp = databases; - return 0; -} - - -struct hdb_dbinfo * -hdb_dbinfo_get_next(struct hdb_dbinfo *dbp, struct hdb_dbinfo *dbprevp) -{ - if (dbprevp == NULL) - return dbp; - else - return dbprevp->next; -} - -const char * -hdb_dbinfo_get_label(krb5_context context, struct hdb_dbinfo *dbp) -{ - return dbp->label; -} - -const char * -hdb_dbinfo_get_realm(krb5_context context, struct hdb_dbinfo *dbp) -{ - return dbp->realm; -} - -const char * -hdb_dbinfo_get_dbname(krb5_context context, struct hdb_dbinfo *dbp) -{ - return dbp->dbname; -} - -const char * -hdb_dbinfo_get_mkey_file(krb5_context context, struct hdb_dbinfo *dbp) -{ - return dbp->mkey_file; -} - -const char * -hdb_dbinfo_get_acl_file(krb5_context context, struct hdb_dbinfo *dbp) -{ - return dbp->acl_file; -} - -const char * -hdb_dbinfo_get_log_file(krb5_context context, struct hdb_dbinfo *dbp) -{ - return dbp->log_file; -} - -const krb5_config_binding * -hdb_dbinfo_get_binding(krb5_context context, struct hdb_dbinfo *dbp) -{ - return dbp->binding; -} - -void -hdb_free_dbinfo(krb5_context context, struct hdb_dbinfo **dbp) -{ - struct hdb_dbinfo *di, *ndi; - - for(di = *dbp; di != NULL; di = ndi) { - ndi = di->next; - free (di->realm); - free (di->dbname); - if (di->mkey_file) - free (di->mkey_file); - free(di); - } - *dbp = NULL; -} - -/** - * Return the directory where the hdb database resides. - * - * @param context Kerberos 5 context. - * - * @return string pointing to directory. - */ - -const char * -hdb_db_dir(krb5_context context) -{ - return HDB_DB_DIR; -} - -/** - * Return the default hdb database resides. - * - * @param context Kerberos 5 context. - * - * @return string pointing to directory. - */ - -const char * -hdb_default_db(krb5_context context) -{ - return HDB_DEFAULT_DB; -} diff --git a/crypto/heimdal/lib/hdb/ext.c b/crypto/heimdal/lib/hdb/ext.c deleted file mode 100644 index 5f60999946b8..000000000000 --- a/crypto/heimdal/lib/hdb/ext.c +++ /dev/null @@ -1,418 +0,0 @@ -/* - * Copyright (c) 2004 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hdb_locl.h" -#include - -RCSID("$Id: ext.c 21113 2007-06-18 12:59:32Z lha $"); - -krb5_error_code -hdb_entry_check_mandatory(krb5_context context, const hdb_entry *ent) -{ - int i; - - if (ent->extensions == NULL) - return 0; - - /* - * check for unknown extensions and if they where tagged mandatory - */ - - for (i = 0; i < ent->extensions->len; i++) { - if (ent->extensions->val[i].data.element != - choice_HDB_extension_data_asn1_ellipsis) - continue; - if (ent->extensions->val[i].mandatory) { - krb5_set_error_string(context, "Principal have unknown " - "mandatory extension"); - return HDB_ERR_MANDATORY_OPTION; - } - } - return 0; -} - -HDB_extension * -hdb_find_extension(const hdb_entry *entry, int type) -{ - int i; - - if (entry->extensions == NULL) - return NULL; - - for (i = 0; i < entry->extensions->len; i++) - if (entry->extensions->val[i].data.element == type) - return &entry->extensions->val[i]; - return NULL; -} - -/* - * Replace the extension `ext' in `entry'. Make a copy of the - * extension, so the caller must still free `ext' on both success and - * failure. Returns 0 or error code. - */ - -krb5_error_code -hdb_replace_extension(krb5_context context, - hdb_entry *entry, - const HDB_extension *ext) -{ - HDB_extension *ext2; - HDB_extension *es; - int ret; - - ext2 = NULL; - - if (entry->extensions == NULL) { - entry->extensions = calloc(1, sizeof(*entry->extensions)); - if (entry->extensions == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - } else if (ext->data.element != choice_HDB_extension_data_asn1_ellipsis) { - ext2 = hdb_find_extension(entry, ext->data.element); - } else { - /* - * This is an unknown extention, and we are asked to replace a - * possible entry in `entry' that is of the same type. This - * might seem impossible, but ASN.1 CHOICE comes to our - * rescue. The first tag in each branch in the CHOICE is - * unique, so just find the element in the list that have the - * same tag was we are putting into the list. - */ - Der_class replace_class, list_class; - Der_type replace_type, list_type; - unsigned int replace_tag, list_tag; - size_t size; - int i; - - ret = der_get_tag(ext->data.u.asn1_ellipsis.data, - ext->data.u.asn1_ellipsis.length, - &replace_class, &replace_type, &replace_tag, - &size); - if (ret) { - krb5_set_error_string(context, "hdb: failed to decode " - "replacement hdb extention"); - return ret; - } - - for (i = 0; i < entry->extensions->len; i++) { - HDB_extension *ext3 = &entry->extensions->val[i]; - - if (ext3->data.element != choice_HDB_extension_data_asn1_ellipsis) - continue; - - ret = der_get_tag(ext3->data.u.asn1_ellipsis.data, - ext3->data.u.asn1_ellipsis.length, - &list_class, &list_type, &list_tag, - &size); - if (ret) { - krb5_set_error_string(context, "hdb: failed to decode " - "present hdb extention"); - return ret; - } - - if (MAKE_TAG(replace_class,replace_type,replace_type) == - MAKE_TAG(list_class,list_type,list_type)) { - ext2 = ext3; - break; - } - } - } - - if (ext2) { - free_HDB_extension(ext2); - ret = copy_HDB_extension(ext, ext2); - if (ret) - krb5_set_error_string(context, "hdb: failed to copy replacement " - "hdb extention"); - return ret; - } - - es = realloc(entry->extensions->val, - (entry->extensions->len+1)*sizeof(entry->extensions->val[0])); - if (es == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - entry->extensions->val = es; - - ret = copy_HDB_extension(ext, - &entry->extensions->val[entry->extensions->len]); - if (ret == 0) - entry->extensions->len++; - else - krb5_set_error_string(context, "hdb: failed to copy new extension"); - - return ret; -} - -krb5_error_code -hdb_clear_extension(krb5_context context, - hdb_entry *entry, - int type) -{ - int i; - - if (entry->extensions == NULL) - return 0; - - for (i = 0; i < entry->extensions->len; i++) { - if (entry->extensions->val[i].data.element == type) { - free_HDB_extension(&entry->extensions->val[i]); - memmove(&entry->extensions->val[i], - &entry->extensions->val[i + 1], - sizeof(entry->extensions->val[i]) * (entry->extensions->len - i - 1)); - entry->extensions->len--; - } - } - if (entry->extensions->len == 0) { - free(entry->extensions->val); - free(entry->extensions); - entry->extensions = NULL; - } - - return 0; -} - - -krb5_error_code -hdb_entry_get_pkinit_acl(const hdb_entry *entry, const HDB_Ext_PKINIT_acl **a) -{ - const HDB_extension *ext; - - ext = hdb_find_extension(entry, choice_HDB_extension_data_pkinit_acl); - if (ext) - *a = &ext->data.u.pkinit_acl; - else - *a = NULL; - - return 0; -} - -krb5_error_code -hdb_entry_get_pkinit_hash(const hdb_entry *entry, const HDB_Ext_PKINIT_hash **a) -{ - const HDB_extension *ext; - - ext = hdb_find_extension(entry, choice_HDB_extension_data_pkinit_cert_hash); - if (ext) - *a = &ext->data.u.pkinit_cert_hash; - else - *a = NULL; - - return 0; -} - -krb5_error_code -hdb_entry_get_pw_change_time(const hdb_entry *entry, time_t *t) -{ - const HDB_extension *ext; - - ext = hdb_find_extension(entry, choice_HDB_extension_data_last_pw_change); - if (ext) - *t = ext->data.u.last_pw_change; - else - *t = 0; - - return 0; -} - -krb5_error_code -hdb_entry_set_pw_change_time(krb5_context context, - hdb_entry *entry, - time_t t) -{ - HDB_extension ext; - - ext.mandatory = FALSE; - ext.data.element = choice_HDB_extension_data_last_pw_change; - if (t == 0) - t = time(NULL); - ext.data.u.last_pw_change = t; - - return hdb_replace_extension(context, entry, &ext); -} - -int -hdb_entry_get_password(krb5_context context, HDB *db, - const hdb_entry *entry, char **p) -{ - HDB_extension *ext; - char *str; - int ret; - - ext = hdb_find_extension(entry, choice_HDB_extension_data_password); - if (ext) { - heim_utf8_string str; - heim_octet_string pw; - - if (db->hdb_master_key_set && ext->data.u.password.mkvno) { - hdb_master_key key; - - key = _hdb_find_master_key(ext->data.u.password.mkvno, - db->hdb_master_key); - - if (key == NULL) { - krb5_set_error_string(context, "master key %d missing", - *ext->data.u.password.mkvno); - return HDB_ERR_NO_MKEY; - } - - ret = _hdb_mkey_decrypt(context, key, HDB_KU_MKEY, - ext->data.u.password.password.data, - ext->data.u.password.password.length, - &pw); - } else { - ret = der_copy_octet_string(&ext->data.u.password.password, &pw); - } - if (ret) { - krb5_clear_error_string(context); - return ret; - } - - str = pw.data; - if (str[pw.length - 1] != '\0') { - krb5_set_error_string(context, "password malformated"); - return EINVAL; - } - - *p = strdup(str); - - der_free_octet_string(&pw); - if (*p == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - return 0; - } - - ret = krb5_unparse_name(context, entry->principal, &str); - if (ret == 0) { - krb5_set_error_string(context, "no password attributefor %s", str); - free(str); - } else - krb5_clear_error_string(context); - - return ENOENT; -} - -int -hdb_entry_set_password(krb5_context context, HDB *db, - hdb_entry *entry, const char *p) -{ - HDB_extension ext; - hdb_master_key key; - int ret; - - ext.mandatory = FALSE; - ext.data.element = choice_HDB_extension_data_password; - - if (db->hdb_master_key_set) { - - key = _hdb_find_master_key(NULL, db->hdb_master_key); - if (key == NULL) { - krb5_set_error_string(context, "hdb_entry_set_password: " - "failed to find masterkey"); - return HDB_ERR_NO_MKEY; - } - - ret = _hdb_mkey_encrypt(context, key, HDB_KU_MKEY, - p, strlen(p) + 1, - &ext.data.u.password.password); - if (ret) - return ret; - - ext.data.u.password.mkvno = - malloc(sizeof(*ext.data.u.password.mkvno)); - if (ext.data.u.password.mkvno == NULL) { - free_HDB_extension(&ext); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - *ext.data.u.password.mkvno = _hdb_mkey_version(key); - - } else { - ext.data.u.password.mkvno = NULL; - - ret = krb5_data_copy(&ext.data.u.password.password, - p, strlen(p) + 1); - if (ret) { - krb5_set_error_string(context, "malloc: out of memory"); - free_HDB_extension(&ext); - return ret; - } - } - - ret = hdb_replace_extension(context, entry, &ext); - - free_HDB_extension(&ext); - - return ret; -} - -int -hdb_entry_clear_password(krb5_context context, hdb_entry *entry) -{ - return hdb_clear_extension(context, entry, - choice_HDB_extension_data_password); -} - -krb5_error_code -hdb_entry_get_ConstrainedDelegACL(const hdb_entry *entry, - const HDB_Ext_Constrained_delegation_acl **a) -{ - const HDB_extension *ext; - - ext = hdb_find_extension(entry, - choice_HDB_extension_data_allowed_to_delegate_to); - if (ext) - *a = &ext->data.u.allowed_to_delegate_to; - else - *a = NULL; - - return 0; -} - -krb5_error_code -hdb_entry_get_aliases(const hdb_entry *entry, const HDB_Ext_Aliases **a) -{ - const HDB_extension *ext; - - ext = hdb_find_extension(entry, choice_HDB_extension_data_aliases); - if (ext) - *a = &ext->data.u.aliases; - else - *a = NULL; - - return 0; -} diff --git a/crypto/heimdal/lib/hdb/hdb-ldap.c b/crypto/heimdal/lib/hdb/hdb-ldap.c deleted file mode 100644 index c9f3d37cd339..000000000000 --- a/crypto/heimdal/lib/hdb/hdb-ldap.c +++ /dev/null @@ -1,1829 +0,0 @@ -/* - * Copyright (c) 1999-2001, 2003, PADL Software Pty Ltd. - * Copyright (c) 2004, Andrew Bartlett. - * Copyright (c) 2003 - 2007, Kungliga Tekniska Högskolan. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hdb_locl.h" - -RCSID("$Id: hdb-ldap.c 22071 2007-11-14 20:04:50Z lha $"); - -#ifdef OPENLDAP - -#include -#include -#include -#include - -static krb5_error_code LDAP__connect(krb5_context context, HDB *); -static krb5_error_code LDAP_close(krb5_context context, HDB *); - -static krb5_error_code -LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, - hdb_entry_ex * ent); - -static const char *default_structural_object = "account"; -static char *structural_object; -static krb5_boolean samba_forwardable; - -struct hdbldapdb { - LDAP *h_lp; - int h_msgid; - char *h_base; - char *h_url; - char *h_createbase; -}; - -#define HDB2LDAP(db) (((struct hdbldapdb *)(db)->hdb_db)->h_lp) -#define HDB2MSGID(db) (((struct hdbldapdb *)(db)->hdb_db)->h_msgid) -#define HDBSETMSGID(db,msgid) \ - do { ((struct hdbldapdb *)(db)->hdb_db)->h_msgid = msgid; } while(0) -#define HDB2BASE(dn) (((struct hdbldapdb *)(db)->hdb_db)->h_base) -#define HDB2URL(dn) (((struct hdbldapdb *)(db)->hdb_db)->h_url) -#define HDB2CREATE(db) (((struct hdbldapdb *)(db)->hdb_db)->h_createbase) - -/* - * - */ - -static char * krb5kdcentry_attrs[] = { - "cn", - "createTimestamp", - "creatorsName", - "krb5EncryptionType", - "krb5KDCFlags", - "krb5Key", - "krb5KeyVersionNumber", - "krb5MaxLife", - "krb5MaxRenew", - "krb5PasswordEnd", - "krb5PrincipalName", - "krb5PrincipalRealm", - "krb5ValidEnd", - "krb5ValidStart", - "modifiersName", - "modifyTimestamp", - "objectClass", - "sambaAcctFlags", - "sambaKickoffTime", - "sambaNTPassword", - "sambaPwdLastSet", - "sambaPwdMustChange", - "uid", - NULL -}; - -static char *krb5principal_attrs[] = { - "cn", - "createTimestamp", - "creatorsName", - "krb5PrincipalName", - "krb5PrincipalRealm", - "modifiersName", - "modifyTimestamp", - "objectClass", - "uid", - NULL -}; - -static int -LDAP_no_size_limit(krb5_context context, LDAP *lp) -{ - int ret, limit = LDAP_NO_LIMIT; - - ret = ldap_set_option(lp, LDAP_OPT_SIZELIMIT, (const void *)&limit); - if (ret != LDAP_SUCCESS) { - krb5_set_error_string(context, "ldap_set_option: %s", - ldap_err2string(ret)); - return HDB_ERR_BADVERSION; - } - return 0; -} - -static int -check_ldap(krb5_context context, HDB *db, int ret) -{ - switch (ret) { - case LDAP_SUCCESS: - return 0; - case LDAP_SERVER_DOWN: - LDAP_close(context, db); - return 1; - default: - return 1; - } -} - -static krb5_error_code -LDAP__setmod(LDAPMod *** modlist, int modop, const char *attribute, - int *pIndex) -{ - int cMods; - - if (*modlist == NULL) { - *modlist = (LDAPMod **)ber_memcalloc(1, sizeof(LDAPMod *)); - if (*modlist == NULL) - return ENOMEM; - } - - for (cMods = 0; (*modlist)[cMods] != NULL; cMods++) { - if ((*modlist)[cMods]->mod_op == modop && - strcasecmp((*modlist)[cMods]->mod_type, attribute) == 0) { - break; - } - } - - *pIndex = cMods; - - if ((*modlist)[cMods] == NULL) { - LDAPMod *mod; - - *modlist = (LDAPMod **)ber_memrealloc(*modlist, - (cMods + 2) * sizeof(LDAPMod *)); - if (*modlist == NULL) - return ENOMEM; - - (*modlist)[cMods] = (LDAPMod *)ber_memalloc(sizeof(LDAPMod)); - if ((*modlist)[cMods] == NULL) - return ENOMEM; - - mod = (*modlist)[cMods]; - mod->mod_op = modop; - mod->mod_type = ber_strdup(attribute); - if (mod->mod_type == NULL) { - ber_memfree(mod); - (*modlist)[cMods] = NULL; - return ENOMEM; - } - - if (modop & LDAP_MOD_BVALUES) { - mod->mod_bvalues = NULL; - } else { - mod->mod_values = NULL; - } - - (*modlist)[cMods + 1] = NULL; - } - - return 0; -} - -static krb5_error_code -LDAP_addmod_len(LDAPMod *** modlist, int modop, const char *attribute, - unsigned char *value, size_t len) -{ - krb5_error_code ret; - int cMods, i = 0; - - ret = LDAP__setmod(modlist, modop | LDAP_MOD_BVALUES, attribute, &cMods); - if (ret) - return ret; - - if (value != NULL) { - struct berval **bv; - - bv = (*modlist)[cMods]->mod_bvalues; - if (bv != NULL) { - for (i = 0; bv[i] != NULL; i++) - ; - bv = ber_memrealloc(bv, (i + 2) * sizeof(*bv)); - } else - bv = ber_memalloc(2 * sizeof(*bv)); - if (bv == NULL) - return ENOMEM; - - (*modlist)[cMods]->mod_bvalues = bv; - - bv[i] = ber_memalloc(sizeof(*bv));; - if (bv[i] == NULL) - return ENOMEM; - - bv[i]->bv_val = (void *)value; - bv[i]->bv_len = len; - - bv[i + 1] = NULL; - } - - return 0; -} - -static krb5_error_code -LDAP_addmod(LDAPMod *** modlist, int modop, const char *attribute, - const char *value) -{ - int cMods, i = 0; - krb5_error_code ret; - - ret = LDAP__setmod(modlist, modop, attribute, &cMods); - if (ret) - return ret; - - if (value != NULL) { - char **bv; - - bv = (*modlist)[cMods]->mod_values; - if (bv != NULL) { - for (i = 0; bv[i] != NULL; i++) - ; - bv = ber_memrealloc(bv, (i + 2) * sizeof(*bv)); - } else - bv = ber_memalloc(2 * sizeof(*bv)); - if (bv == NULL) - return ENOMEM; - - (*modlist)[cMods]->mod_values = bv; - - bv[i] = ber_strdup(value); - if (bv[i] == NULL) - return ENOMEM; - - bv[i + 1] = NULL; - } - - return 0; -} - -static krb5_error_code -LDAP_addmod_generalized_time(LDAPMod *** mods, int modop, - const char *attribute, KerberosTime * time) -{ - char buf[22]; - struct tm *tm; - - /* XXX not threadsafe */ - tm = gmtime(time); - strftime(buf, sizeof(buf), "%Y%m%d%H%M%SZ", tm); - - return LDAP_addmod(mods, modop, attribute, buf); -} - -static krb5_error_code -LDAP_addmod_integer(krb5_context context, - LDAPMod *** mods, int modop, - const char *attribute, unsigned long l) -{ - krb5_error_code ret; - char *buf; - - ret = asprintf(&buf, "%ld", l); - if (ret < 0) { - krb5_set_error_string(context, "asprintf: out of memory:"); - return ret; - } - ret = LDAP_addmod(mods, modop, attribute, buf); - free (buf); - return ret; -} - -static krb5_error_code -LDAP_get_string_value(HDB * db, LDAPMessage * entry, - const char *attribute, char **ptr) -{ - char **vals; - int ret; - - vals = ldap_get_values(HDB2LDAP(db), entry, (char *) attribute); - if (vals == NULL) { - *ptr = NULL; - return HDB_ERR_NOENTRY; - } - - *ptr = strdup(vals[0]); - if (*ptr == NULL) - ret = ENOMEM; - else - ret = 0; - - ldap_value_free(vals); - - return ret; -} - -static krb5_error_code -LDAP_get_integer_value(HDB * db, LDAPMessage * entry, - const char *attribute, int *ptr) -{ - char **vals; - - vals = ldap_get_values(HDB2LDAP(db), entry, (char *) attribute); - if (vals == NULL) - return HDB_ERR_NOENTRY; - - *ptr = atoi(vals[0]); - ldap_value_free(vals); - return 0; -} - -static krb5_error_code -LDAP_get_generalized_time_value(HDB * db, LDAPMessage * entry, - const char *attribute, KerberosTime * kt) -{ - char *tmp, *gentime; - struct tm tm; - int ret; - - *kt = 0; - - ret = LDAP_get_string_value(db, entry, attribute, &gentime); - if (ret) - return ret; - - tmp = strptime(gentime, "%Y%m%d%H%M%SZ", &tm); - if (tmp == NULL) { - free(gentime); - return HDB_ERR_NOENTRY; - } - - free(gentime); - - *kt = timegm(&tm); - - return 0; -} - -static krb5_error_code -LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry_ex * ent, - LDAPMessage * msg, LDAPMod *** pmods) -{ - krb5_error_code ret; - krb5_boolean is_new_entry; - char *tmp = NULL; - LDAPMod **mods = NULL; - hdb_entry_ex orig; - unsigned long oflags, nflags; - int i; - - krb5_boolean is_samba_account = FALSE; - krb5_boolean is_account = FALSE; - krb5_boolean is_heimdal_entry = FALSE; - krb5_boolean is_heimdal_principal = FALSE; - - char **values; - - *pmods = NULL; - - if (msg != NULL) { - - ret = LDAP_message2entry(context, db, msg, &orig); - if (ret) - goto out; - - is_new_entry = FALSE; - - values = ldap_get_values(HDB2LDAP(db), msg, "objectClass"); - if (values) { - int num_objectclasses = ldap_count_values(values); - for (i=0; i < num_objectclasses; i++) { - if (strcasecmp(values[i], "sambaSamAccount") == 0) { - is_samba_account = TRUE; - } else if (strcasecmp(values[i], structural_object) == 0) { - is_account = TRUE; - } else if (strcasecmp(values[i], "krb5Principal") == 0) { - is_heimdal_principal = TRUE; - } else if (strcasecmp(values[i], "krb5KDCEntry") == 0) { - is_heimdal_entry = TRUE; - } - } - ldap_value_free(values); - } - - /* - * If this is just a "account" entry and no other objectclass - * is hanging on this entry, it's really a new entry. - */ - if (is_samba_account == FALSE && is_heimdal_principal == FALSE && - is_heimdal_entry == FALSE) { - if (is_account == TRUE) { - is_new_entry = TRUE; - } else { - ret = HDB_ERR_NOENTRY; - goto out; - } - } - } else - is_new_entry = TRUE; - - if (is_new_entry) { - - /* to make it perfectly obvious we're depending on - * orig being intiialized to zero */ - memset(&orig, 0, sizeof(orig)); - - ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "objectClass", "top"); - if (ret) - goto out; - - /* account is the structural object class */ - if (is_account == FALSE) { - ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "objectClass", - structural_object); - is_account = TRUE; - if (ret) - goto out; - } - - ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "objectClass", "krb5Principal"); - is_heimdal_principal = TRUE; - if (ret) - goto out; - - ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "objectClass", "krb5KDCEntry"); - is_heimdal_entry = TRUE; - if (ret) - goto out; - } - - if (is_new_entry || - krb5_principal_compare(context, ent->entry.principal, orig.entry.principal) - == FALSE) - { - if (is_heimdal_principal || is_heimdal_entry) { - - ret = krb5_unparse_name(context, ent->entry.principal, &tmp); - if (ret) - goto out; - - ret = LDAP_addmod(&mods, LDAP_MOD_REPLACE, - "krb5PrincipalName", tmp); - if (ret) { - free(tmp); - goto out; - } - free(tmp); - } - - if (is_account || is_samba_account) { - ret = krb5_unparse_name_short(context, ent->entry.principal, &tmp); - if (ret) - goto out; - ret = LDAP_addmod(&mods, LDAP_MOD_REPLACE, "uid", tmp); - if (ret) { - free(tmp); - goto out; - } - free(tmp); - } - } - - if (is_heimdal_entry && (ent->entry.kvno != orig.entry.kvno || is_new_entry)) { - ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_REPLACE, - "krb5KeyVersionNumber", - ent->entry.kvno); - if (ret) - goto out; - } - - if (is_heimdal_entry && ent->entry.valid_start) { - if (orig.entry.valid_end == NULL - || (*(ent->entry.valid_start) != *(orig.entry.valid_start))) { - ret = LDAP_addmod_generalized_time(&mods, LDAP_MOD_REPLACE, - "krb5ValidStart", - ent->entry.valid_start); - if (ret) - goto out; - } - } - - if (ent->entry.valid_end) { - if (orig.entry.valid_end == NULL || (*(ent->entry.valid_end) != *(orig.entry.valid_end))) { - if (is_heimdal_entry) { - ret = LDAP_addmod_generalized_time(&mods, LDAP_MOD_REPLACE, - "krb5ValidEnd", - ent->entry.valid_end); - if (ret) - goto out; - } - if (is_samba_account) { - ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_REPLACE, - "sambaKickoffTime", - *(ent->entry.valid_end)); - if (ret) - goto out; - } - } - } - - if (ent->entry.pw_end) { - if (orig.entry.pw_end == NULL || (*(ent->entry.pw_end) != *(orig.entry.pw_end))) { - if (is_heimdal_entry) { - ret = LDAP_addmod_generalized_time(&mods, LDAP_MOD_REPLACE, - "krb5PasswordEnd", - ent->entry.pw_end); - if (ret) - goto out; - } - - if (is_samba_account) { - ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_REPLACE, - "sambaPwdMustChange", - *(ent->entry.pw_end)); - if (ret) - goto out; - } - } - } - - -#if 0 /* we we have last_pw_change */ - if (is_samba_account && ent->entry.last_pw_change) { - if (orig.entry.last_pw_change == NULL || (*(ent->entry.last_pw_change) != *(orig.entry.last_pw_change))) { - ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_REPLACE, - "sambaPwdLastSet", - *(ent->entry.last_pw_change)); - if (ret) - goto out; - } - } -#endif - - if (is_heimdal_entry && ent->entry.max_life) { - if (orig.entry.max_life == NULL - || (*(ent->entry.max_life) != *(orig.entry.max_life))) { - - ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_REPLACE, - "krb5MaxLife", - *(ent->entry.max_life)); - if (ret) - goto out; - } - } - - if (is_heimdal_entry && ent->entry.max_renew) { - if (orig.entry.max_renew == NULL - || (*(ent->entry.max_renew) != *(orig.entry.max_renew))) { - - ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_REPLACE, - "krb5MaxRenew", - *(ent->entry.max_renew)); - if (ret) - goto out; - } - } - - oflags = HDBFlags2int(orig.entry.flags); - nflags = HDBFlags2int(ent->entry.flags); - - if (is_heimdal_entry && oflags != nflags) { - - ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_REPLACE, - "krb5KDCFlags", - nflags); - if (ret) - goto out; - } - - /* Remove keys if they exists, and then replace keys. */ - if (!is_new_entry && orig.entry.keys.len > 0) { - values = ldap_get_values(HDB2LDAP(db), msg, "krb5Key"); - if (values) { - ldap_value_free(values); - - ret = LDAP_addmod(&mods, LDAP_MOD_DELETE, "krb5Key", NULL); - if (ret) - goto out; - } - } - - for (i = 0; i < ent->entry.keys.len; i++) { - - if (is_samba_account - && ent->entry.keys.val[i].key.keytype == ETYPE_ARCFOUR_HMAC_MD5) { - char *ntHexPassword; - char *nt; - - /* the key might have been 'sealed', but samba passwords - are clear in the directory */ - ret = hdb_unseal_key(context, db, &ent->entry.keys.val[i]); - if (ret) - goto out; - - nt = ent->entry.keys.val[i].key.keyvalue.data; - /* store in ntPassword, not krb5key */ - ret = hex_encode(nt, 16, &ntHexPassword); - if (ret < 0) { - krb5_set_error_string(context, "hdb-ldap: failed to " - "hex encode key"); - ret = ENOMEM; - goto out; - } - ret = LDAP_addmod(&mods, LDAP_MOD_REPLACE, "sambaNTPassword", - ntHexPassword); - free(ntHexPassword); - if (ret) - goto out; - - /* have to kill the LM passwod if it exists */ - values = ldap_get_values(HDB2LDAP(db), msg, "sambaLMPassword"); - if (values) { - ldap_value_free(values); - ret = LDAP_addmod(&mods, LDAP_MOD_DELETE, - "sambaLMPassword", NULL); - if (ret) - goto out; - } - - } else if (is_heimdal_entry) { - unsigned char *buf; - size_t len, buf_size; - - ASN1_MALLOC_ENCODE(Key, buf, buf_size, &ent->entry.keys.val[i], &len, ret); - if (ret) - goto out; - if(buf_size != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - - /* addmod_len _owns_ the key, doesn't need to copy it */ - ret = LDAP_addmod_len(&mods, LDAP_MOD_ADD, "krb5Key", buf, len); - if (ret) - goto out; - } - } - - if (ent->entry.etypes) { - int add_krb5EncryptionType = 0; - - /* - * Only add/modify krb5EncryptionType if it's a new heimdal - * entry or krb5EncryptionType already exists on the entry. - */ - - if (!is_new_entry) { - values = ldap_get_values(HDB2LDAP(db), msg, "krb5EncryptionType"); - if (values) { - ldap_value_free(values); - ret = LDAP_addmod(&mods, LDAP_MOD_DELETE, "krb5EncryptionType", - NULL); - if (ret) - goto out; - add_krb5EncryptionType = 1; - } - } else if (is_heimdal_entry) - add_krb5EncryptionType = 1; - - if (add_krb5EncryptionType) { - for (i = 0; i < ent->entry.etypes->len; i++) { - if (is_samba_account && - ent->entry.keys.val[i].key.keytype == ETYPE_ARCFOUR_HMAC_MD5) - { - ; - } else if (is_heimdal_entry) { - ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_ADD, - "krb5EncryptionType", - ent->entry.etypes->val[i]); - if (ret) - goto out; - } - } - } - } - - /* for clarity */ - ret = 0; - - out: - - if (ret == 0) - *pmods = mods; - else if (mods != NULL) { - ldap_mods_free(mods, 1); - *pmods = NULL; - } - - if (msg) - hdb_free_entry(context, &orig); - - return ret; -} - -static krb5_error_code -LDAP_dn2principal(krb5_context context, HDB * db, const char *dn, - krb5_principal * principal) -{ - krb5_error_code ret; - int rc; - const char *filter = "(objectClass=krb5Principal)"; - char **values; - LDAPMessage *res = NULL, *e; - - ret = LDAP_no_size_limit(context, HDB2LDAP(db)); - if (ret) - goto out; - - rc = ldap_search_s(HDB2LDAP(db), dn, LDAP_SCOPE_SUBTREE, - filter, krb5principal_attrs, - 0, &res); - if (check_ldap(context, db, rc)) { - krb5_set_error_string(context, "ldap_search_s: filter: %s error: %s", - filter, ldap_err2string(rc)); - ret = HDB_ERR_NOENTRY; - goto out; - } - - e = ldap_first_entry(HDB2LDAP(db), res); - if (e == NULL) { - ret = HDB_ERR_NOENTRY; - goto out; - } - - values = ldap_get_values(HDB2LDAP(db), e, "krb5PrincipalName"); - if (values == NULL) { - ret = HDB_ERR_NOENTRY; - goto out; - } - - ret = krb5_parse_name(context, values[0], principal); - ldap_value_free(values); - - out: - if (res) - ldap_msgfree(res); - - return ret; -} - -static krb5_error_code -LDAP__lookup_princ(krb5_context context, - HDB *db, - const char *princname, - const char *userid, - LDAPMessage **msg) -{ - krb5_error_code ret; - int rc; - char *filter = NULL; - - ret = LDAP__connect(context, db); - if (ret) - return ret; - - rc = asprintf(&filter, - "(&(objectClass=krb5Principal)(krb5PrincipalName=%s))", - princname); - if (rc < 0) { - krb5_set_error_string(context, "asprintf: out of memory"); - ret = ENOMEM; - goto out; - } - - ret = LDAP_no_size_limit(context, HDB2LDAP(db)); - if (ret) - goto out; - - rc = ldap_search_s(HDB2LDAP(db), HDB2BASE(db), LDAP_SCOPE_SUBTREE, filter, - krb5kdcentry_attrs, 0, msg); - if (check_ldap(context, db, rc)) { - krb5_set_error_string(context, "ldap_search_s: filter: %s - error: %s", - filter, ldap_err2string(rc)); - ret = HDB_ERR_NOENTRY; - goto out; - } - - if (userid && ldap_count_entries(HDB2LDAP(db), *msg) == 0) { - free(filter); - filter = NULL; - ldap_msgfree(*msg); - *msg = NULL; - - rc = asprintf(&filter, - "(&(|(objectClass=sambaSamAccount)(objectClass=%s))(uid=%s))", - structural_object, userid); - if (rc < 0) { - krb5_set_error_string(context, "asprintf: out of memory"); - ret = ENOMEM; - goto out; - } - - ret = LDAP_no_size_limit(context, HDB2LDAP(db)); - if (ret) - goto out; - - rc = ldap_search_s(HDB2LDAP(db), HDB2BASE(db), LDAP_SCOPE_SUBTREE, - filter, krb5kdcentry_attrs, 0, msg); - if (check_ldap(context, db, rc)) { - krb5_set_error_string(context, - "ldap_search_s: filter: %s error: %s", - filter, ldap_err2string(rc)); - ret = HDB_ERR_NOENTRY; - goto out; - } - } - - ret = 0; - - out: - if (filter) - free(filter); - - return ret; -} - -static krb5_error_code -LDAP_principal2message(krb5_context context, HDB * db, - krb5_const_principal princ, LDAPMessage ** msg) -{ - char *name, *name_short = NULL; - krb5_error_code ret; - krb5_realm *r, *r0; - - *msg = NULL; - - ret = krb5_unparse_name(context, princ, &name); - if (ret) - return ret; - - ret = krb5_get_default_realms(context, &r0); - if(ret) { - free(name); - return ret; - } - for (r = r0; *r != NULL; r++) { - if(strcmp(krb5_principal_get_realm(context, princ), *r) == 0) { - ret = krb5_unparse_name_short(context, princ, &name_short); - if (ret) { - krb5_free_host_realm(context, r0); - free(name); - return ret; - } - break; - } - } - krb5_free_host_realm(context, r0); - - ret = LDAP__lookup_princ(context, db, name, name_short, msg); - free(name); - free(name_short); - - return ret; -} - -/* - * Construct an hdb_entry from a directory entry. - */ -static krb5_error_code -LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, - hdb_entry_ex * ent) -{ - char *unparsed_name = NULL, *dn = NULL, *ntPasswordIN = NULL; - char *samba_acct_flags = NULL; - unsigned long tmp; - struct berval **keys; - char **values; - int tmp_time, i, ret, have_arcfour = 0; - - memset(ent, 0, sizeof(*ent)); - ent->entry.flags = int2HDBFlags(0); - - ret = LDAP_get_string_value(db, msg, "krb5PrincipalName", &unparsed_name); - if (ret == 0) { - ret = krb5_parse_name(context, unparsed_name, &ent->entry.principal); - if (ret) - goto out; - } else { - ret = LDAP_get_string_value(db, msg, "uid", - &unparsed_name); - if (ret == 0) { - ret = krb5_parse_name(context, unparsed_name, &ent->entry.principal); - if (ret) - goto out; - } else { - krb5_set_error_string(context, "hdb-ldap: ldap entry missing" - "principal name"); - return HDB_ERR_NOENTRY; - } - } - - { - int integer; - ret = LDAP_get_integer_value(db, msg, "krb5KeyVersionNumber", - &integer); - if (ret) - ent->entry.kvno = 0; - else - ent->entry.kvno = integer; - } - - keys = ldap_get_values_len(HDB2LDAP(db), msg, "krb5Key"); - if (keys != NULL) { - int i; - size_t l; - - ent->entry.keys.len = ldap_count_values_len(keys); - ent->entry.keys.val = (Key *) calloc(ent->entry.keys.len, sizeof(Key)); - if (ent->entry.keys.val == NULL) { - krb5_set_error_string(context, "calloc: out of memory"); - ret = ENOMEM; - goto out; - } - for (i = 0; i < ent->entry.keys.len; i++) { - decode_Key((unsigned char *) keys[i]->bv_val, - (size_t) keys[i]->bv_len, &ent->entry.keys.val[i], &l); - } - ber_bvecfree(keys); - } else { -#if 1 - /* - * This violates the ASN1 but it allows a principal to - * be related to a general directory entry without creating - * the keys. Hopefully it's OK. - */ - ent->entry.keys.len = 0; - ent->entry.keys.val = NULL; -#else - ret = HDB_ERR_NOENTRY; - goto out; -#endif - } - - values = ldap_get_values(HDB2LDAP(db), msg, "krb5EncryptionType"); - if (values != NULL) { - int i; - - ent->entry.etypes = malloc(sizeof(*(ent->entry.etypes))); - if (ent->entry.etypes == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - ent->entry.etypes->len = ldap_count_values(values); - ent->entry.etypes->val = calloc(ent->entry.etypes->len, sizeof(int)); - if (ent->entry.etypes->val == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - for (i = 0; i < ent->entry.etypes->len; i++) { - ent->entry.etypes->val[i] = atoi(values[i]); - } - ldap_value_free(values); - } - - for (i = 0; i < ent->entry.keys.len; i++) { - if (ent->entry.keys.val[i].key.keytype == ETYPE_ARCFOUR_HMAC_MD5) { - have_arcfour = 1; - break; - } - } - - /* manually construct the NT (type 23) key */ - ret = LDAP_get_string_value(db, msg, "sambaNTPassword", &ntPasswordIN); - if (ret == 0 && have_arcfour == 0) { - unsigned *etypes; - Key *keys; - int i; - - keys = realloc(ent->entry.keys.val, - (ent->entry.keys.len + 1) * sizeof(ent->entry.keys.val[0])); - if (keys == NULL) { - free(ntPasswordIN); - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - ent->entry.keys.val = keys; - memset(&ent->entry.keys.val[ent->entry.keys.len], 0, sizeof(Key)); - ent->entry.keys.val[ent->entry.keys.len].key.keytype = ETYPE_ARCFOUR_HMAC_MD5; - ret = krb5_data_alloc (&ent->entry.keys.val[ent->entry.keys.len].key.keyvalue, 16); - if (ret) { - krb5_set_error_string(context, "malloc: out of memory"); - free(ntPasswordIN); - ret = ENOMEM; - goto out; - } - ret = hex_decode(ntPasswordIN, - ent->entry.keys.val[ent->entry.keys.len].key.keyvalue.data, 16); - ent->entry.keys.len++; - - if (ent->entry.etypes == NULL) { - ent->entry.etypes = malloc(sizeof(*(ent->entry.etypes))); - if (ent->entry.etypes == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - ent->entry.etypes->val = NULL; - ent->entry.etypes->len = 0; - } - - for (i = 0; i < ent->entry.etypes->len; i++) - if (ent->entry.etypes->val[i] == ETYPE_ARCFOUR_HMAC_MD5) - break; - /* If there is no ARCFOUR enctype, add one */ - if (i == ent->entry.etypes->len) { - etypes = realloc(ent->entry.etypes->val, - (ent->entry.etypes->len + 1) * - sizeof(ent->entry.etypes->val[0])); - if (etypes == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - ent->entry.etypes->val = etypes; - ent->entry.etypes->val[ent->entry.etypes->len] = - ETYPE_ARCFOUR_HMAC_MD5; - ent->entry.etypes->len++; - } - } - - ret = LDAP_get_generalized_time_value(db, msg, "createTimestamp", - &ent->entry.created_by.time); - if (ret) - ent->entry.created_by.time = time(NULL); - - ent->entry.created_by.principal = NULL; - - ret = LDAP_get_string_value(db, msg, "creatorsName", &dn); - if (ret == 0) { - if (LDAP_dn2principal(context, db, dn, &ent->entry.created_by.principal) - != 0) { - ent->entry.created_by.principal = NULL; - } - free(dn); - } - - ent->entry.modified_by = (Event *) malloc(sizeof(Event)); - if (ent->entry.modified_by == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - ret = LDAP_get_generalized_time_value(db, msg, "modifyTimestamp", - &ent->entry.modified_by->time); - if (ret == 0) { - ret = LDAP_get_string_value(db, msg, "modifiersName", &dn); - if (LDAP_dn2principal(context, db, dn, &ent->entry.modified_by->principal)) - ent->entry.modified_by->principal = NULL; - free(dn); - } else { - free(ent->entry.modified_by); - ent->entry.modified_by = NULL; - } - - ent->entry.valid_start = malloc(sizeof(*ent->entry.valid_start)); - if (ent->entry.valid_start == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - ret = LDAP_get_generalized_time_value(db, msg, "krb5ValidStart", - ent->entry.valid_start); - if (ret) { - /* OPTIONAL */ - free(ent->entry.valid_start); - ent->entry.valid_start = NULL; - } - - ent->entry.valid_end = malloc(sizeof(*ent->entry.valid_end)); - if (ent->entry.valid_end == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - ret = LDAP_get_generalized_time_value(db, msg, "krb5ValidEnd", - ent->entry.valid_end); - if (ret) { - /* OPTIONAL */ - free(ent->entry.valid_end); - ent->entry.valid_end = NULL; - } - - ret = LDAP_get_integer_value(db, msg, "sambaKickoffTime", &tmp_time); - if (ret == 0) { - if (ent->entry.valid_end == NULL) { - ent->entry.valid_end = malloc(sizeof(*ent->entry.valid_end)); - if (ent->entry.valid_end == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - } - *ent->entry.valid_end = tmp_time; - } - - ent->entry.pw_end = malloc(sizeof(*ent->entry.pw_end)); - if (ent->entry.pw_end == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - ret = LDAP_get_generalized_time_value(db, msg, "krb5PasswordEnd", - ent->entry.pw_end); - if (ret) { - /* OPTIONAL */ - free(ent->entry.pw_end); - ent->entry.pw_end = NULL; - } - - ret = LDAP_get_integer_value(db, msg, "sambaPwdMustChange", &tmp_time); - if (ret == 0) { - if (ent->entry.pw_end == NULL) { - ent->entry.pw_end = malloc(sizeof(*ent->entry.pw_end)); - if (ent->entry.pw_end == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - } - *ent->entry.pw_end = tmp_time; - } - - /* OPTIONAL */ - ret = LDAP_get_integer_value(db, msg, "sambaPwdLastSet", &tmp_time); - if (ret == 0) - hdb_entry_set_pw_change_time(context, &ent->entry, tmp_time); - - { - int max_life; - - ent->entry.max_life = malloc(sizeof(*ent->entry.max_life)); - if (ent->entry.max_life == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - ret = LDAP_get_integer_value(db, msg, "krb5MaxLife", &max_life); - if (ret) { - free(ent->entry.max_life); - ent->entry.max_life = NULL; - } else - *ent->entry.max_life = max_life; - } - - { - int max_renew; - - ent->entry.max_renew = malloc(sizeof(*ent->entry.max_renew)); - if (ent->entry.max_renew == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - ret = LDAP_get_integer_value(db, msg, "krb5MaxRenew", &max_renew); - if (ret) { - free(ent->entry.max_renew); - ent->entry.max_renew = NULL; - } else - *ent->entry.max_renew = max_renew; - } - - values = ldap_get_values(HDB2LDAP(db), msg, "krb5KDCFlags"); - if (values != NULL) { - errno = 0; - tmp = strtoul(values[0], (char **) NULL, 10); - if (tmp == ULONG_MAX && errno == ERANGE) { - krb5_set_error_string(context, "strtoul: could not convert flag"); - ret = ERANGE; - goto out; - } - } else { - tmp = 0; - } - - ent->entry.flags = int2HDBFlags(tmp); - - /* Try and find Samba flags to put into the mix */ - ret = LDAP_get_string_value(db, msg, "sambaAcctFlags", &samba_acct_flags); - if (ret == 0) { - /* parse the [UXW...] string: - - 'N' No password - 'D' Disabled - 'H' Homedir required - 'T' Temp account. - 'U' User account (normal) - 'M' MNS logon user account - what is this ? - 'W' Workstation account - 'S' Server account - 'L' Locked account - 'X' No Xpiry on password - 'I' Interdomain trust account - - */ - - int i; - int flags_len = strlen(samba_acct_flags); - - if (flags_len < 2) - goto out2; - - if (samba_acct_flags[0] != '[' - || samba_acct_flags[flags_len - 1] != ']') - goto out2; - - /* Allow forwarding */ - if (samba_forwardable) - ent->entry.flags.forwardable = TRUE; - - for (i=0; i < flags_len; i++) { - switch (samba_acct_flags[i]) { - case ' ': - case '[': - case ']': - break; - case 'N': - /* how to handle no password in kerberos? */ - break; - case 'D': - ent->entry.flags.invalid = TRUE; - break; - case 'H': - break; - case 'T': - /* temp duplicate */ - ent->entry.flags.invalid = TRUE; - break; - case 'U': - ent->entry.flags.client = TRUE; - break; - case 'M': - break; - case 'W': - case 'S': - ent->entry.flags.server = TRUE; - ent->entry.flags.client = TRUE; - break; - case 'L': - ent->entry.flags.invalid = TRUE; - break; - case 'X': - if (ent->entry.pw_end) { - free(ent->entry.pw_end); - ent->entry.pw_end = NULL; - } - break; - case 'I': - ent->entry.flags.server = TRUE; - ent->entry.flags.client = TRUE; - break; - } - } - out2: - free(samba_acct_flags); - } - - ret = 0; - -out: - if (unparsed_name) - free(unparsed_name); - - if (ret) - hdb_free_entry(context, ent); - - return ret; -} - -static krb5_error_code -LDAP_close(krb5_context context, HDB * db) -{ - if (HDB2LDAP(db)) { - ldap_unbind_ext(HDB2LDAP(db), NULL, NULL); - ((struct hdbldapdb *)db->hdb_db)->h_lp = NULL; - } - - return 0; -} - -static krb5_error_code -LDAP_lock(krb5_context context, HDB * db, int operation) -{ - return 0; -} - -static krb5_error_code -LDAP_unlock(krb5_context context, HDB * db) -{ - return 0; -} - -static krb5_error_code -LDAP_seq(krb5_context context, HDB * db, unsigned flags, hdb_entry_ex * entry) -{ - int msgid, rc, parserc; - krb5_error_code ret; - LDAPMessage *e; - - msgid = HDB2MSGID(db); - if (msgid < 0) - return HDB_ERR_NOENTRY; - - do { - rc = ldap_result(HDB2LDAP(db), msgid, LDAP_MSG_ONE, NULL, &e); - switch (rc) { - case LDAP_RES_SEARCH_REFERENCE: - ldap_msgfree(e); - ret = 0; - break; - case LDAP_RES_SEARCH_ENTRY: - /* We have an entry. Parse it. */ - ret = LDAP_message2entry(context, db, e, entry); - ldap_msgfree(e); - break; - case LDAP_RES_SEARCH_RESULT: - /* We're probably at the end of the results. If not, abandon. */ - parserc = - ldap_parse_result(HDB2LDAP(db), e, NULL, NULL, NULL, - NULL, NULL, 1); - if (parserc != LDAP_SUCCESS - && parserc != LDAP_MORE_RESULTS_TO_RETURN) { - krb5_set_error_string(context, "ldap_parse_result: %s", - ldap_err2string(parserc)); - ldap_abandon(HDB2LDAP(db), msgid); - } - ret = HDB_ERR_NOENTRY; - HDBSETMSGID(db, -1); - break; - case LDAP_SERVER_DOWN: - ldap_msgfree(e); - LDAP_close(context, db); - HDBSETMSGID(db, -1); - ret = ENETDOWN; - break; - default: - /* Some unspecified error (timeout?). Abandon. */ - ldap_msgfree(e); - ldap_abandon(HDB2LDAP(db), msgid); - ret = HDB_ERR_NOENTRY; - HDBSETMSGID(db, -1); - break; - } - } while (rc == LDAP_RES_SEARCH_REFERENCE); - - if (ret == 0) { - if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) { - ret = hdb_unseal_keys(context, db, &entry->entry); - if (ret) - hdb_free_entry(context, entry); - } - } - - return ret; -} - -static krb5_error_code -LDAP_firstkey(krb5_context context, HDB *db, unsigned flags, - hdb_entry_ex *entry) -{ - krb5_error_code ret; - int msgid; - - ret = LDAP__connect(context, db); - if (ret) - return ret; - - ret = LDAP_no_size_limit(context, HDB2LDAP(db)); - if (ret) - return ret; - - msgid = ldap_search(HDB2LDAP(db), HDB2BASE(db), - LDAP_SCOPE_SUBTREE, - "(|(objectClass=krb5Principal)(objectClass=sambaSamAccount))", - krb5kdcentry_attrs, 0); - if (msgid < 0) - return HDB_ERR_NOENTRY; - - HDBSETMSGID(db, msgid); - - return LDAP_seq(context, db, flags, entry); -} - -static krb5_error_code -LDAP_nextkey(krb5_context context, HDB * db, unsigned flags, - hdb_entry_ex * entry) -{ - return LDAP_seq(context, db, flags, entry); -} - -static krb5_error_code -LDAP__connect(krb5_context context, HDB * db) -{ - int rc, version = LDAP_VERSION3; - /* - * Empty credentials to do a SASL bind with LDAP. Note that empty - * different from NULL credentials. If you provide NULL - * credentials instead of empty credentials you will get a SASL - * bind in progress message. - */ - struct berval bv = { 0, "" }; - - if (HDB2LDAP(db)) { - /* connection has been opened. ping server. */ - struct sockaddr_un addr; - socklen_t len = sizeof(addr); - int sd; - - if (ldap_get_option(HDB2LDAP(db), LDAP_OPT_DESC, &sd) == 0 && - getpeername(sd, (struct sockaddr *) &addr, &len) < 0) { - /* the other end has died. reopen. */ - LDAP_close(context, db); - } - } - - if (HDB2LDAP(db) != NULL) /* server is UP */ - return 0; - - rc = ldap_initialize(&((struct hdbldapdb *)db->hdb_db)->h_lp, HDB2URL(db)); - if (rc != LDAP_SUCCESS) { - krb5_set_error_string(context, "ldap_initialize: %s", - ldap_err2string(rc)); - return HDB_ERR_NOENTRY; - } - - rc = ldap_set_option(HDB2LDAP(db), LDAP_OPT_PROTOCOL_VERSION, - (const void *)&version); - if (rc != LDAP_SUCCESS) { - krb5_set_error_string(context, "ldap_set_option: %s", - ldap_err2string(rc)); - LDAP_close(context, db); - return HDB_ERR_BADVERSION; - } - - rc = ldap_sasl_bind_s(HDB2LDAP(db), NULL, "EXTERNAL", &bv, - NULL, NULL, NULL); - if (rc != LDAP_SUCCESS) { - krb5_set_error_string(context, "ldap_sasl_bind_s: %s", - ldap_err2string(rc)); - LDAP_close(context, db); - return HDB_ERR_BADVERSION; - } - - return 0; -} - -static krb5_error_code -LDAP_open(krb5_context context, HDB * db, int flags, mode_t mode) -{ - /* Not the right place for this. */ -#ifdef HAVE_SIGACTION - struct sigaction sa; - - sa.sa_flags = 0; - sa.sa_handler = SIG_IGN; - sigemptyset(&sa.sa_mask); - - sigaction(SIGPIPE, &sa, NULL); -#else - signal(SIGPIPE, SIG_IGN); -#endif /* HAVE_SIGACTION */ - - return LDAP__connect(context, db); -} - -static krb5_error_code -LDAP_fetch(krb5_context context, HDB * db, krb5_const_principal principal, - unsigned flags, hdb_entry_ex * entry) -{ - LDAPMessage *msg, *e; - krb5_error_code ret; - - ret = LDAP_principal2message(context, db, principal, &msg); - if (ret) - return ret; - - e = ldap_first_entry(HDB2LDAP(db), msg); - if (e == NULL) { - ret = HDB_ERR_NOENTRY; - goto out; - } - - ret = LDAP_message2entry(context, db, e, entry); - if (ret == 0) { - if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) { - ret = hdb_unseal_keys(context, db, &entry->entry); - if (ret) - hdb_free_entry(context, entry); - } - } - - out: - ldap_msgfree(msg); - - return ret; -} - -static krb5_error_code -LDAP_store(krb5_context context, HDB * db, unsigned flags, - hdb_entry_ex * entry) -{ - LDAPMod **mods = NULL; - krb5_error_code ret; - const char *errfn; - int rc; - LDAPMessage *msg = NULL, *e = NULL; - char *dn = NULL, *name = NULL; - - ret = LDAP_principal2message(context, db, entry->entry.principal, &msg); - if (ret == 0) - e = ldap_first_entry(HDB2LDAP(db), msg); - - ret = krb5_unparse_name(context, entry->entry.principal, &name); - if (ret) { - free(name); - return ret; - } - - ret = hdb_seal_keys(context, db, &entry->entry); - if (ret) - goto out; - - /* turn new entry into LDAPMod array */ - ret = LDAP_entry2mods(context, db, entry, e, &mods); - if (ret) - goto out; - - if (e == NULL) { - ret = asprintf(&dn, "krb5PrincipalName=%s,%s", name, HDB2CREATE(db)); - if (ret < 0) { - krb5_set_error_string(context, "asprintf: out of memory"); - ret = ENOMEM; - goto out; - } - } else if (flags & HDB_F_REPLACE) { - /* Entry exists, and we're allowed to replace it. */ - dn = ldap_get_dn(HDB2LDAP(db), e); - } else { - /* Entry exists, but we're not allowed to replace it. Bail. */ - ret = HDB_ERR_EXISTS; - goto out; - } - - /* write entry into directory */ - if (e == NULL) { - /* didn't exist before */ - rc = ldap_add_s(HDB2LDAP(db), dn, mods); - errfn = "ldap_add_s"; - } else { - /* already existed, send deltas only */ - rc = ldap_modify_s(HDB2LDAP(db), dn, mods); - errfn = "ldap_modify_s"; - } - - if (check_ldap(context, db, rc)) { - char *ld_error = NULL; - ldap_get_option(HDB2LDAP(db), LDAP_OPT_ERROR_STRING, - &ld_error); - krb5_set_error_string(context, "%s: %s (DN=%s) %s: %s", - errfn, name, dn, ldap_err2string(rc), ld_error); - ret = HDB_ERR_CANT_LOCK_DB; - } else - ret = 0; - - out: - /* free stuff */ - if (dn) - free(dn); - if (msg) - ldap_msgfree(msg); - if (mods) - ldap_mods_free(mods, 1); - if (name) - free(name); - - return ret; -} - -static krb5_error_code -LDAP_remove(krb5_context context, HDB *db, krb5_const_principal principal) -{ - krb5_error_code ret; - LDAPMessage *msg, *e; - char *dn = NULL; - int rc, limit = LDAP_NO_LIMIT; - - ret = LDAP_principal2message(context, db, principal, &msg); - if (ret) - goto out; - - e = ldap_first_entry(HDB2LDAP(db), msg); - if (e == NULL) { - ret = HDB_ERR_NOENTRY; - goto out; - } - - dn = ldap_get_dn(HDB2LDAP(db), e); - if (dn == NULL) { - ret = HDB_ERR_NOENTRY; - goto out; - } - - rc = ldap_set_option(HDB2LDAP(db), LDAP_OPT_SIZELIMIT, (const void *)&limit); - if (rc != LDAP_SUCCESS) { - krb5_set_error_string(context, "ldap_set_option: %s", - ldap_err2string(rc)); - ret = HDB_ERR_BADVERSION; - goto out; - } - - rc = ldap_delete_s(HDB2LDAP(db), dn); - if (check_ldap(context, db, rc)) { - krb5_set_error_string(context, "ldap_delete_s: %s", - ldap_err2string(rc)); - ret = HDB_ERR_CANT_LOCK_DB; - } else - ret = 0; - - out: - if (dn != NULL) - free(dn); - if (msg != NULL) - ldap_msgfree(msg); - - return ret; -} - -static krb5_error_code -LDAP_destroy(krb5_context context, HDB * db) -{ - krb5_error_code ret; - - LDAP_close(context, db); - - ret = hdb_clear_master_key(context, db); - if (HDB2BASE(db)) - free(HDB2BASE(db)); - if (HDB2CREATE(db)) - free(HDB2CREATE(db)); - if (HDB2URL(db)) - free(HDB2URL(db)); - if (db->hdb_name) - free(db->hdb_name); - free(db->hdb_db); - free(db); - - return ret; -} - -krb5_error_code -hdb_ldap_common(krb5_context context, - HDB ** db, - const char *search_base, - const char *url) -{ - struct hdbldapdb *h; - const char *create_base = NULL; - - if (search_base == NULL && search_base[0] == '\0') { - krb5_set_error_string(context, "ldap search base not configured"); - return ENOMEM; /* XXX */ - } - - if (structural_object == NULL) { - const char *p; - - p = krb5_config_get_string(context, NULL, "kdc", - "hdb-ldap-structural-object", NULL); - if (p == NULL) - p = default_structural_object; - structural_object = strdup(p); - if (structural_object == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - } - - samba_forwardable = - krb5_config_get_bool_default(context, NULL, TRUE, - "kdc", "hdb-samba-forwardable", NULL); - - *db = calloc(1, sizeof(**db)); - if (*db == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - memset(*db, 0, sizeof(**db)); - - h = calloc(1, sizeof(*h)); - if (h == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - free(*db); - *db = NULL; - return ENOMEM; - } - (*db)->hdb_db = h; - - /* XXX */ - if (asprintf(&(*db)->hdb_name, "ldap:%s", search_base) == -1) { - LDAP_destroy(context, *db); - krb5_set_error_string(context, "strdup: out of memory"); - *db = NULL; - return ENOMEM; - } - - h->h_url = strdup(url); - h->h_base = strdup(search_base); - if (h->h_url == NULL || h->h_base == NULL) { - LDAP_destroy(context, *db); - krb5_set_error_string(context, "strdup: out of memory"); - *db = NULL; - return ENOMEM; - } - - create_base = krb5_config_get_string(context, NULL, "kdc", - "hdb-ldap-create-base", NULL); - if (create_base == NULL) - create_base = h->h_base; - - h->h_createbase = strdup(create_base); - if (h->h_createbase == NULL) { - LDAP_destroy(context, *db); - krb5_set_error_string(context, "strdup: out of memory"); - *db = NULL; - return ENOMEM; - } - - (*db)->hdb_master_key_set = 0; - (*db)->hdb_openp = 0; - (*db)->hdb_open = LDAP_open; - (*db)->hdb_close = LDAP_close; - (*db)->hdb_fetch = LDAP_fetch; - (*db)->hdb_store = LDAP_store; - (*db)->hdb_remove = LDAP_remove; - (*db)->hdb_firstkey = LDAP_firstkey; - (*db)->hdb_nextkey = LDAP_nextkey; - (*db)->hdb_lock = LDAP_lock; - (*db)->hdb_unlock = LDAP_unlock; - (*db)->hdb_rename = NULL; - (*db)->hdb__get = NULL; - (*db)->hdb__put = NULL; - (*db)->hdb__del = NULL; - (*db)->hdb_destroy = LDAP_destroy; - - return 0; -} - -krb5_error_code -hdb_ldap_create(krb5_context context, HDB ** db, const char *arg) -{ - return hdb_ldap_common(context, db, arg, "ldapi:///"); -} - -krb5_error_code -hdb_ldapi_create(krb5_context context, HDB ** db, const char *arg) -{ - krb5_error_code ret; - char *search_base, *p; - - asprintf(&p, "ldapi:%s", arg); - if (p == NULL) { - krb5_set_error_string(context, "out of memory"); - *db = NULL; - return ENOMEM; - } - search_base = strchr(p + strlen("ldapi://"), ':'); - if (search_base == NULL) { - krb5_set_error_string(context, "search base missing"); - *db = NULL; - return HDB_ERR_BADVERSION; - } - *search_base = '\0'; - search_base++; - - ret = hdb_ldap_common(context, db, search_base, p); - free(p); - return ret; -} - -#ifdef OPENLDAP_MODULE - -struct hdb_so_method hdb_ldap_interface = { - HDB_INTERFACE_VERSION, - "ldap", - hdb_ldap_create -}; - -struct hdb_so_method hdb_ldapi_interface = { - HDB_INTERFACE_VERSION, - "ldapi", - hdb_ldapi_create -}; - -#endif - -#endif /* OPENLDAP */ diff --git a/crypto/heimdal/lib/hdb/hdb-private.h b/crypto/heimdal/lib/hdb/hdb-private.h deleted file mode 100644 index 5147d8b90bd5..000000000000 --- a/crypto/heimdal/lib/hdb/hdb-private.h +++ /dev/null @@ -1,54 +0,0 @@ -/* This is a generated file */ -#ifndef __hdb_private_h__ -#define __hdb_private_h__ - -#include - -krb5_error_code -_hdb_fetch ( - krb5_context /*context*/, - HDB */*db*/, - krb5_const_principal /*principal*/, - unsigned /*flags*/, - hdb_entry_ex */*entry*/); - -hdb_master_key -_hdb_find_master_key ( - uint32_t */*mkvno*/, - hdb_master_key /*mkey*/); - -int -_hdb_mkey_decrypt ( - krb5_context /*context*/, - hdb_master_key /*key*/, - krb5_key_usage /*usage*/, - void */*ptr*/, - size_t /*size*/, - krb5_data */*res*/); - -int -_hdb_mkey_encrypt ( - krb5_context /*context*/, - hdb_master_key /*key*/, - krb5_key_usage /*usage*/, - const void */*ptr*/, - size_t /*size*/, - krb5_data */*res*/); - -int -_hdb_mkey_version (hdb_master_key /*mkey*/); - -krb5_error_code -_hdb_remove ( - krb5_context /*context*/, - HDB */*db*/, - krb5_const_principal /*principal*/); - -krb5_error_code -_hdb_store ( - krb5_context /*context*/, - HDB */*db*/, - unsigned /*flags*/, - hdb_entry_ex */*entry*/); - -#endif /* __hdb_private_h__ */ diff --git a/crypto/heimdal/lib/hdb/hdb-protos.h b/crypto/heimdal/lib/hdb/hdb-protos.h deleted file mode 100644 index 4c3d3eb1ab14..000000000000 --- a/crypto/heimdal/lib/hdb/hdb-protos.h +++ /dev/null @@ -1,400 +0,0 @@ -/* This is a generated file */ -#ifndef __hdb_protos_h__ -#define __hdb_protos_h__ - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -krb5_error_code -hdb_add_master_key ( - krb5_context /*context*/, - krb5_keyblock */*key*/, - hdb_master_key */*inout*/); - -krb5_error_code -hdb_check_db_format ( - krb5_context /*context*/, - HDB */*db*/); - -krb5_error_code -hdb_clear_extension ( - krb5_context /*context*/, - hdb_entry */*entry*/, - int /*type*/); - -krb5_error_code -hdb_clear_master_key ( - krb5_context /*context*/, - HDB */*db*/); - -krb5_error_code -hdb_create ( - krb5_context /*context*/, - HDB **/*db*/, - const char */*filename*/); - -krb5_error_code -hdb_db_create ( - krb5_context /*context*/, - HDB **/*db*/, - const char */*filename*/); - -const char * -hdb_db_dir (krb5_context /*context*/); - -const char * -hdb_dbinfo_get_acl_file ( - krb5_context /*context*/, - struct hdb_dbinfo */*dbp*/); - -const krb5_config_binding * -hdb_dbinfo_get_binding ( - krb5_context /*context*/, - struct hdb_dbinfo */*dbp*/); - -const char * -hdb_dbinfo_get_dbname ( - krb5_context /*context*/, - struct hdb_dbinfo */*dbp*/); - -const char * -hdb_dbinfo_get_label ( - krb5_context /*context*/, - struct hdb_dbinfo */*dbp*/); - -const char * -hdb_dbinfo_get_log_file ( - krb5_context /*context*/, - struct hdb_dbinfo */*dbp*/); - -const char * -hdb_dbinfo_get_mkey_file ( - krb5_context /*context*/, - struct hdb_dbinfo */*dbp*/); - -struct hdb_dbinfo * -hdb_dbinfo_get_next ( - struct hdb_dbinfo */*dbp*/, - struct hdb_dbinfo */*dbprevp*/); - -const char * -hdb_dbinfo_get_realm ( - krb5_context /*context*/, - struct hdb_dbinfo */*dbp*/); - -const char * -hdb_default_db (krb5_context /*context*/); - -krb5_error_code -hdb_enctype2key ( - krb5_context /*context*/, - hdb_entry */*e*/, - krb5_enctype /*enctype*/, - Key **/*key*/); - -krb5_error_code -hdb_entry2string ( - krb5_context /*context*/, - hdb_entry */*ent*/, - char **/*str*/); - -int -hdb_entry2value ( - krb5_context /*context*/, - const hdb_entry */*ent*/, - krb5_data */*value*/); - -int -hdb_entry_alias2value ( - krb5_context /*context*/, - const hdb_entry_alias */*alias*/, - krb5_data */*value*/); - -krb5_error_code -hdb_entry_check_mandatory ( - krb5_context /*context*/, - const hdb_entry */*ent*/); - -int -hdb_entry_clear_password ( - krb5_context /*context*/, - hdb_entry */*entry*/); - -krb5_error_code -hdb_entry_get_ConstrainedDelegACL ( - const hdb_entry */*entry*/, - const HDB_Ext_Constrained_delegation_acl **/*a*/); - -krb5_error_code -hdb_entry_get_aliases ( - const hdb_entry */*entry*/, - const HDB_Ext_Aliases **/*a*/); - -int -hdb_entry_get_password ( - krb5_context /*context*/, - HDB */*db*/, - const hdb_entry */*entry*/, - char **/*p*/); - -krb5_error_code -hdb_entry_get_pkinit_acl ( - const hdb_entry */*entry*/, - const HDB_Ext_PKINIT_acl **/*a*/); - -krb5_error_code -hdb_entry_get_pkinit_hash ( - const hdb_entry */*entry*/, - const HDB_Ext_PKINIT_hash **/*a*/); - -krb5_error_code -hdb_entry_get_pw_change_time ( - const hdb_entry */*entry*/, - time_t */*t*/); - -int -hdb_entry_set_password ( - krb5_context /*context*/, - HDB */*db*/, - hdb_entry */*entry*/, - const char */*p*/); - -krb5_error_code -hdb_entry_set_pw_change_time ( - krb5_context /*context*/, - hdb_entry */*entry*/, - time_t /*t*/); - -HDB_extension * -hdb_find_extension ( - const hdb_entry */*entry*/, - int /*type*/); - -krb5_error_code -hdb_foreach ( - krb5_context /*context*/, - HDB */*db*/, - unsigned /*flags*/, - hdb_foreach_func_t /*func*/, - void */*data*/); - -void -hdb_free_dbinfo ( - krb5_context /*context*/, - struct hdb_dbinfo **/*dbp*/); - -void -hdb_free_entry ( - krb5_context /*context*/, - hdb_entry_ex */*ent*/); - -void -hdb_free_key (Key */*key*/); - -void -hdb_free_keys ( - krb5_context /*context*/, - int /*len*/, - Key */*keys*/); - -void -hdb_free_master_key ( - krb5_context /*context*/, - hdb_master_key /*mkey*/); - -krb5_error_code -hdb_generate_key_set ( - krb5_context /*context*/, - krb5_principal /*principal*/, - Key **/*ret_key_set*/, - size_t */*nkeyset*/, - int /*no_salt*/); - -krb5_error_code -hdb_generate_key_set_password ( - krb5_context /*context*/, - krb5_principal /*principal*/, - const char */*password*/, - Key **/*keys*/, - size_t */*num_keys*/); - -int -hdb_get_dbinfo ( - krb5_context /*context*/, - struct hdb_dbinfo **/*dbp*/); - -krb5_error_code -hdb_init_db ( - krb5_context /*context*/, - HDB */*db*/); - -int -hdb_key2principal ( - krb5_context /*context*/, - krb5_data */*key*/, - krb5_principal /*p*/); - -krb5_error_code -hdb_ldap_common ( - krb5_context /*context*/, - HDB ** /*db*/, - const char */*search_base*/, - const char */*url*/); - -krb5_error_code -hdb_ldap_create ( - krb5_context /*context*/, - HDB ** /*db*/, - const char */*arg*/); - -krb5_error_code -hdb_ldapi_create ( - krb5_context /*context*/, - HDB ** /*db*/, - const char */*arg*/); - -krb5_error_code -hdb_list_builtin ( - krb5_context /*context*/, - char **/*list*/); - -krb5_error_code -hdb_lock ( - int /*fd*/, - int /*operation*/); - -krb5_error_code -hdb_ndbm_create ( - krb5_context /*context*/, - HDB **/*db*/, - const char */*filename*/); - -krb5_error_code -hdb_next_enctype2key ( - krb5_context /*context*/, - const hdb_entry */*e*/, - krb5_enctype /*enctype*/, - Key **/*key*/); - -int -hdb_principal2key ( - krb5_context /*context*/, - krb5_const_principal /*p*/, - krb5_data */*key*/); - -krb5_error_code -hdb_print_entry ( - krb5_context /*context*/, - HDB */*db*/, - hdb_entry_ex */*entry*/, - void */*data*/); - -krb5_error_code -hdb_process_master_key ( - krb5_context /*context*/, - int /*kvno*/, - krb5_keyblock */*key*/, - krb5_enctype /*etype*/, - hdb_master_key */*mkey*/); - -krb5_error_code -hdb_read_master_key ( - krb5_context /*context*/, - const char */*filename*/, - hdb_master_key */*mkey*/); - -krb5_error_code -hdb_replace_extension ( - krb5_context /*context*/, - hdb_entry */*entry*/, - const HDB_extension */*ext*/); - -krb5_error_code -hdb_seal_key ( - krb5_context /*context*/, - HDB */*db*/, - Key */*k*/); - -krb5_error_code -hdb_seal_key_mkey ( - krb5_context /*context*/, - Key */*k*/, - hdb_master_key /*mkey*/); - -krb5_error_code -hdb_seal_keys ( - krb5_context /*context*/, - HDB */*db*/, - hdb_entry */*ent*/); - -krb5_error_code -hdb_seal_keys_mkey ( - krb5_context /*context*/, - hdb_entry */*ent*/, - hdb_master_key /*mkey*/); - -krb5_error_code -hdb_set_master_key ( - krb5_context /*context*/, - HDB */*db*/, - krb5_keyblock */*key*/); - -krb5_error_code -hdb_set_master_keyfile ( - krb5_context /*context*/, - HDB */*db*/, - const char */*keyfile*/); - -krb5_error_code -hdb_unlock (int /*fd*/); - -krb5_error_code -hdb_unseal_key ( - krb5_context /*context*/, - HDB */*db*/, - Key */*k*/); - -krb5_error_code -hdb_unseal_key_mkey ( - krb5_context /*context*/, - Key */*k*/, - hdb_master_key /*mkey*/); - -krb5_error_code -hdb_unseal_keys ( - krb5_context /*context*/, - HDB */*db*/, - hdb_entry */*ent*/); - -krb5_error_code -hdb_unseal_keys_mkey ( - krb5_context /*context*/, - hdb_entry */*ent*/, - hdb_master_key /*mkey*/); - -int -hdb_value2entry ( - krb5_context /*context*/, - krb5_data */*value*/, - hdb_entry */*ent*/); - -int -hdb_value2entry_alias ( - krb5_context /*context*/, - krb5_data */*value*/, - hdb_entry_alias */*ent*/); - -krb5_error_code -hdb_write_master_key ( - krb5_context /*context*/, - const char */*filename*/, - hdb_master_key /*mkey*/); - -#ifdef __cplusplus -} -#endif - -#endif /* __hdb_protos_h__ */ diff --git a/crypto/heimdal/lib/hdb/hdb.asn1 b/crypto/heimdal/lib/hdb/hdb.asn1 deleted file mode 100644 index acd8f61d7e8f..000000000000 --- a/crypto/heimdal/lib/hdb/hdb.asn1 +++ /dev/null @@ -1,127 +0,0 @@ --- $Id: hdb.asn1 20236 2007-02-16 23:52:29Z lha $ -HDB DEFINITIONS ::= -BEGIN - -IMPORTS EncryptionKey, KerberosTime, Principal FROM krb5; - -HDB_DB_FORMAT INTEGER ::= 2 -- format of database, - -- update when making changes - --- these must have the same value as the pa-* counterparts -hdb-pw-salt INTEGER ::= 3 -hdb-afs3-salt INTEGER ::= 10 - -Salt ::= SEQUENCE { - type[0] INTEGER (0..4294967295), - salt[1] OCTET STRING -} - -Key ::= SEQUENCE { - mkvno[0] INTEGER (0..4294967295) OPTIONAL, -- master key version number - key[1] EncryptionKey, - salt[2] Salt OPTIONAL -} - -Event ::= SEQUENCE { - time[0] KerberosTime, - principal[1] Principal OPTIONAL -} - -HDBFlags ::= BIT STRING { - initial(0), -- require as-req - forwardable(1), -- may issue forwardable - proxiable(2), -- may issue proxiable - renewable(3), -- may issue renewable - postdate(4), -- may issue postdatable - server(5), -- may be server - client(6), -- may be client - invalid(7), -- entry is invalid - require-preauth(8), -- must use preauth - change-pw(9), -- change password service - require-hwauth(10), -- must use hwauth - ok-as-delegate(11), -- as in TicketFlags - user-to-user(12), -- may use user-to-user auth - immutable(13), -- may not be deleted - trusted-for-delegation(14), -- Trusted to print forwardabled tickets - allow-kerberos4(15), -- Allow Kerberos 4 requests - allow-digest(16) -- Allow digest requests -} - -GENERATION ::= SEQUENCE { - time[0] KerberosTime, -- timestamp - usec[1] INTEGER (0..4294967295), -- microseconds - gen[2] INTEGER (0..4294967295) -- generation number -} - -HDB-Ext-PKINIT-acl ::= SEQUENCE OF SEQUENCE { - subject[0] UTF8String, - issuer[1] UTF8String OPTIONAL, - anchor[2] UTF8String OPTIONAL -} - -HDB-Ext-PKINIT-hash ::= SEQUENCE OF SEQUENCE { - digest-type[0] OBJECT IDENTIFIER, - digest[1] OCTET STRING -} - -HDB-Ext-Constrained-delegation-acl ::= SEQUENCE OF Principal - --- hdb-ext-referrals ::= PA-SERVER-REFERRAL-DATA - -HDB-Ext-Lan-Manager-OWF ::= OCTET STRING - -HDB-Ext-Password ::= SEQUENCE { - mkvno[0] INTEGER (0..4294967295) OPTIONAL, -- master key version number - password OCTET STRING -} - -HDB-Ext-Aliases ::= SEQUENCE { - case-insensitive[0] BOOLEAN, -- case insensitive name allowed - aliases[1] SEQUENCE OF Principal -- all names, inc primary -} - - -HDB-extension ::= SEQUENCE { - mandatory[0] BOOLEAN, -- kdc MUST understand this extension, - -- if not the whole entry must - -- be rejected - data[1] CHOICE { - pkinit-acl[0] HDB-Ext-PKINIT-acl, - pkinit-cert-hash[1] HDB-Ext-PKINIT-hash, - allowed-to-delegate-to[2] HDB-Ext-Constrained-delegation-acl, --- referral-info[3] HDB-Ext-Referrals, - lm-owf[4] HDB-Ext-Lan-Manager-OWF, - password[5] HDB-Ext-Password, - aliases[6] HDB-Ext-Aliases, - last-pw-change[7] KerberosTime, - ... - }, - ... -} - -HDB-extensions ::= SEQUENCE OF HDB-extension - - -hdb_entry ::= SEQUENCE { - principal[0] Principal OPTIONAL, -- this is optional only - -- for compatibility with libkrb5 - kvno[1] INTEGER (0..4294967295), - keys[2] SEQUENCE OF Key, - created-by[3] Event, - modified-by[4] Event OPTIONAL, - valid-start[5] KerberosTime OPTIONAL, - valid-end[6] KerberosTime OPTIONAL, - pw-end[7] KerberosTime OPTIONAL, - max-life[8] INTEGER (0..4294967295) OPTIONAL, - max-renew[9] INTEGER (0..4294967295) OPTIONAL, - flags[10] HDBFlags, - etypes[11] SEQUENCE OF INTEGER (0..4294967295) OPTIONAL, - generation[12] GENERATION OPTIONAL, - extensions[13] HDB-extensions OPTIONAL -} - -hdb_entry_alias ::= [APPLICATION 0] SEQUENCE { - principal[0] Principal OPTIONAL -} - -END diff --git a/crypto/heimdal/lib/hdb/hdb.c b/crypto/heimdal/lib/hdb/hdb.c deleted file mode 100644 index a515709639c4..000000000000 --- a/crypto/heimdal/lib/hdb/hdb.c +++ /dev/null @@ -1,412 +0,0 @@ -/* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hdb_locl.h" - -RCSID("$Id: hdb.c 20214 2007-02-09 21:51:10Z lha $"); - -#ifdef HAVE_DLFCN_H -#include -#endif - -struct hdb_method { - const char *prefix; - krb5_error_code (*create)(krb5_context, HDB **, const char *filename); -}; - -static struct hdb_method methods[] = { -#if HAVE_DB1 || HAVE_DB3 - {"db:", hdb_db_create}, -#endif -#if HAVE_NDBM - {"ndbm:", hdb_ndbm_create}, -#endif -#if defined(OPENLDAP) && !defined(OPENLDAP_MODULE) - {"ldap:", hdb_ldap_create}, - {"ldapi:", hdb_ldapi_create}, -#endif -#ifdef HAVE_LDB /* Used for integrated samba build */ - {"ldb:", hdb_ldb_create}, -#endif - {NULL, NULL} -}; - -#if HAVE_DB1 || HAVE_DB3 -static struct hdb_method dbmetod = {"", hdb_db_create }; -#elif defined(HAVE_NDBM) -static struct hdb_method dbmetod = {"", hdb_ndbm_create }; -#endif - - -krb5_error_code -hdb_next_enctype2key(krb5_context context, - const hdb_entry *e, - krb5_enctype enctype, - Key **key) -{ - Key *k; - - for (k = *key ? (*key) + 1 : e->keys.val; - k < e->keys.val + e->keys.len; - k++) - { - if(k->key.keytype == enctype){ - *key = k; - return 0; - } - } - krb5_set_error_string(context, "No next enctype %d for hdb-entry", - (int)enctype); - return KRB5_PROG_ETYPE_NOSUPP; /* XXX */ -} - -krb5_error_code -hdb_enctype2key(krb5_context context, - hdb_entry *e, - krb5_enctype enctype, - Key **key) -{ - *key = NULL; - return hdb_next_enctype2key(context, e, enctype, key); -} - -void -hdb_free_key(Key *key) -{ - memset(key->key.keyvalue.data, - 0, - key->key.keyvalue.length); - free_Key(key); - free(key); -} - - -krb5_error_code -hdb_lock(int fd, int operation) -{ - int i, code = 0; - - for(i = 0; i < 3; i++){ - code = flock(fd, (operation == HDB_RLOCK ? LOCK_SH : LOCK_EX) | LOCK_NB); - if(code == 0 || errno != EWOULDBLOCK) - break; - sleep(1); - } - if(code == 0) - return 0; - if(errno == EWOULDBLOCK) - return HDB_ERR_DB_INUSE; - return HDB_ERR_CANT_LOCK_DB; -} - -krb5_error_code -hdb_unlock(int fd) -{ - int code; - code = flock(fd, LOCK_UN); - if(code) - return 4711 /* XXX */; - return 0; -} - -void -hdb_free_entry(krb5_context context, hdb_entry_ex *ent) -{ - int i; - - if (ent->free_entry) - (*ent->free_entry)(context, ent); - - for(i = 0; i < ent->entry.keys.len; ++i) { - Key *k = &ent->entry.keys.val[i]; - - memset (k->key.keyvalue.data, 0, k->key.keyvalue.length); - } - free_hdb_entry(&ent->entry); -} - -krb5_error_code -hdb_foreach(krb5_context context, - HDB *db, - unsigned flags, - hdb_foreach_func_t func, - void *data) -{ - krb5_error_code ret; - hdb_entry_ex entry; - ret = db->hdb_firstkey(context, db, flags, &entry); - if (ret == 0) - krb5_clear_error_string(context); - while(ret == 0){ - ret = (*func)(context, db, &entry, data); - hdb_free_entry(context, &entry); - if(ret == 0) - ret = db->hdb_nextkey(context, db, flags, &entry); - } - if(ret == HDB_ERR_NOENTRY) - ret = 0; - return ret; -} - -krb5_error_code -hdb_check_db_format(krb5_context context, HDB *db) -{ - krb5_data tag; - krb5_data version; - krb5_error_code ret, ret2; - unsigned ver; - int foo; - - ret = db->hdb_lock(context, db, HDB_RLOCK); - if (ret) - return ret; - - tag.data = HDB_DB_FORMAT_ENTRY; - tag.length = strlen(tag.data); - ret = (*db->hdb__get)(context, db, tag, &version); - ret2 = db->hdb_unlock(context, db); - if(ret) - return ret; - if (ret2) - return ret2; - foo = sscanf(version.data, "%u", &ver); - krb5_data_free (&version); - if (foo != 1) - return HDB_ERR_BADVERSION; - if(ver != HDB_DB_FORMAT) - return HDB_ERR_BADVERSION; - return 0; -} - -krb5_error_code -hdb_init_db(krb5_context context, HDB *db) -{ - krb5_error_code ret, ret2; - krb5_data tag; - krb5_data version; - char ver[32]; - - ret = hdb_check_db_format(context, db); - if(ret != HDB_ERR_NOENTRY) - return ret; - - ret = db->hdb_lock(context, db, HDB_WLOCK); - if (ret) - return ret; - - tag.data = HDB_DB_FORMAT_ENTRY; - tag.length = strlen(tag.data); - snprintf(ver, sizeof(ver), "%u", HDB_DB_FORMAT); - version.data = ver; - version.length = strlen(version.data) + 1; /* zero terminated */ - ret = (*db->hdb__put)(context, db, 0, tag, version); - ret2 = db->hdb_unlock(context, db); - if (ret) { - if (ret2) - krb5_clear_error_string(context); - return ret; - } - return ret2; -} - -#ifdef HAVE_DLOPEN - - /* - * Load a dynamic backend from /usr/heimdal/lib/hdb_NAME.so, - * looking for the hdb_NAME_create symbol. - */ - -static const struct hdb_method * -find_dynamic_method (krb5_context context, - const char *filename, - const char **rest) -{ - static struct hdb_method method; - struct hdb_so_method *mso; - char *prefix, *path, *symbol; - const char *p; - void *dl; - size_t len; - - p = strchr(filename, ':'); - - /* if no prefix, don't know what module to load, just ignore it */ - if (p == NULL) - return NULL; - - len = p - filename; - *rest = filename + len + 1; - - prefix = strndup(filename, len); - if (prefix == NULL) - krb5_errx(context, 1, "out of memory"); - - if (asprintf(&path, LIBDIR "/hdb_%s.so", prefix) == -1) - krb5_errx(context, 1, "out of memory"); - -#ifndef RTLD_NOW -#define RTLD_NOW 0 -#endif -#ifndef RTLD_GLOBAL -#define RTLD_GLOBAL 0 -#endif - - dl = dlopen(path, RTLD_NOW | RTLD_GLOBAL); - if (dl == NULL) { - krb5_warnx(context, "error trying to load dynamic module %s: %s\n", - path, dlerror()); - free(prefix); - free(path); - return NULL; - } - - if (asprintf(&symbol, "hdb_%s_interface", prefix) == -1) - krb5_errx(context, 1, "out of memory"); - - mso = dlsym(dl, symbol); - if (mso == NULL) { - krb5_warnx(context, "error finding symbol %s in %s: %s\n", - symbol, path, dlerror()); - dlclose(dl); - free(symbol); - free(prefix); - free(path); - return NULL; - } - free(path); - free(symbol); - - if (mso->version != HDB_INTERFACE_VERSION) { - krb5_warnx(context, - "error wrong version in shared module %s " - "version: %d should have been %d\n", - prefix, mso->version, HDB_INTERFACE_VERSION); - dlclose(dl); - free(prefix); - return NULL; - } - - if (mso->create == NULL) { - krb5_errx(context, 1, - "no entry point function in shared mod %s ", - prefix); - dlclose(dl); - free(prefix); - return NULL; - } - - method.create = mso->create; - method.prefix = prefix; - - return &method; -} -#endif /* HAVE_DLOPEN */ - -/* - * find the relevant method for `filename', returning a pointer to the - * rest in `rest'. - * return NULL if there's no such method. - */ - -static const struct hdb_method * -find_method (const char *filename, const char **rest) -{ - const struct hdb_method *h; - - for (h = methods; h->prefix != NULL; ++h) { - if (strncmp (filename, h->prefix, strlen(h->prefix)) == 0) { - *rest = filename + strlen(h->prefix); - return h; - } - } -#if defined(HAVE_DB1) || defined(HAVE_DB3) || defined(HAVE_NDBM) - if (strncmp(filename, "/", 1) == 0 - || strncmp(filename, "./", 2) == 0 - || strncmp(filename, "../", 3) == 0) - { - *rest = filename; - return &dbmetod; - } -#endif - - return NULL; -} - -krb5_error_code -hdb_list_builtin(krb5_context context, char **list) -{ - const struct hdb_method *h; - size_t len = 0; - char *buf = NULL; - - for (h = methods; h->prefix != NULL; ++h) { - if (h->prefix[0] == '\0') - continue; - len += strlen(h->prefix) + 2; - } - - len += 1; - buf = malloc(len); - if (buf == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - buf[0] = '\0'; - - for (h = methods; h->prefix != NULL; ++h) { - if (h != methods) - strlcat(buf, ", ", len); - strlcat(buf, h->prefix, len); - } - *list = buf; - return 0; -} - -krb5_error_code -hdb_create(krb5_context context, HDB **db, const char *filename) -{ - const struct hdb_method *h; - const char *residual; - - if(filename == NULL) - filename = HDB_DEFAULT_DB; - krb5_add_et_list(context, initialize_hdb_error_table_r); - h = find_method (filename, &residual); -#ifdef HAVE_DLOPEN - if (h == NULL) - h = find_dynamic_method (context, filename, &residual); -#endif - if (h == NULL) - krb5_errx(context, 1, "No database support for %s", filename); - return (*h->create)(context, db, residual); -} diff --git a/crypto/heimdal/lib/hdb/hdb.h b/crypto/heimdal/lib/hdb/hdb.h deleted file mode 100644 index 742b92405d45..000000000000 --- a/crypto/heimdal/lib/hdb/hdb.h +++ /dev/null @@ -1,144 +0,0 @@ -/* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: hdb.h 22198 2007-12-07 13:09:25Z lha $ */ - -#ifndef __HDB_H__ -#define __HDB_H__ - -#include - -#include -#include - -struct hdb_dbinfo; - -enum hdb_lockop{ HDB_RLOCK, HDB_WLOCK }; - -/* flags for various functions */ -#define HDB_F_DECRYPT 1 /* decrypt keys */ -#define HDB_F_REPLACE 2 /* replace entry */ -#define HDB_F_GET_CLIENT 4 /* fetch client */ -#define HDB_F_GET_SERVER 8 /* fetch server */ -#define HDB_F_GET_KRBTGT 16 /* fetch krbtgt */ -#define HDB_F_GET_ANY 28 /* fetch any of client,server,krbtgt */ -#define HDB_F_CANON 32 /* want canonicalition */ - -/* key usage for master key */ -#define HDB_KU_MKEY 0x484442 - -typedef struct hdb_master_key_data *hdb_master_key; - -typedef struct hdb_entry_ex { - void *ctx; - hdb_entry entry; - void (*free_entry)(krb5_context, struct hdb_entry_ex *); -} hdb_entry_ex; - - -typedef struct HDB{ - void *hdb_db; - void *hdb_dbc; - char *hdb_name; - int hdb_master_key_set; - hdb_master_key hdb_master_key; - int hdb_openp; - - krb5_error_code (*hdb_open)(krb5_context, - struct HDB*, - int, - mode_t); - krb5_error_code (*hdb_close)(krb5_context, - struct HDB*); - void (*hdb_free)(krb5_context, - struct HDB*, - hdb_entry_ex*); - krb5_error_code (*hdb_fetch)(krb5_context, - struct HDB*, - krb5_const_principal, - unsigned, - hdb_entry_ex*); - krb5_error_code (*hdb_store)(krb5_context, - struct HDB*, - unsigned, - hdb_entry_ex*); - krb5_error_code (*hdb_remove)(krb5_context, - struct HDB*, - krb5_const_principal); - krb5_error_code (*hdb_firstkey)(krb5_context, - struct HDB*, - unsigned, - hdb_entry_ex*); - krb5_error_code (*hdb_nextkey)(krb5_context, - struct HDB*, - unsigned, - hdb_entry_ex*); - krb5_error_code (*hdb_lock)(krb5_context, - struct HDB*, - int operation); - krb5_error_code (*hdb_unlock)(krb5_context, - struct HDB*); - krb5_error_code (*hdb_rename)(krb5_context, - struct HDB*, - const char*); - krb5_error_code (*hdb__get)(krb5_context, - struct HDB*, - krb5_data, - krb5_data*); - krb5_error_code (*hdb__put)(krb5_context, - struct HDB*, - int, - krb5_data, - krb5_data); - krb5_error_code (*hdb__del)(krb5_context, - struct HDB*, - krb5_data); - krb5_error_code (*hdb_destroy)(krb5_context, - struct HDB*); -}HDB; - -#define HDB_INTERFACE_VERSION 4 - -struct hdb_so_method { - int version; - const char *prefix; - krb5_error_code (*create)(krb5_context, HDB **, const char *filename); -}; - -typedef krb5_error_code (*hdb_foreach_func_t)(krb5_context, HDB*, - hdb_entry_ex*, void*); -extern krb5_kt_ops hdb_kt_ops; - -#include - -#endif /* __HDB_H__ */ diff --git a/crypto/heimdal/lib/hdb/hdb.schema b/crypto/heimdal/lib/hdb/hdb.schema deleted file mode 100644 index 6e5c0f7fd879..000000000000 --- a/crypto/heimdal/lib/hdb/hdb.schema +++ /dev/null @@ -1,139 +0,0 @@ -# Definitions for a Kerberos V KDC schema -# -# $Id: hdb.schema 14958 2005-04-25 17:33:40Z lha $ -# -# This version is compatible with OpenLDAP 1.8 -# -# OID Base is iso(1) org(3) dod(6) internet(1) private(4) enterprise(1) padl(5322) kdcSchema(10) -# -# Syntaxes are under 1.3.6.1.4.1.5322.10.0 -# Attributes types are under 1.3.6.1.4.1.5322.10.1 -# Object classes are under 1.3.6.1.4.1.5322.10.2 - -# Syntax definitions - -#krb5KDCFlagsSyntax SYNTAX ::= { -# WITH SYNTAX INTEGER -#-- initial(0), -- require as-req -#-- forwardable(1), -- may issue forwardable -#-- proxiable(2), -- may issue proxiable -#-- renewable(3), -- may issue renewable -#-- postdate(4), -- may issue postdatable -#-- server(5), -- may be server -#-- client(6), -- may be client -#-- invalid(7), -- entry is invalid -#-- require-preauth(8), -- must use preauth -#-- change-pw(9), -- change password service -#-- require-hwauth(10), -- must use hwauth -#-- ok-as-delegate(11), -- as in TicketFlags -#-- user-to-user(12), -- may use user-to-user auth -#-- immutable(13) -- may not be deleted -# ID { 1.3.6.1.4.1.5322.10.0.1 } -#} - -#krb5PrincipalNameSyntax SYNTAX ::= { -# WITH SYNTAX OCTET STRING -#-- String representations of distinguished names as per RFC1510 -# ID { 1.3.6.1.4.1.5322.10.0.2 } -#} - -# Attribute type definitions - -attributetype ( 1.3.6.1.4.1.5322.10.1.1 - NAME 'krb5PrincipalName' - DESC 'The unparsed Kerberos principal name' - EQUALITY caseExactIA5Match - SINGLE-VALUE - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) - -attributetype ( 1.3.6.1.4.1.5322.10.1.2 - NAME 'krb5KeyVersionNumber' - EQUALITY integerMatch - SINGLE-VALUE - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) - -attributetype ( 1.3.6.1.4.1.5322.10.1.3 - NAME 'krb5MaxLife' - EQUALITY integerMatch - SINGLE-VALUE - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) - -attributetype ( 1.3.6.1.4.1.5322.10.1.4 - NAME 'krb5MaxRenew' - EQUALITY integerMatch - SINGLE-VALUE - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) - -attributetype ( 1.3.6.1.4.1.5322.10.1.5 - NAME 'krb5KDCFlags' - EQUALITY integerMatch - SINGLE-VALUE - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) - -attributetype ( 1.3.6.1.4.1.5322.10.1.6 - NAME 'krb5EncryptionType' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) - -attributetype ( 1.3.6.1.4.1.5322.10.1.7 - NAME 'krb5ValidStart' - EQUALITY generalizedTimeMatch - ORDERING generalizedTimeOrderingMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 - SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.5322.10.1.8 - NAME 'krb5ValidEnd' - EQUALITY generalizedTimeMatch - ORDERING generalizedTimeOrderingMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 - SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.5322.10.1.9 - NAME 'krb5PasswordEnd' - EQUALITY generalizedTimeMatch - ORDERING generalizedTimeOrderingMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 - SINGLE-VALUE ) - -# this is temporary; keys will eventually -# be child entries or compound attributes. -attributetype ( 1.3.6.1.4.1.5322.10.1.10 - NAME 'krb5Key' - DESC 'Encoded ASN1 Key as an octet string' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ) - -attributetype ( 1.3.6.1.4.1.5322.10.1.11 - NAME 'krb5PrincipalRealm' - DESC 'Distinguished name of krb5Realm entry' - SUP distinguishedName ) - -attributetype ( 1.3.6.1.4.1.5322.10.1.12 - NAME 'krb5RealmName' - EQUALITY octetStringMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} ) - -# Object class definitions - -objectclass ( 1.3.6.1.4.1.5322.10.2.1 - NAME 'krb5Principal' - SUP top - AUXILIARY - MUST ( krb5PrincipalName ) - MAY ( cn $ krb5PrincipalRealm ) ) - -objectclass ( 1.3.6.1.4.1.5322.10.2.2 - NAME 'krb5KDCEntry' - SUP krb5Principal - AUXILIARY - MUST ( krb5KeyVersionNumber ) - MAY ( krb5ValidStart $ krb5ValidEnd $ krb5PasswordEnd $ - krb5MaxLife $ krb5MaxRenew $ krb5KDCFlags $ - krb5EncryptionType $ krb5Key ) ) - -objectclass ( 1.3.6.1.4.1.5322.10.2.3 - NAME 'krb5Realm' - SUP top - AUXILIARY - MUST ( krb5RealmName ) ) - diff --git a/crypto/heimdal/lib/hdb/hdb_err.et b/crypto/heimdal/lib/hdb/hdb_err.et deleted file mode 100644 index 5c5b80bb3660..000000000000 --- a/crypto/heimdal/lib/hdb/hdb_err.et +++ /dev/null @@ -1,28 +0,0 @@ -# -# Error messages for the hdb library -# -# This might look like a com_err file, but is not -# -id "$Id: hdb_err.et 15878 2005-08-11 13:17:22Z lha $" - -error_table hdb - -prefix HDB_ERR - -index 1 -#error_code INUSE, "Entry already exists in database" -error_code UK_SERROR, "Database store error" -error_code UK_RERROR, "Database read error" -error_code NOENTRY, "No such entry in the database" -error_code DB_INUSE, "Database is locked or in use--try again later" -error_code DB_CHANGED, "Database was modified during read" -error_code RECURSIVELOCK, "Attempt to lock database twice" -error_code NOTLOCKED, "Attempt to unlock database when not locked" -error_code BADLOCKMODE, "Invalid kdb lock mode" -error_code CANT_LOCK_DB, "Insufficient access to lock database" -error_code EXISTS, "Entry already exists in database" -error_code BADVERSION, "Wrong database version" -error_code NO_MKEY, "No correct master key" -error_code MANDATORY_OPTION, "Entry contains unknown mandatory extension" - -end diff --git a/crypto/heimdal/lib/hdb/hdb_locl.h b/crypto/heimdal/lib/hdb/hdb_locl.h deleted file mode 100644 index abb4cd45d045..000000000000 --- a/crypto/heimdal/lib/hdb/hdb_locl.h +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: hdb_locl.h 22209 2007-12-07 19:03:41Z lha $ */ - -#ifndef __HDB_LOCL_H__ -#define __HDB_LOCL_H__ - -#include - -#include -#include -#include -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_SYS_FILE_H -#include -#endif -#ifdef HAVE_LIMITS_H -#include -#endif -#include - -#include "crypto-headers.h" -#include -#include -#include - -#define HDB_DEFAULT_DB HDB_DB_DIR "/heimdal" -#define HDB_DB_FORMAT_ENTRY "hdb/db-format" - -#endif /* __HDB_LOCL_H__ */ diff --git a/crypto/heimdal/lib/hdb/keys.c b/crypto/heimdal/lib/hdb/keys.c deleted file mode 100644 index 60a58677fef9..000000000000 --- a/crypto/heimdal/lib/hdb/keys.c +++ /dev/null @@ -1,398 +0,0 @@ -/* - * Copyright (c) 1997 - 2001, 2003 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hdb_locl.h" - -RCSID("$Id: keys.c 22071 2007-11-14 20:04:50Z lha $"); - -/* - * free all the memory used by (len, keys) - */ - -void -hdb_free_keys (krb5_context context, int len, Key *keys) -{ - int i; - - for (i = 0; i < len; i++) { - free(keys[i].mkvno); - keys[i].mkvno = NULL; - if (keys[i].salt != NULL) { - free_Salt(keys[i].salt); - free(keys[i].salt); - keys[i].salt = NULL; - } - krb5_free_keyblock_contents(context, &keys[i].key); - } - free (keys); -} - -/* - * for each entry in `default_keys' try to parse it as a sequence - * of etype:salttype:salt, syntax of this if something like: - * [(des|des3|etype):](pw-salt|afs3)[:string], if etype is omitted it - * means all etypes, and if string is omitted is means the default - * string (for that principal). Additional special values: - * v5 == pw-salt, and - * v4 == des:pw-salt: - * afs or afs3 == des:afs3-salt - */ - -/* the 3 DES types must be first */ -static const krb5_enctype all_etypes[] = { - ETYPE_DES_CBC_MD5, - ETYPE_DES_CBC_MD4, - ETYPE_DES_CBC_CRC, - ETYPE_AES256_CTS_HMAC_SHA1_96, - ETYPE_ARCFOUR_HMAC_MD5, - ETYPE_DES3_CBC_SHA1 -}; - -static krb5_error_code -parse_key_set(krb5_context context, const char *key, - krb5_enctype **ret_enctypes, size_t *ret_num_enctypes, - krb5_salt *salt, krb5_principal principal) -{ - const char *p; - char buf[3][256]; - int num_buf = 0; - int i, num_enctypes = 0; - krb5_enctype e; - const krb5_enctype *enctypes = NULL; - krb5_error_code ret; - - p = key; - - *ret_enctypes = NULL; - *ret_num_enctypes = 0; - - /* split p in a list of :-separated strings */ - for(num_buf = 0; num_buf < 3; num_buf++) - if(strsep_copy(&p, ":", buf[num_buf], sizeof(buf[num_buf])) == -1) - break; - - salt->saltvalue.data = NULL; - salt->saltvalue.length = 0; - - for(i = 0; i < num_buf; i++) { - if(enctypes == NULL && num_buf > 1) { - /* this might be a etype specifier */ - /* XXX there should be a string_to_etypes handling - special cases like `des' and `all' */ - if(strcmp(buf[i], "des") == 0) { - enctypes = all_etypes; - num_enctypes = 3; - } else if(strcmp(buf[i], "des3") == 0) { - e = ETYPE_DES3_CBC_SHA1; - enctypes = &e; - num_enctypes = 1; - } else { - ret = krb5_string_to_enctype(context, buf[i], &e); - if (ret == 0) { - enctypes = &e; - num_enctypes = 1; - } else - return ret; - } - continue; - } - if(salt->salttype == 0) { - /* interpret string as a salt specifier, if no etype - is set, this sets default values */ - /* XXX should perhaps use string_to_salttype, but that - interface sucks */ - if(strcmp(buf[i], "pw-salt") == 0) { - if(enctypes == NULL) { - enctypes = all_etypes; - num_enctypes = sizeof(all_etypes)/sizeof(all_etypes[0]); - } - salt->salttype = KRB5_PW_SALT; - } else if(strcmp(buf[i], "afs3-salt") == 0) { - if(enctypes == NULL) { - enctypes = all_etypes; - num_enctypes = 3; - } - salt->salttype = KRB5_AFS3_SALT; - } - continue; - } - - { - /* if there is a final string, use it as the string to - salt with, this is mostly useful with null salt for - v4 compat, and a cell name for afs compat */ - salt->saltvalue.data = strdup(buf[i]); - if (salt->saltvalue.data == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - salt->saltvalue.length = strlen(buf[i]); - } - } - - if(enctypes == NULL || salt->salttype == 0) { - krb5_set_error_string(context, "bad value for default_keys `%s'", key); - return EINVAL; - } - - /* if no salt was specified make up default salt */ - if(salt->saltvalue.data == NULL) { - if(salt->salttype == KRB5_PW_SALT) - ret = krb5_get_pw_salt(context, principal, salt); - else if(salt->salttype == KRB5_AFS3_SALT) { - krb5_realm *realm = krb5_princ_realm(context, principal); - salt->saltvalue.data = strdup(*realm); - if(salt->saltvalue.data == NULL) { - krb5_set_error_string(context, "out of memory while " - "parsing salt specifiers"); - return ENOMEM; - } - strlwr(salt->saltvalue.data); - salt->saltvalue.length = strlen(*realm); - } - } - - *ret_enctypes = malloc(sizeof(enctypes[0]) * num_enctypes); - if (*ret_enctypes == NULL) { - krb5_free_salt(context, *salt); - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - memcpy(*ret_enctypes, enctypes, sizeof(enctypes[0]) * num_enctypes); - *ret_num_enctypes = num_enctypes; - - return 0; -} - -static krb5_error_code -add_enctype_to_key_set(Key **key_set, size_t *nkeyset, - krb5_enctype enctype, krb5_salt *salt) -{ - krb5_error_code ret; - Key key, *tmp; - - memset(&key, 0, sizeof(key)); - - tmp = realloc(*key_set, (*nkeyset + 1) * sizeof((*key_set)[0])); - if (tmp == NULL) - return ENOMEM; - - *key_set = tmp; - - key.key.keytype = enctype; - key.key.keyvalue.length = 0; - key.key.keyvalue.data = NULL; - - if (salt) { - key.salt = malloc(sizeof(*key.salt)); - if (key.salt == NULL) { - free_Key(&key); - return ENOMEM; - } - - key.salt->type = salt->salttype; - krb5_data_zero (&key.salt->salt); - - ret = krb5_data_copy(&key.salt->salt, - salt->saltvalue.data, - salt->saltvalue.length); - if (ret) { - free_Key(&key); - return ret; - } - } else - key.salt = NULL; - - (*key_set)[*nkeyset] = key; - - *nkeyset += 1; - - return 0; -} - - -/* - * Generate the `key_set' from the [kadmin]default_keys statement. If - * `no_salt' is set, salt is not important (and will not be set) since - * it's random keys that is going to be created. - */ - -krb5_error_code -hdb_generate_key_set(krb5_context context, krb5_principal principal, - Key **ret_key_set, size_t *nkeyset, int no_salt) -{ - char **ktypes, **kp; - krb5_error_code ret; - Key *k, *key_set; - int i, j; - char *default_keytypes[] = { - "des:pw-salt", - "aes256-cts-hmac-sha1-96:pw-salt", - "des3-cbc-sha1:pw-salt", - "arcfour-hmac-md5:pw-salt", - NULL - }; - - ktypes = krb5_config_get_strings(context, NULL, "kadmin", - "default_keys", NULL); - if (ktypes == NULL) - ktypes = default_keytypes; - - if (ktypes == NULL) - abort(); - - *ret_key_set = key_set = NULL; - *nkeyset = 0; - - ret = 0; - - for(kp = ktypes; kp && *kp; kp++) { - const char *p; - krb5_salt salt; - krb5_enctype *enctypes; - size_t num_enctypes; - - p = *kp; - /* check alias */ - if(strcmp(p, "v5") == 0) - p = "pw-salt"; - else if(strcmp(p, "v4") == 0) - p = "des:pw-salt:"; - else if(strcmp(p, "afs") == 0 || strcmp(p, "afs3") == 0) - p = "des:afs3-salt"; - else if (strcmp(p, "arcfour-hmac-md5") == 0) - p = "arcfour-hmac-md5:pw-salt"; - - memset(&salt, 0, sizeof(salt)); - - ret = parse_key_set(context, p, - &enctypes, &num_enctypes, &salt, principal); - if (ret) { - krb5_warn(context, ret, "bad value for default_keys `%s'", *kp); - ret = 0; - continue; - } - - for (i = 0; i < num_enctypes; i++) { - /* find duplicates */ - for (j = 0; j < *nkeyset; j++) { - - k = &key_set[j]; - - if (k->key.keytype == enctypes[i]) { - if (no_salt) - break; - if (k->salt == NULL && salt.salttype == KRB5_PW_SALT) - break; - if (k->salt->type == salt.salttype && - k->salt->salt.length == salt.saltvalue.length && - memcmp(k->salt->salt.data, salt.saltvalue.data, - salt.saltvalue.length) == 0) - break; - } - } - /* not a duplicate, lets add it */ - if (j == *nkeyset) { - ret = add_enctype_to_key_set(&key_set, nkeyset, enctypes[i], - no_salt ? NULL : &salt); - if (ret) { - free(enctypes); - krb5_free_salt(context, salt); - goto out; - } - } - } - free(enctypes); - krb5_free_salt(context, salt); - } - - *ret_key_set = key_set; - - out: - if (ktypes != default_keytypes) - krb5_config_free_strings(ktypes); - - if (ret) { - krb5_warn(context, ret, - "failed to parse the [kadmin]default_keys values"); - - for (i = 0; i < *nkeyset; i++) - free_Key(&key_set[i]); - free(key_set); - } else if (*nkeyset == 0) { - krb5_warnx(context, - "failed to parse any of the [kadmin]default_keys values"); - ret = EINVAL; /* XXX */ - } - - return ret; -} - - -krb5_error_code -hdb_generate_key_set_password(krb5_context context, - krb5_principal principal, - const char *password, - Key **keys, size_t *num_keys) -{ - krb5_error_code ret; - int i; - - ret = hdb_generate_key_set(context, principal, - keys, num_keys, 0); - if (ret) - return ret; - - for (i = 0; i < (*num_keys); i++) { - krb5_salt salt; - - salt.salttype = (*keys)[i].salt->type; - salt.saltvalue.length = (*keys)[i].salt->salt.length; - salt.saltvalue.data = (*keys)[i].salt->salt.data; - - ret = krb5_string_to_key_salt (context, - (*keys)[i].key.keytype, - password, - salt, - &(*keys)[i].key); - - if(ret) - break; - } - - if(ret) { - hdb_free_keys (context, *num_keys, *keys); - return ret; - } - return ret; -} diff --git a/crypto/heimdal/lib/hdb/keytab.c b/crypto/heimdal/lib/hdb/keytab.c deleted file mode 100644 index e319bb503155..000000000000 --- a/crypto/heimdal/lib/hdb/keytab.c +++ /dev/null @@ -1,272 +0,0 @@ -/* - * Copyright (c) 1999 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hdb_locl.h" - -/* keytab backend for HDB databases */ - -RCSID("$Id: keytab.c 18380 2006-10-09 12:36:40Z lha $"); - -struct hdb_data { - char *dbname; - char *mkey; -}; - -/* - * the format for HDB keytabs is: - * HDB:[database:file:mkey] - */ - -static krb5_error_code -hdb_resolve(krb5_context context, const char *name, krb5_keytab id) -{ - struct hdb_data *d; - const char *db, *mkey; - - d = malloc(sizeof(*d)); - if(d == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - db = name; - mkey = strchr(name, ':'); - if(mkey == NULL || mkey[1] == '\0') { - if(*name == '\0') - d->dbname = NULL; - else { - d->dbname = strdup(name); - if(d->dbname == NULL) { - free(d); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - } - d->mkey = NULL; - } else { - if((mkey - db) == 0) { - d->dbname = NULL; - } else { - d->dbname = malloc(mkey - db + 1); - if(d->dbname == NULL) { - free(d); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - memmove(d->dbname, db, mkey - db); - d->dbname[mkey - db] = '\0'; - } - d->mkey = strdup(mkey + 1); - if(d->mkey == NULL) { - free(d->dbname); - free(d); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - } - id->data = d; - return 0; -} - -static krb5_error_code -hdb_close(krb5_context context, krb5_keytab id) -{ - struct hdb_data *d = id->data; - - free(d->dbname); - free(d->mkey); - free(d); - return 0; -} - -static krb5_error_code -hdb_get_name(krb5_context context, - krb5_keytab id, - char *name, - size_t namesize) -{ - struct hdb_data *d = id->data; - - snprintf(name, namesize, "%s%s%s", - d->dbname ? d->dbname : "", - (d->dbname || d->mkey) ? ":" : "", - d->mkey ? d->mkey : ""); - return 0; -} - -static void -set_config (krb5_context context, - const krb5_config_binding *binding, - const char **dbname, - const char **mkey) -{ - *dbname = krb5_config_get_string(context, binding, "dbname", NULL); - *mkey = krb5_config_get_string(context, binding, "mkey_file", NULL); -} - -/* - * try to figure out the database (`dbname') and master-key (`mkey') - * that should be used for `principal'. - */ - -static void -find_db (krb5_context context, - const char **dbname, - const char **mkey, - krb5_const_principal principal) -{ - const krb5_config_binding *top_bind = NULL; - const krb5_config_binding *default_binding = NULL; - const krb5_config_binding *db; - krb5_realm *prealm = krb5_princ_realm(context, rk_UNCONST(principal)); - - *dbname = *mkey = NULL; - - while ((db = - krb5_config_get_next(context, - NULL, - &top_bind, - krb5_config_list, - "kdc", - "database", - NULL)) != NULL) { - const char *p; - - p = krb5_config_get_string (context, db, "realm", NULL); - if (p == NULL) { - if(default_binding) { - krb5_warnx(context, "WARNING: more than one realm-less " - "database specification"); - krb5_warnx(context, "WARNING: using the first encountered"); - } else - default_binding = db; - } else if (strcmp (*prealm, p) == 0) { - set_config (context, db, dbname, mkey); - break; - } - } - if (*dbname == NULL && default_binding != NULL) - set_config (context, default_binding, dbname, mkey); - if (*dbname == NULL) - *dbname = HDB_DEFAULT_DB; -} - -/* - * find the keytab entry in `id' for `principal, kvno, enctype' and return - * it in `entry'. return 0 or an error code - */ - -static krb5_error_code -hdb_get_entry(krb5_context context, - krb5_keytab id, - krb5_const_principal principal, - krb5_kvno kvno, - krb5_enctype enctype, - krb5_keytab_entry *entry) -{ - hdb_entry_ex ent; - krb5_error_code ret; - struct hdb_data *d = id->data; - int i; - HDB *db; - const char *dbname = d->dbname; - const char *mkey = d->mkey; - - memset(&ent, 0, sizeof(ent)); - - if (dbname == NULL) - find_db (context, &dbname, &mkey, principal); - - ret = hdb_create (context, &db, dbname); - if (ret) - return ret; - ret = hdb_set_master_keyfile (context, db, mkey); - if (ret) { - (*db->hdb_destroy)(context, db); - return ret; - } - - ret = (*db->hdb_open)(context, db, O_RDONLY, 0); - if (ret) { - (*db->hdb_destroy)(context, db); - return ret; - } - ret = (*db->hdb_fetch)(context, db, principal, - HDB_F_DECRYPT| - HDB_F_GET_CLIENT|HDB_F_GET_SERVER|HDB_F_GET_KRBTGT, - &ent); - - if(ret == HDB_ERR_NOENTRY) { - ret = KRB5_KT_NOTFOUND; - goto out; - }else if(ret) - goto out; - - if(kvno && ent.entry.kvno != kvno) { - hdb_free_entry(context, &ent); - ret = KRB5_KT_NOTFOUND; - goto out; - } - if(enctype == 0) - if(ent.entry.keys.len > 0) - enctype = ent.entry.keys.val[0].key.keytype; - ret = KRB5_KT_NOTFOUND; - for(i = 0; i < ent.entry.keys.len; i++) { - if(ent.entry.keys.val[i].key.keytype == enctype) { - krb5_copy_principal(context, principal, &entry->principal); - entry->vno = ent.entry.kvno; - krb5_copy_keyblock_contents(context, - &ent.entry.keys.val[i].key, - &entry->keyblock); - ret = 0; - break; - } - } - hdb_free_entry(context, &ent); -out: - (*db->hdb_close)(context, db); - (*db->hdb_destroy)(context, db); - return ret; -} - -krb5_kt_ops hdb_kt_ops = { - "HDB", - hdb_resolve, - hdb_get_name, - hdb_close, - hdb_get_entry, - NULL, /* start_seq_get */ - NULL, /* next_entry */ - NULL, /* end_seq_get */ - NULL, /* add */ - NULL /* remove */ -}; diff --git a/crypto/heimdal/lib/hdb/mkey.c b/crypto/heimdal/lib/hdb/mkey.c deleted file mode 100644 index 05cf71c59311..000000000000 --- a/crypto/heimdal/lib/hdb/mkey.c +++ /dev/null @@ -1,603 +0,0 @@ -/* - * Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hdb_locl.h" -#ifndef O_BINARY -#define O_BINARY 0 -#endif - -RCSID("$Id: mkey.c 21745 2007-07-31 16:11:25Z lha $"); - -struct hdb_master_key_data { - krb5_keytab_entry keytab; - krb5_crypto crypto; - struct hdb_master_key_data *next; -}; - -void -hdb_free_master_key(krb5_context context, hdb_master_key mkey) -{ - struct hdb_master_key_data *ptr; - while(mkey) { - krb5_kt_free_entry(context, &mkey->keytab); - if (mkey->crypto) - krb5_crypto_destroy(context, mkey->crypto); - ptr = mkey; - mkey = mkey->next; - free(ptr); - } -} - -krb5_error_code -hdb_process_master_key(krb5_context context, - int kvno, krb5_keyblock *key, krb5_enctype etype, - hdb_master_key *mkey) -{ - krb5_error_code ret; - - *mkey = calloc(1, sizeof(**mkey)); - if(*mkey == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - (*mkey)->keytab.vno = kvno; - ret = krb5_parse_name(context, "K/M", &(*mkey)->keytab.principal); - if(ret) - goto fail; - ret = krb5_copy_keyblock_contents(context, key, &(*mkey)->keytab.keyblock); - if(ret) - goto fail; - if(etype != 0) - (*mkey)->keytab.keyblock.keytype = etype; - (*mkey)->keytab.timestamp = time(NULL); - ret = krb5_crypto_init(context, key, etype, &(*mkey)->crypto); - if(ret) - goto fail; - return 0; - fail: - hdb_free_master_key(context, *mkey); - *mkey = NULL; - return ret; -} - -krb5_error_code -hdb_add_master_key(krb5_context context, krb5_keyblock *key, - hdb_master_key *inout) -{ - int vno = 0; - hdb_master_key p; - krb5_error_code ret; - - for(p = *inout; p; p = p->next) - vno = max(vno, p->keytab.vno); - vno++; - ret = hdb_process_master_key(context, vno, key, 0, &p); - if(ret) - return ret; - p->next = *inout; - *inout = p; - return 0; -} - -static krb5_error_code -read_master_keytab(krb5_context context, const char *filename, - hdb_master_key *mkey) -{ - krb5_error_code ret; - krb5_keytab id; - krb5_kt_cursor cursor; - krb5_keytab_entry entry; - hdb_master_key p; - - ret = krb5_kt_resolve(context, filename, &id); - if(ret) - return ret; - - ret = krb5_kt_start_seq_get(context, id, &cursor); - if(ret) - goto out; - *mkey = NULL; - while(krb5_kt_next_entry(context, id, &entry, &cursor) == 0) { - p = calloc(1, sizeof(*p)); - if(p == NULL) { - krb5_kt_end_seq_get(context, id, &cursor); - ret = ENOMEM; - goto out; - } - p->keytab = entry; - ret = krb5_crypto_init(context, &p->keytab.keyblock, 0, &p->crypto); - p->next = *mkey; - *mkey = p; - } - krb5_kt_end_seq_get(context, id, &cursor); - out: - krb5_kt_close(context, id); - return ret; -} - -/* read a MIT master keyfile */ -static krb5_error_code -read_master_mit(krb5_context context, const char *filename, - hdb_master_key *mkey) -{ - int fd; - krb5_error_code ret; - krb5_storage *sp; - int16_t enctype; - krb5_keyblock key; - - fd = open(filename, O_RDONLY | O_BINARY); - if(fd < 0) { - int save_errno = errno; - krb5_set_error_string(context, "failed to open %s: %s", filename, - strerror(save_errno)); - return save_errno; - } - sp = krb5_storage_from_fd(fd); - if(sp == NULL) { - close(fd); - return errno; - } - krb5_storage_set_flags(sp, KRB5_STORAGE_HOST_BYTEORDER); -#if 0 - /* could possibly use ret_keyblock here, but do it with more - checks for now */ - ret = krb5_ret_keyblock(sp, &key); -#else - ret = krb5_ret_int16(sp, &enctype); - if((htons(enctype) & 0xff00) == 0x3000) { - krb5_set_error_string(context, "unknown keytype in %s: %#x, expected %#x", - filename, htons(enctype), 0x3000); - ret = HEIM_ERR_BAD_MKEY; - goto out; - } - key.keytype = enctype; - ret = krb5_ret_data(sp, &key.keyvalue); - if(ret) - goto out; -#endif - ret = hdb_process_master_key(context, 0, &key, 0, mkey); - krb5_free_keyblock_contents(context, &key); - out: - krb5_storage_free(sp); - close(fd); - return ret; -} - -/* read an old master key file */ -static krb5_error_code -read_master_encryptionkey(krb5_context context, const char *filename, - hdb_master_key *mkey) -{ - int fd; - krb5_keyblock key; - krb5_error_code ret; - unsigned char buf[256]; - ssize_t len; - size_t ret_len; - - fd = open(filename, O_RDONLY | O_BINARY); - if(fd < 0) { - int save_errno = errno; - krb5_set_error_string(context, "failed to open %s: %s", - filename, strerror(save_errno)); - return save_errno; - } - - len = read(fd, buf, sizeof(buf)); - close(fd); - if(len < 0) { - int save_errno = errno; - krb5_set_error_string(context, "error reading %s: %s", - filename, strerror(save_errno)); - return save_errno; - } - - ret = decode_EncryptionKey(buf, len, &key, &ret_len); - memset(buf, 0, sizeof(buf)); - if(ret) - return ret; - - /* Originally, the keytype was just that, and later it got changed - to des-cbc-md5, but we always used des in cfb64 mode. This - should cover all cases, but will break if someone has hacked - this code to really use des-cbc-md5 -- but then that's not my - problem. */ - if(key.keytype == KEYTYPE_DES || key.keytype == ETYPE_DES_CBC_MD5) - key.keytype = ETYPE_DES_CFB64_NONE; - - ret = hdb_process_master_key(context, 0, &key, 0, mkey); - krb5_free_keyblock_contents(context, &key); - return ret; -} - -/* read a krb4 /.k style file */ -static krb5_error_code -read_master_krb4(krb5_context context, const char *filename, - hdb_master_key *mkey) -{ - int fd; - krb5_keyblock key; - krb5_error_code ret; - unsigned char buf[256]; - ssize_t len; - - fd = open(filename, O_RDONLY | O_BINARY); - if(fd < 0) { - int save_errno = errno; - krb5_set_error_string(context, "failed to open %s: %s", - filename, strerror(save_errno)); - return save_errno; - } - - len = read(fd, buf, sizeof(buf)); - close(fd); - if(len < 0) { - int save_errno = errno; - krb5_set_error_string(context, "error reading %s: %s", - filename, strerror(save_errno)); - return save_errno; - } - if(len != 8) { - krb5_set_error_string(context, "bad contents of %s", filename); - return HEIM_ERR_EOF; /* XXX file might be too large */ - } - - memset(&key, 0, sizeof(key)); - key.keytype = ETYPE_DES_PCBC_NONE; - ret = krb5_data_copy(&key.keyvalue, buf, len); - memset(buf, 0, sizeof(buf)); - if(ret) - return ret; - - ret = hdb_process_master_key(context, 0, &key, 0, mkey); - krb5_free_keyblock_contents(context, &key); - return ret; -} - -krb5_error_code -hdb_read_master_key(krb5_context context, const char *filename, - hdb_master_key *mkey) -{ - FILE *f; - unsigned char buf[16]; - krb5_error_code ret; - - off_t len; - - *mkey = NULL; - - if(filename == NULL) - filename = HDB_DB_DIR "/m-key"; - - f = fopen(filename, "r"); - if(f == NULL) { - int save_errno = errno; - krb5_set_error_string(context, "failed to open %s: %s", - filename, strerror(save_errno)); - return save_errno; - } - - if(fread(buf, 1, 2, f) != 2) { - krb5_set_error_string(context, "end of file reading %s", filename); - fclose(f); - return HEIM_ERR_EOF; - } - - fseek(f, 0, SEEK_END); - len = ftell(f); - - if(fclose(f) != 0) - return errno; - - if(len < 0) - return errno; - - if(len == 8) { - ret = read_master_krb4(context, filename, mkey); - } else if(buf[0] == 0x30 && len <= 127 && buf[1] == len - 2) { - ret = read_master_encryptionkey(context, filename, mkey); - } else if(buf[0] == 5 && buf[1] >= 1 && buf[1] <= 2) { - ret = read_master_keytab(context, filename, mkey); - } else { - ret = read_master_mit(context, filename, mkey); - } - return ret; -} - -krb5_error_code -hdb_write_master_key(krb5_context context, const char *filename, - hdb_master_key mkey) -{ - krb5_error_code ret; - hdb_master_key p; - krb5_keytab kt; - - if(filename == NULL) - filename = HDB_DB_DIR "/m-key"; - - ret = krb5_kt_resolve(context, filename, &kt); - if(ret) - return ret; - - for(p = mkey; p; p = p->next) { - ret = krb5_kt_add_entry(context, kt, &p->keytab); - } - - krb5_kt_close(context, kt); - - return ret; -} - -hdb_master_key -_hdb_find_master_key(uint32_t *mkvno, hdb_master_key mkey) -{ - hdb_master_key ret = NULL; - while(mkey) { - if(ret == NULL && mkey->keytab.vno == 0) - ret = mkey; - if(mkvno == NULL) { - if(ret == NULL || mkey->keytab.vno > ret->keytab.vno) - ret = mkey; - } else if(mkey->keytab.vno == *mkvno) - return mkey; - mkey = mkey->next; - } - return ret; -} - -int -_hdb_mkey_version(hdb_master_key mkey) -{ - return mkey->keytab.vno; -} - -int -_hdb_mkey_decrypt(krb5_context context, hdb_master_key key, - krb5_key_usage usage, - void *ptr, size_t size, krb5_data *res) -{ - return krb5_decrypt(context, key->crypto, usage, - ptr, size, res); -} - -int -_hdb_mkey_encrypt(krb5_context context, hdb_master_key key, - krb5_key_usage usage, - const void *ptr, size_t size, krb5_data *res) -{ - return krb5_encrypt(context, key->crypto, usage, - ptr, size, res); -} - -krb5_error_code -hdb_unseal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey) -{ - - krb5_error_code ret; - krb5_data res; - size_t keysize; - - hdb_master_key key; - - if(k->mkvno == NULL) - return 0; - - key = _hdb_find_master_key(k->mkvno, mkey); - - if (key == NULL) - return HDB_ERR_NO_MKEY; - - ret = _hdb_mkey_decrypt(context, key, HDB_KU_MKEY, - k->key.keyvalue.data, - k->key.keyvalue.length, - &res); - if(ret == KRB5KRB_AP_ERR_BAD_INTEGRITY) { - /* try to decrypt with MIT key usage */ - ret = _hdb_mkey_decrypt(context, key, 0, - k->key.keyvalue.data, - k->key.keyvalue.length, - &res); - } - if (ret) - return ret; - - /* fixup keylength if the key got padded when encrypting it */ - ret = krb5_enctype_keysize(context, k->key.keytype, &keysize); - if (ret) { - krb5_data_free(&res); - return ret; - } - if (keysize > res.length) { - krb5_data_free(&res); - return KRB5_BAD_KEYSIZE; - } - - memset(k->key.keyvalue.data, 0, k->key.keyvalue.length); - free(k->key.keyvalue.data); - k->key.keyvalue = res; - k->key.keyvalue.length = keysize; - free(k->mkvno); - k->mkvno = NULL; - - return 0; -} - -krb5_error_code -hdb_unseal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey) -{ - int i; - - for(i = 0; i < ent->keys.len; i++){ - krb5_error_code ret; - - ret = hdb_unseal_key_mkey(context, &ent->keys.val[i], mkey); - if (ret) - return ret; - } - return 0; -} - -krb5_error_code -hdb_unseal_keys(krb5_context context, HDB *db, hdb_entry *ent) -{ - if (db->hdb_master_key_set == 0) - return 0; - return hdb_unseal_keys_mkey(context, ent, db->hdb_master_key); -} - -krb5_error_code -hdb_unseal_key(krb5_context context, HDB *db, Key *k) -{ - if (db->hdb_master_key_set == 0) - return 0; - return hdb_unseal_key_mkey(context, k, db->hdb_master_key); -} - -krb5_error_code -hdb_seal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey) -{ - krb5_error_code ret; - krb5_data res; - hdb_master_key key; - - if(k->mkvno != NULL) - return 0; - - key = _hdb_find_master_key(k->mkvno, mkey); - - if (key == NULL) - return HDB_ERR_NO_MKEY; - - ret = _hdb_mkey_encrypt(context, key, HDB_KU_MKEY, - k->key.keyvalue.data, - k->key.keyvalue.length, - &res); - if (ret) - return ret; - - memset(k->key.keyvalue.data, 0, k->key.keyvalue.length); - free(k->key.keyvalue.data); - k->key.keyvalue = res; - - if (k->mkvno == NULL) { - k->mkvno = malloc(sizeof(*k->mkvno)); - if (k->mkvno == NULL) - return ENOMEM; - } - *k->mkvno = key->keytab.vno; - - return 0; -} - -krb5_error_code -hdb_seal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey) -{ - int i; - for(i = 0; i < ent->keys.len; i++){ - krb5_error_code ret; - - ret = hdb_seal_key_mkey(context, &ent->keys.val[i], mkey); - if (ret) - return ret; - } - return 0; -} - -krb5_error_code -hdb_seal_keys(krb5_context context, HDB *db, hdb_entry *ent) -{ - if (db->hdb_master_key_set == 0) - return 0; - - return hdb_seal_keys_mkey(context, ent, db->hdb_master_key); -} - -krb5_error_code -hdb_seal_key(krb5_context context, HDB *db, Key *k) -{ - if (db->hdb_master_key_set == 0) - return 0; - - return hdb_seal_key_mkey(context, k, db->hdb_master_key); -} - -krb5_error_code -hdb_set_master_key (krb5_context context, - HDB *db, - krb5_keyblock *key) -{ - krb5_error_code ret; - hdb_master_key mkey; - - ret = hdb_process_master_key(context, 0, key, 0, &mkey); - if (ret) - return ret; - db->hdb_master_key = mkey; -#if 0 /* XXX - why? */ - des_set_random_generator_seed(key.keyvalue.data); -#endif - db->hdb_master_key_set = 1; - return 0; -} - -krb5_error_code -hdb_set_master_keyfile (krb5_context context, - HDB *db, - const char *keyfile) -{ - hdb_master_key key; - krb5_error_code ret; - - ret = hdb_read_master_key(context, keyfile, &key); - if (ret) { - if (ret != ENOENT) - return ret; - krb5_clear_error_string(context); - return 0; - } - db->hdb_master_key = key; - db->hdb_master_key_set = 1; - return ret; -} - -krb5_error_code -hdb_clear_master_key (krb5_context context, - HDB *db) -{ - if (db->hdb_master_key_set) { - hdb_free_master_key(context, db->hdb_master_key); - db->hdb_master_key_set = 0; - } - return 0; -} diff --git a/crypto/heimdal/lib/hdb/ndbm.c b/crypto/heimdal/lib/hdb/ndbm.c deleted file mode 100644 index 6575b8a4171c..000000000000 --- a/crypto/heimdal/lib/hdb/ndbm.c +++ /dev/null @@ -1,370 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hdb_locl.h" - -RCSID("$Id: ndbm.c 16395 2005-12-13 11:54:10Z lha $"); - -#if HAVE_NDBM - -#if defined(HAVE_GDBM_NDBM_H) -#include -#elif defined(HAVE_NDBM_H) -#include -#elif defined(HAVE_DBM_H) -#include -#endif - -struct ndbm_db { - DBM *db; - int lock_fd; -}; - -static krb5_error_code -NDBM_destroy(krb5_context context, HDB *db) -{ - krb5_error_code ret; - - ret = hdb_clear_master_key (context, db); - free(db->hdb_name); - free(db); - return 0; -} - -static krb5_error_code -NDBM_lock(krb5_context context, HDB *db, int operation) -{ - struct ndbm_db *d = db->hdb_db; - return hdb_lock(d->lock_fd, operation); -} - -static krb5_error_code -NDBM_unlock(krb5_context context, HDB *db) -{ - struct ndbm_db *d = db->hdb_db; - return hdb_unlock(d->lock_fd); -} - -static krb5_error_code -NDBM_seq(krb5_context context, HDB *db, - unsigned flags, hdb_entry_ex *entry, int first) - -{ - struct ndbm_db *d = (struct ndbm_db *)db->hdb_db; - datum key, value; - krb5_data key_data, data; - krb5_error_code ret = 0; - - if(first) - key = dbm_firstkey(d->db); - else - key = dbm_nextkey(d->db); - if(key.dptr == NULL) - return HDB_ERR_NOENTRY; - key_data.data = key.dptr; - key_data.length = key.dsize; - ret = db->hdb_lock(context, db, HDB_RLOCK); - if(ret) return ret; - value = dbm_fetch(d->db, key); - db->hdb_unlock(context, db); - data.data = value.dptr; - data.length = value.dsize; - memset(entry, 0, sizeof(*entry)); - if(hdb_value2entry(context, &data, &entry->entry)) - return NDBM_seq(context, db, flags, entry, 0); - if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) { - ret = hdb_unseal_keys (context, db, &entry->entry); - if (ret) - hdb_free_entry (context, entry); - } - if (ret == 0 && entry->entry.principal == NULL) { - entry->entry.principal = malloc (sizeof(*entry->entry.principal)); - if (entry->entry.principal == NULL) { - ret = ENOMEM; - hdb_free_entry (context, entry); - krb5_set_error_string(context, "malloc: out of memory"); - } else { - hdb_key2principal (context, &key_data, entry->entry.principal); - } - } - return ret; -} - - -static krb5_error_code -NDBM_firstkey(krb5_context context, HDB *db,unsigned flags,hdb_entry_ex *entry) -{ - return NDBM_seq(context, db, flags, entry, 1); -} - - -static krb5_error_code -NDBM_nextkey(krb5_context context, HDB *db, unsigned flags,hdb_entry_ex *entry) -{ - return NDBM_seq(context, db, flags, entry, 0); -} - -static krb5_error_code -NDBM_rename(krb5_context context, HDB *db, const char *new_name) -{ - /* XXX this function will break */ - struct ndbm_db *d = db->hdb_db; - - int ret; - char *old_dir, *old_pag, *new_dir, *new_pag; - char *new_lock; - int lock_fd; - - /* lock old and new databases */ - ret = db->hdb_lock(context, db, HDB_WLOCK); - if(ret) - return ret; - asprintf(&new_lock, "%s.lock", new_name); - if(new_lock == NULL) { - db->hdb_unlock(context, db); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - lock_fd = open(new_lock, O_RDWR | O_CREAT, 0600); - if(lock_fd < 0) { - ret = errno; - db->hdb_unlock(context, db); - krb5_set_error_string(context, "open(%s): %s", new_lock, - strerror(ret)); - free(new_lock); - return ret; - } - free(new_lock); - ret = hdb_lock(lock_fd, HDB_WLOCK); - if(ret) { - db->hdb_unlock(context, db); - close(lock_fd); - return ret; - } - - asprintf(&old_dir, "%s.dir", db->hdb_name); - asprintf(&old_pag, "%s.pag", db->hdb_name); - asprintf(&new_dir, "%s.dir", new_name); - asprintf(&new_pag, "%s.pag", new_name); - - ret = rename(old_dir, new_dir) || rename(old_pag, new_pag); - free(old_dir); - free(old_pag); - free(new_dir); - free(new_pag); - hdb_unlock(lock_fd); - db->hdb_unlock(context, db); - - if(ret) { - ret = errno; - close(lock_fd); - krb5_set_error_string(context, "rename: %s", strerror(ret)); - return ret; - } - - close(d->lock_fd); - d->lock_fd = lock_fd; - - free(db->hdb_name); - db->hdb_name = strdup(new_name); - return 0; -} - -static krb5_error_code -NDBM__get(krb5_context context, HDB *db, krb5_data key, krb5_data *reply) -{ - struct ndbm_db *d = (struct ndbm_db *)db->hdb_db; - datum k, v; - int code; - - k.dptr = key.data; - k.dsize = key.length; - code = db->hdb_lock(context, db, HDB_RLOCK); - if(code) - return code; - v = dbm_fetch(d->db, k); - db->hdb_unlock(context, db); - if(v.dptr == NULL) - return HDB_ERR_NOENTRY; - - krb5_data_copy(reply, v.dptr, v.dsize); - return 0; -} - -static krb5_error_code -NDBM__put(krb5_context context, HDB *db, int replace, - krb5_data key, krb5_data value) -{ - struct ndbm_db *d = (struct ndbm_db *)db->hdb_db; - datum k, v; - int code; - - k.dptr = key.data; - k.dsize = key.length; - v.dptr = value.data; - v.dsize = value.length; - - code = db->hdb_lock(context, db, HDB_WLOCK); - if(code) - return code; - code = dbm_store(d->db, k, v, replace ? DBM_REPLACE : DBM_INSERT); - db->hdb_unlock(context, db); - if(code == 1) - return HDB_ERR_EXISTS; - if (code < 0) - return code; - return 0; -} - -static krb5_error_code -NDBM__del(krb5_context context, HDB *db, krb5_data key) -{ - struct ndbm_db *d = (struct ndbm_db *)db->hdb_db; - datum k; - int code; - krb5_error_code ret; - - k.dptr = key.data; - k.dsize = key.length; - ret = db->hdb_lock(context, db, HDB_WLOCK); - if(ret) return ret; - code = dbm_delete(d->db, k); - db->hdb_unlock(context, db); - if(code < 0) - return errno; - return 0; -} - - -static krb5_error_code -NDBM_close(krb5_context context, HDB *db) -{ - struct ndbm_db *d = db->hdb_db; - dbm_close(d->db); - close(d->lock_fd); - free(d); - return 0; -} - -static krb5_error_code -NDBM_open(krb5_context context, HDB *db, int flags, mode_t mode) -{ - krb5_error_code ret; - struct ndbm_db *d = malloc(sizeof(*d)); - char *lock_file; - - if(d == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - asprintf(&lock_file, "%s.lock", (char*)db->hdb_name); - if(lock_file == NULL) { - free(d); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - d->db = dbm_open((char*)db->hdb_name, flags, mode); - if(d->db == NULL){ - ret = errno; - free(d); - free(lock_file); - krb5_set_error_string(context, "dbm_open(%s): %s", db->hdb_name, - strerror(ret)); - return ret; - } - d->lock_fd = open(lock_file, O_RDWR | O_CREAT, 0600); - if(d->lock_fd < 0){ - ret = errno; - dbm_close(d->db); - free(d); - krb5_set_error_string(context, "open(%s): %s", lock_file, - strerror(ret)); - free(lock_file); - return ret; - } - free(lock_file); - db->hdb_db = d; - if((flags & O_ACCMODE) == O_RDONLY) - ret = hdb_check_db_format(context, db); - else - ret = hdb_init_db(context, db); - if(ret == HDB_ERR_NOENTRY) - return 0; - if (ret) { - NDBM_close(context, db); - krb5_set_error_string(context, "hdb_open: failed %s database %s", - (flags & O_ACCMODE) == O_RDONLY ? - "checking format of" : "initialize", - db->hdb_name); - } - return ret; -} - -krb5_error_code -hdb_ndbm_create(krb5_context context, HDB **db, - const char *filename) -{ - *db = calloc(1, sizeof(**db)); - if (*db == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - (*db)->hdb_db = NULL; - (*db)->hdb_name = strdup(filename); - if ((*db)->hdb_name == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - free(*db); - *db = NULL; - return ENOMEM; - } - (*db)->hdb_master_key_set = 0; - (*db)->hdb_openp = 0; - (*db)->hdb_open = NDBM_open; - (*db)->hdb_close = NDBM_close; - (*db)->hdb_fetch = _hdb_fetch; - (*db)->hdb_store = _hdb_store; - (*db)->hdb_remove = _hdb_remove; - (*db)->hdb_firstkey = NDBM_firstkey; - (*db)->hdb_nextkey= NDBM_nextkey; - (*db)->hdb_lock = NDBM_lock; - (*db)->hdb_unlock = NDBM_unlock; - (*db)->hdb_rename = NDBM_rename; - (*db)->hdb__get = NDBM__get; - (*db)->hdb__put = NDBM__put; - (*db)->hdb__del = NDBM__del; - (*db)->hdb_destroy = NDBM_destroy; - return 0; -} - -#endif /* HAVE_NDBM */ diff --git a/crypto/heimdal/lib/hdb/print.c b/crypto/heimdal/lib/hdb/print.c deleted file mode 100644 index 60b7e8db7b60..000000000000 --- a/crypto/heimdal/lib/hdb/print.c +++ /dev/null @@ -1,294 +0,0 @@ -/* - * Copyright (c) 1999-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "hdb_locl.h" -#include -#include - -RCSID("$Id: print.c 16378 2005-12-12 12:40:12Z lha $"); - -/* - This is the present contents of a dump line. This might change at - any time. Fields are separated by white space. - - principal - keyblock - kvno - keys... - mkvno - enctype - keyvalue - salt (- means use normal salt) - creation date and principal - modification date and principal - principal valid from date (not used) - principal valid end date (not used) - principal key expires (not used) - max ticket life - max renewable life - flags - generation number - */ - -static krb5_error_code -append_string(krb5_context context, krb5_storage *sp, const char *fmt, ...) -{ - krb5_error_code ret; - char *s; - va_list ap; - va_start(ap, fmt); - vasprintf(&s, fmt, ap); - va_end(ap); - if(s == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - ret = krb5_storage_write(sp, s, strlen(s)); - free(s); - return ret; -} - -static krb5_error_code -append_hex(krb5_context context, krb5_storage *sp, krb5_data *data) -{ - int i, printable = 1; - char *p; - - p = data->data; - for(i = 0; i < data->length; i++) - if(!isalnum((unsigned char)p[i]) && p[i] != '.'){ - printable = 0; - break; - } - if(printable) - return append_string(context, sp, "\"%.*s\"", - data->length, data->data); - hex_encode(data->data, data->length, &p); - append_string(context, sp, "%s", p); - free(p); - return 0; -} - -static char * -time2str(time_t t) -{ - static char buf[128]; - strftime(buf, sizeof(buf), "%Y%m%d%H%M%S", gmtime(&t)); - return buf; -} - -static krb5_error_code -append_event(krb5_context context, krb5_storage *sp, Event *ev) -{ - char *pr = NULL; - krb5_error_code ret; - if(ev == NULL) - return append_string(context, sp, "- "); - if (ev->principal != NULL) { - ret = krb5_unparse_name(context, ev->principal, &pr); - if(ret) - return ret; - } - ret = append_string(context, sp, "%s:%s ", - time2str(ev->time), pr ? pr : "UNKNOWN"); - free(pr); - return ret; -} - -static krb5_error_code -entry2string_int (krb5_context context, krb5_storage *sp, hdb_entry *ent) -{ - char *p; - int i; - krb5_error_code ret; - - /* --- principal */ - ret = krb5_unparse_name(context, ent->principal, &p); - if(ret) - return ret; - append_string(context, sp, "%s ", p); - free(p); - /* --- kvno */ - append_string(context, sp, "%d", ent->kvno); - /* --- keys */ - for(i = 0; i < ent->keys.len; i++){ - /* --- mkvno, keytype */ - if(ent->keys.val[i].mkvno) - append_string(context, sp, ":%d:%d:", - *ent->keys.val[i].mkvno, - ent->keys.val[i].key.keytype); - else - append_string(context, sp, "::%d:", - ent->keys.val[i].key.keytype); - /* --- keydata */ - append_hex(context, sp, &ent->keys.val[i].key.keyvalue); - append_string(context, sp, ":"); - /* --- salt */ - if(ent->keys.val[i].salt){ - append_string(context, sp, "%u/", ent->keys.val[i].salt->type); - append_hex(context, sp, &ent->keys.val[i].salt->salt); - }else - append_string(context, sp, "-"); - } - append_string(context, sp, " "); - /* --- created by */ - append_event(context, sp, &ent->created_by); - /* --- modified by */ - append_event(context, sp, ent->modified_by); - - /* --- valid start */ - if(ent->valid_start) - append_string(context, sp, "%s ", time2str(*ent->valid_start)); - else - append_string(context, sp, "- "); - - /* --- valid end */ - if(ent->valid_end) - append_string(context, sp, "%s ", time2str(*ent->valid_end)); - else - append_string(context, sp, "- "); - - /* --- password ends */ - if(ent->pw_end) - append_string(context, sp, "%s ", time2str(*ent->pw_end)); - else - append_string(context, sp, "- "); - - /* --- max life */ - if(ent->max_life) - append_string(context, sp, "%d ", *ent->max_life); - else - append_string(context, sp, "- "); - - /* --- max renewable life */ - if(ent->max_renew) - append_string(context, sp, "%d ", *ent->max_renew); - else - append_string(context, sp, "- "); - - /* --- flags */ - append_string(context, sp, "%d ", HDBFlags2int(ent->flags)); - - /* --- generation number */ - if(ent->generation) { - append_string(context, sp, "%s:%d:%d ", time2str(ent->generation->time), - ent->generation->usec, - ent->generation->gen); - } else - append_string(context, sp, "- "); - - /* --- extensions */ - if(ent->extensions && ent->extensions->len > 0) { - for(i = 0; i < ent->extensions->len; i++) { - void *d; - size_t size, sz; - - ASN1_MALLOC_ENCODE(HDB_extension, d, size, - &ent->extensions->val[i], &sz, ret); - if (ret) { - krb5_clear_error_string(context); - return ret; - } - if(size != sz) - krb5_abortx(context, "internal asn.1 encoder error"); - - if (hex_encode(d, size, &p) < 0) { - free(d); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - free(d); - append_string(context, sp, "%s%s", p, - ent->extensions->len - 1 != i ? ":" : ""); - free(p); - } - } else - append_string(context, sp, "-"); - - - return 0; -} - -krb5_error_code -hdb_entry2string (krb5_context context, hdb_entry *ent, char **str) -{ - krb5_error_code ret; - krb5_data data; - krb5_storage *sp; - - sp = krb5_storage_emem(); - if(sp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - ret = entry2string_int(context, sp, ent); - if(ret) { - krb5_storage_free(sp); - return ret; - } - - krb5_storage_write(sp, "\0", 1); - krb5_storage_to_data(sp, &data); - krb5_storage_free(sp); - *str = data.data; - return 0; -} - -/* print a hdb_entry to (FILE*)data; suitable for hdb_foreach */ - -krb5_error_code -hdb_print_entry(krb5_context context, HDB *db, hdb_entry_ex *entry, void *data) -{ - krb5_error_code ret; - krb5_storage *sp; - - FILE *f = data; - - fflush(f); - sp = krb5_storage_from_fd(fileno(f)); - if(sp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - ret = entry2string_int(context, sp, &entry->entry); - if(ret) { - krb5_storage_free(sp); - return ret; - } - - krb5_storage_write(sp, "\n", 1); - krb5_storage_free(sp); - return 0; -} diff --git a/crypto/heimdal/lib/hdb/test_dbinfo.c b/crypto/heimdal/lib/hdb/test_dbinfo.c deleted file mode 100644 index d92a5381b3a1..000000000000 --- a/crypto/heimdal/lib/hdb/test_dbinfo.c +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hdb_locl.h" -#include - -RCSID("$Id: test_dbinfo.c 20575 2007-04-27 20:20:32Z lha $"); - -static int help_flag; -static int version_flag; - -struct getargs args[] = { - { "help", 'h', arg_flag, &help_flag }, - { "version", 0, arg_flag, &version_flag } -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - -int -main(int argc, char **argv) -{ - struct hdb_dbinfo *info, *d; - krb5_context context; - int ret, o = 0; - - setprogname(argv[0]); - - if(getarg(args, num_args, argc, argv, &o)) - krb5_std_usage(1, args, num_args); - - if(help_flag) - krb5_std_usage(0, args, num_args); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - ret = hdb_get_dbinfo(context, &info); - if (ret) - krb5_err(context, 1, ret, "hdb_get_dbinfo"); - - d = NULL; - while ((d = hdb_dbinfo_get_next(info, d)) != NULL) { - printf("label: %s\n", hdb_dbinfo_get_label(context, d)); - printf("\trealm: %s\n", hdb_dbinfo_get_realm(context, d)); - printf("\tdbname: %s\n", hdb_dbinfo_get_dbname(context, d)); - printf("\tmkey_file: %s\n", hdb_dbinfo_get_mkey_file(context, d)); - printf("\tacl_file: %s\n", hdb_dbinfo_get_acl_file(context, d)); - } - - hdb_free_dbinfo(context, &info); - - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/lib/hx509/ChangeLog b/crypto/heimdal/lib/hx509/ChangeLog deleted file mode 100644 index cb29cee4e18c..000000000000 --- a/crypto/heimdal/lib/hx509/ChangeLog +++ /dev/null @@ -1,2641 +0,0 @@ -2008-01-21 Love Hörnquist Åstrand - - * test_soft_pkcs11.c: use func for more C_ functions. - -2008-01-18 Love Hörnquist Åstrand - - * version-script.map: Export hx509_free_error_string(). - -2008-01-17 Love Hörnquist Åstrand - - * version-script.map: only export C_GetFunctionList - - * test_soft_pkcs11.c: use C_GetFunctionList - - * softp11.c: fix comment, remove label. - - * softp11.c: Add option app-fatal to control if softtoken should - abort() on erroneous input from applications. - -2008-01-16 Love Hörnquist Åstrand - - * test_pkcs11.in: Test password less certificates too - - * keyset.c: document HX509_CERTS_UNPROTECT_ALL - - * ks_file.c: Support HX509_CERTS_UNPROTECT_ALL. - - * hx509.h: Add HX509_CERTS_UNPROTECT_ALL. - - * test_soft_pkcs11.c: Only log in if needed. - -2008-01-15 Love Hörnquist Åstrand - - * softp11.c: Support PINs to login to the store. - - * Makefile.am: add java pkcs11 test - - * test_java_pkcs11.in: first version of disable java test - - * softp11.c: Drop unused stuff. - - * cert.c: Spelling, Add hx509_cert_get_SPKI_AlgorithmIdentifier, - remove unused stuff, add hx509_context to some functions. - - * softp11.c: Add more glue to figure out what keytype this - certificate is using. - -2008-01-14 Love Hörnquist Åstrand - - * test_pkcs11.in: test debug - - * Add a PKCS11 provider supporting signing and verifing sigatures. - -2008-01-13 Love Hörnquist Åstrand - - * version-script.map: Replace hx509_name_to_der_name with - hx509_name_binary. - - * print.c: make print_func static - -2007-12-26 Love Hörnquist Åstrand - - * print.c: doxygen - - * env.c: doxygen - - * doxygen.c: add more groups - - * ca.c: doxygen. - -2007-12-17 Love Hörnquist Åstrand - - * ca.c: doxygen - -2007-12-16 Love Hörnquist Åstrand - - * error.c: doxygen - -2007-12-15 Love Hörnquist Åstrand - - * More documentation - - * lock.c: Add page referance - - * keyset.c: some more documentation. - - * cms.c: Doxygen documentation. - -2007-12-11 Love Hörnquist Åstrand - - * *.[ch]: More documentation - -2007-12-09 Love Hörnquist Åstrand - - * handle refcount on NULL. - - * test_nist_pkcs12.in: drop echo -n, doesn't work with posix sh - -2007-12-08 Love Hörnquist Åstrand - - * test_nist2.in: Print that this is version 2 of the tests - - * test_nist.in: Drop printing of $id. - - * hx509.h: Add HX509_VHN_F_ALLOW_NO_MATCH. - - * name.c: spelling. - - * cert.c: make work the doxygen. - - * name.c: fix doxygen compiling. - - * Makefile.am: add doxygen.c - - * doxygen.c: Add doxygen main page. - - * cert.c: Add doxygen. - - * revoke.c (_hx509_revoke_ref): new function. - -2007-11-16 Love Hörnquist Åstrand - - * ks_keychain.c: Check if SecKeyGetCSPHandle needs prototype. - -2007-08-16 Love Hörnquist Åstrand - - * data/nist-data: Make work on case senstive filesystems too. - -2007-08-09 Love Hörnquist Åstrand - - * cert.c: match rfc822 contrains better, provide better error - strings. - -2007-08-08 Love Hörnquist Åstrand - - * cert.c: "self-signed doesn't count" doesn't apply to trust - anchor certificate. make trust anchor check consistant. - - * revoke.c: make compile. - - * revoke.c (verify_crl): set error strings. - - * revoke.c (verify_crl): handle with the signer is the - CRLsigner (shortcut). - - * cert.c: Fix NC, comment on how to use _hx509_check_key_usage. - -2007-08-03 Love Hörnquist Åstrand - - * test_nist2.in, Makefile, test/nist*: Add nist pkits tests. - - * revoke.c: Update to use CERT_REVOKED error, shortcut out of OCSP - checking when OCSP reply is a revocation reply. - - * hx509_err.et: Make CERT_REVOKED error OCSP/CRL agnostic. - - * name.c (_hx509_Name_to_string): make printableString handle - space (0x20) diffrences as required by rfc3280. - - * revoke.c: Search for the right issuer when looking for the - issuer of the CRL signer. - -2007-08-02 Love Hörnquist Åstrand - - * revoke.c: Handle CRL signing certificate better, try to not - revalidate invalid CRLs over and over. - -2007-08-01 Love Hörnquist Åstrand - - * cms.c: remove stale comment. - - * test_nist.in: Unpack PKITS_data.zip and run tests. - - * test_nist_cert.in: Adapt to new nist pkits framework. - - * test_nist_pkcs12.in: Adapt to new nist pkits framework. - - * Makefile.am: clean PKITS_data - -2007-07-16 Love Hörnquist Åstrand - - * Makefile.am: Add version-script.map to EXTRA_DIST - -2007-07-12 Love Hörnquist Åstrand - - * Makefile.am: Add depenency on asn1_compile for asn1 built files. - -2007-07-10 Love Hörnquist Åstrand - - * peer.c: update (c), indent. - - * Makefile.am: New library version. - -2007-06-28 Love Hörnquist Åstrand - - * ks_p11.c: Add sha2 types. - - * ref/pkcs11.h: Sync with scute. - - * ref/pkcs11.h: Add sha2 CKM's. - - * print.c: Print authorityInfoAccess. - - * cert.c: Rename proxyCertInfo oid. - - * ca.c: Rename proxyCertInfo oid. - - * print.c: Rename proxyCertInfo oid. - -2007-06-26 Love Hörnquist Åstrand - - * test_ca.in: Adapt to new request handling. - - * req.c: Allow export some of the request parameters. - - * hxtool-commands.in: Adapt to new request handling. - - * hxtool.c: Adapt to new request handling. - - * test_req.in: Adapt to new request handling. - - * version-script.map: Add initialize_hx_error_table_r. - - * req.c: Move _hx509_request_print here. - - * hxtool.c: use _hx509_request_print - - * version-script.map: Export more crap^W semiprivate functions. - - * hxtool.c: don't _hx509_abort - - * version-script.map: add missing ; - -2007-06-25 Love Hörnquist Åstrand - - * cms.c: Use hx509_crypto_random_iv. - - * crypto.c: Split out the iv creation from hx509_crypto_encrypt - since _hx509_pbe_encrypt needs to use the iv from the s2k - function. - - * test_cert.in: Test PEM and DER FILE writing functionallity. - - * ks_file.c: Add writing DER certificates. - - * hxtool.c: Update to new hx509_pem_write(). - - * test_cms.in: test creation of PEM signeddata. - - * hx509.h: PEM struct/function declarations. - - * ks_file.c: Use PEM encoding/decoding functions. - - * file.c: PEM encode/decoding functions. - - * ks_file.c: Use hx509_pem_write. - - * version-script.map: Export some semi-private functions. - - * hxtool.c: Enable writing out signed data as a pem attachment. - - * hxtool-commands.in (cms-create-signed): add --pem - - * file.c (hx509_pem_write): Add. - - * test_ca.in: Issue and test null subject cert. - - * cert.c: Match is first component is in a CN=. - - * test_ca.in: Test hostname if first CN. - - * Makefile.am: Add version script. - - * version-script.map: Limited exported symbols. - - * test_ca.in: test --hostname. - - * test_chain.in: test max-depth - - * hx509.h: fixate HX509_HN_HOSTNAME at 0. - - * hxtool-commands.in: add --hostname add --max-depth - - * cert.c: Verify hostname and max-depth. - - * hxtool.c: Verify hostname and test max-depth. - -2007-06-24 Love Hörnquist Åstrand - - * test_cms.in: Test --id-by-name. - - * hxtool-commands.in: add cms-create-sd --id-by-name - - * hxtool.c: Use HX509_CMS_SIGATURE_ID_NAME. - - * cms.c: Implement and use HX509_CMS_SIGATURE_ID_NAME. - - * hx509.h: Add HX509_CMS_SIGATURE_ID_NAME, use subject name for - CMS.Identifier. hx509_hostname_type: add hostname type for - matching. - - * cert.c (match_general_name): more strict rfc822Name matching. - (hx509_verify_hostname): add hostname type for matching. - -2007-06-19 Love Hörnquist Åstrand - - * hxtool.c: Make compile again. - - * hxtool.c: Added peap-server for to make windows peap clients - happy. - - * hxtool.c: Unify parse_oid code. - - * hxtool.c: Implement --content-type. - - * hxtool-commands.in: Add content-type. - - * test_cert.in: more cert and keyset tests. - -2007-06-18 Love Hörnquist Åstrand - - * revoke.c: Avoid stomping on NULL. - - * revoke.c: Avoid reusing i. - - * cert.c: Provide __attribute__ for _hx509_abort. - - * ks_file.c: Fail if not finding iv. - - * keyset.c: Avoid useing freed memory. - - * crypto.c: Free memory in failure case. - - * crypto.c: Free memory in failure case. - -2007-06-12 Love Hörnquist Åstrand - - * *.c: Add hx509_cert_init_data and use everywhere - - * hx_locl.h: Now that KEYCHAIN:system-anchors is fast again, use - that. - - * ks_keychain.c: Implement trust anchor support with - SecTrustCopyAnchorCertificates. - - * keyset.c: Set ref to 1 for the new object. - - * cert.c: Fix logic for allow_default_trust_anchors - - * keyset.c: Add refcounting to keystores. - - * cert.c: Change logic for default trust anchors, make it be - either default trust anchor, the user supplied, or non at all. - -2007-06-08 Love Hörnquist Åstrand - - * Makefile.am: Add data/j.pem. - - * Makefile.am: Add test_windows.in. - -2007-06-06 Love Hörnquist Åstrand - - * ks_keychain.c: rename functions, leaks less memory and more - paranoia. - - * test_cms.in: Test cms peer-alg. - - * crypto.c (rsa_create_signature): make oid_id_pkcs1_rsaEncryption - mean rsa-with-sha1 but oid oid_id_pkcs1_rsaEncryption in algorithm - field. XXX should probably use another algorithmIdentifier for - this. - - * peer.c: Make free function return void. - - * cms.c (hx509_cms_create_signed_1): Use hx509_peer_info to select - the signature algorithm too. - - * hxtool-commands.in: Add cms-create-sd --peer-alg. - - * req.c: Use _hx509_crypto_default_sig_alg. - - * test_windows.in: Create crl, because everyone needs one. - - * Makefile.am: add wcrl.crl - -2007-06-05 Love Hörnquist Åstrand - - * hx_locl.h: Disable KEYCHAIN for now, its slow. - - * cms.c: When we are not using pkcs7-data, avoid seing - signedAttributes since some clients get upset by that (pkcs7 based - or just plain broken). - - * ks_keychain.c: Provide rsa signatures. - - * ks_keychain.c: Limit the searches to the selected keychain. - - * ks_keychain.c: include -framework Security specific header files - after #ifdef - - * ks_keychain.c: Find and attach private key (does not provide - operations yet though). - - * ks_p11.c: Prefix rsa method with p11_ - - * ks_keychain.c: Allow opening a specific chain, making "system" - special and be the system X509Anchors file. By not specifing any - keychain ("KEYCHAIN:"), all keychains are probed. - -2007-06-04 Love Hörnquist Åstrand - - * hxtool.c (verify): Friendlier error message. - - * cert.c: Read in and use default trust anchors if they exists. - - * hx_locl.h: Add concept of default_trust_anchors. - - * ks_keychain.c: Remove err(), remove extra empty comment, fix - _iter function. - - * error.c (hx509_get_error_string): if the error code is not the - one we expect, punt and use the default com_err/strerror string - instead. - - * keyset.c (hx509_certs_merge): its ok to merge in the NULL set of - certs. - - * test_windows.in: Fix status string. - - * ks_p12.c (store_func): free whole CertBag, not just the data - part. - - * print.c: Check that the self-signed cert is really self-signed. - - * print.c: Use selfsigned for CRL DP whine, tell if its a - self-signed. - - * print.c: Whine if its a non CA/proxy and doesn't have CRL DP. - - * ca.c: Add cRLSign to CA certs. - - * cert.c: Register NULL and KEYCHAIN. - - * ks_null.c: register the NULL keystore. - - * Makefile.am: Add ks_keychain.c and related libs. - - * test_crypto.in: Print certificate with utf8. - - * print.c: Leak less memory. - - * hxtool.c: Leak less memory. - - * print.c: Leak less memory, use functions that does same but - more. - - * name.c (quote_string): don't sign extend the (signed) char to - avoid printing too much, add an assert to check that we didn't - overrun the buffer. - - * name.c: Use right element out of the CHOICE for printableString - and utf8String - - * ks_keychain.c: Certificate only KeyChain backend. - - * name.c: Reset name before parsing it. - -2007-06-03 Love Hörnquist Åstrand - - * revoke.c (hx509_crl_*): fix sizeof() mistakes to fix memory - corruption. - - * hxtool.c: Add lifetime to crls. - - * hxtool-commands.in: Add lifetime to crls. - - * revoke.c: Add lifetime to crls. - - * test_ca.in: More crl checks. - - * revoke.c: Add revoking certs. - - * hxtool-commands.in: argument is certificates.. for crl-sign - - * hxtool.c (certificate_copy): free lock - - * revoke.c: Fix hx509_set_error_string calls, add - hx509_crl_add_revoked_certs(), implement hx509_crl_{alloc,free}. - - * hxtool.c (crl_sign): free lock - - * cert.c (hx509_context_free): free querystat - -2007-06-02 Love Hörnquist Åstrand - - * test_chain.in: test ocsp-verify - - * revoke.c (hx509_ocsp_verify): explain what its useful for and - provide sane error message. - - * hx509_err.et: New error code, CERT_NOT_IN_OCSP - - * hxtool.c: New command ocsp-verify, check if ocsp contains all - certs and are valid (exist and non expired). - - * hxtool-commands.in: New command ocsp-verify. - -2007-06-01 Love Hörnquist Åstrand - - * test_ca.in: Create crl and verify that is works. - - * hxtool.c: Sign CRL command. - - * hx509.h: Add hx509_crl. - - * hxtool-commands.in: Add crl-sign commands. - - * revoke.c: Support to generate an empty CRL. - - * tst-crypto-select2: Switched default types. - - * tst-crypto-select1: Switched default types. - - * ca.c: Use default AlgorithmIdentifier. - - * cms.c: Use default AlgorithmIdentifier. - - * crypto.c: Provide default AlgorithmIdentifier and use them. - - * hx_locl.h: Provide default AlgorithmIdentifier. - - * keyset.c (hx509_certs_find): collects stats for queries. - - * cert.c: Sort and print more info. - - * hx_locl.h: Add querystat to hx509_context. - - * test_*.in: sprinle stat saveing - - * Makefile.am: Add stat and objdir. - - * collector.c (_hx509_collector_alloc): return error code instead - of pointer. - - * hxtool.c: Add statistic hook. - - * ks_file.c: Update _hx509_collector_alloc prototype. - - * ks_p12.c: Update _hx509_collector_alloc prototype. - - * ks_p11.c: Update _hx509_collector_alloc prototype. - - * hxtool-commands.in: Add statistics hook. - - * cert.c: Statistics printing. - - * ks_p12.c: plug memory leak - - * ca.c (hx509_ca_tbs_add_crl_dp_uri): plug memory leak - -2007-05-31 Love Hörnquist Åstrand - - * print.c: print utf8 type SAN's - - * Makefile.am: Fix windows client cert name. - - * test_windows.in: Add crl-uri for the ee certs. - - * print.c: Printf formating. - - * ca.c: Add glue for adding CRL dps. - - * test_ca.in: Readd the crl adding code, it works (somewhat) now. - - * print.c: Fix printing of CRL DPnames (I hate IMPLICIT encoded - structures). - - * hxtool-commands.in: make ca and alias of certificate-sign - -2007-05-30 Love Hörnquist Åstrand - - * crypto.c (hx509_crypto_select): copy AI to the right place. - - * hxtool-commands.in: Add ca --ms-upn. - - * hxtool.c: add --ms-upn and add more EKU's for pk-init client. - - * ca.c: Add hx509_ca_tbs_add_san_ms_upn and refactor code. - - * test_crypto.in: Resurect killed e. - - * test_crypto.in: check for aes256-cbc - - * tst-crypto-select7: check for aes256-cbc - - * test_windows.in: test windows stuff - - * hxtool.c: add ca --domain-controller option, add secret key - option to avaible. - - * ca.c: Add hx509_ca_tbs_set_domaincontroller. - - * hxtool-commands.in: add ca --domain-controller - - * hxtool.c: hook for testing secrety key algs - - * crypto.c: Add selection code for secret key crypto. - - * hx509.h: Add HX509_SELECT_SECRET_ENC. - -2007-05-13 Love Hörnquist Åstrand - - * ks_p11.c: add more mechtypes - -2007-05-10 Love Hörnquist Åstrand - - * print.c: Indent. - - * hxtool-commands.in: add test-crypto command - - * hxtool.c: test crypto command - - * cms.c (hx509_cms_create_signed_1): if no eContentType is given, - use pkcs7-data. - - * print.c: add Netscape cert comment - - * crypto.c: Try both the empty password and the NULL - password (nothing vs the octet string \x00\x00). - - * print.c: Add some US Fed PKI oids. - - * ks_p11.c: Add some more hashes. - -2007-04-24 Love Hörnquist Åstrand - - * hxtool.c (crypto_select): stop memory leak - -2007-04-19 Love Hörnquist Åstrand - - * peer.c (hx509_peer_info_free): free memory used too - - * hxtool.c (crypto_select): only free peer if it was used. - -2007-04-18 Love Hörnquist Åstrand - - * hxtool.c: free template - - * ks_mem.c (mem_free): free key array too - - * hxtool.c: free private key and tbs - - * hxtool.c (hxtool_ca): free signer - - * hxtool.c (crypto_available): free peer too. - - * ca.c (get_AuthorityKeyIdentifier): leak less memory - - * hxtool.c (hxtool_ca): free SPKI - - * hxtool.c (hxtool_ca): free cert - - * ks_mem.c (mem_getkeys): allocate one more the we have elements - so its possible to store the NULL pointer at the end. - -2007-04-16 Love Hörnquist Åstrand - - * Makefile.am: CLEANFILES += cert-null.pem cert-sub-ca2.pem - -2007-02-05 Love Hörnquist Åstrand - - * ca.c: Disable CRLDistributionPoints for now, its IMPLICIT code - in the asn1 parser. - - * print.c: Add some more \n's. - -2007-02-03 Love Hörnquist Åstrand - - * file.c: Allow mapping using heim_octet_string. - - * hxtool.c: Add options to generate detached signatures. - - * cms.c: Add flags to generate detached signatures. - - * hx509.h: Flag to generate detached signatures. - - * test_cms.in: Support detached sigatures. - - * name.c (hx509_general_name_unparse): unparse the other - GeneralName nametypes. - - * print.c: Use less printf. Use hx509_general_name_unparse. - - * cert.c: Fix printing and plug leak-on-error. - -2007-01-31 Love Hörnquist Åstrand - - * test_ca.in: Add test for ca --crl-uri. - - * hxtool.c: Add ca --crl-uri. - - * hxtool-commands.in: add ca --crl-uri - - * ca.c: Code to set CRLDistributionPoints in certificates. - - * print.c: Check CRLDistributionPointNames. - - * name.c (hx509_general_name_unparse): function for unparsing - GeneralName, only supports GeneralName.URI - - * cert.c (is_proxy_cert): free info if we wont return it. - -2007-01-30 Love Hörnquist Åstrand - - * hxtool.c: Try to help how to use this command. - -2007-01-21 Love Hörnquist Åstrand - - * switch to sha256 as default digest for signing - -2007-01-20 Love Hörnquist Åstrand - - * test_ca.in: Really test sub-ca code, add basic constraints tests - -2007-01-17 Love Hörnquist Åstrand - - * Makefile.am: Fix makefile problem. - -2007-01-16 Love Hörnquist Åstrand - - * hxtool.c: Set num of bits before we generate the key. - -2007-01-15 Love Hörnquist Åstrand - - * cms.c (hx509_cms_create_signed_1): use hx509_cert_binary - - * ks_p12.c (store_func): use hx509_cert_binary - - * ks_file.c (store_func): use hx509_cert_binary - - * cert.c (hx509_cert_binary): return binary encoded - certificate (DER format) - -2007-01-14 Love Hörnquist Åstrand - - * ca.c (hx509_ca_tbs_subject_expand): new function. - - * name.c (hx509_name_expand): if env is NULL, return directly - - * test_ca.in: test template handling - - * hx509.h: Add template flags. - - * Makefile.am: clean out new files - - * hxtool.c: Add certificate template processing, fix hx509_err - usage. - - * hxtool-commands.in: Add certificate template processing. - - * ca.c: Add certificate template processing. Fix return messages - from hx509_ca_tbs_add_eku. - - * cert.c: Export more stuff from certificate. - -2007-01-13 Love Hörnquist Åstrand - - * ca.c: update (c) - - * ca.c: (hx509_ca_tbs_add_eku): filter out dups. - - * hxtool.c: Add type email and add email eku when using option - --email. - - * Makefile.am: add env.c - - * name.c: Remove abort, add error handling. - - * test_name.c: test name expansion - - * name.c: add hx509_name_expand - - * env.c: key-value pair help functions - -2007-01-12 Love Hörnquist Åstrand - - * ca.c: Don't issue certs with subject DN that is NULL and have no - SANs - - * print.c: Fix previous test. - - * print.c: Check there is a SAN if subject DN is NULL. - - * test_ca.in: test email, null subject dn - - * hxtool.c: Allow setting parameters to private key generation. - - * hx_locl.h: Allow setting parameters to private key generation. - - * crypto.c: Allow setting parameters to private key generation. - - * hxtool.c (eval_types): add jid if user gave one - - * hxtool-commands.in (certificate-sign): add --jid - - * ca.c (hx509_ca_tbs_add_san_jid): Allow adding - id-pkix-on-xmppAddr OtherName. - - * print.c: Print id-pkix-on-xmppAddr OtherName. - -2007-01-11 Love Hörnquist Åstrand - - * no random, no RSA/DH tests - - * hxtool.c (info): print status of random generator - - * Makefile.am: remove files created by tests - - * error.c: constify - - * name.c: constify - - * revoke.c: constify - - * hx_locl.h: constify - - * keyset.c: constify - - * ks_p11.c: constify - - * hx_locl.h: make printinfo char * argument const. - - * cms.c: move _hx509_set_digest_alg from cms.c to crypto.c since - its only used there. - - * crypto.c: remove no longer used stuff, move set_digest_alg here - from cms.c since its only used here. - - * Makefile.am: add data/test-nopw.p12 to EXTRA_DIST - -2007-01-10 Love Hörnquist Åstrand - - * print.c: BasicConstraints vs criticality bit is complicated and - not really possible to evaluate on its own, silly RFC3280. - - * ca.c: Make basicConstraints critical if this is a CA. - - * print.c: fix the version vs extension test - - * print.c: More validation checks. - - * name.c (hx509_name_cmp): add - -2007-01-09 Love Hörnquist Åstrand - - * ks_p11.c (collect_private_key): Missing CKA_MODULUS is ok - too (XXX why should these be fetched given they are not used). - - * test_ca.in: rename all files to PEM files, since that is what - they are. - - * hxtool.c: copy out the key with the self signed CA cert - - * Factor out private key operation out of the signing, operations, - support import, export, and generation of private keys. Add - support for writing PEM and PKCS12 files with private keys in them. - - * data/gen-req.sh: Generate a no password pkcs12 file. - -2007-01-08 Love Hörnquist Åstrand - - * cms.c: Check for internal ASN1 encoder error. - -2007-01-05 Love Hörnquist Åstrand - - * Makefile.am: Drop most of the pkcs11 files. - - * test_ca.in: test reissueing ca certificate (xxx time - validAfter). - - * hxtool.c: Allow setting serialNumber (needed for reissuing - certificates) Change --key argument to --out-key. - - * hxtool-commands.in (issue-certificate): Allow setting - serialNumber (needed for reissuing certificates), Change --key - argument to --out-key. - - * ref: Replace with Marcus Brinkmann of g10 Code GmbH pkcs11 - headerfile that is compatible with GPL (file taken from scute) - -2007-01-04 Love Hörnquist Åstrand - - * test_ca.in: Test to generate key and use them. - - * hxtool.c: handle other keys the pkcs10 requested keys - - * hxtool-commands.in: add generate key commands - - * req.c (_hx509_request_to_pkcs10): PKCS10 needs to have a subject - - * hxtool-commands.in: Spelling. - - * ca.c (hx509_ca_tbs_set_proxy): allow negative pathLenConstraint - to signal no limit - - * ks_file.c: Try all formats on the binary file before giving up, - this way we can handle binary rsa keys too. - - * data/key2.der: new test key - -2007-01-04 David Love - - * Makefile.am (hxtool_LDADD): Add libasn1.la - - * hxtool.c (pcert_verify): Fix format string. - -2006-12-31 Love Hörnquist Åstrand - - * hxtool.c: Allow setting path length - - * cert.c: Fix test for proxy certs chain length, it was too - restrictive. - - * data: regen - - * data/openssl.cnf: (proxy_cert) make length 0 - - * test_ca.in: Issue a long living cert. - - * hxtool.c: add --lifetime to ca command. - - * hxtool-commands.in: add --lifetime to ca command. - - * ca.c: allow setting notBefore and notAfter. - - * test_ca.in: Test generation of proxy certificates. - - * ca.c: Allow generation of proxy certificates, always include - BasicConstraints, fix error codes. - - * hxtool.c: Allow generation of proxy certificates. - - * test_name.c: make hx509_parse_name take a hx509_context. - - * name.c: Split building RDN to a separate function. - -2006-12-30 Love Hörnquist Åstrand - - * Makefile.am: clean test_ca files. - - * test_ca.in: test issuing self-signed and CA certificates. - - * hxtool.c: Add bits to allow issuing self-signed and CA - certificates. - - * hxtool-commands.in: Add bits to allow issuing self-signed and CA - certificates. - - * ca.c: Add bits to allow issuing CA certificates. - - * revoke.c: use new OCSPSigning. - - * ca.c: Add Subject Key Identifier. - - * ca.c: Add Authority Key Identifier. - - * cert.c: Locally export _hx509_find_extension_subject_key_id. - Handle AuthorityKeyIdentifier where only authorityCertSerialNumber - and authorityCertSerialNumber is set. - - * hxtool-commands.in: Add dnsname and rfc822 SANs. - - * test_ca.in: Test dnsname and rfc822 SANs. - - * ca.c: Add dnsname and rfc822 SANs. - - * hxtool.c: Add dnsname and rfc822 SANs. - - * test_ca.in: test adding eku, ku and san to the - certificate (https and pk-init) - - * hxtool.c: Add eku, ku and san to the certificate. - - * ca.c: Add eku, ku and san to the certificate. - - * hxtool-commands.in: Add --type and --pk-init-principal - - * ocsp.asn1: remove id-kp-OCSPSigning, its in rfc2459.asn1 now - -2006-12-29 Love Hörnquist Åstrand - - * ca.c: Add KeyUsage extension. - - * Makefile.am: add ca.c, add sign-certificate tests. - - * crypto.c: Add _hx509_create_signature_bitstring. - - * hxtool-commands.in: Add the sign-certificate tool. - - * hxtool.c: Add the sign-certificate tool. - - * cert.c: Add HX509_QUERY_OPTION_KU_KEYCERTSIGN. - - * hx509.h: Add hx509_ca_tbs and HX509_QUERY_OPTION_KU_KEYCERTSIGN. - - * test_ca.in: Basic test of generating a pkcs10 request, signing - it and verifying the chain. - - * ca.c: Naive certificate signer. - -2006-12-28 Love Hörnquist Åstrand - - * hxtool.c: add hxtool_hex - -2006-12-22 Love Hörnquist Åstrand - - * Makefile.am: use top_builddir for libasn1.la - -2006-12-11 Love Hörnquist Åstrand - - * hxtool.c (print_certificate): print serial number. - - * name.c (no): add S=stateOrProvinceName - -2006-12-09 Love Hörnquist Åstrand - - * crypto.c (_hx509_private_key_assign_rsa): set a default sig alg - - * ks_file.c (try_decrypt): pass down AlgorithmIdentifier that key - uses to do sigatures so there is no need to hardcode RSA into this - function. - -2006-12-08 Love Hörnquist Åstrand - - * ks_file.c: Pass filename to the parse functions and use it in - the error messages - - * test_chain.in: test proxy cert (third level) - - * hx509_err.et: fix errorstring for PROXY_CERT_NAME_WRONG - - * data: regen - - * Makefile.am: EXTRA_DIST: add - data/proxy10-child-child-test.{key,crt} - - * data/gen-req.sh: Fix names and restrictions on the proxy - certificates - - * cert.c: Clairfy and make proxy cert handling work for multiple - levels, before it was too restrictive. More helpful error message. - -2006-12-07 Love Hörnquist Åstrand - - * cert.c (check_key_usage): tell what keyusages are missing - - * print.c: Split OtherName printing code to a oid lookup and print - function. - - * print.c (Time2string): print hour as hour not min - - * Makefile.am: CLEANFILES += test - -2006-12-06 Love Hörnquist Åstrand - - * Makefile.am (EXTRA_DIST): add data/pkinit-proxy* files - - * Makefile.am (EXTRA_DIST): add tst-crypto* files - - * cert.c (hx509_query_match_issuer_serial): make a copy of the - data - - * cert.c (hx509_query_match_issuer_serial): allow matching on - issuer and serial num - - * cert.c (_hx509_calculate_path): add flag to allow leaving out - trust anchor - - * cms.c (hx509_cms_create_signed_1): when building the path, omit - the trust anchors. - - * crypto.c (rsa_create_signature): Abort when signature is longer, - not shorter. - - * cms.c: Provide time to _hx509_calculate_path so we don't send no - longer valid certs to our peer. - - * cert.c (find_parent): when checking for certs and its not a - trust anchor, require time be in range. - (_hx509_query_match_cert): Add time validity-testing to query mask - - * hx_locl.h: add time validity-testing to query mask - - * test_cms.in: Tests for CMS SignedData with incomplete chain from - the signer. - -2006-11-28 Love Hörnquist Åstrand - - * cms.c (hx509_cms_verify_signed): specify what signature we - failed to verify - - * Makefile.am: Depend on LIB_com_err for AIX. - - * keyset.c: Remove anther strndup that causes AIX to fall over. - - * cert.c: Don't check the trust anchors expiration time since they - are transported out of band, from RFC3820. - - * cms.c: sprinkle more error strings - - * crypto.c: sprinkle more error strings - - * hxtool.c: use unsigned int as counter to fit better with the - asn1 compiler - - * crypto.c: use unsigned int as counter to fit better with the - asn1 compiler - -2006-11-27 Love Hörnquist Åstrand - - * cms.c: Remove trailing white space. - - * crypto.c: rewrite comment to make more sense - - * crypto.c (hx509_crypto_select): check sig_algs[j]->key_oid - - * hxtool-commands.in (crypto-available): add --type - - * crypto.c (hx509_crypto_available): let alg pass if its keyless - - * hxtool-commands.in: Expand crypto-select - - * cms.c: Rename hx509_select to hx509_crypto_select. - - * hxtool-commands.in: Add crypto-select and crypto-available. - - * hxtool.c: Add crypto-select and crypto-available. - - * crypto.c (hx509_crypto_available): use right index. - (hx509_crypto_free_algs): new function - - * crypto.c (hx509_crypto_select): improve - (hx509_crypto_available): new function - -2006-11-26 Love Hörnquist Åstrand - - * cert.c: Sprinkle more error string and hx509_contexts. - - * cms.c: Sprinkle more error strings. - - * crypto.c: Sprinkle error string and hx509_contexts. - - * crypto.c: Add some more comments about how this works. - - * crypto.c (hx509_select): new function. - - * Makefile.am: add peer.c - - * hxtool.c: Update hx509_cms_create_signed_1. - - * hx_locl.h: add struct hx509_peer_info - - * peer.c: Allow selection of digest/sig-alg - - * cms.c: Allow selection of a better digest using hx509_peer_info. - - * revoke.c: Handle that _hx509_verify_signature takes a context. - - * cert.c: Handle that _hx509_verify_signature takes a context. - -2006-11-25 Love Hörnquist Åstrand - - * cms.c: Sprinkle error strings. - - * crypto.c: Sprinkle context and error strings. - -2006-11-24 Love Hörnquist Åstrand - - * name.c: Handle printing and parsing raw oids in name. - -2006-11-23 Love Hörnquist Åstrand - - * cert.c (_hx509_calculate_path): allow to calculate optimistic - path when we don't know the trust anchors, just follow the chain - upward until we no longer find a parent or we hit the max limit. - - * cms.c (hx509_cms_create_signed_1): provide a best effort path to - the trust anchors to be stored in the SignedData packet, if find - parents until trust anchor or max length. - - * data: regen - - * data/gen-req.sh: Build pk-init proxy cert. - -2006-11-16 Love Hörnquist Åstrand - - * error.c (hx509_get_error_string): Put ", " between strings in - error message. - -2006-11-13 Love Hörnquist Åstrand - - * data/openssl.cnf: Change realm to TEST.H5L.SE - -2006-11-07 Love Hörnquist Åstrand - - * revoke.c: Sprinkle error strings. - -2006-11-04 Love Hörnquist Åstrand - - * hx_locl.h: add context variable to cmp function. - - * cert.c (hx509_query_match_cmp_func): allow setting the match - function. - -2006-10-24 Love Hörnquist Åstrand - - * ks_p11.c: Return less EINVAL. - - * hx509_err.et: add more pkcs11 errors - - * hx509_err.et: more error-codes - - * revoke.c: Return less EINVAL. - - * ks_dir.c: sprinkel more hx509_set_error_string - - * ks_file.c: Return less EINVAL. - - * hxtool.c: Pass in context to _hx509_parse_private_key. - - * ks_file.c: Sprinkle more hx509_context so we can return propper - errors. - - * hx509_err.et: add HX509_PARSING_KEY_FAILED - - * crypto.c: Sprinkle more hx509_context so we can return propper - errors. - - * collector.c: No more EINVAL. - - * hx509_err.et: add HX509_LOCAL_ATTRIBUTE_MISSING - - * cert.c (hx509_cert_get_base_subject): one less EINVAL - (_hx509_cert_private_decrypt): one less EINVAL - -2006-10-22 Love Hörnquist Åstrand - - * collector.c: indent - - * hxtool.c: Try to not leak memory. - - * req.c: clean memory before free - - * crypto.c (_hx509_private_key2SPKI): indent - - * req.c: Try to not leak memory. - -2006-10-21 Love Hörnquist Åstrand - - * test_crypto.in: Read 50 kilobyte random data - - * revoke.c: Try to not leak memory. - - * hxtool.c: Try to not leak memory. - - * crypto.c (hx509_crypto_destroy): free oid. - - * error.c: Clean error string on failure just to make sure. - - * cms.c: Try to not leak memory (again). - - * hxtool.c: use a sensable content type - - * cms.c: Try harder to free certificate. - -2006-10-20 Love Hörnquist Åstrand - - * Makefile.am: Add make check data. - -2006-10-19 Love Hörnquist Åstrand - - * ks_p11.c (p11_list_keys): make element of search_data[0] - constants and set them later - - * Makefile.am: Add more files. - -2006-10-17 Love Hörnquist Åstrand - - * ks_file.c: set ret, remember to free ivdata - -2006-10-16 Love Hörnquist Åstrand - - * hx_locl.h: Include . - - * test_crypto.in: Test random-data. - - * hxtool.c: RAND_bytes() return 1 for cryptographic strong data, - check for that. - - * Makefile.am: clean random-data - - * hxtool.c: Add random-data command, use sl_slc_help. - - * hxtool-commands.in: Add random-data. - - * ks_p12.c: Remember to release certs. - - * ks_p11.c: Remember to release certs. - -2006-10-14 Love Hörnquist Åstrand - - * prefix der primitives with der_ - - * lock.c: Match the prompt type PROMPT exact. - - * hx_locl.h: Drop heim_any.h - -2006-10-11 Love Hörnquist Åstrand - - * ks_p11.c (p11_release_module): j needs to be used as inter loop - index. From Douglas Engert. - - * ks_file.c (parse_rsa_private_key): try all passwords and - prompter. - -2006-10-10 Love Hörnquist Åstrand - - * test_*.in: Parameterise the invocation of hxtool, so we can make - it run under TESTS_ENVIRONMENT. From Andrew Bartlett - -2006-10-08 Love Hörnquist Åstrand - - * test_crypto.in: Put all test stuck at 2006-09-25 since all their - chains where valied then. - - * hxtool.c: Implement --time= option. - - * hxtool-commands.in: Add option time. - - * Makefile.am: test_name is a PROGRAM_TESTS - - * ks_p11.c: Return HX509_PKCS11_NO_SLOT when there are no slots - and HX509_PKCS11_NO_TOKEN when there are no token. For use in PAM - modules that want to detect when to use smartcard login and when - not to. Patched based on code from Douglas Engert. - - * hx509_err.et: Add new pkcs11 related errors in a new section: - keystore related error. Patched based on code from Douglas - Engert. - -2006-10-07 Love Hörnquist Åstrand - - * Makefile.am: Make depenency for slc built files just like - everywhere else. - - * cert.c: Add all openssl algs and init asn1 et - -2006-10-06 Love Hörnquist Åstrand - - * ks_file.c (parse_rsa_private_key): free type earlier. - - * ks_file.c (parse_rsa_private_key): free type after use - - * name.c (_hx509_Name_to_string): remove dup const - -2006-10-02 Love Hörnquist Åstrand - - * Makefile.am: Add more libs to libhx509 - -2006-10-01 Love Hörnquist Åstrand - - * ks_p11.c: Fix double free's, NULL ptr de-reference, and conform - better to pkcs11. From Douglas Engert. - - * ref: remove ^M, it breaks solaris 10s cc. From Harald Barth - -2006-09-19 Love Hörnquist Åstrand - - * test_crypto.in: Bleichenbacher bad cert from Ralf-Philipp - Weinmann and Andrew Pyshkin, pad right. - - * data: starfield test root cert and Ralf-Philipp and Andreis - correctly padded bad cert - -2006-09-15 Love Hörnquist Åstrand - - * test_crypto.in: Add test for yutaka certs. - - * cert.c: Add a strict rfc3280 verification flag. rfc3280 requires - certificates to have KeyUsage.keyCertSign if they are to be used - for signing of certificates, but the step in the verifiation is - optional. - - * hxtool.c: Improve printing and error reporting. - -2006-09-13 Love Hörnquist Åstrand - - * test_crypto.in,Makefile.am,data/bleichenbacher-{bad,good}.pem: - test bleichenbacher from eay - -2006-09-12 Love Hörnquist Åstrand - - * hxtool.c: Make common function for all getarg_strings and - hx509_certs_append commonly used. - - * cms.c: HX509_CMS_UE_DONT_REQUIRE_KU_ENCIPHERMENT is a negative - flag, treat it was such. - -2006-09-11 Love Hörnquist Åstrand - - * req.c: Use the new add_GeneralNames function. - - * hx509.h: Add HX509_CMS_UE_DONT_REQUIRE_KU_ENCIPHERMENT. - - * ks_p12.c: Adapt to new signature of hx509_cms_unenvelope. - - * hxtool.c: Adapt to new signature of hx509_cms_unenvelope. - - * cms.c: Allow passing in encryptedContent and flag. Add new flag - HX509_CMS_UE_DONT_REQUIRE_KU_ENCIPHERMENT. - -2006-09-08 Love Hörnquist Åstrand - - * ks_p11.c: cast void * to char * when using it for %s formating - in printf. - - * name.c: New function _hx509_Name_to_string. - -2006-09-07 Love Hörnquist Åstrand - - * ks_file.c: Sprinkle error messages. - - * cms.c: Sprinkle even more error messages. - - * cms.c: Sprinkle some error messages. - - * cms.c (find_CMSIdentifier): only free string when we allocated - one. - - * ks_p11.c: Don't build most of the pkcs11 module if there are no - dlopen(). - -2006-09-06 Love Hörnquist Åstrand - - * cms.c (hx509_cms_unenvelope): try to save the error string from - find_CMSIdentifier so we have one more bit of information what - went wrong. - - * hxtool.c: More pretty printing, make verify_signed return the - error string from the library. - - * cms.c: Try returning what certificates failed to parse or be - found. - - * ks_p11.c (p11_list_keys): fetch CKA_LABEL and use it to set the - friendlyname for the certificate. - -2006-09-05 Love Hörnquist Åstrand - - * crypto.c: check that there are no extra bytes in the checksum - and that the parameters are NULL or the NULL-type. All to avoid - having excess data that can be used to fake the signature. - - * hxtool.c: print keyusage - - * print.c: add hx509_cert_keyusage_print, simplify oid printing - - * cert.c: add _hx509_cert_get_keyusage - - * ks_p11.c: keep one session around for the whole life of the keyset - - * test_query.in: tests more selection - - * hxtool.c: improve pretty printing in print and query - - * hxtool{.c,-commands.in}: add selection on KU and printing to query - - * test_cms.in: Add cms test for digitalSignature and - keyEncipherment certs. - - * name.c (no): Add serialNumber - - * ks_p11.c (p11_get_session): return better error messages - -2006-09-04 Love Hörnquist Åstrand - - * ref: update to pkcs11 reference files 2.20 - - * ks_p11.c: add more mechflags - - * name.c (no): add OU and sort - - * revoke.c: pass context to _hx509_create_signature - - * ks_p11.c (p11_printinfo): print proper plural s - - * ks_p11.c: save the mechs supported when initing the token, print - them in printinfo. - - * hx_locl.h: Include . - - * cms.c: pass context to _hx509_create_signature - - * req.c: pass context to _hx509_create_signature - - * keyset.c (hx509_certs_info): print information about the keyset. - - * hxtool.c (pcert_print) print keystore info when --info flag is - given. - - * hxtool-commands.in: Add hxtool print --info. - - * test_query.in: Test hxtool print --info. - - * hx_locl.h (hx509_keyset_ops): add printinfo - - * crypto.c: Start to hang the private key operations of the - private key, pass hx509_context to create_checksum. - -2006-05-29 Love Hörnquist Åstrand - - * ks_p11.c: Iterate over all slots, not just the first/selected - one. - -2006-05-27 Love Hörnquist Åstrand - - * cert.c: Add release function for certifiates so backend knowns - when its no longer used. - - * ks_p11.c: Add reference counting on certifiates, push out - CK_SESSION_HANDLE from slot. - - * cms.c: sprinkle more hx509_clear_error_string - -2006-05-22 Love Hörnquist Åstrand - - * ks_p11.c: Sprinkle some hx509_set_error_strings - -2006-05-13 Love Hörnquist Åstrand - - * hxtool.c: Avoid shadowing. - - * revoke.c: Avoid shadowing. - - * ks_file.c: Avoid shadowing. - - * cert.c: Avoid shadowing. - -2006-05-12 Love Hörnquist Åstrand - - * lock.c (hx509_prompt_hidden): reshuffle to avoid gcc warning - - * hx509.h: Reshuffle the prompter types, remove the hidden field. - - * lock.c (hx509_prompt_hidden): return if the prompt should be - hidden or not - - * revoke.c (hx509_revoke_free): allow free of NULL. - -2006-05-11 Love Hörnquist Åstrand - - * ks_file.c (file_init): Avoid shadowing ret (and thus avoiding - crashing). - - * ks_dir.c: Implement DIR: caches useing FILE: caches. - - * ks_p11.c: Catch more errors. - -2006-05-08 Love Hörnquist Åstrand - - * crypto.c (hx509_crypto_encrypt): free correctly in error - path. From Andrew Bartlett. - - * crypto.c: If RAND_bytes fails, then we will attempt to - double-free crypt->key.data. From Andrew Bartlett. - -2006-05-05 Love Hörnquist Åstrand - - * name.c: Rename u_intXX_t to uintXX_t - -2006-05-03 Love Hörnquist Åstrand - - * TODO: More to do about the about the PKCS11 code. - - * ks_p11.c: Use the prompter from the lock function. - - * lock.c: Deal with that hx509_prompt.reply is no longer a - pointer. - - * hx509.h: Make hx509_prompt.reply not a pointer. - -2006-05-02 Love Hörnquist Åstrand - - * keyset.c: Sprinkle setting error strings. - - * crypto.c: Sprinkle setting error strings. - - * collector.c: Sprinkle setting error strings. - - * cms.c: Sprinkle setting error strings. - -2006-05-01 Love Hörnquist Åstrand - - * test_name.c: renamed one error code - - * name.c: renamed one error code - - * ks_p11.c: _hx509_set_cert_attribute changed signature - - * hxtool.c (pcert_print): use hx509_err so I can test it - - * error.c (hx509_set_error_stringv): clear errors on malloc - failure - - * hx509_err.et: Add some more errors - - * cert.c: Sprinkle setting error strings. - - * cms.c: _hx509_path_append changed signature. - - * revoke.c: changed signature of _hx509_check_key_usage - - * keyset.c: changed signature of _hx509_query_match_cert - - * hx509.h: Add support for error strings. - - * cms.c: changed signature of _hx509_check_key_usage - - * Makefile.am: ibhx509_la_files += error.c - - * ks_file.c: Sprinkel setting error strings. - - * cert.c: Sprinkel setting error strings. - - * hx_locl.h: Add support for error strings. - - * error.c: Add string error handling functions. - - * keyset.c (hx509_certs_init): pass the right error code back - -2006-04-30 Love Hörnquist Åstrand - - * revoke.c: Revert previous patch. - (hx509_ocsp_verify): new function that returns the expiration of - certificate in ocsp data-blob - - * cert.c: Reverse previous patch, lets do it another way. - - * cert.c (hx509_revoke_verify): update usage - - * revoke.c: Make compile. - - * revoke.c: Add the expiration time the crl/ocsp info expire - - * name.c: Add hx509_name_is_null_p - - * cert.c: remove _hx509_cert_private_sigature - -2006-04-29 Love Hörnquist Åstrand - - * name.c: Expose more of Name. - - * hxtool.c (main): add missing argument to printf - - * data/openssl.cnf: Add EKU for the KDC certificate - - * cert.c (hx509_cert_get_base_subject): reject un-canon proxy - certs, not the reverse - (add_to_list): constify and fix argument order to - copy_octet_string - (hx509_cert_find_subjectAltName_otherName): make work - -2006-04-28 Love Hörnquist Åstrand - - * data/{pkinit,kdc}.{crt,key}: pkinit certificates - - * data/gen-req.sh: Generate pkinit certificates. - - * data/openssl.cnf: Add pkinit glue. - - * cert.c (hx509_verify_hostname): implement stub function - -2006-04-27 Love Hörnquist Åstrand - - * TODO: CRL delta support - -2006-04-26 Love Hörnquist Åstrand - - * data/.cvsignore: ignore leftover from OpenSSL cert generation - - * hx509_err.et: Add name malformated error - - * name.c (hx509_parse_name): don't abort on error, rather return - error - - * test_name.c: Test failure parsing name. - - * cert.c: When verifying certificates, store subject basename for - later consumption. - - * test_name.c: test to parse and print name and check that they - are the same. - - * name.c (hx509_parse_name): fix length argument to printf string - - * name.c (hx509_parse_name): fix length argument to stringtooid, 1 - too short. - - * cert.c: remove debug printf's - - * name.c (hx509_parse_name): make compile pre c99 - - * data/gen-req.sh: OpenSSL have a serious issue of user confusion - -subj in -ca takes the arguments in LDAP order. -subj for x509 - takes it in x509 order. - - * cert.c (hx509_verify_path): handle the case where the where two - proxy certs in a chain. - - * test_chain.in: enable two proxy certificates in a chain test - - * test_chain.in: tests proxy certificates - - * data: re-gen - - * data/gen-req.sh: build proxy certificates - - * data/openssl.cnf: add def for proxy10_cert - - * hx509_err.et: Add another proxy certificate error. - - * cert.c (hx509_verify_path): Need to mangle name to remove the CN - of the subject, copying issuer only works for one level but is - better then doing no checking at all. - - * hxtool.c: Add verify --allow-proxy-certificate. - - * hxtool-commands.in: add verify --allow-proxy-certificate - - * hx509_err.et: Add proxy certificate errors. - - * cert.c: Fix comment about subject name of proxy certificate. - - * test_chain.in: tests for proxy certs - - * data/gen-req.sh: gen proxy and non-proxy tests certificates - - * data/openssl.cnf: Add definition for proxy certs - - * data/*proxy-test.*: Add proxy certificates - - * cert.c (hx509_verify_path): verify proxy certificate have no san - or ian - - * cert.c (hx509_verify_set_proxy_certificate): Add - (*): rename policy cert to proxy cert - - * cert.c: Initial support for proxy certificates. - -2006-04-24 Love Hörnquist Åstrand - - * hxtool.c: some error checking - - * name.c: Switch over to asn1 generaed oids. - - * TODO: merge with old todo file - -2006-04-23 Love Hörnquist Åstrand - - * test_query.in: make quiet - - * test_req.in: SKIP test if there is no RSA support. - - * hxtool.c: print dh method too - - * test_chain.in: SKIP test if there is no RSA support. - - * test_cms.in: SKIP test if there is no RSA support. - - * test_nist.in: SKIP test if there is no RSA support. - -2006-04-22 Love Hörnquist Åstrand - - * hxtool-commands.in: Allow passing in pool and anchor to - signedData - - * hxtool.c: Allow passing in pool and anchor to signedData - - * test_cms.in: Test that certs in signed data is picked up. - - * hx_locl.h: Expose the path building function to internal - functions. - - * cert.c: Expose the path building function to internal functions. - - * hxtool-commands.in: cms-envelope: Add support for choosing the - encryption type - - * hxtool.c (cms_create_enveloped): Add support for choosing the - encryption type - - * test_cms.in: Test generating des-ede3 aes-128 aes-256 enveloped - data - - * crypto.c: Add names to cipher types. - - * cert.c (hx509_query_match_friendly_name): fix return value - - * data/gen-req.sh: generate tests for enveloped data using - des-ede3 and aes256 - - * test_cms.in: add tests for enveloped data using des-ede3 and - aes256 - - * cert.c (hx509_query_match_friendly_name): New function. - -2006-04-21 Love Hörnquist Åstrand - - * ks_p11.c: Add support for parsing slot-number. - - * crypto.c (oid_private_rc2_40): simply - - * crypto.c: Use oids from asn1 generator. - - * ks_file.c (file_init): reset length when done with a part - - * test_cms.in: check with test.combined.crt. - - * data/gen-req.sh: Create test.combined.crt. - - * test_cms.in: Test signed data using keyfile that is encrypted. - - * ks_file.c: Remove (commented out) debug printf - - * ks_file.c (parse_rsa_private_key): use EVP_get_cipherbyname - - * ks_file.c (parse_rsa_private_key): make working for one - password. - - * ks_file.c (parse_rsa_private_key): Implement enought for - testing. - - * hx_locl.h: Add - - * ks_file.c: Add glue code for PEM encrypted password files. - - * test_cms.in: Add commeted out password protected PEM file, - remove password for those tests that doesn't need it. - - * test_cms.in: adapt test now that we can use any certificate and - trust anchor - - * collector.c: handle PEM RSA PRIVATE KEY files - - * cert.c: Remove unused function. - - * ks_dir.c: move code here from ks_file.c now that its no longer - used. - - * ks_file.c: Add support for parsing unencrypted RSA PRIVATE KEY - - * crypto.c: Handle rsa private keys better. - -2006-04-20 Love Hörnquist Åstrand - - * hxtool.c: Use hx509_cms_{,un}wrap_ContentInfo - - * cms.c: Make hx509_cms_{,un}wrap_ContentInfo usable in asn1 - un-aware code. - - * cert.c (hx509_verify_path): if trust anchor is not self signed, - don't check sig From Douglas Engert. - - * test_chain.in: test "sub-cert -> sub-ca" - - * crypto.c: Use the right length for the sha256 checksums. - -2006-04-15 Love Hörnquist Åstrand - - * crypto.c: Fix breakage from sha256 code. - - * crypto.c: Add SHA256 support, and symbols for the other new - SHA-2 types. - -2006-04-14 Love Hörnquist Åstrand - - * test_cms.in: test rc2-40 rc2-64 rc2-128 enveloped data - - * data/test-enveloped-rc2-{40,64,128}: add tests cases for rc2 - - * cms.c: Update prototypes changes for hx509_crypto_[gs]et_params. - - * crypto.c: Break out the parameter handling code for encrypting - data to handle RC2. Needed for Windows 2k pk-init support. - -2006-04-04 Love Hörnquist Åstrand - - * Makefile.am: Split libhx509_la_SOURCES into build file and - distributed files so we can avoid building prototypes for - build-files. - -2006-04-03 Love Hörnquist Åstrand - - * TODO: split certificate request into pkcs10 and CRMF - - * hxtool-commands.in: Add nonce flag to ocsp-fetch - - * hxtool.c: control sending nonce - - * hxtool.c (request_create): store the request in a file, no in - bitbucket. - - * cert.c: expose print_cert_subject internally - - * hxtool.c: Add ocsp_print. - - * hxtool-commands.in: New command "ocsp-print". - - * hx_locl.h: Include . - - * revoke.c (verify_ocsp): require issuer to match too. - (free_ocsp): new function - (hx509_revoke_ocsp_print): new function, print ocsp reply - - * Makefile.am: build CRMF files - - * data/key.der: needed for cert request test - - * test_req.in: adapt to rename of pkcs10-create to request-create - - * hxtool.c: adapt to rename of pkcs10-create to request-create - - * hxtool-commands.in: Rename pkcs10-create to request-create - - * crypto.c: (_hx509_parse_private_key): Avoid crashing on bad input. - - * hxtool.c (pkcs10_create): use opt->subject_string - - * hxtool-commands.in: Add pkcs10-create --subject - - * Makefile.am: Add test_req to tests. - - * test_req.in: Test for pkcs10 commands. - - * name.c (hx509_parse_name): new function. - - * hxtool.c (pkcs10_create): implement - - * hxtool-commands.in (pkcs10-create): Add arguments - - * crypto.c: Add _hx509_private_key2SPKI and support - functions (only support RSA for now). - -2006-04-02 Love Hörnquist Åstrand - - * hxtool-commands.in: Add pkcs10-create command. - - * hx509.h: Add hx509_request. - - * TODO: more stuff - - * Makefile.am: Add req.c - - * req.c: Create certificate requests, prototype converts the - request in a pkcs10 packet. - - * hxtool.c: Add pkcs10_create - - * name.c (hx509_name_copy): new function. - -2006-04-01 Love Hörnquist Åstrand - - * TODO: fill out what do - - * hxtool-commands.in: add pkcs10-print - - * hx_locl.h: Include . - - * pkcs10.asn1: PKCS#10 - - * hxtool.c (pkcs10_print): new function. - - * test_chain.in: test ocsp keyhash - - * data: generate ocsp keyhash version too - - * revoke.c (load_ocsp): test that we got back a BasicReponse - - * ocsp.asn1: Add asn1_id_pkix_ocsp*. - - * Makefile.am: Add asn1_id_pkix_ocsp*. - - * cert.c: Add HX509_QUERY_MATCH_KEY_HASH_SHA1 - - * hx_locl.h: Add HX509_QUERY_MATCH_KEY_HASH_SHA1 - - * revoke.c: Support OCSPResponderID.byKey, indent. - - * revoke.c (hx509_ocsp_request): Add nonce to ocsp request. - - * hxtool.c: Add nonce to ocsp request. - - * test_chain.in: Added crl tests - - * data/nist-data: rename missing-crl to missing-revoke - - * data: make ca use openssl ca command so we can add ocsp tests, - and regen certs - - * test_chain.in: Add revoked ocsp cert test - - * cert.c: rename missing-crl to missing-revoke - - * revoke.c: refactor code, fix a un-init-ed variable - - * test_chain.in: rename missing-crl to missing-revoke add ocsp - tests - - * test_cms.in: rename missing-crl to missing-revoke - - * hxtool.c: rename missing-crl to missing-revoke - - * hxtool-commands.in: rename missing-crl to missing-revoke - - * revoke.c: Plug one memory leak. - - * revoke.c: Renamed generic CRL related errors. - - * hx509_err.et: Comments and renamed generic CRL related errors - - * revoke.c: Add ocsp checker. - - * ocsp.asn1: Add id-kp-OCSPSigning - - * hxtool-commands.in: add url-path argument to ocsp-fetch - - * hxtool.c: implement ocsp-fetch - - * cert.c: Use HX509_DEFAULT_OCSP_TIME_DIFF. - - * hx_locl.h: Add ocsp_time_diff to hx509_context - - * crypto.c (_hx509_verify_signature_bitstring): new function, - commonly use when checking certificates - - * cms.c (hx509_cms_envelope_1): check for internal ASN.1 encoder - error - - * cert.c: Add ocsp glue, use new - _hx509_verify_signature_bitstring, add eku checking function. - -2006-03-31 Love Hörnquist Åstrand - - * Makefile.am: add id_kp_OCSPSigning.x - - * revoke.c: Pick out certs in ocsp response - - * TODO: list of stuff to verify - - * revoke.c: Add code to load OCSPBasicOCSPResponse files, reload - crl when its changed on disk. - - * cert.c: Update for ocsp merge. handle building path w/o - subject (using subject key id) - - * ks_p12.c: _hx509_map_file changed prototype. - - * file.c: _hx509_map_file changed prototype, returns struct stat - if requested. - - * ks_file.c: _hx509_map_file changed prototype. - - * hxtool.c: Add stub for ocsp-fetch, _hx509_map_file changed - prototype, add ocsp parsing to verify command. - - * hx_locl.h: rename HX509_CTX_CRL_MISSING_OK to - HX509_CTX_VERIFY_MISSING_OK now that we have OCSP glue - -2006-03-30 Love Hörnquist Åstrand - - * hx_locl.h: Add to make it compile on Solaris, - from Alex V. Labuta. - -2006-03-28 Love Hörnquist Åstrand - - * crypto.c (_hx509_pbe_decrypt): try all passwords, not just the - first one. - -2006-03-27 Love Hörnquist Åstrand - - * print.c (check_altName): Print the othername oid. - - * crypto.c: Manual page claims RSA_public_decrypt will return -1 - on error, lets check for that - - * crypto.c (_hx509_pbe_decrypt): also try the empty password - - * collector.c (match_localkeyid): no need to add back the cert to - the cert pool, its already there. - - * crypto.c: Add REQUIRE_SIGNER - - * cert.c (hx509_cert_free): ok to free NULL - - * hx509_err.et: Add new error code SIGNATURE_WITHOUT_SIGNER. - - * name.c (_hx509_name_ds_cmp): make DirectoryString case - insenstive - (hx509_name_to_string): less spacing - - * cms.c: Check for signature error, check consitency of error - -2006-03-26 Love Hörnquist Åstrand - - * collector.c (_hx509_collector_alloc): handle errors - - * cert.c (hx509_query_alloc): allocate slight more more then a - sizeof(pointer) - - * crypto.c (_hx509_private_key_assign_key_file): ask for password - if nothing matches. - - * cert.c: Expose more of the hx509_query interface. - - * collector.c: hx509_certs_find is now exposed. - - * cms.c: hx509_certs_find is now exposed. - - * revoke.c: hx509_certs_find is now exposed. - - * keyset.c (hx509_certs_free): allow free-ing NULL - (hx509_certs_find): expose - (hx509_get_one_cert): new function - - * hxtool.c: hx509_certs_find is now exposed. - - * hx_locl.h: Remove hx509_query, its exposed now. - - * hx509.h: Add hx509_query. - -2006-02-22 Love Hörnquist Åstrand - - * cert.c: Add exceptions for null (empty) subjectNames - - * data/nist-data: Add some more name constraints tests. - - * data/nist-data: Add some of the test from 4.13 Name Constraints. - - * cert.c: Name constraits needs to be evaluated in block as they - appear in the certificates, they can not be joined to one - list. One example of this is: - - - cert is cn=foo,dc=bar,dc=baz - - subca is dc=foo,dc=baz with name restriction dc=kaka,dc=baz - - ca is dc=baz with name restriction dc=baz - - If the name restrictions are merged to a list, the certificate - will pass this test. - -2006-02-14 Love Hörnquist Åstrand - - * cert.c: Handle more name constraints cases. - - * crypto.c (dsa_verify_signature): if test if malloc failed - -2006-01-31 Love Hörnquist Åstrand - - * cms.c: Drop partial pkcs12 string2key implementation. - -2006-01-20 Love Hörnquist Åstrand - - * data/nist-data: Add commited out DSA tests (they fail). - - * data/nist-data: Add 4.2 Validity Periods. - - * test_nist.in: Make less verbose to use. - - * Makefile.am: Add test_nist_cert. - - * data/nist-data: Add some more CRL-tests. - - * test_nist.in: Print $id instead of . when running the tests. - - * test_nist.in: Drop verifying certifiates, its done in another - test now. - - * data/nist-data: fixup kill-rectangle leftovers - - * data/nist-data: Drop verifying certifiates, its done in another - test now. Add more crl tests. comment out all unused tests. - - * test_nist_cert.in: test parse all nist certs - -2006-01-19 Love Hörnquist Åstrand - - * hx509_err.et: Add HX509_CRL_UNKNOWN_EXTENSION. - - * revoke.c: Check for unknown extentions in CRLs and CRLEntries. - - * test_nist.in: Parse new format to handle CRL info. - - * test_chain.in: Add --missing-crl. - - * name.c (hx509_unparse_der_name): Rename from hx509_parse_name. - (_hx509_unparse_Name): Add. - - * hxtool-commands.in: Add --missing-crl to verify commands. - - * hx509_err.et: Add CRL errors. - - * cert.c (hx509_context_set_missing_crl): new function Add CRL - handling. - - * hx_locl.h: Add HX509_CTX_CRL_MISSING_OK. - - * revoke.c: Parse and verify CRLs (simplistic). - - * hxtool.c: Parse CRL info. - - * data/nist-data: Change format so we can deal with CRLs, also - note the test-id from PKITS. - - * data: regenerate test - - * data/gen-req.sh: use static-file to generate tests - - * data/static-file: new file to use for commited tests - - * test_cms.in: Use static file, add --missing-crl. - -2006-01-18 Love Hörnquist Åstrand - - * print.c: Its cRLReason, not cRLReasons. - - * hxtool.c: Attach revoke context to verify context. - - * data/nist-data: change syntax to make match better with crl - checks - - * cert.c: Verify no certificates has been revoked with the new - revoke interface. - - * Makefile.am: libhx509_la_SOURCES += revoke.c - - * revoke.c: Add framework for handling CRLs. - - * hx509.h: Add hx509_revoke_ctx. - -2006-01-13 Love Hörnquist Åstrand - - * delete crypto_headers.h, use global file instead. - - * crypto.c (PBE_string2key): libdes now supports PKCS12_key_gen - -2006-01-12 Love Hörnquist Åstrand - - * crypto_headers.h: Need BN_is_negative too. - -2006-01-11 Love Hörnquist Åstrand - - * ks_p11.c (p11_rsa_public_decrypt): since is wrong, don't provide - it. PKCS11 can't do public_decrypt, it support verify though. All - this doesn't matter, since the code never go though this path. - - * crypto_headers.h: Provide glue to compile with less warnings - with OpenSSL - -2006-01-08 Love Hörnquist Åstrand - - * Makefile.am: Depend on LIB_des - - * lock.c: Use "crypto_headers.h". - - * crypto_headers.h: Include the two diffrent implementation of - crypto headers. - - * cert.c: Use "crypto-headers.h". Load ENGINE configuration. - - * crypto.c: Make compile with both OpenSSL and heimdal libdes. - - * ks_p11.c: Add code for public key decryption (not supported yet) - and use "crypto-headers.h". - - -2006-01-04 Love Hörnquist Åstrand - - * add a hx509_context where we can store configuration - - * p11.c,Makefile.am: pkcs11 is now supported by library, remove - old files. - - * ks_p11.c: more paranoid on refcount, set refcounter ealier, - reset pointers after free - - * collector.c (struct private_key): remove temporary key data - storage, convert directly to a key - (match_localkeyid): match certificate and key using localkeyid - (match_keys): match certificate and key using _hx509_match_keys - (_hx509_collector_collect): rewrite to use match_keys and - match_localkeyid - - * crypto.c (_hx509_match_keys): function that determins if a - private key matches a certificate, used when there is no - localkeyid. - (*) reset free pointer - - * ks_file.c: Rewrite to use collector and mapping support - function. - - * ks_p11.c (rsa_pkcs1_method): constify - - * ks_p11.c: drop extra wrapping of p11_init - - * crypto.c (_hx509_private_key_assign_key_file): use function to - extact rsa key - - * cert.c: Revert previous, refcounter is unsigned, so it can never - be negative. - - * cert.c (hx509_cert_ref): more refcount paranoia - - * ks_p11.c: Implement rsa_private_decrypt and add stubs for public - ditto. - - * ks_p11.c: Less printf, less memory leaks. - - * ks_p11.c: Implement signing using pkcs11. - - * ks_p11.c: Partly assign private key, enough to complete - collection, but not any crypto functionallity. - - * collector.c: Use hx509_private_key to assign private keys. - - * crypto.c: Remove most of the EVP_PKEY code, and use RSA - directly, this temporary removes DSA support. - - * hxtool.c (print_f): print if there is a friendly name and if - there is a private key - -2006-01-03 Love Hörnquist Åstrand - - * name.c: Avoid warning from missing __attribute__((noreturn)) - - * lock.c (_hx509_lock_unlock_certs): return unlock certificates - - * crypto.c (_hx509_private_key_assign_ptr): new function, exposes - EVP_PKEY - (_hx509_private_key_assign_key_file): remember to free private key - if there is one. - - * cert.c (_hx509_abort): add newline to output and flush stdout - - * Makefile.am: libhx509_la_SOURCES += collector.c - - * hx_locl.h: forward type declaration of struct hx509_collector. - - * collector.c: Support functions to collect certificates and - private keys and then match them. - - * ks_p12.c: Use the new hx509_collector support functions. - - * ks_p11.c: Add enough glue to support certificate iteration. - - * test_nist_pkcs12.in: Less verbose. - - * cert.c (hx509_cert_free): if there is a private key assosited - with this cert, free it - - * print.c: Use _hx509_abort. - - * ks_p12.c: Use _hx509_abort. - - * hxtool.c: Use _hx509_abort. - - * crypto.c: Use _hx509_abort. - - * cms.c: Use _hx509_abort. - - * cert.c: Use _hx509_abort. - - * name.c: use _hx509_abort - -2006-01-02 Love Hörnquist Åstrand - - * name.c (hx509_name_to_string): don't cut bmpString in half. - - * name.c (hx509_name_to_string): don't overwrite with 1 byte with - bmpString. - - * ks_file.c (parse_certificate): avoid stomping before array - - * name.c (oidtostring): avoid leaking memory - - * keyset.c: Add _hx509_ks_dir_register. - - * Makefile.am (libhx509_la_SOURCES): += ks_dir.c - - * hxtool-commands.in: Remove pkcs11. - - * hxtool.c: Remove pcert_pkcs11. - - * ks_file.c: Factor out certificate parsing code. - - * ks_dir.c: Add new keystore that treats all files in a directory - a keystore, useful for regression tests. - -2005-12-12 Love Hörnquist Åstrand - - * test_nist_pkcs12.in: Test parse PKCS12 files from NIST. - - * data/nist-data: Can handle DSA certificate. - - * hxtool.c: Print error code on failure. - -2005-10-29 Love Hörnquist Åstrand - - * crypto.c: Support DSA signature operations. - -2005-10-04 Love Hörnquist Åstrand - - * print.c: Validate that issuerAltName and subjectAltName isn't - empty. - -2005-09-14 Love Hörnquist Åstrand - - * p11.c: Cast to unsigned char to avoid warning. - - * keyset.c: Register pkcs11 module. - - * Makefile.am: Add ks_p11.c, install hxtool. - - * ks_p11.c: Starting point of a pkcs11 module. - -2005-09-04 Love Hörnquist Åstrand - - * lock.c: Implement prompter. - - * hxtool-commands.in: add --content to print - - * hxtool.c: Split verify and print. - - * cms.c: _hx509_pbe_decrypt now takes a hx509_lock. - - * crypto.c: Make _hx509_pbe_decrypt take a hx509_lock, workaround - for empty password. - - * name.c: Add DC, handle all Directory strings, fix signless - problems. - -2005-09-03 Love Hörnquist Åstrand - - * test_query.in: Pass in --pass to all commands. - - * hxtool.c: Use option --pass. - - * hxtool-commands.in: Add --pass to all commands. - - * hx509_err.et: add UNKNOWN_LOCK_COMMAND and CRYPTO_NO_PROMPTER - - * test_cms.in: pass in password to cms-create-sd - - * crypto.c: Abstract out PBE_string2key so I can add PBE2 s2k - later. Avoid signess warnings with OpenSSL. - - * cms.c: Use void * instead of char * for to avoid signedness - issues - - * cert.c (hx509_cert_get_attribute): remove const, its not - - * ks_p12.c: Cast size_t to unsigned long when print. - - * name.c: Fix signedness warning. - - * test_query.in: Use echo, the function check isn't defined here. - -2005-08-11 Love Hörnquist Åstrand - - * hxtool-commands.in: Add more options that was missing. - -2005-07-28 Love Hörnquist Åstrand - - * test_cms.in: Use --certificate= for enveloped/unenvelope. - - * hxtool.c: Use --certificate= for enveloped/unenvelope. Clean - up. - - * test_cms.in: add EnvelopeData tests - - * hxtool.c: use id-envelopedData for ContentInfo - - * hxtool-commands.in: add contentinfo wrapping for create/unwrap - enveloped data - - * hxtool.c: add contentinfo wrapping for create/unwrap enveloped - data - - * data/gen-req.sh: add enveloped data (aes128) - - * crypto.c: add "new" RC2 oid - -2005-07-27 Love Hörnquist Åstrand - - * hx_locl.h, cert.c: Add HX509_QUERY_MATCH_FUNCTION that allows - caller to match by function, note that this doesn't not work - directly for backends that implements ->query, they must do their - own processing. (I'm running out of flags, only 12 left now) - - * test_cms.in: verify ContentInfo wrapping code in hxtool - - * hxtool-commands.in (cms_create_sd): support wrapping in content - info spelling - - * hxtool.c (cms_create_sd): support wrapping in content info - - * test_cms.in: test more cms signeddata messages - - * data/gen-req.sh: generate SignedData - - * hxtool.c (cms_create_sd): support certificate store, add support - to unwrap a ContentInfo the SignedData inside. - - * crypto.c: sprinkel rk_UNCONST - - * crypto.c: add DER NULL to the digest oid's - - * hxtool-commands.in: add --content-info to cms-verify-sd - - * cms.c (hx509_cms_create_signed_1): pass in a full - AlgorithmIdentifier instead of heim_oid for digest_alg - - * crypto.c: make digest_alg a digest_oid, it's not needed right - now - - * hx509_err.et: add CERT_NOT_FOUND - - * keyset.c (_hx509_certs_find): add error code for cert not - found - - * cms.c (hx509_cms_verify_signed): add external store of - certificates, use the right digest algorithm identifier. - - * cert.c: fix const warning - - * ks_p12.c: slightly less verbose - - * cert.c: add hx509_cert_find_subjectAltName_otherName, add - HX509_QUERY_MATCH_FRIENDLY_NAME - - * hx509.h: add hx509_octet_string_list, remove bad comment - - * hx_locl.h: add HX509_QUERY_MATCH_FRIENDLY_NAME - - * keyset.c (hx509_certs_append): needs a hx509_lock, add one - - * Makefile.am: add test cases tempfiles to CLEANFILES - - * Makefile.am: add test_query to TESTS, fix dependency on hxtool - sources on hxtool-commands.h - - * hxtool-commands.in: explain what signer is for create-sd - - * hxtool.c: add query, add more options to verify-sd and create-sd - - * test_cms.in: add more cms tests - - * hxtool-commands.in: add query, add more options to verify-sd - - * test_query.in: test query interface - - * data: fix filenames for ds/ke files, add pkcs12 files, regen - - * hxtool.c,Makefile.am,hxtool-commands.in: switch to slc - -2005-07-26 Love Hörnquist Åstrand - - * cert.c (hx509_verify_destroy_ctx): add - - * hxtool.c: free hx509_verify_ctx - - * name.c (_hx509_name_ds_cmp): make sure all strings are not equal - -2005-07-25 Love Hörnquist Åstrand - - * hxtool.c: return error - - * keyset.c: return errors from iterations - - * test_chain.in: clean up checks - - * ks_file.c (parse_certificate): return errno's not 1 in case of - error - - * ks_file.c (file_iter): make sure endpointer is NULL - - * ks_mem.c (mem_iter): follow conversion and return NULL when we - get to the end, not ENOENT. - - * Makefile.am: test_chain depends on hxtool - - * data: test certs that lasts 10 years - - * data/gen-req.sh: script to generate test certs - - * Makefile.am: Add regression tests. - - * data: test certificate and keys - - * test_chain.in: test chain - - * hxtool.c (cms_create_sd): add KU digitalSigature as a - requirement to the query - - * hx_locl.h: add KeyUsage query bits - - * hx509_err.et: add KeyUsage error - - * cms.c: add checks for KeyUsage - - * cert.c: more checks on KeyUsage, allow to query on them too - -2005-07-24 Love Hörnquist Åstrand - - * cms.c: Add missing break. - - * hx_locl.h,cms.c,cert.c: allow matching on SubjectKeyId - - * hxtool.c: Use _hx509_map_file, _hx509_unmap_file and - _hx509_write_file. - - * file.c (_hx509_write_file): in case of write error, return errno - - * file.c (_hx509_write_file): add a function that write a data - blob to disk too - - * Fix id-tags - - * Import mostly complete X.509 and CMS library. Handles, PEM, DER, - PKCS12 encoded certicates. Verificate RSA chains and handled - CMS's SignedData, and EnvelopedData. - - diff --git a/crypto/heimdal/lib/hx509/Makefile.am b/crypto/heimdal/lib/hx509/Makefile.am deleted file mode 100644 index 3144a71676ad..000000000000 --- a/crypto/heimdal/lib/hx509/Makefile.am +++ /dev/null @@ -1,388 +0,0 @@ -# $Id: Makefile.am 22459 2008-01-15 21:46:20Z lha $ - -include $(top_srcdir)/Makefile.am.common - -lib_LTLIBRARIES = libhx509.la -libhx509_la_LDFLAGS = -version-info 3:0:0 - -BUILT_SOURCES = \ - $(gen_files_ocsp:.x=.c) \ - $(gen_files_pkcs10:.x=.c) \ - hx509_err.c \ - hx509_err.h - -gen_files_ocsp = \ - asn1_OCSPBasicOCSPResponse.x \ - asn1_OCSPCertID.x \ - asn1_OCSPCertStatus.x \ - asn1_OCSPInnerRequest.x \ - asn1_OCSPKeyHash.x \ - asn1_OCSPRequest.x \ - asn1_OCSPResponderID.x \ - asn1_OCSPResponse.x \ - asn1_OCSPResponseBytes.x \ - asn1_OCSPResponseData.x \ - asn1_OCSPResponseStatus.x \ - asn1_OCSPSignature.x \ - asn1_OCSPSingleResponse.x \ - asn1_OCSPTBSRequest.x \ - asn1_OCSPVersion.x \ - asn1_id_pkix_ocsp.x \ - asn1_id_pkix_ocsp_basic.x \ - asn1_id_pkix_ocsp_nonce.x - -gen_files_pkcs10 = \ - asn1_CertificationRequestInfo.x \ - asn1_CertificationRequest.x - -gen_files_crmf = \ - asn1_CRMFRDNSequence.x \ - asn1_CertReqMessages.x \ - asn1_CertReqMsg.x \ - asn1_CertRequest.x \ - asn1_CertTemplate.x \ - asn1_Controls.x \ - asn1_PBMParameter.x \ - asn1_PKMACValue.x \ - asn1_POPOPrivKey.x \ - asn1_POPOSigningKey.x \ - asn1_POPOSigningKeyInput.x \ - asn1_ProofOfPossession.x \ - asn1_SubsequentMessage.x - -dist_libhx509_la_SOURCES = \ - ca.c \ - cert.c \ - cms.c \ - collector.c \ - crypto.c \ - doxygen.c \ - error.c \ - env.c \ - file.c \ - hx509-private.h \ - hx509-protos.h \ - hx509.h \ - hx_locl.h \ - keyset.c \ - ks_dir.c \ - ks_file.c \ - ks_mem.c \ - ks_null.c \ - ks_p11.c \ - ks_p12.c \ - ks_keychain.c \ - lock.c \ - name.c \ - peer.c \ - print.c \ - softp11.c \ - ref/pkcs11.h \ - req.c \ - revoke.c - -libhx509_la_LIBADD = \ - $(LIB_com_err) \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIBADD_roken) \ - $(LIB_dlopen) - -if FRAMEWORK_SECURITY -libhx509_la_LDFLAGS += -framework Security -framework CoreFoundation -endif - -if versionscript -libhx509_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map -endif -$(libhx509_la_OBJECTS): $(srcdir)/version-script.map - -libhx509_la_CPPFLAGS = -I$(srcdir)/ref $(INCLUDE_hcrypto) -nodist_libhx509_la_SOURCES = $(BUILT_SOURCES) - -$(gen_files_ocsp) ocsp_asn1.h: ocsp_asn1_files -$(gen_files_pkcs10) pkcs10_asn1.h: pkcs10_asn1_files -$(gen_files_crmf) crmf_asn1.h: crmf_asn1_files - -asn1_compile = ../asn1/asn1_compile$(EXEEXT) - -ocsp_asn1_files: $(asn1_compile) $(srcdir)/ocsp.asn1 - $(asn1_compile) --preserve-binary=OCSPTBSRequest --preserve-binary=OCSPResponseData $(srcdir)/ocsp.asn1 ocsp_asn1 || (rm -f ocsp_asn1_files ; exit 1) - -pkcs10_asn1_files: $(asn1_compile) $(srcdir)/pkcs10.asn1 - $(asn1_compile) --preserve-binary=CertificationRequestInfo $(srcdir)/pkcs10.asn1 pkcs10_asn1 || (rm -f pkcs10_asn1_files ; exit 1) - -crmf_asn1_files: $(asn1_compile) $(srcdir)/crmf.asn1 - $(asn1_compile) $(srcdir)/crmf.asn1 crmf_asn1 || (rm -f crmf_asn1_files ; exit 1) - -$(libhx509_la_OBJECTS): $(srcdir)/hx509-protos.h $(srcdir)/hx509-private.h - -$(srcdir)/hx509-protos.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -R '^(_|^C)' -E HX509_LIB_FUNCTION -q -P comment -o hx509-protos.h $(dist_libhx509_la_SOURCES) || rm -f hx509-protos.h - -$(srcdir)/hx509-private.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p hx509-private.h $(dist_libhx509_la_SOURCES) || rm -f hx509-private.h - -dist_include_HEADERS = hx509.h hx509-protos.h -nodist_include_HEADERS = hx509_err.h - -SLC = $(top_builddir)/lib/sl/slc - -bin_PROGRAMS = hxtool - -hxtool-commands.c hxtool-commands.h: hxtool-commands.in $(SLC) - $(SLC) $(srcdir)/hxtool-commands.in - -dist_hxtool_SOURCES = hxtool.c -nodist_hxtool_SOURCES = hxtool-commands.c hxtool-commands.h - -$(hxtool_OBJECTS): hxtool-commands.h - -hxtool_CPPFLAGS = $(INCLUDE_hcrypto) -hxtool_LDADD = \ - libhx509.la \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_hcrypto) \ - $(LIB_roken) \ - $(top_builddir)/lib/sl/libsl.la - -CLEANFILES = $(BUILT_SOURCES) \ - $(gen_files_ocsp) ocsp_asn1_files ocsp_asn1.h \ - $(gen_files_pkcs10) pkcs10_asn1_files pkcs10_asn1.h \ - $(gen_files_crmf) crmf_asn1_files crmf_asn1.h \ - $(TESTS) \ - hxtool-commands.c hxtool-commands.h *.tmp \ - request.out \ - out.pem out2.pem \ - sd.data sd.data.out \ - ev.data ev.data.out \ - cert-null.pem cert-sub-ca2.pem \ - cert-ee.pem cert-ca.pem \ - cert-sub-ee.pem cert-sub-ca.pem \ - cert-proxy.der cert-ca.der cert-ee.der pkcs10-request.der \ - wca.pem wuser.pem wdc.pem wcrl.crl \ - random-data statfile crl.crl \ - test p11dbg.log pkcs11.cfg \ - test-rc-file.rc - -clean-local: - @echo "cleaning PKITS" ; rm -rf PKITS_data - -# -# regression tests -# - -check_SCRIPTS = $(SCRIPT_TESTS) -check_PROGRAMS = $(PROGRAM_TESTS) test_soft_pkcs11 - -LDADD = libhx509.la - -test_soft_pkcs11_LDADD = libhx509.la -test_soft_pkcs11_CPPFLAGS = -I$(srcdir)/ref - -TESTS = $(SCRIPT_TESTS) $(PROGRAM_TESTS) - -PROGRAM_TESTS = \ - test_name - -SCRIPT_TESTS = \ - test_ca \ - test_cert \ - test_chain \ - test_cms \ - test_crypto \ - test_nist \ - test_nist2 \ - test_pkcs11 \ - test_java_pkcs11 \ - test_nist_cert \ - test_nist_pkcs12 \ - test_req \ - test_windows \ - test_query - -do_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ - -e 's,[@]objdir[@],$(top_builddir)/lib/hx509,g' - -test_ca: test_ca.in Makefile - $(do_subst) < $(srcdir)/test_ca.in > test_ca.tmp - chmod +x test_ca.tmp - mv test_ca.tmp test_ca - -test_cert: test_cert.in Makefile - $(do_subst) < $(srcdir)/test_cert.in > test_cert.tmp - chmod +x test_cert.tmp - mv test_cert.tmp test_cert - -test_chain: test_chain.in Makefile - $(do_subst) < $(srcdir)/test_chain.in > test_chain.tmp - chmod +x test_chain.tmp - mv test_chain.tmp test_chain - -test_cms: test_cms.in Makefile - $(do_subst) < $(srcdir)/test_cms.in > test_cms.tmp - chmod +x test_cms.tmp - mv test_cms.tmp test_cms - -test_crypto: test_crypto.in Makefile - $(do_subst) < $(srcdir)/test_crypto.in > test_crypto.tmp - chmod +x test_crypto.tmp - mv test_crypto.tmp test_crypto - -test_nist: test_nist.in Makefile - $(do_subst) < $(srcdir)/test_nist.in > test_nist.tmp - chmod +x test_nist.tmp - mv test_nist.tmp test_nist - -test_nist2: test_nist2.in Makefile - $(do_subst) < $(srcdir)/test_nist2.in > test_nist2.tmp - chmod +x test_nist2.tmp - mv test_nist2.tmp test_nist2 - -test_pkcs11: test_pkcs11.in Makefile - $(do_subst) < $(srcdir)/test_pkcs11.in > test_pkcs11.tmp - chmod +x test_pkcs11.tmp - mv test_pkcs11.tmp test_pkcs11 - -test_java_pkcs11: test_java_pkcs11.in Makefile - $(do_subst) < $(srcdir)/test_java_pkcs11.in > test_java_pkcs11.tmp - chmod +x test_java_pkcs11.tmp - mv test_java_pkcs11.tmp test_java_pkcs11 - -test_nist_cert: test_nist_cert.in Makefile - $(do_subst) < $(srcdir)/test_nist_cert.in > test_nist_cert.tmp - chmod +x test_nist_cert.tmp - mv test_nist_cert.tmp test_nist_cert - -test_nist_pkcs12: test_nist_pkcs12.in Makefile - $(do_subst) < $(srcdir)/test_nist_pkcs12.in > test_nist_pkcs12.tmp - chmod +x test_nist_pkcs12.tmp - mv test_nist_pkcs12.tmp test_nist_pkcs12 - -test_req: test_req.in Makefile - $(do_subst) < $(srcdir)/test_req.in > test_req.tmp - chmod +x test_req.tmp - mv test_req.tmp test_req - -test_windows: test_windows.in Makefile - $(do_subst) < $(srcdir)/test_windows.in > test_windows.tmp - chmod +x test_windows.tmp - mv test_windows.tmp test_windows - -test_query: test_query.in Makefile - $(do_subst) < $(srcdir)/test_query.in > test_query.tmp - chmod +x test_query.tmp - mv test_query.tmp test_query - -EXTRA_DIST = \ - version-script.map \ - crmf.asn1 \ - data/bleichenbacher-bad.pem \ - hx509_err.et \ - hxtool-commands.in \ - ocsp.asn1 \ - pkcs10.asn1 \ - test_ca.in \ - test_chain.in \ - test_cert.in \ - test_cms.in \ - test_crypto.in \ - test_nist.in \ - test_nist2.in \ - test_nist_cert.in \ - test_nist_pkcs12.in \ - test_pkcs11.in \ - test_java_pkcs11.in \ - test_query.in \ - test_req.in \ - test_windows.in \ - tst-crypto-available1 \ - tst-crypto-available2 \ - tst-crypto-available3 \ - tst-crypto-select \ - tst-crypto-select1 \ - tst-crypto-select2 \ - tst-crypto-select3 \ - tst-crypto-select4 \ - tst-crypto-select5 \ - tst-crypto-select6 \ - tst-crypto-select7 \ - data/bleichenbacher-good.pem \ - data/bleichenbacher-sf-pad-correct.pem \ - data/ca.crt \ - data/ca.key \ - data/crl1.crl \ - data/crl1.der \ - data/gen-req.sh \ - data/j.pem \ - data/kdc.crt \ - data/kdc.key \ - data/key.der \ - data/key2.der \ - data/nist-data \ - data/nist-data2 \ - data/no-proxy-test.crt \ - data/no-proxy-test.key \ - data/ocsp-req1.der \ - data/ocsp-req2.der \ - data/ocsp-resp1-2.der \ - data/ocsp-resp1-3.der \ - data/ocsp-resp1-ca.der \ - data/ocsp-resp1-keyhash.der \ - data/ocsp-resp1-ocsp-no-cert.der \ - data/ocsp-resp1-ocsp.der \ - data/ocsp-resp1.der \ - data/ocsp-resp2.der \ - data/ocsp-responder.crt \ - data/ocsp-responder.key \ - data/openssl.cnf \ - data/pkinit-proxy-chain.crt \ - data/pkinit-proxy.crt \ - data/pkinit-proxy.key \ - data/pkinit-pw.key \ - data/pkinit.crt \ - data/pkinit.key \ - data/proxy-level-test.crt \ - data/proxy-level-test.key \ - data/proxy-test.crt \ - data/proxy-test.key \ - data/proxy10-child-test.crt \ - data/proxy10-child-test.key \ - data/proxy10-child-child-test.crt \ - data/proxy10-child-child-test.key \ - data/proxy10-test.crt \ - data/proxy10-test.key \ - data/revoke.crt \ - data/revoke.key \ - data/sf-class2-root.pem \ - data/static-file \ - data/sub-ca.crt \ - data/sub-ca.key \ - data/sub-cert.crt \ - data/sub-cert.key \ - data/sub-cert.p12 \ - data/test-ds-only.crt \ - data/test-ds-only.key \ - data/test-enveloped-aes-128 \ - data/test-enveloped-aes-256 \ - data/test-enveloped-des \ - data/test-enveloped-des-ede3 \ - data/test-enveloped-rc2-128 \ - data/test-enveloped-rc2-40 \ - data/test-enveloped-rc2-64 \ - data/test-ke-only.crt \ - data/test-ke-only.key \ - data/test-nopw.p12 \ - data/test-pw.key \ - data/test-signed-data \ - data/test-signed-data-noattr \ - data/test-signed-data-noattr-nocerts \ - data/test.combined.crt \ - data/test.crt \ - data/test.key \ - data/test.p12 \ - data/yutaka-pad-broken-ca.pem \ - data/yutaka-pad-broken-cert.pem \ - data/yutaka-pad-ok-ca.pem \ - data/yutaka-pad-ok-cert.pem \ - data/yutaka-pad.key diff --git a/crypto/heimdal/lib/hx509/Makefile.in b/crypto/heimdal/lib/hx509/Makefile.in deleted file mode 100644 index b564a4903061..000000000000 --- a/crypto/heimdal/lib/hx509/Makefile.in +++ /dev/null @@ -1,1530 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22459 2008-01-15 21:46:20Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - - - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(dist_include_HEADERS) $(srcdir)/Makefile.am \ - $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog TODO -@FRAMEWORK_SECURITY_TRUE@am__append_1 = -framework Security -framework CoreFoundation -@versionscript_TRUE@am__append_2 = $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map -bin_PROGRAMS = hxtool$(EXEEXT) -check_PROGRAMS = $(am__EXEEXT_1) test_soft_pkcs11$(EXEEXT) -TESTS = $(SCRIPT_TESTS) $(am__EXEEXT_1) -subdir = lib/hx509 -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" \ - "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) -LTLIBRARIES = $(lib_LTLIBRARIES) -am__DEPENDENCIES_1 = -libhx509_la_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -dist_libhx509_la_OBJECTS = libhx509_la-ca.lo libhx509_la-cert.lo \ - libhx509_la-cms.lo libhx509_la-collector.lo \ - libhx509_la-crypto.lo libhx509_la-doxygen.lo \ - libhx509_la-error.lo libhx509_la-env.lo libhx509_la-file.lo \ - libhx509_la-keyset.lo libhx509_la-ks_dir.lo \ - libhx509_la-ks_file.lo libhx509_la-ks_mem.lo \ - libhx509_la-ks_null.lo libhx509_la-ks_p11.lo \ - libhx509_la-ks_p12.lo libhx509_la-ks_keychain.lo \ - libhx509_la-lock.lo libhx509_la-name.lo libhx509_la-peer.lo \ - libhx509_la-print.lo libhx509_la-softp11.lo libhx509_la-req.lo \ - libhx509_la-revoke.lo -am__objects_1 = libhx509_la-asn1_OCSPBasicOCSPResponse.lo \ - libhx509_la-asn1_OCSPCertID.lo \ - libhx509_la-asn1_OCSPCertStatus.lo \ - libhx509_la-asn1_OCSPInnerRequest.lo \ - libhx509_la-asn1_OCSPKeyHash.lo \ - libhx509_la-asn1_OCSPRequest.lo \ - libhx509_la-asn1_OCSPResponderID.lo \ - libhx509_la-asn1_OCSPResponse.lo \ - libhx509_la-asn1_OCSPResponseBytes.lo \ - libhx509_la-asn1_OCSPResponseData.lo \ - libhx509_la-asn1_OCSPResponseStatus.lo \ - libhx509_la-asn1_OCSPSignature.lo \ - libhx509_la-asn1_OCSPSingleResponse.lo \ - libhx509_la-asn1_OCSPTBSRequest.lo \ - libhx509_la-asn1_OCSPVersion.lo \ - libhx509_la-asn1_id_pkix_ocsp.lo \ - libhx509_la-asn1_id_pkix_ocsp_basic.lo \ - libhx509_la-asn1_id_pkix_ocsp_nonce.lo -am__objects_2 = libhx509_la-asn1_CertificationRequestInfo.lo \ - libhx509_la-asn1_CertificationRequest.lo -am__objects_3 = $(am__objects_1) $(am__objects_2) \ - libhx509_la-hx509_err.lo -nodist_libhx509_la_OBJECTS = $(am__objects_3) -libhx509_la_OBJECTS = $(dist_libhx509_la_OBJECTS) \ - $(nodist_libhx509_la_OBJECTS) -libhx509_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(libhx509_la_LDFLAGS) $(LDFLAGS) -o $@ -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -am__EXEEXT_1 = test_name$(EXEEXT) -PROGRAMS = $(bin_PROGRAMS) -dist_hxtool_OBJECTS = hxtool-hxtool.$(OBJEXT) -nodist_hxtool_OBJECTS = hxtool-hxtool-commands.$(OBJEXT) -hxtool_OBJECTS = $(dist_hxtool_OBJECTS) $(nodist_hxtool_OBJECTS) -hxtool_DEPENDENCIES = libhx509.la $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/sl/libsl.la -test_name_SOURCES = test_name.c -test_name_OBJECTS = test_name.$(OBJEXT) -test_name_LDADD = $(LDADD) -test_name_DEPENDENCIES = libhx509.la -test_soft_pkcs11_SOURCES = test_soft_pkcs11.c -test_soft_pkcs11_OBJECTS = \ - test_soft_pkcs11-test_soft_pkcs11.$(OBJEXT) -test_soft_pkcs11_DEPENDENCIES = libhx509.la -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(dist_libhx509_la_SOURCES) $(nodist_libhx509_la_SOURCES) \ - $(dist_hxtool_SOURCES) $(nodist_hxtool_SOURCES) test_name.c \ - test_soft_pkcs11.c -DIST_SOURCES = $(dist_libhx509_la_SOURCES) $(dist_hxtool_SOURCES) \ - test_name.c test_soft_pkcs11.c -dist_includeHEADERS_INSTALL = $(INSTALL_HEADER) -nodist_includeHEADERS_INSTALL = $(INSTALL_HEADER) -HEADERS = $(dist_include_HEADERS) $(nodist_include_HEADERS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -lib_LTLIBRARIES = libhx509.la -libhx509_la_LDFLAGS = -version-info 3:0:0 $(am__append_1) \ - $(am__append_2) -BUILT_SOURCES = \ - $(gen_files_ocsp:.x=.c) \ - $(gen_files_pkcs10:.x=.c) \ - hx509_err.c \ - hx509_err.h - -gen_files_ocsp = \ - asn1_OCSPBasicOCSPResponse.x \ - asn1_OCSPCertID.x \ - asn1_OCSPCertStatus.x \ - asn1_OCSPInnerRequest.x \ - asn1_OCSPKeyHash.x \ - asn1_OCSPRequest.x \ - asn1_OCSPResponderID.x \ - asn1_OCSPResponse.x \ - asn1_OCSPResponseBytes.x \ - asn1_OCSPResponseData.x \ - asn1_OCSPResponseStatus.x \ - asn1_OCSPSignature.x \ - asn1_OCSPSingleResponse.x \ - asn1_OCSPTBSRequest.x \ - asn1_OCSPVersion.x \ - asn1_id_pkix_ocsp.x \ - asn1_id_pkix_ocsp_basic.x \ - asn1_id_pkix_ocsp_nonce.x - -gen_files_pkcs10 = \ - asn1_CertificationRequestInfo.x \ - asn1_CertificationRequest.x - -gen_files_crmf = \ - asn1_CRMFRDNSequence.x \ - asn1_CertReqMessages.x \ - asn1_CertReqMsg.x \ - asn1_CertRequest.x \ - asn1_CertTemplate.x \ - asn1_Controls.x \ - asn1_PBMParameter.x \ - asn1_PKMACValue.x \ - asn1_POPOPrivKey.x \ - asn1_POPOSigningKey.x \ - asn1_POPOSigningKeyInput.x \ - asn1_ProofOfPossession.x \ - asn1_SubsequentMessage.x - -dist_libhx509_la_SOURCES = \ - ca.c \ - cert.c \ - cms.c \ - collector.c \ - crypto.c \ - doxygen.c \ - error.c \ - env.c \ - file.c \ - hx509-private.h \ - hx509-protos.h \ - hx509.h \ - hx_locl.h \ - keyset.c \ - ks_dir.c \ - ks_file.c \ - ks_mem.c \ - ks_null.c \ - ks_p11.c \ - ks_p12.c \ - ks_keychain.c \ - lock.c \ - name.c \ - peer.c \ - print.c \ - softp11.c \ - ref/pkcs11.h \ - req.c \ - revoke.c - -libhx509_la_LIBADD = \ - $(LIB_com_err) \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIBADD_roken) \ - $(LIB_dlopen) - -libhx509_la_CPPFLAGS = -I$(srcdir)/ref $(INCLUDE_hcrypto) -nodist_libhx509_la_SOURCES = $(BUILT_SOURCES) -asn1_compile = ../asn1/asn1_compile$(EXEEXT) -dist_include_HEADERS = hx509.h hx509-protos.h -nodist_include_HEADERS = hx509_err.h -SLC = $(top_builddir)/lib/sl/slc -dist_hxtool_SOURCES = hxtool.c -nodist_hxtool_SOURCES = hxtool-commands.c hxtool-commands.h -hxtool_CPPFLAGS = $(INCLUDE_hcrypto) -hxtool_LDADD = \ - libhx509.la \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_hcrypto) \ - $(LIB_roken) \ - $(top_builddir)/lib/sl/libsl.la - -CLEANFILES = $(BUILT_SOURCES) \ - $(gen_files_ocsp) ocsp_asn1_files ocsp_asn1.h \ - $(gen_files_pkcs10) pkcs10_asn1_files pkcs10_asn1.h \ - $(gen_files_crmf) crmf_asn1_files crmf_asn1.h \ - $(TESTS) \ - hxtool-commands.c hxtool-commands.h *.tmp \ - request.out \ - out.pem out2.pem \ - sd.data sd.data.out \ - ev.data ev.data.out \ - cert-null.pem cert-sub-ca2.pem \ - cert-ee.pem cert-ca.pem \ - cert-sub-ee.pem cert-sub-ca.pem \ - cert-proxy.der cert-ca.der cert-ee.der pkcs10-request.der \ - wca.pem wuser.pem wdc.pem wcrl.crl \ - random-data statfile crl.crl \ - test p11dbg.log pkcs11.cfg \ - test-rc-file.rc - - -# -# regression tests -# -check_SCRIPTS = $(SCRIPT_TESTS) -LDADD = libhx509.la -test_soft_pkcs11_LDADD = libhx509.la -test_soft_pkcs11_CPPFLAGS = -I$(srcdir)/ref -PROGRAM_TESTS = \ - test_name - -SCRIPT_TESTS = \ - test_ca \ - test_cert \ - test_chain \ - test_cms \ - test_crypto \ - test_nist \ - test_nist2 \ - test_pkcs11 \ - test_java_pkcs11 \ - test_nist_cert \ - test_nist_pkcs12 \ - test_req \ - test_windows \ - test_query - -do_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ - -e 's,[@]objdir[@],$(top_builddir)/lib/hx509,g' - -EXTRA_DIST = \ - version-script.map \ - crmf.asn1 \ - data/bleichenbacher-bad.pem \ - hx509_err.et \ - hxtool-commands.in \ - ocsp.asn1 \ - pkcs10.asn1 \ - test_ca.in \ - test_chain.in \ - test_cert.in \ - test_cms.in \ - test_crypto.in \ - test_nist.in \ - test_nist2.in \ - test_nist_cert.in \ - test_nist_pkcs12.in \ - test_pkcs11.in \ - test_java_pkcs11.in \ - test_query.in \ - test_req.in \ - test_windows.in \ - tst-crypto-available1 \ - tst-crypto-available2 \ - tst-crypto-available3 \ - tst-crypto-select \ - tst-crypto-select1 \ - tst-crypto-select2 \ - tst-crypto-select3 \ - tst-crypto-select4 \ - tst-crypto-select5 \ - tst-crypto-select6 \ - tst-crypto-select7 \ - data/bleichenbacher-good.pem \ - data/bleichenbacher-sf-pad-correct.pem \ - data/ca.crt \ - data/ca.key \ - data/crl1.crl \ - data/crl1.der \ - data/gen-req.sh \ - data/j.pem \ - data/kdc.crt \ - data/kdc.key \ - data/key.der \ - data/key2.der \ - data/nist-data \ - data/nist-data2 \ - data/no-proxy-test.crt \ - data/no-proxy-test.key \ - data/ocsp-req1.der \ - data/ocsp-req2.der \ - data/ocsp-resp1-2.der \ - data/ocsp-resp1-3.der \ - data/ocsp-resp1-ca.der \ - data/ocsp-resp1-keyhash.der \ - data/ocsp-resp1-ocsp-no-cert.der \ - data/ocsp-resp1-ocsp.der \ - data/ocsp-resp1.der \ - data/ocsp-resp2.der \ - data/ocsp-responder.crt \ - data/ocsp-responder.key \ - data/openssl.cnf \ - data/pkinit-proxy-chain.crt \ - data/pkinit-proxy.crt \ - data/pkinit-proxy.key \ - data/pkinit-pw.key \ - data/pkinit.crt \ - data/pkinit.key \ - data/proxy-level-test.crt \ - data/proxy-level-test.key \ - data/proxy-test.crt \ - data/proxy-test.key \ - data/proxy10-child-test.crt \ - data/proxy10-child-test.key \ - data/proxy10-child-child-test.crt \ - data/proxy10-child-child-test.key \ - data/proxy10-test.crt \ - data/proxy10-test.key \ - data/revoke.crt \ - data/revoke.key \ - data/sf-class2-root.pem \ - data/static-file \ - data/sub-ca.crt \ - data/sub-ca.key \ - data/sub-cert.crt \ - data/sub-cert.key \ - data/sub-cert.p12 \ - data/test-ds-only.crt \ - data/test-ds-only.key \ - data/test-enveloped-aes-128 \ - data/test-enveloped-aes-256 \ - data/test-enveloped-des \ - data/test-enveloped-des-ede3 \ - data/test-enveloped-rc2-128 \ - data/test-enveloped-rc2-40 \ - data/test-enveloped-rc2-64 \ - data/test-ke-only.crt \ - data/test-ke-only.key \ - data/test-nopw.p12 \ - data/test-pw.key \ - data/test-signed-data \ - data/test-signed-data-noattr \ - data/test-signed-data-noattr-nocerts \ - data/test.combined.crt \ - data/test.crt \ - data/test.key \ - data/test.p12 \ - data/yutaka-pad-broken-ca.pem \ - data/yutaka-pad-broken-cert.pem \ - data/yutaka-pad-ok-ca.pem \ - data/yutaka-pad-ok-cert.pem \ - data/yutaka-pad.key - -all: $(BUILT_SOURCES) - $(MAKE) $(AM_MAKEFLAGS) all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/hx509/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/hx509/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-libLTLIBRARIES: $(lib_LTLIBRARIES) - @$(NORMAL_INSTALL) - test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ - else :; fi; \ - done - -uninstall-libLTLIBRARIES: - @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ - done - -clean-libLTLIBRARIES: - -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done -libhx509.la: $(libhx509_la_OBJECTS) $(libhx509_la_DEPENDENCIES) - $(libhx509_la_LINK) -rpath $(libdir) $(libhx509_la_OBJECTS) $(libhx509_la_LIBADD) $(LIBS) -install-binPROGRAMS: $(bin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-binPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done - -clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done - -clean-checkPROGRAMS: - @list='$(check_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -hxtool$(EXEEXT): $(hxtool_OBJECTS) $(hxtool_DEPENDENCIES) - @rm -f hxtool$(EXEEXT) - $(LINK) $(hxtool_OBJECTS) $(hxtool_LDADD) $(LIBS) -test_name$(EXEEXT): $(test_name_OBJECTS) $(test_name_DEPENDENCIES) - @rm -f test_name$(EXEEXT) - $(LINK) $(test_name_OBJECTS) $(test_name_LDADD) $(LIBS) -test_soft_pkcs11$(EXEEXT): $(test_soft_pkcs11_OBJECTS) $(test_soft_pkcs11_DEPENDENCIES) - @rm -f test_soft_pkcs11$(EXEEXT) - $(LINK) $(test_soft_pkcs11_OBJECTS) $(test_soft_pkcs11_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -libhx509_la-ca.lo: ca.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ca.lo `test -f 'ca.c' || echo '$(srcdir)/'`ca.c - -libhx509_la-cert.lo: cert.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-cert.lo `test -f 'cert.c' || echo '$(srcdir)/'`cert.c - -libhx509_la-cms.lo: cms.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-cms.lo `test -f 'cms.c' || echo '$(srcdir)/'`cms.c - -libhx509_la-collector.lo: collector.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-collector.lo `test -f 'collector.c' || echo '$(srcdir)/'`collector.c - -libhx509_la-crypto.lo: crypto.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c - -libhx509_la-doxygen.lo: doxygen.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-doxygen.lo `test -f 'doxygen.c' || echo '$(srcdir)/'`doxygen.c - -libhx509_la-error.lo: error.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-error.lo `test -f 'error.c' || echo '$(srcdir)/'`error.c - -libhx509_la-env.lo: env.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-env.lo `test -f 'env.c' || echo '$(srcdir)/'`env.c - -libhx509_la-file.lo: file.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-file.lo `test -f 'file.c' || echo '$(srcdir)/'`file.c - -libhx509_la-keyset.lo: keyset.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-keyset.lo `test -f 'keyset.c' || echo '$(srcdir)/'`keyset.c - -libhx509_la-ks_dir.lo: ks_dir.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_dir.lo `test -f 'ks_dir.c' || echo '$(srcdir)/'`ks_dir.c - -libhx509_la-ks_file.lo: ks_file.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_file.lo `test -f 'ks_file.c' || echo '$(srcdir)/'`ks_file.c - -libhx509_la-ks_mem.lo: ks_mem.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_mem.lo `test -f 'ks_mem.c' || echo '$(srcdir)/'`ks_mem.c - -libhx509_la-ks_null.lo: ks_null.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_null.lo `test -f 'ks_null.c' || echo '$(srcdir)/'`ks_null.c - -libhx509_la-ks_p11.lo: ks_p11.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_p11.lo `test -f 'ks_p11.c' || echo '$(srcdir)/'`ks_p11.c - -libhx509_la-ks_p12.lo: ks_p12.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_p12.lo `test -f 'ks_p12.c' || echo '$(srcdir)/'`ks_p12.c - -libhx509_la-ks_keychain.lo: ks_keychain.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-ks_keychain.lo `test -f 'ks_keychain.c' || echo '$(srcdir)/'`ks_keychain.c - -libhx509_la-lock.lo: lock.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-lock.lo `test -f 'lock.c' || echo '$(srcdir)/'`lock.c - -libhx509_la-name.lo: name.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-name.lo `test -f 'name.c' || echo '$(srcdir)/'`name.c - -libhx509_la-peer.lo: peer.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-peer.lo `test -f 'peer.c' || echo '$(srcdir)/'`peer.c - -libhx509_la-print.lo: print.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-print.lo `test -f 'print.c' || echo '$(srcdir)/'`print.c - -libhx509_la-softp11.lo: softp11.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-softp11.lo `test -f 'softp11.c' || echo '$(srcdir)/'`softp11.c - -libhx509_la-req.lo: req.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-req.lo `test -f 'req.c' || echo '$(srcdir)/'`req.c - -libhx509_la-revoke.lo: revoke.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-revoke.lo `test -f 'revoke.c' || echo '$(srcdir)/'`revoke.c - -libhx509_la-asn1_OCSPBasicOCSPResponse.lo: asn1_OCSPBasicOCSPResponse.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPBasicOCSPResponse.lo `test -f 'asn1_OCSPBasicOCSPResponse.c' || echo '$(srcdir)/'`asn1_OCSPBasicOCSPResponse.c - -libhx509_la-asn1_OCSPCertID.lo: asn1_OCSPCertID.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPCertID.lo `test -f 'asn1_OCSPCertID.c' || echo '$(srcdir)/'`asn1_OCSPCertID.c - -libhx509_la-asn1_OCSPCertStatus.lo: asn1_OCSPCertStatus.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPCertStatus.lo `test -f 'asn1_OCSPCertStatus.c' || echo '$(srcdir)/'`asn1_OCSPCertStatus.c - -libhx509_la-asn1_OCSPInnerRequest.lo: asn1_OCSPInnerRequest.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPInnerRequest.lo `test -f 'asn1_OCSPInnerRequest.c' || echo '$(srcdir)/'`asn1_OCSPInnerRequest.c - -libhx509_la-asn1_OCSPKeyHash.lo: asn1_OCSPKeyHash.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPKeyHash.lo `test -f 'asn1_OCSPKeyHash.c' || echo '$(srcdir)/'`asn1_OCSPKeyHash.c - -libhx509_la-asn1_OCSPRequest.lo: asn1_OCSPRequest.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPRequest.lo `test -f 'asn1_OCSPRequest.c' || echo '$(srcdir)/'`asn1_OCSPRequest.c - -libhx509_la-asn1_OCSPResponderID.lo: asn1_OCSPResponderID.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPResponderID.lo `test -f 'asn1_OCSPResponderID.c' || echo '$(srcdir)/'`asn1_OCSPResponderID.c - -libhx509_la-asn1_OCSPResponse.lo: asn1_OCSPResponse.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPResponse.lo `test -f 'asn1_OCSPResponse.c' || echo '$(srcdir)/'`asn1_OCSPResponse.c - -libhx509_la-asn1_OCSPResponseBytes.lo: asn1_OCSPResponseBytes.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPResponseBytes.lo `test -f 'asn1_OCSPResponseBytes.c' || echo '$(srcdir)/'`asn1_OCSPResponseBytes.c - -libhx509_la-asn1_OCSPResponseData.lo: asn1_OCSPResponseData.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPResponseData.lo `test -f 'asn1_OCSPResponseData.c' || echo '$(srcdir)/'`asn1_OCSPResponseData.c - -libhx509_la-asn1_OCSPResponseStatus.lo: asn1_OCSPResponseStatus.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPResponseStatus.lo `test -f 'asn1_OCSPResponseStatus.c' || echo '$(srcdir)/'`asn1_OCSPResponseStatus.c - -libhx509_la-asn1_OCSPSignature.lo: asn1_OCSPSignature.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPSignature.lo `test -f 'asn1_OCSPSignature.c' || echo '$(srcdir)/'`asn1_OCSPSignature.c - -libhx509_la-asn1_OCSPSingleResponse.lo: asn1_OCSPSingleResponse.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPSingleResponse.lo `test -f 'asn1_OCSPSingleResponse.c' || echo '$(srcdir)/'`asn1_OCSPSingleResponse.c - -libhx509_la-asn1_OCSPTBSRequest.lo: asn1_OCSPTBSRequest.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPTBSRequest.lo `test -f 'asn1_OCSPTBSRequest.c' || echo '$(srcdir)/'`asn1_OCSPTBSRequest.c - -libhx509_la-asn1_OCSPVersion.lo: asn1_OCSPVersion.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_OCSPVersion.lo `test -f 'asn1_OCSPVersion.c' || echo '$(srcdir)/'`asn1_OCSPVersion.c - -libhx509_la-asn1_id_pkix_ocsp.lo: asn1_id_pkix_ocsp.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_id_pkix_ocsp.lo `test -f 'asn1_id_pkix_ocsp.c' || echo '$(srcdir)/'`asn1_id_pkix_ocsp.c - -libhx509_la-asn1_id_pkix_ocsp_basic.lo: asn1_id_pkix_ocsp_basic.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_id_pkix_ocsp_basic.lo `test -f 'asn1_id_pkix_ocsp_basic.c' || echo '$(srcdir)/'`asn1_id_pkix_ocsp_basic.c - -libhx509_la-asn1_id_pkix_ocsp_nonce.lo: asn1_id_pkix_ocsp_nonce.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_id_pkix_ocsp_nonce.lo `test -f 'asn1_id_pkix_ocsp_nonce.c' || echo '$(srcdir)/'`asn1_id_pkix_ocsp_nonce.c - -libhx509_la-asn1_CertificationRequestInfo.lo: asn1_CertificationRequestInfo.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_CertificationRequestInfo.lo `test -f 'asn1_CertificationRequestInfo.c' || echo '$(srcdir)/'`asn1_CertificationRequestInfo.c - -libhx509_la-asn1_CertificationRequest.lo: asn1_CertificationRequest.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-asn1_CertificationRequest.lo `test -f 'asn1_CertificationRequest.c' || echo '$(srcdir)/'`asn1_CertificationRequest.c - -libhx509_la-hx509_err.lo: hx509_err.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libhx509_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libhx509_la-hx509_err.lo `test -f 'hx509_err.c' || echo '$(srcdir)/'`hx509_err.c - -hxtool-hxtool.o: hxtool.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(hxtool_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hxtool-hxtool.o `test -f 'hxtool.c' || echo '$(srcdir)/'`hxtool.c - -hxtool-hxtool.obj: hxtool.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(hxtool_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hxtool-hxtool.obj `if test -f 'hxtool.c'; then $(CYGPATH_W) 'hxtool.c'; else $(CYGPATH_W) '$(srcdir)/hxtool.c'; fi` - -hxtool-hxtool-commands.o: hxtool-commands.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(hxtool_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hxtool-hxtool-commands.o `test -f 'hxtool-commands.c' || echo '$(srcdir)/'`hxtool-commands.c - -hxtool-hxtool-commands.obj: hxtool-commands.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(hxtool_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hxtool-hxtool-commands.obj `if test -f 'hxtool-commands.c'; then $(CYGPATH_W) 'hxtool-commands.c'; else $(CYGPATH_W) '$(srcdir)/hxtool-commands.c'; fi` - -test_soft_pkcs11-test_soft_pkcs11.o: test_soft_pkcs11.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(test_soft_pkcs11_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o test_soft_pkcs11-test_soft_pkcs11.o `test -f 'test_soft_pkcs11.c' || echo '$(srcdir)/'`test_soft_pkcs11.c - -test_soft_pkcs11-test_soft_pkcs11.obj: test_soft_pkcs11.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(test_soft_pkcs11_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o test_soft_pkcs11-test_soft_pkcs11.obj `if test -f 'test_soft_pkcs11.c'; then $(CYGPATH_W) 'test_soft_pkcs11.c'; else $(CYGPATH_W) '$(srcdir)/test_soft_pkcs11.c'; fi` - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-dist_includeHEADERS: $(dist_include_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(dist_include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(dist_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(dist_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ - done - -uninstall-dist_includeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(dist_include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done -install-nodist_includeHEADERS: $(nodist_include_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(nodist_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(nodist_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ - done - -uninstall-nodist_includeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ - srcdir=$(srcdir); export srcdir; \ - list=' $(TESTS) '; \ - if test -n "$$list"; then \ - for tst in $$list; do \ - if test -f ./$$tst; then dir=./; \ - elif test -f $$tst; then dir=; \ - else dir="$(srcdir)/"; fi; \ - if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xpass=`expr $$xpass + 1`; \ - failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ - ;; \ - *) \ - echo "PASS: $$tst"; \ - ;; \ - esac; \ - elif test $$? -ne 77; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ - ;; \ - *) \ - failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ - ;; \ - esac; \ - else \ - skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ - fi; \ - else \ - if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ - else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ - fi; \ - fi; \ - dashes="$$banner"; \ - skipped=""; \ - if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ - test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$skipped"; \ - fi; \ - report=""; \ - if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ - report="Please report to $(PACKAGE_BUGREPORT)"; \ - test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$report"; \ - fi; \ - dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - test -z "$$skipped" || echo "$$skipped"; \ - test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0; \ - else :; fi - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) $(check_SCRIPTS) - $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local -check: $(BUILT_SOURCES) - $(MAKE) $(AM_MAKEFLAGS) check-am -all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local -install-binPROGRAMS: install-libLTLIBRARIES - -installdirs: - for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: $(BUILT_SOURCES) - $(MAKE) $(AM_MAKEFLAGS) install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." - -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) -clean: clean-am - -clean-am: clean-binPROGRAMS clean-checkPROGRAMS clean-generic \ - clean-libLTLIBRARIES clean-libtool clean-local mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-dist_includeHEADERS \ - install-nodist_includeHEADERS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-binPROGRAMS install-libLTLIBRARIES - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-binPROGRAMS uninstall-dist_includeHEADERS \ - uninstall-libLTLIBRARIES uninstall-nodist_includeHEADERS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \ - check-local clean clean-binPROGRAMS clean-checkPROGRAMS \ - clean-generic clean-libLTLIBRARIES clean-libtool clean-local \ - ctags dist-hook distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-binPROGRAMS \ - install-data install-data-am install-data-hook \ - install-dist_includeHEADERS install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am \ - install-libLTLIBRARIES install-man \ - install-nodist_includeHEADERS install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-binPROGRAMS \ - uninstall-dist_includeHEADERS uninstall-hook \ - uninstall-libLTLIBRARIES uninstall-nodist_includeHEADERS - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -$(libhx509_la_OBJECTS): $(srcdir)/version-script.map - -$(gen_files_ocsp) ocsp_asn1.h: ocsp_asn1_files -$(gen_files_pkcs10) pkcs10_asn1.h: pkcs10_asn1_files -$(gen_files_crmf) crmf_asn1.h: crmf_asn1_files - -ocsp_asn1_files: $(asn1_compile) $(srcdir)/ocsp.asn1 - $(asn1_compile) --preserve-binary=OCSPTBSRequest --preserve-binary=OCSPResponseData $(srcdir)/ocsp.asn1 ocsp_asn1 || (rm -f ocsp_asn1_files ; exit 1) - -pkcs10_asn1_files: $(asn1_compile) $(srcdir)/pkcs10.asn1 - $(asn1_compile) --preserve-binary=CertificationRequestInfo $(srcdir)/pkcs10.asn1 pkcs10_asn1 || (rm -f pkcs10_asn1_files ; exit 1) - -crmf_asn1_files: $(asn1_compile) $(srcdir)/crmf.asn1 - $(asn1_compile) $(srcdir)/crmf.asn1 crmf_asn1 || (rm -f crmf_asn1_files ; exit 1) - -$(libhx509_la_OBJECTS): $(srcdir)/hx509-protos.h $(srcdir)/hx509-private.h - -$(srcdir)/hx509-protos.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -R '^(_|^C)' -E HX509_LIB_FUNCTION -q -P comment -o hx509-protos.h $(dist_libhx509_la_SOURCES) || rm -f hx509-protos.h - -$(srcdir)/hx509-private.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p hx509-private.h $(dist_libhx509_la_SOURCES) || rm -f hx509-private.h - -hxtool-commands.c hxtool-commands.h: hxtool-commands.in $(SLC) - $(SLC) $(srcdir)/hxtool-commands.in - -$(hxtool_OBJECTS): hxtool-commands.h - -clean-local: - @echo "cleaning PKITS" ; rm -rf PKITS_data - -test_ca: test_ca.in Makefile - $(do_subst) < $(srcdir)/test_ca.in > test_ca.tmp - chmod +x test_ca.tmp - mv test_ca.tmp test_ca - -test_cert: test_cert.in Makefile - $(do_subst) < $(srcdir)/test_cert.in > test_cert.tmp - chmod +x test_cert.tmp - mv test_cert.tmp test_cert - -test_chain: test_chain.in Makefile - $(do_subst) < $(srcdir)/test_chain.in > test_chain.tmp - chmod +x test_chain.tmp - mv test_chain.tmp test_chain - -test_cms: test_cms.in Makefile - $(do_subst) < $(srcdir)/test_cms.in > test_cms.tmp - chmod +x test_cms.tmp - mv test_cms.tmp test_cms - -test_crypto: test_crypto.in Makefile - $(do_subst) < $(srcdir)/test_crypto.in > test_crypto.tmp - chmod +x test_crypto.tmp - mv test_crypto.tmp test_crypto - -test_nist: test_nist.in Makefile - $(do_subst) < $(srcdir)/test_nist.in > test_nist.tmp - chmod +x test_nist.tmp - mv test_nist.tmp test_nist - -test_nist2: test_nist2.in Makefile - $(do_subst) < $(srcdir)/test_nist2.in > test_nist2.tmp - chmod +x test_nist2.tmp - mv test_nist2.tmp test_nist2 - -test_pkcs11: test_pkcs11.in Makefile - $(do_subst) < $(srcdir)/test_pkcs11.in > test_pkcs11.tmp - chmod +x test_pkcs11.tmp - mv test_pkcs11.tmp test_pkcs11 - -test_java_pkcs11: test_java_pkcs11.in Makefile - $(do_subst) < $(srcdir)/test_java_pkcs11.in > test_java_pkcs11.tmp - chmod +x test_java_pkcs11.tmp - mv test_java_pkcs11.tmp test_java_pkcs11 - -test_nist_cert: test_nist_cert.in Makefile - $(do_subst) < $(srcdir)/test_nist_cert.in > test_nist_cert.tmp - chmod +x test_nist_cert.tmp - mv test_nist_cert.tmp test_nist_cert - -test_nist_pkcs12: test_nist_pkcs12.in Makefile - $(do_subst) < $(srcdir)/test_nist_pkcs12.in > test_nist_pkcs12.tmp - chmod +x test_nist_pkcs12.tmp - mv test_nist_pkcs12.tmp test_nist_pkcs12 - -test_req: test_req.in Makefile - $(do_subst) < $(srcdir)/test_req.in > test_req.tmp - chmod +x test_req.tmp - mv test_req.tmp test_req - -test_windows: test_windows.in Makefile - $(do_subst) < $(srcdir)/test_windows.in > test_windows.tmp - chmod +x test_windows.tmp - mv test_windows.tmp test_windows - -test_query: test_query.in Makefile - $(do_subst) < $(srcdir)/test_query.in > test_query.tmp - chmod +x test_query.tmp - mv test_query.tmp test_query -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/lib/hx509/ca.c b/crypto/heimdal/lib/hx509/ca.c deleted file mode 100644 index 40260700b3fa..000000000000 --- a/crypto/heimdal/lib/hx509/ca.c +++ /dev/null @@ -1,1518 +0,0 @@ -/* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -#include -RCSID("$Id: ca.c 22456 2008-01-15 20:22:53Z lha $"); - -/** - * @page page_ca Hx509 CA functions - * - * See the library functions here: @ref hx509_ca - */ - -struct hx509_ca_tbs { - hx509_name subject; - SubjectPublicKeyInfo spki; - ExtKeyUsage eku; - GeneralNames san; - unsigned key_usage; - heim_integer serial; - struct { - unsigned int proxy:1; - unsigned int ca:1; - unsigned int key:1; - unsigned int serial:1; - unsigned int domaincontroller:1; - } flags; - time_t notBefore; - time_t notAfter; - int pathLenConstraint; /* both for CA and Proxy */ - CRLDistributionPoints crldp; -}; - -/** - * Allocate an to-be-signed certificate object that will be converted - * into an certificate. - * - * @param context A hx509 context. - * @param tbs returned to-be-signed certicate object, free with - * hx509_ca_tbs_free(). - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_tbs_init(hx509_context context, hx509_ca_tbs *tbs) -{ - *tbs = calloc(1, sizeof(**tbs)); - if (*tbs == NULL) - return ENOMEM; - - (*tbs)->subject = NULL; - (*tbs)->san.len = 0; - (*tbs)->san.val = NULL; - (*tbs)->eku.len = 0; - (*tbs)->eku.val = NULL; - (*tbs)->pathLenConstraint = 0; - (*tbs)->crldp.len = 0; - (*tbs)->crldp.val = NULL; - - return 0; -} - -/** - * Free an To Be Signed object. - * - * @param tbs object to free. - * - * @ingroup hx509_ca - */ - -void -hx509_ca_tbs_free(hx509_ca_tbs *tbs) -{ - if (tbs == NULL || *tbs == NULL) - return; - - free_SubjectPublicKeyInfo(&(*tbs)->spki); - free_GeneralNames(&(*tbs)->san); - free_ExtKeyUsage(&(*tbs)->eku); - der_free_heim_integer(&(*tbs)->serial); - free_CRLDistributionPoints(&(*tbs)->crldp); - - hx509_name_free(&(*tbs)->subject); - - memset(*tbs, 0, sizeof(**tbs)); - free(*tbs); - *tbs = NULL; -} - -/** - * Set the absolute time when the certificate is valid from. If not - * set the current time will be used. - * - * @param context A hx509 context. - * @param tbs object to be signed. - * @param t time the certificated will start to be valid - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_tbs_set_notBefore(hx509_context context, - hx509_ca_tbs tbs, - time_t t) -{ - tbs->notBefore = t; - return 0; -} - -/** - * Set the absolute time when the certificate is valid to. - * - * @param context A hx509 context. - * @param tbs object to be signed. - * @param t time when the certificate will expire - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_tbs_set_notAfter(hx509_context context, - hx509_ca_tbs tbs, - time_t t) -{ - tbs->notAfter = t; - return 0; -} - -/** - * Set the relative time when the certificiate is going to expire. - * - * @param context A hx509 context. - * @param tbs object to be signed. - * @param delta seconds to the certificate is going to expire. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_tbs_set_notAfter_lifetime(hx509_context context, - hx509_ca_tbs tbs, - time_t delta) -{ - return hx509_ca_tbs_set_notAfter(context, tbs, time(NULL) + delta); -} - -static const struct units templatebits[] = { - { "ExtendedKeyUsage", HX509_CA_TEMPLATE_EKU }, - { "KeyUsage", HX509_CA_TEMPLATE_KU }, - { "SPKI", HX509_CA_TEMPLATE_SPKI }, - { "notAfter", HX509_CA_TEMPLATE_NOTAFTER }, - { "notBefore", HX509_CA_TEMPLATE_NOTBEFORE }, - { "serial", HX509_CA_TEMPLATE_SERIAL }, - { "subject", HX509_CA_TEMPLATE_SUBJECT }, - { NULL, 0 } -}; - -/** - * Make of template units, use to build flags argument to - * hx509_ca_tbs_set_template() with parse_units(). - * - * @return an units structure. - * - * @ingroup hx509_ca - */ - -const struct units * -hx509_ca_tbs_template_units(void) -{ - return templatebits; -} - -/** - * Initialize the to-be-signed certificate object from a template certifiate. - * - * @param context A hx509 context. - * @param tbs object to be signed. - * @param flags bit field selecting what to copy from the template - * certifiate. - * @param cert template certificate. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_tbs_set_template(hx509_context context, - hx509_ca_tbs tbs, - int flags, - hx509_cert cert) -{ - int ret; - - if (flags & HX509_CA_TEMPLATE_SUBJECT) { - if (tbs->subject) - hx509_name_free(&tbs->subject); - ret = hx509_cert_get_subject(cert, &tbs->subject); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to get subject from template"); - return ret; - } - } - if (flags & HX509_CA_TEMPLATE_SERIAL) { - der_free_heim_integer(&tbs->serial); - ret = hx509_cert_get_serialnumber(cert, &tbs->serial); - tbs->flags.serial = !ret; - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to copy serial number"); - return ret; - } - } - if (flags & HX509_CA_TEMPLATE_NOTBEFORE) - tbs->notBefore = hx509_cert_get_notBefore(cert); - if (flags & HX509_CA_TEMPLATE_NOTAFTER) - tbs->notAfter = hx509_cert_get_notAfter(cert); - if (flags & HX509_CA_TEMPLATE_SPKI) { - free_SubjectPublicKeyInfo(&tbs->spki); - ret = hx509_cert_get_SPKI(context, cert, &tbs->spki); - tbs->flags.key = !ret; - if (ret) - return ret; - } - if (flags & HX509_CA_TEMPLATE_KU) { - KeyUsage ku; - ret = _hx509_cert_get_keyusage(context, cert, &ku); - if (ret) - return ret; - tbs->key_usage = KeyUsage2int(ku); - } - if (flags & HX509_CA_TEMPLATE_EKU) { - ExtKeyUsage eku; - int i; - ret = _hx509_cert_get_eku(context, cert, &eku); - if (ret) - return ret; - for (i = 0; i < eku.len; i++) { - ret = hx509_ca_tbs_add_eku(context, tbs, &eku.val[i]); - if (ret) { - free_ExtKeyUsage(&eku); - return ret; - } - } - free_ExtKeyUsage(&eku); - } - return 0; -} - -/** - * Make the to-be-signed certificate object a CA certificate. If the - * pathLenConstraint is negative path length constraint is used. - * - * @param context A hx509 context. - * @param tbs object to be signed. - * @param pathLenConstraint path length constraint, negative, no - * constraint. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_tbs_set_ca(hx509_context context, - hx509_ca_tbs tbs, - int pathLenConstraint) -{ - tbs->flags.ca = 1; - tbs->pathLenConstraint = pathLenConstraint; - return 0; -} - -/** - * Make the to-be-signed certificate object a proxy certificate. If the - * pathLenConstraint is negative path length constraint is used. - * - * @param context A hx509 context. - * @param tbs object to be signed. - * @param pathLenConstraint path length constraint, negative, no - * constraint. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_tbs_set_proxy(hx509_context context, - hx509_ca_tbs tbs, - int pathLenConstraint) -{ - tbs->flags.proxy = 1; - tbs->pathLenConstraint = pathLenConstraint; - return 0; -} - - -/** - * Make the to-be-signed certificate object a windows domain controller certificate. - * - * @param context A hx509 context. - * @param tbs object to be signed. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_tbs_set_domaincontroller(hx509_context context, - hx509_ca_tbs tbs) -{ - tbs->flags.domaincontroller = 1; - return 0; -} - -/** - * Set the subject public key info (SPKI) in the to-be-signed certificate - * object. SPKI is the public key and key related parameters in the - * certificate. - * - * @param context A hx509 context. - * @param tbs object to be signed. - * @param spki subject public key info to use for the to-be-signed certificate object. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_tbs_set_spki(hx509_context context, - hx509_ca_tbs tbs, - const SubjectPublicKeyInfo *spki) -{ - int ret; - free_SubjectPublicKeyInfo(&tbs->spki); - ret = copy_SubjectPublicKeyInfo(spki, &tbs->spki); - tbs->flags.key = !ret; - return ret; -} - -/** - * Set the serial number to use for to-be-signed certificate object. - * - * @param context A hx509 context. - * @param tbs object to be signed. - * @param serialNumber serial number to use for the to-be-signed - * certificate object. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_tbs_set_serialnumber(hx509_context context, - hx509_ca_tbs tbs, - const heim_integer *serialNumber) -{ - int ret; - der_free_heim_integer(&tbs->serial); - ret = der_copy_heim_integer(serialNumber, &tbs->serial); - tbs->flags.serial = !ret; - return ret; -} - -/** - * An an extended key usage to the to-be-signed certificate object. - * Duplicates will detected and not added. - * - * @param context A hx509 context. - * @param tbs object to be signed. - * @param oid extended key usage to add. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_tbs_add_eku(hx509_context context, - hx509_ca_tbs tbs, - const heim_oid *oid) -{ - void *ptr; - int ret; - unsigned i; - - /* search for duplicates */ - for (i = 0; i < tbs->eku.len; i++) { - if (der_heim_oid_cmp(oid, &tbs->eku.val[i]) == 0) - return 0; - } - - ptr = realloc(tbs->eku.val, sizeof(tbs->eku.val[0]) * (tbs->eku.len + 1)); - if (ptr == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - tbs->eku.val = ptr; - ret = der_copy_oid(oid, &tbs->eku.val[tbs->eku.len]); - if (ret) { - hx509_set_error_string(context, 0, ret, "out of memory"); - return ret; - } - tbs->eku.len += 1; - return 0; -} - -/** - * Add CRL distribution point URI to the to-be-signed certificate - * object. - * - * @param context A hx509 context. - * @param tbs object to be signed. - * @param uri uri to the CRL. - * @param issuername name of the issuer. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_tbs_add_crl_dp_uri(hx509_context context, - hx509_ca_tbs tbs, - const char *uri, - hx509_name issuername) -{ - DistributionPoint dp; - int ret; - - memset(&dp, 0, sizeof(dp)); - - dp.distributionPoint = ecalloc(1, sizeof(*dp.distributionPoint)); - - { - DistributionPointName name; - GeneralName gn; - size_t size; - - name.element = choice_DistributionPointName_fullName; - name.u.fullName.len = 1; - name.u.fullName.val = &gn; - - gn.element = choice_GeneralName_uniformResourceIdentifier; - gn.u.uniformResourceIdentifier = rk_UNCONST(uri); - - ASN1_MALLOC_ENCODE(DistributionPointName, - dp.distributionPoint->data, - dp.distributionPoint->length, - &name, &size, ret); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to encoded DistributionPointName"); - goto out; - } - if (dp.distributionPoint->length != size) - _hx509_abort("internal ASN.1 encoder error"); - } - - if (issuername) { -#if 1 - /** - * issuername not supported - */ - hx509_set_error_string(context, 0, EINVAL, - "CRLDistributionPoints.name.issuername not yet supported"); - return EINVAL; -#else - GeneralNames *crlissuer; - GeneralName gn; - Name n; - - crlissuer = calloc(1, sizeof(*crlissuer)); - if (crlissuer == NULL) { - return ENOMEM; - } - memset(&gn, 0, sizeof(gn)); - - gn.element = choice_GeneralName_directoryName; - ret = hx509_name_to_Name(issuername, &n); - if (ret) { - hx509_set_error_string(context, 0, ret, "out of memory"); - goto out; - } - - gn.u.directoryName.element = n.element; - gn.u.directoryName.u.rdnSequence = n.u.rdnSequence; - - ret = add_GeneralNames(&crlissuer, &gn); - free_Name(&n); - if (ret) { - hx509_set_error_string(context, 0, ret, "out of memory"); - goto out; - } - - dp.cRLIssuer = &crlissuer; -#endif - } - - ret = add_CRLDistributionPoints(&tbs->crldp, &dp); - if (ret) { - hx509_set_error_string(context, 0, ret, "out of memory"); - goto out; - } - -out: - free_DistributionPoint(&dp); - - return ret; -} - -/** - * Add Subject Alternative Name otherName to the to-be-signed - * certificate object. - * - * @param context A hx509 context. - * @param tbs object to be signed. - * @param oid the oid of the OtherName. - * @param os data in the other name. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_tbs_add_san_otherName(hx509_context context, - hx509_ca_tbs tbs, - const heim_oid *oid, - const heim_octet_string *os) -{ - GeneralName gn; - - memset(&gn, 0, sizeof(gn)); - gn.element = choice_GeneralName_otherName; - gn.u.otherName.type_id = *oid; - gn.u.otherName.value = *os; - - return add_GeneralNames(&tbs->san, &gn); -} - -/** - * Add Kerberos Subject Alternative Name to the to-be-signed - * certificate object. The principal string is a UTF8 string. - * - * @param context A hx509 context. - * @param tbs object to be signed. - * @param principal Kerberos principal to add to the certificate. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_tbs_add_san_pkinit(hx509_context context, - hx509_ca_tbs tbs, - const char *principal) -{ - heim_octet_string os; - KRB5PrincipalName p; - size_t size; - int ret; - char *s = NULL; - - memset(&p, 0, sizeof(p)); - - /* parse principal */ - { - const char *str; - char *q; - int n; - - /* count number of component */ - n = 1; - for(str = principal; *str != '\0' && *str != '@'; str++){ - if(*str=='\\'){ - if(str[1] == '\0' || str[1] == '@') { - ret = HX509_PARSING_NAME_FAILED; - hx509_set_error_string(context, 0, ret, - "trailing \\ in principal name"); - goto out; - } - str++; - } else if(*str == '/') - n++; - } - p.principalName.name_string.val = - calloc(n, sizeof(*p.principalName.name_string.val)); - if (p.principalName.name_string.val == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "malloc: out of memory"); - goto out; - } - p.principalName.name_string.len = n; - - p.principalName.name_type = KRB5_NT_PRINCIPAL; - q = s = strdup(principal); - if (q == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "malloc: out of memory"); - goto out; - } - p.realm = strrchr(q, '@'); - if (p.realm == NULL) { - ret = HX509_PARSING_NAME_FAILED; - hx509_set_error_string(context, 0, ret, "Missing @ in principal"); - goto out; - }; - *p.realm++ = '\0'; - - n = 0; - while (q) { - p.principalName.name_string.val[n++] = q; - q = strchr(q, '/'); - if (q) - *q++ = '\0'; - } - } - - ASN1_MALLOC_ENCODE(KRB5PrincipalName, os.data, os.length, &p, &size, ret); - if (ret) { - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - if (size != os.length) - _hx509_abort("internal ASN.1 encoder error"); - - ret = hx509_ca_tbs_add_san_otherName(context, - tbs, - oid_id_pkinit_san(), - &os); - free(os.data); -out: - if (p.principalName.name_string.val) - free (p.principalName.name_string.val); - if (s) - free(s); - return ret; -} - -/* - * - */ - -static int -add_utf8_san(hx509_context context, - hx509_ca_tbs tbs, - const heim_oid *oid, - const char *string) -{ - const PKIXXmppAddr ustring = (const PKIXXmppAddr)string; - heim_octet_string os; - size_t size; - int ret; - - os.length = 0; - os.data = NULL; - - ASN1_MALLOC_ENCODE(PKIXXmppAddr, os.data, os.length, &ustring, &size, ret); - if (ret) { - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - if (size != os.length) - _hx509_abort("internal ASN.1 encoder error"); - - ret = hx509_ca_tbs_add_san_otherName(context, - tbs, - oid, - &os); - free(os.data); -out: - return ret; -} - -/** - * Add Microsoft UPN Subject Alternative Name to the to-be-signed - * certificate object. The principal string is a UTF8 string. - * - * @param context A hx509 context. - * @param tbs object to be signed. - * @param principal Microsoft UPN string. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_tbs_add_san_ms_upn(hx509_context context, - hx509_ca_tbs tbs, - const char *principal) -{ - return add_utf8_san(context, tbs, oid_id_pkinit_ms_san(), principal); -} - -/** - * Add a Jabber/XMPP jid Subject Alternative Name to the to-be-signed - * certificate object. The jid is an UTF8 string. - * - * @param context A hx509 context. - * @param tbs object to be signed. - * @param jid string of an a jabber id in UTF8. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_tbs_add_san_jid(hx509_context context, - hx509_ca_tbs tbs, - const char *jid) -{ - return add_utf8_san(context, tbs, oid_id_pkix_on_xmppAddr(), jid); -} - - -/** - * Add a Subject Alternative Name hostname to to-be-signed certificate - * object. A domain match starts with ., an exact match does not. - * - * Example of a an domain match: .domain.se matches the hostname - * host.domain.se. - * - * @param context A hx509 context. - * @param tbs object to be signed. - * @param dnsname a hostame. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_tbs_add_san_hostname(hx509_context context, - hx509_ca_tbs tbs, - const char *dnsname) -{ - GeneralName gn; - - memset(&gn, 0, sizeof(gn)); - gn.element = choice_GeneralName_dNSName; - gn.u.dNSName = rk_UNCONST(dnsname); - - return add_GeneralNames(&tbs->san, &gn); -} - -/** - * Add a Subject Alternative Name rfc822 (email address) to - * to-be-signed certificate object. - * - * @param context A hx509 context. - * @param tbs object to be signed. - * @param rfc822Name a string to a email address. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_tbs_add_san_rfc822name(hx509_context context, - hx509_ca_tbs tbs, - const char *rfc822Name) -{ - GeneralName gn; - - memset(&gn, 0, sizeof(gn)); - gn.element = choice_GeneralName_rfc822Name; - gn.u.rfc822Name = rk_UNCONST(rfc822Name); - - return add_GeneralNames(&tbs->san, &gn); -} - -/** - * Set the subject name of a to-be-signed certificate object. - * - * @param context A hx509 context. - * @param tbs object to be signed. - * @param subject the name to set a subject. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_tbs_set_subject(hx509_context context, - hx509_ca_tbs tbs, - hx509_name subject) -{ - if (tbs->subject) - hx509_name_free(&tbs->subject); - return hx509_name_copy(context, subject, &tbs->subject); -} - -/** - * Expand the the subject name in the to-be-signed certificate object - * using hx509_name_expand(). - * - * @param context A hx509 context. - * @param tbs object to be signed. - * @param env enviroment variable to expand variables in the subject - * name, see hx509_env_init(). - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_tbs_subject_expand(hx509_context context, - hx509_ca_tbs tbs, - hx509_env env) -{ - return hx509_name_expand(context, tbs->subject, env); -} - -static int -add_extension(hx509_context context, - TBSCertificate *tbsc, - int critical_flag, - const heim_oid *oid, - const heim_octet_string *data) -{ - Extension ext; - int ret; - - memset(&ext, 0, sizeof(ext)); - - if (critical_flag) { - ext.critical = malloc(sizeof(*ext.critical)); - if (ext.critical == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - *ext.critical = TRUE; - } - - ret = der_copy_oid(oid, &ext.extnID); - if (ret) { - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - ret = der_copy_octet_string(data, &ext.extnValue); - if (ret) { - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - ret = add_Extensions(tbsc->extensions, &ext); - if (ret) { - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } -out: - free_Extension(&ext); - return ret; -} - -static int -build_proxy_prefix(hx509_context context, const Name *issuer, Name *subject) -{ - char *tstr; - time_t t; - int ret; - - ret = copy_Name(issuer, subject); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to copy subject name"); - return ret; - } - - t = time(NULL); - asprintf(&tstr, "ts-%lu", (unsigned long)t); - if (tstr == NULL) { - hx509_set_error_string(context, 0, ENOMEM, - "Failed to copy subject name"); - return ENOMEM; - } - /* prefix with CN=,...*/ - ret = _hx509_name_modify(context, subject, 1, oid_id_at_commonName(), tstr); - free(tstr); - if (ret) - free_Name(subject); - return ret; -} - -static int -ca_sign(hx509_context context, - hx509_ca_tbs tbs, - hx509_private_key signer, - const AuthorityKeyIdentifier *ai, - const Name *issuername, - hx509_cert *certificate) -{ - heim_octet_string data; - Certificate c; - TBSCertificate *tbsc; - size_t size; - int ret; - const AlgorithmIdentifier *sigalg; - time_t notBefore; - time_t notAfter; - unsigned key_usage; - - sigalg = _hx509_crypto_default_sig_alg; - - memset(&c, 0, sizeof(c)); - - /* - * Default values are: Valid since 24h ago, valid one year into - * the future, KeyUsage digitalSignature and keyEncipherment set, - * and keyCertSign for CA certificates. - */ - notBefore = tbs->notBefore; - if (notBefore == 0) - notBefore = time(NULL) - 3600 * 24; - notAfter = tbs->notAfter; - if (notAfter == 0) - notAfter = time(NULL) + 3600 * 24 * 365; - - key_usage = tbs->key_usage; - if (key_usage == 0) { - KeyUsage ku; - memset(&ku, 0, sizeof(ku)); - ku.digitalSignature = 1; - ku.keyEncipherment = 1; - key_usage = KeyUsage2int(ku); - } - - if (tbs->flags.ca) { - KeyUsage ku; - memset(&ku, 0, sizeof(ku)); - ku.keyCertSign = 1; - ku.cRLSign = 1; - key_usage |= KeyUsage2int(ku); - } - - /* - * - */ - - tbsc = &c.tbsCertificate; - - if (tbs->flags.key == 0) { - ret = EINVAL; - hx509_set_error_string(context, 0, ret, "No public key set"); - return ret; - } - /* - * Don't put restrictions on proxy certificate's subject name, it - * will be generated below. - */ - if (!tbs->flags.proxy) { - if (tbs->subject == NULL) { - hx509_set_error_string(context, 0, EINVAL, "No subject name set"); - return EINVAL; - } - if (hx509_name_is_null_p(tbs->subject) && tbs->san.len == 0) { - hx509_set_error_string(context, 0, EINVAL, - "NULL subject and no SubjectAltNames"); - return EINVAL; - } - } - if (tbs->flags.ca && tbs->flags.proxy) { - hx509_set_error_string(context, 0, EINVAL, "Can't be proxy and CA " - "at the same time"); - return EINVAL; - } - if (tbs->flags.proxy) { - if (tbs->san.len > 0) { - hx509_set_error_string(context, 0, EINVAL, - "Proxy certificate is not allowed " - "to have SubjectAltNames"); - return EINVAL; - } - } - - /* version [0] Version OPTIONAL, -- EXPLICIT nnn DEFAULT 1, */ - tbsc->version = calloc(1, sizeof(*tbsc->version)); - if (tbsc->version == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - *tbsc->version = rfc3280_version_3; - /* serialNumber CertificateSerialNumber, */ - if (tbs->flags.serial) { - ret = der_copy_heim_integer(&tbs->serial, &tbsc->serialNumber); - if (ret) { - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - } else { - tbsc->serialNumber.length = 20; - tbsc->serialNumber.data = malloc(tbsc->serialNumber.length); - if (tbsc->serialNumber.data == NULL){ - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - /* XXX diffrent */ - RAND_bytes(tbsc->serialNumber.data, tbsc->serialNumber.length); - ((unsigned char *)tbsc->serialNumber.data)[0] &= 0x7f; - } - /* signature AlgorithmIdentifier, */ - ret = copy_AlgorithmIdentifier(sigalg, &tbsc->signature); - if (ret) { - hx509_set_error_string(context, 0, ret, "Failed to copy sigature alg"); - goto out; - } - /* issuer Name, */ - if (issuername) - ret = copy_Name(issuername, &tbsc->issuer); - else - ret = hx509_name_to_Name(tbs->subject, &tbsc->issuer); - if (ret) { - hx509_set_error_string(context, 0, ret, "Failed to copy issuer name"); - goto out; - } - /* validity Validity, */ - tbsc->validity.notBefore.element = choice_Time_generalTime; - tbsc->validity.notBefore.u.generalTime = notBefore; - tbsc->validity.notAfter.element = choice_Time_generalTime; - tbsc->validity.notAfter.u.generalTime = notAfter; - /* subject Name, */ - if (tbs->flags.proxy) { - ret = build_proxy_prefix(context, &tbsc->issuer, &tbsc->subject); - if (ret) - goto out; - } else { - ret = hx509_name_to_Name(tbs->subject, &tbsc->subject); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to copy subject name"); - goto out; - } - } - /* subjectPublicKeyInfo SubjectPublicKeyInfo, */ - ret = copy_SubjectPublicKeyInfo(&tbs->spki, &tbsc->subjectPublicKeyInfo); - if (ret) { - hx509_set_error_string(context, 0, ret, "Failed to copy spki"); - goto out; - } - /* issuerUniqueID [1] IMPLICIT BIT STRING OPTIONAL */ - /* subjectUniqueID [2] IMPLICIT BIT STRING OPTIONAL */ - /* extensions [3] EXPLICIT Extensions OPTIONAL */ - tbsc->extensions = calloc(1, sizeof(*tbsc->extensions)); - if (tbsc->extensions == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - - /* Add the text BMP string Domaincontroller to the cert */ - if (tbs->flags.domaincontroller) { - data.data = rk_UNCONST("\x1e\x20\x00\x44\x00\x6f\x00\x6d" - "\x00\x61\x00\x69\x00\x6e\x00\x43" - "\x00\x6f\x00\x6e\x00\x74\x00\x72" - "\x00\x6f\x00\x6c\x00\x6c\x00\x65" - "\x00\x72"); - data.length = 34; - - ret = add_extension(context, tbsc, 0, - oid_id_ms_cert_enroll_domaincontroller(), - &data); - if (ret) - goto out; - } - - /* add KeyUsage */ - { - KeyUsage ku; - - ku = int2KeyUsage(key_usage); - ASN1_MALLOC_ENCODE(KeyUsage, data.data, data.length, &ku, &size, ret); - if (ret) { - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - if (size != data.length) - _hx509_abort("internal ASN.1 encoder error"); - ret = add_extension(context, tbsc, 1, - oid_id_x509_ce_keyUsage(), &data); - free(data.data); - if (ret) - goto out; - } - - /* add ExtendedKeyUsage */ - if (tbs->eku.len > 0) { - ASN1_MALLOC_ENCODE(ExtKeyUsage, data.data, data.length, - &tbs->eku, &size, ret); - if (ret) { - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - if (size != data.length) - _hx509_abort("internal ASN.1 encoder error"); - ret = add_extension(context, tbsc, 0, - oid_id_x509_ce_extKeyUsage(), &data); - free(data.data); - if (ret) - goto out; - } - - /* add Subject Alternative Name */ - if (tbs->san.len > 0) { - ASN1_MALLOC_ENCODE(GeneralNames, data.data, data.length, - &tbs->san, &size, ret); - if (ret) { - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - if (size != data.length) - _hx509_abort("internal ASN.1 encoder error"); - ret = add_extension(context, tbsc, 0, - oid_id_x509_ce_subjectAltName(), - &data); - free(data.data); - if (ret) - goto out; - } - - /* Add Authority Key Identifier */ - if (ai) { - ASN1_MALLOC_ENCODE(AuthorityKeyIdentifier, data.data, data.length, - ai, &size, ret); - if (ret) { - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - if (size != data.length) - _hx509_abort("internal ASN.1 encoder error"); - ret = add_extension(context, tbsc, 0, - oid_id_x509_ce_authorityKeyIdentifier(), - &data); - free(data.data); - if (ret) - goto out; - } - - /* Add Subject Key Identifier */ - { - SubjectKeyIdentifier si; - unsigned char hash[SHA_DIGEST_LENGTH]; - - { - SHA_CTX m; - - SHA1_Init(&m); - SHA1_Update(&m, tbs->spki.subjectPublicKey.data, - tbs->spki.subjectPublicKey.length / 8); - SHA1_Final (hash, &m); - } - - si.data = hash; - si.length = sizeof(hash); - - ASN1_MALLOC_ENCODE(SubjectKeyIdentifier, data.data, data.length, - &si, &size, ret); - if (ret) { - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - if (size != data.length) - _hx509_abort("internal ASN.1 encoder error"); - ret = add_extension(context, tbsc, 0, - oid_id_x509_ce_subjectKeyIdentifier(), - &data); - free(data.data); - if (ret) - goto out; - } - - /* Add BasicConstraints */ - { - BasicConstraints bc; - int aCA = 1; - uint32_t path; - - memset(&bc, 0, sizeof(bc)); - - if (tbs->flags.ca) { - bc.cA = &aCA; - if (tbs->pathLenConstraint >= 0) { - path = tbs->pathLenConstraint; - bc.pathLenConstraint = &path; - } - } - - ASN1_MALLOC_ENCODE(BasicConstraints, data.data, data.length, - &bc, &size, ret); - if (ret) { - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - if (size != data.length) - _hx509_abort("internal ASN.1 encoder error"); - /* Critical if this is a CA */ - ret = add_extension(context, tbsc, tbs->flags.ca, - oid_id_x509_ce_basicConstraints(), - &data); - free(data.data); - if (ret) - goto out; - } - - /* add Proxy */ - if (tbs->flags.proxy) { - ProxyCertInfo info; - - memset(&info, 0, sizeof(info)); - - if (tbs->pathLenConstraint >= 0) { - info.pCPathLenConstraint = - malloc(sizeof(*info.pCPathLenConstraint)); - if (info.pCPathLenConstraint == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - *info.pCPathLenConstraint = tbs->pathLenConstraint; - } - - ret = der_copy_oid(oid_id_pkix_ppl_inheritAll(), - &info.proxyPolicy.policyLanguage); - if (ret) { - free_ProxyCertInfo(&info); - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - - ASN1_MALLOC_ENCODE(ProxyCertInfo, data.data, data.length, - &info, &size, ret); - free_ProxyCertInfo(&info); - if (ret) { - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - if (size != data.length) - _hx509_abort("internal ASN.1 encoder error"); - ret = add_extension(context, tbsc, 0, - oid_id_pkix_pe_proxyCertInfo(), - &data); - free(data.data); - if (ret) - goto out; - } - - if (tbs->crldp.len) { - - ASN1_MALLOC_ENCODE(CRLDistributionPoints, data.data, data.length, - &tbs->crldp, &size, ret); - if (ret) { - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - if (size != data.length) - _hx509_abort("internal ASN.1 encoder error"); - ret = add_extension(context, tbsc, FALSE, - oid_id_x509_ce_cRLDistributionPoints(), - &data); - free(data.data); - if (ret) - goto out; - } - - ASN1_MALLOC_ENCODE(TBSCertificate, data.data, data.length,tbsc, &size, ret); - if (ret) { - hx509_set_error_string(context, 0, ret, "malloc out of memory"); - goto out; - } - if (data.length != size) - _hx509_abort("internal ASN.1 encoder error"); - - ret = _hx509_create_signature_bitstring(context, - signer, - sigalg, - &data, - &c.signatureAlgorithm, - &c.signatureValue); - free(data.data); - if (ret) - goto out; - - ret = hx509_cert_init(context, &c, certificate); - if (ret) - goto out; - - free_Certificate(&c); - - return 0; - -out: - free_Certificate(&c); - return ret; -} - -static int -get_AuthorityKeyIdentifier(hx509_context context, - const Certificate *certificate, - AuthorityKeyIdentifier *ai) -{ - SubjectKeyIdentifier si; - int ret; - - ret = _hx509_find_extension_subject_key_id(certificate, &si); - if (ret == 0) { - ai->keyIdentifier = calloc(1, sizeof(*ai->keyIdentifier)); - if (ai->keyIdentifier == NULL) { - free_SubjectKeyIdentifier(&si); - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - ret = der_copy_octet_string(&si, ai->keyIdentifier); - free_SubjectKeyIdentifier(&si); - if (ret) { - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - } else { - GeneralNames gns; - GeneralName gn; - Name name; - - memset(&gn, 0, sizeof(gn)); - memset(&gns, 0, sizeof(gns)); - memset(&name, 0, sizeof(name)); - - ai->authorityCertIssuer = - calloc(1, sizeof(*ai->authorityCertIssuer)); - if (ai->authorityCertIssuer == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - ai->authorityCertSerialNumber = - calloc(1, sizeof(*ai->authorityCertSerialNumber)); - if (ai->authorityCertSerialNumber == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - - /* - * XXX unbreak when asn1 compiler handle IMPLICIT - * - * This is so horrible. - */ - - ret = copy_Name(&certificate->tbsCertificate.subject, &name); - if (ai->authorityCertSerialNumber == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - - memset(&gn, 0, sizeof(gn)); - gn.element = choice_GeneralName_directoryName; - gn.u.directoryName.element = - choice_GeneralName_directoryName_rdnSequence; - gn.u.directoryName.u.rdnSequence = name.u.rdnSequence; - - ret = add_GeneralNames(&gns, &gn); - if (ret) { - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - - ai->authorityCertIssuer->val = gns.val; - ai->authorityCertIssuer->len = gns.len; - - ret = der_copy_heim_integer(&certificate->tbsCertificate.serialNumber, - ai->authorityCertSerialNumber); - if (ai->authorityCertSerialNumber == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "Out of memory"); - goto out; - } - } -out: - if (ret) - free_AuthorityKeyIdentifier(ai); - return ret; -} - - -/** - * Sign a to-be-signed certificate object with a issuer certificate. - * - * The caller needs to at least have called the following functions on the - * to-be-signed certificate object: - * - hx509_ca_tbs_init() - * - hx509_ca_tbs_set_subject() - * - hx509_ca_tbs_set_spki() - * - * When done the to-be-signed certificate object should be freed with - * hx509_ca_tbs_free(). - * - * When creating self-signed certificate use hx509_ca_sign_self() instead. - * - * @param context A hx509 context. - * @param tbs object to be signed. - * @param signer the CA certificate object to sign with (need private key). - * @param certificate return cerificate, free with hx509_cert_free(). - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_sign(hx509_context context, - hx509_ca_tbs tbs, - hx509_cert signer, - hx509_cert *certificate) -{ - const Certificate *signer_cert; - AuthorityKeyIdentifier ai; - int ret; - - memset(&ai, 0, sizeof(ai)); - - signer_cert = _hx509_get_cert(signer); - - ret = get_AuthorityKeyIdentifier(context, signer_cert, &ai); - if (ret) - goto out; - - ret = ca_sign(context, - tbs, - _hx509_cert_private_key(signer), - &ai, - &signer_cert->tbsCertificate.subject, - certificate); - -out: - free_AuthorityKeyIdentifier(&ai); - - return ret; -} - -/** - * Work just like hx509_ca_sign() but signs it-self. - * - * @param context A hx509 context. - * @param tbs object to be signed. - * @param signer private key to sign with. - * @param certificate return cerificate, free with hx509_cert_free(). - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_ca - */ - -int -hx509_ca_sign_self(hx509_context context, - hx509_ca_tbs tbs, - hx509_private_key signer, - hx509_cert *certificate) -{ - return ca_sign(context, - tbs, - signer, - NULL, - NULL, - certificate); -} diff --git a/crypto/heimdal/lib/hx509/cert.c b/crypto/heimdal/lib/hx509/cert.c deleted file mode 100644 index 1520e23cb1dd..000000000000 --- a/crypto/heimdal/lib/hx509/cert.c +++ /dev/null @@ -1,3108 +0,0 @@ -/* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -RCSID("$Id: cert.c 22450 2008-01-15 19:39:14Z lha $"); -#include "crypto-headers.h" -#include - -/** - * @page page_cert The basic certificate - * - * The basic hx509 cerificate object in hx509 is hx509_cert. The - * hx509_cert object is representing one X509/PKIX certificate and - * associated attributes; like private key, friendly name, etc. - * - * A hx509_cert object is usully found via the keyset interfaces (@ref - * page_keyset), but its also possible to create a certificate - * directly from a parsed object with hx509_cert_init() and - * hx509_cert_init_data(). - * - * See the library functions here: @ref hx509_cert - */ - -struct hx509_verify_ctx_data { - hx509_certs trust_anchors; - int flags; -#define HX509_VERIFY_CTX_F_TIME_SET 1 -#define HX509_VERIFY_CTX_F_ALLOW_PROXY_CERTIFICATE 2 -#define HX509_VERIFY_CTX_F_REQUIRE_RFC3280 4 -#define HX509_VERIFY_CTX_F_CHECK_TRUST_ANCHORS 8 -#define HX509_VERIFY_CTX_F_NO_DEFAULT_ANCHORS 16 - time_t time_now; - unsigned int max_depth; -#define HX509_VERIFY_MAX_DEPTH 30 - hx509_revoke_ctx revoke_ctx; -}; - -#define REQUIRE_RFC3280(ctx) ((ctx)->flags & HX509_VERIFY_CTX_F_REQUIRE_RFC3280) -#define CHECK_TA(ctx) ((ctx)->flags & HX509_VERIFY_CTX_F_CHECK_TRUST_ANCHORS) -#define ALLOW_DEF_TA(ctx) (((ctx)->flags & HX509_VERIFY_CTX_F_NO_DEFAULT_ANCHORS) == 0) - -struct _hx509_cert_attrs { - size_t len; - hx509_cert_attribute *val; -}; - -struct hx509_cert_data { - unsigned int ref; - char *friendlyname; - Certificate *data; - hx509_private_key private_key; - struct _hx509_cert_attrs attrs; - hx509_name basename; - _hx509_cert_release_func release; - void *ctx; -}; - -typedef struct hx509_name_constraints { - NameConstraints *val; - size_t len; -} hx509_name_constraints; - -#define GeneralSubtrees_SET(g,var) \ - (g)->len = (var)->len, (g)->val = (var)->val; - -/** - * Creates a hx509 context that most functions in the library - * uses. The context is only allowed to be used by one thread at each - * moment. Free the context with hx509_context_free(). - * - * @param context Returns a pointer to new hx509 context. - * - * @return Returns an hx509 error code. - * - * @ingroup hx509 - */ - -int -hx509_context_init(hx509_context *context) -{ - *context = calloc(1, sizeof(**context)); - if (*context == NULL) - return ENOMEM; - - _hx509_ks_null_register(*context); - _hx509_ks_mem_register(*context); - _hx509_ks_file_register(*context); - _hx509_ks_pkcs12_register(*context); - _hx509_ks_pkcs11_register(*context); - _hx509_ks_dir_register(*context); - _hx509_ks_keychain_register(*context); - - ENGINE_add_conf_module(); - OpenSSL_add_all_algorithms(); - - (*context)->ocsp_time_diff = HX509_DEFAULT_OCSP_TIME_DIFF; - - initialize_hx_error_table_r(&(*context)->et_list); - initialize_asn1_error_table_r(&(*context)->et_list); - -#ifdef HX509_DEFAULT_ANCHORS - (void)hx509_certs_init(*context, HX509_DEFAULT_ANCHORS, 0, - NULL, &(*context)->default_trust_anchors); -#endif - - return 0; -} - -/** - * Selects if the hx509_revoke_verify() function is going to require - * the existans of a revokation method (OSCP, CRL) or not. Note that - * hx509_verify_path(), hx509_cms_verify_signed(), and other function - * call hx509_revoke_verify(). - * - * @param context hx509 context to change the flag for. - * @param flag zero, revokation method required, non zero missing - * revokation method ok - * - * @ingroup hx509_verify - */ - -void -hx509_context_set_missing_revoke(hx509_context context, int flag) -{ - if (flag) - context->flags |= HX509_CTX_VERIFY_MISSING_OK; - else - context->flags &= ~HX509_CTX_VERIFY_MISSING_OK; -} - -/** - * Free the context allocated by hx509_context_init(). - * - * @param context context to be freed. - * - * @ingroup hx509 - */ - -void -hx509_context_free(hx509_context *context) -{ - hx509_clear_error_string(*context); - if ((*context)->ks_ops) { - free((*context)->ks_ops); - (*context)->ks_ops = NULL; - } - (*context)->ks_num_ops = 0; - free_error_table ((*context)->et_list); - if ((*context)->querystat) - free((*context)->querystat); - memset(*context, 0, sizeof(**context)); - free(*context); - *context = NULL; -} - -/* - * - */ - -Certificate * -_hx509_get_cert(hx509_cert cert) -{ - return cert->data; -} - -/* - * - */ - -int -_hx509_cert_get_version(const Certificate *t) -{ - return t->tbsCertificate.version ? *t->tbsCertificate.version + 1 : 1; -} - -/** - * Allocate and init an hx509 certificate object from the decoded - * certificate `c´. - * - * @param context A hx509 context. - * @param c - * @param cert - * - * @return Returns an hx509 error code. - * - * @ingroup hx509_cert - */ - -int -hx509_cert_init(hx509_context context, const Certificate *c, hx509_cert *cert) -{ - int ret; - - *cert = malloc(sizeof(**cert)); - if (*cert == NULL) - return ENOMEM; - (*cert)->ref = 1; - (*cert)->friendlyname = NULL; - (*cert)->attrs.len = 0; - (*cert)->attrs.val = NULL; - (*cert)->private_key = NULL; - (*cert)->basename = NULL; - (*cert)->release = NULL; - (*cert)->ctx = NULL; - - (*cert)->data = calloc(1, sizeof(*(*cert)->data)); - if ((*cert)->data == NULL) { - free(*cert); - return ENOMEM; - } - ret = copy_Certificate(c, (*cert)->data); - if (ret) { - free((*cert)->data); - free(*cert); - *cert = NULL; - } - return ret; -} - -/** - * Just like hx509_cert_init(), but instead of a decode certificate - * takes an pointer and length to a memory region that contains a - * DER/BER encoded certificate. - * - * If the memory region doesn't contain just the certificate and - * nothing more the function will fail with - * HX509_EXTRA_DATA_AFTER_STRUCTURE. - * - * @param context A hx509 context. - * @param ptr pointer to memory region containing encoded certificate. - * @param len length of memory region. - * @param cert a return pointer to a hx509 certificate object, will - * contain NULL on error. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_cert - */ - -int -hx509_cert_init_data(hx509_context context, - const void *ptr, - size_t len, - hx509_cert *cert) -{ - Certificate t; - size_t size; - int ret; - - ret = decode_Certificate(ptr, len, &t, &size); - if (ret) { - hx509_set_error_string(context, 0, ret, "Failed to decode certificate"); - return ret; - } - if (size != len) { - hx509_set_error_string(context, 0, HX509_EXTRA_DATA_AFTER_STRUCTURE, - "Extra data after certificate"); - return HX509_EXTRA_DATA_AFTER_STRUCTURE; - } - - ret = hx509_cert_init(context, &t, cert); - free_Certificate(&t); - return ret; -} - -void -_hx509_cert_set_release(hx509_cert cert, - _hx509_cert_release_func release, - void *ctx) -{ - cert->release = release; - cert->ctx = ctx; -} - - -/* Doesn't make a copy of `private_key'. */ - -int -_hx509_cert_assign_key(hx509_cert cert, hx509_private_key private_key) -{ - if (cert->private_key) - _hx509_private_key_free(&cert->private_key); - cert->private_key = _hx509_private_key_ref(private_key); - return 0; -} - -/** - * Free reference to the hx509 certificate object, if the refcounter - * reaches 0, the object if freed. Its allowed to pass in NULL. - * - * @param cert the cert to free. - * - * @ingroup hx509_cert - */ - -void -hx509_cert_free(hx509_cert cert) -{ - int i; - - if (cert == NULL) - return; - - if (cert->ref <= 0) - _hx509_abort("cert refcount <= 0 on free"); - if (--cert->ref > 0) - return; - - if (cert->release) - (cert->release)(cert, cert->ctx); - - if (cert->private_key) - _hx509_private_key_free(&cert->private_key); - - free_Certificate(cert->data); - free(cert->data); - - for (i = 0; i < cert->attrs.len; i++) { - der_free_octet_string(&cert->attrs.val[i]->data); - der_free_oid(&cert->attrs.val[i]->oid); - free(cert->attrs.val[i]); - } - free(cert->attrs.val); - free(cert->friendlyname); - if (cert->basename) - hx509_name_free(&cert->basename); - memset(cert, 0, sizeof(cert)); - free(cert); -} - -/** - * Add a reference to a hx509 certificate object. - * - * @param cert a pointer to an hx509 certificate object. - * - * @return the same object as is passed in. - * - * @ingroup hx509_cert - */ - -hx509_cert -hx509_cert_ref(hx509_cert cert) -{ - if (cert == NULL) - return NULL; - if (cert->ref <= 0) - _hx509_abort("cert refcount <= 0"); - cert->ref++; - if (cert->ref == 0) - _hx509_abort("cert refcount == 0"); - return cert; -} - -/** - * Allocate an verification context that is used fo control the - * verification process. - * - * @param context A hx509 context. - * @param ctx returns a pointer to a hx509_verify_ctx object. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_verify - */ - -int -hx509_verify_init_ctx(hx509_context context, hx509_verify_ctx *ctx) -{ - hx509_verify_ctx c; - - c = calloc(1, sizeof(*c)); - if (c == NULL) - return ENOMEM; - - c->max_depth = HX509_VERIFY_MAX_DEPTH; - - *ctx = c; - - return 0; -} - -/** - * Free an hx509 verification context. - * - * @param ctx the context to be freed. - * - * @ingroup hx509_verify - */ - -void -hx509_verify_destroy_ctx(hx509_verify_ctx ctx) -{ - if (ctx) { - hx509_certs_free(&ctx->trust_anchors); - hx509_revoke_free(&ctx->revoke_ctx); - memset(ctx, 0, sizeof(*ctx)); - } - free(ctx); -} - -/** - * Set the trust anchors in the verification context, makes an - * reference to the keyset, so the consumer can free the keyset - * independent of the destruction of the verification context (ctx). - * - * @param ctx a verification context - * @param set a keyset containing the trust anchors. - * - * @ingroup hx509_verify - */ - -void -hx509_verify_attach_anchors(hx509_verify_ctx ctx, hx509_certs set) -{ - ctx->trust_anchors = _hx509_certs_ref(set); -} - -/** - * Attach an revocation context to the verfication context, , makes an - * reference to the revoke context, so the consumer can free the - * revoke context independent of the destruction of the verification - * context. If there is no revoke context, the verification process is - * NOT going to check any verification status. - * - * @param ctx a verification context. - * @param revoke_ctx a revoke context. - * - * @ingroup hx509_verify - */ - -void -hx509_verify_attach_revoke(hx509_verify_ctx ctx, hx509_revoke_ctx revoke_ctx) -{ - if (ctx->revoke_ctx) - hx509_revoke_free(&ctx->revoke_ctx); - ctx->revoke_ctx = _hx509_revoke_ref(revoke_ctx); -} - -/** - * Set the clock time the the verification process is going to - * use. Used to check certificate in the past and future time. If not - * set the current time will be used. - * - * @param ctx a verification context. - * @param t the time the verifiation is using. - * - * - * @ingroup hx509_verify - */ - -void -hx509_verify_set_time(hx509_verify_ctx ctx, time_t t) -{ - ctx->flags |= HX509_VERIFY_CTX_F_TIME_SET; - ctx->time_now = t; -} - -/** - * Set the maximum depth of the certificate chain that the path - * builder is going to try. - * - * @param ctx a verification context - * @param max_depth maxium depth of the certificate chain, include - * trust anchor. - * - * @ingroup hx509_verify - */ - -void -hx509_verify_set_max_depth(hx509_verify_ctx ctx, unsigned int max_depth) -{ - ctx->max_depth = max_depth; -} - -/** - * Allow or deny the use of proxy certificates - * - * @param ctx a verification context - * @param boolean if non zero, allow proxy certificates. - * - * @ingroup hx509_verify - */ - -void -hx509_verify_set_proxy_certificate(hx509_verify_ctx ctx, int boolean) -{ - if (boolean) - ctx->flags |= HX509_VERIFY_CTX_F_ALLOW_PROXY_CERTIFICATE; - else - ctx->flags &= ~HX509_VERIFY_CTX_F_ALLOW_PROXY_CERTIFICATE; -} - -/** - * Select strict RFC3280 verification of certificiates. This means - * checking key usage on CA certificates, this will make version 1 - * certificiates unuseable. - * - * @param ctx a verification context - * @param boolean if non zero, use strict verification. - * - * @ingroup hx509_verify - */ - -void -hx509_verify_set_strict_rfc3280_verification(hx509_verify_ctx ctx, int boolean) -{ - if (boolean) - ctx->flags |= HX509_VERIFY_CTX_F_REQUIRE_RFC3280; - else - ctx->flags &= ~HX509_VERIFY_CTX_F_REQUIRE_RFC3280; -} - -/** - * Allow using the operating system builtin trust anchors if no other - * trust anchors are configured. - * - * @param ctx a verification context - * @param boolean if non zero, useing the operating systems builtin - * trust anchors. - * - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_cert - */ - -void -hx509_verify_ctx_f_allow_default_trustanchors(hx509_verify_ctx ctx, int boolean) -{ - if (boolean) - ctx->flags &= ~HX509_VERIFY_CTX_F_NO_DEFAULT_ANCHORS; - else - ctx->flags |= HX509_VERIFY_CTX_F_NO_DEFAULT_ANCHORS; -} - -static const Extension * -find_extension(const Certificate *cert, const heim_oid *oid, int *idx) -{ - const TBSCertificate *c = &cert->tbsCertificate; - - if (c->version == NULL || *c->version < 2 || c->extensions == NULL) - return NULL; - - for (;*idx < c->extensions->len; (*idx)++) { - if (der_heim_oid_cmp(&c->extensions->val[*idx].extnID, oid) == 0) - return &c->extensions->val[(*idx)++]; - } - return NULL; -} - -static int -find_extension_auth_key_id(const Certificate *subject, - AuthorityKeyIdentifier *ai) -{ - const Extension *e; - size_t size; - int i = 0; - - memset(ai, 0, sizeof(*ai)); - - e = find_extension(subject, oid_id_x509_ce_authorityKeyIdentifier(), &i); - if (e == NULL) - return HX509_EXTENSION_NOT_FOUND; - - return decode_AuthorityKeyIdentifier(e->extnValue.data, - e->extnValue.length, - ai, &size); -} - -int -_hx509_find_extension_subject_key_id(const Certificate *issuer, - SubjectKeyIdentifier *si) -{ - const Extension *e; - size_t size; - int i = 0; - - memset(si, 0, sizeof(*si)); - - e = find_extension(issuer, oid_id_x509_ce_subjectKeyIdentifier(), &i); - if (e == NULL) - return HX509_EXTENSION_NOT_FOUND; - - return decode_SubjectKeyIdentifier(e->extnValue.data, - e->extnValue.length, - si, &size); -} - -static int -find_extension_name_constraints(const Certificate *subject, - NameConstraints *nc) -{ - const Extension *e; - size_t size; - int i = 0; - - memset(nc, 0, sizeof(*nc)); - - e = find_extension(subject, oid_id_x509_ce_nameConstraints(), &i); - if (e == NULL) - return HX509_EXTENSION_NOT_FOUND; - - return decode_NameConstraints(e->extnValue.data, - e->extnValue.length, - nc, &size); -} - -static int -find_extension_subject_alt_name(const Certificate *cert, int *i, - GeneralNames *sa) -{ - const Extension *e; - size_t size; - - memset(sa, 0, sizeof(*sa)); - - e = find_extension(cert, oid_id_x509_ce_subjectAltName(), i); - if (e == NULL) - return HX509_EXTENSION_NOT_FOUND; - - return decode_GeneralNames(e->extnValue.data, - e->extnValue.length, - sa, &size); -} - -static int -find_extension_eku(const Certificate *cert, ExtKeyUsage *eku) -{ - const Extension *e; - size_t size; - int i = 0; - - memset(eku, 0, sizeof(*eku)); - - e = find_extension(cert, oid_id_x509_ce_extKeyUsage(), &i); - if (e == NULL) - return HX509_EXTENSION_NOT_FOUND; - - return decode_ExtKeyUsage(e->extnValue.data, - e->extnValue.length, - eku, &size); -} - -static int -add_to_list(hx509_octet_string_list *list, const heim_octet_string *entry) -{ - void *p; - int ret; - - p = realloc(list->val, (list->len + 1) * sizeof(list->val[0])); - if (p == NULL) - return ENOMEM; - list->val = p; - ret = der_copy_octet_string(entry, &list->val[list->len]); - if (ret) - return ret; - list->len++; - return 0; -} - -/** - * Free a list of octet strings returned by another hx509 library - * function. - * - * @param list list to be freed. - * - * @ingroup hx509_misc - */ - -void -hx509_free_octet_string_list(hx509_octet_string_list *list) -{ - int i; - for (i = 0; i < list->len; i++) - der_free_octet_string(&list->val[i]); - free(list->val); - list->val = NULL; - list->len = 0; -} - -/** - * Return a list of subjectAltNames specified by oid in the - * certificate. On error the - * - * The returned list of octet string should be freed with - * hx509_free_octet_string_list(). - * - * @param context A hx509 context. - * @param cert a hx509 certificate object. - * @param oid an oid to for SubjectAltName. - * @param list list of matching SubjectAltName. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_cert - */ - -int -hx509_cert_find_subjectAltName_otherName(hx509_context context, - hx509_cert cert, - const heim_oid *oid, - hx509_octet_string_list *list) -{ - GeneralNames sa; - int ret, i, j; - - list->val = NULL; - list->len = 0; - - i = 0; - while (1) { - ret = find_extension_subject_alt_name(_hx509_get_cert(cert), &i, &sa); - i++; - if (ret == HX509_EXTENSION_NOT_FOUND) { - ret = 0; - break; - } else if (ret != 0) { - hx509_set_error_string(context, 0, ret, "Error searching for SAN"); - hx509_free_octet_string_list(list); - return ret; - } - - for (j = 0; j < sa.len; j++) { - if (sa.val[j].element == choice_GeneralName_otherName && - der_heim_oid_cmp(&sa.val[j].u.otherName.type_id, oid) == 0) - { - ret = add_to_list(list, &sa.val[j].u.otherName.value); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Error adding an exra SAN to " - "return list"); - hx509_free_octet_string_list(list); - free_GeneralNames(&sa); - return ret; - } - } - } - free_GeneralNames(&sa); - } - return 0; -} - - -static int -check_key_usage(hx509_context context, const Certificate *cert, - unsigned flags, int req_present) -{ - const Extension *e; - KeyUsage ku; - size_t size; - int ret, i = 0; - unsigned ku_flags; - - if (_hx509_cert_get_version(cert) < 3) - return 0; - - e = find_extension(cert, oid_id_x509_ce_keyUsage(), &i); - if (e == NULL) { - if (req_present) { - hx509_set_error_string(context, 0, HX509_KU_CERT_MISSING, - "Required extension key " - "usage missing from certifiate"); - return HX509_KU_CERT_MISSING; - } - return 0; - } - - ret = decode_KeyUsage(e->extnValue.data, e->extnValue.length, &ku, &size); - if (ret) - return ret; - ku_flags = KeyUsage2int(ku); - if ((ku_flags & flags) != flags) { - unsigned missing = (~ku_flags) & flags; - char buf[256], *name; - - unparse_flags(missing, asn1_KeyUsage_units(), buf, sizeof(buf)); - _hx509_unparse_Name(&cert->tbsCertificate.subject, &name); - hx509_set_error_string(context, 0, HX509_KU_CERT_MISSING, - "Key usage %s required but missing " - "from certifiate %s", buf, name); - free(name); - return HX509_KU_CERT_MISSING; - } - return 0; -} - -/* - * Return 0 on matching key usage 'flags' for 'cert', otherwise return - * an error code. If 'req_present' the existance is required of the - * KeyUsage extension. - */ - -int -_hx509_check_key_usage(hx509_context context, hx509_cert cert, - unsigned flags, int req_present) -{ - return check_key_usage(context, _hx509_get_cert(cert), flags, req_present); -} - -enum certtype { PROXY_CERT, EE_CERT, CA_CERT }; - -static int -check_basic_constraints(hx509_context context, const Certificate *cert, - enum certtype type, int depth) -{ - BasicConstraints bc; - const Extension *e; - size_t size; - int ret, i = 0; - - if (_hx509_cert_get_version(cert) < 3) - return 0; - - e = find_extension(cert, oid_id_x509_ce_basicConstraints(), &i); - if (e == NULL) { - switch(type) { - case PROXY_CERT: - case EE_CERT: - return 0; - case CA_CERT: { - char *name; - ret = _hx509_unparse_Name(&cert->tbsCertificate.subject, &name); - assert(ret == 0); - hx509_set_error_string(context, 0, HX509_EXTENSION_NOT_FOUND, - "basicConstraints missing from " - "CA certifiacte %s", name); - free(name); - return HX509_EXTENSION_NOT_FOUND; - } - } - } - - ret = decode_BasicConstraints(e->extnValue.data, - e->extnValue.length, &bc, - &size); - if (ret) - return ret; - switch(type) { - case PROXY_CERT: - if (bc.cA != NULL && *bc.cA) - ret = HX509_PARENT_IS_CA; - break; - case EE_CERT: - ret = 0; - break; - case CA_CERT: - if (bc.cA == NULL || !*bc.cA) - ret = HX509_PARENT_NOT_CA; - else if (bc.pathLenConstraint) - if (depth - 1 > *bc.pathLenConstraint) - ret = HX509_CA_PATH_TOO_DEEP; - break; - } - free_BasicConstraints(&bc); - return ret; -} - -int -_hx509_cert_is_parent_cmp(const Certificate *subject, - const Certificate *issuer, - int allow_self_signed) -{ - int diff; - AuthorityKeyIdentifier ai; - SubjectKeyIdentifier si; - int ret_ai, ret_si; - - diff = _hx509_name_cmp(&issuer->tbsCertificate.subject, - &subject->tbsCertificate.issuer); - if (diff) - return diff; - - memset(&ai, 0, sizeof(ai)); - memset(&si, 0, sizeof(si)); - - /* - * Try to find AuthorityKeyIdentifier, if it's not present in the - * subject certificate nor the parent. - */ - - ret_ai = find_extension_auth_key_id(subject, &ai); - if (ret_ai && ret_ai != HX509_EXTENSION_NOT_FOUND) - return 1; - ret_si = _hx509_find_extension_subject_key_id(issuer, &si); - if (ret_si && ret_si != HX509_EXTENSION_NOT_FOUND) - return -1; - - if (ret_si && ret_ai) - goto out; - if (ret_ai) - goto out; - if (ret_si) { - if (allow_self_signed) { - diff = 0; - goto out; - } else if (ai.keyIdentifier) { - diff = -1; - goto out; - } - } - - if (ai.keyIdentifier == NULL) { - Name name; - - if (ai.authorityCertIssuer == NULL) - return -1; - if (ai.authorityCertSerialNumber == NULL) - return -1; - - diff = der_heim_integer_cmp(ai.authorityCertSerialNumber, - &issuer->tbsCertificate.serialNumber); - if (diff) - return diff; - if (ai.authorityCertIssuer->len != 1) - return -1; - if (ai.authorityCertIssuer->val[0].element != choice_GeneralName_directoryName) - return -1; - - name.element = - ai.authorityCertIssuer->val[0].u.directoryName.element; - name.u.rdnSequence = - ai.authorityCertIssuer->val[0].u.directoryName.u.rdnSequence; - - diff = _hx509_name_cmp(&issuer->tbsCertificate.subject, - &name); - if (diff) - return diff; - diff = 0; - } else - diff = der_heim_octet_string_cmp(ai.keyIdentifier, &si); - if (diff) - goto out; - - out: - free_AuthorityKeyIdentifier(&ai); - free_SubjectKeyIdentifier(&si); - return diff; -} - -static int -certificate_is_anchor(hx509_context context, - hx509_certs trust_anchors, - const hx509_cert cert) -{ - hx509_query q; - hx509_cert c; - int ret; - - if (trust_anchors == NULL) - return 0; - - _hx509_query_clear(&q); - - q.match = HX509_QUERY_MATCH_CERTIFICATE; - q.certificate = _hx509_get_cert(cert); - - ret = hx509_certs_find(context, trust_anchors, &q, &c); - if (ret == 0) - hx509_cert_free(c); - return ret == 0; -} - -static int -certificate_is_self_signed(const Certificate *cert) -{ - return _hx509_name_cmp(&cert->tbsCertificate.subject, - &cert->tbsCertificate.issuer) == 0; -} - -/* - * The subjectName is "null" when it's empty set of relative DBs. - */ - -static int -subject_null_p(const Certificate *c) -{ - return c->tbsCertificate.subject.u.rdnSequence.len == 0; -} - - -static int -find_parent(hx509_context context, - time_t time_now, - hx509_certs trust_anchors, - hx509_path *path, - hx509_certs pool, - hx509_cert current, - hx509_cert *parent) -{ - AuthorityKeyIdentifier ai; - hx509_query q; - int ret; - - *parent = NULL; - memset(&ai, 0, sizeof(ai)); - - _hx509_query_clear(&q); - - if (!subject_null_p(current->data)) { - q.match |= HX509_QUERY_FIND_ISSUER_CERT; - q.subject = _hx509_get_cert(current); - } else { - ret = find_extension_auth_key_id(current->data, &ai); - if (ret) { - hx509_set_error_string(context, 0, HX509_CERTIFICATE_MALFORMED, - "Subjectless certificate missing AuthKeyID"); - return HX509_CERTIFICATE_MALFORMED; - } - - if (ai.keyIdentifier == NULL) { - free_AuthorityKeyIdentifier(&ai); - hx509_set_error_string(context, 0, HX509_CERTIFICATE_MALFORMED, - "Subjectless certificate missing keyIdentifier " - "inside AuthKeyID"); - return HX509_CERTIFICATE_MALFORMED; - } - - q.subject_id = ai.keyIdentifier; - q.match = HX509_QUERY_MATCH_SUBJECT_KEY_ID; - } - - q.path = path; - q.match |= HX509_QUERY_NO_MATCH_PATH; - - if (pool) { - q.timenow = time_now; - q.match |= HX509_QUERY_MATCH_TIME; - - ret = hx509_certs_find(context, pool, &q, parent); - if (ret == 0) { - free_AuthorityKeyIdentifier(&ai); - return 0; - } - q.match &= ~HX509_QUERY_MATCH_TIME; - } - - if (trust_anchors) { - ret = hx509_certs_find(context, trust_anchors, &q, parent); - if (ret == 0) { - free_AuthorityKeyIdentifier(&ai); - return ret; - } - } - free_AuthorityKeyIdentifier(&ai); - - { - hx509_name name; - char *str; - - ret = hx509_cert_get_subject(current, &name); - if (ret) { - hx509_clear_error_string(context); - return HX509_ISSUER_NOT_FOUND; - } - ret = hx509_name_to_string(name, &str); - hx509_name_free(&name); - if (ret) { - hx509_clear_error_string(context); - return HX509_ISSUER_NOT_FOUND; - } - - hx509_set_error_string(context, 0, HX509_ISSUER_NOT_FOUND, - "Failed to find issuer for " - "certificate with subject: '%s'", str); - free(str); - } - return HX509_ISSUER_NOT_FOUND; -} - -/* - * - */ - -static int -is_proxy_cert(hx509_context context, - const Certificate *cert, - ProxyCertInfo *rinfo) -{ - ProxyCertInfo info; - const Extension *e; - size_t size; - int ret, i = 0; - - if (rinfo) - memset(rinfo, 0, sizeof(*rinfo)); - - e = find_extension(cert, oid_id_pkix_pe_proxyCertInfo(), &i); - if (e == NULL) { - hx509_clear_error_string(context); - return HX509_EXTENSION_NOT_FOUND; - } - - ret = decode_ProxyCertInfo(e->extnValue.data, - e->extnValue.length, - &info, - &size); - if (ret) { - hx509_clear_error_string(context); - return ret; - } - if (size != e->extnValue.length) { - free_ProxyCertInfo(&info); - hx509_clear_error_string(context); - return HX509_EXTRA_DATA_AFTER_STRUCTURE; - } - if (rinfo == NULL) - free_ProxyCertInfo(&info); - else - *rinfo = info; - - return 0; -} - -/* - * Path operations are like MEMORY based keyset, but with exposed - * internal so we can do easy searches. - */ - -int -_hx509_path_append(hx509_context context, hx509_path *path, hx509_cert cert) -{ - hx509_cert *val; - val = realloc(path->val, (path->len + 1) * sizeof(path->val[0])); - if (val == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - - path->val = val; - path->val[path->len] = hx509_cert_ref(cert); - path->len++; - - return 0; -} - -void -_hx509_path_free(hx509_path *path) -{ - unsigned i; - - for (i = 0; i < path->len; i++) - hx509_cert_free(path->val[i]); - free(path->val); - path->val = NULL; - path->len = 0; -} - -/* - * Find path by looking up issuer for the top certificate and continue - * until an anchor certificate is found or max limit is found. A - * certificate never included twice in the path. - * - * If the trust anchors are not given, calculate optimistic path, just - * follow the chain upward until we no longer find a parent or we hit - * the max path limit. In this case, a failure will always be returned - * depending on what error condition is hit first. - * - * The path includes a path from the top certificate to the anchor - * certificate. - * - * The caller needs to free `path´ both on successful built path and - * failure. - */ - -int -_hx509_calculate_path(hx509_context context, - int flags, - time_t time_now, - hx509_certs anchors, - unsigned int max_depth, - hx509_cert cert, - hx509_certs pool, - hx509_path *path) -{ - hx509_cert parent, current; - int ret; - - if (max_depth == 0) - max_depth = HX509_VERIFY_MAX_DEPTH; - - ret = _hx509_path_append(context, path, cert); - if (ret) - return ret; - - current = hx509_cert_ref(cert); - - while (!certificate_is_anchor(context, anchors, current)) { - - ret = find_parent(context, time_now, anchors, path, - pool, current, &parent); - hx509_cert_free(current); - if (ret) - return ret; - - ret = _hx509_path_append(context, path, parent); - if (ret) - return ret; - current = parent; - - if (path->len > max_depth) { - hx509_cert_free(current); - hx509_set_error_string(context, 0, HX509_PATH_TOO_LONG, - "Path too long while bulding " - "certificate chain"); - return HX509_PATH_TOO_LONG; - } - } - - if ((flags & HX509_CALCULATE_PATH_NO_ANCHOR) && - path->len > 0 && - certificate_is_anchor(context, anchors, path->val[path->len - 1])) - { - hx509_cert_free(path->val[path->len - 1]); - path->len--; - } - - hx509_cert_free(current); - return 0; -} - -int -_hx509_AlgorithmIdentifier_cmp(const AlgorithmIdentifier *p, - const AlgorithmIdentifier *q) -{ - int diff; - diff = der_heim_oid_cmp(&p->algorithm, &q->algorithm); - if (diff) - return diff; - if (p->parameters) { - if (q->parameters) - return heim_any_cmp(p->parameters, - q->parameters); - else - return 1; - } else { - if (q->parameters) - return -1; - else - return 0; - } -} - -int -_hx509_Certificate_cmp(const Certificate *p, const Certificate *q) -{ - int diff; - diff = der_heim_bit_string_cmp(&p->signatureValue, &q->signatureValue); - if (diff) - return diff; - diff = _hx509_AlgorithmIdentifier_cmp(&p->signatureAlgorithm, - &q->signatureAlgorithm); - if (diff) - return diff; - diff = der_heim_octet_string_cmp(&p->tbsCertificate._save, - &q->tbsCertificate._save); - return diff; -} - -/** - * Compare to hx509 certificate object, useful for sorting. - * - * @param p a hx509 certificate object. - * @param q a hx509 certificate object. - * - * @return 0 the objects are the same, returns > 0 is p is "larger" - * then q, < 0 if p is "smaller" then q. - * - * @ingroup hx509_cert - */ - -int -hx509_cert_cmp(hx509_cert p, hx509_cert q) -{ - return _hx509_Certificate_cmp(p->data, q->data); -} - -/** - * Return the name of the issuer of the hx509 certificate. - * - * @param p a hx509 certificate object. - * @param name a pointer to a hx509 name, should be freed by - * hx509_name_free(). - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_cert - */ - -int -hx509_cert_get_issuer(hx509_cert p, hx509_name *name) -{ - return _hx509_name_from_Name(&p->data->tbsCertificate.issuer, name); -} - -/** - * Return the name of the subject of the hx509 certificate. - * - * @param p a hx509 certificate object. - * @param name a pointer to a hx509 name, should be freed by - * hx509_name_free(). See also hx509_cert_get_base_subject(). - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_cert - */ - -int -hx509_cert_get_subject(hx509_cert p, hx509_name *name) -{ - return _hx509_name_from_Name(&p->data->tbsCertificate.subject, name); -} - -/** - * Return the name of the base subject of the hx509 certificate. If - * the certiicate is a verified proxy certificate, the this function - * return the base certificate (root of the proxy chain). If the proxy - * certificate is not verified with the base certificate - * HX509_PROXY_CERTIFICATE_NOT_CANONICALIZED is returned. - * - * @param context a hx509 context. - * @param c a hx509 certificate object. - * @param name a pointer to a hx509 name, should be freed by - * hx509_name_free(). See also hx509_cert_get_subject(). - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_cert - */ - -int -hx509_cert_get_base_subject(hx509_context context, hx509_cert c, - hx509_name *name) -{ - if (c->basename) - return hx509_name_copy(context, c->basename, name); - if (is_proxy_cert(context, c->data, NULL) == 0) { - int ret = HX509_PROXY_CERTIFICATE_NOT_CANONICALIZED; - hx509_set_error_string(context, 0, ret, - "Proxy certificate have not been " - "canonicalize yet, no base name"); - return ret; - } - return _hx509_name_from_Name(&c->data->tbsCertificate.subject, name); -} - -/** - * Get serial number of the certificate. - * - * @param p a hx509 certificate object. - * @param i serial number, should be freed ith der_free_heim_integer(). - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_cert - */ - -int -hx509_cert_get_serialnumber(hx509_cert p, heim_integer *i) -{ - return der_copy_heim_integer(&p->data->tbsCertificate.serialNumber, i); -} - -/** - * Get notBefore time of the certificate. - * - * @param p a hx509 certificate object. - * - * @return return not before time - * - * @ingroup hx509_cert - */ - -time_t -hx509_cert_get_notBefore(hx509_cert p) -{ - return _hx509_Time2time_t(&p->data->tbsCertificate.validity.notBefore); -} - -/** - * Get notAfter time of the certificate. - * - * @param p a hx509 certificate object. - * - * @return return not after time. - * - * @ingroup hx509_cert - */ - -time_t -hx509_cert_get_notAfter(hx509_cert p) -{ - return _hx509_Time2time_t(&p->data->tbsCertificate.validity.notAfter); -} - -/** - * Get the SubjectPublicKeyInfo structure from the hx509 certificate. - * - * @param context a hx509 context. - * @param p a hx509 certificate object. - * @param spki SubjectPublicKeyInfo, should be freed with - * free_SubjectPublicKeyInfo(). - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_cert - */ - -int -hx509_cert_get_SPKI(hx509_context context, hx509_cert p, SubjectPublicKeyInfo *spki) -{ - int ret; - - ret = copy_SubjectPublicKeyInfo(&p->data->tbsCertificate.subjectPublicKeyInfo, spki); - if (ret) - hx509_set_error_string(context, 0, ret, "Failed to copy SPKI"); - return ret; -} - -/** - * Get the AlgorithmIdentifier from the hx509 certificate. - * - * @param context a hx509 context. - * @param p a hx509 certificate object. - * @param alg AlgorithmIdentifier, should be freed with - * free_AlgorithmIdentifier(). - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_cert - */ - -int -hx509_cert_get_SPKI_AlgorithmIdentifier(hx509_context context, - hx509_cert p, - AlgorithmIdentifier *alg) -{ - int ret; - - ret = copy_AlgorithmIdentifier(&p->data->tbsCertificate.subjectPublicKeyInfo.algorithm, alg); - if (ret) - hx509_set_error_string(context, 0, ret, - "Failed to copy SPKI AlgorithmIdentifier"); - return ret; -} - - -hx509_private_key -_hx509_cert_private_key(hx509_cert p) -{ - return p->private_key; -} - -int -hx509_cert_have_private_key(hx509_cert p) -{ - return p->private_key ? 1 : 0; -} - - -int -_hx509_cert_private_key_exportable(hx509_cert p) -{ - if (p->private_key == NULL) - return 0; - return _hx509_private_key_exportable(p->private_key); -} - -int -_hx509_cert_private_decrypt(hx509_context context, - const heim_octet_string *ciphertext, - const heim_oid *encryption_oid, - hx509_cert p, - heim_octet_string *cleartext) -{ - cleartext->data = NULL; - cleartext->length = 0; - - if (p->private_key == NULL) { - hx509_set_error_string(context, 0, HX509_PRIVATE_KEY_MISSING, - "Private key missing"); - return HX509_PRIVATE_KEY_MISSING; - } - - return _hx509_private_key_private_decrypt(context, - ciphertext, - encryption_oid, - p->private_key, - cleartext); -} - -int -_hx509_cert_public_encrypt(hx509_context context, - const heim_octet_string *cleartext, - const hx509_cert p, - heim_oid *encryption_oid, - heim_octet_string *ciphertext) -{ - return _hx509_public_encrypt(context, - cleartext, p->data, - encryption_oid, ciphertext); -} - -/* - * - */ - -time_t -_hx509_Time2time_t(const Time *t) -{ - switch(t->element) { - case choice_Time_utcTime: - return t->u.utcTime; - case choice_Time_generalTime: - return t->u.generalTime; - } - return 0; -} - -/* - * - */ - -static int -init_name_constraints(hx509_name_constraints *nc) -{ - memset(nc, 0, sizeof(*nc)); - return 0; -} - -static int -add_name_constraints(hx509_context context, const Certificate *c, int not_ca, - hx509_name_constraints *nc) -{ - NameConstraints tnc; - int ret; - - ret = find_extension_name_constraints(c, &tnc); - if (ret == HX509_EXTENSION_NOT_FOUND) - return 0; - else if (ret) { - hx509_set_error_string(context, 0, ret, "Failed getting NameConstraints"); - return ret; - } else if (not_ca) { - ret = HX509_VERIFY_CONSTRAINTS; - hx509_set_error_string(context, 0, ret, "Not a CA and " - "have NameConstraints"); - } else { - NameConstraints *val; - val = realloc(nc->val, sizeof(nc->val[0]) * (nc->len + 1)); - if (val == NULL) { - hx509_clear_error_string(context); - ret = ENOMEM; - goto out; - } - nc->val = val; - ret = copy_NameConstraints(&tnc, &nc->val[nc->len]); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - nc->len += 1; - } -out: - free_NameConstraints(&tnc); - return ret; -} - -static int -match_RDN(const RelativeDistinguishedName *c, - const RelativeDistinguishedName *n) -{ - int i; - - if (c->len != n->len) - return HX509_NAME_CONSTRAINT_ERROR; - - for (i = 0; i < n->len; i++) { - if (der_heim_oid_cmp(&c->val[i].type, &n->val[i].type) != 0) - return HX509_NAME_CONSTRAINT_ERROR; - if (_hx509_name_ds_cmp(&c->val[i].value, &n->val[i].value) != 0) - return HX509_NAME_CONSTRAINT_ERROR; - } - return 0; -} - -static int -match_X501Name(const Name *c, const Name *n) -{ - int i, ret; - - if (c->element != choice_Name_rdnSequence - || n->element != choice_Name_rdnSequence) - return 0; - if (c->u.rdnSequence.len > n->u.rdnSequence.len) - return HX509_NAME_CONSTRAINT_ERROR; - for (i = 0; i < c->u.rdnSequence.len; i++) { - ret = match_RDN(&c->u.rdnSequence.val[i], &n->u.rdnSequence.val[i]); - if (ret) - return ret; - } - return 0; -} - - -static int -match_general_name(const GeneralName *c, const GeneralName *n, int *match) -{ - /* - * Name constraints only apply to the same name type, see RFC3280, - * 4.2.1.11. - */ - assert(c->element == n->element); - - switch(c->element) { - case choice_GeneralName_otherName: - if (der_heim_oid_cmp(&c->u.otherName.type_id, - &n->u.otherName.type_id) != 0) - return HX509_NAME_CONSTRAINT_ERROR; - if (heim_any_cmp(&c->u.otherName.value, - &n->u.otherName.value) != 0) - return HX509_NAME_CONSTRAINT_ERROR; - *match = 1; - return 0; - case choice_GeneralName_rfc822Name: { - const char *s; - size_t len1, len2; - s = strchr(c->u.rfc822Name, '@'); - if (s) { - if (strcasecmp(c->u.rfc822Name, n->u.rfc822Name) != 0) - return HX509_NAME_CONSTRAINT_ERROR; - } else { - s = strchr(n->u.rfc822Name, '@'); - if (s == NULL) - return HX509_NAME_CONSTRAINT_ERROR; - len1 = strlen(c->u.rfc822Name); - len2 = strlen(s + 1); - if (len1 > len2) - return HX509_NAME_CONSTRAINT_ERROR; - if (strcasecmp(s + 1 + len2 - len1, c->u.rfc822Name) != 0) - return HX509_NAME_CONSTRAINT_ERROR; - if (len1 < len2 && s[len2 - len1 + 1] != '.') - return HX509_NAME_CONSTRAINT_ERROR; - } - *match = 1; - return 0; - } - case choice_GeneralName_dNSName: { - size_t lenc, lenn; - - lenc = strlen(c->u.dNSName); - lenn = strlen(n->u.dNSName); - if (lenc > lenn) - return HX509_NAME_CONSTRAINT_ERROR; - if (strcasecmp(&n->u.dNSName[lenn - lenc], c->u.dNSName) != 0) - return HX509_NAME_CONSTRAINT_ERROR; - if (lenc != lenn && n->u.dNSName[lenn - lenc - 1] != '.') - return HX509_NAME_CONSTRAINT_ERROR; - *match = 1; - return 0; - } - case choice_GeneralName_directoryName: { - Name c_name, n_name; - int ret; - - c_name._save.data = NULL; - c_name._save.length = 0; - c_name.element = c->u.directoryName.element; - c_name.u.rdnSequence = c->u.directoryName.u.rdnSequence; - - n_name._save.data = NULL; - n_name._save.length = 0; - n_name.element = n->u.directoryName.element; - n_name.u.rdnSequence = n->u.directoryName.u.rdnSequence; - - ret = match_X501Name(&c_name, &n_name); - if (ret == 0) - *match = 1; - return ret; - } - case choice_GeneralName_uniformResourceIdentifier: - case choice_GeneralName_iPAddress: - case choice_GeneralName_registeredID: - default: - return HX509_NAME_CONSTRAINT_ERROR; - } -} - -static int -match_alt_name(const GeneralName *n, const Certificate *c, - int *same, int *match) -{ - GeneralNames sa; - int ret, i, j; - - i = 0; - do { - ret = find_extension_subject_alt_name(c, &i, &sa); - if (ret == HX509_EXTENSION_NOT_FOUND) { - ret = 0; - break; - } else if (ret != 0) - break; - - for (j = 0; j < sa.len; j++) { - if (n->element == sa.val[j].element) { - *same = 1; - ret = match_general_name(n, &sa.val[j], match); - } - } - free_GeneralNames(&sa); - } while (1); - return ret; -} - - -static int -match_tree(const GeneralSubtrees *t, const Certificate *c, int *match) -{ - int name, alt_name, same; - unsigned int i; - int ret = 0; - - name = alt_name = same = *match = 0; - for (i = 0; i < t->len; i++) { - if (t->val[i].minimum && t->val[i].maximum) - return HX509_RANGE; - - /* - * If the constraint apply to directoryNames, test is with - * subjectName of the certificate if the certificate have a - * non-null (empty) subjectName. - */ - - if (t->val[i].base.element == choice_GeneralName_directoryName - && !subject_null_p(c)) - { - GeneralName certname; - - memset(&certname, 0, sizeof(certname)); - certname.element = choice_GeneralName_directoryName; - certname.u.directoryName.element = - c->tbsCertificate.subject.element; - certname.u.directoryName.u.rdnSequence = - c->tbsCertificate.subject.u.rdnSequence; - - ret = match_general_name(&t->val[i].base, &certname, &name); - } - - /* Handle subjectAltNames, this is icky since they - * restrictions only apply if the subjectAltName is of the - * same type. So if there have been a match of type, require - * altname to be set. - */ - ret = match_alt_name(&t->val[i].base, c, &same, &alt_name); - } - if (name && (!same || alt_name)) - *match = 1; - return ret; -} - -static int -check_name_constraints(hx509_context context, - const hx509_name_constraints *nc, - const Certificate *c) -{ - int match, ret; - int i; - - for (i = 0 ; i < nc->len; i++) { - GeneralSubtrees gs; - - if (nc->val[i].permittedSubtrees) { - GeneralSubtrees_SET(&gs, nc->val[i].permittedSubtrees); - ret = match_tree(&gs, c, &match); - if (ret) { - hx509_clear_error_string(context); - return ret; - } - /* allow null subjectNames, they wont matches anything */ - if (match == 0 && !subject_null_p(c)) { - hx509_set_error_string(context, 0, HX509_VERIFY_CONSTRAINTS, - "Error verify constraints, " - "certificate didn't match any " - "permitted subtree"); - return HX509_VERIFY_CONSTRAINTS; - } - } - if (nc->val[i].excludedSubtrees) { - GeneralSubtrees_SET(&gs, nc->val[i].excludedSubtrees); - ret = match_tree(&gs, c, &match); - if (ret) { - hx509_clear_error_string(context); - return ret; - } - if (match) { - hx509_set_error_string(context, 0, HX509_VERIFY_CONSTRAINTS, - "Error verify constraints, " - "certificate included in excluded " - "subtree"); - return HX509_VERIFY_CONSTRAINTS; - } - } - } - return 0; -} - -static void -free_name_constraints(hx509_name_constraints *nc) -{ - int i; - - for (i = 0 ; i < nc->len; i++) - free_NameConstraints(&nc->val[i]); - free(nc->val); -} - -/** - * Build and verify the path for the certificate to the trust anchor - * specified in the verify context. The path is constructed from the - * certificate, the pool and the trust anchors. - * - * @param context A hx509 context. - * @param ctx A hx509 verification context. - * @param cert the certificate to build the path from. - * @param pool A keyset of certificates to build the chain from. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_verify - */ - -int -hx509_verify_path(hx509_context context, - hx509_verify_ctx ctx, - hx509_cert cert, - hx509_certs pool) -{ - hx509_name_constraints nc; - hx509_path path; -#if 0 - const AlgorithmIdentifier *alg_id; -#endif - int ret, i, proxy_cert_depth, selfsigned_depth; - enum certtype type; - Name proxy_issuer; - hx509_certs anchors = NULL; - - memset(&proxy_issuer, 0, sizeof(proxy_issuer)); - - ret = init_name_constraints(&nc); - if (ret) - return ret; - - path.val = NULL; - path.len = 0; - - if ((ctx->flags & HX509_VERIFY_CTX_F_TIME_SET) == 0) - ctx->time_now = time(NULL); - - /* - * - */ - if (ctx->trust_anchors) - anchors = _hx509_certs_ref(ctx->trust_anchors); - else if (context->default_trust_anchors && ALLOW_DEF_TA(ctx)) - anchors = _hx509_certs_ref(context->default_trust_anchors); - else { - ret = hx509_certs_init(context, "MEMORY:no-TA", 0, NULL, &anchors); - if (ret) - goto out; - } - - /* - * Calculate the path from the certificate user presented to the - * to an anchor. - */ - ret = _hx509_calculate_path(context, 0, ctx->time_now, - anchors, ctx->max_depth, - cert, pool, &path); - if (ret) - goto out; - -#if 0 - alg_id = path.val[path->len - 1]->data->tbsCertificate.signature; -#endif - - /* - * Check CA and proxy certificate chain from the top of the - * certificate chain. Also check certificate is valid with respect - * to the current time. - * - */ - - proxy_cert_depth = 0; - selfsigned_depth = 0; - - if (ctx->flags & HX509_VERIFY_CTX_F_ALLOW_PROXY_CERTIFICATE) - type = PROXY_CERT; - else - type = EE_CERT; - - for (i = 0; i < path.len; i++) { - Certificate *c; - time_t t; - - c = _hx509_get_cert(path.val[i]); - - /* - * Lets do some basic check on issuer like - * keyUsage.keyCertSign and basicConstraints.cA bit depending - * on what type of certificate this is. - */ - - switch (type) { - case CA_CERT: - /* XXX make constants for keyusage */ - ret = check_key_usage(context, c, 1 << 5, - REQUIRE_RFC3280(ctx) ? TRUE : FALSE); - if (ret) { - hx509_set_error_string(context, HX509_ERROR_APPEND, ret, - "Key usage missing from CA certificate"); - goto out; - } - - if (i + 1 != path.len && certificate_is_self_signed(c)) - selfsigned_depth++; - - break; - case PROXY_CERT: { - ProxyCertInfo info; - - if (is_proxy_cert(context, c, &info) == 0) { - int j; - - if (info.pCPathLenConstraint != NULL && - *info.pCPathLenConstraint < i) - { - free_ProxyCertInfo(&info); - ret = HX509_PATH_TOO_LONG; - hx509_set_error_string(context, 0, ret, - "Proxy certificate chain " - "longer then allowed"); - goto out; - } - /* XXX MUST check info.proxyPolicy */ - free_ProxyCertInfo(&info); - - j = 0; - if (find_extension(c, oid_id_x509_ce_subjectAltName(), &j)) { - ret = HX509_PROXY_CERT_INVALID; - hx509_set_error_string(context, 0, ret, - "Proxy certificate have explicity " - "forbidden subjectAltName"); - goto out; - } - - j = 0; - if (find_extension(c, oid_id_x509_ce_issuerAltName(), &j)) { - ret = HX509_PROXY_CERT_INVALID; - hx509_set_error_string(context, 0, ret, - "Proxy certificate have explicity " - "forbidden issuerAltName"); - goto out; - } - - /* - * The subject name of the proxy certificate should be - * CN=XXX,, prune of CN and check if its - * the same over the whole chain of proxy certs and - * then check with the EE cert when we get to it. - */ - - if (proxy_cert_depth) { - ret = _hx509_name_cmp(&proxy_issuer, &c->tbsCertificate.subject); - if (ret) { - ret = HX509_PROXY_CERT_NAME_WRONG; - hx509_set_error_string(context, 0, ret, - "Base proxy name not right"); - goto out; - } - } - - free_Name(&proxy_issuer); - - ret = copy_Name(&c->tbsCertificate.subject, &proxy_issuer); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - - j = proxy_issuer.u.rdnSequence.len; - if (proxy_issuer.u.rdnSequence.len < 2 - || proxy_issuer.u.rdnSequence.val[j - 1].len > 1 - || der_heim_oid_cmp(&proxy_issuer.u.rdnSequence.val[j - 1].val[0].type, - oid_id_at_commonName())) - { - ret = HX509_PROXY_CERT_NAME_WRONG; - hx509_set_error_string(context, 0, ret, - "Proxy name too short or " - "does not have Common name " - "at the top"); - goto out; - } - - free_RelativeDistinguishedName(&proxy_issuer.u.rdnSequence.val[j - 1]); - proxy_issuer.u.rdnSequence.len -= 1; - - ret = _hx509_name_cmp(&proxy_issuer, &c->tbsCertificate.issuer); - if (ret != 0) { - ret = HX509_PROXY_CERT_NAME_WRONG; - hx509_set_error_string(context, 0, ret, - "Proxy issuer name not as expected"); - goto out; - } - - break; - } else { - /* - * Now we are done with the proxy certificates, this - * cert was an EE cert and we we will fall though to - * EE checking below. - */ - type = EE_CERT; - /* FALLTHOUGH */ - } - } - case EE_CERT: - /* - * If there where any proxy certificates in the chain - * (proxy_cert_depth > 0), check that the proxy issuer - * matched proxy certificates "base" subject. - */ - if (proxy_cert_depth) { - - ret = _hx509_name_cmp(&proxy_issuer, - &c->tbsCertificate.subject); - if (ret) { - ret = HX509_PROXY_CERT_NAME_WRONG; - hx509_clear_error_string(context); - goto out; - } - if (cert->basename) - hx509_name_free(&cert->basename); - - ret = _hx509_name_from_Name(&proxy_issuer, &cert->basename); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - } - - break; - } - - ret = check_basic_constraints(context, c, type, - i - proxy_cert_depth - selfsigned_depth); - if (ret) - goto out; - - /* - * Don't check the trust anchors expiration time since they - * are transported out of band, from RFC3820. - */ - if (i + 1 != path.len || CHECK_TA(ctx)) { - - t = _hx509_Time2time_t(&c->tbsCertificate.validity.notBefore); - if (t > ctx->time_now) { - ret = HX509_CERT_USED_BEFORE_TIME; - hx509_clear_error_string(context); - goto out; - } - t = _hx509_Time2time_t(&c->tbsCertificate.validity.notAfter); - if (t < ctx->time_now) { - ret = HX509_CERT_USED_AFTER_TIME; - hx509_clear_error_string(context); - goto out; - } - } - - if (type == EE_CERT) - type = CA_CERT; - else if (type == PROXY_CERT) - proxy_cert_depth++; - } - - /* - * Verify constraints, do this backward so path constraints are - * checked in the right order. - */ - - for (ret = 0, i = path.len - 1; i >= 0; i--) { - Certificate *c; - - c = _hx509_get_cert(path.val[i]); - - /* verify name constraints, not for selfsigned and anchor */ - if (!certificate_is_self_signed(c) || i + 1 != path.len) { - ret = check_name_constraints(context, &nc, c); - if (ret) { - goto out; - } - } - ret = add_name_constraints(context, c, i == 0, &nc); - if (ret) - goto out; - - /* XXX verify all other silly constraints */ - - } - - /* - * Verify that no certificates has been revoked. - */ - - if (ctx->revoke_ctx) { - hx509_certs certs; - - ret = hx509_certs_init(context, "MEMORY:revoke-certs", 0, - NULL, &certs); - if (ret) - goto out; - - for (i = 0; i < path.len; i++) { - ret = hx509_certs_add(context, certs, path.val[i]); - if (ret) { - hx509_certs_free(&certs); - goto out; - } - } - ret = hx509_certs_merge(context, certs, pool); - if (ret) { - hx509_certs_free(&certs); - goto out; - } - - for (i = 0; i < path.len - 1; i++) { - int parent = (i < path.len - 1) ? i + 1 : i; - - ret = hx509_revoke_verify(context, - ctx->revoke_ctx, - certs, - ctx->time_now, - path.val[i], - path.val[parent]); - if (ret) { - hx509_certs_free(&certs); - goto out; - } - } - hx509_certs_free(&certs); - } - - /* - * Verify signatures, do this backward so public key working - * parameter is passed up from the anchor up though the chain. - */ - - for (i = path.len - 1; i >= 0; i--) { - Certificate *signer, *c; - - c = _hx509_get_cert(path.val[i]); - - /* is last in chain (trust anchor) */ - if (i + 1 == path.len) { - signer = path.val[i]->data; - - /* if trust anchor is not self signed, don't check sig */ - if (!certificate_is_self_signed(signer)) - continue; - } else { - /* take next certificate in chain */ - signer = path.val[i + 1]->data; - } - - /* verify signatureValue */ - ret = _hx509_verify_signature_bitstring(context, - signer, - &c->signatureAlgorithm, - &c->tbsCertificate._save, - &c->signatureValue); - if (ret) { - hx509_set_error_string(context, HX509_ERROR_APPEND, ret, - "Failed to verify signature of certificate"); - goto out; - } - } - -out: - hx509_certs_free(&anchors); - free_Name(&proxy_issuer); - free_name_constraints(&nc); - _hx509_path_free(&path); - - return ret; -} - -/** - * Verify a signature made using the private key of an certificate. - * - * @param context A hx509 context. - * @param signer the certificate that made the signature. - * @param alg algorthm that was used to sign the data. - * @param data the data that was signed. - * @param sig the sigature to verify. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_crypto - */ - -int -hx509_verify_signature(hx509_context context, - const hx509_cert signer, - const AlgorithmIdentifier *alg, - const heim_octet_string *data, - const heim_octet_string *sig) -{ - return _hx509_verify_signature(context, signer->data, alg, data, sig); -} - - -/** - * Verify that the certificate is allowed to be used for the hostname - * and address. - * - * @param context A hx509 context. - * @param cert the certificate to match with - * @param flags Flags to modify the behavior: - * - HX509_VHN_F_ALLOW_NO_MATCH no match is ok - * @param type type of hostname: - * - HX509_HN_HOSTNAME for plain hostname. - * - HX509_HN_DNSSRV for DNS SRV names. - * @param hostname the hostname to check - * @param sa address of the host - * @param sa_size length of address - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_cert - */ - -int -hx509_verify_hostname(hx509_context context, - const hx509_cert cert, - int flags, - hx509_hostname_type type, - const char *hostname, - const struct sockaddr *sa, - /* XXX krb5_socklen_t */ int sa_size) -{ - GeneralNames san; - int ret, i, j; - - if (sa && sa_size <= 0) - return EINVAL; - - memset(&san, 0, sizeof(san)); - - i = 0; - do { - ret = find_extension_subject_alt_name(cert->data, &i, &san); - if (ret == HX509_EXTENSION_NOT_FOUND) { - ret = 0; - break; - } else if (ret != 0) - break; - - for (j = 0; j < san.len; j++) { - switch (san.val[j].element) { - case choice_GeneralName_dNSName: - if (strcasecmp(san.val[j].u.dNSName, hostname) == 0) { - free_GeneralNames(&san); - return 0; - } - break; - default: - break; - } - } - free_GeneralNames(&san); - } while (1); - - { - Name *name = &cert->data->tbsCertificate.subject; - - /* match if first component is a CN= */ - if (name->u.rdnSequence.len > 0 - && name->u.rdnSequence.val[0].len == 1 - && der_heim_oid_cmp(&name->u.rdnSequence.val[0].val[0].type, - oid_id_at_commonName()) == 0) - { - DirectoryString *ds = &name->u.rdnSequence.val[0].val[0].value; - - switch (ds->element) { - case choice_DirectoryString_printableString: - if (strcasecmp(ds->u.printableString, hostname) == 0) - return 0; - break; - case choice_DirectoryString_ia5String: - if (strcasecmp(ds->u.ia5String, hostname) == 0) - return 0; - break; - case choice_DirectoryString_utf8String: - if (strcasecmp(ds->u.utf8String, hostname) == 0) - return 0; - default: - break; - } - } - } - - if ((flags & HX509_VHN_F_ALLOW_NO_MATCH) == 0) - ret = HX509_NAME_CONSTRAINT_ERROR; - - return ret; -} - -int -_hx509_set_cert_attribute(hx509_context context, - hx509_cert cert, - const heim_oid *oid, - const heim_octet_string *attr) -{ - hx509_cert_attribute a; - void *d; - - if (hx509_cert_get_attribute(cert, oid) != NULL) - return 0; - - d = realloc(cert->attrs.val, - sizeof(cert->attrs.val[0]) * (cert->attrs.len + 1)); - if (d == NULL) { - hx509_clear_error_string(context); - return ENOMEM; - } - cert->attrs.val = d; - - a = malloc(sizeof(*a)); - if (a == NULL) - return ENOMEM; - - der_copy_octet_string(attr, &a->data); - der_copy_oid(oid, &a->oid); - - cert->attrs.val[cert->attrs.len] = a; - cert->attrs.len++; - - return 0; -} - -/** - * Get an external attribute for the certificate, examples are - * friendly name and id. - * - * @param cert hx509 certificate object to search - * @param oid an oid to search for. - * - * @return an hx509_cert_attribute, only valid as long as the - * certificate is referenced. - * - * @ingroup hx509_cert - */ - -hx509_cert_attribute -hx509_cert_get_attribute(hx509_cert cert, const heim_oid *oid) -{ - int i; - for (i = 0; i < cert->attrs.len; i++) - if (der_heim_oid_cmp(oid, &cert->attrs.val[i]->oid) == 0) - return cert->attrs.val[i]; - return NULL; -} - -/** - * Set the friendly name on the certificate. - * - * @param cert The certificate to set the friendly name on - * @param name Friendly name. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_cert - */ - -int -hx509_cert_set_friendly_name(hx509_cert cert, const char *name) -{ - if (cert->friendlyname) - free(cert->friendlyname); - cert->friendlyname = strdup(name); - if (cert->friendlyname == NULL) - return ENOMEM; - return 0; -} - -/** - * Get friendly name of the certificate. - * - * @param cert cert to get the friendly name from. - * - * @return an friendly name or NULL if there is. The friendly name is - * only valid as long as the certificate is referenced. - * - * @ingroup hx509_cert - */ - -const char * -hx509_cert_get_friendly_name(hx509_cert cert) -{ - hx509_cert_attribute a; - PKCS9_friendlyName n; - size_t sz; - int ret, i; - - if (cert->friendlyname) - return cert->friendlyname; - - a = hx509_cert_get_attribute(cert, oid_id_pkcs_9_at_friendlyName()); - if (a == NULL) { - /* XXX use subject name ? */ - return NULL; - } - - ret = decode_PKCS9_friendlyName(a->data.data, a->data.length, &n, &sz); - if (ret) - return NULL; - - if (n.len != 1) { - free_PKCS9_friendlyName(&n); - return NULL; - } - - cert->friendlyname = malloc(n.val[0].length + 1); - if (cert->friendlyname == NULL) { - free_PKCS9_friendlyName(&n); - return NULL; - } - - for (i = 0; i < n.val[0].length; i++) { - if (n.val[0].data[i] <= 0xff) - cert->friendlyname[i] = n.val[0].data[i] & 0xff; - else - cert->friendlyname[i] = 'X'; - } - cert->friendlyname[i] = '\0'; - free_PKCS9_friendlyName(&n); - - return cert->friendlyname; -} - -void -_hx509_query_clear(hx509_query *q) -{ - memset(q, 0, sizeof(*q)); -} - -/** - * Allocate an query controller. Free using hx509_query_free(). - * - * @param context A hx509 context. - * @param q return pointer to a hx509_query. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_cert - */ - -int -hx509_query_alloc(hx509_context context, hx509_query **q) -{ - *q = calloc(1, sizeof(**q)); - if (*q == NULL) - return ENOMEM; - return 0; -} - -/** - * Set match options for the hx509 query controller. - * - * @param q query controller. - * @param option options to control the query controller. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_cert - */ - -void -hx509_query_match_option(hx509_query *q, hx509_query_option option) -{ - switch(option) { - case HX509_QUERY_OPTION_PRIVATE_KEY: - q->match |= HX509_QUERY_PRIVATE_KEY; - break; - case HX509_QUERY_OPTION_KU_ENCIPHERMENT: - q->match |= HX509_QUERY_KU_ENCIPHERMENT; - break; - case HX509_QUERY_OPTION_KU_DIGITALSIGNATURE: - q->match |= HX509_QUERY_KU_DIGITALSIGNATURE; - break; - case HX509_QUERY_OPTION_KU_KEYCERTSIGN: - q->match |= HX509_QUERY_KU_KEYCERTSIGN; - break; - case HX509_QUERY_OPTION_END: - default: - break; - } -} - -/** - * Set the issuer and serial number of match in the query - * controller. The function make copies of the isser and serial number. - * - * @param q a hx509 query controller - * @param issuer issuer to search for - * @param serialNumber the serialNumber of the issuer. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_cert - */ - -int -hx509_query_match_issuer_serial(hx509_query *q, - const Name *issuer, - const heim_integer *serialNumber) -{ - int ret; - if (q->serial) { - der_free_heim_integer(q->serial); - free(q->serial); - } - q->serial = malloc(sizeof(*q->serial)); - if (q->serial == NULL) - return ENOMEM; - ret = der_copy_heim_integer(serialNumber, q->serial); - if (ret) { - free(q->serial); - q->serial = NULL; - return ret; - } - if (q->issuer_name) { - free_Name(q->issuer_name); - free(q->issuer_name); - } - q->issuer_name = malloc(sizeof(*q->issuer_name)); - if (q->issuer_name == NULL) - return ENOMEM; - ret = copy_Name(issuer, q->issuer_name); - if (ret) { - free(q->issuer_name); - q->issuer_name = NULL; - return ret; - } - q->match |= HX509_QUERY_MATCH_SERIALNUMBER|HX509_QUERY_MATCH_ISSUER_NAME; - return 0; -} - -/** - * Set the query controller to match on a friendly name - * - * @param q a hx509 query controller. - * @param name a friendly name to match on - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_cert - */ - -int -hx509_query_match_friendly_name(hx509_query *q, const char *name) -{ - if (q->friendlyname) - free(q->friendlyname); - q->friendlyname = strdup(name); - if (q->friendlyname == NULL) - return ENOMEM; - q->match |= HX509_QUERY_MATCH_FRIENDLY_NAME; - return 0; -} - -/** - * Set the query controller to match using a specific match function. - * - * @param q a hx509 query controller. - * @param func function to use for matching, if the argument is NULL, - * the match function is removed. - * @param ctx context passed to the function. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_cert - */ - -int -hx509_query_match_cmp_func(hx509_query *q, - int (*func)(void *, hx509_cert), - void *ctx) -{ - if (func) - q->match |= HX509_QUERY_MATCH_FUNCTION; - else - q->match &= ~HX509_QUERY_MATCH_FUNCTION; - q->cmp_func = func; - q->cmp_func_ctx = ctx; - return 0; -} - -/** - * Free the query controller. - * - * @param context A hx509 context. - * @param q a pointer to the query controller. - * - * @ingroup hx509_cert - */ - -void -hx509_query_free(hx509_context context, hx509_query *q) -{ - if (q->serial) { - der_free_heim_integer(q->serial); - free(q->serial); - q->serial = NULL; - } - if (q->issuer_name) { - free_Name(q->issuer_name); - free(q->issuer_name); - q->issuer_name = NULL; - } - if (q) { - free(q->friendlyname); - memset(q, 0, sizeof(*q)); - } - free(q); -} - -int -_hx509_query_match_cert(hx509_context context, const hx509_query *q, hx509_cert cert) -{ - Certificate *c = _hx509_get_cert(cert); - - _hx509_query_statistic(context, 1, q); - - if ((q->match & HX509_QUERY_FIND_ISSUER_CERT) && - _hx509_cert_is_parent_cmp(q->subject, c, 0) != 0) - return 0; - - if ((q->match & HX509_QUERY_MATCH_CERTIFICATE) && - _hx509_Certificate_cmp(q->certificate, c) != 0) - return 0; - - if ((q->match & HX509_QUERY_MATCH_SERIALNUMBER) - && der_heim_integer_cmp(&c->tbsCertificate.serialNumber, q->serial) != 0) - return 0; - - if ((q->match & HX509_QUERY_MATCH_ISSUER_NAME) - && _hx509_name_cmp(&c->tbsCertificate.issuer, q->issuer_name) != 0) - return 0; - - if ((q->match & HX509_QUERY_MATCH_SUBJECT_NAME) - && _hx509_name_cmp(&c->tbsCertificate.subject, q->subject_name) != 0) - return 0; - - if (q->match & HX509_QUERY_MATCH_SUBJECT_KEY_ID) { - SubjectKeyIdentifier si; - int ret; - - ret = _hx509_find_extension_subject_key_id(c, &si); - if (ret == 0) { - if (der_heim_octet_string_cmp(&si, q->subject_id) != 0) - ret = 1; - free_SubjectKeyIdentifier(&si); - } - if (ret) - return 0; - } - if ((q->match & HX509_QUERY_MATCH_ISSUER_ID)) - return 0; - if ((q->match & HX509_QUERY_PRIVATE_KEY) && - _hx509_cert_private_key(cert) == NULL) - return 0; - - { - unsigned ku = 0; - if (q->match & HX509_QUERY_KU_DIGITALSIGNATURE) - ku |= (1 << 0); - if (q->match & HX509_QUERY_KU_NONREPUDIATION) - ku |= (1 << 1); - if (q->match & HX509_QUERY_KU_ENCIPHERMENT) - ku |= (1 << 2); - if (q->match & HX509_QUERY_KU_DATAENCIPHERMENT) - ku |= (1 << 3); - if (q->match & HX509_QUERY_KU_KEYAGREEMENT) - ku |= (1 << 4); - if (q->match & HX509_QUERY_KU_KEYCERTSIGN) - ku |= (1 << 5); - if (q->match & HX509_QUERY_KU_CRLSIGN) - ku |= (1 << 6); - if (ku && check_key_usage(context, c, ku, TRUE)) - return 0; - } - if ((q->match & HX509_QUERY_ANCHOR)) - return 0; - - if (q->match & HX509_QUERY_MATCH_LOCAL_KEY_ID) { - hx509_cert_attribute a; - - a = hx509_cert_get_attribute(cert, oid_id_pkcs_9_at_localKeyId()); - if (a == NULL) - return 0; - if (der_heim_octet_string_cmp(&a->data, q->local_key_id) != 0) - return 0; - } - - if (q->match & HX509_QUERY_NO_MATCH_PATH) { - size_t i; - - for (i = 0; i < q->path->len; i++) - if (hx509_cert_cmp(q->path->val[i], cert) == 0) - return 0; - } - if (q->match & HX509_QUERY_MATCH_FRIENDLY_NAME) { - const char *name = hx509_cert_get_friendly_name(cert); - if (name == NULL) - return 0; - if (strcasecmp(q->friendlyname, name) != 0) - return 0; - } - if (q->match & HX509_QUERY_MATCH_FUNCTION) { - int ret = (*q->cmp_func)(q->cmp_func_ctx, cert); - if (ret != 0) - return 0; - } - - if (q->match & HX509_QUERY_MATCH_KEY_HASH_SHA1) { - heim_octet_string os; - int ret; - - os.data = c->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.data; - os.length = - c->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.length / 8; - - ret = _hx509_verify_signature(context, - NULL, - hx509_signature_sha1(), - &os, - q->keyhash_sha1); - if (ret != 0) - return 0; - } - - if (q->match & HX509_QUERY_MATCH_TIME) { - time_t t; - t = _hx509_Time2time_t(&c->tbsCertificate.validity.notBefore); - if (t > q->timenow) - return 0; - t = _hx509_Time2time_t(&c->tbsCertificate.validity.notAfter); - if (t < q->timenow) - return 0; - } - - if (q->match & ~HX509_QUERY_MASK) - return 0; - - return 1; -} - -/** - * Set a statistic file for the query statistics. - * - * @param context A hx509 context. - * @param fn statistics file name - * - * @ingroup hx509_cert - */ - -void -hx509_query_statistic_file(hx509_context context, const char *fn) -{ - if (context->querystat) - free(context->querystat); - context->querystat = strdup(fn); -} - -void -_hx509_query_statistic(hx509_context context, int type, const hx509_query *q) -{ - FILE *f; - if (context->querystat == NULL) - return; - f = fopen(context->querystat, "a"); - if (f == NULL) - return; - fprintf(f, "%d %d\n", type, q->match); - fclose(f); -} - -static const char *statname[] = { - "find issuer cert", - "match serialnumber", - "match issuer name", - "match subject name", - "match subject key id", - "match issuer id", - "private key", - "ku encipherment", - "ku digitalsignature", - "ku keycertsign", - "ku crlsign", - "ku nonrepudiation", - "ku keyagreement", - "ku dataencipherment", - "anchor", - "match certificate", - "match local key id", - "no match path", - "match friendly name", - "match function", - "match key hash sha1", - "match time" -}; - -struct stat_el { - unsigned long stats; - unsigned int index; -}; - - -static int -stat_sort(const void *a, const void *b) -{ - const struct stat_el *ae = a; - const struct stat_el *be = b; - return be->stats - ae->stats; -} - -/** - * Unparse the statistics file and print the result on a FILE descriptor. - * - * @param context A hx509 context. - * @param printtype tyep to print - * @param out the FILE to write the data on. - * - * @ingroup hx509_cert - */ - -void -hx509_query_unparse_stats(hx509_context context, int printtype, FILE *out) -{ - rtbl_t t; - FILE *f; - int type, mask, i, num; - unsigned long multiqueries = 0, totalqueries = 0; - struct stat_el stats[32]; - - if (context->querystat == NULL) - return; - f = fopen(context->querystat, "r"); - if (f == NULL) { - fprintf(out, "No statistic file %s: %s.\n", - context->querystat, strerror(errno)); - return; - } - - for (i = 0; i < sizeof(stats)/sizeof(stats[0]); i++) { - stats[i].index = i; - stats[i].stats = 0; - } - - while (fscanf(f, "%d %d\n", &type, &mask) == 2) { - if (type != printtype) - continue; - num = i = 0; - while (mask && i < sizeof(stats)/sizeof(stats[0])) { - if (mask & 1) { - stats[i].stats++; - num++; - } - mask = mask >>1 ; - i++; - } - if (num > 1) - multiqueries++; - totalqueries++; - } - fclose(f); - - qsort(stats, sizeof(stats)/sizeof(stats[0]), sizeof(stats[0]), stat_sort); - - t = rtbl_create(); - if (t == NULL) - errx(1, "out of memory"); - - rtbl_set_separator (t, " "); - - rtbl_add_column_by_id (t, 0, "Name", 0); - rtbl_add_column_by_id (t, 1, "Counter", 0); - - - for (i = 0; i < sizeof(stats)/sizeof(stats[0]); i++) { - char str[10]; - - if (stats[i].index < sizeof(statname)/sizeof(statname[0])) - rtbl_add_column_entry_by_id (t, 0, statname[stats[i].index]); - else { - snprintf(str, sizeof(str), "%d", stats[i].index); - rtbl_add_column_entry_by_id (t, 0, str); - } - snprintf(str, sizeof(str), "%lu", stats[i].stats); - rtbl_add_column_entry_by_id (t, 1, str); - } - - rtbl_format(t, out); - rtbl_destroy(t); - - fprintf(out, "\nQueries: multi %lu total %lu\n", - multiqueries, totalqueries); -} - -/** - * Check the extended key usage on the hx509 certificate. - * - * @param context A hx509 context. - * @param cert A hx509 context. - * @param eku the EKU to check for - * @param allow_any_eku if the any EKU is set, allow that to be a - * substitute. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_cert - */ - -int -hx509_cert_check_eku(hx509_context context, hx509_cert cert, - const heim_oid *eku, int allow_any_eku) -{ - ExtKeyUsage e; - int ret, i; - - ret = find_extension_eku(_hx509_get_cert(cert), &e); - if (ret) { - hx509_clear_error_string(context); - return ret; - } - - for (i = 0; i < e.len; i++) { - if (der_heim_oid_cmp(eku, &e.val[i]) == 0) { - free_ExtKeyUsage(&e); - return 0; - } - if (allow_any_eku) { -#if 0 - if (der_heim_oid_cmp(id_any_eku, &e.val[i]) == 0) { - free_ExtKeyUsage(&e); - return 0; - } -#endif - } - } - free_ExtKeyUsage(&e); - hx509_clear_error_string(context); - return HX509_CERTIFICATE_MISSING_EKU; -} - -int -_hx509_cert_get_keyusage(hx509_context context, - hx509_cert c, - KeyUsage *ku) -{ - Certificate *cert; - const Extension *e; - size_t size; - int ret, i = 0; - - memset(ku, 0, sizeof(*ku)); - - cert = _hx509_get_cert(c); - - if (_hx509_cert_get_version(cert) < 3) - return 0; - - e = find_extension(cert, oid_id_x509_ce_keyUsage(), &i); - if (e == NULL) - return HX509_KU_CERT_MISSING; - - ret = decode_KeyUsage(e->extnValue.data, e->extnValue.length, ku, &size); - if (ret) - return ret; - return 0; -} - -int -_hx509_cert_get_eku(hx509_context context, - hx509_cert cert, - ExtKeyUsage *e) -{ - int ret; - - memset(e, 0, sizeof(*e)); - - ret = find_extension_eku(_hx509_get_cert(cert), e); - if (ret && ret != HX509_EXTENSION_NOT_FOUND) { - hx509_clear_error_string(context); - return ret; - } - return 0; -} - -/** - * Encodes the hx509 certificate as a DER encode binary. - * - * @param context A hx509 context. - * @param c the certificate to encode. - * @param os the encode certificate, set to NULL, 0 on case of - * error. Free the returned structure with hx509_xfree(). - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_cert - */ - -int -hx509_cert_binary(hx509_context context, hx509_cert c, heim_octet_string *os) -{ - size_t size; - int ret; - - os->data = NULL; - os->length = 0; - - ASN1_MALLOC_ENCODE(Certificate, os->data, os->length, - _hx509_get_cert(c), &size, ret); - if (ret) { - os->data = NULL; - os->length = 0; - return ret; - } - if (os->length != size) - _hx509_abort("internal ASN.1 encoder error"); - - return ret; -} - -/* - * Last to avoid lost __attribute__s due to #undef. - */ - -#undef __attribute__ -#define __attribute__(X) - -void -_hx509_abort(const char *fmt, ...) - __attribute__ ((noreturn, format (printf, 1, 2))) -{ - va_list ap; - va_start(ap, fmt); - vprintf(fmt, ap); - va_end(ap); - printf("\n"); - fflush(stdout); - abort(); -} - -/** - * Free a data element allocated in the library. - * - * @param ptr data to be freed. - * - * @ingroup hx509_misc - */ - -void -hx509_xfree(void *ptr) -{ - free(ptr); -} diff --git a/crypto/heimdal/lib/hx509/cms.c b/crypto/heimdal/lib/hx509/cms.c deleted file mode 100644 index 80bcaac6c983..000000000000 --- a/crypto/heimdal/lib/hx509/cms.c +++ /dev/null @@ -1,1426 +0,0 @@ -/* - * Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -RCSID("$Id: cms.c 22327 2007-12-15 04:49:37Z lha $"); - -/** - * @page page_cms CMS/PKCS7 message functions. - * - * CMS is defined in RFC 3369 and is an continuation of the RSA Labs - * standard PKCS7. The basic messages in CMS is - * - * - SignedData - * Data signed with private key (RSA, DSA, ECDSA) or secret - * (symmetric) key - * - EnvelopedData - * Data encrypted with private key (RSA) - * - EncryptedData - * Data encrypted with secret (symmetric) key. - * - ContentInfo - * Wrapper structure including type and data. - * - * - * See the library functions here: @ref hx509_cms - */ - -#define ALLOC(X, N) (X) = calloc((N), sizeof(*(X))) -#define ALLOC_SEQ(X, N) do { (X)->len = (N); ALLOC((X)->val, (N)); } while(0) - -/** - * Wrap data and oid in a ContentInfo and encode it. - * - * @param oid type of the content. - * @param buf data to be wrapped. If a NULL pointer is passed in, the - * optional content field in the ContentInfo is not going be filled - * in. - * @param res the encoded buffer, the result should be freed with - * der_free_octet_string(). - * - * @return Returns an hx509 error code. - * - * @ingroup hx509_cms - */ - -int -hx509_cms_wrap_ContentInfo(const heim_oid *oid, - const heim_octet_string *buf, - heim_octet_string *res) -{ - ContentInfo ci; - size_t size; - int ret; - - memset(res, 0, sizeof(*res)); - memset(&ci, 0, sizeof(ci)); - - ret = der_copy_oid(oid, &ci.contentType); - if (ret) - return ret; - if (buf) { - ALLOC(ci.content, 1); - if (ci.content == NULL) { - free_ContentInfo(&ci); - return ENOMEM; - } - ci.content->data = malloc(buf->length); - if (ci.content->data == NULL) { - free_ContentInfo(&ci); - return ENOMEM; - } - memcpy(ci.content->data, buf->data, buf->length); - ci.content->length = buf->length; - } - - ASN1_MALLOC_ENCODE(ContentInfo, res->data, res->length, &ci, &size, ret); - free_ContentInfo(&ci); - if (ret) - return ret; - if (res->length != size) - _hx509_abort("internal ASN.1 encoder error"); - - return 0; -} - -/** - * Decode an ContentInfo and unwrap data and oid it. - * - * @param in the encoded buffer. - * @param oid type of the content. - * @param out data to be wrapped. - * @param have_data since the data is optional, this flags show dthe - * diffrence between no data and the zero length data. - * - * @return Returns an hx509 error code. - * - * @ingroup hx509_cms - */ - -int -hx509_cms_unwrap_ContentInfo(const heim_octet_string *in, - heim_oid *oid, - heim_octet_string *out, - int *have_data) -{ - ContentInfo ci; - size_t size; - int ret; - - memset(oid, 0, sizeof(*oid)); - memset(out, 0, sizeof(*out)); - - ret = decode_ContentInfo(in->data, in->length, &ci, &size); - if (ret) - return ret; - - ret = der_copy_oid(&ci.contentType, oid); - if (ret) { - free_ContentInfo(&ci); - return ret; - } - if (ci.content) { - ret = der_copy_octet_string(ci.content, out); - if (ret) { - der_free_oid(oid); - free_ContentInfo(&ci); - return ret; - } - } else - memset(out, 0, sizeof(*out)); - - if (have_data) - *have_data = (ci.content != NULL) ? 1 : 0; - - free_ContentInfo(&ci); - - return 0; -} - -#define CMS_ID_SKI 0 -#define CMS_ID_NAME 1 - -static int -fill_CMSIdentifier(const hx509_cert cert, - int type, - CMSIdentifier *id) -{ - int ret; - - switch (type) { - case CMS_ID_SKI: - id->element = choice_CMSIdentifier_subjectKeyIdentifier; - ret = _hx509_find_extension_subject_key_id(_hx509_get_cert(cert), - &id->u.subjectKeyIdentifier); - if (ret == 0) - break; - /* FALL THOUGH */ - case CMS_ID_NAME: { - hx509_name name; - - id->element = choice_CMSIdentifier_issuerAndSerialNumber; - ret = hx509_cert_get_issuer(cert, &name); - if (ret) - return ret; - ret = hx509_name_to_Name(name, &id->u.issuerAndSerialNumber.issuer); - hx509_name_free(&name); - if (ret) - return ret; - - ret = hx509_cert_get_serialnumber(cert, &id->u.issuerAndSerialNumber.serialNumber); - break; - } - default: - _hx509_abort("CMS fill identifier with unknown type"); - } - return ret; -} - -static int -unparse_CMSIdentifier(hx509_context context, - CMSIdentifier *id, - char **str) -{ - int ret; - - *str = NULL; - switch (id->element) { - case choice_CMSIdentifier_issuerAndSerialNumber: { - IssuerAndSerialNumber *iasn; - char *serial, *name; - - iasn = &id->u.issuerAndSerialNumber; - - ret = _hx509_Name_to_string(&iasn->issuer, &name); - if(ret) - return ret; - ret = der_print_hex_heim_integer(&iasn->serialNumber, &serial); - if (ret) { - free(name); - return ret; - } - asprintf(str, "certificate issued by %s with serial number %s", - name, serial); - free(name); - free(serial); - break; - } - case choice_CMSIdentifier_subjectKeyIdentifier: { - KeyIdentifier *ki = &id->u.subjectKeyIdentifier; - char *keyid; - ssize_t len; - - len = hex_encode(ki->data, ki->length, &keyid); - if (len < 0) - return ENOMEM; - - asprintf(str, "certificate with id %s", keyid); - free(keyid); - break; - } - default: - asprintf(str, "certificate have unknown CMSidentifier type"); - break; - } - if (*str == NULL) - return ENOMEM; - return 0; -} - -static int -find_CMSIdentifier(hx509_context context, - CMSIdentifier *client, - hx509_certs certs, - hx509_cert *signer_cert, - int match) -{ - hx509_query q; - hx509_cert cert; - Certificate c; - int ret; - - memset(&c, 0, sizeof(c)); - _hx509_query_clear(&q); - - *signer_cert = NULL; - - switch (client->element) { - case choice_CMSIdentifier_issuerAndSerialNumber: - q.serial = &client->u.issuerAndSerialNumber.serialNumber; - q.issuer_name = &client->u.issuerAndSerialNumber.issuer; - q.match = HX509_QUERY_MATCH_SERIALNUMBER|HX509_QUERY_MATCH_ISSUER_NAME; - break; - case choice_CMSIdentifier_subjectKeyIdentifier: - q.subject_id = &client->u.subjectKeyIdentifier; - q.match = HX509_QUERY_MATCH_SUBJECT_KEY_ID; - break; - default: - hx509_set_error_string(context, 0, HX509_CMS_NO_RECIPIENT_CERTIFICATE, - "unknown CMS identifier element"); - return HX509_CMS_NO_RECIPIENT_CERTIFICATE; - } - - q.match |= match; - - q.match |= HX509_QUERY_MATCH_TIME; - q.timenow = time(NULL); - - ret = hx509_certs_find(context, certs, &q, &cert); - if (ret == HX509_CERT_NOT_FOUND) { - char *str; - - ret = unparse_CMSIdentifier(context, client, &str); - if (ret == 0) { - hx509_set_error_string(context, 0, - HX509_CMS_NO_RECIPIENT_CERTIFICATE, - "Failed to find %s", str); - } else - hx509_clear_error_string(context); - return HX509_CMS_NO_RECIPIENT_CERTIFICATE; - } else if (ret) { - hx509_set_error_string(context, HX509_ERROR_APPEND, - HX509_CMS_NO_RECIPIENT_CERTIFICATE, - "Failed to find CMS id in cert store"); - return HX509_CMS_NO_RECIPIENT_CERTIFICATE; - } - - *signer_cert = cert; - - return 0; -} - -/** - * Decode and unencrypt EnvelopedData. - * - * Extract data and parameteres from from the EnvelopedData. Also - * supports using detached EnvelopedData. - * - * @param context A hx509 context. - * @param certs Certificate that can decrypt the EnvelopedData - * encryption key. - * @param flags HX509_CMS_UE flags to control the behavior. - * @param data pointer the structure the contains the DER/BER encoded - * EnvelopedData stucture. - * @param length length of the data that data point to. - * @param encryptedContent in case of detached signature, this - * contains the actual encrypted data, othersize its should be NULL. - * @param contentType output type oid, should be freed with der_free_oid(). - * @param content the data, free with der_free_octet_string(). - * - * @ingroup hx509_cms - */ - -int -hx509_cms_unenvelope(hx509_context context, - hx509_certs certs, - int flags, - const void *data, - size_t length, - const heim_octet_string *encryptedContent, - heim_oid *contentType, - heim_octet_string *content) -{ - heim_octet_string key; - EnvelopedData ed; - hx509_cert cert; - AlgorithmIdentifier *ai; - const heim_octet_string *enccontent; - heim_octet_string *params, params_data; - heim_octet_string ivec; - size_t size; - int ret, i, matched = 0, findflags = 0; - - - memset(&key, 0, sizeof(key)); - memset(&ed, 0, sizeof(ed)); - memset(&ivec, 0, sizeof(ivec)); - memset(content, 0, sizeof(*content)); - memset(contentType, 0, sizeof(*contentType)); - - if ((flags & HX509_CMS_UE_DONT_REQUIRE_KU_ENCIPHERMENT) == 0) - findflags |= HX509_QUERY_KU_ENCIPHERMENT; - - ret = decode_EnvelopedData(data, length, &ed, &size); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to decode EnvelopedData"); - return ret; - } - - if (ed.recipientInfos.len == 0) { - ret = HX509_CMS_NO_RECIPIENT_CERTIFICATE; - hx509_set_error_string(context, 0, ret, - "No recipient info in enveloped data"); - goto out; - } - - enccontent = ed.encryptedContentInfo.encryptedContent; - if (enccontent == NULL) { - if (encryptedContent == NULL) { - ret = HX509_CMS_NO_DATA_AVAILABLE; - hx509_set_error_string(context, 0, ret, - "Content missing from encrypted data"); - goto out; - } - enccontent = encryptedContent; - } else if (encryptedContent != NULL) { - ret = HX509_CMS_NO_DATA_AVAILABLE; - hx509_set_error_string(context, 0, ret, - "Both internal and external encrypted data"); - goto out; - } - - cert = NULL; - for (i = 0; i < ed.recipientInfos.len; i++) { - KeyTransRecipientInfo *ri; - char *str; - int ret2; - - ri = &ed.recipientInfos.val[i]; - - ret = find_CMSIdentifier(context, &ri->rid, certs, &cert, - HX509_QUERY_PRIVATE_KEY|findflags); - if (ret) - continue; - - matched = 1; /* found a matching certificate, let decrypt */ - - ret = _hx509_cert_private_decrypt(context, - &ri->encryptedKey, - &ri->keyEncryptionAlgorithm.algorithm, - cert, &key); - - hx509_cert_free(cert); - if (ret == 0) - break; /* succuessfully decrypted cert */ - cert = NULL; - ret2 = unparse_CMSIdentifier(context, &ri->rid, &str); - if (ret2 == 0) { - hx509_set_error_string(context, HX509_ERROR_APPEND, ret, - "Failed to decrypt with %s", str); - free(str); - } - } - - if (!matched) { - ret = HX509_CMS_NO_RECIPIENT_CERTIFICATE; - hx509_set_error_string(context, 0, ret, - "No private key matched any certificate"); - goto out; - } - - if (cert == NULL) { - ret = HX509_CMS_NO_RECIPIENT_CERTIFICATE; - hx509_set_error_string(context, HX509_ERROR_APPEND, ret, - "No private key decrypted the transfer key"); - goto out; - } - - ret = der_copy_oid(&ed.encryptedContentInfo.contentType, contentType); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to copy EnvelopedData content oid"); - goto out; - } - - ai = &ed.encryptedContentInfo.contentEncryptionAlgorithm; - if (ai->parameters) { - params_data.data = ai->parameters->data; - params_data.length = ai->parameters->length; - params = ¶ms_data; - } else - params = NULL; - - { - hx509_crypto crypto; - - ret = hx509_crypto_init(context, NULL, &ai->algorithm, &crypto); - if (ret) - goto out; - - if (params) { - ret = hx509_crypto_set_params(context, crypto, params, &ivec); - if (ret) { - hx509_crypto_destroy(crypto); - goto out; - } - } - - ret = hx509_crypto_set_key_data(crypto, key.data, key.length); - if (ret) { - hx509_crypto_destroy(crypto); - hx509_set_error_string(context, 0, ret, - "Failed to set key for decryption " - "of EnvelopedData"); - goto out; - } - - ret = hx509_crypto_decrypt(crypto, - enccontent->data, - enccontent->length, - ivec.length ? &ivec : NULL, - content); - hx509_crypto_destroy(crypto); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to decrypt EnvelopedData"); - goto out; - } - } - -out: - - free_EnvelopedData(&ed); - der_free_octet_string(&key); - if (ivec.length) - der_free_octet_string(&ivec); - if (ret) { - der_free_oid(contentType); - der_free_octet_string(content); - } - - return ret; -} - -/** - * Encrypt end encode EnvelopedData. - * - * Encrypt and encode EnvelopedData. The data is encrypted with a - * random key and the the random key is encrypted with the - * certificates private key. This limits what private key type can be - * used to RSA. - * - * @param context A hx509 context. - * @param flags flags to control the behavior, no flags today - * @param cert Certificate to encrypt the EnvelopedData encryption key - * with. - * @param data pointer the data to encrypt. - * @param length length of the data that data point to. - * @param encryption_type Encryption cipher to use for the bulk data, - * use NULL to get default. - * @param contentType type of the data that is encrypted - * @param content the output of the function, - * free with der_free_octet_string(). - * - * @ingroup hx509_cms - */ - -int -hx509_cms_envelope_1(hx509_context context, - int flags, - hx509_cert cert, - const void *data, - size_t length, - const heim_oid *encryption_type, - const heim_oid *contentType, - heim_octet_string *content) -{ - KeyTransRecipientInfo *ri; - heim_octet_string ivec; - heim_octet_string key; - hx509_crypto crypto = NULL; - EnvelopedData ed; - size_t size; - int ret; - - memset(&ivec, 0, sizeof(ivec)); - memset(&key, 0, sizeof(key)); - memset(&ed, 0, sizeof(ed)); - memset(content, 0, sizeof(*content)); - - if (encryption_type == NULL) - encryption_type = oid_id_aes_256_cbc(); - - ret = _hx509_check_key_usage(context, cert, 1 << 2, TRUE); - if (ret) - goto out; - - ret = hx509_crypto_init(context, NULL, encryption_type, &crypto); - if (ret) - goto out; - - ret = hx509_crypto_set_random_key(crypto, &key); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Create random key for EnvelopedData content"); - goto out; - } - - ret = hx509_crypto_random_iv(crypto, &ivec); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to create a random iv"); - goto out; - } - - ret = hx509_crypto_encrypt(crypto, - data, - length, - &ivec, - &ed.encryptedContentInfo.encryptedContent); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to encrypt EnvelopedData content"); - goto out; - } - - { - AlgorithmIdentifier *enc_alg; - enc_alg = &ed.encryptedContentInfo.contentEncryptionAlgorithm; - ret = der_copy_oid(encryption_type, &enc_alg->algorithm); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to set crypto oid " - "for EnvelopedData"); - goto out; - } - ALLOC(enc_alg->parameters, 1); - if (enc_alg->parameters == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, - "Failed to allocate crypto paramaters " - "for EnvelopedData"); - goto out; - } - - ret = hx509_crypto_get_params(context, - crypto, - &ivec, - enc_alg->parameters); - if (ret) { - goto out; - } - } - - ALLOC_SEQ(&ed.recipientInfos, 1); - if (ed.recipientInfos.val == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, - "Failed to allocate recipients info " - "for EnvelopedData"); - goto out; - } - - ri = &ed.recipientInfos.val[0]; - - ri->version = 0; - ret = fill_CMSIdentifier(cert, CMS_ID_SKI, &ri->rid); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to set CMS identifier info " - "for EnvelopedData"); - goto out; - } - - ret = _hx509_cert_public_encrypt(context, - &key, cert, - &ri->keyEncryptionAlgorithm.algorithm, - &ri->encryptedKey); - if (ret) { - hx509_set_error_string(context, HX509_ERROR_APPEND, ret, - "Failed to encrypt transport key for " - "EnvelopedData"); - goto out; - } - - /* - * - */ - - ed.version = 0; - ed.originatorInfo = NULL; - - ret = der_copy_oid(contentType, &ed.encryptedContentInfo.contentType); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to copy content oid for " - "EnvelopedData"); - goto out; - } - - ed.unprotectedAttrs = NULL; - - ASN1_MALLOC_ENCODE(EnvelopedData, content->data, content->length, - &ed, &size, ret); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to encode EnvelopedData"); - goto out; - } - if (size != content->length) - _hx509_abort("internal ASN.1 encoder error"); - -out: - if (crypto) - hx509_crypto_destroy(crypto); - if (ret) - der_free_octet_string(content); - der_free_octet_string(&key); - der_free_octet_string(&ivec); - free_EnvelopedData(&ed); - - return ret; -} - -static int -any_to_certs(hx509_context context, const SignedData *sd, hx509_certs certs) -{ - int ret, i; - - if (sd->certificates == NULL) - return 0; - - for (i = 0; i < sd->certificates->len; i++) { - hx509_cert c; - - ret = hx509_cert_init_data(context, - sd->certificates->val[i].data, - sd->certificates->val[i].length, - &c); - if (ret) - return ret; - ret = hx509_certs_add(context, certs, c); - hx509_cert_free(c); - if (ret) - return ret; - } - - return 0; -} - -static const Attribute * -find_attribute(const CMSAttributes *attr, const heim_oid *oid) -{ - int i; - for (i = 0; i < attr->len; i++) - if (der_heim_oid_cmp(&attr->val[i].type, oid) == 0) - return &attr->val[i]; - return NULL; -} - -/** - * Decode SignedData and verify that the signature is correct. - * - * @param context A hx509 context. - * @param ctx a hx509 version context - * @param data - * @param length length of the data that data point to. - * @param signedContent - * @param pool certificate pool to build certificates paths. - * @param contentType free with der_free_oid() - * @param content the output of the function, free with - * der_free_octet_string(). - * @param signer_certs list of the cerficates used to sign this - * request, free with hx509_certs_free(). - * - * @ingroup hx509_cms - */ - -int -hx509_cms_verify_signed(hx509_context context, - hx509_verify_ctx ctx, - const void *data, - size_t length, - const heim_octet_string *signedContent, - hx509_certs pool, - heim_oid *contentType, - heim_octet_string *content, - hx509_certs *signer_certs) -{ - SignerInfo *signer_info; - hx509_cert cert = NULL; - hx509_certs certs = NULL; - SignedData sd; - size_t size; - int ret, i, found_valid_sig; - - *signer_certs = NULL; - content->data = NULL; - content->length = 0; - contentType->length = 0; - contentType->components = NULL; - - memset(&sd, 0, sizeof(sd)); - - ret = decode_SignedData(data, length, &sd, &size); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to decode SignedData"); - goto out; - } - - if (sd.encapContentInfo.eContent == NULL && signedContent == NULL) { - ret = HX509_CMS_NO_DATA_AVAILABLE; - hx509_set_error_string(context, 0, ret, - "No content data in SignedData"); - goto out; - } - if (sd.encapContentInfo.eContent && signedContent) { - ret = HX509_CMS_NO_DATA_AVAILABLE; - hx509_set_error_string(context, 0, ret, - "Both external and internal SignedData"); - goto out; - } - if (sd.encapContentInfo.eContent) - signedContent = sd.encapContentInfo.eContent; - - ret = hx509_certs_init(context, "MEMORY:cms-cert-buffer", - 0, NULL, &certs); - if (ret) - goto out; - - ret = hx509_certs_init(context, "MEMORY:cms-signer-certs", - 0, NULL, signer_certs); - if (ret) - goto out; - - /* XXX Check CMS version */ - - ret = any_to_certs(context, &sd, certs); - if (ret) - goto out; - - if (pool) { - ret = hx509_certs_merge(context, certs, pool); - if (ret) - goto out; - } - - for (found_valid_sig = 0, i = 0; i < sd.signerInfos.len; i++) { - heim_octet_string *signed_data; - const heim_oid *match_oid; - heim_oid decode_oid; - - signer_info = &sd.signerInfos.val[i]; - match_oid = NULL; - - if (signer_info->signature.length == 0) { - ret = HX509_CMS_MISSING_SIGNER_DATA; - hx509_set_error_string(context, 0, ret, - "SignerInfo %d in SignedData " - "missing sigature", i); - continue; - } - - ret = find_CMSIdentifier(context, &signer_info->sid, certs, &cert, - HX509_QUERY_KU_DIGITALSIGNATURE); - if (ret) - continue; - - if (signer_info->signedAttrs) { - const Attribute *attr; - - CMSAttributes sa; - heim_octet_string os; - - sa.val = signer_info->signedAttrs->val; - sa.len = signer_info->signedAttrs->len; - - /* verify that sigature exists */ - attr = find_attribute(&sa, oid_id_pkcs9_messageDigest()); - if (attr == NULL) { - ret = HX509_CRYPTO_SIGNATURE_MISSING; - hx509_set_error_string(context, 0, ret, - "SignerInfo have signed attributes " - "but messageDigest (signature) " - "is missing"); - goto next_sigature; - } - if (attr->value.len != 1) { - ret = HX509_CRYPTO_SIGNATURE_MISSING; - hx509_set_error_string(context, 0, ret, - "SignerInfo have more then one " - "messageDigest (signature)"); - goto next_sigature; - } - - ret = decode_MessageDigest(attr->value.val[0].data, - attr->value.val[0].length, - &os, - &size); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to decode " - "messageDigest (signature)"); - goto next_sigature; - } - - ret = _hx509_verify_signature(context, - NULL, - &signer_info->digestAlgorithm, - signedContent, - &os); - der_free_octet_string(&os); - if (ret) { - hx509_set_error_string(context, HX509_ERROR_APPEND, ret, - "Failed to verify messageDigest"); - goto next_sigature; - } - - /* - * Fetch content oid inside signedAttrs or set it to - * id-pkcs7-data. - */ - attr = find_attribute(&sa, oid_id_pkcs9_contentType()); - if (attr == NULL) { - match_oid = oid_id_pkcs7_data(); - } else { - if (attr->value.len != 1) { - ret = HX509_CMS_DATA_OID_MISMATCH; - hx509_set_error_string(context, 0, ret, - "More then one oid in signedAttrs"); - goto next_sigature; - - } - ret = decode_ContentType(attr->value.val[0].data, - attr->value.val[0].length, - &decode_oid, - &size); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to decode " - "oid in signedAttrs"); - goto next_sigature; - } - match_oid = &decode_oid; - } - - ALLOC(signed_data, 1); - if (signed_data == NULL) { - if (match_oid == &decode_oid) - der_free_oid(&decode_oid); - ret = ENOMEM; - hx509_clear_error_string(context); - goto next_sigature; - } - - ASN1_MALLOC_ENCODE(CMSAttributes, - signed_data->data, - signed_data->length, - &sa, - &size, ret); - if (ret) { - if (match_oid == &decode_oid) - der_free_oid(&decode_oid); - free(signed_data); - hx509_clear_error_string(context); - goto next_sigature; - } - if (size != signed_data->length) - _hx509_abort("internal ASN.1 encoder error"); - - } else { - signed_data = rk_UNCONST(signedContent); - match_oid = oid_id_pkcs7_data(); - } - - if (der_heim_oid_cmp(match_oid, &sd.encapContentInfo.eContentType)) { - ret = HX509_CMS_DATA_OID_MISMATCH; - hx509_set_error_string(context, 0, ret, - "Oid in message mismatch from the expected"); - } - if (match_oid == &decode_oid) - der_free_oid(&decode_oid); - - if (ret == 0) { - ret = hx509_verify_signature(context, - cert, - &signer_info->signatureAlgorithm, - signed_data, - &signer_info->signature); - if (ret) - hx509_set_error_string(context, HX509_ERROR_APPEND, ret, - "Failed to verify sigature in " - "CMS SignedData"); - } - if (signed_data != signedContent) { - der_free_octet_string(signed_data); - free(signed_data); - } - if (ret) - goto next_sigature; - - ret = hx509_verify_path(context, ctx, cert, certs); - if (ret) - goto next_sigature; - - ret = hx509_certs_add(context, *signer_certs, cert); - if (ret) - goto next_sigature; - - found_valid_sig++; - - next_sigature: - if (cert) - hx509_cert_free(cert); - cert = NULL; - } - if (found_valid_sig == 0) { - if (ret == 0) { - ret = HX509_CMS_SIGNER_NOT_FOUND; - hx509_set_error_string(context, 0, ret, - "No signers where found"); - } - goto out; - } - - ret = der_copy_oid(&sd.encapContentInfo.eContentType, contentType); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - - content->data = malloc(signedContent->length); - if (content->data == NULL) { - hx509_clear_error_string(context); - ret = ENOMEM; - goto out; - } - content->length = signedContent->length; - memcpy(content->data, signedContent->data, content->length); - -out: - free_SignedData(&sd); - if (certs) - hx509_certs_free(&certs); - if (ret) { - if (*signer_certs) - hx509_certs_free(signer_certs); - der_free_oid(contentType); - der_free_octet_string(content); - } - - return ret; -} - -static int -add_one_attribute(Attribute **attr, - unsigned int *len, - const heim_oid *oid, - heim_octet_string *data) -{ - void *d; - int ret; - - d = realloc(*attr, sizeof((*attr)[0]) * (*len + 1)); - if (d == NULL) - return ENOMEM; - (*attr) = d; - - ret = der_copy_oid(oid, &(*attr)[*len].type); - if (ret) - return ret; - - ALLOC_SEQ(&(*attr)[*len].value, 1); - if ((*attr)[*len].value.val == NULL) { - der_free_oid(&(*attr)[*len].type); - return ENOMEM; - } - - (*attr)[*len].value.val[0].data = data->data; - (*attr)[*len].value.val[0].length = data->length; - - *len += 1; - - return 0; -} - -/** - * Decode SignedData and verify that the signature is correct. - * - * @param context A hx509 context. - * @param flags - * @param eContentType the type of the data. - * @param data data to sign - * @param length length of the data that data point to. - * @param digest_alg digest algorithm to use, use NULL to get the - * default or the peer determined algorithm. - * @param cert certificate to use for sign the data. - * @param peer info about the peer the message to send the message to, - * like what digest algorithm to use. - * @param anchors trust anchors that the client will use, used to - * polulate the certificates included in the message - * @param pool certificates to use in try to build the path to the - * trust anchors. - * @param signed_data the output of the function, free with - * der_free_octet_string(). - * - * @ingroup hx509_cms - */ - -int -hx509_cms_create_signed_1(hx509_context context, - int flags, - const heim_oid *eContentType, - const void *data, size_t length, - const AlgorithmIdentifier *digest_alg, - hx509_cert cert, - hx509_peer_info peer, - hx509_certs anchors, - hx509_certs pool, - heim_octet_string *signed_data) -{ - AlgorithmIdentifier digest; - hx509_name name; - SignerInfo *signer_info; - heim_octet_string buf, content, sigdata = { 0, NULL }; - SignedData sd; - int ret; - size_t size; - hx509_path path; - int cmsidflag = CMS_ID_SKI; - - memset(&sd, 0, sizeof(sd)); - memset(&name, 0, sizeof(name)); - memset(&path, 0, sizeof(path)); - memset(&digest, 0, sizeof(digest)); - - content.data = rk_UNCONST(data); - content.length = length; - - if (flags & HX509_CMS_SIGATURE_ID_NAME) - cmsidflag = CMS_ID_NAME; - - if (_hx509_cert_private_key(cert) == NULL) { - hx509_set_error_string(context, 0, HX509_PRIVATE_KEY_MISSING, - "Private key missing for signing"); - return HX509_PRIVATE_KEY_MISSING; - } - - if (digest_alg == NULL) { - ret = hx509_crypto_select(context, HX509_SELECT_DIGEST, - _hx509_cert_private_key(cert), peer, &digest); - } else { - ret = copy_AlgorithmIdentifier(digest_alg, &digest); - if (ret) - hx509_clear_error_string(context); - } - if (ret) - goto out; - - sd.version = CMSVersion_v3; - - if (eContentType == NULL) - eContentType = oid_id_pkcs7_data(); - - der_copy_oid(eContentType, &sd.encapContentInfo.eContentType); - - /* */ - if ((flags & HX509_CMS_SIGATURE_DETACHED) == 0) { - ALLOC(sd.encapContentInfo.eContent, 1); - if (sd.encapContentInfo.eContent == NULL) { - hx509_clear_error_string(context); - ret = ENOMEM; - goto out; - } - - sd.encapContentInfo.eContent->data = malloc(length); - if (sd.encapContentInfo.eContent->data == NULL) { - hx509_clear_error_string(context); - ret = ENOMEM; - goto out; - } - memcpy(sd.encapContentInfo.eContent->data, data, length); - sd.encapContentInfo.eContent->length = length; - } - - ALLOC_SEQ(&sd.signerInfos, 1); - if (sd.signerInfos.val == NULL) { - hx509_clear_error_string(context); - ret = ENOMEM; - goto out; - } - - signer_info = &sd.signerInfos.val[0]; - - signer_info->version = 1; - - ret = fill_CMSIdentifier(cert, cmsidflag, &signer_info->sid); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - - signer_info->signedAttrs = NULL; - signer_info->unsignedAttrs = NULL; - - - ret = copy_AlgorithmIdentifier(&digest, &signer_info->digestAlgorithm); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - - /* - * If it isn't pkcs7-data send signedAttributes - */ - - if (der_heim_oid_cmp(eContentType, oid_id_pkcs7_data()) != 0) { - CMSAttributes sa; - heim_octet_string sig; - - ALLOC(signer_info->signedAttrs, 1); - if (signer_info->signedAttrs == NULL) { - ret = ENOMEM; - goto out; - } - - ret = _hx509_create_signature(context, - NULL, - &digest, - &content, - NULL, - &sig); - if (ret) - goto out; - - ASN1_MALLOC_ENCODE(MessageDigest, - buf.data, - buf.length, - &sig, - &size, - ret); - der_free_octet_string(&sig); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - if (size != buf.length) - _hx509_abort("internal ASN.1 encoder error"); - - ret = add_one_attribute(&signer_info->signedAttrs->val, - &signer_info->signedAttrs->len, - oid_id_pkcs9_messageDigest(), - &buf); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - - - ASN1_MALLOC_ENCODE(ContentType, - buf.data, - buf.length, - eContentType, - &size, - ret); - if (ret) - goto out; - if (size != buf.length) - _hx509_abort("internal ASN.1 encoder error"); - - ret = add_one_attribute(&signer_info->signedAttrs->val, - &signer_info->signedAttrs->len, - oid_id_pkcs9_contentType(), - &buf); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - - sa.val = signer_info->signedAttrs->val; - sa.len = signer_info->signedAttrs->len; - - ASN1_MALLOC_ENCODE(CMSAttributes, - sigdata.data, - sigdata.length, - &sa, - &size, - ret); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - if (size != sigdata.length) - _hx509_abort("internal ASN.1 encoder error"); - } else { - sigdata.data = content.data; - sigdata.length = content.length; - } - - - { - AlgorithmIdentifier sigalg; - - ret = hx509_crypto_select(context, HX509_SELECT_PUBLIC_SIG, - _hx509_cert_private_key(cert), peer, - &sigalg); - if (ret) - goto out; - - ret = _hx509_create_signature(context, - _hx509_cert_private_key(cert), - &sigalg, - &sigdata, - &signer_info->signatureAlgorithm, - &signer_info->signature); - free_AlgorithmIdentifier(&sigalg); - if (ret) - goto out; - } - - ALLOC_SEQ(&sd.digestAlgorithms, 1); - if (sd.digestAlgorithms.val == NULL) { - ret = ENOMEM; - hx509_clear_error_string(context); - goto out; - } - - ret = copy_AlgorithmIdentifier(&digest, &sd.digestAlgorithms.val[0]); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - - /* - * Provide best effort path - */ - if (pool) { - _hx509_calculate_path(context, - HX509_CALCULATE_PATH_NO_ANCHOR, - time(NULL), - anchors, - 0, - cert, - pool, - &path); - } else - _hx509_path_append(context, &path, cert); - - - if (path.len) { - int i; - - ALLOC(sd.certificates, 1); - if (sd.certificates == NULL) { - hx509_clear_error_string(context); - ret = ENOMEM; - goto out; - } - ALLOC_SEQ(sd.certificates, path.len); - if (sd.certificates->val == NULL) { - hx509_clear_error_string(context); - ret = ENOMEM; - goto out; - } - - for (i = 0; i < path.len; i++) { - ret = hx509_cert_binary(context, path.val[i], - &sd.certificates->val[i]); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - } - } - - ASN1_MALLOC_ENCODE(SignedData, - signed_data->data, signed_data->length, - &sd, &size, ret); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - if (signed_data->length != size) - _hx509_abort("internal ASN.1 encoder error"); - -out: - if (sigdata.data != content.data) - der_free_octet_string(&sigdata); - free_AlgorithmIdentifier(&digest); - _hx509_path_free(&path); - free_SignedData(&sd); - - return ret; -} - -int -hx509_cms_decrypt_encrypted(hx509_context context, - hx509_lock lock, - const void *data, - size_t length, - heim_oid *contentType, - heim_octet_string *content) -{ - heim_octet_string cont; - CMSEncryptedData ed; - AlgorithmIdentifier *ai; - int ret; - - memset(content, 0, sizeof(*content)); - memset(&cont, 0, sizeof(cont)); - - ret = decode_CMSEncryptedData(data, length, &ed, NULL); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to decode CMSEncryptedData"); - return ret; - } - - if (ed.encryptedContentInfo.encryptedContent == NULL) { - ret = HX509_CMS_NO_DATA_AVAILABLE; - hx509_set_error_string(context, 0, ret, - "No content in EncryptedData"); - goto out; - } - - ret = der_copy_oid(&ed.encryptedContentInfo.contentType, contentType); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - - ai = &ed.encryptedContentInfo.contentEncryptionAlgorithm; - if (ai->parameters == NULL) { - ret = HX509_ALG_NOT_SUPP; - hx509_clear_error_string(context); - goto out; - } - - ret = _hx509_pbe_decrypt(context, - lock, - ai, - ed.encryptedContentInfo.encryptedContent, - &cont); - if (ret) - goto out; - - *content = cont; - -out: - if (ret) { - if (cont.data) - free(cont.data); - } - free_CMSEncryptedData(&ed); - return ret; -} diff --git a/crypto/heimdal/lib/hx509/collector.c b/crypto/heimdal/lib/hx509/collector.c deleted file mode 100644 index 8b6ffcb94567..000000000000 --- a/crypto/heimdal/lib/hx509/collector.c +++ /dev/null @@ -1,329 +0,0 @@ -/* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -RCSID("$Id: collector.c 20778 2007-06-01 22:04:13Z lha $"); - -struct private_key { - AlgorithmIdentifier alg; - hx509_private_key private_key; - heim_octet_string localKeyId; -}; - -struct hx509_collector { - hx509_lock lock; - hx509_certs unenvelop_certs; - hx509_certs certs; - struct { - struct private_key **data; - size_t len; - } val; -}; - - -int -_hx509_collector_alloc(hx509_context context, hx509_lock lock, struct hx509_collector **collector) -{ - struct hx509_collector *c; - int ret; - - *collector = NULL; - - c = calloc(1, sizeof(*c)); - if (c == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - c->lock = lock; - - ret = hx509_certs_init(context, "MEMORY:collector-unenvelop-cert", - 0,NULL, &c->unenvelop_certs); - if (ret) { - free(c); - return ret; - } - c->val.data = NULL; - c->val.len = 0; - ret = hx509_certs_init(context, "MEMORY:collector-tmp-store", - 0, NULL, &c->certs); - if (ret) { - hx509_certs_free(&c->unenvelop_certs); - free(c); - return ret; - } - - *collector = c; - return 0; -} - -hx509_lock -_hx509_collector_get_lock(struct hx509_collector *c) -{ - return c->lock; -} - - -int -_hx509_collector_certs_add(hx509_context context, - struct hx509_collector *c, - hx509_cert cert) -{ - return hx509_certs_add(context, c->certs, cert); -} - -static void -free_private_key(struct private_key *key) -{ - free_AlgorithmIdentifier(&key->alg); - if (key->private_key) - _hx509_private_key_free(&key->private_key); - der_free_octet_string(&key->localKeyId); - free(key); -} - -int -_hx509_collector_private_key_add(hx509_context context, - struct hx509_collector *c, - const AlgorithmIdentifier *alg, - hx509_private_key private_key, - const heim_octet_string *key_data, - const heim_octet_string *localKeyId) -{ - struct private_key *key; - void *d; - int ret; - - key = calloc(1, sizeof(*key)); - if (key == NULL) - return ENOMEM; - - d = realloc(c->val.data, (c->val.len + 1) * sizeof(c->val.data[0])); - if (d == NULL) { - free(key); - hx509_set_error_string(context, 0, ENOMEM, "Out of memory"); - return ENOMEM; - } - c->val.data = d; - - ret = copy_AlgorithmIdentifier(alg, &key->alg); - if (ret) { - hx509_set_error_string(context, 0, ret, "Failed to copy " - "AlgorithmIdentifier"); - goto out; - } - if (private_key) { - key->private_key = private_key; - } else { - ret = _hx509_parse_private_key(context, &alg->algorithm, - key_data->data, key_data->length, - &key->private_key); - if (ret) - goto out; - } - if (localKeyId) { - ret = der_copy_octet_string(localKeyId, &key->localKeyId); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to copy localKeyId"); - goto out; - } - } else - memset(&key->localKeyId, 0, sizeof(key->localKeyId)); - - c->val.data[c->val.len] = key; - c->val.len++; - -out: - if (ret) - free_private_key(key); - - return ret; -} - -static int -match_localkeyid(hx509_context context, - struct private_key *value, - hx509_certs certs) -{ - hx509_cert cert; - hx509_query q; - int ret; - - if (value->localKeyId.length == 0) { - hx509_set_error_string(context, 0, HX509_LOCAL_ATTRIBUTE_MISSING, - "No local key attribute on private key"); - return HX509_LOCAL_ATTRIBUTE_MISSING; - } - - _hx509_query_clear(&q); - q.match |= HX509_QUERY_MATCH_LOCAL_KEY_ID; - - q.local_key_id = &value->localKeyId; - - ret = hx509_certs_find(context, certs, &q, &cert); - if (ret == 0) { - - if (value->private_key) - _hx509_cert_assign_key(cert, value->private_key); - hx509_cert_free(cert); - } - return ret; -} - -static int -match_keys(hx509_context context, struct private_key *value, hx509_certs certs) -{ - hx509_cursor cursor; - hx509_cert c; - int ret, found = HX509_CERT_NOT_FOUND; - - if (value->private_key == NULL) { - hx509_set_error_string(context, 0, HX509_PRIVATE_KEY_MISSING, - "No private key to compare with"); - return HX509_PRIVATE_KEY_MISSING; - } - - ret = hx509_certs_start_seq(context, certs, &cursor); - if (ret) - return ret; - - c = NULL; - while (1) { - ret = hx509_certs_next_cert(context, certs, cursor, &c); - if (ret) - break; - if (c == NULL) - break; - if (_hx509_cert_private_key(c)) { - hx509_cert_free(c); - continue; - } - - ret = _hx509_match_keys(c, value->private_key); - if (ret) { - _hx509_cert_assign_key(c, value->private_key); - hx509_cert_free(c); - found = 0; - break; - } - hx509_cert_free(c); - } - - hx509_certs_end_seq(context, certs, cursor); - - if (found) - hx509_clear_error_string(context); - - return found; -} - -int -_hx509_collector_collect_certs(hx509_context context, - struct hx509_collector *c, - hx509_certs *ret_certs) -{ - hx509_certs certs; - int ret, i; - - *ret_certs = NULL; - - ret = hx509_certs_init(context, "MEMORY:collector-store", 0, NULL, &certs); - if (ret) - return ret; - - ret = hx509_certs_merge(context, certs, c->certs); - if (ret) { - hx509_certs_free(&certs); - return ret; - } - - for (i = 0; i < c->val.len; i++) { - ret = match_localkeyid(context, c->val.data[i], certs); - if (ret == 0) - continue; - ret = match_keys(context, c->val.data[i], certs); - if (ret == 0) - continue; - } - - *ret_certs = certs; - - return 0; -} - -int -_hx509_collector_collect_private_keys(hx509_context context, - struct hx509_collector *c, - hx509_private_key **keys) -{ - int i, nkeys; - - *keys = NULL; - - for (i = 0, nkeys = 0; i < c->val.len; i++) - if (c->val.data[i]->private_key) - nkeys++; - - *keys = calloc(nkeys + 1, sizeof(**keys)); - if (*keys == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "malloc - out of memory"); - return ENOMEM; - } - - for (i = 0, nkeys = 0; i < c->val.len; i++) { - if (c->val.data[i]->private_key) { - (*keys)[nkeys++] = c->val.data[i]->private_key; - c->val.data[i]->private_key = NULL; - } - } - (*keys)[nkeys++] = NULL; - - return 0; -} - - -void -_hx509_collector_free(struct hx509_collector *c) -{ - int i; - - if (c->unenvelop_certs) - hx509_certs_free(&c->unenvelop_certs); - if (c->certs) - hx509_certs_free(&c->certs); - for (i = 0; i < c->val.len; i++) - free_private_key(c->val.data[i]); - if (c->val.data) - free(c->val.data); - free(c); -} diff --git a/crypto/heimdal/lib/hx509/crmf.asn1 b/crypto/heimdal/lib/hx509/crmf.asn1 deleted file mode 100644 index 97ade264ae2c..000000000000 --- a/crypto/heimdal/lib/hx509/crmf.asn1 +++ /dev/null @@ -1,113 +0,0 @@ --- $Id: crmf.asn1 17102 2006-04-18 13:05:21Z lha $ -PKCS10 DEFINITIONS ::= - -BEGIN - -IMPORTS - Time, - GeneralName, - SubjectPublicKeyInfo, - RelativeDistinguishedName, - AttributeTypeAndValue, - Extension, - AlgorithmIdentifier - FROM rfc2459 - heim_any - FROM heim; - -CRMFRDNSequence ::= SEQUENCE OF RelativeDistinguishedName - -Controls ::= SEQUENCE -- SIZE(1..MAX) -- OF AttributeTypeAndValue - --- XXX IMPLICIT brokenness -POPOSigningKey ::= SEQUENCE { - poposkInput [0] IMPLICIT POPOSigningKeyInput OPTIONAL, - algorithmIdentifier AlgorithmIdentifier, - signature BIT STRING } - -PKMACValue ::= SEQUENCE { - algId AlgorithmIdentifier, - value BIT STRING -} - --- XXX IMPLICIT brokenness -POPOSigningKeyInput ::= SEQUENCE { - authInfo CHOICE { - sender [0] IMPLICIT GeneralName, - publicKeyMAC PKMACValue - }, - publicKey SubjectPublicKeyInfo -} -- from CertTemplate - - -PBMParameter ::= SEQUENCE { - salt OCTET STRING, - owf AlgorithmIdentifier, - iterationCount INTEGER, - mac AlgorithmIdentifier -} - -SubsequentMessage ::= INTEGER { - encrCert (0), - challengeResp (1) -} - --- XXX IMPLICIT brokenness -POPOPrivKey ::= CHOICE { - thisMessage [0] BIT STRING, -- Deprecated - subsequentMessage [1] IMPLICIT SubsequentMessage, - dhMAC [2] BIT STRING, -- Deprecated - agreeMAC [3] IMPLICIT PKMACValue, - encryptedKey [4] heim_any -} - --- XXX IMPLICIT brokenness -ProofOfPossession ::= CHOICE { - raVerified [0] NULL, - signature [1] POPOSigningKey, - keyEncipherment [2] POPOPrivKey, - keyAgreement [3] POPOPrivKey -} - -CertTemplate ::= SEQUENCE { - version [0] INTEGER OPTIONAL, - serialNumber [1] INTEGER OPTIONAL, - signingAlg [2] SEQUENCE { - algorithm OBJECT IDENTIFIER, - parameters heim_any OPTIONAL - } -- AlgorithmIdentifier -- OPTIONAL, - issuer [3] IMPLICIT CHOICE { - rdnSequence CRMFRDNSequence - } -- Name -- OPTIONAL, - validity [4] SEQUENCE { - notBefore [0] Time OPTIONAL, - notAfter [1] Time OPTIONAL - } -- OptionalValidity -- OPTIONAL, - subject [5] IMPLICIT CHOICE { - rdnSequence CRMFRDNSequence - } -- Name -- OPTIONAL, - publicKey [6] IMPLICIT SEQUENCE { - algorithm AlgorithmIdentifier, - subjectPublicKey BIT STRING OPTIONAL - } -- SubjectPublicKeyInfo -- OPTIONAL, - issuerUID [7] IMPLICIT BIT STRING OPTIONAL, - subjectUID [8] IMPLICIT BIT STRING OPTIONAL, - extensions [9] IMPLICIT SEQUENCE OF Extension OPTIONAL -} - -CertRequest ::= SEQUENCE { - certReqId INTEGER, - certTemplate CertTemplate, - controls Controls OPTIONAL -} - -CertReqMsg ::= SEQUENCE { - certReq CertRequest, - popo ProofOfPossession OPTIONAL, - regInfo SEQUENCE OF AttributeTypeAndValue OPTIONAL } - -CertReqMessages ::= SEQUENCE OF CertReqMsg - - -END - diff --git a/crypto/heimdal/lib/hx509/crypto.c b/crypto/heimdal/lib/hx509/crypto.c deleted file mode 100644 index e0f00ad7b45b..000000000000 --- a/crypto/heimdal/lib/hx509/crypto.c +++ /dev/null @@ -1,2706 +0,0 @@ -/* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -RCSID("$Id: crypto.c 22435 2008-01-14 20:53:56Z lha $"); - -struct hx509_crypto; - -struct signature_alg; - -enum crypto_op_type { - COT_SIGN -}; - -struct hx509_generate_private_context { - const heim_oid *key_oid; - int isCA; - unsigned long num_bits; -}; - -struct hx509_private_key_ops { - const char *pemtype; - const heim_oid *(*key_oid)(void); - int (*get_spki)(hx509_context, - const hx509_private_key, - SubjectPublicKeyInfo *); - int (*export)(hx509_context context, - const hx509_private_key, - heim_octet_string *); - int (*import)(hx509_context, - const void *data, - size_t len, - hx509_private_key private_key); - int (*generate_private_key)(hx509_context, - struct hx509_generate_private_context *, - hx509_private_key); - BIGNUM *(*get_internal)(hx509_context, hx509_private_key, const char *); - int (*handle_alg)(const hx509_private_key, - const AlgorithmIdentifier *, - enum crypto_op_type); - int (*sign)(hx509_context context, - const hx509_private_key, - const AlgorithmIdentifier *, - const heim_octet_string *, - AlgorithmIdentifier *, - heim_octet_string *); -#if 0 - const AlgorithmIdentifier *(*preferred_sig_alg) - (const hx509_private_key, - const hx509_peer_info); - int (*unwrap)(hx509_context context, - const hx509_private_key, - const AlgorithmIdentifier *, - const heim_octet_string *, - heim_octet_string *); -#endif -}; - -struct hx509_private_key { - unsigned int ref; - const struct signature_alg *md; - const heim_oid *signature_alg; - union { - RSA *rsa; - void *keydata; - } private_key; - /* new crypto layer */ - hx509_private_key_ops *ops; -}; - -/* - * - */ - -struct signature_alg { - const char *name; - const heim_oid *(*sig_oid)(void); - const AlgorithmIdentifier *(*sig_alg)(void); - const heim_oid *(*key_oid)(void); - const heim_oid *(*digest_oid)(void); - int flags; -#define PROVIDE_CONF 1 -#define REQUIRE_SIGNER 2 - -#define SIG_DIGEST 0x100 -#define SIG_PUBLIC_SIG 0x200 -#define SIG_SECRET 0x400 - -#define RA_RSA_USES_DIGEST_INFO 0x1000000 - - - int (*verify_signature)(hx509_context context, - const struct signature_alg *, - const Certificate *, - const AlgorithmIdentifier *, - const heim_octet_string *, - const heim_octet_string *); - int (*create_signature)(hx509_context, - const struct signature_alg *, - const hx509_private_key, - const AlgorithmIdentifier *, - const heim_octet_string *, - AlgorithmIdentifier *, - heim_octet_string *); -}; - -/* - * - */ - -static BIGNUM * -heim_int2BN(const heim_integer *i) -{ - BIGNUM *bn; - - bn = BN_bin2bn(i->data, i->length, NULL); - BN_set_negative(bn, i->negative); - return bn; -} - -/* - * - */ - -static int -set_digest_alg(DigestAlgorithmIdentifier *id, - const heim_oid *oid, - const void *param, size_t length) -{ - int ret; - if (param) { - id->parameters = malloc(sizeof(*id->parameters)); - if (id->parameters == NULL) - return ENOMEM; - id->parameters->data = malloc(length); - if (id->parameters->data == NULL) { - free(id->parameters); - id->parameters = NULL; - return ENOMEM; - } - memcpy(id->parameters->data, param, length); - id->parameters->length = length; - } else - id->parameters = NULL; - ret = der_copy_oid(oid, &id->algorithm); - if (ret) { - if (id->parameters) { - free(id->parameters->data); - free(id->parameters); - id->parameters = NULL; - } - return ret; - } - return 0; -} - -/* - * - */ - -static int -rsa_verify_signature(hx509_context context, - const struct signature_alg *sig_alg, - const Certificate *signer, - const AlgorithmIdentifier *alg, - const heim_octet_string *data, - const heim_octet_string *sig) -{ - const SubjectPublicKeyInfo *spi; - DigestInfo di; - unsigned char *to; - int tosize, retsize; - int ret; - RSA *rsa; - RSAPublicKey pk; - size_t size; - - memset(&di, 0, sizeof(di)); - - spi = &signer->tbsCertificate.subjectPublicKeyInfo; - - rsa = RSA_new(); - if (rsa == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - ret = decode_RSAPublicKey(spi->subjectPublicKey.data, - spi->subjectPublicKey.length / 8, - &pk, &size); - if (ret) { - hx509_set_error_string(context, 0, ret, "Failed to decode RSAPublicKey"); - goto out; - } - - rsa->n = heim_int2BN(&pk.modulus); - rsa->e = heim_int2BN(&pk.publicExponent); - - free_RSAPublicKey(&pk); - - if (rsa->n == NULL || rsa->e == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "out of memory"); - goto out; - } - - tosize = RSA_size(rsa); - to = malloc(tosize); - if (to == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "out of memory"); - goto out; - } - - retsize = RSA_public_decrypt(sig->length, (unsigned char *)sig->data, - to, rsa, RSA_PKCS1_PADDING); - if (retsize <= 0) { - ret = HX509_CRYPTO_SIG_INVALID_FORMAT; - hx509_set_error_string(context, 0, ret, - "RSA public decrypt failed: %d", retsize); - free(to); - goto out; - } - if (retsize > tosize) - _hx509_abort("internal rsa decryption failure: ret > tosize"); - - if (sig_alg->flags & RA_RSA_USES_DIGEST_INFO) { - - ret = decode_DigestInfo(to, retsize, &di, &size); - free(to); - if (ret) { - goto out; - } - - /* Check for extra data inside the sigature */ - if (size != retsize) { - ret = HX509_CRYPTO_SIG_INVALID_FORMAT; - hx509_set_error_string(context, 0, ret, "size from decryption mismatch"); - goto out; - } - - if (sig_alg->digest_oid && - der_heim_oid_cmp(&di.digestAlgorithm.algorithm, - (*sig_alg->digest_oid)()) != 0) - { - ret = HX509_CRYPTO_OID_MISMATCH; - hx509_set_error_string(context, 0, ret, "object identifier in RSA sig mismatch"); - goto out; - } - - /* verify that the parameters are NULL or the NULL-type */ - if (di.digestAlgorithm.parameters != NULL && - (di.digestAlgorithm.parameters->length != 2 || - memcmp(di.digestAlgorithm.parameters->data, "\x05\x00", 2) != 0)) - { - ret = HX509_CRYPTO_SIG_INVALID_FORMAT; - hx509_set_error_string(context, 0, ret, "Extra parameters inside RSA signature"); - goto out; - } - - ret = _hx509_verify_signature(context, - NULL, - &di.digestAlgorithm, - data, - &di.digest); - } else { - if (retsize != data->length || - memcmp(to, data->data, retsize) != 0) - { - ret = HX509_CRYPTO_SIG_INVALID_FORMAT; - hx509_set_error_string(context, 0, ret, "RSA Signature incorrect"); - goto out; - } - free(to); - } - - out: - free_DigestInfo(&di); - RSA_free(rsa); - return ret; -} - -static int -rsa_create_signature(hx509_context context, - const struct signature_alg *sig_alg, - const hx509_private_key signer, - const AlgorithmIdentifier *alg, - const heim_octet_string *data, - AlgorithmIdentifier *signatureAlgorithm, - heim_octet_string *sig) -{ - const AlgorithmIdentifier *digest_alg; - heim_octet_string indata; - const heim_oid *sig_oid; - size_t size; - int ret; - - if (alg) - sig_oid = &alg->algorithm; - else - sig_oid = signer->signature_alg; - - if (der_heim_oid_cmp(sig_oid, oid_id_pkcs1_sha256WithRSAEncryption()) == 0) { - digest_alg = hx509_signature_sha256(); - } else if (der_heim_oid_cmp(sig_oid, oid_id_pkcs1_sha1WithRSAEncryption()) == 0) { - digest_alg = hx509_signature_sha1(); - } else if (der_heim_oid_cmp(sig_oid, oid_id_pkcs1_md5WithRSAEncryption()) == 0) { - digest_alg = hx509_signature_md5(); - } else if (der_heim_oid_cmp(sig_oid, oid_id_pkcs1_md5WithRSAEncryption()) == 0) { - digest_alg = hx509_signature_md5(); - } else if (der_heim_oid_cmp(sig_oid, oid_id_dsa_with_sha1()) == 0) { - digest_alg = hx509_signature_sha1(); - } else if (der_heim_oid_cmp(sig_oid, oid_id_pkcs1_rsaEncryption()) == 0) { - digest_alg = hx509_signature_sha1(); - } else if (der_heim_oid_cmp(sig_oid, oid_id_heim_rsa_pkcs1_x509()) == 0) { - digest_alg = NULL; - } else - return HX509_ALG_NOT_SUPP; - - if (signatureAlgorithm) { - ret = set_digest_alg(signatureAlgorithm, sig_oid, "\x05\x00", 2); - if (ret) { - hx509_clear_error_string(context); - return ret; - } - } - - if (digest_alg) { - DigestInfo di; - memset(&di, 0, sizeof(di)); - - ret = _hx509_create_signature(context, - NULL, - digest_alg, - data, - &di.digestAlgorithm, - &di.digest); - if (ret) - return ret; - ASN1_MALLOC_ENCODE(DigestInfo, - indata.data, - indata.length, - &di, - &size, - ret); - free_DigestInfo(&di); - if (ret) { - hx509_set_error_string(context, 0, ret, "out of memory"); - return ret; - } - if (indata.length != size) - _hx509_abort("internal ASN.1 encoder error"); - } else { - indata = *data; - } - - sig->length = RSA_size(signer->private_key.rsa); - sig->data = malloc(sig->length); - if (sig->data == NULL) { - der_free_octet_string(&indata); - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - - ret = RSA_private_encrypt(indata.length, indata.data, - sig->data, - signer->private_key.rsa, - RSA_PKCS1_PADDING); - if (indata.data != data->data) - der_free_octet_string(&indata); - if (ret <= 0) { - ret = HX509_CMS_FAILED_CREATE_SIGATURE; - hx509_set_error_string(context, 0, ret, - "RSA private decrypt failed: %d", ret); - return ret; - } - if (ret > sig->length) - _hx509_abort("RSA signature prelen longer the output len"); - - sig->length = ret; - - return 0; -} - -static int -rsa_private_key_import(hx509_context context, - const void *data, - size_t len, - hx509_private_key private_key) -{ - const unsigned char *p = data; - - private_key->private_key.rsa = - d2i_RSAPrivateKey(NULL, &p, len); - if (private_key->private_key.rsa == NULL) { - hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, - "Failed to parse RSA key"); - return HX509_PARSING_KEY_FAILED; - } - private_key->signature_alg = oid_id_pkcs1_sha1WithRSAEncryption(); - - return 0; -} - -static int -rsa_private_key2SPKI(hx509_context context, - hx509_private_key private_key, - SubjectPublicKeyInfo *spki) -{ - int len, ret; - - memset(spki, 0, sizeof(*spki)); - - len = i2d_RSAPublicKey(private_key->private_key.rsa, NULL); - - spki->subjectPublicKey.data = malloc(len); - if (spki->subjectPublicKey.data == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "malloc - out of memory"); - return ENOMEM; - } - spki->subjectPublicKey.length = len * 8; - - ret = set_digest_alg(&spki->algorithm,oid_id_pkcs1_rsaEncryption(), - "\x05\x00", 2); - if (ret) { - hx509_set_error_string(context, 0, ret, "malloc - out of memory"); - free(spki->subjectPublicKey.data); - spki->subjectPublicKey.data = NULL; - spki->subjectPublicKey.length = 0; - return ret; - } - - { - unsigned char *pp = spki->subjectPublicKey.data; - i2d_RSAPublicKey(private_key->private_key.rsa, &pp); - } - - return 0; -} - -static int -rsa_generate_private_key(hx509_context context, - struct hx509_generate_private_context *ctx, - hx509_private_key private_key) -{ - BIGNUM *e; - int ret; - unsigned long bits; - - static const int default_rsa_e = 65537; - static const int default_rsa_bits = 1024; - - private_key->private_key.rsa = RSA_new(); - if (private_key->private_key.rsa == NULL) { - hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, - "Failed to generate RSA key"); - return HX509_PARSING_KEY_FAILED; - } - - e = BN_new(); - BN_set_word(e, default_rsa_e); - - bits = default_rsa_bits; - - if (ctx->num_bits) - bits = ctx->num_bits; - else if (ctx->isCA) - bits *= 2; - - ret = RSA_generate_key_ex(private_key->private_key.rsa, bits, e, NULL); - BN_free(e); - if (ret != 1) { - hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, - "Failed to generate RSA key"); - return HX509_PARSING_KEY_FAILED; - } - private_key->signature_alg = oid_id_pkcs1_sha1WithRSAEncryption(); - - return 0; -} - -static int -rsa_private_key_export(hx509_context context, - const hx509_private_key key, - heim_octet_string *data) -{ - int ret; - - data->data = NULL; - data->length = 0; - - ret = i2d_RSAPrivateKey(key->private_key.rsa, NULL); - if (ret <= 0) { - ret = EINVAL; - hx509_set_error_string(context, 0, ret, - "Private key is not exportable"); - return ret; - } - - data->data = malloc(ret); - if (data->data == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "malloc out of memory"); - return ret; - } - data->length = ret; - - { - unsigned char *p = data->data; - i2d_RSAPrivateKey(key->private_key.rsa, &p); - } - - return 0; -} - -static BIGNUM * -rsa_get_internal(hx509_context context, hx509_private_key key, const char *type) -{ - if (strcasecmp(type, "rsa-modulus") == 0) { - return BN_dup(key->private_key.rsa->n); - } else if (strcasecmp(type, "rsa-exponent") == 0) { - return BN_dup(key->private_key.rsa->e); - } else - return NULL; -} - - - -static hx509_private_key_ops rsa_private_key_ops = { - "RSA PRIVATE KEY", - oid_id_pkcs1_rsaEncryption, - rsa_private_key2SPKI, - rsa_private_key_export, - rsa_private_key_import, - rsa_generate_private_key, - rsa_get_internal -}; - - -/* - * - */ - -static int -dsa_verify_signature(hx509_context context, - const struct signature_alg *sig_alg, - const Certificate *signer, - const AlgorithmIdentifier *alg, - const heim_octet_string *data, - const heim_octet_string *sig) -{ - const SubjectPublicKeyInfo *spi; - DSAPublicKey pk; - DSAParams param; - size_t size; - DSA *dsa; - int ret; - - spi = &signer->tbsCertificate.subjectPublicKeyInfo; - - dsa = DSA_new(); - if (dsa == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - - ret = decode_DSAPublicKey(spi->subjectPublicKey.data, - spi->subjectPublicKey.length / 8, - &pk, &size); - if (ret) - goto out; - - dsa->pub_key = heim_int2BN(&pk); - - free_DSAPublicKey(&pk); - - if (dsa->pub_key == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "out of memory"); - goto out; - } - - if (spi->algorithm.parameters == NULL) { - ret = HX509_CRYPTO_SIG_INVALID_FORMAT; - hx509_set_error_string(context, 0, ret, "DSA parameters missing"); - goto out; - } - - ret = decode_DSAParams(spi->algorithm.parameters->data, - spi->algorithm.parameters->length, - ¶m, - &size); - if (ret) { - hx509_set_error_string(context, 0, ret, "DSA parameters failed to decode"); - goto out; - } - - dsa->p = heim_int2BN(¶m.p); - dsa->q = heim_int2BN(¶m.q); - dsa->g = heim_int2BN(¶m.g); - - free_DSAParams(¶m); - - if (dsa->p == NULL || dsa->q == NULL || dsa->g == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "out of memory"); - goto out; - } - - ret = DSA_verify(-1, data->data, data->length, - (unsigned char*)sig->data, sig->length, - dsa); - if (ret == 1) - ret = 0; - else if (ret == 0 || ret == -1) { - ret = HX509_CRYPTO_BAD_SIGNATURE; - hx509_set_error_string(context, 0, ret, "BAD DSA sigature"); - } else { - ret = HX509_CRYPTO_SIG_INVALID_FORMAT; - hx509_set_error_string(context, 0, ret, "Invalid format of DSA sigature"); - } - - out: - DSA_free(dsa); - - return ret; -} - -#if 0 -static int -dsa_parse_private_key(hx509_context context, - const void *data, - size_t len, - hx509_private_key private_key) -{ - const unsigned char *p = data; - - private_key->private_key.dsa = - d2i_DSAPrivateKey(NULL, &p, len); - if (private_key->private_key.dsa == NULL) - return EINVAL; - private_key->signature_alg = oid_id_dsa_with_sha1(); - - return 0; -/* else */ - hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, - "No support to parse DSA keys"); - return HX509_PARSING_KEY_FAILED; -} -#endif - - -static int -sha1_verify_signature(hx509_context context, - const struct signature_alg *sig_alg, - const Certificate *signer, - const AlgorithmIdentifier *alg, - const heim_octet_string *data, - const heim_octet_string *sig) -{ - unsigned char digest[SHA_DIGEST_LENGTH]; - SHA_CTX m; - - if (sig->length != SHA_DIGEST_LENGTH) { - hx509_set_error_string(context, 0, HX509_CRYPTO_SIG_INVALID_FORMAT, - "SHA1 sigature have wrong length"); - return HX509_CRYPTO_SIG_INVALID_FORMAT; - } - - SHA1_Init(&m); - SHA1_Update(&m, data->data, data->length); - SHA1_Final (digest, &m); - - if (memcmp(digest, sig->data, SHA_DIGEST_LENGTH) != 0) { - hx509_set_error_string(context, 0, HX509_CRYPTO_BAD_SIGNATURE, - "Bad SHA1 sigature"); - return HX509_CRYPTO_BAD_SIGNATURE; - } - - return 0; -} - -static int -sha256_create_signature(hx509_context context, - const struct signature_alg *sig_alg, - const hx509_private_key signer, - const AlgorithmIdentifier *alg, - const heim_octet_string *data, - AlgorithmIdentifier *signatureAlgorithm, - heim_octet_string *sig) -{ - SHA256_CTX m; - - memset(sig, 0, sizeof(*sig)); - - if (signatureAlgorithm) { - int ret; - ret = set_digest_alg(signatureAlgorithm, (*sig_alg->sig_oid)(), - "\x05\x00", 2); - if (ret) - return ret; - } - - - sig->data = malloc(SHA256_DIGEST_LENGTH); - if (sig->data == NULL) { - sig->length = 0; - return ENOMEM; - } - sig->length = SHA256_DIGEST_LENGTH; - - SHA256_Init(&m); - SHA256_Update(&m, data->data, data->length); - SHA256_Final (sig->data, &m); - - return 0; -} - -static int -sha256_verify_signature(hx509_context context, - const struct signature_alg *sig_alg, - const Certificate *signer, - const AlgorithmIdentifier *alg, - const heim_octet_string *data, - const heim_octet_string *sig) -{ - unsigned char digest[SHA256_DIGEST_LENGTH]; - SHA256_CTX m; - - if (sig->length != SHA256_DIGEST_LENGTH) { - hx509_set_error_string(context, 0, HX509_CRYPTO_SIG_INVALID_FORMAT, - "SHA256 sigature have wrong length"); - return HX509_CRYPTO_SIG_INVALID_FORMAT; - } - - SHA256_Init(&m); - SHA256_Update(&m, data->data, data->length); - SHA256_Final (digest, &m); - - if (memcmp(digest, sig->data, SHA256_DIGEST_LENGTH) != 0) { - hx509_set_error_string(context, 0, HX509_CRYPTO_BAD_SIGNATURE, - "Bad SHA256 sigature"); - return HX509_CRYPTO_BAD_SIGNATURE; - } - - return 0; -} - -static int -sha1_create_signature(hx509_context context, - const struct signature_alg *sig_alg, - const hx509_private_key signer, - const AlgorithmIdentifier *alg, - const heim_octet_string *data, - AlgorithmIdentifier *signatureAlgorithm, - heim_octet_string *sig) -{ - SHA_CTX m; - - memset(sig, 0, sizeof(*sig)); - - if (signatureAlgorithm) { - int ret; - ret = set_digest_alg(signatureAlgorithm, (*sig_alg->sig_oid)(), - "\x05\x00", 2); - if (ret) - return ret; - } - - - sig->data = malloc(SHA_DIGEST_LENGTH); - if (sig->data == NULL) { - sig->length = 0; - return ENOMEM; - } - sig->length = SHA_DIGEST_LENGTH; - - SHA1_Init(&m); - SHA1_Update(&m, data->data, data->length); - SHA1_Final (sig->data, &m); - - return 0; -} - -static int -md5_verify_signature(hx509_context context, - const struct signature_alg *sig_alg, - const Certificate *signer, - const AlgorithmIdentifier *alg, - const heim_octet_string *data, - const heim_octet_string *sig) -{ - unsigned char digest[MD5_DIGEST_LENGTH]; - MD5_CTX m; - - if (sig->length != MD5_DIGEST_LENGTH) { - hx509_set_error_string(context, 0, HX509_CRYPTO_SIG_INVALID_FORMAT, - "MD5 sigature have wrong length"); - return HX509_CRYPTO_SIG_INVALID_FORMAT; - } - - MD5_Init(&m); - MD5_Update(&m, data->data, data->length); - MD5_Final (digest, &m); - - if (memcmp(digest, sig->data, MD5_DIGEST_LENGTH) != 0) { - hx509_set_error_string(context, 0, HX509_CRYPTO_BAD_SIGNATURE, - "Bad MD5 sigature"); - return HX509_CRYPTO_BAD_SIGNATURE; - } - - return 0; -} - -static int -md2_verify_signature(hx509_context context, - const struct signature_alg *sig_alg, - const Certificate *signer, - const AlgorithmIdentifier *alg, - const heim_octet_string *data, - const heim_octet_string *sig) -{ - unsigned char digest[MD2_DIGEST_LENGTH]; - MD2_CTX m; - - if (sig->length != MD2_DIGEST_LENGTH) { - hx509_set_error_string(context, 0, HX509_CRYPTO_SIG_INVALID_FORMAT, - "MD2 sigature have wrong length"); - return HX509_CRYPTO_SIG_INVALID_FORMAT; - } - - MD2_Init(&m); - MD2_Update(&m, data->data, data->length); - MD2_Final (digest, &m); - - if (memcmp(digest, sig->data, MD2_DIGEST_LENGTH) != 0) { - hx509_set_error_string(context, 0, HX509_CRYPTO_BAD_SIGNATURE, - "Bad MD2 sigature"); - return HX509_CRYPTO_BAD_SIGNATURE; - } - - return 0; -} - -static const struct signature_alg heim_rsa_pkcs1_x509 = { - "rsa-pkcs1-x509", - oid_id_heim_rsa_pkcs1_x509, - hx509_signature_rsa_pkcs1_x509, - oid_id_pkcs1_rsaEncryption, - NULL, - PROVIDE_CONF|REQUIRE_SIGNER|SIG_PUBLIC_SIG, - rsa_verify_signature, - rsa_create_signature -}; - -static const struct signature_alg pkcs1_rsa_sha1_alg = { - "rsa", - oid_id_pkcs1_rsaEncryption, - hx509_signature_rsa_with_sha1, - oid_id_pkcs1_rsaEncryption, - NULL, - PROVIDE_CONF|REQUIRE_SIGNER|RA_RSA_USES_DIGEST_INFO|SIG_PUBLIC_SIG, - rsa_verify_signature, - rsa_create_signature -}; - -static const struct signature_alg rsa_with_sha256_alg = { - "rsa-with-sha256", - oid_id_pkcs1_sha256WithRSAEncryption, - hx509_signature_rsa_with_sha256, - oid_id_pkcs1_rsaEncryption, - oid_id_sha256, - PROVIDE_CONF|REQUIRE_SIGNER|RA_RSA_USES_DIGEST_INFO|SIG_PUBLIC_SIG, - rsa_verify_signature, - rsa_create_signature -}; - -static const struct signature_alg rsa_with_sha1_alg = { - "rsa-with-sha1", - oid_id_pkcs1_sha1WithRSAEncryption, - hx509_signature_rsa_with_sha1, - oid_id_pkcs1_rsaEncryption, - oid_id_secsig_sha_1, - PROVIDE_CONF|REQUIRE_SIGNER|RA_RSA_USES_DIGEST_INFO|SIG_PUBLIC_SIG, - rsa_verify_signature, - rsa_create_signature -}; - -static const struct signature_alg rsa_with_md5_alg = { - "rsa-with-md5", - oid_id_pkcs1_md5WithRSAEncryption, - hx509_signature_rsa_with_md5, - oid_id_pkcs1_rsaEncryption, - oid_id_rsa_digest_md5, - PROVIDE_CONF|REQUIRE_SIGNER|RA_RSA_USES_DIGEST_INFO|SIG_PUBLIC_SIG, - rsa_verify_signature, - rsa_create_signature -}; - -static const struct signature_alg rsa_with_md2_alg = { - "rsa-with-md2", - oid_id_pkcs1_md2WithRSAEncryption, - hx509_signature_rsa_with_md2, - oid_id_pkcs1_rsaEncryption, - oid_id_rsa_digest_md2, - PROVIDE_CONF|REQUIRE_SIGNER|RA_RSA_USES_DIGEST_INFO|SIG_PUBLIC_SIG, - rsa_verify_signature, - rsa_create_signature -}; - -static const struct signature_alg dsa_sha1_alg = { - "dsa-with-sha1", - oid_id_dsa_with_sha1, - NULL, - oid_id_dsa, - oid_id_secsig_sha_1, - PROVIDE_CONF|REQUIRE_SIGNER|SIG_PUBLIC_SIG, - dsa_verify_signature, - /* create_signature */ NULL, -}; - -static const struct signature_alg sha256_alg = { - "sha-256", - oid_id_sha256, - hx509_signature_sha256, - NULL, - NULL, - SIG_DIGEST, - sha256_verify_signature, - sha256_create_signature -}; - -static const struct signature_alg sha1_alg = { - "sha1", - oid_id_secsig_sha_1, - hx509_signature_sha1, - NULL, - NULL, - SIG_DIGEST, - sha1_verify_signature, - sha1_create_signature -}; - -static const struct signature_alg md5_alg = { - "rsa-md5", - oid_id_rsa_digest_md5, - hx509_signature_md5, - NULL, - NULL, - SIG_DIGEST, - md5_verify_signature -}; - -static const struct signature_alg md2_alg = { - "rsa-md2", - oid_id_rsa_digest_md2, - hx509_signature_md2, - NULL, - NULL, - SIG_DIGEST, - md2_verify_signature -}; - -/* - * Order matter in this structure, "best" first for each "key - * compatible" type (type is RSA, DSA, none, etc) - */ - -static const struct signature_alg *sig_algs[] = { - &rsa_with_sha256_alg, - &rsa_with_sha1_alg, - &pkcs1_rsa_sha1_alg, - &rsa_with_md5_alg, - &rsa_with_md2_alg, - &heim_rsa_pkcs1_x509, - &dsa_sha1_alg, - &sha256_alg, - &sha1_alg, - &md5_alg, - &md2_alg, - NULL -}; - -static const struct signature_alg * -find_sig_alg(const heim_oid *oid) -{ - int i; - for (i = 0; sig_algs[i]; i++) - if (der_heim_oid_cmp((*sig_algs[i]->sig_oid)(), oid) == 0) - return sig_algs[i]; - return NULL; -} - -/* - * - */ - -static struct hx509_private_key_ops *private_algs[] = { - &rsa_private_key_ops, - NULL -}; - -static hx509_private_key_ops * -find_private_alg(const heim_oid *oid) -{ - int i; - for (i = 0; private_algs[i]; i++) { - if (private_algs[i]->key_oid == NULL) - continue; - if (der_heim_oid_cmp((*private_algs[i]->key_oid)(), oid) == 0) - return private_algs[i]; - } - return NULL; -} - - -int -_hx509_verify_signature(hx509_context context, - const Certificate *signer, - const AlgorithmIdentifier *alg, - const heim_octet_string *data, - const heim_octet_string *sig) -{ - const struct signature_alg *md; - - md = find_sig_alg(&alg->algorithm); - if (md == NULL) { - hx509_clear_error_string(context); - return HX509_SIG_ALG_NO_SUPPORTED; - } - if (signer && (md->flags & PROVIDE_CONF) == 0) { - hx509_clear_error_string(context); - return HX509_CRYPTO_SIG_NO_CONF; - } - if (signer == NULL && (md->flags & REQUIRE_SIGNER)) { - hx509_clear_error_string(context); - return HX509_CRYPTO_SIGNATURE_WITHOUT_SIGNER; - } - if (md->key_oid && signer) { - const SubjectPublicKeyInfo *spi; - spi = &signer->tbsCertificate.subjectPublicKeyInfo; - - if (der_heim_oid_cmp(&spi->algorithm.algorithm, (*md->key_oid)()) != 0) { - hx509_clear_error_string(context); - return HX509_SIG_ALG_DONT_MATCH_KEY_ALG; - } - } - return (*md->verify_signature)(context, md, signer, alg, data, sig); -} - -int -_hx509_verify_signature_bitstring(hx509_context context, - const Certificate *signer, - const AlgorithmIdentifier *alg, - const heim_octet_string *data, - const heim_bit_string *sig) -{ - heim_octet_string os; - - if (sig->length & 7) { - hx509_set_error_string(context, 0, HX509_CRYPTO_SIG_INVALID_FORMAT, - "signature not multiple of 8 bits"); - return HX509_CRYPTO_SIG_INVALID_FORMAT; - } - - os.data = sig->data; - os.length = sig->length / 8; - - return _hx509_verify_signature(context, signer, alg, data, &os); -} - -int -_hx509_create_signature(hx509_context context, - const hx509_private_key signer, - const AlgorithmIdentifier *alg, - const heim_octet_string *data, - AlgorithmIdentifier *signatureAlgorithm, - heim_octet_string *sig) -{ - const struct signature_alg *md; - - if (signer && signer->ops && signer->ops->handle_alg && - (*signer->ops->handle_alg)(signer, alg, COT_SIGN)) - { - return (*signer->ops->sign)(context, signer, alg, data, - signatureAlgorithm, sig); - } - - md = find_sig_alg(&alg->algorithm); - if (md == NULL) { - hx509_set_error_string(context, 0, HX509_SIG_ALG_NO_SUPPORTED, - "algorithm no supported"); - return HX509_SIG_ALG_NO_SUPPORTED; - } - - if (signer && (md->flags & PROVIDE_CONF) == 0) { - hx509_set_error_string(context, 0, HX509_SIG_ALG_NO_SUPPORTED, - "algorithm provides no conf"); - return HX509_CRYPTO_SIG_NO_CONF; - } - - return (*md->create_signature)(context, md, signer, alg, data, - signatureAlgorithm, sig); -} - -int -_hx509_create_signature_bitstring(hx509_context context, - const hx509_private_key signer, - const AlgorithmIdentifier *alg, - const heim_octet_string *data, - AlgorithmIdentifier *signatureAlgorithm, - heim_bit_string *sig) -{ - heim_octet_string os; - int ret; - - ret = _hx509_create_signature(context, signer, alg, - data, signatureAlgorithm, &os); - if (ret) - return ret; - sig->data = os.data; - sig->length = os.length * 8; - return 0; -} - -int -_hx509_public_encrypt(hx509_context context, - const heim_octet_string *cleartext, - const Certificate *cert, - heim_oid *encryption_oid, - heim_octet_string *ciphertext) -{ - const SubjectPublicKeyInfo *spi; - unsigned char *to; - int tosize; - int ret; - RSA *rsa; - RSAPublicKey pk; - size_t size; - - ciphertext->data = NULL; - ciphertext->length = 0; - - spi = &cert->tbsCertificate.subjectPublicKeyInfo; - - rsa = RSA_new(); - if (rsa == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - - ret = decode_RSAPublicKey(spi->subjectPublicKey.data, - spi->subjectPublicKey.length / 8, - &pk, &size); - if (ret) { - RSA_free(rsa); - hx509_set_error_string(context, 0, ret, "RSAPublicKey decode failure"); - return ret; - } - rsa->n = heim_int2BN(&pk.modulus); - rsa->e = heim_int2BN(&pk.publicExponent); - - free_RSAPublicKey(&pk); - - if (rsa->n == NULL || rsa->e == NULL) { - RSA_free(rsa); - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - - tosize = RSA_size(rsa); - to = malloc(tosize); - if (to == NULL) { - RSA_free(rsa); - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - - ret = RSA_public_encrypt(cleartext->length, - (unsigned char *)cleartext->data, - to, rsa, RSA_PKCS1_PADDING); - RSA_free(rsa); - if (ret <= 0) { - free(to); - hx509_set_error_string(context, 0, HX509_CRYPTO_RSA_PUBLIC_ENCRYPT, - "RSA public encrypt failed with %d", ret); - return HX509_CRYPTO_RSA_PUBLIC_ENCRYPT; - } - if (ret > tosize) - _hx509_abort("internal rsa decryption failure: ret > tosize"); - - ciphertext->length = ret; - ciphertext->data = to; - - ret = der_copy_oid(oid_id_pkcs1_rsaEncryption(), encryption_oid); - if (ret) { - der_free_octet_string(ciphertext); - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - - return 0; -} - -int -_hx509_private_key_private_decrypt(hx509_context context, - const heim_octet_string *ciphertext, - const heim_oid *encryption_oid, - hx509_private_key p, - heim_octet_string *cleartext) -{ - int ret; - - cleartext->data = NULL; - cleartext->length = 0; - - if (p->private_key.rsa == NULL) { - hx509_set_error_string(context, 0, HX509_PRIVATE_KEY_MISSING, - "Private RSA key missing"); - return HX509_PRIVATE_KEY_MISSING; - } - - cleartext->length = RSA_size(p->private_key.rsa); - cleartext->data = malloc(cleartext->length); - if (cleartext->data == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - ret = RSA_private_decrypt(ciphertext->length, ciphertext->data, - cleartext->data, - p->private_key.rsa, - RSA_PKCS1_PADDING); - if (ret <= 0) { - der_free_octet_string(cleartext); - hx509_set_error_string(context, 0, HX509_CRYPTO_RSA_PRIVATE_DECRYPT, - "Failed to decrypt using private key: %d", ret); - return HX509_CRYPTO_RSA_PRIVATE_DECRYPT; - } - if (cleartext->length < ret) - _hx509_abort("internal rsa decryption failure: ret > tosize"); - - cleartext->length = ret; - - return 0; -} - - -int -_hx509_parse_private_key(hx509_context context, - const heim_oid *key_oid, - const void *data, - size_t len, - hx509_private_key *private_key) -{ - struct hx509_private_key_ops *ops; - int ret; - - *private_key = NULL; - - ops = find_private_alg(key_oid); - if (ops == NULL) { - hx509_clear_error_string(context); - return HX509_SIG_ALG_NO_SUPPORTED; - } - - ret = _hx509_private_key_init(private_key, ops, NULL); - if (ret) { - hx509_set_error_string(context, 0, ret, "out of memory"); - return ret; - } - - ret = (*ops->import)(context, data, len, *private_key); - if (ret) - _hx509_private_key_free(private_key); - - return ret; -} - -/* - * - */ - -int -_hx509_private_key2SPKI(hx509_context context, - hx509_private_key private_key, - SubjectPublicKeyInfo *spki) -{ - const struct hx509_private_key_ops *ops = private_key->ops; - if (ops == NULL || ops->get_spki == NULL) { - hx509_set_error_string(context, 0, HX509_UNIMPLEMENTED_OPERATION, - "Private key have no key2SPKI function"); - return HX509_UNIMPLEMENTED_OPERATION; - } - return (*ops->get_spki)(context, private_key, spki); -} - -int -_hx509_generate_private_key_init(hx509_context context, - const heim_oid *oid, - struct hx509_generate_private_context **ctx) -{ - *ctx = NULL; - - if (der_heim_oid_cmp(oid, oid_id_pkcs1_rsaEncryption()) != 0) { - hx509_set_error_string(context, 0, EINVAL, - "private key not an RSA key"); - return EINVAL; - } - - *ctx = calloc(1, sizeof(**ctx)); - if (*ctx == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - (*ctx)->key_oid = oid; - - return 0; -} - -int -_hx509_generate_private_key_is_ca(hx509_context context, - struct hx509_generate_private_context *ctx) -{ - ctx->isCA = 1; - return 0; -} - -int -_hx509_generate_private_key_bits(hx509_context context, - struct hx509_generate_private_context *ctx, - unsigned long bits) -{ - ctx->num_bits = bits; - return 0; -} - - -void -_hx509_generate_private_key_free(struct hx509_generate_private_context **ctx) -{ - free(*ctx); - *ctx = NULL; -} - -int -_hx509_generate_private_key(hx509_context context, - struct hx509_generate_private_context *ctx, - hx509_private_key *private_key) -{ - struct hx509_private_key_ops *ops; - int ret; - - *private_key = NULL; - - ops = find_private_alg(ctx->key_oid); - if (ops == NULL) { - hx509_clear_error_string(context); - return HX509_SIG_ALG_NO_SUPPORTED; - } - - ret = _hx509_private_key_init(private_key, ops, NULL); - if (ret) { - hx509_set_error_string(context, 0, ret, "out of memory"); - return ret; - } - - ret = (*ops->generate_private_key)(context, ctx, *private_key); - if (ret) - _hx509_private_key_free(private_key); - - return ret; -} - - -/* - * - */ - -static const heim_octet_string null_entry_oid = { 2, rk_UNCONST("\x05\x00") }; - -static const unsigned sha512_oid_tree[] = { 2, 16, 840, 1, 101, 3, 4, 2, 3 }; -const AlgorithmIdentifier _hx509_signature_sha512_data = { - { 9, rk_UNCONST(sha512_oid_tree) }, rk_UNCONST(&null_entry_oid) -}; - -static const unsigned sha384_oid_tree[] = { 2, 16, 840, 1, 101, 3, 4, 2, 2 }; -const AlgorithmIdentifier _hx509_signature_sha384_data = { - { 9, rk_UNCONST(sha384_oid_tree) }, rk_UNCONST(&null_entry_oid) -}; - -static const unsigned sha256_oid_tree[] = { 2, 16, 840, 1, 101, 3, 4, 2, 1 }; -const AlgorithmIdentifier _hx509_signature_sha256_data = { - { 9, rk_UNCONST(sha256_oid_tree) }, rk_UNCONST(&null_entry_oid) -}; - -static const unsigned sha1_oid_tree[] = { 1, 3, 14, 3, 2, 26 }; -const AlgorithmIdentifier _hx509_signature_sha1_data = { - { 6, rk_UNCONST(sha1_oid_tree) }, rk_UNCONST(&null_entry_oid) -}; - -static const unsigned md5_oid_tree[] = { 1, 2, 840, 113549, 2, 5 }; -const AlgorithmIdentifier _hx509_signature_md5_data = { - { 6, rk_UNCONST(md5_oid_tree) }, rk_UNCONST(&null_entry_oid) -}; - -static const unsigned md2_oid_tree[] = { 1, 2, 840, 113549, 2, 2 }; -const AlgorithmIdentifier _hx509_signature_md2_data = { - { 6, rk_UNCONST(md2_oid_tree) }, rk_UNCONST(&null_entry_oid) -}; - -static const unsigned rsa_with_sha512_oid[] ={ 1, 2, 840, 113549, 1, 1, 13 }; -const AlgorithmIdentifier _hx509_signature_rsa_with_sha512_data = { - { 7, rk_UNCONST(rsa_with_sha512_oid) }, NULL -}; - -static const unsigned rsa_with_sha384_oid[] ={ 1, 2, 840, 113549, 1, 1, 12 }; -const AlgorithmIdentifier _hx509_signature_rsa_with_sha384_data = { - { 7, rk_UNCONST(rsa_with_sha384_oid) }, NULL -}; - -static const unsigned rsa_with_sha256_oid[] ={ 1, 2, 840, 113549, 1, 1, 11 }; -const AlgorithmIdentifier _hx509_signature_rsa_with_sha256_data = { - { 7, rk_UNCONST(rsa_with_sha256_oid) }, NULL -}; - -static const unsigned rsa_with_sha1_oid[] ={ 1, 2, 840, 113549, 1, 1, 5 }; -const AlgorithmIdentifier _hx509_signature_rsa_with_sha1_data = { - { 7, rk_UNCONST(rsa_with_sha1_oid) }, NULL -}; - -static const unsigned rsa_with_md5_oid[] ={ 1, 2, 840, 113549, 1, 1, 4 }; -const AlgorithmIdentifier _hx509_signature_rsa_with_md5_data = { - { 7, rk_UNCONST(rsa_with_md5_oid) }, NULL -}; - -static const unsigned rsa_with_md2_oid[] ={ 1, 2, 840, 113549, 1, 1, 2 }; -const AlgorithmIdentifier _hx509_signature_rsa_with_md2_data = { - { 7, rk_UNCONST(rsa_with_md2_oid) }, NULL -}; - -static const unsigned rsa_oid[] ={ 1, 2, 840, 113549, 1, 1, 1 }; -const AlgorithmIdentifier _hx509_signature_rsa_data = { - { 7, rk_UNCONST(rsa_oid) }, NULL -}; - -static const unsigned rsa_pkcs1_x509_oid[] ={ 1, 2, 752, 43, 16, 1 }; -const AlgorithmIdentifier _hx509_signature_rsa_pkcs1_x509_data = { - { 6, rk_UNCONST(rsa_pkcs1_x509_oid) }, NULL -}; - -static const unsigned des_rsdi_ede3_cbc_oid[] ={ 1, 2, 840, 113549, 3, 7 }; -const AlgorithmIdentifier _hx509_des_rsdi_ede3_cbc_oid = { - { 6, rk_UNCONST(des_rsdi_ede3_cbc_oid) }, NULL -}; - -static const unsigned aes128_cbc_oid[] ={ 2, 16, 840, 1, 101, 3, 4, 1, 2 }; -const AlgorithmIdentifier _hx509_crypto_aes128_cbc_data = { - { 9, rk_UNCONST(aes128_cbc_oid) }, NULL -}; - -static const unsigned aes256_cbc_oid[] ={ 2, 16, 840, 1, 101, 3, 4, 1, 42 }; -const AlgorithmIdentifier _hx509_crypto_aes256_cbc_data = { - { 9, rk_UNCONST(aes256_cbc_oid) }, NULL -}; - -const AlgorithmIdentifier * -hx509_signature_sha512(void) -{ return &_hx509_signature_sha512_data; } - -const AlgorithmIdentifier * -hx509_signature_sha384(void) -{ return &_hx509_signature_sha384_data; } - -const AlgorithmIdentifier * -hx509_signature_sha256(void) -{ return &_hx509_signature_sha256_data; } - -const AlgorithmIdentifier * -hx509_signature_sha1(void) -{ return &_hx509_signature_sha1_data; } - -const AlgorithmIdentifier * -hx509_signature_md5(void) -{ return &_hx509_signature_md5_data; } - -const AlgorithmIdentifier * -hx509_signature_md2(void) -{ return &_hx509_signature_md2_data; } - -const AlgorithmIdentifier * -hx509_signature_rsa_with_sha512(void) -{ return &_hx509_signature_rsa_with_sha512_data; } - -const AlgorithmIdentifier * -hx509_signature_rsa_with_sha384(void) -{ return &_hx509_signature_rsa_with_sha384_data; } - -const AlgorithmIdentifier * -hx509_signature_rsa_with_sha256(void) -{ return &_hx509_signature_rsa_with_sha256_data; } - -const AlgorithmIdentifier * -hx509_signature_rsa_with_sha1(void) -{ return &_hx509_signature_rsa_with_sha1_data; } - -const AlgorithmIdentifier * -hx509_signature_rsa_with_md5(void) -{ return &_hx509_signature_rsa_with_md5_data; } - -const AlgorithmIdentifier * -hx509_signature_rsa_with_md2(void) -{ return &_hx509_signature_rsa_with_md2_data; } - -const AlgorithmIdentifier * -hx509_signature_rsa(void) -{ return &_hx509_signature_rsa_data; } - -const AlgorithmIdentifier * -hx509_signature_rsa_pkcs1_x509(void) -{ return &_hx509_signature_rsa_pkcs1_x509_data; } - -const AlgorithmIdentifier * -hx509_crypto_des_rsdi_ede3_cbc(void) -{ return &_hx509_des_rsdi_ede3_cbc_oid; } - -const AlgorithmIdentifier * -hx509_crypto_aes128_cbc(void) -{ return &_hx509_crypto_aes128_cbc_data; } - -const AlgorithmIdentifier * -hx509_crypto_aes256_cbc(void) -{ return &_hx509_crypto_aes256_cbc_data; } - -/* - * - */ - -const AlgorithmIdentifier * _hx509_crypto_default_sig_alg = - &_hx509_signature_rsa_with_sha1_data; -const AlgorithmIdentifier * _hx509_crypto_default_digest_alg = - &_hx509_signature_sha1_data; -const AlgorithmIdentifier * _hx509_crypto_default_secret_alg = - &_hx509_crypto_aes128_cbc_data; - -/* - * - */ - -int -_hx509_private_key_init(hx509_private_key *key, - hx509_private_key_ops *ops, - void *keydata) -{ - *key = calloc(1, sizeof(**key)); - if (*key == NULL) - return ENOMEM; - (*key)->ref = 1; - (*key)->ops = ops; - (*key)->private_key.keydata = keydata; - return 0; -} - -hx509_private_key -_hx509_private_key_ref(hx509_private_key key) -{ - if (key->ref <= 0) - _hx509_abort("refcount <= 0"); - key->ref++; - if (key->ref == 0) - _hx509_abort("refcount == 0"); - return key; -} - -const char * -_hx509_private_pem_name(hx509_private_key key) -{ - return key->ops->pemtype; -} - -int -_hx509_private_key_free(hx509_private_key *key) -{ - if (key == NULL || *key == NULL) - return 0; - - if ((*key)->ref <= 0) - _hx509_abort("refcount <= 0"); - if (--(*key)->ref > 0) - return 0; - - if ((*key)->private_key.rsa) - RSA_free((*key)->private_key.rsa); - (*key)->private_key.rsa = NULL; - free(*key); - *key = NULL; - return 0; -} - -void -_hx509_private_key_assign_rsa(hx509_private_key key, void *ptr) -{ - if (key->private_key.rsa) - RSA_free(key->private_key.rsa); - key->private_key.rsa = ptr; - key->signature_alg = oid_id_pkcs1_sha1WithRSAEncryption(); - key->md = &pkcs1_rsa_sha1_alg; -} - -int -_hx509_private_key_oid(hx509_context context, - const hx509_private_key key, - heim_oid *data) -{ - int ret; - ret = der_copy_oid((*key->ops->key_oid)(), data); - if (ret) - hx509_set_error_string(context, 0, ret, "malloc out of memory"); - return ret; -} - -int -_hx509_private_key_exportable(hx509_private_key key) -{ - if (key->ops->export == NULL) - return 0; - return 1; -} - -BIGNUM * -_hx509_private_key_get_internal(hx509_context context, - hx509_private_key key, - const char *type) -{ - if (key->ops->get_internal == NULL) - return NULL; - return (*key->ops->get_internal)(context, key, type); -} - -int -_hx509_private_key_export(hx509_context context, - const hx509_private_key key, - heim_octet_string *data) -{ - if (key->ops->export == NULL) { - hx509_clear_error_string(context); - return HX509_UNIMPLEMENTED_OPERATION; - } - return (*key->ops->export)(context, key, data); -} - -/* - * - */ - -struct hx509cipher { - const char *name; - const heim_oid *(*oid_func)(void); - const AlgorithmIdentifier *(*ai_func)(void); - const EVP_CIPHER *(*evp_func)(void); - int (*get_params)(hx509_context, const hx509_crypto, - const heim_octet_string *, heim_octet_string *); - int (*set_params)(hx509_context, const heim_octet_string *, - hx509_crypto, heim_octet_string *); -}; - -struct hx509_crypto_data { - char *name; - const struct hx509cipher *cipher; - const EVP_CIPHER *c; - heim_octet_string key; - heim_oid oid; - void *param; -}; - -/* - * - */ - -static const heim_oid * -oid_private_rc2_40(void) -{ - static unsigned oid_data[] = { 127, 1 }; - static const heim_oid oid = { 2, oid_data }; - - return &oid; -} - - -/* - * - */ - -static int -CMSCBCParam_get(hx509_context context, const hx509_crypto crypto, - const heim_octet_string *ivec, heim_octet_string *param) -{ - size_t size; - int ret; - - assert(crypto->param == NULL); - if (ivec == NULL) - return 0; - - ASN1_MALLOC_ENCODE(CMSCBCParameter, param->data, param->length, - ivec, &size, ret); - if (ret == 0 && size != param->length) - _hx509_abort("Internal asn1 encoder failure"); - if (ret) - hx509_clear_error_string(context); - return ret; -} - -static int -CMSCBCParam_set(hx509_context context, const heim_octet_string *param, - hx509_crypto crypto, heim_octet_string *ivec) -{ - int ret; - if (ivec == NULL) - return 0; - - ret = decode_CMSCBCParameter(param->data, param->length, ivec, NULL); - if (ret) - hx509_clear_error_string(context); - - return ret; -} - -struct _RC2_params { - int maximum_effective_key; -}; - -static int -CMSRC2CBCParam_get(hx509_context context, const hx509_crypto crypto, - const heim_octet_string *ivec, heim_octet_string *param) -{ - CMSRC2CBCParameter rc2params; - const struct _RC2_params *p = crypto->param; - int maximum_effective_key = 128; - size_t size; - int ret; - - memset(&rc2params, 0, sizeof(rc2params)); - - if (p) - maximum_effective_key = p->maximum_effective_key; - - switch(maximum_effective_key) { - case 40: - rc2params.rc2ParameterVersion = 160; - break; - case 64: - rc2params.rc2ParameterVersion = 120; - break; - case 128: - rc2params.rc2ParameterVersion = 58; - break; - } - rc2params.iv = *ivec; - - ASN1_MALLOC_ENCODE(CMSRC2CBCParameter, param->data, param->length, - &rc2params, &size, ret); - if (ret == 0 && size != param->length) - _hx509_abort("Internal asn1 encoder failure"); - - return ret; -} - -static int -CMSRC2CBCParam_set(hx509_context context, const heim_octet_string *param, - hx509_crypto crypto, heim_octet_string *ivec) -{ - CMSRC2CBCParameter rc2param; - struct _RC2_params *p; - size_t size; - int ret; - - ret = decode_CMSRC2CBCParameter(param->data, param->length, - &rc2param, &size); - if (ret) { - hx509_clear_error_string(context); - return ret; - } - - p = calloc(1, sizeof(*p)); - if (p == NULL) { - free_CMSRC2CBCParameter(&rc2param); - hx509_clear_error_string(context); - return ENOMEM; - } - switch(rc2param.rc2ParameterVersion) { - case 160: - crypto->c = EVP_rc2_40_cbc(); - p->maximum_effective_key = 40; - break; - case 120: - crypto->c = EVP_rc2_64_cbc(); - p->maximum_effective_key = 64; - break; - case 58: - crypto->c = EVP_rc2_cbc(); - p->maximum_effective_key = 128; - break; - default: - free(p); - free_CMSRC2CBCParameter(&rc2param); - return HX509_CRYPTO_SIG_INVALID_FORMAT; - } - if (ivec) - ret = der_copy_octet_string(&rc2param.iv, ivec); - free_CMSRC2CBCParameter(&rc2param); - if (ret) { - free(p); - hx509_clear_error_string(context); - } else - crypto->param = p; - - return ret; -} - -/* - * - */ - -static const struct hx509cipher ciphers[] = { - { - "rc2-cbc", - oid_id_pkcs3_rc2_cbc, - NULL, - EVP_rc2_cbc, - CMSRC2CBCParam_get, - CMSRC2CBCParam_set - }, - { - "rc2-cbc", - oid_id_rsadsi_rc2_cbc, - NULL, - EVP_rc2_cbc, - CMSRC2CBCParam_get, - CMSRC2CBCParam_set - }, - { - "rc2-40-cbc", - oid_private_rc2_40, - NULL, - EVP_rc2_40_cbc, - CMSRC2CBCParam_get, - CMSRC2CBCParam_set - }, - { - "des-ede3-cbc", - oid_id_pkcs3_des_ede3_cbc, - NULL, - EVP_des_ede3_cbc, - CMSCBCParam_get, - CMSCBCParam_set - }, - { - "des-ede3-cbc", - oid_id_rsadsi_des_ede3_cbc, - hx509_crypto_des_rsdi_ede3_cbc, - EVP_des_ede3_cbc, - CMSCBCParam_get, - CMSCBCParam_set - }, - { - "aes-128-cbc", - oid_id_aes_128_cbc, - hx509_crypto_aes128_cbc, - EVP_aes_128_cbc, - CMSCBCParam_get, - CMSCBCParam_set - }, - { - "aes-192-cbc", - oid_id_aes_192_cbc, - NULL, - EVP_aes_192_cbc, - CMSCBCParam_get, - CMSCBCParam_set - }, - { - "aes-256-cbc", - oid_id_aes_256_cbc, - hx509_crypto_aes256_cbc, - EVP_aes_256_cbc, - CMSCBCParam_get, - CMSCBCParam_set - } -}; - -static const struct hx509cipher * -find_cipher_by_oid(const heim_oid *oid) -{ - int i; - - for (i = 0; i < sizeof(ciphers)/sizeof(ciphers[0]); i++) - if (der_heim_oid_cmp(oid, (*ciphers[i].oid_func)()) == 0) - return &ciphers[i]; - - return NULL; -} - -static const struct hx509cipher * -find_cipher_by_name(const char *name) -{ - int i; - - for (i = 0; i < sizeof(ciphers)/sizeof(ciphers[0]); i++) - if (strcasecmp(name, ciphers[i].name) == 0) - return &ciphers[i]; - - return NULL; -} - - -const heim_oid * -hx509_crypto_enctype_by_name(const char *name) -{ - const struct hx509cipher *cipher; - - cipher = find_cipher_by_name(name); - if (cipher == NULL) - return NULL; - return (*cipher->oid_func)(); -} - -int -hx509_crypto_init(hx509_context context, - const char *provider, - const heim_oid *enctype, - hx509_crypto *crypto) -{ - const struct hx509cipher *cipher; - - *crypto = NULL; - - cipher = find_cipher_by_oid(enctype); - if (cipher == NULL) { - hx509_set_error_string(context, 0, HX509_ALG_NOT_SUPP, - "Algorithm not supported"); - return HX509_ALG_NOT_SUPP; - } - - *crypto = calloc(1, sizeof(**crypto)); - if (*crypto == NULL) { - hx509_clear_error_string(context); - return ENOMEM; - } - - (*crypto)->cipher = cipher; - (*crypto)->c = (*cipher->evp_func)(); - - if (der_copy_oid(enctype, &(*crypto)->oid)) { - hx509_crypto_destroy(*crypto); - *crypto = NULL; - hx509_clear_error_string(context); - return ENOMEM; - } - - return 0; -} - -const char * -hx509_crypto_provider(hx509_crypto crypto) -{ - return "unknown"; -} - -void -hx509_crypto_destroy(hx509_crypto crypto) -{ - if (crypto->name) - free(crypto->name); - if (crypto->key.data) - free(crypto->key.data); - if (crypto->param) - free(crypto->param); - der_free_oid(&crypto->oid); - memset(crypto, 0, sizeof(*crypto)); - free(crypto); -} - -int -hx509_crypto_set_key_name(hx509_crypto crypto, const char *name) -{ - return 0; -} - -int -hx509_crypto_set_key_data(hx509_crypto crypto, const void *data, size_t length) -{ - if (EVP_CIPHER_key_length(crypto->c) > length) - return HX509_CRYPTO_INTERNAL_ERROR; - - if (crypto->key.data) { - free(crypto->key.data); - crypto->key.data = NULL; - crypto->key.length = 0; - } - crypto->key.data = malloc(length); - if (crypto->key.data == NULL) - return ENOMEM; - memcpy(crypto->key.data, data, length); - crypto->key.length = length; - - return 0; -} - -int -hx509_crypto_set_random_key(hx509_crypto crypto, heim_octet_string *key) -{ - if (crypto->key.data) { - free(crypto->key.data); - crypto->key.length = 0; - } - - crypto->key.length = EVP_CIPHER_key_length(crypto->c); - crypto->key.data = malloc(crypto->key.length); - if (crypto->key.data == NULL) { - crypto->key.length = 0; - return ENOMEM; - } - if (RAND_bytes(crypto->key.data, crypto->key.length) <= 0) { - free(crypto->key.data); - crypto->key.data = NULL; - crypto->key.length = 0; - return HX509_CRYPTO_INTERNAL_ERROR; - } - if (key) - return der_copy_octet_string(&crypto->key, key); - else - return 0; -} - -int -hx509_crypto_set_params(hx509_context context, - hx509_crypto crypto, - const heim_octet_string *param, - heim_octet_string *ivec) -{ - return (*crypto->cipher->set_params)(context, param, crypto, ivec); -} - -int -hx509_crypto_get_params(hx509_context context, - hx509_crypto crypto, - const heim_octet_string *ivec, - heim_octet_string *param) -{ - return (*crypto->cipher->get_params)(context, crypto, ivec, param); -} - -int -hx509_crypto_random_iv(hx509_crypto crypto, heim_octet_string *ivec) -{ - ivec->length = EVP_CIPHER_iv_length(crypto->c); - ivec->data = malloc(ivec->length); - if (ivec->data == NULL) { - ivec->length = 0; - return ENOMEM; - } - - if (RAND_bytes(ivec->data, ivec->length) <= 0) { - free(ivec->data); - ivec->data = NULL; - ivec->length = 0; - return HX509_CRYPTO_INTERNAL_ERROR; - } - return 0; -} - -int -hx509_crypto_encrypt(hx509_crypto crypto, - const void *data, - const size_t length, - const heim_octet_string *ivec, - heim_octet_string **ciphertext) -{ - EVP_CIPHER_CTX evp; - size_t padsize; - int ret; - - *ciphertext = NULL; - - assert(EVP_CIPHER_iv_length(crypto->c) == ivec->length); - - EVP_CIPHER_CTX_init(&evp); - - ret = EVP_CipherInit_ex(&evp, crypto->c, NULL, - crypto->key.data, ivec->data, 1); - if (ret != 1) { - EVP_CIPHER_CTX_cleanup(&evp); - ret = HX509_CRYPTO_INTERNAL_ERROR; - goto out; - } - - *ciphertext = calloc(1, sizeof(**ciphertext)); - if (*ciphertext == NULL) { - ret = ENOMEM; - goto out; - } - - if (EVP_CIPHER_block_size(crypto->c) == 1) { - padsize = 0; - } else { - int bsize = EVP_CIPHER_block_size(crypto->c); - padsize = bsize - (length % bsize); - } - (*ciphertext)->length = length + padsize; - (*ciphertext)->data = malloc(length + padsize); - if ((*ciphertext)->data == NULL) { - ret = ENOMEM; - goto out; - } - - memcpy((*ciphertext)->data, data, length); - if (padsize) { - int i; - unsigned char *p = (*ciphertext)->data; - p += length; - for (i = 0; i < padsize; i++) - *p++ = padsize; - } - - ret = EVP_Cipher(&evp, (*ciphertext)->data, - (*ciphertext)->data, - length + padsize); - if (ret != 1) { - ret = HX509_CRYPTO_INTERNAL_ERROR; - goto out; - } - ret = 0; - - out: - if (ret) { - if (*ciphertext) { - if ((*ciphertext)->data) { - free((*ciphertext)->data); - } - free(*ciphertext); - *ciphertext = NULL; - } - } - EVP_CIPHER_CTX_cleanup(&evp); - - return ret; -} - -int -hx509_crypto_decrypt(hx509_crypto crypto, - const void *data, - const size_t length, - heim_octet_string *ivec, - heim_octet_string *clear) -{ - EVP_CIPHER_CTX evp; - void *idata = NULL; - int ret; - - clear->data = NULL; - clear->length = 0; - - if (ivec && EVP_CIPHER_iv_length(crypto->c) < ivec->length) - return HX509_CRYPTO_INTERNAL_ERROR; - - if (crypto->key.data == NULL) - return HX509_CRYPTO_INTERNAL_ERROR; - - if (ivec) - idata = ivec->data; - - EVP_CIPHER_CTX_init(&evp); - - ret = EVP_CipherInit_ex(&evp, crypto->c, NULL, - crypto->key.data, idata, 0); - if (ret != 1) { - EVP_CIPHER_CTX_cleanup(&evp); - return HX509_CRYPTO_INTERNAL_ERROR; - } - - clear->length = length; - clear->data = malloc(length); - if (clear->data == NULL) { - EVP_CIPHER_CTX_cleanup(&evp); - clear->length = 0; - return ENOMEM; - } - - if (EVP_Cipher(&evp, clear->data, data, length) != 1) { - return HX509_CRYPTO_INTERNAL_ERROR; - } - EVP_CIPHER_CTX_cleanup(&evp); - - if (EVP_CIPHER_block_size(crypto->c) > 1) { - int padsize; - unsigned char *p; - int j, bsize = EVP_CIPHER_block_size(crypto->c); - - if (clear->length < bsize) { - ret = HX509_CMS_PADDING_ERROR; - goto out; - } - - p = clear->data; - p += clear->length - 1; - padsize = *p; - if (padsize > bsize) { - ret = HX509_CMS_PADDING_ERROR; - goto out; - } - clear->length -= padsize; - for (j = 0; j < padsize; j++) { - if (*p-- != padsize) { - ret = HX509_CMS_PADDING_ERROR; - goto out; - } - } - } - - return 0; - - out: - if (clear->data) - free(clear->data); - clear->data = NULL; - clear->length = 0; - return ret; -} - -typedef int (*PBE_string2key_func)(hx509_context, - const char *, - const heim_octet_string *, - hx509_crypto *, heim_octet_string *, - heim_octet_string *, - const heim_oid *, const EVP_MD *); - -static int -PBE_string2key(hx509_context context, - const char *password, - const heim_octet_string *parameters, - hx509_crypto *crypto, - heim_octet_string *key, heim_octet_string *iv, - const heim_oid *enc_oid, - const EVP_MD *md) -{ - PKCS12_PBEParams p12params; - int passwordlen; - hx509_crypto c; - int iter, saltlen, ret; - unsigned char *salt; - - passwordlen = password ? strlen(password) : 0; - - if (parameters == NULL) - return HX509_ALG_NOT_SUPP; - - ret = decode_PKCS12_PBEParams(parameters->data, - parameters->length, - &p12params, NULL); - if (ret) - goto out; - - if (p12params.iterations) - iter = *p12params.iterations; - else - iter = 1; - salt = p12params.salt.data; - saltlen = p12params.salt.length; - - if (!PKCS12_key_gen (password, passwordlen, salt, saltlen, - PKCS12_KEY_ID, iter, key->length, key->data, md)) { - ret = HX509_CRYPTO_INTERNAL_ERROR; - goto out; - } - - if (!PKCS12_key_gen (password, passwordlen, salt, saltlen, - PKCS12_IV_ID, iter, iv->length, iv->data, md)) { - ret = HX509_CRYPTO_INTERNAL_ERROR; - goto out; - } - - ret = hx509_crypto_init(context, NULL, enc_oid, &c); - if (ret) - goto out; - - ret = hx509_crypto_set_key_data(c, key->data, key->length); - if (ret) { - hx509_crypto_destroy(c); - goto out; - } - - *crypto = c; -out: - free_PKCS12_PBEParams(&p12params); - return ret; -} - -static const heim_oid * -find_string2key(const heim_oid *oid, - const EVP_CIPHER **c, - const EVP_MD **md, - PBE_string2key_func *s2k) -{ - if (der_heim_oid_cmp(oid, oid_id_pbewithSHAAnd40BitRC2_CBC()) == 0) { - *c = EVP_rc2_40_cbc(); - *md = EVP_sha1(); - *s2k = PBE_string2key; - return oid_private_rc2_40(); - } else if (der_heim_oid_cmp(oid, oid_id_pbeWithSHAAnd128BitRC2_CBC()) == 0) { - *c = EVP_rc2_cbc(); - *md = EVP_sha1(); - *s2k = PBE_string2key; - return oid_id_pkcs3_rc2_cbc(); -#if 0 - } else if (der_heim_oid_cmp(oid, oid_id_pbeWithSHAAnd40BitRC4()) == 0) { - *c = EVP_rc4_40(); - *md = EVP_sha1(); - *s2k = PBE_string2key; - return NULL; - } else if (der_heim_oid_cmp(oid, oid_id_pbeWithSHAAnd128BitRC4()) == 0) { - *c = EVP_rc4(); - *md = EVP_sha1(); - *s2k = PBE_string2key; - return oid_id_pkcs3_rc4(); -#endif - } else if (der_heim_oid_cmp(oid, oid_id_pbeWithSHAAnd3_KeyTripleDES_CBC()) == 0) { - *c = EVP_des_ede3_cbc(); - *md = EVP_sha1(); - *s2k = PBE_string2key; - return oid_id_pkcs3_des_ede3_cbc(); - } - - return NULL; -} - -/* - * - */ - -int -_hx509_pbe_encrypt(hx509_context context, - hx509_lock lock, - const AlgorithmIdentifier *ai, - const heim_octet_string *content, - heim_octet_string *econtent) -{ - hx509_clear_error_string(context); - return EINVAL; -} - -/* - * - */ - -int -_hx509_pbe_decrypt(hx509_context context, - hx509_lock lock, - const AlgorithmIdentifier *ai, - const heim_octet_string *econtent, - heim_octet_string *content) -{ - const struct _hx509_password *pw; - heim_octet_string key, iv; - const heim_oid *enc_oid; - const EVP_CIPHER *c; - const EVP_MD *md; - PBE_string2key_func s2k; - int i, ret = 0; - - memset(&key, 0, sizeof(key)); - memset(&iv, 0, sizeof(iv)); - - memset(content, 0, sizeof(*content)); - - enc_oid = find_string2key(&ai->algorithm, &c, &md, &s2k); - if (enc_oid == NULL) { - hx509_set_error_string(context, 0, HX509_ALG_NOT_SUPP, - "String to key algorithm not supported"); - ret = HX509_ALG_NOT_SUPP; - goto out; - } - - key.length = EVP_CIPHER_key_length(c); - key.data = malloc(key.length); - if (key.data == NULL) { - ret = ENOMEM; - hx509_clear_error_string(context); - goto out; - } - - iv.length = EVP_CIPHER_iv_length(c); - iv.data = malloc(iv.length); - if (iv.data == NULL) { - ret = ENOMEM; - hx509_clear_error_string(context); - goto out; - } - - pw = _hx509_lock_get_passwords(lock); - - ret = HX509_CRYPTO_INTERNAL_ERROR; - for (i = 0; i < pw->len + 1; i++) { - hx509_crypto crypto; - const char *password; - - if (i < pw->len) - password = pw->val[i]; - else if (i < pw->len + 1) - password = ""; - else - password = NULL; - - ret = (*s2k)(context, password, ai->parameters, &crypto, - &key, &iv, enc_oid, md); - if (ret) - goto out; - - ret = hx509_crypto_decrypt(crypto, - econtent->data, - econtent->length, - &iv, - content); - hx509_crypto_destroy(crypto); - if (ret == 0) - goto out; - - } -out: - if (key.data) - der_free_octet_string(&key); - if (iv.data) - der_free_octet_string(&iv); - return ret; -} - -/* - * - */ - - -int -_hx509_match_keys(hx509_cert c, hx509_private_key private_key) -{ - const Certificate *cert; - const SubjectPublicKeyInfo *spi; - RSAPublicKey pk; - RSA *rsa; - size_t size; - int ret; - - if (private_key->private_key.rsa == NULL) - return 0; - - rsa = private_key->private_key.rsa; - if (rsa->d == NULL || rsa->p == NULL || rsa->q == NULL) - return 0; - - cert = _hx509_get_cert(c); - spi = &cert->tbsCertificate.subjectPublicKeyInfo; - - rsa = RSA_new(); - if (rsa == NULL) - return 0; - - ret = decode_RSAPublicKey(spi->subjectPublicKey.data, - spi->subjectPublicKey.length / 8, - &pk, &size); - if (ret) { - RSA_free(rsa); - return 0; - } - rsa->n = heim_int2BN(&pk.modulus); - rsa->e = heim_int2BN(&pk.publicExponent); - - free_RSAPublicKey(&pk); - - rsa->d = BN_dup(private_key->private_key.rsa->d); - rsa->p = BN_dup(private_key->private_key.rsa->p); - rsa->q = BN_dup(private_key->private_key.rsa->q); - rsa->dmp1 = BN_dup(private_key->private_key.rsa->dmp1); - rsa->dmq1 = BN_dup(private_key->private_key.rsa->dmq1); - rsa->iqmp = BN_dup(private_key->private_key.rsa->iqmp); - - if (rsa->n == NULL || rsa->e == NULL || - rsa->d == NULL || rsa->p == NULL|| rsa->q == NULL || - rsa->dmp1 == NULL || rsa->dmq1 == NULL) { - RSA_free(rsa); - return 0; - } - - ret = RSA_check_key(rsa); - RSA_free(rsa); - - return ret == 1; -} - -static const heim_oid * -find_keytype(const hx509_private_key key) -{ - const struct signature_alg *md; - - if (key == NULL) - return NULL; - - md = find_sig_alg(key->signature_alg); - if (md == NULL) - return NULL; - return (*md->key_oid)(); -} - - -int -hx509_crypto_select(const hx509_context context, - int type, - const hx509_private_key source, - hx509_peer_info peer, - AlgorithmIdentifier *selected) -{ - const AlgorithmIdentifier *def; - size_t i, j; - int ret, bits; - - memset(selected, 0, sizeof(*selected)); - - if (type == HX509_SELECT_DIGEST) { - bits = SIG_DIGEST; - def = _hx509_crypto_default_digest_alg; - } else if (type == HX509_SELECT_PUBLIC_SIG) { - bits = SIG_PUBLIC_SIG; - /* XXX depend on `source´ and `peer´ */ - def = _hx509_crypto_default_sig_alg; - } else if (type == HX509_SELECT_SECRET_ENC) { - bits = SIG_SECRET; - def = _hx509_crypto_default_secret_alg; - } else { - hx509_set_error_string(context, 0, EINVAL, - "Unknown type %d of selection", type); - return EINVAL; - } - - if (peer) { - const heim_oid *keytype = NULL; - - keytype = find_keytype(source); - - for (i = 0; i < peer->len; i++) { - for (j = 0; sig_algs[j]; j++) { - if ((sig_algs[j]->flags & bits) != bits) - continue; - if (der_heim_oid_cmp((*sig_algs[j]->sig_oid)(), - &peer->val[i].algorithm) != 0) - continue; - if (keytype && sig_algs[j]->key_oid && - der_heim_oid_cmp(keytype, (*sig_algs[j]->key_oid)())) - continue; - - /* found one, use that */ - ret = copy_AlgorithmIdentifier(&peer->val[i], selected); - if (ret) - hx509_clear_error_string(context); - return ret; - } - if (bits & SIG_SECRET) { - const struct hx509cipher *cipher; - - cipher = find_cipher_by_oid(&peer->val[i].algorithm); - if (cipher == NULL) - continue; - if (cipher->ai_func == NULL) - continue; - ret = copy_AlgorithmIdentifier(cipher->ai_func(), selected); - if (ret) - hx509_clear_error_string(context); - return ret; - } - } - } - - /* use default */ - ret = copy_AlgorithmIdentifier(def, selected); - if (ret) - hx509_clear_error_string(context); - return ret; -} - -int -hx509_crypto_available(hx509_context context, - int type, - hx509_cert source, - AlgorithmIdentifier **val, - unsigned int *plen) -{ - const heim_oid *keytype = NULL; - unsigned int len, i; - void *ptr; - int bits, ret; - - *val = NULL; - - if (type == HX509_SELECT_ALL) { - bits = SIG_DIGEST | SIG_PUBLIC_SIG | SIG_SECRET; - } else if (type == HX509_SELECT_DIGEST) { - bits = SIG_DIGEST; - } else if (type == HX509_SELECT_PUBLIC_SIG) { - bits = SIG_PUBLIC_SIG; - } else { - hx509_set_error_string(context, 0, EINVAL, - "Unknown type %d of available", type); - return EINVAL; - } - - if (source) - keytype = find_keytype(_hx509_cert_private_key(source)); - - len = 0; - for (i = 0; sig_algs[i]; i++) { - if ((sig_algs[i]->flags & bits) == 0) - continue; - if (sig_algs[i]->sig_alg == NULL) - continue; - if (keytype && sig_algs[i]->key_oid && - der_heim_oid_cmp((*sig_algs[i]->key_oid)(), keytype)) - continue; - - /* found one, add that to the list */ - ptr = realloc(*val, sizeof(**val) * (len + 1)); - if (ptr == NULL) - goto out; - *val = ptr; - - ret = copy_AlgorithmIdentifier((*sig_algs[i]->sig_alg)(), &(*val)[len]); - if (ret) - goto out; - len++; - } - - /* Add AES */ - if (bits & SIG_SECRET) { - - for (i = 0; i < sizeof(ciphers)/sizeof(ciphers[0]); i++) { - - if (ciphers[i].ai_func == NULL) - continue; - - ptr = realloc(*val, sizeof(**val) * (len + 1)); - if (ptr == NULL) - goto out; - *val = ptr; - - ret = copy_AlgorithmIdentifier((ciphers[i].ai_func)(), &(*val)[len]); - if (ret) - goto out; - len++; - } - } - - *plen = len; - return 0; - -out: - for (i = 0; i < len; i++) - free_AlgorithmIdentifier(&(*val)[i]); - free(*val); - *val = NULL; - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; -} - -void -hx509_crypto_free_algs(AlgorithmIdentifier *val, - unsigned int len) -{ - unsigned int i; - for (i = 0; i < len; i++) - free_AlgorithmIdentifier(&val[i]); - free(val); -} diff --git a/crypto/heimdal/lib/hx509/data/bleichenbacher-bad.pem b/crypto/heimdal/lib/hx509/data/bleichenbacher-bad.pem deleted file mode 100644 index 2c71932bc9a9..000000000000 --- a/crypto/heimdal/lib/hx509/data/bleichenbacher-bad.pem +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBsDCCAVoCAQYwDQYJKoZIhvcNAQEFBQAwYzELMAkGA1UEBhMCQVUxEzARBgNV -BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSMwIQYD -VQQDExpTZXJ2ZXIgdGVzdCBjZXJ0ICg1MTIgYml0KTAeFw0wNjA5MTEyMzU4NTVa -Fw0wNjEwMTEyMzU4NTVaMGMxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNs -YW5kMRowGAYDVQQKExFDcnlwdFNvZnQgUHR5IEx0ZDEjMCEGA1UEAxMaU2VydmVy -IHRlc3QgY2VydCAoNTEyIGJpdCkwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAn7PD -hCeV/xIxUg8V70YRxK2A5jZbD92A12GN4PxyRQk0/lVmRUNMaJdq/qigpd9feP/u -12S4PwTLb/8q/v657QIDAQABMA0GCSqGSIb3DQEBBQUAA0EAbynCRIlUQgaqyNgU -DF6P14yRKUtX8akOP2TwStaSiVf/akYqfLFm3UGka5XbPj4rifrZ0/sOoZEEBvHQ -e20sRA== ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/bleichenbacher-good.pem b/crypto/heimdal/lib/hx509/data/bleichenbacher-good.pem deleted file mode 100644 index 409147bd5e4f..000000000000 --- a/crypto/heimdal/lib/hx509/data/bleichenbacher-good.pem +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBsDCCAVoCAQYwDQYJKoZIhvcNAQEFBQAwYzELMAkGA1UEBhMCQVUxEzARBgNV -BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSMwIQYD -VQQDExpTZXJ2ZXIgdGVzdCBjZXJ0ICg1MTIgYml0KTAeFw0wNjA5MTEyMzU5MDJa -Fw0wNjEwMTEyMzU5MDJaMGMxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNs -YW5kMRowGAYDVQQKExFDcnlwdFNvZnQgUHR5IEx0ZDEjMCEGA1UEAxMaU2VydmVy -IHRlc3QgY2VydCAoNTEyIGJpdCkwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAn7PD -hCeV/xIxUg8V70YRxK2A5jZbD92A12GN4PxyRQk0/lVmRUNMaJdq/qigpd9feP/u -12S4PwTLb/8q/v657QIDAQABMA0GCSqGSIb3DQEBBQUAA0EAc+fnj0rB2CYautG2 -4itiMOU4SN6JFTFDCTU/Gb5aR/Fiu7HJkuE5yGEnTdnwcId/T9sTW251yzCc1e2z -rHX/kw== ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/bleichenbacher-sf-pad-correct.pem b/crypto/heimdal/lib/hx509/data/bleichenbacher-sf-pad-correct.pem deleted file mode 100644 index 3e73f5d61434..000000000000 --- a/crypto/heimdal/lib/hx509/data/bleichenbacher-sf-pad-correct.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICgzCCAWugAwIBAgIBFzANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl -MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp -U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYw -ODE5MTY1MTMwWhcNMDYxMDE4MTY1MTMwWjARMQ8wDQYDVQQDEwZIYWNrZXIwgZ8w -DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKSu6ChWttBsOpaBrYf4PzyCGNe6DuE7 -rmq4CMskdz8uiAJ3wVd8jGsjdeY4YzoXSVp+9mEF6XqNgyDf8Ub3kNgPYxvJ28lg -QVpd5RdGWXHo14LWBTD1mtFkCiAhVlATsVNI/tjv2tv7Jp8EsylbDHe7hslA0rns -Rr2cS9bvpM03AgMBAAGjEzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEF -BQADggEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADLL/Up63HkFWD15INcW -Xd1nZGI+gO/whm58ICyJ1Js7ON6N4NyBTwe8513CvdOlOdG/Ctmy2gxEE47HhEed -ST8AUooI0ey599t84P20gGRuOYIjr7c= ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/ca.crt b/crypto/heimdal/lib/hx509/data/ca.crt deleted file mode 100644 index 76fa2c4d9522..000000000000 --- a/crypto/heimdal/lib/hx509/data/ca.crt +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICbDCCAdWgAwIBAgIJALeUXoWyGYBYMA0GCSqGSIb3DQEBBQUAMCoxGzAZBgNV -BAMMEmh4NTA5IFRlc3QgUm9vdCBDQTELMAkGA1UEBhMCU0UwHhcNMDcxMTE1MDY1 -ODU2WhcNMTcxMTEyMDY1ODU2WjAqMRswGQYDVQQDDBJoeDUwOSBUZXN0IFJvb3Qg -Q0ExCzAJBgNVBAYTAlNFMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHcvJb -yJXPhM9HHq1hU6d2Cu1fW9o1CvObirn1SNZg+pTnQgO9Lv4VjQQfltNK0aovyLJa -UdbAbsRCfH+79YY2tU76x8aXpUri0DfUv5PGscIZzW7WULaaXxBgHo1owzmhc1Qj -F9JDEurJXGFEZaDsPcEwY40RjrKDL8SXzEoEwwIDAQABo4GZMIGWMB0GA1UdDgQW -BBSM5w21xd5phXUsCKHeUxUwnKHoADBaBgNVHSMEUzBRgBSM5w21xd5phXUsCKHe -UxUwnKHoAKEupCwwKjEbMBkGA1UEAwwSaHg1MDkgVGVzdCBSb290IENBMQswCQYD -VQQGEwJTRYIJALeUXoWyGYBYMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgHmMA0G -CSqGSIb3DQEBBQUAA4GBAIBa6mq1aytlbhixD6q4PROg7P1OGX6nr5CkC96CC+Xp -5UTLZEVIddkrBswNAAS0p5eEorO8xD9eT5ztZ0oYITymsO1sEIfDLks+LhdBoyF7 -TX24INRwjlqsC8UlbRFoClxIMNhrMwcC3oZ4oLddV2OmA0IOG6yHXvEOQq0sTotr ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/ca.key b/crypto/heimdal/lib/hx509/data/ca.key deleted file mode 100644 index 924c52dbafc9..000000000000 --- a/crypto/heimdal/lib/hx509/data/ca.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQDHcvJbyJXPhM9HHq1hU6d2Cu1fW9o1CvObirn1SNZg+pTnQgO9 -Lv4VjQQfltNK0aovyLJaUdbAbsRCfH+79YY2tU76x8aXpUri0DfUv5PGscIZzW7W -ULaaXxBgHo1owzmhc1QjF9JDEurJXGFEZaDsPcEwY40RjrKDL8SXzEoEwwIDAQAB -AoGAcRFgBdpr224eF+JzRganm8rMENBAnutreRUnIL+/ENFd0tBg0EIwtsTvvnzB -odvEkDxFp+BXT1Y8Grj7rPGeuKq7537J43Go02fSC7z4i3HDhSmv1SXE59hiES4F -ktyR2D7N+A/RPCckS4JM/zG4ZkucqKg/NnVpbdTpl0P2oSkCQQDoDkPde5vfWeXG -wmAgm5HPbyEmDBXQMlYDgNd448TmObRpjr0dyyr5zDgFJkOpOmv6WUMUxGILam3k -hCDqQqHPAkEA3AdgsMafqkR+OJmZT/gIDYb+mU8DFH6+WcUPxk+qbAa8JWg4VD30 -tpOKwZu4an1kExHnsVTqKOoW1cYmtYDuzQJAJ+78gsrYwhDoV9HvVO0wpG/NVozR -3CgtYSD085rOsYfQojGsHcputNoN8eTp09934Xcm8hXxgWFpU9/hAi9BRQJACKG1 -dlnka56SQRAthoiZcEZqeIM0ALrUJttnOgVoDyLYgLMs+okPr5XsLJo6StsucN0T -9M36/a3pRWunmxk6xQJBAOaD3sdIMLtGpFFOIQgkNUD9rOqXpi87h3ecmJCuG82w -B6kRNvpZz33U2FowFQtGBdvUBsbzlRzYDMrWniC6YKc= ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/data/crl1.crl b/crypto/heimdal/lib/hx509/data/crl1.crl deleted file mode 100644 index 14aecf4c3dca..000000000000 --- a/crypto/heimdal/lib/hx509/data/crl1.crl +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN X509 CRL----- -MIIBBDBvMA0GCSqGSIb3DQEBBQUAMCoxGzAZBgNVBAMMEmh4NTA5IFRlc3QgUm9v -dCBDQTELMAkGA1UEBhMCU0UXDTA3MTExNTA2NTkwMFoXDTE3MDkyMzA2NTkwMFow -FDASAgEDFw0wNzExMTUwNjU5MDBaMA0GCSqGSIb3DQEBBQUAA4GBAGYUroSt3oVI -0mjphSYqtpzDavF6xVM7bQrQEW+ZhzG7VynJdJaPgaJRaEHj9CNlJT1GF5WOY180 -wWuZEqXUV144snZ7YkSdsNOQRSmnHp8Fl6Sjdya3G55FoJHmhZ2JvscyZpb/Vh8N -NoMICB27iYqCzVlK9NkT5neCmomv/mDn ------END X509 CRL----- diff --git a/crypto/heimdal/lib/hx509/data/crl1.der b/crypto/heimdal/lib/hx509/data/crl1.der deleted file mode 100644 index 6d29196fc7bf..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/crl1.der and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/gen-req.sh b/crypto/heimdal/lib/hx509/data/gen-req.sh deleted file mode 100644 index 4926399d4ea3..000000000000 --- a/crypto/heimdal/lib/hx509/data/gen-req.sh +++ /dev/null @@ -1,316 +0,0 @@ -#!/bin/sh -# $Id: gen-req.sh 21786 2007-08-01 19:37:45Z lha $ -# -# This script need openssl 0.9.8a or newer, so it can parse the -# otherName section for pkinit certificates. -# - -openssl=$HOME/src/openssl/openssl-0.9.8e/apps/openssl - -gen_cert() -{ - ${openssl} req \ - -new \ - -subj "$1" \ - -config openssl.cnf \ - -newkey rsa:1024 \ - -sha1 \ - -nodes \ - -keyout out.key \ - -out cert.req > /dev/null 2>/dev/null - - if [ "$3" = "ca" ] ; then - ${openssl} x509 \ - -req \ - -days 3650 \ - -in cert.req \ - -extfile openssl.cnf \ - -extensions $4 \ - -signkey out.key \ - -out cert.crt - - ln -s ca.crt `${openssl} x509 -hash -noout -in cert.crt`.0 - - name=$3 - - elif [ "$3" = "proxy" ] ; then - - ${openssl} x509 \ - -req \ - -in cert.req \ - -days 3650 \ - -out cert.crt \ - -CA $2.crt \ - -CAkey $2.key \ - -CAcreateserial \ - -extfile openssl.cnf \ - -extensions $4 - - name=$5 - else - - ${openssl} ca \ - -name $4 \ - -days 3650 \ - -cert $2.crt \ - -keyfile $2.key \ - -in cert.req \ - -out cert.crt \ - -outdir . \ - -batch \ - -config openssl.cnf - - name=$3 - fi - - mv cert.crt $name.crt - mv out.key $name.key -} - -echo "01" > serial -> index.txt -rm -f *.0 - -gen_cert "/CN=hx509 Test Root CA/C=SE" "root" "ca" "v3_ca" -gen_cert "/CN=OCSP responder/C=SE" "ca" "ocsp-responder" "ocsp" -gen_cert "/CN=Test cert/C=SE" "ca" "test" "usr" -gen_cert "/CN=Revoke cert/C=SE" "ca" "revoke" "usr" -gen_cert "/CN=Test cert KeyEncipherment/C=SE" "ca" "test-ke-only" "usr_ke" -gen_cert "/CN=Test cert DigitalSignature/C=SE" "ca" "test-ds-only" "usr_ds" -gen_cert "/CN=pkinit/C=SE" "ca" "pkinit" "pkinit_client" -gen_cert "/C=SE/CN=pkinit/CN=pkinit-proxy" "pkinit" "proxy" "proxy_cert" pkinit-proxy -gen_cert "/CN=kdc/C=SE" "ca" "kdc" "pkinit_kdc" -gen_cert "/CN=www.test.h5l.se/C=SE" "ca" "https" "https" -gen_cert "/CN=Sub CA/C=SE" "ca" "sub-ca" "subca" -gen_cert "/CN=Test sub cert/C=SE" "sub-ca" "sub-cert" "usr" -gen_cert "/C=SE/CN=Test cert/CN=proxy" "test" "proxy" "proxy_cert" proxy-test -gen_cert "/C=SE/CN=Test cert/CN=proxy/CN=child" "proxy-test" "proxy" "proxy_cert" proxy-level-test -gen_cert "/C=SE/CN=Test cert/CN=no-proxy" "test" "proxy" "usr_cert" no-proxy-test -gen_cert "/C=SE/CN=Test cert/CN=proxy10" "test" "proxy" "proxy10_cert" proxy10-test -gen_cert "/C=SE/CN=Test cert/CN=proxy10/CN=child" "proxy10-test" "proxy" "proxy10_cert" proxy10-child-test -gen_cert "/C=SE/CN=Test cert/CN=proxy10/CN=child/CN=child" "proxy10-child-test" "proxy" "proxy10_cert" proxy10-child-child-test - - -# combine -cat sub-ca.crt ca.crt > sub-ca-combined.crt -cat test.crt test.key > test.combined.crt -cat pkinit-proxy.crt pkinit.crt > pkinit-proxy-chain.crt - -# password protected key -${openssl} rsa -in test.key -aes256 -passout pass:foobar -out test-pw.key -${openssl} rsa -in pkinit.key -aes256 -passout pass:foo -out pkinit-pw.key - - -${openssl} ca \ - -name usr \ - -cert ca.crt \ - -keyfile ca.key \ - -revoke revoke.crt \ - -config openssl.cnf - -${openssl} pkcs12 \ - -export \ - -in test.crt \ - -inkey test.key \ - -passout pass:foobar \ - -out test.p12 \ - -name "friendlyname-test" \ - -certfile ca.crt \ - -caname ca - -${openssl} pkcs12 \ - -export \ - -in sub-cert.crt \ - -inkey sub-cert.key \ - -passout pass:foobar \ - -out sub-cert.p12 \ - -name "friendlyname-sub-cert" \ - -certfile sub-ca-combined.crt \ - -caname sub-ca \ - -caname ca - -${openssl} pkcs12 \ - -keypbe NONE \ - -certpbe NONE \ - -export \ - -in test.crt \ - -inkey test.key \ - -passout pass:foobar \ - -out test-nopw.p12 \ - -name "friendlyname-cert" \ - -certfile ca.crt \ - -caname ca - -${openssl} smime \ - -sign \ - -nodetach \ - -binary \ - -in static-file \ - -signer test.crt \ - -inkey test.key \ - -outform DER \ - -out test-signed-data - -${openssl} smime \ - -sign \ - -nodetach \ - -binary \ - -in static-file \ - -signer test.crt \ - -inkey test.key \ - -noattr \ - -outform DER \ - -out test-signed-data-noattr - -${openssl} smime \ - -sign \ - -nodetach \ - -binary \ - -in static-file \ - -signer test.crt \ - -inkey test.key \ - -noattr \ - -nocerts \ - -outform DER \ - -out test-signed-data-noattr-nocerts - -${openssl} smime \ - -encrypt \ - -nodetach \ - -binary \ - -in static-file \ - -outform DER \ - -out test-enveloped-rc2-40 \ - -rc2-40 \ - test.crt - -${openssl} smime \ - -encrypt \ - -nodetach \ - -binary \ - -in static-file \ - -outform DER \ - -out test-enveloped-rc2-64 \ - -rc2-64 \ - test.crt - -${openssl} smime \ - -encrypt \ - -nodetach \ - -binary \ - -in static-file \ - -outform DER \ - -out test-enveloped-rc2-128 \ - -rc2-128 \ - test.crt - -${openssl} smime \ - -encrypt \ - -nodetach \ - -binary \ - -in static-file \ - -outform DER \ - -out test-enveloped-des \ - -des \ - test.crt - -${openssl} smime \ - -encrypt \ - -nodetach \ - -binary \ - -in static-file \ - -outform DER \ - -out test-enveloped-des-ede3 \ - -des3 \ - test.crt - -${openssl} smime \ - -encrypt \ - -nodetach \ - -binary \ - -in static-file \ - -outform DER \ - -out test-enveloped-aes-128 \ - -aes128 \ - test.crt - -${openssl} smime \ - -encrypt \ - -nodetach \ - -binary \ - -in static-file \ - -outform DER \ - -out test-enveloped-aes-256 \ - -aes256 \ - test.crt - -echo ocsp requests - -${openssl} ocsp \ - -issuer ca.crt \ - -cert test.crt \ - -reqout ocsp-req1.der - -${openssl} ocsp \ - -index index.txt \ - -rsigner ocsp-responder.crt \ - -rkey ocsp-responder.key \ - -CA ca.crt \ - -reqin ocsp-req1.der \ - -noverify \ - -respout ocsp-resp1-ocsp.der - -${openssl} ocsp \ - -index index.txt \ - -rsigner ca.crt \ - -rkey ca.key \ - -CA ca.crt \ - -reqin ocsp-req1.der \ - -noverify \ - -respout ocsp-resp1-ca.der - -${openssl} ocsp \ - -index index.txt \ - -rsigner ocsp-responder.crt \ - -rkey ocsp-responder.key \ - -CA ca.crt \ - -resp_no_certs \ - -reqin ocsp-req1.der \ - -noverify \ - -respout ocsp-resp1-ocsp-no-cert.der - -${openssl} ocsp \ - -index index.txt \ - -rsigner ocsp-responder.crt \ - -rkey ocsp-responder.key \ - -CA ca.crt \ - -reqin ocsp-req1.der \ - -resp_key_id \ - -noverify \ - -respout ocsp-resp1-keyhash.der - -${openssl} ocsp \ - -issuer ca.crt \ - -cert revoke.crt \ - -reqout ocsp-req2.der - -${openssl} ocsp \ - -index index.txt \ - -rsigner ocsp-responder.crt \ - -rkey ocsp-responder.key \ - -CA ca.crt \ - -reqin ocsp-req2.der \ - -noverify \ - -respout ocsp-resp2.der - -${openssl} ca \ - -gencrl \ - -name usr \ - -crldays 3600 \ - -keyfile ca.key \ - -cert ca.crt \ - -crl_reason superseded \ - -out crl1.crl \ - -config openssl.cnf - -${openssl} crl -in crl1.crl -outform der -out crl1.der diff --git a/crypto/heimdal/lib/hx509/data/j.pem b/crypto/heimdal/lib/hx509/data/j.pem deleted file mode 100644 index 45ae8e81477f..000000000000 --- a/crypto/heimdal/lib/hx509/data/j.pem +++ /dev/null @@ -1,26 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEajCCA1KgAwIBAgIBATANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJKUDEN -MAsGA1UECgwESlBLSTEpMCcGA1UECwwgUHJlZmVjdHVyYWwgQXNzb2NpYXRpb24g -Rm9yIEpQS0kxETAPBgNVBAsMCEJyaWRnZUNBMB4XDTAzMTIyNzA1MDgxNVoXDTEz -MTIyNjE0NTk1OVowWjELMAkGA1UEBhMCSlAxDTALBgNVBAoMBEpQS0kxKTAnBgNV -BAsMIFByZWZlY3R1cmFsIEFzc29jaWF0aW9uIEZvciBKUEtJMREwDwYDVQQLDAhC -cmlkZ2VDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANTnUmg7K3m8 -52vd77kwkq156euwoWm5no8E8kmaTSc7x2RABPpqNTlMKdZ6ttsyYrqREeDkcvPL -yF7yf/I8+innasNtsytcTAy8xY8Avsbd4JkCGW9dyPjk9pzzc3yLQ64Rx2fujRn2 -agcEVdPCr/XpJygX8FD5bbhkZ0CVoiASBmlHOcC3YpFlfbT1QcpOSOb7o+VdKVEi -MMfbBuU2IlYIaSr/R1nO7RPNtkqkFWJ1/nKjKHyzZje7j70qSxb+BTGcNgTHa1YA -UrogKB+UpBftmb4ds+XlkEJ1dvwokiSbCDaWFKD+YD4B2s0bvjCbw8xuZFYGhNyR -/2D5XfN1s2MCAwEAAaOCATkwggE1MA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MG0GA1UdHwRmMGQwYqBgoF6kXDBaMQswCQYDVQQGEwJKUDENMAsGA1UE -CgwESlBLSTEpMCcGA1UECwwgUHJlZmVjdHVyYWwgQXNzb2NpYXRpb24gRm9yIEpQ -S0kxETAPBgNVBAsMCEJyaWRnZUNBMIGDBgNVHREEfDB6pHgwdjELMAkGA1UEBhMC -SlAxJzAlBgNVBAoMHuWFrOeahOWAi+S6uuiqjeiovOOCteODvOODk+OCuTEeMBwG -A1UECwwV6YO96YGT5bqc55yM5Y2U6K2w5LyaMR4wHAYDVQQLDBXjg5bjg6rjg4Pj -grjoqo3oqLzlsYAwHQYDVR0OBBYEFNQXMiCqQNkR2OaZmQgLtf8mR8p8MA0GCSqG -SIb3DQEBBQUAA4IBAQATjJo4reTNPC5CsvAKu1RYT8PyXFVYHbKsEpGt4GR8pDCg -HEGAiAhHSNrGh9CagZMXADvlG0gmMOnXowriQQixrtpkmx0TB8tNAlZptZWkZC+R -8TnjOkHrk2nFAEC3ezbdK0R7MR4tJLDQCnhEWbg50rf0wZ/aF8uAaVeEtHXa6W0M -Xq3dSe0XAcrLbX4zZHQTaWvdpLAIjl6DZ3SCieRMyoWUL+LXaLFdTP5WBCd+No58 -IounD9X4xxze2aeRVaiV/WnQ0OSPNS7n7YXy6xQdnaOU4KRW/Lne1EDf5IfWC/ih -bVAmhZMbcrkWWcsR6aCPG+2mV3zTD6AUzuKPal8Y ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/kdc.crt b/crypto/heimdal/lib/hx509/data/kdc.crt deleted file mode 100644 index 7dc38359c8fa..000000000000 --- a/crypto/heimdal/lib/hx509/data/kdc.crt +++ /dev/null @@ -1,59 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 7 (0x7) - Signature Algorithm: sha1WithRSAEncryption - Issuer: CN=hx509 Test Root CA, C=SE - Validity - Not Before: Nov 15 06:58:58 2007 GMT - Not After : Nov 12 06:58:58 2017 GMT - Subject: C=SE, CN=kdc - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:bb:fa:14:24:35:9f:cb:82:91:20:b9:44:ec:4d: - f8:e4:1b:68:3f:6a:4d:d1:56:3e:28:25:6e:ab:aa: - 8b:6b:9c:59:ce:67:cc:27:61:4f:ff:18:a5:56:81: - a1:94:c4:33:f9:20:54:e5:1f:5a:47:43:ee:8f:52: - 8a:9f:97:6b:73:92:a3:e1:fd:9e:0b:04:36:2b:b2: - 72:bd:80:ff:ae:5a:e1:9b:bb:d8:77:c8:fe:f8:3b: - 3f:b9:51:56:6e:97:c2:2a:76:ea:56:d8:46:67:45: - 33:6f:b1:74:cf:2b:dd:11:32:1f:d7:a9:e9:2a:e2: - 0f:a8:dd:b1:94:85:87:dd:b5 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Key Usage: - Digital Signature, Non Repudiation, Key Encipherment - X509v3 Extended Key Usage: - pkkdcekuoid - X509v3 Subject Key Identifier: - 51:75:26:1A:E0:16:0F:69:A8:B4:98:80:EB:C8:49:A6:D0:C6:24:C1 - X509v3 Subject Alternative Name: - othername: - Signature Algorithm: sha1WithRSAEncryption - 7a:f7:7c:cf:2d:87:aa:93:49:b1:05:2a:ea:ee:75:97:22:02: - 5a:a1:2c:e3:e1:9d:be:48:0c:75:26:e0:84:f0:2a:90:5a:15: - dd:7c:58:65:ab:79:05:85:40:54:35:e1:57:58:96:aa:32:68: - f2:bd:cc:b5:9a:1c:f5:d7:49:01:44:ce:fc:22:55:3c:86:d6: - c2:ed:46:e6:dc:a7:c5:48:3f:ac:0c:10:ba:b9:e2:e8:78:37: - 79:f7:d5:da:c0:8e:74:09:64:ff:bb:36:24:d4:c7:4d:c3:93: - c2:d7:3a:32:97:b9:e1:79:ea:82:3a:42:69:ec:e4:ec:48:d5: - 3f:90 ------BEGIN CERTIFICATE----- -MIICVDCCAb2gAwIBAgIBBzANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw -OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA3MTExNTA2NTg1OFoXDTE3 -MTExMjA2NTg1OFowGzELMAkGA1UEBhMCU0UxDDAKBgNVBAMMA2tkYzCBnzANBgkq -hkiG9w0BAQEFAAOBjQAwgYkCgYEAu/oUJDWfy4KRILlE7E345BtoP2pN0VY+KCVu -q6qLa5xZzmfMJ2FP/xilVoGhlMQz+SBU5R9aR0Puj1KKn5drc5Kj4f2eCwQ2K7Jy -vYD/rlrhm7vYd8j++Ds/uVFWbpfCKnbqVthGZ0Uzb7F0zyvdETIf16npKuIPqN2x -lIWH3bUCAwEAAaOBmDCBlTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DASBgNVHSUE -CzAJBgcrBgEFAgMFMB0GA1UdDgQWBBRRdSYa4BYPaai0mIDryEmm0MYkwTBIBgNV -HREEQTA/oD0GBisGAQUCAqAzMDGgDRsLVEVTVC5INUwuU0WhIDAeoAMCAQGhFzAV -GwZrcmJ0Z3QbC1RFU1QuSDVMLlNFMA0GCSqGSIb3DQEBBQUAA4GBAHr3fM8th6qT -SbEFKurudZciAlqhLOPhnb5IDHUm4ITwKpBaFd18WGWreQWFQFQ14VdYlqoyaPK9 -zLWaHPXXSQFEzvwiVTyG1sLtRubcp8VIP6wMELq54uh4N3n31drAjnQJZP+7NiTU -x03Dk8LXOjKXueF56oI6Qmns5OxI1T+Q ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/kdc.key b/crypto/heimdal/lib/hx509/data/kdc.key deleted file mode 100644 index 01fca6542c2d..000000000000 --- a/crypto/heimdal/lib/hx509/data/kdc.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQC7+hQkNZ/LgpEguUTsTfjkG2g/ak3RVj4oJW6rqotrnFnOZ8wn -YU//GKVWgaGUxDP5IFTlH1pHQ+6PUoqfl2tzkqPh/Z4LBDYrsnK9gP+uWuGbu9h3 -yP74Oz+5UVZul8IqdupW2EZnRTNvsXTPK90RMh/Xqekq4g+o3bGUhYfdtQIDAQAB -AoGBAJXwJO65A0v+SqqyfSKME1JH9kBXF9k5lHzLVtqBP5JHdW7pZnOm8HtG+mLl -JbCXS+mUe4MDHiyoJ/qUWVRxIFgBBEQpaYxdyW8d+SpCnR53hBa3t0yxr3yZ0XCc -u4lkKaCCQM5aPZqlbEkyR0Hm+lXPKbW+Sgm18fm2zPJ/2EXhAkEA8RO+dydMR7LV -8PdOvMkENwwnkUQTI3YjoRy0yV9UV+x3JDdBufOOjObrXIg/jDkg3PyOE5JBo/EZ -u1OyFFbyPQJBAMec4B3+ZyOPeH1OodSWfL/0AFCSZyOs1UgEC7vorMJ8i0eHDIsT -Uie1xNlrfrjnXTvMG7woFZOvNXBJkxCXKNkCQQCyMX/lnxyZGq1csdB3ZrZA4jEV -BRaIbbikTA2tk1NKsjTWhimFA2xo5f8upF8kjM2nyt5RxRfT0FDO0Gye8C2ZAkBq -CJYwuJwXErZBcgya/dmEqduk8TAijkO5fpSxG7bxlPDzbPSnx/qjJ3ZKvERTemtX -QWQWPgDAM5kibaLWdEV5AkAJn7iP495Cbac0y3zihgK/M70M9y1WB0TbumpTVpg2 -taw3NwTjQlGnFj64dJIj+hgCOGYJ7H1Gt7JOi10NRtbd ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/data/key.der b/crypto/heimdal/lib/hx509/data/key.der deleted file mode 100644 index e7c665e3005e..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/key.der and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/key2.der b/crypto/heimdal/lib/hx509/data/key2.der deleted file mode 100644 index fe3f413c0aa5..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/key2.der and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/nist-data b/crypto/heimdal/lib/hx509/data/nist-data deleted file mode 100644 index 80333bbfc406..000000000000 --- a/crypto/heimdal/lib/hx509/data/nist-data +++ /dev/null @@ -1,91 +0,0 @@ -# $Id: nist-data 21917 2007-08-16 13:54:25Z lha $ -# id verify cert hxtool-verify-arguments... -# p(ass) f(ail) -# Those id's that end with i are invariants of the orignal test -# -# 4.1 Signature Verification -# -4.1.1 p ValidCertificatePathTest1EE.crt GoodCACert.crt GoodCACRL.crl -4.1.2 f InvalidCASignatureTest2EE.crt BadSignedCACert.crt BadSignedCACRL.crl -4.1.3 f InvalidEESignatureTest3EE.crt GoodCACert.crt GoodCACRL.crl -#4.1.4 p ValidDSASignaturesTest4EE.crt DSACACert.crt DSACACRL.crl -#4.1.5 p ValidDSAParameterInheritanceTest5EE.crl DSAParametersInheritedCACert.crt DSAParametersInheritedCACRL.crl DSACACert.crt DSACACRL.crl -#4.1.6 f InvalidDSASignaturesTest6EE.crt DSACACert.crt DSACACRL.crl -# -# 4.2 Validity Periods -# -4.2.1 f InvalidCAnotBeforeDateTest1EE.crt BadnotBeforeDateCACert.crt BadnotBeforeDateCACRL.crl -4.2.2 f InvalidEEnotBeforeDateTest2EE.crt GoodCACert.crt GoodCACRL.crl -4.2.3 p Validpre2000UTCnotBeforeDateTest3EE.crt GoodCACert.crt GoodCACRL.crl -4.2.4 p ValidGeneralizedTimenotBeforeDateTest4EE.crt GoodCACert.crt GoodCACRL.crl -4.2.5 f InvalidCAnotAfterDateTest5EE.crt BadnotAfterDateCACert.crt BadnotAfterDateCACRL.crl -4.2.6 f InvalidEEnotAfterDateTest6EE.crt GoodCACert.crt GoodCACRL.crl -4.2.7 f Invalidpre2000UTCEEnotAfterDateTest7EE.crt GoodCACert.crt GoodCACRL.crl -#4.2.8 p ValidGeneralizedTimenotAfterDateTest8EE.crt GoodCACert.crt GoodCACRL.crl -# -# 4.4 CRtests -# -4.4.1 f InvalidMissingCRLTest1EE.crt NoCRLCACert.crt -4.4.1i p InvalidMissingCRLTest1EE.crt --missing-revoke NoCRLCACert.crt -4.4.2 f InvalidRevokedEETest3EE.crt GoodCACert.crt InvalidRevokedCATest2EE.crt GoodCACRL.crl RevokedsubCACRL.crl -4.4.2i p InvalidRevokedEETest3EE.crt --missing-revoke GoodCACert.crt InvalidRevokedCATest2EE.crt -4.4.3 f InvalidRevokedEETest3EE.crt GoodCACert.crt GoodCACRL.crl -4.4.3i p InvalidRevokedEETest3EE.crt --missing-revoke GoodCACert.crt -4.4.4 f InvalidBadCRLSignatureTest4EE.crt BadCRLSignatureCACert.crt BadCRLSignatureCACRL.crl -4.4.4i p InvalidBadCRLSignatureTest4EE.crt --missing-revoke BadCRLSignatureCACert.crt -4.4.5 f InvalidBadCRLIssuerNameTest5EE.crt BadCRLIssuerNameCACert.crt BadCRLIssuerNameCACRL.crl -4.4.5i p InvalidBadCRLIssuerNameTest5EE.crt --missing-revoke BadCRLIssuerNameCACert.crt -4.4.6 f InvalidWrongCRLTest6EE.crt WrongCRLCACert.crt WrongCRLCACRL.crl -4.4.7 p ValidTwoCRLsTest7EE.crt TwoCRLsCACert.crt TwoCRLsCAGoodCRL.crl TwoCRLsCABadCRL.crl -4.4.8 f InvalidUnknownCRLEntryExtensionTest8EE.crt UnknownCRLEntryExtensionCACert.crt UnknownCRLEntryExtensionCACRL.crl -4.4.9 f InvalidUnknownCRLExtensionTest9EE.crt UnknownCRLExtensionCACert.crt UnknownCRLExtensionCACRL.crl -4.4.10 f InvalidUnknownCRLExtensionTest10EE.crt UnknownCRLExtensionCACert.crt UnknownCRLExtensionCACRL.crl -4.4.11 f InvalidOldCRLnextUpdateTest11EE.crt OldCRLnextUpdateCACert.crt OldCRLnextUpdateCACRL.crl -4.4.12 f Invalidpre2000CRLnextUpdateTest12EE.crt pre2000CRLnextUpdateCACert.crt pre2000CRLnextUpdateCACRL.crl -#4.4.13-xxx s ValidGeneralizedTimeCRLnextUpdateTest13EE.crt GeneralizedTimeCRLnextUpdateCACert.crt GeneralizedTimeCRLnextUpdateCACRL.crl -4.4.14 p ValidNegativeSerialNumberTest14EE.crt NegativeSerialNumberCACert.crt NegativeSerialNumberCACRL.crl -4.4.15 f InvalidNegativeSerialNumberTest15EE.crt NegativeSerialNumberCACert.crt NegativeSerialNumberCACRL.crl -4.4.16 p ValidLongSerialNumberTest16EE.crt LongSerialNumberCACert.crt LongSerialNumberCACRL.crl -4.4.17 p ValidLongSerialNumberTest17EE.crt LongSerialNumberCACert.crt LongSerialNumberCACRL.crl -4.4.18 f InvalidLongSerialNumberTest18EE.crt LongSerialNumberCACert.crt LongSerialNumberCACRL.crl -# -# -# 4.8 Ceificate Policies -incomplete4.8.2 p AllCertificatesNoPoliciesTest2EE.crt NoPoliciesCACert.crt NoPoliciesCACRL.crl -incomplete4.8.10 p AllCertificatesSamePoliciesTest10EE.crt PoliciesP12CACert.crt PoliciesP12CACRL.crl -incomplete4.8.13 p AllCertificatesSamePoliciesTest13EE.crt PoliciesP123CACert.crt PoliciesP123CACRL.crl -incomplete4.8.11 p AllCertificatesanyPolicyTest11EE.crt anyPolicyCACert.crt anyPolicyCACRL.crl -unknown p AnyPolicyTest14EE.crt anyPolicyCACert.crt anyPolicyCACRL.crl -unknown f BadSignedCACert.crt -unknown f BadnotAfterDateCACert.crt -unknown f BadnotBeforeDateCACert.crt -# -# 4.13 Name Constraints -# -4.13.1 p ValidDNnameConstraintsTest1EE.crt nameConstraintsDN1CACert.crt nameConstraintsDN1CACRL.crl -4.13.2 f InvalidDNnameConstraintsTest2EE.crt nameConstraintsDN1CACert.crt nameConstraintsDN1CACRL.crl -4.13.3 f InvalidDNnameConstraintsTest3EE.crt nameConstraintsDN1CACert.crt nameConstraintsDN1CACRL.crl -4.13.4 p ValidDNnameConstraintsTest4EE.crt nameConstraintsDN1CACert.crt nameConstraintsDN1CACRL.crl -4.13.5 p ValidDNnameConstraintsTest5EE.crt nameConstraintsDN2CACert.crt nameConstraintsDN2CACRL.crl -4.13.6 p ValidDNnameConstraintsTest6EE.crt nameConstraintsDN3CACert.crt nameConstraintsDN3CACRL.crl -4.13.7 f InvalidDNnameConstraintsTest7EE.crt nameConstraintsDN3CACert.crt nameConstraintsDN3CACRL.crl -4.13.8 f InvalidDNnameConstraintsTest8EE.crt nameConstraintsDN4CACert.crt nameConstraintsDN4CACRL.crl -4.13.9 f InvalidDNnameConstraintsTest9EE.crt nameConstraintsDN4CACert.crt nameConstraintsDN4CACRL.crl -4.13.10 f InvalidDNnameConstraintsTest10EE.crt nameConstraintsDN5CACert.crt nameConstraintsDN5CACRL.crl -4.13.11 p ValidDNnameConstraintsTest11EE.crt nameConstraintsDN5CACert.crt nameConstraintsDN5CACRL.crl -4.13.12 f InvalidDNnameConstraintsTest12EE.crt nameConstraintsDN1subCA1Cert.crt nameConstraintsDN1subCA1CRL.crl nameConstraintsDN1CACert.crt nameConstraintsDN1CACRL.crl -4.13.13 f InvalidDNnameConstraintsTest13EE.crt nameConstraintsDN1subCA1Cert.crt nameConstraintsDN1subCA1CRL.crl nameConstraintsDN1CACert.crt nameConstraintsDN1CACRL.crl -4.13.14 p ValidDNnameConstraintsTest14EE.crt nameConstraintsDN1subCA2Cert.crt nameConstraintsDN1subCA2CRL.crl nameConstraintsDN1CACert.crt nameConstraintsDN1CACRL.crl -4.13.15 f InvalidDNnameConstraintsTest15EE.crt nameConstraintsDN3subCA1Cert.crt nameConstraintsDN3subCA1CRL.crl nameConstraintsDN3CACert.crt nameConstraintsDN3CACRL.crl -4.13.16 f InvalidDNnameConstraintsTest16EE.crt nameConstraintsDN3subCA1Cert.crt nameConstraintsDN3subCA1CRL.crl nameConstraintsDN3CACert.crt nameConstraintsDN3CACRL.crl -4.13.17 f InvalidDNnameConstraintsTest17EE.crt nameConstraintsDN3subCA2Cert.crt nameConstraintsDN3subCA2CRL.crl nameConstraintsDN3CACert.crt nameConstraintsDN3CACRL.crl -4.13.18 p ValidDNnameConstraintsTest18EE.crt nameConstraintsDN3subCA2Cert.crt nameConstraintsDN3subCA2CRL.crl nameConstraintsDN3CACert.crt nameConstraintsDN3CACRL.crl -# -# no crl for self issued cert -# -#4.13.19 p ValidDNnameConstraintsTest19EE.crt nameConstraintsDN1SelfIssuedCACert.crt nameConstraintsDN1CACert.crt nameConstraintsDN1CACRL.crl -# ?? -4.13.20 f InvalidDNnameConstraintsTest20EE.crt nameConstraintsDN1CACert.crt nameConstraintsDN1CACRL.crl -#4.13.21 p ValidRFC822nameConstraintsTest21EE.crt nameConstraintsRFC822CA1Cert.crt nameConstraintsRFC822CA1CRL.crl -#page 74 -end diff --git a/crypto/heimdal/lib/hx509/data/nist-data2 b/crypto/heimdal/lib/hx509/data/nist-data2 deleted file mode 100644 index 491beacfb6b6..000000000000 --- a/crypto/heimdal/lib/hx509/data/nist-data2 +++ /dev/null @@ -1,291 +0,0 @@ -# 4.1.1 Valid Signatures Test1 - Validate Successfully -0 ValidCertificatePathTest1EE.crt -# 4.1.2 Invalid CA Signature Test2 - Reject - Invalid signature on intermediate certificate -1 InvalidCASignatureTest2EE.crt -# 4.1.3 Invalid EE Signature Test3 - Reject - Invalid signature on end entity certificate -1 InvalidEESignatureTest3EE.crt -# 4.1.4 Valid DSA Signatures Test4 - Reject - Application can not process DSA signatures -1 ValidDSASignaturesTest4EE.crt -# 4.2.1 Invalid CA notBefore Date Test1 - Reject - notBefore date in intermediate certificate is after the current date -1 InvalidCAnotBeforeDateTest1EE.crt -# 4.2.2 Invalid EE notBefore Date Test2 - Reject - notBefore date in end entity certificate is after the current date -1 InvalidEEnotBeforeDateTest2EE.crt -# 4.2.3 Valid pre2000 UTC notBefore Date Test3 - Validate Successfully -0 Validpre2000UTCnotBeforeDateTest3EE.crt -# 4.2.4 Valid GeneralizedTime notBefore Date Test4 - Validate Successfully -0 ValidGeneralizedTimenotBeforeDateTest4EE.crt -# 4.2.5 Invalid CA notAfter Date Test5 - Reject - notAfter date in intermediate certificate is before the current date -1 InvalidCAnotAfterDateTest5EE.crt -# 4.2.6 Invalid EE notAfter Date Test6 - Reject - notAfter date in end entity certificate is before the current date -1 InvalidEEnotAfterDateTest6EE.crt -# 4.2.7 Invalid pre2000 UTC EE notAfter Date Test7 - Reject - notAfter date in end entity certificate is before the current date -1 Invalidpre2000UTCEEnotAfterDateTest7EE.crt -# 4.2.8 Valid GeneralizedTime notAfter Date Test8 - Validate Successfully -0 ValidGeneralizedTimenotAfterDateTest8EE.crt -# 4.3.1 Invalid Name Chaining EE Test1 - Reject - names do not chain -1 InvalidNameChainingTest1EE.crt -# 4.3.2 Invalid Name Chaining Order Test2 - Reject - names do not chain -1 InvalidNameChainingOrderTest2EE.crt -# 4.3.3 Valid Name Chaining Whitespace Test3 - Validate Successfully -0 ValidNameChainingWhitespaceTest3EE.crt -# 4.3.4 Valid Name Chaining Whitespace Test4 - Validate Successfully -0 ValidNameChainingWhitespaceTest4EE.crt -# 4.3.5 Valid Name Chaining Capitalization Test5 - Validate Successfully -0 ValidNameChainingCapitalizationTest5EE.crt -# 4.3.6 Valid Name Chaining UIDs Test6 - Validate Successfully -0 ValidNameUIDsTest6EE.crt -# 4.3.9 Valid UTF8String Encoded Names Test9 - Validate Successfully -0 ValidUTF8StringEncodedNamesTest9EE.crt -# 4.4.1 Missing CRL Test1 - Reject or Warn - status of end entity certificate can not be determined -3 InvalidMissingCRLTest1EE.crt -# 4.4.2 Invalid Revoked CA Test2 - Reject - an intermediate certificate has been revoked. -2 InvalidRevokedCATest2EE.crt -# 4.4.3 Invalid Revoked EE Test3 - Reject - the end entity certificate has been revoked -2 InvalidRevokedEETest3EE.crt -# 4.4.4. Invalid Bad CRL Signature Test4 - Reject or Warn - status of end entity certificate can not be determined -3 InvalidBadCRLSignatureTest4EE.crt -# 4.4.5 Invalid Bad CRL Issuer Name Test5 - Reject or Warn - status of end entity certificate can not be determined -3 InvalidBadCRLIssuerNameTest5EE.crt -# 4.4.6 Invalid Wrong CRL Test6 - Reject or Warn - status of end entity certificate can not be determined -3 InvalidWrongCRLTest6EE.crt -# 4.4.7 Valid Two CRLs Test7 - Validate Successfully -0 ValidTwoCRLsTest7EE.crt -# 4.4.8 Invalid Unknown CRL Entry Extension Test8 - Reject - the end entity certificate has been revoked -2 InvalidUnknownCRLEntryExtensionTest8EE.crt -# 4.4.9 Invalid Unknown CRL Extension Test9 - Reject - the end entity certificate has been revoked -2 InvalidUnknownCRLExtensionTest9EE.crt -# 4.4.10 Invalid Unknown CRL Extension Test10 - Reject or Warn - status of end entity certificate can not be determined -3 InvalidUnknownCRLExtensionTest10EE.crt -# 4.4.11 Invalid Old CRL nextUpdate Test11 - Reject or Warn - status of end entity certificate can not be determined -3 InvalidOldCRLnextUpdateTest11EE.crt -# 4.4.12 Invalid pre2000 CRL nextUpdate Tesst12 - Reject or Warn - status of end entity certificate can not be determined -3 Invalidpre2000CRLnextUpdateTest12EE.crt -# 4.4.13 Valid GeneralizedTime CRL nextUpdate Test13 - Validate Successfully -0 ValidGeneralizedTimeCRLnextUpdateTest13EE.crt -# 4.4.14 Valid Negative Serial Number Test14 - Validate Successfully -0 ValidNegativeSerialNumberTest14EE.crt -# 4.4.15 Invalid Negative Serial Number Test15 - Reject - the end entity certificate has been revoked -2 InvalidNegativeSerialNumberTest15EE.crt -# 4.4.16 Valid Long Serial Number Test16 - Validate Successfully -0 ValidLongSerialNumberTest16EE.crt -# 4.4.17 Valid Long Serial Number Test17 - Validate Successfully -0 ValidLongSerialNumberTest17EE.crt -# 4.4.18 Invalid Long Serial Number Test18 - Reject - the end entity certificate has been revoked -2 InvalidLongSerialNumberTest18EE.crt -# 4.4.19 Valid Separate Certificate and CRL Keys Test19 - Validate Successfully -0 ValidSeparateCertificateandCRLKeysTest19EE.crt -# 4.4.20 Invalid Separate Certificate and CRL Keys Test20 - Reject - the end entity certificate has been revoked -2 InvalidSeparateCertificateandCRLKeysTest20EE.crt -# 4.4.21 Invalid Separate Certificate and CRL Keys Test21 - Reject or Warn - status of end entity certificate can not be determined -3 InvalidSeparateCertificateandCRLKeysTest21EE.crt -# 4.5.1 Valid Basic Self-Issued Old With New Test1 - Validate Successfully -0 ValidBasicSelfIssuedOldWithNewTest1EE.crt -# 4.5.2 Invalid Basic Self-Issued Old With New Test2 - Reject - the end entity certificate has been revoked -2 InvalidBasicSelfIssuedOldWithNewTest2EE.crt -# 4.5.3 Valid Basic Self-Issued New With Old Test3 - Validate Successfully -0 ValidBasicSelfIssuedNewWithOldTest3EE.crt -# 4.5.4 Valid Basic Self-Issued New With Old Test4 - Validate Successfully -0 ValidBasicSelfIssuedNewWithOldTest4EE.crt -# 4.5.5 Invalid Basic Self-Issued New With Old Test5 - Reject - the end entity certificate has been revoked -2 InvalidBasicSelfIssuedNewWithOldTest5EE.crt -# 4.5.6 Valid Basic Self-Issued CRL Signing Key Test6 - Validate Successfully -0 ValidBasicSelfIssuedCRLSigningKeyTest6EE.crt -# 4.5.7 Invalid Basic Self-Issued CRL Signing Key Test7 - Reject - the end entity certificate has been revoked -2 InvalidBasicSelfIssuedCRLSigningKeyTest7EE.crt -# 4.5.8 Invalid Basic Self-Issued CRL Signing Key Test8 - Reject - invalid certification path -1 InvalidBasicSelfIssuedCRLSigningKeyTest8EE.crt -# 4.6.1 Invalid Missing basicConstraints Test1 - Reject - invalid certification path -1 InvalidMissingbasicConstraintsTest1EE.crt -# 4.6.2 Invalid cA False Test2 - Reject - invalid certification path -1 InvalidcAFalseTest2EE.crt -# 4.6.3 Invalid cA False Test3 - Reject - invalid certification path -1 InvalidcAFalseTest3EE.crt -# 4.6.4 Valid basicConstraints Not Critical Test4 - Validate Successfully -0 ValidbasicConstraintsNotCriticalTest4EE.crt -# 4.6.5 Invalid pathLenConstraint Test5 - Reject - invalid certification path -1 InvalidpathLenConstraintTest5EE.crt -# 4.6.6 Invalid pathLenConstraint Test6 - Reject - invalid certification path -1 InvalidpathLenConstraintTest6EE.crt -# 4.6.7 Valid pathLenConstraint Test7 - Validate Successfully -0 ValidpathLenConstraintTest7EE.crt -# 4.6.8 Valid pathLenConstraint Test8 - Validate Successfully -0 ValidpathLenConstraintTest8EE.crt -# 4.6.9 Invalid pathLenConstraint Test9 - Reject - invalid certification path -1 InvalidpathLenConstraintTest9EE.crt -# 4.6.10 Invalid pathLenConstraint Test10 - Reject - invalid certification path -1 InvalidpathLenConstraintTest10EE.crt -# 4.6.11 Invalid pathLenConstraint Test11 - Reject - invalid certification path -1 InvalidpathLenConstraintTest11EE.crt -# 4.6.12 Invalid pathLenConstraint Test12 - Reject - invalid certification path -1 InvalidpathLenConstraintTest12EE.crt -# 4.6.13 Valid pathLenConstraint Test13 - Validate Successfully -0 ValidpathLenConstraintTest13EE.crt -# 4.6.14 Valid pathLenConstraint Test14 - Validate Successfully -0 ValidpathLenConstraintTest14EE.crt -# 4.6.15 Valid Self-Issued pathLenConstraint Test15 - Validate Successfully -0 ValidSelfIssuedpathLenConstraintTest15EE.crt -# 4.6.16 Invalid Self-Issued pathLenConstraint Test16 - Reject - invalid certification path -1 InvalidSelfIssuedpathLenConstraintTest16EE.crt -# 4.6.17 Valid Self-Issued pathLenConstraint Test17 - Validate Successfully -0 ValidSelfIssuedpathLenConstraintTest17EE.crt -# 4.7.1 Invalid keyUsage Critical keyCertSign False Test1 - Reject - invalid certification path -1 InvalidkeyUsageCriticalkeyCertSignFalseTest1EE.crt -# 4.7.2 Invalid keyUsage Not Critical keyCertSign False Test2 - Reject - invalid certification path -1 InvalidkeyUsageNotCriticalkeyCertSignFalseTest2EE.crt -# 4.7.3 Valid keyUsage Not Critical Test3 - Validate Successfully -0 ValidkeyUsageNotCriticalTest3EE.crt -# 4.7.4 Invalid keyUsage Critical cRLSign False Test4 - Reject - invalid certification path -1 InvalidkeyUsageCriticalcRLSignFalseTest4EE.crt -# 4.7.5 Invalid keyUsage Not Critical cRLSign False Test5 - Reject - invalid certification path -1 InvalidkeyUsageNotCriticalcRLSignFalseTest5EE.crt -0 UserNoticeQualifierTest19EE.crt -# 4.10.1 Valid Policy Mapping Test1, subtest 1 - Reject - unrecognized critical extension [Test using the default settings (i.e., initial-policy-set = any-policy) -1 InvalidSelfIssuedrequireExplicitPolicyTest8EE.crt -# 4.11.2 Valid inhibitPolicyMapping Test2 - Reject - unrecognized critical extension -1 ValidinhibitPolicyMappingTest2EE.crt -# 4.12.2 Valid inhibitAnyPolicy Test2 - Reject - unrecognized critical extension -1 ValidinhibitAnyPolicyTest2EE.crt -# 4.13.1 Valid DN nameConstraints Test1 - Validate Successfully -0 ValidDNnameConstraintsTest1EE.crt -# 4.13.2 Invalid DN nameConstraints Test2 - Reject - name constraints violation -1 InvalidDNnameConstraintsTest2EE.crt -# 4.13.3 Invalid DN nameConstraints Test3 - Reject - name constraints violation -1 InvalidDNnameConstraintsTest3EE.crt -# 4.13.4 Valid DN nameConstraints Test4 - Validate Successfully -0 ValidDNnameConstraintsTest4EE.crt -# 4.13.5 Valid DN nameConstraints Test5 - Validate Successfully -0 ValidDNnameConstraintsTest5EE.crt -# 4.13.6 Valid DN nameConstraints Test6 - Validate Successfully -0 ValidDNnameConstraintsTest6EE.crt -# 4.13.7 Invalid DN nameConstraints Test7 - Reject - name constraints violation -1 InvalidDNnameConstraintsTest7EE.crt -# 4.13.8 Invalid DN nameConstraints Test8 - Reject - name constraints violation -1 InvalidDNnameConstraintsTest8EE.crt -# 4.13.9 Invalid DN nameConstraints Test9 - Reject - name constraints violation -1 InvalidDNnameConstraintsTest9EE.crt -# 4.13.10 Invalid DN nameConstraints Test10 - Reject - name constraints violation -1 InvalidDNnameConstraintsTest10EE.crt -# 4.13.11 Valid DN nameConstraints Test11 - Validate Successfully -0 ValidDNnameConstraintsTest11EE.crt -# 4.13.12 Invalid DN nameConstraints Test12 - Reject - name constraints violation -1 InvalidDNnameConstraintsTest12EE.crt -# 4.13.13 Invalid DN nameConstraints Test13 - Reject - name constraints violation -1 InvalidDNnameConstraintsTest13EE.crt -# 4.13.14 Valid DN nameConstraints Test14 - Validate Successfully -0 ValidDNnameConstraintsTest14EE.crt -# 4.13.15 Invalid DN nameConstraints Test15 - Reject - name constraints violation -1 InvalidDNnameConstraintsTest15EE.crt -# 4.13.16 Invalid DN nameConstraints Test16 - Reject - name constraints violation -1 InvalidDNnameConstraintsTest16EE.crt -# 4.13.17 Invalid DN nameConstraints Test17 - Reject - name constraints violation -1 InvalidDNnameConstraintsTest17EE.crt -# 4.13.18 Valid DN nameConstraints Test18 - Validate Successfully -0 ValidDNnameConstraintsTest18EE.crt -# 4.13.19 Valid Self-Issued DN nameConstraints Test19 - Validate Successfully -0 ValidDNnameConstraintsTest19EE.crt -# 4.13.20 Invalid Self-Issued DN nameConstraints Test20 - Reject - name constraints violation -1 InvalidDNnameConstraintsTest20EE.crt -# 4.13.21 Valid RFC822 nameConstraints Test21 - Validate Successfully -0 ValidRFC822nameConstraintsTest21EE.crt -# 4.13.22 Invalid RFC822 nameConstraints Test22 - Reject - name constraints violation -1 InvalidRFC822nameConstraintsTest22EE.crt -# 4.13.23 Valid RFC822 nameConstraints Test23 - Validate Successfully -0 ValidRFC822nameConstraintsTest23EE.crt -# 4.13.24 Invalid RFC822 nameConstraints Test24 - Reject - name constraints violation -1 InvalidRFC822nameConstraintsTest24EE.crt -# 4.13.25 Valid RFC822 nameConstraints Test25 - Validate Successfully -0 ValidRFC822nameConstraintsTest25EE.crt -# 4.13.26 Invalid RFC822 nameConstraints Test26 - Reject - name constraints violation -1 InvalidRFC822nameConstraintsTest26EE.crt -# 4.13.27 Valid DN and RFC822 nameConstraints Test27 - Validate Successfully -0 ValidDNandRFC822nameConstraintsTest27EE.crt -# 4.13.28 Invalid DN and RFC822 nameConstraints Test28 - Reject - name constraints violation -1 InvalidDNandRFC822nameConstraintsTest28EE.crt -# 4.13.29 Invalid DN and RFC822 nameConstraints Test29 - Reject - name constraints violation -1 InvalidDNandRFC822nameConstraintsTest29EE.crt -# 4.13.30 Valid DNS nameConstraints Test30 - Validate Successfully -0 ValidDNSnameConstraintsTest30EE.crt -# 4.13.31 Invalid DNS nameConstraints Test31 - Reject - name constraints violation -1 InvalidDNSnameConstraintsTest31EE.crt -# 4.13.32 Valid DNS nameConstraints Test32 - Validate Successfully -0 ValidDNSnameConstraintsTest32EE.crt -# 4.13.33 Invalid DNS nameConstraints Test33 - Reject - name constraints violation -1 InvalidDNSnameConstraintsTest33EE.crt -# 4.13.34 Valid URI nameConstraints Test34 - Validate Successfully -0 ValidURInameConstraintsTest34EE.crt -# 4.13.35 Invalid URI nameConstraints Test35 - Reject - name constraints violation -1 InvalidURInameConstraintsTest35EE.crt -# 4.13.36 Valid URI nameConstraints Test36 - Validate Successfully -0 ValidURInameConstraintsTest36EE.crt -# 4.13.37 Invalid URI nameConstraints Test37 - Reject - name constraints violation -1 InvalidURInameConstraintsTest37EE.crt -# 4.13.38 Invalid DNS nameConstraints Test38 - Reject - name constraints violation -1 InvalidDNSnameConstraintsTest38EE.crt -# 4.14.1 Valid distributionPoint Test1 - Validate Successfully -0 ValiddistributionPointTest1EE.crt -# 4.14.2 Invalid distributionPoint Test2 - Reject - end entity certificate has been revoked -2 InvaliddistributionPointTest2EE.crt -# 4.14.3 Invalid distributionPoint Test3 - Reject or Warn - status of end entity certificate can not be determined -3 InvaliddistributionPointTest3EE.crt -# 4.14.4 Valid distributionPoint Test4 - Validate Successfully -0 ValiddistributionPointTest4EE.crt -# 4.14.5 Valid distributionPoint Test5 - Validate Successfully -0 ValiddistributionPointTest5EE.crt -# 4.14.6 Invalid distributionPoint Test6 - Reject - end entity certificate has been revoked -2 InvaliddistributionPointTest6EE.crt -# 4.14.7 Valid distributionPoint Test7 - Validate Successfully -0 ValiddistributionPointTest7EE.crt -# 4.14.8 Invalid distributionPoint Test8 - Reject or Warn - status of end entity certificate can not be determined -3 InvaliddistributionPointTest8EE.crt -# 4.14.9 Invalid distributionPoint Test9 - Reject or Warn - status of end entity certificate can not be determined -3 InvaliddistributionPointTest9EE.crt -# 4.14.10 Valid No issuingDistributionPoint Test10 - Validate Successfully -0 ValidNoissuingDistributionPointTest10EE.crt -# 4.14.11 Invalid onlyContainsUserCerts CRL Test11 - Reject or Warn - status of end entity certificate can not be determined -3 InvalidonlyContainsUserCertsTest11EE.crt -# 4.14.12 Invalid onlyContainsCACerts CRL Test12 - Reject or Warn - status of end entity certificate can not be determined -3 InvalidonlyContainsCACertsTest12EE.crt -# 4.14.13 Valid onlyContainsCACerts CRL Test13 - Validate Successfully -0 ValidonlyContainsCACertsTest13EE.crt -# 4.14.14 Invalid onlyContainsAttributeCerts Test14 - Reject or Warn - status of end entity certificate can not be determined -3 InvalidonlyContainsAttributeCertsTest14EE.crt -# 4.14.15 Invalid onlySomeReasons Test15 - Reject - end entity certificate has been revoked -2 InvalidonlySomeReasonsTest15EE.crt -# 4.14.16 Invalid onlySomeReasons Test16 - Reject - end entity certificate is on hold -2 InvalidonlySomeReasonsTest16EE.crt -# 4.14.17 Invalid onlySomeReasons Test17 - Reject or Warn - status of end entity certificate can not be determined -3 InvalidonlySomeReasonsTest17EE.crt -# 4.14.18 Valid onlySomeReasons Test18 - Validate Successfully -0 ValidonlySomeReasonsTest18EE.crt -# 4.14.19 Valid onlySomeReasons Test19 - Validate Successfully -0 ValidonlySomeReasonsTest19EE.crt -# 4.14.20 Invalid onlySomeReasons Test20 - Reject - end entity certificate has been revoked -2 InvalidonlySomeReasonsTest20EE.crt -# 4.14.21 Invalid onlySomeReasons Test21 - Reject - end entity certificate has been revoked -2 InvalidonlySomeReasonsTest21EE.crt -# 4.14.24 Valid IDP with indirectCRL Test24 - Reject or Warn - status of end entity certificate can not be determined -3 ValidIDPwithindirectCRLTest24EE.crt -# 4.15.1 Invalid deltaCRLIndicator No Base Test1 - Reject or Warn - status of end entity certificate can not be determined -3 InvaliddeltaCRLIndicatorNoBaseTest1EE.crt -# 4.15.2 Valid delta-CRL Test2 - Validate Successfully -0 ValiddeltaCRLTest2EE.crt -# 4.15.3 Invalid delta-CRL Test3 - Reject - end entity certificate has been revoked -2 InvaliddeltaCRLTest3EE.crt -# 4.15.4 Invalid delta-CRL Test4 - Reject - end entity certificate has been revoked -2 InvaliddeltaCRLTest4EE.crt -# 4.15.5 Valid delta-CRL Test5 - Validate Successfully -0 ValiddeltaCRLTest5EE.crt -# 4.15.6 Invalid delta-CRL Test6 - Reject - end entity certificate has been revoked -2 InvaliddeltaCRLTest6EE.crt -# 4.15.7 Valid delta-CRL Test7 - Validate Successfully -0 ValiddeltaCRLTest7EE.crt -# 4.15.8 Valid delta-CRL Test8 - Validate Successfully -0 ValiddeltaCRLTest8EE.crt -# 4.15.9 Invalid delta-CRL Test9 - Reject - end entity certificate has been revoked -2 InvaliddeltaCRLTest9EE.crt -# 4.15.10 Invalid delta-CRL Test10 - Reject or Warn - status of end entity certificate can not be determined -3 InvaliddeltaCRLTest10EE.crt -# 4.16.1 Valid Unknown Not Critical Certificate Extension Test1 - Validate Successfully -0 ValidUnknownNotCriticalCertificateExtensionTest1EE.crt -# 4.16.2 Invalid Unknown Critical Certificate Extension Test2 - Reject - unrecognized critical extension -1 InvalidUnknownCriticalCertificateExtensionTest2EE.crt diff --git a/crypto/heimdal/lib/hx509/data/no-proxy-test.crt b/crypto/heimdal/lib/hx509/data/no-proxy-test.crt deleted file mode 100644 index d57802e44699..000000000000 --- a/crypto/heimdal/lib/hx509/data/no-proxy-test.crt +++ /dev/null @@ -1,13 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICDDCCAXWgAwIBAgIJAI8UaHGQmUvOMA0GCSqGSIb3DQEBBQUAMCExCzAJBgNV -BAYTAlNFMRIwEAYDVQQDDAlUZXN0IGNlcnQwHhcNMDcxMTE1MDY1ODU5WhcNMTcx -MTEyMDY1ODU5WjA0MQswCQYDVQQGEwJTRTESMBAGA1UEAwwJVGVzdCBjZXJ0MREw -DwYDVQQDDAhuby1wcm94eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvF58 -Sgq1QTZwsXyFvMTo2Iit/NLZupuIlJgctZJ51EOaFBmTfqt/PgxQKmgqQhgFW+HT -8WPdvvfUxjwe4BiIORYoCX8pl/wGFCa70zUC7/5IoMmhb9XBrecOxswRNK8EvGhF -67z2uDUS4LASuy7ng8HSuAM0PCHYnGmqeYrR6jUCAwEAAaM5MDcwCQYDVR0TBAIw -ADALBgNVHQ8EBAMCBeAwHQYDVR0OBBYEFJ+WD/mqMrbcBts4x0tXv0CflIcZMA0G -CSqGSIb3DQEBBQUAA4GBAEAODiL2ZL2ZhkklFbHXSg/ZEkUs1Oewpg+bDO6xjute -hnarKTrWFWiSgQ9yhZMa8klaNCdHjDo0Q5borQeVzp027cemLdnLyxusSuIJRqy+ -mZtNl7533q+oKWydZtvNmXRlGi5HmJV5JAjEXbadqUnlRJ/CdN1WvdwLWfvbW5DL ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/no-proxy-test.key b/crypto/heimdal/lib/hx509/data/no-proxy-test.key deleted file mode 100644 index 1c4793756678..000000000000 --- a/crypto/heimdal/lib/hx509/data/no-proxy-test.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQC8XnxKCrVBNnCxfIW8xOjYiK380tm6m4iUmBy1knnUQ5oUGZN+ -q38+DFAqaCpCGAVb4dPxY92+99TGPB7gGIg5FigJfymX/AYUJrvTNQLv/kigyaFv -1cGt5w7GzBE0rwS8aEXrvPa4NRLgsBK7LueDwdK4AzQ8Idicaap5itHqNQIDAQAB -AoGBAJt0CnR8U8tGp0gCMMhxZIvWeGfOhnr3AodG5WJ/SGWBiLWPyeZel7rYJIxq -vH0hH8MNIoDy3rxMAN+8G+rqs/elE8zeYv8FCP4jahz+HPKeJIjFm1MBOHZQspq7 -Y4OfoBH+EgqJjBRxuBIeCUqVhyluSsYHQFihurp3a76dHvxBAkEA7c4KjJ6mka9C -9X+Tp2EKW+h8npEEXbLIvHet9p0pzD5PhE2aVvSEAXEqxdbuFAb4LVApUdd4Quec -PXa0EOF7UQJBAMrIIV317rGPlmEXqt681KkHo30C2e6SpM6by42r+csTs+6KDZdf -uDWZKb4o9bLTj+A0LC73ySESv4PlGC+8v6UCQEIRnJy091JCfzf12fAG5fni/byQ -TcY6hcrW9V4vDA3SwgTgCqFeDc7Ywil1LXAi/5CXVOOIGcF818u7zwthmgECQCm+ -Rvgjr05IA6nbCGavsotVMjeCxcAR2fFaKu3wEAzY8npRWvjlUHNgIzKtFd8JJB4A -P3Qvt+yiAmCxYWg6T60CQHvGW0M/usmQXEGWMx+KCkm71UKcKCxDEKzZ8mI3jQ3H -b6Whs1NdsQJwIEXHB2Sb2GmTIlFjXczw7fp/ub3Dx84= ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/data/ocsp-req1.der b/crypto/heimdal/lib/hx509/data/ocsp-req1.der deleted file mode 100644 index 869a7dc87d3a..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/ocsp-req1.der and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/ocsp-req2.der b/crypto/heimdal/lib/hx509/data/ocsp-req2.der deleted file mode 100644 index c1481e186dbc..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/ocsp-req2.der and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/ocsp-resp1-2.der b/crypto/heimdal/lib/hx509/data/ocsp-resp1-2.der deleted file mode 100644 index 98d88e4bf265..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/ocsp-resp1-2.der and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/ocsp-resp1-3.der b/crypto/heimdal/lib/hx509/data/ocsp-resp1-3.der deleted file mode 100644 index 4c650162f796..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/ocsp-resp1-3.der and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/ocsp-resp1-ca.der b/crypto/heimdal/lib/hx509/data/ocsp-resp1-ca.der deleted file mode 100644 index 245016891513..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/ocsp-resp1-ca.der and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/ocsp-resp1-keyhash.der b/crypto/heimdal/lib/hx509/data/ocsp-resp1-keyhash.der deleted file mode 100644 index 19cf6c80cc95..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/ocsp-resp1-keyhash.der and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/ocsp-resp1-ocsp-no-cert.der b/crypto/heimdal/lib/hx509/data/ocsp-resp1-ocsp-no-cert.der deleted file mode 100644 index 460b5f7ea157..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/ocsp-resp1-ocsp-no-cert.der and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/ocsp-resp1-ocsp.der b/crypto/heimdal/lib/hx509/data/ocsp-resp1-ocsp.der deleted file mode 100644 index 87173ff610a0..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/ocsp-resp1-ocsp.der and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/ocsp-resp1.der b/crypto/heimdal/lib/hx509/data/ocsp-resp1.der deleted file mode 100644 index 8546eba86f69..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/ocsp-resp1.der and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/ocsp-resp2.der b/crypto/heimdal/lib/hx509/data/ocsp-resp2.der deleted file mode 100644 index 0ba588a80869..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/ocsp-resp2.der and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/ocsp-responder.crt b/crypto/heimdal/lib/hx509/data/ocsp-responder.crt deleted file mode 100644 index fb55a8a53939..000000000000 --- a/crypto/heimdal/lib/hx509/data/ocsp-responder.crt +++ /dev/null @@ -1,56 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1 (0x1) - Signature Algorithm: sha1WithRSAEncryption - Issuer: CN=hx509 Test Root CA, C=SE - Validity - Not Before: Nov 15 06:58:56 2007 GMT - Not After : Nov 12 06:58:56 2017 GMT - Subject: C=SE, CN=OCSP responder - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:d9:10:2f:04:de:99:10:61:02:ff:4e:b5:54:6f: - 98:80:70:fb:a1:e0:97:ee:a9:0f:74:47:a9:8c:a5: - 86:ff:b8:ea:80:d9:ae:45:07:bd:33:93:e2:f4:f1: - dd:dc:86:6e:9a:6c:b7:67:11:50:ad:9c:b0:0f:68: - 5d:4d:74:2a:24:4e:5e:c6:c0:9e:6a:a2:ed:80:31: - d9:ac:79:c7:09:07:1f:9c:c3:12:33:88:72:9d:99: - c5:f4:fd:c6:a1:9f:09:04:e0:7d:b0:ed:1f:91:4c: - 8e:de:9b:6d:7d:cb:2e:83:32:0e:32:57:f1:16:07: - ed:69:fc:0e:a8:2a:ad:82:9d - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Key Usage: - Digital Signature, Non Repudiation, Key Encipherment - X509v3 Extended Key Usage: - OCSP No Check, OCSP Signing - X509v3 Subject Key Identifier: - 9C:BE:33:AF:C2:52:C6:F2:46:5F:A8:67:71:02:F1:70:4B:A7:B7:14 - Signature Algorithm: sha1WithRSAEncryption - 8b:c5:8e:d6:dc:ba:e3:77:da:66:2b:be:c4:a6:4c:b0:30:6d: - fd:26:3d:8d:1d:ad:c5:8c:88:61:86:0a:da:48:e8:39:cf:c5: - 83:98:e7:f9:ff:92:a7:ba:fe:b4:b4:6c:bb:84:17:fd:e3:71: - 9e:a7:39:af:d3:08:0b:1f:05:29:cf:ef:e4:3c:82:7e:ee:aa: - 4a:19:3b:17:e6:e9:2d:b4:f7:4f:e2:f3:6b:04:20:58:42:fa: - e2:b6:d4:80:c4:db:22:32:ce:cb:59:23:8b:df:ba:87:bb:bf: - 4e:ea:b0:1e:7a:73:b4:c9:06:aa:f1:59:cf:d3:28:db:d2:6c: - a0:dd ------BEGIN CERTIFICATE----- -MIICHzCCAYigAwIBAgIBATANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw -OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA3MTExNTA2NTg1NloXDTE3 -MTExMjA2NTg1NlowJjELMAkGA1UEBhMCU0UxFzAVBgNVBAMMDk9DU1AgcmVzcG9u -ZGVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZEC8E3pkQYQL/TrVUb5iA -cPuh4JfuqQ90R6mMpYb/uOqA2a5FB70zk+L08d3chm6abLdnEVCtnLAPaF1NdCok -Tl7GwJ5qou2AMdmseccJBx+cwxIziHKdmcX0/cahnwkE4H2w7R+RTI7em219yy6D -Mg4yV/EWB+1p/A6oKq2CnQIDAQABo1kwVzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF -4DAeBgNVHSUEFzAVBgkrBgEFBQcwAQUGCCsGAQUFBwMJMB0GA1UdDgQWBBScvjOv -wlLG8kZfqGdxAvFwS6e3FDANBgkqhkiG9w0BAQUFAAOBgQCLxY7W3Lrjd9pmK77E -pkywMG39Jj2NHa3FjIhhhgraSOg5z8WDmOf5/5Knuv60tGy7hBf943Gepzmv0wgL -HwUpz+/kPIJ+7qpKGTsX5ukttPdP4vNrBCBYQvrittSAxNsiMs7LWSOL37qHu79O -6rAeenO0yQaq8VnP0yjb0myg3Q== ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/ocsp-responder.key b/crypto/heimdal/lib/hx509/data/ocsp-responder.key deleted file mode 100644 index 24369bc1cbf8..000000000000 --- a/crypto/heimdal/lib/hx509/data/ocsp-responder.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQDZEC8E3pkQYQL/TrVUb5iAcPuh4JfuqQ90R6mMpYb/uOqA2a5F -B70zk+L08d3chm6abLdnEVCtnLAPaF1NdCokTl7GwJ5qou2AMdmseccJBx+cwxIz -iHKdmcX0/cahnwkE4H2w7R+RTI7em219yy6DMg4yV/EWB+1p/A6oKq2CnQIDAQAB -AoGBALXDXowmVmgnxFnEMAWvmTVc5unL5437VayaYbkb1ysGTqBtKAg4DdBF81QH -wS/sBmwbw4x0LGnk/m04iIDWWH4ZTH0HHthLxTiIrGHenS01V4Ucq1EjhYNJW/bk -8FGf91UDknZrEnvPFQxvdSLHVSB+WHgqkX8WXPc7MwoJ7HblAkEA9pmjB8TXxeky -B8+0G65u3QDWMzmfw12oHgKHnHxKyL/gamHERNPJ0NsFE4BtsSF1LJQYCw189s8m -GDpa0uW0iwJBAOFWUiJSYYVTSdcmfjI99XUCo9rXEkaJXY0etjK5q+rK21mrkWNQ -M7fWVZDbQZfbTP1LiUak+qjz64J9/iOogncCQEXUT6Qdi3RRiodHu5qzFFWkrQMo -aCMsXDTTRo97arnaC7RUJv3OczGfM5rIHUexT7rl3MEUerRxCDqIG7voq+0CQQDE -806sgvaLsoVqkFFilnbwg5M1lh96GVv0GTDEWzZg7FcWI/faJuJdPu/gwVKuaNX8 -2cWtQkt32mIw1vCGuCT3AkAfubHAXeiBHHE95jLtQ98s4KzOaZtFnQfn14c8nGS0 -2qUv1RHYZEVHYnsOZs3pLyOdxrZOlOSE6gKHCGVHoUKJ ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/data/openssl.cnf b/crypto/heimdal/lib/hx509/data/openssl.cnf deleted file mode 100644 index 7fe3b649dbf7..000000000000 --- a/crypto/heimdal/lib/hx509/data/openssl.cnf +++ /dev/null @@ -1,182 +0,0 @@ -oid_section = new_oids - -[ new_oids ] -pkkdcekuoid = 1.3.6.1.5.2.3.5 - -[ca] - -default_ca = user - -[usr] -database = index.txt -serial = serial -x509_extensions = usr_cert -default_md=sha1 -policy = policy_match -certs = . - -[ocsp] -database = index.txt -serial = serial -x509_extensions = ocsp_cert -default_md=sha1 -policy = policy_match -certs = . - -[usr_ke] -database = index.txt -serial = serial -x509_extensions = usr_cert_ke -default_md=sha1 -policy = policy_match -certs = . - -[usr_ds] -database = index.txt -serial = serial -x509_extensions = usr_cert_ds -default_md=sha1 -policy = policy_match -certs = . - -[pkinit_client] -database = index.txt -serial = serial -x509_extensions = pkinit_client_cert -default_md=sha1 -policy = policy_match -certs = . - -[pkinit_kdc] -database = index.txt -serial = serial -x509_extensions = pkinit_kdc_cert -default_md=sha1 -policy = policy_match -certs = . - -[https] -database = index.txt -serial = serial -x509_extensions = https_cert -default_md=sha1 -policy = policy_match -certs = . - -[subca] -database = index.txt -serial = serial -x509_extensions = v3_ca -default_md=sha1 -policy = policy_match -certs = . - - -[ req ] -distinguished_name = req_distinguished_name -x509_extensions = v3_ca # The extentions to add to the self signed cert - -string_mask = utf8only - -[ v3_ca ] - -subjectKeyIdentifier=hash -authorityKeyIdentifier=keyid:always,issuer:always -basicConstraints = CA:true -keyUsage = cRLSign, keyCertSign, keyEncipherment, nonRepudiation, digitalSignature - -[ usr_cert ] -basicConstraints=CA:FALSE -keyUsage = nonRepudiation, digitalSignature, keyEncipherment -subjectKeyIdentifier = hash - -[ usr_cert_ke ] -basicConstraints=CA:FALSE -keyUsage = nonRepudiation, keyEncipherment -subjectKeyIdentifier = hash - -[ proxy_cert ] -basicConstraints=CA:FALSE -keyUsage = nonRepudiation, digitalSignature, keyEncipherment -subjectKeyIdentifier = hash -proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:0,policy:text:foo - -[pkinitc_princ_name] -realm = EXP:0, GeneralString:TEST.H5L.SE -principal_name = EXP:1, SEQUENCE:pkinitc_principal_seq - -[ pkinit_client_cert ] -basicConstraints=CA:FALSE -keyUsage = nonRepudiation, digitalSignature, keyEncipherment -subjectKeyIdentifier = hash -subjectAltName=otherName:1.3.6.1.5.2.2;SEQUENCE:pkinitc_princ_name - -[pkinitc_principal_seq] -name_type = EXP:0, INTEGER:1 -name_string = EXP:1, SEQUENCE:pkinitc_principals - -[pkinitc_principals] -princ1 = GeneralString:bar - -[ https_cert ] -basicConstraints=CA:FALSE -keyUsage = nonRepudiation, digitalSignature, keyEncipherment -#extendedKeyUsage = https-server XXX -subjectKeyIdentifier = hash - -[ pkinit_kdc_cert ] -basicConstraints=CA:FALSE -keyUsage = nonRepudiation, digitalSignature, keyEncipherment -extendedKeyUsage = pkkdcekuoid -subjectKeyIdentifier = hash -subjectAltName=otherName:1.3.6.1.5.2.2;SEQUENCE:pkinitkdc_princ_name - -[pkinitkdc_princ_name] -realm = EXP:0, GeneralString:TEST.H5L.SE -principal_name = EXP:1, SEQUENCE:pkinitkdc_principal_seq - -[pkinitkdc_principal_seq] -name_type = EXP:0, INTEGER:1 -name_string = EXP:1, SEQUENCE:pkinitkdc_principals - -[pkinitkdc_principals] -princ1 = GeneralString:krbtgt -princ2 = GeneralString:TEST.H5L.SE - -[ proxy10_cert ] -basicConstraints=CA:FALSE -keyUsage = nonRepudiation, digitalSignature, keyEncipherment -subjectKeyIdentifier = hash -proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:10,policy:text:foo - -[ usr_cert_ds ] -basicConstraints=CA:FALSE -keyUsage = nonRepudiation, digitalSignature -subjectKeyIdentifier = hash - -[ ocsp_cert ] -basicConstraints=CA:FALSE -keyUsage = nonRepudiation, digitalSignature, keyEncipherment -# ocsp-nocheck and kp-OCSPSigning -extendedKeyUsage = 1.3.6.1.5.5.7.48.1.5, 1.3.6.1.5.5.7.3.9 -subjectKeyIdentifier = hash - -[ req_distinguished_name ] -countryName = Country Name (2 letter code) -countryName_default = SE -countryName_min = 2 -countryName_max = 2 - -organizationalName = Organizational Unit Name (eg, section) - -commonName = Common Name (eg, YOUR name) -commonName_max = 64 - -#[ req_attributes ] -#challengePassword = A challenge password -#challengePassword_min = 4 -#challengePassword_max = 20 - -[ policy_match ] -countryName = match -commonName = supplied diff --git a/crypto/heimdal/lib/hx509/data/pkinit-proxy-chain.crt b/crypto/heimdal/lib/hx509/data/pkinit-proxy-chain.crt deleted file mode 100644 index 7349a6241762..000000000000 --- a/crypto/heimdal/lib/hx509/data/pkinit-proxy-chain.crt +++ /dev/null @@ -1,70 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICMTCCAZqgAwIBAgIJAJWfAgX+rDGvMA0GCSqGSIb3DQEBBQUAMB4xCzAJBgNV -BAYTAlNFMQ8wDQYDVQQDDAZwa2luaXQwHhcNMDcxMTE1MDY1ODU3WhcNMTcxMTEy -MDY1ODU3WjA1MQswCQYDVQQGEwJTRTEPMA0GA1UEAwwGcGtpbml0MRUwEwYDVQQD -DAxwa2luaXQtcHJveHkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJk+5riF -ML9djk75CGm9WUN37N+EKXZvLS1/jLsQbxOWPnfZ/bHPpnI2I4EEavSQUgrlbpLf -5IZsxlAFtokSROpef1MQ3oyJFom8c1Ut37zEJL13m4pjUZjr8Ky+OUsWNVieRIXU -eHw2+Ny8a5y3XOygCJWDzaCTcm+nvfTmVsr9AgMBAAGjYDBeMAkGA1UdEwQCMAAw -CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBQRgztmDHmF1DecOPint9iafFNckDAlBggr -BgEFBQcBDgEB/wQWMBQCAQAwDwYIKwYBBQUHFQAEA2ZvbzANBgkqhkiG9w0BAQUF -AAOBgQCYm9bHTRfvEpjnKXQz9t8Uh9L+prU2+BMDClnDHsBE/Pb1vH40rOIT2sV8 -KQnjo+TVlvHXDxUy/HMY5O/5umLbzP4xr6mWwP5B2K5y566WHThz2ltcRgcmbRrn -eOzN87+Gt1XqrTIlFftvxGX9U0PxyxFTASAOiv0hFvZN5GxYzQ== ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 6 (0x6) - Signature Algorithm: sha1WithRSAEncryption - Issuer: CN=hx509 Test Root CA, C=SE - Validity - Not Before: Nov 15 06:58:57 2007 GMT - Not After : Nov 12 06:58:57 2017 GMT - Subject: C=SE, CN=pkinit - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:a3:44:b1:8a:42:9d:d0:3f:30:de:e8:66:42:c1: - f1:c9:98:8f:d2:bd:eb:59:67:3d:5e:0e:35:ca:3b: - b8:91:b0:fc:e5:22:3a:2d:62:81:56:bb:51:77:60: - ac:83:43:75:87:ce:f1:f6:bd:ab:f2:07:c5:8d:d5: - b8:56:9e:8e:45:93:bd:c6:ac:5d:20:3e:cb:14:e8: - 10:07:b9:5e:07:ac:56:13:48:1b:84:c7:30:62:f4: - e4:19:67:b5:1b:3a:ac:af:0b:92:e2:00:90:2f:81: - 75:b6:63:3f:43:a5:e9:76:ee:33:75:74:b2:76:5d: - a5:76:f2:f9:30:68:ec:e8:47 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Key Usage: - Digital Signature, Non Repudiation, Key Encipherment - X509v3 Subject Key Identifier: - 66:BB:EC:4F:F0:52:7E:D1:F4:F4:F9:CD:E9:B6:C7:C4:FC:2A:2F:4F - X509v3 Subject Alternative Name: - othername: - Signature Algorithm: sha1WithRSAEncryption - 1f:bd:87:72:d7:85:93:f9:96:97:6f:25:2f:89:1f:09:64:ff: - da:44:92:d0:59:6e:4f:cf:29:d7:5a:78:64:40:1c:3d:a5:80: - e9:b9:92:85:44:2e:25:ab:5c:8d:35:4b:5b:47:c6:79:61:cf: - b9:75:55:0b:20:6a:ad:ec:f5:0f:47:1e:e7:72:b0:b6:61:0f: - d6:84:e3:e4:29:05:4d:d1:7c:7b:a6:7b:6f:b2:af:9a:6b:dd: - 81:ae:5d:c1:7b:74:11:86:18:2e:38:eb:ed:33:03:f6:05:4b: - ec:d7:7d:53:6c:71:01:86:fb:fb:63:dd:5b:cb:10:85:96:f2: - 43:43 ------BEGIN CERTIFICATE----- -MIICMTCCAZqgAwIBAgIBBjANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw -OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA3MTExNTA2NTg1N1oXDTE3 -MTExMjA2NTg1N1owHjELMAkGA1UEBhMCU0UxDzANBgNVBAMMBnBraW5pdDCBnzAN -BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo0SxikKd0D8w3uhmQsHxyZiP0r3rWWc9 -Xg41yju4kbD85SI6LWKBVrtRd2Csg0N1h87x9r2r8gfFjdW4Vp6ORZO9xqxdID7L -FOgQB7leB6xWE0gbhMcwYvTkGWe1GzqsrwuS4gCQL4F1tmM/Q6Xpdu4zdXSydl2l -dvL5MGjs6EcCAwEAAaNzMHEwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYDVR0O -BBYEFGa77E/wUn7R9PT5zem2x8T8Ki9PMDgGA1UdEQQxMC+gLQYGKwYBBQICoCMw -IaANGwtURVNULkg1TC5TRaEQMA6gAwIBAaEHMAUbA2JhcjANBgkqhkiG9w0BAQUF -AAOBgQAfvYdy14WT+ZaXbyUviR8JZP/aRJLQWW5PzynXWnhkQBw9pYDpuZKFRC4l -q1yNNUtbR8Z5Yc+5dVULIGqt7PUPRx7ncrC2YQ/WhOPkKQVN0Xx7pntvsq+aa92B -rl3Be3QRhhguOOvtMwP2BUvs131TbHEBhvv7Y91byxCFlvJDQw== ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/pkinit-proxy.crt b/crypto/heimdal/lib/hx509/data/pkinit-proxy.crt deleted file mode 100644 index 3867a892f871..000000000000 --- a/crypto/heimdal/lib/hx509/data/pkinit-proxy.crt +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICMTCCAZqgAwIBAgIJAJWfAgX+rDGvMA0GCSqGSIb3DQEBBQUAMB4xCzAJBgNV -BAYTAlNFMQ8wDQYDVQQDDAZwa2luaXQwHhcNMDcxMTE1MDY1ODU3WhcNMTcxMTEy -MDY1ODU3WjA1MQswCQYDVQQGEwJTRTEPMA0GA1UEAwwGcGtpbml0MRUwEwYDVQQD -DAxwa2luaXQtcHJveHkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJk+5riF -ML9djk75CGm9WUN37N+EKXZvLS1/jLsQbxOWPnfZ/bHPpnI2I4EEavSQUgrlbpLf -5IZsxlAFtokSROpef1MQ3oyJFom8c1Ut37zEJL13m4pjUZjr8Ky+OUsWNVieRIXU -eHw2+Ny8a5y3XOygCJWDzaCTcm+nvfTmVsr9AgMBAAGjYDBeMAkGA1UdEwQCMAAw -CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBQRgztmDHmF1DecOPint9iafFNckDAlBggr -BgEFBQcBDgEB/wQWMBQCAQAwDwYIKwYBBQUHFQAEA2ZvbzANBgkqhkiG9w0BAQUF -AAOBgQCYm9bHTRfvEpjnKXQz9t8Uh9L+prU2+BMDClnDHsBE/Pb1vH40rOIT2sV8 -KQnjo+TVlvHXDxUy/HMY5O/5umLbzP4xr6mWwP5B2K5y566WHThz2ltcRgcmbRrn -eOzN87+Gt1XqrTIlFftvxGX9U0PxyxFTASAOiv0hFvZN5GxYzQ== ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/pkinit-proxy.key b/crypto/heimdal/lib/hx509/data/pkinit-proxy.key deleted file mode 100644 index d04b0091e777..000000000000 --- a/crypto/heimdal/lib/hx509/data/pkinit-proxy.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQCZPua4hTC/XY5O+QhpvVlDd+zfhCl2by0tf4y7EG8Tlj532f2x -z6ZyNiOBBGr0kFIK5W6S3+SGbMZQBbaJEkTqXn9TEN6MiRaJvHNVLd+8xCS9d5uK -Y1GY6/CsvjlLFjVYnkSF1Hh8NvjcvGuct1zsoAiVg82gk3Jvp7305lbK/QIDAQAB -AoGAKH4TbuxariYlZT6ud2o9/PLiV0lPv2ivEleiswcrooxPo1GplGNfAszFYuDs -9gRweUqYhhy9ALwbRqfLzLpUFQUBzQ1cZlO23m48GsCPL4XJxlzE9+w/wLWWaqsK -syFax5T//iokYVa07AvFZxWpEUixewirJrhNyUafdKk8W8ECQQDKpH/pvljO6e9J -jC65aTYPzMXAUp54DMWu1+FXUyELxGp+GjAwwhESpSLEaAnZH97H6ZtTiJku3Z0n -pMsrH7WtAkEAwZi2sV8I/MjFPpti/zf6OHEJo89/SgTYIHmL6pE3tuNWhw/9Dorc -N45cMGAiGep2HQdfZFGD0OekzLGeGBj0kQJAPFdNi5HVqg945IKsqyNMKNpGDGXN -sFvFRbIc9L7ZOULMny43KV2wbcfkmW2NeS0HTqoeSXqEerMdB+AHa5jupQJADALP -gt2kjxpdsm6ti6wLaCkLMhCTkyINzqX72ke8LyqXmbWSO669zuyUJ6QvOXBkd5SX -hH/SL8nPXau/ZTtXIQJBAICcJBlgxhrUn5C12wwuQw/BZi6qK9KdVcWTapnhE7eQ -Z6k/Pbi53/aI2g1EXq7G3RrQvAhV43AW5foJWqijDdA= ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/data/pkinit-pw.key b/crypto/heimdal/lib/hx509/data/pkinit-pw.key deleted file mode 100644 index 563ccf112094..000000000000 --- a/crypto/heimdal/lib/hx509/data/pkinit-pw.key +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: AES-256-CBC,1698161265C4033B32CEB819B5D78953 - -vQnkfeICkS2/gIEv1zrJ+WaUOeRvKfUUFM6uH4/xm5Abp4DqGlkCvwb4u9dZuRUj -arlvgRc0e0CoBuQ/3gmBDlmQp+4ByiypERku8MAxsUV6LEmv2f1YfhecQSntDoJH -fNOXna8caCy4W1xhmsYgWYSVS98QkNXdLjBjLJ4/MrwzdR2SMqAzyg6eNwhWAMe1 -aUh/M9JYB04sfRUtqD67oeyBfHVhDd9kByXuRYWyNE0SW5wlmVehhnEb/YHREKHr -yOa3eRGtA4MHi7NXww4NBzOG10N9Ajq55ouMKnejFroCpevC332ijBzjTI+fo4SX -hegNDXzAIqRueGZlmBzHjkTzA8tEPM1dsbviJ5BYO3iZgWE8J1rIBx51HOZmlREC -3EWflJPhd666BnBepODMBXldkmfcfxhZxuoOrrXer+NZCsXE0z0DOLsNARR/7JvW -Ie81eQijvkur1QJO63SwT0kNm5IMJZr2Ul0QLysvjY2G/nV0bzHb8KsWqNoUPNvJ -lBUGQ2yvpeVRNR9CMm39U/CcnkLOl+z2oLUC86TdodaY6FEBmIBaakZ1rHkANWK4 -HMcN0FgdGbcRLg5PHji84g4tT+SOZa1hWEC4PC7lmRxAZP+o8Pe0tpiJzIbLPTRb -3rvnEEG3IawMIGcoUGcgIUPvHH93EMpDrflVYdXmvapzST3U8xBDzpkXZRof7APG -qAFsEB4psQEDG6KmOJ245aVWN0SBjHTLlIhUTx+m7OYl34MDoyv6Yk12i9PpKQN5 -W++QayfkJzQpV4EsR08UO615+XYCzMhCU3eozH+P39RF58rYnMLv9owjx1wL0z5R ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/data/pkinit.crt b/crypto/heimdal/lib/hx509/data/pkinit.crt deleted file mode 100644 index e8d485e616d5..000000000000 --- a/crypto/heimdal/lib/hx509/data/pkinit.crt +++ /dev/null @@ -1,56 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 6 (0x6) - Signature Algorithm: sha1WithRSAEncryption - Issuer: CN=hx509 Test Root CA, C=SE - Validity - Not Before: Nov 15 06:58:57 2007 GMT - Not After : Nov 12 06:58:57 2017 GMT - Subject: C=SE, CN=pkinit - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:a3:44:b1:8a:42:9d:d0:3f:30:de:e8:66:42:c1: - f1:c9:98:8f:d2:bd:eb:59:67:3d:5e:0e:35:ca:3b: - b8:91:b0:fc:e5:22:3a:2d:62:81:56:bb:51:77:60: - ac:83:43:75:87:ce:f1:f6:bd:ab:f2:07:c5:8d:d5: - b8:56:9e:8e:45:93:bd:c6:ac:5d:20:3e:cb:14:e8: - 10:07:b9:5e:07:ac:56:13:48:1b:84:c7:30:62:f4: - e4:19:67:b5:1b:3a:ac:af:0b:92:e2:00:90:2f:81: - 75:b6:63:3f:43:a5:e9:76:ee:33:75:74:b2:76:5d: - a5:76:f2:f9:30:68:ec:e8:47 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Key Usage: - Digital Signature, Non Repudiation, Key Encipherment - X509v3 Subject Key Identifier: - 66:BB:EC:4F:F0:52:7E:D1:F4:F4:F9:CD:E9:B6:C7:C4:FC:2A:2F:4F - X509v3 Subject Alternative Name: - othername: - Signature Algorithm: sha1WithRSAEncryption - 1f:bd:87:72:d7:85:93:f9:96:97:6f:25:2f:89:1f:09:64:ff: - da:44:92:d0:59:6e:4f:cf:29:d7:5a:78:64:40:1c:3d:a5:80: - e9:b9:92:85:44:2e:25:ab:5c:8d:35:4b:5b:47:c6:79:61:cf: - b9:75:55:0b:20:6a:ad:ec:f5:0f:47:1e:e7:72:b0:b6:61:0f: - d6:84:e3:e4:29:05:4d:d1:7c:7b:a6:7b:6f:b2:af:9a:6b:dd: - 81:ae:5d:c1:7b:74:11:86:18:2e:38:eb:ed:33:03:f6:05:4b: - ec:d7:7d:53:6c:71:01:86:fb:fb:63:dd:5b:cb:10:85:96:f2: - 43:43 ------BEGIN CERTIFICATE----- -MIICMTCCAZqgAwIBAgIBBjANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw -OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA3MTExNTA2NTg1N1oXDTE3 -MTExMjA2NTg1N1owHjELMAkGA1UEBhMCU0UxDzANBgNVBAMMBnBraW5pdDCBnzAN -BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo0SxikKd0D8w3uhmQsHxyZiP0r3rWWc9 -Xg41yju4kbD85SI6LWKBVrtRd2Csg0N1h87x9r2r8gfFjdW4Vp6ORZO9xqxdID7L -FOgQB7leB6xWE0gbhMcwYvTkGWe1GzqsrwuS4gCQL4F1tmM/Q6Xpdu4zdXSydl2l -dvL5MGjs6EcCAwEAAaNzMHEwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYDVR0O -BBYEFGa77E/wUn7R9PT5zem2x8T8Ki9PMDgGA1UdEQQxMC+gLQYGKwYBBQICoCMw -IaANGwtURVNULkg1TC5TRaEQMA6gAwIBAaEHMAUbA2JhcjANBgkqhkiG9w0BAQUF -AAOBgQAfvYdy14WT+ZaXbyUviR8JZP/aRJLQWW5PzynXWnhkQBw9pYDpuZKFRC4l -q1yNNUtbR8Z5Yc+5dVULIGqt7PUPRx7ncrC2YQ/WhOPkKQVN0Xx7pntvsq+aa92B -rl3Be3QRhhguOOvtMwP2BUvs131TbHEBhvv7Y91byxCFlvJDQw== ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/pkinit.key b/crypto/heimdal/lib/hx509/data/pkinit.key deleted file mode 100644 index 12b41689a2dd..000000000000 --- a/crypto/heimdal/lib/hx509/data/pkinit.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQCjRLGKQp3QPzDe6GZCwfHJmI/SvetZZz1eDjXKO7iRsPzlIjot -YoFWu1F3YKyDQ3WHzvH2vavyB8WN1bhWno5Fk73GrF0gPssU6BAHuV4HrFYTSBuE -xzBi9OQZZ7UbOqyvC5LiAJAvgXW2Yz9Dpel27jN1dLJ2XaV28vkwaOzoRwIDAQAB -AoGAQTAxTwnwJvDEG4xhIDB90MdITZWk/YpaF07HLVsRA6LOJtK2td5J1A5wpaCE -4NgzeikntSPgHn/54fq+Yl9mYEAM1Uv6SimudiKe3Qk0M+bS4m/SMMlmV0eFjEh6 -ZG4NNRZmmzoaQbUiVa27fZ6362xtFGbGXJ8BjxOoTeaRn6kCQQDUwJafoKPN2dsq -ewSCjGQhVGezw12ho2eaxj7VyNWU7V4LW2LdLClbXovSnpQ7bgHEopx1e97G2du7 -1ak3BxejAkEAxHUCpbFSbBBoIdnt+VGS/8hCWl8/6YniOFOk9Qp22moaNVVZYyTT -Xpu45FeDKfm/xDwvPP9If0PDoM38tBvHDQJBAMTcmAOI/0lhRv1d62RpR9XXZkXe -huskap+6xTXIqmkt4xGbNDX3wST8rWDsv7jmJ9itpxzGy/Mwb7S1FekHNQUCQDDw -jTZFlCjDdY1pQrUnMx1w/8aPj9ZXuPkbLS616qHCaMD8gAYIuHcLB+YqPsyIINN7 -wrDJT4AUm3lFlzwu50kCQELkMFUM6rb9q/cOUQxsf023nPbObm3xJ0X4FtVhXuGi -oUAOklX1xDLSqvWySOrTXfvfF4c3qCw9DAoDtKpbCgk= ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/data/proxy-level-test.crt b/crypto/heimdal/lib/hx509/data/proxy-level-test.crt deleted file mode 100644 index 0cab380563d9..000000000000 --- a/crypto/heimdal/lib/hx509/data/proxy-level-test.crt +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICUDCCAbmgAwIBAgIJAKfbLM8p28MgMA0GCSqGSIb3DQEBBQUAMDExCzAJBgNV -BAYTAlNFMRIwEAYDVQQDDAlUZXN0IGNlcnQxDjAMBgNVBAMMBXByb3h5MB4XDTA3 -MTExNTA2NTg1OVoXDTE3MTExMjA2NTg1OVowQTELMAkGA1UEBhMCU0UxEjAQBgNV -BAMMCVRlc3QgY2VydDEOMAwGA1UEAwwFcHJveHkxDjAMBgNVBAMMBWNoaWxkMIGf -MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0hrvRoael03J8Y5gvtDMq0ZGm5ZZM -OGOhTtMnNlCpA/OKEpwMPIxiWr625wFwD7YUupvUZ7qLodf5yTN1wkbpVD2NbAUa -klBRKHZm+UCJ8L6X4MgahNy+Y1uj6m14a50B9GtCi+RspP7p9pNKx9hnA8+dRs6Q -9oZgim2zMwvVBQIDAQABo2AwXjAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAdBgNV -HQ4EFgQUQGqZ5v4NSB5Iwo17DynPRufgbF0wJQYIKwYBBQUHAQ4BAf8EFjAUAgEA -MA8GCCsGAQUFBxUABANmb28wDQYJKoZIhvcNAQEFBQADgYEAxQjN9RrCdZHhGAyS -y3/1EAyWIvmz8wKW0q4kSfNV7DAcUCKmQQ45oCEVnyTEbP8ltdIaHyIK1ujxKQC1 -QLDzjHkBBQGBrCH+gyIdpT9OZu2gT8f2j4u01YwbjLTcU2yEXVkkH18SZiawq2DF -ETkEd/u6TKzhpwFPuZPKUeFexPA= ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/proxy-level-test.key b/crypto/heimdal/lib/hx509/data/proxy-level-test.key deleted file mode 100644 index c697b1b64992..000000000000 --- a/crypto/heimdal/lib/hx509/data/proxy-level-test.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQC0hrvRoael03J8Y5gvtDMq0ZGm5ZZMOGOhTtMnNlCpA/OKEpwM -PIxiWr625wFwD7YUupvUZ7qLodf5yTN1wkbpVD2NbAUaklBRKHZm+UCJ8L6X4Mga -hNy+Y1uj6m14a50B9GtCi+RspP7p9pNKx9hnA8+dRs6Q9oZgim2zMwvVBQIDAQAB -AoGBAI7cPM/1ZK1W+rezPSErMn7FH8V61Ij26ukhbvoOAqDuLpFqjrEkTVgcReaK -QtoCpO4ciur5N2f+qOLUNXQQTXpMN+nRxkKxLMhG99Hej+vmzPjMdimEtTJiRfKF -KU4rKUOCPdmu9fMe/kniOKbDmq1FFP+SqCU4hRiZZv0GMdDhAkEA8I6Du8UvTZ8I -04o05s/BlMiErASTZgq27UM6rWl2FNy5Av2suayBW7xJczdGEtbT982KwQmk0Mg9 -Hj5pWi5MDQJBAMAdorBVTMD4iFvfRhN6aSD3PzG/fsEexRuxvx2iBrrMZQ+6mS26 -8myNHPMASAiwt5H2T7Y/dNMB64iod5gFVtkCQDMJ+ddQKg4tDQFdFIZYVDlOJiAd -RGzlHxTOK9f5RU19219QFWK7wCKHm4nvk1WR8R1lpef5NNf7dERDd7Tjl80CQAx6 -oFO15rtuKWVWVnXzcJq8lLVFjBU9S25mGFTzbl554mKoK0UGLLMSY3wBW6x81h+8 -ESd0bcE7EbKZxtLwHdkCQQDYB5HxhlPZdquY+yg7vqxUF9Lf6+smlVv3PjfhXztg -2aV717UGinyqZgcn2J+ADWocRI3JnOhU0lswsGc+oVXp ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/data/proxy-test.crt b/crypto/heimdal/lib/hx509/data/proxy-test.crt deleted file mode 100644 index d0d3135a58e0..000000000000 --- a/crypto/heimdal/lib/hx509/data/proxy-test.crt +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICMDCCAZmgAwIBAgIJAI8UaHGQmUvNMA0GCSqGSIb3DQEBBQUAMCExCzAJBgNV -BAYTAlNFMRIwEAYDVQQDDAlUZXN0IGNlcnQwHhcNMDcxMTE1MDY1ODU5WhcNMTcx -MTEyMDY1ODU5WjAxMQswCQYDVQQGEwJTRTESMBAGA1UEAwwJVGVzdCBjZXJ0MQ4w -DAYDVQQDDAVwcm94eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzeKelgMO -dEHFmfEANkv6k+HkOduzT2It++ma7Kg+6+eOWpBqWcY3AOEbSE2UJM6H+StDhNNS -cldPd3LoZayywckvgD3/NZjB9drsxF9GGClHew+fKjiekjNR3aUuAjysJYfr9AYd -E6AFft2qKphuPKlEjPDeOZ4RpjvQOgFRB28CAwEAAaNgMF4wCQYDVR0TBAIwADAL -BgNVHQ8EBAMCBeAwHQYDVR0OBBYEFOGuL3xdInqdArsxly/BbLmYbzDTMCUGCCsG -AQUFBwEOAQH/BBYwFAIBADAPBggrBgEFBQcVAAQDZm9vMA0GCSqGSIb3DQEBBQUA -A4GBADOZurVQ/lXeLADFOZbTmbRt0Nv3aPHniG1yovlSDEuNjMczeRMMIsef+jpJ -4Z0rt65i3qpX3uXZdCgGtIbusIlM7fBLCRI5vJ27jqs2PnCvodWO05e/aL3XxRwr -42wDWTioZuGm8Sz4hpHv74Fz/7PgvZPMFSo15ujdOTWMXj08 ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/proxy-test.key b/crypto/heimdal/lib/hx509/data/proxy-test.key deleted file mode 100644 index 93b609b75164..000000000000 --- a/crypto/heimdal/lib/hx509/data/proxy-test.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQDN4p6WAw50QcWZ8QA2S/qT4eQ527NPYi376ZrsqD7r545akGpZ -xjcA4RtITZQkzof5K0OE01JyV093cuhlrLLByS+APf81mMH12uzEX0YYKUd7D58q -OJ6SM1HdpS4CPKwlh+v0Bh0ToAV+3aoqmG48qUSM8N45nhGmO9A6AVEHbwIDAQAB -AoGAaAv+2RDyXQ5gLkv9L3N2TwX5sMO2+odDdeu4v6DHK7D54ArbtELXyTn577BF -DdTSIroahSXGpMI7BsKrb7a3Hw+lnbEsag0a71yMM+E/zN9e0BgZwb7ZpeezVG2O -kaXCuVPQlmDys8UH001FWP/XxqhLfCjy25ynaXi990k0AwECQQDwI64IquGE0OCO -bI15Z+qLM5aRQgkNPokU7bZ1oSp9Ctx0pI9IzN6DcXe1QcXBDUJrZ0medNmNjqkG -KPkiAieDAkEA23vDr6+iiSTOIUAGj+NDY9ydk48j8oWYUeQPL8Y7hJrckJrqqfNL -MGZUKnF/RFPRbfS543xiqlXs4j3C61cwpQJAS9DH+l6Q8tDLhMvK4sCnMSmpaNTz -bKYIu33NdFfcxTuvnHfz8OUVf2RMigJo/+lCxgwHFysHIIUg4hv/g/gwJwJBAIfx -UHMwxetL8KCHl4jnqoXfz3nl3s4IESAnsYBVt+eaQ6MNUOuS1a9UsizXv4wCnmUM -f1Z3ZGU8c0xuFJzPlEECQAs9UM+v0WxhUY8iVltgaLxGP282Mg+p+pIoqXbn8Mt7 -gOomlisP+s0Hh+c+YFPIAaAeH6j7n4AxydI0Z9fKIZA= ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/data/proxy10-child-child-test.crt b/crypto/heimdal/lib/hx509/data/proxy10-child-child-test.crt deleted file mode 100644 index 95abe018b128..000000000000 --- a/crypto/heimdal/lib/hx509/data/proxy10-child-child-test.crt +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICdDCCAd2gAwIBAgIJAN27BSQHOOO6MA0GCSqGSIb3DQEBBQUAMEMxCzAJBgNV -BAYTAlNFMRIwEAYDVQQDDAlUZXN0IGNlcnQxEDAOBgNVBAMMB3Byb3h5MTAxDjAM -BgNVBAMMBWNoaWxkMB4XDTA3MTExNTA2NTkwMFoXDTE3MTExMjA2NTkwMFowUzEL -MAkGA1UEBhMCU0UxEjAQBgNVBAMMCVRlc3QgY2VydDEQMA4GA1UEAwwHcHJveHkx -MDEOMAwGA1UEAwwFY2hpbGQxDjAMBgNVBAMMBWNoaWxkMIGfMA0GCSqGSIb3DQEB -AQUAA4GNADCBiQKBgQCw3LymYPXq7FKF1yumUvZTEbyMNszUYmoaMXgfnOgu8TWR -Dwek7ome68yHYYkc4fj1jG2ugdQ+/LgpJ10c+lHa1MeE7QHbJu6tNhRcCgxnAtlV -JljkmB24Ne/UjQwVVT73rUrvaigby8Ai0ujDtPJDqfUQvh8lwEFFWuafq9Ms1wID -AQABo2AwXjAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAdBgNVHQ4EFgQUNBaggvaD -C/Amnb2M8g60WKxwGn0wJQYIKwYBBQUHAQ4BAf8EFjAUAgEKMA8GCCsGAQUFBxUA -BANmb28wDQYJKoZIhvcNAQEFBQADgYEAmT5WYZ6FM6ceyyxTKiusYLDPJ04D7dVk -VVMnu1q9dATMje/RKrncT0+KNEMdLWLpZgeHj4E2bi1507l3/zOUwOPpdI9MrvpY -Or6ssQ3sZAZI60ruZ91ml6cYt+rbE1F2J+y1CM0rW/wnAIT1v2vP2Wd7PrEm8RsM -QGbyuzcrAL4= ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/proxy10-child-child-test.key b/crypto/heimdal/lib/hx509/data/proxy10-child-child-test.key deleted file mode 100644 index 247f61653637..000000000000 --- a/crypto/heimdal/lib/hx509/data/proxy10-child-child-test.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQCw3LymYPXq7FKF1yumUvZTEbyMNszUYmoaMXgfnOgu8TWRDwek -7ome68yHYYkc4fj1jG2ugdQ+/LgpJ10c+lHa1MeE7QHbJu6tNhRcCgxnAtlVJljk -mB24Ne/UjQwVVT73rUrvaigby8Ai0ujDtPJDqfUQvh8lwEFFWuafq9Ms1wIDAQAB -AoGAHRo1cKtDzARXD+74H8ZHAiRJAkmCKvCGxQie25TWH+NRDS2L9HfL7XqfjSdf -iIEmlkElSzHR2wt6wkrX54zJKxMNayc88UfInQ03a4XwFzAksTf05zpdGPbkKohi -eeQcf3Raq+Swe4pTEwyEU8mDidM/rKJst+zMiE4UMeVGTQECQQDZPFrVTyJwGBcS -sxJly0zXmZ8tvvsxIuplwAvbfCWbhEEgeO3LAKjcpb5HVOLfTe8+2ZO00ALidVCH -N6/ae+iLAkEA0GwPxjlbKnL1VcpKdsegntACxlHD0TonvIEINKv9PiKzHIhQo8xJ -Rt/2aBRAOJn+zB3FJxfQ+o6vEUwvBfEKZQJBANHMLTlG9M5nJZlkogb3YZ3y+j0W -7cdVniRoZcsySau4/aDbyWO9nleCJpMDUxwwSzdasAD2x2JnxD7itA4AjuMCQQCP -a+0m8M0lVtowYPYA6rpCzs05/4YKckRp2Tj2Vev8WBB87+jd7nP2S6PaVyUiTgYi -G9JRZnguEwWxl4U8R3RpAkA5QpGHFhXNI2xA0ZKYH1tgmYfLBAAiVrIDKJddtOf/ -rKceL88RXsjnA6PTN9AdpnJ4sTToR3HDeEwAQrNHMC2M ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/data/proxy10-child-test.crt b/crypto/heimdal/lib/hx509/data/proxy10-child-test.crt deleted file mode 100644 index c45074102e17..000000000000 --- a/crypto/heimdal/lib/hx509/data/proxy10-child-test.crt +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICVDCCAb2gAwIBAgIJAITDCg/e+gWyMA0GCSqGSIb3DQEBBQUAMDMxCzAJBgNV -BAYTAlNFMRIwEAYDVQQDDAlUZXN0IGNlcnQxEDAOBgNVBAMMB3Byb3h5MTAwHhcN -MDcxMTE1MDY1OTAwWhcNMTcxMTEyMDY1OTAwWjBDMQswCQYDVQQGEwJTRTESMBAG -A1UEAwwJVGVzdCBjZXJ0MRAwDgYDVQQDDAdwcm94eTEwMQ4wDAYDVQQDDAVjaGls -ZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAroEn/MX0t84+NLivDSbN0y5r -ZRxaiTDYkmvbdvJuBryCCLkzUT+/eh3pEK52BODXZWD4oiEMJLubH/pz+/6eAb4T -ReAWft/wMFaOSZ37a7iLWr8vFaRfBjQREpEm0rCp7dPvWYrraRIIjMRJzAUwygXN -KSS4f5VZkMwNfT9wwE8CAwEAAaNgMF4wCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAw -HQYDVR0OBBYEFJrcQRDczQ1P+84ND71GVT99a/2mMCUGCCsGAQUFBwEOAQH/BBYw -FAIBCjAPBggrBgEFBQcVAAQDZm9vMA0GCSqGSIb3DQEBBQUAA4GBALIbzPSyUE5Q -4TWAUfATVsADj131V1Xe+HHgwXebWbnNCJIe3OyWoFqK3X5ATKzi6MzHzA+UngFK -KGl8m8Ogx9dYQKzP2LIw0GuvpMyc3azb/cvbWv3vmM55UEdBlqxSTFynqLdpJqtn -9dXq2wCNdUtbGEOpaRVOiZ0wjvpTB4wA ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/proxy10-child-test.key b/crypto/heimdal/lib/hx509/data/proxy10-child-test.key deleted file mode 100644 index 70cea5d344ae..000000000000 --- a/crypto/heimdal/lib/hx509/data/proxy10-child-test.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQCugSf8xfS3zj40uK8NJs3TLmtlHFqJMNiSa9t28m4GvIIIuTNR -P796HekQrnYE4NdlYPiiIQwku5sf+nP7/p4BvhNF4BZ+3/AwVo5JnftruItavy8V -pF8GNBESkSbSsKnt0+9ZiutpEgiMxEnMBTDKBc0pJLh/lVmQzA19P3DATwIDAQAB -AoGAaYkc+Odzd9IYluP2ojqMkiJpuu2p53yODgeC4+38EsDg14vB+GpYT+9U68zG -/W5JdjtuQwc/g9ueFnnuuUEkpyMIKDdAl00ZJQU5Vvz+ooZdxp/iYm3axkV2Gc2l -mbulzUxgpomflDd/B3RXO1jY4ZttpVHTNUvjm7DtypiqsAkCQQDgIIRBtSipM3F6 -GYKgnmsjK+19YxUdMbHS6fyfg0TDIrSrBi5EqyjgA4MzxfzimvfKCiV6SSqFnU3G -MIWDLh2dAkEAx1IaAAi+DmED08rarKRU2Ma7KRQWlxjXTp6c9OrbzuCJrqZgscxJ -vBjmHzbXCKumRZwqWgzM5mRxPVX6npyn2wJBALrWQIqqI3hRuzJnG78b8QJD91nE -hHBu4eeKSZ8MBgGJ6AR+RYnXCV8dbn11eifJufECXlW/sqPqC1DBWDuP8P0CQFxg -utglNSCo6gMw0ySMjR5jDL8/JjElPDSd4pTIfNNm0aj2R35f9hSNXao92m+UTl2Y -wTA3Gof1KV6KCLuWU10CQCeGYU3SFAy5QLVqR0B0u19wWyS8ZMl06DjOslmu7Zp+ -x1GxxFu1MNFvcKwmFeeYcNU1t9X0tC7EhUIaLQk2kqM= ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/data/proxy10-test.crt b/crypto/heimdal/lib/hx509/data/proxy10-test.crt deleted file mode 100644 index 331c3ea33aa6..000000000000 --- a/crypto/heimdal/lib/hx509/data/proxy10-test.crt +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICMjCCAZugAwIBAgIJAI8UaHGQmUvPMA0GCSqGSIb3DQEBBQUAMCExCzAJBgNV -BAYTAlNFMRIwEAYDVQQDDAlUZXN0IGNlcnQwHhcNMDcxMTE1MDY1OTAwWhcNMTcx -MTEyMDY1OTAwWjAzMQswCQYDVQQGEwJTRTESMBAGA1UEAwwJVGVzdCBjZXJ0MRAw -DgYDVQQDDAdwcm94eTEwMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDTeTGh -PIY39c75rcek77oZeDKnvO9zmsU2nlPnKpNsQ/QYEa610EeaRhB36lLhIS3aEtoG -LKgHeDF+jxasog3GNWZ7/EF5x5VwIbXo659ZbDwnT8c8ZJADEe1kfMuFgKd49l4y -PNCqN4LX2DdAh2HIb7x1iw7Fnu7s0Xnipgq0twIDAQABo2AwXjAJBgNVHRMEAjAA -MAsGA1UdDwQEAwIF4DAdBgNVHQ4EFgQUe24gc/gLyB6DW4gELVL3axuZTbkwJQYI -KwYBBQUHAQ4BAf8EFjAUAgEKMA8GCCsGAQUFBxUABANmb28wDQYJKoZIhvcNAQEF -BQADgYEABlvvmLwl6ZjaLdTGmxDD2eHN4/IbjYj1Vta2zQOKKA/W4qrkhmSNpy0x -+v9tqf2fumNSpspqF+g814pXbqSMuObHEE1IeUmiGwVPC7AMWVXd2skMdkjEqhLM -8qvDrPt+c5rGnnqM9AqrT/xDgXm7XnPLSFcrX/q8xVKVztskgEU= ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/proxy10-test.key b/crypto/heimdal/lib/hx509/data/proxy10-test.key deleted file mode 100644 index 3bc0b4582f1d..000000000000 --- a/crypto/heimdal/lib/hx509/data/proxy10-test.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXwIBAAKBgQDTeTGhPIY39c75rcek77oZeDKnvO9zmsU2nlPnKpNsQ/QYEa61 -0EeaRhB36lLhIS3aEtoGLKgHeDF+jxasog3GNWZ7/EF5x5VwIbXo659ZbDwnT8c8 -ZJADEe1kfMuFgKd49l4yPNCqN4LX2DdAh2HIb7x1iw7Fnu7s0Xnipgq0twIDAQAB -AoGBANDEIiSklXQFLFD8J81CBBxEtu007cbYkbx7zSS2uVb2NrDUM/+1IBrC9FsN -bshlctiIJ8hUqYTGOUZRh/bg/GpVOgTRAgaMBEBOYXra7r7TVcUUxpC8CzX9hevl -H42T6Ez6+Ednfg0RX6rZTiFeCNV3ADkguO07mlgSppiQJmlxAkEA/ICw/Ar/GtJH -/EK8jrbxzakNzFxtHUtVNwSALsiWZUfJWJgf7jDsl0XB8w/HhVDrdwfc+Aiexxc9 -SPJKKqdpswJBANZnBfxEucE1SWu9elvPNWIMYBXinfMvfnkSt81KH3AfObiUj93d -LCii1sF/x2aDeKJseFiUycy9xQXhQMF5vu0CQQCPECs24tQfUj1PBFDpW2YtbDdR -Lpz0GBa0EWy/FQ+BWucNt0OAJWAnZXK6UJpvQqXmzyG3tsqfat9iUUUMXcZZAkEA -vc+PePrPCMHIMl4ZCVa0iA00s6tg8n7FlSKBHnnUw0qhq0u64kyAX6lqPvyE57jU -/9bP5Hw0+9G1r7LvxVmnMQJBAMdphUdEYRlIZ0GTnIETDzjm3lge06cXzLvXFIps -nCANLV4OXJZVaTUrnDINLJVHu5d+Mx1pTw6GOF+v0+LjbF4= ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/data/revoke.crt b/crypto/heimdal/lib/hx509/data/revoke.crt deleted file mode 100644 index 0adcc2d1b4f7..000000000000 --- a/crypto/heimdal/lib/hx509/data/revoke.crt +++ /dev/null @@ -1,53 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 3 (0x3) - Signature Algorithm: sha1WithRSAEncryption - Issuer: CN=hx509 Test Root CA, C=SE - Validity - Not Before: Nov 15 06:58:56 2007 GMT - Not After : Nov 12 06:58:56 2017 GMT - Subject: C=SE, CN=Revoke cert - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:b3:24:de:14:fc:b6:80:e2:34:59:81:1f:ec:cb: - 00:21:75:e5:34:88:09:5e:5e:8e:f8:91:6b:ab:09: - 34:f8:6c:69:14:00:c5:47:f2:d7:de:a0:32:00:02: - 63:79:3c:14:1a:a9:4d:d1:1d:c0:fc:a7:50:72:26: - 96:53:d1:9f:a9:5f:f4:82:4d:4b:17:3b:fe:14:60: - 42:94:22:93:3e:c5:14:97:c8:a3:6a:8e:bd:90:03: - 22:12:9e:41:ca:a5:de:4f:57:f4:bf:f1:9e:f8:63: - 4f:c0:9e:c8:3c:e1:8b:89:60:3a:2b:5c:a7:b7:6e: - a0:48:34:49:58:61:a0:34:6d - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Key Usage: - Digital Signature, Non Repudiation, Key Encipherment - X509v3 Subject Key Identifier: - F3:E2:96:20:28:53:21:92:67:A8:5C:B5:2C:7E:87:CF:7A:07:3D:84 - Signature Algorithm: sha1WithRSAEncryption - 90:39:f3:a6:fe:92:b9:92:4c:75:58:b2:51:36:11:07:f5:a2: - 71:dc:90:d7:2b:b5:bc:37:c8:30:4f:a4:6b:41:11:63:3e:53: - 42:ae:6f:59:7d:f8:b0:59:01:2f:50:4f:2d:21:7e:6a:58:bd: - 74:f1:69:c5:62:3d:8f:fa:1a:c8:7e:a4:30:dc:01:8b:c9:f8: - 77:44:5c:d3:a4:ab:9a:50:cc:45:d0:65:00:5c:fe:d3:b5:a3: - 7a:f1:b1:5c:25:0f:06:16:5f:cf:e2:5d:0b:87:c0:fe:14:b8: - 0a:10:17:55:34:15:4d:44:6b:60:80:6e:af:7b:81:30:47:5c: - f3:fe ------BEGIN CERTIFICATE----- -MIIB/DCCAWWgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw -OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA3MTExNTA2NTg1NloXDTE3 -MTExMjA2NTg1NlowIzELMAkGA1UEBhMCU0UxFDASBgNVBAMMC1Jldm9rZSBjZXJ0 -MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCzJN4U/LaA4jRZgR/sywAhdeU0 -iAleXo74kWurCTT4bGkUAMVH8tfeoDIAAmN5PBQaqU3RHcD8p1ByJpZT0Z+pX/SC -TUsXO/4UYEKUIpM+xRSXyKNqjr2QAyISnkHKpd5PV/S/8Z74Y0/Ansg84YuJYDor -XKe3bqBINElYYaA0bQIDAQABozkwNzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAd -BgNVHQ4EFgQU8+KWIChTIZJnqFy1LH6Hz3oHPYQwDQYJKoZIhvcNAQEFBQADgYEA -kDnzpv6SuZJMdViyUTYRB/WicdyQ1yu1vDfIME+ka0ERYz5TQq5vWX34sFkBL1BP -LSF+ali9dPFpxWI9j/oayH6kMNwBi8n4d0Rc06SrmlDMRdBlAFz+07WjevGxXCUP -BhZfz+JdC4fA/hS4ChAXVTQVTURrYIBur3uBMEdc8/4= ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/revoke.key b/crypto/heimdal/lib/hx509/data/revoke.key deleted file mode 100644 index a4c68aed196a..000000000000 --- a/crypto/heimdal/lib/hx509/data/revoke.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQCzJN4U/LaA4jRZgR/sywAhdeU0iAleXo74kWurCTT4bGkUAMVH -8tfeoDIAAmN5PBQaqU3RHcD8p1ByJpZT0Z+pX/SCTUsXO/4UYEKUIpM+xRSXyKNq -jr2QAyISnkHKpd5PV/S/8Z74Y0/Ansg84YuJYDorXKe3bqBINElYYaA0bQIDAQAB -AoGAIDHl/5uTKQJ+Kf+8vw+UjG7lrFUuadlQlHd+BBT5ghPppoCk89M+3HGpyrqj -KeyUKF5477YLMtzW5kztA09PBBJvMjSm92dI2uCYfipkIWZZUlq64AStI15pgeVd -cH61hxOUCm47tqhtkaO11DnKkoJBXaAVIe2ySG2sIZQH+gECQQDjhMdCWkaO+HUe -utqKJCq6pUkwSelgLEINDVoRVgJ+qUHb0nN06DmPfcfxwqfgP/vS6baKkGIBCiZJ -n9Kfd23BAkEAyZHXY5iGSq9qc2ern0CcyitNozvtm6eEZYVvJxVMsVBQRo23EmGF -68SJlHjpY+nHyPWEkbG99R/CMdr3FV9JrQJBAOG/hoKk1mvXxUYXeu4kkq0dgXBD -diex4lvXCq423ETXJny55UtzfGGPGUwdq7rLYc/VjAUS29tSOclFppQJyUECQQDA -J7P5UhHTaN5GHfJR4rqVUCq3Dg45cLyaO1X3ICr4bePZHogDkcylMbsmOw3jHZ5D -SSqT6al44Em0VVVunmQRAkBUAQzHGGJnMKI9ZSdD3J6scWCVIjHVgaehYe9a8DlK -DeZ4KYGG0+1aUdkqeYE8c6Qqp+pdjPmRMdooww6y+Xk1 ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/data/sf-class2-root.pem b/crypto/heimdal/lib/hx509/data/sf-class2-root.pem deleted file mode 100644 index d552e65dddb9..000000000000 --- a/crypto/heimdal/lib/hx509/data/sf-class2-root.pem +++ /dev/null @@ -1,24 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl -MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp -U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQw -NjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBoMQswCQYDVQQGEwJVUzElMCMGA1UE -ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZp -ZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqGSIb3 -DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf -8MOh2tTYbitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN -+lq2cwQlZut3f+dZxkqZJRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0 -X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVmepsZGD3/cVE8MC5fvj13c7JdBmzDI1aa -K4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSNF4Azbl5KXZnJHoe0nRrA -1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HFMIHCMB0G -A1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fR -zt0fhvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0 -YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBD -bGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8w -DQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGsafPzWdqbAYcaT1epoXkJKtv3 -L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLMPUxA2IGvd56D -eruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl -xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp -VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY -WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q= ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/static-file b/crypto/heimdal/lib/hx509/data/static-file deleted file mode 100644 index 2216857ccca5..000000000000 --- a/crypto/heimdal/lib/hx509/data/static-file +++ /dev/null @@ -1,84 +0,0 @@ -This is a static file don't change the content, it is used in the test - -#!/bin/sh -# -# Copyright (c) 2005 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# - -srcdir="@srcdir@" - -echo "try printing" -./hxtool print \ - --pass=PASS:foobar \ - PKCS12:$srcdir/data/test.p12 || exit 1 - -echo "make sure entry is found (friendlyname)" -./hxtool query \ - --pass=PASS:foobar \ - --friendlyname=friendlyname-test \ - PKCS12:$srcdir/data/test.p12 || exit 1 - -echo "make sure entry is not found (friendlyname)" -./hxtool query \ - --pass=PASS:foobar \ - --friendlyname=friendlyname-test-not \ - PKCS12:$srcdir/data/test.p12 && exit 1 - -echo "check for ca cert (friendlyname)" -./hxtool query \ - --pass=PASS:foobar \ - --friendlyname=ca \ - PKCS12:$srcdir/data/test.p12 || exit 1 - -echo "make sure entry is not found (friendlyname)" -./hxtool query \ - --pass=PASS:foobar \ - --friendlyname=friendlyname-test \ - PKCS12:$srcdir/data/sub-cert.p12 && exit 1 - -echo "make sure entry is found (friendlyname|private key)" -./hxtool query \ - --pass=PASS:foobar \ - --friendlyname=friendlyname-test \ - --private-key \ - PKCS12:$srcdir/data/test.p12 || exit 1 - -echo "make sure entry is not found (friendlyname|private key)" -./hxtool query \ - --pass=PASS:foobar \ - --friendlyname=ca \ - --private-key \ - PKCS12:$srcdir/data/test.p12 && exit 1 - -exit 0 - diff --git a/crypto/heimdal/lib/hx509/data/sub-ca.crt b/crypto/heimdal/lib/hx509/data/sub-ca.crt deleted file mode 100644 index 6cb485ab1883..000000000000 --- a/crypto/heimdal/lib/hx509/data/sub-ca.crt +++ /dev/null @@ -1,60 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 9 (0x9) - Signature Algorithm: sha1WithRSAEncryption - Issuer: CN=hx509 Test Root CA, C=SE - Validity - Not Before: Nov 15 06:58:59 2007 GMT - Not After : Nov 12 06:58:59 2017 GMT - Subject: C=SE, CN=Sub CA - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:f3:ab:db:06:fa:f9:a1:84:35:a6:fb:a4:a9:39: - 5f:54:10:a2:a4:3f:1a:ae:2c:7e:bd:dd:aa:63:4a: - 7a:62:99:07:25:af:eb:62:b4:20:93:67:46:59:b4: - 30:85:81:24:41:9d:49:97:fb:a3:ce:74:61:f7:ff: - d5:9e:b1:9b:d3:5a:8b:59:51:76:99:69:2a:73:02: - e9:2d:39:3f:21:b8:2f:f1:af:91:1f:f1:c3:e3:4d: - c0:e4:87:95:df:e7:d2:e7:27:a6:cd:c4:cf:97:e6: - b8:24:31:d1:66:d3:af:f8:06:8b:9c:81:bf:66:54: - 53:08:0a:ee:15:71:b2:a5:a5 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - 36:04:CF:AD:8B:30:E2:5D:C0:43:8C:09:0B:4D:50:7B:1F:39:41:17 - X509v3 Authority Key Identifier: - keyid:8C:E7:0D:B5:C5:DE:69:85:75:2C:08:A1:DE:53:15:30:9C:A1:E8:00 - DirName:/CN=hx509 Test Root CA/C=SE - serial:B7:94:5E:85:B2:19:80:58 - - X509v3 Basic Constraints: - CA:TRUE - X509v3 Key Usage: - Digital Signature, Non Repudiation, Key Encipherment, Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 5b:f9:bb:2c:d2:d6:4d:bb:20:b1:05:fc:67:45:de:9c:5e:83: - 35:24:9a:f6:33:bc:3d:ca:27:dc:be:3c:cb:c6:d7:c5:b4:d3: - 9e:c4:c2:60:4d:dc:21:2c:f4:88:ec:dd:41:37:58:63:45:d6: - 9b:32:7d:f8:e0:d1:41:0f:f3:30:20:7d:15:af:49:15:2b:cb: - db:fe:90:6e:db:84:fa:92:a3:ac:83:25:5a:ab:49:7a:1e:2b: - dc:c9:74:7b:9f:2b:62:a9:6f:ef:b9:89:72:4b:ea:02:5a:27: - 93:b7:9d:fd:e2:a3:73:04:52:d0:98:5a:a3:23:f5:02:56:b6: - c6:8f ------BEGIN CERTIFICATE----- -MIICWDCCAcGgAwIBAgIBCTANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw -OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA3MTExNTA2NTg1OVoXDTE3 -MTExMjA2NTg1OVowHjELMAkGA1UEBhMCU0UxDzANBgNVBAMMBlN1YiBDQTCBnzAN -BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA86vbBvr5oYQ1pvukqTlfVBCipD8arix+ -vd2qY0p6YpkHJa/rYrQgk2dGWbQwhYEkQZ1Jl/ujznRh9//VnrGb01qLWVF2mWkq -cwLpLTk/Ibgv8a+RH/HD403A5IeV3+fS5yemzcTPl+a4JDHRZtOv+AaLnIG/ZlRT -CAruFXGypaUCAwEAAaOBmTCBljAdBgNVHQ4EFgQUNgTPrYsw4l3AQ4wJC01Qex85 -QRcwWgYDVR0jBFMwUYAUjOcNtcXeaYV1LAih3lMVMJyh6AChLqQsMCoxGzAZBgNV -BAMMEmh4NTA5IFRlc3QgUm9vdCBDQTELMAkGA1UEBhMCU0WCCQC3lF6FshmAWDAM -BgNVHRMEBTADAQH/MAsGA1UdDwQEAwIB5jANBgkqhkiG9w0BAQUFAAOBgQBb+bss -0tZNuyCxBfxnRd6cXoM1JJr2M7w9yifcvjzLxtfFtNOexMJgTdwhLPSI7N1BN1hj -RdabMn344NFBD/MwIH0Vr0kVK8vb/pBu24T6kqOsgyVaq0l6HivcyXR7nytiqW/v -uYlyS+oCWieTt5394qNzBFLQmFqjI/UCVrbGjw== ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/sub-ca.key b/crypto/heimdal/lib/hx509/data/sub-ca.key deleted file mode 100644 index 070d21d00afd..000000000000 --- a/crypto/heimdal/lib/hx509/data/sub-ca.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQDzq9sG+vmhhDWm+6SpOV9UEKKkPxquLH693apjSnpimQclr+ti -tCCTZ0ZZtDCFgSRBnUmX+6POdGH3/9WesZvTWotZUXaZaSpzAuktOT8huC/xr5Ef -8cPjTcDkh5Xf59LnJ6bNxM+X5rgkMdFm06/4Boucgb9mVFMICu4VcbKlpQIDAQAB -AoGBAIoiQmgSnrERYdjnjtDf1Uqyo4C4xUc3siGwJ4diET8TwRl8QNQTiOQHB7qS -i28jZopLwAyIerPvBhqwzUjJJqvu1z+5/MjwBJ/aonmJjJ9e3nqk/KE658xGg5E8 -V64DYRif0YboZEYJo5yzU9UEdEPI4zTyhFlR21TmOZkidnwBAkEA/IIRCcGs/FNR -q9tEW8ARK1DEeerXhoV9Xye9xYb5UNyH4f6J31NdkvYOMA4F0+0lKecaKmPtKsu7 -gQrFZYwt/QJBAPcKgUVOJox/s/o1PXRGjifl1haehcawWNLtN/UnFZcUKslyMkxh -qyCJJ0SuX7quQqy+++hFj/DwNdECaFRd0skCQBocdRiWL4Y0M3jbBrmaJexdwMN+ -tmTRvwItAOHBMFzdQSvsf2NZoo6E5Tiw6odcuYAYxsrlZGwNf0k7zOfQVB0CQQDy -GWdqZhY9JoFYuYhKRULXMtTGQgBUIUpLG5L1O6Ja9rafyLwmQqkUL5U+J61FI7XP -2TLCBDn2I1J6TGO2GmSRAkAIFsFpkrq4q+lbJ3Vr3UpfhRJsTVOD5SgZx1umn63l -jEz5/r4HCg/Q0/yiPiYaTHutfnsChg3/AfbmWcA6j4NU ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/data/sub-cert.crt b/crypto/heimdal/lib/hx509/data/sub-cert.crt deleted file mode 100644 index fe23a373a1f0..000000000000 --- a/crypto/heimdal/lib/hx509/data/sub-cert.crt +++ /dev/null @@ -1,53 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 10 (0xa) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=SE, CN=Sub CA - Validity - Not Before: Nov 15 06:58:59 2007 GMT - Not After : Nov 12 06:58:59 2017 GMT - Subject: C=SE, CN=Test sub cert - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:da:41:57:e1:62:23:1b:bf:ac:1c:a9:06:c8:98: - 77:38:dc:33:a3:03:c0:02:6d:d8:6d:68:95:b1:ea: - 60:c0:c2:96:23:34:91:fb:32:44:44:cd:72:40:5b: - a3:cf:57:94:3c:8d:a9:30:11:73:61:15:17:10:a6: - 17:7d:9d:27:f0:58:23:ee:a4:83:3c:b1:0f:20:0c: - a4:3d:01:ef:de:93:cb:b5:02:c1:1e:b4:54:35:6a: - 8f:55:7b:5d:76:0a:f9:6d:b1:31:25:4c:fb:e2:d6: - 6e:94:e9:8a:c4:cc:4e:28:6b:bd:4c:80:85:2c:87: - eb:31:88:6d:27:2a:d3:df:1f - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Key Usage: - Digital Signature, Non Repudiation, Key Encipherment - X509v3 Subject Key Identifier: - D3:5F:89:9B:31:E6:2A:E0:C6:64:27:9F:A4:E5:42:8C:70:99:96:25 - Signature Algorithm: sha1WithRSAEncryption - 34:f9:9f:c5:6f:44:55:6a:15:8f:51:ab:c1:44:18:0e:eb:9a: - d0:c4:64:ce:ab:24:2b:77:82:f3:88:e3:9e:1f:9c:8d:28:a6: - be:3d:d5:3e:5e:95:01:c8:b9:d4:e2:b5:17:06:1d:10:0b:a5: - 64:29:d9:45:b0:fd:16:ec:5d:3c:3f:58:55:25:90:d0:e4:4f: - 3f:9f:9c:5f:d5:1e:0c:73:a5:1a:7c:71:10:b5:a3:d5:fb:0f: - d3:de:fc:9a:06:bc:0b:8c:72:eb:bc:fc:d1:47:87:68:44:25: - 25:ab:51:e9:af:d8:9e:1b:04:f2:1c:4f:4c:27:a0:87:11:4a: - 69:67 ------BEGIN CERTIFICATE----- -MIIB8jCCAVugAwIBAgIBCjANBgkqhkiG9w0BAQUFADAeMQswCQYDVQQGEwJTRTEP -MA0GA1UEAwwGU3ViIENBMB4XDTA3MTExNTA2NTg1OVoXDTE3MTExMjA2NTg1OVow -JTELMAkGA1UEBhMCU0UxFjAUBgNVBAMMDVRlc3Qgc3ViIGNlcnQwgZ8wDQYJKoZI -hvcNAQEBBQADgY0AMIGJAoGBANpBV+FiIxu/rBypBsiYdzjcM6MDwAJt2G1olbHq -YMDCliM0kfsyRETNckBbo89XlDyNqTARc2EVFxCmF32dJ/BYI+6kgzyxDyAMpD0B -796Ty7UCwR60VDVqj1V7XXYK+W2xMSVM++LWbpTpisTMTihrvUyAhSyH6zGIbScq -098fAgMBAAGjOTA3MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTT -X4mbMeYq4MZkJ5+k5UKMcJmWJTANBgkqhkiG9w0BAQUFAAOBgQA0+Z/Fb0RVahWP -UavBRBgO65rQxGTOqyQrd4LziOOeH5yNKKa+PdU+XpUByLnU4rUXBh0QC6VkKdlF -sP0W7F08P1hVJZDQ5E8/n5xf1R4Mc6UafHEQtaPV+w/T3vyaBrwLjHLrvPzRR4do -RCUlq1Hpr9ieGwTyHE9MJ6CHEUppZw== ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/sub-cert.key b/crypto/heimdal/lib/hx509/data/sub-cert.key deleted file mode 100644 index b9faa56eb2e9..000000000000 --- a/crypto/heimdal/lib/hx509/data/sub-cert.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQDaQVfhYiMbv6wcqQbImHc43DOjA8ACbdhtaJWx6mDAwpYjNJH7 -MkREzXJAW6PPV5Q8jakwEXNhFRcQphd9nSfwWCPupIM8sQ8gDKQ9Ae/ek8u1AsEe -tFQ1ao9Ve112CvltsTElTPvi1m6U6YrEzE4oa71MgIUsh+sxiG0nKtPfHwIDAQAB -AoGBAMPvk4h4BNK9gTL9n2RoU+fM7+Jx1GeZ24llMbZWlmOWjRiv8joTx2wJEH+s -hWP32NF/z5qin/VQ7LL6mO4hLx8RbPysfZH2PGwGLBsL6yFKrpVLEb6Gze7bfaNC -Zxqz2zBaUup5IN5IoQbYmhYgo7h+uca2FKZMtWZlvxsNb22hAkEA/QCwdBhlf7w9 -BUWezxxm5o/laKhvP7RYem43eJNKj1tenB1MnbjM6R3Ckp0ykbKQIEL3mjTEUR+/ -31yfSjKRrwJBANzXRXmowoaKFrjkRFjfKrSk6cIa5/32U4Shy3/1LRoHv1qcsyEv -0Acn5aE8vdiYK4J/OqiS87KFYH6WISCEFZECQQDg4xH1wBHIfvwGiaHmGyrkWpfi -dYWdrKLRANNR3Cr0TpVEU07dC30o4YkoZY6jr4MpCh2o9qpiKcSVuHDmtRiFAkBE -AsvznqRhuK8su6fM0tWdElinHZAqpyyrYQSB4KjGJnKo3i9QXiArw/60/DbfOGXV -54bSGYeRh//inCuRjvvxAkBv9rarlopkpj29aAM4e4gs5W4ssl0uOjnSBiSH+Zn/ -j/oYrQgvpITFLCdF48D44GWtupw5zCLiJAREySaNma4Z ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/data/sub-cert.p12 b/crypto/heimdal/lib/hx509/data/sub-cert.p12 deleted file mode 100644 index 90def937974e..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/sub-cert.p12 and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/test-ds-only.crt b/crypto/heimdal/lib/hx509/data/test-ds-only.crt deleted file mode 100644 index 78559c662e31..000000000000 --- a/crypto/heimdal/lib/hx509/data/test-ds-only.crt +++ /dev/null @@ -1,53 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 5 (0x5) - Signature Algorithm: sha1WithRSAEncryption - Issuer: CN=hx509 Test Root CA, C=SE - Validity - Not Before: Nov 15 06:58:57 2007 GMT - Not After : Nov 12 06:58:57 2017 GMT - Subject: C=SE, CN=Test cert DigitalSignature - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:c7:40:d0:87:47:81:b2:4e:4b:36:7c:c9:8d:9d: - eb:dc:65:13:20:dc:72:0f:bf:5e:44:36:aa:18:fc: - 09:54:8c:1a:4e:15:5a:c5:c3:0c:95:f7:55:1c:b0: - 93:d2:80:92:eb:7e:67:b4:2e:9c:0c:fd:65:6a:9c: - d6:35:d2:c2:62:3f:a2:6c:90:9e:a6:5a:59:33:e1: - 3a:13:9a:9d:9a:7e:2b:a2:44:96:41:87:b3:e2:b8: - 62:1b:88:46:08:39:c5:7a:90:83:42:22:c9:73:9f: - 41:51:1d:40:34:0f:94:0e:2a:ee:27:76:6d:6d:44: - d2:e7:90:ad:9c:da:f8:7f:87 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Key Usage: - Digital Signature, Non Repudiation - X509v3 Subject Key Identifier: - B9:41:3E:C9:AB:F2:37:75:F1:F8:C7:86:BB:54:78:76:15:16:D9:BB - Signature Algorithm: sha1WithRSAEncryption - 72:fc:ea:ad:ec:08:be:45:34:5e:d0:1b:d0:0d:fc:2f:70:89: - 8e:58:fb:15:ce:7b:78:8f:db:e9:97:cc:89:10:e6:10:f5:22: - f9:e9:c6:0d:4e:f9:35:c6:e2:5f:ab:28:47:e3:d6:94:d0:80: - db:44:4a:a9:8b:86:8b:c6:09:7b:d5:eb:07:ef:92:5a:ac:9a: - a7:04:c5:e2:c5:3f:01:d0:c1:92:c1:14:90:50:bd:0f:38:09: - 0e:c5:9f:96:bd:42:8b:87:ac:b1:62:ca:bc:79:1d:fc:23:06: - 55:b3:55:f2:b8:49:67:8e:d7:63:1f:52:aa:b9:19:e0:1f:18: - 11:ac ------BEGIN CERTIFICATE----- -MIICCzCCAXSgAwIBAgIBBTANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw -OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA3MTExNTA2NTg1N1oXDTE3 -MTExMjA2NTg1N1owMjELMAkGA1UEBhMCU0UxIzAhBgNVBAMMGlRlc3QgY2VydCBE -aWdpdGFsU2lnbmF0dXJlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHQNCH -R4GyTks2fMmNnevcZRMg3HIPv15ENqoY/AlUjBpOFVrFwwyV91UcsJPSgJLrfme0 -LpwM/WVqnNY10sJiP6JskJ6mWlkz4ToTmp2afiuiRJZBh7PiuGIbiEYIOcV6kINC -Islzn0FRHUA0D5QOKu4ndm1tRNLnkK2c2vh/hwIDAQABozkwNzAJBgNVHRMEAjAA -MAsGA1UdDwQEAwIGwDAdBgNVHQ4EFgQUuUE+yavyN3Xx+MeGu1R4dhUW2bswDQYJ -KoZIhvcNAQEFBQADgYEAcvzqrewIvkU0XtAb0A38L3CJjlj7Fc57eI/b6ZfMiRDm -EPUi+enGDU75NcbiX6soR+PWlNCA20RKqYuGi8YJe9XrB++SWqyapwTF4sU/AdDB -ksEUkFC9DzgJDsWflr1Ci4essWLKvHkd/CMGVbNV8rhJZ47XYx9SqrkZ4B8YEaw= ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/test-ds-only.key b/crypto/heimdal/lib/hx509/data/test-ds-only.key deleted file mode 100644 index 1233c34b1b26..000000000000 --- a/crypto/heimdal/lib/hx509/data/test-ds-only.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQDHQNCHR4GyTks2fMmNnevcZRMg3HIPv15ENqoY/AlUjBpOFVrF -wwyV91UcsJPSgJLrfme0LpwM/WVqnNY10sJiP6JskJ6mWlkz4ToTmp2afiuiRJZB -h7PiuGIbiEYIOcV6kINCIslzn0FRHUA0D5QOKu4ndm1tRNLnkK2c2vh/hwIDAQAB -AoGAPa3Ln0S8WjSwRaKlRahP/b5wCGkVCdjkVltRlkBWpwxjjC5CFhvFxpp0h1gF -ulDAqhNMCNOwzLiX70Ozb5/ZOcK6eIYolFDf8ldc5fSJMTIZF2V6CzICNNKFGWpI -z5QFhfQDqru6ZaWtPuK4sJIcmBx1nMTu4z9rNjvnGqJV/ckCQQDm8HfOI6f5Dlgg -QI9My7uDshfF2j6lo8wX32Vsgfb2PO+a6BGCCQhSjlKSZoiOH+KNz1/fp0/sbeGY -ZbdJSMg9AkEA3OAZrLlgKId6Gs5EjDfvq2njJf4dAOk5aH8HB1u18VuRvdkWxEwo -A7zrFZz+l1U52OMNKazPuPLju7foen9fEwJAR1URfG/RC4HdwKCQYsUvN1+ELk3a -OemdOeZ7+ocuVCLAU9XIyqSlmHJzmNro5RV+MhVS5M9WRY4vN5Z7hbxgdQJBAJG3 -NrkAwzN5zVCJ7Cclb/SCMt0JvFCxjLInu5dbJblJU+kPozl1lKCCrgTgQgXMsBEq -GbD41UGK3DsnpTPLfAkCQQCeZlgPiddfNhyg3SQOgj1M/3NBEfJFnX3FqlF32Pvz -0U29o0iMSP4q2j+cyUxAmlp9I7clhq7bBRTfCHKIHETg ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/data/test-enveloped-aes-128 b/crypto/heimdal/lib/hx509/data/test-enveloped-aes-128 deleted file mode 100644 index c706839a3fb3..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/test-enveloped-aes-128 and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/test-enveloped-aes-256 b/crypto/heimdal/lib/hx509/data/test-enveloped-aes-256 deleted file mode 100644 index 1d5ef41ec428..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/test-enveloped-aes-256 and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/test-enveloped-des b/crypto/heimdal/lib/hx509/data/test-enveloped-des deleted file mode 100644 index 85a08d901a4a..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/test-enveloped-des and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/test-enveloped-des-ede3 b/crypto/heimdal/lib/hx509/data/test-enveloped-des-ede3 deleted file mode 100644 index deb5fe1ce4b6..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/test-enveloped-des-ede3 and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/test-enveloped-rc2-128 b/crypto/heimdal/lib/hx509/data/test-enveloped-rc2-128 deleted file mode 100644 index ebe0b5faa056..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/test-enveloped-rc2-128 and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/test-enveloped-rc2-40 b/crypto/heimdal/lib/hx509/data/test-enveloped-rc2-40 deleted file mode 100644 index c664b81c3db2..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/test-enveloped-rc2-40 and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/test-enveloped-rc2-64 b/crypto/heimdal/lib/hx509/data/test-enveloped-rc2-64 deleted file mode 100644 index 24bd36818006..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/test-enveloped-rc2-64 and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/test-ke-only.crt b/crypto/heimdal/lib/hx509/data/test-ke-only.crt deleted file mode 100644 index 9239de472554..000000000000 --- a/crypto/heimdal/lib/hx509/data/test-ke-only.crt +++ /dev/null @@ -1,53 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 4 (0x4) - Signature Algorithm: sha1WithRSAEncryption - Issuer: CN=hx509 Test Root CA, C=SE - Validity - Not Before: Nov 15 06:58:57 2007 GMT - Not After : Nov 12 06:58:57 2017 GMT - Subject: C=SE, CN=Test cert KeyEncipherment - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:bd:6a:09:6d:65:fd:2f:a6:02:74:48:59:5a:d6: - b1:cf:d2:30:60:21:92:bf:ed:94:d1:df:e9:de:b7: - c2:c5:5d:c8:7b:a7:f2:b3:e0:1b:78:ba:a8:ba:4b: - ee:95:5c:06:77:10:39:be:e5:4c:4a:f0:1e:96:a0: - df:77:7a:7a:06:ce:95:b0:d9:fd:ac:4b:85:45:b1: - 7c:a5:51:af:b8:c3:82:6f:21:09:37:03:b0:61:e0: - 04:46:a8:71:56:a6:36:67:79:42:e1:ef:bf:28:1d: - a0:ef:02:6e:26:60:e1:fe:05:95:72:87:b9:c1:08: - 8e:ed:dc:fd:71:06:15:80:79 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Key Usage: - Non Repudiation, Key Encipherment - X509v3 Subject Key Identifier: - 17:F3:F4:8B:D1:CD:D4:A3:D9:9D:A0:0E:6E:52:EE:11:03:85:32:6F - Signature Algorithm: sha1WithRSAEncryption - 5f:1d:86:c2:bd:eb:c7:75:ad:b6:ec:c8:10:96:4f:8b:b2:36: - b4:7b:ba:c4:b5:6c:1c:2e:80:eb:d0:97:5f:71:48:8a:79:f7: - 05:ee:2b:96:ef:b9:68:0d:fa:86:73:c7:30:3f:22:81:ea:cf: - 46:3a:4b:4d:31:39:29:5d:1a:b8:44:ae:12:f1:18:ea:de:55: - 47:f4:1c:77:07:34:41:cf:1c:f1:1c:f8:0d:63:c1:e8:b4:98: - e7:cb:c1:2d:96:b3:5a:21:6e:fa:e7:e1:15:87:84:c9:71:31: - 5f:6f:93:98:7f:ca:00:d3:8d:96:bb:b5:03:af:c0:4d:4e:a2: - a5:97 ------BEGIN CERTIFICATE----- -MIICCjCCAXOgAwIBAgIBBDANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw -OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA3MTExNTA2NTg1N1oXDTE3 -MTExMjA2NTg1N1owMTELMAkGA1UEBhMCU0UxIjAgBgNVBAMMGVRlc3QgY2VydCBL -ZXlFbmNpcGhlcm1lbnQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL1qCW1l -/S+mAnRIWVrWsc/SMGAhkr/tlNHf6d63wsVdyHun8rPgG3i6qLpL7pVcBncQOb7l -TErwHpag33d6egbOlbDZ/axLhUWxfKVRr7jDgm8hCTcDsGHgBEaocVamNmd5QuHv -vygdoO8CbiZg4f4FlXKHucEIju3c/XEGFYB5AgMBAAGjOTA3MAkGA1UdEwQCMAAw -CwYDVR0PBAQDAgVgMB0GA1UdDgQWBBQX8/SL0c3Uo9mdoA5uUu4RA4UybzANBgkq -hkiG9w0BAQUFAAOBgQBfHYbCvevHda227MgQlk+Lsja0e7rEtWwcLoDr0JdfcUiK -efcF7iuW77loDfqGc8cwPyKB6s9GOktNMTkpXRq4RK4S8Rjq3lVH9Bx3BzRBzxzx -HPgNY8HotJjny8EtlrNaIW765+EVh4TJcTFfb5OYf8oA042Wu7UDr8BNTqKllw== ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/test-ke-only.key b/crypto/heimdal/lib/hx509/data/test-ke-only.key deleted file mode 100644 index 878267e0156b..000000000000 --- a/crypto/heimdal/lib/hx509/data/test-ke-only.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQC9agltZf0vpgJ0SFla1rHP0jBgIZK/7ZTR3+net8LFXch7p/Kz -4Bt4uqi6S+6VXAZ3EDm+5UxK8B6WoN93enoGzpWw2f2sS4VFsXylUa+4w4JvIQk3 -A7Bh4ARGqHFWpjZneULh778oHaDvAm4mYOH+BZVyh7nBCI7t3P1xBhWAeQIDAQAB -AoGASR2vee1OqJ/6foyXAXuys7g9OD59eVzqf4Fhs7lXk/w5sZIJG+o8cIQNMayx -8jHNxRQcVlYI9zxtclOzL1m11FPRgP6oVicPdIbKf/9JQhjlq/RgX/N66iBSPOW3 -80RtZ0G9pI+9RQN3sG1t39sXyMZJz5ApkcrsIfkX7Ej8tAkCQQD1mqP32MjUIpDc -x15ybBXib7E/27f/aM04Zg4D1WLkYANmUKFLiNeKKEIy+R6iQ9bqcWdh/u2Pu08e -I9eusolbAkEAxW6GQOihK5hsmKY7QdrORP6I6g8nqu/esiN1/LMtIVZdHtuaLxea -3XUIewnK1h5d2eKXyWjMgT8o5y/XtT5xuwJAVW7mbJeHPGuNso7TZr/8WNj7cjgu -5/R/toehhmnazZAsfpG7mbfPKirY5DxOEKnCf6jVCnyQDHhejCBxrT5DkwJBALrW -MW7Tt1JOWNbM2V8k9fcM+fymgt+dSJ5EOK//0EGwPUeqgmr2Z7QTwQbO6YlgC2ja -qtILvxzA7LB78iKvCWkCQQCOPkDbIzy5JM8AZtUFYb7PqJBb5fHDg3wiKWXiTh8+ -eaBxDdbBxCsamPLwfP2cguCvVv9yz3ODA9Aopny9iAv3 ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/data/test-nopw.p12 b/crypto/heimdal/lib/hx509/data/test-nopw.p12 deleted file mode 100644 index 49db084e6234..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/test-nopw.p12 and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/test-pw.key b/crypto/heimdal/lib/hx509/data/test-pw.key deleted file mode 100644 index e844a98bbc03..000000000000 --- a/crypto/heimdal/lib/hx509/data/test-pw.key +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: AES-256-CBC,B9B1B14B38E4ED57E3F9D8DFA7FEB086 - -mgUkuZfb6TTZ+69kLKbHpwfSYmY1tRMeIuuqcY6qdNpF70kiZ6BylMYzGG29OZJQ -ttiYmYz1zFYVhWrnpGnK7Raa7CHaohlcPfiUBD2lRzNmj6xYAJdooiR9kWNnZZe5 -JTOpLuokpSWSqgS58AB1BLkK67JGTEhF3iDwPff/oVBjW5X/VMRd62RfDk32MJmd -nd+xNdBeKk7nXwMITZyv3n5KayVohNSpFblIAwl/k8BDLavIKboZtJDqw9LyRpWC -KLtToAWTO7pvZcOoK9yIhM5TtbZkp7pQrebGjoYkvdF84i4oVS85q8swwsw7BFq5 -s8AVbdC0kcj5tfSaJYxFonyj5BHiEc1k1CLkcn0Aff1DhW/vR93W28UgQBT11Lxf -bvHxCSIGp6TKut7Jr1FGs6tzU5eTI2AlWeWJBoANDD2HaKnouRQfDEf8pHP9Odxg -nOQ4HinpwpylimqisYqHbeocO5izz1xioze82SxYQTUGj+gCViSBIBesVaZ31DGm -3ECN94ItCm9z6zAeMNtUdLkTY6rPeetwrXXcrWddD7p5c1HdWEEQHU1HilunQc6N -I39udeWfW0HlINxKu7IgOepNipdw9EFUPtY1LGP+2Xa3ezi8saXPbsq0i/0looWf -dhjvWke/uwi16zwDKL25pNSmSAKyhD+P46f5pcf1yk1MbMkFbfTrHzcxOIN1Fd5m -rFVJTUnVonQinb8cEyqgg/2ufvOe6AnaIqjsKdFUQthYrCg6Voupis+SXRbIefhr -diiBsOoIu8O38I9R6KmSs+CYTBeChWmt1sAJudRIgZ3v5vTm734qwlxijL4sSkYQ ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/data/test-signed-data b/crypto/heimdal/lib/hx509/data/test-signed-data deleted file mode 100644 index ae27556a0ae9..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/test-signed-data and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/test-signed-data-noattr b/crypto/heimdal/lib/hx509/data/test-signed-data-noattr deleted file mode 100644 index 11b008eb3d4d..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/test-signed-data-noattr and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/test-signed-data-noattr-nocerts b/crypto/heimdal/lib/hx509/data/test-signed-data-noattr-nocerts deleted file mode 100644 index 0c94ab9f2be9..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/test-signed-data-noattr-nocerts and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/test.combined.crt b/crypto/heimdal/lib/hx509/data/test.combined.crt deleted file mode 100644 index 05c1e74bdc8e..000000000000 --- a/crypto/heimdal/lib/hx509/data/test.combined.crt +++ /dev/null @@ -1,68 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 2 (0x2) - Signature Algorithm: sha1WithRSAEncryption - Issuer: CN=hx509 Test Root CA, C=SE - Validity - Not Before: Nov 15 06:58:56 2007 GMT - Not After : Nov 12 06:58:56 2017 GMT - Subject: C=SE, CN=Test cert - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:e8:bd:c6:8e:de:37:d8:f3:43:23:c3:27:b6:49: - 65:33:a8:b2:a9:f0:16:0d:90:49:47:7b:90:98:e4: - ae:de:dd:64:b6:3b:48:b7:2e:0b:02:18:1f:85:f3: - 48:af:78:4b:54:34:63:62:06:30:f0:b5:a2:e9:db: - 35:6c:c7:55:f5:30:27:a0:66:54:a5:e8:52:27:52: - 43:4e:90:04:11:6a:e8:2b:52:e4:8d:fe:fd:c4:aa: - b0:4e:63:c6:aa:2d:0a:4e:1d:ae:1c:0d:c8:12:10: - 93:af:5c:e5:31:30:df:2c:0d:d7:c4:9e:d1:fd:37: - 3a:45:71:fa:62:af:90:5e:c3 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Key Usage: - Digital Signature, Non Repudiation, Key Encipherment - X509v3 Subject Key Identifier: - D0:9B:77:9A:88:C7:AD:71:07:17:56:E1:0C:4D:B2:23:85:81:D1:EB - Signature Algorithm: sha1WithRSAEncryption - 88:f8:ee:7d:35:36:1c:a9:71:e4:c5:64:b9:c9:c2:2d:9d:d5: - 79:67:25:12:d7:96:28:4c:dd:92:6a:19:6b:ce:bc:fa:78:bd: - f3:d2:c4:5c:a9:d9:4a:b7:ef:40:8f:c8:e2:1a:67:90:58:a4: - 71:76:87:c2:66:9e:69:57:37:c9:15:b8:c7:d9:fa:3f:32:be: - 14:5e:7b:41:5c:7f:c2:54:1b:f1:1b:15:20:8c:0a:62:7c:71: - 07:ff:7d:df:71:75:0c:4b:7d:b8:a1:59:e1:5a:4e:b7:c1:df: - 98:3b:cf:c9:de:e3:73:6f:fa:2d:fa:39:c5:59:92:08:c4:6b: - 43:7a ------BEGIN CERTIFICATE----- -MIIB+jCCAWOgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw -OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA3MTExNTA2NTg1NloXDTE3 -MTExMjA2NTg1NlowITELMAkGA1UEBhMCU0UxEjAQBgNVBAMMCVRlc3QgY2VydDCB -nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA6L3Gjt432PNDI8MntkllM6iyqfAW -DZBJR3uQmOSu3t1ktjtIty4LAhgfhfNIr3hLVDRjYgYw8LWi6ds1bMdV9TAnoGZU -pehSJ1JDTpAEEWroK1Lkjf79xKqwTmPGqi0KTh2uHA3IEhCTr1zlMTDfLA3XxJ7R -/Tc6RXH6Yq+QXsMCAwEAAaM5MDcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYD -VR0OBBYEFNCbd5qIx61xBxdW4QxNsiOFgdHrMA0GCSqGSIb3DQEBBQUAA4GBAIj4 -7n01NhypceTFZLnJwi2d1XlnJRLXlihM3ZJqGWvOvPp4vfPSxFyp2Uq370CPyOIa -Z5BYpHF2h8JmnmlXN8kVuMfZ+j8yvhRee0Fcf8JUG/EbFSCMCmJ8cQf/fd9xdQxL -fbihWeFaTrfB35g7z8ne43Nv+i36OcVZkgjEa0N6 ------END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY----- -MIICXgIBAAKBgQDovcaO3jfY80Mjwye2SWUzqLKp8BYNkElHe5CY5K7e3WS2O0i3 -LgsCGB+F80iveEtUNGNiBjDwtaLp2zVsx1X1MCegZlSl6FInUkNOkAQRaugrUuSN -/v3EqrBOY8aqLQpOHa4cDcgSEJOvXOUxMN8sDdfEntH9NzpFcfpir5BewwIDAQAB -AoGBAKS3WsVWBBRo5cVzorFh9FvBMuEOZ60lxpbunoF2p0RXT6WhA2+RCH1s8TJt -4a0956IqiYOgehaBllEHsSHRWcUZ0P96qhZbVn1fWem0/U1VGb6d9WFftqPCOgYI -0joyDn+mmS1nhILexQARULyM67JyhX1xVbgFQUeTtr2WGIdBAkEA9hQURHdgxsu+ -iqe+93I1mA0LccKI3Mmb9jM0DBW1+NeGw17xE39u2DTLsFTIXkcpGzbaJYPaaOhU -pcpLX7haMQJBAPIgCT9cwEhX/MQq4eViCXd7blg4FxlDJDrD8sC8E0xss2N9Kpk4 -aJBtd4leOlzDwCanlWHrMCKo/NuE2b58FzMCQQDLTMtxxS6vDqTc6LlctX6RoDVU -RuPLhMTVInhdg5JTg7xSrJ1+/kkVVojxpRnkyeWsFiUj2UsYYNmOHxMmgagBAkEA -1to8uoAolEmXn89Zsv3C3salzRzAyob84DS+9e4uxdNzf+Yy5dHbX8Xzm+8EpQqD -OQnekgxsI2WHM5h4zAI7ZwJAefxLT1ljFxZmp1612/jqDaeNmmUHIN2aMpDinIle -r2S7S+UC+m573YcLZoYy9QAcTjnvgs/99zXjewfIQSQOmw== ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/data/test.crt b/crypto/heimdal/lib/hx509/data/test.crt deleted file mode 100644 index 607605b01dfe..000000000000 --- a/crypto/heimdal/lib/hx509/data/test.crt +++ /dev/null @@ -1,53 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 2 (0x2) - Signature Algorithm: sha1WithRSAEncryption - Issuer: CN=hx509 Test Root CA, C=SE - Validity - Not Before: Nov 15 06:58:56 2007 GMT - Not After : Nov 12 06:58:56 2017 GMT - Subject: C=SE, CN=Test cert - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:e8:bd:c6:8e:de:37:d8:f3:43:23:c3:27:b6:49: - 65:33:a8:b2:a9:f0:16:0d:90:49:47:7b:90:98:e4: - ae:de:dd:64:b6:3b:48:b7:2e:0b:02:18:1f:85:f3: - 48:af:78:4b:54:34:63:62:06:30:f0:b5:a2:e9:db: - 35:6c:c7:55:f5:30:27:a0:66:54:a5:e8:52:27:52: - 43:4e:90:04:11:6a:e8:2b:52:e4:8d:fe:fd:c4:aa: - b0:4e:63:c6:aa:2d:0a:4e:1d:ae:1c:0d:c8:12:10: - 93:af:5c:e5:31:30:df:2c:0d:d7:c4:9e:d1:fd:37: - 3a:45:71:fa:62:af:90:5e:c3 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Key Usage: - Digital Signature, Non Repudiation, Key Encipherment - X509v3 Subject Key Identifier: - D0:9B:77:9A:88:C7:AD:71:07:17:56:E1:0C:4D:B2:23:85:81:D1:EB - Signature Algorithm: sha1WithRSAEncryption - 88:f8:ee:7d:35:36:1c:a9:71:e4:c5:64:b9:c9:c2:2d:9d:d5: - 79:67:25:12:d7:96:28:4c:dd:92:6a:19:6b:ce:bc:fa:78:bd: - f3:d2:c4:5c:a9:d9:4a:b7:ef:40:8f:c8:e2:1a:67:90:58:a4: - 71:76:87:c2:66:9e:69:57:37:c9:15:b8:c7:d9:fa:3f:32:be: - 14:5e:7b:41:5c:7f:c2:54:1b:f1:1b:15:20:8c:0a:62:7c:71: - 07:ff:7d:df:71:75:0c:4b:7d:b8:a1:59:e1:5a:4e:b7:c1:df: - 98:3b:cf:c9:de:e3:73:6f:fa:2d:fa:39:c5:59:92:08:c4:6b: - 43:7a ------BEGIN CERTIFICATE----- -MIIB+jCCAWOgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAqMRswGQYDVQQDDBJoeDUw -OSBUZXN0IFJvb3QgQ0ExCzAJBgNVBAYTAlNFMB4XDTA3MTExNTA2NTg1NloXDTE3 -MTExMjA2NTg1NlowITELMAkGA1UEBhMCU0UxEjAQBgNVBAMMCVRlc3QgY2VydDCB -nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA6L3Gjt432PNDI8MntkllM6iyqfAW -DZBJR3uQmOSu3t1ktjtIty4LAhgfhfNIr3hLVDRjYgYw8LWi6ds1bMdV9TAnoGZU -pehSJ1JDTpAEEWroK1Lkjf79xKqwTmPGqi0KTh2uHA3IEhCTr1zlMTDfLA3XxJ7R -/Tc6RXH6Yq+QXsMCAwEAAaM5MDcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYD -VR0OBBYEFNCbd5qIx61xBxdW4QxNsiOFgdHrMA0GCSqGSIb3DQEBBQUAA4GBAIj4 -7n01NhypceTFZLnJwi2d1XlnJRLXlihM3ZJqGWvOvPp4vfPSxFyp2Uq370CPyOIa -Z5BYpHF2h8JmnmlXN8kVuMfZ+j8yvhRee0Fcf8JUG/EbFSCMCmJ8cQf/fd9xdQxL -fbihWeFaTrfB35g7z8ne43Nv+i36OcVZkgjEa0N6 ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/test.key b/crypto/heimdal/lib/hx509/data/test.key deleted file mode 100644 index 5251ceb74d3f..000000000000 --- a/crypto/heimdal/lib/hx509/data/test.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXgIBAAKBgQDovcaO3jfY80Mjwye2SWUzqLKp8BYNkElHe5CY5K7e3WS2O0i3 -LgsCGB+F80iveEtUNGNiBjDwtaLp2zVsx1X1MCegZlSl6FInUkNOkAQRaugrUuSN -/v3EqrBOY8aqLQpOHa4cDcgSEJOvXOUxMN8sDdfEntH9NzpFcfpir5BewwIDAQAB -AoGBAKS3WsVWBBRo5cVzorFh9FvBMuEOZ60lxpbunoF2p0RXT6WhA2+RCH1s8TJt -4a0956IqiYOgehaBllEHsSHRWcUZ0P96qhZbVn1fWem0/U1VGb6d9WFftqPCOgYI -0joyDn+mmS1nhILexQARULyM67JyhX1xVbgFQUeTtr2WGIdBAkEA9hQURHdgxsu+ -iqe+93I1mA0LccKI3Mmb9jM0DBW1+NeGw17xE39u2DTLsFTIXkcpGzbaJYPaaOhU -pcpLX7haMQJBAPIgCT9cwEhX/MQq4eViCXd7blg4FxlDJDrD8sC8E0xss2N9Kpk4 -aJBtd4leOlzDwCanlWHrMCKo/NuE2b58FzMCQQDLTMtxxS6vDqTc6LlctX6RoDVU -RuPLhMTVInhdg5JTg7xSrJ1+/kkVVojxpRnkyeWsFiUj2UsYYNmOHxMmgagBAkEA -1to8uoAolEmXn89Zsv3C3salzRzAyob84DS+9e4uxdNzf+Yy5dHbX8Xzm+8EpQqD -OQnekgxsI2WHM5h4zAI7ZwJAefxLT1ljFxZmp1612/jqDaeNmmUHIN2aMpDinIle -r2S7S+UC+m573YcLZoYy9QAcTjnvgs/99zXjewfIQSQOmw== ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/data/test.p12 b/crypto/heimdal/lib/hx509/data/test.p12 deleted file mode 100644 index ad3e90acaa2e..000000000000 Binary files a/crypto/heimdal/lib/hx509/data/test.p12 and /dev/null differ diff --git a/crypto/heimdal/lib/hx509/data/yutaka-pad-broken-ca.pem b/crypto/heimdal/lib/hx509/data/yutaka-pad-broken-ca.pem deleted file mode 100644 index 32685d1fe8a7..000000000000 --- a/crypto/heimdal/lib/hx509/data/yutaka-pad-broken-ca.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICijCCAfOgAwIBAgIJAOSnzE4Qx2H+MA0GCSqGSIb3DQEBBQUAMDkxCzAJBgNV -BAYTAkpQMRQwEgYDVQQKEwtDQSBURVNUIDEtNDEUMBIGA1UEAxMLQ0EgVEVTVCAx -LTQwHhcNMDYwOTA3MTYzMzE4WhcNMDYxMDA3MTYzMzE4WjA5MQswCQYDVQQGEwJK -UDEUMBIGA1UEChMLQ0EgVEVTVCAxLTQxFDASBgNVBAMTC0NBIFRFU1QgMS00MIGd -MA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQDZfFjkPDZeorxWqk7/DKM2d/9Nao28 -dM6T5sb5L41hD5C1kXV6MJev5ALASSxtI6OVOmZO4gfubnsvcj0NTZO4SeF1yL1r -VDPdx7juQI1cbDiG/EwIMW29UIdj9h052JTmEbpT0RuP/4JWmAWrdO5UE40xua7S -z2/6+DB2ZklFoQIBA6OBmzCBmDAdBgNVHQ4EFgQU340JbeYcg6V9zi8aozy48aIh -tfgwaQYDVR0jBGIwYIAU340JbeYcg6V9zi8aozy48aIhtfihPaQ7MDkxCzAJBgNV -BAYTAkpQMRQwEgYDVQQKEwtDQSBURVNUIDEtNDEUMBIGA1UEAxMLQ0EgVEVTVCAx -LTSCCQDkp8xOEMdh/jAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBABsH -aJ/c/3cGHssi8IvVRci/aavqj607y7l22nKDtG1p4KAjnfNhBMOhRhFv00nJnokK -y0uc4DIegAW1bxQjqcMNNEmGbzAeixH/cRCot8C1LobEQmxNWCY2DJLWoI3wwqr8 -uUSnI1CDZ5402etkCiNXsDy/eYDrF+2KonkIWRrr ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/yutaka-pad-broken-cert.pem b/crypto/heimdal/lib/hx509/data/yutaka-pad-broken-cert.pem deleted file mode 100644 index b0726eac1d65..000000000000 --- a/crypto/heimdal/lib/hx509/data/yutaka-pad-broken-cert.pem +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICzTCCAjagAwIBAgIJAOSnzE4Qx2H/MA0GCSqGSIb3DQEBBQUAMDkxCzAJBgNV -BAYTAkpQMRQwEgYDVQQKEwtDQSBURVNUIDEtNDEUMBIGA1UEAxMLQ0EgVEVTVCAx -LTQwHhcNMDYwOTA3MTY0MDM3WhcNMDcwOTA3MTY0MDM3WjBPMQswCQYDVQQGEwJK -UDEOMAwGA1UECBMFVG9reW8xFjAUBgNVBAoTDVRFU1QgMiBDTElFTlQxGDAWBgNV -BAMTD3d3dzIuZXhhbXBsZS5qcDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA -vSpZ6ig9DpeKB60h7ii1RitNuvkn4INOfEXjCjPSFwmIbGJqnyWvKTiMKzguEYkG -6CZAbsx44t3kvsVDeUd5WZBRgMoeQd1tNJBU4BXxOA8bVzdwstzaPeeufQtZDvKf -M4ej+fo/j9lYH9udCug1huaNybcCtijzGonkddX4JEUCAwEAAaOBxjCBwzAJBgNV -HRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZp -Y2F0ZTAdBgNVHQ4EFgQUK0DZtd8K1P2ij9gVKUNcHlx7uCIwaQYDVR0jBGIwYIAU -340JbeYcg6V9zi8aozy48aIhtfihPaQ7MDkxCzAJBgNVBAYTAkpQMRQwEgYDVQQK -EwtDQSBURVNUIDEtNDEUMBIGA1UEAxMLQ0EgVEVTVCAxLTSCCQDkp8xOEMdh/jAN -BgkqhkiG9w0BAQUFAAOBgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -AAAAAAAAAUKJ+eFJYSvXwGF2wxzDXj+x5YCItrHFmrEy4AXXAW+H0NgJVNvqRY/O -Kw== ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/yutaka-pad-ok-ca.pem b/crypto/heimdal/lib/hx509/data/yutaka-pad-ok-ca.pem deleted file mode 100644 index 32685d1fe8a7..000000000000 --- a/crypto/heimdal/lib/hx509/data/yutaka-pad-ok-ca.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICijCCAfOgAwIBAgIJAOSnzE4Qx2H+MA0GCSqGSIb3DQEBBQUAMDkxCzAJBgNV -BAYTAkpQMRQwEgYDVQQKEwtDQSBURVNUIDEtNDEUMBIGA1UEAxMLQ0EgVEVTVCAx -LTQwHhcNMDYwOTA3MTYzMzE4WhcNMDYxMDA3MTYzMzE4WjA5MQswCQYDVQQGEwJK -UDEUMBIGA1UEChMLQ0EgVEVTVCAxLTQxFDASBgNVBAMTC0NBIFRFU1QgMS00MIGd -MA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQDZfFjkPDZeorxWqk7/DKM2d/9Nao28 -dM6T5sb5L41hD5C1kXV6MJev5ALASSxtI6OVOmZO4gfubnsvcj0NTZO4SeF1yL1r -VDPdx7juQI1cbDiG/EwIMW29UIdj9h052JTmEbpT0RuP/4JWmAWrdO5UE40xua7S -z2/6+DB2ZklFoQIBA6OBmzCBmDAdBgNVHQ4EFgQU340JbeYcg6V9zi8aozy48aIh -tfgwaQYDVR0jBGIwYIAU340JbeYcg6V9zi8aozy48aIhtfihPaQ7MDkxCzAJBgNV -BAYTAkpQMRQwEgYDVQQKEwtDQSBURVNUIDEtNDEUMBIGA1UEAxMLQ0EgVEVTVCAx -LTSCCQDkp8xOEMdh/jAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBABsH -aJ/c/3cGHssi8IvVRci/aavqj607y7l22nKDtG1p4KAjnfNhBMOhRhFv00nJnokK -y0uc4DIegAW1bxQjqcMNNEmGbzAeixH/cRCot8C1LobEQmxNWCY2DJLWoI3wwqr8 -uUSnI1CDZ5402etkCiNXsDy/eYDrF+2KonkIWRrr ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/yutaka-pad-ok-cert.pem b/crypto/heimdal/lib/hx509/data/yutaka-pad-ok-cert.pem deleted file mode 100644 index 9a89e59e2ad7..000000000000 --- a/crypto/heimdal/lib/hx509/data/yutaka-pad-ok-cert.pem +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICzTCCAjagAwIBAgIJAOSnzE4Qx2H/MA0GCSqGSIb3DQEBBQUAMDkxCzAJBgNV -BAYTAkpQMRQwEgYDVQQKEwtDQSBURVNUIDEtNDEUMBIGA1UEAxMLQ0EgVEVTVCAx -LTQwHhcNMDYwOTA3MTY0MDM3WhcNMDcwOTA3MTY0MDM3WjBPMQswCQYDVQQGEwJK -UDEOMAwGA1UECBMFVG9reW8xFjAUBgNVBAoTDVRFU1QgMiBDTElFTlQxGDAWBgNV -BAMTD3d3dzIuZXhhbXBsZS5qcDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA -vSpZ6ig9DpeKB60h7ii1RitNuvkn4INOfEXjCjPSFwmIbGJqnyWvKTiMKzguEYkG -6CZAbsx44t3kvsVDeUd5WZBRgMoeQd1tNJBU4BXxOA8bVzdwstzaPeeufQtZDvKf -M4ej+fo/j9lYH9udCug1huaNybcCtijzGonkddX4JEUCAwEAAaOBxjCBwzAJBgNV -HRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZp -Y2F0ZTAdBgNVHQ4EFgQUK0DZtd8K1P2ij9gVKUNcHlx7uCIwaQYDVR0jBGIwYIAU -340JbeYcg6V9zi8aozy48aIhtfihPaQ7MDkxCzAJBgNVBAYTAkpQMRQwEgYDVQQK -EwtDQSBURVNUIDEtNDEUMBIGA1UEAxMLQ0EgVEVTVCAxLTSCCQDkp8xOEMdh/jAN -BgkqhkiG9w0BAQUFAAOBgQCkGhwCDLRwWbDnDFReXkIZ1/9OhfiR8yL1idP9iYVU -cSoWxSHPBWkv6LORFS03APcXCSzDPJ9pxTjFjGGFSI91fNrzkKdHU/+0WCF2uTh7 -Dz2blqtcmnJqMSn1xHxxfM/9e6M3XwFUMf7SGiKRAbDfsauPafEPTn83vSeKj1lg -Dw== ------END CERTIFICATE----- diff --git a/crypto/heimdal/lib/hx509/data/yutaka-pad.key b/crypto/heimdal/lib/hx509/data/yutaka-pad.key deleted file mode 100644 index 1763623880c1..000000000000 --- a/crypto/heimdal/lib/hx509/data/yutaka-pad.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQC9KlnqKD0Ol4oHrSHuKLVGK026+Sfgg058ReMKM9IXCYhsYmqf -Ja8pOIwrOC4RiQboJkBuzHji3eS+xUN5R3lZkFGAyh5B3W00kFTgFfE4DxtXN3Cy -3No95659C1kO8p8zh6P5+j+P2Vgf250K6DWG5o3JtwK2KPMaieR11fgkRQIDAQAB -AoGBAJCYvwJun713uNsFTNpv46EvmMtDiWfk9ymnglVaJ03Uy6ON11Kvy6UGxJ6E -4zIkPFNYaghH5GAGncP1pg4exHKRGJTNcQbMf9iOsCTOuvKSWbBZpnJcFllKyESK -PTt72D6x/cuzDXVTeWvQMoOILa09szW7aqFNIdxae4Vq7a4BAkEA6MoehuRtZ4N9 -Jtc9cIpSKOOatZ1UajWEFV2yVHaDED2kkWxKjppPzRn06LzX8LWm1RT0qe3Zyasi -iXCXlno/+QJBANAGvY+k/+OvzWnv1yTKO8OmrMqkSzh3KAhFbiVWdQaqMSCWtKYk -GoOKnq0PB73ExhdbTFmxC4KBPHTC2guOca0CQCD78pNebnoKUYNdYCFAGCAfD97H -6hwadRqp6gi5uhxk/5pzY6UNDF2dXexURayfsIHktD4Xq5I9o2kiAPibXdECQQDC -KihwlL9K02JVSMl0y1XxDfclxSd4cq9o2PUv4HymVeA43LGMiRI+SPpF6Ut+ctW6 -IzsmVDu7+chl6yD9vFyZAkA3Auv9UxKL3kPtvu5G/lrCVmwzVfAzuwtnmSfp1+M5 -yTYBz+VFSsYrdlDZ3jdLnFzVOMiIm9pZca/L93QjmXJ+ ------END RSA PRIVATE KEY----- diff --git a/crypto/heimdal/lib/hx509/doxygen.c b/crypto/heimdal/lib/hx509/doxygen.c deleted file mode 100644 index 488ae4b9bbb7..000000000000 --- a/crypto/heimdal/lib/hx509/doxygen.c +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/** @mainpage Heimdal PKIX/X.509 library - * - * @section intro Introduction - * - * Heimdal libhx509 library is a implementation of the PKIX/X.509 and - * related protocols. - * - * PKIX/X.509 is ... - * - * - * Sections in this manual are: - * - @ref page_name - * - @ref page_cert - * - @ref page_keyset - * - @ref page_error - * - @ref page_lock - * - @ref page_cms - * - @ref page_ca - * - @ref page_revoke - * - @ref page_print - * - @ref page_env - * - * The project web page: - * http://www.h5l.org/ - * - */ - -/** @defgroup hx509 hx509 library */ - -/** @defgroup hx509_error hx509 error functions - * See the @ref page_error for description and examples. */ -/** @defgroup hx509_cert hx509 certificate functions - * See the @ref page_cert for description and examples. */ -/** @defgroup hx509_keyset hx509 certificate store functions - * See the @ref page_keyset for description and examples. */ -/** @defgroup hx509_cms hx509 CMS/pkcs7 functions - * See the @ref page_cms for description and examples. */ -/** @defgroup hx509_crypto hx509 crypto functions */ -/** @defgroup hx509_misc hx509 misc functions */ -/** @defgroup hx509_name hx509 name functions - * See the @ref page_name for description and examples. */ -/** @defgroup hx509_revoke hx509 revokation checking functions - * See the @ref page_revoke for description and examples. */ -/** @defgroup hx509_verify hx509 verification functions */ -/** @defgroup hx509_lock hx509 lock functions - * See the @ref page_lock for description and examples. */ -/** @defgroup hx509_query hx509 query functions */ -/** @defgroup hx509_ca hx509 CA functions - * See the @ref page_ca for description and examples. */ -/** @defgroup hx509_peer hx509 certificate selecting functions */ -/** @defgroup hx509_print hx509 printing functions */ -/** @defgroup hx509_env hx509 enviroment functions */ diff --git a/crypto/heimdal/lib/hx509/env.c b/crypto/heimdal/lib/hx509/env.c deleted file mode 100644 index f868c22488cb..000000000000 --- a/crypto/heimdal/lib/hx509/env.c +++ /dev/null @@ -1,161 +0,0 @@ -/* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -RCSID("$Id: env.c 22349 2007-12-26 19:32:49Z lha $"); - -/** - * @page page_env Hx509 enviroment functions - * - * See the library functions here: @ref hx509_env - */ - -struct hx509_env { - struct { - char *key; - char *value; - } *val; - size_t len; -}; - -/** - * Allocate a new hx509_env container object. - * - * @param context A hx509 context. - * @param env return a hx509_env structure, free with hx509_env_free(). - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_env - */ - -int -hx509_env_init(hx509_context context, hx509_env *env) -{ - *env = calloc(1, sizeof(**env)); - if (*env == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - return 0; -} - -/** - * Add a new key/value pair to the hx509_env. - * - * @param context A hx509 context. - * @param env enviroment to add the enviroment variable too. - * @param key key to add - * @param value value to add - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_env - */ - -int -hx509_env_add(hx509_context context, hx509_env env, - const char *key, const char *value) -{ - void *ptr; - - ptr = realloc(env->val, sizeof(env->val[0]) * (env->len + 1)); - if (ptr == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - env->val = ptr; - env->val[env->len].key = strdup(key); - if (env->val[env->len].key == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - env->val[env->len].value = strdup(value); - if (env->val[env->len].value == NULL) { - free(env->val[env->len].key); - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - env->len++; - return 0; -} - -/** - * Search the hx509_env for a key. - * - * @param context A hx509 context. - * @param env enviroment to add the enviroment variable too. - * @param key key to search for. - * @param len length of key. - * - * @return the value if the key is found, NULL otherwise. - * - * @ingroup hx509_env - */ - -const char * -hx509_env_lfind(hx509_context context, hx509_env env, - const char *key, size_t len) -{ - size_t i; - - for (i = 0; i < env->len; i++) { - char *s = env->val[i].key; - if (strncmp(key, s, len) == 0 && s[len] == '\0') - return env->val[i].value; - } - return NULL; -} - -/** - * Free an hx509_env enviroment context. - * - * @param env the enviroment to free. - * - * @ingroup hx509_env - */ - -void -hx509_env_free(hx509_env *env) -{ - size_t i; - - for (i = 0; i < (*env)->len; i++) { - free((*env)->val[i].key); - free((*env)->val[i].value); - } - free((*env)->val); - free(*env); - *env = NULL; -} - diff --git a/crypto/heimdal/lib/hx509/error.c b/crypto/heimdal/lib/hx509/error.c deleted file mode 100644 index 25119ed28830..000000000000 --- a/crypto/heimdal/lib/hx509/error.c +++ /dev/null @@ -1,223 +0,0 @@ -/* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -RCSID("$Id: error.c 22332 2007-12-17 01:03:22Z lha $"); - -/** - * @page page_error Hx509 error reporting functions - * - * See the library functions here: @ref hx509_error - */ - -struct hx509_error_data { - hx509_error next; - int code; - char *msg; -}; - -static void -free_error_string(hx509_error msg) -{ - while(msg) { - hx509_error m2 = msg->next; - free(msg->msg); - free(msg); - msg = m2; - } -} - -/** - * Resets the error strings the hx509 context. - * - * @param context A hx509 context. - * - * @ingroup hx509_error - */ - -void -hx509_clear_error_string(hx509_context context) -{ - free_error_string(context->error); - context->error = NULL; -} - -/** - * Add an error message to the hx509 context. - * - * @param context A hx509 context. - * @param flags - * - HX509_ERROR_APPEND appends the error string to the old messages - (code is updated). - * @param code error code related to error message - * @param fmt error message format - * @param ap arguments to error message format - * - * @ingroup hx509_error - */ - -void -hx509_set_error_stringv(hx509_context context, int flags, int code, - const char *fmt, va_list ap) -{ - hx509_error msg; - - msg = calloc(1, sizeof(*msg)); - if (msg == NULL) { - hx509_clear_error_string(context); - return; - } - - if (vasprintf(&msg->msg, fmt, ap) == -1) { - hx509_clear_error_string(context); - free(msg); - return; - } - msg->code = code; - - if (flags & HX509_ERROR_APPEND) { - msg->next = context->error; - context->error = msg; - } else { - free_error_string(context->error); - context->error = msg; - } -} - -/** - * See hx509_set_error_stringv(). - * - * @param context A hx509 context. - * @param flags - * - HX509_ERROR_APPEND appends the error string to the old messages - (code is updated). - * @param code error code related to error message - * @param fmt error message format - * @param ... arguments to error message format - * - * @ingroup hx509_error - */ - -void -hx509_set_error_string(hx509_context context, int flags, int code, - const char *fmt, ...) -{ - va_list ap; - - va_start(ap, fmt); - hx509_set_error_stringv(context, flags, code, fmt, ap); - va_end(ap); -} - -/** - * Get an error string from context associated with error_code. - * - * @param context A hx509 context. - * @param error_code Get error message for this error code. - * - * @return error string, free with hx509_free_error_string(). - * - * @ingroup hx509_error - */ - -char * -hx509_get_error_string(hx509_context context, int error_code) -{ - struct rk_strpool *p = NULL; - hx509_error msg = context->error; - - if (msg == NULL || msg->code != error_code) { - const char *cstr; - char *str; - - cstr = com_right(context->et_list, error_code); - if (cstr) - return strdup(cstr); - cstr = strerror(error_code); - if (cstr) - return strdup(cstr); - if (asprintf(&str, "", error_code) == -1) - return NULL; - return str; - } - - for (msg = context->error; msg; msg = msg->next) - p = rk_strpoolprintf(p, "%s%s", msg->msg, - msg->next != NULL ? "; " : ""); - - return rk_strpoolcollect(p); -} - -/** - * Free error string returned by hx509_get_error_string(). - * - * @param str error string to free. - * - * @ingroup hx509_error - */ - -void -hx509_free_error_string(char *str) -{ - free(str); -} - -/** - * Print error message and fatally exit from error code - * - * @param context A hx509 context. - * @param exit_code exit() code from process. - * @param error_code Error code for the reason to exit. - * @param fmt format string with the exit message. - * @param ... argument to format string. - * - * @ingroup hx509_error - */ - -void -hx509_err(hx509_context context, int exit_code, - int error_code, const char *fmt, ...) -{ - va_list ap; - const char *msg; - char *str; - - va_start(ap, fmt); - vasprintf(&str, fmt, ap); - va_end(ap); - msg = hx509_get_error_string(context, error_code); - if (msg == NULL) - msg = "no error"; - - errx(exit_code, "%s: %s", str, msg); -} diff --git a/crypto/heimdal/lib/hx509/file.c b/crypto/heimdal/lib/hx509/file.c deleted file mode 100644 index b076b74f44df..000000000000 --- a/crypto/heimdal/lib/hx509/file.c +++ /dev/null @@ -1,376 +0,0 @@ -/* - * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -RCSID("$ID$"); - -int -_hx509_map_file_os(const char *fn, heim_octet_string *os, struct stat *rsb) -{ - size_t length; - void *data; - int ret; - - ret = _hx509_map_file(fn, &data, &length, rsb); - - os->data = data; - os->length = length; - - return ret; -} - -void -_hx509_unmap_file_os(heim_octet_string *os) -{ - _hx509_unmap_file(os->data, os->length); -} - -int -_hx509_map_file(const char *fn, void **data, size_t *length, struct stat *rsb) -{ - struct stat sb; - size_t len; - ssize_t l; - int ret; - void *d; - int fd; - - *data = NULL; - *length = 0; - - fd = open(fn, O_RDONLY); - if (fd < 0) - return errno; - - if (fstat(fd, &sb) < 0) { - ret = errno; - close(fd); - return ret; - } - - len = sb.st_size; - - d = malloc(len); - if (d == NULL) { - close(fd); - return ENOMEM; - } - - l = read(fd, d, len); - close(fd); - if (l < 0 || l != len) { - free(d); - return EINVAL; - } - - if (rsb) - *rsb = sb; - *data = d; - *length = len; - return 0; -} - -void -_hx509_unmap_file(void *data, size_t len) -{ - free(data); -} - -int -_hx509_write_file(const char *fn, const void *data, size_t length) -{ - ssize_t sz; - const unsigned char *p = data; - int fd; - - fd = open(fn, O_WRONLY|O_TRUNC|O_CREAT, 0644); - if (fd < 0) - return errno; - - do { - sz = write(fd, p, length); - if (sz < 0) { - int saved_errno = errno; - close(fd); - return saved_errno; - } - if (sz == 0) - break; - length -= sz; - } while (length > 0); - - if (close(fd) == -1) - return errno; - - return 0; -} - -/* - * - */ - -static void -header(FILE *f, const char *type, const char *str) -{ - fprintf(f, "-----%s %s-----\n", type, str); -} - -int -hx509_pem_write(hx509_context context, const char *type, - hx509_pem_header *headers, FILE *f, - const void *data, size_t size) -{ - const char *p = data; - size_t length; - char *line; - -#define ENCODE_LINE_LENGTH 54 - - header(f, "BEGIN", type); - - while (headers) { - fprintf(f, "%s: %s\n%s", - headers->header, headers->value, - headers->next ? "" : "\n"); - headers = headers->next; - } - - while (size > 0) { - ssize_t l; - - length = size; - if (length > ENCODE_LINE_LENGTH) - length = ENCODE_LINE_LENGTH; - - l = base64_encode(p, length, &line); - if (l < 0) { - hx509_set_error_string(context, 0, ENOMEM, - "malloc - out of memory"); - return ENOMEM; - } - size -= length; - fprintf(f, "%s\n", line); - p += length; - free(line); - } - - header(f, "END", type); - - return 0; -} - -/* - * - */ - -int -hx509_pem_add_header(hx509_pem_header **headers, - const char *header, const char *value) -{ - hx509_pem_header *h; - - h = calloc(1, sizeof(*h)); - if (h == NULL) - return ENOMEM; - h->header = strdup(header); - if (h->header == NULL) { - free(h); - return ENOMEM; - } - h->value = strdup(value); - if (h->value == NULL) { - free(h->header); - free(h); - return ENOMEM; - } - - h->next = *headers; - *headers = h; - - return 0; -} - -void -hx509_pem_free_header(hx509_pem_header *headers) -{ - hx509_pem_header *h; - while (headers) { - h = headers; - headers = headers->next; - free(h->header); - free(h->value); - free(h); - } -} - -/* - * - */ - -const char * -hx509_pem_find_header(const hx509_pem_header *h, const char *header) -{ - while(h) { - if (strcmp(header, h->header) == 0) - return h->value; - h = h->next; - } - return NULL; -} - - -/* - * - */ - -int -hx509_pem_read(hx509_context context, - FILE *f, - hx509_pem_read_func func, - void *ctx) -{ - hx509_pem_header *headers = NULL; - char *type = NULL; - void *data = NULL; - size_t len = 0; - char buf[1024]; - int ret = HX509_PARSING_KEY_FAILED; - - enum { BEFORE, SEARCHHEADER, INHEADER, INDATA, DONE } where; - - where = BEFORE; - - while (fgets(buf, sizeof(buf), f) != NULL) { - char *p; - int i; - - i = strcspn(buf, "\n"); - if (buf[i] == '\n') { - buf[i] = '\0'; - if (i > 0) - i--; - } - if (buf[i] == '\r') { - buf[i] = '\0'; - if (i > 0) - i--; - } - - switch (where) { - case BEFORE: - if (strncmp("-----BEGIN ", buf, 11) == 0) { - type = strdup(buf + 11); - if (type == NULL) - break; - p = strchr(type, '-'); - if (p) - *p = '\0'; - where = SEARCHHEADER; - } - break; - case SEARCHHEADER: - p = strchr(buf, ':'); - if (p == NULL) { - where = INDATA; - goto indata; - } - /* FALLTHOUGH */ - case INHEADER: - if (buf[0] == '\0') { - where = INDATA; - break; - } - p = strchr(buf, ':'); - if (p) { - *p++ = '\0'; - while (isspace((int)*p)) - p++; - ret = hx509_pem_add_header(&headers, buf, p); - if (ret) - abort(); - } - break; - case INDATA: - indata: - - if (strncmp("-----END ", buf, 9) == 0) { - where = DONE; - break; - } - - p = emalloc(i); - i = base64_decode(buf, p); - if (i < 0) { - free(p); - goto out; - } - - data = erealloc(data, len + i); - memcpy(((char *)data) + len, p, i); - free(p); - len += i; - break; - case DONE: - abort(); - } - - if (where == DONE) { - ret = (*func)(context, type, headers, data, len, ctx); - out: - free(data); - data = NULL; - len = 0; - free(type); - type = NULL; - where = BEFORE; - hx509_pem_free_header(headers); - headers = NULL; - if (ret) - break; - } - } - - if (where != BEFORE) { - hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, - "File ends before end of PEM end tag"); - ret = HX509_PARSING_KEY_FAILED; - } - if (data) - free(data); - if (type) - free(type); - if (headers) - hx509_pem_free_header(headers); - - return ret; -} diff --git a/crypto/heimdal/lib/hx509/hx509-private.h b/crypto/heimdal/lib/hx509/hx509-private.h deleted file mode 100644 index 67bb843df59a..000000000000 --- a/crypto/heimdal/lib/hx509/hx509-private.h +++ /dev/null @@ -1,529 +0,0 @@ -/* This is a generated file */ -#ifndef __hx509_private_h__ -#define __hx509_private_h__ - -#include - -#if !defined(__GNUC__) && !defined(__attribute__) -#define __attribute__(x) -#endif - -int -_hx509_AlgorithmIdentifier_cmp ( - const AlgorithmIdentifier */*p*/, - const AlgorithmIdentifier */*q*/); - -int -_hx509_Certificate_cmp ( - const Certificate */*p*/, - const Certificate */*q*/); - -int -_hx509_Name_to_string ( - const Name */*n*/, - char **/*str*/); - -time_t -_hx509_Time2time_t (const Time */*t*/); - -void -_hx509_abort ( - const char */*fmt*/, - ...) - __attribute__ ((noreturn, format (printf, 1, 2))); - -int -_hx509_calculate_path ( - hx509_context /*context*/, - int /*flags*/, - time_t /*time_now*/, - hx509_certs /*anchors*/, - unsigned int /*max_depth*/, - hx509_cert /*cert*/, - hx509_certs /*pool*/, - hx509_path */*path*/); - -int -_hx509_cert_assign_key ( - hx509_cert /*cert*/, - hx509_private_key /*private_key*/); - -int -_hx509_cert_get_eku ( - hx509_context /*context*/, - hx509_cert /*cert*/, - ExtKeyUsage */*e*/); - -int -_hx509_cert_get_keyusage ( - hx509_context /*context*/, - hx509_cert /*c*/, - KeyUsage */*ku*/); - -int -_hx509_cert_get_version (const Certificate */*t*/); - -int -_hx509_cert_is_parent_cmp ( - const Certificate */*subject*/, - const Certificate */*issuer*/, - int /*allow_self_signed*/); - -int -_hx509_cert_private_decrypt ( - hx509_context /*context*/, - const heim_octet_string */*ciphertext*/, - const heim_oid */*encryption_oid*/, - hx509_cert /*p*/, - heim_octet_string */*cleartext*/); - -hx509_private_key -_hx509_cert_private_key (hx509_cert /*p*/); - -int -_hx509_cert_private_key_exportable (hx509_cert /*p*/); - -int -_hx509_cert_public_encrypt ( - hx509_context /*context*/, - const heim_octet_string */*cleartext*/, - const hx509_cert /*p*/, - heim_oid */*encryption_oid*/, - heim_octet_string */*ciphertext*/); - -void -_hx509_cert_set_release ( - hx509_cert /*cert*/, - _hx509_cert_release_func /*release*/, - void */*ctx*/); - -int -_hx509_certs_keys_add ( - hx509_context /*context*/, - hx509_certs /*certs*/, - hx509_private_key /*key*/); - -void -_hx509_certs_keys_free ( - hx509_context /*context*/, - hx509_private_key */*keys*/); - -int -_hx509_certs_keys_get ( - hx509_context /*context*/, - hx509_certs /*certs*/, - hx509_private_key **/*keys*/); - -hx509_certs -_hx509_certs_ref (hx509_certs /*certs*/); - -int -_hx509_check_key_usage ( - hx509_context /*context*/, - hx509_cert /*cert*/, - unsigned /*flags*/, - int /*req_present*/); - -int -_hx509_collector_alloc ( - hx509_context /*context*/, - hx509_lock /*lock*/, - struct hx509_collector **/*collector*/); - -int -_hx509_collector_certs_add ( - hx509_context /*context*/, - struct hx509_collector */*c*/, - hx509_cert /*cert*/); - -int -_hx509_collector_collect_certs ( - hx509_context /*context*/, - struct hx509_collector */*c*/, - hx509_certs */*ret_certs*/); - -int -_hx509_collector_collect_private_keys ( - hx509_context /*context*/, - struct hx509_collector */*c*/, - hx509_private_key **/*keys*/); - -void -_hx509_collector_free (struct hx509_collector */*c*/); - -hx509_lock -_hx509_collector_get_lock (struct hx509_collector */*c*/); - -int -_hx509_collector_private_key_add ( - hx509_context /*context*/, - struct hx509_collector */*c*/, - const AlgorithmIdentifier */*alg*/, - hx509_private_key /*private_key*/, - const heim_octet_string */*key_data*/, - const heim_octet_string */*localKeyId*/); - -int -_hx509_create_signature ( - hx509_context /*context*/, - const hx509_private_key /*signer*/, - const AlgorithmIdentifier */*alg*/, - const heim_octet_string */*data*/, - AlgorithmIdentifier */*signatureAlgorithm*/, - heim_octet_string */*sig*/); - -int -_hx509_create_signature_bitstring ( - hx509_context /*context*/, - const hx509_private_key /*signer*/, - const AlgorithmIdentifier */*alg*/, - const heim_octet_string */*data*/, - AlgorithmIdentifier */*signatureAlgorithm*/, - heim_bit_string */*sig*/); - -int -_hx509_find_extension_subject_key_id ( - const Certificate */*issuer*/, - SubjectKeyIdentifier */*si*/); - -int -_hx509_generate_private_key ( - hx509_context /*context*/, - struct hx509_generate_private_context */*ctx*/, - hx509_private_key */*private_key*/); - -int -_hx509_generate_private_key_bits ( - hx509_context /*context*/, - struct hx509_generate_private_context */*ctx*/, - unsigned long /*bits*/); - -void -_hx509_generate_private_key_free (struct hx509_generate_private_context **/*ctx*/); - -int -_hx509_generate_private_key_init ( - hx509_context /*context*/, - const heim_oid */*oid*/, - struct hx509_generate_private_context **/*ctx*/); - -int -_hx509_generate_private_key_is_ca ( - hx509_context /*context*/, - struct hx509_generate_private_context */*ctx*/); - -Certificate * -_hx509_get_cert (hx509_cert /*cert*/); - -void -_hx509_ks_dir_register (hx509_context /*context*/); - -void -_hx509_ks_file_register (hx509_context /*context*/); - -void -_hx509_ks_keychain_register (hx509_context /*context*/); - -void -_hx509_ks_mem_register (hx509_context /*context*/); - -void -_hx509_ks_null_register (hx509_context /*context*/); - -void -_hx509_ks_pkcs11_register (hx509_context /*context*/); - -void -_hx509_ks_pkcs12_register (hx509_context /*context*/); - -void -_hx509_ks_register ( - hx509_context /*context*/, - struct hx509_keyset_ops */*ops*/); - -int -_hx509_lock_find_cert ( - hx509_lock /*lock*/, - const hx509_query */*q*/, - hx509_cert */*c*/); - -const struct _hx509_password * -_hx509_lock_get_passwords (hx509_lock /*lock*/); - -hx509_certs -_hx509_lock_unlock_certs (hx509_lock /*lock*/); - -int -_hx509_map_file ( - const char */*fn*/, - void **/*data*/, - size_t */*length*/, - struct stat */*rsb*/); - -int -_hx509_map_file_os ( - const char */*fn*/, - heim_octet_string */*os*/, - struct stat */*rsb*/); - -int -_hx509_match_keys ( - hx509_cert /*c*/, - hx509_private_key /*private_key*/); - -int -_hx509_name_cmp ( - const Name */*n1*/, - const Name */*n2*/); - -int -_hx509_name_ds_cmp ( - const DirectoryString */*ds1*/, - const DirectoryString */*ds2*/); - -int -_hx509_name_from_Name ( - const Name */*n*/, - hx509_name */*name*/); - -int -_hx509_name_modify ( - hx509_context /*context*/, - Name */*name*/, - int /*append*/, - const heim_oid */*oid*/, - const char */*str*/); - -int -_hx509_parse_private_key ( - hx509_context /*context*/, - const heim_oid */*key_oid*/, - const void */*data*/, - size_t /*len*/, - hx509_private_key */*private_key*/); - -int -_hx509_path_append ( - hx509_context /*context*/, - hx509_path */*path*/, - hx509_cert /*cert*/); - -void -_hx509_path_free (hx509_path */*path*/); - -int -_hx509_pbe_decrypt ( - hx509_context /*context*/, - hx509_lock /*lock*/, - const AlgorithmIdentifier */*ai*/, - const heim_octet_string */*econtent*/, - heim_octet_string */*content*/); - -int -_hx509_pbe_encrypt ( - hx509_context /*context*/, - hx509_lock /*lock*/, - const AlgorithmIdentifier */*ai*/, - const heim_octet_string */*content*/, - heim_octet_string */*econtent*/); - -void -_hx509_pi_printf ( - int (*/*func*/)(void *, const char *), - void */*ctx*/, - const char */*fmt*/, - ...); - -int -_hx509_private_key2SPKI ( - hx509_context /*context*/, - hx509_private_key /*private_key*/, - SubjectPublicKeyInfo */*spki*/); - -void -_hx509_private_key_assign_rsa ( - hx509_private_key /*key*/, - void */*ptr*/); - -int -_hx509_private_key_export ( - hx509_context /*context*/, - const hx509_private_key /*key*/, - heim_octet_string */*data*/); - -int -_hx509_private_key_exportable (hx509_private_key /*key*/); - -int -_hx509_private_key_free (hx509_private_key */*key*/); - -BIGNUM * -_hx509_private_key_get_internal ( - hx509_context /*context*/, - hx509_private_key /*key*/, - const char */*type*/); - -int -_hx509_private_key_init ( - hx509_private_key */*key*/, - hx509_private_key_ops */*ops*/, - void */*keydata*/); - -int -_hx509_private_key_oid ( - hx509_context /*context*/, - const hx509_private_key /*key*/, - heim_oid */*data*/); - -int -_hx509_private_key_private_decrypt ( - hx509_context /*context*/, - const heim_octet_string */*ciphertext*/, - const heim_oid */*encryption_oid*/, - hx509_private_key /*p*/, - heim_octet_string */*cleartext*/); - -hx509_private_key -_hx509_private_key_ref (hx509_private_key /*key*/); - -const char * -_hx509_private_pem_name (hx509_private_key /*key*/); - -int -_hx509_public_encrypt ( - hx509_context /*context*/, - const heim_octet_string */*cleartext*/, - const Certificate */*cert*/, - heim_oid */*encryption_oid*/, - heim_octet_string */*ciphertext*/); - -void -_hx509_query_clear (hx509_query */*q*/); - -int -_hx509_query_match_cert ( - hx509_context /*context*/, - const hx509_query */*q*/, - hx509_cert /*cert*/); - -void -_hx509_query_statistic ( - hx509_context /*context*/, - int /*type*/, - const hx509_query */*q*/); - -int -_hx509_request_add_dns_name ( - hx509_context /*context*/, - hx509_request /*req*/, - const char */*hostname*/); - -int -_hx509_request_add_eku ( - hx509_context /*context*/, - hx509_request /*req*/, - const heim_oid */*oid*/); - -int -_hx509_request_add_email ( - hx509_context /*context*/, - hx509_request /*req*/, - const char */*email*/); - -void -_hx509_request_free (hx509_request */*req*/); - -int -_hx509_request_get_SubjectPublicKeyInfo ( - hx509_context /*context*/, - hx509_request /*req*/, - SubjectPublicKeyInfo */*key*/); - -int -_hx509_request_get_name ( - hx509_context /*context*/, - hx509_request /*req*/, - hx509_name */*name*/); - -int -_hx509_request_init ( - hx509_context /*context*/, - hx509_request */*req*/); - -int -_hx509_request_parse ( - hx509_context /*context*/, - const char */*path*/, - hx509_request */*req*/); - -int -_hx509_request_print ( - hx509_context /*context*/, - hx509_request /*req*/, - FILE */*f*/); - -int -_hx509_request_set_SubjectPublicKeyInfo ( - hx509_context /*context*/, - hx509_request /*req*/, - const SubjectPublicKeyInfo */*key*/); - -int -_hx509_request_set_name ( - hx509_context /*context*/, - hx509_request /*req*/, - hx509_name /*name*/); - -int -_hx509_request_to_pkcs10 ( - hx509_context /*context*/, - const hx509_request /*req*/, - const hx509_private_key /*signer*/, - heim_octet_string */*request*/); - -hx509_revoke_ctx -_hx509_revoke_ref (hx509_revoke_ctx /*ctx*/); - -int -_hx509_set_cert_attribute ( - hx509_context /*context*/, - hx509_cert /*cert*/, - const heim_oid */*oid*/, - const heim_octet_string */*attr*/); - -void -_hx509_unmap_file ( - void */*data*/, - size_t /*len*/); - -void -_hx509_unmap_file_os (heim_octet_string */*os*/); - -int -_hx509_unparse_Name ( - const Name */*aname*/, - char **/*str*/); - -int -_hx509_verify_signature ( - hx509_context /*context*/, - const Certificate */*signer*/, - const AlgorithmIdentifier */*alg*/, - const heim_octet_string */*data*/, - const heim_octet_string */*sig*/); - -int -_hx509_verify_signature_bitstring ( - hx509_context /*context*/, - const Certificate */*signer*/, - const AlgorithmIdentifier */*alg*/, - const heim_octet_string */*data*/, - const heim_bit_string */*sig*/); - -int -_hx509_write_file ( - const char */*fn*/, - const void */*data*/, - size_t /*length*/); - -#endif /* __hx509_private_h__ */ diff --git a/crypto/heimdal/lib/hx509/hx509-protos.h b/crypto/heimdal/lib/hx509/hx509-protos.h deleted file mode 100644 index 50ce1b3df175..000000000000 --- a/crypto/heimdal/lib/hx509/hx509-protos.h +++ /dev/null @@ -1,1049 +0,0 @@ -/* This is a generated file */ -#ifndef __hx509_protos_h__ -#define __hx509_protos_h__ - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#ifndef HX509_LIB_FUNCTION -#if defined(_WIN32) -#define HX509_LIB_FUNCTION _stdcall -#else -#define HX509_LIB_FUNCTION -#endif -#endif - -void -hx509_bitstring_print ( - const heim_bit_string */*b*/, - hx509_vprint_func /*func*/, - void */*ctx*/); - -int -hx509_ca_sign ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/, - hx509_cert /*signer*/, - hx509_cert */*certificate*/); - -int -hx509_ca_sign_self ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/, - hx509_private_key /*signer*/, - hx509_cert */*certificate*/); - -int -hx509_ca_tbs_add_crl_dp_uri ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/, - const char */*uri*/, - hx509_name /*issuername*/); - -int -hx509_ca_tbs_add_eku ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/, - const heim_oid */*oid*/); - -int -hx509_ca_tbs_add_san_hostname ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/, - const char */*dnsname*/); - -int -hx509_ca_tbs_add_san_jid ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/, - const char */*jid*/); - -int -hx509_ca_tbs_add_san_ms_upn ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/, - const char */*principal*/); - -int -hx509_ca_tbs_add_san_otherName ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/, - const heim_oid */*oid*/, - const heim_octet_string */*os*/); - -int -hx509_ca_tbs_add_san_pkinit ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/, - const char */*principal*/); - -int -hx509_ca_tbs_add_san_rfc822name ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/, - const char */*rfc822Name*/); - -void -hx509_ca_tbs_free (hx509_ca_tbs */*tbs*/); - -int -hx509_ca_tbs_init ( - hx509_context /*context*/, - hx509_ca_tbs */*tbs*/); - -int -hx509_ca_tbs_set_ca ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/, - int /*pathLenConstraint*/); - -int -hx509_ca_tbs_set_domaincontroller ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/); - -int -hx509_ca_tbs_set_notAfter ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/, - time_t /*t*/); - -int -hx509_ca_tbs_set_notAfter_lifetime ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/, - time_t /*delta*/); - -int -hx509_ca_tbs_set_notBefore ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/, - time_t /*t*/); - -int -hx509_ca_tbs_set_proxy ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/, - int /*pathLenConstraint*/); - -int -hx509_ca_tbs_set_serialnumber ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/, - const heim_integer */*serialNumber*/); - -int -hx509_ca_tbs_set_spki ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/, - const SubjectPublicKeyInfo */*spki*/); - -int -hx509_ca_tbs_set_subject ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/, - hx509_name /*subject*/); - -int -hx509_ca_tbs_set_template ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/, - int /*flags*/, - hx509_cert /*cert*/); - -int -hx509_ca_tbs_subject_expand ( - hx509_context /*context*/, - hx509_ca_tbs /*tbs*/, - hx509_env /*env*/); - -const struct units * -hx509_ca_tbs_template_units (void); - -int -hx509_cert_binary ( - hx509_context /*context*/, - hx509_cert /*c*/, - heim_octet_string */*os*/); - -int -hx509_cert_check_eku ( - hx509_context /*context*/, - hx509_cert /*cert*/, - const heim_oid */*eku*/, - int /*allow_any_eku*/); - -int -hx509_cert_cmp ( - hx509_cert /*p*/, - hx509_cert /*q*/); - -int -hx509_cert_find_subjectAltName_otherName ( - hx509_context /*context*/, - hx509_cert /*cert*/, - const heim_oid */*oid*/, - hx509_octet_string_list */*list*/); - -void -hx509_cert_free (hx509_cert /*cert*/); - -int -hx509_cert_get_SPKI ( - hx509_context /*context*/, - hx509_cert /*p*/, - SubjectPublicKeyInfo */*spki*/); - -int -hx509_cert_get_SPKI_AlgorithmIdentifier ( - hx509_context /*context*/, - hx509_cert /*p*/, - AlgorithmIdentifier */*alg*/); - -hx509_cert_attribute -hx509_cert_get_attribute ( - hx509_cert /*cert*/, - const heim_oid */*oid*/); - -int -hx509_cert_get_base_subject ( - hx509_context /*context*/, - hx509_cert /*c*/, - hx509_name */*name*/); - -const char * -hx509_cert_get_friendly_name (hx509_cert /*cert*/); - -int -hx509_cert_get_issuer ( - hx509_cert /*p*/, - hx509_name */*name*/); - -time_t -hx509_cert_get_notAfter (hx509_cert /*p*/); - -time_t -hx509_cert_get_notBefore (hx509_cert /*p*/); - -int -hx509_cert_get_serialnumber ( - hx509_cert /*p*/, - heim_integer */*i*/); - -int -hx509_cert_get_subject ( - hx509_cert /*p*/, - hx509_name */*name*/); - -int -hx509_cert_have_private_key (hx509_cert /*p*/); - -int -hx509_cert_init ( - hx509_context /*context*/, - const Certificate */*c*/, - hx509_cert */*cert*/); - -int -hx509_cert_init_data ( - hx509_context /*context*/, - const void */*ptr*/, - size_t /*len*/, - hx509_cert */*cert*/); - -int -hx509_cert_keyusage_print ( - hx509_context /*context*/, - hx509_cert /*c*/, - char **/*s*/); - -hx509_cert -hx509_cert_ref (hx509_cert /*cert*/); - -int -hx509_cert_set_friendly_name ( - hx509_cert /*cert*/, - const char */*name*/); - -int -hx509_certs_add ( - hx509_context /*context*/, - hx509_certs /*certs*/, - hx509_cert /*cert*/); - -int -hx509_certs_append ( - hx509_context /*context*/, - hx509_certs /*to*/, - hx509_lock /*lock*/, - const char */*name*/); - -int -hx509_certs_end_seq ( - hx509_context /*context*/, - hx509_certs /*certs*/, - hx509_cursor /*cursor*/); - -int -hx509_certs_find ( - hx509_context /*context*/, - hx509_certs /*certs*/, - const hx509_query */*q*/, - hx509_cert */*r*/); - -void -hx509_certs_free (hx509_certs */*certs*/); - -int -hx509_certs_info ( - hx509_context /*context*/, - hx509_certs /*certs*/, - int (*/*func*/)(void *, const char *), - void */*ctx*/); - -int -hx509_certs_init ( - hx509_context /*context*/, - const char */*name*/, - int /*flags*/, - hx509_lock /*lock*/, - hx509_certs */*certs*/); - -int -hx509_certs_iter ( - hx509_context /*context*/, - hx509_certs /*certs*/, - int (*/*func*/)(hx509_context, void *, hx509_cert), - void */*ctx*/); - -int -hx509_certs_merge ( - hx509_context /*context*/, - hx509_certs /*to*/, - hx509_certs /*from*/); - -int -hx509_certs_next_cert ( - hx509_context /*context*/, - hx509_certs /*certs*/, - hx509_cursor /*cursor*/, - hx509_cert */*cert*/); - -int -hx509_certs_start_seq ( - hx509_context /*context*/, - hx509_certs /*certs*/, - hx509_cursor */*cursor*/); - -int -hx509_certs_store ( - hx509_context /*context*/, - hx509_certs /*certs*/, - int /*flags*/, - hx509_lock /*lock*/); - -int -hx509_ci_print_names ( - hx509_context /*context*/, - void */*ctx*/, - hx509_cert /*c*/); - -void -hx509_clear_error_string (hx509_context /*context*/); - -int -hx509_cms_create_signed_1 ( - hx509_context /*context*/, - int /*flags*/, - const heim_oid */*eContentType*/, - const void */*data*/, - size_t /*length*/, - const AlgorithmIdentifier */*digest_alg*/, - hx509_cert /*cert*/, - hx509_peer_info /*peer*/, - hx509_certs /*anchors*/, - hx509_certs /*pool*/, - heim_octet_string */*signed_data*/); - -int -hx509_cms_decrypt_encrypted ( - hx509_context /*context*/, - hx509_lock /*lock*/, - const void */*data*/, - size_t /*length*/, - heim_oid */*contentType*/, - heim_octet_string */*content*/); - -int -hx509_cms_envelope_1 ( - hx509_context /*context*/, - int /*flags*/, - hx509_cert /*cert*/, - const void */*data*/, - size_t /*length*/, - const heim_oid */*encryption_type*/, - const heim_oid */*contentType*/, - heim_octet_string */*content*/); - -int -hx509_cms_unenvelope ( - hx509_context /*context*/, - hx509_certs /*certs*/, - int /*flags*/, - const void */*data*/, - size_t /*length*/, - const heim_octet_string */*encryptedContent*/, - heim_oid */*contentType*/, - heim_octet_string */*content*/); - -int -hx509_cms_unwrap_ContentInfo ( - const heim_octet_string */*in*/, - heim_oid */*oid*/, - heim_octet_string */*out*/, - int */*have_data*/); - -int -hx509_cms_verify_signed ( - hx509_context /*context*/, - hx509_verify_ctx /*ctx*/, - const void */*data*/, - size_t /*length*/, - const heim_octet_string */*signedContent*/, - hx509_certs /*pool*/, - heim_oid */*contentType*/, - heim_octet_string */*content*/, - hx509_certs */*signer_certs*/); - -int -hx509_cms_wrap_ContentInfo ( - const heim_oid */*oid*/, - const heim_octet_string */*buf*/, - heim_octet_string */*res*/); - -void -hx509_context_free (hx509_context */*context*/); - -int -hx509_context_init (hx509_context */*context*/); - -void -hx509_context_set_missing_revoke ( - hx509_context /*context*/, - int /*flag*/); - -int -hx509_crl_add_revoked_certs ( - hx509_context /*context*/, - hx509_crl /*crl*/, - hx509_certs /*certs*/); - -int -hx509_crl_alloc ( - hx509_context /*context*/, - hx509_crl */*crl*/); - -void -hx509_crl_free ( - hx509_context /*context*/, - hx509_crl */*crl*/); - -int -hx509_crl_lifetime ( - hx509_context /*context*/, - hx509_crl /*crl*/, - int /*delta*/); - -int -hx509_crl_sign ( - hx509_context /*context*/, - hx509_cert /*signer*/, - hx509_crl /*crl*/, - heim_octet_string */*os*/); - -const AlgorithmIdentifier * -hx509_crypto_aes128_cbc (void); - -const AlgorithmIdentifier * -hx509_crypto_aes256_cbc (void); - -int -hx509_crypto_available ( - hx509_context /*context*/, - int /*type*/, - hx509_cert /*source*/, - AlgorithmIdentifier **/*val*/, - unsigned int */*plen*/); - -int -hx509_crypto_decrypt ( - hx509_crypto /*crypto*/, - const void */*data*/, - const size_t /*length*/, - heim_octet_string */*ivec*/, - heim_octet_string */*clear*/); - -const AlgorithmIdentifier * -hx509_crypto_des_rsdi_ede3_cbc (void); - -void -hx509_crypto_destroy (hx509_crypto /*crypto*/); - -int -hx509_crypto_encrypt ( - hx509_crypto /*crypto*/, - const void */*data*/, - const size_t /*length*/, - const heim_octet_string */*ivec*/, - heim_octet_string **/*ciphertext*/); - -const heim_oid * -hx509_crypto_enctype_by_name (const char */*name*/); - -void -hx509_crypto_free_algs ( - AlgorithmIdentifier */*val*/, - unsigned int /*len*/); - -int -hx509_crypto_get_params ( - hx509_context /*context*/, - hx509_crypto /*crypto*/, - const heim_octet_string */*ivec*/, - heim_octet_string */*param*/); - -int -hx509_crypto_init ( - hx509_context /*context*/, - const char */*provider*/, - const heim_oid */*enctype*/, - hx509_crypto */*crypto*/); - -const char * -hx509_crypto_provider (hx509_crypto /*crypto*/); - -int -hx509_crypto_random_iv ( - hx509_crypto /*crypto*/, - heim_octet_string */*ivec*/); - -int -hx509_crypto_select ( - const hx509_context /*context*/, - int /*type*/, - const hx509_private_key /*source*/, - hx509_peer_info /*peer*/, - AlgorithmIdentifier */*selected*/); - -int -hx509_crypto_set_key_data ( - hx509_crypto /*crypto*/, - const void */*data*/, - size_t /*length*/); - -int -hx509_crypto_set_key_name ( - hx509_crypto /*crypto*/, - const char */*name*/); - -int -hx509_crypto_set_params ( - hx509_context /*context*/, - hx509_crypto /*crypto*/, - const heim_octet_string */*param*/, - heim_octet_string */*ivec*/); - -int -hx509_crypto_set_random_key ( - hx509_crypto /*crypto*/, - heim_octet_string */*key*/); - -int -hx509_env_add ( - hx509_context /*context*/, - hx509_env /*env*/, - const char */*key*/, - const char */*value*/); - -void -hx509_env_free (hx509_env */*env*/); - -int -hx509_env_init ( - hx509_context /*context*/, - hx509_env */*env*/); - -const char * -hx509_env_lfind ( - hx509_context /*context*/, - hx509_env /*env*/, - const char */*key*/, - size_t /*len*/); - -void -hx509_err ( - hx509_context /*context*/, - int /*exit_code*/, - int /*error_code*/, - const char */*fmt*/, - ...); - -void -hx509_free_error_string (char */*str*/); - -void -hx509_free_octet_string_list (hx509_octet_string_list */*list*/); - -int -hx509_general_name_unparse ( - GeneralName */*name*/, - char **/*str*/); - -char * -hx509_get_error_string ( - hx509_context /*context*/, - int /*error_code*/); - -int -hx509_get_one_cert ( - hx509_context /*context*/, - hx509_certs /*certs*/, - hx509_cert */*c*/); - -int -hx509_lock_add_cert ( - hx509_context /*context*/, - hx509_lock /*lock*/, - hx509_cert /*cert*/); - -int -hx509_lock_add_certs ( - hx509_context /*context*/, - hx509_lock /*lock*/, - hx509_certs /*certs*/); - -int -hx509_lock_add_password ( - hx509_lock /*lock*/, - const char */*password*/); - -int -hx509_lock_command_string ( - hx509_lock /*lock*/, - const char */*string*/); - -void -hx509_lock_free (hx509_lock /*lock*/); - -int -hx509_lock_init ( - hx509_context /*context*/, - hx509_lock */*lock*/); - -int -hx509_lock_prompt ( - hx509_lock /*lock*/, - hx509_prompt */*prompt*/); - -void -hx509_lock_reset_certs ( - hx509_context /*context*/, - hx509_lock /*lock*/); - -void -hx509_lock_reset_passwords (hx509_lock /*lock*/); - -void -hx509_lock_reset_promper (hx509_lock /*lock*/); - -int -hx509_lock_set_prompter ( - hx509_lock /*lock*/, - hx509_prompter_fct /*prompt*/, - void */*data*/); - -int -hx509_name_binary ( - const hx509_name /*name*/, - heim_octet_string */*os*/); - -int -hx509_name_cmp ( - hx509_name /*n1*/, - hx509_name /*n2*/); - -int -hx509_name_copy ( - hx509_context /*context*/, - const hx509_name /*from*/, - hx509_name */*to*/); - -int -hx509_name_expand ( - hx509_context /*context*/, - hx509_name /*name*/, - hx509_env /*env*/); - -void -hx509_name_free (hx509_name */*name*/); - -int -hx509_name_is_null_p (const hx509_name /*name*/); - -int -hx509_name_normalize ( - hx509_context /*context*/, - hx509_name /*name*/); - -int -hx509_name_to_Name ( - const hx509_name /*from*/, - Name */*to*/); - -int -hx509_name_to_string ( - const hx509_name /*name*/, - char **/*str*/); - -int -hx509_ocsp_request ( - hx509_context /*context*/, - hx509_certs /*reqcerts*/, - hx509_certs /*pool*/, - hx509_cert /*signer*/, - const AlgorithmIdentifier */*digest*/, - heim_octet_string */*request*/, - heim_octet_string */*nonce*/); - -int -hx509_ocsp_verify ( - hx509_context /*context*/, - time_t /*now*/, - hx509_cert /*cert*/, - int /*flags*/, - const void */*data*/, - size_t /*length*/, - time_t */*expiration*/); - -void -hx509_oid_print ( - const heim_oid */*oid*/, - hx509_vprint_func /*func*/, - void */*ctx*/); - -int -hx509_oid_sprint ( - const heim_oid */*oid*/, - char **/*str*/); - -int -hx509_parse_name ( - hx509_context /*context*/, - const char */*str*/, - hx509_name */*name*/); - -int -hx509_peer_info_alloc ( - hx509_context /*context*/, - hx509_peer_info */*peer*/); - -void -hx509_peer_info_free (hx509_peer_info /*peer*/); - -int -hx509_peer_info_set_cert ( - hx509_peer_info /*peer*/, - hx509_cert /*cert*/); - -int -hx509_peer_info_set_cms_algs ( - hx509_context /*context*/, - hx509_peer_info /*peer*/, - const AlgorithmIdentifier */*val*/, - size_t /*len*/); - -int -hx509_pem_add_header ( - hx509_pem_header **/*headers*/, - const char */*header*/, - const char */*value*/); - -const char * -hx509_pem_find_header ( - const hx509_pem_header */*h*/, - const char */*header*/); - -void -hx509_pem_free_header (hx509_pem_header */*headers*/); - -int -hx509_pem_read ( - hx509_context /*context*/, - FILE */*f*/, - hx509_pem_read_func /*func*/, - void */*ctx*/); - -int -hx509_pem_write ( - hx509_context /*context*/, - const char */*type*/, - hx509_pem_header */*headers*/, - FILE */*f*/, - const void */*data*/, - size_t /*size*/); - -void -hx509_print_stdout ( - void */*ctx*/, - const char */*fmt*/, - va_list /*va*/); - -int -hx509_prompt_hidden (hx509_prompt_type /*type*/); - -int -hx509_query_alloc ( - hx509_context /*context*/, - hx509_query **/*q*/); - -void -hx509_query_free ( - hx509_context /*context*/, - hx509_query */*q*/); - -int -hx509_query_match_cmp_func ( - hx509_query */*q*/, - int (*/*func*/)(void *, hx509_cert), - void */*ctx*/); - -int -hx509_query_match_friendly_name ( - hx509_query */*q*/, - const char */*name*/); - -int -hx509_query_match_issuer_serial ( - hx509_query */*q*/, - const Name */*issuer*/, - const heim_integer */*serialNumber*/); - -void -hx509_query_match_option ( - hx509_query */*q*/, - hx509_query_option /*option*/); - -void -hx509_query_statistic_file ( - hx509_context /*context*/, - const char */*fn*/); - -void -hx509_query_unparse_stats ( - hx509_context /*context*/, - int /*printtype*/, - FILE */*out*/); - -int -hx509_revoke_add_crl ( - hx509_context /*context*/, - hx509_revoke_ctx /*ctx*/, - const char */*path*/); - -int -hx509_revoke_add_ocsp ( - hx509_context /*context*/, - hx509_revoke_ctx /*ctx*/, - const char */*path*/); - -void -hx509_revoke_free (hx509_revoke_ctx */*ctx*/); - -int -hx509_revoke_init ( - hx509_context /*context*/, - hx509_revoke_ctx */*ctx*/); - -int -hx509_revoke_ocsp_print ( - hx509_context /*context*/, - const char */*path*/, - FILE */*out*/); - -int -hx509_revoke_verify ( - hx509_context /*context*/, - hx509_revoke_ctx /*ctx*/, - hx509_certs /*certs*/, - time_t /*now*/, - hx509_cert /*cert*/, - hx509_cert /*parent_cert*/); - -void -hx509_set_error_string ( - hx509_context /*context*/, - int /*flags*/, - int /*code*/, - const char */*fmt*/, - ...); - -void -hx509_set_error_stringv ( - hx509_context /*context*/, - int /*flags*/, - int /*code*/, - const char */*fmt*/, - va_list /*ap*/); - -const AlgorithmIdentifier * -hx509_signature_md2 (void); - -const AlgorithmIdentifier * -hx509_signature_md5 (void); - -const AlgorithmIdentifier * -hx509_signature_rsa (void); - -const AlgorithmIdentifier * -hx509_signature_rsa_pkcs1_x509 (void); - -const AlgorithmIdentifier * -hx509_signature_rsa_with_md2 (void); - -const AlgorithmIdentifier * -hx509_signature_rsa_with_md5 (void); - -const AlgorithmIdentifier * -hx509_signature_rsa_with_sha1 (void); - -const AlgorithmIdentifier * -hx509_signature_rsa_with_sha256 (void); - -const AlgorithmIdentifier * -hx509_signature_rsa_with_sha384 (void); - -const AlgorithmIdentifier * -hx509_signature_rsa_with_sha512 (void); - -const AlgorithmIdentifier * -hx509_signature_sha1 (void); - -const AlgorithmIdentifier * -hx509_signature_sha256 (void); - -const AlgorithmIdentifier * -hx509_signature_sha384 (void); - -const AlgorithmIdentifier * -hx509_signature_sha512 (void); - -int -hx509_unparse_der_name ( - const void */*data*/, - size_t /*length*/, - char **/*str*/); - -int -hx509_validate_cert ( - hx509_context /*context*/, - hx509_validate_ctx /*ctx*/, - hx509_cert /*cert*/); - -void -hx509_validate_ctx_add_flags ( - hx509_validate_ctx /*ctx*/, - int /*flags*/); - -void -hx509_validate_ctx_free (hx509_validate_ctx /*ctx*/); - -int -hx509_validate_ctx_init ( - hx509_context /*context*/, - hx509_validate_ctx */*ctx*/); - -void -hx509_validate_ctx_set_print ( - hx509_validate_ctx /*ctx*/, - hx509_vprint_func /*func*/, - void */*c*/); - -void -hx509_verify_attach_anchors ( - hx509_verify_ctx /*ctx*/, - hx509_certs /*set*/); - -void -hx509_verify_attach_revoke ( - hx509_verify_ctx /*ctx*/, - hx509_revoke_ctx /*revoke_ctx*/); - -void -hx509_verify_ctx_f_allow_default_trustanchors ( - hx509_verify_ctx /*ctx*/, - int /*boolean*/); - -void -hx509_verify_destroy_ctx (hx509_verify_ctx /*ctx*/); - -int -hx509_verify_hostname ( - hx509_context /*context*/, - const hx509_cert /*cert*/, - int /*flags*/, - hx509_hostname_type /*type*/, - const char */*hostname*/, - const struct sockaddr */*sa*/, - int /*sa_size*/); - -int -hx509_verify_init_ctx ( - hx509_context /*context*/, - hx509_verify_ctx */*ctx*/); - -int -hx509_verify_path ( - hx509_context /*context*/, - hx509_verify_ctx /*ctx*/, - hx509_cert /*cert*/, - hx509_certs /*pool*/); - -void -hx509_verify_set_max_depth ( - hx509_verify_ctx /*ctx*/, - unsigned int /*max_depth*/); - -void -hx509_verify_set_proxy_certificate ( - hx509_verify_ctx /*ctx*/, - int /*boolean*/); - -void -hx509_verify_set_strict_rfc3280_verification ( - hx509_verify_ctx /*ctx*/, - int /*boolean*/); - -void -hx509_verify_set_time ( - hx509_verify_ctx /*ctx*/, - time_t /*t*/); - -int -hx509_verify_signature ( - hx509_context /*context*/, - const hx509_cert /*signer*/, - const AlgorithmIdentifier */*alg*/, - const heim_octet_string */*data*/, - const heim_octet_string */*sig*/); - -void -hx509_xfree (void */*ptr*/); - -#ifdef __cplusplus -} -#endif - -#endif /* __hx509_protos_h__ */ diff --git a/crypto/heimdal/lib/hx509/hx509.h b/crypto/heimdal/lib/hx509/hx509.h deleted file mode 100644 index be02f6347490..000000000000 --- a/crypto/heimdal/lib/hx509/hx509.h +++ /dev/null @@ -1,148 +0,0 @@ -/* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: hx509.h 22464 2008-01-16 14:24:50Z lha $ */ - -typedef struct hx509_cert_attribute_data *hx509_cert_attribute; -typedef struct hx509_cert_data *hx509_cert; -typedef struct hx509_certs_data *hx509_certs; -typedef struct hx509_context_data *hx509_context; -typedef struct hx509_crypto_data *hx509_crypto; -typedef struct hx509_lock_data *hx509_lock; -typedef struct hx509_name_data *hx509_name; -typedef struct hx509_private_key *hx509_private_key; -typedef struct hx509_validate_ctx_data *hx509_validate_ctx; -typedef struct hx509_verify_ctx_data *hx509_verify_ctx; -typedef struct hx509_revoke_ctx_data *hx509_revoke_ctx; -typedef struct hx509_query_data hx509_query; -typedef void * hx509_cursor; -typedef struct hx509_request_data *hx509_request; -typedef struct hx509_error_data *hx509_error; -typedef struct hx509_peer_info *hx509_peer_info; -typedef struct hx509_ca_tbs *hx509_ca_tbs; -typedef struct hx509_env *hx509_env; -typedef struct hx509_crl *hx509_crl; - -typedef void (*hx509_vprint_func)(void *, const char *, va_list); - -enum { - HX509_VHN_F_ALLOW_NO_MATCH = 1 -}; - -enum { - HX509_VALIDATE_F_VALIDATE = 1, - HX509_VALIDATE_F_VERBOSE = 2 -}; - -struct hx509_cert_attribute_data { - heim_oid oid; - heim_octet_string data; -}; - -typedef enum { - HX509_PROMPT_TYPE_PASSWORD = 0x1, /* password, hidden */ - HX509_PROMPT_TYPE_QUESTION = 0x2, /* question, not hidden */ - HX509_PROMPT_TYPE_INFO = 0x4 /* infomation, reply doesn't matter */ -} hx509_prompt_type; - -typedef struct hx509_prompt { - const char *prompt; - hx509_prompt_type type; - heim_octet_string reply; -} hx509_prompt; - -typedef int (*hx509_prompter_fct)(void *, const hx509_prompt *); - -typedef struct hx509_octet_string_list { - size_t len; - heim_octet_string *val; -} hx509_octet_string_list; - -typedef struct hx509_pem_header { - struct hx509_pem_header *next; - char *header; - char *value; -} hx509_pem_header; - -typedef int -(*hx509_pem_read_func)(hx509_context, const char *, const hx509_pem_header *, - const void *, size_t, void *ctx); - -/* - * Options passed to hx509_query_match_option. - */ -typedef enum { - HX509_QUERY_OPTION_PRIVATE_KEY = 1, - HX509_QUERY_OPTION_KU_ENCIPHERMENT = 2, - HX509_QUERY_OPTION_KU_DIGITALSIGNATURE = 3, - HX509_QUERY_OPTION_KU_KEYCERTSIGN = 4, - HX509_QUERY_OPTION_END = 0xffff -} hx509_query_option; - -/* flags to hx509_certs_init */ -#define HX509_CERTS_CREATE 0x01 -#define HX509_CERTS_UNPROTECT_ALL 0x02 - -/* flags to hx509_set_error_string */ -#define HX509_ERROR_APPEND 0x01 - -/* flags to hx509_cms_unenvelope */ -#define HX509_CMS_UE_DONT_REQUIRE_KU_ENCIPHERMENT 0x01 - -/* selectors passed to hx509_crypto_select and hx509_crypto_available */ -#define HX509_SELECT_ALL 0 -#define HX509_SELECT_DIGEST 1 -#define HX509_SELECT_PUBLIC_SIG 2 -#define HX509_SELECT_PUBLIC_ENC 3 -#define HX509_SELECT_SECRET_ENC 4 - -/* flags to hx509_ca_tbs_set_template */ -#define HX509_CA_TEMPLATE_SUBJECT 1 -#define HX509_CA_TEMPLATE_SERIAL 2 -#define HX509_CA_TEMPLATE_NOTBEFORE 4 -#define HX509_CA_TEMPLATE_NOTAFTER 8 -#define HX509_CA_TEMPLATE_SPKI 16 -#define HX509_CA_TEMPLATE_KU 32 -#define HX509_CA_TEMPLATE_EKU 64 - -/* flags hx509_cms_create_signed* */ -#define HX509_CMS_SIGATURE_DETACHED 1 -#define HX509_CMS_SIGATURE_ID_NAME 2 - -/* hx509_verify_hostname nametype */ -typedef enum { - HX509_HN_HOSTNAME = 0, - HX509_HN_DNSSRV -} hx509_hostname_type; - -#include diff --git a/crypto/heimdal/lib/hx509/hx509_err.et b/crypto/heimdal/lib/hx509/hx509_err.et deleted file mode 100644 index 8fc5cb8f2f7e..000000000000 --- a/crypto/heimdal/lib/hx509/hx509_err.et +++ /dev/null @@ -1,101 +0,0 @@ -# -# Error messages for the hx509 library -# -# This might look like a com_err file, but is not -# -id "$Id: hx509_err.et 22329 2007-12-15 05:13:14Z lha $" - -error_table hx -prefix HX509 - -# path validateion and construction related errors -error_code BAD_TIMEFORMAT, "ASN.1 failed call to system time library" -error_code EXTENSION_NOT_FOUND, "Extension not found" -error_code NO_PATH, "Certification path not found" -error_code PARENT_NOT_CA, "Parent certificate is not a CA" -error_code CA_PATH_TOO_DEEP, "CA path too deep" -error_code SIG_ALG_NO_SUPPORTED, "Signature algorithm not supported" -error_code SIG_ALG_DONT_MATCH_KEY_ALG, "Signature algorithm doesn't match certificate key" -error_code CERT_USED_BEFORE_TIME, "Certificate used before it became valid" -error_code CERT_USED_AFTER_TIME, "Certificate used after it became invalid" -error_code PRIVATE_KEY_MISSING, "Private key required for the operation is missing" -error_code ALG_NOT_SUPP, "Algorithm not supported" -error_code ISSUER_NOT_FOUND, "Issuer couldn't be found" -error_code VERIFY_CONSTRAINTS, "Error verifing constraints" -error_code RANGE, "Number too large" -error_code NAME_CONSTRAINT_ERROR, "Error while verifing name constraints" -error_code PATH_TOO_LONG, "Path is too long, failed to find valid anchor" -error_code KU_CERT_MISSING, "Required keyusage for this certificate is missing" -error_code CERT_NOT_FOUND, "Certificate not found" -error_code UNKNOWN_LOCK_COMMAND, "Unknown lock command" -error_code PARENT_IS_CA, "Parent certificate is a CA" -error_code EXTRA_DATA_AFTER_STRUCTURE, "Extra data was found after the structure" -error_code PROXY_CERT_INVALID, "Proxy certificate is invalid" -error_code PROXY_CERT_NAME_WRONG, "Proxy certificate name is wrong" -error_code NAME_MALFORMED, "Name is malformated" -error_code CERTIFICATE_MALFORMED, "Certificate is malformated" -error_code CERTIFICATE_MISSING_EKU, "Certificate is missing a required EKU" -error_code PROXY_CERTIFICATE_NOT_CANONICALIZED, "Proxy certificate not canonicalize" - -# cms related errors -index 32 -prefix HX509_CMS -error_code FAILED_CREATE_SIGATURE, "Failed to create signature" -error_code MISSING_SIGNER_DATA, "Missing signer data" -error_code SIGNER_NOT_FOUND, "Couldn't find signers certificate" -error_code NO_DATA_AVAILABLE, "No data to perform the operation on" -error_code INVALID_DATA, "Data in the message is invalid" -error_code PADDING_ERROR, "Padding in the message invalid" -error_code NO_RECIPIENT_CERTIFICATE, "Couldn't find recipient certificate" -error_code DATA_OID_MISMATCH, "Mismatch bewteen signed type and unsigned type" - -# crypto related errors -index 64 -prefix HX509_CRYPTO -error_code INTERNAL_ERROR, "Internal error in the crypto engine" -error_code EXTERNAL_ERROR, "External error in the crypto engine" -error_code SIGNATURE_MISSING, "Signature missing for data" -error_code BAD_SIGNATURE, "Signature is not valid" -error_code SIG_NO_CONF, "Sigature doesn't provide confidentiality" -error_code SIG_INVALID_FORMAT, "Invalid format on signature" -error_code OID_MISMATCH, "Mismatch bewteen oids" -error_code NO_PROMPTER, "No prompter function defined" -error_code SIGNATURE_WITHOUT_SIGNER, "Signature require signer, but non available" -error_code RSA_PUBLIC_ENCRYPT, "RSA public encyption failed" -error_code RSA_PRIVATE_ENCRYPT, "RSA public encyption failed" -error_code RSA_PUBLIC_DECRYPT, "RSA private decryption failed" -error_code RSA_PRIVATE_DECRYPT, "RSA private decryption failed" - -# revoke related errors -index 96 -prefix HX509 -error_code CRL_USED_BEFORE_TIME, "CRL used before it became valid" -error_code CRL_USED_AFTER_TIME, "CRL used after it became invalid" -error_code CRL_INVALID_FORMAT, "CRL have invalid format" -error_code CERT_REVOKED, "Certificate is revoked" -error_code REVOKE_STATUS_MISSING, "No revoke status found for certificates" -error_code CRL_UNKNOWN_EXTENSION, "Unknown extension" -error_code REVOKE_WRONG_DATA, "Got wrong CRL/OCSP data from server" -error_code REVOKE_NOT_SAME_PARENT, "Doesn't have same parent as other certificates" -error_code CERT_NOT_IN_OCSP, "Certificates not in OCSP reply" - -# misc error -index 108 -error_code LOCAL_ATTRIBUTE_MISSING, "No local key attribute" -error_code PARSING_KEY_FAILED, "Failed to parse key" -error_code UNSUPPORTED_OPERATION, "Unsupported operation" -error_code UNIMPLEMENTED_OPERATION, "Unimplemented operation" -error_code PARSING_NAME_FAILED, "Failed to parse name" - -# keystore related error -index 128 -prefix HX509_PKCS11 -error_code NO_SLOT, "No smartcard reader/device found" -error_code NO_TOKEN, "No smartcard in reader" -error_code NO_MECH, "No supported mech(s)" -error_code TOKEN_CONFUSED, "Token or slot failed in inconsistent way" -error_code OPEN_SESSION, "Failed to open session to slot" -error_code LOGIN, "Failed to login to slot" -error_code LOAD, "Failed to load PKCS module" - -end diff --git a/crypto/heimdal/lib/hx509/hx_locl.h b/crypto/heimdal/lib/hx509/hx_locl.h deleted file mode 100644 index 145bfcc006d0..000000000000 --- a/crypto/heimdal/lib/hx509/hx_locl.h +++ /dev/null @@ -1,199 +0,0 @@ -/* - * Copyright (c) 2004 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: hx_locl.h 21083 2007-06-13 02:11:19Z lha $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include - -#include "crypto-headers.h" - -struct hx509_keyset_ops; -struct hx509_collector; -struct hx509_generate_private_context; -typedef struct hx509_path hx509_path; - -#include - -typedef void (*_hx509_cert_release_func)(struct hx509_cert_data *, void *); - -typedef struct hx509_private_key_ops hx509_private_key_ops; - -#include -#include - -struct hx509_peer_info { - hx509_cert cert; - AlgorithmIdentifier *val; - size_t len; -}; - -#define HX509_CERTS_FIND_SERIALNUMBER 1 -#define HX509_CERTS_FIND_ISSUER 2 -#define HX509_CERTS_FIND_SUBJECT 4 -#define HX509_CERTS_FIND_ISSUER_KEY_ID 8 -#define HX509_CERTS_FIND_SUBJECT_KEY_ID 16 - -struct hx509_name_data { - Name der_name; -}; - -struct hx509_path { - size_t len; - hx509_cert *val; -}; - -struct hx509_query_data { - int match; -#define HX509_QUERY_FIND_ISSUER_CERT 0x000001 -#define HX509_QUERY_MATCH_SERIALNUMBER 0x000002 -#define HX509_QUERY_MATCH_ISSUER_NAME 0x000004 -#define HX509_QUERY_MATCH_SUBJECT_NAME 0x000008 -#define HX509_QUERY_MATCH_SUBJECT_KEY_ID 0x000010 -#define HX509_QUERY_MATCH_ISSUER_ID 0x000020 -#define HX509_QUERY_PRIVATE_KEY 0x000040 -#define HX509_QUERY_KU_ENCIPHERMENT 0x000080 -#define HX509_QUERY_KU_DIGITALSIGNATURE 0x000100 -#define HX509_QUERY_KU_KEYCERTSIGN 0x000200 -#define HX509_QUERY_KU_CRLSIGN 0x000400 -#define HX509_QUERY_KU_NONREPUDIATION 0x000800 -#define HX509_QUERY_KU_KEYAGREEMENT 0x001000 -#define HX509_QUERY_KU_DATAENCIPHERMENT 0x002000 -#define HX509_QUERY_ANCHOR 0x004000 -#define HX509_QUERY_MATCH_CERTIFICATE 0x008000 -#define HX509_QUERY_MATCH_LOCAL_KEY_ID 0x010000 -#define HX509_QUERY_NO_MATCH_PATH 0x020000 -#define HX509_QUERY_MATCH_FRIENDLY_NAME 0x040000 -#define HX509_QUERY_MATCH_FUNCTION 0x080000 -#define HX509_QUERY_MATCH_KEY_HASH_SHA1 0x100000 -#define HX509_QUERY_MATCH_TIME 0x200000 -#define HX509_QUERY_MASK 0x3fffff - Certificate *subject; - Certificate *certificate; - heim_integer *serial; - heim_octet_string *subject_id; - heim_octet_string *local_key_id; - Name *issuer_name; - Name *subject_name; - hx509_path *path; - char *friendlyname; - int (*cmp_func)(void *, hx509_cert); - void *cmp_func_ctx; - heim_octet_string *keyhash_sha1; - time_t timenow; -}; - -struct hx509_keyset_ops { - const char *name; - int flags; - int (*init)(hx509_context, hx509_certs, void **, - int, const char *, hx509_lock); - int (*store)(hx509_context, hx509_certs, void *, int, hx509_lock); - int (*free)(hx509_certs, void *); - int (*add)(hx509_context, hx509_certs, void *, hx509_cert); - int (*query)(hx509_context, hx509_certs, void *, - const hx509_query *, hx509_cert *); - int (*iter_start)(hx509_context, hx509_certs, void *, void **); - int (*iter)(hx509_context, hx509_certs, void *, void *, hx509_cert *); - int (*iter_end)(hx509_context, hx509_certs, void *, void *); - int (*printinfo)(hx509_context, hx509_certs, - void *, int (*)(void *, const char *), void *); - int (*getkeys)(hx509_context, hx509_certs, void *, hx509_private_key **); - int (*addkey)(hx509_context, hx509_certs, void *, hx509_private_key); -}; - -struct _hx509_password { - size_t len; - char **val; -}; - -extern hx509_lock _hx509_empty_lock; - -struct hx509_context_data { - struct hx509_keyset_ops **ks_ops; - int ks_num_ops; - int flags; -#define HX509_CTX_VERIFY_MISSING_OK 1 - int ocsp_time_diff; -#define HX509_DEFAULT_OCSP_TIME_DIFF (5*60) - hx509_error error; - struct et_list *et_list; - char *querystat; - hx509_certs default_trust_anchors; -}; - -/* _hx509_calculate_path flag field */ -#define HX509_CALCULATE_PATH_NO_ANCHOR 1 - -extern const AlgorithmIdentifier * _hx509_crypto_default_sig_alg; -extern const AlgorithmIdentifier * _hx509_crypto_default_digest_alg; -extern const AlgorithmIdentifier * _hx509_crypto_default_secret_alg; - -/* - * Configurable options - */ - -#ifdef __APPLE__ -#define HX509_DEFAULT_ANCHORS "KEYCHAIN:system-anchors" -#endif diff --git a/crypto/heimdal/lib/hx509/hxtool-commands.in b/crypto/heimdal/lib/hx509/hxtool-commands.in deleted file mode 100644 index b648ecf584ae..000000000000 --- a/crypto/heimdal/lib/hx509/hxtool-commands.in +++ /dev/null @@ -1,707 +0,0 @@ -/* - * Copyright (c) 2005 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $Id: hxtool-commands.in 21343 2007-06-26 14:21:55Z lha $ */ - -command = { - name = "cms-create-sd" - option = { - long = "certificate" - short = "c" - type = "strings" - argument = "certificate-store" - help = "certificate stores to pull certificates from" - } - option = { - long = "signer" - short = "s" - type = "string" - argument = "signer-friendly-name" - help = "certificate to sign with" - } - option = { - long = "anchors" - type = "strings" - argument = "certificate-store" - help = "trust anchors" - } - option = { - long = "pool" - type = "strings" - argument = "certificate-pool" - help = "certificate store to pull certificates from" - } - option = { - long = "pass" - type = "strings" - argument = "password" - help = "password, prompter, or environment" - } - option = { - long = "peer-alg" - type = "strings" - argument = "oid" - help = "oid that the peer support" - } - option = { - long = "content-type" - type = "string" - argument = "oid" - help = "content type oid" - } - option = { - long = "content-info" - type = "flag" - help = "wrapped out-data in a ContentInfo" - } - option = { - long = "pem" - type = "flag" - help = "wrap out-data in PEM armor" - } - option = { - long = "detached-signature" - type = "flag" - help = "create a detached signature" - } - option = { - long = "id-by-name" - type = "flag" - help = "use subject name for CMS Identifier" - } - min_args="2" - max_args="2" - argument="in-file out-file" - help = "Wrap a file within a SignedData object" -} -command = { - name = "cms-verify-sd" - option = { - long = "anchors" - type = "strings" - argument = "certificate-store" - help = "trust anchors" - } - option = { - long = "certificate" - short = "c" - type = "strings" - argument = "certificate-store" - help = "certificate store to pull certificates from" - } - option = { - long = "pass" - type = "strings" - argument = "password" - help = "password, prompter, or environment" - } - option = { - long = "missing-revoke" - type = "flag" - help = "missing CRL/OCSP is ok" - } - option = { - long = "content-info" - type = "flag" - help = "unwrap in-data that's in a ContentInfo" - } - option = { - long = "signed-content" - type = "string" - help = "file containing content" - } - min_args="2" - max_args="2" - argument="in-file out-file" - help = "Verify a file within a SignedData object" -} -command = { - name = "cms-unenvelope" - option = { - long = "certificate" - short = "c" - type = "strings" - argument = "certificate-store" - help = "certificate used to decrypt the data" - } - option = { - long = "pass" - type = "strings" - argument = "password" - help = "password, prompter, or environment" - } - option = { - long = "content-info" - type = "flag" - help = "wrapped out-data in a ContentInfo" - } - min_args="2" - argument="in-file out-file" - help = "Unenvelope a file containing a EnvelopedData object" -} -command = { - name = "cms-envelope" - function = "cms_create_enveloped" - option = { - long = "certificate" - short = "c" - type = "strings" - argument = "certificate-store" - help = "certificates used to receive the data" - } - option = { - long = "pass" - type = "strings" - argument = "password" - help = "password, prompter, or environment" - } - option = { - long = "encryption-type" - type = "string" - argument = "enctype" - help = "enctype" - } - option = { - long = "content-type" - type = "string" - argument = "oid" - help = "content type oid" - } - option = { - long = "content-info" - type = "flag" - help = "wrapped out-data in a ContentInfo" - } - min_args="2" - argument="in-file out-file" - help = "Envelope a file containing a EnvelopedData object" -} -command = { - name = "verify" - function = "pcert_verify" - option = { - long = "pass" - type = "strings" - argument = "password" - help = "password, prompter, or environment" - } - option = { - long = "allow-proxy-certificate" - type = "flag" - help = "allow proxy certificates" - } - option = { - long = "missing-revoke" - type = "flag" - help = "missing CRL/OCSP is ok" - } - option = { - long = "time" - type = "string" - help = "time when to validate the chain" - } - option = { - long = "verbose" - short = "v" - type = "flag" - help = "verbose logging" - } - option = { - long = "max-depth" - type = "integer" - help = "maximum search length of certificate trust anchor" - } - option = { - long = "hostname" - type = "string" - help = "match hostname to certificate" - } - argument = "cert:foo chain:cert1 chain:cert2 anchor:anchor1 anchor:anchor2" - help = "Verify certificate chain" -} -command = { - name = "print" - function = "pcert_print" - option = { - long = "pass" - type = "strings" - argument = "password" - help = "password, prompter, or environment" - } - option = { - long = "content" - type = "flag" - help = "print the content of the certificates" - } - option = { - long = "info" - type = "flag" - help = "print the information about the certificate store" - } - min_args="1" - argument="certificate ..." - help = "Print certificates" -} -command = { - name = "validate" - function = "pcert_validate" - option = { - long = "pass" - type = "strings" - argument = "password" - help = "password, prompter, or environment" - } - min_args="1" - argument="certificate ..." - help = "Validate content of certificates" -} -command = { - name = "certificate-copy" - name = "cc" - option = { - long = "in-pass" - type = "strings" - argument = "password" - help = "password, prompter, or environment" - } - option = { - long = "out-pass" - type = "string" - argument = "password" - help = "password, prompter, or environment" - } - min_args="2" - argument="in-certificates-1 ... out-certificate" - help = "Copy in certificates stores into out certificate store" -} -command = { - name = "ocsp-fetch" - option = { - long = "pass" - type = "strings" - argument = "password" - help = "password, prompter, or environment" - } - option = { - long = "sign" - type = "string" - argument = "certificate" - help = "certificate use to sign the request" - } - option = { - long = "url-path" - type = "string" - argument = "url" - help = "part after host in url to put in the request" - } - option = { - long = "nonce" - type = "-flag" - default = "1" - help = "don't include nonce in request" - } - option = { - long = "pool" - type = "strings" - argument = "certificate-store" - help = "pool to find parent certificate in" - } - min_args="2" - argument="outfile certs ..." - help = "Fetch OCSP responses for the following certs" -} -command = { - option = { - long = "ocsp-file" - type = "string" - help = "OCSP file" - } - name = "ocsp-verify" - min_args="1" - argument="certificates ..." - help = "Check that certificates are in OCSP file and valid" -} -command = { - name = "ocsp-print" - option = { - long = "verbose" - type = "flag" - help = "verbose" - } - min_args="1" - argument="ocsp-response-file ..." - help = "Print the OCSP responses" -} -command = { - name = "request-create" - option = { - long = "subject" - type = "string" - help = "Subject DN" - } - option = { - long = "email" - type = "strings" - help = "Email address in SubjectAltName" - } - option = { - long = "dnsname" - type = "strings" - help = "Hostname or domainname in SubjectAltName" - } - option = { - long = "type" - type = "string" - help = "Type of request CRMF or PKCS10, defaults to PKCS10" - } - option = { - long = "key" - type = "string" - help = "Key-pair" - } - option = { - long = "generate-key" - type = "string" - help = "keytype" - } - option = { - long = "key-bits" - type = "integer" - help = "number of bits in the generated key"; - } - option = { - long = "verbose" - type = "flag" - help = "verbose status" - } - min_args="1" - max_args="1" - argument="output-file" - help = "Create a CRMF or PKCS10 request" -} -command = { - name = "request-print" - option = { - long = "verbose" - type = "flag" - help = "verbose printing" - } - min_args="1" - argument="requests ..." - help = "Print requests" -} -command = { - name = "query" - option = { - long = "exact" - type = "flag" - help = "exact match" - } - option = { - long = "private-key" - type = "flag" - help = "search for private key" - } - option = { - long = "friendlyname" - type = "string" - argument = "name" - help = "match on friendly name" - } - option = { - long = "keyEncipherment" - type = "flag" - help = "match keyEncipherment certificates" - } - option = { - long = "digitalSignature" - type = "flag" - help = "match digitalSignature certificates" - } - option = { - long = "print" - type = "flag" - help = "print matches" - } - option = { - long = "pass" - type = "strings" - argument = "password" - help = "password, prompter, or environment" - } - min_args="1" - argument="certificates ..." - help = "Query the certificates for a match" -} -command = { - name = "info" -} -command = { - name = "random-data" - min_args="1" - argument="bytes" - help = "Generates random bytes and prints them to standard output" -} -command = { - option = { - long = "type" - type = "string" - help = "type of CMS algorithm" - } - name = "crypto-available" - min_args="0" - help = "Print available CMS crypto types" -} -command = { - option = { - long = "type" - type = "string" - help = "type of CMS algorithm" - } - option = { - long = "certificate" - type = "string" - help = "source certificate limiting the choices" - } - option = { - long = "peer-cmstype" - type = "strings" - help = "peer limiting cmstypes" - } - name = "crypto-select" - min_args="0" - help = "Print selected CMS type" -} -command = { - option = { - long = "decode" - short = "d" - type = "flag" - help = "decode instead of encode" - } - name = "hex" - function = "hxtool_hex" - min_args="0" - help = "Encode input to hex" -} -command = { - option = { - long = "issue-ca" - type = "flag" - help = "Issue a CA certificate" - } - option = { - long = "issue-proxy" - type = "flag" - help = "Issue a proxy certificate" - } - option = { - long = "domain-controller" - type = "flag" - help = "Issue a MS domaincontroller certificate" - } - option = { - long = "subject" - type = "string" - help = "Subject of issued certificate" - } - option = { - long = "ca-certificate" - type = "string" - help = "Issuing CA certificate" - } - option = { - long = "self-signed" - type = "flag" - help = "Issuing a self-signed certificate" - } - option = { - long = "ca-private-key" - type = "string" - help = "Private key for self-signed certificate" - } - option = { - long = "certificate" - type = "string" - help = "Issued certificate" - } - option = { - long = "type" - type = "strings" - help = "Type of certificate to issue" - } - option = { - long = "lifetime" - type = "string" - help = "Lifetime of certificate" - } - option = { - long = "serial-number" - type = "string" - help = "serial-number of certificate" - } - option = { - long = "path-length" - default = "-1" - type = "integer" - help = "Maximum path length (CA and proxy certificates), -1 no limit" - } - option = { - long = "hostname" - type = "strings" - help = "DNS names this certificate is allowed to serve" - } - option = { - long = "email" - type = "strings" - help = "email addresses assigned to this certificate" - } - option = { - long = "pk-init-principal" - type = "string" - help = "PK-INIT principal (for SAN)" - } - option = { - long = "ms-upn" - type = "string" - help = "Microsoft UPN (for SAN)" - } - option = { - long = "jid" - type = "string" - help = "XMPP jabber id (for SAN)" - } - option = { - long = "req" - type = "string" - help = "certificate request" - } - option = { - long = "certificate-private-key" - type = "string" - help = "private-key" - } - option = { - long = "generate-key" - type = "string" - help = "keytype" - } - option = { - long = "key-bits" - type = "integer" - help = "number of bits in the generated key" - } - option = { - long = "crl-uri" - type = "string" - help = "URI to CRL" - } - option = { - long = "template-certificate" - type = "string" - help = "certificate" - } - option = { - long = "template-fields" - type = "string" - help = "flag" - } - name = "certificate-sign" - name = "cert-sign" - name = "issue-certificate" - name = "ca" - function = "hxtool_ca" - min_args="0" - help = "Issue a certificate" -} -command = { - name = "test-crypto" - option = { - long = "pass" - type = "strings" - argument = "password" - help = "password, prompter, or environment" - } - option = { - long = "verbose" - type = "flag" - help = "verbose printing" - } - min_args="1" - argument="certificates..." - help = "Test crypto system related to the certificates" -} -command = { - option = { - long = "type" - type = "integer" - help = "type of statistics" - } - name = "statistic-print" - min_args="0" - help = "Print statistics" -} -command = { - option = { - long = "signer" - type = "string" - help = "signer certificate" - } - option = { - long = "pass" - type = "strings" - argument = "password" - help = "password, prompter, or environment" - } - option = { - long = "crl-file" - type = "string" - help = "CRL output file" - } - option = { - long = "lifetime" - type = "string" - help = "time the crl will be valid" - } - name = "crl-sign" - min_args="0" - argument="certificates..." - help = "Create a CRL" -} -command = { - name = "help" - name = "?" - argument = "[command]" - min_args = "0" - max_args = "1" - help = "Help! I need somebody" -} diff --git a/crypto/heimdal/lib/hx509/hxtool.c b/crypto/heimdal/lib/hx509/hxtool.c deleted file mode 100644 index 55410b1da75d..000000000000 --- a/crypto/heimdal/lib/hx509/hxtool.c +++ /dev/null @@ -1,1986 +0,0 @@ -/* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -RCSID("$Id: hxtool.c 22333 2007-12-17 01:03:43Z lha $"); - -#include -#include -#include - -static hx509_context context; - -static char *stat_file_string; -static int version_flag; -static int help_flag; - -struct getargs args[] = { - { "statistic-file", 0, arg_string, &stat_file_string }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; -int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage(int code) -{ - arg_printusage(args, num_args, NULL, "command"); - printf("Use \"%s help\" to get more help\n", getprogname()); - exit(code); -} - -/* - * - */ - -static void -lock_strings(hx509_lock lock, getarg_strings *pass) -{ - int i; - for (i = 0; i < pass->num_strings; i++) { - int ret = hx509_lock_command_string(lock, pass->strings[i]); - if (ret) - errx(1, "hx509_lock_command_string: %s: %d", - pass->strings[i], ret); - } -} - -/* - * - */ - -static void -certs_strings(hx509_context context, const char *type, hx509_certs certs, - hx509_lock lock, const getarg_strings *s) -{ - int i, ret; - - for (i = 0; i < s->num_strings; i++) { - ret = hx509_certs_append(context, certs, lock, s->strings[i]); - if (ret) - hx509_err(context, 1, ret, - "hx509_certs_append: %s %s", type, s->strings[i]); - } -} - -/* - * - */ - -static void -parse_oid(const char *str, const heim_oid *def, heim_oid *oid) -{ - int ret; - if (str) - ret = der_parse_heim_oid (str, " .", oid); - else - ret = der_copy_oid(def, oid); - if (ret) - errx(1, "parse_oid failed for: %s", str ? str : "default oid"); -} - -/* - * - */ - -static void -peer_strings(hx509_context context, - hx509_peer_info *peer, - const getarg_strings *s) -{ - AlgorithmIdentifier *val; - int ret, i; - - ret = hx509_peer_info_alloc(context, peer); - if (ret) - hx509_err(context, 1, ret, "hx509_peer_info_alloc"); - - val = calloc(s->num_strings, sizeof(*val)); - if (val == NULL) - err(1, "malloc"); - - for (i = 0; i < s->num_strings; i++) - parse_oid(s->strings[i], NULL, &val[i].algorithm); - - ret = hx509_peer_info_set_cms_algs(context, *peer, val, s->num_strings); - if (ret) - hx509_err(context, 1, ret, "hx509_peer_info_set_cms_algs"); - - for (i = 0; i < s->num_strings; i++) - free_AlgorithmIdentifier(&val[i]); - free(val); -} - -/* - * - */ - -int -cms_verify_sd(struct cms_verify_sd_options *opt, int argc, char **argv) -{ - hx509_verify_ctx ctx = NULL; - heim_oid type; - heim_octet_string c, co, signeddata, *sd = NULL; - hx509_certs store = NULL; - hx509_certs signers = NULL; - hx509_certs anchors = NULL; - hx509_lock lock; - int ret; - - size_t sz; - void *p; - - if (opt->missing_revoke_flag) - hx509_context_set_missing_revoke(context, 1); - - hx509_lock_init(context, &lock); - lock_strings(lock, &opt->pass_strings); - - ret = _hx509_map_file(argv[0], &p, &sz, NULL); - if (ret) - err(1, "map_file: %s: %d", argv[0], ret); - - if (opt->signed_content_string) { - ret = _hx509_map_file_os(opt->signed_content_string, &signeddata, NULL); - if (ret) - err(1, "map_file: %s: %d", opt->signed_content_string, ret); - sd = &signeddata; - } - - ret = hx509_verify_init_ctx(context, &ctx); - - ret = hx509_certs_init(context, "MEMORY:cms-anchors", 0, NULL, &anchors); - ret = hx509_certs_init(context, "MEMORY:cert-store", 0, NULL, &store); - - certs_strings(context, "anchors", anchors, lock, &opt->anchors_strings); - certs_strings(context, "store", store, lock, &opt->certificate_strings); - - co.data = p; - co.length = sz; - - if (opt->content_info_flag) { - heim_octet_string uwco; - heim_oid oid; - - ret = hx509_cms_unwrap_ContentInfo(&co, &oid, &uwco, NULL); - if (ret) - errx(1, "hx509_cms_unwrap_ContentInfo: %d", ret); - - if (der_heim_oid_cmp(&oid, oid_id_pkcs7_signedData()) != 0) - errx(1, "Content is not SignedData"); - der_free_oid(&oid); - - co = uwco; - } - - hx509_verify_attach_anchors(ctx, anchors); - - ret = hx509_cms_verify_signed(context, ctx, co.data, co.length, sd, - store, &type, &c, &signers); - if (co.data != p) - der_free_octet_string(&co); - if (ret) - hx509_err(context, 1, ret, "hx509_cms_verify_signed"); - - { - char *str; - der_print_heim_oid(&type, '.', &str); - printf("type: %s\n", str); - free(str); - der_free_oid(&type); - } - printf("signers:\n"); - hx509_certs_iter(context, signers, hx509_ci_print_names, stdout); - - hx509_verify_destroy_ctx(ctx); - - hx509_certs_free(&store); - hx509_certs_free(&signers); - hx509_certs_free(&anchors); - - hx509_lock_free(lock); - - ret = _hx509_write_file(argv[1], c.data, c.length); - if (ret) - errx(1, "hx509_write_file: %d", ret); - - der_free_octet_string(&c); - _hx509_unmap_file(p, sz); - if (sd) - _hx509_unmap_file_os(sd); - - return 0; -} - -int -cms_create_sd(struct cms_create_sd_options *opt, int argc, char **argv) -{ - heim_oid contentType; - hx509_peer_info peer = NULL; - heim_octet_string o; - hx509_query *q; - hx509_lock lock; - hx509_certs store, pool, anchors; - hx509_cert cert; - size_t sz; - void *p; - int ret, flags = 0; - char *signer_name = NULL; - - memset(&contentType, 0, sizeof(contentType)); - - if (argc < 2) - errx(1, "argc < 2"); - - hx509_lock_init(context, &lock); - lock_strings(lock, &opt->pass_strings); - - ret = hx509_certs_init(context, "MEMORY:cert-store", 0, NULL, &store); - ret = hx509_certs_init(context, "MEMORY:cert-pool", 0, NULL, &pool); - - certs_strings(context, "store", store, lock, &opt->certificate_strings); - certs_strings(context, "pool", pool, lock, &opt->pool_strings); - - if (opt->anchors_strings.num_strings) { - ret = hx509_certs_init(context, "MEMORY:cert-anchors", - 0, NULL, &anchors); - certs_strings(context, "anchors", anchors, lock, &opt->anchors_strings); - } else - anchors = NULL; - - if (opt->detached_signature_flag) - flags |= HX509_CMS_SIGATURE_DETACHED; - if (opt->id_by_name_flag) - flags |= HX509_CMS_SIGATURE_ID_NAME; - - ret = hx509_query_alloc(context, &q); - if (ret) - errx(1, "hx509_query_alloc: %d", ret); - - hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); - hx509_query_match_option(q, HX509_QUERY_OPTION_KU_DIGITALSIGNATURE); - - if (opt->signer_string) - hx509_query_match_friendly_name(q, opt->signer_string); - - ret = hx509_certs_find(context, store, q, &cert); - hx509_query_free(context, q); - if (ret) - hx509_err(context, 1, ret, "hx509_certs_find"); - - ret = _hx509_map_file(argv[0], &p, &sz, NULL); - if (ret) - err(1, "map_file: %s: %d", argv[0], ret); - - if (opt->peer_alg_strings.num_strings) - peer_strings(context, &peer, &opt->peer_alg_strings); - - parse_oid(opt->content_type_string, oid_id_pkcs7_data(), &contentType); - - ret = hx509_cms_create_signed_1(context, - flags, - &contentType, - p, - sz, - NULL, - cert, - peer, - anchors, - pool, - &o); - if (ret) - errx(1, "hx509_cms_create_signed: %d", ret); - - { - hx509_name name; - - ret = hx509_cert_get_subject(cert, &name); - if (ret) - errx(1, "hx509_cert_get_subject"); - - ret = hx509_name_to_string(name, &signer_name); - hx509_name_free(&name); - if (ret) - errx(1, "hx509_name_to_string"); - } - - - hx509_certs_free(&anchors); - hx509_certs_free(&pool); - hx509_cert_free(cert); - hx509_certs_free(&store); - _hx509_unmap_file(p, sz); - hx509_lock_free(lock); - hx509_peer_info_free(peer); - der_free_oid(&contentType); - - if (opt->content_info_flag) { - heim_octet_string wo; - - ret = hx509_cms_wrap_ContentInfo(oid_id_pkcs7_signedData(), &o, &wo); - if (ret) - errx(1, "hx509_cms_wrap_ContentInfo: %d", ret); - - der_free_octet_string(&o); - o = wo; - } - - if (opt->pem_flag) { - hx509_pem_header *header = NULL; - FILE *f; - - hx509_pem_add_header(&header, "Content-disposition", - opt->detached_signature_flag ? "detached" : "inline"); - hx509_pem_add_header(&header, "Signer", signer_name); - - f = fopen(argv[1], "w"); - if (f == NULL) - err(1, "open %s", argv[1]); - - ret = hx509_pem_write(context, "CMS SIGNEDDATA", header, f, - o.data, o.length); - fclose(f); - hx509_pem_free_header(header); - if (ret) - errx(1, "hx509_pem_write: %d", ret); - - } else { - ret = _hx509_write_file(argv[1], o.data, o.length); - if (ret) - errx(1, "hx509_write_file: %d", ret); - } - - free(signer_name); - free(o.data); - - return 0; -} - -int -cms_unenvelope(struct cms_unenvelope_options *opt, int argc, char **argv) -{ - heim_oid contentType = { 0, NULL }; - heim_octet_string o, co; - hx509_certs certs; - size_t sz; - void *p; - int ret; - hx509_lock lock; - - hx509_lock_init(context, &lock); - lock_strings(lock, &opt->pass_strings); - - ret = _hx509_map_file(argv[0], &p, &sz, NULL); - if (ret) - err(1, "map_file: %s: %d", argv[0], ret); - - co.data = p; - co.length = sz; - - if (opt->content_info_flag) { - heim_octet_string uwco; - heim_oid oid; - - ret = hx509_cms_unwrap_ContentInfo(&co, &oid, &uwco, NULL); - if (ret) - errx(1, "hx509_cms_unwrap_ContentInfo: %d", ret); - - if (der_heim_oid_cmp(&oid, oid_id_pkcs7_envelopedData()) != 0) - errx(1, "Content is not SignedData"); - der_free_oid(&oid); - - co = uwco; - } - - ret = hx509_certs_init(context, "MEMORY:cert-store", 0, NULL, &certs); - if (ret) - errx(1, "hx509_certs_init: MEMORY: %d", ret); - - certs_strings(context, "store", certs, lock, &opt->certificate_strings); - - ret = hx509_cms_unenvelope(context, certs, 0, co.data, co.length, - NULL, &contentType, &o); - if (co.data != p) - der_free_octet_string(&co); - if (ret) - hx509_err(context, 1, ret, "hx509_cms_unenvelope"); - - _hx509_unmap_file(p, sz); - hx509_lock_free(lock); - hx509_certs_free(&certs); - der_free_oid(&contentType); - - ret = _hx509_write_file(argv[1], o.data, o.length); - if (ret) - errx(1, "hx509_write_file: %d", ret); - - der_free_octet_string(&o); - - return 0; -} - -int -cms_create_enveloped(struct cms_envelope_options *opt, int argc, char **argv) -{ - heim_oid contentType; - heim_octet_string o; - const heim_oid *enctype = NULL; - hx509_query *q; - hx509_certs certs; - hx509_cert cert; - int ret; - size_t sz; - void *p; - hx509_lock lock; - - memset(&contentType, 0, sizeof(contentType)); - - hx509_lock_init(context, &lock); - lock_strings(lock, &opt->pass_strings); - - ret = _hx509_map_file(argv[0], &p, &sz, NULL); - if (ret) - err(1, "map_file: %s: %d", argv[0], ret); - - ret = hx509_certs_init(context, "MEMORY:cert-store", 0, NULL, &certs); - - certs_strings(context, "store", certs, lock, &opt->certificate_strings); - - if (opt->encryption_type_string) { - enctype = hx509_crypto_enctype_by_name(opt->encryption_type_string); - if (enctype == NULL) - errx(1, "encryption type: %s no found", - opt->encryption_type_string); - } - - ret = hx509_query_alloc(context, &q); - if (ret) - errx(1, "hx509_query_alloc: %d", ret); - - hx509_query_match_option(q, HX509_QUERY_OPTION_KU_ENCIPHERMENT); - - ret = hx509_certs_find(context, certs, q, &cert); - hx509_query_free(context, q); - if (ret) - errx(1, "hx509_certs_find: %d", ret); - - parse_oid(opt->content_type_string, oid_id_pkcs7_data(), &contentType); - - ret = hx509_cms_envelope_1(context, 0, cert, p, sz, enctype, - &contentType, &o); - if (ret) - errx(1, "hx509_cms_envelope_1: %d", ret); - - hx509_cert_free(cert); - hx509_certs_free(&certs); - _hx509_unmap_file(p, sz); - der_free_oid(&contentType); - - if (opt->content_info_flag) { - heim_octet_string wo; - - ret = hx509_cms_wrap_ContentInfo(oid_id_pkcs7_envelopedData(), &o, &wo); - if (ret) - errx(1, "hx509_cms_wrap_ContentInfo: %d", ret); - - der_free_octet_string(&o); - o = wo; - } - - hx509_lock_free(lock); - - ret = _hx509_write_file(argv[1], o.data, o.length); - if (ret) - errx(1, "hx509_write_file: %d", ret); - - der_free_octet_string(&o); - - return 0; -} - -static void -print_certificate(hx509_context hxcontext, hx509_cert cert, int verbose) -{ - hx509_name name; - const char *fn; - char *str; - int ret; - - fn = hx509_cert_get_friendly_name(cert); - if (fn) - printf(" friendly name: %s\n", fn); - printf(" private key: %s\n", - _hx509_cert_private_key(cert) ? "yes" : "no"); - - ret = hx509_cert_get_issuer(cert, &name); - hx509_name_to_string(name, &str); - hx509_name_free(&name); - printf(" issuer: \"%s\"\n", str); - free(str); - - ret = hx509_cert_get_subject(cert, &name); - hx509_name_to_string(name, &str); - hx509_name_free(&name); - printf(" subject: \"%s\"\n", str); - free(str); - - { - heim_integer serialNumber; - - hx509_cert_get_serialnumber(cert, &serialNumber); - der_print_hex_heim_integer(&serialNumber, &str); - der_free_heim_integer(&serialNumber); - printf(" serial: %s\n", str); - free(str); - } - - printf(" keyusage: "); - ret = hx509_cert_keyusage_print(hxcontext, cert, &str); - if (ret == 0) { - printf("%s\n", str); - free(str); - } else - printf("no"); - - if (verbose) { - hx509_validate_ctx vctx; - - hx509_validate_ctx_init(hxcontext, &vctx); - hx509_validate_ctx_set_print(vctx, hx509_print_stdout, stdout); - hx509_validate_ctx_add_flags(vctx, HX509_VALIDATE_F_VALIDATE); - hx509_validate_ctx_add_flags(vctx, HX509_VALIDATE_F_VERBOSE); - - hx509_validate_cert(hxcontext, vctx, cert); - - hx509_validate_ctx_free(vctx); - } -} - - -struct print_s { - int counter; - int verbose; -}; - -static int -print_f(hx509_context hxcontext, void *ctx, hx509_cert cert) -{ - struct print_s *s = ctx; - - printf("cert: %d\n", s->counter++); - print_certificate(context, cert, s->verbose); - - return 0; -} - -int -pcert_print(struct print_options *opt, int argc, char **argv) -{ - hx509_certs certs; - hx509_lock lock; - struct print_s s; - - s.counter = 0; - s.verbose = opt->content_flag; - - hx509_lock_init(context, &lock); - lock_strings(lock, &opt->pass_strings); - - while(argc--) { - int ret; - ret = hx509_certs_init(context, argv[0], 0, lock, &certs); - if (ret) - hx509_err(context, 1, ret, "hx509_certs_init"); - if (opt->info_flag) - hx509_certs_info(context, certs, NULL, NULL); - hx509_certs_iter(context, certs, print_f, &s); - hx509_certs_free(&certs); - argv++; - } - - hx509_lock_free(lock); - - return 0; -} - - -static int -validate_f(hx509_context hxcontext, void *ctx, hx509_cert c) -{ - hx509_validate_cert(hxcontext, ctx, c); - return 0; -} - -int -pcert_validate(struct validate_options *opt, int argc, char **argv) -{ - hx509_validate_ctx ctx; - hx509_certs certs; - hx509_lock lock; - - hx509_lock_init(context, &lock); - lock_strings(lock, &opt->pass_strings); - - hx509_validate_ctx_init(context, &ctx); - hx509_validate_ctx_set_print(ctx, hx509_print_stdout, stdout); - hx509_validate_ctx_add_flags(ctx, HX509_VALIDATE_F_VALIDATE); - - while(argc--) { - int ret; - ret = hx509_certs_init(context, argv[0], 0, lock, &certs); - if (ret) - errx(1, "hx509_certs_init: %d", ret); - hx509_certs_iter(context, certs, validate_f, ctx); - hx509_certs_free(&certs); - argv++; - } - hx509_validate_ctx_free(ctx); - - hx509_lock_free(lock); - - return 0; -} - -int -certificate_copy(struct certificate_copy_options *opt, int argc, char **argv) -{ - hx509_certs certs; - hx509_lock lock; - int ret; - - hx509_lock_init(context, &lock); - lock_strings(lock, &opt->in_pass_strings); - - ret = hx509_certs_init(context, argv[argc - 1], - HX509_CERTS_CREATE, lock, &certs); - if (ret) - hx509_err(context, 1, ret, "hx509_certs_init"); - - while(argc-- > 1) { - int ret; - ret = hx509_certs_append(context, certs, lock, argv[0]); - if (ret) - hx509_err(context, 1, ret, "hx509_certs_append"); - argv++; - } - - ret = hx509_certs_store(context, certs, 0, NULL); - if (ret) - hx509_err(context, 1, ret, "hx509_certs_store"); - - hx509_certs_free(&certs); - hx509_lock_free(lock); - - return 0; -} - -struct verify { - hx509_verify_ctx ctx; - hx509_certs chain; - const char *hostname; - int errors; -}; - -static int -verify_f(hx509_context hxcontext, void *ctx, hx509_cert c) -{ - struct verify *v = ctx; - int ret; - - ret = hx509_verify_path(hxcontext, v->ctx, c, v->chain); - if (ret) { - char *s = hx509_get_error_string(hxcontext, ret); - printf("verify_path: %s: %d\n", s, ret); - hx509_free_error_string(s); - v->errors++; - } else - printf("path ok\n"); - - if (v->hostname) { - ret = hx509_verify_hostname(hxcontext, c, 0, HX509_HN_HOSTNAME, - v->hostname, NULL, 0); - if (ret) { - printf("verify_hostname: %d\n", ret); - v->errors++; - } - } - - return 0; -} - -int -pcert_verify(struct verify_options *opt, int argc, char **argv) -{ - hx509_certs anchors, chain, certs; - hx509_revoke_ctx revoke_ctx; - hx509_verify_ctx ctx; - struct verify v; - int ret; - - memset(&v, 0, sizeof(v)); - - if (opt->missing_revoke_flag) - hx509_context_set_missing_revoke(context, 1); - - ret = hx509_verify_init_ctx(context, &ctx); - ret = hx509_certs_init(context, "MEMORY:anchors", 0, NULL, &anchors); - ret = hx509_certs_init(context, "MEMORY:chain", 0, NULL, &chain); - ret = hx509_certs_init(context, "MEMORY:certs", 0, NULL, &certs); - - if (opt->allow_proxy_certificate_flag) - hx509_verify_set_proxy_certificate(ctx, 1); - - if (opt->time_string) { - const char *p; - struct tm tm; - time_t t; - - memset(&tm, 0, sizeof(tm)); - - p = strptime (opt->time_string, "%Y-%m-%d", &tm); - if (p == NULL) - errx(1, "Failed to parse time %s, need to be on format %%Y-%%m-%%d", - opt->time_string); - - t = tm2time (tm, 0); - - hx509_verify_set_time(ctx, t); - } - - if (opt->hostname_string) - v.hostname = opt->hostname_string; - if (opt->max_depth_integer) - hx509_verify_set_max_depth(ctx, opt->max_depth_integer); - - ret = hx509_revoke_init(context, &revoke_ctx); - if (ret) - errx(1, "hx509_revoke_init: %d", ret); - - while(argc--) { - char *s = *argv++; - - if (strncmp(s, "chain:", 6) == 0) { - s += 6; - - ret = hx509_certs_append(context, chain, NULL, s); - if (ret) - hx509_err(context, 1, ret, "hx509_certs_append: chain: %s: %d", s, ret); - - } else if (strncmp(s, "anchor:", 7) == 0) { - s += 7; - - ret = hx509_certs_append(context, anchors, NULL, s); - if (ret) - hx509_err(context, 1, ret, "hx509_certs_append: anchor: %s: %d", s, ret); - - } else if (strncmp(s, "cert:", 5) == 0) { - s += 5; - - ret = hx509_certs_append(context, certs, NULL, s); - if (ret) - hx509_err(context, 1, ret, "hx509_certs_append: certs: %s: %d", - s, ret); - - } else if (strncmp(s, "crl:", 4) == 0) { - s += 4; - - ret = hx509_revoke_add_crl(context, revoke_ctx, s); - if (ret) - errx(1, "hx509_revoke_add_crl: %s: %d", s, ret); - - } else if (strncmp(s, "ocsp:", 4) == 0) { - s += 5; - - ret = hx509_revoke_add_ocsp(context, revoke_ctx, s); - if (ret) - errx(1, "hx509_revoke_add_ocsp: %s: %d", s, ret); - - } else { - errx(1, "unknown option to verify: `%s'\n", s); - } - } - - hx509_verify_attach_anchors(ctx, anchors); - hx509_verify_attach_revoke(ctx, revoke_ctx); - - v.ctx = ctx; - v.chain = chain; - - hx509_certs_iter(context, certs, verify_f, &v); - - hx509_verify_destroy_ctx(ctx); - - hx509_certs_free(&certs); - hx509_certs_free(&chain); - hx509_certs_free(&anchors); - - hx509_revoke_free(&revoke_ctx); - - if (v.errors) { - printf("failed verifing %d checks\n", v.errors); - return 1; - } - - return 0; -} - -int -query(struct query_options *opt, int argc, char **argv) -{ - hx509_lock lock; - hx509_query *q; - hx509_certs certs; - hx509_cert c; - int ret; - - ret = hx509_query_alloc(context, &q); - if (ret) - errx(1, "hx509_query_alloc: %d", ret); - - hx509_lock_init(context, &lock); - lock_strings(lock, &opt->pass_strings); - - ret = hx509_certs_init(context, "MEMORY:cert-store", 0, NULL, &certs); - - while (argc > 0) { - - ret = hx509_certs_append(context, certs, lock, argv[0]); - if (ret) - errx(1, "hx509_certs_append: %s: %d", argv[0], ret); - - argc--; - argv++; - } - - if (opt->friendlyname_string) - hx509_query_match_friendly_name(q, opt->friendlyname_string); - - if (opt->private_key_flag) - hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); - - if (opt->keyEncipherment_flag) - hx509_query_match_option(q, HX509_QUERY_OPTION_KU_ENCIPHERMENT); - - if (opt->digitalSignature_flag) - hx509_query_match_option(q, HX509_QUERY_OPTION_KU_DIGITALSIGNATURE); - - ret = hx509_certs_find(context, certs, q, &c); - hx509_query_free(context, q); - if (ret) - printf("no match found (%d)\n", ret); - else { - printf("match found\n"); - if (opt->print_flag) - print_certificate(context, c, 0); - } - - hx509_cert_free(c); - hx509_certs_free(&certs); - - hx509_lock_free(lock); - - return ret; -} - -int -ocsp_fetch(struct ocsp_fetch_options *opt, int argc, char **argv) -{ - hx509_certs reqcerts, pool; - heim_octet_string req, nonce_data, *nonce = &nonce_data; - hx509_lock lock; - int i, ret; - char *file; - const char *url = "/"; - - memset(&nonce, 0, sizeof(nonce)); - - hx509_lock_init(context, &lock); - lock_strings(lock, &opt->pass_strings); - - /* no nonce */ - if (!opt->nonce_flag) - nonce = NULL; - - if (opt->url_path_string) - url = opt->url_path_string; - - ret = hx509_certs_init(context, "MEMORY:ocsp-pool", 0, NULL, &pool); - - certs_strings(context, "ocsp-pool", pool, lock, &opt->pool_strings); - - file = argv[0]; - - ret = hx509_certs_init(context, "MEMORY:ocsp-req", 0, NULL, &reqcerts); - - for (i = 1; i < argc; i++) { - ret = hx509_certs_append(context, reqcerts, lock, argv[i]); - if (ret) - errx(1, "hx509_certs_append: req: %s: %d", argv[i], ret); - } - - ret = hx509_ocsp_request(context, reqcerts, pool, NULL, NULL, &req, nonce); - if (ret) - errx(1, "hx509_ocsp_request: req: %d", ret); - - { - FILE *f; - - f = fopen(file, "w"); - if (f == NULL) - abort(); - - fprintf(f, - "POST %s HTTP/1.0\r\n" - "Content-Type: application/ocsp-request\r\n" - "Content-Length: %ld\r\n" - "\r\n", - url, - (unsigned long)req.length); - fwrite(req.data, req.length, 1, f); - fclose(f); - } - - if (nonce) - der_free_octet_string(nonce); - - hx509_certs_free(&reqcerts); - hx509_certs_free(&pool); - - return 0; -} - -int -ocsp_print(struct ocsp_print_options *opt, int argc, char **argv) -{ - hx509_revoke_ocsp_print(context, argv[0], stdout); - return 0; -} - -/* - * - */ - -static int -verify_o(hx509_context hxcontext, void *ctx, hx509_cert c) -{ - heim_octet_string *os = ctx; - time_t expiration; - int ret; - - ret = hx509_ocsp_verify(context, 0, c, 0, - os->data, os->length, &expiration); - if (ret) { - char *s = hx509_get_error_string(hxcontext, ret); - printf("ocsp_verify: %s: %d\n", s, ret); - hx509_free_error_string(s); - } else - printf("expire: %d\n", (int)expiration); - - return ret; -} - - -int -ocsp_verify(struct ocsp_verify_options *opt, int argc, char **argv) -{ - hx509_lock lock; - hx509_certs certs; - int ret, i; - heim_octet_string os; - - hx509_lock_init(context, &lock); - - if (opt->ocsp_file_string == NULL) - errx(1, "no ocsp file given"); - - ret = _hx509_map_file(opt->ocsp_file_string, &os.data, &os.length, NULL); - if (ret) - err(1, "map_file: %s: %d", argv[0], ret); - - ret = hx509_certs_init(context, "MEMORY:test-certs", 0, NULL, &certs); - - for (i = 0; i < argc; i++) { - ret = hx509_certs_append(context, certs, lock, argv[i]); - if (ret) - hx509_err(context, 1, ret, "hx509_certs_append: %s", argv[i]); - } - - ret = hx509_certs_iter(context, certs, verify_o, &os); - - hx509_certs_free(&certs); - _hx509_unmap_file(os.data, os.length); - hx509_lock_free(lock); - - return ret; -} - -static int -read_private_key(const char *fn, hx509_private_key *key) -{ - hx509_private_key *keys; - hx509_certs certs; - int ret; - - *key = NULL; - - ret = hx509_certs_init(context, fn, 0, NULL, &certs); - if (ret) - hx509_err(context, 1, ret, "hx509_certs_init: %s", fn); - - ret = _hx509_certs_keys_get(context, certs, &keys); - hx509_certs_free(&certs); - if (ret) - hx509_err(context, 1, ret, "hx509_certs_keys_get"); - if (keys[0] == NULL) - errx(1, "no keys in key store: %s", fn); - - *key = _hx509_private_key_ref(keys[0]); - _hx509_certs_keys_free(context, keys); - - return 0; -} - -static void -get_key(const char *fn, const char *type, int optbits, - hx509_private_key *signer) -{ - int ret; - - if (type) { - BIGNUM *e; - RSA *rsa; - unsigned char *p0, *p; - size_t len; - int bits = 1024; - - if (fn == NULL) - errx(1, "no key argument, don't know here to store key"); - - if (strcasecmp(type, "rsa") != 0) - errx(1, "can only handle rsa keys for now"); - - e = BN_new(); - BN_set_word(e, 0x10001); - - if (optbits) - bits = optbits; - - rsa = RSA_new(); - if(rsa == NULL) - errx(1, "RSA_new failed"); - - ret = RSA_generate_key_ex(rsa, bits, e, NULL); - if(ret != 1) - errx(1, "RSA_new failed"); - - BN_free(e); - - len = i2d_RSAPrivateKey(rsa, NULL); - - p0 = p = malloc(len); - if (p == NULL) - errx(1, "out of memory"); - - i2d_RSAPrivateKey(rsa, &p); - - rk_dumpdata(fn, p0, len); - memset(p0, 0, len); - free(p0); - - RSA_free(rsa); - - } else if (fn == NULL) - err(1, "no private key"); - - ret = read_private_key(fn, signer); - if (ret) - err(1, "read_private_key"); -} - -int -request_create(struct request_create_options *opt, int argc, char **argv) -{ - heim_octet_string request; - hx509_request req; - int ret, i; - hx509_private_key signer; - SubjectPublicKeyInfo key; - const char *outfile = argv[0]; - - memset(&key, 0, sizeof(key)); - - get_key(opt->key_string, - opt->generate_key_string, - opt->key_bits_integer, - &signer); - - _hx509_request_init(context, &req); - - if (opt->subject_string) { - hx509_name name = NULL; - - ret = hx509_parse_name(context, opt->subject_string, &name); - if (ret) - errx(1, "hx509_parse_name: %d\n", ret); - _hx509_request_set_name(context, req, name); - - if (opt->verbose_flag) { - char *s; - hx509_name_to_string(name, &s); - printf("%s\n", s); - } - hx509_name_free(&name); - } - - for (i = 0; i < opt->email_strings.num_strings; i++) { - ret = _hx509_request_add_email(context, req, - opt->email_strings.strings[i]); - } - - for (i = 0; i < opt->dnsname_strings.num_strings; i++) { - ret = _hx509_request_add_dns_name(context, req, - opt->dnsname_strings.strings[i]); - } - - - ret = _hx509_private_key2SPKI(context, signer, &key); - if (ret) - errx(1, "_hx509_private_key2SPKI: %d\n", ret); - - ret = _hx509_request_set_SubjectPublicKeyInfo(context, - req, - &key); - free_SubjectPublicKeyInfo(&key); - if (ret) - hx509_err(context, 1, ret, "_hx509_request_set_SubjectPublicKeyInfo"); - - ret = _hx509_request_to_pkcs10(context, - req, - signer, - &request); - if (ret) - hx509_err(context, 1, ret, "_hx509_request_to_pkcs10"); - - _hx509_private_key_free(&signer); - _hx509_request_free(&req); - - if (ret == 0) - rk_dumpdata(outfile, request.data, request.length); - der_free_octet_string(&request); - - return 0; -} - -int -request_print(struct request_print_options *opt, int argc, char **argv) -{ - int ret, i; - - printf("request print\n"); - - for (i = 0; i < argc; i++) { - hx509_request req; - - ret = _hx509_request_parse(context, argv[i], &req); - if (ret) - hx509_err(context, 1, ret, "parse_request: %s", argv[i]); - - ret = _hx509_request_print(context, req, stdout); - _hx509_request_free(&req); - if (ret) - hx509_err(context, 1, ret, "Failed to print file %s", argv[i]); - } - - return 0; -} - -int -info(void *opt, int argc, char **argv) -{ - - ENGINE_add_conf_module(); - - { - const RSA_METHOD *m = RSA_get_default_method(); - if (m != NULL) - printf("rsa: %s\n", m->name); - } - { - const DH_METHOD *m = DH_get_default_method(); - if (m != NULL) - printf("dh: %s\n", m->name); - } - { - int ret = RAND_status(); - printf("rand: %s\n", ret == 1 ? "ok" : "not available"); - } - - return 0; -} - -int -random_data(void *opt, int argc, char **argv) -{ - void *ptr; - int len, ret; - - len = parse_bytes(argv[0], "byte"); - if (len <= 0) { - fprintf(stderr, "bad argument to random-data\n"); - return 1; - } - - ptr = malloc(len); - if (ptr == NULL) { - fprintf(stderr, "out of memory\n"); - return 1; - } - - ret = RAND_bytes(ptr, len); - if (ret != 1) { - free(ptr); - fprintf(stderr, "did not get cryptographic strong random\n"); - return 1; - } - - fwrite(ptr, len, 1, stdout); - fflush(stdout); - - free(ptr); - - return 0; -} - -int -crypto_available(struct crypto_available_options *opt, int argc, char **argv) -{ - AlgorithmIdentifier *val; - unsigned int len, i; - int ret, type; - - if (opt->type_string) { - if (strcmp(opt->type_string, "all") == 0) - type = HX509_SELECT_ALL; - else if (strcmp(opt->type_string, "digest") == 0) - type = HX509_SELECT_DIGEST; - else if (strcmp(opt->type_string, "public-sig") == 0) - type = HX509_SELECT_PUBLIC_SIG; - else if (strcmp(opt->type_string, "secret") == 0) - type = HX509_SELECT_SECRET_ENC; - else - errx(1, "unknown type: %s", opt->type_string); - } else - type = HX509_SELECT_ALL; - - ret = hx509_crypto_available(context, type, NULL, &val, &len); - if (ret) - errx(1, "hx509_crypto_available"); - - for (i = 0; i < len; i++) { - char *s; - der_print_heim_oid (&val[i].algorithm, '.', &s); - printf("%s\n", s); - free(s); - } - - hx509_crypto_free_algs(val, len); - - return 0; -} - -int -crypto_select(struct crypto_select_options *opt, int argc, char **argv) -{ - hx509_peer_info peer = NULL; - AlgorithmIdentifier selected; - int ret, type; - char *s; - - if (opt->type_string) { - if (strcmp(opt->type_string, "digest") == 0) - type = HX509_SELECT_DIGEST; - else if (strcmp(opt->type_string, "public-sig") == 0) - type = HX509_SELECT_PUBLIC_SIG; - else if (strcmp(opt->type_string, "secret") == 0) - type = HX509_SELECT_SECRET_ENC; - else - errx(1, "unknown type: %s", opt->type_string); - } else - type = HX509_SELECT_DIGEST; - - if (opt->peer_cmstype_strings.num_strings) - peer_strings(context, &peer, &opt->peer_cmstype_strings); - - ret = hx509_crypto_select(context, type, NULL, peer, &selected); - if (ret) - errx(1, "hx509_crypto_available"); - - der_print_heim_oid (&selected.algorithm, '.', &s); - printf("%s\n", s); - free(s); - free_AlgorithmIdentifier(&selected); - - hx509_peer_info_free(peer); - - return 0; -} - -int -hxtool_hex(struct hex_options *opt, int argc, char **argv) -{ - - if (opt->decode_flag) { - char buf[1024], buf2[1024], *p; - ssize_t len; - - while(fgets(buf, sizeof(buf), stdin) != NULL) { - buf[strcspn(buf, "\r\n")] = '\0'; - p = buf; - while(isspace(*(unsigned char *)p)) - p++; - len = hex_decode(p, buf2, strlen(p)); - if (len < 0) - errx(1, "hex_decode failed"); - if (fwrite(buf2, 1, len, stdout) != len) - errx(1, "fwrite failed"); - } - } else { - char buf[28], *p; - size_t len; - - while((len = fread(buf, 1, sizeof(buf), stdin)) != 0) { - len = hex_encode(buf, len, &p); - fprintf(stdout, "%s\n", p); - free(p); - } - } - return 0; -} - -static int -eval_types(hx509_context context, - hx509_ca_tbs tbs, - const struct certificate_sign_options *opt) -{ - int pkinit = 0; - int i, ret; - - for (i = 0; i < opt->type_strings.num_strings; i++) { - const char *type = opt->type_strings.strings[i]; - - if (strcmp(type, "https-server") == 0) { - ret = hx509_ca_tbs_add_eku(context, tbs, - oid_id_pkix_kp_serverAuth()); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_eku"); - } else if (strcmp(type, "https-client") == 0) { - ret = hx509_ca_tbs_add_eku(context, tbs, - oid_id_pkix_kp_clientAuth()); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_eku"); - } else if (strcmp(type, "peap-server") == 0) { - ret = hx509_ca_tbs_add_eku(context, tbs, - oid_id_pkix_kp_serverAuth()); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_eku"); - } else if (strcmp(type, "pkinit-kdc") == 0) { - pkinit++; - ret = hx509_ca_tbs_add_eku(context, tbs, - oid_id_pkkdcekuoid()); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_eku"); - } else if (strcmp(type, "pkinit-client") == 0) { - pkinit++; - ret = hx509_ca_tbs_add_eku(context, tbs, - oid_id_pkekuoid()); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_eku"); - - ret = hx509_ca_tbs_add_eku(context, tbs, - oid_id_ms_client_authentication()); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_eku"); - - ret = hx509_ca_tbs_add_eku(context, tbs, - oid_id_pkinit_ms_eku()); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_eku"); - - } else if (strcmp(type, "email") == 0) { - ret = hx509_ca_tbs_add_eku(context, tbs, - oid_id_pkix_kp_emailProtection()); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_eku"); - } else - errx(1, "unknown type %s", type); - } - - if (pkinit > 1) - errx(1, "More the one PK-INIT type given"); - - if (opt->pk_init_principal_string) { - if (!pkinit) - errx(1, "pk-init principal given but no pk-init oid"); - - ret = hx509_ca_tbs_add_san_pkinit(context, tbs, - opt->pk_init_principal_string); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_san_pkinit"); - } - - if (opt->ms_upn_string) { - if (!pkinit) - errx(1, "MS up given but no pk-init oid"); - - ret = hx509_ca_tbs_add_san_ms_upn(context, tbs, opt->ms_upn_string); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_san_ms_upn"); - } - - - for (i = 0; i < opt->hostname_strings.num_strings; i++) { - const char *hostname = opt->hostname_strings.strings[i]; - - ret = hx509_ca_tbs_add_san_hostname(context, tbs, hostname); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_san_hostname"); - } - - for (i = 0; i < opt->email_strings.num_strings; i++) { - const char *email = opt->email_strings.strings[i]; - - ret = hx509_ca_tbs_add_san_rfc822name(context, tbs, email); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_san_hostname"); - - ret = hx509_ca_tbs_add_eku(context, tbs, - oid_id_pkix_kp_emailProtection()); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_eku"); - } - - if (opt->jid_string) { - ret = hx509_ca_tbs_add_san_jid(context, tbs, opt->jid_string); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_san_jid"); - } - - return 0; -} - -int -hxtool_ca(struct certificate_sign_options *opt, int argc, char **argv) -{ - int ret; - hx509_ca_tbs tbs; - hx509_cert signer = NULL, cert = NULL; - hx509_private_key private_key = NULL; - hx509_private_key cert_key = NULL; - hx509_name subject = NULL; - SubjectPublicKeyInfo spki; - int delta = 0; - - memset(&spki, 0, sizeof(spki)); - - if (opt->ca_certificate_string == NULL && !opt->self_signed_flag) - errx(1, "--ca-certificate argument missing (not using --self-signed)"); - if (opt->ca_private_key_string == NULL && opt->generate_key_string == NULL && opt->self_signed_flag) - errx(1, "--ca-private-key argument missing (using --self-signed)"); - if (opt->certificate_string == NULL) - errx(1, "--certificate argument missing"); - - if (opt->template_certificate_string) { - if (opt->template_fields_string == NULL) - errx(1, "--template-certificate not no --template-fields"); - } - - if (opt->lifetime_string) { - delta = parse_time(opt->lifetime_string, "day"); - if (delta < 0) - errx(1, "Invalid lifetime: %s", opt->lifetime_string); - } - - if (opt->ca_certificate_string) { - hx509_certs cacerts = NULL; - hx509_query *q; - - ret = hx509_certs_init(context, opt->ca_certificate_string, 0, - NULL, &cacerts); - if (ret) - hx509_err(context, 1, ret, - "hx509_certs_init: %s", opt->ca_certificate_string); - - ret = hx509_query_alloc(context, &q); - if (ret) - errx(1, "hx509_query_alloc: %d", ret); - - hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); - if (!opt->issue_proxy_flag) - hx509_query_match_option(q, HX509_QUERY_OPTION_KU_KEYCERTSIGN); - - ret = hx509_certs_find(context, cacerts, q, &signer); - hx509_query_free(context, q); - hx509_certs_free(&cacerts); - if (ret) - hx509_err(context, 1, ret, "no CA certificate found"); - } else if (opt->self_signed_flag) { - if (opt->generate_key_string == NULL - && opt->ca_private_key_string == NULL) - errx(1, "no signing private key"); - } else - errx(1, "missing ca key"); - - if (opt->ca_private_key_string) { - - ret = read_private_key(opt->ca_private_key_string, &private_key); - if (ret) - err(1, "read_private_key"); - - ret = _hx509_private_key2SPKI(context, private_key, &spki); - if (ret) - errx(1, "_hx509_private_key2SPKI: %d\n", ret); - - if (opt->self_signed_flag) - cert_key = private_key; - } - - if (opt->req_string) { - hx509_request req; - - ret = _hx509_request_parse(context, opt->req_string, &req); - if (ret) - hx509_err(context, 1, ret, "parse_request: %s", opt->req_string); - ret = _hx509_request_get_name(context, req, &subject); - if (ret) - hx509_err(context, 1, ret, "get name"); - ret = _hx509_request_get_SubjectPublicKeyInfo(context, req, &spki); - if (ret) - hx509_err(context, 1, ret, "get spki"); - _hx509_request_free(&req); - } - - if (opt->generate_key_string) { - struct hx509_generate_private_context *keyctx; - - ret = _hx509_generate_private_key_init(context, - oid_id_pkcs1_rsaEncryption(), - &keyctx); - - if (opt->issue_ca_flag) - _hx509_generate_private_key_is_ca(context, keyctx); - - if (opt->key_bits_integer) - _hx509_generate_private_key_bits(context, keyctx, - opt->key_bits_integer); - - ret = _hx509_generate_private_key(context, keyctx, - &cert_key); - _hx509_generate_private_key_free(&keyctx); - if (ret) - hx509_err(context, 1, ret, "generate private key"); - - ret = _hx509_private_key2SPKI(context, cert_key, &spki); - if (ret) - errx(1, "_hx509_private_key2SPKI: %d\n", ret); - - if (opt->self_signed_flag) - private_key = cert_key; - } - - if (opt->certificate_private_key_string) { - ret = read_private_key(opt->certificate_private_key_string, &cert_key); - if (ret) - err(1, "read_private_key for certificate"); - } - - if (opt->subject_string) { - if (subject) - hx509_name_free(&subject); - ret = hx509_parse_name(context, opt->subject_string, &subject); - if (ret) - hx509_err(context, 1, ret, "hx509_parse_name"); - } - - /* - * - */ - - ret = hx509_ca_tbs_init(context, &tbs); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_init"); - - if (opt->template_certificate_string) { - hx509_cert template; - hx509_certs tcerts; - int flags; - - ret = hx509_certs_init(context, opt->template_certificate_string, 0, - NULL, &tcerts); - if (ret) - hx509_err(context, 1, ret, - "hx509_certs_init: %s", opt->template_certificate_string); - - ret = hx509_get_one_cert(context, tcerts, &template); - - hx509_certs_free(&tcerts); - if (ret) - hx509_err(context, 1, ret, "no template certificate found"); - - flags = parse_units(opt->template_fields_string, - hx509_ca_tbs_template_units(), ""); - - ret = hx509_ca_tbs_set_template(context, tbs, flags, template); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_set_template"); - - hx509_cert_free(template); - } - - if (opt->serial_number_string) { - heim_integer serialNumber; - - ret = der_parse_hex_heim_integer(opt->serial_number_string, - &serialNumber); - if (ret) - err(1, "der_parse_hex_heim_integer"); - ret = hx509_ca_tbs_set_serialnumber(context, tbs, &serialNumber); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_init"); - der_free_heim_integer(&serialNumber); - } - - if (spki.subjectPublicKey.length) { - ret = hx509_ca_tbs_set_spki(context, tbs, &spki); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_set_spki"); - } - - if (subject) { - ret = hx509_ca_tbs_set_subject(context, tbs, subject); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_set_subject"); - } - - if (opt->crl_uri_string) { - ret = hx509_ca_tbs_add_crl_dp_uri(context, tbs, - opt->crl_uri_string, NULL); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_add_crl_dp_uri"); - } - - eval_types(context, tbs, opt); - - if (opt->issue_ca_flag) { - ret = hx509_ca_tbs_set_ca(context, tbs, opt->path_length_integer); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_set_ca"); - } - if (opt->issue_proxy_flag) { - ret = hx509_ca_tbs_set_proxy(context, tbs, opt->path_length_integer); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_set_proxy"); - } - if (opt->domain_controller_flag) { - hx509_ca_tbs_set_domaincontroller(context, tbs); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_set_domaincontroller"); - } - - if (delta) { - ret = hx509_ca_tbs_set_notAfter_lifetime(context, tbs, delta); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_tbs_set_notAfter_lifetime"); - } - - if (opt->self_signed_flag) { - ret = hx509_ca_sign_self(context, tbs, private_key, &cert); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_sign_self"); - } else { - ret = hx509_ca_sign(context, tbs, signer, &cert); - if (ret) - hx509_err(context, 1, ret, "hx509_ca_sign"); - } - - if (cert_key) { - ret = _hx509_cert_assign_key(cert, cert_key); - if (ret) - hx509_err(context, 1, ret, "_hx509_cert_assign_key"); - } - - { - hx509_certs certs; - - ret = hx509_certs_init(context, opt->certificate_string, - HX509_CERTS_CREATE, NULL, &certs); - if (ret) - hx509_err(context, 1, ret, "hx509_certs_init"); - - ret = hx509_certs_add(context, certs, cert); - if (ret) - hx509_err(context, 1, ret, "hx509_certs_add"); - - ret = hx509_certs_store(context, certs, 0, NULL); - if (ret) - hx509_err(context, 1, ret, "hx509_certs_store"); - - hx509_certs_free(&certs); - } - - if (subject) - hx509_name_free(&subject); - if (signer) - hx509_cert_free(signer); - hx509_cert_free(cert); - free_SubjectPublicKeyInfo(&spki); - - if (private_key != cert_key) - _hx509_private_key_free(&private_key); - _hx509_private_key_free(&cert_key); - - hx509_ca_tbs_free(&tbs); - - return 0; -} - -static int -test_one_cert(hx509_context hxcontext, void *ctx, hx509_cert cert) -{ - heim_octet_string sd, c; - hx509_verify_ctx vctx = ctx; - hx509_certs signer = NULL; - heim_oid type; - int ret; - - if (_hx509_cert_private_key(cert) == NULL) - return 0; - - ret = hx509_cms_create_signed_1(context, 0, NULL, NULL, 0, - NULL, cert, NULL, NULL, NULL, &sd); - if (ret) - errx(1, "hx509_cms_create_signed_1"); - - ret = hx509_cms_verify_signed(context, vctx, sd.data, sd.length, - NULL, NULL, &type, &c, &signer); - free(sd.data); - if (ret) - hx509_err(context, 1, ret, "hx509_cms_verify_signed"); - - printf("create-signature verify-sigature done\n"); - - free(c.data); - - return 0; -} - -int -test_crypto(struct test_crypto_options *opt, int argc, char ** argv) -{ - hx509_verify_ctx vctx; - hx509_certs certs; - hx509_lock lock; - int i, ret; - - hx509_lock_init(context, &lock); - lock_strings(lock, &opt->pass_strings); - - ret = hx509_certs_init(context, "MEMORY:test-crypto", 0, NULL, &certs); - - for (i = 0; i < argc; i++) { - ret = hx509_certs_append(context, certs, lock, argv[i]); - if (ret) - hx509_err(context, 1, ret, "hx509_certs_append"); - } - - ret = hx509_verify_init_ctx(context, &vctx); - if (ret) - hx509_err(context, 1, ret, "hx509_verify_init_ctx"); - - hx509_verify_attach_anchors(vctx, certs); - - ret = hx509_certs_iter(context, certs, test_one_cert, vctx); - - hx509_certs_free(&certs); - - return 0; -} - -int -statistic_print(struct statistic_print_options*opt, int argc, char **argv) -{ - int type = 0; - - if (stat_file_string == NULL) - errx(1, "no stat file"); - - if (opt->type_integer) - type = opt->type_integer; - - hx509_query_unparse_stats(context, type, stdout); - return 0; -} - -/* - * - */ - -int -crl_sign(struct crl_sign_options *opt, int argc, char **argv) -{ - hx509_crl crl; - heim_octet_string os; - hx509_cert signer = NULL; - hx509_lock lock; - int ret; - - hx509_lock_init(context, &lock); - lock_strings(lock, &opt->pass_strings); - - ret = hx509_crl_alloc(context, &crl); - if (ret) - errx(1, "crl alloc"); - - if (opt->signer_string == NULL) - errx(1, "signer missing"); - - { - hx509_certs certs = NULL; - hx509_query *q; - - ret = hx509_certs_init(context, opt->signer_string, 0, - NULL, &certs); - if (ret) - hx509_err(context, 1, ret, - "hx509_certs_init: %s", opt->signer_string); - - ret = hx509_query_alloc(context, &q); - if (ret) - hx509_err(context, 1, ret, "hx509_query_alloc: %d", ret); - - hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); - - ret = hx509_certs_find(context, certs, q, &signer); - hx509_query_free(context, q); - hx509_certs_free(&certs); - if (ret) - hx509_err(context, 1, ret, "no signer certificate found"); - } - - if (opt->lifetime_string) { - int delta; - - delta = parse_time(opt->lifetime_string, "day"); - if (delta < 0) - errx(1, "Invalid lifetime: %s", opt->lifetime_string); - - hx509_crl_lifetime(context, crl, delta); - } - - { - hx509_certs revoked = NULL; - int i; - - ret = hx509_certs_init(context, "MEMORY:revoked-certs", 0, - NULL, &revoked); - - for (i = 0; i < argc; i++) { - ret = hx509_certs_append(context, revoked, lock, argv[i]); - if (ret) - hx509_err(context, 1, ret, "hx509_certs_append: %s", argv[i]); - } - - hx509_crl_add_revoked_certs(context, crl, revoked); - hx509_certs_free(&revoked); - } - - hx509_crl_sign(context, signer, crl, &os); - - if (opt->crl_file_string) - rk_dumpdata(opt->crl_file_string, os.data, os.length); - - free(os.data); - - hx509_crl_free(context, &crl); - hx509_cert_free(signer); - hx509_lock_free(lock); - - return 0; -} - -/* - * - */ - -int -help(void *opt, int argc, char **argv) -{ - sl_slc_help(commands, argc, argv); - return 0; -} - -int -main(int argc, char **argv) -{ - int ret, optidx = 0; - - setprogname (argv[0]); - - if(getarg(args, num_args, argc, argv, &optidx)) - usage(1); - if(help_flag) - usage(0); - if(version_flag) { - print_version(NULL); - exit(0); - } - argv += optidx; - argc -= optidx; - - if (argc == 0) - usage(1); - - ret = hx509_context_init(&context); - if (ret) - errx(1, "hx509_context_init failed with %d", ret); - - if (stat_file_string) - hx509_query_statistic_file(context, stat_file_string); - - ret = sl_command(commands, argc, argv); - if(ret == -1) - warnx ("unrecognized command: %s", argv[0]); - - hx509_context_free(&context); - - return ret; -} diff --git a/crypto/heimdal/lib/hx509/keyset.c b/crypto/heimdal/lib/hx509/keyset.c deleted file mode 100644 index 2fcff7b03b35..000000000000 --- a/crypto/heimdal/lib/hx509/keyset.c +++ /dev/null @@ -1,677 +0,0 @@ -/* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -RCSID("$Id: keyset.c 22466 2008-01-16 14:26:35Z lha $"); - -/** - * @page page_keyset Certificate store operations - * - * Type of certificates store: - * - MEMORY - * In memory based format. Doesnt support storing. - * - FILE - * FILE supports raw DER certicates and PEM certicates. When PEM is - * used the file can contain may certificates and match private - * keys. Support storing the certificates. DER format only supports - * on certificate and no private key. - * - PEM-FILE - * Same as FILE, defaulting to PEM encoded certificates. - * - PEM-FILE - * Same as FILE, defaulting to DER encoded certificates. - * - PKCS11 - * - PKCS12 - * - DIR - * - KEYCHAIN - * Apple Mac OS X KeyChain backed keychain object. - * - * See the library functions here: @ref hx509_keyset - */ - -struct hx509_certs_data { - int ref; - struct hx509_keyset_ops *ops; - void *ops_data; -}; - -static struct hx509_keyset_ops * -_hx509_ks_type(hx509_context context, const char *type) -{ - int i; - - for (i = 0; i < context->ks_num_ops; i++) - if (strcasecmp(type, context->ks_ops[i]->name) == 0) - return context->ks_ops[i]; - - return NULL; -} - -void -_hx509_ks_register(hx509_context context, struct hx509_keyset_ops *ops) -{ - struct hx509_keyset_ops **val; - - if (_hx509_ks_type(context, ops->name)) - return; - - val = realloc(context->ks_ops, - (context->ks_num_ops + 1) * sizeof(context->ks_ops[0])); - if (val == NULL) - return; - val[context->ks_num_ops] = ops; - context->ks_ops = val; - context->ks_num_ops++; -} - -/** - * Open or creates a new hx509 certificate store. - * - * @param context A hx509 context - * @param name name of the store, format is TYPE:type-specific-string, - * if NULL is used the MEMORY store is used. - * @param flags list of flags: - * - HX509_CERTS_CREATE create a new keystore of the specific TYPE. - * - HX509_CERTS_UNPROTECT_ALL fails if any private key failed to be extracted. - * @param lock a lock that unlocks the certificates store, use NULL to - * select no password/certifictes/prompt lock (see @ref page_lock). - * @param certs return pointer, free with hx509_certs_free(). - * - * @ingroup hx509_keyset - */ - -int -hx509_certs_init(hx509_context context, - const char *name, int flags, - hx509_lock lock, hx509_certs *certs) -{ - struct hx509_keyset_ops *ops; - const char *residue; - hx509_certs c; - char *type; - int ret; - - *certs = NULL; - - residue = strchr(name, ':'); - if (residue) { - type = malloc(residue - name + 1); - if (type) - strlcpy(type, name, residue - name + 1); - residue++; - if (residue[0] == '\0') - residue = NULL; - } else { - type = strdup("MEMORY"); - residue = name; - } - if (type == NULL) { - hx509_clear_error_string(context); - return ENOMEM; - } - - ops = _hx509_ks_type(context, type); - if (ops == NULL) { - hx509_set_error_string(context, 0, ENOENT, - "Keyset type %s is not supported", type); - free(type); - return ENOENT; - } - free(type); - c = calloc(1, sizeof(*c)); - if (c == NULL) { - hx509_clear_error_string(context); - return ENOMEM; - } - c->ops = ops; - c->ref = 1; - - ret = (*ops->init)(context, c, &c->ops_data, flags, residue, lock); - if (ret) { - free(c); - return ret; - } - - *certs = c; - return 0; -} - -/** - * Write the certificate store to stable storage. - * - * @param context A hx509 context. - * @param certs a certificate store to store. - * @param flags currently unused, use 0. - * @param lock a lock that unlocks the certificates store, use NULL to - * select no password/certifictes/prompt lock (see @ref page_lock). - * - * @return Returns an hx509 error code. HX509_UNSUPPORTED_OPERATION if - * the certificate store doesn't support the store operation. - * - * @ingroup hx509_keyset - */ - -int -hx509_certs_store(hx509_context context, - hx509_certs certs, - int flags, - hx509_lock lock) -{ - if (certs->ops->store == NULL) { - hx509_set_error_string(context, 0, HX509_UNSUPPORTED_OPERATION, - "keystore if type %s doesn't support " - "store operation", - certs->ops->name); - return HX509_UNSUPPORTED_OPERATION; - } - - return (*certs->ops->store)(context, certs, certs->ops_data, flags, lock); -} - - -hx509_certs -_hx509_certs_ref(hx509_certs certs) -{ - if (certs == NULL) - return NULL; - if (certs->ref <= 0) - _hx509_abort("certs refcount <= 0"); - certs->ref++; - if (certs->ref == 0) - _hx509_abort("certs refcount == 0"); - return certs; -} - -/** - * Free a certificate store. - * - * @param certs certificate store to free. - * - * @ingroup hx509_keyset - */ - -void -hx509_certs_free(hx509_certs *certs) -{ - if (*certs) { - if ((*certs)->ref <= 0) - _hx509_abort("refcount <= 0"); - if (--(*certs)->ref > 0) - return; - - (*(*certs)->ops->free)(*certs, (*certs)->ops_data); - free(*certs); - *certs = NULL; - } -} - -/** - * Start the integration - * - * @param context a hx509 context. - * @param certs certificate store to iterate over - * @param cursor cursor that will keep track of progress, free with - * hx509_certs_end_seq(). - * - * @return Returns an hx509 error code. HX509_UNSUPPORTED_OPERATION is - * returned if the certificate store doesn't support the iteration - * operation. - * - * @ingroup hx509_keyset - */ - -int -hx509_certs_start_seq(hx509_context context, - hx509_certs certs, - hx509_cursor *cursor) -{ - int ret; - - if (certs->ops->iter_start == NULL) { - hx509_set_error_string(context, 0, HX509_UNSUPPORTED_OPERATION, - "Keyset type %s doesn't support iteration", - certs->ops->name); - return HX509_UNSUPPORTED_OPERATION; - } - - ret = (*certs->ops->iter_start)(context, certs, certs->ops_data, cursor); - if (ret) - return ret; - - return 0; -} - -/** - * Get next ceritificate from the certificate keystore pointed out by - * cursor. - * - * @param context a hx509 context. - * @param certs certificate store to iterate over. - * @param cursor cursor that keeps track of progress. - * @param cert return certificate next in store, NULL if the store - * contains no more certificates. Free with hx509_cert_free(). - * - * @return Returns an hx509 error code. - * - * @ingroup hx509_keyset - */ - -int -hx509_certs_next_cert(hx509_context context, - hx509_certs certs, - hx509_cursor cursor, - hx509_cert *cert) -{ - *cert = NULL; - return (*certs->ops->iter)(context, certs, certs->ops_data, cursor, cert); -} - -/** - * End the iteration over certificates. - * - * @param context a hx509 context. - * @param certs certificate store to iterate over. - * @param cursor cursor that will keep track of progress, freed. - * - * @return Returns an hx509 error code. - * - * @ingroup hx509_keyset - */ - -int -hx509_certs_end_seq(hx509_context context, - hx509_certs certs, - hx509_cursor cursor) -{ - (*certs->ops->iter_end)(context, certs, certs->ops_data, cursor); - return 0; -} - -/** - * Iterate over all certificates in a keystore and call an function - * for each fo them. - * - * @param context a hx509 context. - * @param certs certificate store to iterate over. - * @param func function to call for each certificate. The function - * should return non-zero to abort the iteration, that value is passed - * back to te caller of hx509_certs_iter(). - * @param ctx context variable that will passed to the function. - * - * @return Returns an hx509 error code. - * - * @ingroup hx509_keyset - */ - -int -hx509_certs_iter(hx509_context context, - hx509_certs certs, - int (*func)(hx509_context, void *, hx509_cert), - void *ctx) -{ - hx509_cursor cursor; - hx509_cert c; - int ret; - - ret = hx509_certs_start_seq(context, certs, &cursor); - if (ret) - return ret; - - while (1) { - ret = hx509_certs_next_cert(context, certs, cursor, &c); - if (ret) - break; - if (c == NULL) { - ret = 0; - break; - } - ret = (*func)(context, ctx, c); - hx509_cert_free(c); - if (ret) - break; - } - - hx509_certs_end_seq(context, certs, cursor); - - return ret; -} - - -/** - * Function to use to hx509_certs_iter() as a function argument, the - * ctx variable to hx509_certs_iter() should be a FILE file descriptor. - * - * @param context a hx509 context. - * @param ctx used by hx509_certs_iter(). - * @param c a certificate - * - * @return Returns an hx509 error code. - * - * @ingroup hx509_keyset - */ - -int -hx509_ci_print_names(hx509_context context, void *ctx, hx509_cert c) -{ - Certificate *cert; - hx509_name n; - char *s, *i; - - cert = _hx509_get_cert(c); - - _hx509_name_from_Name(&cert->tbsCertificate.subject, &n); - hx509_name_to_string(n, &s); - hx509_name_free(&n); - _hx509_name_from_Name(&cert->tbsCertificate.issuer, &n); - hx509_name_to_string(n, &i); - hx509_name_free(&n); - fprintf(ctx, "subject: %s\nissuer: %s\n", s, i); - free(s); - free(i); - return 0; -} - -/** - * Add a certificate to the certificiate store. - * - * The receiving keyset certs will either increase reference counter - * of the cert or make a deep copy, either way, the caller needs to - * free the cert itself. - * - * @param context a hx509 context. - * @param certs certificate store to add the certificate to. - * @param cert certificate to add. - * - * @return Returns an hx509 error code. - * - * @ingroup hx509_keyset - */ - -int -hx509_certs_add(hx509_context context, hx509_certs certs, hx509_cert cert) -{ - if (certs->ops->add == NULL) { - hx509_set_error_string(context, 0, ENOENT, - "Keyset type %s doesn't support add operation", - certs->ops->name); - return ENOENT; - } - - return (*certs->ops->add)(context, certs, certs->ops_data, cert); -} - -/** - * Find a certificate matching the query. - * - * @param context a hx509 context. - * @param certs certificate store to search. - * @param q query allocated with @ref hx509_query functions. - * @param r return certificate (or NULL on error), should be freed - * with hx509_cert_free(). - * - * @return Returns an hx509 error code. - * - * @ingroup hx509_keyset - */ - -int -hx509_certs_find(hx509_context context, - hx509_certs certs, - const hx509_query *q, - hx509_cert *r) -{ - hx509_cursor cursor; - hx509_cert c; - int ret; - - *r = NULL; - - _hx509_query_statistic(context, 0, q); - - if (certs->ops->query) - return (*certs->ops->query)(context, certs, certs->ops_data, q, r); - - ret = hx509_certs_start_seq(context, certs, &cursor); - if (ret) - return ret; - - c = NULL; - while (1) { - ret = hx509_certs_next_cert(context, certs, cursor, &c); - if (ret) - break; - if (c == NULL) - break; - if (_hx509_query_match_cert(context, q, c)) { - *r = c; - break; - } - hx509_cert_free(c); - } - - hx509_certs_end_seq(context, certs, cursor); - if (ret) - return ret; - if (c == NULL) { - hx509_clear_error_string(context); - return HX509_CERT_NOT_FOUND; - } - - return 0; -} - -static int -certs_merge_func(hx509_context context, void *ctx, hx509_cert c) -{ - return hx509_certs_add(context, (hx509_certs)ctx, c); -} - -/** - * Merge a certificate store into another. The from store is keep - * intact. - * - * @param context a hx509 context. - * @param to the store to merge into. - * @param from the store to copy the object from. - * - * @return Returns an hx509 error code. - * - * @ingroup hx509_keyset - */ - -int -hx509_certs_merge(hx509_context context, hx509_certs to, hx509_certs from) -{ - if (from == NULL) - return 0; - return hx509_certs_iter(context, from, certs_merge_func, to); -} - -/** - * Same a hx509_certs_merge() but use a lock and name to describe the - * from source. - * - * @param context a hx509 context. - * @param to the store to merge into. - * @param lock a lock that unlocks the certificates store, use NULL to - * select no password/certifictes/prompt lock (see @ref page_lock). - * @param name name of the source store - * - * @return Returns an hx509 error code. - * - * @ingroup hx509_keyset - */ - -int -hx509_certs_append(hx509_context context, - hx509_certs to, - hx509_lock lock, - const char *name) -{ - hx509_certs s; - int ret; - - ret = hx509_certs_init(context, name, 0, lock, &s); - if (ret) - return ret; - ret = hx509_certs_merge(context, to, s); - hx509_certs_free(&s); - return ret; -} - -/** - * Get one random certificate from the certificate store. - * - * @param context a hx509 context. - * @param certs a certificate store to get the certificate from. - * @param c return certificate, should be freed with hx509_cert_free(). - * - * @return Returns an hx509 error code. - * - * @ingroup hx509_keyset - */ - -int -hx509_get_one_cert(hx509_context context, hx509_certs certs, hx509_cert *c) -{ - hx509_cursor cursor; - int ret; - - *c = NULL; - - ret = hx509_certs_start_seq(context, certs, &cursor); - if (ret) - return ret; - - ret = hx509_certs_next_cert(context, certs, cursor, c); - if (ret) - return ret; - - hx509_certs_end_seq(context, certs, cursor); - return 0; -} - -static int -certs_info_stdio(void *ctx, const char *str) -{ - FILE *f = ctx; - fprintf(f, "%s\n", str); - return 0; -} - -/** - * Print some info about the certificate store. - * - * @param context a hx509 context. - * @param certs certificate store to print information about. - * @param func function that will get each line of the information, if - * NULL is used the data is printed on a FILE descriptor that should - * be passed in ctx, if ctx also is NULL, stdout is used. - * @param ctx parameter to func. - * - * @return Returns an hx509 error code. - * - * @ingroup hx509_keyset - */ - -int -hx509_certs_info(hx509_context context, - hx509_certs certs, - int (*func)(void *, const char *), - void *ctx) -{ - if (func == NULL) { - func = certs_info_stdio; - if (ctx == NULL) - ctx = stdout; - } - if (certs->ops->printinfo == NULL) { - (*func)(ctx, "No info function for certs"); - return 0; - } - return (*certs->ops->printinfo)(context, certs, certs->ops_data, - func, ctx); -} - -void -_hx509_pi_printf(int (*func)(void *, const char *), void *ctx, - const char *fmt, ...) -{ - va_list ap; - char *str; - - va_start(ap, fmt); - vasprintf(&str, fmt, ap); - va_end(ap); - if (str == NULL) - return; - (*func)(ctx, str); - free(str); -} - -int -_hx509_certs_keys_get(hx509_context context, - hx509_certs certs, - hx509_private_key **keys) -{ - if (certs->ops->getkeys == NULL) { - *keys = NULL; - return 0; - } - return (*certs->ops->getkeys)(context, certs, certs->ops_data, keys); -} - -int -_hx509_certs_keys_add(hx509_context context, - hx509_certs certs, - hx509_private_key key) -{ - if (certs->ops->addkey == NULL) { - hx509_set_error_string(context, 0, EINVAL, - "keystore if type %s doesn't support " - "key add operation", - certs->ops->name); - return EINVAL; - } - return (*certs->ops->addkey)(context, certs, certs->ops_data, key); -} - - -void -_hx509_certs_keys_free(hx509_context context, - hx509_private_key *keys) -{ - int i; - for (i = 0; keys[i]; i++) - _hx509_private_key_free(&keys[i]); - free(keys); -} diff --git a/crypto/heimdal/lib/hx509/ks_dir.c b/crypto/heimdal/lib/hx509/ks_dir.c deleted file mode 100644 index a0bc875e5b8c..000000000000 --- a/crypto/heimdal/lib/hx509/ks_dir.c +++ /dev/null @@ -1,223 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -RCSID("$Id: ks_dir.c 19778 2007-01-09 10:52:13Z lha $"); -#include - -/* - * The DIR keyset module is strange compared to the other modules - * since it does lazy evaluation and really doesn't keep any local - * state except for the directory iteration and cert iteration of - * files. DIR ignores most errors so that the consumer doesn't get - * failes for stray files in directories. - */ - -struct dircursor { - DIR *dir; - hx509_certs certs; - void *iter; -}; - -/* - * - */ - -static int -dir_init(hx509_context context, - hx509_certs certs, void **data, int flags, - const char *residue, hx509_lock lock) -{ - *data = NULL; - - { - struct stat sb; - int ret; - - ret = stat(residue, &sb); - if (ret == -1) { - hx509_set_error_string(context, 0, ENOENT, - "No such file %s", residue); - return ENOENT; - } - - if ((sb.st_mode & S_IFDIR) == 0) { - hx509_set_error_string(context, 0, ENOTDIR, - "%s is not a directory", residue); - return ENOTDIR; - } - } - - *data = strdup(residue); - if (*data == NULL) { - hx509_clear_error_string(context); - return ENOMEM; - } - - return 0; -} - -static int -dir_free(hx509_certs certs, void *data) -{ - free(data); - return 0; -} - - - -static int -dir_iter_start(hx509_context context, - hx509_certs certs, void *data, void **cursor) -{ - struct dircursor *d; - - *cursor = NULL; - - d = calloc(1, sizeof(*d)); - if (d == NULL) { - hx509_clear_error_string(context); - return ENOMEM; - } - - d->dir = opendir(data); - if (d->dir == NULL) { - hx509_clear_error_string(context); - free(d); - return errno; - } - d->certs = NULL; - d->iter = NULL; - - *cursor = d; - return 0; -} - -static int -dir_iter(hx509_context context, - hx509_certs certs, void *data, void *iter, hx509_cert *cert) -{ - struct dircursor *d = iter; - int ret = 0; - - *cert = NULL; - - do { - struct dirent *dir; - char *fn; - - if (d->certs) { - ret = hx509_certs_next_cert(context, d->certs, d->iter, cert); - if (ret) { - hx509_certs_end_seq(context, d->certs, d->iter); - d->iter = NULL; - hx509_certs_free(&d->certs); - return ret; - } - if (*cert) { - ret = 0; - break; - } - hx509_certs_end_seq(context, d->certs, d->iter); - d->iter = NULL; - hx509_certs_free(&d->certs); - } - - dir = readdir(d->dir); - if (dir == NULL) { - ret = 0; - break; - } - if (strcmp(dir->d_name, ".") == 0 || strcmp(dir->d_name, "..") == 0) - continue; - - if (asprintf(&fn, "FILE:%s/%s", (char *)data, dir->d_name) == -1) - return ENOMEM; - - ret = hx509_certs_init(context, fn, 0, NULL, &d->certs); - if (ret == 0) { - - ret = hx509_certs_start_seq(context, d->certs, &d->iter); - if (ret) - hx509_certs_free(&d->certs); - } - /* ignore errors */ - if (ret) { - d->certs = NULL; - ret = 0; - } - - free(fn); - } while(ret == 0); - - return ret; -} - - -static int -dir_iter_end(hx509_context context, - hx509_certs certs, - void *data, - void *cursor) -{ - struct dircursor *d = cursor; - - if (d->certs) { - hx509_certs_end_seq(context, d->certs, d->iter); - d->iter = NULL; - hx509_certs_free(&d->certs); - } - closedir(d->dir); - free(d); - return 0; -} - - -static struct hx509_keyset_ops keyset_dir = { - "DIR", - 0, - dir_init, - NULL, - dir_free, - NULL, - NULL, - dir_iter_start, - dir_iter, - dir_iter_end -}; - -void -_hx509_ks_dir_register(hx509_context context) -{ - _hx509_ks_register(context, &keyset_dir); -} diff --git a/crypto/heimdal/lib/hx509/ks_file.c b/crypto/heimdal/lib/hx509/ks_file.c deleted file mode 100644 index 87b97af401c5..000000000000 --- a/crypto/heimdal/lib/hx509/ks_file.c +++ /dev/null @@ -1,643 +0,0 @@ -/* - * Copyright (c) 2005 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -RCSID("$Id: ks_file.c 22465 2008-01-16 14:25:24Z lha $"); - -typedef enum { USE_PEM, USE_DER } outformat; - -struct ks_file { - hx509_certs certs; - char *fn; - outformat format; -}; - -/* - * - */ - -static int -parse_certificate(hx509_context context, const char *fn, - struct hx509_collector *c, - const hx509_pem_header *headers, - const void *data, size_t len) -{ - hx509_cert cert; - int ret; - - ret = hx509_cert_init_data(context, data, len, &cert); - if (ret) - return ret; - - ret = _hx509_collector_certs_add(context, c, cert); - hx509_cert_free(cert); - return ret; -} - -static int -try_decrypt(hx509_context context, - struct hx509_collector *collector, - const AlgorithmIdentifier *alg, - const EVP_CIPHER *c, - const void *ivdata, - const void *password, - size_t passwordlen, - const void *cipher, - size_t len) -{ - heim_octet_string clear; - size_t keylen; - void *key; - int ret; - - keylen = EVP_CIPHER_key_length(c); - - key = malloc(keylen); - if (key == NULL) { - hx509_clear_error_string(context); - return ENOMEM; - } - - ret = EVP_BytesToKey(c, EVP_md5(), ivdata, - password, passwordlen, - 1, key, NULL); - if (ret <= 0) { - hx509_set_error_string(context, 0, HX509_CRYPTO_INTERNAL_ERROR, - "Failed to do string2key for private key"); - return HX509_CRYPTO_INTERNAL_ERROR; - } - - clear.data = malloc(len); - if (clear.data == NULL) { - hx509_set_error_string(context, 0, ENOMEM, - "Out of memory to decrypt for private key"); - ret = ENOMEM; - goto out; - } - clear.length = len; - - { - EVP_CIPHER_CTX ctx; - EVP_CIPHER_CTX_init(&ctx); - EVP_CipherInit_ex(&ctx, c, NULL, key, ivdata, 0); - EVP_Cipher(&ctx, clear.data, cipher, len); - EVP_CIPHER_CTX_cleanup(&ctx); - } - - ret = _hx509_collector_private_key_add(context, - collector, - alg, - NULL, - &clear, - NULL); - - memset(clear.data, 0, clear.length); - free(clear.data); -out: - memset(key, 0, keylen); - free(key); - return ret; -} - -static int -parse_rsa_private_key(hx509_context context, const char *fn, - struct hx509_collector *c, - const hx509_pem_header *headers, - const void *data, size_t len) -{ - int ret = 0; - const char *enc; - - enc = hx509_pem_find_header(headers, "Proc-Type"); - if (enc) { - const char *dek; - char *type, *iv; - ssize_t ssize, size; - void *ivdata; - const EVP_CIPHER *cipher; - const struct _hx509_password *pw; - hx509_lock lock; - int i, decrypted = 0; - - lock = _hx509_collector_get_lock(c); - if (lock == NULL) { - hx509_set_error_string(context, 0, HX509_ALG_NOT_SUPP, - "Failed to get password for " - "password protected file %s", fn); - return HX509_ALG_NOT_SUPP; - } - - if (strcmp(enc, "4,ENCRYPTED") != 0) { - hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, - "RSA key encrypted in unknown method %s " - "in file", - enc, fn); - hx509_clear_error_string(context); - return HX509_PARSING_KEY_FAILED; - } - - dek = hx509_pem_find_header(headers, "DEK-Info"); - if (dek == NULL) { - hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, - "Encrypted RSA missing DEK-Info"); - return HX509_PARSING_KEY_FAILED; - } - - type = strdup(dek); - if (type == NULL) { - hx509_clear_error_string(context); - return ENOMEM; - } - - iv = strchr(type, ','); - if (iv == NULL) { - free(type); - hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, - "IV missing"); - return HX509_PARSING_KEY_FAILED; - } - - *iv++ = '\0'; - - size = strlen(iv); - ivdata = malloc(size); - if (ivdata == NULL) { - hx509_clear_error_string(context); - free(type); - return ENOMEM; - } - - cipher = EVP_get_cipherbyname(type); - if (cipher == NULL) { - free(ivdata); - hx509_set_error_string(context, 0, HX509_ALG_NOT_SUPP, - "RSA key encrypted with " - "unsupported cipher: %s", - type); - free(type); - return HX509_ALG_NOT_SUPP; - } - -#define PKCS5_SALT_LEN 8 - - ssize = hex_decode(iv, ivdata, size); - free(type); - type = NULL; - iv = NULL; - - if (ssize < 0 || ssize < PKCS5_SALT_LEN || ssize < EVP_CIPHER_iv_length(cipher)) { - free(ivdata); - hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, - "Salt have wrong length in RSA key file"); - return HX509_PARSING_KEY_FAILED; - } - - pw = _hx509_lock_get_passwords(lock); - if (pw != NULL) { - const void *password; - size_t passwordlen; - - for (i = 0; i < pw->len; i++) { - password = pw->val[i]; - passwordlen = strlen(password); - - ret = try_decrypt(context, c, hx509_signature_rsa(), - cipher, ivdata, password, passwordlen, - data, len); - if (ret == 0) { - decrypted = 1; - break; - } - } - } - if (!decrypted) { - hx509_prompt prompt; - char password[128]; - - memset(&prompt, 0, sizeof(prompt)); - - prompt.prompt = "Password for keyfile: "; - prompt.type = HX509_PROMPT_TYPE_PASSWORD; - prompt.reply.data = password; - prompt.reply.length = sizeof(password); - - ret = hx509_lock_prompt(lock, &prompt); - if (ret == 0) - ret = try_decrypt(context, c, hx509_signature_rsa(), - cipher, ivdata, password, strlen(password), - data, len); - /* XXX add password to lock password collection ? */ - memset(password, 0, sizeof(password)); - } - free(ivdata); - - } else { - heim_octet_string keydata; - - keydata.data = rk_UNCONST(data); - keydata.length = len; - - ret = _hx509_collector_private_key_add(context, - c, - hx509_signature_rsa(), - NULL, - &keydata, - NULL); - } - - return ret; -} - - -struct pem_formats { - const char *name; - int (*func)(hx509_context, const char *, struct hx509_collector *, - const hx509_pem_header *, const void *, size_t); -} formats[] = { - { "CERTIFICATE", parse_certificate }, - { "RSA PRIVATE KEY", parse_rsa_private_key } -}; - - -struct pem_ctx { - int flags; - struct hx509_collector *c; -}; - -static int -pem_func(hx509_context context, const char *type, - const hx509_pem_header *header, - const void *data, size_t len, void *ctx) -{ - struct pem_ctx *pem_ctx = (struct pem_ctx*)ctx; - int ret = 0, j; - - for (j = 0; j < sizeof(formats)/sizeof(formats[0]); j++) { - const char *q = formats[j].name; - if (strcasecmp(type, q) == 0) { - ret = (*formats[j].func)(context, NULL, pem_ctx->c, header, data, len); - if (ret == 0) - break; - } - } - if (j == sizeof(formats)/sizeof(formats[0])) { - ret = HX509_UNSUPPORTED_OPERATION; - hx509_set_error_string(context, 0, ret, - "Found no matching PEM format for %s", type); - return ret; - } - if (ret && (pem_ctx->flags & HX509_CERTS_UNPROTECT_ALL)) - return ret; - return 0; -} - -/* - * - */ - -static int -file_init_common(hx509_context context, - hx509_certs certs, void **data, int flags, - const char *residue, hx509_lock lock, outformat format) -{ - char *p, *pnext; - struct ks_file *f = NULL; - hx509_private_key *keys = NULL; - int ret; - struct pem_ctx pem_ctx; - - pem_ctx.flags = flags; - pem_ctx.c = NULL; - - *data = NULL; - - if (lock == NULL) - lock = _hx509_empty_lock; - - f = calloc(1, sizeof(*f)); - if (f == NULL) { - hx509_clear_error_string(context); - return ENOMEM; - } - f->format = format; - - f->fn = strdup(residue); - if (f->fn == NULL) { - hx509_clear_error_string(context); - ret = ENOMEM; - goto out; - } - - /* - * XXX this is broken, the function should parse the file before - * overwriting it - */ - - if (flags & HX509_CERTS_CREATE) { - ret = hx509_certs_init(context, "MEMORY:ks-file-create", - 0, lock, &f->certs); - if (ret) - goto out; - *data = f; - return 0; - } - - ret = _hx509_collector_alloc(context, lock, &pem_ctx.c); - if (ret) - goto out; - - for (p = f->fn; p != NULL; p = pnext) { - FILE *f; - - pnext = strchr(p, ','); - if (pnext) - *pnext++ = '\0'; - - - if ((f = fopen(p, "r")) == NULL) { - ret = ENOENT; - hx509_set_error_string(context, 0, ret, - "Failed to open PEM file \"%s\": %s", - p, strerror(errno)); - goto out; - } - - ret = hx509_pem_read(context, f, pem_func, &pem_ctx); - fclose(f); - if (ret != 0 && ret != HX509_PARSING_KEY_FAILED) - goto out; - else if (ret == HX509_PARSING_KEY_FAILED) { - size_t length; - void *ptr; - int i; - - ret = _hx509_map_file(p, &ptr, &length, NULL); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - - for (i = 0; i < sizeof(formats)/sizeof(formats[0]); i++) { - ret = (*formats[i].func)(context, p, pem_ctx.c, NULL, ptr, length); - if (ret == 0) - break; - } - _hx509_unmap_file(ptr, length); - if (ret) - goto out; - } - } - - ret = _hx509_collector_collect_certs(context, pem_ctx.c, &f->certs); - if (ret) - goto out; - - ret = _hx509_collector_collect_private_keys(context, pem_ctx.c, &keys); - if (ret == 0) { - int i; - - for (i = 0; keys[i]; i++) - _hx509_certs_keys_add(context, f->certs, keys[i]); - _hx509_certs_keys_free(context, keys); - } - -out: - if (ret == 0) - *data = f; - else { - if (f->fn) - free(f->fn); - free(f); - } - if (pem_ctx.c) - _hx509_collector_free(pem_ctx.c); - - return ret; -} - -static int -file_init_pem(hx509_context context, - hx509_certs certs, void **data, int flags, - const char *residue, hx509_lock lock) -{ - return file_init_common(context, certs, data, flags, residue, lock, USE_PEM); -} - -static int -file_init_der(hx509_context context, - hx509_certs certs, void **data, int flags, - const char *residue, hx509_lock lock) -{ - return file_init_common(context, certs, data, flags, residue, lock, USE_DER); -} - -static int -file_free(hx509_certs certs, void *data) -{ - struct ks_file *f = data; - hx509_certs_free(&f->certs); - free(f->fn); - free(f); - return 0; -} - -struct store_ctx { - FILE *f; - outformat format; -}; - -static int -store_func(hx509_context context, void *ctx, hx509_cert c) -{ - struct store_ctx *sc = ctx; - heim_octet_string data; - int ret; - - ret = hx509_cert_binary(context, c, &data); - if (ret) - return ret; - - switch (sc->format) { - case USE_DER: - fwrite(data.data, data.length, 1, sc->f); - free(data.data); - break; - case USE_PEM: - hx509_pem_write(context, "CERTIFICATE", NULL, sc->f, - data.data, data.length); - free(data.data); - if (_hx509_cert_private_key_exportable(c)) { - hx509_private_key key = _hx509_cert_private_key(c); - ret = _hx509_private_key_export(context, key, &data); - if (ret) - break; - hx509_pem_write(context, _hx509_private_pem_name(key), NULL, sc->f, - data.data, data.length); - free(data.data); - } - break; - } - - return 0; -} - -static int -file_store(hx509_context context, - hx509_certs certs, void *data, int flags, hx509_lock lock) -{ - struct ks_file *f = data; - struct store_ctx sc; - int ret; - - sc.f = fopen(f->fn, "w"); - if (sc.f == NULL) { - hx509_set_error_string(context, 0, ENOENT, - "Failed to open file %s for writing"); - return ENOENT; - } - sc.format = f->format; - - ret = hx509_certs_iter(context, f->certs, store_func, &sc); - fclose(sc.f); - return ret; -} - -static int -file_add(hx509_context context, hx509_certs certs, void *data, hx509_cert c) -{ - struct ks_file *f = data; - return hx509_certs_add(context, f->certs, c); -} - -static int -file_iter_start(hx509_context context, - hx509_certs certs, void *data, void **cursor) -{ - struct ks_file *f = data; - return hx509_certs_start_seq(context, f->certs, cursor); -} - -static int -file_iter(hx509_context context, - hx509_certs certs, void *data, void *iter, hx509_cert *cert) -{ - struct ks_file *f = data; - return hx509_certs_next_cert(context, f->certs, iter, cert); -} - -static int -file_iter_end(hx509_context context, - hx509_certs certs, - void *data, - void *cursor) -{ - struct ks_file *f = data; - return hx509_certs_end_seq(context, f->certs, cursor); -} - -static int -file_getkeys(hx509_context context, - hx509_certs certs, - void *data, - hx509_private_key **keys) -{ - struct ks_file *f = data; - return _hx509_certs_keys_get(context, f->certs, keys); -} - -static int -file_addkey(hx509_context context, - hx509_certs certs, - void *data, - hx509_private_key key) -{ - struct ks_file *f = data; - return _hx509_certs_keys_add(context, f->certs, key); -} - -static struct hx509_keyset_ops keyset_file = { - "FILE", - 0, - file_init_pem, - file_store, - file_free, - file_add, - NULL, - file_iter_start, - file_iter, - file_iter_end, - NULL, - file_getkeys, - file_addkey -}; - -static struct hx509_keyset_ops keyset_pemfile = { - "PEM-FILE", - 0, - file_init_pem, - file_store, - file_free, - file_add, - NULL, - file_iter_start, - file_iter, - file_iter_end, - NULL, - file_getkeys, - file_addkey -}; - -static struct hx509_keyset_ops keyset_derfile = { - "DER-FILE", - 0, - file_init_der, - file_store, - file_free, - file_add, - NULL, - file_iter_start, - file_iter, - file_iter_end, - NULL, - file_getkeys, - file_addkey -}; - - -void -_hx509_ks_file_register(hx509_context context) -{ - _hx509_ks_register(context, &keyset_file); - _hx509_ks_register(context, &keyset_pemfile); - _hx509_ks_register(context, &keyset_derfile); -} diff --git a/crypto/heimdal/lib/hx509/ks_keychain.c b/crypto/heimdal/lib/hx509/ks_keychain.c deleted file mode 100644 index f8181975d9d5..000000000000 --- a/crypto/heimdal/lib/hx509/ks_keychain.c +++ /dev/null @@ -1,548 +0,0 @@ -/* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -RCSID("$Id: ks_keychain.c 22084 2007-11-16 20:12:30Z lha $"); - -#ifdef HAVE_FRAMEWORK_SECURITY - -#include - -/* Missing function decls in pre Leopard */ -#ifdef NEED_SECKEYGETCSPHANDLE_PROTO -OSStatus SecKeyGetCSPHandle(SecKeyRef, CSSM_CSP_HANDLE *); -OSStatus SecKeyGetCredentials(SecKeyRef, CSSM_ACL_AUTHORIZATION_TAG, - int, const CSSM_ACCESS_CREDENTIALS **); -#define kSecCredentialTypeDefault 0 -#endif - - -static int -getAttribute(SecKeychainItemRef itemRef, SecItemAttr item, - SecKeychainAttributeList **attrs) -{ - SecKeychainAttributeInfo attrInfo; - UInt32 attrFormat = 0; - OSStatus ret; - - *attrs = NULL; - - attrInfo.count = 1; - attrInfo.tag = &item; - attrInfo.format = &attrFormat; - - ret = SecKeychainItemCopyAttributesAndData(itemRef, &attrInfo, NULL, - attrs, NULL, NULL); - if (ret) - return EINVAL; - return 0; -} - - -/* - * - */ - -struct kc_rsa { - SecKeychainItemRef item; - size_t keysize; -}; - - -static int -kc_rsa_public_encrypt(int flen, - const unsigned char *from, - unsigned char *to, - RSA *rsa, - int padding) -{ - return -1; -} - -static int -kc_rsa_public_decrypt(int flen, - const unsigned char *from, - unsigned char *to, - RSA *rsa, - int padding) -{ - return -1; -} - - -static int -kc_rsa_private_encrypt(int flen, - const unsigned char *from, - unsigned char *to, - RSA *rsa, - int padding) -{ - struct kc_rsa *kc = RSA_get_app_data(rsa); - - CSSM_RETURN cret; - OSStatus ret; - const CSSM_ACCESS_CREDENTIALS *creds; - SecKeyRef privKeyRef = (SecKeyRef)kc->item; - CSSM_CSP_HANDLE cspHandle; - const CSSM_KEY *cssmKey; - CSSM_CC_HANDLE sigHandle = 0; - CSSM_DATA sig, in; - int fret = 0; - - - cret = SecKeyGetCSSMKey(privKeyRef, &cssmKey); - if(cret) abort(); - - cret = SecKeyGetCSPHandle(privKeyRef, &cspHandle); - if(cret) abort(); - - ret = SecKeyGetCredentials(privKeyRef, CSSM_ACL_AUTHORIZATION_SIGN, - kSecCredentialTypeDefault, &creds); - if(ret) abort(); - - ret = CSSM_CSP_CreateSignatureContext(cspHandle, CSSM_ALGID_RSA, - creds, cssmKey, &sigHandle); - if(ret) abort(); - - in.Data = (uint8 *)from; - in.Length = flen; - - sig.Data = (uint8 *)to; - sig.Length = kc->keysize; - - cret = CSSM_SignData(sigHandle, &in, 1, CSSM_ALGID_NONE, &sig); - if(cret) { - /* cssmErrorString(cret); */ - fret = -1; - } else - fret = sig.Length; - - if(sigHandle) - CSSM_DeleteContext(sigHandle); - - return fret; -} - -static int -kc_rsa_private_decrypt(int flen, const unsigned char *from, unsigned char *to, - RSA * rsa, int padding) -{ - return -1; -} - -static int -kc_rsa_init(RSA *rsa) -{ - return 1; -} - -static int -kc_rsa_finish(RSA *rsa) -{ - struct kc_rsa *kc_rsa = RSA_get_app_data(rsa); - CFRelease(kc_rsa->item); - memset(kc_rsa, 0, sizeof(*kc_rsa)); - free(kc_rsa); - return 1; -} - -static const RSA_METHOD kc_rsa_pkcs1_method = { - "hx509 Keychain PKCS#1 RSA", - kc_rsa_public_encrypt, - kc_rsa_public_decrypt, - kc_rsa_private_encrypt, - kc_rsa_private_decrypt, - NULL, - NULL, - kc_rsa_init, - kc_rsa_finish, - 0, - NULL, - NULL, - NULL -}; - -static int -set_private_key(hx509_context context, - SecKeychainItemRef itemRef, - hx509_cert cert) -{ - struct kc_rsa *kc; - hx509_private_key key; - RSA *rsa; - int ret; - - ret = _hx509_private_key_init(&key, NULL, NULL); - if (ret) - return ret; - - kc = calloc(1, sizeof(*kc)); - if (kc == NULL) - _hx509_abort("out of memory"); - - kc->item = itemRef; - - rsa = RSA_new(); - if (rsa == NULL) - _hx509_abort("out of memory"); - - /* Argh, fake modulus since OpenSSL API is on crack */ - { - SecKeychainAttributeList *attrs = NULL; - uint32_t size; - void *data; - - rsa->n = BN_new(); - if (rsa->n == NULL) abort(); - - ret = getAttribute(itemRef, kSecKeyKeySizeInBits, &attrs); - if (ret) abort(); - - size = *(uint32_t *)attrs->attr[0].data; - SecKeychainItemFreeAttributesAndData(attrs, NULL); - - kc->keysize = (size + 7) / 8; - - data = malloc(kc->keysize); - memset(data, 0xe0, kc->keysize); - BN_bin2bn(data, kc->keysize, rsa->n); - free(data); - } - rsa->e = NULL; - - RSA_set_method(rsa, &kc_rsa_pkcs1_method); - ret = RSA_set_app_data(rsa, kc); - if (ret != 1) - _hx509_abort("RSA_set_app_data"); - - _hx509_private_key_assign_rsa(key, rsa); - _hx509_cert_assign_key(cert, key); - - return 0; -} - -/* - * - */ - -struct ks_keychain { - int anchors; - SecKeychainRef keychain; -}; - -static int -keychain_init(hx509_context context, - hx509_certs certs, void **data, int flags, - const char *residue, hx509_lock lock) -{ - struct ks_keychain *ctx; - - ctx = calloc(1, sizeof(*ctx)); - if (ctx == NULL) { - hx509_clear_error_string(context); - return ENOMEM; - } - - if (residue) { - if (strcasecmp(residue, "system-anchors") == 0) { - ctx->anchors = 1; - } else if (strncasecmp(residue, "FILE:", 5) == 0) { - OSStatus ret; - - ret = SecKeychainOpen(residue + 5, &ctx->keychain); - if (ret != noErr) { - hx509_set_error_string(context, 0, ENOENT, - "Failed to open %s", residue); - return ENOENT; - } - } else { - hx509_set_error_string(context, 0, ENOENT, - "Unknown subtype %s", residue); - return ENOENT; - } - } - - *data = ctx; - return 0; -} - -/* - * - */ - -static int -keychain_free(hx509_certs certs, void *data) -{ - struct ks_keychain *ctx = data; - if (ctx->keychain) - CFRelease(ctx->keychain); - memset(ctx, 0, sizeof(*ctx)); - free(ctx); - return 0; -} - -/* - * - */ - -struct iter { - hx509_certs certs; - void *cursor; - SecKeychainSearchRef searchRef; -}; - -static int -keychain_iter_start(hx509_context context, - hx509_certs certs, void *data, void **cursor) -{ - struct ks_keychain *ctx = data; - struct iter *iter; - - iter = calloc(1, sizeof(*iter)); - if (iter == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - - if (ctx->anchors) { - CFArrayRef anchors; - int ret; - int i; - - ret = hx509_certs_init(context, "MEMORY:ks-file-create", - 0, NULL, &iter->certs); - if (ret) { - free(iter); - return ret; - } - - ret = SecTrustCopyAnchorCertificates(&anchors); - if (ret != 0) { - hx509_certs_free(&iter->certs); - free(iter); - hx509_set_error_string(context, 0, ENOMEM, - "Can't get trust anchors from Keychain"); - return ENOMEM; - } - for (i = 0; i < CFArrayGetCount(anchors); i++) { - SecCertificateRef cr; - hx509_cert cert; - CSSM_DATA cssm; - - cr = (SecCertificateRef)CFArrayGetValueAtIndex(anchors, i); - - SecCertificateGetData(cr, &cssm); - - ret = hx509_cert_init_data(context, cssm.Data, cssm.Length, &cert); - if (ret) - continue; - - ret = hx509_certs_add(context, iter->certs, cert); - hx509_cert_free(cert); - } - CFRelease(anchors); - } - - if (iter->certs) { - int ret; - ret = hx509_certs_start_seq(context, iter->certs, &iter->cursor); - if (ret) { - hx509_certs_free(&iter->certs); - free(iter); - return ret; - } - } else { - OSStatus ret; - - ret = SecKeychainSearchCreateFromAttributes(ctx->keychain, - kSecCertificateItemClass, - NULL, - &iter->searchRef); - if (ret) { - free(iter); - hx509_set_error_string(context, 0, ret, - "Failed to start search for attributes"); - return ENOMEM; - } - } - - *cursor = iter; - return 0; -} - -/* - * - */ - -static int -keychain_iter(hx509_context context, - hx509_certs certs, void *data, void *cursor, hx509_cert *cert) -{ - SecKeychainAttributeList *attrs = NULL; - SecKeychainAttributeInfo attrInfo; - UInt32 attrFormat[1] = { 0 }; - SecKeychainItemRef itemRef; - SecItemAttr item[1]; - struct iter *iter = cursor; - OSStatus ret; - UInt32 len; - void *ptr = NULL; - - if (iter->certs) - return hx509_certs_next_cert(context, iter->certs, iter->cursor, cert); - - *cert = NULL; - - ret = SecKeychainSearchCopyNext(iter->searchRef, &itemRef); - if (ret == errSecItemNotFound) - return 0; - else if (ret != 0) - return EINVAL; - - /* - * Pick out certificate and matching "keyid" - */ - - item[0] = kSecPublicKeyHashItemAttr; - - attrInfo.count = 1; - attrInfo.tag = item; - attrInfo.format = attrFormat; - - ret = SecKeychainItemCopyAttributesAndData(itemRef, &attrInfo, NULL, - &attrs, &len, &ptr); - if (ret) - return EINVAL; - - ret = hx509_cert_init_data(context, ptr, len, cert); - if (ret) - goto out; - - /* - * Find related private key if there is one by looking at - * kSecPublicKeyHashItemAttr == kSecKeyLabel - */ - { - SecKeychainSearchRef search; - SecKeychainAttribute attrKeyid; - SecKeychainAttributeList attrList; - - attrKeyid.tag = kSecKeyLabel; - attrKeyid.length = attrs->attr[0].length; - attrKeyid.data = attrs->attr[0].data; - - attrList.count = 1; - attrList.attr = &attrKeyid; - - ret = SecKeychainSearchCreateFromAttributes(NULL, - CSSM_DL_DB_RECORD_PRIVATE_KEY, - &attrList, - &search); - if (ret) { - ret = 0; - goto out; - } - - ret = SecKeychainSearchCopyNext(search, &itemRef); - CFRelease(search); - if (ret == errSecItemNotFound) { - ret = 0; - goto out; - } else if (ret) { - ret = EINVAL; - goto out; - } - set_private_key(context, itemRef, *cert); - } - -out: - SecKeychainItemFreeAttributesAndData(attrs, ptr); - - return ret; -} - -/* - * - */ - -static int -keychain_iter_end(hx509_context context, - hx509_certs certs, - void *data, - void *cursor) -{ - struct iter *iter = cursor; - - if (iter->certs) { - int ret; - ret = hx509_certs_end_seq(context, iter->certs, iter->cursor); - hx509_certs_free(&iter->certs); - } else { - CFRelease(iter->searchRef); - } - - memset(iter, 0, sizeof(*iter)); - free(iter); - return 0; -} - -/* - * - */ - -struct hx509_keyset_ops keyset_keychain = { - "KEYCHAIN", - 0, - keychain_init, - NULL, - keychain_free, - NULL, - NULL, - keychain_iter_start, - keychain_iter, - keychain_iter_end -}; - -#endif /* HAVE_FRAMEWORK_SECURITY */ - -/* - * - */ - -void -_hx509_ks_keychain_register(hx509_context context) -{ -#ifdef HAVE_FRAMEWORK_SECURITY - _hx509_ks_register(context, &keyset_keychain); -#endif -} diff --git a/crypto/heimdal/lib/hx509/ks_mem.c b/crypto/heimdal/lib/hx509/ks_mem.c deleted file mode 100644 index efa19eb19c54..000000000000 --- a/crypto/heimdal/lib/hx509/ks_mem.c +++ /dev/null @@ -1,224 +0,0 @@ -/* - * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -RCSID("Id$"); - -/* - * Should use two hash/tree certificates intead of a array. Criteria - * should be subject and subjectKeyIdentifier since those two are - * commonly seached on in CMS and path building. - */ - -struct mem_data { - char *name; - struct { - unsigned long len; - hx509_cert *val; - } certs; - hx509_private_key *keys; -}; - -static int -mem_init(hx509_context context, - hx509_certs certs, void **data, int flags, - const char *residue, hx509_lock lock) -{ - struct mem_data *mem; - mem = calloc(1, sizeof(*mem)); - if (mem == NULL) - return ENOMEM; - if (residue == NULL || residue[0] == '\0') - residue = "anonymous"; - mem->name = strdup(residue); - if (mem->name == NULL) { - free(mem); - return ENOMEM; - } - *data = mem; - return 0; -} - -static int -mem_free(hx509_certs certs, void *data) -{ - struct mem_data *mem = data; - unsigned long i; - - for (i = 0; i < mem->certs.len; i++) - hx509_cert_free(mem->certs.val[i]); - free(mem->certs.val); - for (i = 0; mem->keys && mem->keys[i]; i++) - _hx509_private_key_free(&mem->keys[i]); - free(mem->keys); - free(mem->name); - free(mem); - - return 0; -} - -static int -mem_add(hx509_context context, hx509_certs certs, void *data, hx509_cert c) -{ - struct mem_data *mem = data; - hx509_cert *val; - - val = realloc(mem->certs.val, - (mem->certs.len + 1) * sizeof(mem->certs.val[0])); - if (val == NULL) - return ENOMEM; - - mem->certs.val = val; - mem->certs.val[mem->certs.len] = hx509_cert_ref(c); - mem->certs.len++; - - return 0; -} - -static int -mem_iter_start(hx509_context context, - hx509_certs certs, - void *data, - void **cursor) -{ - unsigned long *iter = malloc(sizeof(*iter)); - - if (iter == NULL) - return ENOMEM; - - *iter = 0; - *cursor = iter; - - return 0; -} - -static int -mem_iter(hx509_context contexst, - hx509_certs certs, - void *data, - void *cursor, - hx509_cert *cert) -{ - unsigned long *iter = cursor; - struct mem_data *mem = data; - - if (*iter >= mem->certs.len) { - *cert = NULL; - return 0; - } - - *cert = hx509_cert_ref(mem->certs.val[*iter]); - (*iter)++; - return 0; -} - -static int -mem_iter_end(hx509_context context, - hx509_certs certs, - void *data, - void *cursor) -{ - free(cursor); - return 0; -} - -static int -mem_getkeys(hx509_context context, - hx509_certs certs, - void *data, - hx509_private_key **keys) -{ - struct mem_data *mem = data; - int i; - - for (i = 0; mem->keys && mem->keys[i]; i++) - ; - *keys = calloc(i + 1, sizeof(**keys)); - for (i = 0; mem->keys && mem->keys[i]; i++) { - (*keys)[i] = _hx509_private_key_ref(mem->keys[i]); - if ((*keys)[i] == NULL) { - while (--i >= 0) - _hx509_private_key_free(&(*keys)[i]); - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - } - (*keys)[i] = NULL; - return 0; -} - -static int -mem_addkey(hx509_context context, - hx509_certs certs, - void *data, - hx509_private_key key) -{ - struct mem_data *mem = data; - void *ptr; - int i; - - for (i = 0; mem->keys && mem->keys[i]; i++) - ; - ptr = realloc(mem->keys, (i + 2) * sizeof(*mem->keys)); - if (ptr == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - mem->keys = ptr; - mem->keys[i++] = _hx509_private_key_ref(key); - mem->keys[i++] = NULL; - return 0; -} - - -static struct hx509_keyset_ops keyset_mem = { - "MEMORY", - 0, - mem_init, - NULL, - mem_free, - mem_add, - NULL, - mem_iter_start, - mem_iter, - mem_iter_end, - NULL, - mem_getkeys, - mem_addkey -}; - -void -_hx509_ks_mem_register(hx509_context context) -{ - _hx509_ks_register(context, &keyset_mem); -} diff --git a/crypto/heimdal/lib/hx509/ks_null.c b/crypto/heimdal/lib/hx509/ks_null.c deleted file mode 100644 index 3be259fc6052..000000000000 --- a/crypto/heimdal/lib/hx509/ks_null.c +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -RCSID("$Id: ks_null.c 20901 2007-06-04 23:14:08Z lha $"); - - -static int -null_init(hx509_context context, - hx509_certs certs, void **data, int flags, - const char *residue, hx509_lock lock) -{ - *data = NULL; - return 0; -} - -static int -null_free(hx509_certs certs, void *data) -{ - assert(data == NULL); - return 0; -} - -static int -null_iter_start(hx509_context context, - hx509_certs certs, void *data, void **cursor) -{ - *cursor = NULL; - return 0; -} - -static int -null_iter(hx509_context context, - hx509_certs certs, void *data, void *iter, hx509_cert *cert) -{ - *cert = NULL; - return ENOENT; -} - -static int -null_iter_end(hx509_context context, - hx509_certs certs, - void *data, - void *cursor) -{ - assert(cursor == NULL); - return 0; -} - - -struct hx509_keyset_ops keyset_null = { - "NULL", - 0, - null_init, - NULL, - null_free, - NULL, - NULL, - null_iter_start, - null_iter, - null_iter_end -}; - -void -_hx509_ks_null_register(hx509_context context) -{ - _hx509_ks_register(context, &keyset_null); -} diff --git a/crypto/heimdal/lib/hx509/ks_p11.c b/crypto/heimdal/lib/hx509/ks_p11.c deleted file mode 100644 index 0d7c312c7241..000000000000 --- a/crypto/heimdal/lib/hx509/ks_p11.c +++ /dev/null @@ -1,1192 +0,0 @@ -/* - * Copyright (c) 2004 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -RCSID("$Id: ks_p11.c 22071 2007-11-14 20:04:50Z lha $"); -#ifdef HAVE_DLFCN_H -#include -#endif - -#ifdef HAVE_DLOPEN - -#include "pkcs11.h" - -struct p11_slot { - int flags; -#define P11_SESSION 1 -#define P11_SESSION_IN_USE 2 -#define P11_LOGIN_REQ 4 -#define P11_LOGIN_DONE 8 -#define P11_TOKEN_PRESENT 16 - CK_SESSION_HANDLE session; - CK_SLOT_ID id; - CK_BBOOL token; - char *name; - hx509_certs certs; - char *pin; - struct { - CK_MECHANISM_TYPE_PTR list; - CK_ULONG num; - CK_MECHANISM_INFO_PTR *infos; - } mechs; -}; - -struct p11_module { - void *dl_handle; - CK_FUNCTION_LIST_PTR funcs; - CK_ULONG num_slots; - unsigned int refcount; - struct p11_slot *slot; -}; - -#define P11FUNC(module,f,args) (*(module)->funcs->C_##f)args - -static int p11_get_session(hx509_context, - struct p11_module *, - struct p11_slot *, - hx509_lock, - CK_SESSION_HANDLE *); -static int p11_put_session(struct p11_module *, - struct p11_slot *, - CK_SESSION_HANDLE); -static void p11_release_module(struct p11_module *); - -static int p11_list_keys(hx509_context, - struct p11_module *, - struct p11_slot *, - CK_SESSION_HANDLE, - hx509_lock, - hx509_certs *); - -/* - * - */ - -struct p11_rsa { - struct p11_module *p; - struct p11_slot *slot; - CK_OBJECT_HANDLE private_key; - CK_OBJECT_HANDLE public_key; -}; - -static int -p11_rsa_public_encrypt(int flen, - const unsigned char *from, - unsigned char *to, - RSA *rsa, - int padding) -{ - return -1; -} - -static int -p11_rsa_public_decrypt(int flen, - const unsigned char *from, - unsigned char *to, - RSA *rsa, - int padding) -{ - return -1; -} - - -static int -p11_rsa_private_encrypt(int flen, - const unsigned char *from, - unsigned char *to, - RSA *rsa, - int padding) -{ - struct p11_rsa *p11rsa = RSA_get_app_data(rsa); - CK_OBJECT_HANDLE key = p11rsa->private_key; - CK_SESSION_HANDLE session; - CK_MECHANISM mechanism; - CK_ULONG ck_sigsize; - int ret; - - if (padding != RSA_PKCS1_PADDING) - return -1; - - memset(&mechanism, 0, sizeof(mechanism)); - mechanism.mechanism = CKM_RSA_PKCS; - - ck_sigsize = RSA_size(rsa); - - ret = p11_get_session(NULL, p11rsa->p, p11rsa->slot, NULL, &session); - if (ret) - return -1; - - ret = P11FUNC(p11rsa->p, SignInit, (session, &mechanism, key)); - if (ret != CKR_OK) { - p11_put_session(p11rsa->p, p11rsa->slot, session); - return -1; - } - - ret = P11FUNC(p11rsa->p, Sign, - (session, (CK_BYTE *)from, flen, to, &ck_sigsize)); - p11_put_session(p11rsa->p, p11rsa->slot, session); - if (ret != CKR_OK) - return -1; - - return ck_sigsize; -} - -static int -p11_rsa_private_decrypt(int flen, const unsigned char *from, unsigned char *to, - RSA * rsa, int padding) -{ - struct p11_rsa *p11rsa = RSA_get_app_data(rsa); - CK_OBJECT_HANDLE key = p11rsa->private_key; - CK_SESSION_HANDLE session; - CK_MECHANISM mechanism; - CK_ULONG ck_sigsize; - int ret; - - if (padding != RSA_PKCS1_PADDING) - return -1; - - memset(&mechanism, 0, sizeof(mechanism)); - mechanism.mechanism = CKM_RSA_PKCS; - - ck_sigsize = RSA_size(rsa); - - ret = p11_get_session(NULL, p11rsa->p, p11rsa->slot, NULL, &session); - if (ret) - return -1; - - ret = P11FUNC(p11rsa->p, DecryptInit, (session, &mechanism, key)); - if (ret != CKR_OK) { - p11_put_session(p11rsa->p, p11rsa->slot, session); - return -1; - } - - ret = P11FUNC(p11rsa->p, Decrypt, - (session, (CK_BYTE *)from, flen, to, &ck_sigsize)); - p11_put_session(p11rsa->p, p11rsa->slot, session); - if (ret != CKR_OK) - return -1; - - return ck_sigsize; -} - -static int -p11_rsa_init(RSA *rsa) -{ - return 1; -} - -static int -p11_rsa_finish(RSA *rsa) -{ - struct p11_rsa *p11rsa = RSA_get_app_data(rsa); - p11_release_module(p11rsa->p); - free(p11rsa); - return 1; -} - -static const RSA_METHOD p11_rsa_pkcs1_method = { - "hx509 PKCS11 PKCS#1 RSA", - p11_rsa_public_encrypt, - p11_rsa_public_decrypt, - p11_rsa_private_encrypt, - p11_rsa_private_decrypt, - NULL, - NULL, - p11_rsa_init, - p11_rsa_finish, - 0, - NULL, - NULL, - NULL -}; - -/* - * - */ - -static int -p11_mech_info(hx509_context context, - struct p11_module *p, - struct p11_slot *slot, - int num) -{ - CK_ULONG i; - int ret; - - ret = P11FUNC(p, GetMechanismList, (slot->id, NULL_PTR, &i)); - if (ret) { - hx509_set_error_string(context, 0, HX509_PKCS11_NO_MECH, - "Failed to get mech list count for slot %d", - num); - return HX509_PKCS11_NO_MECH; - } - if (i == 0) { - hx509_set_error_string(context, 0, HX509_PKCS11_NO_MECH, - "no mech supported for slot %d", num); - return HX509_PKCS11_NO_MECH; - } - slot->mechs.list = calloc(i, sizeof(slot->mechs.list[0])); - if (slot->mechs.list == NULL) { - hx509_set_error_string(context, 0, ENOMEM, - "out of memory"); - return ENOMEM; - } - slot->mechs.num = i; - ret = P11FUNC(p, GetMechanismList, (slot->id, slot->mechs.list, &i)); - if (ret) { - hx509_set_error_string(context, 0, HX509_PKCS11_NO_MECH, - "Failed to get mech list for slot %d", - num); - return HX509_PKCS11_NO_MECH; - } - assert(i == slot->mechs.num); - - slot->mechs.infos = calloc(i, sizeof(*slot->mechs.infos)); - if (slot->mechs.list == NULL) { - hx509_set_error_string(context, 0, ENOMEM, - "out of memory"); - return ENOMEM; - } - - for (i = 0; i < slot->mechs.num; i++) { - slot->mechs.infos[i] = calloc(1, sizeof(*(slot->mechs.infos[0]))); - if (slot->mechs.infos[i] == NULL) { - hx509_set_error_string(context, 0, ENOMEM, - "out of memory"); - return ENOMEM; - } - ret = P11FUNC(p, GetMechanismInfo, (slot->id, slot->mechs.list[i], - slot->mechs.infos[i])); - if (ret) { - hx509_set_error_string(context, 0, HX509_PKCS11_NO_MECH, - "Failed to get mech info for slot %d", - num); - return HX509_PKCS11_NO_MECH; - } - } - - return 0; -} - -static int -p11_init_slot(hx509_context context, - struct p11_module *p, - hx509_lock lock, - CK_SLOT_ID id, - int num, - struct p11_slot *slot) -{ - CK_SESSION_HANDLE session; - CK_SLOT_INFO slot_info; - CK_TOKEN_INFO token_info; - int ret, i; - - slot->certs = NULL; - slot->id = id; - - ret = P11FUNC(p, GetSlotInfo, (slot->id, &slot_info)); - if (ret) { - hx509_set_error_string(context, 0, HX509_PKCS11_TOKEN_CONFUSED, - "Failed to init PKCS11 slot %d", - num); - return HX509_PKCS11_TOKEN_CONFUSED; - } - - for (i = sizeof(slot_info.slotDescription) - 1; i > 0; i--) { - char c = slot_info.slotDescription[i]; - if (c == ' ' || c == '\t' || c == '\n' || c == '\r' || c == '\0') - continue; - i++; - break; - } - - asprintf(&slot->name, "%.*s", - i, slot_info.slotDescription); - - if ((slot_info.flags & CKF_TOKEN_PRESENT) == 0) - return 0; - - ret = P11FUNC(p, GetTokenInfo, (slot->id, &token_info)); - if (ret) { - hx509_set_error_string(context, 0, HX509_PKCS11_NO_TOKEN, - "Failed to init PKCS11 slot %d " - "with error 0x08x", - num, ret); - return HX509_PKCS11_NO_TOKEN; - } - slot->flags |= P11_TOKEN_PRESENT; - - if (token_info.flags & CKF_LOGIN_REQUIRED) - slot->flags |= P11_LOGIN_REQ; - - ret = p11_get_session(context, p, slot, lock, &session); - if (ret) - return ret; - - ret = p11_mech_info(context, p, slot, num); - if (ret) - goto out; - - ret = p11_list_keys(context, p, slot, session, lock, &slot->certs); - out: - p11_put_session(p, slot, session); - - return ret; -} - -static int -p11_get_session(hx509_context context, - struct p11_module *p, - struct p11_slot *slot, - hx509_lock lock, - CK_SESSION_HANDLE *psession) -{ - CK_RV ret; - - if (slot->flags & P11_SESSION_IN_USE) - _hx509_abort("slot already in session"); - - if (slot->flags & P11_SESSION) { - slot->flags |= P11_SESSION_IN_USE; - *psession = slot->session; - return 0; - } - - ret = P11FUNC(p, OpenSession, (slot->id, - CKF_SERIAL_SESSION, - NULL, - NULL, - &slot->session)); - if (ret != CKR_OK) { - if (context) - hx509_set_error_string(context, 0, HX509_PKCS11_OPEN_SESSION, - "Failed to OpenSession for slot id %d " - "with error: 0x%08x", - (int)slot->id, ret); - return HX509_PKCS11_OPEN_SESSION; - } - - slot->flags |= P11_SESSION; - - /* - * If we have have to login, and haven't tried before and have a - * prompter or known to work pin code. - * - * This code is very conversative and only uses the prompter in - * the hx509_lock, the reason is that it's bad to try many - * passwords on a pkcs11 token, it might lock up and have to be - * unlocked by a administrator. - * - * XXX try harder to not use pin several times on the same card. - */ - - if ( (slot->flags & P11_LOGIN_REQ) - && (slot->flags & P11_LOGIN_DONE) == 0 - && (lock || slot->pin)) - { - hx509_prompt prompt; - char pin[20]; - char *str; - - slot->flags |= P11_LOGIN_DONE; - - if (slot->pin == NULL) { - - memset(&prompt, 0, sizeof(prompt)); - - asprintf(&str, "PIN code for %s: ", slot->name); - prompt.prompt = str; - prompt.type = HX509_PROMPT_TYPE_PASSWORD; - prompt.reply.data = pin; - prompt.reply.length = sizeof(pin); - - ret = hx509_lock_prompt(lock, &prompt); - if (ret) { - free(str); - if (context) - hx509_set_error_string(context, 0, ret, - "Failed to get pin code for slot " - "id %d with error: %d", - (int)slot->id, ret); - return ret; - } - free(str); - } else { - strlcpy(pin, slot->pin, sizeof(pin)); - } - - ret = P11FUNC(p, Login, (slot->session, CKU_USER, - (unsigned char*)pin, strlen(pin))); - if (ret != CKR_OK) { - if (context) - hx509_set_error_string(context, 0, HX509_PKCS11_LOGIN, - "Failed to login on slot id %d " - "with error: 0x%08x", - (int)slot->id, ret); - p11_put_session(p, slot, slot->session); - return HX509_PKCS11_LOGIN; - } - if (slot->pin == NULL) { - slot->pin = strdup(pin); - if (slot->pin == NULL) { - if (context) - hx509_set_error_string(context, 0, ENOMEM, - "out of memory"); - p11_put_session(p, slot, slot->session); - return ENOMEM; - } - } - } else - slot->flags |= P11_LOGIN_DONE; - - slot->flags |= P11_SESSION_IN_USE; - - *psession = slot->session; - - return 0; -} - -static int -p11_put_session(struct p11_module *p, - struct p11_slot *slot, - CK_SESSION_HANDLE session) -{ - if ((slot->flags & P11_SESSION_IN_USE) == 0) - _hx509_abort("slot not in session"); - slot->flags &= ~P11_SESSION_IN_USE; - - return 0; -} - -static int -iterate_entries(hx509_context context, - struct p11_module *p, struct p11_slot *slot, - CK_SESSION_HANDLE session, - CK_ATTRIBUTE *search_data, int num_search_data, - CK_ATTRIBUTE *query, int num_query, - int (*func)(hx509_context, - struct p11_module *, struct p11_slot *, - CK_SESSION_HANDLE session, - CK_OBJECT_HANDLE object, - void *, CK_ATTRIBUTE *, int), void *ptr) -{ - CK_OBJECT_HANDLE object; - CK_ULONG object_count; - int ret, i; - - ret = P11FUNC(p, FindObjectsInit, (session, search_data, num_search_data)); - if (ret != CKR_OK) { - return -1; - } - while (1) { - ret = P11FUNC(p, FindObjects, (session, &object, 1, &object_count)); - if (ret != CKR_OK) { - return -1; - } - if (object_count == 0) - break; - - for (i = 0; i < num_query; i++) - query[i].pValue = NULL; - - ret = P11FUNC(p, GetAttributeValue, - (session, object, query, num_query)); - if (ret != CKR_OK) { - return -1; - } - for (i = 0; i < num_query; i++) { - query[i].pValue = malloc(query[i].ulValueLen); - if (query[i].pValue == NULL) { - ret = ENOMEM; - goto out; - } - } - ret = P11FUNC(p, GetAttributeValue, - (session, object, query, num_query)); - if (ret != CKR_OK) { - ret = -1; - goto out; - } - - ret = (*func)(context, p, slot, session, object, ptr, query, num_query); - if (ret) - goto out; - - for (i = 0; i < num_query; i++) { - if (query[i].pValue) - free(query[i].pValue); - query[i].pValue = NULL; - } - } - out: - - for (i = 0; i < num_query; i++) { - if (query[i].pValue) - free(query[i].pValue); - query[i].pValue = NULL; - } - - ret = P11FUNC(p, FindObjectsFinal, (session)); - if (ret != CKR_OK) { - return -2; - } - - - return 0; -} - -static BIGNUM * -getattr_bn(struct p11_module *p, - struct p11_slot *slot, - CK_SESSION_HANDLE session, - CK_OBJECT_HANDLE object, - unsigned int type) -{ - CK_ATTRIBUTE query; - BIGNUM *bn; - int ret; - - query.type = type; - query.pValue = NULL; - query.ulValueLen = 0; - - ret = P11FUNC(p, GetAttributeValue, - (session, object, &query, 1)); - if (ret != CKR_OK) - return NULL; - - query.pValue = malloc(query.ulValueLen); - - ret = P11FUNC(p, GetAttributeValue, - (session, object, &query, 1)); - if (ret != CKR_OK) { - free(query.pValue); - return NULL; - } - bn = BN_bin2bn(query.pValue, query.ulValueLen, NULL); - free(query.pValue); - - return bn; -} - -static int -collect_private_key(hx509_context context, - struct p11_module *p, struct p11_slot *slot, - CK_SESSION_HANDLE session, - CK_OBJECT_HANDLE object, - void *ptr, CK_ATTRIBUTE *query, int num_query) -{ - struct hx509_collector *collector = ptr; - hx509_private_key key; - heim_octet_string localKeyId; - int ret; - RSA *rsa; - struct p11_rsa *p11rsa; - - localKeyId.data = query[0].pValue; - localKeyId.length = query[0].ulValueLen; - - ret = _hx509_private_key_init(&key, NULL, NULL); - if (ret) - return ret; - - rsa = RSA_new(); - if (rsa == NULL) - _hx509_abort("out of memory"); - - /* - * The exponent and modulus should always be present according to - * the pkcs11 specification, but some smartcards leaves it out, - * let ignore any failure to fetch it. - */ - rsa->n = getattr_bn(p, slot, session, object, CKA_MODULUS); - rsa->e = getattr_bn(p, slot, session, object, CKA_PUBLIC_EXPONENT); - - p11rsa = calloc(1, sizeof(*p11rsa)); - if (p11rsa == NULL) - _hx509_abort("out of memory"); - - p11rsa->p = p; - p11rsa->slot = slot; - p11rsa->private_key = object; - - p->refcount++; - if (p->refcount == 0) - _hx509_abort("pkcs11 refcount to high"); - - RSA_set_method(rsa, &p11_rsa_pkcs1_method); - ret = RSA_set_app_data(rsa, p11rsa); - if (ret != 1) - _hx509_abort("RSA_set_app_data"); - - _hx509_private_key_assign_rsa(key, rsa); - - ret = _hx509_collector_private_key_add(context, - collector, - hx509_signature_rsa(), - key, - NULL, - &localKeyId); - - if (ret) { - _hx509_private_key_free(&key); - return ret; - } - return 0; -} - -static void -p11_cert_release(hx509_cert cert, void *ctx) -{ - struct p11_module *p = ctx; - p11_release_module(p); -} - - -static int -collect_cert(hx509_context context, - struct p11_module *p, struct p11_slot *slot, - CK_SESSION_HANDLE session, - CK_OBJECT_HANDLE object, - void *ptr, CK_ATTRIBUTE *query, int num_query) -{ - struct hx509_collector *collector = ptr; - hx509_cert cert; - int ret; - - if ((CK_LONG)query[0].ulValueLen == -1 || - (CK_LONG)query[1].ulValueLen == -1) - { - return 0; - } - - ret = hx509_cert_init_data(context, query[1].pValue, - query[1].ulValueLen, &cert); - if (ret) - return ret; - - p->refcount++; - if (p->refcount == 0) - _hx509_abort("pkcs11 refcount to high"); - - _hx509_cert_set_release(cert, p11_cert_release, p); - - { - heim_octet_string data; - - data.data = query[0].pValue; - data.length = query[0].ulValueLen; - - _hx509_set_cert_attribute(context, - cert, - oid_id_pkcs_9_at_localKeyId(), - &data); - } - - if ((CK_LONG)query[2].ulValueLen != -1) { - char *str; - - asprintf(&str, "%.*s", - (int)query[2].ulValueLen, (char *)query[2].pValue); - if (str) { - hx509_cert_set_friendly_name(cert, str); - free(str); - } - } - - ret = _hx509_collector_certs_add(context, collector, cert); - hx509_cert_free(cert); - - return ret; -} - - -static int -p11_list_keys(hx509_context context, - struct p11_module *p, - struct p11_slot *slot, - CK_SESSION_HANDLE session, - hx509_lock lock, - hx509_certs *certs) -{ - struct hx509_collector *collector; - CK_OBJECT_CLASS key_class; - CK_ATTRIBUTE search_data[] = { - {CKA_CLASS, NULL, 0}, - }; - CK_ATTRIBUTE query_data[3] = { - {CKA_ID, NULL, 0}, - {CKA_VALUE, NULL, 0}, - {CKA_LABEL, NULL, 0} - }; - int ret; - - search_data[0].pValue = &key_class; - search_data[0].ulValueLen = sizeof(key_class); - - if (lock == NULL) - lock = _hx509_empty_lock; - - ret = _hx509_collector_alloc(context, lock, &collector); - if (ret) - return ret; - - key_class = CKO_PRIVATE_KEY; - ret = iterate_entries(context, p, slot, session, - search_data, 1, - query_data, 1, - collect_private_key, collector); - if (ret) - goto out; - - key_class = CKO_CERTIFICATE; - ret = iterate_entries(context, p, slot, session, - search_data, 1, - query_data, 3, - collect_cert, collector); - if (ret) - goto out; - - ret = _hx509_collector_collect_certs(context, collector, &slot->certs); - -out: - _hx509_collector_free(collector); - - return ret; -} - - -static int -p11_init(hx509_context context, - hx509_certs certs, void **data, int flags, - const char *residue, hx509_lock lock) -{ - CK_C_GetFunctionList getFuncs; - struct p11_module *p; - char *list, *str; - int ret; - - *data = NULL; - - list = strdup(residue); - if (list == NULL) - return ENOMEM; - - p = calloc(1, sizeof(*p)); - if (p == NULL) { - free(list); - return ENOMEM; - } - - p->refcount = 1; - - str = strchr(list, ','); - if (str) - *str++ = '\0'; - while (str) { - char *strnext; - strnext = strchr(str, ','); - if (strnext) - *strnext++ = '\0'; -#if 0 - if (strncasecmp(str, "slot=", 5) == 0) - p->selected_slot = atoi(str + 5); -#endif - str = strnext; - } - - p->dl_handle = dlopen(list, RTLD_NOW); - free(list); - if (p->dl_handle == NULL) { - ret = HX509_PKCS11_LOAD; - hx509_set_error_string(context, 0, ret, - "Failed to open %s: %s", list, dlerror()); - goto out; - } - - getFuncs = dlsym(p->dl_handle, "C_GetFunctionList"); - if (getFuncs == NULL) { - ret = HX509_PKCS11_LOAD; - hx509_set_error_string(context, 0, ret, - "C_GetFunctionList missing in %s: %s", - list, dlerror()); - goto out; - } - - ret = (*getFuncs)(&p->funcs); - if (ret) { - ret = HX509_PKCS11_LOAD; - hx509_set_error_string(context, 0, ret, - "C_GetFunctionList failed in %s", list); - goto out; - } - - ret = P11FUNC(p, Initialize, (NULL_PTR)); - if (ret != CKR_OK) { - ret = HX509_PKCS11_TOKEN_CONFUSED; - hx509_set_error_string(context, 0, ret, - "Failed initialize the PKCS11 module"); - goto out; - } - - ret = P11FUNC(p, GetSlotList, (FALSE, NULL, &p->num_slots)); - if (ret) { - ret = HX509_PKCS11_TOKEN_CONFUSED; - hx509_set_error_string(context, 0, ret, - "Failed to get number of PKCS11 slots"); - goto out; - } - - if (p->num_slots == 0) { - ret = HX509_PKCS11_NO_SLOT; - hx509_set_error_string(context, 0, ret, - "Selected PKCS11 module have no slots"); - goto out; - } - - - { - CK_SLOT_ID_PTR slot_ids; - int i, num_tokens = 0; - - slot_ids = malloc(p->num_slots * sizeof(*slot_ids)); - if (slot_ids == NULL) { - hx509_clear_error_string(context); - ret = ENOMEM; - goto out; - } - - ret = P11FUNC(p, GetSlotList, (FALSE, slot_ids, &p->num_slots)); - if (ret) { - free(slot_ids); - hx509_set_error_string(context, 0, HX509_PKCS11_TOKEN_CONFUSED, - "Failed getting slot-list from " - "PKCS11 module"); - ret = HX509_PKCS11_TOKEN_CONFUSED; - goto out; - } - - p->slot = calloc(p->num_slots, sizeof(p->slot[0])); - if (p->slot == NULL) { - free(slot_ids); - hx509_set_error_string(context, 0, ENOMEM, - "Failed to get memory for slot-list"); - ret = ENOMEM; - goto out; - } - - for (i = 0; i < p->num_slots; i++) { - ret = p11_init_slot(context, p, lock, slot_ids[i], i, &p->slot[i]); - if (ret) - break; - if (p->slot[i].flags & P11_TOKEN_PRESENT) - num_tokens++; - } - free(slot_ids); - if (ret) - goto out; - if (num_tokens == 0) { - ret = HX509_PKCS11_NO_TOKEN; - goto out; - } - } - - *data = p; - - return 0; - out: - p11_release_module(p); - return ret; -} - -static void -p11_release_module(struct p11_module *p) -{ - int i; - - if (p->refcount == 0) - _hx509_abort("pkcs11 refcount to low"); - if (--p->refcount > 0) - return; - - for (i = 0; i < p->num_slots; i++) { - if (p->slot[i].flags & P11_SESSION_IN_USE) - _hx509_abort("pkcs11 module release while session in use"); - if (p->slot[i].flags & P11_SESSION) { - int ret; - - ret = P11FUNC(p, CloseSession, (p->slot[i].session)); - if (ret != CKR_OK) - ; - } - - if (p->slot[i].name) - free(p->slot[i].name); - if (p->slot[i].pin) { - memset(p->slot[i].pin, 0, strlen(p->slot[i].pin)); - free(p->slot[i].pin); - } - if (p->slot[i].mechs.num) { - free(p->slot[i].mechs.list); - - if (p->slot[i].mechs.infos) { - int j; - - for (j = 0 ; j < p->slot[i].mechs.num ; j++) - free(p->slot[i].mechs.infos[j]); - free(p->slot[i].mechs.infos); - } - } - } - free(p->slot); - - if (p->funcs) - P11FUNC(p, Finalize, (NULL)); - - if (p->dl_handle) - dlclose(p->dl_handle); - - memset(p, 0, sizeof(*p)); - free(p); -} - -static int -p11_free(hx509_certs certs, void *data) -{ - struct p11_module *p = data; - int i; - - for (i = 0; i < p->num_slots; i++) { - if (p->slot[i].certs) - hx509_certs_free(&p->slot[i].certs); - } - p11_release_module(p); - return 0; -} - -struct p11_cursor { - hx509_certs certs; - void *cursor; -}; - -static int -p11_iter_start(hx509_context context, - hx509_certs certs, void *data, void **cursor) -{ - struct p11_module *p = data; - struct p11_cursor *c; - int ret, i; - - c = malloc(sizeof(*c)); - if (c == NULL) { - hx509_clear_error_string(context); - return ENOMEM; - } - ret = hx509_certs_init(context, "MEMORY:pkcs11-iter", 0, NULL, &c->certs); - if (ret) { - free(c); - return ret; - } - - for (i = 0 ; i < p->num_slots; i++) { - if (p->slot[i].certs == NULL) - continue; - ret = hx509_certs_merge(context, c->certs, p->slot[i].certs); - if (ret) { - hx509_certs_free(&c->certs); - free(c); - return ret; - } - } - - ret = hx509_certs_start_seq(context, c->certs, &c->cursor); - if (ret) { - hx509_certs_free(&c->certs); - free(c); - return 0; - } - *cursor = c; - - return 0; -} - -static int -p11_iter(hx509_context context, - hx509_certs certs, void *data, void *cursor, hx509_cert *cert) -{ - struct p11_cursor *c = cursor; - return hx509_certs_next_cert(context, c->certs, c->cursor, cert); -} - -static int -p11_iter_end(hx509_context context, - hx509_certs certs, void *data, void *cursor) -{ - struct p11_cursor *c = cursor; - int ret; - ret = hx509_certs_end_seq(context, c->certs, c->cursor); - hx509_certs_free(&c->certs); - free(c); - return ret; -} - -#define MECHFLAG(x) { "unknown-flag-" #x, x } -static struct units mechflags[] = { - MECHFLAG(0x80000000), - MECHFLAG(0x40000000), - MECHFLAG(0x20000000), - MECHFLAG(0x10000000), - MECHFLAG(0x08000000), - MECHFLAG(0x04000000), - {"ec-compress", 0x2000000 }, - {"ec-uncompress", 0x1000000 }, - {"ec-namedcurve", 0x0800000 }, - {"ec-ecparameters", 0x0400000 }, - {"ec-f-2m", 0x0200000 }, - {"ec-f-p", 0x0100000 }, - {"derive", 0x0080000 }, - {"unwrap", 0x0040000 }, - {"wrap", 0x0020000 }, - {"genereate-key-pair", 0x0010000 }, - {"generate", 0x0008000 }, - {"verify-recover", 0x0004000 }, - {"verify", 0x0002000 }, - {"sign-recover", 0x0001000 }, - {"sign", 0x0000800 }, - {"digest", 0x0000400 }, - {"decrypt", 0x0000200 }, - {"encrypt", 0x0000100 }, - MECHFLAG(0x00080), - MECHFLAG(0x00040), - MECHFLAG(0x00020), - MECHFLAG(0x00010), - MECHFLAG(0x00008), - MECHFLAG(0x00004), - MECHFLAG(0x00002), - {"hw", 0x0000001 }, - { NULL, 0x0000000 } -}; -#undef MECHFLAG - -static int -p11_printinfo(hx509_context context, - hx509_certs certs, - void *data, - int (*func)(void *, const char *), - void *ctx) -{ - struct p11_module *p = data; - int i, j; - - _hx509_pi_printf(func, ctx, "pkcs11 driver with %d slot%s", - p->num_slots, p->num_slots > 1 ? "s" : ""); - - for (i = 0; i < p->num_slots; i++) { - struct p11_slot *s = &p->slot[i]; - - _hx509_pi_printf(func, ctx, "slot %d: id: %d name: %s flags: %08x", - i, (int)s->id, s->name, s->flags); - - _hx509_pi_printf(func, ctx, "number of supported mechanisms: %lu", - (unsigned long)s->mechs.num); - for (j = 0; j < s->mechs.num; j++) { - const char *mechname = "unknown"; - char flags[256], unknownname[40]; -#define MECHNAME(s,n) case s: mechname = n; break - switch(s->mechs.list[j]) { - MECHNAME(CKM_RSA_PKCS_KEY_PAIR_GEN, "rsa-pkcs-key-pair-gen"); - MECHNAME(CKM_RSA_PKCS, "rsa-pkcs"); - MECHNAME(CKM_RSA_X_509, "rsa-x-509"); - MECHNAME(CKM_MD5_RSA_PKCS, "md5-rsa-pkcs"); - MECHNAME(CKM_SHA1_RSA_PKCS, "sha1-rsa-pkcs"); - MECHNAME(CKM_SHA256_RSA_PKCS, "sha256-rsa-pkcs"); - MECHNAME(CKM_SHA384_RSA_PKCS, "sha384-rsa-pkcs"); - MECHNAME(CKM_SHA512_RSA_PKCS, "sha512-rsa-pkcs"); - MECHNAME(CKM_RIPEMD160_RSA_PKCS, "ripemd160-rsa-pkcs"); - MECHNAME(CKM_RSA_PKCS_OAEP, "rsa-pkcs-oaep"); - MECHNAME(CKM_SHA512_HMAC, "sha512-hmac"); - MECHNAME(CKM_SHA512, "sha512"); - MECHNAME(CKM_SHA384_HMAC, "sha384-hmac"); - MECHNAME(CKM_SHA384, "sha384"); - MECHNAME(CKM_SHA256_HMAC, "sha256-hmac"); - MECHNAME(CKM_SHA256, "sha256"); - MECHNAME(CKM_SHA_1, "sha1"); - MECHNAME(CKM_MD5, "md5"); - MECHNAME(CKM_MD2, "md2"); - MECHNAME(CKM_RIPEMD160, "ripemd-160"); - MECHNAME(CKM_DES_ECB, "des-ecb"); - MECHNAME(CKM_DES_CBC, "des-cbc"); - MECHNAME(CKM_AES_ECB, "aes-ecb"); - MECHNAME(CKM_AES_CBC, "aes-cbc"); - MECHNAME(CKM_DH_PKCS_PARAMETER_GEN, "dh-pkcs-parameter-gen"); - default: - snprintf(unknownname, sizeof(unknownname), - "unknown-mech-%lu", - (unsigned long)s->mechs.list[j]); - mechname = unknownname; - break; - } -#undef MECHNAME - unparse_flags(s->mechs.infos[j]->flags, mechflags, - flags, sizeof(flags)); - - _hx509_pi_printf(func, ctx, " %s: %s", mechname, flags); - } - } - - return 0; -} - -static struct hx509_keyset_ops keyset_pkcs11 = { - "PKCS11", - 0, - p11_init, - NULL, - p11_free, - NULL, - NULL, - p11_iter_start, - p11_iter, - p11_iter_end, - p11_printinfo -}; - -#endif /* HAVE_DLOPEN */ - -void -_hx509_ks_pkcs11_register(hx509_context context) -{ -#ifdef HAVE_DLOPEN - _hx509_ks_register(context, &keyset_pkcs11); -#endif -} diff --git a/crypto/heimdal/lib/hx509/ks_p12.c b/crypto/heimdal/lib/hx509/ks_p12.c deleted file mode 100644 index 12756e6c071d..000000000000 --- a/crypto/heimdal/lib/hx509/ks_p12.c +++ /dev/null @@ -1,704 +0,0 @@ -/* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -RCSID("$Id: ks_p12.c 21146 2007-06-18 21:37:25Z lha $"); - -struct ks_pkcs12 { - hx509_certs certs; - char *fn; -}; - -typedef int (*collector_func)(hx509_context, - struct hx509_collector *, - const void *, size_t, - const PKCS12_Attributes *); - -struct type { - const heim_oid * (*oid)(void); - collector_func func; -}; - -static void -parse_pkcs12_type(hx509_context, struct hx509_collector *, const heim_oid *, - const void *, size_t, const PKCS12_Attributes *); - - -static const PKCS12_Attribute * -find_attribute(const PKCS12_Attributes *attrs, const heim_oid *oid) -{ - int i; - if (attrs == NULL) - return NULL; - for (i = 0; i < attrs->len; i++) - if (der_heim_oid_cmp(oid, &attrs->val[i].attrId) == 0) - return &attrs->val[i]; - return NULL; -} - -static int -keyBag_parser(hx509_context context, - struct hx509_collector *c, - const void *data, size_t length, - const PKCS12_Attributes *attrs) -{ - const PKCS12_Attribute *attr; - PKCS8PrivateKeyInfo ki; - const heim_octet_string *os = NULL; - int ret; - - attr = find_attribute(attrs, oid_id_pkcs_9_at_localKeyId()); - if (attr) - os = &attr->attrValues; - - ret = decode_PKCS8PrivateKeyInfo(data, length, &ki, NULL); - if (ret) - return ret; - - _hx509_collector_private_key_add(context, - c, - &ki.privateKeyAlgorithm, - NULL, - &ki.privateKey, - os); - free_PKCS8PrivateKeyInfo(&ki); - return 0; -} - -static int -ShroudedKeyBag_parser(hx509_context context, - struct hx509_collector *c, - const void *data, size_t length, - const PKCS12_Attributes *attrs) -{ - PKCS8EncryptedPrivateKeyInfo pk; - heim_octet_string content; - int ret; - - memset(&pk, 0, sizeof(pk)); - - ret = decode_PKCS8EncryptedPrivateKeyInfo(data, length, &pk, NULL); - if (ret) - return ret; - - ret = _hx509_pbe_decrypt(context, - _hx509_collector_get_lock(c), - &pk.encryptionAlgorithm, - &pk.encryptedData, - &content); - free_PKCS8EncryptedPrivateKeyInfo(&pk); - if (ret) - return ret; - - ret = keyBag_parser(context, c, content.data, content.length, attrs); - der_free_octet_string(&content); - return ret; -} - -static int -certBag_parser(hx509_context context, - struct hx509_collector *c, - const void *data, size_t length, - const PKCS12_Attributes *attrs) -{ - heim_octet_string os; - hx509_cert cert; - PKCS12_CertBag cb; - int ret; - - ret = decode_PKCS12_CertBag(data, length, &cb, NULL); - if (ret) - return ret; - - if (der_heim_oid_cmp(oid_id_pkcs_9_at_certTypes_x509(), &cb.certType)) { - free_PKCS12_CertBag(&cb); - return 0; - } - - ret = decode_PKCS12_OctetString(cb.certValue.data, - cb.certValue.length, - &os, - NULL); - free_PKCS12_CertBag(&cb); - if (ret) - return ret; - - ret = hx509_cert_init_data(context, os.data, os.length, &cert); - der_free_octet_string(&os); - if (ret) - return ret; - - ret = _hx509_collector_certs_add(context, c, cert); - if (ret) { - hx509_cert_free(cert); - return ret; - } - - { - const PKCS12_Attribute *attr; - const heim_oid * (*oids[])(void) = { - oid_id_pkcs_9_at_localKeyId, oid_id_pkcs_9_at_friendlyName - }; - int i; - - for (i = 0; i < sizeof(oids)/sizeof(oids[0]); i++) { - const heim_oid *oid = (*(oids[i]))(); - attr = find_attribute(attrs, oid); - if (attr) - _hx509_set_cert_attribute(context, cert, oid, - &attr->attrValues); - } - } - - hx509_cert_free(cert); - - return 0; -} - -static int -parse_safe_content(hx509_context context, - struct hx509_collector *c, - const unsigned char *p, size_t len) -{ - PKCS12_SafeContents sc; - int ret, i; - - memset(&sc, 0, sizeof(sc)); - - ret = decode_PKCS12_SafeContents(p, len, &sc, NULL); - if (ret) - return ret; - - for (i = 0; i < sc.len ; i++) - parse_pkcs12_type(context, - c, - &sc.val[i].bagId, - sc.val[i].bagValue.data, - sc.val[i].bagValue.length, - sc.val[i].bagAttributes); - - free_PKCS12_SafeContents(&sc); - return 0; -} - -static int -safeContent_parser(hx509_context context, - struct hx509_collector *c, - const void *data, size_t length, - const PKCS12_Attributes *attrs) -{ - heim_octet_string os; - int ret; - - ret = decode_PKCS12_OctetString(data, length, &os, NULL); - if (ret) - return ret; - ret = parse_safe_content(context, c, os.data, os.length); - der_free_octet_string(&os); - return ret; -} - -static int -encryptedData_parser(hx509_context context, - struct hx509_collector *c, - const void *data, size_t length, - const PKCS12_Attributes *attrs) -{ - heim_octet_string content; - heim_oid contentType; - int ret; - - memset(&contentType, 0, sizeof(contentType)); - - ret = hx509_cms_decrypt_encrypted(context, - _hx509_collector_get_lock(c), - data, length, - &contentType, - &content); - if (ret) - return ret; - - if (der_heim_oid_cmp(&contentType, oid_id_pkcs7_data()) == 0) - ret = parse_safe_content(context, c, content.data, content.length); - - der_free_octet_string(&content); - der_free_oid(&contentType); - return ret; -} - -static int -envelopedData_parser(hx509_context context, - struct hx509_collector *c, - const void *data, size_t length, - const PKCS12_Attributes *attrs) -{ - heim_octet_string content; - heim_oid contentType; - hx509_lock lock; - int ret; - - memset(&contentType, 0, sizeof(contentType)); - - lock = _hx509_collector_get_lock(c); - - ret = hx509_cms_unenvelope(context, - _hx509_lock_unlock_certs(lock), - 0, - data, length, - NULL, - &contentType, - &content); - if (ret) { - hx509_set_error_string(context, HX509_ERROR_APPEND, ret, - "PKCS12 failed to unenvelope"); - return ret; - } - - if (der_heim_oid_cmp(&contentType, oid_id_pkcs7_data()) == 0) - ret = parse_safe_content(context, c, content.data, content.length); - - der_free_octet_string(&content); - der_free_oid(&contentType); - - return ret; -} - - -struct type bagtypes[] = { - { oid_id_pkcs12_keyBag, keyBag_parser }, - { oid_id_pkcs12_pkcs8ShroudedKeyBag, ShroudedKeyBag_parser }, - { oid_id_pkcs12_certBag, certBag_parser }, - { oid_id_pkcs7_data, safeContent_parser }, - { oid_id_pkcs7_encryptedData, encryptedData_parser }, - { oid_id_pkcs7_envelopedData, envelopedData_parser } -}; - -static void -parse_pkcs12_type(hx509_context context, - struct hx509_collector *c, - const heim_oid *oid, - const void *data, size_t length, - const PKCS12_Attributes *attrs) -{ - int i; - - for (i = 0; i < sizeof(bagtypes)/sizeof(bagtypes[0]); i++) - if (der_heim_oid_cmp((*bagtypes[i].oid)(), oid) == 0) - (*bagtypes[i].func)(context, c, data, length, attrs); -} - -static int -p12_init(hx509_context context, - hx509_certs certs, void **data, int flags, - const char *residue, hx509_lock lock) -{ - struct ks_pkcs12 *p12; - size_t len; - void *buf; - PKCS12_PFX pfx; - PKCS12_AuthenticatedSafe as; - int ret, i; - struct hx509_collector *c; - - *data = NULL; - - if (lock == NULL) - lock = _hx509_empty_lock; - - ret = _hx509_collector_alloc(context, lock, &c); - if (ret) - return ret; - - p12 = calloc(1, sizeof(*p12)); - if (p12 == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "out of memory"); - goto out; - } - - p12->fn = strdup(residue); - if (p12->fn == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "out of memory"); - goto out; - } - - if (flags & HX509_CERTS_CREATE) { - ret = hx509_certs_init(context, "MEMORY:ks-file-create", - 0, lock, &p12->certs); - if (ret == 0) - *data = p12; - goto out; - } - - ret = _hx509_map_file(residue, &buf, &len, NULL); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - - ret = decode_PKCS12_PFX(buf, len, &pfx, NULL); - _hx509_unmap_file(buf, len); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to decode the PFX in %s", residue); - goto out; - } - - if (der_heim_oid_cmp(&pfx.authSafe.contentType, oid_id_pkcs7_data()) != 0) { - free_PKCS12_PFX(&pfx); - ret = EINVAL; - hx509_set_error_string(context, 0, ret, - "PKCS PFX isn't a pkcs7-data container"); - goto out; - } - - if (pfx.authSafe.content == NULL) { - free_PKCS12_PFX(&pfx); - ret = EINVAL; - hx509_set_error_string(context, 0, ret, - "PKCS PFX missing data"); - goto out; - } - - { - heim_octet_string asdata; - - ret = decode_PKCS12_OctetString(pfx.authSafe.content->data, - pfx.authSafe.content->length, - &asdata, - NULL); - free_PKCS12_PFX(&pfx); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - ret = decode_PKCS12_AuthenticatedSafe(asdata.data, - asdata.length, - &as, - NULL); - der_free_octet_string(&asdata); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - } - - for (i = 0; i < as.len; i++) - parse_pkcs12_type(context, - c, - &as.val[i].contentType, - as.val[i].content->data, - as.val[i].content->length, - NULL); - - free_PKCS12_AuthenticatedSafe(&as); - - ret = _hx509_collector_collect_certs(context, c, &p12->certs); - if (ret == 0) - *data = p12; - -out: - _hx509_collector_free(c); - - if (ret && p12) { - if (p12->fn) - free(p12->fn); - if (p12->certs) - hx509_certs_free(&p12->certs); - free(p12); - } - - return ret; -} - -static int -addBag(hx509_context context, - PKCS12_AuthenticatedSafe *as, - const heim_oid *oid, - void *data, - size_t length) -{ - void *ptr; - int ret; - - ptr = realloc(as->val, sizeof(as->val[0]) * (as->len + 1)); - if (ptr == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - as->val = ptr; - - ret = der_copy_oid(oid, &as->val[as->len].contentType); - if (ret) { - hx509_set_error_string(context, 0, ret, "out of memory"); - return ret; - } - - as->val[as->len].content = calloc(1, sizeof(*as->val[0].content)); - if (as->val[as->len].content == NULL) { - der_free_oid(&as->val[as->len].contentType); - hx509_set_error_string(context, 0, ENOMEM, "malloc out of memory"); - return ENOMEM; - } - - as->val[as->len].content->data = data; - as->val[as->len].content->length = length; - - as->len++; - - return 0; -} - -static int -store_func(hx509_context context, void *ctx, hx509_cert c) -{ - PKCS12_AuthenticatedSafe *as = ctx; - PKCS12_OctetString os; - PKCS12_CertBag cb; - size_t size; - int ret; - - memset(&os, 0, sizeof(os)); - memset(&cb, 0, sizeof(cb)); - - os.data = NULL; - os.length = 0; - - ret = hx509_cert_binary(context, c, &os); - if (ret) - return ret; - - ASN1_MALLOC_ENCODE(PKCS12_OctetString, - cb.certValue.data,cb.certValue.length, - &os, &size, ret); - free(os.data); - if (ret) - goto out; - ret = der_copy_oid(oid_id_pkcs_9_at_certTypes_x509(), &cb.certType); - if (ret) { - free_PKCS12_CertBag(&cb); - goto out; - } - ASN1_MALLOC_ENCODE(PKCS12_CertBag, os.data, os.length, - &cb, &size, ret); - free_PKCS12_CertBag(&cb); - if (ret) - goto out; - - ret = addBag(context, as, oid_id_pkcs12_certBag(), os.data, os.length); - - if (_hx509_cert_private_key_exportable(c)) { - hx509_private_key key = _hx509_cert_private_key(c); - PKCS8PrivateKeyInfo pki; - - memset(&pki, 0, sizeof(pki)); - - ret = der_parse_hex_heim_integer("00", &pki.version); - if (ret) - return ret; - ret = _hx509_private_key_oid(context, key, - &pki.privateKeyAlgorithm.algorithm); - if (ret) { - free_PKCS8PrivateKeyInfo(&pki); - return ret; - } - ret = _hx509_private_key_export(context, - _hx509_cert_private_key(c), - &pki.privateKey); - if (ret) { - free_PKCS8PrivateKeyInfo(&pki); - return ret; - } - /* set attribute, oid_id_pkcs_9_at_localKeyId() */ - - ASN1_MALLOC_ENCODE(PKCS8PrivateKeyInfo, os.data, os.length, - &pki, &size, ret); - free_PKCS8PrivateKeyInfo(&pki); - if (ret) - return ret; - - ret = addBag(context, as, oid_id_pkcs12_keyBag(), os.data, os.length); - if (ret) - return ret; - } - -out: - return ret; -} - -static int -p12_store(hx509_context context, - hx509_certs certs, void *data, int flags, hx509_lock lock) -{ - struct ks_pkcs12 *p12 = data; - PKCS12_PFX pfx; - PKCS12_AuthenticatedSafe as; - PKCS12_OctetString asdata; - size_t size; - int ret; - - memset(&as, 0, sizeof(as)); - memset(&pfx, 0, sizeof(pfx)); - - ret = hx509_certs_iter(context, p12->certs, store_func, &as); - if (ret) - goto out; - - ASN1_MALLOC_ENCODE(PKCS12_AuthenticatedSafe, asdata.data, asdata.length, - &as, &size, ret); - free_PKCS12_AuthenticatedSafe(&as); - if (ret) - return ret; - - ret = der_parse_hex_heim_integer("03", &pfx.version); - if (ret) { - free(asdata.data); - goto out; - } - - pfx.authSafe.content = calloc(1, sizeof(*pfx.authSafe.content)); - - ASN1_MALLOC_ENCODE(PKCS12_OctetString, - pfx.authSafe.content->data, - pfx.authSafe.content->length, - &asdata, &size, ret); - free(asdata.data); - if (ret) - goto out; - - ret = der_copy_oid(oid_id_pkcs7_data(), &pfx.authSafe.contentType); - if (ret) - goto out; - - ASN1_MALLOC_ENCODE(PKCS12_PFX, asdata.data, asdata.length, - &pfx, &size, ret); - if (ret) - goto out; - -#if 0 - const struct _hx509_password *pw; - - pw = _hx509_lock_get_passwords(lock); - if (pw != NULL) { - pfx.macData = calloc(1, sizeof(*pfx.macData)); - if (pfx.macData == NULL) { - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "malloc out of memory"); - return ret; - } - if (pfx.macData == NULL) { - free(asdata.data); - goto out; - } - } - ret = calculate_hash(&aspath, pw, pfx.macData); -#endif - - rk_dumpdata(p12->fn, asdata.data, asdata.length); - free(asdata.data); - -out: - free_PKCS12_AuthenticatedSafe(&as); - free_PKCS12_PFX(&pfx); - - return ret; -} - - -static int -p12_free(hx509_certs certs, void *data) -{ - struct ks_pkcs12 *p12 = data; - hx509_certs_free(&p12->certs); - free(p12->fn); - free(p12); - return 0; -} - -static int -p12_add(hx509_context context, hx509_certs certs, void *data, hx509_cert c) -{ - struct ks_pkcs12 *p12 = data; - return hx509_certs_add(context, p12->certs, c); -} - -static int -p12_iter_start(hx509_context context, - hx509_certs certs, - void *data, - void **cursor) -{ - struct ks_pkcs12 *p12 = data; - return hx509_certs_start_seq(context, p12->certs, cursor); -} - -static int -p12_iter(hx509_context context, - hx509_certs certs, - void *data, - void *cursor, - hx509_cert *cert) -{ - struct ks_pkcs12 *p12 = data; - return hx509_certs_next_cert(context, p12->certs, cursor, cert); -} - -static int -p12_iter_end(hx509_context context, - hx509_certs certs, - void *data, - void *cursor) -{ - struct ks_pkcs12 *p12 = data; - return hx509_certs_end_seq(context, p12->certs, cursor); -} - -static struct hx509_keyset_ops keyset_pkcs12 = { - "PKCS12", - 0, - p12_init, - p12_store, - p12_free, - p12_add, - NULL, - p12_iter_start, - p12_iter, - p12_iter_end -}; - -void -_hx509_ks_pkcs12_register(hx509_context context) -{ - _hx509_ks_register(context, &keyset_pkcs12); -} diff --git a/crypto/heimdal/lib/hx509/lock.c b/crypto/heimdal/lib/hx509/lock.c deleted file mode 100644 index e835aee35af0..000000000000 --- a/crypto/heimdal/lib/hx509/lock.c +++ /dev/null @@ -1,248 +0,0 @@ -/* - * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -RCSID("$Id: lock.c 22327 2007-12-15 04:49:37Z lha $"); - -/** - * @page page_lock Locking and unlocking certificates and encrypted data. - * - * See the library functions here: @ref hx509_lock - */ - -struct hx509_lock_data { - struct _hx509_password password; - hx509_certs certs; - hx509_prompter_fct prompt; - void *prompt_data; -}; - -static struct hx509_lock_data empty_lock_data = { - { 0, NULL } -}; - -hx509_lock _hx509_empty_lock = &empty_lock_data; - -/* - * - */ - -int -hx509_lock_init(hx509_context context, hx509_lock *lock) -{ - hx509_lock l; - int ret; - - *lock = NULL; - - l = calloc(1, sizeof(*l)); - if (l == NULL) - return ENOMEM; - - ret = hx509_certs_init(context, - "MEMORY:locks-internal", - 0, - NULL, - &l->certs); - if (ret) { - free(l); - return ret; - } - - *lock = l; - - return 0; -} - -int -hx509_lock_add_password(hx509_lock lock, const char *password) -{ - void *d; - char *s; - - s = strdup(password); - if (s == NULL) - return ENOMEM; - - d = realloc(lock->password.val, - (lock->password.len + 1) * sizeof(lock->password.val[0])); - if (d == NULL) { - free(s); - return ENOMEM; - } - lock->password.val = d; - lock->password.val[lock->password.len] = s; - lock->password.len++; - - return 0; -} - -const struct _hx509_password * -_hx509_lock_get_passwords(hx509_lock lock) -{ - return &lock->password; -} - -hx509_certs -_hx509_lock_unlock_certs(hx509_lock lock) -{ - return lock->certs; -} - -void -hx509_lock_reset_passwords(hx509_lock lock) -{ - int i; - for (i = 0; i < lock->password.len; i++) - free(lock->password.val[i]); - free(lock->password.val); - lock->password.val = NULL; - lock->password.len = 0; -} - -int -hx509_lock_add_cert(hx509_context context, hx509_lock lock, hx509_cert cert) -{ - return hx509_certs_add(context, lock->certs, cert); -} - -int -hx509_lock_add_certs(hx509_context context, hx509_lock lock, hx509_certs certs) -{ - return hx509_certs_merge(context, lock->certs, certs); -} - -void -hx509_lock_reset_certs(hx509_context context, hx509_lock lock) -{ - hx509_certs certs = lock->certs; - int ret; - - ret = hx509_certs_init(context, - "MEMORY:locks-internal", - 0, - NULL, - &lock->certs); - if (ret == 0) - hx509_certs_free(&certs); - else - lock->certs = certs; -} - -int -_hx509_lock_find_cert(hx509_lock lock, const hx509_query *q, hx509_cert *c) -{ - *c = NULL; - return 0; -} - -int -hx509_lock_set_prompter(hx509_lock lock, hx509_prompter_fct prompt, void *data) -{ - lock->prompt = prompt; - lock->prompt_data = data; - return 0; -} - -void -hx509_lock_reset_promper(hx509_lock lock) -{ - lock->prompt = NULL; - lock->prompt_data = NULL; -} - -static int -default_prompter(void *data, const hx509_prompt *prompter) -{ - if (hx509_prompt_hidden(prompter->type)) { - if(UI_UTIL_read_pw_string(prompter->reply.data, - prompter->reply.length, - prompter->prompt, - 0)) - return 1; - } else { - char *s = prompter->reply.data; - - fputs (prompter->prompt, stdout); - fflush (stdout); - if(fgets(prompter->reply.data, - prompter->reply.length, - stdin) == NULL) - return 1; - s[strcspn(s, "\n")] = '\0'; - } - return 0; -} - -int -hx509_lock_prompt(hx509_lock lock, hx509_prompt *prompt) -{ - if (lock->prompt == NULL) - return HX509_CRYPTO_NO_PROMPTER; - return (*lock->prompt)(lock->prompt_data, prompt); -} - -void -hx509_lock_free(hx509_lock lock) -{ - hx509_certs_free(&lock->certs); - hx509_lock_reset_passwords(lock); - memset(lock, 0, sizeof(*lock)); - free(lock); -} - -int -hx509_prompt_hidden(hx509_prompt_type type) -{ - /* default to hidden if unknown */ - - switch (type) { - case HX509_PROMPT_TYPE_QUESTION: - case HX509_PROMPT_TYPE_INFO: - return 0; - default: - return 1; - } -} - -int -hx509_lock_command_string(hx509_lock lock, const char *string) -{ - if (strncasecmp(string, "PASS:", 5) == 0) { - hx509_lock_add_password(lock, string + 5); - } else if (strcasecmp(string, "PROMPT") == 0) { - hx509_lock_set_prompter(lock, default_prompter, NULL); - } else - return HX509_UNKNOWN_LOCK_COMMAND; - return 0; -} diff --git a/crypto/heimdal/lib/hx509/name.c b/crypto/heimdal/lib/hx509/name.c deleted file mode 100644 index 69fafe1b8a17..000000000000 --- a/crypto/heimdal/lib/hx509/name.c +++ /dev/null @@ -1,918 +0,0 @@ -/* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -RCSID("$Id: name.c 22432 2008-01-13 14:08:03Z lha $"); - -/** - * @page page_name PKIX/X.509 Names - * - * There are several names in PKIX/X.509, GeneralName and Name. - * - * A Name consists of an ordered list of Relative Distinguished Names - * (RDN). Each RDN consists of an unordered list of typed strings. The - * types are defined by OID and have long and short description. For - * example id-at-commonName (2.5.4.3) have the long name CommonName - * and short name CN. The string itself can be of serveral encoding, - * UTF8, UTF16, Teltex string, etc. The type limit what encoding - * should be used. - * - * GeneralName is a broader nametype that can contains al kind of - * stuff like Name, IP addresses, partial Name, etc. - * - * Name is mapped into a hx509_name object. - * - * Parse and string name into a hx509_name object with hx509_parse_name(), - * make it back into string representation with hx509_name_to_string(). - * - * Name string are defined rfc2253, rfc1779 and X.501. - * - * See the library functions here: @ref hx509_name - */ - -static const struct { - const char *n; - const heim_oid *(*o)(void); -} no[] = { - { "C", oid_id_at_countryName }, - { "CN", oid_id_at_commonName }, - { "DC", oid_id_domainComponent }, - { "L", oid_id_at_localityName }, - { "O", oid_id_at_organizationName }, - { "OU", oid_id_at_organizationalUnitName }, - { "S", oid_id_at_stateOrProvinceName }, - { "STREET", oid_id_at_streetAddress }, - { "UID", oid_id_Userid }, - { "emailAddress", oid_id_pkcs9_emailAddress }, - { "serialNumber", oid_id_at_serialNumber } -}; - -static char * -quote_string(const char *f, size_t len, size_t *rlen) -{ - size_t i, j, tolen; - const char *from = f; - char *to; - - tolen = len * 3 + 1; - to = malloc(tolen); - if (to == NULL) - return NULL; - - for (i = 0, j = 0; i < len; i++) { - if (from[i] == ' ' && i + 1 < len) - to[j++] = from[i]; - else if (from[i] == ',' || from[i] == '=' || from[i] == '+' || - from[i] == '<' || from[i] == '>' || from[i] == '#' || - from[i] == ';' || from[i] == ' ') - { - to[j++] = '\\'; - to[j++] = from[i]; - } else if (((unsigned char)from[i]) >= 32 && ((unsigned char)from[i]) <= 127) { - to[j++] = from[i]; - } else { - int l = snprintf(&to[j], tolen - j - 1, - "#%02x", (unsigned char)from[i]); - j += l; - } - } - to[j] = '\0'; - assert(j < tolen); - *rlen = j; - return to; -} - - -static int -append_string(char **str, size_t *total_len, const char *ss, - size_t len, int quote) -{ - char *s, *qs; - - if (quote) - qs = quote_string(ss, len, &len); - else - qs = rk_UNCONST(ss); - - s = realloc(*str, len + *total_len + 1); - if (s == NULL) - _hx509_abort("allocation failure"); /* XXX */ - memcpy(s + *total_len, qs, len); - if (qs != ss) - free(qs); - s[*total_len + len] = '\0'; - *str = s; - *total_len += len; - return 0; -} - -static char * -oidtostring(const heim_oid *type) -{ - char *s; - size_t i; - - for (i = 0; i < sizeof(no)/sizeof(no[0]); i++) { - if (der_heim_oid_cmp((*no[i].o)(), type) == 0) - return strdup(no[i].n); - } - if (der_print_heim_oid(type, '.', &s) != 0) - return NULL; - return s; -} - -static int -stringtooid(const char *name, size_t len, heim_oid *oid) -{ - int i, ret; - char *s; - - memset(oid, 0, sizeof(*oid)); - - for (i = 0; i < sizeof(no)/sizeof(no[0]); i++) { - if (strncasecmp(no[i].n, name, len) == 0) - return der_copy_oid((*no[i].o)(), oid); - } - s = malloc(len + 1); - if (s == NULL) - return ENOMEM; - memcpy(s, name, len); - s[len] = '\0'; - ret = der_parse_heim_oid(s, ".", oid); - free(s); - return ret; -} - -/** - * Convert the hx509 name object into a printable string. - * The resulting string should be freed with free(). - * - * @param name name to print - * @param str the string to return - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_name - */ - -int -hx509_name_to_string(const hx509_name name, char **str) -{ - return _hx509_Name_to_string(&name->der_name, str); -} - -int -_hx509_Name_to_string(const Name *n, char **str) -{ - size_t total_len = 0; - int i, j; - - *str = strdup(""); - if (*str == NULL) - return ENOMEM; - - for (i = n->u.rdnSequence.len - 1 ; i >= 0 ; i--) { - int len; - - for (j = 0; j < n->u.rdnSequence.val[i].len; j++) { - DirectoryString *ds = &n->u.rdnSequence.val[i].val[j].value; - char *oidname; - char *ss; - - oidname = oidtostring(&n->u.rdnSequence.val[i].val[j].type); - - switch(ds->element) { - case choice_DirectoryString_ia5String: - ss = ds->u.ia5String; - break; - case choice_DirectoryString_printableString: - ss = ds->u.printableString; - break; - case choice_DirectoryString_utf8String: - ss = ds->u.utf8String; - break; - case choice_DirectoryString_bmpString: { - uint16_t *bmp = ds->u.bmpString.data; - size_t bmplen = ds->u.bmpString.length; - size_t k; - - ss = malloc(bmplen + 1); - if (ss == NULL) - _hx509_abort("allocation failure"); /* XXX */ - for (k = 0; k < bmplen; k++) - ss[k] = bmp[k] & 0xff; /* XXX */ - ss[k] = '\0'; - break; - } - case choice_DirectoryString_teletexString: - ss = malloc(ds->u.teletexString.length + 1); - if (ss == NULL) - _hx509_abort("allocation failure"); /* XXX */ - memcpy(ss, ds->u.teletexString.data, ds->u.teletexString.length); - ss[ds->u.teletexString.length] = '\0'; - break; - case choice_DirectoryString_universalString: { - uint32_t *uni = ds->u.universalString.data; - size_t unilen = ds->u.universalString.length; - size_t k; - - ss = malloc(unilen + 1); - if (ss == NULL) - _hx509_abort("allocation failure"); /* XXX */ - for (k = 0; k < unilen; k++) - ss[k] = uni[k] & 0xff; /* XXX */ - ss[k] = '\0'; - break; - } - default: - _hx509_abort("unknown directory type: %d", ds->element); - exit(1); - } - append_string(str, &total_len, oidname, strlen(oidname), 0); - free(oidname); - append_string(str, &total_len, "=", 1, 0); - len = strlen(ss); - append_string(str, &total_len, ss, len, 1); - if (ds->element == choice_DirectoryString_universalString || - ds->element == choice_DirectoryString_bmpString || - ds->element == choice_DirectoryString_teletexString) - { - free(ss); - } - if (j + 1 < n->u.rdnSequence.val[i].len) - append_string(str, &total_len, "+", 1, 0); - } - - if (i > 0) - append_string(str, &total_len, ",", 1, 0); - } - return 0; -} - -/* - * XXX this function is broken, it needs to compare code points, not - * bytes. - */ - -static void -prune_space(const unsigned char **s) -{ - while (**s == ' ') - (*s)++; -} - -int -_hx509_name_ds_cmp(const DirectoryString *ds1, const DirectoryString *ds2) -{ - int c; - - c = ds1->element - ds2->element; - if (c) - return c; - - switch(ds1->element) { - case choice_DirectoryString_ia5String: - c = strcmp(ds1->u.ia5String, ds2->u.ia5String); - break; - case choice_DirectoryString_teletexString: - c = der_heim_octet_string_cmp(&ds1->u.teletexString, - &ds2->u.teletexString); - break; - case choice_DirectoryString_printableString: { - const unsigned char *s1 = (unsigned char*)ds1->u.printableString; - const unsigned char *s2 = (unsigned char*)ds2->u.printableString; - prune_space(&s1); prune_space(&s2); - while (*s1 && *s2) { - if (toupper(*s1) != toupper(*s2)) { - c = toupper(*s1) - toupper(*s2); - break; - } - if (*s1 == ' ') { prune_space(&s1); prune_space(&s2); } - else { s1++; s2++; } - } - prune_space(&s1); prune_space(&s2); - c = *s1 - *s2; - break; - } - case choice_DirectoryString_utf8String: - c = strcmp(ds1->u.utf8String, ds2->u.utf8String); - break; - case choice_DirectoryString_universalString: - c = der_heim_universal_string_cmp(&ds1->u.universalString, - &ds2->u.universalString); - break; - case choice_DirectoryString_bmpString: - c = der_heim_bmp_string_cmp(&ds1->u.bmpString, - &ds2->u.bmpString); - break; - default: - c = 1; - break; - } - return c; -} - -int -_hx509_name_cmp(const Name *n1, const Name *n2) -{ - int i, j, c; - - c = n1->u.rdnSequence.len - n2->u.rdnSequence.len; - if (c) - return c; - - for (i = 0 ; i < n1->u.rdnSequence.len; i++) { - c = n1->u.rdnSequence.val[i].len - n2->u.rdnSequence.val[i].len; - if (c) - return c; - - for (j = 0; j < n1->u.rdnSequence.val[i].len; j++) { - c = der_heim_oid_cmp(&n1->u.rdnSequence.val[i].val[j].type, - &n1->u.rdnSequence.val[i].val[j].type); - if (c) - return c; - - c = _hx509_name_ds_cmp(&n1->u.rdnSequence.val[i].val[j].value, - &n2->u.rdnSequence.val[i].val[j].value); - if (c) - return c; - } - } - return 0; -} - -/** - * Compare to hx509 name object, useful for sorting. - * - * @param n1 a hx509 name object. - * @param n2 a hx509 name object. - * - * @return 0 the objects are the same, returns > 0 is n2 is "larger" - * then n2, < 0 if n1 is "smaller" then n2. - * - * @ingroup hx509_name - */ - -int -hx509_name_cmp(hx509_name n1, hx509_name n2) -{ - return _hx509_name_cmp(&n1->der_name, &n2->der_name); -} - - -int -_hx509_name_from_Name(const Name *n, hx509_name *name) -{ - int ret; - *name = calloc(1, sizeof(**name)); - if (*name == NULL) - return ENOMEM; - ret = copy_Name(n, &(*name)->der_name); - if (ret) { - free(*name); - *name = NULL; - } - return ret; -} - -int -_hx509_name_modify(hx509_context context, - Name *name, - int append, - const heim_oid *oid, - const char *str) -{ - RelativeDistinguishedName *rdn; - int ret; - void *ptr; - - ptr = realloc(name->u.rdnSequence.val, - sizeof(name->u.rdnSequence.val[0]) * - (name->u.rdnSequence.len + 1)); - if (ptr == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "Out of memory"); - return ENOMEM; - } - name->u.rdnSequence.val = ptr; - - if (append) { - rdn = &name->u.rdnSequence.val[name->u.rdnSequence.len]; - } else { - memmove(&name->u.rdnSequence.val[1], - &name->u.rdnSequence.val[0], - name->u.rdnSequence.len * - sizeof(name->u.rdnSequence.val[0])); - - rdn = &name->u.rdnSequence.val[0]; - } - rdn->val = malloc(sizeof(rdn->val[0])); - if (rdn->val == NULL) - return ENOMEM; - rdn->len = 1; - ret = der_copy_oid(oid, &rdn->val[0].type); - if (ret) - return ret; - rdn->val[0].value.element = choice_DirectoryString_utf8String; - rdn->val[0].value.u.utf8String = strdup(str); - if (rdn->val[0].value.u.utf8String == NULL) - return ENOMEM; - name->u.rdnSequence.len += 1; - - return 0; -} - -/** - * Parse a string into a hx509 name object. - * - * @param context A hx509 context. - * @param str a string to parse. - * @param name the resulting object, NULL in case of error. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_name - */ - -int -hx509_parse_name(hx509_context context, const char *str, hx509_name *name) -{ - const char *p, *q; - size_t len; - hx509_name n; - int ret; - - *name = NULL; - - n = calloc(1, sizeof(*n)); - if (n == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - - n->der_name.element = choice_Name_rdnSequence; - - p = str; - - while (p != NULL && *p != '\0') { - heim_oid oid; - int last; - - q = strchr(p, ','); - if (q) { - len = (q - p); - last = 1; - } else { - len = strlen(p); - last = 0; - } - - q = strchr(p, '='); - if (q == NULL) { - ret = HX509_PARSING_NAME_FAILED; - hx509_set_error_string(context, 0, ret, "missing = in %s", p); - goto out; - } - if (q == p) { - ret = HX509_PARSING_NAME_FAILED; - hx509_set_error_string(context, 0, ret, - "missing name before = in %s", p); - goto out; - } - - if ((q - p) > len) { - ret = HX509_PARSING_NAME_FAILED; - hx509_set_error_string(context, 0, ret, " = after , in %s", p); - goto out; - } - - ret = stringtooid(p, q - p, &oid); - if (ret) { - ret = HX509_PARSING_NAME_FAILED; - hx509_set_error_string(context, 0, ret, - "unknown type: %.*s", (int)(q - p), p); - goto out; - } - - { - size_t pstr_len = len - (q - p) - 1; - const char *pstr = p + (q - p) + 1; - char *r; - - r = malloc(pstr_len + 1); - if (r == NULL) { - der_free_oid(&oid); - ret = ENOMEM; - hx509_set_error_string(context, 0, ret, "out of memory"); - goto out; - } - memcpy(r, pstr, pstr_len); - r[pstr_len] = '\0'; - - ret = _hx509_name_modify(context, &n->der_name, 0, &oid, r); - free(r); - der_free_oid(&oid); - if(ret) - goto out; - } - p += len + last; - } - - *name = n; - - return 0; -out: - hx509_name_free(&n); - return HX509_NAME_MALFORMED; -} - -/** - * Copy a hx509 name object. - * - * @param context A hx509 cotext. - * @param from the name to copy from - * @param to the name to copy to - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_name - */ - -int -hx509_name_copy(hx509_context context, const hx509_name from, hx509_name *to) -{ - int ret; - - *to = calloc(1, sizeof(**to)); - if (*to == NULL) - return ENOMEM; - ret = copy_Name(&from->der_name, &(*to)->der_name); - if (ret) { - free(*to); - *to = NULL; - return ENOMEM; - } - return 0; -} - -/** - * Convert a hx509_name into a Name. - * - * @param from the name to copy from - * @param to the name to copy to - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_name - */ - -int -hx509_name_to_Name(const hx509_name from, Name *to) -{ - return copy_Name(&from->der_name, to); -} - -int -hx509_name_normalize(hx509_context context, hx509_name name) -{ - return 0; -} - -/** - * Expands variables in the name using env. Variables are on the form - * ${name}. Useful when dealing with certificate templates. - * - * @param context A hx509 cotext. - * @param name the name to expand. - * @param env environment variable to expand. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_name - */ - -int -hx509_name_expand(hx509_context context, - hx509_name name, - hx509_env env) -{ - Name *n = &name->der_name; - int i, j; - - if (env == NULL) - return 0; - - if (n->element != choice_Name_rdnSequence) { - hx509_set_error_string(context, 0, EINVAL, "RDN not of supported type"); - return EINVAL; - } - - for (i = 0 ; i < n->u.rdnSequence.len; i++) { - for (j = 0; j < n->u.rdnSequence.val[i].len; j++) { - /** Only UTF8String rdnSequence names are allowed */ - /* - THIS SHOULD REALLY BE: - COMP = n->u.rdnSequence.val[i].val[j]; - normalize COMP to utf8 - check if there are variables - expand variables - convert back to orignal format, store in COMP - free normalized utf8 string - */ - DirectoryString *ds = &n->u.rdnSequence.val[i].val[j].value; - char *p, *p2; - struct rk_strpool *strpool = NULL; - - if (ds->element != choice_DirectoryString_utf8String) { - hx509_set_error_string(context, 0, EINVAL, "unsupported type"); - return EINVAL; - } - p = strstr(ds->u.utf8String, "${"); - if (p) { - strpool = rk_strpoolprintf(strpool, "%.*s", - (int)(p - ds->u.utf8String), - ds->u.utf8String); - if (strpool == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - } - while (p != NULL) { - /* expand variables */ - const char *value; - p2 = strchr(p, '}'); - if (p2 == NULL) { - hx509_set_error_string(context, 0, EINVAL, "missing }"); - rk_strpoolfree(strpool); - return EINVAL; - } - p += 2; - value = hx509_env_lfind(context, env, p, p2 - p); - if (value == NULL) { - hx509_set_error_string(context, 0, EINVAL, - "variable %.*s missing", - (int)(p2 - p), p); - rk_strpoolfree(strpool); - return EINVAL; - } - strpool = rk_strpoolprintf(strpool, "%s", value); - if (strpool == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - p2++; - - p = strstr(p2, "${"); - if (p) - strpool = rk_strpoolprintf(strpool, "%.*s", - (int)(p - p2), p2); - else - strpool = rk_strpoolprintf(strpool, "%s", p2); - if (strpool == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - } - if (strpool) { - free(ds->u.utf8String); - ds->u.utf8String = rk_strpoolcollect(strpool); - if (ds->u.utf8String == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - } - } - } - return 0; -} - -/** - * Free a hx509 name object, upond return *name will be NULL. - * - * @param name a hx509 name object to be freed. - * - * @ingroup hx509_name - */ - -void -hx509_name_free(hx509_name *name) -{ - free_Name(&(*name)->der_name); - memset(*name, 0, sizeof(**name)); - free(*name); - *name = NULL; -} - -/** - * Convert a DER encoded name info a string. - * - * @param data data to a DER/BER encoded name - * @param length length of data - * @param str the resulting string, is NULL on failure. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_name - */ - -int -hx509_unparse_der_name(const void *data, size_t length, char **str) -{ - Name name; - int ret; - - *str = NULL; - - ret = decode_Name(data, length, &name, NULL); - if (ret) - return ret; - ret = _hx509_Name_to_string(&name, str); - free_Name(&name); - return ret; -} - -/** - * Convert a hx509_name object to DER encoded name. - * - * @param name name to concert - * @param os data to a DER encoded name, free the resulting octet - * string with hx509_xfree(os->data). - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_name - */ - -int -hx509_name_binary(const hx509_name name, heim_octet_string *os) -{ - size_t size; - int ret; - - ASN1_MALLOC_ENCODE(Name, os->data, os->length, &name->der_name, &size, ret); - if (ret) - return ret; - if (os->length != size) - _hx509_abort("internal ASN.1 encoder error"); - - return 0; -} - -int -_hx509_unparse_Name(const Name *aname, char **str) -{ - hx509_name name; - int ret; - - ret = _hx509_name_from_Name(aname, &name); - if (ret) - return ret; - - ret = hx509_name_to_string(name, str); - hx509_name_free(&name); - return ret; -} - -/** - * Unparse the hx509 name in name into a string. - * - * @param name the name to check if its empty/null. - * - * @return non zero if the name is empty/null. - * - * @ingroup hx509_name - */ - -int -hx509_name_is_null_p(const hx509_name name) -{ - return name->der_name.u.rdnSequence.len == 0; -} - -/** - * Unparse the hx509 name in name into a string. - * - * @param name the name to print - * @param str an allocated string returns the name in string form - * - * @return An hx509 error code, see krb5_get_error_string(). - * - * @ingroup hx509_name - */ - -int -hx509_general_name_unparse(GeneralName *name, char **str) -{ - struct rk_strpool *strpool = NULL; - - *str = NULL; - - switch (name->element) { - case choice_GeneralName_otherName: { - char *str; - hx509_oid_sprint(&name->u.otherName.type_id, &str); - if (str == NULL) - return ENOMEM; - strpool = rk_strpoolprintf(strpool, "otherName: %s", str); - free(str); - break; - } - case choice_GeneralName_rfc822Name: - strpool = rk_strpoolprintf(strpool, "rfc822Name: %s\n", - name->u.rfc822Name); - break; - case choice_GeneralName_dNSName: - strpool = rk_strpoolprintf(strpool, "dNSName: %s\n", - name->u.dNSName); - break; - case choice_GeneralName_directoryName: { - Name dir; - char *s; - int ret; - memset(&dir, 0, sizeof(dir)); - dir.element = name->u.directoryName.element; - dir.u.rdnSequence = name->u.directoryName.u.rdnSequence; - ret = _hx509_unparse_Name(&dir, &s); - if (ret) - return ret; - strpool = rk_strpoolprintf(strpool, "directoryName: %s", s); - free(s); - break; - } - case choice_GeneralName_uniformResourceIdentifier: - strpool = rk_strpoolprintf(strpool, "URI: %s", - name->u.uniformResourceIdentifier); - break; - case choice_GeneralName_iPAddress: { - unsigned char *a = name->u.iPAddress.data; - - strpool = rk_strpoolprintf(strpool, "IPAddress: "); - if (strpool == NULL) - break; - if (name->u.iPAddress.length == 4) - strpool = rk_strpoolprintf(strpool, "%d.%d.%d.%d", - a[0], a[1], a[2], a[3]); - else if (name->u.iPAddress.length == 16) - strpool = rk_strpoolprintf(strpool, - "%02X:%02X:%02X:%02X:" - "%02X:%02X:%02X:%02X:" - "%02X:%02X:%02X:%02X:" - "%02X:%02X:%02X:%02X", - a[0], a[1], a[2], a[3], - a[4], a[5], a[6], a[7], - a[8], a[9], a[10], a[11], - a[12], a[13], a[14], a[15]); - else - strpool = rk_strpoolprintf(strpool, - "unknown IP address of length %lu", - (unsigned long)name->u.iPAddress.length); - break; - } - case choice_GeneralName_registeredID: { - char *str; - hx509_oid_sprint(&name->u.registeredID, &str); - if (str == NULL) - return ENOMEM; - strpool = rk_strpoolprintf(strpool, "registeredID: %s", str); - free(str); - break; - } - default: - return EINVAL; - } - if (strpool == NULL) - return ENOMEM; - - *str = rk_strpoolcollect(strpool); - - return 0; -} diff --git a/crypto/heimdal/lib/hx509/ocsp.asn1 b/crypto/heimdal/lib/hx509/ocsp.asn1 deleted file mode 100644 index d8ecd66ccf70..000000000000 --- a/crypto/heimdal/lib/hx509/ocsp.asn1 +++ /dev/null @@ -1,113 +0,0 @@ --- From rfc2560 --- $Id: ocsp.asn1 19576 2006-12-30 12:40:43Z lha $ -OCSP DEFINITIONS EXPLICIT TAGS::= - -BEGIN - -IMPORTS - Certificate, AlgorithmIdentifier, CRLReason, - Name, GeneralName, CertificateSerialNumber, Extensions - FROM rfc2459; - -OCSPVersion ::= INTEGER { ocsp-v1(0) } - -OCSPCertStatus ::= CHOICE { - good [0] IMPLICIT NULL, - revoked [1] IMPLICIT -- OCSPRevokedInfo -- SEQUENCE { - revocationTime GeneralizedTime, - revocationReason[0] EXPLICIT CRLReason OPTIONAL - }, - unknown [2] IMPLICIT NULL } - -OCSPCertID ::= SEQUENCE { - hashAlgorithm AlgorithmIdentifier, - issuerNameHash OCTET STRING, -- Hash of Issuer's DN - issuerKeyHash OCTET STRING, -- Hash of Issuers public key - serialNumber CertificateSerialNumber } - -OCSPSingleResponse ::= SEQUENCE { - certID OCSPCertID, - certStatus OCSPCertStatus, - thisUpdate GeneralizedTime, - nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL, - singleExtensions [1] EXPLICIT Extensions OPTIONAL } - -OCSPInnerRequest ::= SEQUENCE { - reqCert OCSPCertID, - singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL } - -OCSPTBSRequest ::= SEQUENCE { - version [0] EXPLICIT OCSPVersion -- DEFAULT v1 -- OPTIONAL, - requestorName [1] EXPLICIT GeneralName OPTIONAL, - requestList SEQUENCE OF OCSPInnerRequest, - requestExtensions [2] EXPLICIT Extensions OPTIONAL } - -OCSPSignature ::= SEQUENCE { - signatureAlgorithm AlgorithmIdentifier, - signature BIT STRING, - certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } - -OCSPRequest ::= SEQUENCE { - tbsRequest OCSPTBSRequest, - optionalSignature [0] EXPLICIT OCSPSignature OPTIONAL } - -OCSPResponseBytes ::= SEQUENCE { - responseType OBJECT IDENTIFIER, - response OCTET STRING } - -OCSPResponseStatus ::= ENUMERATED { - successful (0), --Response has valid confirmations - malformedRequest (1), --Illegal confirmation request - internalError (2), --Internal error in issuer - tryLater (3), --Try again later - --(4) is not used - sigRequired (5), --Must sign the request - unauthorized (6) --Request unauthorized -} - -OCSPResponse ::= SEQUENCE { - responseStatus OCSPResponseStatus, - responseBytes [0] EXPLICIT OCSPResponseBytes OPTIONAL } - -OCSPKeyHash ::= OCTET STRING --SHA-1 hash of responder's public key - --(excluding the tag and length fields) - -OCSPResponderID ::= CHOICE { - byName [1] Name, - byKey [2] OCSPKeyHash } - -OCSPResponseData ::= SEQUENCE { - version [0] EXPLICIT OCSPVersion -- DEFAULT v1 -- OPTIONAL, - responderID OCSPResponderID, - producedAt GeneralizedTime, - responses SEQUENCE OF OCSPSingleResponse, - responseExtensions [1] EXPLICIT Extensions OPTIONAL } - -OCSPBasicOCSPResponse ::= SEQUENCE { - tbsResponseData OCSPResponseData, - signatureAlgorithm AlgorithmIdentifier, - signature BIT STRING, - certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } - --- ArchiveCutoff ::= GeneralizedTime - --- AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER - --- Object Identifiers - -id-pkix-ocsp OBJECT IDENTIFIER ::= { - iso(1) identified-organization(3) dod(6) internet(1) - security(5) mechanisms(5) pkix(7) pkix-ad(48) 1 -} - -id-pkix-ocsp-basic OBJECT IDENTIFIER ::= { id-pkix-ocsp 1 } -id-pkix-ocsp-nonce OBJECT IDENTIFIER ::= { id-pkix-ocsp 2 } --- id-pkix-ocsp-crl OBJECT IDENTIFIER ::= { id-pkix-ocsp 3 } --- id-pkix-ocsp-response OBJECT IDENTIFIER ::= { id-pkix-ocsp 4 } --- id-pkix-ocsp-nocheck OBJECT IDENTIFIER ::= { id-pkix-ocsp 5 } --- id-pkix-ocsp-archive-cutoff OBJECT IDENTIFIER ::= { id-pkix-ocsp 6 } --- id-pkix-ocsp-service-locator OBJECT IDENTIFIER ::= { id-pkix-ocsp 7 } - - -END - diff --git a/crypto/heimdal/lib/hx509/peer.c b/crypto/heimdal/lib/hx509/peer.c deleted file mode 100644 index eb0ecd2bdefb..000000000000 --- a/crypto/heimdal/lib/hx509/peer.c +++ /dev/null @@ -1,202 +0,0 @@ -/* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -RCSID("$Id: peer.c 22345 2007-12-26 19:03:51Z lha $"); - -/** - * @page page_peer Hx509 crypto selecting functions - * - * Peer info structures are used togeter with hx509_crypto_select() to - * select the best avaible crypto algorithm to use. - * - * See the library functions here: @ref hx509_peer - */ - -/** - * Allocate a new peer info structure an init it to default values. - * - * @param context A hx509 context. - * @param peer return an allocated peer, free with hx509_peer_info_free(). - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_peer - */ - -int -hx509_peer_info_alloc(hx509_context context, hx509_peer_info *peer) -{ - *peer = calloc(1, sizeof(**peer)); - if (*peer == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - return 0; -} - - -static void -free_cms_alg(hx509_peer_info peer) -{ - if (peer->val) { - size_t i; - for (i = 0; i < peer->len; i++) - free_AlgorithmIdentifier(&peer->val[i]); - free(peer->val); - peer->val = NULL; - peer->len = 0; - } -} - -/** - * Free a peer info structure. - * - * @param peer peer info to be freed. - * - * @ingroup hx509_peer - */ - -void -hx509_peer_info_free(hx509_peer_info peer) -{ - if (peer == NULL) - return; - if (peer->cert) - hx509_cert_free(peer->cert); - free_cms_alg(peer); - memset(peer, 0, sizeof(*peer)); - free(peer); -} - -/** - * Set the certificate that remote peer is using. - * - * @param peer peer info to update - * @param cert cerificate of the remote peer. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_peer - */ - -int -hx509_peer_info_set_cert(hx509_peer_info peer, - hx509_cert cert) -{ - if (peer->cert) - hx509_cert_free(peer->cert); - peer->cert = hx509_cert_ref(cert); - return 0; -} - -/** - * Set the algorithms that the peer supports. - * - * @param context A hx509 context. - * @param peer the peer to set the new algorithms for - * @param val array of supported AlgorithmsIdentiers - * @param len length of array val. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_peer - */ - -int -hx509_peer_info_set_cms_algs(hx509_context context, - hx509_peer_info peer, - const AlgorithmIdentifier *val, - size_t len) -{ - size_t i; - - free_cms_alg(peer); - - peer->val = calloc(len, sizeof(*peer->val)); - if (peer->val == NULL) { - peer->len = 0; - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - peer->len = len; - for (i = 0; i < len; i++) { - int ret; - ret = copy_AlgorithmIdentifier(&val[i], &peer->val[i]); - if (ret) { - hx509_clear_error_string(context); - free_cms_alg(peer); - return ret; - } - } - return 0; -} - -#if 0 - -/* - * S/MIME - */ - -int -hx509_peer_info_parse_smime(hx509_peer_info peer, - const heim_octet_string *data) -{ - return 0; -} - -int -hx509_peer_info_unparse_smime(hx509_peer_info peer, - heim_octet_string *data) -{ - return 0; -} - -/* - * For storing hx509_peer_info to be able to cache them. - */ - -int -hx509_peer_info_parse(hx509_peer_info peer, - const heim_octet_string *data) -{ - return 0; -} - -int -hx509_peer_info_unparse(hx509_peer_info peer, - heim_octet_string *data) -{ - return 0; -} -#endif diff --git a/crypto/heimdal/lib/hx509/pkcs10.asn1 b/crypto/heimdal/lib/hx509/pkcs10.asn1 deleted file mode 100644 index 518fe3bfa36a..000000000000 --- a/crypto/heimdal/lib/hx509/pkcs10.asn1 +++ /dev/null @@ -1,25 +0,0 @@ --- $Id: pkcs10.asn1 16918 2006-04-01 09:46:57Z lha $ -PKCS10 DEFINITIONS ::= - -BEGIN - -IMPORTS - Name, SubjectPublicKeyInfo, Attribute, AlgorithmIdentifier - FROM rfc2459; - - -CertificationRequestInfo ::= SEQUENCE { - version INTEGER { pkcs10-v1(0) }, - subject Name, - subjectPKInfo SubjectPublicKeyInfo, - attributes [0] IMPLICIT SET OF Attribute OPTIONAL -} - -CertificationRequest ::= SEQUENCE { - certificationRequestInfo CertificationRequestInfo, - signatureAlgorithm AlgorithmIdentifier, - signature BIT STRING -} - -END - diff --git a/crypto/heimdal/lib/hx509/print.c b/crypto/heimdal/lib/hx509/print.c deleted file mode 100644 index 78ebbafb2f67..000000000000 --- a/crypto/heimdal/lib/hx509/print.c +++ /dev/null @@ -1,990 +0,0 @@ -/* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -RCSID("$Id: print.c 22420 2008-01-13 09:42:35Z lha $"); - -/** - * @page page_print Hx509 printing functions - * - * See the library functions here: @ref hx509_print - */ - -struct hx509_validate_ctx_data { - int flags; - hx509_vprint_func vprint_func; - void *ctx; -}; - -struct cert_status { - unsigned int selfsigned:1; - unsigned int isca:1; - unsigned int isproxy:1; - unsigned int haveSAN:1; - unsigned int haveIAN:1; - unsigned int haveSKI:1; - unsigned int haveAKI:1; - unsigned int haveCRLDP:1; -}; - - -/* - * - */ - -static int -Time2string(const Time *T, char **str) -{ - time_t t; - char *s; - struct tm *tm; - - *str = NULL; - t = _hx509_Time2time_t(T); - tm = gmtime (&t); - s = malloc(30); - if (s == NULL) - return ENOMEM; - strftime(s, 30, "%Y-%m-%d %H:%M:%S", tm); - *str = s; - return 0; -} - -/** - * Helper function to print on stdout for: - * - hx509_oid_print(), - * - hx509_bitstring_print(), - * - hx509_validate_ctx_set_print(). - * - * @param ctx the context to the print function. If the ctx is NULL, - * stdout is used. - * @param fmt the printing format. - * @param va the argumet list. - * - * @ingroup hx509_print - */ - -void -hx509_print_stdout(void *ctx, const char *fmt, va_list va) -{ - FILE *f = ctx; - if (f == NULL) - f = stdout; - vfprintf(f, fmt, va); -} - -static void -print_func(hx509_vprint_func func, void *ctx, const char *fmt, ...) -{ - va_list va; - va_start(va, fmt); - (*func)(ctx, fmt, va); - va_end(va); -} - -/** - * Print a oid to a string. - * - * @param oid oid to print - * @param str allocated string, free with hx509_xfree(). - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_print - */ - -int -hx509_oid_sprint(const heim_oid *oid, char **str) -{ - return der_print_heim_oid(oid, '.', str); -} - -/** - * Print a oid using a hx509_vprint_func function. To print to stdout - * use hx509_print_stdout(). - * - * @param oid oid to print - * @param func hx509_vprint_func to print with. - * @param ctx context variable to hx509_vprint_func function. - * - * @ingroup hx509_print - */ - -void -hx509_oid_print(const heim_oid *oid, hx509_vprint_func func, void *ctx) -{ - char *str; - hx509_oid_sprint(oid, &str); - print_func(func, ctx, "%s", str); - free(str); -} - -/** - * Print a bitstring using a hx509_vprint_func function. To print to - * stdout use hx509_print_stdout(). - * - * @param b bit string to print. - * @param func hx509_vprint_func to print with. - * @param ctx context variable to hx509_vprint_func function. - * - * @ingroup hx509_print - */ - -void -hx509_bitstring_print(const heim_bit_string *b, - hx509_vprint_func func, void *ctx) -{ - int i; - print_func(func, ctx, "\tlength: %d\n\t", b->length); - for (i = 0; i < (b->length + 7) / 8; i++) - print_func(func, ctx, "%02x%s%s", - ((unsigned char *)b->data)[i], - i < (b->length - 7) / 8 - && (i == 0 || (i % 16) != 15) ? ":" : "", - i != 0 && (i % 16) == 15 ? - (i <= ((b->length + 7) / 8 - 2) ? "\n\t" : "\n"):""); -} - -/** - * Print certificate usage for a certificate to a string. - * - * @param context A hx509 context. - * @param c a certificate print the keyusage for. - * @param s the return string with the keysage printed in to, free - * with hx509_xfree(). - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_print - */ - -int -hx509_cert_keyusage_print(hx509_context context, hx509_cert c, char **s) -{ - KeyUsage ku; - char buf[256]; - int ret; - - *s = NULL; - - ret = _hx509_cert_get_keyusage(context, c, &ku); - if (ret) - return ret; - unparse_flags(KeyUsage2int(ku), asn1_KeyUsage_units(), buf, sizeof(buf)); - *s = strdup(buf); - if (*s == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - - return 0; -} - -/* - * - */ - -static void -validate_vprint(void *c, const char *fmt, va_list va) -{ - hx509_validate_ctx ctx = c; - if (ctx->vprint_func == NULL) - return; - (ctx->vprint_func)(ctx->ctx, fmt, va); -} - -static void -validate_print(hx509_validate_ctx ctx, int flags, const char *fmt, ...) -{ - va_list va; - if ((ctx->flags & flags) == 0) - return; - va_start(va, fmt); - validate_vprint(ctx, fmt, va); - va_end(va); -} - -/* - * Dont Care, SHOULD critical, SHOULD NOT critical, MUST critical, - * MUST NOT critical - */ -enum critical_flag { D_C = 0, S_C, S_N_C, M_C, M_N_C }; - -static int -check_Null(hx509_validate_ctx ctx, - struct cert_status *status, - enum critical_flag cf, const Extension *e) -{ - switch(cf) { - case D_C: - break; - case S_C: - if (!e->critical) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "\tCritical not set on SHOULD\n"); - break; - case S_N_C: - if (e->critical) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "\tCritical set on SHOULD NOT\n"); - break; - case M_C: - if (!e->critical) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "\tCritical not set on MUST\n"); - break; - case M_N_C: - if (e->critical) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "\tCritical set on MUST NOT\n"); - break; - default: - _hx509_abort("internal check_Null state error"); - } - return 0; -} - -static int -check_subjectKeyIdentifier(hx509_validate_ctx ctx, - struct cert_status *status, - enum critical_flag cf, - const Extension *e) -{ - SubjectKeyIdentifier si; - size_t size; - int ret; - - status->haveSKI = 1; - check_Null(ctx, status, cf, e); - - ret = decode_SubjectKeyIdentifier(e->extnValue.data, - e->extnValue.length, - &si, &size); - if (ret) { - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "Decoding SubjectKeyIdentifier failed: %d", ret); - return 1; - } - if (size != e->extnValue.length) { - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "Decoding SKI ahve extra bits on the end"); - return 1; - } - if (si.length == 0) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "SKI is too short (0 bytes)"); - if (si.length > 20) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "SKI is too long"); - - { - char *id; - hex_encode(si.data, si.length, &id); - if (id) { - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, - "\tsubject key id: %s\n", id); - free(id); - } - } - - free_SubjectKeyIdentifier(&si); - - return 0; -} - -static int -check_authorityKeyIdentifier(hx509_validate_ctx ctx, - struct cert_status *status, - enum critical_flag cf, - const Extension *e) -{ - AuthorityKeyIdentifier ai; - size_t size; - int ret; - - status->haveAKI = 1; - check_Null(ctx, status, cf, e); - - status->haveSKI = 1; - check_Null(ctx, status, cf, e); - - ret = decode_AuthorityKeyIdentifier(e->extnValue.data, - e->extnValue.length, - &ai, &size); - if (ret) { - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "Decoding AuthorityKeyIdentifier failed: %d", ret); - return 1; - } - if (size != e->extnValue.length) { - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "Decoding SKI ahve extra bits on the end"); - return 1; - } - - if (ai.keyIdentifier) { - char *id; - hex_encode(ai.keyIdentifier->data, ai.keyIdentifier->length, &id); - if (id) { - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, - "\tauthority key id: %s\n", id); - free(id); - } - } - - return 0; -} - - -static int -check_pkinit_san(hx509_validate_ctx ctx, heim_any *a) -{ - KRB5PrincipalName kn; - unsigned i; - size_t size; - int ret; - - ret = decode_KRB5PrincipalName(a->data, a->length, &kn, &size); - if (ret) { - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "Decoding kerberos name in SAN failed: %d", ret); - return 1; - } - - if (size != a->length) { - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "Decoding kerberos name have extra bits on the end"); - return 1; - } - - /* print kerberos principal, add code to quote / within components */ - for (i = 0; i < kn.principalName.name_string.len; i++) { - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "%s", - kn.principalName.name_string.val[i]); - if (i + 1 < kn.principalName.name_string.len) - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "/"); - } - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "@"); - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "%s", kn.realm); - - free_KRB5PrincipalName(&kn); - return 0; -} - -static int -check_utf8_string_san(hx509_validate_ctx ctx, heim_any *a) -{ - PKIXXmppAddr jid; - size_t size; - int ret; - - ret = decode_PKIXXmppAddr(a->data, a->length, &jid, &size); - if (ret) { - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "Decoding JID in SAN failed: %d", ret); - return 1; - } - - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "%s", jid); - free_PKIXXmppAddr(&jid); - - return 0; -} - -static int -check_altnull(hx509_validate_ctx ctx, heim_any *a) -{ - return 0; -} - -static int -check_CRLDistributionPoints(hx509_validate_ctx ctx, - struct cert_status *status, - enum critical_flag cf, - const Extension *e) -{ - CRLDistributionPoints dp; - size_t size; - int ret, i; - - check_Null(ctx, status, cf, e); - - ret = decode_CRLDistributionPoints(e->extnValue.data, - e->extnValue.length, - &dp, &size); - if (ret) { - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "Decoding CRL Distribution Points failed: %d\n", ret); - return 1; - } - - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "CRL Distribution Points:\n"); - for (i = 0 ; i < dp.len; i++) { - if (dp.val[i].distributionPoint) { - DistributionPointName dpname; - heim_any *data = dp.val[i].distributionPoint; - int j; - - ret = decode_DistributionPointName(data->data, data->length, - &dpname, NULL); - if (ret) { - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "Failed to parse CRL Distribution Point Name: %d\n", ret); - continue; - } - - switch (dpname.element) { - case choice_DistributionPointName_fullName: - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "Fullname:\n"); - - for (j = 0 ; j < dpname.u.fullName.len; j++) { - char *s; - GeneralName *name = &dpname.u.fullName.val[j]; - - ret = hx509_general_name_unparse(name, &s); - if (ret == 0 && s != NULL) { - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, " %s\n", s); - free(s); - } - } - break; - case choice_DistributionPointName_nameRelativeToCRLIssuer: - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, - "Unknown nameRelativeToCRLIssuer"); - break; - default: - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "Unknown DistributionPointName"); - break; - } - free_DistributionPointName(&dpname); - } - } - free_CRLDistributionPoints(&dp); - - status->haveCRLDP = 1; - - return 0; -} - - -struct { - const char *name; - const heim_oid *(*oid)(void); - int (*func)(hx509_validate_ctx, heim_any *); -} check_altname[] = { - { "pk-init", oid_id_pkinit_san, check_pkinit_san }, - { "jabber", oid_id_pkix_on_xmppAddr, check_utf8_string_san }, - { "dns-srv", oid_id_pkix_on_dnsSRV, check_altnull }, - { "card-id", oid_id_uspkicommon_card_id, check_altnull }, - { "Microsoft NT-PRINCIPAL-NAME", oid_id_pkinit_ms_san, check_utf8_string_san } -}; - -static int -check_altName(hx509_validate_ctx ctx, - struct cert_status *status, - const char *name, - enum critical_flag cf, - const Extension *e) -{ - GeneralNames gn; - size_t size; - int ret, i; - - check_Null(ctx, status, cf, e); - - if (e->extnValue.length == 0) { - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "%sAltName empty, not allowed", name); - return 1; - } - ret = decode_GeneralNames(e->extnValue.data, e->extnValue.length, - &gn, &size); - if (ret) { - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "\tret = %d while decoding %s GeneralNames\n", - ret, name); - return 1; - } - if (gn.len == 0) { - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "%sAltName generalName empty, not allowed\n", name); - return 1; - } - - for (i = 0; i < gn.len; i++) { - switch (gn.val[i].element) { - case choice_GeneralName_otherName: { - unsigned j; - - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, - "%sAltName otherName ", name); - - for (j = 0; j < sizeof(check_altname)/sizeof(check_altname[0]); j++) { - if (der_heim_oid_cmp((*check_altname[j].oid)(), - &gn.val[i].u.otherName.type_id) != 0) - continue; - - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "%s: ", - check_altname[j].name); - (*check_altname[j].func)(ctx, &gn.val[i].u.otherName.value); - break; - } - if (j == sizeof(check_altname)/sizeof(check_altname[0])) { - hx509_oid_print(&gn.val[i].u.otherName.type_id, - validate_vprint, ctx); - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, " unknown"); - } - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "\n"); - break; - } - default: { - char *s; - ret = hx509_general_name_unparse(&gn.val[i], &s); - if (ret) { - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "ret = %d unparsing GeneralName\n", ret); - return 1; - } - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "%s\n", s); - free(s); - break; - } - } - } - - free_GeneralNames(&gn); - - return 0; -} - -static int -check_subjectAltName(hx509_validate_ctx ctx, - struct cert_status *status, - enum critical_flag cf, - const Extension *e) -{ - status->haveSAN = 1; - return check_altName(ctx, status, "subject", cf, e); -} - -static int -check_issuerAltName(hx509_validate_ctx ctx, - struct cert_status *status, - enum critical_flag cf, - const Extension *e) -{ - status->haveIAN = 1; - return check_altName(ctx, status, "issuer", cf, e); -} - - -static int -check_basicConstraints(hx509_validate_ctx ctx, - struct cert_status *status, - enum critical_flag cf, - const Extension *e) -{ - BasicConstraints b; - size_t size; - int ret; - - check_Null(ctx, status, cf, e); - - ret = decode_BasicConstraints(e->extnValue.data, e->extnValue.length, - &b, &size); - if (ret) { - printf("\tret = %d while decoding BasicConstraints\n", ret); - return 0; - } - if (size != e->extnValue.length) - printf("\tlength of der data isn't same as extension\n"); - - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, - "\tis %sa CA\n", b.cA && *b.cA ? "" : "NOT "); - if (b.pathLenConstraint) - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, - "\tpathLenConstraint: %d\n", *b.pathLenConstraint); - - if (b.cA) { - if (*b.cA) { - if (!e->critical) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "Is a CA and not BasicConstraints CRITICAL\n"); - status->isca = 1; - } - else - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "cA is FALSE, not allowed to be\n"); - } - free_BasicConstraints(&b); - - return 0; -} - -static int -check_proxyCertInfo(hx509_validate_ctx ctx, - struct cert_status *status, - enum critical_flag cf, - const Extension *e) -{ - check_Null(ctx, status, cf, e); - status->isproxy = 1; - return 0; -} - -static int -check_authorityInfoAccess(hx509_validate_ctx ctx, - struct cert_status *status, - enum critical_flag cf, - const Extension *e) -{ - AuthorityInfoAccessSyntax aia; - size_t size; - int ret, i; - - check_Null(ctx, status, cf, e); - - ret = decode_AuthorityInfoAccessSyntax(e->extnValue.data, - e->extnValue.length, - &aia, &size); - if (ret) { - printf("\tret = %d while decoding AuthorityInfoAccessSyntax\n", ret); - return 0; - } - - for (i = 0; i < aia.len; i++) { - char *str; - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, - "\ttype: "); - hx509_oid_print(&aia.val[i].accessMethod, validate_vprint, ctx); - hx509_general_name_unparse(&aia.val[i].accessLocation, &str); - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, - "\n\tdirname: %s\n", str); - free(str); - } - free_AuthorityInfoAccessSyntax(&aia); - - return 0; -} - -/* - * - */ - -struct { - const char *name; - const heim_oid *(*oid)(void); - int (*func)(hx509_validate_ctx ctx, - struct cert_status *status, - enum critical_flag cf, - const Extension *); - enum critical_flag cf; -} check_extension[] = { -#define ext(name, checkname) #name, &oid_id_x509_ce_##name, check_##checkname - { ext(subjectDirectoryAttributes, Null), M_N_C }, - { ext(subjectKeyIdentifier, subjectKeyIdentifier), M_N_C }, - { ext(keyUsage, Null), S_C }, - { ext(subjectAltName, subjectAltName), M_N_C }, - { ext(issuerAltName, issuerAltName), S_N_C }, - { ext(basicConstraints, basicConstraints), D_C }, - { ext(cRLNumber, Null), M_N_C }, - { ext(cRLReason, Null), M_N_C }, - { ext(holdInstructionCode, Null), M_N_C }, - { ext(invalidityDate, Null), M_N_C }, - { ext(deltaCRLIndicator, Null), M_C }, - { ext(issuingDistributionPoint, Null), M_C }, - { ext(certificateIssuer, Null), M_C }, - { ext(nameConstraints, Null), M_C }, - { ext(cRLDistributionPoints, CRLDistributionPoints), S_N_C }, - { ext(certificatePolicies, Null) }, - { ext(policyMappings, Null), M_N_C }, - { ext(authorityKeyIdentifier, authorityKeyIdentifier), M_N_C }, - { ext(policyConstraints, Null), D_C }, - { ext(extKeyUsage, Null), D_C }, - { ext(freshestCRL, Null), M_N_C }, - { ext(inhibitAnyPolicy, Null), M_C }, -#undef ext -#define ext(name, checkname) #name, &oid_id_pkix_pe_##name, check_##checkname - { ext(proxyCertInfo, proxyCertInfo), M_C }, - { ext(authorityInfoAccess, authorityInfoAccess), M_C }, -#undef ext - { "US Fed PKI - PIV Interim", oid_id_uspkicommon_piv_interim, - check_Null, D_C }, - { "Netscape cert comment", oid_id_netscape_cert_comment, - check_Null, D_C }, - { NULL } -}; - -/** - * Allocate a hx509 validation/printing context. - * - * @param context A hx509 context. - * @param ctx a new allocated hx509 validation context, free with - * hx509_validate_ctx_free(). - - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_print - */ - -int -hx509_validate_ctx_init(hx509_context context, hx509_validate_ctx *ctx) -{ - *ctx = malloc(sizeof(**ctx)); - if (*ctx == NULL) - return ENOMEM; - memset(*ctx, 0, sizeof(**ctx)); - return 0; -} - -/** - * Set the printing functions for the validation context. - * - * @param ctx a hx509 valication context. - * @param func the printing function to usea. - * @param c the context variable to the printing function. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_print - */ - -void -hx509_validate_ctx_set_print(hx509_validate_ctx ctx, - hx509_vprint_func func, - void *c) -{ - ctx->vprint_func = func; - ctx->ctx = c; -} - -/** - * Add flags to control the behaivor of the hx509_validate_cert() - * function. - * - * @param ctx A hx509 validation context. - * @param flags flags to add to the validation context. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_print - */ - -void -hx509_validate_ctx_add_flags(hx509_validate_ctx ctx, int flags) -{ - ctx->flags |= flags; -} - -/** - * Free an hx509 validate context. - * - * @param ctx the hx509 validate context to free. - * - * @ingroup hx509_print - */ - -void -hx509_validate_ctx_free(hx509_validate_ctx ctx) -{ - free(ctx); -} - -/** - * Validate/Print the status of the certificate. - * - * @param context A hx509 context. - * @param ctx A hx509 validation context. - * @param cert the cerificate to validate/print. - - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_print - */ - -int -hx509_validate_cert(hx509_context context, - hx509_validate_ctx ctx, - hx509_cert cert) -{ - Certificate *c = _hx509_get_cert(cert); - TBSCertificate *t = &c->tbsCertificate; - hx509_name issuer, subject; - char *str; - struct cert_status status; - int ret; - - memset(&status, 0, sizeof(status)); - - if (_hx509_cert_get_version(c) != 3) - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, - "Not version 3 certificate\n"); - - if ((t->version == NULL || *t->version < 2) && t->extensions) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "Not version 3 certificate with extensions\n"); - - if (_hx509_cert_get_version(c) >= 3 && t->extensions == NULL) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "Version 3 certificate without extensions\n"); - - ret = hx509_cert_get_subject(cert, &subject); - if (ret) abort(); - hx509_name_to_string(subject, &str); - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, - "subject name: %s\n", str); - free(str); - - ret = hx509_cert_get_issuer(cert, &issuer); - if (ret) abort(); - hx509_name_to_string(issuer, &str); - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, - "issuer name: %s\n", str); - free(str); - - if (hx509_name_cmp(subject, issuer) == 0) { - status.selfsigned = 1; - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, - "\tis a self-signed certificate\n"); - } - - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, - "Validity:\n"); - - Time2string(&t->validity.notBefore, &str); - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "\tnotBefore %s\n", str); - free(str); - Time2string(&t->validity.notAfter, &str); - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "\tnotAfter %s\n", str); - free(str); - - if (t->extensions) { - int i, j; - - if (t->extensions->len == 0) { - validate_print(ctx, - HX509_VALIDATE_F_VALIDATE|HX509_VALIDATE_F_VERBOSE, - "The empty extensions list is not " - "allowed by PKIX\n"); - } - - for (i = 0; i < t->extensions->len; i++) { - - for (j = 0; check_extension[j].name; j++) - if (der_heim_oid_cmp((*check_extension[j].oid)(), - &t->extensions->val[i].extnID) == 0) - break; - if (check_extension[j].name == NULL) { - int flags = HX509_VALIDATE_F_VERBOSE; - if (t->extensions->val[i].critical) - flags |= HX509_VALIDATE_F_VALIDATE; - validate_print(ctx, flags, "don't know what "); - if (t->extensions->val[i].critical) - validate_print(ctx, flags, "and is CRITICAL "); - if (ctx->flags & flags) - hx509_oid_print(&t->extensions->val[i].extnID, - validate_vprint, ctx); - validate_print(ctx, flags, " is\n"); - continue; - } - validate_print(ctx, - HX509_VALIDATE_F_VALIDATE|HX509_VALIDATE_F_VERBOSE, - "checking extention: %s\n", - check_extension[j].name); - (*check_extension[j].func)(ctx, - &status, - check_extension[j].cf, - &t->extensions->val[i]); - } - } else - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "no extentions\n"); - - if (status.isca) { - if (!status.haveSKI) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "CA certificate have no SubjectKeyIdentifier\n"); - - } else { - if (!status.haveAKI) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "Is not CA and doesn't have " - "AuthorityKeyIdentifier\n"); - } - - - if (!status.haveSKI) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "Doesn't have SubjectKeyIdentifier\n"); - - if (status.isproxy && status.isca) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "Proxy and CA at the same time!\n"); - - if (status.isproxy) { - if (status.haveSAN) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "Proxy and have SAN\n"); - if (status.haveIAN) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "Proxy and have IAN\n"); - } - - if (hx509_name_is_null_p(subject) && !status.haveSAN) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "NULL subject DN and doesn't have a SAN\n"); - - if (!status.selfsigned && !status.haveCRLDP) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "Not a CA nor PROXY and doesn't have" - "CRL Dist Point\n"); - - if (status.selfsigned) { - ret = _hx509_verify_signature_bitstring(context, - c, - &c->signatureAlgorithm, - &c->tbsCertificate._save, - &c->signatureValue); - if (ret == 0) - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, - "Self-signed certificate was self-signed\n"); - else - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "Self-signed certificate NOT really self-signed!\n"); - } - - hx509_name_free(&subject); - hx509_name_free(&issuer); - - return 0; -} diff --git a/crypto/heimdal/lib/hx509/ref/pkcs11.h b/crypto/heimdal/lib/hx509/ref/pkcs11.h deleted file mode 100644 index 2e6a1e3ed307..000000000000 --- a/crypto/heimdal/lib/hx509/ref/pkcs11.h +++ /dev/null @@ -1,1357 +0,0 @@ -/* pkcs11.h - Copyright 2006, 2007 g10 Code GmbH - Copyright 2006 Andreas Jellinghaus - - This file is free software; as a special exception the author gives - unlimited permission to copy and/or distribute it, with or without - modifications, as long as this notice is preserved. - - This file is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY, to the extent permitted by law; without even - the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR - PURPOSE. */ - -/* Please submit changes back to the Scute project at - http://www.scute.org/ (or send them to marcus@g10code.com), so that - they can be picked up by other projects from there as well. */ - -/* This file is a modified implementation of the PKCS #11 standard by - RSA Security Inc. It is mostly a drop-in replacement, with the - following change: - - This header file does not require any macro definitions by the user - (like CK_DEFINE_FUNCTION etc). In fact, it defines those macros - for you (if useful, some are missing, let me know if you need - more). - - There is an additional API available that does comply better to the - GNU coding standard. It can be switched on by defining - CRYPTOKI_GNU before including this header file. For this, the - following changes are made to the specification: - - All structure types are changed to a "struct ck_foo" where CK_FOO - is the type name in PKCS #11. - - All non-structure types are changed to ck_foo_t where CK_FOO is the - lowercase version of the type name in PKCS #11. The basic types - (CK_ULONG et al.) are removed without substitute. - - All members of structures are modified in the following way: Type - indication prefixes are removed, and underscore characters are - inserted before words. Then the result is lowercased. - - Note that function names are still in the original case, as they - need for ABI compatibility. - - CK_FALSE, CK_TRUE and NULL_PTR are removed without substitute. Use - . - - If CRYPTOKI_COMPAT is defined before including this header file, - then none of the API changes above take place, and the API is the - one defined by the PKCS #11 standard. */ - -#ifndef PKCS11_H -#define PKCS11_H 1 - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* The version of cryptoki we implement. The revision is changed with - each modification of this file. If you do not use the "official" - version of this file, please consider deleting the revision macro - (you may use a macro with a different name to keep track of your - versions). */ -#define CRYPTOKI_VERSION_MAJOR 2 -#define CRYPTOKI_VERSION_MINOR 20 -#define CRYPTOKI_VERSION_REVISION 6 - - -/* Compatibility interface is default, unless CRYPTOKI_GNU is - given. */ -#ifndef CRYPTOKI_GNU -#ifndef CRYPTOKI_COMPAT -#define CRYPTOKI_COMPAT 1 -#endif -#endif - -/* System dependencies. */ - -#if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) - -/* There is a matching pop below. */ -#pragma pack(push, cryptoki, 1) - -#ifdef CRYPTOKI_EXPORTS -#define CK_SPEC __declspec(dllexport) -#else -#define CK_SPEC __declspec(dllimport) -#endif - -#else - -#define CK_SPEC - -#endif - - -#ifdef CRYPTOKI_COMPAT - /* If we are in compatibility mode, switch all exposed names to the - PKCS #11 variant. There are corresponding #undefs below. */ - -#define ck_flags_t CK_FLAGS -#define ck_version _CK_VERSION - -#define ck_info _CK_INFO -#define cryptoki_version cryptokiVersion -#define manufacturer_id manufacturerID -#define library_description libraryDescription -#define library_version libraryVersion - -#define ck_notification_t CK_NOTIFICATION -#define ck_slot_id_t CK_SLOT_ID - -#define ck_slot_info _CK_SLOT_INFO -#define slot_description slotDescription -#define hardware_version hardwareVersion -#define firmware_version firmwareVersion - -#define ck_token_info _CK_TOKEN_INFO -#define serial_number serialNumber -#define max_session_count ulMaxSessionCount -#define session_count ulSessionCount -#define max_rw_session_count ulMaxRwSessionCount -#define rw_session_count ulRwSessionCount -#define max_pin_len ulMaxPinLen -#define min_pin_len ulMinPinLen -#define total_public_memory ulTotalPublicMemory -#define free_public_memory ulFreePublicMemory -#define total_private_memory ulTotalPrivateMemory -#define free_private_memory ulFreePrivateMemory -#define utc_time utcTime - -#define ck_session_handle_t CK_SESSION_HANDLE -#define ck_user_type_t CK_USER_TYPE -#define ck_state_t CK_STATE - -#define ck_session_info _CK_SESSION_INFO -#define slot_id slotID -#define device_error ulDeviceError - -#define ck_object_handle_t CK_OBJECT_HANDLE -#define ck_object_class_t CK_OBJECT_CLASS -#define ck_hw_feature_type_t CK_HW_FEATURE_TYPE -#define ck_key_type_t CK_KEY_TYPE -#define ck_certificate_type_t CK_CERTIFICATE_TYPE -#define ck_attribute_type_t CK_ATTRIBUTE_TYPE - -#define ck_attribute _CK_ATTRIBUTE -#define value pValue -#define value_len ulValueLen - -#define ck_date _CK_DATE - -#define ck_mechanism_type_t CK_MECHANISM_TYPE - -#define ck_mechanism _CK_MECHANISM -#define parameter pParameter -#define parameter_len ulParameterLen - -#define ck_mechanism_info _CK_MECHANISM_INFO -#define min_key_size ulMinKeySize -#define max_key_size ulMaxKeySize - -#define ck_rv_t CK_RV -#define ck_notify_t CK_NOTIFY - -#define ck_function_list _CK_FUNCTION_LIST - -#define ck_createmutex_t CK_CREATEMUTEX -#define ck_destroymutex_t CK_DESTROYMUTEX -#define ck_lockmutex_t CK_LOCKMUTEX -#define ck_unlockmutex_t CK_UNLOCKMUTEX - -#define ck_c_initialize_args _CK_C_INITIALIZE_ARGS -#define create_mutex CreateMutex -#define destroy_mutex DestroyMutex -#define lock_mutex LockMutex -#define unlock_mutex UnlockMutex -#define reserved pReserved - -#endif /* CRYPTOKI_COMPAT */ - - - -typedef unsigned long ck_flags_t; - -struct ck_version -{ - unsigned char major; - unsigned char minor; -}; - - -struct ck_info -{ - struct ck_version cryptoki_version; - unsigned char manufacturer_id[32]; - ck_flags_t flags; - unsigned char library_description[32]; - struct ck_version library_version; -}; - - -typedef unsigned long ck_notification_t; - -#define CKN_SURRENDER (0) - - -typedef unsigned long ck_slot_id_t; - - -struct ck_slot_info -{ - unsigned char slot_description[64]; - unsigned char manufacturer_id[32]; - ck_flags_t flags; - struct ck_version hardware_version; - struct ck_version firmware_version; -}; - - -#define CKF_TOKEN_PRESENT (1 << 0) -#define CKF_REMOVABLE_DEVICE (1 << 1) -#define CKF_HW_SLOT (1 << 2) -#define CKF_ARRAY_ATTRIBUTE (1 << 30) - - -struct ck_token_info -{ - unsigned char label[32]; - unsigned char manufacturer_id[32]; - unsigned char model[16]; - unsigned char serial_number[16]; - ck_flags_t flags; - unsigned long max_session_count; - unsigned long session_count; - unsigned long max_rw_session_count; - unsigned long rw_session_count; - unsigned long max_pin_len; - unsigned long min_pin_len; - unsigned long total_public_memory; - unsigned long free_public_memory; - unsigned long total_private_memory; - unsigned long free_private_memory; - struct ck_version hardware_version; - struct ck_version firmware_version; - unsigned char utc_time[16]; -}; - - -#define CKF_RNG (1 << 0) -#define CKF_WRITE_PROTECTED (1 << 1) -#define CKF_LOGIN_REQUIRED (1 << 2) -#define CKF_USER_PIN_INITIALIZED (1 << 3) -#define CKF_RESTORE_KEY_NOT_NEEDED (1 << 5) -#define CKF_CLOCK_ON_TOKEN (1 << 6) -#define CKF_PROTECTED_AUTHENTICATION_PATH (1 << 8) -#define CKF_DUAL_CRYPTO_OPERATIONS (1 << 9) -#define CKF_TOKEN_INITIALIZED (1 << 10) -#define CKF_SECONDARY_AUTHENTICATION (1 << 11) -#define CKF_USER_PIN_COUNT_LOW (1 << 16) -#define CKF_USER_PIN_FINAL_TRY (1 << 17) -#define CKF_USER_PIN_LOCKED (1 << 18) -#define CKF_USER_PIN_TO_BE_CHANGED (1 << 19) -#define CKF_SO_PIN_COUNT_LOW (1 << 20) -#define CKF_SO_PIN_FINAL_TRY (1 << 21) -#define CKF_SO_PIN_LOCKED (1 << 22) -#define CKF_SO_PIN_TO_BE_CHANGED (1 << 23) - -#define CK_UNAVAILABLE_INFORMATION ((unsigned long) -1) -#define CK_EFFECTIVELY_INFINITE (0) - - -typedef unsigned long ck_session_handle_t; - -#define CK_INVALID_HANDLE (0) - - -typedef unsigned long ck_user_type_t; - -#define CKU_SO (0) -#define CKU_USER (1) -#define CKU_CONTEXT_SPECIFIC (2) - - -typedef unsigned long ck_state_t; - -#define CKS_RO_PUBLIC_SESSION (0) -#define CKS_RO_USER_FUNCTIONS (1) -#define CKS_RW_PUBLIC_SESSION (2) -#define CKS_RW_USER_FUNCTIONS (3) -#define CKS_RW_SO_FUNCTIONS (4) - - -struct ck_session_info -{ - ck_slot_id_t slot_id; - ck_state_t state; - ck_flags_t flags; - unsigned long device_error; -}; - -#define CKF_RW_SESSION (1 << 1) -#define CKF_SERIAL_SESSION (1 << 2) - - -typedef unsigned long ck_object_handle_t; - - -typedef unsigned long ck_object_class_t; - -#define CKO_DATA (0) -#define CKO_CERTIFICATE (1) -#define CKO_PUBLIC_KEY (2) -#define CKO_PRIVATE_KEY (3) -#define CKO_SECRET_KEY (4) -#define CKO_HW_FEATURE (5) -#define CKO_DOMAIN_PARAMETERS (6) -#define CKO_MECHANISM (7) -#define CKO_VENDOR_DEFINED ((unsigned long) (1 << 31)) - - -typedef unsigned long ck_hw_feature_type_t; - -#define CKH_MONOTONIC_COUNTER (1) -#define CKH_CLOCK (2) -#define CKH_USER_INTERFACE (3) -#define CKH_VENDOR_DEFINED ((unsigned long) (1 << 31)) - - -typedef unsigned long ck_key_type_t; - -#define CKK_RSA (0) -#define CKK_DSA (1) -#define CKK_DH (2) -#define CKK_ECDSA (3) -#define CKK_EC (3) -#define CKK_X9_42_DH (4) -#define CKK_KEA (5) -#define CKK_GENERIC_SECRET (0x10) -#define CKK_RC2 (0x11) -#define CKK_RC4 (0x12) -#define CKK_DES (0x13) -#define CKK_DES2 (0x14) -#define CKK_DES3 (0x15) -#define CKK_CAST (0x16) -#define CKK_CAST3 (0x17) -#define CKK_CAST128 (0x18) -#define CKK_RC5 (0x19) -#define CKK_IDEA (0x1a) -#define CKK_SKIPJACK (0x1b) -#define CKK_BATON (0x1c) -#define CKK_JUNIPER (0x1d) -#define CKK_CDMF (0x1e) -#define CKK_AES (0x1f) -#define CKK_BLOWFISH (0x20) -#define CKK_TWOFISH (0x21) -#define CKK_VENDOR_DEFINED ((unsigned long) (1 << 31)) - - -typedef unsigned long ck_certificate_type_t; - -#define CKC_X_509 (0) -#define CKC_X_509_ATTR_CERT (1) -#define CKC_WTLS (2) -#define CKC_VENDOR_DEFINED ((unsigned long) (1 << 31)) - - -typedef unsigned long ck_attribute_type_t; - -#define CKA_CLASS (0) -#define CKA_TOKEN (1) -#define CKA_PRIVATE (2) -#define CKA_LABEL (3) -#define CKA_APPLICATION (0x10) -#define CKA_VALUE (0x11) -#define CKA_OBJECT_ID (0x12) -#define CKA_CERTIFICATE_TYPE (0x80) -#define CKA_ISSUER (0x81) -#define CKA_SERIAL_NUMBER (0x82) -#define CKA_AC_ISSUER (0x83) -#define CKA_OWNER (0x84) -#define CKA_ATTR_TYPES (0x85) -#define CKA_TRUSTED (0x86) -#define CKA_CERTIFICATE_CATEGORY (0x87) -#define CKA_JAVA_MIDP_SECURITY_DOMAIN (0x88) -#define CKA_URL (0x89) -#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY (0x8a) -#define CKA_HASH_OF_ISSUER_PUBLIC_KEY (0x8b) -#define CKA_CHECK_VALUE (0x90) -#define CKA_KEY_TYPE (0x100) -#define CKA_SUBJECT (0x101) -#define CKA_ID (0x102) -#define CKA_SENSITIVE (0x103) -#define CKA_ENCRYPT (0x104) -#define CKA_DECRYPT (0x105) -#define CKA_WRAP (0x106) -#define CKA_UNWRAP (0x107) -#define CKA_SIGN (0x108) -#define CKA_SIGN_RECOVER (0x109) -#define CKA_VERIFY (0x10a) -#define CKA_VERIFY_RECOVER (0x10b) -#define CKA_DERIVE (0x10c) -#define CKA_START_DATE (0x110) -#define CKA_END_DATE (0x111) -#define CKA_MODULUS (0x120) -#define CKA_MODULUS_BITS (0x121) -#define CKA_PUBLIC_EXPONENT (0x122) -#define CKA_PRIVATE_EXPONENT (0x123) -#define CKA_PRIME_1 (0x124) -#define CKA_PRIME_2 (0x125) -#define CKA_EXPONENT_1 (0x126) -#define CKA_EXPONENT_2 (0x127) -#define CKA_COEFFICIENT (0x128) -#define CKA_PRIME (0x130) -#define CKA_SUBPRIME (0x131) -#define CKA_BASE (0x132) -#define CKA_PRIME_BITS (0x133) -#define CKA_SUB_PRIME_BITS (0x134) -#define CKA_VALUE_BITS (0x160) -#define CKA_VALUE_LEN (0x161) -#define CKA_EXTRACTABLE (0x162) -#define CKA_LOCAL (0x163) -#define CKA_NEVER_EXTRACTABLE (0x164) -#define CKA_ALWAYS_SENSITIVE (0x165) -#define CKA_KEY_GEN_MECHANISM (0x166) -#define CKA_MODIFIABLE (0x170) -#define CKA_ECDSA_PARAMS (0x180) -#define CKA_EC_PARAMS (0x180) -#define CKA_EC_POINT (0x181) -#define CKA_SECONDARY_AUTH (0x200) -#define CKA_AUTH_PIN_FLAGS (0x201) -#define CKA_ALWAYS_AUTHENTICATE (0x202) -#define CKA_WRAP_WITH_TRUSTED (0x210) -#define CKA_HW_FEATURE_TYPE (0x300) -#define CKA_RESET_ON_INIT (0x301) -#define CKA_HAS_RESET (0x302) -#define CKA_PIXEL_X (0x400) -#define CKA_PIXEL_Y (0x401) -#define CKA_RESOLUTION (0x402) -#define CKA_CHAR_ROWS (0x403) -#define CKA_CHAR_COLUMNS (0x404) -#define CKA_COLOR (0x405) -#define CKA_BITS_PER_PIXEL (0x406) -#define CKA_CHAR_SETS (0x480) -#define CKA_ENCODING_METHODS (0x481) -#define CKA_MIME_TYPES (0x482) -#define CKA_MECHANISM_TYPE (0x500) -#define CKA_REQUIRED_CMS_ATTRIBUTES (0x501) -#define CKA_DEFAULT_CMS_ATTRIBUTES (0x502) -#define CKA_SUPPORTED_CMS_ATTRIBUTES (0x503) -#define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x211) -#define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x212) -#define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x600) -#define CKA_VENDOR_DEFINED ((unsigned long) (1 << 31)) - - -struct ck_attribute -{ - ck_attribute_type_t type; - void *value; - unsigned long value_len; -}; - - -struct ck_date -{ - unsigned char year[4]; - unsigned char month[2]; - unsigned char day[2]; -}; - - -typedef unsigned long ck_mechanism_type_t; - -#define CKM_RSA_PKCS_KEY_PAIR_GEN (0) -#define CKM_RSA_PKCS (1) -#define CKM_RSA_9796 (2) -#define CKM_RSA_X_509 (3) -#define CKM_MD2_RSA_PKCS (4) -#define CKM_MD5_RSA_PKCS (5) -#define CKM_SHA1_RSA_PKCS (6) -#define CKM_RIPEMD128_RSA_PKCS (7) -#define CKM_RIPEMD160_RSA_PKCS (8) -#define CKM_RSA_PKCS_OAEP (9) -#define CKM_RSA_X9_31_KEY_PAIR_GEN (0xa) -#define CKM_RSA_X9_31 (0xb) -#define CKM_SHA1_RSA_X9_31 (0xc) -#define CKM_RSA_PKCS_PSS (0xd) -#define CKM_SHA1_RSA_PKCS_PSS (0xe) -#define CKM_DSA_KEY_PAIR_GEN (0x10) -#define CKM_DSA (0x11) -#define CKM_DSA_SHA1 (0x12) -#define CKM_DH_PKCS_KEY_PAIR_GEN (0x20) -#define CKM_DH_PKCS_DERIVE (0x21) -#define CKM_X9_42_DH_KEY_PAIR_GEN (0x30) -#define CKM_X9_42_DH_DERIVE (0x31) -#define CKM_X9_42_DH_HYBRID_DERIVE (0x32) -#define CKM_X9_42_MQV_DERIVE (0x33) -#define CKM_SHA256_RSA_PKCS (0x40) -#define CKM_SHA384_RSA_PKCS (0x41) -#define CKM_SHA512_RSA_PKCS (0x42) -#define CKM_SHA256_RSA_PKCS_PSS (0x43) -#define CKM_SHA384_RSA_PKCS_PSS (0x44) -#define CKM_SHA512_RSA_PKCS_PSS (0x45) -#define CKM_RC2_KEY_GEN (0x100) -#define CKM_RC2_ECB (0x101) -#define CKM_RC2_CBC (0x102) -#define CKM_RC2_MAC (0x103) -#define CKM_RC2_MAC_GENERAL (0x104) -#define CKM_RC2_CBC_PAD (0x105) -#define CKM_RC4_KEY_GEN (0x110) -#define CKM_RC4 (0x111) -#define CKM_DES_KEY_GEN (0x120) -#define CKM_DES_ECB (0x121) -#define CKM_DES_CBC (0x122) -#define CKM_DES_MAC (0x123) -#define CKM_DES_MAC_GENERAL (0x124) -#define CKM_DES_CBC_PAD (0x125) -#define CKM_DES2_KEY_GEN (0x130) -#define CKM_DES3_KEY_GEN (0x131) -#define CKM_DES3_ECB (0x132) -#define CKM_DES3_CBC (0x133) -#define CKM_DES3_MAC (0x134) -#define CKM_DES3_MAC_GENERAL (0x135) -#define CKM_DES3_CBC_PAD (0x136) -#define CKM_CDMF_KEY_GEN (0x140) -#define CKM_CDMF_ECB (0x141) -#define CKM_CDMF_CBC (0x142) -#define CKM_CDMF_MAC (0x143) -#define CKM_CDMF_MAC_GENERAL (0x144) -#define CKM_CDMF_CBC_PAD (0x145) -#define CKM_MD2 (0x200) -#define CKM_MD2_HMAC (0x201) -#define CKM_MD2_HMAC_GENERAL (0x202) -#define CKM_MD5 (0x210) -#define CKM_MD5_HMAC (0x211) -#define CKM_MD5_HMAC_GENERAL (0x212) -#define CKM_SHA_1 (0x220) -#define CKM_SHA_1_HMAC (0x221) -#define CKM_SHA_1_HMAC_GENERAL (0x222) -#define CKM_RIPEMD128 (0x230) -#define CKM_RIPEMD128_HMAC (0x231) -#define CKM_RIPEMD128_HMAC_GENERAL (0x232) -#define CKM_RIPEMD160 (0x240) -#define CKM_RIPEMD160_HMAC (0x241) -#define CKM_RIPEMD160_HMAC_GENERAL (0x242) -#define CKM_SHA256 (0x250) -#define CKM_SHA256_HMAC (0x251) -#define CKM_SHA256_HMAC_GENERAL (0x252) -#define CKM_SHA384 (0x260) -#define CKM_SHA384_HMAC (0x261) -#define CKM_SHA384_HMAC_GENERAL (0x262) -#define CKM_SHA512 (0x270) -#define CKM_SHA512_HMAC (0x271) -#define CKM_SHA512_HMAC_GENERAL (0x272) -#define CKM_CAST_KEY_GEN (0x300) -#define CKM_CAST_ECB (0x301) -#define CKM_CAST_CBC (0x302) -#define CKM_CAST_MAC (0x303) -#define CKM_CAST_MAC_GENERAL (0x304) -#define CKM_CAST_CBC_PAD (0x305) -#define CKM_CAST3_KEY_GEN (0x310) -#define CKM_CAST3_ECB (0x311) -#define CKM_CAST3_CBC (0x312) -#define CKM_CAST3_MAC (0x313) -#define CKM_CAST3_MAC_GENERAL (0x314) -#define CKM_CAST3_CBC_PAD (0x315) -#define CKM_CAST5_KEY_GEN (0x320) -#define CKM_CAST128_KEY_GEN (0x320) -#define CKM_CAST5_ECB (0x321) -#define CKM_CAST128_ECB (0x321) -#define CKM_CAST5_CBC (0x322) -#define CKM_CAST128_CBC (0x322) -#define CKM_CAST5_MAC (0x323) -#define CKM_CAST128_MAC (0x323) -#define CKM_CAST5_MAC_GENERAL (0x324) -#define CKM_CAST128_MAC_GENERAL (0x324) -#define CKM_CAST5_CBC_PAD (0x325) -#define CKM_CAST128_CBC_PAD (0x325) -#define CKM_RC5_KEY_GEN (0x330) -#define CKM_RC5_ECB (0x331) -#define CKM_RC5_CBC (0x332) -#define CKM_RC5_MAC (0x333) -#define CKM_RC5_MAC_GENERAL (0x334) -#define CKM_RC5_CBC_PAD (0x335) -#define CKM_IDEA_KEY_GEN (0x340) -#define CKM_IDEA_ECB (0x341) -#define CKM_IDEA_CBC (0x342) -#define CKM_IDEA_MAC (0x343) -#define CKM_IDEA_MAC_GENERAL (0x344) -#define CKM_IDEA_CBC_PAD (0x345) -#define CKM_GENERIC_SECRET_KEY_GEN (0x350) -#define CKM_CONCATENATE_BASE_AND_KEY (0x360) -#define CKM_CONCATENATE_BASE_AND_DATA (0x362) -#define CKM_CONCATENATE_DATA_AND_BASE (0x363) -#define CKM_XOR_BASE_AND_DATA (0x364) -#define CKM_EXTRACT_KEY_FROM_KEY (0x365) -#define CKM_SSL3_PRE_MASTER_KEY_GEN (0x370) -#define CKM_SSL3_MASTER_KEY_DERIVE (0x371) -#define CKM_SSL3_KEY_AND_MAC_DERIVE (0x372) -#define CKM_SSL3_MASTER_KEY_DERIVE_DH (0x373) -#define CKM_TLS_PRE_MASTER_KEY_GEN (0x374) -#define CKM_TLS_MASTER_KEY_DERIVE (0x375) -#define CKM_TLS_KEY_AND_MAC_DERIVE (0x376) -#define CKM_TLS_MASTER_KEY_DERIVE_DH (0x377) -#define CKM_SSL3_MD5_MAC (0x380) -#define CKM_SSL3_SHA1_MAC (0x381) -#define CKM_MD5_KEY_DERIVATION (0x390) -#define CKM_MD2_KEY_DERIVATION (0x391) -#define CKM_SHA1_KEY_DERIVATION (0x392) -#define CKM_PBE_MD2_DES_CBC (0x3a0) -#define CKM_PBE_MD5_DES_CBC (0x3a1) -#define CKM_PBE_MD5_CAST_CBC (0x3a2) -#define CKM_PBE_MD5_CAST3_CBC (0x3a3) -#define CKM_PBE_MD5_CAST5_CBC (0x3a4) -#define CKM_PBE_MD5_CAST128_CBC (0x3a4) -#define CKM_PBE_SHA1_CAST5_CBC (0x3a5) -#define CKM_PBE_SHA1_CAST128_CBC (0x3a5) -#define CKM_PBE_SHA1_RC4_128 (0x3a6) -#define CKM_PBE_SHA1_RC4_40 (0x3a7) -#define CKM_PBE_SHA1_DES3_EDE_CBC (0x3a8) -#define CKM_PBE_SHA1_DES2_EDE_CBC (0x3a9) -#define CKM_PBE_SHA1_RC2_128_CBC (0x3aa) -#define CKM_PBE_SHA1_RC2_40_CBC (0x3ab) -#define CKM_PKCS5_PBKD2 (0x3b0) -#define CKM_PBA_SHA1_WITH_SHA1_HMAC (0x3c0) -#define CKM_KEY_WRAP_LYNKS (0x400) -#define CKM_KEY_WRAP_SET_OAEP (0x401) -#define CKM_SKIPJACK_KEY_GEN (0x1000) -#define CKM_SKIPJACK_ECB64 (0x1001) -#define CKM_SKIPJACK_CBC64 (0x1002) -#define CKM_SKIPJACK_OFB64 (0x1003) -#define CKM_SKIPJACK_CFB64 (0x1004) -#define CKM_SKIPJACK_CFB32 (0x1005) -#define CKM_SKIPJACK_CFB16 (0x1006) -#define CKM_SKIPJACK_CFB8 (0x1007) -#define CKM_SKIPJACK_WRAP (0x1008) -#define CKM_SKIPJACK_PRIVATE_WRAP (0x1009) -#define CKM_SKIPJACK_RELAYX (0x100a) -#define CKM_KEA_KEY_PAIR_GEN (0x1010) -#define CKM_KEA_KEY_DERIVE (0x1011) -#define CKM_FORTEZZA_TIMESTAMP (0x1020) -#define CKM_BATON_KEY_GEN (0x1030) -#define CKM_BATON_ECB128 (0x1031) -#define CKM_BATON_ECB96 (0x1032) -#define CKM_BATON_CBC128 (0x1033) -#define CKM_BATON_COUNTER (0x1034) -#define CKM_BATON_SHUFFLE (0x1035) -#define CKM_BATON_WRAP (0x1036) -#define CKM_ECDSA_KEY_PAIR_GEN (0x1040) -#define CKM_EC_KEY_PAIR_GEN (0x1040) -#define CKM_ECDSA (0x1041) -#define CKM_ECDSA_SHA1 (0x1042) -#define CKM_ECDH1_DERIVE (0x1050) -#define CKM_ECDH1_COFACTOR_DERIVE (0x1051) -#define CKM_ECMQV_DERIVE (0x1052) -#define CKM_JUNIPER_KEY_GEN (0x1060) -#define CKM_JUNIPER_ECB128 (0x1061) -#define CKM_JUNIPER_CBC128 (0x1062) -#define CKM_JUNIPER_COUNTER (0x1063) -#define CKM_JUNIPER_SHUFFLE (0x1064) -#define CKM_JUNIPER_WRAP (0x1065) -#define CKM_FASTHASH (0x1070) -#define CKM_AES_KEY_GEN (0x1080) -#define CKM_AES_ECB (0x1081) -#define CKM_AES_CBC (0x1082) -#define CKM_AES_MAC (0x1083) -#define CKM_AES_MAC_GENERAL (0x1084) -#define CKM_AES_CBC_PAD (0x1085) -#define CKM_DSA_PARAMETER_GEN (0x2000) -#define CKM_DH_PKCS_PARAMETER_GEN (0x2001) -#define CKM_X9_42_DH_PARAMETER_GEN (0x2002) -#define CKM_VENDOR_DEFINED ((unsigned long) (1 << 31)) - - -struct ck_mechanism -{ - ck_mechanism_type_t mechanism; - void *parameter; - unsigned long parameter_len; -}; - - -struct ck_mechanism_info -{ - unsigned long min_key_size; - unsigned long max_key_size; - ck_flags_t flags; -}; - -#define CKF_HW (1 << 0) -#define CKF_ENCRYPT (1 << 8) -#define CKF_DECRYPT (1 << 9) -#define CKF_DIGEST (1 << 10) -#define CKF_SIGN (1 << 11) -#define CKF_SIGN_RECOVER (1 << 12) -#define CKF_VERIFY (1 << 13) -#define CKF_VERIFY_RECOVER (1 << 14) -#define CKF_GENERATE (1 << 15) -#define CKF_GENERATE_KEY_PAIR (1 << 16) -#define CKF_WRAP (1 << 17) -#define CKF_UNWRAP (1 << 18) -#define CKF_DERIVE (1 << 19) -#define CKF_EXTENSION ((unsigned long) (1 << 31)) - - -/* Flags for C_WaitForSlotEvent. */ -#define CKF_DONT_BLOCK (1) - - -typedef unsigned long ck_rv_t; - - -typedef ck_rv_t (*ck_notify_t) (ck_session_handle_t session, - ck_notification_t event, void *application); - -/* Forward reference. */ -struct ck_function_list; - -#define _CK_DECLARE_FUNCTION(name, args) \ -typedef ck_rv_t (*CK_ ## name) args; \ -ck_rv_t CK_SPEC name args - -_CK_DECLARE_FUNCTION (C_Initialize, (void *init_args)); -_CK_DECLARE_FUNCTION (C_Finalize, (void *reserved)); -_CK_DECLARE_FUNCTION (C_GetInfo, (struct ck_info *info)); -_CK_DECLARE_FUNCTION (C_GetFunctionList, - (struct ck_function_list **function_list)); - -_CK_DECLARE_FUNCTION (C_GetSlotList, - (unsigned char token_present, ck_slot_id_t *slot_list, - unsigned long *count)); -_CK_DECLARE_FUNCTION (C_GetSlotInfo, - (ck_slot_id_t slot_id, struct ck_slot_info *info)); -_CK_DECLARE_FUNCTION (C_GetTokenInfo, - (ck_slot_id_t slot_id, struct ck_token_info *info)); -_CK_DECLARE_FUNCTION (C_WaitForSlotEvent, - (ck_flags_t flags, ck_slot_id_t *slot, void *reserved)); -_CK_DECLARE_FUNCTION (C_GetMechanismList, - (ck_slot_id_t slot_id, - ck_mechanism_type_t *mechanism_list, - unsigned long *count)); -_CK_DECLARE_FUNCTION (C_GetMechanismInfo, - (ck_slot_id_t slot_id, ck_mechanism_type_t type, - struct ck_mechanism_info *info)); -_CK_DECLARE_FUNCTION (C_InitToken, - (ck_slot_id_t slot_id, unsigned char *pin, - unsigned long pin_len, unsigned char *label)); -_CK_DECLARE_FUNCTION (C_InitPIN, - (ck_session_handle_t session, unsigned char *pin, - unsigned long pin_len)); -_CK_DECLARE_FUNCTION (C_SetPIN, - (ck_session_handle_t session, unsigned char *old_pin, - unsigned long old_len, unsigned char *new_pin, - unsigned long new_len)); - -_CK_DECLARE_FUNCTION (C_OpenSession, - (ck_slot_id_t slot_id, ck_flags_t flags, - void *application, ck_notify_t notify, - ck_session_handle_t *session)); -_CK_DECLARE_FUNCTION (C_CloseSession, (ck_session_handle_t session)); -_CK_DECLARE_FUNCTION (C_CloseAllSessions, (ck_slot_id_t slot_id)); -_CK_DECLARE_FUNCTION (C_GetSessionInfo, - (ck_session_handle_t session, - struct ck_session_info *info)); -_CK_DECLARE_FUNCTION (C_GetOperationState, - (ck_session_handle_t session, - unsigned char *operation_state, - unsigned long *operation_state_len)); -_CK_DECLARE_FUNCTION (C_SetOperationState, - (ck_session_handle_t session, - unsigned char *operation_state, - unsigned long operation_state_len, - ck_object_handle_t encryption_key, - ck_object_handle_t authentiation_key)); -_CK_DECLARE_FUNCTION (C_Login, - (ck_session_handle_t session, ck_user_type_t user_type, - unsigned char *pin, unsigned long pin_len)); -_CK_DECLARE_FUNCTION (C_Logout, (ck_session_handle_t session)); - -_CK_DECLARE_FUNCTION (C_CreateObject, - (ck_session_handle_t session, - struct ck_attribute *templ, - unsigned long count, ck_object_handle_t *object)); -_CK_DECLARE_FUNCTION (C_CopyObject, - (ck_session_handle_t session, ck_object_handle_t object, - struct ck_attribute *templ, unsigned long count, - ck_object_handle_t *new_object)); -_CK_DECLARE_FUNCTION (C_DestroyObject, - (ck_session_handle_t session, - ck_object_handle_t object)); -_CK_DECLARE_FUNCTION (C_GetObjectSize, - (ck_session_handle_t session, - ck_object_handle_t object, - unsigned long *size)); -_CK_DECLARE_FUNCTION (C_GetAttributeValue, - (ck_session_handle_t session, - ck_object_handle_t object, - struct ck_attribute *templ, - unsigned long count)); -_CK_DECLARE_FUNCTION (C_SetAttributeValue, - (ck_session_handle_t session, - ck_object_handle_t object, - struct ck_attribute *templ, - unsigned long count)); -_CK_DECLARE_FUNCTION (C_FindObjectsInit, - (ck_session_handle_t session, - struct ck_attribute *templ, - unsigned long count)); -_CK_DECLARE_FUNCTION (C_FindObjects, - (ck_session_handle_t session, - ck_object_handle_t *object, - unsigned long max_object_count, - unsigned long *object_count)); -_CK_DECLARE_FUNCTION (C_FindObjectsFinal, - (ck_session_handle_t session)); - -_CK_DECLARE_FUNCTION (C_EncryptInit, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t key)); -_CK_DECLARE_FUNCTION (C_Encrypt, - (ck_session_handle_t session, - unsigned char *data, unsigned long data_len, - unsigned char *encrypted_data, - unsigned long *encrypted_data_len)); -_CK_DECLARE_FUNCTION (C_EncryptUpdate, - (ck_session_handle_t session, - unsigned char *part, unsigned long part_len, - unsigned char *encrypted_part, - unsigned long *encrypted_part_len)); -_CK_DECLARE_FUNCTION (C_EncryptFinal, - (ck_session_handle_t session, - unsigned char *last_encrypted_part, - unsigned long *last_encrypted_part_len)); - -_CK_DECLARE_FUNCTION (C_DecryptInit, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t key)); -_CK_DECLARE_FUNCTION (C_Decrypt, - (ck_session_handle_t session, - unsigned char *encrypted_data, - unsigned long encrypted_data_len, - unsigned char *data, unsigned long *data_len)); -_CK_DECLARE_FUNCTION (C_DecryptUpdate, - (ck_session_handle_t session, - unsigned char *encrypted_part, - unsigned long encrypted_part_len, - unsigned char *part, unsigned long *part_len)); -_CK_DECLARE_FUNCTION (C_DecryptFinal, - (ck_session_handle_t session, - unsigned char *last_part, - unsigned long *last_part_len)); - -_CK_DECLARE_FUNCTION (C_DigestInit, - (ck_session_handle_t session, - struct ck_mechanism *mechanism)); -_CK_DECLARE_FUNCTION (C_Digest, - (ck_session_handle_t session, - unsigned char *data, unsigned long data_len, - unsigned char *digest, - unsigned long *digest_len)); -_CK_DECLARE_FUNCTION (C_DigestUpdate, - (ck_session_handle_t session, - unsigned char *part, unsigned long part_len)); -_CK_DECLARE_FUNCTION (C_DigestKey, - (ck_session_handle_t session, ck_object_handle_t key)); -_CK_DECLARE_FUNCTION (C_DigestFinal, - (ck_session_handle_t session, - unsigned char *digest, - unsigned long *digest_len)); - -_CK_DECLARE_FUNCTION (C_SignInit, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t key)); -_CK_DECLARE_FUNCTION (C_Sign, - (ck_session_handle_t session, - unsigned char *data, unsigned long data_len, - unsigned char *signature, - unsigned long *signature_len)); -_CK_DECLARE_FUNCTION (C_SignUpdate, - (ck_session_handle_t session, - unsigned char *part, unsigned long part_len)); -_CK_DECLARE_FUNCTION (C_SignFinal, - (ck_session_handle_t session, - unsigned char *signature, - unsigned long *signature_len)); -_CK_DECLARE_FUNCTION (C_SignRecoverInit, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t key)); -_CK_DECLARE_FUNCTION (C_SignRecover, - (ck_session_handle_t session, - unsigned char *data, unsigned long data_len, - unsigned char *signature, - unsigned long *signature_len)); - -_CK_DECLARE_FUNCTION (C_VerifyInit, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t key)); -_CK_DECLARE_FUNCTION (C_Verify, - (ck_session_handle_t session, - unsigned char *data, unsigned long data_len, - unsigned char *signature, - unsigned long signature_len)); -_CK_DECLARE_FUNCTION (C_VerifyUpdate, - (ck_session_handle_t session, - unsigned char *part, unsigned long part_len)); -_CK_DECLARE_FUNCTION (C_VerifyFinal, - (ck_session_handle_t session, - unsigned char *signature, - unsigned long signature_len)); -_CK_DECLARE_FUNCTION (C_VerifyRecoverInit, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t key)); -_CK_DECLARE_FUNCTION (C_VerifyRecover, - (ck_session_handle_t session, - unsigned char *signature, - unsigned long signature_len, - unsigned char *data, - unsigned long *data_len)); - -_CK_DECLARE_FUNCTION (C_DigestEncryptUpdate, - (ck_session_handle_t session, - unsigned char *part, unsigned long part_len, - unsigned char *encrypted_part, - unsigned long *encrypted_part_len)); -_CK_DECLARE_FUNCTION (C_DecryptDigestUpdate, - (ck_session_handle_t session, - unsigned char *encrypted_part, - unsigned long encrypted_part_len, - unsigned char *part, - unsigned long *part_len)); -_CK_DECLARE_FUNCTION (C_SignEncryptUpdate, - (ck_session_handle_t session, - unsigned char *part, unsigned long part_len, - unsigned char *encrypted_part, - unsigned long *encrypted_part_len)); -_CK_DECLARE_FUNCTION (C_DecryptVerifyUpdate, - (ck_session_handle_t session, - unsigned char *encrypted_part, - unsigned long encrypted_part_len, - unsigned char *part, - unsigned long *part_len)); - -_CK_DECLARE_FUNCTION (C_GenerateKey, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - struct ck_attribute *templ, - unsigned long count, - ck_object_handle_t *key)); -_CK_DECLARE_FUNCTION (C_GenerateKeyPair, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - struct ck_attribute *public_key_template, - unsigned long public_key_attribute_count, - struct ck_attribute *private_key_template, - unsigned long private_key_attribute_count, - ck_object_handle_t *public_key, - ck_object_handle_t *private_key)); -_CK_DECLARE_FUNCTION (C_WrapKey, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t wrapping_key, - ck_object_handle_t key, - unsigned char *wrapped_key, - unsigned long *wrapped_key_len)); -_CK_DECLARE_FUNCTION (C_UnwrapKey, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t unwrapping_key, - unsigned char *wrapped_key, - unsigned long wrapped_key_len, - struct ck_attribute *templ, - unsigned long attribute_count, - ck_object_handle_t *key)); -_CK_DECLARE_FUNCTION (C_DeriveKey, - (ck_session_handle_t session, - struct ck_mechanism *mechanism, - ck_object_handle_t base_key, - struct ck_attribute *templ, - unsigned long attribute_count, - ck_object_handle_t *key)); - -_CK_DECLARE_FUNCTION (C_SeedRandom, - (ck_session_handle_t session, unsigned char *seed, - unsigned long seed_len)); -_CK_DECLARE_FUNCTION (C_GenerateRandom, - (ck_session_handle_t session, - unsigned char *random_data, - unsigned long random_len)); - -_CK_DECLARE_FUNCTION (C_GetFunctionStatus, (ck_session_handle_t session)); -_CK_DECLARE_FUNCTION (C_CancelFunction, (ck_session_handle_t session)); - - -struct ck_function_list -{ - struct ck_version version; - CK_C_Initialize C_Initialize; - CK_C_Finalize C_Finalize; - CK_C_GetInfo C_GetInfo; - CK_C_GetFunctionList C_GetFunctionList; - CK_C_GetSlotList C_GetSlotList; - CK_C_GetSlotInfo C_GetSlotInfo; - CK_C_GetTokenInfo C_GetTokenInfo; - CK_C_GetMechanismList C_GetMechanismList; - CK_C_GetMechanismInfo C_GetMechanismInfo; - CK_C_InitToken C_InitToken; - CK_C_InitPIN C_InitPIN; - CK_C_SetPIN C_SetPIN; - CK_C_OpenSession C_OpenSession; - CK_C_CloseSession C_CloseSession; - CK_C_CloseAllSessions C_CloseAllSessions; - CK_C_GetSessionInfo C_GetSessionInfo; - CK_C_GetOperationState C_GetOperationState; - CK_C_SetOperationState C_SetOperationState; - CK_C_Login C_Login; - CK_C_Logout C_Logout; - CK_C_CreateObject C_CreateObject; - CK_C_CopyObject C_CopyObject; - CK_C_DestroyObject C_DestroyObject; - CK_C_GetObjectSize C_GetObjectSize; - CK_C_GetAttributeValue C_GetAttributeValue; - CK_C_SetAttributeValue C_SetAttributeValue; - CK_C_FindObjectsInit C_FindObjectsInit; - CK_C_FindObjects C_FindObjects; - CK_C_FindObjectsFinal C_FindObjectsFinal; - CK_C_EncryptInit C_EncryptInit; - CK_C_Encrypt C_Encrypt; - CK_C_EncryptUpdate C_EncryptUpdate; - CK_C_EncryptFinal C_EncryptFinal; - CK_C_DecryptInit C_DecryptInit; - CK_C_Decrypt C_Decrypt; - CK_C_DecryptUpdate C_DecryptUpdate; - CK_C_DecryptFinal C_DecryptFinal; - CK_C_DigestInit C_DigestInit; - CK_C_Digest C_Digest; - CK_C_DigestUpdate C_DigestUpdate; - CK_C_DigestKey C_DigestKey; - CK_C_DigestFinal C_DigestFinal; - CK_C_SignInit C_SignInit; - CK_C_Sign C_Sign; - CK_C_SignUpdate C_SignUpdate; - CK_C_SignFinal C_SignFinal; - CK_C_SignRecoverInit C_SignRecoverInit; - CK_C_SignRecover C_SignRecover; - CK_C_VerifyInit C_VerifyInit; - CK_C_Verify C_Verify; - CK_C_VerifyUpdate C_VerifyUpdate; - CK_C_VerifyFinal C_VerifyFinal; - CK_C_VerifyRecoverInit C_VerifyRecoverInit; - CK_C_VerifyRecover C_VerifyRecover; - CK_C_DigestEncryptUpdate C_DigestEncryptUpdate; - CK_C_DecryptDigestUpdate C_DecryptDigestUpdate; - CK_C_SignEncryptUpdate C_SignEncryptUpdate; - CK_C_DecryptVerifyUpdate C_DecryptVerifyUpdate; - CK_C_GenerateKey C_GenerateKey; - CK_C_GenerateKeyPair C_GenerateKeyPair; - CK_C_WrapKey C_WrapKey; - CK_C_UnwrapKey C_UnwrapKey; - CK_C_DeriveKey C_DeriveKey; - CK_C_SeedRandom C_SeedRandom; - CK_C_GenerateRandom C_GenerateRandom; - CK_C_GetFunctionStatus C_GetFunctionStatus; - CK_C_CancelFunction C_CancelFunction; - CK_C_WaitForSlotEvent C_WaitForSlotEvent; -}; - - -typedef ck_rv_t (*ck_createmutex_t) (void **mutex); -typedef ck_rv_t (*ck_destroymutex_t) (void *mutex); -typedef ck_rv_t (*ck_lockmutex_t) (void *mutex); -typedef ck_rv_t (*ck_unlockmutex_t) (void *mutex); - - -struct ck_c_initialize_args -{ - ck_createmutex_t create_mutex; - ck_destroymutex_t destroy_mutex; - ck_lockmutex_t lock_mutex; - ck_unlockmutex_t unlock_mutex; - ck_flags_t flags; - void *reserved; -}; - - -#define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1 << 0) -#define CKF_OS_LOCKING_OK (1 << 1) - -#define CKR_OK (0) -#define CKR_CANCEL (1) -#define CKR_HOST_MEMORY (2) -#define CKR_SLOT_ID_INVALID (3) -#define CKR_GENERAL_ERROR (5) -#define CKR_FUNCTION_FAILED (6) -#define CKR_ARGUMENTS_BAD (7) -#define CKR_NO_EVENT (8) -#define CKR_NEED_TO_CREATE_THREADS (9) -#define CKR_CANT_LOCK (0xa) -#define CKR_ATTRIBUTE_READ_ONLY (0x10) -#define CKR_ATTRIBUTE_SENSITIVE (0x11) -#define CKR_ATTRIBUTE_TYPE_INVALID (0x12) -#define CKR_ATTRIBUTE_VALUE_INVALID (0x13) -#define CKR_DATA_INVALID (0x20) -#define CKR_DATA_LEN_RANGE (0x21) -#define CKR_DEVICE_ERROR (0x30) -#define CKR_DEVICE_MEMORY (0x31) -#define CKR_DEVICE_REMOVED (0x32) -#define CKR_ENCRYPTED_DATA_INVALID (0x40) -#define CKR_ENCRYPTED_DATA_LEN_RANGE (0x41) -#define CKR_FUNCTION_CANCELED (0x50) -#define CKR_FUNCTION_NOT_PARALLEL (0x51) -#define CKR_FUNCTION_NOT_SUPPORTED (0x54) -#define CKR_KEY_HANDLE_INVALID (0x60) -#define CKR_KEY_SIZE_RANGE (0x62) -#define CKR_KEY_TYPE_INCONSISTENT (0x63) -#define CKR_KEY_NOT_NEEDED (0x64) -#define CKR_KEY_CHANGED (0x65) -#define CKR_KEY_NEEDED (0x66) -#define CKR_KEY_INDIGESTIBLE (0x67) -#define CKR_KEY_FUNCTION_NOT_PERMITTED (0x68) -#define CKR_KEY_NOT_WRAPPABLE (0x69) -#define CKR_KEY_UNEXTRACTABLE (0x6a) -#define CKR_MECHANISM_INVALID (0x70) -#define CKR_MECHANISM_PARAM_INVALID (0x71) -#define CKR_OBJECT_HANDLE_INVALID (0x82) -#define CKR_OPERATION_ACTIVE (0x90) -#define CKR_OPERATION_NOT_INITIALIZED (0x91) -#define CKR_PIN_INCORRECT (0xa0) -#define CKR_PIN_INVALID (0xa1) -#define CKR_PIN_LEN_RANGE (0xa2) -#define CKR_PIN_EXPIRED (0xa3) -#define CKR_PIN_LOCKED (0xa4) -#define CKR_SESSION_CLOSED (0xb0) -#define CKR_SESSION_COUNT (0xb1) -#define CKR_SESSION_HANDLE_INVALID (0xb3) -#define CKR_SESSION_PARALLEL_NOT_SUPPORTED (0xb4) -#define CKR_SESSION_READ_ONLY (0xb5) -#define CKR_SESSION_EXISTS (0xb6) -#define CKR_SESSION_READ_ONLY_EXISTS (0xb7) -#define CKR_SESSION_READ_WRITE_SO_EXISTS (0xb8) -#define CKR_SIGNATURE_INVALID (0xc0) -#define CKR_SIGNATURE_LEN_RANGE (0xc1) -#define CKR_TEMPLATE_INCOMPLETE (0xd0) -#define CKR_TEMPLATE_INCONSISTENT (0xd1) -#define CKR_TOKEN_NOT_PRESENT (0xe0) -#define CKR_TOKEN_NOT_RECOGNIZED (0xe1) -#define CKR_TOKEN_WRITE_PROTECTED (0xe2) -#define CKR_UNWRAPPING_KEY_HANDLE_INVALID (0xf0) -#define CKR_UNWRAPPING_KEY_SIZE_RANGE (0xf1) -#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT (0xf2) -#define CKR_USER_ALREADY_LOGGED_IN (0x100) -#define CKR_USER_NOT_LOGGED_IN (0x101) -#define CKR_USER_PIN_NOT_INITIALIZED (0x102) -#define CKR_USER_TYPE_INVALID (0x103) -#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN (0x104) -#define CKR_USER_TOO_MANY_TYPES (0x105) -#define CKR_WRAPPED_KEY_INVALID (0x110) -#define CKR_WRAPPED_KEY_LEN_RANGE (0x112) -#define CKR_WRAPPING_KEY_HANDLE_INVALID (0x113) -#define CKR_WRAPPING_KEY_SIZE_RANGE (0x114) -#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT (0x115) -#define CKR_RANDOM_SEED_NOT_SUPPORTED (0x120) -#define CKR_RANDOM_NO_RNG (0x121) -#define CKR_DOMAIN_PARAMS_INVALID (0x130) -#define CKR_BUFFER_TOO_SMALL (0x150) -#define CKR_SAVED_STATE_INVALID (0x160) -#define CKR_INFORMATION_SENSITIVE (0x170) -#define CKR_STATE_UNSAVEABLE (0x180) -#define CKR_CRYPTOKI_NOT_INITIALIZED (0x190) -#define CKR_CRYPTOKI_ALREADY_INITIALIZED (0x191) -#define CKR_MUTEX_BAD (0x1a0) -#define CKR_MUTEX_NOT_LOCKED (0x1a1) -#define CKR_FUNCTION_REJECTED (0x200) -#define CKR_VENDOR_DEFINED ((unsigned long) (1 << 31)) - - - -/* Compatibility layer. */ - -#ifdef CRYPTOKI_COMPAT - -#undef CK_DEFINE_FUNCTION -#define CK_DEFINE_FUNCTION(retval, name) retval CK_SPEC name - -/* For NULL. */ -#include - -typedef unsigned char CK_BYTE; -typedef unsigned char CK_CHAR; -typedef unsigned char CK_UTF8CHAR; -typedef unsigned char CK_BBOOL; -typedef unsigned long int CK_ULONG; -typedef long int CK_LONG; -typedef CK_BYTE *CK_BYTE_PTR; -typedef CK_CHAR *CK_CHAR_PTR; -typedef CK_UTF8CHAR *CK_UTF8CHAR_PTR; -typedef CK_ULONG *CK_ULONG_PTR; -typedef void *CK_VOID_PTR; -typedef void **CK_VOID_PTR_PTR; -#define CK_FALSE 0 -#define CK_TRUE 1 -#ifndef CK_DISABLE_TRUE_FALSE -#ifndef FALSE -#define FALSE 0 -#endif -#ifndef TRUE -#define TRUE 1 -#endif -#endif - -typedef struct ck_version CK_VERSION; -typedef struct ck_version *CK_VERSION_PTR; - -typedef struct ck_info CK_INFO; -typedef struct ck_info *CK_INFO_PTR; - -typedef ck_slot_id_t *CK_SLOT_ID_PTR; - -typedef struct ck_slot_info CK_SLOT_INFO; -typedef struct ck_slot_info *CK_SLOT_INFO_PTR; - -typedef struct ck_token_info CK_TOKEN_INFO; -typedef struct ck_token_info *CK_TOKEN_INFO_PTR; - -typedef ck_session_handle_t *CK_SESSION_HANDLE_PTR; - -typedef struct ck_session_info CK_SESSION_INFO; -typedef struct ck_session_info *CK_SESSION_INFO_PTR; - -typedef ck_object_handle_t *CK_OBJECT_HANDLE_PTR; - -typedef ck_object_class_t *CK_OBJECT_CLASS_PTR; - -typedef struct ck_attribute CK_ATTRIBUTE; -typedef struct ck_attribute *CK_ATTRIBUTE_PTR; - -typedef struct ck_date CK_DATE; -typedef struct ck_date *CK_DATE_PTR; - -typedef ck_mechanism_type_t *CK_MECHANISM_TYPE_PTR; - -typedef struct ck_mechanism CK_MECHANISM; -typedef struct ck_mechanism *CK_MECHANISM_PTR; - -typedef struct ck_mechanism_info CK_MECHANISM_INFO; -typedef struct ck_mechanism_info *CK_MECHANISM_INFO_PTR; - -typedef struct ck_function_list CK_FUNCTION_LIST; -typedef struct ck_function_list *CK_FUNCTION_LIST_PTR; -typedef struct ck_function_list **CK_FUNCTION_LIST_PTR_PTR; - -typedef struct ck_c_initialize_args CK_C_INITIALIZE_ARGS; -typedef struct ck_c_initialize_args *CK_C_INITIALIZE_ARGS_PTR; - -#define NULL_PTR NULL - -/* Delete the helper macros defined at the top of the file. */ -#undef ck_flags_t -#undef ck_version - -#undef ck_info -#undef cryptoki_version -#undef manufacturer_id -#undef library_description -#undef library_version - -#undef ck_notification_t -#undef ck_slot_id_t - -#undef ck_slot_info -#undef slot_description -#undef hardware_version -#undef firmware_version - -#undef ck_token_info -#undef serial_number -#undef max_session_count -#undef session_count -#undef max_rw_session_count -#undef rw_session_count -#undef max_pin_len -#undef min_pin_len -#undef total_public_memory -#undef free_public_memory -#undef total_private_memory -#undef free_private_memory -#undef utc_time - -#undef ck_session_handle_t -#undef ck_user_type_t -#undef ck_state_t - -#undef ck_session_info -#undef slot_id -#undef device_error - -#undef ck_object_handle_t -#undef ck_object_class_t -#undef ck_hw_feature_type_t -#undef ck_key_type_t -#undef ck_certificate_type_t -#undef ck_attribute_type_t - -#undef ck_attribute -#undef value -#undef value_len - -#undef ck_date - -#undef ck_mechanism_type_t - -#undef ck_mechanism -#undef parameter -#undef parameter_len - -#undef ck_mechanism_info -#undef min_key_size -#undef max_key_size - -#undef ck_rv_t -#undef ck_notify_t - -#undef ck_function_list - -#undef ck_createmutex_t -#undef ck_destroymutex_t -#undef ck_lockmutex_t -#undef ck_unlockmutex_t - -#undef ck_c_initialize_args -#undef create_mutex -#undef destroy_mutex -#undef lock_mutex -#undef unlock_mutex -#undef reserved - -#endif /* CRYPTOKI_COMPAT */ - - -/* System dependencies. */ -#if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) -#pragma pack(pop, cryptoki) -#endif - -#if defined(__cplusplus) -} -#endif - -#endif /* PKCS11_H */ diff --git a/crypto/heimdal/lib/hx509/req.c b/crypto/heimdal/lib/hx509/req.c deleted file mode 100644 index d7a85e1cecd2..000000000000 --- a/crypto/heimdal/lib/hx509/req.c +++ /dev/null @@ -1,325 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -#include -RCSID("$Id: req.c 21344 2007-06-26 14:22:34Z lha $"); - -struct hx509_request_data { - hx509_name name; - SubjectPublicKeyInfo key; - ExtKeyUsage eku; - GeneralNames san; -}; - -/* - * - */ - -int -_hx509_request_init(hx509_context context, hx509_request *req) -{ - *req = calloc(1, sizeof(**req)); - if (*req == NULL) - return ENOMEM; - - return 0; -} - -void -_hx509_request_free(hx509_request *req) -{ - if ((*req)->name) - hx509_name_free(&(*req)->name); - free_SubjectPublicKeyInfo(&(*req)->key); - free_ExtKeyUsage(&(*req)->eku); - free_GeneralNames(&(*req)->san); - memset(*req, 0, sizeof(**req)); - free(*req); - *req = NULL; -} - -int -_hx509_request_set_name(hx509_context context, - hx509_request req, - hx509_name name) -{ - if (req->name) - hx509_name_free(&req->name); - if (name) { - int ret = hx509_name_copy(context, name, &req->name); - if (ret) - return ret; - } - return 0; -} - -int -_hx509_request_get_name(hx509_context context, - hx509_request req, - hx509_name *name) -{ - if (req->name == NULL) { - hx509_set_error_string(context, 0, EINVAL, "Request have no name"); - return EINVAL; - } - return hx509_name_copy(context, req->name, name); -} - -int -_hx509_request_set_SubjectPublicKeyInfo(hx509_context context, - hx509_request req, - const SubjectPublicKeyInfo *key) -{ - free_SubjectPublicKeyInfo(&req->key); - return copy_SubjectPublicKeyInfo(key, &req->key); -} - -int -_hx509_request_get_SubjectPublicKeyInfo(hx509_context context, - hx509_request req, - SubjectPublicKeyInfo *key) -{ - return copy_SubjectPublicKeyInfo(&req->key, key); -} - -int -_hx509_request_add_eku(hx509_context context, - hx509_request req, - const heim_oid *oid) -{ - void *val; - int ret; - - val = realloc(req->eku.val, sizeof(req->eku.val[0]) * (req->eku.len + 1)); - if (val == NULL) - return ENOMEM; - req->eku.val = val; - - ret = der_copy_oid(oid, &req->eku.val[req->eku.len]); - if (ret) - return ret; - - req->eku.len += 1; - - return 0; -} - -int -_hx509_request_add_dns_name(hx509_context context, - hx509_request req, - const char *hostname) -{ - GeneralName name; - - memset(&name, 0, sizeof(name)); - name.element = choice_GeneralName_dNSName; - name.u.dNSName = rk_UNCONST(hostname); - - return add_GeneralNames(&req->san, &name); -} - -int -_hx509_request_add_email(hx509_context context, - hx509_request req, - const char *email) -{ - GeneralName name; - - memset(&name, 0, sizeof(name)); - name.element = choice_GeneralName_rfc822Name; - name.u.dNSName = rk_UNCONST(email); - - return add_GeneralNames(&req->san, &name); -} - - - -int -_hx509_request_to_pkcs10(hx509_context context, - const hx509_request req, - const hx509_private_key signer, - heim_octet_string *request) -{ - CertificationRequest r; - heim_octet_string data, os; - int ret; - size_t size; - - if (req->name == NULL) { - hx509_set_error_string(context, 0, EINVAL, - "PKCS10 needs to have a subject"); - return EINVAL; - } - - memset(&r, 0, sizeof(r)); - memset(request, 0, sizeof(*request)); - - r.certificationRequestInfo.version = pkcs10_v1; - - ret = copy_Name(&req->name->der_name, - &r.certificationRequestInfo.subject); - if (ret) - goto out; - ret = copy_SubjectPublicKeyInfo(&req->key, - &r.certificationRequestInfo.subjectPKInfo); - if (ret) - goto out; - r.certificationRequestInfo.attributes = - calloc(1, sizeof(*r.certificationRequestInfo.attributes)); - if (r.certificationRequestInfo.attributes == NULL) { - ret = ENOMEM; - goto out; - } - - ASN1_MALLOC_ENCODE(CertificationRequestInfo, data.data, data.length, - &r.certificationRequestInfo, &size, ret); - if (ret) - goto out; - if (data.length != size) - abort(); - - ret = _hx509_create_signature(context, - signer, - _hx509_crypto_default_sig_alg, - &data, - &r.signatureAlgorithm, - &os); - free(data.data); - if (ret) - goto out; - r.signature.data = os.data; - r.signature.length = os.length * 8; - - ASN1_MALLOC_ENCODE(CertificationRequest, data.data, data.length, - &r, &size, ret); - if (ret) - goto out; - if (data.length != size) - abort(); - - *request = data; - -out: - free_CertificationRequest(&r); - - return ret; -} - -int -_hx509_request_parse(hx509_context context, - const char *path, - hx509_request *req) -{ - CertificationRequest r; - CertificationRequestInfo *rinfo; - hx509_name subject; - size_t len, size; - void *p; - int ret; - - if (strncmp(path, "PKCS10:", 7) != 0) { - hx509_set_error_string(context, 0, HX509_UNSUPPORTED_OPERATION, - "unsupport type in %s", path); - return HX509_UNSUPPORTED_OPERATION; - } - path += 7; - - /* XXX PEM request */ - - ret = _hx509_map_file(path, &p, &len, NULL); - if (ret) { - hx509_set_error_string(context, 0, ret, "Failed to map file %s", path); - return ret; - } - - ret = decode_CertificationRequest(p, len, &r, &size); - _hx509_unmap_file(p, len); - if (ret) { - hx509_set_error_string(context, 0, ret, "Failed to decode %s", path); - return ret; - } - - ret = _hx509_request_init(context, req); - if (ret) { - free_CertificationRequest(&r); - return ret; - } - - rinfo = &r.certificationRequestInfo; - - ret = _hx509_request_set_SubjectPublicKeyInfo(context, *req, - &rinfo->subjectPKInfo); - if (ret) { - free_CertificationRequest(&r); - _hx509_request_free(req); - return ret; - } - - ret = _hx509_name_from_Name(&rinfo->subject, &subject); - if (ret) { - free_CertificationRequest(&r); - _hx509_request_free(req); - return ret; - } - ret = _hx509_request_set_name(context, *req, subject); - hx509_name_free(&subject); - free_CertificationRequest(&r); - if (ret) { - _hx509_request_free(req); - return ret; - } - - return 0; -} - - -int -_hx509_request_print(hx509_context context, hx509_request req, FILE *f) -{ - int ret; - - if (req->name) { - char *subject; - ret = hx509_name_to_string(req->name, &subject); - if (ret) { - hx509_set_error_string(context, 0, ret, "Failed to print name"); - return ret; - } - fprintf(f, "name: %s\n", subject); - free(subject); - } - - return 0; -} - diff --git a/crypto/heimdal/lib/hx509/revoke.c b/crypto/heimdal/lib/hx509/revoke.c deleted file mode 100644 index cfde4396a1d4..000000000000 --- a/crypto/heimdal/lib/hx509/revoke.c +++ /dev/null @@ -1,1525 +0,0 @@ -/* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/** - * @page page_revoke Revocation methods - * - * There are two revocation method for PKIX/X.509: CRL and OCSP. - * Revocation is needed if the private key is lost and - * stolen. Depending on how picky you are, you might want to make - * revocation for destroyed private keys too (smartcard broken), but - * that should not be a problem. - * - * CRL is a list of certifiates that have expired. - * - * OCSP is an online checking method where the requestor sends a list - * of certificates to the OCSP server to return a signed reply if they - * are valid or not. Some services sends a OCSP reply as part of the - * hand-shake to make the revoktion decision simpler/faster for the - * client. - */ - -#include "hx_locl.h" -RCSID("$Id: revoke.c 22275 2007-12-11 11:02:11Z lha $"); - -struct revoke_crl { - char *path; - time_t last_modfied; - CRLCertificateList crl; - int verified; - int failed_verify; -}; - -struct revoke_ocsp { - char *path; - time_t last_modfied; - OCSPBasicOCSPResponse ocsp; - hx509_certs certs; - hx509_cert signer; -}; - - -struct hx509_revoke_ctx_data { - unsigned ref; - struct { - struct revoke_crl *val; - size_t len; - } crls; - struct { - struct revoke_ocsp *val; - size_t len; - } ocsps; -}; - -/** - * Allocate a revokation context. Free with hx509_revoke_free(). - * - * @param context A hx509 context. - * @param ctx returns a newly allocated revokation context. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_revoke - */ - -int -hx509_revoke_init(hx509_context context, hx509_revoke_ctx *ctx) -{ - *ctx = calloc(1, sizeof(**ctx)); - if (*ctx == NULL) - return ENOMEM; - - (*ctx)->ref = 1; - (*ctx)->crls.len = 0; - (*ctx)->crls.val = NULL; - (*ctx)->ocsps.len = 0; - (*ctx)->ocsps.val = NULL; - - return 0; -} - -hx509_revoke_ctx -_hx509_revoke_ref(hx509_revoke_ctx ctx) -{ - if (ctx == NULL) - return NULL; - if (ctx->ref <= 0) - _hx509_abort("revoke ctx refcount <= 0"); - ctx->ref++; - if (ctx->ref == 0) - _hx509_abort("revoke ctx refcount == 0"); - return ctx; -} - -static void -free_ocsp(struct revoke_ocsp *ocsp) -{ - free(ocsp->path); - free_OCSPBasicOCSPResponse(&ocsp->ocsp); - hx509_certs_free(&ocsp->certs); - hx509_cert_free(ocsp->signer); -} - -/** - * Free a hx509 revokation context. - * - * @param ctx context to be freed - * - * @ingroup hx509_revoke - */ - -void -hx509_revoke_free(hx509_revoke_ctx *ctx) -{ - size_t i ; - - if (ctx == NULL || *ctx == NULL) - return; - - if ((*ctx)->ref <= 0) - _hx509_abort("revoke ctx refcount <= 0 on free"); - if (--(*ctx)->ref > 0) - return; - - for (i = 0; i < (*ctx)->crls.len; i++) { - free((*ctx)->crls.val[i].path); - free_CRLCertificateList(&(*ctx)->crls.val[i].crl); - } - - for (i = 0; i < (*ctx)->ocsps.len; i++) - free_ocsp(&(*ctx)->ocsps.val[i]); - free((*ctx)->ocsps.val); - - free((*ctx)->crls.val); - - memset(*ctx, 0, sizeof(**ctx)); - free(*ctx); - *ctx = NULL; -} - -static int -verify_ocsp(hx509_context context, - struct revoke_ocsp *ocsp, - time_t time_now, - hx509_certs certs, - hx509_cert parent) -{ - hx509_cert signer = NULL; - hx509_query q; - int ret; - - _hx509_query_clear(&q); - - /* - * Need to match on issuer too in case there are two CA that have - * issued the same name to a certificate. One example of this is - * the www.openvalidation.org test's ocsp validator. - */ - - q.match = HX509_QUERY_MATCH_ISSUER_NAME; - q.issuer_name = &_hx509_get_cert(parent)->tbsCertificate.issuer; - - switch(ocsp->ocsp.tbsResponseData.responderID.element) { - case choice_OCSPResponderID_byName: - q.match |= HX509_QUERY_MATCH_SUBJECT_NAME; - q.subject_name = &ocsp->ocsp.tbsResponseData.responderID.u.byName; - break; - case choice_OCSPResponderID_byKey: - q.match |= HX509_QUERY_MATCH_KEY_HASH_SHA1; - q.keyhash_sha1 = &ocsp->ocsp.tbsResponseData.responderID.u.byKey; - break; - } - - ret = hx509_certs_find(context, certs, &q, &signer); - if (ret && ocsp->certs) - ret = hx509_certs_find(context, ocsp->certs, &q, &signer); - if (ret) - goto out; - - /* - * If signer certificate isn't the CA certificate, lets check the - * it is the CA that signed the signer certificate and the OCSP EKU - * is set. - */ - if (hx509_cert_cmp(signer, parent) != 0) { - Certificate *p = _hx509_get_cert(parent); - Certificate *s = _hx509_get_cert(signer); - - ret = _hx509_cert_is_parent_cmp(s, p, 0); - if (ret != 0) { - ret = HX509_PARENT_NOT_CA; - hx509_set_error_string(context, 0, ret, "Revoke OSCP signer is " - "doesn't have CA as signer certificate"); - goto out; - } - - ret = _hx509_verify_signature_bitstring(context, - p, - &s->signatureAlgorithm, - &s->tbsCertificate._save, - &s->signatureValue); - if (ret) { - hx509_set_error_string(context, HX509_ERROR_APPEND, ret, - "OSCP signer signature invalid"); - goto out; - } - - ret = hx509_cert_check_eku(context, signer, - oid_id_pkix_kp_OCSPSigning(), 0); - if (ret) - goto out; - } - - ret = _hx509_verify_signature_bitstring(context, - _hx509_get_cert(signer), - &ocsp->ocsp.signatureAlgorithm, - &ocsp->ocsp.tbsResponseData._save, - &ocsp->ocsp.signature); - if (ret) { - hx509_set_error_string(context, HX509_ERROR_APPEND, ret, - "OSCP signature invalid"); - goto out; - } - - ocsp->signer = signer; - signer = NULL; -out: - if (signer) - hx509_cert_free(signer); - - return ret; -} - -/* - * - */ - -static int -parse_ocsp_basic(const void *data, size_t length, OCSPBasicOCSPResponse *basic) -{ - OCSPResponse resp; - size_t size; - int ret; - - memset(basic, 0, sizeof(*basic)); - - ret = decode_OCSPResponse(data, length, &resp, &size); - if (ret) - return ret; - if (length != size) { - free_OCSPResponse(&resp); - return ASN1_EXTRA_DATA; - } - - switch (resp.responseStatus) { - case successful: - break; - default: - free_OCSPResponse(&resp); - return HX509_REVOKE_WRONG_DATA; - } - - if (resp.responseBytes == NULL) { - free_OCSPResponse(&resp); - return EINVAL; - } - - ret = der_heim_oid_cmp(&resp.responseBytes->responseType, - oid_id_pkix_ocsp_basic()); - if (ret != 0) { - free_OCSPResponse(&resp); - return HX509_REVOKE_WRONG_DATA; - } - - ret = decode_OCSPBasicOCSPResponse(resp.responseBytes->response.data, - resp.responseBytes->response.length, - basic, - &size); - if (ret) { - free_OCSPResponse(&resp); - return ret; - } - if (size != resp.responseBytes->response.length) { - free_OCSPResponse(&resp); - free_OCSPBasicOCSPResponse(basic); - return ASN1_EXTRA_DATA; - } - free_OCSPResponse(&resp); - - return 0; -} - -/* - * - */ - -static int -load_ocsp(hx509_context context, struct revoke_ocsp *ocsp) -{ - OCSPBasicOCSPResponse basic; - hx509_certs certs = NULL; - size_t length; - struct stat sb; - void *data; - int ret; - - ret = _hx509_map_file(ocsp->path, &data, &length, &sb); - if (ret) - return ret; - - ret = parse_ocsp_basic(data, length, &basic); - _hx509_unmap_file(data, length); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to parse OCSP response"); - return ret; - } - - if (basic.certs) { - int i; - - ret = hx509_certs_init(context, "MEMORY:ocsp-certs", 0, - NULL, &certs); - if (ret) { - free_OCSPBasicOCSPResponse(&basic); - return ret; - } - - for (i = 0; i < basic.certs->len; i++) { - hx509_cert c; - - ret = hx509_cert_init(context, &basic.certs->val[i], &c); - if (ret) - continue; - - ret = hx509_certs_add(context, certs, c); - hx509_cert_free(c); - if (ret) - continue; - } - } - - ocsp->last_modfied = sb.st_mtime; - - free_OCSPBasicOCSPResponse(&ocsp->ocsp); - hx509_certs_free(&ocsp->certs); - hx509_cert_free(ocsp->signer); - - ocsp->ocsp = basic; - ocsp->certs = certs; - ocsp->signer = NULL; - - return 0; -} - -/** - * Add a OCSP file to the revokation context. - * - * @param context hx509 context - * @param ctx hx509 revokation context - * @param path path to file that is going to be added to the context. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_revoke - */ - -int -hx509_revoke_add_ocsp(hx509_context context, - hx509_revoke_ctx ctx, - const char *path) -{ - void *data; - int ret; - size_t i; - - if (strncmp(path, "FILE:", 5) != 0) { - hx509_set_error_string(context, 0, HX509_UNSUPPORTED_OPERATION, - "unsupport type in %s", path); - return HX509_UNSUPPORTED_OPERATION; - } - - path += 5; - - for (i = 0; i < ctx->ocsps.len; i++) { - if (strcmp(ctx->ocsps.val[0].path, path) == 0) - return 0; - } - - data = realloc(ctx->ocsps.val, - (ctx->ocsps.len + 1) * sizeof(ctx->ocsps.val[0])); - if (data == NULL) { - hx509_clear_error_string(context); - return ENOMEM; - } - - ctx->ocsps.val = data; - - memset(&ctx->ocsps.val[ctx->ocsps.len], 0, - sizeof(ctx->ocsps.val[0])); - - ctx->ocsps.val[ctx->ocsps.len].path = strdup(path); - if (ctx->ocsps.val[ctx->ocsps.len].path == NULL) { - hx509_clear_error_string(context); - return ENOMEM; - } - - ret = load_ocsp(context, &ctx->ocsps.val[ctx->ocsps.len]); - if (ret) { - free(ctx->ocsps.val[ctx->ocsps.len].path); - return ret; - } - ctx->ocsps.len++; - - return ret; -} - -/* - * - */ - -static int -verify_crl(hx509_context context, - hx509_revoke_ctx ctx, - CRLCertificateList *crl, - time_t time_now, - hx509_certs certs, - hx509_cert parent) -{ - hx509_cert signer; - hx509_query q; - time_t t; - int ret; - - t = _hx509_Time2time_t(&crl->tbsCertList.thisUpdate); - if (t > time_now) { - hx509_set_error_string(context, 0, HX509_CRL_USED_BEFORE_TIME, - "CRL used before time"); - return HX509_CRL_USED_BEFORE_TIME; - } - - if (crl->tbsCertList.nextUpdate == NULL) { - hx509_set_error_string(context, 0, HX509_CRL_INVALID_FORMAT, - "CRL missing nextUpdate"); - return HX509_CRL_INVALID_FORMAT; - } - - t = _hx509_Time2time_t(crl->tbsCertList.nextUpdate); - if (t < time_now) { - hx509_set_error_string(context, 0, HX509_CRL_USED_AFTER_TIME, - "CRL used after time"); - return HX509_CRL_USED_AFTER_TIME; - } - - _hx509_query_clear(&q); - - /* - * If it's the signer have CRLSIGN bit set, use that as the signer - * cert for the certificate, otherwise, search for a certificate. - */ - if (_hx509_check_key_usage(context, parent, 1 << 6, FALSE) == 0) { - signer = hx509_cert_ref(parent); - } else { - q.match = HX509_QUERY_MATCH_SUBJECT_NAME; - q.match |= HX509_QUERY_KU_CRLSIGN; - q.subject_name = &crl->tbsCertList.issuer; - - ret = hx509_certs_find(context, certs, &q, &signer); - if (ret) { - hx509_set_error_string(context, HX509_ERROR_APPEND, ret, - "Failed to find certificate for CRL"); - return ret; - } - } - - ret = _hx509_verify_signature_bitstring(context, - _hx509_get_cert(signer), - &crl->signatureAlgorithm, - &crl->tbsCertList._save, - &crl->signatureValue); - if (ret) { - hx509_set_error_string(context, HX509_ERROR_APPEND, ret, - "CRL signature invalid"); - goto out; - } - - /* - * If signer is not CA cert, need to check revoke status of this - * CRL signing cert too, this include all parent CRL signer cert - * up to the root *sigh*, assume root at least hve CERTSIGN flag - * set. - */ - while (_hx509_check_key_usage(context, signer, 1 << 5, TRUE)) { - hx509_cert crl_parent; - - _hx509_query_clear(&q); - - q.match = HX509_QUERY_MATCH_SUBJECT_NAME; - q.match |= HX509_QUERY_KU_CRLSIGN; - q.subject_name = &_hx509_get_cert(signer)->tbsCertificate.issuer; - - ret = hx509_certs_find(context, certs, &q, &crl_parent); - if (ret) { - hx509_set_error_string(context, HX509_ERROR_APPEND, ret, - "Failed to find parent of CRL signer"); - goto out; - } - - ret = hx509_revoke_verify(context, - ctx, - certs, - time_now, - signer, - crl_parent); - hx509_cert_free(signer); - signer = crl_parent; - if (ret) { - hx509_set_error_string(context, HX509_ERROR_APPEND, ret, - "Failed to verify revoke " - "status of CRL signer"); - goto out; - } - } - -out: - hx509_cert_free(signer); - - return ret; -} - -static int -load_crl(const char *path, time_t *t, CRLCertificateList *crl) -{ - size_t length, size; - struct stat sb; - void *data; - int ret; - - memset(crl, 0, sizeof(*crl)); - - ret = _hx509_map_file(path, &data, &length, &sb); - if (ret) - return ret; - - *t = sb.st_mtime; - - ret = decode_CRLCertificateList(data, length, crl, &size); - _hx509_unmap_file(data, length); - if (ret) - return ret; - - /* check signature is aligned */ - if (crl->signatureValue.length & 7) { - free_CRLCertificateList(crl); - return HX509_CRYPTO_SIG_INVALID_FORMAT; - } - return 0; -} - -/** - * Add a CRL file to the revokation context. - * - * @param context hx509 context - * @param ctx hx509 revokation context - * @param path path to file that is going to be added to the context. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_revoke - */ - -int -hx509_revoke_add_crl(hx509_context context, - hx509_revoke_ctx ctx, - const char *path) -{ - void *data; - size_t i; - int ret; - - if (strncmp(path, "FILE:", 5) != 0) { - hx509_set_error_string(context, 0, HX509_UNSUPPORTED_OPERATION, - "unsupport type in %s", path); - return HX509_UNSUPPORTED_OPERATION; - } - - - path += 5; - - for (i = 0; i < ctx->crls.len; i++) { - if (strcmp(ctx->crls.val[0].path, path) == 0) - return 0; - } - - data = realloc(ctx->crls.val, - (ctx->crls.len + 1) * sizeof(ctx->crls.val[0])); - if (data == NULL) { - hx509_clear_error_string(context); - return ENOMEM; - } - ctx->crls.val = data; - - memset(&ctx->crls.val[ctx->crls.len], 0, sizeof(ctx->crls.val[0])); - - ctx->crls.val[ctx->crls.len].path = strdup(path); - if (ctx->crls.val[ctx->crls.len].path == NULL) { - hx509_clear_error_string(context); - return ENOMEM; - } - - ret = load_crl(path, - &ctx->crls.val[ctx->crls.len].last_modfied, - &ctx->crls.val[ctx->crls.len].crl); - if (ret) { - free(ctx->crls.val[ctx->crls.len].path); - return ret; - } - - ctx->crls.len++; - - return ret; -} - -/** - * Check that a certificate is not expired according to a revokation - * context. Also need the parent certificte to the check OCSP - * parent identifier. - * - * @param context hx509 context - * @param ctx hx509 revokation context - * @param certs - * @param now - * @param cert - * @param parent_cert - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_revoke - */ - - -int -hx509_revoke_verify(hx509_context context, - hx509_revoke_ctx ctx, - hx509_certs certs, - time_t now, - hx509_cert cert, - hx509_cert parent_cert) -{ - const Certificate *c = _hx509_get_cert(cert); - const Certificate *p = _hx509_get_cert(parent_cert); - unsigned long i, j, k; - int ret; - - hx509_clear_error_string(context); - - for (i = 0; i < ctx->ocsps.len; i++) { - struct revoke_ocsp *ocsp = &ctx->ocsps.val[i]; - struct stat sb; - - /* check this ocsp apply to this cert */ - - /* check if there is a newer version of the file */ - ret = stat(ocsp->path, &sb); - if (ret == 0 && ocsp->last_modfied != sb.st_mtime) { - ret = load_ocsp(context, ocsp); - if (ret) - continue; - } - - /* verify signature in ocsp if not already done */ - if (ocsp->signer == NULL) { - ret = verify_ocsp(context, ocsp, now, certs, parent_cert); - if (ret) - continue; - } - - for (j = 0; j < ocsp->ocsp.tbsResponseData.responses.len; j++) { - heim_octet_string os; - - ret = der_heim_integer_cmp(&ocsp->ocsp.tbsResponseData.responses.val[j].certID.serialNumber, - &c->tbsCertificate.serialNumber); - if (ret != 0) - continue; - - /* verify issuer hashes hash */ - ret = _hx509_verify_signature(context, - NULL, - &ocsp->ocsp.tbsResponseData.responses.val[i].certID.hashAlgorithm, - &c->tbsCertificate.issuer._save, - &ocsp->ocsp.tbsResponseData.responses.val[i].certID.issuerNameHash); - if (ret != 0) - continue; - - os.data = p->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.data; - os.length = p->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.length / 8; - - ret = _hx509_verify_signature(context, - NULL, - &ocsp->ocsp.tbsResponseData.responses.val[j].certID.hashAlgorithm, - &os, - &ocsp->ocsp.tbsResponseData.responses.val[j].certID.issuerKeyHash); - if (ret != 0) - continue; - - switch (ocsp->ocsp.tbsResponseData.responses.val[j].certStatus.element) { - case choice_OCSPCertStatus_good: - break; - case choice_OCSPCertStatus_revoked: - hx509_set_error_string(context, 0, - HX509_CERT_REVOKED, - "Certificate revoked by issuer in OCSP"); - return HX509_CERT_REVOKED; - case choice_OCSPCertStatus_unknown: - continue; - } - - /* don't allow the update to be in the future */ - if (ocsp->ocsp.tbsResponseData.responses.val[j].thisUpdate > - now + context->ocsp_time_diff) - continue; - - /* don't allow the next update to be in the past */ - if (ocsp->ocsp.tbsResponseData.responses.val[j].nextUpdate) { - if (*ocsp->ocsp.tbsResponseData.responses.val[j].nextUpdate < now) - continue; - } else - /* Should force a refetch, but can we ? */; - - return 0; - } - } - - for (i = 0; i < ctx->crls.len; i++) { - struct revoke_crl *crl = &ctx->crls.val[i]; - struct stat sb; - - /* check if cert.issuer == crls.val[i].crl.issuer */ - ret = _hx509_name_cmp(&c->tbsCertificate.issuer, - &crl->crl.tbsCertList.issuer); - if (ret) - continue; - - ret = stat(crl->path, &sb); - if (ret == 0 && crl->last_modfied != sb.st_mtime) { - CRLCertificateList cl; - - ret = load_crl(crl->path, &crl->last_modfied, &cl); - if (ret == 0) { - free_CRLCertificateList(&crl->crl); - crl->crl = cl; - crl->verified = 0; - crl->failed_verify = 0; - } - } - if (crl->failed_verify) - continue; - - /* verify signature in crl if not already done */ - if (crl->verified == 0) { - ret = verify_crl(context, ctx, &crl->crl, now, certs, parent_cert); - if (ret) { - crl->failed_verify = 1; - continue; - } - crl->verified = 1; - } - - if (crl->crl.tbsCertList.crlExtensions) { - for (j = 0; j < crl->crl.tbsCertList.crlExtensions->len; j++) { - if (crl->crl.tbsCertList.crlExtensions->val[j].critical) { - hx509_set_error_string(context, 0, - HX509_CRL_UNKNOWN_EXTENSION, - "Unknown CRL extension"); - return HX509_CRL_UNKNOWN_EXTENSION; - } - } - } - - if (crl->crl.tbsCertList.revokedCertificates == NULL) - return 0; - - /* check if cert is in crl */ - for (j = 0; j < crl->crl.tbsCertList.revokedCertificates->len; j++) { - time_t t; - - ret = der_heim_integer_cmp(&crl->crl.tbsCertList.revokedCertificates->val[j].userCertificate, - &c->tbsCertificate.serialNumber); - if (ret != 0) - continue; - - t = _hx509_Time2time_t(&crl->crl.tbsCertList.revokedCertificates->val[j].revocationDate); - if (t > now) - continue; - - if (crl->crl.tbsCertList.revokedCertificates->val[j].crlEntryExtensions) - for (k = 0; k < crl->crl.tbsCertList.revokedCertificates->val[j].crlEntryExtensions->len; k++) - if (crl->crl.tbsCertList.revokedCertificates->val[j].crlEntryExtensions->val[k].critical) - return HX509_CRL_UNKNOWN_EXTENSION; - - hx509_set_error_string(context, 0, - HX509_CERT_REVOKED, - "Certificate revoked by issuer in CRL"); - return HX509_CERT_REVOKED; - } - - return 0; - } - - - if (context->flags & HX509_CTX_VERIFY_MISSING_OK) - return 0; - hx509_set_error_string(context, HX509_ERROR_APPEND, - HX509_REVOKE_STATUS_MISSING, - "No revoke status found for " - "certificates"); - return HX509_REVOKE_STATUS_MISSING; -} - -struct ocsp_add_ctx { - OCSPTBSRequest *req; - hx509_certs certs; - const AlgorithmIdentifier *digest; - hx509_cert parent; -}; - -static int -add_to_req(hx509_context context, void *ptr, hx509_cert cert) -{ - struct ocsp_add_ctx *ctx = ptr; - OCSPInnerRequest *one; - hx509_cert parent = NULL; - Certificate *p, *c = _hx509_get_cert(cert); - heim_octet_string os; - int ret; - hx509_query q; - void *d; - - d = realloc(ctx->req->requestList.val, - sizeof(ctx->req->requestList.val[0]) * - (ctx->req->requestList.len + 1)); - if (d == NULL) - return ENOMEM; - ctx->req->requestList.val = d; - - one = &ctx->req->requestList.val[ctx->req->requestList.len]; - memset(one, 0, sizeof(*one)); - - _hx509_query_clear(&q); - - q.match |= HX509_QUERY_FIND_ISSUER_CERT; - q.subject = c; - - ret = hx509_certs_find(context, ctx->certs, &q, &parent); - if (ret) - goto out; - - if (ctx->parent) { - if (hx509_cert_cmp(ctx->parent, parent) != 0) { - ret = HX509_REVOKE_NOT_SAME_PARENT; - hx509_set_error_string(context, 0, ret, - "Not same parent certifate as " - "last certificate in request"); - goto out; - } - } else - ctx->parent = hx509_cert_ref(parent); - - p = _hx509_get_cert(parent); - - ret = copy_AlgorithmIdentifier(ctx->digest, &one->reqCert.hashAlgorithm); - if (ret) - goto out; - - ret = _hx509_create_signature(context, - NULL, - &one->reqCert.hashAlgorithm, - &c->tbsCertificate.issuer._save, - NULL, - &one->reqCert.issuerNameHash); - if (ret) - goto out; - - os.data = p->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.data; - os.length = - p->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.length / 8; - - ret = _hx509_create_signature(context, - NULL, - &one->reqCert.hashAlgorithm, - &os, - NULL, - &one->reqCert.issuerKeyHash); - if (ret) - goto out; - - ret = copy_CertificateSerialNumber(&c->tbsCertificate.serialNumber, - &one->reqCert.serialNumber); - if (ret) - goto out; - - ctx->req->requestList.len++; -out: - hx509_cert_free(parent); - if (ret) { - free_OCSPInnerRequest(one); - memset(one, 0, sizeof(*one)); - } - - return ret; -} - -/** - * Create an OCSP request for a set of certificates. - * - * @param context a hx509 context - * @param reqcerts list of certificates to request ocsp data for - * @param pool certificate pool to use when signing - * @param signer certificate to use to sign the request - * @param digest the signing algorithm in the request, if NULL use the - * default signature algorithm, - * @param request the encoded request, free with free_heim_octet_string(). - * @param nonce nonce in the request, free with free_heim_octet_string(). - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_revoke - */ - -int -hx509_ocsp_request(hx509_context context, - hx509_certs reqcerts, - hx509_certs pool, - hx509_cert signer, - const AlgorithmIdentifier *digest, - heim_octet_string *request, - heim_octet_string *nonce) -{ - OCSPRequest req; - size_t size; - int ret; - struct ocsp_add_ctx ctx; - Extensions *es; - - memset(&req, 0, sizeof(req)); - - if (digest == NULL) - digest = _hx509_crypto_default_digest_alg; - - ctx.req = &req.tbsRequest; - ctx.certs = pool; - ctx.digest = digest; - ctx.parent = NULL; - - ret = hx509_certs_iter(context, reqcerts, add_to_req, &ctx); - hx509_cert_free(ctx.parent); - if (ret) - goto out; - - if (nonce) { - req.tbsRequest.requestExtensions = - calloc(1, sizeof(*req.tbsRequest.requestExtensions)); - if (req.tbsRequest.requestExtensions == NULL) { - ret = ENOMEM; - goto out; - } - - es = req.tbsRequest.requestExtensions; - - es->val = calloc(es->len, sizeof(es->val[0])); - if (es->val == NULL) { - ret = ENOMEM; - goto out; - } - es->len = 1; - - ret = der_copy_oid(oid_id_pkix_ocsp_nonce(), &es->val[0].extnID); - if (ret) { - free_OCSPRequest(&req); - return ret; - } - - es->val[0].extnValue.data = malloc(10); - if (es->val[0].extnValue.data == NULL) { - ret = ENOMEM; - goto out; - } - es->val[0].extnValue.length = 10; - - ret = RAND_bytes(es->val[0].extnValue.data, - es->val[0].extnValue.length); - if (ret != 1) { - ret = HX509_CRYPTO_INTERNAL_ERROR; - goto out; - } - ret = der_copy_octet_string(nonce, &es->val[0].extnValue); - if (ret) { - ret = ENOMEM; - goto out; - } - } - - ASN1_MALLOC_ENCODE(OCSPRequest, request->data, request->length, - &req, &size, ret); - free_OCSPRequest(&req); - if (ret) - goto out; - if (size != request->length) - _hx509_abort("internal ASN.1 encoder error"); - - return 0; - -out: - free_OCSPRequest(&req); - return ret; -} - -static char * -printable_time(time_t t) -{ - static char s[128]; - strlcpy(s, ctime(&t)+ 4, sizeof(s)); - s[20] = 0; - return s; -} - -/** - * Print the OCSP reply stored in a file. - * - * @param context a hx509 context - * @param path path to a file with a OCSP reply - * @param out the out FILE descriptor to print the reply on - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_revoke - */ - -int -hx509_revoke_ocsp_print(hx509_context context, const char *path, FILE *out) -{ - struct revoke_ocsp ocsp; - int ret, i; - - if (out == NULL) - out = stdout; - - memset(&ocsp, 0, sizeof(ocsp)); - - ocsp.path = strdup(path); - if (ocsp.path == NULL) - return ENOMEM; - - ret = load_ocsp(context, &ocsp); - if (ret) { - free_ocsp(&ocsp); - return ret; - } - - fprintf(out, "signer: "); - - switch(ocsp.ocsp.tbsResponseData.responderID.element) { - case choice_OCSPResponderID_byName: { - hx509_name n; - char *s; - _hx509_name_from_Name(&ocsp.ocsp.tbsResponseData.responderID.u.byName, &n); - hx509_name_to_string(n, &s); - hx509_name_free(&n); - fprintf(out, " byName: %s\n", s); - free(s); - break; - } - case choice_OCSPResponderID_byKey: { - char *s; - hex_encode(ocsp.ocsp.tbsResponseData.responderID.u.byKey.data, - ocsp.ocsp.tbsResponseData.responderID.u.byKey.length, - &s); - fprintf(out, " byKey: %s\n", s); - free(s); - break; - } - default: - _hx509_abort("choice_OCSPResponderID unknown"); - break; - } - - fprintf(out, "producedAt: %s\n", - printable_time(ocsp.ocsp.tbsResponseData.producedAt)); - - fprintf(out, "replies: %d\n", ocsp.ocsp.tbsResponseData.responses.len); - - for (i = 0; i < ocsp.ocsp.tbsResponseData.responses.len; i++) { - const char *status; - switch (ocsp.ocsp.tbsResponseData.responses.val[i].certStatus.element) { - case choice_OCSPCertStatus_good: - status = "good"; - break; - case choice_OCSPCertStatus_revoked: - status = "revoked"; - break; - case choice_OCSPCertStatus_unknown: - status = "unknown"; - break; - default: - status = "element unknown"; - } - - fprintf(out, "\t%d. status: %s\n", i, status); - - fprintf(out, "\tthisUpdate: %s\n", - printable_time(ocsp.ocsp.tbsResponseData.responses.val[i].thisUpdate)); - if (ocsp.ocsp.tbsResponseData.responses.val[i].nextUpdate) - fprintf(out, "\tproducedAt: %s\n", - printable_time(ocsp.ocsp.tbsResponseData.responses.val[i].thisUpdate)); - - } - - fprintf(out, "appended certs:\n"); - if (ocsp.certs) - ret = hx509_certs_iter(context, ocsp.certs, hx509_ci_print_names, out); - - free_ocsp(&ocsp); - return ret; -} - -/** - * Verify that the certificate is part of the OCSP reply and it's not - * expired. Doesn't verify signature the OCSP reply or it's done by a - * authorized sender, that is assumed to be already done. - * - * @param context a hx509 context - * @param now the time right now, if 0, use the current time. - * @param cert the certificate to verify - * @param flags flags control the behavior - * @param data pointer to the encode ocsp reply - * @param length the length of the encode ocsp reply - * @param expiration return the time the OCSP will expire and need to - * be rechecked. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_verify - */ - -int -hx509_ocsp_verify(hx509_context context, - time_t now, - hx509_cert cert, - int flags, - const void *data, size_t length, - time_t *expiration) -{ - const Certificate *c = _hx509_get_cert(cert); - OCSPBasicOCSPResponse basic; - int ret, i; - - if (now == 0) - now = time(NULL); - - *expiration = 0; - - ret = parse_ocsp_basic(data, length, &basic); - if (ret) { - hx509_set_error_string(context, 0, ret, - "Failed to parse OCSP response"); - return ret; - } - - for (i = 0; i < basic.tbsResponseData.responses.len; i++) { - - ret = der_heim_integer_cmp(&basic.tbsResponseData.responses.val[i].certID.serialNumber, - &c->tbsCertificate.serialNumber); - if (ret != 0) - continue; - - /* verify issuer hashes hash */ - ret = _hx509_verify_signature(context, - NULL, - &basic.tbsResponseData.responses.val[i].certID.hashAlgorithm, - &c->tbsCertificate.issuer._save, - &basic.tbsResponseData.responses.val[i].certID.issuerNameHash); - if (ret != 0) - continue; - - switch (basic.tbsResponseData.responses.val[i].certStatus.element) { - case choice_OCSPCertStatus_good: - break; - case choice_OCSPCertStatus_revoked: - case choice_OCSPCertStatus_unknown: - continue; - } - - /* don't allow the update to be in the future */ - if (basic.tbsResponseData.responses.val[i].thisUpdate > - now + context->ocsp_time_diff) - continue; - - /* don't allow the next update to be in the past */ - if (basic.tbsResponseData.responses.val[i].nextUpdate) { - if (*basic.tbsResponseData.responses.val[i].nextUpdate < now) - continue; - *expiration = *basic.tbsResponseData.responses.val[i].nextUpdate; - } else - *expiration = now; - - free_OCSPBasicOCSPResponse(&basic); - return 0; - } - - free_OCSPBasicOCSPResponse(&basic); - - { - hx509_name name; - char *subject; - - ret = hx509_cert_get_subject(cert, &name); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - ret = hx509_name_to_string(name, &subject); - hx509_name_free(&name); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - hx509_set_error_string(context, 0, HX509_CERT_NOT_IN_OCSP, - "Certificate %s not in OCSP response " - "or not good", - subject); - free(subject); - } -out: - return HX509_CERT_NOT_IN_OCSP; -} - -struct hx509_crl { - hx509_certs revoked; - time_t expire; -}; - -/** - * Create a CRL context. Use hx509_crl_free() to free the CRL context. - * - * @param context a hx509 context. - * @param crl return pointer to a newly allocated CRL context. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_verify - */ - -int -hx509_crl_alloc(hx509_context context, hx509_crl *crl) -{ - int ret; - - *crl = calloc(1, sizeof(**crl)); - if (*crl == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - - ret = hx509_certs_init(context, "MEMORY:crl", 0, NULL, &(*crl)->revoked); - if (ret) { - free(*crl); - *crl = NULL; - return ret; - } - (*crl)->expire = 0; - return ret; -} - -/** - * Add revoked certificate to an CRL context. - * - * @param context a hx509 context. - * @param crl the CRL to add the revoked certificate to. - * @param certs keyset of certificate to revoke. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_verify - */ - -int -hx509_crl_add_revoked_certs(hx509_context context, - hx509_crl crl, - hx509_certs certs) -{ - return hx509_certs_merge(context, crl->revoked, certs); -} - -/** - * Set the lifetime of a CRL context. - * - * @param context a hx509 context. - * @param crl a CRL context - * @param delta delta time the certificate is valid, library adds the - * current time to this. - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_verify - */ - -int -hx509_crl_lifetime(hx509_context context, hx509_crl crl, int delta) -{ - crl->expire = time(NULL) + delta; - return 0; -} - -/** - * Free a CRL context. - * - * @param context a hx509 context. - * @param crl a CRL context to free. - * - * @ingroup hx509_verify - */ - -void -hx509_crl_free(hx509_context context, hx509_crl *crl) -{ - if (*crl == NULL) - return; - hx509_certs_free(&(*crl)->revoked); - memset(*crl, 0, sizeof(**crl)); - free(*crl); - *crl = NULL; -} - -static int -add_revoked(hx509_context context, void *ctx, hx509_cert cert) -{ - TBSCRLCertList *c = ctx; - unsigned int num; - void *ptr; - int ret; - - num = c->revokedCertificates->len; - ptr = realloc(c->revokedCertificates->val, - (num + 1) * sizeof(c->revokedCertificates->val[0])); - if (ptr == NULL) { - hx509_clear_error_string(context); - return ENOMEM; - } - c->revokedCertificates->val = ptr; - - ret = hx509_cert_get_serialnumber(cert, - &c->revokedCertificates->val[num].userCertificate); - if (ret) { - hx509_clear_error_string(context); - return ret; - } - c->revokedCertificates->val[num].revocationDate.element = - choice_Time_generalTime; - c->revokedCertificates->val[num].revocationDate.u.generalTime = - time(NULL) - 3600 * 24; - c->revokedCertificates->val[num].crlEntryExtensions = NULL; - - c->revokedCertificates->len++; - - return 0; -} - -/** - * Sign a CRL and return an encode certificate. - * - * @param context a hx509 context. - * @param signer certificate to sign the CRL with - * @param crl the CRL to sign - * @param os return the signed and encoded CRL, free with - * free_heim_octet_string() - * - * @return An hx509 error code, see hx509_get_error_string(). - * - * @ingroup hx509_verify - */ - -int -hx509_crl_sign(hx509_context context, - hx509_cert signer, - hx509_crl crl, - heim_octet_string *os) -{ - const AlgorithmIdentifier *sigalg = _hx509_crypto_default_sig_alg; - CRLCertificateList c; - size_t size; - int ret; - hx509_private_key signerkey; - - memset(&c, 0, sizeof(c)); - - signerkey = _hx509_cert_private_key(signer); - if (signerkey == NULL) { - ret = HX509_PRIVATE_KEY_MISSING; - hx509_set_error_string(context, 0, ret, - "Private key missing for CRL signing"); - return ret; - } - - c.tbsCertList.version = malloc(sizeof(*c.tbsCertList.version)); - if (c.tbsCertList.version == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - return ENOMEM; - } - - *c.tbsCertList.version = 1; - - ret = copy_AlgorithmIdentifier(sigalg, &c.tbsCertList.signature); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - - ret = copy_Name(&_hx509_get_cert(signer)->tbsCertificate.issuer, - &c.tbsCertList.issuer); - if (ret) { - hx509_clear_error_string(context); - goto out; - } - - c.tbsCertList.thisUpdate.element = choice_Time_generalTime; - c.tbsCertList.thisUpdate.u.generalTime = time(NULL) - 24 * 3600; - - c.tbsCertList.nextUpdate = malloc(sizeof(*c.tbsCertList.nextUpdate)); - if (c.tbsCertList.nextUpdate == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - ret = ENOMEM; - goto out; - } - - { - time_t next = crl->expire; - if (next == 0) - next = time(NULL) + 24 * 3600 * 365; - - c.tbsCertList.nextUpdate->element = choice_Time_generalTime; - c.tbsCertList.nextUpdate->u.generalTime = next; - } - - c.tbsCertList.revokedCertificates = - calloc(1, sizeof(*c.tbsCertList.revokedCertificates)); - if (c.tbsCertList.revokedCertificates == NULL) { - hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - ret = ENOMEM; - goto out; - } - c.tbsCertList.crlExtensions = NULL; - - ret = hx509_certs_iter(context, crl->revoked, add_revoked, &c.tbsCertList); - if (ret) - goto out; - - /* if not revoked certs, remove OPTIONAL entry */ - if (c.tbsCertList.revokedCertificates->len == 0) { - free(c.tbsCertList.revokedCertificates); - c.tbsCertList.revokedCertificates = NULL; - } - - ASN1_MALLOC_ENCODE(TBSCRLCertList, os->data, os->length, - &c.tbsCertList, &size, ret); - if (ret) { - hx509_set_error_string(context, 0, ret, "failed to encode tbsCRL"); - goto out; - } - if (size != os->length) - _hx509_abort("internal ASN.1 encoder error"); - - - ret = _hx509_create_signature_bitstring(context, - signerkey, - sigalg, - os, - &c.signatureAlgorithm, - &c.signatureValue); - free(os->data); - - ASN1_MALLOC_ENCODE(CRLCertificateList, os->data, os->length, - &c, &size, ret); - free_CRLCertificateList(&c); - if (ret) { - hx509_set_error_string(context, 0, ret, "failed to encode CRL"); - goto out; - } - if (size != os->length) - _hx509_abort("internal ASN.1 encoder error"); - - return 0; - -out: - free_CRLCertificateList(&c); - return ret; -} diff --git a/crypto/heimdal/lib/hx509/softp11.c b/crypto/heimdal/lib/hx509/softp11.c deleted file mode 100644 index 86bb1d6dbe75..000000000000 --- a/crypto/heimdal/lib/hx509/softp11.c +++ /dev/null @@ -1,1740 +0,0 @@ -/* - * Copyright (c) 2004 - 2008 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -#include "pkcs11.h" - -#define OBJECT_ID_MASK 0xfff -#define HANDLE_OBJECT_ID(h) ((h) & OBJECT_ID_MASK) -#define OBJECT_ID(obj) HANDLE_OBJECT_ID((obj)->object_handle) - - -struct st_attr { - CK_ATTRIBUTE attribute; - int secret; -}; - -struct st_object { - CK_OBJECT_HANDLE object_handle; - struct st_attr *attrs; - int num_attributes; - hx509_cert cert; -}; - -static struct soft_token { - CK_VOID_PTR application; - CK_NOTIFY notify; - char *config_file; - hx509_certs certs; - struct { - struct st_object **objs; - int num_objs; - } object; - struct { - int hardware_slot; - int app_error_fatal; - int login_done; - } flags; - int open_sessions; - struct session_state { - CK_SESSION_HANDLE session_handle; - - struct { - CK_ATTRIBUTE *attributes; - CK_ULONG num_attributes; - int next_object; - } find; - - int sign_object; - CK_MECHANISM_PTR sign_mechanism; - int verify_object; - CK_MECHANISM_PTR verify_mechanism; - } state[10]; -#define MAX_NUM_SESSION (sizeof(soft_token.state)/sizeof(soft_token.state[0])) - FILE *logfile; -} soft_token; - -static hx509_context context; - -static void -application_error(const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - vprintf(fmt, ap); - va_end(ap); - if (soft_token.flags.app_error_fatal) - abort(); -} - -static void -st_logf(const char *fmt, ...) -{ - va_list ap; - if (soft_token.logfile == NULL) - return; - va_start(ap, fmt); - vfprintf(soft_token.logfile, fmt, ap); - va_end(ap); - fflush(soft_token.logfile); -} - -static CK_RV -init_context(void) -{ - if (context == NULL) { - int ret = hx509_context_init(&context); - if (ret) - return CKR_GENERAL_ERROR; - } - return CKR_OK; -} - -#define INIT_CONTEXT() { CK_RV icret = init_context(); if (icret) return icret; } - -static void -snprintf_fill(char *str, size_t size, char fillchar, const char *fmt, ...) -{ - int len; - va_list ap; - len = vsnprintf(str, size, fmt, ap); - va_end(ap); - if (len < 0 || len > size) - return; - while(len < size) - str[len++] = fillchar; -} - -#ifndef TEST_APP -#define printf error_use_st_logf -#endif - -#define VERIFY_SESSION_HANDLE(s, state) \ -{ \ - CK_RV ret; \ - ret = verify_session_handle(s, state); \ - if (ret != CKR_OK) { \ - /* return CKR_OK */; \ - } \ -} - -static CK_RV -verify_session_handle(CK_SESSION_HANDLE hSession, - struct session_state **state) -{ - int i; - - for (i = 0; i < MAX_NUM_SESSION; i++){ - if (soft_token.state[i].session_handle == hSession) - break; - } - if (i == MAX_NUM_SESSION) { - application_error("use of invalid handle: 0x%08lx\n", - (unsigned long)hSession); - return CKR_SESSION_HANDLE_INVALID; - } - if (state) - *state = &soft_token.state[i]; - return CKR_OK; -} - -static CK_RV -object_handle_to_object(CK_OBJECT_HANDLE handle, - struct st_object **object) -{ - int i = HANDLE_OBJECT_ID(handle); - - *object = NULL; - if (i >= soft_token.object.num_objs) - return CKR_ARGUMENTS_BAD; - if (soft_token.object.objs[i] == NULL) - return CKR_ARGUMENTS_BAD; - if (soft_token.object.objs[i]->object_handle != handle) - return CKR_ARGUMENTS_BAD; - *object = soft_token.object.objs[i]; - return CKR_OK; -} - -static int -attributes_match(const struct st_object *obj, - const CK_ATTRIBUTE *attributes, - CK_ULONG num_attributes) -{ - CK_ULONG i; - int j; - - st_logf("attributes_match: %ld\n", (unsigned long)OBJECT_ID(obj)); - - for (i = 0; i < num_attributes; i++) { - int match = 0; - for (j = 0; j < obj->num_attributes; j++) { - if (attributes[i].type == obj->attrs[j].attribute.type && - attributes[i].ulValueLen == obj->attrs[j].attribute.ulValueLen && - memcmp(attributes[i].pValue, obj->attrs[j].attribute.pValue, - attributes[i].ulValueLen) == 0) { - match = 1; - break; - } - } - if (match == 0) { - st_logf("type %d attribute have no match\n", attributes[i].type); - return 0; - } - } - st_logf("attribute matches\n"); - return 1; -} - -static void -print_attributes(const CK_ATTRIBUTE *attributes, - CK_ULONG num_attributes) -{ - CK_ULONG i; - - st_logf("find objects: attrs: %lu\n", (unsigned long)num_attributes); - - for (i = 0; i < num_attributes; i++) { - st_logf(" type: "); - switch (attributes[i].type) { - case CKA_TOKEN: { - CK_BBOOL *ck_true; - if (attributes[i].ulValueLen != sizeof(CK_BBOOL)) { - application_error("token attribute wrong length\n"); - break; - } - ck_true = attributes[i].pValue; - st_logf("token: %s", *ck_true ? "TRUE" : "FALSE"); - break; - } - case CKA_CLASS: { - CK_OBJECT_CLASS *class; - if (attributes[i].ulValueLen != sizeof(CK_ULONG)) { - application_error("class attribute wrong length\n"); - break; - } - class = attributes[i].pValue; - st_logf("class "); - switch (*class) { - case CKO_CERTIFICATE: - st_logf("certificate"); - break; - case CKO_PUBLIC_KEY: - st_logf("public key"); - break; - case CKO_PRIVATE_KEY: - st_logf("private key"); - break; - case CKO_SECRET_KEY: - st_logf("secret key"); - break; - case CKO_DOMAIN_PARAMETERS: - st_logf("domain parameters"); - break; - default: - st_logf("[class %lx]", (long unsigned)*class); - break; - } - break; - } - case CKA_PRIVATE: - st_logf("private"); - break; - case CKA_LABEL: - st_logf("label"); - break; - case CKA_APPLICATION: - st_logf("application"); - break; - case CKA_VALUE: - st_logf("value"); - break; - case CKA_ID: - st_logf("id"); - break; - default: - st_logf("[unknown 0x%08lx]", (unsigned long)attributes[i].type); - break; - } - st_logf("\n"); - } -} - -static struct st_object * -add_st_object(void) -{ - struct st_object *o, **objs; - int i; - - o = malloc(sizeof(*o)); - if (o == NULL) - return NULL; - memset(o, 0, sizeof(*o)); - o->attrs = NULL; - o->num_attributes = 0; - - for (i = 0; i < soft_token.object.num_objs; i++) { - if (soft_token.object.objs == NULL) { - soft_token.object.objs[i] = o; - break; - } - } - if (i == soft_token.object.num_objs) { - objs = realloc(soft_token.object.objs, - (soft_token.object.num_objs + 1) * sizeof(soft_token.object.objs[0])); - if (objs == NULL) { - free(o); - return NULL; - } - soft_token.object.objs = objs; - soft_token.object.objs[soft_token.object.num_objs++] = o; - } - soft_token.object.objs[i]->object_handle = - (random() & (~OBJECT_ID_MASK)) | i; - - return o; -} - -static CK_RV -add_object_attribute(struct st_object *o, - int secret, - CK_ATTRIBUTE_TYPE type, - CK_VOID_PTR pValue, - CK_ULONG ulValueLen) -{ - struct st_attr *a; - int i; - - i = o->num_attributes; - a = realloc(o->attrs, (i + 1) * sizeof(o->attrs[0])); - if (a == NULL) - return CKR_DEVICE_MEMORY; - o->attrs = a; - o->attrs[i].secret = secret; - o->attrs[i].attribute.type = type; - o->attrs[i].attribute.pValue = malloc(ulValueLen); - if (o->attrs[i].attribute.pValue == NULL && ulValueLen != 0) - return CKR_DEVICE_MEMORY; - memcpy(o->attrs[i].attribute.pValue, pValue, ulValueLen); - o->attrs[i].attribute.ulValueLen = ulValueLen; - o->num_attributes++; - - return CKR_OK; -} - -static CK_RV -add_pubkey_info(hx509_context hxctx, struct st_object *o, - CK_KEY_TYPE key_type, hx509_cert cert) -{ - BIGNUM *num; - CK_BYTE *modulus = NULL; - size_t modulus_len = 0; - CK_ULONG modulus_bits = 0; - CK_BYTE *exponent = NULL; - size_t exponent_len = 0; - - if (key_type != CKK_RSA) - return CKR_OK; - if (_hx509_cert_private_key(cert) == NULL) - return CKR_OK; - - num = _hx509_private_key_get_internal(context, - _hx509_cert_private_key(cert), - "rsa-modulus"); - if (num == NULL) - return CKR_GENERAL_ERROR; - modulus_bits = BN_num_bits(num); - - modulus_len = BN_num_bytes(num); - modulus = malloc(modulus_len); - BN_bn2bin(num, modulus); - BN_free(num); - - add_object_attribute(o, 0, CKA_MODULUS, modulus, modulus_len); - add_object_attribute(o, 0, CKA_MODULUS_BITS, - &modulus_bits, sizeof(modulus_bits)); - - free(modulus); - - num = _hx509_private_key_get_internal(context, - _hx509_cert_private_key(cert), - "rsa-exponent"); - if (num == NULL) - return CKR_GENERAL_ERROR; - - exponent_len = BN_num_bytes(num); - exponent = malloc(exponent_len); - BN_bn2bin(num, exponent); - BN_free(num); - - add_object_attribute(o, 0, CKA_PUBLIC_EXPONENT, - exponent, exponent_len); - - free(exponent); - - return CKR_OK; -} - - -struct foo { - char *label; - char *id; -}; - -static int -add_cert(hx509_context hxctx, void *ctx, hx509_cert cert) -{ - struct foo *foo = (struct foo *)ctx; - struct st_object *o = NULL; - CK_OBJECT_CLASS type; - CK_BBOOL bool_true = CK_TRUE; - CK_BBOOL bool_false = CK_FALSE; - CK_CERTIFICATE_TYPE cert_type = CKC_X_509; - CK_KEY_TYPE key_type; - CK_MECHANISM_TYPE mech_type; - CK_RV ret = CKR_GENERAL_ERROR; - int hret; - heim_octet_string cert_data, subject_data, issuer_data, serial_data; - - st_logf("adding certificate\n"); - - serial_data.data = NULL; - serial_data.length = 0; - cert_data = subject_data = issuer_data = serial_data; - - hret = hx509_cert_binary(hxctx, cert, &cert_data); - if (hret) - goto out; - - { - hx509_name name; - - hret = hx509_cert_get_issuer(cert, &name); - if (hret) - goto out; - hret = hx509_name_binary(name, &issuer_data); - hx509_name_free(&name); - if (hret) - goto out; - - hret = hx509_cert_get_subject(cert, &name); - if (hret) - goto out; - hret = hx509_name_binary(name, &subject_data); - hx509_name_free(&name); - if (hret) - goto out; - } - - { - AlgorithmIdentifier alg; - - hret = hx509_cert_get_SPKI_AlgorithmIdentifier(context, cert, &alg); - if (hret) { - ret = CKR_DEVICE_MEMORY; - goto out; - } - - key_type = CKK_RSA; /* XXX */ - - free_AlgorithmIdentifier(&alg); - } - - - type = CKO_CERTIFICATE; - o = add_st_object(); - if (o == NULL) { - ret = CKR_DEVICE_MEMORY; - goto out; - } - - o->cert = hx509_cert_ref(cert); - - add_object_attribute(o, 0, CKA_CLASS, &type, sizeof(type)); - add_object_attribute(o, 0, CKA_TOKEN, &bool_true, sizeof(bool_true)); - add_object_attribute(o, 0, CKA_PRIVATE, &bool_false, sizeof(bool_false)); - add_object_attribute(o, 0, CKA_MODIFIABLE, &bool_false, sizeof(bool_false)); - add_object_attribute(o, 0, CKA_LABEL, foo->label, strlen(foo->label)); - - add_object_attribute(o, 0, CKA_CERTIFICATE_TYPE, &cert_type, sizeof(cert_type)); - add_object_attribute(o, 0, CKA_ID, foo->id, strlen(foo->id)); - - add_object_attribute(o, 0, CKA_SUBJECT, subject_data.data, subject_data.length); - add_object_attribute(o, 0, CKA_ISSUER, issuer_data.data, issuer_data.length); - add_object_attribute(o, 0, CKA_SERIAL_NUMBER, serial_data.data, serial_data.length); - add_object_attribute(o, 0, CKA_VALUE, cert_data.data, cert_data.length); - add_object_attribute(o, 0, CKA_TRUSTED, &bool_false, sizeof(bool_false)); - - st_logf("add cert ok: %lx\n", (unsigned long)OBJECT_ID(o)); - - type = CKO_PUBLIC_KEY; - o = add_st_object(); - if (o == NULL) { - ret = CKR_DEVICE_MEMORY; - goto out; - } - o->cert = hx509_cert_ref(cert); - - add_object_attribute(o, 0, CKA_CLASS, &type, sizeof(type)); - add_object_attribute(o, 0, CKA_TOKEN, &bool_true, sizeof(bool_true)); - add_object_attribute(o, 0, CKA_PRIVATE, &bool_false, sizeof(bool_false)); - add_object_attribute(o, 0, CKA_MODIFIABLE, &bool_false, sizeof(bool_false)); - add_object_attribute(o, 0, CKA_LABEL, foo->label, strlen(foo->label)); - - add_object_attribute(o, 0, CKA_KEY_TYPE, &key_type, sizeof(key_type)); - add_object_attribute(o, 0, CKA_ID, foo->id, strlen(foo->id)); - add_object_attribute(o, 0, CKA_START_DATE, "", 1); /* XXX */ - add_object_attribute(o, 0, CKA_END_DATE, "", 1); /* XXX */ - add_object_attribute(o, 0, CKA_DERIVE, &bool_false, sizeof(bool_false)); - add_object_attribute(o, 0, CKA_LOCAL, &bool_false, sizeof(bool_false)); - mech_type = CKM_RSA_X_509; - add_object_attribute(o, 0, CKA_KEY_GEN_MECHANISM, &mech_type, sizeof(mech_type)); - - add_object_attribute(o, 0, CKA_SUBJECT, subject_data.data, subject_data.length); - add_object_attribute(o, 0, CKA_ENCRYPT, &bool_true, sizeof(bool_true)); - add_object_attribute(o, 0, CKA_VERIFY, &bool_true, sizeof(bool_true)); - add_object_attribute(o, 0, CKA_VERIFY_RECOVER, &bool_false, sizeof(bool_false)); - add_object_attribute(o, 0, CKA_WRAP, &bool_true, sizeof(bool_true)); - add_object_attribute(o, 0, CKA_TRUSTED, &bool_true, sizeof(bool_true)); - - add_pubkey_info(hxctx, o, key_type, cert); - - st_logf("add key ok: %lx\n", (unsigned long)OBJECT_ID(o)); - - if (hx509_cert_have_private_key(cert)) { - CK_FLAGS flags; - - type = CKO_PRIVATE_KEY; - o = add_st_object(); - if (o == NULL) { - ret = CKR_DEVICE_MEMORY; - goto out; - } - o->cert = hx509_cert_ref(cert); - - add_object_attribute(o, 0, CKA_CLASS, &type, sizeof(type)); - add_object_attribute(o, 0, CKA_TOKEN, &bool_true, sizeof(bool_true)); - add_object_attribute(o, 0, CKA_PRIVATE, &bool_true, sizeof(bool_false)); - add_object_attribute(o, 0, CKA_MODIFIABLE, &bool_false, sizeof(bool_false)); - add_object_attribute(o, 0, CKA_LABEL, foo->label, strlen(foo->label)); - - add_object_attribute(o, 0, CKA_KEY_TYPE, &key_type, sizeof(key_type)); - add_object_attribute(o, 0, CKA_ID, foo->id, strlen(foo->id)); - add_object_attribute(o, 0, CKA_START_DATE, "", 1); /* XXX */ - add_object_attribute(o, 0, CKA_END_DATE, "", 1); /* XXX */ - add_object_attribute(o, 0, CKA_DERIVE, &bool_false, sizeof(bool_false)); - add_object_attribute(o, 0, CKA_LOCAL, &bool_false, sizeof(bool_false)); - mech_type = CKM_RSA_X_509; - add_object_attribute(o, 0, CKA_KEY_GEN_MECHANISM, &mech_type, sizeof(mech_type)); - - add_object_attribute(o, 0, CKA_SUBJECT, subject_data.data, subject_data.length); - add_object_attribute(o, 0, CKA_SENSITIVE, &bool_true, sizeof(bool_true)); - add_object_attribute(o, 0, CKA_SECONDARY_AUTH, &bool_false, sizeof(bool_true)); - flags = 0; - add_object_attribute(o, 0, CKA_AUTH_PIN_FLAGS, &flags, sizeof(flags)); - - add_object_attribute(o, 0, CKA_DECRYPT, &bool_true, sizeof(bool_true)); - add_object_attribute(o, 0, CKA_SIGN, &bool_true, sizeof(bool_true)); - add_object_attribute(o, 0, CKA_SIGN_RECOVER, &bool_false, sizeof(bool_false)); - add_object_attribute(o, 0, CKA_UNWRAP, &bool_true, sizeof(bool_true)); - add_object_attribute(o, 0, CKA_EXTRACTABLE, &bool_true, sizeof(bool_true)); - add_object_attribute(o, 0, CKA_NEVER_EXTRACTABLE, &bool_false, sizeof(bool_false)); - - add_pubkey_info(hxctx, o, key_type, cert); - } - - ret = CKR_OK; - out: - if (ret != CKR_OK) { - st_logf("something went wrong when adding cert!\n"); - - /* XXX wack o */; - } - hx509_xfree(cert_data.data); - hx509_xfree(serial_data.data); - hx509_xfree(issuer_data.data); - hx509_xfree(subject_data.data); - - return 0; -} - -static CK_RV -add_certificate(const char *cert_file, - const char *pin, - char *id, - char *label) -{ - hx509_certs certs; - hx509_lock lock = NULL; - int ret, flags = 0; - - struct foo foo; - foo.id = id; - foo.label = label; - - if (pin == NULL) - flags |= HX509_CERTS_UNPROTECT_ALL; - - if (pin) { - char *str; - asprintf(&str, "PASS:%s", pin); - - hx509_lock_init(context, &lock); - hx509_lock_command_string(lock, str); - - memset(str, 0, strlen(str)); - free(str); - } - - ret = hx509_certs_init(context, cert_file, flags, lock, &certs); - if (ret) { - st_logf("failed to open file %s\n", cert_file); - return CKR_GENERAL_ERROR; - } - - ret = hx509_certs_iter(context, certs, add_cert, &foo); - hx509_certs_free(&certs); - if (ret) { - st_logf("failed adding certs from file %s\n", cert_file); - return CKR_GENERAL_ERROR; - } - - return CKR_OK; -} - -static void -find_object_final(struct session_state *state) -{ - if (state->find.attributes) { - CK_ULONG i; - - for (i = 0; i < state->find.num_attributes; i++) { - if (state->find.attributes[i].pValue) - free(state->find.attributes[i].pValue); - } - free(state->find.attributes); - state->find.attributes = NULL; - state->find.num_attributes = 0; - state->find.next_object = -1; - } -} - -static void -reset_crypto_state(struct session_state *state) -{ - state->sign_object = -1; - if (state->sign_mechanism) - free(state->sign_mechanism); - state->sign_mechanism = NULL_PTR; - state->verify_object = -1; - if (state->verify_mechanism) - free(state->verify_mechanism); - state->verify_mechanism = NULL_PTR; -} - -static void -close_session(struct session_state *state) -{ - if (state->find.attributes) { - application_error("application didn't do C_FindObjectsFinal\n"); - find_object_final(state); - } - - state->session_handle = CK_INVALID_HANDLE; - soft_token.application = NULL_PTR; - soft_token.notify = NULL_PTR; - reset_crypto_state(state); -} - -static const char * -has_session(void) -{ - return soft_token.open_sessions > 0 ? "yes" : "no"; -} - -static CK_RV -read_conf_file(const char *fn, CK_USER_TYPE userType, const char *pin) -{ - char buf[1024], *type, *s, *p; - int anchor; - FILE *f; - CK_RV ret = CKR_OK; - CK_RV failed = CKR_OK; - - f = fopen(fn, "r"); - if (f == NULL) { - st_logf("can't open configuration file %s\n", fn); - return CKR_GENERAL_ERROR; - } - - while(fgets(buf, sizeof(buf), f) != NULL) { - buf[strcspn(buf, "\n")] = '\0'; - - anchor = 0; - - st_logf("line: %s\n", buf); - - p = buf; - while (isspace(*p)) - p++; - if (*p == '#') - continue; - while (isspace(*p)) - p++; - - s = NULL; - type = strtok_r(p, "\t", &s); - if (type == NULL) - continue; - - if (strcasecmp("certificate", type) == 0) { - char *cert, *id, *label; - - id = strtok_r(NULL, "\t", &s); - if (id == NULL) { - st_logf("no id\n"); - continue; - } - st_logf("id: %s\n", id); - label = strtok_r(NULL, "\t", &s); - if (label == NULL) { - st_logf("no label\n"); - continue; - } - cert = strtok_r(NULL, "\t", &s); - if (cert == NULL) { - st_logf("no certfiicate store\n"); - continue; - } - - st_logf("adding: %s: %s in file %s\n", id, label, cert); - - ret = add_certificate(cert, pin, id, label); - if (ret) - failed = ret; - } else if (strcasecmp("debug", type) == 0) { - char *name; - - name = strtok_r(NULL, "\t", &s); - if (name == NULL) { - st_logf("no filename\n"); - continue; - } - - if (soft_token.logfile) - fclose(soft_token.logfile); - - if (strcasecmp(name, "stdout") == 0) - soft_token.logfile = stdout; - else - soft_token.logfile = fopen(name, "a"); - if (soft_token.logfile == NULL) - st_logf("failed to open file: %s\n", name); - - } else if (strcasecmp("app-fatal", type) == 0) { - char *name; - - name = strtok_r(NULL, "\t", &s); - if (name == NULL) { - st_logf("argument to app-fatal\n"); - continue; - } - - if (strcmp(name, "true") == 0 || strcmp(name, "on") == 0) - soft_token.flags.app_error_fatal = 1; - else if (strcmp(name, "false") == 0 || strcmp(name, "off") == 0) - soft_token.flags.app_error_fatal = 0; - else - st_logf("unknown app-fatal: %s\n", name); - - } else { - st_logf("unknown type: %s\n", type); - } - } - - fclose(f); - - return failed; -} - -static CK_RV -func_not_supported(void) -{ - st_logf("function not supported\n"); - return CKR_FUNCTION_NOT_SUPPORTED; -} - -CK_RV -C_Initialize(CK_VOID_PTR a) -{ - CK_C_INITIALIZE_ARGS_PTR args = a; - CK_RV ret; - int i; - - st_logf("Initialize\n"); - - INIT_CONTEXT(); - - OpenSSL_add_all_algorithms(); - - srandom(getpid() ^ time(NULL)); - - for (i = 0; i < MAX_NUM_SESSION; i++) { - soft_token.state[i].session_handle = CK_INVALID_HANDLE; - soft_token.state[i].find.attributes = NULL; - soft_token.state[i].find.num_attributes = 0; - soft_token.state[i].find.next_object = -1; - reset_crypto_state(&soft_token.state[i]); - } - - soft_token.flags.hardware_slot = 1; - soft_token.flags.app_error_fatal = 0; - soft_token.flags.login_done = 0; - - soft_token.object.objs = NULL; - soft_token.object.num_objs = 0; - - soft_token.logfile = NULL; -#if 0 - soft_token.logfile = stdout; -#endif -#if 0 - soft_token.logfile = fopen("/tmp/log-pkcs11.txt", "a"); -#endif - - if (a != NULL_PTR) { - st_logf("\tCreateMutex:\t%p\n", args->CreateMutex); - st_logf("\tDestroyMutext\t%p\n", args->DestroyMutex); - st_logf("\tLockMutext\t%p\n", args->LockMutex); - st_logf("\tUnlockMutext\t%p\n", args->UnlockMutex); - st_logf("\tFlags\t%04x\n", (unsigned int)args->flags); - } - - { - char *fn = NULL, *home = NULL; - - if (getuid() == geteuid()) { - fn = getenv("SOFTPKCS11RC"); - if (fn) - fn = strdup(fn); - home = getenv("HOME"); - } - if (fn == NULL && home == NULL) { - struct passwd *pw = getpwuid(getuid()); - if(pw != NULL) - home = pw->pw_dir; - } - if (fn == NULL) { - if (home) - asprintf(&fn, "%s/.soft-token.rc", home); - else - fn = strdup("/etc/soft-token.rc"); - } - - soft_token.config_file = fn; - } - - /* - * This operations doesn't return CKR_OK if any of the - * certificates failes to be unparsed (ie password protected). - */ - ret = read_conf_file(soft_token.config_file, CKU_USER, NULL); - if (ret == CKR_OK) - soft_token.flags.login_done = 1; - - return CKR_OK; -} - -CK_RV -C_Finalize(CK_VOID_PTR args) -{ - int i; - - INIT_CONTEXT(); - - st_logf("Finalize\n"); - - for (i = 0; i < MAX_NUM_SESSION; i++) { - if (soft_token.state[i].session_handle != CK_INVALID_HANDLE) { - application_error("application finalized without " - "closing session\n"); - close_session(&soft_token.state[i]); - } - } - - return CKR_OK; -} - -CK_RV -C_GetInfo(CK_INFO_PTR args) -{ - INIT_CONTEXT(); - - st_logf("GetInfo\n"); - - memset(args, 17, sizeof(*args)); - args->cryptokiVersion.major = 2; - args->cryptokiVersion.minor = 10; - snprintf_fill((char *)args->manufacturerID, - sizeof(args->manufacturerID), - ' ', - "Heimdal hx509 SoftToken"); - snprintf_fill((char *)args->libraryDescription, - sizeof(args->libraryDescription), ' ', - "Heimdal hx509 SoftToken"); - args->libraryVersion.major = 2; - args->libraryVersion.minor = 0; - - return CKR_OK; -} - -extern CK_FUNCTION_LIST funcs; - -CK_RV -C_GetFunctionList(CK_FUNCTION_LIST_PTR_PTR ppFunctionList) -{ - INIT_CONTEXT(); - - *ppFunctionList = &funcs; - return CKR_OK; -} - -CK_RV -C_GetSlotList(CK_BBOOL tokenPresent, - CK_SLOT_ID_PTR pSlotList, - CK_ULONG_PTR pulCount) -{ - INIT_CONTEXT(); - st_logf("GetSlotList: %s\n", - tokenPresent ? "tokenPresent" : "token not Present"); - if (pSlotList) - pSlotList[0] = 1; - *pulCount = 1; - return CKR_OK; -} - -CK_RV -C_GetSlotInfo(CK_SLOT_ID slotID, - CK_SLOT_INFO_PTR pInfo) -{ - INIT_CONTEXT(); - st_logf("GetSlotInfo: slot: %d : %s\n", (int)slotID, has_session()); - - memset(pInfo, 18, sizeof(*pInfo)); - - if (slotID != 1) - return CKR_ARGUMENTS_BAD; - - snprintf_fill((char *)pInfo->slotDescription, - sizeof(pInfo->slotDescription), - ' ', - "Heimdal hx509 SoftToken (slot)"); - snprintf_fill((char *)pInfo->manufacturerID, - sizeof(pInfo->manufacturerID), - ' ', - "Heimdal hx509 SoftToken (slot)"); - pInfo->flags = CKF_TOKEN_PRESENT; - if (soft_token.flags.hardware_slot) - pInfo->flags |= CKF_HW_SLOT; - pInfo->hardwareVersion.major = 1; - pInfo->hardwareVersion.minor = 0; - pInfo->firmwareVersion.major = 1; - pInfo->firmwareVersion.minor = 0; - - return CKR_OK; -} - -CK_RV -C_GetTokenInfo(CK_SLOT_ID slotID, - CK_TOKEN_INFO_PTR pInfo) -{ - INIT_CONTEXT(); - st_logf("GetTokenInfo: %s\n", has_session()); - - memset(pInfo, 19, sizeof(*pInfo)); - - snprintf_fill((char *)pInfo->label, - sizeof(pInfo->label), - ' ', - "Heimdal hx509 SoftToken (token)"); - snprintf_fill((char *)pInfo->manufacturerID, - sizeof(pInfo->manufacturerID), - ' ', - "Heimdal hx509 SoftToken (token)"); - snprintf_fill((char *)pInfo->model, - sizeof(pInfo->model), - ' ', - "Heimdal hx509 SoftToken (token)"); - snprintf_fill((char *)pInfo->serialNumber, - sizeof(pInfo->serialNumber), - ' ', - "4711"); - pInfo->flags = - CKF_TOKEN_INITIALIZED | - CKF_USER_PIN_INITIALIZED; - - if (soft_token.flags.login_done == 0) - pInfo->flags |= CKF_LOGIN_REQUIRED; - - /* CFK_RNG | - CKF_RESTORE_KEY_NOT_NEEDED | - */ - pInfo->ulMaxSessionCount = MAX_NUM_SESSION; - pInfo->ulSessionCount = soft_token.open_sessions; - pInfo->ulMaxRwSessionCount = MAX_NUM_SESSION; - pInfo->ulRwSessionCount = soft_token.open_sessions; - pInfo->ulMaxPinLen = 1024; - pInfo->ulMinPinLen = 0; - pInfo->ulTotalPublicMemory = 4711; - pInfo->ulFreePublicMemory = 4712; - pInfo->ulTotalPrivateMemory = 4713; - pInfo->ulFreePrivateMemory = 4714; - pInfo->hardwareVersion.major = 2; - pInfo->hardwareVersion.minor = 0; - pInfo->firmwareVersion.major = 2; - pInfo->firmwareVersion.minor = 0; - - return CKR_OK; -} - -CK_RV -C_GetMechanismList(CK_SLOT_ID slotID, - CK_MECHANISM_TYPE_PTR pMechanismList, - CK_ULONG_PTR pulCount) -{ - INIT_CONTEXT(); - st_logf("GetMechanismList\n"); - - *pulCount = 1; - if (pMechanismList == NULL_PTR) - return CKR_OK; - pMechanismList[1] = CKM_RSA_PKCS; - - return CKR_OK; -} - -CK_RV -C_GetMechanismInfo(CK_SLOT_ID slotID, - CK_MECHANISM_TYPE type, - CK_MECHANISM_INFO_PTR pInfo) -{ - INIT_CONTEXT(); - st_logf("GetMechanismInfo: slot %d type: %d\n", - (int)slotID, (int)type); - memset(pInfo, 0, sizeof(*pInfo)); - - return CKR_OK; -} - -CK_RV -C_InitToken(CK_SLOT_ID slotID, - CK_UTF8CHAR_PTR pPin, - CK_ULONG ulPinLen, - CK_UTF8CHAR_PTR pLabel) -{ - INIT_CONTEXT(); - st_logf("InitToken: slot %d\n", (int)slotID); - return CKR_FUNCTION_NOT_SUPPORTED; -} - -CK_RV -C_OpenSession(CK_SLOT_ID slotID, - CK_FLAGS flags, - CK_VOID_PTR pApplication, - CK_NOTIFY Notify, - CK_SESSION_HANDLE_PTR phSession) -{ - int i; - INIT_CONTEXT(); - st_logf("OpenSession: slot: %d\n", (int)slotID); - - if (soft_token.open_sessions == MAX_NUM_SESSION) - return CKR_SESSION_COUNT; - - soft_token.application = pApplication; - soft_token.notify = Notify; - - for (i = 0; i < MAX_NUM_SESSION; i++) - if (soft_token.state[i].session_handle == CK_INVALID_HANDLE) - break; - if (i == MAX_NUM_SESSION) - abort(); - - soft_token.open_sessions++; - - soft_token.state[i].session_handle = - (CK_SESSION_HANDLE)(random() & 0xfffff); - *phSession = soft_token.state[i].session_handle; - - return CKR_OK; -} - -CK_RV -C_CloseSession(CK_SESSION_HANDLE hSession) -{ - struct session_state *state; - INIT_CONTEXT(); - st_logf("CloseSession\n"); - - if (verify_session_handle(hSession, &state) != CKR_OK) - application_error("closed session not open"); - else - close_session(state); - - return CKR_OK; -} - -CK_RV -C_CloseAllSessions(CK_SLOT_ID slotID) -{ - int i; - INIT_CONTEXT(); - - st_logf("CloseAllSessions\n"); - - for (i = 0; i < MAX_NUM_SESSION; i++) - if (soft_token.state[i].session_handle != CK_INVALID_HANDLE) - close_session(&soft_token.state[i]); - - return CKR_OK; -} - -CK_RV -C_GetSessionInfo(CK_SESSION_HANDLE hSession, - CK_SESSION_INFO_PTR pInfo) -{ - st_logf("GetSessionInfo\n"); - INIT_CONTEXT(); - - VERIFY_SESSION_HANDLE(hSession, NULL); - - memset(pInfo, 20, sizeof(*pInfo)); - - pInfo->slotID = 1; - if (soft_token.flags.login_done) - pInfo->state = CKS_RO_USER_FUNCTIONS; - else - pInfo->state = CKS_RO_PUBLIC_SESSION; - pInfo->flags = CKF_SERIAL_SESSION; - pInfo->ulDeviceError = 0; - - return CKR_OK; -} - -CK_RV -C_Login(CK_SESSION_HANDLE hSession, - CK_USER_TYPE userType, - CK_UTF8CHAR_PTR pPin, - CK_ULONG ulPinLen) -{ - char *pin = NULL; - CK_RV ret; - INIT_CONTEXT(); - - st_logf("Login\n"); - - VERIFY_SESSION_HANDLE(hSession, NULL); - - if (pPin != NULL_PTR) { - asprintf(&pin, "%.*s", (int)ulPinLen, pPin); - st_logf("type: %d password: %s\n", (int)userType, pin); - } - - /* - * Login - */ - - ret = read_conf_file(soft_token.config_file, userType, pin); - if (ret == CKR_OK) - soft_token.flags.login_done = 1; - - free(pin); - - return soft_token.flags.login_done ? CKR_OK : CKR_PIN_INCORRECT; -} - -CK_RV -C_Logout(CK_SESSION_HANDLE hSession) -{ - st_logf("Logout\n"); - INIT_CONTEXT(); - - VERIFY_SESSION_HANDLE(hSession, NULL); - return CKR_FUNCTION_NOT_SUPPORTED; -} - -CK_RV -C_GetObjectSize(CK_SESSION_HANDLE hSession, - CK_OBJECT_HANDLE hObject, - CK_ULONG_PTR pulSize) -{ - st_logf("GetObjectSize\n"); - INIT_CONTEXT(); - - VERIFY_SESSION_HANDLE(hSession, NULL); - return CKR_FUNCTION_NOT_SUPPORTED; -} - -CK_RV -C_GetAttributeValue(CK_SESSION_HANDLE hSession, - CK_OBJECT_HANDLE hObject, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulCount) -{ - struct session_state *state; - struct st_object *obj; - CK_ULONG i; - CK_RV ret; - int j; - - INIT_CONTEXT(); - - st_logf("GetAttributeValue: %lx\n", - (unsigned long)HANDLE_OBJECT_ID(hObject)); - VERIFY_SESSION_HANDLE(hSession, &state); - - if ((ret = object_handle_to_object(hObject, &obj)) != CKR_OK) { - st_logf("object not found: %lx\n", - (unsigned long)HANDLE_OBJECT_ID(hObject)); - return ret; - } - - for (i = 0; i < ulCount; i++) { - st_logf(" getting 0x%08lx\n", (unsigned long)pTemplate[i].type); - for (j = 0; j < obj->num_attributes; j++) { - if (obj->attrs[j].secret) { - pTemplate[i].ulValueLen = (CK_ULONG)-1; - break; - } - if (pTemplate[i].type == obj->attrs[j].attribute.type) { - if (pTemplate[i].pValue != NULL_PTR && obj->attrs[j].secret == 0) { - if (pTemplate[i].ulValueLen >= obj->attrs[j].attribute.ulValueLen) - memcpy(pTemplate[i].pValue, obj->attrs[j].attribute.pValue, - obj->attrs[j].attribute.ulValueLen); - } - pTemplate[i].ulValueLen = obj->attrs[j].attribute.ulValueLen; - break; - } - } - if (j == obj->num_attributes) { - st_logf("key type: 0x%08lx not found\n", (unsigned long)pTemplate[i].type); - pTemplate[i].ulValueLen = (CK_ULONG)-1; - } - - } - return CKR_OK; -} - -CK_RV -C_FindObjectsInit(CK_SESSION_HANDLE hSession, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulCount) -{ - struct session_state *state; - - st_logf("FindObjectsInit\n"); - - INIT_CONTEXT(); - - VERIFY_SESSION_HANDLE(hSession, &state); - - if (state->find.next_object != -1) { - application_error("application didn't do C_FindObjectsFinal\n"); - find_object_final(state); - } - if (ulCount) { - CK_ULONG i; - - print_attributes(pTemplate, ulCount); - - state->find.attributes = - calloc(1, ulCount * sizeof(state->find.attributes[0])); - if (state->find.attributes == NULL) - return CKR_DEVICE_MEMORY; - for (i = 0; i < ulCount; i++) { - state->find.attributes[i].pValue = - malloc(pTemplate[i].ulValueLen); - if (state->find.attributes[i].pValue == NULL) { - find_object_final(state); - return CKR_DEVICE_MEMORY; - } - memcpy(state->find.attributes[i].pValue, - pTemplate[i].pValue, pTemplate[i].ulValueLen); - state->find.attributes[i].type = pTemplate[i].type; - state->find.attributes[i].ulValueLen = pTemplate[i].ulValueLen; - } - state->find.num_attributes = ulCount; - state->find.next_object = 0; - } else { - st_logf("find all objects\n"); - state->find.attributes = NULL; - state->find.num_attributes = 0; - state->find.next_object = 0; - } - - return CKR_OK; -} - -CK_RV -C_FindObjects(CK_SESSION_HANDLE hSession, - CK_OBJECT_HANDLE_PTR phObject, - CK_ULONG ulMaxObjectCount, - CK_ULONG_PTR pulObjectCount) -{ - struct session_state *state; - int i; - - INIT_CONTEXT(); - - st_logf("FindObjects\n"); - - VERIFY_SESSION_HANDLE(hSession, &state); - - if (state->find.next_object == -1) { - application_error("application didn't do C_FindObjectsInit\n"); - return CKR_ARGUMENTS_BAD; - } - if (ulMaxObjectCount == 0) { - application_error("application asked for 0 objects\n"); - return CKR_ARGUMENTS_BAD; - } - *pulObjectCount = 0; - for (i = state->find.next_object; i < soft_token.object.num_objs; i++) { - st_logf("FindObjects: %d\n", i); - state->find.next_object = i + 1; - if (attributes_match(soft_token.object.objs[i], - state->find.attributes, - state->find.num_attributes)) { - *phObject++ = soft_token.object.objs[i]->object_handle; - ulMaxObjectCount--; - (*pulObjectCount)++; - if (ulMaxObjectCount == 0) - break; - } - } - return CKR_OK; -} - -CK_RV -C_FindObjectsFinal(CK_SESSION_HANDLE hSession) -{ - struct session_state *state; - - INIT_CONTEXT(); - - st_logf("FindObjectsFinal\n"); - VERIFY_SESSION_HANDLE(hSession, &state); - find_object_final(state); - return CKR_OK; -} - -static CK_RV -commonInit(CK_ATTRIBUTE *attr_match, int attr_match_len, - const CK_MECHANISM_TYPE *mechs, int mechs_len, - const CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey, - struct st_object **o) -{ - CK_RV ret; - int i; - - *o = NULL; - if ((ret = object_handle_to_object(hKey, o)) != CKR_OK) - return ret; - - ret = attributes_match(*o, attr_match, attr_match_len); - if (!ret) { - application_error("called commonInit on key that doesn't " - "support required attr"); - return CKR_ARGUMENTS_BAD; - } - - for (i = 0; i < mechs_len; i++) - if (mechs[i] == pMechanism->mechanism) - break; - if (i == mechs_len) { - application_error("called mech (%08lx) not supported\n", - pMechanism->mechanism); - return CKR_ARGUMENTS_BAD; - } - return CKR_OK; -} - - -static CK_RV -dup_mechanism(CK_MECHANISM_PTR *dup, const CK_MECHANISM_PTR pMechanism) -{ - CK_MECHANISM_PTR p; - - p = malloc(sizeof(*p)); - if (p == NULL) - return CKR_DEVICE_MEMORY; - - if (*dup) - free(*dup); - *dup = p; - memcpy(p, pMechanism, sizeof(*p)); - - return CKR_OK; -} - -CK_RV -C_DigestInit(CK_SESSION_HANDLE hSession, - CK_MECHANISM_PTR pMechanism) -{ - st_logf("DigestInit\n"); - INIT_CONTEXT(); - VERIFY_SESSION_HANDLE(hSession, NULL); - return CKR_FUNCTION_NOT_SUPPORTED; -} - -CK_RV -C_SignInit(CK_SESSION_HANDLE hSession, - CK_MECHANISM_PTR pMechanism, - CK_OBJECT_HANDLE hKey) -{ - struct session_state *state; - CK_MECHANISM_TYPE mechs[] = { CKM_RSA_PKCS }; - CK_BBOOL bool_true = CK_TRUE; - CK_ATTRIBUTE attr[] = { - { CKA_SIGN, &bool_true, sizeof(bool_true) } - }; - struct st_object *o; - CK_RV ret; - - INIT_CONTEXT(); - st_logf("SignInit\n"); - VERIFY_SESSION_HANDLE(hSession, &state); - - ret = commonInit(attr, sizeof(attr)/sizeof(attr[0]), - mechs, sizeof(mechs)/sizeof(mechs[0]), - pMechanism, hKey, &o); - if (ret) - return ret; - - ret = dup_mechanism(&state->sign_mechanism, pMechanism); - if (ret == CKR_OK) - state->sign_object = OBJECT_ID(o); - - return CKR_OK; -} - -CK_RV -C_Sign(CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pData, - CK_ULONG ulDataLen, - CK_BYTE_PTR pSignature, - CK_ULONG_PTR pulSignatureLen) -{ - struct session_state *state; - struct st_object *o; - CK_RV ret; - uint hret; - const AlgorithmIdentifier *alg; - heim_octet_string sig, data; - - INIT_CONTEXT(); - st_logf("Sign\n"); - VERIFY_SESSION_HANDLE(hSession, &state); - - sig.data = NULL; - sig.length = 0; - - if (state->sign_object == -1) - return CKR_ARGUMENTS_BAD; - - if (pulSignatureLen == NULL) { - st_logf("signature len NULL\n"); - ret = CKR_ARGUMENTS_BAD; - goto out; - } - - if (pData == NULL_PTR) { - st_logf("data NULL\n"); - ret = CKR_ARGUMENTS_BAD; - goto out; - } - - o = soft_token.object.objs[state->sign_object]; - - if (hx509_cert_have_private_key(o->cert) == 0) { - st_logf("private key NULL\n"); - return CKR_ARGUMENTS_BAD; - } - - switch(state->sign_mechanism->mechanism) { - case CKM_RSA_PKCS: - alg = hx509_signature_rsa_pkcs1_x509(); - break; - default: - ret = CKR_FUNCTION_NOT_SUPPORTED; - goto out; - } - - data.data = pData; - data.length = ulDataLen; - - hret = _hx509_create_signature(context, - _hx509_cert_private_key(o->cert), - alg, - &data, - NULL, - &sig); - if (hret) { - ret = CKR_DEVICE_ERROR; - goto out; - } - *pulSignatureLen = sig.length; - - if (pSignature != NULL_PTR) - memcpy(pSignature, sig.data, sig.length); - - ret = CKR_OK; - out: - if (sig.data) { - memset(sig.data, 0, sig.length); - der_free_octet_string(&sig); - } - return ret; -} - -CK_RV -C_SignUpdate(CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pPart, - CK_ULONG ulPartLen) -{ - INIT_CONTEXT(); - st_logf("SignUpdate\n"); - VERIFY_SESSION_HANDLE(hSession, NULL); - return CKR_FUNCTION_NOT_SUPPORTED; -} - - -CK_RV -C_SignFinal(CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pSignature, - CK_ULONG_PTR pulSignatureLen) -{ - INIT_CONTEXT(); - st_logf("SignUpdate\n"); - VERIFY_SESSION_HANDLE(hSession, NULL); - return CKR_FUNCTION_NOT_SUPPORTED; -} - -CK_RV -C_VerifyInit(CK_SESSION_HANDLE hSession, - CK_MECHANISM_PTR pMechanism, - CK_OBJECT_HANDLE hKey) -{ - struct session_state *state; - CK_MECHANISM_TYPE mechs[] = { CKM_RSA_PKCS }; - CK_BBOOL bool_true = CK_TRUE; - CK_ATTRIBUTE attr[] = { - { CKA_VERIFY, &bool_true, sizeof(bool_true) } - }; - struct st_object *o; - CK_RV ret; - - INIT_CONTEXT(); - st_logf("VerifyInit\n"); - VERIFY_SESSION_HANDLE(hSession, &state); - - ret = commonInit(attr, sizeof(attr)/sizeof(attr[0]), - mechs, sizeof(mechs)/sizeof(mechs[0]), - pMechanism, hKey, &o); - if (ret) - return ret; - - ret = dup_mechanism(&state->verify_mechanism, pMechanism); - if (ret == CKR_OK) - state->verify_object = OBJECT_ID(o); - - return ret; -} - -CK_RV -C_Verify(CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pData, - CK_ULONG ulDataLen, - CK_BYTE_PTR pSignature, - CK_ULONG ulSignatureLen) -{ - struct session_state *state; - struct st_object *o; - const AlgorithmIdentifier *alg; - CK_RV ret; - int hret; - heim_octet_string data, sig; - - INIT_CONTEXT(); - st_logf("Verify\n"); - VERIFY_SESSION_HANDLE(hSession, &state); - - if (state->verify_object == -1) - return CKR_ARGUMENTS_BAD; - - o = soft_token.object.objs[state->verify_object]; - - switch(state->verify_mechanism->mechanism) { - case CKM_RSA_PKCS: - alg = hx509_signature_rsa_pkcs1_x509(); - break; - default: - ret = CKR_FUNCTION_NOT_SUPPORTED; - goto out; - } - - sig.data = pData; - sig.length = ulDataLen; - data.data = pSignature; - data.length = ulSignatureLen; - - hret = _hx509_verify_signature(context, - _hx509_get_cert(o->cert), - alg, - &data, - &sig); - if (hret) { - ret = CKR_GENERAL_ERROR; - goto out; - } - ret = CKR_OK; - - out: - return ret; -} - - -CK_RV -C_VerifyUpdate(CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pPart, - CK_ULONG ulPartLen) -{ - INIT_CONTEXT(); - st_logf("VerifyUpdate\n"); - VERIFY_SESSION_HANDLE(hSession, NULL); - return CKR_FUNCTION_NOT_SUPPORTED; -} - -CK_RV -C_VerifyFinal(CK_SESSION_HANDLE hSession, - CK_BYTE_PTR pSignature, - CK_ULONG ulSignatureLen) -{ - INIT_CONTEXT(); - st_logf("VerifyFinal\n"); - VERIFY_SESSION_HANDLE(hSession, NULL); - return CKR_FUNCTION_NOT_SUPPORTED; -} - -CK_RV -C_GenerateRandom(CK_SESSION_HANDLE hSession, - CK_BYTE_PTR RandomData, - CK_ULONG ulRandomLen) -{ - INIT_CONTEXT(); - st_logf("GenerateRandom\n"); - VERIFY_SESSION_HANDLE(hSession, NULL); - return CKR_FUNCTION_NOT_SUPPORTED; -} - - -CK_FUNCTION_LIST funcs = { - { 2, 11 }, - C_Initialize, - C_Finalize, - C_GetInfo, - C_GetFunctionList, - C_GetSlotList, - C_GetSlotInfo, - C_GetTokenInfo, - C_GetMechanismList, - C_GetMechanismInfo, - C_InitToken, - (void *)func_not_supported, /* C_InitPIN */ - (void *)func_not_supported, /* C_SetPIN */ - C_OpenSession, - C_CloseSession, - C_CloseAllSessions, - C_GetSessionInfo, - (void *)func_not_supported, /* C_GetOperationState */ - (void *)func_not_supported, /* C_SetOperationState */ - C_Login, - C_Logout, - (void *)func_not_supported, /* C_CreateObject */ - (void *)func_not_supported, /* C_CopyObject */ - (void *)func_not_supported, /* C_DestroyObject */ - (void *)func_not_supported, /* C_GetObjectSize */ - C_GetAttributeValue, - (void *)func_not_supported, /* C_SetAttributeValue */ - C_FindObjectsInit, - C_FindObjects, - C_FindObjectsFinal, - (void *)func_not_supported, /* C_EncryptInit, */ - (void *)func_not_supported, /* C_Encrypt, */ - (void *)func_not_supported, /* C_EncryptUpdate, */ - (void *)func_not_supported, /* C_EncryptFinal, */ - (void *)func_not_supported, /* C_DecryptInit, */ - (void *)func_not_supported, /* C_Decrypt, */ - (void *)func_not_supported, /* C_DecryptUpdate, */ - (void *)func_not_supported, /* C_DecryptFinal, */ - C_DigestInit, - (void *)func_not_supported, /* C_Digest */ - (void *)func_not_supported, /* C_DigestUpdate */ - (void *)func_not_supported, /* C_DigestKey */ - (void *)func_not_supported, /* C_DigestFinal */ - C_SignInit, - C_Sign, - C_SignUpdate, - C_SignFinal, - (void *)func_not_supported, /* C_SignRecoverInit */ - (void *)func_not_supported, /* C_SignRecover */ - C_VerifyInit, - C_Verify, - C_VerifyUpdate, - C_VerifyFinal, - (void *)func_not_supported, /* C_VerifyRecoverInit */ - (void *)func_not_supported, /* C_VerifyRecover */ - (void *)func_not_supported, /* C_DigestEncryptUpdate */ - (void *)func_not_supported, /* C_DecryptDigestUpdate */ - (void *)func_not_supported, /* C_SignEncryptUpdate */ - (void *)func_not_supported, /* C_DecryptVerifyUpdate */ - (void *)func_not_supported, /* C_GenerateKey */ - (void *)func_not_supported, /* C_GenerateKeyPair */ - (void *)func_not_supported, /* C_WrapKey */ - (void *)func_not_supported, /* C_UnwrapKey */ - (void *)func_not_supported, /* C_DeriveKey */ - (void *)func_not_supported, /* C_SeedRandom */ - C_GenerateRandom, - (void *)func_not_supported, /* C_GetFunctionStatus */ - (void *)func_not_supported, /* C_CancelFunction */ - (void *)func_not_supported /* C_WaitForSlotEvent */ -}; diff --git a/crypto/heimdal/lib/hx509/test_ca.in b/crypto/heimdal/lib/hx509/test_ca.in deleted file mode 100644 index 5cc124d3bc7b..000000000000 --- a/crypto/heimdal/lib/hx509/test_ca.in +++ /dev/null @@ -1,424 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: test_ca.in 21345 2007-06-26 14:22:57Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" - -stat="--statistic-file=${objdir}/statfile" - -hxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}" - -if ${hxtool} info | grep 'rsa: hcrypto null RSA' > /dev/null ; then - exit 77 -fi -if ${hxtool} info | grep 'rand: not available' > /dev/null ; then - exit 77 -fi - -echo "create certificate request" -${hxtool} request-create \ - --subject="CN=Love,DC=it,DC=su,DC=se" \ - --key=FILE:$srcdir/data/key.der \ - pkcs10-request.der || exit 1 - -echo "issue certificate" -${hxtool} issue-certificate \ - --ca-certificate=FILE:$srcdir/data/ca.crt,$srcdir/data/ca.key \ - --subject="cn=foo" \ - --req="PKCS10:pkcs10-request.der" \ - --certificate="FILE:cert-ee.pem" || exit 1 - -echo "verify certificate" -${hxtool} verify --missing-revoke \ - cert:FILE:cert-ee.pem \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null || exit 1 - -echo "issue crl (no cert)" -${hxtool} crl-sign \ - --crl-file=crl.crl \ - --signer=FILE:$srcdir/data/ca.crt,$srcdir/data/ca.key || exit 1 - -echo "verify certificate (with CRL)" -${hxtool} verify \ - cert:FILE:cert-ee.pem \ - crl:FILE:crl.crl \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null || exit 1 - -echo "issue crl (with cert)" -${hxtool} crl-sign \ - --crl-file=crl.crl \ - --signer=FILE:$srcdir/data/ca.crt,$srcdir/data/ca.key \ - FILE:cert-ee.pem || exit 1 - -echo "verify certificate (included in CRL)" -${hxtool} verify \ - cert:FILE:cert-ee.pem \ - crl:FILE:crl.crl \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null && exit 1 - -echo "issue crl (with cert)" -${hxtool} crl-sign \ - --crl-file=crl.crl \ - --lifetime='1 month' \ - --signer=FILE:$srcdir/data/ca.crt,$srcdir/data/ca.key \ - FILE:cert-ee.pem || exit 1 - -echo "verify certificate (included in CRL, and lifetime 1 month)" -${hxtool} verify \ - cert:FILE:cert-ee.pem \ - crl:FILE:crl.crl \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null && exit 1 - -echo "issue certificate (10years 1 month)" -${hxtool} issue-certificate \ - --ca-certificate=FILE:$srcdir/data/ca.crt,$srcdir/data/ca.key \ - --subject="cn=foo" \ - --lifetime="10years 1 month" \ - --req="PKCS10:pkcs10-request.der" \ - --certificate="FILE:cert-ee.pem" || exit 1 - -echo "issue certificate (with https ekus)" -${hxtool} issue-certificate \ - --ca-certificate=FILE:$srcdir/data/ca.crt,$srcdir/data/ca.key \ - --subject="cn=foo" \ - --type="https-server" \ - --type="https-client" \ - --req="PKCS10:pkcs10-request.der" \ - --certificate="FILE:cert-ee.pem" || exit 1 - -echo "issue certificate (pkinit KDC)" -${hxtool} issue-certificate \ - --ca-certificate=FILE:$srcdir/data/ca.crt,$srcdir/data/ca.key \ - --subject="cn=foo" \ - --type="pkinit-kdc" \ - --pk-init-principal="krbtgt/TEST.H5L.SE@TEST.H5L.SE" \ - --req="PKCS10:pkcs10-request.der" \ - --certificate="FILE:cert-ee.pem" || exit 1 - -echo "issue certificate (pkinit client)" -${hxtool} issue-certificate \ - --ca-certificate=FILE:$srcdir/data/ca.crt,$srcdir/data/ca.key \ - --subject="cn=foo" \ - --type="pkinit-client" \ - --pk-init-principal="lha@TEST.H5L.SE" \ - --req="PKCS10:pkcs10-request.der" \ - --certificate="FILE:cert-ee.pem" || exit 1 - -echo "issue certificate (hostnames)" -${hxtool} issue-certificate \ - --ca-certificate=FILE:$srcdir/data/ca.crt,$srcdir/data/ca.key \ - --subject="cn=foo" \ - --type="https-server" \ - --hostname="www.test.h5l.se" \ - --hostname="ftp.test.h5l.se" \ - --req="PKCS10:pkcs10-request.der" \ - --certificate="FILE:cert-ee.pem" || exit 1 - -echo "verify certificate hostname (ok)" -${hxtool} verify --missing-revoke \ - --hostname=www.test.h5l.se \ - cert:FILE:cert-ee.pem \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null || exit 1 - -echo "verify certificate hostname (fail)" -${hxtool} verify --missing-revoke \ - --hostname=www2.test.h5l.se \ - cert:FILE:cert-ee.pem \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null && exit 1 - -echo "verify certificate hostname (fail)" -${hxtool} verify --missing-revoke \ - --hostname=2www.test.h5l.se \ - cert:FILE:cert-ee.pem \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null && exit 1 - -echo "issue certificate (hostname in CN)" -${hxtool} issue-certificate \ - --ca-certificate=FILE:$srcdir/data/ca.crt,$srcdir/data/ca.key \ - --subject="cn=www.test.h5l.se" \ - --type="https-server" \ - --req="PKCS10:pkcs10-request.der" \ - --certificate="FILE:cert-ee.pem" || exit 1 - -echo "verify certificate hostname (ok)" -${hxtool} verify --missing-revoke \ - --hostname=www.test.h5l.se \ - cert:FILE:cert-ee.pem \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null || exit 1 - -echo "verify certificate hostname (fail)" -${hxtool} verify --missing-revoke \ - --hostname=www2.test.h5l.se \ - cert:FILE:cert-ee.pem \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null && exit 1 - -echo "issue certificate (email)" -${hxtool} issue-certificate \ - --ca-certificate=FILE:$srcdir/data/ca.crt,$srcdir/data/ca.key \ - --subject="cn=foo" \ - --email="lha@test.h5l.se" \ - --email="test@test.h5l.se" \ - --req="PKCS10:pkcs10-request.der" \ - --certificate="FILE:cert-ee.pem" || exit 1 - -echo "issue certificate (email, null subject DN)" -${hxtool} issue-certificate \ - --ca-certificate=FILE:$srcdir/data/ca.crt,$srcdir/data/ca.key \ - --subject="" \ - --email="lha@test.h5l.se" \ - --req="PKCS10:pkcs10-request.der" \ - --certificate="FILE:cert-null.pem" || exit 1 - -echo "issue certificate (jabber)" -${hxtool} issue-certificate \ - --ca-certificate=FILE:$srcdir/data/ca.crt,$srcdir/data/ca.key \ - --subject="cn=foo" \ - --jid="lha@test.h5l.se" \ - --req="PKCS10:pkcs10-request.der" \ - --certificate="FILE:cert-ee.pem" || exit 1 - -echo "issue self-signed cert" -${hxtool} issue-certificate \ - --self-signed \ - --ca-private-key=FILE:$srcdir/data/key.der \ - --subject="cn=test" \ - --certificate="FILE:cert-ee.pem" || exit 1 - -echo "issue ca cert" -${hxtool} issue-certificate \ - --ca-certificate=FILE:$srcdir/data/ca.crt,$srcdir/data/ca.key \ - --issue-ca \ - --subject="cn=ca-cert" \ - --req="PKCS10:pkcs10-request.der" \ - --certificate="FILE:cert-ca.der" || exit 1 - -echo "issue self-signed ca cert" -${hxtool} issue-certificate \ - --self-signed \ - --issue-ca \ - --ca-private-key=FILE:$srcdir/data/key.der \ - --subject="cn=ca-root" \ - --certificate="FILE:cert-ca.der" || exit 1 - -echo "issue proxy certificate" -${hxtool} issue-certificate \ - --ca-certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ - --issue-proxy \ - --req="PKCS10:pkcs10-request.der" \ - --certificate="FILE:cert-proxy.der" || exit 1 - -echo "verify proxy cert" -${hxtool} verify --missing-revoke \ - --allow-proxy-certificate \ - cert:FILE:cert-proxy.der \ - chain:FILE:$srcdir/data/test.crt \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null || exit 1 - -echo "issue ca cert (generate rsa key)" -${hxtool} issue-certificate \ - --self-signed \ - --issue-ca \ - --serial-number="deadbeaf" \ - --generate-key=rsa \ - --path-length=-1 \ - --subject="cn=ca2-cert" \ - --certificate="FILE:cert-ca.pem" || exit 1 - -echo "issue sub-ca cert (generate rsa key)" -${hxtool} issue-certificate \ - --ca-certificate=FILE:cert-ca.pem \ - --issue-ca \ - --serial-number="deadbeaf22" \ - --generate-key=rsa \ - --subject="cn=sub-ca2-cert" \ - --certificate="FILE:cert-sub-ca.pem" || exit 1 - -echo "issue ee cert (generate rsa key)" -${hxtool} issue-certificate \ - --ca-certificate=FILE:cert-ca.pem \ - --generate-key=rsa \ - --subject="cn=cert-ee2" \ - --certificate="FILE:cert-ee.pem" || exit 1 - -echo "issue sub-ca ee cert (generate rsa key)" -${hxtool} issue-certificate \ - --ca-certificate=FILE:cert-sub-ca.pem \ - --generate-key=rsa \ - --subject="cn=cert-sub-ee2" \ - --certificate="FILE:cert-sub-ee.pem" || exit 1 - -echo "verify certificate (ee)" -${hxtool} verify --missing-revoke \ - cert:FILE:cert-ee.pem \ - anchor:FILE:cert-ca.pem > /dev/null || exit 1 - -echo "verify certificate (sub-ee)" -${hxtool} verify --missing-revoke \ - cert:FILE:cert-sub-ee.pem \ - chain:FILE:cert-sub-ca.pem \ - anchor:FILE:cert-ca.pem || exit 1 - -echo "sign CMS signature (generate key)" -${hxtool} cms-create-sd \ - --certificate=FILE:cert-ee.pem \ - "$srcdir/test_name.c" \ - sd.data > /dev/null || exit 1 - -echo "verify CMS signature (generate key)" -${hxtool} cms-verify-sd \ - --missing-revoke \ - --anchors=FILE:cert-ca.pem \ - sd.data sd.data.out > /dev/null || exit 1 -cmp "$srcdir/test_name.c" sd.data.out || exit 1 - -echo "extend ca cert" -${hxtool} issue-certificate \ - --self-signed \ - --issue-ca \ - --lifetime="2years" \ - --serial-number="deadbeaf" \ - --ca-private-key=FILE:cert-ca.pem \ - --subject="cn=ca2-cert" \ - --certificate="FILE:cert-ca.pem" || exit 1 - -echo "verify certificate generated by previous ca" -${hxtool} verify --missing-revoke \ - cert:FILE:cert-ee.pem \ - anchor:FILE:cert-ca.pem > /dev/null || exit 1 - -echo "extend ca cert (template)" -${hxtool} issue-certificate \ - --self-signed \ - --issue-ca \ - --lifetime="3years" \ - --template-certificate="FILE:cert-ca.pem" \ - --template-fields="serialNumber,notBefore,subject" \ - --path-length=-1 \ - --ca-private-key=FILE:cert-ca.pem \ - --certificate="FILE:cert-ca.pem" || exit 1 - -echo "verify certificate generated by previous ca" -${hxtool} verify --missing-revoke \ - cert:FILE:cert-ee.pem \ - anchor:FILE:cert-ca.pem > /dev/null || exit 1 - -echo "extend sub-ca cert (template)" -${hxtool} issue-certificate \ - --ca-certificate=FILE:cert-ca.pem \ - --issue-ca \ - --lifetime="2years" \ - --template-certificate="FILE:cert-sub-ca.pem" \ - --template-fields="serialNumber,notBefore,subject,SPKI" \ - --certificate="FILE:cert-sub-ca2.pem" || exit 1 - -echo "verify certificate (sub-ee) with extended chain" -${hxtool} verify --missing-revoke \ - cert:FILE:cert-sub-ee.pem \ - chain:FILE:cert-sub-ca.pem \ - anchor:FILE:cert-ca.pem > /dev/null || exit 1 - -echo "+++++++++++ test basic constraints" - -echo "extend ca cert (too low path-length constraint)" -${hxtool} issue-certificate \ - --self-signed \ - --issue-ca \ - --lifetime="3years" \ - --template-certificate="FILE:cert-ca.pem" \ - --template-fields="serialNumber,notBefore,subject" \ - --path-length=0 \ - --ca-private-key=FILE:cert-ca.pem \ - --certificate="FILE:cert-ca.pem" || exit 1 - -echo "verify failure of certificate (sub-ee) with path-length constraint" -${hxtool} verify --missing-revoke \ - cert:FILE:cert-sub-ee.pem \ - chain:FILE:cert-sub-ca.pem \ - anchor:FILE:cert-ca.pem > /dev/null && exit 1 - -echo "extend ca cert (exact path-length constraint)" -${hxtool} issue-certificate \ - --self-signed \ - --issue-ca \ - --lifetime="3years" \ - --template-certificate="FILE:cert-ca.pem" \ - --template-fields="serialNumber,notBefore,subject" \ - --path-length=1 \ - --ca-private-key=FILE:cert-ca.pem \ - --certificate="FILE:cert-ca.pem" || exit 1 - -echo "verify certificate (sub-ee) with exact path-length constraint" -${hxtool} verify --missing-revoke \ - cert:FILE:cert-sub-ee.pem \ - chain:FILE:cert-sub-ca.pem \ - anchor:FILE:cert-ca.pem > /dev/null || exit 1 - -echo "Check missing basicConstrants.isCa" -${hxtool} issue-certificate \ - --ca-certificate=FILE:cert-ca.pem \ - --lifetime="2years" \ - --template-certificate="FILE:cert-sub-ca.pem" \ - --template-fields="serialNumber,notBefore,subject,SPKI" \ - --certificate="FILE:cert-sub-ca2.pem" || exit 1 - -echo "verify failure certificate (sub-ee) with missing isCA" -${hxtool} verify --missing-revoke \ - cert:FILE:cert-sub-ee.pem \ - chain:FILE:cert-sub-ca2.pem \ - anchor:FILE:cert-ca.pem > /dev/null && exit 1 - -echo "issue ee cert (crl uri)" -${hxtool} issue-certificate \ - --ca-certificate=FILE:cert-ca.pem \ - --req="PKCS10:pkcs10-request.der" \ - --crl-uri="http://www.test.h5l.se/crl1.crl" \ - --subject="cn=cert-ee-crl-uri" \ - --certificate="FILE:cert-ee.pem" || exit 1 - -echo "issue null subject cert" -${hxtool} issue-certificate \ - --ca-certificate=FILE:cert-ca.pem \ - --req="PKCS10:pkcs10-request.der" \ - --subject="" \ - --email="lha@test.h5l.se" \ - --certificate="FILE:cert-ee.pem" || exit 1 - -echo "verify certificate null subject" -${hxtool} verify --missing-revoke \ - cert:FILE:cert-ee.pem \ - anchor:FILE:cert-ca.pem > /dev/null || exit 1 - -exit 0 diff --git a/crypto/heimdal/lib/hx509/test_cert.in b/crypto/heimdal/lib/hx509/test_cert.in deleted file mode 100644 index ed04bfac3b73..000000000000 --- a/crypto/heimdal/lib/hx509/test_cert.in +++ /dev/null @@ -1,69 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: test_chain.in 20809 2007-06-03 03:19:06Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" - -hxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}" -if ${hxtool} info | grep 'rsa: hcrypto null RSA' > /dev/null ; then - exit 77 -fi -if ${hxtool} info | grep 'rand: not available' > /dev/null ; then - exit 77 -fi - -echo "print DIR" -${hxtool} print --content DIR:$srcdir/data > /dev/null || exit 1 - -echo "print FILE" -for a in $srcdir/data/*.crt; do - ${hxtool} print --content FILE:"$a" > /dev/null 2>/dev/null -done - -echo "print NULL" -${hxtool} print --content NULL: > /dev/null || exit 1 - -echo "copy dance" -${hxtool} certificate-copy \ - FILE:${srcdir}/data/test.crt PEM-FILE:cert-pem.tmp || exit 1 - -${hxtool} certificate-copy PEM-FILE:cert-pem.tmp DER-FILE:cert-der.tmp || exit 1 -${hxtool} certificate-copy DER-FILE:cert-der.tmp PEM-FILE:cert-pem2.tmp || exit 1 - -cmp cert-pem.tmp cert-pem2.tmp || exit 1 - - -exit 0 diff --git a/crypto/heimdal/lib/hx509/test_chain.in b/crypto/heimdal/lib/hx509/test_chain.in deleted file mode 100644 index a99ae5e4cb54..000000000000 --- a/crypto/heimdal/lib/hx509/test_chain.in +++ /dev/null @@ -1,242 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2004 - 2006 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: test_chain.in 21278 2007-06-25 04:54:43Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" - -stat="--statistic-file=${objdir}/statfile" - -hxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}" -if ${hxtool} info | grep 'rsa: hcrypto null RSA' > /dev/null ; then - exit 77 -fi -if ${hxtool} info | grep 'rand: not available' > /dev/null ; then - exit 77 -fi - -echo "cert -> root" -${hxtool} verify --missing-revoke \ - cert:FILE:$srcdir/data/test.crt \ - chain:FILE:$srcdir/data/test.crt \ - chain:FILE:$srcdir/data/ca.crt \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null || exit 1 - -echo "cert -> root" -${hxtool} verify --missing-revoke \ - cert:FILE:$srcdir/data/test.crt \ - chain:FILE:$srcdir/data/ca.crt \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null || exit 1 - -echo "cert -> root" -${hxtool} verify --missing-revoke \ - cert:FILE:$srcdir/data/test.crt \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null || exit 1 - -echo "sub-cert -> root" -${hxtool} verify --missing-revoke \ - cert:FILE:$srcdir/data/sub-cert.crt \ - chain:FILE:$srcdir/data/ca.crt \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null && exit 1 - -echo "sub-cert -> sub-ca -> root" -${hxtool} verify --missing-revoke \ - cert:FILE:$srcdir/data/sub-cert.crt \ - chain:FILE:$srcdir/data/sub-ca.crt \ - chain:FILE:$srcdir/data/ca.crt \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null || exit 1 - -echo "sub-cert -> sub-ca" -${hxtool} verify --missing-revoke \ - cert:FILE:$srcdir/data/sub-cert.crt \ - anchor:FILE:$srcdir/data/sub-ca.crt > /dev/null || exit 1 - -echo "sub-cert -> sub-ca -> root" -${hxtool} verify --missing-revoke \ - cert:FILE:$srcdir/data/sub-cert.crt \ - chain:FILE:$srcdir/data/sub-ca.crt \ - chain:FILE:$srcdir/data/ca.crt \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null || exit 1 - -echo "sub-cert -> sub-ca -> root" -${hxtool} verify --missing-revoke \ - cert:FILE:$srcdir/data/sub-cert.crt \ - chain:FILE:$srcdir/data/ca.crt \ - chain:FILE:$srcdir/data/sub-ca.crt \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null || exit 1 - -echo "sub-cert -> sub-ca -> root" -${hxtool} verify --missing-revoke \ - cert:FILE:$srcdir/data/sub-cert.crt \ - chain:FILE:$srcdir/data/sub-ca.crt \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null || exit 1 - -echo "max depth 2 (ok)" -${hxtool} verify --missing-revoke \ - --max-depth=2 \ - cert:FILE:$srcdir/data/sub-cert.crt \ - chain:FILE:$srcdir/data/sub-ca.crt \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null && exit 1 - -echo "max depth 1 (fail)" -${hxtool} verify --missing-revoke \ - --max-depth=1 \ - cert:FILE:$srcdir/data/sub-cert.crt \ - chain:FILE:$srcdir/data/sub-ca.crt \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null && exit 1 - -echo "ocsp non-ca responder" -${hxtool} verify \ - cert:FILE:$srcdir/data/test.crt \ - anchor:FILE:$srcdir/data/ca.crt \ - ocsp:FILE:$srcdir/data/ocsp-resp1-ocsp.der > /dev/null || exit 1 - -echo "ocsp ca responder" -${hxtool} verify \ - cert:FILE:$srcdir/data/test.crt \ - anchor:FILE:$srcdir/data/ca.crt \ - ocsp:FILE:$srcdir/data/ocsp-resp1-ca.der > /dev/null || exit 1 - -echo "ocsp no-ca responder, missing cert" -${hxtool} verify \ - cert:FILE:$srcdir/data/test.crt \ - anchor:FILE:$srcdir/data/ca.crt \ - ocsp:FILE:$srcdir/data/ocsp-resp1-ocsp-no-cert.der > /dev/null && exit 1 - -echo "ocsp no-ca responder, missing cert, in pool" -${hxtool} verify \ - cert:FILE:$srcdir/data/test.crt \ - anchor:FILE:$srcdir/data/ca.crt \ - ocsp:FILE:$srcdir/data/ocsp-resp1-ocsp-no-cert.der \ - chain:FILE:$srcdir/data/ocsp-responder.crt > /dev/null || exit 1 - -echo "ocsp no-ca responder, keyHash" -${hxtool} verify \ - cert:FILE:$srcdir/data/test.crt \ - anchor:FILE:$srcdir/data/ca.crt \ - ocsp:FILE:$srcdir/data/ocsp-resp1-keyhash.der > /dev/null || exit 1 - -echo "ocsp revoked cert" -${hxtool} verify \ - cert:FILE:$srcdir/data/revoke.crt \ - anchor:FILE:$srcdir/data/ca.crt \ - ocsp:FILE:$srcdir/data/ocsp-resp2.der > /dev/null && exit 1 - -for a in resp1-ocsp-no-cert resp1-ca resp1-keyhash resp2 ; do - echo "ocsp print reply $a" - ${hxtool} ocsp-print \ - $srcdir/data/ocsp-${a}.der > /dev/null || exit 1 -done - -echo "ocsp verify exists" -${hxtool} ocsp-verify \ - --ocsp-file=$srcdir/data/ocsp-resp1-ca.der \ - FILE:$srcdir/data/test.crt > /dev/null || exit 1 - -echo "ocsp verify not exists" -${hxtool} ocsp-verify \ - --ocsp-file=$srcdir/data/ocsp-resp1.der \ - FILE:$srcdir/data/ca.crt > /dev/null && exit 1 - -echo "ocsp verify revoked" -${hxtool} ocsp-verify \ - --ocsp-file=$srcdir/data/ocsp-resp2.der \ - FILE:$srcdir/data/revoke.crt > /dev/null && exit 1 - -echo "crl non-revoked cert" -${hxtool} verify \ - cert:FILE:$srcdir/data/test.crt \ - anchor:FILE:$srcdir/data/ca.crt \ - crl:FILE:$srcdir/data/crl1.der > /dev/null || exit 1 - -echo "crl revoked cert" -${hxtool} verify \ - cert:FILE:$srcdir/data/revoke.crt \ - anchor:FILE:$srcdir/data/ca.crt \ - crl:FILE:$srcdir/data/crl1.der > /dev/null && exit 1 - -echo "proxy cert" -${hxtool} verify --missing-revoke \ - --allow-proxy-certificate \ - cert:FILE:$srcdir/data/proxy-test.crt \ - chain:FILE:$srcdir/data/test.crt \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null || exit 1 - -echo "proxy cert (negative)" -${hxtool} verify --missing-revoke \ - cert:FILE:$srcdir/data/proxy-test.crt \ - chain:FILE:$srcdir/data/test.crt \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null && exit 1 - -echo "proxy cert (level fail)" -${hxtool} verify --missing-revoke \ - --allow-proxy-certificate \ - cert:FILE:$srcdir/data/proxy-level-test.crt \ - chain:FILE:$srcdir/data/proxy-test.crt \ - chain:FILE:$srcdir/data/test.crt \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null && exit 1 - -echo "not a proxy cert" -${hxtool} verify --missing-revoke \ - --allow-proxy-certificate \ - cert:FILE:$srcdir/data/no-proxy-test.crt \ - chain:FILE:$srcdir/data/test.crt \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null && exit 1 - -echo "proxy cert (max level 10)" -${hxtool} verify --missing-revoke \ - --allow-proxy-certificate \ - cert:FILE:$srcdir/data/proxy10-test.crt \ - chain:FILE:$srcdir/data/test.crt \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null || exit 1 - -echo "proxy cert (second level)" -${hxtool} verify --missing-revoke \ - --allow-proxy-certificate \ - cert:FILE:$srcdir/data/proxy10-child-test.crt \ - chain:FILE:$srcdir/data/proxy10-test.crt \ - chain:FILE:$srcdir/data/test.crt \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null || exit 1 - -echo "proxy cert (third level)" -${hxtool} verify --missing-revoke \ - --allow-proxy-certificate \ - cert:FILE:$srcdir/data/proxy10-child-child-test.crt \ - chain:FILE:$srcdir/data/proxy10-child-test.crt \ - chain:FILE:$srcdir/data/proxy10-test.crt \ - chain:FILE:$srcdir/data/test.crt \ - anchor:FILE:$srcdir/data/ca.crt > /dev/null || exit 1 - -exit 0 diff --git a/crypto/heimdal/lib/hx509/test_cms.in b/crypto/heimdal/lib/hx509/test_cms.in deleted file mode 100644 index a89e81023530..000000000000 --- a/crypto/heimdal/lib/hx509/test_cms.in +++ /dev/null @@ -1,377 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2005 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: test_cms.in 21311 2007-06-25 18:26:37Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" - -stat="--statistic-file=${objdir}/statfile" - -hxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}" - -if ${hxtool} info | grep 'rsa: hcrypto null RSA' > /dev/null ; then - exit 77 -fi -if ${hxtool} info | grep 'rand: not available' > /dev/null ; then - exit 77 -fi - -echo "create signed data" -${hxtool} cms-create-sd \ - --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ - "$srcdir/test_chain.in" \ - sd.data > /dev/null || exit 1 - -echo "verify signed data" -${hxtool} cms-verify-sd \ - --missing-revoke \ - --anchors=FILE:$srcdir/data/ca.crt \ - sd.data sd.data.out > /dev/null || exit 1 -cmp "$srcdir/test_chain.in" sd.data.out || exit 1 - -echo "create signed data (id-by-name)" -${hxtool} cms-create-sd \ - --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ - --id-by-name \ - "$srcdir/test_chain.in" \ - sd.data > /dev/null || exit 1 - -echo "verify signed data" -${hxtool} cms-verify-sd \ - --missing-revoke \ - --anchors=FILE:$srcdir/data/ca.crt \ - sd.data sd.data.out > /dev/null || exit 1 -cmp "$srcdir/test_chain.in" sd.data.out || exit 1 - -echo "verify signed data (EE cert as anchor)" -${hxtool} cms-verify-sd \ - --missing-revoke \ - --anchors=FILE:$srcdir/data/test.crt \ - sd.data sd.data.out > /dev/null || exit 1 -cmp "$srcdir/test_chain.in" sd.data.out || exit 1 - -echo "create signed data (password)" -${hxtool} cms-create-sd \ - --pass=PASS:foobar \ - --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test-pw.key \ - "$srcdir/test_chain.in" \ - sd.data > /dev/null || exit 1 - -echo "verify signed data" -${hxtool} cms-verify-sd \ - --missing-revoke \ - --anchors=FILE:$srcdir/data/ca.crt \ - sd.data sd.data.out > /dev/null || exit 1 -cmp "$srcdir/test_chain.in" sd.data.out || exit 1 - -echo "create signed data (combined)" -${hxtool} cms-create-sd \ - --certificate=FILE:$srcdir/data/test.combined.crt \ - "$srcdir/test_chain.in" \ - sd.data > /dev/null || exit 1 - -echo "verify signed data" -${hxtool} cms-verify-sd \ - --missing-revoke \ - --anchors=FILE:$srcdir/data/ca.crt \ - sd.data sd.data.out > /dev/null || exit 1 -cmp "$srcdir/test_chain.in" sd.data.out || exit 1 - -echo "create signed data (content info)" -${hxtool} cms-create-sd \ - --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ - --content-info \ - "$srcdir/test_chain.in" \ - sd.data > /dev/null || exit 1 - -echo "verify signed data (content info)" -${hxtool} cms-verify-sd \ - --missing-revoke \ - --anchors=FILE:$srcdir/data/ca.crt \ - --content-info \ - sd.data sd.data.out > /dev/null || exit 1 -cmp "$srcdir/test_chain.in" sd.data.out || exit 1 - -echo "create signed data (content type)" -${hxtool} cms-create-sd \ - --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ - --content-type=1.1.1.1 \ - "$srcdir/test_chain.in" \ - sd.data > /dev/null || exit 1 - -echo "verify signed data (content type)" -${hxtool} cms-verify-sd \ - --missing-revoke \ - --anchors=FILE:$srcdir/data/ca.crt \ - sd.data sd.data.out > /dev/null || exit 1 -cmp "$srcdir/test_chain.in" sd.data.out || exit 1 - -echo "create signed data (pem)" -${hxtool} cms-create-sd \ - --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ - --pem \ - "$srcdir/test_chain.in" \ - sd.data > /dev/null || exit 1 - -echo "create signed data (pem, detached)" -${hxtool} cms-create-sd \ - --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ - --detached-signature \ - --pem \ - "$srcdir/test_chain.in" \ - sd.data > /dev/null || exit 1 - -echo "create signed data (p12)" -${hxtool} cms-create-sd \ - --pass=PASS:foobar \ - --certificate=PKCS12:$srcdir/data/test.p12 \ - --signer=friendlyname-test \ - "$srcdir/test_chain.in" \ - sd.data > /dev/null || exit 1 - -echo "verify signed data" -${hxtool} cms-verify-sd \ - --missing-revoke \ - --anchors=FILE:$srcdir/data/ca.crt \ - --content-info \ - "$srcdir/data/test-signed-data" sd.data.out > /dev/null || exit 1 -cmp "$srcdir/data/static-file" sd.data.out || exit 1 - -echo "verify signed data (no attr)" -${hxtool} cms-verify-sd \ - --missing-revoke \ - --anchors=FILE:$srcdir/data/ca.crt \ - --content-info \ - "$srcdir/data/test-signed-data-noattr" sd.data.out > /dev/null || exit 1 -cmp "$srcdir/data/static-file" sd.data.out || exit 1 - -echo "verify failure signed data (no attr, no certs)" -${hxtool} cms-verify-sd \ - --missing-revoke \ - --anchors=FILE:$srcdir/data/ca.crt \ - --content-info \ - "$srcdir/data/test-signed-data-noattr-nocerts" \ - sd.data.out > /dev/null 2>/dev/null && exit 1 - -echo "verify signed data (no attr, no certs)" -${hxtool} cms-verify-sd \ - --missing-revoke \ - --anchors=FILE:$srcdir/data/ca.crt \ - --certificate=FILE:$srcdir/data/test.crt \ - --content-info \ - "$srcdir/data/test-signed-data-noattr-nocerts" \ - sd.data.out > /dev/null || exit 1 -cmp "$srcdir/data/static-file" sd.data.out || exit 1 - -echo "create signed data (subcert, no certs)" -${hxtool} cms-create-sd \ - --certificate=FILE:$srcdir/data/sub-cert.crt,$srcdir/data/sub-cert.key \ - "$srcdir/test_chain.in" \ - sd.data > /dev/null || exit 1 - -echo "verify failure signed data" -${hxtool} cms-verify-sd \ - --missing-revoke \ - --anchors=FILE:$srcdir/data/ca.crt \ - sd.data sd.data.out > /dev/null 2> /dev/null && exit 1 - -echo "verify success signed data" -${hxtool} cms-verify-sd \ - --missing-revoke \ - --certificate=FILE:$srcdir/data/sub-ca.crt \ - --anchors=FILE:$srcdir/data/ca.crt \ - sd.data sd.data.out > /dev/null || exit 1 -cmp "$srcdir/test_chain.in" sd.data.out || exit 1 - -echo "create signed data (subcert, certs)" -${hxtool} cms-create-sd \ - --certificate=FILE:$srcdir/data/sub-cert.crt,$srcdir/data/sub-cert.key \ - --pool=FILE:$srcdir/data/sub-ca.crt \ - --anchors=FILE:$srcdir/data/ca.crt \ - "$srcdir/test_chain.in" \ - sd.data > /dev/null || exit 1 - -echo "verify success signed data" -${hxtool} cms-verify-sd \ - --missing-revoke \ - --anchors=FILE:$srcdir/data/ca.crt \ - sd.data sd.data.out > /dev/null || exit 1 -cmp "$srcdir/test_chain.in" sd.data.out || exit 1 - -echo "create signed data (subcert, certs, no-root)" -${hxtool} cms-create-sd \ - --certificate=FILE:$srcdir/data/sub-cert.crt,$srcdir/data/sub-cert.key \ - --pool=FILE:$srcdir/data/sub-ca.crt \ - "$srcdir/test_chain.in" \ - sd.data > /dev/null || exit 1 - -echo "verify success signed data" -${hxtool} cms-verify-sd \ - --missing-revoke \ - --anchors=FILE:$srcdir/data/ca.crt \ - sd.data sd.data.out > /dev/null || exit 1 -cmp "$srcdir/test_chain.in" sd.data.out || exit 1 - -echo "create signed data (subcert, no-subca, no-root)" -${hxtool} cms-create-sd \ - --certificate=FILE:$srcdir/data/sub-cert.crt,$srcdir/data/sub-cert.key \ - "$srcdir/test_chain.in" \ - sd.data > /dev/null || exit 1 - -echo "verify failure signed data" -${hxtool} cms-verify-sd \ - --missing-revoke \ - --anchors=FILE:$srcdir/data/ca.crt \ - sd.data sd.data.out > /dev/null 2>/dev/null && exit 1 - -echo "create signed data (sd cert)" -${hxtool} cms-create-sd \ - --certificate=FILE:$srcdir/data/test-ds-only.crt,$srcdir/data/test-ds-only.key \ - "$srcdir/test_chain.in" \ - sd.data > /dev/null || exit 1 - -echo "create signed data (ke cert)" -${hxtool} cms-create-sd \ - --certificate=FILE:$srcdir/data/test-ke-only.crt,$srcdir/data/test-ke-only.key \ - "$srcdir/test_chain.in" \ - sd.data > /dev/null 2>/dev/null && exit 1 - -echo "create signed data (sd + ke certs)" -${hxtool} cms-create-sd \ - --certificate=FILE:$srcdir/data/test-ke-only.crt,$srcdir/data/test-ke-only.key \ - --certificate=FILE:$srcdir/data/test-ds-only.crt,$srcdir/data/test-ds-only.key \ - "$srcdir/test_chain.in" \ - sd.data > /dev/null || exit 1 - -echo "create signed data (ke + sd certs)" -${hxtool} cms-create-sd \ - --certificate=FILE:$srcdir/data/test-ds-only.crt,$srcdir/data/test-ds-only.key \ - --certificate=FILE:$srcdir/data/test-ke-only.crt,$srcdir/data/test-ke-only.key \ - "$srcdir/test_chain.in" \ - sd.data > /dev/null || exit 1 - -echo "create signed data (detached)" -${hxtool} cms-create-sd \ - --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ - --detached-signature \ - "$srcdir/test_chain.in" \ - sd.data > /dev/null || exit 1 - -echo "verify signed data (detached)" -${hxtool} cms-verify-sd \ - --missing-revoke \ - --signed-content="$srcdir/test_chain.in" \ - --anchors=FILE:$srcdir/data/ca.crt \ - sd.data sd.data.out > /dev/null || exit 1 -cmp "$srcdir/test_chain.in" sd.data.out || exit 1 - -echo "verify failure signed data (detached)" -${hxtool} cms-verify-sd \ - --missing-revoke \ - --anchors=FILE:$srcdir/data/ca.crt \ - sd.data sd.data.out > /dev/null 2>/dev/null && exit 1 - -echo "create signed data (rsa)" -${hxtool} cms-create-sd \ - --peer-alg=1.2.840.113549.1.1.1 \ - --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ - "$srcdir/test_chain.in" \ - sd.data > /dev/null || exit 1 - -echo "verify signed data (rsa)" -${hxtool} cms-verify-sd \ - --missing-revoke \ - --anchors=FILE:$srcdir/data/ca.crt \ - sd.data sd.data.out > /dev/null 2>/dev/null || exit 1 -cmp "$srcdir/test_chain.in" sd.data.out || exit 1 - -echo "envelope data (content-type)" -${hxtool} cms-envelope \ - --certificate=FILE:$srcdir/data/test.crt \ - --content-type=1.1.1.1 \ - "$srcdir/data/static-file" \ - ev.data > /dev/null || exit 1 - -echo "unenvelope data (content-type)" -${hxtool} cms-unenvelope \ - --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ - ev.data ev.data.out \ - FILE:$srcdir/data/test.crt,$srcdir/data/test.key > /dev/null || exit 1 -cmp "$srcdir/data/static-file" ev.data.out || exit 1 - -echo "envelope data (content-info)" -${hxtool} cms-envelope \ - --certificate=FILE:$srcdir/data/test.crt \ - --content-info \ - "$srcdir/data/static-file" \ - ev.data > /dev/null || exit 1 - -echo "unenvelope data (content-info)" -${hxtool} cms-unenvelope \ - --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ - --content-info \ - ev.data ev.data.out \ - FILE:$srcdir/data/test.crt,$srcdir/data/test.key > /dev/null || exit 1 -cmp "$srcdir/data/static-file" ev.data.out || exit 1 - -for a in des-ede3 aes-128 aes-256; do - - rm -f ev.data ev.data.out - echo "envelope data ($a)" - ${hxtool} cms-envelope \ - --encryption-type="$a-cbc" \ - --certificate=FILE:$srcdir/data/test.crt \ - "$srcdir/data/static-file" \ - ev.data || exit 1 - - echo "unenvelope data ($a)" - ${hxtool} cms-unenvelope \ - --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ - ev.data ev.data.out > /dev/null || exit 1 - cmp "$srcdir/data/static-file" ev.data.out || exit 1 -done - -for a in rc2-40 rc2-64 rc2-128 des-ede3 aes-128 aes-256; do - echo "static unenvelope data ($a)" - - rm -f ev.data.out - ${hxtool} cms-unenvelope \ - --certificate=FILE:$srcdir/data/test.crt,$srcdir/data/test.key \ - --content-info \ - "$srcdir/data/test-enveloped-$a" ev.data.out > /dev/null || exit 1 - cmp "$srcdir/data/static-file" ev.data.out || exit 1 -done - -exit 0 diff --git a/crypto/heimdal/lib/hx509/test_crypto.in b/crypto/heimdal/lib/hx509/test_crypto.in deleted file mode 100644 index 31b5233fe9e6..000000000000 --- a/crypto/heimdal/lib/hx509/test_crypto.in +++ /dev/null @@ -1,187 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: test_crypto.in 20898 2007-06-04 23:07:46Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" - -stat="--statistic-file=${objdir}/statfile" - -hxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}" - -if ${hxtool} info | grep 'rsa: hcrypto null RSA' > /dev/null ; then - exit 77 -fi -if ${hxtool} info | grep 'rand: not available' > /dev/null ; then - exit 77 -fi - - -echo "Bleichenbacher good cert (from eay)" -${hxtool} verify --missing-revoke \ - --time=2006-09-25 \ - cert:FILE:$srcdir/data/bleichenbacher-good.pem \ - anchor:FILE:$srcdir/data/bleichenbacher-good.pem > /dev/null || exit 1 - -echo "Bleichenbacher bad cert (from eay)" -${hxtool} verify --missing-revoke \ - --time=2006-09-25 \ - cert:FILE:$srcdir/data/bleichenbacher-bad.pem \ - anchor:FILE:$srcdir/data/bleichenbacher-bad.pem > /dev/null && exit 1 - -echo "Bleichenbacher good cert (from yutaka)" -${hxtool} verify --missing-revoke \ - --time=2006-09-25 \ - cert:FILE:$srcdir/data/yutaka-pad-ok-cert.pem \ - anchor:FILE:$srcdir/data/yutaka-pad-ok-ca.pem > /dev/null || exit 1 - -echo "Bleichenbacher bad cert (from yutaka)" -${hxtool} verify --missing-revoke \ - --time=2006-09-25 \ - cert:FILE:$srcdir/data/yutaka-pad-broken-cert.pem \ - anchor:FILE:$srcdir/data/yutaka-pad-broken-ca.pem > /dev/null && exit 1 - -# Ralf-Philipp Weinmann -# Andrew Pyshkin -echo "Bleichenbacher bad cert (sf pad correct)" -${hxtool} verify --missing-revoke \ - --time=2006-09-25 \ - cert:FILE:$srcdir/data/bleichenbacher-sf-pad-correct.pem \ - anchor:FILE:$srcdir/data/sf-class2-root.pem > /dev/null && exit 1 - -echo Read 50 kilobyte random data -${hxtool} random-data 50kilobyte > random-data || exit 1 - -echo "crypto select1" -${hxtool} crypto-select > test || { echo "select1"; exit 1; } -cmp test ${srcdir}/tst-crypto-select1 > /dev/null || \ - { echo "select1 failure"; exit 1; } - -echo "crypto select1" -${hxtool} crypto-select --type=digest > test || { echo "select1"; exit 1; } -cmp test ${srcdir}/tst-crypto-select1 > /dev/null || \ - { echo "select1 failure"; exit 1; } - -echo "crypto select2" -${hxtool} crypto-select --type=public-sig > test || { echo "select2"; exit 1; } -cmp test ${srcdir}/tst-crypto-select2 > /dev/null || \ - { echo "select2 failure"; exit 1; } - -echo "crypto select3" -${hxtool} crypto-select \ - --type=public-sig \ - --peer-cmstype=1.2.840.113549.1.1.4 \ - > test || { echo "select3"; exit 1; } -cmp test ${srcdir}/tst-crypto-select3 > /dev/null || \ - { echo "select3 failure"; exit 1; } - -echo "crypto select4" -${hxtool} crypto-select \ - --type=public-sig \ - --peer-cmstype=1.2.840.113549.1.1.5 \ - --peer-cmstype=1.2.840.113549.1.1.4 \ - > test || { echo "select4"; exit 1; } -cmp test ${srcdir}/tst-crypto-select4 > /dev/null || \ - { echo "select4 failure"; exit 1; } - -echo "crypto select5" -${hxtool} crypto-select \ - --type=public-sig \ - --peer-cmstype=1.2.840.113549.1.1.11 \ - --peer-cmstype=1.2.840.113549.1.1.5 \ - > test || { echo "select5"; exit 1; } -cmp test ${srcdir}/tst-crypto-select5 > /dev/null || \ - { echo "select5 failure"; exit 1; } - -echo "crypto select6" -${hxtool} crypto-select \ - --type=public-sig \ - --peer-cmstype=1.2.840.113549.2.5 \ - --peer-cmstype=1.2.840.113549.1.1.5 \ - > test || { echo "select6"; exit 1; } -cmp test ${srcdir}/tst-crypto-select6 > /dev/null || \ - { echo "select6 failure"; exit 1; } - -echo "crypto select7" -${hxtool} crypto-select \ - --type=secret \ - --peer-cmstype=2.16.840.1.101.3.4.1.42 \ - --peer-cmstype=1.2.840.113549.3.7 \ - --peer-cmstype=1.2.840.113549.1.1.5 \ - > test || { echo "select7"; exit 1; } -cmp test ${srcdir}/tst-crypto-select7 > /dev/null || \ - { echo "select7 failure"; exit 1; } - -echo "crypto available1" -${hxtool} crypto-available \ - --type=all \ - > test || { echo "available1"; exit 1; } -cmp test ${srcdir}/tst-crypto-available1 > /dev/null || \ - { echo "available1 failure"; exit 1; } - -echo "crypto available2" -${hxtool} crypto-available \ - --type=digest \ - > test || { echo "available2"; exit 1; } -cmp test ${srcdir}/tst-crypto-available2 > /dev/null || \ - { echo "available2 failure"; exit 1; } - -echo "crypto available3" -${hxtool} crypto-available \ - --type=public-sig \ - > test || { echo "available3"; exit 1; } -cmp test ${srcdir}/tst-crypto-available3 > /dev/null || \ - { echo "available3 failure"; exit 1; } - -echo "copy keystore FILE existing -> FILE" -${hxtool} certificate-copy \ - FILE:${srcdir}/data/test.crt,${srcdir}/data/test.key \ - FILE:out.pem || exit 1 - -echo "copy keystore FILE -> FILE" -${hxtool} certificate-copy \ - FILE:out.pem \ - FILE:out2.pem || exit 1 - -echo "copy keystore FILE -> PKCS12" -${hxtool} certificate-copy \ - FILE:out.pem \ - PKCS12:out2.pem || exit 1 - -echo "print certificate with utf8" -${hxtool} print \ - FILE:$srcdir/data/j.pem >/dev/null 2>/dev/null || exit 1 - -exit 0 diff --git a/crypto/heimdal/lib/hx509/test_java_pkcs11.in b/crypto/heimdal/lib/hx509/test_java_pkcs11.in deleted file mode 100644 index 35f61e61aa35..000000000000 --- a/crypto/heimdal/lib/hx509/test_java_pkcs11.in +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2008 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# - -exit 0 - -srcdir="@srcdir@" -objdir="@objdir@" - -dir=$objdir -file= - -for a in libhx509.so .libs/libhx509.so libhx509.dylib .libs/libhx509.dylib ; do - if [ -f $dir/$a ] ; then - file=$dir/$a - break - fi -done - -if [ "X$file" = X ] ; then - exit 0 -fi - -cat > pkcs11.cfg < test-rc-file.rc < /dev/null ; then - exit 77 -fi -if ${hxtool} info | grep 'rand: not available' > /dev/null ; then - exit 77 -fi - -echo "nist tests" - -if [ ! -d "$nistdir" ] ; then - ( mkdir "$nistdir" && unzip -d "${nistdir}" "${nistzip}" ) >/dev/null || \ - { rm -rf "$nistdir" ; exit 1; } -fi - -while read id verify cert arg1 arg2 arg3 arg4 arg5 ; do - expr "$id" : "#" > /dev/null && continue - - test "$id" = "end" && break - - args="" - case "$arg1" in - *.crt) args="$args chain:FILE:$nistdir/certs/$arg1" ;; - *.crl) args="$args crl:FILE:$nistdir/crls/$arg1" ;; - *) args="$args $arg1" ;; - esac - case "$arg2" in - *.crt) args="$args chain:FILE:$nistdir/certs/$arg2" ;; - *.crl) args="$args crl:FILE:$nistdir/crls/$arg2" ;; - *) args="$args $arg2" ;; - esac - case "$arg3" in - *.crt) args="$args chain:FILE:$nistdir/certs/$arg3" ;; - *.crl) args="$args crl:FILE:$nistdir/crls/$arg3" ;; - *) args="$args $arg3" ;; - esac - case "$arg4" in - *.crt) args="$args chain:FILE:$nistdir/certs/$arg4" ;; - *.crl) args="$args crl:FILE:$nistdir/crls/$arg4" ;; - *) args="$args $arg4" ;; - esac - case "$arg5" in - *.crt) args="$args chain:FILE:$nistdir/certs/$arg5" ;; - *.crl) args="$args crl:FILE:$nistdir/crls/$arg5" ;; - *) args="$args $arg5" ;; - esac - - args="$args anchor:FILE:$nistdir/certs/TrustAnchorRootCertificate.crt" - args="$args crl:FILE:$nistdir/crls/TrustAnchorRootCRL.crl" - args="$args cert:FILE:$nistdir/certs/$cert" - - if ${hxtool} verify $args > /dev/null; then - if test "$verify" = "f"; then - echo "verify passed on fail: $id $cert" - exit 1 - fi - else - if test "$verify" = "p"; then - echo "verify failed on pass: $id $cert" - exit 1 - fi - fi - -done < $srcdir/data/nist-data - - -echo "done!" - -exit 0 diff --git a/crypto/heimdal/lib/hx509/test_nist2.in b/crypto/heimdal/lib/hx509/test_nist2.in deleted file mode 100644 index 66161298953f..000000000000 --- a/crypto/heimdal/lib/hx509/test_nist2.in +++ /dev/null @@ -1,118 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2004 - 2005 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: test_nist.in 21787 2007-08-02 08:50:24Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" -nistdir=${objdir}/PKITS_data -nistzip=${srcdir}/data/PKITS_data.zip - -limit="${1:-nolimit}" - -stat="--statistic-file=${objdir}/statfile" - -hxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}" - -# nistzip is not distributed part of the distribution -test -f "$nistzip" || exit 77 - -if ${hxtool} info | grep 'rsa: hcrypto null RSA' > /dev/null ; then - exit 77 -fi -if ${hxtool} info | grep 'rand: not available' > /dev/null ; then - exit 77 -fi - -echo "nist tests, version 2" - -if [ ! -d "$nistdir" ] ; then - ( mkdir "$nistdir" && unzip -d "${nistdir}" "${nistzip}" ) >/dev/null || \ - { rm -rf "$nistdir" ; exit 1; } -fi - -ec= -name= -description= -while read result cert other ; do - if expr "$result" : "#" > /dev/null; then - name=${cert} - description="${other}" - continue - fi - - test nolimit != "${limit}" && ! expr "$name" : "$limit" > /dev/null && continue - - test "$result" = "end" && break - - args= - args="$args cert:FILE:$nistdir/certs/$cert" - args="$args chain:DIR:$nistdir/certs" - args="$args anchor:FILE:$nistdir/certs/TrustAnchorRootCertificate.crt" -# args="$args crl:FILE:$nistdir/crls/TrustAnchorRootCRL.crl" - - for a in $nistdir/crls/*.crl; do - args="$args crl:FILE:$a" - done - - cmd="${hxtool} verify $args" - eval ${cmd} > /dev/null - res=$? - - case "${result},${res}" in - 0,0) r="PASSs";; - 0,*) r="FAILs";; - [123],0) r="FAILf";; - [123],*) r="PASSf";; - *) echo="unknown result ${result},${res}" ; exit 1 ;; - esac - if grep "${name} FAIL" $srcdir/data/nist-result2 > /dev/null; then - if expr "$r" : "PASS" >/dev/null; then - echo "${name} passed when expected not to" - echo "# ${description}" > nist2-passed-${name}.tmp - ec=1 - fi - elif expr "$r" : "FAIL.*" >/dev/null ; then - echo "$r ${name} ${description}" - echo "# ${description}" > nist2-failed-${name}.tmp - echo "$cmd" >> nist2-failed-${name}.tmp - ec=1 - fi - -done < $srcdir/data/nist-data2 - - -echo "done!" - -exit $ec diff --git a/crypto/heimdal/lib/hx509/test_nist_cert.in b/crypto/heimdal/lib/hx509/test_nist_cert.in deleted file mode 100644 index 2d2bbe1f1983..000000000000 --- a/crypto/heimdal/lib/hx509/test_nist_cert.in +++ /dev/null @@ -1,68 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: test_nist_cert.in 21823 2007-08-03 15:13:37Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" -nistdir=${objdir}/PKITS_data -nistzip=${srcdir}/data/PKITS_data.zip - -# nistzip is not distributed part of the distribution -test -f "$nistzip" || exit 77 - -stat="--statistic-file=${objdir}/statfile" - -hxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}" - -if ${hxtool} info | grep 'rsa: hcrypto null RSA' > /dev/null ; then - exit 77 -fi -if ${hxtool} info | grep 'rand: not available' > /dev/null ; then - exit 77 -fi - -if [ ! -d "$nistdir" ] ; then - ( mkdir "$nistdir" && cd "$nistdir" && unzip "$nistzip" ) >/dev/null || \ - { rm -rf "$nistdir" ; exit 1; } -fi - -if ${hxtool} validate DIR:$nistdir/certs > /dev/null; then - : -else - echo "validate failed" - exit 1 -fi - -exit 0 diff --git a/crypto/heimdal/lib/hx509/test_nist_pkcs12.in b/crypto/heimdal/lib/hx509/test_nist_pkcs12.in deleted file mode 100644 index fe595f284784..000000000000 --- a/crypto/heimdal/lib/hx509/test_nist_pkcs12.in +++ /dev/null @@ -1,77 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2004 - 2005 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: test_nist_pkcs12.in 22256 2007-12-09 06:04:02Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" -pass="--pass=PASS:password" -nistdir=${objdir}/PKITS_data -nistzip=${srcdir}/data/PKITS_data.zip - -# nistzip is not distributed part of the distribution -test -f "$nistzip" || exit 77 - -stat="--statistic-file=${objdir}/statfile" - -hxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}" - -if ${hxtool} info | grep 'rsa: hcrypto null RSA' > /dev/null ; then - exit 77 -fi -if ${hxtool} info | grep 'rand: not available' > /dev/null ; then - exit 77 -fi - -if [ ! -d "$nistdir" ] ; then - ( mkdir "$nistdir" && cd "$nistdir" && unzip "$nistzip" ) >/dev/null || \ - { rm -rf "$nistdir" ; exit 1; } -fi - -echo "nist pkcs12 tests" - -for a in $nistdir/pkcs12/*.p12 ; do - - if ${hxtool} validate $pass PKCS12:$a > /dev/null; then - : - else - echo "$a failed" - exit 1 - fi - -done - -echo "done!" - -exit 0 \ No newline at end of file diff --git a/crypto/heimdal/lib/hx509/test_pkcs11.in b/crypto/heimdal/lib/hx509/test_pkcs11.in deleted file mode 100644 index 0a315bf5eaf7..000000000000 --- a/crypto/heimdal/lib/hx509/test_pkcs11.in +++ /dev/null @@ -1,62 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2008 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# - -srcdir="@srcdir@" -objdir="@objdir@" - -SOFTPKCS11RC="test-rc-file.rc" \ -export SOFTPKCS11RC - -echo "password less" - -cat > test-rc-file.rc < test-rc-file.rc </dev/null 2>/dev/null || exit 1 - -${hxtool} print \ - --pass=PASS:foobar \ - --info \ - PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1 - -echo "make sure entry is found (friendlyname)" -${hxtool} query \ - --pass=PASS:foobar \ - --friendlyname=friendlyname-test \ - PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1 - -echo "make sure entry is not found (friendlyname)" -${hxtool} query \ - --pass=PASS:foobar \ - --friendlyname=friendlyname-test-not \ - PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null && exit 1 - -echo "make sure entry is found (friendlyname, no-pw)" -${hxtool} query \ - --friendlyname=friendlyname-cert \ - PKCS12:$srcdir/data/test-nopw.p12 >/dev/null 2>/dev/null || exit 1 - -echo "check for ca cert (friendlyname)" -${hxtool} query \ - --pass=PASS:foobar \ - --friendlyname=ca \ - PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1 - -echo "make sure entry is not found (friendlyname)" -${hxtool} query \ - --pass=PASS:foobar \ - --friendlyname=friendlyname-test \ - PKCS12:$srcdir/data/sub-cert.p12 >/dev/null 2>/dev/null && exit 1 - -echo "make sure entry is found (friendlyname|private key)" -${hxtool} query \ - --pass=PASS:foobar \ - --friendlyname=friendlyname-test \ - --private-key \ - PKCS12:$srcdir/data/test.p12 > /dev/null || exit 1 - -echo "make sure entry is not found (friendlyname|private key)" -${hxtool} query \ - --pass=PASS:foobar \ - --friendlyname=ca \ - --private-key \ - PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null && exit 1 - -echo "make sure entry is found (cert ds)" -${hxtool} query \ - --digitalSignature \ - FILE:$srcdir/data/test.crt >/dev/null 2>/dev/null || exit 1 - -echo "make sure entry is found (cert ke)" -${hxtool} query \ - --keyEncipherment \ - FILE:$srcdir/data/test.crt >/dev/null 2>/dev/null || exit 1 - -echo "make sure entry is found (cert ke + ds)" -${hxtool} query \ - --digitalSignature \ - --keyEncipherment \ - FILE:$srcdir/data/test.crt >/dev/null 2>/dev/null || exit 1 - -echo "make sure entry is found (cert-ds ds)" -${hxtool} query \ - --digitalSignature \ - FILE:$srcdir/data/test-ds-only.crt >/dev/null 2>/dev/null || exit 1 - -echo "make sure entry is not found (cert-ds ke)" -${hxtool} query \ - --keyEncipherment \ - FILE:$srcdir/data/test-ds-only.crt >/dev/null 2>/dev/null && exit 1 - -echo "make sure entry is not found (cert-ds ke + ds)" -${hxtool} query \ - --digitalSignature \ - --keyEncipherment \ - FILE:$srcdir/data/test-ds-only.crt >/dev/null 2>/dev/null && exit 1 - -echo "make sure entry is not found (cert-ke ds)" -${hxtool} query \ - --digitalSignature \ - FILE:$srcdir/data/test-ke-only.crt >/dev/null 2>/dev/null && exit 1 - -echo "make sure entry is found (cert-ke ke)" -${hxtool} query \ - --keyEncipherment \ - FILE:$srcdir/data/test-ke-only.crt >/dev/null 2>/dev/null || exit 1 - -echo "make sure entry is not found (cert-ke ke + ds)" -${hxtool} query \ - --digitalSignature \ - --keyEncipherment \ - FILE:$srcdir/data/test-ke-only.crt >/dev/null 2>/dev/null && exit 1 - -exit 0 - diff --git a/crypto/heimdal/lib/hx509/test_req.in b/crypto/heimdal/lib/hx509/test_req.in deleted file mode 100644 index 2109ceb26dca..000000000000 --- a/crypto/heimdal/lib/hx509/test_req.in +++ /dev/null @@ -1,63 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2005 - 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: test_req.in 21341 2007-06-26 14:20:56Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" - -stat="--statistic-file=${objdir}/statfile" - -hxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}" - -if ${hxtool} info | grep 'rsa: hcrypto null RSA' > /dev/null ; then - exit 77 -fi -if ${hxtool} info | grep 'rand: not available' > /dev/null ; then - exit 77 -fi - -${hxtool} request-create \ - --subject="CN=Love,DC=it,DC=su,DC=se" \ - --key=FILE:$srcdir/data/key.der \ - request.out || exit 1 - -${hxtool} request-print \ - PKCS10:request.out > /dev/null || exit 1 - -${hxtool} request-create \ - --subject="CN=Love,DC=it,DC=su,DC=se" \ - --dnsname=nutcracker.it.su.se \ - --key=FILE:$srcdir/data/key.der \ - request.out || exit 1 diff --git a/crypto/heimdal/lib/hx509/test_soft_pkcs11.c b/crypto/heimdal/lib/hx509/test_soft_pkcs11.c deleted file mode 100644 index e76f7720156d..000000000000 --- a/crypto/heimdal/lib/hx509/test_soft_pkcs11.c +++ /dev/null @@ -1,228 +0,0 @@ -/* - * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "hx_locl.h" -#include "pkcs11.h" -#include - -static CK_FUNCTION_LIST_PTR func; - - -static CK_RV -find_object(CK_SESSION_HANDLE session, - char *id, - CK_OBJECT_CLASS key_class, - CK_OBJECT_HANDLE_PTR object) -{ - CK_ULONG object_count; - CK_RV ret; - CK_ATTRIBUTE search_data[] = { - {CKA_ID, id, 0 }, - {CKA_CLASS, &key_class, sizeof(key_class)} - }; - CK_ULONG num_search_data = sizeof(search_data)/sizeof(search_data[0]); - - search_data[0].ulValueLen = strlen(id); - - ret = (*func->C_FindObjectsInit)(session, search_data, num_search_data); - if (ret != CKR_OK) - return ret; - - ret = (*func->C_FindObjects)(session, object, 1, &object_count); - if (ret != CKR_OK) - return ret; - if (object_count == 0) { - printf("found no object\n"); - return 1; - } - - ret = (*func->C_FindObjectsFinal)(session); - if (ret != CKR_OK) - return ret; - - return CKR_OK; -} - -static char *sighash = "hej"; -static char signature[1024]; - - -int -main(int argc, char **argv) -{ - CK_SLOT_ID_PTR slot_ids; - CK_SLOT_ID slot; - CK_ULONG num_slots; - CK_RV ret; - CK_SLOT_INFO slot_info; - CK_TOKEN_INFO token_info; - CK_SESSION_HANDLE session; - CK_OBJECT_HANDLE public, private; - - ret = C_GetFunctionList(&func); - if (ret != CKR_OK) - errx(1, "C_GetFunctionList failed: %d", (int)ret); - - (*func->C_Initialize)(NULL_PTR); - - ret = (*func->C_GetSlotList)(FALSE, NULL, &num_slots); - if (ret != CKR_OK) - errx(1, "C_GetSlotList1 failed: %d", (int)ret); - - if (num_slots == 0) - errx(1, "no slots"); - - if ((slot_ids = calloc(1, num_slots * sizeof(*slot_ids))) == NULL) - err(1, "alloc slots failed"); - - ret = (*func->C_GetSlotList)(FALSE, slot_ids, &num_slots); - if (ret != CKR_OK) - errx(1, "C_GetSlotList2 failed: %d", (int)ret); - - slot = slot_ids[0]; - free(slot_ids); - - ret = (*func->C_GetSlotInfo)(slot, &slot_info); - if (ret) - errx(1, "C_GetSlotInfo failed: %d", (int)ret); - - if ((slot_info.flags & CKF_TOKEN_PRESENT) == 0) - errx(1, "no token present"); - - ret = (*func->C_OpenSession)(slot, CKF_SERIAL_SESSION, - NULL, NULL, &session); - if (ret != CKR_OK) - errx(1, "C_OpenSession failed: %d", (int)ret); - - ret = (*func->C_GetTokenInfo)(slot, &token_info); - if (ret) - errx(1, "C_GetTokenInfo1 failed: %d", (int)ret); - - if (token_info.flags & CKF_LOGIN_REQUIRED) { - ret = (*func->C_Login)(session, CKU_USER, - (unsigned char*)"foobar", 6); - if (ret != CKR_OK) - errx(1, "C_Login failed: %d", (int)ret); - } - - ret = (*func->C_GetTokenInfo)(slot, &token_info); - if (ret) - errx(1, "C_GetTokenInfo2 failed: %d", (int)ret); - - if (token_info.flags & CKF_LOGIN_REQUIRED) - errx(1, "login required, even after C_Login"); - - ret = find_object(session, "cert", CKO_PUBLIC_KEY, &public); - if (ret != CKR_OK) - errx(1, "find cert failed: %d", (int)ret); - ret = find_object(session, "cert", CKO_PRIVATE_KEY, &private); - if (ret != CKR_OK) - errx(1, "find private key failed: %d", (int)ret); - - { - CK_ULONG ck_sigsize; - CK_MECHANISM mechanism; - - memset(&mechanism, 0, sizeof(mechanism)); - mechanism.mechanism = CKM_RSA_PKCS; - - ret = (*func->C_SignInit)(session, &mechanism, private); - if (ret != CKR_OK) - return 1; - - ck_sigsize = sizeof(signature); - ret = (*func->C_Sign)(session, (CK_BYTE *)sighash, strlen(sighash), - (CK_BYTE *)signature, &ck_sigsize); - if (ret != CKR_OK) { - printf("C_Sign failed with: %d\n", (int)ret); - return 1; - } - - ret = (*func->C_VerifyInit)(session, &mechanism, public); - if (ret != CKR_OK) - return 1; - - ret = (*func->C_Verify)(session, (CK_BYTE *)signature, ck_sigsize, - (CK_BYTE *)sighash, strlen(sighash)); - if (ret != CKR_OK) { - printf("message: %d\n", (int)ret); - return 1; - } - } - -#if 0 - { - CK_ULONG ck_sigsize, outsize; - CK_MECHANISM mechanism; - char outdata[1024]; - - memset(&mechanism, 0, sizeof(mechanism)); - mechanism.mechanism = CKM_RSA_PKCS; - - ret = (*func->C_EncryptInit)(session, &mechanism, public); - if (ret != CKR_OK) - return 1; - - ck_sigsize = sizeof(signature); - ret = (*func->C_Encrypt)(session, (CK_BYTE *)sighash, strlen(sighash), - (CK_BYTE *)signature, &ck_sigsize); - if (ret != CKR_OK) { - printf("message: %d\n", (int)ret); - return 1; - } - - ret = (*func->C_DecryptInit)(session, &mechanism, private); - if (ret != CKR_OK) - return 1; - - outsize = sizeof(outdata); - ret = (*func->C_Decrypt)(session, (CK_BYTE *)signature, ck_sigsize, - (CK_BYTE *)outdata, &outsize); - if (ret != CKR_OK) { - printf("message: %d\n", (int)ret); - return 1; - } - - if (memcmp(sighash, outdata, strlen(sighash)) != 0) - return 1; - } -#endif - - ret = (*func->C_CloseSession)(session); - if (ret != CKR_OK) - return 1; - - (*func->C_Finalize)(NULL_PTR); - - return 0; -} diff --git a/crypto/heimdal/lib/hx509/test_windows.in b/crypto/heimdal/lib/hx509/test_windows.in deleted file mode 100644 index 86145449a7f3..000000000000 --- a/crypto/heimdal/lib/hx509/test_windows.in +++ /dev/null @@ -1,89 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: test_windows.in 21004 2007-06-08 01:53:10Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" - -stat="--statistic-file=${objdir}/statfile" - -hxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}" - -if ${hxtool} info | grep 'rsa: hcrypto null RSA' > /dev/null ; then - exit 77 -fi -if ${hxtool} info | grep 'rand: not available' > /dev/null ; then - exit 77 -fi - -echo "Create trust anchor" -${hxtool} issue-certificate \ - --self-signed \ - --issue-ca \ - --generate-key=rsa \ - --subject="CN=Windows-CA,DC=heimdal,DC=pki" \ - --lifetime=10years \ - --certificate="FILE:wca.pem" || exit 1 - -echo "Create domain controller cert" -${hxtool} issue-certificate \ - --type="pkinit-kdc" \ - --pk-init-principal="krbtgt/HEIMDAL.PKI@HEIMDAL.PKI" \ - --hostname=kdc.heimdal.pki \ - --generate-key=rsa \ - --subject="CN=kdc.heimdal.pki,dc=heimdal,dc=pki" \ - --certificate="FILE:wdc.pem" \ - --domain-controller \ - --crl-uri="http://www.test.h5l.se/test-hemdal-pki-crl1.crl" \ - --ca-certificate=FILE:wca.pem || exit 1 - - -echo "Create user cert" -${hxtool} issue-certificate \ - --type="pkinit-client" \ - --pk-init-principal="user@HEIMDAL.PKI" \ - --generate-key=rsa \ - --subject="CN=User,DC=heimdal,DC=pki" \ - --ms-upn="user@heimdal.pki" \ - --crl-uri="http://www.test.h5l.se/test-hemdal-pki-crl1.crl" \ - --certificate="FILE:wuser.pem" \ - --ca-certificate=FILE:wca.pem || exit 1 - -echo "Create crl" -${hxtool} crl-sign \ - --crl-file=wcrl.crl \ - --signer=FILE:wca.pem || exit 1 - -exit 0 diff --git a/crypto/heimdal/lib/hx509/tst-crypto-available1 b/crypto/heimdal/lib/hx509/tst-crypto-available1 deleted file mode 100644 index 71fa741d64ff..000000000000 --- a/crypto/heimdal/lib/hx509/tst-crypto-available1 +++ /dev/null @@ -1,13 +0,0 @@ -1.2.840.113549.1.1.11 -1.2.840.113549.1.1.5 -1.2.840.113549.1.1.5 -1.2.840.113549.1.1.4 -1.2.840.113549.1.1.2 -1.2.752.43.16.1 -2.16.840.1.101.3.4.2.1 -1.3.14.3.2.26 -1.2.840.113549.2.5 -1.2.840.113549.2.2 -1.2.840.113549.3.7 -2.16.840.1.101.3.4.1.2 -2.16.840.1.101.3.4.1.42 diff --git a/crypto/heimdal/lib/hx509/tst-crypto-available2 b/crypto/heimdal/lib/hx509/tst-crypto-available2 deleted file mode 100644 index b3f76e376f0a..000000000000 --- a/crypto/heimdal/lib/hx509/tst-crypto-available2 +++ /dev/null @@ -1,4 +0,0 @@ -2.16.840.1.101.3.4.2.1 -1.3.14.3.2.26 -1.2.840.113549.2.5 -1.2.840.113549.2.2 diff --git a/crypto/heimdal/lib/hx509/tst-crypto-available3 b/crypto/heimdal/lib/hx509/tst-crypto-available3 deleted file mode 100644 index 0b1a855ee544..000000000000 --- a/crypto/heimdal/lib/hx509/tst-crypto-available3 +++ /dev/null @@ -1,6 +0,0 @@ -1.2.840.113549.1.1.11 -1.2.840.113549.1.1.5 -1.2.840.113549.1.1.5 -1.2.840.113549.1.1.4 -1.2.840.113549.1.1.2 -1.2.752.43.16.1 diff --git a/crypto/heimdal/lib/hx509/tst-crypto-select b/crypto/heimdal/lib/hx509/tst-crypto-select deleted file mode 100644 index 399c883a9235..000000000000 --- a/crypto/heimdal/lib/hx509/tst-crypto-select +++ /dev/null @@ -1 +0,0 @@ -1.2.840.113549.1.1.11 diff --git a/crypto/heimdal/lib/hx509/tst-crypto-select1 b/crypto/heimdal/lib/hx509/tst-crypto-select1 deleted file mode 100644 index eb0d095adf65..000000000000 --- a/crypto/heimdal/lib/hx509/tst-crypto-select1 +++ /dev/null @@ -1 +0,0 @@ -1.3.14.3.2.26 diff --git a/crypto/heimdal/lib/hx509/tst-crypto-select2 b/crypto/heimdal/lib/hx509/tst-crypto-select2 deleted file mode 100644 index 749a54905dc2..000000000000 --- a/crypto/heimdal/lib/hx509/tst-crypto-select2 +++ /dev/null @@ -1 +0,0 @@ -1.2.840.113549.1.1.5 diff --git a/crypto/heimdal/lib/hx509/tst-crypto-select3 b/crypto/heimdal/lib/hx509/tst-crypto-select3 deleted file mode 100644 index ba9f29fd7df6..000000000000 --- a/crypto/heimdal/lib/hx509/tst-crypto-select3 +++ /dev/null @@ -1 +0,0 @@ -1.2.840.113549.1.1.4 diff --git a/crypto/heimdal/lib/hx509/tst-crypto-select4 b/crypto/heimdal/lib/hx509/tst-crypto-select4 deleted file mode 100644 index 749a54905dc2..000000000000 --- a/crypto/heimdal/lib/hx509/tst-crypto-select4 +++ /dev/null @@ -1 +0,0 @@ -1.2.840.113549.1.1.5 diff --git a/crypto/heimdal/lib/hx509/tst-crypto-select5 b/crypto/heimdal/lib/hx509/tst-crypto-select5 deleted file mode 100644 index 399c883a9235..000000000000 --- a/crypto/heimdal/lib/hx509/tst-crypto-select5 +++ /dev/null @@ -1 +0,0 @@ -1.2.840.113549.1.1.11 diff --git a/crypto/heimdal/lib/hx509/tst-crypto-select6 b/crypto/heimdal/lib/hx509/tst-crypto-select6 deleted file mode 100644 index 749a54905dc2..000000000000 --- a/crypto/heimdal/lib/hx509/tst-crypto-select6 +++ /dev/null @@ -1 +0,0 @@ -1.2.840.113549.1.1.5 diff --git a/crypto/heimdal/lib/hx509/tst-crypto-select7 b/crypto/heimdal/lib/hx509/tst-crypto-select7 deleted file mode 100644 index 9b0ac647bc5f..000000000000 --- a/crypto/heimdal/lib/hx509/tst-crypto-select7 +++ /dev/null @@ -1 +0,0 @@ -2.16.840.1.101.3.4.1.42 diff --git a/crypto/heimdal/lib/hx509/version-script.map b/crypto/heimdal/lib/hx509/version-script.map deleted file mode 100644 index 68ef73e8ecca..000000000000 --- a/crypto/heimdal/lib/hx509/version-script.map +++ /dev/null @@ -1,227 +0,0 @@ -# $Id$ - -HEIMDAL_X509_1.0 { - global: - initialize_hx_error_table_r; - hx509_bitstring_print; - hx509_ca_sign; - hx509_ca_sign_self; - hx509_ca_tbs_add_crl_dp_uri; - hx509_ca_tbs_add_eku; - hx509_ca_tbs_add_san_hostname; - hx509_ca_tbs_add_san_jid; - hx509_ca_tbs_add_san_ms_upn; - hx509_ca_tbs_add_san_otherName; - hx509_ca_tbs_add_san_pkinit; - hx509_ca_tbs_add_san_rfc822name; - hx509_ca_tbs_free; - hx509_ca_tbs_init; - hx509_ca_tbs_set_ca; - hx509_ca_tbs_set_domaincontroller; - hx509_ca_tbs_set_notAfter; - hx509_ca_tbs_set_notAfter_lifetime; - hx509_ca_tbs_set_notBefore; - hx509_ca_tbs_set_proxy; - hx509_ca_tbs_set_serialnumber; - hx509_ca_tbs_set_spki; - hx509_ca_tbs_set_subject; - hx509_ca_tbs_set_template; - hx509_ca_tbs_subject_expand; - hx509_ca_tbs_template_units; - hx509_cert_binary; - hx509_cert_check_eku; - hx509_cert_cmp; - hx509_cert_find_subjectAltName_otherName; - hx509_cert_free; - hx509_cert_get_SPKI; - hx509_cert_attribute; - hx509_cert_get_attribute; - hx509_cert_get_base_subject; - hx509_cert_get_friendly_name; - hx509_cert_get_issuer; - hx509_cert_get_notAfter; - hx509_cert_get_notBefore; - hx509_cert_get_serialnumber; - hx509_cert_get_subject; - hx509_cert_init; - hx509_cert_init_data; - hx509_cert_keyusage_print; - hx509_cert; - hx509_cert_ref; - hx509_cert_set_friendly_name; - hx509_certs_add; - hx509_certs_append; - hx509_certs_end_seq; - hx509_certs_find; - hx509_certs_free; - hx509_certs_info; - hx509_certs_init; - hx509_certs_iter; - hx509_certs_merge; - hx509_certs_next_cert; - hx509_certs_start_seq; - hx509_certs_store; - hx509_ci_print_names; - hx509_clear_error_string; - hx509_cms_create_signed_1; - hx509_cms_decrypt_encrypted; - hx509_cms_envelope_1; - hx509_cms_unenvelope; - hx509_cms_unwrap_ContentInfo; - hx509_cms_verify_signed; - hx509_cms_wrap_ContentInfo; - hx509_context_free; - hx509_context_init; - hx509_context_set_missing_revoke; - hx509_crl_add_revoked_certs; - hx509_crl_alloc; - hx509_crl_free; - hx509_crl_lifetime; - hx509_crl_sign; - hx509_crypto_aes128_cbc; - hx509_crypto_aes256_cbc; - hx509_crypto_available; - hx509_crypto_decrypt; - hx509_crypto_des_rsdi_ede3_cbc; - hx509_crypto_destroy; - hx509_crypto_encrypt; - hx509_crypto_enctype_by_name; - hx509_crypto_free_algs; - hx509_crypto_get_params; - hx509_crypto_init; - hx509_crypto_provider; - hx509_crypto_select; - hx509_crypto_set_key_data; - hx509_crypto_set_key_name; - hx509_crypto_set_params; - hx509_crypto_set_random_key; - hx509_env_add; - hx509_env_free; - hx509_env_init; - hx509_env_lfind; - hx509_err; - hx509_free_error_string; - hx509_free_octet_string_list; - hx509_general_name_unparse; - hx509_get_error_string; - hx509_get_one_cert; - hx509_lock_add_cert; - hx509_lock_add_certs; - hx509_lock_add_password; - hx509_lock_command_string; - hx509_lock_free; - hx509_lock_init; - hx509_lock_prompt; - hx509_lock_reset_certs; - hx509_lock_reset_passwords; - hx509_lock_reset_promper; - hx509_lock_set_prompter; - hx509_name_cmp; - hx509_name_copy; - hx509_name_expand; - hx509_name_free; - hx509_name_is_null_p; - hx509_name_normalize; - hx509_name_to_Name; - hx509_name_binary; - hx509_name_to_string; - hx509_ocsp_request; - hx509_ocsp_verify; - hx509_oid_print; - hx509_oid_sprint; - hx509_parse_name; - hx509_peer_info_alloc; - hx509_peer_info_free; - hx509_peer_info_set_cert; - hx509_peer_info_set_cms_algs; - hx509_print_stdout; - hx509_prompt_hidden; - hx509_query_alloc; - hx509_query_free; - hx509_query_match_cmp_func; - hx509_query_match_friendly_name; - hx509_query_match_issuer_serial; - hx509_query_match_option; - hx509_query_statistic_file; - hx509_query_unparse_stats; - hx509_revoke_add_crl; - hx509_revoke_add_ocsp; - hx509_revoke_free; - hx509_revoke_init; - hx509_revoke_ocsp_print; - hx509_revoke_verify; - hx509_set_error_string; - hx509_set_error_stringv; - hx509_signature_md2; - hx509_signature_md5; - hx509_signature_rsa; - hx509_signature_rsa_with_md2; - hx509_signature_rsa_with_md5; - hx509_signature_rsa_with_sha1; - hx509_signature_rsa_with_sha256; - hx509_signature_rsa_with_sha384; - hx509_signature_rsa_with_sha512; - hx509_signature_sha1; - hx509_signature_sha256; - hx509_signature_sha384; - hx509_signature_sha512; - hx509_unparse_der_name; - hx509_validate_cert; - hx509_validate_ctx_add_flags; - hx509_validate_ctx_free; - hx509_validate_ctx_init; - hx509_validate_ctx_set_print; - hx509_verify_attach_anchors; - hx509_verify_attach_revoke; - hx509_verify_ctx_f_allow_default_trustanchors; - hx509_verify_destroy_ctx; - hx509_verify_hostname; - hx509_verify_init_ctx; - hx509_verify_path; - hx509_verify_set_max_depth; - hx509_verify_set_proxy_certificate; - hx509_verify_set_strict_rfc3280_verification; - hx509_verify_set_time; - hx509_verify_signature; - hx509_pem_write; - hx509_pem_add_header; - hx509_pem_find_header; - hx509_pem_free_header; - hx509_xfree; - _hx509_write_file; - _hx509_map_file; - _hx509_map_file_os; - _hx509_unmap_file; - _hx509_unmap_file_os; - _hx509_certs_keys_free; - _hx509_certs_keys_get; - _hx509_request_init; - _hx509_request_add_dns_name; - _hx509_request_add_email; - _hx509_request_get_name; - _hx509_request_set_name; - _hx509_request_set_email; - _hx509_request_get_SubjectPublicKeyInfo; - _hx509_request_set_SubjectPublicKeyInfo; - _hx509_request_to_pkcs10; - _hx509_request_to_pkcs10; - _hx509_request_free; - _hx509_request_print; - _hx509_request_parse; - _hx509_private_key_ref; - _hx509_private_key_free; - _hx509_private_key2SPKI; - _hx509_generate_private_key_init; - _hx509_generate_private_key_is_ca; - _hx509_generate_private_key_bits; - _hx509_generate_private_key; - _hx509_generate_private_key_free; - _hx509_cert_assign_key; - _hx509_cert_private_key; - _hx509_name_from_Name; - # pkcs11 symbols - C_GetFunctionList; - local: - *; -}; - diff --git a/crypto/heimdal/lib/kadm5/ChangeLog b/crypto/heimdal/lib/kadm5/ChangeLog deleted file mode 100644 index 9b1235cf3082..000000000000 --- a/crypto/heimdal/lib/kadm5/ChangeLog +++ /dev/null @@ -1,1383 +0,0 @@ -2008-01-21 Love Hörnquist Åstrand - - * default_keys.c: Use hdb_free_keys(). - -2008-01-11 Love Hörnquist Åstrand - - * Makefile.am: add check-cracklib.pl, flush.c, - sample_passwd_check.c - -2007-12-07 Love Hörnquist Åstrand - - * use hdb_db_dir() and hdb_default_db() - -2007-10-18 Love - - * init_c.c: We are getting default_client, not client. this way - the user can override the result. - -2007-09-29 Love Hörnquist Åstrand - - * iprop.8: fix spelling, From Antoine Jacoutt. - -2007-08-16 Love Hörnquist Åstrand - - * version-script.map: export _kadm5_unmarshal_params, - _kadm5_acl_check_permission - - * version-script.map: export kadm5_log_ symbols. - - * log.c: Unexport the specific log replay operations. - -2007-08-10 Love Hörnquist Åstrand - - * Makefile.am: build sample_passwd_check.la as part of noinst. - - * sample_passwd_check.c: Add missing prototype for check_length(). - -2007-08-07 Love Hörnquist Åstrand - - * log.c: Sprinkle krb5_set_error_string(). - - * ipropd_slave.c: Provide better error why kadm5_log_replay - failed. - -2007-08-06 Love Hörnquist Åstrand - - * ipropd_master.c: - don't push whole database to the new client - every time. - make slaves get the whole new database if they have - a newer log the the master (and thus have them go back in time). - -2007-08-03 Love Hörnquist Åstrand - - * ipropd_slave.c: make more sane. - - * ipropd_slave.c: more paranoid check that the log entires are - self consistant - - * log.c (kadm5_log_foreach): check that the postamble contains the - right data. - - * ipropd_master.c: Sprinkle more info about what versions the - master thinks about the client versions. - - * ipropd_master.c: Start the server at the current version, not 0. - -2007-08-02 Love Hörnquist Åstrand - - * ipropd_master.c: Add more logging, to figure out what is - happening in the master. - -2007-08-01 Love Hörnquist Åstrand - - * Makefile.am: add version-script for libkadm5srv.la - - * version-script.map: version script fro kadm5 server libary. - - * log.c: only free the orignal entries extentions if there was - any. Bug reported by Peter Meinecke. - - * add configuration for signal file and acl file, let user select - hostname, catch signals and print why we are quiting, make nop - cause one new version, not two - -2007-07-30 Love Hörnquist Åstrand - - * ipropd_master.c (send_diffs): make current slave's version - uptodate when diff have been sent. - -2007-07-27 Love Hörnquist Åstrand - - * ipropd_slave.c: More comments and some more error checking. - -2007-07-26 Love Hörnquist Åstrand - - * init_c.c (get_cache_principal): make sure id is reset if we - fail. From Benjamin Bennet. - -2007-07-10 Love Hörnquist Åstrand - - * context_s.c (find_db_spec): match realm-less as the default - realm. - - * Makefile.am: New library version. - -2007-07-05 Love Hörnquist Åstrand - - * context_s.c: Use hdb_get_dbinfo to pick up configuration. - ctx->config.realm can be NULL, check for that, from Bjorn S. - -2007-07-04 Love Hörnquist Åstrand - - * init_c.c: Try harder to use the right principal. - -2007-06-20 Love Hörnquist Åstrand - - * ipropd_slave.c: Catch return value from krb5_program_setup. From - Steven Luo. - -2007-05-08 Love Hörnquist Åstrand - - * delete_s.c: Write log entry after store is successful, rename - out goto statments. - - * randkey_s.c: Write log entry after store is successful. - - * modify_s.c: Write log entry after store is successful. - - * rename_s.c: indent. - - * chpass_s.c: Write log entry after store is successful. - - * create_s.c: Write log entry after store is successful. - -2007-05-07 Love Hörnquist Åstrand - - * iprop-commands.in: Add default values to make this working - again. - - * iprop-log.c (iprop_replay): create the database with more - liberal mode. - - * log.c: make it slightly more working. - - * iprop-log.8: Document last-version. - - * iprop-log.c: (last_version): print last version of the log. - - * iprop-commands.in: new command last-version: print last version - of the log. - - * log.c (kadm5_log_previous): document assumptions and make less - broken. Bug report from Ronny Blomme. - -2007-02-17 Love Hörnquist Åstrand - - * admin.h: add support to get aliases - - * get_s.c: add support to get aliases - -2007-02-11 David Love - - * iprop-log.8: Small fixes, from David Love. - -2006-12-15 Love Hörnquist Åstrand - - * init_c.c: if the user have a kadmin/admin initial ticket, don't - ask for password, just use the credential instead. - -2006-12-06 Love Hörnquist Åstrand - - * ipropd_master.c: Use strcspn to remove \n from string returned - by fgets. From Björn Sandell - -2006-11-30 Love Hörnquist Åstrand - - * init_c.c (kadm_connect): clear error string before trying to - print a errno, this way we don't pick up a random failure code - -2006-11-20 Love Hörnquist Åstrand - - * ipropd_slave.c: Make krb5_get_init_creds_opt_free take a context - argument. - - * init_c.c: Make krb5_get_init_creds_opt_free take a context - argument. - -2006-10-22 Love Hörnquist Åstrand - - * ent_setup.c: Try to not leak memory. - -2006-10-07 Love Hörnquist Åstrand - - * Makefile.am: split build files into dist_ and noinst_ SOURCES - -2006-08-24 Love Hörnquist Åstrand - - * get_s.c: Add KRB5_KDB_ALLOW_DIGEST - - * ent_setup.c: Add KRB5_KDB_ALLOW_DIGEST - - * admin.h: Add KRB5_KDB_ALLOW_DIGEST - -2006-06-16 Love Hörnquist Åstrand - - * check-cracklib.pl: Add password reuse checking. From Harald - Barth. - -2006-06-14 Love Hörnquist Åstrand - - * ent_setup.c (attr_to_flags): Add KRB5_KDB_ALLOW_KERBEROS4 - - * get_s.c (kadm5_s_get_principal): Add KRB5_KDB_ALLOW_KERBEROS4 - - * admin.h: Add KRB5_KDB_ALLOW_KERBEROS4 - -2006-06-06 Love Hörnquist Åstrand - - * ent_setup.c (attr_to_flags): Add KRB5_KDB_TRUSTED_FOR_DELEGATION - -2006-05-30 Love Hörnquist Åstrand - - * password_quality.c (kadm5_check_password_quality): set error - message in context. - -2006-05-13 Love Hörnquist Åstrand - - * iprop-log.c: Avoid shadowing. - - * rename_s.c: Avoid shadowing. - -2006-05-08 Love Hörnquist Åstrand - - * privs_c.c (kadm5_c_get_privs): privs is a uint32_t, let copy it - that way. - -2006-05-05 Love Hörnquist Åstrand - - * Rename u_intXX_t to uintXX_t - -2006-04-27 Love Hörnquist Åstrand - - * chpass_s.c,delete_s.c,get_s.c,log.c,modify_s.c,randkey_s.c,rename_s.c: - Pass in HDB_F_GET_ANY to all ->hdb fetch to hint what entries we are looking for - - * send_recv.c: set and clear error string - - * rename_s.c: Break out the that we request from principal from - the entry and pass it in as a separate argument. - - * randkey_s.c: Break out the that we request from principal from - the entry and pass it in as a separate argument. - - * modify_s.c: Break out the that we request from principal from - the entry and pass it in as a separate argument. - - * log.c: Break out the that we request from principal from the - entry and pass it in as a separate argument. - - * get_s.c: Break out the that we request from principal from the - entry and pass it in as a separate argument. - - * delete_s.c: Break out the that we request from principal from - the entry and pass it in as a separate argument. - - * chpass_s.c: Break out the that we request from principal from - the entry and pass it in as a separate argument. - -2006-04-25 Love Hörnquist Åstrand - - * create_s.c (create_principal*): If client doesn't send kvno, - make sure to set it to 1. - -2006-04-10 Love Hörnquist Åstrand - - * log.c: (kadm5_log_rename): handle errors better - Fixes Coverity, NetBSD CID#628 - - * log.c (kadm5_log_delete): add error handling Coverity, NetBSD - CID#626 - (kadm5_log_modify): add error handling Coverity, NetBSD CID#627 - - * init_c.c (_kadm5_c_get_cred_cache): handle ccache case better in - case no client name was passed in. Coverity, NetBSD CID#919 - - * init_c.c (_kadm5_c_get_cred_cache): Free client principal in - case of error. Coverity NetBSD CID#1908 - -2006-02-02 Love Hörnquist Åstrand - - * kadm5_err.et: (PASS_REUSE): Spelling, - from Václav H?la - -2006-01-25 Love Hörnquist Åstrand - - * send_recv.c: Clear error-string when introducing new errors. - - * *_c.c: Clear error-string when introducing new errors. - -2006-01-15 Love Hörnquist Åstrand - - * Makefile.am (libkadm5clnt.la) doesn't depend on libhdb, remove - dependency - -2005-12-13 Love Hörnquist Åstrand - - * memset hdb_entry_ex before use - -2005-12-12 Love Hörnquist Åstrand - - * Wrap hdb_entry with hdb_entry_ex, patch originally - from Andrew Bartlet - -2005-11-30 Love Hörnquist Åstrand - - * context_s.c (set_field): try another way to calculate the path - to the database/logfile/signal-socket - - * log.c (kadm5_log_init): set error string on failures - -2005-09-08 Love Hörnquist Åstrand - - * Constify password. - - * admin.h: Add KRB5_TL_PKINIT_ACL. - - * marshall.c (_kadm5_unmarshal_params): avoid signed-ness warnings - - * get_s.c (kadm5_s_get_principal): clear error string - -2005-08-25 Love Hörnquist Åstrand - - * iprop-log.8: More text about iprop-log. - -2005-08-24 Love Hörnquist Åstrand - - * iprop.8: SEE ALSO iprop-log. - - * Makefile.am: man_MANS += iprop-log.8 - - * iprop-log.8: Basic for documentation of iprop-log. - - * remove replay_log.c, dump_log.c, and truncate_log.c, folded into - iprop-log. - - * log.c (kadm5_log_foreach): add a context variable and pass it - down to `func´. - - * iprop-commands.in: Move truncate_log and replay_log into - iprop-log. - - * iprop-log.c: Move truncate_log and replay_log into iprop-log. - - * Makefile.am: Move truncate_log and replay_log into iprop-log. - - * Makefile.am: Make this work with a clean directory. - - * ipropd_master.c: Make compile. - - * ipropd_master.c: Update to new signature of kadm5_log_previous. - - * log.c (kadm5_log_previous): catch errors instead of asserting - and set error string. - - * iprop-commands.in: New program iprop-log that incorperates - dump_log as a subcommand, truncate_log and replay_log soon to come - after. - - * iprop-log.c: New program iprop-log that incorperates dump_log as - a subcommand, truncate_log and replay_log soon to come after. - - * Makefile.am: New program iprop-log that incorperates dump_log as - a subcommand, truncate_log and replay_log soon to come after. - -2005-08-11 Love Hörnquist Åstrand - - * get_s.c: Implement KADM5_LAST_PWD_CHANGE. - - * set_keys.c: Set and clear password where appropriate. - - * randkey_s.c: Operation modifies tl_data. - - * log.c (kadm5_log_replay_modify): Check return values of - malloc(), replace all extensions. - - * kadm5_err.et: Make BAD_TL_TYPE error more helpful. - - * get_s.c: Expose KADM5_TL_DATA options to the client. - - * ent_setup.c: Merge in KADM5_TL_DATA in the database. - - * chpass_s.c: Operations modify extensions, mark that with - TL_DATA. - - * admin.h: Add more TL types (password and extension). - -2005-06-17 Love Hörnquist Åstrand - - * constify - - * ipropd_slave.c: avoid shadowing - - * ipropd_master.c: rename local variable slave to s, optind -> - optidx - - * get_princs_c.c: rename variable exp to expression - - * ad.c: rename variable exp to expression - - * log.c: rename shadowing len to num - - * get_princs_s.c: rename variable exp to expression - - * context_s.c: const poison - - * common_glue.c: rename variable exp to expression - -2005-05-30 Love Hörnquist Åstrand - - * ent_setup.c (attr_to_flags): check for KRB5_KDB_OK_AS_DELEGATE - - * get_s.c (kadm5_s_get_principal): set KRB5_KDB_OK_AS_DELEGATE - - * admin.h: add KRB5_KDB_OK_AS_DELEGATE, sync KRB5_TL_ flags - -2005-05-25 Love Hörnquist Åstrand - - * kadm5_pwcheck.3: please mdoclint - -2005-05-25 Dave Love - - * kadm5_pwcheck.3: document kadm5_add_passwd_quality_verifier, - improve text - -2005-05-24 Dave Love - - * iprop.8: Added some info about defaults, fixed some markup. - -2005-05-23 Dave Love - - * ipropd_slave.c: Don't test HAVE_DAEMON since roken supplies it. - - * ipropd_master.c: Don't test HAVE_DAEMON since roken supplies it. - -2005-05-13 Love Hörnquist Åstrand - - * init_c.c (_kadm5_c_init_context): fix memory leak in case of - failure - -2005-05-09 Dave Love - - * password_quality.c (find_func): Fix off-by-one and logic error. - (external_passwd_quality): Improve messages. - - * test_pw_quality.c (main): Call kadm5_setup_passwd_quality_check - and kadm5_add_passwd_quality_verifier. - -2005-04-30 Love Hörnquist Åstrand - - * default_keys.c: #include , only print salt it its longer - then 0, use krb5_err instead of errx where appropriate - -2005-04-25 Love Hörnquist Åstrand - - * ipropd_slave.c: add the documented option --port - - * ipropd_master.c: add the documented option --port - - * dump_log.c: use the newly generated units function - -2005-04-24 Love Hörnquist Åstrand - - * dump_log.c: use strlcpy - - * password_quality.c: don't use sizeof(pointer) - -2005-04-15 Love Hörnquist Åstrand - - * check-cracklib.pl: external password verifier sample - - * password_quality.c (kadm5_add_passwd_quality_verifier): if NULL - is passed in, load defaults - -2005-04-14 Love Hörnquist Åstrand - - * password_quality.c: add an end tag to the external password - quality check protocol - -2005-04-13 Love Hörnquist Åstrand - - * password_quality.c: add external passsword quality check builtin - module - - [password_quality] - policies = external-check - external-program = /bin/false - - To approve password a, make the test program return APPROVED on - stderr and fail with exit code 0. - -2004-10-12 Love Hörnquist Åstrand - - * Makefile.am: bump version to 7:7:0 and 6:5:2 - - * default_keys.c (parse_file): use hdb_generate_key_set - - * keys.c,set_keys.c: Move keyset parsing and password based keyset - generation into hdb. Requested by Andrew Bartlett - for hdb-ldb backend. - -2004-09-23 Johan Danielsson - - * ipropd_master.c: add help strings to some options - -2004-09-12 Love Hörnquist Åstrand - - * chpass_s.c: deal with changed prototype for _kadm5_free_keys - - * keys.c (_kadm5_free_keys): change prototype, make it use - krb5_context instead of a kadm5_server_context - - * set_keys.c (parse_key_set): do way with static returning - (function) static variable and returned allocated memory - (_kadm5_generate_key_set): free enctypes returned by parse_key_set - -2004-09-06 Love Hörnquist Åstrand - - * set_keys.c: Fix memory leak, don't return stack variables From - Andrew Bartlett - - * set_keys.c: make all_etypes const and move outside function to - avoid returning data on stack - -2004-08-26 Love Hörnquist Åstrand - - * acl.c (fetch_acl): use " \t\n" instead of just "\n" for the - delim of the third element, this is so we can match - "foo@REALMall*@REALM", before it just matched - "foo@REALMall*@REALM", but that is kind of lucky since - what really happen was that the last was stamped out, and - the it never strtok_r never needed to parse over it. - -2004-08-25 Love Hörnquist Åstrand - - * set_keys.c (_kadm5_generate_key_set): since arcfour-hmac-md5 is - without salting, some people tries to add the string - "arcfour-hmac-md5" when they really should have used - "arcfour-hmac-md5:pw-salt", help them and add glue for that - -2004-08-18 Johan Danielsson - - * ipropd_slave.c: add --detach - -2004-07-06 Love Hörnquist Åstrand - - * ad.c: use new tsasl interface remove debug printf add upn to - computer-accounts - -2004-06-28 Love Hörnquist Åstrand - - * ad.c: implement kadm5_ad_init_with_password_ctx set more error - strings - -2004-06-21 Love Hörnquist Åstrand - - * Makefile.am: man_MANS = kadm5_pwcheck.3 - - * kadm5_pwcheck.3: document new password quality api - - * password_quality.c: new password check interface (old still - supported) - - * kadm5-pwcheck.h: new password check interface - -2004-06-08 Love Hörnquist Åstrand - - * ipropd_master.c (main): process all slaves, not just up to the - last slave sending data - (bug report from Björn Sandell ) - (*): only send one ARE_YOU_THERE - -2004-06-02 Love Hörnquist Åstrand - - * ad.c: use krb5_set_password_using_ccache - -2004-06-01 Love Hörnquist Åstrand - - * ad.c: try handle spn's better - -2004-05-31 Love Hörnquist Åstrand - - * ad.c: add expiration time - - * ad.c: add modify operations - - * ad.c: handle create and delete - -2004-05-27 Love Hörnquist Åstrand - - * ad.c: more code for get, handle attributes - - * ad.c: more code for get, handle time stamps and bad password - counter - - * ad.c: more code for get, only fetches kvno for now - -2004-05-26 Love Hörnquist Åstrand - - * ad.c: add support for tsasl - - * private.h: add kadm5_ad_context - - * ipropd_master.c (prop_one): store the opcode in the begining of - the blob, not the end - - * ad.c: try all ldap servers in dns, generate a random password, - base64(random_block(64)), XXX must make it support other then - ARCFOUR - - * ad.c: framework for windows AD backend - -2004-03-07 Love Hörnquist Åstrand - - * create_s.c (kadm5_s_create_principal): remove old XXX command - and related code, _kadm5_set_keys will do all this now - -2004-02-29 Love Hörnquist Åstrand - - * set_keys.c (_kadm5_set_keys_randomly): make sure enctype to copy - enctype for des keys From: Andrew Bartlett - - * create_s.c (kadm5_s_create_principal_with_key): don't call - _kadm5_set_keys2, create_principal will do that for us. Set kvno - to 1. - - * chpass_s.c (change): bump kvno - (kadm5_s_chpass_principal_with_key): bump kvno - - * randkey_s.c (kadm5_s_randkey_principal): bump kvno - - * set_keys.c (_kadm5_set_*): don't change the kvno, let the callee - to that - -2003-12-30 Love Hörnquist Åstrand - - * chpass_s.c (change): fix same-password-again by decrypting keys - and setting an error code From: Buck Huppmann - -2003-12-21 Love Hörnquist Åstrand - - * init_c.c (_kadm5_c_init_context): catch errors from strdup and - other krb5_ functions - -2003-12-08 Love Hörnquist Åstrand - - * rename_s.c (kadm5_s_rename_principal): allow principal to change - realm From Panasas Inc - -2003-12-07 Love Hörnquist Åstrand - - * destroy_c.c (kadm5_c_destroy): fix memory leaks, From Panasas, - Inc - -2003-11-23 Love Hörnquist Åstrand - - * iprop.h: don't include - - * ipropd_slave.c: stop using krb5 lib private byte-frobbing - functions and replace them with with krb5_storage - - * ipropd_master.c: stop using krb5 lib private byte-frobbing - functions and replace them with with krb5_storage - -2003-11-19 Love Hörnquist Åstrand - - * ipropd_slave.c (receive_loop): when seeking over the entries we - already have, skip over the trailer. From: Jeffrey Hutzelman - - - * dump_log.c,ipropd_master.c,ipropd_slave.c, - replay_log.c,truncate_log.c: parse kdc.conf - From: Jeffrey Hutzelman - -2003-10-10 Love Hörnquist Åstrand - - * Makefile.am: += test_pw_quality - - * test_pw_quality.c: test program for verifying password quality - function - -2003-09-03 Love Hörnquist Åstrand - - * Makefile.am: add and enable check program default_keys - - * default_keys.c: test program for _kadm5_generate_key_set - - * init_c.c: use - krb5_get_init_creds_opt_alloc/krb5_get_init_creds_opt_free - -2003-08-17 Love Hörnquist Åstrand - - * set_keys.c (_kadm5_set_keys_randomly): remove dup return - - * ipropd_master.c (main): make sure current_version is initialized - -2003-08-15 Love Hörnquist Åstrand - - * set_keys.c: use default_keys for the both random keys and - password derived keys if its defined - -2003-07-24 Love Hörnquist Åstrand - - * ipropd_slave.c (receive_everything): switch close and rename - From: Alf Wachsmann - -2003-07-03 Love Hörnquist Åstrand - - * iprop.h, ipropd_master.c, ipropd_slave.c: - Add probing from the server that the client is still there, also - make the client check that the server is probing. - -2003-07-02 Love Hörnquist Åstrand - - * truncate_log.c (main): add missing ``if (ret)'' - -2003-06-26 Love Hörnquist Åstrand - - * set_keys.c (make_keys): add AES support - - * set_keys.c: fix off by one in the aes case, pointed out by Ken - Raeburn - -2003-04-30 Love Hörnquist Åstrand - - * set_keys.c (_kadm5_set_keys_randomly): add - ETYPE_AES256_CTS_HMAC_SHA1_96 key when configuried with aes - support - -2003-04-16 Love Hörnquist Åstrand - - * send_recv.c: check return values from krb5_data_alloc - * log.c: check return values from krb5_data_alloc - -2003-04-16 Love Hörnquist Åstrand - - * dump_log.c (print_entry): check return values from - krb5_data_alloc - -2003-04-01 Love Hörnquist Åstrand - - * init_c.c (kadm_connect): if a context realm was passed in, use - that to form the kadmin/admin principal - -2003-03-19 Love Hörnquist Åstrand - - * ipropd_master.c (main): make sure we don't consider dead slave - for select processing - (write_stats): use slave_stats_file variable, - check return value of strftime - (args): allow specifying slave stats file - (slave_dead): close the fd when the slave dies - -2002-10-21 Johan Danielsson - - * ipropd_slave.c (from Derrick Brashear): Propagating a large - database without this means the slave kdcs can get erroneous - HDB_NOENTRY and return the resulting errors. This creates a new db - handle, populates it, and moves it into place. - -2002-08-26 Assar Westerlund - - * ipropd_slave.c (receive_everything): type-correctness calling - _krb5_get_int - - * context_s.c (find_db_spec): const-correctness in parameters to - krb5_config_get_next - -2002-08-16 Johan Danielsson - - * private.h: rename header file flag macro - - * Makefile.am: generate kadm5-{protos,private}.h - -2002-08-15 Johan Danielsson - - * ipropd_master.c: check return value of krb5_sockaddr2address - -2002-07-04 Johan Danielsson - - * ipropd_master.c: handle slaves that come and go; add status - reporting (both from Love) - - * iprop.h: KADM5_SLAVE_STATS - -2002-03-25 Jacques Vidrine - - * init_c.c (get_cred_cache): bug fix: the default credentials - cache was not being used if a client name was specified. - -2002-03-25 Johan Danielsson - - * init_c.c (get_cred_cache): when getting the default_client from - the cred cache, make sure the instance part is "admin"; this - should require fewer uses of -p - -2002-03-11 Assar Westerlund - - * Makefile.am (libkadm5srv_la_LDFLAGS): set version to 7:5:0 - (libkadm5clnt_la_LDFLAGS): set version to 6:3:2 - -2002-02-08 Johan Danielsson - - * init_c.c: we have to create our own param struct before - marshaling - -2001-09-05 Johan Danielsson - - * Makefile.am: link with LIB_pidfile - - * iprop.h: include util.h for pidfile - -2001-08-31 Assar Westerlund - - * ipropd_slave.c (main): syslog with the correct name - -2001-08-30 Jacques Vidrine - - * ipropd_slave.c, ipropd_master.c (main): call pidfile - -2001-08-28 Assar Westerlund - - * Makefile.am (libkadm5srv_la_LDFLAGS): set version to 7:4:0 - -2001-08-24 Assar Westerlund - - * acl.c (fetch_acl): do not return bogus flags and re-organize - function - - * Makefile.am: rename variable name to avoid error from current - automake - -2001-08-13 Johan Danielsson - - * set_keys.c: add easier afs configuration, defaulting to the - local realm in lower case; also try to remove duplicate salts - -2001-07-12 Assar Westerlund - - * Makefile.am: add required library dependencies - -2001-07-03 Assar Westerlund - - * Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 6:2:2 - -2001-06-29 Johan Danielsson - - * init_c.c: call krb5_get_init_creds_opt_set_default_flags - -2001-02-19 Johan Danielsson - - * replay_log.c: add --{start-end}-version flags to replay just - part of the log - -2001-02-15 Assar Westerlund - - * ipropd_master.c (main): fix select-loop to decrement ret - correctly. from "Brandon S. Allbery KF8NH" - -2001-01-30 Assar Westerlund - - * Makefile.am: bump versions - -2000-12-31 Assar Westerlund - - * init_s.c (*): handle krb5_init_context failure consistently - * init_c.c (init_context): handle krb5_init_context failure - consistently - -2000-12-11 Assar Westerlund - - * Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:2:0 - -2000-11-16 Assar Westerlund - - * set_keys.c (make_keys): clean-up salting loop and try not to - leak memory - - * ipropd_master.c (main): check for fd's being too large to select - on - -2000-08-16 Assar Westerlund - - * Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:1:0 - -2000-08-10 Assar Westerlund - - * acl.c (fetch_acl): fix wrong cases, use krb5_principal_match - -2000-08-07 Assar Westerlund - - * ipropd_master.c (main): ignore SIGPIPE - -2000-08-06 Assar Westerlund - - * ipropd_slave.c (receive_everything): make `fd' an int instead of - a pointer. From Derrick J Brashear - -2000-08-04 Johan Danielsson - - * admin.h: change void** to void* - -2000-07-25 Johan Danielsson - - * Makefile.am: bump versions to 7:0:0 and 6:0:2 - -2000-07-24 Assar Westerlund - - * log.c (kadm5_log_get_version): rename kadm5_log_get_version_fd - and make a new that takes a context - (kadm5_log_nop): add logging of missing lengths - (kadm5_log_truncate): new function - - * dump_log.c (print_entry): update and correct - * randkey_s.c: call _kadm5_bump_pw_expire - * truncate_log.c: new program for truncating the log - * Makefile.am (sbin_PROGRAMS): add truncate_log - (C_SOURCES): add bump_pw_expire.c - * bump_pw_expire.c: new function for extending password expiration - -2000-07-22 Assar Westerlund - - * keys.c: new file with _kadm5_free_keys, _kadm5_init_keys - - * set_keys.c (free_keys, init_keys): elevate to internal kadm5 - functions - - * chpass_s.c (kadm5_s_chpass_principal_cond): new function - * Makefile.am (C_SOURCES): add keys.c - * init_c.c: remove unused variable and handle some parameters - being NULL - -2000-07-22 Johan Danielsson - - * ipropd_slave.c: use krb5_read_priv_message - - * ipropd_master.c: use krb5_{read,write}_priv_message - - * init_c.c: use krb5_write_priv_message - -2000-07-11 Johan Danielsson - - * ipropd_slave.c: no need to call gethostname, since - sname_to_principal will - - * send_recv.c: assert that we have a connected socket - - * get_princs_c.c: call _kadm5_connect - - * rename_c.c: call _kadm5_connect - - * randkey_c.c: call _kadm5_connect - - * privs_c.c: call _kadm5_connect - - * modify_c.c: call _kadm5_connect - - * get_c.c: call _kadm5_connect - - * delete_c.c: call _kadm5_connect - - * create_c.c: call _kadm5_connect - - * chpass_c.c: call _kadm5_connect - - * private.h: add more fields to client context; remove prototypes - - * admin.h: remove prototypes - - * kadm5-protos.h: move public prototypes here - - * kadm5-private.h: move private prototypes here - - * init_c.c: break out connection code to separate function, and - defer calling it until we actually do something - -2000-07-07 Assar Westerlund - - * set_keys.c (make_keys): also support `[kadmin]use_v4_salt' for - backwards compatability - -2000-06-26 Johan Danielsson - - * set_keys.c (_kadm5_set_keys): rewrite this to be more easily - adaptable to different salts - -2000-06-19 Johan Danielsson - - * get_s.c: pa_* -> KRB5_PADATA_* - -2000-06-16 Assar Westerlund - - * ipropd_slave.c: change default keytab to default keytab (as in - typically FILE:/etc/krb5.keytab) - -2000-06-08 Assar Westerlund - - * ipropd_slave.c: bug fixes, for actually writing the full dump to - the database. based on a patch from Love - -2000-06-07 Assar Westerlund - - * acl.c: add support for patterns of principals - * log.c (kadm5_log_replay_create): handle more NULL pointers - (should they really happen?) - * log.c (kadm5_log_replay_modify): handle max_life == NULL and - max_renew == NULL - - * ipropd_master.c: use syslog. be less verbose - * ipropd_slave.c: use syslog - -2000-06-05 Assar Westerlund - - * private.h (kadm_ops): add kadm_nop more prototypes - * log.c (kadm5_log_set_version, kadm5_log_reinit, kadm5_log_nop, - kadm5_log_replay_nop): add - * ipropd_slave.c: and some more improvements - * ipropd_master.c: lots of improvements - * iprop.h (IPROP_PORT, IPROP_SERVICE): add - (iprop_cmd): add new commands - - * dump_log.c: add nop - -2000-05-15 Assar Westerlund - - * Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 5:1:1 - -2000-05-12 Assar Westerlund - - * get_s.c (kadm5_s_get_principal): set life, rlife to INT_MAX as a - fallback. handle not having any creator. - * destroy_s.c (kadm5_s_destroy): free all allocated memory - * context_s.c (set_field): free variable if it's already set - (find_db_spec): malloc space for all strings - -2000-04-05 Assar Westerlund - - * Makefile.am (LDADD): add LIB_openldap - -2000-04-03 Assar Westerlund - - * Makefile.am (libkadm5srv_la_LDFLAGS): set version to 6:0:1 - (libkadm5clnt_la_LDFLAGS): set version to 5:0:1 - -2000-03-24 Assar Westerlund - - * set_keys.c (_kadm5_set_keys2): rewrite - (_kadm5_set_keys3): add - - * private.h (struct kadm_func): add chpass_principal_with_key - * init_c.c (set_funcs): add chpass_principal_with_key - -2000-03-23 Assar Westerlund - - * context_s.c (set_funcs): add chpass_principal_with_key - * common_glue.c (kadm5_chpass_principal_with_key): add - * chpass_s.c: comment-ize and change calling convention for - _kadm5_set_keys* - * chpass_c.c (kadm5_c_chpass_principal_with_key): add - -2000-02-07 Assar Westerlund - - * Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 4:2:0 - -2000-01-28 Assar Westerlund - - * init_c.c (get_new_cache): make sure to request non-forwardable, - non-proxiable - -2000-01-06 Assar Westerlund - - * Makefile.am (libkadm5srv.la): bump version to 5:1:0 - - * context_s.c (_kadm5_s_init_context): handle params == NULL - -1999-12-26 Assar Westerlund - - * get_s.c (kadm5_s_get_principal): handle modified_by->principal - == NULL - -1999-12-20 Assar Westerlund - - * Makefile.am (libkadm5clnt_la_LDFLAGS): bump version to 4:1:0 - - * init_c.c (_kadm5_c_init_context): handle getting back port - number from admin host - (kadm5_c_init_with_context): remove `proto/' part before doing - getaddrinfo() - -1999-12-06 Assar Westerlund - - * Makefile.am: bump version to 5:0:0 and 4:0:0 - - * init_c.c (kadm5_c_init_with_context): don't use unitialized - stuff - -1999-12-04 Assar Westerlund - - * replay_log.c: adapt to changed kadm5_log_foreach - - * log.c (kadm5_log_foreach): change to take a - `kadm5_server_context' - - * init_c.c: use krb5_warn{,x} - - * dump_log.c: adapt to changed kadm5_log_foreach - - * init_c.c: re-write to use getaddrinfo - * Makefile.am (install-build-headers): add dependency - -1999-12-03 Johan Danielsson - - * log.c (kadm5_log_foreach): pass context - - * dump_log.c: print more interesting things - -1999-12-02 Johan Danielsson - - * ipropd_master.c (process_msg): check for short reads - -1999-11-25 Assar Westerlund - - * modify_s.c (kadm5_s_modify_principal): support key_data - (kadm5_s_modify_principal_with_key): remove - - * admin.h (kadm5_s_modify_principal_with_key): remove - -1999-11-20 Assar Westerlund - - * context_s.c (find_db_spec): ugly cast work-around. - -1999-11-14 Assar Westerlund - - * context_s.c (_kadm5_s_init_context): call krb5_add_et_list so - that we aren't dependent on the layout of krb5_context_data - * init_c.c (_kadm5_c_init_context): call krb5_add_et_list so that - we aren't dependent on the layout of krb5_context_data - -1999-11-13 Assar Westerlund - - * password_quality.c (kadm5_setup_passwd_quality_check): use - correct types for function pointers - -1999-11-09 Johan Danielsson - - * randkey_s.c: always bail out if the fetch fails - - * admin.h (kadm5_config_params): remove fields we're not using - - * ipropd_slave.c: allow passing a realm - - * ipropd_master.c: allow passing a realm - - * dump_log.c: allow passing a realm - - * acl.c: correctly get acl file - - * private.h (kadm5_server_context): add config_params struct and - remove acl_file; bump protocol version number - - * marshall.c: marshalling of config parameters - - * init_c.c (kadm5_c_init_with_context): try to cope with old - servers - - * init_s.c (kadm5_s_init_with_context): actually use some passed - values - - * context_s.c (_kadm5_s_init_context): get dbname, acl_file, and - stash_file from the config parameters, try to figure out these if - they're not provided - -1999-11-05 Assar Westerlund - - * Makefile.am (install-build-headers): use `cp' instead of - INSTALL_DATA - -1999-11-04 Assar Westerlund - - * Makefile.am: bump version to 4:0:0 and 3:0:0 (they access fields - directly in libkrb5's context - bad functions) - - * set_keys.c (_kadm5_set_keys_randomly): set enctypes correctly in - the copied keys - -1999-10-20 Assar Westerlund - - * Makefile.am: set version of kadm5srv to 3:0:2 (new password - quality functions). - set version of kdam5clnt to 2:1:1 (no interface changes) - - * Makefile.am (LDADD): add $(LIB_dlopen) - -1999-10-17 Assar Westerlund - - * randkey_s.c (kadm5_s_randkey_principal): use - _kadm5_set_keys_randomly - - * set_keys.c (free_keys): free more memory - (_kadm5_set_keys): a little bit more generic - (_kadm5_set_keys_randomly): new function for setting random keys. - -1999-10-14 Assar Westerlund - - * set_keys.c (_kadm5_set_keys): ignore old keys when setting new - ones and always add 3 DES keys and one 3DES key - -1999-10-03 Assar Westerlund - - * init_c.c (_kadm5_c_init_context): use `krb5_get_krb_admin_hst'. - check return value from strdup - -1999-09-26 Assar Westerlund - - * acl.c (_kadm5_privs_to_string): forgot one strcpy_truncate -> - strlcpy - -1999-09-24 Johan Danielsson - - * dump_log.c: remove unused `optind' - - * replay_log.c: remove unused `optind' - -1999-09-13 Assar Westerlund - - * chpass_c.c (kadm5_c_chpass_principal): new _kadm5_client_recv - - * send_recv.c (_kadm5_client_recv): return result in a `krb5_data' - so that we avoid copying it and don't need to dimension in - advance. change all callers. - -1999-09-10 Assar Westerlund - - * password_quality.c: new file - - * admin.h - (kadm5_setup_passwd_quality_check,kadm5_check_password_quality): - add prototypes - - * Makefile.am (S_SOURCES): add password_quality.c - -1999-07-26 Assar Westerlund - - * Makefile.am: update versions to 2:0:1 - -1999-07-24 Assar Westerlund - - * ent_setup.c (_kadm5_setup_entry): make princ_expire_time == 0 - and pw_expiration == 0 mean never - -1999-07-22 Assar Westerlund - - * log.c (kadm5_log_flush): extra cast - -1999-07-07 Assar Westerlund - - * marshall.c (store_principal_ent): encoding princ_expire_time and - pw_expiration in correct order - -1999-06-28 Assar Westerlund - - * randkey_s.c (kadm5_s_randkey_principal): nuke old mkvno, - otherwise hdb will think that the new random keys are already - encrypted which will cause lots of confusion later. - -1999-06-23 Assar Westerlund - - * ent_setup.c (_kadm5_setup_entry): handle 0 == unlimited - correctly. From Michal Vocu - -1999-06-15 Assar Westerlund - - * init_c.c (get_cred_cache): use get_default_username - -1999-05-23 Assar Westerlund - - * create_s.c (create_principal): if there's no default entry the - mask should be zero. - -1999-05-21 Assar Westerlund - - * init_c.c (get_cred_cache): use $USERNAME - -1999-05-17 Johan Danielsson - - * init_c.c (get_cred_cache): figure out principal - -1999-05-05 Johan Danielsson - - * send_recv.c: cleanup _kadm5_client_{send,recv} - -1999-05-04 Assar Westerlund - - * set_keys.c (_kadm5_set_keys2): don't check the recently created - memory for NULL pointers - - * private.h (_kadm5_setup_entry): change prototype - - * modify_s.c: call new _kadm5_setup_entry - - * ent_setup.c (_kadm5_setup_entry): change so that it takes three - masks, one for what bits to set and one for each of principal and - def containing the bits that are set there. - - * create_s.c: call new _kadm5_setup_entry - - * create_s.c (get_default): check return value - (create_principal): send wider mask to _kadm5_setup_entry - -1999-05-04 Johan Danielsson - - * send_recv.c (_kadm5_client_recv): handle arbitrarily sized - packets, check for errors - - * get_c.c: check for failure from _kadm5_client_{send,recv} - -1999-05-04 Assar Westerlund - - * init_c.c (get_new_cache): don't abort when interrupted from - password prompt - - * destroy_c.c (kadm5_c_destroy): check if we should destroy the - auth context - -1999-05-03 Johan Danielsson - - * chpass_s.c: fix arguments to _kadm5_set_keys2 - - * private.h: proto - - * set_keys.c: clear mkvno - - * rename_s.c: add flags to fetch and store; seal keys before - logging - - * randkey_s.c: add flags to fetch and store; seal keys before - logging - - * modify_s.c: add flags to fetch and store; seal keys before - logging - - * log.c: add flags to fetch and store; seal keys before logging - - * get_s.c: add flags to fetch and store; seal keys before logging - - * get_princs_s.c: add flags to fetch and store; seal keys before - logging - - * delete_s.c: add flags to fetch and store; seal keys before - logging - - * create_s.c: add flags to fetch and store; seal keys before - logging - - * chpass_s.c: add flags to fetch and store; seal keys before - logging - - * Makefile.am: remove server.c - - * admin.h: add prototypes - - * ent_setup.c (_kadm5_setup_entry): set key_data - - * set_keys.c: add _kadm5_set_keys2 to sey keys from key_data - - * modify_s.c: add kadm5_s_modify_principal_with_key - - * create_s.c: add kadm5_s_create_principal_with_key - - * chpass_s.c: add kadm5_s_chpass_principal_with_key - - * kadm5_locl.h: move stuff to private.h - - * private.h: move stuff from kadm5_locl.h - diff --git a/crypto/heimdal/lib/kadm5/Makefile.am b/crypto/heimdal/lib/kadm5/Makefile.am deleted file mode 100644 index 66ffd375c49a..000000000000 --- a/crypto/heimdal/lib/kadm5/Makefile.am +++ /dev/null @@ -1,192 +0,0 @@ -# $Id: Makefile.am 22403 2008-01-11 14:37:26Z lha $ - -include $(top_srcdir)/Makefile.am.common - -SLC = $(top_builddir)/lib/sl/slc - -lib_LTLIBRARIES = libkadm5srv.la libkadm5clnt.la -libkadm5srv_la_LDFLAGS = -version-info 8:1:0 -libkadm5clnt_la_LDFLAGS = -version-info 7:1:0 - -if versionscript -libkadm5srv_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map -endif - -sbin_PROGRAMS = iprop-log -check_PROGRAMS = default_keys -noinst_PROGRAMS = test_pw_quality - -noinst_LTLIBRARIES = sample_passwd_check.la - -sample_passwd_check_la_SOURCES = sample_passwd_check.c -sample_passwd_check_la_LDFLAGS = -module - -libkadm5srv_la_LIBADD = \ - $(LIB_com_err) ../krb5/libkrb5.la \ - ../hdb/libhdb.la $(LIBADD_roken) -libkadm5clnt_la_LIBADD = \ - $(LIB_com_err) ../krb5/libkrb5.la $(LIBADD_roken) - -libexec_PROGRAMS = ipropd-master ipropd-slave - -default_keys_SOURCES = default_keys.c - -kadm5includedir = $(includedir)/kadm5 -buildkadm5include = $(buildinclude)/kadm5 - -dist_kadm5include_HEADERS = admin.h private.h kadm5-protos.h kadm5-private.h -nodist_kadm5include_HEADERS = kadm5_err.h - -install-build-headers:: $(dist_kadm5include_HEADERS) $(nodist_kadm5include_HEADERS) - @foo='$(dist_kadm5include_HEADERS) $(nodist_kadm5include_HEADERS)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildkadm5include)/$$f 2> /dev/null ; then \ - : ; else \ - echo "cp $$file $(buildkadm5include)/$$f";\ - cp $$file $(buildkadm5include)/$$f; \ - fi ; \ - done - -dist_libkadm5clnt_la_SOURCES = \ - ad.c \ - chpass_c.c \ - client_glue.c \ - common_glue.c \ - create_c.c \ - delete_c.c \ - destroy_c.c \ - flush_c.c \ - free.c \ - get_c.c \ - get_princs_c.c \ - init_c.c \ - kadm5_locl.h \ - marshall.c \ - modify_c.c \ - private.h \ - privs_c.c \ - randkey_c.c \ - rename_c.c \ - send_recv.c \ - kadm5-pwcheck.h \ - admin.h - -nodist_libkadm5clnt_la_SOURCES = \ - kadm5_err.c \ - kadm5_err.h - -dist_libkadm5srv_la_SOURCES = \ - acl.c \ - admin.h \ - bump_pw_expire.c \ - chpass_s.c \ - common_glue.c \ - context_s.c \ - create_s.c \ - delete_s.c \ - destroy_s.c \ - ent_setup.c \ - error.c \ - flush_s.c \ - free.c \ - get_princs_s.c \ - get_s.c \ - init_s.c \ - kadm5_locl.h \ - keys.c \ - log.c \ - marshall.c \ - modify_s.c \ - password_quality.c \ - private.h \ - privs_s.c \ - randkey_s.c \ - rename_s.c \ - server_glue.c \ - set_keys.c \ - set_modifier.c \ - kadm5-pwcheck.h \ - admin.h - -nodist_libkadm5srv_la_SOURCES = \ - kadm5_err.c \ - kadm5_err.h - -dist_iprop_log_SOURCES = iprop-log.c -nodist_iprop_log_SOURCES = iprop-commands.c - -ipropd_master_SOURCES = ipropd_master.c ipropd_common.c iprop.h kadm5_locl.h - -ipropd_slave_SOURCES = ipropd_slave.c ipropd_common.c iprop.h kadm5_locl.h - -man_MANS = kadm5_pwcheck.3 iprop.8 iprop-log.8 - -LDADD = \ - libkadm5srv.la \ - $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_hcrypto) \ - $(LIB_roken) \ - $(DBLIB) \ - $(LIB_dlopen) \ - $(LIB_pidfile) - -iprop_log_LDADD = \ - libkadm5srv.la \ - $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/sl/libsl.la \ - $(LIB_readline) \ - $(LIB_roken) \ - $(DBLIB) \ - $(LIB_dlopen) \ - $(LIB_pidfile) - - -iprop-commands.c iprop-commands.h: iprop-commands.in - $(SLC) $(srcdir)/iprop-commands.in - -$(libkadm5srv_la_OBJECTS): kadm5_err.h -$(iprop_log_OBJECTS): iprop-commands.h - -client_glue.lo server_glue.lo: $(srcdir)/common_glue.c - -CLEANFILES = kadm5_err.c kadm5_err.h iprop-commands.h iprop-commands.c - -# to help stupid solaris make - -kadm5_err.h: kadm5_err.et - -$(libkadm5clnt_la_OBJECTS) $(libkadm5srv_la_OBJECTS): $(srcdir)/kadm5-protos.h $(srcdir)/kadm5-private.h - -proto_opts = -q -R '^(_|kadm5_c_|kadm5_s_|kadm5_log)' -P comment -$(srcdir)/kadm5-protos.h: - cd $(srcdir); perl ../../cf/make-proto.pl $(proto_opts) \ - -o kadm5-protos.h \ - $(dist_libkadm5clnt_la_SOURCES) \ - $(dist_libkadm5srv_la_SOURCES) \ - || rm -f kadm5-protos.h - -$(srcdir)/kadm5-private.h: - cd $(srcdir); perl ../../cf/make-proto.pl $(proto_opts) \ - -p kadm5-private.h \ - $(dist_libkadm5clnt_la_SOURCES) \ - $(dist_libkadm5srv_la_SOURCES) \ - || rm -f kadm5-private.h - -EXTRA_DIST = \ - kadm5_err.et \ - iprop-commands.in \ - $(man_MANS) \ - check-cracklib.pl \ - flush.c \ - sample_passwd_check.c \ - version-script.map diff --git a/crypto/heimdal/lib/kadm5/Makefile.in b/crypto/heimdal/lib/kadm5/Makefile.in deleted file mode 100644 index 81f1ced3d9e9..000000000000 --- a/crypto/heimdal/lib/kadm5/Makefile.in +++ /dev/null @@ -1,1293 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22403 2008-01-11 14:37:26Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - - - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(dist_kadm5include_HEADERS) $(srcdir)/Makefile.am \ - $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog -@versionscript_TRUE@am__append_1 = $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map -sbin_PROGRAMS = iprop-log$(EXEEXT) -check_PROGRAMS = default_keys$(EXEEXT) -noinst_PROGRAMS = test_pw_quality$(EXEEXT) -libexec_PROGRAMS = ipropd-master$(EXEEXT) ipropd-slave$(EXEEXT) -subdir = lib/kadm5 -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(libexecdir)" \ - "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man3dir)" \ - "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(kadm5includedir)" \ - "$(DESTDIR)$(kadm5includedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) -LTLIBRARIES = $(lib_LTLIBRARIES) $(noinst_LTLIBRARIES) -am__DEPENDENCIES_1 = -libkadm5clnt_la_DEPENDENCIES = $(am__DEPENDENCIES_1) \ - ../krb5/libkrb5.la $(am__DEPENDENCIES_1) -dist_libkadm5clnt_la_OBJECTS = ad.lo chpass_c.lo client_glue.lo \ - common_glue.lo create_c.lo delete_c.lo destroy_c.lo flush_c.lo \ - free.lo get_c.lo get_princs_c.lo init_c.lo marshall.lo \ - modify_c.lo privs_c.lo randkey_c.lo rename_c.lo send_recv.lo -nodist_libkadm5clnt_la_OBJECTS = kadm5_err.lo -libkadm5clnt_la_OBJECTS = $(dist_libkadm5clnt_la_OBJECTS) \ - $(nodist_libkadm5clnt_la_OBJECTS) -libkadm5clnt_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(libkadm5clnt_la_LDFLAGS) $(LDFLAGS) -o $@ -libkadm5srv_la_DEPENDENCIES = $(am__DEPENDENCIES_1) ../krb5/libkrb5.la \ - ../hdb/libhdb.la $(am__DEPENDENCIES_1) -dist_libkadm5srv_la_OBJECTS = acl.lo bump_pw_expire.lo chpass_s.lo \ - common_glue.lo context_s.lo create_s.lo delete_s.lo \ - destroy_s.lo ent_setup.lo error.lo flush_s.lo free.lo \ - get_princs_s.lo get_s.lo init_s.lo keys.lo log.lo marshall.lo \ - modify_s.lo password_quality.lo privs_s.lo randkey_s.lo \ - rename_s.lo server_glue.lo set_keys.lo set_modifier.lo -nodist_libkadm5srv_la_OBJECTS = kadm5_err.lo -libkadm5srv_la_OBJECTS = $(dist_libkadm5srv_la_OBJECTS) \ - $(nodist_libkadm5srv_la_OBJECTS) -libkadm5srv_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(libkadm5srv_la_LDFLAGS) $(LDFLAGS) -o $@ -sample_passwd_check_la_LIBADD = -am_sample_passwd_check_la_OBJECTS = sample_passwd_check.lo -sample_passwd_check_la_OBJECTS = $(am_sample_passwd_check_la_OBJECTS) -sample_passwd_check_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(sample_passwd_check_la_LDFLAGS) $(LDFLAGS) -o $@ -libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -PROGRAMS = $(libexec_PROGRAMS) $(noinst_PROGRAMS) $(sbin_PROGRAMS) -am_default_keys_OBJECTS = default_keys.$(OBJEXT) -default_keys_OBJECTS = $(am_default_keys_OBJECTS) -default_keys_LDADD = $(LDADD) -default_keys_DEPENDENCIES = libkadm5srv.la \ - $(top_builddir)/lib/hdb/libhdb.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -dist_iprop_log_OBJECTS = iprop-log.$(OBJEXT) -nodist_iprop_log_OBJECTS = iprop-commands.$(OBJEXT) -iprop_log_OBJECTS = $(dist_iprop_log_OBJECTS) \ - $(nodist_iprop_log_OBJECTS) -iprop_log_DEPENDENCIES = libkadm5srv.la \ - $(top_builddir)/lib/hdb/libhdb.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/sl/libsl.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -am_ipropd_master_OBJECTS = ipropd_master.$(OBJEXT) \ - ipropd_common.$(OBJEXT) -ipropd_master_OBJECTS = $(am_ipropd_master_OBJECTS) -ipropd_master_LDADD = $(LDADD) -ipropd_master_DEPENDENCIES = libkadm5srv.la \ - $(top_builddir)/lib/hdb/libhdb.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -am_ipropd_slave_OBJECTS = ipropd_slave.$(OBJEXT) \ - ipropd_common.$(OBJEXT) -ipropd_slave_OBJECTS = $(am_ipropd_slave_OBJECTS) -ipropd_slave_LDADD = $(LDADD) -ipropd_slave_DEPENDENCIES = libkadm5srv.la \ - $(top_builddir)/lib/hdb/libhdb.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -test_pw_quality_SOURCES = test_pw_quality.c -test_pw_quality_OBJECTS = test_pw_quality.$(OBJEXT) -test_pw_quality_LDADD = $(LDADD) -test_pw_quality_DEPENDENCIES = libkadm5srv.la \ - $(top_builddir)/lib/hdb/libhdb.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(dist_libkadm5clnt_la_SOURCES) \ - $(nodist_libkadm5clnt_la_SOURCES) \ - $(dist_libkadm5srv_la_SOURCES) \ - $(nodist_libkadm5srv_la_SOURCES) \ - $(sample_passwd_check_la_SOURCES) $(default_keys_SOURCES) \ - $(dist_iprop_log_SOURCES) $(nodist_iprop_log_SOURCES) \ - $(ipropd_master_SOURCES) $(ipropd_slave_SOURCES) \ - test_pw_quality.c -DIST_SOURCES = $(dist_libkadm5clnt_la_SOURCES) \ - $(dist_libkadm5srv_la_SOURCES) \ - $(sample_passwd_check_la_SOURCES) $(default_keys_SOURCES) \ - $(dist_iprop_log_SOURCES) $(ipropd_master_SOURCES) \ - $(ipropd_slave_SOURCES) test_pw_quality.c -man3dir = $(mandir)/man3 -man8dir = $(mandir)/man8 -MANS = $(man_MANS) -dist_kadm5includeHEADERS_INSTALL = $(INSTALL_HEADER) -nodist_kadm5includeHEADERS_INSTALL = $(INSTALL_HEADER) -HEADERS = $(dist_kadm5include_HEADERS) $(nodist_kadm5include_HEADERS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -SLC = $(top_builddir)/lib/sl/slc -lib_LTLIBRARIES = libkadm5srv.la libkadm5clnt.la -libkadm5srv_la_LDFLAGS = -version-info 8:1:0 $(am__append_1) -libkadm5clnt_la_LDFLAGS = -version-info 7:1:0 -noinst_LTLIBRARIES = sample_passwd_check.la -sample_passwd_check_la_SOURCES = sample_passwd_check.c -sample_passwd_check_la_LDFLAGS = -module -libkadm5srv_la_LIBADD = \ - $(LIB_com_err) ../krb5/libkrb5.la \ - ../hdb/libhdb.la $(LIBADD_roken) - -libkadm5clnt_la_LIBADD = \ - $(LIB_com_err) ../krb5/libkrb5.la $(LIBADD_roken) - -default_keys_SOURCES = default_keys.c -kadm5includedir = $(includedir)/kadm5 -buildkadm5include = $(buildinclude)/kadm5 -dist_kadm5include_HEADERS = admin.h private.h kadm5-protos.h kadm5-private.h -nodist_kadm5include_HEADERS = kadm5_err.h -dist_libkadm5clnt_la_SOURCES = \ - ad.c \ - chpass_c.c \ - client_glue.c \ - common_glue.c \ - create_c.c \ - delete_c.c \ - destroy_c.c \ - flush_c.c \ - free.c \ - get_c.c \ - get_princs_c.c \ - init_c.c \ - kadm5_locl.h \ - marshall.c \ - modify_c.c \ - private.h \ - privs_c.c \ - randkey_c.c \ - rename_c.c \ - send_recv.c \ - kadm5-pwcheck.h \ - admin.h - -nodist_libkadm5clnt_la_SOURCES = \ - kadm5_err.c \ - kadm5_err.h - -dist_libkadm5srv_la_SOURCES = \ - acl.c \ - admin.h \ - bump_pw_expire.c \ - chpass_s.c \ - common_glue.c \ - context_s.c \ - create_s.c \ - delete_s.c \ - destroy_s.c \ - ent_setup.c \ - error.c \ - flush_s.c \ - free.c \ - get_princs_s.c \ - get_s.c \ - init_s.c \ - kadm5_locl.h \ - keys.c \ - log.c \ - marshall.c \ - modify_s.c \ - password_quality.c \ - private.h \ - privs_s.c \ - randkey_s.c \ - rename_s.c \ - server_glue.c \ - set_keys.c \ - set_modifier.c \ - kadm5-pwcheck.h \ - admin.h - -nodist_libkadm5srv_la_SOURCES = \ - kadm5_err.c \ - kadm5_err.h - -dist_iprop_log_SOURCES = iprop-log.c -nodist_iprop_log_SOURCES = iprop-commands.c -ipropd_master_SOURCES = ipropd_master.c ipropd_common.c iprop.h kadm5_locl.h -ipropd_slave_SOURCES = ipropd_slave.c ipropd_common.c iprop.h kadm5_locl.h -man_MANS = kadm5_pwcheck.3 iprop.8 iprop-log.8 -LDADD = \ - libkadm5srv.la \ - $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_hcrypto) \ - $(LIB_roken) \ - $(DBLIB) \ - $(LIB_dlopen) \ - $(LIB_pidfile) - -iprop_log_LDADD = \ - libkadm5srv.la \ - $(top_builddir)/lib/hdb/libhdb.la \ - $(LIB_openldap) \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/sl/libsl.la \ - $(LIB_readline) \ - $(LIB_roken) \ - $(DBLIB) \ - $(LIB_dlopen) \ - $(LIB_pidfile) - -CLEANFILES = kadm5_err.c kadm5_err.h iprop-commands.h iprop-commands.c -proto_opts = -q -R '^(_|kadm5_c_|kadm5_s_|kadm5_log)' -P comment -EXTRA_DIST = \ - kadm5_err.et \ - iprop-commands.in \ - $(man_MANS) \ - check-cracklib.pl \ - flush.c \ - sample_passwd_check.c \ - version-script.map - -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/kadm5/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/kadm5/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-libLTLIBRARIES: $(lib_LTLIBRARIES) - @$(NORMAL_INSTALL) - test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ - else :; fi; \ - done - -uninstall-libLTLIBRARIES: - @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ - done - -clean-libLTLIBRARIES: - -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done - -clean-noinstLTLIBRARIES: - -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) - @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done -libkadm5clnt.la: $(libkadm5clnt_la_OBJECTS) $(libkadm5clnt_la_DEPENDENCIES) - $(libkadm5clnt_la_LINK) -rpath $(libdir) $(libkadm5clnt_la_OBJECTS) $(libkadm5clnt_la_LIBADD) $(LIBS) -libkadm5srv.la: $(libkadm5srv_la_OBJECTS) $(libkadm5srv_la_DEPENDENCIES) - $(libkadm5srv_la_LINK) -rpath $(libdir) $(libkadm5srv_la_OBJECTS) $(libkadm5srv_la_LIBADD) $(LIBS) -sample_passwd_check.la: $(sample_passwd_check_la_OBJECTS) $(sample_passwd_check_la_DEPENDENCIES) - $(sample_passwd_check_la_LINK) $(sample_passwd_check_la_OBJECTS) $(sample_passwd_check_la_LIBADD) $(LIBS) - -clean-checkPROGRAMS: - @list='$(check_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -install-libexecPROGRAMS: $(libexec_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(libexecdir)" || $(MKDIR_P) "$(DESTDIR)$(libexecdir)" - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-libexecPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \ - rm -f "$(DESTDIR)$(libexecdir)/$$f"; \ - done - -clean-libexecPROGRAMS: - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done - -clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -install-sbinPROGRAMS: $(sbin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(sbindir)" || $(MKDIR_P) "$(DESTDIR)$(sbindir)" - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-sbinPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(sbindir)/$$f'"; \ - rm -f "$(DESTDIR)$(sbindir)/$$f"; \ - done - -clean-sbinPROGRAMS: - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -default_keys$(EXEEXT): $(default_keys_OBJECTS) $(default_keys_DEPENDENCIES) - @rm -f default_keys$(EXEEXT) - $(LINK) $(default_keys_OBJECTS) $(default_keys_LDADD) $(LIBS) -iprop-log$(EXEEXT): $(iprop_log_OBJECTS) $(iprop_log_DEPENDENCIES) - @rm -f iprop-log$(EXEEXT) - $(LINK) $(iprop_log_OBJECTS) $(iprop_log_LDADD) $(LIBS) -ipropd-master$(EXEEXT): $(ipropd_master_OBJECTS) $(ipropd_master_DEPENDENCIES) - @rm -f ipropd-master$(EXEEXT) - $(LINK) $(ipropd_master_OBJECTS) $(ipropd_master_LDADD) $(LIBS) -ipropd-slave$(EXEEXT): $(ipropd_slave_OBJECTS) $(ipropd_slave_DEPENDENCIES) - @rm -f ipropd-slave$(EXEEXT) - $(LINK) $(ipropd_slave_OBJECTS) $(ipropd_slave_LDADD) $(LIBS) -test_pw_quality$(EXEEXT): $(test_pw_quality_OBJECTS) $(test_pw_quality_DEPENDENCIES) - @rm -f test_pw_quality$(EXEEXT) - $(LINK) $(test_pw_quality_OBJECTS) $(test_pw_quality_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man3: $(man3_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man3dir)" || $(MKDIR_P) "$(DESTDIR)$(man3dir)" - @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.3*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 3*) ;; \ - *) ext='3' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst"; \ - done -uninstall-man3: - @$(NORMAL_UNINSTALL) - @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.3*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 3*) ;; \ - *) ext='3' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man3dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man3dir)/$$inst"; \ - done -install-man8: $(man8_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done -install-dist_kadm5includeHEADERS: $(dist_kadm5include_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(kadm5includedir)" || $(MKDIR_P) "$(DESTDIR)$(kadm5includedir)" - @list='$(dist_kadm5include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(dist_kadm5includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(kadm5includedir)/$$f'"; \ - $(dist_kadm5includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(kadm5includedir)/$$f"; \ - done - -uninstall-dist_kadm5includeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(dist_kadm5include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(kadm5includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(kadm5includedir)/$$f"; \ - done -install-nodist_kadm5includeHEADERS: $(nodist_kadm5include_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(kadm5includedir)" || $(MKDIR_P) "$(DESTDIR)$(kadm5includedir)" - @list='$(nodist_kadm5include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(nodist_kadm5includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(kadm5includedir)/$$f'"; \ - $(nodist_kadm5includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(kadm5includedir)/$$f"; \ - done - -uninstall-nodist_kadm5includeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(nodist_kadm5include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(kadm5includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(kadm5includedir)/$$f"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(MANS) $(HEADERS) \ - all-local -installdirs: - for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(man3dir)" "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(kadm5includedir)" "$(DESTDIR)$(kadm5includedir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-checkPROGRAMS clean-generic clean-libLTLIBRARIES \ - clean-libexecPROGRAMS clean-libtool clean-noinstLTLIBRARIES \ - clean-noinstPROGRAMS clean-sbinPROGRAMS mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-dist_kadm5includeHEADERS install-man \ - install-nodist_kadm5includeHEADERS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-libLTLIBRARIES install-libexecPROGRAMS \ - install-sbinPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man3 install-man8 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-dist_kadm5includeHEADERS \ - uninstall-libLTLIBRARIES uninstall-libexecPROGRAMS \ - uninstall-man uninstall-nodist_kadm5includeHEADERS \ - uninstall-sbinPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man3 uninstall-man8 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-checkPROGRAMS clean-generic clean-libLTLIBRARIES \ - clean-libexecPROGRAMS clean-libtool clean-noinstLTLIBRARIES \ - clean-noinstPROGRAMS clean-sbinPROGRAMS ctags dist-hook \ - distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook \ - install-dist_kadm5includeHEADERS install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am \ - install-libLTLIBRARIES install-libexecPROGRAMS install-man \ - install-man3 install-man8 install-nodist_kadm5includeHEADERS \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-sbinPROGRAMS install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-dist_kadm5includeHEADERS \ - uninstall-hook uninstall-libLTLIBRARIES \ - uninstall-libexecPROGRAMS uninstall-man uninstall-man3 \ - uninstall-man8 uninstall-nodist_kadm5includeHEADERS \ - uninstall-sbinPROGRAMS - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -install-build-headers:: $(dist_kadm5include_HEADERS) $(nodist_kadm5include_HEADERS) - @foo='$(dist_kadm5include_HEADERS) $(nodist_kadm5include_HEADERS)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildkadm5include)/$$f 2> /dev/null ; then \ - : ; else \ - echo "cp $$file $(buildkadm5include)/$$f";\ - cp $$file $(buildkadm5include)/$$f; \ - fi ; \ - done - -iprop-commands.c iprop-commands.h: iprop-commands.in - $(SLC) $(srcdir)/iprop-commands.in - -$(libkadm5srv_la_OBJECTS): kadm5_err.h -$(iprop_log_OBJECTS): iprop-commands.h - -client_glue.lo server_glue.lo: $(srcdir)/common_glue.c - -# to help stupid solaris make - -kadm5_err.h: kadm5_err.et - -$(libkadm5clnt_la_OBJECTS) $(libkadm5srv_la_OBJECTS): $(srcdir)/kadm5-protos.h $(srcdir)/kadm5-private.h -$(srcdir)/kadm5-protos.h: - cd $(srcdir); perl ../../cf/make-proto.pl $(proto_opts) \ - -o kadm5-protos.h \ - $(dist_libkadm5clnt_la_SOURCES) \ - $(dist_libkadm5srv_la_SOURCES) \ - || rm -f kadm5-protos.h - -$(srcdir)/kadm5-private.h: - cd $(srcdir); perl ../../cf/make-proto.pl $(proto_opts) \ - -p kadm5-private.h \ - $(dist_libkadm5clnt_la_SOURCES) \ - $(dist_libkadm5srv_la_SOURCES) \ - || rm -f kadm5-private.h -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/lib/kadm5/acl.c b/crypto/heimdal/lib/kadm5/acl.c deleted file mode 100644 index 9a2f75b6cbf6..000000000000 --- a/crypto/heimdal/lib/kadm5/acl.c +++ /dev/null @@ -1,216 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: acl.c 17445 2006-05-05 10:37:46Z lha $"); - -static struct units acl_units[] = { - { "all", KADM5_PRIV_ALL }, - { "change-password",KADM5_PRIV_CPW }, - { "cpw", KADM5_PRIV_CPW }, - { "list", KADM5_PRIV_LIST }, - { "delete", KADM5_PRIV_DELETE }, - { "modify", KADM5_PRIV_MODIFY }, - { "add", KADM5_PRIV_ADD }, - { "get", KADM5_PRIV_GET }, - { NULL } -}; - -kadm5_ret_t -_kadm5_string_to_privs(const char *s, uint32_t* privs) -{ - int flags; - flags = parse_flags(s, acl_units, 0); - if(flags < 0) - return KADM5_FAILURE; - *privs = flags; - return 0; -} - -kadm5_ret_t -_kadm5_privs_to_string(uint32_t privs, char *string, size_t len) -{ - if(privs == 0) - strlcpy(string, "none", len); - else - unparse_flags(privs, acl_units + 1, string, len); - return 0; -} - -/* - * retrieve the right for the current caller on `princ' (NULL means all) - * and store them in `ret_flags' - * return 0 or an error. - */ - -static kadm5_ret_t -fetch_acl (kadm5_server_context *context, - krb5_const_principal princ, - unsigned *ret_flags) -{ - FILE *f; - krb5_error_code ret = 0; - char buf[256]; - - *ret_flags = 0; - - /* no acl file -> no rights */ - f = fopen(context->config.acl_file, "r"); - if (f == NULL) - return 0; - - while(fgets(buf, sizeof(buf), f) != NULL) { - char *foo = NULL, *p; - krb5_principal this_princ; - unsigned flags = 0; - - p = strtok_r(buf, " \t\n", &foo); - if(p == NULL) - continue; - if (*p == '#') /* comment */ - continue; - ret = krb5_parse_name(context->context, p, &this_princ); - if(ret) - break; - if(!krb5_principal_compare(context->context, - context->caller, this_princ)) { - krb5_free_principal(context->context, this_princ); - continue; - } - krb5_free_principal(context->context, this_princ); - p = strtok_r(NULL, " \t\n", &foo); - if(p == NULL) - continue; - ret = _kadm5_string_to_privs(p, &flags); - if (ret) - break; - p = strtok_r(NULL, " \t\n", &foo); - if (p == NULL) { - *ret_flags = flags; - break; - } - if (princ != NULL) { - krb5_principal pattern_princ; - krb5_boolean match; - - ret = krb5_parse_name (context->context, p, &pattern_princ); - if (ret) - break; - match = krb5_principal_match (context->context, - princ, pattern_princ); - krb5_free_principal (context->context, pattern_princ); - if (match) { - *ret_flags = flags; - break; - } - } - } - fclose(f); - return ret; -} - -/* - * set global acl flags in `context' for the current caller. - * return 0 on success or an error - */ - -kadm5_ret_t -_kadm5_acl_init(kadm5_server_context *context) -{ - krb5_principal princ; - krb5_error_code ret; - - ret = krb5_parse_name(context->context, KADM5_ADMIN_SERVICE, &princ); - if (ret) - return ret; - ret = krb5_principal_compare(context->context, context->caller, princ); - krb5_free_principal(context->context, princ); - if(ret != 0) { - context->acl_flags = KADM5_PRIV_ALL; - return 0; - } - - return fetch_acl (context, NULL, &context->acl_flags); -} - -/* - * check if `flags' allows `op' - * return 0 if OK or an error - */ - -static kadm5_ret_t -check_flags (unsigned op, - unsigned flags) -{ - unsigned res = ~flags & op; - - if(res & KADM5_PRIV_GET) - return KADM5_AUTH_GET; - if(res & KADM5_PRIV_ADD) - return KADM5_AUTH_ADD; - if(res & KADM5_PRIV_MODIFY) - return KADM5_AUTH_MODIFY; - if(res & KADM5_PRIV_DELETE) - return KADM5_AUTH_DELETE; - if(res & KADM5_PRIV_CPW) - return KADM5_AUTH_CHANGEPW; - if(res & KADM5_PRIV_LIST) - return KADM5_AUTH_LIST; - if(res) - return KADM5_AUTH_INSUFFICIENT; - return 0; -} - -/* - * return 0 if the current caller in `context' is allowed to perform - * `op' on `princ' and otherwise an error - * princ == NULL if it's not relevant. - */ - -kadm5_ret_t -_kadm5_acl_check_permission(kadm5_server_context *context, - unsigned op, - krb5_const_principal princ) -{ - kadm5_ret_t ret; - unsigned princ_flags; - - ret = check_flags (op, context->acl_flags); - if (ret == 0) - return ret; - ret = fetch_acl (context, princ, &princ_flags); - if (ret) - return ret; - return check_flags (op, princ_flags); -} diff --git a/crypto/heimdal/lib/kadm5/ad.c b/crypto/heimdal/lib/kadm5/ad.c deleted file mode 100644 index 72288d978eaa..000000000000 --- a/crypto/heimdal/lib/kadm5/ad.c +++ /dev/null @@ -1,1449 +0,0 @@ -/* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#define HAVE_TSASL 1 - -#include "kadm5_locl.h" -#if 1 -#undef OPENLDAP -#undef HAVE_TSASL -#endif -#ifdef OPENLDAP -#include -#ifdef HAVE_TSASL -#include -#endif -#include -#include -#endif - -RCSID("$Id: ad.c 17445 2006-05-05 10:37:46Z lha $"); - -#ifdef OPENLDAP - -#define CTX2LP(context) ((LDAP *)((context)->ldap_conn)) -#define CTX2BASE(context) ((context)->base_dn) - -/* - * userAccountControl - */ - -#define UF_SCRIPT 0x00000001 -#define UF_ACCOUNTDISABLE 0x00000002 -#define UF_UNUSED_0 0x00000004 -#define UF_HOMEDIR_REQUIRED 0x00000008 -#define UF_LOCKOUT 0x00000010 -#define UF_PASSWD_NOTREQD 0x00000020 -#define UF_PASSWD_CANT_CHANGE 0x00000040 -#define UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED 0x00000080 -#define UF_TEMP_DUPLICATE_ACCOUNT 0x00000100 -#define UF_NORMAL_ACCOUNT 0x00000200 -#define UF_UNUSED_1 0x00000400 -#define UF_INTERDOMAIN_TRUST_ACCOUNT 0x00000800 -#define UF_WORKSTATION_TRUST_ACCOUNT 0x00001000 -#define UF_SERVER_TRUST_ACCOUNT 0x00002000 -#define UF_UNUSED_2 0x00004000 -#define UF_UNUSED_3 0x00008000 -#define UF_PASSWD_NOT_EXPIRE 0x00010000 -#define UF_MNS_LOGON_ACCOUNT 0x00020000 -#define UF_SMARTCARD_REQUIRED 0x00040000 -#define UF_TRUSTED_FOR_DELEGATION 0x00080000 -#define UF_NOT_DELEGATED 0x00100000 -#define UF_USE_DES_KEY_ONLY 0x00200000 -#define UF_DONT_REQUIRE_PREAUTH 0x00400000 -#define UF_UNUSED_4 0x00800000 -#define UF_UNUSED_5 0x01000000 -#define UF_UNUSED_6 0x02000000 -#define UF_UNUSED_7 0x04000000 -#define UF_UNUSED_8 0x08000000 -#define UF_UNUSED_9 0x10000000 -#define UF_UNUSED_10 0x20000000 -#define UF_UNUSED_11 0x40000000 -#define UF_UNUSED_12 0x80000000 - -/* - * - */ - -#ifndef HAVE_TSASL -static int -sasl_interact(LDAP *ld, unsigned flags, void *defaults, void *interact) -{ - return LDAP_SUCCESS; -} -#endif - -#if 0 -static Sockbuf_IO ldap_tsasl_io = { - NULL, /* sbi_setup */ - NULL, /* sbi_remove */ - NULL, /* sbi_ctrl */ - NULL, /* sbi_read */ - NULL, /* sbi_write */ - NULL /* sbi_close */ -}; -#endif - -#ifdef HAVE_TSASL -static int -ldap_tsasl_bind_s(LDAP *ld, - LDAP_CONST char *dn, - LDAPControl **serverControls, - LDAPControl **clientControls, - const char *host) -{ - char *attrs[] = { "supportedSASLMechanisms", NULL }; - struct tsasl_peer *peer = NULL; - struct tsasl_buffer in, out; - struct berval ccred, *scred; - LDAPMessage *m, *m0; - const char *mech; - char **vals; - int ret, rc; - - ret = tsasl_peer_init(TSASL_FLAGS_INITIATOR | TSASL_FLAGS_CLEAR, - "ldap", host, &peer); - if (ret != TSASL_DONE) { - rc = LDAP_LOCAL_ERROR; - goto out; - } - - rc = ldap_search_s(ld, "", LDAP_SCOPE_BASE, NULL, attrs, 0, &m0); - if (rc != LDAP_SUCCESS) - goto out; - - m = ldap_first_entry(ld, m0); - if (m == NULL) { - ldap_msgfree(m0); - goto out; - } - - vals = ldap_get_values(ld, m, "supportedSASLMechanisms"); - if (vals == NULL) { - ldap_msgfree(m0); - goto out; - } - - ret = tsasl_find_best_mech(peer, vals, &mech); - if (ret) { - ldap_msgfree(m0); - goto out; - } - - ldap_msgfree(m0); - - ret = tsasl_select_mech(peer, mech); - if (ret != TSASL_DONE) { - rc = LDAP_LOCAL_ERROR; - goto out; - } - - in.tb_data = NULL; - in.tb_size = 0; - - do { - ret = tsasl_request(peer, &in, &out); - if (in.tb_size != 0) { - free(in.tb_data); - in.tb_data = NULL; - in.tb_size = 0; - } - if (ret != TSASL_DONE && ret != TSASL_CONTINUE) { - rc = LDAP_AUTH_UNKNOWN; - goto out; - } - - ccred.bv_val = out.tb_data; - ccred.bv_len = out.tb_size; - - rc = ldap_sasl_bind_s(ld, dn, mech, &ccred, - serverControls, clientControls, &scred); - tsasl_buffer_free(&out); - - if (rc != LDAP_SUCCESS && rc != LDAP_SASL_BIND_IN_PROGRESS) { - if(scred && scred->bv_len) - ber_bvfree(scred); - goto out; - } - - in.tb_data = malloc(scred->bv_len); - if (in.tb_data == NULL) { - rc = LDAP_LOCAL_ERROR; - goto out; - } - memcpy(in.tb_data, scred->bv_val, scred->bv_len); - in.tb_size = scred->bv_len; - ber_bvfree(scred); - - } while (rc == LDAP_SASL_BIND_IN_PROGRESS); - - out: - if (rc == LDAP_SUCCESS) { -#if 0 - ber_sockbuf_add_io(ld->ld_conns->lconn_sb, &ldap_tsasl_io, - LBER_SBIOD_LEVEL_APPLICATION, peer); - -#endif - } else if (peer != NULL) - tsasl_peer_free(peer); - - return rc; -} -#endif /* HAVE_TSASL */ - - -static int -check_ldap(kadm5_ad_context *context, int ret) -{ - switch (ret) { - case LDAP_SUCCESS: - return 0; - case LDAP_SERVER_DOWN: { - LDAP *lp = CTX2LP(context); - ldap_unbind(lp); - context->ldap_conn = NULL; - free(context->base_dn); - context->base_dn = NULL; - return 1; - } - default: - return 1; - } -} - -/* - * - */ - -static void -laddattr(char ***al, int *attrlen, char *attr) -{ - char **a; - a = realloc(*al, (*attrlen + 2) * sizeof(**al)); - if (a == NULL) - return; - a[*attrlen] = attr; - a[*attrlen + 1] = NULL; - (*attrlen)++; - *al = a; -} - -static kadm5_ret_t -_kadm5_ad_connect(void *server_handle) -{ - kadm5_ad_context *context = server_handle; - struct { - char *server; - int port; - } *s, *servers = NULL; - int i, num_servers = 0; - - if (context->ldap_conn) - return 0; - - { - struct dns_reply *r; - struct resource_record *rr; - char *domain; - - asprintf(&domain, "_ldap._tcp.%s", context->realm); - if (domain == NULL) { - krb5_set_error_string(context->context, "malloc"); - return KADM5_NO_SRV; - } - - r = dns_lookup(domain, "SRV"); - free(domain); - if (r == NULL) { - krb5_set_error_string(context->context, "Didn't find ldap dns"); - return KADM5_NO_SRV; - } - - for (rr = r->head ; rr != NULL; rr = rr->next) { - if (rr->type != T_SRV) - continue; - s = realloc(servers, sizeof(*servers) * (num_servers + 1)); - if (s == NULL) { - krb5_set_error_string(context->context, "malloc"); - dns_free_data(r); - goto fail; - } - servers = s; - num_servers++; - servers[num_servers - 1].port = rr->u.srv->port; - servers[num_servers - 1].server = strdup(rr->u.srv->target); - } - dns_free_data(r); - } - - if (num_servers == 0) { - krb5_set_error_string(context->context, "No AD server found in DNS"); - return KADM5_NO_SRV; - } - - for (i = 0; i < num_servers; i++) { - int lret, version = LDAP_VERSION3; - LDAP *lp; - - lp = ldap_init(servers[i].server, servers[i].port); - if (lp == NULL) - continue; - - if (ldap_set_option(lp, LDAP_OPT_PROTOCOL_VERSION, &version)) { - ldap_unbind(lp); - continue; - } - - if (ldap_set_option(lp, LDAP_OPT_REFERRALS, LDAP_OPT_OFF)) { - ldap_unbind(lp); - continue; - } - -#ifdef HAVE_TSASL - lret = ldap_tsasl_bind_s(lp, NULL, NULL, NULL, servers[i].server); - -#else - lret = ldap_sasl_interactive_bind_s(lp, NULL, NULL, NULL, NULL, - LDAP_SASL_QUIET, - sasl_interact, NULL); -#endif - if (lret != LDAP_SUCCESS) { - krb5_set_error_string(context->context, - "Couldn't contact any AD servers: %s", - ldap_err2string(lret)); - ldap_unbind(lp); - continue; - } - - context->ldap_conn = lp; - break; - } - if (i >= num_servers) { - goto fail; - } - - { - LDAPMessage *m, *m0; - char **attr = NULL; - int attrlen = 0; - char **vals; - int ret; - - laddattr(&attr, &attrlen, "defaultNamingContext"); - - ret = ldap_search_s(CTX2LP(context), "", LDAP_SCOPE_BASE, - "objectclass=*", attr, 0, &m); - free(attr); - if (check_ldap(context, ret)) - goto fail; - - if (ldap_count_entries(CTX2LP(context), m) > 0) { - m0 = ldap_first_entry(CTX2LP(context), m); - if (m0 == NULL) { - krb5_set_error_string(context->context, - "Error in AD ldap responce"); - ldap_msgfree(m); - goto fail; - } - vals = ldap_get_values(CTX2LP(context), - m0, "defaultNamingContext"); - if (vals == NULL) { - krb5_set_error_string(context->context, - "No naming context found"); - goto fail; - } - context->base_dn = strdup(vals[0]); - } else - goto fail; - ldap_msgfree(m); - } - - for (i = 0; i < num_servers; i++) - free(servers[i].server); - free(servers); - - return 0; - - fail: - for (i = 0; i < num_servers; i++) - free(servers[i].server); - free(servers); - - if (context->ldap_conn) { - ldap_unbind(CTX2LP(context)); - context->ldap_conn = NULL; - } - return KADM5_RPC_ERROR; -} - -#define NTTIME_EPOCH 0x019DB1DED53E8000LL - -static time_t -nt2unixtime(const char *str) -{ - unsigned long long t; - t = strtoll(str, NULL, 10); - t = ((t - NTTIME_EPOCH) / (long long)10000000); - if (t > (((time_t)(~(long long)0)) >> 1)) - return 0; - return (time_t)t; -} - -static long long -unix2nttime(time_t unix_time) -{ - long long wt; - wt = unix_time * (long long)10000000 + (long long)NTTIME_EPOCH; - return wt; -} - -/* XXX create filter in a better way */ - -static int -ad_find_entry(kadm5_ad_context *context, - const char *fqdn, - const char *pn, - char **name) -{ - LDAPMessage *m, *m0; - char *attr[] = { "distinguishedName", NULL }; - char *filter; - int ret; - - if (name) - *name = NULL; - - if (fqdn) - asprintf(&filter, - "(&(objectClass=computer)(|(dNSHostName=%s)(servicePrincipalName=%s)))", - fqdn, pn); - else if(pn) - asprintf(&filter, "(&(objectClass=account)(userPrincipalName=%s))", pn); - else - return KADM5_RPC_ERROR; - - ret = ldap_search_s(CTX2LP(context), CTX2BASE(context), - LDAP_SCOPE_SUBTREE, - filter, attr, 0, &m); - free(filter); - if (check_ldap(context, ret)) - return KADM5_RPC_ERROR; - - if (ldap_count_entries(CTX2LP(context), m) > 0) { - char **vals; - m0 = ldap_first_entry(CTX2LP(context), m); - vals = ldap_get_values(CTX2LP(context), m0, "distinguishedName"); - if (vals == NULL || vals[0] == NULL) { - ldap_msgfree(m); - return KADM5_RPC_ERROR; - } - if (name) - *name = strdup(vals[0]); - ldap_msgfree(m); - } else - return KADM5_UNK_PRINC; - - return 0; -} - -#endif /* OPENLDAP */ - -static kadm5_ret_t -ad_get_cred(kadm5_ad_context *context, const char *password) -{ - kadm5_ret_t ret; - krb5_ccache cc; - char *service; - - if (context->ccache) - return 0; - - asprintf(&service, "%s/%s@%s", KRB5_TGS_NAME, - context->realm, context->realm); - if (service == NULL) - return ENOMEM; - - ret = _kadm5_c_get_cred_cache(context->context, - context->client_name, - service, - password, krb5_prompter_posix, - NULL, NULL, &cc); - free(service); - if(ret) - return ret; /* XXX */ - context->ccache = cc; - return 0; -} - -static kadm5_ret_t -kadm5_ad_chpass_principal(void *server_handle, - krb5_principal principal, - const char *password) -{ - kadm5_ad_context *context = server_handle; - krb5_data result_code_string, result_string; - int result_code; - kadm5_ret_t ret; - - ret = ad_get_cred(context, NULL); - if (ret) - return ret; - - krb5_data_zero (&result_code_string); - krb5_data_zero (&result_string); - - ret = krb5_set_password_using_ccache (context->context, - context->ccache, - password, - principal, - &result_code, - &result_code_string, - &result_string); - - krb5_data_free (&result_code_string); - krb5_data_free (&result_string); - - /* XXX do mapping here on error codes */ - - return ret; -} - -#ifdef OPENLDAP -static const char * -get_fqdn(krb5_context context, const krb5_principal p) -{ - const char *s, *hosttypes[] = { "host", "ldap", "gc", "cifs", "dns" }; - int i; - - s = krb5_principal_get_comp_string(context, p, 0); - if (p == NULL) - return NULL; - - for (i = 0; i < sizeof(hosttypes)/sizeof(hosttypes[0]); i++) { - if (strcasecmp(s, hosttypes[i]) == 0) - return krb5_principal_get_comp_string(context, p, 1); - } - return 0; -} -#endif - - -static kadm5_ret_t -kadm5_ad_create_principal(void *server_handle, - kadm5_principal_ent_t entry, - uint32_t mask, - const char *password) -{ - kadm5_ad_context *context = server_handle; - - /* - * KADM5_PRINC_EXPIRE_TIME - * - * return 0 || KADM5_DUP; - */ - -#ifdef OPENLDAP - LDAPMod *attrs[8], rattrs[7], *a; - char *useraccvals[2] = { NULL, NULL }, - *samvals[2], *dnsvals[2], *spnvals[5], *upnvals[2], *tv[2]; - char *ocvals_spn[] = { "top", "person", "organizationalPerson", - "user", "computer", NULL}; - char *p, *realmless_p, *p_msrealm = NULL, *dn = NULL; - const char *fqdn; - char *s, *samname = NULL, *short_spn = NULL; - int ret, i; - int32_t uf_flags = 0; - - if ((mask & KADM5_PRINCIPAL) == 0) - return KADM5_BAD_MASK; - - for (i = 0; i < sizeof(rattrs)/sizeof(rattrs[0]); i++) - attrs[i] = &rattrs[i]; - attrs[i] = NULL; - - ret = ad_get_cred(context, NULL); - if (ret) - return ret; - - ret = _kadm5_ad_connect(server_handle); - if (ret) - return ret; - - fqdn = get_fqdn(context->context, entry->principal); - - ret = krb5_unparse_name(context->context, entry->principal, &p); - if (ret) - return ret; - - if (ad_find_entry(context, fqdn, p, NULL) == 0) { - free(p); - return KADM5_DUP; - } - - if (mask & KADM5_ATTRIBUTES) { - if (entry->attributes & KRB5_KDB_DISALLOW_ALL_TIX) - uf_flags |= UF_ACCOUNTDISABLE|UF_LOCKOUT; - if ((entry->attributes & KRB5_KDB_REQUIRES_PRE_AUTH) == 0) - uf_flags |= UF_DONT_REQUIRE_PREAUTH; - if (entry->attributes & KRB5_KDB_REQUIRES_HW_AUTH) - uf_flags |= UF_SMARTCARD_REQUIRED; - } - - realmless_p = strdup(p); - if (realmless_p == NULL) { - ret = ENOMEM; - goto out; - } - s = strrchr(realmless_p, '@'); - if (s) - *s = '\0'; - - if (fqdn) { - /* create computer account */ - asprintf(&samname, "%s$", fqdn); - if (samname == NULL) { - ret = ENOMEM; - goto out; - } - s = strchr(samname, '.'); - if (s) { - s[0] = '$'; - s[1] = '\0'; - } - - short_spn = strdup(p); - if (short_spn == NULL) { - errno = ENOMEM; - goto out; - } - s = strchr(short_spn, '.'); - if (s) { - *s = '\0'; - } else { - free(short_spn); - short_spn = NULL; - } - - p_msrealm = strdup(p); - if (p_msrealm == NULL) { - errno = ENOMEM; - goto out; - } - s = strrchr(p_msrealm, '@'); - if (s) { - *s = '/'; - } else { - free(p_msrealm); - p_msrealm = NULL; - } - - asprintf(&dn, "cn=%s, cn=Computers, %s", fqdn, CTX2BASE(context)); - if (dn == NULL) { - ret = ENOMEM; - goto out; - } - - a = &rattrs[0]; - a->mod_op = LDAP_MOD_ADD; - a->mod_type = "objectClass"; - a->mod_values = ocvals_spn; - a++; - - a->mod_op = LDAP_MOD_ADD; - a->mod_type = "userAccountControl"; - a->mod_values = useraccvals; - asprintf(&useraccvals[0], "%d", - uf_flags | - UF_PASSWD_NOT_EXPIRE | - UF_WORKSTATION_TRUST_ACCOUNT); - useraccvals[1] = NULL; - a++; - - a->mod_op = LDAP_MOD_ADD; - a->mod_type = "sAMAccountName"; - a->mod_values = samvals; - samvals[0] = samname; - samvals[1] = NULL; - a++; - - a->mod_op = LDAP_MOD_ADD; - a->mod_type = "dNSHostName"; - a->mod_values = dnsvals; - dnsvals[0] = (char *)fqdn; - dnsvals[1] = NULL; - a++; - - /* XXX add even more spn's */ - a->mod_op = LDAP_MOD_ADD; - a->mod_type = "servicePrincipalName"; - a->mod_values = spnvals; - i = 0; - spnvals[i++] = p; - spnvals[i++] = realmless_p; - if (short_spn) - spnvals[i++] = short_spn; - if (p_msrealm) - spnvals[i++] = p_msrealm; - spnvals[i++] = NULL; - a++; - - a->mod_op = LDAP_MOD_ADD; - a->mod_type = "userPrincipalName"; - a->mod_values = upnvals; - upnvals[0] = p; - upnvals[1] = NULL; - a++; - - a->mod_op = LDAP_MOD_ADD; - a->mod_type = "accountExpires"; - a->mod_values = tv; - tv[0] = "9223372036854775807"; /* "never" */ - tv[1] = NULL; - a++; - - } else { - /* create user account */ - - a = &rattrs[0]; - a->mod_op = LDAP_MOD_ADD; - a->mod_type = "userAccountControl"; - a->mod_values = useraccvals; - asprintf(&useraccvals[0], "%d", - uf_flags | - UF_PASSWD_NOT_EXPIRE); - useraccvals[1] = NULL; - a++; - - a->mod_op = LDAP_MOD_ADD; - a->mod_type = "sAMAccountName"; - a->mod_values = samvals; - samvals[0] = realmless_p; - samvals[1] = NULL; - a++; - - a->mod_op = LDAP_MOD_ADD; - a->mod_type = "userPrincipalName"; - a->mod_values = upnvals; - upnvals[0] = p; - upnvals[1] = NULL; - a++; - - a->mod_op = LDAP_MOD_ADD; - a->mod_type = "accountExpires"; - a->mod_values = tv; - tv[0] = "9223372036854775807"; /* "never" */ - tv[1] = NULL; - a++; - } - - attrs[a - &rattrs[0]] = NULL; - - ret = ldap_add_s(CTX2LP(context), dn, attrs); - - out: - if (useraccvals[0]) - free(useraccvals[0]); - if (realmless_p) - free(realmless_p); - if (samname) - free(samname); - if (short_spn) - free(short_spn); - if (p_msrealm) - free(p_msrealm); - free(p); - - if (check_ldap(context, ret)) - return KADM5_RPC_ERROR; - - return 0; -#else - krb5_set_error_string(context->context, "Function not implemented"); - return KADM5_RPC_ERROR; -#endif -} - -static kadm5_ret_t -kadm5_ad_delete_principal(void *server_handle, krb5_principal principal) -{ - kadm5_ad_context *context = server_handle; -#ifdef OPENLDAP - char *p, *dn = NULL; - const char *fqdn; - int ret; - - ret = ad_get_cred(context, NULL); - if (ret) - return ret; - - ret = _kadm5_ad_connect(server_handle); - if (ret) - return ret; - - fqdn = get_fqdn(context->context, principal); - - ret = krb5_unparse_name(context->context, principal, &p); - if (ret) - return ret; - - if (ad_find_entry(context, fqdn, p, &dn) != 0) { - free(p); - return KADM5_UNK_PRINC; - } - - ret = ldap_delete_s(CTX2LP(context), dn); - - free(dn); - free(p); - - if (check_ldap(context, ret)) - return KADM5_RPC_ERROR; - return 0; -#else - krb5_set_error_string(context->context, "Function not implemented"); - return KADM5_RPC_ERROR; -#endif -} - -static kadm5_ret_t -kadm5_ad_destroy(void *server_handle) -{ - kadm5_ad_context *context = server_handle; - - if (context->ccache) - krb5_cc_destroy(context->context, context->ccache); - -#ifdef OPENLDAP - { - LDAP *lp = CTX2LP(context); - if (lp) - ldap_unbind(lp); - if (context->base_dn) - free(context->base_dn); - } -#endif - free(context->realm); - free(context->client_name); - krb5_free_principal(context->context, context->caller); - if(context->my_context) - krb5_free_context(context->context); - return 0; -} - -static kadm5_ret_t -kadm5_ad_flush(void *server_handle) -{ - kadm5_ad_context *context = server_handle; -#ifdef OPENLDAP - krb5_set_error_string(context->context, "Function not implemented"); - return KADM5_RPC_ERROR; -#else - krb5_set_error_string(context->context, "Function not implemented"); - return KADM5_RPC_ERROR; -#endif -} - -static kadm5_ret_t -kadm5_ad_get_principal(void *server_handle, - krb5_principal principal, - kadm5_principal_ent_t entry, - uint32_t mask) -{ - kadm5_ad_context *context = server_handle; -#ifdef OPENLDAP - LDAPMessage *m, *m0; - char **attr = NULL; - int attrlen = 0; - char *filter, *p, *q, *u; - int ret; - - /* - * principal - * KADM5_PRINCIPAL | KADM5_KVNO | KADM5_ATTRIBUTES - */ - - /* - * return 0 || KADM5_DUP; - */ - - memset(entry, 0, sizeof(*entry)); - - if (mask & KADM5_KVNO) - laddattr(&attr, &attrlen, "msDS-KeyVersionNumber"); - - if (mask & KADM5_PRINCIPAL) { - laddattr(&attr, &attrlen, "userPrincipalName"); - laddattr(&attr, &attrlen, "servicePrincipalName"); - } - laddattr(&attr, &attrlen, "objectClass"); - laddattr(&attr, &attrlen, "lastLogon"); - laddattr(&attr, &attrlen, "badPwdCount"); - laddattr(&attr, &attrlen, "badPasswordTime"); - laddattr(&attr, &attrlen, "pwdLastSet"); - laddattr(&attr, &attrlen, "accountExpires"); - laddattr(&attr, &attrlen, "userAccountControl"); - - krb5_unparse_name_short(context->context, principal, &p); - krb5_unparse_name(context->context, principal, &u); - - /* replace @ in domain part with a / */ - q = strrchr(p, '@'); - if (q && (p != q && *(q - 1) != '\\')) - *q = '/'; - - asprintf(&filter, - "(|(userPrincipalName=%s)(servicePrincipalName=%s)(servicePrincipalName=%s))", - u, p, u); - free(p); - free(u); - - ret = ldap_search_s(CTX2LP(context), CTX2BASE(context), - LDAP_SCOPE_SUBTREE, - filter, attr, 0, &m); - free(attr); - if (check_ldap(context, ret)) - return KADM5_RPC_ERROR; - - if (ldap_count_entries(CTX2LP(context), m) > 0) { - char **vals; - m0 = ldap_first_entry(CTX2LP(context), m); - if (m0 == NULL) { - ldap_msgfree(m); - goto fail; - } -#if 0 - vals = ldap_get_values(CTX2LP(context), m0, "servicePrincipalName"); - if (vals) - printf("servicePrincipalName %s\n", vals[0]); - vals = ldap_get_values(CTX2LP(context), m0, "userPrincipalName"); - if (vals) - printf("userPrincipalName %s\n", vals[0]); - vals = ldap_get_values(CTX2LP(context), m0, "userAccountControl"); - if (vals) - printf("userAccountControl %s\n", vals[0]); -#endif - entry->princ_expire_time = 0; - if (mask & KADM5_PRINC_EXPIRE_TIME) { - vals = ldap_get_values(CTX2LP(context), m0, "accountExpires"); - if (vals) - entry->princ_expire_time = nt2unixtime(vals[0]); - } - entry->last_success = 0; - if (mask & KADM5_LAST_SUCCESS) { - vals = ldap_get_values(CTX2LP(context), m0, "lastLogon"); - if (vals) - entry->last_success = nt2unixtime(vals[0]); - } - if (mask & KADM5_LAST_FAILED) { - vals = ldap_get_values(CTX2LP(context), m0, "badPasswordTime"); - if (vals) - entry->last_failed = nt2unixtime(vals[0]); - } - if (mask & KADM5_LAST_PWD_CHANGE) { - vals = ldap_get_values(CTX2LP(context), m0, "pwdLastSet"); - if (vals) - entry->last_pwd_change = nt2unixtime(vals[0]); - } - if (mask & KADM5_FAIL_AUTH_COUNT) { - vals = ldap_get_values(CTX2LP(context), m0, "badPwdCount"); - if (vals) - entry->fail_auth_count = atoi(vals[0]); - } - if (mask & KADM5_ATTRIBUTES) { - vals = ldap_get_values(CTX2LP(context), m0, "userAccountControl"); - if (vals) { - uint32_t i; - i = atoi(vals[0]); - if (i & (UF_ACCOUNTDISABLE|UF_LOCKOUT)) - entry->attributes |= KRB5_KDB_DISALLOW_ALL_TIX; - if ((i & UF_DONT_REQUIRE_PREAUTH) == 0) - entry->attributes |= KRB5_KDB_REQUIRES_PRE_AUTH; - if (i & UF_SMARTCARD_REQUIRED) - entry->attributes |= KRB5_KDB_REQUIRES_HW_AUTH; - if ((i & UF_WORKSTATION_TRUST_ACCOUNT) == 0) - entry->attributes |= KRB5_KDB_DISALLOW_SVR; - } - } - if (mask & KADM5_KVNO) { - vals = ldap_get_values(CTX2LP(context), m0, - "msDS-KeyVersionNumber"); - if (vals) - entry->kvno = atoi(vals[0]); - else - entry->kvno = 0; - } - ldap_msgfree(m); - } else { - return KADM5_UNK_PRINC; - } - - if (mask & KADM5_PRINCIPAL) - krb5_copy_principal(context->context, principal, &entry->principal); - - return 0; - fail: - return KADM5_RPC_ERROR; -#else - krb5_set_error_string(context->context, "Function not implemented"); - return KADM5_RPC_ERROR; -#endif -} - -static kadm5_ret_t -kadm5_ad_get_principals(void *server_handle, - const char *expression, - char ***principals, - int *count) -{ - kadm5_ad_context *context = server_handle; - - /* - * KADM5_PRINCIPAL | KADM5_KVNO | KADM5_ATTRIBUTES - */ - -#ifdef OPENLDAP - kadm5_ret_t ret; - - ret = ad_get_cred(context, NULL); - if (ret) - return ret; - - ret = _kadm5_ad_connect(server_handle); - if (ret) - return ret; - - krb5_set_error_string(context->context, "Function not implemented"); - return KADM5_RPC_ERROR; -#else - krb5_set_error_string(context->context, "Function not implemented"); - return KADM5_RPC_ERROR; -#endif -} - -static kadm5_ret_t -kadm5_ad_get_privs(void *server_handle, uint32_t*privs) -{ - kadm5_ad_context *context = server_handle; - krb5_set_error_string(context->context, "Function not implemented"); - return KADM5_RPC_ERROR; -} - -static kadm5_ret_t -kadm5_ad_modify_principal(void *server_handle, - kadm5_principal_ent_t entry, - uint32_t mask) -{ - kadm5_ad_context *context = server_handle; - - /* - * KADM5_ATTRIBUTES - * KRB5_KDB_DISALLOW_ALL_TIX (| KADM5_KVNO) - */ - -#ifdef OPENLDAP - LDAPMessage *m = NULL, *m0; - kadm5_ret_t ret; - char **attr = NULL; - int attrlen = 0; - char *p = NULL, *s = NULL, *q; - char **vals; - LDAPMod *attrs[4], rattrs[3], *a; - char *uaf[2] = { NULL, NULL }; - char *kvno[2] = { NULL, NULL }; - char *tv[2] = { NULL, NULL }; - char *filter, *dn; - int i; - - for (i = 0; i < sizeof(rattrs)/sizeof(rattrs[0]); i++) - attrs[i] = &rattrs[i]; - attrs[i] = NULL; - a = &rattrs[0]; - - ret = _kadm5_ad_connect(server_handle); - if (ret) - return ret; - - if (mask & KADM5_KVNO) - laddattr(&attr, &attrlen, "msDS-KeyVersionNumber"); - if (mask & KADM5_PRINC_EXPIRE_TIME) - laddattr(&attr, &attrlen, "accountExpires"); - if (mask & KADM5_ATTRIBUTES) - laddattr(&attr, &attrlen, "userAccountControl"); - laddattr(&attr, &attrlen, "distinguishedName"); - - krb5_unparse_name(context->context, entry->principal, &p); - - s = strdup(p); - - q = strrchr(s, '@'); - if (q && (p != q && *(q - 1) != '\\')) - *q = '\0'; - - asprintf(&filter, - "(|(userPrincipalName=%s)(servicePrincipalName=%s))", - s, s); - free(p); - free(s); - - ret = ldap_search_s(CTX2LP(context), CTX2BASE(context), - LDAP_SCOPE_SUBTREE, - filter, attr, 0, &m); - free(attr); - free(filter); - if (check_ldap(context, ret)) - return KADM5_RPC_ERROR; - - if (ldap_count_entries(CTX2LP(context), m) <= 0) { - ret = KADM5_RPC_ERROR; - goto out; - } - - m0 = ldap_first_entry(CTX2LP(context), m); - - if (mask & KADM5_ATTRIBUTES) { - int32_t i; - - vals = ldap_get_values(CTX2LP(context), m0, "userAccountControl"); - if (vals == NULL) { - ret = KADM5_RPC_ERROR; - goto out; - } - - i = atoi(vals[0]); - if (i == 0) - return KADM5_RPC_ERROR; - - if (entry->attributes & KRB5_KDB_DISALLOW_ALL_TIX) - i |= (UF_ACCOUNTDISABLE|UF_LOCKOUT); - else - i &= ~(UF_ACCOUNTDISABLE|UF_LOCKOUT); - if (entry->attributes & KRB5_KDB_REQUIRES_PRE_AUTH) - i &= ~UF_DONT_REQUIRE_PREAUTH; - else - i |= UF_DONT_REQUIRE_PREAUTH; - if (entry->attributes & KRB5_KDB_REQUIRES_HW_AUTH) - i |= UF_SMARTCARD_REQUIRED; - else - i &= UF_SMARTCARD_REQUIRED; - if (entry->attributes & KRB5_KDB_DISALLOW_SVR) - i &= ~UF_WORKSTATION_TRUST_ACCOUNT; - else - i |= UF_WORKSTATION_TRUST_ACCOUNT; - - asprintf(&uaf[0], "%d", i); - - a->mod_op = LDAP_MOD_REPLACE; - a->mod_type = "userAccountControl"; - a->mod_values = uaf; - a++; - } - - if (mask & KADM5_KVNO) { - vals = ldap_get_values(CTX2LP(context), m0, "msDS-KeyVersionNumber"); - if (vals == NULL) { - entry->kvno = 0; - } else { - asprintf(&kvno[0], "%d", entry->kvno); - - a->mod_op = LDAP_MOD_REPLACE; - a->mod_type = "msDS-KeyVersionNumber"; - a->mod_values = kvno; - a++; - } - } - - if (mask & KADM5_PRINC_EXPIRE_TIME) { - long long wt; - vals = ldap_get_values(CTX2LP(context), m0, "accountExpires"); - if (vals == NULL) { - ret = KADM5_RPC_ERROR; - goto out; - } - - wt = unix2nttime(entry->princ_expire_time); - - asprintf(&tv[0], "%llu", wt); - - a->mod_op = LDAP_MOD_REPLACE; - a->mod_type = "accountExpires"; - a->mod_values = tv; - a++; - } - - vals = ldap_get_values(CTX2LP(context), m0, "distinguishedName"); - if (vals == NULL) { - ret = KADM5_RPC_ERROR; - goto out; - } - dn = vals[0]; - - attrs[a - &rattrs[0]] = NULL; - - ret = ldap_modify_s(CTX2LP(context), dn, attrs); - if (check_ldap(context, ret)) - return KADM5_RPC_ERROR; - - out: - if (m) - ldap_msgfree(m); - if (uaf[0]) - free(uaf[0]); - if (kvno[0]) - free(kvno[0]); - if (tv[0]) - free(tv[0]); - return ret; -#else - krb5_set_error_string(context->context, "Function not implemented"); - return KADM5_RPC_ERROR; -#endif -} - -static kadm5_ret_t -kadm5_ad_randkey_principal(void *server_handle, - krb5_principal principal, - krb5_keyblock **keys, - int *n_keys) -{ - kadm5_ad_context *context = server_handle; - - /* - * random key - */ - -#ifdef OPENLDAP - krb5_data result_code_string, result_string; - int result_code, plen; - kadm5_ret_t ret; - char *password; - - *keys = NULL; - *n_keys = 0; - - { - char p[64]; - krb5_generate_random_block(p, sizeof(p)); - plen = base64_encode(p, sizeof(p), &password); - if (plen < 0) - return ENOMEM; - } - - ret = ad_get_cred(context, NULL); - if (ret) { - free(password); - return ret; - } - - krb5_data_zero (&result_code_string); - krb5_data_zero (&result_string); - - ret = krb5_set_password_using_ccache (context->context, - context->ccache, - password, - principal, - &result_code, - &result_code_string, - &result_string); - - krb5_data_free (&result_code_string); - krb5_data_free (&result_string); - - if (ret == 0) { - - *keys = malloc(sizeof(**keys) * 1); - if (*keys == NULL) { - ret = ENOMEM; - goto out; - } - *n_keys = 1; - - ret = krb5_string_to_key(context->context, - ENCTYPE_ARCFOUR_HMAC_MD5, - password, - principal, - &(*keys)[0]); - memset(password, 0, sizeof(password)); - if (ret) { - free(*keys); - *keys = NULL; - *n_keys = 0; - goto out; - } - } - memset(password, 0, plen); - free(password); - out: - return ret; -#else - *keys = NULL; - *n_keys = 0; - - krb5_set_error_string(context->context, "Function not implemented"); - return KADM5_RPC_ERROR; -#endif -} - -static kadm5_ret_t -kadm5_ad_rename_principal(void *server_handle, - krb5_principal from, - krb5_principal to) -{ - kadm5_ad_context *context = server_handle; - krb5_set_error_string(context->context, "Function not implemented"); - return KADM5_RPC_ERROR; -} - -static kadm5_ret_t -kadm5_ad_chpass_principal_with_key(void *server_handle, - krb5_principal princ, - int n_key_data, - krb5_key_data *key_data) -{ - kadm5_ad_context *context = server_handle; - krb5_set_error_string(context->context, "Function not implemented"); - return KADM5_RPC_ERROR; -} - -static void -set_funcs(kadm5_ad_context *c) -{ -#define SET(C, F) (C)->funcs.F = kadm5_ad_ ## F - SET(c, chpass_principal); - SET(c, chpass_principal_with_key); - SET(c, create_principal); - SET(c, delete_principal); - SET(c, destroy); - SET(c, flush); - SET(c, get_principal); - SET(c, get_principals); - SET(c, get_privs); - SET(c, modify_principal); - SET(c, randkey_principal); - SET(c, rename_principal); -} - -kadm5_ret_t -kadm5_ad_init_with_password_ctx(krb5_context context, - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - kadm5_ret_t ret; - kadm5_ad_context *ctx; - - ctx = malloc(sizeof(*ctx)); - if(ctx == NULL) - return ENOMEM; - memset(ctx, 0, sizeof(*ctx)); - set_funcs(ctx); - - ctx->context = context; - krb5_add_et_list (context, initialize_kadm5_error_table_r); - - ret = krb5_parse_name(ctx->context, client_name, &ctx->caller); - if(ret) { - free(ctx); - return ret; - } - - if(realm_params->mask & KADM5_CONFIG_REALM) { - ret = 0; - ctx->realm = strdup(realm_params->realm); - if (ctx->realm == NULL) - ret = ENOMEM; - } else - ret = krb5_get_default_realm(ctx->context, &ctx->realm); - if (ret) { - free(ctx); - return ret; - } - - ctx->client_name = strdup(client_name); - - if(password != NULL && *password != '\0') - ret = ad_get_cred(ctx, password); - else - ret = ad_get_cred(ctx, NULL); - if(ret) { - kadm5_ad_destroy(ctx); - return ret; - } - -#ifdef OPENLDAP - ret = _kadm5_ad_connect(ctx); - if (ret) { - kadm5_ad_destroy(ctx); - return ret; - } -#endif - - *server_handle = ctx; - return 0; -} - -kadm5_ret_t -kadm5_ad_init_with_password(const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - krb5_context context; - kadm5_ret_t ret; - kadm5_ad_context *ctx; - - ret = krb5_init_context(&context); - if (ret) - return ret; - ret = kadm5_ad_init_with_password_ctx(context, - client_name, - password, - service_name, - realm_params, - struct_version, - api_version, - server_handle); - if(ret) { - krb5_free_context(context); - return ret; - } - ctx = *server_handle; - ctx->my_context = 1; - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/admin.h b/crypto/heimdal/lib/kadm5/admin.h deleted file mode 100644 index 30d68d823793..000000000000 --- a/crypto/heimdal/lib/kadm5/admin.h +++ /dev/null @@ -1,258 +0,0 @@ -/* - * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $Id: admin.h 20237 2007-02-16 23:54:34Z lha $ */ - -#ifndef __KADM5_ADMIN_H__ -#define __KADM5_ADMIN_H__ - -#define KADM5_API_VERSION_1 1 -#define KADM5_API_VERSION_2 2 - -#ifndef USE_KADM5_API_VERSION -#define USE_KADM5_API_VERSION KADM5_API_VERSION_2 -#endif - -#if USE_KADM5_API_VERSION != KADM5_API_VERSION_2 -#error No support for API versions other than 2 -#endif - -#define KADM5_STRUCT_VERSION 0 - -#include - -#define KRB5_KDB_DISALLOW_POSTDATED 0x00000001 -#define KRB5_KDB_DISALLOW_FORWARDABLE 0x00000002 -#define KRB5_KDB_DISALLOW_TGT_BASED 0x00000004 -#define KRB5_KDB_DISALLOW_RENEWABLE 0x00000008 -#define KRB5_KDB_DISALLOW_PROXIABLE 0x00000010 -#define KRB5_KDB_DISALLOW_DUP_SKEY 0x00000020 -#define KRB5_KDB_DISALLOW_ALL_TIX 0x00000040 -#define KRB5_KDB_REQUIRES_PRE_AUTH 0x00000080 -#define KRB5_KDB_REQUIRES_HW_AUTH 0x00000100 -#define KRB5_KDB_REQUIRES_PWCHANGE 0x00000200 -#define KRB5_KDB_DISALLOW_SVR 0x00001000 -#define KRB5_KDB_PWCHANGE_SERVICE 0x00002000 -#define KRB5_KDB_SUPPORT_DESMD5 0x00004000 -#define KRB5_KDB_NEW_PRINC 0x00008000 -#define KRB5_KDB_OK_AS_DELEGATE 0x00010000 -#define KRB5_KDB_TRUSTED_FOR_DELEGATION 0x00020000 -#define KRB5_KDB_ALLOW_KERBEROS4 0x00040000 -#define KRB5_KDB_ALLOW_DIGEST 0x00080000 - -#define KADM5_PRINCIPAL 0x000001 -#define KADM5_PRINC_EXPIRE_TIME 0x000002 -#define KADM5_PW_EXPIRATION 0x000004 -#define KADM5_LAST_PWD_CHANGE 0x000008 -#define KADM5_ATTRIBUTES 0x000010 -#define KADM5_MAX_LIFE 0x000020 -#define KADM5_MOD_TIME 0x000040 -#define KADM5_MOD_NAME 0x000080 -#define KADM5_KVNO 0x000100 -#define KADM5_MKVNO 0x000200 -#define KADM5_AUX_ATTRIBUTES 0x000400 -#define KADM5_POLICY 0x000800 -#define KADM5_POLICY_CLR 0x001000 -#define KADM5_MAX_RLIFE 0x002000 -#define KADM5_LAST_SUCCESS 0x004000 -#define KADM5_LAST_FAILED 0x008000 -#define KADM5_FAIL_AUTH_COUNT 0x010000 -#define KADM5_KEY_DATA 0x020000 -#define KADM5_TL_DATA 0x040000 - -#define KADM5_PRINCIPAL_NORMAL_MASK (~(KADM5_KEY_DATA | KADM5_TL_DATA)) - -#define KADM5_PW_MAX_LIFE 0x004000 -#define KADM5_PW_MIN_LIFE 0x008000 -#define KADM5_PW_MIN_LENGTH 0x010000 -#define KADM5_PW_MIN_CLASSES 0x020000 -#define KADM5_PW_HISTORY_NUM 0x040000 -#define KADM5_REF_COUNT 0x080000 - -#define KADM5_POLICY_NORMAL_MASK (~0) - -#define KADM5_ADMIN_SERVICE "kadmin/admin" -#define KADM5_HIST_PRINCIPAL "kadmin/history" -#define KADM5_CHANGEPW_SERVICE "kadmin/changepw" - -typedef struct _krb5_key_data { - int16_t key_data_ver; /* Version */ - int16_t key_data_kvno; /* Key Version */ - int16_t key_data_type[2]; /* Array of types */ - int16_t key_data_length[2]; /* Array of lengths */ - void* key_data_contents[2];/* Array of pointers */ -} krb5_key_data; - -typedef struct _krb5_tl_data { - struct _krb5_tl_data* tl_data_next; - int16_t tl_data_type; - int16_t tl_data_length; - void* tl_data_contents; -} krb5_tl_data; - -#define KRB5_TL_LAST_PWD_CHANGE 0x0001 -#define KRB5_TL_MOD_PRINC 0x0002 -#define KRB5_TL_KADM_DATA 0x0003 -#define KRB5_TL_KADM5_E_DATA 0x0004 -#define KRB5_TL_RB1_CHALLENGE 0x0005 -#define KRB5_TL_SECURID_STATE 0x0006 -#define KRB5_TL_PASSWORD 0x0007 -#define KRB5_TL_EXTENSION 0x0008 -#define KRB5_TL_PKINIT_ACL 0x0009 -#define KRB5_TL_ALIASES 0x000a - -typedef struct _kadm5_principal_ent_t { - krb5_principal principal; - - krb5_timestamp princ_expire_time; - krb5_timestamp last_pwd_change; - krb5_timestamp pw_expiration; - krb5_deltat max_life; - krb5_principal mod_name; - krb5_timestamp mod_date; - krb5_flags attributes; - krb5_kvno kvno; - krb5_kvno mkvno; - - char * policy; - uint32_t aux_attributes; - - krb5_deltat max_renewable_life; - krb5_timestamp last_success; - krb5_timestamp last_failed; - krb5_kvno fail_auth_count; - int16_t n_key_data; - int16_t n_tl_data; - krb5_tl_data *tl_data; - krb5_key_data *key_data; -} kadm5_principal_ent_rec, *kadm5_principal_ent_t; - -typedef struct _kadm5_policy_ent_t { - char *policy; - - uint32_t pw_min_life; - uint32_t pw_max_life; - uint32_t pw_min_length; - uint32_t pw_min_classes; - uint32_t pw_history_num; - uint32_t policy_refcnt; -} kadm5_policy_ent_rec, *kadm5_policy_ent_t; - -#define KADM5_CONFIG_REALM (1 << 0) -#define KADM5_CONFIG_PROFILE (1 << 1) -#define KADM5_CONFIG_KADMIND_PORT (1 << 2) -#define KADM5_CONFIG_ADMIN_SERVER (1 << 3) -#define KADM5_CONFIG_DBNAME (1 << 4) -#define KADM5_CONFIG_ADBNAME (1 << 5) -#define KADM5_CONFIG_ADB_LOCKFILE (1 << 6) -#define KADM5_CONFIG_ACL_FILE (1 << 7) -#define KADM5_CONFIG_DICT_FILE (1 << 8) -#define KADM5_CONFIG_ADMIN_KEYTAB (1 << 9) -#define KADM5_CONFIG_MKEY_FROM_KEYBOARD (1 << 10) -#define KADM5_CONFIG_STASH_FILE (1 << 11) -#define KADM5_CONFIG_MKEY_NAME (1 << 12) -#define KADM5_CONFIG_ENCTYPE (1 << 13) -#define KADM5_CONFIG_MAX_LIFE (1 << 14) -#define KADM5_CONFIG_MAX_RLIFE (1 << 15) -#define KADM5_CONFIG_EXPIRATION (1 << 16) -#define KADM5_CONFIG_FLAGS (1 << 17) -#define KADM5_CONFIG_ENCTYPES (1 << 18) - -#define KADM5_PRIV_GET (1 << 0) -#define KADM5_PRIV_ADD (1 << 1) -#define KADM5_PRIV_MODIFY (1 << 2) -#define KADM5_PRIV_DELETE (1 << 3) -#define KADM5_PRIV_LIST (1 << 4) -#define KADM5_PRIV_CPW (1 << 5) -#define KADM5_PRIV_ALL (KADM5_PRIV_GET | KADM5_PRIV_ADD | KADM5_PRIV_MODIFY | KADM5_PRIV_DELETE | KADM5_PRIV_LIST | KADM5_PRIV_CPW) - -typedef struct { - int XXX; -}krb5_key_salt_tuple; - -typedef struct _kadm5_config_params { - uint32_t mask; - - /* Client and server fields */ - char *realm; - int kadmind_port; - - /* client fields */ - char *admin_server; - - /* server fields */ - char *dbname; - char *acl_file; - - /* server library (database) fields */ - char *stash_file; -} kadm5_config_params; - -typedef krb5_error_code kadm5_ret_t; - -#include "kadm5-protos.h" - -#if 0 -/* unimplemented functions */ -kadm5_ret_t -kadm5_decrypt_key(void *server_handle, - kadm5_principal_ent_t entry, int32_t - ktype, int32_t stype, int32_t - kvno, krb5_keyblock *keyblock, - krb5_keysalt *keysalt, int *kvnop); - -kadm5_ret_t -kadm5_create_policy(void *server_handle, - kadm5_policy_ent_t policy, uint32_t mask); - -kadm5_ret_t -kadm5_delete_policy(void *server_handle, char *policy); - - -kadm5_ret_t -kadm5_modify_policy(void *server_handle, - kadm5_policy_ent_t policy, - uint32_t mask); - -kadm5_ret_t -kadm5_get_policy(void *server_handle, char *policy, kadm5_policy_ent_t ent); - -kadm5_ret_t -kadm5_get_policies(void *server_handle, char *exp, - char ***pols, int *count); - -void -kadm5_free_policy_ent(kadm5_policy_ent_t policy); - -#endif - -#endif /* __KADM5_ADMIN_H__ */ diff --git a/crypto/heimdal/lib/kadm5/bump_pw_expire.c b/crypto/heimdal/lib/kadm5/bump_pw_expire.c deleted file mode 100644 index 17bd5e103cef..000000000000 --- a/crypto/heimdal/lib/kadm5/bump_pw_expire.c +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright (c) 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: bump_pw_expire.c 8797 2000-07-24 03:47:54Z assar $"); - -/* - * extend password_expiration if it's defined - */ - -kadm5_ret_t -_kadm5_bump_pw_expire(kadm5_server_context *context, - hdb_entry *ent) -{ - if (ent->pw_end != NULL) { - time_t life; - - life = krb5_config_get_time_default(context->context, - NULL, - 365 * 24 * 60 * 60, - "kadmin", - "password_lifetime", - NULL); - - *(ent->pw_end) = time(NULL) + life; - } - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/check-cracklib.pl b/crypto/heimdal/lib/kadm5/check-cracklib.pl deleted file mode 100755 index 229cc7f0a9be..000000000000 --- a/crypto/heimdal/lib/kadm5/check-cracklib.pl +++ /dev/null @@ -1,106 +0,0 @@ -#!/usr/pkg/bin/perl -# -# Sample password verifier for Heimdals external password -# verifier, see the chapter "Password changing" in the the info -# documentation for more information about the protocol used. -# -# Three checks -# 1. Check that password is not the principal name -# 2. Check that the password passes cracklib -# 3. Check that password isn't repeated for this principal -# -# The repeat check must be last because some clients ask -# twice when getting "no" back and thus the error message -# would be wrong. -# -# Prereqs (example versions): -# -# * perl (5.8.5) http://www.perl.org/ -# * cracklib (2.8.5) http://sourceforge.net/projects/cracklib -# * Crypt-Cracklib perlmodule (0.01) http://search.cpan.org/~daniel/ -# -# Sample dictionaries: -# cracklib-words (1.1) http://sourceforge.net/projects/cracklib -# miscfiles (1.4.2) http://directory.fsf.org/miscfiles.html -# -# Configuration for krb5.conf or kdc.conf -# -# [password_quality] -# policies = builtin:external-check -# external_program = /check-cracklib.pl -# -# $Id: check-cracklib.pl 20578 2007-05-07 22:21:51Z lha $ - -use strict; -use Crypt::Cracklib; -use Digest::MD5; - -# NEED TO CHANGE THESE TO MATCH YOUR SYSTEM -my $database = '/usr/lib/cracklib_dict'; -my $historydb = '/var/heimdal/historydb'; -# NEED TO CHANGE THESE TO MATCH YOUR SYSTEM - -my %params; - -sub check_basic -{ - my $principal = shift; - my $passwd = shift; - - if ($principal eq $passwd) { - return "Principal name as password is not allowed"; - } - return "ok"; -} - -sub check_repeat -{ - my $principal = shift; - my $passwd = shift; - my $result = 'Do not reuse passwords'; - my %DB; - my $md5context = new Digest::MD5; - - $md5context->reset(); - $md5context->add($principal, ":", $passwd); - - my $key=$md5context->hexdigest(); - - dbmopen(%DB,$historydb,0600) or die "Internal: Could not open $historydb"; - $result = "ok" if (!$DB{$key}); - $DB{$key}=scalar(time()); - dbmclose(%DB) or die "Internal: Could not close $historydb"; - return $result; -} - -sub badpassword -{ - my $reason = shift; - print "$reason\n"; - exit 0 -} - -while (<>) { - last if /^end$/; - if (!/^([^:]+): (.+)$/) { - die "key value pair not correct: $_"; - } - $params{$1} = $2; -} - -die "missing principal" if (!defined $params{'principal'}); -die "missing password" if (!defined $params{'new-password'}); - -my $reason; - -$reason = check_basic($params{'principal'}, $params{'new-password'}); -badpassword($reason) if ($reason ne "ok"); - -$reason = fascist_check($params{'new-password'}, $database); -badpassword($reason) if ($reason ne "ok"); - -$reason = check_repeat($params{'principal'}, $params{'new-password'}); -badpassword($reason) if ($reason ne "ok"); - -print "APPROVED\n"; -exit 0 diff --git a/crypto/heimdal/lib/kadm5/chpass_c.c b/crypto/heimdal/lib/kadm5/chpass_c.c deleted file mode 100644 index 5319ce9045b2..000000000000 --- a/crypto/heimdal/lib/kadm5/chpass_c.c +++ /dev/null @@ -1,124 +0,0 @@ -/* - * Copyright (c) 1997-2000, 2005-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: chpass_c.c 16661 2006-01-25 12:50:10Z lha $"); - -kadm5_ret_t -kadm5_c_chpass_principal(void *server_handle, - krb5_principal princ, - const char *password) -{ - kadm5_client_context *context = server_handle; - kadm5_ret_t ret; - krb5_storage *sp; - unsigned char buf[1024]; - int32_t tmp; - krb5_data reply; - - ret = _kadm5_connect(server_handle); - if(ret) - return ret; - - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp == NULL) { - krb5_clear_error_string(context->context); - return ENOMEM; - } - krb5_store_int32(sp, kadm_chpass); - krb5_store_principal(sp, princ); - krb5_store_string(sp, password); - ret = _kadm5_client_send(context, sp); - krb5_storage_free(sp); - ret = _kadm5_client_recv(context, &reply); - if(ret) - return ret; - sp = krb5_storage_from_data (&reply); - if (sp == NULL) { - krb5_clear_error_string(context->context); - krb5_data_free (&reply); - return ENOMEM; - } - krb5_ret_int32(sp, &tmp); - krb5_clear_error_string(context->context); - krb5_storage_free(sp); - krb5_data_free (&reply); - return tmp; -} - -kadm5_ret_t -kadm5_c_chpass_principal_with_key(void *server_handle, - krb5_principal princ, - int n_key_data, - krb5_key_data *key_data) -{ - kadm5_client_context *context = server_handle; - kadm5_ret_t ret; - krb5_storage *sp; - unsigned char buf[1024]; - int32_t tmp; - krb5_data reply; - int i; - - ret = _kadm5_connect(server_handle); - if(ret) - return ret; - - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp == NULL) { - krb5_clear_error_string(context->context); - return ENOMEM; - } - krb5_store_int32(sp, kadm_chpass_with_key); - krb5_store_principal(sp, princ); - krb5_store_int32(sp, n_key_data); - for (i = 0; i < n_key_data; ++i) - kadm5_store_key_data (sp, &key_data[i]); - ret = _kadm5_client_send(context, sp); - krb5_storage_free(sp); - ret = _kadm5_client_recv(context, &reply); - if(ret) - return ret; - sp = krb5_storage_from_data (&reply); - if (sp == NULL) { - krb5_clear_error_string(context->context); - krb5_data_free (&reply); - return ENOMEM; - } - krb5_ret_int32(sp, &tmp); - krb5_clear_error_string(context->context); - krb5_storage_free(sp); - krb5_data_free (&reply); - return tmp; -} diff --git a/crypto/heimdal/lib/kadm5/chpass_s.c b/crypto/heimdal/lib/kadm5/chpass_s.c deleted file mode 100644 index abef28c25508..000000000000 --- a/crypto/heimdal/lib/kadm5/chpass_s.c +++ /dev/null @@ -1,192 +0,0 @@ -/* - * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: chpass_s.c 20608 2007-05-08 07:11:48Z lha $"); - -static kadm5_ret_t -change(void *server_handle, - krb5_principal princ, - const char *password, - int cond) -{ - kadm5_server_context *context = server_handle; - hdb_entry_ex ent; - kadm5_ret_t ret; - Key *keys; - size_t num_keys; - int cmp = 1; - - memset(&ent, 0, sizeof(ent)); - ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); - if(ret) - return ret; - ret = context->db->hdb_fetch(context->context, context->db, princ, - HDB_F_DECRYPT|HDB_F_GET_ANY, &ent); - if(ret == HDB_ERR_NOENTRY) - goto out; - - num_keys = ent.entry.keys.len; - keys = ent.entry.keys.val; - - ent.entry.keys.len = 0; - ent.entry.keys.val = NULL; - - ret = _kadm5_set_keys(context, &ent.entry, password); - if(ret) { - _kadm5_free_keys (context->context, num_keys, keys); - goto out2; - } - ent.entry.kvno++; - if (cond) - cmp = _kadm5_cmp_keys (ent.entry.keys.val, ent.entry.keys.len, - keys, num_keys); - _kadm5_free_keys (context->context, num_keys, keys); - - if (cmp == 0) { - krb5_set_error_string(context->context, "Password reuse forbidden"); - ret = KADM5_PASS_REUSE; - goto out2; - } - - ret = _kadm5_set_modifier(context, &ent.entry); - if(ret) - goto out2; - - ret = _kadm5_bump_pw_expire(context, &ent.entry); - if (ret) - goto out2; - - ret = hdb_seal_keys(context->context, context->db, &ent.entry); - if (ret) - goto out2; - - ret = context->db->hdb_store(context->context, context->db, - HDB_F_REPLACE, &ent); - if (ret) - goto out2; - - kadm5_log_modify (context, - &ent.entry, - KADM5_PRINCIPAL | KADM5_MOD_NAME | KADM5_MOD_TIME | - KADM5_KEY_DATA | KADM5_KVNO | KADM5_PW_EXPIRATION | - KADM5_TL_DATA); - -out2: - hdb_free_entry(context->context, &ent); -out: - context->db->hdb_close(context->context, context->db); - return _kadm5_error_code(ret); -} - - - -/* - * change the password of `princ' to `password' if it's not already that. - */ - -kadm5_ret_t -kadm5_s_chpass_principal_cond(void *server_handle, - krb5_principal princ, - const char *password) -{ - return change (server_handle, princ, password, 1); -} - -/* - * change the password of `princ' to `password' - */ - -kadm5_ret_t -kadm5_s_chpass_principal(void *server_handle, - krb5_principal princ, - const char *password) -{ - return change (server_handle, princ, password, 0); -} - -/* - * change keys for `princ' to `keys' - */ - -kadm5_ret_t -kadm5_s_chpass_principal_with_key(void *server_handle, - krb5_principal princ, - int n_key_data, - krb5_key_data *key_data) -{ - kadm5_server_context *context = server_handle; - hdb_entry_ex ent; - kadm5_ret_t ret; - - memset(&ent, 0, sizeof(ent)); - ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); - if(ret) - return ret; - ret = context->db->hdb_fetch(context->context, context->db, princ, - HDB_F_GET_ANY, &ent); - if(ret == HDB_ERR_NOENTRY) - goto out; - ret = _kadm5_set_keys2(context, &ent.entry, n_key_data, key_data); - if(ret) - goto out2; - ent.entry.kvno++; - ret = _kadm5_set_modifier(context, &ent.entry); - if(ret) - goto out2; - ret = _kadm5_bump_pw_expire(context, &ent.entry); - if (ret) - goto out2; - - ret = hdb_seal_keys(context->context, context->db, &ent.entry); - if (ret) - goto out2; - - ret = context->db->hdb_store(context->context, context->db, - HDB_F_REPLACE, &ent); - if (ret) - goto out2; - - kadm5_log_modify (context, - &ent.entry, - KADM5_PRINCIPAL | KADM5_MOD_NAME | KADM5_MOD_TIME | - KADM5_KEY_DATA | KADM5_KVNO | KADM5_PW_EXPIRATION | - KADM5_TL_DATA); - -out2: - hdb_free_entry(context->context, &ent); -out: - context->db->hdb_close(context->context, context->db); - return _kadm5_error_code(ret); -} diff --git a/crypto/heimdal/lib/kadm5/client_glue.c b/crypto/heimdal/lib/kadm5/client_glue.c deleted file mode 100644 index 24d91b3f0d6b..000000000000 --- a/crypto/heimdal/lib/kadm5/client_glue.c +++ /dev/null @@ -1,150 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: client_glue.c 7464 1999-12-02 17:05:13Z joda $"); - -kadm5_ret_t -kadm5_init_with_password(const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_c_init_with_password(client_name, - password, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_init_with_password_ctx(krb5_context context, - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_c_init_with_password_ctx(context, - client_name, - password, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_init_with_skey(const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_c_init_with_skey(client_name, - keytab, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_init_with_skey_ctx(krb5_context context, - const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_c_init_with_skey_ctx(context, - client_name, - keytab, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_init_with_creds(const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_c_init_with_creds(client_name, - ccache, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_init_with_creds_ctx(krb5_context context, - const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_c_init_with_creds_ctx(context, - client_name, - ccache, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} diff --git a/crypto/heimdal/lib/kadm5/common_glue.c b/crypto/heimdal/lib/kadm5/common_glue.c deleted file mode 100644 index 48d9d845c0a4..000000000000 --- a/crypto/heimdal/lib/kadm5/common_glue.c +++ /dev/null @@ -1,134 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: common_glue.c 17445 2006-05-05 10:37:46Z lha $"); - -#define __CALL(F, P) (*((kadm5_common_context*)server_handle)->funcs.F)P; - -kadm5_ret_t -kadm5_chpass_principal(void *server_handle, - krb5_principal princ, - const char *password) -{ - return __CALL(chpass_principal, (server_handle, princ, password)); -} - -kadm5_ret_t -kadm5_chpass_principal_with_key(void *server_handle, - krb5_principal princ, - int n_key_data, - krb5_key_data *key_data) -{ - return __CALL(chpass_principal_with_key, - (server_handle, princ, n_key_data, key_data)); -} - -kadm5_ret_t -kadm5_create_principal(void *server_handle, - kadm5_principal_ent_t princ, - uint32_t mask, - const char *password) -{ - return __CALL(create_principal, (server_handle, princ, mask, password)); -} - -kadm5_ret_t -kadm5_delete_principal(void *server_handle, - krb5_principal princ) -{ - return __CALL(delete_principal, (server_handle, princ)); -} - -kadm5_ret_t -kadm5_destroy (void *server_handle) -{ - return __CALL(destroy, (server_handle)); -} - -kadm5_ret_t -kadm5_flush (void *server_handle) -{ - return __CALL(flush, (server_handle)); -} - -kadm5_ret_t -kadm5_get_principal(void *server_handle, - krb5_principal princ, - kadm5_principal_ent_t out, - uint32_t mask) -{ - return __CALL(get_principal, (server_handle, princ, out, mask)); -} - -kadm5_ret_t -kadm5_modify_principal(void *server_handle, - kadm5_principal_ent_t princ, - uint32_t mask) -{ - return __CALL(modify_principal, (server_handle, princ, mask)); -} - -kadm5_ret_t -kadm5_randkey_principal(void *server_handle, - krb5_principal princ, - krb5_keyblock **new_keys, - int *n_keys) -{ - return __CALL(randkey_principal, (server_handle, princ, new_keys, n_keys)); -} - -kadm5_ret_t -kadm5_rename_principal(void *server_handle, - krb5_principal source, - krb5_principal target) -{ - return __CALL(rename_principal, (server_handle, source, target)); -} - -kadm5_ret_t -kadm5_get_principals(void *server_handle, - const char *expression, - char ***princs, - int *count) -{ - return __CALL(get_principals, (server_handle, expression, princs, count)); -} - -kadm5_ret_t -kadm5_get_privs(void *server_handle, - uint32_t *privs) -{ - return __CALL(get_privs, (server_handle, privs)); -} diff --git a/crypto/heimdal/lib/kadm5/context_s.c b/crypto/heimdal/lib/kadm5/context_s.c deleted file mode 100644 index 6ac7a9cf2d1e..000000000000 --- a/crypto/heimdal/lib/kadm5/context_s.c +++ /dev/null @@ -1,174 +0,0 @@ -/* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: context_s.c 22211 2007-12-07 19:27:27Z lha $"); - -static void -set_funcs(kadm5_server_context *c) -{ -#define SET(C, F) (C)->funcs.F = kadm5_s_ ## F - SET(c, chpass_principal); - SET(c, chpass_principal_with_key); - SET(c, create_principal); - SET(c, delete_principal); - SET(c, destroy); - SET(c, flush); - SET(c, get_principal); - SET(c, get_principals); - SET(c, get_privs); - SET(c, modify_principal); - SET(c, randkey_principal); - SET(c, rename_principal); -} - -static void -set_socket_name(krb5_context context, struct sockaddr_un *un) -{ - const char *fn = kadm5_log_signal_socket(context); - - memset(un, 0, sizeof(*un)); - un->sun_family = AF_UNIX; - strlcpy (un->sun_path, fn, sizeof(un->sun_path)); -} - -static kadm5_ret_t -find_db_spec(kadm5_server_context *ctx) -{ - krb5_context context = ctx->context; - struct hdb_dbinfo *info, *d; - krb5_error_code ret; - - if (ctx->config.realm) { - /* fetch the databases */ - ret = hdb_get_dbinfo(context, &info); - if (ret) - return ret; - - d = NULL; - while ((d = hdb_dbinfo_get_next(info, d)) != NULL) { - const char *p = hdb_dbinfo_get_realm(context, d); - - /* match default (realm-less) */ - if(p != NULL && strcmp(ctx->config.realm, p) != 0) - continue; - - p = hdb_dbinfo_get_dbname(context, d); - if (p) - ctx->config.dbname = strdup(p); - - p = hdb_dbinfo_get_acl_file(context, d); - if (p) - ctx->config.acl_file = strdup(p); - - p = hdb_dbinfo_get_mkey_file(context, d); - if (p) - ctx->config.stash_file = strdup(p); - - p = hdb_dbinfo_get_log_file(context, d); - if (p) - ctx->log_context.log_file = strdup(p); - break; - } - hdb_free_dbinfo(context, &info); - } - - /* If any of the values was unset, pick up the default value */ - - if (ctx->config.dbname == NULL) - ctx->config.dbname = strdup(hdb_default_db(context)); - if (ctx->config.acl_file == NULL) - asprintf(&ctx->config.acl_file, "%s/kadmind.acl", hdb_db_dir(context)); - if (ctx->config.stash_file == NULL) - asprintf(&ctx->config.stash_file, "%s/m-key", hdb_db_dir(context)); - if (ctx->log_context.log_file == NULL) - asprintf(&ctx->log_context.log_file, "%s/log", hdb_db_dir(context)); - - set_socket_name(context, &ctx->log_context.socket_name); - - return 0; -} - -kadm5_ret_t -_kadm5_s_init_context(kadm5_server_context **ctx, - kadm5_config_params *params, - krb5_context context) -{ - *ctx = malloc(sizeof(**ctx)); - if(*ctx == NULL) - return ENOMEM; - memset(*ctx, 0, sizeof(**ctx)); - set_funcs(*ctx); - (*ctx)->context = context; - krb5_add_et_list (context, initialize_kadm5_error_table_r); -#define is_set(M) (params && params->mask & KADM5_CONFIG_ ## M) - if(is_set(REALM)) - (*ctx)->config.realm = strdup(params->realm); - else - krb5_get_default_realm(context, &(*ctx)->config.realm); - if(is_set(DBNAME)) - (*ctx)->config.dbname = strdup(params->dbname); - if(is_set(ACL_FILE)) - (*ctx)->config.acl_file = strdup(params->acl_file); - if(is_set(STASH_FILE)) - (*ctx)->config.stash_file = strdup(params->stash_file); - - find_db_spec(*ctx); - - /* PROFILE can't be specified for now */ - /* KADMIND_PORT is supposed to be used on the server also, - but this doesn't make sense */ - /* ADMIN_SERVER is client only */ - /* ADNAME is not used at all (as far as I can tell) */ - /* ADB_LOCKFILE ditto */ - /* DICT_FILE */ - /* ADMIN_KEYTAB */ - /* MKEY_FROM_KEYBOARD is not supported */ - /* MKEY_NAME neither */ - /* ENCTYPE */ - /* MAX_LIFE */ - /* MAX_RLIFE */ - /* EXPIRATION */ - /* FLAGS */ - /* ENCTYPES */ - - return 0; -} - -HDB * -_kadm5_s_get_db(void *server_handle) -{ - kadm5_server_context *context = server_handle; - return context->db; -} diff --git a/crypto/heimdal/lib/kadm5/create_c.c b/crypto/heimdal/lib/kadm5/create_c.c deleted file mode 100644 index 903a06af486f..000000000000 --- a/crypto/heimdal/lib/kadm5/create_c.c +++ /dev/null @@ -1,81 +0,0 @@ -/* - * Copyright (c) 1997-2000, 2005-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: create_c.c 17445 2006-05-05 10:37:46Z lha $"); - -kadm5_ret_t -kadm5_c_create_principal(void *server_handle, - kadm5_principal_ent_t princ, - uint32_t mask, - const char *password) -{ - kadm5_client_context *context = server_handle; - kadm5_ret_t ret; - krb5_storage *sp; - unsigned char buf[1024]; - int32_t tmp; - krb5_data reply; - - ret = _kadm5_connect(server_handle); - if(ret) - return ret; - - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp == NULL) { - krb5_clear_error_string(context->context); - return ENOMEM; - } - krb5_store_int32(sp, kadm_create); - kadm5_store_principal_ent(sp, princ); - krb5_store_int32(sp, mask); - krb5_store_string(sp, password); - ret = _kadm5_client_send(context, sp); - krb5_storage_free(sp); - ret = _kadm5_client_recv(context, &reply); - if(ret) - return ret; - sp = krb5_storage_from_data (&reply); - if (sp == NULL) { - krb5_clear_error_string(context->context); - krb5_data_free (&reply); - return ENOMEM; - } - krb5_ret_int32(sp, &tmp); - krb5_clear_error_string(context->context); - krb5_storage_free(sp); - krb5_data_free (&reply); - return tmp; -} - diff --git a/crypto/heimdal/lib/kadm5/create_s.c b/crypto/heimdal/lib/kadm5/create_s.c deleted file mode 100644 index 9465310cb586..000000000000 --- a/crypto/heimdal/lib/kadm5/create_s.c +++ /dev/null @@ -1,193 +0,0 @@ -/* - * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: create_s.c 20607 2007-05-08 07:11:11Z lha $"); - -static kadm5_ret_t -get_default(kadm5_server_context *context, krb5_principal princ, - kadm5_principal_ent_t def) -{ - kadm5_ret_t ret; - krb5_principal def_principal; - krb5_realm *realm = krb5_princ_realm(context->context, princ); - - ret = krb5_make_principal(context->context, &def_principal, - *realm, "default", NULL); - if (ret) - return ret; - ret = kadm5_s_get_principal(context, def_principal, def, - KADM5_PRINCIPAL_NORMAL_MASK); - krb5_free_principal (context->context, def_principal); - return ret; -} - -static kadm5_ret_t -create_principal(kadm5_server_context *context, - kadm5_principal_ent_t princ, - uint32_t mask, - hdb_entry_ex *ent, - uint32_t required_mask, - uint32_t forbidden_mask) -{ - kadm5_ret_t ret; - kadm5_principal_ent_rec defrec, *defent; - uint32_t def_mask; - - if((mask & required_mask) != required_mask) - return KADM5_BAD_MASK; - if((mask & forbidden_mask)) - return KADM5_BAD_MASK; - if((mask & KADM5_POLICY) && strcmp(princ->policy, "default")) - /* XXX no real policies for now */ - return KADM5_UNK_POLICY; - memset(ent, 0, sizeof(*ent)); - ret = krb5_copy_principal(context->context, princ->principal, - &ent->entry.principal); - if(ret) - return ret; - - defent = &defrec; - ret = get_default(context, princ->principal, defent); - if(ret) { - defent = NULL; - def_mask = 0; - } else { - def_mask = KADM5_ATTRIBUTES | KADM5_MAX_LIFE | KADM5_MAX_RLIFE; - } - - ret = _kadm5_setup_entry(context, - ent, mask | def_mask, - princ, mask, - defent, def_mask); - if(defent) - kadm5_free_principal_ent(context, defent); - - ent->entry.created_by.time = time(NULL); - ret = krb5_copy_principal(context->context, context->caller, - &ent->entry.created_by.principal); - - return ret; -} - -kadm5_ret_t -kadm5_s_create_principal_with_key(void *server_handle, - kadm5_principal_ent_t princ, - uint32_t mask) -{ - kadm5_ret_t ret; - hdb_entry_ex ent; - kadm5_server_context *context = server_handle; - - ret = create_principal(context, princ, mask, &ent, - KADM5_PRINCIPAL | KADM5_KEY_DATA, - KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME - | KADM5_MOD_NAME | KADM5_MKVNO - | KADM5_AUX_ATTRIBUTES - | KADM5_POLICY_CLR | KADM5_LAST_SUCCESS - | KADM5_LAST_FAILED | KADM5_FAIL_AUTH_COUNT); - if(ret) - goto out; - - if ((mask & KADM5_KVNO) == 0) - ent.entry.kvno = 1; - - ret = hdb_seal_keys(context->context, context->db, &ent.entry); - if (ret) - goto out; - - ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); - if(ret) - goto out; - ret = context->db->hdb_store(context->context, context->db, 0, &ent); - context->db->hdb_close(context->context, context->db); - if (ret) - goto out; - kadm5_log_create (context, &ent.entry); - -out: - hdb_free_entry(context->context, &ent); - return _kadm5_error_code(ret); -} - - -kadm5_ret_t -kadm5_s_create_principal(void *server_handle, - kadm5_principal_ent_t princ, - uint32_t mask, - const char *password) -{ - kadm5_ret_t ret; - hdb_entry_ex ent; - kadm5_server_context *context = server_handle; - - ret = create_principal(context, princ, mask, &ent, - KADM5_PRINCIPAL, - KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME - | KADM5_MOD_NAME | KADM5_MKVNO - | KADM5_AUX_ATTRIBUTES | KADM5_KEY_DATA - | KADM5_POLICY_CLR | KADM5_LAST_SUCCESS - | KADM5_LAST_FAILED | KADM5_FAIL_AUTH_COUNT); - if(ret) - goto out; - - if ((mask & KADM5_KVNO) == 0) - ent.entry.kvno = 1; - - ent.entry.keys.len = 0; - ent.entry.keys.val = NULL; - - ret = _kadm5_set_keys(context, &ent.entry, password); - if (ret) - goto out; - - ret = hdb_seal_keys(context->context, context->db, &ent.entry); - if (ret) - goto out; - - ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); - if(ret) - goto out; - ret = context->db->hdb_store(context->context, context->db, 0, &ent); - context->db->hdb_close(context->context, context->db); - if (ret) - goto out; - - kadm5_log_create (context, &ent.entry); - - out: - hdb_free_entry(context->context, &ent); - return _kadm5_error_code(ret); -} - diff --git a/crypto/heimdal/lib/kadm5/default_keys.c b/crypto/heimdal/lib/kadm5/default_keys.c deleted file mode 100644 index 2a851cd8babf..000000000000 --- a/crypto/heimdal/lib/kadm5/default_keys.c +++ /dev/null @@ -1,120 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" -#include - -RCSID("$Id: default_keys.c 22494 2008-01-21 11:56:44Z lha $"); - -static void -print_keys(krb5_context context, Key *keys, size_t nkeys) -{ - krb5_error_code ret; - char *str; - int i; - - printf("keys:\n"); - - for (i = 0; i < nkeys; i++) { - - ret = krb5_enctype_to_string(context, keys[i].key.keytype, &str); - if (ret) - krb5_err(context, ret, 1, "krb5_enctype_to_string: %d\n", - (int)keys[i].key.keytype); - - printf("\tenctype %s", str); - free(str); - - if (keys[i].salt) { - printf(" salt: "); - - switch (keys[i].salt->type) { - case KRB5_PW_SALT: - printf("pw-salt:"); - break; - case KRB5_AFS3_SALT: - printf("afs3-salt:"); - break; - default: - printf("unknown salt: %d", keys[i].salt->type); - break; - } - if (keys[i].salt->salt.length) - printf("%.*s", (int)keys[i].salt->salt.length, - (char *)keys[i].salt->salt.data); - } - printf("\n"); - } - printf("end keys:\n"); -} - -static void -parse_file(krb5_context context, krb5_principal principal, int no_salt) -{ - krb5_error_code ret; - size_t nkeys; - Key *keys; - - ret = hdb_generate_key_set(context, principal, &keys, &nkeys, no_salt); - if (ret) - krb5_err(context, 1, ret, "hdb_generate_key_set"); - - print_keys(context, keys, nkeys); - - hdb_free_keys(context, nkeys, keys); -} - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - krb5_context context; - krb5_principal principal; - - ret = krb5_init_context(&context); - if (ret) - errx(1, "krb5_init_context"); - - ret = krb5_parse_name(context, "lha@SU.SE", &principal); - if (ret) - krb5_err(context, ret, 1, "krb5_parse_name"); - - parse_file(context, principal, 0); - parse_file(context, principal, 1); - - krb5_free_principal(context, principal); - - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/delete_c.c b/crypto/heimdal/lib/kadm5/delete_c.c deleted file mode 100644 index 5018fd6cbf19..000000000000 --- a/crypto/heimdal/lib/kadm5/delete_c.c +++ /dev/null @@ -1,77 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: delete_c.c 16661 2006-01-25 12:50:10Z lha $"); - -kadm5_ret_t -kadm5_c_delete_principal(void *server_handle, krb5_principal princ) -{ - kadm5_client_context *context = server_handle; - kadm5_ret_t ret; - krb5_storage *sp; - unsigned char buf[1024]; - int32_t tmp; - krb5_data reply; - - ret = _kadm5_connect(server_handle); - if(ret) - return ret; - - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp == NULL) { - krb5_clear_error_string(context->context); - return ENOMEM; - } - krb5_store_int32(sp, kadm_delete); - krb5_store_principal(sp, princ); - ret = _kadm5_client_send(context, sp); - krb5_storage_free(sp); - if (ret) - return ret; - ret = _kadm5_client_recv(context, &reply); - if (ret) - return ret; - sp = krb5_storage_from_data (&reply); - if(sp == NULL) { - krb5_clear_error_string(context->context); - krb5_data_free (&reply); - return ENOMEM; - } - krb5_ret_int32(sp, &tmp); - krb5_clear_error_string(context->context); - krb5_storage_free(sp); - krb5_data_free (&reply); - return tmp; -} diff --git a/crypto/heimdal/lib/kadm5/delete_s.c b/crypto/heimdal/lib/kadm5/delete_s.c deleted file mode 100644 index b4e5a37467fc..000000000000 --- a/crypto/heimdal/lib/kadm5/delete_s.c +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Copyright (c) 1997 - 2001, 2003, 2005 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: delete_s.c 20612 2007-05-08 07:13:45Z lha $"); - -kadm5_ret_t -kadm5_s_delete_principal(void *server_handle, krb5_principal princ) -{ - kadm5_server_context *context = server_handle; - kadm5_ret_t ret; - hdb_entry_ex ent; - - memset(&ent, 0, sizeof(ent)); - ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); - if(ret) { - krb5_warn(context->context, ret, "opening database"); - return ret; - } - ret = context->db->hdb_fetch(context->context, context->db, princ, - HDB_F_DECRYPT|HDB_F_GET_ANY, &ent); - if(ret == HDB_ERR_NOENTRY) - goto out; - if(ent.entry.flags.immutable) { - ret = KADM5_PROTECT_PRINCIPAL; - goto out2; - } - - ret = hdb_seal_keys(context->context, context->db, &ent.entry); - if (ret) - goto out2; - - ret = context->db->hdb_remove(context->context, context->db, princ); - if (ret) - goto out2; - - kadm5_log_delete (context, princ); - -out2: - hdb_free_entry(context->context, &ent); -out: - context->db->hdb_close(context->context, context->db); - return _kadm5_error_code(ret); -} diff --git a/crypto/heimdal/lib/kadm5/destroy_c.c b/crypto/heimdal/lib/kadm5/destroy_c.c deleted file mode 100644 index 9ae2e9d17cb6..000000000000 --- a/crypto/heimdal/lib/kadm5/destroy_c.c +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: destroy_c.c 13198 2003-12-07 19:01:39Z lha $"); - -kadm5_ret_t -kadm5_c_destroy(void *server_handle) -{ - kadm5_client_context *context = server_handle; - - free(context->realm); - free(context->admin_server); - close(context->sock); - if (context->client_name) - free(context->client_name); - if (context->service_name) - free(context->service_name); - if (context->ac != NULL) - krb5_auth_con_free(context->context, context->ac); - if(context->my_context) - krb5_free_context(context->context); - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/destroy_s.c b/crypto/heimdal/lib/kadm5/destroy_s.c deleted file mode 100644 index edfc6b53b9c9..000000000000 --- a/crypto/heimdal/lib/kadm5/destroy_s.c +++ /dev/null @@ -1,81 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: destroy_s.c 12880 2003-09-19 00:25:35Z lha $"); - -/* - * dealloc a `kadm5_config_params' - */ - -static void -destroy_config (kadm5_config_params *c) -{ - free (c->realm); - free (c->dbname); - free (c->acl_file); - free (c->stash_file); -} - -/* - * dealloc a kadm5_log_context - */ - -static void -destroy_kadm5_log_context (kadm5_log_context *c) -{ - free (c->log_file); - close (c->socket_fd); -} - -/* - * destroy a kadm5 handle - */ - -kadm5_ret_t -kadm5_s_destroy(void *server_handle) -{ - kadm5_ret_t ret; - kadm5_server_context *context = server_handle; - krb5_context kcontext = context->context; - - ret = context->db->hdb_destroy(kcontext, context->db); - destroy_kadm5_log_context (&context->log_context); - destroy_config (&context->config); - krb5_free_principal (kcontext, context->caller); - if(context->my_context) - krb5_free_context(kcontext); - free (context); - return ret; -} diff --git a/crypto/heimdal/lib/kadm5/dump_log.c b/crypto/heimdal/lib/kadm5/dump_log.c deleted file mode 100644 index f8309fb5acfe..000000000000 --- a/crypto/heimdal/lib/kadm5/dump_log.c +++ /dev/null @@ -1,273 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "iprop.h" -#include "parse_time.h" - -RCSID("$Id: dump_log.c,v 1.13 2003/04/16 17:56:02 lha Exp $"); - -static char *op_names[] = { - "get", - "delete", - "create", - "rename", - "chpass", - "modify", - "randkey", - "get_privs", - "get_princs", - "chpass_with_key", - "nop" -}; - -static void -print_entry(kadm5_server_context *server_context, - u_int32_t ver, - time_t timestamp, - enum kadm_ops op, - u_int32_t len, - krb5_storage *sp) -{ - char t[256]; - int32_t mask; - hdb_entry ent; - krb5_principal source; - char *name1, *name2; - krb5_data data; - krb5_context context = server_context->context; - - off_t end = krb5_storage_seek(sp, 0, SEEK_CUR) + len; - - krb5_error_code ret; - - strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S", localtime(×tamp)); - - if(op < kadm_get || op > kadm_nop) { - printf("unknown op: %d\n", op); - krb5_storage_seek(sp, end, SEEK_SET); - return; - } - - printf ("%s: ver = %u, timestamp = %s, len = %u\n", - op_names[op], ver, t, len); - switch(op) { - case kadm_delete: - krb5_ret_principal(sp, &source); - krb5_unparse_name(context, source, &name1); - printf(" %s\n", name1); - free(name1); - krb5_free_principal(context, source); - break; - case kadm_rename: - ret = krb5_data_alloc(&data, len); - if (ret) - krb5_err (context, 1, ret, "kadm_rename: data alloc: %d", len); - krb5_ret_principal(sp, &source); - krb5_storage_read(sp, data.data, data.length); - hdb_value2entry(context, &data, &ent); - krb5_unparse_name(context, source, &name1); - krb5_unparse_name(context, ent.principal, &name2); - printf(" %s -> %s\n", name1, name2); - free(name1); - free(name2); - krb5_free_principal(context, source); - hdb_free_entry(context, &ent); - break; - case kadm_create: - ret = krb5_data_alloc(&data, len); - if (ret) - krb5_err (context, 1, ret, "kadm_create: data alloc: %d", len); - krb5_storage_read(sp, data.data, data.length); - ret = hdb_value2entry(context, &data, &ent); - if(ret) - abort(); - mask = ~0; - goto foo; - case kadm_modify: - ret = krb5_data_alloc(&data, len); - if (ret) - krb5_err (context, 1, ret, "kadm_modify: data alloc: %d", len); - krb5_ret_int32(sp, &mask); - krb5_storage_read(sp, data.data, data.length); - ret = hdb_value2entry(context, &data, &ent); - if(ret) - abort(); - foo: - if(ent.principal /* mask & KADM5_PRINCIPAL */) { - krb5_unparse_name(context, ent.principal, &name1); - printf(" principal = %s\n", name1); - free(name1); - } - if(mask & KADM5_PRINC_EXPIRE_TIME) { - if(ent.valid_end == NULL) { - strcpy(t, "never"); - } else { - strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S", - localtime(ent.valid_end)); - } - printf(" expires = %s\n", t); - } - if(mask & KADM5_PW_EXPIRATION) { - if(ent.pw_end == NULL) { - strcpy(t, "never"); - } else { - strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S", - localtime(ent.pw_end)); - } - printf(" password exp = %s\n", t); - } - if(mask & KADM5_LAST_PWD_CHANGE) { - } - if(mask & KADM5_ATTRIBUTES) { - unparse_flags(HDBFlags2int(ent.flags), - HDBFlags_units, t, sizeof(t)); - printf(" attributes = %s\n", t); - } - if(mask & KADM5_MAX_LIFE) { - if(ent.max_life == NULL) - strcpy(t, "for ever"); - else - unparse_time(*ent.max_life, t, sizeof(t)); - printf(" max life = %s\n", t); - } - if(mask & KADM5_MAX_RLIFE) { - if(ent.max_renew == NULL) - strcpy(t, "for ever"); - else - unparse_time(*ent.max_renew, t, sizeof(t)); - printf(" max rlife = %s\n", t); - } - if(mask & KADM5_MOD_TIME) { - printf(" mod time\n"); - } - if(mask & KADM5_MOD_NAME) { - printf(" mod name\n"); - } - if(mask & KADM5_KVNO) { - printf(" kvno = %d\n", ent.kvno); - } - if(mask & KADM5_MKVNO) { - printf(" mkvno\n"); - } - if(mask & KADM5_AUX_ATTRIBUTES) { - printf(" aux attributes\n"); - } - if(mask & KADM5_POLICY) { - printf(" policy\n"); - } - if(mask & KADM5_POLICY_CLR) { - printf(" mod time\n"); - } - if(mask & KADM5_LAST_SUCCESS) { - printf(" last success\n"); - } - if(mask & KADM5_LAST_FAILED) { - printf(" last failed\n"); - } - if(mask & KADM5_FAIL_AUTH_COUNT) { - printf(" fail auth count\n"); - } - if(mask & KADM5_KEY_DATA) { - printf(" key data\n"); - } - if(mask & KADM5_TL_DATA) { - printf(" tl data\n"); - } - hdb_free_entry(context, &ent); - break; - case kadm_nop : - break; - default: - abort(); - } - krb5_storage_seek(sp, end, SEEK_SET); -} - -static char *realm; -static int version_flag; -static int help_flag; - -static struct getargs args[] = { - { "realm", 'r', arg_string, &realm }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; -int num_args = sizeof(args) / sizeof(args[0]); - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - void *kadm_handle; - kadm5_server_context *server_context; - kadm5_config_params conf; - - krb5_program_setup(&context, argc, argv, args, num_args, NULL); - - if(help_flag) - krb5_std_usage(0, args, num_args); - if(version_flag) { - print_version(NULL); - exit(0); - } - - memset(&conf, 0, sizeof(conf)); - if(realm) { - conf.mask |= KADM5_CONFIG_REALM; - conf.realm = realm; - } - ret = kadm5_init_with_password_ctx (context, - KADM5_ADMIN_SERVICE, - NULL, - KADM5_ADMIN_SERVICE, - &conf, 0, 0, - &kadm_handle); - if (ret) - krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); - - server_context = (kadm5_server_context *)kadm_handle; - - ret = kadm5_log_init (server_context); - if (ret) - krb5_err (context, 1, ret, "kadm5_log_init"); - - ret = kadm5_log_foreach (server_context, print_entry); - if(ret) - krb5_warn(context, ret, "kadm5_log_foreach"); - - ret = kadm5_log_end (server_context); - if (ret) - krb5_warn(context, ret, "kadm5_log_end"); - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/ent_setup.c b/crypto/heimdal/lib/kadm5/ent_setup.c deleted file mode 100644 index dfc4a9b5aae0..000000000000 --- a/crypto/heimdal/lib/kadm5/ent_setup.c +++ /dev/null @@ -1,206 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: ent_setup.c 18823 2006-10-22 10:15:53Z lha $"); - -#define set_value(X, V) do { if((X) == NULL) (X) = malloc(sizeof(*(X))); *(X) = V; } while(0) -#define set_null(X) do { if((X) != NULL) free((X)); (X) = NULL; } while (0) - -static void -attr_to_flags(unsigned attr, HDBFlags *flags) -{ - flags->postdate = !(attr & KRB5_KDB_DISALLOW_POSTDATED); - flags->forwardable = !(attr & KRB5_KDB_DISALLOW_FORWARDABLE); - flags->initial = !!(attr & KRB5_KDB_DISALLOW_TGT_BASED); - flags->renewable = !(attr & KRB5_KDB_DISALLOW_RENEWABLE); - flags->proxiable = !(attr & KRB5_KDB_DISALLOW_PROXIABLE); - /* DUP_SKEY */ - flags->invalid = !!(attr & KRB5_KDB_DISALLOW_ALL_TIX); - flags->require_preauth = !!(attr & KRB5_KDB_REQUIRES_PRE_AUTH); - /* HW_AUTH */ - flags->server = !(attr & KRB5_KDB_DISALLOW_SVR); - flags->change_pw = !!(attr & KRB5_KDB_PWCHANGE_SERVICE); - flags->client = 1; /* XXX */ - flags->ok_as_delegate = !!(attr & KRB5_KDB_OK_AS_DELEGATE); - flags->trusted_for_delegation = !!(attr & KRB5_KDB_TRUSTED_FOR_DELEGATION); - flags->allow_kerberos4 = !!(attr & KRB5_KDB_ALLOW_KERBEROS4); - flags->allow_digest = !!(attr & KRB5_KDB_ALLOW_DIGEST); -} - -/* - * Modify the `ent' according to `tl_data'. - */ - -static kadm5_ret_t -perform_tl_data(krb5_context context, - HDB *db, - hdb_entry_ex *ent, - const krb5_tl_data *tl_data) -{ - kadm5_ret_t ret = 0; - - if (tl_data->tl_data_type == KRB5_TL_PASSWORD) { - heim_utf8_string pw = tl_data->tl_data_contents; - - if (pw[tl_data->tl_data_length] != '\0') - return KADM5_BAD_TL_TYPE; - - ret = hdb_entry_set_password(context, db, &ent->entry, pw); - - } else if (tl_data->tl_data_type == KRB5_TL_LAST_PWD_CHANGE) { - unsigned char *s; - time_t t; - - if (tl_data->tl_data_length != 4) - return KADM5_BAD_TL_TYPE; - - s = tl_data->tl_data_contents; - - t = s[0] | (s[1] << 8) | (s[2] << 16) | (s[3] << 24); - - ret = hdb_entry_set_pw_change_time(context, &ent->entry, t); - - } else if (tl_data->tl_data_type == KRB5_TL_EXTENSION) { - HDB_extension ext; - - ret = decode_HDB_extension(tl_data->tl_data_contents, - tl_data->tl_data_length, - &ext, - NULL); - if (ret) - return KADM5_BAD_TL_TYPE; - - ret = hdb_replace_extension(context, &ent->entry, &ext); - free_HDB_extension(&ext); - } else { - return KADM5_BAD_TL_TYPE; - } - return ret; -} - - -/* - * Create the hdb entry `ent' based on data from `princ' with - * `princ_mask' specifying what fields to be gotten from there and - * `mask' specifying what fields we want filled in. - */ - -kadm5_ret_t -_kadm5_setup_entry(kadm5_server_context *context, - hdb_entry_ex *ent, - uint32_t mask, - kadm5_principal_ent_t princ, - uint32_t princ_mask, - kadm5_principal_ent_t def, - uint32_t def_mask) -{ - if(mask & KADM5_PRINC_EXPIRE_TIME - && princ_mask & KADM5_PRINC_EXPIRE_TIME) { - if (princ->princ_expire_time) - set_value(ent->entry.valid_end, princ->princ_expire_time); - else - set_null(ent->entry.valid_end); - } - if(mask & KADM5_PW_EXPIRATION - && princ_mask & KADM5_PW_EXPIRATION) { - if (princ->pw_expiration) - set_value(ent->entry.pw_end, princ->pw_expiration); - else - set_null(ent->entry.pw_end); - } - if(mask & KADM5_ATTRIBUTES) { - if (princ_mask & KADM5_ATTRIBUTES) { - attr_to_flags(princ->attributes, &ent->entry.flags); - } else if(def_mask & KADM5_ATTRIBUTES) { - attr_to_flags(def->attributes, &ent->entry.flags); - ent->entry.flags.invalid = 0; - } else { - ent->entry.flags.client = 1; - ent->entry.flags.server = 1; - ent->entry.flags.forwardable = 1; - ent->entry.flags.proxiable = 1; - ent->entry.flags.renewable = 1; - ent->entry.flags.postdate = 1; - } - } - if(mask & KADM5_MAX_LIFE) { - if(princ_mask & KADM5_MAX_LIFE) { - if(princ->max_life) - set_value(ent->entry.max_life, princ->max_life); - else - set_null(ent->entry.max_life); - } else if(def_mask & KADM5_MAX_LIFE) { - if(def->max_life) - set_value(ent->entry.max_life, def->max_life); - else - set_null(ent->entry.max_life); - } - } - if(mask & KADM5_KVNO - && princ_mask & KADM5_KVNO) - ent->entry.kvno = princ->kvno; - if(mask & KADM5_MAX_RLIFE) { - if(princ_mask & KADM5_MAX_RLIFE) { - if(princ->max_renewable_life) - set_value(ent->entry.max_renew, princ->max_renewable_life); - else - set_null(ent->entry.max_renew); - } else if(def_mask & KADM5_MAX_RLIFE) { - if(def->max_renewable_life) - set_value(ent->entry.max_renew, def->max_renewable_life); - else - set_null(ent->entry.max_renew); - } - } - if(mask & KADM5_KEY_DATA - && princ_mask & KADM5_KEY_DATA) { - _kadm5_set_keys2(context, &ent->entry, - princ->n_key_data, princ->key_data); - } - if(mask & KADM5_TL_DATA) { - krb5_tl_data *tl; - - for (tl = princ->tl_data; tl != NULL; tl = tl->tl_data_next) { - kadm5_ret_t ret; - ret = perform_tl_data(context->context, context->db, ent, tl); - if (ret) - return ret; - } - } - if(mask & KADM5_FAIL_AUTH_COUNT) { - /* XXX */ - } - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/error.c b/crypto/heimdal/lib/kadm5/error.c deleted file mode 100644 index 46211d2b1111..000000000000 --- a/crypto/heimdal/lib/kadm5/error.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: error.c 7464 1999-12-02 17:05:13Z joda $"); - -kadm5_ret_t -_kadm5_error_code(kadm5_ret_t code) -{ - switch(code){ - case HDB_ERR_EXISTS: - return KADM5_DUP; - case HDB_ERR_NOENTRY: - return KADM5_UNK_PRINC; - } - return code; -} diff --git a/crypto/heimdal/lib/kadm5/flush.c b/crypto/heimdal/lib/kadm5/flush.c deleted file mode 100644 index ad1574f02883..000000000000 --- a/crypto/heimdal/lib/kadm5/flush.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: flush.c 7464 1999-12-02 17:05:13Z joda $"); - -kadm5_ret_t -kadm5_s_flush(void *server_handle) -{ - return 0; -} - -kadm5_ret_t -kadm5_c_flush(void *server_handle) -{ - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/flush_c.c b/crypto/heimdal/lib/kadm5/flush_c.c deleted file mode 100644 index 748a49a8e2c5..000000000000 --- a/crypto/heimdal/lib/kadm5/flush_c.c +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "kadm5_locl.h" - -RCSID("$Id: flush_c.c 5723 1999-03-23 18:23:37Z joda $"); - -kadm5_ret_t -kadm5_c_flush(void *server_handle) -{ - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/flush_s.c b/crypto/heimdal/lib/kadm5/flush_s.c deleted file mode 100644 index 9bed0c6ce0b4..000000000000 --- a/crypto/heimdal/lib/kadm5/flush_s.c +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "kadm5_locl.h" - -RCSID("$Id: flush_s.c 5723 1999-03-23 18:23:37Z joda $"); - -kadm5_ret_t -kadm5_s_flush(void *server_handle) -{ - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/free.c b/crypto/heimdal/lib/kadm5/free.c deleted file mode 100644 index 1f1740d1eb16..000000000000 --- a/crypto/heimdal/lib/kadm5/free.c +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: free.c 7464 1999-12-02 17:05:13Z joda $"); - -void -kadm5_free_key_data(void *server_handle, - int16_t *n_key_data, - krb5_key_data *key_data) -{ - int i; - for(i = 0; i < *n_key_data; i++){ - if(key_data[i].key_data_contents[0]){ - memset(key_data[i].key_data_contents[0], - 0, - key_data[i].key_data_length[0]); - free(key_data[i].key_data_contents[0]); - } - if(key_data[i].key_data_contents[1]) - free(key_data[i].key_data_contents[1]); - } - *n_key_data = 0; -} - - -void -kadm5_free_principal_ent(void *server_handle, - kadm5_principal_ent_t princ) -{ - kadm5_server_context *context = server_handle; - if(princ->principal) - krb5_free_principal(context->context, princ->principal); - if(princ->mod_name) - krb5_free_principal(context->context, princ->mod_name); - kadm5_free_key_data(server_handle, &princ->n_key_data, princ->key_data); - while(princ->n_tl_data && princ->tl_data) { - krb5_tl_data *tp; - tp = princ->tl_data; - princ->tl_data = tp->tl_data_next; - princ->n_tl_data--; - memset(tp->tl_data_contents, 0, tp->tl_data_length); - free(tp->tl_data_contents); - free(tp); - } - if (princ->key_data != NULL) - free (princ->key_data); -} - -void -kadm5_free_name_list(void *server_handle, - char **names, - int *count) -{ - int i; - for(i = 0; i < *count; i++) - free(names[i]); - free(names); - *count = 0; -} diff --git a/crypto/heimdal/lib/kadm5/get_c.c b/crypto/heimdal/lib/kadm5/get_c.c deleted file mode 100644 index 5f9724f86f87..000000000000 --- a/crypto/heimdal/lib/kadm5/get_c.c +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Copyright (c) 1997 - 2000, 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: get_c.c 17445 2006-05-05 10:37:46Z lha $"); - -kadm5_ret_t -kadm5_c_get_principal(void *server_handle, - krb5_principal princ, - kadm5_principal_ent_t out, - uint32_t mask) -{ - kadm5_client_context *context = server_handle; - kadm5_ret_t ret; - krb5_storage *sp; - unsigned char buf[1024]; - int32_t tmp; - krb5_data reply; - - ret = _kadm5_connect(server_handle); - if(ret) - return ret; - - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp == NULL) { - krb5_clear_error_string(context->context); - return ENOMEM; - } - krb5_store_int32(sp, kadm_get); - krb5_store_principal(sp, princ); - krb5_store_int32(sp, mask); - ret = _kadm5_client_send(context, sp); - krb5_storage_free(sp); - if(ret) - return ret; - ret = _kadm5_client_recv(context, &reply); - if (ret) - return ret; - sp = krb5_storage_from_data (&reply); - if (sp == NULL) { - krb5_clear_error_string(context->context); - krb5_data_free (&reply); - return ENOMEM; - } - krb5_ret_int32(sp, &tmp); - ret = tmp; - krb5_clear_error_string(context->context); - if(ret == 0) - kadm5_ret_principal_ent(sp, out); - krb5_storage_free(sp); - krb5_data_free (&reply); - return ret; -} diff --git a/crypto/heimdal/lib/kadm5/get_princs_c.c b/crypto/heimdal/lib/kadm5/get_princs_c.c deleted file mode 100644 index 81a3cfdb7b19..000000000000 --- a/crypto/heimdal/lib/kadm5/get_princs_c.c +++ /dev/null @@ -1,90 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: get_princs_c.c 15484 2005-06-17 05:21:07Z lha $"); - -kadm5_ret_t -kadm5_c_get_principals(void *server_handle, - const char *expression, - char ***princs, - int *count) -{ - kadm5_client_context *context = server_handle; - kadm5_ret_t ret; - krb5_storage *sp; - unsigned char buf[1024]; - int32_t tmp; - krb5_data reply; - - ret = _kadm5_connect(server_handle); - if(ret) - return ret; - - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp == NULL) - return ENOMEM; - krb5_store_int32(sp, kadm_get_princs); - krb5_store_int32(sp, expression != NULL); - if(expression) - krb5_store_string(sp, expression); - ret = _kadm5_client_send(context, sp); - krb5_storage_free(sp); - ret = _kadm5_client_recv(context, &reply); - if(ret) - return ret; - sp = krb5_storage_from_data (&reply); - if (sp == NULL) { - krb5_data_free (&reply); - return ENOMEM; - } - krb5_ret_int32(sp, &tmp); - ret = tmp; - if(ret == 0) { - int i; - krb5_ret_int32(sp, &tmp); - *princs = calloc(tmp + 1, sizeof(**princs)); - if (*princs == NULL) { - ret = ENOMEM; - goto out; - } - for(i = 0; i < tmp; i++) - krb5_ret_string(sp, &(*princs)[i]); - *count = tmp; - } -out: - krb5_storage_free(sp); - krb5_data_free (&reply); - return ret; -} diff --git a/crypto/heimdal/lib/kadm5/get_princs_s.c b/crypto/heimdal/lib/kadm5/get_princs_s.c deleted file mode 100644 index cab6ef7467cf..000000000000 --- a/crypto/heimdal/lib/kadm5/get_princs_s.c +++ /dev/null @@ -1,113 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: get_princs_s.c 16378 2005-12-12 12:40:12Z lha $"); - -struct foreach_data { - const char *exp; - char *exp2; - char **princs; - int count; -}; - -static krb5_error_code -add_princ(struct foreach_data *d, char *princ) -{ - char **tmp; - tmp = realloc(d->princs, (d->count + 1) * sizeof(*tmp)); - if(tmp == NULL) - return ENOMEM; - d->princs = tmp; - d->princs[d->count++] = princ; - return 0; -} - -static krb5_error_code -foreach(krb5_context context, HDB *db, hdb_entry_ex *ent, void *data) -{ - struct foreach_data *d = data; - char *princ; - krb5_error_code ret; - ret = krb5_unparse_name(context, ent->entry.principal, &princ); - if(ret) - return ret; - if(d->exp){ - if(fnmatch(d->exp, princ, 0) == 0 || fnmatch(d->exp2, princ, 0) == 0) - ret = add_princ(d, princ); - else - free(princ); - }else{ - ret = add_princ(d, princ); - } - if(ret) - free(princ); - return ret; -} - -kadm5_ret_t -kadm5_s_get_principals(void *server_handle, - const char *expression, - char ***princs, - int *count) -{ - struct foreach_data d; - kadm5_server_context *context = server_handle; - kadm5_ret_t ret; - ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); - if(ret) { - krb5_warn(context->context, ret, "opening database"); - return ret; - } - d.exp = expression; - { - krb5_realm r; - krb5_get_default_realm(context->context, &r); - asprintf(&d.exp2, "%s@%s", expression, r); - free(r); - } - d.princs = NULL; - d.count = 0; - ret = hdb_foreach(context->context, context->db, 0, foreach, &d); - context->db->hdb_close(context->context, context->db); - if(ret == 0) - ret = add_princ(&d, NULL); - if(ret == 0){ - *princs = d.princs; - *count = d.count - 1; - }else - kadm5_free_name_list(context, d.princs, &d.count); - free(d.exp2); - return _kadm5_error_code(ret); -} diff --git a/crypto/heimdal/lib/kadm5/get_s.c b/crypto/heimdal/lib/kadm5/get_s.c deleted file mode 100644 index 5d0db9bc82a7..000000000000 --- a/crypto/heimdal/lib/kadm5/get_s.c +++ /dev/null @@ -1,284 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: get_s.c 21745 2007-07-31 16:11:25Z lha $"); - -static kadm5_ret_t -add_tl_data(kadm5_principal_ent_t ent, int16_t type, - const void *data, size_t size) -{ - krb5_tl_data *tl; - - tl = calloc(1, sizeof(*tl)); - if (tl == NULL) - return _kadm5_error_code(ENOMEM); - - tl->tl_data_type = type; - tl->tl_data_length = size; - tl->tl_data_contents = malloc(size); - if (tl->tl_data_contents == NULL) { - free(tl); - return _kadm5_error_code(ENOMEM); - } - memcpy(tl->tl_data_contents, data, size); - - tl->tl_data_next = ent->tl_data; - ent->tl_data = tl; - ent->n_tl_data++; - - return 0; -} - -krb5_ssize_t KRB5_LIB_FUNCTION -_krb5_put_int(void *buffer, unsigned long value, size_t size); /* XXX */ - -kadm5_ret_t -kadm5_s_get_principal(void *server_handle, - krb5_principal princ, - kadm5_principal_ent_t out, - uint32_t mask) -{ - kadm5_server_context *context = server_handle; - kadm5_ret_t ret; - hdb_entry_ex ent; - - memset(&ent, 0, sizeof(ent)); - ret = context->db->hdb_open(context->context, context->db, O_RDONLY, 0); - if(ret) - return ret; - ret = context->db->hdb_fetch(context->context, context->db, princ, - HDB_F_DECRYPT|HDB_F_GET_ANY, &ent); - context->db->hdb_close(context->context, context->db); - if(ret) - return _kadm5_error_code(ret); - - memset(out, 0, sizeof(*out)); - if(mask & KADM5_PRINCIPAL) - ret = krb5_copy_principal(context->context, ent.entry.principal, - &out->principal); - if(ret) - goto out; - if(mask & KADM5_PRINC_EXPIRE_TIME && ent.entry.valid_end) - out->princ_expire_time = *ent.entry.valid_end; - if(mask & KADM5_PW_EXPIRATION && ent.entry.pw_end) - out->pw_expiration = *ent.entry.pw_end; - if(mask & KADM5_LAST_PWD_CHANGE) - hdb_entry_get_pw_change_time(&ent.entry, &out->last_pwd_change); - if(mask & KADM5_ATTRIBUTES){ - out->attributes |= ent.entry.flags.postdate ? 0 : KRB5_KDB_DISALLOW_POSTDATED; - out->attributes |= ent.entry.flags.forwardable ? 0 : KRB5_KDB_DISALLOW_FORWARDABLE; - out->attributes |= ent.entry.flags.initial ? KRB5_KDB_DISALLOW_TGT_BASED : 0; - out->attributes |= ent.entry.flags.renewable ? 0 : KRB5_KDB_DISALLOW_RENEWABLE; - out->attributes |= ent.entry.flags.proxiable ? 0 : KRB5_KDB_DISALLOW_PROXIABLE; - out->attributes |= ent.entry.flags.invalid ? KRB5_KDB_DISALLOW_ALL_TIX : 0; - out->attributes |= ent.entry.flags.require_preauth ? KRB5_KDB_REQUIRES_PRE_AUTH : 0; - out->attributes |= ent.entry.flags.server ? 0 : KRB5_KDB_DISALLOW_SVR; - out->attributes |= ent.entry.flags.change_pw ? KRB5_KDB_PWCHANGE_SERVICE : 0; - out->attributes |= ent.entry.flags.ok_as_delegate ? KRB5_KDB_OK_AS_DELEGATE : 0; - out->attributes |= ent.entry.flags.trusted_for_delegation ? KRB5_KDB_TRUSTED_FOR_DELEGATION : 0; - out->attributes |= ent.entry.flags.allow_kerberos4 ? KRB5_KDB_ALLOW_KERBEROS4 : 0; - out->attributes |= ent.entry.flags.allow_digest ? KRB5_KDB_ALLOW_DIGEST : 0; - } - if(mask & KADM5_MAX_LIFE) { - if(ent.entry.max_life) - out->max_life = *ent.entry.max_life; - else - out->max_life = INT_MAX; - } - if(mask & KADM5_MOD_TIME) { - if(ent.entry.modified_by) - out->mod_date = ent.entry.modified_by->time; - else - out->mod_date = ent.entry.created_by.time; - } - if(mask & KADM5_MOD_NAME) { - if(ent.entry.modified_by) { - if (ent.entry.modified_by->principal != NULL) - ret = krb5_copy_principal(context->context, - ent.entry.modified_by->principal, - &out->mod_name); - } else if(ent.entry.created_by.principal != NULL) - ret = krb5_copy_principal(context->context, - ent.entry.created_by.principal, - &out->mod_name); - else - out->mod_name = NULL; - } - if(ret) - goto out; - - if(mask & KADM5_KVNO) - out->kvno = ent.entry.kvno; - if(mask & KADM5_MKVNO) { - int n; - out->mkvno = 0; /* XXX */ - for(n = 0; n < ent.entry.keys.len; n++) - if(ent.entry.keys.val[n].mkvno) { - out->mkvno = *ent.entry.keys.val[n].mkvno; /* XXX this isn't right */ - break; - } - } - if(mask & KADM5_AUX_ATTRIBUTES) - /* XXX implement */; - if(mask & KADM5_POLICY) - out->policy = NULL; - if(mask & KADM5_MAX_RLIFE) { - if(ent.entry.max_renew) - out->max_renewable_life = *ent.entry.max_renew; - else - out->max_renewable_life = INT_MAX; - } - if(mask & KADM5_LAST_SUCCESS) - /* XXX implement */; - if(mask & KADM5_LAST_FAILED) - /* XXX implement */; - if(mask & KADM5_FAIL_AUTH_COUNT) - /* XXX implement */; - if(mask & KADM5_KEY_DATA){ - int i; - Key *key; - krb5_key_data *kd; - krb5_salt salt; - krb5_data *sp; - krb5_get_pw_salt(context->context, ent.entry.principal, &salt); - out->key_data = malloc(ent.entry.keys.len * sizeof(*out->key_data)); - if (out->key_data == NULL) { - ret = ENOMEM; - goto out; - } - for(i = 0; i < ent.entry.keys.len; i++){ - key = &ent.entry.keys.val[i]; - kd = &out->key_data[i]; - kd->key_data_ver = 2; - kd->key_data_kvno = ent.entry.kvno; - kd->key_data_type[0] = key->key.keytype; - if(key->salt) - kd->key_data_type[1] = key->salt->type; - else - kd->key_data_type[1] = KRB5_PADATA_PW_SALT; - /* setup key */ - kd->key_data_length[0] = key->key.keyvalue.length; - kd->key_data_contents[0] = malloc(kd->key_data_length[0]); - if(kd->key_data_contents[0] == NULL){ - ret = ENOMEM; - break; - } - memcpy(kd->key_data_contents[0], key->key.keyvalue.data, - kd->key_data_length[0]); - /* setup salt */ - if(key->salt) - sp = &key->salt->salt; - else - sp = &salt.saltvalue; - kd->key_data_length[1] = sp->length; - kd->key_data_contents[1] = malloc(kd->key_data_length[1]); - if(kd->key_data_length[1] != 0 - && kd->key_data_contents[1] == NULL) { - memset(kd->key_data_contents[0], 0, kd->key_data_length[0]); - ret = ENOMEM; - break; - } - memcpy(kd->key_data_contents[1], sp->data, kd->key_data_length[1]); - out->n_key_data = i + 1; - } - krb5_free_salt(context->context, salt); - } - if(ret){ - kadm5_free_principal_ent(context, out); - goto out; - } - if(mask & KADM5_TL_DATA) { - time_t last_pw_expire; - const HDB_Ext_Aliases *aliases; - - ret = hdb_entry_get_pw_change_time(&ent.entry, &last_pw_expire); - if (ret == 0 && last_pw_expire) { - unsigned char buf[4]; - _krb5_put_int(buf, last_pw_expire, sizeof(buf)); - ret = add_tl_data(out, KRB5_TL_LAST_PWD_CHANGE, buf, sizeof(buf)); - } - if(ret){ - kadm5_free_principal_ent(context, out); - goto out; - } - /* - * If the client was allowed to get key data, let it have the - * password too. - */ - if(mask & KADM5_KEY_DATA) { - heim_utf8_string pw; - - ret = hdb_entry_get_password(context->context, - context->db, &ent.entry, &pw); - if (ret == 0) { - ret = add_tl_data(out, KRB5_TL_PASSWORD, pw, strlen(pw) + 1); - free(pw); - } - krb5_clear_error_string(context->context); - ret = 0; - } - - ret = hdb_entry_get_aliases(&ent.entry, &aliases); - if (ret == 0 && aliases) { - krb5_data buf; - size_t len; - - ASN1_MALLOC_ENCODE(HDB_Ext_Aliases, buf.data, buf.length, - aliases, &len, ret); - if (ret) { - kadm5_free_principal_ent(context, out); - goto out; - } - if (len != buf.length) - krb5_abortx(context->context, - "internal ASN.1 encoder error"); - ret = add_tl_data(out, KRB5_TL_ALIASES, buf.data, buf.length); - free(buf.data); - if (ret) { - kadm5_free_principal_ent(context, out); - goto out; - } - } - if(ret){ - kadm5_free_principal_ent(context, out); - goto out; - } - - } -out: - hdb_free_entry(context->context, &ent); - - return _kadm5_error_code(ret); -} diff --git a/crypto/heimdal/lib/kadm5/init_c.c b/crypto/heimdal/lib/kadm5/init_c.c deleted file mode 100644 index be539924b4bc..000000000000 --- a/crypto/heimdal/lib/kadm5/init_c.c +++ /dev/null @@ -1,783 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" -#include -#include -#include -#include - -RCSID("$Id: init_c.c 21972 2007-10-18 19:11:15Z lha $"); - -static void -set_funcs(kadm5_client_context *c) -{ -#define SET(C, F) (C)->funcs.F = kadm5 ## _c_ ## F - SET(c, chpass_principal); - SET(c, chpass_principal_with_key); - SET(c, create_principal); - SET(c, delete_principal); - SET(c, destroy); - SET(c, flush); - SET(c, get_principal); - SET(c, get_principals); - SET(c, get_privs); - SET(c, modify_principal); - SET(c, randkey_principal); - SET(c, rename_principal); -} - -kadm5_ret_t -_kadm5_c_init_context(kadm5_client_context **ctx, - kadm5_config_params *params, - krb5_context context) -{ - krb5_error_code ret; - char *colon; - - *ctx = malloc(sizeof(**ctx)); - if(*ctx == NULL) - return ENOMEM; - memset(*ctx, 0, sizeof(**ctx)); - krb5_add_et_list (context, initialize_kadm5_error_table_r); - set_funcs(*ctx); - (*ctx)->context = context; - if(params->mask & KADM5_CONFIG_REALM) { - ret = 0; - (*ctx)->realm = strdup(params->realm); - if ((*ctx)->realm == NULL) - ret = ENOMEM; - } else - ret = krb5_get_default_realm((*ctx)->context, &(*ctx)->realm); - if (ret) { - free(*ctx); - return ret; - } - if(params->mask & KADM5_CONFIG_ADMIN_SERVER) - (*ctx)->admin_server = strdup(params->admin_server); - else { - char **hostlist; - - ret = krb5_get_krb_admin_hst (context, &(*ctx)->realm, &hostlist); - if (ret) { - free((*ctx)->realm); - free(*ctx); - return ret; - } - (*ctx)->admin_server = strdup(*hostlist); - krb5_free_krbhst (context, hostlist); - } - - if ((*ctx)->admin_server == NULL) { - free((*ctx)->realm); - free(*ctx); - return ENOMEM; - } - colon = strchr ((*ctx)->admin_server, ':'); - if (colon != NULL) - *colon++ = '\0'; - - (*ctx)->kadmind_port = 0; - - if(params->mask & KADM5_CONFIG_KADMIND_PORT) - (*ctx)->kadmind_port = params->kadmind_port; - else if (colon != NULL) { - char *end; - - (*ctx)->kadmind_port = htons(strtol (colon, &end, 0)); - } - if ((*ctx)->kadmind_port == 0) - (*ctx)->kadmind_port = krb5_getportbyname (context, "kerberos-adm", - "tcp", 749); - return 0; -} - -static krb5_error_code -get_kadm_ticket(krb5_context context, - krb5_ccache id, - krb5_principal client, - const char *server_name) -{ - krb5_error_code ret; - krb5_creds in, *out; - - memset(&in, 0, sizeof(in)); - in.client = client; - ret = krb5_parse_name(context, server_name, &in.server); - if(ret) - return ret; - ret = krb5_get_credentials(context, 0, id, &in, &out); - if(ret == 0) - krb5_free_creds(context, out); - krb5_free_principal(context, in.server); - return ret; -} - -static krb5_error_code -get_new_cache(krb5_context context, - krb5_principal client, - const char *password, - krb5_prompter_fct prompter, - const char *keytab, - const char *server_name, - krb5_ccache *ret_cache) -{ - krb5_error_code ret; - krb5_creds cred; - krb5_get_init_creds_opt *opt; - krb5_ccache id; - - ret = krb5_get_init_creds_opt_alloc (context, &opt); - if (ret) - return ret; - - krb5_get_init_creds_opt_set_default_flags(context, "kadmin", - krb5_principal_get_realm(context, - client), - opt); - - - krb5_get_init_creds_opt_set_forwardable (opt, FALSE); - krb5_get_init_creds_opt_set_proxiable (opt, FALSE); - - if(password == NULL && prompter == NULL) { - krb5_keytab kt; - if(keytab == NULL) - ret = krb5_kt_default(context, &kt); - else - ret = krb5_kt_resolve(context, keytab, &kt); - if(ret) { - krb5_get_init_creds_opt_free(context, opt); - return ret; - } - ret = krb5_get_init_creds_keytab (context, - &cred, - client, - kt, - 0, - server_name, - opt); - krb5_kt_close(context, kt); - } else { - ret = krb5_get_init_creds_password (context, - &cred, - client, - password, - prompter, - NULL, - 0, - server_name, - opt); - } - krb5_get_init_creds_opt_free(context, opt); - switch(ret){ - case 0: - break; - case KRB5_LIBOS_PWDINTR: /* don't print anything if it was just C-c:ed */ - case KRB5KRB_AP_ERR_BAD_INTEGRITY: - case KRB5KRB_AP_ERR_MODIFIED: - return KADM5_BAD_PASSWORD; - default: - return ret; - } - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &id); - if(ret) - return ret; - ret = krb5_cc_initialize (context, id, cred.client); - if (ret) - return ret; - ret = krb5_cc_store_cred (context, id, &cred); - if (ret) - return ret; - krb5_free_cred_contents (context, &cred); - *ret_cache = id; - return 0; -} - -/* - * Check the credential cache `id´ to figure out what principal to use - * when talking to the kadmind. If there is a initial kadmin/admin@ - * credential in the cache, use that client principal. Otherwise, use - * the client principals first component and add /admin to the - * principal. - */ - -static krb5_error_code -get_cache_principal(krb5_context context, - krb5_ccache *id, - krb5_principal *client) -{ - krb5_error_code ret; - const char *name, *inst; - krb5_principal p1, p2; - - ret = krb5_cc_default(context, id); - if(ret) { - *id = NULL; - return ret; - } - - ret = krb5_cc_get_principal(context, *id, &p1); - if(ret) { - krb5_cc_close(context, *id); - *id = NULL; - return ret; - } - - ret = krb5_make_principal(context, &p2, NULL, - "kadmin", "admin", NULL); - if (ret) { - krb5_cc_close(context, *id); - *id = NULL; - krb5_free_principal(context, p1); - return ret; - } - - { - krb5_creds in, *out; - krb5_kdc_flags flags; - - flags.i = 0; - memset(&in, 0, sizeof(in)); - - in.client = p1; - in.server = p2; - - /* check for initial ticket kadmin/admin */ - ret = krb5_get_credentials_with_flags(context, KRB5_GC_CACHED, flags, - *id, &in, &out); - krb5_free_principal(context, p2); - if (ret == 0) { - if (out->flags.b.initial) { - *client = p1; - krb5_free_creds(context, out); - return 0; - } - krb5_free_creds(context, out); - } - } - krb5_cc_close(context, *id); - *id = NULL; - - name = krb5_principal_get_comp_string(context, p1, 0); - inst = krb5_principal_get_comp_string(context, p1, 1); - if(inst == NULL || strcmp(inst, "admin") != 0) { - ret = krb5_make_principal(context, &p2, NULL, name, "admin", NULL); - krb5_free_principal(context, p1); - if(ret != 0) - return ret; - - *client = p2; - return 0; - } - - *client = p1; - - return 0; -} - -krb5_error_code -_kadm5_c_get_cred_cache(krb5_context context, - const char *client_name, - const char *server_name, - const char *password, - krb5_prompter_fct prompter, - const char *keytab, - krb5_ccache ccache, - krb5_ccache *ret_cache) -{ - krb5_error_code ret; - krb5_ccache id = NULL; - krb5_principal default_client = NULL, client = NULL; - - /* treat empty password as NULL */ - if(password && *password == '\0') - password = NULL; - if(server_name == NULL) - server_name = KADM5_ADMIN_SERVICE; - - if(client_name != NULL) { - ret = krb5_parse_name(context, client_name, &client); - if(ret) - return ret; - } - - if(ccache != NULL) { - id = ccache; - ret = krb5_cc_get_principal(context, id, &client); - if(ret) - return ret; - } else { - /* get principal from default cache, ok if this doesn't work */ - - ret = get_cache_principal(context, &id, &default_client); - if (ret) { - /* - * No client was specified by the caller and we cannot - * determine the client from a credentials cache. - */ - const char *user; - - user = get_default_username (); - - if(user == NULL) { - krb5_set_error_string(context, "Unable to find local user name"); - return KADM5_FAILURE; - } - ret = krb5_make_principal(context, &default_client, - NULL, user, "admin", NULL); - if(ret) - return ret; - } - } - - - /* - * No client was specified by the caller, but we have a client - * from the default credentials cache. - */ - if (client == NULL && default_client != NULL) - client = default_client; - - - if(id && (default_client == NULL || - krb5_principal_compare(context, client, default_client))) { - ret = get_kadm_ticket(context, id, client, server_name); - if(ret == 0) { - *ret_cache = id; - krb5_free_principal(context, default_client); - if (default_client != client) - krb5_free_principal(context, client); - return 0; - } - if(ccache != NULL) - /* couldn't get ticket from cache */ - return -1; - } - /* get creds via AS request */ - if(id && (id != ccache)) - krb5_cc_close(context, id); - if (client != default_client) - krb5_free_principal(context, default_client); - - ret = get_new_cache(context, client, password, prompter, keytab, - server_name, ret_cache); - krb5_free_principal(context, client); - return ret; -} - -static kadm5_ret_t -kadm_connect(kadm5_client_context *ctx) -{ - kadm5_ret_t ret; - krb5_principal server; - krb5_ccache cc; - int s; - struct addrinfo *ai, *a; - struct addrinfo hints; - int error; - char portstr[NI_MAXSERV]; - char *hostname, *slash; - char *service_name; - krb5_context context = ctx->context; - - memset (&hints, 0, sizeof(hints)); - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = IPPROTO_TCP; - - snprintf (portstr, sizeof(portstr), "%u", ntohs(ctx->kadmind_port)); - - hostname = ctx->admin_server; - slash = strchr (hostname, '/'); - if (slash != NULL) - hostname = slash + 1; - - error = getaddrinfo (hostname, portstr, &hints, &ai); - if (error) { - krb5_clear_error_string(context); - return KADM5_BAD_SERVER_NAME; - } - - for (a = ai; a != NULL; a = a->ai_next) { - s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (s < 0) - continue; - if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { - krb5_clear_error_string(context); - krb5_warn (context, errno, "connect(%s)", hostname); - close (s); - continue; - } - break; - } - if (a == NULL) { - freeaddrinfo (ai); - krb5_clear_error_string(context); - krb5_warnx (context, "failed to contact %s", hostname); - return KADM5_FAILURE; - } - ret = _kadm5_c_get_cred_cache(context, - ctx->client_name, - ctx->service_name, - NULL, ctx->prompter, ctx->keytab, - ctx->ccache, &cc); - - if(ret) { - freeaddrinfo (ai); - close(s); - return ret; - } - - if (ctx->realm) - asprintf(&service_name, "%s@%s", KADM5_ADMIN_SERVICE, ctx->realm); - else - asprintf(&service_name, "%s", KADM5_ADMIN_SERVICE); - - if (service_name == NULL) { - freeaddrinfo (ai); - close(s); - krb5_clear_error_string(context); - return ENOMEM; - } - - ret = krb5_parse_name(context, service_name, &server); - free(service_name); - if(ret) { - freeaddrinfo (ai); - if(ctx->ccache == NULL) - krb5_cc_close(context, cc); - close(s); - return ret; - } - ctx->ac = NULL; - - ret = krb5_sendauth(context, &ctx->ac, &s, - KADMIN_APPL_VERSION, NULL, - server, AP_OPTS_MUTUAL_REQUIRED, - NULL, NULL, cc, NULL, NULL, NULL); - if(ret == 0) { - krb5_data params; - kadm5_config_params p; - memset(&p, 0, sizeof(p)); - if(ctx->realm) { - p.mask |= KADM5_CONFIG_REALM; - p.realm = ctx->realm; - } - ret = _kadm5_marshal_params(context, &p, ¶ms); - - ret = krb5_write_priv_message(context, ctx->ac, &s, ¶ms); - krb5_data_free(¶ms); - if(ret) { - freeaddrinfo (ai); - close(s); - if(ctx->ccache == NULL) - krb5_cc_close(context, cc); - return ret; - } - } else if(ret == KRB5_SENDAUTH_BADAPPLVERS) { - close(s); - - s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (s < 0) { - freeaddrinfo (ai); - krb5_clear_error_string(context); - return errno; - } - if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { - close (s); - freeaddrinfo (ai); - krb5_clear_error_string(context); - return errno; - } - ret = krb5_sendauth(context, &ctx->ac, &s, - KADMIN_OLD_APPL_VERSION, NULL, - server, AP_OPTS_MUTUAL_REQUIRED, - NULL, NULL, cc, NULL, NULL, NULL); - } - freeaddrinfo (ai); - if(ret) { - close(s); - return ret; - } - - krb5_free_principal(context, server); - if(ctx->ccache == NULL) - krb5_cc_close(context, cc); - ctx->sock = s; - - return 0; -} - -kadm5_ret_t -_kadm5_connect(void *handle) -{ - kadm5_client_context *ctx = handle; - if(ctx->sock == -1) - return kadm_connect(ctx); - return 0; -} - -static kadm5_ret_t -kadm5_c_init_with_context(krb5_context context, - const char *client_name, - const char *password, - krb5_prompter_fct prompter, - const char *keytab, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - kadm5_ret_t ret; - kadm5_client_context *ctx; - krb5_ccache cc; - - ret = _kadm5_c_init_context(&ctx, realm_params, context); - if(ret) - return ret; - - if(password != NULL && *password != '\0') { - ret = _kadm5_c_get_cred_cache(context, - client_name, - service_name, - password, prompter, keytab, ccache, &cc); - if(ret) - return ret; /* XXX */ - ccache = cc; - } - - - if (client_name != NULL) - ctx->client_name = strdup(client_name); - else - ctx->client_name = NULL; - if (service_name != NULL) - ctx->service_name = strdup(service_name); - else - ctx->service_name = NULL; - ctx->prompter = prompter; - ctx->keytab = keytab; - ctx->ccache = ccache; - /* maybe we should copy the params here */ - ctx->sock = -1; - - *server_handle = ctx; - return 0; -} - -static kadm5_ret_t -init_context(const char *client_name, - const char *password, - krb5_prompter_fct prompter, - const char *keytab, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - krb5_context context; - kadm5_ret_t ret; - kadm5_server_context *ctx; - - ret = krb5_init_context(&context); - if (ret) - return ret; - ret = kadm5_c_init_with_context(context, - client_name, - password, - prompter, - keytab, - ccache, - service_name, - realm_params, - struct_version, - api_version, - server_handle); - if(ret){ - krb5_free_context(context); - return ret; - } - ctx = *server_handle; - ctx->my_context = 1; - return 0; -} - -kadm5_ret_t -kadm5_c_init_with_password_ctx(krb5_context context, - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_c_init_with_context(context, - client_name, - password, - krb5_prompter_posix, - NULL, - NULL, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_c_init_with_password(const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return init_context(client_name, - password, - krb5_prompter_posix, - NULL, - NULL, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_c_init_with_skey_ctx(krb5_context context, - const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_c_init_with_context(context, - client_name, - NULL, - NULL, - keytab, - NULL, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - - -kadm5_ret_t -kadm5_c_init_with_skey(const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return init_context(client_name, - NULL, - NULL, - keytab, - NULL, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_c_init_with_creds_ctx(krb5_context context, - const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_c_init_with_context(context, - client_name, - NULL, - NULL, - NULL, - ccache, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_c_init_with_creds(const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return init_context(client_name, - NULL, - NULL, - NULL, - ccache, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -#if 0 -kadm5_ret_t -kadm5_init(char *client_name, char *pass, - char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ -} -#endif - diff --git a/crypto/heimdal/lib/kadm5/init_s.c b/crypto/heimdal/lib/kadm5/init_s.c deleted file mode 100644 index dee464b4b9a4..000000000000 --- a/crypto/heimdal/lib/kadm5/init_s.c +++ /dev/null @@ -1,238 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: init_s.c 9441 2000-12-31 08:01:16Z assar $"); - - -static kadm5_ret_t -kadm5_s_init_with_context(krb5_context context, - const char *client_name, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - kadm5_ret_t ret; - kadm5_server_context *ctx; - ret = _kadm5_s_init_context(&ctx, realm_params, context); - if(ret) - return ret; - - assert(ctx->config.dbname != NULL); - assert(ctx->config.stash_file != NULL); - assert(ctx->config.acl_file != NULL); - assert(ctx->log_context.log_file != NULL); - assert(ctx->log_context.socket_name.sun_path[0] != '\0'); - - ret = hdb_create(ctx->context, &ctx->db, ctx->config.dbname); - if(ret) - return ret; - ret = hdb_set_master_keyfile (ctx->context, - ctx->db, ctx->config.stash_file); - if(ret) - return ret; - - ctx->log_context.log_fd = -1; - - ctx->log_context.socket_fd = socket (AF_UNIX, SOCK_DGRAM, 0); - - ret = krb5_parse_name(ctx->context, client_name, &ctx->caller); - if(ret) - return ret; - - ret = _kadm5_acl_init(ctx); - if(ret) - return ret; - - *server_handle = ctx; - return 0; -} - -kadm5_ret_t -kadm5_s_init_with_password_ctx(krb5_context context, - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_s_init_with_context(context, - client_name, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_s_init_with_password(const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - krb5_context context; - kadm5_ret_t ret; - kadm5_server_context *ctx; - - ret = krb5_init_context(&context); - if (ret) - return ret; - ret = kadm5_s_init_with_password_ctx(context, - client_name, - password, - service_name, - realm_params, - struct_version, - api_version, - server_handle); - if(ret){ - krb5_free_context(context); - return ret; - } - ctx = *server_handle; - ctx->my_context = 1; - return 0; -} - -kadm5_ret_t -kadm5_s_init_with_skey_ctx(krb5_context context, - const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_s_init_with_context(context, - client_name, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_s_init_with_skey(const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - krb5_context context; - kadm5_ret_t ret; - kadm5_server_context *ctx; - - ret = krb5_init_context(&context); - if (ret) - return ret; - ret = kadm5_s_init_with_skey_ctx(context, - client_name, - keytab, - service_name, - realm_params, - struct_version, - api_version, - server_handle); - if(ret){ - krb5_free_context(context); - return ret; - } - ctx = *server_handle; - ctx->my_context = 1; - return 0; -} - -kadm5_ret_t -kadm5_s_init_with_creds_ctx(krb5_context context, - const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_s_init_with_context(context, - client_name, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_s_init_with_creds(const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - krb5_context context; - kadm5_ret_t ret; - kadm5_server_context *ctx; - - ret = krb5_init_context(&context); - if (ret) - return ret; - ret = kadm5_s_init_with_creds_ctx(context, - client_name, - ccache, - service_name, - realm_params, - struct_version, - api_version, - server_handle); - if(ret){ - krb5_free_context(context); - return ret; - } - ctx = *server_handle; - ctx->my_context = 1; - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/iprop-commands.in b/crypto/heimdal/lib/kadm5/iprop-commands.in deleted file mode 100644 index 438594e01f59..000000000000 --- a/crypto/heimdal/lib/kadm5/iprop-commands.in +++ /dev/null @@ -1,130 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $Id: iprop-commands.in 20602 2007-05-08 03:08:35Z lha $ */ - -command = { - name = "dump" - option = { - long = "config-file" - short = "c" - type = "string" - help = "configuration file" - argument = "file" - } - option = { - long = "realm" - short = "r" - type = "string" - help = "realm" - } - function = "iprop_dump" - help = "Prints the iprop transaction log in text." - max_args = "0" -} -command = { - name = "truncate" - option = { - long = "config-file" - short = "c" - type = "string" - help = "configuration file" - argument = "file" - } - option = { - long = "realm" - short = "r" - type = "string" - help = "realm" - } - function = "iprop_truncate" - help = "Truncate the log, preserve the version number." - max_args = "0" -} -command = { - name = "replay" - option = { - long = "start-version" - type = "integer" - help = "start replay with this version" - argument = "version-number" - default = "-1" - } - option = { - long = "end-version" - type = "integer" - help = "end replay with this version" - argument = "version-number" - default = "-1" - } - option = { - long = "config-file" - short = "c" - type = "string" - help = "configuration file" - argument = "file" - } - option = { - long = "realm" - short = "r" - type = "string" - help = "realm" - } - function = "iprop_replay" - help = "Replay the log on the database." - max_args = "0" -} -command = { - name = "last-version" - option = { - long = "config-file" - short = "c" - type = "string" - help = "configuration file" - argument = "file" - } - option = { - long = "realm" - short = "r" - type = "string" - help = "realm" - } - function = "last_version" - help = "Print the last version of the log-file." - max_args = "0" -} -command = { - name = "help" - argument = "command" - max_args = "1" - function = "help" -} diff --git a/crypto/heimdal/lib/kadm5/iprop-log.8 b/crypto/heimdal/lib/kadm5/iprop-log.8 deleted file mode 100644 index 599046b93fc3..000000000000 --- a/crypto/heimdal/lib/kadm5/iprop-log.8 +++ /dev/null @@ -1,170 +0,0 @@ -.\" $Id: iprop-log.8 21713 2007-07-27 14:38:49Z lha $ -.\" -.\" Copyright (c) 2005 - 2007 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: iprop-log.8 21713 2007-07-27 14:38:49Z lha $ -.\" -.Dd February 18, 2007 -.Dt IPROP-LOG 8 -.Os Heimdal -.Sh NAME -.Nm iprop-log -.Nd -maintain the iprop log file -.Sh SYNOPSIS -.Nm -.Op Fl -version -.Op Fl h | Fl -help -.Ar command -.Pp -.Nm iprop-log truncate -.Oo Fl c Ar file \*(Ba Xo -.Fl -config-file= Ns Ar file -.Xc -.Oc -.Oo Fl r Ar string \*(Ba Xo -.Fl -realm= Ns Ar string -.Xc -.Oc -.Op Fl h | Fl -help -.Pp -.Nm iprop-log dump -.Oo Fl c Ar file \*(Ba Xo -.Fl -config-file= Ns Ar file -.Xc -.Oc -.Oo Fl r Ar string \*(Ba Xo -.Fl -realm= Ns Ar string -.Xc -.Oc -.Op Fl h | Fl -help -.Pp -.Nm iprop-log replay -.Op Fl -start-version= Ns Ar version-number -.Op Fl -end-version= Ns Ar version-number -.Oo Fl c Ar file \*(Ba Xo -.Fl -config-file= Ns Ar file -.Xc -.Oc -.Oo Fl r Ar string \*(Ba Xo -.Fl -realm= Ns Ar string -.Xc -.Oc -.Op Fl h | Fl -help -.Sh DESCRIPTION -Supported options: -.Bl -tag -width Ds -.It Xo -.Fl -version -.Xc -.It Xo -.Fl h , -.Fl -help -.Xc -.El -.Pp -command can be one of the following: -.Bl -tag -width truncate -.It truncate -.Bl -tag -width Ds -.It Xo -.Fl c Ar file , -.Fl -config-file= Ns Ar file -.Xc -configuration file -.It Xo -.Fl r Ar string , -.Fl -realm= Ns Ar string -.Xc -realm -.El -.Pp -Truncates the log. Sets the new logs version number for the to the -last entry of the old log. If the log is truncted by emptying the -file, the log will start over at the first version (0). -.It dump -.Bl -tag -width Ds -.It Xo -.Fl c Ar file , -.Fl -config-file= Ns Ar file -.Xc -configuration file -.It Xo -.Fl r Ar string , -.Fl -realm= Ns Ar string -.Xc -realm -.El -.Pp -Print out all entires in the log to standard output. -.It replay -.Bl -tag -width Ds -.It Xo -.Fl -start-version= Ns Ar version-number -.Xc -start replay with this version -.It Xo -.Fl -end-version= Ns Ar version-number -.Xc -end replay with this version -.It Xo -.Fl c Ar file , -.Fl -config-file= Ns Ar file -.Xc -configuration file -.It Xo -.Fl r Ar string , -.Fl -realm= Ns Ar string -.Xc -realm -.El -.Pp -Replay the changes from specified entries (or all if none is -specified) in the transaction log to the database. -.It last-version -.Bl -tag -width Ds -.It Xo -.Fl c Ar file , -.Fl -config-file= Ns Ar file -.Xc -configuration file -.It Xo -.Fl r Ar string , -.Fl -realm= Ns Ar string -.Xc -realm -.El -.Pp -prints the version of the last log entry. -.El -.Sh SEE ALSO -.Xr iprop 8 diff --git a/crypto/heimdal/lib/kadm5/iprop-log.c b/crypto/heimdal/lib/kadm5/iprop-log.c deleted file mode 100644 index 7b43076832c3..000000000000 --- a/crypto/heimdal/lib/kadm5/iprop-log.c +++ /dev/null @@ -1,486 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "iprop.h" -#include -#include -#include "iprop-commands.h" - -RCSID("$Id: iprop-log.c 22211 2007-12-07 19:27:27Z lha $"); - -static krb5_context context; - -static kadm5_server_context * -get_kadmin_context(const char *config_file, char *realm) -{ - kadm5_config_params conf; - krb5_error_code ret; - void *kadm_handle; - char **files; - - if (config_file == NULL) { - char *file; - asprintf(&file, "%s/kdc.conf", hdb_db_dir(context)); - if (file == NULL) - errx(1, "out of memory"); - config_file = file; - } - - ret = krb5_prepend_config_files_default(config_file, &files); - if (ret) - krb5_err(context, 1, ret, "getting configuration files"); - - ret = krb5_set_config_files(context, files); - krb5_free_config_files(files); - if (ret) - krb5_err(context, 1, ret, "reading configuration files"); - - memset(&conf, 0, sizeof(conf)); - if(realm) { - conf.mask |= KADM5_CONFIG_REALM; - conf.realm = realm; - } - - ret = kadm5_init_with_password_ctx (context, - KADM5_ADMIN_SERVICE, - NULL, - KADM5_ADMIN_SERVICE, - &conf, 0, 0, - &kadm_handle); - if (ret) - krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); - - return (kadm5_server_context *)kadm_handle; -} - -/* - * dump log - */ - -static const char *op_names[] = { - "get", - "delete", - "create", - "rename", - "chpass", - "modify", - "randkey", - "get_privs", - "get_princs", - "chpass_with_key", - "nop" -}; - -static void -print_entry(kadm5_server_context *server_context, - uint32_t ver, - time_t timestamp, - enum kadm_ops op, - uint32_t len, - krb5_storage *sp, - void *ctx) -{ - char t[256]; - int32_t mask; - hdb_entry ent; - krb5_principal source; - char *name1, *name2; - krb5_data data; - krb5_context scontext = server_context->context; - - off_t end = krb5_storage_seek(sp, 0, SEEK_CUR) + len; - - krb5_error_code ret; - - strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S", localtime(×tamp)); - - if(op < kadm_get || op > kadm_nop) { - printf("unknown op: %d\n", op); - krb5_storage_seek(sp, end, SEEK_SET); - return; - } - - printf ("%s: ver = %u, timestamp = %s, len = %u\n", - op_names[op], ver, t, len); - switch(op) { - case kadm_delete: - krb5_ret_principal(sp, &source); - krb5_unparse_name(scontext, source, &name1); - printf(" %s\n", name1); - free(name1); - krb5_free_principal(scontext, source); - break; - case kadm_rename: - ret = krb5_data_alloc(&data, len); - if (ret) - krb5_err (scontext, 1, ret, "kadm_rename: data alloc: %d", len); - krb5_ret_principal(sp, &source); - krb5_storage_read(sp, data.data, data.length); - hdb_value2entry(scontext, &data, &ent); - krb5_unparse_name(scontext, source, &name1); - krb5_unparse_name(scontext, ent.principal, &name2); - printf(" %s -> %s\n", name1, name2); - free(name1); - free(name2); - krb5_free_principal(scontext, source); - free_hdb_entry(&ent); - break; - case kadm_create: - ret = krb5_data_alloc(&data, len); - if (ret) - krb5_err (scontext, 1, ret, "kadm_create: data alloc: %d", len); - krb5_storage_read(sp, data.data, data.length); - ret = hdb_value2entry(scontext, &data, &ent); - if(ret) - abort(); - mask = ~0; - goto foo; - case kadm_modify: - ret = krb5_data_alloc(&data, len); - if (ret) - krb5_err (scontext, 1, ret, "kadm_modify: data alloc: %d", len); - krb5_ret_int32(sp, &mask); - krb5_storage_read(sp, data.data, data.length); - ret = hdb_value2entry(scontext, &data, &ent); - if(ret) - abort(); - foo: - if(ent.principal /* mask & KADM5_PRINCIPAL */) { - krb5_unparse_name(scontext, ent.principal, &name1); - printf(" principal = %s\n", name1); - free(name1); - } - if(mask & KADM5_PRINC_EXPIRE_TIME) { - if(ent.valid_end == NULL) { - strlcpy(t, "never", sizeof(t)); - } else { - strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S", - localtime(ent.valid_end)); - } - printf(" expires = %s\n", t); - } - if(mask & KADM5_PW_EXPIRATION) { - if(ent.pw_end == NULL) { - strlcpy(t, "never", sizeof(t)); - } else { - strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S", - localtime(ent.pw_end)); - } - printf(" password exp = %s\n", t); - } - if(mask & KADM5_LAST_PWD_CHANGE) { - } - if(mask & KADM5_ATTRIBUTES) { - unparse_flags(HDBFlags2int(ent.flags), - asn1_HDBFlags_units(), t, sizeof(t)); - printf(" attributes = %s\n", t); - } - if(mask & KADM5_MAX_LIFE) { - if(ent.max_life == NULL) - strlcpy(t, "for ever", sizeof(t)); - else - unparse_time(*ent.max_life, t, sizeof(t)); - printf(" max life = %s\n", t); - } - if(mask & KADM5_MAX_RLIFE) { - if(ent.max_renew == NULL) - strlcpy(t, "for ever", sizeof(t)); - else - unparse_time(*ent.max_renew, t, sizeof(t)); - printf(" max rlife = %s\n", t); - } - if(mask & KADM5_MOD_TIME) { - printf(" mod time\n"); - } - if(mask & KADM5_MOD_NAME) { - printf(" mod name\n"); - } - if(mask & KADM5_KVNO) { - printf(" kvno = %d\n", ent.kvno); - } - if(mask & KADM5_MKVNO) { - printf(" mkvno\n"); - } - if(mask & KADM5_AUX_ATTRIBUTES) { - printf(" aux attributes\n"); - } - if(mask & KADM5_POLICY) { - printf(" policy\n"); - } - if(mask & KADM5_POLICY_CLR) { - printf(" mod time\n"); - } - if(mask & KADM5_LAST_SUCCESS) { - printf(" last success\n"); - } - if(mask & KADM5_LAST_FAILED) { - printf(" last failed\n"); - } - if(mask & KADM5_FAIL_AUTH_COUNT) { - printf(" fail auth count\n"); - } - if(mask & KADM5_KEY_DATA) { - printf(" key data\n"); - } - if(mask & KADM5_TL_DATA) { - printf(" tl data\n"); - } - free_hdb_entry(&ent); - break; - case kadm_nop : - break; - default: - abort(); - } - krb5_storage_seek(sp, end, SEEK_SET); -} - -int -iprop_dump(struct dump_options *opt, int argc, char **argv) -{ - kadm5_server_context *server_context; - krb5_error_code ret; - - server_context = get_kadmin_context(opt->config_file_string, - opt->realm_string); - - ret = kadm5_log_init (server_context); - if (ret) - krb5_err (context, 1, ret, "kadm5_log_init"); - - ret = kadm5_log_foreach (server_context, print_entry, NULL); - if(ret) - krb5_warn(context, ret, "kadm5_log_foreach"); - - ret = kadm5_log_end (server_context); - if (ret) - krb5_warn(context, ret, "kadm5_log_end"); - return 0; -} - -int -iprop_truncate(struct truncate_options *opt, int argc, char **argv) -{ - kadm5_server_context *server_context; - krb5_error_code ret; - - server_context = get_kadmin_context(opt->config_file_string, - opt->realm_string); - - ret = kadm5_log_truncate (server_context); - if (ret) - krb5_err (context, 1, ret, "kadm5_log_truncate"); - - return 0; -} - -int -last_version(struct last_version_options *opt, int argc, char **argv) -{ - kadm5_server_context *server_context; - krb5_error_code ret; - uint32_t version; - - server_context = get_kadmin_context(opt->config_file_string, - opt->realm_string); - - ret = kadm5_log_init (server_context); - if (ret) - krb5_err (context, 1, ret, "kadm5_log_init"); - - ret = kadm5_log_get_version (server_context, &version); - if (ret) - krb5_err (context, 1, ret, "kadm5_log_get_version"); - - ret = kadm5_log_end (server_context); - if (ret) - krb5_warn(context, ret, "kadm5_log_end"); - - printf("version: %lu\n", (unsigned long)version); - - return 0; -} - -/* - * Replay log - */ - -int start_version = -1; -int end_version = -1; - -static void -apply_entry(kadm5_server_context *server_context, - uint32_t ver, - time_t timestamp, - enum kadm_ops op, - uint32_t len, - krb5_storage *sp, - void *ctx) -{ - struct replay_options *opt = ctx; - krb5_error_code ret; - - if((opt->start_version_integer != -1 && ver < opt->start_version_integer) || - (opt->end_version_integer != -1 && ver > opt->end_version_integer)) { - /* XXX skip this entry */ - krb5_storage_seek(sp, len, SEEK_CUR); - return; - } - printf ("ver %u... ", ver); - fflush (stdout); - - ret = kadm5_log_replay (server_context, - op, ver, len, sp); - if (ret) - krb5_warn (server_context->context, ret, "kadm5_log_replay"); - - printf ("done\n"); -} - -int -iprop_replay(struct replay_options *opt, int argc, char **argv) -{ - kadm5_server_context *server_context; - krb5_error_code ret; - - server_context = get_kadmin_context(opt->config_file_string, - opt->realm_string); - - ret = server_context->db->hdb_open(context, - server_context->db, - O_RDWR | O_CREAT, 0600); - if (ret) - krb5_err (context, 1, ret, "db->open"); - - ret = kadm5_log_init (server_context); - if (ret) - krb5_err (context, 1, ret, "kadm5_log_init"); - - ret = kadm5_log_foreach (server_context, apply_entry, opt); - if(ret) - krb5_warn(context, ret, "kadm5_log_foreach"); - ret = kadm5_log_end (server_context); - if (ret) - krb5_warn(context, ret, "kadm5_log_end"); - ret = server_context->db->hdb_close (context, server_context->db); - if (ret) - krb5_err (context, 1, ret, "db->close"); - - return 0; -} - -static int help_flag; -static int version_flag; - -static struct getargs args[] = { - { "version", 0, arg_flag, &version_flag, - NULL, NULL - }, - { "help", 'h', arg_flag, &help_flag, - NULL, NULL - } -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - -int -help(void *opt, int argc, char **argv) -{ - if(argc == 0) { - sl_help(commands, 1, argv - 1 /* XXX */); - } else { - SL_cmd *c = sl_match (commands, argv[0], 0); - if(c == NULL) { - fprintf (stderr, "No such command: %s. " - "Try \"help\" for a list of commands\n", - argv[0]); - } else { - if(c->func) { - char *fake[] = { NULL, "--help", NULL }; - fake[0] = argv[0]; - (*c->func)(2, fake); - fprintf(stderr, "\n"); - } - if(c->help && *c->help) - fprintf (stderr, "%s\n", c->help); - if((++c)->name && c->func == NULL) { - int f = 0; - fprintf (stderr, "Synonyms:"); - while (c->name && c->func == NULL) { - fprintf (stderr, "%s%s", f ? ", " : " ", (c++)->name); - f = 1; - } - fprintf (stderr, "\n"); - } - } - } - return 0; -} - -static void -usage(int status) -{ - arg_printusage(args, num_args, NULL, "command"); - exit(status); -} - -int -main(int argc, char **argv) -{ - int optidx = 0; - krb5_error_code ret; - - setprogname(argv[0]); - - if(getarg(args, num_args, argc, argv, &optidx)) - usage(1); - if(help_flag) - usage(0); - if(version_flag) { - print_version(NULL); - exit(0); - } - argc -= optidx; - argv += optidx; - if(argc == 0) - usage(1); - - ret = krb5_init_context(&context); - if (ret) - errx(1, "krb5_init_context failed with: %d\n", ret); - - ret = sl_command(commands, argc, argv); - if(ret == -1) - warnx ("unrecognized command: %s", argv[0]); - return ret; -} diff --git a/crypto/heimdal/lib/kadm5/iprop.8 b/crypto/heimdal/lib/kadm5/iprop.8 deleted file mode 100644 index d1e55cc61318..000000000000 --- a/crypto/heimdal/lib/kadm5/iprop.8 +++ /dev/null @@ -1,223 +0,0 @@ -.\" $Id: iprop.8 21940 2007-09-28 22:28:09Z lha $ -.\" -.\" Copyright (c) 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.Dd May 24, 2005 -.Dt IPROP 8 -.Os Heimdal -.Sh NAME -.Nm iprop , -.Nm ipropd-master , -.Nm ipropd-slave -.Nd -propagate changes to a Heimdal Kerberos master KDC to slave KDCs -.Sh SYNOPSIS -.Nm ipropd-master -.Oo Fl c Ar string \*(Ba Xo -.Fl -config-file= Ns Ar string -.Xc -.Oc -.Oo Fl r Ar string \*(Ba Xo -.Fl -realm= Ns Ar string -.Xc -.Oc -.Oo Fl k Ar kspec \*(Ba Xo -.Fl -keytab= Ns Ar kspec -.Xc -.Oc -.Oo Fl d Ar file \*(Ba Xo -.Fl -database= Ns Ar file -.Xc -.Oc -.Op Fl -slave-stats-file= Ns Ar file -.Op Fl -time-missing= Ns Ar time -.Op Fl -time-gone= Ns Ar time -.Op Fl -detach -.Op Fl -version -.Op Fl -help -.Nm ipropd-slave -.Oo Fl c Ar string \*(Ba Xo -.Fl -config-file= Ns Ar string -.Xc -.Oc -.Oo Fl r Ar string \*(Ba Xo -.Fl -realm= Ns Ar string -.Xc -.Oc -.Oo Fl k Ar kspec \*(Ba Xo -.Fl -keytab= Ns Ar kspec -.Xc -.Oc -.Op Fl -time-lost= Ns Ar time -.Op Fl -detach -.Op Fl -version -.Op Fl -help -.Ar master -.Pp -.Sh DESCRIPTION -.Nm ipropd-master -is used to propagate changes to a Heimdal Kerberos database from the -master Kerberos server on which it runs to slave Kerberos servers -running -.Nm ipropd-slave . -.Pp -The slaves are specified by the contents of the -.Pa slaves -file in the KDC's database directory, e.g.\& -.Pa /var/heimdal/slaves . -This has principals one per-line of the form -.Dl iprop/ Ns Ar slave Ns @ Ns Ar REALM -where -.Ar slave -is the hostname of the slave server in the given -.Ar REALM , -e.g.\& -.Dl iprop/kerberos-1.example.com@EXAMPLE.COM -On a slave, the argument -.Fa master -specifies the hostname of the master server from which to receive updates. -.Pp -In contrast to -.Xr hprop 8 , -which sends the whole database to the slaves regularly, -.Nm -normally sends only the changes as they happen on the master. The -master keeps track of all the changes by assigning a version number to -every change to the database. The slaves know which was the latest -version they saw, and in this way it can be determined if they are in -sync or not. A log of all the changes is kept on the master. When a -slave is at an older version than the oldest one in the log, the whole -database has to be sent. -.Pp -The changes are propagated over a secure channel (on port 2121 by -default). This should normally be defined as -.Dq iprop/tcp -in -.Pa /etc/services -or another source of the services database. The master and slaves -must each have access to a keytab with keys for the -.Nm iprop -service principal on the local host. -.Pp -There is a keep-alive feature logged in the master's -.Pa slave-stats -file (e.g.\& -.Pa /var/heimdal/slave-stats ) . -.Pp -Supported options for -.Nm ipropd-master : -.Bl -tag -width Ds -.It Xo -.Fl c Ar string , -.Fl -config-file= Ns Ar string -.Xc -.It Xo -.Fl r Ar string , -.Fl -realm= Ns Ar string -.Xc -.It Xo -.Fl k Ar kspec , -.Fl -keytab= Ns Ar kspec -.Xc -keytab to get authentication from -.It Xo -.Fl d Ar file , -.Fl -database= Ns Ar file -.Xc -Database (default per KDC) -.It Xo -.Fl -slave-stats-file= Ns Ar file -.Xc -file for slave status information -.It Xo -.Fl -time-missing= Ns Ar time -.Xc -time before slave is polled for presence (default 2 min) -.It Xo -.Fl -time-gone= Ns Ar time -.Xc -time of inactivity after which a slave is considered gone (default 5 min) -.It Xo -.Fl -detach -.Xc -detach from console -.It Xo -.Fl -version -.Xc -.It Xo -.Fl -help -.Xc -.El -.Pp -Supported options for -.Nm ipropd-slave : -.Bl -tag -width Ds -.It Xo -.Fl c Ar string , -.Fl -config-file= Ns Ar string -.Xc -.It Xo -.Fl r Ar string , -.Fl -realm= Ns Ar string -.Xc -.It Xo -.Fl k Ar kspec , -.Fl -keytab= Ns Ar kspec -.Xc -keytab to get authentication from -.It Xo -.Fl -time-lost= Ns Ar time -.Xc -time before server is considered lost (default 5 min) -.It Xo -.Fl -detach -.Xc -detach from console -.It Xo -.Fl -version -.Xc -.It Xo -.Fl -help -.Xc -.El -Time arguments for the relevant options above may be specified in forms -like 5 min, 300 s, or simply a number of seconds. -.Sh FILES -.Pa slaves , -.Pa slave-stats -in the database directory. -.Sh SEE ALSO -.Xr hpropd 8 , -.Xr hprop 8 , -.Xr krb5.conf 8 , -.Xr kdc 8 , -.Xr iprop-log 8 . diff --git a/crypto/heimdal/lib/kadm5/iprop.h b/crypto/heimdal/lib/kadm5/iprop.h deleted file mode 100644 index beb54142f2bd..000000000000 --- a/crypto/heimdal/lib/kadm5/iprop.h +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright (c) 1998-2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: iprop.h 22211 2007-12-07 19:27:27Z lha $ */ - -#ifndef __IPROP_H__ -#define __IPROP_H__ - -#include "kadm5_locl.h" -#include -#ifdef HAVE_SYS_SELECT_H -#include -#endif -#ifdef HAVE_UTIL_H -#include -#endif - -#include - -#define IPROP_VERSION "iprop-0.0" - -#define IPROP_NAME "iprop" - -#define IPROP_SERVICE "iprop" - -#define IPROP_PORT 2121 - -enum iprop_cmd { I_HAVE = 1, - FOR_YOU = 2, - TELL_YOU_EVERYTHING = 3, - ONE_PRINC = 4, - NOW_YOU_HAVE = 5, - ARE_YOU_THERE = 6, - I_AM_HERE = 7 -}; - -extern sig_atomic_t exit_flag; -void setup_signal(void); - -#endif /* __IPROP_H__ */ diff --git a/crypto/heimdal/lib/kadm5/ipropd_common.c b/crypto/heimdal/lib/kadm5/ipropd_common.c deleted file mode 100644 index e6561596d111..000000000000 --- a/crypto/heimdal/lib/kadm5/ipropd_common.c +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "iprop.h" -RCSID("$Id$"); - -sig_atomic_t exit_flag; - -static RETSIGTYPE -sigterm(int sig) -{ - exit_flag = sig; -} - -void -setup_signal(void) -{ -#ifdef HAVE_SIGACTION - { - struct sigaction sa; - - sa.sa_flags = 0; - sa.sa_handler = sigterm; - sigemptyset(&sa.sa_mask); - - sigaction(SIGINT, &sa, NULL); - sigaction(SIGTERM, &sa, NULL); - sigaction(SIGXCPU, &sa, NULL); - - sa.sa_handler = SIG_IGN; - sigaction(SIGPIPE, &sa, NULL); - } -#else - signal(SIGINT, sigterm); - signal(SIGTERM, sigterm); - signal(SIGXCPU, sigterm); - signal(SIGPIPE, SIG_IGN); -#endif -} diff --git a/crypto/heimdal/lib/kadm5/ipropd_master.c b/crypto/heimdal/lib/kadm5/ipropd_master.c deleted file mode 100644 index bd8f71fd7b3f..000000000000 --- a/crypto/heimdal/lib/kadm5/ipropd_master.c +++ /dev/null @@ -1,937 +0,0 @@ -/* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "iprop.h" -#include - -RCSID("$Id: ipropd_master.c 22211 2007-12-07 19:27:27Z lha $"); - -static krb5_log_facility *log_facility; - -const char *slave_stats_file; -const char *slave_time_missing = "2 min"; -const char *slave_time_gone = "5 min"; - -static int time_before_missing; -static int time_before_gone; - -const char *master_hostname; - -static int -make_signal_socket (krb5_context context) -{ - struct sockaddr_un addr; - const char *fn; - int fd; - - fn = kadm5_log_signal_socket(context); - - fd = socket (AF_UNIX, SOCK_DGRAM, 0); - if (fd < 0) - krb5_err (context, 1, errno, "socket AF_UNIX"); - memset (&addr, 0, sizeof(addr)); - addr.sun_family = AF_UNIX; - strlcpy (addr.sun_path, fn, sizeof(addr.sun_path)); - unlink (addr.sun_path); - if (bind (fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) - krb5_err (context, 1, errno, "bind %s", addr.sun_path); - return fd; -} - -static int -make_listen_socket (krb5_context context, const char *port_str) -{ - int fd; - int one = 1; - struct sockaddr_in addr; - - fd = socket (AF_INET, SOCK_STREAM, 0); - if (fd < 0) - krb5_err (context, 1, errno, "socket AF_INET"); - setsockopt (fd, SOL_SOCKET, SO_REUSEADDR, (void *)&one, sizeof(one)); - memset (&addr, 0, sizeof(addr)); - addr.sin_family = AF_INET; - - if (port_str) { - addr.sin_port = krb5_getportbyname (context, - port_str, "tcp", - 0); - if (addr.sin_port == 0) { - char *ptr; - long port; - - port = strtol (port_str, &ptr, 10); - if (port == 0 && ptr == port_str) - krb5_errx (context, 1, "bad port `%s'", port_str); - addr.sin_port = htons(port); - } - } else { - addr.sin_port = krb5_getportbyname (context, IPROP_SERVICE, - "tcp", IPROP_PORT); - } - if(bind(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) - krb5_err (context, 1, errno, "bind"); - if (listen(fd, SOMAXCONN) < 0) - krb5_err (context, 1, errno, "listen"); - return fd; -} - -struct slave { - int fd; - struct sockaddr_in addr; - char *name; - krb5_auth_context ac; - uint32_t version; - time_t seen; - unsigned long flags; -#define SLAVE_F_DEAD 0x1 -#define SLAVE_F_AYT 0x2 - struct slave *next; -}; - -typedef struct slave slave; - -static int -check_acl (krb5_context context, const char *name) -{ - const char *fn; - FILE *fp; - char buf[256]; - int ret = 1; - char *slavefile; - - asprintf(&slavefile, "%s/slaves", hdb_db_dir(context)); - - fn = krb5_config_get_string_default(context, - NULL, - slavefile, - "kdc", - "iprop-acl", - NULL); - - fp = fopen (fn, "r"); - free(slavefile); - if (fp == NULL) - return 1; - while (fgets(buf, sizeof(buf), fp) != NULL) { - buf[strcspn(buf, "\r\n")] = '\0'; - if (strcmp (buf, name) == 0) { - ret = 0; - break; - } - } - fclose (fp); - return ret; -} - -static void -slave_seen(slave *s) -{ - s->flags &= ~SLAVE_F_AYT; - s->seen = time(NULL); -} - -static int -slave_missing_p (slave *s) -{ - if (time(NULL) > s->seen + time_before_missing) - return 1; - return 0; -} - -static int -slave_gone_p (slave *s) -{ - if (time(NULL) > s->seen + time_before_gone) - return 1; - return 0; -} - -static void -slave_dead(krb5_context context, slave *s) -{ - krb5_warnx(context, "slave %s dead", s->name); - - if (s->fd >= 0) { - close (s->fd); - s->fd = -1; - } - s->flags |= SLAVE_F_DEAD; - slave_seen(s); -} - -static void -remove_slave (krb5_context context, slave *s, slave **root) -{ - slave **p; - - if (s->fd >= 0) - close (s->fd); - if (s->name) - free (s->name); - if (s->ac) - krb5_auth_con_free (context, s->ac); - - for (p = root; *p; p = &(*p)->next) - if (*p == s) { - *p = s->next; - break; - } - free (s); -} - -static void -add_slave (krb5_context context, krb5_keytab keytab, slave **root, int fd) -{ - krb5_principal server; - krb5_error_code ret; - slave *s; - socklen_t addr_len; - krb5_ticket *ticket = NULL; - char hostname[128]; - - s = malloc(sizeof(*s)); - if (s == NULL) { - krb5_warnx (context, "add_slave: no memory"); - return; - } - s->name = NULL; - s->ac = NULL; - - addr_len = sizeof(s->addr); - s->fd = accept (fd, (struct sockaddr *)&s->addr, &addr_len); - if (s->fd < 0) { - krb5_warn (context, errno, "accept"); - goto error; - } - if (master_hostname) - strlcpy(hostname, master_hostname, sizeof(hostname)); - else - gethostname(hostname, sizeof(hostname)); - - ret = krb5_sname_to_principal (context, hostname, IPROP_NAME, - KRB5_NT_SRV_HST, &server); - if (ret) { - krb5_warn (context, ret, "krb5_sname_to_principal"); - goto error; - } - - ret = krb5_recvauth (context, &s->ac, &s->fd, - IPROP_VERSION, server, 0, keytab, &ticket); - krb5_free_principal (context, server); - if (ret) { - krb5_warn (context, ret, "krb5_recvauth"); - goto error; - } - ret = krb5_unparse_name (context, ticket->client, &s->name); - if (ret) { - krb5_warn (context, ret, "krb5_unparse_name"); - goto error; - } - if (check_acl (context, s->name)) { - krb5_warnx (context, "%s not in acl", s->name); - goto error; - } - krb5_free_ticket (context, ticket); - ticket = NULL; - - { - slave *l = *root; - - while (l) { - if (strcmp(l->name, s->name) == 0) - break; - l = l->next; - } - if (l) { - if (l->flags & SLAVE_F_DEAD) { - remove_slave(context, l, root); - } else { - krb5_warnx (context, "second connection from %s", s->name); - goto error; - } - } - } - - krb5_warnx (context, "connection from %s", s->name); - - s->version = 0; - s->flags = 0; - slave_seen(s); - s->next = *root; - *root = s; - return; -error: - remove_slave(context, s, root); -} - -struct prop_context { - krb5_auth_context auth_context; - int fd; -}; - -static int -prop_one (krb5_context context, HDB *db, hdb_entry_ex *entry, void *v) -{ - krb5_error_code ret; - krb5_storage *sp; - krb5_data data; - struct slave *s = (struct slave *)v; - - ret = hdb_entry2value (context, &entry->entry, &data); - if (ret) - return ret; - ret = krb5_data_realloc (&data, data.length + 4); - if (ret) { - krb5_data_free (&data); - return ret; - } - memmove ((char *)data.data + 4, data.data, data.length - 4); - sp = krb5_storage_from_data(&data); - if (sp == NULL) { - krb5_data_free (&data); - return ENOMEM; - } - krb5_store_int32(sp, ONE_PRINC); - krb5_storage_free(sp); - - ret = krb5_write_priv_message (context, s->ac, &s->fd, &data); - krb5_data_free (&data); - return ret; -} - -static int -send_complete (krb5_context context, slave *s, - const char *database, uint32_t current_version) -{ - krb5_error_code ret; - krb5_storage *sp; - HDB *db; - krb5_data data; - char buf[8]; - - ret = hdb_create (context, &db, database); - if (ret) - krb5_err (context, 1, ret, "hdb_create: %s", database); - ret = db->hdb_open (context, db, O_RDONLY, 0); - if (ret) - krb5_err (context, 1, ret, "db->open"); - - sp = krb5_storage_from_mem (buf, 4); - if (sp == NULL) - krb5_errx (context, 1, "krb5_storage_from_mem"); - krb5_store_int32 (sp, TELL_YOU_EVERYTHING); - krb5_storage_free (sp); - - data.data = buf; - data.length = 4; - - ret = krb5_write_priv_message(context, s->ac, &s->fd, &data); - - if (ret) { - krb5_warn (context, ret, "krb5_write_priv_message"); - slave_dead(context, s); - return ret; - } - - ret = hdb_foreach (context, db, 0, prop_one, s); - if (ret) { - krb5_warn (context, ret, "hdb_foreach"); - slave_dead(context, s); - return ret; - } - - (*db->hdb_close)(context, db); - (*db->hdb_destroy)(context, db); - - sp = krb5_storage_from_mem (buf, 8); - if (sp == NULL) - krb5_errx (context, 1, "krb5_storage_from_mem"); - krb5_store_int32 (sp, NOW_YOU_HAVE); - krb5_store_int32 (sp, current_version); - krb5_storage_free (sp); - - data.length = 8; - - s->version = current_version; - - ret = krb5_write_priv_message(context, s->ac, &s->fd, &data); - if (ret) { - slave_dead(context, s); - krb5_warn (context, ret, "krb5_write_priv_message"); - return ret; - } - - slave_seen(s); - - return 0; -} - -static int -send_are_you_there (krb5_context context, slave *s) -{ - krb5_storage *sp; - krb5_data data; - char buf[4]; - int ret; - - if (s->flags & (SLAVE_F_DEAD|SLAVE_F_AYT)) - return 0; - - s->flags |= SLAVE_F_AYT; - - data.data = buf; - data.length = 4; - - sp = krb5_storage_from_mem (buf, 4); - if (sp == NULL) { - krb5_warnx (context, "are_you_there: krb5_data_alloc"); - slave_dead(context, s); - return 1; - } - krb5_store_int32 (sp, ARE_YOU_THERE); - krb5_storage_free (sp); - - ret = krb5_write_priv_message(context, s->ac, &s->fd, &data); - - if (ret) { - krb5_warn (context, ret, "are_you_there: krb5_write_priv_message"); - slave_dead(context, s); - return 1; - } - - return 0; -} - -static int -send_diffs (krb5_context context, slave *s, int log_fd, - const char *database, uint32_t current_version) -{ - krb5_storage *sp; - uint32_t ver; - time_t timestamp; - enum kadm_ops op; - uint32_t len; - off_t right, left; - krb5_data data; - int ret = 0; - - if (s->version == current_version) { - krb5_warnx(context, "slave %s in sync already at version %ld", - s->name, (long)s->version); - return 0; - } - - if (s->flags & SLAVE_F_DEAD) - return 0; - - /* if slave is a fresh client, starting over */ - if (s->version == 0) { - krb5_warnx(context, "sending complete log to fresh slave %s", - s->name); - return send_complete (context, s, database, current_version); - } - - sp = kadm5_log_goto_end (log_fd); - right = krb5_storage_seek(sp, 0, SEEK_CUR); - for (;;) { - ret = kadm5_log_previous (context, sp, &ver, ×tamp, &op, &len); - if (ret) - krb5_err(context, 1, ret, - "send_diffs: failed to find previous entry"); - left = krb5_storage_seek(sp, -16, SEEK_CUR); - if (ver == s->version) - return 0; - if (ver == s->version + 1) - break; - if (left == 0) { - krb5_warnx(context, - "slave %s (version %lu) out of sync with master " - "(first version in log %lu), sending complete database", - s->name, (unsigned long)s->version, (unsigned long)ver); - return send_complete (context, s, database, current_version); - } - } - - krb5_warnx(context, - "syncing slave %s from version %lu to version %lu", - s->name, (unsigned long)s->version, - (unsigned long)current_version); - - ret = krb5_data_alloc (&data, right - left + 4); - if (ret) { - krb5_warn (context, ret, "send_diffs: krb5_data_alloc"); - slave_dead(context, s); - return 1; - } - krb5_storage_read (sp, (char *)data.data + 4, data.length - 4); - krb5_storage_free(sp); - - sp = krb5_storage_from_data (&data); - if (sp == NULL) { - krb5_warnx (context, "send_diffs: krb5_storage_from_data"); - slave_dead(context, s); - return 1; - } - krb5_store_int32 (sp, FOR_YOU); - krb5_storage_free(sp); - - ret = krb5_write_priv_message(context, s->ac, &s->fd, &data); - krb5_data_free(&data); - - if (ret) { - krb5_warn (context, ret, "send_diffs: krb5_write_priv_message"); - slave_dead(context, s); - return 1; - } - slave_seen(s); - - s->version = current_version; - - return 0; -} - -static int -process_msg (krb5_context context, slave *s, int log_fd, - const char *database, uint32_t current_version) -{ - int ret = 0; - krb5_data out; - krb5_storage *sp; - int32_t tmp; - - ret = krb5_read_priv_message(context, s->ac, &s->fd, &out); - if(ret) { - krb5_warn (context, ret, "error reading message from %s", s->name); - return 1; - } - - sp = krb5_storage_from_mem (out.data, out.length); - if (sp == NULL) { - krb5_warnx (context, "process_msg: no memory"); - krb5_data_free (&out); - return 1; - } - if (krb5_ret_int32 (sp, &tmp) != 0) { - krb5_warnx (context, "process_msg: client send too short command"); - krb5_data_free (&out); - return 1; - } - switch (tmp) { - case I_HAVE : - ret = krb5_ret_int32 (sp, &tmp); - if (ret != 0) { - krb5_warnx (context, "process_msg: client send too I_HAVE data"); - break; - } - /* new started slave that have old log */ - if (s->version == 0 && tmp != 0) { - if (s->version < tmp) { - krb5_warnx (context, "Slave %s have later version the master " - "OUT OF SYNC", s->name); - } else { - s->version = tmp; - } - } - if (tmp < s->version) { - krb5_warnx (context, "Slave claims to not have " - "version we already sent to it"); - } else { - ret = send_diffs (context, s, log_fd, database, current_version); - } - break; - case I_AM_HERE : - break; - case ARE_YOU_THERE: - case FOR_YOU : - default : - krb5_warnx (context, "Ignoring command %d", tmp); - break; - } - - krb5_data_free (&out); - - slave_seen(s); - - return ret; -} - -#define SLAVE_NAME "Name" -#define SLAVE_ADDRESS "Address" -#define SLAVE_VERSION "Version" -#define SLAVE_STATUS "Status" -#define SLAVE_SEEN "Last Seen" - -static FILE * -open_stats(krb5_context context) -{ - char *statfile = NULL; - const char *fn; - FILE *f; - - if (slave_stats_file) - fn = slave_stats_file; - else { - asprintf(&statfile, "%s/slaves-stats", hdb_db_dir(context)); - fn = krb5_config_get_string_default(context, - NULL, - statfile, - "kdc", - "iprop-stats", - NULL); - } - f = fopen(fn, "w"); - if (statfile) - free(statfile); - - return f; -} - -static void -write_master_down(krb5_context context) -{ - char str[100]; - time_t t = time(NULL); - FILE *fp; - - fp = open_stats(context); - if (fp == NULL) - return; - krb5_format_time(context, t, str, sizeof(str), TRUE); - fprintf(fp, "master down at %s\n", str); - - fclose(fp); -} - -static void -write_stats(krb5_context context, slave *slaves, uint32_t current_version) -{ - char str[100]; - rtbl_t tbl; - time_t t = time(NULL); - FILE *fp; - - fp = open_stats(context); - if (fp == NULL) - return; - - krb5_format_time(context, t, str, sizeof(str), TRUE); - fprintf(fp, "Status for slaves, last updated: %s\n\n", str); - - fprintf(fp, "Master version: %lu\n\n", (unsigned long)current_version); - - tbl = rtbl_create(); - if (tbl == NULL) { - fclose(fp); - return; - } - - rtbl_add_column(tbl, SLAVE_NAME, 0); - rtbl_add_column(tbl, SLAVE_ADDRESS, 0); - rtbl_add_column(tbl, SLAVE_VERSION, RTBL_ALIGN_RIGHT); - rtbl_add_column(tbl, SLAVE_STATUS, 0); - rtbl_add_column(tbl, SLAVE_SEEN, 0); - - rtbl_set_prefix(tbl, " "); - rtbl_set_column_prefix(tbl, SLAVE_NAME, ""); - - while (slaves) { - krb5_address addr; - krb5_error_code ret; - rtbl_add_column_entry(tbl, SLAVE_NAME, slaves->name); - ret = krb5_sockaddr2address (context, - (struct sockaddr*)&slaves->addr, &addr); - if(ret == 0) { - krb5_print_address(&addr, str, sizeof(str), NULL); - krb5_free_address(context, &addr); - rtbl_add_column_entry(tbl, SLAVE_ADDRESS, str); - } else - rtbl_add_column_entry(tbl, SLAVE_ADDRESS, ""); - - snprintf(str, sizeof(str), "%u", (unsigned)slaves->version); - rtbl_add_column_entry(tbl, SLAVE_VERSION, str); - - if (slaves->flags & SLAVE_F_DEAD) - rtbl_add_column_entry(tbl, SLAVE_STATUS, "Down"); - else - rtbl_add_column_entry(tbl, SLAVE_STATUS, "Up"); - - ret = krb5_format_time(context, slaves->seen, str, sizeof(str), TRUE); - rtbl_add_column_entry(tbl, SLAVE_SEEN, str); - - slaves = slaves->next; - } - - rtbl_format(tbl, fp); - rtbl_destroy(tbl); - - fclose(fp); -} - - -static char *realm; -static int version_flag; -static int help_flag; -static char *keytab_str = "HDB:"; -static char *database; -static char *config_file; -static char *port_str; -static int detach_from_console = 0; - -static struct getargs args[] = { - { "config-file", 'c', arg_string, &config_file }, - { "realm", 'r', arg_string, &realm }, - { "keytab", 'k', arg_string, &keytab_str, - "keytab to get authentication from", "kspec" }, - { "database", 'd', arg_string, &database, "database", "file"}, - { "slave-stats-file", 0, arg_string, &slave_stats_file, - "file for slave status information", "file"}, - { "time-missing", 0, arg_string, &slave_time_missing, - "time before slave is polled for presence", "time"}, - { "time-gone", 0, arg_string, &slave_time_gone, - "time of inactivity after which a slave is considered gone", "time"}, - { "port", 0, arg_string, &port_str, - "port ipropd will listen to", "port"}, - { "detach", 0, arg_flag, &detach_from_console, - "detach from console" }, - { "hostname", 0, arg_string, &master_hostname, - "hostname of master (if not same as hostname)", "hostname" }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; -static int num_args = sizeof(args) / sizeof(args[0]); - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - krb5_context context; - void *kadm_handle; - kadm5_server_context *server_context; - kadm5_config_params conf; - int signal_fd, listen_fd; - int log_fd; - slave *slaves = NULL; - uint32_t current_version = 0, old_version = 0; - krb5_keytab keytab; - int optidx; - char **files; - - optidx = krb5_program_setup(&context, argc, argv, args, num_args, NULL); - - if(help_flag) - krb5_std_usage(0, args, num_args); - if(version_flag) { - print_version(NULL); - exit(0); - } - - setup_signal(); - - if (config_file == NULL) { - asprintf(&config_file, "%s/kdc.conf", hdb_db_dir(context)); - if (config_file == NULL) - errx(1, "out of memory"); - } - - ret = krb5_prepend_config_files_default(config_file, &files); - if (ret) - krb5_err(context, 1, ret, "getting configuration files"); - - ret = krb5_set_config_files(context, files); - krb5_free_config_files(files); - if (ret) - krb5_err(context, 1, ret, "reading configuration files"); - - time_before_gone = parse_time (slave_time_gone, "s"); - if (time_before_gone < 0) - krb5_errx (context, 1, "couldn't parse time: %s", slave_time_gone); - time_before_missing = parse_time (slave_time_missing, "s"); - if (time_before_missing < 0) - krb5_errx (context, 1, "couldn't parse time: %s", slave_time_missing); - - if (detach_from_console) - daemon(0, 0); - pidfile (NULL); - krb5_openlog (context, "ipropd-master", &log_facility); - krb5_set_warn_dest(context, log_facility); - - ret = krb5_kt_register(context, &hdb_kt_ops); - if(ret) - krb5_err(context, 1, ret, "krb5_kt_register"); - - ret = krb5_kt_resolve(context, keytab_str, &keytab); - if(ret) - krb5_err(context, 1, ret, "krb5_kt_resolve: %s", keytab_str); - - memset(&conf, 0, sizeof(conf)); - if(realm) { - conf.mask |= KADM5_CONFIG_REALM; - conf.realm = realm; - } - ret = kadm5_init_with_skey_ctx (context, - KADM5_ADMIN_SERVICE, - NULL, - KADM5_ADMIN_SERVICE, - &conf, 0, 0, - &kadm_handle); - if (ret) - krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); - - server_context = (kadm5_server_context *)kadm_handle; - - log_fd = open (server_context->log_context.log_file, O_RDONLY, 0); - if (log_fd < 0) - krb5_err (context, 1, errno, "open %s", - server_context->log_context.log_file); - - signal_fd = make_signal_socket (context); - listen_fd = make_listen_socket (context, port_str); - - kadm5_log_get_version_fd (log_fd, ¤t_version); - - krb5_warnx(context, "ipropd-master started at version: %lu", - (unsigned long)current_version); - - while(exit_flag == 0){ - slave *p; - fd_set readset; - int max_fd = 0; - struct timeval to = {30, 0}; - uint32_t vers; - - if (signal_fd >= FD_SETSIZE || listen_fd >= FD_SETSIZE) - krb5_errx (context, 1, "fd too large"); - - FD_ZERO(&readset); - FD_SET(signal_fd, &readset); - max_fd = max(max_fd, signal_fd); - FD_SET(listen_fd, &readset); - max_fd = max(max_fd, listen_fd); - - for (p = slaves; p != NULL; p = p->next) { - if (p->flags & SLAVE_F_DEAD) - continue; - FD_SET(p->fd, &readset); - max_fd = max(max_fd, p->fd); - } - - ret = select (max_fd + 1, - &readset, NULL, NULL, &to); - if (ret < 0) { - if (errno == EINTR) - continue; - else - krb5_err (context, 1, errno, "select"); - } - - if (ret == 0) { - old_version = current_version; - kadm5_log_get_version_fd (log_fd, ¤t_version); - - if (current_version > old_version) { - krb5_warnx(context, - "Missed a signal, updating slaves %lu to %lu", - (unsigned long)old_version, - (unsigned long)current_version); - for (p = slaves; p != NULL; p = p->next) { - if (p->flags & SLAVE_F_DEAD) - continue; - send_diffs (context, p, log_fd, database, current_version); - } - } - } - - if (ret && FD_ISSET(signal_fd, &readset)) { - struct sockaddr_un peer_addr; - socklen_t peer_len = sizeof(peer_addr); - - if(recvfrom(signal_fd, (void *)&vers, sizeof(vers), 0, - (struct sockaddr *)&peer_addr, &peer_len) < 0) { - krb5_warn (context, errno, "recvfrom"); - continue; - } - --ret; - assert(ret >= 0); - old_version = current_version; - kadm5_log_get_version_fd (log_fd, ¤t_version); - if (current_version > old_version) { - krb5_warnx(context, - "Got a signal, updating slaves %lu to %lu", - (unsigned long)old_version, - (unsigned long)current_version); - for (p = slaves; p != NULL; p = p->next) - send_diffs (context, p, log_fd, database, current_version); - } else { - krb5_warnx(context, - "Got a signal, but no update in log version %lu", - (unsigned long)current_version); - } - } - - for(p = slaves; p != NULL; p = p->next) { - if (p->flags & SLAVE_F_DEAD) - continue; - if (ret && FD_ISSET(p->fd, &readset)) { - --ret; - assert(ret >= 0); - if(process_msg (context, p, log_fd, database, current_version)) - slave_dead(context, p); - } else if (slave_gone_p (p)) - slave_dead(context, p); - else if (slave_missing_p (p)) { - krb5_warnx(context, "slave %s missing, sending AYT", p->name); - send_are_you_there (context, p); - } - } - - if (ret && FD_ISSET(listen_fd, &readset)) { - add_slave (context, keytab, &slaves, listen_fd); - --ret; - assert(ret >= 0); - } - write_stats(context, slaves, current_version); - } - - if(exit_flag == SIGXCPU) - krb5_warnx(context, "%s CPU time limit exceeded", getprogname()); - else if(exit_flag == SIGINT || exit_flag == SIGTERM) - krb5_warnx(context, "%s terminated", getprogname()); - else - krb5_warnx(context, "%s unexpected exit reason: %d", - getprogname(), exit_flag); - - write_master_down(context); - - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/ipropd_slave.c b/crypto/heimdal/lib/kadm5/ipropd_slave.c deleted file mode 100644 index 482a3f7a4095..000000000000 --- a/crypto/heimdal/lib/kadm5/ipropd_slave.c +++ /dev/null @@ -1,632 +0,0 @@ -/* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "iprop.h" - -RCSID("$Id: ipropd_slave.c 22211 2007-12-07 19:27:27Z lha $"); - -static krb5_log_facility *log_facility; -static char *server_time_lost = "5 min"; -static int time_before_lost; -const char *slave_str = NULL; - -static int -connect_to_master (krb5_context context, const char *master, - const char *port_str) -{ - int fd; - struct sockaddr_in addr; - struct hostent *he; - - fd = socket (AF_INET, SOCK_STREAM, 0); - if (fd < 0) - krb5_err (context, 1, errno, "socket AF_INET"); - memset (&addr, 0, sizeof(addr)); - addr.sin_family = AF_INET; - if (port_str) { - addr.sin_port = krb5_getportbyname (context, - port_str, "tcp", - 0); - if (addr.sin_port == 0) { - char *ptr; - long port; - - port = strtol (port_str, &ptr, 10); - if (port == 0 && ptr == port_str) - krb5_errx (context, 1, "bad port `%s'", port_str); - addr.sin_port = htons(port); - } - } else { - addr.sin_port = krb5_getportbyname (context, IPROP_SERVICE, - "tcp", IPROP_PORT); - } - he = roken_gethostbyname (master); - if (he == NULL) - krb5_errx (context, 1, "gethostbyname: %s", hstrerror(h_errno)); - memcpy (&addr.sin_addr, he->h_addr, sizeof(addr.sin_addr)); - if(connect(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) - krb5_err (context, 1, errno, "connect"); - return fd; -} - -static void -get_creds(krb5_context context, const char *keytab_str, - krb5_ccache *cache, const char *serverhost) -{ - krb5_keytab keytab; - krb5_principal client; - krb5_error_code ret; - krb5_get_init_creds_opt *init_opts; - krb5_creds creds; - char *server; - char keytab_buf[256]; - - if (keytab_str == NULL) { - ret = krb5_kt_default_name (context, keytab_buf, sizeof(keytab_buf)); - if (ret) - krb5_err (context, 1, ret, "krb5_kt_default_name"); - keytab_str = keytab_buf; - } - - ret = krb5_kt_resolve(context, keytab_str, &keytab); - if(ret) - krb5_err(context, 1, ret, "%s", keytab_str); - - - ret = krb5_sname_to_principal (context, slave_str, IPROP_NAME, - KRB5_NT_SRV_HST, &client); - if (ret) krb5_err(context, 1, ret, "krb5_sname_to_principal"); - - ret = krb5_get_init_creds_opt_alloc(context, &init_opts); - if (ret) krb5_err(context, 1, ret, "krb5_get_init_creds_opt_alloc"); - - asprintf (&server, "%s/%s", IPROP_NAME, serverhost); - if (server == NULL) - krb5_errx (context, 1, "malloc: no memory"); - - ret = krb5_get_init_creds_keytab(context, &creds, client, keytab, - 0, server, init_opts); - free (server); - krb5_get_init_creds_opt_free(context, init_opts); - if(ret) krb5_err(context, 1, ret, "krb5_get_init_creds"); - - ret = krb5_kt_close(context, keytab); - if(ret) krb5_err(context, 1, ret, "krb5_kt_close"); - - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, cache); - if(ret) krb5_err(context, 1, ret, "krb5_cc_gen_new"); - - ret = krb5_cc_initialize(context, *cache, client); - if(ret) krb5_err(context, 1, ret, "krb5_cc_initialize"); - - ret = krb5_cc_store_cred(context, *cache, &creds); - if(ret) krb5_err(context, 1, ret, "krb5_cc_store_cred"); -} - -static void -ihave (krb5_context context, krb5_auth_context auth_context, - int fd, uint32_t version) -{ - int ret; - u_char buf[8]; - krb5_storage *sp; - krb5_data data; - - sp = krb5_storage_from_mem (buf, 8); - krb5_store_int32 (sp, I_HAVE); - krb5_store_int32 (sp, version); - krb5_storage_free (sp); - data.length = 8; - data.data = buf; - - ret = krb5_write_priv_message(context, auth_context, &fd, &data); - if (ret) - krb5_err (context, 1, ret, "krb5_write_priv_message"); -} - -static void -receive_loop (krb5_context context, - krb5_storage *sp, - kadm5_server_context *server_context) -{ - int ret; - off_t left, right; - void *buf; - int32_t vers, vers2; - ssize_t sret; - - /* - * Seek to the current version of the local database. - */ - do { - int32_t len, timestamp, tmp; - enum kadm_ops op; - - if(krb5_ret_int32 (sp, &vers) != 0) - return; - krb5_ret_int32 (sp, ×tamp); - krb5_ret_int32 (sp, &tmp); - op = tmp; - krb5_ret_int32 (sp, &len); - if (vers <= server_context->log_context.version) - krb5_storage_seek(sp, len + 8, SEEK_CUR); - } while(vers <= server_context->log_context.version); - - /* - * Read up rest of the entires into the memory... - */ - left = krb5_storage_seek (sp, -16, SEEK_CUR); - right = krb5_storage_seek (sp, 0, SEEK_END); - buf = malloc (right - left); - if (buf == NULL && (right - left) != 0) - krb5_errx (context, 1, "malloc: no memory"); - - /* - * ...and then write them out to the on-disk log. - */ - krb5_storage_seek (sp, left, SEEK_SET); - krb5_storage_read (sp, buf, right - left); - sret = write (server_context->log_context.log_fd, buf, right-left); - if (sret != right - left) - krb5_err(context, 1, errno, "Failed to write log to disk"); - ret = fsync (server_context->log_context.log_fd); - if (ret) - krb5_err(context, 1, errno, "Failed to sync log to disk"); - free (buf); - - /* - * Go back to the startpoint and start to commit the entires to - * the database. - */ - krb5_storage_seek (sp, left, SEEK_SET); - - for(;;) { - int32_t len, len2, timestamp, tmp; - off_t cur, cur2; - enum kadm_ops op; - - if(krb5_ret_int32 (sp, &vers) != 0) - break; - ret = krb5_ret_int32 (sp, ×tamp); - if (ret) krb5_errx(context, 1, "entry %ld: too short", (long)vers); - ret = krb5_ret_int32 (sp, &tmp); - if (ret) krb5_errx(context, 1, "entry %ld: too short", (long)vers); - op = tmp; - ret = krb5_ret_int32 (sp, &len); - if (ret) krb5_errx(context, 1, "entry %ld: too short", (long)vers); - if (len < 0) - krb5_errx(context, 1, "log is corrupted, " - "negative length of entry version %ld: %ld", - (long)vers, (long)len); - cur = krb5_storage_seek(sp, 0, SEEK_CUR); - - krb5_warnx (context, "replaying entry %d", (int)vers); - - ret = kadm5_log_replay (server_context, - op, vers, len, sp); - if (ret) { - char *s = krb5_get_error_message(server_context->context, ret); - krb5_warnx (context, - "kadm5_log_replay: %ld. Lost entry entry, " - "Database out of sync ?: %s (%d)", - (long)vers, s ? s : "unknown error", ret); - krb5_xfree(s); - } - - { - /* - * Make sure the krb5_log_replay does the right thing wrt - * reading out data from the sp. - */ - cur2 = krb5_storage_seek(sp, 0, SEEK_CUR); - if (cur + len != cur2) - krb5_errx(context, 1, - "kadm5_log_reply version: %ld didn't read the whole entry", - (long)vers); - } - - if (krb5_ret_int32 (sp, &len2) != 0) - krb5_errx(context, 1, "entry %ld: postamble too short", (long)vers); - if(krb5_ret_int32 (sp, &vers2) != 0) - krb5_errx(context, 1, "entry %ld: postamble too short", (long)vers); - - if (len != len2) - krb5_errx(context, 1, "entry %ld: len != len2", (long)vers); - if (vers != vers2) - krb5_errx(context, 1, "entry %ld: vers != vers2", (long)vers); - } - - /* - * Update version - */ - - server_context->log_context.version = vers; -} - -static void -receive (krb5_context context, - krb5_storage *sp, - kadm5_server_context *server_context) -{ - int ret; - - ret = server_context->db->hdb_open(context, - server_context->db, - O_RDWR | O_CREAT, 0600); - if (ret) - krb5_err (context, 1, ret, "db->open"); - - receive_loop (context, sp, server_context); - - ret = server_context->db->hdb_close (context, server_context->db); - if (ret) - krb5_err (context, 1, ret, "db->close"); -} - -static void -send_im_here (krb5_context context, int fd, - krb5_auth_context auth_context) -{ - krb5_storage *sp; - krb5_data data; - int ret; - - ret = krb5_data_alloc (&data, 4); - if (ret) - krb5_err (context, 1, ret, "send_im_here"); - - sp = krb5_storage_from_data (&data); - if (sp == NULL) - krb5_errx (context, 1, "krb5_storage_from_data"); - krb5_store_int32(sp, I_AM_HERE); - krb5_storage_free(sp); - - ret = krb5_write_priv_message(context, auth_context, &fd, &data); - krb5_data_free(&data); - - if (ret) - krb5_err (context, 1, ret, "krb5_write_priv_message"); -} - -static void -receive_everything (krb5_context context, int fd, - kadm5_server_context *server_context, - krb5_auth_context auth_context) -{ - int ret; - krb5_data data; - int32_t vno; - int32_t opcode; - krb5_storage *sp; - - char *dbname; - HDB *mydb; - - krb5_warnx(context, "receive complete database"); - - asprintf(&dbname, "%s-NEW", server_context->db->hdb_name); - ret = hdb_create(context, &mydb, dbname); - if(ret) - krb5_err(context,1, ret, "hdb_create"); - free(dbname); - - ret = hdb_set_master_keyfile (context, - mydb, server_context->config.stash_file); - if(ret) - krb5_err(context,1, ret, "hdb_set_master_keyfile"); - - /* I really want to use O_EXCL here, but given that I can't easily clean - up on error, I won't */ - ret = mydb->hdb_open(context, mydb, O_RDWR | O_CREAT | O_TRUNC, 0600); - if (ret) - krb5_err (context, 1, ret, "db->open"); - - sp = NULL; - do { - ret = krb5_read_priv_message(context, auth_context, &fd, &data); - - if (ret) - krb5_err (context, 1, ret, "krb5_read_priv_message"); - - sp = krb5_storage_from_data (&data); - if (sp == NULL) - krb5_errx (context, 1, "krb5_storage_from_data"); - krb5_ret_int32 (sp, &opcode); - if (opcode == ONE_PRINC) { - krb5_data fake_data; - hdb_entry_ex entry; - - krb5_storage_free(sp); - - fake_data.data = (char *)data.data + 4; - fake_data.length = data.length - 4; - - memset(&entry, 0, sizeof(entry)); - - ret = hdb_value2entry (context, &fake_data, &entry.entry); - if (ret) - krb5_err (context, 1, ret, "hdb_value2entry"); - ret = mydb->hdb_store(server_context->context, - mydb, - 0, &entry); - if (ret) - krb5_err (context, 1, ret, "hdb_store"); - - hdb_free_entry (context, &entry); - krb5_data_free (&data); - } else if (opcode == NOW_YOU_HAVE) - ; - else - krb5_errx (context, 1, "strange opcode %d", opcode); - } while (opcode == ONE_PRINC); - - if (opcode != NOW_YOU_HAVE) - krb5_errx (context, 1, "receive_everything: strange %d", opcode); - - krb5_ret_int32 (sp, &vno); - krb5_storage_free(sp); - - ret = kadm5_log_reinit (server_context); - if (ret) - krb5_err(context, 1, ret, "kadm5_log_reinit"); - - ret = kadm5_log_set_version (server_context, vno - 1); - if (ret) - krb5_err (context, 1, ret, "kadm5_log_set_version"); - - ret = kadm5_log_nop (server_context); - if (ret) - krb5_err (context, 1, ret, "kadm5_log_nop"); - - krb5_data_free (&data); - - ret = mydb->hdb_rename (context, mydb, server_context->db->hdb_name); - if (ret) - krb5_err (context, 1, ret, "db->rename"); - - ret = mydb->hdb_close (context, mydb); - if (ret) - krb5_err (context, 1, ret, "db->close"); - - ret = mydb->hdb_destroy (context, mydb); - if (ret) - krb5_err (context, 1, ret, "db->destroy"); - - krb5_warnx(context, "receive complete database, version %ld", (long)vno); -} - -static char *config_file; -static char *realm; -static int version_flag; -static int help_flag; -static char *keytab_str; -static char *port_str; -static int detach_from_console = 0; - -static struct getargs args[] = { - { "config-file", 'c', arg_string, &config_file }, - { "realm", 'r', arg_string, &realm }, - { "keytab", 'k', arg_string, &keytab_str, - "keytab to get authentication from", "kspec" }, - { "time-lost", 0, arg_string, &server_time_lost, - "time before server is considered lost", "time" }, - { "port", 0, arg_string, &port_str, - "port ipropd-slave will connect to", "port"}, - { "detach", 0, arg_flag, &detach_from_console, - "detach from console" }, - { "hostname", 0, arg_string, &slave_str, - "hostname of slave (if not same as hostname)", "hostname" }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - krb5_context context; - krb5_auth_context auth_context; - void *kadm_handle; - kadm5_server_context *server_context; - kadm5_config_params conf; - int master_fd; - krb5_ccache ccache; - krb5_principal server; - char **files; - int optidx; - - const char *master; - - optidx = krb5_program_setup(&context, argc, argv, args, num_args, NULL); - - if(help_flag) - krb5_std_usage(0, args, num_args); - if(version_flag) { - print_version(NULL); - exit(0); - } - - setup_signal(); - - if (config_file == NULL) { - asprintf(&config_file, "%s/kdc.conf", hdb_db_dir(context)); - if (config_file == NULL) - errx(1, "out of memory"); - } - - ret = krb5_prepend_config_files_default(config_file, &files); - if (ret) - krb5_err(context, 1, ret, "getting configuration files"); - - ret = krb5_set_config_files(context, files); - krb5_free_config_files(files); - if (ret) - krb5_err(context, 1, ret, "reading configuration files"); - - argc -= optidx; - argv += optidx; - - if (argc != 1) - krb5_std_usage(1, args, num_args); - - master = argv[0]; - - if (detach_from_console) - daemon(0, 0); - pidfile (NULL); - krb5_openlog (context, "ipropd-slave", &log_facility); - krb5_set_warn_dest(context, log_facility); - - ret = krb5_kt_register(context, &hdb_kt_ops); - if(ret) - krb5_err(context, 1, ret, "krb5_kt_register"); - - time_before_lost = parse_time (server_time_lost, "s"); - if (time_before_lost < 0) - krb5_errx (context, 1, "couldn't parse time: %s", server_time_lost); - - memset(&conf, 0, sizeof(conf)); - if(realm) { - conf.mask |= KADM5_CONFIG_REALM; - conf.realm = realm; - } - ret = kadm5_init_with_password_ctx (context, - KADM5_ADMIN_SERVICE, - NULL, - KADM5_ADMIN_SERVICE, - &conf, 0, 0, - &kadm_handle); - if (ret) - krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); - - server_context = (kadm5_server_context *)kadm_handle; - - ret = kadm5_log_init (server_context); - if (ret) - krb5_err (context, 1, ret, "kadm5_log_init"); - - get_creds(context, keytab_str, &ccache, master); - - master_fd = connect_to_master (context, master, port_str); - - ret = krb5_sname_to_principal (context, master, IPROP_NAME, - KRB5_NT_SRV_HST, &server); - if (ret) - krb5_err (context, 1, ret, "krb5_sname_to_principal"); - - auth_context = NULL; - ret = krb5_sendauth (context, &auth_context, &master_fd, - IPROP_VERSION, NULL, server, - AP_OPTS_MUTUAL_REQUIRED, NULL, NULL, - ccache, NULL, NULL, NULL); - if (ret) - krb5_err (context, 1, ret, "krb5_sendauth"); - - krb5_warnx(context, "ipropd-slave started at version: %ld", - (long)server_context->log_context.version); - - ihave (context, auth_context, master_fd, - server_context->log_context.version); - - while (exit_flag == 0) { - krb5_data out; - krb5_storage *sp; - int32_t tmp; - fd_set readset; - struct timeval to; - - if (master_fd >= FD_SETSIZE) - krb5_errx (context, 1, "fd too large"); - - FD_ZERO(&readset); - FD_SET(master_fd, &readset); - - to.tv_sec = time_before_lost; - to.tv_usec = 0; - - ret = select (master_fd + 1, - &readset, NULL, NULL, &to); - if (ret < 0) { - if (errno == EINTR) - continue; - else - krb5_err (context, 1, errno, "select"); - } - if (ret == 0) - krb5_errx (context, 1, "server didn't send a message " - "in %d seconds", time_before_lost); - - ret = krb5_read_priv_message(context, auth_context, &master_fd, &out); - - if (ret) - krb5_err (context, 1, ret, "krb5_read_priv_message"); - - sp = krb5_storage_from_mem (out.data, out.length); - krb5_ret_int32 (sp, &tmp); - switch (tmp) { - case FOR_YOU : - receive (context, sp, server_context); - ihave (context, auth_context, master_fd, - server_context->log_context.version); - break; - case TELL_YOU_EVERYTHING : - receive_everything (context, master_fd, server_context, - auth_context); - break; - case ARE_YOU_THERE : - send_im_here (context, master_fd, auth_context); - break; - case NOW_YOU_HAVE : - case I_HAVE : - case ONE_PRINC : - case I_AM_HERE : - default : - krb5_warnx (context, "Ignoring command %d", tmp); - break; - } - krb5_storage_free (sp); - krb5_data_free (&out); - } - - if(exit_flag == SIGXCPU) - krb5_warnx(context, "%s CPU time limit exceeded", getprogname()); - else if(exit_flag == SIGINT || exit_flag == SIGTERM) - krb5_warnx(context, "%s terminated", getprogname()); - else - krb5_warnx(context, "%s unexpected exit reason: %d", - getprogname(), exit_flag); - - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/kadm5-private.h b/crypto/heimdal/lib/kadm5/kadm5-private.h deleted file mode 100644 index 56b2b3252d87..000000000000 --- a/crypto/heimdal/lib/kadm5/kadm5-private.h +++ /dev/null @@ -1,503 +0,0 @@ -/* This is a generated file */ -#ifndef __kadm5_private_h__ -#define __kadm5_private_h__ - -#include - -kadm5_ret_t -_kadm5_acl_check_permission ( - kadm5_server_context */*context*/, - unsigned /*op*/, - krb5_const_principal /*princ*/); - -kadm5_ret_t -_kadm5_acl_init (kadm5_server_context */*context*/); - -kadm5_ret_t -_kadm5_bump_pw_expire ( - kadm5_server_context */*context*/, - hdb_entry */*ent*/); - -krb5_error_code -_kadm5_c_get_cred_cache ( - krb5_context /*context*/, - const char */*client_name*/, - const char */*server_name*/, - const char */*password*/, - krb5_prompter_fct /*prompter*/, - const char */*keytab*/, - krb5_ccache /*ccache*/, - krb5_ccache */*ret_cache*/); - -kadm5_ret_t -_kadm5_c_init_context ( - kadm5_client_context **/*ctx*/, - kadm5_config_params */*params*/, - krb5_context /*context*/); - -kadm5_ret_t -_kadm5_client_recv ( - kadm5_client_context */*context*/, - krb5_data */*reply*/); - -kadm5_ret_t -_kadm5_client_send ( - kadm5_client_context */*context*/, - krb5_storage */*sp*/); - -int -_kadm5_cmp_keys ( - Key */*keys1*/, - int /*len1*/, - Key */*keys2*/, - int /*len2*/); - -kadm5_ret_t -_kadm5_connect (void */*handle*/); - -kadm5_ret_t -_kadm5_error_code (kadm5_ret_t /*code*/); - -void -_kadm5_free_keys ( - krb5_context /*context*/, - int /*len*/, - Key */*keys*/); - -void -_kadm5_init_keys ( - Key */*keys*/, - int /*len*/); - -kadm5_ret_t -_kadm5_marshal_params ( - krb5_context /*context*/, - kadm5_config_params */*params*/, - krb5_data */*out*/); - -kadm5_ret_t -_kadm5_privs_to_string ( - uint32_t /*privs*/, - char */*string*/, - size_t /*len*/); - -HDB * -_kadm5_s_get_db (void */*server_handle*/); - -kadm5_ret_t -_kadm5_s_init_context ( - kadm5_server_context **/*ctx*/, - kadm5_config_params */*params*/, - krb5_context /*context*/); - -kadm5_ret_t -_kadm5_set_keys ( - kadm5_server_context */*context*/, - hdb_entry */*ent*/, - const char */*password*/); - -kadm5_ret_t -_kadm5_set_keys2 ( - kadm5_server_context */*context*/, - hdb_entry */*ent*/, - int16_t /*n_key_data*/, - krb5_key_data */*key_data*/); - -kadm5_ret_t -_kadm5_set_keys3 ( - kadm5_server_context */*context*/, - hdb_entry */*ent*/, - int /*n_keys*/, - krb5_keyblock */*keyblocks*/); - -kadm5_ret_t -_kadm5_set_keys_randomly ( - kadm5_server_context */*context*/, - hdb_entry */*ent*/, - krb5_keyblock **/*new_keys*/, - int */*n_keys*/); - -kadm5_ret_t -_kadm5_set_modifier ( - kadm5_server_context */*context*/, - hdb_entry */*ent*/); - -kadm5_ret_t -_kadm5_setup_entry ( - kadm5_server_context */*context*/, - hdb_entry_ex */*ent*/, - uint32_t /*mask*/, - kadm5_principal_ent_t /*princ*/, - uint32_t /*princ_mask*/, - kadm5_principal_ent_t /*def*/, - uint32_t /*def_mask*/); - -kadm5_ret_t -_kadm5_string_to_privs ( - const char */*s*/, - uint32_t* /*privs*/); - -kadm5_ret_t -_kadm5_unmarshal_params ( - krb5_context /*context*/, - krb5_data */*in*/, - kadm5_config_params */*params*/); - -kadm5_ret_t -kadm5_c_chpass_principal ( - void */*server_handle*/, - krb5_principal /*princ*/, - const char */*password*/); - -kadm5_ret_t -kadm5_c_chpass_principal_with_key ( - void */*server_handle*/, - krb5_principal /*princ*/, - int /*n_key_data*/, - krb5_key_data */*key_data*/); - -kadm5_ret_t -kadm5_c_create_principal ( - void */*server_handle*/, - kadm5_principal_ent_t /*princ*/, - uint32_t /*mask*/, - const char */*password*/); - -kadm5_ret_t -kadm5_c_delete_principal ( - void */*server_handle*/, - krb5_principal /*princ*/); - -kadm5_ret_t -kadm5_c_destroy (void */*server_handle*/); - -kadm5_ret_t -kadm5_c_flush (void */*server_handle*/); - -kadm5_ret_t -kadm5_c_get_principal ( - void */*server_handle*/, - krb5_principal /*princ*/, - kadm5_principal_ent_t /*out*/, - uint32_t /*mask*/); - -kadm5_ret_t -kadm5_c_get_principals ( - void */*server_handle*/, - const char */*expression*/, - char ***/*princs*/, - int */*count*/); - -kadm5_ret_t -kadm5_c_get_privs ( - void */*server_handle*/, - uint32_t */*privs*/); - -kadm5_ret_t -kadm5_c_init_with_creds ( - const char */*client_name*/, - krb5_ccache /*ccache*/, - const char */*service_name*/, - kadm5_config_params */*realm_params*/, - unsigned long /*struct_version*/, - unsigned long /*api_version*/, - void **/*server_handle*/); - -kadm5_ret_t -kadm5_c_init_with_creds_ctx ( - krb5_context /*context*/, - const char */*client_name*/, - krb5_ccache /*ccache*/, - const char */*service_name*/, - kadm5_config_params */*realm_params*/, - unsigned long /*struct_version*/, - unsigned long /*api_version*/, - void **/*server_handle*/); - -kadm5_ret_t -kadm5_c_init_with_password ( - const char */*client_name*/, - const char */*password*/, - const char */*service_name*/, - kadm5_config_params */*realm_params*/, - unsigned long /*struct_version*/, - unsigned long /*api_version*/, - void **/*server_handle*/); - -kadm5_ret_t -kadm5_c_init_with_password_ctx ( - krb5_context /*context*/, - const char */*client_name*/, - const char */*password*/, - const char */*service_name*/, - kadm5_config_params */*realm_params*/, - unsigned long /*struct_version*/, - unsigned long /*api_version*/, - void **/*server_handle*/); - -kadm5_ret_t -kadm5_c_init_with_skey ( - const char */*client_name*/, - const char */*keytab*/, - const char */*service_name*/, - kadm5_config_params */*realm_params*/, - unsigned long /*struct_version*/, - unsigned long /*api_version*/, - void **/*server_handle*/); - -kadm5_ret_t -kadm5_c_init_with_skey_ctx ( - krb5_context /*context*/, - const char */*client_name*/, - const char */*keytab*/, - const char */*service_name*/, - kadm5_config_params */*realm_params*/, - unsigned long /*struct_version*/, - unsigned long /*api_version*/, - void **/*server_handle*/); - -kadm5_ret_t -kadm5_c_modify_principal ( - void */*server_handle*/, - kadm5_principal_ent_t /*princ*/, - uint32_t /*mask*/); - -kadm5_ret_t -kadm5_c_randkey_principal ( - void */*server_handle*/, - krb5_principal /*princ*/, - krb5_keyblock **/*new_keys*/, - int */*n_keys*/); - -kadm5_ret_t -kadm5_c_rename_principal ( - void */*server_handle*/, - krb5_principal /*source*/, - krb5_principal /*target*/); - -kadm5_ret_t -kadm5_log_create ( - kadm5_server_context */*context*/, - hdb_entry */*ent*/); - -kadm5_ret_t -kadm5_log_delete ( - kadm5_server_context */*context*/, - krb5_principal /*princ*/); - -kadm5_ret_t -kadm5_log_end (kadm5_server_context */*context*/); - -kadm5_ret_t -kadm5_log_foreach ( - kadm5_server_context */*context*/, - void (*/*func*/)(kadm5_server_context *server_context, uint32_t ver, time_t timestamp, enum kadm_ops op, uint32_t len, krb5_storage *, void *), - void */*ctx*/); - -kadm5_ret_t -kadm5_log_get_version ( - kadm5_server_context */*context*/, - uint32_t */*ver*/); - -kadm5_ret_t -kadm5_log_get_version_fd ( - int /*fd*/, - uint32_t */*ver*/); - -krb5_storage * -kadm5_log_goto_end (int /*fd*/); - -kadm5_ret_t -kadm5_log_init (kadm5_server_context */*context*/); - -kadm5_ret_t -kadm5_log_modify ( - kadm5_server_context */*context*/, - hdb_entry */*ent*/, - uint32_t /*mask*/); - -kadm5_ret_t -kadm5_log_nop (kadm5_server_context */*context*/); - -kadm5_ret_t -kadm5_log_previous ( - krb5_context /*context*/, - krb5_storage */*sp*/, - uint32_t */*ver*/, - time_t */*timestamp*/, - enum kadm_ops */*op*/, - uint32_t */*len*/); - -kadm5_ret_t -kadm5_log_reinit (kadm5_server_context */*context*/); - -kadm5_ret_t -kadm5_log_rename ( - kadm5_server_context */*context*/, - krb5_principal /*source*/, - hdb_entry */*ent*/); - -kadm5_ret_t -kadm5_log_replay ( - kadm5_server_context */*context*/, - enum kadm_ops /*op*/, - uint32_t /*ver*/, - uint32_t /*len*/, - krb5_storage */*sp*/); - -kadm5_ret_t -kadm5_log_set_version ( - kadm5_server_context */*context*/, - uint32_t /*vno*/); - -const char * -kadm5_log_signal_socket (krb5_context /*context*/); - -kadm5_ret_t -kadm5_log_truncate (kadm5_server_context */*server_context*/); - -kadm5_ret_t -kadm5_s_chpass_principal ( - void */*server_handle*/, - krb5_principal /*princ*/, - const char */*password*/); - -kadm5_ret_t -kadm5_s_chpass_principal_cond ( - void */*server_handle*/, - krb5_principal /*princ*/, - const char */*password*/); - -kadm5_ret_t -kadm5_s_chpass_principal_with_key ( - void */*server_handle*/, - krb5_principal /*princ*/, - int /*n_key_data*/, - krb5_key_data */*key_data*/); - -kadm5_ret_t -kadm5_s_create_principal ( - void */*server_handle*/, - kadm5_principal_ent_t /*princ*/, - uint32_t /*mask*/, - const char */*password*/); - -kadm5_ret_t -kadm5_s_create_principal_with_key ( - void */*server_handle*/, - kadm5_principal_ent_t /*princ*/, - uint32_t /*mask*/); - -kadm5_ret_t -kadm5_s_delete_principal ( - void */*server_handle*/, - krb5_principal /*princ*/); - -kadm5_ret_t -kadm5_s_destroy (void */*server_handle*/); - -kadm5_ret_t -kadm5_s_flush (void */*server_handle*/); - -kadm5_ret_t -kadm5_s_get_principal ( - void */*server_handle*/, - krb5_principal /*princ*/, - kadm5_principal_ent_t /*out*/, - uint32_t /*mask*/); - -kadm5_ret_t -kadm5_s_get_principals ( - void */*server_handle*/, - const char */*expression*/, - char ***/*princs*/, - int */*count*/); - -kadm5_ret_t -kadm5_s_get_privs ( - void */*server_handle*/, - uint32_t */*privs*/); - -kadm5_ret_t -kadm5_s_init_with_creds ( - const char */*client_name*/, - krb5_ccache /*ccache*/, - const char */*service_name*/, - kadm5_config_params */*realm_params*/, - unsigned long /*struct_version*/, - unsigned long /*api_version*/, - void **/*server_handle*/); - -kadm5_ret_t -kadm5_s_init_with_creds_ctx ( - krb5_context /*context*/, - const char */*client_name*/, - krb5_ccache /*ccache*/, - const char */*service_name*/, - kadm5_config_params */*realm_params*/, - unsigned long /*struct_version*/, - unsigned long /*api_version*/, - void **/*server_handle*/); - -kadm5_ret_t -kadm5_s_init_with_password ( - const char */*client_name*/, - const char */*password*/, - const char */*service_name*/, - kadm5_config_params */*realm_params*/, - unsigned long /*struct_version*/, - unsigned long /*api_version*/, - void **/*server_handle*/); - -kadm5_ret_t -kadm5_s_init_with_password_ctx ( - krb5_context /*context*/, - const char */*client_name*/, - const char */*password*/, - const char */*service_name*/, - kadm5_config_params */*realm_params*/, - unsigned long /*struct_version*/, - unsigned long /*api_version*/, - void **/*server_handle*/); - -kadm5_ret_t -kadm5_s_init_with_skey ( - const char */*client_name*/, - const char */*keytab*/, - const char */*service_name*/, - kadm5_config_params */*realm_params*/, - unsigned long /*struct_version*/, - unsigned long /*api_version*/, - void **/*server_handle*/); - -kadm5_ret_t -kadm5_s_init_with_skey_ctx ( - krb5_context /*context*/, - const char */*client_name*/, - const char */*keytab*/, - const char */*service_name*/, - kadm5_config_params */*realm_params*/, - unsigned long /*struct_version*/, - unsigned long /*api_version*/, - void **/*server_handle*/); - -kadm5_ret_t -kadm5_s_modify_principal ( - void */*server_handle*/, - kadm5_principal_ent_t /*princ*/, - uint32_t /*mask*/); - -kadm5_ret_t -kadm5_s_randkey_principal ( - void */*server_handle*/, - krb5_principal /*princ*/, - krb5_keyblock **/*new_keys*/, - int */*n_keys*/); - -kadm5_ret_t -kadm5_s_rename_principal ( - void */*server_handle*/, - krb5_principal /*source*/, - krb5_principal /*target*/); - -#endif /* __kadm5_private_h__ */ diff --git a/crypto/heimdal/lib/kadm5/kadm5-protos.h b/crypto/heimdal/lib/kadm5/kadm5-protos.h deleted file mode 100644 index eebae95d8f28..000000000000 --- a/crypto/heimdal/lib/kadm5/kadm5-protos.h +++ /dev/null @@ -1,244 +0,0 @@ -/* This is a generated file */ -#ifndef __kadm5_protos_h__ -#define __kadm5_protos_h__ - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -kadm5_ret_t -kadm5_ad_init_with_password ( - const char */*client_name*/, - const char */*password*/, - const char */*service_name*/, - kadm5_config_params */*realm_params*/, - unsigned long /*struct_version*/, - unsigned long /*api_version*/, - void **/*server_handle*/); - -kadm5_ret_t -kadm5_ad_init_with_password_ctx ( - krb5_context /*context*/, - const char */*client_name*/, - const char */*password*/, - const char */*service_name*/, - kadm5_config_params */*realm_params*/, - unsigned long /*struct_version*/, - unsigned long /*api_version*/, - void **/*server_handle*/); - -krb5_error_code -kadm5_add_passwd_quality_verifier ( - krb5_context /*context*/, - const char */*check_library*/); - -const char * -kadm5_check_password_quality ( - krb5_context /*context*/, - krb5_principal /*principal*/, - krb5_data */*pwd_data*/); - -kadm5_ret_t -kadm5_chpass_principal ( - void */*server_handle*/, - krb5_principal /*princ*/, - const char */*password*/); - -kadm5_ret_t -kadm5_chpass_principal_with_key ( - void */*server_handle*/, - krb5_principal /*princ*/, - int /*n_key_data*/, - krb5_key_data */*key_data*/); - -kadm5_ret_t -kadm5_create_principal ( - void */*server_handle*/, - kadm5_principal_ent_t /*princ*/, - uint32_t /*mask*/, - const char */*password*/); - -kadm5_ret_t -kadm5_delete_principal ( - void */*server_handle*/, - krb5_principal /*princ*/); - -kadm5_ret_t -kadm5_destroy (void */*server_handle*/); - -kadm5_ret_t -kadm5_flush (void */*server_handle*/); - -void -kadm5_free_key_data ( - void */*server_handle*/, - int16_t */*n_key_data*/, - krb5_key_data */*key_data*/); - -void -kadm5_free_name_list ( - void */*server_handle*/, - char **/*names*/, - int */*count*/); - -void -kadm5_free_principal_ent ( - void */*server_handle*/, - kadm5_principal_ent_t /*princ*/); - -kadm5_ret_t -kadm5_get_principal ( - void */*server_handle*/, - krb5_principal /*princ*/, - kadm5_principal_ent_t /*out*/, - uint32_t /*mask*/); - -kadm5_ret_t -kadm5_get_principals ( - void */*server_handle*/, - const char */*expression*/, - char ***/*princs*/, - int */*count*/); - -kadm5_ret_t -kadm5_get_privs ( - void */*server_handle*/, - uint32_t */*privs*/); - -kadm5_ret_t -kadm5_init_with_creds ( - const char */*client_name*/, - krb5_ccache /*ccache*/, - const char */*service_name*/, - kadm5_config_params */*realm_params*/, - unsigned long /*struct_version*/, - unsigned long /*api_version*/, - void **/*server_handle*/); - -kadm5_ret_t -kadm5_init_with_creds_ctx ( - krb5_context /*context*/, - const char */*client_name*/, - krb5_ccache /*ccache*/, - const char */*service_name*/, - kadm5_config_params */*realm_params*/, - unsigned long /*struct_version*/, - unsigned long /*api_version*/, - void **/*server_handle*/); - -kadm5_ret_t -kadm5_init_with_password ( - const char */*client_name*/, - const char */*password*/, - const char */*service_name*/, - kadm5_config_params */*realm_params*/, - unsigned long /*struct_version*/, - unsigned long /*api_version*/, - void **/*server_handle*/); - -kadm5_ret_t -kadm5_init_with_password_ctx ( - krb5_context /*context*/, - const char */*client_name*/, - const char */*password*/, - const char */*service_name*/, - kadm5_config_params */*realm_params*/, - unsigned long /*struct_version*/, - unsigned long /*api_version*/, - void **/*server_handle*/); - -kadm5_ret_t -kadm5_init_with_skey ( - const char */*client_name*/, - const char */*keytab*/, - const char */*service_name*/, - kadm5_config_params */*realm_params*/, - unsigned long /*struct_version*/, - unsigned long /*api_version*/, - void **/*server_handle*/); - -kadm5_ret_t -kadm5_init_with_skey_ctx ( - krb5_context /*context*/, - const char */*client_name*/, - const char */*keytab*/, - const char */*service_name*/, - kadm5_config_params */*realm_params*/, - unsigned long /*struct_version*/, - unsigned long /*api_version*/, - void **/*server_handle*/); - -kadm5_ret_t -kadm5_modify_principal ( - void */*server_handle*/, - kadm5_principal_ent_t /*princ*/, - uint32_t /*mask*/); - -kadm5_ret_t -kadm5_randkey_principal ( - void */*server_handle*/, - krb5_principal /*princ*/, - krb5_keyblock **/*new_keys*/, - int */*n_keys*/); - -kadm5_ret_t -kadm5_rename_principal ( - void */*server_handle*/, - krb5_principal /*source*/, - krb5_principal /*target*/); - -kadm5_ret_t -kadm5_ret_key_data ( - krb5_storage */*sp*/, - krb5_key_data */*key*/); - -kadm5_ret_t -kadm5_ret_principal_ent ( - krb5_storage */*sp*/, - kadm5_principal_ent_t /*princ*/); - -kadm5_ret_t -kadm5_ret_principal_ent_mask ( - krb5_storage */*sp*/, - kadm5_principal_ent_t /*princ*/, - uint32_t */*mask*/); - -kadm5_ret_t -kadm5_ret_tl_data ( - krb5_storage */*sp*/, - krb5_tl_data */*tl*/); - -void -kadm5_setup_passwd_quality_check ( - krb5_context /*context*/, - const char */*check_library*/, - const char */*check_function*/); - -kadm5_ret_t -kadm5_store_key_data ( - krb5_storage */*sp*/, - krb5_key_data */*key*/); - -kadm5_ret_t -kadm5_store_principal_ent ( - krb5_storage */*sp*/, - kadm5_principal_ent_t /*princ*/); - -kadm5_ret_t -kadm5_store_principal_ent_mask ( - krb5_storage */*sp*/, - kadm5_principal_ent_t /*princ*/, - uint32_t /*mask*/); - -kadm5_ret_t -kadm5_store_tl_data ( - krb5_storage */*sp*/, - krb5_tl_data */*tl*/); - -#ifdef __cplusplus -} -#endif - -#endif /* __kadm5_protos_h__ */ diff --git a/crypto/heimdal/lib/kadm5/kadm5-pwcheck.h b/crypto/heimdal/lib/kadm5/kadm5-pwcheck.h deleted file mode 100644 index 96f3f1849f28..000000000000 --- a/crypto/heimdal/lib/kadm5/kadm5-pwcheck.h +++ /dev/null @@ -1,73 +0,0 @@ -/* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: kadm5-pwcheck.h 15489 2005-06-17 06:45:52Z lha $ */ - -#ifndef KADM5_PWCHECK_H -#define KADM5_PWCHECK_H 1 - - -#define KADM5_PASSWD_VERSION_V0 0 -#define KADM5_PASSWD_VERSION_V1 1 - -typedef const char* (*kadm5_passwd_quality_check_func_v0)(krb5_context, - krb5_principal, - krb5_data*); - -/* - * The 4th argument, is a tuning parameter for the quality check - * function, the lib/caller will providing it for the password quality - * module. - */ - -typedef int -(*kadm5_passwd_quality_check_func)(krb5_context context, - krb5_principal principal, - krb5_data *password, - const char *tuning, - char *message, - size_t length); - -struct kadm5_pw_policy_check_func { - const char *name; - kadm5_passwd_quality_check_func func; -}; - -struct kadm5_pw_policy_verifier { - const char *name; - int version; - const char *vendor; - const struct kadm5_pw_policy_check_func *funcs; -}; - -#endif /* KADM5_PWCHECK_H */ diff --git a/crypto/heimdal/lib/kadm5/kadm5_err.et b/crypto/heimdal/lib/kadm5/kadm5_err.et deleted file mode 100644 index 1ac624a9ef90..000000000000 --- a/crypto/heimdal/lib/kadm5/kadm5_err.et +++ /dev/null @@ -1,59 +0,0 @@ -# -# Error messages for the kadm5 library -# -# This might look like a com_err file, but is not -# -id "$Id: kadm5_err.et 16683 2006-02-02 13:11:47Z lha $" - -error_table ovk kadm5 - -prefix KADM5 -error_code FAILURE, "Operation failed for unspecified reason" -error_code AUTH_GET, "Operation requires `get' privilege" -error_code AUTH_ADD, "Operation requires `add' privilege" -error_code AUTH_MODIFY, "Operation requires `modify' privilege" -error_code AUTH_DELETE, "Operation requires `delete' privilege" -error_code AUTH_INSUFFICIENT, "Insufficient authorization for operation" -error_code BAD_DB, "Database inconsistency detected" -error_code DUP, "Principal or policy already exists" -error_code RPC_ERROR, "Communication failure with server" -error_code NO_SRV, "No administration server found for realm" -error_code BAD_HIST_KEY, "Password history principal key version mismatch" -error_code NOT_INIT, "Connection to server not initialized" -error_code UNK_PRINC, "Principal does not exist" -error_code UNK_POLICY, "Policy does not exist" -error_code BAD_MASK, "Invalid field mask for operation" -error_code BAD_CLASS, "Invalid number of character classes" -error_code BAD_LENGTH, "Invalid password length" -error_code BAD_POLICY, "Invalid policy name" -error_code BAD_PRINCIPAL, "Invalid principal name." -error_code BAD_AUX_ATTR, "Invalid auxillary attributes" -error_code BAD_HISTORY, "Invalid password history count" -error_code BAD_MIN_PASS_LIFE, "Password minimum life is greater than password maximum life" -error_code PASS_Q_TOOSHORT, "Password is too short" -error_code PASS_Q_CLASS, "Password does not contain enough character classes" -error_code PASS_Q_DICT, "Password is in the password dictionary" -error_code PASS_REUSE, "Can't reuse password" -error_code PASS_TOOSOON, "Current password's minimum life has not expired" -error_code POLICY_REF, "Policy is in use" -error_code INIT, "Connection to server already initialized" -error_code BAD_PASSWORD, "Incorrect password" -error_code PROTECT_PRINCIPAL, "Can't change protected principal" -error_code BAD_SERVER_HANDLE, "Programmer error! Bad Admin server handle" -error_code BAD_STRUCT_VERSION, "Programmer error! Bad API structure version" -error_code OLD_STRUCT_VERSION, "API structure version specified by application is no longer supported" -error_code NEW_STRUCT_VERSION, "API structure version specified by application is unknown to libraries" -error_code BAD_API_VERSION, "Programmer error! Bad API version" -error_code OLD_LIB_API_VERSION, "API version specified by application is no longer supported by libraries" -error_code OLD_SERVER_API_VERSION,"API version specified by application is no longer supported by server" -error_code NEW_LIB_API_VERSION, "API version specified by application is unknown to libraries" -error_code NEW_SERVER_API_VERSION,"API version specified by application is unknown to server" -error_code SECURE_PRINC_MISSING,"Database error! Required principal missing" -error_code NO_RENAME_SALT, "The salt type of the specified principal does not support renaming" -error_code BAD_CLIENT_PARAMS, "Invalid configuration parameter for remote KADM5 client" -error_code BAD_SERVER_PARAMS, "Invalid configuration parameter for local KADM5 client." -error_code AUTH_LIST, "Operation requires `list' privilege" -error_code AUTH_CHANGEPW, "Operation requires `change-password' privilege" -error_code BAD_TL_TYPE, "Invalid tagged data list element type" -error_code MISSING_CONF_PARAMS, "Required parameters in kdc.conf missing" -error_code BAD_SERVER_NAME, "Bad krb5 admin server hostname" diff --git a/crypto/heimdal/lib/kadm5/kadm5_locl.h b/crypto/heimdal/lib/kadm5/kadm5_locl.h deleted file mode 100644 index c79e6442f1f5..000000000000 --- a/crypto/heimdal/lib/kadm5/kadm5_locl.h +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: kadm5_locl.h 8579 2000-07-08 11:57:40Z assar $ */ - -#ifndef __KADM5_LOCL_H__ -#define __KADM5_LOCL_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_TIME_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_SYS_FILE_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_SYS_UN_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#include -#include "admin.h" -#include "kadm5_err.h" -#include -#include -#include -#include -#include "private.h" - -#endif /* __KADM5_LOCL_H__ */ diff --git a/crypto/heimdal/lib/kadm5/kadm5_pwcheck.3 b/crypto/heimdal/lib/kadm5/kadm5_pwcheck.3 deleted file mode 100644 index ee045c9e773d..000000000000 --- a/crypto/heimdal/lib/kadm5/kadm5_pwcheck.3 +++ /dev/null @@ -1,146 +0,0 @@ -.\" Copyright (c) 2003 - 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kadm5_pwcheck.3 15237 2005-05-25 13:16:27Z lha $ -.\" -.Dd February 29, 2004 -.Dt KADM5_PWCHECK 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_pwcheck , -.Nm kadm5_setup_passwd_quality_check , -.Nm kadm5_add_passwd_quality_verifier , -.Nm kadm5_check_password_quality -.Nd Heimdal warning and error functions -.Sh LIBRARY -Kerberos 5 Library (libkadm5srv, -lkadm5srv) -.Sh SYNOPSIS -.In kadm5-protos.h -.In kadm5-pwcheck.h -.Ft void -.Fo kadm5_setup_passwd_quality_check -.Fa "krb5_context context" -.Fa "const char *check_library" -.Fa "const char *check_function" -.Fc -.Ft "krb5_error_code" -.Fo kadm5_add_passwd_quality_verifier -.Fa "krb5_context context" -.Fa "const char *check_library" -.Fc -.Ft "const char *" -.Fo kadm5_check_password_quality -.Fa "krb5_context context" -.Fa "krb5_principal principal" -.Fa "krb5_data *pwd_data" -.Fc -.Ft int -.Fo "(*kadm5_passwd_quality_check_func)" -.Fa "krb5_context context" -.Fa "krb5_principal principal" -.Fa "krb5_data *password" -.Fa "const char *tuning" -.Fa "char *message" -.Fa "size_t length" -.Fc -.Sh DESCRIPTION -These functions perform the quality check for the heimdal database -library. -.Pp -There are two versions of the shared object API; the old version (0) -is deprecated, but still supported. The new version (1) supports -multiple password quality checking modules in the same shared object. -See below for details. -.Pp -The password quality checker will run over all tests that are -configured by the user. -.Pp -Module names are of the form -.Ql vendor:test-name -or, if the the test name is unique enough, just -.Ql test-name . -.Sh IMPLEMENTING A PASSWORD QUALITY CHECKING SHARED OBJECT -(This refers to the version 1 API only.) -.Pp -Module shared objects may conveniently be compiled and linked with -.Xr libtool 1 . -An object needs to export a symbol called -.Ql kadm5_password_verifier -of the type -.Ft "struct kadm5_pw_policy_verifier" . -.Pp -Its -.Ft name -and -.Ft vendor -fields should be contain the obvious information and -.Ft version -should be -.Dv KADM5_PASSWD_VERSION_V1 . -.Ft funcs -contains an array of -.Ft "struct kadm5_pw_policy_check_func" -structures that is terminated with an entry whose -.Ft name -component is -.Dv NULL . -The -.Ft func -Fields of the array elements are functions that are exported by the -module to be called to check the password. They get the following -arguments: the Kerberos context, principal, password, a tuning parameter, and -a pointer to a message buffer and its length. The tuning parameter -for the quality check function is currently always -.Dv NULL . -If the password is acceptable, the function returns zero. Otherwise -it returns non-zero and fills in the message buffer with an -appropriate explanation. -.Sh RUNNING THE CHECKS -.Nm kadm5_setup_passwd_quality_check -sets up type 0 checks. It sets up all type 0 checks defined in -.Xr krb5.conf 5 -if called with the last two arguments null. -.Pp -.Nm kadm5_add_passwd_quality_verifier -sets up type 1 checks. It sets up all type 1 tests defined in -.Xr krb5.conf 5 -if called with a null second argument. -.Nm kadm5_check_password_quality -runs the checks in the order in which they are defined in -.Xr krb5.conf 5 -and the order in which they occur in a -module's -.Ft funcs -array until one returns non-zero. -.Sh SEE ALSO -.Xr libtool 1 , -.Xr krb5 3 , -.Xr krb5.conf 5 diff --git a/crypto/heimdal/lib/kadm5/keys.c b/crypto/heimdal/lib/kadm5/keys.c deleted file mode 100644 index 2521fae24385..000000000000 --- a/crypto/heimdal/lib/kadm5/keys.c +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: keys.c 14297 2004-10-11 23:50:25Z lha $"); - -/* - * free all the memory used by (len, keys) - */ - -void -_kadm5_free_keys (krb5_context context, - int len, Key *keys) -{ - hdb_free_keys(context, len, keys); -} - -/* - * null-ify `len', `keys' - */ - -void -_kadm5_init_keys (Key *keys, int len) -{ - int i; - - for (i = 0; i < len; ++i) { - keys[i].mkvno = NULL; - keys[i].salt = NULL; - keys[i].key.keyvalue.length = 0; - keys[i].key.keyvalue.data = NULL; - } -} - -/* - * return 0 iff `keys1, len1' and `keys2, len2' are identical - */ - -int -_kadm5_cmp_keys(Key *keys1, int len1, Key *keys2, int len2) -{ - int i; - - if (len1 != len2) - return 1; - - for (i = 0; i < len1; ++i) { - if ((keys1[i].salt != NULL && keys2[i].salt == NULL) - || (keys1[i].salt == NULL && keys2[i].salt != NULL)) - return 1; - if (keys1[i].salt != NULL) { - if (keys1[i].salt->type != keys2[i].salt->type) - return 1; - if (keys1[i].salt->salt.length != keys2[i].salt->salt.length) - return 1; - if (memcmp (keys1[i].salt->salt.data, keys2[i].salt->salt.data, - keys1[i].salt->salt.length) != 0) - return 1; - } - if (keys1[i].key.keytype != keys2[i].key.keytype) - return 1; - if (keys1[i].key.keyvalue.length != keys2[i].key.keyvalue.length) - return 1; - if (memcmp (keys1[i].key.keyvalue.data, keys2[i].key.keyvalue.data, - keys1[i].key.keyvalue.length) != 0) - return 1; - } - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/log.c b/crypto/heimdal/lib/kadm5/log.c deleted file mode 100644 index 5c4aaefe707c..000000000000 --- a/crypto/heimdal/lib/kadm5/log.c +++ /dev/null @@ -1,982 +0,0 @@ -/* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" -#include "heim_threads.h" - -RCSID("$Id: log.c 22211 2007-12-07 19:27:27Z lha $"); - -/* - * A log record consists of: - * - * version number 4 bytes - * time in seconds 4 bytes - * operation (enum kadm_ops) 4 bytes - * length of record 4 bytes - * data... n bytes - * length of record 4 bytes - * version number 4 bytes - * - */ - -kadm5_ret_t -kadm5_log_get_version_fd (int fd, - uint32_t *ver) -{ - int ret; - krb5_storage *sp; - int32_t old_version; - - ret = lseek (fd, 0, SEEK_END); - if(ret < 0) - return errno; - if(ret == 0) { - *ver = 0; - return 0; - } - sp = krb5_storage_from_fd (fd); - krb5_storage_seek(sp, -4, SEEK_CUR); - krb5_ret_int32 (sp, &old_version); - *ver = old_version; - krb5_storage_free(sp); - lseek (fd, 0, SEEK_END); - return 0; -} - -kadm5_ret_t -kadm5_log_get_version (kadm5_server_context *context, uint32_t *ver) -{ - return kadm5_log_get_version_fd (context->log_context.log_fd, ver); -} - -kadm5_ret_t -kadm5_log_set_version (kadm5_server_context *context, uint32_t vno) -{ - kadm5_log_context *log_context = &context->log_context; - - log_context->version = vno; - return 0; -} - -kadm5_ret_t -kadm5_log_init (kadm5_server_context *context) -{ - int fd; - kadm5_ret_t ret; - kadm5_log_context *log_context = &context->log_context; - - if (log_context->log_fd != -1) - return 0; - fd = open (log_context->log_file, O_RDWR | O_CREAT, 0600); - if (fd < 0) { - krb5_set_error_string(context->context, "kadm5_log_init: open %s", - log_context->log_file); - return errno; - } - if (flock (fd, LOCK_EX) < 0) { - krb5_set_error_string(context->context, "kadm5_log_init: flock %s", - log_context->log_file); - close (fd); - return errno; - } - - ret = kadm5_log_get_version_fd (fd, &log_context->version); - if (ret) - return ret; - - log_context->log_fd = fd; - return 0; -} - -kadm5_ret_t -kadm5_log_reinit (kadm5_server_context *context) -{ - int fd; - kadm5_log_context *log_context = &context->log_context; - - if (log_context->log_fd != -1) { - flock (log_context->log_fd, LOCK_UN); - close (log_context->log_fd); - log_context->log_fd = -1; - } - fd = open (log_context->log_file, O_RDWR | O_CREAT | O_TRUNC, 0600); - if (fd < 0) - return errno; - if (flock (fd, LOCK_EX) < 0) { - close (fd); - return errno; - } - - log_context->version = 0; - log_context->log_fd = fd; - return 0; -} - - -kadm5_ret_t -kadm5_log_end (kadm5_server_context *context) -{ - kadm5_log_context *log_context = &context->log_context; - int fd = log_context->log_fd; - - flock (fd, LOCK_UN); - close(fd); - log_context->log_fd = -1; - return 0; -} - -static kadm5_ret_t -kadm5_log_preamble (kadm5_server_context *context, - krb5_storage *sp, - enum kadm_ops op) -{ - kadm5_log_context *log_context = &context->log_context; - kadm5_ret_t kadm_ret; - - kadm_ret = kadm5_log_init (context); - if (kadm_ret) - return kadm_ret; - - krb5_store_int32 (sp, ++log_context->version); - krb5_store_int32 (sp, time(NULL)); - krb5_store_int32 (sp, op); - return 0; -} - -static kadm5_ret_t -kadm5_log_postamble (kadm5_log_context *context, - krb5_storage *sp) -{ - krb5_store_int32 (sp, context->version); - return 0; -} - -/* - * flush the log record in `sp'. - */ - -static kadm5_ret_t -kadm5_log_flush (kadm5_log_context *log_context, - krb5_storage *sp) -{ - krb5_data data; - size_t len; - int ret; - - krb5_storage_to_data(sp, &data); - len = data.length; - ret = write (log_context->log_fd, data.data, len); - if (ret != len) { - krb5_data_free(&data); - return errno; - } - if (fsync (log_context->log_fd) < 0) { - krb5_data_free(&data); - return errno; - } - /* - * Try to send a signal to any running `ipropd-master' - */ - sendto (log_context->socket_fd, - (void *)&log_context->version, - sizeof(log_context->version), - 0, - (struct sockaddr *)&log_context->socket_name, - sizeof(log_context->socket_name)); - - krb5_data_free(&data); - return 0; -} - -/* - * Add a `create' operation to the log. - */ - -kadm5_ret_t -kadm5_log_create (kadm5_server_context *context, - hdb_entry *ent) -{ - krb5_storage *sp; - kadm5_ret_t ret; - krb5_data value; - kadm5_log_context *log_context = &context->log_context; - - sp = krb5_storage_emem(); - ret = hdb_entry2value (context->context, ent, &value); - if (ret) { - krb5_storage_free(sp); - return ret; - } - ret = kadm5_log_preamble (context, sp, kadm_create); - if (ret) { - krb5_data_free (&value); - krb5_storage_free(sp); - return ret; - } - krb5_store_int32 (sp, value.length); - krb5_storage_write(sp, value.data, value.length); - krb5_store_int32 (sp, value.length); - krb5_data_free (&value); - ret = kadm5_log_postamble (log_context, sp); - if (ret) { - krb5_storage_free (sp); - return ret; - } - ret = kadm5_log_flush (log_context, sp); - krb5_storage_free (sp); - if (ret) - return ret; - ret = kadm5_log_end (context); - return ret; -} - -/* - * Read the data of a create log record from `sp' and change the - * database. - */ - -static kadm5_ret_t -kadm5_log_replay_create (kadm5_server_context *context, - uint32_t ver, - uint32_t len, - krb5_storage *sp) -{ - krb5_error_code ret; - krb5_data data; - hdb_entry_ex ent; - - memset(&ent, 0, sizeof(ent)); - - ret = krb5_data_alloc (&data, len); - if (ret) { - krb5_set_error_string(context->context, "out of memory"); - return ret; - } - krb5_storage_read (sp, data.data, len); - ret = hdb_value2entry (context->context, &data, &ent.entry); - krb5_data_free(&data); - if (ret) { - krb5_set_error_string(context->context, - "Unmarshaling hdb entry failed"); - return ret; - } - ret = context->db->hdb_store(context->context, context->db, 0, &ent); - hdb_free_entry (context->context, &ent); - return ret; -} - -/* - * Add a `delete' operation to the log. - */ - -kadm5_ret_t -kadm5_log_delete (kadm5_server_context *context, - krb5_principal princ) -{ - krb5_storage *sp; - kadm5_ret_t ret; - off_t off; - off_t len; - kadm5_log_context *log_context = &context->log_context; - - sp = krb5_storage_emem(); - if (sp == NULL) - return ENOMEM; - ret = kadm5_log_preamble (context, sp, kadm_delete); - if (ret) - goto out; - ret = krb5_store_int32 (sp, 0); - if (ret) - goto out; - off = krb5_storage_seek (sp, 0, SEEK_CUR); - ret = krb5_store_principal (sp, princ); - if (ret) - goto out; - len = krb5_storage_seek (sp, 0, SEEK_CUR) - off; - krb5_storage_seek(sp, -(len + 4), SEEK_CUR); - ret = krb5_store_int32 (sp, len); - if (ret) - goto out; - krb5_storage_seek(sp, len, SEEK_CUR); - ret = krb5_store_int32 (sp, len); - if (ret) - goto out; - ret = kadm5_log_postamble (log_context, sp); - if (ret) - goto out; - ret = kadm5_log_flush (log_context, sp); - if (ret) - goto out; - ret = kadm5_log_end (context); -out: - krb5_storage_free (sp); - return ret; -} - -/* - * Read a `delete' log operation from `sp' and apply it. - */ - -static kadm5_ret_t -kadm5_log_replay_delete (kadm5_server_context *context, - uint32_t ver, - uint32_t len, - krb5_storage *sp) -{ - krb5_error_code ret; - krb5_principal principal; - - ret = krb5_ret_principal (sp, &principal); - if (ret) { - krb5_set_error_string(context->context, "Failed to read deleted " - "principal from log version: %ld", (long)ver); - return ret; - } - - ret = context->db->hdb_remove(context->context, context->db, principal); - krb5_free_principal (context->context, principal); - return ret; -} - -/* - * Add a `rename' operation to the log. - */ - -kadm5_ret_t -kadm5_log_rename (kadm5_server_context *context, - krb5_principal source, - hdb_entry *ent) -{ - krb5_storage *sp; - kadm5_ret_t ret; - off_t off; - off_t len; - krb5_data value; - kadm5_log_context *log_context = &context->log_context; - - krb5_data_zero(&value); - - sp = krb5_storage_emem(); - ret = hdb_entry2value (context->context, ent, &value); - if (ret) - goto failed; - - ret = kadm5_log_preamble (context, sp, kadm_rename); - if (ret) - goto failed; - - ret = krb5_store_int32 (sp, 0); - if (ret) - goto failed; - off = krb5_storage_seek (sp, 0, SEEK_CUR); - ret = krb5_store_principal (sp, source); - if (ret) - goto failed; - - krb5_storage_write(sp, value.data, value.length); - len = krb5_storage_seek (sp, 0, SEEK_CUR) - off; - - krb5_storage_seek(sp, -(len + 4), SEEK_CUR); - ret = krb5_store_int32 (sp, len); - if (ret) - goto failed; - - krb5_storage_seek(sp, len, SEEK_CUR); - ret = krb5_store_int32 (sp, len); - if (ret) - goto failed; - - ret = kadm5_log_postamble (log_context, sp); - if (ret) - goto failed; - - ret = kadm5_log_flush (log_context, sp); - if (ret) - goto failed; - krb5_storage_free (sp); - krb5_data_free (&value); - - return kadm5_log_end (context); - -failed: - krb5_data_free(&value); - krb5_storage_free(sp); - return ret; -} - -/* - * Read a `rename' log operation from `sp' and apply it. - */ - -static kadm5_ret_t -kadm5_log_replay_rename (kadm5_server_context *context, - uint32_t ver, - uint32_t len, - krb5_storage *sp) -{ - krb5_error_code ret; - krb5_principal source; - hdb_entry_ex target_ent; - krb5_data value; - off_t off; - size_t princ_len, data_len; - - memset(&target_ent, 0, sizeof(target_ent)); - - off = krb5_storage_seek(sp, 0, SEEK_CUR); - ret = krb5_ret_principal (sp, &source); - if (ret) { - krb5_set_error_string(context->context, "Failed to read renamed " - "principal in log, version: %ld", (long)ver); - return ret; - } - princ_len = krb5_storage_seek(sp, 0, SEEK_CUR) - off; - data_len = len - princ_len; - ret = krb5_data_alloc (&value, data_len); - if (ret) { - krb5_free_principal (context->context, source); - return ret; - } - krb5_storage_read (sp, value.data, data_len); - ret = hdb_value2entry (context->context, &value, &target_ent.entry); - krb5_data_free(&value); - if (ret) { - krb5_free_principal (context->context, source); - return ret; - } - ret = context->db->hdb_store (context->context, context->db, - 0, &target_ent); - hdb_free_entry (context->context, &target_ent); - if (ret) { - krb5_free_principal (context->context, source); - return ret; - } - ret = context->db->hdb_remove (context->context, context->db, source); - krb5_free_principal (context->context, source); - return ret; -} - - -/* - * Add a `modify' operation to the log. - */ - -kadm5_ret_t -kadm5_log_modify (kadm5_server_context *context, - hdb_entry *ent, - uint32_t mask) -{ - krb5_storage *sp; - kadm5_ret_t ret; - krb5_data value; - uint32_t len; - kadm5_log_context *log_context = &context->log_context; - - krb5_data_zero(&value); - - sp = krb5_storage_emem(); - ret = hdb_entry2value (context->context, ent, &value); - if (ret) - goto failed; - - ret = kadm5_log_preamble (context, sp, kadm_modify); - if (ret) - goto failed; - - len = value.length + 4; - ret = krb5_store_int32 (sp, len); - if (ret) - goto failed; - ret = krb5_store_int32 (sp, mask); - if (ret) - goto failed; - krb5_storage_write (sp, value.data, value.length); - - ret = krb5_store_int32 (sp, len); - if (ret) - goto failed; - ret = kadm5_log_postamble (log_context, sp); - if (ret) - goto failed; - ret = kadm5_log_flush (log_context, sp); - if (ret) - goto failed; - krb5_data_free(&value); - krb5_storage_free (sp); - return kadm5_log_end (context); -failed: - krb5_data_free(&value); - krb5_storage_free(sp); - return ret; -} - -/* - * Read a `modify' log operation from `sp' and apply it. - */ - -static kadm5_ret_t -kadm5_log_replay_modify (kadm5_server_context *context, - uint32_t ver, - uint32_t len, - krb5_storage *sp) -{ - krb5_error_code ret; - int32_t mask; - krb5_data value; - hdb_entry_ex ent, log_ent; - - memset(&log_ent, 0, sizeof(log_ent)); - - krb5_ret_int32 (sp, &mask); - len -= 4; - ret = krb5_data_alloc (&value, len); - if (ret) { - krb5_set_error_string(context->context, "out of memory"); - return ret; - } - krb5_storage_read (sp, value.data, len); - ret = hdb_value2entry (context->context, &value, &log_ent.entry); - krb5_data_free(&value); - if (ret) - return ret; - - memset(&ent, 0, sizeof(ent)); - ret = context->db->hdb_fetch(context->context, context->db, - log_ent.entry.principal, - HDB_F_DECRYPT|HDB_F_GET_ANY, &ent); - if (ret) - goto out; - if (mask & KADM5_PRINC_EXPIRE_TIME) { - if (log_ent.entry.valid_end == NULL) { - ent.entry.valid_end = NULL; - } else { - if (ent.entry.valid_end == NULL) { - ent.entry.valid_end = malloc(sizeof(*ent.entry.valid_end)); - if (ent.entry.valid_end == NULL) { - krb5_set_error_string(context->context, "out of memory"); - ret = ENOMEM; - goto out; - } - } - *ent.entry.valid_end = *log_ent.entry.valid_end; - } - } - if (mask & KADM5_PW_EXPIRATION) { - if (log_ent.entry.pw_end == NULL) { - ent.entry.pw_end = NULL; - } else { - if (ent.entry.pw_end == NULL) { - ent.entry.pw_end = malloc(sizeof(*ent.entry.pw_end)); - if (ent.entry.pw_end == NULL) { - krb5_set_error_string(context->context, "out of memory"); - ret = ENOMEM; - goto out; - } - } - *ent.entry.pw_end = *log_ent.entry.pw_end; - } - } - if (mask & KADM5_LAST_PWD_CHANGE) { - abort (); /* XXX */ - } - if (mask & KADM5_ATTRIBUTES) { - ent.entry.flags = log_ent.entry.flags; - } - if (mask & KADM5_MAX_LIFE) { - if (log_ent.entry.max_life == NULL) { - ent.entry.max_life = NULL; - } else { - if (ent.entry.max_life == NULL) { - ent.entry.max_life = malloc (sizeof(*ent.entry.max_life)); - if (ent.entry.max_life == NULL) { - krb5_set_error_string(context->context, "out of memory"); - ret = ENOMEM; - goto out; - } - } - *ent.entry.max_life = *log_ent.entry.max_life; - } - } - if ((mask & KADM5_MOD_TIME) && (mask & KADM5_MOD_NAME)) { - if (ent.entry.modified_by == NULL) { - ent.entry.modified_by = malloc(sizeof(*ent.entry.modified_by)); - if (ent.entry.modified_by == NULL) { - krb5_set_error_string(context->context, "out of memory"); - ret = ENOMEM; - goto out; - } - } else - free_Event(ent.entry.modified_by); - ret = copy_Event(log_ent.entry.modified_by, ent.entry.modified_by); - if (ret) { - krb5_set_error_string(context->context, "out of memory"); - goto out; - } - } - if (mask & KADM5_KVNO) { - ent.entry.kvno = log_ent.entry.kvno; - } - if (mask & KADM5_MKVNO) { - abort (); /* XXX */ - } - if (mask & KADM5_AUX_ATTRIBUTES) { - abort (); /* XXX */ - } - if (mask & KADM5_POLICY) { - abort (); /* XXX */ - } - if (mask & KADM5_POLICY_CLR) { - abort (); /* XXX */ - } - if (mask & KADM5_MAX_RLIFE) { - if (log_ent.entry.max_renew == NULL) { - ent.entry.max_renew = NULL; - } else { - if (ent.entry.max_renew == NULL) { - ent.entry.max_renew = malloc (sizeof(*ent.entry.max_renew)); - if (ent.entry.max_renew == NULL) { - krb5_set_error_string(context->context, "out of memory"); - ret = ENOMEM; - goto out; - } - } - *ent.entry.max_renew = *log_ent.entry.max_renew; - } - } - if (mask & KADM5_LAST_SUCCESS) { - abort (); /* XXX */ - } - if (mask & KADM5_LAST_FAILED) { - abort (); /* XXX */ - } - if (mask & KADM5_FAIL_AUTH_COUNT) { - abort (); /* XXX */ - } - if (mask & KADM5_KEY_DATA) { - size_t num; - int i; - - for (i = 0; i < ent.entry.keys.len; ++i) - free_Key(&ent.entry.keys.val[i]); - free (ent.entry.keys.val); - - num = log_ent.entry.keys.len; - - ent.entry.keys.len = num; - ent.entry.keys.val = malloc(len * sizeof(*ent.entry.keys.val)); - if (ent.entry.keys.val == NULL) { - krb5_set_error_string(context->context, "out of memory"); - return ENOMEM; - } - for (i = 0; i < ent.entry.keys.len; ++i) { - ret = copy_Key(&log_ent.entry.keys.val[i], - &ent.entry.keys.val[i]); - if (ret) { - krb5_set_error_string(context->context, "out of memory"); - goto out; - } - } - } - if ((mask & KADM5_TL_DATA) && log_ent.entry.extensions) { - HDB_extensions *es = ent.entry.extensions; - - ent.entry.extensions = calloc(1, sizeof(*ent.entry.extensions)); - if (ent.entry.extensions == NULL) - goto out; - - ret = copy_HDB_extensions(log_ent.entry.extensions, - ent.entry.extensions); - if (ret) { - krb5_set_error_string(context->context, "out of memory"); - free(ent.entry.extensions); - ent.entry.extensions = es; - goto out; - } - if (es) { - free_HDB_extensions(es); - free(es); - } - } - ret = context->db->hdb_store(context->context, context->db, - HDB_F_REPLACE, &ent); - out: - hdb_free_entry (context->context, &ent); - hdb_free_entry (context->context, &log_ent); - return ret; -} - -/* - * Add a `nop' operation to the log. Does not close the log. - */ - -kadm5_ret_t -kadm5_log_nop (kadm5_server_context *context) -{ - krb5_storage *sp; - kadm5_ret_t ret; - kadm5_log_context *log_context = &context->log_context; - - sp = krb5_storage_emem(); - ret = kadm5_log_preamble (context, sp, kadm_nop); - if (ret) { - krb5_storage_free (sp); - return ret; - } - krb5_store_int32 (sp, 0); - krb5_store_int32 (sp, 0); - ret = kadm5_log_postamble (log_context, sp); - if (ret) { - krb5_storage_free (sp); - return ret; - } - ret = kadm5_log_flush (log_context, sp); - krb5_storage_free (sp); - - return ret; -} - -/* - * Read a `nop' log operation from `sp' and apply it. - */ - -static kadm5_ret_t -kadm5_log_replay_nop (kadm5_server_context *context, - uint32_t ver, - uint32_t len, - krb5_storage *sp) -{ - return 0; -} - -/* - * Call `func' for each log record in the log in `context' - */ - -kadm5_ret_t -kadm5_log_foreach (kadm5_server_context *context, - void (*func)(kadm5_server_context *server_context, - uint32_t ver, - time_t timestamp, - enum kadm_ops op, - uint32_t len, - krb5_storage *, - void *), - void *ctx) -{ - int fd = context->log_context.log_fd; - krb5_storage *sp; - - lseek (fd, 0, SEEK_SET); - sp = krb5_storage_from_fd (fd); - for (;;) { - int32_t ver, timestamp, op, len, len2, ver2; - - if(krb5_ret_int32 (sp, &ver) != 0) - break; - krb5_ret_int32 (sp, ×tamp); - krb5_ret_int32 (sp, &op); - krb5_ret_int32 (sp, &len); - (*func)(context, ver, timestamp, op, len, sp, ctx); - krb5_ret_int32 (sp, &len2); - krb5_ret_int32 (sp, &ver2); - if (len != len2) - abort(); - if (ver != ver2) - abort(); - } - krb5_storage_free(sp); - return 0; -} - -/* - * Go to end of log. - */ - -krb5_storage * -kadm5_log_goto_end (int fd) -{ - krb5_storage *sp; - - sp = krb5_storage_from_fd (fd); - krb5_storage_seek(sp, 0, SEEK_END); - return sp; -} - -/* - * Return previous log entry. - * - * The pointer in `sp´ is assumed to be at the top of the entry before - * previous entry. On success, the `sp´ pointer is set to data portion - * of previous entry. In case of error, it's not changed at all. - */ - -kadm5_ret_t -kadm5_log_previous (krb5_context context, - krb5_storage *sp, - uint32_t *ver, - time_t *timestamp, - enum kadm_ops *op, - uint32_t *len) -{ - krb5_error_code ret; - off_t off, oldoff; - int32_t tmp; - - oldoff = krb5_storage_seek(sp, 0, SEEK_CUR); - - krb5_storage_seek(sp, -8, SEEK_CUR); - ret = krb5_ret_int32 (sp, &tmp); - if (ret) - goto end_of_storage; - *len = tmp; - ret = krb5_ret_int32 (sp, &tmp); - *ver = tmp; - off = 24 + *len; - krb5_storage_seek(sp, -off, SEEK_CUR); - ret = krb5_ret_int32 (sp, &tmp); - if (ret) - goto end_of_storage; - if (tmp != *ver) { - krb5_storage_seek(sp, oldoff, SEEK_SET); - krb5_set_error_string(context, "kadm5_log_previous: log entry " - "have consistency failure, version number wrong"); - return KADM5_BAD_DB; - } - ret = krb5_ret_int32 (sp, &tmp); - if (ret) - goto end_of_storage; - *timestamp = tmp; - ret = krb5_ret_int32 (sp, &tmp); - *op = tmp; - ret = krb5_ret_int32 (sp, &tmp); - if (ret) - goto end_of_storage; - if (tmp != *len) { - krb5_storage_seek(sp, oldoff, SEEK_SET); - krb5_set_error_string(context, "kadm5_log_previous: log entry " - "have consistency failure, length wrong"); - return KADM5_BAD_DB; - } - return 0; - - end_of_storage: - krb5_storage_seek(sp, oldoff, SEEK_SET); - krb5_set_error_string(context, "kadm5_log_previous: end of storage " - "reached before end"); - return ret; -} - -/* - * Replay a record from the log - */ - -kadm5_ret_t -kadm5_log_replay (kadm5_server_context *context, - enum kadm_ops op, - uint32_t ver, - uint32_t len, - krb5_storage *sp) -{ - switch (op) { - case kadm_create : - return kadm5_log_replay_create (context, ver, len, sp); - case kadm_delete : - return kadm5_log_replay_delete (context, ver, len, sp); - case kadm_rename : - return kadm5_log_replay_rename (context, ver, len, sp); - case kadm_modify : - return kadm5_log_replay_modify (context, ver, len, sp); - case kadm_nop : - return kadm5_log_replay_nop (context, ver, len, sp); - default : - krb5_set_error_string(context->context, - "Unsupported replay op %d", (int)op); - return KADM5_FAILURE; - } -} - -/* - * truncate the log - i.e. create an empty file with just (nop vno + 2) - */ - -kadm5_ret_t -kadm5_log_truncate (kadm5_server_context *server_context) -{ - kadm5_ret_t ret; - uint32_t vno; - - ret = kadm5_log_init (server_context); - if (ret) - return ret; - - ret = kadm5_log_get_version (server_context, &vno); - if (ret) - return ret; - - ret = kadm5_log_reinit (server_context); - if (ret) - return ret; - - ret = kadm5_log_set_version (server_context, vno); - if (ret) - return ret; - - ret = kadm5_log_nop (server_context); - if (ret) - return ret; - - ret = kadm5_log_end (server_context); - if (ret) - return ret; - return 0; - -} - -static char *default_signal = NULL; -static HEIMDAL_MUTEX signal_mutex = HEIMDAL_MUTEX_INITIALIZER; - -const char * -kadm5_log_signal_socket(krb5_context context) -{ - HEIMDAL_MUTEX_lock(&signal_mutex); - if (!default_signal) - asprintf(&default_signal, "%s/signal", hdb_db_dir(context)); - HEIMDAL_MUTEX_unlock(&signal_mutex); - - return krb5_config_get_string_default(context, - NULL, - default_signal, - "kdc", - "signal_socket", - NULL); -} diff --git a/crypto/heimdal/lib/kadm5/marshall.c b/crypto/heimdal/lib/kadm5/marshall.c deleted file mode 100644 index 05ca33ffaa0d..000000000000 --- a/crypto/heimdal/lib/kadm5/marshall.c +++ /dev/null @@ -1,336 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: marshall.c 21745 2007-07-31 16:11:25Z lha $"); - -kadm5_ret_t -kadm5_store_key_data(krb5_storage *sp, - krb5_key_data *key) -{ - krb5_data c; - krb5_store_int32(sp, key->key_data_ver); - krb5_store_int32(sp, key->key_data_kvno); - krb5_store_int32(sp, key->key_data_type[0]); - c.length = key->key_data_length[0]; - c.data = key->key_data_contents[0]; - krb5_store_data(sp, c); - krb5_store_int32(sp, key->key_data_type[1]); - c.length = key->key_data_length[1]; - c.data = key->key_data_contents[1]; - krb5_store_data(sp, c); - return 0; -} - -kadm5_ret_t -kadm5_ret_key_data(krb5_storage *sp, - krb5_key_data *key) -{ - krb5_data c; - int32_t tmp; - krb5_ret_int32(sp, &tmp); - key->key_data_ver = tmp; - krb5_ret_int32(sp, &tmp); - key->key_data_kvno = tmp; - krb5_ret_int32(sp, &tmp); - key->key_data_type[0] = tmp; - krb5_ret_data(sp, &c); - key->key_data_length[0] = c.length; - key->key_data_contents[0] = c.data; - krb5_ret_int32(sp, &tmp); - key->key_data_type[1] = tmp; - krb5_ret_data(sp, &c); - key->key_data_length[1] = c.length; - key->key_data_contents[1] = c.data; - return 0; -} - -kadm5_ret_t -kadm5_store_tl_data(krb5_storage *sp, - krb5_tl_data *tl) -{ - krb5_data c; - krb5_store_int32(sp, tl->tl_data_type); - c.length = tl->tl_data_length; - c.data = tl->tl_data_contents; - krb5_store_data(sp, c); - return 0; -} - -kadm5_ret_t -kadm5_ret_tl_data(krb5_storage *sp, - krb5_tl_data *tl) -{ - krb5_data c; - int32_t tmp; - krb5_ret_int32(sp, &tmp); - tl->tl_data_type = tmp; - krb5_ret_data(sp, &c); - tl->tl_data_length = c.length; - tl->tl_data_contents = c.data; - return 0; -} - -static kadm5_ret_t -store_principal_ent(krb5_storage *sp, - kadm5_principal_ent_t princ, - uint32_t mask) -{ - int i; - - if (mask & KADM5_PRINCIPAL) - krb5_store_principal(sp, princ->principal); - if (mask & KADM5_PRINC_EXPIRE_TIME) - krb5_store_int32(sp, princ->princ_expire_time); - if (mask & KADM5_PW_EXPIRATION) - krb5_store_int32(sp, princ->pw_expiration); - if (mask & KADM5_LAST_PWD_CHANGE) - krb5_store_int32(sp, princ->last_pwd_change); - if (mask & KADM5_MAX_LIFE) - krb5_store_int32(sp, princ->max_life); - if (mask & KADM5_MOD_NAME) { - krb5_store_int32(sp, princ->mod_name != NULL); - if(princ->mod_name) - krb5_store_principal(sp, princ->mod_name); - } - if (mask & KADM5_MOD_TIME) - krb5_store_int32(sp, princ->mod_date); - if (mask & KADM5_ATTRIBUTES) - krb5_store_int32(sp, princ->attributes); - if (mask & KADM5_KVNO) - krb5_store_int32(sp, princ->kvno); - if (mask & KADM5_MKVNO) - krb5_store_int32(sp, princ->mkvno); - if (mask & KADM5_POLICY) { - krb5_store_int32(sp, princ->policy != NULL); - if(princ->policy) - krb5_store_string(sp, princ->policy); - } - if (mask & KADM5_AUX_ATTRIBUTES) - krb5_store_int32(sp, princ->aux_attributes); - if (mask & KADM5_MAX_RLIFE) - krb5_store_int32(sp, princ->max_renewable_life); - if (mask & KADM5_LAST_SUCCESS) - krb5_store_int32(sp, princ->last_success); - if (mask & KADM5_LAST_FAILED) - krb5_store_int32(sp, princ->last_failed); - if (mask & KADM5_FAIL_AUTH_COUNT) - krb5_store_int32(sp, princ->fail_auth_count); - if (mask & KADM5_KEY_DATA) { - krb5_store_int32(sp, princ->n_key_data); - for(i = 0; i < princ->n_key_data; i++) - kadm5_store_key_data(sp, &princ->key_data[i]); - } - if (mask & KADM5_TL_DATA) { - krb5_tl_data *tp; - - krb5_store_int32(sp, princ->n_tl_data); - for(tp = princ->tl_data; tp; tp = tp->tl_data_next) - kadm5_store_tl_data(sp, tp); - } - return 0; -} - - -kadm5_ret_t -kadm5_store_principal_ent(krb5_storage *sp, - kadm5_principal_ent_t princ) -{ - return store_principal_ent (sp, princ, ~0); -} - -kadm5_ret_t -kadm5_store_principal_ent_mask(krb5_storage *sp, - kadm5_principal_ent_t princ, - uint32_t mask) -{ - krb5_store_int32(sp, mask); - return store_principal_ent (sp, princ, mask); -} - -static kadm5_ret_t -ret_principal_ent(krb5_storage *sp, - kadm5_principal_ent_t princ, - uint32_t mask) -{ - int i; - int32_t tmp; - - if (mask & KADM5_PRINCIPAL) - krb5_ret_principal(sp, &princ->principal); - - if (mask & KADM5_PRINC_EXPIRE_TIME) { - krb5_ret_int32(sp, &tmp); - princ->princ_expire_time = tmp; - } - if (mask & KADM5_PW_EXPIRATION) { - krb5_ret_int32(sp, &tmp); - princ->pw_expiration = tmp; - } - if (mask & KADM5_LAST_PWD_CHANGE) { - krb5_ret_int32(sp, &tmp); - princ->last_pwd_change = tmp; - } - if (mask & KADM5_MAX_LIFE) { - krb5_ret_int32(sp, &tmp); - princ->max_life = tmp; - } - if (mask & KADM5_MOD_NAME) { - krb5_ret_int32(sp, &tmp); - if(tmp) - krb5_ret_principal(sp, &princ->mod_name); - else - princ->mod_name = NULL; - } - if (mask & KADM5_MOD_TIME) { - krb5_ret_int32(sp, &tmp); - princ->mod_date = tmp; - } - if (mask & KADM5_ATTRIBUTES) { - krb5_ret_int32(sp, &tmp); - princ->attributes = tmp; - } - if (mask & KADM5_KVNO) { - krb5_ret_int32(sp, &tmp); - princ->kvno = tmp; - } - if (mask & KADM5_MKVNO) { - krb5_ret_int32(sp, &tmp); - princ->mkvno = tmp; - } - if (mask & KADM5_POLICY) { - krb5_ret_int32(sp, &tmp); - if(tmp) - krb5_ret_string(sp, &princ->policy); - else - princ->policy = NULL; - } - if (mask & KADM5_AUX_ATTRIBUTES) { - krb5_ret_int32(sp, &tmp); - princ->aux_attributes = tmp; - } - if (mask & KADM5_MAX_RLIFE) { - krb5_ret_int32(sp, &tmp); - princ->max_renewable_life = tmp; - } - if (mask & KADM5_LAST_SUCCESS) { - krb5_ret_int32(sp, &tmp); - princ->last_success = tmp; - } - if (mask & KADM5_LAST_FAILED) { - krb5_ret_int32(sp, &tmp); - princ->last_failed = tmp; - } - if (mask & KADM5_FAIL_AUTH_COUNT) { - krb5_ret_int32(sp, &tmp); - princ->fail_auth_count = tmp; - } - if (mask & KADM5_KEY_DATA) { - krb5_ret_int32(sp, &tmp); - princ->n_key_data = tmp; - princ->key_data = malloc(princ->n_key_data * sizeof(*princ->key_data)); - if (princ->key_data == NULL) - return ENOMEM; - for(i = 0; i < princ->n_key_data; i++) - kadm5_ret_key_data(sp, &princ->key_data[i]); - } - if (mask & KADM5_TL_DATA) { - krb5_ret_int32(sp, &tmp); - princ->n_tl_data = tmp; - princ->tl_data = NULL; - for(i = 0; i < princ->n_tl_data; i++){ - krb5_tl_data *tp = malloc(sizeof(*tp)); - if (tp == NULL) - return ENOMEM; - kadm5_ret_tl_data(sp, tp); - tp->tl_data_next = princ->tl_data; - princ->tl_data = tp; - } - } - return 0; -} - -kadm5_ret_t -kadm5_ret_principal_ent(krb5_storage *sp, - kadm5_principal_ent_t princ) -{ - return ret_principal_ent (sp, princ, ~0); -} - -kadm5_ret_t -kadm5_ret_principal_ent_mask(krb5_storage *sp, - kadm5_principal_ent_t princ, - uint32_t *mask) -{ - int32_t tmp; - - krb5_ret_int32 (sp, &tmp); - *mask = tmp; - return ret_principal_ent (sp, princ, *mask); -} - -kadm5_ret_t -_kadm5_marshal_params(krb5_context context, - kadm5_config_params *params, - krb5_data *out) -{ - krb5_storage *sp = krb5_storage_emem(); - - krb5_store_int32(sp, params->mask & (KADM5_CONFIG_REALM)); - - if(params->mask & KADM5_CONFIG_REALM) - krb5_store_string(sp, params->realm); - krb5_storage_to_data(sp, out); - krb5_storage_free(sp); - - return 0; -} - -kadm5_ret_t -_kadm5_unmarshal_params(krb5_context context, - krb5_data *in, - kadm5_config_params *params) -{ - krb5_storage *sp = krb5_storage_from_data(in); - int32_t mask; - - krb5_ret_int32(sp, &mask); - params->mask = mask; - - if(params->mask & KADM5_CONFIG_REALM) - krb5_ret_string(sp, ¶ms->realm); - krb5_storage_free(sp); - - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/modify_c.c b/crypto/heimdal/lib/kadm5/modify_c.c deleted file mode 100644 index ed399b3ce8de..000000000000 --- a/crypto/heimdal/lib/kadm5/modify_c.c +++ /dev/null @@ -1,81 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: modify_c.c 17445 2006-05-05 10:37:46Z lha $"); - -kadm5_ret_t -kadm5_c_modify_principal(void *server_handle, - kadm5_principal_ent_t princ, - uint32_t mask) -{ - kadm5_client_context *context = server_handle; - kadm5_ret_t ret; - krb5_storage *sp; - unsigned char buf[1024]; - int32_t tmp; - krb5_data reply; - - ret = _kadm5_connect(server_handle); - if(ret) - return ret; - - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp == NULL) { - krb5_clear_error_string(context->context); - return ENOMEM; - } - krb5_store_int32(sp, kadm_modify); - kadm5_store_principal_ent(sp, princ); - krb5_store_int32(sp, mask); - ret = _kadm5_client_send(context, sp); - krb5_storage_free(sp); - if(ret) - return ret; - ret = _kadm5_client_recv(context, &reply); - if(ret) - return ret; - sp = krb5_storage_from_data (&reply); - if (sp == NULL) { - krb5_clear_error_string(context->context); - krb5_data_free (&reply); - return ENOMEM; - } - krb5_ret_int32(sp, &tmp); - krb5_clear_error_string(context->context); - krb5_storage_free(sp); - krb5_data_free (&reply); - return tmp; -} - diff --git a/crypto/heimdal/lib/kadm5/modify_s.c b/crypto/heimdal/lib/kadm5/modify_s.c deleted file mode 100644 index 449f6195cca8..000000000000 --- a/crypto/heimdal/lib/kadm5/modify_s.c +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (c) 1997-2001, 2003, 2005-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: modify_s.c 20610 2007-05-08 07:12:37Z lha $"); - -static kadm5_ret_t -modify_principal(void *server_handle, - kadm5_principal_ent_t princ, - uint32_t mask, - uint32_t forbidden_mask) -{ - kadm5_server_context *context = server_handle; - hdb_entry_ex ent; - kadm5_ret_t ret; - if((mask & forbidden_mask)) - return KADM5_BAD_MASK; - if((mask & KADM5_POLICY) && strcmp(princ->policy, "default")) - return KADM5_UNK_POLICY; - - memset(&ent, 0, sizeof(ent)); - ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); - if(ret) - return ret; - ret = context->db->hdb_fetch(context->context, context->db, - princ->principal, HDB_F_GET_ANY, &ent); - if(ret) - goto out; - ret = _kadm5_setup_entry(context, &ent, mask, princ, mask, NULL, 0); - if(ret) - goto out2; - ret = _kadm5_set_modifier(context, &ent.entry); - if(ret) - goto out2; - - ret = hdb_seal_keys(context->context, context->db, &ent.entry); - if (ret) - goto out2; - - ret = context->db->hdb_store(context->context, context->db, - HDB_F_REPLACE, &ent); - if (ret) - goto out2; - - kadm5_log_modify (context, - &ent.entry, - mask | KADM5_MOD_NAME | KADM5_MOD_TIME); - -out2: - hdb_free_entry(context->context, &ent); -out: - context->db->hdb_close(context->context, context->db); - return _kadm5_error_code(ret); -} - - -kadm5_ret_t -kadm5_s_modify_principal(void *server_handle, - kadm5_principal_ent_t princ, - uint32_t mask) -{ - return modify_principal(server_handle, princ, mask, - KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME - | KADM5_MOD_NAME | KADM5_MKVNO - | KADM5_AUX_ATTRIBUTES | KADM5_LAST_SUCCESS - | KADM5_LAST_FAILED); -} diff --git a/crypto/heimdal/lib/kadm5/password_quality.c b/crypto/heimdal/lib/kadm5/password_quality.c deleted file mode 100644 index 2610ce878490..000000000000 --- a/crypto/heimdal/lib/kadm5/password_quality.c +++ /dev/null @@ -1,512 +0,0 @@ -/* - * Copyright (c) 1997-2000, 2003-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" -#include "kadm5-pwcheck.h" - -RCSID("$Id: password_quality.c 17595 2006-05-30 21:51:55Z lha $"); - -#ifdef HAVE_SYS_WAIT_H -#include -#endif -#ifdef HAVE_DLFCN_H -#include -#endif - -static int -min_length_passwd_quality (krb5_context context, - krb5_principal principal, - krb5_data *pwd, - const char *opaque, - char *message, - size_t length) -{ - uint32_t min_length = krb5_config_get_int_default(context, NULL, 6, - "password_quality", - "min_length", - NULL); - - if (pwd->length < min_length) { - strlcpy(message, "Password too short", length); - return 1; - } else - return 0; -} - -static const char * -min_length_passwd_quality_v0 (krb5_context context, - krb5_principal principal, - krb5_data *pwd) -{ - static char message[1024]; - int ret; - - message[0] = '\0'; - - ret = min_length_passwd_quality(context, principal, pwd, NULL, - message, sizeof(message)); - if (ret) - return message; - return NULL; -} - - -static int -char_class_passwd_quality (krb5_context context, - krb5_principal principal, - krb5_data *pwd, - const char *opaque, - char *message, - size_t length) -{ - const char *classes[] = { - "ABCDEFGHIJKLMNOPQRSTUVWXYZ", - "abcdefghijklmnopqrstuvwxyz", - "1234567890", - "!@#$%^&*()/?<>,.{[]}\\|'~`\" " - }; - int i, counter = 0, req_classes; - size_t len; - char *pw; - - req_classes = krb5_config_get_int_default(context, NULL, 3, - "password_quality", - "min_classes", - NULL); - - len = pwd->length + 1; - pw = malloc(len); - if (pw == NULL) { - strlcpy(message, "out of memory", length); - return 1; - } - strlcpy(pw, pwd->data, len); - len = strlen(pw); - - for (i = 0; i < sizeof(classes)/sizeof(classes[0]); i++) { - if (strcspn(pw, classes[i]) < len) - counter++; - } - memset(pw, 0, pwd->length + 1); - free(pw); - if (counter < req_classes) { - snprintf(message, length, - "Password doesn't meet complexity requirement.\n" - "Add more characters from the following classes:\n" - "1. English uppercase characters (A through Z)\n" - "2. English lowercase characters (a through z)\n" - "3. Base 10 digits (0 through 9)\n" - "4. Nonalphanumeric characters (e.g., !, $, #, %%)"); - return 1; - } - return 0; -} - -static int -external_passwd_quality (krb5_context context, - krb5_principal principal, - krb5_data *pwd, - const char *opaque, - char *message, - size_t length) -{ - krb5_error_code ret; - const char *program; - char *p; - pid_t child; - int status; - char reply[1024]; - FILE *in = NULL, *out = NULL, *error = NULL; - - if (memchr(pwd->data, pwd->length, '\n') != NULL) { - snprintf(message, length, "password contains newline, " - "not valid for external test"); - return 1; - } - - program = krb5_config_get_string(context, NULL, - "password_quality", - "external_program", - NULL); - if (program == NULL) { - snprintf(message, length, "external password quality " - "program not configured"); - return 1; - } - - ret = krb5_unparse_name(context, principal, &p); - if (ret) { - strlcpy(message, "out of memory", length); - return 1; - } - - child = pipe_execv(&in, &out, &error, program, p, NULL); - if (child < 0) { - snprintf(message, length, "external password quality " - "program failed to execute for principal %s", p); - free(p); - return 1; - } - - fprintf(in, "principal: %s\n" - "new-password: %.*s\n" - "end\n", - p, (int)pwd->length, (char *)pwd->data); - - fclose(in); - - if (fgets(reply, sizeof(reply), out) == NULL) { - - if (fgets(reply, sizeof(reply), error) == NULL) { - snprintf(message, length, "external password quality " - "program failed without error"); - - } else { - reply[strcspn(reply, "\n")] = '\0'; - snprintf(message, length, "External password quality " - "program failed: %s", reply); - } - - fclose(out); - fclose(error); - waitpid(child, &status, 0); - return 1; - } - reply[strcspn(reply, "\n")] = '\0'; - - fclose(out); - fclose(error); - - if (waitpid(child, &status, 0) < 0) { - snprintf(message, length, "external program failed: %s", reply); - free(p); - return 1; - } - if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) { - snprintf(message, length, "external program failed: %s", reply); - free(p); - return 1; - } - - if (strcmp(reply, "APPROVED") != 0) { - snprintf(message, length, "%s", reply); - free(p); - return 1; - } - - free(p); - - return 0; -} - - -static kadm5_passwd_quality_check_func_v0 passwd_quality_check = - min_length_passwd_quality_v0; - -struct kadm5_pw_policy_check_func builtin_funcs[] = { - { "minimum-length", min_length_passwd_quality }, - { "character-class", char_class_passwd_quality }, - { "external-check", external_passwd_quality }, - { NULL } -}; -struct kadm5_pw_policy_verifier builtin_verifier = { - "builtin", - KADM5_PASSWD_VERSION_V1, - "Heimdal builtin", - builtin_funcs -}; - -static struct kadm5_pw_policy_verifier **verifiers; -static int num_verifiers; - -/* - * setup the password quality hook - */ - -#ifndef RTLD_NOW -#define RTLD_NOW 0 -#endif - -void -kadm5_setup_passwd_quality_check(krb5_context context, - const char *check_library, - const char *check_function) -{ -#ifdef HAVE_DLOPEN - void *handle; - void *sym; - int *version; - const char *tmp; - - if(check_library == NULL) { - tmp = krb5_config_get_string(context, NULL, - "password_quality", - "check_library", - NULL); - if(tmp != NULL) - check_library = tmp; - } - if(check_function == NULL) { - tmp = krb5_config_get_string(context, NULL, - "password_quality", - "check_function", - NULL); - if(tmp != NULL) - check_function = tmp; - } - if(check_library != NULL && check_function == NULL) - check_function = "passwd_check"; - - if(check_library == NULL) - return; - handle = dlopen(check_library, RTLD_NOW); - if(handle == NULL) { - krb5_warnx(context, "failed to open `%s'", check_library); - return; - } - version = dlsym(handle, "version"); - if(version == NULL) { - krb5_warnx(context, - "didn't find `version' symbol in `%s'", check_library); - dlclose(handle); - return; - } - if(*version != KADM5_PASSWD_VERSION_V0) { - krb5_warnx(context, - "version of loaded library is %d (expected %d)", - *version, KADM5_PASSWD_VERSION_V0); - dlclose(handle); - return; - } - sym = dlsym(handle, check_function); - if(sym == NULL) { - krb5_warnx(context, - "didn't find `%s' symbol in `%s'", - check_function, check_library); - dlclose(handle); - return; - } - passwd_quality_check = (kadm5_passwd_quality_check_func_v0) sym; -#endif /* HAVE_DLOPEN */ -} - -#ifdef HAVE_DLOPEN - -static krb5_error_code -add_verifier(krb5_context context, const char *check_library) -{ - struct kadm5_pw_policy_verifier *v, **tmp; - void *handle; - int i; - - handle = dlopen(check_library, RTLD_NOW); - if(handle == NULL) { - krb5_warnx(context, "failed to open `%s'", check_library); - return ENOENT; - } - v = dlsym(handle, "kadm5_password_verifier"); - if(v == NULL) { - krb5_warnx(context, - "didn't find `kadm5_password_verifier' symbol " - "in `%s'", check_library); - dlclose(handle); - return ENOENT; - } - if(v->version != KADM5_PASSWD_VERSION_V1) { - krb5_warnx(context, - "version of loaded library is %d (expected %d)", - v->version, KADM5_PASSWD_VERSION_V1); - dlclose(handle); - return EINVAL; - } - for (i = 0; i < num_verifiers; i++) { - if (strcmp(v->name, verifiers[i]->name) == 0) - break; - } - if (i < num_verifiers) { - krb5_warnx(context, "password verifier library `%s' is already loaded", - v->name); - dlclose(handle); - return 0; - } - - tmp = realloc(verifiers, (num_verifiers + 1) * sizeof(*verifiers)); - if (tmp == NULL) { - krb5_warnx(context, "out of memory"); - dlclose(handle); - return 0; - } - verifiers = tmp; - verifiers[num_verifiers] = v; - num_verifiers++; - - return 0; -} - -#endif - -krb5_error_code -kadm5_add_passwd_quality_verifier(krb5_context context, - const char *check_library) -{ -#ifdef HAVE_DLOPEN - - if(check_library == NULL) { - krb5_error_code ret; - char **tmp; - - tmp = krb5_config_get_strings(context, NULL, - "password_quality", - "policy_libraries", - NULL); - if(tmp == NULL) - return 0; - - while(tmp) { - ret = add_verifier(context, *tmp); - if (ret) - return ret; - tmp++; - } - } - return add_verifier(context, check_library); -#else - return 0; -#endif /* HAVE_DLOPEN */ -} - -/* - * - */ - -static const struct kadm5_pw_policy_check_func * -find_func(krb5_context context, const char *name) -{ - const struct kadm5_pw_policy_check_func *f; - char *module = NULL; - const char *p, *func; - int i; - - p = strchr(name, ':'); - if (p) { - func = p + 1; - module = strndup(name, p - name); - if (module == NULL) - return NULL; - } else - func = name; - - /* Find module in loaded modules first */ - for (i = 0; i < num_verifiers; i++) { - if (module && strcmp(module, verifiers[i]->name) != 0) - continue; - for (f = verifiers[i]->funcs; f->name ; f++) - if (strcmp(name, f->name) == 0) { - if (module) - free(module); - return f; - } - } - /* Lets try try the builtin modules */ - if (module == NULL || strcmp(module, "builtin") == 0) { - for (f = builtin_verifier.funcs; f->name ; f++) - if (strcmp(func, f->name) == 0) { - if (module) - free(module); - return f; - } - } - if (module) - free(module); - return NULL; -} - -const char * -kadm5_check_password_quality (krb5_context context, - krb5_principal principal, - krb5_data *pwd_data) -{ - const struct kadm5_pw_policy_check_func *proc; - static char error_msg[1024]; - const char *msg; - char **v, **vp; - int ret; - - /* - * Check if we should use the old version of policy function. - */ - - v = krb5_config_get_strings(context, NULL, - "password_quality", - "policies", - NULL); - if (v == NULL) { - msg = (*passwd_quality_check) (context, principal, pwd_data); - krb5_set_error_string(context, "password policy failed: %s", msg); - return msg; - } - - error_msg[0] = '\0'; - - msg = NULL; - for(vp = v; *vp; vp++) { - proc = find_func(context, *vp); - if (proc == NULL) { - msg = "failed to find password verifier function"; - krb5_set_error_string(context, "Failed to find password policy " - "function: %s", *vp); - break; - } - ret = (proc->func)(context, principal, pwd_data, NULL, - error_msg, sizeof(error_msg)); - if (ret) { - krb5_set_error_string(context, "Password policy " - "%s failed with %s", - proc->name, error_msg); - msg = error_msg; - break; - } - } - krb5_config_free_strings(v); - - /* If the default quality check isn't used, lets check that the - * old quality function the user have set too */ - if (msg == NULL && passwd_quality_check != min_length_passwd_quality_v0) { - msg = (*passwd_quality_check) (context, principal, pwd_data); - if (msg) - krb5_set_error_string(context, "(old) password policy " - "failed with %s", msg); - - } - return msg; -} diff --git a/crypto/heimdal/lib/kadm5/private.h b/crypto/heimdal/lib/kadm5/private.h deleted file mode 100644 index d5e1380752a3..000000000000 --- a/crypto/heimdal/lib/kadm5/private.h +++ /dev/null @@ -1,144 +0,0 @@ -/* - * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: private.h 22211 2007-12-07 19:27:27Z lha $ */ - -#ifndef __kadm5_privatex_h__ -#define __kadm5_privatex_h__ - -struct kadm_func { - kadm5_ret_t (*chpass_principal) (void *, krb5_principal, const char*); - kadm5_ret_t (*create_principal) (void*, kadm5_principal_ent_t, - uint32_t, const char*); - kadm5_ret_t (*delete_principal) (void*, krb5_principal); - kadm5_ret_t (*destroy) (void*); - kadm5_ret_t (*flush) (void*); - kadm5_ret_t (*get_principal) (void*, krb5_principal, - kadm5_principal_ent_t, uint32_t); - kadm5_ret_t (*get_principals) (void*, const char*, char***, int*); - kadm5_ret_t (*get_privs) (void*, uint32_t*); - kadm5_ret_t (*modify_principal) (void*, kadm5_principal_ent_t, uint32_t); - kadm5_ret_t (*randkey_principal) (void*, krb5_principal, - krb5_keyblock**, int*); - kadm5_ret_t (*rename_principal) (void*, krb5_principal, krb5_principal); - kadm5_ret_t (*chpass_principal_with_key) (void *, krb5_principal, - int, krb5_key_data *); -}; - -/* XXX should be integrated */ -typedef struct kadm5_common_context { - krb5_context context; - krb5_boolean my_context; - struct kadm_func funcs; - void *data; -}kadm5_common_context; - -typedef struct kadm5_log_peer { - int fd; - char *name; - krb5_auth_context ac; - struct kadm5_log_peer *next; -} kadm5_log_peer; - -typedef struct kadm5_log_context { - char *log_file; - int log_fd; - uint32_t version; - struct sockaddr_un socket_name; - int socket_fd; -} kadm5_log_context; - -typedef struct kadm5_server_context { - krb5_context context; - krb5_boolean my_context; - struct kadm_func funcs; - /* */ - kadm5_config_params config; - HDB *db; - krb5_principal caller; - unsigned acl_flags; - kadm5_log_context log_context; -} kadm5_server_context; - -typedef struct kadm5_client_context { - krb5_context context; - krb5_boolean my_context; - struct kadm_func funcs; - /* */ - krb5_auth_context ac; - char *realm; - char *admin_server; - int kadmind_port; - int sock; - char *client_name; - char *service_name; - krb5_prompter_fct prompter; - const char *keytab; - krb5_ccache ccache; - kadm5_config_params *realm_params; -}kadm5_client_context; - -typedef struct kadm5_ad_context { - krb5_context context; - krb5_boolean my_context; - struct kadm_func funcs; - /* */ - kadm5_config_params config; - krb5_principal caller; - krb5_ccache ccache; - char *client_name; - char *realm; - void *ldap_conn; - char *base_dn; -} kadm5_ad_context; - -enum kadm_ops { - kadm_get, - kadm_delete, - kadm_create, - kadm_rename, - kadm_chpass, - kadm_modify, - kadm_randkey, - kadm_get_privs, - kadm_get_princs, - kadm_chpass_with_key, - kadm_nop -}; - -#define KADMIN_APPL_VERSION "KADM0.1" -#define KADMIN_OLD_APPL_VERSION "KADM0.0" - -#include "kadm5-private.h" - -#endif /* __kadm5_privatex_h__ */ diff --git a/crypto/heimdal/lib/kadm5/privs_c.c b/crypto/heimdal/lib/kadm5/privs_c.c deleted file mode 100644 index 58e6824dc11a..000000000000 --- a/crypto/heimdal/lib/kadm5/privs_c.c +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: privs_c.c 17512 2006-05-08 13:43:17Z lha $"); - -kadm5_ret_t -kadm5_c_get_privs(void *server_handle, uint32_t *privs) -{ - kadm5_client_context *context = server_handle; - kadm5_ret_t ret; - krb5_storage *sp; - unsigned char buf[1024]; - int32_t tmp; - krb5_data reply; - - *privs = 0; - - ret = _kadm5_connect(server_handle); - if(ret) - return ret; - - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp == NULL) { - krb5_clear_error_string(context->context); - return ENOMEM; - } - krb5_store_int32(sp, kadm_get_privs); - ret = _kadm5_client_send(context, sp); - krb5_storage_free(sp); - if(ret) - return ret; - ret = _kadm5_client_recv(context, &reply); - if (ret) - return ret; - sp = krb5_storage_from_data(&reply); - if (sp == NULL) { - krb5_clear_error_string(context->context); - krb5_data_free (&reply); - return ENOMEM; - } - krb5_ret_int32(sp, &tmp); - krb5_clear_error_string(context->context); - ret = tmp; - if(ret == 0){ - krb5_ret_uint32(sp, privs); - } - krb5_storage_free(sp); - krb5_data_free (&reply); - return ret; -} diff --git a/crypto/heimdal/lib/kadm5/privs_s.c b/crypto/heimdal/lib/kadm5/privs_s.c deleted file mode 100644 index 9c345e3c0f08..000000000000 --- a/crypto/heimdal/lib/kadm5/privs_s.c +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: privs_s.c 17445 2006-05-05 10:37:46Z lha $"); - -kadm5_ret_t -kadm5_s_get_privs(void *server_handle, uint32_t *privs) -{ - kadm5_server_context *context = server_handle; - *privs = context->acl_flags; - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/randkey_c.c b/crypto/heimdal/lib/kadm5/randkey_c.c deleted file mode 100644 index 60a3f53e1131..000000000000 --- a/crypto/heimdal/lib/kadm5/randkey_c.c +++ /dev/null @@ -1,97 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: randkey_c.c 16662 2006-01-25 12:53:09Z lha $"); - -kadm5_ret_t -kadm5_c_randkey_principal(void *server_handle, - krb5_principal princ, - krb5_keyblock **new_keys, - int *n_keys) -{ - kadm5_client_context *context = server_handle; - kadm5_ret_t ret; - krb5_storage *sp; - unsigned char buf[1024]; - int32_t tmp; - krb5_data reply; - - ret = _kadm5_connect(server_handle); - if(ret) - return ret; - - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp == NULL) { - krb5_clear_error_string(context->context); - return ENOMEM; - } - krb5_store_int32(sp, kadm_randkey); - krb5_store_principal(sp, princ); - ret = _kadm5_client_send(context, sp); - krb5_storage_free(sp); - if (ret) - return ret; - ret = _kadm5_client_recv(context, &reply); - if(ret) - return ret; - sp = krb5_storage_from_data(&reply); - if (sp == NULL) { - krb5_clear_error_string(context->context); - krb5_data_free (&reply); - return ENOMEM; - } - krb5_clear_error_string(context->context); - krb5_ret_int32(sp, &tmp); - ret = tmp; - if(ret == 0){ - krb5_keyblock *k; - int i; - - krb5_ret_int32(sp, &tmp); - k = malloc(tmp * sizeof(*k)); - if (k == NULL) { - ret = ENOMEM; - goto out; - } - for(i = 0; i < tmp; i++) - krb5_ret_keyblock(sp, &k[i]); - *n_keys = tmp; - *new_keys = k; - } -out: - krb5_storage_free(sp); - krb5_data_free (&reply); - return ret; -} diff --git a/crypto/heimdal/lib/kadm5/randkey_s.c b/crypto/heimdal/lib/kadm5/randkey_s.c deleted file mode 100644 index cb0f0fab24bd..000000000000 --- a/crypto/heimdal/lib/kadm5/randkey_s.c +++ /dev/null @@ -1,107 +0,0 @@ -/* - * Copyright (c) 1997-2001, 2003-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: randkey_s.c 20611 2007-05-08 07:13:07Z lha $"); - -/* - * Set the keys of `princ' to random values, returning the random keys - * in `new_keys', `n_keys'. - */ - -kadm5_ret_t -kadm5_s_randkey_principal(void *server_handle, - krb5_principal princ, - krb5_keyblock **new_keys, - int *n_keys) -{ - kadm5_server_context *context = server_handle; - hdb_entry_ex ent; - kadm5_ret_t ret; - - memset(&ent, 0, sizeof(ent)); - ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); - if(ret) - return ret; - ret = context->db->hdb_fetch(context->context, context->db, princ, - HDB_F_GET_ANY, &ent); - if(ret) - goto out; - - ret = _kadm5_set_keys_randomly (context, - &ent.entry, - new_keys, - n_keys); - if (ret) - goto out2; - ent.entry.kvno++; - - ret = _kadm5_set_modifier(context, &ent.entry); - if(ret) - goto out3; - ret = _kadm5_bump_pw_expire(context, &ent.entry); - if (ret) - goto out2; - - ret = hdb_seal_keys(context->context, context->db, &ent.entry); - if (ret) - goto out2; - - ret = context->db->hdb_store(context->context, context->db, - HDB_F_REPLACE, &ent); - if (ret) - goto out2; - - kadm5_log_modify (context, - &ent.entry, - KADM5_PRINCIPAL | KADM5_MOD_NAME | KADM5_MOD_TIME | - KADM5_KEY_DATA | KADM5_KVNO | KADM5_PW_EXPIRATION | - KADM5_TL_DATA); - -out3: - if (ret) { - int i; - - for (i = 0; i < *n_keys; ++i) - krb5_free_keyblock_contents (context->context, &(*new_keys)[i]); - free (*new_keys); - *new_keys = NULL; - *n_keys = 0; - } -out2: - hdb_free_entry(context->context, &ent); -out: - context->db->hdb_close(context->context, context->db); - return _kadm5_error_code(ret); -} diff --git a/crypto/heimdal/lib/kadm5/rename_c.c b/crypto/heimdal/lib/kadm5/rename_c.c deleted file mode 100644 index cec2fd3d48dd..000000000000 --- a/crypto/heimdal/lib/kadm5/rename_c.c +++ /dev/null @@ -1,77 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: rename_c.c 8655 2000-07-11 16:00:19Z joda $"); - -kadm5_ret_t -kadm5_c_rename_principal(void *server_handle, - krb5_principal source, - krb5_principal target) -{ - kadm5_client_context *context = server_handle; - kadm5_ret_t ret; - krb5_storage *sp; - unsigned char buf[1024]; - int32_t tmp; - krb5_data reply; - - ret = _kadm5_connect(server_handle); - if(ret) - return ret; - - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp == NULL) - return ENOMEM; - krb5_store_int32(sp, kadm_rename); - krb5_store_principal(sp, source); - krb5_store_principal(sp, target); - ret = _kadm5_client_send(context, sp); - krb5_storage_free(sp); - if (ret) - return ret; - ret = _kadm5_client_recv(context, &reply); - if(ret) - return ret; - sp = krb5_storage_from_data (&reply); - if (sp == NULL) { - krb5_data_free (&reply); - return ENOMEM; - } - krb5_ret_int32(sp, &tmp); - ret = tmp; - krb5_storage_free(sp); - krb5_data_free (&reply); - return ret; -} diff --git a/crypto/heimdal/lib/kadm5/rename_s.c b/crypto/heimdal/lib/kadm5/rename_s.c deleted file mode 100644 index 2a19426a8b56..000000000000 --- a/crypto/heimdal/lib/kadm5/rename_s.c +++ /dev/null @@ -1,110 +0,0 @@ -/* - * Copyright (c) 1997 - 2001, 2003, 2005 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: rename_s.c 21745 2007-07-31 16:11:25Z lha $"); - -kadm5_ret_t -kadm5_s_rename_principal(void *server_handle, - krb5_principal source, - krb5_principal target) -{ - kadm5_server_context *context = server_handle; - kadm5_ret_t ret; - hdb_entry_ex ent; - krb5_principal oldname; - - memset(&ent, 0, sizeof(ent)); - if(krb5_principal_compare(context->context, source, target)) - return KADM5_DUP; /* XXX is this right? */ - ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); - if(ret) - return ret; - ret = context->db->hdb_fetch(context->context, context->db, - source, HDB_F_GET_ANY, &ent); - if(ret){ - context->db->hdb_close(context->context, context->db); - goto out; - } - ret = _kadm5_set_modifier(context, &ent.entry); - if(ret) - goto out2; - { - /* fix salt */ - int i; - Salt salt; - krb5_salt salt2; - krb5_get_pw_salt(context->context, source, &salt2); - salt.type = hdb_pw_salt; - salt.salt = salt2.saltvalue; - for(i = 0; i < ent.entry.keys.len; i++){ - if(ent.entry.keys.val[i].salt == NULL){ - ent.entry.keys.val[i].salt = - malloc(sizeof(*ent.entry.keys.val[i].salt)); - if(ent.entry.keys.val[i].salt == NULL) - return ENOMEM; - ret = copy_Salt(&salt, ent.entry.keys.val[i].salt); - if(ret) - break; - } - } - krb5_free_salt(context->context, salt2); - } - if(ret) - goto out2; - oldname = ent.entry.principal; - ent.entry.principal = target; - - ret = hdb_seal_keys(context->context, context->db, &ent.entry); - if (ret) { - ent.entry.principal = oldname; - goto out2; - } - - kadm5_log_rename (context, source, &ent.entry); - - ret = context->db->hdb_store(context->context, context->db, 0, &ent); - if(ret){ - ent.entry.principal = oldname; - goto out2; - } - ret = context->db->hdb_remove(context->context, context->db, oldname); - ent.entry.principal = oldname; -out2: - context->db->hdb_close(context->context, context->db); - hdb_free_entry(context->context, &ent); -out: - return _kadm5_error_code(ret); -} - diff --git a/crypto/heimdal/lib/kadm5/replay_log.c b/crypto/heimdal/lib/kadm5/replay_log.c deleted file mode 100644 index 1b2d71635f49..000000000000 --- a/crypto/heimdal/lib/kadm5/replay_log.c +++ /dev/null @@ -1,129 +0,0 @@ -/* - * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "iprop.h" - -RCSID("$Id: replay_log.c,v 1.9 2002/05/24 15:19:22 joda Exp $"); - -int start_version = -1; -int end_version = -1; - -static void -apply_entry(kadm5_server_context *server_context, - u_int32_t ver, - time_t timestamp, - enum kadm_ops op, - u_int32_t len, - krb5_storage *sp) -{ - krb5_error_code ret; - - if((start_version != -1 && ver < start_version) || - (end_version != -1 && ver > end_version)) { - /* XXX skip this entry */ - krb5_storage_seek(sp, len, SEEK_CUR); - return; - } - printf ("ver %u... ", ver); - fflush (stdout); - - ret = kadm5_log_replay (server_context, - op, ver, len, sp); - if (ret) - krb5_warn (server_context->context, ret, "kadm5_log_replay"); - - - printf ("done\n"); -} - -int version_flag; -int help_flag; -struct getargs args[] = { - { "start-version", 0, arg_integer, &start_version, "start replay with this version" }, - { "end-version", 0, arg_integer, &end_version, "end replay with this version" }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; -int num_args = sizeof(args) / sizeof(args[0]); - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - void *kadm_handle; - kadm5_config_params conf; - kadm5_server_context *server_context; - - krb5_program_setup(&context, argc, argv, args, num_args, NULL); - - if(help_flag) - krb5_std_usage(0, args, num_args); - if(version_flag) { - print_version(NULL); - exit(0); - } - - memset(&conf, 0, sizeof(conf)); - ret = kadm5_init_with_password_ctx (context, - KADM5_ADMIN_SERVICE, - NULL, - KADM5_ADMIN_SERVICE, - &conf, 0, 0, - &kadm_handle); - if (ret) - krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); - - server_context = (kadm5_server_context *)kadm_handle; - - ret = server_context->db->open(context, - server_context->db, - O_RDWR | O_CREAT, 0); - if (ret) - krb5_err (context, 1, ret, "db->open"); - - ret = kadm5_log_init (server_context); - if (ret) - krb5_err (context, 1, ret, "kadm5_log_init"); - - ret = kadm5_log_foreach (server_context, apply_entry); - if(ret) - krb5_warn(context, ret, "kadm5_log_foreach"); - ret = kadm5_log_end (server_context); - if (ret) - krb5_warn(context, ret, "kadm5_log_end"); - ret = server_context->db->close (context, server_context->db); - if (ret) - krb5_err (context, 1, ret, "db->close"); - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/sample_passwd_check.c b/crypto/heimdal/lib/kadm5/sample_passwd_check.c deleted file mode 100644 index 1a21c1099f80..000000000000 --- a/crypto/heimdal/lib/kadm5/sample_passwd_check.c +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -/* $Id: sample_passwd_check.c 21901 2007-08-10 06:05:35Z lha $ */ - -#include -#include -#include - -const char* check_length(krb5_context, krb5_principal, krb5_data *); - -/* specify the api-version this library conforms to */ - -int version = 0; - -/* just check the length of the password, this is what the default - check does, but this lets you specify the minimum length in - krb5.conf */ -const char* -check_length(krb5_context context, - krb5_principal prinipal, - krb5_data *password) -{ - int min_length = krb5_config_get_int_default(context, NULL, 6, - "password_quality", - "min_length", - NULL); - if(password->length < min_length) - return "Password too short"; - return NULL; -} - -#ifdef DICTPATH - -/* use cracklib to check password quality; this requires a patch for - cracklib that can be found at - ftp://ftp.pdc.kth.se/pub/krb/src/cracklib.patch */ - -const char* -check_cracklib(krb5_context context, - krb5_principal principal, - krb5_data *password) -{ - char *s = malloc(password->length + 1); - char *msg; - char *strings[2]; - if(s == NULL) - return NULL; /* XXX */ - strings[0] = principal->name.name_string.val[0]; /* XXX */ - strings[1] = NULL; - memcpy(s, password->data, password->length); - s[password->length] = '\0'; - msg = FascistCheck(s, DICTPATH, strings); - memset(s, 0, password->length); - free(s); - return msg; -} -#endif diff --git a/crypto/heimdal/lib/kadm5/send_recv.c b/crypto/heimdal/lib/kadm5/send_recv.c deleted file mode 100644 index b64bbfec6348..000000000000 --- a/crypto/heimdal/lib/kadm5/send_recv.c +++ /dev/null @@ -1,101 +0,0 @@ -/* - * Copyright (c) 1997-2003, 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: send_recv.c 17311 2006-04-27 11:10:07Z lha $"); - -kadm5_ret_t -_kadm5_client_send(kadm5_client_context *context, krb5_storage *sp) -{ - krb5_data msg, out; - krb5_error_code ret; - size_t len; - krb5_storage *sock; - - assert(context->sock != -1); - - len = krb5_storage_seek(sp, 0, SEEK_CUR); - ret = krb5_data_alloc(&msg, len); - if (ret) { - krb5_clear_error_string(context->context); - return ret; - } - krb5_storage_seek(sp, 0, SEEK_SET); - krb5_storage_read(sp, msg.data, msg.length); - - ret = krb5_mk_priv(context->context, context->ac, &msg, &out, NULL); - krb5_data_free(&msg); - if(ret) - return ret; - - sock = krb5_storage_from_fd(context->sock); - if(sock == NULL) { - krb5_clear_error_string(context->context); - krb5_data_free(&out); - return ENOMEM; - } - - ret = krb5_store_data(sock, out); - if (ret) - krb5_clear_error_string(context->context); - krb5_storage_free(sock); - krb5_data_free(&out); - return ret; -} - -kadm5_ret_t -_kadm5_client_recv(kadm5_client_context *context, krb5_data *reply) -{ - krb5_error_code ret; - krb5_data data; - krb5_storage *sock; - - sock = krb5_storage_from_fd(context->sock); - if(sock == NULL) { - krb5_clear_error_string(context->context); - return ENOMEM; - } - ret = krb5_ret_data(sock, &data); - krb5_storage_free(sock); - krb5_clear_error_string(context->context); - if(ret == KRB5_CC_END) - return KADM5_RPC_ERROR; - else if(ret) - return ret; - - ret = krb5_rd_priv(context->context, context->ac, &data, reply, NULL); - krb5_data_free(&data); - return ret; -} - diff --git a/crypto/heimdal/lib/kadm5/server_glue.c b/crypto/heimdal/lib/kadm5/server_glue.c deleted file mode 100644 index 2862c36613a8..000000000000 --- a/crypto/heimdal/lib/kadm5/server_glue.c +++ /dev/null @@ -1,150 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: server_glue.c 7464 1999-12-02 17:05:13Z joda $"); - -kadm5_ret_t -kadm5_init_with_password(const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_s_init_with_password(client_name, - password, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_init_with_password_ctx(krb5_context context, - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_s_init_with_password_ctx(context, - client_name, - password, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_init_with_skey(const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_s_init_with_skey(client_name, - keytab, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_init_with_skey_ctx(krb5_context context, - const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_s_init_with_skey_ctx(context, - client_name, - keytab, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_init_with_creds(const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_s_init_with_creds(client_name, - ccache, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_init_with_creds_ctx(krb5_context context, - const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_s_init_with_creds_ctx(context, - client_name, - ccache, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} diff --git a/crypto/heimdal/lib/kadm5/set_keys.c b/crypto/heimdal/lib/kadm5/set_keys.c deleted file mode 100644 index ee4de3b093fa..000000000000 --- a/crypto/heimdal/lib/kadm5/set_keys.c +++ /dev/null @@ -1,273 +0,0 @@ -/* - * Copyright (c) 1997 - 2001, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: set_keys.c 15888 2005-08-11 13:40:35Z lha $"); - -/* - * Set the keys of `ent' to the string-to-key of `password' - */ - -kadm5_ret_t -_kadm5_set_keys(kadm5_server_context *context, - hdb_entry *ent, - const char *password) -{ - Key *keys; - size_t num_keys; - kadm5_ret_t ret; - - ret = hdb_generate_key_set_password(context->context, - ent->principal, - password, &keys, &num_keys); - if (ret) - return ret; - - _kadm5_free_keys (context->context, ent->keys.len, ent->keys.val); - ent->keys.val = keys; - ent->keys.len = num_keys; - - hdb_entry_set_pw_change_time(context->context, ent, 0); - - if (krb5_config_get_bool_default(context->context, NULL, FALSE, - "kadmin", "save-password", NULL)) - { - ret = hdb_entry_set_password(context->context, context->db, - ent, password); - if (ret) - return ret; - } - - return 0; -} - -/* - * Set the keys of `ent' to (`n_key_data', `key_data') - */ - -kadm5_ret_t -_kadm5_set_keys2(kadm5_server_context *context, - hdb_entry *ent, - int16_t n_key_data, - krb5_key_data *key_data) -{ - krb5_error_code ret; - int i; - unsigned len; - Key *keys; - - len = n_key_data; - keys = malloc (len * sizeof(*keys)); - if (keys == NULL) - return ENOMEM; - - _kadm5_init_keys (keys, len); - - for(i = 0; i < n_key_data; i++) { - keys[i].mkvno = NULL; - keys[i].key.keytype = key_data[i].key_data_type[0]; - ret = krb5_data_copy(&keys[i].key.keyvalue, - key_data[i].key_data_contents[0], - key_data[i].key_data_length[0]); - if(ret) - goto out; - if(key_data[i].key_data_ver == 2) { - Salt *salt; - - salt = malloc(sizeof(*salt)); - if(salt == NULL) { - ret = ENOMEM; - goto out; - } - keys[i].salt = salt; - salt->type = key_data[i].key_data_type[1]; - krb5_data_copy(&salt->salt, - key_data[i].key_data_contents[1], - key_data[i].key_data_length[1]); - } else - keys[i].salt = NULL; - } - _kadm5_free_keys (context->context, ent->keys.len, ent->keys.val); - ent->keys.len = len; - ent->keys.val = keys; - - hdb_entry_set_pw_change_time(context->context, ent, 0); - hdb_entry_clear_password(context->context, ent); - - return 0; - out: - _kadm5_free_keys (context->context, len, keys); - return ret; -} - -/* - * Set the keys of `ent' to `n_keys, keys' - */ - -kadm5_ret_t -_kadm5_set_keys3(kadm5_server_context *context, - hdb_entry *ent, - int n_keys, - krb5_keyblock *keyblocks) -{ - krb5_error_code ret; - int i; - unsigned len; - Key *keys; - - len = n_keys; - keys = malloc (len * sizeof(*keys)); - if (keys == NULL) - return ENOMEM; - - _kadm5_init_keys (keys, len); - - for(i = 0; i < n_keys; i++) { - keys[i].mkvno = NULL; - ret = krb5_copy_keyblock_contents (context->context, - &keyblocks[i], - &keys[i].key); - if(ret) - goto out; - keys[i].salt = NULL; - } - _kadm5_free_keys (context->context, ent->keys.len, ent->keys.val); - ent->keys.len = len; - ent->keys.val = keys; - - hdb_entry_set_pw_change_time(context->context, ent, 0); - hdb_entry_clear_password(context->context, ent); - - return 0; - out: - _kadm5_free_keys (context->context, len, keys); - return ret; -} - -/* - * - */ - -static int -is_des_key_p(int keytype) -{ - return keytype == ETYPE_DES_CBC_CRC || - keytype == ETYPE_DES_CBC_MD4 || - keytype == ETYPE_DES_CBC_MD5; -} - - -/* - * Set the keys of `ent' to random keys and return them in `n_keys' - * and `new_keys'. - */ - -kadm5_ret_t -_kadm5_set_keys_randomly (kadm5_server_context *context, - hdb_entry *ent, - krb5_keyblock **new_keys, - int *n_keys) -{ - krb5_keyblock *kblock = NULL; - kadm5_ret_t ret = 0; - int i, des_keyblock; - size_t num_keys; - Key *keys; - - ret = hdb_generate_key_set(context->context, ent->principal, - &keys, &num_keys, 1); - if (ret) - return ret; - - kblock = malloc(num_keys * sizeof(kblock[0])); - if (kblock == NULL) { - ret = ENOMEM; - _kadm5_free_keys (context->context, num_keys, keys); - return ret; - } - memset(kblock, 0, num_keys * sizeof(kblock[0])); - - des_keyblock = -1; - for (i = 0; i < num_keys; i++) { - - /* - * To make sure all des keys are the the same we generate only - * the first one and then copy key to all other des keys. - */ - - if (des_keyblock != -1 && is_des_key_p(keys[i].key.keytype)) { - ret = krb5_copy_keyblock_contents (context->context, - &kblock[des_keyblock], - &kblock[i]); - if (ret) - goto out; - kblock[i].keytype = keys[i].key.keytype; - } else { - ret = krb5_generate_random_keyblock (context->context, - keys[i].key.keytype, - &kblock[i]); - if (ret) - goto out; - - if (is_des_key_p(keys[i].key.keytype)) - des_keyblock = i; - } - - ret = krb5_copy_keyblock_contents (context->context, - &kblock[i], - &keys[i].key); - if (ret) - goto out; - } - -out: - if(ret) { - for (i = 0; i < num_keys; ++i) - krb5_free_keyblock_contents (context->context, &kblock[i]); - free(kblock); - _kadm5_free_keys (context->context, num_keys, keys); - return ret; - } - - _kadm5_free_keys (context->context, ent->keys.len, ent->keys.val); - ent->keys.val = keys; - ent->keys.len = num_keys; - *new_keys = kblock; - *n_keys = num_keys; - - hdb_entry_set_pw_change_time(context->context, ent, 0); - hdb_entry_clear_password(context->context, ent); - - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/set_modifier.c b/crypto/heimdal/lib/kadm5/set_modifier.c deleted file mode 100644 index 62965191bd71..000000000000 --- a/crypto/heimdal/lib/kadm5/set_modifier.c +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: set_modifier.c 7464 1999-12-02 17:05:13Z joda $"); - -kadm5_ret_t -_kadm5_set_modifier(kadm5_server_context *context, - hdb_entry *ent) -{ - kadm5_ret_t ret; - if(ent->modified_by == NULL){ - ent->modified_by = malloc(sizeof(*ent->modified_by)); - if(ent->modified_by == NULL) - return ENOMEM; - } else - free_Event(ent->modified_by); - ent->modified_by->time = time(NULL); - ret = krb5_copy_principal(context->context, context->caller, - &ent->modified_by->principal); - return ret; -} - diff --git a/crypto/heimdal/lib/kadm5/test_pw_quality.c b/crypto/heimdal/lib/kadm5/test_pw_quality.c deleted file mode 100644 index 745e03edc4cd..000000000000 --- a/crypto/heimdal/lib/kadm5/test_pw_quality.c +++ /dev/null @@ -1,95 +0,0 @@ -/* - * Copyright (c) 2003, 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" -#include - -RCSID("$Id: test_pw_quality.c 15105 2005-05-09 19:13:29Z lha $"); - -static int version_flag; -static int help_flag; -static char *principal; -static char *password; - -static struct getargs args[] = { - { "principal", 0, arg_string, &principal }, - { "password", 0, arg_string, &password }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; -int num_args = sizeof(args) / sizeof(args[0]); - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - krb5_context context; - krb5_principal p; - const char *s; - krb5_data pw_data; - - krb5_program_setup(&context, argc, argv, args, num_args, NULL); - - if(help_flag) - krb5_std_usage(0, args, num_args); - if(version_flag) { - print_version(NULL); - exit(0); - } - - if (principal == NULL) - krb5_errx(context, 1, "no principal given"); - if (password == NULL) - krb5_errx(context, 1, "no password given"); - - ret = krb5_parse_name(context, principal, &p); - if (ret) - krb5_errx(context, 1, "krb5_parse_name: %s", principal); - - pw_data.data = password; - pw_data.length = strlen(password); - - kadm5_setup_passwd_quality_check (context, NULL, NULL); - ret = kadm5_add_passwd_quality_verifier(context, NULL); - if (ret) - krb5_errx(context, 1, "kadm5_add_passwd_quality_verifier"); - - s = kadm5_check_password_quality (context, p, &pw_data); - if (s) - krb5_errx(context, 1, "kadm5_check_password_quality:\n%s", s); - - krb5_free_principal(context, p); - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/truncate_log.c b/crypto/heimdal/lib/kadm5/truncate_log.c deleted file mode 100644 index cf4af26e7300..000000000000 --- a/crypto/heimdal/lib/kadm5/truncate_log.c +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright (c) 2000, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "iprop.h" - -RCSID("$Id: truncate_log.c,v 1.1.8.1 2003/10/14 15:58:46 joda Exp $"); - -static char *realm; -static int version_flag; -static int help_flag; - -static struct getargs args[] = { - { "realm", 'r', arg_string, &realm }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - void *kadm_handle; - kadm5_server_context *server_context; - kadm5_config_params conf; - - krb5_program_setup(&context, argc, argv, args, num_args, NULL); - - if(help_flag) - krb5_std_usage(0, args, num_args); - if(version_flag) { - print_version(NULL); - exit(0); - } - - memset(&conf, 0, sizeof(conf)); - if(realm) { - conf.mask |= KADM5_CONFIG_REALM; - conf.realm = realm; - } - - ret = kadm5_init_with_password_ctx (context, - KADM5_ADMIN_SERVICE, - NULL, - KADM5_ADMIN_SERVICE, - &conf, 0, 0, - &kadm_handle); - if (ret) - krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); - - server_context = (kadm5_server_context *)kadm_handle; - - ret = kadm5_log_truncate (server_context); - if(ret) - krb5_err (context, 1, ret, "kadm5_log_truncate"); - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/version-script.map b/crypto/heimdal/lib/kadm5/version-script.map deleted file mode 100644 index 90bd6fee10b1..000000000000 --- a/crypto/heimdal/lib/kadm5/version-script.map +++ /dev/null @@ -1,66 +0,0 @@ -# $Id$ - -HEIMDAL_KAMD5_SERVER_1.0 { - global: - kadm5_ad_init_with_password; - kadm5_ad_init_with_password_ctx; - kadm5_add_passwd_quality_verifier; - kadm5_check_password_quality; - kadm5_chpass_principal; - kadm5_chpass_principal_with_key; - kadm5_create_principal; - kadm5_delete_principal; - kadm5_destroy; - kadm5_flush; - kadm5_free_key_data; - kadm5_free_name_list; - kadm5_free_principal_ent; - kadm5_get_principal; - kadm5_get_principals; - kadm5_get_privs; - kadm5_init_with_creds; - kadm5_init_with_creds_ctx; - kadm5_init_with_password; - kadm5_init_with_password_ctx; - kadm5_init_with_skey; - kadm5_init_with_skey_ctx; - kadm5_modify_principal; - kadm5_randkey_principal; - kadm5_rename_principal; - kadm5_ret_key_data; - kadm5_ret_principal_ent; - kadm5_ret_principal_ent_mask; - kadm5_ret_tl_data; - kadm5_setup_passwd_quality_check; - kadm5_store_key_data; - kadm5_store_principal_ent; - kadm5_store_principal_ent_mask; - kadm5_store_tl_data; - kadm5_s_init_with_password_ctx; - kadm5_s_init_with_password; - kadm5_s_init_with_skey_ctx; - kadm5_s_init_with_skey; - kadm5_s_init_with_creds_ctx; - kadm5_s_init_with_creds; - kadm5_s_chpass_principal_cond; - kadm5_log_set_version; - kadm5_log_signal_socket; - kadm5_log_previous; - kadm5_log_goto_end; - kadm5_log_foreach; - kadm5_log_get_version_fd; - kadm5_log_get_version; - kadm5_log_replay; - kadm5_log_end; - kadm5_log_reinit; - kadm5_log_init; - kadm5_log_nop; - kadm5_log_truncate; - kadm5_log_modify; - _kadm5_acl_check_permission; - _kadm5_unmarshal_params; - _kadm5_s_get_db; - _kadm5_privs_to_string; - local: - *; -}; diff --git a/crypto/heimdal/lib/kafs/ChangeLog b/crypto/heimdal/lib/kafs/ChangeLog deleted file mode 100644 index 861796a930aa..000000000000 --- a/crypto/heimdal/lib/kafs/ChangeLog +++ /dev/null @@ -1,562 +0,0 @@ -2007-07-10 Love Hörnquist Åstrand - - * Makefile.am: New library version. - -2007-05-10 Love Hörnquist Åstrand - - * kafs.h: Add VIOCSETTOK2 - -2006-10-21 Love Hörnquist Åstrand - - * Makefile.am: unbreak previous - - * Makefile.am: split dist and nodist sources - -2006-10-20 Love Hörnquist Åstrand - - * Makefile.am: add more files - -2006-05-01 Love Hörnquist Åstrand - - * kafs.3: Spelling, from Björn Sandell. - -2006-04-11 Love Hörnquist Åstrand - - * afssys.c: use afs_ioctlnum, From Tomas Olsson - -2006-04-10 Love Hörnquist Åstrand - - * afssys.c: Try harder to get the pioctl to work via the /proc or - /dev interface, OpenAFS choose to reuse the same ioctl number, - while Arla didn't. Also, try new ioctl before the the old - syscalls. - - * afskrb5.c (afslog_uid_int): use the simpler - krb5_principal_get_realm function. - -2005-12-21 Love Hörnquist Åstrand - - * Makefile.am: Remove dependency on config.h, breaks IRIX build, - could depend on libkafs_la_OBJECTS, but that is just asking for - trubble. - -2005-10-20 Love Hörnquist Åstrand - - * afssys.c (k_hasafs_recheck): new function, allow rechecking if - AFS client have started now, internaly it resets the internal - state from k_hasafs() and retry retry the probing. The problem - with calling k_hasaf() is that is plays around with signals, and - that cases problem for some systems/applications. - -2005-10-02 Love Hörnquist Åstrand - - * kafs_locl.h: Maybe include . - - * afssys.c: Mac OS X 10.4 needs a runtime check if we are going to - use the syscall, there is no cpp define to use to check the - version. Every after 10.0 (darwin 8.0) uses the /dev/ version of - the pioctl. - -2005-10-01 Love Hörnquist Åstrand - - * afssys.c: Support the new MacOS X 10.4 ioctl interface that is a - device node. Patched from Tomas Olson . - -2005-08-26 Love Hörnquist Åstrand - - * afskrb5.c: Default to use 2b tokens. - -2005-06-17 Love Hörnquist Åstrand - - * common.c: rename index to idx - - * afssys.c (k_afs_cell_of_file): unconst path - -2005-06-02 Love Hörnquist Åstrand - - * use struct kafs_data everywhere, don't mix with the typedef - kafs_data - - * roken_rename.h: rename more resolve.c symbols - - * afssys.c: Don't building map_syscall_name_to_number where its - not used. - -2005-02-24 Love Hörnquist Åstrand - - * Makefile.am: bump version to 4:1:4 - -2005-02-03 Love Hörnquist Åstrand - - * kafs.h: de-__P - -2004-12-06 Love Hörnquist Åstrand - - * afskrb5.c: s/KEYTYPE_DES/ETYPE_DES_CBC_CRC/ - -2004-08-09 Love Hörnquist Åstrand - - * afssysdefs.h: ifdef protect AFS_SYSCALL for DragonFly since they - still define __FreeBSD__ (and __FreeBSD_version), but claim that - they will stop doing it some time... - - * afssysdefs.h: dragonflybsd uses 339 just like freebsd5 - -2004-06-22 Love Hörnquist Åstrand - - * afssys.c: s/arla/nnpfs/ - - * afssys.c: support the linux /proc/fs/mumel/afs_ioctl afs - "syscall" interface - -2004-01-22 Love Hörnquist Åstrand - - * common.c: search paths for AFS configuration files for the - OpenAFS MacOS X, fix comment - - * kafs.h: search paths for AFS configuration files for the OpenAFS - MacOS X - -2003-12-02 Love Hörnquist Åstrand - - * common.c: add _PATH_ARLA_OPENBSD & c/o - - * kafs.h: add _PATH_ARLA_OPENBSD & c/o - -2003-11-14 Love Hörnquist Åstrand - - * common.c: typo, Bruno Rohee - -2003-11-08 Love Hörnquist Åstrand - - * kafs.3: spelling, partly from jmc - -2003-09-30 Love Hörnquist Åstrand - - * afskrb5.c (krb5_afslog_uid_home): be even more friendly to the - user and fetch context and id ourself - -2003-09-23 Love Hörnquist Åstrand - - * afskrb5.c (afslog_uid_int): just belive that realm hint the user - passed us - -2003-07-23 Love Hörnquist Åstrand - - * Makefile.am: always include v4 symbols - - * afskrb.c: provide dummy krb_ function to there is no need to - bump major - -2003-06-22 Love Hörnquist Åstrand - - * afskrb5.c (v5_convert): rename one of the two c to cred4 - -2003-04-23 Love Hörnquist Åstrand - - * common.c, kafs.h: drop the int argument (the error code) from - the logging function - -2003-04-22 Johan Danielsson - - * afskrb5.c (v5_convert): better match what other functions do - with values from krb5.conf, like case insensitivity - -2003-04-16 Love Hörnquist Åstrand - - * kafs.3: Change .Fd #include to .In header.h - from Thomas Klausner - -2003-04-14 Love Hörnquist Åstrand - - * Makefile.am: (libkafs_la_LDFLAGS): update version - - * Makefile.am (ROKEN_SRCS): drop strupr.c - - * kafs.3: document kafs_set_verbose - - * common.c (kafs_set_verbose): add function that (re)sets the - logging function - (_kafs_try_get_cred): add function that does (krb_data->get_cred) to - make logging easier (that is now done in this function) - (*): use _kafs_try_get_cred - - * afskrb5.c (get_cred): handle that inst can be the empty string too - (v5_convert): use _kafs_foldup - (krb5_afslog_uid_home): set name - (krb5_afslog_uid_home): ditto - - * afskrb.c (krb_afslog_uid_home): set name - (krb_afslog_uid_home): ditto - - * kafs_locl.h (kafs_data): add name - (_kafs_foldup): internally export - -2003-04-11 Love Hörnquist Åstrand - - * kafs.3: tell that cell-name is uppercased - - * Makefile.am: add INCLUDE_krb4 when using krb4, add INCLUDE_des - when using krb5, add strupr.c - - * afskrb5.c: Check the cell part of the name, not the realm part - when checking if 2b should be used. The reson is afs@REALM might - have updated their servers but not afs/cell@REALM. Add constant - KAFS_RXKAD_2B_KVNO. - -2003-04-06 Love Hörnquist Åstrand - - * kafs.3: s/kerberos/Kerberos/ - -2003-03-19 Love Hörnquist Åstrand - - * kafs.3: spelling, from - - * kafs.3: document the kafs_settoken functions write about the - krb5_appdefault option for kerberos 5 afs tokens fix prototypes - -2003-03-18 Love Hörnquist Åstrand - - * afskrb5.c (kafs_settoken5): change signature to include a - krb5_context, use v5_convert - (v5_convert): new function, converts a krb5_ccreds to a kafs_token in - three diffrent ways, not at all, local 524/2b, and using 524 - (v5_to_kt): add code to do local 524/2b - (get_cred): use v5_convert - - - * kafs.h (kafs_settoken5): change signature to include a - krb5_context - - * Makefile.am: always build the libkafs library now that the - kerberos 5 can stand on their own - - * kafs.3: expose the krb5 functions - - * common.c (kafs_settoken_rxkad): move all content kerberos - version from kafs_settoken to kafs_settoken_rxkad - (_kafs_fixup_viceid): move the fixup the timestamp to make client - happy code here. - (_kafs_v4_to_kt): move all the kerberos 4 dependant parts from - kafs_settoken here. - (*): adapt to kafs_token - - * afskrb5.c (kafs_settoken5): new function, inserts a krb5_creds - into kernel - (v5_to_kt): new function, stores a krb5_creds in struct kafs_token - (get_cred): add a appdefault boolean ("libkafs", realm, "afs-use-524") - that can used to toggle if there should v5 token should be used - directly or converted via 524 first. - - * afskrb.c: move kafs_settoken here, use struct kafs_token - - * kafs_locl.h: include krb5-v4compat.h if needed, define an - internal structure struct kafs_token that carries around for rxkad - data that is independant of kerberos version - -2003-02-18 Love Hörnquist Åstrand - - * dlfcn.h: s/intialize/initialize, from - - -2003-02-08 Assar Westerlund - - * afssysdefs.h: fix FreeBSD section - -2003-02-06 Love Hörnquist Åstrand - - * afssysdefs.h: use syscall 208 on openbsd (all version) use - syscall 339 on freebsd 5.0 and later, use 210 on 4.x and earlier - -2002-08-28 Johan Danielsson - - * kafs.3: move around sections (from NetBSD) - -2002-05-31 Assar Westerlund - - * common.c: remove the trial of afs@REALM for cell != realm, it - tries to use the wrong key for foreign cells - -2002-05-20 Johan Danielsson - - * Makefile.am: version number - -2002-04-18 Johan Danielsson - - * common.c (find_cells): make file parameter const - -2001-11-01 Assar Westerlund - - * add strsep, and bump version to 3:3:3 - -2001-10-27 Assar Westerlund - - * Makefile.am (libkafs_la_LDFLAGS): set version to 3:2:3 - -2001-10-24 Assar Westerlund - - * afskrb.c (afslog_uid_int): handle krb_get_tf_fullname that - cannot take NULLs - (such as the MIT one) - -2001-10-22 Assar Westerlund - - * Makefile.am (ROKEN_SRCS): add strlcpy.c - -2001-10-09 Assar Westerlund - - * Makefile.am (ROKEN_SRCS): add strtok_r.c - * roken_rename.h (dns_srv_order): rename correctly - (strtok_r): add renaming - -2001-09-10 Assar Westerlund - - * kafs.h, common.c: look for configuration files in /etc/arla (the - location in debian's arla package) - -2001-08-26 Assar Westerlund - - * Makefile.am: handle both krb5 and krb4 cases - -2001-07-19 Assar Westerlund - - * Makefile.am (libkafs_la_LDFLAGS): set version to 3:0:3 - -2001-07-12 Assar Westerlund - - * common.c: look in /etc/openafs for debian openafs - * kafs.h: add paths for openafs debian (/etc/openafs) - - * Makefile.am: add required library dependencies - -2001-07-03 Assar Westerlund - - * Makefile.am (libkafs_la_LDFLAGS): set versoin to 2:4:2 - -2001-06-19 Assar Westerlund - - * common.c (_kafs_realm_of_cell): changed to first try exact match - in CellServDB, then exact match in DNS, and finally in-exact match - in CellServDB - -2001-05-18 Johan Danielsson - - * Makefile.am: only build resolve.c if doing renaming - -2001-02-12 Assar Westerlund - - * Makefile.am, roken_rename.h: add rename of dns functions - -2000-12-11 Assar Westerlund - - * Makefile.am (libkafs_la_LDFLAGS): set version to 2:3:2 - -2000-11-17 Assar Westerlund - - * afssysdefs.h: solaris 8 apperently uses 65 - -2000-09-19 Assar Westerlund - - * Makefile.am (libkafs_la_LDFLAGS): bump version to 2:2:2 - -2000-09-12 Johan Danielsson - - * dlfcn.c: correct arguments to some snprintf:s - -2000-07-25 Johan Danielsson - - * Makefile.am: bump version to 2:1:2 - -2000-04-03 Assar Westerlund - - * Makefile.am: set version to 2:0:2 - -2000-03-20 Assar Westerlund - - * afssysdefs.h: make versions later than 5.7 of solaris also use - 73 - -2000-03-16 Assar Westerlund - - * afskrb.c (afslog_uid_int): use krb_get_tf_fullname instead of - krb_get_default_principal - -2000-03-15 Assar Westerlund - - * afssys.c (map_syscall_name_to_number): ignore # at - beginning-of-line - -2000-03-13 Assar Westerlund - - * afssysdefs.h: add 230 for MacOS X per information from - - -1999-12-06 Assar Westerlund - - * Makefile.am: set version to 1:2:1 - -1999-11-22 Assar Westerlund - - * afskrb5.c (afslog_uid_int): handle d->realm == NULL - -1999-11-17 Assar Westerlund - - * afskrb5.c (afslog_uid_int): don't look at the local realm at - all. just use the realm from the ticket file. - -1999-10-20 Assar Westerlund - - * Makefile.am: set version to 1:1:1 - - * afskrb5.c (get_cred): always request a DES key - -Mon Oct 18 17:40:21 1999 Bjoern Groenvall - - * common.c (find_cells): Trim trailing whitespace from - cellname. Lines starting with # are regarded as comments. - -Fri Oct 8 18:17:22 1999 Bjoern Groenvall - - * afskrb.c, common.c : Change code to make a clear distinction - between hinted realm and ticket realm. - - * kafs_locl.h: Added argument realm_hint. - - * common.c (_kafs_get_cred): Change code to acquire the ``best'' - possible ticket. Use cross-cell authentication only as method of - last resort. - - * afskrb.c (afslog_uid_int): Add realm_hint argument and extract - realm from ticket file. - - * afskrb5.c (afslog_uid_int): Added argument realm_hint. - -1999-10-03 Assar Westerlund - - * afskrb5.c (get_cred): update to new krb524_convert_creds_kdc - -1999-08-12 Johan Danielsson - - * Makefile.am: ignore the comlicated aix construct if !krb4 - -1999-07-26 Assar Westerlund - - * Makefile.am: set version to 1:0:1 - -1999-07-22 Assar Westerlund - - * afssysdefs.h: define AFS_SYSCALL to 73 for Solaris 2.7 - -1999-07-07 Assar Westerlund - - * afskrb5.c (krb5_realm_of_cell): new function - - * afskrb.c (krb_realm_of_cell): new function - (afslog_uid_int): call krb_get_lrealm correctly - -1999-06-15 Assar Westerlund - - * common.c (realm_of_cell): rename to _kafs_realm_of_cell and - un-staticize - -Fri Mar 19 14:52:29 1999 Johan Danielsson - - * Makefile.am: add version-info - -Thu Mar 18 11:24:02 1999 Johan Danielsson - - * Makefile.am: include Makefile.am.common - -Sat Feb 27 19:46:21 1999 Johan Danielsson - - * Makefile.am: remove EXTRA_DATA (as of autoconf 2.13/automake - 1.4) - -Thu Feb 11 22:57:37 1999 Johan Danielsson - - * Makefile.am: set AIX_SRC also if !AIX - -Tue Dec 1 14:45:15 1998 Johan Danielsson - - * Makefile.am: fix AIX linkage - -Sun Nov 22 10:40:44 1998 Assar Westerlund - - * Makefile.in (WFLAGS): set - -Sat Nov 21 16:55:19 1998 Johan Danielsson - - * afskrb5.c: add homedir support - -Sun Sep 6 20:16:27 1998 Assar Westerlund - - * add new functionality for specifying the homedir to krb_afslog - et al - -Thu Jul 16 01:27:19 1998 Assar Westerlund - - * afssys.c: reorganize order of definitions. - (try_one, try_two): conditionalize - -Thu Jul 9 18:31:52 1998 Johan Danielsson - - * common.c (realm_of_cell): make the dns fallback work - -Wed Jul 8 01:39:44 1998 Assar Westerlund - - * afssys.c (map_syscall_name_to_number): new function for finding - the number of a syscall given the name on solaris - (k_hasafs): try using map_syscall_name_to_number - -Tue Jun 30 17:19:00 1998 Assar Westerlund - - * afssys.c: rewrite and add support for environment variable - AFS_SYSCALL - - * Makefile.in (distclean): don't remove roken_rename.h - -Fri May 29 19:03:20 1998 Assar Westerlund - - * Makefile.in (roken_rename.h): remove dependency - -Mon May 25 05:25:54 1998 Assar Westerlund - - * Makefile.in (clean): try to remove shared library debris - -Sun Apr 19 09:58:40 1998 Assar Westerlund - - * Makefile.in: add symlink magic for linux - -Sat Apr 4 15:08:48 1998 Assar Westerlund - - * kafs.h: add arla paths - - * common.c (_kafs_afslog_all_local_cells): Try _PATH_ARLA_* - (_realm_of_cell): Try _PATH_ARLA_CELLSERVDB - -Thu Feb 19 14:50:22 1998 Johan Danielsson - - * common.c: Don't store expired tokens (this broke when using - pag-less rsh-sessions, and `non-standard' ticket files). - -Thu Feb 12 11:20:15 1998 Johan Danielsson - - * Makefile.in: Install/uninstall one library at a time. - -Thu Feb 12 05:38:58 1998 Assar Westerlund - - * Makefile.in (install): one library at a time. - -Mon Feb 9 23:40:32 1998 Assar Westerlund - - * common.c (find_cells): ignore empty lines - -Tue Jan 6 04:25:58 1998 Assar Westerlund - - * afssysdefs.h (AFS_SYSCALL): add FreeBSD - -Fri Jan 2 17:08:24 1998 Assar Westerlund - - * kafs.h: new VICEIOCTL's. From - - * afssysdefs.h: Add OpenBSD diff --git a/crypto/heimdal/lib/kafs/Makefile.am b/crypto/heimdal/lib/kafs/Makefile.am deleted file mode 100644 index 15282f0fd69a..000000000000 --- a/crypto/heimdal/lib/kafs/Makefile.am +++ /dev/null @@ -1,107 +0,0 @@ -# $Id: Makefile.am 21446 2007-07-10 12:45:36Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(AFS_EXTRA_DEFS) $(ROKEN_RENAME) - -if KRB4 -DEPLIB_krb4 = $(LIB_krb4) $(LIB_hcrypto) -krb4_am_workaround = $(INCLUDE_krb4) -else -DEPLIB_krb4 = -krb4_am_workaround = -endif # KRB4 -AM_CPPFLAGS += $(krb4_am_workaround) - -if KRB5 -DEPLIB_krb5 = ../krb5/libkrb5.la -krb5_am_workaround = $(INCLUDE_hcrypto) -I$(top_srcdir)/lib/krb5 -else -DEPLIB_krb5 = -krb5_am_workaround = -endif # KRB5 -AM_CPPFLAGS += $(krb5_am_workaround) - - -if AIX -AFSL_EXP = $(srcdir)/afsl.exp - -if AIX4 -AFS_EXTRA_LD = -bnoentry -else -AFS_EXTRA_LD = -e _nostart -endif - -if AIX_DYNAMIC_AFS -if HAVE_DLOPEN -AIX_SRC = -else -AIX_SRC = dlfcn.c -endif -AFS_EXTRA_LIBS = afslib.so -AFS_EXTRA_DEFS = -else -AIX_SRC = afslib.c -AFS_EXTRA_LIBS = -AFS_EXTRA_DEFS = -DSTATIC_AFS -endif - -else -AFSL_EXP = -AIX_SRC = -endif # AIX - -libkafs_la_LIBADD = $(DEPLIB_krb5) $(LIBADD_roken) $(DEPLIB_krb4) - -lib_LTLIBRARIES = libkafs.la -libkafs_la_LDFLAGS = -version-info 5:1:5 -foodir = $(libdir) -foo_DATA = $(AFS_EXTRA_LIBS) -# EXTRA_DATA = afslib.so - -CLEANFILES= $(AFS_EXTRA_LIBS) $(ROKEN_SRCS) - -include_HEADERS = kafs.h - -if KRB5 -afskrb5_c = afskrb5.c -endif - -if do_roken_rename -ROKEN_SRCS = resolve.c strtok_r.c strlcpy.c strsep.c -endif - -dist_libkafs_la_SOURCES = \ - afssys.c \ - afskrb.c \ - $(afskrb5_c) \ - common.c \ - $(AIX_SRC) \ - kafs_locl.h \ - afssysdefs.h \ - roken_rename.h - -nodist_libkafs_la_SOURCES = $(ROKEN_SRCS) - -EXTRA_libkafs_la_SOURCES = afskrb.c afskrb5.c dlfcn.c afslib.c dlfcn.h - -EXTRA_DIST = README.dlfcn afsl.exp afslib.exp $(man_MANS) - -man_MANS = kafs.3 - -# AIX: this almost works with gcc, but somehow it fails to use the -# correct ld, use ld instead -afslib.so: afslib.o - ld -o $@ -bM:SRE -bI:$(srcdir)/afsl.exp -bE:$(srcdir)/afslib.exp $(AFS_EXTRA_LD) afslib.o -lc - -resolve.c: - $(LN_S) $(srcdir)/../roken/resolve.c . - -strtok_r.c: - $(LN_S) $(srcdir)/../roken/strtok_r.c . - -strlcpy.c: - $(LN_S) $(srcdir)/../roken/strlcpy.c . - -strsep.c: - $(LN_S) $(srcdir)/../roken/strsep.c . diff --git a/crypto/heimdal/lib/kafs/Makefile.in b/crypto/heimdal/lib/kafs/Makefile.in deleted file mode 100644 index ae9a12a60ff8..000000000000 --- a/crypto/heimdal/lib/kafs/Makefile.in +++ /dev/null @@ -1,956 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 21446 2007-07-10 12:45:36Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - - - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(include_HEADERS) $(srcdir)/Makefile.am \ - $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog -subdir = lib/kafs -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(man3dir)" \ - "$(DESTDIR)$(foodir)" "$(DESTDIR)$(includedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) -LTLIBRARIES = $(lib_LTLIBRARIES) -@KRB5_TRUE@am__DEPENDENCIES_1 = ../krb5/libkrb5.la -am__DEPENDENCIES_2 = -@KRB4_TRUE@am__DEPENDENCIES_3 = $(am__DEPENDENCIES_2) \ -@KRB4_TRUE@ $(am__DEPENDENCIES_2) -libkafs_la_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_2) \ - $(am__DEPENDENCIES_3) -am__dist_libkafs_la_SOURCES_DIST = afssys.c afskrb.c afskrb5.c \ - common.c afslib.c dlfcn.c kafs_locl.h afssysdefs.h \ - roken_rename.h -@KRB5_TRUE@am__objects_1 = afskrb5.lo -@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@am__objects_2 = afslib.lo -@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@am__objects_2 = \ -@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@ dlfcn.lo -dist_libkafs_la_OBJECTS = afssys.lo afskrb.lo $(am__objects_1) \ - common.lo $(am__objects_2) -@do_roken_rename_TRUE@am__objects_3 = resolve.lo strtok_r.lo \ -@do_roken_rename_TRUE@ strlcpy.lo strsep.lo -nodist_libkafs_la_OBJECTS = $(am__objects_3) -libkafs_la_OBJECTS = $(dist_libkafs_la_OBJECTS) \ - $(nodist_libkafs_la_OBJECTS) -libkafs_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(libkafs_la_LDFLAGS) $(LDFLAGS) -o $@ -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(EXTRA_libkafs_la_SOURCES) $(dist_libkafs_la_SOURCES) \ - $(nodist_libkafs_la_SOURCES) -DIST_SOURCES = $(EXTRA_libkafs_la_SOURCES) \ - $(am__dist_libkafs_la_SOURCES_DIST) -man3dir = $(mandir)/man3 -MANS = $(man_MANS) -fooDATA_INSTALL = $(INSTALL_DATA) -DATA = $(foo_DATA) -includeHEADERS_INSTALL = $(INSTALL_HEADER) -HEADERS = $(include_HEADERS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(AFS_EXTRA_DEFS) $(ROKEN_RENAME) $(krb4_am_workaround) \ - $(krb5_am_workaround) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -@KRB4_FALSE@DEPLIB_krb4 = -@KRB4_TRUE@DEPLIB_krb4 = $(LIB_krb4) $(LIB_hcrypto) -@KRB4_FALSE@krb4_am_workaround = -@KRB4_TRUE@krb4_am_workaround = $(INCLUDE_krb4) -@KRB5_FALSE@DEPLIB_krb5 = -@KRB5_TRUE@DEPLIB_krb5 = ../krb5/libkrb5.la -@KRB5_FALSE@krb5_am_workaround = -@KRB5_TRUE@krb5_am_workaround = $(INCLUDE_hcrypto) -I$(top_srcdir)/lib/krb5 -@AIX_FALSE@AFSL_EXP = -@AIX_TRUE@AFSL_EXP = $(srcdir)/afsl.exp -@AIX4_FALSE@@AIX_TRUE@AFS_EXTRA_LD = -e _nostart -@AIX4_TRUE@@AIX_TRUE@AFS_EXTRA_LD = -bnoentry -@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@AIX_SRC = afslib.c -@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@AIX_SRC = dlfcn.c -@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@AIX_SRC = -@AIX_FALSE@AIX_SRC = -@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@AFS_EXTRA_LIBS = -@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@AFS_EXTRA_LIBS = afslib.so -@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@AFS_EXTRA_DEFS = -DSTATIC_AFS -@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@AFS_EXTRA_DEFS = -libkafs_la_LIBADD = $(DEPLIB_krb5) $(LIBADD_roken) $(DEPLIB_krb4) -lib_LTLIBRARIES = libkafs.la -libkafs_la_LDFLAGS = -version-info 5:1:5 -foodir = $(libdir) -foo_DATA = $(AFS_EXTRA_LIBS) -# EXTRA_DATA = afslib.so -CLEANFILES = $(AFS_EXTRA_LIBS) $(ROKEN_SRCS) -include_HEADERS = kafs.h -@KRB5_TRUE@afskrb5_c = afskrb5.c -@do_roken_rename_TRUE@ROKEN_SRCS = resolve.c strtok_r.c strlcpy.c strsep.c -dist_libkafs_la_SOURCES = \ - afssys.c \ - afskrb.c \ - $(afskrb5_c) \ - common.c \ - $(AIX_SRC) \ - kafs_locl.h \ - afssysdefs.h \ - roken_rename.h - -nodist_libkafs_la_SOURCES = $(ROKEN_SRCS) -EXTRA_libkafs_la_SOURCES = afskrb.c afskrb5.c dlfcn.c afslib.c dlfcn.h -EXTRA_DIST = README.dlfcn afsl.exp afslib.exp $(man_MANS) -man_MANS = kafs.3 -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/kafs/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/kafs/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-libLTLIBRARIES: $(lib_LTLIBRARIES) - @$(NORMAL_INSTALL) - test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ - else :; fi; \ - done - -uninstall-libLTLIBRARIES: - @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ - done - -clean-libLTLIBRARIES: - -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done -libkafs.la: $(libkafs_la_OBJECTS) $(libkafs_la_DEPENDENCIES) - $(libkafs_la_LINK) -rpath $(libdir) $(libkafs_la_OBJECTS) $(libkafs_la_LIBADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man3: $(man3_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man3dir)" || $(MKDIR_P) "$(DESTDIR)$(man3dir)" - @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.3*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 3*) ;; \ - *) ext='3' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst"; \ - done -uninstall-man3: - @$(NORMAL_UNINSTALL) - @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.3*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 3*) ;; \ - *) ext='3' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man3dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man3dir)/$$inst"; \ - done -install-fooDATA: $(foo_DATA) - @$(NORMAL_INSTALL) - test -z "$(foodir)" || $(MKDIR_P) "$(DESTDIR)$(foodir)" - @list='$(foo_DATA)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(fooDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(foodir)/$$f'"; \ - $(fooDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(foodir)/$$f"; \ - done - -uninstall-fooDATA: - @$(NORMAL_UNINSTALL) - @list='$(foo_DATA)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(foodir)/$$f'"; \ - rm -f "$(DESTDIR)$(foodir)/$$f"; \ - done -install-includeHEADERS: $(include_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ - done - -uninstall-includeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA) $(HEADERS) all-local -installdirs: - for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(man3dir)" "$(DESTDIR)$(foodir)" "$(DESTDIR)$(includedir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \ - mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-fooDATA install-includeHEADERS install-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-libLTLIBRARIES - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man3 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-fooDATA uninstall-includeHEADERS \ - uninstall-libLTLIBRARIES uninstall-man - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man3 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-generic clean-libLTLIBRARIES clean-libtool ctags \ - dist-hook distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-fooDATA \ - install-html install-html-am install-includeHEADERS \ - install-info install-info-am install-libLTLIBRARIES \ - install-man install-man3 install-pdf install-pdf-am install-ps \ - install-ps-am install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \ - uninstall-am uninstall-fooDATA uninstall-hook \ - uninstall-includeHEADERS uninstall-libLTLIBRARIES \ - uninstall-man uninstall-man3 - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -# AIX: this almost works with gcc, but somehow it fails to use the -# correct ld, use ld instead -afslib.so: afslib.o - ld -o $@ -bM:SRE -bI:$(srcdir)/afsl.exp -bE:$(srcdir)/afslib.exp $(AFS_EXTRA_LD) afslib.o -lc - -resolve.c: - $(LN_S) $(srcdir)/../roken/resolve.c . - -strtok_r.c: - $(LN_S) $(srcdir)/../roken/strtok_r.c . - -strlcpy.c: - $(LN_S) $(srcdir)/../roken/strlcpy.c . - -strsep.c: - $(LN_S) $(srcdir)/../roken/strsep.c . -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/lib/kafs/README.dlfcn b/crypto/heimdal/lib/kafs/README.dlfcn deleted file mode 100644 index cee1b751939e..000000000000 --- a/crypto/heimdal/lib/kafs/README.dlfcn +++ /dev/null @@ -1,246 +0,0 @@ -Copyright (c) 1992,1993,1995,1996, Jens-Uwe Mager, Helios Software GmbH -Not derived from licensed software. - -Permission is granted to freely use, copy, modify, and redistribute -this software, provided that the author is not construed to be liable -for any results of using the software, alterations are clearly marked -as such, and this notice is not modified. - -libdl.a -------- - -This is an emulation library to emulate the SunOS/System V.4 functions -to access the runtime linker. The functions are emulated by using the -AIX load() function and by reading the .loader section of the loaded -module to find the exports. The to be loaded module should be linked as -follows (if using AIX 3): - - cc -o module.so -bM:SRE -bE:module.exp -e _nostart $(OBJS) - -For AIX 4: - - cc -o module.so -bM:SRE -bE:module.exp -bnoentry $(OBJS) - -If you want to reference symbols from the main part of the program in a -loaded module, you will have to link against the export file of the -main part: - - cc -o main -bE:main.exp $(MAIN_OBJS) - cc -o module.so -bM:SRE -bI:main.exp -bE:module.exp -bnoentry $(OBJS) - -Note that you explicitely have to specify what functions are supposed -to be accessible from your loaded modules, this is different from -SunOS/System V.4 where any global is automatically exported. If you -want to export all globals, the following script might be of help: - -#!/bin/sh -/usr/ucb/nm -g $* | awk '$2 == "B" || $2 == "D" { print $3 }' - -The module export file contains the symbols to be exported. Because -this library uses the loader section, the final module.so file can be -stripped. C++ users should build their shared objects using the script -makeC++SharedLib (part of the IBM C++ compiler), this will make sure -that constructors and destructors for static and global objects will be -called upon loading and unloading the module. GNU C++ users should use -the -shared option to g++ to link the shared object: - - g++ -o module.so -shared $(OBJS) - -If the shared object does have permissions for anybody, the shared -object will be loaded into the shared library segment and it will stay -there even if the main application terminates. If you rebuild your -shared object after a bugfix and you want to make sure that you really -get the newest version you will have to use the "slibclean" command -before starting the application again to garbage collect the shared -library segment. If the performance utilities (bosperf) are installed -you can use the following command to see what shared objects are -loaded: - -/usr/lpp/bosperf/genkld | sort | uniq - -For easier debugging you can avoid loading the shared object into the -shared library segment alltogether by removing permissions for others -from the module.so file: - -chmod o-rwx module.so - -This will ensure you get a fresh copy of the shared object for every -dlopen() call which is loaded into the application's data segment. - -Usage ------ - -void *dlopen(const char *path, int mode); - -This routine loads the module pointed to by path and reads its export -table. If the path does not contain a '/' character, dlopen will search -for the module using the LIBPATH environment variable. It returns an -opaque handle to the module or NULL on error. The mode parameter can be -either RTLD_LAZY (for lazy function binding) or RTLD_NOW for immediate -function binding. The AIX implementation currently does treat RTLD_NOW -the same as RTLD_LAZY. The flag RTLD_GLOBAL might be or'ed into the -mode parameter to allow loaded modules to bind to global variables or -functions in other loaded modules loaded by dlopen(). If RTLD_GLOBAL is -not specified, only globals from the main part of the executable or -shared libraries are used to look for undefined symbols in loaded -modules. - - -void *dlsym(void *handle, const char *symbol); - -This routine searches for the symbol in the module referred to by -handle and returns its address. If the symbol could not be found, the -function returns NULL. The return value must be casted to a proper -function pointer before it can be used. SunOS/System V.4 allows handle -to be a NULL pointer to refer to the module the call is made from, this -is not implemented. - -int dlclose(void *handle); - -This routine unloads the module referred to by the handle and disposes -of any local storage. this function returns -1 on failure. Any function -pointers obtained through dlsym() should be considered invalid after -closing a module. - -As AIX caches shared objects in the shared library segment, function -pointers obtained through dlsym() might still work even though the -module has been unloaded. This can introduce subtle bugs that will -segment fault later if AIX garbage collects or immediatly on -SunOS/System V.4 as the text segment is unmapped. - -char *dlerror(void); - -This routine can be used to retrieve a text message describing the most -recent error that occured on on of the above routines. This function -returns NULL if there is no error information. - -Initialization and termination handlers ---------------------------------------- - -The emulation provides for an initialization and a termination -handler. The dlfcn.h file contains a structure declaration named -dl_info with following members: - - void (*init)(void); - void (*fini)(void); - -The init function is called upon first referencing the library. The -fini function is called at dlclose() time or when the process exits. -The module should declare a variable named dl_info that contains this -structure which must be exported. These functions correspond to the -documented _init() and _fini() functions of SunOS 4.x, but these are -appearently not implemented in SunOS. When using SunOS 5.0, these -correspond to #pragma init and #pragma fini respectively. At the same -time any static or global C++ object's constructors or destructors will -be called. - -BUGS ----- - -Please note that there is currently a problem with implicitely loaded -shared C++ libaries: if you refer to a shared C++ library from a loaded -module that is not yet used by the main program, the dlopen() emulator -does not notice this and does not call the static constructors for the -implicitely loaded library. This can be easily demonstrated by -referencing the C++ standard streams from a loaded module if the main -program is a plain C program. - -Jens-Uwe Mager - -HELIOS Software GmbH -Lavesstr. 80 -30159 Hannover -Germany - -Phone: +49 511 36482-0 -FAX: +49 511 36482-69 -AppleLink: helios.de/jum -Internet: jum@helios.de - -Revison History ---------------- - -SCCS/s.dlfcn.h: - -D 1.4 95/04/25 09:36:52 jum 4 3 00018/00004/00028 -MRs: -COMMENTS: -added RTLD_GLOBAL, include and C++ guards - -D 1.3 92/12/27 20:58:32 jum 3 2 00001/00001/00031 -MRs: -COMMENTS: -we always have prototypes on RS/6000 - -D 1.2 92/08/16 17:45:11 jum 2 1 00009/00000/00023 -MRs: -COMMENTS: -added dl_info structure to implement initialize and terminate functions - -D 1.1 92/08/02 18:08:45 jum 1 0 00023/00000/00000 -MRs: -COMMENTS: -Erstellungsdatum und -uhrzeit 92/08/02 18:08:45 von jum - -SCCS/s.dlfcn.c: - -D 1.11 96/04/10 20:12:51 jum 13 12 00037/00000/00533 -MRs: -COMMENTS: -Integrated the changes from John W. Eaton to initialize -g++ generated shared objects. - -D 1.10 96/02/15 17:42:44 jum 12 10 00012/00007/00521 -MRs: -COMMENTS: -the C++ constructor and destructor chains are now called properly for either -xlC 2 or xlC 3 (CSet++). - -D 1.9 95/09/22 11:09:38 markus 10 9 00001/00008/00527 -MRs: -COMMENTS: -Fix version number - -D 1.8 95/09/22 10:14:34 markus 9 8 00008/00001/00527 -MRs: -COMMENTS: -Added version number for dl lib - -D 1.7 95/08/14 19:08:38 jum 8 6 00026/00004/00502 -MRs: -COMMENTS: -Integrated the fixes from Kirk Benell (kirk@rsinc.com) to allow loading of -shared objects generated under AIX 4. Fixed bug that symbols with exactly -8 characters would use garbage characters from the following symbol value. - -D 1.6 95/04/25 09:38:03 jum 6 5 00046/00006/00460 -MRs: -COMMENTS: -added handling of C++ static constructors and destructors, added RTLD_GLOBAL to bind against other loaded modules - -D 1.5 93/02/14 20:14:17 jum 5 4 00002/00000/00464 -MRs: -COMMENTS: -added path to dlopen error message to make clear where there error occured. - -D 1.4 93/01/03 19:13:56 jum 4 3 00061/00005/00403 -MRs: -COMMENTS: -to allow calling symbols in the main module call load with L_NOAUTODEFER and -do a loadbind later with the main module. - -D 1.3 92/12/27 20:59:55 jum 3 2 00066/00008/00342 -MRs: -COMMENTS: -added search by L_GETINFO if module got loaded by LIBPATH - -D 1.2 92/08/16 17:45:43 jum 2 1 00074/00006/00276 -MRs: -COMMENTS: -implemented initialize and terminate functions, added reference counting to avoid multiple loads of the same library - -D 1.1 92/08/02 18:08:45 jum 1 0 00282/00000/00000 -MRs: -COMMENTS: -Erstellungsdatum und -uhrzeit 92/08/02 18:08:45 von jum - diff --git a/crypto/heimdal/lib/kafs/afskrb.c b/crypto/heimdal/lib/kafs/afskrb.c deleted file mode 100644 index f5516a8b5269..000000000000 --- a/crypto/heimdal/lib/kafs/afskrb.c +++ /dev/null @@ -1,217 +0,0 @@ -/* - * Copyright (c) 1995 - 2001, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kafs_locl.h" - -RCSID("$Id: afskrb.c 15342 2005-06-02 07:38:22Z lha $"); - -#ifdef KRB4 - -struct krb_kafs_data { - const char *realm; -}; - -static int -get_cred(struct kafs_data *data, const char *name, const char *inst, - const char *realm, uid_t uid, struct kafs_token *kt) -{ - CREDENTIALS c; - KTEXT_ST tkt; - int ret = krb_get_cred((char*)name, (char*)inst, (char*)realm, &c); - - if (ret) { - ret = krb_mk_req(&tkt, (char*)name, (char*)inst, (char*)realm, 0); - if (ret == KSUCCESS) - ret = krb_get_cred((char*)name, (char*)inst, (char*)realm, &c); - } - if (ret == 0) - ret = _kafs_v4_to_kt(&c, uid, kt); - return ret; -} - -static int -afslog_uid_int(struct kafs_data *data, - const char *cell, - const char *realm_hint, - uid_t uid, - const char *homedir) -{ - int ret; - struct kafs_token kt; - char name[ANAME_SZ]; - char inst[INST_SZ]; - char realm[REALM_SZ]; - - kt.ticket = NULL; - - if (cell == 0 || cell[0] == 0) - return _kafs_afslog_all_local_cells (data, uid, homedir); - - /* Extract realm from ticket file. */ - ret = krb_get_tf_fullname(tkt_string(), name, inst, realm); - if (ret != KSUCCESS) - return ret; - - kt.ticket = NULL; - ret = _kafs_get_cred(data, cell, realm_hint, realm, uid, &kt); - - if (ret == 0) { - ret = kafs_settoken_rxkad(cell, &kt.ct, kt.ticket, kt.ticket_len); - free(kt.ticket); - } - return ret; -} - -static char * -get_realm(struct kafs_data *data, const char *host) -{ - char *r = krb_realmofhost(host); - if(r != NULL) - return strdup(r); - else - return NULL; -} - -int -krb_afslog_uid_home(const char *cell, const char *realm_hint, uid_t uid, - const char *homedir) -{ - struct kafs_data kd; - - kd.name = "krb4"; - kd.afslog_uid = afslog_uid_int; - kd.get_cred = get_cred; - kd.get_realm = get_realm; - kd.data = 0; - return afslog_uid_int(&kd, cell, realm_hint, uid, homedir); -} - -int -krb_afslog_uid(const char *cell, const char *realm_hint, uid_t uid) -{ - return krb_afslog_uid_home(cell, realm_hint, uid, NULL); -} - -int -krb_afslog(const char *cell, const char *realm_hint) -{ - return krb_afslog_uid(cell, realm_hint, getuid()); -} - -int -krb_afslog_home(const char *cell, const char *realm_hint, const char *homedir) -{ - return krb_afslog_uid_home(cell, realm_hint, getuid(), homedir); -} - -/* - * - */ - -int -krb_realm_of_cell(const char *cell, char **realm) -{ - struct kafs_data kd; - - kd.name = "krb4"; - kd.get_realm = get_realm; - return _kafs_realm_of_cell(&kd, cell, realm); -} - -int -kafs_settoken(const char *cell, uid_t uid, CREDENTIALS *c) -{ - struct kafs_token kt; - int ret; - - kt.ticket = NULL; - - ret = _kafs_v4_to_kt(c, uid, &kt); - if (ret) - return ret; - - if (kt.ct.EndTimestamp < time(NULL)) { - free(kt.ticket); - return 0; - } - - ret = kafs_settoken_rxkad(cell, &kt.ct, kt.ticket, kt.ticket_len); - free(kt.ticket); - return ret; -} - -#else /* KRB4 */ - -#define KAFS_KRBET_KDC_SERVICE_EXP 39525378 - -int -krb_afslog_uid_home(const char *cell, const char *realm_hint, uid_t uid, - const char *homedir) -{ - return KAFS_KRBET_KDC_SERVICE_EXP; -} - -int -krb_afslog_uid(const char *cell, const char *realm_hint, uid_t uid) -{ - return KAFS_KRBET_KDC_SERVICE_EXP; -} - -int -krb_afslog_home(const char *cell, const char *realm_hint, const char *homedir) -{ - return KAFS_KRBET_KDC_SERVICE_EXP; -} - -int -krb_afslog(const char *cell, const char *realm_hint) -{ - return KAFS_KRBET_KDC_SERVICE_EXP; -} - -int -krb_realm_of_cell(const char *cell, char **realm) -{ - *realm = NULL; - return KAFS_KRBET_KDC_SERVICE_EXP; -} - -int kafs_settoken (const char*, uid_t, struct credentials *); - -int -kafs_settoken(const char *cell, uid_t uid, struct credentials *c) -{ - return KAFS_KRBET_KDC_SERVICE_EXP; -} - -#endif /* KRB4 */ diff --git a/crypto/heimdal/lib/kafs/afskrb5.c b/crypto/heimdal/lib/kafs/afskrb5.c deleted file mode 100644 index 2b052672ffde..000000000000 --- a/crypto/heimdal/lib/kafs/afskrb5.c +++ /dev/null @@ -1,338 +0,0 @@ -/* - * Copyright (c) 1995-2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kafs_locl.h" - -RCSID("$Id: afskrb5.c 17032 2006-04-10 08:45:04Z lha $"); - -struct krb5_kafs_data { - krb5_context context; - krb5_ccache id; - krb5_const_realm realm; -}; - -enum { - KAFS_RXKAD_2B_KVNO = 213, - KAFS_RXKAD_K5_KVNO = 256 -}; - -static int -v5_to_kt(krb5_creds *cred, uid_t uid, struct kafs_token *kt, int local524) -{ - int kvno, ret; - - kt->ticket = NULL; - - /* check if des key */ - if (cred->session.keyvalue.length != 8) - return EINVAL; - - if (local524) { - Ticket t; - unsigned char *buf; - size_t buf_len; - size_t len; - - kvno = KAFS_RXKAD_2B_KVNO; - - ret = decode_Ticket(cred->ticket.data, cred->ticket.length, &t, &len); - if (ret) - return ret; - if (t.tkt_vno != 5) - return -1; - - ASN1_MALLOC_ENCODE(EncryptedData, buf, buf_len, &t.enc_part, - &len, ret); - free_Ticket(&t); - if (ret) - return ret; - if(buf_len != len) { - free(buf); - return KRB5KRB_ERR_GENERIC; - } - - kt->ticket = buf; - kt->ticket_len = buf_len; - - } else { - kvno = KAFS_RXKAD_K5_KVNO; - kt->ticket = malloc(cred->ticket.length); - if (kt->ticket == NULL) - return ENOMEM; - kt->ticket_len = cred->ticket.length; - memcpy(kt->ticket, cred->ticket.data, kt->ticket_len); - - ret = 0; - } - - - /* - * Build a struct ClearToken - */ - - kt->ct.AuthHandle = kvno; - memcpy(kt->ct.HandShakeKey, cred->session.keyvalue.data, 8); - kt->ct.ViceId = uid; - kt->ct.BeginTimestamp = cred->times.starttime; - kt->ct.EndTimestamp = cred->times.endtime; - - _kafs_fixup_viceid(&kt->ct, uid); - - return 0; -} - -static krb5_error_code -v5_convert(krb5_context context, krb5_ccache id, - krb5_creds *cred, uid_t uid, - const char *cell, - struct kafs_token *kt) -{ - krb5_error_code ret; - char *c, *val; - - c = strdup(cell); - if (c == NULL) - return ENOMEM; - _kafs_foldup(c, c); - krb5_appdefault_string (context, "libkafs", - c, - "afs-use-524", "2b", &val); - free(c); - - if (strcasecmp(val, "local") == 0 || - strcasecmp(val, "2b") == 0) - ret = v5_to_kt(cred, uid, kt, 1); - else if(strcasecmp(val, "yes") == 0 || - strcasecmp(val, "true") == 0 || - atoi(val)) { - struct credentials cred4; - - if (id == NULL) - ret = krb524_convert_creds_kdc(context, cred, &cred4); - else - ret = krb524_convert_creds_kdc_ccache(context, id, cred, &cred4); - if (ret) - goto out; - - ret = _kafs_v4_to_kt(&cred4, uid, kt); - } else - ret = v5_to_kt(cred, uid, kt, 0); - - out: - free(val); - return ret; -} - - -/* - * - */ - -static int -get_cred(struct kafs_data *data, const char *name, const char *inst, - const char *realm, uid_t uid, struct kafs_token *kt) -{ - krb5_error_code ret; - krb5_creds in_creds, *out_creds; - struct krb5_kafs_data *d = data->data; - - memset(&in_creds, 0, sizeof(in_creds)); - ret = krb5_425_conv_principal(d->context, name, inst, realm, - &in_creds.server); - if(ret) - return ret; - ret = krb5_cc_get_principal(d->context, d->id, &in_creds.client); - if(ret){ - krb5_free_principal(d->context, in_creds.server); - return ret; - } - in_creds.session.keytype = ETYPE_DES_CBC_CRC; - ret = krb5_get_credentials(d->context, 0, d->id, &in_creds, &out_creds); - krb5_free_principal(d->context, in_creds.server); - krb5_free_principal(d->context, in_creds.client); - if(ret) - return ret; - - ret = v5_convert(d->context, d->id, out_creds, uid, - (inst != NULL && inst[0] != '\0') ? inst : realm, kt); - krb5_free_creds(d->context, out_creds); - - return ret; -} - -static krb5_error_code -afslog_uid_int(struct kafs_data *data, const char *cell, const char *rh, - uid_t uid, const char *homedir) -{ - krb5_error_code ret; - struct kafs_token kt; - krb5_principal princ; - const char *trealm; /* ticket realm */ - struct krb5_kafs_data *d = data->data; - - if (cell == 0 || cell[0] == 0) - return _kafs_afslog_all_local_cells (data, uid, homedir); - - ret = krb5_cc_get_principal (d->context, d->id, &princ); - if (ret) - return ret; - - trealm = krb5_principal_get_realm (d->context, princ); - - kt.ticket = NULL; - ret = _kafs_get_cred(data, cell, d->realm, trealm, uid, &kt); - krb5_free_principal (d->context, princ); - - if(ret == 0) { - ret = kafs_settoken_rxkad(cell, &kt.ct, kt.ticket, kt.ticket_len); - free(kt.ticket); - } - return ret; -} - -static char * -get_realm(struct kafs_data *data, const char *host) -{ - struct krb5_kafs_data *d = data->data; - krb5_realm *realms; - char *r; - if(krb5_get_host_realm(d->context, host, &realms)) - return NULL; - r = strdup(realms[0]); - krb5_free_host_realm(d->context, realms); - return r; -} - -krb5_error_code -krb5_afslog_uid_home(krb5_context context, - krb5_ccache id, - const char *cell, - krb5_const_realm realm, - uid_t uid, - const char *homedir) -{ - struct kafs_data kd; - struct krb5_kafs_data d; - krb5_error_code ret; - - kd.name = "krb5"; - kd.afslog_uid = afslog_uid_int; - kd.get_cred = get_cred; - kd.get_realm = get_realm; - kd.data = &d; - if (context == NULL) { - ret = krb5_init_context(&d.context); - if (ret) - return ret; - } else - d.context = context; - if (id == NULL) { - ret = krb5_cc_default(d.context, &d.id); - if (ret) - goto out; - } else - d.id = id; - d.realm = realm; - ret = afslog_uid_int(&kd, cell, 0, uid, homedir); - if (id == NULL) - krb5_cc_close(context, d.id); - out: - if (context == NULL) - krb5_free_context(d.context); - return ret; -} - -krb5_error_code -krb5_afslog_uid(krb5_context context, - krb5_ccache id, - const char *cell, - krb5_const_realm realm, - uid_t uid) -{ - return krb5_afslog_uid_home (context, id, cell, realm, uid, NULL); -} - -krb5_error_code -krb5_afslog(krb5_context context, - krb5_ccache id, - const char *cell, - krb5_const_realm realm) -{ - return krb5_afslog_uid (context, id, cell, realm, getuid()); -} - -krb5_error_code -krb5_afslog_home(krb5_context context, - krb5_ccache id, - const char *cell, - krb5_const_realm realm, - const char *homedir) -{ - return krb5_afslog_uid_home (context, id, cell, realm, getuid(), homedir); -} - -/* - * - */ - -krb5_error_code -krb5_realm_of_cell(const char *cell, char **realm) -{ - struct kafs_data kd; - - kd.name = "krb5"; - kd.get_realm = get_realm; - return _kafs_realm_of_cell(&kd, cell, realm); -} - -/* - * - */ - -int -kafs_settoken5(krb5_context context, const char *cell, uid_t uid, - krb5_creds *cred) -{ - struct kafs_token kt; - int ret; - - ret = v5_convert(context, NULL, cred, uid, cell, &kt); - if (ret) - return ret; - - ret = kafs_settoken_rxkad(cell, &kt.ct, kt.ticket, kt.ticket_len); - - free(kt.ticket); - - return ret; -} diff --git a/crypto/heimdal/lib/kafs/afsl.exp b/crypto/heimdal/lib/kafs/afsl.exp deleted file mode 100644 index 4d2b00e28337..000000000000 --- a/crypto/heimdal/lib/kafs/afsl.exp +++ /dev/null @@ -1,6 +0,0 @@ -#!/unix - -* This mumbo jumbo creates entry points to syscalls in _AIX - -lpioctl syscall -lsetpag syscall diff --git a/crypto/heimdal/lib/kafs/afslib.c b/crypto/heimdal/lib/kafs/afslib.c deleted file mode 100644 index 4845b7f36b7c..000000000000 --- a/crypto/heimdal/lib/kafs/afslib.c +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * This file is only used with AIX - */ - -#include "kafs_locl.h" - -RCSID("$Id: afslib.c 7463 1999-12-02 16:58:55Z joda $"); - -int -aix_pioctl(char *a_path, - int o_opcode, - struct ViceIoctl *a_paramsP, - int a_followSymlinks) -{ - return lpioctl(a_path, o_opcode, a_paramsP, a_followSymlinks); -} - -int -aix_setpag(void) -{ - return lsetpag(); -} diff --git a/crypto/heimdal/lib/kafs/afslib.exp b/crypto/heimdal/lib/kafs/afslib.exp deleted file mode 100644 index f288717706ea..000000000000 --- a/crypto/heimdal/lib/kafs/afslib.exp +++ /dev/null @@ -1,3 +0,0 @@ -#! -aix_pioctl -aix_setpag diff --git a/crypto/heimdal/lib/kafs/afssys.c b/crypto/heimdal/lib/kafs/afssys.c deleted file mode 100644 index d9c6b8066aa8..000000000000 --- a/crypto/heimdal/lib/kafs/afssys.c +++ /dev/null @@ -1,562 +0,0 @@ -/* - * Copyright (c) 1995 - 2000, 2002, 2004, 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kafs_locl.h" - -RCSID("$Id: afssys.c 17050 2006-04-11 08:12:29Z lha $"); - -struct procdata { - unsigned long param4; - unsigned long param3; - unsigned long param2; - unsigned long param1; - unsigned long syscall; -}; -#define VIOC_SYSCALL_PROC _IOW('C', 1, void *) - -struct devdata { - unsigned long syscall; - unsigned long param1; - unsigned long param2; - unsigned long param3; - unsigned long param4; - unsigned long param5; - unsigned long param6; - unsigned long retval; -}; -#define VIOC_SYSCALL_DEV _IOWR('C', 2, struct devdata) -#define VIOC_SYSCALL_DEV_OPENAFS _IOWR('C', 1, struct devdata) - - -int _kafs_debug; /* this should be done in a better way */ - -#define UNKNOWN_ENTRY_POINT (-1) -#define NO_ENTRY_POINT 0 -#define SINGLE_ENTRY_POINT 1 -#define MULTIPLE_ENTRY_POINT 2 -#define SINGLE_ENTRY_POINT2 3 -#define SINGLE_ENTRY_POINT3 4 -#define LINUX_PROC_POINT 5 -#define AIX_ENTRY_POINTS 6 -#define MACOS_DEV_POINT 7 - -static int afs_entry_point = UNKNOWN_ENTRY_POINT; -static int afs_syscalls[2]; -static char *afs_ioctlpath; -static unsigned long afs_ioctlnum; - -/* Magic to get AIX syscalls to work */ -#ifdef _AIX - -static int (*Pioctl)(char*, int, struct ViceIoctl*, int); -static int (*Setpag)(void); - -#include "dlfcn.h" - -/* - * - */ - -static int -try_aix(void) -{ -#ifdef STATIC_AFS_SYSCALLS - Pioctl = aix_pioctl; - Setpag = aix_setpag; -#else - void *ptr; - char path[MaxPathLen], *p; - /* - * If we are root or running setuid don't trust AFSLIBPATH! - */ - if (getuid() != 0 && !issuid() && (p = getenv("AFSLIBPATH")) != NULL) - strlcpy(path, p, sizeof(path)); - else - snprintf(path, sizeof(path), "%s/afslib.so", LIBDIR); - - ptr = dlopen(path, RTLD_NOW); - if(ptr == NULL) { - if(_kafs_debug) { - if(errno == ENOEXEC && (p = dlerror()) != NULL) - fprintf(stderr, "dlopen(%s): %s\n", path, p); - else if (errno != ENOENT) - fprintf(stderr, "dlopen(%s): %s\n", path, strerror(errno)); - } - return 1; - } - Setpag = (int (*)(void))dlsym(ptr, "aix_setpag"); - Pioctl = (int (*)(char*, int, - struct ViceIoctl*, int))dlsym(ptr, "aix_pioctl"); -#endif - afs_entry_point = AIX_ENTRY_POINTS; - return 0; -} -#endif /* _AIX */ - -/* - * This probably only works under Solaris and could get confused if - * there's a /etc/name_to_sysnum file. - */ - -#if defined(AFS_SYSCALL) || defined(AFS_SYSCALL2) || defined(AFS_SYSCALL3) - -#define _PATH_ETC_NAME_TO_SYSNUM "/etc/name_to_sysnum" - -static int -map_syscall_name_to_number (const char *str, int *res) -{ - FILE *f; - char buf[256]; - size_t str_len = strlen (str); - - f = fopen (_PATH_ETC_NAME_TO_SYSNUM, "r"); - if (f == NULL) - return -1; - while (fgets (buf, sizeof(buf), f) != NULL) { - if (buf[0] == '#') - continue; - - if (strncmp (str, buf, str_len) == 0) { - char *begptr = buf + str_len; - char *endptr; - long val = strtol (begptr, &endptr, 0); - - if (val != 0 && endptr != begptr) { - fclose (f); - *res = val; - return 0; - } - } - } - fclose (f); - return -1; -} -#endif - -static int -try_ioctlpath(const char *path, unsigned long ioctlnum, int entrypoint) -{ - int fd, ret, saved_errno; - - fd = open(path, O_RDWR); - if (fd < 0) - return 1; - switch (entrypoint) { - case LINUX_PROC_POINT: { - struct procdata data = { 0, 0, 0, 0, AFSCALL_PIOCTL }; - data.param2 = (unsigned long)VIOCGETTOK; - ret = ioctl(fd, ioctlnum, &data); - break; - } - case MACOS_DEV_POINT: { - struct devdata data = { AFSCALL_PIOCTL, 0, 0, 0, 0, 0, 0, 0 }; - data.param2 = (unsigned long)VIOCGETTOK; - ret = ioctl(fd, ioctlnum, &data); - break; - } - default: - abort(); - } - saved_errno = errno; - close(fd); - /* - * Be quite liberal in what error are ok, the first is the one - * that should trigger given that params is NULL. - */ - if (ret && - (saved_errno != EFAULT && - saved_errno != EDOM && - saved_errno != ENOTCONN)) - return 1; - afs_ioctlnum = ioctlnum; - afs_ioctlpath = strdup(path); - if (afs_ioctlpath == NULL) - return 1; - afs_entry_point = entrypoint; - return 0; -} - -static int -do_ioctl(void *data) -{ - int fd, ret, saved_errno; - fd = open(afs_ioctlpath, O_RDWR); - if (fd < 0) { - errno = EINVAL; - return -1; - } - ret = ioctl(fd, afs_ioctlnum, data); - saved_errno = errno; - close(fd); - errno = saved_errno; - return ret; -} - -int -k_pioctl(char *a_path, - int o_opcode, - struct ViceIoctl *a_paramsP, - int a_followSymlinks) -{ -#ifndef NO_AFS - switch(afs_entry_point){ -#if defined(AFS_SYSCALL) || defined(AFS_SYSCALL2) || defined(AFS_SYSCALL3) - case SINGLE_ENTRY_POINT: - case SINGLE_ENTRY_POINT2: - case SINGLE_ENTRY_POINT3: - return syscall(afs_syscalls[0], AFSCALL_PIOCTL, - a_path, o_opcode, a_paramsP, a_followSymlinks); -#endif -#if defined(AFS_PIOCTL) - case MULTIPLE_ENTRY_POINT: - return syscall(afs_syscalls[0], - a_path, o_opcode, a_paramsP, a_followSymlinks); -#endif - case LINUX_PROC_POINT: { - struct procdata data = { 0, 0, 0, 0, AFSCALL_PIOCTL }; - data.param1 = (unsigned long)a_path; - data.param2 = (unsigned long)o_opcode; - data.param3 = (unsigned long)a_paramsP; - data.param4 = (unsigned long)a_followSymlinks; - return do_ioctl(&data); - } - case MACOS_DEV_POINT: { - struct devdata data = { AFSCALL_PIOCTL, 0, 0, 0, 0, 0, 0, 0 }; - int ret; - - data.param1 = (unsigned long)a_path; - data.param2 = (unsigned long)o_opcode; - data.param3 = (unsigned long)a_paramsP; - data.param4 = (unsigned long)a_followSymlinks; - - ret = do_ioctl(&data); - if (ret) - return ret; - - return data.retval; - } -#ifdef _AIX - case AIX_ENTRY_POINTS: - return Pioctl(a_path, o_opcode, a_paramsP, a_followSymlinks); -#endif - } - errno = ENOSYS; -#ifdef SIGSYS - kill(getpid(), SIGSYS); /* You lose! */ -#endif -#endif /* NO_AFS */ - return -1; -} - -int -k_afs_cell_of_file(const char *path, char *cell, int len) -{ - struct ViceIoctl parms; - parms.in = NULL; - parms.in_size = 0; - parms.out = cell; - parms.out_size = len; - return k_pioctl(rk_UNCONST(path), VIOC_FILE_CELL_NAME, &parms, 1); -} - -int -k_unlog(void) -{ - struct ViceIoctl parms; - memset(&parms, 0, sizeof(parms)); - return k_pioctl(0, VIOCUNLOG, &parms, 0); -} - -int -k_setpag(void) -{ -#ifndef NO_AFS - switch(afs_entry_point){ -#if defined(AFS_SYSCALL) || defined(AFS_SYSCALL2) || defined(AFS_SYSCALL3) - case SINGLE_ENTRY_POINT: - case SINGLE_ENTRY_POINT2: - case SINGLE_ENTRY_POINT3: - return syscall(afs_syscalls[0], AFSCALL_SETPAG); -#endif -#if defined(AFS_PIOCTL) - case MULTIPLE_ENTRY_POINT: - return syscall(afs_syscalls[1]); -#endif - case LINUX_PROC_POINT: { - struct procdata data = { 0, 0, 0, 0, AFSCALL_SETPAG }; - return do_ioctl(&data); - } - case MACOS_DEV_POINT: { - struct devdata data = { AFSCALL_SETPAG, 0, 0, 0, 0, 0, 0, 0 }; - int ret = do_ioctl(&data); - if (ret) - return ret; - return data.retval; - } -#ifdef _AIX - case AIX_ENTRY_POINTS: - return Setpag(); -#endif - } - - errno = ENOSYS; -#ifdef SIGSYS - kill(getpid(), SIGSYS); /* You lose! */ -#endif -#endif /* NO_AFS */ - return -1; -} - -static jmp_buf catch_SIGSYS; - -#ifdef SIGSYS - -static RETSIGTYPE -SIGSYS_handler(int sig) -{ - errno = 0; - signal(SIGSYS, SIGSYS_handler); /* Need to reinstall handler on SYSV */ - longjmp(catch_SIGSYS, 1); -} - -#endif - -/* - * Try to see if `syscall' is a pioctl. Return 0 iff succesful. - */ - -#if defined(AFS_SYSCALL) || defined(AFS_SYSCALL2) || defined(AFS_SYSCALL3) -static int -try_one (int syscall_num) -{ - struct ViceIoctl parms; - memset(&parms, 0, sizeof(parms)); - - if (setjmp(catch_SIGSYS) == 0) { - syscall(syscall_num, AFSCALL_PIOCTL, - 0, VIOCSETTOK, &parms, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); - if (errno == EINVAL) { - afs_entry_point = SINGLE_ENTRY_POINT; - afs_syscalls[0] = syscall_num; - return 0; - } - } - return 1; -} -#endif - -/* - * Try to see if `syscall_pioctl' is a pioctl syscall. Return 0 iff - * succesful. - * - */ - -#ifdef AFS_PIOCTL -static int -try_two (int syscall_pioctl, int syscall_setpag) -{ - struct ViceIoctl parms; - memset(&parms, 0, sizeof(parms)); - - if (setjmp(catch_SIGSYS) == 0) { - syscall(syscall_pioctl, - 0, VIOCSETTOK, &parms, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); - if (errno == EINVAL) { - afs_entry_point = MULTIPLE_ENTRY_POINT; - afs_syscalls[0] = syscall_pioctl; - afs_syscalls[1] = syscall_setpag; - return 0; - } - } - return 1; -} -#endif - -int -k_hasafs(void) -{ -#if !defined(NO_AFS) && defined(SIGSYS) - RETSIGTYPE (*saved_func)(int); -#endif - int saved_errno, ret; - char *env = NULL; - - if (!issuid()) - env = getenv ("AFS_SYSCALL"); - - /* - * Already checked presence of AFS syscalls? - */ - if (afs_entry_point != UNKNOWN_ENTRY_POINT) - return afs_entry_point != NO_ENTRY_POINT; - - /* - * Probe kernel for AFS specific syscalls, - * they (currently) come in two flavors. - * If the syscall is absent we recive a SIGSYS. - */ - afs_entry_point = NO_ENTRY_POINT; - - saved_errno = errno; -#ifndef NO_AFS -#ifdef SIGSYS - saved_func = signal(SIGSYS, SIGSYS_handler); -#endif - if (env && strstr(env, "..") == NULL) { - - if (strncmp("/proc/", env, 6) == 0) { - if (try_ioctlpath(env, VIOC_SYSCALL_PROC, LINUX_PROC_POINT) == 0) - goto done; - } - if (strncmp("/dev/", env, 5) == 0) { - if (try_ioctlpath(env, VIOC_SYSCALL_DEV, MACOS_DEV_POINT) == 0) - goto done; - if (try_ioctlpath(env,VIOC_SYSCALL_DEV_OPENAFS,MACOS_DEV_POINT) ==0) - goto done; - } - } - - ret = try_ioctlpath("/proc/fs/openafs/afs_ioctl", - VIOC_SYSCALL_PROC, LINUX_PROC_POINT); - if (ret == 0) - goto done; - ret = try_ioctlpath("/proc/fs/nnpfs/afs_ioctl", - VIOC_SYSCALL_PROC, LINUX_PROC_POINT); - if (ret == 0) - goto done; - - ret = try_ioctlpath("/dev/openafs_ioctl", - VIOC_SYSCALL_DEV_OPENAFS, MACOS_DEV_POINT); - if (ret == 0) - goto done; - ret = try_ioctlpath("/dev/nnpfs_ioctl", VIOC_SYSCALL_DEV, MACOS_DEV_POINT); - if (ret == 0) - goto done; - -#if defined(AFS_SYSCALL) || defined(AFS_SYSCALL2) || defined(AFS_SYSCALL3) - { - int tmp; - - if (env != NULL) { - if (sscanf (env, "%d", &tmp) == 1) { - if (try_one (tmp) == 0) - goto done; - } else { - char *end = NULL; - char *p; - char *s = strdup (env); - - if (s != NULL) { - for (p = strtok_r (s, ",", &end); - p != NULL; - p = strtok_r (NULL, ",", &end)) { - if (map_syscall_name_to_number (p, &tmp) == 0) - if (try_one (tmp) == 0) { - free (s); - goto done; - } - } - free (s); - } - } - } - } -#endif /* AFS_SYSCALL || AFS_SYSCALL2 || AFS_SYSCALL3 */ - -#ifdef AFS_SYSCALL - if (try_one (AFS_SYSCALL) == 0) - goto done; -#endif /* AFS_SYSCALL */ - -#ifdef AFS_PIOCTL - { - int tmp[2]; - - if (env != NULL && sscanf (env, "%d%d", &tmp[0], &tmp[1]) == 2) - if (try_two (tmp[0], tmp[1]) == 2) - goto done; - } -#endif /* AFS_PIOCTL */ - -#ifdef AFS_PIOCTL - if (try_two (AFS_PIOCTL, AFS_SETPAG) == 0) - goto done; -#endif /* AFS_PIOCTL */ - -#ifdef AFS_SYSCALL2 - if (try_one (AFS_SYSCALL2) == 0) - goto done; -#endif /* AFS_SYSCALL2 */ - -#ifdef AFS_SYSCALL3 - if (try_one (AFS_SYSCALL3) == 0) - goto done; -#endif /* AFS_SYSCALL3 */ - -#ifdef _AIX -#if 0 - if (env != NULL) { - char *pos = NULL; - char *pioctl_name; - char *setpag_name; - - pioctl_name = strtok_r (env, ", \t", &pos); - if (pioctl_name != NULL) { - setpag_name = strtok_r (NULL, ", \t", &pos); - if (setpag_name != NULL) - if (try_aix (pioctl_name, setpag_name) == 0) - goto done; - } - } -#endif - - if(try_aix() == 0) - goto done; -#endif - - -done: -#ifdef SIGSYS - signal(SIGSYS, saved_func); -#endif -#endif /* NO_AFS */ - errno = saved_errno; - return afs_entry_point != NO_ENTRY_POINT; -} - -int -k_hasafs_recheck(void) -{ - afs_entry_point = UNKNOWN_ENTRY_POINT; - return k_hasafs(); -} diff --git a/crypto/heimdal/lib/kafs/afssysdefs.h b/crypto/heimdal/lib/kafs/afssysdefs.h deleted file mode 100644 index dd52a214bee0..000000000000 --- a/crypto/heimdal/lib/kafs/afssysdefs.h +++ /dev/null @@ -1,113 +0,0 @@ -/* - * Copyright (c) 1995 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: afssysdefs.h 14102 2004-08-09 13:41:32Z lha $ */ - -/* - * This section is for machines using single entry point AFS syscalls! - * and/or - * This section is for machines using multiple entry point AFS syscalls! - * - * SunOS 4 is an example of single entry point and sgi of multiple - * entry point syscalls. - */ - -#if SunOS == 40 -#define AFS_SYSCALL 31 -#endif - -#if SunOS >= 50 && SunOS < 57 -#define AFS_SYSCALL 105 -#endif - -#if SunOS == 57 -#define AFS_SYSCALL 73 -#endif - -#if SunOS >= 58 -#define AFS_SYSCALL 65 -#endif - -#if defined(__hpux) -#define AFS_SYSCALL 50 -#define AFS_SYSCALL2 49 -#define AFS_SYSCALL3 48 -#endif - -#if defined(_AIX) -/* _AIX is too weird */ -#endif - -#if defined(__sgi) -#define AFS_PIOCTL (64+1000) -#define AFS_SETPAG (65+1000) -#endif - -#if defined(__osf__) -#define AFS_SYSCALL 232 -#define AFS_SYSCALL2 258 -#endif - -#if defined(__ultrix) -#define AFS_SYSCALL 31 -#endif - -#if defined(__FreeBSD__) -#if __FreeBSD_version >= 500000 -#define AFS_SYSCALL 339 -#else -#define AFS_SYSCALL 210 -#endif -#endif /* __FreeBSD__ */ - -#ifdef __DragonFly__ -#ifndef AFS_SYSCALL -#define AFS_SYSCALL 339 -#endif -#endif - -#ifdef __OpenBSD__ -#define AFS_SYSCALL 208 -#endif - -#if defined(__NetBSD__) -#define AFS_SYSCALL 210 -#endif - -#ifdef __APPLE__ /* MacOS X */ -#define AFS_SYSCALL 230 -#endif - -#ifdef SYS_afs_syscall -#define AFS_SYSCALL3 SYS_afs_syscall -#endif diff --git a/crypto/heimdal/lib/kafs/common.c b/crypto/heimdal/lib/kafs/common.c deleted file mode 100644 index 3466d950d74e..000000000000 --- a/crypto/heimdal/lib/kafs/common.c +++ /dev/null @@ -1,492 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kafs_locl.h" - -RCSID("$Id: common.c 15461 2005-06-16 22:52:33Z lha $"); - -#define AUTH_SUPERUSER "afs" - -/* - * Here only ASCII characters are relevant. - */ - -#define IsAsciiLower(c) ('a' <= (c) && (c) <= 'z') - -#define ToAsciiUpper(c) ((c) - 'a' + 'A') - -static void (*kafs_verbose)(void *, const char *); -static void *kafs_verbose_ctx; - -void -_kafs_foldup(char *a, const char *b) -{ - for (; *b; a++, b++) - if (IsAsciiLower(*b)) - *a = ToAsciiUpper(*b); - else - *a = *b; - *a = '\0'; -} - -void -kafs_set_verbose(void (*f)(void *, const char *), void *ctx) -{ - if (f) { - kafs_verbose = f; - kafs_verbose_ctx = ctx; - } -} - -int -kafs_settoken_rxkad(const char *cell, struct ClearToken *ct, - void *ticket, size_t ticket_len) -{ - struct ViceIoctl parms; - char buf[2048], *t; - int32_t sizeof_x; - - t = buf; - /* - * length of secret token followed by secret token - */ - sizeof_x = ticket_len; - memcpy(t, &sizeof_x, sizeof(sizeof_x)); - t += sizeof(sizeof_x); - memcpy(t, ticket, sizeof_x); - t += sizeof_x; - /* - * length of clear token followed by clear token - */ - sizeof_x = sizeof(*ct); - memcpy(t, &sizeof_x, sizeof(sizeof_x)); - t += sizeof(sizeof_x); - memcpy(t, ct, sizeof_x); - t += sizeof_x; - - /* - * do *not* mark as primary cell - */ - sizeof_x = 0; - memcpy(t, &sizeof_x, sizeof(sizeof_x)); - t += sizeof(sizeof_x); - /* - * follow with cell name - */ - sizeof_x = strlen(cell) + 1; - memcpy(t, cell, sizeof_x); - t += sizeof_x; - - /* - * Build argument block - */ - parms.in = buf; - parms.in_size = t - buf; - parms.out = 0; - parms.out_size = 0; - - return k_pioctl(0, VIOCSETTOK, &parms, 0); -} - -void -_kafs_fixup_viceid(struct ClearToken *ct, uid_t uid) -{ -#define ODD(x) ((x) & 1) - /* According to Transarc conventions ViceId is valid iff - * (EndTimestamp - BeginTimestamp) is odd. By decrementing EndTime - * the transformations: - * - * (issue_date, life) -> (StartTime, EndTime) -> (issue_date, life) - * preserves the original values. - */ - if (uid != 0) /* valid ViceId */ - { - if (!ODD(ct->EndTimestamp - ct->BeginTimestamp)) - ct->EndTimestamp--; - } - else /* not valid ViceId */ - { - if (ODD(ct->EndTimestamp - ct->BeginTimestamp)) - ct->EndTimestamp--; - } -} - - -int -_kafs_v4_to_kt(CREDENTIALS *c, uid_t uid, struct kafs_token *kt) -{ - kt->ticket = NULL; - - if (c->ticket_st.length > MAX_KTXT_LEN) - return EINVAL; - - kt->ticket = malloc(c->ticket_st.length); - if (kt->ticket == NULL) - return ENOMEM; - kt->ticket_len = c->ticket_st.length; - memcpy(kt->ticket, c->ticket_st.dat, kt->ticket_len); - - /* - * Build a struct ClearToken - */ - kt->ct.AuthHandle = c->kvno; - memcpy (kt->ct.HandShakeKey, c->session, sizeof(c->session)); - kt->ct.ViceId = uid; - kt->ct.BeginTimestamp = c->issue_date; - kt->ct.EndTimestamp = krb_life_to_time(c->issue_date, c->lifetime); - - _kafs_fixup_viceid(&kt->ct, uid); - - return 0; -} - -/* Try to get a db-server for an AFS cell from a AFSDB record */ - -static int -dns_find_cell(const char *cell, char *dbserver, size_t len) -{ - struct dns_reply *r; - int ok = -1; - r = dns_lookup(cell, "afsdb"); - if(r){ - struct resource_record *rr = r->head; - while(rr){ - if(rr->type == T_AFSDB && rr->u.afsdb->preference == 1){ - strlcpy(dbserver, - rr->u.afsdb->domain, - len); - ok = 0; - break; - } - rr = rr->next; - } - dns_free_data(r); - } - return ok; -} - - -/* - * Try to find the cells we should try to klog to in "file". - */ -static void -find_cells(const char *file, char ***cells, int *idx) -{ - FILE *f; - char cell[64]; - int i; - int ind = *idx; - - f = fopen(file, "r"); - if (f == NULL) - return; - while (fgets(cell, sizeof(cell), f)) { - char *t; - t = cell + strlen(cell); - for (; t >= cell; t--) - if (*t == '\n' || *t == '\t' || *t == ' ') - *t = 0; - if (cell[0] == '\0' || cell[0] == '#') - continue; - for(i = 0; i < ind; i++) - if(strcmp((*cells)[i], cell) == 0) - break; - if(i == ind){ - char **tmp; - - tmp = realloc(*cells, (ind + 1) * sizeof(**cells)); - if (tmp == NULL) - break; - *cells = tmp; - (*cells)[ind] = strdup(cell); - if ((*cells)[ind] == NULL) - break; - ++ind; - } - } - fclose(f); - *idx = ind; -} - -/* - * Get tokens for all cells[] - */ -static int -afslog_cells(struct kafs_data *data, char **cells, int max, uid_t uid, - const char *homedir) -{ - int ret = 0; - int i; - for (i = 0; i < max; i++) { - int er = (*data->afslog_uid)(data, cells[i], 0, uid, homedir); - if (er) - ret = er; - } - return ret; -} - -int -_kafs_afslog_all_local_cells(struct kafs_data *data, - uid_t uid, const char *homedir) -{ - int ret; - char **cells = NULL; - int idx = 0; - - if (homedir == NULL) - homedir = getenv("HOME"); - if (homedir != NULL) { - char home[MaxPathLen]; - snprintf(home, sizeof(home), "%s/.TheseCells", homedir); - find_cells(home, &cells, &idx); - } - find_cells(_PATH_THESECELLS, &cells, &idx); - find_cells(_PATH_THISCELL, &cells, &idx); - find_cells(_PATH_ARLA_THESECELLS, &cells, &idx); - find_cells(_PATH_ARLA_THISCELL, &cells, &idx); - find_cells(_PATH_OPENAFS_DEBIAN_THESECELLS, &cells, &idx); - find_cells(_PATH_OPENAFS_DEBIAN_THISCELL, &cells, &idx); - find_cells(_PATH_OPENAFS_MACOSX_THESECELLS, &cells, &idx); - find_cells(_PATH_OPENAFS_MACOSX_THISCELL, &cells, &idx); - find_cells(_PATH_ARLA_DEBIAN_THESECELLS, &cells, &idx); - find_cells(_PATH_ARLA_DEBIAN_THISCELL, &cells, &idx); - find_cells(_PATH_ARLA_OPENBSD_THESECELLS, &cells, &idx); - find_cells(_PATH_ARLA_OPENBSD_THISCELL, &cells, &idx); - - ret = afslog_cells(data, cells, idx, uid, homedir); - while(idx > 0) - free(cells[--idx]); - free(cells); - return ret; -} - - -static int -file_find_cell(struct kafs_data *data, - const char *cell, char **realm, int exact) -{ - FILE *F; - char buf[1024]; - char *p; - int ret = -1; - - if ((F = fopen(_PATH_CELLSERVDB, "r")) - || (F = fopen(_PATH_ARLA_CELLSERVDB, "r")) - || (F = fopen(_PATH_OPENAFS_DEBIAN_CELLSERVDB, "r")) - || (F = fopen(_PATH_OPENAFS_MACOSX_CELLSERVDB, "r")) - || (F = fopen(_PATH_ARLA_DEBIAN_CELLSERVDB, "r"))) { - while (fgets(buf, sizeof(buf), F)) { - int cmp; - - if (buf[0] != '>') - continue; /* Not a cell name line, try next line */ - p = buf; - strsep(&p, " \t\n#"); - - if (exact) - cmp = strcmp(buf + 1, cell); - else - cmp = strncmp(buf + 1, cell, strlen(cell)); - - if (cmp == 0) { - /* - * We found the cell name we're looking for. - * Read next line on the form ip-address '#' hostname - */ - if (fgets(buf, sizeof(buf), F) == NULL) - break; /* Read failed, give up */ - p = strchr(buf, '#'); - if (p == NULL) - break; /* No '#', give up */ - p++; - if (buf[strlen(buf) - 1] == '\n') - buf[strlen(buf) - 1] = '\0'; - *realm = (*data->get_realm)(data, p); - if (*realm && **realm != '\0') - ret = 0; - break; /* Won't try any more */ - } - } - fclose(F); - } - return ret; -} - -/* Find the realm associated with cell. Do this by opening CellServDB - file and getting the realm-of-host for the first VL-server for the - cell. - - This does not work when the VL-server is living in one realm, but - the cell it is serving is living in another realm. - - Return 0 on success, -1 otherwise. - */ - -int -_kafs_realm_of_cell(struct kafs_data *data, - const char *cell, char **realm) -{ - char buf[1024]; - int ret; - - ret = file_find_cell(data, cell, realm, 1); - if (ret == 0) - return ret; - if (dns_find_cell(cell, buf, sizeof(buf)) == 0) { - *realm = (*data->get_realm)(data, buf); - if(*realm != NULL) - return 0; - } - return file_find_cell(data, cell, realm, 0); -} - -static int -_kafs_try_get_cred(struct kafs_data *data, const char *user, const char *cell, - const char *realm, uid_t uid, struct kafs_token *kt) -{ - int ret; - - ret = (*data->get_cred)(data, user, cell, realm, uid, kt); - if (kafs_verbose) { - char *str; - asprintf(&str, "%s tried afs%s%s@%s -> %d", - data->name, cell[0] == '\0' ? "" : "/", - cell, realm, ret); - (*kafs_verbose)(kafs_verbose_ctx, str); - free(str); - } - - return ret; -} - - -int -_kafs_get_cred(struct kafs_data *data, - const char *cell, - const char *realm_hint, - const char *realm, - uid_t uid, - struct kafs_token *kt) -{ - int ret = -1; - char *vl_realm; - char CELL[64]; - - /* We're about to find the realm that holds the key for afs in - * the specified cell. The problem is that null-instance - * afs-principals are common and that hitting the wrong realm might - * yield the wrong afs key. The following assumptions were made. - * - * Any realm passed to us is preferred. - * - * If there is a realm with the same name as the cell, it is most - * likely the correct realm to talk to. - * - * In most (maybe even all) cases the database servers of the cell - * will live in the realm we are looking for. - * - * Try the local realm, but if the previous cases fail, this is - * really a long shot. - * - */ - - /* comments on the ordering of these tests */ - - /* If the user passes a realm, she probably knows something we don't - * know and we should try afs@realm_hint. - */ - - if (realm_hint) { - ret = _kafs_try_get_cred(data, AUTH_SUPERUSER, - cell, realm_hint, uid, kt); - if (ret == 0) return 0; - ret = _kafs_try_get_cred(data, AUTH_SUPERUSER, - "", realm_hint, uid, kt); - if (ret == 0) return 0; - } - - _kafs_foldup(CELL, cell); - - /* - * If cell == realm we don't need no cross-cell authentication. - * Try afs@REALM. - */ - if (strcmp(CELL, realm) == 0) { - ret = _kafs_try_get_cred(data, AUTH_SUPERUSER, - "", realm, uid, kt); - if (ret == 0) return 0; - /* Try afs.cell@REALM below. */ - } - - /* - * If the AFS servers have a file /usr/afs/etc/krb.conf containing - * REALM we still don't have to resort to cross-cell authentication. - * Try afs.cell@REALM. - */ - ret = _kafs_try_get_cred(data, AUTH_SUPERUSER, - cell, realm, uid, kt); - if (ret == 0) return 0; - - /* - * We failed to get ``first class tickets'' for afs, - * fall back to cross-cell authentication. - * Try afs@CELL. - * Try afs.cell@CELL. - */ - ret = _kafs_try_get_cred(data, AUTH_SUPERUSER, - "", CELL, uid, kt); - if (ret == 0) return 0; - ret = _kafs_try_get_cred(data, AUTH_SUPERUSER, - cell, CELL, uid, kt); - if (ret == 0) return 0; - - /* - * Perhaps the cell doesn't correspond to any realm? - * Use realm of first volume location DB server. - * Try afs.cell@VL_REALM. - * Try afs@VL_REALM??? - */ - if (_kafs_realm_of_cell(data, cell, &vl_realm) == 0 - && strcmp(vl_realm, realm) != 0 - && strcmp(vl_realm, CELL) != 0) { - ret = _kafs_try_get_cred(data, AUTH_SUPERUSER, - cell, vl_realm, uid, kt); - if (ret) - ret = _kafs_try_get_cred(data, AUTH_SUPERUSER, - "", vl_realm, uid, kt); - free(vl_realm); - if (ret == 0) return 0; - } - - return ret; -} diff --git a/crypto/heimdal/lib/kafs/dlfcn.c b/crypto/heimdal/lib/kafs/dlfcn.c deleted file mode 100644 index 728cf5cdd768..000000000000 --- a/crypto/heimdal/lib/kafs/dlfcn.c +++ /dev/null @@ -1,581 +0,0 @@ -/* - * @(#)dlfcn.c 1.11 revision of 96/04/10 20:12:51 - * This is an unpublished work copyright (c) 1992 HELIOS Software GmbH - * 30159 Hannover, Germany - */ - -/* - * Changes marked with `--jwe' were made on April 7 1996 by John W. Eaton - * to support g++ and/or use with Octave. - */ - -/* - * This makes my life easier with Octave. --jwe - */ -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include -#include -#include -#include -#include "dlfcn.h" - -/* - * We simulate dlopen() et al. through a call to load. Because AIX has - * no call to find an exported symbol we read the loader section of the - * loaded module and build a list of exported symbols and their virtual - * address. - */ - -typedef struct { - char *name; /* the symbols's name */ - void *addr; /* its relocated virtual address */ -} Export, *ExportPtr; - -/* - * xlC uses the following structure to list its constructors and - * destructors. This is gleaned from the output of munch. - */ -typedef struct { - void (*init)(void); /* call static constructors */ - void (*term)(void); /* call static destructors */ -} Cdtor, *CdtorPtr; - -typedef void (*GccCDtorPtr)(void); - -/* - * The void * handle returned from dlopen is actually a ModulePtr. - */ -typedef struct Module { - struct Module *next; - char *name; /* module name for refcounting */ - int refCnt; /* the number of references */ - void *entry; /* entry point from load */ - struct dl_info *info; /* optional init/terminate functions */ - CdtorPtr cdtors; /* optional C++ constructors */ - GccCDtorPtr gcc_ctor; /* g++ constructors --jwe */ - GccCDtorPtr gcc_dtor; /* g++ destructors --jwe */ - int nExports; /* the number of exports found */ - ExportPtr exports; /* the array of exports */ -} Module, *ModulePtr; - -/* - * We keep a list of all loaded modules to be able to call the fini - * handlers and destructors at atexit() time. - */ -static ModulePtr modList; - -/* - * The last error from one of the dl* routines is kept in static - * variables here. Each error is returned only once to the caller. - */ -static char errbuf[BUFSIZ]; -static int errvalid; - -/* - * The `fixed' gcc header files on AIX 3.2.5 provide a prototype for - * strdup(). --jwe - */ -#ifndef HAVE_STRDUP -extern char *strdup(const char *); -#endif -static void caterr(char *); -static int readExports(ModulePtr); -static void terminate(void); -static void *findMain(void); - -void *dlopen(const char *path, int mode) -{ - ModulePtr mp; - static void *mainModule; - - /* - * Upon the first call register a terminate handler that will - * close all libraries. Also get a reference to the main module - * for use with loadbind. - */ - if (!mainModule) { - if ((mainModule = findMain()) == NULL) - return NULL; - atexit(terminate); - } - /* - * Scan the list of modules if we have the module already loaded. - */ - for (mp = modList; mp; mp = mp->next) - if (strcmp(mp->name, path) == 0) { - mp->refCnt++; - return mp; - } - if ((mp = (ModulePtr)calloc(1, sizeof(*mp))) == NULL) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), "calloc: %s", strerror(errno)); - return NULL; - } - if ((mp->name = strdup(path)) == NULL) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), "strdup: %s", strerror(errno)); - free(mp); - return NULL; - } - /* - * load should be declared load(const char *...). Thus we - * cast the path to a normal char *. Ugly. - */ - if ((mp->entry = (void *)load((char *)path, L_NOAUTODEFER, NULL)) == NULL) { - free(mp->name); - free(mp); - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "dlopen: %s: ", path); - /* - * If AIX says the file is not executable, the error - * can be further described by querying the loader about - * the last error. - */ - if (errno == ENOEXEC) { - char *tmp[BUFSIZ/sizeof(char *)]; - if (loadquery(L_GETMESSAGES, tmp, sizeof(tmp)) == -1) - strlcpy(errbuf, - strerror(errno), - sizeof(errbuf)); - else { - char **p; - for (p = tmp; *p; p++) - caterr(*p); - } - } else - strlcat(errbuf, - strerror(errno), - sizeof(errbuf)); - return NULL; - } - mp->refCnt = 1; - mp->next = modList; - modList = mp; - if (loadbind(0, mainModule, mp->entry) == -1) { - dlclose(mp); - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "loadbind: %s", strerror(errno)); - return NULL; - } - /* - * If the user wants global binding, loadbind against all other - * loaded modules. - */ - if (mode & RTLD_GLOBAL) { - ModulePtr mp1; - for (mp1 = mp->next; mp1; mp1 = mp1->next) - if (loadbind(0, mp1->entry, mp->entry) == -1) { - dlclose(mp); - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "loadbind: %s", - strerror(errno)); - return NULL; - } - } - if (readExports(mp) == -1) { - dlclose(mp); - return NULL; - } - /* - * If there is a dl_info structure, call the init function. - */ - if (mp->info = (struct dl_info *)dlsym(mp, "dl_info")) { - if (mp->info->init) - (*mp->info->init)(); - } else - errvalid = 0; - /* - * If the shared object was compiled using xlC we will need - * to call static constructors (and later on dlclose destructors). - */ - if (mp->cdtors = (CdtorPtr)dlsym(mp, "__cdtors")) { - CdtorPtr cp = mp->cdtors; - while (cp->init || cp->term) { - if (cp->init && cp->init != (void (*)(void))0xffffffff) - (*cp->init)(); - cp++; - } - /* - * If the shared object was compiled using g++, we will need - * to call global constructors using the _GLOBAL__DI function, - * and later, global destructors using the _GLOBAL_DD - * funciton. --jwe - */ - } else if (mp->gcc_ctor = (GccCDtorPtr)dlsym(mp, "_GLOBAL__DI")) { - (*mp->gcc_ctor)(); - mp->gcc_dtor = (GccCDtorPtr)dlsym(mp, "_GLOBAL__DD"); - } else - errvalid = 0; - return mp; -} - -/* - * Attempt to decipher an AIX loader error message and append it - * to our static error message buffer. - */ -static void caterr(char *s) -{ - char *p = s; - - while (*p >= '0' && *p <= '9') - p++; - switch(atoi(s)) { - case L_ERROR_TOOMANY: - strlcat(errbuf, "to many errors", sizeof(errbuf)); - break; - case L_ERROR_NOLIB: - strlcat(errbuf, "can't load library", sizeof(errbuf)); - strlcat(errbuf, p, sizeof(errbuf)); - break; - case L_ERROR_UNDEF: - strlcat(errbuf, "can't find symbol", sizeof(errbuf)); - strlcat(errbuf, p, sizeof(errbuf)); - break; - case L_ERROR_RLDBAD: - strlcat(errbuf, "bad RLD", sizeof(errbuf)); - strlcat(errbuf, p, sizeof(errbuf)); - break; - case L_ERROR_FORMAT: - strlcat(errbuf, "bad exec format in", sizeof(errbuf)); - strlcat(errbuf, p, sizeof(errbuf)); - break; - case L_ERROR_ERRNO: - strlcat(errbuf, strerror(atoi(++p)), sizeof(errbuf)); - break; - default: - strlcat(errbuf, s, sizeof(errbuf)); - break; - } -} - -void *dlsym(void *handle, const char *symbol) -{ - ModulePtr mp = (ModulePtr)handle; - ExportPtr ep; - int i; - - /* - * Could speed up the search, but I assume that one assigns - * the result to function pointers anyways. - */ - for (ep = mp->exports, i = mp->nExports; i; i--, ep++) - if (strcmp(ep->name, symbol) == 0) - return ep->addr; - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "dlsym: undefined symbol %s", symbol); - return NULL; -} - -char *dlerror(void) -{ - if (errvalid) { - errvalid = 0; - return errbuf; - } - return NULL; -} - -int dlclose(void *handle) -{ - ModulePtr mp = (ModulePtr)handle; - int result; - ModulePtr mp1; - - if (--mp->refCnt > 0) - return 0; - if (mp->info && mp->info->fini) - (*mp->info->fini)(); - if (mp->cdtors) { - CdtorPtr cp = mp->cdtors; - while (cp->init || cp->term) { - if (cp->term && cp->init != (void (*)(void))0xffffffff) - (*cp->term)(); - cp++; - } - /* - * If the function to handle global destructors for g++ - * exists, call it. --jwe - */ - } else if (mp->gcc_dtor) { - (*mp->gcc_dtor)(); - } - result = unload(mp->entry); - if (result == -1) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "%s", strerror(errno)); - } - if (mp->exports) { - ExportPtr ep; - int i; - for (ep = mp->exports, i = mp->nExports; i; i--, ep++) - if (ep->name) - free(ep->name); - free(mp->exports); - } - if (mp == modList) - modList = mp->next; - else { - for (mp1 = modList; mp1; mp1 = mp1->next) - if (mp1->next == mp) { - mp1->next = mp->next; - break; - } - } - free(mp->name); - free(mp); - return result; -} - -static void terminate(void) -{ - while (modList) - dlclose(modList); -} - -/* - * Build the export table from the XCOFF .loader section. - */ -static int readExports(ModulePtr mp) -{ - LDFILE *ldp = NULL; - SCNHDR sh, shdata; - LDHDR *lhp; - char *ldbuf; - LDSYM *ls; - int i; - ExportPtr ep; - - if ((ldp = ldopen(mp->name, ldp)) == NULL) { - struct ld_info *lp; - char *buf; - int size = 4*1024; - if (errno != ENOENT) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: %s", - strerror(errno)); - return -1; - } - /* - * The module might be loaded due to the LIBPATH - * environment variable. Search for the loaded - * module using L_GETINFO. - */ - if ((buf = malloc(size)) == NULL) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: %s", - strerror(errno)); - return -1; - } - while ((i = loadquery(L_GETINFO, buf, size)) == -1 && errno == ENOMEM) { - free(buf); - size += 4*1024; - if ((buf = malloc(size)) == NULL) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: %s", - strerror(errno)); - return -1; - } - } - if (i == -1) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: %s", - strerror(errno)); - free(buf); - return -1; - } - /* - * Traverse the list of loaded modules. The entry point - * returned by load() does actually point to the data - * segment origin. - */ - lp = (struct ld_info *)buf; - while (lp) { - if (lp->ldinfo_dataorg == mp->entry) { - ldp = ldopen(lp->ldinfo_filename, ldp); - break; - } - if (lp->ldinfo_next == 0) - lp = NULL; - else - lp = (struct ld_info *)((char *)lp + lp->ldinfo_next); - } - free(buf); - if (!ldp) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "readExports: %s", strerror(errno)); - return -1; - } - } - if (TYPE(ldp) != U802TOCMAGIC) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), "readExports: bad magic"); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - /* - * Get the padding for the data section. This is needed for - * AIX 4.1 compilers. This is used when building the final - * function pointer to the exported symbol. - */ - if (ldnshread(ldp, _DATA, &shdata) != SUCCESS) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: cannot read data section header"); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - if (ldnshread(ldp, _LOADER, &sh) != SUCCESS) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: cannot read loader section header"); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - /* - * We read the complete loader section in one chunk, this makes - * finding long symbol names residing in the string table easier. - */ - if ((ldbuf = (char *)malloc(sh.s_size)) == NULL) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "readExports: %s", strerror(errno)); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - if (FSEEK(ldp, sh.s_scnptr, BEGINNING) != OKFSEEK) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: cannot seek to loader section"); - free(ldbuf); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - if (FREAD(ldbuf, sh.s_size, 1, ldp) != 1) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: cannot read loader section"); - free(ldbuf); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - lhp = (LDHDR *)ldbuf; - ls = (LDSYM *)(ldbuf+LDHDRSZ); - /* - * Count the number of exports to include in our export table. - */ - for (i = lhp->l_nsyms; i; i--, ls++) { - if (!LDR_EXPORT(*ls)) - continue; - mp->nExports++; - } - if ((mp->exports = (ExportPtr)calloc(mp->nExports, sizeof(*mp->exports))) == NULL) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "readExports: %s", strerror(errno)); - free(ldbuf); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - /* - * Fill in the export table. All entries are relative to - * the entry point we got from load. - */ - ep = mp->exports; - ls = (LDSYM *)(ldbuf+LDHDRSZ); - for (i = lhp->l_nsyms; i; i--, ls++) { - char *symname; - char tmpsym[SYMNMLEN+1]; - if (!LDR_EXPORT(*ls)) - continue; - if (ls->l_zeroes == 0) - symname = ls->l_offset+lhp->l_stoff+ldbuf; - else { - /* - * The l_name member is not zero terminated, we - * must copy the first SYMNMLEN chars and make - * sure we have a zero byte at the end. - */ - strlcpy (tmpsym, ls->l_name, - SYMNMLEN + 1); - symname = tmpsym; - } - ep->name = strdup(symname); - ep->addr = (void *)((unsigned long)mp->entry + - ls->l_value - shdata.s_vaddr); - ep++; - } - free(ldbuf); - while(ldclose(ldp) == FAILURE) - ; - return 0; -} - -/* - * Find the main modules entry point. This is used as export pointer - * for loadbind() to be able to resolve references to the main part. - */ -static void * findMain(void) -{ - struct ld_info *lp; - char *buf; - int size = 4*1024; - int i; - void *ret; - - if ((buf = malloc(size)) == NULL) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "findMail: %s", strerror(errno)); - return NULL; - } - while ((i = loadquery(L_GETINFO, buf, size)) == -1 && errno == ENOMEM) { - free(buf); - size += 4*1024; - if ((buf = malloc(size)) == NULL) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "findMail: %s", strerror(errno)); - return NULL; - } - } - if (i == -1) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "findMail: %s", strerror(errno)); - free(buf); - return NULL; - } - /* - * The first entry is the main module. The entry point - * returned by load() does actually point to the data - * segment origin. - */ - lp = (struct ld_info *)buf; - ret = lp->ldinfo_dataorg; - free(buf); - return ret; -} diff --git a/crypto/heimdal/lib/kafs/dlfcn.h b/crypto/heimdal/lib/kafs/dlfcn.h deleted file mode 100644 index b8dfd985a535..000000000000 --- a/crypto/heimdal/lib/kafs/dlfcn.h +++ /dev/null @@ -1,46 +0,0 @@ -/* - * @(#)dlfcn.h 1.4 revision of 95/04/25 09:36:52 - * This is an unpublished work copyright (c) 1992 HELIOS Software GmbH - * 30159 Hannover, Germany - */ - -#ifndef __dlfcn_h__ -#define __dlfcn_h__ - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * Mode flags for the dlopen routine. - */ -#define RTLD_LAZY 1 /* lazy function call binding */ -#define RTLD_NOW 2 /* immediate function call binding */ -#define RTLD_GLOBAL 0x100 /* allow symbols to be global */ - -/* - * To be able to initialize, a library may provide a dl_info structure - * that contains functions to be called to initialize and terminate. - */ -struct dl_info { - void (*init)(void); - void (*fini)(void); -}; - -#if __STDC__ || defined(_IBMR2) -void *dlopen(const char *path, int mode); -void *dlsym(void *handle, const char *symbol); -char *dlerror(void); -int dlclose(void *handle); -#else -void *dlopen(); -void *dlsym(); -char *dlerror(); -int dlclose(); -#endif - -#ifdef __cplusplus -} -#endif - -#endif /* __dlfcn_h__ */ diff --git a/crypto/heimdal/lib/kafs/kafs.3 b/crypto/heimdal/lib/kafs/kafs.3 deleted file mode 100644 index cd5b1fd5a070..000000000000 --- a/crypto/heimdal/lib/kafs/kafs.3 +++ /dev/null @@ -1,284 +0,0 @@ -.\" Copyright (c) 1998 - 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kafs.3 17380 2006-05-01 07:01:18Z lha $ -.\" -.Dd May 1, 2006 -.Os HEIMDAL -.Dt KAFS 3 -.Sh NAME -.Nm k_hasafs , -.Nm k_hasafs_recheck , -.Nm k_pioctl , -.Nm k_unlog , -.Nm k_setpag , -.Nm k_afs_cell_of_file , -.Nm kafs_set_verbose , -.Nm kafs_settoken_rxkad , -.Nm kafs_settoken , -.Nm krb_afslog , -.Nm krb_afslog_uid , -.Nm kafs_settoken5 , -.Nm krb5_afslog , -.Nm krb5_afslog_uid -.Nd AFS library -.Sh LIBRARY -AFS cache manager access library (libkafs, -lkafs) -.Sh SYNOPSIS -.In kafs.h -.Ft int -.Fn k_afs_cell_of_file "const char *path" "char *cell" "int len" -.Ft int -.Fn k_hasafs "void" -.Ft int -.Fn k_hasafs_recheck "void" -.Ft int -.Fn k_pioctl "char *a_path" "int o_opcode" "struct ViceIoctl *a_paramsP" "int a_followSymlinks" -.Ft int -.Fn k_setpag "void" -.Ft int -.Fn k_unlog "void" -.Ft void -.Fn kafs_set_verbose "void (*func)(void *, const char *, int)" "void *" -.Ft int -.Fn kafs_settoken_rxkad "const char *cell" "struct ClearToken *token" "void *ticket" "size_t ticket_len" -.Ft int -.Fn kafs_settoken "const char *cell" "uid_t uid" "CREDENTIALS *c" -.Fn krb_afslog "char *cell" "char *realm" -.Ft int -.Fn krb_afslog_uid "char *cell" "char *realm" "uid_t uid" -.Ft krb5_error_code -.Fn krb5_afslog_uid "krb5_context context" "krb5_ccache id" "const char *cell" "krb5_const_realm realm" "uid_t uid" -.Ft int -.Fn kafs_settoken5 "const char *cell" "uid_t uid" "krb5_creds *c" -.Ft krb5_error_code -.Fn krb5_afslog "krb5_context context" "krb5_ccache id" "const char *cell" "krb5_const_realm realm" -.Sh DESCRIPTION -.Fn k_hasafs -initializes some library internal structures, and tests for the -presence of AFS in the kernel, none of the other functions should be -called before -.Fn k_hasafs -is called, or if it fails. -.Pp -.Fn k_hasafs_recheck -forces a recheck if a AFS client has started since last time -.Fn k_hasafs -or -.Fn k_hasafs_recheck -was called. -.Pp -.Fn kafs_set_verbose -set a log function that will be called each time the kafs library does -something important so that the application using libkafs can output -verbose logging. -Calling the function -.Fa kafs_set_verbose -with the function argument set to -.Dv NULL -will stop libkafs from calling the logging function (if set). -.Pp -.Fn kafs_settoken_rxkad -set -.Li rxkad -with the -.Fa token -and -.Fa ticket -(that have the length -.Fa ticket_len ) -for a given -.Fa cell . -.Pp -.Fn kafs_settoken -and -.Fn kafs_settoken5 -work the same way as -.Fn kafs_settoken_rxkad -but internally converts the Kerberos 4 or 5 credential to a afs -cleartoken and ticket. -.Pp -.Fn krb_afslog , -and -.Fn krb_afslog_uid -obtains new tokens (and possibly tickets) for the specified -.Fa cell -and -.Fa realm . -If -.Fa cell -is -.Dv NULL , -the local cell is used. If -.Fa realm -is -.Dv NULL , -the function tries to guess what realm to use. Unless you have some good knowledge of what cell or realm to use, you should pass -.Dv NULL . -.Fn krb_afslog -will use the real user-id for the -.Dv ViceId -field in the token, -.Fn krb_afslog_uid -will use -.Fa uid . -.Pp -.Fn krb5_afslog , -and -.Fn krb5_afslog_uid -are the Kerberos 5 equivalents of -.Fn krb_afslog , -and -.Fn krb_afslog_uid . -.Pp -.Fn krb5_afslog , -.Fn kafs_settoken5 -can be configured to behave differently via a -.Nm krb5_appdefault -option -.Li afs-use-524 -in -.Pa krb5.conf . -Possible values for -.Li afs-use-524 -are: -.Bl -tag -width local -.It yes -use the 524 server in the realm to convert the ticket -.It no -use the Kerberos 5 ticket directly, can be used with if the afs cell -support 2b token. -.It local, 2b -convert the Kerberos 5 credential to a 2b token locally (the same work -as a 2b 524 server should have done). -.El -.Pp -Example: -.Pp -.Bd -literal -[appdefaults] - SU.SE = { afs-use-524 = local } - PDC.KTH.SE = { afs-use-524 = yes } - afs-use-524 = yes -.Ed -.Pp -libkafs will use the -.Li libkafs -as application name when running the -.Nm krb5_appdefault -function call. -.Pp -The (uppercased) cell name is used as the realm to the -.Nm krb5_appdefault function. -.Pp -.\" The extra arguments are the ubiquitous context, and the cache id where -.\" to store any obtained tickets. Since AFS servers normally can't handle -.\" Kerberos 5 tickets directly, these functions will first obtain version -.\" 5 tickets for the requested cells, and then convert them to version 4 -.\" tickets, that can be stashed in the kernel. To convert tickets the -.\" .Fn krb524_convert_creds_kdc -.\" function will be used. -.\" .Pp -.Fn k_afs_cell_of_file -will in -.Fa cell -return the cell of a specified file, no more than -.Fa len -characters is put in -.Fa cell . -.Pp -.Fn k_pioctl -does a -.Fn pioctl -system call with the specified arguments. This function is equivalent to -.Fn lpioctl . -.Pp -.Fn k_setpag -initializes a new PAG. -.Pp -.Fn k_unlog -removes destroys all tokens in the current PAG. -.Sh RETURN VALUES -.Fn k_hasafs -returns 1 if AFS is present in the kernel, 0 otherwise. -.Fn krb_afslog -and -.Fn krb_afslog_uid -returns 0 on success, or a Kerberos error number on failure. -.Fn k_afs_cell_of_file , -.Fn k_pioctl , -.Fn k_setpag , -and -.Fn k_unlog -all return the value of the underlaying system call, 0 on success. -.Sh ENVIRONMENT -The following environment variable affect the mode of operation of -.Nm kafs : -.Bl -tag -width AFS_SYSCALL -.It Ev AFS_SYSCALL -Normally, -.Nm kafs -will try to figure out the correct system call(s) that are used by AFS -by itself. If it does not manage to do that, or does it incorrectly, -you can set this variable to the system call number or list of system -call numbers that should be used. -.El -.Sh EXAMPLES -The following code from -.Nm login -will obtain a new PAG and tokens for the local cell and the cell of -the users home directory. -.Bd -literal -if (k_hasafs()) { - char cell[64]; - k_setpag(); - if(k_afs_cell_of_file(pwd->pw_dir, cell, sizeof(cell)) == 0) - krb_afslog(cell, NULL); - krb_afslog(NULL, NULL); -} -.Ed -.Sh ERRORS -If any of these functions (apart from -.Fn k_hasafs ) -is called without AFS being present in the kernel, the process will -usually (depending on the operating system) receive a SIGSYS signal. -.Sh SEE ALSO -.Xr krb5_appdefault 3 , -.Xr krb5.conf 5 -.Rs -.%A Transarc Corporation -.%J AFS-3 Programmer's Reference -.%T File Server/Cache Manager Interface -.%D 1991 -.Re -.Sh BUGS -.Ev AFS_SYSCALL -has no effect under AIX. diff --git a/crypto/heimdal/lib/kafs/kafs.h b/crypto/heimdal/lib/kafs/kafs.h deleted file mode 100644 index d478039693e8..000000000000 --- a/crypto/heimdal/lib/kafs/kafs.h +++ /dev/null @@ -1,213 +0,0 @@ -/* - * Copyright (c) 1995 - 2001, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: kafs.h 20652 2007-05-10 19:30:18Z lha $ */ - -#ifndef __KAFS_H -#define __KAFS_H - -/* XXX must include krb5.h or krb.h */ - -/* sys/ioctl.h must be included manually before kafs.h */ - -/* - */ -#define AFSCALL_PIOCTL 20 -#define AFSCALL_SETPAG 21 - -#ifndef _VICEIOCTL -#define _VICEIOCTL(id) ((unsigned int ) _IOW('V', id, struct ViceIoctl)) -#define _AFSCIOCTL(id) ((unsigned int ) _IOW('C', id, struct ViceIoctl)) -#endif /* _VICEIOCTL */ - -#define VIOCSETAL _VICEIOCTL(1) -#define VIOCGETAL _VICEIOCTL(2) -#define VIOCSETTOK _VICEIOCTL(3) -#define VIOCGETVOLSTAT _VICEIOCTL(4) -#define VIOCSETVOLSTAT _VICEIOCTL(5) -#define VIOCFLUSH _VICEIOCTL(6) -#define VIOCGETTOK _VICEIOCTL(8) -#define VIOCUNLOG _VICEIOCTL(9) -#define VIOCCKSERV _VICEIOCTL(10) -#define VIOCCKBACK _VICEIOCTL(11) -#define VIOCCKCONN _VICEIOCTL(12) -#define VIOCWHEREIS _VICEIOCTL(14) -#define VIOCACCESS _VICEIOCTL(20) -#define VIOCUNPAG _VICEIOCTL(21) -#define VIOCGETFID _VICEIOCTL(22) -#define VIOCSETCACHESIZE _VICEIOCTL(24) -#define VIOCFLUSHCB _VICEIOCTL(25) -#define VIOCNEWCELL _VICEIOCTL(26) -#define VIOCGETCELL _VICEIOCTL(27) -#define VIOC_AFS_DELETE_MT_PT _VICEIOCTL(28) -#define VIOC_AFS_STAT_MT_PT _VICEIOCTL(29) -#define VIOC_FILE_CELL_NAME _VICEIOCTL(30) -#define VIOC_GET_WS_CELL _VICEIOCTL(31) -#define VIOC_AFS_MARINER_HOST _VICEIOCTL(32) -#define VIOC_GET_PRIMARY_CELL _VICEIOCTL(33) -#define VIOC_VENUSLOG _VICEIOCTL(34) -#define VIOC_GETCELLSTATUS _VICEIOCTL(35) -#define VIOC_SETCELLSTATUS _VICEIOCTL(36) -#define VIOC_FLUSHVOLUME _VICEIOCTL(37) -#define VIOC_AFS_SYSNAME _VICEIOCTL(38) -#define VIOC_EXPORTAFS _VICEIOCTL(39) -#define VIOCGETCACHEPARAMS _VICEIOCTL(40) -#define VIOC_GCPAGS _VICEIOCTL(48) - -#define VIOCGETTOK2 _AFSCIOCTL(7) -#define VIOCSETTOK2 _AFSCIOCTL(8) - -struct ViceIoctl { - caddr_t in, out; - short in_size; - short out_size; -}; - -struct ClearToken { - int32_t AuthHandle; - char HandShakeKey[8]; - int32_t ViceId; - int32_t BeginTimestamp; - int32_t EndTimestamp; -}; - -/* Use k_hasafs() to probe if the machine supports AFS syscalls. - The other functions will generate a SIGSYS if AFS is not supported */ - -int k_hasafs (void); -int k_hasafs_recheck (void); - -int krb_afslog (const char *cell, const char *realm); -int krb_afslog_uid (const char *cell, const char *realm, uid_t uid); -int krb_afslog_home (const char *cell, const char *realm, - const char *homedir); -int krb_afslog_uid_home (const char *cell, const char *realm, uid_t uid, - const char *homedir); - -int krb_realm_of_cell (const char *cell, char **realm); - -/* compat */ -#define k_afsklog krb_afslog -#define k_afsklog_uid krb_afslog_uid - -int k_pioctl (char *a_path, - int o_opcode, - struct ViceIoctl *a_paramsP, - int a_followSymlinks); -int k_unlog (void); -int k_setpag (void); -int k_afs_cell_of_file (const char *path, char *cell, int len); - - - -/* XXX */ -#ifdef KFAILURE -#define KRB_H_INCLUDED -#endif - -#ifdef KRB5_RECVAUTH_IGNORE_VERSION -#define KRB5_H_INCLUDED -#endif - -void kafs_set_verbose (void (*kafs_verbose)(void *, const char *), void *); -int kafs_settoken_rxkad (const char *, struct ClearToken *, - void *ticket, size_t ticket_len); -#ifdef KRB_H_INCLUDED -int kafs_settoken (const char*, uid_t, CREDENTIALS*); -#endif -#ifdef KRB5_H_INCLUDED -int kafs_settoken5 (krb5_context, const char*, uid_t, krb5_creds*); -#endif - - -#ifdef KRB5_H_INCLUDED -krb5_error_code krb5_afslog_uid (krb5_context context, - krb5_ccache id, - const char *cell, - krb5_const_realm realm, - uid_t uid); -krb5_error_code krb5_afslog (krb5_context context, - krb5_ccache id, - const char *cell, - krb5_const_realm realm); -krb5_error_code krb5_afslog_uid_home (krb5_context context, - krb5_ccache id, - const char *cell, - krb5_const_realm realm, - uid_t uid, - const char *homedir); - -krb5_error_code krb5_afslog_home (krb5_context context, - krb5_ccache id, - const char *cell, - krb5_const_realm realm, - const char *homedir); - -krb5_error_code krb5_realm_of_cell (const char *cell, char **realm); - -#endif - - -#define _PATH_VICE "/usr/vice/etc/" -#define _PATH_THISCELL _PATH_VICE "ThisCell" -#define _PATH_CELLSERVDB _PATH_VICE "CellServDB" -#define _PATH_THESECELLS _PATH_VICE "TheseCells" - -#define _PATH_ARLA_VICE "/usr/arla/etc/" -#define _PATH_ARLA_THISCELL _PATH_ARLA_VICE "ThisCell" -#define _PATH_ARLA_CELLSERVDB _PATH_ARLA_VICE "CellServDB" -#define _PATH_ARLA_THESECELLS _PATH_ARLA_VICE "TheseCells" - -#define _PATH_OPENAFS_DEBIAN_VICE "/etc/openafs/" -#define _PATH_OPENAFS_DEBIAN_THISCELL _PATH_OPENAFS_DEBIAN_VICE "ThisCell" -#define _PATH_OPENAFS_DEBIAN_CELLSERVDB _PATH_OPENAFS_DEBIAN_VICE "CellServDB" -#define _PATH_OPENAFS_DEBIAN_THESECELLS _PATH_OPENAFS_DEBIAN_VICE "TheseCells" - -#define _PATH_OPENAFS_MACOSX_VICE "/var/db/openafs/etc/" -#define _PATH_OPENAFS_MACOSX_THISCELL _PATH_OPENAFS_MACOSX_VICE "ThisCell" -#define _PATH_OPENAFS_MACOSX_CELLSERVDB _PATH_OPENAFS_MACOSX_VICE "CellServDB" -#define _PATH_OPENAFS_MACOSX_THESECELLS _PATH_OPENAFS_MACOSX_VICE "TheseCells" - -#define _PATH_ARLA_DEBIAN_VICE "/etc/arla/" -#define _PATH_ARLA_DEBIAN_THISCELL _PATH_ARLA_DEBIAN_VICE "ThisCell" -#define _PATH_ARLA_DEBIAN_CELLSERVDB _PATH_ARLA_DEBIAN_VICE "CellServDB" -#define _PATH_ARLA_DEBIAN_THESECELLS _PATH_ARLA_DEBIAN_VICE "TheseCells" - -#define _PATH_ARLA_OPENBSD_VICE "/etc/afs/" -#define _PATH_ARLA_OPENBSD_THISCELL _PATH_ARLA_OPENBSD_VICE "ThisCell" -#define _PATH_ARLA_OPENBSD_CELLSERVDB _PATH_ARLA_OPENBSD_VICE "CellServDB" -#define _PATH_ARLA_OPENBSD_THESECELLS _PATH_ARLA_OPENBSD_VICE "TheseCells" - -extern int _kafs_debug; - -#endif /* __KAFS_H */ diff --git a/crypto/heimdal/lib/kafs/kafs_locl.h b/crypto/heimdal/lib/kafs/kafs_locl.h deleted file mode 100644 index a564104a2942..000000000000 --- a/crypto/heimdal/lib/kafs/kafs_locl.h +++ /dev/null @@ -1,160 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: kafs_locl.h 16116 2005-10-02 03:14:47Z lha $ */ - -#ifndef __KAFS_LOCL_H__ -#define __KAFS_LOCL_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include -#include - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 -#include -#endif -#ifdef HAVE_SYS_FILIO_H -#include -#endif -#ifdef HAVE_SYS_SYSCTL_H -#include -#endif - -#ifdef HAVE_SYS_SYSCALL_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif - -#ifdef HAVE_NETDB_H -#include -#endif - -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif -#include - -#ifdef KRB5 -#include -#endif -#ifdef KRB4 -#include -#else -#ifdef KRB5 -#include "crypto-headers.h" -#include -typedef struct credentials CREDENTIALS; -#endif /* KRB5 */ -#endif /* KRB4 */ -#include - -#include - -#include "afssysdefs.h" - -struct kafs_data; -struct kafs_token; -typedef int (*afslog_uid_func_t)(struct kafs_data *, - const char *, - const char *, - uid_t, - const char *); - -typedef int (*get_cred_func_t)(struct kafs_data*, const char*, const char*, - const char*, uid_t, struct kafs_token *); - -typedef char* (*get_realm_func_t)(struct kafs_data*, const char*); - -struct kafs_data { - const char *name; - afslog_uid_func_t afslog_uid; - get_cred_func_t get_cred; - get_realm_func_t get_realm; - void *data; -}; - -struct kafs_token { - struct ClearToken ct; - void *ticket; - size_t ticket_len; -}; - -void _kafs_foldup(char *, const char *); - -int _kafs_afslog_all_local_cells(struct kafs_data*, uid_t, const char*); - -int _kafs_get_cred(struct kafs_data*, const char*, const char*, const char *, - uid_t, struct kafs_token *); - -int -_kafs_realm_of_cell(struct kafs_data *, const char *, char **); - -int -_kafs_v4_to_kt(CREDENTIALS *, uid_t, struct kafs_token *); - -void -_kafs_fixup_viceid(struct ClearToken *, uid_t); - -#ifdef _AIX -int aix_pioctl(char*, int, struct ViceIoctl*, int); -int aix_setpag(void); -#endif - -#endif /* __KAFS_LOCL_H__ */ diff --git a/crypto/heimdal/lib/kafs/roken_rename.h b/crypto/heimdal/lib/kafs/roken_rename.h deleted file mode 100644 index 6eb61fa31898..000000000000 --- a/crypto/heimdal/lib/kafs/roken_rename.h +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Copyright (c) 2001-2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: roken_rename.h 15341 2005-06-02 07:35:45Z lha $ */ - -#ifndef __roken_rename_h__ -#define __roken_rename_h__ - -/* - * Libroken routines that are added libkafs - */ - -#define _resolve_debug _kafs_resolve_debug - -#define rk_dns_free_data _kafs_dns_free_data -#define rk_dns_lookup _kafs_dns_lookup -#define rk_dns_string_to_type _kafs_dns_string_to_type -#define rk_dns_type_to_string _kafs_dns_type_to_string -#define rk_dns_srv_order _kafs_dns_srv_order -#define rk_dns_make_query _kafs_dns_make_query -#define rk_dns_free_query _kafs_dns_free_query -#define rk_dns_parse_reply _kafs_dns_parse_reply - -#ifndef HAVE_STRTOK_R -#define strtok_r _kafs_strtok_r -#endif -#ifndef HAVE_STRLCPY -#define strlcpy _kafs_strlcpy -#endif -#ifndef HAVE_STRSEP -#define strsep _kafs_strsep -#endif - -#endif /* __roken_rename_h__ */ diff --git a/crypto/heimdal/lib/krb5/Makefile.am b/crypto/heimdal/lib/krb5/Makefile.am deleted file mode 100644 index ced9616e162c..000000000000 --- a/crypto/heimdal/lib/krb5/Makefile.am +++ /dev/null @@ -1,298 +0,0 @@ -# $Id: Makefile.am 22501 2008-01-21 15:43:21Z lha $ - -include $(top_srcdir)/Makefile.am.common - -AM_CPPFLAGS += $(INCLUDE_krb4) $(INCLUDE_hcrypto) -I../com_err -I$(srcdir)/../com_err - -bin_PROGRAMS = verify_krb5_conf - -noinst_PROGRAMS = \ - krbhst-test \ - test_alname \ - test_crypto \ - test_get_addrs \ - test_kuserok \ - test_renew \ - test_forward - -TESTS = \ - aes-test \ - derived-key-test \ - n-fold-test \ - name-45-test \ - parse-name-test \ - store-test \ - string-to-key-test \ - test_acl \ - test_addr \ - test_cc \ - test_config \ - test_prf \ - test_store \ - test_crypto_wrapping \ - test_keytab \ - test_mem \ - test_pac \ - test_plugin \ - test_princ \ - test_pkinit_dh2key \ - test_time - -check_PROGRAMS = $(TESTS) test_hostname - -LDADD = libkrb5.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) - -if PKINIT -LIB_pkinit = ../hx509/libhx509.la -endif - -libkrb5_la_LIBADD = \ - $(LIB_pkinit) \ - $(LIB_com_err) \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIBADD_roken) \ - $(LIB_door_create) \ - $(LIB_dlopen) - -lib_LTLIBRARIES = libkrb5.la - -ERR_FILES = krb5_err.c krb_err.c heim_err.c k524_err.c - -libkrb5_la_CPPFLAGS = -DBUILD_KRB5_LIB $(AM_CPPFLAGS) - -dist_libkrb5_la_SOURCES = \ - acache.c \ - acl.c \ - add_et_list.c \ - addr_families.c \ - aname_to_localname.c \ - appdefault.c \ - asn1_glue.c \ - auth_context.c \ - build_ap_req.c \ - build_auth.c \ - cache.c \ - changepw.c \ - codec.c \ - config_file.c \ - config_file_netinfo.c \ - convert_creds.c \ - constants.c \ - context.c \ - copy_host_realm.c \ - crc.c \ - creds.c \ - crypto.c \ - doxygen.c \ - data.c \ - digest.c \ - eai_to_heim_errno.c \ - error_string.c \ - expand_hostname.c \ - fcache.c \ - free.c \ - free_host_realm.c \ - generate_seq_number.c \ - generate_subkey.c \ - get_addrs.c \ - get_cred.c \ - get_default_principal.c \ - get_default_realm.c \ - get_for_creds.c \ - get_host_realm.c \ - get_in_tkt.c \ - get_in_tkt_pw.c \ - get_in_tkt_with_keytab.c \ - get_in_tkt_with_skey.c \ - get_port.c \ - heim_threads.h \ - init_creds.c \ - init_creds_pw.c \ - kcm.c \ - kcm.h \ - keyblock.c \ - keytab.c \ - keytab_any.c \ - keytab_file.c \ - keytab_keyfile.c \ - keytab_krb4.c \ - keytab_memory.c \ - krb5_locl.h \ - krb5-v4compat.h \ - krbhst.c \ - kuserok.c \ - log.c \ - mcache.c \ - misc.c \ - mk_error.c \ - mk_priv.c \ - mk_rep.c \ - mk_req.c \ - mk_req_ext.c \ - mk_safe.c \ - mit_glue.c \ - net_read.c \ - net_write.c \ - n-fold.c \ - pac.c \ - padata.c \ - pkinit.c \ - principal.c \ - prog_setup.c \ - prompter_posix.c \ - rd_cred.c \ - rd_error.c \ - rd_priv.c \ - rd_rep.c \ - rd_req.c \ - rd_safe.c \ - read_message.c \ - recvauth.c \ - replay.c \ - send_to_kdc.c \ - sendauth.c \ - set_default_realm.c \ - sock_principal.c \ - store.c \ - store-int.h \ - store_emem.c \ - store_fd.c \ - store_mem.c \ - plugin.c \ - ticket.c \ - time.c \ - transited.c \ - v4_glue.c \ - verify_init.c \ - verify_user.c \ - version.c \ - warn.c \ - write_message.c - -nodist_libkrb5_la_SOURCES = \ - $(ERR_FILES) - -libkrb5_la_LDFLAGS = -version-info 24:0:0 - -if versionscript -libkrb5_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map -endif - -$(libkrb5_la_OBJECTS) $(verify_krb5_conf_OBJECTS): $(srcdir)/krb5-protos.h $(srcdir)/krb5-private.h - -$(srcdir)/krb5-protos.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -E KRB5_LIB_FUNCTION -q -P comment -o krb5-protos.h $(dist_libkrb5_la_SOURCES) || rm -f krb5-protos.h - -$(srcdir)/krb5-private.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p krb5-private.h $(dist_libkrb5_la_SOURCES) || rm -f krb5-private.h - -man_MANS = \ - kerberos.8 \ - krb5.3 \ - krb5.conf.5 \ - krb524_convert_creds_kdc.3 \ - krb5_425_conv_principal.3 \ - krb5_acl_match_file.3 \ - krb5_address.3 \ - krb5_aname_to_localname.3 \ - krb5_appdefault.3 \ - krb5_auth_context.3 \ - krb5_c_make_checksum.3 \ - krb5_ccache.3 \ - krb5_check_transited.3 \ - krb5_compare_creds.3 \ - krb5_config.3 \ - krb5_context.3 \ - krb5_create_checksum.3 \ - krb5_creds.3 \ - krb5_crypto_init.3 \ - krb5_data.3 \ - krb5_digest.3 \ - krb5_eai_to_heim_errno.3 \ - krb5_encrypt.3 \ - krb5_expand_hostname.3 \ - krb5_find_padata.3 \ - krb5_generate_random_block.3 \ - krb5_get_all_client_addrs.3 \ - krb5_get_credentials.3 \ - krb5_get_creds.3 \ - krb5_get_forwarded_creds.3 \ - krb5_get_in_cred.3 \ - krb5_get_init_creds.3 \ - krb5_get_krbhst.3 \ - krb5_getportbyname.3 \ - krb5_init_context.3 \ - krb5_is_thread_safe.3 \ - krb5_keyblock.3 \ - krb5_keytab.3 \ - krb5_krbhst_init.3 \ - krb5_kuserok.3 \ - krb5_mk_req.3 \ - krb5_mk_safe.3 \ - krb5_openlog.3 \ - krb5_parse_name.3 \ - krb5_principal.3 \ - krb5_rcache.3 \ - krb5_rd_error.3 \ - krb5_rd_safe.3 \ - krb5_set_default_realm.3 \ - krb5_set_password.3 \ - krb5_storage.3 \ - krb5_string_to_key.3 \ - krb5_ticket.3 \ - krb5_timeofday.3 \ - krb5_unparse_name.3 \ - krb5_verify_init_creds.3 \ - krb5_verify_user.3 \ - krb5_warn.3 \ - verify_krb5_conf.8 - -dist_include_HEADERS = \ - krb5.h \ - krb5-protos.h \ - krb5-private.h \ - krb5_ccapi.h - -nodist_include_HEADERS = krb5_err.h heim_err.h k524_err.h - -# XXX use nobase_include_HEADERS = krb5/locate_plugin.h -krb5dir = $(includedir)/krb5 -krb5_HEADERS = locate_plugin.h - -build_HEADERZ = \ - heim_threads.h \ - $(krb5_HEADERS) \ - krb_err.h - -CLEANFILES = \ - krb5_err.c krb5_err.h \ - krb_err.c krb_err.h \ - heim_err.c heim_err.h \ - k524_err.c k524_err.h - -$(libkrb5_la_OBJECTS): krb5_err.h krb_err.h heim_err.h k524_err.h - -EXTRA_DIST = \ - krb5_err.et \ - krb_err.et \ - heim_err.et \ - k524_err.et \ - $(man_MANS) \ - version-script.map \ - krb5.moduli - -#sysconf_DATA = krb5.moduli - -# to help stupid solaris make - -krb5_err.h: krb5_err.et - -krb_err.h: krb_err.et - -heim_err.h: heim_err.et - -k524_err.h: k524_err.et diff --git a/crypto/heimdal/lib/krb5/Makefile.in b/crypto/heimdal/lib/krb5/Makefile.in deleted file mode 100644 index 60e09251227f..000000000000 --- a/crypto/heimdal/lib/krb5/Makefile.in +++ /dev/null @@ -1,2021 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22501 2008-01-21 15:43:21Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - - - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(dist_include_HEADERS) $(krb5_HEADERS) \ - $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -bin_PROGRAMS = verify_krb5_conf$(EXEEXT) -noinst_PROGRAMS = krbhst-test$(EXEEXT) test_alname$(EXEEXT) \ - test_crypto$(EXEEXT) test_get_addrs$(EXEEXT) \ - test_kuserok$(EXEEXT) test_renew$(EXEEXT) \ - test_forward$(EXEEXT) -TESTS = aes-test$(EXEEXT) derived-key-test$(EXEEXT) \ - n-fold-test$(EXEEXT) name-45-test$(EXEEXT) \ - parse-name-test$(EXEEXT) store-test$(EXEEXT) \ - string-to-key-test$(EXEEXT) test_acl$(EXEEXT) \ - test_addr$(EXEEXT) test_cc$(EXEEXT) test_config$(EXEEXT) \ - test_prf$(EXEEXT) test_store$(EXEEXT) \ - test_crypto_wrapping$(EXEEXT) test_keytab$(EXEEXT) \ - test_mem$(EXEEXT) test_pac$(EXEEXT) test_plugin$(EXEEXT) \ - test_princ$(EXEEXT) test_pkinit_dh2key$(EXEEXT) \ - test_time$(EXEEXT) -check_PROGRAMS = $(am__EXEEXT_1) test_hostname$(EXEEXT) -@versionscript_TRUE@am__append_1 = $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map -subdir = lib/krb5 -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" \ - "$(DESTDIR)$(man3dir)" "$(DESTDIR)$(man5dir)" \ - "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(includedir)" \ - "$(DESTDIR)$(krb5dir)" "$(DESTDIR)$(includedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) -LTLIBRARIES = $(lib_LTLIBRARIES) -am__DEPENDENCIES_1 = -libkrb5_la_DEPENDENCIES = $(LIB_pkinit) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(top_builddir)/lib/asn1/libasn1.la \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -dist_libkrb5_la_OBJECTS = libkrb5_la-acache.lo libkrb5_la-acl.lo \ - libkrb5_la-add_et_list.lo libkrb5_la-addr_families.lo \ - libkrb5_la-aname_to_localname.lo libkrb5_la-appdefault.lo \ - libkrb5_la-asn1_glue.lo libkrb5_la-auth_context.lo \ - libkrb5_la-build_ap_req.lo libkrb5_la-build_auth.lo \ - libkrb5_la-cache.lo libkrb5_la-changepw.lo libkrb5_la-codec.lo \ - libkrb5_la-config_file.lo libkrb5_la-config_file_netinfo.lo \ - libkrb5_la-convert_creds.lo libkrb5_la-constants.lo \ - libkrb5_la-context.lo libkrb5_la-copy_host_realm.lo \ - libkrb5_la-crc.lo libkrb5_la-creds.lo libkrb5_la-crypto.lo \ - libkrb5_la-doxygen.lo libkrb5_la-data.lo libkrb5_la-digest.lo \ - libkrb5_la-eai_to_heim_errno.lo libkrb5_la-error_string.lo \ - libkrb5_la-expand_hostname.lo libkrb5_la-fcache.lo \ - libkrb5_la-free.lo libkrb5_la-free_host_realm.lo \ - libkrb5_la-generate_seq_number.lo \ - libkrb5_la-generate_subkey.lo libkrb5_la-get_addrs.lo \ - libkrb5_la-get_cred.lo libkrb5_la-get_default_principal.lo \ - libkrb5_la-get_default_realm.lo libkrb5_la-get_for_creds.lo \ - libkrb5_la-get_host_realm.lo libkrb5_la-get_in_tkt.lo \ - libkrb5_la-get_in_tkt_pw.lo \ - libkrb5_la-get_in_tkt_with_keytab.lo \ - libkrb5_la-get_in_tkt_with_skey.lo libkrb5_la-get_port.lo \ - libkrb5_la-init_creds.lo libkrb5_la-init_creds_pw.lo \ - libkrb5_la-kcm.lo libkrb5_la-keyblock.lo libkrb5_la-keytab.lo \ - libkrb5_la-keytab_any.lo libkrb5_la-keytab_file.lo \ - libkrb5_la-keytab_keyfile.lo libkrb5_la-keytab_krb4.lo \ - libkrb5_la-keytab_memory.lo libkrb5_la-krbhst.lo \ - libkrb5_la-kuserok.lo libkrb5_la-log.lo libkrb5_la-mcache.lo \ - libkrb5_la-misc.lo libkrb5_la-mk_error.lo \ - libkrb5_la-mk_priv.lo libkrb5_la-mk_rep.lo \ - libkrb5_la-mk_req.lo libkrb5_la-mk_req_ext.lo \ - libkrb5_la-mk_safe.lo libkrb5_la-mit_glue.lo \ - libkrb5_la-net_read.lo libkrb5_la-net_write.lo \ - libkrb5_la-n-fold.lo libkrb5_la-pac.lo libkrb5_la-padata.lo \ - libkrb5_la-pkinit.lo libkrb5_la-principal.lo \ - libkrb5_la-prog_setup.lo libkrb5_la-prompter_posix.lo \ - libkrb5_la-rd_cred.lo libkrb5_la-rd_error.lo \ - libkrb5_la-rd_priv.lo libkrb5_la-rd_rep.lo \ - libkrb5_la-rd_req.lo libkrb5_la-rd_safe.lo \ - libkrb5_la-read_message.lo libkrb5_la-recvauth.lo \ - libkrb5_la-replay.lo libkrb5_la-send_to_kdc.lo \ - libkrb5_la-sendauth.lo libkrb5_la-set_default_realm.lo \ - libkrb5_la-sock_principal.lo libkrb5_la-store.lo \ - libkrb5_la-store_emem.lo libkrb5_la-store_fd.lo \ - libkrb5_la-store_mem.lo libkrb5_la-plugin.lo \ - libkrb5_la-ticket.lo libkrb5_la-time.lo \ - libkrb5_la-transited.lo libkrb5_la-v4_glue.lo \ - libkrb5_la-verify_init.lo libkrb5_la-verify_user.lo \ - libkrb5_la-version.lo libkrb5_la-warn.lo \ - libkrb5_la-write_message.lo -am__objects_1 = libkrb5_la-krb5_err.lo libkrb5_la-krb_err.lo \ - libkrb5_la-heim_err.lo libkrb5_la-k524_err.lo -nodist_libkrb5_la_OBJECTS = $(am__objects_1) -libkrb5_la_OBJECTS = $(dist_libkrb5_la_OBJECTS) \ - $(nodist_libkrb5_la_OBJECTS) -libkrb5_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(libkrb5_la_LDFLAGS) $(LDFLAGS) -o $@ -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -am__EXEEXT_1 = aes-test$(EXEEXT) derived-key-test$(EXEEXT) \ - n-fold-test$(EXEEXT) name-45-test$(EXEEXT) \ - parse-name-test$(EXEEXT) store-test$(EXEEXT) \ - string-to-key-test$(EXEEXT) test_acl$(EXEEXT) \ - test_addr$(EXEEXT) test_cc$(EXEEXT) test_config$(EXEEXT) \ - test_prf$(EXEEXT) test_store$(EXEEXT) \ - test_crypto_wrapping$(EXEEXT) test_keytab$(EXEEXT) \ - test_mem$(EXEEXT) test_pac$(EXEEXT) test_plugin$(EXEEXT) \ - test_princ$(EXEEXT) test_pkinit_dh2key$(EXEEXT) \ - test_time$(EXEEXT) -PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS) -aes_test_SOURCES = aes-test.c -aes_test_OBJECTS = aes-test.$(OBJEXT) -aes_test_LDADD = $(LDADD) -aes_test_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -derived_key_test_SOURCES = derived-key-test.c -derived_key_test_OBJECTS = derived-key-test.$(OBJEXT) -derived_key_test_LDADD = $(LDADD) -derived_key_test_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -krbhst_test_SOURCES = krbhst-test.c -krbhst_test_OBJECTS = krbhst-test.$(OBJEXT) -krbhst_test_LDADD = $(LDADD) -krbhst_test_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -n_fold_test_SOURCES = n-fold-test.c -n_fold_test_OBJECTS = n-fold-test.$(OBJEXT) -n_fold_test_LDADD = $(LDADD) -n_fold_test_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -name_45_test_SOURCES = name-45-test.c -name_45_test_OBJECTS = name-45-test.$(OBJEXT) -name_45_test_LDADD = $(LDADD) -name_45_test_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -parse_name_test_SOURCES = parse-name-test.c -parse_name_test_OBJECTS = parse-name-test.$(OBJEXT) -parse_name_test_LDADD = $(LDADD) -parse_name_test_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -store_test_SOURCES = store-test.c -store_test_OBJECTS = store-test.$(OBJEXT) -store_test_LDADD = $(LDADD) -store_test_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -string_to_key_test_SOURCES = string-to-key-test.c -string_to_key_test_OBJECTS = string-to-key-test.$(OBJEXT) -string_to_key_test_LDADD = $(LDADD) -string_to_key_test_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_acl_SOURCES = test_acl.c -test_acl_OBJECTS = test_acl.$(OBJEXT) -test_acl_LDADD = $(LDADD) -test_acl_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_addr_SOURCES = test_addr.c -test_addr_OBJECTS = test_addr.$(OBJEXT) -test_addr_LDADD = $(LDADD) -test_addr_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_alname_SOURCES = test_alname.c -test_alname_OBJECTS = test_alname.$(OBJEXT) -test_alname_LDADD = $(LDADD) -test_alname_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_cc_SOURCES = test_cc.c -test_cc_OBJECTS = test_cc.$(OBJEXT) -test_cc_LDADD = $(LDADD) -test_cc_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_config_SOURCES = test_config.c -test_config_OBJECTS = test_config.$(OBJEXT) -test_config_LDADD = $(LDADD) -test_config_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_crypto_SOURCES = test_crypto.c -test_crypto_OBJECTS = test_crypto.$(OBJEXT) -test_crypto_LDADD = $(LDADD) -test_crypto_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_crypto_wrapping_SOURCES = test_crypto_wrapping.c -test_crypto_wrapping_OBJECTS = test_crypto_wrapping.$(OBJEXT) -test_crypto_wrapping_LDADD = $(LDADD) -test_crypto_wrapping_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_forward_SOURCES = test_forward.c -test_forward_OBJECTS = test_forward.$(OBJEXT) -test_forward_LDADD = $(LDADD) -test_forward_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_get_addrs_SOURCES = test_get_addrs.c -test_get_addrs_OBJECTS = test_get_addrs.$(OBJEXT) -test_get_addrs_LDADD = $(LDADD) -test_get_addrs_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_hostname_SOURCES = test_hostname.c -test_hostname_OBJECTS = test_hostname.$(OBJEXT) -test_hostname_LDADD = $(LDADD) -test_hostname_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_keytab_SOURCES = test_keytab.c -test_keytab_OBJECTS = test_keytab.$(OBJEXT) -test_keytab_LDADD = $(LDADD) -test_keytab_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_kuserok_SOURCES = test_kuserok.c -test_kuserok_OBJECTS = test_kuserok.$(OBJEXT) -test_kuserok_LDADD = $(LDADD) -test_kuserok_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_mem_SOURCES = test_mem.c -test_mem_OBJECTS = test_mem.$(OBJEXT) -test_mem_LDADD = $(LDADD) -test_mem_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_pac_SOURCES = test_pac.c -test_pac_OBJECTS = test_pac.$(OBJEXT) -test_pac_LDADD = $(LDADD) -test_pac_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_pkinit_dh2key_SOURCES = test_pkinit_dh2key.c -test_pkinit_dh2key_OBJECTS = test_pkinit_dh2key.$(OBJEXT) -test_pkinit_dh2key_LDADD = $(LDADD) -test_pkinit_dh2key_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_plugin_SOURCES = test_plugin.c -test_plugin_OBJECTS = test_plugin.$(OBJEXT) -test_plugin_LDADD = $(LDADD) -test_plugin_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_prf_SOURCES = test_prf.c -test_prf_OBJECTS = test_prf.$(OBJEXT) -test_prf_LDADD = $(LDADD) -test_prf_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_princ_SOURCES = test_princ.c -test_princ_OBJECTS = test_princ.$(OBJEXT) -test_princ_LDADD = $(LDADD) -test_princ_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_renew_SOURCES = test_renew.c -test_renew_OBJECTS = test_renew.$(OBJEXT) -test_renew_LDADD = $(LDADD) -test_renew_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_store_SOURCES = test_store.c -test_store_OBJECTS = test_store.$(OBJEXT) -test_store_LDADD = $(LDADD) -test_store_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -test_time_SOURCES = test_time.c -test_time_OBJECTS = test_time.$(OBJEXT) -test_time_LDADD = $(LDADD) -test_time_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -verify_krb5_conf_SOURCES = verify_krb5_conf.c -verify_krb5_conf_OBJECTS = verify_krb5_conf.$(OBJEXT) -verify_krb5_conf_LDADD = $(LDADD) -verify_krb5_conf_DEPENDENCIES = libkrb5.la $(am__DEPENDENCIES_1) \ - $(top_builddir)/lib/asn1/libasn1.la $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(dist_libkrb5_la_SOURCES) $(nodist_libkrb5_la_SOURCES) \ - aes-test.c derived-key-test.c krbhst-test.c n-fold-test.c \ - name-45-test.c parse-name-test.c store-test.c \ - string-to-key-test.c test_acl.c test_addr.c test_alname.c \ - test_cc.c test_config.c test_crypto.c test_crypto_wrapping.c \ - test_forward.c test_get_addrs.c test_hostname.c test_keytab.c \ - test_kuserok.c test_mem.c test_pac.c test_pkinit_dh2key.c \ - test_plugin.c test_prf.c test_princ.c test_renew.c \ - test_store.c test_time.c verify_krb5_conf.c -DIST_SOURCES = $(dist_libkrb5_la_SOURCES) aes-test.c \ - derived-key-test.c krbhst-test.c n-fold-test.c name-45-test.c \ - parse-name-test.c store-test.c string-to-key-test.c test_acl.c \ - test_addr.c test_alname.c test_cc.c test_config.c \ - test_crypto.c test_crypto_wrapping.c test_forward.c \ - test_get_addrs.c test_hostname.c test_keytab.c test_kuserok.c \ - test_mem.c test_pac.c test_pkinit_dh2key.c test_plugin.c \ - test_prf.c test_princ.c test_renew.c test_store.c test_time.c \ - verify_krb5_conf.c -man3dir = $(mandir)/man3 -man5dir = $(mandir)/man5 -man8dir = $(mandir)/man8 -MANS = $(man_MANS) -dist_includeHEADERS_INSTALL = $(INSTALL_HEADER) -krb5HEADERS_INSTALL = $(INSTALL_HEADER) -nodist_includeHEADERS_INSTALL = $(INSTALL_HEADER) -HEADERS = $(dist_include_HEADERS) $(krb5_HEADERS) \ - $(nodist_include_HEADERS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(INCLUDE_krb4) $(INCLUDE_hcrypto) -I../com_err \ - -I$(srcdir)/../com_err -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -LDADD = libkrb5.la \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIB_roken) - -@PKINIT_TRUE@LIB_pkinit = ../hx509/libhx509.la -libkrb5_la_LIBADD = \ - $(LIB_pkinit) \ - $(LIB_com_err) \ - $(LIB_hcrypto) \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(LIBADD_roken) \ - $(LIB_door_create) \ - $(LIB_dlopen) - -lib_LTLIBRARIES = libkrb5.la -ERR_FILES = krb5_err.c krb_err.c heim_err.c k524_err.c -libkrb5_la_CPPFLAGS = -DBUILD_KRB5_LIB $(AM_CPPFLAGS) -dist_libkrb5_la_SOURCES = \ - acache.c \ - acl.c \ - add_et_list.c \ - addr_families.c \ - aname_to_localname.c \ - appdefault.c \ - asn1_glue.c \ - auth_context.c \ - build_ap_req.c \ - build_auth.c \ - cache.c \ - changepw.c \ - codec.c \ - config_file.c \ - config_file_netinfo.c \ - convert_creds.c \ - constants.c \ - context.c \ - copy_host_realm.c \ - crc.c \ - creds.c \ - crypto.c \ - doxygen.c \ - data.c \ - digest.c \ - eai_to_heim_errno.c \ - error_string.c \ - expand_hostname.c \ - fcache.c \ - free.c \ - free_host_realm.c \ - generate_seq_number.c \ - generate_subkey.c \ - get_addrs.c \ - get_cred.c \ - get_default_principal.c \ - get_default_realm.c \ - get_for_creds.c \ - get_host_realm.c \ - get_in_tkt.c \ - get_in_tkt_pw.c \ - get_in_tkt_with_keytab.c \ - get_in_tkt_with_skey.c \ - get_port.c \ - heim_threads.h \ - init_creds.c \ - init_creds_pw.c \ - kcm.c \ - kcm.h \ - keyblock.c \ - keytab.c \ - keytab_any.c \ - keytab_file.c \ - keytab_keyfile.c \ - keytab_krb4.c \ - keytab_memory.c \ - krb5_locl.h \ - krb5-v4compat.h \ - krbhst.c \ - kuserok.c \ - log.c \ - mcache.c \ - misc.c \ - mk_error.c \ - mk_priv.c \ - mk_rep.c \ - mk_req.c \ - mk_req_ext.c \ - mk_safe.c \ - mit_glue.c \ - net_read.c \ - net_write.c \ - n-fold.c \ - pac.c \ - padata.c \ - pkinit.c \ - principal.c \ - prog_setup.c \ - prompter_posix.c \ - rd_cred.c \ - rd_error.c \ - rd_priv.c \ - rd_rep.c \ - rd_req.c \ - rd_safe.c \ - read_message.c \ - recvauth.c \ - replay.c \ - send_to_kdc.c \ - sendauth.c \ - set_default_realm.c \ - sock_principal.c \ - store.c \ - store-int.h \ - store_emem.c \ - store_fd.c \ - store_mem.c \ - plugin.c \ - ticket.c \ - time.c \ - transited.c \ - v4_glue.c \ - verify_init.c \ - verify_user.c \ - version.c \ - warn.c \ - write_message.c - -nodist_libkrb5_la_SOURCES = \ - $(ERR_FILES) - -libkrb5_la_LDFLAGS = -version-info 24:0:0 $(am__append_1) -man_MANS = \ - kerberos.8 \ - krb5.3 \ - krb5.conf.5 \ - krb524_convert_creds_kdc.3 \ - krb5_425_conv_principal.3 \ - krb5_acl_match_file.3 \ - krb5_address.3 \ - krb5_aname_to_localname.3 \ - krb5_appdefault.3 \ - krb5_auth_context.3 \ - krb5_c_make_checksum.3 \ - krb5_ccache.3 \ - krb5_check_transited.3 \ - krb5_compare_creds.3 \ - krb5_config.3 \ - krb5_context.3 \ - krb5_create_checksum.3 \ - krb5_creds.3 \ - krb5_crypto_init.3 \ - krb5_data.3 \ - krb5_digest.3 \ - krb5_eai_to_heim_errno.3 \ - krb5_encrypt.3 \ - krb5_expand_hostname.3 \ - krb5_find_padata.3 \ - krb5_generate_random_block.3 \ - krb5_get_all_client_addrs.3 \ - krb5_get_credentials.3 \ - krb5_get_creds.3 \ - krb5_get_forwarded_creds.3 \ - krb5_get_in_cred.3 \ - krb5_get_init_creds.3 \ - krb5_get_krbhst.3 \ - krb5_getportbyname.3 \ - krb5_init_context.3 \ - krb5_is_thread_safe.3 \ - krb5_keyblock.3 \ - krb5_keytab.3 \ - krb5_krbhst_init.3 \ - krb5_kuserok.3 \ - krb5_mk_req.3 \ - krb5_mk_safe.3 \ - krb5_openlog.3 \ - krb5_parse_name.3 \ - krb5_principal.3 \ - krb5_rcache.3 \ - krb5_rd_error.3 \ - krb5_rd_safe.3 \ - krb5_set_default_realm.3 \ - krb5_set_password.3 \ - krb5_storage.3 \ - krb5_string_to_key.3 \ - krb5_ticket.3 \ - krb5_timeofday.3 \ - krb5_unparse_name.3 \ - krb5_verify_init_creds.3 \ - krb5_verify_user.3 \ - krb5_warn.3 \ - verify_krb5_conf.8 - -dist_include_HEADERS = \ - krb5.h \ - krb5-protos.h \ - krb5-private.h \ - krb5_ccapi.h - -nodist_include_HEADERS = krb5_err.h heim_err.h k524_err.h - -# XXX use nobase_include_HEADERS = krb5/locate_plugin.h -krb5dir = $(includedir)/krb5 -krb5_HEADERS = locate_plugin.h -build_HEADERZ = \ - heim_threads.h \ - $(krb5_HEADERS) \ - krb_err.h - -CLEANFILES = \ - krb5_err.c krb5_err.h \ - krb_err.c krb_err.h \ - heim_err.c heim_err.h \ - k524_err.c k524_err.h - -EXTRA_DIST = \ - krb5_err.et \ - krb_err.et \ - heim_err.et \ - k524_err.et \ - $(man_MANS) \ - version-script.map \ - krb5.moduli - -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/krb5/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/krb5/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-libLTLIBRARIES: $(lib_LTLIBRARIES) - @$(NORMAL_INSTALL) - test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ - else :; fi; \ - done - -uninstall-libLTLIBRARIES: - @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ - done - -clean-libLTLIBRARIES: - -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done -libkrb5.la: $(libkrb5_la_OBJECTS) $(libkrb5_la_DEPENDENCIES) - $(libkrb5_la_LINK) -rpath $(libdir) $(libkrb5_la_OBJECTS) $(libkrb5_la_LIBADD) $(LIBS) -install-binPROGRAMS: $(bin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-binPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done - -clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done - -clean-checkPROGRAMS: - @list='$(check_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done - -clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -aes-test$(EXEEXT): $(aes_test_OBJECTS) $(aes_test_DEPENDENCIES) - @rm -f aes-test$(EXEEXT) - $(LINK) $(aes_test_OBJECTS) $(aes_test_LDADD) $(LIBS) -derived-key-test$(EXEEXT): $(derived_key_test_OBJECTS) $(derived_key_test_DEPENDENCIES) - @rm -f derived-key-test$(EXEEXT) - $(LINK) $(derived_key_test_OBJECTS) $(derived_key_test_LDADD) $(LIBS) -krbhst-test$(EXEEXT): $(krbhst_test_OBJECTS) $(krbhst_test_DEPENDENCIES) - @rm -f krbhst-test$(EXEEXT) - $(LINK) $(krbhst_test_OBJECTS) $(krbhst_test_LDADD) $(LIBS) -n-fold-test$(EXEEXT): $(n_fold_test_OBJECTS) $(n_fold_test_DEPENDENCIES) - @rm -f n-fold-test$(EXEEXT) - $(LINK) $(n_fold_test_OBJECTS) $(n_fold_test_LDADD) $(LIBS) -name-45-test$(EXEEXT): $(name_45_test_OBJECTS) $(name_45_test_DEPENDENCIES) - @rm -f name-45-test$(EXEEXT) - $(LINK) $(name_45_test_OBJECTS) $(name_45_test_LDADD) $(LIBS) -parse-name-test$(EXEEXT): $(parse_name_test_OBJECTS) $(parse_name_test_DEPENDENCIES) - @rm -f parse-name-test$(EXEEXT) - $(LINK) $(parse_name_test_OBJECTS) $(parse_name_test_LDADD) $(LIBS) -store-test$(EXEEXT): $(store_test_OBJECTS) $(store_test_DEPENDENCIES) - @rm -f store-test$(EXEEXT) - $(LINK) $(store_test_OBJECTS) $(store_test_LDADD) $(LIBS) -string-to-key-test$(EXEEXT): $(string_to_key_test_OBJECTS) $(string_to_key_test_DEPENDENCIES) - @rm -f string-to-key-test$(EXEEXT) - $(LINK) $(string_to_key_test_OBJECTS) $(string_to_key_test_LDADD) $(LIBS) -test_acl$(EXEEXT): $(test_acl_OBJECTS) $(test_acl_DEPENDENCIES) - @rm -f test_acl$(EXEEXT) - $(LINK) $(test_acl_OBJECTS) $(test_acl_LDADD) $(LIBS) -test_addr$(EXEEXT): $(test_addr_OBJECTS) $(test_addr_DEPENDENCIES) - @rm -f test_addr$(EXEEXT) - $(LINK) $(test_addr_OBJECTS) $(test_addr_LDADD) $(LIBS) -test_alname$(EXEEXT): $(test_alname_OBJECTS) $(test_alname_DEPENDENCIES) - @rm -f test_alname$(EXEEXT) - $(LINK) $(test_alname_OBJECTS) $(test_alname_LDADD) $(LIBS) -test_cc$(EXEEXT): $(test_cc_OBJECTS) $(test_cc_DEPENDENCIES) - @rm -f test_cc$(EXEEXT) - $(LINK) $(test_cc_OBJECTS) $(test_cc_LDADD) $(LIBS) -test_config$(EXEEXT): $(test_config_OBJECTS) $(test_config_DEPENDENCIES) - @rm -f test_config$(EXEEXT) - $(LINK) $(test_config_OBJECTS) $(test_config_LDADD) $(LIBS) -test_crypto$(EXEEXT): $(test_crypto_OBJECTS) $(test_crypto_DEPENDENCIES) - @rm -f test_crypto$(EXEEXT) - $(LINK) $(test_crypto_OBJECTS) $(test_crypto_LDADD) $(LIBS) -test_crypto_wrapping$(EXEEXT): $(test_crypto_wrapping_OBJECTS) $(test_crypto_wrapping_DEPENDENCIES) - @rm -f test_crypto_wrapping$(EXEEXT) - $(LINK) $(test_crypto_wrapping_OBJECTS) $(test_crypto_wrapping_LDADD) $(LIBS) -test_forward$(EXEEXT): $(test_forward_OBJECTS) $(test_forward_DEPENDENCIES) - @rm -f test_forward$(EXEEXT) - $(LINK) $(test_forward_OBJECTS) $(test_forward_LDADD) $(LIBS) -test_get_addrs$(EXEEXT): $(test_get_addrs_OBJECTS) $(test_get_addrs_DEPENDENCIES) - @rm -f test_get_addrs$(EXEEXT) - $(LINK) $(test_get_addrs_OBJECTS) $(test_get_addrs_LDADD) $(LIBS) -test_hostname$(EXEEXT): $(test_hostname_OBJECTS) $(test_hostname_DEPENDENCIES) - @rm -f test_hostname$(EXEEXT) - $(LINK) $(test_hostname_OBJECTS) $(test_hostname_LDADD) $(LIBS) -test_keytab$(EXEEXT): $(test_keytab_OBJECTS) $(test_keytab_DEPENDENCIES) - @rm -f test_keytab$(EXEEXT) - $(LINK) $(test_keytab_OBJECTS) $(test_keytab_LDADD) $(LIBS) -test_kuserok$(EXEEXT): $(test_kuserok_OBJECTS) $(test_kuserok_DEPENDENCIES) - @rm -f test_kuserok$(EXEEXT) - $(LINK) $(test_kuserok_OBJECTS) $(test_kuserok_LDADD) $(LIBS) -test_mem$(EXEEXT): $(test_mem_OBJECTS) $(test_mem_DEPENDENCIES) - @rm -f test_mem$(EXEEXT) - $(LINK) $(test_mem_OBJECTS) $(test_mem_LDADD) $(LIBS) -test_pac$(EXEEXT): $(test_pac_OBJECTS) $(test_pac_DEPENDENCIES) - @rm -f test_pac$(EXEEXT) - $(LINK) $(test_pac_OBJECTS) $(test_pac_LDADD) $(LIBS) -test_pkinit_dh2key$(EXEEXT): $(test_pkinit_dh2key_OBJECTS) $(test_pkinit_dh2key_DEPENDENCIES) - @rm -f test_pkinit_dh2key$(EXEEXT) - $(LINK) $(test_pkinit_dh2key_OBJECTS) $(test_pkinit_dh2key_LDADD) $(LIBS) -test_plugin$(EXEEXT): $(test_plugin_OBJECTS) $(test_plugin_DEPENDENCIES) - @rm -f test_plugin$(EXEEXT) - $(LINK) $(test_plugin_OBJECTS) $(test_plugin_LDADD) $(LIBS) -test_prf$(EXEEXT): $(test_prf_OBJECTS) $(test_prf_DEPENDENCIES) - @rm -f test_prf$(EXEEXT) - $(LINK) $(test_prf_OBJECTS) $(test_prf_LDADD) $(LIBS) -test_princ$(EXEEXT): $(test_princ_OBJECTS) $(test_princ_DEPENDENCIES) - @rm -f test_princ$(EXEEXT) - $(LINK) $(test_princ_OBJECTS) $(test_princ_LDADD) $(LIBS) -test_renew$(EXEEXT): $(test_renew_OBJECTS) $(test_renew_DEPENDENCIES) - @rm -f test_renew$(EXEEXT) - $(LINK) $(test_renew_OBJECTS) $(test_renew_LDADD) $(LIBS) -test_store$(EXEEXT): $(test_store_OBJECTS) $(test_store_DEPENDENCIES) - @rm -f test_store$(EXEEXT) - $(LINK) $(test_store_OBJECTS) $(test_store_LDADD) $(LIBS) -test_time$(EXEEXT): $(test_time_OBJECTS) $(test_time_DEPENDENCIES) - @rm -f test_time$(EXEEXT) - $(LINK) $(test_time_OBJECTS) $(test_time_LDADD) $(LIBS) -verify_krb5_conf$(EXEEXT): $(verify_krb5_conf_OBJECTS) $(verify_krb5_conf_DEPENDENCIES) - @rm -f verify_krb5_conf$(EXEEXT) - $(LINK) $(verify_krb5_conf_OBJECTS) $(verify_krb5_conf_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -libkrb5_la-acache.lo: acache.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-acache.lo `test -f 'acache.c' || echo '$(srcdir)/'`acache.c - -libkrb5_la-acl.lo: acl.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-acl.lo `test -f 'acl.c' || echo '$(srcdir)/'`acl.c - -libkrb5_la-add_et_list.lo: add_et_list.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-add_et_list.lo `test -f 'add_et_list.c' || echo '$(srcdir)/'`add_et_list.c - -libkrb5_la-addr_families.lo: addr_families.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-addr_families.lo `test -f 'addr_families.c' || echo '$(srcdir)/'`addr_families.c - -libkrb5_la-aname_to_localname.lo: aname_to_localname.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-aname_to_localname.lo `test -f 'aname_to_localname.c' || echo '$(srcdir)/'`aname_to_localname.c - -libkrb5_la-appdefault.lo: appdefault.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-appdefault.lo `test -f 'appdefault.c' || echo '$(srcdir)/'`appdefault.c - -libkrb5_la-asn1_glue.lo: asn1_glue.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-asn1_glue.lo `test -f 'asn1_glue.c' || echo '$(srcdir)/'`asn1_glue.c - -libkrb5_la-auth_context.lo: auth_context.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-auth_context.lo `test -f 'auth_context.c' || echo '$(srcdir)/'`auth_context.c - -libkrb5_la-build_ap_req.lo: build_ap_req.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-build_ap_req.lo `test -f 'build_ap_req.c' || echo '$(srcdir)/'`build_ap_req.c - -libkrb5_la-build_auth.lo: build_auth.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-build_auth.lo `test -f 'build_auth.c' || echo '$(srcdir)/'`build_auth.c - -libkrb5_la-cache.lo: cache.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-cache.lo `test -f 'cache.c' || echo '$(srcdir)/'`cache.c - -libkrb5_la-changepw.lo: changepw.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-changepw.lo `test -f 'changepw.c' || echo '$(srcdir)/'`changepw.c - -libkrb5_la-codec.lo: codec.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-codec.lo `test -f 'codec.c' || echo '$(srcdir)/'`codec.c - -libkrb5_la-config_file.lo: config_file.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-config_file.lo `test -f 'config_file.c' || echo '$(srcdir)/'`config_file.c - -libkrb5_la-config_file_netinfo.lo: config_file_netinfo.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-config_file_netinfo.lo `test -f 'config_file_netinfo.c' || echo '$(srcdir)/'`config_file_netinfo.c - -libkrb5_la-convert_creds.lo: convert_creds.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-convert_creds.lo `test -f 'convert_creds.c' || echo '$(srcdir)/'`convert_creds.c - -libkrb5_la-constants.lo: constants.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-constants.lo `test -f 'constants.c' || echo '$(srcdir)/'`constants.c - -libkrb5_la-context.lo: context.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-context.lo `test -f 'context.c' || echo '$(srcdir)/'`context.c - -libkrb5_la-copy_host_realm.lo: copy_host_realm.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-copy_host_realm.lo `test -f 'copy_host_realm.c' || echo '$(srcdir)/'`copy_host_realm.c - -libkrb5_la-crc.lo: crc.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-crc.lo `test -f 'crc.c' || echo '$(srcdir)/'`crc.c - -libkrb5_la-creds.lo: creds.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-creds.lo `test -f 'creds.c' || echo '$(srcdir)/'`creds.c - -libkrb5_la-crypto.lo: crypto.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c - -libkrb5_la-doxygen.lo: doxygen.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-doxygen.lo `test -f 'doxygen.c' || echo '$(srcdir)/'`doxygen.c - -libkrb5_la-data.lo: data.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-data.lo `test -f 'data.c' || echo '$(srcdir)/'`data.c - -libkrb5_la-digest.lo: digest.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-digest.lo `test -f 'digest.c' || echo '$(srcdir)/'`digest.c - -libkrb5_la-eai_to_heim_errno.lo: eai_to_heim_errno.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-eai_to_heim_errno.lo `test -f 'eai_to_heim_errno.c' || echo '$(srcdir)/'`eai_to_heim_errno.c - -libkrb5_la-error_string.lo: error_string.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-error_string.lo `test -f 'error_string.c' || echo '$(srcdir)/'`error_string.c - -libkrb5_la-expand_hostname.lo: expand_hostname.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-expand_hostname.lo `test -f 'expand_hostname.c' || echo '$(srcdir)/'`expand_hostname.c - -libkrb5_la-fcache.lo: fcache.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-fcache.lo `test -f 'fcache.c' || echo '$(srcdir)/'`fcache.c - -libkrb5_la-free.lo: free.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-free.lo `test -f 'free.c' || echo '$(srcdir)/'`free.c - -libkrb5_la-free_host_realm.lo: free_host_realm.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-free_host_realm.lo `test -f 'free_host_realm.c' || echo '$(srcdir)/'`free_host_realm.c - -libkrb5_la-generate_seq_number.lo: generate_seq_number.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-generate_seq_number.lo `test -f 'generate_seq_number.c' || echo '$(srcdir)/'`generate_seq_number.c - -libkrb5_la-generate_subkey.lo: generate_subkey.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-generate_subkey.lo `test -f 'generate_subkey.c' || echo '$(srcdir)/'`generate_subkey.c - -libkrb5_la-get_addrs.lo: get_addrs.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_addrs.lo `test -f 'get_addrs.c' || echo '$(srcdir)/'`get_addrs.c - -libkrb5_la-get_cred.lo: get_cred.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_cred.lo `test -f 'get_cred.c' || echo '$(srcdir)/'`get_cred.c - -libkrb5_la-get_default_principal.lo: get_default_principal.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_default_principal.lo `test -f 'get_default_principal.c' || echo '$(srcdir)/'`get_default_principal.c - -libkrb5_la-get_default_realm.lo: get_default_realm.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_default_realm.lo `test -f 'get_default_realm.c' || echo '$(srcdir)/'`get_default_realm.c - -libkrb5_la-get_for_creds.lo: get_for_creds.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_for_creds.lo `test -f 'get_for_creds.c' || echo '$(srcdir)/'`get_for_creds.c - -libkrb5_la-get_host_realm.lo: get_host_realm.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_host_realm.lo `test -f 'get_host_realm.c' || echo '$(srcdir)/'`get_host_realm.c - -libkrb5_la-get_in_tkt.lo: get_in_tkt.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_in_tkt.lo `test -f 'get_in_tkt.c' || echo '$(srcdir)/'`get_in_tkt.c - -libkrb5_la-get_in_tkt_pw.lo: get_in_tkt_pw.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_in_tkt_pw.lo `test -f 'get_in_tkt_pw.c' || echo '$(srcdir)/'`get_in_tkt_pw.c - -libkrb5_la-get_in_tkt_with_keytab.lo: get_in_tkt_with_keytab.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_in_tkt_with_keytab.lo `test -f 'get_in_tkt_with_keytab.c' || echo '$(srcdir)/'`get_in_tkt_with_keytab.c - -libkrb5_la-get_in_tkt_with_skey.lo: get_in_tkt_with_skey.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_in_tkt_with_skey.lo `test -f 'get_in_tkt_with_skey.c' || echo '$(srcdir)/'`get_in_tkt_with_skey.c - -libkrb5_la-get_port.lo: get_port.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-get_port.lo `test -f 'get_port.c' || echo '$(srcdir)/'`get_port.c - -libkrb5_la-init_creds.lo: init_creds.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-init_creds.lo `test -f 'init_creds.c' || echo '$(srcdir)/'`init_creds.c - -libkrb5_la-init_creds_pw.lo: init_creds_pw.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-init_creds_pw.lo `test -f 'init_creds_pw.c' || echo '$(srcdir)/'`init_creds_pw.c - -libkrb5_la-kcm.lo: kcm.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-kcm.lo `test -f 'kcm.c' || echo '$(srcdir)/'`kcm.c - -libkrb5_la-keyblock.lo: keyblock.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-keyblock.lo `test -f 'keyblock.c' || echo '$(srcdir)/'`keyblock.c - -libkrb5_la-keytab.lo: keytab.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-keytab.lo `test -f 'keytab.c' || echo '$(srcdir)/'`keytab.c - -libkrb5_la-keytab_any.lo: keytab_any.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-keytab_any.lo `test -f 'keytab_any.c' || echo '$(srcdir)/'`keytab_any.c - -libkrb5_la-keytab_file.lo: keytab_file.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-keytab_file.lo `test -f 'keytab_file.c' || echo '$(srcdir)/'`keytab_file.c - -libkrb5_la-keytab_keyfile.lo: keytab_keyfile.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-keytab_keyfile.lo `test -f 'keytab_keyfile.c' || echo '$(srcdir)/'`keytab_keyfile.c - -libkrb5_la-keytab_krb4.lo: keytab_krb4.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-keytab_krb4.lo `test -f 'keytab_krb4.c' || echo '$(srcdir)/'`keytab_krb4.c - -libkrb5_la-keytab_memory.lo: keytab_memory.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-keytab_memory.lo `test -f 'keytab_memory.c' || echo '$(srcdir)/'`keytab_memory.c - -libkrb5_la-krbhst.lo: krbhst.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-krbhst.lo `test -f 'krbhst.c' || echo '$(srcdir)/'`krbhst.c - -libkrb5_la-kuserok.lo: kuserok.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-kuserok.lo `test -f 'kuserok.c' || echo '$(srcdir)/'`kuserok.c - -libkrb5_la-log.lo: log.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-log.lo `test -f 'log.c' || echo '$(srcdir)/'`log.c - -libkrb5_la-mcache.lo: mcache.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mcache.lo `test -f 'mcache.c' || echo '$(srcdir)/'`mcache.c - -libkrb5_la-misc.lo: misc.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-misc.lo `test -f 'misc.c' || echo '$(srcdir)/'`misc.c - -libkrb5_la-mk_error.lo: mk_error.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mk_error.lo `test -f 'mk_error.c' || echo '$(srcdir)/'`mk_error.c - -libkrb5_la-mk_priv.lo: mk_priv.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mk_priv.lo `test -f 'mk_priv.c' || echo '$(srcdir)/'`mk_priv.c - -libkrb5_la-mk_rep.lo: mk_rep.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mk_rep.lo `test -f 'mk_rep.c' || echo '$(srcdir)/'`mk_rep.c - -libkrb5_la-mk_req.lo: mk_req.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mk_req.lo `test -f 'mk_req.c' || echo '$(srcdir)/'`mk_req.c - -libkrb5_la-mk_req_ext.lo: mk_req_ext.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mk_req_ext.lo `test -f 'mk_req_ext.c' || echo '$(srcdir)/'`mk_req_ext.c - -libkrb5_la-mk_safe.lo: mk_safe.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mk_safe.lo `test -f 'mk_safe.c' || echo '$(srcdir)/'`mk_safe.c - -libkrb5_la-mit_glue.lo: mit_glue.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-mit_glue.lo `test -f 'mit_glue.c' || echo '$(srcdir)/'`mit_glue.c - -libkrb5_la-net_read.lo: net_read.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-net_read.lo `test -f 'net_read.c' || echo '$(srcdir)/'`net_read.c - -libkrb5_la-net_write.lo: net_write.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-net_write.lo `test -f 'net_write.c' || echo '$(srcdir)/'`net_write.c - -libkrb5_la-n-fold.lo: n-fold.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-n-fold.lo `test -f 'n-fold.c' || echo '$(srcdir)/'`n-fold.c - -libkrb5_la-pac.lo: pac.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-pac.lo `test -f 'pac.c' || echo '$(srcdir)/'`pac.c - -libkrb5_la-padata.lo: padata.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-padata.lo `test -f 'padata.c' || echo '$(srcdir)/'`padata.c - -libkrb5_la-pkinit.lo: pkinit.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-pkinit.lo `test -f 'pkinit.c' || echo '$(srcdir)/'`pkinit.c - -libkrb5_la-principal.lo: principal.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-principal.lo `test -f 'principal.c' || echo '$(srcdir)/'`principal.c - -libkrb5_la-prog_setup.lo: prog_setup.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-prog_setup.lo `test -f 'prog_setup.c' || echo '$(srcdir)/'`prog_setup.c - -libkrb5_la-prompter_posix.lo: prompter_posix.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-prompter_posix.lo `test -f 'prompter_posix.c' || echo '$(srcdir)/'`prompter_posix.c - -libkrb5_la-rd_cred.lo: rd_cred.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-rd_cred.lo `test -f 'rd_cred.c' || echo '$(srcdir)/'`rd_cred.c - -libkrb5_la-rd_error.lo: rd_error.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-rd_error.lo `test -f 'rd_error.c' || echo '$(srcdir)/'`rd_error.c - -libkrb5_la-rd_priv.lo: rd_priv.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-rd_priv.lo `test -f 'rd_priv.c' || echo '$(srcdir)/'`rd_priv.c - -libkrb5_la-rd_rep.lo: rd_rep.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-rd_rep.lo `test -f 'rd_rep.c' || echo '$(srcdir)/'`rd_rep.c - -libkrb5_la-rd_req.lo: rd_req.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-rd_req.lo `test -f 'rd_req.c' || echo '$(srcdir)/'`rd_req.c - -libkrb5_la-rd_safe.lo: rd_safe.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-rd_safe.lo `test -f 'rd_safe.c' || echo '$(srcdir)/'`rd_safe.c - -libkrb5_la-read_message.lo: read_message.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-read_message.lo `test -f 'read_message.c' || echo '$(srcdir)/'`read_message.c - -libkrb5_la-recvauth.lo: recvauth.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-recvauth.lo `test -f 'recvauth.c' || echo '$(srcdir)/'`recvauth.c - -libkrb5_la-replay.lo: replay.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-replay.lo `test -f 'replay.c' || echo '$(srcdir)/'`replay.c - -libkrb5_la-send_to_kdc.lo: send_to_kdc.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-send_to_kdc.lo `test -f 'send_to_kdc.c' || echo '$(srcdir)/'`send_to_kdc.c - -libkrb5_la-sendauth.lo: sendauth.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-sendauth.lo `test -f 'sendauth.c' || echo '$(srcdir)/'`sendauth.c - -libkrb5_la-set_default_realm.lo: set_default_realm.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-set_default_realm.lo `test -f 'set_default_realm.c' || echo '$(srcdir)/'`set_default_realm.c - -libkrb5_la-sock_principal.lo: sock_principal.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-sock_principal.lo `test -f 'sock_principal.c' || echo '$(srcdir)/'`sock_principal.c - -libkrb5_la-store.lo: store.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-store.lo `test -f 'store.c' || echo '$(srcdir)/'`store.c - -libkrb5_la-store_emem.lo: store_emem.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-store_emem.lo `test -f 'store_emem.c' || echo '$(srcdir)/'`store_emem.c - -libkrb5_la-store_fd.lo: store_fd.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-store_fd.lo `test -f 'store_fd.c' || echo '$(srcdir)/'`store_fd.c - -libkrb5_la-store_mem.lo: store_mem.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-store_mem.lo `test -f 'store_mem.c' || echo '$(srcdir)/'`store_mem.c - -libkrb5_la-plugin.lo: plugin.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-plugin.lo `test -f 'plugin.c' || echo '$(srcdir)/'`plugin.c - -libkrb5_la-ticket.lo: ticket.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-ticket.lo `test -f 'ticket.c' || echo '$(srcdir)/'`ticket.c - -libkrb5_la-time.lo: time.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-time.lo `test -f 'time.c' || echo '$(srcdir)/'`time.c - -libkrb5_la-transited.lo: transited.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-transited.lo `test -f 'transited.c' || echo '$(srcdir)/'`transited.c - -libkrb5_la-v4_glue.lo: v4_glue.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-v4_glue.lo `test -f 'v4_glue.c' || echo '$(srcdir)/'`v4_glue.c - -libkrb5_la-verify_init.lo: verify_init.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-verify_init.lo `test -f 'verify_init.c' || echo '$(srcdir)/'`verify_init.c - -libkrb5_la-verify_user.lo: verify_user.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-verify_user.lo `test -f 'verify_user.c' || echo '$(srcdir)/'`verify_user.c - -libkrb5_la-version.lo: version.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-version.lo `test -f 'version.c' || echo '$(srcdir)/'`version.c - -libkrb5_la-warn.lo: warn.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-warn.lo `test -f 'warn.c' || echo '$(srcdir)/'`warn.c - -libkrb5_la-write_message.lo: write_message.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-write_message.lo `test -f 'write_message.c' || echo '$(srcdir)/'`write_message.c - -libkrb5_la-krb5_err.lo: krb5_err.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-krb5_err.lo `test -f 'krb5_err.c' || echo '$(srcdir)/'`krb5_err.c - -libkrb5_la-krb_err.lo: krb_err.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-krb_err.lo `test -f 'krb_err.c' || echo '$(srcdir)/'`krb_err.c - -libkrb5_la-heim_err.lo: heim_err.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-heim_err.lo `test -f 'heim_err.c' || echo '$(srcdir)/'`heim_err.c - -libkrb5_la-k524_err.lo: k524_err.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libkrb5_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libkrb5_la-k524_err.lo `test -f 'k524_err.c' || echo '$(srcdir)/'`k524_err.c - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man3: $(man3_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man3dir)" || $(MKDIR_P) "$(DESTDIR)$(man3dir)" - @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.3*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 3*) ;; \ - *) ext='3' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst"; \ - done -uninstall-man3: - @$(NORMAL_UNINSTALL) - @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.3*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 3*) ;; \ - *) ext='3' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man3dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man3dir)/$$inst"; \ - done -install-man5: $(man5_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man5dir)" || $(MKDIR_P) "$(DESTDIR)$(man5dir)" - @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.5*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 5*) ;; \ - *) ext='5' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst"; \ - done -uninstall-man5: - @$(NORMAL_UNINSTALL) - @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.5*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 5*) ;; \ - *) ext='5' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man5dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man5dir)/$$inst"; \ - done -install-man8: $(man8_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done -install-dist_includeHEADERS: $(dist_include_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(dist_include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(dist_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(dist_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ - done - -uninstall-dist_includeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(dist_include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done -install-krb5HEADERS: $(krb5_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(krb5dir)" || $(MKDIR_P) "$(DESTDIR)$(krb5dir)" - @list='$(krb5_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(krb5HEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(krb5dir)/$$f'"; \ - $(krb5HEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(krb5dir)/$$f"; \ - done - -uninstall-krb5HEADERS: - @$(NORMAL_UNINSTALL) - @list='$(krb5_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(krb5dir)/$$f'"; \ - rm -f "$(DESTDIR)$(krb5dir)/$$f"; \ - done -install-nodist_includeHEADERS: $(nodist_include_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(nodist_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(nodist_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ - done - -uninstall-nodist_includeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ - srcdir=$(srcdir); export srcdir; \ - list=' $(TESTS) '; \ - if test -n "$$list"; then \ - for tst in $$list; do \ - if test -f ./$$tst; then dir=./; \ - elif test -f $$tst; then dir=; \ - else dir="$(srcdir)/"; fi; \ - if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xpass=`expr $$xpass + 1`; \ - failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ - ;; \ - *) \ - echo "PASS: $$tst"; \ - ;; \ - esac; \ - elif test $$? -ne 77; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ - ;; \ - *) \ - failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ - ;; \ - esac; \ - else \ - skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ - fi; \ - else \ - if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ - else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ - fi; \ - fi; \ - dashes="$$banner"; \ - skipped=""; \ - if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ - test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$skipped"; \ - fi; \ - report=""; \ - if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ - report="Please report to $(PACKAGE_BUGREPORT)"; \ - test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$report"; \ - fi; \ - dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - test -z "$$skipped" || echo "$$skipped"; \ - test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0; \ - else :; fi - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) - $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local -check: check-am -all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(MANS) $(HEADERS) \ - all-local -install-binPROGRAMS: install-libLTLIBRARIES - -installdirs: - for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man3dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(includedir)" "$(DESTDIR)$(krb5dir)" "$(DESTDIR)$(includedir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-binPROGRAMS clean-checkPROGRAMS clean-generic \ - clean-libLTLIBRARIES clean-libtool clean-noinstPROGRAMS \ - mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-dist_includeHEADERS install-krb5HEADERS \ - install-man install-nodist_includeHEADERS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-binPROGRAMS install-libLTLIBRARIES - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man3 install-man5 install-man8 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-binPROGRAMS uninstall-dist_includeHEADERS \ - uninstall-krb5HEADERS uninstall-libLTLIBRARIES uninstall-man \ - uninstall-nodist_includeHEADERS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man3 uninstall-man5 uninstall-man8 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \ - check-local clean clean-binPROGRAMS clean-checkPROGRAMS \ - clean-generic clean-libLTLIBRARIES clean-libtool \ - clean-noinstPROGRAMS ctags dist-hook distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-binPROGRAMS install-data \ - install-data-am install-data-hook install-dist_includeHEADERS \ - install-dvi install-dvi-am install-exec install-exec-am \ - install-exec-hook install-html install-html-am install-info \ - install-info-am install-krb5HEADERS install-libLTLIBRARIES \ - install-man install-man3 install-man5 install-man8 \ - install-nodist_includeHEADERS install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-binPROGRAMS \ - uninstall-dist_includeHEADERS uninstall-hook \ - uninstall-krb5HEADERS uninstall-libLTLIBRARIES uninstall-man \ - uninstall-man3 uninstall-man5 uninstall-man8 \ - uninstall-nodist_includeHEADERS - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -$(libkrb5_la_OBJECTS) $(verify_krb5_conf_OBJECTS): $(srcdir)/krb5-protos.h $(srcdir)/krb5-private.h - -$(srcdir)/krb5-protos.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -E KRB5_LIB_FUNCTION -q -P comment -o krb5-protos.h $(dist_libkrb5_la_SOURCES) || rm -f krb5-protos.h - -$(srcdir)/krb5-private.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p krb5-private.h $(dist_libkrb5_la_SOURCES) || rm -f krb5-private.h - -$(libkrb5_la_OBJECTS): krb5_err.h krb_err.h heim_err.h k524_err.h - -#sysconf_DATA = krb5.moduli - -# to help stupid solaris make - -krb5_err.h: krb5_err.et - -krb_err.h: krb_err.et - -heim_err.h: heim_err.et - -k524_err.h: k524_err.et -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/lib/krb5/acache.c b/crypto/heimdal/lib/krb5/acache.c deleted file mode 100644 index 30a6d90c3451..000000000000 --- a/crypto/heimdal/lib/krb5/acache.c +++ /dev/null @@ -1,961 +0,0 @@ -/* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -#include -#ifdef HAVE_DLFCN_H -#include -#endif - -RCSID("$Id: acache.c 22099 2007-12-03 17:14:34Z lha $"); - -/* XXX should we fetch these for each open ? */ -static HEIMDAL_MUTEX acc_mutex = HEIMDAL_MUTEX_INITIALIZER; -static cc_initialize_func init_func; - -#ifdef HAVE_DLOPEN -static void *cc_handle; -#endif - -typedef struct krb5_acc { - char *cache_name; - cc_context_t context; - cc_ccache_t ccache; -} krb5_acc; - -static krb5_error_code acc_close(krb5_context, krb5_ccache); - -#define ACACHE(X) ((krb5_acc *)(X)->data.data) - -static const struct { - cc_int32 error; - krb5_error_code ret; -} cc_errors[] = { - { ccErrBadName, KRB5_CC_BADNAME }, - { ccErrCredentialsNotFound, KRB5_CC_NOTFOUND }, - { ccErrCCacheNotFound, KRB5_FCC_NOFILE }, - { ccErrContextNotFound, KRB5_CC_NOTFOUND }, - { ccIteratorEnd, KRB5_CC_END }, - { ccErrNoMem, KRB5_CC_NOMEM }, - { ccErrServerUnavailable, KRB5_CC_NOSUPP }, - { ccNoError, 0 } -}; - -static krb5_error_code -translate_cc_error(krb5_context context, cc_int32 error) -{ - int i; - krb5_clear_error_string(context); - for(i = 0; i < sizeof(cc_errors)/sizeof(cc_errors[0]); i++) - if (cc_errors[i].error == error) - return cc_errors[i].ret; - return KRB5_FCC_INTERNAL; -} - -static krb5_error_code -init_ccapi(krb5_context context) -{ - const char *lib; - - HEIMDAL_MUTEX_lock(&acc_mutex); - if (init_func) { - HEIMDAL_MUTEX_unlock(&acc_mutex); - krb5_clear_error_string(context); - return 0; - } - - lib = krb5_config_get_string(context, NULL, - "libdefaults", "ccapi_library", - NULL); - if (lib == NULL) { -#ifdef __APPLE__ - lib = "/System/Library/Frameworks/Kerberos.framework/Kerberos"; -#else - lib = "/usr/lib/libkrb5_cc.so"; -#endif - } - -#ifdef HAVE_DLOPEN - -#ifndef RTLD_LAZY -#define RTLD_LAZY 0 -#endif - - cc_handle = dlopen(lib, RTLD_LAZY); - if (cc_handle == NULL) { - HEIMDAL_MUTEX_unlock(&acc_mutex); - krb5_set_error_string(context, "Failed to load %s", lib); - return KRB5_CC_NOSUPP; - } - - init_func = (cc_initialize_func)dlsym(cc_handle, "cc_initialize"); - HEIMDAL_MUTEX_unlock(&acc_mutex); - if (init_func == NULL) { - krb5_set_error_string(context, "Failed to find cc_initialize" - "in %s: %s", lib, dlerror()); - dlclose(cc_handle); - return KRB5_CC_NOSUPP; - } - - return 0; -#else - HEIMDAL_MUTEX_unlock(&acc_mutex); - krb5_set_error_string(context, "no support for shared object"); - return KRB5_CC_NOSUPP; -#endif -} - -static krb5_error_code -make_cred_from_ccred(krb5_context context, - const cc_credentials_v5_t *incred, - krb5_creds *cred) -{ - krb5_error_code ret; - int i; - - memset(cred, 0, sizeof(*cred)); - - ret = krb5_parse_name(context, incred->client, &cred->client); - if (ret) - goto fail; - - ret = krb5_parse_name(context, incred->server, &cred->server); - if (ret) - goto fail; - - cred->session.keytype = incred->keyblock.type; - cred->session.keyvalue.length = incred->keyblock.length; - cred->session.keyvalue.data = malloc(incred->keyblock.length); - if (cred->session.keyvalue.data == NULL) - goto nomem; - memcpy(cred->session.keyvalue.data, incred->keyblock.data, - incred->keyblock.length); - - cred->times.authtime = incred->authtime; - cred->times.starttime = incred->starttime; - cred->times.endtime = incred->endtime; - cred->times.renew_till = incred->renew_till; - - ret = krb5_data_copy(&cred->ticket, - incred->ticket.data, - incred->ticket.length); - if (ret) - goto nomem; - - ret = krb5_data_copy(&cred->second_ticket, - incred->second_ticket.data, - incred->second_ticket.length); - if (ret) - goto nomem; - - cred->authdata.val = NULL; - cred->authdata.len = 0; - - cred->addresses.val = NULL; - cred->addresses.len = 0; - - for (i = 0; incred->authdata && incred->authdata[i]; i++) - ; - - if (i) { - cred->authdata.val = calloc(i, sizeof(cred->authdata.val[0])); - if (cred->authdata.val == NULL) - goto nomem; - cred->authdata.len = i; - for (i = 0; i < cred->authdata.len; i++) { - cred->authdata.val[i].ad_type = incred->authdata[i]->type; - ret = krb5_data_copy(&cred->authdata.val[i].ad_data, - incred->authdata[i]->data, - incred->authdata[i]->length); - if (ret) - goto nomem; - } - } - - for (i = 0; incred->addresses && incred->addresses[i]; i++) - ; - - if (i) { - cred->addresses.val = calloc(i, sizeof(cred->addresses.val[0])); - if (cred->addresses.val == NULL) - goto nomem; - cred->addresses.len = i; - - for (i = 0; i < cred->addresses.len; i++) { - cred->addresses.val[i].addr_type = incred->addresses[i]->type; - ret = krb5_data_copy(&cred->addresses.val[i].address, - incred->addresses[i]->data, - incred->addresses[i]->length); - if (ret) - goto nomem; - } - } - - cred->flags.i = 0; - if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_FORWARDABLE) - cred->flags.b.forwardable = 1; - if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_FORWARDED) - cred->flags.b.forwarded = 1; - if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_PROXIABLE) - cred->flags.b.proxiable = 1; - if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_PROXY) - cred->flags.b.proxy = 1; - if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_MAY_POSTDATE) - cred->flags.b.may_postdate = 1; - if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_POSTDATED) - cred->flags.b.postdated = 1; - if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_INVALID) - cred->flags.b.invalid = 1; - if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_RENEWABLE) - cred->flags.b.renewable = 1; - if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_INITIAL) - cred->flags.b.initial = 1; - if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_PRE_AUTH) - cred->flags.b.pre_authent = 1; - if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_HW_AUTH) - cred->flags.b.hw_authent = 1; - if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_TRANSIT_POLICY_CHECKED) - cred->flags.b.transited_policy_checked = 1; - if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_OK_AS_DELEGATE) - cred->flags.b.ok_as_delegate = 1; - if (incred->ticket_flags & KRB5_CCAPI_TKT_FLG_ANONYMOUS) - cred->flags.b.anonymous = 1; - - return 0; - -nomem: - ret = ENOMEM; - krb5_set_error_string(context, "malloc - out of memory"); - -fail: - krb5_free_cred_contents(context, cred); - return ret; -} - -static void -free_ccred(cc_credentials_v5_t *cred) -{ - int i; - - if (cred->addresses) { - for (i = 0; cred->addresses[i] != 0; i++) { - if (cred->addresses[i]->data) - free(cred->addresses[i]->data); - free(cred->addresses[i]); - } - free(cred->addresses); - } - if (cred->server) - free(cred->server); - if (cred->client) - free(cred->client); - memset(cred, 0, sizeof(*cred)); -} - -static krb5_error_code -make_ccred_from_cred(krb5_context context, - const krb5_creds *incred, - cc_credentials_v5_t *cred) -{ - krb5_error_code ret; - int i; - - memset(cred, 0, sizeof(*cred)); - - ret = krb5_unparse_name(context, incred->client, &cred->client); - if (ret) - goto fail; - - ret = krb5_unparse_name(context, incred->server, &cred->server); - if (ret) - goto fail; - - cred->keyblock.type = incred->session.keytype; - cred->keyblock.length = incred->session.keyvalue.length; - cred->keyblock.data = incred->session.keyvalue.data; - - cred->authtime = incred->times.authtime; - cred->starttime = incred->times.starttime; - cred->endtime = incred->times.endtime; - cred->renew_till = incred->times.renew_till; - - cred->ticket.length = incred->ticket.length; - cred->ticket.data = incred->ticket.data; - - cred->second_ticket.length = incred->second_ticket.length; - cred->second_ticket.data = incred->second_ticket.data; - - /* XXX this one should also be filled in */ - cred->authdata = NULL; - - cred->addresses = calloc(incred->addresses.len + 1, - sizeof(cred->addresses[0])); - if (cred->addresses == NULL) { - - ret = ENOMEM; - goto fail; - } - - for (i = 0; i < incred->addresses.len; i++) { - cc_data *addr; - addr = malloc(sizeof(*addr)); - if (addr == NULL) { - ret = ENOMEM; - goto fail; - } - addr->type = incred->addresses.val[i].addr_type; - addr->length = incred->addresses.val[i].address.length; - addr->data = malloc(addr->length); - if (addr->data == NULL) { - ret = ENOMEM; - goto fail; - } - memcpy(addr->data, incred->addresses.val[i].address.data, - addr->length); - cred->addresses[i] = addr; - } - cred->addresses[i] = NULL; - - cred->ticket_flags = 0; - if (incred->flags.b.forwardable) - cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_FORWARDABLE; - if (incred->flags.b.forwarded) - cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_FORWARDED; - if (incred->flags.b.proxiable) - cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_PROXIABLE; - if (incred->flags.b.proxy) - cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_PROXY; - if (incred->flags.b.may_postdate) - cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_MAY_POSTDATE; - if (incred->flags.b.postdated) - cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_POSTDATED; - if (incred->flags.b.invalid) - cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_INVALID; - if (incred->flags.b.renewable) - cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_RENEWABLE; - if (incred->flags.b.initial) - cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_INITIAL; - if (incred->flags.b.pre_authent) - cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_PRE_AUTH; - if (incred->flags.b.hw_authent) - cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_HW_AUTH; - if (incred->flags.b.transited_policy_checked) - cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_TRANSIT_POLICY_CHECKED; - if (incred->flags.b.ok_as_delegate) - cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_OK_AS_DELEGATE; - if (incred->flags.b.anonymous) - cred->ticket_flags |= KRB5_CCAPI_TKT_FLG_ANONYMOUS; - - return 0; - -fail: - free_ccred(cred); - - krb5_clear_error_string(context); - return ret; -} - -static char * -get_cc_name(cc_ccache_t cache) -{ - cc_string_t name; - cc_int32 error; - char *str; - - error = (*cache->func->get_name)(cache, &name); - if (error) - return NULL; - - str = strdup(name->data); - (*name->func->release)(name); - return str; -} - - -static const char* -acc_get_name(krb5_context context, - krb5_ccache id) -{ - krb5_acc *a = ACACHE(id); - static char n[255]; - char *name; - - name = get_cc_name(a->ccache); - if (name == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return NULL; - } - strlcpy(n, name, sizeof(n)); - free(name); - return n; -} - -static krb5_error_code -acc_alloc(krb5_context context, krb5_ccache *id) -{ - krb5_error_code ret; - cc_int32 error; - krb5_acc *a; - - ret = init_ccapi(context); - if (ret) - return ret; - - ret = krb5_data_alloc(&(*id)->data, sizeof(*a)); - if (ret) { - krb5_clear_error_string(context); - return ret; - } - - a = ACACHE(*id); - - error = (*init_func)(&a->context, ccapi_version_3, NULL, NULL); - if (error) { - krb5_data_free(&(*id)->data); - return translate_cc_error(context, error); - } - - a->cache_name = NULL; - - return 0; -} - -static krb5_error_code -acc_resolve(krb5_context context, krb5_ccache *id, const char *res) -{ - krb5_error_code ret; - cc_int32 error; - krb5_acc *a; - - ret = acc_alloc(context, id); - if (ret) - return ret; - - a = ACACHE(*id); - - error = (*a->context->func->open_ccache)(a->context, res, - &a->ccache); - if (error == 0) { - a->cache_name = get_cc_name(a->ccache); - if (a->cache_name == NULL) { - acc_close(context, *id); - *id = NULL; - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - } else if (error == ccErrCCacheNotFound) { - a->ccache = NULL; - a->cache_name = NULL; - error = 0; - } else { - *id = NULL; - return translate_cc_error(context, error); - } - - return 0; -} - -static krb5_error_code -acc_gen_new(krb5_context context, krb5_ccache *id) -{ - krb5_error_code ret; - krb5_acc *a; - - ret = acc_alloc(context, id); - if (ret) - return ret; - - a = ACACHE(*id); - - a->ccache = NULL; - a->cache_name = NULL; - - return 0; -} - -static krb5_error_code -acc_initialize(krb5_context context, - krb5_ccache id, - krb5_principal primary_principal) -{ - krb5_acc *a = ACACHE(id); - krb5_error_code ret; - int32_t error; - char *name; - - ret = krb5_unparse_name(context, primary_principal, &name); - if (ret) - return ret; - - error = (*a->context->func->create_new_ccache)(a->context, - cc_credentials_v5, - name, - &a->ccache); - free(name); - - return translate_cc_error(context, error); -} - -static krb5_error_code -acc_close(krb5_context context, - krb5_ccache id) -{ - krb5_acc *a = ACACHE(id); - - if (a->ccache) { - (*a->ccache->func->release)(a->ccache); - a->ccache = NULL; - } - if (a->cache_name) { - free(a->cache_name); - a->cache_name = NULL; - } - (*a->context->func->release)(a->context); - a->context = NULL; - krb5_data_free(&id->data); - return 0; -} - -static krb5_error_code -acc_destroy(krb5_context context, - krb5_ccache id) -{ - krb5_acc *a = ACACHE(id); - cc_int32 error = 0; - - if (a->ccache) { - error = (*a->ccache->func->destroy)(a->ccache); - a->ccache = NULL; - } - if (a->context) { - error = (a->context->func->release)(a->context); - a->context = NULL; - } - return translate_cc_error(context, error); -} - -static krb5_error_code -acc_store_cred(krb5_context context, - krb5_ccache id, - krb5_creds *creds) -{ - krb5_acc *a = ACACHE(id); - cc_credentials_union cred; - cc_credentials_v5_t v5cred; - krb5_error_code ret; - cc_int32 error; - - if (a->ccache == NULL) { - krb5_set_error_string(context, "No API credential found"); - return KRB5_CC_NOTFOUND; - } - - cred.version = cc_credentials_v5; - cred.credentials.credentials_v5 = &v5cred; - - ret = make_ccred_from_cred(context, - creds, - &v5cred); - if (ret) - return ret; - - error = (*a->ccache->func->store_credentials)(a->ccache, &cred); - if (error) - ret = translate_cc_error(context, error); - - free_ccred(&v5cred); - - return ret; -} - -static krb5_error_code -acc_get_principal(krb5_context context, - krb5_ccache id, - krb5_principal *principal) -{ - krb5_acc *a = ACACHE(id); - krb5_error_code ret; - int32_t error; - cc_string_t name; - - if (a->ccache == NULL) { - krb5_set_error_string(context, "No API credential found"); - return KRB5_CC_NOTFOUND; - } - - error = (*a->ccache->func->get_principal)(a->ccache, - cc_credentials_v5, - &name); - if (error) - return translate_cc_error(context, error); - - ret = krb5_parse_name(context, name->data, principal); - - (*name->func->release)(name); - return ret; -} - -static krb5_error_code -acc_get_first (krb5_context context, - krb5_ccache id, - krb5_cc_cursor *cursor) -{ - cc_credentials_iterator_t iter; - krb5_acc *a = ACACHE(id); - int32_t error; - - if (a->ccache == NULL) { - krb5_set_error_string(context, "No API credential found"); - return KRB5_CC_NOTFOUND; - } - - error = (*a->ccache->func->new_credentials_iterator)(a->ccache, &iter); - if (error) { - krb5_clear_error_string(context); - return ENOENT; - } - *cursor = iter; - return 0; -} - - -static krb5_error_code -acc_get_next (krb5_context context, - krb5_ccache id, - krb5_cc_cursor *cursor, - krb5_creds *creds) -{ - cc_credentials_iterator_t iter = *cursor; - cc_credentials_t cred; - krb5_error_code ret; - int32_t error; - - while (1) { - error = (*iter->func->next)(iter, &cred); - if (error) - return translate_cc_error(context, error); - if (cred->data->version == cc_credentials_v5) - break; - (*cred->func->release)(cred); - } - - ret = make_cred_from_ccred(context, - cred->data->credentials.credentials_v5, - creds); - (*cred->func->release)(cred); - return ret; -} - -static krb5_error_code -acc_end_get (krb5_context context, - krb5_ccache id, - krb5_cc_cursor *cursor) -{ - cc_credentials_iterator_t iter = *cursor; - (*iter->func->release)(iter); - return 0; -} - -static krb5_error_code -acc_remove_cred(krb5_context context, - krb5_ccache id, - krb5_flags which, - krb5_creds *cred) -{ - cc_credentials_iterator_t iter; - krb5_acc *a = ACACHE(id); - cc_credentials_t ccred; - krb5_error_code ret; - cc_int32 error; - char *client, *server; - - if (a->ccache == NULL) { - krb5_set_error_string(context, "No API credential found"); - return KRB5_CC_NOTFOUND; - } - - if (cred->client) { - ret = krb5_unparse_name(context, cred->client, &client); - if (ret) - return ret; - } else - client = NULL; - - ret = krb5_unparse_name(context, cred->server, &server); - if (ret) { - free(client); - return ret; - } - - error = (*a->ccache->func->new_credentials_iterator)(a->ccache, &iter); - if (error) { - free(server); - free(client); - return translate_cc_error(context, error); - } - - ret = KRB5_CC_NOTFOUND; - while (1) { - cc_credentials_v5_t *v5cred; - - error = (*iter->func->next)(iter, &ccred); - if (error) - break; - - if (ccred->data->version != cc_credentials_v5) - goto next; - - v5cred = ccred->data->credentials.credentials_v5; - - if (client && strcmp(v5cred->client, client) != 0) - goto next; - - if (strcmp(v5cred->server, server) != 0) - goto next; - - (*a->ccache->func->remove_credentials)(a->ccache, ccred); - ret = 0; - next: - (*ccred->func->release)(ccred); - } - - (*iter->func->release)(iter); - - if (ret) - krb5_set_error_string(context, "Can't find credential %s in cache", - server); - free(server); - free(client); - - return ret; -} - -static krb5_error_code -acc_set_flags(krb5_context context, - krb5_ccache id, - krb5_flags flags) -{ - return 0; -} - -static krb5_error_code -acc_get_version(krb5_context context, - krb5_ccache id) -{ - return 0; -} - -struct cache_iter { - cc_context_t context; - cc_ccache_iterator_t iter; -}; - -static krb5_error_code -acc_get_cache_first(krb5_context context, krb5_cc_cursor *cursor) -{ - struct cache_iter *iter; - krb5_error_code ret; - cc_int32 error; - - ret = init_ccapi(context); - if (ret) - return ret; - - iter = calloc(1, sizeof(*iter)); - if (iter == NULL) { - krb5_set_error_string(context, "malloc - out of memory"); - return ENOMEM; - } - - error = (*init_func)(&iter->context, ccapi_version_3, NULL, NULL); - if (error) { - free(iter); - return translate_cc_error(context, error); - } - - error = (*iter->context->func->new_ccache_iterator)(iter->context, - &iter->iter); - if (error) { - free(iter); - krb5_clear_error_string(context); - return ENOENT; - } - *cursor = iter; - return 0; -} - -static krb5_error_code -acc_get_cache_next(krb5_context context, krb5_cc_cursor cursor, krb5_ccache *id) -{ - struct cache_iter *iter = cursor; - cc_ccache_t cache; - krb5_acc *a; - krb5_error_code ret; - int32_t error; - - error = (*iter->iter->func->next)(iter->iter, &cache); - if (error) - return translate_cc_error(context, error); - - ret = _krb5_cc_allocate(context, &krb5_acc_ops, id); - if (ret) { - (*cache->func->release)(cache); - return ret; - } - - ret = acc_alloc(context, id); - if (ret) { - (*cache->func->release)(cache); - free(*id); - return ret; - } - - a = ACACHE(*id); - a->ccache = cache; - - a->cache_name = get_cc_name(a->ccache); - if (a->cache_name == NULL) { - acc_close(context, *id); - *id = NULL; - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - return 0; -} - -static krb5_error_code -acc_end_cache_get(krb5_context context, krb5_cc_cursor cursor) -{ - struct cache_iter *iter = cursor; - - (*iter->iter->func->release)(iter->iter); - iter->iter = NULL; - (*iter->context->func->release)(iter->context); - iter->context = NULL; - free(iter); - return 0; -} - -static krb5_error_code -acc_move(krb5_context context, krb5_ccache from, krb5_ccache to) -{ - krb5_acc *afrom = ACACHE(from); - krb5_acc *ato = ACACHE(to); - int32_t error; - - if (ato->ccache == NULL) { - cc_string_t name; - - error = (*afrom->ccache->func->get_principal)(afrom->ccache, - cc_credentials_v5, - &name); - if (error) - return translate_cc_error(context, error); - - error = (*ato->context->func->create_new_ccache)(ato->context, - cc_credentials_v5, - name->data, - &ato->ccache); - (*name->func->release)(name); - if (error) - return translate_cc_error(context, error); - } - - - error = (*ato->ccache->func->move)(afrom->ccache, ato->ccache); - return translate_cc_error(context, error); -} - -static krb5_error_code -acc_default_name(krb5_context context, char **str) -{ - krb5_error_code ret; - cc_context_t cc; - cc_string_t name; - int32_t error; - - ret = init_ccapi(context); - if (ret) - return ret; - - error = (*init_func)(&cc, ccapi_version_3, NULL, NULL); - if (error) - return translate_cc_error(context, error); - - error = (*cc->func->get_default_ccache_name)(cc, &name); - if (error) { - (*cc->func->release)(cc); - return translate_cc_error(context, error); - } - - asprintf(str, "API:%s", name->data); - (*name->func->release)(name); - (*cc->func->release)(cc); - - if (*str == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - return 0; -} - - -/** - * Variable containing the API based credential cache implemention. - * - * @ingroup krb5_ccache - */ - -const krb5_cc_ops krb5_acc_ops = { - "API", - acc_get_name, - acc_resolve, - acc_gen_new, - acc_initialize, - acc_destroy, - acc_close, - acc_store_cred, - NULL, /* acc_retrieve */ - acc_get_principal, - acc_get_first, - acc_get_next, - acc_end_get, - acc_remove_cred, - acc_set_flags, - acc_get_version, - acc_get_cache_first, - acc_get_cache_next, - acc_end_cache_get, - acc_move, - acc_default_name -}; diff --git a/crypto/heimdal/lib/krb5/acl.c b/crypto/heimdal/lib/krb5/acl.c deleted file mode 100644 index cab68367f80a..000000000000 --- a/crypto/heimdal/lib/krb5/acl.c +++ /dev/null @@ -1,293 +0,0 @@ -/* - * Copyright (c) 2000 - 2002, 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -#include - -RCSID("$Id: acl.c 22119 2007-12-03 22:02:48Z lha $"); - -struct acl_field { - enum { acl_string, acl_fnmatch, acl_retval } type; - union { - const char *cstr; - char **retv; - } u; - struct acl_field *next, **last; -}; - -static void -free_retv(struct acl_field *acl) -{ - while(acl != NULL) { - if (acl->type == acl_retval) { - if (*acl->u.retv) - free(*acl->u.retv); - *acl->u.retv = NULL; - } - acl = acl->next; - } -} - -static void -acl_free_list(struct acl_field *acl, int retv) -{ - struct acl_field *next; - if (retv) - free_retv(acl); - while(acl != NULL) { - next = acl->next; - free(acl); - acl = next; - } -} - -static krb5_error_code -acl_parse_format(krb5_context context, - struct acl_field **acl_ret, - const char *format, - va_list ap) -{ - const char *p; - struct acl_field *acl = NULL, *tmp; - - for(p = format; *p != '\0'; p++) { - tmp = malloc(sizeof(*tmp)); - if(tmp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - acl_free_list(acl, 0); - return ENOMEM; - } - if(*p == 's') { - tmp->type = acl_string; - tmp->u.cstr = va_arg(ap, const char*); - } else if(*p == 'f') { - tmp->type = acl_fnmatch; - tmp->u.cstr = va_arg(ap, const char*); - } else if(*p == 'r') { - tmp->type = acl_retval; - tmp->u.retv = va_arg(ap, char **); - *tmp->u.retv = NULL; - } else { - krb5_set_error_string(context, "acl_parse_format: " - "unknown format specifier %c", *p); - acl_free_list(acl, 0); - free(tmp); - return EINVAL; - } - tmp->next = NULL; - if(acl == NULL) - acl = tmp; - else - *acl->last = tmp; - acl->last = &tmp->next; - } - *acl_ret = acl; - return 0; -} - -static krb5_boolean -acl_match_field(krb5_context context, - const char *string, - struct acl_field *field) -{ - if(field->type == acl_string) { - return !strcmp(field->u.cstr, string); - } else if(field->type == acl_fnmatch) { - return !fnmatch(field->u.cstr, string, 0); - } else if(field->type == acl_retval) { - *field->u.retv = strdup(string); - return TRUE; - } - return FALSE; -} - -static krb5_boolean -acl_match_acl(krb5_context context, - struct acl_field *acl, - const char *string) -{ - char buf[256]; - while(strsep_copy(&string, " \t", buf, sizeof(buf)) != -1) { - if(buf[0] == '\0') - continue; /* skip ws */ - if (acl == NULL) - return FALSE; - if(!acl_match_field(context, buf, acl)) { - return FALSE; - } - acl = acl->next; - } - if (acl) - return FALSE; - return TRUE; -} - -/** - * krb5_acl_match_string matches ACL format against a string. - * - * The ACL format has three format specifiers: s, f, and r. Each - * specifier will retrieve one argument from the variable arguments - * for either matching or storing data. The input string is split up - * using " " (space) and "\t" (tab) as a delimiter; multiple and "\t" - * in a row are considered to be the same. - * - * List of format specifiers: - * - s Matches a string using strcmp(3) (case sensitive). - * - f Matches the string with fnmatch(3). Theflags - * argument (the last argument) passed to the fnmatch function is 0. - * - r Returns a copy of the string in the char ** passed in; the copy - * must be freed with free(3). There is no need to free(3) the - * string on error: the function will clean up and set the pointer - * to NULL. - * - * @param context Kerberos 5 context - * @param string string to match with - * @param format format to match - * @param ... parameter to format string - * - * @return Return an error code or 0. - * - * - * @code - * char *s; - * - * ret = krb5_acl_match_string(context, "foo", "s", "foo"); - * if (ret) - * krb5_errx(context, 1, "acl didn't match"); - * ret = krb5_acl_match_string(context, "foo foo baz/kaka", - * "ss", "foo", &s, "foo/\\*"); - * if (ret) { - * // no need to free(s) on error - * assert(s == NULL); - * krb5_errx(context, 1, "acl didn't match"); - * } - * free(s); - * @endcode - * - * @sa krb5_acl_match_file - * @ingroup krb5_support - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_acl_match_string(krb5_context context, - const char *string, - const char *format, - ...) -{ - krb5_error_code ret; - krb5_boolean found; - struct acl_field *acl; - - va_list ap; - va_start(ap, format); - ret = acl_parse_format(context, &acl, format, ap); - va_end(ap); - if(ret) - return ret; - - found = acl_match_acl(context, acl, string); - acl_free_list(acl, !found); - if (found) { - return 0; - } else { - krb5_set_error_string(context, "ACL did not match"); - return EACCES; - } -} - -/** - * krb5_acl_match_file matches ACL format against each line in a file - * using krb5_acl_match_string(). Lines starting with # are treated - * like comments and ignored. - * - * @param context Kerberos 5 context. - * @param file file with acl listed in the file. - * @param format format to match. - * @param ... parameter to format string. - * - * @return Return an error code or 0. - * - * @sa krb5_acl_match_string - * @ingroup krb5_support - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_acl_match_file(krb5_context context, - const char *file, - const char *format, - ...) -{ - krb5_error_code ret; - struct acl_field *acl; - char buf[256]; - va_list ap; - FILE *f; - krb5_boolean found; - - f = fopen(file, "r"); - if(f == NULL) { - int save_errno = errno; - - krb5_set_error_string(context, "open(%s): %s", file, - strerror(save_errno)); - return save_errno; - } - - va_start(ap, format); - ret = acl_parse_format(context, &acl, format, ap); - va_end(ap); - if(ret) { - fclose(f); - return ret; - } - - found = FALSE; - while(fgets(buf, sizeof(buf), f)) { - if(buf[0] == '#') - continue; - if(acl_match_acl(context, acl, buf)) { - found = TRUE; - break; - } - free_retv(acl); - } - - fclose(f); - acl_free_list(acl, !found); - if (found) { - return 0; - } else { - krb5_set_error_string(context, "ACL did not match"); - return EACCES; - } -} diff --git a/crypto/heimdal/lib/krb5/add_et_list.c b/crypto/heimdal/lib/krb5/add_et_list.c deleted file mode 100644 index a6005c685903..000000000000 --- a/crypto/heimdal/lib/krb5/add_et_list.c +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: add_et_list.c 13713 2004-04-13 14:33:45Z lha $"); - -/* - * Add a specified list of error messages to the et list in context. - * Call func (probably a comerr-generated function) with a pointer to - * the current et_list. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_add_et_list (krb5_context context, - void (*func)(struct et_list **)) -{ - (*func)(&context->et_list); - return 0; -} diff --git a/crypto/heimdal/lib/krb5/addr_families.c b/crypto/heimdal/lib/krb5/addr_families.c deleted file mode 100644 index f364f5974d47..000000000000 --- a/crypto/heimdal/lib/krb5/addr_families.c +++ /dev/null @@ -1,1463 +0,0 @@ -/* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: addr_families.c 22039 2007-11-10 11:47:35Z lha $"); - -struct addr_operations { - int af; - krb5_address_type atype; - size_t max_sockaddr_size; - krb5_error_code (*sockaddr2addr)(const struct sockaddr *, krb5_address *); - krb5_error_code (*sockaddr2port)(const struct sockaddr *, int16_t *); - void (*addr2sockaddr)(const krb5_address *, struct sockaddr *, - krb5_socklen_t *sa_size, int port); - void (*h_addr2sockaddr)(const char *, struct sockaddr *, krb5_socklen_t *, int); - krb5_error_code (*h_addr2addr)(const char *, krb5_address *); - krb5_boolean (*uninteresting)(const struct sockaddr *); - void (*anyaddr)(struct sockaddr *, krb5_socklen_t *, int); - int (*print_addr)(const krb5_address *, char *, size_t); - int (*parse_addr)(krb5_context, const char*, krb5_address *); - int (*order_addr)(krb5_context, const krb5_address*, const krb5_address*); - int (*free_addr)(krb5_context, krb5_address*); - int (*copy_addr)(krb5_context, const krb5_address*, krb5_address*); - int (*mask_boundary)(krb5_context, const krb5_address*, unsigned long, - krb5_address*, krb5_address*); -}; - -/* - * AF_INET - aka IPv4 implementation - */ - -static krb5_error_code -ipv4_sockaddr2addr (const struct sockaddr *sa, krb5_address *a) -{ - const struct sockaddr_in *sin4 = (const struct sockaddr_in *)sa; - unsigned char buf[4]; - - a->addr_type = KRB5_ADDRESS_INET; - memcpy (buf, &sin4->sin_addr, 4); - return krb5_data_copy(&a->address, buf, 4); -} - -static krb5_error_code -ipv4_sockaddr2port (const struct sockaddr *sa, int16_t *port) -{ - const struct sockaddr_in *sin4 = (const struct sockaddr_in *)sa; - - *port = sin4->sin_port; - return 0; -} - -static void -ipv4_addr2sockaddr (const krb5_address *a, - struct sockaddr *sa, - krb5_socklen_t *sa_size, - int port) -{ - struct sockaddr_in tmp; - - memset (&tmp, 0, sizeof(tmp)); - tmp.sin_family = AF_INET; - memcpy (&tmp.sin_addr, a->address.data, 4); - tmp.sin_port = port; - memcpy(sa, &tmp, min(sizeof(tmp), *sa_size)); - *sa_size = sizeof(tmp); -} - -static void -ipv4_h_addr2sockaddr(const char *addr, - struct sockaddr *sa, - krb5_socklen_t *sa_size, - int port) -{ - struct sockaddr_in tmp; - - memset (&tmp, 0, sizeof(tmp)); - tmp.sin_family = AF_INET; - tmp.sin_port = port; - tmp.sin_addr = *((const struct in_addr *)addr); - memcpy(sa, &tmp, min(sizeof(tmp), *sa_size)); - *sa_size = sizeof(tmp); -} - -static krb5_error_code -ipv4_h_addr2addr (const char *addr, - krb5_address *a) -{ - unsigned char buf[4]; - - a->addr_type = KRB5_ADDRESS_INET; - memcpy(buf, addr, 4); - return krb5_data_copy(&a->address, buf, 4); -} - -/* - * Are there any addresses that should be considered `uninteresting'? - */ - -static krb5_boolean -ipv4_uninteresting (const struct sockaddr *sa) -{ - const struct sockaddr_in *sin4 = (const struct sockaddr_in *)sa; - - if (sin4->sin_addr.s_addr == INADDR_ANY) - return TRUE; - - return FALSE; -} - -static void -ipv4_anyaddr (struct sockaddr *sa, krb5_socklen_t *sa_size, int port) -{ - struct sockaddr_in tmp; - - memset (&tmp, 0, sizeof(tmp)); - tmp.sin_family = AF_INET; - tmp.sin_port = port; - tmp.sin_addr.s_addr = INADDR_ANY; - memcpy(sa, &tmp, min(sizeof(tmp), *sa_size)); - *sa_size = sizeof(tmp); -} - -static int -ipv4_print_addr (const krb5_address *addr, char *str, size_t len) -{ - struct in_addr ia; - - memcpy (&ia, addr->address.data, 4); - - return snprintf (str, len, "IPv4:%s", inet_ntoa(ia)); -} - -static int -ipv4_parse_addr (krb5_context context, const char *address, krb5_address *addr) -{ - const char *p; - struct in_addr a; - - p = strchr(address, ':'); - if(p) { - p++; - if(strncasecmp(address, "ip:", p - address) != 0 && - strncasecmp(address, "ip4:", p - address) != 0 && - strncasecmp(address, "ipv4:", p - address) != 0 && - strncasecmp(address, "inet:", p - address) != 0) - return -1; - } else - p = address; -#ifdef HAVE_INET_ATON - if(inet_aton(p, &a) == 0) - return -1; -#elif defined(HAVE_INET_ADDR) - a.s_addr = inet_addr(p); - if(a.s_addr == INADDR_NONE) - return -1; -#else - return -1; -#endif - addr->addr_type = KRB5_ADDRESS_INET; - if(krb5_data_alloc(&addr->address, 4) != 0) - return -1; - _krb5_put_int(addr->address.data, ntohl(a.s_addr), addr->address.length); - return 0; -} - -static int -ipv4_mask_boundary(krb5_context context, const krb5_address *inaddr, - unsigned long len, krb5_address *low, krb5_address *high) -{ - unsigned long ia; - uint32_t l, h, m = 0xffffffff; - - if (len > 32) { - krb5_set_error_string(context, "IPv4 prefix too large (%ld)", len); - return KRB5_PROG_ATYPE_NOSUPP; - } - m = m << (32 - len); - - _krb5_get_int(inaddr->address.data, &ia, inaddr->address.length); - - l = ia & m; - h = l | ~m; - - low->addr_type = KRB5_ADDRESS_INET; - if(krb5_data_alloc(&low->address, 4) != 0) - return -1; - _krb5_put_int(low->address.data, l, low->address.length); - - high->addr_type = KRB5_ADDRESS_INET; - if(krb5_data_alloc(&high->address, 4) != 0) { - krb5_free_address(context, low); - return -1; - } - _krb5_put_int(high->address.data, h, high->address.length); - - return 0; -} - - -/* - * AF_INET6 - aka IPv6 implementation - */ - -#ifdef HAVE_IPV6 - -static krb5_error_code -ipv6_sockaddr2addr (const struct sockaddr *sa, krb5_address *a) -{ - const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa; - - if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { - unsigned char buf[4]; - - a->addr_type = KRB5_ADDRESS_INET; -#ifndef IN6_ADDR_V6_TO_V4 -#ifdef IN6_EXTRACT_V4ADDR -#define IN6_ADDR_V6_TO_V4(x) (&IN6_EXTRACT_V4ADDR(x)) -#else -#define IN6_ADDR_V6_TO_V4(x) ((const struct in_addr *)&(x)->s6_addr[12]) -#endif -#endif - memcpy (buf, IN6_ADDR_V6_TO_V4(&sin6->sin6_addr), 4); - return krb5_data_copy(&a->address, buf, 4); - } else { - a->addr_type = KRB5_ADDRESS_INET6; - return krb5_data_copy(&a->address, - &sin6->sin6_addr, - sizeof(sin6->sin6_addr)); - } -} - -static krb5_error_code -ipv6_sockaddr2port (const struct sockaddr *sa, int16_t *port) -{ - const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa; - - *port = sin6->sin6_port; - return 0; -} - -static void -ipv6_addr2sockaddr (const krb5_address *a, - struct sockaddr *sa, - krb5_socklen_t *sa_size, - int port) -{ - struct sockaddr_in6 tmp; - - memset (&tmp, 0, sizeof(tmp)); - tmp.sin6_family = AF_INET6; - memcpy (&tmp.sin6_addr, a->address.data, sizeof(tmp.sin6_addr)); - tmp.sin6_port = port; - memcpy(sa, &tmp, min(sizeof(tmp), *sa_size)); - *sa_size = sizeof(tmp); -} - -static void -ipv6_h_addr2sockaddr(const char *addr, - struct sockaddr *sa, - krb5_socklen_t *sa_size, - int port) -{ - struct sockaddr_in6 tmp; - - memset (&tmp, 0, sizeof(tmp)); - tmp.sin6_family = AF_INET6; - tmp.sin6_port = port; - tmp.sin6_addr = *((const struct in6_addr *)addr); - memcpy(sa, &tmp, min(sizeof(tmp), *sa_size)); - *sa_size = sizeof(tmp); -} - -static krb5_error_code -ipv6_h_addr2addr (const char *addr, - krb5_address *a) -{ - a->addr_type = KRB5_ADDRESS_INET6; - return krb5_data_copy(&a->address, addr, sizeof(struct in6_addr)); -} - -/* - * - */ - -static krb5_boolean -ipv6_uninteresting (const struct sockaddr *sa) -{ - const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa; - const struct in6_addr *in6 = (const struct in6_addr *)&sin6->sin6_addr; - - return - IN6_IS_ADDR_LINKLOCAL(in6) - || IN6_IS_ADDR_V4COMPAT(in6); -} - -static void -ipv6_anyaddr (struct sockaddr *sa, krb5_socklen_t *sa_size, int port) -{ - struct sockaddr_in6 tmp; - - memset (&tmp, 0, sizeof(tmp)); - tmp.sin6_family = AF_INET6; - tmp.sin6_port = port; - tmp.sin6_addr = in6addr_any; - *sa_size = sizeof(tmp); -} - -static int -ipv6_print_addr (const krb5_address *addr, char *str, size_t len) -{ - char buf[128], buf2[3]; -#ifdef HAVE_INET_NTOP - if(inet_ntop(AF_INET6, addr->address.data, buf, sizeof(buf)) == NULL) -#endif - { - /* XXX this is pretty ugly, but better than abort() */ - int i; - unsigned char *p = addr->address.data; - buf[0] = '\0'; - for(i = 0; i < addr->address.length; i++) { - snprintf(buf2, sizeof(buf2), "%02x", p[i]); - if(i > 0 && (i & 1) == 0) - strlcat(buf, ":", sizeof(buf)); - strlcat(buf, buf2, sizeof(buf)); - } - } - return snprintf(str, len, "IPv6:%s", buf); -} - -static int -ipv6_parse_addr (krb5_context context, const char *address, krb5_address *addr) -{ - int ret; - struct in6_addr in6; - const char *p; - - p = strchr(address, ':'); - if(p) { - p++; - if(strncasecmp(address, "ip6:", p - address) == 0 || - strncasecmp(address, "ipv6:", p - address) == 0 || - strncasecmp(address, "inet6:", p - address) == 0) - address = p; - } - - ret = inet_pton(AF_INET6, address, &in6.s6_addr); - if(ret == 1) { - addr->addr_type = KRB5_ADDRESS_INET6; - ret = krb5_data_alloc(&addr->address, sizeof(in6.s6_addr)); - if (ret) - return -1; - memcpy(addr->address.data, in6.s6_addr, sizeof(in6.s6_addr)); - return 0; - } - return -1; -} - -static int -ipv6_mask_boundary(krb5_context context, const krb5_address *inaddr, - unsigned long len, krb5_address *low, krb5_address *high) -{ - struct in6_addr addr, laddr, haddr; - uint32_t m; - int i, sub_len; - - if (len > 128) { - krb5_set_error_string(context, "IPv6 prefix too large (%ld)", len); - return KRB5_PROG_ATYPE_NOSUPP; - } - - if (inaddr->address.length != sizeof(addr)) { - krb5_set_error_string(context, "IPv6 addr bad length"); - return KRB5_PROG_ATYPE_NOSUPP; - } - - memcpy(&addr, inaddr->address.data, inaddr->address.length); - - for (i = 0; i < 16; i++) { - sub_len = min(8, len); - - m = 0xff << (8 - sub_len); - - laddr.s6_addr[i] = addr.s6_addr[i] & m; - haddr.s6_addr[i] = (addr.s6_addr[i] & m) | ~m; - - if (len > 8) - len -= 8; - else - len = 0; - } - - low->addr_type = KRB5_ADDRESS_INET6; - if (krb5_data_alloc(&low->address, sizeof(laddr.s6_addr)) != 0) - return -1; - memcpy(low->address.data, laddr.s6_addr, sizeof(laddr.s6_addr)); - - high->addr_type = KRB5_ADDRESS_INET6; - if (krb5_data_alloc(&high->address, sizeof(haddr.s6_addr)) != 0) { - krb5_free_address(context, low); - return -1; - } - memcpy(high->address.data, haddr.s6_addr, sizeof(haddr.s6_addr)); - - return 0; -} - -#endif /* IPv6 */ - -/* - * table - */ - -#define KRB5_ADDRESS_ARANGE (-100) - -struct arange { - krb5_address low; - krb5_address high; -}; - -static int -arange_parse_addr (krb5_context context, - const char *address, krb5_address *addr) -{ - char buf[1024], *p; - krb5_address low0, high0; - struct arange *a; - krb5_error_code ret; - - if(strncasecmp(address, "RANGE:", 6) != 0) - return -1; - - address += 6; - - p = strrchr(address, '/'); - if (p) { - krb5_addresses addrmask; - char *q; - long num; - - if (strlcpy(buf, address, sizeof(buf)) > sizeof(buf)) - return -1; - buf[p - address] = '\0'; - ret = krb5_parse_address(context, buf, &addrmask); - if (ret) - return ret; - if(addrmask.len != 1) { - krb5_free_addresses(context, &addrmask); - return -1; - } - - address += p - address + 1; - - num = strtol(address, &q, 10); - if (q == address || *q != '\0' || num < 0) { - krb5_free_addresses(context, &addrmask); - return -1; - } - - ret = krb5_address_prefixlen_boundary(context, &addrmask.val[0], num, - &low0, &high0); - krb5_free_addresses(context, &addrmask); - if (ret) - return ret; - - } else { - krb5_addresses low, high; - - strsep_copy(&address, "-", buf, sizeof(buf)); - ret = krb5_parse_address(context, buf, &low); - if(ret) - return ret; - if(low.len != 1) { - krb5_free_addresses(context, &low); - return -1; - } - - strsep_copy(&address, "-", buf, sizeof(buf)); - ret = krb5_parse_address(context, buf, &high); - if(ret) { - krb5_free_addresses(context, &low); - return ret; - } - - if(high.len != 1 && high.val[0].addr_type != low.val[0].addr_type) { - krb5_free_addresses(context, &low); - krb5_free_addresses(context, &high); - return -1; - } - - ret = krb5_copy_address(context, &high.val[0], &high0); - if (ret == 0) { - ret = krb5_copy_address(context, &low.val[0], &low0); - if (ret) - krb5_free_address(context, &high0); - } - krb5_free_addresses(context, &low); - krb5_free_addresses(context, &high); - if (ret) - return ret; - } - - krb5_data_alloc(&addr->address, sizeof(*a)); - addr->addr_type = KRB5_ADDRESS_ARANGE; - a = addr->address.data; - - if(krb5_address_order(context, &low0, &high0) < 0) { - a->low = low0; - a->high = high0; - } else { - a->low = high0; - a->high = low0; - } - return 0; -} - -static int -arange_free (krb5_context context, krb5_address *addr) -{ - struct arange *a; - a = addr->address.data; - krb5_free_address(context, &a->low); - krb5_free_address(context, &a->high); - krb5_data_free(&addr->address); - return 0; -} - - -static int -arange_copy (krb5_context context, const krb5_address *inaddr, - krb5_address *outaddr) -{ - krb5_error_code ret; - struct arange *i, *o; - - outaddr->addr_type = KRB5_ADDRESS_ARANGE; - ret = krb5_data_alloc(&outaddr->address, sizeof(*o)); - if(ret) - return ret; - i = inaddr->address.data; - o = outaddr->address.data; - ret = krb5_copy_address(context, &i->low, &o->low); - if(ret) { - krb5_data_free(&outaddr->address); - return ret; - } - ret = krb5_copy_address(context, &i->high, &o->high); - if(ret) { - krb5_free_address(context, &o->low); - krb5_data_free(&outaddr->address); - return ret; - } - return 0; -} - -static int -arange_print_addr (const krb5_address *addr, char *str, size_t len) -{ - struct arange *a; - krb5_error_code ret; - size_t l, size, ret_len; - - a = addr->address.data; - - l = strlcpy(str, "RANGE:", len); - ret_len = l; - if (l > len) - l = len; - size = l; - - ret = krb5_print_address (&a->low, str + size, len - size, &l); - if (ret) - return ret; - ret_len += l; - if (len - size > l) - size += l; - else - size = len; - - l = strlcat(str + size, "-", len - size); - ret_len += l; - if (len - size > l) - size += l; - else - size = len; - - ret = krb5_print_address (&a->high, str + size, len - size, &l); - if (ret) - return ret; - ret_len += l; - - return ret_len; -} - -static int -arange_order_addr(krb5_context context, - const krb5_address *addr1, - const krb5_address *addr2) -{ - int tmp1, tmp2, sign; - struct arange *a; - const krb5_address *a2; - - if(addr1->addr_type == KRB5_ADDRESS_ARANGE) { - a = addr1->address.data; - a2 = addr2; - sign = 1; - } else if(addr2->addr_type == KRB5_ADDRESS_ARANGE) { - a = addr2->address.data; - a2 = addr1; - sign = -1; - } else - abort(); - - if(a2->addr_type == KRB5_ADDRESS_ARANGE) { - struct arange *b = a2->address.data; - tmp1 = krb5_address_order(context, &a->low, &b->low); - if(tmp1 != 0) - return sign * tmp1; - return sign * krb5_address_order(context, &a->high, &b->high); - } else if(a2->addr_type == a->low.addr_type) { - tmp1 = krb5_address_order(context, &a->low, a2); - if(tmp1 > 0) - return sign; - tmp2 = krb5_address_order(context, &a->high, a2); - if(tmp2 < 0) - return -sign; - return 0; - } else { - return sign * (addr1->addr_type - addr2->addr_type); - } -} - -static int -addrport_print_addr (const krb5_address *addr, char *str, size_t len) -{ - krb5_error_code ret; - krb5_address addr1, addr2; - uint16_t port = 0; - size_t ret_len = 0, l, size = 0; - krb5_storage *sp; - - sp = krb5_storage_from_data((krb5_data*)rk_UNCONST(&addr->address)); - /* for totally obscure reasons, these are not in network byteorder */ - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_LE); - - krb5_storage_seek(sp, 2, SEEK_CUR); /* skip first two bytes */ - krb5_ret_address(sp, &addr1); - - krb5_storage_seek(sp, 2, SEEK_CUR); /* skip two bytes */ - krb5_ret_address(sp, &addr2); - krb5_storage_free(sp); - if(addr2.addr_type == KRB5_ADDRESS_IPPORT && addr2.address.length == 2) { - unsigned long value; - _krb5_get_int(addr2.address.data, &value, 2); - port = value; - } - l = strlcpy(str, "ADDRPORT:", len); - ret_len += l; - if (len > l) - size += l; - else - size = len; - - ret = krb5_print_address(&addr1, str + size, len - size, &l); - if (ret) - return ret; - ret_len += l; - if (len - size > l) - size += l; - else - size = len; - - ret = snprintf(str + size, len - size, ",PORT=%u", port); - if (ret < 0) - return EINVAL; - ret_len += ret; - return ret_len; -} - -static struct addr_operations at[] = { - {AF_INET, KRB5_ADDRESS_INET, sizeof(struct sockaddr_in), - ipv4_sockaddr2addr, - ipv4_sockaddr2port, - ipv4_addr2sockaddr, - ipv4_h_addr2sockaddr, - ipv4_h_addr2addr, - ipv4_uninteresting, ipv4_anyaddr, ipv4_print_addr, ipv4_parse_addr, - NULL, NULL, NULL, ipv4_mask_boundary }, -#ifdef HAVE_IPV6 - {AF_INET6, KRB5_ADDRESS_INET6, sizeof(struct sockaddr_in6), - ipv6_sockaddr2addr, - ipv6_sockaddr2port, - ipv6_addr2sockaddr, - ipv6_h_addr2sockaddr, - ipv6_h_addr2addr, - ipv6_uninteresting, ipv6_anyaddr, ipv6_print_addr, ipv6_parse_addr, - NULL, NULL, NULL, ipv6_mask_boundary } , -#endif - {KRB5_ADDRESS_ADDRPORT, KRB5_ADDRESS_ADDRPORT, 0, - NULL, NULL, NULL, NULL, NULL, - NULL, NULL, addrport_print_addr, NULL, NULL, NULL, NULL }, - /* fake address type */ - {KRB5_ADDRESS_ARANGE, KRB5_ADDRESS_ARANGE, sizeof(struct arange), - NULL, NULL, NULL, NULL, NULL, NULL, NULL, - arange_print_addr, arange_parse_addr, - arange_order_addr, arange_free, arange_copy } -}; - -static int num_addrs = sizeof(at) / sizeof(at[0]); - -static size_t max_sockaddr_size = 0; - -/* - * generic functions - */ - -static struct addr_operations * -find_af(int af) -{ - struct addr_operations *a; - - for (a = at; a < at + num_addrs; ++a) - if (af == a->af) - return a; - return NULL; -} - -static struct addr_operations * -find_atype(int atype) -{ - struct addr_operations *a; - - for (a = at; a < at + num_addrs; ++a) - if (atype == a->atype) - return a; - return NULL; -} - -/** - * krb5_sockaddr2address stores a address a "struct sockaddr" sa in - * the krb5_address addr. - * - * @param context a Keberos context - * @param sa a struct sockaddr to extract the address from - * @param addr an Kerberos 5 address to store the address in. - * - * @return Return an error code or 0. - * - * @ingroup krb5_address - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_sockaddr2address (krb5_context context, - const struct sockaddr *sa, krb5_address *addr) -{ - struct addr_operations *a = find_af(sa->sa_family); - if (a == NULL) { - krb5_set_error_string (context, "Address family %d not supported", - sa->sa_family); - return KRB5_PROG_ATYPE_NOSUPP; - } - return (*a->sockaddr2addr)(sa, addr); -} - -/** - * krb5_sockaddr2port extracts a port (if possible) from a "struct - * sockaddr. - * - * @param context a Keberos context - * @param sa a struct sockaddr to extract the port from - * @param port a pointer to an int16_t store the port in. - * - * @return Return an error code or 0. Will return - * KRB5_PROG_ATYPE_NOSUPP in case address type is not supported. - * - * @ingroup krb5_address - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_sockaddr2port (krb5_context context, - const struct sockaddr *sa, int16_t *port) -{ - struct addr_operations *a = find_af(sa->sa_family); - if (a == NULL) { - krb5_set_error_string (context, "Address family %d not supported", - sa->sa_family); - return KRB5_PROG_ATYPE_NOSUPP; - } - return (*a->sockaddr2port)(sa, port); -} - -/** - * krb5_addr2sockaddr sets the "struct sockaddr sockaddr" from addr - * and port. The argument sa_size should initially contain the size of - * the sa and after the call, it will contain the actual length of the - * address. In case of the sa is too small to fit the whole address, - * the up to *sa_size will be stored, and then *sa_size will be set to - * the required length. - * - * @param context a Keberos context - * @param addr the address to copy the from - * @param sa the struct sockaddr that will be filled in - * @param sa_size pointer to length of sa, and after the call, it will - * contain the actual length of the address. - * @param port set port in sa. - * - * @return Return an error code or 0. Will return - * KRB5_PROG_ATYPE_NOSUPP in case address type is not supported. - * - * @ingroup krb5_address - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_addr2sockaddr (krb5_context context, - const krb5_address *addr, - struct sockaddr *sa, - krb5_socklen_t *sa_size, - int port) -{ - struct addr_operations *a = find_atype(addr->addr_type); - - if (a == NULL) { - krb5_set_error_string (context, "Address type %d not supported", - addr->addr_type); - return KRB5_PROG_ATYPE_NOSUPP; - } - if (a->addr2sockaddr == NULL) { - krb5_set_error_string (context, - "Can't convert address type %d to sockaddr", - addr->addr_type); - return KRB5_PROG_ATYPE_NOSUPP; - } - (*a->addr2sockaddr)(addr, sa, sa_size, port); - return 0; -} - -/** - * krb5_max_sockaddr_size returns the max size of the .Li struct - * sockaddr that the Kerberos library will return. - * - * @return Return an size_t of the maximum struct sockaddr. - * - * @ingroup krb5_address - */ - -size_t KRB5_LIB_FUNCTION -krb5_max_sockaddr_size (void) -{ - if (max_sockaddr_size == 0) { - struct addr_operations *a; - - for(a = at; a < at + num_addrs; ++a) - max_sockaddr_size = max(max_sockaddr_size, a->max_sockaddr_size); - } - return max_sockaddr_size; -} - -/** - * krb5_sockaddr_uninteresting returns TRUE for all .Fa sa that the - * kerberos library thinks are uninteresting. One example are link - * local addresses. - * - * @param sa pointer to struct sockaddr that might be interesting. - * - * @return Return a non zero for uninteresting addresses. - * - * @ingroup krb5_address - */ - -krb5_boolean KRB5_LIB_FUNCTION -krb5_sockaddr_uninteresting(const struct sockaddr *sa) -{ - struct addr_operations *a = find_af(sa->sa_family); - if (a == NULL || a->uninteresting == NULL) - return TRUE; - return (*a->uninteresting)(sa); -} - -/** - * krb5_h_addr2sockaddr initializes a "struct sockaddr sa" from af and - * the "struct hostent" (see gethostbyname(3) ) h_addr_list - * component. The argument sa_size should initially contain the size - * of the sa, and after the call, it will contain the actual length of - * the address. - * - * @param context a Keberos context - * @param af addresses - * @param addr address - * @param sa returned struct sockaddr - * @param sa_size size of sa - * @param port port to set in sa. - * - * @return Return an error code or 0. - * - * @ingroup krb5_address - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_h_addr2sockaddr (krb5_context context, - int af, - const char *addr, struct sockaddr *sa, - krb5_socklen_t *sa_size, - int port) -{ - struct addr_operations *a = find_af(af); - if (a == NULL) { - krb5_set_error_string (context, "Address family %d not supported", af); - return KRB5_PROG_ATYPE_NOSUPP; - } - (*a->h_addr2sockaddr)(addr, sa, sa_size, port); - return 0; -} - -/** - * krb5_h_addr2addr works like krb5_h_addr2sockaddr with the exception - * that it operates on a krb5_address instead of a struct sockaddr. - * - * @param context a Keberos context - * @param af address family - * @param haddr host address from struct hostent. - * @param addr returned krb5_address. - * - * @return Return an error code or 0. - * - * @ingroup krb5_address - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_h_addr2addr (krb5_context context, - int af, - const char *haddr, krb5_address *addr) -{ - struct addr_operations *a = find_af(af); - if (a == NULL) { - krb5_set_error_string (context, "Address family %d not supported", af); - return KRB5_PROG_ATYPE_NOSUPP; - } - return (*a->h_addr2addr)(haddr, addr); -} - -/** - * krb5_anyaddr fills in a "struct sockaddr sa" that can be used to - * bind(2) to. The argument sa_size should initially contain the size - * of the sa, and after the call, it will contain the actual length - * of the address. - * - * @param context a Keberos context - * @param af address family - * @param sa sockaddr - * @param sa_size lenght of sa. - * @param port for to fill into sa. - * - * @return Return an error code or 0. - * - * @ingroup krb5_address - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_anyaddr (krb5_context context, - int af, - struct sockaddr *sa, - krb5_socklen_t *sa_size, - int port) -{ - struct addr_operations *a = find_af (af); - - if (a == NULL) { - krb5_set_error_string (context, "Address family %d not supported", af); - return KRB5_PROG_ATYPE_NOSUPP; - } - - (*a->anyaddr)(sa, sa_size, port); - return 0; -} - -/** - * krb5_print_address prints the address in addr to the string string - * that have the length len. If ret_len is not NULL, it will be filled - * with the length of the string if size were unlimited (not including - * the final NUL) . - * - * @param addr address to be printed - * @param str pointer string to print the address into - * @param len length that will fit into area pointed to by "str". - * @param ret_len return length the str. - * - * @return Return an error code or 0. - * - * @ingroup krb5_address - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_print_address (const krb5_address *addr, - char *str, size_t len, size_t *ret_len) -{ - struct addr_operations *a = find_atype(addr->addr_type); - int ret; - - if (a == NULL || a->print_addr == NULL) { - char *s; - int l; - int i; - - s = str; - l = snprintf(s, len, "TYPE_%d:", addr->addr_type); - if (l < 0 || l >= len) - return EINVAL; - s += l; - len -= l; - for(i = 0; i < addr->address.length; i++) { - l = snprintf(s, len, "%02x", ((char*)addr->address.data)[i]); - if (l < 0 || l >= len) - return EINVAL; - len -= l; - s += l; - } - if(ret_len != NULL) - *ret_len = s - str; - return 0; - } - ret = (*a->print_addr)(addr, str, len); - if (ret < 0) - return EINVAL; - if(ret_len != NULL) - *ret_len = ret; - return 0; -} - -/** - * krb5_parse_address returns the resolved hostname in string to the - * krb5_addresses addresses . - * - * @param context a Keberos context - * @param string - * @param addresses - * - * @return Return an error code or 0. - * - * @ingroup krb5_address - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_parse_address(krb5_context context, - const char *string, - krb5_addresses *addresses) -{ - int i, n; - struct addrinfo *ai, *a; - int error; - int save_errno; - - addresses->len = 0; - addresses->val = NULL; - - for(i = 0; i < num_addrs; i++) { - if(at[i].parse_addr) { - krb5_address addr; - if((*at[i].parse_addr)(context, string, &addr) == 0) { - ALLOC_SEQ(addresses, 1); - if (addresses->val == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - addresses->val[0] = addr; - return 0; - } - } - } - - error = getaddrinfo (string, NULL, NULL, &ai); - if (error) { - save_errno = errno; - krb5_set_error_string (context, "%s: %s", string, gai_strerror(error)); - return krb5_eai_to_heim_errno(error, save_errno); - } - - n = 0; - for (a = ai; a != NULL; a = a->ai_next) - ++n; - - ALLOC_SEQ(addresses, n); - if (addresses->val == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - freeaddrinfo(ai); - return ENOMEM; - } - - addresses->len = 0; - for (a = ai, i = 0; a != NULL; a = a->ai_next) { - if (krb5_sockaddr2address (context, ai->ai_addr, &addresses->val[i])) - continue; - if(krb5_address_search(context, &addresses->val[i], addresses)) - continue; - addresses->len = i; - i++; - } - freeaddrinfo (ai); - return 0; -} - -/** - * krb5_address_order compares the addresses addr1 and addr2 so that - * it can be used for sorting addresses. If the addresses are the same - * address krb5_address_order will return 0. Behavies like memcmp(2). - * - * @param context a Keberos context - * @param addr1 krb5_address to compare - * @param addr2 krb5_address to compare - * - * @return < 0 if address addr1 in "less" then addr2. 0 if addr1 and - * addr2 is the same address, > 0 if addr2 is "less" then addr1. - * - * @ingroup krb5_address - */ - -int KRB5_LIB_FUNCTION -krb5_address_order(krb5_context context, - const krb5_address *addr1, - const krb5_address *addr2) -{ - /* this sucks; what if both addresses have order functions, which - should we call? this works for now, though */ - struct addr_operations *a; - a = find_atype(addr1->addr_type); - if(a == NULL) { - krb5_set_error_string (context, "Address family %d not supported", - addr1->addr_type); - return KRB5_PROG_ATYPE_NOSUPP; - } - if(a->order_addr != NULL) - return (*a->order_addr)(context, addr1, addr2); - a = find_atype(addr2->addr_type); - if(a == NULL) { - krb5_set_error_string (context, "Address family %d not supported", - addr2->addr_type); - return KRB5_PROG_ATYPE_NOSUPP; - } - if(a->order_addr != NULL) - return (*a->order_addr)(context, addr1, addr2); - - if(addr1->addr_type != addr2->addr_type) - return addr1->addr_type - addr2->addr_type; - if(addr1->address.length != addr2->address.length) - return addr1->address.length - addr2->address.length; - return memcmp (addr1->address.data, - addr2->address.data, - addr1->address.length); -} - -/** - * krb5_address_compare compares the addresses addr1 and addr2. - * Returns TRUE if the two addresses are the same. - * - * @param context a Keberos context - * @param addr1 address to compare - * @param addr2 address to compare - * - * @return Return an TRUE is the address are the same FALSE if not - * - * @ingroup krb5_address - */ - -krb5_boolean KRB5_LIB_FUNCTION -krb5_address_compare(krb5_context context, - const krb5_address *addr1, - const krb5_address *addr2) -{ - return krb5_address_order (context, addr1, addr2) == 0; -} - -/** - * krb5_address_search checks if the address addr is a member of the - * address set list addrlist . - * - * @param context a Keberos context. - * @param addr address to search for. - * @param addrlist list of addresses to look in for addr. - * - * @return Return an error code or 0. - * - * @ingroup krb5_address - */ - -krb5_boolean KRB5_LIB_FUNCTION -krb5_address_search(krb5_context context, - const krb5_address *addr, - const krb5_addresses *addrlist) -{ - int i; - - for (i = 0; i < addrlist->len; ++i) - if (krb5_address_compare (context, addr, &addrlist->val[i])) - return TRUE; - return FALSE; -} - -/** - * krb5_free_address frees the data stored in the address that is - * alloced with any of the krb5_address functions. - * - * @param context a Keberos context - * @param address addresss to be freed. - * - * @return Return an error code or 0. - * - * @ingroup krb5_address - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_free_address(krb5_context context, - krb5_address *address) -{ - struct addr_operations *a = find_atype (address->addr_type); - if(a != NULL && a->free_addr != NULL) - return (*a->free_addr)(context, address); - krb5_data_free (&address->address); - memset(address, 0, sizeof(*address)); - return 0; -} - -/** - * krb5_free_addresses frees the data stored in the address that is - * alloced with any of the krb5_address functions. - * - * @param context a Keberos context - * @param addresses addressses to be freed. - * - * @return Return an error code or 0. - * - * @ingroup krb5_address - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_free_addresses(krb5_context context, - krb5_addresses *addresses) -{ - int i; - for(i = 0; i < addresses->len; i++) - krb5_free_address(context, &addresses->val[i]); - free(addresses->val); - addresses->len = 0; - addresses->val = NULL; - return 0; -} - -/** - * krb5_copy_address copies the content of address - * inaddr to outaddr. - * - * @param context a Keberos context - * @param inaddr pointer to source address - * @param outaddr pointer to destination address - * - * @return Return an error code or 0. - * - * @ingroup krb5_address - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_address(krb5_context context, - const krb5_address *inaddr, - krb5_address *outaddr) -{ - struct addr_operations *a = find_af (inaddr->addr_type); - if(a != NULL && a->copy_addr != NULL) - return (*a->copy_addr)(context, inaddr, outaddr); - return copy_HostAddress(inaddr, outaddr); -} - -/** - * krb5_copy_addresses copies the content of addresses - * inaddr to outaddr. - * - * @param context a Keberos context - * @param inaddr pointer to source addresses - * @param outaddr pointer to destination addresses - * - * @return Return an error code or 0. - * - * @ingroup krb5_address - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_addresses(krb5_context context, - const krb5_addresses *inaddr, - krb5_addresses *outaddr) -{ - int i; - ALLOC_SEQ(outaddr, inaddr->len); - if(inaddr->len > 0 && outaddr->val == NULL) - return ENOMEM; - for(i = 0; i < inaddr->len; i++) - krb5_copy_address(context, &inaddr->val[i], &outaddr->val[i]); - return 0; -} - -/** - * krb5_append_addresses adds the set of addresses in source to - * dest. While copying the addresses, duplicates are also sorted out. - * - * @param context a Keberos context - * @param dest destination of copy operation - * @param source adresses that are going to be added to dest - * - * @return Return an error code or 0. - * - * @ingroup krb5_address - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_append_addresses(krb5_context context, - krb5_addresses *dest, - const krb5_addresses *source) -{ - krb5_address *tmp; - krb5_error_code ret; - int i; - if(source->len > 0) { - tmp = realloc(dest->val, (dest->len + source->len) * sizeof(*tmp)); - if(tmp == NULL) { - krb5_set_error_string(context, "realloc: out of memory"); - return ENOMEM; - } - dest->val = tmp; - for(i = 0; i < source->len; i++) { - /* skip duplicates */ - if(krb5_address_search(context, &source->val[i], dest)) - continue; - ret = krb5_copy_address(context, - &source->val[i], - &dest->val[dest->len]); - if(ret) - return ret; - dest->len++; - } - } - return 0; -} - -/** - * Create an address of type KRB5_ADDRESS_ADDRPORT from (addr, port) - * - * @param context a Keberos context - * @param res built address from addr/port - * @param addr address to use - * @param port port to use - * - * @return Return an error code or 0. - * - * @ingroup krb5_address - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_make_addrport (krb5_context context, - krb5_address **res, const krb5_address *addr, int16_t port) -{ - krb5_error_code ret; - size_t len = addr->address.length + 2 + 4 * 4; - u_char *p; - - *res = malloc (sizeof(**res)); - if (*res == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - (*res)->addr_type = KRB5_ADDRESS_ADDRPORT; - ret = krb5_data_alloc (&(*res)->address, len); - if (ret) { - krb5_set_error_string(context, "malloc: out of memory"); - free (*res); - *res = NULL; - return ret; - } - p = (*res)->address.data; - *p++ = 0; - *p++ = 0; - *p++ = (addr->addr_type ) & 0xFF; - *p++ = (addr->addr_type >> 8) & 0xFF; - - *p++ = (addr->address.length ) & 0xFF; - *p++ = (addr->address.length >> 8) & 0xFF; - *p++ = (addr->address.length >> 16) & 0xFF; - *p++ = (addr->address.length >> 24) & 0xFF; - - memcpy (p, addr->address.data, addr->address.length); - p += addr->address.length; - - *p++ = 0; - *p++ = 0; - *p++ = (KRB5_ADDRESS_IPPORT ) & 0xFF; - *p++ = (KRB5_ADDRESS_IPPORT >> 8) & 0xFF; - - *p++ = (2 ) & 0xFF; - *p++ = (2 >> 8) & 0xFF; - *p++ = (2 >> 16) & 0xFF; - *p++ = (2 >> 24) & 0xFF; - - memcpy (p, &port, 2); - p += 2; - - return 0; -} - -/** - * Calculate the boundary addresses of `inaddr'/`prefixlen' and store - * them in `low' and `high'. - * - * @param context a Keberos context - * @param inaddr address in prefixlen that the bondery searched - * @param prefixlen width of boundery - * @param low lowest address - * @param high highest address - * - * @return Return an error code or 0. - * - * @ingroup krb5_address - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_address_prefixlen_boundary(krb5_context context, - const krb5_address *inaddr, - unsigned long prefixlen, - krb5_address *low, - krb5_address *high) -{ - struct addr_operations *a = find_atype (inaddr->addr_type); - if(a != NULL && a->mask_boundary != NULL) - return (*a->mask_boundary)(context, inaddr, prefixlen, low, high); - krb5_set_error_string(context, "Address family %d doesn't support " - "address mask operation", inaddr->addr_type); - return KRB5_PROG_ATYPE_NOSUPP; -} diff --git a/crypto/heimdal/lib/krb5/aes-test.c b/crypto/heimdal/lib/krb5/aes-test.c deleted file mode 100644 index 82b3431add54..000000000000 --- a/crypto/heimdal/lib/krb5/aes-test.c +++ /dev/null @@ -1,778 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include -#include - -#ifdef HAVE_OPENSSL -#include -#endif - -RCSID("$Id: aes-test.c 18301 2006-10-07 13:50:34Z lha $"); - -static int verbose = 0; - -static void -hex_dump_data(const void *data, size_t length) -{ - char *p; - - hex_encode(data, length, &p); - printf("%s\n", p); - free(p); -} - -struct { - char *password; - char *salt; - int saltlen; - int iterations; - krb5_enctype enctype; - size_t keylen; - char *pbkdf2; - char *key; -} keys[] = { - { - "password", "ATHENA.MIT.EDUraeburn", -1, - 1, - ETYPE_AES128_CTS_HMAC_SHA1_96, 16, - "\xcd\xed\xb5\x28\x1b\xb2\xf8\x01\x56\x5a\x11\x22\xb2\x56\x35\x15", - "\x42\x26\x3c\x6e\x89\xf4\xfc\x28\xb8\xdf\x68\xee\x09\x79\x9f\x15" - }, - { - "password", "ATHENA.MIT.EDUraeburn", -1, - 1, - ETYPE_AES256_CTS_HMAC_SHA1_96, 32, - "\xcd\xed\xb5\x28\x1b\xb2\xf8\x01\x56\x5a\x11\x22\xb2\x56\x35\x15" - "\x0a\xd1\xf7\xa0\x4b\xb9\xf3\xa3\x33\xec\xc0\xe2\xe1\xf7\x08\x37", - "\xfe\x69\x7b\x52\xbc\x0d\x3c\xe1\x44\x32\xba\x03\x6a\x92\xe6\x5b" - "\xbb\x52\x28\x09\x90\xa2\xfa\x27\x88\x39\x98\xd7\x2a\xf3\x01\x61" - }, - { - "password", "ATHENA.MIT.EDUraeburn", -1, - 2, - ETYPE_AES128_CTS_HMAC_SHA1_96, 16, - "\x01\xdb\xee\x7f\x4a\x9e\x24\x3e\x98\x8b\x62\xc7\x3c\xda\x93\x5d", - "\xc6\x51\xbf\x29\xe2\x30\x0a\xc2\x7f\xa4\x69\xd6\x93\xbd\xda\x13" - }, - { - "password", "ATHENA.MIT.EDUraeburn", -1, - 2, - ETYPE_AES256_CTS_HMAC_SHA1_96, 32, - "\x01\xdb\xee\x7f\x4a\x9e\x24\x3e\x98\x8b\x62\xc7\x3c\xda\x93\x5d" - "\xa0\x53\x78\xb9\x32\x44\xec\x8f\x48\xa9\x9e\x61\xad\x79\x9d\x86", - "\xa2\xe1\x6d\x16\xb3\x60\x69\xc1\x35\xd5\xe9\xd2\xe2\x5f\x89\x61" - "\x02\x68\x56\x18\xb9\x59\x14\xb4\x67\xc6\x76\x22\x22\x58\x24\xff" - }, - { - "password", "ATHENA.MIT.EDUraeburn", -1, - 1200, - ETYPE_AES128_CTS_HMAC_SHA1_96, 16, - "\x5c\x08\xeb\x61\xfd\xf7\x1e\x4e\x4e\xc3\xcf\x6b\xa1\xf5\x51\x2b", - "\x4c\x01\xcd\x46\xd6\x32\xd0\x1e\x6d\xbe\x23\x0a\x01\xed\x64\x2a" - }, - { - "password", "ATHENA.MIT.EDUraeburn", -1, - 1200, - ETYPE_AES256_CTS_HMAC_SHA1_96, 32, - "\x5c\x08\xeb\x61\xfd\xf7\x1e\x4e\x4e\xc3\xcf\x6b\xa1\xf5\x51\x2b" - "\xa7\xe5\x2d\xdb\xc5\xe5\x14\x2f\x70\x8a\x31\xe2\xe6\x2b\x1e\x13", - "\x55\xa6\xac\x74\x0a\xd1\x7b\x48\x46\x94\x10\x51\xe1\xe8\xb0\xa7" - "\x54\x8d\x93\xb0\xab\x30\xa8\xbc\x3f\xf1\x62\x80\x38\x2b\x8c\x2a" - }, - { - "password", "\x12\x34\x56\x78\x78\x56\x34\x12", 8, - 5, - ETYPE_AES128_CTS_HMAC_SHA1_96, 16, - "\xd1\xda\xa7\x86\x15\xf2\x87\xe6\xa1\xc8\xb1\x20\xd7\x06\x2a\x49", - "\xe9\xb2\x3d\x52\x27\x37\x47\xdd\x5c\x35\xcb\x55\xbe\x61\x9d\x8e" - }, - { - "password", "\x12\x34\x56\x78\x78\x56\x34\x12", 8, - 5, - ETYPE_AES256_CTS_HMAC_SHA1_96, 32, - "\xd1\xda\xa7\x86\x15\xf2\x87\xe6\xa1\xc8\xb1\x20\xd7\x06\x2a\x49" - "\x3f\x98\xd2\x03\xe6\xbe\x49\xa6\xad\xf4\xfa\x57\x4b\x6e\x64\xee", - "\x97\xa4\xe7\x86\xbe\x20\xd8\x1a\x38\x2d\x5e\xbc\x96\xd5\x90\x9c" - "\xab\xcd\xad\xc8\x7c\xa4\x8f\x57\x45\x04\x15\x9f\x16\xc3\x6e\x31" - }, - { - "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", - "pass phrase equals block size", -1, - 1200, - ETYPE_AES128_CTS_HMAC_SHA1_96, 16, - "\x13\x9c\x30\xc0\x96\x6b\xc3\x2b\xa5\x5f\xdb\xf2\x12\x53\x0a\xc9", - "\x59\xd1\xbb\x78\x9a\x82\x8b\x1a\xa5\x4e\xf9\xc2\x88\x3f\x69\xed" - }, - { - "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", - "pass phrase equals block size", -1, - 1200, - ETYPE_AES256_CTS_HMAC_SHA1_96, 32, - "\x13\x9c\x30\xc0\x96\x6b\xc3\x2b\xa5\x5f\xdb\xf2\x12\x53\x0a\xc9" - "\xc5\xec\x59\xf1\xa4\x52\xf5\xcc\x9a\xd9\x40\xfe\xa0\x59\x8e\xd1", - "\x89\xad\xee\x36\x08\xdb\x8b\xc7\x1f\x1b\xfb\xfe\x45\x94\x86\xb0" - "\x56\x18\xb7\x0c\xba\xe2\x20\x92\x53\x4e\x56\xc5\x53\xba\x4b\x34" - }, - { - "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", - "pass phrase exceeds block size", -1, - 1200, - ETYPE_AES128_CTS_HMAC_SHA1_96, 16, - "\x9c\xca\xd6\xd4\x68\x77\x0c\xd5\x1b\x10\xe6\xa6\x87\x21\xbe\x61", - "\xcb\x80\x05\xdc\x5f\x90\x17\x9a\x7f\x02\x10\x4c\x00\x18\x75\x1d" - }, - { - "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", - "pass phrase exceeds block size", -1, - 1200, - ETYPE_AES256_CTS_HMAC_SHA1_96, 32, - "\x9c\xca\xd6\xd4\x68\x77\x0c\xd5\x1b\x10\xe6\xa6\x87\x21\xbe\x61" - "\x1a\x8b\x4d\x28\x26\x01\xdb\x3b\x36\xbe\x92\x46\x91\x5e\xc8\x2a", - "\xd7\x8c\x5c\x9c\xb8\x72\xa8\xc9\xda\xd4\x69\x7f\x0b\xb5\xb2\xd2" - "\x14\x96\xc8\x2b\xeb\x2c\xae\xda\x21\x12\xfc\xee\xa0\x57\x40\x1b" - - }, - { - "\xf0\x9d\x84\x9e" /* g-clef */, "EXAMPLE.COMpianist", -1, - 50, - ETYPE_AES128_CTS_HMAC_SHA1_96, 16, - "\x6b\x9c\xf2\x6d\x45\x45\x5a\x43\xa5\xb8\xbb\x27\x6a\x40\x3b\x39", - "\xf1\x49\xc1\xf2\xe1\x54\xa7\x34\x52\xd4\x3e\x7f\xe6\x2a\x56\xe5" - }, - { - "\xf0\x9d\x84\x9e" /* g-clef */, "EXAMPLE.COMpianist", -1, - 50, - ETYPE_AES256_CTS_HMAC_SHA1_96, 32, - "\x6b\x9c\xf2\x6d\x45\x45\x5a\x43\xa5\xb8\xbb\x27\x6a\x40\x3b\x39" - "\xe7\xfe\x37\xa0\xc4\x1e\x02\xc2\x81\xff\x30\x69\xe1\xe9\x4f\x52", - "\x4b\x6d\x98\x39\xf8\x44\x06\xdf\x1f\x09\xcc\x16\x6d\xb4\xb8\x3c" - "\x57\x18\x48\xb7\x84\xa3\xd6\xbd\xc3\x46\x58\x9a\x3e\x39\x3f\x9e" - }, - { - "foo", "", -1, - 0, - ETYPE_ARCFOUR_HMAC_MD5, 16, - NULL, - "\xac\x8e\x65\x7f\x83\xdf\x82\xbe\xea\x5d\x43\xbd\xaf\x78\x00\xcc" - }, - { - "test", "", -1, - 0, - ETYPE_ARCFOUR_HMAC_MD5, 16, - NULL, - "\x0c\xb6\x94\x88\x05\xf7\x97\xbf\x2a\x82\x80\x79\x73\xb8\x95\x37" - } -}; - -static int -string_to_key_test(krb5_context context) -{ - krb5_data password, opaque; - krb5_error_code ret; - krb5_salt salt; - int i, val = 0; - char iter[4]; - - for (i = 0; i < sizeof(keys)/sizeof(keys[0]); i++) { - - password.data = keys[i].password; - password.length = strlen(password.data); - - salt.salttype = KRB5_PW_SALT; - salt.saltvalue.data = keys[i].salt; - if (keys[i].saltlen == -1) - salt.saltvalue.length = strlen(salt.saltvalue.data); - else - salt.saltvalue.length = keys[i].saltlen; - - opaque.data = iter; - opaque.length = sizeof(iter); - _krb5_put_int(iter, keys[i].iterations, 4); - - if (keys[i].pbkdf2) { - unsigned char keyout[32]; - - if (keys[i].keylen > sizeof(keyout)) - abort(); - - PKCS5_PBKDF2_HMAC_SHA1(password.data, password.length, - salt.saltvalue.data, salt.saltvalue.length, - keys[i].iterations, - keys[i].keylen, keyout); - - if (memcmp(keyout, keys[i].pbkdf2, keys[i].keylen) != 0) { - krb5_warnx(context, "%d: pbkdf2", i); - val = 1; - continue; - } - - if (verbose) { - printf("PBKDF2:\n"); - hex_dump_data(keyout, keys[i].keylen); - } - } - - { - krb5_keyblock key; - - ret = krb5_string_to_key_data_salt_opaque (context, - keys[i].enctype, - password, - salt, - opaque, - &key); - if (ret) { - krb5_warn(context, ret, "%d: string_to_key_data_salt_opaque", - i); - val = 1; - continue; - } - - if (key.keyvalue.length != keys[i].keylen) { - krb5_warnx(context, "%d: key wrong length (%lu/%lu)", - i, (unsigned long)key.keyvalue.length, - (unsigned long)keys[i].keylen); - val = 1; - continue; - } - - if (memcmp(key.keyvalue.data, keys[i].key, keys[i].keylen) != 0) { - krb5_warnx(context, "%d: key wrong", i); - val = 1; - continue; - } - - if (verbose) { - printf("key:\n"); - hex_dump_data(key.keyvalue.data, key.keyvalue.length); - } - krb5_free_keyblock_contents(context, &key); - } - } - return val; -} - -struct enc_test { - size_t len; - char *input; - char *output; - char *nextiv; -}; - -struct enc_test encs1[] = { - { - 17, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20", - "\xc6\x35\x35\x68\xf2\xbf\x8c\xb4\xd8\xa5\x80\x36\x2d\xa7\xff\x7f" - "\x97", - "\xc6\x35\x35\x68\xf2\xbf\x8c\xb4\xd8\xa5\x80\x36\x2d\xa7\xff\x7f" - }, - { - 31, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20", - "\xfc\x00\x78\x3e\x0e\xfd\xb2\xc1\xd4\x45\xd4\xc8\xef\xf7\xed\x22" - "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5", - "\xfc\x00\x78\x3e\x0e\xfd\xb2\xc1\xd4\x45\xd4\xc8\xef\xf7\xed\x22" - }, - { - 32, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43", - "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8" - "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84", - "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8" - }, - { - 47, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" - "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c", - "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84" - "\xb3\xff\xfd\x94\x0c\x16\xa1\x8c\x1b\x55\x49\xd2\xf8\x38\x02\x9e" - "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5", - "\xb3\xff\xfd\x94\x0c\x16\xa1\x8c\x1b\x55\x49\xd2\xf8\x38\x02\x9e" - }, - { - 48, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" - "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20", - "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84" - "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8" - "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8", - "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8" - }, - { - 64, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" - "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20" - "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e", - "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84" - "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8" - "\x48\x07\xef\xe8\x36\xee\x89\xa5\x26\x73\x0d\xbc\x2f\x7b\xc8\x40" - "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8", - "\x48\x07\xef\xe8\x36\xee\x89\xa5\x26\x73\x0d\xbc\x2f\x7b\xc8\x40" - } -}; - - -struct enc_test encs2[] = { - { - 17, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20", - "\x5c\x13\x26\x27\xc4\xcb\xca\x04\x14\x43\x8a\xb5\x97\x97\x7c\x10" - "\x16" - }, - { - 31, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20", - "\x16\xb3\xd8\xe5\xcd\x93\xe6\x2c\x28\x70\xa0\x36\x6e\x9a\xb9\x74" - "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53" - }, - { - 32, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43", - "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8" - "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c" - }, - { - 47, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" - "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c", - "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c" - "\xe5\x56\xb4\x88\x41\xb9\xde\x27\xf0\x07\xa1\x6e\x89\x94\x47\xf1" - "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff" - }, - { - 48, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" - "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20", - "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c" - "\xfd\x68\xd1\x56\x32\x23\x7b\xfa\xb0\x09\x86\x3b\x17\x53\xfa\x30" - "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8" - }, - { - 64, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" - "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20" - "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e", - "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c" - "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8" - "\x70\x29\xf2\x6f\x7c\x79\xc1\x77\x91\xad\x94\xb0\x78\x62\x27\x67" - "\xfd\x68\xd1\x56\x32\x23\x7b\xfa\xb0\x09\x86\x3b\x17\x53\xfa\x30" - }, - { - 78, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" - "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20" - "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e" - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41", - "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c" - "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8" - "\xfd\x68\xd1\x56\x32\x23\x7b\xfa\xb0\x09\x86\x3b\x17\x53\xfa\x30" - "\x73\xfb\x2c\x36\x76\xaf\xcf\x31\xff\xe3\x8a\x89\x0c\x7e\x99\x3f" - "\x70\x29\xf2\x6f\x7c\x79\xc1\x77\x91\xad\x94\xb0\x78\x62" - }, - { - 83, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" - "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20" - "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e" - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" - "\x41\x41\x41", - "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c" - "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8" - "\xfd\x68\xd1\x56\x32\x23\x7b\xfa\xb0\x09\x86\x3b\x17\x53\xfa\x30" - "\x70\x29\xf2\x6f\x7c\x79\xc1\x77\x91\xad\x94\xb0\x78\x62\x27\x67" - "\x65\x39\x3a\xdb\x92\x05\x4d\x4f\x08\xa1\xfa\x59\xda\x56\x58\x0e" - "\x3b\xac\x12" - }, - { - 92, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" - "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20" - "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e" - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41", - "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c" - "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8" - "\xfd\x68\xd1\x56\x32\x23\x7b\xfa\xb0\x09\x86\x3b\x17\x53\xfa\x30" - "\x70\x29\xf2\x6f\x7c\x79\xc1\x77\x91\xad\x94\xb0\x78\x62\x27\x67" - "\x0c\xff\xd7\x63\x50\xf8\x4e\xf9\xec\x56\x1c\x79\xc5\xc8\xfe\x50" - "\x3b\xac\x12\x6e\xd3\x2d\x02\xc4\xe5\x06\x43\x5f" - }, - { - 96, - "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65" - "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43" - "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20" - "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e" - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41" - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41", - "\x16\xc1\xee\xdf\x39\xc8\x3f\xfb\xc5\xf6\x72\xe9\xc1\x6e\x53\x0c" - "\x69\xde\xce\x59\x83\x6a\x82\xe1\xcd\x21\x93\xd0\x9e\x2a\xff\xc8" - "\xfd\x68\xd1\x56\x32\x23\x7b\xfa\xb0\x09\x86\x3b\x17\x53\xfa\x30" - "\x70\x29\xf2\x6f\x7c\x79\xc1\x77\x91\xad\x94\xb0\x78\x62\x27\x67" - "\x08\x28\x49\xad\xfc\x2d\x8e\x86\xae\x69\xa5\xa8\xd9\x29\x9e\xe4" - "\x3b\xac\x12\x6e\xd3\x2d\x02\xc4\xe5\x06\x43\x5f\x4c\x41\xd1\xb8" - } -}; - - - -char *aes_key1 = - "\x63\x68\x69\x63\x6b\x65\x6e\x20\x74\x65\x72\x69\x79\x61\x6b\x69"; - -char *aes_key2 = - "\x63\x68\x69\x63\x6b\x65\x6e\x20\x74\x65\x72\x69\x79\x61\x6b\x69" - "\x2c\x20\x79\x75\x6d\x6d\x79\x20\x79\x75\x6d\x6d\x79\x21\x21\x21"; - - -static int -samep(int testn, char *type, const void *pp1, const void *pp2, size_t len) -{ - const unsigned char *p1 = pp1, *p2 = pp2; - size_t i; - int val = 1; - - for (i = 0; i < len; i++) { - if (p1[i] != p2[i]) { - if (verbose) - printf("M"); - val = 0; - } else { - if (verbose) - printf("."); - } - } - if (verbose) - printf("\n"); - return val; -} - -static int -encryption_test(krb5_context context, const void *key, size_t keylen, - struct enc_test *enc, int numenc) -{ - unsigned char iv[AES_BLOCK_SIZE]; - int i, val, failed = 0; - AES_KEY ekey, dkey; - unsigned char *p; - - AES_set_encrypt_key(key, keylen, &ekey); - AES_set_decrypt_key(key, keylen, &dkey); - - for (i = 0; i < numenc; i++) { - val = 0; - - if (verbose) - printf("test: %d\n", i); - memset(iv, 0, sizeof(iv)); - - p = malloc(enc[i].len + 1); - if (p == NULL) - krb5_errx(context, 1, "malloc"); - - p[enc[i].len] = '\0'; - - memcpy(p, enc[i].input, enc[i].len); - - _krb5_aes_cts_encrypt(p, p, enc[i].len, - &ekey, iv, AES_ENCRYPT); - - if (p[enc[i].len] != '\0') { - krb5_warnx(context, "%d: encrypt modified off end", i); - val = 1; - } - - if (!samep(i, "cipher", p, enc[i].output, enc[i].len)) { - krb5_warnx(context, "%d: cipher", i); - val = 1; - } - - if (enc[i].nextiv && !samep(i, "iv", iv, enc[i].nextiv, 16)){ /*XXX*/ - krb5_warnx(context, "%d: iv", i); - val = 1; - } - - memset(iv, 0, sizeof(iv)); - - _krb5_aes_cts_encrypt(p, p, enc[i].len, - &dkey, iv, AES_DECRYPT); - - if (p[enc[i].len] != '\0') { - krb5_warnx(context, "%d: decrypt modified off end", i); - val = 1; - } - - if (!samep(i, "clear", p, enc[i].input, enc[i].len)) - val = 1; - - if (enc[i].nextiv && !samep(i, "iv", iv, enc[i].nextiv, 16)){ /*XXX*/ - krb5_warnx(context, "%d: iv", i); - val = 1; - } - - free(p); - - if (val) { - printf("test %d failed\n", i); - failed = 1; - } - val = 0; - } - return failed; -} - -static int -krb_enc(krb5_context context, - krb5_crypto crypto, - unsigned usage, - krb5_data *cipher, - krb5_data *clear) -{ - krb5_data decrypt; - krb5_error_code ret; - - krb5_data_zero(&decrypt); - - ret = krb5_decrypt(context, - crypto, - usage, - cipher->data, - cipher->length, - &decrypt); - - if (ret) { - krb5_warn(context, ret, "krb5_decrypt"); - return ret; - } - - if (decrypt.length != clear->length || - memcmp(decrypt.data, clear->data, decrypt.length) != 0) { - krb5_warnx(context, "clear text not same"); - return EINVAL; - } - - krb5_data_free(&decrypt); - - return 0; -} - -static int -krb_enc_mit(krb5_context context, - krb5_enctype enctype, - krb5_keyblock *key, - unsigned usage, - krb5_data *cipher, - krb5_data *clear) -{ - krb5_error_code ret; - krb5_enc_data e; - krb5_data decrypt; - size_t len; - - e.kvno = 0; - e.enctype = enctype; - e.ciphertext = *cipher; - - ret = krb5_c_decrypt(context, *key, usage, NULL, &e, &decrypt); - if (ret) - return ret; - - if (decrypt.length != clear->length || - memcmp(decrypt.data, clear->data, decrypt.length) != 0) { - krb5_warnx(context, "clear text not same"); - return EINVAL; - } - - krb5_data_free(&decrypt); - - ret = krb5_c_encrypt_length(context, enctype, clear->length, &len); - if (ret) - return ret; - - if (len != cipher->length) { - krb5_warnx(context, "c_encrypt_length wrong %lu != %lu", - (unsigned long)len, (unsigned long)cipher->length); - return EINVAL; - } - - return 0; -} - - -struct { - krb5_enctype enctype; - unsigned usage; - size_t keylen; - void *key; - size_t elen; - void* edata; - size_t plen; - void *pdata; -} krbencs[] = { - { - ETYPE_AES256_CTS_HMAC_SHA1_96, - 7, - 32, - "\x47\x75\x69\x64\x65\x6c\x69\x6e\x65\x73\x20\x74\x6f\x20\x41\x75" - "\x74\x68\x6f\x72\x73\x20\x6f\x66\x20\x49\x6e\x74\x65\x72\x6e\x65", - 44, - "\xcf\x79\x8f\x0d\x76\xf3\xe0\xbe\x8e\x66\x94\x70\xfa\xcc\x9e\x91" - "\xa9\xec\x1c\x5c\x21\xfb\x6e\xef\x1a\x7a\xc8\xc1\xcc\x5a\x95\x24" - "\x6f\x9f\xf4\xd5\xbe\x5d\x59\x97\x44\xd8\x47\xcd", - 16, - "\x54\x68\x69\x73\x20\x69\x73\x20\x61\x20\x74\x65\x73\x74\x2e\x0a" - } -}; - - -static int -krb_enc_test(krb5_context context) -{ - krb5_error_code ret; - krb5_crypto crypto; - krb5_keyblock kb; - krb5_data cipher, plain; - int i, failed = 0; - - for (i = 0; i < sizeof(krbencs)/sizeof(krbencs[0]); i++) { - - kb.keytype = krbencs[i].enctype; - kb.keyvalue.length = krbencs[i].keylen; - kb.keyvalue.data = krbencs[i].key; - - ret = krb5_crypto_init(context, &kb, krbencs[i].enctype, &crypto); - - cipher.length = krbencs[i].elen; - cipher.data = krbencs[i].edata; - plain.length = krbencs[i].plen; - plain.data = krbencs[i].pdata; - - ret = krb_enc(context, crypto, krbencs[i].usage, &cipher, &plain); - - if (ret) { - failed = 1; - printf("krb_enc failed with %d\n", ret); - } - krb5_crypto_destroy(context, crypto); - - ret = krb_enc_mit(context, krbencs[i].enctype, &kb, - krbencs[i].usage, &cipher, &plain); - if (ret) { - failed = 1; - printf("krb_enc_mit failed with %d\n", ret); - } - - } - - return failed; -} - - -static int -random_to_key(krb5_context context) -{ - krb5_error_code ret; - krb5_keyblock key; - - ret = krb5_random_to_key(context, - ETYPE_DES3_CBC_SHA1, - "\x21\x39\x04\x58\x6A\xBD\x7F" - "\x21\x39\x04\x58\x6A\xBD\x7F" - "\x21\x39\x04\x58\x6A\xBD\x7F", - 21, - &key); - if (ret){ - krb5_warn(context, ret, "random_to_key"); - return 1; - } - if (key.keyvalue.length != 24) - return 1; - - if (memcmp(key.keyvalue.data, - "\x20\x38\x04\x58\x6b\xbc\x7f\xc7" - "\x20\x38\x04\x58\x6b\xbc\x7f\xc7" - "\x20\x38\x04\x58\x6b\xbc\x7f\xc7", - 24) != 0) - return 1; - - krb5_free_keyblock_contents(context, &key); - - return 0; -} - - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - krb5_context context; - int val = 0; - - ret = krb5_init_context (&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - val |= string_to_key_test(context); - - val |= encryption_test(context, aes_key1, 128, - encs1, sizeof(encs1)/sizeof(encs1[0])); - val |= encryption_test(context, aes_key2, 256, - encs2, sizeof(encs2)/sizeof(encs2[0])); - val |= krb_enc_test(context); - val |= random_to_key(context); - - if (verbose && val == 0) - printf("all ok\n"); - if (val) - printf("tests failed\n"); - - krb5_free_context(context); - - return val; -} diff --git a/crypto/heimdal/lib/krb5/aname_to_localname.c b/crypto/heimdal/lib/krb5/aname_to_localname.c deleted file mode 100644 index 5800404d9819..000000000000 --- a/crypto/heimdal/lib/krb5/aname_to_localname.c +++ /dev/null @@ -1,92 +0,0 @@ -/* - * Copyright (c) 1997 - 1999, 2002 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: aname_to_localname.c 13863 2004-05-25 21:46:46Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_aname_to_localname (krb5_context context, - krb5_const_principal aname, - size_t lnsize, - char *lname) -{ - krb5_error_code ret; - krb5_realm *lrealms, *r; - int valid; - size_t len; - const char *res; - - ret = krb5_get_default_realms (context, &lrealms); - if (ret) - return ret; - - valid = 0; - for (r = lrealms; *r != NULL; ++r) { - if (strcmp (*r, aname->realm) == 0) { - valid = 1; - break; - } - } - krb5_free_host_realm (context, lrealms); - if (valid == 0) - return KRB5_NO_LOCALNAME; - - if (aname->name.name_string.len == 1) - res = aname->name.name_string.val[0]; - else if (aname->name.name_string.len == 2 - && strcmp (aname->name.name_string.val[1], "root") == 0) { - krb5_principal rootprinc; - krb5_boolean userok; - - res = "root"; - - ret = krb5_copy_principal(context, aname, &rootprinc); - if (ret) - return ret; - - userok = krb5_kuserok(context, rootprinc, res); - krb5_free_principal(context, rootprinc); - if (!userok) - return KRB5_NO_LOCALNAME; - - } else - return KRB5_NO_LOCALNAME; - - len = strlen (res); - if (len >= lnsize) - return ERANGE; - strlcpy (lname, res, lnsize); - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/appdefault.c b/crypto/heimdal/lib/krb5/appdefault.c deleted file mode 100644 index b0bb171f4a14..000000000000 --- a/crypto/heimdal/lib/krb5/appdefault.c +++ /dev/null @@ -1,142 +0,0 @@ -/* - * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: appdefault.c 14465 2005-01-05 05:40:59Z lukeh $"); - -void KRB5_LIB_FUNCTION -krb5_appdefault_boolean(krb5_context context, const char *appname, - krb5_const_realm realm, const char *option, - krb5_boolean def_val, krb5_boolean *ret_val) -{ - - if(appname == NULL) - appname = getprogname(); - - def_val = krb5_config_get_bool_default(context, NULL, def_val, - "libdefaults", option, NULL); - if(realm != NULL) - def_val = krb5_config_get_bool_default(context, NULL, def_val, - "realms", realm, option, NULL); - - def_val = krb5_config_get_bool_default(context, NULL, def_val, - "appdefaults", - option, - NULL); - if(realm != NULL) - def_val = krb5_config_get_bool_default(context, NULL, def_val, - "appdefaults", - realm, - option, - NULL); - if(appname != NULL) { - def_val = krb5_config_get_bool_default(context, NULL, def_val, - "appdefaults", - appname, - option, - NULL); - if(realm != NULL) - def_val = krb5_config_get_bool_default(context, NULL, def_val, - "appdefaults", - appname, - realm, - option, - NULL); - } - *ret_val = def_val; -} - -void KRB5_LIB_FUNCTION -krb5_appdefault_string(krb5_context context, const char *appname, - krb5_const_realm realm, const char *option, - const char *def_val, char **ret_val) -{ - if(appname == NULL) - appname = getprogname(); - - def_val = krb5_config_get_string_default(context, NULL, def_val, - "libdefaults", option, NULL); - if(realm != NULL) - def_val = krb5_config_get_string_default(context, NULL, def_val, - "realms", realm, option, NULL); - - def_val = krb5_config_get_string_default(context, NULL, def_val, - "appdefaults", - option, - NULL); - if(realm != NULL) - def_val = krb5_config_get_string_default(context, NULL, def_val, - "appdefaults", - realm, - option, - NULL); - if(appname != NULL) { - def_val = krb5_config_get_string_default(context, NULL, def_val, - "appdefaults", - appname, - option, - NULL); - if(realm != NULL) - def_val = krb5_config_get_string_default(context, NULL, def_val, - "appdefaults", - appname, - realm, - option, - NULL); - } - if(def_val != NULL) - *ret_val = strdup(def_val); - else - *ret_val = NULL; -} - -void KRB5_LIB_FUNCTION -krb5_appdefault_time(krb5_context context, const char *appname, - krb5_const_realm realm, const char *option, - time_t def_val, time_t *ret_val) -{ - krb5_deltat t; - char *val; - - krb5_appdefault_string(context, appname, realm, option, NULL, &val); - if (val == NULL) { - *ret_val = def_val; - return; - } - if (krb5_string_to_deltat(val, &t)) - *ret_val = def_val; - else - *ret_val = t; - free(val); -} diff --git a/crypto/heimdal/lib/krb5/asn1_glue.c b/crypto/heimdal/lib/krb5/asn1_glue.c deleted file mode 100644 index b3f775b4bea3..000000000000 --- a/crypto/heimdal/lib/krb5/asn1_glue.c +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * - */ - -#include "krb5_locl.h" - -RCSID("$Id: asn1_glue.c 21745 2007-07-31 16:11:25Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_principal2principalname (PrincipalName *p, - const krb5_principal from) -{ - return copy_PrincipalName(&from->name, p); -} - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_principalname2krb5_principal (krb5_context context, - krb5_principal *principal, - const PrincipalName from, - const Realm realm) -{ - krb5_principal p = malloc(sizeof(*p)); - if (p == NULL) - return ENOMEM; - copy_PrincipalName(&from, &p->name); - p->realm = strdup(realm); - if (p->realm == NULL) - return ENOMEM; - *principal = p; - return 0; -} diff --git a/crypto/heimdal/lib/krb5/auth_context.c b/crypto/heimdal/lib/krb5/auth_context.c deleted file mode 100644 index 323f17a24534..000000000000 --- a/crypto/heimdal/lib/krb5/auth_context.c +++ /dev/null @@ -1,519 +0,0 @@ -/* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: auth_context.c 21745 2007-07-31 16:11:25Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_init(krb5_context context, - krb5_auth_context *auth_context) -{ - krb5_auth_context p; - - ALLOC(p, 1); - if(!p) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - memset(p, 0, sizeof(*p)); - ALLOC(p->authenticator, 1); - if (!p->authenticator) { - krb5_set_error_string(context, "malloc: out of memory"); - free(p); - return ENOMEM; - } - memset (p->authenticator, 0, sizeof(*p->authenticator)); - p->flags = KRB5_AUTH_CONTEXT_DO_TIME; - - p->local_address = NULL; - p->remote_address = NULL; - p->local_port = 0; - p->remote_port = 0; - p->keytype = KEYTYPE_NULL; - p->cksumtype = CKSUMTYPE_NONE; - *auth_context = p; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_free(krb5_context context, - krb5_auth_context auth_context) -{ - if (auth_context != NULL) { - krb5_free_authenticator(context, &auth_context->authenticator); - if(auth_context->local_address){ - free_HostAddress(auth_context->local_address); - free(auth_context->local_address); - } - if(auth_context->remote_address){ - free_HostAddress(auth_context->remote_address); - free(auth_context->remote_address); - } - krb5_free_keyblock(context, auth_context->keyblock); - krb5_free_keyblock(context, auth_context->remote_subkey); - krb5_free_keyblock(context, auth_context->local_subkey); - free (auth_context); - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setflags(krb5_context context, - krb5_auth_context auth_context, - int32_t flags) -{ - auth_context->flags = flags; - return 0; -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getflags(krb5_context context, - krb5_auth_context auth_context, - int32_t *flags) -{ - *flags = auth_context->flags; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_addflags(krb5_context context, - krb5_auth_context auth_context, - int32_t addflags, - int32_t *flags) -{ - if (flags) - *flags = auth_context->flags; - auth_context->flags |= addflags; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_removeflags(krb5_context context, - krb5_auth_context auth_context, - int32_t removeflags, - int32_t *flags) -{ - if (flags) - *flags = auth_context->flags; - auth_context->flags &= ~removeflags; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setaddrs(krb5_context context, - krb5_auth_context auth_context, - krb5_address *local_addr, - krb5_address *remote_addr) -{ - if (local_addr) { - if (auth_context->local_address) - krb5_free_address (context, auth_context->local_address); - else - if ((auth_context->local_address = malloc(sizeof(krb5_address))) == NULL) - return ENOMEM; - krb5_copy_address(context, local_addr, auth_context->local_address); - } - if (remote_addr) { - if (auth_context->remote_address) - krb5_free_address (context, auth_context->remote_address); - else - if ((auth_context->remote_address = malloc(sizeof(krb5_address))) == NULL) - return ENOMEM; - krb5_copy_address(context, remote_addr, auth_context->remote_address); - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_genaddrs(krb5_context context, - krb5_auth_context auth_context, - int fd, int flags) -{ - krb5_error_code ret; - krb5_address local_k_address, remote_k_address; - krb5_address *lptr = NULL, *rptr = NULL; - struct sockaddr_storage ss_local, ss_remote; - struct sockaddr *local = (struct sockaddr *)&ss_local; - struct sockaddr *remote = (struct sockaddr *)&ss_remote; - socklen_t len; - - if(flags & KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR) { - if (auth_context->local_address == NULL) { - len = sizeof(ss_local); - if(getsockname(fd, local, &len) < 0) { - ret = errno; - krb5_set_error_string (context, "getsockname: %s", - strerror(ret)); - goto out; - } - ret = krb5_sockaddr2address (context, local, &local_k_address); - if(ret) goto out; - if(flags & KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR) { - krb5_sockaddr2port (context, local, &auth_context->local_port); - } else - auth_context->local_port = 0; - lptr = &local_k_address; - } - } - if(flags & KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR) { - len = sizeof(ss_remote); - if(getpeername(fd, remote, &len) < 0) { - ret = errno; - krb5_set_error_string (context, "getpeername: %s", strerror(ret)); - goto out; - } - ret = krb5_sockaddr2address (context, remote, &remote_k_address); - if(ret) goto out; - if(flags & KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR) { - krb5_sockaddr2port (context, remote, &auth_context->remote_port); - } else - auth_context->remote_port = 0; - rptr = &remote_k_address; - } - ret = krb5_auth_con_setaddrs (context, - auth_context, - lptr, - rptr); - out: - if (lptr) - krb5_free_address (context, lptr); - if (rptr) - krb5_free_address (context, rptr); - return ret; - -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setaddrs_from_fd (krb5_context context, - krb5_auth_context auth_context, - void *p_fd) -{ - int fd = *(int*)p_fd; - int flags = 0; - if(auth_context->local_address == NULL) - flags |= KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR; - if(auth_context->remote_address == NULL) - flags |= KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR; - return krb5_auth_con_genaddrs(context, auth_context, fd, flags); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getaddrs(krb5_context context, - krb5_auth_context auth_context, - krb5_address **local_addr, - krb5_address **remote_addr) -{ - if(*local_addr) - krb5_free_address (context, *local_addr); - *local_addr = malloc (sizeof(**local_addr)); - if (*local_addr == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - krb5_copy_address(context, - auth_context->local_address, - *local_addr); - - if(*remote_addr) - krb5_free_address (context, *remote_addr); - *remote_addr = malloc (sizeof(**remote_addr)); - if (*remote_addr == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - krb5_free_address (context, *local_addr); - *local_addr = NULL; - return ENOMEM; - } - krb5_copy_address(context, - auth_context->remote_address, - *remote_addr); - return 0; -} - -static krb5_error_code -copy_key(krb5_context context, - krb5_keyblock *in, - krb5_keyblock **out) -{ - if(in) - return krb5_copy_keyblock(context, in, out); - *out = NULL; /* is this right? */ - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getkey(krb5_context context, - krb5_auth_context auth_context, - krb5_keyblock **keyblock) -{ - return copy_key(context, auth_context->keyblock, keyblock); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getlocalsubkey(krb5_context context, - krb5_auth_context auth_context, - krb5_keyblock **keyblock) -{ - return copy_key(context, auth_context->local_subkey, keyblock); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getremotesubkey(krb5_context context, - krb5_auth_context auth_context, - krb5_keyblock **keyblock) -{ - return copy_key(context, auth_context->remote_subkey, keyblock); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setkey(krb5_context context, - krb5_auth_context auth_context, - krb5_keyblock *keyblock) -{ - if(auth_context->keyblock) - krb5_free_keyblock(context, auth_context->keyblock); - return copy_key(context, keyblock, &auth_context->keyblock); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setlocalsubkey(krb5_context context, - krb5_auth_context auth_context, - krb5_keyblock *keyblock) -{ - if(auth_context->local_subkey) - krb5_free_keyblock(context, auth_context->local_subkey); - return copy_key(context, keyblock, &auth_context->local_subkey); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_generatelocalsubkey(krb5_context context, - krb5_auth_context auth_context, - krb5_keyblock *key) -{ - krb5_error_code ret; - krb5_keyblock *subkey; - - ret = krb5_generate_subkey_extended (context, key, - auth_context->keytype, - &subkey); - if(ret) - return ret; - if(auth_context->local_subkey) - krb5_free_keyblock(context, auth_context->local_subkey); - auth_context->local_subkey = subkey; - return 0; -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setremotesubkey(krb5_context context, - krb5_auth_context auth_context, - krb5_keyblock *keyblock) -{ - if(auth_context->remote_subkey) - krb5_free_keyblock(context, auth_context->remote_subkey); - return copy_key(context, keyblock, &auth_context->remote_subkey); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setcksumtype(krb5_context context, - krb5_auth_context auth_context, - krb5_cksumtype cksumtype) -{ - auth_context->cksumtype = cksumtype; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getcksumtype(krb5_context context, - krb5_auth_context auth_context, - krb5_cksumtype *cksumtype) -{ - *cksumtype = auth_context->cksumtype; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setkeytype (krb5_context context, - krb5_auth_context auth_context, - krb5_keytype keytype) -{ - auth_context->keytype = keytype; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getkeytype (krb5_context context, - krb5_auth_context auth_context, - krb5_keytype *keytype) -{ - *keytype = auth_context->keytype; - return 0; -} - -#if 0 -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setenctype(krb5_context context, - krb5_auth_context auth_context, - krb5_enctype etype) -{ - if(auth_context->keyblock) - krb5_free_keyblock(context, auth_context->keyblock); - ALLOC(auth_context->keyblock, 1); - if(auth_context->keyblock == NULL) - return ENOMEM; - auth_context->keyblock->keytype = etype; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getenctype(krb5_context context, - krb5_auth_context auth_context, - krb5_enctype *etype) -{ - krb5_abortx(context, "unimplemented krb5_auth_getenctype called"); -} -#endif - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getlocalseqnumber(krb5_context context, - krb5_auth_context auth_context, - int32_t *seqnumber) -{ - *seqnumber = auth_context->local_seqnumber; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setlocalseqnumber (krb5_context context, - krb5_auth_context auth_context, - int32_t seqnumber) -{ - auth_context->local_seqnumber = seqnumber; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_getremoteseqnumber(krb5_context context, - krb5_auth_context auth_context, - int32_t *seqnumber) -{ - *seqnumber = auth_context->remote_seqnumber; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setremoteseqnumber (krb5_context context, - krb5_auth_context auth_context, - int32_t seqnumber) -{ - auth_context->remote_seqnumber = seqnumber; - return 0; -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getauthenticator(krb5_context context, - krb5_auth_context auth_context, - krb5_authenticator *authenticator) -{ - *authenticator = malloc(sizeof(**authenticator)); - if (*authenticator == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - copy_Authenticator(auth_context->authenticator, - *authenticator); - return 0; -} - - -void KRB5_LIB_FUNCTION -krb5_free_authenticator(krb5_context context, - krb5_authenticator *authenticator) -{ - free_Authenticator (*authenticator); - free (*authenticator); - *authenticator = NULL; -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setuserkey(krb5_context context, - krb5_auth_context auth_context, - krb5_keyblock *keyblock) -{ - if(auth_context->keyblock) - krb5_free_keyblock(context, auth_context->keyblock); - return krb5_copy_keyblock(context, keyblock, &auth_context->keyblock); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getrcache(krb5_context context, - krb5_auth_context auth_context, - krb5_rcache *rcache) -{ - *rcache = auth_context->rcache; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setrcache(krb5_context context, - krb5_auth_context auth_context, - krb5_rcache rcache) -{ - auth_context->rcache = rcache; - return 0; -} - -#if 0 /* not implemented */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_initivector(krb5_context context, - krb5_auth_context auth_context) -{ - krb5_abortx(context, "unimplemented krb5_auth_con_initivector called"); -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setivector(krb5_context context, - krb5_auth_context auth_context, - krb5_pointer ivector) -{ - krb5_abortx(context, "unimplemented krb5_auth_con_setivector called"); -} - -#endif /* not implemented */ diff --git a/crypto/heimdal/lib/krb5/build_ap_req.c b/crypto/heimdal/lib/krb5/build_ap_req.c deleted file mode 100644 index b1968fe817b7..000000000000 --- a/crypto/heimdal/lib/krb5/build_ap_req.c +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: build_ap_req.c 13863 2004-05-25 21:46:46Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_build_ap_req (krb5_context context, - krb5_enctype enctype, - krb5_creds *cred, - krb5_flags ap_options, - krb5_data authenticator, - krb5_data *retdata) -{ - krb5_error_code ret = 0; - AP_REQ ap; - Ticket t; - size_t len; - - ap.pvno = 5; - ap.msg_type = krb_ap_req; - memset(&ap.ap_options, 0, sizeof(ap.ap_options)); - ap.ap_options.use_session_key = (ap_options & AP_OPTS_USE_SESSION_KEY) > 0; - ap.ap_options.mutual_required = (ap_options & AP_OPTS_MUTUAL_REQUIRED) > 0; - - ap.ticket.tkt_vno = 5; - copy_Realm(&cred->server->realm, &ap.ticket.realm); - copy_PrincipalName(&cred->server->name, &ap.ticket.sname); - - decode_Ticket(cred->ticket.data, cred->ticket.length, &t, &len); - copy_EncryptedData(&t.enc_part, &ap.ticket.enc_part); - free_Ticket(&t); - - ap.authenticator.etype = enctype; - ap.authenticator.kvno = NULL; - ap.authenticator.cipher = authenticator; - - ASN1_MALLOC_ENCODE(AP_REQ, retdata->data, retdata->length, - &ap, &len, ret); - if(ret == 0 && retdata->length != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - free_AP_REQ(&ap); - return ret; - -} diff --git a/crypto/heimdal/lib/krb5/build_auth.c b/crypto/heimdal/lib/krb5/build_auth.c deleted file mode 100644 index f8739c044d16..000000000000 --- a/crypto/heimdal/lib/krb5/build_auth.c +++ /dev/null @@ -1,202 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: build_auth.c 17033 2006-04-10 08:53:21Z lha $"); - -static krb5_error_code -make_etypelist(krb5_context context, - krb5_authdata **auth_data) -{ - EtypeList etypes; - krb5_error_code ret; - krb5_authdata ad; - u_char *buf; - size_t len; - size_t buf_size; - - ret = krb5_init_etype(context, &etypes.len, &etypes.val, NULL); - if (ret) - return ret; - - ASN1_MALLOC_ENCODE(EtypeList, buf, buf_size, &etypes, &len, ret); - if (ret) { - free_EtypeList(&etypes); - return ret; - } - if(buf_size != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - free_EtypeList(&etypes); - - ALLOC_SEQ(&ad, 1); - if (ad.val == NULL) { - free(buf); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - ad.val[0].ad_type = KRB5_AUTHDATA_GSS_API_ETYPE_NEGOTIATION; - ad.val[0].ad_data.length = len; - ad.val[0].ad_data.data = buf; - - ASN1_MALLOC_ENCODE(AD_IF_RELEVANT, buf, buf_size, &ad, &len, ret); - if (ret) { - free_AuthorizationData(&ad); - return ret; - } - if(buf_size != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - free_AuthorizationData(&ad); - - ALLOC(*auth_data, 1); - if (*auth_data == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - ALLOC_SEQ(*auth_data, 1); - if ((*auth_data)->val == NULL) { - free(buf); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - (*auth_data)->val[0].ad_type = KRB5_AUTHDATA_IF_RELEVANT; - (*auth_data)->val[0].ad_data.length = len; - (*auth_data)->val[0].ad_data.data = buf; - - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_build_authenticator (krb5_context context, - krb5_auth_context auth_context, - krb5_enctype enctype, - krb5_creds *cred, - Checksum *cksum, - Authenticator **auth_result, - krb5_data *result, - krb5_key_usage usage) -{ - Authenticator *auth; - u_char *buf = NULL; - size_t buf_size; - size_t len; - krb5_error_code ret; - krb5_crypto crypto; - - auth = calloc(1, sizeof(*auth)); - if (auth == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - auth->authenticator_vno = 5; - copy_Realm(&cred->client->realm, &auth->crealm); - copy_PrincipalName(&cred->client->name, &auth->cname); - - krb5_us_timeofday (context, &auth->ctime, &auth->cusec); - - ret = krb5_auth_con_getlocalsubkey(context, auth_context, &auth->subkey); - if(ret) - goto fail; - - if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { - if(auth_context->local_seqnumber == 0) - krb5_generate_seq_number (context, - &cred->session, - &auth_context->local_seqnumber); - ALLOC(auth->seq_number, 1); - if(auth->seq_number == NULL) { - ret = ENOMEM; - goto fail; - } - *auth->seq_number = auth_context->local_seqnumber; - } else - auth->seq_number = NULL; - auth->authorization_data = NULL; - auth->cksum = cksum; - - if (cksum != NULL && cksum->cksumtype == CKSUMTYPE_GSSAPI) { - /* - * This is not GSS-API specific, we only enable it for - * GSS for now - */ - ret = make_etypelist(context, &auth->authorization_data); - if (ret) - goto fail; - } - - /* XXX - Copy more to auth_context? */ - - auth_context->authenticator->ctime = auth->ctime; - auth_context->authenticator->cusec = auth->cusec; - - ASN1_MALLOC_ENCODE(Authenticator, buf, buf_size, auth, &len, ret); - if (ret) - goto fail; - if(buf_size != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - - ret = krb5_crypto_init(context, &cred->session, enctype, &crypto); - if (ret) - goto fail; - ret = krb5_encrypt (context, - crypto, - usage /* KRB5_KU_AP_REQ_AUTH */, - buf + buf_size - len, - len, - result); - krb5_crypto_destroy(context, crypto); - - if (ret) - goto fail; - - free (buf); - - if (auth_result) - *auth_result = auth; - else { - /* Don't free the `cksum', it's allocated by the caller */ - auth->cksum = NULL; - free_Authenticator (auth); - free (auth); - } - return ret; - fail: - free_Authenticator (auth); - free (auth); - free (buf); - return ret; -} diff --git a/crypto/heimdal/lib/krb5/cache.c b/crypto/heimdal/lib/krb5/cache.c deleted file mode 100644 index 5db6d2b2cf8a..000000000000 --- a/crypto/heimdal/lib/krb5/cache.c +++ /dev/null @@ -1,1073 +0,0 @@ -/* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: cache.c 22127 2007-12-04 00:54:37Z lha $"); - -/** - * Add a new ccache type with operations `ops', overwriting any - * existing one if `override'. - * - * @param context a Keberos context - * @param ops type of plugin symbol - * @param override flag to select if the registration is to overide - * an existing ops with the same name. - * - * @return Return an error code or 0. - * - * @ingroup krb5_ccache - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_register(krb5_context context, - const krb5_cc_ops *ops, - krb5_boolean override) -{ - int i; - - for(i = 0; i < context->num_cc_ops && context->cc_ops[i].prefix; i++) { - if(strcmp(context->cc_ops[i].prefix, ops->prefix) == 0) { - if(!override) { - krb5_set_error_string(context, - "ccache type %s already exists", - ops->prefix); - return KRB5_CC_TYPE_EXISTS; - } - break; - } - } - if(i == context->num_cc_ops) { - krb5_cc_ops *o = realloc(context->cc_ops, - (context->num_cc_ops + 1) * - sizeof(*context->cc_ops)); - if(o == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return KRB5_CC_NOMEM; - } - context->num_cc_ops++; - context->cc_ops = o; - memset(context->cc_ops + i, 0, - (context->num_cc_ops - i) * sizeof(*context->cc_ops)); - } - memcpy(&context->cc_ops[i], ops, sizeof(context->cc_ops[i])); - return 0; -} - -/* - * Allocate the memory for a `id' and the that function table to - * `ops'. Returns 0 or and error code. - */ - -krb5_error_code -_krb5_cc_allocate(krb5_context context, - const krb5_cc_ops *ops, - krb5_ccache *id) -{ - krb5_ccache p; - - p = malloc (sizeof(*p)); - if(p == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return KRB5_CC_NOMEM; - } - p->ops = ops; - *id = p; - - return 0; -} - -/* - * Allocate memory for a new ccache in `id' with operations `ops' - * and name `residual'. Return 0 or an error code. - */ - -static krb5_error_code -allocate_ccache (krb5_context context, - const krb5_cc_ops *ops, - const char *residual, - krb5_ccache *id) -{ - krb5_error_code ret; - - ret = _krb5_cc_allocate(context, ops, id); - if (ret) - return ret; - ret = (*id)->ops->resolve(context, id, residual); - if(ret) - free(*id); - return ret; -} - -/** - * Find and allocate a ccache in `id' from the specification in `residual'. - * If the ccache name doesn't contain any colon, interpret it as a file name. - * - * @param context a Keberos context. - * @param name string name of a credential cache. - * @param id return pointer to a found credential cache. - * - * @return Return 0 or an error code. In case of an error, id is set - * to NULL. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_resolve(krb5_context context, - const char *name, - krb5_ccache *id) -{ - int i; - - *id = NULL; - - for(i = 0; i < context->num_cc_ops && context->cc_ops[i].prefix; i++) { - size_t prefix_len = strlen(context->cc_ops[i].prefix); - - if(strncmp(context->cc_ops[i].prefix, name, prefix_len) == 0 - && name[prefix_len] == ':') { - return allocate_ccache (context, &context->cc_ops[i], - name + prefix_len + 1, - id); - } - } - if (strchr (name, ':') == NULL) - return allocate_ccache (context, &krb5_fcc_ops, name, id); - else { - krb5_set_error_string(context, "unknown ccache type %s", name); - return KRB5_CC_UNKNOWN_TYPE; - } -} - -/** - * Generate a new ccache of type `ops' in `id'. - * - * @return Return 0 or an error code. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_gen_new(krb5_context context, - const krb5_cc_ops *ops, - krb5_ccache *id) -{ - return krb5_cc_new_unique(context, ops->prefix, NULL, id); -} - -/** - * Generates a new unique ccache of `type` in `id'. If `type' is NULL, - * the library chooses the default credential cache type. The supplied - * `hint' (that can be NULL) is a string that the credential cache - * type can use to base the name of the credential on, this is to make - * it easier for the user to differentiate the credentials. - * - * @return Returns 0 or an error code. - * - * @ingroup krb5_ccache - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_new_unique(krb5_context context, const char *type, - const char *hint, krb5_ccache *id) -{ - const krb5_cc_ops *ops = KRB5_DEFAULT_CCTYPE; - krb5_error_code ret; - - if (type) { - ops = krb5_cc_get_prefix_ops(context, type); - if (ops == NULL) { - krb5_set_error_string(context, - "Credential cache type %s is unknown", type); - return KRB5_CC_UNKNOWN_TYPE; - } - } - - ret = _krb5_cc_allocate(context, ops, id); - if (ret) - return ret; - return (*id)->ops->gen_new(context, id); -} - -/** - * Return the name of the ccache `id' - * - * @ingroup krb5_ccache - */ - - -const char* KRB5_LIB_FUNCTION -krb5_cc_get_name(krb5_context context, - krb5_ccache id) -{ - return id->ops->get_name(context, id); -} - -/** - * Return the type of the ccache `id'. - * - * @ingroup krb5_ccache - */ - - -const char* KRB5_LIB_FUNCTION -krb5_cc_get_type(krb5_context context, - krb5_ccache id) -{ - return id->ops->prefix; -} - -/** - * Return the complete resolvable name the ccache `id' in `str´. - * `str` should be freed with free(3). - * Returns 0 or an error (and then *str is set to NULL). - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_get_full_name(krb5_context context, - krb5_ccache id, - char **str) -{ - const char *type, *name; - - *str = NULL; - - type = krb5_cc_get_type(context, id); - if (type == NULL) { - krb5_set_error_string(context, "cache have no name of type"); - return KRB5_CC_UNKNOWN_TYPE; - } - - name = krb5_cc_get_name(context, id); - if (name == NULL) { - krb5_set_error_string(context, "cache of type %s have no name", type); - return KRB5_CC_BADNAME; - } - - if (asprintf(str, "%s:%s", type, name) == -1) { - krb5_set_error_string(context, "malloc - out of memory"); - *str = NULL; - return ENOMEM; - } - return 0; -} - -/** - * Return krb5_cc_ops of a the ccache `id'. - * - * @ingroup krb5_ccache - */ - - -const krb5_cc_ops * -krb5_cc_get_ops(krb5_context context, krb5_ccache id) -{ - return id->ops; -} - -/* - * Expand variables in `str' into `res' - */ - -krb5_error_code -_krb5_expand_default_cc_name(krb5_context context, const char *str, char **res) -{ - size_t tlen, len = 0; - char *tmp, *tmp2, *append; - - *res = NULL; - - while (str && *str) { - tmp = strstr(str, "%{"); - if (tmp && tmp != str) { - append = malloc((tmp - str) + 1); - if (append) { - memcpy(append, str, tmp - str); - append[tmp - str] = '\0'; - } - str = tmp; - } else if (tmp) { - tmp2 = strchr(tmp, '}'); - if (tmp2 == NULL) { - free(*res); - *res = NULL; - krb5_set_error_string(context, "variable missing }"); - return KRB5_CONFIG_BADFORMAT; - } - if (strncasecmp(tmp, "%{uid}", 6) == 0) - asprintf(&append, "%u", (unsigned)getuid()); - else if (strncasecmp(tmp, "%{null}", 7) == 0) - append = strdup(""); - else { - free(*res); - *res = NULL; - krb5_set_error_string(context, - "expand default cache unknown " - "variable \"%.*s\"", - (int)(tmp2 - tmp) - 2, tmp + 2); - return KRB5_CONFIG_BADFORMAT; - } - str = tmp2 + 1; - } else { - append = strdup(str); - str = NULL; - } - if (append == NULL) { - free(*res); - *res = NULL; - krb5_set_error_string(context, "malloc - out of memory"); - return ENOMEM; - } - - tlen = strlen(append); - tmp = realloc(*res, len + tlen + 1); - if (tmp == NULL) { - free(append); - free(*res); - *res = NULL; - krb5_set_error_string(context, "malloc - out of memory"); - return ENOMEM; - } - *res = tmp; - memcpy(*res + len, append, tlen + 1); - len = len + tlen; - free(append); - } - return 0; -} - -/* - * Return non-zero if envirnoment that will determine default krb5cc - * name has changed. - */ - -static int -environment_changed(krb5_context context) -{ - const char *e; - - /* if the cc name was set, don't change it */ - if (context->default_cc_name_set) - return 0; - - if(issuid()) - return 0; - - e = getenv("KRB5CCNAME"); - if (e == NULL) { - if (context->default_cc_name_env) { - free(context->default_cc_name_env); - context->default_cc_name_env = NULL; - return 1; - } - } else { - if (context->default_cc_name_env == NULL) - return 1; - if (strcmp(e, context->default_cc_name_env) != 0) - return 1; - } - return 0; -} - -/** - * Set the default cc name for `context' to `name'. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_set_default_name(krb5_context context, const char *name) -{ - krb5_error_code ret = 0; - char *p; - - if (name == NULL) { - const char *e = NULL; - - if(!issuid()) { - e = getenv("KRB5CCNAME"); - if (e) { - p = strdup(e); - if (context->default_cc_name_env) - free(context->default_cc_name_env); - context->default_cc_name_env = strdup(e); - } - } - if (e == NULL) { - e = krb5_config_get_string(context, NULL, "libdefaults", - "default_cc_name", NULL); - if (e) { - ret = _krb5_expand_default_cc_name(context, e, &p); - if (ret) - return ret; - } - if (e == NULL) { - const krb5_cc_ops *ops = KRB5_DEFAULT_CCTYPE; - ret = (*ops->default_name)(context, &p); - if (ret) - return ret; - } - } - context->default_cc_name_set = 0; - } else { - p = strdup(name); - context->default_cc_name_set = 1; - } - - if (p == NULL) { - krb5_set_error_string(context, "malloc - out of memory"); - return ENOMEM; - } - - if (context->default_cc_name) - free(context->default_cc_name); - - context->default_cc_name = p; - - return ret; -} - -/** - * Return a pointer to a context static string containing the default - * ccache name. - * - * @return String to the default credential cache name. - * - * @ingroup krb5_ccache - */ - - -const char* KRB5_LIB_FUNCTION -krb5_cc_default_name(krb5_context context) -{ - if (context->default_cc_name == NULL || environment_changed(context)) - krb5_cc_set_default_name(context, NULL); - - return context->default_cc_name; -} - -/** - * Open the default ccache in `id'. - * - * @return Return 0 or an error code. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_default(krb5_context context, - krb5_ccache *id) -{ - const char *p = krb5_cc_default_name(context); - - if (p == NULL) { - krb5_set_error_string(context, "malloc - out of memory"); - return ENOMEM; - } - return krb5_cc_resolve(context, p, id); -} - -/** - * Create a new ccache in `id' for `primary_principal'. - * - * @return Return 0 or an error code. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_initialize(krb5_context context, - krb5_ccache id, - krb5_principal primary_principal) -{ - return (*id->ops->init)(context, id, primary_principal); -} - - -/** - * Remove the ccache `id'. - * - * @return Return 0 or an error code. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_destroy(krb5_context context, - krb5_ccache id) -{ - krb5_error_code ret; - - ret = (*id->ops->destroy)(context, id); - krb5_cc_close (context, id); - return ret; -} - -/** - * Stop using the ccache `id' and free the related resources. - * - * @return Return 0 or an error code. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_close(krb5_context context, - krb5_ccache id) -{ - krb5_error_code ret; - ret = (*id->ops->close)(context, id); - free(id); - return ret; -} - -/** - * Store `creds' in the ccache `id'. - * - * @return Return 0 or an error code. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_store_cred(krb5_context context, - krb5_ccache id, - krb5_creds *creds) -{ - return (*id->ops->store)(context, id, creds); -} - -/** - * Retrieve the credential identified by `mcreds' (and `whichfields') - * from `id' in `creds'. 'creds' must be free by the caller using - * krb5_free_cred_contents. - * - * @return Return 0 or an error code. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_retrieve_cred(krb5_context context, - krb5_ccache id, - krb5_flags whichfields, - const krb5_creds *mcreds, - krb5_creds *creds) -{ - krb5_error_code ret; - krb5_cc_cursor cursor; - - if (id->ops->retrieve != NULL) { - return (*id->ops->retrieve)(context, id, whichfields, - mcreds, creds); - } - - ret = krb5_cc_start_seq_get(context, id, &cursor); - if (ret) - return ret; - while((ret = krb5_cc_next_cred(context, id, &cursor, creds)) == 0){ - if(krb5_compare_creds(context, whichfields, mcreds, creds)){ - ret = 0; - break; - } - krb5_free_cred_contents (context, creds); - } - krb5_cc_end_seq_get(context, id, &cursor); - return ret; -} - -/** - * Return the principal of `id' in `principal'. - * - * @return Return 0 or an error code. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_get_principal(krb5_context context, - krb5_ccache id, - krb5_principal *principal) -{ - return (*id->ops->get_princ)(context, id, principal); -} - -/** - * Start iterating over `id', `cursor' is initialized to the - * beginning. - * - * @return Return 0 or an error code. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_start_seq_get (krb5_context context, - const krb5_ccache id, - krb5_cc_cursor *cursor) -{ - return (*id->ops->get_first)(context, id, cursor); -} - -/** - * Retrieve the next cred pointed to by (`id', `cursor') in `creds' - * and advance `cursor'. - * - * @return Return 0 or an error code. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_next_cred (krb5_context context, - const krb5_ccache id, - krb5_cc_cursor *cursor, - krb5_creds *creds) -{ - return (*id->ops->get_next)(context, id, cursor, creds); -} - -/** - * Like krb5_cc_next_cred, but allow for selective retrieval - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_next_cred_match(krb5_context context, - const krb5_ccache id, - krb5_cc_cursor * cursor, - krb5_creds * creds, - krb5_flags whichfields, - const krb5_creds * mcreds) -{ - krb5_error_code ret; - while (1) { - ret = krb5_cc_next_cred(context, id, cursor, creds); - if (ret) - return ret; - if (mcreds == NULL || krb5_compare_creds(context, whichfields, mcreds, creds)) - return 0; - krb5_free_cred_contents(context, creds); - } -} - -/** - * Destroy the cursor `cursor'. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_end_seq_get (krb5_context context, - const krb5_ccache id, - krb5_cc_cursor *cursor) -{ - return (*id->ops->end_get)(context, id, cursor); -} - -/** - * Remove the credential identified by `cred', `which' from `id'. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_remove_cred(krb5_context context, - krb5_ccache id, - krb5_flags which, - krb5_creds *cred) -{ - if(id->ops->remove_cred == NULL) { - krb5_set_error_string(context, - "ccache %s does not support remove_cred", - id->ops->prefix); - return EACCES; /* XXX */ - } - return (*id->ops->remove_cred)(context, id, which, cred); -} - -/** - * Set the flags of `id' to `flags'. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_set_flags(krb5_context context, - krb5_ccache id, - krb5_flags flags) -{ - return (*id->ops->set_flags)(context, id, flags); -} - -/** - * Copy the contents of `from' to `to'. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_copy_cache_match(krb5_context context, - const krb5_ccache from, - krb5_ccache to, - krb5_flags whichfields, - const krb5_creds * mcreds, - unsigned int *matched) -{ - krb5_error_code ret; - krb5_cc_cursor cursor; - krb5_creds cred; - krb5_principal princ; - - ret = krb5_cc_get_principal(context, from, &princ); - if (ret) - return ret; - ret = krb5_cc_initialize(context, to, princ); - if (ret) { - krb5_free_principal(context, princ); - return ret; - } - ret = krb5_cc_start_seq_get(context, from, &cursor); - if (ret) { - krb5_free_principal(context, princ); - return ret; - } - if (matched) - *matched = 0; - while (ret == 0 && - krb5_cc_next_cred_match(context, from, &cursor, &cred, - whichfields, mcreds) == 0) { - if (matched) - (*matched)++; - ret = krb5_cc_store_cred(context, to, &cred); - krb5_free_cred_contents(context, &cred); - } - krb5_cc_end_seq_get(context, from, &cursor); - krb5_free_principal(context, princ); - return ret; -} - -/** - * Just like krb5_cc_copy_cache_match, but copy everything. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_copy_cache(krb5_context context, - const krb5_ccache from, - krb5_ccache to) -{ - return krb5_cc_copy_cache_match(context, from, to, 0, NULL, NULL); -} - -/** - * Return the version of `id'. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_get_version(krb5_context context, - const krb5_ccache id) -{ - if(id->ops->get_version) - return (*id->ops->get_version)(context, id); - else - return 0; -} - -/** - * Clear `mcreds' so it can be used with krb5_cc_retrieve_cred - * - * @ingroup krb5_ccache - */ - - -void KRB5_LIB_FUNCTION -krb5_cc_clear_mcred(krb5_creds *mcred) -{ - memset(mcred, 0, sizeof(*mcred)); -} - -/** - * Get the cc ops that is registered in `context' to handle the - * `prefix'. `prefix' can be a complete credential cache name or a - * prefix, the function will only use part up to the first colon (:) - * if there is one. - * Returns NULL if ops not found. - * - * @ingroup krb5_ccache - */ - - -const krb5_cc_ops * -krb5_cc_get_prefix_ops(krb5_context context, const char *prefix) -{ - char *p, *p1; - int i; - - if (prefix[0] == '/') - return &krb5_fcc_ops; - - p = strdup(prefix); - if (p == NULL) { - krb5_set_error_string(context, "malloc - out of memory"); - return NULL; - } - p1 = strchr(p, ':'); - if (p1) - *p1 = '\0'; - - for(i = 0; i < context->num_cc_ops && context->cc_ops[i].prefix; i++) { - if(strcmp(context->cc_ops[i].prefix, p) == 0) { - free(p); - return &context->cc_ops[i]; - } - } - free(p); - return NULL; -} - -struct krb5_cc_cache_cursor_data { - const krb5_cc_ops *ops; - krb5_cc_cursor cursor; -}; - -/** - * Start iterating over all caches of `type'. If `type' is NULL, the - * default type is * used. `cursor' is initialized to the beginning. - * - * @return Return 0 or an error code. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_cache_get_first (krb5_context context, - const char *type, - krb5_cc_cache_cursor *cursor) -{ - const krb5_cc_ops *ops; - krb5_error_code ret; - - if (type == NULL) - type = krb5_cc_default_name(context); - - ops = krb5_cc_get_prefix_ops(context, type); - if (ops == NULL) { - krb5_set_error_string(context, "Unknown type \"%s\" when iterating " - "trying to iterate the credential caches", type); - return KRB5_CC_UNKNOWN_TYPE; - } - - if (ops->get_cache_first == NULL) { - krb5_set_error_string(context, "Credential cache type %s doesn't support " - "iterations over caches", ops->prefix); - return KRB5_CC_NOSUPP; - } - - *cursor = calloc(1, sizeof(**cursor)); - if (*cursor == NULL) { - krb5_set_error_string(context, "malloc - out of memory"); - return ENOMEM; - } - - (*cursor)->ops = ops; - - ret = ops->get_cache_first(context, &(*cursor)->cursor); - if (ret) { - free(*cursor); - *cursor = NULL; - } - return ret; -} - -/** - * Retrieve the next cache pointed to by (`cursor') in `id' - * and advance `cursor'. - * - * @return Return 0 or an error code. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_cache_next (krb5_context context, - krb5_cc_cache_cursor cursor, - krb5_ccache *id) -{ - return cursor->ops->get_cache_next(context, cursor->cursor, id); -} - -/** - * Destroy the cursor `cursor'. - * - * @return Return 0 or an error code. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_cache_end_seq_get (krb5_context context, - krb5_cc_cache_cursor cursor) -{ - krb5_error_code ret; - ret = cursor->ops->end_cache_get(context, cursor->cursor); - cursor->ops = NULL; - free(cursor); - return ret; -} - -/** - * Search for a matching credential cache of type `type' that have the - * `principal' as the default principal. If NULL is used for `type', - * the default type is used. On success, `id' needs to be freed with - * krb5_cc_close or krb5_cc_destroy. - * - * @return On failure, error code is returned and `id' is set to NULL. - * - * @ingroup krb5_ccache - */ - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_cache_match (krb5_context context, - krb5_principal client, - const char *type, - krb5_ccache *id) -{ - krb5_cc_cache_cursor cursor; - krb5_error_code ret; - krb5_ccache cache = NULL; - - *id = NULL; - - ret = krb5_cc_cache_get_first (context, type, &cursor); - if (ret) - return ret; - - while ((ret = krb5_cc_cache_next (context, cursor, &cache)) == 0) { - krb5_principal principal; - - ret = krb5_cc_get_principal(context, cache, &principal); - if (ret == 0) { - krb5_boolean match; - - match = krb5_principal_compare(context, principal, client); - krb5_free_principal(context, principal); - if (match) - break; - } - - krb5_cc_close(context, cache); - cache = NULL; - } - - krb5_cc_cache_end_seq_get(context, cursor); - - if (cache == NULL) { - char *str; - - krb5_unparse_name(context, client, &str); - - krb5_set_error_string(context, "Principal %s not found in a " - "credential cache", str ? str : ""); - if (str) - free(str); - return KRB5_CC_NOTFOUND; - } - *id = cache; - - return 0; -} - -/** - * Move the content from one credential cache to another. The - * operation is an atomic switch. - * - * @param context a Keberos context - * @param from the credential cache to move the content from - * @param to the credential cache to move the content to - - * @return On sucess, from is freed. On failure, error code is - * returned and from and to are both still allocated. - * - * @ingroup krb5_ccache - */ - -krb5_error_code -krb5_cc_move(krb5_context context, krb5_ccache from, krb5_ccache to) -{ - krb5_error_code ret; - - if (strcmp(from->ops->prefix, to->ops->prefix) != 0) { - krb5_set_error_string(context, "Moving credentials between diffrent " - "types not yet supported"); - return KRB5_CC_NOSUPP; - } - - ret = (*to->ops->move)(context, from, to); - if (ret == 0) { - memset(from, 0, sizeof(*from)); - free(from); - } - return ret; -} diff --git a/crypto/heimdal/lib/krb5/changepw.c b/crypto/heimdal/lib/krb5/changepw.c deleted file mode 100644 index 703cf43eb6fb..000000000000 --- a/crypto/heimdal/lib/krb5/changepw.c +++ /dev/null @@ -1,823 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: changepw.c 21505 2007-07-12 12:28:38Z lha $"); - -static void -str2data (krb5_data *d, - const char *fmt, - ...) __attribute__ ((format (printf, 2, 3))); - -static void -str2data (krb5_data *d, - const char *fmt, - ...) -{ - va_list args; - char *str; - - va_start(args, fmt); - d->length = vasprintf (&str, fmt, args); - va_end(args); - d->data = str; -} - -/* - * Change password protocol defined by - * draft-ietf-cat-kerb-chg-password-02.txt - * - * Share the response part of the protocol with MS set password - * (RFC3244) - */ - -static krb5_error_code -chgpw_send_request (krb5_context context, - krb5_auth_context *auth_context, - krb5_creds *creds, - krb5_principal targprinc, - int is_stream, - int sock, - const char *passwd, - const char *host) -{ - krb5_error_code ret; - krb5_data ap_req_data; - krb5_data krb_priv_data; - krb5_data passwd_data; - size_t len; - u_char header[6]; - u_char *p; - struct iovec iov[3]; - struct msghdr msghdr; - - if (is_stream) - return KRB5_KPASSWD_MALFORMED; - - if (targprinc && - krb5_principal_compare(context, creds->client, targprinc) != TRUE) - return KRB5_KPASSWD_MALFORMED; - - krb5_data_zero (&ap_req_data); - - ret = krb5_mk_req_extended (context, - auth_context, - AP_OPTS_MUTUAL_REQUIRED | AP_OPTS_USE_SUBKEY, - NULL, /* in_data */ - creds, - &ap_req_data); - if (ret) - return ret; - - passwd_data.data = rk_UNCONST(passwd); - passwd_data.length = strlen(passwd); - - krb5_data_zero (&krb_priv_data); - - ret = krb5_mk_priv (context, - *auth_context, - &passwd_data, - &krb_priv_data, - NULL); - if (ret) - goto out2; - - len = 6 + ap_req_data.length + krb_priv_data.length; - p = header; - *p++ = (len >> 8) & 0xFF; - *p++ = (len >> 0) & 0xFF; - *p++ = 0; - *p++ = 1; - *p++ = (ap_req_data.length >> 8) & 0xFF; - *p++ = (ap_req_data.length >> 0) & 0xFF; - - memset(&msghdr, 0, sizeof(msghdr)); - msghdr.msg_name = NULL; - msghdr.msg_namelen = 0; - msghdr.msg_iov = iov; - msghdr.msg_iovlen = sizeof(iov)/sizeof(*iov); -#if 0 - msghdr.msg_control = NULL; - msghdr.msg_controllen = 0; -#endif - - iov[0].iov_base = (void*)header; - iov[0].iov_len = 6; - iov[1].iov_base = ap_req_data.data; - iov[1].iov_len = ap_req_data.length; - iov[2].iov_base = krb_priv_data.data; - iov[2].iov_len = krb_priv_data.length; - - if (sendmsg (sock, &msghdr, 0) < 0) { - ret = errno; - krb5_set_error_string(context, "sendmsg %s: %s", host, strerror(ret)); - } - - krb5_data_free (&krb_priv_data); -out2: - krb5_data_free (&ap_req_data); - return ret; -} - -/* - * Set password protocol as defined by RFC3244 -- - * Microsoft Windows 2000 Kerberos Change Password and Set Password Protocols - */ - -static krb5_error_code -setpw_send_request (krb5_context context, - krb5_auth_context *auth_context, - krb5_creds *creds, - krb5_principal targprinc, - int is_stream, - int sock, - const char *passwd, - const char *host) -{ - krb5_error_code ret; - krb5_data ap_req_data; - krb5_data krb_priv_data; - krb5_data pwd_data; - ChangePasswdDataMS chpw; - size_t len; - u_char header[4 + 6]; - u_char *p; - struct iovec iov[3]; - struct msghdr msghdr; - - krb5_data_zero (&ap_req_data); - - ret = krb5_mk_req_extended (context, - auth_context, - AP_OPTS_MUTUAL_REQUIRED | AP_OPTS_USE_SUBKEY, - NULL, /* in_data */ - creds, - &ap_req_data); - if (ret) - return ret; - - chpw.newpasswd.length = strlen(passwd); - chpw.newpasswd.data = rk_UNCONST(passwd); - if (targprinc) { - chpw.targname = &targprinc->name; - chpw.targrealm = &targprinc->realm; - } else { - chpw.targname = NULL; - chpw.targrealm = NULL; - } - - ASN1_MALLOC_ENCODE(ChangePasswdDataMS, pwd_data.data, pwd_data.length, - &chpw, &len, ret); - if (ret) { - krb5_data_free (&ap_req_data); - return ret; - } - - if(pwd_data.length != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - - ret = krb5_mk_priv (context, - *auth_context, - &pwd_data, - &krb_priv_data, - NULL); - if (ret) - goto out2; - - len = 6 + ap_req_data.length + krb_priv_data.length; - p = header; - if (is_stream) { - _krb5_put_int(p, len, 4); - p += 4; - } - *p++ = (len >> 8) & 0xFF; - *p++ = (len >> 0) & 0xFF; - *p++ = 0xff; - *p++ = 0x80; - *p++ = (ap_req_data.length >> 8) & 0xFF; - *p++ = (ap_req_data.length >> 0) & 0xFF; - - memset(&msghdr, 0, sizeof(msghdr)); - msghdr.msg_name = NULL; - msghdr.msg_namelen = 0; - msghdr.msg_iov = iov; - msghdr.msg_iovlen = sizeof(iov)/sizeof(*iov); -#if 0 - msghdr.msg_control = NULL; - msghdr.msg_controllen = 0; -#endif - - iov[0].iov_base = (void*)header; - if (is_stream) - iov[0].iov_len = 10; - else - iov[0].iov_len = 6; - iov[1].iov_base = ap_req_data.data; - iov[1].iov_len = ap_req_data.length; - iov[2].iov_base = krb_priv_data.data; - iov[2].iov_len = krb_priv_data.length; - - if (sendmsg (sock, &msghdr, 0) < 0) { - ret = errno; - krb5_set_error_string(context, "sendmsg %s: %s", host, strerror(ret)); - } - - krb5_data_free (&krb_priv_data); -out2: - krb5_data_free (&ap_req_data); - krb5_data_free (&pwd_data); - return ret; -} - -static krb5_error_code -process_reply (krb5_context context, - krb5_auth_context auth_context, - int is_stream, - int sock, - int *result_code, - krb5_data *result_code_string, - krb5_data *result_string, - const char *host) -{ - krb5_error_code ret; - u_char reply[1024 * 3]; - ssize_t len; - uint16_t pkt_len, pkt_ver; - krb5_data ap_rep_data; - int save_errno; - - len = 0; - if (is_stream) { - while (len < sizeof(reply)) { - unsigned long size; - - ret = recvfrom (sock, reply + len, sizeof(reply) - len, - 0, NULL, NULL); - if (ret < 0) { - save_errno = errno; - krb5_set_error_string(context, "recvfrom %s: %s", - host, strerror(save_errno)); - return save_errno; - } else if (ret == 0) { - krb5_set_error_string(context, "recvfrom timeout %s", host); - return 1; - } - len += ret; - if (len < 4) - continue; - _krb5_get_int(reply, &size, 4); - if (size + 4 < len) - continue; - memmove(reply, reply + 4, size); - len = size; - break; - } - if (len == sizeof(reply)) { - krb5_set_error_string(context, "message too large from %s", - host); - return ENOMEM; - } - } else { - ret = recvfrom (sock, reply, sizeof(reply), 0, NULL, NULL); - if (ret < 0) { - save_errno = errno; - krb5_set_error_string(context, "recvfrom %s: %s", - host, strerror(save_errno)); - return save_errno; - } - len = ret; - } - - if (len < 6) { - str2data (result_string, "server %s sent to too short message " - "(%ld bytes)", host, (long)len); - *result_code = KRB5_KPASSWD_MALFORMED; - return 0; - } - - pkt_len = (reply[0] << 8) | (reply[1]); - pkt_ver = (reply[2] << 8) | (reply[3]); - - if ((pkt_len != len) || (reply[1] == 0x7e || reply[1] == 0x5e)) { - KRB_ERROR error; - size_t size; - u_char *p; - - memset(&error, 0, sizeof(error)); - - ret = decode_KRB_ERROR(reply, len, &error, &size); - if (ret) - return ret; - - if (error.e_data->length < 2) { - str2data(result_string, "server %s sent too short " - "e_data to print anything usable", host); - free_KRB_ERROR(&error); - *result_code = KRB5_KPASSWD_MALFORMED; - return 0; - } - - p = error.e_data->data; - *result_code = (p[0] << 8) | p[1]; - if (error.e_data->length == 2) - str2data(result_string, "server only sent error code"); - else - krb5_data_copy (result_string, - p + 2, - error.e_data->length - 2); - free_KRB_ERROR(&error); - return 0; - } - - if (pkt_len != len) { - str2data (result_string, "client: wrong len in reply"); - *result_code = KRB5_KPASSWD_MALFORMED; - return 0; - } - if (pkt_ver != KRB5_KPASSWD_VERS_CHANGEPW) { - str2data (result_string, - "client: wrong version number (%d)", pkt_ver); - *result_code = KRB5_KPASSWD_MALFORMED; - return 0; - } - - ap_rep_data.data = reply + 6; - ap_rep_data.length = (reply[4] << 8) | (reply[5]); - - if (reply + len < (u_char *)ap_rep_data.data + ap_rep_data.length) { - str2data (result_string, "client: wrong AP len in reply"); - *result_code = KRB5_KPASSWD_MALFORMED; - return 0; - } - - if (ap_rep_data.length) { - krb5_ap_rep_enc_part *ap_rep; - krb5_data priv_data; - u_char *p; - - priv_data.data = (u_char*)ap_rep_data.data + ap_rep_data.length; - priv_data.length = len - ap_rep_data.length - 6; - - ret = krb5_rd_rep (context, - auth_context, - &ap_rep_data, - &ap_rep); - if (ret) - return ret; - - krb5_free_ap_rep_enc_part (context, ap_rep); - - ret = krb5_rd_priv (context, - auth_context, - &priv_data, - result_code_string, - NULL); - if (ret) { - krb5_data_free (result_code_string); - return ret; - } - - if (result_code_string->length < 2) { - *result_code = KRB5_KPASSWD_MALFORMED; - str2data (result_string, - "client: bad length in result"); - return 0; - } - - p = result_code_string->data; - - *result_code = (p[0] << 8) | p[1]; - krb5_data_copy (result_string, - (unsigned char*)result_code_string->data + 2, - result_code_string->length - 2); - return 0; - } else { - KRB_ERROR error; - size_t size; - u_char *p; - - ret = decode_KRB_ERROR(reply + 6, len - 6, &error, &size); - if (ret) { - return ret; - } - if (error.e_data->length < 2) { - krb5_warnx (context, "too short e_data to print anything usable"); - return 1; /* XXX */ - } - - p = error.e_data->data; - *result_code = (p[0] << 8) | p[1]; - krb5_data_copy (result_string, - p + 2, - error.e_data->length - 2); - return 0; - } -} - - -/* - * change the password using the credentials in `creds' (for the - * principal indicated in them) to `newpw', storing the result of - * the operation in `result_*' and an error code or 0. - */ - -typedef krb5_error_code (*kpwd_send_request) (krb5_context, - krb5_auth_context *, - krb5_creds *, - krb5_principal, - int, - int, - const char *, - const char *); -typedef krb5_error_code (*kpwd_process_reply) (krb5_context, - krb5_auth_context, - int, - int, - int *, - krb5_data *, - krb5_data *, - const char *); - -static struct kpwd_proc { - const char *name; - int flags; -#define SUPPORT_TCP 1 -#define SUPPORT_UDP 2 - kpwd_send_request send_req; - kpwd_process_reply process_rep; -} procs[] = { - { - "MS set password", - SUPPORT_TCP|SUPPORT_UDP, - setpw_send_request, - process_reply - }, - { - "change password", - SUPPORT_UDP, - chgpw_send_request, - process_reply - }, - { NULL } -}; - -static struct kpwd_proc * -find_chpw_proto(const char *name) -{ - struct kpwd_proc *p; - for (p = procs; p->name != NULL; p++) { - if (strcmp(p->name, name) == 0) - return p; - } - return NULL; -} - -/* - * - */ - -static krb5_error_code -change_password_loop (krb5_context context, - krb5_creds *creds, - krb5_principal targprinc, - const char *newpw, - int *result_code, - krb5_data *result_code_string, - krb5_data *result_string, - struct kpwd_proc *proc) -{ - krb5_error_code ret; - krb5_auth_context auth_context = NULL; - krb5_krbhst_handle handle = NULL; - krb5_krbhst_info *hi; - int sock; - int i; - int done = 0; - krb5_realm realm; - - if (targprinc) - realm = targprinc->realm; - else - realm = creds->client->realm; - - ret = krb5_auth_con_init (context, &auth_context); - if (ret) - return ret; - - krb5_auth_con_setflags (context, auth_context, - KRB5_AUTH_CONTEXT_DO_SEQUENCE); - - ret = krb5_krbhst_init (context, realm, KRB5_KRBHST_CHANGEPW, &handle); - if (ret) - goto out; - - while (!done && (ret = krb5_krbhst_next(context, handle, &hi)) == 0) { - struct addrinfo *ai, *a; - int is_stream; - - switch (hi->proto) { - case KRB5_KRBHST_UDP: - if ((proc->flags & SUPPORT_UDP) == 0) - continue; - is_stream = 0; - break; - case KRB5_KRBHST_TCP: - if ((proc->flags & SUPPORT_TCP) == 0) - continue; - is_stream = 1; - break; - default: - continue; - } - - ret = krb5_krbhst_get_addrinfo(context, hi, &ai); - if (ret) - continue; - - for (a = ai; !done && a != NULL; a = a->ai_next) { - int replied = 0; - - sock = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (sock < 0) - continue; - - ret = connect(sock, a->ai_addr, a->ai_addrlen); - if (ret < 0) { - close (sock); - goto out; - } - - ret = krb5_auth_con_genaddrs (context, auth_context, sock, - KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR); - if (ret) { - close (sock); - goto out; - } - - for (i = 0; !done && i < 5; ++i) { - fd_set fdset; - struct timeval tv; - - if (!replied) { - replied = 0; - - ret = (*proc->send_req) (context, - &auth_context, - creds, - targprinc, - is_stream, - sock, - newpw, - hi->hostname); - if (ret) { - close(sock); - goto out; - } - } - - if (sock >= FD_SETSIZE) { - krb5_set_error_string(context, "fd %d too large", sock); - ret = ERANGE; - close (sock); - goto out; - } - - FD_ZERO(&fdset); - FD_SET(sock, &fdset); - tv.tv_usec = 0; - tv.tv_sec = 1 + (1 << i); - - ret = select (sock + 1, &fdset, NULL, NULL, &tv); - if (ret < 0 && errno != EINTR) { - close(sock); - goto out; - } - if (ret == 1) { - ret = (*proc->process_rep) (context, - auth_context, - is_stream, - sock, - result_code, - result_code_string, - result_string, - hi->hostname); - if (ret == 0) - done = 1; - else if (i > 0 && ret == KRB5KRB_AP_ERR_MUT_FAIL) - replied = 1; - } else { - ret = KRB5_KDC_UNREACH; - } - } - close (sock); - } - } - - out: - krb5_krbhst_free (context, handle); - krb5_auth_con_free (context, auth_context); - if (done) - return 0; - else { - if (ret == KRB5_KDC_UNREACH) { - krb5_set_error_string(context, - "unable to reach any changepw server " - " in realm %s", realm); - *result_code = KRB5_KPASSWD_HARDERROR; - } - return ret; - } -} - - -/* - * change the password using the credentials in `creds' (for the - * principal indicated in them) to `newpw', storing the result of - * the operation in `result_*' and an error code or 0. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_change_password (krb5_context context, - krb5_creds *creds, - const char *newpw, - int *result_code, - krb5_data *result_code_string, - krb5_data *result_string) -{ - struct kpwd_proc *p = find_chpw_proto("change password"); - - *result_code = KRB5_KPASSWD_MALFORMED; - result_code_string->data = result_string->data = NULL; - result_code_string->length = result_string->length = 0; - - if (p == NULL) - return KRB5_KPASSWD_MALFORMED; - - return change_password_loop(context, creds, NULL, newpw, - result_code, result_code_string, - result_string, p); -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_password(krb5_context context, - krb5_creds *creds, - const char *newpw, - krb5_principal targprinc, - int *result_code, - krb5_data *result_code_string, - krb5_data *result_string) -{ - krb5_principal principal = NULL; - krb5_error_code ret = 0; - int i; - - *result_code = KRB5_KPASSWD_MALFORMED; - result_code_string->data = result_string->data = NULL; - result_code_string->length = result_string->length = 0; - - if (targprinc == NULL) { - ret = krb5_get_default_principal(context, &principal); - if (ret) - return ret; - } else - principal = targprinc; - - for (i = 0; procs[i].name != NULL; i++) { - *result_code = 0; - ret = change_password_loop(context, creds, principal, newpw, - result_code, result_code_string, - result_string, - &procs[i]); - if (ret == 0 && *result_code == 0) - break; - } - - if (targprinc == NULL) - krb5_free_principal(context, principal); - return ret; -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_password_using_ccache(krb5_context context, - krb5_ccache ccache, - const char *newpw, - krb5_principal targprinc, - int *result_code, - krb5_data *result_code_string, - krb5_data *result_string) -{ - krb5_creds creds, *credsp; - krb5_error_code ret; - krb5_principal principal = NULL; - - *result_code = KRB5_KPASSWD_MALFORMED; - result_code_string->data = result_string->data = NULL; - result_code_string->length = result_string->length = 0; - - memset(&creds, 0, sizeof(creds)); - - if (targprinc == NULL) { - ret = krb5_cc_get_principal(context, ccache, &principal); - if (ret) - return ret; - } else - principal = targprinc; - - ret = krb5_make_principal(context, &creds.server, - krb5_principal_get_realm(context, principal), - "kadmin", "changepw", NULL); - if (ret) - goto out; - - ret = krb5_cc_get_principal(context, ccache, &creds.client); - if (ret) { - krb5_free_principal(context, creds.server); - goto out; - } - - ret = krb5_get_credentials(context, 0, ccache, &creds, &credsp); - krb5_free_principal(context, creds.server); - krb5_free_principal(context, creds.client); - if (ret) - goto out; - - ret = krb5_set_password(context, - credsp, - newpw, - principal, - result_code, - result_code_string, - result_string); - - krb5_free_creds(context, credsp); - - return ret; - out: - if (targprinc == NULL) - krb5_free_principal(context, principal); - return ret; -} - -/* - * - */ - -const char* KRB5_LIB_FUNCTION -krb5_passwd_result_to_string (krb5_context context, - int result) -{ - static const char *strings[] = { - "Success", - "Malformed", - "Hard error", - "Auth error", - "Soft error" , - "Access denied", - "Bad version", - "Initial flag needed" - }; - - if (result < 0 || result > KRB5_KPASSWD_INITIAL_FLAG_NEEDED) - return "unknown result code"; - else - return strings[result]; -} diff --git a/crypto/heimdal/lib/krb5/codec.c b/crypto/heimdal/lib/krb5/codec.c deleted file mode 100644 index 0d36b4b44268..000000000000 --- a/crypto/heimdal/lib/krb5/codec.c +++ /dev/null @@ -1,196 +0,0 @@ -/* - * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: codec.c 13863 2004-05-25 21:46:46Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decode_EncTicketPart (krb5_context context, - const void *data, - size_t length, - EncTicketPart *t, - size_t *len) -{ - return decode_EncTicketPart(data, length, t, len); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encode_EncTicketPart (krb5_context context, - void *data, - size_t length, - EncTicketPart *t, - size_t *len) -{ - return encode_EncTicketPart(data, length, t, len); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decode_EncASRepPart (krb5_context context, - const void *data, - size_t length, - EncASRepPart *t, - size_t *len) -{ - return decode_EncASRepPart(data, length, t, len); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encode_EncASRepPart (krb5_context context, - void *data, - size_t length, - EncASRepPart *t, - size_t *len) -{ - return encode_EncASRepPart(data, length, t, len); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decode_EncTGSRepPart (krb5_context context, - const void *data, - size_t length, - EncTGSRepPart *t, - size_t *len) -{ - return decode_EncTGSRepPart(data, length, t, len); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encode_EncTGSRepPart (krb5_context context, - void *data, - size_t length, - EncTGSRepPart *t, - size_t *len) -{ - return encode_EncTGSRepPart(data, length, t, len); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decode_EncAPRepPart (krb5_context context, - const void *data, - size_t length, - EncAPRepPart *t, - size_t *len) -{ - return decode_EncAPRepPart(data, length, t, len); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encode_EncAPRepPart (krb5_context context, - void *data, - size_t length, - EncAPRepPart *t, - size_t *len) -{ - return encode_EncAPRepPart(data, length, t, len); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decode_Authenticator (krb5_context context, - const void *data, - size_t length, - Authenticator *t, - size_t *len) -{ - return decode_Authenticator(data, length, t, len); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encode_Authenticator (krb5_context context, - void *data, - size_t length, - Authenticator *t, - size_t *len) -{ - return encode_Authenticator(data, length, t, len); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decode_EncKrbCredPart (krb5_context context, - const void *data, - size_t length, - EncKrbCredPart *t, - size_t *len) -{ - return decode_EncKrbCredPart(data, length, t, len); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encode_EncKrbCredPart (krb5_context context, - void *data, - size_t length, - EncKrbCredPart *t, - size_t *len) -{ - return encode_EncKrbCredPart (data, length, t, len); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decode_ETYPE_INFO (krb5_context context, - const void *data, - size_t length, - ETYPE_INFO *t, - size_t *len) -{ - return decode_ETYPE_INFO(data, length, t, len); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encode_ETYPE_INFO (krb5_context context, - void *data, - size_t length, - ETYPE_INFO *t, - size_t *len) -{ - return encode_ETYPE_INFO (data, length, t, len); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decode_ETYPE_INFO2 (krb5_context context, - const void *data, - size_t length, - ETYPE_INFO2 *t, - size_t *len) -{ - return decode_ETYPE_INFO2(data, length, t, len); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encode_ETYPE_INFO2 (krb5_context context, - void *data, - size_t length, - ETYPE_INFO2 *t, - size_t *len) -{ - return encode_ETYPE_INFO2 (data, length, t, len); -} diff --git a/crypto/heimdal/lib/krb5/config_file.c b/crypto/heimdal/lib/krb5/config_file.c deleted file mode 100644 index ac5eba39dcff..000000000000 --- a/crypto/heimdal/lib/krb5/config_file.c +++ /dev/null @@ -1,771 +0,0 @@ -/* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -RCSID("$Id: config_file.c 19213 2006-12-04 23:36:36Z lha $"); - -#ifndef HAVE_NETINFO - -/* Gaah! I want a portable funopen */ -struct fileptr { - const char *s; - FILE *f; -}; - -static char * -config_fgets(char *str, size_t len, struct fileptr *ptr) -{ - /* XXX this is not correct, in that they don't do the same if the - line is longer than len */ - if(ptr->f != NULL) - return fgets(str, len, ptr->f); - else { - /* this is almost strsep_copy */ - const char *p; - ssize_t l; - if(*ptr->s == '\0') - return NULL; - p = ptr->s + strcspn(ptr->s, "\n"); - if(*p == '\n') - p++; - l = min(len, p - ptr->s); - if(len > 0) { - memcpy(str, ptr->s, l); - str[l] = '\0'; - } - ptr->s = p; - return str; - } -} - -static krb5_error_code parse_section(char *p, krb5_config_section **s, - krb5_config_section **res, - const char **error_message); -static krb5_error_code parse_binding(struct fileptr *f, unsigned *lineno, char *p, - krb5_config_binding **b, - krb5_config_binding **parent, - const char **error_message); -static krb5_error_code parse_list(struct fileptr *f, unsigned *lineno, - krb5_config_binding **parent, - const char **error_message); - -static krb5_config_section * -get_entry(krb5_config_section **parent, const char *name, int type) -{ - krb5_config_section **q; - - for(q = parent; *q != NULL; q = &(*q)->next) - if(type == krb5_config_list && - type == (*q)->type && - strcmp(name, (*q)->name) == 0) - return *q; - *q = calloc(1, sizeof(**q)); - if(*q == NULL) - return NULL; - (*q)->name = strdup(name); - (*q)->type = type; - if((*q)->name == NULL) { - free(*q); - *q = NULL; - return NULL; - } - return *q; -} - -/* - * Parse a section: - * - * [section] - * foo = bar - * b = { - * a - * } - * ... - * - * starting at the line in `p', storing the resulting structure in - * `s' and hooking it into `parent'. - * Store the error message in `error_message'. - */ - -static krb5_error_code -parse_section(char *p, krb5_config_section **s, krb5_config_section **parent, - const char **error_message) -{ - char *p1; - krb5_config_section *tmp; - - p1 = strchr (p + 1, ']'); - if (p1 == NULL) { - *error_message = "missing ]"; - return KRB5_CONFIG_BADFORMAT; - } - *p1 = '\0'; - tmp = get_entry(parent, p + 1, krb5_config_list); - if(tmp == NULL) { - *error_message = "out of memory"; - return KRB5_CONFIG_BADFORMAT; - } - *s = tmp; - return 0; -} - -/* - * Parse a brace-enclosed list from `f', hooking in the structure at - * `parent'. - * Store the error message in `error_message'. - */ - -static krb5_error_code -parse_list(struct fileptr *f, unsigned *lineno, krb5_config_binding **parent, - const char **error_message) -{ - char buf[BUFSIZ]; - krb5_error_code ret; - krb5_config_binding *b = NULL; - unsigned beg_lineno = *lineno; - - while(config_fgets(buf, sizeof(buf), f) != NULL) { - char *p; - - ++*lineno; - buf[strcspn(buf, "\r\n")] = '\0'; - p = buf; - while(isspace((unsigned char)*p)) - ++p; - if (*p == '#' || *p == ';' || *p == '\0') - continue; - while(isspace((unsigned char)*p)) - ++p; - if (*p == '}') - return 0; - if (*p == '\0') - continue; - ret = parse_binding (f, lineno, p, &b, parent, error_message); - if (ret) - return ret; - } - *lineno = beg_lineno; - *error_message = "unclosed {"; - return KRB5_CONFIG_BADFORMAT; -} - -/* - * - */ - -static krb5_error_code -parse_binding(struct fileptr *f, unsigned *lineno, char *p, - krb5_config_binding **b, krb5_config_binding **parent, - const char **error_message) -{ - krb5_config_binding *tmp; - char *p1, *p2; - krb5_error_code ret = 0; - - p1 = p; - while (*p && *p != '=' && !isspace((unsigned char)*p)) - ++p; - if (*p == '\0') { - *error_message = "missing ="; - return KRB5_CONFIG_BADFORMAT; - } - p2 = p; - while (isspace((unsigned char)*p)) - ++p; - if (*p != '=') { - *error_message = "missing ="; - return KRB5_CONFIG_BADFORMAT; - } - ++p; - while(isspace((unsigned char)*p)) - ++p; - *p2 = '\0'; - if (*p == '{') { - tmp = get_entry(parent, p1, krb5_config_list); - if (tmp == NULL) { - *error_message = "out of memory"; - return KRB5_CONFIG_BADFORMAT; - } - ret = parse_list (f, lineno, &tmp->u.list, error_message); - } else { - tmp = get_entry(parent, p1, krb5_config_string); - if (tmp == NULL) { - *error_message = "out of memory"; - return KRB5_CONFIG_BADFORMAT; - } - p1 = p; - p = p1 + strlen(p1); - while(p > p1 && isspace((unsigned char)*(p-1))) - --p; - *p = '\0'; - tmp->u.string = strdup(p1); - } - *b = tmp; - return ret; -} - -/* - * Parse the config file `fname', generating the structures into `res' - * returning error messages in `error_message' - */ - -static krb5_error_code -krb5_config_parse_debug (struct fileptr *f, - krb5_config_section **res, - unsigned *lineno, - const char **error_message) -{ - krb5_config_section *s = NULL; - krb5_config_binding *b = NULL; - char buf[BUFSIZ]; - krb5_error_code ret; - - while (config_fgets(buf, sizeof(buf), f) != NULL) { - char *p; - - ++*lineno; - buf[strcspn(buf, "\r\n")] = '\0'; - p = buf; - while(isspace((unsigned char)*p)) - ++p; - if (*p == '#' || *p == ';') - continue; - if (*p == '[') { - ret = parse_section(p, &s, res, error_message); - if (ret) - return ret; - b = NULL; - } else if (*p == '}') { - *error_message = "unmatched }"; - return EINVAL; /* XXX */ - } else if(*p != '\0') { - if (s == NULL) { - *error_message = "binding before section"; - return EINVAL; - } - ret = parse_binding(f, lineno, p, &b, &s->u.list, error_message); - if (ret) - return ret; - } - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_config_parse_string_multi(krb5_context context, - const char *string, - krb5_config_section **res) -{ - const char *str; - unsigned lineno = 0; - krb5_error_code ret; - struct fileptr f; - f.f = NULL; - f.s = string; - - ret = krb5_config_parse_debug (&f, res, &lineno, &str); - if (ret) { - krb5_set_error_string (context, "%s:%u: %s", "", lineno, str); - return ret; - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_config_parse_file_multi (krb5_context context, - const char *fname, - krb5_config_section **res) -{ - const char *str; - unsigned lineno = 0; - krb5_error_code ret; - struct fileptr f; - f.f = fopen(fname, "r"); - f.s = NULL; - if(f.f == NULL) { - ret = errno; - krb5_set_error_string (context, "open %s: %s", fname, strerror(ret)); - return ret; - } - - ret = krb5_config_parse_debug (&f, res, &lineno, &str); - fclose(f.f); - if (ret) { - krb5_set_error_string (context, "%s:%u: %s", fname, lineno, str); - return ret; - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_config_parse_file (krb5_context context, - const char *fname, - krb5_config_section **res) -{ - *res = NULL; - return krb5_config_parse_file_multi(context, fname, res); -} - -#endif /* !HAVE_NETINFO */ - -static void -free_binding (krb5_context context, krb5_config_binding *b) -{ - krb5_config_binding *next_b; - - while (b) { - free (b->name); - if (b->type == krb5_config_string) - free (b->u.string); - else if (b->type == krb5_config_list) - free_binding (context, b->u.list); - else - krb5_abortx(context, "unknown binding type (%d) in free_binding", - b->type); - next_b = b->next; - free (b); - b = next_b; - } -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_config_file_free (krb5_context context, krb5_config_section *s) -{ - free_binding (context, s); - return 0; -} - -const void * -krb5_config_get_next (krb5_context context, - const krb5_config_section *c, - const krb5_config_binding **pointer, - int type, - ...) -{ - const char *ret; - va_list args; - - va_start(args, type); - ret = krb5_config_vget_next (context, c, pointer, type, args); - va_end(args); - return ret; -} - -static const void * -vget_next(krb5_context context, - const krb5_config_binding *b, - const krb5_config_binding **pointer, - int type, - const char *name, - va_list args) -{ - const char *p = va_arg(args, const char *); - while(b != NULL) { - if(strcmp(b->name, name) == 0) { - if(b->type == type && p == NULL) { - *pointer = b; - return b->u.generic; - } else if(b->type == krb5_config_list && p != NULL) { - return vget_next(context, b->u.list, pointer, type, p, args); - } - } - b = b->next; - } - return NULL; -} - -const void * -krb5_config_vget_next (krb5_context context, - const krb5_config_section *c, - const krb5_config_binding **pointer, - int type, - va_list args) -{ - const krb5_config_binding *b; - const char *p; - - if(c == NULL) - c = context->cf; - - if (c == NULL) - return NULL; - - if (*pointer == NULL) { - /* first time here, walk down the tree looking for the right - section */ - p = va_arg(args, const char *); - if (p == NULL) - return NULL; - return vget_next(context, c, pointer, type, p, args); - } - - /* we were called again, so just look for more entries with the - same name and type */ - for (b = (*pointer)->next; b != NULL; b = b->next) { - if(strcmp(b->name, (*pointer)->name) == 0 && b->type == type) { - *pointer = b; - return b->u.generic; - } - } - return NULL; -} - -const void * -krb5_config_get (krb5_context context, - const krb5_config_section *c, - int type, - ...) -{ - const void *ret; - va_list args; - - va_start(args, type); - ret = krb5_config_vget (context, c, type, args); - va_end(args); - return ret; -} - -const void * -krb5_config_vget (krb5_context context, - const krb5_config_section *c, - int type, - va_list args) -{ - const krb5_config_binding *foo = NULL; - - return krb5_config_vget_next (context, c, &foo, type, args); -} - -const krb5_config_binding * -krb5_config_get_list (krb5_context context, - const krb5_config_section *c, - ...) -{ - const krb5_config_binding *ret; - va_list args; - - va_start(args, c); - ret = krb5_config_vget_list (context, c, args); - va_end(args); - return ret; -} - -const krb5_config_binding * -krb5_config_vget_list (krb5_context context, - const krb5_config_section *c, - va_list args) -{ - return krb5_config_vget (context, c, krb5_config_list, args); -} - -const char* KRB5_LIB_FUNCTION -krb5_config_get_string (krb5_context context, - const krb5_config_section *c, - ...) -{ - const char *ret; - va_list args; - - va_start(args, c); - ret = krb5_config_vget_string (context, c, args); - va_end(args); - return ret; -} - -const char* KRB5_LIB_FUNCTION -krb5_config_vget_string (krb5_context context, - const krb5_config_section *c, - va_list args) -{ - return krb5_config_vget (context, c, krb5_config_string, args); -} - -const char* KRB5_LIB_FUNCTION -krb5_config_vget_string_default (krb5_context context, - const krb5_config_section *c, - const char *def_value, - va_list args) -{ - const char *ret; - - ret = krb5_config_vget_string (context, c, args); - if (ret == NULL) - ret = def_value; - return ret; -} - -const char* KRB5_LIB_FUNCTION -krb5_config_get_string_default (krb5_context context, - const krb5_config_section *c, - const char *def_value, - ...) -{ - const char *ret; - va_list args; - - va_start(args, def_value); - ret = krb5_config_vget_string_default (context, c, def_value, args); - va_end(args); - return ret; -} - -char ** KRB5_LIB_FUNCTION -krb5_config_vget_strings(krb5_context context, - const krb5_config_section *c, - va_list args) -{ - char **strings = NULL; - int nstr = 0; - const krb5_config_binding *b = NULL; - const char *p; - - while((p = krb5_config_vget_next(context, c, &b, - krb5_config_string, args))) { - char *tmp = strdup(p); - char *pos = NULL; - char *s; - if(tmp == NULL) - goto cleanup; - s = strtok_r(tmp, " \t", &pos); - while(s){ - char **tmp2 = realloc(strings, (nstr + 1) * sizeof(*strings)); - if(tmp2 == NULL) - goto cleanup; - strings = tmp2; - strings[nstr] = strdup(s); - nstr++; - if(strings[nstr-1] == NULL) - goto cleanup; - s = strtok_r(NULL, " \t", &pos); - } - free(tmp); - } - if(nstr){ - char **tmp = realloc(strings, (nstr + 1) * sizeof(*strings)); - if(tmp == NULL) - goto cleanup; - strings = tmp; - strings[nstr] = NULL; - } - return strings; -cleanup: - while(nstr--) - free(strings[nstr]); - free(strings); - return NULL; - -} - -char** -krb5_config_get_strings(krb5_context context, - const krb5_config_section *c, - ...) -{ - va_list ap; - char **ret; - va_start(ap, c); - ret = krb5_config_vget_strings(context, c, ap); - va_end(ap); - return ret; -} - -void KRB5_LIB_FUNCTION -krb5_config_free_strings(char **strings) -{ - char **s = strings; - while(s && *s){ - free(*s); - s++; - } - free(strings); -} - -krb5_boolean KRB5_LIB_FUNCTION -krb5_config_vget_bool_default (krb5_context context, - const krb5_config_section *c, - krb5_boolean def_value, - va_list args) -{ - const char *str; - str = krb5_config_vget_string (context, c, args); - if(str == NULL) - return def_value; - if(strcasecmp(str, "yes") == 0 || - strcasecmp(str, "true") == 0 || - atoi(str)) return TRUE; - return FALSE; -} - -krb5_boolean KRB5_LIB_FUNCTION -krb5_config_vget_bool (krb5_context context, - const krb5_config_section *c, - va_list args) -{ - return krb5_config_vget_bool_default (context, c, FALSE, args); -} - -krb5_boolean KRB5_LIB_FUNCTION -krb5_config_get_bool_default (krb5_context context, - const krb5_config_section *c, - krb5_boolean def_value, - ...) -{ - va_list ap; - krb5_boolean ret; - va_start(ap, def_value); - ret = krb5_config_vget_bool_default(context, c, def_value, ap); - va_end(ap); - return ret; -} - -krb5_boolean KRB5_LIB_FUNCTION -krb5_config_get_bool (krb5_context context, - const krb5_config_section *c, - ...) -{ - va_list ap; - krb5_boolean ret; - va_start(ap, c); - ret = krb5_config_vget_bool (context, c, ap); - va_end(ap); - return ret; -} - -int KRB5_LIB_FUNCTION -krb5_config_vget_time_default (krb5_context context, - const krb5_config_section *c, - int def_value, - va_list args) -{ - const char *str; - krb5_deltat t; - - str = krb5_config_vget_string (context, c, args); - if(str == NULL) - return def_value; - if (krb5_string_to_deltat(str, &t)) - return def_value; - return t; -} - -int KRB5_LIB_FUNCTION -krb5_config_vget_time (krb5_context context, - const krb5_config_section *c, - va_list args) -{ - return krb5_config_vget_time_default (context, c, -1, args); -} - -int KRB5_LIB_FUNCTION -krb5_config_get_time_default (krb5_context context, - const krb5_config_section *c, - int def_value, - ...) -{ - va_list ap; - int ret; - va_start(ap, def_value); - ret = krb5_config_vget_time_default(context, c, def_value, ap); - va_end(ap); - return ret; -} - -int KRB5_LIB_FUNCTION -krb5_config_get_time (krb5_context context, - const krb5_config_section *c, - ...) -{ - va_list ap; - int ret; - va_start(ap, c); - ret = krb5_config_vget_time (context, c, ap); - va_end(ap); - return ret; -} - - -int KRB5_LIB_FUNCTION -krb5_config_vget_int_default (krb5_context context, - const krb5_config_section *c, - int def_value, - va_list args) -{ - const char *str; - str = krb5_config_vget_string (context, c, args); - if(str == NULL) - return def_value; - else { - char *endptr; - long l; - l = strtol(str, &endptr, 0); - if (endptr == str) - return def_value; - else - return l; - } -} - -int KRB5_LIB_FUNCTION -krb5_config_vget_int (krb5_context context, - const krb5_config_section *c, - va_list args) -{ - return krb5_config_vget_int_default (context, c, -1, args); -} - -int KRB5_LIB_FUNCTION -krb5_config_get_int_default (krb5_context context, - const krb5_config_section *c, - int def_value, - ...) -{ - va_list ap; - int ret; - va_start(ap, def_value); - ret = krb5_config_vget_int_default(context, c, def_value, ap); - va_end(ap); - return ret; -} - -int KRB5_LIB_FUNCTION -krb5_config_get_int (krb5_context context, - const krb5_config_section *c, - ...) -{ - va_list ap; - int ret; - va_start(ap, c); - ret = krb5_config_vget_int (context, c, ap); - va_end(ap); - return ret; -} diff --git a/crypto/heimdal/lib/krb5/config_file_netinfo.c b/crypto/heimdal/lib/krb5/config_file_netinfo.c deleted file mode 100644 index 1e01e7c5ffbc..000000000000 --- a/crypto/heimdal/lib/krb5/config_file_netinfo.c +++ /dev/null @@ -1,180 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -RCSID("$Id: config_file_netinfo.c 13863 2004-05-25 21:46:46Z lha $"); - -/* - * Netinfo implementation from Luke Howard - */ - -#ifdef HAVE_NETINFO -#include -static ni_status -ni_proplist2binding(ni_proplist *pl, krb5_config_section **ret) -{ - int i, j; - krb5_config_section **next = NULL; - - for (i = 0; i < pl->ni_proplist_len; i++) { - if (!strcmp(pl->nipl_val[i].nip_name, "name")) - continue; - - for (j = 0; j < pl->nipl_val[i].nip_val.ni_namelist_len; j++) { - krb5_config_binding *b; - - b = malloc(sizeof(*b)); - if (b == NULL) - return NI_FAILED; - - b->next = NULL; - b->type = krb5_config_string; - b->name = ni_name_dup(pl->nipl_val[i].nip_name); - b->u.string = ni_name_dup(pl->nipl_val[i].nip_val.ninl_val[j]); - - if (next == NULL) { - *ret = b; - } else { - *next = b; - } - next = &b->next; - } - } - return NI_OK; -} - -static ni_status -ni_idlist2binding(void *ni, ni_idlist *idlist, krb5_config_section **ret) -{ - int i; - ni_status nis; - krb5_config_section **next; - - for (i = 0; i < idlist->ni_idlist_len; i++) { - ni_proplist pl; - ni_id nid; - ni_idlist children; - krb5_config_binding *b; - ni_index index; - - nid.nii_instance = 0; - nid.nii_object = idlist->ni_idlist_val[i]; - - nis = ni_read(ni, &nid, &pl); - - if (nis != NI_OK) { - return nis; - } - index = ni_proplist_match(pl, "name", NULL); - b = malloc(sizeof(*b)); - if (b == NULL) return NI_FAILED; - - if (i == 0) { - *ret = b; - } else { - *next = b; - } - - b->type = krb5_config_list; - b->name = ni_name_dup(pl.nipl_val[index].nip_val.ninl_val[0]); - b->next = NULL; - b->u.list = NULL; - - /* get the child directories */ - nis = ni_children(ni, &nid, &children); - if (nis == NI_OK) { - nis = ni_idlist2binding(ni, &children, &b->u.list); - if (nis != NI_OK) { - return nis; - } - } - - nis = ni_proplist2binding(&pl, b->u.list == NULL ? &b->u.list : &b->u.list->next); - ni_proplist_free(&pl); - if (nis != NI_OK) { - return nis; - } - next = &b->next; - } - ni_idlist_free(idlist); - return NI_OK; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_config_parse_file (krb5_context context, - const char *fname, - krb5_config_section **res) -{ - void *ni = NULL, *lastni = NULL; - int i; - ni_status nis; - ni_id nid; - ni_idlist children; - - krb5_config_section *s; - int ret; - - s = NULL; - - for (i = 0; i < 256; i++) { - if (i == 0) { - nis = ni_open(NULL, ".", &ni); - } else { - if (lastni != NULL) ni_free(lastni); - lastni = ni; - nis = ni_open(lastni, "..", &ni); - } - if (nis != NI_OK) - break; - nis = ni_pathsearch(ni, &nid, "/locations/kerberos"); - if (nis == NI_OK) { - nis = ni_children(ni, &nid, &children); - if (nis != NI_OK) - break; - nis = ni_idlist2binding(ni, &children, &s); - break; - } - } - - if (ni != NULL) ni_free(ni); - if (ni != lastni && lastni != NULL) ni_free(lastni); - - ret = (nis == NI_OK) ? 0 : -1; - if (ret == 0) { - *res = s; - } else { - *res = NULL; - } - return ret; -} -#endif /* HAVE_NETINFO */ diff --git a/crypto/heimdal/lib/krb5/constants.c b/crypto/heimdal/lib/krb5/constants.c deleted file mode 100644 index 5188a1d3a864..000000000000 --- a/crypto/heimdal/lib/krb5/constants.c +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: constants.c 14253 2004-09-23 07:57:37Z joda $"); - -const char *krb5_config_file = -#ifdef __APPLE__ -"/Library/Preferences/edu.mit.Kerberos:" -#endif -SYSCONFDIR "/krb5.conf:/etc/krb5.conf"; -const char *krb5_defkeyname = KEYTAB_DEFAULT; diff --git a/crypto/heimdal/lib/krb5/context.c b/crypto/heimdal/lib/krb5/context.c deleted file mode 100644 index 256783310e93..000000000000 --- a/crypto/heimdal/lib/krb5/context.c +++ /dev/null @@ -1,1033 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -#include - -RCSID("$Id: context.c 22293 2007-12-14 05:25:59Z lha $"); - -#define INIT_FIELD(C, T, E, D, F) \ - (C)->E = krb5_config_get_ ## T ## _default ((C), NULL, (D), \ - "libdefaults", F, NULL) - -#define INIT_FLAG(C, O, V, D, F) \ - do { \ - if (krb5_config_get_bool_default((C), NULL, (D),"libdefaults", F, NULL)) { \ - (C)->O |= V; \ - } \ - } while(0) - -/* - * Set the list of etypes `ret_etypes' from the configuration variable - * `name' - */ - -static krb5_error_code -set_etypes (krb5_context context, - const char *name, - krb5_enctype **ret_enctypes) -{ - char **etypes_str; - krb5_enctype *etypes = NULL; - - etypes_str = krb5_config_get_strings(context, NULL, "libdefaults", - name, NULL); - if(etypes_str){ - int i, j, k; - for(i = 0; etypes_str[i]; i++); - etypes = malloc((i+1) * sizeof(*etypes)); - if (etypes == NULL) { - krb5_config_free_strings (etypes_str); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - for(j = 0, k = 0; j < i; j++) { - krb5_enctype e; - if(krb5_string_to_enctype(context, etypes_str[j], &e) != 0) - continue; - if (krb5_enctype_valid(context, e) != 0) - continue; - etypes[k++] = e; - } - etypes[k] = ETYPE_NULL; - krb5_config_free_strings(etypes_str); - } - *ret_enctypes = etypes; - return 0; -} - -/* - * read variables from the configuration file and set in `context' - */ - -static krb5_error_code -init_context_from_config_file(krb5_context context) -{ - krb5_error_code ret; - const char * tmp; - krb5_enctype *tmptypes; - - INIT_FIELD(context, time, max_skew, 5 * 60, "clockskew"); - INIT_FIELD(context, time, kdc_timeout, 3, "kdc_timeout"); - INIT_FIELD(context, int, max_retries, 3, "max_retries"); - - INIT_FIELD(context, string, http_proxy, NULL, "http_proxy"); - - ret = set_etypes (context, "default_etypes", &tmptypes); - if(ret) - return ret; - free(context->etypes); - context->etypes = tmptypes; - - ret = set_etypes (context, "default_etypes_des", &tmptypes); - if(ret) - return ret; - free(context->etypes_des); - context->etypes_des = tmptypes; - - /* default keytab name */ - tmp = NULL; - if(!issuid()) - tmp = getenv("KRB5_KTNAME"); - if(tmp != NULL) - context->default_keytab = tmp; - else - INIT_FIELD(context, string, default_keytab, - KEYTAB_DEFAULT, "default_keytab_name"); - - INIT_FIELD(context, string, default_keytab_modify, - NULL, "default_keytab_modify_name"); - - INIT_FIELD(context, string, time_fmt, - "%Y-%m-%dT%H:%M:%S", "time_format"); - - INIT_FIELD(context, string, date_fmt, - "%Y-%m-%d", "date_format"); - - INIT_FIELD(context, bool, log_utc, - FALSE, "log_utc"); - - - - /* init dns-proxy slime */ - tmp = krb5_config_get_string(context, NULL, "libdefaults", - "dns_proxy", NULL); - if(tmp) - roken_gethostby_setup(context->http_proxy, tmp); - krb5_free_host_realm (context, context->default_realms); - context->default_realms = NULL; - - { - krb5_addresses addresses; - char **adr, **a; - - krb5_set_extra_addresses(context, NULL); - adr = krb5_config_get_strings(context, NULL, - "libdefaults", - "extra_addresses", - NULL); - memset(&addresses, 0, sizeof(addresses)); - for(a = adr; a && *a; a++) { - ret = krb5_parse_address(context, *a, &addresses); - if (ret == 0) { - krb5_add_extra_addresses(context, &addresses); - krb5_free_addresses(context, &addresses); - } - } - krb5_config_free_strings(adr); - - krb5_set_ignore_addresses(context, NULL); - adr = krb5_config_get_strings(context, NULL, - "libdefaults", - "ignore_addresses", - NULL); - memset(&addresses, 0, sizeof(addresses)); - for(a = adr; a && *a; a++) { - ret = krb5_parse_address(context, *a, &addresses); - if (ret == 0) { - krb5_add_ignore_addresses(context, &addresses); - krb5_free_addresses(context, &addresses); - } - } - krb5_config_free_strings(adr); - } - - INIT_FIELD(context, bool, scan_interfaces, TRUE, "scan_interfaces"); - INIT_FIELD(context, int, fcache_vno, 0, "fcache_version"); - /* prefer dns_lookup_kdc over srv_lookup. */ - INIT_FIELD(context, bool, srv_lookup, TRUE, "srv_lookup"); - INIT_FIELD(context, bool, srv_lookup, context->srv_lookup, "dns_lookup_kdc"); - INIT_FIELD(context, int, large_msg_size, 1400, "large_message_size"); - INIT_FLAG(context, flags, KRB5_CTX_F_DNS_CANONICALIZE_HOSTNAME, TRUE, "dns_canonicalize_hostname"); - INIT_FLAG(context, flags, KRB5_CTX_F_CHECK_PAC, TRUE, "check_pac"); - context->default_cc_name = NULL; - context->default_cc_name_set = 0; - return 0; -} - -/** - * Initializes the context structure and reads the configuration file - * /etc/krb5.conf. The structure should be freed by calling - * krb5_free_context() when it is no longer being used. - * - * @param context pointer to returned context - * - * @return Returns 0 to indicate success. Otherwise an errno code is - * returned. Failure means either that something bad happened during - * initialization (typically ENOMEM) or that Kerberos should not be - * used ENXIO. - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_init_context(krb5_context *context) -{ - krb5_context p; - krb5_error_code ret; - char **files; - - *context = NULL; - - p = calloc(1, sizeof(*p)); - if(!p) - return ENOMEM; - - p->mutex = malloc(sizeof(HEIMDAL_MUTEX)); - if (p->mutex == NULL) { - free(p); - return ENOMEM; - } - HEIMDAL_MUTEX_init(p->mutex); - - ret = krb5_get_default_config_files(&files); - if(ret) - goto out; - ret = krb5_set_config_files(p, files); - krb5_free_config_files(files); - if(ret) - goto out; - - /* init error tables */ - krb5_init_ets(p); - - p->cc_ops = NULL; - p->num_cc_ops = 0; - krb5_cc_register(p, &krb5_acc_ops, TRUE); - krb5_cc_register(p, &krb5_fcc_ops, TRUE); - krb5_cc_register(p, &krb5_mcc_ops, TRUE); -#ifdef HAVE_KCM - krb5_cc_register(p, &krb5_kcm_ops, TRUE); -#endif - - p->num_kt_types = 0; - p->kt_types = NULL; - krb5_kt_register (p, &krb5_fkt_ops); - krb5_kt_register (p, &krb5_wrfkt_ops); - krb5_kt_register (p, &krb5_javakt_ops); - krb5_kt_register (p, &krb5_mkt_ops); - krb5_kt_register (p, &krb5_akf_ops); - krb5_kt_register (p, &krb4_fkt_ops); - krb5_kt_register (p, &krb5_srvtab_fkt_ops); - krb5_kt_register (p, &krb5_any_ops); - -out: - if(ret) { - krb5_free_context(p); - p = NULL; - } - *context = p; - return ret; -} - -/** - * Frees the krb5_context allocated by krb5_init_context(). - * - * @param context context to be freed. - * - * @ingroup krb5 -*/ - -void KRB5_LIB_FUNCTION -krb5_free_context(krb5_context context) -{ - if (context->default_cc_name) - free(context->default_cc_name); - if (context->default_cc_name_env) - free(context->default_cc_name_env); - free(context->etypes); - free(context->etypes_des); - krb5_free_host_realm (context, context->default_realms); - krb5_config_file_free (context, context->cf); - free_error_table (context->et_list); - free(context->cc_ops); - free(context->kt_types); - krb5_clear_error_string(context); - if(context->warn_dest != NULL) - krb5_closelog(context, context->warn_dest); - krb5_set_extra_addresses(context, NULL); - krb5_set_ignore_addresses(context, NULL); - krb5_set_send_to_kdc_func(context, NULL, NULL); - if (context->mutex != NULL) { - HEIMDAL_MUTEX_destroy(context->mutex); - free(context->mutex); - } - memset(context, 0, sizeof(*context)); - free(context); -} - -/** - * Reinit the context from a new set of filenames. - * - * @param context context to add configuration too. - * @param filenames array of filenames, end of list is indicated with a NULL filename. - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_config_files(krb5_context context, char **filenames) -{ - krb5_error_code ret; - krb5_config_binding *tmp = NULL; - while(filenames != NULL && *filenames != NULL && **filenames != '\0') { - ret = krb5_config_parse_file_multi(context, *filenames, &tmp); - if(ret != 0 && ret != ENOENT && ret != EACCES) { - krb5_config_file_free(context, tmp); - return ret; - } - filenames++; - } -#if 0 - /* with this enabled and if there are no config files, Kerberos is - considererd disabled */ - if(tmp == NULL) - return ENXIO; -#endif - krb5_config_file_free(context, context->cf); - context->cf = tmp; - ret = init_context_from_config_file(context); - return ret; -} - -static krb5_error_code -add_file(char ***pfilenames, int *len, char *file) -{ - char **pp = *pfilenames; - int i; - - for(i = 0; i < *len; i++) { - if(strcmp(pp[i], file) == 0) { - free(file); - return 0; - } - } - - pp = realloc(*pfilenames, (*len + 2) * sizeof(*pp)); - if (pp == NULL) { - free(file); - return ENOMEM; - } - - pp[*len] = file; - pp[*len + 1] = NULL; - *pfilenames = pp; - *len += 1; - return 0; -} - -/* - * `pq' isn't free, it's up the the caller - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_prepend_config_files(const char *filelist, char **pq, char ***ret_pp) -{ - krb5_error_code ret; - const char *p, *q; - char **pp; - int len; - char *fn; - - pp = NULL; - - len = 0; - p = filelist; - while(1) { - ssize_t l; - q = p; - l = strsep_copy(&q, ":", NULL, 0); - if(l == -1) - break; - fn = malloc(l + 1); - if(fn == NULL) { - krb5_free_config_files(pp); - return ENOMEM; - } - l = strsep_copy(&p, ":", fn, l + 1); - ret = add_file(&pp, &len, fn); - if (ret) { - krb5_free_config_files(pp); - return ret; - } - } - - if (pq != NULL) { - int i; - - for (i = 0; pq[i] != NULL; i++) { - fn = strdup(pq[i]); - if (fn == NULL) { - krb5_free_config_files(pp); - return ENOMEM; - } - ret = add_file(&pp, &len, fn); - if (ret) { - krb5_free_config_files(pp); - return ret; - } - } - } - - *ret_pp = pp; - return 0; -} - -/** - * Prepend the filename to the global configuration list. - * - * @param filelist a filename to add to the default list of filename - * @param pfilenames return array of filenames, should be freed with krb5_free_config_files(). - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_prepend_config_files_default(const char *filelist, char ***pfilenames) -{ - krb5_error_code ret; - char **defpp, **pp = NULL; - - ret = krb5_get_default_config_files(&defpp); - if (ret) - return ret; - - ret = krb5_prepend_config_files(filelist, defpp, &pp); - krb5_free_config_files(defpp); - if (ret) { - return ret; - } - *pfilenames = pp; - return 0; -} - -/** - * Get the global configuration list. - * - * @param pfilenames return array of filenames, should be freed with krb5_free_config_files(). - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_default_config_files(char ***pfilenames) -{ - const char *files = NULL; - - if (pfilenames == NULL) - return EINVAL; - if(!issuid()) - files = getenv("KRB5_CONFIG"); - if (files == NULL) - files = krb5_config_file; - - return krb5_prepend_config_files(files, NULL, pfilenames); -} - -/** - * Free a list of configuration files. - * - * @param filenames list to be freed. - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5 - */ - -void KRB5_LIB_FUNCTION -krb5_free_config_files(char **filenames) -{ - char **p; - for(p = filenames; *p != NULL; p++) - free(*p); - free(filenames); -} - -/** - * Returns the list of Kerberos encryption types sorted in order of - * most preferred to least preferred encryption type. Note that some - * encryption types might be disabled, so you need to check with - * krb5_enctype_valid() before using the encryption type. - * - * @return list of enctypes, terminated with ETYPE_NULL. Its a static - * array completed into the Kerberos library so the content doesn't - * need to be freed. - * - * @ingroup krb5 - */ - -const krb5_enctype * KRB5_LIB_FUNCTION -krb5_kerberos_enctypes(krb5_context context) -{ - static const krb5_enctype p[] = { - ETYPE_AES256_CTS_HMAC_SHA1_96, - ETYPE_AES128_CTS_HMAC_SHA1_96, - ETYPE_DES3_CBC_SHA1, - ETYPE_DES3_CBC_MD5, - ETYPE_ARCFOUR_HMAC_MD5, - ETYPE_DES_CBC_MD5, - ETYPE_DES_CBC_MD4, - ETYPE_DES_CBC_CRC, - ETYPE_NULL - }; - return p; -} - -/* - * set `etype' to a malloced list of the default enctypes - */ - -static krb5_error_code -default_etypes(krb5_context context, krb5_enctype **etype) -{ - const krb5_enctype *p; - krb5_enctype *e = NULL, *ep; - int i, n = 0; - - p = krb5_kerberos_enctypes(context); - - for (i = 0; p[i] != ETYPE_NULL; i++) { - if (krb5_enctype_valid(context, p[i]) != 0) - continue; - ep = realloc(e, (n + 2) * sizeof(*e)); - if (ep == NULL) { - free(e); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - e = ep; - e[n] = p[i]; - e[n + 1] = ETYPE_NULL; - n++; - } - *etype = e; - return 0; -} - -/** - * Set the default encryption types that will be use in communcation - * with the KDC, clients and servers. - * - * @param context Kerberos 5 context. - * @param etypes Encryption types, array terminated with ETYPE_NULL (0). - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_default_in_tkt_etypes(krb5_context context, - const krb5_enctype *etypes) -{ - krb5_enctype *p = NULL; - int i; - - if(etypes) { - for (i = 0; etypes[i]; ++i) { - krb5_error_code ret; - ret = krb5_enctype_valid(context, etypes[i]); - if (ret) - return ret; - } - ++i; - ALLOC(p, i); - if(!p) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - memmove(p, etypes, i * sizeof(krb5_enctype)); - } - if(context->etypes) - free(context->etypes); - context->etypes = p; - return 0; -} - -/** - * Get the default encryption types that will be use in communcation - * with the KDC, clients and servers. - * - * @param context Kerberos 5 context. - * @param etypes Encryption types, array terminated with - * ETYPE_NULL(0), caller should free array with krb5_xfree(): - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_default_in_tkt_etypes(krb5_context context, - krb5_enctype **etypes) -{ - krb5_enctype *p; - int i; - krb5_error_code ret; - - if(context->etypes) { - for(i = 0; context->etypes[i]; i++); - ++i; - ALLOC(p, i); - if(!p) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - memmove(p, context->etypes, i * sizeof(krb5_enctype)); - } else { - ret = default_etypes(context, &p); - if (ret) - return ret; - } - *etypes = p; - return 0; -} - -/** - * Return the error string for the error code. The caller must not - * free the string. - * - * @param context Kerberos 5 context. - * @param code Kerberos error code. - * - * @return the error message matching code - * - * @ingroup krb5 - */ - -const char* KRB5_LIB_FUNCTION -krb5_get_err_text(krb5_context context, krb5_error_code code) -{ - const char *p = NULL; - if(context != NULL) - p = com_right(context->et_list, code); - if(p == NULL) - p = strerror(code); - if (p == NULL) - p = "Unknown error"; - return p; -} - -/** - * Init the built-in ets in the Kerberos library. - * - * @param context kerberos context to add the ets too - * - * @ingroup krb5 - */ - -void KRB5_LIB_FUNCTION -krb5_init_ets(krb5_context context) -{ - if(context->et_list == NULL){ - krb5_add_et_list(context, initialize_krb5_error_table_r); - krb5_add_et_list(context, initialize_asn1_error_table_r); - krb5_add_et_list(context, initialize_heim_error_table_r); - krb5_add_et_list(context, initialize_k524_error_table_r); -#ifdef PKINIT - krb5_add_et_list(context, initialize_hx_error_table_r); -#endif - } -} - -/** - * Make the kerberos library default to the admin KDC. - * - * @param context Kerberos 5 context. - * @param flag boolean flag to select if the use the admin KDC or not. - * - * @ingroup krb5 - */ - -void KRB5_LIB_FUNCTION -krb5_set_use_admin_kdc (krb5_context context, krb5_boolean flag) -{ - context->use_admin_kdc = flag; -} - -/** - * Make the kerberos library default to the admin KDC. - * - * @param context Kerberos 5 context. - * - * @return boolean flag to telling the context will use admin KDC as the default KDC. - * - * @ingroup krb5 - */ - -krb5_boolean KRB5_LIB_FUNCTION -krb5_get_use_admin_kdc (krb5_context context) -{ - return context->use_admin_kdc; -} - -/** - * Add extra address to the address list that the library will add to - * the client's address list when communicating with the KDC. - * - * @param context Kerberos 5 context. - * @param addresses addreses to add - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_add_extra_addresses(krb5_context context, krb5_addresses *addresses) -{ - - if(context->extra_addresses) - return krb5_append_addresses(context, - context->extra_addresses, addresses); - else - return krb5_set_extra_addresses(context, addresses); -} - -/** - * Set extra address to the address list that the library will add to - * the client's address list when communicating with the KDC. - * - * @param context Kerberos 5 context. - * @param addresses addreses to set - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_extra_addresses(krb5_context context, const krb5_addresses *addresses) -{ - if(context->extra_addresses) - krb5_free_addresses(context, context->extra_addresses); - - if(addresses == NULL) { - if(context->extra_addresses != NULL) { - free(context->extra_addresses); - context->extra_addresses = NULL; - } - return 0; - } - if(context->extra_addresses == NULL) { - context->extra_addresses = malloc(sizeof(*context->extra_addresses)); - if(context->extra_addresses == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - } - return krb5_copy_addresses(context, addresses, context->extra_addresses); -} - -/** - * Get extra address to the address list that the library will add to - * the client's address list when communicating with the KDC. - * - * @param context Kerberos 5 context. - * @param addresses addreses to set - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_extra_addresses(krb5_context context, krb5_addresses *addresses) -{ - if(context->extra_addresses == NULL) { - memset(addresses, 0, sizeof(*addresses)); - return 0; - } - return krb5_copy_addresses(context,context->extra_addresses, addresses); -} - -/** - * Add extra addresses to ignore when fetching addresses from the - * underlaying operating system. - * - * @param context Kerberos 5 context. - * @param addresses addreses to ignore - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_add_ignore_addresses(krb5_context context, krb5_addresses *addresses) -{ - - if(context->ignore_addresses) - return krb5_append_addresses(context, - context->ignore_addresses, addresses); - else - return krb5_set_ignore_addresses(context, addresses); -} - -/** - * Set extra addresses to ignore when fetching addresses from the - * underlaying operating system. - * - * @param context Kerberos 5 context. - * @param addresses addreses to ignore - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_ignore_addresses(krb5_context context, const krb5_addresses *addresses) -{ - if(context->ignore_addresses) - krb5_free_addresses(context, context->ignore_addresses); - if(addresses == NULL) { - if(context->ignore_addresses != NULL) { - free(context->ignore_addresses); - context->ignore_addresses = NULL; - } - return 0; - } - if(context->ignore_addresses == NULL) { - context->ignore_addresses = malloc(sizeof(*context->ignore_addresses)); - if(context->ignore_addresses == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - } - return krb5_copy_addresses(context, addresses, context->ignore_addresses); -} - -/** - * Get extra addresses to ignore when fetching addresses from the - * underlaying operating system. - * - * @param context Kerberos 5 context. - * @param addresses list addreses ignored - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_ignore_addresses(krb5_context context, krb5_addresses *addresses) -{ - if(context->ignore_addresses == NULL) { - memset(addresses, 0, sizeof(*addresses)); - return 0; - } - return krb5_copy_addresses(context, context->ignore_addresses, addresses); -} - -/** - * Set version of fcache that the library should use. - * - * @param context Kerberos 5 context. - * @param version version number. - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_fcache_version(krb5_context context, int version) -{ - context->fcache_vno = version; - return 0; -} - -/** - * Get version of fcache that the library should use. - * - * @param context Kerberos 5 context. - * @param version version number. - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_fcache_version(krb5_context context, int *version) -{ - *version = context->fcache_vno; - return 0; -} - -/** - * Runtime check if the Kerberos library was complied with thread support. - * - * @return TRUE if the library was compiled with thread support, FALSE if not. - * - * @ingroup krb5 - */ - - -krb5_boolean KRB5_LIB_FUNCTION -krb5_is_thread_safe(void) -{ -#ifdef ENABLE_PTHREAD_SUPPORT - return TRUE; -#else - return FALSE; -#endif -} - -/** - * Set if the library should use DNS to canonicalize hostnames. - * - * @param context Kerberos 5 context. - * @param flag if its dns canonicalizion is used or not. - * - * @ingroup krb5 - */ - -void KRB5_LIB_FUNCTION -krb5_set_dns_canonicalize_hostname (krb5_context context, krb5_boolean flag) -{ - if (flag) - context->flags |= KRB5_CTX_F_DNS_CANONICALIZE_HOSTNAME; - else - context->flags &= ~KRB5_CTX_F_DNS_CANONICALIZE_HOSTNAME; -} - -/** - * Get if the library uses DNS to canonicalize hostnames. - * - * @param context Kerberos 5 context. - * - * @return return non zero if the library uses DNS to canonicalize hostnames. - * - * @ingroup krb5 - */ - -krb5_boolean KRB5_LIB_FUNCTION -krb5_get_dns_canonicalize_hostname (krb5_context context) -{ - return (context->flags & KRB5_CTX_F_DNS_CANONICALIZE_HOSTNAME) ? 1 : 0; -} - -/** - * Get current offset in time to the KDC. - * - * @param context Kerberos 5 context. - * @param sec seconds part of offset. - * @param usec micro seconds part of offset. - * - * @return return non zero if the library uses DNS to canonicalize hostnames. - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_kdc_sec_offset (krb5_context context, int32_t *sec, int32_t *usec) -{ - if (sec) - *sec = context->kdc_sec_offset; - if (usec) - *usec = context->kdc_usec_offset; - return 0; -} - -/** - * Get max time skew allowed. - * - * @param context Kerberos 5 context. - * - * @return timeskew in seconds. - * - * @ingroup krb5 - */ - -time_t KRB5_LIB_FUNCTION -krb5_get_max_time_skew (krb5_context context) -{ - return context->max_skew; -} - -/** - * Set max time skew allowed. - * - * @param context Kerberos 5 context. - * @param t timeskew in seconds. - * - * @ingroup krb5 - */ - -void KRB5_LIB_FUNCTION -krb5_set_max_time_skew (krb5_context context, time_t t) -{ - context->max_skew = t; -} diff --git a/crypto/heimdal/lib/krb5/convert_creds.c b/crypto/heimdal/lib/krb5/convert_creds.c deleted file mode 100644 index b2af0187eac3..000000000000 --- a/crypto/heimdal/lib/krb5/convert_creds.c +++ /dev/null @@ -1,204 +0,0 @@ -/* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -RCSID("$Id: convert_creds.c 22050 2007-11-11 11:20:46Z lha $"); - -#include "krb5-v4compat.h" - -static krb5_error_code -check_ticket_flags(TicketFlags f) -{ - return 0; /* maybe add some more tests here? */ -} - -/** - * Convert the v5 credentials in in_cred to v4-dito in v4creds. This - * is done by sending them to the 524 function in the KDC. If - * `in_cred' doesn't contain a DES session key, then a new one is - * gotten from the KDC and stored in the cred cache `ccache'. - * - * @param context Kerberos 5 context. - * @param in_cred the credential to convert - * @param v4creds the converted credential - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5_v4compat - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb524_convert_creds_kdc(krb5_context context, - krb5_creds *in_cred, - struct credentials *v4creds) -{ - krb5_error_code ret; - krb5_data reply; - krb5_storage *sp; - int32_t tmp; - krb5_data ticket; - char realm[REALM_SZ]; - krb5_creds *v5_creds = in_cred; - - ret = check_ticket_flags(v5_creds->flags.b); - if(ret) - goto out2; - - { - krb5_krbhst_handle handle; - - ret = krb5_krbhst_init(context, - krb5_principal_get_realm(context, - v5_creds->server), - KRB5_KRBHST_KRB524, - &handle); - if (ret) - goto out2; - - ret = krb5_sendto (context, - &v5_creds->ticket, - handle, - &reply); - krb5_krbhst_free(context, handle); - if (ret) - goto out2; - } - sp = krb5_storage_from_mem(reply.data, reply.length); - if(sp == NULL) { - ret = ENOMEM; - krb5_set_error_string (context, "malloc: out of memory"); - goto out2; - } - krb5_ret_int32(sp, &tmp); - ret = tmp; - if(ret == 0) { - memset(v4creds, 0, sizeof(*v4creds)); - ret = krb5_ret_int32(sp, &tmp); - if(ret) - goto out; - v4creds->kvno = tmp; - ret = krb5_ret_data(sp, &ticket); - if(ret) - goto out; - v4creds->ticket_st.length = ticket.length; - memcpy(v4creds->ticket_st.dat, ticket.data, ticket.length); - krb5_data_free(&ticket); - ret = krb5_524_conv_principal(context, - v5_creds->server, - v4creds->service, - v4creds->instance, - v4creds->realm); - if(ret) - goto out; - v4creds->issue_date = v5_creds->times.starttime; - v4creds->lifetime = _krb5_krb_time_to_life(v4creds->issue_date, - v5_creds->times.endtime); - ret = krb5_524_conv_principal(context, v5_creds->client, - v4creds->pname, - v4creds->pinst, - realm); - if(ret) - goto out; - memcpy(v4creds->session, v5_creds->session.keyvalue.data, 8); - } else { - krb5_set_error_string(context, "converting credentials: %s", - krb5_get_err_text(context, ret)); - } -out: - krb5_storage_free(sp); - krb5_data_free(&reply); -out2: - if (v5_creds != in_cred) - krb5_free_creds (context, v5_creds); - return ret; -} - -/** - * Convert the v5 credentials in in_cred to v4-dito in v4creds, - * check the credential cache ccache before checking with the KDC. - * - * @param context Kerberos 5 context. - * @param ccache credential cache used to check for des-ticket. - * @param in_cred the credential to convert - * @param v4creds the converted credential - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5_v4compat - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb524_convert_creds_kdc_ccache(krb5_context context, - krb5_ccache ccache, - krb5_creds *in_cred, - struct credentials *v4creds) -{ - krb5_error_code ret; - krb5_creds *v5_creds = in_cred; - krb5_keytype keytype; - - keytype = v5_creds->session.keytype; - - if (keytype != ENCTYPE_DES_CBC_CRC) { - /* MIT krb524d doesn't like nothing but des-cbc-crc tickets, - so go get one */ - krb5_creds template; - - memset (&template, 0, sizeof(template)); - template.session.keytype = ENCTYPE_DES_CBC_CRC; - ret = krb5_copy_principal (context, in_cred->client, &template.client); - if (ret) { - krb5_free_cred_contents (context, &template); - return ret; - } - ret = krb5_copy_principal (context, in_cred->server, &template.server); - if (ret) { - krb5_free_cred_contents (context, &template); - return ret; - } - - ret = krb5_get_credentials (context, 0, ccache, - &template, &v5_creds); - krb5_free_cred_contents (context, &template); - if (ret) - return ret; - } - - ret = krb524_convert_creds_kdc(context, v5_creds, v4creds); - - if (v5_creds != in_cred) - krb5_free_creds (context, v5_creds); - return ret; -} diff --git a/crypto/heimdal/lib/krb5/copy_host_realm.c b/crypto/heimdal/lib/krb5/copy_host_realm.c deleted file mode 100644 index 8c4f39b4ac4c..000000000000 --- a/crypto/heimdal/lib/krb5/copy_host_realm.c +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: copy_host_realm.c 22057 2007-11-11 15:13:13Z lha $"); - -/** - * Copy the list of realms from `from' to `to'. - * - * @param context Kerberos 5 context. - * @param from list of realms to copy from. - * @param to list of realms to copy to, free list of krb5_free_host_realm(). - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_host_realm(krb5_context context, - const krb5_realm *from, - krb5_realm **to) -{ - int n, i; - const krb5_realm *p; - - for (n = 0, p = from; *p != NULL; ++p) - ++n; - ++n; - *to = malloc (n * sizeof(**to)); - if (*to == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - for (i = 0; i < n; ++i) - (*to)[i] = NULL; - for (i = 0, p = from; *p != NULL; ++p, ++i) { - (*to)[i] = strdup(*p); - if ((*to)[i] == NULL) { - krb5_free_host_realm (context, *to); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - } - return 0; -} diff --git a/crypto/heimdal/lib/krb5/crc.c b/crypto/heimdal/lib/krb5/crc.c deleted file mode 100644 index 072c29d68974..000000000000 --- a/crypto/heimdal/lib/krb5/crc.c +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: crc.c 17442 2006-05-05 09:31:15Z lha $"); - -static u_long table[256]; - -#define CRC_GEN 0xEDB88320L - -void -_krb5_crc_init_table(void) -{ - static int flag = 0; - unsigned long crc, poly; - int i, j; - - if(flag) return; - poly = CRC_GEN; - for (i = 0; i < 256; i++) { - crc = i; - for (j = 8; j > 0; j--) { - if (crc & 1) { - crc = (crc >> 1) ^ poly; - } else { - crc >>= 1; - } - } - table[i] = crc; - } - flag = 1; -} - -uint32_t -_krb5_crc_update (const char *p, size_t len, uint32_t res) -{ - while (len--) - res = table[(res ^ *p++) & 0xFF] ^ (res >> 8); - return res & 0xFFFFFFFF; -} diff --git a/crypto/heimdal/lib/krb5/creds.c b/crypto/heimdal/lib/krb5/creds.c deleted file mode 100644 index 17ef46dfa3b6..000000000000 --- a/crypto/heimdal/lib/krb5/creds.c +++ /dev/null @@ -1,269 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: creds.c 22062 2007-11-11 15:41:50Z lha $"); - -#undef __attribute__ -#define __attribute__(X) - -/* keep this for compatibility with older code */ -krb5_error_code KRB5_LIB_FUNCTION __attribute__((deprecated)) -krb5_free_creds_contents (krb5_context context, krb5_creds *c) -{ - return krb5_free_cred_contents (context, c); -} - -/** - * Free content of krb5_creds. - * - * @param context Kerberos 5 context. - * @param c krb5_creds to free. - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_free_cred_contents (krb5_context context, krb5_creds *c) -{ - krb5_free_principal (context, c->client); - c->client = NULL; - krb5_free_principal (context, c->server); - c->server = NULL; - krb5_free_keyblock_contents (context, &c->session); - krb5_data_free (&c->ticket); - krb5_data_free (&c->second_ticket); - free_AuthorizationData (&c->authdata); - krb5_free_addresses (context, &c->addresses); - memset(c, 0, sizeof(*c)); - return 0; -} - -/** - * Copy content of krb5_creds. - * - * @param context Kerberos 5 context. - * @param incred source credential - * @param c destination credential, free with krb5_free_cred_contents(). - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_creds_contents (krb5_context context, - const krb5_creds *incred, - krb5_creds *c) -{ - krb5_error_code ret; - - memset(c, 0, sizeof(*c)); - ret = krb5_copy_principal (context, incred->client, &c->client); - if (ret) - goto fail; - ret = krb5_copy_principal (context, incred->server, &c->server); - if (ret) - goto fail; - ret = krb5_copy_keyblock_contents (context, &incred->session, &c->session); - if (ret) - goto fail; - c->times = incred->times; - ret = krb5_data_copy (&c->ticket, - incred->ticket.data, - incred->ticket.length); - if (ret) - goto fail; - ret = krb5_data_copy (&c->second_ticket, - incred->second_ticket.data, - incred->second_ticket.length); - if (ret) - goto fail; - ret = copy_AuthorizationData(&incred->authdata, &c->authdata); - if (ret) - goto fail; - ret = krb5_copy_addresses (context, - &incred->addresses, - &c->addresses); - if (ret) - goto fail; - c->flags = incred->flags; - return 0; - -fail: - krb5_free_cred_contents (context, c); - return ret; -} - -/** - * Copy krb5_creds. - * - * @param context Kerberos 5 context. - * @param incred source credential - * @param outcred destination credential, free with krb5_free_creds(). - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_creds (krb5_context context, - const krb5_creds *incred, - krb5_creds **outcred) -{ - krb5_creds *c; - - c = malloc (sizeof (*c)); - if (c == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - memset (c, 0, sizeof(*c)); - *outcred = c; - return krb5_copy_creds_contents (context, incred, c); -} - -/** - * Free krb5_creds. - * - * @param context Kerberos 5 context. - * @param c krb5_creds to free. - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned, see krb5_get_error_message(). - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_free_creds (krb5_context context, krb5_creds *c) -{ - krb5_free_cred_contents (context, c); - free (c); - return 0; -} - -/* XXX this do not belong here */ -static krb5_boolean -krb5_times_equal(const krb5_times *a, const krb5_times *b) -{ - return a->starttime == b->starttime && - a->authtime == b->authtime && - a->endtime == b->endtime && - a->renew_till == b->renew_till; -} - -/** - * Return TRUE if `mcreds' and `creds' are equal (`whichfields' - * determines what equal means). - * - * @param context Kerberos 5 context. - * @param whichfields which fields to compare. - * @param mcreds cred to compare with. - * @param creds cred to compare with. - * - * @return return TRUE if mcred and creds are equal, FALSE if not. - * - * @ingroup krb5 - */ - -krb5_boolean KRB5_LIB_FUNCTION -krb5_compare_creds(krb5_context context, krb5_flags whichfields, - const krb5_creds * mcreds, const krb5_creds * creds) -{ - krb5_boolean match = TRUE; - - if (match && mcreds->server) { - if (whichfields & (KRB5_TC_DONT_MATCH_REALM | KRB5_TC_MATCH_SRV_NAMEONLY)) - match = krb5_principal_compare_any_realm (context, mcreds->server, - creds->server); - else - match = krb5_principal_compare (context, mcreds->server, - creds->server); - } - - if (match && mcreds->client) { - if(whichfields & KRB5_TC_DONT_MATCH_REALM) - match = krb5_principal_compare_any_realm (context, mcreds->client, - creds->client); - else - match = krb5_principal_compare (context, mcreds->client, - creds->client); - } - - if (match && (whichfields & KRB5_TC_MATCH_KEYTYPE)) - match = krb5_enctypes_compatible_keys(context, - mcreds->session.keytype, - creds->session.keytype); - - if (match && (whichfields & KRB5_TC_MATCH_FLAGS_EXACT)) - match = mcreds->flags.i == creds->flags.i; - - if (match && (whichfields & KRB5_TC_MATCH_FLAGS)) - match = (creds->flags.i & mcreds->flags.i) == mcreds->flags.i; - - if (match && (whichfields & KRB5_TC_MATCH_TIMES_EXACT)) - match = krb5_times_equal(&mcreds->times, &creds->times); - - if (match && (whichfields & KRB5_TC_MATCH_TIMES)) - /* compare only expiration times */ - match = (mcreds->times.renew_till <= creds->times.renew_till) && - (mcreds->times.endtime <= creds->times.endtime); - - if (match && (whichfields & KRB5_TC_MATCH_AUTHDATA)) { - unsigned int i; - if(mcreds->authdata.len != creds->authdata.len) - match = FALSE; - else - for(i = 0; match && i < mcreds->authdata.len; i++) - match = (mcreds->authdata.val[i].ad_type == - creds->authdata.val[i].ad_type) && - (krb5_data_cmp(&mcreds->authdata.val[i].ad_data, - &creds->authdata.val[i].ad_data) == 0); - } - if (match && (whichfields & KRB5_TC_MATCH_2ND_TKT)) - match = (krb5_data_cmp(&mcreds->second_ticket, &creds->second_ticket) == 0); - - if (match && (whichfields & KRB5_TC_MATCH_IS_SKEY)) - match = ((mcreds->second_ticket.length == 0) == - (creds->second_ticket.length == 0)); - - return match; -} diff --git a/crypto/heimdal/lib/krb5/crypto.c b/crypto/heimdal/lib/krb5/crypto.c deleted file mode 100644 index 2e6349094683..000000000000 --- a/crypto/heimdal/lib/krb5/crypto.c +++ /dev/null @@ -1,4192 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -RCSID("$Id: crypto.c 22200 2007-12-07 13:48:01Z lha $"); - -#undef CRYPTO_DEBUG -#ifdef CRYPTO_DEBUG -static void krb5_crypto_debug(krb5_context, int, size_t, krb5_keyblock*); -#endif - - -struct key_data { - krb5_keyblock *key; - krb5_data *schedule; -}; - -struct key_usage { - unsigned usage; - struct key_data key; -}; - -struct krb5_crypto_data { - struct encryption_type *et; - struct key_data key; - int num_key_usage; - struct key_usage *key_usage; -}; - -#define CRYPTO_ETYPE(C) ((C)->et->type) - -/* bits for `flags' below */ -#define F_KEYED 1 /* checksum is keyed */ -#define F_CPROOF 2 /* checksum is collision proof */ -#define F_DERIVED 4 /* uses derived keys */ -#define F_VARIANT 8 /* uses `variant' keys (6.4.3) */ -#define F_PSEUDO 16 /* not a real protocol type */ -#define F_SPECIAL 32 /* backwards */ -#define F_DISABLED 64 /* enctype/checksum disabled */ - -struct salt_type { - krb5_salttype type; - const char *name; - krb5_error_code (*string_to_key)(krb5_context, krb5_enctype, krb5_data, - krb5_salt, krb5_data, krb5_keyblock*); -}; - -struct key_type { - krb5_keytype type; /* XXX */ - const char *name; - size_t bits; - size_t size; - size_t schedule_size; -#if 0 - krb5_enctype best_etype; -#endif - void (*random_key)(krb5_context, krb5_keyblock*); - void (*schedule)(krb5_context, struct key_data *); - struct salt_type *string_to_key; - void (*random_to_key)(krb5_context, krb5_keyblock*, const void*, size_t); -}; - -struct checksum_type { - krb5_cksumtype type; - const char *name; - size_t blocksize; - size_t checksumsize; - unsigned flags; - void (*checksum)(krb5_context context, - struct key_data *key, - const void *buf, size_t len, - unsigned usage, - Checksum *csum); - krb5_error_code (*verify)(krb5_context context, - struct key_data *key, - const void *buf, size_t len, - unsigned usage, - Checksum *csum); -}; - -struct encryption_type { - krb5_enctype type; - const char *name; - heim_oid *oid; - size_t blocksize; - size_t padsize; - size_t confoundersize; - struct key_type *keytype; - struct checksum_type *checksum; - struct checksum_type *keyed_checksum; - unsigned flags; - krb5_error_code (*encrypt)(krb5_context context, - struct key_data *key, - void *data, size_t len, - krb5_boolean encryptp, - int usage, - void *ivec); - size_t prf_length; - krb5_error_code (*prf)(krb5_context, - krb5_crypto, const krb5_data *, krb5_data *); -}; - -#define ENCRYPTION_USAGE(U) (((U) << 8) | 0xAA) -#define INTEGRITY_USAGE(U) (((U) << 8) | 0x55) -#define CHECKSUM_USAGE(U) (((U) << 8) | 0x99) - -static struct checksum_type *_find_checksum(krb5_cksumtype type); -static struct encryption_type *_find_enctype(krb5_enctype type); -static struct key_type *_find_keytype(krb5_keytype type); -static krb5_error_code _get_derived_key(krb5_context, krb5_crypto, - unsigned, struct key_data**); -static struct key_data *_new_derived_key(krb5_crypto crypto, unsigned usage); -static krb5_error_code derive_key(krb5_context context, - struct encryption_type *et, - struct key_data *key, - const void *constant, - size_t len); -static krb5_error_code hmac(krb5_context context, - struct checksum_type *cm, - const void *data, - size_t len, - unsigned usage, - struct key_data *keyblock, - Checksum *result); -static void free_key_data(krb5_context context, struct key_data *key); -static krb5_error_code usage2arcfour (krb5_context, unsigned *); -static void xor (DES_cblock *, const unsigned char *); - -/************************************************************ - * * - ************************************************************/ - -static HEIMDAL_MUTEX crypto_mutex = HEIMDAL_MUTEX_INITIALIZER; - - -static void -krb5_DES_random_key(krb5_context context, - krb5_keyblock *key) -{ - DES_cblock *k = key->keyvalue.data; - do { - krb5_generate_random_block(k, sizeof(DES_cblock)); - DES_set_odd_parity(k); - } while(DES_is_weak_key(k)); -} - -static void -krb5_DES_schedule(krb5_context context, - struct key_data *key) -{ - DES_set_key(key->key->keyvalue.data, key->schedule->data); -} - -#ifdef ENABLE_AFS_STRING_TO_KEY - -/* This defines the Andrew string_to_key function. It accepts a password - * string as input and converts it via a one-way encryption algorithm to a DES - * encryption key. It is compatible with the original Andrew authentication - * service password database. - */ - -/* - * Short passwords, i.e 8 characters or less. - */ -static void -krb5_DES_AFS3_CMU_string_to_key (krb5_data pw, - krb5_data cell, - DES_cblock *key) -{ - char password[8+1]; /* crypt is limited to 8 chars anyway */ - int i; - - for(i = 0; i < 8; i++) { - char c = ((i < pw.length) ? ((char*)pw.data)[i] : 0) ^ - ((i < cell.length) ? - tolower(((unsigned char*)cell.data)[i]) : 0); - password[i] = c ? c : 'X'; - } - password[8] = '\0'; - - memcpy(key, crypt(password, "p1") + 2, sizeof(DES_cblock)); - - /* parity is inserted into the LSB so left shift each byte up one - bit. This allows ascii characters with a zero MSB to retain as - much significance as possible. */ - for (i = 0; i < sizeof(DES_cblock); i++) - ((unsigned char*)key)[i] <<= 1; - DES_set_odd_parity (key); -} - -/* - * Long passwords, i.e 9 characters or more. - */ -static void -krb5_DES_AFS3_Transarc_string_to_key (krb5_data pw, - krb5_data cell, - DES_cblock *key) -{ - DES_key_schedule schedule; - DES_cblock temp_key; - DES_cblock ivec; - char password[512]; - size_t passlen; - - memcpy(password, pw.data, min(pw.length, sizeof(password))); - if(pw.length < sizeof(password)) { - int len = min(cell.length, sizeof(password) - pw.length); - int i; - - memcpy(password + pw.length, cell.data, len); - for (i = pw.length; i < pw.length + len; ++i) - password[i] = tolower((unsigned char)password[i]); - } - passlen = min(sizeof(password), pw.length + cell.length); - memcpy(&ivec, "kerberos", 8); - memcpy(&temp_key, "kerberos", 8); - DES_set_odd_parity (&temp_key); - DES_set_key (&temp_key, &schedule); - DES_cbc_cksum ((void*)password, &ivec, passlen, &schedule, &ivec); - - memcpy(&temp_key, &ivec, 8); - DES_set_odd_parity (&temp_key); - DES_set_key (&temp_key, &schedule); - DES_cbc_cksum ((void*)password, key, passlen, &schedule, &ivec); - memset(&schedule, 0, sizeof(schedule)); - memset(&temp_key, 0, sizeof(temp_key)); - memset(&ivec, 0, sizeof(ivec)); - memset(password, 0, sizeof(password)); - - DES_set_odd_parity (key); -} - -static krb5_error_code -DES_AFS3_string_to_key(krb5_context context, - krb5_enctype enctype, - krb5_data password, - krb5_salt salt, - krb5_data opaque, - krb5_keyblock *key) -{ - DES_cblock tmp; - if(password.length > 8) - krb5_DES_AFS3_Transarc_string_to_key(password, salt.saltvalue, &tmp); - else - krb5_DES_AFS3_CMU_string_to_key(password, salt.saltvalue, &tmp); - key->keytype = enctype; - krb5_data_copy(&key->keyvalue, tmp, sizeof(tmp)); - memset(&key, 0, sizeof(key)); - return 0; -} -#endif /* ENABLE_AFS_STRING_TO_KEY */ - -static void -DES_string_to_key_int(unsigned char *data, size_t length, DES_cblock *key) -{ - DES_key_schedule schedule; - int i; - int reverse = 0; - unsigned char *p; - - unsigned char swap[] = { 0x0, 0x8, 0x4, 0xc, 0x2, 0xa, 0x6, 0xe, - 0x1, 0x9, 0x5, 0xd, 0x3, 0xb, 0x7, 0xf }; - memset(key, 0, 8); - - p = (unsigned char*)key; - for (i = 0; i < length; i++) { - unsigned char tmp = data[i]; - if (!reverse) - *p++ ^= (tmp << 1); - else - *--p ^= (swap[tmp & 0xf] << 4) | swap[(tmp & 0xf0) >> 4]; - if((i % 8) == 7) - reverse = !reverse; - } - DES_set_odd_parity(key); - if(DES_is_weak_key(key)) - (*key)[7] ^= 0xF0; - DES_set_key(key, &schedule); - DES_cbc_cksum((void*)data, key, length, &schedule, key); - memset(&schedule, 0, sizeof(schedule)); - DES_set_odd_parity(key); - if(DES_is_weak_key(key)) - (*key)[7] ^= 0xF0; -} - -static krb5_error_code -krb5_DES_string_to_key(krb5_context context, - krb5_enctype enctype, - krb5_data password, - krb5_salt salt, - krb5_data opaque, - krb5_keyblock *key) -{ - unsigned char *s; - size_t len; - DES_cblock tmp; - -#ifdef ENABLE_AFS_STRING_TO_KEY - if (opaque.length == 1) { - unsigned long v; - _krb5_get_int(opaque.data, &v, 1); - if (v == 1) - return DES_AFS3_string_to_key(context, enctype, password, - salt, opaque, key); - } -#endif - - len = password.length + salt.saltvalue.length; - s = malloc(len); - if(len > 0 && s == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - memcpy(s, password.data, password.length); - memcpy(s + password.length, salt.saltvalue.data, salt.saltvalue.length); - DES_string_to_key_int(s, len, &tmp); - key->keytype = enctype; - krb5_data_copy(&key->keyvalue, tmp, sizeof(tmp)); - memset(&tmp, 0, sizeof(tmp)); - memset(s, 0, len); - free(s); - return 0; -} - -static void -krb5_DES_random_to_key(krb5_context context, - krb5_keyblock *key, - const void *data, - size_t size) -{ - DES_cblock *k = key->keyvalue.data; - memcpy(k, data, key->keyvalue.length); - DES_set_odd_parity(k); - if(DES_is_weak_key(k)) - xor(k, (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); -} - -/* - * - */ - -static void -DES3_random_key(krb5_context context, - krb5_keyblock *key) -{ - DES_cblock *k = key->keyvalue.data; - do { - krb5_generate_random_block(k, 3 * sizeof(DES_cblock)); - DES_set_odd_parity(&k[0]); - DES_set_odd_parity(&k[1]); - DES_set_odd_parity(&k[2]); - } while(DES_is_weak_key(&k[0]) || - DES_is_weak_key(&k[1]) || - DES_is_weak_key(&k[2])); -} - -static void -DES3_schedule(krb5_context context, - struct key_data *key) -{ - DES_cblock *k = key->key->keyvalue.data; - DES_key_schedule *s = key->schedule->data; - DES_set_key(&k[0], &s[0]); - DES_set_key(&k[1], &s[1]); - DES_set_key(&k[2], &s[2]); -} - -/* - * A = A xor B. A & B are 8 bytes. - */ - -static void -xor (DES_cblock *key, const unsigned char *b) -{ - unsigned char *a = (unsigned char*)key; - a[0] ^= b[0]; - a[1] ^= b[1]; - a[2] ^= b[2]; - a[3] ^= b[3]; - a[4] ^= b[4]; - a[5] ^= b[5]; - a[6] ^= b[6]; - a[7] ^= b[7]; -} - -static krb5_error_code -DES3_string_to_key(krb5_context context, - krb5_enctype enctype, - krb5_data password, - krb5_salt salt, - krb5_data opaque, - krb5_keyblock *key) -{ - char *str; - size_t len; - unsigned char tmp[24]; - DES_cblock keys[3]; - krb5_error_code ret; - - len = password.length + salt.saltvalue.length; - str = malloc(len); - if(len != 0 && str == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - memcpy(str, password.data, password.length); - memcpy(str + password.length, salt.saltvalue.data, salt.saltvalue.length); - { - DES_cblock ivec; - DES_key_schedule s[3]; - int i; - - ret = _krb5_n_fold(str, len, tmp, 24); - if (ret) { - memset(str, 0, len); - free(str); - krb5_set_error_string(context, "out of memory"); - return ret; - } - - for(i = 0; i < 3; i++){ - memcpy(keys + i, tmp + i * 8, sizeof(keys[i])); - DES_set_odd_parity(keys + i); - if(DES_is_weak_key(keys + i)) - xor(keys + i, (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); - DES_set_key(keys + i, &s[i]); - } - memset(&ivec, 0, sizeof(ivec)); - DES_ede3_cbc_encrypt(tmp, - tmp, sizeof(tmp), - &s[0], &s[1], &s[2], &ivec, DES_ENCRYPT); - memset(s, 0, sizeof(s)); - memset(&ivec, 0, sizeof(ivec)); - for(i = 0; i < 3; i++){ - memcpy(keys + i, tmp + i * 8, sizeof(keys[i])); - DES_set_odd_parity(keys + i); - if(DES_is_weak_key(keys + i)) - xor(keys + i, (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); - } - memset(tmp, 0, sizeof(tmp)); - } - key->keytype = enctype; - krb5_data_copy(&key->keyvalue, keys, sizeof(keys)); - memset(keys, 0, sizeof(keys)); - memset(str, 0, len); - free(str); - return 0; -} - -static krb5_error_code -DES3_string_to_key_derived(krb5_context context, - krb5_enctype enctype, - krb5_data password, - krb5_salt salt, - krb5_data opaque, - krb5_keyblock *key) -{ - krb5_error_code ret; - size_t len = password.length + salt.saltvalue.length; - char *s; - - s = malloc(len); - if(len != 0 && s == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - memcpy(s, password.data, password.length); - memcpy(s + password.length, salt.saltvalue.data, salt.saltvalue.length); - ret = krb5_string_to_key_derived(context, - s, - len, - enctype, - key); - memset(s, 0, len); - free(s); - return ret; -} - -static void -DES3_random_to_key(krb5_context context, - krb5_keyblock *key, - const void *data, - size_t size) -{ - unsigned char *x = key->keyvalue.data; - const u_char *q = data; - DES_cblock *k; - int i, j; - - memset(x, 0, sizeof(x)); - for (i = 0; i < 3; ++i) { - unsigned char foo; - for (j = 0; j < 7; ++j) { - unsigned char b = q[7 * i + j]; - - x[8 * i + j] = b; - } - foo = 0; - for (j = 6; j >= 0; --j) { - foo |= q[7 * i + j] & 1; - foo <<= 1; - } - x[8 * i + 7] = foo; - } - k = key->keyvalue.data; - for (i = 0; i < 3; i++) { - DES_set_odd_parity(&k[i]); - if(DES_is_weak_key(&k[i])) - xor(&k[i], (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); - } -} - -/* - * ARCFOUR - */ - -static void -ARCFOUR_schedule(krb5_context context, - struct key_data *kd) -{ - RC4_set_key (kd->schedule->data, - kd->key->keyvalue.length, kd->key->keyvalue.data); -} - -static krb5_error_code -ARCFOUR_string_to_key(krb5_context context, - krb5_enctype enctype, - krb5_data password, - krb5_salt salt, - krb5_data opaque, - krb5_keyblock *key) -{ - char *s, *p; - size_t len; - int i; - MD4_CTX m; - krb5_error_code ret; - - len = 2 * password.length; - s = malloc (len); - if (len != 0 && s == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - for (p = s, i = 0; i < password.length; ++i) { - *p++ = ((char *)password.data)[i]; - *p++ = 0; - } - MD4_Init (&m); - MD4_Update (&m, s, len); - key->keytype = enctype; - ret = krb5_data_alloc (&key->keyvalue, 16); - if (ret) { - krb5_set_error_string(context, "malloc: out of memory"); - goto out; - } - MD4_Final (key->keyvalue.data, &m); - memset (s, 0, len); - ret = 0; -out: - free (s); - return ret; -} - -/* - * AES - */ - -int _krb5_AES_string_to_default_iterator = 4096; - -static krb5_error_code -AES_string_to_key(krb5_context context, - krb5_enctype enctype, - krb5_data password, - krb5_salt salt, - krb5_data opaque, - krb5_keyblock *key) -{ - krb5_error_code ret; - uint32_t iter; - struct encryption_type *et; - struct key_data kd; - - if (opaque.length == 0) - iter = _krb5_AES_string_to_default_iterator; - else if (opaque.length == 4) { - unsigned long v; - _krb5_get_int(opaque.data, &v, 4); - iter = ((uint32_t)v); - } else - return KRB5_PROG_KEYTYPE_NOSUPP; /* XXX */ - - et = _find_enctype(enctype); - if (et == NULL) - return KRB5_PROG_KEYTYPE_NOSUPP; - - kd.schedule = NULL; - ALLOC(kd.key, 1); - if(kd.key == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - kd.key->keytype = enctype; - ret = krb5_data_alloc(&kd.key->keyvalue, et->keytype->size); - if (ret) { - krb5_set_error_string(context, "Failed to allocate pkcs5 key"); - return ret; - } - - ret = PKCS5_PBKDF2_HMAC_SHA1(password.data, password.length, - salt.saltvalue.data, salt.saltvalue.length, - iter, - et->keytype->size, kd.key->keyvalue.data); - if (ret != 1) { - free_key_data(context, &kd); - krb5_set_error_string(context, "Error calculating s2k"); - return KRB5_PROG_KEYTYPE_NOSUPP; - } - - ret = derive_key(context, et, &kd, "kerberos", strlen("kerberos")); - if (ret == 0) - ret = krb5_copy_keyblock_contents(context, kd.key, key); - free_key_data(context, &kd); - - return ret; -} - -struct krb5_aes_schedule { - AES_KEY ekey; - AES_KEY dkey; -}; - -static void -AES_schedule(krb5_context context, - struct key_data *kd) -{ - struct krb5_aes_schedule *key = kd->schedule->data; - int bits = kd->key->keyvalue.length * 8; - - memset(key, 0, sizeof(*key)); - AES_set_encrypt_key(kd->key->keyvalue.data, bits, &key->ekey); - AES_set_decrypt_key(kd->key->keyvalue.data, bits, &key->dkey); -} - -/* - * - */ - -static struct salt_type des_salt[] = { - { - KRB5_PW_SALT, - "pw-salt", - krb5_DES_string_to_key - }, -#ifdef ENABLE_AFS_STRING_TO_KEY - { - KRB5_AFS3_SALT, - "afs3-salt", - DES_AFS3_string_to_key - }, -#endif - { 0 } -}; - -static struct salt_type des3_salt[] = { - { - KRB5_PW_SALT, - "pw-salt", - DES3_string_to_key - }, - { 0 } -}; - -static struct salt_type des3_salt_derived[] = { - { - KRB5_PW_SALT, - "pw-salt", - DES3_string_to_key_derived - }, - { 0 } -}; - -static struct salt_type AES_salt[] = { - { - KRB5_PW_SALT, - "pw-salt", - AES_string_to_key - }, - { 0 } -}; - -static struct salt_type arcfour_salt[] = { - { - KRB5_PW_SALT, - "pw-salt", - ARCFOUR_string_to_key - }, - { 0 } -}; - -/* - * - */ - -static struct key_type keytype_null = { - KEYTYPE_NULL, - "null", - 0, - 0, - 0, - NULL, - NULL, - NULL -}; - -static struct key_type keytype_des = { - KEYTYPE_DES, - "des", - 56, - sizeof(DES_cblock), - sizeof(DES_key_schedule), - krb5_DES_random_key, - krb5_DES_schedule, - des_salt, - krb5_DES_random_to_key -}; - -static struct key_type keytype_des3 = { - KEYTYPE_DES3, - "des3", - 168, - 3 * sizeof(DES_cblock), - 3 * sizeof(DES_key_schedule), - DES3_random_key, - DES3_schedule, - des3_salt, - DES3_random_to_key -}; - -static struct key_type keytype_des3_derived = { - KEYTYPE_DES3, - "des3", - 168, - 3 * sizeof(DES_cblock), - 3 * sizeof(DES_key_schedule), - DES3_random_key, - DES3_schedule, - des3_salt_derived, - DES3_random_to_key -}; - -static struct key_type keytype_aes128 = { - KEYTYPE_AES128, - "aes-128", - 128, - 16, - sizeof(struct krb5_aes_schedule), - NULL, - AES_schedule, - AES_salt -}; - -static struct key_type keytype_aes256 = { - KEYTYPE_AES256, - "aes-256", - 256, - 32, - sizeof(struct krb5_aes_schedule), - NULL, - AES_schedule, - AES_salt -}; - -static struct key_type keytype_arcfour = { - KEYTYPE_ARCFOUR, - "arcfour", - 128, - 16, - sizeof(RC4_KEY), - NULL, - ARCFOUR_schedule, - arcfour_salt -}; - -static struct key_type *keytypes[] = { - &keytype_null, - &keytype_des, - &keytype_des3_derived, - &keytype_des3, - &keytype_aes128, - &keytype_aes256, - &keytype_arcfour -}; - -static int num_keytypes = sizeof(keytypes) / sizeof(keytypes[0]); - -static struct key_type * -_find_keytype(krb5_keytype type) -{ - int i; - for(i = 0; i < num_keytypes; i++) - if(keytypes[i]->type == type) - return keytypes[i]; - return NULL; -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_salttype_to_string (krb5_context context, - krb5_enctype etype, - krb5_salttype stype, - char **string) -{ - struct encryption_type *e; - struct salt_type *st; - - e = _find_enctype (etype); - if (e == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - etype); - return KRB5_PROG_ETYPE_NOSUPP; - } - for (st = e->keytype->string_to_key; st && st->type; st++) { - if (st->type == stype) { - *string = strdup (st->name); - if (*string == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - return 0; - } - } - krb5_set_error_string(context, "salttype %d not supported", stype); - return HEIM_ERR_SALTTYPE_NOSUPP; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_salttype (krb5_context context, - krb5_enctype etype, - const char *string, - krb5_salttype *salttype) -{ - struct encryption_type *e; - struct salt_type *st; - - e = _find_enctype (etype); - if (e == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - etype); - return KRB5_PROG_ETYPE_NOSUPP; - } - for (st = e->keytype->string_to_key; st && st->type; st++) { - if (strcasecmp (st->name, string) == 0) { - *salttype = st->type; - return 0; - } - } - krb5_set_error_string(context, "salttype %s not supported", string); - return HEIM_ERR_SALTTYPE_NOSUPP; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_pw_salt(krb5_context context, - krb5_const_principal principal, - krb5_salt *salt) -{ - size_t len; - int i; - krb5_error_code ret; - char *p; - - salt->salttype = KRB5_PW_SALT; - len = strlen(principal->realm); - for (i = 0; i < principal->name.name_string.len; ++i) - len += strlen(principal->name.name_string.val[i]); - ret = krb5_data_alloc (&salt->saltvalue, len); - if (ret) - return ret; - p = salt->saltvalue.data; - memcpy (p, principal->realm, strlen(principal->realm)); - p += strlen(principal->realm); - for (i = 0; i < principal->name.name_string.len; ++i) { - memcpy (p, - principal->name.name_string.val[i], - strlen(principal->name.name_string.val[i])); - p += strlen(principal->name.name_string.val[i]); - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_free_salt(krb5_context context, - krb5_salt salt) -{ - krb5_data_free(&salt.saltvalue); - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key_data (krb5_context context, - krb5_enctype enctype, - krb5_data password, - krb5_principal principal, - krb5_keyblock *key) -{ - krb5_error_code ret; - krb5_salt salt; - - ret = krb5_get_pw_salt(context, principal, &salt); - if(ret) - return ret; - ret = krb5_string_to_key_data_salt(context, enctype, password, salt, key); - krb5_free_salt(context, salt); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key (krb5_context context, - krb5_enctype enctype, - const char *password, - krb5_principal principal, - krb5_keyblock *key) -{ - krb5_data pw; - pw.data = rk_UNCONST(password); - pw.length = strlen(password); - return krb5_string_to_key_data(context, enctype, pw, principal, key); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key_data_salt (krb5_context context, - krb5_enctype enctype, - krb5_data password, - krb5_salt salt, - krb5_keyblock *key) -{ - krb5_data opaque; - krb5_data_zero(&opaque); - return krb5_string_to_key_data_salt_opaque(context, enctype, password, - salt, opaque, key); -} - -/* - * Do a string -> key for encryption type `enctype' operation on - * `password' (with salt `salt' and the enctype specific data string - * `opaque'), returning the resulting key in `key' - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key_data_salt_opaque (krb5_context context, - krb5_enctype enctype, - krb5_data password, - krb5_salt salt, - krb5_data opaque, - krb5_keyblock *key) -{ - struct encryption_type *et =_find_enctype(enctype); - struct salt_type *st; - if(et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - enctype); - return KRB5_PROG_ETYPE_NOSUPP; - } - for(st = et->keytype->string_to_key; st && st->type; st++) - if(st->type == salt.salttype) - return (*st->string_to_key)(context, enctype, password, - salt, opaque, key); - krb5_set_error_string(context, "salt type %d not supported", - salt.salttype); - return HEIM_ERR_SALTTYPE_NOSUPP; -} - -/* - * Do a string -> key for encryption type `enctype' operation on the - * string `password' (with salt `salt'), returning the resulting key - * in `key' - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key_salt (krb5_context context, - krb5_enctype enctype, - const char *password, - krb5_salt salt, - krb5_keyblock *key) -{ - krb5_data pw; - pw.data = rk_UNCONST(password); - pw.length = strlen(password); - return krb5_string_to_key_data_salt(context, enctype, pw, salt, key); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key_salt_opaque (krb5_context context, - krb5_enctype enctype, - const char *password, - krb5_salt salt, - krb5_data opaque, - krb5_keyblock *key) -{ - krb5_data pw; - pw.data = rk_UNCONST(password); - pw.length = strlen(password); - return krb5_string_to_key_data_salt_opaque(context, enctype, - pw, salt, opaque, key); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_keytype_to_string(krb5_context context, - krb5_keytype keytype, - char **string) -{ - struct key_type *kt = _find_keytype(keytype); - if(kt == NULL) { - krb5_set_error_string(context, "key type %d not supported", keytype); - return KRB5_PROG_KEYTYPE_NOSUPP; - } - *string = strdup(kt->name); - if(*string == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_keytype(krb5_context context, - const char *string, - krb5_keytype *keytype) -{ - int i; - for(i = 0; i < num_keytypes; i++) - if(strcasecmp(keytypes[i]->name, string) == 0){ - *keytype = keytypes[i]->type; - return 0; - } - krb5_set_error_string(context, "key type %s not supported", string); - return KRB5_PROG_KEYTYPE_NOSUPP; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_enctype_keysize(krb5_context context, - krb5_enctype type, - size_t *keysize) -{ - struct encryption_type *et = _find_enctype(type); - if(et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - type); - return KRB5_PROG_ETYPE_NOSUPP; - } - *keysize = et->keytype->size; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_enctype_keybits(krb5_context context, - krb5_enctype type, - size_t *keybits) -{ - struct encryption_type *et = _find_enctype(type); - if(et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - type); - return KRB5_PROG_ETYPE_NOSUPP; - } - *keybits = et->keytype->bits; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_generate_random_keyblock(krb5_context context, - krb5_enctype type, - krb5_keyblock *key) -{ - krb5_error_code ret; - struct encryption_type *et = _find_enctype(type); - if(et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - type); - return KRB5_PROG_ETYPE_NOSUPP; - } - ret = krb5_data_alloc(&key->keyvalue, et->keytype->size); - if(ret) - return ret; - key->keytype = type; - if(et->keytype->random_key) - (*et->keytype->random_key)(context, key); - else - krb5_generate_random_block(key->keyvalue.data, - key->keyvalue.length); - return 0; -} - -static krb5_error_code -_key_schedule(krb5_context context, - struct key_data *key) -{ - krb5_error_code ret; - struct encryption_type *et = _find_enctype(key->key->keytype); - struct key_type *kt = et->keytype; - - if(kt->schedule == NULL) - return 0; - if (key->schedule != NULL) - return 0; - ALLOC(key->schedule, 1); - if(key->schedule == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - ret = krb5_data_alloc(key->schedule, kt->schedule_size); - if(ret) { - free(key->schedule); - key->schedule = NULL; - return ret; - } - (*kt->schedule)(context, key); - return 0; -} - -/************************************************************ - * * - ************************************************************/ - -static void -NONE_checksum(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *C) -{ -} - -static void -CRC32_checksum(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *C) -{ - uint32_t crc; - unsigned char *r = C->checksum.data; - _krb5_crc_init_table (); - crc = _krb5_crc_update (data, len, 0); - r[0] = crc & 0xff; - r[1] = (crc >> 8) & 0xff; - r[2] = (crc >> 16) & 0xff; - r[3] = (crc >> 24) & 0xff; -} - -static void -RSA_MD4_checksum(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *C) -{ - MD4_CTX m; - - MD4_Init (&m); - MD4_Update (&m, data, len); - MD4_Final (C->checksum.data, &m); -} - -static void -RSA_MD4_DES_checksum(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *cksum) -{ - MD4_CTX md4; - DES_cblock ivec; - unsigned char *p = cksum->checksum.data; - - krb5_generate_random_block(p, 8); - MD4_Init (&md4); - MD4_Update (&md4, p, 8); - MD4_Update (&md4, data, len); - MD4_Final (p + 8, &md4); - memset (&ivec, 0, sizeof(ivec)); - DES_cbc_encrypt(p, - p, - 24, - key->schedule->data, - &ivec, - DES_ENCRYPT); -} - -static krb5_error_code -RSA_MD4_DES_verify(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *C) -{ - MD4_CTX md4; - unsigned char tmp[24]; - unsigned char res[16]; - DES_cblock ivec; - krb5_error_code ret = 0; - - memset(&ivec, 0, sizeof(ivec)); - DES_cbc_encrypt(C->checksum.data, - (void*)tmp, - C->checksum.length, - key->schedule->data, - &ivec, - DES_DECRYPT); - MD4_Init (&md4); - MD4_Update (&md4, tmp, 8); /* confounder */ - MD4_Update (&md4, data, len); - MD4_Final (res, &md4); - if(memcmp(res, tmp + 8, sizeof(res)) != 0) { - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - } - memset(tmp, 0, sizeof(tmp)); - memset(res, 0, sizeof(res)); - return ret; -} - -static void -RSA_MD5_checksum(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *C) -{ - MD5_CTX m; - - MD5_Init (&m); - MD5_Update(&m, data, len); - MD5_Final (C->checksum.data, &m); -} - -static void -RSA_MD5_DES_checksum(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *C) -{ - MD5_CTX md5; - DES_cblock ivec; - unsigned char *p = C->checksum.data; - - krb5_generate_random_block(p, 8); - MD5_Init (&md5); - MD5_Update (&md5, p, 8); - MD5_Update (&md5, data, len); - MD5_Final (p + 8, &md5); - memset (&ivec, 0, sizeof(ivec)); - DES_cbc_encrypt(p, - p, - 24, - key->schedule->data, - &ivec, - DES_ENCRYPT); -} - -static krb5_error_code -RSA_MD5_DES_verify(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *C) -{ - MD5_CTX md5; - unsigned char tmp[24]; - unsigned char res[16]; - DES_cblock ivec; - DES_key_schedule *sched = key->schedule->data; - krb5_error_code ret = 0; - - memset(&ivec, 0, sizeof(ivec)); - DES_cbc_encrypt(C->checksum.data, - (void*)tmp, - C->checksum.length, - &sched[0], - &ivec, - DES_DECRYPT); - MD5_Init (&md5); - MD5_Update (&md5, tmp, 8); /* confounder */ - MD5_Update (&md5, data, len); - MD5_Final (res, &md5); - if(memcmp(res, tmp + 8, sizeof(res)) != 0) { - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - } - memset(tmp, 0, sizeof(tmp)); - memset(res, 0, sizeof(res)); - return ret; -} - -static void -RSA_MD5_DES3_checksum(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *C) -{ - MD5_CTX md5; - DES_cblock ivec; - unsigned char *p = C->checksum.data; - DES_key_schedule *sched = key->schedule->data; - - krb5_generate_random_block(p, 8); - MD5_Init (&md5); - MD5_Update (&md5, p, 8); - MD5_Update (&md5, data, len); - MD5_Final (p + 8, &md5); - memset (&ivec, 0, sizeof(ivec)); - DES_ede3_cbc_encrypt(p, - p, - 24, - &sched[0], &sched[1], &sched[2], - &ivec, - DES_ENCRYPT); -} - -static krb5_error_code -RSA_MD5_DES3_verify(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *C) -{ - MD5_CTX md5; - unsigned char tmp[24]; - unsigned char res[16]; - DES_cblock ivec; - DES_key_schedule *sched = key->schedule->data; - krb5_error_code ret = 0; - - memset(&ivec, 0, sizeof(ivec)); - DES_ede3_cbc_encrypt(C->checksum.data, - (void*)tmp, - C->checksum.length, - &sched[0], &sched[1], &sched[2], - &ivec, - DES_DECRYPT); - MD5_Init (&md5); - MD5_Update (&md5, tmp, 8); /* confounder */ - MD5_Update (&md5, data, len); - MD5_Final (res, &md5); - if(memcmp(res, tmp + 8, sizeof(res)) != 0) { - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - } - memset(tmp, 0, sizeof(tmp)); - memset(res, 0, sizeof(res)); - return ret; -} - -static void -SHA1_checksum(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *C) -{ - SHA_CTX m; - - SHA1_Init(&m); - SHA1_Update(&m, data, len); - SHA1_Final(C->checksum.data, &m); -} - -/* HMAC according to RFC2104 */ -static krb5_error_code -hmac(krb5_context context, - struct checksum_type *cm, - const void *data, - size_t len, - unsigned usage, - struct key_data *keyblock, - Checksum *result) -{ - unsigned char *ipad, *opad; - unsigned char *key; - size_t key_len; - int i; - - ipad = malloc(cm->blocksize + len); - if (ipad == NULL) - return ENOMEM; - opad = malloc(cm->blocksize + cm->checksumsize); - if (opad == NULL) { - free(ipad); - return ENOMEM; - } - memset(ipad, 0x36, cm->blocksize); - memset(opad, 0x5c, cm->blocksize); - - if(keyblock->key->keyvalue.length > cm->blocksize){ - (*cm->checksum)(context, - keyblock, - keyblock->key->keyvalue.data, - keyblock->key->keyvalue.length, - usage, - result); - key = result->checksum.data; - key_len = result->checksum.length; - } else { - key = keyblock->key->keyvalue.data; - key_len = keyblock->key->keyvalue.length; - } - for(i = 0; i < key_len; i++){ - ipad[i] ^= key[i]; - opad[i] ^= key[i]; - } - memcpy(ipad + cm->blocksize, data, len); - (*cm->checksum)(context, keyblock, ipad, cm->blocksize + len, - usage, result); - memcpy(opad + cm->blocksize, result->checksum.data, - result->checksum.length); - (*cm->checksum)(context, keyblock, opad, - cm->blocksize + cm->checksumsize, usage, result); - memset(ipad, 0, cm->blocksize + len); - free(ipad); - memset(opad, 0, cm->blocksize + cm->checksumsize); - free(opad); - - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_hmac(krb5_context context, - krb5_cksumtype cktype, - const void *data, - size_t len, - unsigned usage, - krb5_keyblock *key, - Checksum *result) -{ - struct checksum_type *c = _find_checksum(cktype); - struct key_data kd; - krb5_error_code ret; - - if (c == NULL) { - krb5_set_error_string (context, "checksum type %d not supported", - cktype); - return KRB5_PROG_SUMTYPE_NOSUPP; - } - - kd.key = key; - kd.schedule = NULL; - - ret = hmac(context, c, data, len, usage, &kd, result); - - if (kd.schedule) - krb5_free_data(context, kd.schedule); - - return ret; - } - -static void -SP_HMAC_SHA1_checksum(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *result) -{ - struct checksum_type *c = _find_checksum(CKSUMTYPE_SHA1); - Checksum res; - char sha1_data[20]; - krb5_error_code ret; - - res.checksum.data = sha1_data; - res.checksum.length = sizeof(sha1_data); - - ret = hmac(context, c, data, len, usage, key, &res); - if (ret) - krb5_abortx(context, "hmac failed"); - memcpy(result->checksum.data, res.checksum.data, result->checksum.length); -} - -/* - * checksum according to section 5. of draft-brezak-win2k-krb-rc4-hmac-03.txt - */ - -static void -HMAC_MD5_checksum(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *result) -{ - MD5_CTX md5; - struct checksum_type *c = _find_checksum (CKSUMTYPE_RSA_MD5); - const char signature[] = "signaturekey"; - Checksum ksign_c; - struct key_data ksign; - krb5_keyblock kb; - unsigned char t[4]; - unsigned char tmp[16]; - unsigned char ksign_c_data[16]; - krb5_error_code ret; - - ksign_c.checksum.length = sizeof(ksign_c_data); - ksign_c.checksum.data = ksign_c_data; - ret = hmac(context, c, signature, sizeof(signature), 0, key, &ksign_c); - if (ret) - krb5_abortx(context, "hmac failed"); - ksign.key = &kb; - kb.keyvalue = ksign_c.checksum; - MD5_Init (&md5); - t[0] = (usage >> 0) & 0xFF; - t[1] = (usage >> 8) & 0xFF; - t[2] = (usage >> 16) & 0xFF; - t[3] = (usage >> 24) & 0xFF; - MD5_Update (&md5, t, 4); - MD5_Update (&md5, data, len); - MD5_Final (tmp, &md5); - ret = hmac(context, c, tmp, sizeof(tmp), 0, &ksign, result); - if (ret) - krb5_abortx(context, "hmac failed"); -} - -/* - * same as previous but being used while encrypting. - */ - -static void -HMAC_MD5_checksum_enc(krb5_context context, - struct key_data *key, - const void *data, - size_t len, - unsigned usage, - Checksum *result) -{ - struct checksum_type *c = _find_checksum (CKSUMTYPE_RSA_MD5); - Checksum ksign_c; - struct key_data ksign; - krb5_keyblock kb; - unsigned char t[4]; - unsigned char ksign_c_data[16]; - krb5_error_code ret; - - t[0] = (usage >> 0) & 0xFF; - t[1] = (usage >> 8) & 0xFF; - t[2] = (usage >> 16) & 0xFF; - t[3] = (usage >> 24) & 0xFF; - - ksign_c.checksum.length = sizeof(ksign_c_data); - ksign_c.checksum.data = ksign_c_data; - ret = hmac(context, c, t, sizeof(t), 0, key, &ksign_c); - if (ret) - krb5_abortx(context, "hmac failed"); - ksign.key = &kb; - kb.keyvalue = ksign_c.checksum; - ret = hmac(context, c, data, len, 0, &ksign, result); - if (ret) - krb5_abortx(context, "hmac failed"); -} - -static struct checksum_type checksum_none = { - CKSUMTYPE_NONE, - "none", - 1, - 0, - 0, - NONE_checksum, - NULL -}; -static struct checksum_type checksum_crc32 = { - CKSUMTYPE_CRC32, - "crc32", - 1, - 4, - 0, - CRC32_checksum, - NULL -}; -static struct checksum_type checksum_rsa_md4 = { - CKSUMTYPE_RSA_MD4, - "rsa-md4", - 64, - 16, - F_CPROOF, - RSA_MD4_checksum, - NULL -}; -static struct checksum_type checksum_rsa_md4_des = { - CKSUMTYPE_RSA_MD4_DES, - "rsa-md4-des", - 64, - 24, - F_KEYED | F_CPROOF | F_VARIANT, - RSA_MD4_DES_checksum, - RSA_MD4_DES_verify -}; -#if 0 -static struct checksum_type checksum_des_mac = { - CKSUMTYPE_DES_MAC, - "des-mac", - 0, - 0, - 0, - DES_MAC_checksum -}; -static struct checksum_type checksum_des_mac_k = { - CKSUMTYPE_DES_MAC_K, - "des-mac-k", - 0, - 0, - 0, - DES_MAC_K_checksum -}; -static struct checksum_type checksum_rsa_md4_des_k = { - CKSUMTYPE_RSA_MD4_DES_K, - "rsa-md4-des-k", - 0, - 0, - 0, - RSA_MD4_DES_K_checksum, - RSA_MD4_DES_K_verify -}; -#endif -static struct checksum_type checksum_rsa_md5 = { - CKSUMTYPE_RSA_MD5, - "rsa-md5", - 64, - 16, - F_CPROOF, - RSA_MD5_checksum, - NULL -}; -static struct checksum_type checksum_rsa_md5_des = { - CKSUMTYPE_RSA_MD5_DES, - "rsa-md5-des", - 64, - 24, - F_KEYED | F_CPROOF | F_VARIANT, - RSA_MD5_DES_checksum, - RSA_MD5_DES_verify -}; -static struct checksum_type checksum_rsa_md5_des3 = { - CKSUMTYPE_RSA_MD5_DES3, - "rsa-md5-des3", - 64, - 24, - F_KEYED | F_CPROOF | F_VARIANT, - RSA_MD5_DES3_checksum, - RSA_MD5_DES3_verify -}; -static struct checksum_type checksum_sha1 = { - CKSUMTYPE_SHA1, - "sha1", - 64, - 20, - F_CPROOF, - SHA1_checksum, - NULL -}; -static struct checksum_type checksum_hmac_sha1_des3 = { - CKSUMTYPE_HMAC_SHA1_DES3, - "hmac-sha1-des3", - 64, - 20, - F_KEYED | F_CPROOF | F_DERIVED, - SP_HMAC_SHA1_checksum, - NULL -}; - -static struct checksum_type checksum_hmac_sha1_aes128 = { - CKSUMTYPE_HMAC_SHA1_96_AES_128, - "hmac-sha1-96-aes128", - 64, - 12, - F_KEYED | F_CPROOF | F_DERIVED, - SP_HMAC_SHA1_checksum, - NULL -}; - -static struct checksum_type checksum_hmac_sha1_aes256 = { - CKSUMTYPE_HMAC_SHA1_96_AES_256, - "hmac-sha1-96-aes256", - 64, - 12, - F_KEYED | F_CPROOF | F_DERIVED, - SP_HMAC_SHA1_checksum, - NULL -}; - -static struct checksum_type checksum_hmac_md5 = { - CKSUMTYPE_HMAC_MD5, - "hmac-md5", - 64, - 16, - F_KEYED | F_CPROOF, - HMAC_MD5_checksum, - NULL -}; - -static struct checksum_type checksum_hmac_md5_enc = { - CKSUMTYPE_HMAC_MD5_ENC, - "hmac-md5-enc", - 64, - 16, - F_KEYED | F_CPROOF | F_PSEUDO, - HMAC_MD5_checksum_enc, - NULL -}; - -static struct checksum_type *checksum_types[] = { - &checksum_none, - &checksum_crc32, - &checksum_rsa_md4, - &checksum_rsa_md4_des, -#if 0 - &checksum_des_mac, - &checksum_des_mac_k, - &checksum_rsa_md4_des_k, -#endif - &checksum_rsa_md5, - &checksum_rsa_md5_des, - &checksum_rsa_md5_des3, - &checksum_sha1, - &checksum_hmac_sha1_des3, - &checksum_hmac_sha1_aes128, - &checksum_hmac_sha1_aes256, - &checksum_hmac_md5, - &checksum_hmac_md5_enc -}; - -static int num_checksums = sizeof(checksum_types) / sizeof(checksum_types[0]); - -static struct checksum_type * -_find_checksum(krb5_cksumtype type) -{ - int i; - for(i = 0; i < num_checksums; i++) - if(checksum_types[i]->type == type) - return checksum_types[i]; - return NULL; -} - -static krb5_error_code -get_checksum_key(krb5_context context, - krb5_crypto crypto, - unsigned usage, /* not krb5_key_usage */ - struct checksum_type *ct, - struct key_data **key) -{ - krb5_error_code ret = 0; - - if(ct->flags & F_DERIVED) - ret = _get_derived_key(context, crypto, usage, key); - else if(ct->flags & F_VARIANT) { - int i; - - *key = _new_derived_key(crypto, 0xff/* KRB5_KU_RFC1510_VARIANT */); - if(*key == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - ret = krb5_copy_keyblock(context, crypto->key.key, &(*key)->key); - if(ret) - return ret; - for(i = 0; i < (*key)->key->keyvalue.length; i++) - ((unsigned char*)(*key)->key->keyvalue.data)[i] ^= 0xF0; - } else { - *key = &crypto->key; - } - if(ret == 0) - ret = _key_schedule(context, *key); - return ret; -} - -static krb5_error_code -create_checksum (krb5_context context, - struct checksum_type *ct, - krb5_crypto crypto, - unsigned usage, - void *data, - size_t len, - Checksum *result) -{ - krb5_error_code ret; - struct key_data *dkey; - int keyed_checksum; - - if (ct->flags & F_DISABLED) { - krb5_clear_error_string (context); - return KRB5_PROG_SUMTYPE_NOSUPP; - } - keyed_checksum = (ct->flags & F_KEYED) != 0; - if(keyed_checksum && crypto == NULL) { - krb5_set_error_string (context, "Checksum type %s is keyed " - "but no crypto context (key) was passed in", - ct->name); - return KRB5_PROG_SUMTYPE_NOSUPP; /* XXX */ - } - if(keyed_checksum) { - ret = get_checksum_key(context, crypto, usage, ct, &dkey); - if (ret) - return ret; - } else - dkey = NULL; - result->cksumtype = ct->type; - ret = krb5_data_alloc(&result->checksum, ct->checksumsize); - if (ret) - return (ret); - (*ct->checksum)(context, dkey, data, len, usage, result); - return 0; -} - -static int -arcfour_checksum_p(struct checksum_type *ct, krb5_crypto crypto) -{ - return (ct->type == CKSUMTYPE_HMAC_MD5) && - (crypto->key.key->keytype == KEYTYPE_ARCFOUR); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_create_checksum(krb5_context context, - krb5_crypto crypto, - krb5_key_usage usage, - int type, - void *data, - size_t len, - Checksum *result) -{ - struct checksum_type *ct = NULL; - unsigned keyusage; - - /* type 0 -> pick from crypto */ - if (type) { - ct = _find_checksum(type); - } else if (crypto) { - ct = crypto->et->keyed_checksum; - if (ct == NULL) - ct = crypto->et->checksum; - } - - if(ct == NULL) { - krb5_set_error_string (context, "checksum type %d not supported", - type); - return KRB5_PROG_SUMTYPE_NOSUPP; - } - - if (arcfour_checksum_p(ct, crypto)) { - keyusage = usage; - usage2arcfour(context, &keyusage); - } else - keyusage = CHECKSUM_USAGE(usage); - - return create_checksum(context, ct, crypto, keyusage, - data, len, result); -} - -static krb5_error_code -verify_checksum(krb5_context context, - krb5_crypto crypto, - unsigned usage, /* not krb5_key_usage */ - void *data, - size_t len, - Checksum *cksum) -{ - krb5_error_code ret; - struct key_data *dkey; - int keyed_checksum; - Checksum c; - struct checksum_type *ct; - - ct = _find_checksum(cksum->cksumtype); - if (ct == NULL || (ct->flags & F_DISABLED)) { - krb5_set_error_string (context, "checksum type %d not supported", - cksum->cksumtype); - return KRB5_PROG_SUMTYPE_NOSUPP; - } - if(ct->checksumsize != cksum->checksum.length) { - krb5_clear_error_string (context); - return KRB5KRB_AP_ERR_BAD_INTEGRITY; /* XXX */ - } - keyed_checksum = (ct->flags & F_KEYED) != 0; - if(keyed_checksum && crypto == NULL) { - krb5_set_error_string (context, "Checksum type %s is keyed " - "but no crypto context (key) was passed in", - ct->name); - return KRB5_PROG_SUMTYPE_NOSUPP; /* XXX */ - } - if(keyed_checksum) - ret = get_checksum_key(context, crypto, usage, ct, &dkey); - else - dkey = NULL; - if(ct->verify) - return (*ct->verify)(context, dkey, data, len, usage, cksum); - - ret = krb5_data_alloc (&c.checksum, ct->checksumsize); - if (ret) - return ret; - - (*ct->checksum)(context, dkey, data, len, usage, &c); - - if(c.checksum.length != cksum->checksum.length || - memcmp(c.checksum.data, cksum->checksum.data, c.checksum.length)) { - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; - } else { - ret = 0; - } - krb5_data_free (&c.checksum); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_verify_checksum(krb5_context context, - krb5_crypto crypto, - krb5_key_usage usage, - void *data, - size_t len, - Checksum *cksum) -{ - struct checksum_type *ct; - unsigned keyusage; - - ct = _find_checksum(cksum->cksumtype); - if(ct == NULL) { - krb5_set_error_string (context, "checksum type %d not supported", - cksum->cksumtype); - return KRB5_PROG_SUMTYPE_NOSUPP; - } - - if (arcfour_checksum_p(ct, crypto)) { - keyusage = usage; - usage2arcfour(context, &keyusage); - } else - keyusage = CHECKSUM_USAGE(usage); - - return verify_checksum(context, crypto, keyusage, - data, len, cksum); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_crypto_get_checksum_type(krb5_context context, - krb5_crypto crypto, - krb5_cksumtype *type) -{ - struct checksum_type *ct = NULL; - - if (crypto != NULL) { - ct = crypto->et->keyed_checksum; - if (ct == NULL) - ct = crypto->et->checksum; - } - - if (ct == NULL) { - krb5_set_error_string (context, "checksum type not found"); - return KRB5_PROG_SUMTYPE_NOSUPP; - } - - *type = ct->type; - - return 0; -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_checksumsize(krb5_context context, - krb5_cksumtype type, - size_t *size) -{ - struct checksum_type *ct = _find_checksum(type); - if(ct == NULL) { - krb5_set_error_string (context, "checksum type %d not supported", - type); - return KRB5_PROG_SUMTYPE_NOSUPP; - } - *size = ct->checksumsize; - return 0; -} - -krb5_boolean KRB5_LIB_FUNCTION -krb5_checksum_is_keyed(krb5_context context, - krb5_cksumtype type) -{ - struct checksum_type *ct = _find_checksum(type); - if(ct == NULL) { - if (context) - krb5_set_error_string (context, "checksum type %d not supported", - type); - return KRB5_PROG_SUMTYPE_NOSUPP; - } - return ct->flags & F_KEYED; -} - -krb5_boolean KRB5_LIB_FUNCTION -krb5_checksum_is_collision_proof(krb5_context context, - krb5_cksumtype type) -{ - struct checksum_type *ct = _find_checksum(type); - if(ct == NULL) { - if (context) - krb5_set_error_string (context, "checksum type %d not supported", - type); - return KRB5_PROG_SUMTYPE_NOSUPP; - } - return ct->flags & F_CPROOF; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_checksum_disable(krb5_context context, - krb5_cksumtype type) -{ - struct checksum_type *ct = _find_checksum(type); - if(ct == NULL) { - if (context) - krb5_set_error_string (context, "checksum type %d not supported", - type); - return KRB5_PROG_SUMTYPE_NOSUPP; - } - ct->flags |= F_DISABLED; - return 0; -} - -/************************************************************ - * * - ************************************************************/ - -static krb5_error_code -NULL_encrypt(krb5_context context, - struct key_data *key, - void *data, - size_t len, - krb5_boolean encryptp, - int usage, - void *ivec) -{ - return 0; -} - -static krb5_error_code -DES_CBC_encrypt_null_ivec(krb5_context context, - struct key_data *key, - void *data, - size_t len, - krb5_boolean encryptp, - int usage, - void *ignore_ivec) -{ - DES_cblock ivec; - DES_key_schedule *s = key->schedule->data; - memset(&ivec, 0, sizeof(ivec)); - DES_cbc_encrypt(data, data, len, s, &ivec, encryptp); - return 0; -} - -static krb5_error_code -DES_CBC_encrypt_key_ivec(krb5_context context, - struct key_data *key, - void *data, - size_t len, - krb5_boolean encryptp, - int usage, - void *ignore_ivec) -{ - DES_cblock ivec; - DES_key_schedule *s = key->schedule->data; - memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec)); - DES_cbc_encrypt(data, data, len, s, &ivec, encryptp); - return 0; -} - -static krb5_error_code -DES3_CBC_encrypt(krb5_context context, - struct key_data *key, - void *data, - size_t len, - krb5_boolean encryptp, - int usage, - void *ivec) -{ - DES_cblock local_ivec; - DES_key_schedule *s = key->schedule->data; - if(ivec == NULL) { - ivec = &local_ivec; - memset(local_ivec, 0, sizeof(local_ivec)); - } - DES_ede3_cbc_encrypt(data, data, len, &s[0], &s[1], &s[2], ivec, encryptp); - return 0; -} - -static krb5_error_code -DES_CFB64_encrypt_null_ivec(krb5_context context, - struct key_data *key, - void *data, - size_t len, - krb5_boolean encryptp, - int usage, - void *ignore_ivec) -{ - DES_cblock ivec; - int num = 0; - DES_key_schedule *s = key->schedule->data; - memset(&ivec, 0, sizeof(ivec)); - - DES_cfb64_encrypt(data, data, len, s, &ivec, &num, encryptp); - return 0; -} - -static krb5_error_code -DES_PCBC_encrypt_key_ivec(krb5_context context, - struct key_data *key, - void *data, - size_t len, - krb5_boolean encryptp, - int usage, - void *ignore_ivec) -{ - DES_cblock ivec; - DES_key_schedule *s = key->schedule->data; - memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec)); - - DES_pcbc_encrypt(data, data, len, s, &ivec, encryptp); - return 0; -} - -/* - * AES draft-raeburn-krb-rijndael-krb-02 - */ - -void KRB5_LIB_FUNCTION -_krb5_aes_cts_encrypt(const unsigned char *in, unsigned char *out, - size_t len, const AES_KEY *key, - unsigned char *ivec, const int encryptp) -{ - unsigned char tmp[AES_BLOCK_SIZE]; - int i; - - /* - * In the framework of kerberos, the length can never be shorter - * then at least one blocksize. - */ - - if (encryptp) { - - while(len > AES_BLOCK_SIZE) { - for (i = 0; i < AES_BLOCK_SIZE; i++) - tmp[i] = in[i] ^ ivec[i]; - AES_encrypt(tmp, out, key); - memcpy(ivec, out, AES_BLOCK_SIZE); - len -= AES_BLOCK_SIZE; - in += AES_BLOCK_SIZE; - out += AES_BLOCK_SIZE; - } - - for (i = 0; i < len; i++) - tmp[i] = in[i] ^ ivec[i]; - for (; i < AES_BLOCK_SIZE; i++) - tmp[i] = 0 ^ ivec[i]; - - AES_encrypt(tmp, out - AES_BLOCK_SIZE, key); - - memcpy(out, ivec, len); - memcpy(ivec, out - AES_BLOCK_SIZE, AES_BLOCK_SIZE); - - } else { - unsigned char tmp2[AES_BLOCK_SIZE]; - unsigned char tmp3[AES_BLOCK_SIZE]; - - while(len > AES_BLOCK_SIZE * 2) { - memcpy(tmp, in, AES_BLOCK_SIZE); - AES_decrypt(in, out, key); - for (i = 0; i < AES_BLOCK_SIZE; i++) - out[i] ^= ivec[i]; - memcpy(ivec, tmp, AES_BLOCK_SIZE); - len -= AES_BLOCK_SIZE; - in += AES_BLOCK_SIZE; - out += AES_BLOCK_SIZE; - } - - len -= AES_BLOCK_SIZE; - - memcpy(tmp, in, AES_BLOCK_SIZE); /* save last iv */ - AES_decrypt(in, tmp2, key); - - memcpy(tmp3, in + AES_BLOCK_SIZE, len); - memcpy(tmp3 + len, tmp2 + len, AES_BLOCK_SIZE - len); /* xor 0 */ - - for (i = 0; i < len; i++) - out[i + AES_BLOCK_SIZE] = tmp2[i] ^ tmp3[i]; - - AES_decrypt(tmp3, out, key); - for (i = 0; i < AES_BLOCK_SIZE; i++) - out[i] ^= ivec[i]; - memcpy(ivec, tmp, AES_BLOCK_SIZE); - } -} - -static krb5_error_code -AES_CTS_encrypt(krb5_context context, - struct key_data *key, - void *data, - size_t len, - krb5_boolean encryptp, - int usage, - void *ivec) -{ - struct krb5_aes_schedule *aeskey = key->schedule->data; - char local_ivec[AES_BLOCK_SIZE]; - AES_KEY *k; - - if (encryptp) - k = &aeskey->ekey; - else - k = &aeskey->dkey; - - if (len < AES_BLOCK_SIZE) - krb5_abortx(context, "invalid use of AES_CTS_encrypt"); - if (len == AES_BLOCK_SIZE) { - if (encryptp) - AES_encrypt(data, data, k); - else - AES_decrypt(data, data, k); - } else { - if(ivec == NULL) { - memset(local_ivec, 0, sizeof(local_ivec)); - ivec = local_ivec; - } - _krb5_aes_cts_encrypt(data, data, len, k, ivec, encryptp); - } - - return 0; -} - -/* - * section 6 of draft-brezak-win2k-krb-rc4-hmac-03 - * - * warning: not for small children - */ - -static krb5_error_code -ARCFOUR_subencrypt(krb5_context context, - struct key_data *key, - void *data, - size_t len, - unsigned usage, - void *ivec) -{ - struct checksum_type *c = _find_checksum (CKSUMTYPE_RSA_MD5); - Checksum k1_c, k2_c, k3_c, cksum; - struct key_data ke; - krb5_keyblock kb; - unsigned char t[4]; - RC4_KEY rc4_key; - unsigned char *cdata = data; - unsigned char k1_c_data[16], k2_c_data[16], k3_c_data[16]; - krb5_error_code ret; - - t[0] = (usage >> 0) & 0xFF; - t[1] = (usage >> 8) & 0xFF; - t[2] = (usage >> 16) & 0xFF; - t[3] = (usage >> 24) & 0xFF; - - k1_c.checksum.length = sizeof(k1_c_data); - k1_c.checksum.data = k1_c_data; - - ret = hmac(NULL, c, t, sizeof(t), 0, key, &k1_c); - if (ret) - krb5_abortx(context, "hmac failed"); - - memcpy (k2_c_data, k1_c_data, sizeof(k1_c_data)); - - k2_c.checksum.length = sizeof(k2_c_data); - k2_c.checksum.data = k2_c_data; - - ke.key = &kb; - kb.keyvalue = k2_c.checksum; - - cksum.checksum.length = 16; - cksum.checksum.data = data; - - ret = hmac(NULL, c, cdata + 16, len - 16, 0, &ke, &cksum); - if (ret) - krb5_abortx(context, "hmac failed"); - - ke.key = &kb; - kb.keyvalue = k1_c.checksum; - - k3_c.checksum.length = sizeof(k3_c_data); - k3_c.checksum.data = k3_c_data; - - ret = hmac(NULL, c, data, 16, 0, &ke, &k3_c); - if (ret) - krb5_abortx(context, "hmac failed"); - - RC4_set_key (&rc4_key, k3_c.checksum.length, k3_c.checksum.data); - RC4 (&rc4_key, len - 16, cdata + 16, cdata + 16); - memset (k1_c_data, 0, sizeof(k1_c_data)); - memset (k2_c_data, 0, sizeof(k2_c_data)); - memset (k3_c_data, 0, sizeof(k3_c_data)); - return 0; -} - -static krb5_error_code -ARCFOUR_subdecrypt(krb5_context context, - struct key_data *key, - void *data, - size_t len, - unsigned usage, - void *ivec) -{ - struct checksum_type *c = _find_checksum (CKSUMTYPE_RSA_MD5); - Checksum k1_c, k2_c, k3_c, cksum; - struct key_data ke; - krb5_keyblock kb; - unsigned char t[4]; - RC4_KEY rc4_key; - unsigned char *cdata = data; - unsigned char k1_c_data[16], k2_c_data[16], k3_c_data[16]; - unsigned char cksum_data[16]; - krb5_error_code ret; - - t[0] = (usage >> 0) & 0xFF; - t[1] = (usage >> 8) & 0xFF; - t[2] = (usage >> 16) & 0xFF; - t[3] = (usage >> 24) & 0xFF; - - k1_c.checksum.length = sizeof(k1_c_data); - k1_c.checksum.data = k1_c_data; - - ret = hmac(NULL, c, t, sizeof(t), 0, key, &k1_c); - if (ret) - krb5_abortx(context, "hmac failed"); - - memcpy (k2_c_data, k1_c_data, sizeof(k1_c_data)); - - k2_c.checksum.length = sizeof(k2_c_data); - k2_c.checksum.data = k2_c_data; - - ke.key = &kb; - kb.keyvalue = k1_c.checksum; - - k3_c.checksum.length = sizeof(k3_c_data); - k3_c.checksum.data = k3_c_data; - - ret = hmac(NULL, c, cdata, 16, 0, &ke, &k3_c); - if (ret) - krb5_abortx(context, "hmac failed"); - - RC4_set_key (&rc4_key, k3_c.checksum.length, k3_c.checksum.data); - RC4 (&rc4_key, len - 16, cdata + 16, cdata + 16); - - ke.key = &kb; - kb.keyvalue = k2_c.checksum; - - cksum.checksum.length = 16; - cksum.checksum.data = cksum_data; - - ret = hmac(NULL, c, cdata + 16, len - 16, 0, &ke, &cksum); - if (ret) - krb5_abortx(context, "hmac failed"); - - memset (k1_c_data, 0, sizeof(k1_c_data)); - memset (k2_c_data, 0, sizeof(k2_c_data)); - memset (k3_c_data, 0, sizeof(k3_c_data)); - - if (memcmp (cksum.checksum.data, data, 16) != 0) { - krb5_clear_error_string (context); - return KRB5KRB_AP_ERR_BAD_INTEGRITY; - } else { - return 0; - } -} - -/* - * convert the usage numbers used in - * draft-ietf-cat-kerb-key-derivation-00.txt to the ones in - * draft-brezak-win2k-krb-rc4-hmac-04.txt - */ - -static krb5_error_code -usage2arcfour (krb5_context context, unsigned *usage) -{ - switch (*usage) { - case KRB5_KU_AS_REP_ENC_PART : /* 3 */ - case KRB5_KU_TGS_REP_ENC_PART_SUB_KEY : /* 9 */ - *usage = 8; - return 0; - case KRB5_KU_USAGE_SEAL : /* 22 */ - *usage = 13; - return 0; - case KRB5_KU_USAGE_SIGN : /* 23 */ - *usage = 15; - return 0; - case KRB5_KU_USAGE_SEQ: /* 24 */ - *usage = 0; - return 0; - default : - return 0; - } -} - -static krb5_error_code -ARCFOUR_encrypt(krb5_context context, - struct key_data *key, - void *data, - size_t len, - krb5_boolean encryptp, - int usage, - void *ivec) -{ - krb5_error_code ret; - unsigned keyusage = usage; - - if((ret = usage2arcfour (context, &keyusage)) != 0) - return ret; - - if (encryptp) - return ARCFOUR_subencrypt (context, key, data, len, keyusage, ivec); - else - return ARCFOUR_subdecrypt (context, key, data, len, keyusage, ivec); -} - - -/* - * - */ - -static krb5_error_code -AES_PRF(krb5_context context, - krb5_crypto crypto, - const krb5_data *in, - krb5_data *out) -{ - struct checksum_type *ct = crypto->et->checksum; - krb5_error_code ret; - Checksum result; - krb5_keyblock *derived; - - result.cksumtype = ct->type; - ret = krb5_data_alloc(&result.checksum, ct->checksumsize); - if (ret) { - krb5_set_error_string(context, "out memory"); - return ret; - } - - (*ct->checksum)(context, NULL, in->data, in->length, 0, &result); - - if (result.checksum.length < crypto->et->blocksize) - krb5_abortx(context, "internal prf error"); - - derived = NULL; - ret = krb5_derive_key(context, crypto->key.key, - crypto->et->type, "prf", 3, &derived); - if (ret) - krb5_abortx(context, "krb5_derive_key"); - - ret = krb5_data_alloc(out, crypto->et->blocksize); - if (ret) - krb5_abortx(context, "malloc failed"); - - { - AES_KEY key; - - AES_set_encrypt_key(derived->keyvalue.data, - crypto->et->keytype->bits, &key); - AES_encrypt(result.checksum.data, out->data, &key); - memset(&key, 0, sizeof(key)); - } - - krb5_data_free(&result.checksum); - krb5_free_keyblock(context, derived); - - return ret; -} - -/* - * these should currently be in reverse preference order. - * (only relevant for !F_PSEUDO) */ - -static struct encryption_type enctype_null = { - ETYPE_NULL, - "null", - NULL, - 1, - 1, - 0, - &keytype_null, - &checksum_none, - NULL, - F_DISABLED, - NULL_encrypt, - 0, - NULL -}; -static struct encryption_type enctype_des_cbc_crc = { - ETYPE_DES_CBC_CRC, - "des-cbc-crc", - NULL, - 8, - 8, - 8, - &keytype_des, - &checksum_crc32, - NULL, - 0, - DES_CBC_encrypt_key_ivec, - 0, - NULL -}; -static struct encryption_type enctype_des_cbc_md4 = { - ETYPE_DES_CBC_MD4, - "des-cbc-md4", - NULL, - 8, - 8, - 8, - &keytype_des, - &checksum_rsa_md4, - &checksum_rsa_md4_des, - 0, - DES_CBC_encrypt_null_ivec, - 0, - NULL -}; -static struct encryption_type enctype_des_cbc_md5 = { - ETYPE_DES_CBC_MD5, - "des-cbc-md5", - NULL, - 8, - 8, - 8, - &keytype_des, - &checksum_rsa_md5, - &checksum_rsa_md5_des, - 0, - DES_CBC_encrypt_null_ivec, - 0, - NULL -}; -static struct encryption_type enctype_arcfour_hmac_md5 = { - ETYPE_ARCFOUR_HMAC_MD5, - "arcfour-hmac-md5", - NULL, - 1, - 1, - 8, - &keytype_arcfour, - &checksum_hmac_md5, - NULL, - F_SPECIAL, - ARCFOUR_encrypt, - 0, - NULL -}; -static struct encryption_type enctype_des3_cbc_md5 = { - ETYPE_DES3_CBC_MD5, - "des3-cbc-md5", - NULL, - 8, - 8, - 8, - &keytype_des3, - &checksum_rsa_md5, - &checksum_rsa_md5_des3, - 0, - DES3_CBC_encrypt, - 0, - NULL -}; -static struct encryption_type enctype_des3_cbc_sha1 = { - ETYPE_DES3_CBC_SHA1, - "des3-cbc-sha1", - NULL, - 8, - 8, - 8, - &keytype_des3_derived, - &checksum_sha1, - &checksum_hmac_sha1_des3, - F_DERIVED, - DES3_CBC_encrypt, - 0, - NULL -}; -static struct encryption_type enctype_old_des3_cbc_sha1 = { - ETYPE_OLD_DES3_CBC_SHA1, - "old-des3-cbc-sha1", - NULL, - 8, - 8, - 8, - &keytype_des3, - &checksum_sha1, - &checksum_hmac_sha1_des3, - 0, - DES3_CBC_encrypt, - 0, - NULL -}; -static struct encryption_type enctype_aes128_cts_hmac_sha1 = { - ETYPE_AES128_CTS_HMAC_SHA1_96, - "aes128-cts-hmac-sha1-96", - NULL, - 16, - 1, - 16, - &keytype_aes128, - &checksum_sha1, - &checksum_hmac_sha1_aes128, - F_DERIVED, - AES_CTS_encrypt, - 16, - AES_PRF -}; -static struct encryption_type enctype_aes256_cts_hmac_sha1 = { - ETYPE_AES256_CTS_HMAC_SHA1_96, - "aes256-cts-hmac-sha1-96", - NULL, - 16, - 1, - 16, - &keytype_aes256, - &checksum_sha1, - &checksum_hmac_sha1_aes256, - F_DERIVED, - AES_CTS_encrypt, - 16, - AES_PRF -}; -static struct encryption_type enctype_des_cbc_none = { - ETYPE_DES_CBC_NONE, - "des-cbc-none", - NULL, - 8, - 8, - 0, - &keytype_des, - &checksum_none, - NULL, - F_PSEUDO, - DES_CBC_encrypt_null_ivec, - 0, - NULL -}; -static struct encryption_type enctype_des_cfb64_none = { - ETYPE_DES_CFB64_NONE, - "des-cfb64-none", - NULL, - 1, - 1, - 0, - &keytype_des, - &checksum_none, - NULL, - F_PSEUDO, - DES_CFB64_encrypt_null_ivec, - 0, - NULL -}; -static struct encryption_type enctype_des_pcbc_none = { - ETYPE_DES_PCBC_NONE, - "des-pcbc-none", - NULL, - 8, - 8, - 0, - &keytype_des, - &checksum_none, - NULL, - F_PSEUDO, - DES_PCBC_encrypt_key_ivec, - 0, - NULL -}; -static struct encryption_type enctype_des3_cbc_none = { - ETYPE_DES3_CBC_NONE, - "des3-cbc-none", - NULL, - 8, - 8, - 0, - &keytype_des3_derived, - &checksum_none, - NULL, - F_PSEUDO, - DES3_CBC_encrypt, - 0, - NULL -}; - -static struct encryption_type *etypes[] = { - &enctype_null, - &enctype_des_cbc_crc, - &enctype_des_cbc_md4, - &enctype_des_cbc_md5, - &enctype_arcfour_hmac_md5, - &enctype_des3_cbc_md5, - &enctype_des3_cbc_sha1, - &enctype_old_des3_cbc_sha1, - &enctype_aes128_cts_hmac_sha1, - &enctype_aes256_cts_hmac_sha1, - &enctype_des_cbc_none, - &enctype_des_cfb64_none, - &enctype_des_pcbc_none, - &enctype_des3_cbc_none -}; - -static unsigned num_etypes = sizeof(etypes) / sizeof(etypes[0]); - - -static struct encryption_type * -_find_enctype(krb5_enctype type) -{ - int i; - for(i = 0; i < num_etypes; i++) - if(etypes[i]->type == type) - return etypes[i]; - return NULL; -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_enctype_to_string(krb5_context context, - krb5_enctype etype, - char **string) -{ - struct encryption_type *e; - e = _find_enctype(etype); - if(e == NULL) { - krb5_set_error_string (context, "encryption type %d not supported", - etype); - *string = NULL; - return KRB5_PROG_ETYPE_NOSUPP; - } - *string = strdup(e->name); - if(*string == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_enctype(krb5_context context, - const char *string, - krb5_enctype *etype) -{ - int i; - for(i = 0; i < num_etypes; i++) - if(strcasecmp(etypes[i]->name, string) == 0){ - *etype = etypes[i]->type; - return 0; - } - krb5_set_error_string (context, "encryption type %s not supported", - string); - return KRB5_PROG_ETYPE_NOSUPP; -} - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_enctype_to_oid(krb5_context context, - krb5_enctype etype, - heim_oid *oid) -{ - struct encryption_type *et = _find_enctype(etype); - if(et == NULL) { - krb5_set_error_string (context, "encryption type %d not supported", - etype); - return KRB5_PROG_ETYPE_NOSUPP; - } - if(et->oid == NULL) { - krb5_set_error_string (context, "%s have not oid", et->name); - return KRB5_PROG_ETYPE_NOSUPP; - } - krb5_clear_error_string(context); - return der_copy_oid(et->oid, oid); -} - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_oid_to_enctype(krb5_context context, - const heim_oid *oid, - krb5_enctype *etype) -{ - int i; - for(i = 0; i < num_etypes; i++) { - if(etypes[i]->oid && der_heim_oid_cmp(etypes[i]->oid, oid) == 0) { - *etype = etypes[i]->type; - return 0; - } - } - krb5_set_error_string(context, "enctype for oid not supported"); - return KRB5_PROG_ETYPE_NOSUPP; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_enctype_to_keytype(krb5_context context, - krb5_enctype etype, - krb5_keytype *keytype) -{ - struct encryption_type *e = _find_enctype(etype); - if(e == NULL) { - krb5_set_error_string (context, "encryption type %d not supported", - etype); - return KRB5_PROG_ETYPE_NOSUPP; - } - *keytype = e->keytype->type; /* XXX */ - return 0; -} - -#if 0 -krb5_error_code KRB5_LIB_FUNCTION -krb5_keytype_to_enctype(krb5_context context, - krb5_keytype keytype, - krb5_enctype *etype) -{ - struct key_type *kt = _find_keytype(keytype); - krb5_warnx(context, "krb5_keytype_to_enctype(%u)", keytype); - if(kt == NULL) - return KRB5_PROG_KEYTYPE_NOSUPP; - *etype = kt->best_etype; - return 0; -} -#endif - -krb5_error_code KRB5_LIB_FUNCTION -krb5_keytype_to_enctypes (krb5_context context, - krb5_keytype keytype, - unsigned *len, - krb5_enctype **val) -{ - int i; - unsigned n = 0; - krb5_enctype *ret; - - for (i = num_etypes - 1; i >= 0; --i) { - if (etypes[i]->keytype->type == keytype - && !(etypes[i]->flags & F_PSEUDO)) - ++n; - } - ret = malloc(n * sizeof(*ret)); - if (ret == NULL && n != 0) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - n = 0; - for (i = num_etypes - 1; i >= 0; --i) { - if (etypes[i]->keytype->type == keytype - && !(etypes[i]->flags & F_PSEUDO)) - ret[n++] = etypes[i]->type; - } - *len = n; - *val = ret; - return 0; -} - -/* - * First take the configured list of etypes for `keytype' if available, - * else, do `krb5_keytype_to_enctypes'. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_keytype_to_enctypes_default (krb5_context context, - krb5_keytype keytype, - unsigned *len, - krb5_enctype **val) -{ - int i, n; - krb5_enctype *ret; - - if (keytype != KEYTYPE_DES || context->etypes_des == NULL) - return krb5_keytype_to_enctypes (context, keytype, len, val); - - for (n = 0; context->etypes_des[n]; ++n) - ; - ret = malloc (n * sizeof(*ret)); - if (ret == NULL && n != 0) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - for (i = 0; i < n; ++i) - ret[i] = context->etypes_des[i]; - *len = n; - *val = ret; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_enctype_valid(krb5_context context, - krb5_enctype etype) -{ - struct encryption_type *e = _find_enctype(etype); - if(e == NULL) { - krb5_set_error_string (context, "encryption type %d not supported", - etype); - return KRB5_PROG_ETYPE_NOSUPP; - } - if (e->flags & F_DISABLED) { - krb5_set_error_string (context, "encryption type %s is disabled", - e->name); - return KRB5_PROG_ETYPE_NOSUPP; - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cksumtype_valid(krb5_context context, - krb5_cksumtype ctype) -{ - struct checksum_type *c = _find_checksum(ctype); - if (c == NULL) { - krb5_set_error_string (context, "checksum type %d not supported", - ctype); - return KRB5_PROG_SUMTYPE_NOSUPP; - } - if (c->flags & F_DISABLED) { - krb5_set_error_string (context, "checksum type %s is disabled", - c->name); - return KRB5_PROG_SUMTYPE_NOSUPP; - } - return 0; -} - - -/* if two enctypes have compatible keys */ -krb5_boolean KRB5_LIB_FUNCTION -krb5_enctypes_compatible_keys(krb5_context context, - krb5_enctype etype1, - krb5_enctype etype2) -{ - struct encryption_type *e1 = _find_enctype(etype1); - struct encryption_type *e2 = _find_enctype(etype2); - return e1 != NULL && e2 != NULL && e1->keytype == e2->keytype; -} - -static krb5_boolean -derived_crypto(krb5_context context, - krb5_crypto crypto) -{ - return (crypto->et->flags & F_DERIVED) != 0; -} - -static krb5_boolean -special_crypto(krb5_context context, - krb5_crypto crypto) -{ - return (crypto->et->flags & F_SPECIAL) != 0; -} - -#define CHECKSUMSIZE(C) ((C)->checksumsize) -#define CHECKSUMTYPE(C) ((C)->type) - -static krb5_error_code -encrypt_internal_derived(krb5_context context, - krb5_crypto crypto, - unsigned usage, - const void *data, - size_t len, - krb5_data *result, - void *ivec) -{ - size_t sz, block_sz, checksum_sz, total_sz; - Checksum cksum; - unsigned char *p, *q; - krb5_error_code ret; - struct key_data *dkey; - const struct encryption_type *et = crypto->et; - - checksum_sz = CHECKSUMSIZE(et->keyed_checksum); - - sz = et->confoundersize + len; - block_sz = (sz + et->padsize - 1) &~ (et->padsize - 1); /* pad */ - total_sz = block_sz + checksum_sz; - p = calloc(1, total_sz); - if(p == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - q = p; - krb5_generate_random_block(q, et->confoundersize); /* XXX */ - q += et->confoundersize; - memcpy(q, data, len); - - ret = create_checksum(context, - et->keyed_checksum, - crypto, - INTEGRITY_USAGE(usage), - p, - block_sz, - &cksum); - if(ret == 0 && cksum.checksum.length != checksum_sz) { - free_Checksum (&cksum); - krb5_clear_error_string (context); - ret = KRB5_CRYPTO_INTERNAL; - } - if(ret) - goto fail; - memcpy(p + block_sz, cksum.checksum.data, cksum.checksum.length); - free_Checksum (&cksum); - ret = _get_derived_key(context, crypto, ENCRYPTION_USAGE(usage), &dkey); - if(ret) - goto fail; - ret = _key_schedule(context, dkey); - if(ret) - goto fail; -#ifdef CRYPTO_DEBUG - krb5_crypto_debug(context, 1, block_sz, dkey->key); -#endif - ret = (*et->encrypt)(context, dkey, p, block_sz, 1, usage, ivec); - if (ret) - goto fail; - result->data = p; - result->length = total_sz; - return 0; - fail: - memset(p, 0, total_sz); - free(p); - return ret; -} - - -static krb5_error_code -encrypt_internal(krb5_context context, - krb5_crypto crypto, - const void *data, - size_t len, - krb5_data *result, - void *ivec) -{ - size_t sz, block_sz, checksum_sz; - Checksum cksum; - unsigned char *p, *q; - krb5_error_code ret; - const struct encryption_type *et = crypto->et; - - checksum_sz = CHECKSUMSIZE(et->checksum); - - sz = et->confoundersize + checksum_sz + len; - block_sz = (sz + et->padsize - 1) &~ (et->padsize - 1); /* pad */ - p = calloc(1, block_sz); - if(p == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - q = p; - krb5_generate_random_block(q, et->confoundersize); /* XXX */ - q += et->confoundersize; - memset(q, 0, checksum_sz); - q += checksum_sz; - memcpy(q, data, len); - - ret = create_checksum(context, - et->checksum, - crypto, - 0, - p, - block_sz, - &cksum); - if(ret == 0 && cksum.checksum.length != checksum_sz) { - krb5_clear_error_string (context); - free_Checksum(&cksum); - ret = KRB5_CRYPTO_INTERNAL; - } - if(ret) - goto fail; - memcpy(p + et->confoundersize, cksum.checksum.data, cksum.checksum.length); - free_Checksum(&cksum); - ret = _key_schedule(context, &crypto->key); - if(ret) - goto fail; -#ifdef CRYPTO_DEBUG - krb5_crypto_debug(context, 1, block_sz, crypto->key.key); -#endif - ret = (*et->encrypt)(context, &crypto->key, p, block_sz, 1, 0, ivec); - if (ret) { - memset(p, 0, block_sz); - free(p); - return ret; - } - result->data = p; - result->length = block_sz; - return 0; - fail: - memset(p, 0, block_sz); - free(p); - return ret; -} - -static krb5_error_code -encrypt_internal_special(krb5_context context, - krb5_crypto crypto, - int usage, - const void *data, - size_t len, - krb5_data *result, - void *ivec) -{ - struct encryption_type *et = crypto->et; - size_t cksum_sz = CHECKSUMSIZE(et->checksum); - size_t sz = len + cksum_sz + et->confoundersize; - char *tmp, *p; - krb5_error_code ret; - - tmp = malloc (sz); - if (tmp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - p = tmp; - memset (p, 0, cksum_sz); - p += cksum_sz; - krb5_generate_random_block(p, et->confoundersize); - p += et->confoundersize; - memcpy (p, data, len); - ret = (*et->encrypt)(context, &crypto->key, tmp, sz, TRUE, usage, ivec); - if (ret) { - memset(tmp, 0, sz); - free(tmp); - return ret; - } - result->data = tmp; - result->length = sz; - return 0; -} - -static krb5_error_code -decrypt_internal_derived(krb5_context context, - krb5_crypto crypto, - unsigned usage, - void *data, - size_t len, - krb5_data *result, - void *ivec) -{ - size_t checksum_sz; - Checksum cksum; - unsigned char *p; - krb5_error_code ret; - struct key_data *dkey; - struct encryption_type *et = crypto->et; - unsigned long l; - - checksum_sz = CHECKSUMSIZE(et->keyed_checksum); - if (len < checksum_sz + et->confoundersize) { - krb5_set_error_string(context, "Encrypted data shorter then " - "checksum + confunder"); - return KRB5_BAD_MSIZE; - } - - if (((len - checksum_sz) % et->padsize) != 0) { - krb5_clear_error_string(context); - return KRB5_BAD_MSIZE; - } - - p = malloc(len); - if(len != 0 && p == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - memcpy(p, data, len); - - len -= checksum_sz; - - ret = _get_derived_key(context, crypto, ENCRYPTION_USAGE(usage), &dkey); - if(ret) { - free(p); - return ret; - } - ret = _key_schedule(context, dkey); - if(ret) { - free(p); - return ret; - } -#ifdef CRYPTO_DEBUG - krb5_crypto_debug(context, 0, len, dkey->key); -#endif - ret = (*et->encrypt)(context, dkey, p, len, 0, usage, ivec); - if (ret) { - free(p); - return ret; - } - - cksum.checksum.data = p + len; - cksum.checksum.length = checksum_sz; - cksum.cksumtype = CHECKSUMTYPE(et->keyed_checksum); - - ret = verify_checksum(context, - crypto, - INTEGRITY_USAGE(usage), - p, - len, - &cksum); - if(ret) { - free(p); - return ret; - } - l = len - et->confoundersize; - memmove(p, p + et->confoundersize, l); - result->data = realloc(p, l); - if(result->data == NULL && l != 0) { - free(p); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - result->length = l; - return 0; -} - -static krb5_error_code -decrypt_internal(krb5_context context, - krb5_crypto crypto, - void *data, - size_t len, - krb5_data *result, - void *ivec) -{ - krb5_error_code ret; - unsigned char *p; - Checksum cksum; - size_t checksum_sz, l; - struct encryption_type *et = crypto->et; - - if ((len % et->padsize) != 0) { - krb5_clear_error_string(context); - return KRB5_BAD_MSIZE; - } - - checksum_sz = CHECKSUMSIZE(et->checksum); - p = malloc(len); - if(len != 0 && p == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - memcpy(p, data, len); - - ret = _key_schedule(context, &crypto->key); - if(ret) { - free(p); - return ret; - } -#ifdef CRYPTO_DEBUG - krb5_crypto_debug(context, 0, len, crypto->key.key); -#endif - ret = (*et->encrypt)(context, &crypto->key, p, len, 0, 0, ivec); - if (ret) { - free(p); - return ret; - } - ret = krb5_data_copy(&cksum.checksum, p + et->confoundersize, checksum_sz); - if(ret) { - free(p); - return ret; - } - memset(p + et->confoundersize, 0, checksum_sz); - cksum.cksumtype = CHECKSUMTYPE(et->checksum); - ret = verify_checksum(context, NULL, 0, p, len, &cksum); - free_Checksum(&cksum); - if(ret) { - free(p); - return ret; - } - l = len - et->confoundersize - checksum_sz; - memmove(p, p + et->confoundersize + checksum_sz, l); - result->data = realloc(p, l); - if(result->data == NULL && l != 0) { - free(p); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - result->length = l; - return 0; -} - -static krb5_error_code -decrypt_internal_special(krb5_context context, - krb5_crypto crypto, - int usage, - void *data, - size_t len, - krb5_data *result, - void *ivec) -{ - struct encryption_type *et = crypto->et; - size_t cksum_sz = CHECKSUMSIZE(et->checksum); - size_t sz = len - cksum_sz - et->confoundersize; - unsigned char *p; - krb5_error_code ret; - - if ((len % et->padsize) != 0) { - krb5_clear_error_string(context); - return KRB5_BAD_MSIZE; - } - - p = malloc (len); - if (p == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - memcpy(p, data, len); - - ret = (*et->encrypt)(context, &crypto->key, p, len, FALSE, usage, ivec); - if (ret) { - free(p); - return ret; - } - - memmove (p, p + cksum_sz + et->confoundersize, sz); - result->data = realloc(p, sz); - if(result->data == NULL && sz != 0) { - free(p); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - result->length = sz; - return 0; -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encrypt_ivec(krb5_context context, - krb5_crypto crypto, - unsigned usage, - const void *data, - size_t len, - krb5_data *result, - void *ivec) -{ - if(derived_crypto(context, crypto)) - return encrypt_internal_derived(context, crypto, usage, - data, len, result, ivec); - else if (special_crypto(context, crypto)) - return encrypt_internal_special (context, crypto, usage, - data, len, result, ivec); - else - return encrypt_internal(context, crypto, data, len, result, ivec); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encrypt(krb5_context context, - krb5_crypto crypto, - unsigned usage, - const void *data, - size_t len, - krb5_data *result) -{ - return krb5_encrypt_ivec(context, crypto, usage, data, len, result, NULL); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encrypt_EncryptedData(krb5_context context, - krb5_crypto crypto, - unsigned usage, - void *data, - size_t len, - int kvno, - EncryptedData *result) -{ - result->etype = CRYPTO_ETYPE(crypto); - if(kvno){ - ALLOC(result->kvno, 1); - *result->kvno = kvno; - }else - result->kvno = NULL; - return krb5_encrypt(context, crypto, usage, data, len, &result->cipher); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decrypt_ivec(krb5_context context, - krb5_crypto crypto, - unsigned usage, - void *data, - size_t len, - krb5_data *result, - void *ivec) -{ - if(derived_crypto(context, crypto)) - return decrypt_internal_derived(context, crypto, usage, - data, len, result, ivec); - else if (special_crypto (context, crypto)) - return decrypt_internal_special(context, crypto, usage, - data, len, result, ivec); - else - return decrypt_internal(context, crypto, data, len, result, ivec); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decrypt(krb5_context context, - krb5_crypto crypto, - unsigned usage, - void *data, - size_t len, - krb5_data *result) -{ - return krb5_decrypt_ivec (context, crypto, usage, data, len, result, - NULL); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decrypt_EncryptedData(krb5_context context, - krb5_crypto crypto, - unsigned usage, - const EncryptedData *e, - krb5_data *result) -{ - return krb5_decrypt(context, crypto, usage, - e->cipher.data, e->cipher.length, result); -} - -/************************************************************ - * * - ************************************************************/ - -#define ENTROPY_NEEDED 128 - -static int -seed_something(void) -{ - char buf[1024], seedfile[256]; - - /* If there is a seed file, load it. But such a file cannot be trusted, - so use 0 for the entropy estimate */ - if (RAND_file_name(seedfile, sizeof(seedfile))) { - int fd; - fd = open(seedfile, O_RDONLY); - if (fd >= 0) { - ssize_t ret; - ret = read(fd, buf, sizeof(buf)); - if (ret > 0) - RAND_add(buf, ret, 0.0); - close(fd); - } else - seedfile[0] = '\0'; - } else - seedfile[0] = '\0'; - - /* Calling RAND_status() will try to use /dev/urandom if it exists so - we do not have to deal with it. */ - if (RAND_status() != 1) { - krb5_context context; - const char *p; - - /* Try using egd */ - if (!krb5_init_context(&context)) { - p = krb5_config_get_string(context, NULL, "libdefaults", - "egd_socket", NULL); - if (p != NULL) - RAND_egd_bytes(p, ENTROPY_NEEDED); - krb5_free_context(context); - } - } - - if (RAND_status() == 1) { - /* Update the seed file */ - if (seedfile[0]) - RAND_write_file(seedfile); - - return 0; - } else - return -1; -} - -void KRB5_LIB_FUNCTION -krb5_generate_random_block(void *buf, size_t len) -{ - static int rng_initialized = 0; - - HEIMDAL_MUTEX_lock(&crypto_mutex); - if (!rng_initialized) { - if (seed_something()) - krb5_abortx(NULL, "Fatal: could not seed the " - "random number generator"); - - rng_initialized = 1; - } - HEIMDAL_MUTEX_unlock(&crypto_mutex); - if (RAND_bytes(buf, len) != 1) - krb5_abortx(NULL, "Failed to generate random block"); -} - -static void -DES3_postproc(krb5_context context, - unsigned char *k, size_t len, struct key_data *key) -{ - DES3_random_to_key(context, key->key, k, len); - - if (key->schedule) { - krb5_free_data(context, key->schedule); - key->schedule = NULL; - } -} - -static krb5_error_code -derive_key(krb5_context context, - struct encryption_type *et, - struct key_data *key, - const void *constant, - size_t len) -{ - unsigned char *k; - unsigned int nblocks = 0, i; - krb5_error_code ret = 0; - struct key_type *kt = et->keytype; - - ret = _key_schedule(context, key); - if(ret) - return ret; - if(et->blocksize * 8 < kt->bits || len != et->blocksize) { - nblocks = (kt->bits + et->blocksize * 8 - 1) / (et->blocksize * 8); - k = malloc(nblocks * et->blocksize); - if(k == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - ret = _krb5_n_fold(constant, len, k, et->blocksize); - if (ret) { - free(k); - krb5_set_error_string(context, "out of memory"); - return ret; - } - for(i = 0; i < nblocks; i++) { - if(i > 0) - memcpy(k + i * et->blocksize, - k + (i - 1) * et->blocksize, - et->blocksize); - (*et->encrypt)(context, key, k + i * et->blocksize, et->blocksize, - 1, 0, NULL); - } - } else { - /* this case is probably broken, but won't be run anyway */ - void *c = malloc(len); - size_t res_len = (kt->bits + 7) / 8; - - if(len != 0 && c == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - memcpy(c, constant, len); - (*et->encrypt)(context, key, c, len, 1, 0, NULL); - k = malloc(res_len); - if(res_len != 0 && k == NULL) { - free(c); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - ret = _krb5_n_fold(c, len, k, res_len); - if (ret) { - free(k); - krb5_set_error_string(context, "out of memory"); - return ret; - } - free(c); - } - - /* XXX keytype dependent post-processing */ - switch(kt->type) { - case KEYTYPE_DES3: - DES3_postproc(context, k, nblocks * et->blocksize, key); - break; - case KEYTYPE_AES128: - case KEYTYPE_AES256: - memcpy(key->key->keyvalue.data, k, key->key->keyvalue.length); - break; - default: - krb5_set_error_string(context, - "derive_key() called with unknown keytype (%u)", - kt->type); - ret = KRB5_CRYPTO_INTERNAL; - break; - } - if (key->schedule) { - krb5_free_data(context, key->schedule); - key->schedule = NULL; - } - memset(k, 0, nblocks * et->blocksize); - free(k); - return ret; -} - -static struct key_data * -_new_derived_key(krb5_crypto crypto, unsigned usage) -{ - struct key_usage *d = crypto->key_usage; - d = realloc(d, (crypto->num_key_usage + 1) * sizeof(*d)); - if(d == NULL) - return NULL; - crypto->key_usage = d; - d += crypto->num_key_usage++; - memset(d, 0, sizeof(*d)); - d->usage = usage; - return &d->key; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_derive_key(krb5_context context, - const krb5_keyblock *key, - krb5_enctype etype, - const void *constant, - size_t constant_len, - krb5_keyblock **derived_key) -{ - krb5_error_code ret; - struct encryption_type *et; - struct key_data d; - - *derived_key = NULL; - - et = _find_enctype (etype); - if (et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - etype); - return KRB5_PROG_ETYPE_NOSUPP; - } - - ret = krb5_copy_keyblock(context, key, &d.key); - if (ret) - return ret; - - d.schedule = NULL; - ret = derive_key(context, et, &d, constant, constant_len); - if (ret == 0) - ret = krb5_copy_keyblock(context, d.key, derived_key); - free_key_data(context, &d); - return ret; -} - -static krb5_error_code -_get_derived_key(krb5_context context, - krb5_crypto crypto, - unsigned usage, - struct key_data **key) -{ - int i; - struct key_data *d; - unsigned char constant[5]; - - for(i = 0; i < crypto->num_key_usage; i++) - if(crypto->key_usage[i].usage == usage) { - *key = &crypto->key_usage[i].key; - return 0; - } - d = _new_derived_key(crypto, usage); - if(d == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - krb5_copy_keyblock(context, crypto->key.key, &d->key); - _krb5_put_int(constant, usage, 5); - derive_key(context, crypto->et, d, constant, sizeof(constant)); - *key = d; - return 0; -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_crypto_init(krb5_context context, - const krb5_keyblock *key, - krb5_enctype etype, - krb5_crypto *crypto) -{ - krb5_error_code ret; - ALLOC(*crypto, 1); - if(*crypto == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - if(etype == ETYPE_NULL) - etype = key->keytype; - (*crypto)->et = _find_enctype(etype); - if((*crypto)->et == NULL || ((*crypto)->et->flags & F_DISABLED)) { - free(*crypto); - *crypto = NULL; - krb5_set_error_string (context, "encryption type %d not supported", - etype); - return KRB5_PROG_ETYPE_NOSUPP; - } - if((*crypto)->et->keytype->size != key->keyvalue.length) { - free(*crypto); - *crypto = NULL; - krb5_set_error_string (context, "encryption key has bad length"); - return KRB5_BAD_KEYSIZE; - } - ret = krb5_copy_keyblock(context, key, &(*crypto)->key.key); - if(ret) { - free(*crypto); - *crypto = NULL; - return ret; - } - (*crypto)->key.schedule = NULL; - (*crypto)->num_key_usage = 0; - (*crypto)->key_usage = NULL; - return 0; -} - -static void -free_key_data(krb5_context context, struct key_data *key) -{ - krb5_free_keyblock(context, key->key); - if(key->schedule) { - memset(key->schedule->data, 0, key->schedule->length); - krb5_free_data(context, key->schedule); - } -} - -static void -free_key_usage(krb5_context context, struct key_usage *ku) -{ - free_key_data(context, &ku->key); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_crypto_destroy(krb5_context context, - krb5_crypto crypto) -{ - int i; - - for(i = 0; i < crypto->num_key_usage; i++) - free_key_usage(context, &crypto->key_usage[i]); - free(crypto->key_usage); - free_key_data(context, &crypto->key); - free (crypto); - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_crypto_getblocksize(krb5_context context, - krb5_crypto crypto, - size_t *blocksize) -{ - *blocksize = crypto->et->blocksize; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_crypto_getenctype(krb5_context context, - krb5_crypto crypto, - krb5_enctype *enctype) -{ - *enctype = crypto->et->type; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_crypto_getpadsize(krb5_context context, - krb5_crypto crypto, - size_t *padsize) -{ - *padsize = crypto->et->padsize; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_crypto_getconfoundersize(krb5_context context, - krb5_crypto crypto, - size_t *confoundersize) -{ - *confoundersize = crypto->et->confoundersize; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_enctype_disable(krb5_context context, - krb5_enctype enctype) -{ - struct encryption_type *et = _find_enctype(enctype); - if(et == NULL) { - if (context) - krb5_set_error_string (context, "encryption type %d not supported", - enctype); - return KRB5_PROG_ETYPE_NOSUPP; - } - et->flags |= F_DISABLED; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key_derived(krb5_context context, - const void *str, - size_t len, - krb5_enctype etype, - krb5_keyblock *key) -{ - struct encryption_type *et = _find_enctype(etype); - krb5_error_code ret; - struct key_data kd; - size_t keylen; - u_char *tmp; - - if(et == NULL) { - krb5_set_error_string (context, "encryption type %d not supported", - etype); - return KRB5_PROG_ETYPE_NOSUPP; - } - keylen = et->keytype->bits / 8; - - ALLOC(kd.key, 1); - if(kd.key == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - ret = krb5_data_alloc(&kd.key->keyvalue, et->keytype->size); - if(ret) { - free(kd.key); - return ret; - } - kd.key->keytype = etype; - tmp = malloc (keylen); - if(tmp == NULL) { - krb5_free_keyblock(context, kd.key); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - ret = _krb5_n_fold(str, len, tmp, keylen); - if (ret) { - free(tmp); - krb5_set_error_string(context, "out of memory"); - return ret; - } - kd.schedule = NULL; - DES3_postproc (context, tmp, keylen, &kd); /* XXX */ - memset(tmp, 0, keylen); - free(tmp); - ret = derive_key(context, - et, - &kd, - "kerberos", /* XXX well known constant */ - strlen("kerberos")); - ret = krb5_copy_keyblock_contents(context, kd.key, key); - free_key_data(context, &kd); - return ret; -} - -static size_t -wrapped_length (krb5_context context, - krb5_crypto crypto, - size_t data_len) -{ - struct encryption_type *et = crypto->et; - size_t padsize = et->padsize; - size_t checksumsize = CHECKSUMSIZE(et->checksum); - size_t res; - - res = et->confoundersize + checksumsize + data_len; - res = (res + padsize - 1) / padsize * padsize; - return res; -} - -static size_t -wrapped_length_dervied (krb5_context context, - krb5_crypto crypto, - size_t data_len) -{ - struct encryption_type *et = crypto->et; - size_t padsize = et->padsize; - size_t res; - - res = et->confoundersize + data_len; - res = (res + padsize - 1) / padsize * padsize; - if (et->keyed_checksum) - res += et->keyed_checksum->checksumsize; - else - res += et->checksum->checksumsize; - return res; -} - -/* - * Return the size of an encrypted packet of length `data_len' - */ - -size_t -krb5_get_wrapped_length (krb5_context context, - krb5_crypto crypto, - size_t data_len) -{ - if (derived_crypto (context, crypto)) - return wrapped_length_dervied (context, crypto, data_len); - else - return wrapped_length (context, crypto, data_len); -} - -/* - * Return the size of an encrypted packet of length `data_len' - */ - -static size_t -crypto_overhead (krb5_context context, - krb5_crypto crypto) -{ - struct encryption_type *et = crypto->et; - size_t res; - - res = CHECKSUMSIZE(et->checksum); - res += et->confoundersize; - if (et->padsize > 1) - res += et->padsize; - return res; -} - -static size_t -crypto_overhead_dervied (krb5_context context, - krb5_crypto crypto) -{ - struct encryption_type *et = crypto->et; - size_t res; - - if (et->keyed_checksum) - res = CHECKSUMSIZE(et->keyed_checksum); - else - res = CHECKSUMSIZE(et->checksum); - res += et->confoundersize; - if (et->padsize > 1) - res += et->padsize; - return res; -} - -size_t -krb5_crypto_overhead (krb5_context context, krb5_crypto crypto) -{ - if (derived_crypto (context, crypto)) - return crypto_overhead_dervied (context, crypto); - else - return crypto_overhead (context, crypto); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_random_to_key(krb5_context context, - krb5_enctype type, - const void *data, - size_t size, - krb5_keyblock *key) -{ - krb5_error_code ret; - struct encryption_type *et = _find_enctype(type); - if(et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - type); - return KRB5_PROG_ETYPE_NOSUPP; - } - if ((et->keytype->bits + 7) / 8 > size) { - krb5_set_error_string(context, "encryption key %s needs %d bytes " - "of random to make an encryption key out of it", - et->name, (int)et->keytype->size); - return KRB5_PROG_ETYPE_NOSUPP; - } - ret = krb5_data_alloc(&key->keyvalue, et->keytype->size); - if(ret) - return ret; - key->keytype = type; - if (et->keytype->random_to_key) - (*et->keytype->random_to_key)(context, key, data, size); - else - memcpy(key->keyvalue.data, data, et->keytype->size); - - return 0; -} - -krb5_error_code -_krb5_pk_octetstring2key(krb5_context context, - krb5_enctype type, - const void *dhdata, - size_t dhsize, - const heim_octet_string *c_n, - const heim_octet_string *k_n, - krb5_keyblock *key) -{ - struct encryption_type *et = _find_enctype(type); - krb5_error_code ret; - size_t keylen, offset; - void *keydata; - unsigned char counter; - unsigned char shaoutput[20]; - - if(et == NULL) { - krb5_set_error_string(context, "encryption type %d not supported", - type); - return KRB5_PROG_ETYPE_NOSUPP; - } - keylen = (et->keytype->bits + 7) / 8; - - keydata = malloc(keylen); - if (keydata == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - counter = 0; - offset = 0; - do { - SHA_CTX m; - - SHA1_Init(&m); - SHA1_Update(&m, &counter, 1); - SHA1_Update(&m, dhdata, dhsize); - if (c_n) - SHA1_Update(&m, c_n->data, c_n->length); - if (k_n) - SHA1_Update(&m, k_n->data, k_n->length); - SHA1_Final(shaoutput, &m); - - memcpy((unsigned char *)keydata + offset, - shaoutput, - min(keylen - offset, sizeof(shaoutput))); - - offset += sizeof(shaoutput); - counter++; - } while(offset < keylen); - memset(shaoutput, 0, sizeof(shaoutput)); - - ret = krb5_random_to_key(context, type, keydata, keylen, key); - memset(keydata, 0, sizeof(keylen)); - free(keydata); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_crypto_prf_length(krb5_context context, - krb5_enctype type, - size_t *length) -{ - struct encryption_type *et = _find_enctype(type); - - if(et == NULL || et->prf_length == 0) { - krb5_set_error_string(context, "encryption type %d not supported", - type); - return KRB5_PROG_ETYPE_NOSUPP; - } - - *length = et->prf_length; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_crypto_prf(krb5_context context, - const krb5_crypto crypto, - const krb5_data *input, - krb5_data *output) -{ - struct encryption_type *et = crypto->et; - - krb5_data_zero(output); - - if(et->prf == NULL) { - krb5_set_error_string(context, "kerberos prf for %s not supported", - et->name); - return KRB5_PROG_ETYPE_NOSUPP; - } - - return (*et->prf)(context, crypto, input, output); -} - - - - -#ifdef CRYPTO_DEBUG - -static krb5_error_code -krb5_get_keyid(krb5_context context, - krb5_keyblock *key, - uint32_t *keyid) -{ - MD5_CTX md5; - unsigned char tmp[16]; - - MD5_Init (&md5); - MD5_Update (&md5, key->keyvalue.data, key->keyvalue.length); - MD5_Final (tmp, &md5); - *keyid = (tmp[12] << 24) | (tmp[13] << 16) | (tmp[14] << 8) | tmp[15]; - return 0; -} - -static void -krb5_crypto_debug(krb5_context context, - int encryptp, - size_t len, - krb5_keyblock *key) -{ - uint32_t keyid; - char *kt; - krb5_get_keyid(context, key, &keyid); - krb5_enctype_to_string(context, key->keytype, &kt); - krb5_warnx(context, "%s %lu bytes with key-id %#x (%s)", - encryptp ? "encrypting" : "decrypting", - (unsigned long)len, - keyid, - kt); - free(kt); -} - -#endif /* CRYPTO_DEBUG */ - -#if 0 -int -main() -{ -#if 0 - int i; - krb5_context context; - krb5_crypto crypto; - struct key_data *d; - krb5_keyblock key; - char constant[4]; - unsigned usage = ENCRYPTION_USAGE(3); - krb5_error_code ret; - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - key.keytype = ETYPE_NEW_DES3_CBC_SHA1; - key.keyvalue.data = "\xb3\x85\x58\x94\xd9\xdc\x7c\xc8" - "\x25\xe9\x85\xab\x3e\xb5\xfb\x0e" - "\xc8\xdf\xab\x26\x86\x64\x15\x25"; - key.keyvalue.length = 24; - - krb5_crypto_init(context, &key, 0, &crypto); - - d = _new_derived_key(crypto, usage); - if(d == NULL) - krb5_errx(context, 1, "_new_derived_key failed"); - krb5_copy_keyblock(context, crypto->key.key, &d->key); - _krb5_put_int(constant, usage, 4); - derive_key(context, crypto->et, d, constant, sizeof(constant)); - return 0; -#else - int i; - krb5_context context; - krb5_crypto crypto; - struct key_data *d; - krb5_keyblock key; - krb5_error_code ret; - Checksum res; - - char *data = "what do ya want for nothing?"; - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - key.keytype = ETYPE_NEW_DES3_CBC_SHA1; - key.keyvalue.data = "Jefe"; - /* "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" - "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"; */ - key.keyvalue.length = 4; - - d = ecalloc(1, sizeof(*d)); - d->key = &key; - res.checksum.length = 20; - res.checksum.data = emalloc(res.checksum.length); - SP_HMAC_SHA1_checksum(context, d, data, 28, &res); - - return 0; -#endif -} -#endif diff --git a/crypto/heimdal/lib/krb5/data.c b/crypto/heimdal/lib/krb5/data.c deleted file mode 100644 index eda1a8b2598b..000000000000 --- a/crypto/heimdal/lib/krb5/data.c +++ /dev/null @@ -1,224 +0,0 @@ -/* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: data.c 22064 2007-11-11 16:28:14Z lha $"); - -/** - * Reset the (potentially uninitalized) krb5_data structure. - * - * @param p krb5_data to reset. - * - * @ingroup krb5 - */ - -void KRB5_LIB_FUNCTION -krb5_data_zero(krb5_data *p) -{ - p->length = 0; - p->data = NULL; -} - -/** - * Free the content of krb5_data structure, its ok to free a zeroed - * structure. When done, the structure will be zeroed. - * - * @param p krb5_data to free. - * - * @ingroup krb5 - */ - -void KRB5_LIB_FUNCTION -krb5_data_free(krb5_data *p) -{ - if(p->data != NULL) - free(p->data); - krb5_data_zero(p); -} - -/** - * Same as krb5_data_free(). - * - * @param context Kerberos 5 context. - * @param data krb5_data to free. - * - * @ingroup krb5 - */ - -void KRB5_LIB_FUNCTION -krb5_free_data_contents(krb5_context context, krb5_data *data) -{ - krb5_data_free(data); -} - -/** - * Free krb5_data (and its content). - * - * @param context Kerberos 5 context. - * @param p krb5_data to free. - * - * @ingroup krb5 - */ - -void KRB5_LIB_FUNCTION -krb5_free_data(krb5_context context, - krb5_data *p) -{ - krb5_data_free(p); - free(p); -} - -/** - * Allocate data of and krb5_data. - * - * @param p krb5_data to free. - * @param len size to allocate. - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned. - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_data_alloc(krb5_data *p, int len) -{ - p->data = malloc(len); - if(len && p->data == NULL) - return ENOMEM; - p->length = len; - return 0; -} - -/** - * Grow (or shrink) the content of krb5_data to a new size. - * - * @param p krb5_data to free. - * @param len new size. - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned. - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_data_realloc(krb5_data *p, int len) -{ - void *tmp; - tmp = realloc(p->data, len); - if(len && !tmp) - return ENOMEM; - p->data = tmp; - p->length = len; - return 0; -} - -/** - * Copy the data of len into the krb5_data. - * - * @param p krb5_data to copy into. - * @param data data to copy.. - * @param len new size. - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned. - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_data_copy(krb5_data *p, const void *data, size_t len) -{ - if (len) { - if(krb5_data_alloc(p, len)) - return ENOMEM; - memmove(p->data, data, len); - } else - p->data = NULL; - p->length = len; - return 0; -} - -/** - * Copy the data into a newly allocated krb5_data. - * - * @param context Kerberos 5 context. - * @param indata the krb5_data data to copy - * @param outdata new krb5_date to copy too. Free with krb5_free_data(). - * - * @return Returns 0 to indicate success. Otherwise an kerberos et - * error code is returned. - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_data(krb5_context context, - const krb5_data *indata, - krb5_data **outdata) -{ - krb5_error_code ret; - ALLOC(*outdata, 1); - if(*outdata == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - ret = der_copy_octet_string(indata, *outdata); - if(ret) { - krb5_clear_error_string (context); - free(*outdata); - *outdata = NULL; - } - return ret; -} - -/** - * Compare to data. - * - * @param data1 krb5_data to compare - * @param data2 krb5_data to compare - * - * @return return the same way as memcmp(), useful when sorting. - * - * @ingroup krb5 - */ - -int KRB5_LIB_FUNCTION -krb5_data_cmp(const krb5_data *data1, const krb5_data *data2) -{ - if (data1->length != data2->length) - return data1->length - data2->length; - return memcmp(data1->data, data2->data, data1->length); -} diff --git a/crypto/heimdal/lib/krb5/derived-key-test.c b/crypto/heimdal/lib/krb5/derived-key-test.c deleted file mode 100644 index debadb8bb956..000000000000 --- a/crypto/heimdal/lib/krb5/derived-key-test.c +++ /dev/null @@ -1,123 +0,0 @@ -/* - * Copyright (c) 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include - -RCSID("$Id: derived-key-test.c 16342 2005-12-02 14:14:43Z lha $"); - -enum { MAXSIZE = 24 }; - -static struct testcase { - krb5_enctype enctype; - unsigned char constant[MAXSIZE]; - size_t constant_len; - unsigned char key[MAXSIZE]; - unsigned char res[MAXSIZE]; -} tests[] = { - {ETYPE_DES3_CBC_SHA1, {0x00, 0x00, 0x00, 0x01, 0x55}, 5, - {0xdc, 0xe0, 0x6b, 0x1f, 0x64, 0xc8, 0x57, 0xa1, 0x1c, 0x3d, 0xb5, 0x7c, 0x51, 0x89, 0x9b, 0x2c, 0xc1, 0x79, 0x10, 0x08, 0xce, 0x97, 0x3b, 0x92}, - {0x92, 0x51, 0x79, 0xd0, 0x45, 0x91, 0xa7, 0x9b, 0x5d, 0x31, 0x92, 0xc4, 0xa7, 0xe9, 0xc2, 0x89, 0xb0, 0x49, 0xc7, 0x1f, 0x6e, 0xe6, 0x04, 0xcd}}, - {ETYPE_DES3_CBC_SHA1, {0x00, 0x00, 0x00, 0x01, 0xaa}, 5, - {0x5e, 0x13, 0xd3, 0x1c, 0x70, 0xef, 0x76, 0x57, 0x46, 0x57, 0x85, 0x31, 0xcb, 0x51, 0xc1, 0x5b, 0xf1, 0x1c, 0xa8, 0x2c, 0x97, 0xce, 0xe9, 0xf2}, - {0x9e, 0x58, 0xe5, 0xa1, 0x46, 0xd9, 0x94, 0x2a, 0x10, 0x1c, 0x46, 0x98, 0x45, 0xd6, 0x7a, 0x20, 0xe3, 0xc4, 0x25, 0x9e, 0xd9, 0x13, 0xf2, 0x07}}, - {ETYPE_DES3_CBC_SHA1, {0x00, 0x00, 0x00, 0x01, 0x55}, 5, - {0x98, 0xe6, 0xfd, 0x8a, 0x04, 0xa4, 0xb6, 0x85, 0x9b, 0x75, 0xa1, 0x76, 0x54, 0x0b, 0x97, 0x52, 0xba, 0xd3, 0xec, 0xd6, 0x10, 0xa2, 0x52, 0xbc}, - {0x13, 0xfe, 0xf8, 0x0d, 0x76, 0x3e, 0x94, 0xec, 0x6d, 0x13, 0xfd, 0x2c, 0xa1, 0xd0, 0x85, 0x07, 0x02, 0x49, 0xda, 0xd3, 0x98, 0x08, 0xea, 0xbf}}, - {ETYPE_DES3_CBC_SHA1, {0x00, 0x00, 0x00, 0x01, 0xaa}, 5, - {0x62, 0x2a, 0xec, 0x25, 0xa2, 0xfe, 0x2c, 0xad, 0x70, 0x94, 0x68, 0x0b, 0x7c, 0x64, 0x94, 0x02, 0x80, 0x08, 0x4c, 0x1a, 0x7c, 0xec, 0x92, 0xb5}, - {0xf8, 0xdf, 0xbf, 0x04, 0xb0, 0x97, 0xe6, 0xd9, 0xdc, 0x07, 0x02, 0x68, 0x6b, 0xcb, 0x34, 0x89, 0xd9, 0x1f, 0xd9, 0xa4, 0x51, 0x6b, 0x70, 0x3e}}, - {ETYPE_DES3_CBC_SHA1, {0x6b, 0x65, 0x72, 0x62, 0x65, 0x72, 0x6f, 0x73}, 8, - {0xd3, 0xf8, 0x29, 0x8c, 0xcb, 0x16, 0x64, 0x38, 0xdc, 0xb9, 0xb9, 0x3e, 0xe5, 0xa7, 0x62, 0x92, 0x86, 0xa4, 0x91, 0xf8, 0x38, 0xf8, 0x02, 0xfb}, - {0x23, 0x70, 0xda, 0x57, 0x5d, 0x2a, 0x3d, 0xa8, 0x64, 0xce, 0xbf, 0xdc, 0x52, 0x04, 0xd5, 0x6d, 0xf7, 0x79, 0xa7, 0xdf, 0x43, 0xd9, 0xda, 0x43}}, - {ETYPE_DES3_CBC_SHA1, {0x63, 0x6f, 0x6d, 0x62, 0x69, 0x6e, 0x65}, 7, - {0xb5, 0x5e, 0x98, 0x34, 0x67, 0xe5, 0x51, 0xb3, 0xe5, 0xd0, 0xe5, 0xb6, 0xc8, 0x0d, 0x45, 0x76, 0x94, 0x23, 0xa8, 0x73, 0xdc, 0x62, 0xb3, 0x0e}, - {0x01, 0x26, 0x38, 0x8a, 0xad, 0xc8, 0x1a, 0x1f, 0x2a, 0x62, 0xbc, 0x45, 0xf8, 0xd5, 0xc1, 0x91, 0x51, 0xba, 0xcd, 0xd5, 0xcb, 0x79, 0x8a, 0x3e}}, - {ETYPE_DES3_CBC_SHA1, {0x00, 0x00, 0x00, 0x01, 0x55}, 5, - {0xc1, 0x08, 0x16, 0x49, 0xad, 0xa7, 0x43, 0x62, 0xe6, 0xa1, 0x45, 0x9d, 0x01, 0xdf, 0xd3, 0x0d, 0x67, 0xc2, 0x23, 0x4c, 0x94, 0x07, 0x04, 0xda}, - {0x34, 0x80, 0x57, 0xec, 0x98, 0xfd, 0xc4, 0x80, 0x16, 0x16, 0x1c, 0x2a, 0x4c, 0x7a, 0x94, 0x3e, 0x92, 0xae, 0x49, 0x2c, 0x98, 0x91, 0x75, 0xf7}}, - {ETYPE_DES3_CBC_SHA1, {0x00, 0x00, 0x00, 0x01, 0xaa}, 5, - {0x5d, 0x15, 0x4a, 0xf2, 0x38, 0xf4, 0x67, 0x13, 0x15, 0x57, 0x19, 0xd5, 0x5e, 0x2f, 0x1f, 0x79, 0x0d, 0xd6, 0x61, 0xf2, 0x79, 0xa7, 0x91, 0x7c}, - {0xa8, 0x80, 0x8a, 0xc2, 0x67, 0xda, 0xda, 0x3d, 0xcb, 0xe9, 0xa7, 0xc8, 0x46, 0x26, 0xfb, 0xc7, 0x61, 0xc2, 0x94, 0xb0, 0x13, 0x15, 0xe5, 0xc1}}, - {ETYPE_DES3_CBC_SHA1, {0x00, 0x00, 0x00, 0x01, 0x55}, 5, - {0x79, 0x85, 0x62, 0xe0, 0x49, 0x85, 0x2f, 0x57, 0xdc, 0x8c, 0x34, 0x3b, 0xa1, 0x7f, 0x2c, 0xa1, 0xd9, 0x73, 0x94, 0xef, 0xc8, 0xad, 0xc4, 0x43}, - {0xc8, 0x13, 0xf8, 0x8a, 0x3b, 0xe3, 0xb3, 0x34, 0xf7, 0x54, 0x25, 0xce, 0x91, 0x75, 0xfb, 0xe3, 0xc8, 0x49, 0x3b, 0x89, 0xc8, 0x70, 0x3b, 0x49}}, - {ETYPE_DES3_CBC_SHA1, {0x00, 0x00, 0x00, 0x01, 0xaa}, 5, - {0x26, 0xdc, 0xe3, 0x34, 0xb5, 0x45, 0x29, 0x2f, 0x2f, 0xea, 0xb9, 0xa8, 0x70, 0x1a, 0x89, 0xa4, 0xb9, 0x9e, 0xb9, 0x94, 0x2c, 0xec, 0xd0, 0x16}, - {0xf4, 0x8f, 0xfd, 0x6e, 0x83, 0xf8, 0x3e, 0x73, 0x54, 0xe6, 0x94, 0xfd, 0x25, 0x2c, 0xf8, 0x3b, 0xfe, 0x58, 0xf7, 0xd5, 0xba, 0x37, 0xec, 0x5d}}, - {0} -}; - -int KRB5_LIB_FUNCTION -main(int argc, char **argv) -{ - struct testcase *t; - krb5_context context; - krb5_error_code ret; - int val = 0; - - ret = krb5_init_context (&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - for (t = tests; t->enctype != 0; ++t) { - krb5_keyblock key; - krb5_keyblock *dkey; - - key.keytype = KEYTYPE_DES3; - key.keyvalue.length = MAXSIZE; - key.keyvalue.data = t->key; - - ret = krb5_derive_key(context, &key, t->enctype, t->constant, - t->constant_len, &dkey); - if (ret) - krb5_err (context, 1, ret, "krb5_derive_key"); - if (memcmp (dkey->keyvalue.data, t->res, dkey->keyvalue.length) != 0) { - const unsigned char *p = dkey->keyvalue.data; - int i; - - printf ("derive_key failed\n"); - printf ("should be: "); - for (i = 0; i < dkey->keyvalue.length; ++i) - printf ("%02x", t->res[i]); - printf ("\nresult was: "); - for (i = 0; i < dkey->keyvalue.length; ++i) - printf ("%02x", p[i]); - printf ("\n"); - val = 1; - } - krb5_free_keyblock(context, dkey); - } - krb5_free_context(context); - - return val; -} diff --git a/crypto/heimdal/lib/krb5/digest.c b/crypto/heimdal/lib/krb5/digest.c deleted file mode 100644 index 6e612ed6bbb0..000000000000 --- a/crypto/heimdal/lib/krb5/digest.c +++ /dev/null @@ -1,1199 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -RCSID("$Id: digest.c 22156 2007-12-04 20:02:49Z lha $"); -#include "digest_asn1.h" - -struct krb5_digest_data { - char *cbtype; - char *cbbinding; - - DigestInit init; - DigestInitReply initReply; - DigestRequest request; - DigestResponse response; -}; - -krb5_error_code -krb5_digest_alloc(krb5_context context, krb5_digest *digest) -{ - krb5_digest d; - - d = calloc(1, sizeof(*d)); - if (d == NULL) { - *digest = NULL; - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - *digest = d; - - return 0; -} - -void -krb5_digest_free(krb5_digest digest) -{ - if (digest == NULL) - return; - free_DigestInit(&digest->init); - free_DigestInitReply(&digest->initReply); - free_DigestRequest(&digest->request); - free_DigestResponse(&digest->response); - memset(digest, 0, sizeof(*digest)); - free(digest); - return; -} - -krb5_error_code -krb5_digest_set_server_cb(krb5_context context, - krb5_digest digest, - const char *type, - const char *binding) -{ - if (digest->init.channel) { - krb5_set_error_string(context, "server channel binding already set"); - return EINVAL; - } - digest->init.channel = calloc(1, sizeof(*digest->init.channel)); - if (digest->init.channel == NULL) - goto error; - - digest->init.channel->cb_type = strdup(type); - if (digest->init.channel->cb_type == NULL) - goto error; - - digest->init.channel->cb_binding = strdup(binding); - if (digest->init.channel->cb_binding == NULL) - goto error; - return 0; -error: - if (digest->init.channel) { - free(digest->init.channel->cb_type); - free(digest->init.channel->cb_binding); - free(digest->init.channel); - digest->init.channel = NULL; - } - krb5_set_error_string(context, "out of memory"); - return ENOMEM; -} - -krb5_error_code -krb5_digest_set_type(krb5_context context, - krb5_digest digest, - const char *type) -{ - if (digest->init.type) { - krb5_set_error_string(context, "client type already set"); - return EINVAL; - } - digest->init.type = strdup(type); - if (digest->init.type == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - return 0; -} - -krb5_error_code -krb5_digest_set_hostname(krb5_context context, - krb5_digest digest, - const char *hostname) -{ - if (digest->init.hostname) { - krb5_set_error_string(context, "server hostname already set"); - return EINVAL; - } - digest->init.hostname = malloc(sizeof(*digest->init.hostname)); - if (digest->init.hostname == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - *digest->init.hostname = strdup(hostname); - if (*digest->init.hostname == NULL) { - krb5_set_error_string(context, "out of memory"); - free(digest->init.hostname); - digest->init.hostname = NULL; - return ENOMEM; - } - return 0; -} - -const char * -krb5_digest_get_server_nonce(krb5_context context, - krb5_digest digest) -{ - return digest->initReply.nonce; -} - -krb5_error_code -krb5_digest_set_server_nonce(krb5_context context, - krb5_digest digest, - const char *nonce) -{ - if (digest->request.serverNonce) { - krb5_set_error_string(context, "nonce already set"); - return EINVAL; - } - digest->request.serverNonce = strdup(nonce); - if (digest->request.serverNonce == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - return 0; -} - -const char * -krb5_digest_get_opaque(krb5_context context, - krb5_digest digest) -{ - return digest->initReply.opaque; -} - -krb5_error_code -krb5_digest_set_opaque(krb5_context context, - krb5_digest digest, - const char *opaque) -{ - if (digest->request.opaque) { - krb5_set_error_string(context, "opaque already set"); - return EINVAL; - } - digest->request.opaque = strdup(opaque); - if (digest->request.opaque == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - return 0; -} - -const char * -krb5_digest_get_identifier(krb5_context context, - krb5_digest digest) -{ - if (digest->initReply.identifier == NULL) - return NULL; - return *digest->initReply.identifier; -} - -krb5_error_code -krb5_digest_set_identifier(krb5_context context, - krb5_digest digest, - const char *id) -{ - if (digest->request.identifier) { - krb5_set_error_string(context, "identifier already set"); - return EINVAL; - } - digest->request.identifier = calloc(1, sizeof(*digest->request.identifier)); - if (digest->request.identifier == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - *digest->request.identifier = strdup(id); - if (*digest->request.identifier == NULL) { - krb5_set_error_string(context, "out of memory"); - free(digest->request.identifier); - digest->request.identifier = NULL; - return ENOMEM; - } - return 0; -} - -static krb5_error_code -digest_request(krb5_context context, - krb5_realm realm, - krb5_ccache ccache, - krb5_key_usage usage, - const DigestReqInner *ireq, - DigestRepInner *irep) -{ - DigestREQ req; - DigestREP rep; - krb5_error_code ret; - krb5_data data, data2; - size_t size; - krb5_crypto crypto = NULL; - krb5_auth_context ac = NULL; - krb5_principal principal = NULL; - krb5_ccache id = NULL; - krb5_realm r = NULL; - - krb5_data_zero(&data); - krb5_data_zero(&data2); - memset(&req, 0, sizeof(req)); - memset(&rep, 0, sizeof(rep)); - - if (ccache == NULL) { - ret = krb5_cc_default(context, &id); - if (ret) - goto out; - } else - id = ccache; - - if (realm == NULL) { - ret = krb5_get_default_realm(context, &r); - if (ret) - goto out; - } else - r = realm; - - /* - * - */ - - ret = krb5_make_principal(context, &principal, - r, KRB5_DIGEST_NAME, r, NULL); - if (ret) - goto out; - - ASN1_MALLOC_ENCODE(DigestReqInner, data.data, data.length, - ireq, &size, ret); - if (ret) { - krb5_set_error_string(context, - "Failed to encode digest inner request"); - goto out; - } - if (size != data.length) - krb5_abortx(context, "ASN.1 internal encoder error"); - - ret = krb5_mk_req_exact(context, &ac, - AP_OPTS_USE_SUBKEY|AP_OPTS_MUTUAL_REQUIRED, - principal, NULL, id, &req.apReq); - if (ret) - goto out; - - { - krb5_keyblock *key; - - ret = krb5_auth_con_getlocalsubkey(context, ac, &key); - if (ret) - goto out; - if (key == NULL) { - krb5_set_error_string(context, "Digest failed to get local subkey"); - ret = EINVAL; - goto out; - } - - ret = krb5_crypto_init(context, key, 0, &crypto); - krb5_free_keyblock (context, key); - if (ret) - goto out; - } - - ret = krb5_encrypt_EncryptedData(context, crypto, usage, - data.data, data.length, 0, - &req.innerReq); - if (ret) - goto out; - - krb5_data_free(&data); - - ASN1_MALLOC_ENCODE(DigestREQ, data.data, data.length, - &req, &size, ret); - if (ret) { - krb5_set_error_string(context, "Failed to encode DigestREQest"); - goto out; - } - if (size != data.length) - krb5_abortx(context, "ASN.1 internal encoder error"); - - ret = krb5_sendto_kdc(context, &data, &r, &data2); - if (ret) - goto out; - - ret = decode_DigestREP(data2.data, data2.length, &rep, NULL); - if (ret) { - krb5_set_error_string(context, "Failed to parse digest response"); - goto out; - } - - { - krb5_ap_rep_enc_part *repl; - - ret = krb5_rd_rep(context, ac, &rep.apRep, &repl); - if (ret) - goto out; - - krb5_free_ap_rep_enc_part(context, repl); - } - { - krb5_keyblock *key; - - ret = krb5_auth_con_getremotesubkey(context, ac, &key); - if (ret) - goto out; - if (key == NULL) { - ret = EINVAL; - krb5_set_error_string(context, - "Digest reply have no remote subkey"); - goto out; - } - - krb5_crypto_destroy(context, crypto); - ret = krb5_crypto_init(context, key, 0, &crypto); - krb5_free_keyblock (context, key); - if (ret) - goto out; - } - - krb5_data_free(&data); - ret = krb5_decrypt_EncryptedData(context, crypto, usage, - &rep.innerRep, &data); - if (ret) - goto out; - - ret = decode_DigestRepInner(data.data, data.length, irep, NULL); - if (ret) { - krb5_set_error_string(context, "Failed to decode digest inner reply"); - goto out; - } - -out: - if (ccache == NULL && id) - krb5_cc_close(context, id); - if (realm == NULL && r) - free(r); - if (crypto) - krb5_crypto_destroy(context, crypto); - if (ac) - krb5_auth_con_free(context, ac); - if (principal) - krb5_free_principal(context, principal); - - krb5_data_free(&data); - krb5_data_free(&data2); - - free_DigestREQ(&req); - free_DigestREP(&rep); - - return ret; -} - -krb5_error_code -krb5_digest_init_request(krb5_context context, - krb5_digest digest, - krb5_realm realm, - krb5_ccache ccache) -{ - DigestReqInner ireq; - DigestRepInner irep; - krb5_error_code ret; - - memset(&ireq, 0, sizeof(ireq)); - memset(&irep, 0, sizeof(irep)); - - if (digest->init.type == NULL) { - krb5_set_error_string(context, "Type missing from init req"); - return EINVAL; - } - - ireq.element = choice_DigestReqInner_init; - ireq.u.init = digest->init; - - ret = digest_request(context, realm, ccache, - KRB5_KU_DIGEST_ENCRYPT, &ireq, &irep); - if (ret) - goto out; - - if (irep.element == choice_DigestRepInner_error) { - krb5_set_error_string(context, "Digest init error: %s", - irep.u.error.reason); - ret = irep.u.error.code; - goto out; - } - - if (irep.element != choice_DigestRepInner_initReply) { - krb5_set_error_string(context, "digest reply not an initReply"); - ret = EINVAL; - goto out; - } - - ret = copy_DigestInitReply(&irep.u.initReply, &digest->initReply); - if (ret) { - krb5_set_error_string(context, "Failed to copy initReply"); - goto out; - } - -out: - free_DigestRepInner(&irep); - - return ret; -} - - -krb5_error_code -krb5_digest_set_client_nonce(krb5_context context, - krb5_digest digest, - const char *nonce) -{ - if (digest->request.clientNonce) { - krb5_set_error_string(context, "clientNonce already set"); - return EINVAL; - } - digest->request.clientNonce = - calloc(1, sizeof(*digest->request.clientNonce)); - if (digest->request.clientNonce == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - *digest->request.clientNonce = strdup(nonce); - if (*digest->request.clientNonce == NULL) { - krb5_set_error_string(context, "out of memory"); - free(digest->request.clientNonce); - digest->request.clientNonce = NULL; - return ENOMEM; - } - return 0; -} - -krb5_error_code -krb5_digest_set_digest(krb5_context context, - krb5_digest digest, - const char *dgst) -{ - if (digest->request.digest) { - krb5_set_error_string(context, "digest already set"); - return EINVAL; - } - digest->request.digest = strdup(dgst); - if (digest->request.digest == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - return 0; -} - -krb5_error_code -krb5_digest_set_username(krb5_context context, - krb5_digest digest, - const char *username) -{ - if (digest->request.username) { - krb5_set_error_string(context, "username already set"); - return EINVAL; - } - digest->request.username = strdup(username); - if (digest->request.username == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - return 0; -} - -krb5_error_code -krb5_digest_set_authid(krb5_context context, - krb5_digest digest, - const char *authid) -{ - if (digest->request.authid) { - krb5_set_error_string(context, "authid already set"); - return EINVAL; - } - digest->request.authid = malloc(sizeof(*digest->request.authid)); - if (digest->request.authid == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - *digest->request.authid = strdup(authid); - if (*digest->request.authid == NULL) { - krb5_set_error_string(context, "out of memory"); - free(digest->request.authid); - digest->request.authid = NULL; - return ENOMEM; - } - return 0; -} - -krb5_error_code -krb5_digest_set_authentication_user(krb5_context context, - krb5_digest digest, - krb5_principal authentication_user) -{ - krb5_error_code ret; - - if (digest->request.authentication_user) { - krb5_set_error_string(context, "authentication_user already set"); - return EINVAL; - } - ret = krb5_copy_principal(context, - authentication_user, - &digest->request.authentication_user); - if (digest->request.authentication_user == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - return 0; -} - -krb5_error_code -krb5_digest_set_realm(krb5_context context, - krb5_digest digest, - const char *realm) -{ - if (digest->request.realm) { - krb5_set_error_string(context, "realm already set"); - return EINVAL; - } - digest->request.realm = malloc(sizeof(*digest->request.realm)); - if (digest->request.realm == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - *digest->request.realm = strdup(realm); - if (*digest->request.realm == NULL) { - krb5_set_error_string(context, "out of memory"); - free(digest->request.realm); - digest->request.realm = NULL; - return ENOMEM; - } - return 0; -} - -krb5_error_code -krb5_digest_set_method(krb5_context context, - krb5_digest digest, - const char *method) -{ - if (digest->request.method) { - krb5_set_error_string(context, "method already set"); - return EINVAL; - } - digest->request.method = malloc(sizeof(*digest->request.method)); - if (digest->request.method == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - *digest->request.method = strdup(method); - if (*digest->request.method == NULL) { - krb5_set_error_string(context, "out of memory"); - free(digest->request.method); - digest->request.method = NULL; - return ENOMEM; - } - return 0; -} - -krb5_error_code -krb5_digest_set_uri(krb5_context context, - krb5_digest digest, - const char *uri) -{ - if (digest->request.uri) { - krb5_set_error_string(context, "uri already set"); - return EINVAL; - } - digest->request.uri = malloc(sizeof(*digest->request.uri)); - if (digest->request.uri == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - *digest->request.uri = strdup(uri); - if (*digest->request.uri == NULL) { - krb5_set_error_string(context, "out of memory"); - free(digest->request.uri); - digest->request.uri = NULL; - return ENOMEM; - } - return 0; -} - -krb5_error_code -krb5_digest_set_nonceCount(krb5_context context, - krb5_digest digest, - const char *nonce_count) -{ - if (digest->request.nonceCount) { - krb5_set_error_string(context, "nonceCount already set"); - return EINVAL; - } - digest->request.nonceCount = - malloc(sizeof(*digest->request.nonceCount)); - if (digest->request.nonceCount == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - *digest->request.nonceCount = strdup(nonce_count); - if (*digest->request.nonceCount == NULL) { - krb5_set_error_string(context, "out of memory"); - free(digest->request.nonceCount); - digest->request.nonceCount = NULL; - return ENOMEM; - } - return 0; -} - -krb5_error_code -krb5_digest_set_qop(krb5_context context, - krb5_digest digest, - const char *qop) -{ - if (digest->request.qop) { - krb5_set_error_string(context, "qop already set"); - return EINVAL; - } - digest->request.qop = malloc(sizeof(*digest->request.qop)); - if (digest->request.qop == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - *digest->request.qop = strdup(qop); - if (*digest->request.qop == NULL) { - krb5_set_error_string(context, "out of memory"); - free(digest->request.qop); - digest->request.qop = NULL; - return ENOMEM; - } - return 0; -} - -int -krb5_digest_set_responseData(krb5_context context, - krb5_digest digest, - const char *response) -{ - digest->request.responseData = strdup(response); - if (digest->request.responseData == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - return 0; -} - -krb5_error_code -krb5_digest_request(krb5_context context, - krb5_digest digest, - krb5_realm realm, - krb5_ccache ccache) -{ - DigestReqInner ireq; - DigestRepInner irep; - krb5_error_code ret; - - memset(&ireq, 0, sizeof(ireq)); - memset(&irep, 0, sizeof(irep)); - - ireq.element = choice_DigestReqInner_digestRequest; - ireq.u.digestRequest = digest->request; - - if (digest->request.type == NULL) { - if (digest->init.type == NULL) { - krb5_set_error_string(context, "Type missing from req"); - return EINVAL; - } - ireq.u.digestRequest.type = digest->init.type; - } - - if (ireq.u.digestRequest.digest == NULL) - ireq.u.digestRequest.digest = "md5"; - - ret = digest_request(context, realm, ccache, - KRB5_KU_DIGEST_ENCRYPT, &ireq, &irep); - if (ret) - return ret; - - if (irep.element == choice_DigestRepInner_error) { - krb5_set_error_string(context, "Digest response error: %s", - irep.u.error.reason); - ret = irep.u.error.code; - goto out; - } - - if (irep.element != choice_DigestRepInner_response) { - krb5_set_error_string(context, "digest reply not an DigestResponse"); - ret = EINVAL; - goto out; - } - - ret = copy_DigestResponse(&irep.u.response, &digest->response); - if (ret) { - krb5_set_error_string(context, "Failed to copy initReply"); - goto out; - } - -out: - free_DigestRepInner(&irep); - - return ret; -} - -krb5_boolean -krb5_digest_rep_get_status(krb5_context context, - krb5_digest digest) -{ - return digest->response.success ? TRUE : FALSE; -} - -const char * -krb5_digest_get_rsp(krb5_context context, - krb5_digest digest) -{ - if (digest->response.rsp == NULL) - return NULL; - return *digest->response.rsp; -} - -krb5_error_code -krb5_digest_get_tickets(krb5_context context, - krb5_digest digest, - Ticket **tickets) -{ - *tickets = NULL; - return 0; -} - - -krb5_error_code -krb5_digest_get_client_binding(krb5_context context, - krb5_digest digest, - char **type, - char **binding) -{ - if (digest->response.channel) { - *type = strdup(digest->response.channel->cb_type); - *binding = strdup(digest->response.channel->cb_binding); - if (*type == NULL || *binding == NULL) { - free(*type); - free(*binding); - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - } else { - *type = NULL; - *binding = NULL; - } - return 0; -} - -krb5_error_code -krb5_digest_get_session_key(krb5_context context, - krb5_digest digest, - krb5_data *data) -{ - krb5_error_code ret; - - krb5_data_zero(data); - if (digest->response.session_key == NULL) - return 0; - ret = der_copy_octet_string(digest->response.session_key, data); - if (ret) - krb5_clear_error_string(context); - - return ret; -} - -struct krb5_ntlm_data { - NTLMInit init; - NTLMInitReply initReply; - NTLMRequest request; - NTLMResponse response; -}; - -krb5_error_code -krb5_ntlm_alloc(krb5_context context, - krb5_ntlm *ntlm) -{ - *ntlm = calloc(1, sizeof(**ntlm)); - if (*ntlm == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - return 0; -} - -krb5_error_code -krb5_ntlm_free(krb5_context context, krb5_ntlm ntlm) -{ - free_NTLMInit(&ntlm->init); - free_NTLMInitReply(&ntlm->initReply); - free_NTLMRequest(&ntlm->request); - free_NTLMResponse(&ntlm->response); - memset(ntlm, 0, sizeof(*ntlm)); - free(ntlm); - return 0; -} - - -krb5_error_code -krb5_ntlm_init_request(krb5_context context, - krb5_ntlm ntlm, - krb5_realm realm, - krb5_ccache ccache, - uint32_t flags, - const char *hostname, - const char *domainname) -{ - DigestReqInner ireq; - DigestRepInner irep; - krb5_error_code ret; - - memset(&ireq, 0, sizeof(ireq)); - memset(&irep, 0, sizeof(irep)); - - ntlm->init.flags = flags; - if (hostname) { - ALLOC(ntlm->init.hostname, 1); - *ntlm->init.hostname = strdup(hostname); - } - if (domainname) { - ALLOC(ntlm->init.domain, 1); - *ntlm->init.domain = strdup(domainname); - } - - ireq.element = choice_DigestReqInner_ntlmInit; - ireq.u.ntlmInit = ntlm->init; - - ret = digest_request(context, realm, ccache, - KRB5_KU_DIGEST_ENCRYPT, &ireq, &irep); - if (ret) - goto out; - - if (irep.element == choice_DigestRepInner_error) { - krb5_set_error_string(context, "Digest init error: %s", - irep.u.error.reason); - ret = irep.u.error.code; - goto out; - } - - if (irep.element != choice_DigestRepInner_ntlmInitReply) { - krb5_set_error_string(context, "ntlm reply not an initReply"); - ret = EINVAL; - goto out; - } - - ret = copy_NTLMInitReply(&irep.u.ntlmInitReply, &ntlm->initReply); - if (ret) { - krb5_set_error_string(context, "Failed to copy initReply"); - goto out; - } - -out: - free_DigestRepInner(&irep); - - return ret; -} - -krb5_error_code -krb5_ntlm_init_get_flags(krb5_context context, - krb5_ntlm ntlm, - uint32_t *flags) -{ - *flags = ntlm->initReply.flags; - return 0; -} - -krb5_error_code -krb5_ntlm_init_get_challange(krb5_context context, - krb5_ntlm ntlm, - krb5_data *challange) -{ - krb5_error_code ret; - - ret = der_copy_octet_string(&ntlm->initReply.challange, challange); - if (ret) - krb5_clear_error_string(context); - - return ret; -} - -krb5_error_code -krb5_ntlm_init_get_opaque(krb5_context context, - krb5_ntlm ntlm, - krb5_data *opaque) -{ - krb5_error_code ret; - - ret = der_copy_octet_string(&ntlm->initReply.opaque, opaque); - if (ret) - krb5_clear_error_string(context); - - return ret; -} - -krb5_error_code -krb5_ntlm_init_get_targetname(krb5_context context, - krb5_ntlm ntlm, - char **name) -{ - *name = strdup(ntlm->initReply.targetname); - if (*name == NULL) { - krb5_clear_error_string(context); - return ENOMEM; - } - return 0; -} - -krb5_error_code -krb5_ntlm_init_get_targetinfo(krb5_context context, - krb5_ntlm ntlm, - krb5_data *data) -{ - krb5_error_code ret; - - if (ntlm->initReply.targetinfo == NULL) { - krb5_data_zero(data); - return 0; - } - - ret = krb5_data_copy(data, - ntlm->initReply.targetinfo->data, - ntlm->initReply.targetinfo->length); - if (ret) { - krb5_clear_error_string(context); - return ret; - } - return 0; -} - - -krb5_error_code -krb5_ntlm_request(krb5_context context, - krb5_ntlm ntlm, - krb5_realm realm, - krb5_ccache ccache) -{ - DigestReqInner ireq; - DigestRepInner irep; - krb5_error_code ret; - - memset(&ireq, 0, sizeof(ireq)); - memset(&irep, 0, sizeof(irep)); - - ireq.element = choice_DigestReqInner_ntlmRequest; - ireq.u.ntlmRequest = ntlm->request; - - ret = digest_request(context, realm, ccache, - KRB5_KU_DIGEST_ENCRYPT, &ireq, &irep); - if (ret) - return ret; - - if (irep.element == choice_DigestRepInner_error) { - krb5_set_error_string(context, "NTLM response error: %s", - irep.u.error.reason); - ret = irep.u.error.code; - goto out; - } - - if (irep.element != choice_DigestRepInner_ntlmResponse) { - krb5_set_error_string(context, "NTLM reply not an NTLMResponse"); - ret = EINVAL; - goto out; - } - - ret = copy_NTLMResponse(&irep.u.ntlmResponse, &ntlm->response); - if (ret) { - krb5_set_error_string(context, "Failed to copy NTLMResponse"); - goto out; - } - -out: - free_DigestRepInner(&irep); - - return ret; -} - -krb5_error_code -krb5_ntlm_req_set_flags(krb5_context context, - krb5_ntlm ntlm, - uint32_t flags) -{ - ntlm->request.flags = flags; - return 0; -} - -krb5_error_code -krb5_ntlm_req_set_username(krb5_context context, - krb5_ntlm ntlm, - const char *username) -{ - ntlm->request.username = strdup(username); - if (ntlm->request.username == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - return 0; -} - -krb5_error_code -krb5_ntlm_req_set_targetname(krb5_context context, - krb5_ntlm ntlm, - const char *targetname) -{ - ntlm->request.targetname = strdup(targetname); - if (ntlm->request.targetname == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - return 0; -} - -krb5_error_code -krb5_ntlm_req_set_lm(krb5_context context, - krb5_ntlm ntlm, - void *hash, size_t len) -{ - ntlm->request.lm.data = malloc(len); - if (ntlm->request.lm.data == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - ntlm->request.lm.length = len; - memcpy(ntlm->request.lm.data, hash, len); - return 0; -} - -krb5_error_code -krb5_ntlm_req_set_ntlm(krb5_context context, - krb5_ntlm ntlm, - void *hash, size_t len) -{ - ntlm->request.ntlm.data = malloc(len); - if (ntlm->request.ntlm.data == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - ntlm->request.ntlm.length = len; - memcpy(ntlm->request.ntlm.data, hash, len); - return 0; -} - -krb5_error_code -krb5_ntlm_req_set_opaque(krb5_context context, - krb5_ntlm ntlm, - krb5_data *opaque) -{ - ntlm->request.opaque.data = malloc(opaque->length); - if (ntlm->request.opaque.data == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - ntlm->request.opaque.length = opaque->length; - memcpy(ntlm->request.opaque.data, opaque->data, opaque->length); - return 0; -} - -krb5_error_code -krb5_ntlm_req_set_session(krb5_context context, - krb5_ntlm ntlm, - void *sessionkey, size_t length) -{ - ntlm->request.sessionkey = calloc(1, sizeof(*ntlm->request.sessionkey)); - if (ntlm->request.sessionkey == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - ntlm->request.sessionkey->data = malloc(length); - if (ntlm->request.sessionkey->data == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - memcpy(ntlm->request.sessionkey->data, sessionkey, length); - ntlm->request.sessionkey->length = length; - return 0; -} - -krb5_boolean -krb5_ntlm_rep_get_status(krb5_context context, - krb5_ntlm ntlm) -{ - return ntlm->response.success ? TRUE : FALSE; -} - -krb5_error_code -krb5_ntlm_rep_get_sessionkey(krb5_context context, - krb5_ntlm ntlm, - krb5_data *data) -{ - if (ntlm->response.sessionkey == NULL) { - krb5_set_error_string(context, "no ntlm session key"); - return EINVAL; - } - krb5_clear_error_string(context); - return krb5_data_copy(data, - ntlm->response.sessionkey->data, - ntlm->response.sessionkey->length); -} - -/** - * Get the supported/allowed mechanism for this principal. - * - * @param context A Keberos context. - * @param realm The realm of the KDC. - * @param ccache The credential cache to use when talking to the KDC. - * @param flags The supported mechanism. - * - * @return Return an error code or 0. - * - * @ingroup krb5_digest - */ - -krb5_error_code -krb5_digest_probe(krb5_context context, - krb5_realm realm, - krb5_ccache ccache, - unsigned *flags) -{ - DigestReqInner ireq; - DigestRepInner irep; - krb5_error_code ret; - - memset(&ireq, 0, sizeof(ireq)); - memset(&irep, 0, sizeof(irep)); - - ireq.element = choice_DigestReqInner_supportedMechs; - - ret = digest_request(context, realm, ccache, - KRB5_KU_DIGEST_ENCRYPT, &ireq, &irep); - if (ret) - goto out; - - if (irep.element == choice_DigestRepInner_error) { - krb5_set_error_string(context, "Digest probe error: %s", - irep.u.error.reason); - ret = irep.u.error.code; - goto out; - } - - if (irep.element != choice_DigestRepInner_supportedMechs) { - krb5_set_error_string(context, "Digest reply not an probe"); - ret = EINVAL; - goto out; - } - - *flags = DigestTypes2int(irep.u.supportedMechs); - -out: - free_DigestRepInner(&irep); - - return ret; -} diff --git a/crypto/heimdal/lib/krb5/doxygen.c b/crypto/heimdal/lib/krb5/doxygen.c deleted file mode 100644 index b7c6f8fcfdd0..000000000000 --- a/crypto/heimdal/lib/krb5/doxygen.c +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -RCSID("$Id$"); - -/** - * - */ - -/*! \mainpage Heimdal Kerberos 5 library - * - * \section intro Introduction - * - * Heimdal libkrb5 library is a implementation of the Kerberos - * protocol. - * - * Kerberos is a system for authenticating users and services on a - * network. It is built upon the assumption that the network is - * ``unsafe''. For example, data sent over the network can be - * eavesdropped and altered, and addresses can also be faked. - * Therefore they cannot be used for authentication purposes. - * - * The project web page:\n - * http://www.h5l.org/ - * - */ - -/** @defgroup krb5 Heimdal Kerberos 5 library */ -/** @defgroup krb5_address Heimdal Kerberos 5 address functions */ -/** @defgroup krb5_ccache Heimdal Kerberos 5 credential cache functions */ -/** @defgroup krb5_credential Heimdal Kerberos 5 credential handing functions */ -/** @defgroup krb5_deprecated Heimdal Kerberos 5 deprecated functions */ -/** @defgroup krb5_digest Heimdal Kerberos 5 digest service */ -/** @defgroup krb5_error Heimdal Kerberos 5 error reporting functions */ -/** @defgroup krb5_v4compat Heimdal Kerberos 4 compatiblity functions */ -/** @defgroup krb5_support Heimdal Kerberos 5 support functions */ diff --git a/crypto/heimdal/lib/krb5/dump_config.c b/crypto/heimdal/lib/krb5/dump_config.c deleted file mode 100644 index 074595e2139c..000000000000 --- a/crypto/heimdal/lib/krb5/dump_config.c +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" - -RCSID("$Id: dump_config.c,v 1.2 1999/10/28 23:22:41 assar Exp $"); - -/* print contents of krb5.conf */ - -static void -print_tree(struct krb5_config_binding *b, int level) -{ - if (b == NULL) - return; - - printf("%*s%s%s%s", level * 4, "", - (level == 0) ? "[" : "", b->name, (level == 0) ? "]" : ""); - if(b->type == krb5_config_list) { - if(level > 0) - printf(" = {"); - printf("\n"); - print_tree(b->u.list, level + 1); - if(level > 0) - printf("%*s}\n", level * 4, ""); - } else if(b->type == krb5_config_string) { - printf(" = %s\n", b->u.string); - } - if(b->next) - print_tree(b->next, level); -} - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret = krb5_init_context(&context); - if(ret == 0) { - print_tree(context->cf, 0); - return 0; - } - return 1; -} diff --git a/crypto/heimdal/lib/krb5/eai_to_heim_errno.c b/crypto/heimdal/lib/krb5/eai_to_heim_errno.c deleted file mode 100644 index 19315cea8678..000000000000 --- a/crypto/heimdal/lib/krb5/eai_to_heim_errno.c +++ /dev/null @@ -1,114 +0,0 @@ -/* - * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: eai_to_heim_errno.c 22065 2007-11-11 16:41:06Z lha $"); - -/** - * Convert the getaddrinfo() error code to a Kerberos et error code. - * - * @param eai_errno contains the error code from getaddrinfo(). - * @param system_error should have the value of errno after the failed getaddrinfo(). - * - * @return Kerberos error code representing the EAI errors. - * - * @ingroup krb5_error - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_eai_to_heim_errno(int eai_errno, int system_error) -{ - switch(eai_errno) { - case EAI_NOERROR: - return 0; -#ifdef EAI_ADDRFAMILY - case EAI_ADDRFAMILY: - return HEIM_EAI_ADDRFAMILY; -#endif - case EAI_AGAIN: - return HEIM_EAI_AGAIN; - case EAI_BADFLAGS: - return HEIM_EAI_BADFLAGS; - case EAI_FAIL: - return HEIM_EAI_FAIL; - case EAI_FAMILY: - return HEIM_EAI_FAMILY; - case EAI_MEMORY: - return HEIM_EAI_MEMORY; -#if defined(EAI_NODATA) && EAI_NODATA != EAI_NONAME - case EAI_NODATA: - return HEIM_EAI_NODATA; -#endif - case EAI_NONAME: - return HEIM_EAI_NONAME; - case EAI_SERVICE: - return HEIM_EAI_SERVICE; - case EAI_SOCKTYPE: - return HEIM_EAI_SOCKTYPE; - case EAI_SYSTEM: - return system_error; - default: - return HEIM_EAI_UNKNOWN; /* XXX */ - } -} - -/** - * Convert the gethostname() error code (h_error) to a Kerberos et - * error code. - * - * @param eai_errno contains the error code from gethostname(). - * - * @return Kerberos error code representing the gethostname errors. - * - * @ingroup krb5_error - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_h_errno_to_heim_errno(int eai_errno) -{ - switch(eai_errno) { - case 0: - return 0; - case HOST_NOT_FOUND: - return HEIM_EAI_NONAME; - case TRY_AGAIN: - return HEIM_EAI_AGAIN; - case NO_RECOVERY: - return HEIM_EAI_FAIL; - case NO_DATA: - return HEIM_EAI_NONAME; - default: - return HEIM_EAI_UNKNOWN; /* XXX */ - } -} diff --git a/crypto/heimdal/lib/krb5/error_string.c b/crypto/heimdal/lib/krb5/error_string.c deleted file mode 100644 index ff6e98a3dcaf..000000000000 --- a/crypto/heimdal/lib/krb5/error_string.c +++ /dev/null @@ -1,155 +0,0 @@ -/* - * Copyright (c) 2001, 2003, 2005 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: error_string.c 22142 2007-12-04 16:56:02Z lha $"); - -#undef __attribute__ -#define __attribute__(X) - -void KRB5_LIB_FUNCTION -krb5_free_error_string(krb5_context context, char *str) -{ - HEIMDAL_MUTEX_lock(context->mutex); - if (str != context->error_buf) - free(str); - HEIMDAL_MUTEX_unlock(context->mutex); -} - -void KRB5_LIB_FUNCTION -krb5_clear_error_string(krb5_context context) -{ - HEIMDAL_MUTEX_lock(context->mutex); - if (context->error_string != NULL - && context->error_string != context->error_buf) - free(context->error_string); - context->error_string = NULL; - HEIMDAL_MUTEX_unlock(context->mutex); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_error_string(krb5_context context, const char *fmt, ...) - __attribute__((format (printf, 2, 3))) -{ - krb5_error_code ret; - va_list ap; - - va_start(ap, fmt); - ret = krb5_vset_error_string (context, fmt, ap); - va_end(ap); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_vset_error_string(krb5_context context, const char *fmt, va_list args) - __attribute__ ((format (printf, 2, 0))) -{ - krb5_clear_error_string(context); - HEIMDAL_MUTEX_lock(context->mutex); - vasprintf(&context->error_string, fmt, args); - if(context->error_string == NULL) { - vsnprintf (context->error_buf, sizeof(context->error_buf), fmt, args); - context->error_string = context->error_buf; - } - HEIMDAL_MUTEX_unlock(context->mutex); - return 0; -} - -/** - * Return the error message in context. On error or no error string, - * the function returns NULL. - * - * @param context Kerberos 5 context - * - * @return an error string, needs to be freed with - * krb5_free_error_string(). The functions return NULL on error. - * - * @ingroup krb5_error - */ - -char * KRB5_LIB_FUNCTION -krb5_get_error_string(krb5_context context) -{ - char *ret = NULL; - - HEIMDAL_MUTEX_lock(context->mutex); - if (context->error_string) - ret = strdup(context->error_string); - HEIMDAL_MUTEX_unlock(context->mutex); - return ret; -} - -krb5_boolean KRB5_LIB_FUNCTION -krb5_have_error_string(krb5_context context) -{ - char *str; - HEIMDAL_MUTEX_lock(context->mutex); - str = context->error_string; - HEIMDAL_MUTEX_unlock(context->mutex); - return str != NULL; -} - -/** - * Return the error message for `code' in context. On error the - * function returns NULL. - * - * @param context Kerberos 5 context - * @param code Error code related to the error - * - * @return an error string, needs to be freed with - * krb5_free_error_string(). The functions return NULL on error. - * - * @ingroup krb5_error - */ - -char * KRB5_LIB_FUNCTION -krb5_get_error_message(krb5_context context, krb5_error_code code) -{ - const char *cstr; - char *str; - - str = krb5_get_error_string(context); - if (str) - return str; - - cstr = krb5_get_err_text(context, code); - if (cstr) - return strdup(cstr); - - if (asprintf(&str, "", code) == -1) - return NULL; - - return str; -} - diff --git a/crypto/heimdal/lib/krb5/expand_hostname.c b/crypto/heimdal/lib/krb5/expand_hostname.c deleted file mode 100644 index 28e39afb42f7..000000000000 --- a/crypto/heimdal/lib/krb5/expand_hostname.c +++ /dev/null @@ -1,160 +0,0 @@ -/* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: expand_hostname.c 22229 2007-12-08 21:40:59Z lha $"); - -static krb5_error_code -copy_hostname(krb5_context context, - const char *orig_hostname, - char **new_hostname) -{ - *new_hostname = strdup (orig_hostname); - if (*new_hostname == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - strlwr (*new_hostname); - return 0; -} - -/* - * Try to make `orig_hostname' into a more canonical one in the newly - * allocated space returned in `new_hostname'. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_expand_hostname (krb5_context context, - const char *orig_hostname, - char **new_hostname) -{ - struct addrinfo *ai, *a, hints; - int error; - - if ((context->flags & KRB5_CTX_F_DNS_CANONICALIZE_HOSTNAME) == 0) - return copy_hostname (context, orig_hostname, new_hostname); - - memset (&hints, 0, sizeof(hints)); - hints.ai_flags = AI_CANONNAME; - - error = getaddrinfo (orig_hostname, NULL, &hints, &ai); - if (error) - return copy_hostname (context, orig_hostname, new_hostname); - for (a = ai; a != NULL; a = a->ai_next) { - if (a->ai_canonname != NULL) { - *new_hostname = strdup (a->ai_canonname); - freeaddrinfo (ai); - if (*new_hostname == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } else { - return 0; - } - } - } - freeaddrinfo (ai); - return copy_hostname (context, orig_hostname, new_hostname); -} - -/* - * handle the case of the hostname being unresolvable and thus identical - */ - -static krb5_error_code -vanilla_hostname (krb5_context context, - const char *orig_hostname, - char **new_hostname, - char ***realms) -{ - krb5_error_code ret; - - ret = copy_hostname (context, orig_hostname, new_hostname); - if (ret) - return ret; - strlwr (*new_hostname); - - ret = krb5_get_host_realm (context, *new_hostname, realms); - if (ret) { - free (*new_hostname); - return ret; - } - return 0; -} - -/* - * expand `hostname' to a name we believe to be a hostname in newly - * allocated space in `host' and return realms in `realms'. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_expand_hostname_realms (krb5_context context, - const char *orig_hostname, - char **new_hostname, - char ***realms) -{ - struct addrinfo *ai, *a, hints; - int error; - krb5_error_code ret = 0; - - if ((context->flags & KRB5_CTX_F_DNS_CANONICALIZE_HOSTNAME) == 0) - return vanilla_hostname (context, orig_hostname, new_hostname, - realms); - - memset (&hints, 0, sizeof(hints)); - hints.ai_flags = AI_CANONNAME; - - error = getaddrinfo (orig_hostname, NULL, &hints, &ai); - if (error) - return vanilla_hostname (context, orig_hostname, new_hostname, - realms); - - for (a = ai; a != NULL; a = a->ai_next) { - if (a->ai_canonname != NULL) { - ret = copy_hostname (context, a->ai_canonname, new_hostname); - if (ret) { - freeaddrinfo (ai); - return ret; - } - strlwr (*new_hostname); - ret = krb5_get_host_realm (context, *new_hostname, realms); - if (ret == 0) { - freeaddrinfo (ai); - return 0; - } - free (*new_hostname); - } - } - freeaddrinfo(ai); - return vanilla_hostname (context, orig_hostname, new_hostname, realms); -} diff --git a/crypto/heimdal/lib/krb5/fcache.c b/crypto/heimdal/lib/krb5/fcache.c deleted file mode 100644 index 3857b58bf675..000000000000 --- a/crypto/heimdal/lib/krb5/fcache.c +++ /dev/null @@ -1,881 +0,0 @@ -/* - * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: fcache.c 22522 2008-01-24 11:56:25Z lha $"); - -typedef struct krb5_fcache{ - char *filename; - int version; -}krb5_fcache; - -struct fcc_cursor { - int fd; - krb5_storage *sp; -}; - -#define KRB5_FCC_FVNO_1 1 -#define KRB5_FCC_FVNO_2 2 -#define KRB5_FCC_FVNO_3 3 -#define KRB5_FCC_FVNO_4 4 - -#define FCC_TAG_DELTATIME 1 - -#define FCACHE(X) ((krb5_fcache*)(X)->data.data) - -#define FILENAME(X) (FCACHE(X)->filename) - -#define FCC_CURSOR(C) ((struct fcc_cursor*)(C)) - -static const char* -fcc_get_name(krb5_context context, - krb5_ccache id) -{ - return FILENAME(id); -} - -int -_krb5_xlock(krb5_context context, int fd, krb5_boolean exclusive, - const char *filename) -{ - int ret; -#ifdef HAVE_FCNTL - struct flock l; - - l.l_start = 0; - l.l_len = 0; - l.l_type = exclusive ? F_WRLCK : F_RDLCK; - l.l_whence = SEEK_SET; - ret = fcntl(fd, F_SETLKW, &l); -#else - ret = flock(fd, exclusive ? LOCK_EX : LOCK_SH); -#endif - if(ret < 0) - ret = errno; - if(ret == EACCES) /* fcntl can return EACCES instead of EAGAIN */ - ret = EAGAIN; - - switch (ret) { - case 0: - break; - case EINVAL: /* filesystem doesn't support locking, let the user have it */ - ret = 0; - break; - case EAGAIN: - krb5_set_error_string(context, "timed out locking cache file %s", - filename); - break; - default: - krb5_set_error_string(context, "error locking cache file %s: %s", - filename, strerror(ret)); - break; - } - return ret; -} - -int -_krb5_xunlock(krb5_context context, int fd) -{ - int ret; -#ifdef HAVE_FCNTL - struct flock l; - l.l_start = 0; - l.l_len = 0; - l.l_type = F_UNLCK; - l.l_whence = SEEK_SET; - ret = fcntl(fd, F_SETLKW, &l); -#else - ret = flock(fd, LOCK_UN); -#endif - if (ret < 0) - ret = errno; - switch (ret) { - case 0: - break; - case EINVAL: /* filesystem doesn't support locking, let the user have it */ - ret = 0; - break; - default: - krb5_set_error_string(context, - "Failed to unlock file: %s", strerror(ret)); - break; - } - return ret; -} - -static krb5_error_code -fcc_lock(krb5_context context, krb5_ccache id, - int fd, krb5_boolean exclusive) -{ - return _krb5_xlock(context, fd, exclusive, fcc_get_name(context, id)); -} - -static krb5_error_code -fcc_unlock(krb5_context context, int fd) -{ - return _krb5_xunlock(context, fd); -} - -static krb5_error_code -fcc_resolve(krb5_context context, krb5_ccache *id, const char *res) -{ - krb5_fcache *f; - f = malloc(sizeof(*f)); - if(f == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return KRB5_CC_NOMEM; - } - f->filename = strdup(res); - if(f->filename == NULL){ - free(f); - krb5_set_error_string(context, "malloc: out of memory"); - return KRB5_CC_NOMEM; - } - f->version = 0; - (*id)->data.data = f; - (*id)->data.length = sizeof(*f); - return 0; -} - -/* - * Try to scrub the contents of `filename' safely. - */ - -static int -scrub_file (int fd) -{ - off_t pos; - char buf[128]; - - pos = lseek(fd, 0, SEEK_END); - if (pos < 0) - return errno; - if (lseek(fd, 0, SEEK_SET) < 0) - return errno; - memset(buf, 0, sizeof(buf)); - while(pos > 0) { - ssize_t tmp = write(fd, buf, min(sizeof(buf), pos)); - - if (tmp < 0) - return errno; - pos -= tmp; - } - fsync (fd); - return 0; -} - -/* - * Erase `filename' if it exists, trying to remove the contents if - * it's `safe'. We always try to remove the file, it it exists. It's - * only overwritten if it's a regular file (not a symlink and not a - * hardlink) - */ - -static krb5_error_code -erase_file(const char *filename) -{ - int fd; - struct stat sb1, sb2; - int ret; - - ret = lstat (filename, &sb1); - if (ret < 0) - return errno; - - fd = open(filename, O_RDWR | O_BINARY); - if(fd < 0) { - if(errno == ENOENT) - return 0; - else - return errno; - } - if (unlink(filename) < 0) { - close (fd); - return errno; - } - ret = fstat (fd, &sb2); - if (ret < 0) { - close (fd); - return errno; - } - - /* check if someone was playing with symlinks */ - - if (sb1.st_dev != sb2.st_dev || sb1.st_ino != sb2.st_ino) { - close (fd); - return EPERM; - } - - /* there are still hard links to this file */ - - if (sb2.st_nlink != 0) { - close (fd); - return 0; - } - - ret = scrub_file (fd); - close (fd); - return ret; -} - -static krb5_error_code -fcc_gen_new(krb5_context context, krb5_ccache *id) -{ - krb5_fcache *f; - int fd; - char *file; - - f = malloc(sizeof(*f)); - if(f == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return KRB5_CC_NOMEM; - } - asprintf (&file, "%sXXXXXX", KRB5_DEFAULT_CCFILE_ROOT); - if(file == NULL) { - free(f); - krb5_set_error_string(context, "malloc: out of memory"); - return KRB5_CC_NOMEM; - } - fd = mkstemp(file); - if(fd < 0) { - int ret = errno; - krb5_set_error_string(context, "mkstemp %s", file); - free(f); - free(file); - return ret; - } - close(fd); - f->filename = file; - f->version = 0; - (*id)->data.data = f; - (*id)->data.length = sizeof(*f); - return 0; -} - -static void -storage_set_flags(krb5_context context, krb5_storage *sp, int vno) -{ - int flags = 0; - switch(vno) { - case KRB5_FCC_FVNO_1: - flags |= KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS; - flags |= KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE; - flags |= KRB5_STORAGE_HOST_BYTEORDER; - break; - case KRB5_FCC_FVNO_2: - flags |= KRB5_STORAGE_HOST_BYTEORDER; - break; - case KRB5_FCC_FVNO_3: - flags |= KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE; - break; - case KRB5_FCC_FVNO_4: - break; - default: - krb5_abortx(context, - "storage_set_flags called with bad vno (%x)", vno); - } - krb5_storage_set_flags(sp, flags); -} - -static krb5_error_code -fcc_open(krb5_context context, - krb5_ccache id, - int *fd_ret, - int flags, - mode_t mode) -{ - krb5_boolean exclusive = ((flags | O_WRONLY) == flags || - (flags | O_RDWR) == flags); - krb5_error_code ret; - const char *filename = FILENAME(id); - int fd; - fd = open(filename, flags, mode); - if(fd < 0) { - ret = errno; - krb5_set_error_string(context, "open(%s): %s", filename, - strerror(ret)); - return ret; - } - - if((ret = fcc_lock(context, id, fd, exclusive)) != 0) { - close(fd); - return ret; - } - *fd_ret = fd; - return 0; -} - -static krb5_error_code -fcc_initialize(krb5_context context, - krb5_ccache id, - krb5_principal primary_principal) -{ - krb5_fcache *f = FCACHE(id); - int ret = 0; - int fd; - char *filename = f->filename; - - unlink (filename); - - ret = fcc_open(context, id, &fd, O_RDWR | O_CREAT | O_EXCL | O_BINARY, 0600); - if(ret) - return ret; - { - krb5_storage *sp; - sp = krb5_storage_from_fd(fd); - krb5_storage_set_eof_code(sp, KRB5_CC_END); - if(context->fcache_vno != 0) - f->version = context->fcache_vno; - else - f->version = KRB5_FCC_FVNO_4; - ret |= krb5_store_int8(sp, 5); - ret |= krb5_store_int8(sp, f->version); - storage_set_flags(context, sp, f->version); - if(f->version == KRB5_FCC_FVNO_4 && ret == 0) { - /* V4 stuff */ - if (context->kdc_sec_offset) { - ret |= krb5_store_int16 (sp, 12); /* length */ - ret |= krb5_store_int16 (sp, FCC_TAG_DELTATIME); /* Tag */ - ret |= krb5_store_int16 (sp, 8); /* length of data */ - ret |= krb5_store_int32 (sp, context->kdc_sec_offset); - ret |= krb5_store_int32 (sp, context->kdc_usec_offset); - } else { - ret |= krb5_store_int16 (sp, 0); - } - } - ret |= krb5_store_principal(sp, primary_principal); - - krb5_storage_free(sp); - } - fcc_unlock(context, fd); - if (close(fd) < 0) - if (ret == 0) { - ret = errno; - krb5_set_error_string (context, "close %s: %s", - FILENAME(id), strerror(ret)); - } - return ret; -} - -static krb5_error_code -fcc_close(krb5_context context, - krb5_ccache id) -{ - free (FILENAME(id)); - krb5_data_free(&id->data); - return 0; -} - -static krb5_error_code -fcc_destroy(krb5_context context, - krb5_ccache id) -{ - erase_file(FILENAME(id)); - return 0; -} - -static krb5_error_code -fcc_store_cred(krb5_context context, - krb5_ccache id, - krb5_creds *creds) -{ - int ret; - int fd; - - ret = fcc_open(context, id, &fd, O_WRONLY | O_APPEND | O_BINARY, 0); - if(ret) - return ret; - { - krb5_storage *sp; - sp = krb5_storage_from_fd(fd); - krb5_storage_set_eof_code(sp, KRB5_CC_END); - storage_set_flags(context, sp, FCACHE(id)->version); - if (!krb5_config_get_bool_default(context, NULL, TRUE, - "libdefaults", - "fcc-mit-ticketflags", - NULL)) - krb5_storage_set_flags(sp, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER); - ret = krb5_store_creds(sp, creds); - krb5_storage_free(sp); - } - fcc_unlock(context, fd); - if (close(fd) < 0) - if (ret == 0) { - ret = errno; - krb5_set_error_string (context, "close %s: %s", - FILENAME(id), strerror(ret)); - } - return ret; -} - -static krb5_error_code -init_fcc (krb5_context context, - krb5_ccache id, - krb5_storage **ret_sp, - int *ret_fd) -{ - int fd; - int8_t pvno, tag; - krb5_storage *sp; - krb5_error_code ret; - - ret = fcc_open(context, id, &fd, O_RDONLY | O_BINARY, 0); - if(ret) - return ret; - - sp = krb5_storage_from_fd(fd); - if(sp == NULL) { - krb5_clear_error_string(context); - ret = ENOMEM; - goto out; - } - krb5_storage_set_eof_code(sp, KRB5_CC_END); - ret = krb5_ret_int8(sp, &pvno); - if(ret != 0) { - if(ret == KRB5_CC_END) { - krb5_set_error_string(context, "Empty credential cache file: %s", - FILENAME(id)); - ret = ENOENT; - } else - krb5_set_error_string(context, "Error reading pvno in " - "cache file: %s", FILENAME(id)); - goto out; - } - if(pvno != 5) { - krb5_set_error_string(context, "Bad version number in credential " - "cache file: %s", FILENAME(id)); - ret = KRB5_CCACHE_BADVNO; - goto out; - } - ret = krb5_ret_int8(sp, &tag); /* should not be host byte order */ - if(ret != 0) { - krb5_set_error_string(context, "Error reading tag in " - "cache file: %s", FILENAME(id)); - ret = KRB5_CC_FORMAT; - goto out; - } - FCACHE(id)->version = tag; - storage_set_flags(context, sp, FCACHE(id)->version); - switch (tag) { - case KRB5_FCC_FVNO_4: { - int16_t length; - - ret = krb5_ret_int16 (sp, &length); - if(ret) { - ret = KRB5_CC_FORMAT; - krb5_set_error_string(context, "Error reading tag length in " - "cache file: %s", FILENAME(id)); - goto out; - } - while(length > 0) { - int16_t dtag, data_len; - int i; - int8_t dummy; - - ret = krb5_ret_int16 (sp, &dtag); - if(ret) { - krb5_set_error_string(context, "Error reading dtag in " - "cache file: %s", FILENAME(id)); - ret = KRB5_CC_FORMAT; - goto out; - } - ret = krb5_ret_int16 (sp, &data_len); - if(ret) { - krb5_set_error_string(context, "Error reading dlength in " - "cache file: %s", FILENAME(id)); - ret = KRB5_CC_FORMAT; - goto out; - } - switch (dtag) { - case FCC_TAG_DELTATIME : - ret = krb5_ret_int32 (sp, &context->kdc_sec_offset); - if(ret) { - krb5_set_error_string(context, "Error reading kdc_sec in " - "cache file: %s", FILENAME(id)); - ret = KRB5_CC_FORMAT; - goto out; - } - ret = krb5_ret_int32 (sp, &context->kdc_usec_offset); - if(ret) { - krb5_set_error_string(context, "Error reading kdc_usec in " - "cache file: %s", FILENAME(id)); - ret = KRB5_CC_FORMAT; - goto out; - } - break; - default : - for (i = 0; i < data_len; ++i) { - ret = krb5_ret_int8 (sp, &dummy); - if(ret) { - krb5_set_error_string(context, "Error reading unknown " - "tag in cache file: %s", - FILENAME(id)); - ret = KRB5_CC_FORMAT; - goto out; - } - } - break; - } - length -= 4 + data_len; - } - break; - } - case KRB5_FCC_FVNO_3: - case KRB5_FCC_FVNO_2: - case KRB5_FCC_FVNO_1: - break; - default : - ret = KRB5_CCACHE_BADVNO; - krb5_set_error_string(context, "Unknown version number (%d) in " - "credential cache file: %s", - (int)tag, FILENAME(id)); - goto out; - } - *ret_sp = sp; - *ret_fd = fd; - - return 0; - out: - if(sp != NULL) - krb5_storage_free(sp); - fcc_unlock(context, fd); - close(fd); - return ret; -} - -static krb5_error_code -fcc_get_principal(krb5_context context, - krb5_ccache id, - krb5_principal *principal) -{ - krb5_error_code ret; - int fd; - krb5_storage *sp; - - ret = init_fcc (context, id, &sp, &fd); - if (ret) - return ret; - ret = krb5_ret_principal(sp, principal); - if (ret) - krb5_clear_error_string(context); - krb5_storage_free(sp); - fcc_unlock(context, fd); - close(fd); - return ret; -} - -static krb5_error_code -fcc_end_get (krb5_context context, - krb5_ccache id, - krb5_cc_cursor *cursor); - -static krb5_error_code -fcc_get_first (krb5_context context, - krb5_ccache id, - krb5_cc_cursor *cursor) -{ - krb5_error_code ret; - krb5_principal principal; - - *cursor = malloc(sizeof(struct fcc_cursor)); - if (*cursor == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - memset(*cursor, 0, sizeof(struct fcc_cursor)); - - ret = init_fcc (context, id, &FCC_CURSOR(*cursor)->sp, - &FCC_CURSOR(*cursor)->fd); - if (ret) { - free(*cursor); - *cursor = NULL; - return ret; - } - ret = krb5_ret_principal (FCC_CURSOR(*cursor)->sp, &principal); - if(ret) { - krb5_clear_error_string(context); - fcc_end_get(context, id, cursor); - return ret; - } - krb5_free_principal (context, principal); - fcc_unlock(context, FCC_CURSOR(*cursor)->fd); - return 0; -} - -static krb5_error_code -fcc_get_next (krb5_context context, - krb5_ccache id, - krb5_cc_cursor *cursor, - krb5_creds *creds) -{ - krb5_error_code ret; - if((ret = fcc_lock(context, id, FCC_CURSOR(*cursor)->fd, FALSE)) != 0) - return ret; - - ret = krb5_ret_creds(FCC_CURSOR(*cursor)->sp, creds); - if (ret) - krb5_clear_error_string(context); - - fcc_unlock(context, FCC_CURSOR(*cursor)->fd); - return ret; -} - -static krb5_error_code -fcc_end_get (krb5_context context, - krb5_ccache id, - krb5_cc_cursor *cursor) -{ - krb5_storage_free(FCC_CURSOR(*cursor)->sp); - close (FCC_CURSOR(*cursor)->fd); - free(*cursor); - *cursor = NULL; - return 0; -} - -static krb5_error_code -fcc_remove_cred(krb5_context context, - krb5_ccache id, - krb5_flags which, - krb5_creds *cred) -{ - krb5_error_code ret; - krb5_ccache copy; - - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, ©); - if (ret) - return ret; - - ret = krb5_cc_copy_cache(context, id, copy); - if (ret) { - krb5_cc_destroy(context, copy); - return ret; - } - - ret = krb5_cc_remove_cred(context, copy, which, cred); - if (ret) { - krb5_cc_destroy(context, copy); - return ret; - } - - fcc_destroy(context, id); - - ret = krb5_cc_copy_cache(context, copy, id); - krb5_cc_destroy(context, copy); - - return ret; -} - -static krb5_error_code -fcc_set_flags(krb5_context context, - krb5_ccache id, - krb5_flags flags) -{ - return 0; /* XXX */ -} - -static krb5_error_code -fcc_get_version(krb5_context context, - krb5_ccache id) -{ - return FCACHE(id)->version; -} - -struct fcache_iter { - int first; -}; - -static krb5_error_code -fcc_get_cache_first(krb5_context context, krb5_cc_cursor *cursor) -{ - struct fcache_iter *iter; - - iter = calloc(1, sizeof(*iter)); - if (iter == NULL) { - krb5_set_error_string(context, "malloc - out of memory"); - return ENOMEM; - } - iter->first = 1; - *cursor = iter; - return 0; -} - -static krb5_error_code -fcc_get_cache_next(krb5_context context, krb5_cc_cursor cursor, krb5_ccache *id) -{ - struct fcache_iter *iter = cursor; - krb5_error_code ret; - const char *fn; - char *expandedfn = NULL; - - if (!iter->first) { - krb5_clear_error_string(context); - return KRB5_CC_END; - } - iter->first = 0; - - fn = krb5_cc_default_name(context); - if (strncasecmp(fn, "FILE:", 5) != 0) { - ret = _krb5_expand_default_cc_name(context, - KRB5_DEFAULT_CCNAME_FILE, - &expandedfn); - if (ret) - return ret; - } - ret = krb5_cc_resolve(context, fn, id); - if (expandedfn) - free(expandedfn); - - return ret; -} - -static krb5_error_code -fcc_end_cache_get(krb5_context context, krb5_cc_cursor cursor) -{ - struct fcache_iter *iter = cursor; - free(iter); - return 0; -} - -static krb5_error_code -fcc_move(krb5_context context, krb5_ccache from, krb5_ccache to) -{ - krb5_error_code ret = 0; - - ret = rename(FILENAME(from), FILENAME(to)); - if (ret && errno != EXDEV) { - ret = errno; - krb5_set_error_string(context, - "Rename of file from %s to %s failed: %s", - FILENAME(from), FILENAME(to), - strerror(ret)); - return ret; - } else if (ret && errno == EXDEV) { - /* make a copy and delete the orignal */ - krb5_ssize_t sz1, sz2; - int fd1, fd2; - char buf[BUFSIZ]; - - ret = fcc_open(context, from, &fd1, O_RDONLY | O_BINARY, 0); - if(ret) - return ret; - - unlink(FILENAME(to)); - - ret = fcc_open(context, to, &fd2, - O_WRONLY | O_CREAT | O_EXCL | O_BINARY, 0600); - if(ret) - goto out1; - - while((sz1 = read(fd1, buf, sizeof(buf))) > 0) { - sz2 = write(fd2, buf, sz1); - if (sz1 != sz2) { - ret = EIO; - krb5_set_error_string(context, - "Failed to write data from one file " - "credential cache to the other"); - goto out2; - } - } - if (sz1 < 0) { - ret = EIO; - krb5_set_error_string(context, - "Failed to read data from one file " - "credential cache to the other"); - goto out2; - } - erase_file(FILENAME(from)); - - out2: - fcc_unlock(context, fd2); - close(fd2); - - out1: - fcc_unlock(context, fd1); - close(fd1); - - if (ret) { - erase_file(FILENAME(to)); - return ret; - } - } - - /* make sure ->version is uptodate */ - { - krb5_storage *sp; - int fd; - ret = init_fcc (context, to, &sp, &fd); - krb5_storage_free(sp); - fcc_unlock(context, fd); - close(fd); - } - return ret; -} - -static krb5_error_code -fcc_default_name(krb5_context context, char **str) -{ - return _krb5_expand_default_cc_name(context, - KRB5_DEFAULT_CCNAME_FILE, - str); -} - -/** - * Variable containing the FILE based credential cache implemention. - * - * @ingroup krb5_ccache - */ - -const krb5_cc_ops krb5_fcc_ops = { - "FILE", - fcc_get_name, - fcc_resolve, - fcc_gen_new, - fcc_initialize, - fcc_destroy, - fcc_close, - fcc_store_cred, - NULL, /* fcc_retrieve */ - fcc_get_principal, - fcc_get_first, - fcc_get_next, - fcc_end_get, - fcc_remove_cred, - fcc_set_flags, - fcc_get_version, - fcc_get_cache_first, - fcc_get_cache_next, - fcc_end_cache_get, - fcc_move, - fcc_default_name -}; diff --git a/crypto/heimdal/lib/krb5/free.c b/crypto/heimdal/lib/krb5/free.c deleted file mode 100644 index 1b0bd05412f2..000000000000 --- a/crypto/heimdal/lib/krb5/free.c +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright (c) 1997 - 1999, 2004 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: free.c 15175 2005-05-18 10:06:16Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_free_kdc_rep(krb5_context context, krb5_kdc_rep *rep) -{ - free_KDC_REP(&rep->kdc_rep); - free_EncTGSRepPart(&rep->enc_part); - free_KRB_ERROR(&rep->error); - memset(rep, 0, sizeof(*rep)); - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_xfree (void *ptr) -{ - free (ptr); - return 0; -} diff --git a/crypto/heimdal/lib/krb5/free_host_realm.c b/crypto/heimdal/lib/krb5/free_host_realm.c deleted file mode 100644 index 6b13ce7d0e04..000000000000 --- a/crypto/heimdal/lib/krb5/free_host_realm.c +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: free_host_realm.c 13863 2004-05-25 21:46:46Z lha $"); - -/* - * Free all memory allocated by `realmlist' - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_free_host_realm(krb5_context context, - krb5_realm *realmlist) -{ - krb5_realm *p; - - if(realmlist == NULL) - return 0; - for (p = realmlist; *p; ++p) - free (*p); - free (realmlist); - return 0; -} diff --git a/crypto/heimdal/lib/krb5/generate_seq_number.c b/crypto/heimdal/lib/krb5/generate_seq_number.c deleted file mode 100644 index 8a04f048c8c8..000000000000 --- a/crypto/heimdal/lib/krb5/generate_seq_number.c +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: generate_seq_number.c 17442 2006-05-05 09:31:15Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_generate_seq_number(krb5_context context, - const krb5_keyblock *key, - uint32_t *seqno) -{ - krb5_error_code ret; - krb5_keyblock *subkey; - uint32_t q; - u_char *p; - int i; - - ret = krb5_generate_subkey (context, key, &subkey); - if (ret) - return ret; - - q = 0; - for (p = (u_char *)subkey->keyvalue.data, i = 0; - i < subkey->keyvalue.length; - ++i, ++p) - q = (q << 8) | *p; - q &= 0xffffffff; - *seqno = q; - krb5_free_keyblock (context, subkey); - return 0; -} diff --git a/crypto/heimdal/lib/krb5/generate_subkey.c b/crypto/heimdal/lib/krb5/generate_subkey.c deleted file mode 100644 index fb99cbbf3f74..000000000000 --- a/crypto/heimdal/lib/krb5/generate_subkey.c +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: generate_subkey.c 14455 2005-01-05 02:39:21Z lukeh $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_generate_subkey(krb5_context context, - const krb5_keyblock *key, - krb5_keyblock **subkey) -{ - return krb5_generate_subkey_extended(context, key, key->keytype, subkey); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_generate_subkey_extended(krb5_context context, - const krb5_keyblock *key, - krb5_enctype etype, - krb5_keyblock **subkey) -{ - krb5_error_code ret; - - ALLOC(*subkey, 1); - if (*subkey == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - if (etype == ETYPE_NULL) - etype = key->keytype; /* use session key etype */ - - /* XXX should we use the session key as input to the RF? */ - ret = krb5_generate_random_keyblock(context, etype, *subkey); - if (ret != 0) { - free(*subkey); - *subkey = NULL; - } - - return ret; -} - diff --git a/crypto/heimdal/lib/krb5/get_addrs.c b/crypto/heimdal/lib/krb5/get_addrs.c deleted file mode 100644 index a7fd2ea84b1b..000000000000 --- a/crypto/heimdal/lib/krb5/get_addrs.c +++ /dev/null @@ -1,291 +0,0 @@ -/* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: get_addrs.c 13863 2004-05-25 21:46:46Z lha $"); - -#ifdef __osf__ -/* hate */ -struct rtentry; -struct mbuf; -#endif -#ifdef HAVE_NET_IF_H -#include -#endif -#include - -static krb5_error_code -gethostname_fallback (krb5_context context, krb5_addresses *res) -{ - krb5_error_code ret; - char hostname[MAXHOSTNAMELEN]; - struct hostent *hostent; - - if (gethostname (hostname, sizeof(hostname))) { - ret = errno; - krb5_set_error_string (context, "gethostname: %s", strerror(ret)); - return ret; - } - hostent = roken_gethostbyname (hostname); - if (hostent == NULL) { - ret = errno; - krb5_set_error_string (context, "gethostbyname %s: %s", - hostname, strerror(ret)); - return ret; - } - res->len = 1; - res->val = malloc (sizeof(*res->val)); - if (res->val == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - res->val[0].addr_type = hostent->h_addrtype; - res->val[0].address.data = NULL; - res->val[0].address.length = 0; - ret = krb5_data_copy (&res->val[0].address, - hostent->h_addr, - hostent->h_length); - if (ret) { - free (res->val); - return ret; - } - return 0; -} - -enum { - LOOP = 1, /* do include loopback interfaces */ - LOOP_IF_NONE = 2, /* include loopback if no other if's */ - EXTRA_ADDRESSES = 4, /* include extra addresses */ - SCAN_INTERFACES = 8 /* scan interfaces for addresses */ -}; - -/* - * Try to figure out the addresses of all configured interfaces with a - * lot of magic ioctls. - */ - -static krb5_error_code -find_all_addresses (krb5_context context, krb5_addresses *res, int flags) -{ - struct sockaddr sa_zero; - struct ifaddrs *ifa0, *ifa; - krb5_error_code ret = ENXIO; - int num, idx; - krb5_addresses ignore_addresses; - - res->val = NULL; - - if (getifaddrs(&ifa0) == -1) { - ret = errno; - krb5_set_error_string(context, "getifaddrs: %s", strerror(ret)); - return (ret); - } - - memset(&sa_zero, 0, sizeof(sa_zero)); - - /* First, count all the ifaddrs. */ - for (ifa = ifa0, num = 0; ifa != NULL; ifa = ifa->ifa_next, num++) - /* nothing */; - - if (num == 0) { - freeifaddrs(ifa0); - krb5_set_error_string(context, "no addresses found"); - return (ENXIO); - } - - if (flags & EXTRA_ADDRESSES) { - /* we'll remove the addresses we don't care about */ - ret = krb5_get_ignore_addresses(context, &ignore_addresses); - if(ret) - return ret; - } - - /* Allocate storage for them. */ - res->val = calloc(num, sizeof(*res->val)); - if (res->val == NULL) { - krb5_free_addresses(context, &ignore_addresses); - freeifaddrs(ifa0); - krb5_set_error_string (context, "malloc: out of memory"); - return (ENOMEM); - } - - /* Now traverse the list. */ - for (ifa = ifa0, idx = 0; ifa != NULL; ifa = ifa->ifa_next) { - if ((ifa->ifa_flags & IFF_UP) == 0) - continue; - if (ifa->ifa_addr == NULL) - continue; - if (memcmp(ifa->ifa_addr, &sa_zero, sizeof(sa_zero)) == 0) - continue; - if (krb5_sockaddr_uninteresting(ifa->ifa_addr)) - continue; - if ((ifa->ifa_flags & IFF_LOOPBACK) != 0) { - /* We'll deal with the LOOP_IF_NONE case later. */ - if ((flags & LOOP) == 0) - continue; - } - - ret = krb5_sockaddr2address(context, ifa->ifa_addr, &res->val[idx]); - if (ret) { - /* - * The most likely error here is going to be "Program - * lacks support for address type". This is no big - * deal -- just continue, and we'll listen on the - * addresses who's type we *do* support. - */ - continue; - } - /* possibly skip this address? */ - if((flags & EXTRA_ADDRESSES) && - krb5_address_search(context, &res->val[idx], &ignore_addresses)) { - krb5_free_address(context, &res->val[idx]); - flags &= ~LOOP_IF_NONE; /* we actually found an address, - so don't add any loop-back - addresses */ - continue; - } - - idx++; - } - - /* - * If no addresses were found, and LOOP_IF_NONE is set, then find - * the loopback addresses and add them to our list. - */ - if ((flags & LOOP_IF_NONE) != 0 && idx == 0) { - for (ifa = ifa0; ifa != NULL; ifa = ifa->ifa_next) { - if ((ifa->ifa_flags & IFF_UP) == 0) - continue; - if (ifa->ifa_addr == NULL) - continue; - if (memcmp(ifa->ifa_addr, &sa_zero, sizeof(sa_zero)) == 0) - continue; - if (krb5_sockaddr_uninteresting(ifa->ifa_addr)) - continue; - - if ((ifa->ifa_flags & IFF_LOOPBACK) != 0) { - ret = krb5_sockaddr2address(context, - ifa->ifa_addr, &res->val[idx]); - if (ret) { - /* - * See comment above. - */ - continue; - } - if((flags & EXTRA_ADDRESSES) && - krb5_address_search(context, &res->val[idx], - &ignore_addresses)) { - krb5_free_address(context, &res->val[idx]); - continue; - } - idx++; - } - } - } - - if (flags & EXTRA_ADDRESSES) - krb5_free_addresses(context, &ignore_addresses); - freeifaddrs(ifa0); - if (ret) - free(res->val); - else - res->len = idx; /* Now a count. */ - return (ret); -} - -static krb5_error_code -get_addrs_int (krb5_context context, krb5_addresses *res, int flags) -{ - krb5_error_code ret = -1; - - if (flags & SCAN_INTERFACES) { - ret = find_all_addresses (context, res, flags); - if(ret || res->len == 0) - ret = gethostname_fallback (context, res); - } else { - res->len = 0; - res->val = NULL; - ret = 0; - } - - if(ret == 0 && (flags & EXTRA_ADDRESSES)) { - krb5_addresses a; - /* append user specified addresses */ - ret = krb5_get_extra_addresses(context, &a); - if(ret) { - krb5_free_addresses(context, res); - return ret; - } - ret = krb5_append_addresses(context, res, &a); - if(ret) { - krb5_free_addresses(context, res); - return ret; - } - krb5_free_addresses(context, &a); - } - if(res->len == 0) { - free(res->val); - res->val = NULL; - } - return ret; -} - -/* - * Try to get all addresses, but return the one corresponding to - * `hostname' if we fail. - * - * Only include loopback address if there are no other. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_all_client_addrs (krb5_context context, krb5_addresses *res) -{ - int flags = LOOP_IF_NONE | EXTRA_ADDRESSES; - - if (context->scan_interfaces) - flags |= SCAN_INTERFACES; - - return get_addrs_int (context, res, flags); -} - -/* - * Try to get all local addresses that a server should listen to. - * If that fails, we return the address corresponding to `hostname'. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_all_server_addrs (krb5_context context, krb5_addresses *res) -{ - return get_addrs_int (context, res, LOOP | SCAN_INTERFACES); -} diff --git a/crypto/heimdal/lib/krb5/get_cred.c b/crypto/heimdal/lib/krb5/get_cred.c deleted file mode 100644 index ce0ec6d29283..000000000000 --- a/crypto/heimdal/lib/krb5/get_cred.c +++ /dev/null @@ -1,1277 +0,0 @@ -/* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: get_cred.c 21668 2007-07-22 11:28:05Z lha $"); - -/* - * Take the `body' and encode it into `padata' using the credentials - * in `creds'. - */ - -static krb5_error_code -make_pa_tgs_req(krb5_context context, - krb5_auth_context ac, - KDC_REQ_BODY *body, - PA_DATA *padata, - krb5_creds *creds, - krb5_key_usage usage) -{ - u_char *buf; - size_t buf_size; - size_t len; - krb5_data in_data; - krb5_error_code ret; - - ASN1_MALLOC_ENCODE(KDC_REQ_BODY, buf, buf_size, body, &len, ret); - if (ret) - goto out; - if(buf_size != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - - in_data.length = len; - in_data.data = buf; - ret = _krb5_mk_req_internal(context, &ac, 0, &in_data, creds, - &padata->padata_value, - KRB5_KU_TGS_REQ_AUTH_CKSUM, - usage - /* KRB5_KU_TGS_REQ_AUTH */); - out: - free (buf); - if(ret) - return ret; - padata->padata_type = KRB5_PADATA_TGS_REQ; - return 0; -} - -/* - * Set the `enc-authorization-data' in `req_body' based on `authdata' - */ - -static krb5_error_code -set_auth_data (krb5_context context, - KDC_REQ_BODY *req_body, - krb5_authdata *authdata, - krb5_keyblock *key) -{ - if(authdata->len) { - size_t len, buf_size; - unsigned char *buf; - krb5_crypto crypto; - krb5_error_code ret; - - ASN1_MALLOC_ENCODE(AuthorizationData, buf, buf_size, authdata, - &len, ret); - if (ret) - return ret; - if (buf_size != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - - ALLOC(req_body->enc_authorization_data, 1); - if (req_body->enc_authorization_data == NULL) { - free (buf); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) { - free (buf); - free (req_body->enc_authorization_data); - req_body->enc_authorization_data = NULL; - return ret; - } - krb5_encrypt_EncryptedData(context, - crypto, - KRB5_KU_TGS_REQ_AUTH_DAT_SUBKEY, - /* KRB5_KU_TGS_REQ_AUTH_DAT_SESSION? */ - buf, - len, - 0, - req_body->enc_authorization_data); - free (buf); - krb5_crypto_destroy(context, crypto); - } else { - req_body->enc_authorization_data = NULL; - } - return 0; -} - -/* - * Create a tgs-req in `t' with `addresses', `flags', `second_ticket' - * (if not-NULL), `in_creds', `krbtgt', and returning the generated - * subkey in `subkey'. - */ - -static krb5_error_code -init_tgs_req (krb5_context context, - krb5_ccache ccache, - krb5_addresses *addresses, - krb5_kdc_flags flags, - Ticket *second_ticket, - krb5_creds *in_creds, - krb5_creds *krbtgt, - unsigned nonce, - const METHOD_DATA *padata, - krb5_keyblock **subkey, - TGS_REQ *t, - krb5_key_usage usage) -{ - krb5_error_code ret = 0; - - memset(t, 0, sizeof(*t)); - t->pvno = 5; - t->msg_type = krb_tgs_req; - if (in_creds->session.keytype) { - ALLOC_SEQ(&t->req_body.etype, 1); - if(t->req_body.etype.val == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto fail; - } - t->req_body.etype.val[0] = in_creds->session.keytype; - } else { - ret = krb5_init_etype(context, - &t->req_body.etype.len, - &t->req_body.etype.val, - NULL); - } - if (ret) - goto fail; - t->req_body.addresses = addresses; - t->req_body.kdc_options = flags.b; - ret = copy_Realm(&in_creds->server->realm, &t->req_body.realm); - if (ret) - goto fail; - ALLOC(t->req_body.sname, 1); - if (t->req_body.sname == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto fail; - } - - /* some versions of some code might require that the client be - present in TGS-REQs, but this is clearly against the spec */ - - ret = copy_PrincipalName(&in_creds->server->name, t->req_body.sname); - if (ret) - goto fail; - - /* req_body.till should be NULL if there is no endtime specified, - but old MIT code (like DCE secd) doesn't like that */ - ALLOC(t->req_body.till, 1); - if(t->req_body.till == NULL){ - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto fail; - } - *t->req_body.till = in_creds->times.endtime; - - t->req_body.nonce = nonce; - if(second_ticket){ - ALLOC(t->req_body.additional_tickets, 1); - if (t->req_body.additional_tickets == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto fail; - } - ALLOC_SEQ(t->req_body.additional_tickets, 1); - if (t->req_body.additional_tickets->val == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto fail; - } - ret = copy_Ticket(second_ticket, t->req_body.additional_tickets->val); - if (ret) - goto fail; - } - ALLOC(t->padata, 1); - if (t->padata == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto fail; - } - ALLOC_SEQ(t->padata, 1 + padata->len); - if (t->padata->val == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto fail; - } - { - int i; - for (i = 0; i < padata->len; i++) { - ret = copy_PA_DATA(&padata->val[i], &t->padata->val[i + 1]); - if (ret) { - krb5_set_error_string(context, "malloc: out of memory"); - goto fail; - } - } - } - - { - krb5_auth_context ac; - krb5_keyblock *key = NULL; - - ret = krb5_auth_con_init(context, &ac); - if(ret) - goto fail; - - if (krb5_config_get_bool_default(context, NULL, FALSE, - "realms", - krbtgt->server->realm, - "tgs_require_subkey", - NULL)) - { - ret = krb5_generate_subkey (context, &krbtgt->session, &key); - if (ret) { - krb5_auth_con_free (context, ac); - goto fail; - } - - ret = krb5_auth_con_setlocalsubkey(context, ac, key); - if (ret) { - if (key) - krb5_free_keyblock (context, key); - krb5_auth_con_free (context, ac); - goto fail; - } - } - - ret = set_auth_data (context, &t->req_body, &in_creds->authdata, - key ? key : &krbtgt->session); - if (ret) { - if (key) - krb5_free_keyblock (context, key); - krb5_auth_con_free (context, ac); - goto fail; - } - - ret = make_pa_tgs_req(context, - ac, - &t->req_body, - &t->padata->val[0], - krbtgt, - usage); - if(ret) { - if (key) - krb5_free_keyblock (context, key); - krb5_auth_con_free(context, ac); - goto fail; - } - *subkey = key; - - krb5_auth_con_free(context, ac); - } -fail: - if (ret) { - t->req_body.addresses = NULL; - free_TGS_REQ (t); - } - return ret; -} - -krb5_error_code -_krb5_get_krbtgt(krb5_context context, - krb5_ccache id, - krb5_realm realm, - krb5_creds **cred) -{ - krb5_error_code ret; - krb5_creds tmp_cred; - - memset(&tmp_cred, 0, sizeof(tmp_cred)); - - ret = krb5_cc_get_principal(context, id, &tmp_cred.client); - if (ret) - return ret; - - ret = krb5_make_principal(context, - &tmp_cred.server, - realm, - KRB5_TGS_NAME, - realm, - NULL); - if(ret) { - krb5_free_principal(context, tmp_cred.client); - return ret; - } - ret = krb5_get_credentials(context, - KRB5_GC_CACHED, - id, - &tmp_cred, - cred); - krb5_free_principal(context, tmp_cred.client); - krb5_free_principal(context, tmp_cred.server); - if(ret) - return ret; - return 0; -} - -/* DCE compatible decrypt proc */ -static krb5_error_code -decrypt_tkt_with_subkey (krb5_context context, - krb5_keyblock *key, - krb5_key_usage usage, - krb5_const_pointer subkey, - krb5_kdc_rep *dec_rep) -{ - krb5_error_code ret; - krb5_data data; - size_t size; - krb5_crypto crypto; - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) - return ret; - ret = krb5_decrypt_EncryptedData (context, - crypto, - usage, - &dec_rep->kdc_rep.enc_part, - &data); - krb5_crypto_destroy(context, crypto); - if(ret && subkey){ - /* DCE compat -- try to decrypt with subkey */ - ret = krb5_crypto_init(context, subkey, 0, &crypto); - if (ret) - return ret; - ret = krb5_decrypt_EncryptedData (context, - crypto, - KRB5_KU_TGS_REP_ENC_PART_SUB_KEY, - &dec_rep->kdc_rep.enc_part, - &data); - krb5_crypto_destroy(context, crypto); - } - if (ret) - return ret; - - ret = krb5_decode_EncASRepPart(context, - data.data, - data.length, - &dec_rep->enc_part, - &size); - if (ret) - ret = krb5_decode_EncTGSRepPart(context, - data.data, - data.length, - &dec_rep->enc_part, - &size); - krb5_data_free (&data); - return ret; -} - -static krb5_error_code -get_cred_kdc_usage(krb5_context context, - krb5_ccache id, - krb5_kdc_flags flags, - krb5_addresses *addresses, - krb5_creds *in_creds, - krb5_creds *krbtgt, - krb5_principal impersonate_principal, - Ticket *second_ticket, - krb5_creds *out_creds, - krb5_key_usage usage) -{ - TGS_REQ req; - krb5_data enc; - krb5_data resp; - krb5_kdc_rep rep; - KRB_ERROR error; - krb5_error_code ret; - unsigned nonce; - krb5_keyblock *subkey = NULL; - size_t len; - Ticket second_ticket_data; - METHOD_DATA padata; - - krb5_data_zero(&resp); - krb5_data_zero(&enc); - padata.val = NULL; - padata.len = 0; - - krb5_generate_random_block(&nonce, sizeof(nonce)); - nonce &= 0xffffffff; - - if(flags.b.enc_tkt_in_skey && second_ticket == NULL){ - ret = decode_Ticket(in_creds->second_ticket.data, - in_creds->second_ticket.length, - &second_ticket_data, &len); - if(ret) - return ret; - second_ticket = &second_ticket_data; - } - - - if (impersonate_principal) { - krb5_crypto crypto; - PA_S4U2Self self; - krb5_data data; - void *buf; - size_t size; - - self.name = impersonate_principal->name; - self.realm = impersonate_principal->realm; - self.auth = estrdup("Kerberos"); - - ret = _krb5_s4u2self_to_checksumdata(context, &self, &data); - if (ret) { - free(self.auth); - goto out; - } - - ret = krb5_crypto_init(context, &krbtgt->session, 0, &crypto); - if (ret) { - free(self.auth); - krb5_data_free(&data); - goto out; - } - - ret = krb5_create_checksum(context, - crypto, - KRB5_KU_OTHER_CKSUM, - 0, - data.data, - data.length, - &self.cksum); - krb5_crypto_destroy(context, crypto); - krb5_data_free(&data); - if (ret) { - free(self.auth); - goto out; - } - - ASN1_MALLOC_ENCODE(PA_S4U2Self, buf, len, &self, &size, ret); - free(self.auth); - free_Checksum(&self.cksum); - if (ret) - goto out; - if (len != size) - krb5_abortx(context, "internal asn1 error"); - - ret = krb5_padata_add(context, &padata, KRB5_PADATA_S4U2SELF, buf, len); - if (ret) - goto out; - } - - ret = init_tgs_req (context, - id, - addresses, - flags, - second_ticket, - in_creds, - krbtgt, - nonce, - &padata, - &subkey, - &req, - usage); - if (ret) - goto out; - - ASN1_MALLOC_ENCODE(TGS_REQ, enc.data, enc.length, &req, &len, ret); - if (ret) - goto out; - if(enc.length != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - - /* don't free addresses */ - req.req_body.addresses = NULL; - free_TGS_REQ(&req); - - /* - * Send and receive - */ - { - krb5_sendto_ctx stctx; - ret = krb5_sendto_ctx_alloc(context, &stctx); - if (ret) - return ret; - krb5_sendto_ctx_set_func(stctx, _krb5_kdc_retry, NULL); - - ret = krb5_sendto_context (context, stctx, &enc, - krbtgt->server->name.name_string.val[1], - &resp); - krb5_sendto_ctx_free(context, stctx); - } - if(ret) - goto out; - - memset(&rep, 0, sizeof(rep)); - if(decode_TGS_REP(resp.data, resp.length, &rep.kdc_rep, &len) == 0){ - ret = krb5_copy_principal(context, - in_creds->client, - &out_creds->client); - if(ret) - goto out; - ret = krb5_copy_principal(context, - in_creds->server, - &out_creds->server); - if(ret) - goto out; - /* this should go someplace else */ - out_creds->times.endtime = in_creds->times.endtime; - - ret = _krb5_extract_ticket(context, - &rep, - out_creds, - &krbtgt->session, - NULL, - KRB5_KU_TGS_REP_ENC_PART_SESSION, - &krbtgt->addresses, - nonce, - EXTRACT_TICKET_ALLOW_CNAME_MISMATCH| - EXTRACT_TICKET_ALLOW_SERVER_MISMATCH, - decrypt_tkt_with_subkey, - subkey); - krb5_free_kdc_rep(context, &rep); - } else if(krb5_rd_error(context, &resp, &error) == 0) { - ret = krb5_error_from_rd_error(context, &error, in_creds); - krb5_free_error_contents(context, &error); - } else if(resp.data && ((char*)resp.data)[0] == 4) { - ret = KRB5KRB_AP_ERR_V4_REPLY; - krb5_clear_error_string(context); - } else { - ret = KRB5KRB_AP_ERR_MSG_TYPE; - krb5_clear_error_string(context); - } - -out: - if (second_ticket == &second_ticket_data) - free_Ticket(&second_ticket_data); - free_METHOD_DATA(&padata); - krb5_data_free(&resp); - krb5_data_free(&enc); - if(subkey){ - krb5_free_keyblock_contents(context, subkey); - free(subkey); - } - return ret; - -} - -static krb5_error_code -get_cred_kdc(krb5_context context, - krb5_ccache id, - krb5_kdc_flags flags, - krb5_addresses *addresses, - krb5_creds *in_creds, - krb5_creds *krbtgt, - krb5_principal impersonate_principal, - Ticket *second_ticket, - krb5_creds *out_creds) -{ - krb5_error_code ret; - - ret = get_cred_kdc_usage(context, id, flags, addresses, in_creds, - krbtgt, impersonate_principal, second_ticket, - out_creds, KRB5_KU_TGS_REQ_AUTH); - if (ret == KRB5KRB_AP_ERR_BAD_INTEGRITY) { - krb5_clear_error_string (context); - ret = get_cred_kdc_usage(context, id, flags, addresses, in_creds, - krbtgt, impersonate_principal, second_ticket, - out_creds, KRB5_KU_AP_REQ_AUTH); - } - return ret; -} - -/* same as above, just get local addresses first */ - -static krb5_error_code -get_cred_kdc_la(krb5_context context, krb5_ccache id, krb5_kdc_flags flags, - krb5_creds *in_creds, krb5_creds *krbtgt, - krb5_principal impersonate_principal, Ticket *second_ticket, - krb5_creds *out_creds) -{ - krb5_error_code ret; - krb5_addresses addresses, *addrs = &addresses; - - krb5_get_all_client_addrs(context, &addresses); - /* XXX this sucks. */ - if(addresses.len == 0) - addrs = NULL; - ret = get_cred_kdc(context, id, flags, addrs, - in_creds, krbtgt, impersonate_principal, second_ticket, - out_creds); - krb5_free_addresses(context, &addresses); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_kdc_cred(krb5_context context, - krb5_ccache id, - krb5_kdc_flags flags, - krb5_addresses *addresses, - Ticket *second_ticket, - krb5_creds *in_creds, - krb5_creds **out_creds - ) -{ - krb5_error_code ret; - krb5_creds *krbtgt; - - *out_creds = calloc(1, sizeof(**out_creds)); - if(*out_creds == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - ret = _krb5_get_krbtgt (context, - id, - in_creds->server->realm, - &krbtgt); - if(ret) { - free(*out_creds); - return ret; - } - ret = get_cred_kdc(context, id, flags, addresses, - in_creds, krbtgt, NULL, NULL, *out_creds); - krb5_free_creds (context, krbtgt); - if(ret) - free(*out_creds); - return ret; -} - -static void -not_found(krb5_context context, krb5_const_principal p) -{ - krb5_error_code ret; - char *str; - - ret = krb5_unparse_name(context, p, &str); - if(ret) { - krb5_clear_error_string(context); - return; - } - krb5_set_error_string(context, "Matching credential (%s) not found", str); - free(str); -} - -static krb5_error_code -find_cred(krb5_context context, - krb5_ccache id, - krb5_principal server, - krb5_creds **tgts, - krb5_creds *out_creds) -{ - krb5_error_code ret; - krb5_creds mcreds; - - krb5_cc_clear_mcred(&mcreds); - mcreds.server = server; - ret = krb5_cc_retrieve_cred(context, id, KRB5_TC_DONT_MATCH_REALM, - &mcreds, out_creds); - if(ret == 0) - return 0; - while(tgts && *tgts){ - if(krb5_compare_creds(context, KRB5_TC_DONT_MATCH_REALM, - &mcreds, *tgts)){ - ret = krb5_copy_creds_contents(context, *tgts, out_creds); - return ret; - } - tgts++; - } - not_found(context, server); - return KRB5_CC_NOTFOUND; -} - -static krb5_error_code -add_cred(krb5_context context, krb5_creds ***tgts, krb5_creds *tkt) -{ - int i; - krb5_error_code ret; - krb5_creds **tmp = *tgts; - - for(i = 0; tmp && tmp[i]; i++); /* XXX */ - tmp = realloc(tmp, (i+2)*sizeof(*tmp)); - if(tmp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - *tgts = tmp; - ret = krb5_copy_creds(context, tkt, &tmp[i]); - tmp[i+1] = NULL; - return ret; -} - -/* -get_cred(server) - creds = cc_get_cred(server) - if(creds) return creds - tgt = cc_get_cred(krbtgt/server_realm@any_realm) - if(tgt) - return get_cred_tgt(server, tgt) - if(client_realm == server_realm) - return NULL - tgt = get_cred(krbtgt/server_realm@client_realm) - while(tgt_inst != server_realm) - tgt = get_cred(krbtgt/server_realm@tgt_inst) - return get_cred_tgt(server, tgt) - */ - -static krb5_error_code -get_cred_from_kdc_flags(krb5_context context, - krb5_kdc_flags flags, - krb5_ccache ccache, - krb5_creds *in_creds, - krb5_principal impersonate_principal, - Ticket *second_ticket, - krb5_creds **out_creds, - krb5_creds ***ret_tgts) -{ - krb5_error_code ret; - krb5_creds *tgt, tmp_creds; - krb5_const_realm client_realm, server_realm, try_realm; - - *out_creds = NULL; - - client_realm = krb5_principal_get_realm(context, in_creds->client); - server_realm = krb5_principal_get_realm(context, in_creds->server); - memset(&tmp_creds, 0, sizeof(tmp_creds)); - ret = krb5_copy_principal(context, in_creds->client, &tmp_creds.client); - if(ret) - return ret; - - try_realm = krb5_config_get_string(context, NULL, "capaths", - client_realm, server_realm, NULL); - -#if 1 - /* XXX remove in future release */ - if(try_realm == NULL) - try_realm = krb5_config_get_string(context, NULL, "libdefaults", - "capath", server_realm, NULL); -#endif - - if (try_realm == NULL) - try_realm = client_realm; - - ret = krb5_make_principal(context, - &tmp_creds.server, - try_realm, - KRB5_TGS_NAME, - server_realm, - NULL); - if(ret){ - krb5_free_principal(context, tmp_creds.client); - return ret; - } - { - krb5_creds tgts; - /* XXX try krb5_cc_retrieve_cred first? */ - ret = find_cred(context, ccache, tmp_creds.server, - *ret_tgts, &tgts); - if(ret == 0){ - *out_creds = calloc(1, sizeof(**out_creds)); - if(*out_creds == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - } else { - krb5_boolean noaddr; - - krb5_appdefault_boolean(context, NULL, tgts.server->realm, - "no-addresses", FALSE, &noaddr); - - if (noaddr) - ret = get_cred_kdc(context, ccache, flags, NULL, - in_creds, &tgts, - impersonate_principal, - second_ticket, - *out_creds); - else - ret = get_cred_kdc_la(context, ccache, flags, - in_creds, &tgts, - impersonate_principal, - second_ticket, - *out_creds); - if (ret) { - free (*out_creds); - *out_creds = NULL; - } - } - krb5_free_cred_contents(context, &tgts); - krb5_free_principal(context, tmp_creds.server); - krb5_free_principal(context, tmp_creds.client); - return ret; - } - } - if(krb5_realm_compare(context, in_creds->client, in_creds->server)) { - not_found(context, in_creds->server); - return KRB5_CC_NOTFOUND; - } - /* XXX this can loop forever */ - while(1){ - heim_general_string tgt_inst; - - ret = get_cred_from_kdc_flags(context, flags, ccache, &tmp_creds, - NULL, NULL, &tgt, ret_tgts); - if(ret) { - krb5_free_principal(context, tmp_creds.server); - krb5_free_principal(context, tmp_creds.client); - return ret; - } - ret = add_cred(context, ret_tgts, tgt); - if(ret) { - krb5_free_principal(context, tmp_creds.server); - krb5_free_principal(context, tmp_creds.client); - return ret; - } - tgt_inst = tgt->server->name.name_string.val[1]; - if(strcmp(tgt_inst, server_realm) == 0) - break; - krb5_free_principal(context, tmp_creds.server); - ret = krb5_make_principal(context, &tmp_creds.server, - tgt_inst, KRB5_TGS_NAME, server_realm, NULL); - if(ret) { - krb5_free_principal(context, tmp_creds.server); - krb5_free_principal(context, tmp_creds.client); - return ret; - } - ret = krb5_free_creds(context, tgt); - if(ret) { - krb5_free_principal(context, tmp_creds.server); - krb5_free_principal(context, tmp_creds.client); - return ret; - } - } - - krb5_free_principal(context, tmp_creds.server); - krb5_free_principal(context, tmp_creds.client); - *out_creds = calloc(1, sizeof(**out_creds)); - if(*out_creds == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - } else { - krb5_boolean noaddr; - - krb5_appdefault_boolean(context, NULL, tgt->server->realm, - "no-addresses", KRB5_ADDRESSLESS_DEFAULT, - &noaddr); - if (noaddr) - ret = get_cred_kdc (context, ccache, flags, NULL, - in_creds, tgt, NULL, NULL, - *out_creds); - else - ret = get_cred_kdc_la(context, ccache, flags, - in_creds, tgt, NULL, NULL, - *out_creds); - if (ret) { - free (*out_creds); - *out_creds = NULL; - } - } - krb5_free_creds(context, tgt); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_cred_from_kdc_opt(krb5_context context, - krb5_ccache ccache, - krb5_creds *in_creds, - krb5_creds **out_creds, - krb5_creds ***ret_tgts, - krb5_flags flags) -{ - krb5_kdc_flags f; - f.i = flags; - return get_cred_from_kdc_flags(context, f, ccache, - in_creds, NULL, NULL, - out_creds, ret_tgts); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_cred_from_kdc(krb5_context context, - krb5_ccache ccache, - krb5_creds *in_creds, - krb5_creds **out_creds, - krb5_creds ***ret_tgts) -{ - return krb5_get_cred_from_kdc_opt(context, ccache, - in_creds, out_creds, ret_tgts, 0); -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_credentials_with_flags(krb5_context context, - krb5_flags options, - krb5_kdc_flags flags, - krb5_ccache ccache, - krb5_creds *in_creds, - krb5_creds **out_creds) -{ - krb5_error_code ret; - krb5_creds **tgts; - krb5_creds *res_creds; - int i; - - *out_creds = NULL; - res_creds = calloc(1, sizeof(*res_creds)); - if (res_creds == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - if (in_creds->session.keytype) - options |= KRB5_TC_MATCH_KEYTYPE; - - /* - * If we got a credential, check if credential is expired before - * returning it. - */ - ret = krb5_cc_retrieve_cred(context, - ccache, - in_creds->session.keytype ? - KRB5_TC_MATCH_KEYTYPE : 0, - in_creds, res_creds); - /* - * If we got a credential, check if credential is expired before - * returning it, but only if KRB5_GC_EXPIRED_OK is not set. - */ - if (ret == 0) { - krb5_timestamp timeret; - - /* If expired ok, don't bother checking */ - if(options & KRB5_GC_EXPIRED_OK) { - *out_creds = res_creds; - return 0; - } - - krb5_timeofday(context, &timeret); - if(res_creds->times.endtime > timeret) { - *out_creds = res_creds; - return 0; - } - if(options & KRB5_GC_CACHED) - krb5_cc_remove_cred(context, ccache, 0, res_creds); - - } else if(ret != KRB5_CC_END) { - free(res_creds); - return ret; - } - free(res_creds); - if(options & KRB5_GC_CACHED) { - not_found(context, in_creds->server); - return KRB5_CC_NOTFOUND; - } - if(options & KRB5_GC_USER_USER) - flags.b.enc_tkt_in_skey = 1; - if (flags.b.enc_tkt_in_skey) - options |= KRB5_GC_NO_STORE; - - tgts = NULL; - ret = get_cred_from_kdc_flags(context, flags, ccache, - in_creds, NULL, NULL, out_creds, &tgts); - for(i = 0; tgts && tgts[i]; i++) { - krb5_cc_store_cred(context, ccache, tgts[i]); - krb5_free_creds(context, tgts[i]); - } - free(tgts); - if(ret == 0 && (options & KRB5_GC_NO_STORE) == 0) - krb5_cc_store_cred(context, ccache, *out_creds); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_credentials(krb5_context context, - krb5_flags options, - krb5_ccache ccache, - krb5_creds *in_creds, - krb5_creds **out_creds) -{ - krb5_kdc_flags flags; - flags.i = 0; - return krb5_get_credentials_with_flags(context, options, flags, - ccache, in_creds, out_creds); -} - -struct krb5_get_creds_opt_data { - krb5_principal self; - krb5_flags options; - krb5_enctype enctype; - Ticket *ticket; -}; - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_creds_opt_alloc(krb5_context context, krb5_get_creds_opt *opt) -{ - *opt = calloc(1, sizeof(**opt)); - if (*opt == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - return 0; -} - -void KRB5_LIB_FUNCTION -krb5_get_creds_opt_free(krb5_context context, krb5_get_creds_opt opt) -{ - if (opt->self) - krb5_free_principal(context, opt->self); - memset(opt, 0, sizeof(*opt)); - free(opt); -} - -void KRB5_LIB_FUNCTION -krb5_get_creds_opt_set_options(krb5_context context, - krb5_get_creds_opt opt, - krb5_flags options) -{ - opt->options = options; -} - -void KRB5_LIB_FUNCTION -krb5_get_creds_opt_add_options(krb5_context context, - krb5_get_creds_opt opt, - krb5_flags options) -{ - opt->options |= options; -} - -void KRB5_LIB_FUNCTION -krb5_get_creds_opt_set_enctype(krb5_context context, - krb5_get_creds_opt opt, - krb5_enctype enctype) -{ - opt->enctype = enctype; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_creds_opt_set_impersonate(krb5_context context, - krb5_get_creds_opt opt, - krb5_const_principal self) -{ - if (opt->self) - krb5_free_principal(context, opt->self); - return krb5_copy_principal(context, self, &opt->self); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_creds_opt_set_ticket(krb5_context context, - krb5_get_creds_opt opt, - const Ticket *ticket) -{ - if (opt->ticket) { - free_Ticket(opt->ticket); - free(opt->ticket); - opt->ticket = NULL; - } - if (ticket) { - krb5_error_code ret; - - opt->ticket = malloc(sizeof(*ticket)); - if (opt->ticket == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - ret = copy_Ticket(ticket, opt->ticket); - if (ret) { - free(opt->ticket); - opt->ticket = NULL; - krb5_set_error_string(context, "malloc: out of memory"); - return ret; - } - } - return 0; -} - - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_creds(krb5_context context, - krb5_get_creds_opt opt, - krb5_ccache ccache, - krb5_const_principal inprinc, - krb5_creds **out_creds) -{ - krb5_kdc_flags flags; - krb5_flags options; - krb5_creds in_creds; - krb5_error_code ret; - krb5_creds **tgts; - krb5_creds *res_creds; - int i; - - memset(&in_creds, 0, sizeof(in_creds)); - in_creds.server = rk_UNCONST(inprinc); - - ret = krb5_cc_get_principal(context, ccache, &in_creds.client); - if (ret) - return ret; - - options = opt->options; - flags.i = 0; - - *out_creds = NULL; - res_creds = calloc(1, sizeof(*res_creds)); - if (res_creds == NULL) { - krb5_free_principal(context, in_creds.client); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - if (opt->enctype) { - in_creds.session.keytype = opt->enctype; - options |= KRB5_TC_MATCH_KEYTYPE; - } - - /* - * If we got a credential, check if credential is expired before - * returning it. - */ - ret = krb5_cc_retrieve_cred(context, - ccache, - opt->enctype ? KRB5_TC_MATCH_KEYTYPE : 0, - &in_creds, res_creds); - /* - * If we got a credential, check if credential is expired before - * returning it, but only if KRB5_GC_EXPIRED_OK is not set. - */ - if (ret == 0) { - krb5_timestamp timeret; - - /* If expired ok, don't bother checking */ - if(options & KRB5_GC_EXPIRED_OK) { - *out_creds = res_creds; - krb5_free_principal(context, in_creds.client); - return 0; - } - - krb5_timeofday(context, &timeret); - if(res_creds->times.endtime > timeret) { - *out_creds = res_creds; - krb5_free_principal(context, in_creds.client); - return 0; - } - if(options & KRB5_GC_CACHED) - krb5_cc_remove_cred(context, ccache, 0, res_creds); - - } else if(ret != KRB5_CC_END) { - free(res_creds); - krb5_free_principal(context, in_creds.client); - return ret; - } - free(res_creds); - if(options & KRB5_GC_CACHED) { - not_found(context, in_creds.server); - krb5_free_principal(context, in_creds.client); - return KRB5_CC_NOTFOUND; - } - if(options & KRB5_GC_USER_USER) { - flags.b.enc_tkt_in_skey = 1; - options |= KRB5_GC_NO_STORE; - } - if (options & KRB5_GC_FORWARDABLE) - flags.b.forwardable = 1; - if (options & KRB5_GC_NO_TRANSIT_CHECK) - flags.b.disable_transited_check = 1; - if (options & KRB5_GC_CONSTRAINED_DELEGATION) { - flags.b.request_anonymous = 1; /* XXX ARGH confusion */ - flags.b.constrained_delegation = 1; - } - - tgts = NULL; - ret = get_cred_from_kdc_flags(context, flags, ccache, - &in_creds, opt->self, opt->ticket, - out_creds, &tgts); - krb5_free_principal(context, in_creds.client); - for(i = 0; tgts && tgts[i]; i++) { - krb5_cc_store_cred(context, ccache, tgts[i]); - krb5_free_creds(context, tgts[i]); - } - free(tgts); - if(ret == 0 && (options & KRB5_GC_NO_STORE) == 0) - krb5_cc_store_cred(context, ccache, *out_creds); - return ret; -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_renewed_creds(krb5_context context, - krb5_creds *creds, - krb5_const_principal client, - krb5_ccache ccache, - const char *in_tkt_service) -{ - krb5_error_code ret; - krb5_kdc_flags flags; - krb5_creds in, *template, *out = NULL; - - memset(&in, 0, sizeof(in)); - memset(creds, 0, sizeof(*creds)); - - ret = krb5_copy_principal(context, client, &in.client); - if (ret) - return ret; - - if (in_tkt_service) { - ret = krb5_parse_name(context, in_tkt_service, &in.server); - if (ret) { - krb5_free_principal(context, in.client); - return ret; - } - } else { - const char *realm = krb5_principal_get_realm(context, client); - - ret = krb5_make_principal(context, &in.server, realm, KRB5_TGS_NAME, - realm, NULL); - if (ret) { - krb5_free_principal(context, in.client); - return ret; - } - } - - flags.i = 0; - flags.b.renewable = flags.b.renew = 1; - - /* - * Get template from old credential cache for the same entry, if - * this failes, no worries. - */ - ret = krb5_get_credentials(context, KRB5_GC_CACHED, ccache, &in, &template); - if (ret == 0) { - flags.b.forwardable = template->flags.b.forwardable; - flags.b.proxiable = template->flags.b.proxiable; - krb5_free_creds (context, template); - } - - ret = krb5_get_kdc_cred(context, ccache, flags, NULL, NULL, &in, &out); - krb5_free_principal(context, in.client); - krb5_free_principal(context, in.server); - if (ret) - return ret; - - ret = krb5_copy_creds_contents(context, out, creds); - krb5_free_creds(context, out); - - return ret; -} diff --git a/crypto/heimdal/lib/krb5/get_default_principal.c b/crypto/heimdal/lib/krb5/get_default_principal.c deleted file mode 100644 index 83fb2b0fa984..000000000000 --- a/crypto/heimdal/lib/krb5/get_default_principal.c +++ /dev/null @@ -1,115 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: get_default_principal.c 14870 2005-04-20 20:53:29Z lha $"); - -/* - * Try to find out what's a reasonable default principal. - */ - -static const char* -get_env_user(void) -{ - const char *user = getenv("USER"); - if(user == NULL) - user = getenv("LOGNAME"); - if(user == NULL) - user = getenv("USERNAME"); - return user; -} - -/* - * Will only use operating-system dependant operation to get the - * default principal, for use of functions that in ccache layer to - * avoid recursive calls. - */ - -krb5_error_code -_krb5_get_default_principal_local (krb5_context context, - krb5_principal *princ) -{ - krb5_error_code ret; - const char *user; - uid_t uid; - - *princ = NULL; - - uid = getuid(); - if(uid == 0) { - user = getlogin(); - if(user == NULL) - user = get_env_user(); - if(user != NULL && strcmp(user, "root") != 0) - ret = krb5_make_principal(context, princ, NULL, user, "root", NULL); - else - ret = krb5_make_principal(context, princ, NULL, "root", NULL); - } else { - struct passwd *pw = getpwuid(uid); - if(pw != NULL) - user = pw->pw_name; - else { - user = get_env_user(); - if(user == NULL) - user = getlogin(); - } - if(user == NULL) { - krb5_set_error_string(context, - "unable to figure out current principal"); - return ENOTTY; /* XXX */ - } - ret = krb5_make_principal(context, princ, NULL, user, NULL); - } - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_default_principal (krb5_context context, - krb5_principal *princ) -{ - krb5_error_code ret; - krb5_ccache id; - - *princ = NULL; - - ret = krb5_cc_default (context, &id); - if (ret == 0) { - ret = krb5_cc_get_principal (context, id, princ); - krb5_cc_close (context, id); - if (ret == 0) - return 0; - } - - return _krb5_get_default_principal_local(context, princ); -} diff --git a/crypto/heimdal/lib/krb5/get_default_realm.c b/crypto/heimdal/lib/krb5/get_default_realm.c deleted file mode 100644 index 09c8577b2601..000000000000 --- a/crypto/heimdal/lib/krb5/get_default_realm.c +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Copyright (c) 1997 - 2001, 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: get_default_realm.c 13863 2004-05-25 21:46:46Z lha $"); - -/* - * Return a NULL-terminated list of default realms in `realms'. - * Free this memory with krb5_free_host_realm. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_default_realms (krb5_context context, - krb5_realm **realms) -{ - if (context->default_realms == NULL) { - krb5_error_code ret = krb5_set_default_realm (context, NULL); - if (ret) - return KRB5_CONFIG_NODEFREALM; - } - - return krb5_copy_host_realm (context, - context->default_realms, - realms); -} - -/* - * Return the first default realm. For compatibility. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_default_realm(krb5_context context, - krb5_realm *realm) -{ - krb5_error_code ret; - char *res; - - if (context->default_realms == NULL - || context->default_realms[0] == NULL) { - krb5_clear_error_string(context); - ret = krb5_set_default_realm (context, NULL); - if (ret) - return ret; - } - - res = strdup (context->default_realms[0]); - if (res == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - *realm = res; - return 0; -} diff --git a/crypto/heimdal/lib/krb5/get_for_creds.c b/crypto/heimdal/lib/krb5/get_for_creds.c deleted file mode 100644 index cb8b7c8641a6..000000000000 --- a/crypto/heimdal/lib/krb5/get_for_creds.c +++ /dev/null @@ -1,460 +0,0 @@ -/* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: get_for_creds.c 22504 2008-01-21 15:49:58Z lha $"); - -static krb5_error_code -add_addrs(krb5_context context, - krb5_addresses *addr, - struct addrinfo *ai) -{ - krb5_error_code ret; - unsigned n, i; - void *tmp; - struct addrinfo *a; - - n = 0; - for (a = ai; a != NULL; a = a->ai_next) - ++n; - - tmp = realloc(addr->val, (addr->len + n) * sizeof(*addr->val)); - if (tmp == NULL && (addr->len + n) != 0) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto fail; - } - addr->val = tmp; - for (i = addr->len; i < (addr->len + n); ++i) { - addr->val[i].addr_type = 0; - krb5_data_zero(&addr->val[i].address); - } - i = addr->len; - for (a = ai; a != NULL; a = a->ai_next) { - krb5_address ad; - - ret = krb5_sockaddr2address (context, a->ai_addr, &ad); - if (ret == 0) { - if (krb5_address_search(context, &ad, addr)) - krb5_free_address(context, &ad); - else - addr->val[i++] = ad; - } - else if (ret == KRB5_PROG_ATYPE_NOSUPP) - krb5_clear_error_string (context); - else - goto fail; - addr->len = i; - } - return 0; -fail: - krb5_free_addresses (context, addr); - return ret; -} - -/** - * Forward credentials for client to host hostname , making them - * forwardable if forwardable, and returning the blob of data to sent - * in out_data. If hostname == NULL, pick it from server. - * - * @param context A kerberos 5 context. - * @param auth_context the auth context with the key to encrypt the out_data. - * @param hostname the host to forward the tickets too. - * @param client the client to delegate from. - * @param server the server to delegate the credential too. - * @param ccache credential cache to use. - * @param forwardable make the forwarded ticket forwabledable. - * @param out_data the resulting credential. - * - * @return Return an error code or 0. - * - * @ingroup krb5_credential - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_fwd_tgt_creds (krb5_context context, - krb5_auth_context auth_context, - const char *hostname, - krb5_principal client, - krb5_principal server, - krb5_ccache ccache, - int forwardable, - krb5_data *out_data) -{ - krb5_flags flags = 0; - krb5_creds creds; - krb5_error_code ret; - krb5_const_realm client_realm; - - flags |= KDC_OPT_FORWARDED; - - if (forwardable) - flags |= KDC_OPT_FORWARDABLE; - - if (hostname == NULL && - krb5_principal_get_type(context, server) == KRB5_NT_SRV_HST) { - const char *inst = krb5_principal_get_comp_string(context, server, 0); - const char *host = krb5_principal_get_comp_string(context, server, 1); - - if (inst != NULL && - strcmp(inst, "host") == 0 && - host != NULL && - krb5_principal_get_comp_string(context, server, 2) == NULL) - hostname = host; - } - - client_realm = krb5_principal_get_realm(context, client); - - memset (&creds, 0, sizeof(creds)); - creds.client = client; - - ret = krb5_build_principal(context, - &creds.server, - strlen(client_realm), - client_realm, - KRB5_TGS_NAME, - client_realm, - NULL); - if (ret) - return ret; - - ret = krb5_get_forwarded_creds (context, - auth_context, - ccache, - flags, - hostname, - &creds, - out_data); - return ret; -} - -/** - * Gets tickets forwarded to hostname. If the tickets that are - * forwarded are address-less, the forwarded tickets will also be - * address-less. - * - * If the ticket have any address, hostname will be used for figure - * out the address to forward the ticket too. This since this might - * use DNS, its insecure and also doesn't represent configured all - * addresses of the host. For example, the host might have two - * adresses, one IPv4 and one IPv6 address where the later is not - * published in DNS. This IPv6 address might be used communications - * and thus the resulting ticket useless. - * - * @param context A kerberos 5 context. - * @param auth_context the auth context with the key to encrypt the out_data. - * @param ccache credential cache to use - * @param flags the flags to control the resulting ticket flags - * @param hostname the host to forward the tickets too. - * @param in_creds the in client and server ticket names. The client - * and server components forwarded to the remote host. - * @param out_data the resulting credential. - * - * @return Return an error code or 0. - * - * @ingroup krb5_credential - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_forwarded_creds (krb5_context context, - krb5_auth_context auth_context, - krb5_ccache ccache, - krb5_flags flags, - const char *hostname, - krb5_creds *in_creds, - krb5_data *out_data) -{ - krb5_error_code ret; - krb5_creds *out_creds; - krb5_addresses addrs, *paddrs; - KRB_CRED cred; - KrbCredInfo *krb_cred_info; - EncKrbCredPart enc_krb_cred_part; - size_t len; - unsigned char *buf; - size_t buf_size; - krb5_kdc_flags kdc_flags; - krb5_crypto crypto; - struct addrinfo *ai; - int save_errno; - krb5_creds *ticket; - - paddrs = NULL; - addrs.len = 0; - addrs.val = NULL; - - ret = krb5_get_credentials(context, 0, ccache, in_creds, &ticket); - if(ret == 0) { - if (ticket->addresses.len) - paddrs = &addrs; - krb5_free_creds (context, ticket); - } else { - krb5_boolean noaddr; - krb5_appdefault_boolean(context, NULL, - krb5_principal_get_realm(context, - in_creds->client), - "no-addresses", KRB5_ADDRESSLESS_DEFAULT, - &noaddr); - if (!noaddr) - paddrs = &addrs; - } - - /* - * If tickets have addresses, get the address of the remote host. - */ - - if (paddrs != NULL) { - - ret = getaddrinfo (hostname, NULL, NULL, &ai); - if (ret) { - save_errno = errno; - krb5_set_error_string(context, "resolving %s: %s", - hostname, gai_strerror(ret)); - return krb5_eai_to_heim_errno(ret, save_errno); - } - - ret = add_addrs (context, &addrs, ai); - freeaddrinfo (ai); - if (ret) - return ret; - } - - kdc_flags.b = int2KDCOptions(flags); - - ret = krb5_get_kdc_cred (context, - ccache, - kdc_flags, - paddrs, - NULL, - in_creds, - &out_creds); - krb5_free_addresses (context, &addrs); - if (ret) - return ret; - - memset (&cred, 0, sizeof(cred)); - cred.pvno = 5; - cred.msg_type = krb_cred; - ALLOC_SEQ(&cred.tickets, 1); - if (cred.tickets.val == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto out2; - } - ret = decode_Ticket(out_creds->ticket.data, - out_creds->ticket.length, - cred.tickets.val, &len); - if (ret) - goto out3; - - memset (&enc_krb_cred_part, 0, sizeof(enc_krb_cred_part)); - ALLOC_SEQ(&enc_krb_cred_part.ticket_info, 1); - if (enc_krb_cred_part.ticket_info.val == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto out4; - } - - if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) { - krb5_timestamp sec; - int32_t usec; - - krb5_us_timeofday (context, &sec, &usec); - - ALLOC(enc_krb_cred_part.timestamp, 1); - if (enc_krb_cred_part.timestamp == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto out4; - } - *enc_krb_cred_part.timestamp = sec; - ALLOC(enc_krb_cred_part.usec, 1); - if (enc_krb_cred_part.usec == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto out4; - } - *enc_krb_cred_part.usec = usec; - } else { - enc_krb_cred_part.timestamp = NULL; - enc_krb_cred_part.usec = NULL; - } - - if (auth_context->local_address && auth_context->local_port && paddrs) { - - ret = krb5_make_addrport (context, - &enc_krb_cred_part.s_address, - auth_context->local_address, - auth_context->local_port); - if (ret) - goto out4; - } - - if (auth_context->remote_address) { - if (auth_context->remote_port) { - krb5_boolean noaddr; - krb5_const_realm srealm; - - srealm = krb5_principal_get_realm(context, out_creds->server); - /* Is this correct, and should we use the paddrs == NULL - trick here as well? Having an address-less ticket may - indicate that we don't know our own global address, but - it does not necessary mean that we don't know the - server's. */ - krb5_appdefault_boolean(context, NULL, srealm, "no-addresses", - FALSE, &noaddr); - if (!noaddr) { - ret = krb5_make_addrport (context, - &enc_krb_cred_part.r_address, - auth_context->remote_address, - auth_context->remote_port); - if (ret) - goto out4; - } - } else { - ALLOC(enc_krb_cred_part.r_address, 1); - if (enc_krb_cred_part.r_address == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto out4; - } - - ret = krb5_copy_address (context, auth_context->remote_address, - enc_krb_cred_part.r_address); - if (ret) - goto out4; - } - } - - /* fill ticket_info.val[0] */ - - enc_krb_cred_part.ticket_info.len = 1; - - krb_cred_info = enc_krb_cred_part.ticket_info.val; - - copy_EncryptionKey (&out_creds->session, &krb_cred_info->key); - ALLOC(krb_cred_info->prealm, 1); - copy_Realm (&out_creds->client->realm, krb_cred_info->prealm); - ALLOC(krb_cred_info->pname, 1); - copy_PrincipalName(&out_creds->client->name, krb_cred_info->pname); - ALLOC(krb_cred_info->flags, 1); - *krb_cred_info->flags = out_creds->flags.b; - ALLOC(krb_cred_info->authtime, 1); - *krb_cred_info->authtime = out_creds->times.authtime; - ALLOC(krb_cred_info->starttime, 1); - *krb_cred_info->starttime = out_creds->times.starttime; - ALLOC(krb_cred_info->endtime, 1); - *krb_cred_info->endtime = out_creds->times.endtime; - ALLOC(krb_cred_info->renew_till, 1); - *krb_cred_info->renew_till = out_creds->times.renew_till; - ALLOC(krb_cred_info->srealm, 1); - copy_Realm (&out_creds->server->realm, krb_cred_info->srealm); - ALLOC(krb_cred_info->sname, 1); - copy_PrincipalName (&out_creds->server->name, krb_cred_info->sname); - ALLOC(krb_cred_info->caddr, 1); - copy_HostAddresses (&out_creds->addresses, krb_cred_info->caddr); - - krb5_free_creds (context, out_creds); - - /* encode EncKrbCredPart */ - - ASN1_MALLOC_ENCODE(EncKrbCredPart, buf, buf_size, - &enc_krb_cred_part, &len, ret); - free_EncKrbCredPart (&enc_krb_cred_part); - if (ret) { - free_KRB_CRED(&cred); - return ret; - } - if(buf_size != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - - /** - * Some older of the MIT gssapi library used clear-text tickets - * (warped inside AP-REQ encryption), use the krb5_auth_context - * flag KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED to support those - * tickets. The session key is used otherwise to encrypt the - * forwarded ticket. - */ - - if (auth_context->flags & KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED) { - cred.enc_part.etype = ENCTYPE_NULL; - cred.enc_part.kvno = NULL; - cred.enc_part.cipher.data = buf; - cred.enc_part.cipher.length = buf_size; - } else { - /* - * Here older versions then 0.7.2 of Heimdal used the local or - * remote subkey. That is wrong, the session key should be - * used. Heimdal 0.7.2 and newer have code to try both in the - * receiving end. - */ - - ret = krb5_crypto_init(context, auth_context->keyblock, 0, &crypto); - if (ret) { - free(buf); - free_KRB_CRED(&cred); - return ret; - } - ret = krb5_encrypt_EncryptedData (context, - crypto, - KRB5_KU_KRB_CRED, - buf, - len, - 0, - &cred.enc_part); - free(buf); - krb5_crypto_destroy(context, crypto); - if (ret) { - free_KRB_CRED(&cred); - return ret; - } - } - - ASN1_MALLOC_ENCODE(KRB_CRED, buf, buf_size, &cred, &len, ret); - free_KRB_CRED (&cred); - if (ret) - return ret; - if(buf_size != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - out_data->length = len; - out_data->data = buf; - return 0; - out4: - free_EncKrbCredPart(&enc_krb_cred_part); - out3: - free_KRB_CRED(&cred); - out2: - krb5_free_creds (context, out_creds); - return ret; -} diff --git a/crypto/heimdal/lib/krb5/get_host_realm.c b/crypto/heimdal/lib/krb5/get_host_realm.c deleted file mode 100644 index d709e4b38d17..000000000000 --- a/crypto/heimdal/lib/krb5/get_host_realm.c +++ /dev/null @@ -1,257 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -#include - -RCSID("$Id: get_host_realm.c 18541 2006-10-17 19:28:36Z lha $"); - -/* To automagically find the correct realm of a host (without - * [domain_realm] in krb5.conf) add a text record for your domain with - * the name of your realm, like this: - * - * _kerberos IN TXT "FOO.SE" - * - * The search is recursive, so you can add entries for specific - * hosts. To find the realm of host a.b.c, it first tries - * _kerberos.a.b.c, then _kerberos.b.c and so on. - * - * This method is described in draft-ietf-cat-krb-dns-locate-03.txt. - * - */ - -static int -copy_txt_to_realms (struct resource_record *head, - krb5_realm **realms) -{ - struct resource_record *rr; - int n, i; - - for(n = 0, rr = head; rr; rr = rr->next) - if (rr->type == T_TXT) - ++n; - - if (n == 0) - return -1; - - *realms = malloc ((n + 1) * sizeof(krb5_realm)); - if (*realms == NULL) - return -1; - - for (i = 0; i < n + 1; ++i) - (*realms)[i] = NULL; - - for (i = 0, rr = head; rr; rr = rr->next) { - if (rr->type == T_TXT) { - char *tmp; - - tmp = strdup(rr->u.txt); - if (tmp == NULL) { - for (i = 0; i < n; ++i) - free ((*realms)[i]); - free (*realms); - return -1; - } - (*realms)[i] = tmp; - ++i; - } - } - return 0; -} - -static int -dns_find_realm(krb5_context context, - const char *domain, - krb5_realm **realms) -{ - static const char *default_labels[] = { "_kerberos", NULL }; - char dom[MAXHOSTNAMELEN]; - struct dns_reply *r; - const char **labels; - char **config_labels; - int i, ret; - - config_labels = krb5_config_get_strings(context, NULL, "libdefaults", - "dns_lookup_realm_labels", NULL); - if(config_labels != NULL) - labels = (const char **)config_labels; - else - labels = default_labels; - if(*domain == '.') - domain++; - for (i = 0; labels[i] != NULL; i++) { - ret = snprintf(dom, sizeof(dom), "%s.%s.", labels[i], domain); - if(ret < 0 || ret >= sizeof(dom)) { - if (config_labels) - krb5_config_free_strings(config_labels); - return -1; - } - r = dns_lookup(dom, "TXT"); - if(r != NULL) { - ret = copy_txt_to_realms (r->head, realms); - dns_free_data(r); - if(ret == 0) { - if (config_labels) - krb5_config_free_strings(config_labels); - return 0; - } - } - } - if (config_labels) - krb5_config_free_strings(config_labels); - return -1; -} - -/* - * Try to figure out what realms host in `domain' belong to from the - * configuration file. - */ - -static int -config_find_realm(krb5_context context, - const char *domain, - krb5_realm **realms) -{ - char **tmp = krb5_config_get_strings (context, NULL, - "domain_realm", - domain, - NULL); - - if (tmp == NULL) - return -1; - *realms = tmp; - return 0; -} - -/* - * This function assumes that `host' is a FQDN (and doesn't handle the - * special case of host == NULL either). - * Try to find mapping in the config file or DNS and it that fails, - * fall back to guessing - */ - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_get_host_realm_int (krb5_context context, - const char *host, - krb5_boolean use_dns, - krb5_realm **realms) -{ - const char *p, *q; - krb5_boolean dns_locate_enable; - - dns_locate_enable = krb5_config_get_bool_default(context, NULL, TRUE, - "libdefaults", "dns_lookup_realm", NULL); - for (p = host; p != NULL; p = strchr (p + 1, '.')) { - if(config_find_realm(context, p, realms) == 0) { - if(strcasecmp(*realms[0], "dns_locate") == 0) { - if(use_dns) - for (q = host; q != NULL; q = strchr(q + 1, '.')) - if(dns_find_realm(context, q, realms) == 0) - return 0; - continue; - } else - return 0; - } - else if(use_dns && dns_locate_enable) { - if(dns_find_realm(context, p, realms) == 0) - return 0; - } - } - p = strchr(host, '.'); - if(p != NULL) { - p++; - *realms = malloc(2 * sizeof(krb5_realm)); - if (*realms == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - (*realms)[0] = strdup(p); - if((*realms)[0] == NULL) { - free(*realms); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - strupr((*realms)[0]); - (*realms)[1] = NULL; - return 0; - } - krb5_set_error_string(context, "unable to find realm of host %s", host); - return KRB5_ERR_HOST_REALM_UNKNOWN; -} - -/* - * Return the realm(s) of `host' as a NULL-terminated list in - * `realms'. Free `realms' with krb5_free_host_realm(). - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_host_realm(krb5_context context, - const char *targethost, - krb5_realm **realms) -{ - const char *host = targethost; - char hostname[MAXHOSTNAMELEN]; - krb5_error_code ret; - int use_dns; - - if (host == NULL) { - if (gethostname (hostname, sizeof(hostname))) { - *realms = NULL; - return errno; - } - host = hostname; - } - - /* - * If our local hostname is without components, don't even try to dns. - */ - - use_dns = (strchr(host, '.') != NULL); - - ret = _krb5_get_host_realm_int (context, host, use_dns, realms); - if (ret && targethost != NULL) { - /* - * If there was no realm mapping for the host (and we wasn't - * looking for ourself), guess at the local realm, maybe our - * KDC knows better then we do and we get a referral back. - */ - ret = krb5_get_default_realms(context, realms); - if (ret) { - krb5_set_error_string(context, "Unable to find realm of host %s", - host); - return KRB5_ERR_HOST_REALM_UNKNOWN; - } - } - return ret; -} diff --git a/crypto/heimdal/lib/krb5/get_in_tkt.c b/crypto/heimdal/lib/krb5/get_in_tkt.c deleted file mode 100644 index ffd4ca2b04e4..000000000000 --- a/crypto/heimdal/lib/krb5/get_in_tkt.c +++ /dev/null @@ -1,834 +0,0 @@ -/* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: get_in_tkt.c 20226 2007-02-16 03:31:50Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_init_etype (krb5_context context, - unsigned *len, - krb5_enctype **val, - const krb5_enctype *etypes) -{ - int i; - krb5_error_code ret; - krb5_enctype *tmp = NULL; - - ret = 0; - if (etypes == NULL) { - ret = krb5_get_default_in_tkt_etypes(context, - &tmp); - if (ret) - return ret; - etypes = tmp; - } - - for (i = 0; etypes[i]; ++i) - ; - *len = i; - *val = malloc(i * sizeof(**val)); - if (i != 0 && *val == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto cleanup; - } - memmove (*val, - etypes, - i * sizeof(*tmp)); -cleanup: - if (tmp != NULL) - free (tmp); - return ret; -} - - -static krb5_error_code -decrypt_tkt (krb5_context context, - krb5_keyblock *key, - krb5_key_usage usage, - krb5_const_pointer decrypt_arg, - krb5_kdc_rep *dec_rep) -{ - krb5_error_code ret; - krb5_data data; - size_t size; - krb5_crypto crypto; - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) - return ret; - - ret = krb5_decrypt_EncryptedData (context, - crypto, - usage, - &dec_rep->kdc_rep.enc_part, - &data); - krb5_crypto_destroy(context, crypto); - - if (ret) - return ret; - - ret = krb5_decode_EncASRepPart(context, - data.data, - data.length, - &dec_rep->enc_part, - &size); - if (ret) - ret = krb5_decode_EncTGSRepPart(context, - data.data, - data.length, - &dec_rep->enc_part, - &size); - krb5_data_free (&data); - if (ret) - return ret; - return 0; -} - -int -_krb5_extract_ticket(krb5_context context, - krb5_kdc_rep *rep, - krb5_creds *creds, - krb5_keyblock *key, - krb5_const_pointer keyseed, - krb5_key_usage key_usage, - krb5_addresses *addrs, - unsigned nonce, - unsigned flags, - krb5_decrypt_proc decrypt_proc, - krb5_const_pointer decryptarg) -{ - krb5_error_code ret; - krb5_principal tmp_principal; - int tmp; - size_t len; - time_t tmp_time; - krb5_timestamp sec_now; - - ret = _krb5_principalname2krb5_principal (context, - &tmp_principal, - rep->kdc_rep.cname, - rep->kdc_rep.crealm); - if (ret) - goto out; - - /* compare client */ - - if((flags & EXTRACT_TICKET_ALLOW_CNAME_MISMATCH) == 0){ - tmp = krb5_principal_compare (context, tmp_principal, creds->client); - if (!tmp) { - krb5_free_principal (context, tmp_principal); - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_MODIFIED; - goto out; - } - } - - krb5_free_principal (context, creds->client); - creds->client = tmp_principal; - - /* extract ticket */ - ASN1_MALLOC_ENCODE(Ticket, creds->ticket.data, creds->ticket.length, - &rep->kdc_rep.ticket, &len, ret); - if(ret) - goto out; - if (creds->ticket.length != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - creds->second_ticket.length = 0; - creds->second_ticket.data = NULL; - - /* compare server */ - - ret = _krb5_principalname2krb5_principal (context, - &tmp_principal, - rep->kdc_rep.ticket.sname, - rep->kdc_rep.ticket.realm); - if (ret) - goto out; - if(flags & EXTRACT_TICKET_ALLOW_SERVER_MISMATCH){ - krb5_free_principal(context, creds->server); - creds->server = tmp_principal; - tmp_principal = NULL; - } else { - tmp = krb5_principal_compare (context, tmp_principal, - creds->server); - krb5_free_principal (context, tmp_principal); - if (!tmp) { - ret = KRB5KRB_AP_ERR_MODIFIED; - krb5_clear_error_string (context); - goto out; - } - } - - /* decrypt */ - - if (decrypt_proc == NULL) - decrypt_proc = decrypt_tkt; - - ret = (*decrypt_proc)(context, key, key_usage, decryptarg, rep); - if (ret) - goto out; - - /* verify names */ - if(flags & EXTRACT_TICKET_MATCH_REALM){ - const char *srealm = krb5_principal_get_realm(context, creds->server); - const char *crealm = krb5_principal_get_realm(context, creds->client); - - if (strcmp(rep->enc_part.srealm, srealm) != 0 || - strcmp(rep->enc_part.srealm, crealm) != 0) - { - ret = KRB5KRB_AP_ERR_MODIFIED; - krb5_clear_error_string(context); - goto out; - } - } - - /* compare nonces */ - - if (nonce != rep->enc_part.nonce) { - ret = KRB5KRB_AP_ERR_MODIFIED; - krb5_set_error_string(context, "malloc: out of memory"); - goto out; - } - - /* set kdc-offset */ - - krb5_timeofday (context, &sec_now); - if (rep->enc_part.flags.initial - && context->kdc_sec_offset == 0 - && krb5_config_get_bool (context, NULL, - "libdefaults", - "kdc_timesync", - NULL)) { - context->kdc_sec_offset = rep->enc_part.authtime - sec_now; - krb5_timeofday (context, &sec_now); - } - - /* check all times */ - - if (rep->enc_part.starttime) { - tmp_time = *rep->enc_part.starttime; - } else - tmp_time = rep->enc_part.authtime; - - if (creds->times.starttime == 0 - && abs(tmp_time - sec_now) > context->max_skew) { - ret = KRB5KRB_AP_ERR_SKEW; - krb5_set_error_string (context, - "time skew (%d) larger than max (%d)", - abs(tmp_time - sec_now), - (int)context->max_skew); - goto out; - } - - if (creds->times.starttime != 0 - && tmp_time != creds->times.starttime) { - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_MODIFIED; - goto out; - } - - creds->times.starttime = tmp_time; - - if (rep->enc_part.renew_till) { - tmp_time = *rep->enc_part.renew_till; - } else - tmp_time = 0; - - if (creds->times.renew_till != 0 - && tmp_time > creds->times.renew_till) { - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_MODIFIED; - goto out; - } - - creds->times.renew_till = tmp_time; - - creds->times.authtime = rep->enc_part.authtime; - - if (creds->times.endtime != 0 - && rep->enc_part.endtime > creds->times.endtime) { - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_MODIFIED; - goto out; - } - - creds->times.endtime = rep->enc_part.endtime; - - if(rep->enc_part.caddr) - krb5_copy_addresses (context, rep->enc_part.caddr, &creds->addresses); - else if(addrs) - krb5_copy_addresses (context, addrs, &creds->addresses); - else { - creds->addresses.len = 0; - creds->addresses.val = NULL; - } - creds->flags.b = rep->enc_part.flags; - - creds->authdata.len = 0; - creds->authdata.val = NULL; - creds->session.keyvalue.length = 0; - creds->session.keyvalue.data = NULL; - creds->session.keytype = rep->enc_part.key.keytype; - ret = krb5_data_copy (&creds->session.keyvalue, - rep->enc_part.key.keyvalue.data, - rep->enc_part.key.keyvalue.length); - -out: - memset (rep->enc_part.key.keyvalue.data, 0, - rep->enc_part.key.keyvalue.length); - return ret; -} - - -static krb5_error_code -make_pa_enc_timestamp(krb5_context context, PA_DATA *pa, - krb5_enctype etype, krb5_keyblock *key) -{ - PA_ENC_TS_ENC p; - unsigned char *buf; - size_t buf_size; - size_t len; - EncryptedData encdata; - krb5_error_code ret; - int32_t usec; - int usec2; - krb5_crypto crypto; - - krb5_us_timeofday (context, &p.patimestamp, &usec); - usec2 = usec; - p.pausec = &usec2; - - ASN1_MALLOC_ENCODE(PA_ENC_TS_ENC, buf, buf_size, &p, &len, ret); - if (ret) - return ret; - if(buf_size != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) { - free(buf); - return ret; - } - ret = krb5_encrypt_EncryptedData(context, - crypto, - KRB5_KU_PA_ENC_TIMESTAMP, - buf, - len, - 0, - &encdata); - free(buf); - krb5_crypto_destroy(context, crypto); - if (ret) - return ret; - - ASN1_MALLOC_ENCODE(EncryptedData, buf, buf_size, &encdata, &len, ret); - free_EncryptedData(&encdata); - if (ret) - return ret; - if(buf_size != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - pa->padata_type = KRB5_PADATA_ENC_TIMESTAMP; - pa->padata_value.length = len; - pa->padata_value.data = buf; - return 0; -} - -static krb5_error_code -add_padata(krb5_context context, - METHOD_DATA *md, - krb5_principal client, - krb5_key_proc key_proc, - krb5_const_pointer keyseed, - krb5_enctype *enctypes, - unsigned netypes, - krb5_salt *salt) -{ - krb5_error_code ret; - PA_DATA *pa2; - krb5_salt salt2; - krb5_enctype *ep; - int i; - - if(salt == NULL) { - /* default to standard salt */ - ret = krb5_get_pw_salt (context, client, &salt2); - salt = &salt2; - } - if (!enctypes) { - enctypes = context->etypes; - netypes = 0; - for (ep = enctypes; *ep != ETYPE_NULL; ep++) - netypes++; - } - pa2 = realloc (md->val, (md->len + netypes) * sizeof(*md->val)); - if (pa2 == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - md->val = pa2; - - for (i = 0; i < netypes; ++i) { - krb5_keyblock *key; - - ret = (*key_proc)(context, enctypes[i], *salt, keyseed, &key); - if (ret) - continue; - ret = make_pa_enc_timestamp (context, &md->val[md->len], - enctypes[i], key); - krb5_free_keyblock (context, key); - if (ret) - return ret; - ++md->len; - } - if(salt == &salt2) - krb5_free_salt(context, salt2); - return 0; -} - -static krb5_error_code -init_as_req (krb5_context context, - KDCOptions opts, - krb5_creds *creds, - const krb5_addresses *addrs, - const krb5_enctype *etypes, - const krb5_preauthtype *ptypes, - const krb5_preauthdata *preauth, - krb5_key_proc key_proc, - krb5_const_pointer keyseed, - unsigned nonce, - AS_REQ *a) -{ - krb5_error_code ret; - krb5_salt salt; - - memset(a, 0, sizeof(*a)); - - a->pvno = 5; - a->msg_type = krb_as_req; - a->req_body.kdc_options = opts; - a->req_body.cname = malloc(sizeof(*a->req_body.cname)); - if (a->req_body.cname == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto fail; - } - a->req_body.sname = malloc(sizeof(*a->req_body.sname)); - if (a->req_body.sname == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto fail; - } - ret = _krb5_principal2principalname (a->req_body.cname, creds->client); - if (ret) - goto fail; - ret = _krb5_principal2principalname (a->req_body.sname, creds->server); - if (ret) - goto fail; - ret = copy_Realm(&creds->client->realm, &a->req_body.realm); - if (ret) - goto fail; - - if(creds->times.starttime) { - a->req_body.from = malloc(sizeof(*a->req_body.from)); - if (a->req_body.from == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto fail; - } - *a->req_body.from = creds->times.starttime; - } - if(creds->times.endtime){ - ALLOC(a->req_body.till, 1); - *a->req_body.till = creds->times.endtime; - } - if(creds->times.renew_till){ - a->req_body.rtime = malloc(sizeof(*a->req_body.rtime)); - if (a->req_body.rtime == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto fail; - } - *a->req_body.rtime = creds->times.renew_till; - } - a->req_body.nonce = nonce; - ret = krb5_init_etype (context, - &a->req_body.etype.len, - &a->req_body.etype.val, - etypes); - if (ret) - goto fail; - - /* - * This means no addresses - */ - - if (addrs && addrs->len == 0) { - a->req_body.addresses = NULL; - } else { - a->req_body.addresses = malloc(sizeof(*a->req_body.addresses)); - if (a->req_body.addresses == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto fail; - } - - if (addrs) - ret = krb5_copy_addresses(context, addrs, a->req_body.addresses); - else { - ret = krb5_get_all_client_addrs (context, a->req_body.addresses); - if(ret == 0 && a->req_body.addresses->len == 0) { - free(a->req_body.addresses); - a->req_body.addresses = NULL; - } - } - if (ret) - return ret; - } - - a->req_body.enc_authorization_data = NULL; - a->req_body.additional_tickets = NULL; - - if(preauth != NULL) { - int i; - ALLOC(a->padata, 1); - if(a->padata == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto fail; - } - a->padata->val = NULL; - a->padata->len = 0; - for(i = 0; i < preauth->len; i++) { - if(preauth->val[i].type == KRB5_PADATA_ENC_TIMESTAMP){ - int j; - - for(j = 0; j < preauth->val[i].info.len; j++) { - krb5_salt *sp = &salt; - if(preauth->val[i].info.val[j].salttype) - salt.salttype = *preauth->val[i].info.val[j].salttype; - else - salt.salttype = KRB5_PW_SALT; - if(preauth->val[i].info.val[j].salt) - salt.saltvalue = *preauth->val[i].info.val[j].salt; - else - if(salt.salttype == KRB5_PW_SALT) - sp = NULL; - else - krb5_data_zero(&salt.saltvalue); - ret = add_padata(context, a->padata, creds->client, - key_proc, keyseed, - &preauth->val[i].info.val[j].etype, 1, - sp); - if (ret == 0) - break; - } - } - } - } else - /* not sure this is the way to use `ptypes' */ - if (ptypes == NULL || *ptypes == KRB5_PADATA_NONE) - a->padata = NULL; - else if (*ptypes == KRB5_PADATA_ENC_TIMESTAMP) { - ALLOC(a->padata, 1); - if (a->padata == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto fail; - } - a->padata->len = 0; - a->padata->val = NULL; - - /* make a v5 salted pa-data */ - add_padata(context, a->padata, creds->client, - key_proc, keyseed, a->req_body.etype.val, - a->req_body.etype.len, NULL); - - /* make a v4 salted pa-data */ - salt.salttype = KRB5_PW_SALT; - krb5_data_zero(&salt.saltvalue); - add_padata(context, a->padata, creds->client, - key_proc, keyseed, a->req_body.etype.val, - a->req_body.etype.len, &salt); - } else { - krb5_set_error_string (context, "pre-auth type %d not supported", - *ptypes); - ret = KRB5_PREAUTH_BAD_TYPE; - goto fail; - } - return 0; -fail: - free_AS_REQ(a); - return ret; -} - -static int -set_ptypes(krb5_context context, - KRB_ERROR *error, - const krb5_preauthtype **ptypes, - krb5_preauthdata **preauth) -{ - static krb5_preauthdata preauth2; - static krb5_preauthtype ptypes2[] = { KRB5_PADATA_ENC_TIMESTAMP, KRB5_PADATA_NONE }; - - if(error->e_data) { - METHOD_DATA md; - int i; - decode_METHOD_DATA(error->e_data->data, - error->e_data->length, - &md, - NULL); - for(i = 0; i < md.len; i++){ - switch(md.val[i].padata_type){ - case KRB5_PADATA_ENC_TIMESTAMP: - *ptypes = ptypes2; - break; - case KRB5_PADATA_ETYPE_INFO: - *preauth = &preauth2; - ALLOC_SEQ(*preauth, 1); - (*preauth)->val[0].type = KRB5_PADATA_ENC_TIMESTAMP; - krb5_decode_ETYPE_INFO(context, - md.val[i].padata_value.data, - md.val[i].padata_value.length, - &(*preauth)->val[0].info, - NULL); - break; - default: - break; - } - } - free_METHOD_DATA(&md); - } else { - *ptypes = ptypes2; - } - return(1); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_in_cred(krb5_context context, - krb5_flags options, - const krb5_addresses *addrs, - const krb5_enctype *etypes, - const krb5_preauthtype *ptypes, - const krb5_preauthdata *preauth, - krb5_key_proc key_proc, - krb5_const_pointer keyseed, - krb5_decrypt_proc decrypt_proc, - krb5_const_pointer decryptarg, - krb5_creds *creds, - krb5_kdc_rep *ret_as_reply) -{ - krb5_error_code ret; - AS_REQ a; - krb5_kdc_rep rep; - krb5_data req, resp; - size_t len; - krb5_salt salt; - krb5_keyblock *key; - size_t size; - KDCOptions opts; - PA_DATA *pa; - krb5_enctype etype; - krb5_preauthdata *my_preauth = NULL; - unsigned nonce; - int done; - - opts = int2KDCOptions(options); - - krb5_generate_random_block (&nonce, sizeof(nonce)); - nonce &= 0xffffffff; - - do { - done = 1; - ret = init_as_req (context, - opts, - creds, - addrs, - etypes, - ptypes, - preauth, - key_proc, - keyseed, - nonce, - &a); - if (my_preauth) { - free_ETYPE_INFO(&my_preauth->val[0].info); - free (my_preauth->val); - my_preauth = NULL; - } - if (ret) - return ret; - - ASN1_MALLOC_ENCODE(AS_REQ, req.data, req.length, &a, &len, ret); - free_AS_REQ(&a); - if (ret) - return ret; - if(len != req.length) - krb5_abortx(context, "internal error in ASN.1 encoder"); - - ret = krb5_sendto_kdc (context, &req, &creds->client->realm, &resp); - krb5_data_free(&req); - if (ret) - return ret; - - memset (&rep, 0, sizeof(rep)); - ret = decode_AS_REP(resp.data, resp.length, &rep.kdc_rep, &size); - if(ret) { - /* let's try to parse it as a KRB-ERROR */ - KRB_ERROR error; - int ret2; - - ret2 = krb5_rd_error(context, &resp, &error); - if(ret2 && resp.data && ((char*)resp.data)[0] == 4) - ret = KRB5KRB_AP_ERR_V4_REPLY; - krb5_data_free(&resp); - if (ret2 == 0) { - ret = krb5_error_from_rd_error(context, &error, creds); - /* if no preauth was set and KDC requires it, give it - one more try */ - if (!ptypes && !preauth - && ret == KRB5KDC_ERR_PREAUTH_REQUIRED -#if 0 - || ret == KRB5KDC_ERR_BADOPTION -#endif - && set_ptypes(context, &error, &ptypes, &my_preauth)) { - done = 0; - preauth = my_preauth; - krb5_free_error_contents(context, &error); - krb5_clear_error_string(context); - continue; - } - if(ret_as_reply) - ret_as_reply->error = error; - else - free_KRB_ERROR (&error); - return ret; - } - return ret; - } - krb5_data_free(&resp); - } while(!done); - - pa = NULL; - etype = rep.kdc_rep.enc_part.etype; - if(rep.kdc_rep.padata){ - int i = 0; - pa = krb5_find_padata(rep.kdc_rep.padata->val, rep.kdc_rep.padata->len, - KRB5_PADATA_PW_SALT, &i); - if(pa == NULL) { - i = 0; - pa = krb5_find_padata(rep.kdc_rep.padata->val, - rep.kdc_rep.padata->len, - KRB5_PADATA_AFS3_SALT, &i); - } - } - if(pa) { - salt.salttype = pa->padata_type; - salt.saltvalue = pa->padata_value; - - ret = (*key_proc)(context, etype, salt, keyseed, &key); - } else { - /* make a v5 salted pa-data */ - ret = krb5_get_pw_salt (context, creds->client, &salt); - - if (ret) - goto out; - ret = (*key_proc)(context, etype, salt, keyseed, &key); - krb5_free_salt(context, salt); - } - if (ret) - goto out; - - { - unsigned flags = 0; - if (opts.request_anonymous) - flags |= EXTRACT_TICKET_ALLOW_SERVER_MISMATCH; - - ret = _krb5_extract_ticket(context, - &rep, - creds, - key, - keyseed, - KRB5_KU_AS_REP_ENC_PART, - NULL, - nonce, - flags, - decrypt_proc, - decryptarg); - } - memset (key->keyvalue.data, 0, key->keyvalue.length); - krb5_free_keyblock_contents (context, key); - free (key); - -out: - if (ret == 0 && ret_as_reply) - *ret_as_reply = rep; - else - krb5_free_kdc_rep (context, &rep); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_in_tkt(krb5_context context, - krb5_flags options, - const krb5_addresses *addrs, - const krb5_enctype *etypes, - const krb5_preauthtype *ptypes, - krb5_key_proc key_proc, - krb5_const_pointer keyseed, - krb5_decrypt_proc decrypt_proc, - krb5_const_pointer decryptarg, - krb5_creds *creds, - krb5_ccache ccache, - krb5_kdc_rep *ret_as_reply) -{ - krb5_error_code ret; - - ret = krb5_get_in_cred (context, - options, - addrs, - etypes, - ptypes, - NULL, - key_proc, - keyseed, - decrypt_proc, - decryptarg, - creds, - ret_as_reply); - if(ret) - return ret; - if (ccache) - ret = krb5_cc_store_cred (context, ccache, creds); - return ret; -} diff --git a/crypto/heimdal/lib/krb5/get_in_tkt_pw.c b/crypto/heimdal/lib/krb5/get_in_tkt_pw.c deleted file mode 100644 index 21b27c61b47e..000000000000 --- a/crypto/heimdal/lib/krb5/get_in_tkt_pw.c +++ /dev/null @@ -1,90 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: get_in_tkt_pw.c 13863 2004-05-25 21:46:46Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_password_key_proc (krb5_context context, - krb5_enctype type, - krb5_salt salt, - krb5_const_pointer keyseed, - krb5_keyblock **key) -{ - krb5_error_code ret; - const char *password = (const char *)keyseed; - char buf[BUFSIZ]; - - *key = malloc (sizeof (**key)); - if (*key == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - if (password == NULL) { - if(UI_UTIL_read_pw_string (buf, sizeof(buf), "Password: ", 0)) { - free (*key); - krb5_clear_error_string(context); - return KRB5_LIBOS_PWDINTR; - } - password = buf; - } - ret = krb5_string_to_key_salt (context, type, password, salt, *key); - memset (buf, 0, sizeof(buf)); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_in_tkt_with_password (krb5_context context, - krb5_flags options, - krb5_addresses *addrs, - const krb5_enctype *etypes, - const krb5_preauthtype *pre_auth_types, - const char *password, - krb5_ccache ccache, - krb5_creds *creds, - krb5_kdc_rep *ret_as_reply) -{ - return krb5_get_in_tkt (context, - options, - addrs, - etypes, - pre_auth_types, - krb5_password_key_proc, - password, - NULL, - NULL, - creds, - ccache, - ret_as_reply); -} diff --git a/crypto/heimdal/lib/krb5/get_in_tkt_with_keytab.c b/crypto/heimdal/lib/krb5/get_in_tkt_with_keytab.c deleted file mode 100644 index 52f95c4bc45e..000000000000 --- a/crypto/heimdal/lib/krb5/get_in_tkt_with_keytab.c +++ /dev/null @@ -1,99 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: get_in_tkt_with_keytab.c 15477 2005-06-17 04:56:44Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_keytab_key_proc (krb5_context context, - krb5_enctype enctype, - krb5_salt salt, - krb5_const_pointer keyseed, - krb5_keyblock **key) -{ - krb5_keytab_key_proc_args *args = rk_UNCONST(keyseed); - krb5_keytab keytab = args->keytab; - krb5_principal principal = args->principal; - krb5_error_code ret; - krb5_keytab real_keytab; - krb5_keytab_entry entry; - - if(keytab == NULL) - krb5_kt_default(context, &real_keytab); - else - real_keytab = keytab; - - ret = krb5_kt_get_entry (context, real_keytab, principal, - 0, enctype, &entry); - - if (keytab == NULL) - krb5_kt_close (context, real_keytab); - - if (ret) - return ret; - - ret = krb5_copy_keyblock (context, &entry.keyblock, key); - krb5_kt_free_entry(context, &entry); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_in_tkt_with_keytab (krb5_context context, - krb5_flags options, - krb5_addresses *addrs, - const krb5_enctype *etypes, - const krb5_preauthtype *pre_auth_types, - krb5_keytab keytab, - krb5_ccache ccache, - krb5_creds *creds, - krb5_kdc_rep *ret_as_reply) -{ - krb5_keytab_key_proc_args a; - - a.principal = creds->client; - a.keytab = keytab; - - return krb5_get_in_tkt (context, - options, - addrs, - etypes, - pre_auth_types, - krb5_keytab_key_proc, - &a, - NULL, - NULL, - creds, - ccache, - ret_as_reply); -} diff --git a/crypto/heimdal/lib/krb5/get_in_tkt_with_skey.c b/crypto/heimdal/lib/krb5/get_in_tkt_with_skey.c deleted file mode 100644 index 1936fa166458..000000000000 --- a/crypto/heimdal/lib/krb5/get_in_tkt_with_skey.c +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: get_in_tkt_with_skey.c 13863 2004-05-25 21:46:46Z lha $"); - -static krb5_error_code -krb5_skey_key_proc (krb5_context context, - krb5_enctype type, - krb5_salt salt, - krb5_const_pointer keyseed, - krb5_keyblock **key) -{ - return krb5_copy_keyblock (context, keyseed, key); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_in_tkt_with_skey (krb5_context context, - krb5_flags options, - krb5_addresses *addrs, - const krb5_enctype *etypes, - const krb5_preauthtype *pre_auth_types, - const krb5_keyblock *key, - krb5_ccache ccache, - krb5_creds *creds, - krb5_kdc_rep *ret_as_reply) -{ - if(key == NULL) - return krb5_get_in_tkt_with_keytab (context, - options, - addrs, - etypes, - pre_auth_types, - NULL, - ccache, - creds, - ret_as_reply); - else - return krb5_get_in_tkt (context, - options, - addrs, - etypes, - pre_auth_types, - krb5_skey_key_proc, - key, - NULL, - NULL, - creds, - ccache, - ret_as_reply); -} diff --git a/crypto/heimdal/lib/krb5/get_port.c b/crypto/heimdal/lib/krb5/get_port.c deleted file mode 100644 index 85587ea76620..000000000000 --- a/crypto/heimdal/lib/krb5/get_port.c +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: get_port.c 13863 2004-05-25 21:46:46Z lha $"); - -int KRB5_LIB_FUNCTION -krb5_getportbyname (krb5_context context, - const char *service, - const char *proto, - int default_port) -{ - struct servent *sp; - - if ((sp = roken_getservbyname (service, proto)) == NULL) { -#if 0 - krb5_warnx(context, "%s/%s unknown service, using default port %d", - service, proto, default_port); -#endif - return htons(default_port); - } else - return sp->s_port; -} diff --git a/crypto/heimdal/lib/krb5/heim_err.et b/crypto/heimdal/lib/krb5/heim_err.et deleted file mode 100644 index 1b8ab49bc11e..000000000000 --- a/crypto/heimdal/lib/krb5/heim_err.et +++ /dev/null @@ -1,44 +0,0 @@ -# -# Error messages for the krb5 library -# -# This might look like a com_err file, but is not -# -id "$Id: heim_err.et 13352 2004-02-13 16:23:40Z lha $" - -error_table heim - -prefix HEIM_ERR - -error_code LOG_PARSE, "Error parsing log destination" -error_code V4_PRINC_NO_CONV, "Failed to convert v4 principal" -error_code SALTTYPE_NOSUPP, "Salt type is not supported by enctype" -error_code NOHOST, "Host not found" -error_code OPNOTSUPP, "Operation not supported" -error_code EOF, "End of file" -error_code BAD_MKEY, "Failed to get the master key" -error_code SERVICE_NOMATCH, "Unacceptable service used" - -index 64 -prefix HEIM_PKINIT -error_code NO_CERTIFICATE, "Certificate missing" -error_code NO_PRIVATE_KEY, "Private key missing" -error_code NO_VALID_CA, "No valid certificate authority" -error_code CERTIFICATE_INVALID, "Certificate invalid" -error_code PRIVATE_KEY_INVALID, "Private key invalid" - -index 128 -prefix HEIM_EAI -#error_code NOERROR, "no error" -error_code UNKNOWN, "unknown error from getaddrinfo" -error_code ADDRFAMILY, "address family for nodename not supported" -error_code AGAIN, "temporary failure in name resolution" -error_code BADFLAGS, "invalid value for ai_flags" -error_code FAIL, "non-recoverable failure in name resolution" -error_code FAMILY, "ai_family not supported" -error_code MEMORY, "memory allocation failure" -error_code NODATA, "no address associated with nodename" -error_code NONAME, "nodename nor servname provided, or not known" -error_code SERVICE, "servname not supported for ai_socktype" -error_code SOCKTYPE, "ai_socktype not supported" -error_code SYSTEM, "system error returned in errno" -end diff --git a/crypto/heimdal/lib/krb5/heim_threads.h b/crypto/heimdal/lib/krb5/heim_threads.h deleted file mode 100644 index 3c27d13d81b9..000000000000 --- a/crypto/heimdal/lib/krb5/heim_threads.h +++ /dev/null @@ -1,175 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: heim_threads.h 14409 2004-12-18 16:03:38Z lha $ */ - -/* - * Provide wrapper macros for thread synchronization primitives so we - * can use native thread functions for those operating system that - * supports it. - * - * This is so libkrb5.so (or more importantly, libgssapi.so) can have - * thread support while the program that that dlopen(3)s the library - * don't need to be linked to libpthread. - */ - -#ifndef HEIM_THREADS_H -#define HEIM_THREADS_H 1 - -/* assume headers already included */ - -#if defined(__NetBSD__) && __NetBSD_Version__ >= 106120000 && __NetBSD_Version__< 299001200 && defined(ENABLE_PTHREAD_SUPPORT) - -/* - * NetBSD have a thread lib that we can use that part of libc that - * works regardless if application are linked to pthreads or not. - * NetBSD newer then 2.99.11 just use pthread.h, and the same thing - * will happen. - */ -#include - -#define HEIMDAL_MUTEX mutex_t -#define HEIMDAL_MUTEX_INITIALIZER MUTEX_INITIALIZER -#define HEIMDAL_MUTEX_init(m) mutex_init(m, NULL) -#define HEIMDAL_MUTEX_lock(m) mutex_lock(m) -#define HEIMDAL_MUTEX_unlock(m) mutex_unlock(m) -#define HEIMDAL_MUTEX_destroy(m) mutex_destroy(m) - -#define HEIMDAL_RWLOCK rwlock_t -#define HEIMDAL_RWLOCK_INITIALIZER RWLOCK_INITIALIZER -#define HEIMDAL_RWLOCK_init(l) rwlock_init(l, NULL) -#define HEIMDAL_RWLOCK_rdlock(l) rwlock_rdlock(l) -#define HEIMDAL_RWLOCK_wrlock(l) rwlock_wrlock(l) -#define HEIMDAL_RWLOCK_tryrdlock(l) rwlock_tryrdlock(l) -#define HEIMDAL_RWLOCK_trywrlock(l) rwlock_trywrlock(l) -#define HEIMDAL_RWLOCK_unlock(l) rwlock_unlock(l) -#define HEIMDAL_RWLOCK_destroy(l) rwlock_destroy(l) - -#define HEIMDAL_thread_key thread_key_t -#define HEIMDAL_key_create(k,d,r) do { r = thr_keycreate(k,d); } while(0) -#define HEIMDAL_setspecific(k,s,r) do { r = thr_setspecific(k,s); } while(0) -#define HEIMDAL_getspecific(k) thr_getspecific(k) -#define HEIMDAL_key_delete(k) thr_keydelete(k) - -#elif defined(ENABLE_PTHREAD_SUPPORT) && (!defined(__NetBSD__) || __NetBSD_Version__ >= 299001200) - -#include - -#define HEIMDAL_MUTEX pthread_mutex_t -#define HEIMDAL_MUTEX_INITIALIZER PTHREAD_MUTEX_INITIALIZER -#define HEIMDAL_MUTEX_init(m) pthread_mutex_init(m, NULL) -#define HEIMDAL_MUTEX_lock(m) pthread_mutex_lock(m) -#define HEIMDAL_MUTEX_unlock(m) pthread_mutex_unlock(m) -#define HEIMDAL_MUTEX_destroy(m) pthread_mutex_destroy(m) - -#define HEIMDAL_RWLOCK rwlock_t -#define HEIMDAL_RWLOCK_INITIALIZER RWLOCK_INITIALIZER -#define HEIMDAL_RWLOCK_init(l) pthread_rwlock_init(l, NULL) -#define HEIMDAL_RWLOCK_rdlock(l) pthread_rwlock_rdlock(l) -#define HEIMDAL_RWLOCK_wrlock(l) pthread_rwlock_wrlock(l) -#define HEIMDAL_RWLOCK_tryrdlock(l) pthread_rwlock_tryrdlock(l) -#define HEIMDAL_RWLOCK_trywrlock(l) pthread_rwlock_trywrlock(l) -#define HEIMDAL_RWLOCK_unlock(l) pthread_rwlock_unlock(l) -#define HEIMDAL_RWLOCK_destroy(l) pthread_rwlock_destroy(l) - -#define HEIMDAL_thread_key pthread_key_t -#define HEIMDAL_key_create(k,d,r) do { r = pthread_key_create(k,d); } while(0) -#define HEIMDAL_setspecific(k,s,r) do { r = pthread_setspecific(k,s); } while(0) -#define HEIMDAL_getspecific(k) pthread_getspecific(k) -#define HEIMDAL_key_delete(k) pthread_key_delete(k) - -#elif defined(HEIMDAL_DEBUG_THREADS) - -/* no threads support, just do consistency checks */ -#include - -#define HEIMDAL_MUTEX int -#define HEIMDAL_MUTEX_INITIALIZER 0 -#define HEIMDAL_MUTEX_init(m) do { (*(m)) = 0; } while(0) -#define HEIMDAL_MUTEX_lock(m) do { if ((*(m))++ != 0) abort(); } while(0) -#define HEIMDAL_MUTEX_unlock(m) do { if ((*(m))-- != 1) abort(); } while(0) -#define HEIMDAL_MUTEX_destroy(m) do {if ((*(m)) != 0) abort(); } while(0) - -#define HEIMDAL_RWLOCK rwlock_t int -#define HEIMDAL_RWLOCK_INITIALIZER 0 -#define HEIMDAL_RWLOCK_init(l) do { } while(0) -#define HEIMDAL_RWLOCK_rdlock(l) do { } while(0) -#define HEIMDAL_RWLOCK_wrlock(l) do { } while(0) -#define HEIMDAL_RWLOCK_tryrdlock(l) do { } while(0) -#define HEIMDAL_RWLOCK_trywrlock(l) do { } while(0) -#define HEIMDAL_RWLOCK_unlock(l) do { } while(0) -#define HEIMDAL_RWLOCK_destroy(l) do { } while(0) - -#define HEIMDAL_internal_thread_key 1 - -#else /* no thread support, no debug case */ - -#define HEIMDAL_MUTEX int -#define HEIMDAL_MUTEX_INITIALIZER 0 -#define HEIMDAL_MUTEX_init(m) do { (void)(m); } while(0) -#define HEIMDAL_MUTEX_lock(m) do { (void)(m); } while(0) -#define HEIMDAL_MUTEX_unlock(m) do { (void)(m); } while(0) -#define HEIMDAL_MUTEX_destroy(m) do { (void)(m); } while(0) - -#define HEIMDAL_RWLOCK rwlock_t int -#define HEIMDAL_RWLOCK_INITIALIZER 0 -#define HEIMDAL_RWLOCK_init(l) do { } while(0) -#define HEIMDAL_RWLOCK_rdlock(l) do { } while(0) -#define HEIMDAL_RWLOCK_wrlock(l) do { } while(0) -#define HEIMDAL_RWLOCK_tryrdlock(l) do { } while(0) -#define HEIMDAL_RWLOCK_trywrlock(l) do { } while(0) -#define HEIMDAL_RWLOCK_unlock(l) do { } while(0) -#define HEIMDAL_RWLOCK_destroy(l) do { } while(0) - -#define HEIMDAL_internal_thread_key 1 - -#endif /* no thread support */ - -#ifdef HEIMDAL_internal_thread_key - -typedef struct heim_thread_key { - void *value; - void (*destructor)(void *); -} heim_thread_key; - -#define HEIMDAL_thread_key heim_thread_key -#define HEIMDAL_key_create(k,d,r) \ - do { (k)->value = NULL; (k)->destructor = (d); r = 0; } while(0) -#define HEIMDAL_setspecific(k,s,r) do { (k).value = s ; r = 0; } while(0) -#define HEIMDAL_getspecific(k) ((k).value) -#define HEIMDAL_key_delete(k) do { (*(k).destructor)((k).value); } while(0) - -#undef HEIMDAL_internal_thread_key -#endif /* HEIMDAL_internal_thread_key */ - -#endif /* HEIM_THREADS_H */ diff --git a/crypto/heimdal/lib/krb5/init_creds.c b/crypto/heimdal/lib/krb5/init_creds.c deleted file mode 100644 index a59c903bd9e1..000000000000 --- a/crypto/heimdal/lib/krb5/init_creds.c +++ /dev/null @@ -1,442 +0,0 @@ -/* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: init_creds.c 21711 2007-07-27 14:22:02Z lha $"); - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_init(krb5_get_init_creds_opt *opt) -{ - memset (opt, 0, sizeof(*opt)); - opt->flags = 0; - opt->opt_private = NULL; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_alloc(krb5_context context, - krb5_get_init_creds_opt **opt) -{ - krb5_get_init_creds_opt *o; - - *opt = NULL; - o = calloc(1, sizeof(*o)); - if (o == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - krb5_get_init_creds_opt_init(o); - o->opt_private = calloc(1, sizeof(*o->opt_private)); - if (o->opt_private == NULL) { - krb5_set_error_string(context, "out of memory"); - free(o); - return ENOMEM; - } - o->opt_private->refcount = 1; - *opt = o; - return 0; -} - -krb5_error_code -_krb5_get_init_creds_opt_copy(krb5_context context, - const krb5_get_init_creds_opt *in, - krb5_get_init_creds_opt **out) -{ - krb5_get_init_creds_opt *opt; - - *out = NULL; - opt = calloc(1, sizeof(*opt)); - if (opt == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - if (in) - *opt = *in; - if(opt->opt_private == NULL) { - opt->opt_private = calloc(1, sizeof(*opt->opt_private)); - if (opt->opt_private == NULL) { - krb5_set_error_string(context, "out of memory"); - free(opt); - return ENOMEM; - } - opt->opt_private->refcount = 1; - } else - opt->opt_private->refcount++; - *out = opt; - return 0; -} - -void KRB5_LIB_FUNCTION -_krb5_get_init_creds_opt_free_krb5_error(krb5_get_init_creds_opt *opt) -{ - if (opt->opt_private == NULL || opt->opt_private->error == NULL) - return; - free_KRB_ERROR(opt->opt_private->error); - free(opt->opt_private->error); - opt->opt_private->error = NULL; -} - -void KRB5_LIB_FUNCTION -_krb5_get_init_creds_opt_set_krb5_error(krb5_context context, - krb5_get_init_creds_opt *opt, - const KRB_ERROR *error) -{ - krb5_error_code ret; - - if (opt->opt_private == NULL) - return; - - _krb5_get_init_creds_opt_free_krb5_error(opt); - - opt->opt_private->error = malloc(sizeof(*opt->opt_private->error)); - if (opt->opt_private->error == NULL) - return; - ret = copy_KRB_ERROR(error, opt->opt_private->error); - if (ret) { - free(opt->opt_private->error); - opt->opt_private->error = NULL; - } -} - - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_free(krb5_context context, - krb5_get_init_creds_opt *opt) -{ - if (opt == NULL || opt->opt_private == NULL) - return; - if (opt->opt_private->refcount < 1) /* abort ? */ - return; - if (--opt->opt_private->refcount == 0) { - _krb5_get_init_creds_opt_free_krb5_error(opt); - _krb5_get_init_creds_opt_free_pkinit(opt); - free(opt->opt_private); - } - memset(opt, 0, sizeof(*opt)); - free(opt); -} - -static int -get_config_time (krb5_context context, - const char *realm, - const char *name, - int def) -{ - int ret; - - ret = krb5_config_get_time (context, NULL, - "realms", - realm, - name, - NULL); - if (ret >= 0) - return ret; - ret = krb5_config_get_time (context, NULL, - "libdefaults", - name, - NULL); - if (ret >= 0) - return ret; - return def; -} - -static krb5_boolean -get_config_bool (krb5_context context, - const char *realm, - const char *name) -{ - return krb5_config_get_bool (context, - NULL, - "realms", - realm, - name, - NULL) - || krb5_config_get_bool (context, - NULL, - "libdefaults", - name, - NULL); -} - -/* - * set all the values in `opt' to the appropriate values for - * application `appname' (default to getprogname() if NULL), and realm - * `realm'. First looks in [appdefaults] but falls back to - * [realms] or [libdefaults] for some of the values. - */ - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_default_flags(krb5_context context, - const char *appname, - krb5_const_realm realm, - krb5_get_init_creds_opt *opt) -{ - krb5_boolean b; - time_t t; - - b = get_config_bool (context, realm, "forwardable"); - krb5_appdefault_boolean(context, appname, realm, "forwardable", b, &b); - krb5_get_init_creds_opt_set_forwardable(opt, b); - - b = get_config_bool (context, realm, "proxiable"); - krb5_appdefault_boolean(context, appname, realm, "proxiable", b, &b); - krb5_get_init_creds_opt_set_proxiable (opt, b); - - krb5_appdefault_time(context, appname, realm, "ticket_lifetime", 0, &t); - if (t == 0) - t = get_config_time (context, realm, "ticket_lifetime", 0); - if(t != 0) - krb5_get_init_creds_opt_set_tkt_life(opt, t); - - krb5_appdefault_time(context, appname, realm, "renew_lifetime", 0, &t); - if (t == 0) - t = get_config_time (context, realm, "renew_lifetime", 0); - if(t != 0) - krb5_get_init_creds_opt_set_renew_life(opt, t); - - krb5_appdefault_boolean(context, appname, realm, "no-addresses", - KRB5_ADDRESSLESS_DEFAULT, &b); - krb5_get_init_creds_opt_set_addressless (context, opt, b); - -#if 0 - krb5_appdefault_boolean(context, appname, realm, "anonymous", FALSE, &b); - krb5_get_init_creds_opt_set_anonymous (opt, b); - - krb5_get_init_creds_opt_set_etype_list(opt, enctype, - etype_str.num_strings); - - krb5_get_init_creds_opt_set_salt(krb5_get_init_creds_opt *opt, - krb5_data *salt); - - krb5_get_init_creds_opt_set_preauth_list(krb5_get_init_creds_opt *opt, - krb5_preauthtype *preauth_list, - int preauth_list_length); -#endif -} - - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_tkt_life(krb5_get_init_creds_opt *opt, - krb5_deltat tkt_life) -{ - opt->flags |= KRB5_GET_INIT_CREDS_OPT_TKT_LIFE; - opt->tkt_life = tkt_life; -} - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_renew_life(krb5_get_init_creds_opt *opt, - krb5_deltat renew_life) -{ - opt->flags |= KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE; - opt->renew_life = renew_life; -} - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_forwardable(krb5_get_init_creds_opt *opt, - int forwardable) -{ - opt->flags |= KRB5_GET_INIT_CREDS_OPT_FORWARDABLE; - opt->forwardable = forwardable; -} - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_proxiable(krb5_get_init_creds_opt *opt, - int proxiable) -{ - opt->flags |= KRB5_GET_INIT_CREDS_OPT_PROXIABLE; - opt->proxiable = proxiable; -} - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_etype_list(krb5_get_init_creds_opt *opt, - krb5_enctype *etype_list, - int etype_list_length) -{ - opt->flags |= KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST; - opt->etype_list = etype_list; - opt->etype_list_length = etype_list_length; -} - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_address_list(krb5_get_init_creds_opt *opt, - krb5_addresses *addresses) -{ - opt->flags |= KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST; - opt->address_list = addresses; -} - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_preauth_list(krb5_get_init_creds_opt *opt, - krb5_preauthtype *preauth_list, - int preauth_list_length) -{ - opt->flags |= KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST; - opt->preauth_list_length = preauth_list_length; - opt->preauth_list = preauth_list; -} - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_salt(krb5_get_init_creds_opt *opt, - krb5_data *salt) -{ - opt->flags |= KRB5_GET_INIT_CREDS_OPT_SALT; - opt->salt = salt; -} - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_anonymous(krb5_get_init_creds_opt *opt, - int anonymous) -{ - opt->flags |= KRB5_GET_INIT_CREDS_OPT_ANONYMOUS; - opt->anonymous = anonymous; -} - -static krb5_error_code -require_ext_opt(krb5_context context, - krb5_get_init_creds_opt *opt, - const char *type) -{ - if (opt->opt_private == NULL) { - krb5_set_error_string(context, "%s on non extendable opt", type); - return EINVAL; - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_pa_password(krb5_context context, - krb5_get_init_creds_opt *opt, - const char *password, - krb5_s2k_proc key_proc) -{ - krb5_error_code ret; - ret = require_ext_opt(context, opt, "init_creds_opt_set_pa_password"); - if (ret) - return ret; - opt->opt_private->password = password; - opt->opt_private->key_proc = key_proc; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_pac_request(krb5_context context, - krb5_get_init_creds_opt *opt, - krb5_boolean req_pac) -{ - krb5_error_code ret; - ret = require_ext_opt(context, opt, "init_creds_opt_set_pac_req"); - if (ret) - return ret; - opt->opt_private->req_pac = req_pac ? - KRB5_INIT_CREDS_TRISTATE_TRUE : - KRB5_INIT_CREDS_TRISTATE_FALSE; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_get_error(krb5_context context, - krb5_get_init_creds_opt *opt, - KRB_ERROR **error) -{ - krb5_error_code ret; - - *error = NULL; - - ret = require_ext_opt(context, opt, "init_creds_opt_get_error"); - if (ret) - return ret; - - if (opt->opt_private->error == NULL) - return 0; - - *error = malloc(sizeof(**error)); - if (*error == NULL) { - krb5_set_error_string(context, "malloc - out memory"); - return ENOMEM; - } - - ret = copy_KRB_ERROR(opt->opt_private->error, *error); - if (ret) - krb5_clear_error_string(context); - - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_addressless(krb5_context context, - krb5_get_init_creds_opt *opt, - krb5_boolean addressless) -{ - krb5_error_code ret; - ret = require_ext_opt(context, opt, "init_creds_opt_set_pac_req"); - if (ret) - return ret; - if (addressless) - opt->opt_private->addressless = KRB5_INIT_CREDS_TRISTATE_TRUE; - else - opt->opt_private->addressless = KRB5_INIT_CREDS_TRISTATE_FALSE; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_canonicalize(krb5_context context, - krb5_get_init_creds_opt *opt, - krb5_boolean req) -{ - krb5_error_code ret; - ret = require_ext_opt(context, opt, "init_creds_opt_set_canonicalize"); - if (ret) - return ret; - if (req) - opt->opt_private->flags |= KRB5_INIT_CREDS_CANONICALIZE; - else - opt->opt_private->flags &= ~KRB5_INIT_CREDS_CANONICALIZE; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_win2k(krb5_context context, - krb5_get_init_creds_opt *opt, - krb5_boolean req) -{ - krb5_error_code ret; - ret = require_ext_opt(context, opt, "init_creds_opt_set_win2k"); - if (ret) - return ret; - if (req) - opt->opt_private->flags |= KRB5_INIT_CREDS_NO_C_CANON_CHECK; - else - opt->opt_private->flags &= ~KRB5_INIT_CREDS_NO_C_CANON_CHECK; - return 0; -} - diff --git a/crypto/heimdal/lib/krb5/init_creds_pw.c b/crypto/heimdal/lib/krb5/init_creds_pw.c deleted file mode 100644 index 441adff8fdf9..000000000000 --- a/crypto/heimdal/lib/krb5/init_creds_pw.c +++ /dev/null @@ -1,1658 +0,0 @@ -/* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: init_creds_pw.c 21931 2007-08-27 14:11:55Z lha $"); - -typedef struct krb5_get_init_creds_ctx { - KDCOptions flags; - krb5_creds cred; - krb5_addresses *addrs; - krb5_enctype *etypes; - krb5_preauthtype *pre_auth_types; - const char *in_tkt_service; - unsigned nonce; - unsigned pk_nonce; - - krb5_data req_buffer; - AS_REQ as_req; - int pa_counter; - - const char *password; - krb5_s2k_proc key_proc; - - krb5_get_init_creds_tristate req_pac; - - krb5_pk_init_ctx pk_init_ctx; - int ic_flags; -} krb5_get_init_creds_ctx; - -static krb5_error_code -default_s2k_func(krb5_context context, krb5_enctype type, - krb5_const_pointer keyseed, - krb5_salt salt, krb5_data *s2kparms, - krb5_keyblock **key) -{ - krb5_error_code ret; - krb5_data password; - krb5_data opaque; - - password.data = rk_UNCONST(keyseed); - password.length = strlen(keyseed); - if (s2kparms) - opaque = *s2kparms; - else - krb5_data_zero(&opaque); - - *key = malloc(sizeof(**key)); - if (*key == NULL) - return ENOMEM; - ret = krb5_string_to_key_data_salt_opaque(context, type, password, - salt, opaque, *key); - if (ret) { - free(*key); - *key = NULL; - } - return ret; -} - -static void -free_init_creds_ctx(krb5_context context, krb5_get_init_creds_ctx *ctx) -{ - if (ctx->etypes) - free(ctx->etypes); - if (ctx->pre_auth_types) - free (ctx->pre_auth_types); - free_AS_REQ(&ctx->as_req); - memset(&ctx->as_req, 0, sizeof(ctx->as_req)); -} - -static int -get_config_time (krb5_context context, - const char *realm, - const char *name, - int def) -{ - int ret; - - ret = krb5_config_get_time (context, NULL, - "realms", - realm, - name, - NULL); - if (ret >= 0) - return ret; - ret = krb5_config_get_time (context, NULL, - "libdefaults", - name, - NULL); - if (ret >= 0) - return ret; - return def; -} - -static krb5_error_code -init_cred (krb5_context context, - krb5_creds *cred, - krb5_principal client, - krb5_deltat start_time, - const char *in_tkt_service, - krb5_get_init_creds_opt *options) -{ - krb5_error_code ret; - krb5_const_realm client_realm; - int tmp; - krb5_timestamp now; - - krb5_timeofday (context, &now); - - memset (cred, 0, sizeof(*cred)); - - if (client) - krb5_copy_principal(context, client, &cred->client); - else { - ret = krb5_get_default_principal (context, - &cred->client); - if (ret) - goto out; - } - - client_realm = krb5_principal_get_realm (context, cred->client); - - if (start_time) - cred->times.starttime = now + start_time; - - if (options->flags & KRB5_GET_INIT_CREDS_OPT_TKT_LIFE) - tmp = options->tkt_life; - else - tmp = 10 * 60 * 60; - cred->times.endtime = now + tmp; - - if ((options->flags & KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE) && - options->renew_life > 0) { - cred->times.renew_till = now + options->renew_life; - } - - if (in_tkt_service) { - krb5_realm server_realm; - - ret = krb5_parse_name (context, in_tkt_service, &cred->server); - if (ret) - goto out; - server_realm = strdup (client_realm); - free (*krb5_princ_realm(context, cred->server)); - krb5_princ_set_realm (context, cred->server, &server_realm); - } else { - ret = krb5_make_principal(context, &cred->server, - client_realm, KRB5_TGS_NAME, client_realm, - NULL); - if (ret) - goto out; - } - return 0; - -out: - krb5_free_cred_contents (context, cred); - return ret; -} - -/* - * Print a message (str) to the user about the expiration in `lr' - */ - -static void -report_expiration (krb5_context context, - krb5_prompter_fct prompter, - krb5_data *data, - const char *str, - time_t now) -{ - char *p; - - asprintf (&p, "%s%s", str, ctime(&now)); - (*prompter) (context, data, NULL, p, 0, NULL); - free (p); -} - -/* - * Parse the last_req data and show it to the user if it's interesting - */ - -static void -print_expire (krb5_context context, - krb5_const_realm realm, - krb5_kdc_rep *rep, - krb5_prompter_fct prompter, - krb5_data *data) -{ - int i; - LastReq *lr = &rep->enc_part.last_req; - krb5_timestamp sec; - time_t t; - krb5_boolean reported = FALSE; - - krb5_timeofday (context, &sec); - - t = sec + get_config_time (context, - realm, - "warn_pwexpire", - 7 * 24 * 60 * 60); - - for (i = 0; i < lr->len; ++i) { - if (lr->val[i].lr_value <= t) { - switch (abs(lr->val[i].lr_type)) { - case LR_PW_EXPTIME : - report_expiration(context, prompter, data, - "Your password will expire at ", - lr->val[i].lr_value); - reported = TRUE; - break; - case LR_ACCT_EXPTIME : - report_expiration(context, prompter, data, - "Your account will expire at ", - lr->val[i].lr_value); - reported = TRUE; - break; - } - } - } - - if (!reported - && rep->enc_part.key_expiration - && *rep->enc_part.key_expiration <= t) { - report_expiration(context, prompter, data, - "Your password/account will expire at ", - *rep->enc_part.key_expiration); - } -} - -static krb5_addresses no_addrs = { 0, NULL }; - -static krb5_error_code -get_init_creds_common(krb5_context context, - krb5_principal client, - krb5_deltat start_time, - const char *in_tkt_service, - krb5_get_init_creds_opt *options, - krb5_get_init_creds_ctx *ctx) -{ - krb5_get_init_creds_opt default_opt; - krb5_error_code ret; - krb5_enctype *etypes; - krb5_preauthtype *pre_auth_types; - - memset(ctx, 0, sizeof(*ctx)); - - if (options == NULL) { - krb5_get_init_creds_opt_init (&default_opt); - options = &default_opt; - } else { - _krb5_get_init_creds_opt_free_krb5_error(options); - } - - if (options->opt_private) { - ctx->password = options->opt_private->password; - ctx->key_proc = options->opt_private->key_proc; - ctx->req_pac = options->opt_private->req_pac; - ctx->pk_init_ctx = options->opt_private->pk_init_ctx; - ctx->ic_flags = options->opt_private->flags; - } else - ctx->req_pac = KRB5_INIT_CREDS_TRISTATE_UNSET; - - if (ctx->key_proc == NULL) - ctx->key_proc = default_s2k_func; - - if (ctx->ic_flags & KRB5_INIT_CREDS_CANONICALIZE) - ctx->flags.canonicalize = 1; - - ctx->pre_auth_types = NULL; - ctx->addrs = NULL; - ctx->etypes = NULL; - ctx->pre_auth_types = NULL; - ctx->in_tkt_service = in_tkt_service; - - ret = init_cred (context, &ctx->cred, client, start_time, - in_tkt_service, options); - if (ret) - return ret; - - if (options->flags & KRB5_GET_INIT_CREDS_OPT_FORWARDABLE) - ctx->flags.forwardable = options->forwardable; - - if (options->flags & KRB5_GET_INIT_CREDS_OPT_PROXIABLE) - ctx->flags.proxiable = options->proxiable; - - if (start_time) - ctx->flags.postdated = 1; - if (ctx->cred.times.renew_till) - ctx->flags.renewable = 1; - if (options->flags & KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST) { - ctx->addrs = options->address_list; - } else if (options->opt_private) { - switch (options->opt_private->addressless) { - case KRB5_INIT_CREDS_TRISTATE_UNSET: -#if KRB5_ADDRESSLESS_DEFAULT == TRUE - ctx->addrs = &no_addrs; -#else - ctx->addrs = NULL; -#endif - break; - case KRB5_INIT_CREDS_TRISTATE_FALSE: - ctx->addrs = NULL; - break; - case KRB5_INIT_CREDS_TRISTATE_TRUE: - ctx->addrs = &no_addrs; - break; - } - } - if (options->flags & KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST) { - etypes = malloc((options->etype_list_length + 1) - * sizeof(krb5_enctype)); - if (etypes == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - memcpy (etypes, options->etype_list, - options->etype_list_length * sizeof(krb5_enctype)); - etypes[options->etype_list_length] = ETYPE_NULL; - ctx->etypes = etypes; - } - if (options->flags & KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST) { - pre_auth_types = malloc((options->preauth_list_length + 1) - * sizeof(krb5_preauthtype)); - if (pre_auth_types == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - memcpy (pre_auth_types, options->preauth_list, - options->preauth_list_length * sizeof(krb5_preauthtype)); - pre_auth_types[options->preauth_list_length] = KRB5_PADATA_NONE; - ctx->pre_auth_types = pre_auth_types; - } - if (options->flags & KRB5_GET_INIT_CREDS_OPT_SALT) - ; /* XXX */ - if (options->flags & KRB5_GET_INIT_CREDS_OPT_ANONYMOUS) - ctx->flags.request_anonymous = options->anonymous; - return 0; -} - -static krb5_error_code -change_password (krb5_context context, - krb5_principal client, - const char *password, - char *newpw, - size_t newpw_sz, - krb5_prompter_fct prompter, - void *data, - krb5_get_init_creds_opt *old_options) -{ - krb5_prompt prompts[2]; - krb5_error_code ret; - krb5_creds cpw_cred; - char buf1[BUFSIZ], buf2[BUFSIZ]; - krb5_data password_data[2]; - int result_code; - krb5_data result_code_string; - krb5_data result_string; - char *p; - krb5_get_init_creds_opt options; - - memset (&cpw_cred, 0, sizeof(cpw_cred)); - - krb5_get_init_creds_opt_init (&options); - krb5_get_init_creds_opt_set_tkt_life (&options, 60); - krb5_get_init_creds_opt_set_forwardable (&options, FALSE); - krb5_get_init_creds_opt_set_proxiable (&options, FALSE); - if (old_options && old_options->flags & KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST) - krb5_get_init_creds_opt_set_preauth_list (&options, - old_options->preauth_list, - old_options->preauth_list_length); - - krb5_data_zero (&result_code_string); - krb5_data_zero (&result_string); - - ret = krb5_get_init_creds_password (context, - &cpw_cred, - client, - password, - prompter, - data, - 0, - "kadmin/changepw", - &options); - if (ret) - goto out; - - for(;;) { - password_data[0].data = buf1; - password_data[0].length = sizeof(buf1); - - prompts[0].hidden = 1; - prompts[0].prompt = "New password: "; - prompts[0].reply = &password_data[0]; - prompts[0].type = KRB5_PROMPT_TYPE_NEW_PASSWORD; - - password_data[1].data = buf2; - password_data[1].length = sizeof(buf2); - - prompts[1].hidden = 1; - prompts[1].prompt = "Repeat new password: "; - prompts[1].reply = &password_data[1]; - prompts[1].type = KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN; - - ret = (*prompter) (context, data, NULL, "Changing password", - 2, prompts); - if (ret) { - memset (buf1, 0, sizeof(buf1)); - memset (buf2, 0, sizeof(buf2)); - goto out; - } - - if (strcmp (buf1, buf2) == 0) - break; - memset (buf1, 0, sizeof(buf1)); - memset (buf2, 0, sizeof(buf2)); - } - - ret = krb5_change_password (context, - &cpw_cred, - buf1, - &result_code, - &result_code_string, - &result_string); - if (ret) - goto out; - asprintf (&p, "%s: %.*s\n", - result_code ? "Error" : "Success", - (int)result_string.length, - result_string.length > 0 ? (char*)result_string.data : ""); - - ret = (*prompter) (context, data, NULL, p, 0, NULL); - free (p); - if (result_code == 0) { - strlcpy (newpw, buf1, newpw_sz); - ret = 0; - } else { - krb5_set_error_string (context, "failed changing password"); - ret = ENOTTY; - } - -out: - memset (buf1, 0, sizeof(buf1)); - memset (buf2, 0, sizeof(buf2)); - krb5_data_free (&result_string); - krb5_data_free (&result_code_string); - krb5_free_cred_contents (context, &cpw_cred); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_keyblock_key_proc (krb5_context context, - krb5_keytype type, - krb5_data *salt, - krb5_const_pointer keyseed, - krb5_keyblock **key) -{ - return krb5_copy_keyblock (context, keyseed, key); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_keytab(krb5_context context, - krb5_creds *creds, - krb5_principal client, - krb5_keytab keytab, - krb5_deltat start_time, - const char *in_tkt_service, - krb5_get_init_creds_opt *options) -{ - krb5_get_init_creds_ctx ctx; - krb5_error_code ret; - krb5_keytab_key_proc_args *a; - - ret = get_init_creds_common(context, client, start_time, - in_tkt_service, options, &ctx); - if (ret) - goto out; - - a = malloc (sizeof(*a)); - if (a == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - a->principal = ctx.cred.client; - a->keytab = keytab; - - ret = krb5_get_in_cred (context, - KDCOptions2int(ctx.flags), - ctx.addrs, - ctx.etypes, - ctx.pre_auth_types, - NULL, - krb5_keytab_key_proc, - a, - NULL, - NULL, - &ctx.cred, - NULL); - free (a); - - if (ret == 0 && creds) - *creds = ctx.cred; - else - krb5_free_cred_contents (context, &ctx.cred); - - out: - free_init_creds_ctx(context, &ctx); - return ret; -} - -/* - * - */ - -static krb5_error_code -init_creds_init_as_req (krb5_context context, - KDCOptions opts, - const krb5_creds *creds, - const krb5_addresses *addrs, - const krb5_enctype *etypes, - AS_REQ *a) -{ - krb5_error_code ret; - - memset(a, 0, sizeof(*a)); - - a->pvno = 5; - a->msg_type = krb_as_req; - a->req_body.kdc_options = opts; - a->req_body.cname = malloc(sizeof(*a->req_body.cname)); - if (a->req_body.cname == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto fail; - } - a->req_body.sname = malloc(sizeof(*a->req_body.sname)); - if (a->req_body.sname == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto fail; - } - - ret = _krb5_principal2principalname (a->req_body.cname, creds->client); - if (ret) - goto fail; - ret = copy_Realm(&creds->client->realm, &a->req_body.realm); - if (ret) - goto fail; - - ret = _krb5_principal2principalname (a->req_body.sname, creds->server); - if (ret) - goto fail; - - if(creds->times.starttime) { - a->req_body.from = malloc(sizeof(*a->req_body.from)); - if (a->req_body.from == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto fail; - } - *a->req_body.from = creds->times.starttime; - } - if(creds->times.endtime){ - ALLOC(a->req_body.till, 1); - *a->req_body.till = creds->times.endtime; - } - if(creds->times.renew_till){ - a->req_body.rtime = malloc(sizeof(*a->req_body.rtime)); - if (a->req_body.rtime == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto fail; - } - *a->req_body.rtime = creds->times.renew_till; - } - a->req_body.nonce = 0; - ret = krb5_init_etype (context, - &a->req_body.etype.len, - &a->req_body.etype.val, - etypes); - if (ret) - goto fail; - - /* - * This means no addresses - */ - - if (addrs && addrs->len == 0) { - a->req_body.addresses = NULL; - } else { - a->req_body.addresses = malloc(sizeof(*a->req_body.addresses)); - if (a->req_body.addresses == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "malloc: out of memory"); - goto fail; - } - - if (addrs) - ret = krb5_copy_addresses(context, addrs, a->req_body.addresses); - else { - ret = krb5_get_all_client_addrs (context, a->req_body.addresses); - if(ret == 0 && a->req_body.addresses->len == 0) { - free(a->req_body.addresses); - a->req_body.addresses = NULL; - } - } - if (ret) - goto fail; - } - - a->req_body.enc_authorization_data = NULL; - a->req_body.additional_tickets = NULL; - - a->padata = NULL; - - return 0; - fail: - free_AS_REQ(a); - memset(a, 0, sizeof(*a)); - return ret; -} - -struct pa_info_data { - krb5_enctype etype; - krb5_salt salt; - krb5_data *s2kparams; -}; - -static void -free_paid(krb5_context context, struct pa_info_data *ppaid) -{ - krb5_free_salt(context, ppaid->salt); - if (ppaid->s2kparams) - krb5_free_data(context, ppaid->s2kparams); -} - - -static krb5_error_code -set_paid(struct pa_info_data *paid, krb5_context context, - krb5_enctype etype, - krb5_salttype salttype, void *salt_string, size_t salt_len, - krb5_data *s2kparams) -{ - paid->etype = etype; - paid->salt.salttype = salttype; - paid->salt.saltvalue.data = malloc(salt_len + 1); - if (paid->salt.saltvalue.data == NULL) { - krb5_clear_error_string(context); - return ENOMEM; - } - memcpy(paid->salt.saltvalue.data, salt_string, salt_len); - ((char *)paid->salt.saltvalue.data)[salt_len] = '\0'; - paid->salt.saltvalue.length = salt_len; - if (s2kparams) { - krb5_error_code ret; - - ret = krb5_copy_data(context, s2kparams, &paid->s2kparams); - if (ret) { - krb5_clear_error_string(context); - krb5_free_salt(context, paid->salt); - return ret; - } - } else - paid->s2kparams = NULL; - - return 0; -} - -static struct pa_info_data * -pa_etype_info2(krb5_context context, - const krb5_principal client, - const AS_REQ *asreq, - struct pa_info_data *paid, - heim_octet_string *data) -{ - krb5_error_code ret; - ETYPE_INFO2 e; - size_t sz; - int i, j; - - memset(&e, 0, sizeof(e)); - ret = decode_ETYPE_INFO2(data->data, data->length, &e, &sz); - if (ret) - goto out; - if (e.len == 0) - goto out; - for (j = 0; j < asreq->req_body.etype.len; j++) { - for (i = 0; i < e.len; i++) { - if (asreq->req_body.etype.val[j] == e.val[i].etype) { - krb5_salt salt; - if (e.val[i].salt == NULL) - ret = krb5_get_pw_salt(context, client, &salt); - else { - salt.saltvalue.data = *e.val[i].salt; - salt.saltvalue.length = strlen(*e.val[i].salt); - ret = 0; - } - if (ret == 0) - ret = set_paid(paid, context, e.val[i].etype, - KRB5_PW_SALT, - salt.saltvalue.data, - salt.saltvalue.length, - e.val[i].s2kparams); - if (e.val[i].salt == NULL) - krb5_free_salt(context, salt); - if (ret == 0) { - free_ETYPE_INFO2(&e); - return paid; - } - } - } - } - out: - free_ETYPE_INFO2(&e); - return NULL; -} - -static struct pa_info_data * -pa_etype_info(krb5_context context, - const krb5_principal client, - const AS_REQ *asreq, - struct pa_info_data *paid, - heim_octet_string *data) -{ - krb5_error_code ret; - ETYPE_INFO e; - size_t sz; - int i, j; - - memset(&e, 0, sizeof(e)); - ret = decode_ETYPE_INFO(data->data, data->length, &e, &sz); - if (ret) - goto out; - if (e.len == 0) - goto out; - for (j = 0; j < asreq->req_body.etype.len; j++) { - for (i = 0; i < e.len; i++) { - if (asreq->req_body.etype.val[j] == e.val[i].etype) { - krb5_salt salt; - salt.salttype = KRB5_PW_SALT; - if (e.val[i].salt == NULL) - ret = krb5_get_pw_salt(context, client, &salt); - else { - salt.saltvalue = *e.val[i].salt; - ret = 0; - } - if (e.val[i].salttype) - salt.salttype = *e.val[i].salttype; - if (ret == 0) { - ret = set_paid(paid, context, e.val[i].etype, - salt.salttype, - salt.saltvalue.data, - salt.saltvalue.length, - NULL); - if (e.val[i].salt == NULL) - krb5_free_salt(context, salt); - } - if (ret == 0) { - free_ETYPE_INFO(&e); - return paid; - } - } - } - } - out: - free_ETYPE_INFO(&e); - return NULL; -} - -static struct pa_info_data * -pa_pw_or_afs3_salt(krb5_context context, - const krb5_principal client, - const AS_REQ *asreq, - struct pa_info_data *paid, - heim_octet_string *data) -{ - krb5_error_code ret; - if (paid->etype == ENCTYPE_NULL) - return NULL; - ret = set_paid(paid, context, - paid->etype, - paid->salt.salttype, - data->data, - data->length, - NULL); - if (ret) - return NULL; - return paid; -} - - -struct pa_info { - krb5_preauthtype type; - struct pa_info_data *(*salt_info)(krb5_context, - const krb5_principal, - const AS_REQ *, - struct pa_info_data *, - heim_octet_string *); -}; - -static struct pa_info pa_prefs[] = { - { KRB5_PADATA_ETYPE_INFO2, pa_etype_info2 }, - { KRB5_PADATA_ETYPE_INFO, pa_etype_info }, - { KRB5_PADATA_PW_SALT, pa_pw_or_afs3_salt }, - { KRB5_PADATA_AFS3_SALT, pa_pw_or_afs3_salt } -}; - -static PA_DATA * -find_pa_data(const METHOD_DATA *md, int type) -{ - int i; - if (md == NULL) - return NULL; - for (i = 0; i < md->len; i++) - if (md->val[i].padata_type == type) - return &md->val[i]; - return NULL; -} - -static struct pa_info_data * -process_pa_info(krb5_context context, - const krb5_principal client, - const AS_REQ *asreq, - struct pa_info_data *paid, - METHOD_DATA *md) -{ - struct pa_info_data *p = NULL; - int i; - - for (i = 0; p == NULL && i < sizeof(pa_prefs)/sizeof(pa_prefs[0]); i++) { - PA_DATA *pa = find_pa_data(md, pa_prefs[i].type); - if (pa == NULL) - continue; - paid->salt.salttype = pa_prefs[i].type; - p = (*pa_prefs[i].salt_info)(context, client, asreq, - paid, &pa->padata_value); - } - return p; -} - -static krb5_error_code -make_pa_enc_timestamp(krb5_context context, METHOD_DATA *md, - krb5_enctype etype, krb5_keyblock *key) -{ - PA_ENC_TS_ENC p; - unsigned char *buf; - size_t buf_size; - size_t len; - EncryptedData encdata; - krb5_error_code ret; - int32_t usec; - int usec2; - krb5_crypto crypto; - - krb5_us_timeofday (context, &p.patimestamp, &usec); - usec2 = usec; - p.pausec = &usec2; - - ASN1_MALLOC_ENCODE(PA_ENC_TS_ENC, buf, buf_size, &p, &len, ret); - if (ret) - return ret; - if(buf_size != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) { - free(buf); - return ret; - } - ret = krb5_encrypt_EncryptedData(context, - crypto, - KRB5_KU_PA_ENC_TIMESTAMP, - buf, - len, - 0, - &encdata); - free(buf); - krb5_crypto_destroy(context, crypto); - if (ret) - return ret; - - ASN1_MALLOC_ENCODE(EncryptedData, buf, buf_size, &encdata, &len, ret); - free_EncryptedData(&encdata); - if (ret) - return ret; - if(buf_size != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - - ret = krb5_padata_add(context, md, KRB5_PADATA_ENC_TIMESTAMP, buf, len); - if (ret) - free(buf); - return ret; -} - -static krb5_error_code -add_enc_ts_padata(krb5_context context, - METHOD_DATA *md, - krb5_principal client, - krb5_s2k_proc key_proc, - krb5_const_pointer keyseed, - krb5_enctype *enctypes, - unsigned netypes, - krb5_salt *salt, - krb5_data *s2kparams) -{ - krb5_error_code ret; - krb5_salt salt2; - krb5_enctype *ep; - int i; - - if(salt == NULL) { - /* default to standard salt */ - ret = krb5_get_pw_salt (context, client, &salt2); - salt = &salt2; - } - if (!enctypes) { - enctypes = context->etypes; - netypes = 0; - for (ep = enctypes; *ep != ETYPE_NULL; ep++) - netypes++; - } - - for (i = 0; i < netypes; ++i) { - krb5_keyblock *key; - - ret = (*key_proc)(context, enctypes[i], keyseed, - *salt, s2kparams, &key); - if (ret) - continue; - ret = make_pa_enc_timestamp (context, md, enctypes[i], key); - krb5_free_keyblock (context, key); - if (ret) - return ret; - } - if(salt == &salt2) - krb5_free_salt(context, salt2); - return 0; -} - -static krb5_error_code -pa_data_to_md_ts_enc(krb5_context context, - const AS_REQ *a, - const krb5_principal client, - krb5_get_init_creds_ctx *ctx, - struct pa_info_data *ppaid, - METHOD_DATA *md) -{ - if (ctx->key_proc == NULL || ctx->password == NULL) - return 0; - - if (ppaid) { - add_enc_ts_padata(context, md, client, - ctx->key_proc, ctx->password, - &ppaid->etype, 1, - &ppaid->salt, ppaid->s2kparams); - } else { - krb5_salt salt; - - /* make a v5 salted pa-data */ - add_enc_ts_padata(context, md, client, - ctx->key_proc, ctx->password, - a->req_body.etype.val, a->req_body.etype.len, - NULL, NULL); - - /* make a v4 salted pa-data */ - salt.salttype = KRB5_PW_SALT; - krb5_data_zero(&salt.saltvalue); - add_enc_ts_padata(context, md, client, - ctx->key_proc, ctx->password, - a->req_body.etype.val, a->req_body.etype.len, - &salt, NULL); - } - return 0; -} - -static krb5_error_code -pa_data_to_key_plain(krb5_context context, - const krb5_principal client, - krb5_get_init_creds_ctx *ctx, - krb5_salt salt, - krb5_data *s2kparams, - krb5_enctype etype, - krb5_keyblock **key) -{ - krb5_error_code ret; - - ret = (*ctx->key_proc)(context, etype, ctx->password, - salt, s2kparams, key); - return ret; -} - - -static krb5_error_code -pa_data_to_md_pkinit(krb5_context context, - const AS_REQ *a, - const krb5_principal client, - krb5_get_init_creds_ctx *ctx, - METHOD_DATA *md) -{ - if (ctx->pk_init_ctx == NULL) - return 0; -#ifdef PKINIT - return _krb5_pk_mk_padata(context, - ctx->pk_init_ctx, - &a->req_body, - ctx->pk_nonce, - md); -#else - krb5_set_error_string(context, "no support for PKINIT compiled in"); - return EINVAL; -#endif -} - -static krb5_error_code -pa_data_add_pac_request(krb5_context context, - krb5_get_init_creds_ctx *ctx, - METHOD_DATA *md) -{ - size_t len, length; - krb5_error_code ret; - PA_PAC_REQUEST req; - void *buf; - - switch (ctx->req_pac) { - case KRB5_INIT_CREDS_TRISTATE_UNSET: - return 0; /* don't bother */ - case KRB5_INIT_CREDS_TRISTATE_TRUE: - req.include_pac = 1; - break; - case KRB5_INIT_CREDS_TRISTATE_FALSE: - req.include_pac = 0; - } - - ASN1_MALLOC_ENCODE(PA_PAC_REQUEST, buf, length, - &req, &len, ret); - if (ret) - return ret; - if(len != length) - krb5_abortx(context, "internal error in ASN.1 encoder"); - - ret = krb5_padata_add(context, md, KRB5_PADATA_PA_PAC_REQUEST, buf, len); - if (ret) - free(buf); - - return 0; -} - -/* - * Assumes caller always will free `out_md', even on error. - */ - -static krb5_error_code -process_pa_data_to_md(krb5_context context, - const krb5_creds *creds, - const AS_REQ *a, - krb5_get_init_creds_ctx *ctx, - METHOD_DATA *in_md, - METHOD_DATA **out_md, - krb5_prompter_fct prompter, - void *prompter_data) -{ - krb5_error_code ret; - - ALLOC(*out_md, 1); - if (*out_md == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - (*out_md)->len = 0; - (*out_md)->val = NULL; - - /* - * Make sure we don't sent both ENC-TS and PK-INIT pa data, no - * need to expose our password protecting our PKCS12 key. - */ - - if (ctx->pk_init_ctx) { - - ret = pa_data_to_md_pkinit(context, a, creds->client, ctx, *out_md); - if (ret) - return ret; - - } else if (in_md->len != 0) { - struct pa_info_data paid, *ppaid; - - memset(&paid, 0, sizeof(paid)); - - paid.etype = ENCTYPE_NULL; - ppaid = process_pa_info(context, creds->client, a, &paid, in_md); - - pa_data_to_md_ts_enc(context, a, creds->client, ctx, ppaid, *out_md); - if (ppaid) - free_paid(context, ppaid); - } - - pa_data_add_pac_request(context, ctx, *out_md); - - if ((*out_md)->len == 0) { - free(*out_md); - *out_md = NULL; - } - - return 0; -} - -static krb5_error_code -process_pa_data_to_key(krb5_context context, - krb5_get_init_creds_ctx *ctx, - krb5_creds *creds, - AS_REQ *a, - krb5_kdc_rep *rep, - const krb5_krbhst_info *hi, - krb5_keyblock **key) -{ - struct pa_info_data paid, *ppaid = NULL; - krb5_error_code ret; - krb5_enctype etype; - PA_DATA *pa; - - memset(&paid, 0, sizeof(paid)); - - etype = rep->kdc_rep.enc_part.etype; - - if (rep->kdc_rep.padata) { - paid.etype = etype; - ppaid = process_pa_info(context, creds->client, a, &paid, - rep->kdc_rep.padata); - } - if (ppaid == NULL) { - ret = krb5_get_pw_salt (context, creds->client, &paid.salt); - if (ret) - return ret; - paid.etype = etype; - paid.s2kparams = NULL; - } - - pa = NULL; - if (rep->kdc_rep.padata) { - int idx = 0; - pa = krb5_find_padata(rep->kdc_rep.padata->val, - rep->kdc_rep.padata->len, - KRB5_PADATA_PK_AS_REP, - &idx); - if (pa == NULL) { - idx = 0; - pa = krb5_find_padata(rep->kdc_rep.padata->val, - rep->kdc_rep.padata->len, - KRB5_PADATA_PK_AS_REP_19, - &idx); - } - } - if (pa && ctx->pk_init_ctx) { -#ifdef PKINIT - ret = _krb5_pk_rd_pa_reply(context, - a->req_body.realm, - ctx->pk_init_ctx, - etype, - hi, - ctx->pk_nonce, - &ctx->req_buffer, - pa, - key); -#else - krb5_set_error_string(context, "no support for PKINIT compiled in"); - ret = EINVAL; -#endif - } else if (ctx->password) - ret = pa_data_to_key_plain(context, creds->client, ctx, - paid.salt, paid.s2kparams, etype, key); - else { - krb5_set_error_string(context, "No usable pa data type"); - ret = EINVAL; - } - - free_paid(context, &paid); - return ret; -} - -static krb5_error_code -init_cred_loop(krb5_context context, - krb5_get_init_creds_opt *init_cred_opts, - const krb5_prompter_fct prompter, - void *prompter_data, - krb5_get_init_creds_ctx *ctx, - krb5_creds *creds, - krb5_kdc_rep *ret_as_reply) -{ - krb5_error_code ret; - krb5_kdc_rep rep; - METHOD_DATA md; - krb5_data resp; - size_t len; - size_t size; - krb5_krbhst_info *hi = NULL; - krb5_sendto_ctx stctx = NULL; - - - memset(&md, 0, sizeof(md)); - memset(&rep, 0, sizeof(rep)); - - _krb5_get_init_creds_opt_free_krb5_error(init_cred_opts); - - if (ret_as_reply) - memset(ret_as_reply, 0, sizeof(*ret_as_reply)); - - ret = init_creds_init_as_req(context, ctx->flags, creds, - ctx->addrs, ctx->etypes, &ctx->as_req); - if (ret) - return ret; - - ret = krb5_sendto_ctx_alloc(context, &stctx); - if (ret) - goto out; - krb5_sendto_ctx_set_func(stctx, _krb5_kdc_retry, NULL); - - /* Set a new nonce. */ - krb5_generate_random_block (&ctx->nonce, sizeof(ctx->nonce)); - ctx->nonce &= 0xffffffff; - /* XXX these just needs to be the same when using Windows PK-INIT */ - ctx->pk_nonce = ctx->nonce; - - /* - * Increase counter when we want other pre-auth types then - * KRB5_PA_ENC_TIMESTAMP. - */ -#define MAX_PA_COUNTER 3 - - ctx->pa_counter = 0; - while (ctx->pa_counter < MAX_PA_COUNTER) { - - ctx->pa_counter++; - - if (ctx->as_req.padata) { - free_METHOD_DATA(ctx->as_req.padata); - free(ctx->as_req.padata); - ctx->as_req.padata = NULL; - } - - /* Set a new nonce. */ - ctx->as_req.req_body.nonce = ctx->nonce; - - /* fill_in_md_data */ - ret = process_pa_data_to_md(context, creds, &ctx->as_req, ctx, - &md, &ctx->as_req.padata, - prompter, prompter_data); - if (ret) - goto out; - - krb5_data_free(&ctx->req_buffer); - - ASN1_MALLOC_ENCODE(AS_REQ, - ctx->req_buffer.data, ctx->req_buffer.length, - &ctx->as_req, &len, ret); - if (ret) - goto out; - if(len != ctx->req_buffer.length) - krb5_abortx(context, "internal error in ASN.1 encoder"); - - ret = krb5_sendto_context (context, stctx, &ctx->req_buffer, - creds->client->realm, &resp); - if (ret) - goto out; - - memset (&rep, 0, sizeof(rep)); - ret = decode_AS_REP(resp.data, resp.length, &rep.kdc_rep, &size); - if (ret == 0) { - krb5_data_free(&resp); - krb5_clear_error_string(context); - break; - } else { - /* let's try to parse it as a KRB-ERROR */ - KRB_ERROR error; - - ret = krb5_rd_error(context, &resp, &error); - if(ret && resp.data && ((char*)resp.data)[0] == 4) - ret = KRB5KRB_AP_ERR_V4_REPLY; - krb5_data_free(&resp); - if (ret) - goto out; - - ret = krb5_error_from_rd_error(context, &error, creds); - - /* - * If no preauth was set and KDC requires it, give it one - * more try. - */ - - if (ret == KRB5KDC_ERR_PREAUTH_REQUIRED) { - free_METHOD_DATA(&md); - memset(&md, 0, sizeof(md)); - - if (error.e_data) { - ret = decode_METHOD_DATA(error.e_data->data, - error.e_data->length, - &md, - NULL); - if (ret) - krb5_set_error_string(context, - "failed to decode METHOD DATA"); - } else { - /* XXX guess what the server want here add add md */ - } - krb5_free_error_contents(context, &error); - if (ret) - goto out; - } else { - _krb5_get_init_creds_opt_set_krb5_error(context, - init_cred_opts, - &error); - if (ret_as_reply) - rep.error = error; - else - krb5_free_error_contents(context, &error); - goto out; - } - } - } - - { - krb5_keyblock *key = NULL; - unsigned flags = 0; - - if (ctx->flags.request_anonymous) - flags |= EXTRACT_TICKET_ALLOW_SERVER_MISMATCH; - if (ctx->flags.canonicalize) { - flags |= EXTRACT_TICKET_ALLOW_CNAME_MISMATCH; - flags |= EXTRACT_TICKET_ALLOW_SERVER_MISMATCH; - flags |= EXTRACT_TICKET_MATCH_REALM; - } - - ret = process_pa_data_to_key(context, ctx, creds, - &ctx->as_req, &rep, hi, &key); - if (ret) - goto out; - - ret = _krb5_extract_ticket(context, - &rep, - creds, - key, - NULL, - KRB5_KU_AS_REP_ENC_PART, - NULL, - ctx->nonce, - flags, - NULL, - NULL); - krb5_free_keyblock(context, key); - } - /* - * Verify referral data - */ - if ((ctx->ic_flags & KRB5_INIT_CREDS_CANONICALIZE) && - (ctx->ic_flags & KRB5_INIT_CREDS_NO_C_CANON_CHECK) == 0) - { - PA_ClientCanonicalized canon; - krb5_crypto crypto; - krb5_data data; - PA_DATA *pa; - size_t len; - - pa = find_pa_data(rep.kdc_rep.padata, KRB5_PADATA_CLIENT_CANONICALIZED); - if (pa == NULL) { - ret = EINVAL; - krb5_set_error_string(context, "Client canonicalizion not signed"); - goto out; - } - - ret = decode_PA_ClientCanonicalized(pa->padata_value.data, - pa->padata_value.length, - &canon, &len); - if (ret) { - krb5_set_error_string(context, "Failed to decode " - "PA_ClientCanonicalized"); - goto out; - } - - ASN1_MALLOC_ENCODE(PA_ClientCanonicalizedNames, data.data, data.length, - &canon.names, &len, ret); - if (ret) - goto out; - if (data.length != len) - krb5_abortx(context, "internal asn.1 error"); - - ret = krb5_crypto_init(context, &creds->session, 0, &crypto); - if (ret) { - free(data.data); - free_PA_ClientCanonicalized(&canon); - goto out; - } - - ret = krb5_verify_checksum(context, crypto, KRB5_KU_CANONICALIZED_NAMES, - data.data, data.length, - &canon.canon_checksum); - krb5_crypto_destroy(context, crypto); - free(data.data); - free_PA_ClientCanonicalized(&canon); - if (ret) { - krb5_set_error_string(context, "Failed to verify " - "client canonicalized data"); - goto out; - } - } -out: - if (stctx) - krb5_sendto_ctx_free(context, stctx); - krb5_data_free(&ctx->req_buffer); - free_METHOD_DATA(&md); - memset(&md, 0, sizeof(md)); - - if (ret == 0 && ret_as_reply) - *ret_as_reply = rep; - else - krb5_free_kdc_rep (context, &rep); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds(krb5_context context, - krb5_creds *creds, - krb5_principal client, - krb5_prompter_fct prompter, - void *data, - krb5_deltat start_time, - const char *in_tkt_service, - krb5_get_init_creds_opt *options) -{ - krb5_get_init_creds_ctx ctx; - krb5_kdc_rep kdc_reply; - krb5_error_code ret; - char buf[BUFSIZ]; - int done; - - memset(&kdc_reply, 0, sizeof(kdc_reply)); - - ret = get_init_creds_common(context, client, start_time, - in_tkt_service, options, &ctx); - if (ret) - goto out; - - done = 0; - while(!done) { - memset(&kdc_reply, 0, sizeof(kdc_reply)); - - ret = init_cred_loop(context, - options, - prompter, - data, - &ctx, - &ctx.cred, - &kdc_reply); - - switch (ret) { - case 0 : - done = 1; - break; - case KRB5KDC_ERR_KEY_EXPIRED : - /* try to avoid recursion */ - - /* don't try to change password where then where none */ - if (prompter == NULL || ctx.password == NULL) - goto out; - - krb5_clear_error_string (context); - - if (ctx.in_tkt_service != NULL - && strcmp (ctx.in_tkt_service, "kadmin/changepw") == 0) - goto out; - - ret = change_password (context, - client, - ctx.password, - buf, - sizeof(buf), - prompter, - data, - options); - if (ret) - goto out; - ctx.password = buf; - break; - default: - goto out; - } - } - - if (prompter) - print_expire (context, - krb5_principal_get_realm (context, ctx.cred.client), - &kdc_reply, - prompter, - data); - - out: - memset (buf, 0, sizeof(buf)); - free_init_creds_ctx(context, &ctx); - krb5_free_kdc_rep (context, &kdc_reply); - if (ret == 0) - *creds = ctx.cred; - else - krb5_free_cred_contents (context, &ctx.cred); - - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_password(krb5_context context, - krb5_creds *creds, - krb5_principal client, - const char *password, - krb5_prompter_fct prompter, - void *data, - krb5_deltat start_time, - const char *in_tkt_service, - krb5_get_init_creds_opt *in_options) -{ - krb5_get_init_creds_opt *options; - char buf[BUFSIZ]; - krb5_error_code ret; - - if (in_options == NULL) { - const char *realm = krb5_principal_get_realm(context, client); - ret = krb5_get_init_creds_opt_alloc(context, &options); - if (ret == 0) - krb5_get_init_creds_opt_set_default_flags(context, - NULL, - realm, - options); - } else - ret = _krb5_get_init_creds_opt_copy(context, in_options, &options); - if (ret) - return ret; - - if (password == NULL && - options->opt_private->password == NULL && - options->opt_private->pk_init_ctx == NULL) - { - krb5_prompt prompt; - krb5_data password_data; - char *p, *q; - - krb5_unparse_name (context, client, &p); - asprintf (&q, "%s's Password: ", p); - free (p); - prompt.prompt = q; - password_data.data = buf; - password_data.length = sizeof(buf); - prompt.hidden = 1; - prompt.reply = &password_data; - prompt.type = KRB5_PROMPT_TYPE_PASSWORD; - - ret = (*prompter) (context, data, NULL, NULL, 1, &prompt); - free (q); - if (ret) { - memset (buf, 0, sizeof(buf)); - krb5_get_init_creds_opt_free(context, options); - ret = KRB5_LIBOS_PWDINTR; - krb5_clear_error_string (context); - return ret; - } - password = password_data.data; - } - - if (options->opt_private->password == NULL) { - ret = krb5_get_init_creds_opt_set_pa_password(context, options, - password, NULL); - if (ret) { - krb5_get_init_creds_opt_free(context, options); - memset(buf, 0, sizeof(buf)); - return ret; - } - } - - ret = krb5_get_init_creds(context, creds, client, prompter, - data, start_time, in_tkt_service, options); - krb5_get_init_creds_opt_free(context, options); - memset(buf, 0, sizeof(buf)); - return ret; -} - -static krb5_error_code -init_creds_keyblock_key_proc (krb5_context context, - krb5_enctype type, - krb5_salt salt, - krb5_const_pointer keyseed, - krb5_keyblock **key) -{ - return krb5_copy_keyblock (context, keyseed, key); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_keyblock(krb5_context context, - krb5_creds *creds, - krb5_principal client, - krb5_keyblock *keyblock, - krb5_deltat start_time, - const char *in_tkt_service, - krb5_get_init_creds_opt *options) -{ - struct krb5_get_init_creds_ctx ctx; - krb5_error_code ret; - - ret = get_init_creds_common(context, client, start_time, - in_tkt_service, options, &ctx); - if (ret) - goto out; - - ret = krb5_get_in_cred (context, - KDCOptions2int(ctx.flags), - ctx.addrs, - ctx.etypes, - ctx.pre_auth_types, - NULL, - init_creds_keyblock_key_proc, - keyblock, - NULL, - NULL, - &ctx.cred, - NULL); - - if (ret == 0 && creds) - *creds = ctx.cred; - else - krb5_free_cred_contents (context, &ctx.cred); - - out: - free_init_creds_ctx(context, &ctx); - return ret; -} diff --git a/crypto/heimdal/lib/krb5/k524_err.et b/crypto/heimdal/lib/krb5/k524_err.et deleted file mode 100644 index 0ca25f74d474..000000000000 --- a/crypto/heimdal/lib/krb5/k524_err.et +++ /dev/null @@ -1,20 +0,0 @@ -# -# Error messages for the k524 functions -# -# This might look like a com_err file, but is not -# -id "$Id: k524_err.et 10141 2001-06-20 02:45:58Z joda $" - -error_table k524 - -prefix KRB524 -error_code BADKEY, "wrong keytype in ticket" -error_code BADADDR, "incorrect network address" -error_code BADPRINC, "cannot convert V5 principal" #unused -error_code BADREALM, "V5 realm name longer than V4 maximum" #unused -error_code V4ERR, "kerberos V4 error server" -error_code ENCFULL, "encoding too large at server" -error_code DECEMPTY, "decoding out of data" #unused -error_code NOTRESP, "service not responding" #unused -end - diff --git a/crypto/heimdal/lib/krb5/kcm.c b/crypto/heimdal/lib/krb5/kcm.c deleted file mode 100644 index 8afaa6ea80a1..000000000000 --- a/crypto/heimdal/lib/krb5/kcm.c +++ /dev/null @@ -1,1122 +0,0 @@ -/* - * Copyright (c) 2005, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -#ifdef HAVE_KCM -/* - * Client library for Kerberos Credentials Manager (KCM) daemon - */ - -#ifdef HAVE_SYS_UN_H -#include -#endif - -#include "kcm.h" - -RCSID("$Id: kcm.c 22108 2007-12-03 17:23:53Z lha $"); - -typedef struct krb5_kcmcache { - char *name; - struct sockaddr_un path; - char *door_path; -} krb5_kcmcache; - -#define KCMCACHE(X) ((krb5_kcmcache *)(X)->data.data) -#define CACHENAME(X) (KCMCACHE(X)->name) -#define KCMCURSOR(C) (*(uint32_t *)(C)) - -static krb5_error_code -try_door(krb5_context context, const krb5_kcmcache *k, - krb5_data *request_data, - krb5_data *response_data) -{ -#ifdef HAVE_DOOR_CREATE - door_arg_t arg; - int fd; - int ret; - - memset(&arg, 0, sizeof(arg)); - - fd = open(k->door_path, O_RDWR); - if (fd < 0) - return KRB5_CC_IO; - - arg.data_ptr = request_data->data; - arg.data_size = request_data->length; - arg.desc_ptr = NULL; - arg.desc_num = 0; - arg.rbuf = NULL; - arg.rsize = 0; - - ret = door_call(fd, &arg); - close(fd); - if (ret != 0) - return KRB5_CC_IO; - - ret = krb5_data_copy(response_data, arg.rbuf, arg.rsize); - munmap(arg.rbuf, arg.rsize); - if (ret) - return ret; - - return 0; -#else - return KRB5_CC_IO; -#endif -} - -static krb5_error_code -try_unix_socket(krb5_context context, const krb5_kcmcache *k, - krb5_data *request_data, - krb5_data *response_data) -{ - krb5_error_code ret; - int fd; - - fd = socket(AF_UNIX, SOCK_STREAM, 0); - if (fd < 0) - return KRB5_CC_IO; - - if (connect(fd, rk_UNCONST(&k->path), sizeof(k->path)) != 0) { - close(fd); - return KRB5_CC_IO; - } - - ret = _krb5_send_and_recv_tcp(fd, context->kdc_timeout, - request_data, response_data); - close(fd); - return ret; -} - -static krb5_error_code -kcm_send_request(krb5_context context, - krb5_kcmcache *k, - krb5_storage *request, - krb5_data *response_data) -{ - krb5_error_code ret; - krb5_data request_data; - int i; - - response_data->data = NULL; - response_data->length = 0; - - ret = krb5_storage_to_data(request, &request_data); - if (ret) { - krb5_clear_error_string(context); - return KRB5_CC_NOMEM; - } - - ret = KRB5_CC_IO; - - for (i = 0; i < context->max_retries; i++) { - ret = try_door(context, k, &request_data, response_data); - if (ret == 0 && response_data->length != 0) - break; - ret = try_unix_socket(context, k, &request_data, response_data); - if (ret == 0 && response_data->length != 0) - break; - } - - krb5_data_free(&request_data); - - if (ret) { - krb5_clear_error_string(context); - ret = KRB5_CC_IO; - } - - return ret; -} - -static krb5_error_code -kcm_storage_request(krb5_context context, - kcm_operation opcode, - krb5_storage **storage_p) -{ - krb5_storage *sp; - krb5_error_code ret; - - *storage_p = NULL; - - sp = krb5_storage_emem(); - if (sp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return KRB5_CC_NOMEM; - } - - /* Send MAJOR | VERSION | OPCODE */ - ret = krb5_store_int8(sp, KCM_PROTOCOL_VERSION_MAJOR); - if (ret) - goto fail; - ret = krb5_store_int8(sp, KCM_PROTOCOL_VERSION_MINOR); - if (ret) - goto fail; - ret = krb5_store_int16(sp, opcode); - if (ret) - goto fail; - - *storage_p = sp; - fail: - if (ret) { - krb5_set_error_string(context, "Failed to encode request"); - krb5_storage_free(sp); - } - - return ret; -} - -static krb5_error_code -kcm_alloc(krb5_context context, const char *name, krb5_ccache *id) -{ - krb5_kcmcache *k; - const char *path; - - k = malloc(sizeof(*k)); - if (k == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return KRB5_CC_NOMEM; - } - - if (name != NULL) { - k->name = strdup(name); - if (k->name == NULL) { - free(k); - krb5_set_error_string(context, "malloc: out of memory"); - return KRB5_CC_NOMEM; - } - } else - k->name = NULL; - - path = krb5_config_get_string_default(context, NULL, - _PATH_KCM_SOCKET, - "libdefaults", - "kcm_socket", - NULL); - - k->path.sun_family = AF_UNIX; - strlcpy(k->path.sun_path, path, sizeof(k->path.sun_path)); - - path = krb5_config_get_string_default(context, NULL, - _PATH_KCM_DOOR, - "libdefaults", - "kcm_door", - NULL); - k->door_path = strdup(path); - - (*id)->data.data = k; - (*id)->data.length = sizeof(*k); - - return 0; -} - -static krb5_error_code -kcm_call(krb5_context context, - krb5_kcmcache *k, - krb5_storage *request, - krb5_storage **response_p, - krb5_data *response_data_p) -{ - krb5_data response_data; - krb5_error_code ret; - int32_t status; - krb5_storage *response; - - if (response_p != NULL) - *response_p = NULL; - - ret = kcm_send_request(context, k, request, &response_data); - if (ret) { - return ret; - } - - response = krb5_storage_from_data(&response_data); - if (response == NULL) { - krb5_data_free(&response_data); - return KRB5_CC_IO; - } - - ret = krb5_ret_int32(response, &status); - if (ret) { - krb5_storage_free(response); - krb5_data_free(&response_data); - return KRB5_CC_FORMAT; - } - - if (status) { - krb5_storage_free(response); - krb5_data_free(&response_data); - return status; - } - - if (response_p != NULL) { - *response_data_p = response_data; - *response_p = response; - - return 0; - } - - krb5_storage_free(response); - krb5_data_free(&response_data); - - return 0; -} - -static void -kcm_free(krb5_context context, krb5_ccache *id) -{ - krb5_kcmcache *k = KCMCACHE(*id); - - if (k != NULL) { - if (k->name != NULL) - free(k->name); - if (k->door_path) - free(k->door_path); - memset(k, 0, sizeof(*k)); - krb5_data_free(&(*id)->data); - } - - *id = NULL; -} - -static const char * -kcm_get_name(krb5_context context, - krb5_ccache id) -{ - return CACHENAME(id); -} - -static krb5_error_code -kcm_resolve(krb5_context context, krb5_ccache *id, const char *res) -{ - return kcm_alloc(context, res, id); -} - -/* - * Request: - * - * Response: - * NameZ - */ -static krb5_error_code -kcm_gen_new(krb5_context context, krb5_ccache *id) -{ - krb5_kcmcache *k; - krb5_error_code ret; - krb5_storage *request, *response; - krb5_data response_data; - - ret = kcm_alloc(context, NULL, id); - if (ret) - return ret; - - k = KCMCACHE(*id); - - ret = kcm_storage_request(context, KCM_OP_GEN_NEW, &request); - if (ret) { - kcm_free(context, id); - return ret; - } - - ret = kcm_call(context, k, request, &response, &response_data); - if (ret) { - krb5_storage_free(request); - kcm_free(context, id); - return ret; - } - - ret = krb5_ret_stringz(response, &k->name); - if (ret) - ret = KRB5_CC_IO; - - krb5_storage_free(request); - krb5_storage_free(response); - krb5_data_free(&response_data); - - if (ret) - kcm_free(context, id); - - return ret; -} - -/* - * Request: - * NameZ - * Principal - * - * Response: - * - */ -static krb5_error_code -kcm_initialize(krb5_context context, - krb5_ccache id, - krb5_principal primary_principal) -{ - krb5_error_code ret; - krb5_kcmcache *k = KCMCACHE(id); - krb5_storage *request; - - ret = kcm_storage_request(context, KCM_OP_INITIALIZE, &request); - if (ret) - return ret; - - ret = krb5_store_stringz(request, k->name); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_store_principal(request, primary_principal); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = kcm_call(context, k, request, NULL, NULL); - - krb5_storage_free(request); - return ret; -} - -static krb5_error_code -kcm_close(krb5_context context, - krb5_ccache id) -{ - kcm_free(context, &id); - return 0; -} - -/* - * Request: - * NameZ - * - * Response: - * - */ -static krb5_error_code -kcm_destroy(krb5_context context, - krb5_ccache id) -{ - krb5_error_code ret; - krb5_kcmcache *k = KCMCACHE(id); - krb5_storage *request; - - ret = kcm_storage_request(context, KCM_OP_DESTROY, &request); - if (ret) - return ret; - - ret = krb5_store_stringz(request, k->name); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = kcm_call(context, k, request, NULL, NULL); - - krb5_storage_free(request); - return ret; -} - -/* - * Request: - * NameZ - * Creds - * - * Response: - * - */ -static krb5_error_code -kcm_store_cred(krb5_context context, - krb5_ccache id, - krb5_creds *creds) -{ - krb5_error_code ret; - krb5_kcmcache *k = KCMCACHE(id); - krb5_storage *request; - - ret = kcm_storage_request(context, KCM_OP_STORE, &request); - if (ret) - return ret; - - ret = krb5_store_stringz(request, k->name); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_store_creds(request, creds); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = kcm_call(context, k, request, NULL, NULL); - - krb5_storage_free(request); - return ret; -} - -/* - * Request: - * NameZ - * WhichFields - * MatchCreds - * - * Response: - * Creds - * - */ -static krb5_error_code -kcm_retrieve(krb5_context context, - krb5_ccache id, - krb5_flags which, - const krb5_creds *mcred, - krb5_creds *creds) -{ - krb5_error_code ret; - krb5_kcmcache *k = KCMCACHE(id); - krb5_storage *request, *response; - krb5_data response_data; - - ret = kcm_storage_request(context, KCM_OP_RETRIEVE, &request); - if (ret) - return ret; - - ret = krb5_store_stringz(request, k->name); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_store_int32(request, which); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_store_creds_tag(request, rk_UNCONST(mcred)); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = kcm_call(context, k, request, &response, &response_data); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_ret_creds(response, creds); - if (ret) - ret = KRB5_CC_IO; - - krb5_storage_free(request); - krb5_storage_free(response); - krb5_data_free(&response_data); - - return ret; -} - -/* - * Request: - * NameZ - * - * Response: - * Principal - */ -static krb5_error_code -kcm_get_principal(krb5_context context, - krb5_ccache id, - krb5_principal *principal) -{ - krb5_error_code ret; - krb5_kcmcache *k = KCMCACHE(id); - krb5_storage *request, *response; - krb5_data response_data; - - ret = kcm_storage_request(context, KCM_OP_GET_PRINCIPAL, &request); - if (ret) - return ret; - - ret = krb5_store_stringz(request, k->name); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = kcm_call(context, k, request, &response, &response_data); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_ret_principal(response, principal); - if (ret) - ret = KRB5_CC_IO; - - krb5_storage_free(request); - krb5_storage_free(response); - krb5_data_free(&response_data); - - return ret; -} - -/* - * Request: - * NameZ - * - * Response: - * Cursor - * - */ -static krb5_error_code -kcm_get_first (krb5_context context, - krb5_ccache id, - krb5_cc_cursor *cursor) -{ - krb5_error_code ret; - krb5_kcmcache *k = KCMCACHE(id); - krb5_storage *request, *response; - krb5_data response_data; - int32_t tmp; - - ret = kcm_storage_request(context, KCM_OP_GET_FIRST, &request); - if (ret) - return ret; - - ret = krb5_store_stringz(request, k->name); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = kcm_call(context, k, request, &response, &response_data); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_ret_int32(response, &tmp); - if (ret || tmp < 0) - ret = KRB5_CC_IO; - - krb5_storage_free(request); - krb5_storage_free(response); - krb5_data_free(&response_data); - - if (ret) - return ret; - - *cursor = malloc(sizeof(tmp)); - if (*cursor == NULL) - return KRB5_CC_NOMEM; - - KCMCURSOR(*cursor) = tmp; - - return 0; -} - -/* - * Request: - * NameZ - * Cursor - * - * Response: - * Creds - */ -static krb5_error_code -kcm_get_next (krb5_context context, - krb5_ccache id, - krb5_cc_cursor *cursor, - krb5_creds *creds) -{ - krb5_error_code ret; - krb5_kcmcache *k = KCMCACHE(id); - krb5_storage *request, *response; - krb5_data response_data; - - ret = kcm_storage_request(context, KCM_OP_GET_NEXT, &request); - if (ret) - return ret; - - ret = krb5_store_stringz(request, k->name); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_store_int32(request, KCMCURSOR(*cursor)); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = kcm_call(context, k, request, &response, &response_data); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_ret_creds(response, creds); - if (ret) - ret = KRB5_CC_IO; - - krb5_storage_free(request); - krb5_storage_free(response); - krb5_data_free(&response_data); - - return ret; -} - -/* - * Request: - * NameZ - * Cursor - * - * Response: - * - */ -static krb5_error_code -kcm_end_get (krb5_context context, - krb5_ccache id, - krb5_cc_cursor *cursor) -{ - krb5_error_code ret; - krb5_kcmcache *k = KCMCACHE(id); - krb5_storage *request; - - ret = kcm_storage_request(context, KCM_OP_END_GET, &request); - if (ret) - return ret; - - ret = krb5_store_stringz(request, k->name); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_store_int32(request, KCMCURSOR(*cursor)); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = kcm_call(context, k, request, NULL, NULL); - if (ret) { - krb5_storage_free(request); - return ret; - } - - krb5_storage_free(request); - - KCMCURSOR(*cursor) = 0; - free(*cursor); - *cursor = NULL; - - return ret; -} - -/* - * Request: - * NameZ - * WhichFields - * MatchCreds - * - * Response: - * - */ -static krb5_error_code -kcm_remove_cred(krb5_context context, - krb5_ccache id, - krb5_flags which, - krb5_creds *cred) -{ - krb5_error_code ret; - krb5_kcmcache *k = KCMCACHE(id); - krb5_storage *request; - - ret = kcm_storage_request(context, KCM_OP_REMOVE_CRED, &request); - if (ret) - return ret; - - ret = krb5_store_stringz(request, k->name); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_store_int32(request, which); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_store_creds_tag(request, cred); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = kcm_call(context, k, request, NULL, NULL); - - krb5_storage_free(request); - return ret; -} - -static krb5_error_code -kcm_set_flags(krb5_context context, - krb5_ccache id, - krb5_flags flags) -{ - krb5_error_code ret; - krb5_kcmcache *k = KCMCACHE(id); - krb5_storage *request; - - ret = kcm_storage_request(context, KCM_OP_SET_FLAGS, &request); - if (ret) - return ret; - - ret = krb5_store_stringz(request, k->name); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_store_int32(request, flags); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = kcm_call(context, k, request, NULL, NULL); - - krb5_storage_free(request); - return ret; -} - -static krb5_error_code -kcm_get_version(krb5_context context, - krb5_ccache id) -{ - return 0; -} - -static krb5_error_code -kcm_move(krb5_context context, krb5_ccache from, krb5_ccache to) -{ - krb5_set_error_string(context, "kcm_move not implemented"); - return EINVAL; -} - -static krb5_error_code -kcm_default_name(krb5_context context, char **str) -{ - return _krb5_expand_default_cc_name(context, - KRB5_DEFAULT_CCNAME_KCM, - str); -} - -/** - * Variable containing the KCM based credential cache implemention. - * - * @ingroup krb5_ccache - */ - -const krb5_cc_ops krb5_kcm_ops = { - "KCM", - kcm_get_name, - kcm_resolve, - kcm_gen_new, - kcm_initialize, - kcm_destroy, - kcm_close, - kcm_store_cred, - kcm_retrieve, - kcm_get_principal, - kcm_get_first, - kcm_get_next, - kcm_end_get, - kcm_remove_cred, - kcm_set_flags, - kcm_get_version, - NULL, - NULL, - NULL, - kcm_move, - kcm_default_name -}; - -krb5_boolean -_krb5_kcm_is_running(krb5_context context) -{ - krb5_error_code ret; - krb5_ccache_data ccdata; - krb5_ccache id = &ccdata; - krb5_boolean running; - - ret = kcm_alloc(context, NULL, &id); - if (ret) - return 0; - - running = (_krb5_kcm_noop(context, id) == 0); - - kcm_free(context, &id); - - return running; -} - -/* - * Request: - * - * Response: - * - */ -krb5_error_code -_krb5_kcm_noop(krb5_context context, - krb5_ccache id) -{ - krb5_error_code ret; - krb5_kcmcache *k = KCMCACHE(id); - krb5_storage *request; - - ret = kcm_storage_request(context, KCM_OP_NOOP, &request); - if (ret) - return ret; - - ret = kcm_call(context, k, request, NULL, NULL); - - krb5_storage_free(request); - return ret; -} - - -/* - * Request: - * NameZ - * Mode - * - * Response: - * - */ -krb5_error_code -_krb5_kcm_chmod(krb5_context context, - krb5_ccache id, - uint16_t mode) -{ - krb5_error_code ret; - krb5_kcmcache *k = KCMCACHE(id); - krb5_storage *request; - - ret = kcm_storage_request(context, KCM_OP_CHMOD, &request); - if (ret) - return ret; - - ret = krb5_store_stringz(request, k->name); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_store_int16(request, mode); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = kcm_call(context, k, request, NULL, NULL); - - krb5_storage_free(request); - return ret; -} - - -/* - * Request: - * NameZ - * UID - * GID - * - * Response: - * - */ -krb5_error_code -_krb5_kcm_chown(krb5_context context, - krb5_ccache id, - uint32_t uid, - uint32_t gid) -{ - krb5_error_code ret; - krb5_kcmcache *k = KCMCACHE(id); - krb5_storage *request; - - ret = kcm_storage_request(context, KCM_OP_CHOWN, &request); - if (ret) - return ret; - - ret = krb5_store_stringz(request, k->name); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_store_int32(request, uid); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_store_int32(request, gid); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = kcm_call(context, k, request, NULL, NULL); - - krb5_storage_free(request); - return ret; -} - - -/* - * Request: - * NameZ - * ServerPrincipalPresent - * ServerPrincipal OPTIONAL - * Key - * - * Repsonse: - * - */ -krb5_error_code -_krb5_kcm_get_initial_ticket(krb5_context context, - krb5_ccache id, - krb5_principal server, - krb5_keyblock *key) -{ - krb5_error_code ret; - krb5_kcmcache *k = KCMCACHE(id); - krb5_storage *request; - - ret = kcm_storage_request(context, KCM_OP_GET_INITIAL_TICKET, &request); - if (ret) - return ret; - - ret = krb5_store_stringz(request, k->name); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_store_int8(request, (server == NULL) ? 0 : 1); - if (ret) { - krb5_storage_free(request); - return ret; - } - - if (server != NULL) { - ret = krb5_store_principal(request, server); - if (ret) { - krb5_storage_free(request); - return ret; - } - } - - ret = krb5_store_keyblock(request, *key); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = kcm_call(context, k, request, NULL, NULL); - - krb5_storage_free(request); - return ret; -} - - -/* - * Request: - * NameZ - * KDCFlags - * EncryptionType - * ServerPrincipal - * - * Repsonse: - * - */ -krb5_error_code -_krb5_kcm_get_ticket(krb5_context context, - krb5_ccache id, - krb5_kdc_flags flags, - krb5_enctype enctype, - krb5_principal server) -{ - krb5_error_code ret; - krb5_kcmcache *k = KCMCACHE(id); - krb5_storage *request; - - ret = kcm_storage_request(context, KCM_OP_GET_TICKET, &request); - if (ret) - return ret; - - ret = krb5_store_stringz(request, k->name); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_store_int32(request, flags.i); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_store_int32(request, enctype); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = krb5_store_principal(request, server); - if (ret) { - krb5_storage_free(request); - return ret; - } - - ret = kcm_call(context, k, request, NULL, NULL); - - krb5_storage_free(request); - return ret; -} - - -#endif /* HAVE_KCM */ diff --git a/crypto/heimdal/lib/krb5/kcm.h b/crypto/heimdal/lib/krb5/kcm.h deleted file mode 100644 index 10dfa440f1d7..000000000000 --- a/crypto/heimdal/lib/krb5/kcm.h +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 2005, PADL Software Pty Ltd. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of PADL Software nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __KCM_H__ -#define __KCM_H__ - -/* - * KCM protocol definitions - */ - -#define KCM_PROTOCOL_VERSION_MAJOR 1 -#define KCM_PROTOCOL_VERSION_MINOR 0 - -typedef enum kcm_operation { - KCM_OP_NOOP, - KCM_OP_GET_NAME, - KCM_OP_RESOLVE, - KCM_OP_GEN_NEW, - KCM_OP_INITIALIZE, - KCM_OP_DESTROY, - KCM_OP_STORE, - KCM_OP_RETRIEVE, - KCM_OP_GET_PRINCIPAL, - KCM_OP_GET_FIRST, - KCM_OP_GET_NEXT, - KCM_OP_END_GET, - KCM_OP_REMOVE_CRED, - KCM_OP_SET_FLAGS, - KCM_OP_CHOWN, - KCM_OP_CHMOD, - KCM_OP_GET_INITIAL_TICKET, - KCM_OP_GET_TICKET, - KCM_OP_MAX -} kcm_operation; - -#define _PATH_KCM_SOCKET "/var/run/.kcm_socket" -#define _PATH_KCM_DOOR "/var/run/.kcm_door" - -#endif /* __KCM_H__ */ - diff --git a/crypto/heimdal/lib/krb5/kerberos.8 b/crypto/heimdal/lib/krb5/kerberos.8 deleted file mode 100644 index e45c947d10c8..000000000000 --- a/crypto/heimdal/lib/krb5/kerberos.8 +++ /dev/null @@ -1,107 +0,0 @@ -.\" Copyright (c) 2000 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: kerberos.8 16121 2005-10-03 14:24:36Z lha $ -.\" -.Dd September 1, 2000 -.Dt KERBEROS 8 -.Os HEIMDAL -.Sh NAME -.Nm kerberos -.Nd introduction to the Kerberos system -.Sh DESCRIPTION -Kerberos is a network authentication system. Its purpose is to -securely authenticate users and services in an insecure network -environment. -.Pp -This is done with a Kerberos server acting as a trusted third party, -keeping a database with secret keys for all users and services -(collectively called -.Em principals ) . -.Pp -Each principal belongs to exactly one -.Em realm , -which is the administrative domain in Kerberos. A realm usually -corresponds to an organisation, and the realm should normally be -derived from that organisation's domain name. A realm is served by one -or more Kerberos servers. -.Pp -The authentication process involves exchange of -.Sq tickets -and -.Sq authenticators -which together prove the principal's identity. -.Pp -When you login to the Kerberos system, either through the normal -system login or with the -.Xr kinit 1 -program, you acquire a -.Em ticket granting ticket -which allows you to get new tickets for other services, such as -.Ic telnet -or -.Ic ftp , -without giving your password. -.Pp -For more information on how Kerberos works, and other general Kerberos -questions see the Kerberos FAQ at -.Pa http://www.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html . -.Pp -For setup instructions see the Heimdal Texinfo manual. -.Sh SEE ALSO -.Xr ftp 1 , -.Xr kdestroy 1 , -.Xr kinit 1 , -.Xr klist 1 , -.Xr kpasswd 1 , -.Xr telnet 1 -.Sh HISTORY -The Kerberos authentication system was developed in the late 1980's as -part of the Athena Project at the Massachusetts Institute of -Technology. Versions one through three never reached outside MIT, but -version 4 was (and still is) quite popular, especially in the academic -community, but is also used in commercial products like the AFS -filesystem. -.Pp -The problems with version 4 are that it has many limitations, the code -was not too well written (since it had been developed over a long -time), and it has a number of known security problems. To resolve many -of these issues work on version five started, and resulted in IETF RFC -1510 in 1993. IETF RFC 1510 was obsoleted in 2005 with IETF RFC 4120, -also known as Kerberos clarifications. With the arrival of IETF RFC -4120, the work on adding extensibility and internationalization have -started (Kerberos extensions), and a new RFC will hopefully appear -soon. -.Pp -This manual page is part of the -.Nm Heimdal -Kerberos 5 distribution, which has been in development at the Royal -Institute of Technology in Stockholm, Sweden, since about 1997. diff --git a/crypto/heimdal/lib/krb5/keyblock.c b/crypto/heimdal/lib/krb5/keyblock.c deleted file mode 100644 index ff4f972e57d7..000000000000 --- a/crypto/heimdal/lib/krb5/keyblock.c +++ /dev/null @@ -1,133 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: keyblock.c 15167 2005-05-18 04:21:57Z lha $"); - -void KRB5_LIB_FUNCTION -krb5_keyblock_zero(krb5_keyblock *keyblock) -{ - keyblock->keytype = 0; - krb5_data_zero(&keyblock->keyvalue); -} - -void KRB5_LIB_FUNCTION -krb5_free_keyblock_contents(krb5_context context, - krb5_keyblock *keyblock) -{ - if(keyblock) { - if (keyblock->keyvalue.data != NULL) - memset(keyblock->keyvalue.data, 0, keyblock->keyvalue.length); - krb5_data_free (&keyblock->keyvalue); - keyblock->keytype = ENCTYPE_NULL; - } -} - -void KRB5_LIB_FUNCTION -krb5_free_keyblock(krb5_context context, - krb5_keyblock *keyblock) -{ - if(keyblock){ - krb5_free_keyblock_contents(context, keyblock); - free(keyblock); - } -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_keyblock_contents (krb5_context context, - const krb5_keyblock *inblock, - krb5_keyblock *to) -{ - return copy_EncryptionKey(inblock, to); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_keyblock (krb5_context context, - const krb5_keyblock *inblock, - krb5_keyblock **to) -{ - krb5_keyblock *k; - - k = malloc (sizeof(*k)); - if (k == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - *to = k; - return krb5_copy_keyblock_contents (context, inblock, k); -} - -krb5_enctype -krb5_keyblock_get_enctype(const krb5_keyblock *block) -{ - return block->keytype; -} - -/* - * Fill in `key' with key data of type `enctype' from `data' of length - * `size'. Key should be freed using krb5_free_keyblock_contents. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_keyblock_init(krb5_context context, - krb5_enctype type, - const void *data, - size_t size, - krb5_keyblock *key) -{ - krb5_error_code ret; - size_t len; - - memset(key, 0, sizeof(*key)); - - ret = krb5_enctype_keysize(context, type, &len); - if (ret) - return ret; - - if (len != size) { - krb5_set_error_string(context, "Encryption key %d is %lu bytes " - "long, %lu was passed in", - type, (unsigned long)len, (unsigned long)size); - return KRB5_PROG_ETYPE_NOSUPP; - } - ret = krb5_data_copy(&key->keyvalue, data, len); - if(ret) { - krb5_set_error_string(context, "malloc failed: %lu", - (unsigned long)len); - return ret; - } - key->keytype = type; - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/keytab.c b/crypto/heimdal/lib/krb5/keytab.c deleted file mode 100644 index f6c7858c12ec..000000000000 --- a/crypto/heimdal/lib/krb5/keytab.c +++ /dev/null @@ -1,528 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: keytab.c 20211 2007-02-09 07:11:03Z lha $"); - -/* - * Register a new keytab in `ops' - * Return 0 or an error. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_register(krb5_context context, - const krb5_kt_ops *ops) -{ - struct krb5_keytab_data *tmp; - - if (strlen(ops->prefix) > KRB5_KT_PREFIX_MAX_LEN - 1) { - krb5_set_error_string(context, "krb5_kt_register; prefix too long"); - return KRB5_KT_BADNAME; - } - - tmp = realloc(context->kt_types, - (context->num_kt_types + 1) * sizeof(*context->kt_types)); - if(tmp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - memcpy(&tmp[context->num_kt_types], ops, - sizeof(tmp[context->num_kt_types])); - context->kt_types = tmp; - context->num_kt_types++; - return 0; -} - -/* - * Resolve the keytab name (of the form `type:residual') in `name' - * into a keytab in `id'. - * Return 0 or an error - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_resolve(krb5_context context, - const char *name, - krb5_keytab *id) -{ - krb5_keytab k; - int i; - const char *type, *residual; - size_t type_len; - krb5_error_code ret; - - residual = strchr(name, ':'); - if(residual == NULL) { - type = "FILE"; - type_len = strlen(type); - residual = name; - } else { - type = name; - type_len = residual - name; - residual++; - } - - for(i = 0; i < context->num_kt_types; i++) { - if(strncasecmp(type, context->kt_types[i].prefix, type_len) == 0) - break; - } - if(i == context->num_kt_types) { - krb5_set_error_string(context, "unknown keytab type %.*s", - (int)type_len, type); - return KRB5_KT_UNKNOWN_TYPE; - } - - k = malloc (sizeof(*k)); - if (k == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - memcpy(k, &context->kt_types[i], sizeof(*k)); - k->data = NULL; - ret = (*k->resolve)(context, residual, k); - if(ret) { - free(k); - k = NULL; - } - *id = k; - return ret; -} - -/* - * copy the name of the default keytab into `name'. - * Return 0 or KRB5_CONFIG_NOTENUFSPACE if `namesize' is too short. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_default_name(krb5_context context, char *name, size_t namesize) -{ - if (strlcpy (name, context->default_keytab, namesize) >= namesize) { - krb5_clear_error_string (context); - return KRB5_CONFIG_NOTENUFSPACE; - } - return 0; -} - -/* - * copy the name of the default modify keytab into `name'. - * Return 0 or KRB5_CONFIG_NOTENUFSPACE if `namesize' is too short. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_default_modify_name(krb5_context context, char *name, size_t namesize) -{ - const char *kt = NULL; - if(context->default_keytab_modify == NULL) { - if(strncasecmp(context->default_keytab, "ANY:", 4) != 0) - kt = context->default_keytab; - else { - size_t len = strcspn(context->default_keytab + 4, ","); - if(len >= namesize) { - krb5_clear_error_string(context); - return KRB5_CONFIG_NOTENUFSPACE; - } - strlcpy(name, context->default_keytab + 4, namesize); - name[len] = '\0'; - return 0; - } - } else - kt = context->default_keytab_modify; - if (strlcpy (name, kt, namesize) >= namesize) { - krb5_clear_error_string (context); - return KRB5_CONFIG_NOTENUFSPACE; - } - return 0; -} - -/* - * Set `id' to the default keytab. - * Return 0 or an error. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_default(krb5_context context, krb5_keytab *id) -{ - return krb5_kt_resolve (context, context->default_keytab, id); -} - -/* - * Read the key identified by `(principal, vno, enctype)' from the - * keytab in `keyprocarg' (the default if == NULL) into `*key'. - * Return 0 or an error. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_read_service_key(krb5_context context, - krb5_pointer keyprocarg, - krb5_principal principal, - krb5_kvno vno, - krb5_enctype enctype, - krb5_keyblock **key) -{ - krb5_keytab keytab; - krb5_keytab_entry entry; - krb5_error_code ret; - - if (keyprocarg) - ret = krb5_kt_resolve (context, keyprocarg, &keytab); - else - ret = krb5_kt_default (context, &keytab); - - if (ret) - return ret; - - ret = krb5_kt_get_entry (context, keytab, principal, vno, enctype, &entry); - krb5_kt_close (context, keytab); - if (ret) - return ret; - ret = krb5_copy_keyblock (context, &entry.keyblock, key); - krb5_kt_free_entry(context, &entry); - return ret; -} - -/* - * Return the type of the `keytab' in the string `prefix of length - * `prefixsize'. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_get_type(krb5_context context, - krb5_keytab keytab, - char *prefix, - size_t prefixsize) -{ - strlcpy(prefix, keytab->prefix, prefixsize); - return 0; -} - -/* - * Retrieve the name of the keytab `keytab' into `name', `namesize' - * Return 0 or an error. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_get_name(krb5_context context, - krb5_keytab keytab, - char *name, - size_t namesize) -{ - return (*keytab->get_name)(context, keytab, name, namesize); -} - -/* - * Retrieve the full name of the keytab `keytab' and store the name in - * `str'. `str' needs to be freed by the caller using free(3). - * Returns 0 or an error. On error, *str is set to NULL. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_get_full_name(krb5_context context, - krb5_keytab keytab, - char **str) -{ - char type[KRB5_KT_PREFIX_MAX_LEN]; - char name[MAXPATHLEN]; - krb5_error_code ret; - - *str = NULL; - - ret = krb5_kt_get_type(context, keytab, type, sizeof(type)); - if (ret) - return ret; - - ret = krb5_kt_get_name(context, keytab, name, sizeof(name)); - if (ret) - return ret; - - if (asprintf(str, "%s:%s", type, name) == -1) { - krb5_set_error_string(context, "malloc - out of memory"); - *str = NULL; - return ENOMEM; - } - - return 0; -} - -/* - * Finish using the keytab in `id'. All resources will be released, - * even on errors. Return 0 or an error. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_close(krb5_context context, - krb5_keytab id) -{ - krb5_error_code ret; - - ret = (*id->close)(context, id); - memset(id, 0, sizeof(*id)); - free(id); - return ret; -} - -/* - * Compare `entry' against `principal, vno, enctype'. - * Any of `principal, vno, enctype' might be 0 which acts as a wildcard. - * Return TRUE if they compare the same, FALSE otherwise. - */ - -krb5_boolean KRB5_LIB_FUNCTION -krb5_kt_compare(krb5_context context, - krb5_keytab_entry *entry, - krb5_const_principal principal, - krb5_kvno vno, - krb5_enctype enctype) -{ - if(principal != NULL && - !krb5_principal_compare(context, entry->principal, principal)) - return FALSE; - if(vno && vno != entry->vno) - return FALSE; - if(enctype && enctype != entry->keyblock.keytype) - return FALSE; - return TRUE; -} - -/* - * Retrieve the keytab entry for `principal, kvno, enctype' into `entry' - * from the keytab `id'. - * kvno == 0 is a wildcard and gives the keytab with the highest vno. - * Return 0 or an error. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_get_entry(krb5_context context, - krb5_keytab id, - krb5_const_principal principal, - krb5_kvno kvno, - krb5_enctype enctype, - krb5_keytab_entry *entry) -{ - krb5_keytab_entry tmp; - krb5_error_code ret; - krb5_kt_cursor cursor; - - if(id->get) - return (*id->get)(context, id, principal, kvno, enctype, entry); - - ret = krb5_kt_start_seq_get (context, id, &cursor); - if (ret) { - krb5_clear_error_string(context); - return KRB5_KT_NOTFOUND; /* XXX i.e. file not found */ - } - - entry->vno = 0; - while (krb5_kt_next_entry(context, id, &tmp, &cursor) == 0) { - if (krb5_kt_compare(context, &tmp, principal, 0, enctype)) { - /* the file keytab might only store the lower 8 bits of - the kvno, so only compare those bits */ - if (kvno == tmp.vno - || (tmp.vno < 256 && kvno % 256 == tmp.vno)) { - krb5_kt_copy_entry_contents (context, &tmp, entry); - krb5_kt_free_entry (context, &tmp); - krb5_kt_end_seq_get(context, id, &cursor); - return 0; - } else if (kvno == 0 && tmp.vno > entry->vno) { - if (entry->vno) - krb5_kt_free_entry (context, entry); - krb5_kt_copy_entry_contents (context, &tmp, entry); - } - } - krb5_kt_free_entry(context, &tmp); - } - krb5_kt_end_seq_get (context, id, &cursor); - if (entry->vno) { - return 0; - } else { - char princ[256], kvno_str[25], *kt_name; - char *enctype_str = NULL; - - krb5_unparse_name_fixed (context, principal, princ, sizeof(princ)); - krb5_kt_get_full_name (context, id, &kt_name); - krb5_enctype_to_string(context, enctype, &enctype_str); - - if (kvno) - snprintf(kvno_str, sizeof(kvno_str), "(kvno %d)", kvno); - else - kvno_str[0] = '\0'; - - krb5_set_error_string (context, - "Failed to find %s%s in keytab %s (%s)", - princ, - kvno_str, - kt_name ? kt_name : "unknown keytab", - enctype_str ? enctype_str : "unknown enctype"); - free(kt_name); - free(enctype_str); - return KRB5_KT_NOTFOUND; - } -} - -/* - * Copy the contents of `in' into `out'. - * Return 0 or an error. */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_copy_entry_contents(krb5_context context, - const krb5_keytab_entry *in, - krb5_keytab_entry *out) -{ - krb5_error_code ret; - - memset(out, 0, sizeof(*out)); - out->vno = in->vno; - - ret = krb5_copy_principal (context, in->principal, &out->principal); - if (ret) - goto fail; - ret = krb5_copy_keyblock_contents (context, - &in->keyblock, - &out->keyblock); - if (ret) - goto fail; - out->timestamp = in->timestamp; - return 0; -fail: - krb5_kt_free_entry (context, out); - return ret; -} - -/* - * Free the contents of `entry'. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_free_entry(krb5_context context, - krb5_keytab_entry *entry) -{ - krb5_free_principal (context, entry->principal); - krb5_free_keyblock_contents (context, &entry->keyblock); - memset(entry, 0, sizeof(*entry)); - return 0; -} - -/* - * Set `cursor' to point at the beginning of `id'. - * Return 0 or an error. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_start_seq_get(krb5_context context, - krb5_keytab id, - krb5_kt_cursor *cursor) -{ - if(id->start_seq_get == NULL) { - krb5_set_error_string(context, - "start_seq_get is not supported in the %s " - " keytab", id->prefix); - return HEIM_ERR_OPNOTSUPP; - } - return (*id->start_seq_get)(context, id, cursor); -} - -/* - * Get the next entry from `id' pointed to by `cursor' and advance the - * `cursor'. - * Return 0 or an error. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_next_entry(krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry, - krb5_kt_cursor *cursor) -{ - if(id->next_entry == NULL) { - krb5_set_error_string(context, - "next_entry is not supported in the %s " - " keytab", id->prefix); - return HEIM_ERR_OPNOTSUPP; - } - return (*id->next_entry)(context, id, entry, cursor); -} - -/* - * Release all resources associated with `cursor'. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_end_seq_get(krb5_context context, - krb5_keytab id, - krb5_kt_cursor *cursor) -{ - if(id->end_seq_get == NULL) { - krb5_set_error_string(context, - "end_seq_get is not supported in the %s " - " keytab", id->prefix); - return HEIM_ERR_OPNOTSUPP; - } - return (*id->end_seq_get)(context, id, cursor); -} - -/* - * Add the entry in `entry' to the keytab `id'. - * Return 0 or an error. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_add_entry(krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry) -{ - if(id->add == NULL) { - krb5_set_error_string(context, "Add is not supported in the %s keytab", - id->prefix); - return KRB5_KT_NOWRITE; - } - entry->timestamp = time(NULL); - return (*id->add)(context, id,entry); -} - -/* - * Remove the entry `entry' from the keytab `id'. - * Return 0 or an error. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_remove_entry(krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry) -{ - if(id->remove == NULL) { - krb5_set_error_string(context, - "Remove is not supported in the %s keytab", - id->prefix); - return KRB5_KT_NOWRITE; - } - return (*id->remove)(context, id, entry); -} diff --git a/crypto/heimdal/lib/krb5/keytab_any.c b/crypto/heimdal/lib/krb5/keytab_any.c deleted file mode 100644 index 54272d48453f..000000000000 --- a/crypto/heimdal/lib/krb5/keytab_any.c +++ /dev/null @@ -1,255 +0,0 @@ -/* - * Copyright (c) 2001-2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: keytab_any.c 17035 2006-04-10 09:20:13Z lha $"); - -struct any_data { - krb5_keytab kt; - char *name; - struct any_data *next; -}; - -static void -free_list (krb5_context context, struct any_data *a) -{ - struct any_data *next; - - for (; a != NULL; a = next) { - next = a->next; - free (a->name); - if(a->kt) - krb5_kt_close(context, a->kt); - free (a); - } -} - -static krb5_error_code -any_resolve(krb5_context context, const char *name, krb5_keytab id) -{ - struct any_data *a, *a0 = NULL, *prev = NULL; - krb5_error_code ret; - char buf[256]; - - while (strsep_copy(&name, ",", buf, sizeof(buf)) != -1) { - a = malloc(sizeof(*a)); - if (a == NULL) { - ret = ENOMEM; - goto fail; - } - if (a0 == NULL) { - a0 = a; - a->name = strdup(buf); - if (a->name == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto fail; - } - } else - a->name = NULL; - if (prev != NULL) - prev->next = a; - a->next = NULL; - ret = krb5_kt_resolve (context, buf, &a->kt); - if (ret) - goto fail; - prev = a; - } - if (a0 == NULL) { - krb5_set_error_string(context, "empty ANY: keytab"); - return ENOENT; - } - id->data = a0; - return 0; - fail: - free_list (context, a0); - return ret; -} - -static krb5_error_code -any_get_name (krb5_context context, - krb5_keytab id, - char *name, - size_t namesize) -{ - struct any_data *a = id->data; - strlcpy(name, a->name, namesize); - return 0; -} - -static krb5_error_code -any_close (krb5_context context, - krb5_keytab id) -{ - struct any_data *a = id->data; - - free_list (context, a); - return 0; -} - -struct any_cursor_extra_data { - struct any_data *a; - krb5_kt_cursor cursor; -}; - -static krb5_error_code -any_start_seq_get(krb5_context context, - krb5_keytab id, - krb5_kt_cursor *c) -{ - struct any_data *a = id->data; - struct any_cursor_extra_data *ed; - krb5_error_code ret; - - c->data = malloc (sizeof(struct any_cursor_extra_data)); - if(c->data == NULL){ - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - ed = (struct any_cursor_extra_data *)c->data; - ed->a = a; - ret = krb5_kt_start_seq_get(context, ed->a->kt, &ed->cursor); - if (ret) { - free (c->data); - c->data = NULL; - return ret; - } - return 0; -} - -static krb5_error_code -any_next_entry (krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry, - krb5_kt_cursor *cursor) -{ - krb5_error_code ret, ret2; - struct any_cursor_extra_data *ed; - - ed = (struct any_cursor_extra_data *)cursor->data; - do { - ret = krb5_kt_next_entry(context, ed->a->kt, entry, &ed->cursor); - if (ret == 0) - return 0; - else if (ret != KRB5_KT_END) - return ret; - - ret2 = krb5_kt_end_seq_get (context, ed->a->kt, &ed->cursor); - if (ret2) - return ret2; - while ((ed->a = ed->a->next) != NULL) { - ret2 = krb5_kt_start_seq_get(context, ed->a->kt, &ed->cursor); - if (ret2 == 0) - break; - } - if (ed->a == NULL) { - krb5_clear_error_string (context); - return KRB5_KT_END; - } - } while (1); -} - -static krb5_error_code -any_end_seq_get(krb5_context context, - krb5_keytab id, - krb5_kt_cursor *cursor) -{ - krb5_error_code ret = 0; - struct any_cursor_extra_data *ed; - - ed = (struct any_cursor_extra_data *)cursor->data; - if (ed->a != NULL) - ret = krb5_kt_end_seq_get(context, ed->a->kt, &ed->cursor); - free (ed); - cursor->data = NULL; - return ret; -} - -static krb5_error_code -any_add_entry(krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry) -{ - struct any_data *a = id->data; - krb5_error_code ret; - while(a != NULL) { - ret = krb5_kt_add_entry(context, a->kt, entry); - if(ret != 0 && ret != KRB5_KT_NOWRITE) { - krb5_set_error_string(context, "failed to add entry to %s", - a->name); - return ret; - } - a = a->next; - } - return 0; -} - -static krb5_error_code -any_remove_entry(krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry) -{ - struct any_data *a = id->data; - krb5_error_code ret; - int found = 0; - while(a != NULL) { - ret = krb5_kt_remove_entry(context, a->kt, entry); - if(ret == 0) - found++; - else { - if(ret != KRB5_KT_NOWRITE && ret != KRB5_KT_NOTFOUND) { - krb5_set_error_string(context, "failed to remove entry from %s", - a->name); - return ret; - } - } - a = a->next; - } - if(!found) - return KRB5_KT_NOTFOUND; - return 0; -} - -const krb5_kt_ops krb5_any_ops = { - "ANY", - any_resolve, - any_get_name, - any_close, - NULL, /* get */ - any_start_seq_get, - any_next_entry, - any_end_seq_get, - any_add_entry, - any_remove_entry -}; diff --git a/crypto/heimdal/lib/krb5/keytab_file.c b/crypto/heimdal/lib/krb5/keytab_file.c deleted file mode 100644 index 4ada3a463ea8..000000000000 --- a/crypto/heimdal/lib/krb5/keytab_file.c +++ /dev/null @@ -1,696 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: keytab_file.c 17457 2006-05-05 12:36:57Z lha $"); - -#define KRB5_KT_VNO_1 1 -#define KRB5_KT_VNO_2 2 -#define KRB5_KT_VNO KRB5_KT_VNO_2 - -#define KRB5_KT_FL_JAVA 1 - - -/* file operations -------------------------------------------- */ - -struct fkt_data { - char *filename; - int flags; -}; - -static krb5_error_code -krb5_kt_ret_data(krb5_context context, - krb5_storage *sp, - krb5_data *data) -{ - int ret; - int16_t size; - ret = krb5_ret_int16(sp, &size); - if(ret) - return ret; - data->length = size; - data->data = malloc(size); - if (data->data == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - ret = krb5_storage_read(sp, data->data, size); - if(ret != size) - return (ret < 0)? errno : KRB5_KT_END; - return 0; -} - -static krb5_error_code -krb5_kt_ret_string(krb5_context context, - krb5_storage *sp, - heim_general_string *data) -{ - int ret; - int16_t size; - ret = krb5_ret_int16(sp, &size); - if(ret) - return ret; - *data = malloc(size + 1); - if (*data == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - ret = krb5_storage_read(sp, *data, size); - (*data)[size] = '\0'; - if(ret != size) - return (ret < 0)? errno : KRB5_KT_END; - return 0; -} - -static krb5_error_code -krb5_kt_store_data(krb5_context context, - krb5_storage *sp, - krb5_data data) -{ - int ret; - ret = krb5_store_int16(sp, data.length); - if(ret < 0) - return ret; - ret = krb5_storage_write(sp, data.data, data.length); - if(ret != data.length){ - if(ret < 0) - return errno; - return KRB5_KT_END; - } - return 0; -} - -static krb5_error_code -krb5_kt_store_string(krb5_storage *sp, - heim_general_string data) -{ - int ret; - size_t len = strlen(data); - ret = krb5_store_int16(sp, len); - if(ret < 0) - return ret; - ret = krb5_storage_write(sp, data, len); - if(ret != len){ - if(ret < 0) - return errno; - return KRB5_KT_END; - } - return 0; -} - -static krb5_error_code -krb5_kt_ret_keyblock(krb5_context context, krb5_storage *sp, krb5_keyblock *p) -{ - int ret; - int16_t tmp; - - ret = krb5_ret_int16(sp, &tmp); /* keytype + etype */ - if(ret) return ret; - p->keytype = tmp; - ret = krb5_kt_ret_data(context, sp, &p->keyvalue); - return ret; -} - -static krb5_error_code -krb5_kt_store_keyblock(krb5_context context, - krb5_storage *sp, - krb5_keyblock *p) -{ - int ret; - - ret = krb5_store_int16(sp, p->keytype); /* keytype + etype */ - if(ret) return ret; - ret = krb5_kt_store_data(context, sp, p->keyvalue); - return ret; -} - - -static krb5_error_code -krb5_kt_ret_principal(krb5_context context, - krb5_storage *sp, - krb5_principal *princ) -{ - int i; - int ret; - krb5_principal p; - int16_t len; - - ALLOC(p, 1); - if(p == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - - ret = krb5_ret_int16(sp, &len); - if(ret) { - krb5_set_error_string(context, - "Failed decoding length of keytab principal"); - goto out; - } - if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS)) - len--; - if (len < 0) { - krb5_set_error_string(context, - "Keytab principal contains invalid length"); - ret = KRB5_KT_END; - goto out; - } - ret = krb5_kt_ret_string(context, sp, &p->realm); - if(ret) - goto out; - p->name.name_string.val = calloc(len, sizeof(*p->name.name_string.val)); - if(p->name.name_string.val == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - p->name.name_string.len = len; - for(i = 0; i < p->name.name_string.len; i++){ - ret = krb5_kt_ret_string(context, sp, p->name.name_string.val + i); - if(ret) - goto out; - } - if (krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE)) - p->name.name_type = KRB5_NT_UNKNOWN; - else { - int32_t tmp32; - ret = krb5_ret_int32(sp, &tmp32); - p->name.name_type = tmp32; - if (ret) - goto out; - } - *princ = p; - return 0; -out: - krb5_free_principal(context, p); - return ret; -} - -static krb5_error_code -krb5_kt_store_principal(krb5_context context, - krb5_storage *sp, - krb5_principal p) -{ - int i; - int ret; - - if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS)) - ret = krb5_store_int16(sp, p->name.name_string.len + 1); - else - ret = krb5_store_int16(sp, p->name.name_string.len); - if(ret) return ret; - ret = krb5_kt_store_string(sp, p->realm); - if(ret) return ret; - for(i = 0; i < p->name.name_string.len; i++){ - ret = krb5_kt_store_string(sp, p->name.name_string.val[i]); - if(ret) - return ret; - } - if(!krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE)) { - ret = krb5_store_int32(sp, p->name.name_type); - if(ret) - return ret; - } - - return 0; -} - -static krb5_error_code -fkt_resolve(krb5_context context, const char *name, krb5_keytab id) -{ - struct fkt_data *d; - - d = malloc(sizeof(*d)); - if(d == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - d->filename = strdup(name); - if(d->filename == NULL) { - free(d); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - d->flags = 0; - id->data = d; - return 0; -} - -static krb5_error_code -fkt_resolve_java14(krb5_context context, const char *name, krb5_keytab id) -{ - krb5_error_code ret; - - ret = fkt_resolve(context, name, id); - if (ret == 0) { - struct fkt_data *d = id->data; - d->flags |= KRB5_KT_FL_JAVA; - } - return ret; -} - -static krb5_error_code -fkt_close(krb5_context context, krb5_keytab id) -{ - struct fkt_data *d = id->data; - free(d->filename); - free(d); - return 0; -} - -static krb5_error_code -fkt_get_name(krb5_context context, - krb5_keytab id, - char *name, - size_t namesize) -{ - /* This function is XXX */ - struct fkt_data *d = id->data; - strlcpy(name, d->filename, namesize); - return 0; -} - -static void -storage_set_flags(krb5_context context, krb5_storage *sp, int vno) -{ - int flags = 0; - switch(vno) { - case KRB5_KT_VNO_1: - flags |= KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS; - flags |= KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE; - flags |= KRB5_STORAGE_HOST_BYTEORDER; - break; - case KRB5_KT_VNO_2: - break; - default: - krb5_warnx(context, - "storage_set_flags called with bad vno (%d)", vno); - } - krb5_storage_set_flags(sp, flags); -} - -static krb5_error_code -fkt_start_seq_get_int(krb5_context context, - krb5_keytab id, - int flags, - int exclusive, - krb5_kt_cursor *c) -{ - int8_t pvno, tag; - krb5_error_code ret; - struct fkt_data *d = id->data; - - c->fd = open (d->filename, flags); - if (c->fd < 0) { - ret = errno; - krb5_set_error_string(context, "%s: %s", d->filename, - strerror(ret)); - return ret; - } - ret = _krb5_xlock(context, c->fd, exclusive, d->filename); - if (ret) { - close(c->fd); - return ret; - } - c->sp = krb5_storage_from_fd(c->fd); - if (c->sp == NULL) { - _krb5_xunlock(context, c->fd); - close(c->fd); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - krb5_storage_set_eof_code(c->sp, KRB5_KT_END); - ret = krb5_ret_int8(c->sp, &pvno); - if(ret) { - krb5_storage_free(c->sp); - _krb5_xunlock(context, c->fd); - close(c->fd); - krb5_clear_error_string(context); - return ret; - } - if(pvno != 5) { - krb5_storage_free(c->sp); - _krb5_xunlock(context, c->fd); - close(c->fd); - krb5_clear_error_string (context); - return KRB5_KEYTAB_BADVNO; - } - ret = krb5_ret_int8(c->sp, &tag); - if (ret) { - krb5_storage_free(c->sp); - _krb5_xunlock(context, c->fd); - close(c->fd); - krb5_clear_error_string(context); - return ret; - } - id->version = tag; - storage_set_flags(context, c->sp, id->version); - return 0; -} - -static krb5_error_code -fkt_start_seq_get(krb5_context context, - krb5_keytab id, - krb5_kt_cursor *c) -{ - return fkt_start_seq_get_int(context, id, O_RDONLY | O_BINARY, 0, c); -} - -static krb5_error_code -fkt_next_entry_int(krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry, - krb5_kt_cursor *cursor, - off_t *start, - off_t *end) -{ - int32_t len; - int ret; - int8_t tmp8; - int32_t tmp32; - off_t pos, curpos; - - pos = krb5_storage_seek(cursor->sp, 0, SEEK_CUR); -loop: - ret = krb5_ret_int32(cursor->sp, &len); - if (ret) - return ret; - if(len < 0) { - pos = krb5_storage_seek(cursor->sp, -len, SEEK_CUR); - goto loop; - } - ret = krb5_kt_ret_principal (context, cursor->sp, &entry->principal); - if (ret) - goto out; - ret = krb5_ret_int32(cursor->sp, &tmp32); - entry->timestamp = tmp32; - if (ret) - goto out; - ret = krb5_ret_int8(cursor->sp, &tmp8); - if (ret) - goto out; - entry->vno = tmp8; - ret = krb5_kt_ret_keyblock (context, cursor->sp, &entry->keyblock); - if (ret) - goto out; - /* there might be a 32 bit kvno here - * if it's zero, assume that the 8bit one was right, - * otherwise trust the new value */ - curpos = krb5_storage_seek(cursor->sp, 0, SEEK_CUR); - if(len + 4 + pos - curpos >= 4) { - ret = krb5_ret_int32(cursor->sp, &tmp32); - if (ret == 0 && tmp32 != 0) { - entry->vno = tmp32; - } - } - if(start) *start = pos; - if(end) *end = pos + 4 + len; - out: - krb5_storage_seek(cursor->sp, pos + 4 + len, SEEK_SET); - return ret; -} - -static krb5_error_code -fkt_next_entry(krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry, - krb5_kt_cursor *cursor) -{ - return fkt_next_entry_int(context, id, entry, cursor, NULL, NULL); -} - -static krb5_error_code -fkt_end_seq_get(krb5_context context, - krb5_keytab id, - krb5_kt_cursor *cursor) -{ - krb5_storage_free(cursor->sp); - _krb5_xunlock(context, cursor->fd); - close(cursor->fd); - return 0; -} - -static krb5_error_code -fkt_setup_keytab(krb5_context context, - krb5_keytab id, - krb5_storage *sp) -{ - krb5_error_code ret; - ret = krb5_store_int8(sp, 5); - if(ret) - return ret; - if(id->version == 0) - id->version = KRB5_KT_VNO; - return krb5_store_int8 (sp, id->version); -} - -static krb5_error_code -fkt_add_entry(krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry) -{ - int ret; - int fd; - krb5_storage *sp; - struct fkt_data *d = id->data; - krb5_data keytab; - int32_t len; - - fd = open (d->filename, O_RDWR | O_BINARY); - if (fd < 0) { - fd = open (d->filename, O_RDWR | O_CREAT | O_EXCL | O_BINARY, 0600); - if (fd < 0) { - ret = errno; - krb5_set_error_string(context, "open(%s): %s", d->filename, - strerror(ret)); - return ret; - } - ret = _krb5_xlock(context, fd, 1, d->filename); - if (ret) { - close(fd); - return ret; - } - sp = krb5_storage_from_fd(fd); - krb5_storage_set_eof_code(sp, KRB5_KT_END); - ret = fkt_setup_keytab(context, id, sp); - if(ret) { - goto out; - } - storage_set_flags(context, sp, id->version); - } else { - int8_t pvno, tag; - ret = _krb5_xlock(context, fd, 1, d->filename); - if (ret) { - close(fd); - return ret; - } - sp = krb5_storage_from_fd(fd); - krb5_storage_set_eof_code(sp, KRB5_KT_END); - ret = krb5_ret_int8(sp, &pvno); - if(ret) { - /* we probably have a zero byte file, so try to set it up - properly */ - ret = fkt_setup_keytab(context, id, sp); - if(ret) { - krb5_set_error_string(context, "%s: keytab is corrupted: %s", - d->filename, strerror(ret)); - goto out; - } - storage_set_flags(context, sp, id->version); - } else { - if(pvno != 5) { - ret = KRB5_KEYTAB_BADVNO; - krb5_set_error_string(context, "%s: %s", - d->filename, strerror(ret)); - goto out; - } - ret = krb5_ret_int8 (sp, &tag); - if (ret) { - krb5_set_error_string(context, "%s: reading tag: %s", - d->filename, strerror(ret)); - goto out; - } - id->version = tag; - storage_set_flags(context, sp, id->version); - } - } - - { - krb5_storage *emem; - emem = krb5_storage_emem(); - if(emem == NULL) { - ret = ENOMEM; - krb5_set_error_string (context, "malloc: out of memory"); - goto out; - } - ret = krb5_kt_store_principal(context, emem, entry->principal); - if(ret) { - krb5_storage_free(emem); - goto out; - } - ret = krb5_store_int32 (emem, entry->timestamp); - if(ret) { - krb5_storage_free(emem); - goto out; - } - ret = krb5_store_int8 (emem, entry->vno % 256); - if(ret) { - krb5_storage_free(emem); - goto out; - } - ret = krb5_kt_store_keyblock (context, emem, &entry->keyblock); - if(ret) { - krb5_storage_free(emem); - goto out; - } - if ((d->flags & KRB5_KT_FL_JAVA) == 0) { - ret = krb5_store_int32 (emem, entry->vno); - if (ret) { - krb5_storage_free(emem); - goto out; - } - } - - ret = krb5_storage_to_data(emem, &keytab); - krb5_storage_free(emem); - if(ret) - goto out; - } - - while(1) { - ret = krb5_ret_int32(sp, &len); - if(ret == KRB5_KT_END) { - len = keytab.length; - break; - } - if(len < 0) { - len = -len; - if(len >= keytab.length) { - krb5_storage_seek(sp, -4, SEEK_CUR); - break; - } - } - krb5_storage_seek(sp, len, SEEK_CUR); - } - ret = krb5_store_int32(sp, len); - if(krb5_storage_write(sp, keytab.data, keytab.length) < 0) - ret = errno; - memset(keytab.data, 0, keytab.length); - krb5_data_free(&keytab); - out: - krb5_storage_free(sp); - _krb5_xunlock(context, fd); - close(fd); - return ret; -} - -static krb5_error_code -fkt_remove_entry(krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry) -{ - krb5_keytab_entry e; - krb5_kt_cursor cursor; - off_t pos_start, pos_end; - int found = 0; - krb5_error_code ret; - - ret = fkt_start_seq_get_int(context, id, O_RDWR | O_BINARY, 1, &cursor); - if(ret != 0) - goto out; /* return other error here? */ - while(fkt_next_entry_int(context, id, &e, &cursor, - &pos_start, &pos_end) == 0) { - if(krb5_kt_compare(context, &e, entry->principal, - entry->vno, entry->keyblock.keytype)) { - int32_t len; - unsigned char buf[128]; - found = 1; - krb5_storage_seek(cursor.sp, pos_start, SEEK_SET); - len = pos_end - pos_start - 4; - krb5_store_int32(cursor.sp, -len); - memset(buf, 0, sizeof(buf)); - while(len > 0) { - krb5_storage_write(cursor.sp, buf, min(len, sizeof(buf))); - len -= min(len, sizeof(buf)); - } - } - krb5_kt_free_entry(context, &e); - } - krb5_kt_end_seq_get(context, id, &cursor); - out: - if (!found) { - krb5_clear_error_string (context); - return KRB5_KT_NOTFOUND; - } - return 0; -} - -const krb5_kt_ops krb5_fkt_ops = { - "FILE", - fkt_resolve, - fkt_get_name, - fkt_close, - NULL, /* get */ - fkt_start_seq_get, - fkt_next_entry, - fkt_end_seq_get, - fkt_add_entry, - fkt_remove_entry -}; - -const krb5_kt_ops krb5_wrfkt_ops = { - "WRFILE", - fkt_resolve, - fkt_get_name, - fkt_close, - NULL, /* get */ - fkt_start_seq_get, - fkt_next_entry, - fkt_end_seq_get, - fkt_add_entry, - fkt_remove_entry -}; - -const krb5_kt_ops krb5_javakt_ops = { - "JAVA14", - fkt_resolve_java14, - fkt_get_name, - fkt_close, - NULL, /* get */ - fkt_start_seq_get, - fkt_next_entry, - fkt_end_seq_get, - fkt_add_entry, - fkt_remove_entry -}; diff --git a/crypto/heimdal/lib/krb5/keytab_keyfile.c b/crypto/heimdal/lib/krb5/keytab_keyfile.c deleted file mode 100644 index 77455ba5f7c2..000000000000 --- a/crypto/heimdal/lib/krb5/keytab_keyfile.c +++ /dev/null @@ -1,420 +0,0 @@ -/* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: keytab_keyfile.c 20695 2007-05-30 14:09:09Z lha $"); - -/* afs keyfile operations --------------------------------------- */ - -/* - * Minimum tools to handle the AFS KeyFile. - * - * Format of the KeyFile is: - * {[ ] * numkeys} - * - * It just adds to the end of the keyfile, deleting isn't implemented. - * Use your favorite text/hex editor to delete keys. - * - */ - -#define AFS_SERVERTHISCELL "/usr/afs/etc/ThisCell" -#define AFS_SERVERMAGICKRBCONF "/usr/afs/etc/krb.conf" - -struct akf_data { - int num_entries; - char *filename; - char *cell; - char *realm; -}; - -/* - * set `d->cell' and `d->realm' - */ - -static int -get_cell_and_realm (krb5_context context, struct akf_data *d) -{ - FILE *f; - char buf[BUFSIZ], *cp; - int ret; - - f = fopen (AFS_SERVERTHISCELL, "r"); - if (f == NULL) { - ret = errno; - krb5_set_error_string (context, "open %s: %s", AFS_SERVERTHISCELL, - strerror(ret)); - return ret; - } - if (fgets (buf, sizeof(buf), f) == NULL) { - fclose (f); - krb5_set_error_string (context, "no cell in %s", AFS_SERVERTHISCELL); - return EINVAL; - } - buf[strcspn(buf, "\n")] = '\0'; - fclose(f); - - d->cell = strdup (buf); - if (d->cell == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - - f = fopen (AFS_SERVERMAGICKRBCONF, "r"); - if (f != NULL) { - if (fgets (buf, sizeof(buf), f) == NULL) { - free (d->cell); - d->cell = NULL; - fclose (f); - krb5_set_error_string (context, "no realm in %s", - AFS_SERVERMAGICKRBCONF); - return EINVAL; - } - buf[strcspn(buf, "\n")] = '\0'; - fclose(f); - } - /* uppercase */ - for (cp = buf; *cp != '\0'; cp++) - *cp = toupper((unsigned char)*cp); - - d->realm = strdup (buf); - if (d->realm == NULL) { - free (d->cell); - d->cell = NULL; - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - return 0; -} - -/* - * init and get filename - */ - -static krb5_error_code -akf_resolve(krb5_context context, const char *name, krb5_keytab id) -{ - int ret; - struct akf_data *d = malloc(sizeof (struct akf_data)); - - if (d == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - - d->num_entries = 0; - ret = get_cell_and_realm (context, d); - if (ret) { - free (d); - return ret; - } - d->filename = strdup (name); - if (d->filename == NULL) { - free (d->cell); - free (d->realm); - free (d); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - id->data = d; - - return 0; -} - -/* - * cleanup - */ - -static krb5_error_code -akf_close(krb5_context context, krb5_keytab id) -{ - struct akf_data *d = id->data; - - free (d->filename); - free (d->cell); - free (d); - return 0; -} - -/* - * Return filename - */ - -static krb5_error_code -akf_get_name(krb5_context context, - krb5_keytab id, - char *name, - size_t name_sz) -{ - struct akf_data *d = id->data; - - strlcpy (name, d->filename, name_sz); - return 0; -} - -/* - * Init - */ - -static krb5_error_code -akf_start_seq_get(krb5_context context, - krb5_keytab id, - krb5_kt_cursor *c) -{ - int32_t ret; - struct akf_data *d = id->data; - - c->fd = open (d->filename, O_RDONLY|O_BINARY, 0600); - if (c->fd < 0) { - ret = errno; - krb5_set_error_string(context, "open(%s): %s", d->filename, - strerror(ret)); - return ret; - } - - c->sp = krb5_storage_from_fd(c->fd); - ret = krb5_ret_int32(c->sp, &d->num_entries); - if(ret) { - krb5_storage_free(c->sp); - close(c->fd); - krb5_clear_error_string (context); - if(ret == KRB5_KT_END) - return KRB5_KT_NOTFOUND; - return ret; - } - - return 0; -} - -static krb5_error_code -akf_next_entry(krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry, - krb5_kt_cursor *cursor) -{ - struct akf_data *d = id->data; - int32_t kvno; - off_t pos; - int ret; - - pos = krb5_storage_seek(cursor->sp, 0, SEEK_CUR); - - if ((pos - 4) / (4 + 8) >= d->num_entries) - return KRB5_KT_END; - - ret = krb5_make_principal (context, &entry->principal, - d->realm, "afs", d->cell, NULL); - if (ret) - goto out; - - ret = krb5_ret_int32(cursor->sp, &kvno); - if (ret) { - krb5_free_principal (context, entry->principal); - goto out; - } - - entry->vno = kvno; - - entry->keyblock.keytype = ETYPE_DES_CBC_MD5; - entry->keyblock.keyvalue.length = 8; - entry->keyblock.keyvalue.data = malloc (8); - if (entry->keyblock.keyvalue.data == NULL) { - krb5_free_principal (context, entry->principal); - krb5_set_error_string (context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - - ret = krb5_storage_read(cursor->sp, entry->keyblock.keyvalue.data, 8); - if(ret != 8) - ret = (ret < 0) ? errno : KRB5_KT_END; - else - ret = 0; - - entry->timestamp = time(NULL); - - out: - krb5_storage_seek(cursor->sp, pos + 4 + 8, SEEK_SET); - return ret; -} - -static krb5_error_code -akf_end_seq_get(krb5_context context, - krb5_keytab id, - krb5_kt_cursor *cursor) -{ - krb5_storage_free(cursor->sp); - close(cursor->fd); - return 0; -} - -static krb5_error_code -akf_add_entry(krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry) -{ - struct akf_data *d = id->data; - int fd, created = 0; - krb5_error_code ret; - int32_t len; - krb5_storage *sp; - - - if (entry->keyblock.keyvalue.length != 8) - return 0; - switch(entry->keyblock.keytype) { - case ETYPE_DES_CBC_CRC: - case ETYPE_DES_CBC_MD4: - case ETYPE_DES_CBC_MD5: - break; - default: - return 0; - } - - fd = open (d->filename, O_RDWR | O_BINARY); - if (fd < 0) { - fd = open (d->filename, - O_RDWR | O_BINARY | O_CREAT | O_EXCL, 0600); - if (fd < 0) { - ret = errno; - krb5_set_error_string(context, "open(%s): %s", d->filename, - strerror(ret)); - return ret; - } - created = 1; - } - - sp = krb5_storage_from_fd(fd); - if(sp == NULL) { - close(fd); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - if (created) - len = 0; - else { - if(krb5_storage_seek(sp, 0, SEEK_SET) < 0) { - ret = errno; - krb5_storage_free(sp); - close(fd); - krb5_set_error_string (context, "seek: %s", strerror(ret)); - return ret; - } - - ret = krb5_ret_int32(sp, &len); - if(ret) { - krb5_storage_free(sp); - close(fd); - return ret; - } - } - - /* - * Make sure we don't add the entry twice, assumes the DES - * encryption types are all the same key. - */ - if (len > 0) { - int32_t kvno; - int i; - - for (i = 0; i < len; i++) { - ret = krb5_ret_int32(sp, &kvno); - if (ret) { - krb5_set_error_string (context, "Failed to get kvno "); - goto out; - } - if(krb5_storage_seek(sp, 8, SEEK_CUR) < 0) { - krb5_set_error_string (context, "seek: %s", strerror(ret)); - goto out; - } - if (kvno == entry->vno) { - ret = 0; - goto out; - } - } - } - - len++; - - if(krb5_storage_seek(sp, 0, SEEK_SET) < 0) { - ret = errno; - krb5_set_error_string (context, "seek: %s", strerror(ret)); - goto out; - } - - ret = krb5_store_int32(sp, len); - if(ret) { - krb5_set_error_string(context, "keytab keyfile failed new length"); - return ret; - } - - if(krb5_storage_seek(sp, (len - 1) * (8 + 4), SEEK_CUR) < 0) { - ret = errno; - krb5_set_error_string (context, "seek to end: %s", strerror(ret)); - goto out; - } - - ret = krb5_store_int32(sp, entry->vno); - if(ret) { - krb5_set_error_string(context, "keytab keyfile failed store kvno"); - goto out; - } - ret = krb5_storage_write(sp, entry->keyblock.keyvalue.data, - entry->keyblock.keyvalue.length); - if(ret != entry->keyblock.keyvalue.length) { - if (ret < 0) - ret = errno; - else - ret = ENOTTY; - krb5_set_error_string(context, "keytab keyfile failed to add key"); - goto out; - } - ret = 0; -out: - krb5_storage_free(sp); - close (fd); - return ret; -} - -const krb5_kt_ops krb5_akf_ops = { - "AFSKEYFILE", - akf_resolve, - akf_get_name, - akf_close, - NULL, /* get */ - akf_start_seq_get, - akf_next_entry, - akf_end_seq_get, - akf_add_entry, - NULL /* remove */ -}; diff --git a/crypto/heimdal/lib/krb5/keytab_krb4.c b/crypto/heimdal/lib/krb5/keytab_krb4.c deleted file mode 100644 index 907836c144f7..000000000000 --- a/crypto/heimdal/lib/krb5/keytab_krb4.c +++ /dev/null @@ -1,448 +0,0 @@ -/* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: keytab_krb4.c 17046 2006-04-10 17:10:53Z lha $"); - -struct krb4_kt_data { - char *filename; -}; - -static krb5_error_code -krb4_kt_resolve(krb5_context context, const char *name, krb5_keytab id) -{ - struct krb4_kt_data *d; - - d = malloc (sizeof(*d)); - if (d == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - d->filename = strdup (name); - if (d->filename == NULL) { - free(d); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - id->data = d; - return 0; -} - -static krb5_error_code -krb4_kt_get_name (krb5_context context, - krb5_keytab id, - char *name, - size_t name_sz) -{ - struct krb4_kt_data *d = id->data; - - strlcpy (name, d->filename, name_sz); - return 0; -} - -static krb5_error_code -krb4_kt_close (krb5_context context, - krb5_keytab id) -{ - struct krb4_kt_data *d = id->data; - - free (d->filename); - free (d); - return 0; -} - -struct krb4_cursor_extra_data { - krb5_keytab_entry entry; - int num; -}; - -static int -open_flock(const char *filename, int flags, int mode) -{ - int lock_mode; - int tries = 0; - int fd = open(filename, flags, mode); - if(fd < 0) - return fd; - if((flags & O_ACCMODE) == O_RDONLY) - lock_mode = LOCK_SH | LOCK_NB; - else - lock_mode = LOCK_EX | LOCK_NB; - while(flock(fd, lock_mode) < 0) { - if(++tries < 5) { - sleep(1); - } else { - close(fd); - return -1; - } - } - return fd; -} - - - -static krb5_error_code -krb4_kt_start_seq_get_int (krb5_context context, - krb5_keytab id, - int flags, - krb5_kt_cursor *c) -{ - struct krb4_kt_data *d = id->data; - struct krb4_cursor_extra_data *ed; - int ret; - - ed = malloc (sizeof(*ed)); - if (ed == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - ed->entry.principal = NULL; - ed->num = -1; - c->data = ed; - c->fd = open_flock (d->filename, flags, 0); - if (c->fd < 0) { - ret = errno; - free (ed); - krb5_set_error_string(context, "open(%s): %s", d->filename, - strerror(ret)); - return ret; - } - c->sp = krb5_storage_from_fd(c->fd); - if(c->sp == NULL) { - close(c->fd); - free(ed); - return ENOMEM; - } - krb5_storage_set_eof_code(c->sp, KRB5_KT_END); - return 0; -} - -static krb5_error_code -krb4_kt_start_seq_get (krb5_context context, - krb5_keytab id, - krb5_kt_cursor *c) -{ - return krb4_kt_start_seq_get_int (context, id, O_BINARY | O_RDONLY, c); -} - -static krb5_error_code -read_v4_entry (krb5_context context, - struct krb4_kt_data *d, - krb5_kt_cursor *c, - struct krb4_cursor_extra_data *ed) -{ - unsigned char des_key[8]; - krb5_error_code ret; - char *service, *instance, *realm; - int8_t kvno; - - ret = krb5_ret_stringz(c->sp, &service); - if (ret) - return ret; - ret = krb5_ret_stringz(c->sp, &instance); - if (ret) { - free (service); - return ret; - } - ret = krb5_ret_stringz(c->sp, &realm); - if (ret) { - free (service); - free (instance); - return ret; - } - ret = krb5_425_conv_principal (context, service, instance, realm, - &ed->entry.principal); - free (service); - free (instance); - free (realm); - if (ret) - return ret; - ret = krb5_ret_int8(c->sp, &kvno); - if (ret) { - krb5_free_principal (context, ed->entry.principal); - return ret; - } - ret = krb5_storage_read(c->sp, des_key, sizeof(des_key)); - if (ret < 0) { - krb5_free_principal(context, ed->entry.principal); - return ret; - } - if (ret < 8) { - krb5_free_principal(context, ed->entry.principal); - return EINVAL; - } - ed->entry.vno = kvno; - ret = krb5_data_copy (&ed->entry.keyblock.keyvalue, - des_key, sizeof(des_key)); - if (ret) - return ret; - ed->entry.timestamp = time(NULL); - ed->num = 0; - return 0; -} - -static krb5_error_code -krb4_kt_next_entry (krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry, - krb5_kt_cursor *c) -{ - krb5_error_code ret; - struct krb4_kt_data *d = id->data; - struct krb4_cursor_extra_data *ed = c->data; - const krb5_enctype keytypes[] = {ETYPE_DES_CBC_MD5, - ETYPE_DES_CBC_MD4, - ETYPE_DES_CBC_CRC}; - - if (ed->num == -1) { - ret = read_v4_entry (context, d, c, ed); - if (ret) - return ret; - } - ret = krb5_kt_copy_entry_contents (context, - &ed->entry, - entry); - if (ret) - return ret; - entry->keyblock.keytype = keytypes[ed->num]; - if (++ed->num == 3) { - krb5_kt_free_entry (context, &ed->entry); - ed->num = -1; - } - return 0; -} - -static krb5_error_code -krb4_kt_end_seq_get (krb5_context context, - krb5_keytab id, - krb5_kt_cursor *c) -{ - struct krb4_cursor_extra_data *ed = c->data; - - krb5_storage_free (c->sp); - if (ed->num != -1) - krb5_kt_free_entry (context, &ed->entry); - free (c->data); - close (c->fd); - return 0; -} - -static krb5_error_code -krb4_store_keytab_entry(krb5_context context, - krb5_keytab_entry *entry, - krb5_storage *sp) -{ - krb5_error_code ret; -#define ANAME_SZ 40 -#define INST_SZ 40 -#define REALM_SZ 40 - char service[ANAME_SZ]; - char instance[INST_SZ]; - char realm[REALM_SZ]; - ret = krb5_524_conv_principal (context, entry->principal, - service, instance, realm); - if (ret) - return ret; - if (entry->keyblock.keyvalue.length == 8 - && entry->keyblock.keytype == ETYPE_DES_CBC_MD5) { - ret = krb5_store_stringz(sp, service); - ret = krb5_store_stringz(sp, instance); - ret = krb5_store_stringz(sp, realm); - ret = krb5_store_int8(sp, entry->vno); - ret = krb5_storage_write(sp, entry->keyblock.keyvalue.data, 8); - } - return 0; -} - -static krb5_error_code -krb4_kt_add_entry (krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry) -{ - struct krb4_kt_data *d = id->data; - krb5_storage *sp; - krb5_error_code ret; - int fd; - - fd = open_flock (d->filename, O_WRONLY | O_APPEND | O_BINARY, 0); - if (fd < 0) { - fd = open_flock (d->filename, - O_WRONLY | O_APPEND | O_BINARY | O_CREAT, 0600); - if (fd < 0) { - ret = errno; - krb5_set_error_string(context, "open(%s): %s", d->filename, - strerror(ret)); - return ret; - } - } - sp = krb5_storage_from_fd(fd); - if(sp == NULL) { - close(fd); - return ENOMEM; - } - krb5_storage_set_eof_code(sp, KRB5_KT_END); - ret = krb4_store_keytab_entry(context, entry, sp); - krb5_storage_free(sp); - if(close (fd) < 0) - return errno; - return ret; -} - -static krb5_error_code -krb4_kt_remove_entry(krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry) -{ - struct krb4_kt_data *d = id->data; - krb5_error_code ret; - krb5_keytab_entry e; - krb5_kt_cursor cursor; - krb5_storage *sp; - int remove_flag = 0; - - sp = krb5_storage_emem(); - if (sp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - ret = krb5_kt_start_seq_get(context, id, &cursor); - if (ret) { - krb5_storage_free(sp); - return ret; - } - while(krb5_kt_next_entry(context, id, &e, &cursor) == 0) { - if(!krb5_kt_compare(context, &e, entry->principal, - entry->vno, entry->keyblock.keytype)) { - ret = krb4_store_keytab_entry(context, &e, sp); - if(ret) { - krb5_kt_free_entry(context, &e); - krb5_storage_free(sp); - return ret; - } - } else - remove_flag = 1; - krb5_kt_free_entry(context, &e); - } - krb5_kt_end_seq_get(context, id, &cursor); - if(remove_flag) { - int fd; - unsigned char buf[1024]; - ssize_t n; - krb5_data data; - struct stat st; - - krb5_storage_to_data(sp, &data); - krb5_storage_free(sp); - - fd = open_flock (d->filename, O_RDWR | O_BINARY, 0); - if(fd < 0) { - memset(data.data, 0, data.length); - krb5_data_free(&data); - if(errno == EACCES || errno == EROFS) - return KRB5_KT_NOWRITE; - return errno; - } - - if(write(fd, data.data, data.length) != data.length) { - memset(data.data, 0, data.length); - krb5_data_free(&data); - close(fd); - krb5_set_error_string(context, "failed writing to \"%s\"", d->filename); - return errno; - } - memset(data.data, 0, data.length); - if(fstat(fd, &st) < 0) { - krb5_data_free(&data); - close(fd); - krb5_set_error_string(context, "failed getting size of \"%s\"", d->filename); - return errno; - } - st.st_size -= data.length; - memset(buf, 0, sizeof(buf)); - while(st.st_size > 0) { - n = min(st.st_size, sizeof(buf)); - n = write(fd, buf, n); - if(n <= 0) { - krb5_data_free(&data); - close(fd); - krb5_set_error_string(context, "failed writing to \"%s\"", d->filename); - return errno; - - } - st.st_size -= n; - } - if(ftruncate(fd, data.length) < 0) { - krb5_data_free(&data); - close(fd); - krb5_set_error_string(context, "failed truncating \"%s\"", d->filename); - return errno; - } - krb5_data_free(&data); - if(close(fd) < 0) { - krb5_set_error_string(context, "error closing \"%s\"", d->filename); - return errno; - } - return 0; - } else { - krb5_storage_free(sp); - return KRB5_KT_NOTFOUND; - } -} - - -const krb5_kt_ops krb4_fkt_ops = { - "krb4", - krb4_kt_resolve, - krb4_kt_get_name, - krb4_kt_close, - NULL, /* get */ - krb4_kt_start_seq_get, - krb4_kt_next_entry, - krb4_kt_end_seq_get, - krb4_kt_add_entry, /* add_entry */ - krb4_kt_remove_entry /* remove_entry */ -}; - -const krb5_kt_ops krb5_srvtab_fkt_ops = { - "SRVTAB", - krb4_kt_resolve, - krb4_kt_get_name, - krb4_kt_close, - NULL, /* get */ - krb4_kt_start_seq_get, - krb4_kt_next_entry, - krb4_kt_end_seq_get, - krb4_kt_add_entry, /* add_entry */ - krb4_kt_remove_entry /* remove_entry */ -}; diff --git a/crypto/heimdal/lib/krb5/keytab_memory.c b/crypto/heimdal/lib/krb5/keytab_memory.c deleted file mode 100644 index 0ad8720c3fb8..000000000000 --- a/crypto/heimdal/lib/krb5/keytab_memory.c +++ /dev/null @@ -1,234 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: keytab_memory.c 16352 2005-12-05 18:39:46Z lha $"); - -/* memory operations -------------------------------------------- */ - -struct mkt_data { - krb5_keytab_entry *entries; - int num_entries; - char *name; - int refcount; - struct mkt_data *next; -}; - -/* this mutex protects mkt_head, ->refcount, and ->next - * content is not protected (name is static and need no protection) - */ -static HEIMDAL_MUTEX mkt_mutex = HEIMDAL_MUTEX_INITIALIZER; -static struct mkt_data *mkt_head; - - -static krb5_error_code -mkt_resolve(krb5_context context, const char *name, krb5_keytab id) -{ - struct mkt_data *d; - - HEIMDAL_MUTEX_lock(&mkt_mutex); - - for (d = mkt_head; d != NULL; d = d->next) - if (strcmp(d->name, name) == 0) - break; - if (d) { - if (d->refcount < 1) - krb5_abortx(context, "Double close on memory keytab, " - "refcount < 1 %d", d->refcount); - d->refcount++; - id->data = d; - HEIMDAL_MUTEX_unlock(&mkt_mutex); - return 0; - } - - d = calloc(1, sizeof(*d)); - if(d == NULL) { - HEIMDAL_MUTEX_unlock(&mkt_mutex); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - d->name = strdup(name); - if (d->name == NULL) { - HEIMDAL_MUTEX_unlock(&mkt_mutex); - free(d); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - d->entries = NULL; - d->num_entries = 0; - d->refcount = 1; - d->next = mkt_head; - mkt_head = d; - HEIMDAL_MUTEX_unlock(&mkt_mutex); - id->data = d; - return 0; -} - -static krb5_error_code -mkt_close(krb5_context context, krb5_keytab id) -{ - struct mkt_data *d = id->data, **dp; - int i; - - HEIMDAL_MUTEX_lock(&mkt_mutex); - if (d->refcount < 1) - krb5_abortx(context, - "krb5 internal error, memory keytab refcount < 1 on close"); - - if (--d->refcount > 0) { - HEIMDAL_MUTEX_unlock(&mkt_mutex); - return 0; - } - for (dp = &mkt_head; *dp != NULL; dp = &(*dp)->next) { - if (*dp == d) { - *dp = d->next; - break; - } - } - HEIMDAL_MUTEX_unlock(&mkt_mutex); - - free(d->name); - for(i = 0; i < d->num_entries; i++) - krb5_kt_free_entry(context, &d->entries[i]); - free(d->entries); - free(d); - return 0; -} - -static krb5_error_code -mkt_get_name(krb5_context context, - krb5_keytab id, - char *name, - size_t namesize) -{ - struct mkt_data *d = id->data; - strlcpy(name, d->name, namesize); - return 0; -} - -static krb5_error_code -mkt_start_seq_get(krb5_context context, - krb5_keytab id, - krb5_kt_cursor *c) -{ - /* XXX */ - c->fd = 0; - return 0; -} - -static krb5_error_code -mkt_next_entry(krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry, - krb5_kt_cursor *c) -{ - struct mkt_data *d = id->data; - if(c->fd >= d->num_entries) - return KRB5_KT_END; - return krb5_kt_copy_entry_contents(context, &d->entries[c->fd++], entry); -} - -static krb5_error_code -mkt_end_seq_get(krb5_context context, - krb5_keytab id, - krb5_kt_cursor *cursor) -{ - return 0; -} - -static krb5_error_code -mkt_add_entry(krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry) -{ - struct mkt_data *d = id->data; - krb5_keytab_entry *tmp; - tmp = realloc(d->entries, (d->num_entries + 1) * sizeof(*d->entries)); - if(tmp == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - d->entries = tmp; - return krb5_kt_copy_entry_contents(context, entry, - &d->entries[d->num_entries++]); -} - -static krb5_error_code -mkt_remove_entry(krb5_context context, - krb5_keytab id, - krb5_keytab_entry *entry) -{ - struct mkt_data *d = id->data; - krb5_keytab_entry *e, *end; - int found = 0; - - if (d->num_entries == 0) { - krb5_clear_error_string(context); - return KRB5_KT_NOTFOUND; - } - - /* do this backwards to minimize copying */ - for(end = d->entries + d->num_entries, e = end - 1; e >= d->entries; e--) { - if(krb5_kt_compare(context, e, entry->principal, - entry->vno, entry->keyblock.keytype)) { - krb5_kt_free_entry(context, e); - memmove(e, e + 1, (end - e - 1) * sizeof(*e)); - memset(end - 1, 0, sizeof(*end)); - d->num_entries--; - end--; - found = 1; - } - } - if (!found) { - krb5_clear_error_string (context); - return KRB5_KT_NOTFOUND; - } - e = realloc(d->entries, d->num_entries * sizeof(*d->entries)); - if(e != NULL || d->num_entries == 0) - d->entries = e; - return 0; -} - -const krb5_kt_ops krb5_mkt_ops = { - "MEMORY", - mkt_resolve, - mkt_get_name, - mkt_close, - NULL, /* get */ - mkt_start_seq_get, - mkt_next_entry, - mkt_end_seq_get, - mkt_add_entry, - mkt_remove_entry -}; diff --git a/crypto/heimdal/lib/krb5/krb5-private.h b/crypto/heimdal/lib/krb5/krb5-private.h deleted file mode 100644 index 7e04446fe07c..000000000000 --- a/crypto/heimdal/lib/krb5/krb5-private.h +++ /dev/null @@ -1,447 +0,0 @@ -/* This is a generated file */ -#ifndef __krb5_private_h__ -#define __krb5_private_h__ - -#include - -void KRB5_LIB_FUNCTION -_krb5_aes_cts_encrypt ( - const unsigned char */*in*/, - unsigned char */*out*/, - size_t /*len*/, - const AES_KEY */*key*/, - unsigned char */*ivec*/, - const int /*encryptp*/); - -krb5_error_code -_krb5_cc_allocate ( - krb5_context /*context*/, - const krb5_cc_ops */*ops*/, - krb5_ccache */*id*/); - -void -_krb5_crc_init_table (void); - -uint32_t -_krb5_crc_update ( - const char */*p*/, - size_t /*len*/, - uint32_t /*res*/); - -krb5_error_code -_krb5_dh_group_ok ( - krb5_context /*context*/, - unsigned long /*bits*/, - heim_integer */*p*/, - heim_integer */*g*/, - heim_integer */*q*/, - struct krb5_dh_moduli **/*moduli*/, - char **/*name*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_enctype_to_oid ( - krb5_context /*context*/, - krb5_enctype /*etype*/, - heim_oid */*oid*/); - -krb5_error_code -_krb5_expand_default_cc_name ( - krb5_context /*context*/, - const char */*str*/, - char **/*res*/); - -int -_krb5_extract_ticket ( - krb5_context /*context*/, - krb5_kdc_rep */*rep*/, - krb5_creds */*creds*/, - krb5_keyblock */*key*/, - krb5_const_pointer /*keyseed*/, - krb5_key_usage /*key_usage*/, - krb5_addresses */*addrs*/, - unsigned /*nonce*/, - unsigned /*flags*/, - krb5_decrypt_proc /*decrypt_proc*/, - krb5_const_pointer /*decryptarg*/); - -void -_krb5_free_krbhst_info (krb5_krbhst_info */*hi*/); - -void -_krb5_free_moduli (struct krb5_dh_moduli **/*moduli*/); - -krb5_error_code -_krb5_get_default_principal_local ( - krb5_context /*context*/, - krb5_principal */*princ*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_get_host_realm_int ( - krb5_context /*context*/, - const char */*host*/, - krb5_boolean /*use_dns*/, - krb5_realm **/*realms*/); - -krb5_error_code -_krb5_get_init_creds_opt_copy ( - krb5_context /*context*/, - const krb5_get_init_creds_opt */*in*/, - krb5_get_init_creds_opt **/*out*/); - -void KRB5_LIB_FUNCTION -_krb5_get_init_creds_opt_free_krb5_error (krb5_get_init_creds_opt */*opt*/); - -void KRB5_LIB_FUNCTION -_krb5_get_init_creds_opt_free_pkinit (krb5_get_init_creds_opt */*opt*/); - -void KRB5_LIB_FUNCTION -_krb5_get_init_creds_opt_set_krb5_error ( - krb5_context /*context*/, - krb5_get_init_creds_opt */*opt*/, - const KRB_ERROR */*error*/); - -krb5_ssize_t KRB5_LIB_FUNCTION -_krb5_get_int ( - void */*buffer*/, - unsigned long */*value*/, - size_t /*size*/); - -krb5_error_code -_krb5_get_krbtgt ( - krb5_context /*context*/, - krb5_ccache /*id*/, - krb5_realm /*realm*/, - krb5_creds **/*cred*/); - -krb5_error_code -_krb5_kcm_chmod ( - krb5_context /*context*/, - krb5_ccache /*id*/, - uint16_t /*mode*/); - -krb5_error_code -_krb5_kcm_chown ( - krb5_context /*context*/, - krb5_ccache /*id*/, - uint32_t /*uid*/, - uint32_t /*gid*/); - -krb5_error_code -_krb5_kcm_get_initial_ticket ( - krb5_context /*context*/, - krb5_ccache /*id*/, - krb5_principal /*server*/, - krb5_keyblock */*key*/); - -krb5_error_code -_krb5_kcm_get_ticket ( - krb5_context /*context*/, - krb5_ccache /*id*/, - krb5_kdc_flags /*flags*/, - krb5_enctype /*enctype*/, - krb5_principal /*server*/); - -krb5_boolean -_krb5_kcm_is_running (krb5_context /*context*/); - -krb5_error_code -_krb5_kcm_noop ( - krb5_context /*context*/, - krb5_ccache /*id*/); - -krb5_error_code -_krb5_kdc_retry ( - krb5_context /*context*/, - krb5_sendto_ctx /*ctx*/, - void */*data*/, - const krb5_data */*reply*/, - int */*action*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_cr_err_reply ( - krb5_context /*context*/, - const char */*name*/, - const char */*inst*/, - const char */*realm*/, - uint32_t /*time_ws*/, - uint32_t /*e*/, - const char */*e_string*/, - krb5_data */*data*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_create_auth_reply ( - krb5_context /*context*/, - const char */*pname*/, - const char */*pinst*/, - const char */*prealm*/, - int32_t /*time_ws*/, - int /*n*/, - uint32_t /*x_date*/, - unsigned char /*kvno*/, - const krb5_data */*cipher*/, - krb5_data */*data*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_create_ciph ( - krb5_context /*context*/, - const krb5_keyblock */*session*/, - const char */*service*/, - const char */*instance*/, - const char */*realm*/, - uint32_t /*life*/, - unsigned char /*kvno*/, - const krb5_data */*ticket*/, - uint32_t /*kdc_time*/, - const krb5_keyblock */*key*/, - krb5_data */*enc_data*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_create_ticket ( - krb5_context /*context*/, - unsigned char /*flags*/, - const char */*pname*/, - const char */*pinstance*/, - const char */*prealm*/, - int32_t /*paddress*/, - const krb5_keyblock */*session*/, - int16_t /*life*/, - int32_t /*life_sec*/, - const char */*sname*/, - const char */*sinstance*/, - const krb5_keyblock */*key*/, - krb5_data */*enc_data*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_decomp_ticket ( - krb5_context /*context*/, - const krb5_data */*enc_ticket*/, - const krb5_keyblock */*key*/, - const char */*local_realm*/, - char **/*sname*/, - char **/*sinstance*/, - struct _krb5_krb_auth_data */*ad*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_dest_tkt ( - krb5_context /*context*/, - const char */*tkfile*/); - -void KRB5_LIB_FUNCTION -_krb5_krb_free_auth_data ( - krb5_context /*context*/, - struct _krb5_krb_auth_data */*ad*/); - -time_t KRB5_LIB_FUNCTION -_krb5_krb_life_to_time ( - int /*start*/, - int /*life_*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_rd_req ( - krb5_context /*context*/, - krb5_data */*authent*/, - const char */*service*/, - const char */*instance*/, - const char */*local_realm*/, - int32_t /*from_addr*/, - const krb5_keyblock */*key*/, - struct _krb5_krb_auth_data */*ad*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_tf_setup ( - krb5_context /*context*/, - struct credentials */*v4creds*/, - const char */*tkfile*/, - int /*append*/); - -int KRB5_LIB_FUNCTION -_krb5_krb_time_to_life ( - time_t /*start*/, - time_t /*end*/); - -krb5_error_code -_krb5_krbhost_info_move ( - krb5_context /*context*/, - krb5_krbhst_info */*from*/, - krb5_krbhst_info **/*to*/); - -krb5_error_code -_krb5_mk_req_internal ( - krb5_context /*context*/, - krb5_auth_context */*auth_context*/, - const krb5_flags /*ap_req_options*/, - krb5_data */*in_data*/, - krb5_creds */*in_creds*/, - krb5_data */*outbuf*/, - krb5_key_usage /*checksum_usage*/, - krb5_key_usage /*encrypt_usage*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_n_fold ( - const void */*str*/, - size_t /*len*/, - void */*key*/, - size_t /*size*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_oid_to_enctype ( - krb5_context /*context*/, - const heim_oid */*oid*/, - krb5_enctype */*etype*/); - -krb5_error_code -_krb5_pac_sign ( - krb5_context /*context*/, - krb5_pac /*p*/, - time_t /*authtime*/, - krb5_principal /*principal*/, - const krb5_keyblock */*server_key*/, - const krb5_keyblock */*priv_key*/, - krb5_data */*data*/); - -krb5_error_code -_krb5_parse_moduli ( - krb5_context /*context*/, - const char */*file*/, - struct krb5_dh_moduli ***/*moduli*/); - -krb5_error_code -_krb5_parse_moduli_line ( - krb5_context /*context*/, - const char */*file*/, - int /*lineno*/, - char */*p*/, - struct krb5_dh_moduli **/*m*/); - -void KRB5_LIB_FUNCTION -_krb5_pk_allow_proxy_certificate ( - struct krb5_pk_identity */*id*/, - int /*boolean*/); - -void KRB5_LIB_FUNCTION -_krb5_pk_cert_free (struct krb5_pk_cert */*cert*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_pk_load_id ( - krb5_context /*context*/, - struct krb5_pk_identity **/*ret_id*/, - const char */*user_id*/, - const char */*anchor_id*/, - char * const */*chain_list*/, - char * const */*revoke_list*/, - krb5_prompter_fct /*prompter*/, - void */*prompter_data*/, - char */*password*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_pk_mk_ContentInfo ( - krb5_context /*context*/, - const krb5_data */*buf*/, - const heim_oid */*oid*/, - struct ContentInfo */*content_info*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_pk_mk_padata ( - krb5_context /*context*/, - void */*c*/, - const KDC_REQ_BODY */*req_body*/, - unsigned /*nonce*/, - METHOD_DATA */*md*/); - -krb5_error_code -_krb5_pk_octetstring2key ( - krb5_context /*context*/, - krb5_enctype /*type*/, - const void */*dhdata*/, - size_t /*dhsize*/, - const heim_octet_string */*c_n*/, - const heim_octet_string */*k_n*/, - krb5_keyblock */*key*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_pk_rd_pa_reply ( - krb5_context /*context*/, - const char */*realm*/, - void */*c*/, - krb5_enctype /*etype*/, - const krb5_krbhst_info */*hi*/, - unsigned /*nonce*/, - const krb5_data */*req_buffer*/, - PA_DATA */*pa*/, - krb5_keyblock **/*key*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_pk_verify_sign ( - krb5_context /*context*/, - const void */*data*/, - size_t /*length*/, - struct krb5_pk_identity */*id*/, - heim_oid */*contentType*/, - krb5_data */*content*/, - struct krb5_pk_cert **/*signer*/); - -krb5_error_code -_krb5_plugin_find ( - krb5_context /*context*/, - enum krb5_plugin_type /*type*/, - const char */*name*/, - struct krb5_plugin **/*list*/); - -void -_krb5_plugin_free (struct krb5_plugin */*list*/); - -struct krb5_plugin * -_krb5_plugin_get_next (struct krb5_plugin */*p*/); - -void * -_krb5_plugin_get_symbol (struct krb5_plugin */*p*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_principal2principalname ( - PrincipalName */*p*/, - const krb5_principal /*from*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_principalname2krb5_principal ( - krb5_context /*context*/, - krb5_principal */*principal*/, - const PrincipalName /*from*/, - const Realm /*realm*/); - -krb5_ssize_t KRB5_LIB_FUNCTION -_krb5_put_int ( - void */*buffer*/, - unsigned long /*value*/, - size_t /*size*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_rd_req_out_ctx_alloc ( - krb5_context /*context*/, - krb5_rd_req_out_ctx */*ctx*/); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_s4u2self_to_checksumdata ( - krb5_context /*context*/, - const PA_S4U2Self */*self*/, - krb5_data */*data*/); - -int -_krb5_send_and_recv_tcp ( - int /*fd*/, - time_t /*tmout*/, - const krb5_data */*req*/, - krb5_data */*rep*/); - -int -_krb5_xlock ( - krb5_context /*context*/, - int /*fd*/, - krb5_boolean /*exclusive*/, - const char */*filename*/); - -int -_krb5_xunlock ( - krb5_context /*context*/, - int /*fd*/); - -#endif /* __krb5_private_h__ */ diff --git a/crypto/heimdal/lib/krb5/krb5-protos.h b/crypto/heimdal/lib/krb5/krb5-protos.h deleted file mode 100644 index 647d8886b7cc..000000000000 --- a/crypto/heimdal/lib/krb5/krb5-protos.h +++ /dev/null @@ -1,4114 +0,0 @@ -/* This is a generated file */ -#ifndef __krb5_protos_h__ -#define __krb5_protos_h__ - -#include - -#if !defined(__GNUC__) && !defined(__attribute__) -#define __attribute__(x) -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -#ifndef KRB5_LIB_FUNCTION -#if defined(_WIN32) -#define KRB5_LIB_FUNCTION _stdcall -#else -#define KRB5_LIB_FUNCTION -#endif -#endif - -krb5_error_code KRB5_LIB_FUNCTION -krb524_convert_creds_kdc ( - krb5_context /*context*/, - krb5_creds */*in_cred*/, - struct credentials */*v4creds*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb524_convert_creds_kdc_ccache ( - krb5_context /*context*/, - krb5_ccache /*ccache*/, - krb5_creds */*in_cred*/, - struct credentials */*v4creds*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_425_conv_principal ( - krb5_context /*context*/, - const char */*name*/, - const char */*instance*/, - const char */*realm*/, - krb5_principal */*princ*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_425_conv_principal_ext ( - krb5_context /*context*/, - const char */*name*/, - const char */*instance*/, - const char */*realm*/, - krb5_boolean (*/*func*/)(krb5_context, krb5_principal), - krb5_boolean /*resolve*/, - krb5_principal */*principal*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_425_conv_principal_ext2 ( - krb5_context /*context*/, - const char */*name*/, - const char */*instance*/, - const char */*realm*/, - krb5_boolean (*/*func*/)(krb5_context, void *, krb5_principal), - void */*funcctx*/, - krb5_boolean /*resolve*/, - krb5_principal */*princ*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_524_conv_principal ( - krb5_context /*context*/, - const krb5_principal /*principal*/, - char */*name*/, - char */*instance*/, - char */*realm*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_abort ( - krb5_context /*context*/, - krb5_error_code /*code*/, - const char */*fmt*/, - ...) - __attribute__ ((noreturn, format (printf, 3, 4))); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_abortx ( - krb5_context /*context*/, - const char */*fmt*/, - ...) - __attribute__ ((noreturn, format (printf, 2, 3))); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_acl_match_file ( - krb5_context /*context*/, - const char */*file*/, - const char */*format*/, - ...); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_acl_match_string ( - krb5_context /*context*/, - const char */*string*/, - const char */*format*/, - ...); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_add_et_list ( - krb5_context /*context*/, - void (*/*func*/)(struct et_list **)); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_add_extra_addresses ( - krb5_context /*context*/, - krb5_addresses */*addresses*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_add_ignore_addresses ( - krb5_context /*context*/, - krb5_addresses */*addresses*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_addlog_dest ( - krb5_context /*context*/, - krb5_log_facility */*f*/, - const char */*orig*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_addlog_func ( - krb5_context /*context*/, - krb5_log_facility */*fac*/, - int /*min*/, - int /*max*/, - krb5_log_log_func_t /*log_func*/, - krb5_log_close_func_t /*close_func*/, - void */*data*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_addr2sockaddr ( - krb5_context /*context*/, - const krb5_address */*addr*/, - struct sockaddr */*sa*/, - krb5_socklen_t */*sa_size*/, - int /*port*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_address_compare ( - krb5_context /*context*/, - const krb5_address */*addr1*/, - const krb5_address */*addr2*/); - -int KRB5_LIB_FUNCTION -krb5_address_order ( - krb5_context /*context*/, - const krb5_address */*addr1*/, - const krb5_address */*addr2*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_address_prefixlen_boundary ( - krb5_context /*context*/, - const krb5_address */*inaddr*/, - unsigned long /*prefixlen*/, - krb5_address */*low*/, - krb5_address */*high*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_address_search ( - krb5_context /*context*/, - const krb5_address */*addr*/, - const krb5_addresses */*addrlist*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_aname_to_localname ( - krb5_context /*context*/, - krb5_const_principal /*aname*/, - size_t /*lnsize*/, - char */*lname*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_anyaddr ( - krb5_context /*context*/, - int /*af*/, - struct sockaddr */*sa*/, - krb5_socklen_t */*sa_size*/, - int /*port*/); - -void KRB5_LIB_FUNCTION -krb5_appdefault_boolean ( - krb5_context /*context*/, - const char */*appname*/, - krb5_const_realm /*realm*/, - const char */*option*/, - krb5_boolean /*def_val*/, - krb5_boolean */*ret_val*/); - -void KRB5_LIB_FUNCTION -krb5_appdefault_string ( - krb5_context /*context*/, - const char */*appname*/, - krb5_const_realm /*realm*/, - const char */*option*/, - const char */*def_val*/, - char **/*ret_val*/); - -void KRB5_LIB_FUNCTION -krb5_appdefault_time ( - krb5_context /*context*/, - const char */*appname*/, - krb5_const_realm /*realm*/, - const char */*option*/, - time_t /*def_val*/, - time_t */*ret_val*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_append_addresses ( - krb5_context /*context*/, - krb5_addresses */*dest*/, - const krb5_addresses */*source*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_addflags ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - int32_t /*addflags*/, - int32_t */*flags*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_free ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_genaddrs ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - int /*fd*/, - int /*flags*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_generatelocalsubkey ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_keyblock */*key*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getaddrs ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_address **/*local_addr*/, - krb5_address **/*remote_addr*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getauthenticator ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_authenticator */*authenticator*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getcksumtype ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_cksumtype */*cksumtype*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getflags ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - int32_t */*flags*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getkey ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_keyblock **/*keyblock*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getkeytype ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_keytype */*keytype*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getlocalseqnumber ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - int32_t */*seqnumber*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getlocalsubkey ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_keyblock **/*keyblock*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getrcache ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_rcache */*rcache*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_getremotesubkey ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_keyblock **/*keyblock*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_init ( - krb5_context /*context*/, - krb5_auth_context */*auth_context*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_removeflags ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - int32_t /*removeflags*/, - int32_t */*flags*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setaddrs ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_address */*local_addr*/, - krb5_address */*remote_addr*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setaddrs_from_fd ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - void */*p_fd*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setcksumtype ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_cksumtype /*cksumtype*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setflags ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - int32_t /*flags*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setkey ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_keyblock */*keyblock*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setkeytype ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_keytype /*keytype*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setlocalseqnumber ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - int32_t /*seqnumber*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setlocalsubkey ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_keyblock */*keyblock*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setrcache ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_rcache /*rcache*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setremoteseqnumber ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - int32_t /*seqnumber*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setremotesubkey ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_keyblock */*keyblock*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_con_setuserkey ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_keyblock */*keyblock*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_auth_getremoteseqnumber ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - int32_t */*seqnumber*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_build_ap_req ( - krb5_context /*context*/, - krb5_enctype /*enctype*/, - krb5_creds */*cred*/, - krb5_flags /*ap_options*/, - krb5_data /*authenticator*/, - krb5_data */*retdata*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_build_authenticator ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_enctype /*enctype*/, - krb5_creds */*cred*/, - Checksum */*cksum*/, - Authenticator **/*auth_result*/, - krb5_data */*result*/, - krb5_key_usage /*usage*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_build_principal ( - krb5_context /*context*/, - krb5_principal */*principal*/, - int /*rlen*/, - krb5_const_realm /*realm*/, - ...); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_build_principal_ext ( - krb5_context /*context*/, - krb5_principal */*principal*/, - int /*rlen*/, - krb5_const_realm /*realm*/, - ...); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_build_principal_va ( - krb5_context /*context*/, - krb5_principal */*principal*/, - int /*rlen*/, - krb5_const_realm /*realm*/, - va_list /*ap*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_build_principal_va_ext ( - krb5_context /*context*/, - krb5_principal */*principal*/, - int /*rlen*/, - krb5_const_realm /*realm*/, - va_list /*ap*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_block_size ( - krb5_context /*context*/, - krb5_enctype /*enctype*/, - size_t */*blocksize*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_checksum_length ( - krb5_context /*context*/, - krb5_cksumtype /*cksumtype*/, - size_t */*length*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_decrypt ( - krb5_context /*context*/, - const krb5_keyblock /*key*/, - krb5_keyusage /*usage*/, - const krb5_data */*ivec*/, - krb5_enc_data */*input*/, - krb5_data */*output*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_encrypt ( - krb5_context /*context*/, - const krb5_keyblock */*key*/, - krb5_keyusage /*usage*/, - const krb5_data */*ivec*/, - const krb5_data */*input*/, - krb5_enc_data */*output*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_encrypt_length ( - krb5_context /*context*/, - krb5_enctype /*enctype*/, - size_t /*inputlen*/, - size_t */*length*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_enctype_compare ( - krb5_context /*context*/, - krb5_enctype /*e1*/, - krb5_enctype /*e2*/, - krb5_boolean */*similar*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_get_checksum ( - krb5_context /*context*/, - const krb5_checksum */*cksum*/, - krb5_cksumtype */*type*/, - krb5_data **/*data*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_c_is_coll_proof_cksum (krb5_cksumtype /*ctype*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_c_is_keyed_cksum (krb5_cksumtype /*ctype*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_keylengths ( - krb5_context /*context*/, - krb5_enctype /*enctype*/, - size_t */*ilen*/, - size_t */*keylen*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_make_checksum ( - krb5_context /*context*/, - krb5_cksumtype /*cksumtype*/, - const krb5_keyblock */*key*/, - krb5_keyusage /*usage*/, - const krb5_data */*input*/, - krb5_checksum */*cksum*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_make_random_key ( - krb5_context /*context*/, - krb5_enctype /*enctype*/, - krb5_keyblock */*random_key*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_prf ( - krb5_context /*context*/, - const krb5_keyblock */*key*/, - const krb5_data */*input*/, - krb5_data */*output*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_prf_length ( - krb5_context /*context*/, - krb5_enctype /*type*/, - size_t */*length*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_set_checksum ( - krb5_context /*context*/, - krb5_checksum */*cksum*/, - krb5_cksumtype /*type*/, - const krb5_data */*data*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_c_valid_cksumtype (krb5_cksumtype /*ctype*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_c_valid_enctype (krb5_enctype /*etype*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_verify_checksum ( - krb5_context /*context*/, - const krb5_keyblock */*key*/, - krb5_keyusage /*usage*/, - const krb5_data */*data*/, - const krb5_checksum */*cksum*/, - krb5_boolean */*valid*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_cache_end_seq_get ( - krb5_context /*context*/, - krb5_cc_cache_cursor /*cursor*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_cache_get_first ( - krb5_context /*context*/, - const char */*type*/, - krb5_cc_cache_cursor */*cursor*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_cache_match ( - krb5_context /*context*/, - krb5_principal /*client*/, - const char */*type*/, - krb5_ccache */*id*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_cache_next ( - krb5_context /*context*/, - krb5_cc_cache_cursor /*cursor*/, - krb5_ccache */*id*/); - -void KRB5_LIB_FUNCTION -krb5_cc_clear_mcred (krb5_creds */*mcred*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_close ( - krb5_context /*context*/, - krb5_ccache /*id*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_copy_cache ( - krb5_context /*context*/, - const krb5_ccache /*from*/, - krb5_ccache /*to*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_copy_cache_match ( - krb5_context /*context*/, - const krb5_ccache /*from*/, - krb5_ccache /*to*/, - krb5_flags /*whichfields*/, - const krb5_creds * /*mcreds*/, - unsigned int */*matched*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_default ( - krb5_context /*context*/, - krb5_ccache */*id*/); - -const char* KRB5_LIB_FUNCTION -krb5_cc_default_name (krb5_context /*context*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_destroy ( - krb5_context /*context*/, - krb5_ccache /*id*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_end_seq_get ( - krb5_context /*context*/, - const krb5_ccache /*id*/, - krb5_cc_cursor */*cursor*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_gen_new ( - krb5_context /*context*/, - const krb5_cc_ops */*ops*/, - krb5_ccache */*id*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_get_full_name ( - krb5_context /*context*/, - krb5_ccache /*id*/, - char **/*str*/); - -const char* KRB5_LIB_FUNCTION -krb5_cc_get_name ( - krb5_context /*context*/, - krb5_ccache /*id*/); - -const krb5_cc_ops * -krb5_cc_get_ops ( - krb5_context /*context*/, - krb5_ccache /*id*/); - -const krb5_cc_ops * -krb5_cc_get_prefix_ops ( - krb5_context /*context*/, - const char */*prefix*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_get_principal ( - krb5_context /*context*/, - krb5_ccache /*id*/, - krb5_principal */*principal*/); - -const char* KRB5_LIB_FUNCTION -krb5_cc_get_type ( - krb5_context /*context*/, - krb5_ccache /*id*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_get_version ( - krb5_context /*context*/, - const krb5_ccache /*id*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_initialize ( - krb5_context /*context*/, - krb5_ccache /*id*/, - krb5_principal /*primary_principal*/); - -krb5_error_code -krb5_cc_move ( - krb5_context /*context*/, - krb5_ccache /*from*/, - krb5_ccache /*to*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_new_unique ( - krb5_context /*context*/, - const char */*type*/, - const char */*hint*/, - krb5_ccache */*id*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_next_cred ( - krb5_context /*context*/, - const krb5_ccache /*id*/, - krb5_cc_cursor */*cursor*/, - krb5_creds */*creds*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_next_cred_match ( - krb5_context /*context*/, - const krb5_ccache /*id*/, - krb5_cc_cursor * /*cursor*/, - krb5_creds * /*creds*/, - krb5_flags /*whichfields*/, - const krb5_creds * /*mcreds*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_register ( - krb5_context /*context*/, - const krb5_cc_ops */*ops*/, - krb5_boolean /*override*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_remove_cred ( - krb5_context /*context*/, - krb5_ccache /*id*/, - krb5_flags /*which*/, - krb5_creds */*cred*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_resolve ( - krb5_context /*context*/, - const char */*name*/, - krb5_ccache */*id*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_retrieve_cred ( - krb5_context /*context*/, - krb5_ccache /*id*/, - krb5_flags /*whichfields*/, - const krb5_creds */*mcreds*/, - krb5_creds */*creds*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_set_default_name ( - krb5_context /*context*/, - const char */*name*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_set_flags ( - krb5_context /*context*/, - krb5_ccache /*id*/, - krb5_flags /*flags*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_start_seq_get ( - krb5_context /*context*/, - const krb5_ccache /*id*/, - krb5_cc_cursor */*cursor*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cc_store_cred ( - krb5_context /*context*/, - krb5_ccache /*id*/, - krb5_creds */*creds*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_change_password ( - krb5_context /*context*/, - krb5_creds */*creds*/, - const char */*newpw*/, - int */*result_code*/, - krb5_data */*result_code_string*/, - krb5_data */*result_string*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_check_transited ( - krb5_context /*context*/, - krb5_const_realm /*client_realm*/, - krb5_const_realm /*server_realm*/, - krb5_realm */*realms*/, - int /*num_realms*/, - int */*bad_realm*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_check_transited_realms ( - krb5_context /*context*/, - const char *const */*realms*/, - int /*num_realms*/, - int */*bad_realm*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_checksum_disable ( - krb5_context /*context*/, - krb5_cksumtype /*type*/); - -void KRB5_LIB_FUNCTION -krb5_checksum_free ( - krb5_context /*context*/, - krb5_checksum */*cksum*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_checksum_is_collision_proof ( - krb5_context /*context*/, - krb5_cksumtype /*type*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_checksum_is_keyed ( - krb5_context /*context*/, - krb5_cksumtype /*type*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_checksumsize ( - krb5_context /*context*/, - krb5_cksumtype /*type*/, - size_t */*size*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_cksumtype_valid ( - krb5_context /*context*/, - krb5_cksumtype /*ctype*/); - -void KRB5_LIB_FUNCTION -krb5_clear_error_string (krb5_context /*context*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_closelog ( - krb5_context /*context*/, - krb5_log_facility */*fac*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_compare_creds ( - krb5_context /*context*/, - krb5_flags /*whichfields*/, - const krb5_creds * /*mcreds*/, - const krb5_creds * /*creds*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_config_file_free ( - krb5_context /*context*/, - krb5_config_section */*s*/); - -void KRB5_LIB_FUNCTION -krb5_config_free_strings (char **/*strings*/); - -const void * -krb5_config_get ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - int /*type*/, - ...); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_config_get_bool ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - ...); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_config_get_bool_default ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - krb5_boolean /*def_value*/, - ...); - -int KRB5_LIB_FUNCTION -krb5_config_get_int ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - ...); - -int KRB5_LIB_FUNCTION -krb5_config_get_int_default ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - int /*def_value*/, - ...); - -const krb5_config_binding * -krb5_config_get_list ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - ...); - -const void * -krb5_config_get_next ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - const krb5_config_binding **/*pointer*/, - int /*type*/, - ...); - -const char* KRB5_LIB_FUNCTION -krb5_config_get_string ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - ...); - -const char* KRB5_LIB_FUNCTION -krb5_config_get_string_default ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - const char */*def_value*/, - ...); - -char** -krb5_config_get_strings ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - ...); - -int KRB5_LIB_FUNCTION -krb5_config_get_time ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - ...); - -int KRB5_LIB_FUNCTION -krb5_config_get_time_default ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - int /*def_value*/, - ...); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_config_parse_file ( - krb5_context /*context*/, - const char */*fname*/, - krb5_config_section **/*res*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_config_parse_file_multi ( - krb5_context /*context*/, - const char */*fname*/, - krb5_config_section **/*res*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_config_parse_string_multi ( - krb5_context /*context*/, - const char */*string*/, - krb5_config_section **/*res*/); - -const void * -krb5_config_vget ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - int /*type*/, - va_list /*args*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_config_vget_bool ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - va_list /*args*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_config_vget_bool_default ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - krb5_boolean /*def_value*/, - va_list /*args*/); - -int KRB5_LIB_FUNCTION -krb5_config_vget_int ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - va_list /*args*/); - -int KRB5_LIB_FUNCTION -krb5_config_vget_int_default ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - int /*def_value*/, - va_list /*args*/); - -const krb5_config_binding * -krb5_config_vget_list ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - va_list /*args*/); - -const void * -krb5_config_vget_next ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - const krb5_config_binding **/*pointer*/, - int /*type*/, - va_list /*args*/); - -const char* KRB5_LIB_FUNCTION -krb5_config_vget_string ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - va_list /*args*/); - -const char* KRB5_LIB_FUNCTION -krb5_config_vget_string_default ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - const char */*def_value*/, - va_list /*args*/); - -char ** KRB5_LIB_FUNCTION -krb5_config_vget_strings ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - va_list /*args*/); - -int KRB5_LIB_FUNCTION -krb5_config_vget_time ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - va_list /*args*/); - -int KRB5_LIB_FUNCTION -krb5_config_vget_time_default ( - krb5_context /*context*/, - const krb5_config_section */*c*/, - int /*def_value*/, - va_list /*args*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_address ( - krb5_context /*context*/, - const krb5_address */*inaddr*/, - krb5_address */*outaddr*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_addresses ( - krb5_context /*context*/, - const krb5_addresses */*inaddr*/, - krb5_addresses */*outaddr*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_checksum ( - krb5_context /*context*/, - const krb5_checksum */*old*/, - krb5_checksum **/*new*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_creds ( - krb5_context /*context*/, - const krb5_creds */*incred*/, - krb5_creds **/*outcred*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_creds_contents ( - krb5_context /*context*/, - const krb5_creds */*incred*/, - krb5_creds */*c*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_data ( - krb5_context /*context*/, - const krb5_data */*indata*/, - krb5_data **/*outdata*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_host_realm ( - krb5_context /*context*/, - const krb5_realm */*from*/, - krb5_realm **/*to*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_keyblock ( - krb5_context /*context*/, - const krb5_keyblock */*inblock*/, - krb5_keyblock **/*to*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_keyblock_contents ( - krb5_context /*context*/, - const krb5_keyblock */*inblock*/, - krb5_keyblock */*to*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_principal ( - krb5_context /*context*/, - krb5_const_principal /*inprinc*/, - krb5_principal */*outprinc*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_ticket ( - krb5_context /*context*/, - const krb5_ticket */*from*/, - krb5_ticket **/*to*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_create_checksum ( - krb5_context /*context*/, - krb5_crypto /*crypto*/, - krb5_key_usage /*usage*/, - int /*type*/, - void */*data*/, - size_t /*len*/, - Checksum */*result*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_crypto_destroy ( - krb5_context /*context*/, - krb5_crypto /*crypto*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_crypto_get_checksum_type ( - krb5_context /*context*/, - krb5_crypto /*crypto*/, - krb5_cksumtype */*type*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_crypto_getblocksize ( - krb5_context /*context*/, - krb5_crypto /*crypto*/, - size_t */*blocksize*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_crypto_getconfoundersize ( - krb5_context /*context*/, - krb5_crypto /*crypto*/, - size_t */*confoundersize*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_crypto_getenctype ( - krb5_context /*context*/, - krb5_crypto /*crypto*/, - krb5_enctype */*enctype*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_crypto_getpadsize ( - krb5_context /*context*/, - krb5_crypto /*crypto*/, - size_t */*padsize*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_crypto_init ( - krb5_context /*context*/, - const krb5_keyblock */*key*/, - krb5_enctype /*etype*/, - krb5_crypto */*crypto*/); - -size_t -krb5_crypto_overhead ( - krb5_context /*context*/, - krb5_crypto /*crypto*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_crypto_prf ( - krb5_context /*context*/, - const krb5_crypto /*crypto*/, - const krb5_data */*input*/, - krb5_data */*output*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_crypto_prf_length ( - krb5_context /*context*/, - krb5_enctype /*type*/, - size_t */*length*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_data_alloc ( - krb5_data */*p*/, - int /*len*/); - -int KRB5_LIB_FUNCTION -krb5_data_cmp ( - const krb5_data */*data1*/, - const krb5_data */*data2*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_data_copy ( - krb5_data */*p*/, - const void */*data*/, - size_t /*len*/); - -void KRB5_LIB_FUNCTION -krb5_data_free (krb5_data */*p*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_data_realloc ( - krb5_data */*p*/, - int /*len*/); - -void KRB5_LIB_FUNCTION -krb5_data_zero (krb5_data */*p*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decode_Authenticator ( - krb5_context /*context*/, - const void */*data*/, - size_t /*length*/, - Authenticator */*t*/, - size_t */*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decode_ETYPE_INFO ( - krb5_context /*context*/, - const void */*data*/, - size_t /*length*/, - ETYPE_INFO */*t*/, - size_t */*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decode_ETYPE_INFO2 ( - krb5_context /*context*/, - const void */*data*/, - size_t /*length*/, - ETYPE_INFO2 */*t*/, - size_t */*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decode_EncAPRepPart ( - krb5_context /*context*/, - const void */*data*/, - size_t /*length*/, - EncAPRepPart */*t*/, - size_t */*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decode_EncASRepPart ( - krb5_context /*context*/, - const void */*data*/, - size_t /*length*/, - EncASRepPart */*t*/, - size_t */*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decode_EncKrbCredPart ( - krb5_context /*context*/, - const void */*data*/, - size_t /*length*/, - EncKrbCredPart */*t*/, - size_t */*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decode_EncTGSRepPart ( - krb5_context /*context*/, - const void */*data*/, - size_t /*length*/, - EncTGSRepPart */*t*/, - size_t */*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decode_EncTicketPart ( - krb5_context /*context*/, - const void */*data*/, - size_t /*length*/, - EncTicketPart */*t*/, - size_t */*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decode_ap_req ( - krb5_context /*context*/, - const krb5_data */*inbuf*/, - krb5_ap_req */*ap_req*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decrypt ( - krb5_context /*context*/, - krb5_crypto /*crypto*/, - unsigned /*usage*/, - void */*data*/, - size_t /*len*/, - krb5_data */*result*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decrypt_EncryptedData ( - krb5_context /*context*/, - krb5_crypto /*crypto*/, - unsigned /*usage*/, - const EncryptedData */*e*/, - krb5_data */*result*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decrypt_ivec ( - krb5_context /*context*/, - krb5_crypto /*crypto*/, - unsigned /*usage*/, - void */*data*/, - size_t /*len*/, - krb5_data */*result*/, - void */*ivec*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decrypt_ticket ( - krb5_context /*context*/, - Ticket */*ticket*/, - krb5_keyblock */*key*/, - EncTicketPart */*out*/, - krb5_flags /*flags*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_derive_key ( - krb5_context /*context*/, - const krb5_keyblock */*key*/, - krb5_enctype /*etype*/, - const void */*constant*/, - size_t /*constant_len*/, - krb5_keyblock **/*derived_key*/); - -krb5_error_code -krb5_digest_alloc ( - krb5_context /*context*/, - krb5_digest */*digest*/); - -void -krb5_digest_free (krb5_digest /*digest*/); - -krb5_error_code -krb5_digest_get_client_binding ( - krb5_context /*context*/, - krb5_digest /*digest*/, - char **/*type*/, - char **/*binding*/); - -const char * -krb5_digest_get_identifier ( - krb5_context /*context*/, - krb5_digest /*digest*/); - -const char * -krb5_digest_get_opaque ( - krb5_context /*context*/, - krb5_digest /*digest*/); - -const char * -krb5_digest_get_rsp ( - krb5_context /*context*/, - krb5_digest /*digest*/); - -const char * -krb5_digest_get_server_nonce ( - krb5_context /*context*/, - krb5_digest /*digest*/); - -krb5_error_code -krb5_digest_get_session_key ( - krb5_context /*context*/, - krb5_digest /*digest*/, - krb5_data */*data*/); - -krb5_error_code -krb5_digest_get_tickets ( - krb5_context /*context*/, - krb5_digest /*digest*/, - Ticket **/*tickets*/); - -krb5_error_code -krb5_digest_init_request ( - krb5_context /*context*/, - krb5_digest /*digest*/, - krb5_realm /*realm*/, - krb5_ccache /*ccache*/); - -krb5_error_code -krb5_digest_probe ( - krb5_context /*context*/, - krb5_realm /*realm*/, - krb5_ccache /*ccache*/, - unsigned */*flags*/); - -krb5_boolean -krb5_digest_rep_get_status ( - krb5_context /*context*/, - krb5_digest /*digest*/); - -krb5_error_code -krb5_digest_request ( - krb5_context /*context*/, - krb5_digest /*digest*/, - krb5_realm /*realm*/, - krb5_ccache /*ccache*/); - -krb5_error_code -krb5_digest_set_authentication_user ( - krb5_context /*context*/, - krb5_digest /*digest*/, - krb5_principal /*authentication_user*/); - -krb5_error_code -krb5_digest_set_authid ( - krb5_context /*context*/, - krb5_digest /*digest*/, - const char */*authid*/); - -krb5_error_code -krb5_digest_set_client_nonce ( - krb5_context /*context*/, - krb5_digest /*digest*/, - const char */*nonce*/); - -krb5_error_code -krb5_digest_set_digest ( - krb5_context /*context*/, - krb5_digest /*digest*/, - const char */*dgst*/); - -krb5_error_code -krb5_digest_set_hostname ( - krb5_context /*context*/, - krb5_digest /*digest*/, - const char */*hostname*/); - -krb5_error_code -krb5_digest_set_identifier ( - krb5_context /*context*/, - krb5_digest /*digest*/, - const char */*id*/); - -krb5_error_code -krb5_digest_set_method ( - krb5_context /*context*/, - krb5_digest /*digest*/, - const char */*method*/); - -krb5_error_code -krb5_digest_set_nonceCount ( - krb5_context /*context*/, - krb5_digest /*digest*/, - const char */*nonce_count*/); - -krb5_error_code -krb5_digest_set_opaque ( - krb5_context /*context*/, - krb5_digest /*digest*/, - const char */*opaque*/); - -krb5_error_code -krb5_digest_set_qop ( - krb5_context /*context*/, - krb5_digest /*digest*/, - const char */*qop*/); - -krb5_error_code -krb5_digest_set_realm ( - krb5_context /*context*/, - krb5_digest /*digest*/, - const char */*realm*/); - -int -krb5_digest_set_responseData ( - krb5_context /*context*/, - krb5_digest /*digest*/, - const char */*response*/); - -krb5_error_code -krb5_digest_set_server_cb ( - krb5_context /*context*/, - krb5_digest /*digest*/, - const char */*type*/, - const char */*binding*/); - -krb5_error_code -krb5_digest_set_server_nonce ( - krb5_context /*context*/, - krb5_digest /*digest*/, - const char */*nonce*/); - -krb5_error_code -krb5_digest_set_type ( - krb5_context /*context*/, - krb5_digest /*digest*/, - const char */*type*/); - -krb5_error_code -krb5_digest_set_uri ( - krb5_context /*context*/, - krb5_digest /*digest*/, - const char */*uri*/); - -krb5_error_code -krb5_digest_set_username ( - krb5_context /*context*/, - krb5_digest /*digest*/, - const char */*username*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_domain_x500_decode ( - krb5_context /*context*/, - krb5_data /*tr*/, - char ***/*realms*/, - int */*num_realms*/, - const char */*client_realm*/, - const char */*server_realm*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_domain_x500_encode ( - char **/*realms*/, - int /*num_realms*/, - krb5_data */*encoding*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_eai_to_heim_errno ( - int /*eai_errno*/, - int /*system_error*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encode_Authenticator ( - krb5_context /*context*/, - void */*data*/, - size_t /*length*/, - Authenticator */*t*/, - size_t */*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encode_ETYPE_INFO ( - krb5_context /*context*/, - void */*data*/, - size_t /*length*/, - ETYPE_INFO */*t*/, - size_t */*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encode_ETYPE_INFO2 ( - krb5_context /*context*/, - void */*data*/, - size_t /*length*/, - ETYPE_INFO2 */*t*/, - size_t */*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encode_EncAPRepPart ( - krb5_context /*context*/, - void */*data*/, - size_t /*length*/, - EncAPRepPart */*t*/, - size_t */*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encode_EncASRepPart ( - krb5_context /*context*/, - void */*data*/, - size_t /*length*/, - EncASRepPart */*t*/, - size_t */*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encode_EncKrbCredPart ( - krb5_context /*context*/, - void */*data*/, - size_t /*length*/, - EncKrbCredPart */*t*/, - size_t */*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encode_EncTGSRepPart ( - krb5_context /*context*/, - void */*data*/, - size_t /*length*/, - EncTGSRepPart */*t*/, - size_t */*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encode_EncTicketPart ( - krb5_context /*context*/, - void */*data*/, - size_t /*length*/, - EncTicketPart */*t*/, - size_t */*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encrypt ( - krb5_context /*context*/, - krb5_crypto /*crypto*/, - unsigned /*usage*/, - const void */*data*/, - size_t /*len*/, - krb5_data */*result*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encrypt_EncryptedData ( - krb5_context /*context*/, - krb5_crypto /*crypto*/, - unsigned /*usage*/, - void */*data*/, - size_t /*len*/, - int /*kvno*/, - EncryptedData */*result*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_encrypt_ivec ( - krb5_context /*context*/, - krb5_crypto /*crypto*/, - unsigned /*usage*/, - const void */*data*/, - size_t /*len*/, - krb5_data */*result*/, - void */*ivec*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_enctype_disable ( - krb5_context /*context*/, - krb5_enctype /*enctype*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_enctype_keybits ( - krb5_context /*context*/, - krb5_enctype /*type*/, - size_t */*keybits*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_enctype_keysize ( - krb5_context /*context*/, - krb5_enctype /*type*/, - size_t */*keysize*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_enctype_to_keytype ( - krb5_context /*context*/, - krb5_enctype /*etype*/, - krb5_keytype */*keytype*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_enctype_to_string ( - krb5_context /*context*/, - krb5_enctype /*etype*/, - char **/*string*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_enctype_valid ( - krb5_context /*context*/, - krb5_enctype /*etype*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_enctypes_compatible_keys ( - krb5_context /*context*/, - krb5_enctype /*etype1*/, - krb5_enctype /*etype2*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_err ( - krb5_context /*context*/, - int /*eval*/, - krb5_error_code /*code*/, - const char */*fmt*/, - ...) - __attribute__ ((noreturn, format (printf, 4, 5))); - -krb5_error_code KRB5_LIB_FUNCTION - __attribute__((deprecated)) krb5_free_creds_contents (krb5_context context, krb5_creds *c); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_error_from_rd_error ( - krb5_context /*context*/, - const krb5_error */*error*/, - const krb5_creds */*creds*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_errx ( - krb5_context /*context*/, - int /*eval*/, - const char */*fmt*/, - ...) - __attribute__ ((noreturn, format (printf, 3, 4))); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_expand_hostname ( - krb5_context /*context*/, - const char */*orig_hostname*/, - char **/*new_hostname*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_expand_hostname_realms ( - krb5_context /*context*/, - const char */*orig_hostname*/, - char **/*new_hostname*/, - char ***/*realms*/); - -PA_DATA * -krb5_find_padata ( - PA_DATA */*val*/, - unsigned /*len*/, - int /*type*/, - int */*idx*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_format_time ( - krb5_context /*context*/, - time_t /*t*/, - char */*s*/, - size_t /*len*/, - krb5_boolean /*include_time*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_free_address ( - krb5_context /*context*/, - krb5_address */*address*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_free_addresses ( - krb5_context /*context*/, - krb5_addresses */*addresses*/); - -void KRB5_LIB_FUNCTION -krb5_free_ap_rep_enc_part ( - krb5_context /*context*/, - krb5_ap_rep_enc_part */*val*/); - -void KRB5_LIB_FUNCTION -krb5_free_authenticator ( - krb5_context /*context*/, - krb5_authenticator */*authenticator*/); - -void KRB5_LIB_FUNCTION -krb5_free_checksum ( - krb5_context /*context*/, - krb5_checksum */*cksum*/); - -void KRB5_LIB_FUNCTION -krb5_free_checksum_contents ( - krb5_context /*context*/, - krb5_checksum */*cksum*/); - -void KRB5_LIB_FUNCTION -krb5_free_config_files (char **/*filenames*/); - -void KRB5_LIB_FUNCTION -krb5_free_context (krb5_context /*context*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_free_cred_contents ( - krb5_context /*context*/, - krb5_creds */*c*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_free_creds ( - krb5_context /*context*/, - krb5_creds */*c*/); - -void KRB5_LIB_FUNCTION -krb5_free_data ( - krb5_context /*context*/, - krb5_data */*p*/); - -void KRB5_LIB_FUNCTION -krb5_free_data_contents ( - krb5_context /*context*/, - krb5_data */*data*/); - -void KRB5_LIB_FUNCTION -krb5_free_error ( - krb5_context /*context*/, - krb5_error */*error*/); - -void KRB5_LIB_FUNCTION -krb5_free_error_contents ( - krb5_context /*context*/, - krb5_error */*error*/); - -void KRB5_LIB_FUNCTION -krb5_free_error_string ( - krb5_context /*context*/, - char */*str*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_free_host_realm ( - krb5_context /*context*/, - krb5_realm */*realmlist*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_free_kdc_rep ( - krb5_context /*context*/, - krb5_kdc_rep */*rep*/); - -void KRB5_LIB_FUNCTION -krb5_free_keyblock ( - krb5_context /*context*/, - krb5_keyblock */*keyblock*/); - -void KRB5_LIB_FUNCTION -krb5_free_keyblock_contents ( - krb5_context /*context*/, - krb5_keyblock */*keyblock*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_free_krbhst ( - krb5_context /*context*/, - char **/*hostlist*/); - -void KRB5_LIB_FUNCTION -krb5_free_principal ( - krb5_context /*context*/, - krb5_principal /*p*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_free_salt ( - krb5_context /*context*/, - krb5_salt /*salt*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_free_ticket ( - krb5_context /*context*/, - krb5_ticket */*ticket*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_fwd_tgt_creds ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - const char */*hostname*/, - krb5_principal /*client*/, - krb5_principal /*server*/, - krb5_ccache /*ccache*/, - int /*forwardable*/, - krb5_data */*out_data*/); - -void KRB5_LIB_FUNCTION -krb5_generate_random_block ( - void */*buf*/, - size_t /*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_generate_random_keyblock ( - krb5_context /*context*/, - krb5_enctype /*type*/, - krb5_keyblock */*key*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_generate_seq_number ( - krb5_context /*context*/, - const krb5_keyblock */*key*/, - uint32_t */*seqno*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_generate_subkey ( - krb5_context /*context*/, - const krb5_keyblock */*key*/, - krb5_keyblock **/*subkey*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_generate_subkey_extended ( - krb5_context /*context*/, - const krb5_keyblock */*key*/, - krb5_enctype /*etype*/, - krb5_keyblock **/*subkey*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_all_client_addrs ( - krb5_context /*context*/, - krb5_addresses */*res*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_all_server_addrs ( - krb5_context /*context*/, - krb5_addresses */*res*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_cred_from_kdc ( - krb5_context /*context*/, - krb5_ccache /*ccache*/, - krb5_creds */*in_creds*/, - krb5_creds **/*out_creds*/, - krb5_creds ***/*ret_tgts*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_cred_from_kdc_opt ( - krb5_context /*context*/, - krb5_ccache /*ccache*/, - krb5_creds */*in_creds*/, - krb5_creds **/*out_creds*/, - krb5_creds ***/*ret_tgts*/, - krb5_flags /*flags*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_credentials ( - krb5_context /*context*/, - krb5_flags /*options*/, - krb5_ccache /*ccache*/, - krb5_creds */*in_creds*/, - krb5_creds **/*out_creds*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_credentials_with_flags ( - krb5_context /*context*/, - krb5_flags /*options*/, - krb5_kdc_flags /*flags*/, - krb5_ccache /*ccache*/, - krb5_creds */*in_creds*/, - krb5_creds **/*out_creds*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_creds ( - krb5_context /*context*/, - krb5_get_creds_opt /*opt*/, - krb5_ccache /*ccache*/, - krb5_const_principal /*inprinc*/, - krb5_creds **/*out_creds*/); - -void KRB5_LIB_FUNCTION -krb5_get_creds_opt_add_options ( - krb5_context /*context*/, - krb5_get_creds_opt /*opt*/, - krb5_flags /*options*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_creds_opt_alloc ( - krb5_context /*context*/, - krb5_get_creds_opt */*opt*/); - -void KRB5_LIB_FUNCTION -krb5_get_creds_opt_free ( - krb5_context /*context*/, - krb5_get_creds_opt /*opt*/); - -void KRB5_LIB_FUNCTION -krb5_get_creds_opt_set_enctype ( - krb5_context /*context*/, - krb5_get_creds_opt /*opt*/, - krb5_enctype /*enctype*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_creds_opt_set_impersonate ( - krb5_context /*context*/, - krb5_get_creds_opt /*opt*/, - krb5_const_principal /*self*/); - -void KRB5_LIB_FUNCTION -krb5_get_creds_opt_set_options ( - krb5_context /*context*/, - krb5_get_creds_opt /*opt*/, - krb5_flags /*options*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_creds_opt_set_ticket ( - krb5_context /*context*/, - krb5_get_creds_opt /*opt*/, - const Ticket */*ticket*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_default_config_files (char ***/*pfilenames*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_default_in_tkt_etypes ( - krb5_context /*context*/, - krb5_enctype **/*etypes*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_default_principal ( - krb5_context /*context*/, - krb5_principal */*princ*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_default_realm ( - krb5_context /*context*/, - krb5_realm */*realm*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_default_realms ( - krb5_context /*context*/, - krb5_realm **/*realms*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_get_dns_canonicalize_hostname (krb5_context /*context*/); - -const char* KRB5_LIB_FUNCTION -krb5_get_err_text ( - krb5_context /*context*/, - krb5_error_code /*code*/); - -char * KRB5_LIB_FUNCTION -krb5_get_error_message ( - krb5_context /*context*/, - krb5_error_code /*code*/); - -char * KRB5_LIB_FUNCTION -krb5_get_error_string (krb5_context /*context*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_extra_addresses ( - krb5_context /*context*/, - krb5_addresses */*addresses*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_fcache_version ( - krb5_context /*context*/, - int */*version*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_forwarded_creds ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_ccache /*ccache*/, - krb5_flags /*flags*/, - const char */*hostname*/, - krb5_creds */*in_creds*/, - krb5_data */*out_data*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_host_realm ( - krb5_context /*context*/, - const char */*targethost*/, - krb5_realm **/*realms*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_ignore_addresses ( - krb5_context /*context*/, - krb5_addresses */*addresses*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_in_cred ( - krb5_context /*context*/, - krb5_flags /*options*/, - const krb5_addresses */*addrs*/, - const krb5_enctype */*etypes*/, - const krb5_preauthtype */*ptypes*/, - const krb5_preauthdata */*preauth*/, - krb5_key_proc /*key_proc*/, - krb5_const_pointer /*keyseed*/, - krb5_decrypt_proc /*decrypt_proc*/, - krb5_const_pointer /*decryptarg*/, - krb5_creds */*creds*/, - krb5_kdc_rep */*ret_as_reply*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_in_tkt ( - krb5_context /*context*/, - krb5_flags /*options*/, - const krb5_addresses */*addrs*/, - const krb5_enctype */*etypes*/, - const krb5_preauthtype */*ptypes*/, - krb5_key_proc /*key_proc*/, - krb5_const_pointer /*keyseed*/, - krb5_decrypt_proc /*decrypt_proc*/, - krb5_const_pointer /*decryptarg*/, - krb5_creds */*creds*/, - krb5_ccache /*ccache*/, - krb5_kdc_rep */*ret_as_reply*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_in_tkt_with_keytab ( - krb5_context /*context*/, - krb5_flags /*options*/, - krb5_addresses */*addrs*/, - const krb5_enctype */*etypes*/, - const krb5_preauthtype */*pre_auth_types*/, - krb5_keytab /*keytab*/, - krb5_ccache /*ccache*/, - krb5_creds */*creds*/, - krb5_kdc_rep */*ret_as_reply*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_in_tkt_with_password ( - krb5_context /*context*/, - krb5_flags /*options*/, - krb5_addresses */*addrs*/, - const krb5_enctype */*etypes*/, - const krb5_preauthtype */*pre_auth_types*/, - const char */*password*/, - krb5_ccache /*ccache*/, - krb5_creds */*creds*/, - krb5_kdc_rep */*ret_as_reply*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_in_tkt_with_skey ( - krb5_context /*context*/, - krb5_flags /*options*/, - krb5_addresses */*addrs*/, - const krb5_enctype */*etypes*/, - const krb5_preauthtype */*pre_auth_types*/, - const krb5_keyblock */*key*/, - krb5_ccache /*ccache*/, - krb5_creds */*creds*/, - krb5_kdc_rep */*ret_as_reply*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds ( - krb5_context /*context*/, - krb5_creds */*creds*/, - krb5_principal /*client*/, - krb5_prompter_fct /*prompter*/, - void */*data*/, - krb5_deltat /*start_time*/, - const char */*in_tkt_service*/, - krb5_get_init_creds_opt */*options*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_keyblock ( - krb5_context /*context*/, - krb5_creds */*creds*/, - krb5_principal /*client*/, - krb5_keyblock */*keyblock*/, - krb5_deltat /*start_time*/, - const char */*in_tkt_service*/, - krb5_get_init_creds_opt */*options*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_keytab ( - krb5_context /*context*/, - krb5_creds */*creds*/, - krb5_principal /*client*/, - krb5_keytab /*keytab*/, - krb5_deltat /*start_time*/, - const char */*in_tkt_service*/, - krb5_get_init_creds_opt */*options*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_alloc ( - krb5_context /*context*/, - krb5_get_init_creds_opt **/*opt*/); - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_free ( - krb5_context /*context*/, - krb5_get_init_creds_opt */*opt*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_get_error ( - krb5_context /*context*/, - krb5_get_init_creds_opt */*opt*/, - KRB_ERROR **/*error*/); - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_init (krb5_get_init_creds_opt */*opt*/); - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_address_list ( - krb5_get_init_creds_opt */*opt*/, - krb5_addresses */*addresses*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_addressless ( - krb5_context /*context*/, - krb5_get_init_creds_opt */*opt*/, - krb5_boolean /*addressless*/); - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_anonymous ( - krb5_get_init_creds_opt */*opt*/, - int /*anonymous*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_canonicalize ( - krb5_context /*context*/, - krb5_get_init_creds_opt */*opt*/, - krb5_boolean /*req*/); - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_default_flags ( - krb5_context /*context*/, - const char */*appname*/, - krb5_const_realm /*realm*/, - krb5_get_init_creds_opt */*opt*/); - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_etype_list ( - krb5_get_init_creds_opt */*opt*/, - krb5_enctype */*etype_list*/, - int /*etype_list_length*/); - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_forwardable ( - krb5_get_init_creds_opt */*opt*/, - int /*forwardable*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_pa_password ( - krb5_context /*context*/, - krb5_get_init_creds_opt */*opt*/, - const char */*password*/, - krb5_s2k_proc /*key_proc*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_pac_request ( - krb5_context /*context*/, - krb5_get_init_creds_opt */*opt*/, - krb5_boolean /*req_pac*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_pkinit ( - krb5_context /*context*/, - krb5_get_init_creds_opt */*opt*/, - krb5_principal /*principal*/, - const char */*user_id*/, - const char */*x509_anchors*/, - char * const * /*pool*/, - char * const * /*pki_revoke*/, - int /*flags*/, - krb5_prompter_fct /*prompter*/, - void */*prompter_data*/, - char */*password*/); - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_preauth_list ( - krb5_get_init_creds_opt */*opt*/, - krb5_preauthtype */*preauth_list*/, - int /*preauth_list_length*/); - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_proxiable ( - krb5_get_init_creds_opt */*opt*/, - int /*proxiable*/); - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_renew_life ( - krb5_get_init_creds_opt */*opt*/, - krb5_deltat /*renew_life*/); - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_salt ( - krb5_get_init_creds_opt */*opt*/, - krb5_data */*salt*/); - -void KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_tkt_life ( - krb5_get_init_creds_opt */*opt*/, - krb5_deltat /*tkt_life*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_win2k ( - krb5_context /*context*/, - krb5_get_init_creds_opt */*opt*/, - krb5_boolean /*req*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_password ( - krb5_context /*context*/, - krb5_creds */*creds*/, - krb5_principal /*client*/, - const char */*password*/, - krb5_prompter_fct /*prompter*/, - void */*data*/, - krb5_deltat /*start_time*/, - const char */*in_tkt_service*/, - krb5_get_init_creds_opt */*in_options*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_kdc_cred ( - krb5_context /*context*/, - krb5_ccache /*id*/, - krb5_kdc_flags /*flags*/, - krb5_addresses */*addresses*/, - Ticket */*second_ticket*/, - krb5_creds */*in_creds*/, - krb5_creds **out_creds ); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_kdc_sec_offset ( - krb5_context /*context*/, - int32_t */*sec*/, - int32_t */*usec*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_krb524hst ( - krb5_context /*context*/, - const krb5_realm */*realm*/, - char ***/*hostlist*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_krb_admin_hst ( - krb5_context /*context*/, - const krb5_realm */*realm*/, - char ***/*hostlist*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_krb_changepw_hst ( - krb5_context /*context*/, - const krb5_realm */*realm*/, - char ***/*hostlist*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_krbhst ( - krb5_context /*context*/, - const krb5_realm */*realm*/, - char ***/*hostlist*/); - -time_t KRB5_LIB_FUNCTION -krb5_get_max_time_skew (krb5_context /*context*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_pw_salt ( - krb5_context /*context*/, - krb5_const_principal /*principal*/, - krb5_salt */*salt*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_renewed_creds ( - krb5_context /*context*/, - krb5_creds */*creds*/, - krb5_const_principal /*client*/, - krb5_ccache /*ccache*/, - const char */*in_tkt_service*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_server_rcache ( - krb5_context /*context*/, - const krb5_data */*piece*/, - krb5_rcache */*id*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_get_use_admin_kdc (krb5_context /*context*/); - -krb5_log_facility * KRB5_LIB_FUNCTION -krb5_get_warn_dest (krb5_context /*context*/); - -size_t -krb5_get_wrapped_length ( - krb5_context /*context*/, - krb5_crypto /*crypto*/, - size_t /*data_len*/); - -int KRB5_LIB_FUNCTION -krb5_getportbyname ( - krb5_context /*context*/, - const char */*service*/, - const char */*proto*/, - int /*default_port*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_h_addr2addr ( - krb5_context /*context*/, - int /*af*/, - const char */*haddr*/, - krb5_address */*addr*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_h_addr2sockaddr ( - krb5_context /*context*/, - int /*af*/, - const char */*addr*/, - struct sockaddr */*sa*/, - krb5_socklen_t */*sa_size*/, - int /*port*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_h_errno_to_heim_errno (int /*eai_errno*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_have_error_string (krb5_context /*context*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_hmac ( - krb5_context /*context*/, - krb5_cksumtype /*cktype*/, - const void */*data*/, - size_t /*len*/, - unsigned /*usage*/, - krb5_keyblock */*key*/, - Checksum */*result*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_init_context (krb5_context */*context*/); - -void KRB5_LIB_FUNCTION -krb5_init_ets (krb5_context /*context*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_init_etype ( - krb5_context /*context*/, - unsigned */*len*/, - krb5_enctype **/*val*/, - const krb5_enctype */*etypes*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_initlog ( - krb5_context /*context*/, - const char */*program*/, - krb5_log_facility **/*fac*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_is_thread_safe (void); - -const krb5_enctype * KRB5_LIB_FUNCTION -krb5_kerberos_enctypes (krb5_context /*context*/); - -krb5_enctype -krb5_keyblock_get_enctype (const krb5_keyblock */*block*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_keyblock_init ( - krb5_context /*context*/, - krb5_enctype /*type*/, - const void */*data*/, - size_t /*size*/, - krb5_keyblock */*key*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_keyblock_key_proc ( - krb5_context /*context*/, - krb5_keytype /*type*/, - krb5_data */*salt*/, - krb5_const_pointer /*keyseed*/, - krb5_keyblock **/*key*/); - -void KRB5_LIB_FUNCTION -krb5_keyblock_zero (krb5_keyblock */*keyblock*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_keytab_key_proc ( - krb5_context /*context*/, - krb5_enctype /*enctype*/, - krb5_salt /*salt*/, - krb5_const_pointer /*keyseed*/, - krb5_keyblock **/*key*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_keytype_to_enctypes ( - krb5_context /*context*/, - krb5_keytype /*keytype*/, - unsigned */*len*/, - krb5_enctype **/*val*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_keytype_to_enctypes_default ( - krb5_context /*context*/, - krb5_keytype /*keytype*/, - unsigned */*len*/, - krb5_enctype **/*val*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_keytype_to_string ( - krb5_context /*context*/, - krb5_keytype /*keytype*/, - char **/*string*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_krbhst_format_string ( - krb5_context /*context*/, - const krb5_krbhst_info */*host*/, - char */*hostname*/, - size_t /*hostlen*/); - -void KRB5_LIB_FUNCTION -krb5_krbhst_free ( - krb5_context /*context*/, - krb5_krbhst_handle /*handle*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_krbhst_get_addrinfo ( - krb5_context /*context*/, - krb5_krbhst_info */*host*/, - struct addrinfo **/*ai*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_krbhst_init ( - krb5_context /*context*/, - const char */*realm*/, - unsigned int /*type*/, - krb5_krbhst_handle */*handle*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_krbhst_init_flags ( - krb5_context /*context*/, - const char */*realm*/, - unsigned int /*type*/, - int /*flags*/, - krb5_krbhst_handle */*handle*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_krbhst_next ( - krb5_context /*context*/, - krb5_krbhst_handle /*handle*/, - krb5_krbhst_info **/*host*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_krbhst_next_as_string ( - krb5_context /*context*/, - krb5_krbhst_handle /*handle*/, - char */*hostname*/, - size_t /*hostlen*/); - -void KRB5_LIB_FUNCTION -krb5_krbhst_reset ( - krb5_context /*context*/, - krb5_krbhst_handle /*handle*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_add_entry ( - krb5_context /*context*/, - krb5_keytab /*id*/, - krb5_keytab_entry */*entry*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_close ( - krb5_context /*context*/, - krb5_keytab /*id*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_kt_compare ( - krb5_context /*context*/, - krb5_keytab_entry */*entry*/, - krb5_const_principal /*principal*/, - krb5_kvno /*vno*/, - krb5_enctype /*enctype*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_copy_entry_contents ( - krb5_context /*context*/, - const krb5_keytab_entry */*in*/, - krb5_keytab_entry */*out*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_default ( - krb5_context /*context*/, - krb5_keytab */*id*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_default_modify_name ( - krb5_context /*context*/, - char */*name*/, - size_t /*namesize*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_default_name ( - krb5_context /*context*/, - char */*name*/, - size_t /*namesize*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_end_seq_get ( - krb5_context /*context*/, - krb5_keytab /*id*/, - krb5_kt_cursor */*cursor*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_free_entry ( - krb5_context /*context*/, - krb5_keytab_entry */*entry*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_get_entry ( - krb5_context /*context*/, - krb5_keytab /*id*/, - krb5_const_principal /*principal*/, - krb5_kvno /*kvno*/, - krb5_enctype /*enctype*/, - krb5_keytab_entry */*entry*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_get_full_name ( - krb5_context /*context*/, - krb5_keytab /*keytab*/, - char **/*str*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_get_name ( - krb5_context /*context*/, - krb5_keytab /*keytab*/, - char */*name*/, - size_t /*namesize*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_get_type ( - krb5_context /*context*/, - krb5_keytab /*keytab*/, - char */*prefix*/, - size_t /*prefixsize*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_next_entry ( - krb5_context /*context*/, - krb5_keytab /*id*/, - krb5_keytab_entry */*entry*/, - krb5_kt_cursor */*cursor*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_read_service_key ( - krb5_context /*context*/, - krb5_pointer /*keyprocarg*/, - krb5_principal /*principal*/, - krb5_kvno /*vno*/, - krb5_enctype /*enctype*/, - krb5_keyblock **/*key*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_register ( - krb5_context /*context*/, - const krb5_kt_ops */*ops*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_remove_entry ( - krb5_context /*context*/, - krb5_keytab /*id*/, - krb5_keytab_entry */*entry*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_resolve ( - krb5_context /*context*/, - const char */*name*/, - krb5_keytab */*id*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_kt_start_seq_get ( - krb5_context /*context*/, - krb5_keytab /*id*/, - krb5_kt_cursor */*cursor*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_kuserok ( - krb5_context /*context*/, - krb5_principal /*principal*/, - const char */*luser*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_log ( - krb5_context /*context*/, - krb5_log_facility */*fac*/, - int /*level*/, - const char */*fmt*/, - ...) - __attribute__((format (printf, 4, 5))); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_log_msg ( - krb5_context /*context*/, - krb5_log_facility */*fac*/, - int /*level*/, - char **/*reply*/, - const char */*fmt*/, - ...) - __attribute__((format (printf, 5, 6))); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_make_addrport ( - krb5_context /*context*/, - krb5_address **/*res*/, - const krb5_address */*addr*/, - int16_t /*port*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_make_principal ( - krb5_context /*context*/, - krb5_principal */*principal*/, - krb5_const_realm /*realm*/, - ...); - -size_t KRB5_LIB_FUNCTION -krb5_max_sockaddr_size (void); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_mk_error ( - krb5_context /*context*/, - krb5_error_code /*error_code*/, - const char */*e_text*/, - const krb5_data */*e_data*/, - const krb5_principal /*client*/, - const krb5_principal /*server*/, - time_t */*client_time*/, - int */*client_usec*/, - krb5_data */*reply*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_mk_priv ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - const krb5_data */*userdata*/, - krb5_data */*outbuf*/, - krb5_replay_data */*outdata*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_mk_rep ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_data */*outbuf*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_mk_req ( - krb5_context /*context*/, - krb5_auth_context */*auth_context*/, - const krb5_flags /*ap_req_options*/, - const char */*service*/, - const char */*hostname*/, - krb5_data */*in_data*/, - krb5_ccache /*ccache*/, - krb5_data */*outbuf*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_mk_req_exact ( - krb5_context /*context*/, - krb5_auth_context */*auth_context*/, - const krb5_flags /*ap_req_options*/, - const krb5_principal /*server*/, - krb5_data */*in_data*/, - krb5_ccache /*ccache*/, - krb5_data */*outbuf*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_mk_req_extended ( - krb5_context /*context*/, - krb5_auth_context */*auth_context*/, - const krb5_flags /*ap_req_options*/, - krb5_data */*in_data*/, - krb5_creds */*in_creds*/, - krb5_data */*outbuf*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_mk_safe ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - const krb5_data */*userdata*/, - krb5_data */*outbuf*/, - krb5_replay_data */*outdata*/); - -krb5_ssize_t KRB5_LIB_FUNCTION -krb5_net_read ( - krb5_context /*context*/, - void */*p_fd*/, - void */*buf*/, - size_t /*len*/); - -krb5_ssize_t KRB5_LIB_FUNCTION -krb5_net_write ( - krb5_context /*context*/, - void */*p_fd*/, - const void */*buf*/, - size_t /*len*/); - -krb5_ssize_t KRB5_LIB_FUNCTION -krb5_net_write_block ( - krb5_context /*context*/, - void */*p_fd*/, - const void */*buf*/, - size_t /*len*/, - time_t /*timeout*/); - -krb5_error_code -krb5_ntlm_alloc ( - krb5_context /*context*/, - krb5_ntlm */*ntlm*/); - -krb5_error_code -krb5_ntlm_free ( - krb5_context /*context*/, - krb5_ntlm /*ntlm*/); - -krb5_error_code -krb5_ntlm_init_get_challange ( - krb5_context /*context*/, - krb5_ntlm /*ntlm*/, - krb5_data */*challange*/); - -krb5_error_code -krb5_ntlm_init_get_flags ( - krb5_context /*context*/, - krb5_ntlm /*ntlm*/, - uint32_t */*flags*/); - -krb5_error_code -krb5_ntlm_init_get_opaque ( - krb5_context /*context*/, - krb5_ntlm /*ntlm*/, - krb5_data */*opaque*/); - -krb5_error_code -krb5_ntlm_init_get_targetinfo ( - krb5_context /*context*/, - krb5_ntlm /*ntlm*/, - krb5_data */*data*/); - -krb5_error_code -krb5_ntlm_init_get_targetname ( - krb5_context /*context*/, - krb5_ntlm /*ntlm*/, - char **/*name*/); - -krb5_error_code -krb5_ntlm_init_request ( - krb5_context /*context*/, - krb5_ntlm /*ntlm*/, - krb5_realm /*realm*/, - krb5_ccache /*ccache*/, - uint32_t /*flags*/, - const char */*hostname*/, - const char */*domainname*/); - -krb5_error_code -krb5_ntlm_rep_get_sessionkey ( - krb5_context /*context*/, - krb5_ntlm /*ntlm*/, - krb5_data */*data*/); - -krb5_boolean -krb5_ntlm_rep_get_status ( - krb5_context /*context*/, - krb5_ntlm /*ntlm*/); - -krb5_error_code -krb5_ntlm_req_set_flags ( - krb5_context /*context*/, - krb5_ntlm /*ntlm*/, - uint32_t /*flags*/); - -krb5_error_code -krb5_ntlm_req_set_lm ( - krb5_context /*context*/, - krb5_ntlm /*ntlm*/, - void */*hash*/, - size_t /*len*/); - -krb5_error_code -krb5_ntlm_req_set_ntlm ( - krb5_context /*context*/, - krb5_ntlm /*ntlm*/, - void */*hash*/, - size_t /*len*/); - -krb5_error_code -krb5_ntlm_req_set_opaque ( - krb5_context /*context*/, - krb5_ntlm /*ntlm*/, - krb5_data */*opaque*/); - -krb5_error_code -krb5_ntlm_req_set_session ( - krb5_context /*context*/, - krb5_ntlm /*ntlm*/, - void */*sessionkey*/, - size_t /*length*/); - -krb5_error_code -krb5_ntlm_req_set_targetname ( - krb5_context /*context*/, - krb5_ntlm /*ntlm*/, - const char */*targetname*/); - -krb5_error_code -krb5_ntlm_req_set_username ( - krb5_context /*context*/, - krb5_ntlm /*ntlm*/, - const char */*username*/); - -krb5_error_code -krb5_ntlm_request ( - krb5_context /*context*/, - krb5_ntlm /*ntlm*/, - krb5_realm /*realm*/, - krb5_ccache /*ccache*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_openlog ( - krb5_context /*context*/, - const char */*program*/, - krb5_log_facility **/*fac*/); - -krb5_error_code -krb5_pac_add_buffer ( - krb5_context /*context*/, - krb5_pac /*p*/, - uint32_t /*type*/, - const krb5_data */*data*/); - -void -krb5_pac_free ( - krb5_context /*context*/, - krb5_pac /*pac*/); - -krb5_error_code -krb5_pac_get_buffer ( - krb5_context /*context*/, - krb5_pac /*p*/, - uint32_t /*type*/, - krb5_data */*data*/); - -krb5_error_code -krb5_pac_get_types ( - krb5_context /*context*/, - krb5_pac /*p*/, - size_t */*len*/, - uint32_t **/*types*/); - -krb5_error_code -krb5_pac_init ( - krb5_context /*context*/, - krb5_pac */*pac*/); - -krb5_error_code -krb5_pac_parse ( - krb5_context /*context*/, - const void */*ptr*/, - size_t /*len*/, - krb5_pac */*pac*/); - -krb5_error_code -krb5_pac_verify ( - krb5_context /*context*/, - const krb5_pac /*pac*/, - time_t /*authtime*/, - krb5_const_principal /*principal*/, - const krb5_keyblock */*server*/, - const krb5_keyblock */*privsvr*/); - -int KRB5_LIB_FUNCTION -krb5_padata_add ( - krb5_context /*context*/, - METHOD_DATA */*md*/, - int /*type*/, - void */*buf*/, - size_t /*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_parse_address ( - krb5_context /*context*/, - const char */*string*/, - krb5_addresses */*addresses*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_parse_name ( - krb5_context /*context*/, - const char */*name*/, - krb5_principal */*principal*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_parse_name_flags ( - krb5_context /*context*/, - const char */*name*/, - int /*flags*/, - krb5_principal */*principal*/); - -krb5_error_code -krb5_parse_nametype ( - krb5_context /*context*/, - const char */*str*/, - int32_t */*nametype*/); - -const char* KRB5_LIB_FUNCTION -krb5_passwd_result_to_string ( - krb5_context /*context*/, - int /*result*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_password_key_proc ( - krb5_context /*context*/, - krb5_enctype /*type*/, - krb5_salt /*salt*/, - krb5_const_pointer /*keyseed*/, - krb5_keyblock **/*key*/); - -krb5_error_code -krb5_plugin_register ( - krb5_context /*context*/, - enum krb5_plugin_type /*type*/, - const char */*name*/, - void */*symbol*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_prepend_config_files ( - const char */*filelist*/, - char **/*pq*/, - char ***/*ret_pp*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_prepend_config_files_default ( - const char */*filelist*/, - char ***/*pfilenames*/); - -krb5_realm * KRB5_LIB_FUNCTION -krb5_princ_realm ( - krb5_context /*context*/, - krb5_principal /*principal*/); - -void KRB5_LIB_FUNCTION -krb5_princ_set_realm ( - krb5_context /*context*/, - krb5_principal /*principal*/, - krb5_realm */*realm*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_principal_compare ( - krb5_context /*context*/, - krb5_const_principal /*princ1*/, - krb5_const_principal /*princ2*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_principal_compare_any_realm ( - krb5_context /*context*/, - krb5_const_principal /*princ1*/, - krb5_const_principal /*princ2*/); - -const char* KRB5_LIB_FUNCTION -krb5_principal_get_comp_string ( - krb5_context /*context*/, - krb5_const_principal /*principal*/, - unsigned int /*component*/); - -const char* KRB5_LIB_FUNCTION -krb5_principal_get_realm ( - krb5_context /*context*/, - krb5_const_principal /*principal*/); - -int KRB5_LIB_FUNCTION -krb5_principal_get_type ( - krb5_context /*context*/, - krb5_const_principal /*principal*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_principal_match ( - krb5_context /*context*/, - krb5_const_principal /*princ*/, - krb5_const_principal /*pattern*/); - -void KRB5_LIB_FUNCTION -krb5_principal_set_type ( - krb5_context /*context*/, - krb5_principal /*principal*/, - int /*type*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_print_address ( - const krb5_address */*addr*/, - char */*str*/, - size_t /*len*/, - size_t */*ret_len*/); - -int KRB5_LIB_FUNCTION -krb5_program_setup ( - krb5_context */*context*/, - int /*argc*/, - char **/*argv*/, - struct getargs */*args*/, - int /*num_args*/, - void (*/*usage*/)(int, struct getargs*, int)); - -int KRB5_LIB_FUNCTION -krb5_prompter_posix ( - krb5_context /*context*/, - void */*data*/, - const char */*name*/, - const char */*banner*/, - int /*num_prompts*/, - krb5_prompt prompts[]); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_random_to_key ( - krb5_context /*context*/, - krb5_enctype /*type*/, - const void */*data*/, - size_t /*size*/, - krb5_keyblock */*key*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_close ( - krb5_context /*context*/, - krb5_rcache /*id*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_default ( - krb5_context /*context*/, - krb5_rcache */*id*/); - -const char* KRB5_LIB_FUNCTION -krb5_rc_default_name (krb5_context /*context*/); - -const char* KRB5_LIB_FUNCTION -krb5_rc_default_type (krb5_context /*context*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_destroy ( - krb5_context /*context*/, - krb5_rcache /*id*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_expunge ( - krb5_context /*context*/, - krb5_rcache /*id*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_get_lifespan ( - krb5_context /*context*/, - krb5_rcache /*id*/, - krb5_deltat */*auth_lifespan*/); - -const char* KRB5_LIB_FUNCTION -krb5_rc_get_name ( - krb5_context /*context*/, - krb5_rcache /*id*/); - -const char* KRB5_LIB_FUNCTION -krb5_rc_get_type ( - krb5_context /*context*/, - krb5_rcache /*id*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_initialize ( - krb5_context /*context*/, - krb5_rcache /*id*/, - krb5_deltat /*auth_lifespan*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_recover ( - krb5_context /*context*/, - krb5_rcache /*id*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_resolve ( - krb5_context /*context*/, - krb5_rcache /*id*/, - const char */*name*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_resolve_full ( - krb5_context /*context*/, - krb5_rcache */*id*/, - const char */*string_name*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_resolve_type ( - krb5_context /*context*/, - krb5_rcache */*id*/, - const char */*type*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_store ( - krb5_context /*context*/, - krb5_rcache /*id*/, - krb5_donot_replay */*rep*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_cred ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_data */*in_data*/, - krb5_creds ***/*ret_creds*/, - krb5_replay_data */*outdata*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_cred2 ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - krb5_ccache /*ccache*/, - krb5_data */*in_data*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_error ( - krb5_context /*context*/, - const krb5_data */*msg*/, - KRB_ERROR */*result*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_priv ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - const krb5_data */*inbuf*/, - krb5_data */*outbuf*/, - krb5_replay_data */*outdata*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_rep ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - const krb5_data */*inbuf*/, - krb5_ap_rep_enc_part **/*repl*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req ( - krb5_context /*context*/, - krb5_auth_context */*auth_context*/, - const krb5_data */*inbuf*/, - krb5_const_principal /*server*/, - krb5_keytab /*keytab*/, - krb5_flags */*ap_req_options*/, - krb5_ticket **/*ticket*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_ctx ( - krb5_context /*context*/, - krb5_auth_context */*auth_context*/, - const krb5_data */*inbuf*/, - krb5_const_principal /*server*/, - krb5_rd_req_in_ctx /*inctx*/, - krb5_rd_req_out_ctx */*outctx*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_in_ctx_alloc ( - krb5_context /*context*/, - krb5_rd_req_in_ctx */*ctx*/); - -void KRB5_LIB_FUNCTION -krb5_rd_req_in_ctx_free ( - krb5_context /*context*/, - krb5_rd_req_in_ctx /*ctx*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_in_set_keyblock ( - krb5_context /*context*/, - krb5_rd_req_in_ctx /*in*/, - krb5_keyblock */*keyblock*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_in_set_keytab ( - krb5_context /*context*/, - krb5_rd_req_in_ctx /*in*/, - krb5_keytab /*keytab*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_in_set_pac_check ( - krb5_context /*context*/, - krb5_rd_req_in_ctx /*in*/, - krb5_boolean /*flag*/); - -void KRB5_LIB_FUNCTION -krb5_rd_req_out_ctx_free ( - krb5_context /*context*/, - krb5_rd_req_out_ctx /*ctx*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_out_get_ap_req_options ( - krb5_context /*context*/, - krb5_rd_req_out_ctx /*out*/, - krb5_flags */*ap_req_options*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_out_get_keyblock ( - krb5_context /*context*/, - krb5_rd_req_out_ctx /*out*/, - krb5_keyblock **/*keyblock*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_out_get_ticket ( - krb5_context /*context*/, - krb5_rd_req_out_ctx /*out*/, - krb5_ticket **/*ticket*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_with_keyblock ( - krb5_context /*context*/, - krb5_auth_context */*auth_context*/, - const krb5_data */*inbuf*/, - krb5_const_principal /*server*/, - krb5_keyblock */*keyblock*/, - krb5_flags */*ap_req_options*/, - krb5_ticket **/*ticket*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_safe ( - krb5_context /*context*/, - krb5_auth_context /*auth_context*/, - const krb5_data */*inbuf*/, - krb5_data */*outbuf*/, - krb5_replay_data */*outdata*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_read_message ( - krb5_context /*context*/, - krb5_pointer /*p_fd*/, - krb5_data */*data*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_read_priv_message ( - krb5_context /*context*/, - krb5_auth_context /*ac*/, - krb5_pointer /*p_fd*/, - krb5_data */*data*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_read_safe_message ( - krb5_context /*context*/, - krb5_auth_context /*ac*/, - krb5_pointer /*p_fd*/, - krb5_data */*data*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_realm_compare ( - krb5_context /*context*/, - krb5_const_principal /*princ1*/, - krb5_const_principal /*princ2*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_recvauth ( - krb5_context /*context*/, - krb5_auth_context */*auth_context*/, - krb5_pointer /*p_fd*/, - const char */*appl_version*/, - krb5_principal /*server*/, - int32_t /*flags*/, - krb5_keytab /*keytab*/, - krb5_ticket **/*ticket*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_recvauth_match_version ( - krb5_context /*context*/, - krb5_auth_context */*auth_context*/, - krb5_pointer /*p_fd*/, - krb5_boolean (*/*match_appl_version*/)(const void *, const char*), - const void */*match_data*/, - krb5_principal /*server*/, - int32_t /*flags*/, - krb5_keytab /*keytab*/, - krb5_ticket **/*ticket*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_address ( - krb5_storage */*sp*/, - krb5_address */*adr*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_addrs ( - krb5_storage */*sp*/, - krb5_addresses */*adr*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_authdata ( - krb5_storage */*sp*/, - krb5_authdata */*auth*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_creds ( - krb5_storage */*sp*/, - krb5_creds */*creds*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_creds_tag ( - krb5_storage */*sp*/, - krb5_creds */*creds*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_data ( - krb5_storage */*sp*/, - krb5_data */*data*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_int16 ( - krb5_storage */*sp*/, - int16_t */*value*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_int32 ( - krb5_storage */*sp*/, - int32_t */*value*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_int8 ( - krb5_storage */*sp*/, - int8_t */*value*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_keyblock ( - krb5_storage */*sp*/, - krb5_keyblock */*p*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_principal ( - krb5_storage */*sp*/, - krb5_principal */*princ*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_string ( - krb5_storage */*sp*/, - char **/*string*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_stringnl ( - krb5_storage */*sp*/, - char **/*string*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_stringz ( - krb5_storage */*sp*/, - char **/*string*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_times ( - krb5_storage */*sp*/, - krb5_times */*times*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_uint16 ( - krb5_storage */*sp*/, - uint16_t */*value*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_uint32 ( - krb5_storage */*sp*/, - uint32_t */*value*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_uint8 ( - krb5_storage */*sp*/, - uint8_t */*value*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_salttype_to_string ( - krb5_context /*context*/, - krb5_enctype /*etype*/, - krb5_salttype /*stype*/, - char **/*string*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_sendauth ( - krb5_context /*context*/, - krb5_auth_context */*auth_context*/, - krb5_pointer /*p_fd*/, - const char */*appl_version*/, - krb5_principal /*client*/, - krb5_principal /*server*/, - krb5_flags /*ap_req_options*/, - krb5_data */*in_data*/, - krb5_creds */*in_creds*/, - krb5_ccache /*ccache*/, - krb5_error **/*ret_error*/, - krb5_ap_rep_enc_part **/*rep_result*/, - krb5_creds **/*out_creds*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_sendto ( - krb5_context /*context*/, - const krb5_data */*send_data*/, - krb5_krbhst_handle /*handle*/, - krb5_data */*receive*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_sendto_context ( - krb5_context /*context*/, - krb5_sendto_ctx /*ctx*/, - const krb5_data */*send_data*/, - const krb5_realm /*realm*/, - krb5_data */*receive*/); - -void KRB5_LIB_FUNCTION -krb5_sendto_ctx_add_flags ( - krb5_sendto_ctx /*ctx*/, - int /*flags*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_sendto_ctx_alloc ( - krb5_context /*context*/, - krb5_sendto_ctx */*ctx*/); - -void KRB5_LIB_FUNCTION -krb5_sendto_ctx_free ( - krb5_context /*context*/, - krb5_sendto_ctx /*ctx*/); - -int KRB5_LIB_FUNCTION -krb5_sendto_ctx_get_flags (krb5_sendto_ctx /*ctx*/); - -void KRB5_LIB_FUNCTION -krb5_sendto_ctx_set_func ( - krb5_sendto_ctx /*ctx*/, - krb5_sendto_ctx_func /*func*/, - void */*data*/); - -void KRB5_LIB_FUNCTION -krb5_sendto_ctx_set_type ( - krb5_sendto_ctx /*ctx*/, - int /*type*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_sendto_kdc ( - krb5_context /*context*/, - const krb5_data */*send_data*/, - const krb5_realm */*realm*/, - krb5_data */*receive*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_sendto_kdc_flags ( - krb5_context /*context*/, - const krb5_data */*send_data*/, - const krb5_realm */*realm*/, - krb5_data */*receive*/, - int /*flags*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_config_files ( - krb5_context /*context*/, - char **/*filenames*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_default_in_tkt_etypes ( - krb5_context /*context*/, - const krb5_enctype */*etypes*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_default_realm ( - krb5_context /*context*/, - const char */*realm*/); - -void KRB5_LIB_FUNCTION -krb5_set_dns_canonicalize_hostname ( - krb5_context /*context*/, - krb5_boolean /*flag*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_error_string ( - krb5_context /*context*/, - const char */*fmt*/, - ...) - __attribute__((format (printf, 2, 3))); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_extra_addresses ( - krb5_context /*context*/, - const krb5_addresses */*addresses*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_fcache_version ( - krb5_context /*context*/, - int /*version*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_ignore_addresses ( - krb5_context /*context*/, - const krb5_addresses */*addresses*/); - -void KRB5_LIB_FUNCTION -krb5_set_max_time_skew ( - krb5_context /*context*/, - time_t /*t*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_password ( - krb5_context /*context*/, - krb5_creds */*creds*/, - const char */*newpw*/, - krb5_principal /*targprinc*/, - int */*result_code*/, - krb5_data */*result_code_string*/, - krb5_data */*result_string*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_password_using_ccache ( - krb5_context /*context*/, - krb5_ccache /*ccache*/, - const char */*newpw*/, - krb5_principal /*targprinc*/, - int */*result_code*/, - krb5_data */*result_code_string*/, - krb5_data */*result_string*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_real_time ( - krb5_context /*context*/, - krb5_timestamp /*sec*/, - int32_t /*usec*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_send_to_kdc_func ( - krb5_context /*context*/, - krb5_send_to_kdc_func /*func*/, - void */*data*/); - -void KRB5_LIB_FUNCTION -krb5_set_use_admin_kdc ( - krb5_context /*context*/, - krb5_boolean /*flag*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_warn_dest ( - krb5_context /*context*/, - krb5_log_facility */*fac*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_sname_to_principal ( - krb5_context /*context*/, - const char */*hostname*/, - const char */*sname*/, - int32_t /*type*/, - krb5_principal */*ret_princ*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_sock_to_principal ( - krb5_context /*context*/, - int /*sock*/, - const char */*sname*/, - int32_t /*type*/, - krb5_principal */*ret_princ*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_sockaddr2address ( - krb5_context /*context*/, - const struct sockaddr */*sa*/, - krb5_address */*addr*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_sockaddr2port ( - krb5_context /*context*/, - const struct sockaddr */*sa*/, - int16_t */*port*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_sockaddr_uninteresting (const struct sockaddr */*sa*/); - -void KRB5_LIB_FUNCTION -krb5_std_usage ( - int /*code*/, - struct getargs */*args*/, - int /*num_args*/); - -void KRB5_LIB_FUNCTION -krb5_storage_clear_flags ( - krb5_storage */*sp*/, - krb5_flags /*flags*/); - -krb5_storage * KRB5_LIB_FUNCTION -krb5_storage_emem (void); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_storage_free (krb5_storage */*sp*/); - -krb5_storage * KRB5_LIB_FUNCTION -krb5_storage_from_data (krb5_data */*data*/); - -krb5_storage * KRB5_LIB_FUNCTION -krb5_storage_from_fd (int /*fd*/); - -krb5_storage * KRB5_LIB_FUNCTION -krb5_storage_from_mem ( - void */*buf*/, - size_t /*len*/); - -krb5_storage * KRB5_LIB_FUNCTION -krb5_storage_from_readonly_mem ( - const void */*buf*/, - size_t /*len*/); - -krb5_flags KRB5_LIB_FUNCTION -krb5_storage_get_byteorder ( - krb5_storage */*sp*/, - krb5_flags /*byteorder*/); - -krb5_boolean KRB5_LIB_FUNCTION -krb5_storage_is_flags ( - krb5_storage */*sp*/, - krb5_flags /*flags*/); - -krb5_ssize_t KRB5_LIB_FUNCTION -krb5_storage_read ( - krb5_storage */*sp*/, - void */*buf*/, - size_t /*len*/); - -off_t KRB5_LIB_FUNCTION -krb5_storage_seek ( - krb5_storage */*sp*/, - off_t /*offset*/, - int /*whence*/); - -void KRB5_LIB_FUNCTION -krb5_storage_set_byteorder ( - krb5_storage */*sp*/, - krb5_flags /*byteorder*/); - -void KRB5_LIB_FUNCTION -krb5_storage_set_eof_code ( - krb5_storage */*sp*/, - int /*code*/); - -void KRB5_LIB_FUNCTION -krb5_storage_set_flags ( - krb5_storage */*sp*/, - krb5_flags /*flags*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_storage_to_data ( - krb5_storage */*sp*/, - krb5_data */*data*/); - -krb5_ssize_t KRB5_LIB_FUNCTION -krb5_storage_write ( - krb5_storage */*sp*/, - const void */*buf*/, - size_t /*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_address ( - krb5_storage */*sp*/, - krb5_address /*p*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_addrs ( - krb5_storage */*sp*/, - krb5_addresses /*p*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_authdata ( - krb5_storage */*sp*/, - krb5_authdata /*auth*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_creds ( - krb5_storage */*sp*/, - krb5_creds */*creds*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_creds_tag ( - krb5_storage */*sp*/, - krb5_creds */*creds*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_data ( - krb5_storage */*sp*/, - krb5_data /*data*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_int16 ( - krb5_storage */*sp*/, - int16_t /*value*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_int32 ( - krb5_storage */*sp*/, - int32_t /*value*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_int8 ( - krb5_storage */*sp*/, - int8_t /*value*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_keyblock ( - krb5_storage */*sp*/, - krb5_keyblock /*p*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_principal ( - krb5_storage */*sp*/, - krb5_const_principal /*p*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_string ( - krb5_storage */*sp*/, - const char */*s*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_stringnl ( - krb5_storage */*sp*/, - const char */*s*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_stringz ( - krb5_storage */*sp*/, - const char */*s*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_times ( - krb5_storage */*sp*/, - krb5_times /*times*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_uint16 ( - krb5_storage */*sp*/, - uint16_t /*value*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_uint32 ( - krb5_storage */*sp*/, - uint32_t /*value*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_uint8 ( - krb5_storage */*sp*/, - uint8_t /*value*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_deltat ( - const char */*string*/, - krb5_deltat */*deltat*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_enctype ( - krb5_context /*context*/, - const char */*string*/, - krb5_enctype */*etype*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key ( - krb5_context /*context*/, - krb5_enctype /*enctype*/, - const char */*password*/, - krb5_principal /*principal*/, - krb5_keyblock */*key*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key_data ( - krb5_context /*context*/, - krb5_enctype /*enctype*/, - krb5_data /*password*/, - krb5_principal /*principal*/, - krb5_keyblock */*key*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key_data_salt ( - krb5_context /*context*/, - krb5_enctype /*enctype*/, - krb5_data /*password*/, - krb5_salt /*salt*/, - krb5_keyblock */*key*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key_data_salt_opaque ( - krb5_context /*context*/, - krb5_enctype /*enctype*/, - krb5_data /*password*/, - krb5_salt /*salt*/, - krb5_data /*opaque*/, - krb5_keyblock */*key*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key_derived ( - krb5_context /*context*/, - const void */*str*/, - size_t /*len*/, - krb5_enctype /*etype*/, - krb5_keyblock */*key*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key_salt ( - krb5_context /*context*/, - krb5_enctype /*enctype*/, - const char */*password*/, - krb5_salt /*salt*/, - krb5_keyblock */*key*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_key_salt_opaque ( - krb5_context /*context*/, - krb5_enctype /*enctype*/, - const char */*password*/, - krb5_salt /*salt*/, - krb5_data /*opaque*/, - krb5_keyblock */*key*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_keytype ( - krb5_context /*context*/, - const char */*string*/, - krb5_keytype */*keytype*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_salttype ( - krb5_context /*context*/, - krb5_enctype /*etype*/, - const char */*string*/, - krb5_salttype */*salttype*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ticket_get_authorization_data_type ( - krb5_context /*context*/, - krb5_ticket */*ticket*/, - int /*type*/, - krb5_data */*data*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ticket_get_client ( - krb5_context /*context*/, - const krb5_ticket */*ticket*/, - krb5_principal */*client*/); - -time_t KRB5_LIB_FUNCTION -krb5_ticket_get_endtime ( - krb5_context /*context*/, - const krb5_ticket */*ticket*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ticket_get_server ( - krb5_context /*context*/, - const krb5_ticket */*ticket*/, - krb5_principal */*server*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_timeofday ( - krb5_context /*context*/, - krb5_timestamp */*timeret*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_unparse_name ( - krb5_context /*context*/, - krb5_const_principal /*principal*/, - char **/*name*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_unparse_name_fixed ( - krb5_context /*context*/, - krb5_const_principal /*principal*/, - char */*name*/, - size_t /*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_unparse_name_fixed_flags ( - krb5_context /*context*/, - krb5_const_principal /*principal*/, - int /*flags*/, - char */*name*/, - size_t /*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_unparse_name_fixed_short ( - krb5_context /*context*/, - krb5_const_principal /*principal*/, - char */*name*/, - size_t /*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_unparse_name_flags ( - krb5_context /*context*/, - krb5_const_principal /*principal*/, - int /*flags*/, - char **/*name*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_unparse_name_short ( - krb5_context /*context*/, - krb5_const_principal /*principal*/, - char **/*name*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_us_timeofday ( - krb5_context /*context*/, - krb5_timestamp */*sec*/, - int32_t */*usec*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_vabort ( - krb5_context /*context*/, - krb5_error_code /*code*/, - const char */*fmt*/, - va_list /*ap*/) - __attribute__ ((noreturn, format (printf, 3, 0))); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_vabortx ( - krb5_context /*context*/, - const char */*fmt*/, - va_list /*ap*/) - __attribute__ ((noreturn, format (printf, 2, 0))); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_verify_ap_req ( - krb5_context /*context*/, - krb5_auth_context */*auth_context*/, - krb5_ap_req */*ap_req*/, - krb5_const_principal /*server*/, - krb5_keyblock */*keyblock*/, - krb5_flags /*flags*/, - krb5_flags */*ap_req_options*/, - krb5_ticket **/*ticket*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_verify_ap_req2 ( - krb5_context /*context*/, - krb5_auth_context */*auth_context*/, - krb5_ap_req */*ap_req*/, - krb5_const_principal /*server*/, - krb5_keyblock */*keyblock*/, - krb5_flags /*flags*/, - krb5_flags */*ap_req_options*/, - krb5_ticket **/*ticket*/, - krb5_key_usage /*usage*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_verify_authenticator_checksum ( - krb5_context /*context*/, - krb5_auth_context /*ac*/, - void */*data*/, - size_t /*len*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_verify_checksum ( - krb5_context /*context*/, - krb5_crypto /*crypto*/, - krb5_key_usage /*usage*/, - void */*data*/, - size_t /*len*/, - Checksum */*cksum*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_verify_init_creds ( - krb5_context /*context*/, - krb5_creds */*creds*/, - krb5_principal /*ap_req_server*/, - krb5_keytab /*ap_req_keytab*/, - krb5_ccache */*ccache*/, - krb5_verify_init_creds_opt */*options*/); - -void KRB5_LIB_FUNCTION -krb5_verify_init_creds_opt_init (krb5_verify_init_creds_opt */*options*/); - -void KRB5_LIB_FUNCTION -krb5_verify_init_creds_opt_set_ap_req_nofail ( - krb5_verify_init_creds_opt */*options*/, - int /*ap_req_nofail*/); - -int KRB5_LIB_FUNCTION -krb5_verify_opt_alloc ( - krb5_context /*context*/, - krb5_verify_opt **/*opt*/); - -void KRB5_LIB_FUNCTION -krb5_verify_opt_free (krb5_verify_opt */*opt*/); - -void KRB5_LIB_FUNCTION -krb5_verify_opt_init (krb5_verify_opt */*opt*/); - -void KRB5_LIB_FUNCTION -krb5_verify_opt_set_ccache ( - krb5_verify_opt */*opt*/, - krb5_ccache /*ccache*/); - -void KRB5_LIB_FUNCTION -krb5_verify_opt_set_flags ( - krb5_verify_opt */*opt*/, - unsigned int /*flags*/); - -void KRB5_LIB_FUNCTION -krb5_verify_opt_set_keytab ( - krb5_verify_opt */*opt*/, - krb5_keytab /*keytab*/); - -void KRB5_LIB_FUNCTION -krb5_verify_opt_set_secure ( - krb5_verify_opt */*opt*/, - krb5_boolean /*secure*/); - -void KRB5_LIB_FUNCTION -krb5_verify_opt_set_service ( - krb5_verify_opt */*opt*/, - const char */*service*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_verify_user ( - krb5_context /*context*/, - krb5_principal /*principal*/, - krb5_ccache /*ccache*/, - const char */*password*/, - krb5_boolean /*secure*/, - const char */*service*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_verify_user_lrealm ( - krb5_context /*context*/, - krb5_principal /*principal*/, - krb5_ccache /*ccache*/, - const char */*password*/, - krb5_boolean /*secure*/, - const char */*service*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_verify_user_opt ( - krb5_context /*context*/, - krb5_principal /*principal*/, - const char */*password*/, - krb5_verify_opt */*opt*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_verr ( - krb5_context /*context*/, - int /*eval*/, - krb5_error_code /*code*/, - const char */*fmt*/, - va_list /*ap*/) - __attribute__ ((noreturn, format (printf, 4, 0))); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_verrx ( - krb5_context /*context*/, - int /*eval*/, - const char */*fmt*/, - va_list /*ap*/) - __attribute__ ((noreturn, format (printf, 3, 0))); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_vlog ( - krb5_context /*context*/, - krb5_log_facility */*fac*/, - int /*level*/, - const char */*fmt*/, - va_list /*ap*/) - __attribute__((format (printf, 4, 0))); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_vlog_msg ( - krb5_context /*context*/, - krb5_log_facility */*fac*/, - char **/*reply*/, - int /*level*/, - const char */*fmt*/, - va_list /*ap*/) - __attribute__((format (printf, 5, 0))); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_vset_error_string ( - krb5_context /*context*/, - const char */*fmt*/, - va_list /*args*/) - __attribute__ ((format (printf, 2, 0))); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_vwarn ( - krb5_context /*context*/, - krb5_error_code /*code*/, - const char */*fmt*/, - va_list /*ap*/) - __attribute__ ((format (printf, 3, 0))); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_vwarnx ( - krb5_context /*context*/, - const char */*fmt*/, - va_list /*ap*/) - __attribute__ ((format (printf, 2, 0))); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_warn ( - krb5_context /*context*/, - krb5_error_code /*code*/, - const char */*fmt*/, - ...) - __attribute__ ((format (printf, 3, 4))); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_warnx ( - krb5_context /*context*/, - const char */*fmt*/, - ...) - __attribute__ ((format (printf, 2, 3))); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_write_message ( - krb5_context /*context*/, - krb5_pointer /*p_fd*/, - krb5_data */*data*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_write_priv_message ( - krb5_context /*context*/, - krb5_auth_context /*ac*/, - krb5_pointer /*p_fd*/, - krb5_data */*data*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_write_safe_message ( - krb5_context /*context*/, - krb5_auth_context /*ac*/, - krb5_pointer /*p_fd*/, - krb5_data */*data*/); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_xfree (void */*ptr*/); - -#ifdef __cplusplus -} -#endif - -#endif /* __krb5_protos_h__ */ diff --git a/crypto/heimdal/lib/krb5/krb5-v4compat.h b/crypto/heimdal/lib/krb5/krb5-v4compat.h deleted file mode 100644 index dfd7e944607f..000000000000 --- a/crypto/heimdal/lib/krb5/krb5-v4compat.h +++ /dev/null @@ -1,132 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: krb5-v4compat.h 21575 2007-07-16 07:44:54Z lha $ */ - -#ifndef __KRB5_V4COMPAT_H__ -#define __KRB5_V4COMPAT_H__ - -#include "krb_err.h" - -/* - * This file must only be included with v4 compat glue stuff in - * heimdal sources. - * - * It MUST NOT be installed. - */ - -#define KRB_PROT_VERSION 4 - -#define AUTH_MSG_KDC_REQUEST (1<<1) -#define AUTH_MSG_KDC_REPLY (2<<1) -#define AUTH_MSG_APPL_REQUEST (3<<1) -#define AUTH_MSG_APPL_REQUEST_MUTUAL (4<<1) -#define AUTH_MSG_ERR_REPLY (5<<1) -#define AUTH_MSG_PRIVATE (6<<1) -#define AUTH_MSG_SAFE (7<<1) -#define AUTH_MSG_APPL_ERR (8<<1) -#define AUTH_MSG_KDC_FORWARD (9<<1) -#define AUTH_MSG_KDC_RENEW (10<<1) -#define AUTH_MSG_DIE (63<<1) - -/* General definitions */ -#define KSUCCESS 0 -#define KFAILURE 255 - -/* */ - -#define MAX_KTXT_LEN 1250 - -#define ANAME_SZ 40 -#define REALM_SZ 40 -#define SNAME_SZ 40 -#define INST_SZ 40 - -struct ktext { - unsigned int length; /* Length of the text */ - unsigned char dat[MAX_KTXT_LEN]; /* The data itself */ - uint32_t mbz; /* zero to catch runaway strings */ -}; - -struct credentials { - char service[ANAME_SZ]; /* Service name */ - char instance[INST_SZ]; /* Instance */ - char realm[REALM_SZ]; /* Auth domain */ - char session[8]; /* Session key */ - int lifetime; /* Lifetime */ - int kvno; /* Key version number */ - struct ktext ticket_st; /* The ticket itself */ - int32_t issue_date; /* The issue time */ - char pname[ANAME_SZ]; /* Principal's name */ - char pinst[INST_SZ]; /* Principal's instance */ -}; - -#define TKTLIFENUMFIXED 64 -#define TKTLIFEMINFIXED 0x80 -#define TKTLIFEMAXFIXED 0xBF -#define TKTLIFENOEXPIRE 0xFF -#define MAXTKTLIFETIME (30*24*3600) /* 30 days */ -#ifndef NEVERDATE -#define NEVERDATE ((time_t)0x7fffffffL) -#endif - -#define KERB_ERR_NULL_KEY 10 - -#define CLOCK_SKEW 5*60 - -#ifndef TKT_ROOT -#define TKT_ROOT "/tmp/tkt" -#endif - -struct _krb5_krb_auth_data { - int8_t k_flags; /* Flags from ticket */ - char *pname; /* Principal's name */ - char *pinst; /* His Instance */ - char *prealm; /* His Realm */ - uint32_t checksum; /* Data checksum (opt) */ - krb5_keyblock session; /* Session Key */ - unsigned char life; /* Life of ticket */ - uint32_t time_sec; /* Time ticket issued */ - uint32_t address; /* Address in ticket */ -}; - -time_t _krb5_krb_life_to_time (int, int); -int _krb5_krb_time_to_life (time_t, time_t); -krb5_error_code _krb5_krb_tf_setup (krb5_context, struct credentials *, - const char *, int); -krb5_error_code _krb5_krb_dest_tkt(krb5_context, const char *); - -#define krb_time_to_life _krb5_krb_time_to_life -#define krb_life_to_time _krb5_krb_life_to_time - -#endif /* __KRB5_V4COMPAT_H__ */ diff --git a/crypto/heimdal/lib/krb5/krb5.3 b/crypto/heimdal/lib/krb5/krb5.3 deleted file mode 100644 index 3ce8c1fe9c11..000000000000 --- a/crypto/heimdal/lib/krb5/krb5.3 +++ /dev/null @@ -1,526 +0,0 @@ -.\" Copyright (c) 2001, 2003 - 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5.3 18212 2006-10-03 10:39:35Z lha $ -.\" -.Dd May 1, 2006 -.Dt KRB5 3 -.Os -.Sh NAME -.Nm krb5 -.Nd Kerberos 5 library -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Sh DESCRIPTION -These functions constitute the Kerberos 5 library, -.Em libkrb5 . -.Sh LIST OF FUNCTIONS -.sp 2 -.nf -.ta \w'krb5_ticket_get_authorization_data_type.3'u+2n +\w'Description goes here'u -\fIName/Page\fP \fIDescription\fP -.ta \w'krb5_ticket_get_authorization_data_type.3'u+2n +\w'Description goes here'u+6nC -.sp 5p -krb524_convert_creds_kdc.3 -krb524_convert_creds_kdc_cache.3 -krb5_425_conv_principal.3 -krb5_425_conv_principal_ext.3 -krb5_524_conv_principal.3 -krb5_abort.3 -krb5_abortx.3 -krb5_acl_match_file.3 -krb5_acl_match_string.3 -krb5_add_et_list.3 -krb5_add_extra_addresses.3 -krb5_add_ignore_addresses.3 -krb5_addlog_dest.3 -krb5_addlog_func.3 -krb5_addr2sockaddr.3 -krb5_address.3 -krb5_address_compare.3 -krb5_address_order.3 -krb5_address_search.3 -krb5_addresses.3 -krb5_aname_to_localname.3 -krb5_anyaddr.3 -krb5_appdefault_boolean.3 -krb5_appdefault_string.3 -krb5_appdefault_time.3 -krb5_append_addresses.3 -krb5_auth_con_addflags.3 -krb5_auth_con_free.3 -krb5_auth_con_genaddrs.3 -krb5_auth_con_generatelocalsubkey.3 -krb5_auth_con_getaddrs.3 -krb5_auth_con_getauthenticator.3 -krb5_auth_con_getcksumtype.3 -krb5_auth_con_getflags.3 -krb5_auth_con_getkey.3 -krb5_auth_con_getkeytype.3 -krb5_auth_con_getlocalseqnumber.3 -krb5_auth_con_getlocalsubkey.3 -krb5_auth_con_getrcache.3 -krb5_auth_con_getremotesubkey.3 -krb5_auth_con_getuserkey.3 -krb5_auth_con_init.3 -krb5_auth_con_initivector.3 -krb5_auth_con_removeflags.3 -krb5_auth_con_setaddrs.3 -krb5_auth_con_setaddrs_from_fd.3 -krb5_auth_con_setcksumtype.3 -krb5_auth_con_setflags.3 -krb5_auth_con_setivector.3 -krb5_auth_con_setkey.3 -krb5_auth_con_setkeytype.3 -krb5_auth_con_setlocalseqnumber.3 -krb5_auth_con_setlocalsubkey.3 -krb5_auth_con_setrcache.3 -krb5_auth_con_setremoteseqnumber.3 -krb5_auth_con_setremotesubkey.3 -krb5_auth_con_setuserkey.3 -krb5_auth_context.3 -krb5_auth_getremoteseqnumber.3 -krb5_build_principal.3 -krb5_build_principal_ext.3 -krb5_build_principal_va.3 -krb5_build_principal_va_ext.3 -krb5_c_block_size.3 -krb5_c_checksum_length.3 -krb5_c_decrypt.3 -krb5_c_encrypt.3 -krb5_c_encrypt_length.3 -krb5_c_enctype_compare.3 -krb5_c_get_checksum.3 -krb5_c_is_coll_proof_cksum.3 -krb5_c_is_keyed_cksum.3 -krb5_c_make_checksum.3 -krb5_c_make_random_key.3 -krb5_c_set_checksum.3 -krb5_c_valid_cksumtype.3 -krb5_c_valid_enctype.3 -krb5_c_verify_checksum.3 -krb5_cc_cache_end_seq_get.3 -krb5_cc_cache_get_first.3 -krb5_cc_cache_match.3 -krb5_cc_cache_next.3 -krb5_cc_close.3 -krb5_cc_copy_cache.3 -krb5_cc_default.3 -krb5_cc_default_name.3 -krb5_cc_destroy.3 -krb5_cc_end_seq_get.3 -krb5_cc_gen_new.3 -krb5_cc_get_full_name.3 -krb5_cc_get_name.3 -krb5_cc_get_ops.3 -krb5_cc_get_principal.3 -krb5_cc_get_type.3 -krb5_cc_get_version.3 -krb5_cc_initialize.3 -krb5_cc_new_unique.3 -krb5_cc_next_cred.3 -krb5_cc_register.3 -krb5_cc_remove_cred.3 -krb5_cc_resolve.3 -krb5_cc_retrieve_cred.3 -krb5_cc_set_default_name.3 -krb5_cc_set_flags.3 -krb5_cc_store_cred.3 -krb5_change_password.3 -krb5_check_transited.3 -krb5_check_transited_realms.3 -krb5_checksum_disable.3 -krb5_checksum_free.3 -krb5_checksum_is_collision_proof.3 -krb5_checksum_is_keyed.3 -krb5_checksumsize.3 -krb5_clear_error_string.3 -krb5_closelog.3 -krb5_config_file_free.3 -krb5_config_free_strings.3 -krb5_config_get.3 -krb5_config_get_bool.3 -krb5_config_get_bool_default.3 -krb5_config_get_int.3 -krb5_config_get_int_default.3 -krb5_config_get_list.3 -krb5_config_get_next.3 -krb5_config_get_string.3 -krb5_config_get_string_default.3 -krb5_config_get_strings.3 -krb5_config_get_time.3 -krb5_config_get_time_default.3 -krb5_config_parse_file.3 -krb5_config_parse_file_multi.3 -krb5_config_vget.3 -krb5_config_vget_bool.3 -krb5_config_vget_bool_default.3 -krb5_config_vget_int.3 -krb5_config_vget_int_default.3 -krb5_config_vget_list.3 -krb5_config_vget_next.3 -krb5_config_vget_string.3 -krb5_config_vget_string_default.3 -krb5_config_vget_strings.3 -krb5_config_vget_time.3 -krb5_config_vget_time_default.3 -krb5_context.3 -krb5_copy_address.3 -krb5_copy_addresses.3 -krb5_copy_checksum.3 -krb5_copy_data.3 -krb5_copy_host_realm.3 -krb5_copy_keyblock.3 -krb5_copy_keyblock_contents.3 -krb5_copy_principal.3 -krb5_copy_ticket.3 -krb5_create_checksum.3 -krb5_creds.3 -krb5_crypto_destroy.3 -krb5_crypto_get_checksum_type.3 -krb5_crypto_getblocksize.3 -krb5_crypto_getconfoundersize.3 -krb5_crypto_getenctype.3 -krb5_crypto_getpadsize.3 -krb5_crypto_init.3 -krb5_data_alloc.3 -krb5_data_copy.3 -krb5_data_free.3 -krb5_data_realloc.3 -krb5_data_zero.3 -krb5_decrypt.3 -krb5_decrypt_EncryptedData.3 -krb5_digest.3 -krb5_digest_alloc.3 -krb5_digest_free.3 -krb5_digest_get_a1_hash.3 -krb5_digest_get_client_binding.3 -krb5_digest_get_identifier.3 -krb5_digest_get_opaque.3 -krb5_digest_get_responseData.3 -krb5_digest_get_rsp.3 -krb5_digest_get_server_nonce.3 -krb5_digest_get_tickets.3 -krb5_digest_init_request.3 -krb5_digest_request.3 -krb5_digest_set_authentication_user.3 -krb5_digest_set_authid.3 -krb5_digest_set_client_nonce.3 -krb5_digest_set_digest.3 -krb5_digest_set_hostname.3 -krb5_digest_set_identifier.3 -krb5_digest_set_method.3 -krb5_digest_set_nonceCount.3 -krb5_digest_set_opaque.3 -krb5_digest_set_qop.3 -krb5_digest_set_realm.3 -krb5_digest_set_server_cb.3 -krb5_digest_set_server_nonce.3 -krb5_digest_set_type.3 -krb5_digest_set_uri.3 -krb5_digest_set_username.3 -krb5_domain_x500_decode.3 -krb5_domain_x500_encode.3 -krb5_eai_to_heim_errno.3 -krb5_encrypt.3 -krb5_encrypt_EncryptedData.3 -krb5_enctype_disable.3 -krb5_enctype_to_string.3 -krb5_enctype_valid.3 -krb5_err.3 -krb5_errx.3 -krb5_expand_hostname.3 -krb5_expand_hostname_realms.3 -krb5_find_padata.3 -krb5_format_time.3 -krb5_free_address.3 -krb5_free_addresses.3 -krb5_free_authenticator.3 -krb5_free_checksum.3 -krb5_free_checksum_contents.3 -krb5_free_config_files.3 -krb5_free_context.3 -krb5_free_data.3 -krb5_free_data_contents.3 -krb5_free_error_string.3 -krb5_free_host_realm.3 -krb5_free_kdc_rep.3 -krb5_free_keyblock.3 -krb5_free_keyblock_contents.3 -krb5_free_krbhst.3 -krb5_free_principal.3 -krb5_free_salt.3 -krb5_free_ticket.3 -krb5_fwd_tgt_creds.3 -krb5_generate_random_block.3 -krb5_generate_random_keyblock.3 -krb5_generate_subkey.3 -krb5_get_all_client_addrs.3 -krb5_get_all_server_addrs.3 -krb5_get_cred_from_kdc.3 -krb5_get_cred_from_kdc_opt.3 -krb5_get_credentials.3 -krb5_get_credentials_with_flags.3 -krb5_get_default_config_files.3 -krb5_get_default_principal.3 -krb5_get_default_realm.3 -krb5_get_default_realms.3 -krb5_get_err_text.3 -krb5_get_error_message.3 -krb5_get_error_string.3 -krb5_get_extra_addresses.3 -krb5_get_fcache_version.3 -krb5_get_forwarded_creds.3 -krb5_get_host_realm.3 -krb5_get_ignore_addresses.3 -krb5_get_in_cred.3 -krb5_get_in_tkt.3 -krb5_get_in_tkt_with_keytab.3 -krb5_get_in_tkt_with_password.3 -krb5_get_in_tkt_with_skey.3 -krb5_get_init_creds.3 -krb5_get_init_creds_keytab.3 -krb5_get_init_creds_opt_alloc.3 -krb5_get_init_creds_opt_free.3 -krb5_get_init_creds_opt_free_pkinit.3 -krb5_get_init_creds_opt_init.3 -krb5_get_init_creds_opt_set_address_list.3 -krb5_get_init_creds_opt_set_anonymous.3 -krb5_get_init_creds_opt_set_default_flags.3 -krb5_get_init_creds_opt_set_etype_list.3 -krb5_get_init_creds_opt_set_forwardable.3 -krb5_get_init_creds_opt_set_pa_password.3 -krb5_get_init_creds_opt_set_paq_request.3 -krb5_get_init_creds_opt_set_pkinit.3 -krb5_get_init_creds_opt_set_preauth_list.3 -krb5_get_init_creds_opt_set_proxiable.3 -krb5_get_init_creds_opt_set_renew_life.3 -krb5_get_init_creds_opt_set_salt.3 -krb5_get_init_creds_opt_set_tkt_life.3 -krb5_get_init_creds_password.3 -krb5_get_kdc_cred.3 -krb5_get_krb524hst.3 -krb5_get_krb_admin_hst.3 -krb5_get_krb_changepw_hst.3 -krb5_get_krbhst.3 -krb5_get_pw_salt.3 -krb5_get_server_rcache.3 -krb5_get_use_admin_kdc.3 -krb5_get_wrapped_length.3 -krb5_getportbyname.3 -krb5_h_addr2addr.3 -krb5_h_addr2sockaddr.3 -krb5_h_errno_to_heim_errno.3 -krb5_have_error_string.3 -krb5_hmac.3 -krb5_init_context.3 -krb5_init_ets.3 -krb5_initlog.3 -krb5_keyblock_get_enctype.3 -krb5_keyblock_zero.3 -krb5_keytab_entry.3 -krb5_krbhst_format_string.3 -krb5_krbhst_free.3 -krb5_krbhst_get_addrinfo.3 -krb5_krbhst_init.3 -krb5_krbhst_init_flags.3 -krb5_krbhst_next.3 -krb5_krbhst_next_as_string.3 -krb5_krbhst_reset.3 -krb5_kt_add_entry.3 -krb5_kt_close.3 -krb5_kt_compare.3 -krb5_kt_copy_entry_contents.3 -krb5_kt_cursor.3 -krb5_kt_default.3 -krb5_kt_default_modify_name.3 -krb5_kt_default_name.3 -krb5_kt_end_seq_get.3 -krb5_kt_free_entry.3 -krb5_kt_get_entry.3 -krb5_kt_get_name.3 -krb5_kt_get_type.3 -krb5_kt_next_entry.3 -krb5_kt_ops.3 -krb5_kt_read_service_key.3 -krb5_kt_register.3 -krb5_kt_remove_entry.3 -krb5_kt_resolve.3.3 -krb5_kt_start_seq_get -krb5_kuserok.3 -krb5_log.3 -krb5_log_msg.3 -krb5_make_addrport.3 -krb5_make_principal.3 -krb5_max_sockaddr_size.3 -krb5_openlog.3 -krb5_padata_add.3 -krb5_parse_address.3 -krb5_parse_name.3 -krb5_passwd_result_to_string.3 -krb5_password_key_proc.3 -krb5_prepend_config_files.3 -krb5_prepend_config_files_default.3 -krb5_princ_realm.3 -krb5_princ_set_realm.3 -krb5_principal.3 -krb5_principal_compare.3 -krb5_principal_compare_any_realm.3 -krb5_principal_get_comp_string.3 -krb5_principal_get_realm.3 -krb5_principal_get_type.3 -krb5_principal_match.3 -krb5_principal_set_type.3 -krb5_print_address.3 -krb5_rc_close.3 -krb5_rc_default.3 -krb5_rc_default_name.3 -krb5_rc_default_type.3 -krb5_rc_destroy.3 -krb5_rc_expunge.3 -krb5_rc_get_lifespan.3 -krb5_rc_get_name.3 -krb5_rc_get_type.3 -krb5_rc_initialize.3 -krb5_rc_recover.3 -krb5_rc_resolve.3 -krb5_rc_resolve_full.3 -krb5_rc_resolve_type.3 -krb5_rc_store.3 -krb5_rcache.3 -krb5_realm_compare.3 -krb5_ret_address.3 -krb5_ret_addrs.3 -krb5_ret_authdata.3 -krb5_ret_creds.3 -krb5_ret_data.3 -krb5_ret_int16.3 -krb5_ret_int32.3 -krb5_ret_int8.3 -krb5_ret_keyblock.3 -krb5_ret_principal.3 -krb5_ret_string.3 -krb5_ret_stringz.3 -krb5_ret_times.3 -krb5_set_config_files.3 -krb5_set_default_realm.3 -krb5_set_error_string.3 -krb5_set_extra_addresses.3 -krb5_set_fcache_version.3 -krb5_set_ignore_addresses.3 -krb5_set_password.3 -krb5_set_password_using_ccache.3 -krb5_set_real_time.3 -krb5_set_use_admin_kdc.3 -krb5_set_warn_dest.3 -krb5_sname_to_principal.3 -krb5_sock_to_principal.3 -krb5_sockaddr2address.3 -krb5_sockaddr2port.3 -krb5_sockaddr_uninteresting.3 -krb5_storage.3 -krb5_storage_clear_flags.3 -krb5_storage_emem.3 -krb5_storage_free.3 -krb5_storage_from_data.3 -krb5_storage_from_fd.3 -krb5_storage_from_mem.3 -krb5_storage_get_byteorder.3 -krb5_storage_is_flags.3 -krb5_storage_read.3 -krb5_storage_seek.3 -krb5_storage_set_byteorder.3 -krb5_storage_set_eof_code.3 -krb5_storage_set_flags.3 -krb5_storage_to_data.3 -krb5_storage_write.3 -krb5_store_address.3 -krb5_store_addrs.3 -krb5_store_authdata.3 -krb5_store_creds.3 -krb5_store_data.3 -krb5_store_int16.3 -krb5_store_int32.3 -krb5_store_int8.3 -krb5_store_keyblock.3 -krb5_store_principal.3 -krb5_store_string.3 -krb5_store_stringz.3 -krb5_store_times.3 -krb5_string_to_deltat.3 -krb5_string_to_enctype.3 -krb5_string_to_key.3 -krb5_string_to_key_data.3 -krb5_string_to_key_data_salt.3 -krb5_string_to_key_data_salt_opaque.3 -krb5_string_to_key_salt.3 -krb5_string_to_key_salt_opaque.3 -krb5_ticket.3 -krb5_ticket_get_authorization_data_type.3 -krb5_ticket_get_client.3 -krb5_ticket_get_server.3 -krb5_timeofday.3 -krb5_unparse_name.3 -krb5_unparse_name_fixed.3 -krb5_unparse_name_fixed_short.3 -krb5_unparse_name_short.3 -krb5_us_timeofday.3 -krb5_vabort.3 -krb5_vabortx.3 -krb5_verify_checksum.3 -krb5_verify_init_creds.3 -krb5_verify_init_creds_opt_init.3 -krb5_verify_init_creds_opt_set_ap_req_nofail.3 -krb5_verify_opt_init.3 -krb5_verify_opt_set_ccache.3 -krb5_verify_opt_set_flags.3 -krb5_verify_opt_set_keytab.3 -krb5_verify_opt_set_secure.3 -krb5_verify_opt_set_service.3 -krb5_verify_user.3 -krb5_verify_user_lrealm.3 -krb5_verify_user_opt.3 -krb5_verr.3 -krb5_verrx.3 -krb5_vlog.3 -krb5_vlog_msg.3 -krb5_vset_error_string.3 -krb5_vwarn.3 -krb5_vwarnx.3 -krb5_warn.3 -krb5_warnx.3 -.ta -.Fi -.Sh SEE ALSO -.Xr krb5.conf 5 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5.conf.5 b/crypto/heimdal/lib/krb5/krb5.conf.5 deleted file mode 100644 index ceb16a401aa6..000000000000 --- a/crypto/heimdal/lib/krb5/krb5.conf.5 +++ /dev/null @@ -1,530 +0,0 @@ -.\" Copyright (c) 1999 - 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5.conf.5 15514 2005-06-23 18:43:34Z lha $ -.\" -.Dd May 4, 2005 -.Dt KRB5.CONF 5 -.Os HEIMDAL -.Sh NAME -.Nm krb5.conf -.Nd configuration file for Kerberos 5 -.Sh SYNOPSIS -.In krb5.h -.Sh DESCRIPTION -The -.Nm -file specifies several configuration parameters for the Kerberos 5 -library, as well as for some programs. -.Pp -The file consists of one or more sections, containing a number of -bindings. -The value of each binding can be either a string or a list of other -bindings. -The grammar looks like: -.Bd -literal -offset indent -file: - /* empty */ - sections - -sections: - section sections - section - -section: - '[' section_name ']' bindings - -section_name: - STRING - -bindings: - binding bindings - binding - -binding: - name '=' STRING - name '=' '{' bindings '}' - -name: - STRING - -.Ed -.Li STRINGs -consists of one or more non-whitespace characters. -.Pp -STRINGs that are specified later in this man-page uses the following -notation. -.Bl -tag -width "xxx" -offset indent -.It boolean -values can be either yes/true or no/false. -.It time -values can be a list of year, month, day, hour, min, second. -Example: 1 month 2 days 30 min. -If no unit is given, seconds is assumed. -.It etypes -valid encryption types are: des-cbc-crc, des-cbc-md4, des-cbc-md5, -des3-cbc-sha1, arcfour-hmac-md5, aes128-cts-hmac-sha1-96, and -aes256-cts-hmac-sha1-96 . -.It address -an address can be either a IPv4 or a IPv6 address. -.El -.Pp -Currently recognised sections and bindings are: -.Bl -tag -width "xxx" -offset indent -.It Li [appdefaults] -Specifies the default values to be used for Kerberos applications. -You can specify defaults per application, realm, or a combination of -these. -The preference order is: -.Bl -enum -compact -.It -.Va application Va realm Va option -.It -.Va application Va option -.It -.Va realm Va option -.It -.Va option -.El -.Pp -The supported options are: -.Bl -tag -width "xxx" -offset indent -.It Li forwardable = Va boolean -When obtaining initial credentials, make the credentials forwardable. -.It Li proxiable = Va boolean -When obtaining initial credentials, make the credentials proxiable. -.It Li no-addresses = Va boolean -When obtaining initial credentials, request them for an empty set of -addresses, making the tickets valid from any address. -.It Li ticket_lifetime = Va time -Default ticket lifetime. -.It Li renew_lifetime = Va time -Default renewable ticket lifetime. -.It Li encrypt = Va boolean -Use encryption, when available. -.It Li forward = Va boolean -Forward credentials to remote host (for -.Xr rsh 1 , -.Xr telnet 1 , -etc). -.El -.It Li [libdefaults] -.Bl -tag -width "xxx" -offset indent -.It Li default_realm = Va REALM -Default realm to use, this is also known as your -.Dq local realm . -The default is the result of -.Fn krb5_get_host_realm "local hostname" . -.It Li clockskew = Va time -Maximum time differential (in seconds) allowed when comparing -times. -Default is 300 seconds (five minutes). -.It Li kdc_timeout = Va time -Maximum time to wait for a reply from the kdc, default is 3 seconds. -.It Li v4_name_convert -.It Li v4_instance_resolve -These are described in the -.Xr krb5_425_conv_principal 3 -manual page. -.It Li capath = { -.Bl -tag -width "xxx" -offset indent -.It Va destination-realm Li = Va next-hop-realm -.It ... -.It Li } -.El -This is deprecated, see the -.Li capaths -section below. -.It Li default_cc_name = Va ccname -the default credentials cache name. -The string can contain variables that are expanded on runtime. -Only support variable now is -.Li %{uid} -that expands to the current user id. -.It Li default_etypes = Va etypes ... -A list of default encryption types to use. -.It Li default_etypes_des = Va etypes ... -A list of default encryption types to use when requesting a DES credential. -.It Li default_keytab_name = Va keytab -The keytab to use if no other is specified, default is -.Dq FILE:/etc/krb5.keytab . -.It Li dns_lookup_kdc = Va boolean -Use DNS SRV records to lookup KDC services location. -.It Li dns_lookup_realm = Va boolean -Use DNS TXT records to lookup domain to realm mappings. -.It Li kdc_timesync = Va boolean -Try to keep track of the time differential between the local machine -and the KDC, and then compensate for that when issuing requests. -.It Li max_retries = Va number -The max number of times to try to contact each KDC. -.It Li large_msg_size = Va number -The threshold where protocols with tiny maximum message sizes are not -considered usable to send messages to the KDC. -.It Li ticket_lifetime = Va time -Default ticket lifetime. -.It Li renew_lifetime = Va time -Default renewable ticket lifetime. -.It Li forwardable = Va boolean -When obtaining initial credentials, make the credentials forwardable. -This option is also valid in the [realms] section. -.It Li proxiable = Va boolean -When obtaining initial credentials, make the credentials proxiable. -This option is also valid in the [realms] section. -.It Li verify_ap_req_nofail = Va boolean -If enabled, failure to verify credentials against a local key is a -fatal error. -The application has to be able to read the corresponding service key -for this to work. -Some applications, like -.Xr su 1 , -enable this option unconditionally. -.It Li warn_pwexpire = Va time -How soon to warn for expiring password. -Default is seven days. -.It Li http_proxy = Va proxy-spec -A HTTP-proxy to use when talking to the KDC via HTTP. -.It Li dns_proxy = Va proxy-spec -Enable using DNS via HTTP. -.It Li extra_addresses = Va address ... -A list of addresses to get tickets for along with all local addresses. -.It Li time_format = Va string -How to print time strings in logs, this string is passed to -.Xr strftime 3 . -.It Li date_format = Va string -How to print date strings in logs, this string is passed to -.Xr strftime 3 . -.It Li log_utc = Va boolean -Write log-entries using UTC instead of your local time zone. -.It Li scan_interfaces = Va boolean -Scan all network interfaces for addresses, as opposed to simply using -the address associated with the system's host name. -.It Li fcache_version = Va int -Use file credential cache format version specified. -.It Li krb4_get_tickets = Va boolean -Also get Kerberos 4 tickets in -.Nm kinit , -.Nm login , -and other programs. -This option is also valid in the [realms] section. -.It Li fcc-mit-ticketflags = Va boolean -Use MIT compatible format for file credential cache. -It's the field ticketflags that is stored in reverse bit order for -older than Heimdal 0.7. -Setting this flag to -.Dv TRUE -make it store the MIT way, this is default for Heimdal 0.7. -.El -.It Li [domain_realm] -This is a list of mappings from DNS domain to Kerberos realm. -Each binding in this section looks like: -.Pp -.Dl domain = realm -.Pp -The domain can be either a full name of a host or a trailing -component, in the latter case the domain-string should start with a -period. -The trailing component only matches hosts that are in the same domain, ie -.Dq .example.com -matches -.Dq foo.example.com , -but not -.Dq foo.test.example.com . -.Pp -The realm may be the token `dns_locate', in which case the actual -realm will be determined using DNS (independently of the setting -of the `dns_lookup_realm' option). -.It Li [realms] -.Bl -tag -width "xxx" -offset indent -.It Va REALM Li = { -.Bl -tag -width "xxx" -offset indent -.It Li kdc = Va [service/]host[:port] -Specifies a list of kdcs for this realm. -If the optional -.Va port -is absent, the -default value for the -.Dq kerberos/udp -.Dq kerberos/tcp , -and -.Dq http/tcp -port (depending on service) will be used. -The kdcs will be used in the order that they are specified. -.Pp -The optional -.Va service -specifies over what medium the kdc should be -contacted. -Possible services are -.Dq udp , -.Dq tcp , -and -.Dq http . -Http can also be written as -.Dq http:// . -Default service is -.Dq udp -and -.Dq tcp . -.It Li admin_server = Va host[:port] -Specifies the admin server for this realm, where all the modifications -to the database are performed. -.It Li kpasswd_server = Va host[:port] -Points to the server where all the password changes are performed. -If there is no such entry, the kpasswd port on the admin_server host -will be tried. -.It Li krb524_server = Va host[:port] -Points to the server that does 524 conversions. -If it is not mentioned, the krb524 port on the kdcs will be tried. -.It Li v4_instance_convert -.It Li v4_name_convert -.It Li default_domain -See -.Xr krb5_425_conv_principal 3 . -.It Li tgs_require_subkey -a boolan variable that defaults to false. -Old DCE secd (pre 1.1) might need this to be true. -.El -.It Li } -.El -.It Li [capaths] -.Bl -tag -width "xxx" -offset indent -.It Va client-realm Li = { -.Bl -tag -width "xxx" -offset indent -.It Va server-realm Li = Va hop-realm ... -This serves two purposes. First the first listed -.Va hop-realm -tells a client which realm it should contact in order to ultimately -obtain credentials for a service in the -.Va server-realm . -Secondly, it tells the KDC (and other servers) which realms are -allowed in a multi-hop traversal from -.Va client-realm -to -.Va server-realm . -Except for the client case, the order of the realms are not important. -.El -.It Va } -.El -.It Li [logging] -.Bl -tag -width "xxx" -offset indent -.It Va entity Li = Va destination -Specifies that -.Va entity -should use the specified -.Li destination -for logging. -See the -.Xr krb5_openlog 3 -manual page for a list of defined destinations. -.El -.It Li [kdc] -.Bl -tag -width "xxx" -offset indent -.It Li database Li = { -.Bl -tag -width "xxx" -offset indent -.It Li dbname Li = Va DATABASENAME -Use this database for this realm. -See the info documetation how to configure diffrent database backends. -.It Li realm Li = Va REALM -Specifies the realm that will be stored in this database. -It realm isn't set, it will used as the default database, there can -only be one entry that doesn't have a -.Li realm -stanza. -.It Li mkey_file Li = Pa FILENAME -Use this keytab file for the master key of this database. -If not specified -.Va DATABASENAME Ns .mkey -will be used. -.It Li acl_file Li = PA FILENAME -Use this file for the ACL list of this database. -.It Li log_file Li = Pa FILENAME -Use this file as the log of changes performed to the database. -This file is used by -.Nm ipropd-master -for propagating changes to slaves. -.El -.It Li } -.It Li max-request = Va SIZE -Maximum size of a kdc request. -.It Li require-preauth = Va BOOL -If set pre-authentication is required. -Since krb4 requests are not pre-authenticated they will be rejected. -.It Li ports = Va "list of ports" -List of ports the kdc should listen to. -.It Li addresses = Va "list of interfaces" -List of addresses the kdc should bind to. -.It Li enable-kerberos4 = Va BOOL -Turn on Kerberos 4 support. -.It Li v4-realm = Va REALM -To what realm v4 requests should be mapped. -.It Li enable-524 = Va BOOL -Should the Kerberos 524 converting facility be turned on. -Default is the same as -.Va enable-kerberos4 . -.It Li enable-http = Va BOOL -Should the kdc answer kdc-requests over http. -.It Li enable-kaserver = Va BOOL -If this kdc should emulate the AFS kaserver. -.It Li check-ticket-addresses = Va BOOL -Verify the addresses in the tickets used in tgs requests. -.\" XXX -.It Li allow-null-ticket-addresses = Va BOOL -Allow address-less tickets. -.\" XXX -.It Li allow-anonymous = Va BOOL -If the kdc is allowed to hand out anonymous tickets. -.It Li encode_as_rep_as_tgs_rep = Va BOOL -Encode as-rep as tgs-rep tobe compatible with mistakes older DCE secd did. -.\" XXX -.It Li kdc_warn_pwexpire = Va TIME -The time before expiration that the user should be warned that her -password is about to expire. -.It Li logging = Va Logging -What type of logging the kdc should use, see also [logging]/kdc. -.It Li use_2b = { -.Bl -tag -width "xxx" -offset indent -.It Va principal Li = Va BOOL -boolean value if the 524 daemon should return AFS 2b tokens for -.Fa principal . -.It ... -.El -.It Li } -.It Li hdb-ldap-structural-object Va structural object -If the LDAP backend is used for storing principals, this is the -structural object that will be used when creating and when reading -objects. -The default value is account . -.It Li hdb-ldap-create-base Va creation dn -is the dn that will be appended to the principal when creating entries. -Default value is the search dn. -.El -.It Li [kadmin] -.Bl -tag -width "xxx" -offset indent -.It Li require-preauth = Va BOOL -If pre-authentication is required to talk to the kadmin server. -.It Li password_lifetime = Va time -If a principal already have its password set for expiration, this is -the time it will be valid for after a change. -.It Li default_keys = Va keytypes... -For each entry in -.Va default_keys -try to parse it as a sequence of -.Va etype:salttype:salt -syntax of this if something like: -.Pp -[(des|des3|etype):](pw-salt|afs3-salt)[:string] -.Pp -If -.Ar etype -is omitted it means everything, and if string is omitted it means the -default salt string (for that principal and encryption type). -Additional special values of keytypes are: -.Bl -tag -width "xxx" -offset indent -.It Li v5 -The Kerberos 5 salt -.Va pw-salt -.It Li v4 -The Kerberos 4 salt -.Va des:pw-salt: -.El -.It Li use_v4_salt = Va BOOL -When true, this is the same as -.Pp -.Va default_keys = Va des3:pw-salt Va v4 -.Pp -and is only left for backwards compatibility. -.El -.It Li [password-quality] -Check the Password quality assurance in the info documentation for -more information. -.Bl -tag -width "xxx" -offset indent -.It Li check_library = Va library-name -Library name that contains the password check_function -.It Li check_function = Va function-name -Function name for checking passwords in check_library -.It Li policy_libraries = Va library1 ... libraryN -List of libraries that can do password policy checks -.It Li policies = Va policy1 ... policyN -List of policy names to apply to the password. Builtin policies are -among other minimum-length, character-class, external-check. -.El -.El -.Sh ENVIRONMENT -.Ev KRB5_CONFIG -points to the configuration file to read. -.Sh FILES -.Bl -tag -width "/etc/krb5.conf" -.It Pa /etc/krb5.conf -configuration file for Kerberos 5. -.El -.Sh EXAMPLES -.Bd -literal -offset indent -[libdefaults] - default_realm = FOO.SE -[domain_realm] - .foo.se = FOO.SE - .bar.se = FOO.SE -[realms] - FOO.SE = { - kdc = kerberos.foo.se - v4_name_convert = { - rcmd = host - } - v4_instance_convert = { - xyz = xyz.bar.se - } - default_domain = foo.se - } -[logging] - kdc = FILE:/var/heimdal/kdc.log - kdc = SYSLOG:INFO - default = SYSLOG:INFO:USER -.Ed -.Sh DIAGNOSTICS -Since -.Nm -is read and parsed by the krb5 library, there is not a lot of -opportunities for programs to report parsing errors in any useful -format. -To help overcome this problem, there is a program -.Nm verify_krb5_conf -that reads -.Nm -and tries to emit useful diagnostics from parsing errors. -Note that this program does not have any way of knowing what options -are actually used and thus cannot warn about unknown or misspelled -ones. -.Sh SEE ALSO -.Xr kinit 1 , -.Xr krb5_425_conv_principal 3 , -.Xr krb5_openlog 3 , -.Xr strftime 3 , -.Xr verify_krb5_conf 8 diff --git a/crypto/heimdal/lib/krb5/krb5.h b/crypto/heimdal/lib/krb5/krb5.h deleted file mode 100644 index 571eb6192ae0..000000000000 --- a/crypto/heimdal/lib/krb5/krb5.h +++ /dev/null @@ -1,780 +0,0 @@ -/* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: krb5.h 22100 2007-12-03 17:15:00Z lha $ */ - -#ifndef __KRB5_H__ -#define __KRB5_H__ - -#include -#include - -#include -#include -#include -#include - -#include - -/* name confusion with MIT */ -#ifndef KRB5KDC_ERR_KEY_EXP -#define KRB5KDC_ERR_KEY_EXP KRB5KDC_ERR_KEY_EXPIRED -#endif - -/* simple constants */ - -#ifndef TRUE -#define TRUE 1 -#define FALSE 0 -#endif - -typedef int krb5_boolean; - -typedef int32_t krb5_error_code; - -typedef int krb5_kvno; - -typedef uint32_t krb5_flags; - -typedef void *krb5_pointer; -typedef const void *krb5_const_pointer; - -struct krb5_crypto_data; -typedef struct krb5_crypto_data *krb5_crypto; - -struct krb5_get_creds_opt_data; -typedef struct krb5_get_creds_opt_data *krb5_get_creds_opt; - -struct krb5_digest_data; -typedef struct krb5_digest_data *krb5_digest; -struct krb5_ntlm_data; -typedef struct krb5_ntlm_data *krb5_ntlm; - -struct krb5_pac_data; -typedef struct krb5_pac_data *krb5_pac; - -typedef struct krb5_rd_req_in_ctx_data *krb5_rd_req_in_ctx; -typedef struct krb5_rd_req_out_ctx_data *krb5_rd_req_out_ctx; - -typedef CKSUMTYPE krb5_cksumtype; - -typedef Checksum krb5_checksum; - -typedef ENCTYPE krb5_enctype; - -typedef heim_octet_string krb5_data; - -/* PKINIT related forward declarations */ -struct ContentInfo; -struct krb5_pk_identity; -struct krb5_pk_cert; - -/* krb5_enc_data is a mit compat structure */ -typedef struct krb5_enc_data { - krb5_enctype enctype; - krb5_kvno kvno; - krb5_data ciphertext; -} krb5_enc_data; - -/* alternative names */ -enum { - ENCTYPE_NULL = ETYPE_NULL, - ENCTYPE_DES_CBC_CRC = ETYPE_DES_CBC_CRC, - ENCTYPE_DES_CBC_MD4 = ETYPE_DES_CBC_MD4, - ENCTYPE_DES_CBC_MD5 = ETYPE_DES_CBC_MD5, - ENCTYPE_DES3_CBC_MD5 = ETYPE_DES3_CBC_MD5, - ENCTYPE_OLD_DES3_CBC_SHA1 = ETYPE_OLD_DES3_CBC_SHA1, - ENCTYPE_SIGN_DSA_GENERATE = ETYPE_SIGN_DSA_GENERATE, - ENCTYPE_ENCRYPT_RSA_PRIV = ETYPE_ENCRYPT_RSA_PRIV, - ENCTYPE_ENCRYPT_RSA_PUB = ETYPE_ENCRYPT_RSA_PUB, - ENCTYPE_DES3_CBC_SHA1 = ETYPE_DES3_CBC_SHA1, - ENCTYPE_AES128_CTS_HMAC_SHA1_96 = ETYPE_AES128_CTS_HMAC_SHA1_96, - ENCTYPE_AES256_CTS_HMAC_SHA1_96 = ETYPE_AES256_CTS_HMAC_SHA1_96, - ENCTYPE_ARCFOUR_HMAC = ETYPE_ARCFOUR_HMAC_MD5, - ENCTYPE_ARCFOUR_HMAC_MD5 = ETYPE_ARCFOUR_HMAC_MD5, - ENCTYPE_ARCFOUR_HMAC_MD5_56 = ETYPE_ARCFOUR_HMAC_MD5_56, - ENCTYPE_ENCTYPE_PK_CROSS = ETYPE_ENCTYPE_PK_CROSS, - ENCTYPE_DES_CBC_NONE = ETYPE_DES_CBC_NONE, - ENCTYPE_DES3_CBC_NONE = ETYPE_DES3_CBC_NONE, - ENCTYPE_DES_CFB64_NONE = ETYPE_DES_CFB64_NONE, - ENCTYPE_DES_PCBC_NONE = ETYPE_DES_PCBC_NONE -}; - -typedef PADATA_TYPE krb5_preauthtype; - -typedef enum krb5_key_usage { - KRB5_KU_PA_ENC_TIMESTAMP = 1, - /* AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the - client key (section 5.4.1) */ - KRB5_KU_TICKET = 2, - /* AS-REP Ticket and TGS-REP Ticket (includes tgs session key or - application session key), encrypted with the service key - (section 5.4.2) */ - KRB5_KU_AS_REP_ENC_PART = 3, - /* AS-REP encrypted part (includes tgs session key or application - session key), encrypted with the client key (section 5.4.2) */ - KRB5_KU_TGS_REQ_AUTH_DAT_SESSION = 4, - /* TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the tgs - session key (section 5.4.1) */ - KRB5_KU_TGS_REQ_AUTH_DAT_SUBKEY = 5, - /* TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the tgs - authenticator subkey (section 5.4.1) */ - KRB5_KU_TGS_REQ_AUTH_CKSUM = 6, - /* TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum, keyed - with the tgs session key (sections 5.3.2, 5.4.1) */ - KRB5_KU_TGS_REQ_AUTH = 7, - /* TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes tgs - authenticator subkey), encrypted with the tgs session key - (section 5.3.2) */ - KRB5_KU_TGS_REP_ENC_PART_SESSION = 8, - /* TGS-REP encrypted part (includes application session key), - encrypted with the tgs session key (section 5.4.2) */ - KRB5_KU_TGS_REP_ENC_PART_SUB_KEY = 9, - /* TGS-REP encrypted part (includes application session key), - encrypted with the tgs authenticator subkey (section 5.4.2) */ - KRB5_KU_AP_REQ_AUTH_CKSUM = 10, - /* AP-REQ Authenticator cksum, keyed with the application session - key (section 5.3.2) */ - KRB5_KU_AP_REQ_AUTH = 11, - /* AP-REQ Authenticator (includes application authenticator - subkey), encrypted with the application session key (section - 5.3.2) */ - KRB5_KU_AP_REQ_ENC_PART = 12, - /* AP-REP encrypted part (includes application session subkey), - encrypted with the application session key (section 5.5.2) */ - KRB5_KU_KRB_PRIV = 13, - /* KRB-PRIV encrypted part, encrypted with a key chosen by the - application (section 5.7.1) */ - KRB5_KU_KRB_CRED = 14, - /* KRB-CRED encrypted part, encrypted with a key chosen by the - application (section 5.8.1) */ - KRB5_KU_KRB_SAFE_CKSUM = 15, - /* KRB-SAFE cksum, keyed with a key chosen by the application - (section 5.6.1) */ - KRB5_KU_OTHER_ENCRYPTED = 16, - /* Data which is defined in some specification outside of - Kerberos to be encrypted using an RFC1510 encryption type. */ - KRB5_KU_OTHER_CKSUM = 17, - /* Data which is defined in some specification outside of - Kerberos to be checksummed using an RFC1510 checksum type. */ - KRB5_KU_KRB_ERROR = 18, - /* Krb-error checksum */ - KRB5_KU_AD_KDC_ISSUED = 19, - /* AD-KDCIssued checksum */ - KRB5_KU_MANDATORY_TICKET_EXTENSION = 20, - /* Checksum for Mandatory Ticket Extensions */ - KRB5_KU_AUTH_DATA_TICKET_EXTENSION = 21, - /* Checksum in Authorization Data in Ticket Extensions */ - KRB5_KU_USAGE_SEAL = 22, - /* seal in GSSAPI krb5 mechanism */ - KRB5_KU_USAGE_SIGN = 23, - /* sign in GSSAPI krb5 mechanism */ - KRB5_KU_USAGE_SEQ = 24, - /* SEQ in GSSAPI krb5 mechanism */ - KRB5_KU_USAGE_ACCEPTOR_SEAL = 22, - /* acceptor sign in GSSAPI CFX krb5 mechanism */ - KRB5_KU_USAGE_ACCEPTOR_SIGN = 23, - /* acceptor seal in GSSAPI CFX krb5 mechanism */ - KRB5_KU_USAGE_INITIATOR_SEAL = 24, - /* initiator sign in GSSAPI CFX krb5 mechanism */ - KRB5_KU_USAGE_INITIATOR_SIGN = 25, - /* initiator seal in GSSAPI CFX krb5 mechanism */ - KRB5_KU_PA_SERVER_REFERRAL_DATA = 22, - /* encrypted server referral data */ - KRB5_KU_SAM_CHECKSUM = 25, - /* Checksum for the SAM-CHECKSUM field */ - KRB5_KU_SAM_ENC_TRACK_ID = 26, - /* Encryption of the SAM-TRACK-ID field */ - KRB5_KU_PA_SERVER_REFERRAL = 26, - /* Keyusage for the server referral in a TGS req */ - KRB5_KU_SAM_ENC_NONCE_SAD = 27, - /* Encryption of the SAM-NONCE-OR-SAD field */ - KRB5_KU_DIGEST_ENCRYPT = -18, - /* Encryption key usage used in the digest encryption field */ - KRB5_KU_DIGEST_OPAQUE = -19, - /* Checksum key usage used in the digest opaque field */ - KRB5_KU_KRB5SIGNEDPATH = -21, - /* Checksum key usage on KRB5SignedPath */ - KRB5_KU_CANONICALIZED_NAMES = -23 - /* Checksum key usage on PA-CANONICALIZED */ -} krb5_key_usage; - -typedef krb5_key_usage krb5_keyusage; - -typedef enum krb5_salttype { - KRB5_PW_SALT = KRB5_PADATA_PW_SALT, - KRB5_AFS3_SALT = KRB5_PADATA_AFS3_SALT -}krb5_salttype; - -typedef struct krb5_salt { - krb5_salttype salttype; - krb5_data saltvalue; -} krb5_salt; - -typedef ETYPE_INFO krb5_preauthinfo; - -typedef struct { - krb5_preauthtype type; - krb5_preauthinfo info; /* list of preauthinfo for this type */ -} krb5_preauthdata_entry; - -typedef struct krb5_preauthdata { - unsigned len; - krb5_preauthdata_entry *val; -}krb5_preauthdata; - -typedef enum krb5_address_type { - KRB5_ADDRESS_INET = 2, - KRB5_ADDRESS_NETBIOS = 20, - KRB5_ADDRESS_INET6 = 24, - KRB5_ADDRESS_ADDRPORT = 256, - KRB5_ADDRESS_IPPORT = 257 -} krb5_address_type; - -enum { - AP_OPTS_USE_SESSION_KEY = 1, - AP_OPTS_MUTUAL_REQUIRED = 2, - AP_OPTS_USE_SUBKEY = 4 /* library internal */ -}; - -typedef HostAddress krb5_address; - -typedef HostAddresses krb5_addresses; - -typedef enum krb5_keytype { - KEYTYPE_NULL = 0, - KEYTYPE_DES = 1, - KEYTYPE_DES3 = 7, - KEYTYPE_AES128 = 17, - KEYTYPE_AES256 = 18, - KEYTYPE_ARCFOUR = 23, - KEYTYPE_ARCFOUR_56 = 24 -} krb5_keytype; - -typedef EncryptionKey krb5_keyblock; - -typedef AP_REQ krb5_ap_req; - -struct krb5_cc_ops; - -#define KRB5_DEFAULT_CCFILE_ROOT "/tmp/krb5cc_" - -#define KRB5_DEFAULT_CCROOT "FILE:" KRB5_DEFAULT_CCFILE_ROOT - -#define KRB5_ACCEPT_NULL_ADDRESSES(C) \ - krb5_config_get_bool_default((C), NULL, TRUE, \ - "libdefaults", "accept_null_addresses", \ - NULL) - -typedef void *krb5_cc_cursor; - -typedef struct krb5_ccache_data { - const struct krb5_cc_ops *ops; - krb5_data data; -}krb5_ccache_data; - -typedef struct krb5_ccache_data *krb5_ccache; - -typedef struct krb5_context_data *krb5_context; - -typedef Realm krb5_realm; -typedef const char *krb5_const_realm; /* stupid language */ - -#define krb5_realm_length(r) strlen(r) -#define krb5_realm_data(r) (r) - -typedef Principal krb5_principal_data; -typedef struct Principal *krb5_principal; -typedef const struct Principal *krb5_const_principal; - -typedef time_t krb5_deltat; -typedef time_t krb5_timestamp; - -typedef struct krb5_times { - krb5_timestamp authtime; - krb5_timestamp starttime; - krb5_timestamp endtime; - krb5_timestamp renew_till; -} krb5_times; - -typedef union { - TicketFlags b; - krb5_flags i; -} krb5_ticket_flags; - -/* options for krb5_get_in_tkt() */ -#define KDC_OPT_FORWARDABLE (1 << 1) -#define KDC_OPT_FORWARDED (1 << 2) -#define KDC_OPT_PROXIABLE (1 << 3) -#define KDC_OPT_PROXY (1 << 4) -#define KDC_OPT_ALLOW_POSTDATE (1 << 5) -#define KDC_OPT_POSTDATED (1 << 6) -#define KDC_OPT_RENEWABLE (1 << 8) -#define KDC_OPT_REQUEST_ANONYMOUS (1 << 14) -#define KDC_OPT_DISABLE_TRANSITED_CHECK (1 << 26) -#define KDC_OPT_RENEWABLE_OK (1 << 27) -#define KDC_OPT_ENC_TKT_IN_SKEY (1 << 28) -#define KDC_OPT_RENEW (1 << 30) -#define KDC_OPT_VALIDATE (1 << 31) - -typedef union { - KDCOptions b; - krb5_flags i; -} krb5_kdc_flags; - -/* flags for krb5_verify_ap_req */ - -#define KRB5_VERIFY_AP_REQ_IGNORE_INVALID (1 << 0) - -#define KRB5_GC_CACHED (1U << 0) -#define KRB5_GC_USER_USER (1U << 1) -#define KRB5_GC_EXPIRED_OK (1U << 2) -#define KRB5_GC_NO_STORE (1U << 3) -#define KRB5_GC_FORWARDABLE (1U << 4) -#define KRB5_GC_NO_TRANSIT_CHECK (1U << 5) -#define KRB5_GC_CONSTRAINED_DELEGATION (1U << 6) - -/* constants for compare_creds (and cc_retrieve_cred) */ -#define KRB5_TC_DONT_MATCH_REALM (1U << 31) -#define KRB5_TC_MATCH_KEYTYPE (1U << 30) -#define KRB5_TC_MATCH_KTYPE KRB5_TC_MATCH_KEYTYPE /* MIT name */ -#define KRB5_TC_MATCH_SRV_NAMEONLY (1 << 29) -#define KRB5_TC_MATCH_FLAGS_EXACT (1 << 28) -#define KRB5_TC_MATCH_FLAGS (1 << 27) -#define KRB5_TC_MATCH_TIMES_EXACT (1 << 26) -#define KRB5_TC_MATCH_TIMES (1 << 25) -#define KRB5_TC_MATCH_AUTHDATA (1 << 24) -#define KRB5_TC_MATCH_2ND_TKT (1 << 23) -#define KRB5_TC_MATCH_IS_SKEY (1 << 22) - -typedef AuthorizationData krb5_authdata; - -typedef KRB_ERROR krb5_error; - -typedef struct krb5_creds { - krb5_principal client; - krb5_principal server; - krb5_keyblock session; - krb5_times times; - krb5_data ticket; - krb5_data second_ticket; - krb5_authdata authdata; - krb5_addresses addresses; - krb5_ticket_flags flags; -} krb5_creds; - -typedef struct krb5_cc_cache_cursor_data *krb5_cc_cache_cursor; - -typedef struct krb5_cc_ops { - const char *prefix; - const char* (*get_name)(krb5_context, krb5_ccache); - krb5_error_code (*resolve)(krb5_context, krb5_ccache *, const char *); - krb5_error_code (*gen_new)(krb5_context, krb5_ccache *); - krb5_error_code (*init)(krb5_context, krb5_ccache, krb5_principal); - krb5_error_code (*destroy)(krb5_context, krb5_ccache); - krb5_error_code (*close)(krb5_context, krb5_ccache); - krb5_error_code (*store)(krb5_context, krb5_ccache, krb5_creds*); - krb5_error_code (*retrieve)(krb5_context, krb5_ccache, - krb5_flags, const krb5_creds*, krb5_creds *); - krb5_error_code (*get_princ)(krb5_context, krb5_ccache, krb5_principal*); - krb5_error_code (*get_first)(krb5_context, krb5_ccache, krb5_cc_cursor *); - krb5_error_code (*get_next)(krb5_context, krb5_ccache, - krb5_cc_cursor*, krb5_creds*); - krb5_error_code (*end_get)(krb5_context, krb5_ccache, krb5_cc_cursor*); - krb5_error_code (*remove_cred)(krb5_context, krb5_ccache, - krb5_flags, krb5_creds*); - krb5_error_code (*set_flags)(krb5_context, krb5_ccache, krb5_flags); - int (*get_version)(krb5_context, krb5_ccache); - krb5_error_code (*get_cache_first)(krb5_context, krb5_cc_cursor *); - krb5_error_code (*get_cache_next)(krb5_context, krb5_cc_cursor, krb5_ccache *); - krb5_error_code (*end_cache_get)(krb5_context, krb5_cc_cursor); - krb5_error_code (*move)(krb5_context, krb5_ccache, krb5_ccache); - krb5_error_code (*default_name)(krb5_context, char **); -} krb5_cc_ops; - -struct krb5_log_facility; - -struct krb5_config_binding { - enum { krb5_config_string, krb5_config_list } type; - char *name; - struct krb5_config_binding *next; - union { - char *string; - struct krb5_config_binding *list; - void *generic; - } u; -}; - -typedef struct krb5_config_binding krb5_config_binding; - -typedef krb5_config_binding krb5_config_section; - -typedef struct krb5_ticket { - EncTicketPart ticket; - krb5_principal client; - krb5_principal server; -} krb5_ticket; - -typedef Authenticator krb5_authenticator_data; - -typedef krb5_authenticator_data *krb5_authenticator; - -struct krb5_rcache_data; -typedef struct krb5_rcache_data *krb5_rcache; -typedef Authenticator krb5_donot_replay; - -#define KRB5_STORAGE_HOST_BYTEORDER 0x01 /* old */ -#define KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS 0x02 -#define KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE 0x04 -#define KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE 0x08 -#define KRB5_STORAGE_BYTEORDER_MASK 0x60 -#define KRB5_STORAGE_BYTEORDER_BE 0x00 /* default */ -#define KRB5_STORAGE_BYTEORDER_LE 0x20 -#define KRB5_STORAGE_BYTEORDER_HOST 0x40 -#define KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER 0x80 - -struct krb5_storage_data; -typedef struct krb5_storage_data krb5_storage; - -typedef struct krb5_keytab_entry { - krb5_principal principal; - krb5_kvno vno; - krb5_keyblock keyblock; - uint32_t timestamp; -} krb5_keytab_entry; - -typedef struct krb5_kt_cursor { - int fd; - krb5_storage *sp; - void *data; -} krb5_kt_cursor; - -struct krb5_keytab_data; - -typedef struct krb5_keytab_data *krb5_keytab; - -#define KRB5_KT_PREFIX_MAX_LEN 30 - -struct krb5_keytab_data { - const char *prefix; - krb5_error_code (*resolve)(krb5_context, const char*, krb5_keytab); - krb5_error_code (*get_name)(krb5_context, krb5_keytab, char*, size_t); - krb5_error_code (*close)(krb5_context, krb5_keytab); - krb5_error_code (*get)(krb5_context, krb5_keytab, krb5_const_principal, - krb5_kvno, krb5_enctype, krb5_keytab_entry*); - krb5_error_code (*start_seq_get)(krb5_context, krb5_keytab, krb5_kt_cursor*); - krb5_error_code (*next_entry)(krb5_context, krb5_keytab, - krb5_keytab_entry*, krb5_kt_cursor*); - krb5_error_code (*end_seq_get)(krb5_context, krb5_keytab, krb5_kt_cursor*); - krb5_error_code (*add)(krb5_context, krb5_keytab, krb5_keytab_entry*); - krb5_error_code (*remove)(krb5_context, krb5_keytab, krb5_keytab_entry*); - void *data; - int32_t version; -}; - -typedef struct krb5_keytab_data krb5_kt_ops; - -struct krb5_keytab_key_proc_args { - krb5_keytab keytab; - krb5_principal principal; -}; - -typedef struct krb5_keytab_key_proc_args krb5_keytab_key_proc_args; - -typedef struct krb5_replay_data { - krb5_timestamp timestamp; - int32_t usec; - uint32_t seq; -} krb5_replay_data; - -/* flags for krb5_auth_con_setflags */ -enum { - KRB5_AUTH_CONTEXT_DO_TIME = 1, - KRB5_AUTH_CONTEXT_RET_TIME = 2, - KRB5_AUTH_CONTEXT_DO_SEQUENCE = 4, - KRB5_AUTH_CONTEXT_RET_SEQUENCE = 8, - KRB5_AUTH_CONTEXT_PERMIT_ALL = 16, - KRB5_AUTH_CONTEXT_USE_SUBKEY = 32, - KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED = 64 -}; - -/* flags for krb5_auth_con_genaddrs */ -enum { - KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR = 1, - KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR = 3, - KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR = 4, - KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR = 12 -}; - -typedef struct krb5_auth_context_data { - unsigned int flags; - - krb5_address *local_address; - krb5_address *remote_address; - int16_t local_port; - int16_t remote_port; - krb5_keyblock *keyblock; - krb5_keyblock *local_subkey; - krb5_keyblock *remote_subkey; - - uint32_t local_seqnumber; - uint32_t remote_seqnumber; - - krb5_authenticator authenticator; - - krb5_pointer i_vector; - - krb5_rcache rcache; - - krb5_keytype keytype; /* ¿requested key type ? */ - krb5_cksumtype cksumtype; /* ¡requested checksum type! */ - -}krb5_auth_context_data, *krb5_auth_context; - -typedef struct { - KDC_REP kdc_rep; - EncKDCRepPart enc_part; - KRB_ERROR error; -} krb5_kdc_rep; - -extern const char *heimdal_version, *heimdal_long_version; - -typedef void (*krb5_log_log_func_t)(const char*, const char*, void*); -typedef void (*krb5_log_close_func_t)(void*); - -typedef struct krb5_log_facility { - char *program; - int len; - struct facility *val; -} krb5_log_facility; - -typedef EncAPRepPart krb5_ap_rep_enc_part; - -#define KRB5_RECVAUTH_IGNORE_VERSION 1 - -#define KRB5_SENDAUTH_VERSION "KRB5_SENDAUTH_V1.0" - -#define KRB5_TGS_NAME_SIZE (6) -#define KRB5_TGS_NAME ("krbtgt") - -#define KRB5_DIGEST_NAME ("digest") - -/* variables */ - -extern const char *krb5_config_file; -extern const char *krb5_defkeyname; - -typedef enum { - KRB5_PROMPT_TYPE_PASSWORD = 0x1, - KRB5_PROMPT_TYPE_NEW_PASSWORD = 0x2, - KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN = 0x3, - KRB5_PROMPT_TYPE_PREAUTH = 0x4, - KRB5_PROMPT_TYPE_INFO = 0x5 -} krb5_prompt_type; - -typedef struct _krb5_prompt { - const char *prompt; - int hidden; - krb5_data *reply; - krb5_prompt_type type; -} krb5_prompt; - -typedef int (*krb5_prompter_fct)(krb5_context /*context*/, - void * /*data*/, - const char * /*name*/, - const char * /*banner*/, - int /*num_prompts*/, - krb5_prompt /*prompts*/[]); -typedef krb5_error_code (*krb5_key_proc)(krb5_context /*context*/, - krb5_enctype /*type*/, - krb5_salt /*salt*/, - krb5_const_pointer /*keyseed*/, - krb5_keyblock ** /*key*/); -typedef krb5_error_code (*krb5_decrypt_proc)(krb5_context /*context*/, - krb5_keyblock * /*key*/, - krb5_key_usage /*usage*/, - krb5_const_pointer /*decrypt_arg*/, - krb5_kdc_rep * /*dec_rep*/); -typedef krb5_error_code (*krb5_s2k_proc)(krb5_context /*context*/, - krb5_enctype /*type*/, - krb5_const_pointer /*keyseed*/, - krb5_salt /*salt*/, - krb5_data * /*s2kparms*/, - krb5_keyblock ** /*key*/); - -struct _krb5_get_init_creds_opt_private; - -typedef struct _krb5_get_init_creds_opt { - krb5_flags flags; - krb5_deltat tkt_life; - krb5_deltat renew_life; - int forwardable; - int proxiable; - int anonymous; - krb5_enctype *etype_list; - int etype_list_length; - krb5_addresses *address_list; - /* XXX the next three should not be used, as they may be - removed later */ - krb5_preauthtype *preauth_list; - int preauth_list_length; - krb5_data *salt; - struct _krb5_get_init_creds_opt_private *opt_private; -} krb5_get_init_creds_opt; - -#define KRB5_GET_INIT_CREDS_OPT_TKT_LIFE 0x0001 -#define KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE 0x0002 -#define KRB5_GET_INIT_CREDS_OPT_FORWARDABLE 0x0004 -#define KRB5_GET_INIT_CREDS_OPT_PROXIABLE 0x0008 -#define KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST 0x0010 -#define KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST 0x0020 -#define KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST 0x0040 -#define KRB5_GET_INIT_CREDS_OPT_SALT 0x0080 -#define KRB5_GET_INIT_CREDS_OPT_ANONYMOUS 0x0100 -#define KRB5_GET_INIT_CREDS_OPT_DISABLE_TRANSITED_CHECK 0x0200 - -typedef struct _krb5_verify_init_creds_opt { - krb5_flags flags; - int ap_req_nofail; -} krb5_verify_init_creds_opt; - -#define KRB5_VERIFY_INIT_CREDS_OPT_AP_REQ_NOFAIL 0x0001 - -typedef struct krb5_verify_opt { - unsigned int flags; - krb5_ccache ccache; - krb5_keytab keytab; - krb5_boolean secure; - const char *service; -} krb5_verify_opt; - -#define KRB5_VERIFY_LREALMS 1 -#define KRB5_VERIFY_NO_ADDRESSES 2 - -extern const krb5_cc_ops krb5_acc_ops; -extern const krb5_cc_ops krb5_fcc_ops; -extern const krb5_cc_ops krb5_mcc_ops; -extern const krb5_cc_ops krb5_kcm_ops; - -extern const krb5_kt_ops krb5_fkt_ops; -extern const krb5_kt_ops krb5_wrfkt_ops; -extern const krb5_kt_ops krb5_javakt_ops; -extern const krb5_kt_ops krb5_mkt_ops; -extern const krb5_kt_ops krb5_akf_ops; -extern const krb5_kt_ops krb4_fkt_ops; -extern const krb5_kt_ops krb5_srvtab_fkt_ops; -extern const krb5_kt_ops krb5_any_ops; - -#define KRB5_KPASSWD_VERS_CHANGEPW 1 -#define KRB5_KPASSWD_VERS_SETPW 0xff80 - -#define KRB5_KPASSWD_SUCCESS 0 -#define KRB5_KPASSWD_MALFORMED 1 -#define KRB5_KPASSWD_HARDERROR 2 -#define KRB5_KPASSWD_AUTHERROR 3 -#define KRB5_KPASSWD_SOFTERROR 4 -#define KRB5_KPASSWD_ACCESSDENIED 5 -#define KRB5_KPASSWD_BAD_VERSION 6 -#define KRB5_KPASSWD_INITIAL_FLAG_NEEDED 7 - -#define KPASSWD_PORT 464 - -/* types for the new krbhst interface */ -struct krb5_krbhst_data; -typedef struct krb5_krbhst_data *krb5_krbhst_handle; - -#define KRB5_KRBHST_KDC 1 -#define KRB5_KRBHST_ADMIN 2 -#define KRB5_KRBHST_CHANGEPW 3 -#define KRB5_KRBHST_KRB524 4 -#define KRB5_KRBHST_KCA 5 - -typedef struct krb5_krbhst_info { - enum { KRB5_KRBHST_UDP, - KRB5_KRBHST_TCP, - KRB5_KRBHST_HTTP } proto; - unsigned short port; - unsigned short def_port; - struct addrinfo *ai; - struct krb5_krbhst_info *next; - char hostname[1]; /* has to come last */ -} krb5_krbhst_info; - -/* flags for krb5_krbhst_init_flags (and krb5_send_to_kdc_flags) */ -enum { - KRB5_KRBHST_FLAGS_MASTER = 1, - KRB5_KRBHST_FLAGS_LARGE_MSG = 2 -}; - -typedef krb5_error_code (*krb5_send_to_kdc_func)(krb5_context, - void *, - krb5_krbhst_info *, - const krb5_data *, - krb5_data *); - -/* flags for krb5_parse_name_flags */ -enum { - KRB5_PRINCIPAL_PARSE_NO_REALM = 1, - KRB5_PRINCIPAL_PARSE_MUST_REALM = 2, - KRB5_PRINCIPAL_PARSE_ENTERPRISE = 4 -}; - -/* flags for krb5_unparse_name_flags */ -enum { - KRB5_PRINCIPAL_UNPARSE_SHORT = 1, - KRB5_PRINCIPAL_UNPARSE_NO_REALM = 2, - KRB5_PRINCIPAL_UNPARSE_DISPLAY = 4 -}; - -typedef struct krb5_sendto_ctx_data *krb5_sendto_ctx; - -#define KRB5_SENDTO_DONE 0 -#define KRB5_SENDTO_RESTART 1 -#define KRB5_SENDTO_CONTINUE 2 - -typedef krb5_error_code (*krb5_sendto_ctx_func)(krb5_context, krb5_sendto_ctx, void *, const krb5_data *, int *); - -struct krb5_plugin; -enum krb5_plugin_type { - PLUGIN_TYPE_DATA = 1, - PLUGIN_TYPE_FUNC -}; - -struct credentials; /* this is to keep the compiler happy */ -struct getargs; -struct sockaddr; - -#include - -#endif /* __KRB5_H__ */ - diff --git a/crypto/heimdal/lib/krb5/krb5.moduli b/crypto/heimdal/lib/krb5/krb5.moduli deleted file mode 100644 index f67d2b29be86..000000000000 --- a/crypto/heimdal/lib/krb5/krb5.moduli +++ /dev/null @@ -1,3 +0,0 @@ -# $Id: krb5.moduli 16154 2005-10-08 15:39:42Z lha $ -# comment security-bits-decimal secure-prime(p)-hex generator(g)-hex (q)-hex -rfc3526-MODP-group14 1760 FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF 02 7FFFFFFFFFFFFFFFE487ED5110B4611A62633145C06E0E68948127044533E63A0105DF531D89CD9128A5043CC71A026EF7CA8CD9E69D218D98158536F92F8A1BA7F09AB6B6A8E122F242DABB312F3F637A262174D31BF6B585FFAE5B7A035BF6F71C35FDAD44CFD2D74F9208BE258FF324943328F6722D9EE1003E5C50B1DF82CC6D241B0E2AE9CD348B1FD47E9267AFC1B2AE91EE51D6CB0E3179AB1042A95DCF6A9483B84B4B36B3861AA7255E4C0278BA3604650C10BE19482F23171B671DF1CF3B960C074301CD93C1D17603D147DAE2AEF837A62964EF15E5FB4AAC0B8C1CCAA4BE754AB5728AE9130C4C7D02880AB9472D455655347FFFFFFFFFFFFFFF diff --git a/crypto/heimdal/lib/krb5/krb524_convert_creds_kdc.3 b/crypto/heimdal/lib/krb5/krb524_convert_creds_kdc.3 deleted file mode 100644 index 1f4b9bf8a9ec..000000000000 --- a/crypto/heimdal/lib/krb5/krb524_convert_creds_kdc.3 +++ /dev/null @@ -1,86 +0,0 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb524_convert_creds_kdc.3 15239 2005-05-25 13:19:16Z lha $ -.\" -.Dd March 20, 2004 -.Dt KRB524_CONVERT_CREDS_KDC 3 -.Os HEIMDAL -.Sh NAME -.Nm krb524_convert_creds_kdc , -.Nm krb524_convert_creds_kdc_ccache -.Nd converts Kerberos 5 credentials to Kerberos 4 credentials -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fo krb524_convert_creds_kdc -.Fa "krb5_context context" -.Fa "krb5_creds *in_cred" -.Fa "struct credentials *v4creds" -.Fc -.Ft krb5_error_code -.Fo krb524_convert_creds_kdc_ccache -.Fa "krb5_context context" -.Fa "krb5_ccache ccache" -.Fa "krb5_creds *in_cred" -.Fa "struct credentials *v4creds" -.Fc -.Sh DESCRIPTION -Convert the Kerberos 5 credential to Kerberos 4 credential. -This is done by sending them to the 524 service in the KDC. -.Pp -.Fn krb524_convert_creds_kdc -converts the Kerberos 5 credential in -.Fa in_cred -to Kerberos 4 credential that is stored in -.Fa credentials . -.Pp -.Fn krb524_convert_creds_kdc_ccache -is diffrent from -.Fn krb524_convert_creds_kdc -in that way that if -.Fa in_cred -doesn't contain a DES session key, then a new one is fetched from the -KDC and stored in the cred cache -.Fa ccache , -and then the KDC is queried to convert the credential. -.Pp -This interfaces are used to make the migration to Kerberos 5 from -Kerberos 4 easier. -There are few services that still need Kerberos 4, and this is mainly -for compatibility for those services. -Some services, like AFS, really have Kerberos 5 supports, but still -uses the 524 interface to make the migration easier. -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5.conf 5 diff --git a/crypto/heimdal/lib/krb5/krb5_425_conv_principal.3 b/crypto/heimdal/lib/krb5/krb5_425_conv_principal.3 deleted file mode 100644 index 16c118f8ace7..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_425_conv_principal.3 +++ /dev/null @@ -1,224 +0,0 @@ -.\" Copyright (c) 1997-2003 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_425_conv_principal.3 12734 2003-09-03 00:13:07Z lha $ -.\" -.Dd September 3, 2003 -.Dt KRB5_425_CONV_PRINCIPAL 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_425_conv_principal , -.Nm krb5_425_conv_principal_ext , -.Nm krb5_524_conv_principal -.Nd converts to and from version 4 principals -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fn krb5_425_conv_principal "krb5_context context" "const char *name" "const char *instance" "const char *realm" "krb5_principal *principal" -.Ft krb5_error_code -.Fn krb5_425_conv_principal_ext "krb5_context context" "const char *name" "const char *instance" "const char *realm" "krb5_boolean (*func)(krb5_context, krb5_principal)" "krb5_boolean resolve" "krb5_principal *principal" -.Ft krb5_error_code -.Fn krb5_524_conv_principal "krb5_context context" "const krb5_principal principal" "char *name" "char *instance" "char *realm" -.Sh DESCRIPTION -Converting between version 4 and version 5 principals can at best be -described as a mess. -.Pp -A version 4 principal consists of a name, an instance, and a realm. A -version 5 principal consists of one or more components, and a -realm. In some cases also the first component/name will differ between -version 4 and version 5. Furthermore the second component of a host -principal will be the fully qualified domain name of the host in -question, while the instance of a version 4 principal will only -contain the first part (short hostname). Because of these problems -the conversion between principals will have to be site customized. -.Pp -.Fn krb5_425_conv_principal_ext -will try to convert a version 4 principal, given by -.Fa name , -.Fa instance , -and -.Fa realm , -to a version 5 principal. This can result in several possible -principals, and if -.Fa func -is non-NULL, it will be called for each candidate principal. -.Fa func -should return true if the principal was -.Dq good . -To accomplish this, -.Fn krb5_425_conv_principal_ext -will look up the name in -.Pa krb5.conf . -It first looks in the -.Li v4_name_convert/host -subsection, which should contain a list of version 4 names whose -instance should be treated as a hostname. This list can be specified -for each realm (in the -.Li realms -section), or in the -.Li libdefaults -section. If the name is found the resulting name of the principal -will be the value of this binding. The instance is then first looked -up in -.Li v4_instance_convert -for the specified realm. If found the resulting value will be used as -instance (this can be used for special cases), no further attempts -will be made to find a conversion if this fails (with -.Fa func ) . -If the -.Fa resolve -parameter is true, the instance will be looked up with -.Fn gethostbyname . -This can be a time consuming, error prone, and unsafe operation. Next -a list of hostnames will be created from the instance and the -.Li v4_domains -variable, which should contain a list of possible domains for the -specific realm. -.Pp -On the other hand, if the name is not found in a -.Li host -section, it is looked up in a -.Li v4_name_convert/plain -binding. If found here the name will be converted, but the instance -will be untouched. -.Pp -This list of default host-type conversions is compiled-in: -.Bd -literal -offset indent -v4_name_convert = { - host = { - ftp = ftp - hprop = hprop - imap = imap - pop = pop - rcmd = host - smtp = smtp - } -} -.Ed -.Pp -It will only be used if there isn't an entry for these names in the -config file, so you can override these defaults. -.Pp -.Fn krb5_425_conv_principal -will call -.Fn krb5_425_conv_principal_ext -with -.Dv NULL -as -.Fa func , -and the value of -.Li v4_instance_resolve -(from the -.Li libdefaults -section) as -.Fa resolve . -.Pp -.Fn krb5_524_conv_principal -basically does the opposite of -.Fn krb5_425_conv_principal , -it just doesn't have to look up any names, but will instead truncate -instances found to belong to a host principal. The -.Fa name , -.Fa instance , -and -.Fa realm -should be at least 40 characters long. -.Sh EXAMPLES -Since this is confusing an example is in place. -.Pp -Assume that we have the -.Dq foo.com , -and -.Dq bar.com -domains that have shared a single version 4 realm, FOO.COM. The version 4 -.Pa krb.realms -file looked like: -.Bd -literal -offset indent -foo.com FOO.COM -\&.foo.com FOO.COM -\&.bar.com FOO.COM -.Ed -.Pp -A -.Pa krb5.conf -file that covers this case might look like: -.Bd -literal -offset indent -[libdefaults] - v4_instance_resolve = yes -[realms] - FOO.COM = { - kdc = kerberos.foo.com - v4_instance_convert = { - foo = foo.com - } - v4_domains = foo.com - } -.Ed -.Pp -With this setup and the following host table: -.Bd -literal -offset indent -foo.com -a-host.foo.com -b-host.bar.com -.Ed -the following conversions will be made: -.Bd -literal -offset indent -rcmd.a-host -\*(Gt host/a-host.foo.com -ftp.b-host -\*(Gt ftp/b-host.bar.com -pop.foo -\*(Gt pop/foo.com -ftp.other -\*(Gt ftp/other.foo.com -other.a-host -\*(Gt other/a-host -.Ed -.Pp -The first three are what you expect. If you remove the -.Dq v4_domains , -the fourth entry will result in an error (since the host -.Dq other -can't be found). Even if -.Dq a-host -is a valid host name, the last entry will not be converted, since the -.Dq other -name is not known to represent a host-type principal. -If you turn off -.Dq v4_instance_resolve -the second example will result in -.Dq ftp/b-host.foo.com -(because of the default domain). And all of this is of course only -valid if you have working name resolving. -.Sh SEE ALSO -.Xr krb5_build_principal 3 , -.Xr krb5_free_principal 3 , -.Xr krb5_parse_name 3 , -.Xr krb5_sname_to_principal 3 , -.Xr krb5_unparse_name 3 , -.Xr krb5.conf 5 diff --git a/crypto/heimdal/lib/krb5/krb5_acl_match_file.3 b/crypto/heimdal/lib/krb5/krb5_acl_match_file.3 deleted file mode 100644 index 342645edd2d2..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_acl_match_file.3 +++ /dev/null @@ -1,111 +0,0 @@ -.\" Copyright (c) 2004, 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_acl_match_file.3 17534 2006-05-11 22:43:44Z lha $ -.\" -.Dd May 12, 2006 -.Dt KRB5_ACL_MATCH_FILE 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_acl_match_file , -.Nm krb5_acl_match_string -.Nd ACL matching functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.Ft krb5_error_code -.Fo krb5_acl_match_file -.Fa "krb5_context context" -.Fa "const char *file" -.Fa "const char *format" -.Fa "..." -.Fc -.Ft krb5_error_code -.Fo krb5_acl_match_string -.Fa "krb5_context context" -.Fa "const char *string" -.Fa "const char *format" -.Fa "..." -.Fc -.Sh DESCRIPTION -.Nm krb5_acl_match_file -matches ACL format against each line in a file. -Lines starting with # are treated like comments and ignored. -.Pp -.Nm krb5_acl_match_string -matches ACL format against a string. -.Pp -The ACL format has three format specifiers: s, f, and r. -Each specifier will retrieve one argument from the variable arguments -for either matching or storing data. -The input string is split up using " " and "\et" as a delimiter; multiple -" " and "\et" in a row are considered to be the same. -.Pp -.Bl -tag -width "fXX" -offset indent -.It s -Matches a string using -.Xr strcmp 3 -(case sensitive). -.It f -Matches the string with -.Xr fnmatch 3 . -The -.Fa flags -argument (the last argument) passed to the fnmatch function is 0. -.It r -Returns a copy of the string in the char ** passed in; the copy must be -freed with -.Xr free 3 . -There is no need to -.Xr free 3 -the string on error: the function will clean up and set the pointer to -.Dv NULL . -.El -.Pp -All unknown format specifiers cause an error. -.Sh EXAMPLES -.Bd -literal -offset indent -char *s; - -ret = krb5_acl_match_string(context, "foo", "s", "foo"); -if (ret) - krb5_errx(context, 1, "acl didn't match"); -ret = krb5_acl_match_string(context, "foo foo baz/kaka", - "ss", "foo", &s, "foo/*"); -if (ret) { - /* no need to free(s) on error */ - assert(s == NULL); - krb5_errx(context, 1, "acl didn't match"); -} -free(s); -.Ed -.Sh SEE ALSO -.Xr krb5 3 diff --git a/crypto/heimdal/lib/krb5/krb5_address.3 b/crypto/heimdal/lib/krb5/krb5_address.3 deleted file mode 100644 index 06f7fa5cd02c..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_address.3 +++ /dev/null @@ -1,359 +0,0 @@ -.\" Copyright (c) 2003, 2005 - 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_address.3 17461 2006-05-05 13:13:18Z lha $ -.\" -.Dd May 1, 2006 -.Dt KRB5_ADDRESS 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_address , -.Nm krb5_addresses , -.Nm krb5_sockaddr2address , -.Nm krb5_sockaddr2port , -.Nm krb5_addr2sockaddr , -.Nm krb5_max_sockaddr_size , -.Nm krb5_sockaddr_uninteresting , -.Nm krb5_h_addr2sockaddr , -.Nm krb5_h_addr2addr , -.Nm krb5_anyaddr , -.Nm krb5_print_address , -.Nm krb5_parse_address , -.Nm krb5_address_order , -.Nm krb5_address_compare , -.Nm krb5_address_search , -.Nm krb5_free_address , -.Nm krb5_free_addresses , -.Nm krb5_copy_address , -.Nm krb5_copy_addresses , -.Nm krb5_append_addresses , -.Nm krb5_make_addrport -.Nd mange addresses in Kerberos -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Ft krb5_error_code -.Fo krb5_sockaddr2address -.Fa "krb5_context context" -.Fa "const struct sockaddr *sa" -.Fa "krb5_address *addr" -.Fc -.Ft krb5_error_code -.Fo krb5_sockaddr2port -.Fa "krb5_context context" -.Fa "const struct sockaddr *sa" -.Fa "int16_t *port" -.Fc -.Ft krb5_error_code -.Fo krb5_addr2sockaddr -.Fa "krb5_context context" -.Fa "const krb5_address *addr" -.Fa "struct sockaddr *sa" -.Fa "krb5_socklen_t *sa_size" -.Fa "int port" -.Fc -.Ft size_t -.Fo krb5_max_sockaddr_size -.Fa "void" -.Fc -.Ft "krb5_boolean" -.Fo krb5_sockaddr_uninteresting -.Fa "const struct sockaddr *sa" -.Fc -.Ft krb5_error_code -.Fo krb5_h_addr2sockaddr -.Fa "krb5_context context" -.Fa "int af" -.Fa "const char *addr" -.Fa "struct sockaddr *sa" -.Fa "krb5_socklen_t *sa_size" -.Fa "int port" -.Fc -.Ft krb5_error_code -.Fo krb5_h_addr2addr -.Fa "krb5_context context" -.Fa "int af" -.Fa "const char *haddr" -.Fa "krb5_address *addr" -.Fc -.Ft krb5_error_code -.Fo krb5_anyaddr -.Fa "krb5_context context" -.Fa "int af" -.Fa "struct sockaddr *sa" -.Fa "krb5_socklen_t *sa_size" -.Fa "int port" -.Fc -.Ft krb5_error_code -.Fo krb5_print_address -.Fa "const krb5_address *addr" -.Fa "char *str" -.Fa "size_t len" -.Fa "size_t *ret_len" -.Fc -.Ft krb5_error_code -.Fo krb5_parse_address -.Fa "krb5_context context" -.Fa "const char *string" -.Fa "krb5_addresses *addresses" -.Fc -.Ft int -.Fo "krb5_address_order" -.Fa "krb5_context context" -.Fa "const krb5_address *addr1" -.Fa "const krb5_address *addr2" -.Fc -.Ft "krb5_boolean" -.Fo krb5_address_compare -.Fa "krb5_context context" -.Fa "const krb5_address *addr1" -.Fa "const krb5_address *addr2" -.Fc -.Ft "krb5_boolean" -.Fo krb5_address_search -.Fa "krb5_context context" -.Fa "const krb5_address *addr" -.Fa "const krb5_addresses *addrlist" -.Fc -.Ft krb5_error_code -.Fo krb5_free_address -.Fa "krb5_context context" -.Fa "krb5_address *address" -.Fc -.Ft krb5_error_code -.Fo krb5_free_addresses -.Fa "krb5_context context" -.Fa "krb5_addresses *addresses" -.Fc -.Ft krb5_error_code -.Fo krb5_copy_address -.Fa "krb5_context context" -.Fa "const krb5_address *inaddr" -.Fa "krb5_address *outaddr" -.Fc -.Ft krb5_error_code -.Fo krb5_copy_addresses -.Fa "krb5_context context" -.Fa "const krb5_addresses *inaddr" -.Fa "krb5_addresses *outaddr" -.Fc -.Ft krb5_error_code -.Fo krb5_append_addresses -.Fa "krb5_context context" -.Fa "krb5_addresses *dest" -.Fa "const krb5_addresses *source" -.Fc -.Ft krb5_error_code -.Fo krb5_make_addrport -.Fa "krb5_context context" -.Fa "krb5_address **res" -.Fa "const krb5_address *addr" -.Fa "int16_t port" -.Fc -.Sh DESCRIPTION -The -.Li krb5_address -structure holds a address that can be used in Kerberos API -calls. There are help functions to set and extract address information -of the address. -.Pp -The -.Li krb5_addresses -structure holds a set of krb5_address:es. -.Pp -.Fn krb5_sockaddr2address -stores a address a -.Li "struct sockaddr" -.Fa sa -in the krb5_address -.Fa addr . -.Pp -.Fn krb5_sockaddr2port -extracts a -.Fa port -(if possible) from a -.Li "struct sockaddr" -.Fa sa . -.Pp -.Fn krb5_addr2sockaddr -sets the -struct sockaddr -.Fa sockaddr -from -.Fa addr -and -.Fa port . -The argument -.Fa sa_size -should initially contain the size of the -.Fa sa , -and after the call, it will contain the actual length of the address. -.Pp -.Fn krb5_max_sockaddr_size -returns the max size of the -.Li struct sockaddr -that the Kerberos library will return. -.Pp -.Fn krb5_sockaddr_uninteresting -returns -.Dv TRUE -for all -.Fa sa -that the kerberos library thinks are uninteresting. -One example are link local addresses. -.Pp -.Fn krb5_h_addr2sockaddr -initializes a -.Li "struct sockaddr" -.Fa sa -from -.Fa af -and the -.Li "struct hostent" -(see -.Xr gethostbyname 3 ) -.Fa h_addr_list -component. -The argument -.Fa sa_size -should initially contain the size of the -.Fa sa , -and after the call, it will contain the actual length of the address. -.Pp -.Fn krb5_h_addr2addr -works like -.Fn krb5_h_addr2sockaddr -with the exception that it operates on a -.Li krb5_address -instead of a -.Li struct sockaddr . -.Pp -.Fn krb5_anyaddr -fills in a -.Li "struct sockaddr" -.Fa sa -that can be used to -.Xr bind 2 -to. -The argument -.Fa sa_size -should initially contain the size of the -.Fa sa , -and after the call, it will contain the actual length of the address. -.Pp -.Fn krb5_print_address -prints the address in -.Fa addr -to the string -.Fa string -that have the length -.Fa len . -If -.Fa ret_len -is not -.Dv NULL , -it will be filled with the length of the string if size were unlimited (not -including the final -.Ql \e0 ) . -.Pp -.Fn krb5_parse_address -Returns the resolved hostname in -.Fa string -to the -.Li krb5_addresses -.Fa addresses . -.Pp -.Fn krb5_address_order -compares the addresses -.Fa addr1 -and -.Fa addr2 -so that it can be used for sorting addresses. If the addresses are the -same address -.Fa krb5_address_order -will return 0. -.Pp -.Fn krb5_address_compare -compares the addresses -.Fa addr1 -and -.Fa addr2 . -Returns -.Dv TRUE -if the two addresses are the same. -.Pp -.Fn krb5_address_search -checks if the address -.Fa addr -is a member of the address set list -.Fa addrlist . -.Pp -.Fn krb5_free_address -frees the data stored in the -.Fa address -that is alloced with any of the krb5_address functions. -.Pp -.Fn krb5_free_addresses -frees the data stored in the -.Fa addresses -that is alloced with any of the krb5_address functions. -.Pp -.Fn krb5_copy_address -copies the content of address -.Fa inaddr -to -.Fa outaddr . -.Pp -.Fn krb5_copy_addresses -copies the content of the address list -.Fa inaddr -to -.Fa outaddr . -.Pp -.Fn krb5_append_addresses -adds the set of addresses in -.Fa source -to -.Fa dest . -While copying the addresses, duplicates are also sorted out. -.Pp -.Fn krb5_make_addrport -allocates and creates an -krb5_address in -.Fa res -of type KRB5_ADDRESS_ADDRPORT from -.Fa ( addr , port ) . -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5.conf 5 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_aname_to_localname.3 b/crypto/heimdal/lib/krb5/krb5_aname_to_localname.3 deleted file mode 100644 index a0c3e4b41507..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_aname_to_localname.3 +++ /dev/null @@ -1,80 +0,0 @@ -.\" Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_aname_to_localname.3 22071 2007-11-14 20:04:50Z lha $ -.\" -.Dd February 18, 2006 -.Dt KRB5_ANAME_TO_LOCALNAME 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_aname_to_localname -.Nd converts a principal to a system local name -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_boolean -.Fo krb5_aname_to_localname -.Fa "krb5_context context" -.Fa "krb5_const_principal name" -.Fa "size_t lnsize" -.Fa "char *lname" -.Fc -.Sh DESCRIPTION -This function takes a principal -.Fa name , -verifies that it is in the local realm (using -.Fn krb5_get_default_realms ) -and then returns the local name of the principal. -.Pp -If -.Fa name -isn't in one of the local realms an error is returned. -.Pp -If the size -.Fa ( lnsize ) -of the local name -.Fa ( lname ) -is too small, an error is returned. -.Pp -.Fn krb5_aname_to_localname -should only be use by an application that implements protocols that -don't transport the login name and thus needs to convert a principal -to a local name. -.Pp -Protocols should be designed so that they authenticate using -Kerberos, send over the login name and then verify the principal -that is authenticated is allowed to login and the login name. -A way to check if a user is allowed to login is using the function -.Fn krb5_kuserok . -.Sh SEE ALSO -.Xr krb5_get_default_realms 3 , -.Xr krb5_kuserok 3 diff --git a/crypto/heimdal/lib/krb5/krb5_appdefault.3 b/crypto/heimdal/lib/krb5/krb5_appdefault.3 deleted file mode 100644 index f5b532937db4..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_appdefault.3 +++ /dev/null @@ -1,88 +0,0 @@ -.\" Copyright (c) 2000 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_appdefault.3 12329 2003-05-26 14:09:04Z lha $ -.\" -.Dd July 25, 2000 -.Dt KRB5_APPDEFAULT 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_appdefault_boolean , -.Nm krb5_appdefault_string , -.Nm krb5_appdefault_time -.Nd get application configuration value -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft void -.Fn krb5_appdefault_boolean "krb5_context context" "const char *appname" "krb5_realm realm" "const char *option" "krb5_boolean def_val" "krb5_boolean *ret_val" -.Ft void -.Fn krb5_appdefault_string "krb5_context context" "const char *appname" "krb5_realm realm" "const char *option" "const char *def_val" "char **ret_val" -.Ft void -.Fn krb5_appdefault_time "krb5_context context" "const char *appname" "krb5_realm realm" "const char *option" "time_t def_val" "time_t *ret_val" -.Sh DESCRIPTION -These functions get application defaults from the -.Dv appdefaults -section of the -.Xr krb5.conf 5 -configuration file. These defaults can be specified per application, -and/or per realm. -.Pp -These values will be looked for in -.Xr krb5.conf 5 , -in order of descending importance. -.Bd -literal -offset indent -[appdefaults] - appname = { - realm = { - option = value - } - } - appname = { - option = value - } - realm = { - option = value - } - option = value -.Ed -.Fa appname -is the name of the application, and -.Fa realm -is the realm name. If the realm is omitted it will not be used for -resolving values. -.Fa def_val -is the value to return if no value is found in -.Xr krb5.conf 5 . -.Sh SEE ALSO -.Xr krb5_config 3 , -.Xr krb5.conf 5 diff --git a/crypto/heimdal/lib/krb5/krb5_auth_context.3 b/crypto/heimdal/lib/krb5/krb5_auth_context.3 deleted file mode 100644 index 66d150ef8589..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_auth_context.3 +++ /dev/null @@ -1,395 +0,0 @@ -.\" Copyright (c) 2001 - 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_auth_context.3 15240 2005-05-25 13:47:58Z lha $ -.\" -.Dd May 17, 2005 -.Dt KRB5_AUTH_CONTEXT 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_auth_con_addflags , -.Nm krb5_auth_con_free , -.Nm krb5_auth_con_genaddrs , -.Nm krb5_auth_con_generatelocalsubkey , -.Nm krb5_auth_con_getaddrs , -.Nm krb5_auth_con_getauthenticator , -.Nm krb5_auth_con_getflags , -.Nm krb5_auth_con_getkey , -.Nm krb5_auth_con_getlocalsubkey , -.Nm krb5_auth_con_getrcache , -.Nm krb5_auth_con_getremotesubkey , -.Nm krb5_auth_con_getuserkey , -.Nm krb5_auth_con_init , -.Nm krb5_auth_con_initivector , -.Nm krb5_auth_con_removeflags , -.Nm krb5_auth_con_setaddrs , -.Nm krb5_auth_con_setaddrs_from_fd , -.Nm krb5_auth_con_setflags , -.Nm krb5_auth_con_setivector , -.Nm krb5_auth_con_setkey , -.Nm krb5_auth_con_setlocalsubkey , -.Nm krb5_auth_con_setrcache , -.Nm krb5_auth_con_setremotesubkey , -.Nm krb5_auth_con_setuserkey , -.Nm krb5_auth_context , -.Nm krb5_auth_getcksumtype , -.Nm krb5_auth_getkeytype , -.Nm krb5_auth_getlocalseqnumber , -.Nm krb5_auth_getremoteseqnumber , -.Nm krb5_auth_setcksumtype , -.Nm krb5_auth_setkeytype , -.Nm krb5_auth_setlocalseqnumber , -.Nm krb5_auth_setremoteseqnumber , -.Nm krb5_free_authenticator -.Nd manage authentication on connection level -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fo krb5_auth_con_init -.Fa "krb5_context context" -.Fa "krb5_auth_context *auth_context" -.Fc -.Ft void -.Fo krb5_auth_con_free -.Fa "krb5_context context" -.Fa "krb5_auth_context auth_context" -.Fc -.Ft krb5_error_code -.Fo krb5_auth_con_setflags -.Fa "krb5_context context" -.Fa "krb5_auth_context auth_context" -.Fa "int32_t flags" -.Fc -.Ft krb5_error_code -.Fo krb5_auth_con_getflags -.Fa "krb5_context context" -.Fa "krb5_auth_context auth_context" -.Fa "int32_t *flags" -.Fc -.Ft krb5_error_code -.Fo krb5_auth_con_addflags -.Fa "krb5_context context" -.Fa "krb5_auth_context auth_context" -.Fa "int32_t addflags" -.Fa "int32_t *flags" -.Fc -.Ft krb5_error_code -.Fo krb5_auth_con_removeflags -.Fa "krb5_context context" -.Fa "krb5_auth_context auth_context" -.Fa "int32_t removelags" -.Fa "int32_t *flags" -.Fc -.Ft krb5_error_code -.Fo krb5_auth_con_setaddrs -.Fa "krb5_context context" -.Fa "krb5_auth_context auth_context" -.Fa "krb5_address *local_addr" -.Fa "krb5_address *remote_addr" -.Fc -.Ft krb5_error_code -.Fo krb5_auth_con_getaddrs -.Fa "krb5_context context" -.Fa "krb5_auth_context auth_context" -.Fa "krb5_address **local_addr" -.Fa "krb5_address **remote_addr" -.Fc -.Ft krb5_error_code -.Fo krb5_auth_con_genaddrs -.Fa "krb5_context context" -.Fa "krb5_auth_context auth_context" -.Fa "int fd" -.Fa "int flags" -.Fc -.Ft krb5_error_code -.Fo krb5_auth_con_setaddrs_from_fd -.Fa "krb5_context context" -.Fa "krb5_auth_context auth_context" -.Fa "void *p_fd" -.Fc -.Ft krb5_error_code -.Fo krb5_auth_con_getkey -.Fa "krb5_context context" -.Fa "krb5_auth_context auth_context" -.Fa "krb5_keyblock **keyblock" -.Fc -.Ft krb5_error_code -.Fo krb5_auth_con_getlocalsubkey -.Fa "krb5_context context" -.Fa "krb5_auth_context auth_context" -.Fa "krb5_keyblock **keyblock" -.Fc -.Ft krb5_error_code -.Fo krb5_auth_con_getremotesubkey -.Fa "krb5_context context" -.Fa "krb5_auth_context auth_context" -.Fa "krb5_keyblock **keyblock" -.Fc -.Ft krb5_error_code -.Fo krb5_auth_con_generatelocalsubkey -.Fa "krb5_context context" -.Fa "krb5_auth_context auth_context" -.Fa krb5_keyblock *key" -.Fc -.Ft krb5_error_code -.Fo krb5_auth_con_initivector -.Fa "krb5_context context" -.Fa "krb5_auth_context auth_context" -.Fc -.Ft krb5_error_code -.Fo krb5_auth_con_setivector -.Fa "krb5_context context" -.Fa "krb5_auth_context *auth_context" -.Fa "krb5_pointer ivector" -.Fc -.Ft void -.Fo krb5_free_authenticator -.Fa "krb5_context context" -.Fa "krb5_authenticator *authenticator" -.Fc -.Sh DESCRIPTION -The -.Nm krb5_auth_context -structure holds all context related to an authenticated connection, in -a similar way to -.Nm krb5_context -that holds the context for the thread or process. -.Nm krb5_auth_context -is used by various functions that are directly related to -authentication between the server/client. Example of data that this -structure contains are various flags, addresses of client and server, -port numbers, keyblocks (and subkeys), sequence numbers, replay cache, -and checksum-type. -.Pp -.Fn krb5_auth_con_init -allocates and initializes the -.Nm krb5_auth_context -structure. Default values can be changed with -.Fn krb5_auth_con_setcksumtype -and -.Fn krb5_auth_con_setflags . -The -.Nm auth_context -structure must be freed by -.Fn krb5_auth_con_free . -.Pp -.Fn krb5_auth_con_getflags , -.Fn krb5_auth_con_setflags , -.Fn krb5_auth_con_addflags -and -.Fn krb5_auth_con_removeflags -gets and modifies the flags for a -.Nm krb5_auth_context -structure. Possible flags to set are: -.Bl -tag -width Ds -.It Dv KRB5_AUTH_CONTEXT_DO_SEQUENCE -Generate and check sequence-number on each packet. -.It Dv KRB5_AUTH_CONTEXT_DO_TIME -Check timestamp on incoming packets. -.It Dv KRB5_AUTH_CONTEXT_RET_SEQUENCE , Dv KRB5_AUTH_CONTEXT_RET_TIME -Return sequence numbers and time stamps in the outdata parameters. -.It Dv KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED -will force -.Fn krb5_get_forwarded_creds -and -.Fn krb5_fwd_tgt_creds -to create unencrypted ) -.Dv ENCTYPE_NULL ) -credentials. -This is for use with old MIT server and JAVA based servers as -they can't handle encrypted -.Dv KRB-CRED . -Note that sending such -.Dv KRB-CRED -is clear exposes crypto keys and tickets and is insecure, -make sure the packet is encrypted in the protocol. -.Xr krb5_rd_cred 3 , -.Xr krb5_rd_priv 3 , -.Xr krb5_rd_safe 3 , -.Xr krb5_mk_priv 3 -and -.Xr krb5_mk_safe 3 . -Setting this flag requires that parameter to be passed to these -functions. -.Pp -The flags -.Dv KRB5_AUTH_CONTEXT_DO_TIME -also modifies the behavior the function -.Fn krb5_get_forwarded_creds -by removing the timestamp in the forward credential message, this have -backward compatibility problems since not all versions of the heimdal -supports timeless credentional messages. -Is very useful since it always the sender of the message to cache -forward message and thus avoiding a round trip to the KDC for each -time a credential is forwarded. -The same functionality can be obtained by using address-less tickets. -.\".It Dv KRB5_AUTH_CONTEXT_PERMIT_ALL -.El -.Pp -.Fn krb5_auth_con_setaddrs , -.Fn krb5_auth_con_setaddrs_from_fd -and -.Fn krb5_auth_con_getaddrs -gets and sets the addresses that are checked when a packet is received. -It is mandatory to set an address for the remote -host. If the local address is not set, it iss deduced from the underlaying -operating system. -.Fn krb5_auth_con_getaddrs -will call -.Fn krb5_free_address -on any address that is passed in -.Fa local_addr -or -.Fa remote_addr . -.Fn krb5_auth_con_setaddr -allows passing in a -.Dv NULL -pointer as -.Fa local_addr -and -.Fa remote_addr , -in that case it will just not set that address. -.Pp -.Fn krb5_auth_con_setaddrs_from_fd -fetches the addresses from a file descriptor. -.Pp -.Fn krb5_auth_con_genaddrs -fetches the address information from the given file descriptor -.Fa fd -depending on the bitmap argument -.Fa flags . -.Pp -Possible values on -.Fa flags -are: -.Bl -tag -width Ds -.It Va KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR -fetches the local address from -.Fa fd . -.It Va KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR -fetches the remote address from -.Fa fd . -.El -.Pp -.Fn krb5_auth_con_setkey , -.Fn krb5_auth_con_setuserkey -and -.Fn krb5_auth_con_getkey -gets and sets the key used for this auth context. The keyblock returned by -.Fn krb5_auth_con_getkey -should be freed with -.Fn krb5_free_keyblock . -The keyblock send into -.Fn krb5_auth_con_setkey -is copied into the -.Nm krb5_auth_context , -and thus no special handling is needed. -.Dv NULL -is not a valid keyblock to -.Fn krb5_auth_con_setkey . -.Pp -.Fn krb5_auth_con_setuserkey -is only useful when doing user to user authentication. -.Fn krb5_auth_con_setkey -is equivalent to -.Fn krb5_auth_con_setuserkey . -.Pp -.Fn krb5_auth_con_getlocalsubkey , -.Fn krb5_auth_con_setlocalsubkey , -.Fn krb5_auth_con_getremotesubkey -and -.Fn krb5_auth_con_setremotesubkey -gets and sets the keyblock for the local and remote subkey. -The keyblock returned by -.Fn krb5_auth_con_getlocalsubkey -and -.Fn krb5_auth_con_getremotesubkey -must be freed with -.Fn krb5_free_keyblock . -.Pp -.Fn krb5_auth_setcksumtype -and -.Fn krb5_auth_getcksumtype -sets and gets the checksum type that should be used for this -connection. -.Pp -.Fn krb5_auth_con_generatelocalsubkey -generates a local subkey that have the same encryption type as -.Fa key . -.Pp -.Fn krb5_auth_getremoteseqnumber -.Fn krb5_auth_setremoteseqnumber , -.Fn krb5_auth_getlocalseqnumber -and -.Fn krb5_auth_setlocalseqnumber -gets and sets the sequence-number for the local and remote -sequence-number counter. -.Pp -.Fn krb5_auth_setkeytype -and -.Fn krb5_auth_getkeytype -gets and gets the keytype of the keyblock in -.Nm krb5_auth_context . -.Pp -.Fn krb5_auth_con_getauthenticator -Retrieves the authenticator that was used during mutual -authentication. The -.Dv authenticator -returned should be freed by calling -.Fn krb5_free_authenticator . -.Pp -.Fn krb5_auth_con_getrcache -and -.Fn krb5_auth_con_setrcache -gets and sets the replay-cache. -.Pp -.Fn krb5_auth_con_initivector -allocates memory for and zeros the initial vector in the -.Fa auth_context -keyblock. -.Pp -.Fn krb5_auth_con_setivector -sets the i_vector portion of -.Fa auth_context -to -.Fa ivector . -.Pp -.Fn krb5_free_authenticator -free the content of -.Fa authenticator -and -.Fa authenticator -itself. -.Sh SEE ALSO -.Xr krb5_context 3 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_build_principal.3 b/crypto/heimdal/lib/krb5/krb5_build_principal.3 deleted file mode 100644 index e74c7543bd74..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_build_principal.3 +++ /dev/null @@ -1,101 +0,0 @@ -.\" Copyright (c) 1997, 2001 - 2002 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_build_principal.3,v 1.7 2003/04/16 13:58:14 lha Exp $ -.\" -.Dd August 8, 1997 -.Dt KRB5_BUILD_PRINCIPAL 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_build_principal , -.Nm krb5_build_principal_ext , -.Nm krb5_build_principal_va , -.Nm krb5_build_principal_va_ext , -.Nm krb5_make_principal -.Nd principal creation functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fn krb5_build_principal "krb5_context context" "krb5_principal *principal" "int realm_len" "krb5_const_realm realm" "..." -.Ft krb5_error_code -.Fn krb5_build_principal_ext "krb5_context context" "krb5_principal *principal" "int realm_len" "krb5_const_realm realm" "..." -.Ft krb5_error_code -.Fn krb5_build_principal_va "krb5_context context" "krb5_principal *principal" "int realm_len" "krb5_const_realm realm" "va_list ap" -.Ft krb5_error_code -.Fn krb5_build_principal_va_ext "krb5_context context" "krb5_principal *principal" "int realm_len" "krb5_const_realm realm" "va_list ap" -.Ft krb5_error_code -.Fn krb5_make_principal "krb5_context context" "krb5_principal *principal" "krb5_const_realm realm" "..." -.Sh DESCRIPTION -These functions create a Kerberos 5 principal from a realm and a list -of components. -All of these functions return an allocated principal in the -.Fa principal -parameter, this should be freed with -.Fn krb5_free_principal -after use. -.Pp -The -.Dq build -functions take a -.Fa realm -and the length of the realm. The -.Fn krb5_build_principal -and -.Fn krb5_build_principal_va -also takes a list of components (zero-terminated strings), terminated -with -.Dv NULL . -The -.Fn krb5_build_principal_ext -and -.Fn krb5_build_principal_va_ext -takes a list of length-value pairs, the list is terminated with a zero -length. -.Pp -The -.Fn krb5_make_principal -is a wrapper around -.Fn krb5_build_principal . -If the realm is -.Dv NULL , -the default realm will be used. -.Sh BUGS -You can not have a NUL in a component. Until someone can give a good -example of where it would be a good idea to have NUL's in a component, -this will not be fixed. -.Sh SEE ALSO -.Xr krb5_425_conv_principal 3 , -.Xr krb5_free_principal 3 , -.Xr krb5_parse_name 3 , -.Xr krb5_sname_to_principal 3 , -.Xr krb5_unparse_name 3 diff --git a/crypto/heimdal/lib/krb5/krb5_c_make_checksum.3 b/crypto/heimdal/lib/krb5/krb5_c_make_checksum.3 deleted file mode 100644 index a323ccee1d32..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_c_make_checksum.3 +++ /dev/null @@ -1,297 +0,0 @@ -.\" Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_c_make_checksum.3 19066 2006-11-17 22:09:25Z lha $ -.\" -.Dd Nov 17, 2006 -.Dt KRB5_C_MAKE_CHECKSUM 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_c_block_size , -.Nm krb5_c_decrypt , -.Nm krb5_c_encrypt , -.Nm krb5_c_encrypt_length , -.Nm krb5_c_enctype_compare , -.Nm krb5_c_get_checksum , -.Nm krb5_c_is_coll_proof_cksum , -.Nm krb5_c_is_keyed_cksum , -.Nm krb5_c_keylength , -.Nm krb5_c_make_checksum , -.Nm krb5_c_make_random_key , -.Nm krb5_c_set_checksum , -.Nm krb5_c_valid_cksumtype , -.Nm krb5_c_valid_enctype , -.Nm krb5_c_verify_checksum , -.Nm krb5_c_checksum_length -.Nd Kerberos 5 crypto API -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Ft krb5_error_code -.Fo krb5_c_block_size -.Fa "krb5_context context" -.Fa "krb5_enctype enctype" -.Fa "size_t *blocksize" -.Fc -.Ft krb5_error_code -.Fo krb5_c_decrypt -.Fa "krb5_context context" -.Fa "const krb5_keyblock key" -.Fa "krb5_keyusage usage" -.Fa "const krb5_data *ivec" -.Fa "krb5_enc_data *input" -.Fa "krb5_data *output" -.Fc -.Ft krb5_error_code -.Fo krb5_c_encrypt -.Fa "krb5_context context" -.Fa "const krb5_keyblock *key" -.Fa "krb5_keyusage usage" -.Fa "const krb5_data *ivec" -.Fa "const krb5_data *input" -.Fa "krb5_enc_data *output" -.Fc -.Ft krb5_error_code -.Fo krb5_c_encrypt_length -.Fa "krb5_context context" -.Fa "krb5_enctype enctype" -.Fa "size_t inputlen" -.Fa "size_t *length" -.Fc -.Ft krb5_error_code -.Fo krb5_c_enctype_compare -.Fa "krb5_context context" -.Fa "krb5_enctype e1" -.Fa "krb5_enctype e2" -.Fa "krb5_boolean *similar" -.Fc -.Ft krb5_error_code -.Fo krb5_c_make_random_key -.Fa "krb5_context context" -.Fa "krb5_enctype enctype" -.Fa "krb5_keyblock *random_key" -.Fc -.Ft krb5_error_code -.Fo krb5_c_make_checksum -.Fa "krb5_context context" -.Fa "krb5_cksumtype cksumtype" -.Fa "const krb5_keyblock *key" -.Fa "krb5_keyusage usage" -.Fa "const krb5_data *input" -.Fa "krb5_checksum *cksum" -.Fc -.Ft krb5_error_code -.Fo krb5_c_verify_checksum -.Fa "krb5_context context -.Fa "const krb5_keyblock *key" -.Fa "krb5_keyusage usage" -.Fa "const krb5_data *data" -.Fa "const krb5_checksum *cksum" -.Fa "krb5_boolean *valid" -.Fc -.Ft krb5_error_code -.Fo krb5_c_checksum_length -.Fa "krb5_context context" -.Fa "krb5_cksumtype cksumtype" -.Fa "size_t *length" -.Fc -.Ft krb5_error_code -.Fo krb5_c_get_checksum -.Fa "krb5_context context" -.Fa "const krb5_checksum *cksum" -.Fa "krb5_cksumtype *type" -.Fa "krb5_data **data" -.Fc -.Ft krb5_error_code -.Fo krb5_c_set_checksum -.Fa "krb5_context context" -.Fa "krb5_checksum *cksum" -.Fa "krb5_cksumtype type" -.Fa "const krb5_data *data" -.Fc -.Ft krb5_boolean -.Fo krb5_c_valid_enctype -.Fa krb5_enctype etype" -.Fc -.Ft krb5_boolean -.Fo krb5_c_valid_cksumtype -.Fa "krb5_cksumtype ctype" -.Fc -.Ft krb5_boolean -.Fo krb5_c_is_coll_proof_cksum -.Fa "krb5_cksumtype ctype" -.Fc -.Ft krb5_boolean -.Fo krb5_c_is_keyed_cksum -.Fa "krb5_cksumtype ctype" -.Fc -.Ft krb5_error_code -.Fo krb5_c_keylengths -.Fa "krb5_context context" -.Fa "krb5_enctype enctype" -.Fa "size_t *inlength" -.Fa "size_t *keylength" -.Fc -.Sh DESCRIPTION -The functions starting with krb5_c are compat functions with MIT kerberos. -.Pp -The -.Li krb5_enc_data -structure holds and encrypted data. -There are two public accessable members of -.Li krb5_enc_data . -.Li enctype -that holds the encryption type of the data encrypted and -.Li ciphertext -that is a -.Ft krb5_data -that might contain the encrypted data. -.Pp -.Fn krb5_c_block_size -returns the blocksize of the encryption type. -.Pp -.Fn krb5_c_decrypt -decrypts -.Fa input -and store the data in -.Fa output. -If -.Fa ivec -is -.Dv NULL -the default initialization vector for that encryption type will be used. -.Pp -.Fn krb5_c_encrypt -encrypts the plaintext in -.Fa input -and store the ciphertext in -.Fa output . -.Pp -.Fn krb5_c_encrypt_length -returns the length the encrypted data given the plaintext length. -.Pp -.Fn krb5_c_enctype_compare -compares to encryption types and returns if they use compatible -encryption key types. -.Pp -.Fn krb5_c_make_checksum -creates a checksum -.Fa cksum -with the checksum type -.Fa cksumtype -of the data in -.Fa data . -.Fa key -and -.Fa usage -are used if the checksum is a keyed checksum type. -Returns 0 or an error code. -.Pp -.Fn krb5_c_verify_checksum -verifies the checksum -of -.Fa data -in -.Fa cksum -that was created with -.Fa key -using the key usage -.Fa usage . -.Fa verify -is set to non-zero if the checksum verifies correctly and zero if not. -Returns 0 or an error code. -.Pp -.Fn krb5_c_checksum_length -returns the length of the checksum. -.Pp -.Fn krb5_c_set_checksum -sets the -.Li krb5_checksum -structure given -.Fa type -and -.Fa data . -The content of -.Fa cksum -should be freeed with -.Fn krb5_c_free_checksum_contents . -.Pp -.Fn krb5_c_get_checksum -retrieves the components of the -.Li krb5_checksum . -structure. -.Fa data -should be free with -.Fn krb5_free_data . -If some either of -.Fa data -or -.Fa checksum -is not needed for the application, -.Dv NULL -can be passed in. -.Pp -.Fn krb5_c_valid_enctype -returns true if -.Fa etype -is a valid encryption type. -.Pp -.Fn krb5_c_valid_cksumtype -returns true if -.Fa ctype -is a valid checksum type. -.Pp -.Fn krb5_c_is_keyed_cksum -return true if -.Fa ctype -is a keyed checksum type. -.Pp -.Fn krb5_c_is_coll_proof_cksum -returns true if -.Fa ctype -is a collition proof checksum type. -.Pp -.Fn krb5_c_keylengths -return the minimum length ( -.Fa inlength ) -bytes needed to create a key and the -length ( -.Fa keylength ) -of the resulting key -for the -.Fa enctype . -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_create_checksum 3 , -.Xr krb5_free_data 3 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_ccache.3 b/crypto/heimdal/lib/krb5/krb5_ccache.3 deleted file mode 100644 index 3fca5956e7dd..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_ccache.3 +++ /dev/null @@ -1,517 +0,0 @@ -.\" Copyright (c) 2003 - 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_ccache.3 22071 2007-11-14 20:04:50Z lha $ -.\" -.Dd October 19, 2005 -.Dt KRB5_CCACHE 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_ccache , -.Nm krb5_cc_cursor , -.Nm krb5_cc_ops , -.Nm krb5_fcc_ops , -.Nm krb5_mcc_ops , -.Nm krb5_cc_clear_mcred , -.Nm krb5_cc_close , -.Nm krb5_cc_copy_cache , -.Nm krb5_cc_default , -.Nm krb5_cc_default_name , -.Nm krb5_cc_destroy , -.Nm krb5_cc_end_seq_get , -.Nm krb5_cc_gen_new , -.Nm krb5_cc_get_full_name , -.Nm krb5_cc_get_name , -.Nm krb5_cc_get_ops , -.Nm krb5_cc_get_prefix_ops , -.Nm krb5_cc_get_principal , -.Nm krb5_cc_get_type , -.Nm krb5_cc_get_version , -.Nm krb5_cc_initialize , -.Nm krb5_cc_next_cred , -.Nm krb5_cc_next_cred_match , -.Nm krb5_cc_new_unique , -.Nm krb5_cc_register , -.Nm krb5_cc_remove_cred , -.Nm krb5_cc_resolve , -.Nm krb5_cc_retrieve_cred , -.Nm krb5_cc_set_default_name , -.Nm krb5_cc_set_flags , -.Nm krb5_cc_start_seq_get , -.Nm krb5_cc_store_cred -.Nd mange credential cache -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Li "struct krb5_ccache;" -.Pp -.Li "struct krb5_cc_cursor;" -.Pp -.Li "struct krb5_cc_ops;" -.Pp -.Li "struct krb5_cc_ops *krb5_fcc_ops;" -.Pp -.Li "struct krb5_cc_ops *krb5_mcc_ops;" -.Pp -.Ft void -.Fo krb5_cc_clear_mcred -.Fa "krb5_creds *mcred" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_close -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_copy_cache -.Fa "krb5_context context" -.Fa "const krb5_ccache from" -.Fa "krb5_ccache to" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_default -.Fa "krb5_context context" -.Fa "krb5_ccache *id" -.Fc -.Ft "const char *" -.Fo krb5_cc_default_name -.Fa "krb5_context context" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_destroy -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_end_seq_get -.Fa "krb5_context context" -.Fa "const krb5_ccache id" -.Fa "krb5_cc_cursor *cursor" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_gen_new -.Fa "krb5_context context" -.Fa "const krb5_cc_ops *ops" -.Fa "krb5_ccache *id" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_get_full_name -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fa "char **str" -.Fc -.Ft "const char *" -.Fo krb5_cc_get_name -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_get_principal -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fa "krb5_principal *principal" -.Fc -.Ft "const char *" -.Fo krb5_cc_get_type -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fc -.Ft "const krb5_cc_ops *" -.Fo krb5_cc_get_ops -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fc -.Ft "const krb5_cc_ops *" -.Fo krb5_cc_get_prefix_ops -.Fa "krb5_context context" -.Fa "const char *prefix" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_get_version -.Fa "krb5_context context" -.Fa "const krb5_ccache id" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_initialize -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fa "krb5_principal primary_principal" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_register -.Fa "krb5_context context" -.Fa "const krb5_cc_ops *ops" -.Fa "krb5_boolean override" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_resolve -.Fa "krb5_context context" -.Fa "const char *name" -.Fa "krb5_ccache *id" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_retrieve_cred -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fa "krb5_flags whichfields" -.Fa "const krb5_creds *mcreds" -.Fa "krb5_creds *creds" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_remove_cred -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fa "krb5_flags which" -.Fa "krb5_creds *cred" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_set_default_name -.Fa "krb5_context context" -.Fa "const char *name" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_start_seq_get -.Fa "krb5_context context" -.Fa "const krb5_ccache id" -.Fa "krb5_cc_cursor *cursor" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_store_cred -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fa "krb5_creds *creds" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_set_flags -.Fa "krb5_context context" -.Fa "krb5_cc_set_flags id" -.Fa "krb5_flags flags" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_next_cred -.Fa "krb5_context context" -.Fa "const krb5_ccache id" -.Fa "krb5_cc_cursor *cursor" -.Fa "krb5_creds *creds" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_next_cred_match -.Fa "krb5_context context" -.Fa "const krb5_ccache id" -.Fa "krb5_cc_cursor *cursor" -.Fa "krb5_creds *creds" -.Fa "krb5_flags whichfields" -.Fa "const krb5_creds *mcreds" -.Fc -.Ft krb5_error_code -.Fo krb5_cc_new_unique -.Fa "krb5_context context" -.Fa "const char *type" -.Fa "const char *hint" -.Fa "krb5_ccache *id" -.Fc -.Sh DESCRIPTION -The -.Li krb5_ccache -structure holds a Kerberos credential cache. -.Pp -The -.Li krb5_cc_cursor -structure holds current position in a credential cache when -iterating over the cache. -.Pp -The -.Li krb5_cc_ops -structure holds a set of operations that can me preformed on a -credential cache. -.Pp -There is no component inside -.Li krb5_ccache , -.Li krb5_cc_cursor -nor -.Li krb5_fcc_ops -that is directly referable. -.Pp -The -.Li krb5_creds -holds a Kerberos credential, see manpage for -.Xr krb5_creds 3 . -.Pp -.Fn krb5_cc_default_name -and -.Fn krb5_cc_set_default_name -gets and sets the default name for the -.Fa context . -.Pp -.Fn krb5_cc_default -opens the default credential cache in -.Fa id . -Return 0 or an error code. -.Pp -.Fn krb5_cc_gen_new -generates a new credential cache of type -.Fa ops -in -.Fa id . -Return 0 or an error code. -The Heimdal version of this function also runs -.Fn krb5_cc_initialize -on the credential cache, but since the MIT version doesn't, portable -code must call krb5_cc_initialize. -.Pp -.Fn krb5_cc_new_unique -generates a new unique credential cache of -.Fa type -in -.Fa id . -If type is -.Dv NULL , -the library chooses the default credential cache type. -The supplied -.Fa hint -(that can be -.Dv NULL ) -is a string that the credential cache type can use to base the name of -the credential on, this is to make it easier for the user to -differentiate the credentials. -The returned credential cache -.Fa id -should be freed using -.Fn krb5_cc_close -or -.Fn krb5_cc_destroy . -Returns 0 or an error code. -.Pp -.Fn krb5_cc_resolve -finds and allocates a credential cache in -.Fa id -from the specification in -.Fa residual . -If the credential cache name doesn't contain any colon (:), interpret it as a -file name. -Return 0 or an error code. -.Pp -.Fn krb5_cc_initialize -creates a new credential cache in -.Fa id -for -.Fa primary_principal . -Return 0 or an error code. -.Pp -.Fn krb5_cc_close -stops using the credential cache -.Fa id -and frees the related resources. -Return 0 or an error code. -.Fn krb5_cc_destroy -removes the credential cache -and closes (by calling -.Fn krb5_cc_close ) -.Fa id . -Return 0 or an error code. -.Pp -.Fn krb5_cc_copy_cache -copys the contents of -.Fa from -to -.Fa to . -.Pp -.Fn krb5_cc_get_full_name -returns the complete resolvable name of the credential cache -.Fa id -in -.Fa str . -.Fa str -should be freed with -.Xr free 3 . -Returns 0 or an error, on error -.Fa *str -is set to -.Dv NULL . -.Pp -.Fn krb5_cc_get_name -returns the name of the credential cache -.Fa id . -.Pp -.Fn krb5_cc_get_principal -returns the principal of -.Fa id -in -.Fa principal . -Return 0 or an error code. -.Pp -.Fn krb5_cc_get_type -returns the type of the credential cache -.Fa id . -.Pp -.Fn krb5_cc_get_ops -returns the ops of the credential cache -.Fa id . -.Pp -.Fn krb5_cc_get_version -returns the version of -.Fa id . -.Pp -.Fn krb5_cc_register -Adds a new credential cache type with operations -.Fa ops , -overwriting any existing one if -.Fa override . -Return an error code or 0. -.Pp -.Fn krb5_cc_get_prefix_ops -Get the cc ops that is registered in -.Fa context -to handle the -.Fa prefix . -Returns -.Dv NULL -if ops not found. -.Pp -.Fn krb5_cc_remove_cred -removes the credential identified by -.Fa ( cred , -.Fa which ) -from -.Fa id . -.Pp -.Fn krb5_cc_store_cred -stores -.Fa creds -in the credential cache -.Fa id . -Return 0 or an error code. -.Pp -.Fn krb5_cc_set_flags -sets the flags of -.Fa id -to -.Fa flags . -.Pp -.Fn krb5_cc_clear_mcred -clears the -.Fa mcreds -argument so it is reset and can be used with -.Fa krb5_cc_retrieve_cred . -.Pp -.Fn krb5_cc_retrieve_cred , -retrieves the credential identified by -.Fa mcreds -(and -.Fa whichfields ) -from -.Fa id -in -.Fa creds . -.Fa creds -should be freed using -.Fn krb5_free_cred_contents . -Return 0 or an error code. -.Pp -.Fn krb5_cc_start_seq_get -initiates the -.Li krb5_cc_cursor -structure to be used for iteration over the credential cache. -.Pp -.Fn krb5_cc_next_cred -retrieves the next cred pointed to by -.Fa ( id , -.Fa cursor ) -in -.Fa creds , -and advance -.Fa cursor . -Return 0 or an error code. -.Pp -.Fn krb5_cc_next_cred_match -is similar to -.Fn krb5_cc_next_cred -except that it will only return creds matching -.Fa whichfields -and -.Fa mcreds -(as interpreted by -.Xr krb5_compare_creds 3 . ) -.Pp -.Fn krb5_cc_end_seq_get -Destroys the cursor -.Fa cursor . -.Sh EXAMPLE -This is a minimalistic version of -.Nm klist . -.Pp -.Bd -literal -#include - -int -main (int argc, char **argv) -{ - krb5_context context; - krb5_cc_cursor cursor; - krb5_error_code ret; - krb5_ccache id; - krb5_creds creds; - - if (krb5_init_context (&context) != 0) - errx(1, "krb5_context"); - - ret = krb5_cc_default (context, &id); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_default"); - - ret = krb5_cc_start_seq_get(context, id, &cursor); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_start_seq_get"); - - while((ret = krb5_cc_next_cred(context, id, &cursor, &creds)) == 0){ - char *principal; - - krb5_unparse_name_short(context, creds.server, &principal); - printf("principal: %s\\n", principal); - free(principal); - krb5_free_cred_contents (context, &creds); - } - ret = krb5_cc_end_seq_get(context, id, &cursor); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_end_seq_get"); - - krb5_cc_close(context, id); - - krb5_free_context(context); - return 0; -} -.Ed -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5.conf 5 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_ccapi.h b/crypto/heimdal/lib/krb5/krb5_ccapi.h deleted file mode 100644 index 59a38425c252..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_ccapi.h +++ /dev/null @@ -1,230 +0,0 @@ -/* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: krb5_ccapi.h 22090 2007-12-02 23:23:43Z lha $ */ - -#ifndef KRB5_CCAPI_H -#define KRB5_CCAPI_H 1 - -#include - -enum { - cc_credentials_v5 = 2 -}; - -enum { - ccapi_version_3 = 3, - ccapi_version_4 = 4 -}; - -enum { - ccNoError = 0, - - ccIteratorEnd = 201, - ccErrBadParam, - ccErrNoMem, - ccErrInvalidContext, - ccErrInvalidCCache, - - ccErrInvalidString, /* 206 */ - ccErrInvalidCredentials, - ccErrInvalidCCacheIterator, - ccErrInvalidCredentialsIterator, - ccErrInvalidLock, - - ccErrBadName, /* 211 */ - ccErrBadCredentialsVersion, - ccErrBadAPIVersion, - ccErrContextLocked, - ccErrContextUnlocked, - - ccErrCCacheLocked, /* 216 */ - ccErrCCacheUnlocked, - ccErrBadLockType, - ccErrNeverDefault, - ccErrCredentialsNotFound, - - ccErrCCacheNotFound, /* 221 */ - ccErrContextNotFound, - ccErrServerUnavailable, - ccErrServerInsecure, - ccErrServerCantBecomeUID, - - ccErrTimeOffsetNotSet /* 226 */ -}; - -typedef int32_t cc_int32; -typedef uint32_t cc_uint32; -typedef struct cc_context_t *cc_context_t; -typedef struct cc_ccache_t *cc_ccache_t; -typedef struct cc_ccache_iterator_t *cc_ccache_iterator_t; -typedef struct cc_credentials_v5_t cc_credentials_v5_t; -typedef struct cc_credentials_t *cc_credentials_t; -typedef struct cc_credentials_iterator_t *cc_credentials_iterator_t; -typedef struct cc_string_t *cc_string_t; -typedef time_t cc_time_t; - -typedef struct cc_data { - cc_uint32 type; - cc_uint32 length; - void *data; -} cc_data; - -struct cc_credentials_v5_t { - char *client; - char *server; - cc_data keyblock; - cc_time_t authtime; - cc_time_t starttime; - cc_time_t endtime; - cc_time_t renew_till; - cc_uint32 is_skey; - cc_uint32 ticket_flags; -#define KRB5_CCAPI_TKT_FLG_FORWARDABLE 0x40000000 -#define KRB5_CCAPI_TKT_FLG_FORWARDED 0x20000000 -#define KRB5_CCAPI_TKT_FLG_PROXIABLE 0x10000000 -#define KRB5_CCAPI_TKT_FLG_PROXY 0x08000000 -#define KRB5_CCAPI_TKT_FLG_MAY_POSTDATE 0x04000000 -#define KRB5_CCAPI_TKT_FLG_POSTDATED 0x02000000 -#define KRB5_CCAPI_TKT_FLG_INVALID 0x01000000 -#define KRB5_CCAPI_TKT_FLG_RENEWABLE 0x00800000 -#define KRB5_CCAPI_TKT_FLG_INITIAL 0x00400000 -#define KRB5_CCAPI_TKT_FLG_PRE_AUTH 0x00200000 -#define KRB5_CCAPI_TKT_FLG_HW_AUTH 0x00100000 -#define KRB5_CCAPI_TKT_FLG_TRANSIT_POLICY_CHECKED 0x00080000 -#define KRB5_CCAPI_TKT_FLG_OK_AS_DELEGATE 0x00040000 -#define KRB5_CCAPI_TKT_FLG_ANONYMOUS 0x00020000 - cc_data **addresses; - cc_data ticket; - cc_data second_ticket; - cc_data **authdata; -}; - - -typedef struct cc_string_functions { - cc_int32 (*release)(cc_string_t); -} cc_string_functions; - -struct cc_string_t { - const char *data; - const cc_string_functions *func; -}; - -typedef struct cc_credentials_union { - cc_int32 version; - union { - cc_credentials_v5_t* credentials_v5; - } credentials; -} cc_credentials_union; - -struct cc_credentials_functions { - cc_int32 (*release)(cc_credentials_t); - cc_int32 (*compare)(cc_credentials_t, cc_credentials_t, cc_uint32*); -}; - -struct cc_credentials_t { - const cc_credentials_union* data; - const struct cc_credentials_functions* func; -}; - -struct cc_credentials_iterator_functions { - cc_int32 (*release)(cc_credentials_iterator_t); - cc_int32 (*next)(cc_credentials_iterator_t, cc_credentials_t*); -}; - -struct cc_credentials_iterator_t { - const struct cc_credentials_iterator_functions *func; -}; - -struct cc_ccache_iterator_functions { - cc_int32 (*release) (cc_ccache_iterator_t); - cc_int32 (*next)(cc_ccache_iterator_t, cc_ccache_t*); -}; - -struct cc_ccache_iterator_t { - const struct cc_ccache_iterator_functions* func; -}; - -typedef struct cc_ccache_functions { - cc_int32 (*release)(cc_ccache_t); - cc_int32 (*destroy)(cc_ccache_t); - cc_int32 (*set_default)(cc_ccache_t); - cc_int32 (*get_credentials_version)(cc_ccache_t, cc_uint32*); - cc_int32 (*get_name)(cc_ccache_t, cc_string_t*); - cc_int32 (*get_principal)(cc_ccache_t, cc_uint32, cc_string_t*); - cc_int32 (*set_principal)(cc_ccache_t, cc_uint32, const char*); - cc_int32 (*store_credentials)(cc_ccache_t, const cc_credentials_union*); - cc_int32 (*remove_credentials)(cc_ccache_t, cc_credentials_t); - cc_int32 (*new_credentials_iterator)(cc_ccache_t, - cc_credentials_iterator_t*); - cc_int32 (*move)(cc_ccache_t, cc_ccache_t); - cc_int32 (*lock)(cc_ccache_t, cc_uint32, cc_uint32); - cc_int32 (*unlock)(cc_ccache_t); - cc_int32 (*get_last_default_time)(cc_ccache_t, cc_time_t*); - cc_int32 (*get_change_time)(cc_ccache_t, cc_time_t*); - cc_int32 (*compare)(cc_ccache_t, cc_ccache_t, cc_uint32*); - cc_int32 (*get_kdc_time_offset)(cc_ccache_t, cc_int32, cc_time_t *); - cc_int32 (*set_kdc_time_offset)(cc_ccache_t, cc_int32, cc_time_t); - cc_int32 (*clear_kdc_time_offset)(cc_ccache_t, cc_int32); -} cc_ccache_functions; - -struct cc_ccache_t { - const cc_ccache_functions *func; -}; - -struct cc_context_functions { - cc_int32 (*release)(cc_context_t); - cc_int32 (*get_change_time)(cc_context_t, cc_time_t *); - cc_int32 (*get_default_ccache_name)(cc_context_t, cc_string_t*); - cc_int32 (*open_ccache)(cc_context_t, const char*, cc_ccache_t *); - cc_int32 (*open_default_ccache)(cc_context_t, cc_ccache_t*); - cc_int32 (*create_ccache)(cc_context_t,const char*, cc_uint32, - const char*, cc_ccache_t*); - cc_int32 (*create_default_ccache)(cc_context_t, cc_uint32, - const char*, cc_ccache_t*); - cc_int32 (*create_new_ccache)(cc_context_t, cc_uint32, - const char*, cc_ccache_t*); - cc_int32 (*new_ccache_iterator)(cc_context_t, cc_ccache_iterator_t*); - cc_int32 (*lock)(cc_context_t, cc_uint32, cc_uint32); - cc_int32 (*unlock)(cc_context_t); - cc_int32 (*compare)(cc_context_t, cc_context_t, cc_uint32*); -}; - -struct cc_context_t { - const struct cc_context_functions* func; -}; - -typedef cc_int32 -(*cc_initialize_func)(cc_context_t*, cc_int32, cc_int32 *, char const **); - -#endif /* KRB5_CCAPI_H */ diff --git a/crypto/heimdal/lib/krb5/krb5_check_transited.3 b/crypto/heimdal/lib/krb5/krb5_check_transited.3 deleted file mode 100644 index 65ce0774225f..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_check_transited.3 +++ /dev/null @@ -1,106 +0,0 @@ -.\" Copyright (c) 2004, 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_check_transited.3 17382 2006-05-01 07:09:16Z lha $ -.\" -.Dd May 1, 2006 -.Dt KRB5_CHECK_TRANSITED 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_check_transited , -.Nm krb5_check_transited_realms , -.Nm krb5_domain_x500_decode , -.Nm krb5_domain_x500_encode -.Nd realm transit verification and encoding/decoding functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fo krb5_check_transited -.Fa "krb5_context context" -.Fa "krb5_const_realm client_realm" -.Fa "krb5_const_realm server_realm" -.Fa "krb5_realm *realms" -.Fa "int num_realms" -.Fa "int *bad_realm" -.Fc -.Ft krb5_error_code -.Fo krb5_check_transited_realms -.Fa "krb5_context context" -.Fa "const char *const *realms" -.Fa "int num_realms" -.Fa "int *bad_realm" -.Fc -.Ft krb5_error_code -.Fo krb5_domain_x500_decode -.Fa "krb5_context context" -.Fa "krb5_data tr" -.Fa "char ***realms" -.Fa "int *num_realms" -.Fa "const char *client_realm" -.Fa "const char *server_realm" -.Fc -.Ft krb5_error_code -.Fo krb5_domain_x500_encode -.Fa "char **realms" -.Fa "int num_realms" -.Fa "krb5_data *encoding" -.Fc -.Sh DESCRIPTION -.Fn krb5_check_transited -checks the path from -.Fa client_realm -to -.Fa server_realm -where -.Fa realms -and -.Fa num_realms -is the realms between them. -If the function returns an error value, -.Fa bad_realm -will be set to the realm in the list causing the error. -.Fn krb5_check_transited -is used internally by the KDC and libkrb5 and should not be called by -client applications. -.Pp -.Fn krb5_check_transited_realms -is deprecated. -.Pp -.Fn krb5_domain_x500_encode -and -.Fn krb5_domain_x500_decode -encodes and decodes the realm names in the X500 format that Kerberos -uses to describe the transited realms in krbtgts. -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5.conf 5 diff --git a/crypto/heimdal/lib/krb5/krb5_compare_creds.3 b/crypto/heimdal/lib/krb5/krb5_compare_creds.3 deleted file mode 100644 index 9fd2bbbbb684..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_compare_creds.3 +++ /dev/null @@ -1,104 +0,0 @@ -.\" Copyright (c) 2004-2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_compare_creds.3 15110 2005-05-10 09:21:06Z lha $ -.\" -.Dd May 10, 2005 -.Dt KRB5_COMPARE_CREDS 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_compare_creds -.Nd compare Kerberos 5 credentials -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_boolean -.Fo krb5_compare_creds -.Fa "krb5_context context" -.Fa "krb5_flags whichfields" -.Fa "const krb5_creds *mcreds" -.Fa "const krb5_creds *creds" -.Fc -.Sh DESCRIPTION -.Fn krb5_compare_creds -compares -.Fa mcreds -(usually filled in by the application) -to -.Fa creds -(most often from a credentials cache) -and return -.Dv TRUE -if they are equal. -Unless -.Va mcreds-\*[Gt]server -is -.Dv NULL , -the service of the credentials are always compared. If the client -name in -.Fa mcreds -is present, the client names are also compared. This function is -normally only called indirectly via -.Xr krb5_cc_retrieve_cred 3 . -.Pp -The following flags, set in -.Fa whichfields , -affects the comparison: -.Bl -tag -width KRB5_TC_MATCH_SRV_NAMEONLY -compact -offset indent -.It KRB5_TC_MATCH_SRV_NAMEONLY -Consider all realms equal when comparing the service principal. -.It KRB5_TC_MATCH_KEYTYPE -Compare enctypes. -.It KRB5_TC_MATCH_FLAGS_EXACT -Make sure that the ticket flags are identical. -.It KRB5_TC_MATCH_FLAGS -Make sure that all ticket flags set in -.Fa mcreds -are also present in -.Fa creds . -.It KRB5_TC_MATCH_TIMES_EXACT -Compares the ticket times exactly. -.It KRB5_TC_MATCH_TIMES -Compares only the expiration times of the creds. -.It KRB5_TC_MATCH_AUTHDATA -Compares the authdata fields. -.It KRB5_TC_MATCH_2ND_TKT -Compares the second tickets (used by user-to-user authentication). -.It KRB5_TC_MATCH_IS_SKEY -Compares the existance of the second ticket. -.El -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_cc_retrieve_cred 3 , -.Xr krb5_creds 3 , -.Xr krb5_get_init_creds 3 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_config.3 b/crypto/heimdal/lib/krb5/krb5_config.3 deleted file mode 100644 index 9c302ae2f3a3..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_config.3 +++ /dev/null @@ -1,307 +0,0 @@ -.\" Copyright (c) 2000 - 2007 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" -.\" $Id: krb5_config.3 21905 2007-08-10 10:16:45Z lha $ -.\" -.Dd August 10, 2007 -.Dt KRB5_CONFIG_GET 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_config_file_free , -.Nm krb5_config_free_strings , -.Nm krb5_config_get , -.Nm krb5_config_get_bool , -.Nm krb5_config_get_bool_default , -.Nm krb5_config_get_int , -.Nm krb5_config_get_int_default , -.Nm krb5_config_get_list , -.Nm krb5_config_get_next , -.Nm krb5_config_get_string , -.Nm krb5_config_get_string_default , -.Nm krb5_config_get_strings , -.Nm krb5_config_get_time , -.Nm krb5_config_get_time_default , -.Nm krb5_config_parse_file , -.Nm krb5_config_parse_file_multi , -.Nm krb5_config_vget , -.Nm krb5_config_vget_bool , -.Nm krb5_config_vget_bool_default , -.Nm krb5_config_vget_int , -.Nm krb5_config_vget_int_default , -.Nm krb5_config_vget_list , -.Nm krb5_config_vget_next , -.Nm krb5_config_vget_string , -.Nm krb5_config_vget_string_default , -.Nm krb5_config_vget_strings , -.Nm krb5_config_vget_time , -.Nm krb5_config_vget_time_default -.Nd get configuration value -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fo krb5_config_file_free -.Fa "krb5_context context" -.Fa "krb5_config_section *s" -.Fc -.Ft void -.Fo krb5_config_free_strings -.Fa "char **strings" -.Fc -.Ft "const void *" -.Fo krb5_config_get -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "int type" -.Fa "..." -.Fc -.Ft krb5_boolean -.Fo krb5_config_get_bool -.Fa "krb5_context context" -.Fa "krb5_config_section *c" -.Fa "..." -.Fc -.Ft krb5_boolean -.Fo krb5_config_get_bool_default -.Fa "krb5_context context" -.Fa "krb5_config_section *c" -.Fa "krb5_boolean def_value" -.Fa "..." -.Fc -.Ft int -.Fo krb5_config_get_int -.Fa "krb5_context context" -.Fa "krb5_config_section *c" -.Fa "..." -.Fc -.Ft int -.Fo krb5_config_get_int_default -.Fa "krb5_context context" -.Fa "krb5_config_section *c" -.Fa "int def_value" -.Fa "..." -.Fc -.Ft const char* -.Fo krb5_config_get_string -.Fa "krb5_context context" -.Fa "krb5_config_section *c" -.Fa "..." -.Fc -.Ft const char* -.Fo krb5_config_get_string_default -.Fa "krb5_context context" -.Fa "krb5_config_section *c" -.Fa "const char *def_value" -.Fa "..." -.Fc -.Ft "char**" -.Fo krb5_config_get_strings -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "..." -.Fc -.Ft int -.Fo krb5_config_get_time -.Fa "krb5_context context" -.Fa "krb5_config_section *c" -.Fa "..." -.Fc -.Ft int -.Fo krb5_config_get_time_default -.Fa "krb5_context context" -.Fa "krb5_config_section *c" -.Fa "int def_value" -.Fa "..." -.Fc -.Ft krb5_error_code -.Fo krb5_config_parse_file -.Fa "krb5_context context" -.Fa "const char *fname" -.Fa "krb5_config_section **res" -.Fc -.Ft krb5_error_code -.Fo krb5_config_parse_file_multi -.Fa "krb5_context context" -.Fa "const char *fname" -.Fa "krb5_config_section **res" -.Fc -.Ft "const void *" -.Fo krb5_config_vget -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "int type" -.Fa "va_list args" -.Fc -.Ft krb5_boolean -.Fo krb5_config_vget_bool -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "va_list args" -.Fc -.Ft krb5_boolean -.Fo krb5_config_vget_bool_default -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "krb5_boolean def_value" -.Fa "va_list args" -.Fc -.Ft int -.Fo krb5_config_vget_int -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "va_list args" -.Fc -.Ft int -.Fo krb5_config_vget_int_default -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "int def_value" -.Fa "va_list args" -.Fc -.Ft "const krb5_config_binding *" -.Fo krb5_config_vget_list -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "va_list args" -.Fc -.Ft "const void *" -.Fo krb5_config_vget_next -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "const krb5_config_binding **pointer" -.Fa "int type" -.Fa "va_list args" -.Fc -.Ft "const char *" -.Fo krb5_config_vget_string -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "va_list args" -.Fc -.Ft "const char *" -.Fo krb5_config_vget_string_default -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "const char *def_value" -.Fa "va_list args" -.Fc -.Ft char ** -.Fo krb5_config_vget_strings -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "va_list args" -.Fc -.Ft int -.Fo krb5_config_vget_time -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "va_list args" -.Fc -.Ft int -.Fo krb5_config_vget_time_default -.Fa "krb5_context context" -.Fa "const krb5_config_section *c" -.Fa "int def_value" -.Fa "va_list args" -.Fc -.Sh DESCRIPTION -These functions get values from the -.Xr krb5.conf 5 -configuration file, or another configuration database specified by the -.Fa c -parameter. -.Pp -The variable arguments should be a list of strings naming each -subsection to look for. For example: -.Bd -literal -offset indent -krb5_config_get_bool_default(context, NULL, FALSE, - "libdefaults", "log_utc", NULL); -.Ed -.Pp -gets the boolean value for the -.Dv log_utc -option, defaulting to -.Dv FALSE . -.Pp -.Fn krb5_config_get_bool_default -will convert the option value to a boolean value, where -.Sq yes , -.Sq true , -and any non-zero number means -.Dv TRUE , -and any other value -.Dv FALSE . -.Pp -.Fn krb5_config_get_int_default -will convert the value to an integer. -.Pp -.Fn krb5_config_get_time_default -will convert the value to a period of time (not a time stamp) in -seconds, so the string -.Sq 2 weeks -will be converted to -1209600 (2 * 7 * 24 * 60 * 60). -.Pp -.Fn krb5_config_get_string -returns a -.Ft "const char *" -to a string in the configuration database. The string not be valid -after reload of the configuration database -.\" or a call to .Fn krb5_config_set_string , -so a caller should make a local copy if its need to keep the database. -.Pp -.Fn krb5_config_free_strings -free -.Fa strings -as returned by -.Fn krb5_config_get_strings -and -.Fn krb5_config_vget_strings . -If the argument -.Fa strings -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn krb5_config_file_free -free the result of -.Fn krb5_config_parse_file -and -.Fn krb5_config_parse_file_multi . -.Sh SEE ALSO -.Xr krb5_appdefault 3 , -.Xr krb5_init_context 3 , -.Xr krb5.conf 5 -.Sh BUGS -For the default functions, other than for the string case, there's no -way to tell whether there was a value specified or not. diff --git a/crypto/heimdal/lib/krb5/krb5_context.3 b/crypto/heimdal/lib/krb5/krb5_context.3 deleted file mode 100644 index 5bfcc26c7103..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_context.3 +++ /dev/null @@ -1,56 +0,0 @@ -.\" Copyright (c) 2001 - 2003 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_context.3 12329 2003-05-26 14:09:04Z lha $ -.\" -.Dd January 21, 2001 -.Dt KRB5_CONTEXT 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_context -.Nd krb5 state structure -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Sh DESCRIPTION -The -.Nm -structure is designed to hold all per thread state. All global -variables that are context specific are stored in this structure, -including default encryption types, credentials-cache (ticket file), and -default realms. -.Pp -The internals of the structure should never be accessed directly, -functions exist for extracting information. -.Sh SEE ALSO -.Xr krb5_init_context 3 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_create_checksum.3 b/crypto/heimdal/lib/krb5/krb5_create_checksum.3 deleted file mode 100644 index 43d5b4e5d32c..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_create_checksum.3 +++ /dev/null @@ -1,226 +0,0 @@ -.\" Copyright (c) 1999-2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_create_checksum.3 15921 2005-08-12 09:01:22Z lha $ -.\" -.Dd August 12, 2005 -.Dt NAME 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_checksum , -.Nm krb5_checksum_disable , -.Nm krb5_checksum_is_collision_proof , -.Nm krb5_checksum_is_keyed , -.Nm krb5_checksumsize , -.Nm krb5_cksumtype_valid , -.Nm krb5_copy_checksum , -.Nm krb5_create_checksum , -.Nm krb5_crypto_get_checksum_type -.Nm krb5_free_checksum , -.Nm krb5_free_checksum_contents , -.Nm krb5_hmac , -.Nm krb5_verify_checksum -.Nd creates, handles and verifies checksums -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Li "typedef Checksum krb5_checksum;" -.Ft void -.Fo krb5_checksum_disable -.Fa "krb5_context context" -.Fa "krb5_cksumtype type" -.Fc -.Ft krb5_boolean -.Fo krb5_checksum_is_collision_proof -.Fa "krb5_context context" -.Fa "krb5_cksumtype type" -.Fc -.Ft krb5_boolean -.Fo krb5_checksum_is_keyed -.Fa "krb5_context context" -.Fa "krb5_cksumtype type" -.Fc -.Ft krb5_error_code -.Fo krb5_cksumtype_valid -.Fa "krb5_context context" -.Fa "krb5_cksumtype ctype" -.Fc -.Ft krb5_error_code -.Fo krb5_checksumsize -.Fa "krb5_context context" -.Fa "krb5_cksumtype type" -.Fa "size_t *size" -.Fc -.Ft krb5_error_code -.Fo krb5_create_checksum -.Fa "krb5_context context" -.Fa "krb5_crypto crypto" -.Fa "krb5_key_usage usage" -.Fa "int type" -.Fa "void *data" -.Fa "size_t len" -.Fa "Checksum *result" -.Fc -.Ft krb5_error_code -.Fo krb5_verify_checksum -.Fa "krb5_context context" -.Fa "krb5_crypto crypto" -.Fa "krb5_key_usage usage" -.Fa "void *data" -.Fa "size_t len" -.Fa "Checksum *cksum" -.Fc -.Ft krb5_error_code -.Fo krb5_crypto_get_checksum_type -.Fa "krb5_context context" -.Fa "krb5_crypto crypto" -.Fa "krb5_cksumtype *type" -.Fc -.Ft void -.Fo krb5_free_checksum -.Fa "krb5_context context" -.Fa "krb5_checksum *cksum" -.Fc -.Ft void -.Fo krb5_free_checksum_contents -.Fa "krb5_context context" -.Fa "krb5_checksum *cksum" -.Fc -.Ft krb5_error_code -.Fo krb5_hmac -.Fa "krb5_context context" -.Fa "krb5_cksumtype cktype" -.Fa "const void *data" -.Fa "size_t len" -.Fa "unsigned usage" -.Fa "krb5_keyblock *key" -.Fa "Checksum *result" -.Fc -.Ft krb5_error_code -.Fo krb5_copy_checksum -.Fa "krb5_context context" -.Fa "const krb5_checksum *old" -.Fa "krb5_checksum **new" -.Fc -.Sh DESCRIPTION -The -.Li krb5_checksum -structure holds a Kerberos checksum. -There is no component inside -.Li krb5_checksum -that is directly referable. -.Pp -The functions are used to create and verify checksums. -.Fn krb5_create_checksum -creates a checksum of the specified data, and puts it in -.Fa result . -If -.Fa crypto -is -.Dv NULL , -.Fa usage_or_type -specifies the checksum type to use; it must not be keyed. Otherwise -.Fa crypto -is an encryption context created by -.Fn krb5_crypto_init , -and -.Fa usage_or_type -specifies a key-usage. -.Pp -.Fn krb5_verify_checksum -verifies the -.Fa checksum -against the provided data. -.Pp -.Fn krb5_checksum_is_collision_proof -returns true is the specified checksum is collision proof (that it's -very unlikely that two strings has the same hash value, and that it's -hard to find two strings that has the same hash). Examples of -collision proof checksums are MD5, and SHA1, while CRC32 is not. -.Pp -.Fn krb5_checksum_is_keyed -returns true if the specified checksum type is keyed (that the hash -value is a function of both the data, and a separate key). Examples of -keyed hash algorithms are HMAC-SHA1-DES3, and RSA-MD5-DES. The -.Dq plain -hash functions MD5, and SHA1 are not keyed. -.Pp -.Fn krb5_crypto_get_checksum_type -returns the checksum type that will be used when creating a checksum for the given -.Fa crypto -context. -This function is useful in combination with -.Fn krb5_checksumsize -when you want to know the size a checksum will -use when you create it. -.Pp -.Fn krb5_cksumtype_valid -returns 0 or an error if the checksumtype is implemented and not -currently disabled in this kerberos library. -.Pp -.Fn krb5_checksumsize -returns the size of the outdata of checksum function. -.Pp -.Fn krb5_copy_checksum -returns a copy of the checksum -.Fn krb5_free_checksum -should use used to free the -.Fa new -checksum. -.Pp -.Fn krb5_free_checksum -free the checksum and the content of the checksum. -.Pp -.Fn krb5_free_checksum_contents -frees the content of checksum in -.Fa cksum . -.Pp -.Fn krb5_hmac -calculates the HMAC over -.Fa data -(with length -.Fa len ) -using the keyusage -.Fa usage -and keyblock -.Fa key . -Note that keyusage is not always used in checksums. -.Pp -.Nm krb5_checksum_disable -globally disables the checksum type. -.\" .Sh EXAMPLE -.\" .Sh BUGS -.Sh SEE ALSO -.Xr krb5_crypto_init 3 , -.Xr krb5_c_encrypt 3 , -.Xr krb5_encrypt 3 diff --git a/crypto/heimdal/lib/krb5/krb5_creds.3 b/crypto/heimdal/lib/krb5/krb5_creds.3 deleted file mode 100644 index 9eb9a2be9492..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_creds.3 +++ /dev/null @@ -1,119 +0,0 @@ -.\" Copyright (c) 2004, 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_creds.3 17383 2006-05-01 07:13:03Z lha $ -.\" -.Dd May 1, 2006 -.Dt KRB5_CREDS 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_creds , -.Nm krb5_copy_creds , -.Nm krb5_copy_creds_contents , -.Nm krb5_free_creds , -.Nm krb5_free_cred_contents -.Nd Kerberos 5 credential handling functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fo krb5_copy_creds -.Fa "krb5_context context" -.Fa "const krb5_creds *incred" -.Fa "krb5_creds **outcred" -.Fc -.Ft krb5_error_code -.Fo krb5_copy_creds_contents -.Fa "krb5_context context" -.Fa "const krb5_creds *incred" -.Fa "krb5_creds *outcred" -.Fc -.Ft krb5_error_code -.Fo krb5_free_creds -.Fa "krb5_context context" -.Fa "krb5_creds *outcred" -.Fc -.Ft krb5_error_code -.Fo krb5_free_cred_contents -.Fa "krb5_context context" -.Fa "krb5_creds *cred" -.Fc -.Sh DESCRIPTION -.Vt krb5_creds -holds Kerberos credentials: -.Bd -literal -offset -typedef struct krb5_creds { - krb5_principal client; - krb5_principal server; - krb5_keyblock session; - krb5_times times; - krb5_data ticket; - krb5_data second_ticket; - krb5_authdata authdata; - krb5_addresses addresses; - krb5_ticket_flags flags; -} krb5_creds; -.Ed -.Pp -.Fn krb5_copy_creds -makes a copy of -.Fa incred -to -.Fa outcred . -.Fa outcred -should be freed with -.Fn krb5_free_creds -by the caller. -.Pp -.Fn krb5_copy_creds_contents -makes a copy of the content of -.Fa incred -to -.Fa outcreds . -.Fa outcreds -should be freed by the called with -.Fn krb5_free_creds_contents . -.Pp -.Fn krb5_free_creds -frees the content of the -.Fa cred -structure and the structure itself. -.Pp -.Fn krb5_free_cred_contents -frees the content of the -.Fa cred -structure. -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_compare_creds 3 , -.Xr krb5_get_init_creds 3 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_crypto_init.3 b/crypto/heimdal/lib/krb5/krb5_crypto_init.3 deleted file mode 100644 index 822006e08f4c..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_crypto_init.3 +++ /dev/null @@ -1,67 +0,0 @@ -.\" Copyright (c) 1999 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_crypto_init.3 13563 2004-03-20 12:00:01Z lha $ -.\" -.Dd April 7, 1999 -.Dt NAME 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_crypto_destroy , -.Nm krb5_crypto_init -.Nd encryption support in krb5 -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fn krb5_crypto_init "krb5_context context" "krb5_keyblock *key" "krb5_enctype enctype" "krb5_crypto *crypto" -.Ft krb5_error_code -.Fn krb5_crypto_destroy "krb5_context context" "krb5_crypto crypto" -.Sh DESCRIPTION -Heimdal exports parts of the Kerberos crypto interface for applications. -.Pp -Each kerberos encrytion/checksum function takes a crypto context. -.Pp -To setup and destroy crypto contextes there are two functions -.Fn krb5_crypto_init -and -.Fn krb5_crypto_destroy . -The encryption type to use is taken from the key, but can be overridden -with the -.Fa enctype parameter . -This can be useful for encryptions types which is compatiable (DES for -example). -.\" .Sh EXAMPLE -.\" .Sh BUGS -.Sh SEE ALSO -.Xr krb5_create_checksum 3 , -.Xr krb5_encrypt 3 diff --git a/crypto/heimdal/lib/krb5/krb5_data.3 b/crypto/heimdal/lib/krb5/krb5_data.3 deleted file mode 100644 index 2ccff19251da..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_data.3 +++ /dev/null @@ -1,159 +0,0 @@ -.\" Copyright (c) 2003 - 2005, 2007 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_data.3 20040 2007-01-23 20:35:12Z lha $ -.\" -.Dd Jan 23, 2007 -.Dt KRB5_DATA 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_data , -.Nm krb5_data_zero , -.Nm krb5_data_free , -.Nm krb5_free_data_contents , -.Nm krb5_free_data , -.Nm krb5_data_alloc , -.Nm krb5_data_realloc , -.Nm krb5_data_copy , -.Nm krb5_copy_data , -.Nm krb5_data_cmp -.Nd operates on the Kerberos datatype krb5_data -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Li "struct krb5_data;" -.Ft void -.Fn krb5_data_zero "krb5_data *p" -.Ft void -.Fn krb5_data_free "krb5_data *p" -.Ft void -.Fn krb5_free_data_contents "krb5_context context" "krb5_data *p" -.Ft void -.Fn krb5_free_data "krb5_context context" "krb5_data *p" -.Ft krb5_error_code -.Fn krb5_data_alloc "krb5_data *p" "int len" -.Ft krb5_error_code -.Fn krb5_data_realloc "krb5_data *p" "int len" -.Ft krb5_error_code -.Fn krb5_data_copy "krb5_data *p" "const void *data" "size_t len" -.Ft krb5_error_code -.Fn krb5_copy_data "krb5_context context" "const krb5_data *indata" "krb5_data **outdata" -.Ft krb5_error_code -.Fn krb5_data_cmp "const krb5_data *data1" "const krb5_data *data2" -.Sh DESCRIPTION -The -.Li krb5_data -structure holds a data element. -The structure contains two public accessible elements -.Fa length -(the length of data) -and -.Fa data -(the data itself). -The structure must always be initiated and freed by the functions -documented in this manual. -.Pp -.Fn krb5_data_zero -resets the content of -.Fa p . -.Pp -.Fn krb5_data_free -free the data in -.Fa p -and reset the content of the structure with -.Fn krb5_data_zero . -.Pp -.Fn krb5_free_data_contents -works the same way as -.Fa krb5_data_free . -The diffrence is that krb5_free_data_contents is more portable (exists -in MIT api). -.Pp -.Fn krb5_free_data -frees the data in -.Fa p -and -.Fa p -itself. -.Pp -.Fn krb5_data_alloc -allocates -.Fa len -bytes in -.Fa p . -Returns 0 or an error. -.Pp -.Fn krb5_data_realloc -reallocates the length of -.Fa p -to the length in -.Fa len . -Returns 0 or an error. -.Pp -.Fn krb5_data_copy -copies the -.Fa data -that have the length -.Fa len -into -.Fa p . -.Fa p -is not freed so the calling function should make sure the -.Fa p -doesn't contain anything needs to be freed. -Returns 0 or an error. -.Pp -.Fn krb5_copy_data -copies the -.Li krb5_data -in -.Fa indata -to -.Fa outdata . -.Fa outdata -is not freed so the calling function should make sure the -.Fa outdata -doesn't contain anything needs to be freed. -.Fa outdata -should be freed using -.Fn krb5_free_data . -Returns 0 or an error. -.Pp -.Fn krb5_data_cmp -will compare two data object and check if they are the same in a -simular way as memcmp does it. The return value can be used for -sorting. -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_storage 3 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_digest.3 b/crypto/heimdal/lib/krb5/krb5_digest.3 deleted file mode 100644 index f9d7571b072d..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_digest.3 +++ /dev/null @@ -1,260 +0,0 @@ -.\" Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_digest.3 20259 2007-02-17 23:49:54Z lha $ -.\" -.Dd February 18, 2007 -.Dt KRB5_DIGEST 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_digest , -.Nm krb5_digest_alloc , -.Nm krb5_digest_free , -.Nm krb5_digest_set_server_cb , -.Nm krb5_digest_set_type , -.Nm krb5_digest_set_hostname , -.Nm krb5_digest_get_server_nonce , -.Nm krb5_digest_set_server_nonce , -.Nm krb5_digest_get_opaque , -.Nm krb5_digest_set_opaque , -.Nm krb5_digest_get_identifier , -.Nm krb5_digest_set_identifier , -.Nm krb5_digest_init_request , -.Nm krb5_digest_set_client_nonce , -.Nm krb5_digest_set_digest , -.Nm krb5_digest_set_username , -.Nm krb5_digest_set_authid , -.Nm krb5_digest_set_authentication_user , -.Nm krb5_digest_set_realm , -.Nm krb5_digest_set_method , -.Nm krb5_digest_set_uri , -.Nm krb5_digest_set_nonceCount , -.Nm krb5_digest_set_qop , -.Nm krb5_digest_request , -.Nm krb5_digest_get_responseData , -.Nm krb5_digest_get_rsp , -.Nm krb5_digest_get_tickets , -.Nm krb5_digest_get_client_binding , -.Nm krb5_digest_get_a1_hash -.Nd remote digest (HTTP-DIGEST, SASL, CHAP) suppport -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Li "typedef struct krb5_digest *krb5_digest;" -.Pp -.Ft krb5_error_code -.Fo krb5_digest_alloc -.Fa "krb5_context context" -.Fa "krb5_digest *digest" -.Fc -.Ft void -.Fo krb5_digest_free -.Fa "krb5_digest digest" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_set_type -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "const char *type" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_set_server_cb -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "const char *type" -.Fa "const char *binding" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_set_hostname -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "const char *hostname" -.Fc -.Ft "const char *" -.Fo krb5_digest_get_server_nonce -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_set_server_nonce -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "const char *nonce" -.Fc -.Ft "const char *" -.Fo krb5_digest_get_opaque -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_set_opaque -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "const char *opaque" -.Fc -.Ft "const char *" -.Fo krb5_digest_get_identifier -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_set_identifier -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "const char *id" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_init_request -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "krb5_realm realm" -.Fa "krb5_ccache ccache" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_set_client_nonce -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "const char *nonce" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_set_digest -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "const char *dgst" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_set_username -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "const char *username" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_set_authid -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "const char *authid" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_set_authentication_user -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "krb5_principal authentication_user" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_set_realm -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "const char *realm" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_set_method -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "const char *method" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_set_uri -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "const char *uri" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_set_nonceCount -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "const char *nonce_count" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_set_qop -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "const char *qop" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_request -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "krb5_realm realm" -.Fa "krb5_ccache ccache" -.Fc -.Ft "const char *" -.Fo krb5_digest_get_responseData -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fc -.Ft "const char *" -.Fo krb5_digest_get_rsp -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_get_tickets -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "Ticket **tickets" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_get_client_binding -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "char **type" -.Fa "char **binding" -.Fc -.Ft krb5_error_code -.Fo krb5_digest_get_a1_hash -.Fa "krb5_context context" -.Fa "krb5_digest digest" -.Fa "krb5_data *data" -.Fc -.Sh DESCRIPTION -The -.Fn krb5_digest_alloc -function allocatates the -.Fa digest -structure. The structure should be freed with -.Fn krb5_digest_free -when it is no longer being used. -.Pp -.Fn krb5_digest_alloc -returns 0 to indicate success. -Otherwise an kerberos code is returned and the pointer that -.Fa digest -points to is set to -.Dv NULL . -.Pp -.Fn krb5_digest_free -free the structure -.Fa digest . -.Sh SEE ALSO -.Xr krb5 3 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_eai_to_heim_errno.3 b/crypto/heimdal/lib/krb5/krb5_eai_to_heim_errno.3 deleted file mode 100644 index fcada92bc94b..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_eai_to_heim_errno.3 +++ /dev/null @@ -1,68 +0,0 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_eai_to_heim_errno.3 14086 2004-08-03 11:13:46Z lha $ -.\" -.Dd April 13, 2004 -.Dt KRB5_EAI_TO_HEIM_ERRNO 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_eai_to_heim_errno , -.Nm krb5_h_errno_to_heim_errno -.Nd convert resolver error code to com_err error codes -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fo krb5_eai_to_heim_errno -.Fa "int eai_errno" -.Fa "int system_error" -.Fc -.Ft krb5_error_code -.Fo krb5_h_errno_to_heim_errno -.Fa "int eai_errno" -.Fc -.Sh DESCRIPTION -.Fn krb5_eai_to_heim_errno -and -.Fn krb5_h_errno_to_heim_errno -convert -.Xr getaddrinfo 3 , -.Xr getnameinfo 3 , -and -.Xr h_errno 3 -to com_err error code that are used by Heimdal, this is useful for for -function returning kerberos errors and needs to communicate failures -from resolver function. -.Sh SEE ALSO -.Xr krb5 3 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_encrypt.3 b/crypto/heimdal/lib/krb5/krb5_encrypt.3 deleted file mode 100644 index 76cb4c700c1c..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_encrypt.3 +++ /dev/null @@ -1,278 +0,0 @@ -.\" Copyright (c) 1999 - 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_encrypt.3 22071 2007-11-14 20:04:50Z lha $ -.\" -.Dd March 20, 2004 -.Dt KRB5_ENCRYPT 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_crypto_getblocksize , -.Nm krb5_crypto_getconfoundersize -.Nm krb5_crypto_getenctype , -.Nm krb5_crypto_getpadsize , -.Nm krb5_crypto_overhead , -.Nm krb5_decrypt , -.Nm krb5_decrypt_EncryptedData , -.Nm krb5_decrypt_ivec , -.Nm krb5_decrypt_ticket , -.Nm krb5_encrypt , -.Nm krb5_encrypt_EncryptedData , -.Nm krb5_encrypt_ivec , -.Nm krb5_enctype_disable , -.Nm krb5_enctype_keysize , -.Nm krb5_enctype_to_string , -.Nm krb5_enctype_valid , -.Nm krb5_get_wrapped_length , -.Nm krb5_string_to_enctype -.Nd "encrypt and decrypt data, set and get encryption type parameters" -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fo krb5_encrypt -.Fa "krb5_context context" -.Fa "krb5_crypto crypto" -.Fa "unsigned usage" -.Fa "void *data" -.Fa "size_t len" -.Fa "krb5_data *result" -.Fc -.Ft krb5_error_code -.Fo krb5_encrypt_EncryptedData -.Fa "krb5_context context" -.Fa "krb5_crypto crypto" -.Fa "unsigned usage" -.Fa "void *data" -.Fa "size_t len" -.Fa "int kvno" -.Fa "EncryptedData *result" -.Fc -.Ft krb5_error_code -.Fo krb5_encrypt_ivec -.Fa "krb5_context context" -.Fa "krb5_crypto crypto" -.Fa "unsigned usage" -.Fa "void *data" -.Fa "size_t len" -.Fa "krb5_data *result" -.Fa "void *ivec" -.Fc -.Ft krb5_error_code -.Fo krb5_decrypt -.Fa "krb5_context context" -.Fa "krb5_crypto crypto" -.Fa "unsigned usage" -.Fa "void *data" -.Fa "size_t len" -.Fa "krb5_data *result" -.Fc -.Ft krb5_error_code -.Fo krb5_decrypt_EncryptedData -.Fa "krb5_context context" -.Fa "krb5_crypto crypto" -.Fa "unsigned usage" -.Fa "EncryptedData *e" -.Fa "krb5_data *result" -.Fc -.Ft krb5_error_code -.Fo krb5_decrypt_ivec -.Fa "krb5_context context" -.Fa "krb5_crypto crypto" -.Fa "unsigned usage" -.Fa "void *data" -.Fa "size_t len" -.Fa "krb5_data *result" -.Fa "void *ivec" -.Fc -.Ft krb5_error_code -.Fo krb5_decrypt_ticket -.Fa "krb5_context context" -.Fa "Ticket *ticket" -.Fa "krb5_keyblock *key" -.Fa "EncTicketPart *out" -.Fa "krb5_flags flags" -.Fc -.Ft krb5_error_code -.Fo krb5_crypto_getblocksize -.Fa "krb5_context context" -.Fa "size_t *blocksize" -.Fc -.Ft krb5_error_code -.Fo krb5_crypto_getenctype -.Fa "krb5_context context" -.Fa "krb5_crypto crypto" -.Fa "krb5_enctype *enctype" -.Fc -.Ft krb5_error_code -.Fo krb5_crypto_getpadsize -.Fa "krb5_context context" -.Fa size_t *padsize" -.Fc -.Ft krb5_error_code -.Fo krb5_crypto_getconfoundersize -.Fa "krb5_context context" -.Fa "krb5_crypto crypto -.Fa size_t *confoundersize" -.Fc -.Ft krb5_error_code -.Fo krb5_enctype_keysize -.Fa "krb5_context context" -.Fa "krb5_enctype type" -.Fa "size_t *keysize" -.Fc -.Ft krb5_error_code -.Fo krb5_crypto_overhead -.Fa "krb5_context context" -.Fa size_t *padsize" -.Fc -.Ft krb5_error_code -.Fo krb5_string_to_enctype -.Fa "krb5_context context" -.Fa "const char *string" -.Fa "krb5_enctype *etype" -.Fc -.Ft krb5_error_code -.Fo krb5_enctype_to_string -.Fa "krb5_context context" -.Fa "krb5_enctype etype" -.Fa "char **string" -.Fc -.Ft krb5_error_code -.Fo krb5_enctype_valid -.Fa "krb5_context context" -.Fa "krb5_enctype etype" -.Fc -.Ft void -.Fo krb5_enctype_disable -.Fa "krb5_context context" -.Fa "krb5_enctype etype" -.Fc -.Ft size_t -.Fo krb5_get_wrapped_length -.Fa "krb5_context context" -.Fa "krb5_crypto crypto" -.Fa "size_t data_len" -.Fc -.Sh DESCRIPTION -These functions are used to encrypt and decrypt data. -.Pp -.Fn krb5_encrypt_ivec -puts the encrypted version of -.Fa data -(of size -.Fa len ) -in -.Fa result . -If the encryption type supports using derived keys, -.Fa usage -should be the appropriate key-usage. -.Fa ivec -is a pointer to a initial IV, it is modified to the end IV at the end of -the round. -Ivec should be the size of -If -.Dv NULL -is passed in, the default IV is used. -.Fn krb5_encrypt -does the same as -.Fn krb5_encrypt_ivec -but with -.Fa ivec -being -.Dv NULL . -.Fn krb5_encrypt_EncryptedData -does the same as -.Fn krb5_encrypt , -but it puts the encrypted data in a -.Fa EncryptedData -structure instead. If -.Fa kvno -is not zero, it will be put in the (optional) -.Fa kvno -field in the -.Fa EncryptedData . -.Pp -.Fn krb5_decrypt_ivec , -.Fn krb5_decrypt , -and -.Fn krb5_decrypt_EncryptedData -works similarly. -.Pp -.Fn krb5_decrypt_ticket -decrypts the encrypted part of -.Fa ticket -with -.Fa key . -.Fn krb5_decrypt_ticket -also verifies the timestamp in the ticket, invalid flag and if the KDC -haven't verified the transited path, the transit path. -.Pp -.Fn krb5_enctype_keysize , -.Fn krb5_crypto_getconfoundersize , -.Fn krb5_crypto_getblocksize , -.Fn krb5_crypto_getenctype , -.Fn krb5_crypto_getpadsize , -.Fn krb5_crypto_overhead -all returns various (sometimes) useful information from a crypto context. -.Fn krb5_crypto_overhead -is the combination of krb5_crypto_getconfoundersize, -krb5_crypto_getblocksize and krb5_crypto_getpadsize and return the -maximum overhead size. -.Pp -.Fn krb5_enctype_to_string -converts a encryption type number to a string that can be printable -and stored. The strings returned should be freed with -.Xr free 3 . -.Pp -.Fn krb5_string_to_enctype -converts a encryption type strings to a encryption type number that -can use used for other Kerberos crypto functions. -.Pp -.Fn krb5_enctype_valid -returns 0 if the encrypt is supported and not disabled, otherwise and -error code is returned. -.Pp -.Fn krb5_enctype_disable -(globally, for all contextes) disables the -.Fa enctype . -.Pp -.Fn krb5_get_wrapped_length -returns the size of an encrypted packet by -.Fa crypto -of length -.Fa data_len . -.\" .Sh EXAMPLE -.\" .Sh BUGS -.Sh SEE ALSO -.Xr krb5_create_checksum 3 , -.Xr krb5_crypto_init 3 diff --git a/crypto/heimdal/lib/krb5/krb5_err.et b/crypto/heimdal/lib/krb5/krb5_err.et deleted file mode 100644 index 6714401e4503..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_err.et +++ /dev/null @@ -1,266 +0,0 @@ -# -# Error messages for the krb5 library -# -# This might look like a com_err file, but is not -# -id "$Id: krb5_err.et 21050 2007-06-12 02:00:40Z lha $" - -error_table krb5 - -prefix KRB5KDC_ERR -error_code NONE, "No error" -error_code NAME_EXP, "Client's entry in database has expired" -error_code SERVICE_EXP, "Server's entry in database has expired" -error_code BAD_PVNO, "Requested protocol version not supported" -error_code C_OLD_MAST_KVNO, "Client's key is encrypted in an old master key" -error_code S_OLD_MAST_KVNO, "Server's key is encrypted in an old master key" -error_code C_PRINCIPAL_UNKNOWN, "Client not found in Kerberos database" -error_code S_PRINCIPAL_UNKNOWN, "Server not found in Kerberos database" -error_code PRINCIPAL_NOT_UNIQUE,"Principal has multiple entries in Kerberos database" -error_code NULL_KEY, "Client or server has a null key" -error_code CANNOT_POSTDATE, "Ticket is ineligible for postdating" -error_code NEVER_VALID, "Requested effective lifetime is negative or too short" -error_code POLICY, "KDC policy rejects request" -error_code BADOPTION, "KDC can't fulfill requested option" -error_code ETYPE_NOSUPP, "KDC has no support for encryption type" -error_code SUMTYPE_NOSUPP, "KDC has no support for checksum type" -error_code PADATA_TYPE_NOSUPP, "KDC has no support for padata type" -error_code TRTYPE_NOSUPP, "KDC has no support for transited type" -error_code CLIENT_REVOKED, "Clients credentials have been revoked" -error_code SERVICE_REVOKED, "Credentials for server have been revoked" -error_code TGT_REVOKED, "TGT has been revoked" -error_code CLIENT_NOTYET, "Client not yet valid - try again later" -error_code SERVICE_NOTYET, "Server not yet valid - try again later" -error_code KEY_EXPIRED, "Password has expired" -error_code PREAUTH_FAILED, "Preauthentication failed" -error_code PREAUTH_REQUIRED, "Additional pre-authentication required" -error_code SERVER_NOMATCH, "Requested server and ticket don't match" -error_code KDC_ERR_MUST_USE_USER2USER, "Server principal valid for user2user only" -error_code PATH_NOT_ACCEPTED, "KDC Policy rejects transited path" -error_code SVC_UNAVAILABLE, "A service is not available" - -index 31 -prefix KRB5KRB_AP -error_code ERR_BAD_INTEGRITY, "Decrypt integrity check failed" -error_code ERR_TKT_EXPIRED, "Ticket expired" -error_code ERR_TKT_NYV, "Ticket not yet valid" -error_code ERR_REPEAT, "Request is a replay" -error_code ERR_NOT_US, "The ticket isn't for us" -error_code ERR_BADMATCH, "Ticket/authenticator don't match" -error_code ERR_SKEW, "Clock skew too great" -error_code ERR_BADADDR, "Incorrect net address" -error_code ERR_BADVERSION, "Protocol version mismatch" -error_code ERR_MSG_TYPE, "Invalid message type" -error_code ERR_MODIFIED, "Message stream modified" -error_code ERR_BADORDER, "Message out of order" -error_code ERR_ILL_CR_TKT, "Invalid cross-realm ticket" -error_code ERR_BADKEYVER, "Key version is not available" -error_code ERR_NOKEY, "Service key not available" -error_code ERR_MUT_FAIL, "Mutual authentication failed" -error_code ERR_BADDIRECTION, "Incorrect message direction" -error_code ERR_METHOD, "Alternative authentication method required" -error_code ERR_BADSEQ, "Incorrect sequence number in message" -error_code ERR_INAPP_CKSUM, "Inappropriate type of checksum in message" -error_code PATH_NOT_ACCEPTED, "Policy rejects transited path" - -prefix KRB5KRB_ERR -error_code RESPONSE_TOO_BIG, "Response too big for UDP, retry with TCP" -# 53-59 are reserved -index 60 -error_code GENERIC, "Generic error (see e-text)" -error_code FIELD_TOOLONG, "Field is too long for this implementation" - -# pkinit -index 62 -prefix KRB5_KDC_ERR -error_code CLIENT_NOT_TRUSTED, "Client not trusted" -error_code KDC_NOT_TRUSTED, "KDC not trusted" -error_code INVALID_SIG, "Invalid signature" -error_code DH_KEY_PARAMETERS_NOT_ACCEPTED, "DH parameters not accepted" - -index 68 -prefix KRB5_KDC_ERR -error_code WRONG_REALM, "Wrong realm" - -index 69 -prefix KRB5_AP_ERR -error_code USER_TO_USER_REQUIRED, "User to user required" - -index 70 -prefix KRB5_KDC_ERR -error_code CANT_VERIFY_CERTIFICATE, "Cannot verify certificate" -error_code INVALID_CERTIFICATE, "Certificate invalid" -error_code REVOKED_CERTIFICATE, "Certificate revoked" -error_code REVOCATION_STATUS_UNKNOWN, "Revocation status unknown" -error_code REVOCATION_STATUS_UNAVAILABLE, "Revocation status unavaible" -error_code CLIENT_NAME_MISMATCH, "Client name mismatch in certificate" -error_code INCONSISTENT_KEY_PURPOSE, "Inconsistent key purpose" -error_code DIGEST_IN_CERT_NOT_ACCEPTED, "Digest in certificate not accepted" -error_code PA_CHECKSUM_MUST_BE_INCLUDED, "paChecksum must be included" -error_code DIGEST_IN_SIGNED_DATA_NOT_ACCEPTED, "Digest in signedData not accepted" -error_code PUBLIC_KEY_ENCRYPTION_NOT_SUPPORTED, "Public key encryption not supported" - -## these are never used -#index 80 -#prefix KRB5_IAKERB -#error_code ERR_KDC_NOT_FOUND, "IAKERB proxy could not find a KDC" -#error_code ERR_KDC_NO_RESPONSE, "IAKERB proxy never reeived a response from a KDC" - -# 82-127 are reserved - -index 128 -prefix -error_code KRB5_ERR_RCSID, "$Id: krb5_err.et 21050 2007-06-12 02:00:40Z lha $" - -error_code KRB5_LIBOS_BADLOCKFLAG, "Invalid flag for file lock mode" -error_code KRB5_LIBOS_CANTREADPWD, "Cannot read password" -error_code KRB5_LIBOS_BADPWDMATCH, "Password mismatch" -error_code KRB5_LIBOS_PWDINTR, "Password read interrupted" - -error_code KRB5_PARSE_ILLCHAR, "Invalid character in component name" -error_code KRB5_PARSE_MALFORMED, "Malformed representation of principal" - -error_code KRB5_CONFIG_CANTOPEN, "Can't open/find configuration file" -error_code KRB5_CONFIG_BADFORMAT, "Improper format of configuration file" -error_code KRB5_CONFIG_NOTENUFSPACE, "Insufficient space to return complete information" - -error_code KRB5_BADMSGTYPE, "Invalid message type specified for encoding" - -error_code KRB5_CC_BADNAME, "Credential cache name malformed" -error_code KRB5_CC_UNKNOWN_TYPE, "Unknown credential cache type" -error_code KRB5_CC_NOTFOUND, "Matching credential not found" -error_code KRB5_CC_END, "End of credential cache reached" - -error_code KRB5_NO_TKT_SUPPLIED, "Request did not supply a ticket" - -error_code KRB5KRB_AP_WRONG_PRINC, "Wrong principal in request" -error_code KRB5KRB_AP_ERR_TKT_INVALID, "Ticket has invalid flag set" - -error_code KRB5_PRINC_NOMATCH, "Requested principal and ticket don't match" -error_code KRB5_KDCREP_MODIFIED, "KDC reply did not match expectations" -error_code KRB5_KDCREP_SKEW, "Clock skew too great in KDC reply" -error_code KRB5_IN_TKT_REALM_MISMATCH, "Client/server realm mismatch in initial ticket request" - -error_code KRB5_PROG_ETYPE_NOSUPP, "Program lacks support for encryption type" -error_code KRB5_PROG_KEYTYPE_NOSUPP, "Program lacks support for key type" -error_code KRB5_WRONG_ETYPE, "Requested encryption type not used in message" -error_code KRB5_PROG_SUMTYPE_NOSUPP, "Program lacks support for checksum type" - -error_code KRB5_REALM_UNKNOWN, "Cannot find KDC for requested realm" -error_code KRB5_SERVICE_UNKNOWN, "Kerberos service unknown" -error_code KRB5_KDC_UNREACH, "Cannot contact any KDC for requested realm" -error_code KRB5_NO_LOCALNAME, "No local name found for principal name" - -error_code KRB5_MUTUAL_FAILED, "Mutual authentication failed" - -# some of these should be combined/supplanted by system codes - -error_code KRB5_RC_TYPE_EXISTS, "Replay cache type is already registered" -error_code KRB5_RC_MALLOC, "No more memory to allocate (in replay cache code)" -error_code KRB5_RC_TYPE_NOTFOUND, "Replay cache type is unknown" -error_code KRB5_RC_UNKNOWN, "Generic unknown RC error" -error_code KRB5_RC_REPLAY, "Message is a replay" -error_code KRB5_RC_IO, "Replay I/O operation failed XXX" -error_code KRB5_RC_NOIO, "Replay cache type does not support non-volatile storage" -error_code KRB5_RC_PARSE, "Replay cache name parse/format error" - -error_code KRB5_RC_IO_EOF, "End-of-file on replay cache I/O" -error_code KRB5_RC_IO_MALLOC, "No more memory to allocate (in replay cache I/O code)" -error_code KRB5_RC_IO_PERM, "Permission denied in replay cache code" -error_code KRB5_RC_IO_IO, "I/O error in replay cache i/o code" -error_code KRB5_RC_IO_UNKNOWN, "Generic unknown RC/IO error" -error_code KRB5_RC_IO_SPACE, "Insufficient system space to store replay information" - -error_code KRB5_TRANS_CANTOPEN, "Can't open/find realm translation file" -error_code KRB5_TRANS_BADFORMAT, "Improper format of realm translation file" - -error_code KRB5_LNAME_CANTOPEN, "Can't open/find lname translation database" -error_code KRB5_LNAME_NOTRANS, "No translation available for requested principal" -error_code KRB5_LNAME_BADFORMAT, "Improper format of translation database entry" - -error_code KRB5_CRYPTO_INTERNAL, "Cryptosystem internal error" - -error_code KRB5_KT_BADNAME, "Key table name malformed" -error_code KRB5_KT_UNKNOWN_TYPE, "Unknown Key table type" -error_code KRB5_KT_NOTFOUND, "Key table entry not found" -error_code KRB5_KT_END, "End of key table reached" -error_code KRB5_KT_NOWRITE, "Cannot write to specified key table" -error_code KRB5_KT_IOERR, "Error writing to key table" - -error_code KRB5_NO_TKT_IN_RLM, "Cannot find ticket for requested realm" -error_code KRB5DES_BAD_KEYPAR, "DES key has bad parity" -error_code KRB5DES_WEAK_KEY, "DES key is a weak key" - -error_code KRB5_BAD_ENCTYPE, "Bad encryption type" -error_code KRB5_BAD_KEYSIZE, "Key size is incompatible with encryption type" -error_code KRB5_BAD_MSIZE, "Message size is incompatible with encryption type" - -error_code KRB5_CC_TYPE_EXISTS, "Credentials cache type is already registered." -error_code KRB5_KT_TYPE_EXISTS, "Key table type is already registered." - -error_code KRB5_CC_IO, "Credentials cache I/O operation failed XXX" -error_code KRB5_FCC_PERM, "Credentials cache file permissions incorrect" -error_code KRB5_FCC_NOFILE, "No credentials cache file found" -error_code KRB5_FCC_INTERNAL, "Internal file credentials cache error" -error_code KRB5_CC_WRITE, "Error writing to credentials cache file" -error_code KRB5_CC_NOMEM, "No more memory to allocate (in credentials cache code)" -error_code KRB5_CC_FORMAT, "Bad format in credentials cache" -error_code KRB5_CC_NOT_KTYPE, "No credentials found with supported encryption types" - -# errors for dual tgt library calls -error_code KRB5_INVALID_FLAGS, "Invalid KDC option combination (library internal error)" -error_code KRB5_NO_2ND_TKT, "Request missing second ticket" - -error_code KRB5_NOCREDS_SUPPLIED, "No credentials supplied to library routine" - -# errors for sendauth (and recvauth) - -error_code KRB5_SENDAUTH_BADAUTHVERS, "Bad sendauth version was sent" -error_code KRB5_SENDAUTH_BADAPPLVERS, "Bad application version was sent (via sendauth)" -error_code KRB5_SENDAUTH_BADRESPONSE, "Bad response (during sendauth exchange)" -error_code KRB5_SENDAUTH_REJECTED, "Server rejected authentication (during sendauth exchange)" - -# errors for preauthentication - -error_code KRB5_PREAUTH_BAD_TYPE, "Unsupported preauthentication type" -error_code KRB5_PREAUTH_NO_KEY, "Required preauthentication key not supplied" -error_code KRB5_PREAUTH_FAILED, "Generic preauthentication failure" - -# version number errors - -error_code KRB5_RCACHE_BADVNO, "Unsupported replay cache format version number" -error_code KRB5_CCACHE_BADVNO, "Unsupported credentials cache format version number" -error_code KRB5_KEYTAB_BADVNO, "Unsupported key table format version number" - -# -# - -error_code KRB5_PROG_ATYPE_NOSUPP, "Program lacks support for address type" -error_code KRB5_RC_REQUIRED, "Message replay detection requires rcache parameter" -error_code KRB5_ERR_BAD_HOSTNAME, "Hostname cannot be canonicalized" -error_code KRB5_ERR_HOST_REALM_UNKNOWN, "Cannot determine realm for host" -error_code KRB5_SNAME_UNSUPP_NAMETYPE, "Conversion to service principal undefined for name type" - -error_code KRB5KRB_AP_ERR_V4_REPLY, "Initial Ticket response appears to be Version 4" -error_code KRB5_REALM_CANT_RESOLVE, "Cannot resolve KDC for requested realm" -error_code KRB5_TKT_NOT_FORWARDABLE, "Requesting ticket can't get forwardable tickets" -error_code KRB5_FWD_BAD_PRINCIPAL, "Bad principal name while trying to forward credentials" - -error_code KRB5_GET_IN_TKT_LOOP, "Looping detected inside krb5_get_in_tkt" -error_code KRB5_CONFIG_NODEFREALM, "Configuration file does not specify default realm" - -error_code KRB5_SAM_UNSUPPORTED, "Bad SAM flags in obtain_sam_padata" -error_code KRB5_SAM_INVALID_ETYPE, "Invalid encryption type in SAM challenge" -error_code KRB5_SAM_NO_CHECKSUM, "Missing checksum in SAM challenge" -error_code KRB5_SAM_BAD_CHECKSUM, "Bad checksum in SAM challenge" - -index 238 -error_code KRB5_OBSOLETE_FN, "Program called an obsolete, deleted function" - -index 245 -error_code KRB5_ERR_BAD_S2K_PARAMS, "Invalid key generation parameters from KDC" -error_code KRB5_ERR_NO_SERVICE, "Service not available" -error_code KRB5_CC_NOSUPP, "Credential cache function not supported" -error_code KRB5_DELTAT_BADFORMAT, "Invalid format of Kerberos lifetime or clock skew string" - -end diff --git a/crypto/heimdal/lib/krb5/krb5_expand_hostname.3 b/crypto/heimdal/lib/krb5/krb5_expand_hostname.3 deleted file mode 100644 index ffd98dad1688..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_expand_hostname.3 +++ /dev/null @@ -1,93 +0,0 @@ -.\" Copyright (c) 2004 - 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_expand_hostname.3 17461 2006-05-05 13:13:18Z lha $ -.\" -.Dd May 5, 2006 -.Dt KRB5_EXPAND_HOSTNAME 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_expand_hostname , -.Nm krb5_expand_hostname_realms -.Nd Kerberos 5 host name canonicalization functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Ft krb5_error_code -.Fo krb5_expand_hostname -.Fa "krb5_context context" -.Fa "const char *orig_hostname" -.Fa "char **new_hostname" -.Fc -.Ft krb5_error_code -.Fo krb5_expand_hostname_realms -.Fa "krb5_context context" -.Fa "const char *orig_hostname" -.Fa "char **new_hostname" -.Fa "char ***realms" -.Fc -.Sh DESCRIPTION -.Fn krb5_expand_hostname -tries to make -.Fa orig_hostname -into a more canonical one in the newly allocated space returned in -.Fa new_hostname . -Caller must free the hostname with -.Xr free 3 . -.Pp -.Fn krb5_expand_hostname_realms -expands -.Fa orig_hostname -to a name we believe to be a hostname in newly -allocated space in -.Fa new_hostname -and return the realms -.Fa new_hostname -is belive to belong to in -.Fa realms . -.Fa Realms -is a array terminated with -.Dv NULL . -Caller must free the -.Fa realms -with -.Fn krb5_free_host_realm -and -.Fa new_hostname -with -.Xr free 3 . -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_free_host_realm 3 , -.Xr krb5_get_host_realm 3 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_find_padata.3 b/crypto/heimdal/lib/krb5/krb5_find_padata.3 deleted file mode 100644 index b72678493152..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_find_padata.3 +++ /dev/null @@ -1,87 +0,0 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_find_padata.3 13595 2004-03-21 13:17:41Z lha $ -.\" -.Dd March 21, 2004 -.Dt KRB5_FIND_PADATA 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_find_padata , -.Nm krb5_padata_add -.Nd Kerberos 5 pre-authentication data handling functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Ft "PA_DATA *" -.Fo krb5_find_padata -.Fa "PA_DATA *val" -.Fa "unsigned len" -.Fa "int type" -.Fa "int *index" -.Fc -.Ft int -.Fo krb5_padata_add -.Fa "krb5_context context" -.Fa "METHOD_DATA *md" -.Fa "int type" -.Fa "void *buf" -.Fa "size_t len" -.Fc -.Sh DESCRIPTION -.Fn krb5_find_padata -tries to find the pre-authentication data entry of type -.Fa type -in the array -.Fa val -of length -.Fa len . -The search is started at entry pointed out by -.Fa *index -(zero based indexing). -If the type isn't found, -.Dv NULL -is returned. -.Pp -.Fn krb5_padata_add -adds a pre-authentication data entry of type -.Fa type -pointed out by -.Fa buf -and -.Fa len -to -.Fa md . -.Sh SEE ALSO -.Xr krb5 3 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_free_addresses.3 b/crypto/heimdal/lib/krb5/krb5_free_addresses.3 deleted file mode 100644 index 6ac46d44f3b3..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_free_addresses.3 +++ /dev/null @@ -1,53 +0,0 @@ -.\" Copyright (c) 2001 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_free_addresses.3,v 1.5 2003/04/16 13:58:15 lha Exp $ -.\" -.Dd November 20, 2001 -.Dt KRB5_FREE_ADDRESSES 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_free_addresses -.Nd free list of addresses -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft void -.Fn krb5_free_addresses "krb5_context context" "krb5_addresses *addresses" -.Sh DESCRIPTION -The -.Fn krb5_free_addresses -will free a list of addresses that has been created with -.Fn krb5_get_all_client_addrs -or with some other function. -.Sh SEE ALSO -.Xr krb5_get_all_client_addrs 3 diff --git a/crypto/heimdal/lib/krb5/krb5_free_principal.3 b/crypto/heimdal/lib/krb5/krb5_free_principal.3 deleted file mode 100644 index e9900a7981cc..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_free_principal.3 +++ /dev/null @@ -1,58 +0,0 @@ -.\" Copyright (c) 1997, 2001 - 2002 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" Copyright (c) 1997 Kungliga Tekniska Högskolan -.\" $Id: krb5_free_principal.3,v 1.7 2003/04/16 13:58:11 lha Exp $ -.Dd August 8, 1997 -.Dt KRB5_FREE_PRINCIPAL 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_free_principal -.Nd principal free function -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft void -.Fn krb5_free_principal "krb5_context context" "krb5_principal principal" -.Sh DESCRIPTION -The -.Fn krb5_free_principal -will free a principal that has been created with -.Fn krb5_build_principal , -.Fn krb5_parse_name , -or with some other function. -.Sh SEE ALSO -.Xr krb5_425_conv_principal 3 , -.Xr krb5_build_principal 3 , -.Xr krb5_parse_name 3 , -.Xr krb5_sname_to_principal 3 , -.Xr krb5_unparse_name 3 diff --git a/crypto/heimdal/lib/krb5/krb5_generate_random_block.3 b/crypto/heimdal/lib/krb5/krb5_generate_random_block.3 deleted file mode 100644 index 4b46954fa90a..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_generate_random_block.3 +++ /dev/null @@ -1,57 +0,0 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_generate_random_block.3 17385 2006-05-01 08:48:55Z lha $ -.\" -.Dd March 21, 2004 -.Dt KRB5_GENERATE_RANDOM_BLOCK 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_generate_random_block -.Nd Kerberos 5 random functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft void -.Fo krb5_generate_random_block -.Fa "void *buf" -.Fa "size_t len" -.Fc -.Sh DESCRIPTION -.Fn krb5_generate_random_block -generates a cryptographically strong pseudo-random block into the buffer -.Fa buf -of length -.Fa len . -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5.conf 5 diff --git a/crypto/heimdal/lib/krb5/krb5_get_all_client_addrs.3 b/crypto/heimdal/lib/krb5/krb5_get_all_client_addrs.3 deleted file mode 100644 index f6f4c85c97aa..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_get_all_client_addrs.3 +++ /dev/null @@ -1,74 +0,0 @@ -.\" Copyright (c) 2001 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_get_all_client_addrs.3 12329 2003-05-26 14:09:04Z lha $ -.\" -.Dd July 1, 2001 -.Dt KRB5_GET_ADDRS 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_get_all_client_addrs , -.Nm krb5_get_all_server_addrs -.Nd return local addresses -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft "krb5_error_code" -.Fn krb5_get_all_client_addrs "krb5_context context" "krb5_addresses *addrs" -.Ft "krb5_error_code" -.Fn krb5_get_all_server_addrs "krb5_context context" "krb5_addresses *addrs" -.Sh DESCRIPTION -These functions return in -.Fa addrs -a list of addresses associated with the local -host. -.Pp -The server variant returns all configured interface addresses (if -possible), including loop-back addresses. This is useful if you want -to create sockets to listen to. -.Pp -The client version will also scan local interfaces (can be turned off -by setting -.Li libdefaults/scan_interfaces -to false in -.Pa krb5.conf ) , -but will not include loop-back addresses, unless there are no other -addresses found. It will remove all addresses included in -.Li libdefaults/ignore_addresses -but will unconditionally include addresses in -.Li libdefaults/extra_addresses . -.Pp -The returned addresses should be freed by calling -.Fn krb5_free_addresses . -.\".Sh EXAMPLE -.Sh SEE ALSO -.Xr krb5_free_addresses 3 diff --git a/crypto/heimdal/lib/krb5/krb5_get_credentials.3 b/crypto/heimdal/lib/krb5/krb5_get_credentials.3 deleted file mode 100644 index 32e0ffe1eef3..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_get_credentials.3 +++ /dev/null @@ -1,208 +0,0 @@ -.\" Copyright (c) 2004 - 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_get_credentials.3 22071 2007-11-14 20:04:50Z lha $ -.\" -.Dd July 26, 2004 -.Dt KRB5_GET_CREDENTIALS 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_get_credentials , -.Nm krb5_get_credentials_with_flags , -.Nm krb5_get_cred_from_kdc , -.Nm krb5_get_cred_from_kdc_opt , -.Nm krb5_get_kdc_cred , -.Nm krb5_get_renewed_creds -.Nd get credentials from the KDC using krbtgt -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fo krb5_get_credentials -.Fa "krb5_context context" -.Fa "krb5_flags options" -.Fa "krb5_ccache ccache" -.Fa "krb5_creds *in_creds" -.Fa "krb5_creds **out_creds" -.Fc -.Ft krb5_error_code -.Fo krb5_get_credentials_with_flags -.Fa "krb5_context context" -.Fa "krb5_flags options" -.Fa "krb5_kdc_flags flags" -.Fa "krb5_ccache ccache" -.Fa "krb5_creds *in_creds" -.Fa "krb5_creds **out_creds" -.Fc -.Ft krb5_error_code -.Fo krb5_get_cred_from_kdc -.Fa "krb5_context context" -.Fa "krb5_ccache ccache" -.Fa "krb5_creds *in_creds" -.Fa "krb5_creds **out_creds" -.Fa "krb5_creds ***ret_tgts" -.Fc -.Ft krb5_error_code -.Fo krb5_get_cred_from_kdc_opt -.Fa "krb5_context context" -.Fa "krb5_ccache ccache" -.Fa "krb5_creds *in_creds" -.Fa "krb5_creds **out_creds" -.Fa "krb5_creds ***ret_tgts" -.Fa "krb5_flags flags" -.Fc -.Ft krb5_error_code -.Fo krb5_get_kdc_cred -.Fa "krb5_context context" -.Fa "krb5_ccache id" -.Fa "krb5_kdc_flags flags" -.Fa "krb5_addresses *addresses" -.Fa "Ticket *second_ticket" -.Fa "krb5_creds *in_creds" -.Fa "krb5_creds **out_creds" -.Fc -.Ft krb5_error_code -.Fo krb5_get_renewed_creds -.Fa "krb5_context context" -.Fa "krb5_creds *creds" -.Fa "krb5_const_principal client" -.Fa "krb5_ccache ccache" -.Fa "const char *in_tkt_service" -.Fc -.Sh DESCRIPTION -.Fn krb5_get_credentials_with_flags -get credentials specified by -.Fa in_creds->server -and -.Fa in_creds->client -(the rest of the -.Fa in_creds -structure is ignored) -by first looking in the -.Fa ccache -and if doesn't exists or is expired, fetch the credential from the KDC -using the krbtgt in -.Fa ccache . -The credential is returned in -.Fa out_creds -and should be freed using the function -.Fn krb5_free_creds . -.Pp -Valid flags to pass into -.Fa options -argument are: -.Pp -.Bl -tag -width "KRB5_GC_USER_USER" -compact -.It KRB5_GC_CACHED -Only check the -.Fa ccache , -don't got out on network to fetch credential. -.It KRB5_GC_USER_USER -Request a user to user ticket. -This option doesn't store the resulting user to user credential in -the -.Fa ccache . -.It KRB5_GC_EXPIRED_OK -returns the credential even if it is expired, default behavior is trying -to refetch the credential from the KDC. -.El -.Pp -.Fa Flags -are KDCOptions, note the caller must fill in the bit-field and not -use the integer associated structure. -.Pp -.Fn krb5_get_credentials -works the same way as -.Fn krb5_get_credentials_with_flags -except that the -.Fa flags -field is missing. -.Pp -.Fn krb5_get_cred_from_kdc -and -.Fn krb5_get_cred_from_kdc_opt -fetches the credential from the KDC very much like -.Fn krb5_get_credentials, but doesn't look in the -.Fa ccache -if the credential exists there first. -.Pp -.Fn krb5_get_kdc_cred -does the same as the functions above, but the caller must fill in all -the information andits closer to the wire protocol. -.Pp -.Fn krb5_get_renewed_creds -renews a credential given by -.Fa in_tkt_service -(if -.Dv NULL -the default -.Li krbtgt ) -using the credential cache -.Fa ccache . -The result is stored in -.Fa creds -and should be freed using -.Fa krb5_free_creds . -.Sh EXAMPLES -Here is a example function that get a credential from a credential cache -.Fa id -or the KDC and returns it to the caller. -.Bd -literal -#include - -int -getcred(krb5_context context, krb5_ccache id, krb5_creds **creds) -{ - krb5_error_code ret; - krb5_creds in; - - ret = krb5_parse_name(context, "client@EXAMPLE.COM", - &in.client); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - ret = krb5_parse_name(context, "host/server.example.com@EXAMPLE.COM", - &in.server); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - ret = krb5_get_credentials(context, 0, id, &in, creds); - if (ret) - krb5_err(context, 1, ret, "krb5_get_credentials"); - - return 0; -} -.Ed -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_get_forwarded_creds 3 , -.Xr krb5.conf 5 diff --git a/crypto/heimdal/lib/krb5/krb5_get_creds.3 b/crypto/heimdal/lib/krb5/krb5_get_creds.3 deleted file mode 100644 index 189c93f408da..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_get_creds.3 +++ /dev/null @@ -1,173 +0,0 @@ -.\" Copyright (c) 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_get_creds.3 22071 2007-11-14 20:04:50Z lha $ -.\" -.Dd June 15, 2006 -.Dt KRB5_GET_CREDS 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_get_creds , -.Nm krb5_get_creds_opt_add_options , -.Nm krb5_get_creds_opt_alloc , -.Nm krb5_get_creds_opt_free , -.Nm krb5_get_creds_opt_set_enctype , -.Nm krb5_get_creds_opt_set_impersonate , -.Nm krb5_get_creds_opt_set_options , -.Nm krb5_get_creds_opt_set_ticket -.Nd get credentials from the KDC -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fo krb5_get_creds -.Fa "krb5_context context" -.Fa "krb5_get_creds_opt opt" -.Fa "krb5_ccache ccache" -.Fa "krb5_const_principal inprinc" -.Fa "krb5_creds **out_creds" -.Fc -.Ft void -.Fo krb5_get_creds_opt_add_options -.Fa "krb5_context context" -.Fa "krb5_get_creds_opt opt" -.Fa "krb5_flags options" -.Fc -.Ft krb5_error_code -.Fo krb5_get_creds_opt_alloc -.Fa "krb5_context context" -.Fa "krb5_get_creds_opt *opt" -.Fc -.Ft void -.Fo krb5_get_creds_opt_free -.Fa "krb5_context context" -.Fa "krb5_get_creds_opt opt" -.Fc -.Ft void -.Fo krb5_get_creds_opt_set_enctype -.Fa "krb5_context context" -.Fa "krb5_get_creds_opt opt" -.Fa "krb5_enctype enctype" -.Fc -.Ft krb5_error_code -.Fo krb5_get_creds_opt_set_impersonate -.Fa "krb5_context context" -.Fa "krb5_get_creds_opt opt" -.Fa "krb5_const_principal self" -.Fc -.Ft void -.Fo krb5_get_creds_opt_set_options -.Fa "krb5_context context" -.Fa "krb5_get_creds_opt opt" -.Fa "krb5_flags options" -.Fc -.Ft krb5_error_code -.Fo krb5_get_creds_opt_set_ticket -.Fa "krb5_context context" -.Fa "krb5_get_creds_opt opt" -.Fa "const Ticket *ticket" -.Fc -.Sh DESCRIPTION -.Fn krb5_get_creds -fetches credentials specified by -.Fa opt -by first looking in the -.Fa ccache , -and then it doesn't exists, fetch the credential from the KDC -using the krbtgts in -.Fa ccache . -The credential is returned in -.Fa out_creds -and should be freed using the function -.Fn krb5_free_creds . -.Pp -The structure -.Li krb5_get_creds_opt -controls the behavior of -.Fn krb5_get_creds . -The structure is opaque to consumers that can set the content of the -structure with accessors functions. All accessor functions make copies -of the data that is passed into accessor functions, so external -consumers free the memory before calling -.Fn krb5_get_creds . -.Pp -The structure -.Li krb5_get_creds_opt -is allocated with -.Fn krb5_get_creds_opt_alloc -and freed with -.Fn krb5_get_creds_opt_free . -The free function also frees the content of the structure set by the -accessor functions. -.Pp -.Fn krb5_get_creds_opt_add_options -and -.Fn krb5_get_creds_opt_set_options -adds and sets options to the -.Fi krb5_get_creds_opt -structure . -The possible options to set are -.Bl -tag -width "KRB5_GC_USER_USER" -compact -.It KRB5_GC_CACHED -Only check the -.Fa ccache , -don't got out on network to fetch credential. -.It KRB5_GC_USER_USER -request a user to user ticket. -This options doesn't store the resulting user to user credential in -the -.Fa ccache . -.It KRB5_GC_EXPIRED_OK -returns the credential even if it is expired, default behavior is trying -to refetch the credential from the KDC. -.It KRB5_GC_NO_STORE -Do not store the resulting credentials in the -.Fa ccache . -.El -.Pp -.Fn krb5_get_creds_opt_set_enctype -sets the preferred encryption type of the application. Don't set this -unless you have to since if there is no match in the KDC, the function -call will fail. -.Pp -.Fn krb5_get_creds_opt_set_impersonate -sets the principal to impersonate., Returns a ticket that have the -impersonation principal as a client and the requestor as the -service. Note that the requested principal have to be the same as the -client principal in the krbtgt. -.Pp -.Fn krb5_get_creds_opt_set_ticket -sets the extra ticket used in user-to-user or contrained delegation use case. -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_get_credentials 3 , -.Xr krb5.conf 5 diff --git a/crypto/heimdal/lib/krb5/krb5_get_forwarded_creds.3 b/crypto/heimdal/lib/krb5/krb5_get_forwarded_creds.3 deleted file mode 100644 index bbe46ec44784..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_get_forwarded_creds.3 +++ /dev/null @@ -1,79 +0,0 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_get_forwarded_creds.3 14068 2004-07-26 13:34:33Z lha $ -.\" -.Dd July 26, 2004 -.Dt KRB5_GET_FORWARDED_CREDS 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_get_forwarded_creds , -.Nm krb5_fwd_tgt_creds -.Nd get forwarded credentials from the KDC -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fo krb5_get_forwarded_creds -.Fa "krb5_context context" -.Fa "krb5_auth_context auth_context" -.Fa "krb5_ccache ccache" -.Fa "krb5_flags flags" -.Fa "const char *hostname" -.Fa "krb5_creds *in_creds" -.Fa "krb5_data *out_data" -.Fc -.Ft krb5_error_code -.Fo krb5_fwd_tgt_creds -.Fa "krb5_context context" -.Fa "krb5_auth_context auth_context" -.Fa "const char *hostname" -.Fa "krb5_principal client" -.Fa "krb5_principal server" -.Fa "krb5_ccache ccache" -.Fa "int forwardable" -.Fa "krb5_data *out_data" -.Fc -.Sh DESCRIPTION -.Fn krb5_get_forwarded_creds -and -.Fn krb5_fwd_tgt_creds -get tickets forwarded to -.Fa hostname. -If the tickets that are forwarded are address-less, the forwarded -tickets will also be address-less, otherwise -.Fa hostname -will be used for figure out the address to forward the ticket too. -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_get_credentials 3 , -.Xr krb5.conf 5 diff --git a/crypto/heimdal/lib/krb5/krb5_get_in_cred.3 b/crypto/heimdal/lib/krb5/krb5_get_in_cred.3 deleted file mode 100644 index 290e3c5c694d..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_get_in_cred.3 +++ /dev/null @@ -1,274 +0,0 @@ -.\" Copyright (c) 2003 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_get_in_cred.3 17593 2006-05-29 14:55:18Z lha $ -.\" -.Dd May 31, 2003 -.Dt KRB5_GET_IN_TKT 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_get_in_tkt , -.Nm krb5_get_in_cred , -.Nm krb5_get_in_tkt_with_password , -.Nm krb5_get_in_tkt_with_keytab , -.Nm krb5_get_in_tkt_with_skey , -.Nm krb5_free_kdc_rep , -.Nm krb5_password_key_proc -.Nd deprecated initial authentication functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Ft krb5_error_code -.Fo krb5_get_in_tkt -.Fa "krb5_context context" -.Fa "krb5_flags options" -.Fa "const krb5_addresses *addrs" -.Fa "const krb5_enctype *etypes" -.Fa "const krb5_preauthtype *ptypes" -.Fa "krb5_key_proc key_proc" -.Fa "krb5_const_pointer keyseed" -.Fa "krb5_decrypt_proc decrypt_proc" -.Fa "krb5_const_pointer decryptarg" -.Fa "krb5_creds *creds" -.Fa "krb5_ccache ccache" -.Fa "krb5_kdc_rep *ret_as_reply" -.Fc -.Ft krb5_error_code -.Fo krb5_get_in_cred -.Fa "krb5_context context" -.Fa "krb5_flags options" -.Fa "const krb5_addresses *addrs" -.Fa "const krb5_enctype *etypes" -.Fa "const krb5_preauthtype *ptypes" -.Fa "const krb5_preauthdata *preauth" -.Fa "krb5_key_proc key_proc" -.Fa "krb5_const_pointer keyseed" -.Fa "krb5_decrypt_proc decrypt_proc" -.Fa "krb5_const_pointer decryptarg" -.Fa "krb5_creds *creds" -.Fa "krb5_kdc_rep *ret_as_reply" -.Fc -.Ft krb5_error_code -.Fo krb5_get_in_tkt_with_password -.Fa "krb5_context context" -.Fa "krb5_flags options" -.Fa "krb5_addresses *addrs" -.Fa "const krb5_enctype *etypes" -.Fa "const krb5_preauthtype *pre_auth_types" -.Fa "const char *password" -.Fa "krb5_ccache ccache" -.Fa "krb5_creds *creds" -.Fa "krb5_kdc_rep *ret_as_reply" -.Fc -.Ft krb5_error_code -.Fo krb5_get_in_tkt_with_keytab -.Fa "krb5_context context" -.Fa "krb5_flags options" -.Fa "krb5_addresses *addrs" -.Fa "const krb5_enctype *etypes" -.Fa "const krb5_preauthtype *pre_auth_types" -.Fa "krb5_keytab keytab" -.Fa "krb5_ccache ccache" -.Fa "krb5_creds *creds" -.Fa "krb5_kdc_rep *ret_as_reply" -.Fc -.Ft krb5_error_code -.Fo krb5_get_in_tkt_with_skey -.Fa "krb5_context context" -.Fa "krb5_flags options" -.Fa "krb5_addresses *addrs" -.Fa "const krb5_enctype *etypes" -.Fa "const krb5_preauthtype *pre_auth_types" -.Fa "const krb5_keyblock *key" -.Fa "krb5_ccache ccache" -.Fa "krb5_creds *creds" -.Fa "krb5_kdc_rep *ret_as_reply" -.Fc -.Ft krb5_error_code -.Fo krb5_free_kdc_rep -.Fa "krb5_context context" -.Fa "krb5_kdc_rep *rep" -.Fc -.Ft krb5_error_code -.Fo krb5_password_key_proc -.Fa "krb5_context context" -.Fa "krb5_enctype type" -.Fa "krb5_salt salt" -.Fa "krb5_const_pointer keyseed" -.Fa "krb5_keyblock **key" -.Fc -.Sh DESCRIPTION -.Bf Em -All the functions in this manual page are deprecated in the MIT -implementation, and will soon be deprecated in Heimdal too, don't use them. -.Ef -.Pp -Getting initial credential ticket for a principal. -.Nm krb5_get_in_cred -is the function all other krb5_get_in function uses to fetch tickets. -The other krb5_get_in function are more specialized and therefor -somewhat easier to use. -.Pp -If your need is only to verify a user and password, consider using -.Xr krb5_verify_user 3 -instead, it have a much simpler interface. -.Pp -.Nm krb5_get_in_tkt -and -.Nm krb5_get_in_cred -fetches initial credential, queries after key using the -.Fa key_proc -argument. -The differences between the two function is that -.Nm krb5_get_in_tkt -stores the credential in a -.Li krb5_creds -while -.Nm krb5_get_in_cred -stores the credential in a -.Li krb5_ccache . -.Pp -.Nm krb5_get_in_tkt_with_password , -.Nm krb5_get_in_tkt_with_keytab , -and -.Nm krb5_get_in_tkt_with_skey -does the same work as -.Nm krb5_get_in_cred -but are more specialized. -.Pp -.Nm krb5_get_in_tkt_with_password -uses the clients password to authenticate. -If the password argument is -.DV NULL -the user user queried with the default password query function. -.Pp -.Nm krb5_get_in_tkt_with_keytab -searches the given keytab for a service entry for the client principal. -If the keytab is -.Dv NULL -the default keytab is used. -.Pp -.Nm krb5_get_in_tkt_with_skey -uses a key to get the initial credential. -.Pp -There are some common arguments to the krb5_get_in functions, these are: -.Pp -.Fa options -are the -.Dv KDC_OPT -flags. -.Pp -.Fa etypes -is a -.Dv NULL -terminated array of encryption types that the client approves. -.Pp -.Fa addrs -a list of the addresses that the initial ticket. -If it is -.Dv NULL -the list will be generated by the library. -.Pp -.Fa pre_auth_types -a -.Dv NULL -terminated array of pre-authentication types. -If -.Fa pre_auth_types -is -.Dv NULL -the function will try without pre-authentication and return those -pre-authentication that the KDC returned. -.Pp -.Fa ret_as_reply -will (if not -.Dv NULL ) -be filled in with the response of the KDC and should be free with -.Fn krb5_free_kdc_rep . -.Pp -.Fa key_proc -is a pointer to a function that should return a key salted appropriately. -Using -.Dv NULL -will use the default password query function. -.Pp -.Fa decrypt_proc -Using -.Dv NULL -will use the default decryption function. -.Pp -.Fa decryptarg -will be passed to the decryption function -.Fa decrypt_proc . -.Pp -.Fa creds -creds should be filled in with the template for a credential that -should be requested. -The client and server elements of the creds structure must be filled in. -Upon return of the function it will be contain the content of the -requested credential -.Fa ( krb5_get_in_cred ) , -or it will be freed with -.Xr krb5_free_creds 3 -(all the other krb5_get_in functions). -.Pp -.Fa ccache -will store the credential in the credential cache -.Fa ccache . -The credential cache will not be initialized, thats up the the caller. -.Pp -.Nm krb5_password_key_proc -is a library function that is suitable using as the -.Fa krb5_key_proc -argument to -.Nm krb5_get_in_cred -or -.Nm krb5_get_in_tkt . -.Fa keyseed -should be a pointer to a -.Dv NUL -terminated string or -.Dv NULL . -.Nm krb5_password_key_proc -will query the user for the pass on the console if the password isn't -given as the argument -.Fa keyseed . -.Pp -.Fn krb5_free_kdc_rep -frees the content of -.Fa rep . -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_verify_user 3 , -.Xr krb5.conf 5 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_get_init_creds.3 b/crypto/heimdal/lib/krb5/krb5_get_init_creds.3 deleted file mode 100644 index 3838c1449a57..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_get_init_creds.3 +++ /dev/null @@ -1,398 +0,0 @@ -.\" Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_get_init_creds.3 20266 2007-02-18 10:41:10Z lha $ -.\" -.Dd Sep 16, 2006 -.Dt KRB5_GET_INIT_CREDS 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_get_init_creds , -.Nm krb5_get_init_creds_keytab , -.Nm krb5_get_init_creds_opt , -.Nm krb5_get_init_creds_opt_alloc , -.Nm krb5_get_init_creds_opt_free , -.Nm krb5_get_init_creds_opt_init , -.Nm krb5_get_init_creds_opt_set_address_list , -.Nm krb5_get_init_creds_opt_set_addressless , -.Nm krb5_get_init_creds_opt_set_anonymous , -.Nm krb5_get_init_creds_opt_set_default_flags , -.Nm krb5_get_init_creds_opt_set_etype_list , -.Nm krb5_get_init_creds_opt_set_forwardable , -.Nm krb5_get_init_creds_opt_set_pa_password , -.Nm krb5_get_init_creds_opt_set_paq_request , -.Nm krb5_get_init_creds_opt_set_preauth_list , -.Nm krb5_get_init_creds_opt_set_proxiable , -.Nm krb5_get_init_creds_opt_set_renew_life , -.Nm krb5_get_init_creds_opt_set_salt , -.Nm krb5_get_init_creds_opt_set_tkt_life , -.Nm krb5_get_init_creds_opt_set_canonicalize , -.Nm krb5_get_init_creds_opt_set_win2k , -.Nm krb5_get_init_creds_password , -.Nm krb5_prompt , -.Nm krb5_prompter_posix -.Nd Kerberos 5 initial authentication functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Ft krb5_get_init_creds_opt; -.Pp -.Ft krb5_error_code -.Fo krb5_get_init_creds_opt_alloc -.Fa "krb5_context context" -.Fa "krb5_get_init_creds_opt **opt" -.Fc -.Ft void -.Fo krb5_get_init_creds_opt_free -.Fa "krb5_context context" -.Fa "krb5_get_init_creds_opt *opt" -.Fc -.Ft void -.Fo krb5_get_init_creds_opt_init -.Fa "krb5_get_init_creds_opt *opt" -.Fc -.Ft void -.Fo krb5_get_init_creds_opt_set_address_list -.Fa "krb5_get_init_creds_opt *opt" -.Fa "krb5_addresses *addresses" -.Fc -.Ft void -.Fo krb5_get_init_creds_opt_set_addressless -.Fa "krb5_get_init_creds_opt *opt" -.Fa "krb5_boolean addressless" -.Fc -.Ft void -.Fo krb5_get_init_creds_opt_set_anonymous -.Fa "krb5_get_init_creds_opt *opt" -.Fa "int anonymous" -.Fc -.Ft void -.Fo krb5_get_init_creds_opt_set_default_flags -.Fa "krb5_context context" -.Fa "const char *appname" -.Fa "krb5_const_realm realm" -.Fa "krb5_get_init_creds_opt *opt" -.Fc -.Ft void -.Fo krb5_get_init_creds_opt_set_etype_list -.Fa "krb5_get_init_creds_opt *opt" -.Fa "krb5_enctype *etype_list" -.Fa "int etype_list_length" -.Fc -.Ft void -.Fo krb5_get_init_creds_opt_set_forwardable -.Fa "krb5_get_init_creds_opt *opt" -.Fa "int forwardable" -.Fc -.Ft krb5_error_code -.Fo krb5_get_init_creds_opt_set_pa_password -.Fa "krb5_context context" -.Fa "krb5_get_init_creds_opt *opt" -.Fa "const char *password" -.Fa "krb5_s2k_proc key_proc" -.Fc -.Ft krb5_error_code -.Fo krb5_get_init_creds_opt_set_paq_request -.Fa "krb5_context context" -.Fa "krb5_get_init_creds_opt *opt" -.Fa "krb5_boolean req_pac" -.Fc -.Ft krb5_error_code -.Fo krb5_get_init_creds_opt_set_pkinit -.Fa "krb5_context context" -.Fa "krb5_get_init_creds_opt *opt" -.Fa "const char *cert_file" -.Fa "const char *key_file" -.Fa "const char *x509_anchors" -.Fa "int flags" -.Fa "char *password" -.Fc -.Ft void -.Fo krb5_get_init_creds_opt_set_preauth_list -.Fa "krb5_get_init_creds_opt *opt" -.Fa "krb5_preauthtype *preauth_list" -.Fa "int preauth_list_length" -.Fc -.Ft void -.Fo krb5_get_init_creds_opt_set_proxiable -.Fa "krb5_get_init_creds_opt *opt" -.Fa "int proxiable" -.Fc -.Ft void -.Fo krb5_get_init_creds_opt_set_renew_life -.Fa "krb5_get_init_creds_opt *opt" -.Fa "krb5_deltat renew_life" -.Fc -.Ft void -.Fo krb5_get_init_creds_opt_set_salt -.Fa "krb5_get_init_creds_opt *opt" -.Fa "krb5_data *salt" -.Fc -.Ft void -.Fo krb5_get_init_creds_opt_set_tkt_life -.Fa "krb5_get_init_creds_opt *opt" -.Fa "krb5_deltat tkt_life" -.Fc -.Ft krb5_error_code -.Fo krb5_get_init_creds_opt_set_canonicalize -.Fa "krb5_context context" -.Fa "krb5_get_init_creds_opt *opt" -.Fa "krb5_boolean req" -.Fc -.Ft krb5_error_code -.Fo krb5_get_init_creds_opt_set_win2k -.Fa "krb5_context context" -.Fa "krb5_get_init_creds_opt *opt" -.Fa "krb5_boolean req" -.Fc -.Ft krb5_error_code -.Fo krb5_get_init_creds -.Fa "krb5_context context" -.Fa "krb5_creds *creds" -.Fa "krb5_principal client" -.Fa "krb5_prompter_fct prompter" -.Fa "void *prompter_data" -.Fa "krb5_deltat start_time" -.Fa "const char *in_tkt_service" -.Fa "krb5_get_init_creds_opt *options" -.Fc -.Ft krb5_error_code -.Fo krb5_get_init_creds_password -.Fa "krb5_context context" -.Fa "krb5_creds *creds" -.Fa "krb5_principal client" -.Fa "const char *password" -.Fa "krb5_prompter_fct prompter" -.Fa "void *prompter_data" -.Fa "krb5_deltat start_time" -.Fa "const char *in_tkt_service" -.Fa "krb5_get_init_creds_opt *in_options" -.Fc -.Ft krb5_error_code -.Fo krb5_get_init_creds_keytab -.Fa "krb5_context context" -.Fa "krb5_creds *creds" -.Fa "krb5_principal client" -.Fa "krb5_keytab keytab" -.Fa "krb5_deltat start_time" -.Fa "const char *in_tkt_service" -.Fa "krb5_get_init_creds_opt *options" -.Fc -.Ft int -.Fo krb5_prompter_posix -.Fa "krb5_context context" -.Fa "void *data" -.Fa "const char *name" -.Fa "const char *banner" -.Fa "int num_prompts" -.Fa "krb5_prompt prompts[]" -.Fc -.Sh DESCRIPTION -Getting initial credential ticket for a principal. -That may include changing an expired password, and doing preauthentication. -This interface that replaces the deprecated -.Fa krb5_in_tkt -and -.Fa krb5_in_cred -functions. -.Pp -If you only want to verify a username and password, consider using -.Xr krb5_verify_user 3 -instead, since it also verifies that initial credentials with using a -keytab to make sure the response was from the KDC. -.Pp -First a -.Li krb5_get_init_creds_opt -structure is initialized -with -.Fn krb5_get_init_creds_opt_alloc -or -.Fn krb5_get_init_creds_opt_init . -.Fn krb5_get_init_creds_opt_alloc -allocates a extendible structures that needs to be freed with -.Fn krb5_get_init_creds_opt_free . -The structure may be modified by any of the -.Fn krb5_get_init_creds_opt_set -functions to change request parameters and authentication information. -.Pp -If the caller want to use the default options, -.Dv NULL -can be passed instead. -.Pp -The the actual request to the KDC is done by any of the -.Fn krb5_get_init_creds , -.Fn krb5_get_init_creds_password , -or -.Fn krb5_get_init_creds_keytab -functions. -.Fn krb5_get_init_creds -is the least specialized function and can, with the right in data, -behave like the latter two. -The latter two are there for compatibility with older releases and -they are slightly easier to use. -.Pp -.Li krb5_prompt -is a structure containing the following elements: -.Bd -literal -typedef struct { - const char *prompt; - int hidden; - krb5_data *reply; - krb5_prompt_type type -} krb5_prompt; -.Ed -.Pp -.Fa prompt -is the prompt that should shown to the user -If -.Fa hidden -is set, the prompter function shouldn't echo the output to the display -device. -.Fa reply -must be preallocated; it will not be allocated by the prompter -function. -Possible values for the -.Fa type -element are: -.Pp -.Bl -tag -width Ds -compact -offset indent -.It KRB5_PROMPT_TYPE_PASSWORD -.It KRB5_PROMPT_TYPE_NEW_PASSWORD -.It KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN -.It KRB5_PROMPT_TYPE_PREAUTH -.It KRB5_PROMPT_TYPE_INFO -.El -.Pp -.Fn krb5_prompter_posix -is the default prompter function in a POSIX environment. -It matches the -.Fa krb5_prompter_fct -and can be used in the -.Fa krb5_get_init_creds -functions. -.Fn krb5_prompter_posix -doesn't require -.Fa prompter_data. -.Pp -If the -.Fa start_time -is zero, then the requested ticket will be valid -beginning immediately. -Otherwise, the -.Fa start_time -indicates how far in the future the ticket should be postdated. -.Pp -If the -.Fa in_tkt_service -name is -.Dv non-NULL , -that principal name will be -used as the server name for the initial ticket request. -The realm of the name specified will be ignored and will be set to the -realm of the client name. -If no in_tkt_service name is specified, -krbtgt/CLIENT-REALM@CLIENT-REALM will be used. -.Pp -For the rest of arguments, a configuration or library default will be -used if no value is specified in the options structure. -.Pp -.Fn krb5_get_init_creds_opt_set_address_list -sets the list of -.Fa addresses -that is should be stored in the ticket. -.Pp -.Fn krb5_get_init_creds_opt_set_addressless -controls if the ticket is requested with addresses or not, -.Fn krb5_get_init_creds_opt_set_address_list -overrides this option. -.Pp -.Fn krb5_get_init_creds_opt_set_anonymous -make the request anonymous if the -.Fa anonymous -parameter is non-zero. -.Pp -.Fn krb5_get_init_creds_opt_set_default_flags -sets the default flags using the configuration file. -.Pp -.Fn krb5_get_init_creds_opt_set_etype_list -set a list of enctypes that the client is willing to support in the -request. -.Pp -.Fn krb5_get_init_creds_opt_set_forwardable -request a forwardable ticket. -.Pp -.Fn krb5_get_init_creds_opt_set_pa_password -set the -.Fa password -and -.Fa key_proc -that is going to be used to get a new ticket. -.Fa password -or -.Fa key_proc -can be -.Dv NULL -if the caller wants to use the default values. -If the -.Fa password -is unset and needed, the user will be prompted for it. -.Pp -.Fn krb5_get_init_creds_opt_set_paq_request -sets the password that is going to be used to get a new ticket. -.Pp -.Fn krb5_get_init_creds_opt_set_preauth_list -sets the list of client-supported preauth types. -.Pp -.Fn krb5_get_init_creds_opt_set_proxiable -makes the request proxiable. -.Pp -.Fn krb5_get_init_creds_opt_set_renew_life -sets the requested renewable lifetime. -.Pp -.Fn krb5_get_init_creds_opt_set_salt -sets the salt that is going to be used in the request. -.Pp -.Fn krb5_get_init_creds_opt_set_tkt_life -sets requested ticket lifetime. -.Pp -.Fn krb5_get_init_creds_opt_set_canonicalize -requests that the KDC canonicalize the client pricipal if possible. -.Pp -.Fn krb5_get_init_creds_opt_set_win2k -turns on compatibility with Windows 2000. -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_creds 3 , -.Xr krb5_verify_user 3 , -.Xr krb5.conf 5 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_get_krbhst.3 b/crypto/heimdal/lib/krb5/krb5_get_krbhst.3 deleted file mode 100644 index d613a0d6df11..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_get_krbhst.3 +++ /dev/null @@ -1,86 +0,0 @@ -.\" Copyright (c) 2001 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_get_krbhst.3 14905 2005-04-24 07:46:59Z lha $ -.\" -.Dd April 24, 2005 -.Dt KRB5_GET_KRBHST 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_get_krbhst , -.Nm krb5_get_krb_admin_hst , -.Nm krb5_get_krb_changepw_hst , -.Nm krb5_get_krb524hst , -.Nm krb5_free_krbhst -.Nd lookup Kerberos KDC hosts -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fn krb5_get_krbhst "krb5_context context" "const krb5_realm *realm" "char ***hostlist" -.Ft krb5_error_code -.Fn krb5_get_krb_admin_hst "krb5_context context" "const krb5_realm *realm" "char ***hostlist" -.Ft krb5_error_code -.Fn krb5_get_krb_changepw_hst "krb5_context context" "const krb5_realm *realm" "char ***hostlist" -.Ft krb5_error_code -.Fn krb5_get_krb524hst "krb5_context context" "const krb5_realm *realm" "char ***hostlist" -.Ft krb5_error_code -.Fn krb5_free_krbhst "krb5_context context" "char **hostlist" -.Sh DESCRIPTION -These functions implement the old API to get a list of Kerberos hosts, -and are thus similar to the -.Fn krb5_krbhst_init -functions. However, since these functions returns -.Em all -hosts in one go, they potentially have to do more lookups than -necessary. These functions remain for compatibility reasons. -.Pp -After a call to one of these functions, -.Fa hostlist -is a -.Dv NULL -terminated list of strings, pointing to the requested Kerberos hosts. These should be freed with -.Fn krb5_free_krbhst -when done with. -.Sh EXAMPLES -The following code will print the KDCs of the realm -.Dq MY.REALM . -.Bd -literal -offset indent -char **hosts, **p; -krb5_get_krbhst(context, "MY.REALM", &hosts); -for(p = hosts; *p; p++) - printf("%s\\n", *p); -krb5_free_krbhst(context, hosts); -.Ed -.\" .Sh BUGS -.Sh SEE ALSO -.Xr krb5_krbhst_init 3 diff --git a/crypto/heimdal/lib/krb5/krb5_getportbyname.3 b/crypto/heimdal/lib/krb5/krb5_getportbyname.3 deleted file mode 100644 index 143606090031..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_getportbyname.3 +++ /dev/null @@ -1,67 +0,0 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_getportbyname.3 22071 2007-11-14 20:04:50Z lha $ -.\" -.Dd August 15, 2004 -.Dt NAME 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_getportbyname -.Nd get port number by name -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft int -.Fo krb5_getportbyname -.Fa "krb5_context context" -.Fa "const char *service" -.Fa "const char *proto" -.Fa "int default_port" -.Fc -.Sh DESCRIPTION -.Fn krb5_getportbyname -gets the port number for -.Fa service / -.Fa proto -pair from the global service table for and returns it in network order. -If it isn't found in the global table, the -.Fa default_port -(given in host order) -is returned. -.Sh EXAMPLE -.Bd -literal -int port = krb5_getportbyname(context, "kerberos", "tcp", 88); -.Ed -.\" .Sh BUGS -.Sh SEE ALSO -.Xr krb5 3 diff --git a/crypto/heimdal/lib/krb5/krb5_init_context.3 b/crypto/heimdal/lib/krb5/krb5_init_context.3 deleted file mode 100644 index cf9d69698501..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_init_context.3 +++ /dev/null @@ -1,308 +0,0 @@ -.\" Copyright (c) 2001 - 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_init_context.3 19980 2007-01-17 18:06:33Z lha $ -.\" -.Dd December 8, 2004 -.Dt KRB5_CONTEXT 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_add_et_list , -.Nm krb5_add_extra_addresses , -.Nm krb5_add_ignore_addresses , -.Nm krb5_context , -.Nm krb5_free_config_files , -.Nm krb5_free_context , -.Nm krb5_get_default_config_files , -.Nm krb5_get_dns_canonize_hostname , -.Nm krb5_get_extra_addresses , -.Nm krb5_get_fcache_version , -.Nm krb5_get_ignore_addresses , -.Nm krb5_get_kdc_sec_offset , -.Nm krb5_get_max_time_skew , -.Nm krb5_get_use_admin_kdc -.Nm krb5_init_context , -.Nm krb5_init_ets , -.Nm krb5_prepend_config_files , -.Nm krb5_prepend_config_files_default , -.Nm krb5_set_config_files , -.Nm krb5_set_dns_canonize_hostname , -.Nm krb5_set_extra_addresses , -.Nm krb5_set_fcache_version , -.Nm krb5_set_ignore_addresses , -.Nm krb5_set_max_time_skew , -.Nm krb5_set_use_admin_kdc , -.Nd create, modify and delete krb5_context structures -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Li "struct krb5_context;" -.Pp -.Ft krb5_error_code -.Fo krb5_init_context -.Fa "krb5_context *context" -.Fc -.Ft void -.Fo krb5_free_context -.Fa "krb5_context context" -.Fc -.Ft void -.Fo krb5_init_ets -.Fa "krb5_context context" -.Fc -.Ft krb5_error_code -.Fo krb5_add_et_list -.Fa "krb5_context context" -.Fa "void (*func)(struct et_list **)" -.Fc -.Ft krb5_error_code -.Fo krb5_add_extra_addresses -.Fa "krb5_context context" -.Fa "krb5_addresses *addresses" -.Fc -.Ft krb5_error_code -.Fo krb5_set_extra_addresses -.Fa "krb5_context context" -.Fa "const krb5_addresses *addresses" -.Fc -.Ft krb5_error_code -.Fo krb5_get_extra_addresses -.Fa "krb5_context context" -.Fa "krb5_addresses *addresses" -.Fc -.Ft krb5_error_code -.Fo krb5_add_ignore_addresses -.Fa "krb5_context context" -.Fa "krb5_addresses *addresses" -.Fc -.Ft krb5_error_code -.Fo krb5_set_ignore_addresses -.Fa "krb5_context context" -.Fa "const krb5_addresses *addresses" -.Fc -.Ft krb5_error_code -.Fo krb5_get_ignore_addresses -.Fa "krb5_context context" -.Fa "krb5_addresses *addresses" -.Fc -.Ft krb5_error_code -.Fo krb5_set_fcache_version -.Fa "krb5_context context" -.Fa "int version" -.Fc -.Ft krb5_error_code -.Fo krb5_get_fcache_version -.Fa "krb5_context context" -.Fa "int *version" -.Fc -.Ft void -.Fo krb5_set_dns_canonize_hostname -.Fa "krb5_context context" -.Fa "krb5_boolean flag" -.Fc -.Ft krb5_boolean -.Fo krb5_get_dns_canonize_hostname -.Fa "krb5_context context" -.Fc -.Ft krb5_error_code -.Fo krb5_get_kdc_sec_offset -.Fa "krb5_context context" -.Fa "int32_t *sec" -.Fa "int32_t *usec" -.Fc -.Ft krb5_error_code -.Fo krb5_set_config_files -.Fa "krb5_context context" -.Fa "char **filenames" -.Fc -.Ft krb5_error_code -.Fo krb5_prepend_config_files -.Fa "const char *filelist" -.Fa "char **pq" -.Fa "char ***ret_pp" -.Fc -.Ft krb5_error_code -.Fo krb5_prepend_config_files_default -.Fa "const char *filelist" -.Fa "char ***pfilenames" -.Fc -.Ft krb5_error_code -.Fo krb5_get_default_config_files -.Fa "char ***pfilenames" -.Fc -.Ft void -.Fo krb5_free_config_files -.Fa "char **filenames" -.Fc -.Ft void -.Fo krb5_set_use_admin_kdc -.Fa "krb5_context context" -.Fa "krb5_boolean flag" -.Fc -.Ft krb5_boolean -.Fo krb5_get_use_admin_kdc -.Fa "krb5_context context" -.Fc -.Ft time_t -.Fo krb5_get_max_time_skew -.Fa "krb5_context context" -.Fc -.Ft krb5_error_code -.Fo krb5_set_max_time_skew -.Fa "krb5_context context" -.Fa "time_t time" -.Fc -.Sh DESCRIPTION -The -.Fn krb5_init_context -function initializes the -.Fa context -structure and reads the configuration file -.Pa /etc/krb5.conf . -.Pp -The structure should be freed by calling -.Fn krb5_free_context -when it is no longer being used. -.Pp -.Fn krb5_init_context -returns 0 to indicate success. -Otherwise an errno code is returned. -Failure means either that something bad happened during initialization -(typically -.Bq ENOMEM ) -or that Kerberos should not be used -.Bq ENXIO . -.Pp -.Fn krb5_init_ets -adds all -.Xr com_err 3 -libs to -.Fa context . -This is done by -.Fn krb5_init_context . -.Pp -.Fn krb5_add_et_list -adds a -.Xr com_err 3 -error-code handler -.Fa func -to the specified -.Fa context . -The error handler must generated by the the re-rentrant version of the -.Xr compile_et 3 -program. -.Fn krb5_add_extra_addresses -add a list of addresses that should be added when requesting tickets. -.Pp -.Fn krb5_add_ignore_addresses -add a list of addresses that should be ignored when requesting tickets. -.Pp -.Fn krb5_get_extra_addresses -get the list of addresses that should be added when requesting tickets. -.Pp -.Fn krb5_get_ignore_addresses -get the list of addresses that should be ignored when requesting tickets. -.Pp -.Fn krb5_set_ignore_addresses -set the list of addresses that should be ignored when requesting tickets. -.Pp -.Fn krb5_set_extra_addresses -set the list of addresses that should be added when requesting tickets. -.Pp -.Fn krb5_set_fcache_version -sets the version of file credentials caches that should be used. -.Pp -.Fn krb5_get_fcache_version -gets the version of file credentials caches that should be used. -.Pp -.Fn krb5_set_dns_canonize_hostname -sets if the context is configured to canonicalize hostnames using DNS. -.Pp -.Fn krb5_get_dns_canonize_hostname -returns if the context is configured to canonicalize hostnames using DNS. -.Pp -.Fn krb5_get_kdc_sec_offset -returns the offset between the localtime and the KDC's time. -.Fa sec -and -.Fa usec -are both optional argument and -.Dv NULL -can be passed in. -.Pp -.Fn krb5_set_config_files -set the list of configuration files to use and re-initialize the -configuration from the files. -.Pp -.Fn krb5_prepend_config_files -parse the -.Fa filelist -and prepend the result to the already existing list -.Fa pq -The result is returned in -.Fa ret_pp -and should be freed with -.Fn krb5_free_config_files . -.Pp -.Fn krb5_prepend_config_files_default -parse the -.Fa filelist -and append that to the default -list of configuration files. -.Pp -.Fn krb5_get_default_config_files -get a list of default configuration files. -.Pp -.Fn krb5_free_config_files -free a list of configuration files returned by -.Fn krb5_get_default_config_files , -.Fn krb5_prepend_config_files_default , -or -.Fn krb5_prepend_config_files . -.Pp -.Fn krb5_set_use_admin_kdc -sets if all KDC requests should go admin KDC. -.Pp -.Fn krb5_get_use_admin_kdc -gets if all KDC requests should go admin KDC. -.Pp -.Fn krb5_get_max_time_skew -and -.Fn krb5_set_max_time_skew -get and sets the maximum allowed time skew between client and server. -.Sh SEE ALSO -.Xr errno 2 , -.Xr krb5 3 , -.Xr krb5_config 3 , -.Xr krb5_context 3 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_is_thread_safe.3 b/crypto/heimdal/lib/krb5/krb5_is_thread_safe.3 deleted file mode 100644 index 9f0a919d3571..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_is_thread_safe.3 +++ /dev/null @@ -1,58 +0,0 @@ -.\" Copyright (c) 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_is_thread_safe.3 17462 2006-05-05 13:18:39Z lha $ -.\" -.Dd May 5, 2006 -.Dt KRB5_IS_THREAD_SAFE 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_is_thread_safe -.Nd "is the Kerberos library compiled with multithread support" -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_boolean -.Fn krb5_is_thread_safe "void" -.Sh DESCRIPTION -.Nm -returns -.Dv TRUE -if the library was compiled with with multithread support. -If the library isn't compiled, the consumer have to use a global lock -to make sure Kerboros functions are not called at the same time by -diffrent threads. -.\" .Sh EXAMPLE -.\" .Sh BUGS -.Sh SEE ALSO -.Xr krb5_create_checksum 3 , -.Xr krb5_encrypt 3 diff --git a/crypto/heimdal/lib/krb5/krb5_keyblock.3 b/crypto/heimdal/lib/krb5/krb5_keyblock.3 deleted file mode 100644 index 9fabd32a0d01..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_keyblock.3 +++ /dev/null @@ -1,218 +0,0 @@ -.\" Copyright (c) 2003 - 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_keyblock.3 17385 2006-05-01 08:48:55Z lha $ -.\" -.Dd May 1, 2006 -.Dt KRB5_KEYBLOCK 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_keyblock , -.Nm krb5_keyblock_get_enctype , -.Nm krb5_copy_keyblock , -.Nm krb5_copy_keyblock_contents , -.Nm krb5_free_keyblock , -.Nm krb5_free_keyblock_contents , -.Nm krb5_generate_random_keyblock , -.Nm krb5_generate_subkey , -.Nm krb5_generate_subkey_extended , -.Nm krb5_keyblock_init , -.Nm krb5_keyblock_zero , -.Nm krb5_random_to_key -.Nd Kerberos 5 key handling functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Li krb5_keyblock ; -.Ft krb5_enctype -.Fo krb5_keyblock_get_enctype -.Fa "const krb5_keyblock *block" -.Fc -.Ft krb5_error_code -.Fo krb5_copy_keyblock -.Fa "krb5_context context" -.Fa "krb5_keyblock **to" -.Fc -.Ft krb5_error_code -.Fo krb5_copy_keyblock_contents -.Fa "krb5_context context" -.Fa "const krb5_keyblock *inblock" -.Fa "krb5_keyblock *to" -.Fc -.Ft void -.Fo krb5_free_keyblock -.Fa "krb5_context context" -.Fa "krb5_keyblock *keyblock" -.Fc -.Ft void -.Fo krb5_free_keyblock_contents -.Fa "krb5_context context" -.Fa "krb5_keyblock *keyblock" -.Fc -.Ft krb5_error_code -.Fo krb5_generate_random_keyblock -.Fa "krb5_context context" -.Fa "krb5_enctype type" -.Fa "krb5_keyblock *key" -.Fc -.Ft krb5_error_code -.Fo krb5_generate_subkey -.Fa "krb5_context context" -.Fa "const krb5_keyblock *key" -.Fa "krb5_keyblock **subkey" -.Fc -.Ft krb5_error_code -.Fo krb5_generate_subkey_extended -.Fa "krb5_context context" -.Fa "const krb5_keyblock *key" -.Fa "krb5_enctype enctype" -.Fa "krb5_keyblock **subkey" -.Fc -.Ft krb5_error_code -.Fo krb5_keyblock_init -.Fa "krb5_context context" -.Fa "krb5_enctype type" -.Fa "const void *data" -.Fa "size_t size" -.Fa "krb5_keyblock *key" -.Fc -.Ft void -.Fo krb5_keyblock_zero -.Fa "krb5_keyblock *keyblock" -.Fc -.Ft krb5_error_code -.Fo krb5_random_to_key -.Fa "krb5_context context" -.Fa "krb5_enctype type" -.Fa "const void *data" -.Fa "size_t size" -.Fa "krb5_keyblock *key" -.Fc -.Sh DESCRIPTION -.Li krb5_keyblock -holds the encryption key for a specific encryption type. -There is no component inside -.Li krb5_keyblock -that is directly referable. -.Pp -.Fn krb5_keyblock_get_enctype -returns the encryption type of the keyblock. -.Pp -.Fn krb5_copy_keyblock -makes a copy the keyblock -.Fa inblock -to the -output -.Fa out . -.Fa out -should be freed by the caller with -.Fa krb5_free_keyblock . -.Pp -.Fn krb5_copy_keyblock_contents -copies the contents of -.Fa inblock -to the -.Fa to -keyblock. -The destination keyblock is overritten. -.Pp -.Fn krb5_free_keyblock -zeros out and frees the content and the keyblock itself. -.Pp -.Fn krb5_free_keyblock_contents -zeros out and frees the content of the keyblock. -.Pp -.Fn krb5_generate_random_keyblock -creates a new content of the keyblock -.Fa key -of type encrytion type -.Fa type . -The content of -.Fa key -is overwritten and not freed, so the caller should be sure it is -freed before calling the function. -.Pp -.Fn krb5_generate_subkey -generates a -.Fa subkey -of the same type as -.Fa key . -The caller must free the subkey with -.Fa krb5_free_keyblock . -.Pp -.Fn krb5_generate_subkey_extended -generates a -.Fa subkey -of the specified encryption type -.Fa type . -If -.Fa type -is -.Dv ETYPE_NULL , -of the same type as -.Fa key . -The caller must free the subkey with -.Fa krb5_free_keyblock . -.Pp -.Fn krb5_keyblock_init -Fill in -.Fa key -with key data of type -.Fa enctype -from -.Fa data -of length -.Fa size . -Key should be freed using -.Fn krb5_free_keyblock_contents . -.Pp -.Fn krb5_keyblock_zero -zeros out the keyblock to to make sure no keymaterial is in -memory. -Note that -.Fn krb5_free_keyblock_contents -also zeros out the memory. -.Pp -.Fn krb5_random_to_key -converts the random bytestring to a protocol key according to Kerberos -crypto frame work. -It the resulting key will be of type -.Fa enctype . -It may be assumed that all the bits of the input string are equally -random, even though the entropy present in the random source may be -limited -.\" .Sh EXAMPLES -.Sh SEE ALSO -.Xr krb5_crypto_init 3 , -.Xr krb5 3 , -.Xr krb5.conf 5 diff --git a/crypto/heimdal/lib/krb5/krb5_keytab.3 b/crypto/heimdal/lib/krb5/krb5_keytab.3 deleted file mode 100644 index b6cb1a26cc00..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_keytab.3 +++ /dev/null @@ -1,482 +0,0 @@ -.\" Copyright (c) 2001 - 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_keytab.3 22071 2007-11-14 20:04:50Z lha $ -.\" -.Dd August 12, 2005 -.Dt KRB5_KEYTAB 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_kt_ops , -.Nm krb5_keytab_entry , -.Nm krb5_kt_cursor , -.Nm krb5_kt_add_entry , -.Nm krb5_kt_close , -.Nm krb5_kt_compare , -.Nm krb5_kt_copy_entry_contents , -.Nm krb5_kt_default , -.Nm krb5_kt_default_modify_name , -.Nm krb5_kt_default_name , -.Nm krb5_kt_end_seq_get , -.Nm krb5_kt_free_entry , -.Nm krb5_kt_get_entry , -.Nm krb5_kt_get_name , -.Nm krb5_kt_get_type , -.Nm krb5_kt_next_entry , -.Nm krb5_kt_read_service_key , -.Nm krb5_kt_register , -.Nm krb5_kt_remove_entry , -.Nm krb5_kt_resolve , -.Nm krb5_kt_start_seq_get -.Nd manage keytab (key storage) files -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Ft krb5_error_code -.Fo krb5_kt_add_entry -.Fa "krb5_context context" -.Fa "krb5_keytab id" -.Fa "krb5_keytab_entry *entry" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_close -.Fa "krb5_context context" -.Fa "krb5_keytab id" -.Fc -.Ft krb5_boolean -.Fo krb5_kt_compare -.Fa "krb5_context context" -.Fa "krb5_keytab_entry *entry" -.Fa "krb5_const_principal principal" -.Fa "krb5_kvno vno" -.Fa "krb5_enctype enctype" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_copy_entry_contents -.Fa "krb5_context context" -.Fa "const krb5_keytab_entry *in" -.Fa "krb5_keytab_entry *out" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_default -.Fa "krb5_context context" -.Fa "krb5_keytab *id" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_default_modify_name -.Fa "krb5_context context" -.Fa "char *name" -.Fa "size_t namesize" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_default_name -.Fa "krb5_context context" -.Fa "char *name" -.Fa "size_t namesize" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_end_seq_get -.Fa "krb5_context context" -.Fa "krb5_keytab id" -.Fa "krb5_kt_cursor *cursor" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_free_entry -.Fa "krb5_context context" -.Fa "krb5_keytab_entry *entry" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_get_entry -.Fa "krb5_context context" -.Fa "krb5_keytab id" -.Fa "krb5_const_principal principal" -.Fa "krb5_kvno kvno" -.Fa "krb5_enctype enctype" -.Fa "krb5_keytab_entry *entry" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_get_name -.Fa "krb5_context context" -.Fa "krb5_keytab keytab" -.Fa "char *name" -.Fa "size_t namesize" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_get_type -.Fa "krb5_context context" -.Fa "krb5_keytab keytab" -.Fa "char *prefix" -.Fa "size_t prefixsize" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_next_entry -.Fa "krb5_context context" -.Fa "krb5_keytab id" -.Fa "krb5_keytab_entry *entry" -.Fa "krb5_kt_cursor *cursor" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_read_service_key -.Fa "krb5_context context" -.Fa "krb5_pointer keyprocarg" -.Fa "krb5_principal principal" -.Fa "krb5_kvno vno" -.Fa "krb5_enctype enctype" -.Fa "krb5_keyblock **key" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_register -.Fa "krb5_context context" -.Fa "const krb5_kt_ops *ops" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_remove_entry -.Fa "krb5_context context" -.Fa "krb5_keytab id" -.Fa "krb5_keytab_entry *entry" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_resolve -.Fa "krb5_context context" -.Fa "const char *name" -.Fa "krb5_keytab *id" -.Fc -.Ft krb5_error_code -.Fo krb5_kt_start_seq_get -.Fa "krb5_context context" -.Fa "krb5_keytab id" -.Fa "krb5_kt_cursor *cursor" -.Fc -.Sh DESCRIPTION -A keytab name is on the form -.Li type:residual . -The -.Li residual -part is specific to each keytab-type. -.Pp -When a keytab-name is resolved, the type is matched with an internal -list of keytab types. If there is no matching keytab type, -the default keytab is used. The current default type is -.Nm file . -The default value can be changed in the configuration file -.Pa /etc/krb5.conf -by setting the variable -.Li [defaults]default_keytab_name . -.Pp -The keytab types that are implemented in Heimdal -are: -.Bl -tag -width Ds -.It Nm file -store the keytab in a file, the type's name is -.Li FILE . -The residual part is a filename. -For compatibility with other Kerberos implemtation -.Li WRFILE -and -.LI JAVA14 -is also accepted. -.Li WRFILE -has the same format as -.Li FILE . -.Li JAVA14 -have a format that is compatible with older versions of MIT kerberos -and SUN's Java based installation. They store a truncted kvno, so -when the knvo excess 255, they are truncted in this format. -.It Nm keyfile -store the keytab in a -.Li AFS -keyfile (usually -.Pa /usr/afs/etc/KeyFile ) , -the type's name is -.Li AFSKEYFILE . -The residual part is a filename. -.It Nm krb4 -the keytab is a Kerberos 4 -.Pa srvtab -that is on-the-fly converted to a keytab. The type's name is -.Li krb4 . -The residual part is a filename. -.It Nm memory -The keytab is stored in a memory segment. This allows sensitive and/or -temporary data not to be stored on disk. The type's name is -.Li MEMORY . -Each -.Li MEMORY -keytab is referenced counted by and opened by the residual name, so two -handles can point to the same memory area. -When the last user closes the entry, it disappears. -.El -.Pp -.Nm krb5_keytab_entry -holds all data for an entry in a keytab file, like principal name, -key-type, key, key-version number, etc. -.Nm krb5_kt_cursor -holds the current position that is used when iterating through a -keytab entry with -.Fn krb5_kt_start_seq_get , -.Fn krb5_kt_next_entry , -and -.Fn krb5_kt_end_seq_get . -.Pp -.Nm krb5_kt_ops -contains the different operations that can be done to a keytab. This -structure is normally only used when doing a new keytab-type -implementation. -.Pp -.Fn krb5_kt_resolve -is the equivalent of an -.Xr open 2 -on keytab. Resolve the keytab name in -.Fa name -into a keytab in -.Fa id . -Returns 0 or an error. The opposite of -.Fn krb5_kt_resolve -is -.Fn krb5_kt_close . -.Pp -.Fn krb5_kt_close -frees all resources allocated to the keytab, even on failure. -Returns 0 or an error. -.Pp -.Fn krb5_kt_default -sets the argument -.Fa id -to the default keytab. -Returns 0 or an error. -.Pp -.Fn krb5_kt_default_modify_name -copies the name of the default modify keytab into -.Fa name . -Return 0 or KRB5_CONFIG_NOTENUFSPACE if -.Fa namesize -is too short. -.Pp -.Fn krb5_kt_default_name -copies the name of the default keytab into -.Fa name . -Return 0 or KRB5_CONFIG_NOTENUFSPACE if -.Fa namesize -is too short. -.Pp -.Fn krb5_kt_add_entry -adds a new -.Fa entry -to the keytab -.Fa id . -.Li KRB5_KT_NOWRITE -is returned if the keytab is a readonly keytab. -.Pp -.Fn krb5_kt_compare -compares the passed in -.Fa entry -against -.Fa principal , -.Fa vno , -and -.Fa enctype . -Any of -.Fa principal , -.Fa vno -or -.Fa enctype -might be 0 which acts as a wildcard. Return TRUE if they compare the -same, FALSE otherwise. -.Pp -.Fn krb5_kt_copy_entry_contents -copies the contents of -.Fa in -into -.Fa out . -Returns 0 or an error. -.Pp -.Fn krb5_kt_get_name -retrieves the name of the keytab -.Fa keytab -into -.Fa name , -.Fa namesize . -Returns 0 or an error. -.Pp -.Fn krb5_kt_get_type -retrieves the type of the keytab -.Fa keytab -and store the prefix/name for type of the keytab into -.Fa prefix , -.Fa prefixsize . -The prefix will have the maximum length of -.Dv KRB5_KT_PREFIX_MAX_LEN -(including terminating -.Dv NUL ) . -Returns 0 or an error. -.Pp -.Fn krb5_kt_free_entry -frees the contents of -.Fa entry . -.Pp -.Fn krb5_kt_start_seq_get -sets -.Fa cursor -to point at the beginning of -.Fa id . -Returns 0 or an error. -.Pp -.Fn krb5_kt_next_entry -gets the next entry from -.Fa id -pointed to by -.Fa cursor -and advance the -.Fa cursor . -On success the returne entry must be freed with -.Fn krb5_kt_free_entry . -Returns 0 or an error. -.Pp -.Fn krb5_kt_end_seq_get -releases all resources associated with -.Fa cursor . -.Pp -.Fn krb5_kt_get_entry -retrieves the keytab entry for -.Fa principal , -.Fa kvno , -.Fa enctype -into -.Fa entry -from the keytab -.Fa id . -When comparing an entry in the keytab to determine a match, the -function -.Fn krb5_kt_compare -is used, so the wildcard rules applies to the argument of -.F krb5_kt_get_entry -too. -On success the returne entry must be freed with -.Fn krb5_kt_free_entry . -Returns 0 or an error. -.Pp -.Fn krb5_kt_read_service_key -reads the key identified by -.Fa ( principal , -.Fa vno , -.Fa enctype ) -from the keytab in -.Fa keyprocarg -(the system default keytab if -.Dv NULL -is used) into -.Fa *key . -.Fa keyprocarg -is the same argument as to -.Fa name -argument to -.Fn krb5_kt_resolve . -Internal -.Fn krb5_kt_compare -will be used, so the same wildcard rules applies -to -.Fn krb5_kt_read_service_key . -On success the returned key must be freed with -.Fa krb5_free_keyblock . -Returns 0 or an error. -.Pp -.Fn krb5_kt_remove_entry -removes the entry -.Fa entry -from the keytab -.Fa id . -When comparing an entry in the keytab to determine a match, the -function -.Fn krb5_kt_compare -is use, so the wildcard rules applies to the argument of -.Fn krb5_kt_remove_entry . -Returns 0, -.Dv KRB5_KT_NOTFOUND -if not entry matched or another error. -.Pp -.Fn krb5_kt_register -registers a new keytab type -.Fa ops . -Returns 0 or an error. -.Sh EXAMPLES -This is a minimalistic version of -.Nm ktutil . -.Pp -.Bd -literal -int -main (int argc, char **argv) -{ - krb5_context context; - krb5_keytab keytab; - krb5_kt_cursor cursor; - krb5_keytab_entry entry; - krb5_error_code ret; - char *principal; - - if (krb5_init_context (&context) != 0) - errx(1, "krb5_context"); - - ret = krb5_kt_default (context, &keytab); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_default"); - - ret = krb5_kt_start_seq_get(context, keytab, &cursor); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_start_seq_get"); - while((ret = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0){ - krb5_unparse_name_short(context, entry.principal, &principal); - printf("principal: %s\\n", principal); - free(principal); - krb5_kt_free_entry(context, &entry); - } - ret = krb5_kt_end_seq_get(context, keytab, &cursor); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_end_seq_get"); - ret = krb5_kt_close(context, keytab); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_close"); - krb5_free_context(context); - return 0; -} -.Ed -.Sh COMPATIBILITY -Heimdal stored the ticket flags in machine bit-field order before -Heimdal 0.7. The behavior is possible to change in with the option -.Li [libdefaults]fcc-mit-ticketflags . -Heimdal 0.7 also code to detech that ticket flags was in the wrong -order and correct them. This matters when doing delegation in GSS-API -because the client code looks at the flag to determin if it is possible -to do delegation if the user requested it. -.Sh SEE ALSO -.Xr krb5.conf 5 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_krbhst_init.3 b/crypto/heimdal/lib/krb5/krb5_krbhst_init.3 deleted file mode 100644 index 1d906bfafc0b..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_krbhst_init.3 +++ /dev/null @@ -1,174 +0,0 @@ -.\" Copyright (c) 2001-2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_krbhst_init.3 15110 2005-05-10 09:21:06Z lha $ -.\" -.Dd May 10, 2005 -.Dt KRB5_KRBHST_INIT 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_krbhst_init , -.Nm krb5_krbhst_init_flags , -.Nm krb5_krbhst_next , -.Nm krb5_krbhst_next_as_string , -.Nm krb5_krbhst_reset , -.Nm krb5_krbhst_free , -.Nm krb5_krbhst_format_string , -.Nm krb5_krbhst_get_addrinfo -.Nd lookup Kerberos KDC hosts -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fn krb5_krbhst_init "krb5_context context" "const char *realm" "unsigned int type" "krb5_krbhst_handle *handle" -.Ft krb5_error_code -.Fn krb5_krbhst_init_flags "krb5_context context" "const char *realm" "unsigned int type" "int flags" "krb5_krbhst_handle *handle" -.Ft krb5_error_code -.Fn "krb5_krbhst_next" "krb5_context context" "krb5_krbhst_handle handle" "krb5_krbhst_info **host" -.Ft krb5_error_code -.Fn krb5_krbhst_next_as_string "krb5_context context" "krb5_krbhst_handle handle" "char *hostname" "size_t hostlen" -.Ft void -.Fn krb5_krbhst_reset "krb5_context context" "krb5_krbhst_handle handle" -.Ft void -.Fn krb5_krbhst_free "krb5_context context" "krb5_krbhst_handle handle" -.Ft krb5_error_code -.Fn krb5_krbhst_format_string "krb5_context context" "const krb5_krbhst_info *host" "char *hostname" "size_t hostlen" -.Ft krb5_error_code -.Fn krb5_krbhst_get_addrinfo "krb5_context context" "krb5_krbhst_info *host" "struct addrinfo **ai" -.Sh DESCRIPTION -These functions are used to sequence through all Kerberos hosts of a -particular realm and service. The service type can be the KDCs, the -administrative servers, the password changing servers, or the servers -for Kerberos 4 ticket conversion. -.Pp -First a handle to a particular service is obtained by calling -.Fn krb5_krbhst_init -(or -.Fn krb5_krbhst_init_flags ) -with the -.Fa realm -of interest and the type of service to lookup. The -.Fa type -can be one of: -.Pp -.Bl -tag -width Ds -compact -offset indent -.It KRB5_KRBHST_KDC -.It KRB5_KRBHST_ADMIN -.It KRB5_KRBHST_CHANGEPW -.It KRB5_KRBHST_KRB524 -.El -.Pp -The -.Fa handle -is returned to the caller, and should be passed to the other -functions. -.Pp -The -.Fa flag -argument to -.Nm krb5_krbhst_init_flags -is the same flags as -.Fn krb5_send_to_kdc_flags -uses. -Possible values are: -.Pp -.Bl -tag -width KRB5_KRBHST_FLAGS_LARGE_MSG -compact -offset indent -.It KRB5_KRBHST_FLAGS_MASTER -only talk to master (readwrite) KDC -.It KRB5_KRBHST_FLAGS_LARGE_MSG -this is a large message, so use transport that can handle that. -.El -.Pp -For each call to -.Fn krb5_krbhst_next -information on a new host is returned. The former function returns in -.Fa host -a pointer to a structure containing information about the host, such -as protocol, hostname, and port: -.Bd -literal -offset indent -typedef struct krb5_krbhst_info { - enum { KRB5_KRBHST_UDP, - KRB5_KRBHST_TCP, - KRB5_KRBHST_HTTP } proto; - unsigned short port; - struct addrinfo *ai; - struct krb5_krbhst_info *next; - char hostname[1]; -} krb5_krbhst_info; -.Ed -.Pp -The related function, -.Fn krb5_krbhst_next_as_string , -return the same information as a URL-like string. -.Pp -When there are no more hosts, these functions return -.Dv KRB5_KDC_UNREACH . -.Pp -To re-iterate over all hosts, call -.Fn krb5_krbhst_reset -and the next call to -.Fn krb5_krbhst_next -will return the first host. -.Pp -When done with the handle, -.Fn krb5_krbhst_free -should be called. -.Pp -To use a -.Va krb5_krbhst_info , -there are two functions: -.Fn krb5_krbhst_format_string -that will return a printable representation of that struct -and -.Fn krb5_krbhst_get_addrinfo -that will return a -.Va struct addrinfo -that can then be used for communicating with the server mentioned. -.Sh EXAMPLES -The following code will print the KDCs of the realm -.Dq MY.REALM : -.Bd -literal -offset indent -krb5_krbhst_handle handle; -char host[MAXHOSTNAMELEN]; -krb5_krbhst_init(context, "MY.REALM", KRB5_KRBHST_KDC, &handle); -while(krb5_krbhst_next_as_string(context, handle, - host, sizeof(host)) == 0) - printf("%s\\n", host); -krb5_krbhst_free(context, handle); -.Ed -.\" .Sh BUGS -.Sh SEE ALSO -.Xr getaddrinfo 3 , -.Xr krb5_get_krbhst 3 , -.Xr krb5_send_to_kdc_flags 3 -.Sh HISTORY -These functions first appeared in Heimdal 0.3g. diff --git a/crypto/heimdal/lib/krb5/krb5_kuserok.3 b/crypto/heimdal/lib/krb5/krb5_kuserok.3 deleted file mode 100644 index e5e5c9937de3..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_kuserok.3 +++ /dev/null @@ -1,103 +0,0 @@ -.\" Copyright (c) 2003-2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_kuserok.3 15083 2005-05-04 12:11:22Z joda $ -.\" -.Dd May 4, 2005 -.Dt KRB5_KUSEROK 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_kuserok -.Nd "checks if a principal is permitted to login as a user" -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_boolean -.Fo krb5_kuserok -.Fa "krb5_context context" -.Fa "krb5_principal principal" -.Fa "const char *user" -.Fc -.Sh DESCRIPTION -This function takes the name of a local -.Fa user -and checks if -.Fa principal -is allowed to log in as that user. -.Pp -The -.Fa user -may have a -.Pa ~/.k5login -file listing principals that are allowed to login as that user. If -that file does not exist, all principals with a first component -identical to the username, and a realm considered local, are allowed -access. -.Pp -The -.Pa .k5login -file must contain one principal per line, be owned by -.Fa user , -and not be writable by group or other (but must be readable by -anyone). -.Pp -Note that if the file exists, no implicit access rights are given to -.Fa user Ns @ Ns Aq localrealm . -.Pp -Optionally, a set of files may be put in -.Pa ~/.k5login.d ( Ns -a directory), in which case they will all be checked in the same -manner as -.Pa .k5login . -The files may be called anything, but files starting with a hash -.Dq ( # ) , -or ending with a tilde -.Dq ( ~ ) -are ignored. Subdirectories are not traversed. Note that this -directory may not be checked by other implementations. -.Sh RETURN VALUES -.Nm -returns -.Dv TRUE -if access should be granted, -.Dv FALSE -otherwise. -.Sh HISTORY -The -.Pa ~/.k5login.d -feature appeared in Heimdal 0.7. -.Sh SEE ALSO -.Xr krb5_get_default_realms 3 , -.Xr krb5_verify_user 3 , -.Xr krb5_verify_user_lrealm 3 , -.Xr krb5_verify_user_opt 3 , -.Xr krb5.conf 5 diff --git a/crypto/heimdal/lib/krb5/krb5_locl.h b/crypto/heimdal/lib/krb5/krb5_locl.h deleted file mode 100644 index 8b7c41cc80d9..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_locl.h +++ /dev/null @@ -1,267 +0,0 @@ -/* - * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: krb5_locl.h 22226 2007-12-08 21:31:53Z lha $ */ - -#ifndef __KRB5_LOCL_H__ -#define __KRB5_LOCL_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include -#include - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_MMAN_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif - -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 -#include -#endif -#ifdef HAVE_PWD_H -#undef _POSIX_PTHREAD_SEMANTICS -/* This gets us the 5-arg getpwnam_r on Solaris 9. */ -#define _POSIX_PTHREAD_SEMANTICS -#include -#endif - -#ifdef HAVE_SYS_PARAM_H -#include -#endif -#include -#ifdef HAVE_SYS_TIME_H -#include -#endif -#ifdef HAVE_SYS_SELECT_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef _AIX -struct ether_addr; -struct mbuf; -struct sockaddr_dl; -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_SYS_UIO_H -#include -#endif -#ifdef HAVE_SYS_FILIO_H -#include -#endif -#ifdef HAVE_SYS_FILE_H -#include -#endif - -#ifdef HAVE_CRYPT_H -#undef des_encrypt -#define des_encrypt wingless_pigs_mostly_fail_to_fly -#include -#undef des_encrypt -#endif - -#ifdef HAVE_DOOR_CREATE -#include -#endif - -#include -#include -#include - -#include "crypto-headers.h" - - -#include - -struct send_to_kdc; - -/* XXX glue for pkinit */ -struct krb5_pk_identity; -struct krb5_pk_cert; -struct ContentInfo; -typedef struct krb5_pk_init_ctx_data *krb5_pk_init_ctx; -struct krb5_dh_moduli; - -/* v4 glue */ -struct _krb5_krb_auth_data; - -#include - -#include -#include -#include -#ifdef PKINIT -#include -#endif -#include - -#include "heim_threads.h" - -#define ALLOC(X, N) (X) = calloc((N), sizeof(*(X))) -#define ALLOC_SEQ(X, N) do { (X)->len = (N); ALLOC((X)->val, (N)); } while(0) - -/* should this be public? */ -#define KEYTAB_DEFAULT "ANY:FILE:" SYSCONFDIR "/krb5.keytab,krb4:" SYSCONFDIR "/srvtab" -#define KEYTAB_DEFAULT_MODIFY "FILE:" SYSCONFDIR "/krb5.keytab" - -#define MODULI_FILE SYSCONFDIR "/krb5.moduli" - -#ifndef O_BINARY -#define O_BINARY 0 -#endif - -#define KRB5_BUFSIZ 1024 - -typedef enum { - KRB5_INIT_CREDS_TRISTATE_UNSET = 0, - KRB5_INIT_CREDS_TRISTATE_TRUE, - KRB5_INIT_CREDS_TRISTATE_FALSE -} krb5_get_init_creds_tristate; - -struct _krb5_get_init_creds_opt_private { - int refcount; - /* ENC_TIMESTAMP */ - const char *password; - krb5_s2k_proc key_proc; - /* PA_PAC_REQUEST */ - krb5_get_init_creds_tristate req_pac; - /* PKINIT */ - krb5_pk_init_ctx pk_init_ctx; - KRB_ERROR *error; - krb5_get_init_creds_tristate addressless; - int flags; -#define KRB5_INIT_CREDS_CANONICALIZE 1 -#define KRB5_INIT_CREDS_NO_C_CANON_CHECK 2 -}; - -typedef struct krb5_context_data { - krb5_enctype *etypes; - krb5_enctype *etypes_des; - char **default_realms; - time_t max_skew; - time_t kdc_timeout; - unsigned max_retries; - int32_t kdc_sec_offset; - int32_t kdc_usec_offset; - krb5_config_section *cf; - struct et_list *et_list; - struct krb5_log_facility *warn_dest; - krb5_cc_ops *cc_ops; - int num_cc_ops; - const char *http_proxy; - const char *time_fmt; - krb5_boolean log_utc; - const char *default_keytab; - const char *default_keytab_modify; - krb5_boolean use_admin_kdc; - krb5_addresses *extra_addresses; - krb5_boolean scan_interfaces; /* `ifconfig -a' */ - krb5_boolean srv_lookup; /* do SRV lookups */ - krb5_boolean srv_try_txt; /* try TXT records also */ - int32_t fcache_vno; /* create cache files w/ this - version */ - int num_kt_types; /* # of registered keytab types */ - struct krb5_keytab_data *kt_types; /* registered keytab types */ - const char *date_fmt; - char *error_string; - char error_buf[256]; - krb5_addresses *ignore_addresses; - char *default_cc_name; - char *default_cc_name_env; - int default_cc_name_set; - void *mutex; /* protects error_string/error_buf */ - int large_msg_size; - int flags; -#define KRB5_CTX_F_DNS_CANONICALIZE_HOSTNAME 1 -#define KRB5_CTX_F_CHECK_PAC 2 - struct send_to_kdc *send_to_kdc; -} krb5_context_data; - -#define KRB5_DEFAULT_CCNAME_FILE "FILE:/tmp/krb5cc_%{uid}" -#define KRB5_DEFAULT_CCNAME_API "API:" -#define KRB5_DEFAULT_CCNAME_KCM "KCM:%{uid}" - -#define EXTRACT_TICKET_ALLOW_CNAME_MISMATCH 1 -#define EXTRACT_TICKET_ALLOW_SERVER_MISMATCH 2 -#define EXTRACT_TICKET_MATCH_REALM 4 - -/* - * Configurable options - */ - -#ifndef KRB5_DEFAULT_CCTYPE -#ifdef __APPLE__ -#define KRB5_DEFAULT_CCTYPE (&krb5_acc_ops) -#else -#define KRB5_DEFAULT_CCTYPE (&krb5_fcc_ops) -#endif -#endif - -#ifndef KRB5_ADDRESSLESS_DEFAULT -#define KRB5_ADDRESSLESS_DEFAULT TRUE -#endif - -#endif /* __KRB5_LOCL_H__ */ diff --git a/crypto/heimdal/lib/krb5/krb5_mk_req.3 b/crypto/heimdal/lib/krb5/krb5_mk_req.3 deleted file mode 100644 index e37d8e7e975f..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_mk_req.3 +++ /dev/null @@ -1,187 +0,0 @@ -.\" Copyright (c) 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_mk_req.3 16100 2005-09-26 05:38:55Z lha $ -.\" -.Dd August 27, 2005 -.Dt KRB5_MK_REQ 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_mk_req , -.Nm krb5_mk_req_exact , -.Nm krb5_mk_req_extended , -.Nm krb5_rd_req , -.Nm krb5_rd_req_with_keyblock , -.Nm krb5_mk_rep , -.Nm krb5_mk_rep_exact , -.Nm krb5_mk_rep_extended , -.Nm krb5_rd_rep , -.Nm krb5_build_ap_req , -.Nm krb5_verify_ap_req -.Nd create and read application authentication request -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fo krb5_mk_req -.Fa "krb5_context context" -.Fa "krb5_auth_context *auth_context" -.Fa "const krb5_flags ap_req_options" -.Fa "const char *service" -.Fa "const char *hostname" -.Fa "krb5_data *in_data" -.Fa "krb5_ccache ccache" -.Fa "krb5_data *outbuf" -.Fc -.Ft krb5_error_code -.Fo krb5_mk_req_extended -.Fa "krb5_context context" -.Fa "krb5_auth_context *auth_context" -.Fa "const krb5_flags ap_req_options" -.Fa "krb5_data *in_data" -.Fa "krb5_creds *in_creds" -.Fa "krb5_data *outbuf" -.Fc -.Ft krb5_error_code -.Fo krb5_rd_req -.Fa "krb5_context context" -.Fa "krb5_auth_context *auth_context" -.Fa "const krb5_data *inbuf" -.Fa "krb5_const_principal server" -.Fa "krb5_keytab keytab" -.Fa "krb5_flags *ap_req_options" -.Fa "krb5_ticket **ticket" -.Fc -.Ft krb5_error_code -.Fo krb5_build_ap_req -.Fa "krb5_context context" -.Fa "krb5_enctype enctype" -.Fa "krb5_creds *cred" -.Fa "krb5_flags ap_options" -.Fa "krb5_data authenticator" -.Fa "krb5_data *retdata" -.Fc -.Ft krb5_error_code -.Fo krb5_verify_ap_req -.Fa "krb5_context context" -.Fa "krb5_auth_context *auth_context" -.Fa "krb5_ap_req *ap_req" -.Fa "krb5_const_principal server" -.Fa "krb5_keyblock *keyblock" -.Fa "krb5_flags flags" -.Fa "krb5_flags *ap_req_options" -.Fa "krb5_ticket **ticket" -.Fc -.Sh DESCRIPTION -The functions documented in this manual page document the functions -that facilitates the exchange between a Kerberos client and server. -They are the core functions used in the authentication exchange -between the client and the server. -.Pp -The -.Nm krb5_mk_req -and -.Nm krb5_mk_req_extended -creates the Kerberos message -.Dv KRB_AP_REQ -that is sent from the client to the server as the first packet in a client/server exchange. The result that should be sent to server is stored in -.Fa outbuf . -.Pp -.Fa auth_context -should be allocated with -.Fn krb5_auth_con_init -or -.Dv NULL -passed in, in that case, it will be allocated and freed internally. -.Pp -The input data -.Fa in_data -will have a checksum calculated over it and checksum will be -transported in the message to the server. -.Pp -.Fa ap_req_options -can be set to one or more of the following flags: -.Pp -.Bl -tag -width indent -.It Dv AP_OPTS_USE_SESSION_KEY -Use the session key when creating the request, used for user to user -authentication. -.It Dv AP_OPTS_MUTUAL_REQUIRED -Mark the request as mutual authenticate required so that the receiver -returns a mutual authentication packet. -.El -.Pp -The -.Nm krb5_rd_req -read the AP_REQ in -.Fa inbuf -and verify and extract the content. -If -.Fa server -is specified, that server will be fetched from the -.Fa keytab -and used unconditionally. -If -.Fa server -is -.Dv NULL , -the -.Fa keytab -will be search for a matching principal. -.Pp -The -.Fa keytab -argument specifies what keytab to search for receiving principals. -The arguments -.Fa ap_req_options -and -.Fa ticket -returns the content. -.Pp -When the AS-REQ is a user to user request, neither of -.Fa keytab -or -.Fa principal -are used, instead -.Fn krb5_rd_req -expects the session key to be set in -.Fa auth_context . -.Pp -The -.Nm krb5_verify_ap_req -and -.Nm krb5_build_ap_req -both constructs and verify the AP_REQ message, should not be used by -external code. -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5.conf 5 diff --git a/crypto/heimdal/lib/krb5/krb5_mk_safe.3 b/crypto/heimdal/lib/krb5/krb5_mk_safe.3 deleted file mode 100644 index 25b65411f80b..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_mk_safe.3 +++ /dev/null @@ -1,82 +0,0 @@ -.\" Copyright (c) 2003 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_mk_safe.3 17385 2006-05-01 08:48:55Z lha $ -.\" -.Dd May 1, 2006 -.Dt KRB5_MK_SAFE 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_mk_safe , -.Nm krb5_mk_priv -.Nd generates integrity protected and/or encrypted messages -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Ft krb5_error_code -.Fn krb5_mk_priv "krb5_context context" "krb5_auth_context auth_context" "const krb5_data *userdata" "krb5_data *outbuf" "krb5_replay_data *outdata" -.Ft krb5_error_code -.Fn krb5_mk_safe "krb5_context context" "krb5_auth_context auth_context" "const krb5_data *userdata" "krb5_data *outbuf" "krb5_replay_data *outdata" -.Sh DESCRIPTION -.Fn krb5_mk_safe -and -.Fn krb5_mk_priv -formats -.Li KRB-SAFE -(integrity protected) -and -.Li KRB-PRIV -(also encrypted) -messages into -.Fa outbuf . -The actual message data is taken from -.Fa userdata . -If the -.Dv KRB5_AUTH_CONTEXT_DO_SEQUENCE -or -.Dv KRB5_AUTH_CONTEXT_DO_TIME -flags are set in the -.Fa auth_context , -sequence numbers and time stamps are generated. -If the -.Dv KRB5_AUTH_CONTEXT_RET_SEQUENCE -or -.Dv KRB5_AUTH_CONTEXT_RET_TIME -flags are set -they are also returned in the -.Fa outdata -parameter. -.Sh SEE ALSO -.Xr krb5_auth_con_init 3 , -.Xr krb5_rd_priv 3 , -.Xr krb5_rd_safe 3 diff --git a/crypto/heimdal/lib/krb5/krb5_openlog.3 b/crypto/heimdal/lib/krb5/krb5_openlog.3 deleted file mode 100644 index 4acad4175ae8..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_openlog.3 +++ /dev/null @@ -1,242 +0,0 @@ -.\" Copyright (c) 1997, 1999, 2001 - 2002 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_openlog.3 12329 2003-05-26 14:09:04Z lha $ -.Dd August 6, 1997 -.Dt KRB5_OPENLOG 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_initlog , -.Nm krb5_openlog , -.Nm krb5_closelog , -.Nm krb5_addlog_dest , -.Nm krb5_addlog_func , -.Nm krb5_log , -.Nm krb5_vlog , -.Nm krb5_log_msg , -.Nm krb5_vlog_msg -.Nd Heimdal logging functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft "typedef void" -.Fn "\*(lp*krb5_log_log_func_t\*(rp" "const char *time" "const char *message" "void *data" -.Ft "typedef void" -.Fn "\*(lp*krb5_log_close_func_t\*(rp" "void *data" -.Ft krb5_error_code -.Fn krb5_addlog_dest "krb5_context context" "krb5_log_facility *facility" "const char *destination" -.Ft krb5_error_code -.Fn krb5_addlog_func "krb5_context context" "krb5_log_facility *facility" "int min" "int max" "krb5_log_log_func_t log" "krb5_log_close_func_t close" "void *data" -.Ft krb5_error_code -.Fn krb5_closelog "krb5_context context" "krb5_log_facility *facility" -.Ft krb5_error_code -.Fn krb5_initlog "krb5_context context" "const char *program" "krb5_log_facility **facility" -.Ft krb5_error_code -.Fn krb5_log "krb5_context context" "krb5_log_facility *facility" "int level" "const char *format" "..." -.Ft krb5_error_code -.Fn krb5_log_msg "krb5_context context" "krb5_log_facility *facility" "char **reply" "int level" "const char *format" "..." -.Ft krb5_error_code -.Fn krb5_openlog "krb5_context context" "const char *program" "krb5_log_facility **facility" -.Ft krb5_error_code -.Fn krb5_vlog "krb5_context context" "krb5_log_facility *facility" "int level" "const char *format" "va_list arglist" -.Ft krb5_error_code -.Fn krb5_vlog_msg "krb5_context context" "krb5_log_facility *facility" "char **reply" "int level" "const char *format" "va_list arglist" -.Sh DESCRIPTION -These functions logs messages to one or more destinations. -.Pp -The -.Fn krb5_openlog -function creates a logging -.Fa facility , -that is used to log messages. A facility consists of one or more -destinations (which can be files or syslog or some other device). The -.Fa program -parameter should be the generic name of the program that is doing the -logging. This name is used to lookup which destinations to use. This -information is contained in the -.Li logging -section of the -.Pa krb5.conf -configuration file. If no entry is found for -.Fa program , -the entry for -.Li default -is used, or if that is missing too, -.Li SYSLOG -will be used as destination. -.Pp -To close a logging facility, use the -.Fn krb5_closelog -function. -.Pp -To log a message to a facility use one of the functions -.Fn krb5_log , -.Fn krb5_log_msg , -.Fn krb5_vlog , -or -.Fn krb5_vlog_msg . -The functions ending in -.Li _msg -return in -.Fa reply -a pointer to the message that just got logged. This string is allocated, -and should be freed with -.Fn free . -The -.Fa format -is a standard -.Fn printf -style format string (but see the BUGS section). -.Pp -If you want better control of where things gets logged, you can instead of using -.Fn krb5_openlog -call -.Fn krb5_initlog , -which just initializes a facility, but doesn't define any actual logging -destinations. You can then add destinations with the -.Fn krb5_addlog_dest -and -.Fn krb5_addlog_func -functions. The first of these takes a string specifying a logging -destination, and adds this to the facility. If you want to do some -non-standard logging you can use the -.Fn krb5_addlog_func -function, which takes a function to use when logging. -The -.Fa log -function is called for each message with -.Fa time -being a string specifying the current time, and -.Fa message -the message to log. -.Fa close -is called when the facility is closed. You can pass application specific data in the -.Fa data -parameter. The -.Fa min -and -.Fa max -parameter are the same as in a destination (defined below). To specify a -max of infinity, pass -1. -.Pp -.Fn krb5_openlog -calls -.Fn krb5_initlog -and then calls -.Fn krb5_addlog_dest -for each destination found. -.Ss Destinations -The defined destinations (as specified in -.Pa krb5.conf ) -follows: -.Bl -tag -width "xxx" -offset indent -.It Li STDERR -This logs to the program's stderr. -.It Li FILE: Ns Pa /file -.It Li FILE= Ns Pa /file -Log to the specified file. The form using a colon appends to the file, the -form with an equal truncates the file. The truncating form keeps the file -open, while the appending form closes it after each log message (which -makes it possible to rotate logs). The truncating form is mainly for -compatibility with the MIT libkrb5. -.It Li DEVICE= Ns Pa /device -This logs to the specified device, at present this is the same as -.Li FILE:/device . -.It Li CONSOLE -Log to the console, this is the same as -.Li DEVICE=/dev/console . -.It Li SYSLOG Ns Op :priority Ns Op :facility -Send messages to the syslog system, using priority, and facility. To -get the name for one of these, you take the name of the macro passed -to -.Xr syslog 3 , -and remove the leading -.Li LOG_ -.No ( Li LOG_NOTICE -becomes -.Li NOTICE ) . -The default values (as well as the values used for unrecognised -values), are -.Li ERR , -and -.Li AUTH , -respectively. See -.Xr syslog 3 -for a list of priorities and facilities. -.El -.Pp -Each destination may optionally be prepended with a range of logging -levels, specified as -.Li min-max/ . -If the -.Fa level -parameter to -.Fn krb5_log -is within this range (inclusive) the message gets logged to this -destination, otherwise not. Either of the min and max valued may be -omitted, in this case min is assumed to be zero, and max is assumed to be -infinity. If you don't include a dash, both min and max gets set to the -specified value. If no range is specified, all messages gets logged. -.Sh EXAMPLES -.Bd -literal -offset indent -[logging] - kdc = 0/FILE:/var/log/kdc.log - kdc = 1-/SYSLOG:INFO:USER - default = STDERR -.Ed -.Pp -This will log all messages from the -.Nm kdc -program with level 0 to -.Pa /var/log/kdc.log , -other messages will be logged to syslog with priority -.Li LOG_INFO , -and facility -.Li LOG_USER . -All other programs will log all messages to their stderr. -.Sh SEE ALSO -.Xr syslog 3 , -.Xr krb5.conf 5 -.Sh BUGS -These functions use -.Fn asprintf -to format the message. If your operating system does not have a working -.Fn asprintf , -a replacement will be used. At present this replacement does not handle -some correct conversion specifications (like floating point numbers). Until -this is fixed, the use of these conversions should be avoided. -.Pp -If logging is done to the syslog facility, these functions might not be -thread-safe, depending on the implementation of -.Fn openlog , -and -.Fn syslog . diff --git a/crypto/heimdal/lib/krb5/krb5_parse_name.3 b/crypto/heimdal/lib/krb5/krb5_parse_name.3 deleted file mode 100644 index e876ee3cb0b3..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_parse_name.3 +++ /dev/null @@ -1,68 +0,0 @@ -.\" Copyright (c) 1997 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_parse_name.3 17385 2006-05-01 08:48:55Z lha $ -.\" -.Dd May 1, 2006 -.Dt KRB5_PARSE_NAME 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_parse_name -.Nd string to principal conversion -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fn krb5_parse_name "krb5_context context" "const char *name" "krb5_principal *principal" -.Sh DESCRIPTION -.Fn krb5_parse_name -converts a string representation of a principal name to -.Nm krb5_principal . -The -.Fa principal -will point to allocated data that should be freed with -.Fn krb5_free_principal . -.Pp -The string should consist of one or more name components separated with slashes -.Pq Dq / , -optionally followed with an -.Dq @ -and a realm name. A slash or @ may be contained in a name component by -quoting it with a backslash -.Pq Dq \e . -A realm should not contain slashes or colons. -.Sh SEE ALSO -.Xr krb5_425_conv_principal 3 , -.Xr krb5_build_principal 3 , -.Xr krb5_free_principal 3 , -.Xr krb5_sname_to_principal 3 , -.Xr krb5_unparse_name 3 diff --git a/crypto/heimdal/lib/krb5/krb5_principal.3 b/crypto/heimdal/lib/krb5/krb5_principal.3 deleted file mode 100644 index 1b0c2da32a97..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_principal.3 +++ /dev/null @@ -1,384 +0,0 @@ -.\" Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_principal.3 21255 2007-06-21 04:36:31Z lha $ -.\" -.Dd May 1, 2006 -.Dt KRB5_PRINCIPAL 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_get_default_principal , -.Nm krb5_principal , -.Nm krb5_build_principal , -.Nm krb5_build_principal_ext , -.Nm krb5_build_principal_va , -.Nm krb5_build_principal_va_ext , -.Nm krb5_copy_principal , -.Nm krb5_free_principal , -.Nm krb5_make_principal , -.Nm krb5_parse_name , -.Nm krb5_parse_name_flags , -.Nm krb5_parse_nametype , -.Nm krb5_princ_realm , -.Nm krb5_princ_set_realm , -.Nm krb5_principal_compare , -.Nm krb5_principal_compare_any_realm , -.Nm krb5_principal_get_comp_string , -.Nm krb5_principal_get_realm , -.Nm krb5_principal_get_type , -.Nm krb5_principal_match , -.Nm krb5_principal_set_type , -.Nm krb5_realm_compare , -.Nm krb5_sname_to_principal , -.Nm krb5_sock_to_principal , -.Nm krb5_unparse_name , -.Nm krb5_unparse_name_flags , -.Nm krb5_unparse_name_fixed , -.Nm krb5_unparse_name_fixed_flags , -.Nm krb5_unparse_name_fixed_short , -.Nm krb5_unparse_name_short -.Nd Kerberos 5 principal handling functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Li krb5_principal ; -.Ft void -.Fn krb5_free_principal "krb5_context context" "krb5_principal principal" -.Ft krb5_error_code -.Fn krb5_parse_name "krb5_context context" "const char *name" "krb5_principal *principal" -.Ft krb5_error_code -.Fn krb5_parse_name_flags "krb5_context context" "const char *name" "int flags" "krb5_principal *principal" -.Ft krb5_error_code -.Fn "krb5_unparse_name" "krb5_context context" "krb5_const_principal principal" "char **name" -.Ft krb5_error_code -.Fn "krb5_unparse_name_flags" "krb5_context context" "krb5_const_principal principal" "int flags" "char **name" -.Ft krb5_error_code -.Fn krb5_unparse_name_fixed "krb5_context context" "krb5_const_principal principal" "char *name" "size_t len" -.Ft krb5_error_code -.Fn krb5_unparse_name_fixed_flags "krb5_context context" "krb5_const_principal principal" "int flags" "char *name" "size_t len" -.Ft krb5_error_code -.Fn "krb5_unparse_name_short" "krb5_context context" "krb5_const_principal principal" "char **name" -.Ft krb5_error_code -.Fn krb5_unparse_name_fixed_short "krb5_context context" "krb5_const_principal principal" "char *name" "size_t len" -.Ft krb5_realm * -.Fn krb5_princ_realm "krb5_context context" "krb5_principal principal" -.Ft void -.Fn krb5_princ_set_realm "krb5_context context" "krb5_principal principal" "krb5_realm *realm" -.Ft krb5_error_code -.Fn krb5_build_principal "krb5_context context" "krb5_principal *principal" "int rlen" "krb5_const_realm realm" "..." -.Ft krb5_error_code -.Fn krb5_build_principal_va "krb5_context context" "krb5_principal *principal" "int rlen" "krb5_const_realm realm" "va_list ap" -.Ft krb5_error_code -.Fn "krb5_build_principal_ext" "krb5_context context" "krb5_principal *principal" "int rlen" "krb5_const_realm realm" "..." -.Ft krb5_error_code -.Fn krb5_build_principal_va_ext "krb5_context context" "krb5_principal *principal" "int rlen" "krb5_const_realm realm" "va_list ap" -.Ft krb5_error_code -.Fn krb5_make_principal "krb5_context context" "krb5_principal *principal" "krb5_const_realm realm" "..." -.Ft krb5_error_code -.Fn krb5_copy_principal "krb5_context context" "krb5_const_principal inprinc" "krb5_principal *outprinc" -.Ft krb5_boolean -.Fn krb5_principal_compare "krb5_context context" "krb5_const_principal princ1" "krb5_const_principal princ2" -.Ft krb5_boolean -.Fn krb5_principal_compare_any_realm "krb5_context context" "krb5_const_principal princ1" "krb5_const_principal princ2" -.Ft "const char *" -.Fn krb5_principal_get_comp_string "krb5_context context" "krb5_const_principal principal" "unsigned int component" -.Ft "const char *" -.Fn krb5_principal_get_realm "krb5_context context" "krb5_const_principal principal" -.Ft int -.Fn krb5_principal_get_type "krb5_context context" "krb5_const_principal principal" -.Ft krb5_boolean -.Fn krb5_principal_match "krb5_context context" "krb5_const_principal principal" "krb5_const_principal pattern" -.Ft void -.Fn krb5_principal_set_type "krb5_context context" "krb5_principal principal" "int type" -.Ft krb5_boolean -.Fn krb5_realm_compare "krb5_context context" "krb5_const_principal princ1" "krb5_const_principal princ2" -.Ft krb5_error_code -.Fn krb5_sname_to_principal "krb5_context context" "const char *hostname" "const char *sname" "int32_t type" "krb5_principal *ret_princ" -.Ft krb5_error_code -.Fn krb5_sock_to_principal "krb5_context context" "int socket" "const char *sname" "int32_t type" "krb5_principal *principal" -.Ft krb5_error_code -.Fn krb5_get_default_principal "krb5_context context" "krb5_principal *princ" -.Ft krb5_error_code -.Fn krb5_parse_nametype "krb5_context context" "const char *str" "int32_t *type" -.Sh DESCRIPTION -.Li krb5_principal -holds the name of a user or service in Kerberos. -.Pp -A principal has two parts, a -.Li PrincipalName -and a -.Li realm . -The PrincipalName consists of one or more components. In printed form, -the components are separated by /. -The PrincipalName also has a name-type. -.Pp -Examples of a principal are -.Li nisse/root@EXAMPLE.COM -and -.Li host/datan.kth.se@KTH.SE . -.Fn krb5_parse_name -and -.Fn krb5_parse_name_flags -passes a principal name in -.Fa name -to the kerberos principal structure. -.Fn krb5_parse_name_flags -takes an extra -.Fa flags -argument the following flags can be passed in -.Bl -tag -width Ds -.It Dv KRB5_PRINCIPAL_PARSE_NO_REALM -requries the input string to be without a realm, and no realm is -stored in the -.Fa principal -return argument. -.It Dv KRB5_PRINCIPAL_PARSE_MUST_REALM -requries the input string to with a realm. -.El -.Pp -.Fn krb5_unparse_name -and -.Fn krb5_unparse_name_flags -prints the principal -.Fa princ -to the string -.Fa name . -.Fa name -should be freed with -.Xr free 3 . -To the -.Fa flags -argument the following flags can be passed in -.Bl -tag -width Ds -.It Dv KRB5_PRINCIPAL_UNPARSE_SHORT -no realm if the realm is one of the local realms. -.It Dv KRB5_PRINCIPAL_UNPARSE_NO_REALM -never include any realm in the principal name. -.It Dv KRB5_PRINCIPAL_UNPARSE_DISPLAY -don't quote -.El -On failure -.Fa name -is set to -.Dv NULL . -.Fn krb5_unparse_name_fixed -and -.Fn krb5_unparse_name_fixed_flags -behaves just like -.Fn krb5_unparse , -but instead unparses the principal into a fixed size buffer. -.Pp -.Fn krb5_unparse_name_short -just returns the principal without the realm if the principal is -in the default realm. If the principal isn't, the full name is -returned. -.Fn krb5_unparse_name_fixed_short -works just like -.Fn krb5_unparse_name_short -but on a fixed size buffer. -.Pp -.Fn krb5_build_principal -builds a principal from the realm -.Fa realm -that has the length -.Fa rlen . -The following arguments form the components of the principal. -The list of components is terminated with -.Dv NULL . -.Pp -.Fn krb5_build_principal_va -works like -.Fn krb5_build_principal -using vargs. -.Pp -.Fn krb5_build_principal_ext -and -.Fn krb5_build_principal_va_ext -take a list of length-value pairs, the list is terminated with a zero -length. -.Pp -.Fn krb5_make_principal -works the same way as -.Fn krb5_build_principal , -except it figures out the length of the realm itself. -.Pp -.Fn krb5_copy_principal -makes a copy of a principal. -The copy needs to be freed with -.Fn krb5_free_principal . -.Pp -.Fn krb5_principal_compare -compares the two principals, including realm of the principals and returns -.Dv TRUE -if they are the same and -.Dv FALSE -if not. -.Pp -.Fn krb5_principal_compare_any_realm -works the same way as -.Fn krb5_principal_compare -but doesn't compare the realm component of the principal. -.Pp -.Fn krb5_realm_compare -compares the realms of the two principals and returns -.Dv TRUE -is they are the same, and -.Dv FALSE -if not. -.Pp -.Fn krb5_principal_match -matches a -.Fa principal -against a -.Fa pattern . -The pattern is a globbing expression, where each component (separated -by /) is matched against the corresponding component of the principal. -.Pp -The -.Fn krb5_principal_get_realm -and -.Fn krb5_principal_get_comp_string -functions return parts of the -.Fa principal , -either the realm or a specific component. -Both functions return string pointers to data inside the principal, so -they are valid only as long as the principal exists. -.Pp -The -.Fa component -argument to -.Fn krb5_principal_get_comp_string -is the index of the component to return, from zero to the total number of -components minus one. If the index is out of range -.Dv NULL -is returned. -.Pp -.Fn krb5_principal_get_realm -and -.Fn krb5_principal_get_comp_string -are replacements for -.Fn krb5_princ_realm , -.Fn krb5_princ_component -and related macros, described as internal in the MIT API -specification. -Unlike the macros, these functions return strings, not -.Dv krb5_data . -A reason to return -.Dv krb5_data -was that it was believed that principal components could contain -binary data, but this belief was unfounded, and it has been decided -that principal components are infact UTF8, so it's safe to use zero -terminated strings. -.Pp -It's generally not necessary to look at the components of a principal. -.Pp -.Fn krb5_principal_get_type -and -.Fn krb5_principal_set_type -get and sets the name type for a principal. -Name type handling is tricky and not often needed, -don't use this unless you know what you do. -.Pp -.Fn krb5_princ_realm -returns the realm component of the principal. -The caller must not free realm unless -.Fn krb5_princ_set_realm -is called to set a new realm after freeing the realm. -.Fn krb5_princ_set_realm -sets the realm component of a principal. The old realm is not freed. -.Pp -.Fn krb5_sname_to_principal -and -.Fn krb5_sock_to_principal -are for easy creation of -.Dq service -principals that can, for instance, be used to lookup a key in a keytab. -For both functions the -.Fa sname -parameter will be used for the first component of the created principal. -If -.Fa sname -is -.Dv NULL , -.Dq host -will be used instead. -.Pp -.Fn krb5_sname_to_principal -will use the passed -.Fa hostname -for the second component. -If -.Fa type -is -.Dv KRB5_NT_SRV_HST -this name will be looked up with -.Fn gethostbyname . -If -.Fa hostname -is -.Dv NULL , -the local hostname will be used. -.Pp -.Fn krb5_sock_to_principal -will use the -.Dq sockname -of the passed -.Fa socket , -which should be a bound -.Dv AF_INET -or -.Dv AF_INET6 -socket. -There must be a mapping between the address and -.Dq sockname . -The function may try to resolve the name in DNS. -.Pp -.Fn krb5_get_default_principal -tries to find out what's a reasonable default principal by looking at -the environment it is running in. -.Pp -.Fn krb5_parse_nametype -parses and returns the name type integer value in -.Fa type . -On failure the function returns an error code and set the error -string. -.\" .Sh EXAMPLES -.Sh SEE ALSO -.Xr krb5_425_conv_principal 3 , -.Xr krb5_config 3 , -.Xr krb5.conf 5 -.Sh BUGS -You can not have a NUL in a component in some of the variable argument -functions above. -Until someone can give a good example of where it would be a good idea -to have NUL's in a component, this will not be fixed. diff --git a/crypto/heimdal/lib/krb5/krb5_principal_get_realm.3 b/crypto/heimdal/lib/krb5/krb5_principal_get_realm.3 deleted file mode 100644 index 1ece7986adc7..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_principal_get_realm.3 +++ /dev/null @@ -1,81 +0,0 @@ -.\" Copyright (c) 2001 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_principal_get_realm.3,v 1.6 2003/04/16 13:58:17 lha Exp $ -.\" -.Dd June 20, 2001 -.Dt KRB5_PRINCIPAL_GET_REALM 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_principal_get_realm , -.Nm krb5_principal_get_comp_string -.Nd decompose a principal -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft "const char *" -.Fn krb5_principal_get_realm "krb5_context context" "krb5_principal principal" -.Ft "const char *" -.Fn krb5_principal_get_comp_string "krb5_context context" "krb5_principal principal" "unsigned int component" -.Sh DESCRIPTION -These functions return parts of the -.Fa principal , -either the realm or a specific component. The returned string points -to data inside the principal, so they are valid only as long as the -principal exists. -.Pp -The -.Fa component -argument to -.Fn krb5_principal_get_comp_string -is the component number to return, from zero to the total number of -components minus one. If a the requested component number is out of range, -.Dv NULL -is returned. -.Pp -These functions can be seen as a replacement for the -.Fn krb5_princ_realm , -.Fn krb5_princ_component -and related macros, described as intermal in the MIT API -specification. A difference is that these functions return strings, -not -.Dv krb5_data . -A reason to return -.Dv krb5_data -was that it was believed that principal components could contain -binary data, but this belief was unfounded, and it has been decided -that principal components are infact UTF8, so it's safe to use zero -terminated strings. -.Pp -It's generally not necessary to look at the components of a principal. -.Sh SEE ALSO -.Xr krb5_unparse_name 3 diff --git a/crypto/heimdal/lib/krb5/krb5_rcache.3 b/crypto/heimdal/lib/krb5/krb5_rcache.3 deleted file mode 100644 index 0b7e83aa0717..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_rcache.3 +++ /dev/null @@ -1,163 +0,0 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_rcache.3 17462 2006-05-05 13:18:39Z lha $ -.\" -.Dd May 1, 2006 -.Dt KRB5_RCACHE 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_rcache , -.Nm krb5_rc_close , -.Nm krb5_rc_default , -.Nm krb5_rc_default_name , -.Nm krb5_rc_default_type , -.Nm krb5_rc_destroy , -.Nm krb5_rc_expunge , -.Nm krb5_rc_get_lifespan , -.Nm krb5_rc_get_name , -.Nm krb5_rc_get_type , -.Nm krb5_rc_initialize , -.Nm krb5_rc_recover , -.Nm krb5_rc_resolve , -.Nm krb5_rc_resolve_full , -.Nm krb5_rc_resolve_type , -.Nm krb5_rc_store , -.Nm krb5_get_server_rcache -.Nd Kerberos 5 replay cache -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Li "struct krb5_rcache;" -.Pp -.Ft krb5_error_code -.Fo krb5_rc_close -.Fa "krb5_context context" -.Fa "krb5_rcache id" -.Fc -.Ft krb5_error_code -.Fo krb5_rc_default -.Fa "krb5_context context" -.Fa "krb5_rcache *id" -.Fc -.Ft "const char *" -.Fo krb5_rc_default_name -.Fa "krb5_context context" -.Fc -.Ft "const char *" -.Fo krb5_rc_default_type -.Fa "krb5_context context" -.Fc -.Ft krb5_error_code -.Fo krb5_rc_destroy -.Fa "krb5_context context" -.Fa "krb5_rcache id" -.Fc -.Ft krb5_error_code -.Fo krb5_rc_expunge -.Fa "krb5_context context" -.Fa "krb5_rcache id" -.Fc -.Ft krb5_error_code -.Fo krb5_rc_get_lifespan -.Fa "krb5_context context" -.Fa "krb5_rcache id" -.Fa "krb5_deltat *auth_lifespan" -.Fc -.Ft "const char*" -.Fo krb5_rc_get_name -.Fa "krb5_context context" -.Fa "krb5_rcache id" -.Fc -.Ft "const char*" -.Fo "krb5_rc_get_type" -.Fa "krb5_context context" -.Fa "krb5_rcache id" -.Fc -.Ft krb5_error_code -.Fo krb5_rc_initialize -.Fa "krb5_context context" -.Fa "krb5_rcache id" -.Fa "krb5_deltat auth_lifespan" -.Fc -.Ft krb5_error_code -.Fo krb5_rc_recover -.Fa "krb5_context context" -.Fa "krb5_rcache id" -.Fc -.Ft krb5_error_code -.Fo krb5_rc_resolve -.Fa "krb5_context context" -.Fa "krb5_rcache id" -.Fa "const char *name" -.Fc -.Ft krb5_error_code -.Fo krb5_rc_resolve_full -.Fa "krb5_context context" -.Fa "krb5_rcache *id" -.Fa "const char *string_name" -.Fc -.Ft krb5_error_code -.Fo krb5_rc_resolve_type -.Fa "krb5_context context" -.Fa "krb5_rcache *id" -.Fa "const char *type" -.Fc -.Ft krb5_error_code -.Fo krb5_rc_store -.Fa "krb5_context context" -.Fa "krb5_rcache id" -.Fa "krb5_donot_replay *rep" -.Fc -.Ft krb5_error_code -.Fo krb5_get_server_rcache -.Fa "krb5_context context" -.Fa "const krb5_data *piece" -.Fa "krb5_rcache *id" -.Fc -.Sh DESCRIPTION -The -.Li krb5_rcache -structure holds a storage element that is used for data manipulation. -The structure contains no public accessible elements. -.Pp -.Fn krb5_rc_initialize -Creates the reply cache -.Fa id -and sets it lifespan to -.Fa auth_lifespan . -If the cache already exists, the content is destroyed. -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_data 3 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_rd_error.3 b/crypto/heimdal/lib/krb5/krb5_rd_error.3 deleted file mode 100644 index 00203cdae240..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_rd_error.3 +++ /dev/null @@ -1,98 +0,0 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_rd_error.3 21059 2007-06-12 17:52:46Z lha $ -.\" -.Dd July 26, 2004 -.Dt KRB5_RD_ERROR 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_rd_error , -.Nm krb5_free_error , -.Nm krb5_free_error_contents , -.Nm krb5_error_from_rd_error -.Nd parse, free and read error from KRB-ERROR message -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fo krb5_rd_error -.Fa "krb5_context context" -.Fa "const krb5_data *msg" -.Fa "KRB_ERROR *result" -.Fc -.Ft void -.Fo krb5_free_error -.Fa "krb5_context context" -.Fa "krb5_error *error" -.Fc -.Ft void -.Fo krb5_free_error_contents -.Fa "krb5_context context" -.Fa "krb5_error *error" -.Fc -.Ft krb5_error_code -.Fo krb5_error_from_rd_error -.Fa "krb5_context context" -.Fa "const krb5_error *error" -.Fa "const krb5_creds *creds" -.Fc -.Sh DESCRIPTION -Usually applications never needs to parse and understand Kerberos -error messages since higher level functions will parse and push up the -error in the krb5_context. -These functions are described for completeness. -.Pp -.Fn krb5_rd_error -parses and returns the kerboeros error message, the structure should be freed with -.Fn krb5_free_error_contents -when the caller is done with the structure. -.Pp -.Fn krb5_free_error -frees the content and the memory region holding the structure iself. -.Pp -.Fn krb5_free_error_contents -free the content of the KRB-ERROR message. -.Pp -.Fn krb5_error_from_rd_error -will parse the error message and set the error buffer in krb5_context -to the error string passed back or the matching error code in the -KRB-ERROR message. -Caller should pick up the message with -.Fn krb5_get_error_string 3 -(don't forget to free the returned string with -.Fn krb5_free_error_string ) . -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_set_error_string 3 , -.Xr krb5_get_error_string 3 , -.Xr krb5.conf 5 diff --git a/crypto/heimdal/lib/krb5/krb5_rd_safe.3 b/crypto/heimdal/lib/krb5/krb5_rd_safe.3 deleted file mode 100644 index d024ae48e206..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_rd_safe.3 +++ /dev/null @@ -1,81 +0,0 @@ -.\" Copyright (c) 2003 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_rd_safe.3 17385 2006-05-01 08:48:55Z lha $ -.\" -.Dd May 1, 2006 -.Dt KRB5_RD_SAFE 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_rd_safe , -.Nm krb5_rd_priv -.Nd verifies authenticity of messages -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Ft krb5_error_code -.Fn krb5_rd_priv "krb5_context context" "krb5_auth_context auth_context" "const krb5_data *inbuf" "krb5_data *outbuf" "krb5_replay_data *outdata" -.Ft krb5_error_code -.Fn krb5_rd_safe "krb5_context context" "krb5_auth_context auth_context" "const krb5_data *inbuf" "krb5_data *outbuf" "krb5_replay_data *outdata" -.Sh DESCRIPTION -.Fn krb5_rd_safe -and -.Fn krb5_rd_priv -parses -.Li KRB-SAFE -and -.Li KRB-PRIV -messages (as generated by -.Xr krb5_mk_safe 3 -and -.Xr krb5_mk_priv 3 ) -from -.Fa inbuf -and verifies its integrity. The user data part of the message in put -in -.Fa outbuf . -The encryption state, including keyblocks and addresses, is taken from -.Fa auth_context . -If the -.Dv KRB5_AUTH_CONTEXT_RET_SEQUENCE -or -.Dv KRB5_AUTH_CONTEXT_RET_TIME -flags are set in the -.Fa auth_context -the sequence number and time are returned in the -.Fa outdata -parameter. -.Sh SEE ALSO -.Xr krb5_auth_con_init 3 , -.Xr krb5_mk_priv 3 , -.Xr krb5_mk_safe 3 diff --git a/crypto/heimdal/lib/krb5/krb5_set_default_realm.3 b/crypto/heimdal/lib/krb5/krb5_set_default_realm.3 deleted file mode 100644 index 27467d816b3b..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_set_default_realm.3 +++ /dev/null @@ -1,164 +0,0 @@ -.\" Copyright (c) 2003 - 2005 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_set_default_realm.3 17462 2006-05-05 13:18:39Z lha $ -.\" -.Dd April 24, 2005 -.Dt KRB5_SET_DEFAULT_REALM 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_copy_host_realm , -.Nm krb5_free_host_realm , -.Nm krb5_get_default_realm , -.Nm krb5_get_default_realms , -.Nm krb5_get_host_realm , -.Nm krb5_set_default_realm -.Nd default and host realm read and manipulation routines -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fo krb5_copy_host_realm -.Fa "krb5_context context" -.Fa "const krb5_realm *from" -.Fa "krb5_realm **to" -.Fc -.Ft krb5_error_code -.Fo krb5_free_host_realm -.Fa "krb5_context context" -.Fa "krb5_realm *realmlist" -.Fc -.Ft krb5_error_code -.Fo krb5_get_default_realm -.Fa "krb5_context context" -.Fa "krb5_realm *realm" -.Fc -.Ft krb5_error_code -.Fo krb5_get_default_realms -.Fa "krb5_context context" -.Fa "krb5_realm **realm" -.Fc -.Ft krb5_error_code -.Fo krb5_get_host_realm -.Fa "krb5_context context" -.Fa "const char *host" -.Fa "krb5_realm **realms" -.Fc -.Ft krb5_error_code -.Fo krb5_set_default_realm -.Fa "krb5_context context" -.Fa "const char *realm" -.Fc -.Sh DESCRIPTION -.Fn krb5_copy_host_realm -copies the list of realms from -.Fa from -to -.Fa to . -.Fa to -should be freed by the caller using -.Fa krb5_free_host_realm . -.Pp -.Fn krb5_free_host_realm -frees all memory allocated by -.Fa realmlist . -.Pp -.Fn krb5_get_default_realm -returns the first default realm for this host. -The realm returned should be freed with -.Fn free . -.Pp -.Fn krb5_get_default_realms -returns a -.Dv NULL -terminated list of default realms for this context. -Realms returned by -.Fn krb5_get_default_realms -should be freed with -.Fn krb5_free_host_realm . -.Pp -.Fn krb5_get_host_realm -returns a -.Dv NULL -terminated list of realms for -.Fa host -by looking up the information in the -.Li [domain_realm] -in -.Pa krb5.conf -or in -.Li DNS . -If the mapping in -.Li [domain_realm] -results in the string -.Li dns_locate , -DNS is used to lookup the realm. -.Pp -When using -.Li DNS -to a resolve the domain for the host a.b.c, -.Fn krb5_get_host_realm -looks for a -.Dv TXT -resource record named -.Li _kerberos.a.b.c , -and if not found, it strips off the first component and tries a again -(_kerberos.b.c) until it reaches the root. -.Pp -If there is no configuration or DNS information found, -.Fn krb5_get_host_realm -assumes it can use the domain part of the -.Fa host -to form a realm. -Caller must free -.Fa realmlist -with -.Fn krb5_free_host_realm . -.Pp -.Fn krb5_set_default_realm -sets the default realm for the -.Fa context . -If -.Dv NULL -is used as a -.Fa realm , -the -.Li [libdefaults]default_realm -stanza in -.Pa krb5.conf -is used. -If there is no such stanza in the configuration file, the -.Fn krb5_get_host_realm -function is used to form a default realm. -.Sh SEE ALSO -.Xr free 3 , -.Xr krb5.conf 5 diff --git a/crypto/heimdal/lib/krb5/krb5_set_password.3 b/crypto/heimdal/lib/krb5/krb5_set_password.3 deleted file mode 100644 index 45ed41d477f6..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_set_password.3 +++ /dev/null @@ -1,143 +0,0 @@ -.\" Copyright (c) 2003 - 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_set_password.3 14052 2004-07-15 14:39:06Z lha $ -.\" -.Dd July 15, 2004 -.Dt KRB5_SET_PASSWORD 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_change_password , -.Nm krb5_set_password , -.Nm krb5_set_password_using_ccache , -.Nm krb5_passwd_result_to_string -.Nd change password functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fo krb5_change_password -.Fa "krb5_context context" -.Fa "krb5_creds *creds" -.Fa "char *newpw" -.Fa "int *result_code" -.Fa "krb5_data *result_code_string" -.Fa "krb5_data *result_string" -.Fc -.Ft krb5_error_code -.Fo krb5_set_password -.Fa "krb5_context context" -.Fa "krb5_creds *creds" -.Fa "char *newpw" -.Fa "krb5_principal targprinc" -.Fa "int *result_code" -.Fa "krb5_data *result_code_string" -.Fa "krb5_data *result_string" -.Fc -.Ft krb5_error_code -.Fo krb5_set_password_using_ccache -.Fa "krb5_context context" -.Fa "krb5_ccache ccache" -.Fa "char *newpw" -.Fa "krb5_principal targprinc" -.Fa "int *result_code" -.Fa "krb5_data *result_code_string" -.Fa "krb5_data *result_string" -.Fc -.Ft "const char *" -.Fo krb5_passwd_result_to_string -.Fa "krb5_context context" -.Fa "int result" -.Fc -.Sh DESCRIPTION -These functions change the password for a given principal. -.Pp -.Fn krb5_set_password -and -.Fn krb5_set_password_using_ccache -are the newer of the three functions, and use a newer version of the -protocol (and also fall back to the older set-password protocol if the -newer protocol doesn't work). -.Pp -.Fn krb5_change_password -sets the password -.Fa newpasswd -for the client principal in -.Fa creds . -The server principal of creds must be -.Li kadmin/changepw . -.Pp -.Fn krb5_set_password -and -.Fn krb5_set_password_using_ccache -change the password for the principal -.Fa targprinc . -.Pp -.Fn krb5_set_password -requires that the credential for -.Li kadmin/changepw@REALM -is in -.Fa creds . -If the user caller isn't an administrator, this credential -needs to be an initial credential, see -.Xr krb5_get_init_creds 3 -how to get such credentials. -.Pp -.Fn krb5_set_password_using_ccache -will get the credential from -.Fa ccache . -.Pp -If -.Fa targprinc -is -.Dv NULL , -.Fn krb5_set_password_using_ccache -uses the the default principal in -.Fa ccache -and -.Fn krb5_set_password -uses the global the default principal. -.Pp -All three functions return an error in -.Fa result_code -and maybe an error string to print in -.Fa result_string . -.Pp -.Fn krb5_passwd_result_to_string -returns an human readable string describing the error code in -.Fa result_code -from the -.Fn krb5_set_password -functions. -.Sh SEE ALSO -.Xr krb5_ccache 3 , -.Xr krb5_init_context 3 diff --git a/crypto/heimdal/lib/krb5/krb5_sname_to_principal.3 b/crypto/heimdal/lib/krb5/krb5_sname_to_principal.3 deleted file mode 100644 index 5724ce1876c8..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_sname_to_principal.3 +++ /dev/null @@ -1,85 +0,0 @@ -.\" Copyright (c) 1997 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_sname_to_principal.3,v 1.7 2003/04/16 13:58:17 lha Exp $ -.\" -.Dd August 8, 1997 -.Dt KRB5_PRINCIPAL 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_sname_to_principal , -.Nm krb5_sock_to_principal -.Nd create a service principal -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fn krb5_sname_to_principal "krb5_context context" "const char *hostname" "const char *sname" "int32_t type" "krb5_principal *principal" -.Ft krb5_error_code -.Fn krb5_sock_to_principal "krb5_context context" "int socket" "const char *sname" "int32_t type" "krb5_principal *principal" -.Sh DESCRIPTION -These functions create a -.Dq service -principal that can, for instance, be used to lookup a key in a keytab. For both these function the -.Fa sname -parameter will be used for the first component of the created principal. If -.Fa sname -is -.Dv NULL , -.Dq host -will be used instead. -.Fn krb5_sname_to_principal -will use the passed -.Fa hostname -for the second component. If type -.Dv KRB5_NT_SRV_HST -this name will be looked up with -.Fn gethostbyname . -If -.Fa hostname is -.Dv NULL , -the local hostname will be used. -.Pp -.Fn krb5_sock_to_principal -will use the -.Dq sockname -of the passed -.Fa socket , -which should be a bound -.Dv AF_INET -socket. -.Sh SEE ALSO -.Xr krb5_425_conv_principal 3 , -.Xr krb5_build_principal 3 , -.Xr krb5_free_principal 3 , -.Xr krb5_parse_name 3 , -.Xr krb5_unparse_name 3 diff --git a/crypto/heimdal/lib/krb5/krb5_storage.3 b/crypto/heimdal/lib/krb5/krb5_storage.3 deleted file mode 100644 index cc03c5b5e24a..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_storage.3 +++ /dev/null @@ -1,427 +0,0 @@ -.\" Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_storage.3 17884 2006-08-18 08:41:09Z lha $ -.\" -.Dd Aug 18, 2006 -.Dt KRB5_STORAGE 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_storage , -.Nm krb5_storage_emem , -.Nm krb5_storage_from_data , -.Nm krb5_storage_from_fd , -.Nm krb5_storage_from_mem , -.Nm krb5_storage_set_flags , -.Nm krb5_storage_clear_flags , -.Nm krb5_storage_is_flags , -.Nm krb5_storage_set_byteorder , -.Nm krb5_storage_get_byteorder , -.Nm krb5_storage_set_eof_code , -.Nm krb5_storage_seek , -.Nm krb5_storage_read , -.Nm krb5_storage_write , -.Nm krb5_storage_free , -.Nm krb5_storage_to_data , -.Nm krb5_store_int32 , -.Nm krb5_ret_int32 , -.Nm krb5_store_uint32 , -.Nm krb5_ret_uint32 , -.Nm krb5_store_int16 , -.Nm krb5_ret_int16 , -.Nm krb5_store_uint16 , -.Nm krb5_ret_uint16 , -.Nm krb5_store_int8 , -.Nm krb5_ret_int8 , -.Nm krb5_store_uint8 , -.Nm krb5_ret_uint8 , -.Nm krb5_store_data , -.Nm krb5_ret_data , -.Nm krb5_store_string , -.Nm krb5_ret_string , -.Nm krb5_store_stringnl , -.Nm krb5_ret_stringnl , -.Nm krb5_store_stringz , -.Nm krb5_ret_stringz , -.Nm krb5_store_principal , -.Nm krb5_ret_principal , -.Nm krb5_store_keyblock , -.Nm krb5_ret_keyblock , -.Nm krb5_store_times , -.Nm krb5_ret_times , -.Nm krb5_store_address , -.Nm krb5_ret_address , -.Nm krb5_store_addrs , -.Nm krb5_ret_addrs , -.Nm krb5_store_authdata , -.Nm krb5_ret_authdata , -.Nm krb5_store_creds , -.Nm krb5_ret_creds -.Nd operates on the Kerberos datatype krb5_storage -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Li "struct krb5_storage;" -.Pp -.Ft "krb5_storage *" -.Fn krb5_storage_from_fd "int fd" -.Ft "krb5_storage *" -.Fn krb5_storage_emem "void" -.Ft "krb5_storage *" -.Fn krb5_storage_from_mem "void *buf" "size_t len" -.Ft "krb5_storage *" -.Fn krb5_storage_from_data "krb5_data *data" -.Ft void -.Fn krb5_storage_set_flags "krb5_storage *sp" "krb5_flags flags" -.Ft void -.Fn krb5_storage_clear_flags "krb5_storage *sp" "krb5_flags flags" -.Ft krb5_boolean -.Fn krb5_storage_is_flags "krb5_storage *sp" "krb5_flags flags" -.Ft void -.Fn krb5_storage_set_byteorder "krb5_storage *sp" "krb5_flags byteorder" -.Ft krb5_flags -.Fn krb5_storage_get_byteorder "krb5_storage *sp" "krb5_flags byteorder" -.Ft void -.Fn krb5_storage_set_eof_code "krb5_storage *sp" "int code" -.Ft off_t -.Fn krb5_storage_seek "krb5_storage *sp" "off_t offset" "int whence" -.Ft krb5_ssize_t -.Fn krb5_storage_read "krb5_storage *sp" "void *buf" "size_t len" -.Ft krb5_ssize_t -.Fn krb5_storage_write "krb5_storage *sp" "const void *buf" "size_t len" -.Ft krb5_error_code -.Fn krb5_storage_free "krb5_storage *sp" -.Ft krb5_error_code -.Fn krb5_storage_to_data "krb5_storage *sp" "krb5_data *data" -.Ft krb5_error_code -.Fn krb5_store_int32 "krb5_storage *sp" "int32_t value" -.Ft krb5_error_code -.Fn krb5_ret_int32 "krb5_storage *sp" "int32_t *value" -.Ft krb5_error_code -.Fn krb5_ret_uint32 "krb5_storage *sp" "uint32_t *value" -.Ft krb5_error_code -.Fn krb5_store_uint32 "krb5_storage *sp" "uint32_t value" -.Ft krb5_error_code -.Fn krb5_store_int16 "krb5_storage *sp" "int16_t value" -.Ft krb5_error_code -.Fn krb5_ret_int16 "krb5_storage *sp" "int16_t *value" -.Ft krb5_error_code -.Fn krb5_store_uint16 "krb5_storage *sp" "uint16_t value" -.Ft krb5_error_code -.Fn krb5_ret_uint16 "krb5_storage *sp" "u_int16_t *value" -.Ft krb5_error_code -.Fn krb5_store_int8 "krb5_storage *sp" "int8_t value" -.Ft krb5_error_code -.Fn krb5_ret_int8 "krb5_storage *sp" "int8_t *value" -.Ft krb5_error_code -.Fn krb5_store_uint8 "krb5_storage *sp" "u_int8_t value" -.Ft krb5_error_code -.Fn krb5_ret_uint8 "krb5_storage *sp" "u_int8_t *value" -.Ft krb5_error_code -.Fn krb5_store_data "krb5_storage *sp" "krb5_data data" -.Ft krb5_error_code -.Fn krb5_ret_data "krb5_storage *sp" "krb5_data *data" -.Ft krb5_error_code -.Fn krb5_store_string "krb5_storage *sp" "const char *s" -.Ft krb5_error_code -.Fn krb5_ret_string "krb5_storage *sp" "char **string" -.Ft krb5_error_code -.Fn krb5_store_stringnl "krb5_storage *sp" "const char *s" -.Ft krb5_error_code -.Fn krb5_ret_stringnl "krb5_storage *sp" "char **string" -.Ft krb5_error_code -.Fn krb5_store_stringz "krb5_storage *sp" "const char *s" -.Ft krb5_error_code -.Fn krb5_ret_stringz "krb5_storage *sp" "char **string" -.Ft krb5_error_code -.Fn krb5_store_principal "krb5_storage *sp" "krb5_const_principal p" -.Ft krb5_error_code -.Fn krb5_ret_principal "krb5_storage *sp" "krb5_principal *princ" -.Ft krb5_error_code -.Fn krb5_store_keyblock "krb5_storage *sp" "krb5_keyblock p" -.Ft krb5_error_code -.Fn krb5_ret_keyblock "krb5_storage *sp" "krb5_keyblock *p" -.Ft krb5_error_code -.Fn krb5_store_times "krb5_storage *sp" "krb5_times times" -.Ft krb5_error_code -.Fn krb5_ret_times "krb5_storage *sp" "krb5_times *times" -.Ft krb5_error_code -.Fn krb5_store_address "krb5_storage *sp" "krb5_address p" -.Ft krb5_error_code -.Fn krb5_ret_address "krb5_storage *sp" "krb5_address *adr" -.Ft krb5_error_code -.Fn krb5_store_addrs "krb5_storage *sp" "krb5_addresses p" -.Ft krb5_error_code -.Fn krb5_ret_addrs "krb5_storage *sp" "krb5_addresses *adr" -.Ft krb5_error_code -.Fn krb5_store_authdata "krb5_storage *sp" "krb5_authdata auth" -.Ft krb5_error_code -.Fn krb5_ret_authdata "krb5_storage *sp" "krb5_authdata *auth" -.Ft krb5_error_code -.Fn krb5_store_creds "krb5_storage *sp" "krb5_creds *creds" -.Ft krb5_error_code -.Fn krb5_ret_creds "krb5_storage *sp" "krb5_creds *creds" -.Sh DESCRIPTION -The -.Li krb5_storage -structure holds a storage element that is used for data manipulation. -The structure contains no public accessible elements. -.Pp -.Fn krb5_storage_emem -create a memory based krb5 storage unit that dynamicly resized to the -ammount of data stored in. -The storage never returns errors, on memory allocation errors -.Xr exit 3 -will be called. -.Pp -.Fn krb5_storage_from_data -create a krb5 storage unit that will read is data from a -.Li krb5_data . -There is no copy made of the -.Fa data , -so the caller must not free -.Fa data -until the storage is freed. -.Pp -.Fn krb5_storage_from_fd -create a krb5 storage unit that will read is data from a -file descriptor. -The descriptor must be seekable if -.Fn krb5_storage_seek -is used. -Caller must not free the file descriptor before the storage is freed. -.Pp -.Fn krb5_storage_from_mem -create a krb5 storage unit that will read is data from a -memory region. -There is no copy made of the -.Fa data , -so the caller must not free -.Fa data -until the storage is freed. -.Pp -.Fn krb5_storage_set_flags -and -.Fn krb5_storage_clear_flags -modifies the behavior of the storage functions. -.Fn krb5_storage_is_flags -tests if the -.Fa flags -are set on the -.Li krb5_storage . -Valid flags to set, is and clear is are: -.Pp -.Bl -tag -width "Fan vet..." -compact -offset indent -.It KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS -Stores the number of principal componets one too many when storing -principal namees, used for compatibility with version 1 of file -keytabs and version 1 of file credential caches. -.It KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE -Doesn't store the name type in when storing a principal name, used for -compatibility with version 1 of file keytabs and version 1 of file -credential caches. -.It KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE -Stores the keyblock type twice storing a keyblock, used for -compatibility version 3 of file credential caches. -.It KRB5_STORAGE_BYTEORDER_MASK -bitmask that can be used to and out what type of byte order order is used. -.It KRB5_STORAGE_BYTEORDER_BE -Store integers in in big endian byte order, this is the default mode. -.It KRB5_STORAGE_BYTEORDER_LE -Store integers in in little endian byte order. -.It KRB5_STORAGE_BYTEORDER_HOST -Stores the integers in host byte order, used for compatibility with -version 1 of file keytabs and version 1 and 2 of file credential -caches. -.It KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER -Store the credential flags in a krb5_creds in the reverse bit order. -.El -.Pp -.Fn krb5_storage_set_byteorder -and -.Fn krb5_storage_get_byteorder -modifies the byte order used in the storage for integers. -The flags used is same as above. -The valid flags are -.Dv KRB5_STORAGE_BYTEORDER_BE , -.Dv KRB5_STORAGE_BYTEORDER_LE -and -.Dv KRB5_STORAGE_BYTEORDER_HOST . -.Pp -.Fn krb5_storage_set_eof_code -sets the error code that will be returned on end of file condition to -.Fa code . -.Pp -.Fn krb5_storage_seek -seeks -.Fa offset -bytes in the storage -.Fa sp . -The -.Fa whence -argument is one of -.Bl -tag -width SEEK_SET -compact -offset indent -.It SEEK_SET -offset is from begining of storage. -.It SEEK_CUR -offset is relative from current offset. -.It SEEK_END -offset is from end of storage. -.El -.Pp -.Fn krb5_storage_read -reads -.Fa len -(or less bytes in case of end of file) into -.Fa buf -from the current offset in the storage -.Fa sp . -.Pp -.Fn krb5_storage_write -writes -.Fa len -or (less bytes in case of end of file) from -.Fa buf -from the current offset in the storage -.Fa sp . -.Pp -.Fn krb5_storage_free -frees the storage -.Fa sp . -.Pp -.Fn krb5_storage_to_data -converts the data in storage -.Fa sp -into a -.Li krb5_data -structure. -.Fa data -must be freed with -.Fn krb5_data_free -by the caller when done with the -.Fa data . -.Pp -All -.Li krb5_store -and -.Li krb5_ret -functions move the current offset forward when the functions returns. -.Pp -.Fn krb5_store_int32 , -.Fn krb5_ret_int32 , -.Fn krb5_store_uint32 , -.Fn krb5_ret_uint32 , -.Fn krb5_store_int16 , -.Fn krb5_ret_int16 , -.Fn krb5_store_uint16 , -.Fn krb5_ret_uint16 , -.Fn krb5_store_int8 , -.Fn krb5_ret_int8 -.Fn krb5_store_uint8 , -and -.Fn krb5_ret_uint8 -stores and reads an integer from -.Fa sp -in the byte order specified by the flags set on the -.Fa sp . -.Pp -.Fn krb5_store_data -and -.Fn krb5_ret_data -store and reads a krb5_data. -The length of the data is stored with -.Fn krb5_store_int32 . -.Pp -.Fn krb5_store_string -and -.Fn krb5_ret_string -store and reads a string by storing the length of the string with -.Fn krb5_store_int32 -followed by the string itself. -.Pp -.Fn krb5_store_stringnl -and -.Fn krb5_ret_stringnl -store and reads a string by storing string followed by a -.Dv '\n' . -.Pp -.Fn krb5_store_stringz -and -.Fn krb5_ret_stringz -store and reads a string by storing string followed by a -.Dv NUL . -.Pp -.Fn krb5_store_principal -and -.Fn krb5_ret_principal -store and reads a principal. -.Pp -.Fn krb5_store_keyblock -and -.Fn krb5_ret_keyblock -store and reads a -.Li krb5_keyblock . -.Pp -.Fn krb5_store_times -.Fn krb5_ret_times -store and reads -.Li krb5_times -structure . -.Pp -.Fn krb5_store_address -and -.Fn krb5_ret_address -store and reads a -.Li krb5_address . -.Pp -.Fn krb5_store_addrs -and -.Fn krb5_ret_addrs -store and reads a -.Li krb5_addresses . -.Pp -.Fn krb5_store_authdata -and -.Fn krb5_ret_authdata -store and reads a -.Li krb5_authdata . -.Pp -.Fn krb5_store_creds -and -.Fn krb5_ret_creds -store and reads a -.Li krb5_creds . -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_data 3 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_string_to_key.3 b/crypto/heimdal/lib/krb5/krb5_string_to_key.3 deleted file mode 100644 index cf96f4e013bf..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_string_to_key.3 +++ /dev/null @@ -1,156 +0,0 @@ -.\" Copyright (c) 2004 - 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_string_to_key.3 17820 2006-07-10 14:28:01Z lha $ -.\" -.Dd July 10, 2006 -.Dt KRB5_STRING_TO_KEY 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_string_to_key , -.Nm krb5_string_to_key_data , -.Nm krb5_string_to_key_data_salt , -.Nm krb5_string_to_key_data_salt_opaque , -.Nm krb5_string_to_key_salt , -.Nm krb5_string_to_key_salt_opaque , -.Nm krb5_get_pw_salt , -.Nm krb5_free_salt -.Nd turns a string to a Kerberos key -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fo krb5_string_to_key -.Fa "krb5_context context" -.Fa "krb5_enctype enctype" -.Fa "const char *password" -.Fa "krb5_principal principal" -.Fa "krb5_keyblock *key" -.Fc -.Ft krb5_error_code -.Fo krb5_string_to_key_data -.Fa "krb5_context context" -.Fa "krb5_enctype enctype" -.Fa "krb5_data password" -.Fa "krb5_principal principal" -.Fa "krb5_keyblock *key" -.Fc -.Ft krb5_error_code -.Fo krb5_string_to_key_data_salt -.Fa "krb5_context context" -.Fa "krb5_enctype enctype" -.Fa "krb5_data password" -.Fa "krb5_salt salt" -.Fa "krb5_keyblock *key" -.Fc -.Ft krb5_error_code -.Fo krb5_string_to_key_data_salt_opaque -.Fa "krb5_context context" -.Fa "krb5_enctype enctype" -.Fa "krb5_data password" -.Fa "krb5_salt salt" -.Fa "krb5_data opaque" -.Fa "krb5_keyblock *key" -.Fc -.Ft krb5_error_code -.Fo krb5_string_to_key_salt -.Fa "krb5_context context" -.Fa "krb5_enctype enctype" -.Fa "const char *password" -.Fa "krb5_salt salt" -.Fa "krb5_keyblock *key" -.Fc -.Ft krb5_error_code -.Fo krb5_string_to_key_salt_opaque -.Fa "krb5_context context" -.Fa "krb5_enctype enctype" -.Fa "const char *password" -.Fa "krb5_salt salt" -.Fa "krb5_data opaque" -.Fa "krb5_keyblock *key" -.Fc -.Ft krb5_error_code -.Fo krb5_get_pw_salt -.Fa "krb5_context context" -.Fa "krb5_const_principal principal" -.Fa "krb5_salt *salt" -.Fc -.Ft krb5_error_code -.Fo krb5_free_salt -.Fa "krb5_context context" -.Fa "krb5_salt salt" -.Fc -.Sh DESCRIPTION -The string to key functions convert a string to a kerberos key. -.Pp -.Fn krb5_string_to_key_data_salt_opaque -is the function that does all the work, the rest of the functions are -just wrapers around -.Fn krb5_string_to_key_data_salt_opaque -that calls it with default values. -.Pp -.Fn krb5_string_to_key_data_salt_opaque -transforms the -.Fa password -with the given salt-string -.Fa salt -and the opaque, encryption type specific parameter -.Fa opaque -to a encryption key -.Fa key -according to the string to key function associated with -.Fa enctype . -.Pp -The -.Fa key -should be freed with -.Fn krb5_free_keyblock_contents . -.Pp -If one of the functions that doesn't take a -.Li krb5_salt -as it argument -.Fn krb5_get_pw_salt -is used to get the salt value. -.Pp -.Fn krb5_get_pw_salt -get the default password salt for a principal, use -.Fn krb5_free_salt -to free the salt when done. -.Pp -.Fn krb5_free_salt -frees the content of -.Fa salt . -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_data 3 , -.Xr krb5_keyblock 3 , -.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_ticket.3 b/crypto/heimdal/lib/krb5/krb5_ticket.3 deleted file mode 100644 index 4f6d45ba5765..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_ticket.3 +++ /dev/null @@ -1,137 +0,0 @@ -.\" Copyright (c) 2003 - 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_ticket.3 19543 2006-12-28 20:48:50Z lha $ -.\" -.Dd May 1, 2006 -.Dt KRB5_TICKET 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_ticket , -.Nm krb5_free_ticket , -.Nm krb5_copy_ticket , -.Nm krb5_ticket_get_authorization_data_type , -.Nm krb5_ticket_get_client , -.Nm krb5_ticket_get_server , -.Nm krb5_ticket_get_endtime -.Nd Kerberos 5 ticket access and handling functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Li krb5_ticket ; -.Pp -.Ft krb5_error_code -.Fo krb5_free_ticket -.Fa "krb5_context context" -.Fa "krb5_ticket *ticket" -.Fc -.Ft krb5_error_code -.Fo krb5_copy_ticket -.Fa "krb5_context context" -.Fa "const krb5_ticket *from" -.Fa "krb5_ticket **to" -.Fc -.Ft krb5_error_code -.Fo krb5_ticket_get_authorization_data_type -.Fa "krb5_context context" -.Fa "krb5_ticket *ticket" -.Fa "int type" -.Fa "krb5_data *data" -.Fc -.Ft krb5_error_code -.Fo krb5_ticket_get_client -.Fa "krb5_context context" -.Fa "const krb5_ticket *ticket" -.Fa "krb5_principal *client" -.Fc -.Ft krb5_error_code -.Fo krb5_ticket_get_server -.Fa "krb5_context context" -.Fa "const krb5_ticket *ticket" -.Fa "krb5_principal *server" -.Fc -.Ft time_t -.Fo krb5_ticket_get_endtime -.Fa "krb5_context context" -.Fa "const krb5_ticket *ticket" -.Fc -.Sh DESCRIPTION -.Li krb5_ticket -holds a kerberos ticket. -The internals of the structure should never be accessed directly, -functions exist for extracting information. -.Pp -.Fn krb5_free_ticket -frees the -.Fa ticket -and its content. -Used to free the result of -.Fn krb5_copy_ticket -and -.Fn krb5_recvauth . -.Pp -.Fn krb5_copy_ticket -copies the content of the ticket -.Fa from -to the ticket -.Fa to . -The result -.Fa to -should be freed with -.Fn krb5_free_ticket . -.Pp -.Fn krb5_ticket_get_authorization_data_type -fetches the authorization data of the type -.Fa type -from the -.Fa ticket . -If there isn't any authorization data of type -.Fa type , -.Dv ENOENT -is returned. -.Fa data -needs to be freed with -.Fn krb5_data_free -on success. -.Pp -.Fn krb5_ticket_get_client -and -.Fn krb5_ticket_get_server -returns a copy of the client/server principal from the ticket. -The principal returned should be free using -.Xr krb5_free_principal 3 . -.Pp -.Fn krb5_ticket_get_endtime -return the end time of the ticket. -.Sh SEE ALSO -.Xr krb5 3 diff --git a/crypto/heimdal/lib/krb5/krb5_timeofday.3 b/crypto/heimdal/lib/krb5/krb5_timeofday.3 deleted file mode 100644 index 4163cc1b7165..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_timeofday.3 +++ /dev/null @@ -1,118 +0,0 @@ -.\" $Id: krb5_timeofday.3 18093 2006-09-16 09:27:28Z lha $ -.\" -.\" Copyright (c) 2001, 2003, 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_timeofday.3 18093 2006-09-16 09:27:28Z lha $ -.\" -.Dd Sepember 16, 2006 -.Dt KRB5_TIMEOFDAY 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_timeofday , -.Nm krb5_set_real_time , -.Nm krb5_us_timeofday , -.Nm krb5_format_time , -.Nm krb5_string_to_deltat -.Nd Kerberos 5 time handling functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Li krb5_timestamp ; -.Pp -.Li krb5_deltat ; -.Ft krb5_error_code -.Fo krb5_set_real_time -.Fa "krb5_context context" -.Fa "krb5_timestamp sec" -.Fa "int32_t usec" -.Fc -.Ft krb5_error_code -.Fo krb5_timeofday -.Fa "krb5_context context" -.Fa "krb5_timestamp *timeret" -.Fc -.Ft krb5_error_code -.Fo krb5_us_timeofday -.Fa "krb5_context context" -.Fa "krb5_timestamp *sec" -.Fa "int32_t *usec" -.Fc -.Ft krb5_error_code -.Fo krb5_format_time -.Fa "krb5_context context" -.Fa "time_t t" -.Fa "char *s" -.Fa "size_t len" -.Fa "krb5_boolean include_time" -.Fc -.Ft krb5_error_code -.Fo krb5_string_to_deltat -.Fa "const char *string" -.Fa "krb5_deltat *deltat" -.Fc -.Sh DESCRIPTION -.Nm krb5_set_real_time -sets the absolute time that the caller knows the KDC has. -With this the Kerberos library can calculate the relative -difference between the KDC time and the local system time and store it -in the -.Fa context . -With this information the Kerberos library can adjust all time stamps -in Kerberos packages. -.Pp -.Fn krb5_timeofday -returns the current time, but adjusted with the time difference -between the local host and the KDC. -.Fn krb5_us_timeofday -also returns microseconds. -.Pp -.Nm krb5_format_time -formats the time -.Fa t -into the string -.Fa s -of length -.Fa len . -If -.Fa include_time -is set, the time is set include_time. -.Pp -.Nm krb5_string_to_deltat -parses delta time -.Fa string -into -.Fa deltat . -.Sh SEE ALSO -.Xr gettimeofday 2 , -.Xr krb5 3 diff --git a/crypto/heimdal/lib/krb5/krb5_unparse_name.3 b/crypto/heimdal/lib/krb5/krb5_unparse_name.3 deleted file mode 100644 index 274d638d6694..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_unparse_name.3 +++ /dev/null @@ -1,62 +0,0 @@ -.\" Copyright (c) 1997 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_unparse_name.3 12329 2003-05-26 14:09:04Z lha $ -.\" -.Dd August 8, 1997 -.Dt KRB5_UNPARSE_NAME 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_unparse_name -.\" .Nm krb5_unparse_name_ext -.Nd principal to string conversion -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fn krb5_unparse_name "krb5_context context" "krb5_principal principal" "char **name" -.\" .Ft krb5_error_code -.\" .Fn krb5_unparse_name_ext "krb5_context context" "krb5_const_principal principal" "char **name" "size_t *size" -.Sh DESCRIPTION -This function takes a -.Fa principal , -and will convert in to a printable representation with the same syntax -as described in -.Xr krb5_parse_name 3 . -.Fa *name -will point to allocated data and should be freed by the caller. -.Sh SEE ALSO -.Xr krb5_425_conv_principal 3 , -.Xr krb5_build_principal 3 , -.Xr krb5_free_principal 3 , -.Xr krb5_parse_name 3 , -.Xr krb5_sname_to_principal 3 diff --git a/crypto/heimdal/lib/krb5/krb5_verify_init_creds.3 b/crypto/heimdal/lib/krb5/krb5_verify_init_creds.3 deleted file mode 100644 index 9a34648981b4..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_verify_init_creds.3 +++ /dev/null @@ -1,103 +0,0 @@ -.\" Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_verify_init_creds.3 22071 2007-11-14 20:04:50Z lha $ -.\" -.Dd May 1, 2006 -.Dt KRB5_VERIFY_INIT_CREDS 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_verify_init_creds_opt_init , -.Nm krb5_verify_init_creds_opt_set_ap_req_nofail , -.Nm krb5_verify_init_creds -.Nd "verifies a credential cache is correct by using a local keytab" -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Pp -.Li "struct krb5_verify_init_creds_opt;" -.Ft void -.Fo krb5_verify_init_creds_opt_init -.Fa "krb5_verify_init_creds_opt *options" -.Fc -.Ft void -.Fo krb5_verify_init_creds_opt_set_ap_req_nofail -.Fa "krb5_verify_init_creds_opt *options" -.Fa "int ap_req_nofail" -.Fc -.Ft krb5_error_code -.Fo krb5_verify_init_creds -.Fa "krb5_context context" -.Fa "krb5_creds *creds" -.Fa "krb5_principal ap_req_server" -.Fa "krb5_ccache *ccache" -.Fa "krb5_verify_init_creds_opt *options" -.Fc -.Sh DESCRIPTION -The -.Nm krb5_verify_init_creds -function verifies the initial tickets with the local keytab to make -sure the response of the KDC was spoof-ed. -.Pp -.Nm krb5_verify_init_creds -will use principal -.Fa ap_req_server -from the local keytab, if -.Dv NULL -is passed in, the code will guess the local hostname and use that to -form host/hostname/GUESSED-REALM-FOR-HOSTNAME. -.Fa creds -is the credential that -.Nm krb5_verify_init_creds -should verify. -If -.Fa ccache -is given -.Fn krb5_verify_init_creds -stores all credentials it fetched from the KDC there, otherwise it -will use a memory credential cache that is destroyed when done. -.Pp -.Fn krb5_verify_init_creds_opt_init -cleans the the structure, must be used before trying to pass it in to -.Fn krb5_verify_init_creds . -.Pp -.Fn krb5_verify_init_creds_opt_set_ap_req_nofail -controls controls the behavior if -.Fa ap_req_server -doesn't exists in the local keytab or in the KDC's database, if it's -true, the error will be ignored. Note that this use is possible -insecure. -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_get_init_creds 3 , -.Xr krb5_verify_user 3 , -.Xr krb5.conf 5 diff --git a/crypto/heimdal/lib/krb5/krb5_verify_user.3 b/crypto/heimdal/lib/krb5/krb5_verify_user.3 deleted file mode 100644 index 8086bc04baf4..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_verify_user.3 +++ /dev/null @@ -1,241 +0,0 @@ -.\" Copyright (c) 2001 - 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_verify_user.3 22071 2007-11-14 20:04:50Z lha $ -.\" -.Dd May 1, 2006 -.Dt KRB5_VERIFY_USER 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_verify_user , -.Nm krb5_verify_user_lrealm , -.Nm krb5_verify_user_opt , -.Nm krb5_verify_opt_init , -.Nm krb5_verify_opt_alloc , -.Nm krb5_verify_opt_free , -.Nm krb5_verify_opt_set_ccache , -.Nm krb5_verify_opt_set_flags , -.Nm krb5_verify_opt_set_service , -.Nm krb5_verify_opt_set_secure , -.Nm krb5_verify_opt_set_keytab -.Nd Heimdal password verifying functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fn "krb5_verify_user" "krb5_context context" " krb5_principal principal" "krb5_ccache ccache" "const char *password" "krb5_boolean secure" "const char *service" -.Ft krb5_error_code -.Fn "krb5_verify_user_lrealm" "krb5_context context" "krb5_principal principal" "krb5_ccache ccache" "const char *password" "krb5_boolean secure" "const char *service" -.Ft void -.Fn krb5_verify_opt_init "krb5_verify_opt *opt" -.Ft void -.Fn krb5_verify_opt_alloc "krb5_verify_opt **opt" -.Ft void -.Fn krb5_verify_opt_free "krb5_verify_opt *opt" -.Ft void -.Fn krb5_verify_opt_set_ccache "krb5_verify_opt *opt" "krb5_ccache ccache" -.Ft void -.Fn krb5_verify_opt_set_keytab "krb5_verify_opt *opt" "krb5_keytab keytab" -.Ft void -.Fn krb5_verify_opt_set_secure "krb5_verify_opt *opt" "krb5_boolean secure" -.Ft void -.Fn krb5_verify_opt_set_service "krb5_verify_opt *opt" "const char *service" -.Ft void -.Fn krb5_verify_opt_set_flags "krb5_verify_opt *opt" "unsigned int flags" -.Ft krb5_error_code -.Fo krb5_verify_user_opt -.Fa "krb5_context context" -.Fa "krb5_principal principal" -.Fa "const char *password" -.Fa "krb5_verify_opt *opt" -.Fc -.Sh DESCRIPTION -The -.Nm krb5_verify_user -function verifies the password supplied by a user. -The principal whose password will be verified is specified in -.Fa principal . -New tickets will be obtained as a side-effect and stored in -.Fa ccache -(if -.Dv NULL , -the default ccache is used). -.Fn krb5_verify_user -will call -.Fn krb5_cc_initialize -on the given -.Fa ccache , -so -.Fa ccache -must only initialized with -.Fn krb5_cc_resolve -or -.Fn krb5_cc_gen_new . -If the password is not supplied in -.Fa password -(and is given as -.Dv NULL ) -the user will be prompted for it. -If -.Fa secure -the ticket will be verified against the locally stored service key -.Fa service -(by default -.Ql host -if given as -.Dv NULL -). -.Pp -The -.Fn krb5_verify_user_lrealm -function does the same, except that it ignores the realm in -.Fa principal -and tries all the local realms (see -.Xr krb5.conf 5 ) . -After a successful return, the principal is set to the authenticated -realm. If the call fails, the principal will not be meaningful, and -should only be freed with -.Xr krb5_free_principal 3 . -.Pp -.Fn krb5_verify_opt_alloc -and -.Fn krb5_verify_opt_free -allocates and frees a -.Li krb5_verify_opt . -You should use the the alloc and free function instead of allocation -the structure yourself, this is because in a future release the -structure wont be exported. -.Pp -.Fn krb5_verify_opt_init -resets all opt to default values. -.Pp -None of the krb5_verify_opt_set function makes a copy of the data -structure that they are called with. It's up the caller to free them -after the -.Fn krb5_verify_user_opt -is called. -.Pp -.Fn krb5_verify_opt_set_ccache -sets the -.Fa ccache -that user of -.Fa opt -will use. If not set, the default credential cache will be used. -.Pp -.Fn krb5_verify_opt_set_keytab -sets the -.Fa keytab -that user of -.Fa opt -will use. If not set, the default keytab will be used. -.Pp -.Fn krb5_verify_opt_set_secure -if -.Fa secure -if true, the password verification will require that the ticket will -be verified against the locally stored service key. If not set, -default value is true. -.Pp -.Fn krb5_verify_opt_set_service -sets the -.Fa service -principal that user of -.Fa opt -will use. If not set, the -.Ql host -service will be used. -.Pp -.Fn krb5_verify_opt_set_flags -sets -.Fa flags -that user of -.Fa opt -will use. -If the flag -.Dv KRB5_VERIFY_LREALMS -is used, the -.Fa principal -will be modified like -.Fn krb5_verify_user_lrealm -modifies it. -.Pp -.Fn krb5_verify_user_opt -function verifies the -.Fa password -supplied by a user. -The principal whose password will be verified is specified in -.Fa principal . -Options the to the verification process is pass in in -.Fa opt . -.Sh EXAMPLES -Here is a example program that verifies a password. it uses the -.Ql host/`hostname` -service principal in -.Pa krb5.keytab . -.Bd -literal -#include - -int -main(int argc, char **argv) -{ - char *user; - krb5_error_code error; - krb5_principal princ; - krb5_context context; - - if (argc != 2) - errx(1, "usage: verify_passwd "); - - user = argv[1]; - - if (krb5_init_context(&context) < 0) - errx(1, "krb5_init_context"); - - if ((error = krb5_parse_name(context, user, &princ)) != 0) - krb5_err(context, 1, error, "krb5_parse_name"); - - error = krb5_verify_user(context, princ, NULL, NULL, TRUE, NULL); - if (error) - krb5_err(context, 1, error, "krb5_verify_user"); - - return 0; -} -.Ed -.Sh SEE ALSO -.Xr krb5_cc_gen_new 3 , -.Xr krb5_cc_initialize 3 , -.Xr krb5_cc_resolve 3 , -.Xr krb5_err 3 , -.Xr krb5_free_principal 3 , -.Xr krb5_init_context 3 , -.Xr krb5_kt_default 3 , -.Xr krb5.conf 5 diff --git a/crypto/heimdal/lib/krb5/krb5_warn.3 b/crypto/heimdal/lib/krb5/krb5_warn.3 deleted file mode 100644 index 5610cd8dc42e..000000000000 --- a/crypto/heimdal/lib/krb5/krb5_warn.3 +++ /dev/null @@ -1,233 +0,0 @@ -.\" Copyright (c) 1997, 2001 - 2006 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5_warn.3 19085 2006-11-21 07:55:20Z lha $ -.\" -.Dd May 1, 2006 -.Dt KRB5_WARN 3 -.Os HEIMDAL -.Sh NAME -.Nm krb5_abort , -.Nm krb5_abortx , -.Nm krb5_clear_error_string , -.Nm krb5_err , -.Nm krb5_errx , -.Nm krb5_free_error_string , -.Nm krb5_get_err_text , -.Nm krb5_get_error_message , -.Nm krb5_get_error_string , -.Nm krb5_have_error_string , -.Nm krb5_set_error_string , -.Nm krb5_set_warn_dest , -.Nm krb5_get_warn_dest , -.Nm krb5_vabort , -.Nm krb5_vabortx , -.Nm krb5_verr , -.Nm krb5_verrx , -.Nm krb5_vset_error_string , -.Nm krb5_vwarn , -.Nm krb5_vwarnx , -.Nm krb5_warn , -.Nm krb5_warnx -.Nd Heimdal warning and error functions -.Sh LIBRARY -Kerberos 5 Library (libkrb5, -lkrb5) -.Sh SYNOPSIS -.In krb5.h -.Ft krb5_error_code -.Fn krb5_abort "krb5_context context" "krb5_error_code code" "const char *fmt" "..." -.Ft krb5_error_code -.Fn krb5_abortx "krb5_context context" "krb5_error_code code" "const char *fmt" "..." -.Ft void -.Fn krb5_clear_error_string "krb5_context context" -.Ft krb5_error_code -.Fn krb5_err "krb5_context context" "int eval" "krb5_error_code code" "const char *format" "..." -.Ft krb5_error_code -.Fn krb5_errx "krb5_context context" "int eval" "const char *format" "..." -.Ft void -.Fn krb5_free_error_string "krb5_context context" "char *str" -.Ft krb5_error_code -.Fn krb5_verr "krb5_context context" "int eval" "krb5_error_code code" "const char *format" "va_list ap" -.Ft krb5_error_code -.Fn krb5_verrx "krb5_context context" "int eval" "const char *format" "va_list ap" -.Ft krb5_error_code -.Fn krb5_vset_error_string "krb5_context context" "const char *fmt" "va_list args" -.Ft krb5_error_code -.Fn krb5_vwarn "krb5_context context" "krb5_error_code code" "const char *format" "va_list ap" -.Ft krb5_error_code -.Fn krb5_vwarnx "krb5_context context" "const char *format" "va_list ap" -.Ft krb5_error_code -.Fn krb5_warn "krb5_context context" "krb5_error_code code" "const char *format" "..." -.Ft krb5_error_code -.Fn krb5_warnx "krb5_context context" "const char *format" "..." -.Ft krb5_error_code -.Fn krb5_set_error_string "krb5_context context" "const char *fmt" "..." -.Ft krb5_error_code -.Fn krb5_set_warn_dest "krb5_context context" "krb5_log_facility *facility" -.Ft "char *" -.Ft krb5_log_facility * -.Fo krb5_get_warn_dest -.Fa "krb5_context context" -.Fc -.Fn krb5_get_err_text "krb5_context context" "krb5_error_code code" -.Ft char* -.Fn krb5_get_error_string "krb5_context context" -.Ft char* -.Fn krb5_get_error_message "krb5_context context, krb5_error_code code" -.Ft krb5_boolean -.Fn krb5_have_error_string "krb5_context context" -.Ft krb5_error_code -.Fn krb5_vabortx "krb5_context context" "const char *fmt" "va_list ap" -.Ft krb5_error_code -.Fn krb5_vabort "krb5_context context" "const char *fmt" "va_list ap" -.Sh DESCRIPTION -These functions print a warning message to some destination. -.Fa format -is a printf style format specifying the message to print. The forms not ending in an -.Dq x -print the error string associated with -.Fa code -along with the message. -The -.Dq err -functions exit with exit status -.Fa eval -after printing the message. -.Pp -Applications that want to get the error message to report it to a user -or store it in a log want to use -.Fn krb5_get_error_message . -.Pp -The -.Fn krb5_set_warn_func -function sets the destination for warning messages to the specified -.Fa facility . -Messages logged with the -.Dq warn -functions have a log level of 1, while the -.Dq err -functions log with level 0. -.Pp -.Fn krb5_get_err_text -fetches the human readable strings describing the error-code. -.Pp -.Fn krb5_abort -and -.Nm krb5_abortx -behaves like -.Nm krb5_err -and -.Nm krb5_errx -but instead of exiting using the -.Xr exit 3 -call, -.Xr abort 3 -is used. -.Pp -.Fn krb5_free_error_string -frees the error string -.Fa str -returned by -.Fn krb5_get_error_string . -.Pp -.Fn krb5_clear_error_string -clears the error string from the -.Fa context . -.Pp -.Fn krb5_set_error_string -and -.Fn krb5_vset_error_string -sets an verbose error string in -.Fa context . -.Pp -.Fn krb5_get_error_string -fetches the error string from -.Fa context . -The error message in the context is consumed and must be freed using -.Fn krb5_free_error_string -by the caller. -See also -.Fn krb5_get_error_message , -what is usually less verbose to use. -.Pp -.Fn krb5_have_error_string -returns -.Dv TRUE -if there is a verbose error message in the -.Fa context . -.Pp -.Fn krb5_get_error_message -fetches the error string from the context, or if there -is no customized error string in -.Fa context , -uses -.Fa code -to return a error string. -In either case, the error message in the context is consumed and must -be freed using -.Fn krb5_free_error_string -by the caller. -.Pp -.Fn krb5_set_warn_dest -and -.Fn krb5_get_warn_dest -sets and get the log context that is used by -.Fn krb5_warn -and friends. By using this the application can control where the -output should go. For example, this is imperative to inetd servers -where logging status and error message will end up on the output -stream to the client. -.Sh EXAMPLES -Below is a simple example how to report error messages from the -Kerberos library in an application. -.Bd -literal -#include - -krb5_error_code -function (krb5_context context) -{ - krb5_error_code ret; - - ret = krb5_function (context, arg1, arg2); - if (ret) { - char *s = krb5_get_error_message(context, ret); - if (s == NULL) - errx(1, "kerberos error: %d (and out of memory)", ret); - application_logger("krb5_function failed: %s", s); - krb5_free_error_string(context, s); - return ret; - } - return 0; -} -.Ed -.Sh SEE ALSO -.Xr krb5 3 , -.Xr krb5_openlog 3 diff --git a/crypto/heimdal/lib/krb5/krb_err.et b/crypto/heimdal/lib/krb5/krb_err.et deleted file mode 100644 index f7dbb6ce7a66..000000000000 --- a/crypto/heimdal/lib/krb5/krb_err.et +++ /dev/null @@ -1,63 +0,0 @@ -# -# Error messages for the krb4 library -# -# This might look like a com_err file, but is not -# -id "$Id: krb_err.et,v 1.7 1998/03/29 14:19:52 bg Exp $" - -error_table krb - -prefix KRB4ET -ec KSUCCESS, "Kerberos 4 successful" -ec KDC_NAME_EXP, "Kerberos 4 principal expired" -ec KDC_SERVICE_EXP, "Kerberos 4 service expired" -ec KDC_AUTH_EXP, "Kerberos 4 auth expired" -ec KDC_PKT_VER, "Incorrect Kerberos 4 master key version" -ec KDC_P_MKEY_VER, "Incorrect Kerberos 4 master key version" -ec KDC_S_MKEY_VER, "Incorrect Kerberos 4 master key version" -ec KDC_BYTE_ORDER, "Kerberos 4 byte order unknown" -ec KDC_PR_UNKNOWN, "Kerberos 4 principal unknown" -ec KDC_PR_N_UNIQUE, "Kerberos 4 principal not unique" -ec KDC_NULL_KEY, "Kerberos 4 principal has null key" -index 20 -ec KDC_GEN_ERR, "Generic error from KDC (Kerberos 4)" -ec GC_TKFIL, "Can't read Kerberos 4 ticket file" -ec GC_NOTKT, "Can't find Kerberos 4 ticket or TGT" -index 26 -ec MK_AP_TGTEXP, "Kerberos 4 TGT Expired" -index 31 -ec RD_AP_UNDEC, "Kerberos 4: Can't decode authenticator" -ec RD_AP_EXP, "Kerberos 4 ticket expired" -ec RD_AP_NYV, "Kerberos 4 ticket not yet valid" -ec RD_AP_REPEAT, "Kerberos 4: Repeated request" -ec RD_AP_NOT_US, "The Kerberos 4 ticket isn't for us" -ec RD_AP_INCON, "Kerberos 4 request inconsistent" -ec RD_AP_TIME, "Kerberos 4: delta_t too big" -ec RD_AP_BADD, "Kerberos 4: incorrect net address" -ec RD_AP_VERSION, "Kerberos protocol not version 4" -ec RD_AP_MSG_TYPE, "Kerberos 4: invalid msg type" -ec RD_AP_MODIFIED, "Kerberos 4: message stream modified" -ec RD_AP_ORDER, "Kerberos 4: message out of order" -ec RD_AP_UNAUTHOR, "Kerberos 4: unauthorized request" -index 51 -ec GT_PW_NULL, "Kerberos 4: current PW is null" -ec GT_PW_BADPW, "Kerberos 4: Incorrect current password" -ec GT_PW_PROT, "Kerberos 4 protocol error" -ec GT_PW_KDCERR, "Error returned by KDC (Kerberos 4)" -ec GT_PW_NULLTKT, "Null Kerberos 4 ticket returned by KDC" -ec SKDC_RETRY, "Kerberos 4: Retry count exceeded" -ec SKDC_CANT, "Kerberos 4: Can't send request" -index 61 -ec INTK_W_NOTALL, "Kerberos 4: not all tickets returned" -ec INTK_BADPW, "Kerberos 4: incorrect password" -ec INTK_PROT, "Kerberos 4: Protocol Error" -index 70 -ec INTK_ERR, "Other error in Kerberos 4" -ec AD_NOTGT, "Don't have Kerberos 4 ticket-granting ticket" -index 76 -ec NO_TKT_FIL, "No Kerberos 4 ticket file found" -ec TKT_FIL_ACC, "Couldn't access Kerberos 4 ticket file" -ec TKT_FIL_LCK, "Couldn't lock Kerberos 4 ticket file" -ec TKT_FIL_FMT, "Bad Kerberos 4 ticket file format" -ec TKT_FIL_INI, "Kerberos 4: tf_init not called first" -ec KNAME_FMT, "Bad Kerberos 4 name format" diff --git a/crypto/heimdal/lib/krb5/krbhst-test.c b/crypto/heimdal/lib/krb5/krbhst-test.c deleted file mode 100644 index 38b0b6a36c30..000000000000 --- a/crypto/heimdal/lib/krb5/krbhst-test.c +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Copyright (c) 2001 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -#include -#include - -RCSID("$Id: krbhst-test.c 15466 2005-06-17 04:21:47Z lha $"); - -static int version_flag = 0; -static int help_flag = 0; - -static struct getargs args[] = { - {"version", 0, arg_flag, &version_flag, - "print version", NULL }, - {"help", 0, arg_flag, &help_flag, - NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - "[realms ...]"); - exit (ret); -} - -int -main(int argc, char **argv) -{ - int i, j; - krb5_context context; - int types[] = {KRB5_KRBHST_KDC, KRB5_KRBHST_ADMIN, KRB5_KRBHST_CHANGEPW, - KRB5_KRBHST_KRB524}; - const char *type_str[] = {"kdc", "admin", "changepw", "krb524"}; - int optidx = 0; - - setprogname (argv[0]); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - krb5_init_context (&context); - for(i = 0; i < argc; i++) { - krb5_krbhst_handle handle; - char host[MAXHOSTNAMELEN]; - - for (j = 0; j < sizeof(types)/sizeof(*types); ++j) { - printf ("%s for %s:\n", type_str[j], argv[i]); - - krb5_krbhst_init(context, argv[i], types[j], &handle); - while(krb5_krbhst_next_as_string(context, handle, - host, sizeof(host)) == 0) - printf("%s\n", host); - krb5_krbhst_reset(context, handle); - printf ("\n"); - } - } - return 0; -} diff --git a/crypto/heimdal/lib/krb5/krbhst.c b/crypto/heimdal/lib/krb5/krbhst.c deleted file mode 100644 index 094fd4f9c64d..000000000000 --- a/crypto/heimdal/lib/krb5/krbhst.c +++ /dev/null @@ -1,1010 +0,0 @@ -/* - * Copyright (c) 2001 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -#include -#include "locate_plugin.h" - -RCSID("$Id: krbhst.c 21457 2007-07-10 12:53:25Z lha $"); - -static int -string_to_proto(const char *string) -{ - if(strcasecmp(string, "udp") == 0) - return KRB5_KRBHST_UDP; - else if(strcasecmp(string, "tcp") == 0) - return KRB5_KRBHST_TCP; - else if(strcasecmp(string, "http") == 0) - return KRB5_KRBHST_HTTP; - return -1; -} - -/* - * set `res' and `count' to the result of looking up SRV RR in DNS for - * `proto', `proto', `realm' using `dns_type'. - * if `port' != 0, force that port number - */ - -static krb5_error_code -srv_find_realm(krb5_context context, krb5_krbhst_info ***res, int *count, - const char *realm, const char *dns_type, - const char *proto, const char *service, int port) -{ - char domain[1024]; - struct dns_reply *r; - struct resource_record *rr; - int num_srv; - int proto_num; - int def_port; - - *res = NULL; - *count = 0; - - proto_num = string_to_proto(proto); - if(proto_num < 0) { - krb5_set_error_string(context, "unknown protocol `%s'", proto); - return EINVAL; - } - - if(proto_num == KRB5_KRBHST_HTTP) - def_port = ntohs(krb5_getportbyname (context, "http", "tcp", 80)); - else if(port == 0) - def_port = ntohs(krb5_getportbyname (context, service, proto, 88)); - else - def_port = port; - - snprintf(domain, sizeof(domain), "_%s._%s.%s.", service, proto, realm); - - r = dns_lookup(domain, dns_type); - if(r == NULL) - return KRB5_KDC_UNREACH; - - for(num_srv = 0, rr = r->head; rr; rr = rr->next) - if(rr->type == T_SRV) - num_srv++; - - *res = malloc(num_srv * sizeof(**res)); - if(*res == NULL) { - dns_free_data(r); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - dns_srv_order(r); - - for(num_srv = 0, rr = r->head; rr; rr = rr->next) - if(rr->type == T_SRV) { - krb5_krbhst_info *hi; - size_t len = strlen(rr->u.srv->target); - - hi = calloc(1, sizeof(*hi) + len); - if(hi == NULL) { - dns_free_data(r); - while(--num_srv >= 0) - free((*res)[num_srv]); - free(*res); - *res = NULL; - return ENOMEM; - } - (*res)[num_srv++] = hi; - - hi->proto = proto_num; - - hi->def_port = def_port; - if (port != 0) - hi->port = port; - else - hi->port = rr->u.srv->port; - - strlcpy(hi->hostname, rr->u.srv->target, len + 1); - } - - *count = num_srv; - - dns_free_data(r); - return 0; -} - - -struct krb5_krbhst_data { - char *realm; - unsigned int flags; - int def_port; - int port; /* hardwired port number if != 0 */ -#define KD_CONFIG 1 -#define KD_SRV_UDP 2 -#define KD_SRV_TCP 4 -#define KD_SRV_HTTP 8 -#define KD_FALLBACK 16 -#define KD_CONFIG_EXISTS 32 -#define KD_LARGE_MSG 64 -#define KD_PLUGIN 128 - krb5_error_code (*get_next)(krb5_context, struct krb5_krbhst_data *, - krb5_krbhst_info**); - - unsigned int fallback_count; - - struct krb5_krbhst_info *hosts, **index, **end; -}; - -static krb5_boolean -krbhst_empty(const struct krb5_krbhst_data *kd) -{ - return kd->index == &kd->hosts; -} - -/* - * Return the default protocol for the `kd' (either TCP or UDP) - */ - -static int -krbhst_get_default_proto(struct krb5_krbhst_data *kd) -{ - if (kd->flags & KD_LARGE_MSG) - return KRB5_KRBHST_TCP; - return KRB5_KRBHST_UDP; -} - - -/* - * parse `spec' into a krb5_krbhst_info, defaulting the port to `def_port' - * and forcing it to `port' if port != 0 - */ - -static struct krb5_krbhst_info* -parse_hostspec(krb5_context context, struct krb5_krbhst_data *kd, - const char *spec, int def_port, int port) -{ - const char *p = spec; - struct krb5_krbhst_info *hi; - - hi = calloc(1, sizeof(*hi) + strlen(spec)); - if(hi == NULL) - return NULL; - - hi->proto = krbhst_get_default_proto(kd); - - if(strncmp(p, "http://", 7) == 0){ - hi->proto = KRB5_KRBHST_HTTP; - p += 7; - } else if(strncmp(p, "http/", 5) == 0) { - hi->proto = KRB5_KRBHST_HTTP; - p += 5; - def_port = ntohs(krb5_getportbyname (context, "http", "tcp", 80)); - }else if(strncmp(p, "tcp/", 4) == 0){ - hi->proto = KRB5_KRBHST_TCP; - p += 4; - } else if(strncmp(p, "udp/", 4) == 0) { - p += 4; - } - - if(strsep_copy(&p, ":", hi->hostname, strlen(spec) + 1) < 0) { - free(hi); - return NULL; - } - /* get rid of trailing /, and convert to lower case */ - hi->hostname[strcspn(hi->hostname, "/")] = '\0'; - strlwr(hi->hostname); - - hi->port = hi->def_port = def_port; - if(p != NULL) { - char *end; - hi->port = strtol(p, &end, 0); - if(end == p) { - free(hi); - return NULL; - } - } - if (port) - hi->port = port; - return hi; -} - -void -_krb5_free_krbhst_info(krb5_krbhst_info *hi) -{ - if (hi->ai != NULL) - freeaddrinfo(hi->ai); - free(hi); -} - -krb5_error_code -_krb5_krbhost_info_move(krb5_context context, - krb5_krbhst_info *from, - krb5_krbhst_info **to) -{ - size_t hostnamelen = strlen(from->hostname); - /* trailing NUL is included in structure */ - *to = calloc(1, sizeof(**to) + hostnamelen); - if(*to == NULL) { - krb5_set_error_string(context, "malloc - out of memory"); - return ENOMEM; - } - - (*to)->proto = from->proto; - (*to)->port = from->port; - (*to)->def_port = from->def_port; - (*to)->ai = from->ai; - from->ai = NULL; - (*to)->next = NULL; - memcpy((*to)->hostname, from->hostname, hostnamelen + 1); - return 0; -} - - -static void -append_host_hostinfo(struct krb5_krbhst_data *kd, struct krb5_krbhst_info *host) -{ - struct krb5_krbhst_info *h; - - for(h = kd->hosts; h; h = h->next) - if(h->proto == host->proto && - h->port == host->port && - strcmp(h->hostname, host->hostname) == 0) { - _krb5_free_krbhst_info(host); - return; - } - *kd->end = host; - kd->end = &host->next; -} - -static krb5_error_code -append_host_string(krb5_context context, struct krb5_krbhst_data *kd, - const char *host, int def_port, int port) -{ - struct krb5_krbhst_info *hi; - - hi = parse_hostspec(context, kd, host, def_port, port); - if(hi == NULL) - return ENOMEM; - - append_host_hostinfo(kd, hi); - return 0; -} - -/* - * return a readable representation of `host' in `hostname, hostlen' - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_krbhst_format_string(krb5_context context, const krb5_krbhst_info *host, - char *hostname, size_t hostlen) -{ - const char *proto = ""; - char portstr[7] = ""; - if(host->proto == KRB5_KRBHST_TCP) - proto = "tcp/"; - else if(host->proto == KRB5_KRBHST_HTTP) - proto = "http://"; - if(host->port != host->def_port) - snprintf(portstr, sizeof(portstr), ":%d", host->port); - snprintf(hostname, hostlen, "%s%s%s", proto, host->hostname, portstr); - return 0; -} - -/* - * create a getaddrinfo `hints' based on `proto' - */ - -static void -make_hints(struct addrinfo *hints, int proto) -{ - memset(hints, 0, sizeof(*hints)); - hints->ai_family = AF_UNSPEC; - switch(proto) { - case KRB5_KRBHST_UDP : - hints->ai_socktype = SOCK_DGRAM; - break; - case KRB5_KRBHST_HTTP : - case KRB5_KRBHST_TCP : - hints->ai_socktype = SOCK_STREAM; - break; - } -} - -/* - * return an `struct addrinfo *' in `ai' corresponding to the information - * in `host'. free:ing is handled by krb5_krbhst_free. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_krbhst_get_addrinfo(krb5_context context, krb5_krbhst_info *host, - struct addrinfo **ai) -{ - struct addrinfo hints; - char portstr[NI_MAXSERV]; - int ret; - - if (host->ai == NULL) { - make_hints(&hints, host->proto); - snprintf (portstr, sizeof(portstr), "%d", host->port); - ret = getaddrinfo(host->hostname, portstr, &hints, &host->ai); - if (ret) - return krb5_eai_to_heim_errno(ret, errno); - } - *ai = host->ai; - return 0; -} - -static krb5_boolean -get_next(struct krb5_krbhst_data *kd, krb5_krbhst_info **host) -{ - struct krb5_krbhst_info *hi = *kd->index; - if(hi != NULL) { - *host = hi; - kd->index = &(*kd->index)->next; - return TRUE; - } - return FALSE; -} - -static void -srv_get_hosts(krb5_context context, struct krb5_krbhst_data *kd, - const char *proto, const char *service) -{ - krb5_krbhst_info **res; - int count, i; - - if (srv_find_realm(context, &res, &count, kd->realm, "SRV", proto, service, - kd->port)) - return; - for(i = 0; i < count; i++) - append_host_hostinfo(kd, res[i]); - free(res); -} - -/* - * read the configuration for `conf_string', defaulting to kd->def_port and - * forcing it to `kd->port' if kd->port != 0 - */ - -static void -config_get_hosts(krb5_context context, struct krb5_krbhst_data *kd, - const char *conf_string) -{ - int i; - - char **hostlist; - hostlist = krb5_config_get_strings(context, NULL, - "realms", kd->realm, conf_string, NULL); - - if(hostlist == NULL) - return; - kd->flags |= KD_CONFIG_EXISTS; - for(i = 0; hostlist && hostlist[i] != NULL; i++) - append_host_string(context, kd, hostlist[i], kd->def_port, kd->port); - - krb5_config_free_strings(hostlist); -} - -/* - * as a fallback, look for `serv_string.kd->realm' (typically - * kerberos.REALM, kerberos-1.REALM, ... - * `port' is the default port for the service, and `proto' the - * protocol - */ - -static krb5_error_code -fallback_get_hosts(krb5_context context, struct krb5_krbhst_data *kd, - const char *serv_string, int port, int proto) -{ - char *host; - int ret; - struct addrinfo *ai; - struct addrinfo hints; - char portstr[NI_MAXSERV]; - - /* - * Don't try forever in case the DNS server keep returning us - * entries (like wildcard entries or the .nu TLD) - */ - if(kd->fallback_count >= 5) { - kd->flags |= KD_FALLBACK; - return 0; - } - - if(kd->fallback_count == 0) - asprintf(&host, "%s.%s.", serv_string, kd->realm); - else - asprintf(&host, "%s-%d.%s.", - serv_string, kd->fallback_count, kd->realm); - - if (host == NULL) - return ENOMEM; - - make_hints(&hints, proto); - snprintf(portstr, sizeof(portstr), "%d", port); - ret = getaddrinfo(host, portstr, &hints, &ai); - if (ret) { - /* no more hosts, so we're done here */ - free(host); - kd->flags |= KD_FALLBACK; - } else { - struct krb5_krbhst_info *hi; - size_t hostlen = strlen(host); - - hi = calloc(1, sizeof(*hi) + hostlen); - if(hi == NULL) { - free(host); - return ENOMEM; - } - - hi->proto = proto; - hi->port = hi->def_port = port; - hi->ai = ai; - memmove(hi->hostname, host, hostlen); - hi->hostname[hostlen] = '\0'; - free(host); - append_host_hostinfo(kd, hi); - kd->fallback_count++; - } - return 0; -} - -/* - * Fetch hosts from plugin - */ - -static krb5_error_code -add_locate(void *ctx, int type, struct sockaddr *addr) -{ - struct krb5_krbhst_info *hi; - struct krb5_krbhst_data *kd = ctx; - char host[NI_MAXHOST], port[NI_MAXSERV]; - struct addrinfo hints, *ai; - socklen_t socklen; - size_t hostlen; - int ret; - - socklen = socket_sockaddr_size(addr); - - ret = getnameinfo(addr, socklen, host, sizeof(host), port, sizeof(port), - NI_NUMERICHOST|NI_NUMERICSERV); - if (ret != 0) - return 0; - - make_hints(&hints, krbhst_get_default_proto(kd)); - ret = getaddrinfo(host, port, &hints, &ai); - if (ret) - return 0; - - hostlen = strlen(host); - - hi = calloc(1, sizeof(*hi) + hostlen); - if(hi == NULL) - return ENOMEM; - - hi->proto = krbhst_get_default_proto(kd); - hi->port = hi->def_port = socket_get_port(addr); - hi->ai = ai; - memmove(hi->hostname, host, hostlen); - hi->hostname[hostlen] = '\0'; - append_host_hostinfo(kd, hi); - - return 0; -} - -static void -plugin_get_hosts(krb5_context context, - struct krb5_krbhst_data *kd, - enum locate_service_type type) -{ - struct krb5_plugin *list = NULL, *e; - krb5_error_code ret; - - ret = _krb5_plugin_find(context, PLUGIN_TYPE_DATA, "resolve", &list); - if(ret != 0 || list == NULL) - return; - - kd->flags |= KD_CONFIG_EXISTS; - - for (e = list; e != NULL; e = _krb5_plugin_get_next(e)) { - krb5plugin_service_locate_ftable *service; - void *ctx; - - service = _krb5_plugin_get_symbol(e); - if (service->minor_version != 0) - continue; - - (*service->init)(context, &ctx); - ret = (*service->lookup)(ctx, type, kd->realm, 0, 0, add_locate, kd); - (*service->fini)(ctx); - if (ret) { - krb5_set_error_string(context, "Plugin failed to lookup"); - break; - } - } - _krb5_plugin_free(list); -} - -/* - * - */ - -static krb5_error_code -kdc_get_next(krb5_context context, - struct krb5_krbhst_data *kd, - krb5_krbhst_info **host) -{ - krb5_error_code ret; - - if ((kd->flags & KD_PLUGIN) == 0) { - plugin_get_hosts(context, kd, locate_service_kdc); - kd->flags |= KD_PLUGIN; - if(get_next(kd, host)) - return 0; - } - - if((kd->flags & KD_CONFIG) == 0) { - config_get_hosts(context, kd, "kdc"); - kd->flags |= KD_CONFIG; - if(get_next(kd, host)) - return 0; - } - - if (kd->flags & KD_CONFIG_EXISTS) - return KRB5_KDC_UNREACH; /* XXX */ - - if(context->srv_lookup) { - if((kd->flags & KD_SRV_UDP) == 0 && (kd->flags & KD_LARGE_MSG) == 0) { - srv_get_hosts(context, kd, "udp", "kerberos"); - kd->flags |= KD_SRV_UDP; - if(get_next(kd, host)) - return 0; - } - - if((kd->flags & KD_SRV_TCP) == 0) { - srv_get_hosts(context, kd, "tcp", "kerberos"); - kd->flags |= KD_SRV_TCP; - if(get_next(kd, host)) - return 0; - } - if((kd->flags & KD_SRV_HTTP) == 0) { - srv_get_hosts(context, kd, "http", "kerberos"); - kd->flags |= KD_SRV_HTTP; - if(get_next(kd, host)) - return 0; - } - } - - while((kd->flags & KD_FALLBACK) == 0) { - ret = fallback_get_hosts(context, kd, "kerberos", - kd->def_port, - krbhst_get_default_proto(kd)); - if(ret) - return ret; - if(get_next(kd, host)) - return 0; - } - - return KRB5_KDC_UNREACH; /* XXX */ -} - -static krb5_error_code -admin_get_next(krb5_context context, - struct krb5_krbhst_data *kd, - krb5_krbhst_info **host) -{ - krb5_error_code ret; - - if ((kd->flags & KD_PLUGIN) == 0) { - plugin_get_hosts(context, kd, locate_service_kadmin); - kd->flags |= KD_PLUGIN; - if(get_next(kd, host)) - return 0; - } - - if((kd->flags & KD_CONFIG) == 0) { - config_get_hosts(context, kd, "admin_server"); - kd->flags |= KD_CONFIG; - if(get_next(kd, host)) - return 0; - } - - if (kd->flags & KD_CONFIG_EXISTS) - return KRB5_KDC_UNREACH; /* XXX */ - - if(context->srv_lookup) { - if((kd->flags & KD_SRV_TCP) == 0) { - srv_get_hosts(context, kd, "tcp", "kerberos-adm"); - kd->flags |= KD_SRV_TCP; - if(get_next(kd, host)) - return 0; - } - } - - if (krbhst_empty(kd) - && (kd->flags & KD_FALLBACK) == 0) { - ret = fallback_get_hosts(context, kd, "kerberos", - kd->def_port, - krbhst_get_default_proto(kd)); - if(ret) - return ret; - kd->flags |= KD_FALLBACK; - if(get_next(kd, host)) - return 0; - } - - return KRB5_KDC_UNREACH; /* XXX */ -} - -static krb5_error_code -kpasswd_get_next(krb5_context context, - struct krb5_krbhst_data *kd, - krb5_krbhst_info **host) -{ - krb5_error_code ret; - - if ((kd->flags & KD_PLUGIN) == 0) { - plugin_get_hosts(context, kd, locate_service_kpasswd); - kd->flags |= KD_PLUGIN; - if(get_next(kd, host)) - return 0; - } - - if((kd->flags & KD_CONFIG) == 0) { - config_get_hosts(context, kd, "kpasswd_server"); - kd->flags |= KD_CONFIG; - if(get_next(kd, host)) - return 0; - } - - if (kd->flags & KD_CONFIG_EXISTS) - return KRB5_KDC_UNREACH; /* XXX */ - - if(context->srv_lookup) { - if((kd->flags & KD_SRV_UDP) == 0) { - srv_get_hosts(context, kd, "udp", "kpasswd"); - kd->flags |= KD_SRV_UDP; - if(get_next(kd, host)) - return 0; - } - if((kd->flags & KD_SRV_TCP) == 0) { - srv_get_hosts(context, kd, "tcp", "kpasswd"); - kd->flags |= KD_SRV_TCP; - if(get_next(kd, host)) - return 0; - } - } - - /* no matches -> try admin */ - - if (krbhst_empty(kd)) { - kd->flags = 0; - kd->port = kd->def_port; - kd->get_next = admin_get_next; - ret = (*kd->get_next)(context, kd, host); - if (ret == 0) - (*host)->proto = krbhst_get_default_proto(kd); - return ret; - } - - return KRB5_KDC_UNREACH; /* XXX */ -} - -static krb5_error_code -krb524_get_next(krb5_context context, - struct krb5_krbhst_data *kd, - krb5_krbhst_info **host) -{ - if ((kd->flags & KD_PLUGIN) == 0) { - plugin_get_hosts(context, kd, locate_service_krb524); - kd->flags |= KD_PLUGIN; - if(get_next(kd, host)) - return 0; - } - - if((kd->flags & KD_CONFIG) == 0) { - config_get_hosts(context, kd, "krb524_server"); - if(get_next(kd, host)) - return 0; - kd->flags |= KD_CONFIG; - } - - if (kd->flags & KD_CONFIG_EXISTS) - return KRB5_KDC_UNREACH; /* XXX */ - - if(context->srv_lookup) { - if((kd->flags & KD_SRV_UDP) == 0) { - srv_get_hosts(context, kd, "udp", "krb524"); - kd->flags |= KD_SRV_UDP; - if(get_next(kd, host)) - return 0; - } - - if((kd->flags & KD_SRV_TCP) == 0) { - srv_get_hosts(context, kd, "tcp", "krb524"); - kd->flags |= KD_SRV_TCP; - if(get_next(kd, host)) - return 0; - } - } - - /* no matches -> try kdc */ - - if (krbhst_empty(kd)) { - kd->flags = 0; - kd->port = kd->def_port; - kd->get_next = kdc_get_next; - return (*kd->get_next)(context, kd, host); - } - - return KRB5_KDC_UNREACH; /* XXX */ -} - -static struct krb5_krbhst_data* -common_init(krb5_context context, - const char *realm, - int flags) -{ - struct krb5_krbhst_data *kd; - - if((kd = calloc(1, sizeof(*kd))) == NULL) - return NULL; - - if((kd->realm = strdup(realm)) == NULL) { - free(kd); - return NULL; - } - - /* For 'realms' without a . do not even think of going to DNS */ - if (!strchr(realm, '.')) - kd->flags |= KD_CONFIG_EXISTS; - - if (flags & KRB5_KRBHST_FLAGS_LARGE_MSG) - kd->flags |= KD_LARGE_MSG; - kd->end = kd->index = &kd->hosts; - return kd; -} - -/* - * initialize `handle' to look for hosts of type `type' in realm `realm' - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_krbhst_init(krb5_context context, - const char *realm, - unsigned int type, - krb5_krbhst_handle *handle) -{ - return krb5_krbhst_init_flags(context, realm, type, 0, handle); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_krbhst_init_flags(krb5_context context, - const char *realm, - unsigned int type, - int flags, - krb5_krbhst_handle *handle) -{ - struct krb5_krbhst_data *kd; - krb5_error_code (*next)(krb5_context, struct krb5_krbhst_data *, - krb5_krbhst_info **); - int def_port; - - switch(type) { - case KRB5_KRBHST_KDC: - next = kdc_get_next; - def_port = ntohs(krb5_getportbyname (context, "kerberos", "udp", 88)); - break; - case KRB5_KRBHST_ADMIN: - next = admin_get_next; - def_port = ntohs(krb5_getportbyname (context, "kerberos-adm", - "tcp", 749)); - break; - case KRB5_KRBHST_CHANGEPW: - next = kpasswd_get_next; - def_port = ntohs(krb5_getportbyname (context, "kpasswd", "udp", - KPASSWD_PORT)); - break; - case KRB5_KRBHST_KRB524: - next = krb524_get_next; - def_port = ntohs(krb5_getportbyname (context, "krb524", "udp", 4444)); - break; - default: - krb5_set_error_string(context, "unknown krbhst type (%u)", type); - return ENOTTY; - } - if((kd = common_init(context, realm, flags)) == NULL) - return ENOMEM; - kd->get_next = next; - kd->def_port = def_port; - *handle = kd; - return 0; -} - -/* - * return the next host information from `handle' in `host' - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_krbhst_next(krb5_context context, - krb5_krbhst_handle handle, - krb5_krbhst_info **host) -{ - if(get_next(handle, host)) - return 0; - - return (*handle->get_next)(context, handle, host); -} - -/* - * return the next host information from `handle' as a host name - * in `hostname' (or length `hostlen) - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_krbhst_next_as_string(krb5_context context, - krb5_krbhst_handle handle, - char *hostname, - size_t hostlen) -{ - krb5_error_code ret; - krb5_krbhst_info *host; - ret = krb5_krbhst_next(context, handle, &host); - if(ret) - return ret; - return krb5_krbhst_format_string(context, host, hostname, hostlen); -} - - -void KRB5_LIB_FUNCTION -krb5_krbhst_reset(krb5_context context, krb5_krbhst_handle handle) -{ - handle->index = &handle->hosts; -} - -void KRB5_LIB_FUNCTION -krb5_krbhst_free(krb5_context context, krb5_krbhst_handle handle) -{ - krb5_krbhst_info *h, *next; - - if (handle == NULL) - return; - - for (h = handle->hosts; h != NULL; h = next) { - next = h->next; - _krb5_free_krbhst_info(h); - } - - free(handle->realm); - free(handle); -} - -/* backwards compatibility ahead */ - -static krb5_error_code -gethostlist(krb5_context context, const char *realm, - unsigned int type, char ***hostlist) -{ - krb5_error_code ret; - int nhost = 0; - krb5_krbhst_handle handle; - char host[MAXHOSTNAMELEN]; - krb5_krbhst_info *hostinfo; - - ret = krb5_krbhst_init(context, realm, type, &handle); - if (ret) - return ret; - - while(krb5_krbhst_next(context, handle, &hostinfo) == 0) - nhost++; - if(nhost == 0) { - krb5_set_error_string(context, "No KDC found for realm %s", realm); - return KRB5_KDC_UNREACH; - } - *hostlist = calloc(nhost + 1, sizeof(**hostlist)); - if(*hostlist == NULL) { - krb5_krbhst_free(context, handle); - return ENOMEM; - } - - krb5_krbhst_reset(context, handle); - nhost = 0; - while(krb5_krbhst_next_as_string(context, handle, - host, sizeof(host)) == 0) { - if(((*hostlist)[nhost++] = strdup(host)) == NULL) { - krb5_free_krbhst(context, *hostlist); - krb5_krbhst_free(context, handle); - return ENOMEM; - } - } - (*hostlist)[nhost++] = NULL; - krb5_krbhst_free(context, handle); - return 0; -} - -/* - * return an malloced list of kadmin-hosts for `realm' in `hostlist' - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_krb_admin_hst (krb5_context context, - const krb5_realm *realm, - char ***hostlist) -{ - return gethostlist(context, *realm, KRB5_KRBHST_ADMIN, hostlist); -} - -/* - * return an malloced list of changepw-hosts for `realm' in `hostlist' - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_krb_changepw_hst (krb5_context context, - const krb5_realm *realm, - char ***hostlist) -{ - return gethostlist(context, *realm, KRB5_KRBHST_CHANGEPW, hostlist); -} - -/* - * return an malloced list of 524-hosts for `realm' in `hostlist' - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_krb524hst (krb5_context context, - const krb5_realm *realm, - char ***hostlist) -{ - return gethostlist(context, *realm, KRB5_KRBHST_KRB524, hostlist); -} - - -/* - * return an malloced list of KDC's for `realm' in `hostlist' - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_krbhst (krb5_context context, - const krb5_realm *realm, - char ***hostlist) -{ - return gethostlist(context, *realm, KRB5_KRBHST_KDC, hostlist); -} - -/* - * free all the memory allocated in `hostlist' - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_free_krbhst (krb5_context context, - char **hostlist) -{ - char **p; - - for (p = hostlist; *p; ++p) - free (*p); - free (hostlist); - return 0; -} diff --git a/crypto/heimdal/lib/krb5/kuserok.c b/crypto/heimdal/lib/krb5/kuserok.c deleted file mode 100644 index 8f0ff996960d..000000000000 --- a/crypto/heimdal/lib/krb5/kuserok.c +++ /dev/null @@ -1,262 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -#include - -RCSID("$Id: kuserok.c 16048 2005-09-09 10:33:33Z lha $"); - -/* see if principal is mentioned in the filename access file, return - TRUE (in result) if so, FALSE otherwise */ - -static krb5_error_code -check_one_file(krb5_context context, - const char *filename, - struct passwd *pwd, - krb5_principal principal, - krb5_boolean *result) -{ - FILE *f; - char buf[BUFSIZ]; - krb5_error_code ret; - struct stat st; - - *result = FALSE; - - f = fopen (filename, "r"); - if (f == NULL) - return errno; - - /* check type and mode of file */ - if (fstat(fileno(f), &st) != 0) { - fclose (f); - return errno; - } - if (S_ISDIR(st.st_mode)) { - fclose (f); - return EISDIR; - } - if (st.st_uid != pwd->pw_uid && st.st_uid != 0) { - fclose (f); - return EACCES; - } - if ((st.st_mode & (S_IWGRP | S_IWOTH)) != 0) { - fclose (f); - return EACCES; - } - - while (fgets (buf, sizeof(buf), f) != NULL) { - krb5_principal tmp; - char *newline = buf + strcspn(buf, "\n"); - - if(*newline != '\n') { - int c; - c = fgetc(f); - if(c != EOF) { - while(c != EOF && c != '\n') - c = fgetc(f); - /* line was too long, so ignore it */ - continue; - } - } - *newline = '\0'; - ret = krb5_parse_name (context, buf, &tmp); - if (ret) - continue; - *result = krb5_principal_compare (context, principal, tmp); - krb5_free_principal (context, tmp); - if (*result) { - fclose (f); - return 0; - } - } - fclose (f); - return 0; -} - -static krb5_error_code -check_directory(krb5_context context, - const char *dirname, - struct passwd *pwd, - krb5_principal principal, - krb5_boolean *result) -{ - DIR *d; - struct dirent *dent; - char filename[MAXPATHLEN]; - krb5_error_code ret = 0; - struct stat st; - - *result = FALSE; - - if(lstat(dirname, &st) < 0) - return errno; - - if (!S_ISDIR(st.st_mode)) - return ENOTDIR; - - if (st.st_uid != pwd->pw_uid && st.st_uid != 0) - return EACCES; - if ((st.st_mode & (S_IWGRP | S_IWOTH)) != 0) - return EACCES; - - if((d = opendir(dirname)) == NULL) - return errno; - -#ifdef HAVE_DIRFD - { - int fd; - struct stat st2; - - fd = dirfd(d); - if(fstat(fd, &st2) < 0) { - closedir(d); - return errno; - } - if(st.st_dev != st2.st_dev || st.st_ino != st2.st_ino) { - closedir(d); - return EACCES; - } - } -#endif - - while((dent = readdir(d)) != NULL) { - if(strcmp(dent->d_name, ".") == 0 || - strcmp(dent->d_name, "..") == 0 || - dent->d_name[0] == '#' || /* emacs autosave */ - dent->d_name[strlen(dent->d_name) - 1] == '~') /* emacs backup */ - continue; - snprintf(filename, sizeof(filename), "%s/%s", dirname, dent->d_name); - ret = check_one_file(context, filename, pwd, principal, result); - if(ret == 0 && *result == TRUE) - break; - ret = 0; /* don't propagate errors upstream */ - } - closedir(d); - return ret; -} - -static krb5_boolean -match_local_principals(krb5_context context, - krb5_principal principal, - const char *luser) -{ - krb5_error_code ret; - krb5_realm *realms, *r; - krb5_boolean result = FALSE; - - /* multi-component principals can never match */ - if(krb5_principal_get_comp_string(context, principal, 1) != NULL) - return FALSE; - - ret = krb5_get_default_realms (context, &realms); - if (ret) - return FALSE; - - for (r = realms; *r != NULL; ++r) { - if(strcmp(krb5_principal_get_realm(context, principal), - *r) != 0) - continue; - if(strcmp(krb5_principal_get_comp_string(context, principal, 0), - luser) == 0) { - result = TRUE; - break; - } - } - krb5_free_host_realm (context, realms); - return result; -} - -/** - * Return TRUE iff `principal' is allowed to login as `luser'. - */ - -krb5_boolean KRB5_LIB_FUNCTION -krb5_kuserok (krb5_context context, - krb5_principal principal, - const char *luser) -{ - char *buf; - size_t buflen; - struct passwd *pwd; - krb5_error_code ret; - krb5_boolean result = FALSE; - - krb5_boolean found_file = FALSE; - -#ifdef POSIX_GETPWNAM_R - char pwbuf[2048]; - struct passwd pw; - - if(getpwnam_r(luser, &pw, pwbuf, sizeof(pwbuf), &pwd) != 0) - return FALSE; -#else - pwd = getpwnam (luser); -#endif - if (pwd == NULL) - return FALSE; - -#define KLOGIN "/.k5login" - buflen = strlen(pwd->pw_dir) + sizeof(KLOGIN) + 2; /* 2 for .d */ - buf = malloc(buflen); - if(buf == NULL) - return FALSE; - /* check user's ~/.k5login */ - strlcpy(buf, pwd->pw_dir, buflen); - strlcat(buf, KLOGIN, buflen); - ret = check_one_file(context, buf, pwd, principal, &result); - - if(ret == 0 && result == TRUE) { - free(buf); - return TRUE; - } - - if(ret != ENOENT) - found_file = TRUE; - - strlcat(buf, ".d", buflen); - ret = check_directory(context, buf, pwd, principal, &result); - free(buf); - if(ret == 0 && result == TRUE) - return TRUE; - - if(ret != ENOENT && ret != ENOTDIR) - found_file = TRUE; - - /* finally if no files exist, allow all principals matching - @ */ - if(found_file == FALSE) - return match_local_principals(context, principal, luser); - - return FALSE; -} diff --git a/crypto/heimdal/lib/krb5/locate_plugin.h b/crypto/heimdal/lib/krb5/locate_plugin.h deleted file mode 100644 index 251712c8940d..000000000000 --- a/crypto/heimdal/lib/krb5/locate_plugin.h +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: locate_plugin.h 18998 2006-11-12 19:00:03Z lha $ */ - -#ifndef HEIMDAL_KRB5_LOCATE_PLUGIN_H -#define HEIMDAL_KRB5_LOCATE_PLUGIN_H 1 - -#include - -enum locate_service_type { - locate_service_kdc = 1, - locate_service_master_kdc, - locate_service_kadmin, - locate_service_krb524, - locate_service_kpasswd -}; - -typedef krb5_error_code -(*krb5plugin_service_locate_lookup) (void *, enum locate_service_type, - const char *, int, int, - int (*)(void *,int,struct sockaddr *), - void *); - - -typedef struct krb5plugin_service_locate_ftable { - int minor_version; - krb5_error_code (*init)(krb5_context, void **); - void (*fini)(void *); - krb5plugin_service_locate_lookup lookup; -} krb5plugin_service_locate_ftable; - -#endif /* HEIMDAL_KRB5_LOCATE_PLUGIN_H */ - diff --git a/crypto/heimdal/lib/krb5/log.c b/crypto/heimdal/lib/krb5/log.c deleted file mode 100644 index c04f50fd9aa8..000000000000 --- a/crypto/heimdal/lib/krb5/log.c +++ /dev/null @@ -1,471 +0,0 @@ -/* - * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: log.c 19088 2006-11-21 08:08:46Z lha $"); - -struct facility { - int min; - int max; - krb5_log_log_func_t log_func; - krb5_log_close_func_t close_func; - void *data; -}; - -static struct facility* -log_realloc(krb5_log_facility *f) -{ - struct facility *fp; - fp = realloc(f->val, (f->len + 1) * sizeof(*f->val)); - if(fp == NULL) - return NULL; - f->len++; - f->val = fp; - fp += f->len - 1; - return fp; -} - -struct s2i { - const char *s; - int val; -}; - -#define L(X) { #X, LOG_ ## X } - -static struct s2i syslogvals[] = { - L(EMERG), - L(ALERT), - L(CRIT), - L(ERR), - L(WARNING), - L(NOTICE), - L(INFO), - L(DEBUG), - - L(AUTH), -#ifdef LOG_AUTHPRIV - L(AUTHPRIV), -#endif -#ifdef LOG_CRON - L(CRON), -#endif - L(DAEMON), -#ifdef LOG_FTP - L(FTP), -#endif - L(KERN), - L(LPR), - L(MAIL), -#ifdef LOG_NEWS - L(NEWS), -#endif - L(SYSLOG), - L(USER), -#ifdef LOG_UUCP - L(UUCP), -#endif - L(LOCAL0), - L(LOCAL1), - L(LOCAL2), - L(LOCAL3), - L(LOCAL4), - L(LOCAL5), - L(LOCAL6), - L(LOCAL7), - { NULL, -1 } -}; - -static int -find_value(const char *s, struct s2i *table) -{ - while(table->s && strcasecmp(table->s, s)) - table++; - return table->val; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_initlog(krb5_context context, - const char *program, - krb5_log_facility **fac) -{ - krb5_log_facility *f = calloc(1, sizeof(*f)); - if(f == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - f->program = strdup(program); - if(f->program == NULL){ - free(f); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - *fac = f; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_addlog_func(krb5_context context, - krb5_log_facility *fac, - int min, - int max, - krb5_log_log_func_t log_func, - krb5_log_close_func_t close_func, - void *data) -{ - struct facility *fp = log_realloc(fac); - if(fp == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - fp->min = min; - fp->max = max; - fp->log_func = log_func; - fp->close_func = close_func; - fp->data = data; - return 0; -} - - -struct _heimdal_syslog_data{ - int priority; -}; - -static void -log_syslog(const char *timestr, - const char *msg, - void *data) - -{ - struct _heimdal_syslog_data *s = data; - syslog(s->priority, "%s", msg); -} - -static void -close_syslog(void *data) -{ - free(data); - closelog(); -} - -static krb5_error_code -open_syslog(krb5_context context, - krb5_log_facility *facility, int min, int max, - const char *sev, const char *fac) -{ - struct _heimdal_syslog_data *sd = malloc(sizeof(*sd)); - int i; - - if(sd == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - i = find_value(sev, syslogvals); - if(i == -1) - i = LOG_ERR; - sd->priority = i; - i = find_value(fac, syslogvals); - if(i == -1) - i = LOG_AUTH; - sd->priority |= i; - roken_openlog(facility->program, LOG_PID | LOG_NDELAY, i); - return krb5_addlog_func(context, facility, min, max, - log_syslog, close_syslog, sd); -} - -struct file_data{ - const char *filename; - const char *mode; - FILE *fd; - int keep_open; -}; - -static void -log_file(const char *timestr, - const char *msg, - void *data) -{ - struct file_data *f = data; - if(f->keep_open == 0) - f->fd = fopen(f->filename, f->mode); - if(f->fd == NULL) - return; - fprintf(f->fd, "%s %s\n", timestr, msg); - if(f->keep_open == 0) { - fclose(f->fd); - f->fd = NULL; - } -} - -static void -close_file(void *data) -{ - struct file_data *f = data; - if(f->keep_open && f->filename) - fclose(f->fd); - free(data); -} - -static krb5_error_code -open_file(krb5_context context, krb5_log_facility *fac, int min, int max, - const char *filename, const char *mode, FILE *f, int keep_open) -{ - struct file_data *fd = malloc(sizeof(*fd)); - if(fd == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - fd->filename = filename; - fd->mode = mode; - fd->fd = f; - fd->keep_open = keep_open; - - return krb5_addlog_func(context, fac, min, max, log_file, close_file, fd); -} - - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_addlog_dest(krb5_context context, krb5_log_facility *f, const char *orig) -{ - krb5_error_code ret = 0; - int min = 0, max = -1, n; - char c; - const char *p = orig; - - n = sscanf(p, "%d%c%d/", &min, &c, &max); - if(n == 2){ - if(c == '/') { - if(min < 0){ - max = -min; - min = 0; - }else{ - max = min; - } - } - } - if(n){ - p = strchr(p, '/'); - if(p == NULL) { - krb5_set_error_string (context, "failed to parse \"%s\"", orig); - return HEIM_ERR_LOG_PARSE; - } - p++; - } - if(strcmp(p, "STDERR") == 0){ - ret = open_file(context, f, min, max, NULL, NULL, stderr, 1); - }else if(strcmp(p, "CONSOLE") == 0){ - ret = open_file(context, f, min, max, "/dev/console", "w", NULL, 0); - }else if(strncmp(p, "FILE", 4) == 0 && (p[4] == ':' || p[4] == '=')){ - char *fn; - FILE *file = NULL; - int keep_open = 0; - fn = strdup(p + 5); - if(fn == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - if(p[4] == '='){ - int i = open(fn, O_WRONLY | O_CREAT | - O_TRUNC | O_APPEND, 0666); - if(i < 0) { - ret = errno; - krb5_set_error_string (context, "open(%s): %s", fn, - strerror(ret)); - free(fn); - return ret; - } - file = fdopen(i, "a"); - if(file == NULL){ - ret = errno; - close(i); - krb5_set_error_string (context, "fdopen(%s): %s", fn, - strerror(ret)); - free(fn); - return ret; - } - keep_open = 1; - } - ret = open_file(context, f, min, max, fn, "a", file, keep_open); - }else if(strncmp(p, "DEVICE", 6) == 0 && (p[6] == ':' || p[6] == '=')){ - ret = open_file(context, f, min, max, strdup(p + 7), "w", NULL, 0); - }else if(strncmp(p, "SYSLOG", 6) == 0 && (p[6] == '\0' || p[6] == ':')){ - char severity[128] = ""; - char facility[128] = ""; - p += 6; - if(*p != '\0') - p++; - if(strsep_copy(&p, ":", severity, sizeof(severity)) != -1) - strsep_copy(&p, ":", facility, sizeof(facility)); - if(*severity == '\0') - strlcpy(severity, "ERR", sizeof(severity)); - if(*facility == '\0') - strlcpy(facility, "AUTH", sizeof(facility)); - ret = open_syslog(context, f, min, max, severity, facility); - }else{ - krb5_set_error_string (context, "unknown log type: %s", p); - ret = HEIM_ERR_LOG_PARSE; /* XXX */ - } - return ret; -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_openlog(krb5_context context, - const char *program, - krb5_log_facility **fac) -{ - krb5_error_code ret; - char **p, **q; - - ret = krb5_initlog(context, program, fac); - if(ret) - return ret; - - p = krb5_config_get_strings(context, NULL, "logging", program, NULL); - if(p == NULL) - p = krb5_config_get_strings(context, NULL, "logging", "default", NULL); - if(p){ - for(q = p; *q; q++) - ret = krb5_addlog_dest(context, *fac, *q); - krb5_config_free_strings(p); - }else - ret = krb5_addlog_dest(context, *fac, "SYSLOG"); - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_closelog(krb5_context context, - krb5_log_facility *fac) -{ - int i; - for(i = 0; i < fac->len; i++) - (*fac->val[i].close_func)(fac->val[i].data); - free(fac->val); - free(fac->program); - fac->val = NULL; - fac->len = 0; - fac->program = NULL; - free(fac); - return 0; -} - -#undef __attribute__ -#define __attribute__(X) - -krb5_error_code KRB5_LIB_FUNCTION -krb5_vlog_msg(krb5_context context, - krb5_log_facility *fac, - char **reply, - int level, - const char *fmt, - va_list ap) - __attribute__((format (printf, 5, 0))) -{ - - char *msg = NULL; - const char *actual = NULL; - char buf[64]; - time_t t = 0; - int i; - - for(i = 0; fac && i < fac->len; i++) - if(fac->val[i].min <= level && - (fac->val[i].max < 0 || fac->val[i].max >= level)) { - if(t == 0) { - t = time(NULL); - krb5_format_time(context, t, buf, sizeof(buf), TRUE); - } - if(actual == NULL) { - vasprintf(&msg, fmt, ap); - if(msg == NULL) - actual = fmt; - else - actual = msg; - } - (*fac->val[i].log_func)(buf, actual, fac->val[i].data); - } - if(reply == NULL) - free(msg); - else - *reply = msg; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_vlog(krb5_context context, - krb5_log_facility *fac, - int level, - const char *fmt, - va_list ap) - __attribute__((format (printf, 4, 0))) -{ - return krb5_vlog_msg(context, fac, NULL, level, fmt, ap); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_log_msg(krb5_context context, - krb5_log_facility *fac, - int level, - char **reply, - const char *fmt, - ...) - __attribute__((format (printf, 5, 6))) -{ - va_list ap; - krb5_error_code ret; - - va_start(ap, fmt); - ret = krb5_vlog_msg(context, fac, reply, level, fmt, ap); - va_end(ap); - return ret; -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_log(krb5_context context, - krb5_log_facility *fac, - int level, - const char *fmt, - ...) - __attribute__((format (printf, 4, 5))) -{ - va_list ap; - krb5_error_code ret; - - va_start(ap, fmt); - ret = krb5_vlog(context, fac, level, fmt, ap); - va_end(ap); - return ret; -} - diff --git a/crypto/heimdal/lib/krb5/mcache.c b/crypto/heimdal/lib/krb5/mcache.c deleted file mode 100644 index 01bcb09d3bea..000000000000 --- a/crypto/heimdal/lib/krb5/mcache.c +++ /dev/null @@ -1,477 +0,0 @@ -/* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: mcache.c 22107 2007-12-03 17:22:51Z lha $"); - -typedef struct krb5_mcache { - char *name; - unsigned int refcnt; - int dead; - krb5_principal primary_principal; - struct link { - krb5_creds cred; - struct link *next; - } *creds; - struct krb5_mcache *next; -} krb5_mcache; - -static HEIMDAL_MUTEX mcc_mutex = HEIMDAL_MUTEX_INITIALIZER; -static struct krb5_mcache *mcc_head; - -#define MCACHE(X) ((krb5_mcache *)(X)->data.data) - -#define MISDEAD(X) ((X)->dead) - -static const char* -mcc_get_name(krb5_context context, - krb5_ccache id) -{ - return MCACHE(id)->name; -} - -static krb5_mcache * -mcc_alloc(const char *name) -{ - krb5_mcache *m, *m_c; - - ALLOC(m, 1); - if(m == NULL) - return NULL; - if(name == NULL) - asprintf(&m->name, "%p", m); - else - m->name = strdup(name); - if(m->name == NULL) { - free(m); - return NULL; - } - /* check for dups first */ - HEIMDAL_MUTEX_lock(&mcc_mutex); - for (m_c = mcc_head; m_c != NULL; m_c = m_c->next) - if (strcmp(m->name, m_c->name) == 0) - break; - if (m_c) { - free(m->name); - free(m); - HEIMDAL_MUTEX_unlock(&mcc_mutex); - return NULL; - } - - m->dead = 0; - m->refcnt = 1; - m->primary_principal = NULL; - m->creds = NULL; - m->next = mcc_head; - mcc_head = m; - HEIMDAL_MUTEX_unlock(&mcc_mutex); - return m; -} - -static krb5_error_code -mcc_resolve(krb5_context context, krb5_ccache *id, const char *res) -{ - krb5_mcache *m; - - HEIMDAL_MUTEX_lock(&mcc_mutex); - for (m = mcc_head; m != NULL; m = m->next) - if (strcmp(m->name, res) == 0) - break; - HEIMDAL_MUTEX_unlock(&mcc_mutex); - - if (m != NULL) { - m->refcnt++; - (*id)->data.data = m; - (*id)->data.length = sizeof(*m); - return 0; - } - - m = mcc_alloc(res); - if (m == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return KRB5_CC_NOMEM; - } - - (*id)->data.data = m; - (*id)->data.length = sizeof(*m); - - return 0; -} - - -static krb5_error_code -mcc_gen_new(krb5_context context, krb5_ccache *id) -{ - krb5_mcache *m; - - m = mcc_alloc(NULL); - - if (m == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return KRB5_CC_NOMEM; - } - - (*id)->data.data = m; - (*id)->data.length = sizeof(*m); - - return 0; -} - -static krb5_error_code -mcc_initialize(krb5_context context, - krb5_ccache id, - krb5_principal primary_principal) -{ - krb5_mcache *m = MCACHE(id); - m->dead = 0; - return krb5_copy_principal (context, - primary_principal, - &m->primary_principal); -} - -static int -mcc_close_internal(krb5_mcache *m) -{ - if (--m->refcnt != 0) - return 0; - - if (MISDEAD(m)) { - free (m->name); - return 1; - } - return 0; -} - -static krb5_error_code -mcc_close(krb5_context context, - krb5_ccache id) -{ - if (mcc_close_internal(MCACHE(id))) - krb5_data_free(&id->data); - return 0; -} - -static krb5_error_code -mcc_destroy(krb5_context context, - krb5_ccache id) -{ - krb5_mcache **n, *m = MCACHE(id); - struct link *l; - - if (m->refcnt == 0) - krb5_abortx(context, "mcc_destroy: refcnt already 0"); - - if (!MISDEAD(m)) { - /* if this is an active mcache, remove it from the linked - list, and free all data */ - HEIMDAL_MUTEX_lock(&mcc_mutex); - for(n = &mcc_head; n && *n; n = &(*n)->next) { - if(m == *n) { - *n = m->next; - break; - } - } - HEIMDAL_MUTEX_unlock(&mcc_mutex); - if (m->primary_principal != NULL) { - krb5_free_principal (context, m->primary_principal); - m->primary_principal = NULL; - } - m->dead = 1; - - l = m->creds; - while (l != NULL) { - struct link *old; - - krb5_free_cred_contents (context, &l->cred); - old = l; - l = l->next; - free (old); - } - m->creds = NULL; - } - return 0; -} - -static krb5_error_code -mcc_store_cred(krb5_context context, - krb5_ccache id, - krb5_creds *creds) -{ - krb5_mcache *m = MCACHE(id); - krb5_error_code ret; - struct link *l; - - if (MISDEAD(m)) - return ENOENT; - - l = malloc (sizeof(*l)); - if (l == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return KRB5_CC_NOMEM; - } - l->next = m->creds; - m->creds = l; - memset (&l->cred, 0, sizeof(l->cred)); - ret = krb5_copy_creds_contents (context, creds, &l->cred); - if (ret) { - m->creds = l->next; - free (l); - return ret; - } - return 0; -} - -static krb5_error_code -mcc_get_principal(krb5_context context, - krb5_ccache id, - krb5_principal *principal) -{ - krb5_mcache *m = MCACHE(id); - - if (MISDEAD(m) || m->primary_principal == NULL) - return ENOENT; - return krb5_copy_principal (context, - m->primary_principal, - principal); -} - -static krb5_error_code -mcc_get_first (krb5_context context, - krb5_ccache id, - krb5_cc_cursor *cursor) -{ - krb5_mcache *m = MCACHE(id); - - if (MISDEAD(m)) - return ENOENT; - - *cursor = m->creds; - return 0; -} - -static krb5_error_code -mcc_get_next (krb5_context context, - krb5_ccache id, - krb5_cc_cursor *cursor, - krb5_creds *creds) -{ - krb5_mcache *m = MCACHE(id); - struct link *l; - - if (MISDEAD(m)) - return ENOENT; - - l = *cursor; - if (l != NULL) { - *cursor = l->next; - return krb5_copy_creds_contents (context, - &l->cred, - creds); - } else - return KRB5_CC_END; -} - -static krb5_error_code -mcc_end_get (krb5_context context, - krb5_ccache id, - krb5_cc_cursor *cursor) -{ - return 0; -} - -static krb5_error_code -mcc_remove_cred(krb5_context context, - krb5_ccache id, - krb5_flags which, - krb5_creds *mcreds) -{ - krb5_mcache *m = MCACHE(id); - struct link **q, *p; - for(q = &m->creds, p = *q; p; p = *q) { - if(krb5_compare_creds(context, which, mcreds, &p->cred)) { - *q = p->next; - krb5_free_cred_contents(context, &p->cred); - free(p); - } else - q = &p->next; - } - return 0; -} - -static krb5_error_code -mcc_set_flags(krb5_context context, - krb5_ccache id, - krb5_flags flags) -{ - return 0; /* XXX */ -} - -struct mcache_iter { - krb5_mcache *cache; -}; - -static krb5_error_code -mcc_get_cache_first(krb5_context context, krb5_cc_cursor *cursor) -{ - struct mcache_iter *iter; - - iter = calloc(1, sizeof(*iter)); - if (iter == NULL) { - krb5_set_error_string(context, "malloc - out of memory"); - return ENOMEM; - } - - HEIMDAL_MUTEX_lock(&mcc_mutex); - iter->cache = mcc_head; - if (iter->cache) - iter->cache->refcnt++; - HEIMDAL_MUTEX_unlock(&mcc_mutex); - - *cursor = iter; - return 0; -} - -static krb5_error_code -mcc_get_cache_next(krb5_context context, krb5_cc_cursor cursor, krb5_ccache *id) -{ - struct mcache_iter *iter = cursor; - krb5_error_code ret; - krb5_mcache *m; - - if (iter->cache == NULL) - return KRB5_CC_END; - - HEIMDAL_MUTEX_lock(&mcc_mutex); - m = iter->cache; - if (m->next) - m->next->refcnt++; - iter->cache = m->next; - HEIMDAL_MUTEX_unlock(&mcc_mutex); - - ret = _krb5_cc_allocate(context, &krb5_mcc_ops, id); - if (ret) - return ret; - - (*id)->data.data = m; - (*id)->data.length = sizeof(*m); - - return 0; -} - -static krb5_error_code -mcc_end_cache_get(krb5_context context, krb5_cc_cursor cursor) -{ - struct mcache_iter *iter = cursor; - - if (iter->cache) - mcc_close_internal(iter->cache); - iter->cache = NULL; - free(iter); - return 0; -} - -static krb5_error_code -mcc_move(krb5_context context, krb5_ccache from, krb5_ccache to) -{ - krb5_mcache *mfrom = MCACHE(from), *mto = MCACHE(to); - struct link *creds; - krb5_principal principal; - krb5_mcache **n; - - HEIMDAL_MUTEX_lock(&mcc_mutex); - - /* drop the from cache from the linked list to avoid lookups */ - for(n = &mcc_head; n && *n; n = &(*n)->next) { - if(mfrom == *n) { - *n = mfrom->next; - break; - } - } - - /* swap creds */ - creds = mto->creds; - mto->creds = mfrom->creds; - mfrom->creds = creds; - /* swap principal */ - principal = mto->primary_principal; - mto->primary_principal = mfrom->primary_principal; - mfrom->primary_principal = principal; - - HEIMDAL_MUTEX_unlock(&mcc_mutex); - mcc_destroy(context, from); - - return 0; -} - -static krb5_error_code -mcc_default_name(krb5_context context, char **str) -{ - *str = strdup("MEMORY:"); - if (*str == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - return 0; -} - - -/** - * Variable containing the MEMORY based credential cache implemention. - * - * @ingroup krb5_ccache - */ - -const krb5_cc_ops krb5_mcc_ops = { - "MEMORY", - mcc_get_name, - mcc_resolve, - mcc_gen_new, - mcc_initialize, - mcc_destroy, - mcc_close, - mcc_store_cred, - NULL, /* mcc_retrieve */ - mcc_get_principal, - mcc_get_first, - mcc_get_next, - mcc_end_get, - mcc_remove_cred, - mcc_set_flags, - NULL, - mcc_get_cache_first, - mcc_get_cache_next, - mcc_end_cache_get, - mcc_move, - mcc_default_name -}; diff --git a/crypto/heimdal/lib/krb5/misc.c b/crypto/heimdal/lib/krb5/misc.c deleted file mode 100644 index 8050bdb9b467..000000000000 --- a/crypto/heimdal/lib/krb5/misc.c +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: misc.c 21174 2007-06-19 10:10:58Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_s4u2self_to_checksumdata(krb5_context context, - const PA_S4U2Self *self, - krb5_data *data) -{ - krb5_error_code ret; - krb5_ssize_t ssize; - krb5_storage *sp; - size_t size; - int i; - - sp = krb5_storage_emem(); - if (sp == NULL) { - krb5_clear_error_string(context); - return ENOMEM; - } - krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE); - ret = krb5_store_int32(sp, self->name.name_type); - if (ret) - goto out; - for (i = 0; i < self->name.name_string.len; i++) { - size = strlen(self->name.name_string.val[i]); - ssize = krb5_storage_write(sp, self->name.name_string.val[i], size); - if (ssize != size) { - ret = ENOMEM; - goto out; - } - } - size = strlen(self->realm); - ssize = krb5_storage_write(sp, self->realm, size); - if (ssize != size) { - ret = ENOMEM; - goto out; - } - size = strlen(self->auth); - ssize = krb5_storage_write(sp, self->auth, size); - if (ssize != size) { - ret = ENOMEM; - goto out; - } - - ret = krb5_storage_to_data(sp, data); - krb5_storage_free(sp); - return ret; - -out: - krb5_clear_error_string(context); - return ret; -} diff --git a/crypto/heimdal/lib/krb5/mit_glue.c b/crypto/heimdal/lib/krb5/mit_glue.c deleted file mode 100644 index 7440d5476279..000000000000 --- a/crypto/heimdal/lib/krb5/mit_glue.c +++ /dev/null @@ -1,369 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -RCSID("$Id: mit_glue.c 20042 2007-01-23 20:37:43Z lha $"); - -/* - * Glue for MIT API - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_make_checksum(krb5_context context, - krb5_cksumtype cksumtype, - const krb5_keyblock *key, - krb5_keyusage usage, - const krb5_data *input, - krb5_checksum *cksum) -{ - krb5_error_code ret; - krb5_crypto crypto; - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) - return ret; - - ret = krb5_create_checksum(context, crypto, usage, cksumtype, - input->data, input->length, cksum); - krb5_crypto_destroy(context, crypto); - - return ret ; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_verify_checksum(krb5_context context, const krb5_keyblock *key, - krb5_keyusage usage, const krb5_data *data, - const krb5_checksum *cksum, krb5_boolean *valid) -{ - krb5_error_code ret; - krb5_checksum data_cksum; - - *valid = 0; - - ret = krb5_c_make_checksum(context, cksum->cksumtype, - key, usage, data, &data_cksum); - if (ret) - return ret; - - if (data_cksum.cksumtype == cksum->cksumtype - && data_cksum.checksum.length == cksum->checksum.length - && memcmp(data_cksum.checksum.data, cksum->checksum.data, cksum->checksum.length) == 0) - *valid = 1; - - krb5_free_checksum_contents(context, &data_cksum); - - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_get_checksum(krb5_context context, const krb5_checksum *cksum, - krb5_cksumtype *type, krb5_data **data) -{ - krb5_error_code ret; - - if (type) - *type = cksum->cksumtype; - if (data) { - *data = malloc(sizeof(**data)); - if (*data == NULL) - return ENOMEM; - - ret = der_copy_octet_string(&cksum->checksum, *data); - if (ret) { - free(*data); - *data = NULL; - return ret; - } - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_set_checksum(krb5_context context, krb5_checksum *cksum, - krb5_cksumtype type, const krb5_data *data) -{ - cksum->cksumtype = type; - return der_copy_octet_string(data, &cksum->checksum); -} - -void KRB5_LIB_FUNCTION -krb5_free_checksum (krb5_context context, krb5_checksum *cksum) -{ - krb5_checksum_free(context, cksum); - free(cksum); -} - -void KRB5_LIB_FUNCTION -krb5_free_checksum_contents(krb5_context context, krb5_checksum *cksum) -{ - krb5_checksum_free(context, cksum); - memset(cksum, 0, sizeof(*cksum)); -} - -void KRB5_LIB_FUNCTION -krb5_checksum_free(krb5_context context, krb5_checksum *cksum) -{ - free_Checksum(cksum); -} - -krb5_boolean KRB5_LIB_FUNCTION -krb5_c_valid_enctype (krb5_enctype etype) -{ - return krb5_enctype_valid(NULL, etype); -} - -krb5_boolean KRB5_LIB_FUNCTION -krb5_c_valid_cksumtype(krb5_cksumtype ctype) -{ - return krb5_cksumtype_valid(NULL, ctype); -} - -krb5_boolean KRB5_LIB_FUNCTION -krb5_c_is_coll_proof_cksum(krb5_cksumtype ctype) -{ - return krb5_checksum_is_collision_proof(NULL, ctype); -} - -krb5_boolean KRB5_LIB_FUNCTION -krb5_c_is_keyed_cksum(krb5_cksumtype ctype) -{ - return krb5_checksum_is_keyed(NULL, ctype); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_checksum (krb5_context context, - const krb5_checksum *old, - krb5_checksum **new) -{ - *new = malloc(sizeof(**new)); - if (*new == NULL) - return ENOMEM; - return copy_Checksum(old, *new); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_checksum_length (krb5_context context, krb5_cksumtype cksumtype, - size_t *length) -{ - return krb5_checksumsize(context, cksumtype, length); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_block_size(krb5_context context, - krb5_enctype enctype, - size_t *blocksize) -{ - krb5_error_code ret; - krb5_crypto crypto; - krb5_keyblock key; - - ret = krb5_generate_random_keyblock(context, enctype, &key); - if (ret) - return ret; - - ret = krb5_crypto_init(context, &key, 0, &crypto); - krb5_free_keyblock_contents(context, &key); - if (ret) - return ret; - ret = krb5_crypto_getblocksize(context, crypto, blocksize); - krb5_crypto_destroy(context, crypto); - - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_decrypt(krb5_context context, - const krb5_keyblock key, - krb5_keyusage usage, - const krb5_data *ivec, - krb5_enc_data *input, - krb5_data *output) -{ - krb5_error_code ret; - krb5_crypto crypto; - - ret = krb5_crypto_init(context, &key, input->enctype, &crypto); - if (ret) - return ret; - - if (ivec) { - size_t blocksize; - - ret = krb5_crypto_getblocksize(context, crypto, &blocksize); - if (ret) { - krb5_crypto_destroy(context, crypto); - return ret; - } - - if (blocksize > ivec->length) { - krb5_crypto_destroy(context, crypto); - return KRB5_BAD_MSIZE; - } - } - - ret = krb5_decrypt_ivec(context, crypto, usage, - input->ciphertext.data, input->ciphertext.length, - output, - ivec ? ivec->data : NULL); - - krb5_crypto_destroy(context, crypto); - - return ret ; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_encrypt(krb5_context context, - const krb5_keyblock *key, - krb5_keyusage usage, - const krb5_data *ivec, - const krb5_data *input, - krb5_enc_data *output) -{ - krb5_error_code ret; - krb5_crypto crypto; - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) - return ret; - - if (ivec) { - size_t blocksize; - - ret = krb5_crypto_getblocksize(context, crypto, &blocksize); - if (ret) { - krb5_crypto_destroy(context, crypto); - return ret; - } - - if (blocksize > ivec->length) { - krb5_crypto_destroy(context, crypto); - return KRB5_BAD_MSIZE; - } - } - - ret = krb5_encrypt_ivec(context, crypto, usage, - input->data, input->length, - &output->ciphertext, - ivec ? ivec->data : NULL); - output->kvno = 0; - krb5_crypto_getenctype(context, crypto, &output->enctype); - - krb5_crypto_destroy(context, crypto); - - return ret ; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_encrypt_length(krb5_context context, - krb5_enctype enctype, - size_t inputlen, - size_t *length) -{ - krb5_error_code ret; - krb5_crypto crypto; - krb5_keyblock key; - - ret = krb5_generate_random_keyblock(context, enctype, &key); - if (ret) - return ret; - - ret = krb5_crypto_init(context, &key, 0, &crypto); - krb5_free_keyblock_contents(context, &key); - if (ret) - return ret; - - *length = krb5_get_wrapped_length(context, crypto, inputlen); - krb5_crypto_destroy(context, crypto); - - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_enctype_compare(krb5_context context, - krb5_enctype e1, - krb5_enctype e2, - krb5_boolean *similar) -{ - *similar = krb5_enctypes_compatible_keys(context, e1, e2); - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_make_random_key(krb5_context context, - krb5_enctype enctype, - krb5_keyblock *random_key) -{ - return krb5_generate_random_keyblock(context, enctype, random_key); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_keylengths(krb5_context context, - krb5_enctype enctype, - size_t *ilen, - size_t *keylen) -{ - krb5_error_code ret; - - ret = krb5_enctype_keybits(context, enctype, ilen); - if (ret) - return ret; - *ilen = (*ilen + 7) / 8; - return krb5_enctype_keysize(context, enctype, keylen); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_prf_length(krb5_context context, - krb5_enctype type, - size_t *length) -{ - return krb5_crypto_prf_length(context, type, length); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_c_prf(krb5_context context, - const krb5_keyblock *key, - const krb5_data *input, - krb5_data *output) -{ - krb5_crypto crypto; - krb5_error_code ret; - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) - return ret; - - ret = krb5_crypto_prf(context, crypto, input, output); - krb5_crypto_destroy(context, crypto); - - return ret; -} diff --git a/crypto/heimdal/lib/krb5/mk_error.c b/crypto/heimdal/lib/krb5/mk_error.c deleted file mode 100644 index 704664993435..000000000000 --- a/crypto/heimdal/lib/krb5/mk_error.c +++ /dev/null @@ -1,92 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: mk_error.c 15457 2005-06-16 21:16:40Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_mk_error(krb5_context context, - krb5_error_code error_code, - const char *e_text, - const krb5_data *e_data, - const krb5_principal client, - const krb5_principal server, - time_t *client_time, - int *client_usec, - krb5_data *reply) -{ - KRB_ERROR msg; - krb5_timestamp sec; - int32_t usec; - size_t len; - krb5_error_code ret = 0; - - krb5_us_timeofday (context, &sec, &usec); - - memset(&msg, 0, sizeof(msg)); - msg.pvno = 5; - msg.msg_type = krb_error; - msg.stime = sec; - msg.susec = usec; - msg.ctime = client_time; - msg.cusec = client_usec; - /* Make sure we only send `protocol' error codes */ - if(error_code < KRB5KDC_ERR_NONE || error_code >= KRB5_ERR_RCSID) { - if(e_text == NULL) - e_text = krb5_get_err_text(context, error_code); - error_code = KRB5KRB_ERR_GENERIC; - } - msg.error_code = error_code - KRB5KDC_ERR_NONE; - if (e_text) - msg.e_text = rk_UNCONST(&e_text); - if (e_data) - msg.e_data = rk_UNCONST(e_data); - if(server){ - msg.realm = server->realm; - msg.sname = server->name; - }else{ - msg.realm = ""; - } - if(client){ - msg.crealm = &client->realm; - msg.cname = &client->name; - } - - ASN1_MALLOC_ENCODE(KRB_ERROR, reply->data, reply->length, &msg, &len, ret); - if (ret) - return ret; - if(reply->length != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - return 0; -} diff --git a/crypto/heimdal/lib/krb5/mk_priv.c b/crypto/heimdal/lib/krb5/mk_priv.c deleted file mode 100644 index 87e429af8cba..000000000000 --- a/crypto/heimdal/lib/krb5/mk_priv.c +++ /dev/null @@ -1,155 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: mk_priv.c 16680 2006-02-01 12:39:26Z lha $"); - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_mk_priv(krb5_context context, - krb5_auth_context auth_context, - const krb5_data *userdata, - krb5_data *outbuf, - krb5_replay_data *outdata) -{ - krb5_error_code ret; - KRB_PRIV s; - EncKrbPrivPart part; - u_char *buf = NULL; - size_t buf_size; - size_t len; - krb5_crypto crypto; - krb5_keyblock *key; - krb5_replay_data rdata; - - if ((auth_context->flags & - (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE)) && - outdata == NULL) - return KRB5_RC_REQUIRED; /* XXX better error, MIT returns this */ - - if (auth_context->local_subkey) - key = auth_context->local_subkey; - else if (auth_context->remote_subkey) - key = auth_context->remote_subkey; - else - key = auth_context->keyblock; - - memset(&rdata, 0, sizeof(rdata)); - - part.user_data = *userdata; - - krb5_us_timeofday (context, &rdata.timestamp, &rdata.usec); - - if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) { - part.timestamp = &rdata.timestamp; - part.usec = &rdata.usec; - } else { - part.timestamp = NULL; - part.usec = NULL; - } - - if (auth_context->flags & KRB5_AUTH_CONTEXT_RET_TIME) { - outdata->timestamp = rdata.timestamp; - outdata->usec = rdata.usec; - } - - if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { - rdata.seq = auth_context->local_seqnumber; - part.seq_number = &rdata.seq; - } else - part.seq_number = NULL; - - if (auth_context->flags & KRB5_AUTH_CONTEXT_RET_SEQUENCE) - outdata->seq = auth_context->local_seqnumber; - - part.s_address = auth_context->local_address; - part.r_address = auth_context->remote_address; - - krb5_data_zero (&s.enc_part.cipher); - - ASN1_MALLOC_ENCODE(EncKrbPrivPart, buf, buf_size, &part, &len, ret); - if (ret) - goto fail; - if (buf_size != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - - s.pvno = 5; - s.msg_type = krb_priv; - s.enc_part.etype = key->keytype; - s.enc_part.kvno = NULL; - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) { - free (buf); - return ret; - } - ret = krb5_encrypt (context, - crypto, - KRB5_KU_KRB_PRIV, - buf + buf_size - len, - len, - &s.enc_part.cipher); - krb5_crypto_destroy(context, crypto); - if (ret) { - free(buf); - return ret; - } - free(buf); - - - ASN1_MALLOC_ENCODE(KRB_PRIV, buf, buf_size, &s, &len, ret); - if (ret) - goto fail; - if (buf_size != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - - krb5_data_free (&s.enc_part.cipher); - - ret = krb5_data_copy(outbuf, buf + buf_size - len, len); - if (ret) { - krb5_set_error_string (context, "malloc: out of memory"); - free(buf); - return ENOMEM; - } - free (buf); - if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) - auth_context->local_seqnumber = - (auth_context->local_seqnumber + 1) & 0xFFFFFFFF; - return 0; - - fail: - free (buf); - krb5_data_free (&s.enc_part.cipher); - return ret; -} diff --git a/crypto/heimdal/lib/krb5/mk_rep.c b/crypto/heimdal/lib/krb5/mk_rep.c deleted file mode 100644 index 570a83720132..000000000000 --- a/crypto/heimdal/lib/krb5/mk_rep.c +++ /dev/null @@ -1,126 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: mk_rep.c 13863 2004-05-25 21:46:46Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_mk_rep(krb5_context context, - krb5_auth_context auth_context, - krb5_data *outbuf) -{ - krb5_error_code ret; - AP_REP ap; - EncAPRepPart body; - u_char *buf = NULL; - size_t buf_size; - size_t len; - krb5_crypto crypto; - - ap.pvno = 5; - ap.msg_type = krb_ap_rep; - - memset (&body, 0, sizeof(body)); - - body.ctime = auth_context->authenticator->ctime; - body.cusec = auth_context->authenticator->cusec; - if (auth_context->flags & KRB5_AUTH_CONTEXT_USE_SUBKEY) { - if (auth_context->local_subkey == NULL) { - ret = krb5_auth_con_generatelocalsubkey(context, - auth_context, - auth_context->keyblock); - if(ret) { - krb5_set_error_string (context, - "krb5_mk_rep: generating subkey"); - free_EncAPRepPart(&body); - return ret; - } - } - ret = krb5_copy_keyblock(context, auth_context->local_subkey, - &body.subkey); - if (ret) { - krb5_set_error_string (context, - "krb5_copy_keyblock: out of memory"); - free_EncAPRepPart(&body); - return ENOMEM; - } - } else - body.subkey = NULL; - if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { - if(auth_context->local_seqnumber == 0) - krb5_generate_seq_number (context, - auth_context->keyblock, - &auth_context->local_seqnumber); - ALLOC(body.seq_number, 1); - if (body.seq_number == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - free_EncAPRepPart(&body); - return ENOMEM; - } - *(body.seq_number) = auth_context->local_seqnumber; - } else - body.seq_number = NULL; - - ap.enc_part.etype = auth_context->keyblock->keytype; - ap.enc_part.kvno = NULL; - - ASN1_MALLOC_ENCODE(EncAPRepPart, buf, buf_size, &body, &len, ret); - free_EncAPRepPart (&body); - if(ret) - return ret; - if (buf_size != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - ret = krb5_crypto_init(context, auth_context->keyblock, - 0 /* ap.enc_part.etype */, &crypto); - if (ret) { - free (buf); - return ret; - } - ret = krb5_encrypt (context, - crypto, - KRB5_KU_AP_REQ_ENC_PART, - buf + buf_size - len, - len, - &ap.enc_part.cipher); - krb5_crypto_destroy(context, crypto); - free(buf); - if (ret) - return ret; - - ASN1_MALLOC_ENCODE(AP_REP, outbuf->data, outbuf->length, &ap, &len, ret); - if (ret == 0 && outbuf->length != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - free_AP_REP (&ap); - return ret; -} diff --git a/crypto/heimdal/lib/krb5/mk_req.c b/crypto/heimdal/lib/krb5/mk_req.c deleted file mode 100644 index 5f64f01e9560..000000000000 --- a/crypto/heimdal/lib/krb5/mk_req.c +++ /dev/null @@ -1,116 +0,0 @@ -/* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: mk_req.c 13863 2004-05-25 21:46:46Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_mk_req_exact(krb5_context context, - krb5_auth_context *auth_context, - const krb5_flags ap_req_options, - const krb5_principal server, - krb5_data *in_data, - krb5_ccache ccache, - krb5_data *outbuf) -{ - krb5_error_code ret; - krb5_creds this_cred, *cred; - - memset(&this_cred, 0, sizeof(this_cred)); - - ret = krb5_cc_get_principal(context, ccache, &this_cred.client); - - if(ret) - return ret; - - ret = krb5_copy_principal (context, server, &this_cred.server); - if (ret) { - krb5_free_cred_contents (context, &this_cred); - return ret; - } - - this_cred.times.endtime = 0; - if (auth_context && *auth_context && (*auth_context)->keytype) - this_cred.session.keytype = (*auth_context)->keytype; - - ret = krb5_get_credentials (context, 0, ccache, &this_cred, &cred); - krb5_free_cred_contents(context, &this_cred); - if (ret) - return ret; - - ret = krb5_mk_req_extended (context, - auth_context, - ap_req_options, - in_data, - cred, - outbuf); - krb5_free_creds(context, cred); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_mk_req(krb5_context context, - krb5_auth_context *auth_context, - const krb5_flags ap_req_options, - const char *service, - const char *hostname, - krb5_data *in_data, - krb5_ccache ccache, - krb5_data *outbuf) -{ - krb5_error_code ret; - char **realms; - char *real_hostname; - krb5_principal server; - - ret = krb5_expand_hostname_realms (context, hostname, - &real_hostname, &realms); - if (ret) - return ret; - - ret = krb5_build_principal (context, &server, - strlen(*realms), - *realms, - service, - real_hostname, - NULL); - free (real_hostname); - krb5_free_host_realm (context, realms); - if (ret) - return ret; - ret = krb5_mk_req_exact (context, auth_context, ap_req_options, - server, in_data, ccache, outbuf); - krb5_free_principal (context, server); - return ret; -} diff --git a/crypto/heimdal/lib/krb5/mk_req_ext.c b/crypto/heimdal/lib/krb5/mk_req_ext.c deleted file mode 100644 index b6d55c8815ac..000000000000 --- a/crypto/heimdal/lib/krb5/mk_req_ext.c +++ /dev/null @@ -1,165 +0,0 @@ -/* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: mk_req_ext.c 19511 2006-12-27 12:07:22Z lha $"); - -krb5_error_code -_krb5_mk_req_internal(krb5_context context, - krb5_auth_context *auth_context, - const krb5_flags ap_req_options, - krb5_data *in_data, - krb5_creds *in_creds, - krb5_data *outbuf, - krb5_key_usage checksum_usage, - krb5_key_usage encrypt_usage) -{ - krb5_error_code ret; - krb5_data authenticator; - Checksum c; - Checksum *c_opt; - krb5_auth_context ac; - - if(auth_context) { - if(*auth_context == NULL) - ret = krb5_auth_con_init(context, auth_context); - else - ret = 0; - ac = *auth_context; - } else - ret = krb5_auth_con_init(context, &ac); - if(ret) - return ret; - - if(ac->local_subkey == NULL && (ap_req_options & AP_OPTS_USE_SUBKEY)) { - ret = krb5_auth_con_generatelocalsubkey(context, - ac, - &in_creds->session); - if(ret) - goto out; - } - - krb5_free_keyblock(context, ac->keyblock); - ret = krb5_copy_keyblock(context, &in_creds->session, &ac->keyblock); - if (ret) - goto out; - - /* it's unclear what type of checksum we can use. try the best one, except: - * a) if it's configured differently for the current realm, or - * b) if the session key is des-cbc-crc - */ - - if (in_data) { - if(ac->keyblock->keytype == ETYPE_DES_CBC_CRC) { - /* this is to make DCE secd (and older MIT kdcs?) happy */ - ret = krb5_create_checksum(context, - NULL, - 0, - CKSUMTYPE_RSA_MD4, - in_data->data, - in_data->length, - &c); - } else if(ac->keyblock->keytype == ETYPE_ARCFOUR_HMAC_MD5 || - ac->keyblock->keytype == ETYPE_ARCFOUR_HMAC_MD5_56 || - ac->keyblock->keytype == ETYPE_DES_CBC_MD4 || - ac->keyblock->keytype == ETYPE_DES_CBC_MD5) { - /* this is to make MS kdc happy */ - ret = krb5_create_checksum(context, - NULL, - 0, - CKSUMTYPE_RSA_MD5, - in_data->data, - in_data->length, - &c); - } else { - krb5_crypto crypto; - - ret = krb5_crypto_init(context, ac->keyblock, 0, &crypto); - if (ret) - goto out; - ret = krb5_create_checksum(context, - crypto, - checksum_usage, - 0, - in_data->data, - in_data->length, - &c); - krb5_crypto_destroy(context, crypto); - } - c_opt = &c; - } else { - c_opt = NULL; - } - - if (ret) - goto out; - - ret = krb5_build_authenticator (context, - ac, - ac->keyblock->keytype, - in_creds, - c_opt, - NULL, - &authenticator, - encrypt_usage); - if (c_opt) - free_Checksum (c_opt); - if (ret) - goto out; - - ret = krb5_build_ap_req (context, ac->keyblock->keytype, - in_creds, ap_req_options, authenticator, outbuf); -out: - if(auth_context == NULL) - krb5_auth_con_free(context, ac); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_mk_req_extended(krb5_context context, - krb5_auth_context *auth_context, - const krb5_flags ap_req_options, - krb5_data *in_data, - krb5_creds *in_creds, - krb5_data *outbuf) -{ - return _krb5_mk_req_internal (context, - auth_context, - ap_req_options, - in_data, - in_creds, - outbuf, - KRB5_KU_AP_REQ_AUTH_CKSUM, - KRB5_KU_AP_REQ_AUTH); -} diff --git a/crypto/heimdal/lib/krb5/mk_safe.c b/crypto/heimdal/lib/krb5/mk_safe.c deleted file mode 100644 index 0b75759a5f65..000000000000 --- a/crypto/heimdal/lib/krb5/mk_safe.c +++ /dev/null @@ -1,141 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: mk_safe.c 13863 2004-05-25 21:46:46Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_mk_safe(krb5_context context, - krb5_auth_context auth_context, - const krb5_data *userdata, - krb5_data *outbuf, - krb5_replay_data *outdata) -{ - krb5_error_code ret; - KRB_SAFE s; - u_char *buf = NULL; - size_t buf_size; - size_t len; - krb5_crypto crypto; - krb5_keyblock *key; - krb5_replay_data rdata; - - if ((auth_context->flags & - (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE)) && - outdata == NULL) - return KRB5_RC_REQUIRED; /* XXX better error, MIT returns this */ - - if (auth_context->local_subkey) - key = auth_context->local_subkey; - else if (auth_context->remote_subkey) - key = auth_context->remote_subkey; - else - key = auth_context->keyblock; - - s.pvno = 5; - s.msg_type = krb_safe; - - memset(&rdata, 0, sizeof(rdata)); - - s.safe_body.user_data = *userdata; - - krb5_us_timeofday (context, &rdata.timestamp, &rdata.usec); - - if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) { - s.safe_body.timestamp = &rdata.timestamp; - s.safe_body.usec = &rdata.usec; - } else { - s.safe_body.timestamp = NULL; - s.safe_body.usec = NULL; - } - - if (auth_context->flags & KRB5_AUTH_CONTEXT_RET_TIME) { - outdata->timestamp = rdata.timestamp; - outdata->usec = rdata.usec; - } - - if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { - rdata.seq = auth_context->local_seqnumber; - s.safe_body.seq_number = &rdata.seq; - } else - s.safe_body.seq_number = NULL; - - if (auth_context->flags & KRB5_AUTH_CONTEXT_RET_SEQUENCE) - outdata->seq = auth_context->local_seqnumber; - - s.safe_body.s_address = auth_context->local_address; - s.safe_body.r_address = auth_context->remote_address; - - s.cksum.cksumtype = 0; - s.cksum.checksum.data = NULL; - s.cksum.checksum.length = 0; - - ASN1_MALLOC_ENCODE(KRB_SAFE, buf, buf_size, &s, &len, ret); - if (ret) - return ret; - if(buf_size != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) { - free (buf); - return ret; - } - ret = krb5_create_checksum(context, - crypto, - KRB5_KU_KRB_SAFE_CKSUM, - 0, - buf, - len, - &s.cksum); - krb5_crypto_destroy(context, crypto); - if (ret) { - free (buf); - return ret; - } - - free(buf); - ASN1_MALLOC_ENCODE(KRB_SAFE, buf, buf_size, &s, &len, ret); - free_Checksum (&s.cksum); - if(ret) - return ret; - if(buf_size != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - - outbuf->length = len; - outbuf->data = buf; - if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) - auth_context->local_seqnumber = - (auth_context->local_seqnumber + 1) & 0xFFFFFFFF; - return 0; -} diff --git a/crypto/heimdal/lib/krb5/n-fold-test.c b/crypto/heimdal/lib/krb5/n-fold-test.c deleted file mode 100644 index 248e232c0569..000000000000 --- a/crypto/heimdal/lib/krb5/n-fold-test.c +++ /dev/null @@ -1,121 +0,0 @@ -/* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" - -RCSID("$Id: n-fold-test.c 21745 2007-07-31 16:11:25Z lha $"); - -enum { MAXSIZE = 24 }; - -static struct testcase { - const char *str; - unsigned n; - unsigned char res[MAXSIZE]; -} tests[] = { - {"012345", 8, - {0xbe, 0x07, 0x26, 0x31, 0x27, 0x6b, 0x19, 0x55} - }, - {"basch", 24, - {0x1a, 0xab, 0x6b, 0x42, 0x96, 0x4b, 0x98, 0xb2, 0x1f, 0x8c, 0xde, - 0x2d, 0x24, 0x48, 0xba, 0x34, 0x55, 0xd7, 0x86, 0x2c, 0x97, 0x31, - 0x64, 0x3f} - }, - {"eichin", 24, - {0x65, 0x69, 0x63, 0x68, 0x69, 0x6e, 0x4b, 0x73, 0x2b, 0x4b, - 0x1b, 0x43, 0xda, 0x1a, 0x5b, 0x99, 0x5a, 0x58, 0xd2, 0xc6, 0xd0, - 0xd2, 0xdc, 0xca} - }, - {"sommerfeld", 24, - {0x2f, 0x7a, 0x98, 0x55, 0x7c, 0x6e, 0xe4, 0xab, 0xad, 0xf4, - 0xe7, 0x11, 0x92, 0xdd, 0x44, 0x2b, 0xd4, 0xff, 0x53, 0x25, 0xa5, - 0xde, 0xf7, 0x5c} - }, - {"MASSACHVSETTS INSTITVTE OF TECHNOLOGY", 24, - {0xdb, 0x3b, 0x0d, 0x8f, 0x0b, 0x06, 0x1e, 0x60, 0x32, 0x82, - 0xb3, 0x08, 0xa5, 0x08, 0x41, 0x22, 0x9a, 0xd7, 0x98, 0xfa, 0xb9, - 0x54, 0x0c, 0x1b} - }, - {"assar@NADA.KTH.SE", 24, - {0x5c, 0x06, 0xc3, 0x4d, 0x2c, 0x89, 0x05, 0xbe, 0x7a, 0x51, - 0x83, 0x6c, 0xd6, 0xf8, 0x1c, 0x4b, 0x7a, 0x93, 0x49, 0x16, 0x5a, - 0xb3, 0xfa, 0xa9} - }, - {"testKRBTEST.MIT.EDUtestkey", 24, - {0x50, 0x2c, 0xf8, 0x29, 0x78, 0xe5, 0xfb, 0x1a, 0x29, 0x06, - 0xbd, 0x22, 0x28, 0x91, 0x56, 0xc0, 0x06, 0xa0, 0xdc, 0xf5, 0xb6, - 0xc2, 0xda, 0x6c} - }, - {"password", 7, - {0x78, 0xa0, 0x7b, 0x6c, 0xaf, 0x85, 0xfa} - }, - {"Rough Consensus, and Running Code", 8, - {0xbb, 0x6e, 0xd3, 0x08, 0x70, 0xb7, 0xf0, 0xe0}, - }, - {"password", 21, - {0x59, 0xe4, 0xa8, 0xca, 0x7c, 0x03, 0x85, 0xc3, 0xc3, 0x7b, 0x3f, - 0x6d, 0x20, 0x00, 0x24, 0x7c, 0xb6, 0xe6, 0xbd, 0x5b, 0x3e}, - }, - {"MASSACHVSETTS INSTITVTE OF TECHNOLOGY", 24, - {0xdb, 0x3b, 0x0d, 0x8f, 0x0b, 0x06, 0x1e, 0x60, 0x32, 0x82, 0xb3, - 0x08, 0xa5, 0x08, 0x41, 0x22, 0x9a, 0xd7, 0x98, 0xfa, 0xb9, 0x54, - 0x0c, 0x1b} - }, - {NULL, 0} -}; - -int -main(int argc, char **argv) -{ - unsigned char data[MAXSIZE]; - struct testcase *t; - int ret = 0; - - for (t = tests; t->str; ++t) { - int i; - - ret = _krb5_n_fold (t->str, strlen(t->str), data, t->n); - if (ret) - errx(1, "out of memory"); - if (memcmp (data, t->res, t->n) != 0) { - printf ("n-fold(\"%s\", %d) failed\n", t->str, t->n); - printf ("should be: "); - for (i = 0; i < t->n; ++i) - printf ("%02x", t->res[i]); - printf ("\nresult was: "); - for (i = 0; i < t->n; ++i) - printf ("%02x", data[i]); - printf ("\n"); - ret = 1; - } - } - return ret; -} diff --git a/crypto/heimdal/lib/krb5/n-fold.c b/crypto/heimdal/lib/krb5/n-fold.c deleted file mode 100644 index 53528cfd1f78..000000000000 --- a/crypto/heimdal/lib/krb5/n-fold.c +++ /dev/null @@ -1,137 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" - -RCSID("$Id: n-fold.c 22190 2007-12-06 16:24:22Z lha $"); - -static krb5_error_code -rr13(unsigned char *buf, size_t len) -{ - unsigned char *tmp; - int bytes = (len + 7) / 8; - int i; - if(len == 0) - return 0; - { - const int bits = 13 % len; - const int lbit = len % 8; - - tmp = malloc(bytes); - if (tmp == NULL) - return ENOMEM; - memcpy(tmp, buf, bytes); - if(lbit) { - /* pad final byte with inital bits */ - tmp[bytes - 1] &= 0xff << (8 - lbit); - for(i = lbit; i < 8; i += len) - tmp[bytes - 1] |= buf[0] >> i; - } - for(i = 0; i < bytes; i++) { - int bb; - int b1, s1, b2, s2; - /* calculate first bit position of this byte */ - bb = 8 * i - bits; - while(bb < 0) - bb += len; - /* byte offset and shift count */ - b1 = bb / 8; - s1 = bb % 8; - - if(bb + 8 > bytes * 8) - /* watch for wraparound */ - s2 = (len + 8 - s1) % 8; - else - s2 = 8 - s1; - b2 = (b1 + 1) % bytes; - buf[i] = (tmp[b1] << s1) | (tmp[b2] >> s2); - } - free(tmp); - } - return 0; -} - -/* Add `b' to `a', both being one's complement numbers. */ -static void -add1(unsigned char *a, unsigned char *b, size_t len) -{ - int i; - int carry = 0; - for(i = len - 1; i >= 0; i--){ - int x = a[i] + b[i] + carry; - carry = x > 0xff; - a[i] = x & 0xff; - } - for(i = len - 1; carry && i >= 0; i--){ - int x = a[i] + carry; - carry = x > 0xff; - a[i] = x & 0xff; - } -} - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_n_fold(const void *str, size_t len, void *key, size_t size) -{ - /* if len < size we need at most N * len bytes, ie < 2 * size; - if len > size we need at most 2 * len */ - krb5_error_code ret = 0; - size_t maxlen = 2 * max(size, len); - size_t l = 0; - unsigned char *tmp = malloc(maxlen); - unsigned char *buf = malloc(len); - - if (tmp == NULL || buf == NULL) - return ENOMEM; - - memcpy(buf, str, len); - memset(key, 0, size); - do { - memcpy(tmp + l, buf, len); - l += len; - ret = rr13(buf, len * 8); - if (ret) - goto out; - while(l >= size) { - add1(key, tmp, size); - l -= size; - if(l == 0) - break; - memmove(tmp, tmp + size, l); - } - } while(l != 0); -out: - memset(buf, 0, len); - free(buf); - memset(tmp, 0, maxlen); - free(tmp); - return ret; -} diff --git a/crypto/heimdal/lib/krb5/name-45-test.c b/crypto/heimdal/lib/krb5/name-45-test.c deleted file mode 100644 index 0bb05f5531a5..000000000000 --- a/crypto/heimdal/lib/krb5/name-45-test.c +++ /dev/null @@ -1,294 +0,0 @@ -/* - * Copyright (c) 2002 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include - -RCSID("$Id: name-45-test.c 19763 2007-01-08 13:35:49Z lha $"); - -enum { MAX_COMPONENTS = 3 }; - -static struct testcase { - const char *v4_name; - const char *v4_inst; - const char *v4_realm; - - krb5_realm v5_realm; - unsigned ncomponents; - char *comp_val[MAX_COMPONENTS]; - - const char *config_file; - krb5_error_code ret; /* expected error code from 524 */ - - krb5_error_code ret2; /* expected error code from 425 */ -} tests[] = { - {"", "", "", "", 1, {""}, NULL, 0, 0}, - {"a", "", "", "", 1, {"a"}, NULL, 0, 0}, - {"a", "b", "", "", 2, {"a", "b"}, NULL, 0, 0}, - {"a", "b", "c", "c", 2, {"a", "b"}, NULL, 0, 0}, - - {"krbtgt", "FOO.SE", "FOO.SE", "FOO.SE", 2, - {"krbtgt", "FOO.SE"}, NULL, 0, 0}, - - {"foo", "bar2", "BAZ", "BAZ", 2, - {"foo", "bar2"}, NULL, 0, 0}, - {"foo", "bar2", "BAZ", "BAZ", 2, - {"foo", "bar2"}, - "[libdefaults]\n" - " v4_name_convert = {\n" - " host = {\n" - " foo = foo5\n" - " }\n" - "}\n", - HEIM_ERR_V4_PRINC_NO_CONV, 0}, - {"foo", "bar2", "BAZ", "BAZ", 2, - {"foo5", "bar2.baz"}, - "[realms]\n" - " BAZ = {\n" - " v4_name_convert = {\n" - " host = {\n" - " foo = foo5\n" - " }\n" - " }\n" - " v4_instance_convert = {\n" - " bar2 = bar2.baz\n" - " }\n" - " }\n", - 0, 0}, - - {"rcmd", "foo", "realm", "realm", 2, {"host", "foo"}, NULL, - HEIM_ERR_V4_PRINC_NO_CONV, 0}, - {"rcmd", "foo", "realm", "realm", 2, {"host", "foo.realm"}, - "[realms]\n" - " realm = {\n" - " v4_instance_convert = {\n" - " foo = foo.realm\n" - " }\n" - " }\n", - 0, 0}, - - {"pop", "mail0", "NADA.KTH.SE", "NADA.KTH.SE", 2, - {"pop", "mail0.nada.kth.se"}, "", HEIM_ERR_V4_PRINC_NO_CONV, 0}, - {"pop", "mail0", "NADA.KTH.SE", "NADA.KTH.SE", 2, - {"pop", "mail0.nada.kth.se"}, - "[realms]\n" - " NADA.KTH.SE = {\n" - " default_domain = nada.kth.se\n" - " }\n", - 0, 0}, - {"pop", "mail0", "NADA.KTH.SE", "NADA.KTH.SE", 2, - {"pop", "mail0.nada.kth.se"}, - "[libdefaults]\n" - " v4_instance_resolve = true\n", - HEIM_ERR_V4_PRINC_NO_CONV, 0}, - - {"rcmd", "hokkigai", "NADA.KTH.SE", "NADA.KTH.SE", 2, - {"host", "hokkigai.pdc.kth.se"}, "", HEIM_ERR_V4_PRINC_NO_CONV, 0}, - {"rcmd", "hokkigai", "NADA.KTH.SE", "NADA.KTH.SE", 2, - {"host", "hokkigai.pdc.kth.se"}, - "[libdefaults]\n" - " v4_instance_resolve = true\n" - "[realms]\n" - " NADA.KTH.SE = {\n" - " v4_name_convert = {\n" - " host = {\n" - " rcmd = host\n" - " }\n" - " }\n" - " default_domain = pdc.kth.se\n" - " }\n", - 0, 0}, - - {"0123456789012345678901234567890123456789", - "0123456789012345678901234567890123456789", - "0123456789012345678901234567890123456789", - "0123456789012345678901234567890123456789", - 2, {"0123456789012345678901234567890123456789", - "0123456789012345678901234567890123456789"}, NULL, - 0, KRB5_PARSE_MALFORMED}, - - {"012345678901234567890123456789012345678", - "012345678901234567890123456789012345678", - "012345678901234567890123456789012345678", - "012345678901234567890123456789012345678", - 2, {"012345678901234567890123456789012345678", - "012345678901234567890123456789012345678"}, NULL, - 0, 0}, - - {NULL, NULL, NULL, NULL, 0, {NULL}, NULL, 0} -}; - -int -main(int argc, char **argv) -{ - struct testcase *t; - krb5_context context; - krb5_error_code ret; - char hostname[1024]; - int val = 0; - - setprogname(argv[0]); - - gethostname(hostname, sizeof(hostname)); - if (!(strstr(hostname, "kth.se") != NULL || strstr(hostname, "su.se") != NULL)) - return 0; - - for (t = tests; t->v4_name; ++t) { - krb5_principal princ; - int i; - char name[40], inst[40], realm[40]; - char printable_princ[256]; - - ret = krb5_init_context (&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - if (t->config_file != NULL) { - char template[] = "/tmp/krb5-conf-XXXXXX"; - int fd = mkstemp(template); - char *files[2]; - - if (fd < 0) - krb5_err (context, 1, errno, "mkstemp %s", template); - - if (write (fd, t->config_file, strlen(t->config_file)) - != strlen(t->config_file)) - krb5_err (context, 1, errno, "write %s", template); - close (fd); - files[0] = template; - files[1] = NULL; - - ret = krb5_set_config_files (context, files); - unlink (template); - if (ret) - krb5_err (context, 1, ret, "krb5_set_config_files"); - } - - ret = krb5_425_conv_principal (context, - t->v4_name, - t->v4_inst, - t->v4_realm, - &princ); - if (ret) { - if (ret != t->ret) { - krb5_warn (context, ret, - "krb5_425_conv_principal %s.%s@%s", - t->v4_name, t->v4_inst, t->v4_realm); - val = 1; - } - } else { - if (t->ret) { - char *s; - krb5_unparse_name(context, princ, &s); - krb5_warnx (context, - "krb5_425_conv_principal %s.%s@%s " - "passed unexpected: %s", - t->v4_name, t->v4_inst, t->v4_realm, s); - free(s); - val = 1; - krb5_free_context(context); - continue; - } - } - - if (ret) { - krb5_free_context(context); - continue; - } - - if (strcmp (t->v5_realm, princ->realm) != 0) { - printf ("wrong realm (\"%s\" should be \"%s\")" - " for \"%s.%s@%s\"\n", - princ->realm, t->v5_realm, - t->v4_name, - t->v4_inst, - t->v4_realm); - val = 1; - } - - if (t->ncomponents != princ->name.name_string.len) { - printf ("wrong number of components (%u should be %u)" - " for \"%s.%s@%s\"\n", - princ->name.name_string.len, t->ncomponents, - t->v4_name, - t->v4_inst, - t->v4_realm); - val = 1; - } else { - for (i = 0; i < t->ncomponents; ++i) { - if (strcmp(t->comp_val[i], - princ->name.name_string.val[i]) != 0) { - printf ("bad component %d (\"%s\" should be \"%s\")" - " for \"%s.%s@%s\"\n", - i, - princ->name.name_string.val[i], - t->comp_val[i], - t->v4_name, - t->v4_inst, - t->v4_realm); - val = 1; - } - } - } - ret = krb5_524_conv_principal (context, princ, - name, inst, realm); - if (krb5_unparse_name_fixed(context, princ, - printable_princ, sizeof(printable_princ))) - strlcpy(printable_princ, "unknown principal", - sizeof(printable_princ)); - if (ret) { - if (ret != t->ret2) { - krb5_warn (context, ret, - "krb5_524_conv_principal %s", printable_princ); - val = 1; - } - } else { - if (t->ret2) { - krb5_warnx (context, - "krb5_524_conv_principal %s " - "passed unexpected", printable_princ); - val = 1; - krb5_free_context(context); - continue; - } - } - if (ret) { - krb5_free_principal (context, princ); - krb5_free_context(context); - continue; - } - - krb5_free_principal (context, princ); - krb5_free_context(context); - } - return val; -} diff --git a/crypto/heimdal/lib/krb5/net_read.c b/crypto/heimdal/lib/krb5/net_read.c deleted file mode 100644 index f0fa2ce7a0e9..000000000000 --- a/crypto/heimdal/lib/krb5/net_read.c +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: net_read.c 13863 2004-05-25 21:46:46Z lha $"); - -krb5_ssize_t KRB5_LIB_FUNCTION -krb5_net_read (krb5_context context, - void *p_fd, - void *buf, - size_t len) -{ - int fd = *((int *)p_fd); - - return net_read (fd, buf, len); -} diff --git a/crypto/heimdal/lib/krb5/net_write.c b/crypto/heimdal/lib/krb5/net_write.c deleted file mode 100644 index 868015fa9214..000000000000 --- a/crypto/heimdal/lib/krb5/net_write.c +++ /dev/null @@ -1,105 +0,0 @@ -/* - * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: net_write.c 13863 2004-05-25 21:46:46Z lha $"); - -krb5_ssize_t KRB5_LIB_FUNCTION -krb5_net_write (krb5_context context, - void *p_fd, - const void *buf, - size_t len) -{ - int fd = *((int *)p_fd); - - return net_write (fd, buf, len); -} - -krb5_ssize_t KRB5_LIB_FUNCTION -krb5_net_write_block(krb5_context context, - void *p_fd, - const void *buf, - size_t len, - time_t timeout) -{ - int fd = *((int *)p_fd); - int ret; - struct timeval tv, *tvp; - const char *cbuf = (const char *)buf; - size_t rem = len; - ssize_t count; - fd_set wfds; - - do { - FD_ZERO(&wfds); - FD_SET(fd, &wfds); - - if (timeout != 0) { - tv.tv_sec = timeout; - tv.tv_usec = 0; - tvp = &tv; - } else - tvp = NULL; - - ret = select(fd + 1, NULL, &wfds, NULL, tvp); - if (ret < 0) { - if (errno == EINTR) - continue; - return -1; - } else if (ret == 0) - return 0; - - if (!FD_ISSET(fd, &wfds)) { - errno = ETIMEDOUT; - return -1; - } - -#ifdef WIN32 - count = send (fd, cbuf, rem, 0); -#else - count = write (fd, cbuf, rem); -#endif - if (count < 0) { - if (errno == EINTR) - continue; - else - return count; - } - cbuf += count; - rem -= count; - - } while (rem > 0); - - return len; -} diff --git a/crypto/heimdal/lib/krb5/pac.c b/crypto/heimdal/lib/krb5/pac.c deleted file mode 100644 index 1b21750e5d4d..000000000000 --- a/crypto/heimdal/lib/krb5/pac.c +++ /dev/null @@ -1,1041 +0,0 @@ -/* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: pac.c 21934 2007-08-27 14:21:04Z lha $"); - -struct PAC_INFO_BUFFER { - uint32_t type; - uint32_t buffersize; - uint32_t offset_hi; - uint32_t offset_lo; -}; - -struct PACTYPE { - uint32_t numbuffers; - uint32_t version; - struct PAC_INFO_BUFFER buffers[1]; -}; - -struct krb5_pac_data { - struct PACTYPE *pac; - krb5_data data; - struct PAC_INFO_BUFFER *server_checksum; - struct PAC_INFO_BUFFER *privsvr_checksum; - struct PAC_INFO_BUFFER *logon_name; -}; - -#define PAC_ALIGNMENT 8 - -#define PACTYPE_SIZE 8 -#define PAC_INFO_BUFFER_SIZE 16 - -#define PAC_SERVER_CHECKSUM 6 -#define PAC_PRIVSVR_CHECKSUM 7 -#define PAC_LOGON_NAME 10 -#define PAC_CONSTRAINED_DELEGATION 11 - -#define CHECK(r,f,l) \ - do { \ - if (((r) = f ) != 0) { \ - krb5_clear_error_string(context); \ - goto l; \ - } \ - } while(0) - -static const char zeros[PAC_ALIGNMENT] = { 0 }; - -/* - * - */ - -krb5_error_code -krb5_pac_parse(krb5_context context, const void *ptr, size_t len, - krb5_pac *pac) -{ - krb5_error_code ret; - krb5_pac p; - krb5_storage *sp = NULL; - uint32_t i, tmp, tmp2, header_end; - - p = calloc(1, sizeof(*p)); - if (p == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "out of memory"); - goto out; - } - - sp = krb5_storage_from_readonly_mem(ptr, len); - if (sp == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "out of memory"); - goto out; - } - krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE); - - CHECK(ret, krb5_ret_uint32(sp, &tmp), out); - CHECK(ret, krb5_ret_uint32(sp, &tmp2), out); - if (tmp < 1) { - krb5_set_error_string(context, "PAC have too few buffer"); - ret = EINVAL; /* Too few buffers */ - goto out; - } - if (tmp2 != 0) { - krb5_set_error_string(context, "PAC have wrong version"); - ret = EINVAL; /* Wrong version */ - goto out; - } - - p->pac = calloc(1, - sizeof(*p->pac) + (sizeof(p->pac->buffers[0]) * (tmp - 1))); - if (p->pac == NULL) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - goto out; - } - - p->pac->numbuffers = tmp; - p->pac->version = tmp2; - - header_end = PACTYPE_SIZE + (PAC_INFO_BUFFER_SIZE * p->pac->numbuffers); - if (header_end > len) { - ret = EINVAL; - goto out; - } - - for (i = 0; i < p->pac->numbuffers; i++) { - CHECK(ret, krb5_ret_uint32(sp, &p->pac->buffers[i].type), out); - CHECK(ret, krb5_ret_uint32(sp, &p->pac->buffers[i].buffersize), out); - CHECK(ret, krb5_ret_uint32(sp, &p->pac->buffers[i].offset_lo), out); - CHECK(ret, krb5_ret_uint32(sp, &p->pac->buffers[i].offset_hi), out); - - /* consistency checks */ - if (p->pac->buffers[i].offset_lo & (PAC_ALIGNMENT - 1)) { - krb5_set_error_string(context, "PAC out of allignment"); - ret = EINVAL; - goto out; - } - if (p->pac->buffers[i].offset_hi) { - krb5_set_error_string(context, "PAC high offset set"); - ret = EINVAL; - goto out; - } - if (p->pac->buffers[i].offset_lo > len) { - krb5_set_error_string(context, "PAC offset off end"); - ret = EINVAL; - goto out; - } - if (p->pac->buffers[i].offset_lo < header_end) { - krb5_set_error_string(context, "PAC offset inside header: %d %d", - p->pac->buffers[i].offset_lo, header_end); - ret = EINVAL; - goto out; - } - if (p->pac->buffers[i].buffersize > len - p->pac->buffers[i].offset_lo){ - krb5_set_error_string(context, "PAC length off end"); - ret = EINVAL; - goto out; - } - - /* let save pointer to data we need later */ - if (p->pac->buffers[i].type == PAC_SERVER_CHECKSUM) { - if (p->server_checksum) { - krb5_set_error_string(context, "PAC have two server checksums"); - ret = EINVAL; - goto out; - } - p->server_checksum = &p->pac->buffers[i]; - } else if (p->pac->buffers[i].type == PAC_PRIVSVR_CHECKSUM) { - if (p->privsvr_checksum) { - krb5_set_error_string(context, "PAC have two KDC checksums"); - ret = EINVAL; - goto out; - } - p->privsvr_checksum = &p->pac->buffers[i]; - } else if (p->pac->buffers[i].type == PAC_LOGON_NAME) { - if (p->logon_name) { - krb5_set_error_string(context, "PAC have two logon names"); - ret = EINVAL; - goto out; - } - p->logon_name = &p->pac->buffers[i]; - } - } - - ret = krb5_data_copy(&p->data, ptr, len); - if (ret) - goto out; - - krb5_storage_free(sp); - - *pac = p; - return 0; - -out: - if (sp) - krb5_storage_free(sp); - if (p) { - if (p->pac) - free(p->pac); - free(p); - } - *pac = NULL; - - return ret; -} - -krb5_error_code -krb5_pac_init(krb5_context context, krb5_pac *pac) -{ - krb5_error_code ret; - krb5_pac p; - - p = calloc(1, sizeof(*p)); - if (p == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - - p->pac = calloc(1, sizeof(*p->pac)); - if (p->pac == NULL) { - free(p); - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - - ret = krb5_data_alloc(&p->data, PACTYPE_SIZE); - if (ret) { - free (p->pac); - free(p); - krb5_set_error_string(context, "out of memory"); - return ret; - } - - - *pac = p; - return 0; -} - -krb5_error_code -krb5_pac_add_buffer(krb5_context context, krb5_pac p, - uint32_t type, const krb5_data *data) -{ - krb5_error_code ret; - void *ptr; - size_t len, offset, header_end, old_end; - uint32_t i; - - len = p->pac->numbuffers; - - ptr = realloc(p->pac, - sizeof(*p->pac) + (sizeof(p->pac->buffers[0]) * len)); - if (ptr == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - p->pac = ptr; - - for (i = 0; i < len; i++) - p->pac->buffers[i].offset_lo += PAC_INFO_BUFFER_SIZE; - - offset = p->data.length + PAC_INFO_BUFFER_SIZE; - - p->pac->buffers[len].type = type; - p->pac->buffers[len].buffersize = data->length; - p->pac->buffers[len].offset_lo = offset; - p->pac->buffers[len].offset_hi = 0; - - old_end = p->data.length; - len = p->data.length + data->length + PAC_INFO_BUFFER_SIZE; - if (len < p->data.length) { - krb5_set_error_string(context, "integer overrun"); - return EINVAL; - } - - /* align to PAC_ALIGNMENT */ - len = ((len + PAC_ALIGNMENT - 1) / PAC_ALIGNMENT) * PAC_ALIGNMENT; - - ret = krb5_data_realloc(&p->data, len); - if (ret) { - krb5_set_error_string(context, "out of memory"); - return ret; - } - - /* - * make place for new PAC INFO BUFFER header - */ - header_end = PACTYPE_SIZE + (PAC_INFO_BUFFER_SIZE * p->pac->numbuffers); - memmove((unsigned char *)p->data.data + header_end + PAC_INFO_BUFFER_SIZE, - (unsigned char *)p->data.data + header_end , - old_end - header_end); - memset((unsigned char *)p->data.data + header_end, 0, PAC_INFO_BUFFER_SIZE); - - /* - * copy in new data part - */ - - memcpy((unsigned char *)p->data.data + offset, - data->data, data->length); - memset((unsigned char *)p->data.data + offset + data->length, - 0, p->data.length - offset - data->length); - - p->pac->numbuffers += 1; - - return 0; -} - -krb5_error_code -krb5_pac_get_buffer(krb5_context context, krb5_pac p, - uint32_t type, krb5_data *data) -{ - krb5_error_code ret; - uint32_t i; - - /* - * Hide the checksums from external consumers - */ - - if (type == PAC_PRIVSVR_CHECKSUM || type == PAC_SERVER_CHECKSUM) { - ret = krb5_data_alloc(data, 16); - if (ret) { - krb5_set_error_string(context, "out of memory"); - return ret; - } - memset(data->data, 0, data->length); - return 0; - } - - for (i = 0; i < p->pac->numbuffers; i++) { - size_t len = p->pac->buffers[i].buffersize; - size_t offset = p->pac->buffers[i].offset_lo; - - if (p->pac->buffers[i].type != type) - continue; - - ret = krb5_data_copy(data, (unsigned char *)p->data.data + offset, len); - if (ret) { - krb5_set_error_string(context, "Out of memory"); - return ret; - } - return 0; - } - krb5_set_error_string(context, "No PAC buffer of type %lu was found", - (unsigned long)type); - return ENOENT; -} - -/* - * - */ - -krb5_error_code -krb5_pac_get_types(krb5_context context, - krb5_pac p, - size_t *len, - uint32_t **types) -{ - size_t i; - - *types = calloc(p->pac->numbuffers, sizeof(*types)); - if (*types == NULL) { - *len = 0; - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - for (i = 0; i < p->pac->numbuffers; i++) - (*types)[i] = p->pac->buffers[i].type; - *len = p->pac->numbuffers; - - return 0; -} - -/* - * - */ - -void -krb5_pac_free(krb5_context context, krb5_pac pac) -{ - krb5_data_free(&pac->data); - free(pac->pac); - free(pac); -} - -/* - * - */ - -static krb5_error_code -verify_checksum(krb5_context context, - const struct PAC_INFO_BUFFER *sig, - const krb5_data *data, - void *ptr, size_t len, - const krb5_keyblock *key) -{ - krb5_crypto crypto = NULL; - krb5_storage *sp = NULL; - uint32_t type; - krb5_error_code ret; - Checksum cksum; - - memset(&cksum, 0, sizeof(cksum)); - - sp = krb5_storage_from_mem((char *)data->data + sig->offset_lo, - sig->buffersize); - if (sp == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE); - - CHECK(ret, krb5_ret_uint32(sp, &type), out); - cksum.cksumtype = type; - cksum.checksum.length = - sig->buffersize - krb5_storage_seek(sp, 0, SEEK_CUR); - cksum.checksum.data = malloc(cksum.checksum.length); - if (cksum.checksum.data == NULL) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - goto out; - } - ret = krb5_storage_read(sp, cksum.checksum.data, cksum.checksum.length); - if (ret != cksum.checksum.length) { - krb5_set_error_string(context, "PAC checksum missing checksum"); - ret = EINVAL; - goto out; - } - - if (!krb5_checksum_is_keyed(context, cksum.cksumtype)) { - krb5_set_error_string (context, "Checksum type %d not keyed", - cksum.cksumtype); - ret = EINVAL; - goto out; - } - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) - goto out; - - ret = krb5_verify_checksum(context, crypto, KRB5_KU_OTHER_CKSUM, - ptr, len, &cksum); - free(cksum.checksum.data); - krb5_crypto_destroy(context, crypto); - krb5_storage_free(sp); - - return ret; - -out: - if (cksum.checksum.data) - free(cksum.checksum.data); - if (sp) - krb5_storage_free(sp); - if (crypto) - krb5_crypto_destroy(context, crypto); - return ret; -} - -static krb5_error_code -create_checksum(krb5_context context, - const krb5_keyblock *key, - void *data, size_t datalen, - void *sig, size_t siglen) -{ - krb5_crypto crypto = NULL; - krb5_error_code ret; - Checksum cksum; - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) - return ret; - - ret = krb5_create_checksum(context, crypto, KRB5_KU_OTHER_CKSUM, 0, - data, datalen, &cksum); - krb5_crypto_destroy(context, crypto); - if (ret) - return ret; - - if (cksum.checksum.length != siglen) { - krb5_set_error_string(context, "pac checksum wrong length"); - free_Checksum(&cksum); - return EINVAL; - } - - memcpy(sig, cksum.checksum.data, siglen); - free_Checksum(&cksum); - - return 0; -} - - -/* - * - */ - -#define NTTIME_EPOCH 0x019DB1DED53E8000LL - -static uint64_t -unix2nttime(time_t unix_time) -{ - long long wt; - wt = unix_time * (uint64_t)10000000 + (uint64_t)NTTIME_EPOCH; - return wt; -} - -static krb5_error_code -verify_logonname(krb5_context context, - const struct PAC_INFO_BUFFER *logon_name, - const krb5_data *data, - time_t authtime, - krb5_const_principal principal) -{ - krb5_error_code ret; - krb5_principal p2; - uint32_t time1, time2; - krb5_storage *sp; - uint16_t len; - char *s; - - sp = krb5_storage_from_readonly_mem((const char *)data->data + logon_name->offset_lo, - logon_name->buffersize); - if (sp == NULL) { - krb5_set_error_string(context, "Out of memory"); - return ENOMEM; - } - - krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE); - - CHECK(ret, krb5_ret_uint32(sp, &time1), out); - CHECK(ret, krb5_ret_uint32(sp, &time2), out); - - { - uint64_t t1, t2; - t1 = unix2nttime(authtime); - t2 = ((uint64_t)time2 << 32) | time1; - if (t1 != t2) { - krb5_storage_free(sp); - krb5_set_error_string(context, "PAC timestamp mismatch"); - return EINVAL; - } - } - CHECK(ret, krb5_ret_uint16(sp, &len), out); - if (len == 0) { - krb5_storage_free(sp); - krb5_set_error_string(context, "PAC logon name length missing"); - return EINVAL; - } - - s = malloc(len); - if (s == NULL) { - krb5_storage_free(sp); - krb5_set_error_string(context, "Out of memory"); - return ENOMEM; - } - ret = krb5_storage_read(sp, s, len); - if (ret != len) { - krb5_storage_free(sp); - krb5_set_error_string(context, "Failed to read pac logon name"); - return EINVAL; - } - krb5_storage_free(sp); -#if 1 /* cheat for now */ - { - size_t i; - - if (len & 1) { - krb5_set_error_string(context, "PAC logon name malformed"); - return EINVAL; - } - - for (i = 0; i < len / 2; i++) { - if (s[(i * 2) + 1]) { - krb5_set_error_string(context, "PAC logon name not ASCII"); - return EINVAL; - } - s[i] = s[i * 2]; - } - s[i] = '\0'; - } -#else - { - uint16_t *ucs2; - ssize_t ucs2len; - size_t u8len; - - ucs2 = malloc(sizeof(ucs2[0]) * len / 2); - if (ucs2) - abort(); - ucs2len = wind_ucs2read(s, len / 2, ucs2); - free(s); - if (len < 0) - return -1; - ret = wind_ucs2toutf8(ucs2, ucs2len, NULL, &u8len); - if (ret < 0) - abort(); - s = malloc(u8len + 1); - if (s == NULL) - abort(); - wind_ucs2toutf8(ucs2, ucs2len, s, &u8len); - free(ucs2); - } -#endif - ret = krb5_parse_name_flags(context, s, KRB5_PRINCIPAL_PARSE_NO_REALM, &p2); - free(s); - if (ret) - return ret; - - if (krb5_principal_compare_any_realm(context, principal, p2) != TRUE) { - krb5_set_error_string(context, "PAC logon name mismatch"); - ret = EINVAL; - } - krb5_free_principal(context, p2); - return ret; -out: - return ret; -} - -/* - * - */ - -static krb5_error_code -build_logon_name(krb5_context context, - time_t authtime, - krb5_const_principal principal, - krb5_data *logon) -{ - krb5_error_code ret; - krb5_storage *sp; - uint64_t t; - char *s, *s2; - size_t i, len; - - t = unix2nttime(authtime); - - krb5_data_zero(logon); - - sp = krb5_storage_emem(); - if (sp == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE); - - CHECK(ret, krb5_store_uint32(sp, t & 0xffffffff), out); - CHECK(ret, krb5_store_uint32(sp, t >> 32), out); - - ret = krb5_unparse_name_flags(context, principal, - KRB5_PRINCIPAL_UNPARSE_NO_REALM, &s); - if (ret) - goto out; - - len = strlen(s); - - CHECK(ret, krb5_store_uint16(sp, len * 2), out); - -#if 1 /* cheat for now */ - s2 = malloc(len * 2); - if (s2 == NULL) { - ret = ENOMEM; - free(s); - goto out; - } - for (i = 0; i < len; i++) { - s2[i * 2] = s[i]; - s2[i * 2 + 1] = 0; - } - free(s); -#else - /* write libwind code here */ -#endif - - ret = krb5_storage_write(sp, s2, len * 2); - free(s2); - if (ret != len * 2) { - ret = ENOMEM; - goto out; - } - ret = krb5_storage_to_data(sp, logon); - if (ret) - goto out; - krb5_storage_free(sp); - - return 0; -out: - krb5_storage_free(sp); - return ret; -} - - -/* - * - */ - -krb5_error_code -krb5_pac_verify(krb5_context context, - const krb5_pac pac, - time_t authtime, - krb5_const_principal principal, - const krb5_keyblock *server, - const krb5_keyblock *privsvr) -{ - krb5_error_code ret; - - if (pac->server_checksum == NULL) { - krb5_set_error_string(context, "PAC missing server checksum"); - return EINVAL; - } - if (pac->privsvr_checksum == NULL) { - krb5_set_error_string(context, "PAC missing kdc checksum"); - return EINVAL; - } - if (pac->logon_name == NULL) { - krb5_set_error_string(context, "PAC missing logon name"); - return EINVAL; - } - - ret = verify_logonname(context, - pac->logon_name, - &pac->data, - authtime, - principal); - if (ret) - return ret; - - /* - * in the service case, clean out data option of the privsvr and - * server checksum before checking the checksum. - */ - { - krb5_data *copy; - - ret = krb5_copy_data(context, &pac->data, ©); - if (ret) - return ret; - - if (pac->server_checksum->buffersize < 4) - return EINVAL; - if (pac->privsvr_checksum->buffersize < 4) - return EINVAL; - - memset((char *)copy->data + pac->server_checksum->offset_lo + 4, - 0, - pac->server_checksum->buffersize - 4); - - memset((char *)copy->data + pac->privsvr_checksum->offset_lo + 4, - 0, - pac->privsvr_checksum->buffersize - 4); - - ret = verify_checksum(context, - pac->server_checksum, - &pac->data, - copy->data, - copy->length, - server); - krb5_free_data(context, copy); - if (ret) - return ret; - } - if (privsvr) { - ret = verify_checksum(context, - pac->privsvr_checksum, - &pac->data, - (char *)pac->data.data - + pac->server_checksum->offset_lo + 4, - pac->server_checksum->buffersize - 4, - privsvr); - if (ret) - return ret; - } - - return 0; -} - -/* - * - */ - -static krb5_error_code -fill_zeros(krb5_context context, krb5_storage *sp, size_t len) -{ - ssize_t sret; - size_t l; - - while (len) { - l = len; - if (l > sizeof(zeros)) - l = sizeof(zeros); - sret = krb5_storage_write(sp, zeros, l); - if (sret <= 0) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - len -= sret; - } - return 0; -} - -static krb5_error_code -pac_checksum(krb5_context context, - const krb5_keyblock *key, - uint32_t *cksumtype, - size_t *cksumsize) -{ - krb5_cksumtype cktype; - krb5_error_code ret; - krb5_crypto crypto = NULL; - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) - return ret; - - ret = krb5_crypto_get_checksum_type(context, crypto, &cktype); - ret = krb5_crypto_destroy(context, crypto); - if (ret) - return ret; - - if (krb5_checksum_is_keyed(context, cktype) == FALSE) { - krb5_set_error_string(context, "PAC checksum type is not keyed"); - return EINVAL; - } - - ret = krb5_checksumsize(context, cktype, cksumsize); - if (ret) - return ret; - - *cksumtype = (uint32_t)cktype; - - return 0; -} - -krb5_error_code -_krb5_pac_sign(krb5_context context, - krb5_pac p, - time_t authtime, - krb5_principal principal, - const krb5_keyblock *server_key, - const krb5_keyblock *priv_key, - krb5_data *data) -{ - krb5_error_code ret; - krb5_storage *sp = NULL, *spdata = NULL; - uint32_t end; - size_t server_size, priv_size; - uint32_t server_offset = 0, priv_offset = 0; - uint32_t server_cksumtype = 0, priv_cksumtype = 0; - int i, num = 0; - krb5_data logon, d; - - krb5_data_zero(&logon); - - if (p->logon_name == NULL) - num++; - if (p->server_checksum == NULL) - num++; - if (p->privsvr_checksum == NULL) - num++; - - if (num) { - void *ptr; - - ptr = realloc(p->pac, sizeof(*p->pac) + (sizeof(p->pac->buffers[0]) * (p->pac->numbuffers + num - 1))); - if (ptr == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - p->pac = ptr; - - if (p->logon_name == NULL) { - p->logon_name = &p->pac->buffers[p->pac->numbuffers++]; - memset(p->logon_name, 0, sizeof(*p->logon_name)); - p->logon_name->type = PAC_LOGON_NAME; - } - if (p->server_checksum == NULL) { - p->server_checksum = &p->pac->buffers[p->pac->numbuffers++]; - memset(p->server_checksum, 0, sizeof(*p->server_checksum)); - p->server_checksum->type = PAC_SERVER_CHECKSUM; - } - if (p->privsvr_checksum == NULL) { - p->privsvr_checksum = &p->pac->buffers[p->pac->numbuffers++]; - memset(p->privsvr_checksum, 0, sizeof(*p->privsvr_checksum)); - p->privsvr_checksum->type = PAC_PRIVSVR_CHECKSUM; - } - } - - /* Calculate LOGON NAME */ - ret = build_logon_name(context, authtime, principal, &logon); - if (ret) - goto out; - - /* Set lengths for checksum */ - ret = pac_checksum(context, server_key, &server_cksumtype, &server_size); - if (ret) - goto out; - ret = pac_checksum(context, priv_key, &priv_cksumtype, &priv_size); - if (ret) - goto out; - - /* Encode PAC */ - sp = krb5_storage_emem(); - if (sp == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE); - - spdata = krb5_storage_emem(); - if (spdata == NULL) { - krb5_storage_free(sp); - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - krb5_storage_set_flags(spdata, KRB5_STORAGE_BYTEORDER_LE); - - CHECK(ret, krb5_store_uint32(sp, p->pac->numbuffers), out); - CHECK(ret, krb5_store_uint32(sp, p->pac->version), out); - - end = PACTYPE_SIZE + (PAC_INFO_BUFFER_SIZE * p->pac->numbuffers); - - for (i = 0; i < p->pac->numbuffers; i++) { - uint32_t len; - size_t sret; - void *ptr = NULL; - - /* store data */ - - if (p->pac->buffers[i].type == PAC_SERVER_CHECKSUM) { - len = server_size + 4; - server_offset = end + 4; - CHECK(ret, krb5_store_uint32(spdata, server_cksumtype), out); - CHECK(ret, fill_zeros(context, spdata, server_size), out); - } else if (p->pac->buffers[i].type == PAC_PRIVSVR_CHECKSUM) { - len = priv_size + 4; - priv_offset = end + 4; - CHECK(ret, krb5_store_uint32(spdata, priv_cksumtype), out); - CHECK(ret, fill_zeros(context, spdata, priv_size), out); - } else if (p->pac->buffers[i].type == PAC_LOGON_NAME) { - len = krb5_storage_write(spdata, logon.data, logon.length); - if (logon.length != len) { - ret = EINVAL; - goto out; - } - } else { - len = p->pac->buffers[i].buffersize; - ptr = (char *)p->data.data + p->pac->buffers[i].offset_lo; - - sret = krb5_storage_write(spdata, ptr, len); - if (sret != len) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - goto out; - } - /* XXX if not aligned, fill_zeros */ - } - - /* write header */ - CHECK(ret, krb5_store_uint32(sp, p->pac->buffers[i].type), out); - CHECK(ret, krb5_store_uint32(sp, len), out); - CHECK(ret, krb5_store_uint32(sp, end), out); - CHECK(ret, krb5_store_uint32(sp, 0), out); - - /* advance data endpointer and align */ - { - int32_t e; - - end += len; - e = ((end + PAC_ALIGNMENT - 1) / PAC_ALIGNMENT) * PAC_ALIGNMENT; - if (end != e) { - CHECK(ret, fill_zeros(context, spdata, e - end), out); - } - end = e; - } - - } - - /* assert (server_offset != 0 && priv_offset != 0); */ - - /* export PAC */ - ret = krb5_storage_to_data(spdata, &d); - if (ret) { - krb5_set_error_string(context, "out of memory"); - goto out; - } - ret = krb5_storage_write(sp, d.data, d.length); - if (ret != d.length) { - krb5_data_free(&d); - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - goto out; - } - krb5_data_free(&d); - - ret = krb5_storage_to_data(sp, &d); - if (ret) { - krb5_set_error_string(context, "out of memory"); - goto out; - } - - /* sign */ - - ret = create_checksum(context, server_key, - d.data, d.length, - (char *)d.data + server_offset, server_size); - if (ret) { - krb5_data_free(&d); - goto out; - } - - ret = create_checksum(context, priv_key, - (char *)d.data + server_offset, server_size, - (char *)d.data + priv_offset, priv_size); - if (ret) { - krb5_data_free(&d); - goto out; - } - - /* done */ - *data = d; - - krb5_data_free(&logon); - krb5_storage_free(sp); - krb5_storage_free(spdata); - - return 0; -out: - krb5_data_free(&logon); - if (sp) - krb5_storage_free(sp); - if (spdata) - krb5_storage_free(spdata); - return ret; -} diff --git a/crypto/heimdal/lib/krb5/padata.c b/crypto/heimdal/lib/krb5/padata.c deleted file mode 100644 index b2b70f52e786..000000000000 --- a/crypto/heimdal/lib/krb5/padata.c +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: padata.c 15469 2005-06-17 04:28:35Z lha $"); - -PA_DATA * -krb5_find_padata(PA_DATA *val, unsigned len, int type, int *idx) -{ - for(; *idx < len; (*idx)++) - if(val[*idx].padata_type == type) - return val + *idx; - return NULL; -} - -int KRB5_LIB_FUNCTION -krb5_padata_add(krb5_context context, METHOD_DATA *md, - int type, void *buf, size_t len) -{ - PA_DATA *pa; - - pa = realloc (md->val, (md->len + 1) * sizeof(*md->val)); - if (pa == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - md->val = pa; - - pa[md->len].padata_type = type; - pa[md->len].padata_value.length = len; - pa[md->len].padata_value.data = buf; - md->len++; - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/parse-name-test.c b/crypto/heimdal/lib/krb5/parse-name-test.c deleted file mode 100644 index 7e6070538904..000000000000 --- a/crypto/heimdal/lib/krb5/parse-name-test.c +++ /dev/null @@ -1,194 +0,0 @@ -/* - * Copyright (c) 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include - -RCSID("$Id: parse-name-test.c 16342 2005-12-02 14:14:43Z lha $"); - -enum { MAX_COMPONENTS = 3 }; - -static struct testcase { - const char *input_string; - const char *output_string; - krb5_realm realm; - unsigned ncomponents; - char *comp_val[MAX_COMPONENTS]; - int realmp; -} tests[] = { - {"", "@", "", 1, {""}, FALSE}, - {"a", "a@", "", 1, {"a"}, FALSE}, - {"\\n", "\\n@", "", 1, {"\n"}, FALSE}, - {"\\ ", "\\ @", "", 1, {" "}, FALSE}, - {"\\t", "\\t@", "", 1, {"\t"}, FALSE}, - {"\\b", "\\b@", "", 1, {"\b"}, FALSE}, - {"\\\\", "\\\\@", "", 1, {"\\"}, FALSE}, - {"\\/", "\\/@", "", 1, {"/"}, FALSE}, - {"\\@", "\\@@", "", 1, {"@"}, FALSE}, - {"@", "@", "", 1, {""}, TRUE}, - {"a/b", "a/b@", "", 2, {"a", "b"}, FALSE}, - {"a/", "a/@", "", 2, {"a", ""}, FALSE}, - {"a\\//\\/", "a\\//\\/@", "", 2, {"a/", "/"}, FALSE}, - {"/a", "/a@", "", 2, {"", "a"}, FALSE}, - {"\\@@\\@", "\\@@\\@", "@", 1, {"@"}, TRUE}, - {"a/b/c", "a/b/c@", "", 3, {"a", "b", "c"}, FALSE}, - {NULL, NULL, "", 0, { NULL }, FALSE}}; - -int KRB5_LIB_FUNCTION -main(int argc, char **argv) -{ - struct testcase *t; - krb5_context context; - krb5_error_code ret; - int val = 0; - - ret = krb5_init_context (&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - /* to enable realm-less principal name above */ - - krb5_set_default_realm(context, ""); - - for (t = tests; t->input_string; ++t) { - krb5_principal princ; - int i, j; - char name_buf[1024]; - char *s; - - ret = krb5_parse_name(context, t->input_string, &princ); - if (ret) - krb5_err (context, 1, ret, "krb5_parse_name %s", - t->input_string); - if (strcmp (t->realm, princ->realm) != 0) { - printf ("wrong realm (\"%s\" should be \"%s\")" - " for \"%s\"\n", - princ->realm, t->realm, - t->input_string); - val = 1; - } - - if (t->ncomponents != princ->name.name_string.len) { - printf ("wrong number of components (%u should be %u)" - " for \"%s\"\n", - princ->name.name_string.len, t->ncomponents, - t->input_string); - val = 1; - } else { - for (i = 0; i < t->ncomponents; ++i) { - if (strcmp(t->comp_val[i], - princ->name.name_string.val[i]) != 0) { - printf ("bad component %d (\"%s\" should be \"%s\")" - " for \"%s\"\n", - i, - princ->name.name_string.val[i], - t->comp_val[i], - t->input_string); - val = 1; - } - } - } - for (j = 0; j < strlen(t->output_string); ++j) { - ret = krb5_unparse_name_fixed(context, princ, - name_buf, j); - if (ret != ERANGE) { - printf ("unparse_name %s with length %d should have failed\n", - t->input_string, j); - val = 1; - break; - } - } - ret = krb5_unparse_name_fixed(context, princ, - name_buf, sizeof(name_buf)); - if (ret) - krb5_err (context, 1, ret, "krb5_unparse_name_fixed"); - - if (strcmp (t->output_string, name_buf) != 0) { - printf ("failed comparing the re-parsed" - " (\"%s\" should be \"%s\")\n", - name_buf, t->output_string); - val = 1; - } - - ret = krb5_unparse_name(context, princ, &s); - if (ret) - krb5_err (context, 1, ret, "krb5_unparse_name"); - - if (strcmp (t->output_string, s) != 0) { - printf ("failed comparing the re-parsed" - " (\"%s\" should be \"%s\"\n", - s, t->output_string); - val = 1; - } - free(s); - - if (!t->realmp) { - for (j = 0; j < strlen(t->input_string); ++j) { - ret = krb5_unparse_name_fixed_short(context, princ, - name_buf, j); - if (ret != ERANGE) { - printf ("unparse_name_short %s with length %d" - " should have failed\n", - t->input_string, j); - val = 1; - break; - } - } - ret = krb5_unparse_name_fixed_short(context, princ, - name_buf, sizeof(name_buf)); - if (ret) - krb5_err (context, 1, ret, "krb5_unparse_name_fixed"); - - if (strcmp (t->input_string, name_buf) != 0) { - printf ("failed comparing the re-parsed" - " (\"%s\" should be \"%s\")\n", - name_buf, t->input_string); - val = 1; - } - - ret = krb5_unparse_name_short(context, princ, &s); - if (ret) - krb5_err (context, 1, ret, "krb5_unparse_name_short"); - - if (strcmp (t->input_string, s) != 0) { - printf ("failed comparing the re-parsed" - " (\"%s\" should be \"%s\"\n", - s, t->input_string); - val = 1; - } - free(s); - } - krb5_free_principal (context, princ); - } - krb5_free_context(context); - return val; -} diff --git a/crypto/heimdal/lib/krb5/pkinit.c b/crypto/heimdal/lib/krb5/pkinit.c deleted file mode 100644 index a0b6a4e07938..000000000000 --- a/crypto/heimdal/lib/krb5/pkinit.c +++ /dev/null @@ -1,2070 +0,0 @@ -/* - * Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: pkinit.c 22433 2008-01-13 14:11:46Z lha $"); - -struct krb5_dh_moduli { - char *name; - unsigned long bits; - heim_integer p; - heim_integer g; - heim_integer q; -}; - -#ifdef PKINIT - -#include -#include -#include -#include -#include -#include -#include -#include - -#include - -#include - -enum { - COMPAT_WIN2K = 1, - COMPAT_IETF = 2 -}; - -struct krb5_pk_identity { - hx509_context hx509ctx; - hx509_verify_ctx verify_ctx; - hx509_certs certs; - hx509_certs anchors; - hx509_certs certpool; - hx509_revoke_ctx revokectx; -}; - -struct krb5_pk_cert { - hx509_cert cert; -}; - -struct krb5_pk_init_ctx_data { - struct krb5_pk_identity *id; - DH *dh; - krb5_data *clientDHNonce; - struct krb5_dh_moduli **m; - hx509_peer_info peer; - int type; - unsigned int require_binding:1; - unsigned int require_eku:1; - unsigned int require_krbtgt_otherName:1; - unsigned int require_hostname_match:1; - unsigned int trustedCertifiers:1; -}; - -static void -_krb5_pk_copy_error(krb5_context context, - hx509_context hx509ctx, - int hxret, - const char *fmt, - ...) - __attribute__ ((format (printf, 4, 5))); - -/* - * - */ - -void KRB5_LIB_FUNCTION -_krb5_pk_cert_free(struct krb5_pk_cert *cert) -{ - if (cert->cert) { - hx509_cert_free(cert->cert); - } - free(cert); -} - -static krb5_error_code -BN_to_integer(krb5_context context, BIGNUM *bn, heim_integer *integer) -{ - integer->length = BN_num_bytes(bn); - integer->data = malloc(integer->length); - if (integer->data == NULL) { - krb5_clear_error_string(context); - return ENOMEM; - } - BN_bn2bin(bn, integer->data); - integer->negative = BN_is_negative(bn); - return 0; -} - -static BIGNUM * -integer_to_BN(krb5_context context, const char *field, const heim_integer *f) -{ - BIGNUM *bn; - - bn = BN_bin2bn((const unsigned char *)f->data, f->length, NULL); - if (bn == NULL) { - krb5_set_error_string(context, "PKINIT: parsing BN failed %s", field); - return NULL; - } - BN_set_negative(bn, f->negative); - return bn; -} - - -static krb5_error_code -_krb5_pk_create_sign(krb5_context context, - const heim_oid *eContentType, - krb5_data *eContent, - struct krb5_pk_identity *id, - hx509_peer_info peer, - krb5_data *sd_data) -{ - hx509_cert cert; - hx509_query *q; - int ret; - - ret = hx509_query_alloc(id->hx509ctx, &q); - if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "Allocate query to find signing certificate"); - return ret; - } - - hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); - hx509_query_match_option(q, HX509_QUERY_OPTION_KU_DIGITALSIGNATURE); - - ret = hx509_certs_find(id->hx509ctx, id->certs, q, &cert); - hx509_query_free(id->hx509ctx, q); - if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "Find certificate to signed CMS data"); - return ret; - } - - ret = hx509_cms_create_signed_1(id->hx509ctx, - 0, - eContentType, - eContent->data, - eContent->length, - NULL, - cert, - peer, - NULL, - id->certs, - sd_data); - if (ret) - _krb5_pk_copy_error(context, id->hx509ctx, ret, "create CMS signedData"); - hx509_cert_free(cert); - - return ret; -} - -static int -cert2epi(hx509_context context, void *ctx, hx509_cert c) -{ - ExternalPrincipalIdentifiers *ids = ctx; - ExternalPrincipalIdentifier id; - hx509_name subject = NULL; - void *p; - int ret; - - memset(&id, 0, sizeof(id)); - - ret = hx509_cert_get_subject(c, &subject); - if (ret) - return ret; - - if (hx509_name_is_null_p(subject) != 0) { - - id.subjectName = calloc(1, sizeof(*id.subjectName)); - if (id.subjectName == NULL) { - hx509_name_free(&subject); - free_ExternalPrincipalIdentifier(&id); - return ENOMEM; - } - - ret = hx509_name_binary(subject, id.subjectName); - if (ret) { - hx509_name_free(&subject); - free_ExternalPrincipalIdentifier(&id); - return ret; - } - } - hx509_name_free(&subject); - - - id.issuerAndSerialNumber = calloc(1, sizeof(*id.issuerAndSerialNumber)); - if (id.issuerAndSerialNumber == NULL) { - free_ExternalPrincipalIdentifier(&id); - return ENOMEM; - } - - { - IssuerAndSerialNumber iasn; - hx509_name issuer; - size_t size; - - memset(&iasn, 0, sizeof(iasn)); - - ret = hx509_cert_get_issuer(c, &issuer); - if (ret) { - free_ExternalPrincipalIdentifier(&id); - return ret; - } - - ret = hx509_name_to_Name(issuer, &iasn.issuer); - hx509_name_free(&issuer); - if (ret) { - free_ExternalPrincipalIdentifier(&id); - return ret; - } - - ret = hx509_cert_get_serialnumber(c, &iasn.serialNumber); - if (ret) { - free_IssuerAndSerialNumber(&iasn); - free_ExternalPrincipalIdentifier(&id); - return ret; - } - - ASN1_MALLOC_ENCODE(IssuerAndSerialNumber, - id.issuerAndSerialNumber->data, - id.issuerAndSerialNumber->length, - &iasn, &size, ret); - free_IssuerAndSerialNumber(&iasn); - if (ret) - return ret; - if (id.issuerAndSerialNumber->length != size) - abort(); - } - - id.subjectKeyIdentifier = NULL; - - p = realloc(ids->val, sizeof(ids->val[0]) * (ids->len + 1)); - if (p == NULL) { - free_ExternalPrincipalIdentifier(&id); - return ENOMEM; - } - - ids->val = p; - ids->val[ids->len] = id; - ids->len++; - - return 0; -} - -static krb5_error_code -build_edi(krb5_context context, - hx509_context hx509ctx, - hx509_certs certs, - ExternalPrincipalIdentifiers *ids) -{ - return hx509_certs_iter(hx509ctx, certs, cert2epi, ids); -} - -static krb5_error_code -build_auth_pack(krb5_context context, - unsigned nonce, - krb5_pk_init_ctx ctx, - DH *dh, - const KDC_REQ_BODY *body, - AuthPack *a) -{ - size_t buf_size, len; - krb5_error_code ret; - void *buf; - krb5_timestamp sec; - int32_t usec; - Checksum checksum; - - krb5_clear_error_string(context); - - memset(&checksum, 0, sizeof(checksum)); - - krb5_us_timeofday(context, &sec, &usec); - a->pkAuthenticator.ctime = sec; - a->pkAuthenticator.nonce = nonce; - - ASN1_MALLOC_ENCODE(KDC_REQ_BODY, buf, buf_size, body, &len, ret); - if (ret) - return ret; - if (buf_size != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - - ret = krb5_create_checksum(context, - NULL, - 0, - CKSUMTYPE_SHA1, - buf, - len, - &checksum); - free(buf); - if (ret) - return ret; - - ALLOC(a->pkAuthenticator.paChecksum, 1); - if (a->pkAuthenticator.paChecksum == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - ret = krb5_data_copy(a->pkAuthenticator.paChecksum, - checksum.checksum.data, checksum.checksum.length); - free_Checksum(&checksum); - if (ret) - return ret; - - if (dh) { - DomainParameters dp; - heim_integer dh_pub_key; - krb5_data dhbuf; - size_t size; - - if (1 /* support_cached_dh */) { - ALLOC(a->clientDHNonce, 1); - if (a->clientDHNonce == NULL) { - krb5_clear_error_string(context); - return ENOMEM; - } - ret = krb5_data_alloc(a->clientDHNonce, 40); - if (a->clientDHNonce == NULL) { - krb5_clear_error_string(context); - return ENOMEM; - } - memset(a->clientDHNonce->data, 0, a->clientDHNonce->length); - ret = krb5_copy_data(context, a->clientDHNonce, - &ctx->clientDHNonce); - if (ret) - return ret; - } - - ALLOC(a->clientPublicValue, 1); - if (a->clientPublicValue == NULL) - return ENOMEM; - ret = der_copy_oid(oid_id_dhpublicnumber(), - &a->clientPublicValue->algorithm.algorithm); - if (ret) - return ret; - - memset(&dp, 0, sizeof(dp)); - - ret = BN_to_integer(context, dh->p, &dp.p); - if (ret) { - free_DomainParameters(&dp); - return ret; - } - ret = BN_to_integer(context, dh->g, &dp.g); - if (ret) { - free_DomainParameters(&dp); - return ret; - } - ret = BN_to_integer(context, dh->q, &dp.q); - if (ret) { - free_DomainParameters(&dp); - return ret; - } - dp.j = NULL; - dp.validationParms = NULL; - - a->clientPublicValue->algorithm.parameters = - malloc(sizeof(*a->clientPublicValue->algorithm.parameters)); - if (a->clientPublicValue->algorithm.parameters == NULL) { - free_DomainParameters(&dp); - return ret; - } - - ASN1_MALLOC_ENCODE(DomainParameters, - a->clientPublicValue->algorithm.parameters->data, - a->clientPublicValue->algorithm.parameters->length, - &dp, &size, ret); - free_DomainParameters(&dp); - if (ret) - return ret; - if (size != a->clientPublicValue->algorithm.parameters->length) - krb5_abortx(context, "Internal ASN1 encoder error"); - - ret = BN_to_integer(context, dh->pub_key, &dh_pub_key); - if (ret) - return ret; - - ASN1_MALLOC_ENCODE(DHPublicKey, dhbuf.data, dhbuf.length, - &dh_pub_key, &size, ret); - der_free_heim_integer(&dh_pub_key); - if (ret) - return ret; - if (size != dhbuf.length) - krb5_abortx(context, "asn1 internal error"); - - a->clientPublicValue->subjectPublicKey.length = dhbuf.length * 8; - a->clientPublicValue->subjectPublicKey.data = dhbuf.data; - } - - { - a->supportedCMSTypes = calloc(1, sizeof(*a->supportedCMSTypes)); - if (a->supportedCMSTypes == NULL) - return ENOMEM; - - ret = hx509_crypto_available(ctx->id->hx509ctx, HX509_SELECT_ALL, NULL, - &a->supportedCMSTypes->val, - &a->supportedCMSTypes->len); - if (ret) - return ret; - } - - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_pk_mk_ContentInfo(krb5_context context, - const krb5_data *buf, - const heim_oid *oid, - struct ContentInfo *content_info) -{ - krb5_error_code ret; - - ret = der_copy_oid(oid, &content_info->contentType); - if (ret) - return ret; - ALLOC(content_info->content, 1); - if (content_info->content == NULL) - return ENOMEM; - content_info->content->data = malloc(buf->length); - if (content_info->content->data == NULL) - return ENOMEM; - memcpy(content_info->content->data, buf->data, buf->length); - content_info->content->length = buf->length; - return 0; -} - -static krb5_error_code -pk_mk_padata(krb5_context context, - krb5_pk_init_ctx ctx, - const KDC_REQ_BODY *req_body, - unsigned nonce, - METHOD_DATA *md) -{ - struct ContentInfo content_info; - krb5_error_code ret; - const heim_oid *oid; - size_t size; - krb5_data buf, sd_buf; - int pa_type; - - krb5_data_zero(&buf); - krb5_data_zero(&sd_buf); - memset(&content_info, 0, sizeof(content_info)); - - if (ctx->type == COMPAT_WIN2K) { - AuthPack_Win2k ap; - krb5_timestamp sec; - int32_t usec; - - memset(&ap, 0, sizeof(ap)); - - /* fill in PKAuthenticator */ - ret = copy_PrincipalName(req_body->sname, &ap.pkAuthenticator.kdcName); - if (ret) { - free_AuthPack_Win2k(&ap); - krb5_clear_error_string(context); - goto out; - } - ret = copy_Realm(&req_body->realm, &ap.pkAuthenticator.kdcRealm); - if (ret) { - free_AuthPack_Win2k(&ap); - krb5_clear_error_string(context); - goto out; - } - - krb5_us_timeofday(context, &sec, &usec); - ap.pkAuthenticator.ctime = sec; - ap.pkAuthenticator.cusec = usec; - ap.pkAuthenticator.nonce = nonce; - - ASN1_MALLOC_ENCODE(AuthPack_Win2k, buf.data, buf.length, - &ap, &size, ret); - free_AuthPack_Win2k(&ap); - if (ret) { - krb5_set_error_string(context, "AuthPack_Win2k: %d", ret); - goto out; - } - if (buf.length != size) - krb5_abortx(context, "internal ASN1 encoder error"); - - oid = oid_id_pkcs7_data(); - } else if (ctx->type == COMPAT_IETF) { - AuthPack ap; - - memset(&ap, 0, sizeof(ap)); - - ret = build_auth_pack(context, nonce, ctx, ctx->dh, req_body, &ap); - if (ret) { - free_AuthPack(&ap); - goto out; - } - - ASN1_MALLOC_ENCODE(AuthPack, buf.data, buf.length, &ap, &size, ret); - free_AuthPack(&ap); - if (ret) { - krb5_set_error_string(context, "AuthPack: %d", ret); - goto out; - } - if (buf.length != size) - krb5_abortx(context, "internal ASN1 encoder error"); - - oid = oid_id_pkauthdata(); - } else - krb5_abortx(context, "internal pkinit error"); - - ret = _krb5_pk_create_sign(context, - oid, - &buf, - ctx->id, - ctx->peer, - &sd_buf); - krb5_data_free(&buf); - if (ret) - goto out; - - ret = hx509_cms_wrap_ContentInfo(oid_id_pkcs7_signedData(), &sd_buf, &buf); - krb5_data_free(&sd_buf); - if (ret) { - krb5_set_error_string(context, - "ContentInfo wrapping of signedData failed"); - goto out; - } - - if (ctx->type == COMPAT_WIN2K) { - PA_PK_AS_REQ_Win2k winreq; - - pa_type = KRB5_PADATA_PK_AS_REQ_WIN; - - memset(&winreq, 0, sizeof(winreq)); - - winreq.signed_auth_pack = buf; - - ASN1_MALLOC_ENCODE(PA_PK_AS_REQ_Win2k, buf.data, buf.length, - &winreq, &size, ret); - free_PA_PK_AS_REQ_Win2k(&winreq); - - } else if (ctx->type == COMPAT_IETF) { - PA_PK_AS_REQ req; - - pa_type = KRB5_PADATA_PK_AS_REQ; - - memset(&req, 0, sizeof(req)); - req.signedAuthPack = buf; - - if (ctx->trustedCertifiers) { - - req.trustedCertifiers = calloc(1, sizeof(*req.trustedCertifiers)); - if (req.trustedCertifiers == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - free_PA_PK_AS_REQ(&req); - goto out; - } - ret = build_edi(context, ctx->id->hx509ctx, - ctx->id->anchors, req.trustedCertifiers); - if (ret) { - krb5_set_error_string(context, "pk-init: failed to build trustedCertifiers"); - free_PA_PK_AS_REQ(&req); - goto out; - } - } - req.kdcPkId = NULL; - - ASN1_MALLOC_ENCODE(PA_PK_AS_REQ, buf.data, buf.length, - &req, &size, ret); - - free_PA_PK_AS_REQ(&req); - - } else - krb5_abortx(context, "internal pkinit error"); - if (ret) { - krb5_set_error_string(context, "PA-PK-AS-REQ %d", ret); - goto out; - } - if (buf.length != size) - krb5_abortx(context, "Internal ASN1 encoder error"); - - ret = krb5_padata_add(context, md, pa_type, buf.data, buf.length); - if (ret) - free(buf.data); - - if (ret == 0 && ctx->type == COMPAT_WIN2K) - krb5_padata_add(context, md, KRB5_PADATA_PK_AS_09_BINDING, NULL, 0); - -out: - free_ContentInfo(&content_info); - - return ret; -} - - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_pk_mk_padata(krb5_context context, - void *c, - const KDC_REQ_BODY *req_body, - unsigned nonce, - METHOD_DATA *md) -{ - krb5_pk_init_ctx ctx = c; - int win2k_compat; - - win2k_compat = krb5_config_get_bool_default(context, NULL, - FALSE, - "realms", - req_body->realm, - "pkinit_win2k", - NULL); - - if (win2k_compat) { - ctx->require_binding = - krb5_config_get_bool_default(context, NULL, - FALSE, - "realms", - req_body->realm, - "pkinit_win2k_require_binding", - NULL); - ctx->type = COMPAT_WIN2K; - } else - ctx->type = COMPAT_IETF; - - ctx->require_eku = - krb5_config_get_bool_default(context, NULL, - TRUE, - "realms", - req_body->realm, - "pkinit_require_eku", - NULL); - ctx->require_krbtgt_otherName = - krb5_config_get_bool_default(context, NULL, - TRUE, - "realms", - req_body->realm, - "pkinit_require_krbtgt_otherName", - NULL); - - ctx->require_hostname_match = - krb5_config_get_bool_default(context, NULL, - FALSE, - "realms", - req_body->realm, - "pkinit_require_hostname_match", - NULL); - - ctx->trustedCertifiers = - krb5_config_get_bool_default(context, NULL, - TRUE, - "realms", - req_body->realm, - "pkinit_trustedCertifiers", - NULL); - - return pk_mk_padata(context, ctx, req_body, nonce, md); -} - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_pk_verify_sign(krb5_context context, - const void *data, - size_t length, - struct krb5_pk_identity *id, - heim_oid *contentType, - krb5_data *content, - struct krb5_pk_cert **signer) -{ - hx509_certs signer_certs; - int ret; - - *signer = NULL; - - ret = hx509_cms_verify_signed(id->hx509ctx, - id->verify_ctx, - data, - length, - NULL, - id->certpool, - contentType, - content, - &signer_certs); - if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "CMS verify signed failed"); - return ret; - } - - *signer = calloc(1, sizeof(**signer)); - if (*signer == NULL) { - krb5_clear_error_string(context); - ret = ENOMEM; - goto out; - } - - ret = hx509_get_one_cert(id->hx509ctx, signer_certs, &(*signer)->cert); - if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "Failed to get on of the signer certs"); - goto out; - } - -out: - hx509_certs_free(&signer_certs); - if (ret) { - if (*signer) { - hx509_cert_free((*signer)->cert); - free(*signer); - *signer = NULL; - } - } - - return ret; -} - -static krb5_error_code -get_reply_key_win(krb5_context context, - const krb5_data *content, - unsigned nonce, - krb5_keyblock **key) -{ - ReplyKeyPack_Win2k key_pack; - krb5_error_code ret; - size_t size; - - ret = decode_ReplyKeyPack_Win2k(content->data, - content->length, - &key_pack, - &size); - if (ret) { - krb5_set_error_string(context, "PKINIT decoding reply key failed"); - free_ReplyKeyPack_Win2k(&key_pack); - return ret; - } - - if (key_pack.nonce != nonce) { - krb5_set_error_string(context, "PKINIT enckey nonce is wrong"); - free_ReplyKeyPack_Win2k(&key_pack); - return KRB5KRB_AP_ERR_MODIFIED; - } - - *key = malloc (sizeof (**key)); - if (*key == NULL) { - krb5_set_error_string(context, "PKINIT failed allocating reply key"); - free_ReplyKeyPack_Win2k(&key_pack); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - ret = copy_EncryptionKey(&key_pack.replyKey, *key); - free_ReplyKeyPack_Win2k(&key_pack); - if (ret) { - krb5_set_error_string(context, "PKINIT failed copying reply key"); - free(*key); - *key = NULL; - } - - return ret; -} - -static krb5_error_code -get_reply_key(krb5_context context, - const krb5_data *content, - const krb5_data *req_buffer, - krb5_keyblock **key) -{ - ReplyKeyPack key_pack; - krb5_error_code ret; - size_t size; - - ret = decode_ReplyKeyPack(content->data, - content->length, - &key_pack, - &size); - if (ret) { - krb5_set_error_string(context, "PKINIT decoding reply key failed"); - free_ReplyKeyPack(&key_pack); - return ret; - } - - { - krb5_crypto crypto; - - /* - * XXX Verify kp.replyKey is a allowed enctype in the - * configuration file - */ - - ret = krb5_crypto_init(context, &key_pack.replyKey, 0, &crypto); - if (ret) { - free_ReplyKeyPack(&key_pack); - return ret; - } - - ret = krb5_verify_checksum(context, crypto, 6, - req_buffer->data, req_buffer->length, - &key_pack.asChecksum); - krb5_crypto_destroy(context, crypto); - if (ret) { - free_ReplyKeyPack(&key_pack); - return ret; - } - } - - *key = malloc (sizeof (**key)); - if (*key == NULL) { - krb5_set_error_string(context, "PKINIT failed allocating reply key"); - free_ReplyKeyPack(&key_pack); - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - ret = copy_EncryptionKey(&key_pack.replyKey, *key); - free_ReplyKeyPack(&key_pack); - if (ret) { - krb5_set_error_string(context, "PKINIT failed copying reply key"); - free(*key); - *key = NULL; - } - - return ret; -} - - -static krb5_error_code -pk_verify_host(krb5_context context, - const char *realm, - const krb5_krbhst_info *hi, - struct krb5_pk_init_ctx_data *ctx, - struct krb5_pk_cert *host) -{ - krb5_error_code ret = 0; - - if (ctx->require_eku) { - ret = hx509_cert_check_eku(ctx->id->hx509ctx, host->cert, - oid_id_pkkdcekuoid(), 0); - if (ret) { - krb5_set_error_string(context, "No PK-INIT KDC EKU in kdc certificate"); - return ret; - } - } - if (ctx->require_krbtgt_otherName) { - hx509_octet_string_list list; - int i; - - ret = hx509_cert_find_subjectAltName_otherName(ctx->id->hx509ctx, - host->cert, - oid_id_pkinit_san(), - &list); - if (ret) { - krb5_set_error_string(context, "Failed to find the PK-INIT " - "subjectAltName in the KDC certificate"); - - return ret; - } - - for (i = 0; i < list.len; i++) { - KRB5PrincipalName r; - - ret = decode_KRB5PrincipalName(list.val[i].data, - list.val[i].length, - &r, - NULL); - if (ret) { - krb5_set_error_string(context, "Failed to decode the PK-INIT " - "subjectAltName in the KDC certificate"); - - break; - } - - if (r.principalName.name_string.len != 2 || - strcmp(r.principalName.name_string.val[0], KRB5_TGS_NAME) != 0 || - strcmp(r.principalName.name_string.val[1], realm) != 0 || - strcmp(r.realm, realm) != 0) - { - krb5_set_error_string(context, "KDC have wrong realm name in " - "the certificate"); - ret = KRB5_KDC_ERR_INVALID_CERTIFICATE; - } - - free_KRB5PrincipalName(&r); - if (ret) - break; - } - hx509_free_octet_string_list(&list); - } - if (ret) - return ret; - - if (hi) { - ret = hx509_verify_hostname(ctx->id->hx509ctx, host->cert, - ctx->require_hostname_match, - HX509_HN_HOSTNAME, - hi->hostname, - hi->ai->ai_addr, hi->ai->ai_addrlen); - - if (ret) - krb5_set_error_string(context, "Address mismatch in " - "the KDC certificate"); - } - return ret; -} - -static krb5_error_code -pk_rd_pa_reply_enckey(krb5_context context, - int type, - const heim_octet_string *indata, - const heim_oid *dataType, - const char *realm, - krb5_pk_init_ctx ctx, - krb5_enctype etype, - const krb5_krbhst_info *hi, - unsigned nonce, - const krb5_data *req_buffer, - PA_DATA *pa, - krb5_keyblock **key) -{ - krb5_error_code ret; - struct krb5_pk_cert *host = NULL; - krb5_data content; - heim_oid contentType = { 0, NULL }; - - if (der_heim_oid_cmp(oid_id_pkcs7_envelopedData(), dataType)) { - krb5_set_error_string(context, "PKINIT: Invalid content type"); - return EINVAL; - } - - ret = hx509_cms_unenvelope(ctx->id->hx509ctx, - ctx->id->certs, - HX509_CMS_UE_DONT_REQUIRE_KU_ENCIPHERMENT, - indata->data, - indata->length, - NULL, - &contentType, - &content); - if (ret) { - _krb5_pk_copy_error(context, ctx->id->hx509ctx, ret, - "Failed to unenvelope CMS data in PK-INIT reply"); - return ret; - } - der_free_oid(&contentType); - -#if 0 /* windows LH with interesting CMS packets, leaks memory */ - { - size_t ph = 1 + der_length_len (length); - unsigned char *ptr = malloc(length + ph); - size_t l; - - memcpy(ptr + ph, p, length); - - ret = der_put_length_and_tag (ptr + ph - 1, ph, length, - ASN1_C_UNIV, CONS, UT_Sequence, &l); - if (ret) - return ret; - ptr += ph - l; - length += l; - p = ptr; - } -#endif - - /* win2k uses ContentInfo */ - if (type == COMPAT_WIN2K) { - heim_oid type; - heim_octet_string out; - - ret = hx509_cms_unwrap_ContentInfo(&content, &type, &out, NULL); - if (der_heim_oid_cmp(&type, oid_id_pkcs7_signedData())) { - ret = EINVAL; /* XXX */ - krb5_set_error_string(context, "PKINIT: Invalid content type"); - der_free_oid(&type); - der_free_octet_string(&out); - goto out; - } - der_free_oid(&type); - krb5_data_free(&content); - ret = krb5_data_copy(&content, out.data, out.length); - der_free_octet_string(&out); - if (ret) { - krb5_set_error_string(context, "PKINIT: out of memory"); - goto out; - } - } - - ret = _krb5_pk_verify_sign(context, - content.data, - content.length, - ctx->id, - &contentType, - &content, - &host); - if (ret) - goto out; - - /* make sure that it is the kdc's certificate */ - ret = pk_verify_host(context, realm, hi, ctx, host); - if (ret) { - goto out; - } - -#if 0 - if (type == COMPAT_WIN2K) { - if (der_heim_oid_cmp(&contentType, oid_id_pkcs7_data()) != 0) { - krb5_set_error_string(context, "PKINIT: reply key, wrong oid"); - ret = KRB5KRB_AP_ERR_MSG_TYPE; - goto out; - } - } else { - if (der_heim_oid_cmp(&contentType, oid_id_pkrkeydata()) != 0) { - krb5_set_error_string(context, "PKINIT: reply key, wrong oid"); - ret = KRB5KRB_AP_ERR_MSG_TYPE; - goto out; - } - } -#endif - - switch(type) { - case COMPAT_WIN2K: - ret = get_reply_key(context, &content, req_buffer, key); - if (ret != 0 && ctx->require_binding == 0) - ret = get_reply_key_win(context, &content, nonce, key); - break; - case COMPAT_IETF: - ret = get_reply_key(context, &content, req_buffer, key); - break; - } - if (ret) - goto out; - - /* XXX compare given etype with key->etype */ - - out: - if (host) - _krb5_pk_cert_free(host); - der_free_oid(&contentType); - krb5_data_free(&content); - - return ret; -} - -static krb5_error_code -pk_rd_pa_reply_dh(krb5_context context, - const heim_octet_string *indata, - const heim_oid *dataType, - const char *realm, - krb5_pk_init_ctx ctx, - krb5_enctype etype, - const krb5_krbhst_info *hi, - const DHNonce *c_n, - const DHNonce *k_n, - unsigned nonce, - PA_DATA *pa, - krb5_keyblock **key) -{ - unsigned char *p, *dh_gen_key = NULL; - struct krb5_pk_cert *host = NULL; - BIGNUM *kdc_dh_pubkey = NULL; - KDCDHKeyInfo kdc_dh_info; - heim_oid contentType = { 0, NULL }; - krb5_data content; - krb5_error_code ret; - int dh_gen_keylen; - size_t size; - - krb5_data_zero(&content); - memset(&kdc_dh_info, 0, sizeof(kdc_dh_info)); - - if (der_heim_oid_cmp(oid_id_pkcs7_signedData(), dataType)) { - krb5_set_error_string(context, "PKINIT: Invalid content type"); - return EINVAL; - } - - ret = _krb5_pk_verify_sign(context, - indata->data, - indata->length, - ctx->id, - &contentType, - &content, - &host); - if (ret) - goto out; - - /* make sure that it is the kdc's certificate */ - ret = pk_verify_host(context, realm, hi, ctx, host); - if (ret) - goto out; - - if (der_heim_oid_cmp(&contentType, oid_id_pkdhkeydata())) { - krb5_set_error_string(context, "pkinit - dh reply contains wrong oid"); - ret = KRB5KRB_AP_ERR_MSG_TYPE; - goto out; - } - - ret = decode_KDCDHKeyInfo(content.data, - content.length, - &kdc_dh_info, - &size); - - if (ret) { - krb5_set_error_string(context, "pkinit - " - "failed to decode KDC DH Key Info"); - goto out; - } - - if (kdc_dh_info.nonce != nonce) { - krb5_set_error_string(context, "PKINIT: DH nonce is wrong"); - ret = KRB5KRB_AP_ERR_MODIFIED; - goto out; - } - - if (kdc_dh_info.dhKeyExpiration) { - if (k_n == NULL) { - krb5_set_error_string(context, "pkinit; got key expiration " - "without server nonce"); - ret = KRB5KRB_ERR_GENERIC; - goto out; - } - if (c_n == NULL) { - krb5_set_error_string(context, "pkinit; got DH reuse but no " - "client nonce"); - ret = KRB5KRB_ERR_GENERIC; - goto out; - } - } else { - if (k_n) { - krb5_set_error_string(context, "pkinit: got server nonce " - "without key expiration"); - ret = KRB5KRB_ERR_GENERIC; - goto out; - } - c_n = NULL; - } - - - p = kdc_dh_info.subjectPublicKey.data; - size = (kdc_dh_info.subjectPublicKey.length + 7) / 8; - - { - DHPublicKey k; - ret = decode_DHPublicKey(p, size, &k, NULL); - if (ret) { - krb5_set_error_string(context, "pkinit: can't decode " - "without key expiration"); - goto out; - } - - kdc_dh_pubkey = integer_to_BN(context, "DHPublicKey", &k); - free_DHPublicKey(&k); - if (kdc_dh_pubkey == NULL) { - ret = KRB5KRB_ERR_GENERIC; - goto out; - } - } - - dh_gen_keylen = DH_size(ctx->dh); - size = BN_num_bytes(ctx->dh->p); - if (size < dh_gen_keylen) - size = dh_gen_keylen; - - dh_gen_key = malloc(size); - if (dh_gen_key == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - memset(dh_gen_key, 0, size - dh_gen_keylen); - - dh_gen_keylen = DH_compute_key(dh_gen_key + (size - dh_gen_keylen), - kdc_dh_pubkey, ctx->dh); - if (dh_gen_keylen == -1) { - krb5_set_error_string(context, - "PKINIT: Can't compute Diffie-Hellman key"); - ret = KRB5KRB_ERR_GENERIC; - goto out; - } - - *key = malloc (sizeof (**key)); - if (*key == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - ret = ENOMEM; - goto out; - } - - ret = _krb5_pk_octetstring2key(context, - etype, - dh_gen_key, dh_gen_keylen, - c_n, k_n, - *key); - if (ret) { - krb5_set_error_string(context, - "PKINIT: can't create key from DH key"); - free(*key); - *key = NULL; - goto out; - } - - out: - if (kdc_dh_pubkey) - BN_free(kdc_dh_pubkey); - if (dh_gen_key) { - memset(dh_gen_key, 0, DH_size(ctx->dh)); - free(dh_gen_key); - } - if (host) - _krb5_pk_cert_free(host); - if (content.data) - krb5_data_free(&content); - der_free_oid(&contentType); - free_KDCDHKeyInfo(&kdc_dh_info); - - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_pk_rd_pa_reply(krb5_context context, - const char *realm, - void *c, - krb5_enctype etype, - const krb5_krbhst_info *hi, - unsigned nonce, - const krb5_data *req_buffer, - PA_DATA *pa, - krb5_keyblock **key) -{ - krb5_pk_init_ctx ctx = c; - krb5_error_code ret; - size_t size; - - /* Check for IETF PK-INIT first */ - if (ctx->type == COMPAT_IETF) { - PA_PK_AS_REP rep; - heim_octet_string os, data; - heim_oid oid; - - if (pa->padata_type != KRB5_PADATA_PK_AS_REP) { - krb5_set_error_string(context, "PKINIT: wrong padata recv"); - return EINVAL; - } - - ret = decode_PA_PK_AS_REP(pa->padata_value.data, - pa->padata_value.length, - &rep, - &size); - if (ret) { - krb5_set_error_string(context, "Failed to decode pkinit AS rep"); - return ret; - } - - switch (rep.element) { - case choice_PA_PK_AS_REP_dhInfo: - os = rep.u.dhInfo.dhSignedData; - break; - case choice_PA_PK_AS_REP_encKeyPack: - os = rep.u.encKeyPack; - break; - default: - free_PA_PK_AS_REP(&rep); - krb5_set_error_string(context, "PKINIT: -27 reply " - "invalid content type"); - return EINVAL; - } - - ret = hx509_cms_unwrap_ContentInfo(&os, &oid, &data, NULL); - if (ret) { - free_PA_PK_AS_REP(&rep); - krb5_set_error_string(context, "PKINIT: failed to unwrap CI"); - return ret; - } - - switch (rep.element) { - case choice_PA_PK_AS_REP_dhInfo: - ret = pk_rd_pa_reply_dh(context, &data, &oid, realm, ctx, etype, hi, - ctx->clientDHNonce, - rep.u.dhInfo.serverDHNonce, - nonce, pa, key); - break; - case choice_PA_PK_AS_REP_encKeyPack: - ret = pk_rd_pa_reply_enckey(context, COMPAT_IETF, &data, &oid, realm, - ctx, etype, hi, nonce, req_buffer, pa, key); - break; - default: - krb5_abortx(context, "pk-init as-rep case not possible to happen"); - } - der_free_octet_string(&data); - der_free_oid(&oid); - free_PA_PK_AS_REP(&rep); - - } else if (ctx->type == COMPAT_WIN2K) { - PA_PK_AS_REP_Win2k w2krep; - - /* Check for Windows encoding of the AS-REP pa data */ - -#if 0 /* should this be ? */ - if (pa->padata_type != KRB5_PADATA_PK_AS_REP) { - krb5_set_error_string(context, "PKINIT: wrong padata recv"); - return EINVAL; - } -#endif - - memset(&w2krep, 0, sizeof(w2krep)); - - ret = decode_PA_PK_AS_REP_Win2k(pa->padata_value.data, - pa->padata_value.length, - &w2krep, - &size); - if (ret) { - krb5_set_error_string(context, "PKINIT: Failed decoding windows " - "pkinit reply %d", ret); - return ret; - } - - krb5_clear_error_string(context); - - switch (w2krep.element) { - case choice_PA_PK_AS_REP_Win2k_encKeyPack: { - heim_octet_string data; - heim_oid oid; - - ret = hx509_cms_unwrap_ContentInfo(&w2krep.u.encKeyPack, - &oid, &data, NULL); - free_PA_PK_AS_REP_Win2k(&w2krep); - if (ret) { - krb5_set_error_string(context, "PKINIT: failed to unwrap CI"); - return ret; - } - - ret = pk_rd_pa_reply_enckey(context, COMPAT_WIN2K, &data, &oid, realm, - ctx, etype, hi, nonce, req_buffer, pa, key); - der_free_octet_string(&data); - der_free_oid(&oid); - - break; - } - default: - free_PA_PK_AS_REP_Win2k(&w2krep); - krb5_set_error_string(context, "PKINIT: win2k reply invalid " - "content type"); - ret = EINVAL; - break; - } - - } else { - krb5_set_error_string(context, "PKINIT: unknown reply type"); - ret = EINVAL; - } - - return ret; -} - -struct prompter { - krb5_context context; - krb5_prompter_fct prompter; - void *prompter_data; -}; - -static int -hx_pass_prompter(void *data, const hx509_prompt *prompter) -{ - krb5_error_code ret; - krb5_prompt prompt; - krb5_data password_data; - struct prompter *p = data; - - password_data.data = prompter->reply.data; - password_data.length = prompter->reply.length; - - prompt.prompt = prompter->prompt; - prompt.hidden = hx509_prompt_hidden(prompter->type); - prompt.reply = &password_data; - - switch (prompter->type) { - case HX509_PROMPT_TYPE_INFO: - prompt.type = KRB5_PROMPT_TYPE_INFO; - break; - case HX509_PROMPT_TYPE_PASSWORD: - case HX509_PROMPT_TYPE_QUESTION: - default: - prompt.type = KRB5_PROMPT_TYPE_PASSWORD; - break; - } - - ret = (*p->prompter)(p->context, p->prompter_data, NULL, NULL, 1, &prompt); - if (ret) { - memset (prompter->reply.data, 0, prompter->reply.length); - return 1; - } - return 0; -} - - -void KRB5_LIB_FUNCTION -_krb5_pk_allow_proxy_certificate(struct krb5_pk_identity *id, - int boolean) -{ - hx509_verify_set_proxy_certificate(id->verify_ctx, boolean); -} - - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_pk_load_id(krb5_context context, - struct krb5_pk_identity **ret_id, - const char *user_id, - const char *anchor_id, - char * const *chain_list, - char * const *revoke_list, - krb5_prompter_fct prompter, - void *prompter_data, - char *password) -{ - struct krb5_pk_identity *id = NULL; - hx509_lock lock = NULL; - struct prompter p; - int ret; - - *ret_id = NULL; - - if (anchor_id == NULL) { - krb5_set_error_string(context, "PKINIT: No anchor given"); - return HEIM_PKINIT_NO_VALID_CA; - } - - if (user_id == NULL) { - krb5_set_error_string(context, - "PKINIT: No user certificate given"); - return HEIM_PKINIT_NO_PRIVATE_KEY; - } - - /* load cert */ - - id = calloc(1, sizeof(*id)); - if (id == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - ret = hx509_context_init(&id->hx509ctx); - if (ret) - goto out; - - ret = hx509_lock_init(id->hx509ctx, &lock); - if (password && password[0]) - hx509_lock_add_password(lock, password); - - if (prompter) { - p.context = context; - p.prompter = prompter; - p.prompter_data = prompter_data; - - ret = hx509_lock_set_prompter(lock, hx_pass_prompter, &p); - if (ret) - goto out; - } - - ret = hx509_certs_init(id->hx509ctx, user_id, 0, lock, &id->certs); - if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "Failed to init cert certs"); - goto out; - } - - ret = hx509_certs_init(id->hx509ctx, anchor_id, 0, NULL, &id->anchors); - if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "Failed to init anchors"); - goto out; - } - - ret = hx509_certs_init(id->hx509ctx, "MEMORY:pkinit-cert-chain", - 0, NULL, &id->certpool); - if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "Failed to init chain"); - goto out; - } - - while (chain_list && *chain_list) { - ret = hx509_certs_append(id->hx509ctx, id->certpool, - NULL, *chain_list); - if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "Failed to laod chain %s", - *chain_list); - goto out; - } - chain_list++; - } - - if (revoke_list) { - ret = hx509_revoke_init(id->hx509ctx, &id->revokectx); - if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "Failed init revoke list"); - goto out; - } - - while (*revoke_list) { - ret = hx509_revoke_add_crl(id->hx509ctx, - id->revokectx, - *revoke_list); - if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "Failed load revoke list"); - goto out; - } - revoke_list++; - } - } else - hx509_context_set_missing_revoke(id->hx509ctx, 1); - - ret = hx509_verify_init_ctx(id->hx509ctx, &id->verify_ctx); - if (ret) { - _krb5_pk_copy_error(context, id->hx509ctx, ret, - "Failed init verify context"); - goto out; - } - - hx509_verify_attach_anchors(id->verify_ctx, id->anchors); - hx509_verify_attach_revoke(id->verify_ctx, id->revokectx); - -out: - if (ret) { - hx509_verify_destroy_ctx(id->verify_ctx); - hx509_certs_free(&id->certs); - hx509_certs_free(&id->anchors); - hx509_certs_free(&id->certpool); - hx509_revoke_free(&id->revokectx); - hx509_context_free(&id->hx509ctx); - free(id); - } else - *ret_id = id; - - hx509_lock_free(lock); - - return ret; -} - -static krb5_error_code -select_dh_group(krb5_context context, DH *dh, unsigned long bits, - struct krb5_dh_moduli **moduli) -{ - const struct krb5_dh_moduli *m; - - if (bits == 0) { - m = moduli[1]; /* XXX */ - if (m == NULL) - m = moduli[0]; /* XXX */ - } else { - int i; - for (i = 0; moduli[i] != NULL; i++) { - if (bits < moduli[i]->bits) - break; - } - if (moduli[i] == NULL) { - krb5_set_error_string(context, - "Did not find a DH group parameter " - "matching requirement of %lu bits", - bits); - return EINVAL; - } - m = moduli[i]; - } - - dh->p = integer_to_BN(context, "p", &m->p); - if (dh->p == NULL) - return ENOMEM; - dh->g = integer_to_BN(context, "g", &m->g); - if (dh->g == NULL) - return ENOMEM; - dh->q = integer_to_BN(context, "q", &m->q); - if (dh->q == NULL) - return ENOMEM; - - return 0; -} - -#endif /* PKINIT */ - -static int -parse_integer(krb5_context context, char **p, const char *file, int lineno, - const char *name, heim_integer *integer) -{ - int ret; - char *p1; - p1 = strsep(p, " \t"); - if (p1 == NULL) { - krb5_set_error_string(context, "moduli file %s missing %s on line %d", - file, name, lineno); - return EINVAL; - } - ret = der_parse_hex_heim_integer(p1, integer); - if (ret) { - krb5_set_error_string(context, "moduli file %s failed parsing %s " - "on line %d", - file, name, lineno); - return ret; - } - - return 0; -} - -krb5_error_code -_krb5_parse_moduli_line(krb5_context context, - const char *file, - int lineno, - char *p, - struct krb5_dh_moduli **m) -{ - struct krb5_dh_moduli *m1; - char *p1; - int ret; - - *m = NULL; - - m1 = calloc(1, sizeof(*m1)); - if (m1 == NULL) { - krb5_set_error_string(context, "malloc - out of memory"); - return ENOMEM; - } - - while (isspace((unsigned char)*p)) - p++; - if (*p == '#') - return 0; - ret = EINVAL; - - p1 = strsep(&p, " \t"); - if (p1 == NULL) { - krb5_set_error_string(context, "moduli file %s missing name " - "on line %d", file, lineno); - goto out; - } - m1->name = strdup(p1); - if (p1 == NULL) { - krb5_set_error_string(context, "malloc - out of memeory"); - ret = ENOMEM; - goto out; - } - - p1 = strsep(&p, " \t"); - if (p1 == NULL) { - krb5_set_error_string(context, "moduli file %s missing bits on line %d", - file, lineno); - goto out; - } - - m1->bits = atoi(p1); - if (m1->bits == 0) { - krb5_set_error_string(context, "moduli file %s have un-parsable " - "bits on line %d", file, lineno); - goto out; - } - - ret = parse_integer(context, &p, file, lineno, "p", &m1->p); - if (ret) - goto out; - ret = parse_integer(context, &p, file, lineno, "g", &m1->g); - if (ret) - goto out; - ret = parse_integer(context, &p, file, lineno, "q", &m1->q); - if (ret) - goto out; - - *m = m1; - - return 0; -out: - free(m1->name); - der_free_heim_integer(&m1->p); - der_free_heim_integer(&m1->g); - der_free_heim_integer(&m1->q); - free(m1); - return ret; -} - -void -_krb5_free_moduli(struct krb5_dh_moduli **moduli) -{ - int i; - for (i = 0; moduli[i] != NULL; i++) { - free(moduli[i]->name); - der_free_heim_integer(&moduli[i]->p); - der_free_heim_integer(&moduli[i]->g); - der_free_heim_integer(&moduli[i]->q); - free(moduli[i]); - } - free(moduli); -} - -static const char *default_moduli_RFC2412_MODP_group2 = - /* name */ - "RFC2412-MODP-group2 " - /* bits */ - "1024 " - /* p */ - "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1" - "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD" - "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245" - "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED" - "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE65381" - "FFFFFFFF" "FFFFFFFF " - /* g */ - "02 " - /* q */ - "7FFFFFFF" "FFFFFFFF" "E487ED51" "10B4611A" "62633145" "C06E0E68" - "94812704" "4533E63A" "0105DF53" "1D89CD91" "28A5043C" "C71A026E" - "F7CA8CD9" "E69D218D" "98158536" "F92F8A1B" "A7F09AB6" "B6A8E122" - "F242DABB" "312F3F63" "7A262174" "D31BF6B5" "85FFAE5B" "7A035BF6" - "F71C35FD" "AD44CFD2" "D74F9208" "BE258FF3" "24943328" "F67329C0" - "FFFFFFFF" "FFFFFFFF"; - -static const char *default_moduli_rfc3526_MODP_group14 = - /* name */ - "rfc3526-MODP-group14 " - /* bits */ - "1760 " - /* p */ - "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1" - "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD" - "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245" - "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED" - "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE45B3D" - "C2007CB8" "A163BF05" "98DA4836" "1C55D39A" "69163FA8" "FD24CF5F" - "83655D23" "DCA3AD96" "1C62F356" "208552BB" "9ED52907" "7096966D" - "670C354E" "4ABC9804" "F1746C08" "CA18217C" "32905E46" "2E36CE3B" - "E39E772C" "180E8603" "9B2783A2" "EC07A28F" "B5C55DF0" "6F4C52C9" - "DE2BCBF6" "95581718" "3995497C" "EA956AE5" "15D22618" "98FA0510" - "15728E5A" "8AACAA68" "FFFFFFFF" "FFFFFFFF " - /* g */ - "02 " - /* q */ - "7FFFFFFF" "FFFFFFFF" "E487ED51" "10B4611A" "62633145" "C06E0E68" - "94812704" "4533E63A" "0105DF53" "1D89CD91" "28A5043C" "C71A026E" - "F7CA8CD9" "E69D218D" "98158536" "F92F8A1B" "A7F09AB6" "B6A8E122" - "F242DABB" "312F3F63" "7A262174" "D31BF6B5" "85FFAE5B" "7A035BF6" - "F71C35FD" "AD44CFD2" "D74F9208" "BE258FF3" "24943328" "F6722D9E" - "E1003E5C" "50B1DF82" "CC6D241B" "0E2AE9CD" "348B1FD4" "7E9267AF" - "C1B2AE91" "EE51D6CB" "0E3179AB" "1042A95D" "CF6A9483" "B84B4B36" - "B3861AA7" "255E4C02" "78BA3604" "650C10BE" "19482F23" "171B671D" - "F1CF3B96" "0C074301" "CD93C1D1" "7603D147" "DAE2AEF8" "37A62964" - "EF15E5FB" "4AAC0B8C" "1CCAA4BE" "754AB572" "8AE9130C" "4C7D0288" - "0AB9472D" "45565534" "7FFFFFFF" "FFFFFFFF"; - -krb5_error_code -_krb5_parse_moduli(krb5_context context, const char *file, - struct krb5_dh_moduli ***moduli) -{ - /* name bits P G Q */ - krb5_error_code ret; - struct krb5_dh_moduli **m = NULL, **m2; - char buf[4096]; - FILE *f; - int lineno = 0, n = 0; - - *moduli = NULL; - - m = calloc(1, sizeof(m[0]) * 3); - if (m == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - - strlcpy(buf, default_moduli_rfc3526_MODP_group14, sizeof(buf)); - ret = _krb5_parse_moduli_line(context, "builtin", 1, buf, &m[0]); - if (ret) { - _krb5_free_moduli(m); - return ret; - } - n++; - - strlcpy(buf, default_moduli_RFC2412_MODP_group2, sizeof(buf)); - ret = _krb5_parse_moduli_line(context, "builtin", 1, buf, &m[1]); - if (ret) { - _krb5_free_moduli(m); - return ret; - } - n++; - - - if (file == NULL) - file = MODULI_FILE; - - f = fopen(file, "r"); - if (f == NULL) { - *moduli = m; - return 0; - } - - while(fgets(buf, sizeof(buf), f) != NULL) { - struct krb5_dh_moduli *element; - - buf[strcspn(buf, "\n")] = '\0'; - lineno++; - - m2 = realloc(m, (n + 2) * sizeof(m[0])); - if (m2 == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - _krb5_free_moduli(m); - return ENOMEM; - } - m = m2; - - m[n] = NULL; - - ret = _krb5_parse_moduli_line(context, file, lineno, buf, &element); - if (ret) { - _krb5_free_moduli(m); - return ret; - } - if (element == NULL) - continue; - - m[n] = element; - m[n + 1] = NULL; - n++; - } - *moduli = m; - return 0; -} - -krb5_error_code -_krb5_dh_group_ok(krb5_context context, unsigned long bits, - heim_integer *p, heim_integer *g, heim_integer *q, - struct krb5_dh_moduli **moduli, - char **name) -{ - int i; - - if (name) - *name = NULL; - - for (i = 0; moduli[i] != NULL; i++) { - if (der_heim_integer_cmp(&moduli[i]->g, g) == 0 && - der_heim_integer_cmp(&moduli[i]->p, p) == 0 && - (q == NULL || der_heim_integer_cmp(&moduli[i]->q, q) == 0)) - { - if (bits && bits > moduli[i]->bits) { - krb5_set_error_string(context, "PKINIT: DH group parameter %s " - "no accepted, not enough bits generated", - moduli[i]->name); - return KRB5_KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED; - } - if (name) - *name = strdup(moduli[i]->name); - return 0; - } - } - krb5_set_error_string(context, "PKINIT: DH group parameter no ok"); - return KRB5_KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED; -} - -void KRB5_LIB_FUNCTION -_krb5_get_init_creds_opt_free_pkinit(krb5_get_init_creds_opt *opt) -{ -#ifdef PKINIT - krb5_pk_init_ctx ctx; - - if (opt->opt_private == NULL || opt->opt_private->pk_init_ctx == NULL) - return; - ctx = opt->opt_private->pk_init_ctx; - if (ctx->dh) - DH_free(ctx->dh); - ctx->dh = NULL; - if (ctx->id) { - hx509_verify_destroy_ctx(ctx->id->verify_ctx); - hx509_certs_free(&ctx->id->certs); - hx509_certs_free(&ctx->id->anchors); - hx509_certs_free(&ctx->id->certpool); - hx509_context_free(&ctx->id->hx509ctx); - - if (ctx->clientDHNonce) { - krb5_free_data(NULL, ctx->clientDHNonce); - ctx->clientDHNonce = NULL; - } - if (ctx->m) - _krb5_free_moduli(ctx->m); - free(ctx->id); - ctx->id = NULL; - } - free(opt->opt_private->pk_init_ctx); - opt->opt_private->pk_init_ctx = NULL; -#endif -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_init_creds_opt_set_pkinit(krb5_context context, - krb5_get_init_creds_opt *opt, - krb5_principal principal, - const char *user_id, - const char *x509_anchors, - char * const * pool, - char * const * pki_revoke, - int flags, - krb5_prompter_fct prompter, - void *prompter_data, - char *password) -{ -#ifdef PKINIT - krb5_error_code ret; - char *anchors = NULL; - - if (opt->opt_private == NULL) { - krb5_set_error_string(context, "PKINIT: on non extendable opt"); - return EINVAL; - } - - opt->opt_private->pk_init_ctx = - calloc(1, sizeof(*opt->opt_private->pk_init_ctx)); - if (opt->opt_private->pk_init_ctx == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - opt->opt_private->pk_init_ctx->dh = NULL; - opt->opt_private->pk_init_ctx->id = NULL; - opt->opt_private->pk_init_ctx->clientDHNonce = NULL; - opt->opt_private->pk_init_ctx->require_binding = 0; - opt->opt_private->pk_init_ctx->require_eku = 1; - opt->opt_private->pk_init_ctx->require_krbtgt_otherName = 1; - opt->opt_private->pk_init_ctx->peer = NULL; - - /* XXX implement krb5_appdefault_strings */ - if (pool == NULL) - pool = krb5_config_get_strings(context, NULL, - "appdefaults", - "pkinit_pool", - NULL); - - if (pki_revoke == NULL) - pki_revoke = krb5_config_get_strings(context, NULL, - "appdefaults", - "pkinit_revoke", - NULL); - - if (x509_anchors == NULL) { - krb5_appdefault_string(context, "kinit", - krb5_principal_get_realm(context, principal), - "pkinit_anchors", NULL, &anchors); - x509_anchors = anchors; - } - - ret = _krb5_pk_load_id(context, - &opt->opt_private->pk_init_ctx->id, - user_id, - x509_anchors, - pool, - pki_revoke, - prompter, - prompter_data, - password); - if (ret) { - free(opt->opt_private->pk_init_ctx); - opt->opt_private->pk_init_ctx = NULL; - return ret; - } - - if ((flags & 2) == 0) { - const char *moduli_file; - unsigned long dh_min_bits; - - moduli_file = krb5_config_get_string(context, NULL, - "libdefaults", - "moduli", - NULL); - - dh_min_bits = - krb5_config_get_int_default(context, NULL, 0, - "libdefaults", - "pkinit_dh_min_bits", - NULL); - - ret = _krb5_parse_moduli(context, moduli_file, - &opt->opt_private->pk_init_ctx->m); - if (ret) { - _krb5_get_init_creds_opt_free_pkinit(opt); - return ret; - } - - opt->opt_private->pk_init_ctx->dh = DH_new(); - if (opt->opt_private->pk_init_ctx->dh == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - _krb5_get_init_creds_opt_free_pkinit(opt); - return ENOMEM; - } - - ret = select_dh_group(context, opt->opt_private->pk_init_ctx->dh, - dh_min_bits, - opt->opt_private->pk_init_ctx->m); - if (ret) { - _krb5_get_init_creds_opt_free_pkinit(opt); - return ret; - } - - if (DH_generate_key(opt->opt_private->pk_init_ctx->dh) != 1) { - krb5_set_error_string(context, "pkinit: failed to generate DH key"); - _krb5_get_init_creds_opt_free_pkinit(opt); - return ENOMEM; - } - } - - return 0; -#else - krb5_set_error_string(context, "no support for PKINIT compiled in"); - return EINVAL; -#endif -} - -/* - * - */ - -static void -_krb5_pk_copy_error(krb5_context context, - hx509_context hx509ctx, - int hxret, - const char *fmt, - ...) -{ - va_list va; - char *s, *f; - - va_start(va, fmt); - vasprintf(&f, fmt, va); - va_end(va); - if (f == NULL) { - krb5_clear_error_string(context); - return; - } - - s = hx509_get_error_string(hx509ctx, hxret); - if (s == NULL) { - krb5_clear_error_string(context); - free(f); - return; - } - krb5_set_error_string(context, "%s: %s", f, s); - free(s); - free(f); -} diff --git a/crypto/heimdal/lib/krb5/plugin.c b/crypto/heimdal/lib/krb5/plugin.c deleted file mode 100644 index bae28496aaf8..000000000000 --- a/crypto/heimdal/lib/krb5/plugin.c +++ /dev/null @@ -1,264 +0,0 @@ -/* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -RCSID("$Id: plugin.c 22033 2007-11-10 10:39:47Z lha $"); -#ifdef HAVE_DLFCN_H -#include -#endif -#include - -struct krb5_plugin { - void *symbol; - void *dsohandle; - struct krb5_plugin *next; -}; - -struct plugin { - enum krb5_plugin_type type; - void *name; - void *symbol; - struct plugin *next; -}; - -static HEIMDAL_MUTEX plugin_mutex = HEIMDAL_MUTEX_INITIALIZER; -static struct plugin *registered = NULL; - -static const char *plugin_dir = LIBDIR "/plugin/krb5"; - -/* - * - */ - -void * -_krb5_plugin_get_symbol(struct krb5_plugin *p) -{ - return p->symbol; -} - -struct krb5_plugin * -_krb5_plugin_get_next(struct krb5_plugin *p) -{ - return p->next; -} - -/* - * - */ - -#ifdef HAVE_DLOPEN - -static krb5_error_code -loadlib(krb5_context context, - enum krb5_plugin_type type, - const char *name, - const char *lib, - struct krb5_plugin **e) -{ - *e = calloc(1, sizeof(**e)); - if (*e == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - -#ifndef RTLD_LAZY -#define RTLD_LAZY 0 -#endif - - (*e)->dsohandle = dlopen(lib, RTLD_LAZY); - if ((*e)->dsohandle == NULL) { - free(*e); - *e = NULL; - krb5_set_error_string(context, "Failed to load %s: %s", - lib, dlerror()); - return ENOMEM; - } - - /* dlsym doesn't care about the type */ - (*e)->symbol = dlsym((*e)->dsohandle, name); - if ((*e)->symbol == NULL) { - dlclose((*e)->dsohandle); - free(*e); - krb5_clear_error_string(context); - return ENOMEM; - } - - return 0; -} -#endif /* HAVE_DLOPEN */ - -/** - * Register a plugin symbol name of specific type. - * @param context a Keberos context - * @param type type of plugin symbol - * @param name name of plugin symbol - * @param symbol a pointer to the named symbol - * @return In case of error a non zero error com_err error is returned - * and the Kerberos error string is set. - * - * @ingroup krb5_support - */ - -krb5_error_code -krb5_plugin_register(krb5_context context, - enum krb5_plugin_type type, - const char *name, - void *symbol) -{ - struct plugin *e; - - e = calloc(1, sizeof(*e)); - if (e == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - e->type = type; - e->name = strdup(name); - if (e->name == NULL) { - free(e); - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - e->symbol = symbol; - - HEIMDAL_MUTEX_lock(&plugin_mutex); - e->next = registered; - registered = e; - HEIMDAL_MUTEX_unlock(&plugin_mutex); - - return 0; -} - -krb5_error_code -_krb5_plugin_find(krb5_context context, - enum krb5_plugin_type type, - const char *name, - struct krb5_plugin **list) -{ - struct krb5_plugin *e; - struct plugin *p; - krb5_error_code ret; - char *sysdirs[2] = { NULL, NULL }; - char **dirs = NULL, **di; - struct dirent *entry; - char *path; - DIR *d = NULL; - - *list = NULL; - - HEIMDAL_MUTEX_lock(&plugin_mutex); - - for (p = registered; p != NULL; p = p->next) { - if (p->type != type || strcmp(p->name, name) != 0) - continue; - - e = calloc(1, sizeof(*e)); - if (e == NULL) { - HEIMDAL_MUTEX_unlock(&plugin_mutex); - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - goto out; - } - e->symbol = p->symbol; - e->dsohandle = NULL; - e->next = *list; - *list = e; - } - HEIMDAL_MUTEX_unlock(&plugin_mutex); - -#ifdef HAVE_DLOPEN - - dirs = krb5_config_get_strings(context, NULL, "libdefaults", - "plugin_dir", NULL); - if (dirs == NULL) { - sysdirs[0] = rk_UNCONST(plugin_dir); - dirs = sysdirs; - } - - for (di = dirs; *di != NULL; di++) { - - d = opendir(*di); - if (d == NULL) - continue; - - while ((entry = readdir(d)) != NULL) { - asprintf(&path, "%s/%s", *di, entry->d_name); - if (path == NULL) { - krb5_set_error_string(context, "out of memory"); - ret = ENOMEM; - goto out; - } - ret = loadlib(context, type, name, path, &e); - free(path); - if (ret) - continue; - - e->next = *list; - *list = e; - } - closedir(d); - } - if (dirs != sysdirs) - krb5_config_free_strings(dirs); -#endif /* HAVE_DLOPEN */ - - if (*list == NULL) { - krb5_set_error_string(context, "Did not find a plugin for %s", name); - return ENOENT; - } - - return 0; - -out: - if (dirs && dirs != sysdirs) - krb5_config_free_strings(dirs); - if (d) - closedir(d); - _krb5_plugin_free(*list); - *list = NULL; - - return ret; -} - -void -_krb5_plugin_free(struct krb5_plugin *list) -{ - struct krb5_plugin *next; - while (list) { - next = list->next; - if (list->dsohandle) - dlclose(list->dsohandle); - free(list); - list = next; - } -} diff --git a/crypto/heimdal/lib/krb5/principal.c b/crypto/heimdal/lib/krb5/principal.c deleted file mode 100644 index 8d9c8805415a..000000000000 --- a/crypto/heimdal/lib/krb5/principal.c +++ /dev/null @@ -1,1254 +0,0 @@ -/* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -#ifdef HAVE_RES_SEARCH -#define USE_RESOLVER -#endif -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#include -#include "resolve.h" - -RCSID("$Id: principal.c 21741 2007-07-31 16:00:37Z lha $"); - -#define princ_num_comp(P) ((P)->name.name_string.len) -#define princ_type(P) ((P)->name.name_type) -#define princ_comp(P) ((P)->name.name_string.val) -#define princ_ncomp(P, N) ((P)->name.name_string.val[(N)]) -#define princ_realm(P) ((P)->realm) - -void KRB5_LIB_FUNCTION -krb5_free_principal(krb5_context context, - krb5_principal p) -{ - if(p){ - free_Principal(p); - free(p); - } -} - -void KRB5_LIB_FUNCTION -krb5_principal_set_type(krb5_context context, - krb5_principal principal, - int type) -{ - princ_type(principal) = type; -} - -int KRB5_LIB_FUNCTION -krb5_principal_get_type(krb5_context context, - krb5_const_principal principal) -{ - return princ_type(principal); -} - -const char* KRB5_LIB_FUNCTION -krb5_principal_get_realm(krb5_context context, - krb5_const_principal principal) -{ - return princ_realm(principal); -} - -const char* KRB5_LIB_FUNCTION -krb5_principal_get_comp_string(krb5_context context, - krb5_const_principal principal, - unsigned int component) -{ - if(component >= princ_num_comp(principal)) - return NULL; - return princ_ncomp(principal, component); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_parse_name_flags(krb5_context context, - const char *name, - int flags, - krb5_principal *principal) -{ - krb5_error_code ret; - heim_general_string *comp; - heim_general_string realm = NULL; - int ncomp; - - const char *p; - char *q; - char *s; - char *start; - - int n; - char c; - int got_realm = 0; - int first_at = 1; - int enterprise = (flags & KRB5_PRINCIPAL_PARSE_ENTERPRISE); - - *principal = NULL; - -#define RFLAGS (KRB5_PRINCIPAL_PARSE_NO_REALM|KRB5_PRINCIPAL_PARSE_MUST_REALM) - - if ((flags & RFLAGS) == RFLAGS) { - krb5_set_error_string(context, "Can't require both realm and " - "no realm at the same time"); - return KRB5_ERR_NO_SERVICE; - } -#undef RFLAGS - - /* count number of component, - * enterprise names only have one component - */ - ncomp = 1; - if (!enterprise) { - for(p = name; *p; p++){ - if(*p=='\\'){ - if(!p[1]) { - krb5_set_error_string (context, - "trailing \\ in principal name"); - return KRB5_PARSE_MALFORMED; - } - p++; - } else if(*p == '/') - ncomp++; - else if(*p == '@') - break; - } - } - comp = calloc(ncomp, sizeof(*comp)); - if (comp == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - - n = 0; - p = start = q = s = strdup(name); - if (start == NULL) { - free (comp); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - while(*p){ - c = *p++; - if(c == '\\'){ - c = *p++; - if(c == 'n') - c = '\n'; - else if(c == 't') - c = '\t'; - else if(c == 'b') - c = '\b'; - else if(c == '0') - c = '\0'; - else if(c == '\0') { - krb5_set_error_string (context, - "trailing \\ in principal name"); - ret = KRB5_PARSE_MALFORMED; - goto exit; - } - }else if(enterprise && first_at) { - if (c == '@') - first_at = 0; - }else if((c == '/' && !enterprise) || c == '@'){ - if(got_realm){ - krb5_set_error_string (context, - "part after realm in principal name"); - ret = KRB5_PARSE_MALFORMED; - goto exit; - }else{ - comp[n] = malloc(q - start + 1); - if (comp[n] == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - ret = ENOMEM; - goto exit; - } - memcpy(comp[n], start, q - start); - comp[n][q - start] = 0; - n++; - } - if(c == '@') - got_realm = 1; - start = q; - continue; - } - if(got_realm && (c == ':' || c == '/' || c == '\0')) { - krb5_set_error_string (context, - "part after realm in principal name"); - ret = KRB5_PARSE_MALFORMED; - goto exit; - } - *q++ = c; - } - if(got_realm){ - if (flags & KRB5_PRINCIPAL_PARSE_NO_REALM) { - krb5_set_error_string (context, "realm found in 'short' principal " - "expected to be without one"); - ret = KRB5_PARSE_MALFORMED; - goto exit; - } - realm = malloc(q - start + 1); - if (realm == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - ret = ENOMEM; - goto exit; - } - memcpy(realm, start, q - start); - realm[q - start] = 0; - }else{ - if (flags & KRB5_PRINCIPAL_PARSE_MUST_REALM) { - krb5_set_error_string (context, "realm NOT found in principal " - "expected to be with one"); - ret = KRB5_PARSE_MALFORMED; - goto exit; - } else if (flags & KRB5_PRINCIPAL_PARSE_NO_REALM) { - realm = NULL; - } else { - ret = krb5_get_default_realm (context, &realm); - if (ret) - goto exit; - } - - comp[n] = malloc(q - start + 1); - if (comp[n] == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - ret = ENOMEM; - goto exit; - } - memcpy(comp[n], start, q - start); - comp[n][q - start] = 0; - n++; - } - *principal = malloc(sizeof(**principal)); - if (*principal == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - ret = ENOMEM; - goto exit; - } - if (enterprise) - (*principal)->name.name_type = KRB5_NT_ENTERPRISE_PRINCIPAL; - else - (*principal)->name.name_type = KRB5_NT_PRINCIPAL; - (*principal)->name.name_string.val = comp; - princ_num_comp(*principal) = n; - (*principal)->realm = realm; - free(s); - return 0; -exit: - while(n>0){ - free(comp[--n]); - } - free(comp); - free(realm); - free(s); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_parse_name(krb5_context context, - const char *name, - krb5_principal *principal) -{ - return krb5_parse_name_flags(context, name, 0, principal); -} - -static const char quotable_chars[] = " \n\t\b\\/@"; -static const char replace_chars[] = " ntb\\/@"; -static const char nq_chars[] = " \\/@"; - -#define add_char(BASE, INDEX, LEN, C) do { if((INDEX) < (LEN)) (BASE)[(INDEX)++] = (C); }while(0); - -static size_t -quote_string(const char *s, char *out, size_t idx, size_t len, int display) -{ - const char *p, *q; - for(p = s; *p && idx < len; p++){ - q = strchr(quotable_chars, *p); - if (q && display) { - add_char(out, idx, len, replace_chars[q - quotable_chars]); - } else if (q) { - add_char(out, idx, len, '\\'); - add_char(out, idx, len, replace_chars[q - quotable_chars]); - }else - add_char(out, idx, len, *p); - } - if(idx < len) - out[idx] = '\0'; - return idx; -} - - -static krb5_error_code -unparse_name_fixed(krb5_context context, - krb5_const_principal principal, - char *name, - size_t len, - int flags) -{ - size_t idx = 0; - int i; - int short_form = (flags & KRB5_PRINCIPAL_UNPARSE_SHORT) != 0; - int no_realm = (flags & KRB5_PRINCIPAL_UNPARSE_NO_REALM) != 0; - int display = (flags & KRB5_PRINCIPAL_UNPARSE_DISPLAY) != 0; - - if (!no_realm && princ_realm(principal) == NULL) { - krb5_set_error_string(context, "Realm missing from principal, " - "can't unparse"); - return ERANGE; - } - - for(i = 0; i < princ_num_comp(principal); i++){ - if(i) - add_char(name, idx, len, '/'); - idx = quote_string(princ_ncomp(principal, i), name, idx, len, display); - if(idx == len) { - krb5_set_error_string(context, "Out of space printing principal"); - return ERANGE; - } - } - /* add realm if different from default realm */ - if(short_form && !no_realm) { - krb5_realm r; - krb5_error_code ret; - ret = krb5_get_default_realm(context, &r); - if(ret) - return ret; - if(strcmp(princ_realm(principal), r) != 0) - short_form = 0; - free(r); - } - if(!short_form && !no_realm) { - add_char(name, idx, len, '@'); - idx = quote_string(princ_realm(principal), name, idx, len, display); - if(idx == len) { - krb5_set_error_string(context, - "Out of space printing realm of principal"); - return ERANGE; - } - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_unparse_name_fixed(krb5_context context, - krb5_const_principal principal, - char *name, - size_t len) -{ - return unparse_name_fixed(context, principal, name, len, 0); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_unparse_name_fixed_short(krb5_context context, - krb5_const_principal principal, - char *name, - size_t len) -{ - return unparse_name_fixed(context, principal, name, len, - KRB5_PRINCIPAL_UNPARSE_SHORT); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_unparse_name_fixed_flags(krb5_context context, - krb5_const_principal principal, - int flags, - char *name, - size_t len) -{ - return unparse_name_fixed(context, principal, name, len, flags); -} - -static krb5_error_code -unparse_name(krb5_context context, - krb5_const_principal principal, - char **name, - int flags) -{ - size_t len = 0, plen; - int i; - krb5_error_code ret; - /* count length */ - if (princ_realm(principal)) { - plen = strlen(princ_realm(principal)); - - if(strcspn(princ_realm(principal), quotable_chars) == plen) - len += plen; - else - len += 2*plen; - len++; /* '@' */ - } - for(i = 0; i < princ_num_comp(principal); i++){ - plen = strlen(princ_ncomp(principal, i)); - if(strcspn(princ_ncomp(principal, i), quotable_chars) == plen) - len += plen; - else - len += 2*plen; - len++; - } - len++; /* '\0' */ - *name = malloc(len); - if(*name == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - ret = unparse_name_fixed(context, principal, *name, len, flags); - if(ret) { - free(*name); - *name = NULL; - } - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_unparse_name(krb5_context context, - krb5_const_principal principal, - char **name) -{ - return unparse_name(context, principal, name, 0); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_unparse_name_flags(krb5_context context, - krb5_const_principal principal, - int flags, - char **name) -{ - return unparse_name(context, principal, name, flags); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_unparse_name_short(krb5_context context, - krb5_const_principal principal, - char **name) -{ - return unparse_name(context, principal, name, KRB5_PRINCIPAL_UNPARSE_SHORT); -} - -#if 0 /* not implemented */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_unparse_name_ext(krb5_context context, - krb5_const_principal principal, - char **name, - size_t *size) -{ - krb5_abortx(context, "unimplemented krb5_unparse_name_ext called"); -} - -#endif - -krb5_realm * KRB5_LIB_FUNCTION -krb5_princ_realm(krb5_context context, - krb5_principal principal) -{ - return &princ_realm(principal); -} - - -void KRB5_LIB_FUNCTION -krb5_princ_set_realm(krb5_context context, - krb5_principal principal, - krb5_realm *realm) -{ - princ_realm(principal) = *realm; -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_build_principal(krb5_context context, - krb5_principal *principal, - int rlen, - krb5_const_realm realm, - ...) -{ - krb5_error_code ret; - va_list ap; - va_start(ap, realm); - ret = krb5_build_principal_va(context, principal, rlen, realm, ap); - va_end(ap); - return ret; -} - -static krb5_error_code -append_component(krb5_context context, krb5_principal p, - const char *comp, - size_t comp_len) -{ - heim_general_string *tmp; - size_t len = princ_num_comp(p); - - tmp = realloc(princ_comp(p), (len + 1) * sizeof(*tmp)); - if(tmp == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - princ_comp(p) = tmp; - princ_ncomp(p, len) = malloc(comp_len + 1); - if (princ_ncomp(p, len) == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - memcpy (princ_ncomp(p, len), comp, comp_len); - princ_ncomp(p, len)[comp_len] = '\0'; - princ_num_comp(p)++; - return 0; -} - -static void -va_ext_princ(krb5_context context, krb5_principal p, va_list ap) -{ - while(1){ - const char *s; - int len; - len = va_arg(ap, int); - if(len == 0) - break; - s = va_arg(ap, const char*); - append_component(context, p, s, len); - } -} - -static void -va_princ(krb5_context context, krb5_principal p, va_list ap) -{ - while(1){ - const char *s; - s = va_arg(ap, const char*); - if(s == NULL) - break; - append_component(context, p, s, strlen(s)); - } -} - - -static krb5_error_code -build_principal(krb5_context context, - krb5_principal *principal, - int rlen, - krb5_const_realm realm, - void (*func)(krb5_context, krb5_principal, va_list), - va_list ap) -{ - krb5_principal p; - - p = calloc(1, sizeof(*p)); - if (p == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - princ_type(p) = KRB5_NT_PRINCIPAL; - - princ_realm(p) = strdup(realm); - if(p->realm == NULL){ - free(p); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - - (*func)(context, p, ap); - *principal = p; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_make_principal(krb5_context context, - krb5_principal *principal, - krb5_const_realm realm, - ...) -{ - krb5_error_code ret; - krb5_realm r = NULL; - va_list ap; - if(realm == NULL) { - ret = krb5_get_default_realm(context, &r); - if(ret) - return ret; - realm = r; - } - va_start(ap, realm); - ret = krb5_build_principal_va(context, principal, strlen(realm), realm, ap); - va_end(ap); - if(r) - free(r); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_build_principal_va(krb5_context context, - krb5_principal *principal, - int rlen, - krb5_const_realm realm, - va_list ap) -{ - return build_principal(context, principal, rlen, realm, va_princ, ap); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_build_principal_va_ext(krb5_context context, - krb5_principal *principal, - int rlen, - krb5_const_realm realm, - va_list ap) -{ - return build_principal(context, principal, rlen, realm, va_ext_princ, ap); -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_build_principal_ext(krb5_context context, - krb5_principal *principal, - int rlen, - krb5_const_realm realm, - ...) -{ - krb5_error_code ret; - va_list ap; - va_start(ap, realm); - ret = krb5_build_principal_va_ext(context, principal, rlen, realm, ap); - va_end(ap); - return ret; -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_principal(krb5_context context, - krb5_const_principal inprinc, - krb5_principal *outprinc) -{ - krb5_principal p = malloc(sizeof(*p)); - if (p == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - if(copy_Principal(inprinc, p)) { - free(p); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - *outprinc = p; - return 0; -} - -/* - * return TRUE iff princ1 == princ2 (without considering the realm) - */ - -krb5_boolean KRB5_LIB_FUNCTION -krb5_principal_compare_any_realm(krb5_context context, - krb5_const_principal princ1, - krb5_const_principal princ2) -{ - int i; - if(princ_num_comp(princ1) != princ_num_comp(princ2)) - return FALSE; - for(i = 0; i < princ_num_comp(princ1); i++){ - if(strcmp(princ_ncomp(princ1, i), princ_ncomp(princ2, i)) != 0) - return FALSE; - } - return TRUE; -} - -/* - * return TRUE iff princ1 == princ2 - */ - -krb5_boolean KRB5_LIB_FUNCTION -krb5_principal_compare(krb5_context context, - krb5_const_principal princ1, - krb5_const_principal princ2) -{ - if(!krb5_realm_compare(context, princ1, princ2)) - return FALSE; - return krb5_principal_compare_any_realm(context, princ1, princ2); -} - -/* - * return TRUE iff realm(princ1) == realm(princ2) - */ - -krb5_boolean KRB5_LIB_FUNCTION -krb5_realm_compare(krb5_context context, - krb5_const_principal princ1, - krb5_const_principal princ2) -{ - return strcmp(princ_realm(princ1), princ_realm(princ2)) == 0; -} - -/* - * return TRUE iff princ matches pattern - */ - -krb5_boolean KRB5_LIB_FUNCTION -krb5_principal_match(krb5_context context, - krb5_const_principal princ, - krb5_const_principal pattern) -{ - int i; - if(princ_num_comp(princ) != princ_num_comp(pattern)) - return FALSE; - if(fnmatch(princ_realm(pattern), princ_realm(princ), 0) != 0) - return FALSE; - for(i = 0; i < princ_num_comp(princ); i++){ - if(fnmatch(princ_ncomp(pattern, i), princ_ncomp(princ, i), 0) != 0) - return FALSE; - } - return TRUE; -} - - -static struct v4_name_convert { - const char *from; - const char *to; -} default_v4_name_convert[] = { - { "ftp", "ftp" }, - { "hprop", "hprop" }, - { "pop", "pop" }, - { "imap", "imap" }, - { "rcmd", "host" }, - { "smtp", "smtp" }, - { NULL, NULL } -}; - -/* - * return the converted instance name of `name' in `realm'. - * look in the configuration file and then in the default set above. - * return NULL if no conversion is appropriate. - */ - -static const char* -get_name_conversion(krb5_context context, const char *realm, const char *name) -{ - struct v4_name_convert *q; - const char *p; - - p = krb5_config_get_string(context, NULL, "realms", realm, - "v4_name_convert", "host", name, NULL); - if(p == NULL) - p = krb5_config_get_string(context, NULL, "libdefaults", - "v4_name_convert", "host", name, NULL); - if(p) - return p; - - /* XXX should be possible to override default list */ - p = krb5_config_get_string(context, NULL, - "realms", - realm, - "v4_name_convert", - "plain", - name, - NULL); - if(p) - return NULL; - p = krb5_config_get_string(context, NULL, - "libdefaults", - "v4_name_convert", - "plain", - name, - NULL); - if(p) - return NULL; - for(q = default_v4_name_convert; q->from; q++) - if(strcmp(q->from, name) == 0) - return q->to; - return NULL; -} - -/* - * convert the v4 principal `name.instance@realm' to a v5 principal in `princ'. - * if `resolve', use DNS. - * if `func', use that function for validating the conversion - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_425_conv_principal_ext2(krb5_context context, - const char *name, - const char *instance, - const char *realm, - krb5_boolean (*func)(krb5_context, - void *, krb5_principal), - void *funcctx, - krb5_boolean resolve, - krb5_principal *princ) -{ - const char *p; - krb5_error_code ret; - krb5_principal pr; - char host[MAXHOSTNAMELEN]; - char local_hostname[MAXHOSTNAMELEN]; - - /* do the following: if the name is found in the - `v4_name_convert:host' part, is assumed to be a `host' type - principal, and the instance is looked up in the - `v4_instance_convert' part. if not found there the name is - (optionally) looked up as a hostname, and if that doesn't yield - anything, the `default_domain' is appended to the instance - */ - - if(instance == NULL) - goto no_host; - if(instance[0] == 0){ - instance = NULL; - goto no_host; - } - p = get_name_conversion(context, realm, name); - if(p == NULL) - goto no_host; - name = p; - p = krb5_config_get_string(context, NULL, "realms", realm, - "v4_instance_convert", instance, NULL); - if(p){ - instance = p; - ret = krb5_make_principal(context, &pr, realm, name, instance, NULL); - if(func == NULL || (*func)(context, funcctx, pr)){ - *princ = pr; - return 0; - } - krb5_free_principal(context, pr); - *princ = NULL; - krb5_clear_error_string (context); - return HEIM_ERR_V4_PRINC_NO_CONV; - } - if(resolve){ - krb5_boolean passed = FALSE; - char *inst = NULL; -#ifdef USE_RESOLVER - struct dns_reply *r; - - r = dns_lookup(instance, "aaaa"); - if (r) { - if (r->head && r->head->type == T_AAAA) { - inst = strdup(r->head->domain); - passed = TRUE; - } - dns_free_data(r); - } else { - r = dns_lookup(instance, "a"); - if (r) { - if(r->head && r->head->type == T_A) { - inst = strdup(r->head->domain); - passed = TRUE; - } - dns_free_data(r); - } - } -#else - struct addrinfo hints, *ai; - - memset (&hints, 0, sizeof(hints)); - hints.ai_flags = AI_CANONNAME; - ret = getaddrinfo(instance, NULL, &hints, &ai); - if (ret == 0) { - const struct addrinfo *a; - for (a = ai; a != NULL; a = a->ai_next) { - if (a->ai_canonname != NULL) { - inst = strdup (a->ai_canonname); - passed = TRUE; - break; - } - } - freeaddrinfo (ai); - } -#endif - if (passed) { - if (inst == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - strlwr(inst); - ret = krb5_make_principal(context, &pr, realm, name, inst, - NULL); - free (inst); - if(ret == 0) { - if(func == NULL || (*func)(context, funcctx, pr)){ - *princ = pr; - return 0; - } - krb5_free_principal(context, pr); - } - } - } - if(func != NULL) { - snprintf(host, sizeof(host), "%s.%s", instance, realm); - strlwr(host); - ret = krb5_make_principal(context, &pr, realm, name, host, NULL); - if((*func)(context, funcctx, pr)){ - *princ = pr; - return 0; - } - krb5_free_principal(context, pr); - } - - /* - * if the instance is the first component of the local hostname, - * the converted host should be the long hostname. - */ - - if (func == NULL && - gethostname (local_hostname, sizeof(local_hostname)) == 0 && - strncmp(instance, local_hostname, strlen(instance)) == 0 && - local_hostname[strlen(instance)] == '.') { - strlcpy(host, local_hostname, sizeof(host)); - goto local_host; - } - - { - char **domains, **d; - domains = krb5_config_get_strings(context, NULL, "realms", realm, - "v4_domains", NULL); - for(d = domains; d && *d; d++){ - snprintf(host, sizeof(host), "%s.%s", instance, *d); - ret = krb5_make_principal(context, &pr, realm, name, host, NULL); - if(func == NULL || (*func)(context, funcctx, pr)){ - *princ = pr; - krb5_config_free_strings(domains); - return 0; - } - krb5_free_principal(context, pr); - } - krb5_config_free_strings(domains); - } - - - p = krb5_config_get_string(context, NULL, "realms", realm, - "default_domain", NULL); - if(p == NULL){ - /* this should be an error, just faking a name is not good */ - krb5_clear_error_string (context); - return HEIM_ERR_V4_PRINC_NO_CONV; - } - - if (*p == '.') - ++p; - snprintf(host, sizeof(host), "%s.%s", instance, p); -local_host: - ret = krb5_make_principal(context, &pr, realm, name, host, NULL); - if(func == NULL || (*func)(context, funcctx, pr)){ - *princ = pr; - return 0; - } - krb5_free_principal(context, pr); - krb5_clear_error_string (context); - return HEIM_ERR_V4_PRINC_NO_CONV; -no_host: - p = krb5_config_get_string(context, NULL, - "realms", - realm, - "v4_name_convert", - "plain", - name, - NULL); - if(p == NULL) - p = krb5_config_get_string(context, NULL, - "libdefaults", - "v4_name_convert", - "plain", - name, - NULL); - if(p) - name = p; - - ret = krb5_make_principal(context, &pr, realm, name, instance, NULL); - if(func == NULL || (*func)(context, funcctx, pr)){ - *princ = pr; - return 0; - } - krb5_free_principal(context, pr); - krb5_clear_error_string (context); - return HEIM_ERR_V4_PRINC_NO_CONV; -} - -static krb5_boolean -convert_func(krb5_context conxtext, void *funcctx, krb5_principal principal) -{ - krb5_boolean (*func)(krb5_context, krb5_principal) = funcctx; - return (*func)(conxtext, principal); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_425_conv_principal_ext(krb5_context context, - const char *name, - const char *instance, - const char *realm, - krb5_boolean (*func)(krb5_context, krb5_principal), - krb5_boolean resolve, - krb5_principal *principal) -{ - return krb5_425_conv_principal_ext2(context, - name, - instance, - realm, - func ? convert_func : NULL, - func, - resolve, - principal); -} - - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_425_conv_principal(krb5_context context, - const char *name, - const char *instance, - const char *realm, - krb5_principal *princ) -{ - krb5_boolean resolve = krb5_config_get_bool(context, - NULL, - "libdefaults", - "v4_instance_resolve", - NULL); - - return krb5_425_conv_principal_ext(context, name, instance, realm, - NULL, resolve, princ); -} - - -static int -check_list(const krb5_config_binding *l, const char *name, const char **out) -{ - while(l){ - if (l->type != krb5_config_string) - continue; - if(strcmp(name, l->u.string) == 0) { - *out = l->name; - return 1; - } - l = l->next; - } - return 0; -} - -static int -name_convert(krb5_context context, const char *name, const char *realm, - const char **out) -{ - const krb5_config_binding *l; - l = krb5_config_get_list (context, - NULL, - "realms", - realm, - "v4_name_convert", - "host", - NULL); - if(l && check_list(l, name, out)) - return KRB5_NT_SRV_HST; - l = krb5_config_get_list (context, - NULL, - "libdefaults", - "v4_name_convert", - "host", - NULL); - if(l && check_list(l, name, out)) - return KRB5_NT_SRV_HST; - l = krb5_config_get_list (context, - NULL, - "realms", - realm, - "v4_name_convert", - "plain", - NULL); - if(l && check_list(l, name, out)) - return KRB5_NT_UNKNOWN; - l = krb5_config_get_list (context, - NULL, - "libdefaults", - "v4_name_convert", - "host", - NULL); - if(l && check_list(l, name, out)) - return KRB5_NT_UNKNOWN; - - /* didn't find it in config file, try built-in list */ - { - struct v4_name_convert *q; - for(q = default_v4_name_convert; q->from; q++) { - if(strcmp(name, q->to) == 0) { - *out = q->from; - return KRB5_NT_SRV_HST; - } - } - } - return -1; -} - -/* - * convert the v5 principal in `principal' into a v4 corresponding one - * in `name, instance, realm' - * this is limited interface since there's no length given for these - * three parameters. They have to be 40 bytes each (ANAME_SZ). - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_524_conv_principal(krb5_context context, - const krb5_principal principal, - char *name, - char *instance, - char *realm) -{ - const char *n, *i, *r; - char tmpinst[40]; - int type = princ_type(principal); - const int aname_sz = 40; - - r = principal->realm; - - switch(principal->name.name_string.len){ - case 1: - n = principal->name.name_string.val[0]; - i = ""; - break; - case 2: - n = principal->name.name_string.val[0]; - i = principal->name.name_string.val[1]; - break; - default: - krb5_set_error_string (context, - "cannot convert a %d component principal", - principal->name.name_string.len); - return KRB5_PARSE_MALFORMED; - } - - { - const char *tmp; - int t = name_convert(context, n, r, &tmp); - if(t >= 0) { - type = t; - n = tmp; - } - } - - if(type == KRB5_NT_SRV_HST){ - char *p; - - strlcpy (tmpinst, i, sizeof(tmpinst)); - p = strchr(tmpinst, '.'); - if(p) - *p = 0; - i = tmpinst; - } - - if (strlcpy (name, n, aname_sz) >= aname_sz) { - krb5_set_error_string (context, - "too long name component to convert"); - return KRB5_PARSE_MALFORMED; - } - if (strlcpy (instance, i, aname_sz) >= aname_sz) { - krb5_set_error_string (context, - "too long instance component to convert"); - return KRB5_PARSE_MALFORMED; - } - if (strlcpy (realm, r, aname_sz) >= aname_sz) { - krb5_set_error_string (context, - "too long realm component to convert"); - return KRB5_PARSE_MALFORMED; - } - return 0; -} - -/* - * Create a principal in `ret_princ' for the service `sname' running - * on host `hostname'. */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_sname_to_principal (krb5_context context, - const char *hostname, - const char *sname, - int32_t type, - krb5_principal *ret_princ) -{ - krb5_error_code ret; - char localhost[MAXHOSTNAMELEN]; - char **realms, *host = NULL; - - if(type != KRB5_NT_SRV_HST && type != KRB5_NT_UNKNOWN) { - krb5_set_error_string (context, "unsupported name type %d", - type); - return KRB5_SNAME_UNSUPP_NAMETYPE; - } - if(hostname == NULL) { - gethostname(localhost, sizeof(localhost)); - hostname = localhost; - } - if(sname == NULL) - sname = "host"; - if(type == KRB5_NT_SRV_HST) { - ret = krb5_expand_hostname_realms (context, hostname, - &host, &realms); - if (ret) - return ret; - strlwr(host); - hostname = host; - } else { - ret = krb5_get_host_realm(context, hostname, &realms); - if(ret) - return ret; - } - - ret = krb5_make_principal(context, ret_princ, realms[0], sname, - hostname, NULL); - if(host) - free(host); - krb5_free_host_realm(context, realms); - return ret; -} - -static const struct { - const char *type; - int32_t value; -} nametypes[] = { - { "UNKNOWN", KRB5_NT_UNKNOWN }, - { "PRINCIPAL", KRB5_NT_PRINCIPAL }, - { "SRV_INST", KRB5_NT_SRV_INST }, - { "SRV_HST", KRB5_NT_SRV_HST }, - { "SRV_XHST", KRB5_NT_SRV_XHST }, - { "UID", KRB5_NT_UID }, - { "X500_PRINCIPAL", KRB5_NT_X500_PRINCIPAL }, - { "SMTP_NAME", KRB5_NT_SMTP_NAME }, - { "ENTERPRISE_PRINCIPAL", KRB5_NT_ENTERPRISE_PRINCIPAL }, - { "ENT_PRINCIPAL_AND_ID", KRB5_NT_ENT_PRINCIPAL_AND_ID }, - { "MS_PRINCIPAL", KRB5_NT_MS_PRINCIPAL }, - { "MS_PRINCIPAL_AND_ID", KRB5_NT_MS_PRINCIPAL_AND_ID }, - { NULL } -}; - -krb5_error_code -krb5_parse_nametype(krb5_context context, const char *str, int32_t *nametype) -{ - size_t i; - - for(i = 0; nametypes[i].type; i++) { - if (strcasecmp(nametypes[i].type, str) == 0) { - *nametype = nametypes[i].value; - return 0; - } - } - krb5_set_error_string(context, "Failed to find name type %s", str); - return KRB5_PARSE_MALFORMED; -} diff --git a/crypto/heimdal/lib/krb5/prog_setup.c b/crypto/heimdal/lib/krb5/prog_setup.c deleted file mode 100644 index 0586155ac461..000000000000 --- a/crypto/heimdal/lib/krb5/prog_setup.c +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -#include -#include - -RCSID("$Id: prog_setup.c 15470 2005-06-17 04:29:41Z lha $"); - -void KRB5_LIB_FUNCTION -krb5_std_usage(int code, struct getargs *args, int num_args) -{ - arg_printusage(args, num_args, NULL, ""); - exit(code); -} - -int KRB5_LIB_FUNCTION -krb5_program_setup(krb5_context *context, int argc, char **argv, - struct getargs *args, int num_args, - void (*usage)(int, struct getargs*, int)) -{ - krb5_error_code ret; - int optidx = 0; - - if(usage == NULL) - usage = krb5_std_usage; - - setprogname(argv[0]); - ret = krb5_init_context(context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - if(getarg(args, num_args, argc, argv, &optidx)) - (*usage)(1, args, num_args); - return optidx; -} diff --git a/crypto/heimdal/lib/krb5/prompter_posix.c b/crypto/heimdal/lib/krb5/prompter_posix.c deleted file mode 100644 index e0f407fb247e..000000000000 --- a/crypto/heimdal/lib/krb5/prompter_posix.c +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: prompter_posix.c 13863 2004-05-25 21:46:46Z lha $"); - -int KRB5_LIB_FUNCTION -krb5_prompter_posix (krb5_context context, - void *data, - const char *name, - const char *banner, - int num_prompts, - krb5_prompt prompts[]) -{ - int i; - - if (name) - fprintf (stderr, "%s\n", name); - if (banner) - fprintf (stderr, "%s\n", banner); - if (name || banner) - fflush(stderr); - for (i = 0; i < num_prompts; ++i) { - if (prompts[i].hidden) { - if(UI_UTIL_read_pw_string(prompts[i].reply->data, - prompts[i].reply->length, - prompts[i].prompt, - 0)) - return 1; - } else { - char *s = prompts[i].reply->data; - - fputs (prompts[i].prompt, stdout); - fflush (stdout); - if(fgets(prompts[i].reply->data, - prompts[i].reply->length, - stdin) == NULL) - return 1; - s[strcspn(s, "\n")] = '\0'; - } - } - return 0; -} diff --git a/crypto/heimdal/lib/krb5/rd_cred.c b/crypto/heimdal/lib/krb5/rd_cred.c deleted file mode 100644 index c3f732201f3d..000000000000 --- a/crypto/heimdal/lib/krb5/rd_cred.c +++ /dev/null @@ -1,340 +0,0 @@ -/* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: rd_cred.c 20304 2007-04-11 11:15:05Z lha $"); - -static krb5_error_code -compare_addrs(krb5_context context, - krb5_address *a, - krb5_address *b, - const char *message) -{ - char a_str[64], b_str[64]; - size_t len; - - if(krb5_address_compare (context, a, b)) - return 0; - - krb5_print_address (a, a_str, sizeof(a_str), &len); - krb5_print_address (b, b_str, sizeof(b_str), &len); - krb5_set_error_string(context, "%s: %s != %s", message, b_str, a_str); - return KRB5KRB_AP_ERR_BADADDR; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_cred(krb5_context context, - krb5_auth_context auth_context, - krb5_data *in_data, - krb5_creds ***ret_creds, - krb5_replay_data *outdata) -{ - krb5_error_code ret; - size_t len; - KRB_CRED cred; - EncKrbCredPart enc_krb_cred_part; - krb5_data enc_krb_cred_part_data; - krb5_crypto crypto; - int i; - - memset(&enc_krb_cred_part, 0, sizeof(enc_krb_cred_part)); - - if ((auth_context->flags & - (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE)) && - outdata == NULL) - return KRB5_RC_REQUIRED; /* XXX better error, MIT returns this */ - - *ret_creds = NULL; - - ret = decode_KRB_CRED(in_data->data, in_data->length, - &cred, &len); - if(ret) { - krb5_clear_error_string(context); - return ret; - } - - if (cred.pvno != 5) { - ret = KRB5KRB_AP_ERR_BADVERSION; - krb5_clear_error_string (context); - goto out; - } - - if (cred.msg_type != krb_cred) { - ret = KRB5KRB_AP_ERR_MSG_TYPE; - krb5_clear_error_string (context); - goto out; - } - - if (cred.enc_part.etype == ETYPE_NULL) { - /* DK: MIT GSS-API Compatibility */ - enc_krb_cred_part_data.length = cred.enc_part.cipher.length; - enc_krb_cred_part_data.data = cred.enc_part.cipher.data; - } else { - /* Try both subkey and session key. - * - * RFC4120 claims we should use the session key, but Heimdal - * before 0.8 used the remote subkey if it was send in the - * auth_context. - */ - - if (auth_context->remote_subkey) { - ret = krb5_crypto_init(context, auth_context->remote_subkey, - 0, &crypto); - if (ret) - goto out; - - ret = krb5_decrypt_EncryptedData(context, - crypto, - KRB5_KU_KRB_CRED, - &cred.enc_part, - &enc_krb_cred_part_data); - - krb5_crypto_destroy(context, crypto); - } - - /* - * If there was not subkey, or we failed using subkey, - * retry using the session key - */ - if (auth_context->remote_subkey == NULL || ret == KRB5KRB_AP_ERR_BAD_INTEGRITY) - { - - ret = krb5_crypto_init(context, auth_context->keyblock, - 0, &crypto); - - if (ret) - goto out; - - ret = krb5_decrypt_EncryptedData(context, - crypto, - KRB5_KU_KRB_CRED, - &cred.enc_part, - &enc_krb_cred_part_data); - - krb5_crypto_destroy(context, crypto); - } - if (ret) - goto out; - } - - ret = krb5_decode_EncKrbCredPart (context, - enc_krb_cred_part_data.data, - enc_krb_cred_part_data.length, - &enc_krb_cred_part, - &len); - if (enc_krb_cred_part_data.data != cred.enc_part.cipher.data) - krb5_data_free(&enc_krb_cred_part_data); - if (ret) - goto out; - - /* check sender address */ - - if (enc_krb_cred_part.s_address - && auth_context->remote_address - && auth_context->remote_port) { - krb5_address *a; - - ret = krb5_make_addrport (context, &a, - auth_context->remote_address, - auth_context->remote_port); - if (ret) - goto out; - - - ret = compare_addrs(context, a, enc_krb_cred_part.s_address, - "sender address is wrong in received creds"); - krb5_free_address(context, a); - free(a); - if(ret) - goto out; - } - - /* check receiver address */ - - if (enc_krb_cred_part.r_address - && auth_context->local_address) { - if(auth_context->local_port && - enc_krb_cred_part.r_address->addr_type == KRB5_ADDRESS_ADDRPORT) { - krb5_address *a; - ret = krb5_make_addrport (context, &a, - auth_context->local_address, - auth_context->local_port); - if (ret) - goto out; - - ret = compare_addrs(context, a, enc_krb_cred_part.r_address, - "receiver address is wrong in received creds"); - krb5_free_address(context, a); - free(a); - if(ret) - goto out; - } else { - ret = compare_addrs(context, auth_context->local_address, - enc_krb_cred_part.r_address, - "receiver address is wrong in received creds"); - if(ret) - goto out; - } - } - - /* check timestamp */ - if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) { - krb5_timestamp sec; - - krb5_timeofday (context, &sec); - - if (enc_krb_cred_part.timestamp == NULL || - enc_krb_cred_part.usec == NULL || - abs(*enc_krb_cred_part.timestamp - sec) - > context->max_skew) { - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_SKEW; - goto out; - } - } - - if ((auth_context->flags & - (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE))) { - /* if these fields are not present in the cred-part, silently - return zero */ - memset(outdata, 0, sizeof(*outdata)); - if(enc_krb_cred_part.timestamp) - outdata->timestamp = *enc_krb_cred_part.timestamp; - if(enc_krb_cred_part.usec) - outdata->usec = *enc_krb_cred_part.usec; - if(enc_krb_cred_part.nonce) - outdata->seq = *enc_krb_cred_part.nonce; - } - - /* Convert to NULL terminated list of creds */ - - *ret_creds = calloc(enc_krb_cred_part.ticket_info.len + 1, - sizeof(**ret_creds)); - - if (*ret_creds == NULL) { - ret = ENOMEM; - krb5_set_error_string (context, "malloc: out of memory"); - goto out; - } - - for (i = 0; i < enc_krb_cred_part.ticket_info.len; ++i) { - KrbCredInfo *kci = &enc_krb_cred_part.ticket_info.val[i]; - krb5_creds *creds; - - creds = calloc(1, sizeof(*creds)); - if(creds == NULL) { - ret = ENOMEM; - krb5_set_error_string (context, "malloc: out of memory"); - goto out; - } - - ASN1_MALLOC_ENCODE(Ticket, creds->ticket.data, creds->ticket.length, - &cred.tickets.val[i], &len, ret); - if (ret) { - free(creds); - goto out; - } - if(creds->ticket.length != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - copy_EncryptionKey (&kci->key, &creds->session); - if (kci->prealm && kci->pname) - _krb5_principalname2krb5_principal (context, - &creds->client, - *kci->pname, - *kci->prealm); - if (kci->flags) - creds->flags.b = *kci->flags; - if (kci->authtime) - creds->times.authtime = *kci->authtime; - if (kci->starttime) - creds->times.starttime = *kci->starttime; - if (kci->endtime) - creds->times.endtime = *kci->endtime; - if (kci->renew_till) - creds->times.renew_till = *kci->renew_till; - if (kci->srealm && kci->sname) - _krb5_principalname2krb5_principal (context, - &creds->server, - *kci->sname, - *kci->srealm); - if (kci->caddr) - krb5_copy_addresses (context, - kci->caddr, - &creds->addresses); - - (*ret_creds)[i] = creds; - - } - (*ret_creds)[i] = NULL; - - free_KRB_CRED (&cred); - free_EncKrbCredPart(&enc_krb_cred_part); - - return 0; - - out: - free_EncKrbCredPart(&enc_krb_cred_part); - free_KRB_CRED (&cred); - if(*ret_creds) { - for(i = 0; (*ret_creds)[i]; i++) - krb5_free_creds(context, (*ret_creds)[i]); - free(*ret_creds); - *ret_creds = NULL; - } - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_cred2 (krb5_context context, - krb5_auth_context auth_context, - krb5_ccache ccache, - krb5_data *in_data) -{ - krb5_error_code ret; - krb5_creds **creds; - int i; - - ret = krb5_rd_cred(context, auth_context, in_data, &creds, NULL); - if(ret) - return ret; - - /* Store the creds in the ccache */ - - for(i = 0; creds && creds[i]; i++) { - krb5_cc_store_cred(context, ccache, creds[i]); - krb5_free_creds(context, creds[i]); - } - free(creds); - return 0; -} diff --git a/crypto/heimdal/lib/krb5/rd_error.c b/crypto/heimdal/lib/krb5/rd_error.c deleted file mode 100644 index e7646467afdb..000000000000 --- a/crypto/heimdal/lib/krb5/rd_error.c +++ /dev/null @@ -1,123 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: rd_error.c 21057 2007-06-12 17:22:31Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_error(krb5_context context, - const krb5_data *msg, - KRB_ERROR *result) -{ - - size_t len; - krb5_error_code ret; - - ret = decode_KRB_ERROR(msg->data, msg->length, result, &len); - if(ret) { - krb5_clear_error_string(context); - return ret; - } - result->error_code += KRB5KDC_ERR_NONE; - return 0; -} - -void KRB5_LIB_FUNCTION -krb5_free_error_contents (krb5_context context, - krb5_error *error) -{ - free_KRB_ERROR(error); - memset(error, 0, sizeof(*error)); -} - -void KRB5_LIB_FUNCTION -krb5_free_error (krb5_context context, - krb5_error *error) -{ - krb5_free_error_contents (context, error); - free (error); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_error_from_rd_error(krb5_context context, - const krb5_error *error, - const krb5_creds *creds) -{ - krb5_error_code ret; - - ret = error->error_code; - if (error->e_text != NULL) { - krb5_set_error_string(context, "%s", *error->e_text); - } else { - char clientname[256], servername[256]; - - if (creds != NULL) { - krb5_unparse_name_fixed(context, creds->client, - clientname, sizeof(clientname)); - krb5_unparse_name_fixed(context, creds->server, - servername, sizeof(servername)); - } - - switch (ret) { - case KRB5KDC_ERR_NAME_EXP : - krb5_set_error_string(context, "Client %s%s%s expired", - creds ? "(" : "", - creds ? clientname : "", - creds ? ")" : ""); - break; - case KRB5KDC_ERR_SERVICE_EXP : - krb5_set_error_string(context, "Server %s%s%s expired", - creds ? "(" : "", - creds ? servername : "", - creds ? ")" : ""); - break; - case KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN : - krb5_set_error_string(context, "Client %s%s%s unknown", - creds ? "(" : "", - creds ? clientname : "", - creds ? ")" : ""); - break; - case KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN : - krb5_set_error_string(context, "Server %s%s%s unknown", - creds ? "(" : "", - creds ? servername : "", - creds ? ")" : ""); - break; - default : - krb5_clear_error_string(context); - break; - } - } - return ret; -} diff --git a/crypto/heimdal/lib/krb5/rd_priv.c b/crypto/heimdal/lib/krb5/rd_priv.c deleted file mode 100644 index ed7a2ccc5278..000000000000 --- a/crypto/heimdal/lib/krb5/rd_priv.c +++ /dev/null @@ -1,185 +0,0 @@ -/* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: rd_priv.c 21751 2007-07-31 20:42:20Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_priv(krb5_context context, - krb5_auth_context auth_context, - const krb5_data *inbuf, - krb5_data *outbuf, - krb5_replay_data *outdata) -{ - krb5_error_code ret; - KRB_PRIV priv; - EncKrbPrivPart part; - size_t len; - krb5_data plain; - krb5_keyblock *key; - krb5_crypto crypto; - - if (outbuf) - krb5_data_zero(outbuf); - - if ((auth_context->flags & - (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE)) && - outdata == NULL) { - krb5_clear_error_string (context); - return KRB5_RC_REQUIRED; /* XXX better error, MIT returns this */ - } - - memset(&priv, 0, sizeof(priv)); - ret = decode_KRB_PRIV (inbuf->data, inbuf->length, &priv, &len); - if (ret) { - krb5_clear_error_string (context); - goto failure; - } - if (priv.pvno != 5) { - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_BADVERSION; - goto failure; - } - if (priv.msg_type != krb_priv) { - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_MSG_TYPE; - goto failure; - } - - if (auth_context->remote_subkey) - key = auth_context->remote_subkey; - else if (auth_context->local_subkey) - key = auth_context->local_subkey; - else - key = auth_context->keyblock; - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) - goto failure; - ret = krb5_decrypt_EncryptedData(context, - crypto, - KRB5_KU_KRB_PRIV, - &priv.enc_part, - &plain); - krb5_crypto_destroy(context, crypto); - if (ret) - goto failure; - - ret = decode_EncKrbPrivPart (plain.data, plain.length, &part, &len); - krb5_data_free (&plain); - if (ret) { - krb5_clear_error_string (context); - goto failure; - } - - /* check sender address */ - - if (part.s_address - && auth_context->remote_address - && !krb5_address_compare (context, - auth_context->remote_address, - part.s_address)) { - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_BADADDR; - goto failure_part; - } - - /* check receiver address */ - - if (part.r_address - && auth_context->local_address - && !krb5_address_compare (context, - auth_context->local_address, - part.r_address)) { - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_BADADDR; - goto failure_part; - } - - /* check timestamp */ - if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) { - krb5_timestamp sec; - - krb5_timeofday (context, &sec); - if (part.timestamp == NULL || - part.usec == NULL || - abs(*part.timestamp - sec) > context->max_skew) { - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_SKEW; - goto failure_part; - } - } - - /* XXX - check replay cache */ - - /* check sequence number. since MIT krb5 cannot generate a sequence - number of zero but instead generates no sequence number, we accept that - */ - - if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { - if ((part.seq_number == NULL - && auth_context->remote_seqnumber != 0) - || (part.seq_number != NULL - && *part.seq_number != auth_context->remote_seqnumber)) { - krb5_clear_error_string (context); - ret = KRB5KRB_AP_ERR_BADORDER; - goto failure_part; - } - auth_context->remote_seqnumber++; - } - - ret = krb5_data_copy (outbuf, part.user_data.data, part.user_data.length); - if (ret) - goto failure_part; - - if ((auth_context->flags & - (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE))) { - /* if these fields are not present in the priv-part, silently - return zero */ - memset(outdata, 0, sizeof(*outdata)); - if(part.timestamp) - outdata->timestamp = *part.timestamp; - if(part.usec) - outdata->usec = *part.usec; - if(part.seq_number) - outdata->seq = *part.seq_number; - } - - failure_part: - free_EncKrbPrivPart (&part); - - failure: - free_KRB_PRIV (&priv); - return ret; -} diff --git a/crypto/heimdal/lib/krb5/rd_rep.c b/crypto/heimdal/lib/krb5/rd_rep.c deleted file mode 100644 index 8c9b7bb441d7..000000000000 --- a/crypto/heimdal/lib/krb5/rd_rep.c +++ /dev/null @@ -1,124 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: rd_rep.c 17890 2006-08-21 09:19:22Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_rep(krb5_context context, - krb5_auth_context auth_context, - const krb5_data *inbuf, - krb5_ap_rep_enc_part **repl) -{ - krb5_error_code ret; - AP_REP ap_rep; - size_t len; - krb5_data data; - krb5_crypto crypto; - - krb5_data_zero (&data); - ret = 0; - - ret = decode_AP_REP(inbuf->data, inbuf->length, &ap_rep, &len); - if (ret) - return ret; - if (ap_rep.pvno != 5) { - ret = KRB5KRB_AP_ERR_BADVERSION; - krb5_clear_error_string (context); - goto out; - } - if (ap_rep.msg_type != krb_ap_rep) { - ret = KRB5KRB_AP_ERR_MSG_TYPE; - krb5_clear_error_string (context); - goto out; - } - - ret = krb5_crypto_init(context, auth_context->keyblock, 0, &crypto); - if (ret) - goto out; - ret = krb5_decrypt_EncryptedData (context, - crypto, - KRB5_KU_AP_REQ_ENC_PART, - &ap_rep.enc_part, - &data); - krb5_crypto_destroy(context, crypto); - if (ret) - goto out; - - *repl = malloc(sizeof(**repl)); - if (*repl == NULL) { - ret = ENOMEM; - krb5_set_error_string (context, "malloc: out of memory"); - goto out; - } - ret = krb5_decode_EncAPRepPart(context, - data.data, - data.length, - *repl, - &len); - if (ret) - return ret; - - if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) { - if ((*repl)->ctime != auth_context->authenticator->ctime || - (*repl)->cusec != auth_context->authenticator->cusec) - { - krb5_free_ap_rep_enc_part(context, *repl); - *repl = NULL; - ret = KRB5KRB_AP_ERR_MUT_FAIL; - krb5_clear_error_string (context); - goto out; - } - } - if ((*repl)->seq_number) - krb5_auth_con_setremoteseqnumber(context, auth_context, - *((*repl)->seq_number)); - if ((*repl)->subkey) - krb5_auth_con_setremotesubkey(context, auth_context, (*repl)->subkey); - - out: - krb5_data_free (&data); - free_AP_REP (&ap_rep); - return ret; -} - -void KRB5_LIB_FUNCTION -krb5_free_ap_rep_enc_part (krb5_context context, - krb5_ap_rep_enc_part *val) -{ - if (val) { - free_EncAPRepPart (val); - free (val); - } -} diff --git a/crypto/heimdal/lib/krb5/rd_req.c b/crypto/heimdal/lib/krb5/rd_req.c deleted file mode 100644 index 0f33b9716454..000000000000 --- a/crypto/heimdal/lib/krb5/rd_req.c +++ /dev/null @@ -1,892 +0,0 @@ -/* - * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: rd_req.c 22235 2007-12-08 21:52:07Z lha $"); - -static krb5_error_code -decrypt_tkt_enc_part (krb5_context context, - krb5_keyblock *key, - EncryptedData *enc_part, - EncTicketPart *decr_part) -{ - krb5_error_code ret; - krb5_data plain; - size_t len; - krb5_crypto crypto; - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) - return ret; - ret = krb5_decrypt_EncryptedData (context, - crypto, - KRB5_KU_TICKET, - enc_part, - &plain); - krb5_crypto_destroy(context, crypto); - if (ret) - return ret; - - ret = krb5_decode_EncTicketPart(context, plain.data, plain.length, - decr_part, &len); - krb5_data_free (&plain); - return ret; -} - -static krb5_error_code -decrypt_authenticator (krb5_context context, - EncryptionKey *key, - EncryptedData *enc_part, - Authenticator *authenticator, - krb5_key_usage usage) -{ - krb5_error_code ret; - krb5_data plain; - size_t len; - krb5_crypto crypto; - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) - return ret; - ret = krb5_decrypt_EncryptedData (context, - crypto, - usage /* KRB5_KU_AP_REQ_AUTH */, - enc_part, - &plain); - /* for backwards compatibility, also try the old usage */ - if (ret && usage == KRB5_KU_TGS_REQ_AUTH) - ret = krb5_decrypt_EncryptedData (context, - crypto, - KRB5_KU_AP_REQ_AUTH, - enc_part, - &plain); - krb5_crypto_destroy(context, crypto); - if (ret) - return ret; - - ret = krb5_decode_Authenticator(context, plain.data, plain.length, - authenticator, &len); - krb5_data_free (&plain); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decode_ap_req(krb5_context context, - const krb5_data *inbuf, - krb5_ap_req *ap_req) -{ - krb5_error_code ret; - size_t len; - ret = decode_AP_REQ(inbuf->data, inbuf->length, ap_req, &len); - if (ret) - return ret; - if (ap_req->pvno != 5){ - free_AP_REQ(ap_req); - krb5_clear_error_string (context); - return KRB5KRB_AP_ERR_BADVERSION; - } - if (ap_req->msg_type != krb_ap_req){ - free_AP_REQ(ap_req); - krb5_clear_error_string (context); - return KRB5KRB_AP_ERR_MSG_TYPE; - } - if (ap_req->ticket.tkt_vno != 5){ - free_AP_REQ(ap_req); - krb5_clear_error_string (context); - return KRB5KRB_AP_ERR_BADVERSION; - } - return 0; -} - -static krb5_error_code -check_transited(krb5_context context, Ticket *ticket, EncTicketPart *enc) -{ - char **realms; - int num_realms; - krb5_error_code ret; - - /* - * Windows 2000 and 2003 uses this inside their TGT so it's normaly - * not seen by others, however, samba4 joined with a Windows AD as - * a Domain Controller gets exposed to this. - */ - if(enc->transited.tr_type == 0 && enc->transited.contents.length == 0) - return 0; - - if(enc->transited.tr_type != DOMAIN_X500_COMPRESS) - return KRB5KDC_ERR_TRTYPE_NOSUPP; - - if(enc->transited.contents.length == 0) - return 0; - - ret = krb5_domain_x500_decode(context, enc->transited.contents, - &realms, &num_realms, - enc->crealm, - ticket->realm); - if(ret) - return ret; - ret = krb5_check_transited(context, enc->crealm, - ticket->realm, - realms, num_realms, NULL); - free(realms); - return ret; -} - -static krb5_error_code -find_etypelist(krb5_context context, - krb5_auth_context auth_context, - EtypeList *etypes) -{ - krb5_error_code ret; - krb5_authdata *ad; - krb5_authdata adIfRelevant; - unsigned i; - - adIfRelevant.len = 0; - - etypes->len = 0; - etypes->val = NULL; - - ad = auth_context->authenticator->authorization_data; - if (ad == NULL) - return 0; - - for (i = 0; i < ad->len; i++) { - if (ad->val[i].ad_type == KRB5_AUTHDATA_IF_RELEVANT) { - ret = decode_AD_IF_RELEVANT(ad->val[i].ad_data.data, - ad->val[i].ad_data.length, - &adIfRelevant, - NULL); - if (ret) - return ret; - - if (adIfRelevant.len == 1 && - adIfRelevant.val[0].ad_type == - KRB5_AUTHDATA_GSS_API_ETYPE_NEGOTIATION) { - break; - } - free_AD_IF_RELEVANT(&adIfRelevant); - adIfRelevant.len = 0; - } - } - - if (adIfRelevant.len == 0) - return 0; - - ret = decode_EtypeList(adIfRelevant.val[0].ad_data.data, - adIfRelevant.val[0].ad_data.length, - etypes, - NULL); - if (ret) - krb5_clear_error_string(context); - - free_AD_IF_RELEVANT(&adIfRelevant); - - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_decrypt_ticket(krb5_context context, - Ticket *ticket, - krb5_keyblock *key, - EncTicketPart *out, - krb5_flags flags) -{ - EncTicketPart t; - krb5_error_code ret; - ret = decrypt_tkt_enc_part (context, key, &ticket->enc_part, &t); - if (ret) - return ret; - - { - krb5_timestamp now; - time_t start = t.authtime; - - krb5_timeofday (context, &now); - if(t.starttime) - start = *t.starttime; - if(start - now > context->max_skew - || (t.flags.invalid - && !(flags & KRB5_VERIFY_AP_REQ_IGNORE_INVALID))) { - free_EncTicketPart(&t); - krb5_clear_error_string (context); - return KRB5KRB_AP_ERR_TKT_NYV; - } - if(now - t.endtime > context->max_skew) { - free_EncTicketPart(&t); - krb5_clear_error_string (context); - return KRB5KRB_AP_ERR_TKT_EXPIRED; - } - - if(!t.flags.transited_policy_checked) { - ret = check_transited(context, ticket, &t); - if(ret) { - free_EncTicketPart(&t); - return ret; - } - } - } - - if(out) - *out = t; - else - free_EncTicketPart(&t); - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_verify_authenticator_checksum(krb5_context context, - krb5_auth_context ac, - void *data, - size_t len) -{ - krb5_error_code ret; - krb5_keyblock *key; - krb5_authenticator authenticator; - krb5_crypto crypto; - - ret = krb5_auth_con_getauthenticator (context, - ac, - &authenticator); - if(ret) - return ret; - if(authenticator->cksum == NULL) { - krb5_free_authenticator(context, &authenticator); - return -17; - } - ret = krb5_auth_con_getkey(context, ac, &key); - if(ret) { - krb5_free_authenticator(context, &authenticator); - return ret; - } - ret = krb5_crypto_init(context, key, 0, &crypto); - if(ret) - goto out; - ret = krb5_verify_checksum (context, - crypto, - KRB5_KU_AP_REQ_AUTH_CKSUM, - data, - len, - authenticator->cksum); - krb5_crypto_destroy(context, crypto); -out: - krb5_free_authenticator(context, &authenticator); - krb5_free_keyblock(context, key); - return ret; -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_verify_ap_req(krb5_context context, - krb5_auth_context *auth_context, - krb5_ap_req *ap_req, - krb5_const_principal server, - krb5_keyblock *keyblock, - krb5_flags flags, - krb5_flags *ap_req_options, - krb5_ticket **ticket) -{ - return krb5_verify_ap_req2 (context, - auth_context, - ap_req, - server, - keyblock, - flags, - ap_req_options, - ticket, - KRB5_KU_AP_REQ_AUTH); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_verify_ap_req2(krb5_context context, - krb5_auth_context *auth_context, - krb5_ap_req *ap_req, - krb5_const_principal server, - krb5_keyblock *keyblock, - krb5_flags flags, - krb5_flags *ap_req_options, - krb5_ticket **ticket, - krb5_key_usage usage) -{ - krb5_ticket *t; - krb5_auth_context ac; - krb5_error_code ret; - EtypeList etypes; - - if (ticket) - *ticket = NULL; - - if (auth_context && *auth_context) { - ac = *auth_context; - } else { - ret = krb5_auth_con_init (context, &ac); - if (ret) - return ret; - } - - t = calloc(1, sizeof(*t)); - if (t == NULL) { - ret = ENOMEM; - krb5_clear_error_string (context); - goto out; - } - - if (ap_req->ap_options.use_session_key && ac->keyblock){ - ret = krb5_decrypt_ticket(context, &ap_req->ticket, - ac->keyblock, - &t->ticket, - flags); - krb5_free_keyblock(context, ac->keyblock); - ac->keyblock = NULL; - }else - ret = krb5_decrypt_ticket(context, &ap_req->ticket, - keyblock, - &t->ticket, - flags); - - if(ret) - goto out; - - ret = _krb5_principalname2krb5_principal(context, - &t->server, - ap_req->ticket.sname, - ap_req->ticket.realm); - if (ret) goto out; - ret = _krb5_principalname2krb5_principal(context, - &t->client, - t->ticket.cname, - t->ticket.crealm); - if (ret) goto out; - - /* save key */ - - ret = krb5_copy_keyblock(context, &t->ticket.key, &ac->keyblock); - if (ret) goto out; - - ret = decrypt_authenticator (context, - &t->ticket.key, - &ap_req->authenticator, - ac->authenticator, - usage); - if (ret) - goto out; - - { - krb5_principal p1, p2; - krb5_boolean res; - - _krb5_principalname2krb5_principal(context, - &p1, - ac->authenticator->cname, - ac->authenticator->crealm); - _krb5_principalname2krb5_principal(context, - &p2, - t->ticket.cname, - t->ticket.crealm); - res = krb5_principal_compare (context, p1, p2); - krb5_free_principal (context, p1); - krb5_free_principal (context, p2); - if (!res) { - ret = KRB5KRB_AP_ERR_BADMATCH; - krb5_clear_error_string (context); - goto out; - } - } - - /* check addresses */ - - if (t->ticket.caddr - && ac->remote_address - && !krb5_address_search (context, - ac->remote_address, - t->ticket.caddr)) { - ret = KRB5KRB_AP_ERR_BADADDR; - krb5_clear_error_string (context); - goto out; - } - - /* check timestamp in authenticator */ - { - krb5_timestamp now; - - krb5_timeofday (context, &now); - - if (abs(ac->authenticator->ctime - now) > context->max_skew) { - ret = KRB5KRB_AP_ERR_SKEW; - krb5_clear_error_string (context); - goto out; - } - } - - if (ac->authenticator->seq_number) - krb5_auth_con_setremoteseqnumber(context, ac, - *ac->authenticator->seq_number); - - /* XXX - Xor sequence numbers */ - - if (ac->authenticator->subkey) { - ret = krb5_auth_con_setremotesubkey(context, ac, - ac->authenticator->subkey); - if (ret) - goto out; - } - - ret = find_etypelist(context, ac, &etypes); - if (ret) - goto out; - - ac->keytype = ETYPE_NULL; - - if (etypes.val) { - int i; - - for (i = 0; i < etypes.len; i++) { - if (krb5_enctype_valid(context, etypes.val[i]) == 0) { - ac->keytype = etypes.val[i]; - break; - } - } - } - - if (ap_req_options) { - *ap_req_options = 0; - if (ac->keytype != ETYPE_NULL) - *ap_req_options |= AP_OPTS_USE_SUBKEY; - if (ap_req->ap_options.use_session_key) - *ap_req_options |= AP_OPTS_USE_SESSION_KEY; - if (ap_req->ap_options.mutual_required) - *ap_req_options |= AP_OPTS_MUTUAL_REQUIRED; - } - - if(ticket) - *ticket = t; - else - krb5_free_ticket (context, t); - if (auth_context) { - if (*auth_context == NULL) - *auth_context = ac; - } else - krb5_auth_con_free (context, ac); - free_EtypeList(&etypes); - return 0; - out: - if (t) - krb5_free_ticket (context, t); - if (auth_context == NULL || *auth_context == NULL) - krb5_auth_con_free (context, ac); - return ret; -} - -/* - * - */ - -struct krb5_rd_req_in_ctx_data { - krb5_keytab keytab; - krb5_keyblock *keyblock; - krb5_boolean check_pac; -}; - -struct krb5_rd_req_out_ctx_data { - krb5_keyblock *keyblock; - krb5_flags ap_req_options; - krb5_ticket *ticket; -}; - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_in_ctx_alloc(krb5_context context, krb5_rd_req_in_ctx *ctx) -{ - *ctx = calloc(1, sizeof(**ctx)); - if (*ctx == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - (*ctx)->check_pac = (context->flags & KRB5_CTX_F_CHECK_PAC) ? 1 : 0; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_in_set_keytab(krb5_context context, - krb5_rd_req_in_ctx in, - krb5_keytab keytab) -{ - in->keytab = keytab; /* XXX should make copy */ - return 0; -} - -/** - * Set if krb5_rq_red() is going to check the Windows PAC or not - * - * @param context Keberos 5 context. - * @param in krb5_rd_req_in_ctx to check the option on. - * @param flag flag to select if to check the pac (TRUE) or not (FALSE). - * - * @return Kerberos 5 error code, see krb5_get_error_message(). - * - * @ingroup krb5 - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_in_set_pac_check(krb5_context context, - krb5_rd_req_in_ctx in, - krb5_boolean flag) -{ - in->check_pac = flag; - return 0; -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_in_set_keyblock(krb5_context context, - krb5_rd_req_in_ctx in, - krb5_keyblock *keyblock) -{ - in->keyblock = keyblock; /* XXX should make copy */ - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_out_get_ap_req_options(krb5_context context, - krb5_rd_req_out_ctx out, - krb5_flags *ap_req_options) -{ - *ap_req_options = out->ap_req_options; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_out_get_ticket(krb5_context context, - krb5_rd_req_out_ctx out, - krb5_ticket **ticket) -{ - return krb5_copy_ticket(context, out->ticket, ticket); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_out_get_keyblock(krb5_context context, - krb5_rd_req_out_ctx out, - krb5_keyblock **keyblock) -{ - return krb5_copy_keyblock(context, out->keyblock, keyblock); -} - -void KRB5_LIB_FUNCTION -krb5_rd_req_in_ctx_free(krb5_context context, krb5_rd_req_in_ctx ctx) -{ - free(ctx); -} - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_rd_req_out_ctx_alloc(krb5_context context, krb5_rd_req_out_ctx *ctx) -{ - *ctx = calloc(1, sizeof(**ctx)); - if (*ctx == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - return 0; -} - -void KRB5_LIB_FUNCTION -krb5_rd_req_out_ctx_free(krb5_context context, krb5_rd_req_out_ctx ctx) -{ - krb5_free_keyblock(context, ctx->keyblock); - free(ctx); -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req(krb5_context context, - krb5_auth_context *auth_context, - const krb5_data *inbuf, - krb5_const_principal server, - krb5_keytab keytab, - krb5_flags *ap_req_options, - krb5_ticket **ticket) -{ - krb5_error_code ret; - krb5_rd_req_in_ctx in; - krb5_rd_req_out_ctx out; - - ret = krb5_rd_req_in_ctx_alloc(context, &in); - if (ret) - return ret; - - ret = krb5_rd_req_in_set_keytab(context, in, keytab); - if (ret) { - krb5_rd_req_in_ctx_free(context, in); - return ret; - } - - ret = krb5_rd_req_ctx(context, auth_context, inbuf, server, in, &out); - krb5_rd_req_in_ctx_free(context, in); - if (ret) - return ret; - - if (ap_req_options) - *ap_req_options = out->ap_req_options; - if (ticket) { - ret = krb5_copy_ticket(context, out->ticket, ticket); - if (ret) - goto out; - } - -out: - krb5_rd_req_out_ctx_free(context, out); - return ret; -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_with_keyblock(krb5_context context, - krb5_auth_context *auth_context, - const krb5_data *inbuf, - krb5_const_principal server, - krb5_keyblock *keyblock, - krb5_flags *ap_req_options, - krb5_ticket **ticket) -{ - krb5_error_code ret; - krb5_rd_req_in_ctx in; - krb5_rd_req_out_ctx out; - - ret = krb5_rd_req_in_ctx_alloc(context, &in); - if (ret) - return ret; - - ret = krb5_rd_req_in_set_keyblock(context, in, keyblock); - if (ret) { - krb5_rd_req_in_ctx_free(context, in); - return ret; - } - - ret = krb5_rd_req_ctx(context, auth_context, inbuf, server, in, &out); - krb5_rd_req_in_ctx_free(context, in); - if (ret) - return ret; - - if (ap_req_options) - *ap_req_options = out->ap_req_options; - if (ticket) { - ret = krb5_copy_ticket(context, out->ticket, ticket); - if (ret) - goto out; - } - -out: - krb5_rd_req_out_ctx_free(context, out); - return ret; -} - -/* - * - */ - -static krb5_error_code -get_key_from_keytab(krb5_context context, - krb5_auth_context *auth_context, - krb5_ap_req *ap_req, - krb5_const_principal server, - krb5_keytab keytab, - krb5_keyblock **out_key) -{ - krb5_keytab_entry entry; - krb5_error_code ret; - int kvno; - krb5_keytab real_keytab; - - if(keytab == NULL) - krb5_kt_default(context, &real_keytab); - else - real_keytab = keytab; - - if (ap_req->ticket.enc_part.kvno) - kvno = *ap_req->ticket.enc_part.kvno; - else - kvno = 0; - - ret = krb5_kt_get_entry (context, - real_keytab, - server, - kvno, - ap_req->ticket.enc_part.etype, - &entry); - if(ret) - goto out; - ret = krb5_copy_keyblock(context, &entry.keyblock, out_key); - krb5_kt_free_entry (context, &entry); -out: - if(keytab == NULL) - krb5_kt_close(context, real_keytab); - - return ret; -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_req_ctx(krb5_context context, - krb5_auth_context *auth_context, - const krb5_data *inbuf, - krb5_const_principal server, - krb5_rd_req_in_ctx inctx, - krb5_rd_req_out_ctx *outctx) -{ - krb5_error_code ret; - krb5_ap_req ap_req; - krb5_principal service = NULL; - krb5_rd_req_out_ctx o = NULL; - - ret = _krb5_rd_req_out_ctx_alloc(context, &o); - if (ret) - goto out; - - if (*auth_context == NULL) { - ret = krb5_auth_con_init(context, auth_context); - if (ret) - goto out; - } - - ret = krb5_decode_ap_req(context, inbuf, &ap_req); - if(ret) - goto out; - - if(server == NULL){ - ret = _krb5_principalname2krb5_principal(context, - &service, - ap_req.ticket.sname, - ap_req.ticket.realm); - if (ret) - goto out; - server = service; - } - if (ap_req.ap_options.use_session_key && - (*auth_context)->keyblock == NULL) { - krb5_set_error_string(context, "krb5_rd_req: user to user auth " - "without session key given"); - ret = KRB5KRB_AP_ERR_NOKEY; - goto out; - } - - if((*auth_context)->keyblock){ - ret = krb5_copy_keyblock(context, - (*auth_context)->keyblock, - &o->keyblock); - if (ret) - goto out; - } else if(inctx->keyblock){ - ret = krb5_copy_keyblock(context, - inctx->keyblock, - &o->keyblock); - if (ret) - goto out; - } else { - krb5_keytab keytab = NULL; - - if (inctx && inctx->keytab) - keytab = inctx->keytab; - - ret = get_key_from_keytab(context, - auth_context, - &ap_req, - server, - keytab, - &o->keyblock); - if(ret) - goto out; - } - - ret = krb5_verify_ap_req2(context, - auth_context, - &ap_req, - server, - o->keyblock, - 0, - &o->ap_req_options, - &o->ticket, - KRB5_KU_AP_REQ_AUTH); - - if (ret) - goto out; - - /* If there is a PAC, verify its server signature */ - if (inctx->check_pac) { - krb5_pac pac; - krb5_data data; - - ret = krb5_ticket_get_authorization_data_type(context, - o->ticket, - KRB5_AUTHDATA_WIN2K_PAC, - &data); - if (ret == 0) { - ret = krb5_pac_parse(context, data.data, data.length, &pac); - krb5_data_free(&data); - if (ret) - goto out; - - ret = krb5_pac_verify(context, - pac, - o->ticket->ticket.authtime, - o->ticket->client, - o->keyblock, - NULL); - krb5_pac_free(context, pac); - if (ret) - goto out; - } - ret = 0; - } -out: - if (ret || outctx == NULL) { - krb5_rd_req_out_ctx_free(context, o); - } else - *outctx = o; - - free_AP_REQ(&ap_req); - if(service) - krb5_free_principal(context, service); - return ret; -} diff --git a/crypto/heimdal/lib/krb5/rd_safe.c b/crypto/heimdal/lib/krb5/rd_safe.c deleted file mode 100644 index b2fb5c59d776..000000000000 --- a/crypto/heimdal/lib/krb5/rd_safe.c +++ /dev/null @@ -1,213 +0,0 @@ -/* - * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: rd_safe.c 19827 2007-01-11 02:54:59Z lha $"); - -static krb5_error_code -verify_checksum(krb5_context context, - krb5_auth_context auth_context, - KRB_SAFE *safe) -{ - krb5_error_code ret; - u_char *buf; - size_t buf_size; - size_t len; - Checksum c; - krb5_crypto crypto; - krb5_keyblock *key; - - c = safe->cksum; - safe->cksum.cksumtype = 0; - safe->cksum.checksum.data = NULL; - safe->cksum.checksum.length = 0; - - ASN1_MALLOC_ENCODE(KRB_SAFE, buf, buf_size, safe, &len, ret); - if(ret) - return ret; - if(buf_size != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - - if (auth_context->remote_subkey) - key = auth_context->remote_subkey; - else if (auth_context->local_subkey) - key = auth_context->local_subkey; - else - key = auth_context->keyblock; - - ret = krb5_crypto_init(context, key, 0, &crypto); - if (ret) - goto out; - ret = krb5_verify_checksum (context, - crypto, - KRB5_KU_KRB_SAFE_CKSUM, - buf + buf_size - len, - len, - &c); - krb5_crypto_destroy(context, crypto); -out: - safe->cksum = c; - free (buf); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rd_safe(krb5_context context, - krb5_auth_context auth_context, - const krb5_data *inbuf, - krb5_data *outbuf, - krb5_replay_data *outdata) -{ - krb5_error_code ret; - KRB_SAFE safe; - size_t len; - - if (outbuf) - krb5_data_zero(outbuf); - - if ((auth_context->flags & - (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE)) && - outdata == NULL) { - krb5_set_error_string(context, "rd_safe: need outdata to return data"); - return KRB5_RC_REQUIRED; /* XXX better error, MIT returns this */ - } - - ret = decode_KRB_SAFE (inbuf->data, inbuf->length, &safe, &len); - if (ret) - return ret; - if (safe.pvno != 5) { - ret = KRB5KRB_AP_ERR_BADVERSION; - krb5_clear_error_string (context); - goto failure; - } - if (safe.msg_type != krb_safe) { - ret = KRB5KRB_AP_ERR_MSG_TYPE; - krb5_clear_error_string (context); - goto failure; - } - if (!krb5_checksum_is_keyed(context, safe.cksum.cksumtype) - || !krb5_checksum_is_collision_proof(context, safe.cksum.cksumtype)) { - ret = KRB5KRB_AP_ERR_INAPP_CKSUM; - krb5_clear_error_string (context); - goto failure; - } - - /* check sender address */ - - if (safe.safe_body.s_address - && auth_context->remote_address - && !krb5_address_compare (context, - auth_context->remote_address, - safe.safe_body.s_address)) { - ret = KRB5KRB_AP_ERR_BADADDR; - krb5_clear_error_string (context); - goto failure; - } - - /* check receiver address */ - - if (safe.safe_body.r_address - && auth_context->local_address - && !krb5_address_compare (context, - auth_context->local_address, - safe.safe_body.r_address)) { - ret = KRB5KRB_AP_ERR_BADADDR; - krb5_clear_error_string (context); - goto failure; - } - - /* check timestamp */ - if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) { - krb5_timestamp sec; - - krb5_timeofday (context, &sec); - - if (safe.safe_body.timestamp == NULL || - safe.safe_body.usec == NULL || - abs(*safe.safe_body.timestamp - sec) > context->max_skew) { - ret = KRB5KRB_AP_ERR_SKEW; - krb5_clear_error_string (context); - goto failure; - } - } - /* XXX - check replay cache */ - - /* check sequence number. since MIT krb5 cannot generate a sequence - number of zero but instead generates no sequence number, we accept that - */ - - if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { - if ((safe.safe_body.seq_number == NULL - && auth_context->remote_seqnumber != 0) - || (safe.safe_body.seq_number != NULL - && *safe.safe_body.seq_number != - auth_context->remote_seqnumber)) { - ret = KRB5KRB_AP_ERR_BADORDER; - krb5_clear_error_string (context); - goto failure; - } - auth_context->remote_seqnumber++; - } - - ret = verify_checksum (context, auth_context, &safe); - if (ret) - goto failure; - - outbuf->length = safe.safe_body.user_data.length; - outbuf->data = malloc(outbuf->length); - if (outbuf->data == NULL && outbuf->length != 0) { - ret = ENOMEM; - krb5_set_error_string (context, "malloc: out of memory"); - krb5_data_zero(outbuf); - goto failure; - } - memcpy (outbuf->data, safe.safe_body.user_data.data, outbuf->length); - - if ((auth_context->flags & - (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE))) { - /* if these fields are not present in the safe-part, silently - return zero */ - memset(outdata, 0, sizeof(*outdata)); - if(safe.safe_body.timestamp) - outdata->timestamp = *safe.safe_body.timestamp; - if(safe.safe_body.usec) - outdata->usec = *safe.safe_body.usec; - if(safe.safe_body.seq_number) - outdata->seq = *safe.safe_body.seq_number; - } - - failure: - free_KRB_SAFE (&safe); - return ret; -} diff --git a/crypto/heimdal/lib/krb5/read_message.c b/crypto/heimdal/lib/krb5/read_message.c deleted file mode 100644 index 5e03507b66a5..000000000000 --- a/crypto/heimdal/lib/krb5/read_message.c +++ /dev/null @@ -1,106 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: read_message.c 21750 2007-07-31 20:41:25Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_read_message (krb5_context context, - krb5_pointer p_fd, - krb5_data *data) -{ - krb5_error_code ret; - uint32_t len; - uint8_t buf[4]; - - krb5_data_zero(data); - - ret = krb5_net_read (context, p_fd, buf, 4); - if(ret == -1) { - ret = errno; - krb5_clear_error_string (context); - return ret; - } - if(ret < 4) { - krb5_clear_error_string(context); - return HEIM_ERR_EOF; - } - len = (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3]; - ret = krb5_data_alloc (data, len); - if (ret) { - krb5_clear_error_string(context); - return ret; - } - if (krb5_net_read (context, p_fd, data->data, len) != len) { - ret = errno; - krb5_data_free (data); - krb5_clear_error_string (context); - return ret; - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_read_priv_message(krb5_context context, - krb5_auth_context ac, - krb5_pointer p_fd, - krb5_data *data) -{ - krb5_error_code ret; - krb5_data packet; - - ret = krb5_read_message(context, p_fd, &packet); - if(ret) - return ret; - ret = krb5_rd_priv (context, ac, &packet, data, NULL); - krb5_data_free(&packet); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_read_safe_message(krb5_context context, - krb5_auth_context ac, - krb5_pointer p_fd, - krb5_data *data) -{ - krb5_error_code ret; - krb5_data packet; - - ret = krb5_read_message(context, p_fd, &packet); - if(ret) - return ret; - ret = krb5_rd_safe (context, ac, &packet, data, NULL); - krb5_data_free(&packet); - return ret; -} diff --git a/crypto/heimdal/lib/krb5/recvauth.c b/crypto/heimdal/lib/krb5/recvauth.c deleted file mode 100644 index 03482851268c..000000000000 --- a/crypto/heimdal/lib/krb5/recvauth.c +++ /dev/null @@ -1,211 +0,0 @@ -/* - * Copyright (c) 1997-2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: recvauth.c 20306 2007-04-11 11:15:55Z lha $"); - -/* - * See `sendauth.c' for the format. - */ - -static krb5_boolean -match_exact(const void *data, const char *appl_version) -{ - return strcmp(data, appl_version) == 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_recvauth(krb5_context context, - krb5_auth_context *auth_context, - krb5_pointer p_fd, - const char *appl_version, - krb5_principal server, - int32_t flags, - krb5_keytab keytab, - krb5_ticket **ticket) -{ - return krb5_recvauth_match_version(context, auth_context, p_fd, - match_exact, appl_version, - server, flags, - keytab, ticket); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_recvauth_match_version(krb5_context context, - krb5_auth_context *auth_context, - krb5_pointer p_fd, - krb5_boolean (*match_appl_version)(const void *, - const char*), - const void *match_data, - krb5_principal server, - int32_t flags, - krb5_keytab keytab, - krb5_ticket **ticket) -{ - krb5_error_code ret; - const char *version = KRB5_SENDAUTH_VERSION; - char her_version[sizeof(KRB5_SENDAUTH_VERSION)]; - char *her_appl_version; - uint32_t len; - u_char repl; - krb5_data data; - krb5_flags ap_options; - ssize_t n; - - /* - * If there are no addresses in auth_context, get them from `fd'. - */ - - if (*auth_context == NULL) { - ret = krb5_auth_con_init (context, auth_context); - if (ret) - return ret; - } - - ret = krb5_auth_con_setaddrs_from_fd (context, - *auth_context, - p_fd); - if (ret) - return ret; - - if(!(flags & KRB5_RECVAUTH_IGNORE_VERSION)) { - n = krb5_net_read (context, p_fd, &len, 4); - if (n < 0) { - ret = errno; - krb5_set_error_string (context, "read: %s", strerror(errno)); - return ret; - } - if (n == 0) { - krb5_set_error_string (context, "Failed to receive sendauth data"); - return KRB5_SENDAUTH_BADAUTHVERS; - } - len = ntohl(len); - if (len != sizeof(her_version) - || krb5_net_read (context, p_fd, her_version, len) != len - || strncmp (version, her_version, len)) { - repl = 1; - krb5_net_write (context, p_fd, &repl, 1); - krb5_clear_error_string (context); - return KRB5_SENDAUTH_BADAUTHVERS; - } - } - - n = krb5_net_read (context, p_fd, &len, 4); - if (n < 0) { - ret = errno; - krb5_set_error_string (context, "read: %s", strerror(errno)); - return ret; - } - if (n == 0) { - krb5_clear_error_string (context); - return KRB5_SENDAUTH_BADAPPLVERS; - } - len = ntohl(len); - her_appl_version = malloc (len); - if (her_appl_version == NULL) { - repl = 2; - krb5_net_write (context, p_fd, &repl, 1); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - if (krb5_net_read (context, p_fd, her_appl_version, len) != len - || !(*match_appl_version)(match_data, her_appl_version)) { - repl = 2; - krb5_net_write (context, p_fd, &repl, 1); - krb5_set_error_string (context, "wrong sendauth version (%s)", - her_appl_version); - free (her_appl_version); - return KRB5_SENDAUTH_BADAPPLVERS; - } - free (her_appl_version); - - repl = 0; - if (krb5_net_write (context, p_fd, &repl, 1) != 1) { - ret = errno; - krb5_set_error_string (context, "write: %s", strerror(errno)); - return ret; - } - - krb5_data_zero (&data); - ret = krb5_read_message (context, p_fd, &data); - if (ret) - return ret; - - ret = krb5_rd_req (context, - auth_context, - &data, - server, - keytab, - &ap_options, - ticket); - krb5_data_free (&data); - if (ret) { - krb5_data error_data; - krb5_error_code ret2; - - ret2 = krb5_mk_error (context, - ret, - NULL, - NULL, - NULL, - server, - NULL, - NULL, - &error_data); - if (ret2 == 0) { - krb5_write_message (context, p_fd, &error_data); - krb5_data_free (&error_data); - } - return ret; - } - - len = 0; - if (krb5_net_write (context, p_fd, &len, 4) != 4) { - ret = errno; - krb5_set_error_string (context, "write: %s", strerror(errno)); - return ret; - } - - if (ap_options & AP_OPTS_MUTUAL_REQUIRED) { - ret = krb5_mk_rep (context, *auth_context, &data); - if (ret) - return ret; - - ret = krb5_write_message (context, p_fd, &data); - if (ret) - return ret; - krb5_data_free (&data); - } - return 0; -} diff --git a/crypto/heimdal/lib/krb5/replay.c b/crypto/heimdal/lib/krb5/replay.c deleted file mode 100644 index 12894d96a95e..000000000000 --- a/crypto/heimdal/lib/krb5/replay.c +++ /dev/null @@ -1,312 +0,0 @@ -/* - * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -#include - -RCSID("$Id: replay.c 17047 2006-04-10 17:13:49Z lha $"); - -struct krb5_rcache_data { - char *name; -}; - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_resolve(krb5_context context, - krb5_rcache id, - const char *name) -{ - id->name = strdup(name); - if(id->name == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return KRB5_RC_MALLOC; - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_resolve_type(krb5_context context, - krb5_rcache *id, - const char *type) -{ - *id = NULL; - if(strcmp(type, "FILE")) { - krb5_set_error_string (context, "replay cache type %s not supported", - type); - return KRB5_RC_TYPE_NOTFOUND; - } - *id = calloc(1, sizeof(**id)); - if(*id == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return KRB5_RC_MALLOC; - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_resolve_full(krb5_context context, - krb5_rcache *id, - const char *string_name) -{ - krb5_error_code ret; - - *id = NULL; - - if(strncmp(string_name, "FILE:", 5)) { - krb5_set_error_string (context, "replay cache type %s not supported", - string_name); - return KRB5_RC_TYPE_NOTFOUND; - } - ret = krb5_rc_resolve_type(context, id, "FILE"); - if(ret) - return ret; - ret = krb5_rc_resolve(context, *id, string_name + 5); - if (ret) { - krb5_rc_close(context, *id); - *id = NULL; - } - return ret; -} - -const char* KRB5_LIB_FUNCTION -krb5_rc_default_name(krb5_context context) -{ - return "FILE:/var/run/default_rcache"; -} - -const char* KRB5_LIB_FUNCTION -krb5_rc_default_type(krb5_context context) -{ - return "FILE"; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_default(krb5_context context, - krb5_rcache *id) -{ - return krb5_rc_resolve_full(context, id, krb5_rc_default_name(context)); -} - -struct rc_entry{ - time_t stamp; - unsigned char data[16]; -}; - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_initialize(krb5_context context, - krb5_rcache id, - krb5_deltat auth_lifespan) -{ - FILE *f = fopen(id->name, "w"); - struct rc_entry tmp; - int ret; - - if(f == NULL) { - ret = errno; - krb5_set_error_string (context, "open(%s): %s", id->name, - strerror(ret)); - return ret; - } - tmp.stamp = auth_lifespan; - fwrite(&tmp, 1, sizeof(tmp), f); - fclose(f); - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_recover(krb5_context context, - krb5_rcache id) -{ - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_destroy(krb5_context context, - krb5_rcache id) -{ - int ret; - - if(remove(id->name) < 0) { - ret = errno; - krb5_set_error_string (context, "remove(%s): %s", id->name, - strerror(ret)); - return ret; - } - return krb5_rc_close(context, id); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_close(krb5_context context, - krb5_rcache id) -{ - free(id->name); - free(id); - return 0; -} - -static void -checksum_authenticator(Authenticator *auth, void *data) -{ - MD5_CTX md5; - int i; - - MD5_Init (&md5); - MD5_Update (&md5, auth->crealm, strlen(auth->crealm)); - for(i = 0; i < auth->cname.name_string.len; i++) - MD5_Update(&md5, auth->cname.name_string.val[i], - strlen(auth->cname.name_string.val[i])); - MD5_Update (&md5, &auth->ctime, sizeof(auth->ctime)); - MD5_Update (&md5, &auth->cusec, sizeof(auth->cusec)); - MD5_Final (data, &md5); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_store(krb5_context context, - krb5_rcache id, - krb5_donot_replay *rep) -{ - struct rc_entry ent, tmp; - time_t t; - FILE *f; - int ret; - - ent.stamp = time(NULL); - checksum_authenticator(rep, ent.data); - f = fopen(id->name, "r"); - if(f == NULL) { - ret = errno; - krb5_set_error_string (context, "open(%s): %s", id->name, - strerror(ret)); - return ret; - } - fread(&tmp, sizeof(ent), 1, f); - t = ent.stamp - tmp.stamp; - while(fread(&tmp, sizeof(ent), 1, f)){ - if(tmp.stamp < t) - continue; - if(memcmp(tmp.data, ent.data, sizeof(ent.data)) == 0){ - fclose(f); - krb5_clear_error_string (context); - return KRB5_RC_REPLAY; - } - } - if(ferror(f)){ - ret = errno; - fclose(f); - krb5_set_error_string (context, "%s: %s", id->name, strerror(ret)); - return ret; - } - fclose(f); - f = fopen(id->name, "a"); - if(f == NULL) { - krb5_set_error_string (context, "open(%s): %s", id->name, - strerror(errno)); - return KRB5_RC_IO_UNKNOWN; - } - fwrite(&ent, 1, sizeof(ent), f); - fclose(f); - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_expunge(krb5_context context, - krb5_rcache id) -{ - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_rc_get_lifespan(krb5_context context, - krb5_rcache id, - krb5_deltat *auth_lifespan) -{ - FILE *f = fopen(id->name, "r"); - int r; - struct rc_entry ent; - r = fread(&ent, sizeof(ent), 1, f); - fclose(f); - if(r){ - *auth_lifespan = ent.stamp; - return 0; - } - krb5_clear_error_string (context); - return KRB5_RC_IO_UNKNOWN; -} - -const char* KRB5_LIB_FUNCTION -krb5_rc_get_name(krb5_context context, - krb5_rcache id) -{ - return id->name; -} - -const char* KRB5_LIB_FUNCTION -krb5_rc_get_type(krb5_context context, - krb5_rcache id) -{ - return "FILE"; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_get_server_rcache(krb5_context context, - const krb5_data *piece, - krb5_rcache *id) -{ - krb5_rcache rcache; - krb5_error_code ret; - - char *tmp = malloc(4 * piece->length + 1); - char *name; - - if(tmp == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - strvisx(tmp, piece->data, piece->length, VIS_WHITE | VIS_OCTAL); -#ifdef HAVE_GETEUID - asprintf(&name, "FILE:rc_%s_%u", tmp, (unsigned)geteuid()); -#else - asprintf(&name, "FILE:rc_%s", tmp); -#endif - free(tmp); - if(name == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - - ret = krb5_rc_resolve_full(context, &rcache, name); - free(name); - if(ret) - return ret; - *id = rcache; - return ret; -} diff --git a/crypto/heimdal/lib/krb5/send_to_kdc.c b/crypto/heimdal/lib/krb5/send_to_kdc.c deleted file mode 100644 index 2582a615c052..000000000000 --- a/crypto/heimdal/lib/krb5/send_to_kdc.c +++ /dev/null @@ -1,604 +0,0 @@ -/* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: send_to_kdc.c 21934 2007-08-27 14:21:04Z lha $"); - -struct send_to_kdc { - krb5_send_to_kdc_func func; - void *data; -}; - -/* - * send the data in `req' on the socket `fd' (which is datagram iff udp) - * waiting `tmout' for a reply and returning the reply in `rep'. - * iff limit read up to this many bytes - * returns 0 and data in `rep' if succesful, otherwise -1 - */ - -static int -recv_loop (int fd, - time_t tmout, - int udp, - size_t limit, - krb5_data *rep) -{ - fd_set fdset; - struct timeval timeout; - int ret; - int nbytes; - - if (fd >= FD_SETSIZE) { - return -1; - } - - krb5_data_zero(rep); - do { - FD_ZERO(&fdset); - FD_SET(fd, &fdset); - timeout.tv_sec = tmout; - timeout.tv_usec = 0; - ret = select (fd + 1, &fdset, NULL, NULL, &timeout); - if (ret < 0) { - if (errno == EINTR) - continue; - return -1; - } else if (ret == 0) { - return 0; - } else { - void *tmp; - - if (ioctl (fd, FIONREAD, &nbytes) < 0) { - krb5_data_free (rep); - return -1; - } - if(nbytes <= 0) - return 0; - - if (limit) - nbytes = min(nbytes, limit - rep->length); - - tmp = realloc (rep->data, rep->length + nbytes); - if (tmp == NULL) { - krb5_data_free (rep); - return -1; - } - rep->data = tmp; - ret = recv (fd, (char*)tmp + rep->length, nbytes, 0); - if (ret < 0) { - krb5_data_free (rep); - return -1; - } - rep->length += ret; - } - } while(!udp && (limit == 0 || rep->length < limit)); - return 0; -} - -/* - * Send kerberos requests and receive a reply on a udp or any other kind - * of a datagram socket. See `recv_loop'. - */ - -static int -send_and_recv_udp(int fd, - time_t tmout, - const krb5_data *req, - krb5_data *rep) -{ - if (send (fd, req->data, req->length, 0) < 0) - return -1; - - return recv_loop(fd, tmout, 1, 0, rep); -} - -/* - * `send_and_recv' for a TCP (or any other stream) socket. - * Since there are no record limits on a stream socket the protocol here - * is to prepend the request with 4 bytes of its length and the reply - * is similarly encoded. - */ - -static int -send_and_recv_tcp(int fd, - time_t tmout, - const krb5_data *req, - krb5_data *rep) -{ - unsigned char len[4]; - unsigned long rep_len; - krb5_data len_data; - - _krb5_put_int(len, req->length, 4); - if(net_write(fd, len, sizeof(len)) < 0) - return -1; - if(net_write(fd, req->data, req->length) < 0) - return -1; - if (recv_loop (fd, tmout, 0, 4, &len_data) < 0) - return -1; - if (len_data.length != 4) { - krb5_data_free (&len_data); - return -1; - } - _krb5_get_int(len_data.data, &rep_len, 4); - krb5_data_free (&len_data); - if (recv_loop (fd, tmout, 0, rep_len, rep) < 0) - return -1; - if(rep->length != rep_len) { - krb5_data_free (rep); - return -1; - } - return 0; -} - -int -_krb5_send_and_recv_tcp(int fd, - time_t tmout, - const krb5_data *req, - krb5_data *rep) -{ - return send_and_recv_tcp(fd, tmout, req, rep); -} - -/* - * `send_and_recv' tailored for the HTTP protocol. - */ - -static int -send_and_recv_http(int fd, - time_t tmout, - const char *prefix, - const krb5_data *req, - krb5_data *rep) -{ - char *request; - char *str; - int ret; - int len = base64_encode(req->data, req->length, &str); - - if(len < 0) - return -1; - asprintf(&request, "GET %s%s HTTP/1.0\r\n\r\n", prefix, str); - free(str); - if (request == NULL) - return -1; - ret = net_write (fd, request, strlen(request)); - free (request); - if (ret < 0) - return ret; - ret = recv_loop(fd, tmout, 0, 0, rep); - if(ret) - return ret; - { - unsigned long rep_len; - char *s, *p; - - s = realloc(rep->data, rep->length + 1); - if (s == NULL) { - krb5_data_free (rep); - return -1; - } - s[rep->length] = 0; - p = strstr(s, "\r\n\r\n"); - if(p == NULL) { - krb5_data_zero(rep); - free(s); - return -1; - } - p += 4; - rep->data = s; - rep->length -= p - s; - if(rep->length < 4) { /* remove length */ - krb5_data_zero(rep); - free(s); - return -1; - } - rep->length -= 4; - _krb5_get_int(p, &rep_len, 4); - if (rep_len != rep->length) { - krb5_data_zero(rep); - free(s); - return -1; - } - memmove(rep->data, p + 4, rep->length); - } - return 0; -} - -static int -init_port(const char *s, int fallback) -{ - if (s) { - int tmp; - - sscanf (s, "%d", &tmp); - return htons(tmp); - } else - return fallback; -} - -/* - * Return 0 if succesful, otherwise 1 - */ - -static int -send_via_proxy (krb5_context context, - const krb5_krbhst_info *hi, - const krb5_data *send_data, - krb5_data *receive) -{ - char *proxy2 = strdup(context->http_proxy); - char *proxy = proxy2; - char *prefix; - char *colon; - struct addrinfo hints; - struct addrinfo *ai, *a; - int ret; - int s = -1; - char portstr[NI_MAXSERV]; - - if (proxy == NULL) - return ENOMEM; - if (strncmp (proxy, "http://", 7) == 0) - proxy += 7; - - colon = strchr(proxy, ':'); - if(colon != NULL) - *colon++ = '\0'; - memset (&hints, 0, sizeof(hints)); - hints.ai_family = PF_UNSPEC; - hints.ai_socktype = SOCK_STREAM; - snprintf (portstr, sizeof(portstr), "%d", - ntohs(init_port (colon, htons(80)))); - ret = getaddrinfo (proxy, portstr, &hints, &ai); - free (proxy2); - if (ret) - return krb5_eai_to_heim_errno(ret, errno); - - for (a = ai; a != NULL; a = a->ai_next) { - s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (s < 0) - continue; - if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { - close (s); - continue; - } - break; - } - if (a == NULL) { - freeaddrinfo (ai); - return 1; - } - freeaddrinfo (ai); - - asprintf(&prefix, "http://%s/", hi->hostname); - if(prefix == NULL) { - close(s); - return 1; - } - ret = send_and_recv_http(s, context->kdc_timeout, - prefix, send_data, receive); - close (s); - free(prefix); - if(ret == 0 && receive->length != 0) - return 0; - return 1; -} - -/* - * Send the data `send' to one host from `handle` and get back the reply - * in `receive'. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_sendto (krb5_context context, - const krb5_data *send_data, - krb5_krbhst_handle handle, - krb5_data *receive) -{ - krb5_error_code ret; - int fd; - int i; - - krb5_data_zero(receive); - - for (i = 0; i < context->max_retries; ++i) { - krb5_krbhst_info *hi; - - while (krb5_krbhst_next(context, handle, &hi) == 0) { - struct addrinfo *ai, *a; - - if (context->send_to_kdc) { - struct send_to_kdc *s = context->send_to_kdc; - - ret = (*s->func)(context, s->data, - hi, send_data, receive); - if (ret == 0 && receive->length != 0) - goto out; - continue; - } - - if(hi->proto == KRB5_KRBHST_HTTP && context->http_proxy) { - if (send_via_proxy (context, hi, send_data, receive) == 0) { - ret = 0; - goto out; - } - continue; - } - - ret = krb5_krbhst_get_addrinfo(context, hi, &ai); - if (ret) - continue; - - for (a = ai; a != NULL; a = a->ai_next) { - fd = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (fd < 0) - continue; - if (connect (fd, a->ai_addr, a->ai_addrlen) < 0) { - close (fd); - continue; - } - switch (hi->proto) { - case KRB5_KRBHST_HTTP : - ret = send_and_recv_http(fd, context->kdc_timeout, - "", send_data, receive); - break; - case KRB5_KRBHST_TCP : - ret = send_and_recv_tcp (fd, context->kdc_timeout, - send_data, receive); - break; - case KRB5_KRBHST_UDP : - ret = send_and_recv_udp (fd, context->kdc_timeout, - send_data, receive); - break; - } - close (fd); - if(ret == 0 && receive->length != 0) - goto out; - } - } - krb5_krbhst_reset(context, handle); - } - krb5_clear_error_string (context); - ret = KRB5_KDC_UNREACH; -out: - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_sendto_kdc(krb5_context context, - const krb5_data *send_data, - const krb5_realm *realm, - krb5_data *receive) -{ - return krb5_sendto_kdc_flags(context, send_data, realm, receive, 0); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_sendto_kdc_flags(krb5_context context, - const krb5_data *send_data, - const krb5_realm *realm, - krb5_data *receive, - int flags) -{ - krb5_error_code ret; - krb5_sendto_ctx ctx; - - ret = krb5_sendto_ctx_alloc(context, &ctx); - if (ret) - return ret; - krb5_sendto_ctx_add_flags(ctx, flags); - krb5_sendto_ctx_set_func(ctx, _krb5_kdc_retry, NULL); - - ret = krb5_sendto_context(context, ctx, send_data, *realm, receive); - krb5_sendto_ctx_free(context, ctx); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_send_to_kdc_func(krb5_context context, - krb5_send_to_kdc_func func, - void *data) -{ - free(context->send_to_kdc); - if (func == NULL) { - context->send_to_kdc = NULL; - return 0; - } - - context->send_to_kdc = malloc(sizeof(*context->send_to_kdc)); - if (context->send_to_kdc == NULL) { - krb5_set_error_string(context, "Out of memory"); - return ENOMEM; - } - - context->send_to_kdc->func = func; - context->send_to_kdc->data = data; - return 0; -} - -struct krb5_sendto_ctx_data { - int flags; - int type; - krb5_sendto_ctx_func func; - void *data; -}; - -krb5_error_code KRB5_LIB_FUNCTION -krb5_sendto_ctx_alloc(krb5_context context, krb5_sendto_ctx *ctx) -{ - *ctx = calloc(1, sizeof(**ctx)); - if (*ctx == NULL) { - krb5_set_error_string(context, "out of memory"); - return ENOMEM; - } - return 0; -} - -void KRB5_LIB_FUNCTION -krb5_sendto_ctx_add_flags(krb5_sendto_ctx ctx, int flags) -{ - ctx->flags |= flags; -} - -int KRB5_LIB_FUNCTION -krb5_sendto_ctx_get_flags(krb5_sendto_ctx ctx) -{ - return ctx->flags; -} - -void KRB5_LIB_FUNCTION -krb5_sendto_ctx_set_type(krb5_sendto_ctx ctx, int type) -{ - ctx->type = type; -} - - -void KRB5_LIB_FUNCTION -krb5_sendto_ctx_set_func(krb5_sendto_ctx ctx, - krb5_sendto_ctx_func func, - void *data) -{ - ctx->func = func; - ctx->data = data; -} - -void KRB5_LIB_FUNCTION -krb5_sendto_ctx_free(krb5_context context, krb5_sendto_ctx ctx) -{ - memset(ctx, 0, sizeof(*ctx)); - free(ctx); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_sendto_context(krb5_context context, - krb5_sendto_ctx ctx, - const krb5_data *send_data, - const krb5_realm realm, - krb5_data *receive) -{ - krb5_error_code ret; - krb5_krbhst_handle handle = NULL; - int type, freectx = 0; - int action; - - krb5_data_zero(receive); - - if (ctx == NULL) { - freectx = 1; - ret = krb5_sendto_ctx_alloc(context, &ctx); - if (ret) - return ret; - } - - type = ctx->type; - if (type == 0) { - if ((ctx->flags & KRB5_KRBHST_FLAGS_MASTER) || context->use_admin_kdc) - type = KRB5_KRBHST_ADMIN; - else - type = KRB5_KRBHST_KDC; - } - - if (send_data->length > context->large_msg_size) - ctx->flags |= KRB5_KRBHST_FLAGS_LARGE_MSG; - - /* loop until we get back a appropriate response */ - - do { - action = KRB5_SENDTO_DONE; - - krb5_data_free(receive); - - if (handle == NULL) { - ret = krb5_krbhst_init_flags(context, realm, type, - ctx->flags, &handle); - if (ret) { - if (freectx) - krb5_sendto_ctx_free(context, ctx); - return ret; - } - } - - ret = krb5_sendto(context, send_data, handle, receive); - if (ret) - break; - if (ctx->func) { - ret = (*ctx->func)(context, ctx, ctx->data, receive, &action); - if (ret) - break; - } - if (action != KRB5_SENDTO_CONTINUE) { - krb5_krbhst_free(context, handle); - handle = NULL; - } - } while (action != KRB5_SENDTO_DONE); - if (handle) - krb5_krbhst_free(context, handle); - if (ret == KRB5_KDC_UNREACH) - krb5_set_error_string(context, - "unable to reach any KDC in realm %s", realm); - if (ret) - krb5_data_free(receive); - if (freectx) - krb5_sendto_ctx_free(context, ctx); - return ret; -} - -krb5_error_code -_krb5_kdc_retry(krb5_context context, krb5_sendto_ctx ctx, void *data, - const krb5_data *reply, int *action) -{ - krb5_error_code ret; - KRB_ERROR error; - - if(krb5_rd_error(context, reply, &error)) - return 0; - - ret = krb5_error_from_rd_error(context, &error, NULL); - krb5_free_error_contents(context, &error); - - switch(ret) { - case KRB5KRB_ERR_RESPONSE_TOO_BIG: { - if (krb5_sendto_ctx_get_flags(ctx) & KRB5_KRBHST_FLAGS_LARGE_MSG) - break; - krb5_sendto_ctx_add_flags(ctx, KRB5_KRBHST_FLAGS_LARGE_MSG); - *action = KRB5_SENDTO_RESTART; - break; - } - case KRB5KDC_ERR_SVC_UNAVAILABLE: - *action = KRB5_SENDTO_CONTINUE; - break; - } - return 0; -} diff --git a/crypto/heimdal/lib/krb5/sendauth.c b/crypto/heimdal/lib/krb5/sendauth.c deleted file mode 100644 index a7242f0daf9c..000000000000 --- a/crypto/heimdal/lib/krb5/sendauth.c +++ /dev/null @@ -1,233 +0,0 @@ -/* - * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: sendauth.c 17442 2006-05-05 09:31:15Z lha $"); - -/* - * The format seems to be: - * client -> server - * - * 4 bytes - length - * KRB5_SENDAUTH_V1.0 (including zero) - * 4 bytes - length - * protocol string (with terminating zero) - * - * server -> client - * 1 byte - (0 = OK, else some kind of error) - * - * client -> server - * 4 bytes - length - * AP-REQ - * - * server -> client - * 4 bytes - length (0 = OK, else length of error) - * (error) - * - * if(mutual) { - * server -> client - * 4 bytes - length - * AP-REP - * } - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_sendauth(krb5_context context, - krb5_auth_context *auth_context, - krb5_pointer p_fd, - const char *appl_version, - krb5_principal client, - krb5_principal server, - krb5_flags ap_req_options, - krb5_data *in_data, - krb5_creds *in_creds, - krb5_ccache ccache, - krb5_error **ret_error, - krb5_ap_rep_enc_part **rep_result, - krb5_creds **out_creds) -{ - krb5_error_code ret; - uint32_t len, net_len; - const char *version = KRB5_SENDAUTH_VERSION; - u_char repl; - krb5_data ap_req, error_data; - krb5_creds this_cred; - krb5_principal this_client = NULL; - krb5_creds *creds; - ssize_t sret; - krb5_boolean my_ccache = FALSE; - - len = strlen(version) + 1; - net_len = htonl(len); - if (krb5_net_write (context, p_fd, &net_len, 4) != 4 - || krb5_net_write (context, p_fd, version, len) != len) { - ret = errno; - krb5_set_error_string (context, "write: %s", strerror(ret)); - return ret; - } - - len = strlen(appl_version) + 1; - net_len = htonl(len); - if (krb5_net_write (context, p_fd, &net_len, 4) != 4 - || krb5_net_write (context, p_fd, appl_version, len) != len) { - ret = errno; - krb5_set_error_string (context, "write: %s", strerror(ret)); - return ret; - } - - sret = krb5_net_read (context, p_fd, &repl, sizeof(repl)); - if (sret < 0) { - ret = errno; - krb5_set_error_string (context, "read: %s", strerror(ret)); - return ret; - } else if (sret != sizeof(repl)) { - krb5_clear_error_string (context); - return KRB5_SENDAUTH_BADRESPONSE; - } - - if (repl != 0) { - krb5_clear_error_string (context); - return KRB5_SENDAUTH_REJECTED; - } - - if (in_creds == NULL) { - if (ccache == NULL) { - ret = krb5_cc_default (context, &ccache); - if (ret) - return ret; - my_ccache = TRUE; - } - - if (client == NULL) { - ret = krb5_cc_get_principal (context, ccache, &this_client); - if (ret) { - if(my_ccache) - krb5_cc_close(context, ccache); - return ret; - } - client = this_client; - } - memset(&this_cred, 0, sizeof(this_cred)); - this_cred.client = client; - this_cred.server = server; - this_cred.times.endtime = 0; - this_cred.ticket.length = 0; - in_creds = &this_cred; - } - if (in_creds->ticket.length == 0) { - ret = krb5_get_credentials (context, 0, ccache, in_creds, &creds); - if (ret) { - if(my_ccache) - krb5_cc_close(context, ccache); - return ret; - } - } else { - creds = in_creds; - } - if(my_ccache) - krb5_cc_close(context, ccache); - ret = krb5_mk_req_extended (context, - auth_context, - ap_req_options, - in_data, - creds, - &ap_req); - - if (out_creds) - *out_creds = creds; - else - krb5_free_creds(context, creds); - if(this_client) - krb5_free_principal(context, this_client); - - if (ret) - return ret; - - ret = krb5_write_message (context, - p_fd, - &ap_req); - if (ret) - return ret; - - krb5_data_free (&ap_req); - - ret = krb5_read_message (context, p_fd, &error_data); - if (ret) - return ret; - - if (error_data.length != 0) { - KRB_ERROR error; - - ret = krb5_rd_error (context, &error_data, &error); - krb5_data_free (&error_data); - if (ret == 0) { - ret = krb5_error_from_rd_error(context, &error, NULL); - if (ret_error != NULL) { - *ret_error = malloc (sizeof(krb5_error)); - if (*ret_error == NULL) { - krb5_free_error_contents (context, &error); - } else { - **ret_error = error; - } - } else { - krb5_free_error_contents (context, &error); - } - return ret; - } else { - krb5_clear_error_string(context); - return ret; - } - } - - if (ap_req_options & AP_OPTS_MUTUAL_REQUIRED) { - krb5_data ap_rep; - krb5_ap_rep_enc_part *ignore; - - krb5_data_zero (&ap_rep); - ret = krb5_read_message (context, - p_fd, - &ap_rep); - if (ret) - return ret; - - ret = krb5_rd_rep (context, *auth_context, &ap_rep, - rep_result ? rep_result : &ignore); - krb5_data_free (&ap_rep); - if (ret) - return ret; - if (rep_result == NULL) - krb5_free_ap_rep_enc_part (context, ignore); - } - return 0; -} diff --git a/crypto/heimdal/lib/krb5/set_default_realm.c b/crypto/heimdal/lib/krb5/set_default_realm.c deleted file mode 100644 index 98040bc2e9d6..000000000000 --- a/crypto/heimdal/lib/krb5/set_default_realm.c +++ /dev/null @@ -1,90 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: set_default_realm.c 13863 2004-05-25 21:46:46Z lha $"); - -/* - * Convert the simple string `s' into a NULL-terminated and freshly allocated - * list in `list'. Return an error code. - */ - -static krb5_error_code -string_to_list (krb5_context context, const char *s, krb5_realm **list) -{ - - *list = malloc (2 * sizeof(**list)); - if (*list == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - (*list)[0] = strdup (s); - if ((*list)[0] == NULL) { - free (*list); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - (*list)[1] = NULL; - return 0; -} - -/* - * Set the knowledge of the default realm(s) in `context'. - * If realm != NULL, that's the new default realm. - * Otherwise, the realm(s) are figured out from configuration or DNS. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_default_realm(krb5_context context, - const char *realm) -{ - krb5_error_code ret = 0; - krb5_realm *realms = NULL; - - if (realm == NULL) { - realms = krb5_config_get_strings (context, NULL, - "libdefaults", - "default_realm", - NULL); - if (realms == NULL) - ret = krb5_get_host_realm(context, NULL, &realms); - } else { - ret = string_to_list (context, realm, &realms); - } - if (ret) - return ret; - krb5_free_host_realm (context, context->default_realms); - context->default_realms = realms; - return 0; -} diff --git a/crypto/heimdal/lib/krb5/sock_principal.c b/crypto/heimdal/lib/krb5/sock_principal.c deleted file mode 100644 index 9b4ba978a1b6..000000000000 --- a/crypto/heimdal/lib/krb5/sock_principal.c +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: sock_principal.c 13863 2004-05-25 21:46:46Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_sock_to_principal (krb5_context context, - int sock, - const char *sname, - int32_t type, - krb5_principal *ret_princ) -{ - krb5_error_code ret; - struct sockaddr_storage __ss; - struct sockaddr *sa = (struct sockaddr *)&__ss; - socklen_t salen = sizeof(__ss); - char hostname[NI_MAXHOST]; - - if (getsockname (sock, sa, &salen) < 0) { - ret = errno; - krb5_set_error_string (context, "getsockname: %s", strerror(ret)); - return ret; - } - ret = getnameinfo (sa, salen, hostname, sizeof(hostname), NULL, 0, 0); - if (ret) { - int save_errno = errno; - - krb5_set_error_string (context, "getnameinfo: %s", gai_strerror(ret)); - return krb5_eai_to_heim_errno(ret, save_errno); - } - - ret = krb5_sname_to_principal (context, - hostname, - sname, - type, - ret_princ); - return ret; -} diff --git a/crypto/heimdal/lib/krb5/store-int.h b/crypto/heimdal/lib/krb5/store-int.h deleted file mode 100644 index 42e695a11bc6..000000000000 --- a/crypto/heimdal/lib/krb5/store-int.h +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright (c) 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef __store_int_h__ -#define __store_int_h__ - -struct krb5_storage_data { - void *data; - ssize_t (*fetch)(struct krb5_storage_data*, void*, size_t); - ssize_t (*store)(struct krb5_storage_data*, const void*, size_t); - off_t (*seek)(struct krb5_storage_data*, off_t, int); - void (*free)(struct krb5_storage_data*); - krb5_flags flags; - int eof_code; -}; - -#endif /* __store_int_h__ */ diff --git a/crypto/heimdal/lib/krb5/store-test.c b/crypto/heimdal/lib/krb5/store-test.c deleted file mode 100644 index aec2dfe7cb35..000000000000 --- a/crypto/heimdal/lib/krb5/store-test.c +++ /dev/null @@ -1,118 +0,0 @@ -/* - * Copyright (c) 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" - -RCSID("$Id: store-test.c 16344 2005-12-02 15:15:43Z lha $"); - -static void -print_data(unsigned char *data, size_t len) -{ - int i; - for(i = 0; i < len; i++) { - if(i > 0 && (i % 16) == 0) - printf("\n "); - printf("%02x ", data[i]); - } - printf("\n"); -} - -static int -compare(const char *name, krb5_storage *sp, void *expected, size_t len) -{ - int ret = 0; - krb5_data data; - krb5_storage_to_data(sp, &data); - krb5_storage_free(sp); - if(data.length != len || memcmp(data.data, expected, len) != 0) { - printf("%s mismatch\n", name); - printf(" Expected: "); - print_data(expected, len); - printf(" Actual: "); - print_data(data.data, data.length); - ret++; - } - krb5_data_free(&data); - return ret; -} - -int -main(int argc, char **argv) -{ - int nerr = 0; - krb5_storage *sp; - krb5_context context; - krb5_principal principal; - - - krb5_init_context(&context); - - sp = krb5_storage_emem(); - krb5_store_int32(sp, 0x01020304); - nerr += compare("Integer", sp, "\x1\x2\x3\x4", 4); - - sp = krb5_storage_emem(); - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_LE); - krb5_store_int32(sp, 0x01020304); - nerr += compare("Integer (LE)", sp, "\x4\x3\x2\x1", 4); - - sp = krb5_storage_emem(); - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE); - krb5_store_int32(sp, 0x01020304); - nerr += compare("Integer (BE)", sp, "\x1\x2\x3\x4", 4); - - sp = krb5_storage_emem(); - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_HOST); - krb5_store_int32(sp, 0x01020304); - { - int test = 1; - void *data; - if(*(char*)&test) - data = "\x4\x3\x2\x1"; - else - data = "\x1\x2\x3\x4"; - nerr += compare("Integer (host)", sp, data, 4); - } - - sp = krb5_storage_emem(); - krb5_make_principal(context, &principal, "TEST", "foobar", NULL); - krb5_store_principal(sp, principal); - krb5_free_principal(context, principal); - nerr += compare("Principal", sp, "\x0\x0\x0\x1" - "\x0\x0\x0\x1" - "\x0\x0\x0\x4TEST" - "\x0\x0\x0\x6""foobar", 26); - - krb5_free_context(context); - - return nerr ? 1 : 0; -} diff --git a/crypto/heimdal/lib/krb5/store.c b/crypto/heimdal/lib/krb5/store.c deleted file mode 100644 index c9cbbb5cef33..000000000000 --- a/crypto/heimdal/lib/krb5/store.c +++ /dev/null @@ -1,1035 +0,0 @@ -/* - * Copyright (c) 1997-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -#include "store-int.h" - -RCSID("$Id: store.c 22071 2007-11-14 20:04:50Z lha $"); - -#define BYTEORDER_IS(SP, V) (((SP)->flags & KRB5_STORAGE_BYTEORDER_MASK) == (V)) -#define BYTEORDER_IS_LE(SP) BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_LE) -#define BYTEORDER_IS_BE(SP) BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_BE) -#define BYTEORDER_IS_HOST(SP) (BYTEORDER_IS((SP), KRB5_STORAGE_BYTEORDER_HOST) || \ - krb5_storage_is_flags((SP), KRB5_STORAGE_HOST_BYTEORDER)) - -void KRB5_LIB_FUNCTION -krb5_storage_set_flags(krb5_storage *sp, krb5_flags flags) -{ - sp->flags |= flags; -} - -void KRB5_LIB_FUNCTION -krb5_storage_clear_flags(krb5_storage *sp, krb5_flags flags) -{ - sp->flags &= ~flags; -} - -krb5_boolean KRB5_LIB_FUNCTION -krb5_storage_is_flags(krb5_storage *sp, krb5_flags flags) -{ - return (sp->flags & flags) == flags; -} - -void KRB5_LIB_FUNCTION -krb5_storage_set_byteorder(krb5_storage *sp, krb5_flags byteorder) -{ - sp->flags &= ~KRB5_STORAGE_BYTEORDER_MASK; - sp->flags |= byteorder; -} - -krb5_flags KRB5_LIB_FUNCTION -krb5_storage_get_byteorder(krb5_storage *sp, krb5_flags byteorder) -{ - return sp->flags & KRB5_STORAGE_BYTEORDER_MASK; -} - -off_t KRB5_LIB_FUNCTION -krb5_storage_seek(krb5_storage *sp, off_t offset, int whence) -{ - return (*sp->seek)(sp, offset, whence); -} - -krb5_ssize_t KRB5_LIB_FUNCTION -krb5_storage_read(krb5_storage *sp, void *buf, size_t len) -{ - return sp->fetch(sp, buf, len); -} - -krb5_ssize_t KRB5_LIB_FUNCTION -krb5_storage_write(krb5_storage *sp, const void *buf, size_t len) -{ - return sp->store(sp, buf, len); -} - -void KRB5_LIB_FUNCTION -krb5_storage_set_eof_code(krb5_storage *sp, int code) -{ - sp->eof_code = code; -} - -krb5_ssize_t KRB5_LIB_FUNCTION -_krb5_put_int(void *buffer, unsigned long value, size_t size) -{ - unsigned char *p = buffer; - int i; - for (i = size - 1; i >= 0; i--) { - p[i] = value & 0xff; - value >>= 8; - } - return size; -} - -krb5_ssize_t KRB5_LIB_FUNCTION -_krb5_get_int(void *buffer, unsigned long *value, size_t size) -{ - unsigned char *p = buffer; - unsigned long v = 0; - int i; - for (i = 0; i < size; i++) - v = (v << 8) + p[i]; - *value = v; - return size; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_storage_free(krb5_storage *sp) -{ - if(sp->free) - (*sp->free)(sp); - free(sp->data); - free(sp); - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_storage_to_data(krb5_storage *sp, krb5_data *data) -{ - off_t pos; - size_t size; - krb5_error_code ret; - - pos = sp->seek(sp, 0, SEEK_CUR); - size = (size_t)sp->seek(sp, 0, SEEK_END); - ret = krb5_data_alloc (data, size); - if (ret) { - sp->seek(sp, pos, SEEK_SET); - return ret; - } - if (size) { - sp->seek(sp, 0, SEEK_SET); - sp->fetch(sp, data->data, data->length); - sp->seek(sp, pos, SEEK_SET); - } - return 0; -} - -static krb5_error_code -krb5_store_int(krb5_storage *sp, - int32_t value, - size_t len) -{ - int ret; - unsigned char v[16]; - - if(len > sizeof(v)) - return EINVAL; - _krb5_put_int(v, value, len); - ret = sp->store(sp, v, len); - if (ret != len) - return (ret<0)?errno:sp->eof_code; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_int32(krb5_storage *sp, - int32_t value) -{ - if(BYTEORDER_IS_HOST(sp)) - value = htonl(value); - else if(BYTEORDER_IS_LE(sp)) - value = bswap32(value); - return krb5_store_int(sp, value, 4); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_uint32(krb5_storage *sp, - uint32_t value) -{ - return krb5_store_int32(sp, (int32_t)value); -} - -static krb5_error_code -krb5_ret_int(krb5_storage *sp, - int32_t *value, - size_t len) -{ - int ret; - unsigned char v[4]; - unsigned long w; - ret = sp->fetch(sp, v, len); - if(ret != len) - return (ret<0)?errno:sp->eof_code; - _krb5_get_int(v, &w, len); - *value = w; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_int32(krb5_storage *sp, - int32_t *value) -{ - krb5_error_code ret = krb5_ret_int(sp, value, 4); - if(ret) - return ret; - if(BYTEORDER_IS_HOST(sp)) - *value = htonl(*value); - else if(BYTEORDER_IS_LE(sp)) - *value = bswap32(*value); - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_uint32(krb5_storage *sp, - uint32_t *value) -{ - krb5_error_code ret; - int32_t v; - - ret = krb5_ret_int32(sp, &v); - if (ret == 0) - *value = (uint32_t)v; - - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_int16(krb5_storage *sp, - int16_t value) -{ - if(BYTEORDER_IS_HOST(sp)) - value = htons(value); - else if(BYTEORDER_IS_LE(sp)) - value = bswap16(value); - return krb5_store_int(sp, value, 2); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_uint16(krb5_storage *sp, - uint16_t value) -{ - return krb5_store_int16(sp, (int16_t)value); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_int16(krb5_storage *sp, - int16_t *value) -{ - int32_t v; - int ret; - ret = krb5_ret_int(sp, &v, 2); - if(ret) - return ret; - *value = v; - if(BYTEORDER_IS_HOST(sp)) - *value = htons(*value); - else if(BYTEORDER_IS_LE(sp)) - *value = bswap16(*value); - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_uint16(krb5_storage *sp, - uint16_t *value) -{ - krb5_error_code ret; - int16_t v; - - ret = krb5_ret_int16(sp, &v); - if (ret == 0) - *value = (uint16_t)v; - - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_int8(krb5_storage *sp, - int8_t value) -{ - int ret; - - ret = sp->store(sp, &value, sizeof(value)); - if (ret != sizeof(value)) - return (ret<0)?errno:sp->eof_code; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_uint8(krb5_storage *sp, - uint8_t value) -{ - return krb5_store_int8(sp, (int8_t)value); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_int8(krb5_storage *sp, - int8_t *value) -{ - int ret; - - ret = sp->fetch(sp, value, sizeof(*value)); - if (ret != sizeof(*value)) - return (ret<0)?errno:sp->eof_code; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_uint8(krb5_storage *sp, - uint8_t *value) -{ - krb5_error_code ret; - int8_t v; - - ret = krb5_ret_int8(sp, &v); - if (ret == 0) - *value = (uint8_t)v; - - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_data(krb5_storage *sp, - krb5_data data) -{ - int ret; - ret = krb5_store_int32(sp, data.length); - if(ret < 0) - return ret; - ret = sp->store(sp, data.data, data.length); - if(ret != data.length){ - if(ret < 0) - return errno; - return sp->eof_code; - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_data(krb5_storage *sp, - krb5_data *data) -{ - int ret; - int32_t size; - - ret = krb5_ret_int32(sp, &size); - if(ret) - return ret; - ret = krb5_data_alloc (data, size); - if (ret) - return ret; - if (size) { - ret = sp->fetch(sp, data->data, size); - if(ret != size) - return (ret < 0)? errno : sp->eof_code; - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_string(krb5_storage *sp, const char *s) -{ - krb5_data data; - data.length = strlen(s); - data.data = rk_UNCONST(s); - return krb5_store_data(sp, data); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_string(krb5_storage *sp, - char **string) -{ - int ret; - krb5_data data; - ret = krb5_ret_data(sp, &data); - if(ret) - return ret; - *string = realloc(data.data, data.length + 1); - if(*string == NULL){ - free(data.data); - return ENOMEM; - } - (*string)[data.length] = 0; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_stringz(krb5_storage *sp, const char *s) -{ - size_t len = strlen(s) + 1; - ssize_t ret; - - ret = sp->store(sp, s, len); - if(ret != len) { - if(ret < 0) - return ret; - else - return sp->eof_code; - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_stringz(krb5_storage *sp, - char **string) -{ - char c; - char *s = NULL; - size_t len = 0; - ssize_t ret; - - while((ret = sp->fetch(sp, &c, 1)) == 1){ - char *tmp; - - len++; - tmp = realloc (s, len); - if (tmp == NULL) { - free (s); - return ENOMEM; - } - s = tmp; - s[len - 1] = c; - if(c == 0) - break; - } - if(ret != 1){ - free(s); - if(ret == 0) - return sp->eof_code; - return ret; - } - *string = s; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_stringnl(krb5_storage *sp, const char *s) -{ - size_t len = strlen(s); - ssize_t ret; - - ret = sp->store(sp, s, len); - if(ret != len) { - if(ret < 0) - return ret; - else - return sp->eof_code; - } - ret = sp->store(sp, "\n", 1); - if(ret != 1) { - if(ret < 0) - return ret; - else - return sp->eof_code; - } - - return 0; - -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_stringnl(krb5_storage *sp, - char **string) -{ - int expect_nl = 0; - char c; - char *s = NULL; - size_t len = 0; - ssize_t ret; - - while((ret = sp->fetch(sp, &c, 1)) == 1){ - char *tmp; - - if (c == '\r') { - expect_nl = 1; - continue; - } - if (expect_nl && c != '\n') { - free(s); - return KRB5_BADMSGTYPE; - } - - len++; - tmp = realloc (s, len); - if (tmp == NULL) { - free (s); - return ENOMEM; - } - s = tmp; - if(c == '\n') { - s[len - 1] = '\0'; - break; - } - s[len - 1] = c; - } - if(ret != 1){ - free(s); - if(ret == 0) - return sp->eof_code; - return ret; - } - *string = s; - return 0; -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_principal(krb5_storage *sp, - krb5_const_principal p) -{ - int i; - int ret; - - if(!krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE)) { - ret = krb5_store_int32(sp, p->name.name_type); - if(ret) return ret; - } - if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS)) - ret = krb5_store_int32(sp, p->name.name_string.len + 1); - else - ret = krb5_store_int32(sp, p->name.name_string.len); - - if(ret) return ret; - ret = krb5_store_string(sp, p->realm); - if(ret) return ret; - for(i = 0; i < p->name.name_string.len; i++){ - ret = krb5_store_string(sp, p->name.name_string.val[i]); - if(ret) return ret; - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_principal(krb5_storage *sp, - krb5_principal *princ) -{ - int i; - int ret; - krb5_principal p; - int32_t type; - int32_t ncomp; - - p = calloc(1, sizeof(*p)); - if(p == NULL) - return ENOMEM; - - if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE)) - type = KRB5_NT_UNKNOWN; - else if((ret = krb5_ret_int32(sp, &type))){ - free(p); - return ret; - } - if((ret = krb5_ret_int32(sp, &ncomp))){ - free(p); - return ret; - } - if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS)) - ncomp--; - if (ncomp < 0) { - free(p); - return EINVAL; - } - p->name.name_type = type; - p->name.name_string.len = ncomp; - ret = krb5_ret_string(sp, &p->realm); - if(ret) { - free(p); - return ret; - } - p->name.name_string.val = calloc(ncomp, sizeof(*p->name.name_string.val)); - if(p->name.name_string.val == NULL && ncomp != 0){ - free(p->realm); - free(p); - return ENOMEM; - } - for(i = 0; i < ncomp; i++){ - ret = krb5_ret_string(sp, &p->name.name_string.val[i]); - if(ret) { - while (i >= 0) - free(p->name.name_string.val[i--]); - free(p->realm); - free(p); - return ret; - } - } - *princ = p; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_keyblock(krb5_storage *sp, krb5_keyblock p) -{ - int ret; - ret = krb5_store_int16(sp, p.keytype); - if(ret) return ret; - - if(krb5_storage_is_flags(sp, KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE)){ - /* this should really be enctype, but it is the same as - keytype nowadays */ - ret = krb5_store_int16(sp, p.keytype); - if(ret) return ret; - } - - ret = krb5_store_data(sp, p.keyvalue); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_keyblock(krb5_storage *sp, krb5_keyblock *p) -{ - int ret; - int16_t tmp; - - ret = krb5_ret_int16(sp, &tmp); - if(ret) return ret; - p->keytype = tmp; - - if(krb5_storage_is_flags(sp, KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE)){ - ret = krb5_ret_int16(sp, &tmp); - if(ret) return ret; - } - - ret = krb5_ret_data(sp, &p->keyvalue); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_times(krb5_storage *sp, krb5_times times) -{ - int ret; - ret = krb5_store_int32(sp, times.authtime); - if(ret) return ret; - ret = krb5_store_int32(sp, times.starttime); - if(ret) return ret; - ret = krb5_store_int32(sp, times.endtime); - if(ret) return ret; - ret = krb5_store_int32(sp, times.renew_till); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_times(krb5_storage *sp, krb5_times *times) -{ - int ret; - int32_t tmp; - ret = krb5_ret_int32(sp, &tmp); - times->authtime = tmp; - if(ret) return ret; - ret = krb5_ret_int32(sp, &tmp); - times->starttime = tmp; - if(ret) return ret; - ret = krb5_ret_int32(sp, &tmp); - times->endtime = tmp; - if(ret) return ret; - ret = krb5_ret_int32(sp, &tmp); - times->renew_till = tmp; - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_address(krb5_storage *sp, krb5_address p) -{ - int ret; - ret = krb5_store_int16(sp, p.addr_type); - if(ret) return ret; - ret = krb5_store_data(sp, p.address); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_address(krb5_storage *sp, krb5_address *adr) -{ - int16_t t; - int ret; - ret = krb5_ret_int16(sp, &t); - if(ret) return ret; - adr->addr_type = t; - ret = krb5_ret_data(sp, &adr->address); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_addrs(krb5_storage *sp, krb5_addresses p) -{ - int i; - int ret; - ret = krb5_store_int32(sp, p.len); - if(ret) return ret; - for(i = 0; ilen = tmp; - ALLOC(adr->val, adr->len); - if (adr->val == NULL && adr->len != 0) - return ENOMEM; - for(i = 0; i < adr->len; i++){ - ret = krb5_ret_address(sp, &adr->val[i]); - if(ret) break; - } - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_authdata(krb5_storage *sp, krb5_authdata auth) -{ - krb5_error_code ret; - int i; - ret = krb5_store_int32(sp, auth.len); - if(ret) return ret; - for(i = 0; i < auth.len; i++){ - ret = krb5_store_int16(sp, auth.val[i].ad_type); - if(ret) break; - ret = krb5_store_data(sp, auth.val[i].ad_data); - if(ret) break; - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_authdata(krb5_storage *sp, krb5_authdata *auth) -{ - krb5_error_code ret; - int32_t tmp; - int16_t tmp2; - int i; - ret = krb5_ret_int32(sp, &tmp); - if(ret) return ret; - ALLOC_SEQ(auth, tmp); - if (auth->val == NULL && tmp != 0) - return ENOMEM; - for(i = 0; i < tmp; i++){ - ret = krb5_ret_int16(sp, &tmp2); - if(ret) break; - auth->val[i].ad_type = tmp2; - ret = krb5_ret_data(sp, &auth->val[i].ad_data); - if(ret) break; - } - return ret; -} - -static int32_t -bitswap32(int32_t b) -{ - int32_t r = 0; - int i; - for (i = 0; i < 32; i++) { - r = r << 1 | (b & 1); - b = b >> 1; - } - return r; -} - - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_creds(krb5_storage *sp, krb5_creds *creds) -{ - int ret; - - ret = krb5_store_principal(sp, creds->client); - if(ret) - return ret; - ret = krb5_store_principal(sp, creds->server); - if(ret) - return ret; - ret = krb5_store_keyblock(sp, creds->session); - if(ret) - return ret; - ret = krb5_store_times(sp, creds->times); - if(ret) - return ret; - ret = krb5_store_int8(sp, creds->second_ticket.length != 0); /* is_skey */ - if(ret) - return ret; - - if(krb5_storage_is_flags(sp, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER)) - ret = krb5_store_int32(sp, creds->flags.i); - else - ret = krb5_store_int32(sp, bitswap32(TicketFlags2int(creds->flags.b))); - if(ret) - return ret; - - ret = krb5_store_addrs(sp, creds->addresses); - if(ret) - return ret; - ret = krb5_store_authdata(sp, creds->authdata); - if(ret) - return ret; - ret = krb5_store_data(sp, creds->ticket); - if(ret) - return ret; - ret = krb5_store_data(sp, creds->second_ticket); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_creds(krb5_storage *sp, krb5_creds *creds) -{ - krb5_error_code ret; - int8_t dummy8; - int32_t dummy32; - - memset(creds, 0, sizeof(*creds)); - ret = krb5_ret_principal (sp, &creds->client); - if(ret) goto cleanup; - ret = krb5_ret_principal (sp, &creds->server); - if(ret) goto cleanup; - ret = krb5_ret_keyblock (sp, &creds->session); - if(ret) goto cleanup; - ret = krb5_ret_times (sp, &creds->times); - if(ret) goto cleanup; - ret = krb5_ret_int8 (sp, &dummy8); - if(ret) goto cleanup; - ret = krb5_ret_int32 (sp, &dummy32); - if(ret) goto cleanup; - /* - * Runtime detect the what is the higher bits of the bitfield. If - * any of the higher bits are set in the input data, it's either a - * new ticket flag (and this code need to be removed), or it's a - * MIT cache (or new Heimdal cache), lets change it to our current - * format. - */ - { - uint32_t mask = 0xffff0000; - creds->flags.i = 0; - creds->flags.b.anonymous = 1; - if (creds->flags.i & mask) - mask = ~mask; - if (dummy32 & mask) - dummy32 = bitswap32(dummy32); - } - creds->flags.i = dummy32; - ret = krb5_ret_addrs (sp, &creds->addresses); - if(ret) goto cleanup; - ret = krb5_ret_authdata (sp, &creds->authdata); - if(ret) goto cleanup; - ret = krb5_ret_data (sp, &creds->ticket); - if(ret) goto cleanup; - ret = krb5_ret_data (sp, &creds->second_ticket); -cleanup: - if(ret) { -#if 0 - krb5_free_cred_contents(context, creds); /* XXX */ -#endif - } - return ret; -} - -#define SC_CLIENT_PRINCIPAL 0x0001 -#define SC_SERVER_PRINCIPAL 0x0002 -#define SC_SESSION_KEY 0x0004 -#define SC_TICKET 0x0008 -#define SC_SECOND_TICKET 0x0010 -#define SC_AUTHDATA 0x0020 -#define SC_ADDRESSES 0x0040 - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_store_creds_tag(krb5_storage *sp, krb5_creds *creds) -{ - int ret; - int32_t header = 0; - - if (creds->client) - header |= SC_CLIENT_PRINCIPAL; - if (creds->server) - header |= SC_SERVER_PRINCIPAL; - if (creds->session.keytype != ETYPE_NULL) - header |= SC_SESSION_KEY; - if (creds->ticket.data) - header |= SC_TICKET; - if (creds->second_ticket.length) - header |= SC_SECOND_TICKET; - if (creds->authdata.len) - header |= SC_AUTHDATA; - if (creds->addresses.len) - header |= SC_ADDRESSES; - - ret = krb5_store_int32(sp, header); - - if (creds->client) { - ret = krb5_store_principal(sp, creds->client); - if(ret) - return ret; - } - - if (creds->server) { - ret = krb5_store_principal(sp, creds->server); - if(ret) - return ret; - } - - if (creds->session.keytype != ETYPE_NULL) { - ret = krb5_store_keyblock(sp, creds->session); - if(ret) - return ret; - } - - ret = krb5_store_times(sp, creds->times); - if(ret) - return ret; - ret = krb5_store_int8(sp, creds->second_ticket.length != 0); /* is_skey */ - if(ret) - return ret; - - ret = krb5_store_int32(sp, bitswap32(TicketFlags2int(creds->flags.b))); - if(ret) - return ret; - - if (creds->addresses.len) { - ret = krb5_store_addrs(sp, creds->addresses); - if(ret) - return ret; - } - - if (creds->authdata.len) { - ret = krb5_store_authdata(sp, creds->authdata); - if(ret) - return ret; - } - - if (creds->ticket.data) { - ret = krb5_store_data(sp, creds->ticket); - if(ret) - return ret; - } - - if (creds->second_ticket.data) { - ret = krb5_store_data(sp, creds->second_ticket); - if (ret) - return ret; - } - - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ret_creds_tag(krb5_storage *sp, - krb5_creds *creds) -{ - krb5_error_code ret; - int8_t dummy8; - int32_t dummy32, header; - - memset(creds, 0, sizeof(*creds)); - - ret = krb5_ret_int32 (sp, &header); - if (ret) goto cleanup; - - if (header & SC_CLIENT_PRINCIPAL) { - ret = krb5_ret_principal (sp, &creds->client); - if(ret) goto cleanup; - } - if (header & SC_SERVER_PRINCIPAL) { - ret = krb5_ret_principal (sp, &creds->server); - if(ret) goto cleanup; - } - if (header & SC_SESSION_KEY) { - ret = krb5_ret_keyblock (sp, &creds->session); - if(ret) goto cleanup; - } - ret = krb5_ret_times (sp, &creds->times); - if(ret) goto cleanup; - ret = krb5_ret_int8 (sp, &dummy8); - if(ret) goto cleanup; - ret = krb5_ret_int32 (sp, &dummy32); - if(ret) goto cleanup; - /* - * Runtime detect the what is the higher bits of the bitfield. If - * any of the higher bits are set in the input data, it's either a - * new ticket flag (and this code need to be removed), or it's a - * MIT cache (or new Heimdal cache), lets change it to our current - * format. - */ - { - uint32_t mask = 0xffff0000; - creds->flags.i = 0; - creds->flags.b.anonymous = 1; - if (creds->flags.i & mask) - mask = ~mask; - if (dummy32 & mask) - dummy32 = bitswap32(dummy32); - } - creds->flags.i = dummy32; - if (header & SC_ADDRESSES) { - ret = krb5_ret_addrs (sp, &creds->addresses); - if(ret) goto cleanup; - } - if (header & SC_AUTHDATA) { - ret = krb5_ret_authdata (sp, &creds->authdata); - if(ret) goto cleanup; - } - if (header & SC_TICKET) { - ret = krb5_ret_data (sp, &creds->ticket); - if(ret) goto cleanup; - } - if (header & SC_SECOND_TICKET) { - ret = krb5_ret_data (sp, &creds->second_ticket); - if(ret) goto cleanup; - } - -cleanup: - if(ret) { -#if 0 - krb5_free_cred_contents(context, creds); /* XXX */ -#endif - } - return ret; -} diff --git a/crypto/heimdal/lib/krb5/store_emem.c b/crypto/heimdal/lib/krb5/store_emem.c deleted file mode 100644 index b59a647f8043..000000000000 --- a/crypto/heimdal/lib/krb5/store_emem.c +++ /dev/null @@ -1,143 +0,0 @@ -/* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -#include "store-int.h" - -RCSID("$Id: store_emem.c 21745 2007-07-31 16:11:25Z lha $"); - -typedef struct emem_storage{ - unsigned char *base; - size_t size; - size_t len; - unsigned char *ptr; -}emem_storage; - -static ssize_t -emem_fetch(krb5_storage *sp, void *data, size_t size) -{ - emem_storage *s = (emem_storage*)sp->data; - if(s->base + s->len - s->ptr < size) - size = s->base + s->len - s->ptr; - memmove(data, s->ptr, size); - sp->seek(sp, size, SEEK_CUR); - return size; -} - -static ssize_t -emem_store(krb5_storage *sp, const void *data, size_t size) -{ - emem_storage *s = (emem_storage*)sp->data; - if(size > s->base + s->size - s->ptr){ - void *base; - size_t sz, off; - off = s->ptr - s->base; - sz = off + size; - if (sz < 4096) - sz *= 2; - base = realloc(s->base, sz); - if(base == NULL) - return 0; - s->size = sz; - s->base = base; - s->ptr = (unsigned char*)base + off; - } - memmove(s->ptr, data, size); - sp->seek(sp, size, SEEK_CUR); - return size; -} - -static off_t -emem_seek(krb5_storage *sp, off_t offset, int whence) -{ - emem_storage *s = (emem_storage*)sp->data; - switch(whence){ - case SEEK_SET: - if(offset > s->size) - offset = s->size; - if(offset < 0) - offset = 0; - s->ptr = s->base + offset; - if(offset > s->len) - s->len = offset; - break; - case SEEK_CUR: - sp->seek(sp,s->ptr - s->base + offset, SEEK_SET); - break; - case SEEK_END: - sp->seek(sp, s->len + offset, SEEK_SET); - break; - default: - errno = EINVAL; - return -1; - } - return s->ptr - s->base; -} - -static void -emem_free(krb5_storage *sp) -{ - emem_storage *s = sp->data; - memset(s->base, 0, s->len); - free(s->base); -} - -krb5_storage * KRB5_LIB_FUNCTION -krb5_storage_emem(void) -{ - krb5_storage *sp = malloc(sizeof(krb5_storage)); - if (sp == NULL) - return NULL; - emem_storage *s = malloc(sizeof(*s)); - if (s == NULL) { - free(sp); - return NULL; - } - sp->data = s; - sp->flags = 0; - sp->eof_code = HEIM_ERR_EOF; - s->size = 1024; - s->base = malloc(s->size); - if (s->base == NULL) { - free(sp); - free(s); - return NULL; - } - s->len = 0; - s->ptr = s->base; - sp->fetch = emem_fetch; - sp->store = emem_store; - sp->seek = emem_seek; - sp->free = emem_free; - return sp; -} diff --git a/crypto/heimdal/lib/krb5/store_fd.c b/crypto/heimdal/lib/krb5/store_fd.c deleted file mode 100644 index 15f86fcac30b..000000000000 --- a/crypto/heimdal/lib/krb5/store_fd.c +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -#include "store-int.h" - -RCSID("$Id: store_fd.c 17779 2006-06-30 21:23:19Z lha $"); - -typedef struct fd_storage { - int fd; -} fd_storage; - -#define FD(S) (((fd_storage*)(S)->data)->fd) - -static ssize_t -fd_fetch(krb5_storage * sp, void *data, size_t size) -{ - return net_read(FD(sp), data, size); -} - -static ssize_t -fd_store(krb5_storage * sp, const void *data, size_t size) -{ - return net_write(FD(sp), data, size); -} - -static off_t -fd_seek(krb5_storage * sp, off_t offset, int whence) -{ - return lseek(FD(sp), offset, whence); -} - -static void -fd_free(krb5_storage * sp) -{ - close(FD(sp)); -} - -krb5_storage * KRB5_LIB_FUNCTION -krb5_storage_from_fd(int fd) -{ - krb5_storage *sp; - - fd = dup(fd); - if (fd < 0) - return NULL; - - sp = malloc(sizeof(krb5_storage)); - if (sp == NULL) { - close(fd); - return NULL; - } - - sp->data = malloc(sizeof(fd_storage)); - if (sp->data == NULL) { - close(fd); - free(sp); - return NULL; - } - sp->flags = 0; - sp->eof_code = HEIM_ERR_EOF; - FD(sp) = fd; - sp->fetch = fd_fetch; - sp->store = fd_store; - sp->seek = fd_seek; - sp->free = fd_free; - return sp; -} diff --git a/crypto/heimdal/lib/krb5/store_mem.c b/crypto/heimdal/lib/krb5/store_mem.c deleted file mode 100644 index e6e62b5a62e4..000000000000 --- a/crypto/heimdal/lib/krb5/store_mem.c +++ /dev/null @@ -1,150 +0,0 @@ -/* - * Copyright (c) 1997 - 2000, 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -#include "store-int.h" - -RCSID("$Id: store_mem.c 20307 2007-04-11 11:16:28Z lha $"); - -typedef struct mem_storage{ - unsigned char *base; - size_t size; - unsigned char *ptr; -}mem_storage; - -static ssize_t -mem_fetch(krb5_storage *sp, void *data, size_t size) -{ - mem_storage *s = (mem_storage*)sp->data; - if(size > s->base + s->size - s->ptr) - size = s->base + s->size - s->ptr; - memmove(data, s->ptr, size); - sp->seek(sp, size, SEEK_CUR); - return size; -} - -static ssize_t -mem_store(krb5_storage *sp, const void *data, size_t size) -{ - mem_storage *s = (mem_storage*)sp->data; - if(size > s->base + s->size - s->ptr) - size = s->base + s->size - s->ptr; - memmove(s->ptr, data, size); - sp->seek(sp, size, SEEK_CUR); - return size; -} - -static ssize_t -mem_no_store(krb5_storage *sp, const void *data, size_t size) -{ - return -1; -} - -static off_t -mem_seek(krb5_storage *sp, off_t offset, int whence) -{ - mem_storage *s = (mem_storage*)sp->data; - switch(whence){ - case SEEK_SET: - if(offset > s->size) - offset = s->size; - if(offset < 0) - offset = 0; - s->ptr = s->base + offset; - break; - case SEEK_CUR: - return sp->seek(sp, s->ptr - s->base + offset, SEEK_SET); - case SEEK_END: - return sp->seek(sp, s->size + offset, SEEK_SET); - default: - errno = EINVAL; - return -1; - } - return s->ptr - s->base; -} - -krb5_storage * KRB5_LIB_FUNCTION -krb5_storage_from_mem(void *buf, size_t len) -{ - krb5_storage *sp = malloc(sizeof(krb5_storage)); - mem_storage *s; - if(sp == NULL) - return NULL; - s = malloc(sizeof(*s)); - if(s == NULL) { - free(sp); - return NULL; - } - sp->data = s; - sp->flags = 0; - sp->eof_code = HEIM_ERR_EOF; - s->base = buf; - s->size = len; - s->ptr = buf; - sp->fetch = mem_fetch; - sp->store = mem_store; - sp->seek = mem_seek; - sp->free = NULL; - return sp; -} - -krb5_storage * KRB5_LIB_FUNCTION -krb5_storage_from_data(krb5_data *data) -{ - return krb5_storage_from_mem(data->data, data->length); -} - -krb5_storage * KRB5_LIB_FUNCTION -krb5_storage_from_readonly_mem(const void *buf, size_t len) -{ - krb5_storage *sp = malloc(sizeof(krb5_storage)); - mem_storage *s; - if(sp == NULL) - return NULL; - s = malloc(sizeof(*s)); - if(s == NULL) { - free(sp); - return NULL; - } - sp->data = s; - sp->flags = 0; - sp->eof_code = HEIM_ERR_EOF; - s->base = rk_UNCONST(buf); - s->size = len; - s->ptr = rk_UNCONST(buf); - sp->fetch = mem_fetch; - sp->store = mem_no_store; - sp->seek = mem_seek; - sp->free = NULL; - return sp; -} diff --git a/crypto/heimdal/lib/krb5/string-to-key-test.c b/crypto/heimdal/lib/krb5/string-to-key-test.c deleted file mode 100644 index 30075ea6b956..000000000000 --- a/crypto/heimdal/lib/krb5/string-to-key-test.c +++ /dev/null @@ -1,140 +0,0 @@ -/* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include - -RCSID("$Id: string-to-key-test.c 16344 2005-12-02 15:15:43Z lha $"); - -enum { MAXSIZE = 24 }; - -static struct testcase { - const char *principal_name; - const char *password; - krb5_enctype enctype; - unsigned char res[MAXSIZE]; -} tests[] = { - {"@", "", ETYPE_DES_CBC_MD5, - {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0xf1}}, - {"nisse@FOO.SE", "hej", ETYPE_DES_CBC_MD5, - {0xfe, 0x67, 0xbf, 0x9e, 0x57, 0x6b, 0xfe, 0x52}}, - {"assar/liten@FOO.SE", "hemligt", ETYPE_DES_CBC_MD5, - {0x5b, 0x9b, 0xcb, 0xf2, 0x97, 0x43, 0xc8, 0x40}}, -#if 0 - {"@", "", ETYPE_DES3_CBC_SHA1, - {0xce, 0xa2, 0x2f, 0x9b, 0x52, 0x2c, 0xb0, 0x15, 0x6e, 0x6b, 0x64, - 0x73, 0x62, 0x64, 0x73, 0x4f, 0x6e, 0x73, 0xce, 0xa2, 0x2f, 0x9b, - 0x52, 0x57}}, -#endif - {"nisse@FOO.SE", "hej", ETYPE_DES3_CBC_SHA1, - {0x0e, 0xbc, 0x23, 0x9d, 0x68, 0x46, 0xf2, 0xd5, 0x51, 0x98, 0x5b, - 0x57, 0xc1, 0x57, 0x01, 0x79, 0x04, 0xc4, 0xe9, 0xfe, 0xc1, 0x0e, - 0x13, 0xd0}}, - {"assar/liten@FOO.SE", "hemligt", ETYPE_DES3_CBC_SHA1, - {0x7f, 0x40, 0x67, 0xb9, 0xbc, 0xc4, 0x40, 0xfb, 0x43, 0x73, 0xd9, - 0xd3, 0xcd, 0x7c, 0xc7, 0x67, 0xe6, 0x79, 0x94, 0xd0, 0xa8, 0x34, - 0xdf, 0x62}}, - {"does/not@MATTER", "foo", ETYPE_ARCFOUR_HMAC_MD5, - {0xac, 0x8e, 0x65, 0x7f, 0x83, 0xdf, 0x82, 0xbe, - 0xea, 0x5d, 0x43, 0xbd, 0xaf, 0x78, 0x00, 0xcc}}, - {"raeburn@ATHENA.MIT.EDU", "password", ETYPE_DES_CBC_MD5, - {0xcb, 0xc2, 0x2f, 0xae, 0x23, 0x52, 0x98, 0xe3}}, - {"danny@WHITEHOUSE.GOV", "potatoe", ETYPE_DES_CBC_MD5, - {0xdf, 0x3d, 0x32, 0xa7, 0x4f, 0xd9, 0x2a, 0x01}}, - {"buckaroo@EXAMPLE.COM", "penny", ETYPE_DES_CBC_MD5, - {0x94, 0x43, 0xa2, 0xe5, 0x32, 0xfd, 0xc4, 0xf1}}, - {"Juri\xc5\xa1i\xc4\x87@ATHENA.MIT.EDU", "\xc3\x9f", ETYPE_DES_CBC_MD5, - {0x62, 0xc8, 0x1a, 0x52, 0x32, 0xb5, 0xe6, 0x9d}}, - {"AAAAAAAA", "11119999", ETYPE_DES_CBC_MD5, - {0x98, 0x40, 0x54, 0xd0, 0xf1, 0xa7, 0x3e, 0x31}}, - {"FFFFAAAA", "NNNN6666", ETYPE_DES_CBC_MD5, - {0xc4, 0xbf, 0x6b, 0x25, 0xad, 0xf7, 0xa4, 0xf8}}, - {"raeburn@ATHENA.MIT.EDU", "password", ETYPE_DES3_CBC_SHA1, - {0x85, 0x0b, 0xb5, 0x13, 0x58, 0x54, 0x8c, 0xd0, 0x5e, 0x86, 0x76, 0x8c, 0x31, 0x3e, 0x3b, 0xfe, 0xf7, 0x51, 0x19, 0x37, 0xdc, 0xf7, 0x2c, 0x3e}}, - {"danny@WHITEHOUSE.GOV", "potatoe", ETYPE_DES3_CBC_SHA1, - {0xdf, 0xcd, 0x23, 0x3d, 0xd0, 0xa4, 0x32, 0x04, 0xea, 0x6d, 0xc4, 0x37, 0xfb, 0x15, 0xe0, 0x61, 0xb0, 0x29, 0x79, 0xc1, 0xf7, 0x4f, 0x37, 0x7a}}, - {"buckaroo@EXAMPLE.COM", "penny", ETYPE_DES3_CBC_SHA1, - {0x6d, 0x2f, 0xcd, 0xf2, 0xd6, 0xfb, 0xbc, 0x3d, 0xdc, 0xad, 0xb5, 0xda, 0x57, 0x10, 0xa2, 0x34, 0x89, 0xb0, 0xd3, 0xb6, 0x9d, 0x5d, 0x9d, 0x4a}}, - {"Juri\xc5\xa1i\xc4\x87@ATHENA.MIT.EDU", "\xc3\x9f", ETYPE_DES3_CBC_SHA1, - {0x16, 0xd5, 0xa4, 0x0e, 0x1c, 0xe3, 0xba, 0xcb, 0x61, 0xb9, 0xdc, 0xe0, 0x04, 0x70, 0x32, 0x4c, 0x83, 0x19, 0x73, 0xa7, 0xb9, 0x52, 0xfe, 0xb0}}, - {NULL} -}; - -int -main(int argc, char **argv) -{ - struct testcase *t; - krb5_context context; - krb5_error_code ret; - int val = 0; - - ret = krb5_init_context (&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - /* to enable realm-less principal name above */ - - krb5_set_default_realm(context, ""); - - for (t = tests; t->principal_name; ++t) { - krb5_keyblock key; - krb5_principal principal; - int i; - - ret = krb5_parse_name (context, t->principal_name, &principal); - if (ret) - krb5_err (context, 1, ret, "krb5_parse_name %s", - t->principal_name); - ret = krb5_string_to_key (context, t->enctype, t->password, - principal, &key); - if (ret) - krb5_err (context, 1, ret, "krb5_string_to_key"); - krb5_free_principal (context, principal); - if (memcmp (key.keyvalue.data, t->res, key.keyvalue.length) != 0) { - const unsigned char *p = key.keyvalue.data; - - printf ("string_to_key(%s, %s) failed\n", - t->principal_name, t->password); - printf ("should be: "); - for (i = 0; i < key.keyvalue.length; ++i) - printf ("%02x", t->res[i]); - printf ("\nresult was: "); - for (i = 0; i < key.keyvalue.length; ++i) - printf ("%02x", p[i]); - printf ("\n"); - val = 1; - } - krb5_free_keyblock_contents(context, &key); - } - krb5_free_context(context); - return val; -} diff --git a/crypto/heimdal/lib/krb5/test_acl.c b/crypto/heimdal/lib/krb5/test_acl.c deleted file mode 100644 index e52f31a8b5a1..000000000000 --- a/crypto/heimdal/lib/krb5/test_acl.c +++ /dev/null @@ -1,113 +0,0 @@ -/* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include - -RCSID("$Id: test_acl.c 15036 2005-04-30 15:19:58Z lha $"); - -#define RETVAL(c, r, e, s) \ - do { if (r != e) krb5_errx(c, 1, "%s", s); } while (0) -#define STRINGMATCH(c, s, _s1, _s2) \ - do { \ - if (_s1 == NULL || _s2 == NULL) \ - krb5_errx(c, 1, "s1 or s2 is NULL"); \ - if (strcmp(_s1,_s2) != 0) \ - krb5_errx(c, 1, "%s", s); \ - } while (0) - -static void -test_match_string(krb5_context context) -{ - krb5_error_code ret; - char *s1, *s2; - - ret = krb5_acl_match_string(context, "foo", "s", "foo"); - RETVAL(context, ret, 0, "single s"); - ret = krb5_acl_match_string(context, "foo foo", "s", "foo"); - RETVAL(context, ret, EACCES, "too many strings"); - ret = krb5_acl_match_string(context, "foo bar", "ss", "foo", "bar"); - RETVAL(context, ret, 0, "two strings"); - ret = krb5_acl_match_string(context, "foo bar", "ss", "foo", "bar"); - RETVAL(context, ret, 0, "two strings double space"); - ret = krb5_acl_match_string(context, "foo \tbar", "ss", "foo", "bar"); - RETVAL(context, ret, 0, "two strings space + tab"); - ret = krb5_acl_match_string(context, "foo", "ss", "foo", "bar"); - RETVAL(context, ret, EACCES, "one string, two format strings"); - ret = krb5_acl_match_string(context, "foo", "ss", "foo", "foo"); - RETVAL(context, ret, EACCES, "one string, two format strings (same)"); - ret = krb5_acl_match_string(context, "foo \t", "s", "foo"); - RETVAL(context, ret, 0, "ending space"); - - ret = krb5_acl_match_string(context, "foo/bar", "f", "foo/bar"); - RETVAL(context, ret, 0, "liternal fnmatch"); - ret = krb5_acl_match_string(context, "foo/bar", "f", "foo/*"); - RETVAL(context, ret, 0, "foo/*"); - ret = krb5_acl_match_string(context, "foo/bar/baz", "f", "foo/*/baz"); - RETVAL(context, ret, 0, "foo/*/baz"); - - ret = krb5_acl_match_string(context, "foo", "r", &s1); - RETVAL(context, ret, 0, "ret 1"); - STRINGMATCH(context, "ret 1 match", s1, "foo"); free(s1); - - ret = krb5_acl_match_string(context, "foo bar", "rr", &s1, &s2); - RETVAL(context, ret, 0, "ret 2"); - STRINGMATCH(context, "ret 2 match 1", s1, "foo"); free(s1); - STRINGMATCH(context, "ret 2 match 2", s2, "bar"); free(s2); - - ret = krb5_acl_match_string(context, "foo bar", "sr", "bar", &s1); - RETVAL(context, ret, EACCES, "ret mismatch"); - if (s1 != NULL) krb5_errx(context, 1, "s1 not NULL"); - - ret = krb5_acl_match_string(context, "foo", "l", "foo"); - RETVAL(context, ret, EINVAL, "unknown letter"); -} - - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - - setprogname(argv[0]); - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - test_match_string(context); - - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/test_addr.c b/crypto/heimdal/lib/krb5/test_addr.c deleted file mode 100644 index 1ab47aecc028..000000000000 --- a/crypto/heimdal/lib/krb5/test_addr.c +++ /dev/null @@ -1,202 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include - -RCSID("$Id: test_addr.c 15036 2005-04-30 15:19:58Z lha $"); - -static void -print_addr(krb5_context context, const char *addr) -{ - krb5_addresses addresses; - krb5_error_code ret; - char buf[38]; - char buf2[1000]; - size_t len; - int i; - - ret = krb5_parse_address(context, addr, &addresses); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_address"); - - if (addresses.len < 1) - krb5_err(context, 1, ret, "too few addresses"); - - for (i = 0; i < addresses.len; i++) { - krb5_print_address(&addresses.val[i], buf, sizeof(buf), &len); -#if 0 - printf("addr %d: %s (%d/%d)\n", i, buf, (int)len, (int)strlen(buf)); -#endif - if (strlen(buf) > sizeof(buf)) - abort(); - krb5_print_address(&addresses.val[i], buf2, sizeof(buf2), &len); -#if 0 - printf("addr %d: %s (%d/%d)\n", i, buf2, (int)len, (int)strlen(buf2)); -#endif - if (strlen(buf2) > sizeof(buf2)) - abort(); - - } - krb5_free_addresses(context, &addresses); - -} - -static void -truncated_addr(krb5_context context, const char *addr, - size_t truncate_len, size_t outlen) -{ - krb5_addresses addresses; - krb5_error_code ret; - char *buf; - size_t len; - - buf = ecalloc(1, outlen + 1); - - ret = krb5_parse_address(context, addr, &addresses); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_address"); - - if (addresses.len != 1) - krb5_err(context, 1, ret, "addresses should be one"); - - krb5_print_address(&addresses.val[0], buf, truncate_len, &len); - -#if 0 - printf("addr %s (%d/%d)\n", buf, (int)len, (int)strlen(buf)); -#endif - - if (truncate_len > strlen(buf) + 1) - abort(); - if (outlen != len) - abort(); - - krb5_print_address(&addresses.val[0], buf, outlen + 1, &len); - -#if 0 - printf("addr %s (%d/%d)\n", buf, (int)len, (int)strlen(buf)); -#endif - - if (len != outlen) - abort(); - if (strlen(buf) != len) - abort(); - - krb5_free_addresses(context, &addresses); - free(buf); -} - -static void -check_truncation(krb5_context context, const char *addr) -{ - int i, len = strlen(addr); - - for (i = 0; i < len; i++) - truncated_addr(context, addr, i, len); -} - -static void -match_addr(krb5_context context, const char *range_addr, - const char *one_addr, int match) -{ - krb5_addresses range, one; - krb5_error_code ret; - - ret = krb5_parse_address(context, range_addr, &range); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_address"); - - if (range.len != 1) - krb5_err(context, 1, ret, "wrong num of addresses"); - - ret = krb5_parse_address(context, one_addr, &one); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_address"); - - if (one.len != 1) - krb5_err(context, 1, ret, "wrong num of addresses"); - - if (krb5_address_order(context, &range.val[0], &one.val[0]) == 0) { - if (!match) - krb5_errx(context, 1, "match when one shouldn't be"); - } else { - if (match) - krb5_errx(context, 1, "no match when one should be"); - } - - krb5_free_addresses(context, &range); - krb5_free_addresses(context, &one); -} - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - - setprogname(argv[0]); - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - print_addr(context, "RANGE:127.0.0.0/8"); - print_addr(context, "RANGE:127.0.0.0/24"); - print_addr(context, "RANGE:IPv4:127.0.0.0-IPv4:127.0.0.255"); - print_addr(context, "RANGE:130.237.237.4/29"); -#ifdef HAVE_IPV6 - print_addr(context, "RANGE:fe80::209:6bff:fea0:e522/64"); - print_addr(context, "RANGE:IPv6:fe80::209:6bff:fea0:e522/64"); - print_addr(context, "RANGE:IPv6:fe80::-IPv6:fe80::ffff:ffff:ffff:ffff"); - print_addr(context, "RANGE:fe80::-fe80::ffff:ffff:ffff:ffff"); -#endif - - check_truncation(context, "IPv4:127.0.0.0"); - check_truncation(context, "RANGE:IPv4:127.0.0.0-IPv4:127.0.0.255"); -#ifdef HAVE_IPV6 - check_truncation(context, "IPv6:::1"); - check_truncation(context, "IPv6:fe80::ffff:ffff:ffff:ffff"); -#endif - - match_addr(context, "RANGE:127.0.0.0/8", "inet:127.0.0.0", 1); - match_addr(context, "RANGE:127.0.0.0/8", "inet:127.255.255.255", 1); - match_addr(context, "RANGE:127.0.0.0/8", "inet:128.0.0.0", 0); - - match_addr(context, "RANGE:130.237.237.8/29", "inet:130.237.237.7", 0); - match_addr(context, "RANGE:130.237.237.8/29", "inet:130.237.237.8", 1); - match_addr(context, "RANGE:130.237.237.8/29", "inet:130.237.237.15", 1); - match_addr(context, "RANGE:130.237.237.8/29", "inet:130.237.237.16", 0); - - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/test_alname.c b/crypto/heimdal/lib/krb5/test_alname.c deleted file mode 100644 index e8397b748026..000000000000 --- a/crypto/heimdal/lib/krb5/test_alname.c +++ /dev/null @@ -1,156 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include -#include - -RCSID("$Id: test_alname.c 15474 2005-06-17 04:48:02Z lha $"); - -static void -test_alname(krb5_context context, krb5_const_realm realm, - const char *user, const char *inst, - const char *localuser, int ok) -{ - krb5_principal p; - char localname[1024]; - krb5_error_code ret; - char *princ; - - ret = krb5_make_principal(context, &p, realm, user, inst, NULL); - if (ret) - krb5_err(context, 1, ret, "krb5_build_principal"); - - ret = krb5_unparse_name(context, p, &princ); - if (ret) - krb5_err(context, 1, ret, "krb5_unparse_name"); - - ret = krb5_aname_to_localname(context, p, sizeof(localname), localname); - krb5_free_principal(context, p); - free(princ); - if (ret) { - if (!ok) - return; - krb5_err(context, 1, ret, "krb5_aname_to_localname: %s -> %s", - princ, localuser); - } - - if (strcmp(localname, localuser) != 0) { - if (ok) - errx(1, "compared failed %s != %s (should have succeded)", - localname, localuser); - } else { - if (!ok) - errx(1, "compared failed %s == %s (should have failed)", - localname, localuser); - } - -} - -static int version_flag = 0; -static int help_flag = 0; - -static struct getargs args[] = { - {"version", 0, arg_flag, &version_flag, - "print version", NULL }, - {"help", 0, arg_flag, &help_flag, - NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - ""); - exit (ret); -} - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - krb5_realm realm; - int optidx = 0; - char *user; - - setprogname(argv[0]); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - if (argc != 1) - errx(1, "first argument should be a local user that in root .k5login"); - - user = argv[0]; - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - ret = krb5_get_default_realm(context, &realm); - if (ret) - krb5_err(context, 1, ret, "krb5_get_default_realm"); - - test_alname(context, realm, user, NULL, user, 1); - test_alname(context, realm, user, "root", "root", 1); - - test_alname(context, "FOO.BAR.BAZ.KAKA", user, NULL, user, 0); - test_alname(context, "FOO.BAR.BAZ.KAKA", user, "root", "root", 0); - - test_alname(context, realm, user, NULL, - "not-same-as-user", 0); - test_alname(context, realm, user, "root", - "not-same-as-user", 0); - - test_alname(context, "FOO.BAR.BAZ.KAKA", user, NULL, - "not-same-as-user", 0); - test_alname(context, "FOO.BAR.BAZ.KAKA", user, "root", - "not-same-as-user", 0); - - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/test_cc.c b/crypto/heimdal/lib/krb5/test_cc.c deleted file mode 100644 index 075cfe237fba..000000000000 --- a/crypto/heimdal/lib/krb5/test_cc.c +++ /dev/null @@ -1,532 +0,0 @@ -/* - * Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include -#include - -RCSID("$Id: test_cc.c 22115 2007-12-03 21:21:42Z lha $"); - -static int debug_flag = 0; -static int version_flag = 0; -static int help_flag = 0; - -static void -test_default_name(krb5_context context) -{ - krb5_error_code ret; - const char *p, *test_cc_name = "/tmp/krb5-cc-test-foo"; - char *p1, *p2, *p3; - - p = krb5_cc_default_name(context); - if (p == NULL) - krb5_errx (context, 1, "krb5_cc_default_name 1 failed"); - p1 = estrdup(p); - - ret = krb5_cc_set_default_name(context, NULL); - if (p == NULL) - krb5_errx (context, 1, "krb5_cc_set_default_name failed"); - - p = krb5_cc_default_name(context); - if (p == NULL) - krb5_errx (context, 1, "krb5_cc_default_name 2 failed"); - p2 = estrdup(p); - - if (strcmp(p1, p2) != 0) - krb5_errx (context, 1, "krb5_cc_default_name no longer same"); - - ret = krb5_cc_set_default_name(context, test_cc_name); - if (p == NULL) - krb5_errx (context, 1, "krb5_cc_set_default_name 1 failed"); - - p = krb5_cc_default_name(context); - if (p == NULL) - krb5_errx (context, 1, "krb5_cc_default_name 2 failed"); - p3 = estrdup(p); - - if (strcmp(p3, test_cc_name) != 0) - krb5_errx (context, 1, "krb5_cc_set_default_name 1 failed"); - - free(p1); - free(p2); - free(p3); -} - -/* - * Check that a closed cc still keeps it data and that it's no longer - * there when it's destroyed. - */ - -static void -test_mcache(krb5_context context) -{ - krb5_error_code ret; - krb5_ccache id, id2; - const char *nc, *tc; - char *c; - krb5_principal p, p2; - - ret = krb5_parse_name(context, "lha@SU.SE", &p); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &id); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_gen_new"); - - ret = krb5_cc_initialize(context, id, p); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_initialize"); - - nc = krb5_cc_get_name(context, id); - if (nc == NULL) - krb5_errx(context, 1, "krb5_cc_get_name"); - - tc = krb5_cc_get_type(context, id); - if (tc == NULL) - krb5_errx(context, 1, "krb5_cc_get_name"); - - asprintf(&c, "%s:%s", tc, nc); - - krb5_cc_close(context, id); - - ret = krb5_cc_resolve(context, c, &id2); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_resolve"); - - ret = krb5_cc_get_principal(context, id2, &p2); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_get_principal"); - - if (krb5_principal_compare(context, p, p2) == FALSE) - krb5_errx(context, 1, "p != p2"); - - krb5_cc_destroy(context, id2); - krb5_free_principal(context, p); - krb5_free_principal(context, p2); - - ret = krb5_cc_resolve(context, c, &id2); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_resolve"); - - ret = krb5_cc_get_principal(context, id2, &p2); - if (ret == 0) - krb5_errx(context, 1, "krb5_cc_get_principal"); - - krb5_cc_destroy(context, id2); - free(c); -} - -/* - * Test that init works on a destroyed cc. - */ - -static void -test_init_vs_destroy(krb5_context context, const krb5_cc_ops *ops) -{ - krb5_error_code ret; - krb5_ccache id, id2; - krb5_principal p, p2; - char *n; - - ret = krb5_parse_name(context, "lha@SU.SE", &p); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - ret = krb5_cc_gen_new(context, ops, &id); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_gen_new"); - - asprintf(&n, "%s:%s", - krb5_cc_get_type(context, id), - krb5_cc_get_name(context, id)); - - ret = krb5_cc_resolve(context, n, &id2); - free(n); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_resolve"); - - krb5_cc_destroy(context, id); - - ret = krb5_cc_initialize(context, id2, p); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_initialize"); - - ret = krb5_cc_get_principal(context, id2, &p2); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_get_principal"); - - krb5_cc_destroy(context, id2); - krb5_free_principal(context, p); - krb5_free_principal(context, p2); -} - -static void -test_fcache_remove(krb5_context context) -{ - krb5_error_code ret; - krb5_ccache id; - krb5_principal p; - krb5_creds cred; - - ret = krb5_parse_name(context, "lha@SU.SE", &p); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - ret = krb5_cc_gen_new(context, &krb5_fcc_ops, &id); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_gen_new"); - - ret = krb5_cc_initialize(context, id, p); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_initialize"); - - /* */ - memset(&cred, 0, sizeof(cred)); - ret = krb5_parse_name(context, "krbtgt/SU.SE@SU.SE", &cred.server); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - ret = krb5_parse_name(context, "lha@SU.SE", &cred.client); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - ret = krb5_cc_store_cred(context, id, &cred); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_store_cred"); - - ret = krb5_cc_remove_cred(context, id, 0, &cred); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_remove_cred"); - - ret = krb5_cc_destroy(context, id); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_destroy"); - - krb5_free_principal(context, p); - krb5_free_principal(context, cred.server); - krb5_free_principal(context, cred.client); -} - -static void -test_mcc_default(void) -{ - krb5_context context; - krb5_error_code ret; - krb5_ccache id, id2; - int i; - - for (i = 0; i < 10; i++) { - - ret = krb5_init_context(&context); - if (ret) - krb5_err(context, 1, ret, "krb5_init_context"); - - ret = krb5_cc_set_default_name(context, "MEMORY:foo"); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_set_default_name"); - - ret = krb5_cc_default(context, &id); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_default"); - - ret = krb5_cc_default(context, &id2); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_default"); - - ret = krb5_cc_close(context, id); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_close"); - - ret = krb5_cc_close(context, id2); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_close"); - - krb5_free_context(context); - } -} - -struct { - char *str; - int fail; - char *res; -} cc_names[] = { - { "foo", 0, "foo" }, - { "%{uid}", 0 }, - { "foo%{null}", 0, "foo" }, - { "foo%{null}bar", 0, "foobar" }, - { "%{", 1 }, - { "%{foo %{", 1 }, - { "%{{", 1 }, -}; - -static void -test_def_cc_name(krb5_context context) -{ - krb5_error_code ret; - char *str; - int i; - - for (i = 0; i < sizeof(cc_names)/sizeof(cc_names[0]); i++) { - ret = _krb5_expand_default_cc_name(context, cc_names[i].str, &str); - if (ret) { - if (cc_names[i].fail == 0) - krb5_errx(context, 1, "test %d \"%s\" failed", - i, cc_names[i].str); - } else { - if (cc_names[i].fail) - krb5_errx(context, 1, "test %d \"%s\" was successful", - i, cc_names[i].str); - if (cc_names[i].res && strcmp(cc_names[i].res, str) != 0) - krb5_errx(context, 1, "test %d %s != %s", - i, cc_names[i].res, str); - if (debug_flag) - printf("%s => %s\n", cc_names[i].str, str); - free(str); - } - } -} - -static void -test_cache_find(krb5_context context, const char *type, const char *principal, - int find) -{ - krb5_principal client; - krb5_error_code ret; - krb5_ccache id = NULL; - - ret = krb5_parse_name(context, principal, &client); - if (ret) - krb5_err(context, 1, ret, "parse_name for %s failed", principal); - - ret = krb5_cc_cache_match(context, client, type, &id); - if (ret && find) - krb5_err(context, 1, ret, "cc_cache_match for %s failed", principal); - if (ret == 0 && !find) - krb5_err(context, 1, ret, "cc_cache_match for %s found", principal); - - if (id) - krb5_cc_close(context, id); - krb5_free_principal(context, client); -} - - -static void -test_cache_iter(krb5_context context, const char *type, int destroy) -{ - krb5_cc_cache_cursor cursor; - krb5_error_code ret; - krb5_ccache id; - - ret = krb5_cc_cache_get_first (context, type, &cursor); - if (ret == KRB5_CC_NOSUPP) - return; - else if (ret) - krb5_err(context, 1, ret, "krb5_cc_cache_get_first(%s)", type); - - - while ((ret = krb5_cc_cache_next (context, cursor, &id)) == 0) { - krb5_principal principal; - char *name; - - if (debug_flag) - printf("name: %s\n", krb5_cc_get_name(context, id)); - ret = krb5_cc_get_principal(context, id, &principal); - if (ret == 0) { - ret = krb5_unparse_name(context, principal, &name); - if (ret == 0) { - if (debug_flag) - printf("\tprincipal: %s\n", name); - free(name); - } - krb5_free_principal(context, principal); - } - if (destroy) - krb5_cc_destroy(context, id); - else - krb5_cc_close(context, id); - } - - krb5_cc_cache_end_seq_get(context, cursor); -} - -static void -test_copy(krb5_context context, const char *fromtype, const char *totype) -{ - const krb5_cc_ops *from, *to; - krb5_ccache fromid, toid; - krb5_error_code ret; - krb5_principal p, p2; - - from = krb5_cc_get_prefix_ops(context, fromtype); - if (from == NULL) - krb5_errx(context, 1, "%s isn't a type", fromtype); - - to = krb5_cc_get_prefix_ops(context, totype); - if (to == NULL) - krb5_errx(context, 1, "%s isn't a type", totype); - - ret = krb5_parse_name(context, "lha@SU.SE", &p); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - ret = krb5_cc_gen_new(context, from, &fromid); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_gen_new"); - - ret = krb5_cc_initialize(context, fromid, p); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_initialize"); - - ret = krb5_cc_gen_new(context, to, &toid); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_gen_new"); - - ret = krb5_cc_copy_cache(context, fromid, toid); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_copy_cache"); - - ret = krb5_cc_get_principal(context, toid, &p2); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_get_principal"); - - if (krb5_principal_compare(context, p, p2) == FALSE) - krb5_errx(context, 1, "p != p2"); - - krb5_free_principal(context, p); - krb5_free_principal(context, p2); - - krb5_cc_destroy(context, fromid); - krb5_cc_destroy(context, toid); -} - -static void -test_prefix_ops(krb5_context context, const char *name, const krb5_cc_ops *ops) -{ - const krb5_cc_ops *o; - - o = krb5_cc_get_prefix_ops(context, name); - if (o == NULL) - krb5_errx(context, 1, "found no match for prefix '%s'", name); - if (strcmp(o->prefix, ops->prefix) != 0) - krb5_errx(context, 1, "ops for prefix '%s' is not " - "the expected %s != %s", name, o->prefix, ops->prefix); -} - - -static struct getargs args[] = { - {"debug", 'd', arg_flag, &debug_flag, - "turn on debuggin", NULL }, - {"version", 0, arg_flag, &version_flag, - "print version", NULL }, - {"help", 0, arg_flag, &help_flag, - NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, sizeof(args)/sizeof(*args), NULL, "hostname ..."); - exit (ret); -} - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - int optidx = 0; - krb5_ccache id1, id2; - - setprogname(argv[0]); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - test_fcache_remove(context); - test_default_name(context); - test_mcache(context); - test_init_vs_destroy(context, &krb5_mcc_ops); - test_init_vs_destroy(context, &krb5_fcc_ops); - test_mcc_default(); - test_def_cc_name(context); - test_cache_iter(context, "MEMORY", 0); - { - krb5_principal p; - krb5_cc_new_unique(context, "MEMORY", "bar", &id1); - krb5_cc_new_unique(context, "MEMORY", "baz", &id2); - krb5_parse_name(context, "lha@SU.SE", &p); - krb5_cc_initialize(context, id1, p); - krb5_free_principal(context, p); - } - - test_cache_find(context, "MEMORY", "lha@SU.SE", 1); - test_cache_find(context, "MEMORY", "hulabundulahotentot@SU.SE", 0); - - test_cache_iter(context, "MEMORY", 0); - test_cache_iter(context, "MEMORY", 1); - test_cache_iter(context, "MEMORY", 0); - test_cache_iter(context, "FILE", 0); - test_cache_iter(context, "API", 0); - - test_copy(context, "FILE", "FILE"); - test_copy(context, "MEMORY", "MEMORY"); - test_copy(context, "FILE", "MEMORY"); - test_copy(context, "MEMORY", "FILE"); - - test_prefix_ops(context, "FILE:/tmp/foo", &krb5_fcc_ops); - test_prefix_ops(context, "FILE", &krb5_fcc_ops); - test_prefix_ops(context, "MEMORY", &krb5_mcc_ops); - test_prefix_ops(context, "MEMORY:foo", &krb5_mcc_ops); - test_prefix_ops(context, "/tmp/kaka", &krb5_fcc_ops); - - krb5_cc_destroy(context, id1); - krb5_cc_destroy(context, id2); - - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/test_config.c b/crypto/heimdal/lib/krb5/test_config.c deleted file mode 100644 index 7fe224e68812..000000000000 --- a/crypto/heimdal/lib/krb5/test_config.c +++ /dev/null @@ -1,124 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "krb5_locl.h" -#include - -RCSID("$Id: test_config.c 15036 2005-04-30 15:19:58Z lha $"); - -static int -check_config_file(krb5_context context, char *filelist, char **res, int def) -{ - krb5_error_code ret; - char **pp; - int i; - - pp = NULL; - - if (def) - ret = krb5_prepend_config_files_default(filelist, &pp); - else - ret = krb5_prepend_config_files(filelist, NULL, &pp); - - if (ret) - krb5_err(context, 1, ret, "prepend_config_files"); - - for (i = 0; res[i] && pp[i]; i++) - if (strcmp(pp[i], res[i]) != 0) - krb5_errx(context, 1, "'%s' != '%s'", pp[i], res[i]); - - if (res[i] != NULL) - krb5_errx(context, 1, "pp ended before res list"); - - if (def) { - char **deflist; - int j; - - ret = krb5_get_default_config_files(&deflist); - if (ret) - krb5_err(context, 1, ret, "get_default_config_files"); - - for (j = 0 ; pp[i] && deflist[j]; i++, j++) - if (strcmp(pp[i], deflist[j]) != 0) - krb5_errx(context, 1, "'%s' != '%s'", pp[i], deflist[j]); - - if (deflist[j] != NULL) - krb5_errx(context, 1, "pp ended before def list"); - krb5_free_config_files(deflist); - } - - if (pp[i] != NULL) - krb5_errx(context, 1, "pp ended after res (and def) list"); - - krb5_free_config_files(pp); - - return 0; -} - -char *list0[] = { "/tmp/foo", NULL }; -char *list1[] = { "/tmp/foo", "/tmp/foo/bar", NULL }; -char *list2[] = { "", NULL }; - -struct { - char *fl; - char **res; -} test[] = { - { "/tmp/foo", NULL }, - { "/tmp/foo:/tmp/foo/bar", NULL }, - { "", NULL } -}; - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - int i; - - ret = krb5_init_context(&context); - if (ret) - errx(1, "krb5_init_context %d", ret); - - test[0].res = list0; - test[1].res = list1; - test[2].res = list2; - - for (i = 0; i < sizeof(test)/sizeof(*test); i++) { - check_config_file(context, test[i].fl, test[i].res, 0); - check_config_file(context, test[i].fl, test[i].res, 1); - } - - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/test_crypto.c b/crypto/heimdal/lib/krb5/test_crypto.c deleted file mode 100644 index 0837911f26aa..000000000000 --- a/crypto/heimdal/lib/krb5/test_crypto.c +++ /dev/null @@ -1,215 +0,0 @@ -/* - * Copyright (c) 2003-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include -#include - -RCSID("$Id: test_crypto.c 16290 2005-11-24 09:57:50Z lha $"); - -static void -time_encryption(krb5_context context, size_t size, - krb5_enctype etype, int iterations) -{ - struct timeval tv1, tv2; - krb5_error_code ret; - krb5_keyblock key; - krb5_crypto crypto; - krb5_data data; - char *etype_name; - void *buf; - int i; - - ret = krb5_generate_random_keyblock(context, etype, &key); - if (ret) - krb5_err(context, 1, ret, "krb5_generate_random_keyblock"); - - ret = krb5_enctype_to_string(context, etype, &etype_name); - if (ret) - krb5_err(context, 1, ret, "krb5_enctype_to_string"); - - buf = malloc(size); - if (buf == NULL) - krb5_errx(context, 1, "out of memory"); - memset(buf, 0, size); - - ret = krb5_crypto_init(context, &key, 0, &crypto); - if (ret) - krb5_err(context, 1, ret, "krb5_crypto_init"); - - gettimeofday(&tv1, NULL); - - for (i = 0; i < iterations; i++) { - ret = krb5_encrypt(context, crypto, 0, buf, size, &data); - if (ret) - krb5_err(context, 1, ret, "encrypt: %d", i); - krb5_data_free(&data); - } - - gettimeofday(&tv2, NULL); - - timevalsub(&tv2, &tv1); - - printf("%s size: %7lu iterations: %d time: %3ld.%06ld\n", - etype_name, (unsigned long)size, iterations, - (long)tv2.tv_sec, (long)tv2.tv_usec); - - free(buf); - free(etype_name); - krb5_crypto_destroy(context, crypto); - krb5_free_keyblock_contents(context, &key); -} - -static void -time_s2k(krb5_context context, - krb5_enctype etype, - const char *password, - krb5_salt salt, - int iterations) -{ - struct timeval tv1, tv2; - krb5_error_code ret; - krb5_keyblock key; - krb5_data opaque; - char *etype_name; - int i; - - ret = krb5_enctype_to_string(context, etype, &etype_name); - if (ret) - krb5_err(context, 1, ret, "krb5_enctype_to_string"); - - opaque.data = NULL; - opaque.length = 0; - - gettimeofday(&tv1, NULL); - - for (i = 0; i < iterations; i++) { - ret = krb5_string_to_key_salt_opaque(context, etype, password, salt, - opaque, &key); - if (ret) - krb5_err(context, 1, ret, "krb5_string_to_key_data_salt_opaque"); - krb5_free_keyblock_contents(context, &key); - } - - gettimeofday(&tv2, NULL); - - timevalsub(&tv2, &tv1); - - printf("%s string2key %d iterations time: %3ld.%06ld\n", - etype_name, iterations, (long)tv2.tv_sec, (long)tv2.tv_usec); - free(etype_name); - -} - -static int version_flag = 0; -static int help_flag = 0; - -static struct getargs args[] = { - {"version", 0, arg_flag, &version_flag, - "print version", NULL }, - {"help", 0, arg_flag, &help_flag, - NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - ""); - exit (ret); -} - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - int i, enciter, s2kiter; - int optidx = 0; - krb5_salt salt; - - krb5_enctype enctypes[] = { - ETYPE_DES_CBC_CRC, - ETYPE_DES3_CBC_SHA1, - ETYPE_ARCFOUR_HMAC_MD5, - ETYPE_AES128_CTS_HMAC_SHA1_96, - ETYPE_AES256_CTS_HMAC_SHA1_96 - }; - - setprogname(argv[0]); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - salt.salttype = KRB5_PW_SALT; - salt.saltvalue.data = NULL; - salt.saltvalue.length = 0; - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - enciter = 1000; - s2kiter = 100; - - for (i = 0; i < sizeof(enctypes)/sizeof(enctypes[0]); i++) { - - time_encryption(context, 16, enctypes[i], enciter); - time_encryption(context, 32, enctypes[i], enciter); - time_encryption(context, 512, enctypes[i], enciter); - time_encryption(context, 1024, enctypes[i], enciter); - time_encryption(context, 2048, enctypes[i], enciter); - time_encryption(context, 4096, enctypes[i], enciter); - time_encryption(context, 8192, enctypes[i], enciter); - time_encryption(context, 16384, enctypes[i], enciter); - time_encryption(context, 32768, enctypes[i], enciter); - - time_s2k(context, enctypes[i], "mYsecreitPassword", salt, s2kiter); - } - - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/test_crypto_wrapping.c b/crypto/heimdal/lib/krb5/test_crypto_wrapping.c deleted file mode 100644 index 1618fdf11797..000000000000 --- a/crypto/heimdal/lib/krb5/test_crypto_wrapping.c +++ /dev/null @@ -1,164 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include -#include - -RCSID("$Id: test_crypto_wrapping.c 18809 2006-10-22 07:11:43Z lha $"); - -static void -test_wrapping(krb5_context context, - size_t min_size, - size_t max_size, - size_t step, - krb5_enctype etype) -{ - krb5_error_code ret; - krb5_keyblock key; - krb5_crypto crypto; - krb5_data data; - char *etype_name; - void *buf; - size_t size; - - ret = krb5_generate_random_keyblock(context, etype, &key); - if (ret) - krb5_err(context, 1, ret, "krb5_generate_random_keyblock"); - - ret = krb5_enctype_to_string(context, etype, &etype_name); - if (ret) - krb5_err(context, 1, ret, "krb5_enctype_to_string"); - - buf = malloc(max_size); - if (buf == NULL) - krb5_errx(context, 1, "out of memory"); - memset(buf, 0, max_size); - - ret = krb5_crypto_init(context, &key, 0, &crypto); - if (ret) - krb5_err(context, 1, ret, "krb5_crypto_init"); - - for (size = min_size; size < max_size; size += step) { - size_t wrapped_size; - - ret = krb5_encrypt(context, crypto, 0, buf, size, &data); - if (ret) - krb5_err(context, 1, ret, "encrypt size %lu using %s", - (unsigned long)size, etype_name); - - wrapped_size = krb5_get_wrapped_length(context, crypto, size); - - if (wrapped_size != data.length) - krb5_errx(context, 1, "calculated wrapped length %lu != " - "real wrapped length %lu for data length %lu using " - "enctype %s", - (unsigned long)wrapped_size, - (unsigned long)data.length, - (unsigned long)size, - etype_name); - krb5_data_free(&data); - } - - free(etype_name); - free(buf); - krb5_crypto_destroy(context, crypto); - krb5_free_keyblock_contents(context, &key); -} - - - -static int version_flag = 0; -static int help_flag = 0; - -static struct getargs args[] = { - {"version", 0, arg_flag, &version_flag, - "print version", NULL }, - {"help", 0, arg_flag, &help_flag, - NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - ""); - exit (ret); -} - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - int i, optidx = 0; - - krb5_enctype enctypes[] = { - ETYPE_DES_CBC_CRC, - ETYPE_DES_CBC_MD4, - ETYPE_DES_CBC_MD5, - ETYPE_DES3_CBC_SHA1, - ETYPE_ARCFOUR_HMAC_MD5, - ETYPE_AES128_CTS_HMAC_SHA1_96, - ETYPE_AES256_CTS_HMAC_SHA1_96 - }; - - setprogname(argv[0]); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - for (i = 0; i < sizeof(enctypes)/sizeof(enctypes[0]); i++) { - test_wrapping(context, 0, 1024, 1, enctypes[i]); - test_wrapping(context, 1024, 1024 * 100, 1024, enctypes[i]); - } - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/test_forward.c b/crypto/heimdal/lib/krb5/test_forward.c deleted file mode 100644 index 163995334ed9..000000000000 --- a/crypto/heimdal/lib/krb5/test_forward.c +++ /dev/null @@ -1,136 +0,0 @@ -/* - * Copyright (c) 2008 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include -#include - -RCSID("$Id$"); - -static int version_flag = 0; -static int help_flag = 0; - -static struct getargs args[] = { - {"version", 0, arg_flag, &version_flag, - "print version", NULL }, - {"help", 0, arg_flag, &help_flag, - NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - "hostname"); - exit (ret); -} - -int -main(int argc, char **argv) -{ - const char *hostname; - krb5_context context; - krb5_auth_context ac; - krb5_error_code ret; - krb5_creds cred; - krb5_ccache id; - krb5_data data; - int optidx = 0; - - setprogname (argv[0]); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - if (argc < 1) - usage(1); - - hostname = argv[0]; - - memset(&cred, 0, sizeof(cred)); - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - ret = krb5_cc_default(context, &id); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_default failed: %d", ret); - - ret = krb5_auth_con_init(context, &ac); - if (ret) - krb5_err(context, 1, ret, "krb5_auth_con_init failed: %d", ret); - - krb5_auth_con_addflags(context, ac, - KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED, NULL); - - ret = krb5_cc_get_principal(context, id, &cred.client); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_get_principal"); - - ret = krb5_make_principal(context, - &cred.server, - krb5_principal_get_realm(context, cred.client), - KRB5_TGS_NAME, - krb5_principal_get_realm(context, cred.client), - NULL); - if (ret) - krb5_err(context, 1, ret, "krb5_make_principal(server)"); - - ret = krb5_get_forwarded_creds (context, - ac, - id, - KDC_OPT_FORWARDABLE, - hostname, - &cred, - &data); - if (ret) - krb5_err (context, 1, ret, "krb5_get_forwarded_creds"); - - krb5_data_free(&data); - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/test_get_addrs.c b/crypto/heimdal/lib/krb5/test_get_addrs.c deleted file mode 100644 index 1d53e0eb8c68..000000000000 --- a/crypto/heimdal/lib/krb5/test_get_addrs.c +++ /dev/null @@ -1,116 +0,0 @@ -/* - * Copyright (c) 2000 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include -#include - -RCSID("$Id: test_get_addrs.c 15474 2005-06-17 04:48:02Z lha $"); - -/* print all addresses that we find */ - -static void -print_addresses (krb5_context context, const krb5_addresses *addrs) -{ - int i; - char buf[256]; - size_t len; - - for (i = 0; i < addrs->len; ++i) { - krb5_print_address (&addrs->val[i], buf, sizeof(buf), &len); - printf ("%s\n", buf); - } -} - -static int version_flag = 0; -static int help_flag = 0; - -static struct getargs args[] = { - {"version", 0, arg_flag, &version_flag, - "print version", NULL }, - {"help", 0, arg_flag, &help_flag, - NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - ""); - exit (ret); -} - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - krb5_addresses addrs; - int optidx = 0; - - setprogname (argv[0]); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - ret = krb5_get_all_client_addrs (context, &addrs); - if (ret) - krb5_err (context, 1, ret, "krb5_get_all_client_addrs"); - printf ("client addresses\n"); - print_addresses (context, &addrs); - krb5_free_addresses (context, &addrs); - - ret = krb5_get_all_server_addrs (context, &addrs); - if (ret) - krb5_err (context, 1, ret, "krb5_get_all_server_addrs"); - printf ("server addresses\n"); - print_addresses (context, &addrs); - krb5_free_addresses (context, &addrs); - return 0; -} diff --git a/crypto/heimdal/lib/krb5/test_hostname.c b/crypto/heimdal/lib/krb5/test_hostname.c deleted file mode 100644 index 095cb391633e..000000000000 --- a/crypto/heimdal/lib/krb5/test_hostname.c +++ /dev/null @@ -1,152 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include -#include - -RCSID("$Id: test_hostname.c 15965 2005-08-23 20:18:55Z lha $"); - -static int debug_flag = 0; -static int version_flag = 0; -static int help_flag = 0; - -static int -expand_hostname(krb5_context context, const char *host) -{ - krb5_error_code ret; - char *h, **r; - - ret = krb5_expand_hostname(context, host, &h); - if (ret) - krb5_err(context, 1, ret, "krb5_expand_hostname(%s)", host); - - free(h); - - if (debug_flag) - printf("hostname: %s -> %s\n", host, h); - - ret = krb5_expand_hostname_realms(context, host, &h, &r); - if (ret) - krb5_err(context, 1, ret, "krb5_expand_hostname_realms(%s)", host); - - if (debug_flag) { - int j; - - printf("hostname: %s -> %s\n", host, h); - for (j = 0; r[j]; j++) { - printf("\trealm: %s\n", r[j]); - } - } - free(h); - krb5_free_host_realm(context, r); - - return 0; -} - -static int -test_expand_hostname(krb5_context context) -{ - int i, errors = 0; - - struct t { - krb5_error_code ret; - const char *orig_hostname; - const char *new_hostname; - } tests[] = { - { 0, "pstn1.su.se", "pstn1.su.se" }, - { 0, "pstnproxy.su.se", "pstnproxy.su.se" }, - }; - - for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) { - errors += expand_hostname(context, tests[i].orig_hostname); - } - - return errors; -} - -static struct getargs args[] = { - {"debug", 'd', arg_flag, &debug_flag, - "turn on debuggin", NULL }, - {"version", 0, arg_flag, &version_flag, - "print version", NULL }, - {"help", 0, arg_flag, &help_flag, - NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, sizeof(args)/sizeof(*args), NULL, "hostname ..."); - exit (ret); -} - - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - int optidx = 0, errors = 0; - - setprogname(argv[0]); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - if (argc > 0) { - while (argc-- > 0) - errors += expand_hostname(context, *argv++); - return errors; - } - - errors += test_expand_hostname(context); - - krb5_free_context(context); - - return errors; -} diff --git a/crypto/heimdal/lib/krb5/test_keytab.c b/crypto/heimdal/lib/krb5/test_keytab.c deleted file mode 100644 index 97361cc19a31..000000000000 --- a/crypto/heimdal/lib/krb5/test_keytab.c +++ /dev/null @@ -1,191 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include - -RCSID("$Id: test_keytab.c 18809 2006-10-22 07:11:43Z lha $"); - -/* - * Test that removal entry from of empty keytab doesn't corrupts - * memory. - */ - -static void -test_empty_keytab(krb5_context context, const char *keytab) -{ - krb5_error_code ret; - krb5_keytab id; - krb5_keytab_entry entry; - - ret = krb5_kt_resolve(context, keytab, &id); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_resolve"); - - memset(&entry, 0, sizeof(entry)); - - krb5_kt_remove_entry(context, id, &entry); - - ret = krb5_kt_close(context, id); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_close"); -} - -/* - * Test that memory keytab are refcounted. - */ - -static void -test_memory_keytab(krb5_context context, const char *keytab, const char *keytab2) -{ - krb5_error_code ret; - krb5_keytab id, id2, id3; - krb5_keytab_entry entry, entry2, entry3; - - ret = krb5_kt_resolve(context, keytab, &id); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_resolve"); - - memset(&entry, 0, sizeof(entry)); - ret = krb5_parse_name(context, "lha@SU.SE", &entry.principal); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - entry.vno = 1; - ret = krb5_generate_random_keyblock(context, - ETYPE_AES256_CTS_HMAC_SHA1_96, - &entry.keyblock); - if (ret) - krb5_err(context, 1, ret, "krb5_generate_random_keyblock"); - - krb5_kt_add_entry(context, id, &entry); - - ret = krb5_kt_resolve(context, keytab, &id2); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_resolve"); - - ret = krb5_kt_get_entry(context, id, - entry.principal, - 0, - ETYPE_AES256_CTS_HMAC_SHA1_96, - &entry2); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_get_entry"); - krb5_kt_free_entry(context, &entry2); - - ret = krb5_kt_close(context, id); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_close"); - - ret = krb5_kt_get_entry(context, id2, - entry.principal, - 0, - ETYPE_AES256_CTS_HMAC_SHA1_96, - &entry2); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_get_entry"); - krb5_kt_free_entry(context, &entry2); - - ret = krb5_kt_close(context, id2); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_close"); - - - ret = krb5_kt_resolve(context, keytab2, &id3); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_resolve"); - - memset(&entry3, 0, sizeof(entry3)); - ret = krb5_parse_name(context, "lha3@SU.SE", &entry3.principal); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - entry3.vno = 1; - ret = krb5_generate_random_keyblock(context, - ETYPE_AES256_CTS_HMAC_SHA1_96, - &entry3.keyblock); - if (ret) - krb5_err(context, 1, ret, "krb5_generate_random_keyblock"); - - krb5_kt_add_entry(context, id3, &entry3); - - - ret = krb5_kt_resolve(context, keytab, &id); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_resolve"); - - ret = krb5_kt_get_entry(context, id, - entry.principal, - 0, - ETYPE_AES256_CTS_HMAC_SHA1_96, - &entry2); - if (ret == 0) - krb5_errx(context, 1, "krb5_kt_get_entry when if should fail"); - - krb5_kt_remove_entry(context, id, &entry); - - ret = krb5_kt_close(context, id); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_close"); - - krb5_kt_free_entry(context, &entry); - - krb5_kt_remove_entry(context, id3, &entry3); - - ret = krb5_kt_close(context, id3); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_close"); - - krb5_free_principal(context, entry3.principal); - krb5_free_keyblock_contents(context, &entry3.keyblock); -} - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - - setprogname(argv[0]); - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - test_empty_keytab(context, "MEMORY:foo"); - test_empty_keytab(context, "FILE:foo"); - test_empty_keytab(context, "KRB4:foo"); - - test_memory_keytab(context, "MEMORY:foo", "MEMORY:foo2"); - - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/test_kuserok.c b/crypto/heimdal/lib/krb5/test_kuserok.c deleted file mode 100644 index 04a6f210a05e..000000000000 --- a/crypto/heimdal/lib/krb5/test_kuserok.c +++ /dev/null @@ -1,106 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include -#include - -RCSID("$Id: test_kuserok.c 15033 2005-04-30 15:15:38Z lha $"); - -static int version_flag = 0; -static int help_flag = 0; - -static struct getargs args[] = { - {"version", 0, arg_flag, &version_flag, - "print version", NULL }, - {"help", 0, arg_flag, &help_flag, - NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - "principal luser"); - exit (ret); -} - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - krb5_principal principal; - char *p; - int o = 0; - - setprogname(argv[0]); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &o)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= o; - argv += o; - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - if (argc != 2) - usage(1); - - ret = krb5_parse_name(context, argv[0], &principal); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - ret = krb5_unparse_name(context, principal, &p); - if (ret) - krb5_err(context, 1, ret, "krb5_unparse_name"); - - ret = krb5_kuserok(context, principal, argv[1]); - - krb5_free_context(context); - - printf("%s is %sallowed to login as %s\n", p, ret ? "" : "NOT ", argv[1]); - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/test_mem.c b/crypto/heimdal/lib/krb5/test_mem.c deleted file mode 100644 index 8989caed7484..000000000000 --- a/crypto/heimdal/lib/krb5/test_mem.c +++ /dev/null @@ -1,73 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include - -RCSID("$Id: test_mem.c 15931 2005-08-12 13:43:46Z lha $"); - -/* - * Test run functions, to be used with valgrind to detect memoryleaks. - */ - -static void -check_log(void) -{ - int i; - - for (i = 0; i < 10; i++) { - krb5_log_facility *logfacility; - krb5_context context; - krb5_error_code ret; - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - krb5_initlog(context, "test-mem", &logfacility); - krb5_addlog_dest(context, logfacility, "0/STDERR:"); - krb5_set_warn_dest(context, logfacility); - - krb5_free_context(context); - } -} - - -int -main(int argc, char **argv) -{ - setprogname(argv[0]); - - check_log(); - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/test_pac.c b/crypto/heimdal/lib/krb5/test_pac.c deleted file mode 100644 index a22fe3a8c6c5..000000000000 --- a/crypto/heimdal/lib/krb5/test_pac.c +++ /dev/null @@ -1,295 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: test_pac.c 21934 2007-08-27 14:21:04Z lha $"); - -/* - * This PAC and keys are copied (with permission) from Samba torture - * regression test suite, they where created by Andrew Bartlet. - */ - -static const unsigned char saved_pac[] = { - 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0xd8, 0x01, 0x00, 0x00, - 0x48, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0a, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, - 0x20, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, - 0x40, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, - 0x58, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x10, 0x08, 0x00, 0xcc, 0xcc, 0xcc, 0xcc, - 0xc8, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x30, 0xdf, 0xa6, 0xcb, - 0x4f, 0x7d, 0xc5, 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0x7f, 0xc0, 0x3c, 0x4e, 0x59, 0x62, 0x73, 0xc5, 0x01, 0xc0, 0x3c, 0x4e, 0x59, - 0x62, 0x73, 0xc5, 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f, 0x16, 0x00, 0x16, 0x00, - 0x04, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x0c, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x14, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18, 0x00, 0x02, 0x00, 0x65, 0x00, 0x00, 0x00, - 0xed, 0x03, 0x00, 0x00, 0x04, 0x02, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x1c, 0x00, 0x02, 0x00, - 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x14, 0x00, 0x16, 0x00, 0x20, 0x00, 0x02, 0x00, 0x16, 0x00, 0x18, 0x00, - 0x24, 0x00, 0x02, 0x00, 0x28, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x21, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x01, 0x00, 0x00, 0x00, 0x2c, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x00, 0x00, - 0x57, 0x00, 0x32, 0x00, 0x30, 0x00, 0x30, 0x00, 0x33, 0x00, 0x46, 0x00, 0x49, 0x00, 0x4e, 0x00, - 0x41, 0x00, 0x4c, 0x00, 0x24, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x04, 0x02, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, - 0x0b, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0a, 0x00, 0x00, 0x00, 0x57, 0x00, 0x32, 0x00, - 0x30, 0x00, 0x30, 0x00, 0x33, 0x00, 0x46, 0x00, 0x49, 0x00, 0x4e, 0x00, 0x41, 0x00, 0x4c, 0x00, - 0x0c, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x00, 0x00, 0x57, 0x00, 0x49, 0x00, - 0x4e, 0x00, 0x32, 0x00, 0x4b, 0x00, 0x33, 0x00, 0x54, 0x00, 0x48, 0x00, 0x49, 0x00, 0x4e, 0x00, - 0x4b, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, 0x01, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, - 0x15, 0x00, 0x00, 0x00, 0x11, 0x2f, 0xaf, 0xb5, 0x90, 0x04, 0x1b, 0xec, 0x50, 0x3b, 0xec, 0xdc, - 0x01, 0x00, 0x00, 0x00, 0x30, 0x00, 0x02, 0x00, 0x07, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, - 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x80, 0x66, 0x28, 0xea, 0x37, 0x80, 0xc5, 0x01, 0x16, 0x00, 0x77, 0x00, 0x32, 0x00, 0x30, 0x00, - 0x30, 0x00, 0x33, 0x00, 0x66, 0x00, 0x69, 0x00, 0x6e, 0x00, 0x61, 0x00, 0x6c, 0x00, 0x24, 0x00, - 0x76, 0xff, 0xff, 0xff, 0x37, 0xd5, 0xb0, 0xf7, 0x24, 0xf0, 0xd6, 0xd4, 0xec, 0x09, 0x86, 0x5a, - 0xa0, 0xe8, 0xc3, 0xa9, 0x00, 0x00, 0x00, 0x00, 0x76, 0xff, 0xff, 0xff, 0xb4, 0xd8, 0xb8, 0xfe, - 0x83, 0xb3, 0x13, 0x3f, 0xfc, 0x5c, 0x41, 0xad, 0xe2, 0x64, 0x83, 0xe0, 0x00, 0x00, 0x00, 0x00 -}; - -static int type_1_length = 472; - -static const krb5_keyblock kdc_keyblock = { - ETYPE_ARCFOUR_HMAC_MD5, - { 16, "\xB2\x86\x75\x71\x48\xAF\x7F\xD2\x52\xC5\x36\x03\xA1\x50\xB7\xE7" } -}; - -static const krb5_keyblock member_keyblock = { - ETYPE_ARCFOUR_HMAC_MD5, - { 16, "\xD2\x17\xFA\xEA\xE5\xE6\xB5\xF9\x5C\xCC\x94\x07\x7A\xB8\xA5\xFC" } -}; - -static time_t authtime = 1120440609; -static const char *user = "w2003final$@WIN2K3.THINKER.LOCAL"; - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - krb5_context context; - krb5_pac pac; - krb5_data data; - krb5_principal p; - - ret = krb5_init_context(&context); - if (ret) - errx(1, "krb5_init_contex"); - - ret = krb5_parse_name(context, user, &p); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - ret = krb5_pac_parse(context, saved_pac, sizeof(saved_pac), &pac); - if (ret) - krb5_err(context, 1, ret, "krb5_pac_parse"); - - ret = krb5_pac_verify(context, pac, authtime, p, - &member_keyblock, &kdc_keyblock); - if (ret) - krb5_err(context, 1, ret, "krb5_pac_verify"); - - ret = _krb5_pac_sign(context, pac, authtime, p, - &member_keyblock, &kdc_keyblock, &data); - if (ret) - krb5_err(context, 1, ret, "_krb5_pac_sign"); - - krb5_pac_free(context, pac); - - ret = krb5_pac_parse(context, data.data, data.length, &pac); - krb5_data_free(&data); - if (ret) - krb5_err(context, 1, ret, "krb5_pac_parse 2"); - - ret = krb5_pac_verify(context, pac, authtime, p, - &member_keyblock, &kdc_keyblock); - if (ret) - krb5_err(context, 1, ret, "krb5_pac_verify 2"); - - /* make a copy and try to reproduce it */ - { - uint32_t *list; - size_t len, i; - krb5_pac pac2; - - ret = krb5_pac_init(context, &pac2); - if (ret) - krb5_err(context, 1, ret, "krb5_pac_init"); - - /* our two user buffer plus the three "system" buffers */ - ret = krb5_pac_get_types(context, pac, &len, &list); - if (ret) - krb5_err(context, 1, ret, "krb5_pac_get_types"); - - for (i = 0; i < len; i++) { - /* skip server_cksum, privsvr_cksum, and logon_name */ - if (list[i] == 6 || list[i] == 7 || list[i] == 10) - continue; - - ret = krb5_pac_get_buffer(context, pac, list[i], &data); - if (ret) - krb5_err(context, 1, ret, "krb5_pac_get_buffer"); - - if (list[i] == 1) { - if (type_1_length != data.length) - krb5_errx(context, 1, "type 1 have wrong length: %lu", - (unsigned long)data.length); - } else - krb5_errx(context, 1, "unknown type %lu", - (unsigned long)list[i]); - - ret = krb5_pac_add_buffer(context, pac2, list[i], &data); - if (ret) - krb5_err(context, 1, ret, "krb5_pac_add_buffer"); - krb5_data_free(&data); - } - free(list); - - ret = _krb5_pac_sign(context, pac2, authtime, p, - &member_keyblock, &kdc_keyblock, &data); - if (ret) - krb5_err(context, 1, ret, "_krb5_pac_sign 4"); - - krb5_pac_free(context, pac2); - - ret = krb5_pac_parse(context, data.data, data.length, &pac2); - if (ret) - krb5_err(context, 1, ret, "krb5_pac_parse 4"); - - ret = krb5_pac_verify(context, pac2, authtime, p, - &member_keyblock, &kdc_keyblock); - if (ret) - krb5_err(context, 1, ret, "krb5_pac_verify 4"); - - krb5_pac_free(context, pac2); - } - - krb5_pac_free(context, pac); - - /* - * Test empty free - */ - - ret = krb5_pac_init(context, &pac); - if (ret) - krb5_err(context, 1, ret, "krb5_pac_init"); - krb5_pac_free(context, pac); - - /* - * Test add remove buffer - */ - - ret = krb5_pac_init(context, &pac); - if (ret) - krb5_err(context, 1, ret, "krb5_pac_init"); - - { - const krb5_data cdata = { 2, "\x00\x01" } ; - - ret = krb5_pac_add_buffer(context, pac, 1, &cdata); - if (ret) - krb5_err(context, 1, ret, "krb5_pac_add_buffer"); - } - { - ret = krb5_pac_get_buffer(context, pac, 1, &data); - if (ret) - krb5_err(context, 1, ret, "krb5_pac_get_buffer"); - if (data.length != 2 || memcmp(data.data, "\x00\x01", 2) != 0) - krb5_errx(context, 1, "krb5_pac_get_buffer data not the same"); - krb5_data_free(&data); - } - - { - const krb5_data cdata = { 2, "\x02\x00" } ; - - ret = krb5_pac_add_buffer(context, pac, 2, &cdata); - if (ret) - krb5_err(context, 1, ret, "krb5_pac_add_buffer"); - } - { - ret = krb5_pac_get_buffer(context, pac, 1, &data); - if (ret) - krb5_err(context, 1, ret, "krb5_pac_get_buffer"); - if (data.length != 2 || memcmp(data.data, "\x00\x01", 2) != 0) - krb5_errx(context, 1, "krb5_pac_get_buffer data not the same"); - krb5_data_free(&data); - /* */ - ret = krb5_pac_get_buffer(context, pac, 2, &data); - if (ret) - krb5_err(context, 1, ret, "krb5_pac_get_buffer"); - if (data.length != 2 || memcmp(data.data, "\x02\x00", 2) != 0) - krb5_errx(context, 1, "krb5_pac_get_buffer data not the same"); - krb5_data_free(&data); - } - - ret = _krb5_pac_sign(context, pac, authtime, p, - &member_keyblock, &kdc_keyblock, &data); - if (ret) - krb5_err(context, 1, ret, "_krb5_pac_sign"); - - krb5_pac_free(context, pac); - - ret = krb5_pac_parse(context, data.data, data.length, &pac); - krb5_data_free(&data); - if (ret) - krb5_err(context, 1, ret, "krb5_pac_parse 3"); - - ret = krb5_pac_verify(context, pac, authtime, p, - &member_keyblock, &kdc_keyblock); - if (ret) - krb5_err(context, 1, ret, "krb5_pac_verify 3"); - - { - uint32_t *list; - size_t len; - - /* our two user buffer plus the three "system" buffers */ - ret = krb5_pac_get_types(context, pac, &len, &list); - if (ret) - krb5_err(context, 1, ret, "krb5_pac_get_types"); - if (len != 5) - krb5_errx(context, 1, "list wrong length"); - free(list); - } - - krb5_pac_free(context, pac); - - krb5_free_principal(context, p); - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/test_pkinit_dh2key.c b/crypto/heimdal/lib/krb5/test_pkinit_dh2key.c deleted file mode 100644 index e23bef9a9ee0..000000000000 --- a/crypto/heimdal/lib/krb5/test_pkinit_dh2key.c +++ /dev/null @@ -1,218 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include -#include - -RCSID("$Id: test_pkinit_dh2key.c 18809 2006-10-22 07:11:43Z lha $"); - -static void -test_dh2key(int i, - krb5_context context, - const heim_octet_string *dh, - const heim_octet_string *c_n, - const heim_octet_string *k_n, - krb5_enctype etype, - const heim_octet_string *result) -{ - krb5_error_code ret; - krb5_keyblock key; - - ret = _krb5_pk_octetstring2key(context, - etype, - dh->data, dh->length, - c_n, - k_n, - &key); - if (ret != 0) - krb5_err(context, 1, ret, "_krb5_pk_octetstring2key: %d", i); - - if (key.keyvalue.length != result->length || - memcmp(key.keyvalue.data, result->data, result->length) != 0) - krb5_errx(context, 1, "resulting key wrong: %d", i); - - krb5_free_keyblock_contents(context, &key); -} - - -struct { - krb5_enctype type; - krb5_data X; - krb5_data key; -} tests[] = { - /* 0 */ - { - ETYPE_AES256_CTS_HMAC_SHA1_96, - { - 256, - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - }, - { - 32, - "\x5e\xe5\x0d\x67\x5c\x80\x9f\xe5\x9e\x4a\x77\x62\xc5\x4b\x65\x83" - "\x75\x47\xea\xfb\x15\x9b\xd8\xcd\xc7\x5f\xfc\xa5\x91\x1e\x4c\x41" - } - }, - /* 1 */ - { - ETYPE_AES256_CTS_HMAC_SHA1_96, - { - 128, - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" - }, - { - 32, - "\xac\xf7\x70\x7c\x08\x97\x3d\xdf\xdb\x27\xcd\x36\x14\x42\xcc\xfb" - "\xa3\x55\xc8\x88\x4c\xb4\x72\xf3\x7d\xa6\x36\xd0\x7d\x56\x78\x7e" - } - }, - /* 2 */ - { - ETYPE_AES256_CTS_HMAC_SHA1_96, - { - 128, - "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" - "\x10\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e" - "\x0f\x10\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d" - "\x0e\x0f\x10\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c" - "\x0d\x0e\x0f\x10\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b" - "\x0c\x0d\x0e\x0f\x10\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a" - "\x0b\x0c\x0d\x0e\x0f\x10\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09" - "\x0a\x0b\x0c\x0d\x0e\x0f\x10\x00\x01\x02\x03\x04\x05\x06\x07\x08" - }, - { - 32, - "\xc4\x42\xda\x58\x5f\xcb\x80\xe4\x3b\x47\x94\x6f\x25\x40\x93\xe3" - "\x73\x29\xd9\x90\x01\x38\x0d\xb7\x83\x71\xdb\x3a\xcf\x5c\x79\x7e" - } - }, - /* 3 */ - { - ETYPE_AES256_CTS_HMAC_SHA1_96, - { - 77, - "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" - "\x10\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e" - "\x0f\x10\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d" - "\x0e\x0f\x10\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c" - "\x0d\x0e\x0f\x10\x00\x01\x02\x03" - "\x04\x05\x06\x07\x08" - }, - { - 32, - "\x00\x53\x95\x3b\x84\xc8\x96\xf4\xeb\x38\x5c\x3f\x2e\x75\x1c\x4a" - "\x59\x0e\xd6\xff\xad\xca\x6f\xf6\x4f\x47\xeb\xeb\x8d\x78\x0f\xfc" - } - } -}; - - -static int version_flag = 0; -static int help_flag = 0; - -static struct getargs args[] = { - {"version", 0, arg_flag, &version_flag, - "print version", NULL }, - {"help", 0, arg_flag, &help_flag, - NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - ""); - exit (ret); -} - - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - int i, optidx = 0; - - setprogname(argv[0]); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) { - test_dh2key(i, context, &tests[i].X, NULL, NULL, - tests[i].type, &tests[i].key); - } - - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/test_plugin.c b/crypto/heimdal/lib/krb5/test_plugin.c deleted file mode 100644 index 18e9fcd28674..000000000000 --- a/crypto/heimdal/lib/krb5/test_plugin.c +++ /dev/null @@ -1,126 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -RCSID("$Id: test_plugin.c 22024 2007-11-03 21:36:55Z lha $"); -#include "locate_plugin.h" - -static krb5_error_code -resolve_init(krb5_context context, void **ctx) -{ - *ctx = NULL; - return 0; -} - -static void -resolve_fini(void *ctx) -{ -} - -static krb5_error_code -resolve_lookup(void *ctx, - enum locate_service_type service, - const char *realm, - int domain, - int type, - int (*add)(void *,int,struct sockaddr *), - void *addctx) -{ - struct sockaddr_in s; - - memset(&s, 0, sizeof(s)); - -#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN - s.sin_len = sizeof(s); -#endif - s.sin_family = AF_INET; - s.sin_port = htons(88); - s.sin_addr.s_addr = htonl(0x7f000002); - - if (strcmp(realm, "NOTHERE.H5L.SE") == 0) - (*add)(addctx, type, (struct sockaddr *)&s); - - return 0; -} - - -krb5plugin_service_locate_ftable resolve = { - 0, - resolve_init, - resolve_fini, - resolve_lookup -}; - - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - krb5_context context; - krb5_krbhst_handle handle; - char host[MAXHOSTNAMELEN]; - int found = 0; - - setprogname(argv[0]); - - ret = krb5_init_context(&context); - if (ret) - errx(1, "krb5_init_contex"); - - ret = krb5_plugin_register(context, PLUGIN_TYPE_DATA, "resolve", &resolve); - if (ret) - krb5_err(context, 1, ret, "krb5_plugin_register"); - - - ret = krb5_krbhst_init_flags(context, - "NOTHERE.H5L.SE", - KRB5_KRBHST_KDC, - 0, - &handle); - if (ret) - krb5_err(context, 1, ret, "krb5_krbhst_init_flags"); - - - while(krb5_krbhst_next_as_string(context, handle, host, sizeof(host)) == 0){ - found++; - if (strcmp(host, "127.0.0.2") != 0) - krb5_errx(context, 1, "wrong address: %s", host); - } - if (!found) - krb5_errx(context, 1, "failed to find host"); - - krb5_krbhst_free(context, handle); - - krb5_free_context(context); - return 0; -} diff --git a/crypto/heimdal/lib/krb5/test_prf.c b/crypto/heimdal/lib/krb5/test_prf.c deleted file mode 100644 index 94fb67dffaee..000000000000 --- a/crypto/heimdal/lib/krb5/test_prf.c +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: test_prf.c 20843 2007-06-03 14:23:20Z lha $"); - -#include -#include - -/* - * key: string2key(aes256, "testkey", "testkey", default_params) - * input: unhex(1122334455667788) - * output: 58b594b8a61df6e9439b7baa991ff5c1 - * - * key: string2key(aes128, "testkey", "testkey", default_params) - * input: unhex(1122334455667788) - * output: ffa2f823aa7f83a8ce3c5fb730587129 - */ - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - krb5_keyblock key; - krb5_crypto crypto; - size_t length; - krb5_data input, output, output2; - krb5_enctype etype = ETYPE_AES256_CTS_HMAC_SHA1_96; - - ret = krb5_init_context(&context); - if (ret) - errx(1, "krb5_init_context %d", ret); - - ret = krb5_generate_random_keyblock(context, etype, &key); - if (ret) - krb5_err(context, 1, ret, "krb5_generate_random_keyblock"); - - ret = krb5_crypto_prf_length(context, etype, &length); - if (ret) - krb5_err(context, 1, ret, "krb5_crypto_prf_length"); - - ret = krb5_crypto_init(context, &key, 0, &crypto); - if (ret) - krb5_err(context, 1, ret, "krb5_crypto_init"); - - input.data = rk_UNCONST("foo"); - input.length = 3; - - ret = krb5_crypto_prf(context, crypto, &input, &output); - if (ret) - krb5_err(context, 1, ret, "krb5_crypto_prf"); - - ret = krb5_crypto_prf(context, crypto, &input, &output2); - if (ret) - krb5_err(context, 1, ret, "krb5_crypto_prf"); - - if (krb5_data_cmp(&output, &output2) != 0) - krb5_errx(context, 1, "krb5_data_cmp"); - - krb5_data_free(&output); - krb5_data_free(&output2); - - krb5_crypto_destroy(context, crypto); - - krb5_free_keyblock_contents(context, &key); - - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/test_princ.c b/crypto/heimdal/lib/krb5/test_princ.c deleted file mode 100644 index d1036c1b3b44..000000000000 --- a/crypto/heimdal/lib/krb5/test_princ.c +++ /dev/null @@ -1,366 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include - -RCSID("$Id: test_princ.c 22071 2007-11-14 20:04:50Z lha $"); - -/* - * Check that a closed cc still keeps it data and that it's no longer - * there when it's destroyed. - */ - -static void -test_princ(krb5_context context) -{ - const char *princ = "lha@SU.SE"; - const char *princ_short = "lha"; - const char *noquote; - krb5_error_code ret; - char *princ_unparsed; - char *princ_reformed = NULL; - const char *realm; - - krb5_principal p, p2; - - ret = krb5_parse_name(context, princ, &p); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - ret = krb5_unparse_name(context, p, &princ_unparsed); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - if (strcmp(princ, princ_unparsed)) { - krb5_errx(context, 1, "%s != %s", princ, princ_unparsed); - } - - free(princ_unparsed); - - ret = krb5_unparse_name_flags(context, p, - KRB5_PRINCIPAL_UNPARSE_NO_REALM, - &princ_unparsed); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - if (strcmp(princ_short, princ_unparsed)) - krb5_errx(context, 1, "%s != %s", princ_short, princ_unparsed); - free(princ_unparsed); - - realm = krb5_principal_get_realm(context, p); - - asprintf(&princ_reformed, "%s@%s", princ_short, realm); - - ret = krb5_parse_name(context, princ_reformed, &p2); - free(princ_reformed); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - if (!krb5_principal_compare(context, p, p2)) { - krb5_errx(context, 1, "p != p2"); - } - - krb5_free_principal(context, p2); - - ret = krb5_set_default_realm(context, "SU.SE"); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - ret = krb5_unparse_name_flags(context, p, - KRB5_PRINCIPAL_UNPARSE_SHORT, - &princ_unparsed); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - if (strcmp(princ_short, princ_unparsed)) - krb5_errx(context, 1, "'%s' != '%s'", princ_short, princ_unparsed); - free(princ_unparsed); - - ret = krb5_parse_name(context, princ_short, &p2); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - if (!krb5_principal_compare(context, p, p2)) - krb5_errx(context, 1, "p != p2"); - krb5_free_principal(context, p2); - - ret = krb5_unparse_name(context, p, &princ_unparsed); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - if (strcmp(princ, princ_unparsed)) - krb5_errx(context, 1, "'%s' != '%s'", princ, princ_unparsed); - free(princ_unparsed); - - ret = krb5_set_default_realm(context, "SAMBA.ORG"); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - ret = krb5_parse_name(context, princ_short, &p2); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - if (krb5_principal_compare(context, p, p2)) - krb5_errx(context, 1, "p == p2"); - - if (!krb5_principal_compare_any_realm(context, p, p2)) - krb5_errx(context, 1, "(ignoring realms) p != p2"); - - ret = krb5_unparse_name(context, p2, &princ_unparsed); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - if (strcmp(princ, princ_unparsed) == 0) - krb5_errx(context, 1, "%s == %s", princ, princ_unparsed); - free(princ_unparsed); - - krb5_free_principal(context, p2); - - ret = krb5_parse_name(context, princ, &p2); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - if (!krb5_principal_compare(context, p, p2)) - krb5_errx(context, 1, "p != p2"); - - ret = krb5_unparse_name(context, p2, &princ_unparsed); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - if (strcmp(princ, princ_unparsed)) - krb5_errx(context, 1, "'%s' != '%s'", princ, princ_unparsed); - free(princ_unparsed); - - krb5_free_principal(context, p2); - - ret = krb5_unparse_name_flags(context, p, - KRB5_PRINCIPAL_UNPARSE_SHORT, - &princ_unparsed); - if (ret) - krb5_err(context, 1, ret, "krb5_unparse_name_short"); - - if (strcmp(princ, princ_unparsed) != 0) - krb5_errx(context, 1, "'%s' != '%s'", princ, princ_unparsed); - free(princ_unparsed); - - ret = krb5_unparse_name(context, p, &princ_unparsed); - if (ret) - krb5_err(context, 1, ret, "krb5_unparse_name_short"); - - if (strcmp(princ, princ_unparsed)) - krb5_errx(context, 1, "'%s' != '%s'", princ, princ_unparsed); - free(princ_unparsed); - - ret = krb5_parse_name_flags(context, princ, - KRB5_PRINCIPAL_PARSE_NO_REALM, - &p2); - if (!ret) - krb5_err(context, 1, ret, "Should have failed to parse %s a " - "short name", princ); - - ret = krb5_parse_name_flags(context, princ_short, - KRB5_PRINCIPAL_PARSE_NO_REALM, - &p2); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - ret = krb5_unparse_name_flags(context, p2, - KRB5_PRINCIPAL_UNPARSE_NO_REALM, - &princ_unparsed); - krb5_free_principal(context, p2); - if (ret) - krb5_err(context, 1, ret, "krb5_unparse_name_norealm"); - - if (strcmp(princ_short, princ_unparsed)) - krb5_errx(context, 1, "'%s' != '%s'", princ_short, princ_unparsed); - free(princ_unparsed); - - ret = krb5_parse_name_flags(context, princ_short, - KRB5_PRINCIPAL_PARSE_MUST_REALM, - &p2); - if (!ret) - krb5_err(context, 1, ret, "Should have failed to parse %s " - "because it lacked a realm", princ_short); - - ret = krb5_parse_name_flags(context, princ, - KRB5_PRINCIPAL_PARSE_MUST_REALM, - &p2); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - if (!krb5_principal_compare(context, p, p2)) - krb5_errx(context, 1, "p != p2"); - - ret = krb5_unparse_name_flags(context, p2, - KRB5_PRINCIPAL_UNPARSE_NO_REALM, - &princ_unparsed); - krb5_free_principal(context, p2); - if (ret) - krb5_err(context, 1, ret, "krb5_unparse_name_norealm"); - - if (strcmp(princ_short, princ_unparsed)) - krb5_errx(context, 1, "'%s' != '%s'", princ_short, princ_unparsed); - free(princ_unparsed); - - krb5_free_principal(context, p); - - /* test quoting */ - - princ = "test\\ principal@SU.SE"; - noquote = "test principal@SU.SE"; - - ret = krb5_parse_name_flags(context, princ, 0, &p); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - ret = krb5_unparse_name_flags(context, p, 0, &princ_unparsed); - if (ret) - krb5_err(context, 1, ret, "krb5_unparse_name_flags"); - - if (strcmp(princ, princ_unparsed)) - krb5_errx(context, 1, "q '%s' != '%s'", princ, princ_unparsed); - free(princ_unparsed); - - ret = krb5_unparse_name_flags(context, p, KRB5_PRINCIPAL_UNPARSE_DISPLAY, - &princ_unparsed); - if (ret) - krb5_err(context, 1, ret, "krb5_unparse_name_flags"); - - if (strcmp(noquote, princ_unparsed)) - krb5_errx(context, 1, "nq '%s' != '%s'", noquote, princ_unparsed); - free(princ_unparsed); - - krb5_free_principal(context, p); -} - -static void -test_enterprise(krb5_context context) -{ - krb5_error_code ret; - char *unparsed; - krb5_principal p; - - ret = krb5_set_default_realm(context, "SAMBA.ORG"); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - ret = krb5_parse_name_flags(context, "lha@su.se@WIN.SU.SE", - KRB5_PRINCIPAL_PARSE_ENTERPRISE, &p); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name_flags"); - - ret = krb5_unparse_name(context, p, &unparsed); - if (ret) - krb5_err(context, 1, ret, "krb5_unparse_name"); - - krb5_free_principal(context, p); - - if (strcmp(unparsed, "lha\\@su.se@WIN.SU.SE") != 0) - krb5_errx(context, 1, "enterprise name failed 1"); - free(unparsed); - - /* - * - */ - - ret = krb5_parse_name_flags(context, "lha\\@su.se@WIN.SU.SE", - KRB5_PRINCIPAL_PARSE_ENTERPRISE, &p); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name_flags"); - - ret = krb5_unparse_name(context, p, &unparsed); - if (ret) - krb5_err(context, 1, ret, "krb5_unparse_name"); - - krb5_free_principal(context, p); - if (strcmp(unparsed, "lha\\@su.se\\@WIN.SU.SE@SAMBA.ORG") != 0) - krb5_errx(context, 1, "enterprise name failed 2: %s", unparsed); - free(unparsed); - - /* - * - */ - - ret = krb5_parse_name_flags(context, "lha\\@su.se@WIN.SU.SE", 0, &p); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name_flags"); - - ret = krb5_unparse_name(context, p, &unparsed); - if (ret) - krb5_err(context, 1, ret, "krb5_unparse_name"); - - krb5_free_principal(context, p); - if (strcmp(unparsed, "lha\\@su.se@WIN.SU.SE") != 0) - krb5_errx(context, 1, "enterprise name failed 3"); - free(unparsed); - - /* - * - */ - - ret = krb5_parse_name_flags(context, "lha@su.se", - KRB5_PRINCIPAL_PARSE_ENTERPRISE, &p); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name_flags"); - - ret = krb5_unparse_name(context, p, &unparsed); - if (ret) - krb5_err(context, 1, ret, "krb5_unparse_name"); - - krb5_free_principal(context, p); - if (strcmp(unparsed, "lha\\@su.se@SAMBA.ORG") != 0) - krb5_errx(context, 1, "enterprise name failed 2: %s", unparsed); - free(unparsed); -} - - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - - setprogname(argv[0]); - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - test_princ(context); - - test_enterprise(context); - - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/test_renew.c b/crypto/heimdal/lib/krb5/test_renew.c deleted file mode 100644 index 5fa2de1b9fa0..000000000000 --- a/crypto/heimdal/lib/krb5/test_renew.c +++ /dev/null @@ -1,122 +0,0 @@ -/* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "krb5_locl.h" -#include -#include - -RCSID("$Id$"); - - -static int version_flag = 0; -static int help_flag = 0; - -static struct getargs args[] = { - {"version", 0, arg_flag, &version_flag, - "print version", NULL }, - {"help", 0, arg_flag, &help_flag, - NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - "[principal]"); - exit (ret); -} - -int -main(int argc, char **argv) -{ - krb5_principal client; - krb5_context context; - const char *in_tkt_service = NULL; - krb5_ccache id; - krb5_error_code ret; - krb5_creds out;; - int optidx = 0; - - setprogname(argv[0]); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - if (argc > 0) - in_tkt_service = argv[0]; - - memset(&out, 0, sizeof(out)); - - ret = krb5_init_context(&context); - if (ret) - krb5_err(context, 1, ret, "krb5_init_context"); - - ret = krb5_cc_default(context, &id); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_default"); - - ret = krb5_cc_get_principal(context, id, &client); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_default"); - - ret = krb5_get_renewed_creds(context, - &out, - client, - id, - in_tkt_service); - - if(ret) - krb5_err(context, 1, ret, "krb5_get_kdc_cred"); - - if (krb5_principal_compare(context, out.client, client) != TRUE) - krb5_errx(context, 1, "return principal is not as expected"); - - krb5_free_cred_contents(context, &out); - - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/test_store.c b/crypto/heimdal/lib/krb5/test_store.c deleted file mode 100644 index 2ce6c8dac363..000000000000 --- a/crypto/heimdal/lib/krb5/test_store.c +++ /dev/null @@ -1,252 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "krb5_locl.h" -#include - -RCSID("$Id: test_store.c 20192 2007-02-05 23:21:03Z lha $"); - -static void -test_int8(krb5_context context, krb5_storage *sp) -{ - krb5_error_code ret; - int i; - int8_t val[] = { - 0, 1, -1, 128, -127 - }, v; - - for (i = 0; i < sizeof(val[0])/sizeof(val); i++) { - - ret = krb5_store_int8(sp, val[i]); - if (ret) - krb5_err(context, 1, ret, "krb5_store_int8"); - krb5_storage_seek(sp, 0, SEEK_SET); - ret = krb5_ret_int8(sp, &v); - if (ret) - krb5_err(context, 1, ret, "krb5_ret_int8"); - if (v != val[i]) - krb5_errx(context, 1, "store and ret mismatch"); - } -} - -static void -test_int16(krb5_context context, krb5_storage *sp) -{ - krb5_error_code ret; - int i; - int16_t val[] = { - 0, 1, -1, 32768, -32767 - }, v; - - for (i = 0; i < sizeof(val[0])/sizeof(val); i++) { - - ret = krb5_store_int16(sp, val[i]); - if (ret) - krb5_err(context, 1, ret, "krb5_store_int16"); - krb5_storage_seek(sp, 0, SEEK_SET); - ret = krb5_ret_int16(sp, &v); - if (ret) - krb5_err(context, 1, ret, "krb5_ret_int16"); - if (v != val[i]) - krb5_errx(context, 1, "store and ret mismatch"); - } -} - -static void -test_int32(krb5_context context, krb5_storage *sp) -{ - krb5_error_code ret; - int i; - int32_t val[] = { - 0, 1, -1, 2147483647, -2147483646 - }, v; - - for (i = 0; i < sizeof(val[0])/sizeof(val); i++) { - - ret = krb5_store_int32(sp, val[i]); - if (ret) - krb5_err(context, 1, ret, "krb5_store_int32"); - krb5_storage_seek(sp, 0, SEEK_SET); - ret = krb5_ret_int32(sp, &v); - if (ret) - krb5_err(context, 1, ret, "krb5_ret_int32"); - if (v != val[i]) - krb5_errx(context, 1, "store and ret mismatch"); - } -} - -static void -test_uint8(krb5_context context, krb5_storage *sp) -{ - krb5_error_code ret; - int i; - uint8_t val[] = { - 0, 1, 255 - }, v; - - for (i = 0; i < sizeof(val[0])/sizeof(val); i++) { - - ret = krb5_store_uint8(sp, val[i]); - if (ret) - krb5_err(context, 1, ret, "krb5_store_uint8"); - krb5_storage_seek(sp, 0, SEEK_SET); - ret = krb5_ret_uint8(sp, &v); - if (ret) - krb5_err(context, 1, ret, "krb5_ret_uint8"); - if (v != val[i]) - krb5_errx(context, 1, "store and ret mismatch"); - } -} - -static void -test_uint16(krb5_context context, krb5_storage *sp) -{ - krb5_error_code ret; - int i; - uint16_t val[] = { - 0, 1, 65535 - }, v; - - for (i = 0; i < sizeof(val[0])/sizeof(val); i++) { - - ret = krb5_store_uint16(sp, val[i]); - if (ret) - krb5_err(context, 1, ret, "krb5_store_uint16"); - krb5_storage_seek(sp, 0, SEEK_SET); - ret = krb5_ret_uint16(sp, &v); - if (ret) - krb5_err(context, 1, ret, "krb5_ret_uint16"); - if (v != val[i]) - krb5_errx(context, 1, "store and ret mismatch"); - } -} - -static void -test_uint32(krb5_context context, krb5_storage *sp) -{ - krb5_error_code ret; - int i; - uint32_t val[] = { - 0, 1, 4294967295UL - }, v; - - for (i = 0; i < sizeof(val[0])/sizeof(val); i++) { - - ret = krb5_store_uint32(sp, val[i]); - if (ret) - krb5_err(context, 1, ret, "krb5_store_uint32"); - krb5_storage_seek(sp, 0, SEEK_SET); - ret = krb5_ret_uint32(sp, &v); - if (ret) - krb5_err(context, 1, ret, "krb5_ret_uint32"); - if (v != val[i]) - krb5_errx(context, 1, "store and ret mismatch"); - } -} - - -static void -test_storage(krb5_context context) -{ - krb5_storage *sp; - - sp = krb5_storage_emem(); - if (sp == NULL) - krb5_errx(context, 1, "krb5_storage_emem: no mem"); - - test_int8(context, sp); - test_int16(context, sp); - test_int32(context, sp); - test_uint8(context, sp); - test_uint16(context, sp); - test_uint32(context, sp); - - krb5_storage_free(sp); -} - -/* - * - */ - -static int version_flag = 0; -static int help_flag = 0; - -static struct getargs args[] = { - {"version", 0, arg_flag, &version_flag, - "print version", NULL }, - {"help", 0, arg_flag, &help_flag, - NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - ""); - exit (ret); -} - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - int optidx = 0; - - setprogname(argv[0]); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - ret = krb5_init_context (&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - test_storage(context); - - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/test_time.c b/crypto/heimdal/lib/krb5/test_time.c deleted file mode 100644 index 02a0204477c7..000000000000 --- a/crypto/heimdal/lib/krb5/test_time.c +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright (c) 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "krb5_locl.h" -#include - -RCSID("$Id: test_time.c 18809 2006-10-22 07:11:43Z lha $"); - -static void -check_set_time(krb5_context context) -{ - krb5_error_code ret; - krb5_timestamp sec; - int32_t usec; - struct timeval tv; - int diff = 10; - int diff2; - - gettimeofday(&tv, NULL); - - ret = krb5_set_real_time(context, tv.tv_sec + diff, tv.tv_usec); - if (ret) - krb5_err(context, 1, ret, "krb5_us_timeofday"); - - ret = krb5_us_timeofday(context, &sec, &usec); - if (ret) - krb5_err(context, 1, ret, "krb5_us_timeofday"); - - diff2 = abs(sec - tv.tv_sec); - - if (diff2 < 9 || diff > 11) - krb5_errx(context, 1, "set time error: diff: %d", - abs(sec - tv.tv_sec)); -} - - - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - - ret = krb5_init_context(&context); - if (ret) - errx(1, "krb5_init_context %d", ret); - - check_set_time(context); - check_set_time(context); - check_set_time(context); - check_set_time(context); - check_set_time(context); - - krb5_free_context(context); - - return 0; -} diff --git a/crypto/heimdal/lib/krb5/ticket.c b/crypto/heimdal/lib/krb5/ticket.c deleted file mode 100644 index 7eb4d32fad57..000000000000 --- a/crypto/heimdal/lib/krb5/ticket.c +++ /dev/null @@ -1,272 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: ticket.c 19544 2006-12-28 20:49:18Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_free_ticket(krb5_context context, - krb5_ticket *ticket) -{ - free_EncTicketPart(&ticket->ticket); - krb5_free_principal(context, ticket->client); - krb5_free_principal(context, ticket->server); - free(ticket); - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_copy_ticket(krb5_context context, - const krb5_ticket *from, - krb5_ticket **to) -{ - krb5_error_code ret; - krb5_ticket *tmp; - - *to = NULL; - tmp = malloc(sizeof(*tmp)); - if(tmp == NULL) { - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - if((ret = copy_EncTicketPart(&from->ticket, &tmp->ticket))){ - free(tmp); - return ret; - } - ret = krb5_copy_principal(context, from->client, &tmp->client); - if(ret){ - free_EncTicketPart(&tmp->ticket); - free(tmp); - return ret; - } - ret = krb5_copy_principal(context, from->server, &tmp->server); - if(ret){ - krb5_free_principal(context, tmp->client); - free_EncTicketPart(&tmp->ticket); - free(tmp); - return ret; - } - *to = tmp; - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ticket_get_client(krb5_context context, - const krb5_ticket *ticket, - krb5_principal *client) -{ - return krb5_copy_principal(context, ticket->client, client); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ticket_get_server(krb5_context context, - const krb5_ticket *ticket, - krb5_principal *server) -{ - return krb5_copy_principal(context, ticket->server, server); -} - -time_t KRB5_LIB_FUNCTION -krb5_ticket_get_endtime(krb5_context context, - const krb5_ticket *ticket) -{ - return ticket->ticket.endtime; -} - -static int -find_type_in_ad(krb5_context context, - int type, - krb5_data *data, - krb5_boolean *found, - krb5_boolean failp, - krb5_keyblock *sessionkey, - const AuthorizationData *ad, - int level) -{ - krb5_error_code ret = 0; - int i; - - if (level > 9) { - krb5_set_error_string(context, "Authorization data nested deeper " - "then %d levels, stop searching", level); - ret = ENOENT; /* XXX */ - goto out; - } - - /* - * Only copy out the element the first time we get to it, we need - * to run over the whole authorization data fields to check if - * there are any container clases we need to care about. - */ - for (i = 0; i < ad->len; i++) { - if (!*found && ad->val[i].ad_type == type) { - ret = der_copy_octet_string(&ad->val[i].ad_data, data); - if (ret) { - krb5_set_error_string(context, "malloc - out of memory"); - goto out; - } - *found = TRUE; - continue; - } - switch (ad->val[i].ad_type) { - case KRB5_AUTHDATA_IF_RELEVANT: { - AuthorizationData child; - ret = decode_AuthorizationData(ad->val[i].ad_data.data, - ad->val[i].ad_data.length, - &child, - NULL); - if (ret) { - krb5_set_error_string(context, "Failed to decode " - "IF_RELEVANT with %d", ret); - goto out; - } - ret = find_type_in_ad(context, type, data, found, FALSE, - sessionkey, &child, level + 1); - free_AuthorizationData(&child); - if (ret) - goto out; - break; - } -#if 0 /* XXX test */ - case KRB5_AUTHDATA_KDC_ISSUED: { - AD_KDCIssued child; - - ret = decode_AD_KDCIssued(ad->val[i].ad_data.data, - ad->val[i].ad_data.length, - &child, - NULL); - if (ret) { - krb5_set_error_string(context, "Failed to decode " - "AD_KDCIssued with %d", ret); - goto out; - } - if (failp) { - krb5_boolean valid; - krb5_data buf; - size_t len; - - ASN1_MALLOC_ENCODE(AuthorizationData, buf.data, buf.length, - &child.elements, &len, ret); - if (ret) { - free_AD_KDCIssued(&child); - krb5_clear_error_string(context); - goto out; - } - if(buf.length != len) - krb5_abortx(context, "internal error in ASN.1 encoder"); - - ret = krb5_c_verify_checksum(context, sessionkey, 19, &buf, - &child.ad_checksum, &valid); - krb5_data_free(&buf); - if (ret) { - free_AD_KDCIssued(&child); - goto out; - } - if (!valid) { - krb5_clear_error_string(context); - ret = ENOENT; - free_AD_KDCIssued(&child); - goto out; - } - } - ret = find_type_in_ad(context, type, data, found, failp, sessionkey, - &child.elements, level + 1); - free_AD_KDCIssued(&child); - if (ret) - goto out; - break; - } -#endif - case KRB5_AUTHDATA_AND_OR: - if (!failp) - break; - krb5_set_error_string(context, "Authorization data contains " - "AND-OR element that is unknown to the " - "application"); - ret = ENOENT; /* XXX */ - goto out; - default: - if (!failp) - break; - krb5_set_error_string(context, "Authorization data contains " - "unknown type (%d) ", ad->val[i].ad_type); - ret = ENOENT; /* XXX */ - goto out; - } - } -out: - if (ret) { - if (*found) { - krb5_data_free(data); - *found = 0; - } - } - return ret; -} - -/* - * Extract the authorization data type of `type' from the - * 'ticket'. Store the field in `data'. This function is to use for - * kerberos applications. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_ticket_get_authorization_data_type(krb5_context context, - krb5_ticket *ticket, - int type, - krb5_data *data) -{ - AuthorizationData *ad; - krb5_error_code ret; - krb5_boolean found = FALSE; - - krb5_data_zero(data); - - ad = ticket->ticket.authorization_data; - if (ticket->ticket.authorization_data == NULL) { - krb5_set_error_string(context, "Ticket have not authorization data"); - return ENOENT; /* XXX */ - } - - ret = find_type_in_ad(context, type, data, &found, TRUE, - &ticket->ticket.key, ad, 0); - if (ret) - return ret; - if (!found) { - krb5_set_error_string(context, "Ticket have not authorization " - "data of type %d", type); - return ENOENT; /* XXX */ - } - return 0; -} diff --git a/crypto/heimdal/lib/krb5/time.c b/crypto/heimdal/lib/krb5/time.c deleted file mode 100644 index 4cd992d48f27..000000000000 --- a/crypto/heimdal/lib/krb5/time.c +++ /dev/null @@ -1,114 +0,0 @@ -/* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: time.c 14308 2004-10-13 17:57:11Z lha $"); - -/* - * Set the absolute time that the caller knows the kdc has so the - * kerberos library can calculate the relative diffrence beteen the - * KDC time and local system time. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_real_time (krb5_context context, - krb5_timestamp sec, - int32_t usec) -{ - struct timeval tv; - - gettimeofday(&tv, NULL); - - context->kdc_sec_offset = sec - tv.tv_sec; - context->kdc_usec_offset = usec - tv.tv_usec; - - if (context->kdc_usec_offset < 0) { - context->kdc_sec_offset--; - context->kdc_usec_offset += 1000000; - } - return 0; -} - -/* - * return ``corrected'' time in `timeret'. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_timeofday (krb5_context context, - krb5_timestamp *timeret) -{ - *timeret = time(NULL) + context->kdc_sec_offset; - return 0; -} - -/* - * like gettimeofday but with time correction to the KDC - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_us_timeofday (krb5_context context, - krb5_timestamp *sec, - int32_t *usec) -{ - struct timeval tv; - - gettimeofday (&tv, NULL); - - *sec = tv.tv_sec + context->kdc_sec_offset; - *usec = tv.tv_usec; /* XXX */ - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_format_time(krb5_context context, time_t t, - char *s, size_t len, krb5_boolean include_time) -{ - struct tm *tm; - if(context->log_utc) - tm = gmtime (&t); - else - tm = localtime(&t); - if(tm == NULL || - strftime(s, len, include_time ? context->time_fmt : context->date_fmt, tm) == 0) - snprintf(s, len, "%ld", (long)t); - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_string_to_deltat(const char *string, krb5_deltat *deltat) -{ - if((*deltat = parse_time(string, "s")) == -1) - return KRB5_DELTAT_BADFORMAT; - return 0; -} diff --git a/crypto/heimdal/lib/krb5/transited.c b/crypto/heimdal/lib/krb5/transited.c deleted file mode 100644 index 9b67ecc04f26..000000000000 --- a/crypto/heimdal/lib/krb5/transited.c +++ /dev/null @@ -1,503 +0,0 @@ -/* - * Copyright (c) 1997 - 2001, 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: transited.c 21745 2007-07-31 16:11:25Z lha $"); - -/* this is an attempt at one of the most horrible `compression' - schemes that has ever been invented; it's so amazingly brain-dead - that words can not describe it, and all this just to save a few - silly bytes */ - -struct tr_realm { - char *realm; - unsigned leading_space:1; - unsigned leading_slash:1; - unsigned trailing_dot:1; - struct tr_realm *next; -}; - -static void -free_realms(struct tr_realm *r) -{ - struct tr_realm *p; - while(r){ - p = r; - r = r->next; - free(p->realm); - free(p); - } -} - -static int -make_path(krb5_context context, struct tr_realm *r, - const char *from, const char *to) -{ - const char *p; - struct tr_realm *path = r->next; - struct tr_realm *tmp; - - if(strlen(from) < strlen(to)){ - const char *str; - str = from; - from = to; - to = str; - } - - if(strcmp(from + strlen(from) - strlen(to), to) == 0){ - p = from; - while(1){ - p = strchr(p, '.'); - if(p == NULL) { - krb5_clear_error_string (context); - return KRB5KDC_ERR_POLICY; - } - p++; - if(strcmp(p, to) == 0) - break; - tmp = calloc(1, sizeof(*tmp)); - if(tmp == NULL){ - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - tmp->next = path; - path = tmp; - path->realm = strdup(p); - if(path->realm == NULL){ - r->next = path; /* XXX */ - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM;; - } - } - }else if(strncmp(from, to, strlen(to)) == 0){ - p = from + strlen(from); - while(1){ - while(p >= from && *p != '/') p--; - if(p == from) { - r->next = path; /* XXX */ - return KRB5KDC_ERR_POLICY; - } - if(strncmp(to, from, p - from) == 0) - break; - tmp = calloc(1, sizeof(*tmp)); - if(tmp == NULL){ - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - tmp->next = path; - path = tmp; - path->realm = malloc(p - from + 1); - if(path->realm == NULL){ - r->next = path; /* XXX */ - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - memcpy(path->realm, from, p - from); - path->realm[p - from] = '\0'; - p--; - } - } else { - krb5_clear_error_string (context); - return KRB5KDC_ERR_POLICY; - } - r->next = path; - - return 0; -} - -static int -make_paths(krb5_context context, - struct tr_realm *realms, const char *client_realm, - const char *server_realm) -{ - struct tr_realm *r; - int ret; - const char *prev_realm = client_realm; - const char *next_realm = NULL; - for(r = realms; r; r = r->next){ - /* it *might* be that you can have more than one empty - component in a row, at least that's how I interpret the - "," exception in 1510 */ - if(r->realm[0] == '\0'){ - while(r->next && r->next->realm[0] == '\0') - r = r->next; - if(r->next) - next_realm = r->next->realm; - else - next_realm = server_realm; - ret = make_path(context, r, prev_realm, next_realm); - if(ret){ - free_realms(realms); - return ret; - } - } - prev_realm = r->realm; - } - return 0; -} - -static int -expand_realms(krb5_context context, - struct tr_realm *realms, const char *client_realm) -{ - struct tr_realm *r; - const char *prev_realm = NULL; - for(r = realms; r; r = r->next){ - if(r->trailing_dot){ - char *tmp; - size_t len; - - if(prev_realm == NULL) - prev_realm = client_realm; - - len = strlen(r->realm) + strlen(prev_realm) + 1; - - tmp = realloc(r->realm, len); - if(tmp == NULL){ - free_realms(realms); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - r->realm = tmp; - strlcat(r->realm, prev_realm, len); - }else if(r->leading_slash && !r->leading_space && prev_realm){ - /* yet another exception: if you use x500-names, the - leading realm doesn't have to be "quoted" with a space */ - char *tmp; - size_t len = strlen(r->realm) + strlen(prev_realm) + 1; - - tmp = malloc(len); - if(tmp == NULL){ - free_realms(realms); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - strlcpy(tmp, prev_realm, len); - strlcat(tmp, r->realm, len); - free(r->realm); - r->realm = tmp; - } - prev_realm = r->realm; - } - return 0; -} - -static struct tr_realm * -make_realm(char *realm) -{ - struct tr_realm *r; - char *p, *q; - int quote = 0; - r = calloc(1, sizeof(*r)); - if(r == NULL){ - free(realm); - return NULL; - } - r->realm = realm; - for(p = q = r->realm; *p; p++){ - if(p == r->realm && *p == ' '){ - r->leading_space = 1; - continue; - } - if(q == r->realm && *p == '/') - r->leading_slash = 1; - if(quote){ - *q++ = *p; - quote = 0; - continue; - } - if(*p == '\\'){ - quote = 1; - continue; - } - if(p[0] == '.' && p[1] == '\0') - r->trailing_dot = 1; - *q++ = *p; - } - *q = '\0'; - return r; -} - -static struct tr_realm* -append_realm(struct tr_realm *head, struct tr_realm *r) -{ - struct tr_realm *p; - if(head == NULL){ - r->next = NULL; - return r; - } - p = head; - while(p->next) p = p->next; - p->next = r; - return head; -} - -static int -decode_realms(krb5_context context, - const char *tr, int length, struct tr_realm **realms) -{ - struct tr_realm *r = NULL; - - char *tmp; - int quote = 0; - const char *start = tr; - int i; - - for(i = 0; i < length; i++){ - if(quote){ - quote = 0; - continue; - } - if(tr[i] == '\\'){ - quote = 1; - continue; - } - if(tr[i] == ','){ - tmp = malloc(tr + i - start + 1); - if(tmp == NULL){ - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - memcpy(tmp, start, tr + i - start); - tmp[tr + i - start] = '\0'; - r = make_realm(tmp); - if(r == NULL){ - free_realms(*realms); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - *realms = append_realm(*realms, r); - start = tr + i + 1; - } - } - tmp = malloc(tr + i - start + 1); - if(tmp == NULL){ - free(*realms); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - memcpy(tmp, start, tr + i - start); - tmp[tr + i - start] = '\0'; - r = make_realm(tmp); - if(r == NULL){ - free_realms(*realms); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - *realms = append_realm(*realms, r); - - return 0; -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_domain_x500_decode(krb5_context context, - krb5_data tr, char ***realms, int *num_realms, - const char *client_realm, const char *server_realm) -{ - struct tr_realm *r = NULL; - struct tr_realm *p, **q; - int ret; - - if(tr.length == 0) { - *realms = NULL; - *num_realms = 0; - return 0; - } - - /* split string in components */ - ret = decode_realms(context, tr.data, tr.length, &r); - if(ret) - return ret; - - /* apply prefix rule */ - ret = expand_realms(context, r, client_realm); - if(ret) - return ret; - - ret = make_paths(context, r, client_realm, server_realm); - if(ret) - return ret; - - /* remove empty components and count realms */ - q = &r; - *num_realms = 0; - for(p = r; p; ){ - if(p->realm[0] == '\0'){ - free(p->realm); - *q = p->next; - free(p); - p = *q; - }else{ - q = &p->next; - p = p->next; - (*num_realms)++; - } - } - if (*num_realms < 0 || *num_realms + 1 > UINT_MAX/sizeof(**realms)) - return ERANGE; - - { - char **R; - R = malloc((*num_realms + 1) * sizeof(*R)); - if (R == NULL) - return ENOMEM; - *realms = R; - while(r){ - *R++ = r->realm; - p = r->next; - free(r); - r = p; - } - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_domain_x500_encode(char **realms, int num_realms, krb5_data *encoding) -{ - char *s = NULL; - int len = 0; - int i; - krb5_data_zero(encoding); - if (num_realms == 0) - return 0; - for(i = 0; i < num_realms; i++){ - len += strlen(realms[i]); - if(realms[i][0] == '/') - len++; - } - len += num_realms - 1; - s = malloc(len + 1); - if (s == NULL) - return ENOMEM; - *s = '\0'; - for(i = 0; i < num_realms; i++){ - if(i && i < num_realms - 1) - strlcat(s, ",", len + 1); - if(realms[i][0] == '/') - strlcat(s, " ", len + 1); - strlcat(s, realms[i], len + 1); - } - encoding->data = s; - encoding->length = strlen(s); - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_check_transited(krb5_context context, - krb5_const_realm client_realm, - krb5_const_realm server_realm, - krb5_realm *realms, - int num_realms, - int *bad_realm) -{ - char **tr_realms; - char **p; - int i; - - if(num_realms == 0) - return 0; - - tr_realms = krb5_config_get_strings(context, NULL, - "capaths", - client_realm, - server_realm, - NULL); - for(i = 0; i < num_realms; i++) { - for(p = tr_realms; p && *p; p++) { - if(strcmp(*p, realms[i]) == 0) - break; - } - if(p == NULL || *p == NULL) { - krb5_config_free_strings(tr_realms); - krb5_set_error_string (context, "no transit through realm %s", - realms[i]); - if(bad_realm) - *bad_realm = i; - return KRB5KRB_AP_ERR_ILL_CR_TKT; - } - } - krb5_config_free_strings(tr_realms); - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_check_transited_realms(krb5_context context, - const char *const *realms, - int num_realms, - int *bad_realm) -{ - int i; - int ret = 0; - char **bad_realms = krb5_config_get_strings(context, NULL, - "libdefaults", - "transited_realms_reject", - NULL); - if(bad_realms == NULL) - return 0; - - for(i = 0; i < num_realms; i++) { - char **p; - for(p = bad_realms; *p; p++) - if(strcmp(*p, realms[i]) == 0) { - krb5_set_error_string (context, "no transit through realm %s", - *p); - ret = KRB5KRB_AP_ERR_ILL_CR_TKT; - if(bad_realm) - *bad_realm = i; - break; - } - } - krb5_config_free_strings(bad_realms); - return ret; -} - -#if 0 -int -main(int argc, char **argv) -{ - krb5_data x; - char **r; - int num, i; - x.data = argv[1]; - x.length = strlen(x.data); - if(domain_expand(x, &r, &num, argv[2], argv[3])) - exit(1); - for(i = 0; i < num; i++) - printf("%s\n", r[i]); - return 0; -} -#endif - diff --git a/crypto/heimdal/lib/krb5/v4_glue.c b/crypto/heimdal/lib/krb5/v4_glue.c deleted file mode 100644 index 37b1e35dd188..000000000000 --- a/crypto/heimdal/lib/krb5/v4_glue.c +++ /dev/null @@ -1,939 +0,0 @@ -/* - * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -RCSID("$Id: v4_glue.c 22071 2007-11-14 20:04:50Z lha $"); - -#include "krb5-v4compat.h" - -/* - * - */ - -#define RCHECK(r,func,label) \ - do { (r) = func ; if (r) goto label; } while(0); - - -/* include this here, to avoid dependencies on libkrb */ - -static const int _tkt_lifetimes[TKTLIFENUMFIXED] = { - 38400, 41055, 43894, 46929, 50174, 53643, 57352, 61318, - 65558, 70091, 74937, 80119, 85658, 91581, 97914, 104684, - 111922, 119661, 127935, 136781, 146239, 156350, 167161, 178720, - 191077, 204289, 218415, 233517, 249664, 266926, 285383, 305116, - 326213, 348769, 372885, 398668, 426234, 455705, 487215, 520904, - 556921, 595430, 636601, 680618, 727680, 777995, 831789, 889303, - 950794, 1016537, 1086825, 1161973, 1242318, 1328218, 1420057, 1518247, - 1623226, 1735464, 1855462, 1983758, 2120925, 2267576, 2424367, 2592000 -}; - -int KRB5_LIB_FUNCTION -_krb5_krb_time_to_life(time_t start, time_t end) -{ - int i; - time_t life = end - start; - - if (life > MAXTKTLIFETIME || life <= 0) - return 0; -#if 0 - if (krb_no_long_lifetimes) - return (life + 5*60 - 1)/(5*60); -#endif - - if (end >= NEVERDATE) - return TKTLIFENOEXPIRE; - if (life < _tkt_lifetimes[0]) - return (life + 5*60 - 1)/(5*60); - for (i=0; i TKTLIFEMAXFIXED) - return start + MAXTKTLIFETIME; - return start + _tkt_lifetimes[life - TKTLIFEMINFIXED]; -} - -/* - * Get the name of the krb4 credentials cache, will use `tkfile' as - * the name if that is passed in. `cc' must be free()ed by caller, - */ - -static krb5_error_code -get_krb4_cc_name(const char *tkfile, char **cc) -{ - - *cc = NULL; - if(tkfile == NULL) { - char *path; - if(!issuid()) { - path = getenv("KRBTKFILE"); - if (path) - *cc = strdup(path); - } - if(*cc == NULL) - if (asprintf(cc, "%s%u", TKT_ROOT, (unsigned)getuid()) < 0) - return errno; - } else { - *cc = strdup(tkfile); - if (*cc == NULL) - return ENOMEM; - } - return 0; -} - -/* - * Write a Kerberos 4 ticket file - */ - -#define KRB5_TF_LCK_RETRY_COUNT 50 -#define KRB5_TF_LCK_RETRY 1 - -static krb5_error_code -write_v4_cc(krb5_context context, const char *tkfile, - krb5_storage *sp, int append) -{ - krb5_error_code ret; - struct stat sb; - krb5_data data; - char *path; - int fd, i; - - ret = get_krb4_cc_name(tkfile, &path); - if (ret) { - krb5_set_error_string(context, - "krb5_krb_tf_setup: failed getting " - "the krb4 credentials cache name"); - return ret; - } - - fd = open(path, O_WRONLY|O_CREAT, 0600); - if (fd < 0) { - ret = errno; - krb5_set_error_string(context, - "krb5_krb_tf_setup: error opening file %s", - path); - free(path); - return ret; - } - - if (fstat(fd, &sb) != 0 || !S_ISREG(sb.st_mode)) { - krb5_set_error_string(context, - "krb5_krb_tf_setup: tktfile %s is not a file", - path); - free(path); - close(fd); - return KRB5_FCC_PERM; - } - - for (i = 0; i < KRB5_TF_LCK_RETRY_COUNT; i++) { - if (flock(fd, LOCK_EX | LOCK_NB) < 0) { - sleep(KRB5_TF_LCK_RETRY); - } else - break; - } - if (i == KRB5_TF_LCK_RETRY_COUNT) { - krb5_set_error_string(context, - "krb5_krb_tf_setup: failed to lock %s", - path); - free(path); - close(fd); - return KRB5_FCC_PERM; - } - - if (!append) { - ret = ftruncate(fd, 0); - if (ret < 0) { - flock(fd, LOCK_UN); - krb5_set_error_string(context, - "krb5_krb_tf_setup: failed to truncate %s", - path); - free(path); - close(fd); - return KRB5_FCC_PERM; - } - } - ret = lseek(fd, 0L, SEEK_END); - if (ret < 0) { - ret = errno; - flock(fd, LOCK_UN); - free(path); - close(fd); - return ret; - } - - krb5_storage_to_data(sp, &data); - - ret = write(fd, data.data, data.length); - if (ret != data.length) - ret = KRB5_CC_IO; - - krb5_free_data_contents(context, &data); - - flock(fd, LOCK_UN); - free(path); - close(fd); - - return 0; -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_tf_setup(krb5_context context, - struct credentials *v4creds, - const char *tkfile, - int append) -{ - krb5_error_code ret; - krb5_storage *sp; - - sp = krb5_storage_emem(); - if (sp == NULL) - return ENOMEM; - - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_HOST); - krb5_storage_set_eof_code(sp, KRB5_CC_IO); - - krb5_clear_error_string(context); - - if (!append) { - RCHECK(ret, krb5_store_stringz(sp, v4creds->pname), error); - RCHECK(ret, krb5_store_stringz(sp, v4creds->pinst), error); - } - - /* cred */ - RCHECK(ret, krb5_store_stringz(sp, v4creds->service), error); - RCHECK(ret, krb5_store_stringz(sp, v4creds->instance), error); - RCHECK(ret, krb5_store_stringz(sp, v4creds->realm), error); - ret = krb5_storage_write(sp, v4creds->session, 8); - if (ret != 8) { - ret = KRB5_CC_IO; - goto error; - } - RCHECK(ret, krb5_store_int32(sp, v4creds->lifetime), error); - RCHECK(ret, krb5_store_int32(sp, v4creds->kvno), error); - RCHECK(ret, krb5_store_int32(sp, v4creds->ticket_st.length), error); - - ret = krb5_storage_write(sp, v4creds->ticket_st.dat, - v4creds->ticket_st.length); - if (ret != v4creds->ticket_st.length) { - ret = KRB5_CC_IO; - goto error; - } - RCHECK(ret, krb5_store_int32(sp, v4creds->issue_date), error); - - ret = write_v4_cc(context, tkfile, sp, append); - - error: - krb5_storage_free(sp); - - return ret; -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_dest_tkt(krb5_context context, const char *tkfile) -{ - krb5_error_code ret; - char *path; - - ret = get_krb4_cc_name(tkfile, &path); - if (ret) { - krb5_set_error_string(context, - "krb5_krb_tf_setup: failed getting " - "the krb4 credentials cache name"); - return ret; - } - - if (unlink(path) < 0) { - ret = errno; - krb5_set_error_string(context, - "krb5_krb_dest_tkt failed removing the cache " - "with error %s", strerror(ret)); - } - free(path); - - return ret; -} - -/* - * - */ - -static krb5_error_code -decrypt_etext(krb5_context context, const krb5_keyblock *key, - const krb5_data *cdata, krb5_data *data) -{ - krb5_error_code ret; - krb5_crypto crypto; - - ret = krb5_crypto_init(context, key, ETYPE_DES_PCBC_NONE, &crypto); - if (ret) - return ret; - - ret = krb5_decrypt(context, crypto, 0, cdata->data, cdata->length, data); - krb5_crypto_destroy(context, crypto); - - return ret; -} - - -/* - * - */ - -static const char eightzeros[8] = "\x00\x00\x00\x00\x00\x00\x00\x00"; - -static krb5_error_code -storage_to_etext(krb5_context context, - krb5_storage *sp, - const krb5_keyblock *key, - krb5_data *enc_data) -{ - krb5_error_code ret; - krb5_crypto crypto; - krb5_ssize_t size; - krb5_data data; - - /* multiple of eight bytes */ - - size = krb5_storage_seek(sp, 0, SEEK_END); - if (size < 0) - return KRB4ET_RD_AP_UNDEC; - size = 8 - (size & 7); - - ret = krb5_storage_write(sp, eightzeros, size); - if (ret != size) - return KRB4ET_RD_AP_UNDEC; - - ret = krb5_storage_to_data(sp, &data); - if (ret) - return ret; - - ret = krb5_crypto_init(context, key, ETYPE_DES_PCBC_NONE, &crypto); - if (ret) { - krb5_data_free(&data); - return ret; - } - - ret = krb5_encrypt(context, crypto, 0, data.data, data.length, enc_data); - - krb5_data_free(&data); - krb5_crypto_destroy(context, crypto); - - return ret; -} - -/* - * - */ - -static krb5_error_code -put_nir(krb5_storage *sp, const char *name, - const char *instance, const char *realm) -{ - krb5_error_code ret; - - RCHECK(ret, krb5_store_stringz(sp, name), error); - RCHECK(ret, krb5_store_stringz(sp, instance), error); - if (realm) { - RCHECK(ret, krb5_store_stringz(sp, realm), error); - } - error: - return ret; -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_create_ticket(krb5_context context, - unsigned char flags, - const char *pname, - const char *pinstance, - const char *prealm, - int32_t paddress, - const krb5_keyblock *session, - int16_t life, - int32_t life_sec, - const char *sname, - const char *sinstance, - const krb5_keyblock *key, - krb5_data *enc_data) -{ - krb5_error_code ret; - krb5_storage *sp; - - krb5_data_zero(enc_data); - - sp = krb5_storage_emem(); - if (sp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE); - - RCHECK(ret, krb5_store_int8(sp, flags), error); - RCHECK(ret, put_nir(sp, pname, pinstance, prealm), error); - RCHECK(ret, krb5_store_int32(sp, ntohl(paddress)), error); - - /* session key */ - ret = krb5_storage_write(sp, - session->keyvalue.data, - session->keyvalue.length); - if (ret != session->keyvalue.length) { - ret = KRB4ET_INTK_PROT; - goto error; - } - - RCHECK(ret, krb5_store_int8(sp, life), error); - RCHECK(ret, krb5_store_int32(sp, life_sec), error); - RCHECK(ret, put_nir(sp, sname, sinstance, NULL), error); - - ret = storage_to_etext(context, sp, key, enc_data); - - error: - krb5_storage_free(sp); - if (ret) - krb5_set_error_string(context, "Failed to encode kerberos 4 ticket"); - - return ret; -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_create_ciph(krb5_context context, - const krb5_keyblock *session, - const char *service, - const char *instance, - const char *realm, - uint32_t life, - unsigned char kvno, - const krb5_data *ticket, - uint32_t kdc_time, - const krb5_keyblock *key, - krb5_data *enc_data) -{ - krb5_error_code ret; - krb5_storage *sp; - - krb5_data_zero(enc_data); - - sp = krb5_storage_emem(); - if (sp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE); - - /* session key */ - ret = krb5_storage_write(sp, - session->keyvalue.data, - session->keyvalue.length); - if (ret != session->keyvalue.length) { - ret = KRB4ET_INTK_PROT; - goto error; - } - - RCHECK(ret, put_nir(sp, service, instance, realm), error); - RCHECK(ret, krb5_store_int8(sp, life), error); - RCHECK(ret, krb5_store_int8(sp, kvno), error); - RCHECK(ret, krb5_store_int8(sp, ticket->length), error); - ret = krb5_storage_write(sp, ticket->data, ticket->length); - if (ret != ticket->length) { - ret = KRB4ET_INTK_PROT; - goto error; - } - RCHECK(ret, krb5_store_int32(sp, kdc_time), error); - - ret = storage_to_etext(context, sp, key, enc_data); - - error: - krb5_storage_free(sp); - if (ret) - krb5_set_error_string(context, "Failed to encode kerberos 4 ticket"); - - return ret; -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_create_auth_reply(krb5_context context, - const char *pname, - const char *pinst, - const char *prealm, - int32_t time_ws, - int n, - uint32_t x_date, - unsigned char kvno, - const krb5_data *cipher, - krb5_data *data) -{ - krb5_error_code ret; - krb5_storage *sp; - - krb5_data_zero(data); - - sp = krb5_storage_emem(); - if (sp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE); - - RCHECK(ret, krb5_store_int8(sp, KRB_PROT_VERSION), error); - RCHECK(ret, krb5_store_int8(sp, AUTH_MSG_KDC_REPLY), error); - RCHECK(ret, put_nir(sp, pname, pinst, prealm), error); - RCHECK(ret, krb5_store_int32(sp, time_ws), error); - RCHECK(ret, krb5_store_int8(sp, n), error); - RCHECK(ret, krb5_store_int32(sp, x_date), error); - RCHECK(ret, krb5_store_int8(sp, kvno), error); - RCHECK(ret, krb5_store_int16(sp, cipher->length), error); - ret = krb5_storage_write(sp, cipher->data, cipher->length); - if (ret != cipher->length) { - ret = KRB4ET_INTK_PROT; - goto error; - } - - ret = krb5_storage_to_data(sp, data); - - error: - krb5_storage_free(sp); - if (ret) - krb5_set_error_string(context, "Failed to encode kerberos 4 ticket"); - - return ret; -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_cr_err_reply(krb5_context context, - const char *name, - const char *inst, - const char *realm, - uint32_t time_ws, - uint32_t e, - const char *e_string, - krb5_data *data) -{ - krb5_error_code ret; - krb5_storage *sp; - - krb5_data_zero(data); - - if (name == NULL) name = ""; - if (inst == NULL) inst = ""; - if (realm == NULL) realm = ""; - if (e_string == NULL) e_string = ""; - - sp = krb5_storage_emem(); - if (sp == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE); - - RCHECK(ret, krb5_store_int8(sp, KRB_PROT_VERSION), error); - RCHECK(ret, krb5_store_int8(sp, AUTH_MSG_ERR_REPLY), error); - RCHECK(ret, put_nir(sp, name, inst, realm), error); - RCHECK(ret, krb5_store_int32(sp, time_ws), error); - /* If it is a Kerberos 4 error-code, remove the et BASE */ - if (e >= ERROR_TABLE_BASE_krb && e <= ERROR_TABLE_BASE_krb + 255) - e -= ERROR_TABLE_BASE_krb; - RCHECK(ret, krb5_store_int32(sp, e), error); - RCHECK(ret, krb5_store_stringz(sp, e_string), error); - - ret = krb5_storage_to_data(sp, data); - - error: - krb5_storage_free(sp); - if (ret) - krb5_set_error_string(context, "Failed to encode kerberos 4 error"); - - return 0; -} - -static krb5_error_code -get_v4_stringz(krb5_storage *sp, char **str, size_t max_len) -{ - krb5_error_code ret; - - ret = krb5_ret_stringz(sp, str); - if (ret) - return ret; - if (strlen(*str) > max_len) { - free(*str); - *str = NULL; - return KRB4ET_INTK_PROT; - } - return 0; -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_decomp_ticket(krb5_context context, - const krb5_data *enc_ticket, - const krb5_keyblock *key, - const char *local_realm, - char **sname, - char **sinstance, - struct _krb5_krb_auth_data *ad) -{ - krb5_error_code ret; - krb5_ssize_t size; - krb5_storage *sp = NULL; - krb5_data ticket; - unsigned char des_key[8]; - - memset(ad, 0, sizeof(*ad)); - krb5_data_zero(&ticket); - - *sname = NULL; - *sinstance = NULL; - - RCHECK(ret, decrypt_etext(context, key, enc_ticket, &ticket), error); - - sp = krb5_storage_from_data(&ticket); - if (sp == NULL) { - krb5_data_free(&ticket); - krb5_set_error_string(context, "alloc: out of memory"); - return ENOMEM; - } - - krb5_storage_set_eof_code(sp, KRB4ET_INTK_PROT); - - RCHECK(ret, krb5_ret_int8(sp, &ad->k_flags), error); - RCHECK(ret, get_v4_stringz(sp, &ad->pname, ANAME_SZ), error); - RCHECK(ret, get_v4_stringz(sp, &ad->pinst, INST_SZ), error); - RCHECK(ret, get_v4_stringz(sp, &ad->prealm, REALM_SZ), error); - RCHECK(ret, krb5_ret_uint32(sp, &ad->address), error); - - size = krb5_storage_read(sp, des_key, sizeof(des_key)); - if (size != sizeof(des_key)) { - ret = KRB4ET_INTK_PROT; - goto error; - } - - RCHECK(ret, krb5_ret_uint8(sp, &ad->life), error); - - if (ad->k_flags & 1) - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_LE); - else - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE); - - RCHECK(ret, krb5_ret_uint32(sp, &ad->time_sec), error); - - RCHECK(ret, get_v4_stringz(sp, sname, ANAME_SZ), error); - RCHECK(ret, get_v4_stringz(sp, sinstance, INST_SZ), error); - - ret = krb5_keyblock_init(context, ETYPE_DES_PCBC_NONE, - des_key, sizeof(des_key), &ad->session); - if (ret) - goto error; - - if (strlen(ad->prealm) == 0) { - free(ad->prealm); - ad->prealm = strdup(local_realm); - if (ad->prealm == NULL) { - ret = ENOMEM; - goto error; - } - } - - error: - memset(des_key, 0, sizeof(des_key)); - if (sp) - krb5_storage_free(sp); - krb5_data_free(&ticket); - if (ret) { - if (*sname) { - free(*sname); - *sname = NULL; - } - if (*sinstance) { - free(*sinstance); - *sinstance = NULL; - } - _krb5_krb_free_auth_data(context, ad); - krb5_set_error_string(context, "Failed to decode v4 ticket"); - } - return ret; -} - -/* - * - */ - -krb5_error_code KRB5_LIB_FUNCTION -_krb5_krb_rd_req(krb5_context context, - krb5_data *authent, - const char *service, - const char *instance, - const char *local_realm, - int32_t from_addr, - const krb5_keyblock *key, - struct _krb5_krb_auth_data *ad) -{ - krb5_error_code ret; - krb5_storage *sp; - krb5_data ticket, eaut, aut; - krb5_ssize_t size; - int little_endian; - int8_t pvno; - int8_t type; - int8_t s_kvno; - uint8_t ticket_length; - uint8_t eaut_length; - uint8_t time_5ms; - char *realm = NULL; - char *sname = NULL; - char *sinstance = NULL; - char *r_realm = NULL; - char *r_name = NULL; - char *r_instance = NULL; - - uint32_t r_time_sec; /* Coarse time from authenticator */ - unsigned long delta_t; /* Time in authenticator - local time */ - long tkt_age; /* Age of ticket */ - - struct timeval tv; - - krb5_data_zero(&ticket); - krb5_data_zero(&eaut); - krb5_data_zero(&aut); - - sp = krb5_storage_from_data(authent); - if (sp == NULL) { - krb5_set_error_string(context, "alloc: out of memory"); - return ENOMEM; - } - - krb5_storage_set_eof_code(sp, KRB4ET_INTK_PROT); - - ret = krb5_ret_int8(sp, &pvno); - if (ret) { - krb5_set_error_string(context, "Failed reading v4 pvno"); - goto error; - } - - if (pvno != KRB_PROT_VERSION) { - ret = KRB4ET_RD_AP_VERSION; - krb5_set_error_string(context, "Failed v4 pvno not 4"); - goto error; - } - - ret = krb5_ret_int8(sp, &type); - if (ret) { - krb5_set_error_string(context, "Failed readin v4 type"); - goto error; - } - - little_endian = type & 1; - type &= ~1; - - if(type != AUTH_MSG_APPL_REQUEST && type != AUTH_MSG_APPL_REQUEST_MUTUAL) { - ret = KRB4ET_RD_AP_MSG_TYPE; - krb5_set_error_string(context, "Not a valid v4 request type"); - goto error; - } - - RCHECK(ret, krb5_ret_int8(sp, &s_kvno), error); - RCHECK(ret, get_v4_stringz(sp, &realm, REALM_SZ), error); - RCHECK(ret, krb5_ret_uint8(sp, &ticket_length), error); - RCHECK(ret, krb5_ret_uint8(sp, &eaut_length), error); - RCHECK(ret, krb5_data_alloc(&ticket, ticket_length), error); - - size = krb5_storage_read(sp, ticket.data, ticket.length); - if (size != ticket.length) { - ret = KRB4ET_INTK_PROT; - krb5_set_error_string(context, "Failed reading v4 ticket"); - goto error; - } - - /* Decrypt and take apart ticket */ - ret = _krb5_krb_decomp_ticket(context, &ticket, key, local_realm, - &sname, &sinstance, ad); - if (ret) - goto error; - - RCHECK(ret, krb5_data_alloc(&eaut, eaut_length), error); - - size = krb5_storage_read(sp, eaut.data, eaut.length); - if (size != eaut.length) { - ret = KRB4ET_INTK_PROT; - krb5_set_error_string(context, "Failed reading v4 authenticator"); - goto error; - } - - krb5_storage_free(sp); - sp = NULL; - - ret = decrypt_etext(context, &ad->session, &eaut, &aut); - if (ret) - goto error; - - sp = krb5_storage_from_data(&aut); - if (sp == NULL) { - ret = ENOMEM; - krb5_set_error_string(context, "alloc: out of memory"); - goto error; - } - - if (little_endian) - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_LE); - else - krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE); - - RCHECK(ret, get_v4_stringz(sp, &r_name, ANAME_SZ), error); - RCHECK(ret, get_v4_stringz(sp, &r_instance, INST_SZ), error); - RCHECK(ret, get_v4_stringz(sp, &r_realm, REALM_SZ), error); - - RCHECK(ret, krb5_ret_uint32(sp, &ad->checksum), error); - RCHECK(ret, krb5_ret_uint8(sp, &time_5ms), error); - RCHECK(ret, krb5_ret_uint32(sp, &r_time_sec), error); - - if (strcmp(ad->pname, r_name) != 0 || - strcmp(ad->pinst, r_instance) != 0 || - strcmp(ad->prealm, r_realm) != 0) { - krb5_set_error_string(context, "v4 principal mismatch"); - ret = KRB4ET_RD_AP_INCON; - goto error; - } - - if (from_addr && ad->address && from_addr != ad->address) { - krb5_set_error_string(context, "v4 bad address in ticket"); - ret = KRB4ET_RD_AP_BADD; - goto error; - } - - gettimeofday(&tv, NULL); - delta_t = abs((int)(tv.tv_sec - r_time_sec)); - if (delta_t > CLOCK_SKEW) { - ret = KRB4ET_RD_AP_TIME; - krb5_set_error_string(context, "v4 clock skew"); - goto error; - } - - /* Now check for expiration of ticket */ - - tkt_age = tv.tv_sec - ad->time_sec; - - if ((tkt_age < 0) && (-tkt_age > CLOCK_SKEW)) { - ret = KRB4ET_RD_AP_NYV; - krb5_set_error_string(context, "v4 clock skew for expiration"); - goto error; - } - - if (tv.tv_sec > _krb5_krb_life_to_time(ad->time_sec, ad->life)) { - ret = KRB4ET_RD_AP_EXP; - krb5_set_error_string(context, "v4 ticket expired"); - goto error; - } - - ret = 0; - error: - krb5_data_free(&ticket); - krb5_data_free(&eaut); - krb5_data_free(&aut); - if (realm) - free(realm); - if (sname) - free(sname); - if (sinstance) - free(sinstance); - if (r_name) - free(r_name); - if (r_instance) - free(r_instance); - if (r_realm) - free(r_realm); - if (sp) - krb5_storage_free(sp); - - if (ret) - krb5_clear_error_string(context); - - return ret; -} - -/* - * - */ - -void KRB5_LIB_FUNCTION -_krb5_krb_free_auth_data(krb5_context context, struct _krb5_krb_auth_data *ad) -{ - if (ad->pname) - free(ad->pname); - if (ad->pinst) - free(ad->pinst); - if (ad->prealm) - free(ad->prealm); - krb5_free_keyblock_contents(context, &ad->session); - memset(ad, 0, sizeof(*ad)); -} diff --git a/crypto/heimdal/lib/krb5/verify_init.c b/crypto/heimdal/lib/krb5/verify_init.c deleted file mode 100644 index 37db34669290..000000000000 --- a/crypto/heimdal/lib/krb5/verify_init.c +++ /dev/null @@ -1,199 +0,0 @@ -/* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: verify_init.c 15555 2005-07-06 00:48:16Z lha $"); - -void KRB5_LIB_FUNCTION -krb5_verify_init_creds_opt_init(krb5_verify_init_creds_opt *options) -{ - memset (options, 0, sizeof(*options)); -} - -void KRB5_LIB_FUNCTION -krb5_verify_init_creds_opt_set_ap_req_nofail(krb5_verify_init_creds_opt *options, - int ap_req_nofail) -{ - options->flags |= KRB5_VERIFY_INIT_CREDS_OPT_AP_REQ_NOFAIL; - options->ap_req_nofail = ap_req_nofail; -} - -/* - * - */ - -static krb5_boolean -fail_verify_is_ok (krb5_context context, - krb5_verify_init_creds_opt *options) -{ - if ((options->flags & KRB5_VERIFY_INIT_CREDS_OPT_AP_REQ_NOFAIL - && options->ap_req_nofail != 0) - || krb5_config_get_bool (context, - NULL, - "libdefaults", - "verify_ap_req_nofail", - NULL)) - return FALSE; - else - return TRUE; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_verify_init_creds(krb5_context context, - krb5_creds *creds, - krb5_principal ap_req_server, - krb5_keytab ap_req_keytab, - krb5_ccache *ccache, - krb5_verify_init_creds_opt *options) -{ - krb5_error_code ret; - krb5_data req; - krb5_ccache local_ccache = NULL; - krb5_creds *new_creds = NULL; - krb5_auth_context auth_context = NULL; - krb5_principal server = NULL; - krb5_keytab keytab = NULL; - - krb5_data_zero (&req); - - if (ap_req_server == NULL) { - char local_hostname[MAXHOSTNAMELEN]; - - if (gethostname (local_hostname, sizeof(local_hostname)) < 0) { - ret = errno; - krb5_set_error_string (context, "gethostname: %s", - strerror(ret)); - return ret; - } - - ret = krb5_sname_to_principal (context, - local_hostname, - "host", - KRB5_NT_SRV_HST, - &server); - if (ret) - goto cleanup; - } else - server = ap_req_server; - - if (ap_req_keytab == NULL) { - ret = krb5_kt_default (context, &keytab); - if (ret) - goto cleanup; - } else - keytab = ap_req_keytab; - - if (ccache && *ccache) - local_ccache = *ccache; - else { - ret = krb5_cc_gen_new (context, &krb5_mcc_ops, &local_ccache); - if (ret) - goto cleanup; - ret = krb5_cc_initialize (context, - local_ccache, - creds->client); - if (ret) - goto cleanup; - ret = krb5_cc_store_cred (context, - local_ccache, - creds); - if (ret) - goto cleanup; - } - - if (!krb5_principal_compare (context, server, creds->server)) { - krb5_creds match_cred; - - memset (&match_cred, 0, sizeof(match_cred)); - - match_cred.client = creds->client; - match_cred.server = server; - - ret = krb5_get_credentials (context, - 0, - local_ccache, - &match_cred, - &new_creds); - if (ret) { - if (fail_verify_is_ok (context, options)) - ret = 0; - goto cleanup; - } - creds = new_creds; - } - - ret = krb5_mk_req_extended (context, - &auth_context, - 0, - NULL, - creds, - &req); - - krb5_auth_con_free (context, auth_context); - auth_context = NULL; - - if (ret) - goto cleanup; - - ret = krb5_rd_req (context, - &auth_context, - &req, - server, - keytab, - 0, - NULL); - - if (ret == KRB5_KT_NOTFOUND && fail_verify_is_ok (context, options)) - ret = 0; -cleanup: - if (auth_context) - krb5_auth_con_free (context, auth_context); - krb5_data_free (&req); - if (new_creds != NULL) - krb5_free_creds (context, new_creds); - if (ap_req_server == NULL && server) - krb5_free_principal (context, server); - if (ap_req_keytab == NULL && keytab) - krb5_kt_close (context, keytab); - if (local_ccache != NULL - && - (ccache == NULL - || (ret != 0 && *ccache == NULL))) - krb5_cc_destroy (context, local_ccache); - - if (ret == 0 && ccache != NULL && *ccache == NULL) - *ccache = local_ccache; - - return ret; -} diff --git a/crypto/heimdal/lib/krb5/verify_krb5_conf.8 b/crypto/heimdal/lib/krb5/verify_krb5_conf.8 deleted file mode 100644 index 28f84aba41e0..000000000000 --- a/crypto/heimdal/lib/krb5/verify_krb5_conf.8 +++ /dev/null @@ -1,95 +0,0 @@ -.\" Copyright (c) 2000 - 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: verify_krb5_conf.8 14375 2004-12-08 17:52:41Z lha $ -.\" -.Dd December 8, 2004 -.Dt VERIFY_KRB5_CONF 8 -.Os HEIMDAL -.Sh NAME -.Nm verify_krb5_conf -.Nd checks krb5.conf for obvious errors -.Sh SYNOPSIS -.Nm -.Ar [config-file] -.Sh DESCRIPTION -.Nm -reads the configuration file -.Pa krb5.conf , -or the file given on the command line, -and parses it, thereby verifying that the syntax is not correctly wrong. -.Pp -If the file is syntactically correct, -.Nm -tries to verify that the contents of the file is of relevant nature. -.Sh ENVIRONMENT -.Ev KRB5_CONFIG -points to the configuration file to read. -.Sh FILES -.Bl -tag -width /etc/krb5.conf -compact -.It Pa /etc/krb5.conf -Kerberos 5 configuration file -.El -.Sh DIAGNOSTICS -Possible output from -.Nm -include: -.Bl -tag -width "FpathF" -.It ": failed to parse as size/time/number/boolean" -Usually means that is misspelled, or that it contains -weird characters. The parsing done by -.Nm -is more strict than the one performed by libkrb5, so strings that -work in real life might be reported as bad. -.It ": host not found ()" -Means that is supposed to point to a host, but it can't be -recognised as one. -.It : unknown or wrong type -Means that is either a string when it should be a list, vice -versa, or just that -.Nm -is confused. -.It : unknown entry -Means that is not known by -.Nm "" . -.El -.Sh SEE ALSO -.Xr krb5.conf 5 -.Sh BUGS -Since each application can put almost anything in the config file, -it's hard to come up with a watertight verification process. Most of -the default settings are sanity checked, but this does not mean that -every problem is discovered, or that everything that is reported as a -possible problem actually is one. This tool should thus be used with -some care. -.Pp -It should warn about obsolete data, or bad practice, but currently -doesn't. diff --git a/crypto/heimdal/lib/krb5/verify_krb5_conf.c b/crypto/heimdal/lib/krb5/verify_krb5_conf.c deleted file mode 100644 index b55fbd7a86b0..000000000000 --- a/crypto/heimdal/lib/krb5/verify_krb5_conf.c +++ /dev/null @@ -1,676 +0,0 @@ -/* - * Copyright (c) 1999 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -#include -#include -#include -RCSID("$Id: verify_krb5_conf.c 22233 2007-12-08 21:43:37Z lha $"); - -/* verify krb5.conf */ - -static int dumpconfig_flag = 0; -static int version_flag = 0; -static int help_flag = 0; -static int warn_mit_syntax_flag = 0; - -static struct getargs args[] = { - {"dumpconfig", 0, arg_flag, &dumpconfig_flag, - "show the parsed config files", NULL }, - {"warn-mit-syntax", 0, arg_flag, &warn_mit_syntax_flag, - "show the parsed config files", NULL }, - {"version", 0, arg_flag, &version_flag, - "print version", NULL }, - {"help", 0, arg_flag, &help_flag, - NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - "[config-file]"); - exit (ret); -} - -static int -check_bytes(krb5_context context, const char *path, char *data) -{ - if(parse_bytes(data, NULL) == -1) { - krb5_warnx(context, "%s: failed to parse \"%s\" as size", path, data); - return 1; - } - return 0; -} - -static int -check_time(krb5_context context, const char *path, char *data) -{ - if(parse_time(data, NULL) == -1) { - krb5_warnx(context, "%s: failed to parse \"%s\" as time", path, data); - return 1; - } - return 0; -} - -static int -check_numeric(krb5_context context, const char *path, char *data) -{ - long int v; - char *end; - v = strtol(data, &end, 0); - if(*end != '\0') { - krb5_warnx(context, "%s: failed to parse \"%s\" as a number", - path, data); - return 1; - } - return 0; -} - -static int -check_boolean(krb5_context context, const char *path, char *data) -{ - long int v; - char *end; - if(strcasecmp(data, "yes") == 0 || - strcasecmp(data, "true") == 0 || - strcasecmp(data, "no") == 0 || - strcasecmp(data, "false") == 0) - return 0; - v = strtol(data, &end, 0); - if(*end != '\0') { - krb5_warnx(context, "%s: failed to parse \"%s\" as a boolean", - path, data); - return 1; - } - if(v != 0 && v != 1) - krb5_warnx(context, "%s: numeric value \"%s\" is treated as \"true\"", - path, data); - return 0; -} - -static int -check_524(krb5_context context, const char *path, char *data) -{ - if(strcasecmp(data, "yes") == 0 || - strcasecmp(data, "no") == 0 || - strcasecmp(data, "2b") == 0 || - strcasecmp(data, "local") == 0) - return 0; - - krb5_warnx(context, "%s: didn't contain a valid option `%s'", - path, data); - return 1; -} - -static int -check_host(krb5_context context, const char *path, char *data) -{ - int ret; - char hostname[128]; - const char *p = data; - struct addrinfo hints; - char service[32]; - int defport; - struct addrinfo *ai; - - hints.ai_flags = 0; - hints.ai_family = PF_UNSPEC; - hints.ai_socktype = 0; - hints.ai_protocol = 0; - - hints.ai_addrlen = 0; - hints.ai_canonname = NULL; - hints.ai_addr = NULL; - hints.ai_next = NULL; - - /* XXX data could be a list of hosts that this code can't handle */ - /* XXX copied from krbhst.c */ - if(strncmp(p, "http://", 7) == 0){ - p += 7; - hints.ai_socktype = SOCK_STREAM; - strlcpy(service, "http", sizeof(service)); - defport = 80; - } else if(strncmp(p, "http/", 5) == 0) { - p += 5; - hints.ai_socktype = SOCK_STREAM; - strlcpy(service, "http", sizeof(service)); - defport = 80; - }else if(strncmp(p, "tcp/", 4) == 0){ - p += 4; - hints.ai_socktype = SOCK_STREAM; - strlcpy(service, "kerberos", sizeof(service)); - defport = 88; - } else if(strncmp(p, "udp/", 4) == 0) { - p += 4; - hints.ai_socktype = SOCK_DGRAM; - strlcpy(service, "kerberos", sizeof(service)); - defport = 88; - } else { - hints.ai_socktype = SOCK_DGRAM; - strlcpy(service, "kerberos", sizeof(service)); - defport = 88; - } - if(strsep_copy(&p, ":", hostname, sizeof(hostname)) < 0) { - return 1; - } - hostname[strcspn(hostname, "/")] = '\0'; - if(p != NULL) { - char *end; - int tmp = strtol(p, &end, 0); - if(end == p) { - krb5_warnx(context, "%s: failed to parse port number in %s", - path, data); - return 1; - } - defport = tmp; - snprintf(service, sizeof(service), "%u", defport); - } - ret = getaddrinfo(hostname, service, &hints, &ai); - if(ret == EAI_SERVICE && !isdigit((unsigned char)service[0])) { - snprintf(service, sizeof(service), "%u", defport); - ret = getaddrinfo(hostname, service, &hints, &ai); - } - if(ret != 0) { - krb5_warnx(context, "%s: %s (%s)", path, gai_strerror(ret), hostname); - return 1; - } - return 0; -} - -static int -mit_entry(krb5_context context, const char *path, char *data) -{ - if (warn_mit_syntax_flag) - krb5_warnx(context, "%s is only used by MIT Kerberos", path); - return 0; -} - -struct s2i { - const char *s; - int val; -}; - -#define L(X) { #X, LOG_ ## X } - -static struct s2i syslogvals[] = { - /* severity */ - L(EMERG), - L(ALERT), - L(CRIT), - L(ERR), - L(WARNING), - L(NOTICE), - L(INFO), - L(DEBUG), - /* facility */ - L(AUTH), -#ifdef LOG_AUTHPRIV - L(AUTHPRIV), -#endif -#ifdef LOG_CRON - L(CRON), -#endif - L(DAEMON), -#ifdef LOG_FTP - L(FTP), -#endif - L(KERN), - L(LPR), - L(MAIL), -#ifdef LOG_NEWS - L(NEWS), -#endif - L(SYSLOG), - L(USER), -#ifdef LOG_UUCP - L(UUCP), -#endif - L(LOCAL0), - L(LOCAL1), - L(LOCAL2), - L(LOCAL3), - L(LOCAL4), - L(LOCAL5), - L(LOCAL6), - L(LOCAL7), - { NULL, -1 } -}; - -static int -find_value(const char *s, struct s2i *table) -{ - while(table->s && strcasecmp(table->s, s)) - table++; - return table->val; -} - -static int -check_log(krb5_context context, const char *path, char *data) -{ - /* XXX sync with log.c */ - int min = 0, max = -1, n; - char c; - const char *p = data; - - n = sscanf(p, "%d%c%d/", &min, &c, &max); - if(n == 2){ - if(c == '/') { - if(min < 0){ - max = -min; - min = 0; - }else{ - max = min; - } - } - } - if(n){ - p = strchr(p, '/'); - if(p == NULL) { - krb5_warnx(context, "%s: failed to parse \"%s\"", path, data); - return 1; - } - p++; - } - if(strcmp(p, "STDERR") == 0 || - strcmp(p, "CONSOLE") == 0 || - (strncmp(p, "FILE", 4) == 0 && (p[4] == ':' || p[4] == '=')) || - (strncmp(p, "DEVICE", 6) == 0 && p[6] == '=')) - return 0; - if(strncmp(p, "SYSLOG", 6) == 0){ - int ret = 0; - char severity[128] = ""; - char facility[128] = ""; - p += 6; - if(*p != '\0') - p++; - if(strsep_copy(&p, ":", severity, sizeof(severity)) != -1) - strsep_copy(&p, ":", facility, sizeof(facility)); - if(*severity == '\0') - strlcpy(severity, "ERR", sizeof(severity)); - if(*facility == '\0') - strlcpy(facility, "AUTH", sizeof(facility)); - if(find_value(severity, syslogvals) == -1) { - krb5_warnx(context, "%s: unknown syslog facility \"%s\"", - path, facility); - ret++; - } - if(find_value(severity, syslogvals) == -1) { - krb5_warnx(context, "%s: unknown syslog severity \"%s\"", - path, severity); - ret++; - } - return ret; - }else{ - krb5_warnx(context, "%s: unknown log type: \"%s\"", path, data); - return 1; - } -} - -typedef int (*check_func_t)(krb5_context, const char*, char*); -struct entry { - const char *name; - int type; - void *check_data; -}; - -struct entry all_strings[] = { - { "", krb5_config_string, NULL }, - { NULL } -}; - -struct entry all_boolean[] = { - { "", krb5_config_string, check_boolean }, - { NULL } -}; - - -struct entry v4_name_convert_entries[] = { - { "host", krb5_config_list, all_strings }, - { "plain", krb5_config_list, all_strings }, - { NULL } -}; - -struct entry libdefaults_entries[] = { - { "accept_null_addresses", krb5_config_string, check_boolean }, - { "capath", krb5_config_list, all_strings }, - { "check_pac", krb5_config_string, check_boolean }, - { "clockskew", krb5_config_string, check_time }, - { "date_format", krb5_config_string, NULL }, - { "default_cc_name", krb5_config_string, NULL }, - { "default_etypes", krb5_config_string, NULL }, - { "default_etypes_des", krb5_config_string, NULL }, - { "default_keytab_modify_name", krb5_config_string, NULL }, - { "default_keytab_name", krb5_config_string, NULL }, - { "default_realm", krb5_config_string, NULL }, - { "dns_canonize_hostname", krb5_config_string, check_boolean }, - { "dns_proxy", krb5_config_string, NULL }, - { "dns_lookup_kdc", krb5_config_string, check_boolean }, - { "dns_lookup_realm", krb5_config_string, check_boolean }, - { "dns_lookup_realm_labels", krb5_config_string, NULL }, - { "egd_socket", krb5_config_string, NULL }, - { "encrypt", krb5_config_string, check_boolean }, - { "extra_addresses", krb5_config_string, NULL }, - { "fcache_version", krb5_config_string, check_numeric }, - { "fcc-mit-ticketflags", krb5_config_string, check_boolean }, - { "forward", krb5_config_string, check_boolean }, - { "forwardable", krb5_config_string, check_boolean }, - { "http_proxy", krb5_config_string, check_host /* XXX */ }, - { "ignore_addresses", krb5_config_string, NULL }, - { "kdc_timeout", krb5_config_string, check_time }, - { "kdc_timesync", krb5_config_string, check_boolean }, - { "log_utc", krb5_config_string, check_boolean }, - { "maxretries", krb5_config_string, check_numeric }, - { "scan_interfaces", krb5_config_string, check_boolean }, - { "srv_lookup", krb5_config_string, check_boolean }, - { "srv_try_txt", krb5_config_string, check_boolean }, - { "ticket_lifetime", krb5_config_string, check_time }, - { "time_format", krb5_config_string, NULL }, - { "transited_realms_reject", krb5_config_string, NULL }, - { "no-addresses", krb5_config_string, check_boolean }, - { "v4_instance_resolve", krb5_config_string, check_boolean }, - { "v4_name_convert", krb5_config_list, v4_name_convert_entries }, - { "verify_ap_req_nofail", krb5_config_string, check_boolean }, - { "max_retries", krb5_config_string, check_time }, - { "renew_lifetime", krb5_config_string, check_time }, - { "proxiable", krb5_config_string, check_boolean }, - { "warn_pwexpire", krb5_config_string, check_time }, - /* MIT stuff */ - { "permitted_enctypes", krb5_config_string, mit_entry }, - { "default_tgs_enctypes", krb5_config_string, mit_entry }, - { "default_tkt_enctypes", krb5_config_string, mit_entry }, - { NULL } -}; - -struct entry appdefaults_entries[] = { - { "afslog", krb5_config_string, check_boolean }, - { "afs-use-524", krb5_config_string, check_524 }, - { "encrypt", krb5_config_string, check_boolean }, - { "forward", krb5_config_string, check_boolean }, - { "forwardable", krb5_config_string, check_boolean }, - { "proxiable", krb5_config_string, check_boolean }, - { "ticket_lifetime", krb5_config_string, check_time }, - { "renew_lifetime", krb5_config_string, check_time }, - { "no-addresses", krb5_config_string, check_boolean }, - { "krb4_get_tickets", krb5_config_string, check_boolean }, - { "pkinit_anchors", krb5_config_string, NULL }, - { "pkinit_win2k", krb5_config_string, NULL }, - { "pkinit_win2k_require_binding", krb5_config_string, NULL }, - { "pkinit_require_eku", krb5_config_string, NULL }, - { "pkinit_require_krbtgt_otherName", krb5_config_string, NULL }, - { "pkinit_require_hostname_match", krb5_config_string, NULL }, -#if 0 - { "anonymous", krb5_config_string, check_boolean }, -#endif - { "", krb5_config_list, appdefaults_entries }, - { NULL } -}; - -struct entry realms_entries[] = { - { "forwardable", krb5_config_string, check_boolean }, - { "proxiable", krb5_config_string, check_boolean }, - { "ticket_lifetime", krb5_config_string, check_time }, - { "renew_lifetime", krb5_config_string, check_time }, - { "warn_pwexpire", krb5_config_string, check_time }, - { "kdc", krb5_config_string, check_host }, - { "admin_server", krb5_config_string, check_host }, - { "kpasswd_server", krb5_config_string, check_host }, - { "krb524_server", krb5_config_string, check_host }, - { "v4_name_convert", krb5_config_list, v4_name_convert_entries }, - { "v4_instance_convert", krb5_config_list, all_strings }, - { "v4_domains", krb5_config_string, NULL }, - { "default_domain", krb5_config_string, NULL }, - { "win2k_pkinit", krb5_config_string, NULL }, - /* MIT stuff */ - { "admin_keytab", krb5_config_string, mit_entry }, - { "acl_file", krb5_config_string, mit_entry }, - { "dict_file", krb5_config_string, mit_entry }, - { "kadmind_port", krb5_config_string, mit_entry }, - { "kpasswd_port", krb5_config_string, mit_entry }, - { "master_key_name", krb5_config_string, mit_entry }, - { "master_key_type", krb5_config_string, mit_entry }, - { "key_stash_file", krb5_config_string, mit_entry }, - { "max_life", krb5_config_string, mit_entry }, - { "max_renewable_life", krb5_config_string, mit_entry }, - { "default_principal_expiration", krb5_config_string, mit_entry }, - { "default_principal_flags", krb5_config_string, mit_entry }, - { "supported_enctypes", krb5_config_string, mit_entry }, - { "database_name", krb5_config_string, mit_entry }, - { NULL } -}; - -struct entry realms_foobar[] = { - { "", krb5_config_list, realms_entries }, - { NULL } -}; - - -struct entry kdc_database_entries[] = { - { "realm", krb5_config_string, NULL }, - { "dbname", krb5_config_string, NULL }, - { "mkey_file", krb5_config_string, NULL }, - { "acl_file", krb5_config_string, NULL }, - { "log_file", krb5_config_string, NULL }, - { NULL } -}; - -struct entry kdc_entries[] = { - { "database", krb5_config_list, kdc_database_entries }, - { "key-file", krb5_config_string, NULL }, - { "logging", krb5_config_string, check_log }, - { "max-request", krb5_config_string, check_bytes }, - { "require-preauth", krb5_config_string, check_boolean }, - { "ports", krb5_config_string, NULL }, - { "addresses", krb5_config_string, NULL }, - { "enable-kerberos4", krb5_config_string, check_boolean }, - { "enable-524", krb5_config_string, check_boolean }, - { "enable-http", krb5_config_string, check_boolean }, - { "check-ticket-addresses", krb5_config_string, check_boolean }, - { "allow-null-ticket-addresses", krb5_config_string, check_boolean }, - { "allow-anonymous", krb5_config_string, check_boolean }, - { "v4_realm", krb5_config_string, NULL }, - { "enable-kaserver", krb5_config_string, check_boolean }, - { "encode_as_rep_as_tgs_rep", krb5_config_string, check_boolean }, - { "kdc_warn_pwexpire", krb5_config_string, check_time }, - { "use_2b", krb5_config_list, NULL }, - { "enable-pkinit", krb5_config_string, check_boolean }, - { "pkinit_identity", krb5_config_string, NULL }, - { "pkinit_anchors", krb5_config_string, NULL }, - { "pkinit_pool", krb5_config_string, NULL }, - { "pkinit_revoke", krb5_config_string, NULL }, - { "pkinit_kdc_ocsp", krb5_config_string, NULL }, - { "pkinit_principal_in_certificate", krb5_config_string, NULL }, - { "pkinit_dh_min_bits", krb5_config_string, NULL }, - { "pkinit_allow_proxy_certificate", krb5_config_string, NULL }, - { "hdb-ldap-create-base", krb5_config_string, NULL }, - { "v4-realm", krb5_config_string, NULL }, - { NULL } -}; - -struct entry kadmin_entries[] = { - { "password_lifetime", krb5_config_string, check_time }, - { "default_keys", krb5_config_string, NULL }, - { "use_v4_salt", krb5_config_string, NULL }, - { "require-preauth", krb5_config_string, check_boolean }, - { NULL } -}; -struct entry log_strings[] = { - { "", krb5_config_string, check_log }, - { NULL } -}; - - -/* MIT stuff */ -struct entry kdcdefaults_entries[] = { - { "kdc_ports", krb5_config_string, mit_entry }, - { "v4_mode", krb5_config_string, mit_entry }, - { NULL } -}; - -struct entry capaths_entries[] = { - { "", krb5_config_list, all_strings }, - { NULL } -}; - -struct entry password_quality_entries[] = { - { "policies", krb5_config_string, NULL }, - { "external_program", krb5_config_string, NULL }, - { "min_classes", krb5_config_string, check_numeric }, - { "min_length", krb5_config_string, check_numeric }, - { "", krb5_config_list, all_strings }, - { NULL } -}; - -struct entry toplevel_sections[] = { - { "libdefaults" , krb5_config_list, libdefaults_entries }, - { "realms", krb5_config_list, realms_foobar }, - { "domain_realm", krb5_config_list, all_strings }, - { "logging", krb5_config_list, log_strings }, - { "kdc", krb5_config_list, kdc_entries }, - { "kadmin", krb5_config_list, kadmin_entries }, - { "appdefaults", krb5_config_list, appdefaults_entries }, - { "gssapi", krb5_config_list, NULL }, - { "capaths", krb5_config_list, capaths_entries }, - { "password_quality", krb5_config_list, password_quality_entries }, - /* MIT stuff */ - { "kdcdefaults", krb5_config_list, kdcdefaults_entries }, - { NULL } -}; - - -static int -check_section(krb5_context context, const char *path, krb5_config_section *cf, - struct entry *entries) -{ - int error = 0; - krb5_config_section *p; - struct entry *e; - - char *local; - - for(p = cf; p != NULL; p = p->next) { - asprintf(&local, "%s/%s", path, p->name); - for(e = entries; e->name != NULL; e++) { - if(*e->name == '\0' || strcmp(e->name, p->name) == 0) { - if(e->type != p->type) { - krb5_warnx(context, "%s: unknown or wrong type", local); - error |= 1; - } else if(p->type == krb5_config_string && e->check_data != NULL) { - error |= (*(check_func_t)e->check_data)(context, local, p->u.string); - } else if(p->type == krb5_config_list && e->check_data != NULL) { - error |= check_section(context, local, p->u.list, e->check_data); - } - break; - } - } - if(e->name == NULL) { - krb5_warnx(context, "%s: unknown entry", local); - error |= 1; - } - free(local); - } - return error; -} - - -static void -dumpconfig(int level, krb5_config_section *top) -{ - krb5_config_section *x; - for(x = top; x; x = x->next) { - switch(x->type) { - case krb5_config_list: - if(level == 0) { - printf("[%s]\n", x->name); - } else { - printf("%*s%s = {\n", 4 * level, " ", x->name); - } - dumpconfig(level + 1, x->u.list); - if(level > 0) - printf("%*s}\n", 4 * level, " "); - break; - case krb5_config_string: - printf("%*s%s = %s\n", 4 * level, " ", x->name, x->u.string); - break; - } - } -} - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - krb5_config_section *tmp_cf; - int optidx = 0; - - setprogname (argv[0]); - - ret = krb5_init_context(&context); - if (ret == KRB5_CONFIG_BADFORMAT) - errx (1, "krb5_init_context failed to parse configuration file"); - else if (ret) - errx (1, "krb5_init_context failed with %d", ret); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - tmp_cf = NULL; - if(argc == 0) - krb5_get_default_config_files(&argv); - - while(*argv) { - ret = krb5_config_parse_file_multi(context, *argv, &tmp_cf); - if (ret != 0) - krb5_warn (context, ret, "krb5_config_parse_file"); - argv++; - } - - if(dumpconfig_flag) - dumpconfig(0, tmp_cf); - - return check_section(context, "", tmp_cf, toplevel_sections); -} diff --git a/crypto/heimdal/lib/krb5/verify_user.c b/crypto/heimdal/lib/krb5/verify_user.c deleted file mode 100644 index 1edbaff7e23b..000000000000 --- a/crypto/heimdal/lib/krb5/verify_user.c +++ /dev/null @@ -1,265 +0,0 @@ -/* - * Copyright (c) 1997-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: verify_user.c 19078 2006-11-20 18:12:41Z lha $"); - -static krb5_error_code -verify_common (krb5_context context, - krb5_principal principal, - krb5_ccache ccache, - krb5_keytab keytab, - krb5_boolean secure, - const char *service, - krb5_creds cred) -{ - krb5_error_code ret; - krb5_principal server; - krb5_verify_init_creds_opt vopt; - krb5_ccache id; - - ret = krb5_sname_to_principal (context, NULL, service, KRB5_NT_SRV_HST, - &server); - if(ret) - return ret; - - krb5_verify_init_creds_opt_init(&vopt); - krb5_verify_init_creds_opt_set_ap_req_nofail(&vopt, secure); - - ret = krb5_verify_init_creds(context, - &cred, - server, - keytab, - NULL, - &vopt); - krb5_free_principal(context, server); - if(ret) - return ret; - if(ccache == NULL) - ret = krb5_cc_default (context, &id); - else - id = ccache; - if(ret == 0){ - ret = krb5_cc_initialize(context, id, principal); - if(ret == 0){ - ret = krb5_cc_store_cred(context, id, &cred); - } - if(ccache == NULL) - krb5_cc_close(context, id); - } - krb5_free_cred_contents(context, &cred); - return ret; -} - -/* - * Verify user `principal' with `password'. - * - * If `secure', also verify against local service key for `service'. - * - * As a side effect, fresh tickets are obtained and stored in `ccache'. - */ - -void KRB5_LIB_FUNCTION -krb5_verify_opt_init(krb5_verify_opt *opt) -{ - memset(opt, 0, sizeof(*opt)); - opt->secure = TRUE; - opt->service = "host"; -} - -int KRB5_LIB_FUNCTION -krb5_verify_opt_alloc(krb5_context context, krb5_verify_opt **opt) -{ - *opt = calloc(1, sizeof(**opt)); - if ((*opt) == NULL) { - krb5_set_error_string(context, "malloc: out of memory"); - return ENOMEM; - } - krb5_verify_opt_init(*opt); - return 0; -} - -void KRB5_LIB_FUNCTION -krb5_verify_opt_free(krb5_verify_opt *opt) -{ - free(opt); -} - -void KRB5_LIB_FUNCTION -krb5_verify_opt_set_ccache(krb5_verify_opt *opt, krb5_ccache ccache) -{ - opt->ccache = ccache; -} - -void KRB5_LIB_FUNCTION -krb5_verify_opt_set_keytab(krb5_verify_opt *opt, krb5_keytab keytab) -{ - opt->keytab = keytab; -} - -void KRB5_LIB_FUNCTION -krb5_verify_opt_set_secure(krb5_verify_opt *opt, krb5_boolean secure) -{ - opt->secure = secure; -} - -void KRB5_LIB_FUNCTION -krb5_verify_opt_set_service(krb5_verify_opt *opt, const char *service) -{ - opt->service = service; -} - -void KRB5_LIB_FUNCTION -krb5_verify_opt_set_flags(krb5_verify_opt *opt, unsigned int flags) -{ - opt->flags |= flags; -} - -static krb5_error_code -verify_user_opt_int(krb5_context context, - krb5_principal principal, - const char *password, - krb5_verify_opt *vopt) - -{ - krb5_error_code ret; - krb5_get_init_creds_opt *opt; - krb5_creds cred; - - ret = krb5_get_init_creds_opt_alloc (context, &opt); - if (ret) - return ret; - krb5_get_init_creds_opt_set_default_flags(context, NULL, - krb5_principal_get_realm(context, principal), - opt); - ret = krb5_get_init_creds_password (context, - &cred, - principal, - password, - krb5_prompter_posix, - NULL, - 0, - NULL, - opt); - krb5_get_init_creds_opt_free(context, opt); - if(ret) - return ret; -#define OPT(V, D) ((vopt && (vopt->V)) ? (vopt->V) : (D)) - return verify_common (context, principal, OPT(ccache, NULL), - OPT(keytab, NULL), vopt ? vopt->secure : TRUE, - OPT(service, "host"), cred); -#undef OPT -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_verify_user_opt(krb5_context context, - krb5_principal principal, - const char *password, - krb5_verify_opt *opt) -{ - krb5_error_code ret; - - if(opt && (opt->flags & KRB5_VERIFY_LREALMS)) { - krb5_realm *realms, *r; - ret = krb5_get_default_realms (context, &realms); - if (ret) - return ret; - ret = KRB5_CONFIG_NODEFREALM; - - for (r = realms; *r != NULL && ret != 0; ++r) { - char *tmp = strdup (*r); - - if (tmp == NULL) { - krb5_free_host_realm (context, realms); - krb5_set_error_string (context, "malloc: out of memory"); - return ENOMEM; - } - free (*krb5_princ_realm (context, principal)); - krb5_princ_set_realm (context, principal, &tmp); - - ret = verify_user_opt_int(context, principal, password, opt); - } - krb5_free_host_realm (context, realms); - if(ret) - return ret; - } else - ret = verify_user_opt_int(context, principal, password, opt); - return ret; -} - -/* compat function that calls above */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_verify_user(krb5_context context, - krb5_principal principal, - krb5_ccache ccache, - const char *password, - krb5_boolean secure, - const char *service) -{ - krb5_verify_opt opt; - - krb5_verify_opt_init(&opt); - - krb5_verify_opt_set_ccache(&opt, ccache); - krb5_verify_opt_set_secure(&opt, secure); - krb5_verify_opt_set_service(&opt, service); - - return krb5_verify_user_opt(context, principal, password, &opt); -} - -/* - * A variant of `krb5_verify_user'. The realm of `principal' is - * ignored and all the local realms are tried. - */ - -krb5_error_code KRB5_LIB_FUNCTION -krb5_verify_user_lrealm(krb5_context context, - krb5_principal principal, - krb5_ccache ccache, - const char *password, - krb5_boolean secure, - const char *service) -{ - krb5_verify_opt opt; - - krb5_verify_opt_init(&opt); - - krb5_verify_opt_set_ccache(&opt, ccache); - krb5_verify_opt_set_secure(&opt, secure); - krb5_verify_opt_set_service(&opt, service); - krb5_verify_opt_set_flags(&opt, KRB5_VERIFY_LREALMS); - - return krb5_verify_user_opt(context, principal, password, &opt); -} diff --git a/crypto/heimdal/lib/krb5/version-script.map b/crypto/heimdal/lib/krb5/version-script.map deleted file mode 100644 index df8804a4e316..000000000000 --- a/crypto/heimdal/lib/krb5/version-script.map +++ /dev/null @@ -1,722 +0,0 @@ -# $Id$ - -HEIMDAL_KRB5_1.0 { - global: - krb524_convert_creds_kdc; - krb524_convert_creds_kdc_ccache; - krb5_425_conv_principal; - krb5_425_conv_principal_ext2; - krb5_425_conv_principal_ext; - krb5_524_conv_principal; - krb5_abort; - krb5_abortx; - krb5_acl_match_file; - krb5_acl_match_string; - krb5_add_et_list; - krb5_add_extra_addresses; - krb5_add_ignore_addresses; - krb5_addlog_dest; - krb5_addlog_func; - krb5_addr2sockaddr; - krb5_address_compare; - krb5_address_order; - krb5_address_prefixlen_boundary; - krb5_address_search; - krb5_aname_to_localname; - krb5_anyaddr; - krb5_appdefault_boolean; - krb5_appdefault_string; - krb5_appdefault_time; - krb5_append_addresses; - krb5_auth_con_addflags; - krb5_auth_con_free; - krb5_auth_con_genaddrs; - krb5_auth_con_generatelocalsubkey; - krb5_auth_con_getaddrs; - krb5_auth_con_getauthenticator; - krb5_auth_con_getcksumtype; - krb5_auth_con_getflags; - krb5_auth_con_getkey; - krb5_auth_con_getkeytype; - krb5_auth_con_getlocalseqnumber; - krb5_auth_con_getlocalsubkey; - krb5_auth_con_getrcache; - krb5_auth_con_getremotesubkey; - krb5_auth_con_init; - krb5_auth_con_removeflags; - krb5_auth_con_setaddrs; - krb5_auth_con_setaddrs_from_fd; - krb5_auth_con_setcksumtype; - krb5_auth_con_setflags; - krb5_auth_con_setkey; - krb5_auth_con_setkeytype; - krb5_auth_con_setlocalseqnumber; - krb5_auth_con_setlocalsubkey; - krb5_auth_con_setrcache; - krb5_auth_con_setremoteseqnumber; - krb5_auth_con_setremotesubkey; - krb5_auth_con_setuserkey; - krb5_auth_getremoteseqnumber; - krb5_build_ap_req; - krb5_build_authenticator; - krb5_build_principal; - krb5_build_principal_ext; - krb5_build_principal_va; - krb5_build_principal_va_ext; - krb5_c_block_size; - krb5_c_checksum_length; - krb5_c_decrypt; - krb5_c_encrypt; - krb5_c_encrypt_length; - krb5_c_enctype_compare; - krb5_c_get_checksum; - krb5_c_is_coll_proof_cksum; - krb5_c_is_keyed_cksum; - krb5_c_keylengths; - krb5_c_make_checksum; - krb5_c_make_random_key; - krb5_c_prf; - krb5_c_prf_length; - krb5_c_set_checksum; - krb5_c_valid_cksumtype; - krb5_c_valid_enctype; - krb5_c_verify_checksum; - krb5_cc_cache_end_seq_get; - krb5_cc_cache_get_first; - krb5_cc_cache_match; - krb5_cc_cache_next; - krb5_cc_clear_mcred; - krb5_cc_close; - krb5_cc_copy_cache; - krb5_cc_copy_cache_match; - krb5_cc_default; - krb5_cc_default_name; - krb5_cc_destroy; - krb5_cc_end_seq_get; - krb5_cc_gen_new; - krb5_cc_get_full_name; - krb5_cc_get_name; - krb5_cc_get_ops; - krb5_cc_get_prefix_ops; - krb5_cc_get_principal; - krb5_cc_get_type; - krb5_cc_get_version; - krb5_cc_initialize; - krb5_cc_move; - krb5_cc_new_unique; - krb5_cc_next_cred; - krb5_cc_next_cred_match; - krb5_cc_register; - krb5_cc_remove_cred; - krb5_cc_resolve; - krb5_cc_retrieve_cred; - krb5_cc_set_default_name; - krb5_cc_set_flags; - krb5_cc_start_seq_get; - krb5_cc_store_cred; - krb5_change_password; - krb5_check_transited; - krb5_check_transited_realms; - krb5_checksum_disable; - krb5_checksum_free; - krb5_checksum_is_collision_proof; - krb5_checksum_is_keyed; - krb5_checksumsize; - krb5_cksumtype_valid; - krb5_clear_error_string; - krb5_closelog; - krb5_compare_creds; - krb5_config_file_free; - krb5_config_free_strings; - krb5_config_get; - krb5_config_get_bool; - krb5_config_get_bool_default; - krb5_config_get_int; - krb5_config_get_int_default; - krb5_config_get_list; - krb5_config_get_next; - krb5_config_get_string; - krb5_config_get_string_default; - krb5_config_get_strings; - krb5_config_get_time; - krb5_config_get_time_default; - krb5_config_parse_file; - krb5_config_parse_file_multi; - krb5_config_parse_string_multi; - krb5_config_vget; - krb5_config_vget_bool; - krb5_config_vget_bool_default; - krb5_config_vget_int; - krb5_config_vget_int_default; - krb5_config_vget_list; - krb5_config_vget_next; - krb5_config_vget_string; - krb5_config_vget_string_default; - krb5_config_vget_strings; - krb5_config_vget_time; - krb5_config_vget_time_default; - krb5_copy_address; - krb5_copy_addresses; - krb5_copy_checksum; - krb5_copy_creds; - krb5_copy_creds_contents; - krb5_copy_data; - krb5_copy_host_realm; - krb5_copy_keyblock; - krb5_copy_keyblock_contents; - krb5_copy_principal; - krb5_copy_ticket; - krb5_create_checksum; - krb5_crypto_destroy; - krb5_crypto_get_checksum_type; - krb5_crypto_getblocksize; - krb5_crypto_getconfoundersize; - krb5_crypto_getenctype; - krb5_crypto_getpadsize; - krb5_crypto_init; - krb5_crypto_overhead; - krb5_crypto_prf; - krb5_crypto_prf_length; - krb5_data_alloc; - krb5_data_cmp; - krb5_data_copy; - krb5_data_free; - krb5_data_realloc; - krb5_data_zero; - krb5_decode_Authenticator; - krb5_decode_ETYPE_INFO2; - krb5_decode_ETYPE_INFO; - krb5_decode_EncAPRepPart; - krb5_decode_EncASRepPart; - krb5_decode_EncKrbCredPart; - krb5_decode_EncTGSRepPart; - krb5_decode_EncTicketPart; - krb5_decode_ap_req; - krb5_decrypt; - krb5_decrypt_EncryptedData; - krb5_decrypt_ivec; - krb5_decrypt_ticket; - krb5_derive_key; - krb5_digest_alloc; - krb5_digest_free; - krb5_digest_get_client_binding; - krb5_digest_get_identifier; - krb5_digest_get_opaque; - krb5_digest_get_rsp; - krb5_digest_get_server_nonce; - krb5_digest_get_session_key; - krb5_digest_get_tickets; - krb5_digest_init_request; - krb5_digest_probe; - krb5_digest_rep_get_status; - krb5_digest_request; - krb5_digest_set_authentication_user; - krb5_digest_set_authid; - krb5_digest_set_client_nonce; - krb5_digest_set_digest; - krb5_digest_set_hostname; - krb5_digest_set_identifier; - krb5_digest_set_method; - krb5_digest_set_nonceCount; - krb5_digest_set_opaque; - krb5_digest_set_qop; - krb5_digest_set_realm; - krb5_digest_set_responseData; - krb5_digest_set_server_cb; - krb5_digest_set_server_nonce; - krb5_digest_set_type; - krb5_digest_set_uri; - krb5_digest_set_username; - krb5_domain_x500_decode; - krb5_domain_x500_encode; - krb5_eai_to_heim_errno; - krb5_encode_Authenticator; - krb5_encode_ETYPE_INFO2; - krb5_encode_ETYPE_INFO; - krb5_encode_EncAPRepPart; - krb5_encode_EncASRepPart; - krb5_encode_EncKrbCredPart; - krb5_encode_EncTGSRepPart; - krb5_encode_EncTicketPart; - krb5_encrypt; - krb5_encrypt_EncryptedData; - krb5_encrypt_ivec; - krb5_enctype_disable; - krb5_enctype_keybits; - krb5_enctype_keysize; - krb5_enctype_to_keytype; - krb5_enctype_to_string; - krb5_enctype_valid; - krb5_enctypes_compatible_keys; - krb5_err; - krb5_error_from_rd_error; - krb5_errx; - krb5_expand_hostname; - krb5_expand_hostname_realms; - krb5_find_padata; - krb5_format_time; - krb5_free_address; - krb5_free_addresses; - krb5_free_ap_rep_enc_part; - krb5_free_authenticator; - krb5_free_checksum; - krb5_free_checksum_contents; - krb5_free_config_files; - krb5_free_context; - krb5_free_cred_contents; - krb5_free_creds; - krb5_free_creds_contents; - krb5_free_data; - krb5_free_data_contents; - krb5_free_error; - krb5_free_error_contents; - krb5_free_error_string; - krb5_free_host_realm; - krb5_free_kdc_rep; - krb5_free_keyblock; - krb5_free_keyblock_contents; - krb5_free_krbhst; - krb5_free_principal; - krb5_free_salt; - krb5_free_ticket; - krb5_fwd_tgt_creds; - krb5_generate_random_block; - krb5_generate_random_keyblock; - krb5_generate_seq_number; - krb5_generate_subkey; - krb5_generate_subkey_extended; - krb5_get_all_client_addrs; - krb5_get_all_server_addrs; - krb5_get_cred_from_kdc; - krb5_get_cred_from_kdc_opt; - krb5_get_credentials; - krb5_get_credentials_with_flags; - krb5_get_creds; - krb5_get_creds_opt_add_options; - krb5_get_creds_opt_alloc; - krb5_get_creds_opt_free; - krb5_get_creds_opt_set_enctype; - krb5_get_creds_opt_set_impersonate; - krb5_get_creds_opt_set_options; - krb5_get_creds_opt_set_ticket; - krb5_get_default_config_files; - krb5_get_default_in_tkt_etypes; - krb5_get_default_principal; - krb5_get_default_realm; - krb5_get_default_realms; - krb5_get_dns_canonicalize_hostname; - krb5_get_err_text; - krb5_get_error_message; - krb5_get_error_string; - krb5_get_extra_addresses; - krb5_get_fcache_version; - krb5_get_forwarded_creds; - krb5_get_host_realm; - krb5_get_ignore_addresses; - krb5_get_in_cred; - krb5_get_in_tkt; - krb5_get_in_tkt_with_keytab; - krb5_get_in_tkt_with_password; - krb5_get_in_tkt_with_skey; - krb5_get_init_creds; - krb5_get_init_creds_keyblock; - krb5_get_init_creds_keytab; - krb5_get_init_creds_opt_alloc; - krb5_get_init_creds_opt_free; - krb5_get_init_creds_opt_get_error; - krb5_get_init_creds_opt_init; - krb5_get_init_creds_opt_set_address_list; - krb5_get_init_creds_opt_set_addressless; - krb5_get_init_creds_opt_set_anonymous; - krb5_get_init_creds_opt_set_canonicalize; - krb5_get_init_creds_opt_set_default_flags; - krb5_get_init_creds_opt_set_etype_list; - krb5_get_init_creds_opt_set_forwardable; - krb5_get_init_creds_opt_set_pa_password; - krb5_get_init_creds_opt_set_pac_request; - krb5_get_init_creds_opt_set_pkinit; - krb5_get_init_creds_opt_set_preauth_list; - krb5_get_init_creds_opt_set_proxiable; - krb5_get_init_creds_opt_set_renew_life; - krb5_get_init_creds_opt_set_salt; - krb5_get_init_creds_opt_set_tkt_life; - krb5_get_init_creds_opt_set_win2k; - krb5_get_init_creds_password; - krb5_get_kdc_cred; - krb5_get_kdc_sec_offset; - krb5_get_krb524hst; - krb5_get_krb_admin_hst; - krb5_get_krb_changepw_hst; - krb5_get_krbhst; - krb5_get_max_time_skew; - krb5_get_pw_salt; - krb5_get_renewed_creds; - krb5_get_server_rcache; - krb5_get_use_admin_kdc; - krb5_get_warn_dest; - krb5_get_wrapped_length; - krb5_getportbyname; - krb5_h_addr2addr; - krb5_h_addr2sockaddr; - krb5_h_errno_to_heim_errno; - krb5_have_error_string; - krb5_hmac; - krb5_init_context; - krb5_init_ets; - krb5_init_etype; - krb5_initlog; - krb5_is_thread_safe; - krb5_kerberos_enctypes; - krb5_keyblock_get_enctype; - krb5_keyblock_init; - krb5_keyblock_key_proc; - krb5_keyblock_zero; - krb5_keytab_key_proc; - krb5_keytype_to_enctypes; - krb5_keytype_to_enctypes_default; - krb5_keytype_to_string; - krb5_krbhst_format_string; - krb5_krbhst_free; - krb5_krbhst_get_addrinfo; - krb5_krbhst_init; - krb5_krbhst_init_flags; - krb5_krbhst_next; - krb5_krbhst_next_as_string; - krb5_krbhst_reset; - krb5_kt_add_entry; - krb5_kt_close; - krb5_kt_compare; - krb5_kt_copy_entry_contents; - krb5_kt_default; - krb5_kt_default_modify_name; - krb5_kt_default_name; - krb5_kt_end_seq_get; - krb5_kt_free_entry; - krb5_kt_get_entry; - krb5_kt_get_full_name; - krb5_kt_get_name; - krb5_kt_get_type; - krb5_kt_next_entry; - krb5_kt_read_service_key; - krb5_kt_register; - krb5_kt_remove_entry; - krb5_kt_resolve; - krb5_kt_start_seq_get; - krb5_kuserok; - krb5_log; - krb5_log_msg; - krb5_make_addrport; - krb5_make_principal; - krb5_max_sockaddr_size; - krb5_mk_error; - krb5_mk_priv; - krb5_mk_rep; - krb5_mk_req; - krb5_mk_req_exact; - krb5_mk_req_extended; - krb5_mk_safe; - krb5_net_read; - krb5_net_write; - krb5_net_write_block; - krb5_ntlm_alloc; - krb5_ntlm_free; - krb5_ntlm_init_get_challange; - krb5_ntlm_init_get_flags; - krb5_ntlm_init_get_opaque; - krb5_ntlm_init_get_targetinfo; - krb5_ntlm_init_get_targetname; - krb5_ntlm_init_request; - krb5_ntlm_rep_get_sessionkey; - krb5_ntlm_rep_get_status; - krb5_ntlm_req_set_flags; - krb5_ntlm_req_set_lm; - krb5_ntlm_req_set_ntlm; - krb5_ntlm_req_set_opaque; - krb5_ntlm_req_set_session; - krb5_ntlm_req_set_targetname; - krb5_ntlm_req_set_username; - krb5_ntlm_request; - krb5_openlog; - krb5_pac_add_buffer; - krb5_pac_free; - krb5_pac_get_buffer; - krb5_pac_get_types; - krb5_pac_init; - krb5_pac_parse; - krb5_pac_verify; - krb5_padata_add; - krb5_parse_address; - krb5_parse_name; - krb5_parse_name_flags; - krb5_parse_nametype; - krb5_passwd_result_to_string; - krb5_password_key_proc; - krb5_plugin_register; - krb5_prepend_config_files; - krb5_prepend_config_files_default; - krb5_princ_realm; - krb5_princ_set_realm; - krb5_principal_compare; - krb5_principal_compare_any_realm; - krb5_principal_get_comp_string; - krb5_principal_get_realm; - krb5_principal_get_type; - krb5_principal_match; - krb5_principal_set_type; - krb5_print_address; - krb5_program_setup; - krb5_prompter_posix; - krb5_random_to_key; - krb5_rc_close; - krb5_rc_default; - krb5_rc_default_name; - krb5_rc_default_type; - krb5_rc_destroy; - krb5_rc_expunge; - krb5_rc_get_lifespan; - krb5_rc_get_name; - krb5_rc_get_type; - krb5_rc_initialize; - krb5_rc_recover; - krb5_rc_resolve; - krb5_rc_resolve_full; - krb5_rc_resolve_type; - krb5_rc_store; - krb5_rd_cred2; - krb5_rd_cred; - krb5_rd_error; - krb5_rd_priv; - krb5_rd_rep; - krb5_rd_req; - krb5_rd_req_ctx; - krb5_rd_req_in_ctx_alloc; - krb5_rd_req_in_ctx_free; - krb5_rd_req_in_set_keyblock; - krb5_rd_req_in_set_keytab; - krb5_rd_req_in_set_pac_check; - krb5_rd_req_out_ctx_free; - krb5_rd_req_out_get_ap_req_options; - krb5_rd_req_out_get_keyblock; - krb5_rd_req_out_get_ticket; - krb5_rd_req_with_keyblock; - krb5_rd_safe; - krb5_read_message; - krb5_read_priv_message; - krb5_read_safe_message; - krb5_realm_compare; - krb5_recvauth; - krb5_recvauth_match_version; - krb5_ret_address; - krb5_ret_addrs; - krb5_ret_authdata; - krb5_ret_creds; - krb5_ret_creds_tag; - krb5_ret_data; - krb5_ret_int16; - krb5_ret_int32; - krb5_ret_int8; - krb5_ret_keyblock; - krb5_ret_principal; - krb5_ret_string; - krb5_ret_stringnl; - krb5_ret_stringz; - krb5_ret_times; - krb5_ret_uint16; - krb5_ret_uint32; - krb5_ret_uint8; - krb5_salttype_to_string; - krb5_sendauth; - krb5_sendto; - krb5_sendto_context; - krb5_sendto_ctx_add_flags; - krb5_sendto_ctx_alloc; - krb5_sendto_ctx_free; - krb5_sendto_ctx_get_flags; - krb5_sendto_ctx_set_func; - krb5_sendto_ctx_set_type; - krb5_sendto_kdc; - krb5_sendto_kdc_flags; - krb5_set_config_files; - krb5_set_default_in_tkt_etypes; - krb5_set_default_realm; - krb5_set_dns_canonicalize_hostname; - krb5_set_error_string; - krb5_set_extra_addresses; - krb5_set_fcache_version; - krb5_set_ignore_addresses; - krb5_set_max_time_skew; - krb5_set_password; - krb5_set_password_using_ccache; - krb5_set_real_time; - krb5_set_send_to_kdc_func; - krb5_set_use_admin_kdc; - krb5_set_warn_dest; - krb5_sname_to_principal; - krb5_sock_to_principal; - krb5_sockaddr2address; - krb5_sockaddr2port; - krb5_sockaddr_uninteresting; - krb5_std_usage; - krb5_storage_clear_flags; - krb5_storage_emem; - krb5_storage_free; - krb5_storage_from_data; - krb5_storage_from_fd; - krb5_storage_from_mem; - krb5_storage_from_readonly_mem; - krb5_storage_get_byteorder; - krb5_storage_is_flags; - krb5_storage_read; - krb5_storage_seek; - krb5_storage_set_byteorder; - krb5_storage_set_eof_code; - krb5_storage_set_flags; - krb5_storage_to_data; - krb5_storage_write; - krb5_store_address; - krb5_store_addrs; - krb5_store_authdata; - krb5_store_creds; - krb5_store_creds_tag; - krb5_store_data; - krb5_store_int16; - krb5_store_int32; - krb5_store_int8; - krb5_store_keyblock; - krb5_store_principal; - krb5_store_string; - krb5_store_stringnl; - krb5_store_stringz; - krb5_store_times; - krb5_store_uint16; - krb5_store_uint32; - krb5_store_uint8; - krb5_string_to_deltat; - krb5_string_to_enctype; - krb5_string_to_key; - krb5_string_to_key_data; - krb5_string_to_key_data_salt; - krb5_string_to_key_data_salt_opaque; - krb5_string_to_key_derived; - krb5_string_to_key_salt; - krb5_string_to_key_salt_opaque; - krb5_string_to_keytype; - krb5_string_to_salttype; - krb5_ticket_get_authorization_data_type; - krb5_ticket_get_client; - krb5_ticket_get_endtime; - krb5_ticket_get_server; - krb5_timeofday; - krb5_unparse_name; - krb5_unparse_name_fixed; - krb5_unparse_name_fixed_flags; - krb5_unparse_name_fixed_short; - krb5_unparse_name_flags; - krb5_unparse_name_short; - krb5_us_timeofday; - krb5_vabort; - krb5_vabortx; - krb5_verify_ap_req2; - krb5_verify_ap_req; - krb5_verify_authenticator_checksum; - krb5_verify_checksum; - krb5_verify_init_creds; - krb5_verify_init_creds_opt_init; - krb5_verify_init_creds_opt_set_ap_req_nofail; - krb5_verify_opt_alloc; - krb5_verify_opt_free; - krb5_verify_opt_init; - krb5_verify_opt_set_ccache; - krb5_verify_opt_set_flags; - krb5_verify_opt_set_keytab; - krb5_verify_opt_set_secure; - krb5_verify_opt_set_service; - krb5_verify_user; - krb5_verify_user_lrealm; - krb5_verify_user_opt; - krb5_verr; - krb5_verrx; - krb5_vlog; - krb5_vlog_msg; - krb5_vset_error_string; - krb5_vwarn; - krb5_vwarnx; - krb5_warn; - krb5_warnx; - krb5_write_message; - krb5_write_priv_message; - krb5_write_safe_message; - krb5_xfree; - - # com_err error tables - initialize_krb5_error_table_r; - initialize_krb5_error_table; - initialize_krb_error_table_r; - initialize_krb_error_table; - initialize_heim_error_table_r; - initialize_heim_error_table; - initialize_k524_error_table_r; - initialize_k524_error_table; - - # variables - krb5_mcc_ops; - krb5_acc_ops; - krb5_fcc_ops; - krb5_kcm_ops; - krb4_fkt_ops; - krb5_wrfkt_ops; - krb5_mkt_ops; - krb5_fkt_ops; - krb5_akf_ops; - krb5_srvtab_fkt_ops; - krb5_any_ops; - heimdal_version; - heimdal_long_version; - krb5_config_file; - krb5_defkeyname; - - # Shared with GSSAPI krb5 - _krb5_crc_init_table; - _krb5_crc_update; - - # V4 compat glue - _krb5_krb_tf_setup; - _krb5_krb_dest_tkt; - _krb5_krb_life_to_time; - _krb5_krb_decomp_ticket; - _krb5_krb_decomp_ticket; - _krb5_krb_create_ticket; - _krb5_krb_create_ciph; - _krb5_krb_create_auth_reply; - _krb5_krb_rd_req; - _krb5_krb_free_auth_data; - _krb5_krb_time_to_life; - _krb5_krb_cr_err_reply; - - # Shared with libkdc - _krb5_principalname2krb5_principal; - _krb5_principal2principalname; - _krb5_s4u2self_to_checksumdata; - _krb5_put_int; - _krb5_get_int; - _krb5_pk_load_id; - _krb5_parse_moduli; - _krb5_pk_mk_ContentInfo; - _krb5_dh_group_ok; - _krb5_pk_octetstring2key; - _krb5_pk_allow_proxy_certificate; - _krb5_pac_sign; - _krb5_plugin_find; - _krb5_plugin_get_symbol; - _krb5_plugin_get_next; - _krb5_plugin_free; - _krb5_AES_string_to_default_iterator; - _krb5_get_host_realm_int; - - # testing - _krb5_aes_cts_encrypt; - _krb5_n_fold; - _krb5_expand_default_cc_name; - local: - *; -}; diff --git a/crypto/heimdal/lib/krb5/version.c b/crypto/heimdal/lib/krb5/version.c deleted file mode 100644 index f7ccff5bc882..000000000000 --- a/crypto/heimdal/lib/krb5/version.c +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: version.c 7464 1999-12-02 17:05:13Z joda $"); - -/* this is just to get a version stamp in the library file */ - -#define heimdal_version __heimdal_version -#define heimdal_long_version __heimdal_long_version -#include "version.h" - diff --git a/crypto/heimdal/lib/krb5/warn.c b/crypto/heimdal/lib/krb5/warn.c deleted file mode 100644 index 85f143b8b4b6..000000000000 --- a/crypto/heimdal/lib/krb5/warn.c +++ /dev/null @@ -1,211 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" -#include - -RCSID("$Id: warn.c 19086 2006-11-21 08:06:40Z lha $"); - -static krb5_error_code _warnerr(krb5_context context, int do_errtext, - krb5_error_code code, int level, const char *fmt, va_list ap) - __attribute__((__format__(__printf__, 5, 0))); - -static krb5_error_code -_warnerr(krb5_context context, int do_errtext, - krb5_error_code code, int level, const char *fmt, va_list ap) -{ - char xfmt[7] = ""; - const char *args[2], **arg; - char *msg = NULL; - char *err_str = NULL; - - args[0] = args[1] = NULL; - arg = args; - if(fmt){ - strlcat(xfmt, "%s", sizeof(xfmt)); - if(do_errtext) - strlcat(xfmt, ": ", sizeof(xfmt)); - vasprintf(&msg, fmt, ap); - if(msg == NULL) - return ENOMEM; - *arg++ = msg; - } - if(context && do_errtext){ - const char *err_msg; - - strlcat(xfmt, "%s", sizeof(xfmt)); - - err_str = krb5_get_error_string(context); - if (err_str != NULL) { - *arg++ = err_str; - } else { - err_msg = krb5_get_err_text(context, code); - if (err_msg) - *arg++ = err_msg; - else - *arg++ = ""; - } - } - - if(context && context->warn_dest) - krb5_log(context, context->warn_dest, level, xfmt, args[0], args[1]); - else - warnx(xfmt, args[0], args[1]); - free(msg); - free(err_str); - return 0; -} - -#define FUNC(ETEXT, CODE, LEVEL) \ - krb5_error_code ret; \ - va_list ap; \ - va_start(ap, fmt); \ - ret = _warnerr(context, ETEXT, CODE, LEVEL, fmt, ap); \ - va_end(ap); - -#undef __attribute__ -#define __attribute__(X) - -krb5_error_code KRB5_LIB_FUNCTION -krb5_vwarn(krb5_context context, krb5_error_code code, - const char *fmt, va_list ap) - __attribute__ ((format (printf, 3, 0))) -{ - return _warnerr(context, 1, code, 1, fmt, ap); -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_warn(krb5_context context, krb5_error_code code, const char *fmt, ...) - __attribute__ ((format (printf, 3, 4))) -{ - FUNC(1, code, 1); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_vwarnx(krb5_context context, const char *fmt, va_list ap) - __attribute__ ((format (printf, 2, 0))) -{ - return _warnerr(context, 0, 0, 1, fmt, ap); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_warnx(krb5_context context, const char *fmt, ...) - __attribute__ ((format (printf, 2, 3))) -{ - FUNC(0, 0, 1); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_verr(krb5_context context, int eval, krb5_error_code code, - const char *fmt, va_list ap) - __attribute__ ((noreturn, format (printf, 4, 0))) -{ - _warnerr(context, 1, code, 0, fmt, ap); - exit(eval); -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_err(krb5_context context, int eval, krb5_error_code code, - const char *fmt, ...) - __attribute__ ((noreturn, format (printf, 4, 5))) -{ - FUNC(1, code, 0); - exit(eval); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_verrx(krb5_context context, int eval, const char *fmt, va_list ap) - __attribute__ ((noreturn, format (printf, 3, 0))) -{ - _warnerr(context, 0, 0, 0, fmt, ap); - exit(eval); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_errx(krb5_context context, int eval, const char *fmt, ...) - __attribute__ ((noreturn, format (printf, 3, 4))) -{ - FUNC(0, 0, 0); - exit(eval); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_vabort(krb5_context context, krb5_error_code code, - const char *fmt, va_list ap) - __attribute__ ((noreturn, format (printf, 3, 0))) -{ - _warnerr(context, 1, code, 0, fmt, ap); - abort(); -} - - -krb5_error_code KRB5_LIB_FUNCTION -krb5_abort(krb5_context context, krb5_error_code code, const char *fmt, ...) - __attribute__ ((noreturn, format (printf, 3, 4))) -{ - FUNC(1, code, 0); - abort(); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_vabortx(krb5_context context, const char *fmt, va_list ap) - __attribute__ ((noreturn, format (printf, 2, 0))) -{ - _warnerr(context, 0, 0, 0, fmt, ap); - abort(); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_abortx(krb5_context context, const char *fmt, ...) - __attribute__ ((noreturn, format (printf, 2, 3))) -{ - FUNC(0, 0, 0); - abort(); -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_set_warn_dest(krb5_context context, krb5_log_facility *fac) -{ - context->warn_dest = fac; - return 0; -} - -krb5_log_facility * KRB5_LIB_FUNCTION -krb5_get_warn_dest(krb5_context context) -{ - return context->warn_dest; -} diff --git a/crypto/heimdal/lib/krb5/write_message.c b/crypto/heimdal/lib/krb5/write_message.c deleted file mode 100644 index 1694a1075e41..000000000000 --- a/crypto/heimdal/lib/krb5/write_message.c +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb5_locl.h" - -RCSID("$Id: write_message.c 17442 2006-05-05 09:31:15Z lha $"); - -krb5_error_code KRB5_LIB_FUNCTION -krb5_write_message (krb5_context context, - krb5_pointer p_fd, - krb5_data *data) -{ - uint32_t len; - uint8_t buf[4]; - int ret; - - len = data->length; - _krb5_put_int(buf, len, 4); - if (krb5_net_write (context, p_fd, buf, 4) != 4 - || krb5_net_write (context, p_fd, data->data, len) != len) { - ret = errno; - krb5_set_error_string (context, "write: %s", strerror(ret)); - return ret; - } - return 0; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_write_priv_message(krb5_context context, - krb5_auth_context ac, - krb5_pointer p_fd, - krb5_data *data) -{ - krb5_error_code ret; - krb5_data packet; - - ret = krb5_mk_priv (context, ac, data, &packet, NULL); - if(ret) - return ret; - ret = krb5_write_message(context, p_fd, &packet); - krb5_data_free(&packet); - return ret; -} - -krb5_error_code KRB5_LIB_FUNCTION -krb5_write_safe_message(krb5_context context, - krb5_auth_context ac, - krb5_pointer p_fd, - krb5_data *data) -{ - krb5_error_code ret; - krb5_data packet; - ret = krb5_mk_safe (context, ac, data, &packet, NULL); - if(ret) - return ret; - ret = krb5_write_message(context, p_fd, &packet); - krb5_data_free(&packet); - return ret; -} diff --git a/crypto/heimdal/lib/ntlm/ChangeLog b/crypto/heimdal/lib/ntlm/ChangeLog deleted file mode 100644 index b38ae91c4606..000000000000 --- a/crypto/heimdal/lib/ntlm/ChangeLog +++ /dev/null @@ -1,112 +0,0 @@ -2007-12-28 Love Hörnquist Åstrand - - * heimntlm.h: Add NTLM_TARGET_* - - * ntlm.c: Make heim_ntlm_decode_type3 more useful and provide a - username. From Ming Yang. - -2007-11-11 Love Hörnquist Åstrand - - * move doxygen into the main file - - * write doxygen documentation - - * export heim_ntlm_free_buf, start doxygen documentation - -2007-07-17 Love Hörnquist Åstrand - - * ntlm.c: Use unsigned char * as argument to HMAC_Update to please - OpenSSL and gcc. - - * test_ntlm.c: more verbose what we are testing. - -2007-07-10 Love Hörnquist Åstrand - - * Makefile.am: New library version. - -2007-06-20 Love Hörnquist Åstrand - - * test_ntlm.c: heim_ntlm_calculate_ntlm2_sess_resp - - * ntlm.c: Change prototype to match other heim_ntlm_calculate - functions. - - * test_ntlm.c: Its ok if infotarget2 length is longer. - - * ntlm.c: Merge in changes from Puneet Mehra and make work again. - - * ntlm.c (heim_ntlm_ntlmv2_key): target should be uppercase. - From Puneet Mehra. - - * version-script.map: Add heim_ntlm_calculate_ntlm2_sess_resp from - Puneet Mehra. - - * ntlm.c: Add heim_ntlm_calculate_ntlm2_sess_resp from Puneet - Mehra. - - * test_ntlm.c: Test heim_ntlm_calculate_ntlm2_sess_resp from - Puneet Mehra. - -2007-06-08 Love Hörnquist Åstrand - - * Makefile.am: EXTRA_DIST += version-script.map. - -2007-06-03 Love Hörnquist Åstrand - - * test_ntlm.c: Free memory diffrently. - - * ntlm.c: Make free functions free memory. - -2007-04-22 Love Hörnquist Åstrand - - * Makefile.am: symbol versioning. - - * version-script.map: symbol versioning. - -2007-01-31 Love Hörnquist Åstrand - - * test_ntlm.c: No need to include . - -2007-01-04 Love Hörnquist Åstrand - - * Makefile.am: add LIB_roken for test_ntlm - -2006-12-26 Love Hörnquist Åstrand - - * test_ntlm.c: Verify infotarget. - - * ntlm.c: Extract the infotarget from the answer. - - * ntlm.c (heim_ntlm_verify_ntlm2): verify the ntlmv2 reply - -2006-12-22 Dave Love - - * ntlm.c: Include . - -2006-12-20 Love Hörnquist Åstrand - - * test_ntlm.c: add some new tests. - - * ntlm.c: Add ntlmv2 answer calculating functions. - - * ntlm.c: sent lm hashes, needed for NTLM2 session - - * heimntlm.h: Add NTLM_NEG_NTLM2_SESSION, NTLMv2 session security. - -2006-12-19 Love Hörnquist Åstrand - - * ntlm.c (heim_ntlm_build_ntlm1_master): return session master - key. - -2006-12-18 Love Hörnquist Åstrand - - * ntlm.c (heim_ntlm_build_ntlm1_master): calculate the ntlm - version 1 "master" key. - -2006-12-13 Love Hörnquist Åstrand - - * test_ntlm.c: Add simple parser test app. - - * inital version of a NTLM library, only handles ntml version 1 and - ascii strings for now - diff --git a/crypto/heimdal/lib/ntlm/Makefile.am b/crypto/heimdal/lib/ntlm/Makefile.am deleted file mode 100644 index 8d6214168933..000000000000 --- a/crypto/heimdal/lib/ntlm/Makefile.am +++ /dev/null @@ -1,34 +0,0 @@ -# $Id: Makefile.am 22045 2007-11-11 08:57:47Z lha $ - -include $(top_srcdir)/Makefile.am.common - -lib_LTLIBRARIES = libheimntlm.la - -include_HEADERS = heimntlm.h heimntlm-protos.h - -libheimntlm_la_SOURCES = ntlm.c heimntlm.h - -libheimntlm_la_LDFLAGS = -version-info 1:0:1 - -if versionscript -libheimntlm_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map -endif -$(libheimntlm_la_OBJECTS): $(srcdir)/version-script.map - -libheimntlm_la_LIBADD = \ - ../krb5/libkrb5.la \ - $(LIBADD_roken) - -$(srcdir)/heimntlm-protos.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o heimntlm-protos.h $(libheimntlm_la_SOURCES) || rm -f heimntlm-protos.h - -$(libheimntlm_la_OBJECTS): $(srcdir)/heimntlm-protos.h - - -TESTS = test_ntlm - -check_PROGRAMS = test_ntlm - -LDADD = libheimntlm.la $(LIB_roken) - -EXTRA_DIST = version-script.map diff --git a/crypto/heimdal/lib/ntlm/Makefile.in b/crypto/heimdal/lib/ntlm/Makefile.in deleted file mode 100644 index b5c614f89425..000000000000 --- a/crypto/heimdal/lib/ntlm/Makefile.in +++ /dev/null @@ -1,909 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22045 2007-11-11 08:57:47Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(include_HEADERS) $(srcdir)/Makefile.am \ - $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog -@versionscript_TRUE@am__append_1 = $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map -TESTS = test_ntlm$(EXEEXT) -check_PROGRAMS = test_ntlm$(EXEEXT) -subdir = lib/ntlm -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) -LTLIBRARIES = $(lib_LTLIBRARIES) -am__DEPENDENCIES_1 = -libheimntlm_la_DEPENDENCIES = ../krb5/libkrb5.la $(am__DEPENDENCIES_1) -am_libheimntlm_la_OBJECTS = ntlm.lo -libheimntlm_la_OBJECTS = $(am_libheimntlm_la_OBJECTS) -libheimntlm_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(libheimntlm_la_LDFLAGS) $(LDFLAGS) -o $@ -test_ntlm_SOURCES = test_ntlm.c -test_ntlm_OBJECTS = test_ntlm.$(OBJEXT) -test_ntlm_LDADD = $(LDADD) -test_ntlm_DEPENDENCIES = libheimntlm.la $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(libheimntlm_la_SOURCES) test_ntlm.c -DIST_SOURCES = $(libheimntlm_la_SOURCES) test_ntlm.c -includeHEADERS_INSTALL = $(INSTALL_HEADER) -HEADERS = $(include_HEADERS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -lib_LTLIBRARIES = libheimntlm.la -include_HEADERS = heimntlm.h heimntlm-protos.h -libheimntlm_la_SOURCES = ntlm.c heimntlm.h -libheimntlm_la_LDFLAGS = -version-info 1:0:1 $(am__append_1) -libheimntlm_la_LIBADD = \ - ../krb5/libkrb5.la \ - $(LIBADD_roken) - -LDADD = libheimntlm.la $(LIB_roken) -EXTRA_DIST = version-script.map -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/ntlm/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/ntlm/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-libLTLIBRARIES: $(lib_LTLIBRARIES) - @$(NORMAL_INSTALL) - test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ - else :; fi; \ - done - -uninstall-libLTLIBRARIES: - @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ - done - -clean-libLTLIBRARIES: - -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done -libheimntlm.la: $(libheimntlm_la_OBJECTS) $(libheimntlm_la_DEPENDENCIES) - $(libheimntlm_la_LINK) -rpath $(libdir) $(libheimntlm_la_OBJECTS) $(libheimntlm_la_LIBADD) $(LIBS) - -clean-checkPROGRAMS: - @list='$(check_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -test_ntlm$(EXEEXT): $(test_ntlm_OBJECTS) $(test_ntlm_DEPENDENCIES) - @rm -f test_ntlm$(EXEEXT) - $(LINK) $(test_ntlm_OBJECTS) $(test_ntlm_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-includeHEADERS: $(include_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ - done - -uninstall-includeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ - srcdir=$(srcdir); export srcdir; \ - list=' $(TESTS) '; \ - if test -n "$$list"; then \ - for tst in $$list; do \ - if test -f ./$$tst; then dir=./; \ - elif test -f $$tst; then dir=; \ - else dir="$(srcdir)/"; fi; \ - if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xpass=`expr $$xpass + 1`; \ - failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ - ;; \ - *) \ - echo "PASS: $$tst"; \ - ;; \ - esac; \ - elif test $$? -ne 77; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ - ;; \ - *) \ - failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ - ;; \ - esac; \ - else \ - skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ - fi; \ - else \ - if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ - else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ - fi; \ - fi; \ - dashes="$$banner"; \ - skipped=""; \ - if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ - test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$skipped"; \ - fi; \ - report=""; \ - if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ - report="Please report to $(PACKAGE_BUGREPORT)"; \ - test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$report"; \ - fi; \ - dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - test -z "$$skipped" || echo "$$skipped"; \ - test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0; \ - else :; fi - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) - $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local -check: check-am -all-am: Makefile $(LTLIBRARIES) $(HEADERS) all-local -installdirs: - for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-checkPROGRAMS clean-generic clean-libLTLIBRARIES \ - clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-includeHEADERS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-libLTLIBRARIES - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-includeHEADERS uninstall-libLTLIBRARIES - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \ - check-local clean clean-checkPROGRAMS clean-generic \ - clean-libLTLIBRARIES clean-libtool ctags dist-hook distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am \ - install-data-hook install-dvi install-dvi-am install-exec \ - install-exec-am install-exec-hook install-html install-html-am \ - install-includeHEADERS install-info install-info-am \ - install-libLTLIBRARIES install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-hook \ - uninstall-includeHEADERS uninstall-libLTLIBRARIES - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -$(libheimntlm_la_OBJECTS): $(srcdir)/version-script.map - -$(srcdir)/heimntlm-protos.h: - cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o heimntlm-protos.h $(libheimntlm_la_SOURCES) || rm -f heimntlm-protos.h - -$(libheimntlm_la_OBJECTS): $(srcdir)/heimntlm-protos.h -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/lib/ntlm/heimntlm-protos.h b/crypto/heimdal/lib/ntlm/heimntlm-protos.h deleted file mode 100644 index bc64791b4396..000000000000 --- a/crypto/heimdal/lib/ntlm/heimntlm-protos.h +++ /dev/null @@ -1,131 +0,0 @@ -/* This is a generated file */ -#ifndef __heimntlm_protos_h__ -#define __heimntlm_protos_h__ - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -int -heim_ntlm_build_ntlm1_master ( - void */*key*/, - size_t /*len*/, - struct ntlm_buf */*session*/, - struct ntlm_buf */*master*/); - -int -heim_ntlm_calculate_ntlm1 ( - void */*key*/, - size_t /*len*/, - unsigned char challange[8], - struct ntlm_buf */*answer*/); - -int -heim_ntlm_calculate_ntlm2 ( - const void */*key*/, - size_t /*len*/, - const char */*username*/, - const char */*target*/, - const unsigned char serverchallange[8], - const struct ntlm_buf */*infotarget*/, - unsigned char ntlmv2[16], - struct ntlm_buf */*answer*/); - -int -heim_ntlm_calculate_ntlm2_sess ( - const unsigned char clnt_nonce[8], - const unsigned char svr_chal[8], - const unsigned char ntlm_hash[16], - struct ntlm_buf */*lm*/, - struct ntlm_buf */*ntlm*/); - -int -heim_ntlm_decode_targetinfo ( - const struct ntlm_buf */*data*/, - int /*ucs2*/, - struct ntlm_targetinfo */*ti*/); - -int -heim_ntlm_decode_type1 ( - const struct ntlm_buf */*buf*/, - struct ntlm_type1 */*data*/); - -int -heim_ntlm_decode_type2 ( - const struct ntlm_buf */*buf*/, - struct ntlm_type2 */*type2*/); - -int -heim_ntlm_decode_type3 ( - const struct ntlm_buf */*buf*/, - int /*ucs2*/, - struct ntlm_type3 */*type3*/); - -int -heim_ntlm_encode_targetinfo ( - const struct ntlm_targetinfo */*ti*/, - int /*ucs2*/, - struct ntlm_buf */*data*/); - -int -heim_ntlm_encode_type1 ( - const struct ntlm_type1 */*type1*/, - struct ntlm_buf */*data*/); - -int -heim_ntlm_encode_type2 ( - const struct ntlm_type2 */*type2*/, - struct ntlm_buf */*data*/); - -int -heim_ntlm_encode_type3 ( - const struct ntlm_type3 */*type3*/, - struct ntlm_buf */*data*/); - -void -heim_ntlm_free_buf (struct ntlm_buf */*p*/); - -void -heim_ntlm_free_targetinfo (struct ntlm_targetinfo */*ti*/); - -void -heim_ntlm_free_type1 (struct ntlm_type1 */*data*/); - -void -heim_ntlm_free_type2 (struct ntlm_type2 */*data*/); - -void -heim_ntlm_free_type3 (struct ntlm_type3 */*data*/); - -int -heim_ntlm_nt_key ( - const char */*password*/, - struct ntlm_buf */*key*/); - -void -heim_ntlm_ntlmv2_key ( - const void */*key*/, - size_t /*len*/, - const char */*username*/, - const char */*target*/, - unsigned char ntlmv2[16]); - -int -heim_ntlm_verify_ntlm2 ( - const void */*key*/, - size_t /*len*/, - const char */*username*/, - const char */*target*/, - time_t /*now*/, - const unsigned char serverchallange[8], - const struct ntlm_buf */*answer*/, - struct ntlm_buf */*infotarget*/, - unsigned char ntlmv2[16]); - -#ifdef __cplusplus -} -#endif - -#endif /* __heimntlm_protos_h__ */ diff --git a/crypto/heimdal/lib/ntlm/heimntlm.h b/crypto/heimdal/lib/ntlm/heimntlm.h deleted file mode 100644 index 09d2205fd213..000000000000 --- a/crypto/heimdal/lib/ntlm/heimntlm.h +++ /dev/null @@ -1,124 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: heimntlm.h 22376 2007-12-28 18:38:23Z lha $ */ - -#ifndef HEIM_NTLM_H -#define HEIM_NTLM_H - -/** - * Buffer for storing data in the NTLM library. When filled in by the - * library it should be freed with heim_ntlm_free_buf(). - */ -struct ntlm_buf { - size_t length; /**< length buffer data */ - void *data; /**< pointer to the data itself */ -}; - -#define NTLM_NEG_UNICODE 0x00000001 -#define NTLM_NEG_TARGET 0x00000004 -#define NTLM_NEG_SIGN 0x00000010 -#define NTLM_NEG_SEAL 0x00000020 -#define NTLM_NEG_NTLM 0x00000200 - -#define NTLM_SUPPLIED_DOMAIN 0x00001000 -#define NTLM_SUPPLIED_WORKSTAION 0x00002000 - -#define NTLM_NEG_ALWAYS_SIGN 0x00008000 -#define NTLM_NEG_NTLM2_SESSION 0x00080000 - -#define NTLM_TARGET_DOMAIN 0x00010000 -#define NTLM_TARGET_SERVER 0x00020000 -#define NTLM_ENC_128 0x20000000 -#define NTLM_NEG_KEYEX 0x40000000 - -/** - * Struct for the NTLM target info, the strings is assumed to be in - * UTF8. When filled in by the library it should be freed with - * heim_ntlm_free_targetinfo(). - */ -struct ntlm_targetinfo { - char *servername; /**< */ - char *domainname; /**< */ - char *dnsdomainname; /**< */ - char *dnsservername; /**< */ -}; - -/** - * Struct for the NTLM type1 message info, the strings is assumed to - * be in UTF8. When filled in by the library it should be freed with - * heim_ntlm_free_type1(). - */ - -struct ntlm_type1 { - uint32_t flags; /**< */ - char *domain; /**< */ - char *hostname; /**< */ - uint32_t os[2]; /**< */ -}; - -/** - * Struct for the NTLM type2 message info, the strings is assumed to - * be in UTF8. When filled in by the library it should be freed with - * heim_ntlm_free_type2(). - */ - -struct ntlm_type2 { - uint32_t flags; /**< */ - char *targetname; /**< */ - struct ntlm_buf targetinfo; /**< */ - unsigned char challange[8]; /**< */ - uint32_t context[2]; /**< */ - uint32_t os[2]; /**< */ -}; - -/** - * Struct for the NTLM type3 message info, the strings is assumed to - * be in UTF8. When filled in by the library it should be freed with - * heim_ntlm_free_type3(). - */ - -struct ntlm_type3 { - uint32_t flags; /**< */ - char *username; /**< */ - char *targetname; /**< */ - struct ntlm_buf lm; /**< */ - struct ntlm_buf ntlm; /**< */ - struct ntlm_buf sessionkey; /**< */ - char *ws; /**< */ - uint32_t os[2]; /**< */ -}; - -#include - -#endif /* NTLM_NTLM_H */ diff --git a/crypto/heimdal/lib/ntlm/ntlm.c b/crypto/heimdal/lib/ntlm/ntlm.c deleted file mode 100644 index f3dccfaca165..000000000000 --- a/crypto/heimdal/lib/ntlm/ntlm.c +++ /dev/null @@ -1,1364 +0,0 @@ -/* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: ntlm.c 22370 2007-12-28 16:12:01Z lha $"); - -#include -#include -#include -#include -#include -#include -#include - -#include -#include - -#include "krb5-types.h" -#include "crypto-headers.h" - -#include - -/*! \mainpage Heimdal NTLM library - * - * \section intro Introduction - * - * Heimdal libheimntlm library is a implementation of the NTLM - * protocol, both version 1 and 2. The GSS-API mech that uses this - * library adds support for transport encryption and integrity - * checking. - * - * NTLM is a protocol for mutual authentication, its still used in - * many protocol where Kerberos is not support, one example is - * EAP/X802.1x mechanism LEAP from Microsoft and Cisco. - * - * This is a support library for the core protocol, its used in - * Heimdal to implement and GSS-API mechanism. There is also support - * in the KDC to do remote digest authenticiation, this to allow - * services to authenticate users w/o direct access to the users ntlm - * hashes (same as Kerberos arcfour enctype hashes). - * - * More information about the NTLM protocol can found here - * http://davenport.sourceforge.net/ntlm.html . - * - * The Heimdal projects web page: http://www.h5l.org/ - */ - -/** @defgroup ntlm_core Heimdal NTLM library - * - * The NTLM core functions implement the string2key generation - * function, message encode and decode function, and the hash function - * functions. - */ - -struct sec_buffer { - uint16_t length; - uint16_t allocated; - uint32_t offset; -}; - -static const unsigned char ntlmsigature[8] = "NTLMSSP\x00"; - -/* - * - */ - -#define CHECK(f, e) \ - do { ret = f ; if (ret != (e)) { ret = EINVAL; goto out; } } while(0) - -/** - * heim_ntlm_free_buf frees the ntlm buffer - * - * @param p buffer to be freed - * - * @ingroup ntlm_core - */ - -void -heim_ntlm_free_buf(struct ntlm_buf *p) -{ - if (p->data) - free(p->data); - p->data = NULL; - p->length = 0; -} - - -static int -ascii2ucs2le(const char *string, int up, struct ntlm_buf *buf) -{ - unsigned char *p; - size_t len, i; - - len = strlen(string); - if (len / 2 > UINT_MAX) - return ERANGE; - - buf->length = len * 2; - buf->data = malloc(buf->length); - if (buf->data == NULL && len != 0) { - heim_ntlm_free_buf(buf); - return ENOMEM; - } - - p = buf->data; - for (i = 0; i < len; i++) { - unsigned char t = (unsigned char)string[i]; - if (t & 0x80) { - heim_ntlm_free_buf(buf); - return EINVAL; - } - if (up) - t = toupper(t); - p[(i * 2) + 0] = t; - p[(i * 2) + 1] = 0; - } - return 0; -} - -/* - * - */ - -static krb5_error_code -ret_sec_buffer(krb5_storage *sp, struct sec_buffer *buf) -{ - krb5_error_code ret; - CHECK(krb5_ret_uint16(sp, &buf->length), 0); - CHECK(krb5_ret_uint16(sp, &buf->allocated), 0); - CHECK(krb5_ret_uint32(sp, &buf->offset), 0); -out: - return ret; -} - -static krb5_error_code -store_sec_buffer(krb5_storage *sp, const struct sec_buffer *buf) -{ - krb5_error_code ret; - CHECK(krb5_store_uint16(sp, buf->length), 0); - CHECK(krb5_store_uint16(sp, buf->allocated), 0); - CHECK(krb5_store_uint32(sp, buf->offset), 0); -out: - return ret; -} - -/* - * Strings are either OEM or UNICODE. The later is encoded as ucs2 on - * wire, but using utf8 in memory. - */ - -static krb5_error_code -len_string(int ucs2, const char *s) -{ - size_t len = strlen(s); - if (ucs2) - len *= 2; - return len; -} - -static krb5_error_code -ret_string(krb5_storage *sp, int ucs2, struct sec_buffer *desc, char **s) -{ - krb5_error_code ret; - - *s = malloc(desc->length + 1); - CHECK(krb5_storage_seek(sp, desc->offset, SEEK_SET), desc->offset); - CHECK(krb5_storage_read(sp, *s, desc->length), desc->length); - (*s)[desc->length] = '\0'; - - if (ucs2) { - size_t i; - for (i = 0; i < desc->length / 2; i++) { - (*s)[i] = (*s)[i * 2]; - if ((*s)[i * 2 + 1]) { - free(*s); - *s = NULL; - return EINVAL; - } - } - (*s)[i] = '\0'; - } - ret = 0; -out: - return ret; - - return 0; -} - -static krb5_error_code -put_string(krb5_storage *sp, int ucs2, const char *s) -{ - krb5_error_code ret; - struct ntlm_buf buf; - - if (ucs2) { - ret = ascii2ucs2le(s, 0, &buf); - if (ret) - return ret; - } else { - buf.data = rk_UNCONST(s); - buf.length = strlen(s); - } - - CHECK(krb5_storage_write(sp, buf.data, buf.length), buf.length); - if (ucs2) - heim_ntlm_free_buf(&buf); - ret = 0; -out: - return ret; -} - -/* - * - */ - -static krb5_error_code -ret_buf(krb5_storage *sp, struct sec_buffer *desc, struct ntlm_buf *buf) -{ - krb5_error_code ret; - - buf->data = malloc(desc->length); - buf->length = desc->length; - CHECK(krb5_storage_seek(sp, desc->offset, SEEK_SET), desc->offset); - CHECK(krb5_storage_read(sp, buf->data, buf->length), buf->length); - ret = 0; -out: - return ret; -} - -static krb5_error_code -put_buf(krb5_storage *sp, const struct ntlm_buf *buf) -{ - krb5_error_code ret; - CHECK(krb5_storage_write(sp, buf->data, buf->length), buf->length); - ret = 0; -out: - return ret; -} - -/** - * Frees the ntlm_targetinfo message - * - * @param ti targetinfo to be freed - * - * @ingroup ntlm_core - */ - -void -heim_ntlm_free_targetinfo(struct ntlm_targetinfo *ti) -{ - free(ti->servername); - free(ti->domainname); - free(ti->dnsdomainname); - free(ti->dnsservername); - memset(ti, 0, sizeof(*ti)); -} - -static int -encode_ti_blob(krb5_storage *out, uint16_t type, int ucs2, char *s) -{ - krb5_error_code ret; - CHECK(krb5_store_uint16(out, type), 0); - CHECK(krb5_store_uint16(out, len_string(ucs2, s)), 0); - CHECK(put_string(out, ucs2, s), 0); -out: - return ret; -} - -/** - * Encodes a ntlm_targetinfo message. - * - * @param ti the ntlm_targetinfo message to encode. - * @param ucs2 if the strings should be encoded with ucs2 (selected by flag in message). - * @param data is the return buffer with the encoded message, should be - * freed with heim_ntlm_free_buf(). - * - * @return In case of success 0 is return, an errors, a errno in what - * went wrong. - * - * @ingroup ntlm_core - */ - -int -heim_ntlm_encode_targetinfo(const struct ntlm_targetinfo *ti, - int ucs2, - struct ntlm_buf *data) -{ - krb5_error_code ret; - krb5_storage *out; - - data->data = NULL; - data->length = 0; - - out = krb5_storage_emem(); - if (out == NULL) - return ENOMEM; - - if (ti->servername) - CHECK(encode_ti_blob(out, 1, ucs2, ti->servername), 0); - if (ti->domainname) - CHECK(encode_ti_blob(out, 2, ucs2, ti->domainname), 0); - if (ti->dnsservername) - CHECK(encode_ti_blob(out, 3, ucs2, ti->dnsservername), 0); - if (ti->dnsdomainname) - CHECK(encode_ti_blob(out, 4, ucs2, ti->dnsdomainname), 0); - - /* end tag */ - CHECK(krb5_store_int16(out, 0), 0); - CHECK(krb5_store_int16(out, 0), 0); - - { - krb5_data d; - ret = krb5_storage_to_data(out, &d); - data->data = d.data; - data->length = d.length; - } -out: - krb5_storage_free(out); - return ret; -} - -/** - * Decodes an NTLM targetinfo message - * - * @param data input data buffer with the encode NTLM targetinfo message - * @param ucs2 if the strings should be encoded with ucs2 (selected by flag in message). - * @param ti the decoded target info, should be freed with heim_ntlm_free_targetinfo(). - * - * @return In case of success 0 is return, an errors, a errno in what - * went wrong. - * - * @ingroup ntlm_core - */ - -int -heim_ntlm_decode_targetinfo(const struct ntlm_buf *data, - int ucs2, - struct ntlm_targetinfo *ti) -{ - memset(ti, 0, sizeof(*ti)); - return 0; -} - -/** - * Frees the ntlm_type1 message - * - * @param data message to be freed - * - * @ingroup ntlm_core - */ - -void -heim_ntlm_free_type1(struct ntlm_type1 *data) -{ - if (data->domain) - free(data->domain); - if (data->hostname) - free(data->hostname); - memset(data, 0, sizeof(*data)); -} - -int -heim_ntlm_decode_type1(const struct ntlm_buf *buf, struct ntlm_type1 *data) -{ - krb5_error_code ret; - unsigned char sig[8]; - uint32_t type; - struct sec_buffer domain, hostname; - krb5_storage *in; - - memset(data, 0, sizeof(*data)); - - in = krb5_storage_from_readonly_mem(buf->data, buf->length); - if (in == NULL) { - ret = EINVAL; - goto out; - } - krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE); - - CHECK(krb5_storage_read(in, sig, sizeof(sig)), sizeof(sig)); - CHECK(memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0); - CHECK(krb5_ret_uint32(in, &type), 0); - CHECK(type, 1); - CHECK(krb5_ret_uint32(in, &data->flags), 0); - if (data->flags & NTLM_SUPPLIED_DOMAIN) - CHECK(ret_sec_buffer(in, &domain), 0); - if (data->flags & NTLM_SUPPLIED_WORKSTAION) - CHECK(ret_sec_buffer(in, &hostname), 0); -#if 0 - if (domain.offset > 32) { - CHECK(krb5_ret_uint32(in, &data->os[0]), 0); - CHECK(krb5_ret_uint32(in, &data->os[1]), 0); - } -#endif - if (data->flags & NTLM_SUPPLIED_DOMAIN) - CHECK(ret_string(in, 0, &domain, &data->domain), 0); - if (data->flags & NTLM_SUPPLIED_WORKSTAION) - CHECK(ret_string(in, 0, &hostname, &data->hostname), 0); - -out: - krb5_storage_free(in); - if (ret) - heim_ntlm_free_type1(data); - - return ret; -} - -/** - * Encodes an ntlm_type1 message. - * - * @param type1 the ntlm_type1 message to encode. - * @param data is the return buffer with the encoded message, should be - * freed with heim_ntlm_free_buf(). - * - * @return In case of success 0 is return, an errors, a errno in what - * went wrong. - * - * @ingroup ntlm_core - */ - -int -heim_ntlm_encode_type1(const struct ntlm_type1 *type1, struct ntlm_buf *data) -{ - krb5_error_code ret; - struct sec_buffer domain, hostname; - krb5_storage *out; - uint32_t base, flags; - - flags = type1->flags; - base = 16; - - if (type1->domain) { - base += 8; - flags |= NTLM_SUPPLIED_DOMAIN; - } - if (type1->hostname) { - base += 8; - flags |= NTLM_SUPPLIED_WORKSTAION; - } - if (type1->os[0]) - base += 8; - - if (type1->domain) { - domain.offset = base; - domain.length = len_string(0, type1->domain); - domain.allocated = domain.length; - } - if (type1->hostname) { - hostname.offset = domain.allocated + domain.offset; - hostname.length = len_string(0, type1->hostname); - hostname.allocated = hostname.length; - } - - out = krb5_storage_emem(); - if (out == NULL) - return ENOMEM; - - krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE); - CHECK(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)), - sizeof(ntlmsigature)); - CHECK(krb5_store_uint32(out, 1), 0); - CHECK(krb5_store_uint32(out, flags), 0); - - if (type1->domain) - CHECK(store_sec_buffer(out, &domain), 0); - if (type1->hostname) - CHECK(store_sec_buffer(out, &hostname), 0); - if (type1->os[0]) { - CHECK(krb5_store_uint32(out, type1->os[0]), 0); - CHECK(krb5_store_uint32(out, type1->os[1]), 0); - } - if (type1->domain) - CHECK(put_string(out, 0, type1->domain), 0); - if (type1->hostname) - CHECK(put_string(out, 0, type1->hostname), 0); - - { - krb5_data d; - ret = krb5_storage_to_data(out, &d); - data->data = d.data; - data->length = d.length; - } -out: - krb5_storage_free(out); - - return ret; -} - -/** - * Frees the ntlm_type2 message - * - * @param data message to be freed - * - * @ingroup ntlm_core - */ - -void -heim_ntlm_free_type2(struct ntlm_type2 *data) -{ - if (data->targetname) - free(data->targetname); - heim_ntlm_free_buf(&data->targetinfo); - memset(data, 0, sizeof(*data)); -} - -int -heim_ntlm_decode_type2(const struct ntlm_buf *buf, struct ntlm_type2 *type2) -{ - krb5_error_code ret; - unsigned char sig[8]; - uint32_t type, ctx[2]; - struct sec_buffer targetname, targetinfo; - krb5_storage *in; - int ucs2 = 0; - - memset(type2, 0, sizeof(*type2)); - - in = krb5_storage_from_readonly_mem(buf->data, buf->length); - if (in == NULL) { - ret = EINVAL; - goto out; - } - krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE); - - CHECK(krb5_storage_read(in, sig, sizeof(sig)), sizeof(sig)); - CHECK(memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0); - CHECK(krb5_ret_uint32(in, &type), 0); - CHECK(type, 2); - - CHECK(ret_sec_buffer(in, &targetname), 0); - CHECK(krb5_ret_uint32(in, &type2->flags), 0); - if (type2->flags & NTLM_NEG_UNICODE) - ucs2 = 1; - CHECK(krb5_storage_read(in, type2->challange, sizeof(type2->challange)), - sizeof(type2->challange)); - CHECK(krb5_ret_uint32(in, &ctx[0]), 0); /* context */ - CHECK(krb5_ret_uint32(in, &ctx[1]), 0); - CHECK(ret_sec_buffer(in, &targetinfo), 0); - /* os version */ -#if 0 - CHECK(krb5_ret_uint32(in, &type2->os[0]), 0); - CHECK(krb5_ret_uint32(in, &type2->os[1]), 0); -#endif - - CHECK(ret_string(in, ucs2, &targetname, &type2->targetname), 0); - CHECK(ret_buf(in, &targetinfo, &type2->targetinfo), 0); - ret = 0; - -out: - krb5_storage_free(in); - if (ret) - heim_ntlm_free_type2(type2); - - return ret; -} - -/** - * Encodes an ntlm_type2 message. - * - * @param type2 the ntlm_type2 message to encode. - * @param data is the return buffer with the encoded message, should be - * freed with heim_ntlm_free_buf(). - * - * @return In case of success 0 is return, an errors, a errno in what - * went wrong. - * - * @ingroup ntlm_core - */ - -int -heim_ntlm_encode_type2(const struct ntlm_type2 *type2, struct ntlm_buf *data) -{ - struct sec_buffer targetname, targetinfo; - krb5_error_code ret; - krb5_storage *out = NULL; - uint32_t base; - int ucs2 = 0; - - if (type2->os[0]) - base = 56; - else - base = 48; - - if (type2->flags & NTLM_NEG_UNICODE) - ucs2 = 1; - - targetname.offset = base; - targetname.length = len_string(ucs2, type2->targetname); - targetname.allocated = targetname.length; - - targetinfo.offset = targetname.allocated + targetname.offset; - targetinfo.length = type2->targetinfo.length; - targetinfo.allocated = type2->targetinfo.length; - - out = krb5_storage_emem(); - if (out == NULL) - return ENOMEM; - - krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE); - CHECK(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)), - sizeof(ntlmsigature)); - CHECK(krb5_store_uint32(out, 2), 0); - CHECK(store_sec_buffer(out, &targetname), 0); - CHECK(krb5_store_uint32(out, type2->flags), 0); - CHECK(krb5_storage_write(out, type2->challange, sizeof(type2->challange)), - sizeof(type2->challange)); - CHECK(krb5_store_uint32(out, 0), 0); /* context */ - CHECK(krb5_store_uint32(out, 0), 0); - CHECK(store_sec_buffer(out, &targetinfo), 0); - /* os version */ - if (type2->os[0]) { - CHECK(krb5_store_uint32(out, type2->os[0]), 0); - CHECK(krb5_store_uint32(out, type2->os[1]), 0); - } - CHECK(put_string(out, ucs2, type2->targetname), 0); - CHECK(krb5_storage_write(out, type2->targetinfo.data, - type2->targetinfo.length), - type2->targetinfo.length); - - { - krb5_data d; - ret = krb5_storage_to_data(out, &d); - data->data = d.data; - data->length = d.length; - } - -out: - krb5_storage_free(out); - - return ret; -} - -/** - * Frees the ntlm_type3 message - * - * @param data message to be freed - * - * @ingroup ntlm_core - */ - -void -heim_ntlm_free_type3(struct ntlm_type3 *data) -{ - heim_ntlm_free_buf(&data->lm); - heim_ntlm_free_buf(&data->ntlm); - if (data->targetname) - free(data->targetname); - if (data->username) - free(data->username); - if (data->ws) - free(data->ws); - heim_ntlm_free_buf(&data->sessionkey); - memset(data, 0, sizeof(*data)); -} - -/* - * - */ - -int -heim_ntlm_decode_type3(const struct ntlm_buf *buf, - int ucs2, - struct ntlm_type3 *type3) -{ - krb5_error_code ret; - unsigned char sig[8]; - uint32_t type; - krb5_storage *in; - struct sec_buffer lm, ntlm, target, username, sessionkey, ws; - - memset(type3, 0, sizeof(*type3)); - memset(&sessionkey, 0, sizeof(sessionkey)); - - in = krb5_storage_from_readonly_mem(buf->data, buf->length); - if (in == NULL) { - ret = EINVAL; - goto out; - } - krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE); - - CHECK(krb5_storage_read(in, sig, sizeof(sig)), sizeof(sig)); - CHECK(memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0); - CHECK(krb5_ret_uint32(in, &type), 0); - CHECK(type, 3); - CHECK(ret_sec_buffer(in, &lm), 0); - CHECK(ret_sec_buffer(in, &ntlm), 0); - CHECK(ret_sec_buffer(in, &target), 0); - CHECK(ret_sec_buffer(in, &username), 0); - CHECK(ret_sec_buffer(in, &ws), 0); - if (lm.offset >= 60) { - CHECK(ret_sec_buffer(in, &sessionkey), 0); - } - if (lm.offset >= 64) { - CHECK(krb5_ret_uint32(in, &type3->flags), 0); - } - if (lm.offset >= 72) { - CHECK(krb5_ret_uint32(in, &type3->os[0]), 0); - CHECK(krb5_ret_uint32(in, &type3->os[1]), 0); - } - CHECK(ret_buf(in, &lm, &type3->lm), 0); - CHECK(ret_buf(in, &ntlm, &type3->ntlm), 0); - CHECK(ret_string(in, ucs2, &target, &type3->targetname), 0); - CHECK(ret_string(in, ucs2, &username, &type3->username), 0); - CHECK(ret_string(in, ucs2, &ws, &type3->ws), 0); - if (sessionkey.offset) - CHECK(ret_buf(in, &sessionkey, &type3->sessionkey), 0); - -out: - krb5_storage_free(in); - if (ret) - heim_ntlm_free_type3(type3); - - return ret; -} - -/** - * Encodes an ntlm_type3 message. - * - * @param type3 the ntlm_type3 message to encode. - * @param data is the return buffer with the encoded message, should be - * freed with heim_ntlm_free_buf(). - * - * @return In case of success 0 is return, an errors, a errno in what - * went wrong. - * - * @ingroup ntlm_core - */ - -int -heim_ntlm_encode_type3(const struct ntlm_type3 *type3, struct ntlm_buf *data) -{ - struct sec_buffer lm, ntlm, target, username, sessionkey, ws; - krb5_error_code ret; - krb5_storage *out = NULL; - uint32_t base; - int ucs2 = 0; - - memset(&lm, 0, sizeof(lm)); - memset(&ntlm, 0, sizeof(ntlm)); - memset(&target, 0, sizeof(target)); - memset(&username, 0, sizeof(username)); - memset(&ws, 0, sizeof(ws)); - memset(&sessionkey, 0, sizeof(sessionkey)); - - base = 52; - if (type3->sessionkey.length) { - base += 8; /* sessionkey sec buf */ - base += 4; /* flags */ - } - if (type3->os[0]) { - base += 8; - } - - if (type3->flags & NTLM_NEG_UNICODE) - ucs2 = 1; - - lm.offset = base; - lm.length = type3->lm.length; - lm.allocated = type3->lm.length; - - ntlm.offset = lm.offset + lm.allocated; - ntlm.length = type3->ntlm.length; - ntlm.allocated = ntlm.length; - - target.offset = ntlm.offset + ntlm.allocated; - target.length = len_string(ucs2, type3->targetname); - target.allocated = target.length; - - username.offset = target.offset + target.allocated; - username.length = len_string(ucs2, type3->username); - username.allocated = username.length; - - ws.offset = username.offset + username.allocated; - ws.length = len_string(ucs2, type3->ws); - ws.allocated = ws.length; - - sessionkey.offset = ws.offset + ws.allocated; - sessionkey.length = type3->sessionkey.length; - sessionkey.allocated = type3->sessionkey.length; - - out = krb5_storage_emem(); - if (out == NULL) - return ENOMEM; - - krb5_storage_set_byteorder(out, KRB5_STORAGE_BYTEORDER_LE); - CHECK(krb5_storage_write(out, ntlmsigature, sizeof(ntlmsigature)), - sizeof(ntlmsigature)); - CHECK(krb5_store_uint32(out, 3), 0); - - CHECK(store_sec_buffer(out, &lm), 0); - CHECK(store_sec_buffer(out, &ntlm), 0); - CHECK(store_sec_buffer(out, &target), 0); - CHECK(store_sec_buffer(out, &username), 0); - CHECK(store_sec_buffer(out, &ws), 0); - /* optional */ - if (type3->sessionkey.length) { - CHECK(store_sec_buffer(out, &sessionkey), 0); - CHECK(krb5_store_uint32(out, type3->flags), 0); - } -#if 0 - CHECK(krb5_store_uint32(out, 0), 0); /* os0 */ - CHECK(krb5_store_uint32(out, 0), 0); /* os1 */ -#endif - - CHECK(put_buf(out, &type3->lm), 0); - CHECK(put_buf(out, &type3->ntlm), 0); - CHECK(put_string(out, ucs2, type3->targetname), 0); - CHECK(put_string(out, ucs2, type3->username), 0); - CHECK(put_string(out, ucs2, type3->ws), 0); - CHECK(put_buf(out, &type3->sessionkey), 0); - - { - krb5_data d; - ret = krb5_storage_to_data(out, &d); - data->data = d.data; - data->length = d.length; - } - -out: - krb5_storage_free(out); - - return ret; -} - - -/* - * - */ - -static void -splitandenc(unsigned char *hash, - unsigned char *challange, - unsigned char *answer) -{ - DES_cblock key; - DES_key_schedule sched; - - ((unsigned char*)key)[0] = hash[0]; - ((unsigned char*)key)[1] = (hash[0] << 7) | (hash[1] >> 1); - ((unsigned char*)key)[2] = (hash[1] << 6) | (hash[2] >> 2); - ((unsigned char*)key)[3] = (hash[2] << 5) | (hash[3] >> 3); - ((unsigned char*)key)[4] = (hash[3] << 4) | (hash[4] >> 4); - ((unsigned char*)key)[5] = (hash[4] << 3) | (hash[5] >> 5); - ((unsigned char*)key)[6] = (hash[5] << 2) | (hash[6] >> 6); - ((unsigned char*)key)[7] = (hash[6] << 1); - - DES_set_odd_parity(&key); - DES_set_key(&key, &sched); - DES_ecb_encrypt((DES_cblock *)challange, (DES_cblock *)answer, &sched, 1); - memset(&sched, 0, sizeof(sched)); - memset(key, 0, sizeof(key)); -} - -/** - * Calculate the NTLM key, the password is assumed to be in UTF8. - * - * @param password password to calcute the key for. - * @param key calcuted key, should be freed with heim_ntlm_free_buf(). - * - * @return In case of success 0 is return, an errors, a errno in what - * went wrong. - * - * @ingroup ntlm_core - */ - -int -heim_ntlm_nt_key(const char *password, struct ntlm_buf *key) -{ - struct ntlm_buf buf; - MD4_CTX ctx; - int ret; - - key->data = malloc(MD5_DIGEST_LENGTH); - if (key->data == NULL) - return ENOMEM; - key->length = MD5_DIGEST_LENGTH; - - ret = ascii2ucs2le(password, 0, &buf); - if (ret) { - heim_ntlm_free_buf(key); - return ret; - } - MD4_Init(&ctx); - MD4_Update(&ctx, buf.data, buf.length); - MD4_Final(key->data, &ctx); - heim_ntlm_free_buf(&buf); - return 0; -} - -/** - * Calculate NTLMv1 response hash - * - * @param key the ntlm v1 key - * @param len length of key - * @param challange sent by the server - * @param answer calculated answer, should be freed with heim_ntlm_free_buf(). - * - * @return In case of success 0 is return, an errors, a errno in what - * went wrong. - * - * @ingroup ntlm_core - */ - -int -heim_ntlm_calculate_ntlm1(void *key, size_t len, - unsigned char challange[8], - struct ntlm_buf *answer) -{ - unsigned char res[21]; - - if (len != MD4_DIGEST_LENGTH) - return EINVAL; - - memcpy(res, key, len); - memset(&res[MD4_DIGEST_LENGTH], 0, sizeof(res) - MD4_DIGEST_LENGTH); - - answer->data = malloc(24); - if (answer->data == NULL) - return ENOMEM; - answer->length = 24; - - splitandenc(&res[0], challange, ((unsigned char *)answer->data) + 0); - splitandenc(&res[7], challange, ((unsigned char *)answer->data) + 8); - splitandenc(&res[14], challange, ((unsigned char *)answer->data) + 16); - - return 0; -} - -/** - * Generates an NTLMv1 session random with assosited session master key. - * - * @param key the ntlm v1 key - * @param len length of key - * @param session generated session nonce, should be freed with heim_ntlm_free_buf(). - * @param master calculated session master key, should be freed with heim_ntlm_free_buf(). - * - * @return In case of success 0 is return, an errors, a errno in what - * went wrong. - * - * @ingroup ntlm_core - */ - -int -heim_ntlm_build_ntlm1_master(void *key, size_t len, - struct ntlm_buf *session, - struct ntlm_buf *master) -{ - RC4_KEY rc4; - - memset(master, 0, sizeof(*master)); - memset(session, 0, sizeof(*session)); - - if (len != MD4_DIGEST_LENGTH) - return EINVAL; - - session->length = MD4_DIGEST_LENGTH; - session->data = malloc(session->length); - if (session->data == NULL) { - session->length = 0; - return EINVAL; - } - master->length = MD4_DIGEST_LENGTH; - master->data = malloc(master->length); - if (master->data == NULL) { - heim_ntlm_free_buf(master); - heim_ntlm_free_buf(session); - return EINVAL; - } - - { - unsigned char sessionkey[MD4_DIGEST_LENGTH]; - MD4_CTX ctx; - - MD4_Init(&ctx); - MD4_Update(&ctx, key, len); - MD4_Final(sessionkey, &ctx); - - RC4_set_key(&rc4, sizeof(sessionkey), sessionkey); - } - - if (RAND_bytes(session->data, session->length) != 1) { - heim_ntlm_free_buf(master); - heim_ntlm_free_buf(session); - return EINVAL; - } - - RC4(&rc4, master->length, session->data, master->data); - memset(&rc4, 0, sizeof(rc4)); - - return 0; -} - -/** - * Generates an NTLMv2 session key. - * - * @param key the ntlm key - * @param len length of key - * @param username name of the user, as sent in the message, assumed to be in UTF8. - * @param target the name of the target, assumed to be in UTF8. - * @param ntlmv2 the ntlmv2 session key - * - * @ingroup ntlm_core - */ - -void -heim_ntlm_ntlmv2_key(const void *key, size_t len, - const char *username, - const char *target, - unsigned char ntlmv2[16]) -{ - unsigned int hmaclen; - HMAC_CTX c; - - HMAC_CTX_init(&c); - HMAC_Init_ex(&c, key, len, EVP_md5(), NULL); - { - struct ntlm_buf buf; - /* uppercase username and turn it inte ucs2-le */ - ascii2ucs2le(username, 1, &buf); - HMAC_Update(&c, buf.data, buf.length); - free(buf.data); - /* uppercase target and turn into ucs2-le */ - ascii2ucs2le(target, 1, &buf); - HMAC_Update(&c, buf.data, buf.length); - free(buf.data); - } - HMAC_Final(&c, ntlmv2, &hmaclen); - HMAC_CTX_cleanup(&c); - -} - -/* - * - */ - -#define NTTIME_EPOCH 0x019DB1DED53E8000LL - -static uint64_t -unix2nttime(time_t unix_time) -{ - long long wt; - wt = unix_time * (uint64_t)10000000 + (uint64_t)NTTIME_EPOCH; - return wt; -} - -static time_t -nt2unixtime(uint64_t t) -{ - t = ((t - (uint64_t)NTTIME_EPOCH) / (uint64_t)10000000); - if (t > (((time_t)(~(uint64_t)0)) >> 1)) - return 0; - return (time_t)t; -} - - -/** - * Calculate NTLMv2 response - * - * @param key the ntlm key - * @param len length of key - * @param username name of the user, as sent in the message, assumed to be in UTF8. - * @param target the name of the target, assumed to be in UTF8. - * @param serverchallange challange as sent by the server in the type2 message. - * @param infotarget infotarget as sent by the server in the type2 message. - * @param ntlmv2 calculated session key - * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf(). - * - * @return In case of success 0 is return, an errors, a errno in what - * went wrong. - * - * @ingroup ntlm_core - */ - -int -heim_ntlm_calculate_ntlm2(const void *key, size_t len, - const char *username, - const char *target, - const unsigned char serverchallange[8], - const struct ntlm_buf *infotarget, - unsigned char ntlmv2[16], - struct ntlm_buf *answer) -{ - krb5_error_code ret; - krb5_data data; - unsigned int hmaclen; - unsigned char ntlmv2answer[16]; - krb5_storage *sp; - unsigned char clientchallange[8]; - HMAC_CTX c; - uint64_t t; - - t = unix2nttime(time(NULL)); - - if (RAND_bytes(clientchallange, sizeof(clientchallange)) != 1) - return EINVAL; - - /* calculate ntlmv2 key */ - - heim_ntlm_ntlmv2_key(key, len, username, target, ntlmv2); - - /* calculate and build ntlmv2 answer */ - - sp = krb5_storage_emem(); - if (sp == NULL) - return ENOMEM; - krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE); - - CHECK(krb5_store_uint32(sp, 0x00000101), 0); - CHECK(krb5_store_uint32(sp, 0), 0); - /* timestamp le 64 bit ts */ - CHECK(krb5_store_uint32(sp, t & 0xffffffff), 0); - CHECK(krb5_store_uint32(sp, t >> 32), 0); - - CHECK(krb5_storage_write(sp, clientchallange, 8), 8); - - CHECK(krb5_store_uint32(sp, 0), 0); /* unknown but zero will work */ - CHECK(krb5_storage_write(sp, infotarget->data, infotarget->length), - infotarget->length); - CHECK(krb5_store_uint32(sp, 0), 0); /* unknown but zero will work */ - - CHECK(krb5_storage_to_data(sp, &data), 0); - krb5_storage_free(sp); - sp = NULL; - - HMAC_CTX_init(&c); - HMAC_Init_ex(&c, ntlmv2, 16, EVP_md5(), NULL); - HMAC_Update(&c, serverchallange, 8); - HMAC_Update(&c, data.data, data.length); - HMAC_Final(&c, ntlmv2answer, &hmaclen); - HMAC_CTX_cleanup(&c); - - sp = krb5_storage_emem(); - if (sp == NULL) { - krb5_data_free(&data); - return ENOMEM; - } - - CHECK(krb5_storage_write(sp, ntlmv2answer, 16), 16); - CHECK(krb5_storage_write(sp, data.data, data.length), data.length); - krb5_data_free(&data); - - CHECK(krb5_storage_to_data(sp, &data), 0); - krb5_storage_free(sp); - sp = NULL; - - answer->data = data.data; - answer->length = data.length; - - return 0; -out: - if (sp) - krb5_storage_free(sp); - return ret; -} - -static const int authtimediff = 3600 * 2; /* 2 hours */ - -/** - * Verify NTLMv2 response. - * - * @param key the ntlm key - * @param len length of key - * @param username name of the user, as sent in the message, assumed to be in UTF8. - * @param target the name of the target, assumed to be in UTF8. - * @param now the time now (0 if the library should pick it up itself) - * @param serverchallange challange as sent by the server in the type2 message. - * @param answer ntlm response answer, should be freed with heim_ntlm_free_buf(). - * @param infotarget infotarget as sent by the server in the type2 message. - * @param ntlmv2 calculated session key - * - * @return In case of success 0 is return, an errors, a errno in what - * went wrong. - * - * @ingroup ntlm_core - */ - -int -heim_ntlm_verify_ntlm2(const void *key, size_t len, - const char *username, - const char *target, - time_t now, - const unsigned char serverchallange[8], - const struct ntlm_buf *answer, - struct ntlm_buf *infotarget, - unsigned char ntlmv2[16]) -{ - krb5_error_code ret; - unsigned int hmaclen; - unsigned char clientanswer[16]; - unsigned char clientnonce[8]; - unsigned char serveranswer[16]; - krb5_storage *sp; - HMAC_CTX c; - uint64_t t; - time_t authtime; - uint32_t temp; - - infotarget->length = 0; - infotarget->data = NULL; - - if (answer->length < 16) - return EINVAL; - - if (now == 0) - now = time(NULL); - - /* calculate ntlmv2 key */ - - heim_ntlm_ntlmv2_key(key, len, username, target, ntlmv2); - - /* calculate and build ntlmv2 answer */ - - sp = krb5_storage_from_readonly_mem(answer->data, answer->length); - if (sp == NULL) - return ENOMEM; - krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE); - - CHECK(krb5_storage_read(sp, clientanswer, 16), 16); - - CHECK(krb5_ret_uint32(sp, &temp), 0); - CHECK(temp, 0x00000101); - CHECK(krb5_ret_uint32(sp, &temp), 0); - CHECK(temp, 0); - /* timestamp le 64 bit ts */ - CHECK(krb5_ret_uint32(sp, &temp), 0); - t = temp; - CHECK(krb5_ret_uint32(sp, &temp), 0); - t |= ((uint64_t)temp)<< 32; - - authtime = nt2unixtime(t); - - if (abs((int)(authtime - now)) > authtimediff) { - ret = EINVAL; - goto out; - } - - /* client challange */ - CHECK(krb5_storage_read(sp, clientnonce, 8), 8); - - CHECK(krb5_ret_uint32(sp, &temp), 0); /* unknown */ - - /* should really unparse the infotarget, but lets pick up everything */ - infotarget->length = answer->length - krb5_storage_seek(sp, 0, SEEK_CUR); - infotarget->data = malloc(infotarget->length); - if (infotarget->data == NULL) { - ret = ENOMEM; - goto out; - } - CHECK(krb5_storage_read(sp, infotarget->data, infotarget->length), - infotarget->length); - /* XXX remove the unknown ?? */ - krb5_storage_free(sp); - sp = NULL; - - HMAC_CTX_init(&c); - HMAC_Init_ex(&c, ntlmv2, 16, EVP_md5(), NULL); - HMAC_Update(&c, serverchallange, 8); - HMAC_Update(&c, ((unsigned char *)answer->data) + 16, answer->length - 16); - HMAC_Final(&c, serveranswer, &hmaclen); - HMAC_CTX_cleanup(&c); - - if (memcmp(serveranswer, clientanswer, 16) != 0) { - heim_ntlm_free_buf(infotarget); - return EINVAL; - } - - return 0; -out: - heim_ntlm_free_buf(infotarget); - if (sp) - krb5_storage_free(sp); - return ret; -} - - -/* - * Calculate the NTLM2 Session Response - * - * @param clnt_nonce client nonce - * @param svr_chal server challage - * @param ntlm2_hash ntlm hash - * @param lm The LM response, should be freed with heim_ntlm_free_buf(). - * @param ntlm The NTLM response, should be freed with heim_ntlm_free_buf(). - * - * @return In case of success 0 is return, an errors, a errno in what - * went wrong. - * - * @ingroup ntlm_core - */ - -int -heim_ntlm_calculate_ntlm2_sess(const unsigned char clnt_nonce[8], - const unsigned char svr_chal[8], - const unsigned char ntlm_hash[16], - struct ntlm_buf *lm, - struct ntlm_buf *ntlm) -{ - unsigned char ntlm2_sess_hash[MD5_DIGEST_LENGTH]; - unsigned char res[21], *resp; - MD5_CTX md5; - - lm->data = malloc(24); - if (lm->data == NULL) - return ENOMEM; - lm->length = 24; - - ntlm->data = malloc(24); - if (ntlm->data == NULL) { - free(lm->data); - lm->data = NULL; - return ENOMEM; - } - ntlm->length = 24; - - /* first setup the lm resp */ - memset(lm->data, 0, 24); - memcpy(lm->data, clnt_nonce, 8); - - MD5_Init(&md5); - MD5_Update(&md5, svr_chal, 8); /* session nonce part 1 */ - MD5_Update(&md5, clnt_nonce, 8); /* session nonce part 2 */ - MD5_Final(ntlm2_sess_hash, &md5); /* will only use first 8 bytes */ - - memset(res, 0, sizeof(res)); - memcpy(res, ntlm_hash, 16); - - resp = ntlm->data; - splitandenc(&res[0], ntlm2_sess_hash, resp + 0); - splitandenc(&res[7], ntlm2_sess_hash, resp + 8); - splitandenc(&res[14], ntlm2_sess_hash, resp + 16); - - return 0; -} diff --git a/crypto/heimdal/lib/ntlm/test_ntlm.c b/crypto/heimdal/lib/ntlm/test_ntlm.c deleted file mode 100644 index 11eceb01cc6d..000000000000 --- a/crypto/heimdal/lib/ntlm/test_ntlm.c +++ /dev/null @@ -1,339 +0,0 @@ -/* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "config.h" - -#include -#include -#include -#include - -RCSID("$Id: test_ntlm.c 22377 2007-12-28 18:38:53Z lha $"); - -#include -#include - -static int -test_parse(void) -{ - const char *user = "foo", - *domain = "mydomain", - *password = "digestpassword", - *target = "DOMAIN"; - struct ntlm_type1 type1; - struct ntlm_type2 type2; - struct ntlm_type3 type3; - struct ntlm_buf data; - krb5_error_code ret; - int flags; - - memset(&type1, 0, sizeof(type1)); - - type1.flags = NTLM_NEG_UNICODE|NTLM_NEG_TARGET|NTLM_NEG_NTLM; - type1.domain = rk_UNCONST(domain); - type1.hostname = NULL; - type1.os[0] = 0; - type1.os[1] = 0; - - ret = heim_ntlm_encode_type1(&type1, &data); - if (ret) - errx(1, "heim_ntlm_encode_type1"); - - memset(&type1, 0, sizeof(type1)); - - ret = heim_ntlm_decode_type1(&data, &type1); - free(data.data); - if (ret) - errx(1, "heim_ntlm_encode_type1"); - - heim_ntlm_free_type1(&type1); - - /* - * - */ - - memset(&type2, 0, sizeof(type2)); - - flags = NTLM_NEG_UNICODE | NTLM_NEG_NTLM | NTLM_TARGET_DOMAIN; - type2.flags = flags; - - memset(type2.challange, 0x7f, sizeof(type2.challange)); - type2.targetname = rk_UNCONST(target); - type2.targetinfo.data = NULL; - type2.targetinfo.length = 0; - - ret = heim_ntlm_encode_type2(&type2, &data); - if (ret) - errx(1, "heim_ntlm_encode_type2"); - - memset(&type2, 0, sizeof(type2)); - - ret = heim_ntlm_decode_type2(&data, &type2); - free(data.data); - if (ret) - errx(1, "heim_ntlm_decode_type2"); - - heim_ntlm_free_type2(&type2); - - /* - * - */ - - memset(&type3, 0, sizeof(type3)); - - type3.flags = flags; - type3.username = rk_UNCONST(user); - type3.targetname = rk_UNCONST(target); - type3.ws = rk_UNCONST("workstation"); - - { - struct ntlm_buf key; - heim_ntlm_nt_key(password, &key); - - heim_ntlm_calculate_ntlm1(key.data, key.length, - type2.challange, - &type3.ntlm); - free(key.data); - } - - ret = heim_ntlm_encode_type3(&type3, &data); - if (ret) - errx(1, "heim_ntlm_encode_type3"); - - free(type3.ntlm.data); - - memset(&type3, 0, sizeof(type3)); - - ret = heim_ntlm_decode_type3(&data, 1, &type3); - free(data.data); - if (ret) - errx(1, "heim_ntlm_decode_type3"); - - if (strcmp("workstation", type3.ws) != 0) - errx(1, "type3 ws wrong"); - - if (strcmp(target, type3.targetname) != 0) - errx(1, "type3 targetname wrong"); - - if (strcmp(user, type3.username) != 0) - errx(1, "type3 username wrong"); - - - heim_ntlm_free_type3(&type3); - - /* - * NTLMv2 - */ - - memset(&type2, 0, sizeof(type2)); - - flags = NTLM_NEG_UNICODE | NTLM_NEG_NTLM | NTLM_TARGET_DOMAIN; - type2.flags = flags; - - memset(type2.challange, 0x7f, sizeof(type2.challange)); - type2.targetname = rk_UNCONST(target); - type2.targetinfo.data = "\x00\x00"; - type2.targetinfo.length = 2; - - ret = heim_ntlm_encode_type2(&type2, &data); - if (ret) - errx(1, "heim_ntlm_encode_type2"); - - memset(&type2, 0, sizeof(type2)); - - ret = heim_ntlm_decode_type2(&data, &type2); - free(data.data); - if (ret) - errx(1, "heim_ntlm_decode_type2"); - - heim_ntlm_free_type2(&type2); - - return 0; -} - -static int -test_keys(void) -{ - const char - *username = "test", - *password = "test1234", - *target = "TESTNT"; - const unsigned char - serverchallange[8] = "\x67\x7f\x1c\x55\x7a\x5e\xe9\x6c"; - struct ntlm_buf infotarget, infotarget2, answer, key; - unsigned char ntlmv2[16], ntlmv2_1[16]; - int ret; - - infotarget.length = 70; - infotarget.data = - "\x02\x00\x0c\x00\x54\x00\x45\x00\x53\x00\x54\x00\x4e\x00\x54\x00" - "\x01\x00\x0c\x00\x4d\x00\x45\x00\x4d\x00\x42\x00\x45\x00\x52\x00" - "\x03\x00\x1e\x00\x6d\x00\x65\x00\x6d\x00\x62\x00\x65\x00\x72\x00" - "\x2e\x00\x74\x00\x65\x00\x73\x00\x74\x00\x2e\x00\x63\x00\x6f" - "\x00\x6d\x00" - "\x00\x00\x00\x00"; - - answer.length = 0; - answer.data = NULL; - - heim_ntlm_nt_key(password, &key); - - ret = heim_ntlm_calculate_ntlm2(key.data, - key.length, - username, - target, - serverchallange, - &infotarget, - ntlmv2, - &answer); - if (ret) - errx(1, "heim_ntlm_calculate_ntlm2"); - - ret = heim_ntlm_verify_ntlm2(key.data, - key.length, - username, - target, - 0, - serverchallange, - &answer, - &infotarget2, - ntlmv2_1); - if (ret) - errx(1, "heim_ntlm_verify_ntlm2"); - - if (memcmp(ntlmv2, ntlmv2_1, sizeof(ntlmv2)) != 0) - errx(1, "ntlm master key not same"); - - if (infotarget.length > infotarget2.length) - errx(1, "infotarget length"); - - if (memcmp(infotarget.data, infotarget2.data, infotarget.length) != 0) - errx(1, "infotarget not the same"); - - free(key.data); - free(answer.data); - free(infotarget2.data); - - return 0; -} - -static int -test_ntlm2_session_resp(void) -{ - int ret; - struct ntlm_buf lm, ntlm; - - const unsigned char lm_resp[24] = - "\xff\xff\xff\x00\x11\x22\x33\x44" - "\x00\x00\x00\x00\x00\x00\x00\x00" - "\x00\x00\x00\x00\x00\x00\x00\x00"; - const unsigned char ntlm2_sess_resp[24] = - "\x10\xd5\x50\x83\x2d\x12\xb2\xcc" - "\xb7\x9d\x5a\xd1\xf4\xee\xd3\xdf" - "\x82\xac\xa4\xc3\x68\x1d\xd4\x55"; - - const unsigned char client_nonce[8] = - "\xff\xff\xff\x00\x11\x22\x33\x44"; - const unsigned char server_challange[8] = - "\x01\x23\x45\x67\x89\xab\xcd\xef"; - - const unsigned char ntlm_hash[16] = - "\xcd\x06\xca\x7c\x7e\x10\xc9\x9b" - "\x1d\x33\xb7\x48\x5a\x2e\xd8\x08"; - - ret = heim_ntlm_calculate_ntlm2_sess(client_nonce, - server_challange, - ntlm_hash, - &lm, - &ntlm); - if (ret) - errx(1, "heim_ntlm_calculate_ntlm2_sess_resp"); - - if (lm.length != 24 || memcmp(lm.data, lm_resp, 24) != 0) - errx(1, "lm_resp wrong"); - if (ntlm.length != 24 || memcmp(ntlm.data, ntlm2_sess_resp, 24) != 0) - errx(1, "ntlm2_sess_resp wrong"); - - free(lm.data); - free(ntlm.data); - - - return 0; -} - -static int version_flag = 0; -static int help_flag = 0; - -static struct getargs args[] = { - {"version", 0, arg_flag, &version_flag, "print version", NULL }, - {"help", 0, arg_flag, &help_flag, NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, sizeof(args)/sizeof(*args), - NULL, ""); - exit (ret); -} - -int -main(int argc, char **argv) -{ - int ret = 0, optind = 0; - - setprogname(argv[0]); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optind; - argv += optind; - - printf("test_parse\n"); - ret += test_parse(); - printf("test_keys\n"); - ret += test_keys(); - printf("test_ntlm2_session_resp\n"); - ret += test_ntlm2_session_resp(); - - return 0; -} diff --git a/crypto/heimdal/lib/ntlm/version-script.map b/crypto/heimdal/lib/ntlm/version-script.map deleted file mode 100644 index 654a630cec15..000000000000 --- a/crypto/heimdal/lib/ntlm/version-script.map +++ /dev/null @@ -1,27 +0,0 @@ -# $Id: version-script.map 22041 2007-11-11 07:43:27Z lha $ - -HEIMDAL_NTLM_1.0 { - global: - heim_ntlm_build_ntlm1_master; - heim_ntlm_calculate_ntlm1; - heim_ntlm_calculate_ntlm2; - heim_ntlm_calculate_ntlm2_sess; - heim_ntlm_decode_targetinfo; - heim_ntlm_decode_type1; - heim_ntlm_decode_type2; - heim_ntlm_decode_type3; - heim_ntlm_encode_targetinfo; - heim_ntlm_encode_type1; - heim_ntlm_encode_type2; - heim_ntlm_encode_type3; - heim_ntlm_free_buf; - heim_ntlm_free_targetinfo; - heim_ntlm_free_type1; - heim_ntlm_free_type2; - heim_ntlm_free_type3; - heim_ntlm_nt_key; - heim_ntlm_ntlmv2_key; - heim_ntlm_verify_ntlm2; - local: - *; -}; diff --git a/crypto/heimdal/lib/roken/ChangeLog b/crypto/heimdal/lib/roken/ChangeLog deleted file mode 100644 index 6a9abe72078e..000000000000 --- a/crypto/heimdal/lib/roken/ChangeLog +++ /dev/null @@ -1,2196 +0,0 @@ -2008-01-12 Love Hörnquist Åstrand - - * Makefile.am: add missing files. - -2007-08-09 Love Hörnquist Åstrand - - * strftime.c: rewrite str[pf]time for testing. - - * strptime.c: rewrite str[pf]time for testing. - - * Makefile.am: add TEST_STRPFTIME - -2007-07-17 Love Hörnquist Åstrand - - * ndbm_wrap.c (dbm_get): set dsize to 0 on failure. - - * Makefile.am: add ndbm_wrap.[ch] to EXTRA_DIST - - * ndbm_wrap.c (dbm_fetch): set dsize to 0 on failure. - -2007-07-16 Love Hörnquist Åstrand - - * socket_wrapper.c: Implement swrap_dup too. - - * socket_wrapper.c: Add dup(dummy stub) and dup2(real). - - * socket_wrapper.h: Add dup(dummy stub) and dup2(real). - -2007-07-10 Love Hörnquist Åstrand - - * Makefile.am: New library version. - -2007-06-19 Love Hörnquist Åstrand - - * roken_gethostby.c: set proxy_port to 0 to pacify BEAM. - -2007-06-07 Love Hörnquist Åstrand - - * use "roken.h" consitantly - -2007-06-03 Love Hörnquist Åstrand - - * test-readenv.c: Free environment. - - * environment.c (free_environment): free result of - read_environment(). - - * roken-common.h (free_environment): free result of - read_environment(). - -2007-05-10 Love Hörnquist Åstrand - - * fnmatch.c: Do recursive call to rk_fnmatch - -2007-01-12 Love Hörnquist Åstrand - - * resolve.c: Try harder to call res_ndestroy(). - -2006-12-27 Love Hörnquist Åstrand - - * Makefile.am: make sure built headers are copied to the - ${build_topdir}/include - -2006-12-15 Love Hörnquist Åstrand - - * unvis.c: Use internal version of rk_unvis - - * unvis.c: Always include rk_versions. - - * vis.c: Always include rk_versions. - - * vis.hin: Fix argument for unvis and strsvisx. - - * unvis.c: prefix unvis functions with rk_, and prototypes. - -2006-12-13 Love Hörnquist Åstrand - - * vis.c: Provide some prototypes for the rk_vis functions. - -2006-12-11 Love Hörnquist Åstrand - - * ifaddrs.hin: Prefix getifaddrs functions with rk_ and do symbol - renaming. - - * fnmatch.c: Prefix fnmatch functions with rk_ and do symbol - renaming. - - * vis.hin: Prefix strvis functions with rk_ and do symbol - renaming. - - * vis.c: prefix strvis functions with rk_ - - * Makefile.am: Install extra posix headers in to avoid - dup headers. - -2006-11-09 Love Hörnquist Åstrand - - * socket_wrapper.c (swrap_sendto): fail on to unknown si->type - -2006-11-06 Love Hörnquist Åstrand - - * socket_wrapper.c: A few fixes to have Heimdal pass the make - check under socket_wrapper. The first is a missing 'break' before - the (heimdal specific) IPv6 support. The second works around the - fact that sendto() *may* object to a destination being specified. - It appears to be that on Linux, this objects (with EISCONN) for - unix stream sockets, but not for TCP sockets. The alternate fix - would be to have the KDC use 'send()' in this case. Andrew Bartlett. - -2006-10-20 Love Hörnquist Åstrand - - * Makefile.am: split dist and nondist HEADERS - -2006-10-19 Love Hörnquist Åstrand - - * roken.h.in: Add timegm glue. - - * timegm.c: add timegm() - - * socket_wrapper.c: Include , gives os socklen_t on IRIX - 6.4. - - * socket_wrapper.c: Maybe include and/or maybe - include . - -2006-10-17 Love Hörnquist Åstrand - - * roken.h.in: Revert prevois for now, the problem is that we have - to include symbols unconditionally, even for those that just needs - protos. - - * roken.h.in: Provide symbol renaming, let see what breaks. - - * socket_wrapper.c: Maybe include . - -2006-10-10 Love Hörnquist Åstrand - - * socket_wrapper.c: more consitity check, remove dead code, add - socket length code, add missing break, make diffrent chars of type - type files for case-insensitiv filesystems - - * socket_wrapper.c: try even hard to not use socket wrapper for - socket_wrapper itself. - - * socket_wrapper.c: Force no socket wrapper for socket_wrapper - itself. - -2006-10-09 Love Hörnquist Åstrand - - * socket_wrapper.c: Maybe include . - - * socket_wrapper.c: Protect AF_INET6 with #ifdef HAVE_IPV6. - - * socket_wrapper.c: Use a symbol for the v6 address. - - * socket_wrapper.c: Add IPv6 suppport. - - * socket_wrapper.[ch]: Include socket wrapper from samba4 (rev - 19179). - -2006-10-07 Love Hörnquist Åstrand - - * Makefile.am: Add build_HEADERZ to EXTRA_DIST - - * Makefile.am: Add man_MANS to EXTRA_DIST - - * Makefile.am: Add to all objects BUILD_ROKEN_LIB. - -2006-09-16 Love Hörnquist Åstrand - - * roken.h.in: Add samba socket wrapper fragment. - - * Makefile.am: Add samba socket wrapper fragment. - -2006-09-05 Love Hörnquist Åstrand - - * snprintf.c: reapply patch that went away in last commit - - * snprintf-test.c: unbreak from previous commit - - * snprintf.c: Add size_t formater (z modifer). - - * snprintf-test.c: add tests for size_t printf formater - -2006-06-30 Love Hörnquist Åstrand - - * rtbl.h: Add extern "C" for C++. - - * rtbl.c: Add rtbl_add_column_entryv functions, printf like - - * rtbl.h: Add rtbl_add_column_entryv functions, printf like - -2006-06-22 Love Hörnquist Åstrand - - * glob.hin: Add extern "C" for C++. From joerg at britannica dot - bec dot de - - * fnmatch.hin: Add extern "C" for C++. From joerg at britannica - dot bec dot de - -2006-04-20 Love Hörnquist Åstrand - - * fnmatch.hin (fnmatch): CPP rename to rk_fnmatch - -2006-04-14 Love Hörnquist Åstrand - - * resolve.c (dns_srv_order): change a if (ptr == NULL) continue - into a assert(ptr != NULL) since it could never happen, found by - the IBM code checker (beam). Thanks to Florian Krohm for - explaining it. - -2006-04-02 Love Hörnquist Åstrand - - * roken_gethostby.c (roken_gethostby): make addr_list one larger - to avoid a off-by-one error. Found by IBM checker. - - * resolve.c: Plug memory leak found by IBM checker (and try to - please it). - -2006-02-06 Love Hörnquist Åstrand - - * resolve.c: Spelling, from Alexey Dobriyan, via Jason McIntyre - -2006-01-13 Love Hörnquist Åstrand - - * getcap.c: Don't use db support unless its build into libc but we - dont check for that now, so just disable the code. This removes - the dependency on libdb for roken, and that is a good thing since - it causes problem with nss plugins that uses DB3 that also - provides the same symbol, but with a diffrent ABI. so when the - application calls getpwnamn() and it linked to roken, it craches - in the nss functions. - -2006-01-09 Love Hörnquist Åstrand - - * hex.c (hex_decode): support decoding odd number of characters, - in the odd len case, the first character ends up in the first byte - in the lower nibble. - - * hex-test.c: Check that we can decode single character hex chars. - -2005-12-12 Love Hörnquist Åstrand - - * getifaddrs.c: Try handle HP/UX 11.nn, its diffrent from Solaris - large SIOCGIFCONF. - -2005-09-28 Love Hörnquist Åstrand - - * roken-common.h: Move rk_UNCONST to roken.h.in since it might use - uintptr_t depending on avaibility. - - * roken.h.in: Include if it exists. If avaiable, use - uintptr_t to define rk_UNCONST. - -2005-09-22 Love Hörnquist Åstrand - - * roken-common.h: Add rk_dumpdata. - - * dumpdata.c: Add rk_dumpdata() that write a chunk of data into a - file for later processing by some other tool (like asn1_print). - -2005-09-13 Love Hörnquist Åstrand - - * strptime.c: cast to unsigned char to make sure its not negative - when passing it to is* functions - -2005-09-01 Love Hörnquist Åstrand - - * socket.c: Add socket_set_ipv6only. - - * roken-common.h: Add socket_set_ipv6only, remove some argument - names. - -2005-08-25 Love Hörnquist Åstrand - - * strpool.c (rk_strpoolprintf): remove debug printf, plug memory - leak - -2005-08-23 Love Hörnquist Åstrand - - * setprogname.c (setprogname): const poision - - * print_version.c: Removed, moved to libvers. - -2005-08-22 Love Hörnquist Åstrand - - * resolve.c (dns_lookup_int): if we have res_ndestroy, prefeer - that before res_nclose - -2005-08-12 Love Hörnquist Åstrand - - * getaddrinfo-test.c: Rename optind to optidx to avoid shadowing. - -2005-08-05 Love Hörnquist Åstrand - - * gai_strerror.c: sprinkel more const - - * gai_strerror.c, roken.h.in: Make return value of gai_strerror - const to match SUSv3. Prompted by Stefan Metzmacher change to - Samba. - -2005-07-19 Love Hörnquist Åstrand - - * roken.h.in: Remove parameter names to avoid shadow warnings. - -2005-07-13 Love Hörnquist Åstrand - - * getifaddrs.c (nl_getlist): poll to get messages from kernel, and - retry if the message was lost - (free_nlmsglist): free all linked elements, not just the first one - -2005-07-08 Love Hörnquist Åstrand - - * snprintf-test.c: Check a very simple format string - -2005-07-07 Love Hörnquist Åstrand - - * roken.h.in: If we have include it, its needed for - strcasecmp() on those platforms that are SUS3/iso c99 strict (like - AIX) - - * roken-common.h: remove duplicate ; - -2005-07-06 Love Hörnquist Åstrand - - * roken-common.h: rk_strpoolprintf first variable identifier is 3 - -2005-06-30 Love Hörnquist Åstrand - - * base64.h: remove variable names - -2005-06-29 Love Hörnquist Åstrand - - * roken-common.h: fix format attribute - - * Makefile.am (libroken_la_SOURCES): += strpool.c - - * roken-common.h: add strpool, a printf collector to make it - eaiser to collect strings into one string - - * strpool.c: add strpool, a printf collector to make it eaiser to - collect strings into one string - -2005-06-23 Love Hörnquist Åstrand - - * base64.c: Add const, from Andrew Abartlet - -2005-06-21 Love Hörnquist Åstrand - - * strpftime-test.c: test for "%Y%m" - - * esetenv.c: unconst - - * strptime.c: Write a new parse_number function that is possible - to limit that amount of numbers used, with this strptime can - handle strptime("200505", "%Y%m", &tm); - -2005-06-16 Love Hörnquist Åstrand - - * getaddrinfo.c: avoid shadowing sin - - * resolve-test.c: rename optind to optidx to avoid shadowing - - * strptime.c: UNCONST return value from strptime - - * strftime.c: rk_UNCONST argument mktime - - * getnameinfo.c: avoid shadowing sin - - * socket.c: avoid shadowing sin - - * resolve.c (parse_record): fix casting to avoid losing const - - * roken.awk: since we got no feedback regarding people running - heimdal on the crays, remove the quoted # version - - * environment.c: rename index to idx to avoid shadowing - -2005-05-29 Love Hörnquist Åstrand - - * parse_reply-test.c: avoid signedness warnings - - * test-mem.c: avoid signedness warnings - -2005-05-27 Love Hörnquist Åstrand - - * hex.c: include "roken.h" to avoid undefined size_t/ssize_t - -2005-05-24 Dave Love - - * Makefile.am (snprintf_test_SOURCES): Add snprintf-test.h. - -2005-05-20 Love Hörnquist Åstrand - - * environment.c (rk_read_env_file): move assignment to later to - make pre c99 compiler happy - -2005-05-18 Love Hörnquist Åstrand - - * strptime.c: use english spelling of March - -2005-05-17 Johan Danielsson - - * Makefile.am: only link with dblib if we need it - - * Makefile.am: add test_readenv - - * test-readenv.c: test for read_environment() - - * environment.c: eliminate duplicates - -2005-05-13 Love Hörnquist Åstrand - - * issuid.c (issuid): change the #ifdef order to avoid unreachable - code warning. - -2005-05-10 Dave Love - - * roken.h.in: Get daemon declared on Solaris (it's in unistd.h but - masked by a feature test), just to avoid a warning, since it has - int args. Include err.h unconditionally, since it's always - supplied. - -2005-05-04 Dave Love - - * snprintf-test.c: Include snprintf-test.h earlier. - -2005-05-03 Dave Love - - * snprintf.c: Include snprintf-test.h earlier. - - * test-mem.c: Add member fd to map. - (rk_test_mem_alloc, rk_test_mem_free): Use it. - -2005-04-30 Love Hörnquist Åstrand - - * getifaddrs.c: add break on default: statements, from Douglas - E. Engert - - * snprintf.c (vsnprintf): don't write the NUL into the string if - the length was 0 - - * snprintf-test.c: add check that snprintf doesn't write the NUL - into the last byte when its a zero length input string - - * parse_time-test.c: Include . - -2005-04-27 Love Hörnquist Åstrand - - * parse_time-test.c: improve testing - - * roken-common.h: add rk_realloc - - * Makefile.am: add realloc - - * realloc.c: add rk_realloc, unbroken version of realloc - -2005-04-26 Dave Love - - * getusershell.c: Include roken.h - -2005-04-18 Love Hörnquist Åstrand - - * unvis.c: cast to unsigned char to make sure its not negative - when passing it to is* functions - - * strptime.c: cast to unsigned char to make sure its not negative - when passing it to to* functions - -2005-04-13 Love Hörnquist Åstrand - - * simple_exec.c: don't close stderr, close all fd that is num 3 - and larger - - * simple_exec.c (pipe_execv): use closefrom - - * add closefrom - -2005-04-12 Love Hörnquist Åstrand - - * add ROKEN_LIB_FUNCTION to all exported functions - -2005-04-10 Love Hörnquist Åstrand - - * resolve-test.c: print DS - -2005-04-07 Love Hörnquist Åstrand - - * parse_time-test.c: remove unused variable - -2005-04-04 Love Hörnquist Åstrand - - * strpftime-test.c: print size_t by casting to unsigned long - - * base64-test.c: print size_t by casting to unsigned long - - * hex-test.c: print size_t by casting to unsigned long - - * resolve-test.c: print size_t by casting to unsigned long - -2005-04-01 Love Hörnquist Åstrand - - * snprintf-test.c (try): reset va_list argument between reuse, - from Peter Kruty - -2005-03-30 Love Hörnquist Åstrand - - * roken_gethostby.c (roken_gethostby): s/sin/addr/ to avoid - shadowing - - * resolve.c (dns_lookup_int): s/stat/state/ to avoid shadowing - - * parse_units.c: avoid shadowing div - -2005-03-26 Love Hörnquist Åstrand - - * snprintf.c: use defined(TEST_SNPRINTF) like on all other places - in the same file - -2005-03-21 Love Hörnquist Åstrand - - * hex.c: check for overflows - -2005-03-18 Love Hörnquist Åstrand - - * vis.c: use RCSID instead of __RCSID - -2005-03-06 Love Hörnquist Åstrand - - * Makefile.am: check_PROGRAMS += hex-test - - * hex-test.c: hex encoding/decoding test - - * hex.c: fix decodeing, it processed to much data and thus - returned the wrong length - -2005-03-04 Love Hörnquist Åstrand - - * Makefile.am: add hex.[ch] - - * hex.c: add hex encoder/decoder - -2005-03-02 Love Hörnquist Åstrand - - * daemon.c fnmatch.c fnmatch.hin getcap.c getopt.c getusershell.c - glob.c glob.hin iruserok.c unvis.c vis.hin: - - In 1997, the University of California, Berkeley issued a statement - retroactively relicensing all code held under their copyright from - a 4-clause 'traditional' BSD license to a new 3-clause 'revised' - BSD license, which removed the advertising clause. - - From NetBSD, via Joel Baker, and Alistair G. Crooks - - * getaddrinfo-test.c: remove stray ( in output - - * vis.c: Update new revision from NetBSD (copyright update) - -2005-02-24 Love Hörnquist Åstrand - - * Makefile.am: bump version to 17:0:1 - -2005-01-19 Dave Love - - * getusershell.c: Include ctype.h, cast argument to isspace to - unsigned char. - -2004-10-31 Love Hörnquist Åstrand - - * parse_time.3, parse_units.c: Change the behavior of the - parse_unit code to return the number of bytes needed to print the - whole string (minus the trailing '\0'), just like snprintf. Idea - from bugreport from Gabriel Kihlman . - - * parse_time-test.c Makefile.am test-mem.c test-mem.h: test parse_time - -2004-10-16 Love Hörnquist Åstrand - - * resolve.c: put dns_type_to_string and dns_string_to_type in the - abi - - * resolve.c: add ds_record - - * resolve.h: add ds_record - -2004-10-06 Love Hörnquist Åstrand - - * ndbm_wrap.c: undefine open so this works on solaris with large - file support From netbsd's pkgsrc via Gavan Fantom - -2004-09-13 Love Hörnquist Åstrand - - * resolve-test.c: add --version/--help - -2004-09-12 Love Hörnquist Åstrand - - * Makefile.am: make resolve-test a noinst program - -2004-09-11 Love Hörnquist Åstrand - - * resolve-test.c: test program for libroken resolve from resolve.c - - * Makefile.am: add resolve-test - - * resolve.h: add constant for max DNS protocol packet size - - * resolve.c (dns_lookup_int): grow the answer buffer to the size - the server send to us if the answer buffer was too small (limited - to the dns protocol max packet size) - -2004-08-26 Johan Danielsson - - * err.hin: no need to declare __progname here - - * Makefile.am: always clean generated headers - -2004-06-26 Love Hörnquist Åstrand - - * rtbl.3: use .In for header, remove trailing space - -2004-06-23 Johan Danielsson - - * rtbl.h: add protos and macros - - * rtbl.c: implement a bunch of stuff: - - column separator (instead of global column prefix) - - per column suffix - - indexing columns by id-number instead of column header - - optional header supression (via settable flags) - - ability to end a row - - don't extend last column to full width - -2004-06-20 Love Hörnquist Åstrand - - * resolve.[ch]: add and use and bind9 version of rr type - (rk_ns_t_XXX) instead of the old bind4 version (T_XXX) - -2004-05-25 Love Hörnquist Åstrand - - * resolve.c (stot): add AAAA - -2004-02-17 Love Hörnquist Åstrand - - * getarg.c (add_string): catch error from realloc - -2004-02-12 Love Hörnquist Åstrand - - * roken-common.h: add simple_execve_timed - - * roken-common.h: add timed simple_exec - - * simple_exec.c: add timed simple_exec - -2004-01-05 Love Hörnquist Åstrand - - * gai_strerror.c: correct ifdef for EAI_ADDRFAMILY - -2003-12-14 Love Hörnquist Åstrand - - * resolve.c: parse dns header, add support for SSHFP - - * resolve.h: add cpp rewrite for sshfp_record - - * resolve.h: add SSHFP, clean up the the dns_header - -2003-12-14 Love Hörnquist Åstrand - - * resolve.h: remove HEADER (only used for crays) - - * resolve.c: number-of fields no longer stored in network order - -2003-12-13 Love Hörnquist Åstrand - - * resolve.c: remove depency on c99 types in resolv.h - - * resolve.h: remove depency on c99 types - -2003-12-06 Love Hörnquist Åstrand - - * resolv.h: add more T_ types and inline the dns headers, all this - for bind9 resolvers - -2003-12-02 Love Hörnquist Åstrand - - * gai_strerror.c: EAI_ADDRFAMILY and EAI_NODATA is deprecated - - * roken-common.h: use EAI_NONAME instead of EAI_ADDRFAMILY to - check for if we need EAI_ macros - -2003-10-04 Love Hörnquist Åstrand - - * strptime.c: let t and n match zero or more whitespaces - -2003-08-29 Love Hörnquist Åstrand - - * ndbm_wrap.c: patch for working with DB4 on heimdal-discuss - From: Luke Howard - -2003-08-27 Johan Danielsson - - * Makefile.am: don't include discovered files in EXTRA_SOURCES; - don't depend on all header files, just the built ones - -2003-08-15 Johan Danielsson - - * emalloc.3: manpage - -2003-07-11 Love - - * resolve.c: AIX have broken res_nsearch() in 5.1 (5.0 also ?) so - just don't use res_nsearch on AIX - -2003-06-29 Johan Danielsson - - * snprintf.c: * don't ever print sign for unsigned conversions * - don't break when right justifying a number past the end of the - buffer * handle zero precision and the value zero more correctly - -2003-06-14 Love - - * glob.hin: prefix glob symbols with rk_ - -2003-04-22 Love - - * resolve.c: copy NUL too, from janj@wenf.org via openbsd - -2003-04-16 Love - - * parse_units.h: remove typedef for units to avoid problems with - shadowing - - * resolve.c: use strlcpy, from openbsd - - * getcap.c: use strlcpy, from openbsd - - * getarg.3: Change .Fd #include to .In header.h - from Thomas Klausner - -2003-04-15 Love - - * socket.c (socket_set_tos): if setsockopt failed with EINVAL - failed, just ignore it, sock was probably a just a non AF_INET - socket - -2003-04-14 Love - - * strncasecmp.c: cast argument to toupper to unsigned char, from - Christian Biere via NetBSD - - * strlwr.c: cast argument to tolower to unsigned char, from - Christian Biere via NetBSD - - * strcasecmp.c: cast argument to toupper to unsigned char, from - Christian Biere via NetBSD - -2003-03-19 Love - - * getarg.3: spelling, from - -2003-03-07 Love - - * parse_bytes.c: use struct units instead of units - - * parse_time.c: use struct units instead of units - -2003-03-04 Love - - * roken.awk: use full prototype for main - -2002-10-15 Johan Danielsson - - * resolve.c: check length of txt records - -2002-09-10 Johan Danielsson - - * roken.awk: include config.h before stdio.h (breaks with - _FILE_OFFSET_BITS on solaris otherwise) - -2002-09-09 Johan Danielsson - - * resolve.c: fix res_nsearch call, but don't use it for now, AIX5 - has a broken version that trashes memory - - * roken-common.h: fix typo in previous - - * roken-common.h: change IRIX == 4 to IRIX4 - -2002-09-04 Assar Westerlund - - * getifaddrs.c: remove some warnings from the linux-portion - - * getnameinfo_verified.c (getnameinfo_verified): handle the case - of forward but no backward DNS information, and also describe the - desired behaviour. from Love - -2002-09-04 Johan Danielsson - - * rtbl.c (rtbl_destroy): free whole table - - * resolve.c: use res_nsearch if we have it (from Larry Greenfield) - -2002-09-03 Assar Westerlund - - * getifaddrs.c: add Linux AF_NETLINK getifaddrs from Hideaki - YOSHIFUJI of the Usagi project - - * parse_reply-test.c: make this build and return 77 if there is no - mmap - - * Makefile.am (parse_reply-test): add - * parse_reply-test.c: add a test case for parse_reply reading past - the given buffer - * resolve.c (parse_reply): update the arguments to more reasonable - types. allow parse_reply-test to call it - -2002-08-28 Johan Danielsson - - * resolve.c (dns_srv_order): do alignment tricks with the random() - state (from NetBSD) - -2002-08-27 Assar Westerlund - - * resolve.c (parse_reply): verify the lengths (both external and - internal) are consistent and not too long - (dns_lookup_int): be conservative in the length sent in to to - parse_reply - -2002-08-26 Assar Westerlund - - * roken.h.in: add prototypes for str, unvis functions - * resolve.h: add fallback definition for T_AAAA - -2002-08-22 Johan Danielsson - - * roken.h.in: we may need a prototype for strndup - -2002-08-20 Johan Danielsson - - * roken.h.in: typedef ssize_t here - - * getarg.c: don't put Ns before comma - - * resolve.c: _res might not be available - - * localtime_r.c: include stdio.h and roken.h - - * strftime.c: only use altzone if we have it - - * roken-common.h: AI_NUMERICHOST needs special handling - - * strlcat.c: add some consistency checks - - * strlcpy.c: make the logic simpler, and handle dst_sz == 0 - -2002-08-19 Johan Danielsson - - * resolve.h: prefix these functions to avoid conflicts with other - packages - -2002-08-14 Johan Danielsson - - * strsep_copy.c: don't write to buf if len == 0 - -2002-05-31 Assar Westerlund - - * Makefile.am: *_LDADD: add LDADD, so that libroken is used - -2002-05-17 Johan Danielsson - - * xdbm.h: remove old dbm part - -2002-04-30 Johan Danielsson - - * ndbm_wrap.{c,h}: ndbm wrapper for newer db libraries - -2002-04-18 Johan Danielsson - - * roken.h.in: move mini_inetd protos to after addrinfo definition - - * snprintf.c (append_number): make rep const - - * getarg.h: rename optind and optarg to avoid some gcc warnings - - * getarg.c: rename optind and optarg to avoid some gcc warnings - -2002-02-18 Johan Danielsson - - * mini_inetd.c: mini_inetd_addrinfo that takes an addrinfo instead - of a port number - -2001-11-30 Assar Westerlund - - * getifaddrs.c: support SIOCGLIFCONF and SIOCGLIFFLAGS which are - used on Solaris 8 to retrieve addresses larger than `struct - sockaddr'. From Magnus Ahltorp (with some - modifications by me) - -2001-10-27 Assar Westerlund - - * Makefile.am (libroken_la_LDFLAGS): set version to 15:0:6 - -2001-10-22 Assar Westerlund - - * localtime_r.c: add - -2001-10-02 Johan Danielsson - - * resolve.c (dns_srv_order): don't try to return a value - -2001-09-24 Johan Danielsson - - * snprintf.c: va_{start,end} fixes; from Thomas Klausner - -2001-09-20 Assar Westerlund - - * resolve.c (dns_srv_order): make sure of not reading after the - array - -2001-09-17 Assar Westerlund - - * Makefile.am (libroken_la_LDFLAGS): bump to 14:4:5 - * snprintf.c: rename 'struct state' -> 'struct snprintf_test' to - avoid collision with resolv.h on aix - -2001-09-04 Assar Westerlund - - * parse_bytes-test.c, parse_bytes.c, parse_bytes.h, parse_units.c, - parse_units.h: use int instead of size_t as return values to be - compatible with snprintf - - * strftime.c (strftime): check for return values from snprintf() < - 0 - -2001-09-03 Johan Danielsson - - * socket.c: restrict is a keyword - -2001-09-03 Assar Westerlund - - * write_pid.c: handle atexit or on_exit - - * Makefile.am (EXTRA_libroken_la_SOURCES): add vis.hin to help - solaris make - -2001-08-30 Johan Danielsson - - * Makefile.am: use LDADD directly - -2001-08-28 Assar Westerlund - - * Makefile.am (libroken_la_LDFLAGS): set to 14:3:5 - - * issuid.c (issuid): call issetugid if it exists - -2001-08-24 Assar Westerlund - - * Makefile.am: make it play better with recent automake - -2001-08-21 Assar Westerlund - - * glob.c: provide a fallback for ARG_MAX. from - - * roken.h.in: remove all winsock.h - for now, it does more harm than good under cygwin and if it should be - used, the correct conditional needs to be found - from - -2001-08-17 Johan Danielsson - - * getaddrinfo.c: include a definition of in6addr_loopback if it - doesn't exist - -2001-08-10 Assar Westerlund - - * Makefile.am (libroken_la_LDFLAGS): update to 14:2:5 - -2001-08-08 Assar Westerlund - - * hstrerror.c: move h_errno to its own file (h_errno.c) - -2001-08-04 Assar Westerlund - - * Makefile.am: add getarg.3 - -2001-08-01 Assar Westerlund - - * mini_inetd.c (mini_inetd): explicitly use PF_UNSPEC. be more - resilient to bind/listen failing. - -2001-07-31 Assar Westerlund - - * getifaddrs.c (getifaddrs2): remove unused variables - -2001-07-31 Assar Westerlund - - * Makefile.am (libroken_la_LDFLAGS): update version to 14:1:5 - -2001-07-23 Assar Westerlund - - * getarg.c (arg_match_long): fix parsing of arg_counter optional - argument - -2001-07-19 Assar Westerlund - - * Makefile.am (libroken_la_LDFLAGS): bump version to 14:0:5 - -2001-07-17 Assar Westerlund - - * snprintf-test.h: add a file with renaming of the snprintf - functions, to be used for running the tests - -2001-07-11 Assar Westerlund - - * snprintf-test.c: add more %X tests, and long and conditional - long long tests - * snprintf.c: add support for printing long long (if available) - -2001-07-10 Assar Westerlund - - * getaddrinfo.c (add_hostent): adapt to const hostent_find_fqdn - * hostent_find_fqdn.c (hostent_find_fqdn): const-ize - -2001-07-09 Assar Westerlund - - * roken-common.h (hostent_find_fqdn): add - * hostent_find_fqdn.c: separate out hostent_find_fqdn - - * warnerr.c: move out getprogname, setprogname - -2001-07-03 Assar Westerlund - - * warnerr.c (setprogname): add const cast - * vis.c (SVIS): add some (unsigned char) before calling isfoo* - * Makefile.am (libroken_la_LDFLAGS:) set version to 13:0:4 - - * Makefile.am: add snprintf_test - * snprintf.c: rewrite so that it does not stop as soon as there - are no more characters to print, we need to figure out how long - the string would have to be. this also fixes snprintf(NULL, 0 - -2001-06-21 Assar Westerlund - - * simple_exec.c (pipe_execv): remove unused variable - -2001-06-20 Johan Danielsson - - * getdtablesize.c: fix typo in obviously never used sysctl case - - * simple_exec.c: rename check_status to wait_for_process, and - export it; function pipe_execv similar to popen, but with more - control over input and output - - * roken-common.h: prototypes for wait_for_process and pipe_execv - -2001-06-17 Assar Westerlund - - * roken-common.h: move emalloc et al to roken.h.in - * Makefile.am: make emalloc,ecalloc,erealloc,estrdup conditional - * emalloc.c, erealloc.c, estrup.c: use errx, since errno might not - be set reliably - * ecalloc.c: add for symmetry - -2001-06-09 Johan Danielsson - - * resolve.c: dns_srv_order to order srv records - -2001-06-08 Johan Danielsson - - * getarg.c: Grog tries to figure out if to use mdoc.old instead of - mdoc by looking at some macros that were only present in the old - version, and by looking at the number of .Oo's present. In - mdoc.old .Oo was a toggle, but in mdoc it's closed by .Oc, so if - the number of .Oo's is bigger than the number of .Oc's, it figures - it must be mdoc.old. This doesn't however account for called Oc's, - and thus grog thinks that valid pages are mdoc.old when they - infact are mdoc. So let's make sure that Oc's are not called by - other macros. - -2001-05-29 Assar Westerlund - - * base64-test.c (main): initialize numerr - -2001-05-28 Johan Danielsson - - * base64.c: clean up the decode mess somewhat - - * base64-test.c: base64 tests - -2001-05-18 Johan Danielsson - - * roken.h.in: just use standard C types with bswap* - - * bswap.c: just use standard C types - -2001-05-17 Assar Westerlund - - * roken.h.in: include all the headers that AC_GROK_TYPES tries for - finding u_int17_t et al - - * Makefile.am: bump version to 12:0:3 - * roken.h.in: re-add set_progname and get_progname for backwards - compatability - * warnerr.c: re-add set_progname and get_progname for backwards - compatability - -2001-05-12 Assar Westerlund - - * glob.c: add limits.h, from - -2001-05-11 Johan Danielsson - - * Makefile.am: bswap.c - - * bswap.c: bswap{16,32} - -2001-05-08 Assar Westerlund - - * freeaddrinfo.c (freeaddrinfo): also free every `struct - addrinfo'. from - -2001-04-25 Assar Westerlund - - * getarg.h (free_getarg_strings): add prototype - * getarg.c (free_getarg_strings): add function - -2001-04-21 Johan Danielsson - - * getarg.c: pack short flag options togther, to shorten the usage - string - -2001-04-17 Johan Danielsson - - * getifaddrs.c (getifaddrs2): close socket when done - -2001-03-26 Johan Danielsson - - * roken.awk: END has to be last with Sun's awk - -2001-03-26 Assar Westerlund - - * parse_units.c (parse_something): do not check the return value - from strtod, it might return != 0.0 when the string has no digits. - just testing if it consumed any characters is enough and more - resilient - * glob.c: add GLOB_LIMIT (from NetBSD) - -2001-02-20 Assar Westerlund - - * warnerr.c (warnerr): do not use __progname - * roken.h.in (setprogname, getprogname): add prototypes - * warnerr.c (setprogname, getprogname): rename to. change all - callers - -2001-02-12 Assar Westerlund - - * getnameinfo_verified.c (getnameinfo_verified): do the first - getnameinfo with NI_NUMERICSERV to avoid the error that bind 8.2.3 - reports on not finding the service - (ENI_NOSERVNAME). reported by Ake Sandgren - -2001-02-09 Assar Westerlund - - * getnameinfo.c (doit): call inet_ntop with correct af, noted by - Ake Sandgren - -2001-02-08 Assar Westerlund - - * getnameinfo_verified.c (getnameinfo_verified): always capture - the service from getnameinfo so it can be sent back to getaddrinfo - and set socktype to avoid getaddrinfo not returning any addresses - -2001-01-30 Assar Westerlund - - * Makefile.am (libroken_la_LDFLAGS): bump version to 11:1:2 - * print_version.c (print_version): add 2001 - -2001-01-29 Assar Westerlund - - * getifaddrs.c (getifaddrs2): copy the entire sockaddr - - * roken-common.h (_PATH_BSHELL): add - -2001-01-27 Assar Westerlund - - * roken.h.in: move __attribute__ to roken-common.h - - * esetenv.c (esetenv): cast to handle a setenv that takes a `char - * which is the case on Unicos - -2000-12-29 Assar Westerlund - - * Makefile.am (EXTRA_libroken_la_SOURCES): ifaddrs.h -> - ifaddrs.hin - -2000-12-25 Assar Westerlund - - * getarg.c (print_arg): add a case for arg_strings - -2000-12-15 Johan Danielsson - - * snprintf.c (append_string): handle NULL strings by printing - `(null)' - -2000-12-12 Johan Danielsson - - * roken-common.h: add c++ externs - - * roken.h.in: fix last commit differently - -2000-12-11 Assar Westerlund - - * err.hin (warnerr): remove, it's not part of the err.h interface - * roken-common.h (warnerr): moved here from err.hin - * Makefile.am (libroken_la_LDFLAGS): set version to 11:0:2 - * vis.c: s/u_int32_t/unsigned/ for systems that do not define - u_int32_t - -2000-12-10 Johan Danielsson - - * Makefile.am: rename some headers to avoid conflict with possible - system headers - -2000-12-06 Johan Danielsson - - * vis.c: make sure _DIAGASSERT is defined - - * unvis.c: make sure _DIAGASSERT is defined - - * Makefile.am: unvis.c, and vis.h - - * vis.h: vis.h from NetBSD - - * unvis.c: unvis from NetBSD - - * roken.h.in: cleanup previous - - * roken-common.h: make `extern "C"' into a macro, this make emacs - much happier - - * vis.c: strvis implementation from NetBSD - - * roken.h.in: add prototypes for strvis* - -2000-12-05 Johan Danielsson - - * ifaddrs.h: fix freeifaddrs prototype, and add ifa_broadaddr - macro - - * getifaddrs.c: free some memory - -2000-12-04 Johan Danielsson - - * ifaddrs.h: getifaddrs implementation using SIOCGIFCONFIG etc - - * getifaddrs.c: getifaddrs implementation using SIOCGIFCONFIG etc - -2000-10-08 Assar Westerlund - - * mini_inetd.c (mini_inetd): check that fds are not too large to - select on - -2000-09-24 Assar Westerlund - - * esetenv.c: new file/function - -2000-08-16 Assar Westerlund - - * Makefile.am: bump version to 10:0:1 - -2000-08-10 Assar Westerlund - - * mini_inetd.c (accept_it): type-correctness on parameters to - accept - -2000-08-07 Johan Danielsson - - * roken.h.in: add proto compat for getsockname - -2000-08-04 Johan Danielsson - - * write_pid.c: conditionalise pidfile - - * write_pid.c: add pidfile function - -2000-07-25 Johan Danielsson - - * Makefile.am: bump version to 9:0:0 - - * warnerr.c: add get_progname - -2000-07-24 Assar Westerlund - - * getaddrinfo.c (add_hostent): if there's no fqdn in `he' try - reverse resolving to see if there's a fuller name there. don't - use just-freed memory - -2000-07-22 Assar Westerlund - - * xdbm.h: do not define ndbm functions in terms of dbm functions - if we're using db - -2000-07-20 Assar Westerlund - - * rtbl.c (rtbl_format): avoid printing an empty row at the end - -2000-07-19 Johan Danielsson - - * Makefile.am: make this compatible with `make dist' - - * Makefile.am: revert version number for now - -2000-07-18 Johan Danielsson - - * configure.in: AM_PROG_LIBTOOL -> AC_PROG_LIBTOOL - -2000-07-17 Johan Danielsson - - * Makefile.am: set ACLOCAL_AMFLAGS - -2000-07-15 Johan Danielsson - - * getaddrinfo_hostspec.c: add new function that takes socktype - hint as parameter - -2000-07-09 Assar Westerlund - - * rtbl.c (rtbl_add_column): initialize `col' completely - - * configure.in: bring headers and functions more in-line with - what's actually being used - -2000-07-08 Johan Danielsson - - * roken.h.in: declare ether_addr and sockaddr_dl for AIX - - * rtbl.{c,h}: simple table functions - -2000-07-08 Assar Westerlund - - * configure.in (AM_INIT_AUTOMAKE): bump version to 10 - * configure.in (AC_BROKEN): add strsep_copy - * Makefile.am (ACLOCAL): fetch files from cf - -2000-07-01 Assar Westerlund - - * roken-common.h (pid_file_*): fix protos - -2000-06-28 Assar Westerlund - - * getnameinfo_verified.c (getnameinfo_verified): free memory - returned from getaddrinfo - -2000-06-27 Assar Westerlund - - * resolve.c: export string_to_type and type_to_string - * resolve.c: add key,sig,cert update test-program - * resolve.h: add key,sig,cert - -2000-06-21 Assar Westerlund - - * resolve.h: add T_SIG, T_KEY - * resolve.c: add SIG and KEY - * Makefile.am (libroken_la_SOURCES): add environment.c and - write_pid.c - - * write_pid.c: new file for writing a pid file. - - * environment.c: new file with functionality for reading - /etc/environment. From Ake Sandgren - -2000-06-12 Johan Danielsson - - * strsep_copy.c: strsep, but with const stringp so returns string - in separate buffer - -2000-05-23 Assar Westerlund - - * vsyslog.c (vsyslog): calculate length of new format string - correctly - -2000-05-22 Johan Danielsson - - * getusershell.c: implment the AIX version use - /etc/security/login.cfg - -2000-05-21 Assar Westerlund - - * vsyslog.c (vsyslog): actually handle `%m' - -2000-05-15 Assar Westerlund - - * Makefile.am (libroken_la_LDFLAGS): set version to 8:1:3 - - * roken-common.h: moved __attribute__ to roken.h.in - -2000-04-14 Assar Westerlund - - * getaddrinfo_hostspec.c (roken_getaddrinfo_hostspec): copy the - correct length from `hostspec'. based on a patch from Love - - -2000-04-09 Assar Westerlund - - * xdbm.h: only include one of db.h and the dbm-series - -2000-04-05 Assar Westerlund - - * resolve.c (_resolve_debug): explicitly set to zero. this moves - the variable from bss to data and the dynamic linker on MacOS - X/Darwin seems unhappy with stuff in the bss segment. - -2000-04-03 Assar Westerlund - - * Makefile.am: set version to 8:0:3 - -2000-03-11 Assar Westerlund - - * roken.h.in (_SS_PAD1SIZE): try to write an inpenetrable - expression that also works on Crays - -2000-03-09 Assar Westerlund - - * getarg.c (arg_match_short): backup optind when there's a missing - argument so that the error can point at the flag and not the - non-existant argument - -2000-03-03 Assar Westerlund - - * Makefile.in (SOURCES): add timeval.c - * Makefile.am (libroken_la_SOURCES): add timeval.c - * timeval.c: new file - -2000-02-19 Assar Westerlund - - * Makefile.am: set version to 7:1:2 - -2000-02-16 Assar Westerlund - - * snprintf.c (PARSE_INT_FORMAT): note that shorts are actually - transmitted as ints - (according to the integer protomotion rules) in variable arguments - lists. Therefore, we should not call va_arg with short but rather - with int. See for - original bug report - -2000-02-13 Assar Westerlund - - * Makefile.am: bump version to 7:0:2 - - * getarg.c (mandoc_template): also fix no- prefix in .Sh OPTIONS - * getarg.c (mandoc_template): better man-stuff for negative - options - -2000-02-07 Assar Westerlund - - * Makefile.am: set version to 6:0:1 - -2000-02-06 Assar Westerlund - - * xdbm.h: hopefully catch a few more declarations by including - even if was found - -2000-01-26 Assar Westerlund - - * mini_inetd.c (mini_inetd): separate number of allocated sockets - and number of actual ones - * mini_inetd.c (mini_inetd): count sockets properly. and fail if - we cannot bind any - * mini_inetd.c (mini_inetd): make failing to create a socket - non-fatal - -2000-01-09 Assar Westerlund - - * Makefile.am(libroken_la_SOURCES): add strcollect.c - * Makefile.in: add strcollect.[co] - * simple_exec.c: use vstrcollect - * roken-common.h (_PATH_DEV): add - (strcollect, vstrcollect): add prototypes - * strcollect.c: new file. functions for collapsing an `va_list' - into an `char **' - -2000-01-06 Assar Westerlund - - * Makefile.am: bump version to 5:0:0 - -1999-12-30 Assar Westerlund - - * Makefile.am (strpftime_test_SOURCES): correct source file name - - * roken.h.in (sockaddr_storage): change padding so that we have - one char[] of pad and then an unsigned long[] (for alignment and - padding). this works much better in practice. - -1999-12-22 Assar Westerlund - - * roken.h.in (sockaddr_storage): drop leading underscore on - `public' fields. this was the consensus on the ipng mailing list - -1999-12-21 Assar Westerlund - - * Makefile.am (strpftime-test): define sources to avoid having - '.o' - * Makefile.am (print_version.h): use $(EXEEXT) - * Makefile.am (roken.h): add $(EXEEXT) to make this work on cygwin - et al - -1999-12-20 Assar Westerlund - - * Makefile.am (libroken_la_LDFLAGS): bump version to 4:3:0 - - * getaddrinfo.c (get_nodes): use getipnodebyname instead of - gethostbyname(2) - -1999-12-16 Assar Westerlund - - * Makefile.am (libroken_la_LDFLAGS): bump version to 4:2:0 - - * roken.h.in (struct sockaddr_storage): redefine with the example - code from rfc2553 - - * getaddrinfo.c (get_null): set loopback with correct endianess - for v4. dunno about v6. - -1999-12-13 Assar Westerlund - - * roken.h.in: add prototypes for str[pf]time - - * signal.c: macosx = rhapsody ~= nextstep also can't handle - various definitions of the same symbol. - -1999-12-12 Assar Westerlund - - * Makefile.am: bump version to 4:1:0 - -1999-12-06 Assar Westerlund - - * Makefile.am: bump version to 4:0:0 - -1999-12-05 Assar Westerlund - - * Makefile.in: replace inaddr2str with getnameinfo_verified - - * roken-common.h (INADDR_LOOPBACK): add fallback definition - - * roken-common.h: move getnameinfo_verified to roken.h.in - * roken.h.in (inaddr2str): remove - * Makefile.am (libroken_la_SOURCES); removed inaddr2str - * roken-common.h (getnameinfo_verified): add prototype - * getnameinfo_verified.c: new file - -1999-12-04 Assar Westerlund - - * roken-common.h: add constants for getaddrinfo, getnameinfo - * roken.h.in (socklen_t): make independent of sockaddr_storage - (AI_*, NI_*, EAI_*): move to roken-common.h - -1999-12-03 Assar Westerlund - - * mini_inetd.c (mini_inted): rewrite to use `getaddrinfo' - * getaddrinfo.c (const_v*): no sizeof(sizeof()) - * getaddrinfo.c (add_hostent): search for the canonical name among - all aliases - (getaddrinfo): handle AI_NUMERICHOST correctly - * Makefile.am (EXTRA_libroken_la_SOURCES): add freeaddinfo, - getaddrinfo, getnameinfo, gai_strerror - (getaddrinfo_test): add - * Makefile.in (SOURCES): add freeaddinfo, getaddrinfo, - getnameinfo, gai_strerror - (getaddrinfo_test): add - * roken.h.in: arpa/inet.h: include - (socklen_t): add - (struct addrinfo): add - (EAI_*): add - (NI_*): add - (AI_*): add - (getaddrinfo, getnameinfo, freeaddrinfo, gai_strerror): add - * getnameinfo.c: new file - * getaddrinfo-test.c: new file - * gai_strerror.c: new file - * getaddrinfo.c: new file - * freeaddrinfo.c: new file - -1999-11-25 Assar Westerlund - - * getopt.c (getopt): return -1 instead of EOF. From - - -1999-11-13 Assar Westerlund - - * strftime.c (strftime): handle `%z' and `%Z' in a tm_gmtoff-less - world - - * getcap.c: make sure to use db only if we have both the library - and the header file - -1999-11-12 Assar Westerlund - - * getarg.h: add arg_counter - * getarg.c: add a new type of argument: `arg_counter' re-organize - the code somewhat - - * Makefile.am: add strptime and strpftime-test - - * snprintf.c (xyzprintf): try to do the right thing with an % at - the end of the format string - - * strptime.c (strptime): implement '%U', '%V', '%W' - * strftime.c (strftime): implement '%U', '%V', '%W', '%z' - - * strftime.c (strftime): correct %E and %O handling. do something - reasonable with "...%" - - * strftime.c: replace the BSD implementation by one of our own - coding - - * strptime.c : new file - * strpftime-test.c: new file - -1999-11-07 Assar Westerlund - - * parse_bytes-test.c: new file - - * Makefile.am: add parse_bytes-test - - * parse_units.c (parse_something): try to handle the case of no - value specified a little bit better - -1999-11-04 Assar Westerlund - - * Makefile.am: bump version to 3:2:0 - -1999-10-30 Assar Westerlund - - * snprintf.c (PARSE_INT_FORMAT): add redundant casts to work - around a gcc-bug that manifests itself on Linux-PPC. From Tom - Rini - -1999-10-28 Assar Westerlund - - * Makefile.am: bump version to 3:1:0 - - * roken.h.in: use `unsigned char' instead of `u_int8_t' to avoid - having to have that definition. this is the easy way out instead - of getting the definition here where it's needed. flame me. - -Fri Oct 22 15:39:31 1999 Bjoern Groenvall - - * k_getpwuid.c (k_getpwuid): getspuid() does not exist (even - though it should), use getspnam(). - -1999-10-20 Assar Westerlund - - * Makefile.am: set version to 3:0:0 - -1999-10-18 Johan Danielsson - - * getarg.3: document arg_collect - - * getarg.c: change the way arg_collect works; it's still quite - horrible though - - * getarg.h: change type of the collect function - -1999-10-17 Assar Westerlund - - * xdbm.h: undo last commit - - * xdbm.h: reorder db includes - -1999-10-10 Assar Westerlund - - * socket.c: const-ize and comment - - * net_write.c: const-ize - - * base64.c: const-ize - -1999-10-06 Assar Westerlund - - * getarg.c (getarg): also set optind when returning error - -1999-09-26 Assar Westerlund - - * Makefile.am: add parse_bytes.[ch] - -1999-09-24 Johan Danielsson - - * getarg.3: getarg manpage - - * getarg.{c,h}: add a callback type to do more complicated processing - - * getarg.{c,h}: add floating point support - -1999-09-16 Assar Westerlund - - * strlcat.c (strlcat): call strlcpy - - * strlcpy.c: update name and prototype - - * strlcat.c: update name and prototype - - * roken.h.in: rename strc{py,at}_truncate to strlc{py,at} - - * Makefile.am: rename strc{py,at}_truncate -> strlc{py,at} - - * Makefile.in: rename strc{py,at}_truncate -> strlc{py,at} - - * strcpy_truncate.c (strcpy_truncate): change return value to be - the length of `src' - -1999-08-16 Assar Westerlund - - * getcap.c: try to make this work on systems with DB - -1999-08-16 Johan Danielsson - - * getcap.c: protect from db-less systems - -1999-08-09 Johan Danielsson - - * simple_exec.c: add simple_exec{ve,le} - - * getcap.c: getcap from NetBSD - -1999-08-06 Assar Westerlund - - * roken.h.in (sockaddr_storage): cater for those that have - v6-support also - -1999-08-05 Assar Westerlund - - * inet_ntop.c (inet_ntop_v4): remember to call ntohl - -1999-08-04 Assar Westerlund - - * roken-common.h: add shutdown constants - - * mini_inetd.c (listen_v4, listen_v6): handle the case of the - protocol not being supported - -1999-08-01 Assar Westerlund - - * mini_inetd.c (socket_set_reuseaddr): remove duplicate - -1999-07-29 Assar Westerlund - - * mini_inetd.c (mini_inetd): fix my stupid bugs - -1999-07-28 Assar Westerlund - - * roken-common.h: add socket* functions - - * Makefile.am (libroken_la_SOURCES): add socket.c - - * socket.c: new file, originally from appl/ftp/common - - * Makefile.am: set version to 2:0:2 - - * roken.h.in (inet_pton): add prototype - - * Makefile.am (EXTRA_libroken_la_SOURCES): add inet_pton - - * inet_pton.c: new file - - * getipnodebyname.c (getipnodebyname): try gethostbyname2 if we - have it - -1999-07-27 Assar Westerlund - - * mini_inetd.c: support IPv6 - -1999-07-26 Assar Westerlund - - * Makefile.am: set version to 1:0:1 - - * roken.h.in (inet_ntop): add prototype - - * roken-common.h: (INET{,6}_ADDRSTRLEN): add - - * inet_ntop.c: new file - - * Makefile.am (EXTRA_libroken_la_SOURCES): add inet_ntop.c - - * Makefile.am: move some files from libroken_la_SOURCES to - EXTRA_libroken_la_SOURCES - - * snprintf.c: some signed vs unsigned casts - -1999-07-24 Assar Westerlund - - * roken.h.in (struct sockaddr_storage): define it needed - -1999-07-19 Assar Westerlund - - * Makefile.am (libroken_la_SOURCES): add copyhostent.c, - freehostent.c, getipnodebyname.c, getipnodebyaddr.c - - * roken.h.in: : include - (copyhostent, freehostent, getipnodebyname, getipnodebyaddr): add - prototypes - - * roken-common.h: new constants for getipnodeby* - - * Makefile.in (SOURCES): add freehostent, copyhostent, - getipnodebyname, getipnodebyaddr - - * freehostent.c: new file - - * copyhostent.c: new file - - * getipnodebyaddr.c: new file - - * getipnodebyname.c: new file - -1999-07-13 Assar Westerlund - - * roken.h.in (k_getpwnam): update prototype - - * k_getpwnam.c (k_getpwnam): const-ize - - * get_default_username.c (get_default_username): a better way of - guessing when the user has su:ed - -1999-07-08 Johan Danielsson - - * roken.awk: use puts, as suggested by Jeffrey Hutzelman - - -1999-07-06 Assar Westerlund - - * readv.c (readv): typo - -1999-07-03 Assar Westerlund - - * writev.c (writev): error check malloc properly - - * sendmsg.c (sendmsg): error check malloc properly - - * resolve.c (parse_reply): error check malloc properly - - * recvmsg.c (recvmsg): error check malloc properly - - * readv.c (readv): error check malloc properly - -1999-06-23 Assar Westerlund - - * parse_units.c (acc_units): move the special case of 0 -> 1 to - parse_something to avoid having it happen at the end of the string - -1999-06-15 Assar Westerlund - - * Makefile.in: add get_default_username - - * get_default_username.c: new file - - * roken.h.in (get_default_username): add prototype - - * Makefile.am: add get_default_username - -1999-05-08 Assar Westerlund - - * xdbm.h: also try with DB_DBM_HSEARCH == 1 - - * strnlen.c (strnlen): update prototype - - * Makefile.am: strndup.c: add - - * Makefile.in: strndup.c: add - - * roken.h.in (strndup): add - (strnlen): update prototype - - * strndup.c: new file - -Fri Apr 16 17:59:30 1999 Assar Westerlund - - * roken.h.in: include strsep prototype if needed - -Thu Apr 15 14:04:03 1999 Johan Danielsson - - * Makefile.am: make make-print-version.o depend on version.h - -Wed Apr 7 14:11:00 1999 Johan Danielsson - - * Makefile.am: make it compile w/o krb4 - -Sat Mar 27 17:33:03 1999 Johan Danielsson - - * snprintf.c (vasnprintf): correct check if realloc returns NULL - -Sat Mar 27 12:37:55 1999 Johan Danielsson - - * Makefile.am: link print_version with -ldes to avoid unresolved - references if -lkrb is shared - -Sat Mar 20 03:42:30 1999 Assar Westerlund - - * roken-common.h (eread, ewrite): add - - * simple_exec.c: add - -Fri Mar 19 21:29:58 1999 Assar Westerlund - - * Makefile.in: add eread, ewrite - - * eread.c, ewrite.c: new files - - * Makefile.am (libroken_la_SOURCES): add eread and ewrite - -Fri Mar 19 14:52:57 1999 Johan Danielsson - - * Makefile.am: add version-info - -Thu Mar 18 12:53:32 1999 Johan Danielsson - - * Makefile.am: remove include_dir hack - - * Makefile.am: parse_units.h - - * Makefile.am: include Makefile.am.common - -Sat Mar 13 23:31:35 1999 Assar Westerlund - - * Makefile.in (SOURCES): add glob.c - -Thu Mar 11 15:02:21 1999 Johan Danielsson - - * iruserok.c: move innetgr() to separate file - - * innetgr.c: move innetgr() to separate file - - * hstrerror.c (hstrerror): add const to return type - - * erealloc.c: fix types in format string - - * emalloc.c: fix types in format string - -Wed Mar 10 16:36:55 1999 Johan Danielsson - - * resolve.c: ugly fix for crays - -Mon Mar 8 11:52:20 1999 Johan Danielsson - - * roken.h.in: protos for {un,}setenv - -1999-02-16 Assar Westerlund - - * Makefile.in (SOURCES): add fnmatch - - * roken-common.h (abs): add - -Sat Feb 13 17:12:53 1999 Assar Westerlund - - * emalloc.c, erealloc.c, estrup.c: new files - - * roken.h.in (mkstemp, gethostname): also includes prototypes if - they are needed. - -1998-12-23 Assar Westerlund - - * roken.h.in: mkstemp: add prototype - -1998-12-20 Assar Westerlund - - * snprintf.c, iruserok.c, parse-units.c: unsigned char-correctness - - * roken.h.in (inet_aton): also chedk NEED_INET_ATON_PROTO - - * roken-common.h: __attribute__: check for autoconf'd - HAVE___ATTRIBUTE__ instead of GNUC - -Sun Dec 6 19:53:21 1998 Assar Westerlund - - * parse_units.c (parse_something): func is called with val == 0 if - no unit was given - (acc_flags, acc_units): update to new standard - -Fri Nov 27 03:09:42 1998 Assar Westerlund - - * resolve.c (stot): constify - (type_to_string): always declare - (dns_lookup_int): correct debug output - -Thu Nov 26 23:43:55 1998 Assar Westerlund - - * resolve.c (dns_lookup_int): send rr_class to res_search - -Thu Nov 26 17:09:47 1998 Johan Danielsson - - * resolve.c: some cleanup - - * resolve.h: add T_NAPTR - -Sun Nov 22 10:23:07 1998 Assar Westerlund - - * Makefile.in (WFLAGS): set - - * k_getpwnam.c (k_getpwnam): check for `struct spwd' - - * k_getpwuid.c (k_getpwuid): check for `struct spwd' - -Tue Sep 8 05:18:31 1998 Assar Westerlund - - * recvmsg.c (recvmsg): patch from bpreece@unity.ncsu.edu - -Fri Sep 4 16:29:27 1998 Johan Danielsson - - * vsyslog.c: asprintf -> vasprintf - -Tue Aug 18 22:25:52 1998 Assar Westerlund - - * getarg.h (arg_printusage): new signature - - * getarg.c (arg_printusage): new parameter `progname'. NULL means - __progname. - -Sun Aug 9 14:53:44 1998 Johan Danielsson - - * Makefile.am: net_{read,write}.c - -Fri Jul 24 21:56:02 1998 Assar Westerlund - - * simple_exec.c (simple_execvp): loop around waitpid when errno == - EINTR - -Thu Jul 23 20:24:35 1998 Johan Danielsson - - * Makefile.am: net_{read,write}.c - -Wed Jul 22 21:38:35 1998 Assar Westerlund - - * simple_exec.c (simple_execlp): initialize `argv' - -Mon Jul 13 23:01:22 1998 Assar Westerlund - - * inaddr2str.c (inaddr2str): don't advance hostent->h_addr_list, - use a copy instead - -Fri Jul 10 01:20:08 1998 Assar Westerlund - - * roken.h.in (net_write, net_read): add prototypes - - * Makefile.in: net_{read,write}.c: add - - * net_{read,write}.c: new files - -Tue Jun 30 17:29:09 1998 Assar Westerlund - - * roken.h.in (issuid): add - - * get_window_size.c: fix misspelling of TIOCGWINSZ and bad use of - fields - -Sun May 31 03:24:34 1998 Johan Danielsson - - * getarg.c (mandoc_template): Put short and long options in - SYNOPSIS within the same [ ] pair. - -Sat May 30 00:13:01 1998 Johan Danielsson - - * getarg.c (arg_printusage): try to keep options shorter than - column width - - * get_window_size.c (get_window_size): check COLUMNS and LINES - -Fri May 29 00:05:04 1998 Johan Danielsson - - * getarg.c (mandoc_template): Put short and long options in - DESCRIPTION on the same line. - - * getarg.c (arg_match_long): make sure you only get an exact match - if the strings are the same length - -Thu May 14 02:23:40 1998 Assar Westerlund - - * roken.awk: stupid cray awk wants \# - -Fri May 1 01:29:36 1998 Assar Westerlund - - * print_version.c (print_version): according to ISO/ANSI C the - elements of `arg' are not constant and therefore not settable at - compile-time. Set the at run-time instead. - -Sun Apr 19 10:00:06 1998 Assar Westerlund - - * roken.h.in: include paths.h - -Sun Apr 5 12:30:49 1998 Assar Westerlund - - * Makefile.in (SOURCES): add roken_gethostby.c to make solaris - make happy - -Thu Mar 19 20:41:25 1998 Johan Danielsson - - * simple_exec.c: Simple fork+exec system() replacement. - -Fri Mar 6 00:21:53 1998 Johan Danielsson - - * roken_gethostby.c: Make `roken_gethostby_setup' take URL-like - specification instead of split up versions. Makes it easier for - calling applications. - - * roken_gethostby.c: Another miracle of the 20th century: - gethostby* over HTTP. - -Sat Feb 21 15:18:36 1998 assar westerlund - - * parse_time.c (unparse_time_approx): new function that calls - `unparse_units_approx' - - * parse_units.c (unparse_units_approx): new function that will - only print the first unit. - - * Makefile.in: include parse_{time,units} - -Thu Feb 12 03:30:08 1998 Assar Westerlund - - * parse_time.c (print_time_table): don't return a void value. - -Tue Feb 3 11:06:24 1998 Johan Danielsson - - * getarg.c (mandoc_template): Change date format to full month - name, and day of month without leading zero. - -Thu Jan 22 21:23:23 1998 Johan Danielsson - - * getarg.c: Fix long form of negative flags. - -Mon Dec 29 23:31:10 1997 Johan Danielsson - - * roken.h.in: Include , to get linux __progname. - -Sun Dec 21 09:45:18 1997 Assar Westerlund - - * parse_time.c (print_time_table): new function - - * parse_units.c (print_flags_table, print_units_table): new - functions. - -Thu Dec 4 02:51:46 1997 Assar Westerlund - - * iruserok.c: moved here. - - * snprintf.c (sn_append_char): don't write any terminating zero. - (as_reserve): don't loop. better heuristic for how much space to - realloc. - (vasnprintf): simplify initializing to one. - -Sun Nov 30 14:56:59 1997 Johan Danielsson - - * getarg.c: Add mandoc help back-end to getarg. - -Wed Nov 12 01:09:17 1997 Johan Danielsson - - * verr.c, verrx.c: Fix warnings by moving exit from. - -Tue Nov 11 21:12:09 1997 Johan Danielsson - - * parse_units.c: Change the list of separating characters (between - units) to comma, space, and tab, removing digits. Having digits in - this list makes a flag like `T42 generate a parse error. This - change makes `17m3s' an invalid time-spec (you need a space). - -Tue Nov 11 02:38:44 1997 Assar Westerlund - - * roken.h: add - -Sun Nov 9 04:48:46 1997 Johan Danielsson - - * fnmatch.c: Add fnmatch from NetBSD - -Sun Nov 9 02:00:08 1997 Assar Westerlund - - * parse_units.c (parse_something): ignore white-space and ',' - -Mon Nov 3 22:38:32 1997 Assar Westerlund - - * roken.h: fclose prototype - - * roken.h: add prototype for vsyslog - - * Makefile.in: add some more source files to make soriasis make - happy - -Sat Nov 1 00:19:21 1997 Assar Westerlund - - * roken.h: include and . - prototypes for readv and writev - - * readv.c, writev.c: new files - -Wed Oct 29 02:21:38 1997 Assar Westerlund - - * roken.h: Add ugly macros for openlog, gethostbyname, - gethostbyaddr, and getservbyname for the benefit of Crays. Add - default definition of MAXPATHLEN diff --git a/crypto/heimdal/lib/roken/Makefile.am b/crypto/heimdal/lib/roken/Makefile.am deleted file mode 100644 index b1a4251fcddc..000000000000 --- a/crypto/heimdal/lib/roken/Makefile.am +++ /dev/null @@ -1,194 +0,0 @@ -# $Id: Makefile.am 22409 2008-01-12 05:53:37Z lha $ - -include $(top_srcdir)/Makefile.am.common - -ACLOCAL_AMFLAGS = -I ../../cf - -CLEANFILES = roken.h make-roken.c $(XHEADERS) - -lib_LTLIBRARIES = libroken.la -libroken_la_LDFLAGS = -version-info 19:0:1 -libroken_la_CPPFLAGS = -DBUILD_ROKEN_LIB - -# XXX this is needed for the LIBOBJS objects -CPPFLAGS = $(libroken_la_CPPFLAGS) - -noinst_PROGRAMS = make-roken snprintf-test resolve-test - -nodist_make_roken_SOURCES = make-roken.c - -check_PROGRAMS = \ - base64-test \ - getaddrinfo-test \ - hex-test \ - test-readenv \ - parse_bytes-test \ - parse_reply-test \ - parse_time-test \ - snprintf-test \ - strpftime-test - -TESTS = $(check_PROGRAMS) - -LDADD = libroken.la $(LIB_crypt) -make_roken_LDADD = - -noinst_LTLIBRARIES = libtest.la -libtest_la_SOURCES = strftime.c strptime.c snprintf.c -libtest_la_CFLAGS = -DTEST_SNPRINTF -DTEST_STRPFTIME - -parse_reply_test_SOURCES = parse_reply-test.c resolve.c -parse_reply_test_CFLAGS = -DTEST_RESOLVE - -test_readenv_SOURCES = test-readenv.c test-mem.c - -parse_time_test_SOURCES = parse_time-test.c test-mem.c - -strpftime_test_SOURCES = strpftime-test.c strpftime-test.h -strpftime_test_LDADD = libtest.la $(LDADD) -strpftime_test_CFLAGS = -DTEST_STRPFTIME -snprintf_test_SOURCES = snprintf-test.c snprintf-test.h -snprintf_test_LDADD = libtest.la $(LDADD) -snprintf_test_CFLAGS = -DTEST_SNPRINTF - -resolve_test_SOURCES = resolve-test.c - -libroken_la_SOURCES = \ - base64.c \ - bswap.c \ - concat.c \ - dumpdata.c \ - environment.c \ - eread.c \ - esetenv.c \ - ewrite.c \ - getaddrinfo_hostspec.c \ - get_default_username.c \ - get_window_size.c \ - getarg.c \ - getnameinfo_verified.c \ - getprogname.c \ - h_errno.c \ - hex.c \ - hostent_find_fqdn.c \ - issuid.c \ - k_getpwnam.c \ - k_getpwuid.c \ - mini_inetd.c \ - net_read.c \ - net_write.c \ - parse_bytes.c \ - parse_time.c \ - parse_units.c \ - realloc.c \ - resolve.c \ - roken_gethostby.c \ - rtbl.c \ - rtbl.h \ - setprogname.c \ - signal.c \ - simple_exec.c \ - snprintf.c \ - socket.c \ - strcollect.c \ - strpool.c \ - timeval.c \ - tm2time.c \ - unvis.c \ - verify.c \ - vis.c \ - vis.h \ - warnerr.c \ - write_pid.c \ - xdbm.h - -EXTRA_libroken_la_SOURCES = \ - err.hin \ - glob.hin \ - fnmatch.hin \ - ifaddrs.hin \ - vis.hin - -libroken_la_LIBADD = @LTLIBOBJS@ - -$(LTLIBOBJS) $(libroken_la_OBJECTS): roken.h $(XHEADERS) - -BUILT_SOURCES = make-roken.c roken.h - -if have_err_h -err_h = -else -err_h = err.h -endif - -if have_fnmatch_h -fnmatch_h = -else -fnmatch_h = fnmatch.h -endif - -if have_glob_h -glob_h = -else -glob_h = glob.h -endif - -if have_ifaddrs_h -ifaddrs_h = -else -ifaddrs_h = ifaddrs.h -endif - -if have_vis_h -vis_h = -else -vis_h = vis.h -endif - -## these are controlled by configure -XHEADERS = $(err_h) $(fnmatch_h) $(glob_h) $(ifaddrs_h) $(vis_h) -CLEANFILES += err.h fnmatch.h glob.h ifaddrs.h vis.h - -dist_include_HEADERS = \ - base64.h \ - getarg.h \ - hex.h \ - parse_bytes.h \ - parse_time.h \ - parse_units.h \ - resolve.h \ - roken-common.h \ - rtbl.h \ - xdbm.h - -if have_socket_wrapper -libroken_la_SOURCES += socket_wrapper.c socket_wrapper.h -dist_include_HEADERS += socket_wrapper.h -endif - -build_HEADERZ = test-mem.h $(XHEADERS) - -nodist_include_HEADERS = roken.h -rokenincludedir = $(includedir)/roken -nodist_rokeninclude_HEADERS = $(XHEADERS) - -man_MANS = getarg.3 parse_time.3 rtbl.3 ecalloc.3 - -SUFFIXES += .hin -.hin.h: - cp $< $@ - -roken.h: make-roken$(EXEEXT) - @./make-roken$(EXEEXT) > tmp.h ;\ - if [ -f roken.h ] && cmp -s tmp.h roken.h ; then rm -f tmp.h ; \ - else rm -f roken.h; mv tmp.h roken.h; fi - -make-roken.c: roken.h.in roken.awk - $(AWK) -f $(srcdir)/roken.awk $(srcdir)/roken.h.in > make-roken.c - -EXTRA_DIST = \ - roken.awk roken.h.in \ - $(man_MANS) \ - test-mem.h \ - ndbm_wrap.c \ - ndbm_wrap.h diff --git a/crypto/heimdal/lib/roken/Makefile.in b/crypto/heimdal/lib/roken/Makefile.in deleted file mode 100644 index 0398523aae57..000000000000 --- a/crypto/heimdal/lib/roken/Makefile.in +++ /dev/null @@ -1,1426 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22409 2008-01-12 05:53:37Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - - - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(am__dist_include_HEADERS_DIST) $(srcdir)/Makefile.am \ - $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog chown.c \ - closefrom.c copyhostent.c daemon.c ecalloc.c emalloc.c \ - erealloc.c err.c errx.c estrdup.c fchown.c flock.c fnmatch.c \ - freeaddrinfo.c freehostent.c gai_strerror.c getaddrinfo.c \ - getcap.c getcwd.c getdtablesize.c getegid.c geteuid.c getgid.c \ - gethostname.c getifaddrs.c getipnodebyaddr.c getipnodebyname.c \ - getnameinfo.c getopt.c gettimeofday.c getuid.c getusershell.c \ - glob.c hstrerror.c inet_aton.c inet_ntop.c inet_pton.c \ - initgroups.c innetgr.c install-sh iruserok.c localtime_r.c \ - lstat.c memmove.c missing mkinstalldirs mkstemp.c putenv.c \ - rcmd.c readv.c recvmsg.c sendmsg.c setegid.c setenv.c \ - seteuid.c strcasecmp.c strdup.c strerror.c strftime.c \ - strlcat.c strlcpy.c strlwr.c strncasecmp.c strndup.c strnlen.c \ - strptime.c strsep.c strsep_copy.c strtok_r.c strupr.c swab.c \ - timegm.c unsetenv.c verr.c verrx.c vsyslog.c vwarn.c vwarnx.c \ - warn.c warnx.c writev.c -noinst_PROGRAMS = make-roken$(EXEEXT) snprintf-test$(EXEEXT) \ - resolve-test$(EXEEXT) -check_PROGRAMS = base64-test$(EXEEXT) getaddrinfo-test$(EXEEXT) \ - hex-test$(EXEEXT) test-readenv$(EXEEXT) \ - parse_bytes-test$(EXEEXT) parse_reply-test$(EXEEXT) \ - parse_time-test$(EXEEXT) snprintf-test$(EXEEXT) \ - strpftime-test$(EXEEXT) -@have_socket_wrapper_TRUE@am__append_1 = socket_wrapper.c socket_wrapper.h -@have_socket_wrapper_TRUE@am__append_2 = socket_wrapper.h -subdir = lib/roken -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(man3dir)" \ - "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)" \ - "$(DESTDIR)$(rokenincludedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) -LTLIBRARIES = $(lib_LTLIBRARIES) $(noinst_LTLIBRARIES) -libroken_la_DEPENDENCIES = @LTLIBOBJS@ -am__libroken_la_SOURCES_DIST = base64.c bswap.c concat.c dumpdata.c \ - environment.c eread.c esetenv.c ewrite.c \ - getaddrinfo_hostspec.c get_default_username.c \ - get_window_size.c getarg.c getnameinfo_verified.c \ - getprogname.c h_errno.c hex.c hostent_find_fqdn.c issuid.c \ - k_getpwnam.c k_getpwuid.c mini_inetd.c net_read.c net_write.c \ - parse_bytes.c parse_time.c parse_units.c realloc.c resolve.c \ - roken_gethostby.c rtbl.c rtbl.h setprogname.c signal.c \ - simple_exec.c snprintf.c socket.c strcollect.c strpool.c \ - timeval.c tm2time.c unvis.c verify.c vis.c vis.h warnerr.c \ - write_pid.c xdbm.h socket_wrapper.c socket_wrapper.h -@have_socket_wrapper_TRUE@am__objects_1 = \ -@have_socket_wrapper_TRUE@ libroken_la-socket_wrapper.lo -am_libroken_la_OBJECTS = libroken_la-base64.lo libroken_la-bswap.lo \ - libroken_la-concat.lo libroken_la-dumpdata.lo \ - libroken_la-environment.lo libroken_la-eread.lo \ - libroken_la-esetenv.lo libroken_la-ewrite.lo \ - libroken_la-getaddrinfo_hostspec.lo \ - libroken_la-get_default_username.lo \ - libroken_la-get_window_size.lo libroken_la-getarg.lo \ - libroken_la-getnameinfo_verified.lo libroken_la-getprogname.lo \ - libroken_la-h_errno.lo libroken_la-hex.lo \ - libroken_la-hostent_find_fqdn.lo libroken_la-issuid.lo \ - libroken_la-k_getpwnam.lo libroken_la-k_getpwuid.lo \ - libroken_la-mini_inetd.lo libroken_la-net_read.lo \ - libroken_la-net_write.lo libroken_la-parse_bytes.lo \ - libroken_la-parse_time.lo libroken_la-parse_units.lo \ - libroken_la-realloc.lo libroken_la-resolve.lo \ - libroken_la-roken_gethostby.lo libroken_la-rtbl.lo \ - libroken_la-setprogname.lo libroken_la-signal.lo \ - libroken_la-simple_exec.lo libroken_la-snprintf.lo \ - libroken_la-socket.lo libroken_la-strcollect.lo \ - libroken_la-strpool.lo libroken_la-timeval.lo \ - libroken_la-tm2time.lo libroken_la-unvis.lo \ - libroken_la-verify.lo libroken_la-vis.lo \ - libroken_la-warnerr.lo libroken_la-write_pid.lo \ - $(am__objects_1) -libroken_la_OBJECTS = $(am_libroken_la_OBJECTS) -libroken_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ - $(libroken_la_LDFLAGS) $(LDFLAGS) -o $@ -libtest_la_LIBADD = -am_libtest_la_OBJECTS = libtest_la-strftime.lo libtest_la-strptime.lo \ - libtest_la-snprintf.lo -libtest_la_OBJECTS = $(am_libtest_la_OBJECTS) -libtest_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(libtest_la_CFLAGS) \ - $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -PROGRAMS = $(noinst_PROGRAMS) -base64_test_SOURCES = base64-test.c -base64_test_OBJECTS = base64-test.$(OBJEXT) -base64_test_LDADD = $(LDADD) -am__DEPENDENCIES_1 = -base64_test_DEPENDENCIES = libroken.la $(am__DEPENDENCIES_1) -getaddrinfo_test_SOURCES = getaddrinfo-test.c -getaddrinfo_test_OBJECTS = getaddrinfo-test.$(OBJEXT) -getaddrinfo_test_LDADD = $(LDADD) -getaddrinfo_test_DEPENDENCIES = libroken.la $(am__DEPENDENCIES_1) -hex_test_SOURCES = hex-test.c -hex_test_OBJECTS = hex-test.$(OBJEXT) -hex_test_LDADD = $(LDADD) -hex_test_DEPENDENCIES = libroken.la $(am__DEPENDENCIES_1) -nodist_make_roken_OBJECTS = make-roken.$(OBJEXT) -make_roken_OBJECTS = $(nodist_make_roken_OBJECTS) -make_roken_DEPENDENCIES = -parse_bytes_test_SOURCES = parse_bytes-test.c -parse_bytes_test_OBJECTS = parse_bytes-test.$(OBJEXT) -parse_bytes_test_LDADD = $(LDADD) -parse_bytes_test_DEPENDENCIES = libroken.la $(am__DEPENDENCIES_1) -am_parse_reply_test_OBJECTS = \ - parse_reply_test-parse_reply-test.$(OBJEXT) \ - parse_reply_test-resolve.$(OBJEXT) -parse_reply_test_OBJECTS = $(am_parse_reply_test_OBJECTS) -parse_reply_test_LDADD = $(LDADD) -parse_reply_test_DEPENDENCIES = libroken.la $(am__DEPENDENCIES_1) -parse_reply_test_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(parse_reply_test_CFLAGS) \ - $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -am_parse_time_test_OBJECTS = parse_time-test.$(OBJEXT) \ - test-mem.$(OBJEXT) -parse_time_test_OBJECTS = $(am_parse_time_test_OBJECTS) -parse_time_test_LDADD = $(LDADD) -parse_time_test_DEPENDENCIES = libroken.la $(am__DEPENDENCIES_1) -am_resolve_test_OBJECTS = resolve-test.$(OBJEXT) -resolve_test_OBJECTS = $(am_resolve_test_OBJECTS) -resolve_test_LDADD = $(LDADD) -resolve_test_DEPENDENCIES = libroken.la $(am__DEPENDENCIES_1) -am_snprintf_test_OBJECTS = snprintf_test-snprintf-test.$(OBJEXT) -snprintf_test_OBJECTS = $(am_snprintf_test_OBJECTS) -am__DEPENDENCIES_2 = libroken.la $(am__DEPENDENCIES_1) -snprintf_test_DEPENDENCIES = libtest.la $(am__DEPENDENCIES_2) -snprintf_test_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(snprintf_test_CFLAGS) \ - $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -am_strpftime_test_OBJECTS = strpftime_test-strpftime-test.$(OBJEXT) -strpftime_test_OBJECTS = $(am_strpftime_test_OBJECTS) -strpftime_test_DEPENDENCIES = libtest.la $(am__DEPENDENCIES_2) -strpftime_test_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(strpftime_test_CFLAGS) \ - $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -am_test_readenv_OBJECTS = test-readenv.$(OBJEXT) test-mem.$(OBJEXT) -test_readenv_OBJECTS = $(am_test_readenv_OBJECTS) -test_readenv_LDADD = $(LDADD) -test_readenv_DEPENDENCIES = libroken.la $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(libroken_la_SOURCES) $(EXTRA_libroken_la_SOURCES) \ - $(libtest_la_SOURCES) base64-test.c getaddrinfo-test.c \ - hex-test.c $(nodist_make_roken_SOURCES) parse_bytes-test.c \ - $(parse_reply_test_SOURCES) $(parse_time_test_SOURCES) \ - $(resolve_test_SOURCES) $(snprintf_test_SOURCES) \ - $(strpftime_test_SOURCES) $(test_readenv_SOURCES) -DIST_SOURCES = $(am__libroken_la_SOURCES_DIST) \ - $(EXTRA_libroken_la_SOURCES) $(libtest_la_SOURCES) \ - base64-test.c getaddrinfo-test.c hex-test.c parse_bytes-test.c \ - $(parse_reply_test_SOURCES) $(parse_time_test_SOURCES) \ - $(resolve_test_SOURCES) $(snprintf_test_SOURCES) \ - $(strpftime_test_SOURCES) $(test_readenv_SOURCES) -man3dir = $(mandir)/man3 -MANS = $(man_MANS) -am__dist_include_HEADERS_DIST = base64.h getarg.h hex.h parse_bytes.h \ - parse_time.h parse_units.h resolve.h roken-common.h rtbl.h \ - xdbm.h socket_wrapper.h -dist_includeHEADERS_INSTALL = $(INSTALL_HEADER) -nodist_includeHEADERS_INSTALL = $(INSTALL_HEADER) -nodist_rokenincludeHEADERS_INSTALL = $(INSTALL_HEADER) -HEADERS = $(dist_include_HEADERS) $(nodist_include_HEADERS) \ - $(nodist_rokeninclude_HEADERS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ - -# XXX this is needed for the LIBOBJS objects -CPPFLAGS = $(libroken_la_CPPFLAGS) -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .hin -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -ACLOCAL_AMFLAGS = -I ../../cf -CLEANFILES = roken.h make-roken.c $(XHEADERS) err.h fnmatch.h glob.h \ - ifaddrs.h vis.h -lib_LTLIBRARIES = libroken.la -libroken_la_LDFLAGS = -version-info 19:0:1 -libroken_la_CPPFLAGS = -DBUILD_ROKEN_LIB -nodist_make_roken_SOURCES = make-roken.c -TESTS = $(check_PROGRAMS) -LDADD = libroken.la $(LIB_crypt) -make_roken_LDADD = -noinst_LTLIBRARIES = libtest.la -libtest_la_SOURCES = strftime.c strptime.c snprintf.c -libtest_la_CFLAGS = -DTEST_SNPRINTF -DTEST_STRPFTIME -parse_reply_test_SOURCES = parse_reply-test.c resolve.c -parse_reply_test_CFLAGS = -DTEST_RESOLVE -test_readenv_SOURCES = test-readenv.c test-mem.c -parse_time_test_SOURCES = parse_time-test.c test-mem.c -strpftime_test_SOURCES = strpftime-test.c strpftime-test.h -strpftime_test_LDADD = libtest.la $(LDADD) -strpftime_test_CFLAGS = -DTEST_STRPFTIME -snprintf_test_SOURCES = snprintf-test.c snprintf-test.h -snprintf_test_LDADD = libtest.la $(LDADD) -snprintf_test_CFLAGS = -DTEST_SNPRINTF -resolve_test_SOURCES = resolve-test.c -libroken_la_SOURCES = base64.c bswap.c concat.c dumpdata.c \ - environment.c eread.c esetenv.c ewrite.c \ - getaddrinfo_hostspec.c get_default_username.c \ - get_window_size.c getarg.c getnameinfo_verified.c \ - getprogname.c h_errno.c hex.c hostent_find_fqdn.c issuid.c \ - k_getpwnam.c k_getpwuid.c mini_inetd.c net_read.c net_write.c \ - parse_bytes.c parse_time.c parse_units.c realloc.c resolve.c \ - roken_gethostby.c rtbl.c rtbl.h setprogname.c signal.c \ - simple_exec.c snprintf.c socket.c strcollect.c strpool.c \ - timeval.c tm2time.c unvis.c verify.c vis.c vis.h warnerr.c \ - write_pid.c xdbm.h $(am__append_1) -EXTRA_libroken_la_SOURCES = \ - err.hin \ - glob.hin \ - fnmatch.hin \ - ifaddrs.hin \ - vis.hin - -libroken_la_LIBADD = @LTLIBOBJS@ -BUILT_SOURCES = make-roken.c roken.h -@have_err_h_FALSE@err_h = err.h -@have_err_h_TRUE@err_h = -@have_fnmatch_h_FALSE@fnmatch_h = fnmatch.h -@have_fnmatch_h_TRUE@fnmatch_h = -@have_glob_h_FALSE@glob_h = glob.h -@have_glob_h_TRUE@glob_h = -@have_ifaddrs_h_FALSE@ifaddrs_h = ifaddrs.h -@have_ifaddrs_h_TRUE@ifaddrs_h = -@have_vis_h_FALSE@vis_h = vis.h -@have_vis_h_TRUE@vis_h = -XHEADERS = $(err_h) $(fnmatch_h) $(glob_h) $(ifaddrs_h) $(vis_h) -dist_include_HEADERS = base64.h getarg.h hex.h parse_bytes.h \ - parse_time.h parse_units.h resolve.h roken-common.h rtbl.h \ - xdbm.h $(am__append_2) -build_HEADERZ = test-mem.h $(XHEADERS) -nodist_include_HEADERS = roken.h -rokenincludedir = $(includedir)/roken -nodist_rokeninclude_HEADERS = $(XHEADERS) -man_MANS = getarg.3 parse_time.3 rtbl.3 ecalloc.3 -EXTRA_DIST = \ - roken.awk roken.h.in \ - $(man_MANS) \ - test-mem.h \ - ndbm_wrap.c \ - ndbm_wrap.h - -all: $(BUILT_SOURCES) - $(MAKE) $(AM_MAKEFLAGS) all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .hin .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/roken/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/roken/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-libLTLIBRARIES: $(lib_LTLIBRARIES) - @$(NORMAL_INSTALL) - test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ - else :; fi; \ - done - -uninstall-libLTLIBRARIES: - @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ - done - -clean-libLTLIBRARIES: - -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done - -clean-noinstLTLIBRARIES: - -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) - @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done -libroken.la: $(libroken_la_OBJECTS) $(libroken_la_DEPENDENCIES) - $(libroken_la_LINK) -rpath $(libdir) $(libroken_la_OBJECTS) $(libroken_la_LIBADD) $(LIBS) -libtest.la: $(libtest_la_OBJECTS) $(libtest_la_DEPENDENCIES) - $(libtest_la_LINK) $(libtest_la_OBJECTS) $(libtest_la_LIBADD) $(LIBS) - -clean-checkPROGRAMS: - @list='$(check_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done - -clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -base64-test$(EXEEXT): $(base64_test_OBJECTS) $(base64_test_DEPENDENCIES) - @rm -f base64-test$(EXEEXT) - $(LINK) $(base64_test_OBJECTS) $(base64_test_LDADD) $(LIBS) -getaddrinfo-test$(EXEEXT): $(getaddrinfo_test_OBJECTS) $(getaddrinfo_test_DEPENDENCIES) - @rm -f getaddrinfo-test$(EXEEXT) - $(LINK) $(getaddrinfo_test_OBJECTS) $(getaddrinfo_test_LDADD) $(LIBS) -hex-test$(EXEEXT): $(hex_test_OBJECTS) $(hex_test_DEPENDENCIES) - @rm -f hex-test$(EXEEXT) - $(LINK) $(hex_test_OBJECTS) $(hex_test_LDADD) $(LIBS) -make-roken$(EXEEXT): $(make_roken_OBJECTS) $(make_roken_DEPENDENCIES) - @rm -f make-roken$(EXEEXT) - $(LINK) $(make_roken_OBJECTS) $(make_roken_LDADD) $(LIBS) -parse_bytes-test$(EXEEXT): $(parse_bytes_test_OBJECTS) $(parse_bytes_test_DEPENDENCIES) - @rm -f parse_bytes-test$(EXEEXT) - $(LINK) $(parse_bytes_test_OBJECTS) $(parse_bytes_test_LDADD) $(LIBS) -parse_reply-test$(EXEEXT): $(parse_reply_test_OBJECTS) $(parse_reply_test_DEPENDENCIES) - @rm -f parse_reply-test$(EXEEXT) - $(parse_reply_test_LINK) $(parse_reply_test_OBJECTS) $(parse_reply_test_LDADD) $(LIBS) -parse_time-test$(EXEEXT): $(parse_time_test_OBJECTS) $(parse_time_test_DEPENDENCIES) - @rm -f parse_time-test$(EXEEXT) - $(LINK) $(parse_time_test_OBJECTS) $(parse_time_test_LDADD) $(LIBS) -resolve-test$(EXEEXT): $(resolve_test_OBJECTS) $(resolve_test_DEPENDENCIES) - @rm -f resolve-test$(EXEEXT) - $(LINK) $(resolve_test_OBJECTS) $(resolve_test_LDADD) $(LIBS) -snprintf-test$(EXEEXT): $(snprintf_test_OBJECTS) $(snprintf_test_DEPENDENCIES) - @rm -f snprintf-test$(EXEEXT) - $(snprintf_test_LINK) $(snprintf_test_OBJECTS) $(snprintf_test_LDADD) $(LIBS) -strpftime-test$(EXEEXT): $(strpftime_test_OBJECTS) $(strpftime_test_DEPENDENCIES) - @rm -f strpftime-test$(EXEEXT) - $(strpftime_test_LINK) $(strpftime_test_OBJECTS) $(strpftime_test_LDADD) $(LIBS) -test-readenv$(EXEEXT): $(test_readenv_OBJECTS) $(test_readenv_DEPENDENCIES) - @rm -f test-readenv$(EXEEXT) - $(LINK) $(test_readenv_OBJECTS) $(test_readenv_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -libroken_la-base64.lo: base64.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-base64.lo `test -f 'base64.c' || echo '$(srcdir)/'`base64.c - -libroken_la-bswap.lo: bswap.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-bswap.lo `test -f 'bswap.c' || echo '$(srcdir)/'`bswap.c - -libroken_la-concat.lo: concat.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-concat.lo `test -f 'concat.c' || echo '$(srcdir)/'`concat.c - -libroken_la-dumpdata.lo: dumpdata.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-dumpdata.lo `test -f 'dumpdata.c' || echo '$(srcdir)/'`dumpdata.c - -libroken_la-environment.lo: environment.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-environment.lo `test -f 'environment.c' || echo '$(srcdir)/'`environment.c - -libroken_la-eread.lo: eread.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-eread.lo `test -f 'eread.c' || echo '$(srcdir)/'`eread.c - -libroken_la-esetenv.lo: esetenv.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-esetenv.lo `test -f 'esetenv.c' || echo '$(srcdir)/'`esetenv.c - -libroken_la-ewrite.lo: ewrite.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-ewrite.lo `test -f 'ewrite.c' || echo '$(srcdir)/'`ewrite.c - -libroken_la-getaddrinfo_hostspec.lo: getaddrinfo_hostspec.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-getaddrinfo_hostspec.lo `test -f 'getaddrinfo_hostspec.c' || echo '$(srcdir)/'`getaddrinfo_hostspec.c - -libroken_la-get_default_username.lo: get_default_username.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-get_default_username.lo `test -f 'get_default_username.c' || echo '$(srcdir)/'`get_default_username.c - -libroken_la-get_window_size.lo: get_window_size.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-get_window_size.lo `test -f 'get_window_size.c' || echo '$(srcdir)/'`get_window_size.c - -libroken_la-getarg.lo: getarg.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-getarg.lo `test -f 'getarg.c' || echo '$(srcdir)/'`getarg.c - -libroken_la-getnameinfo_verified.lo: getnameinfo_verified.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-getnameinfo_verified.lo `test -f 'getnameinfo_verified.c' || echo '$(srcdir)/'`getnameinfo_verified.c - -libroken_la-getprogname.lo: getprogname.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-getprogname.lo `test -f 'getprogname.c' || echo '$(srcdir)/'`getprogname.c - -libroken_la-h_errno.lo: h_errno.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-h_errno.lo `test -f 'h_errno.c' || echo '$(srcdir)/'`h_errno.c - -libroken_la-hex.lo: hex.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-hex.lo `test -f 'hex.c' || echo '$(srcdir)/'`hex.c - -libroken_la-hostent_find_fqdn.lo: hostent_find_fqdn.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-hostent_find_fqdn.lo `test -f 'hostent_find_fqdn.c' || echo '$(srcdir)/'`hostent_find_fqdn.c - -libroken_la-issuid.lo: issuid.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-issuid.lo `test -f 'issuid.c' || echo '$(srcdir)/'`issuid.c - -libroken_la-k_getpwnam.lo: k_getpwnam.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-k_getpwnam.lo `test -f 'k_getpwnam.c' || echo '$(srcdir)/'`k_getpwnam.c - -libroken_la-k_getpwuid.lo: k_getpwuid.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-k_getpwuid.lo `test -f 'k_getpwuid.c' || echo '$(srcdir)/'`k_getpwuid.c - -libroken_la-mini_inetd.lo: mini_inetd.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-mini_inetd.lo `test -f 'mini_inetd.c' || echo '$(srcdir)/'`mini_inetd.c - -libroken_la-net_read.lo: net_read.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-net_read.lo `test -f 'net_read.c' || echo '$(srcdir)/'`net_read.c - -libroken_la-net_write.lo: net_write.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-net_write.lo `test -f 'net_write.c' || echo '$(srcdir)/'`net_write.c - -libroken_la-parse_bytes.lo: parse_bytes.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-parse_bytes.lo `test -f 'parse_bytes.c' || echo '$(srcdir)/'`parse_bytes.c - -libroken_la-parse_time.lo: parse_time.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-parse_time.lo `test -f 'parse_time.c' || echo '$(srcdir)/'`parse_time.c - -libroken_la-parse_units.lo: parse_units.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-parse_units.lo `test -f 'parse_units.c' || echo '$(srcdir)/'`parse_units.c - -libroken_la-realloc.lo: realloc.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-realloc.lo `test -f 'realloc.c' || echo '$(srcdir)/'`realloc.c - -libroken_la-resolve.lo: resolve.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-resolve.lo `test -f 'resolve.c' || echo '$(srcdir)/'`resolve.c - -libroken_la-roken_gethostby.lo: roken_gethostby.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-roken_gethostby.lo `test -f 'roken_gethostby.c' || echo '$(srcdir)/'`roken_gethostby.c - -libroken_la-rtbl.lo: rtbl.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-rtbl.lo `test -f 'rtbl.c' || echo '$(srcdir)/'`rtbl.c - -libroken_la-setprogname.lo: setprogname.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-setprogname.lo `test -f 'setprogname.c' || echo '$(srcdir)/'`setprogname.c - -libroken_la-signal.lo: signal.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-signal.lo `test -f 'signal.c' || echo '$(srcdir)/'`signal.c - -libroken_la-simple_exec.lo: simple_exec.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-simple_exec.lo `test -f 'simple_exec.c' || echo '$(srcdir)/'`simple_exec.c - -libroken_la-snprintf.lo: snprintf.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-snprintf.lo `test -f 'snprintf.c' || echo '$(srcdir)/'`snprintf.c - -libroken_la-socket.lo: socket.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-socket.lo `test -f 'socket.c' || echo '$(srcdir)/'`socket.c - -libroken_la-strcollect.lo: strcollect.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-strcollect.lo `test -f 'strcollect.c' || echo '$(srcdir)/'`strcollect.c - -libroken_la-strpool.lo: strpool.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-strpool.lo `test -f 'strpool.c' || echo '$(srcdir)/'`strpool.c - -libroken_la-timeval.lo: timeval.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-timeval.lo `test -f 'timeval.c' || echo '$(srcdir)/'`timeval.c - -libroken_la-tm2time.lo: tm2time.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-tm2time.lo `test -f 'tm2time.c' || echo '$(srcdir)/'`tm2time.c - -libroken_la-unvis.lo: unvis.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-unvis.lo `test -f 'unvis.c' || echo '$(srcdir)/'`unvis.c - -libroken_la-verify.lo: verify.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-verify.lo `test -f 'verify.c' || echo '$(srcdir)/'`verify.c - -libroken_la-vis.lo: vis.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-vis.lo `test -f 'vis.c' || echo '$(srcdir)/'`vis.c - -libroken_la-warnerr.lo: warnerr.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-warnerr.lo `test -f 'warnerr.c' || echo '$(srcdir)/'`warnerr.c - -libroken_la-write_pid.lo: write_pid.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-write_pid.lo `test -f 'write_pid.c' || echo '$(srcdir)/'`write_pid.c - -libroken_la-socket_wrapper.lo: socket_wrapper.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libroken_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libroken_la-socket_wrapper.lo `test -f 'socket_wrapper.c' || echo '$(srcdir)/'`socket_wrapper.c - -libtest_la-strftime.lo: strftime.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -c -o libtest_la-strftime.lo `test -f 'strftime.c' || echo '$(srcdir)/'`strftime.c - -libtest_la-strptime.lo: strptime.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -c -o libtest_la-strptime.lo `test -f 'strptime.c' || echo '$(srcdir)/'`strptime.c - -libtest_la-snprintf.lo: snprintf.c - $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -c -o libtest_la-snprintf.lo `test -f 'snprintf.c' || echo '$(srcdir)/'`snprintf.c - -parse_reply_test-parse_reply-test.o: parse_reply-test.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-parse_reply-test.o `test -f 'parse_reply-test.c' || echo '$(srcdir)/'`parse_reply-test.c - -parse_reply_test-parse_reply-test.obj: parse_reply-test.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-parse_reply-test.obj `if test -f 'parse_reply-test.c'; then $(CYGPATH_W) 'parse_reply-test.c'; else $(CYGPATH_W) '$(srcdir)/parse_reply-test.c'; fi` - -parse_reply_test-resolve.o: resolve.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-resolve.o `test -f 'resolve.c' || echo '$(srcdir)/'`resolve.c - -parse_reply_test-resolve.obj: resolve.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-resolve.obj `if test -f 'resolve.c'; then $(CYGPATH_W) 'resolve.c'; else $(CYGPATH_W) '$(srcdir)/resolve.c'; fi` - -snprintf_test-snprintf-test.o: snprintf-test.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(snprintf_test_CFLAGS) $(CFLAGS) -c -o snprintf_test-snprintf-test.o `test -f 'snprintf-test.c' || echo '$(srcdir)/'`snprintf-test.c - -snprintf_test-snprintf-test.obj: snprintf-test.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(snprintf_test_CFLAGS) $(CFLAGS) -c -o snprintf_test-snprintf-test.obj `if test -f 'snprintf-test.c'; then $(CYGPATH_W) 'snprintf-test.c'; else $(CYGPATH_W) '$(srcdir)/snprintf-test.c'; fi` - -strpftime_test-strpftime-test.o: strpftime-test.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(strpftime_test_CFLAGS) $(CFLAGS) -c -o strpftime_test-strpftime-test.o `test -f 'strpftime-test.c' || echo '$(srcdir)/'`strpftime-test.c - -strpftime_test-strpftime-test.obj: strpftime-test.c - $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(strpftime_test_CFLAGS) $(CFLAGS) -c -o strpftime_test-strpftime-test.obj `if test -f 'strpftime-test.c'; then $(CYGPATH_W) 'strpftime-test.c'; else $(CYGPATH_W) '$(srcdir)/strpftime-test.c'; fi` - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man3: $(man3_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man3dir)" || $(MKDIR_P) "$(DESTDIR)$(man3dir)" - @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.3*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 3*) ;; \ - *) ext='3' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst"; \ - done -uninstall-man3: - @$(NORMAL_UNINSTALL) - @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.3*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 3*) ;; \ - *) ext='3' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man3dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man3dir)/$$inst"; \ - done -install-dist_includeHEADERS: $(dist_include_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(dist_include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(dist_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(dist_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ - done - -uninstall-dist_includeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(dist_include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done -install-nodist_includeHEADERS: $(nodist_include_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(nodist_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(nodist_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ - done - -uninstall-nodist_includeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(nodist_include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done -install-nodist_rokenincludeHEADERS: $(nodist_rokeninclude_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(rokenincludedir)" || $(MKDIR_P) "$(DESTDIR)$(rokenincludedir)" - @list='$(nodist_rokeninclude_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(nodist_rokenincludeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(rokenincludedir)/$$f'"; \ - $(nodist_rokenincludeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(rokenincludedir)/$$f"; \ - done - -uninstall-nodist_rokenincludeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(nodist_rokeninclude_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(rokenincludedir)/$$f'"; \ - rm -f "$(DESTDIR)$(rokenincludedir)/$$f"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ - srcdir=$(srcdir); export srcdir; \ - list=' $(TESTS) '; \ - if test -n "$$list"; then \ - for tst in $$list; do \ - if test -f ./$$tst; then dir=./; \ - elif test -f $$tst; then dir=; \ - else dir="$(srcdir)/"; fi; \ - if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xpass=`expr $$xpass + 1`; \ - failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ - ;; \ - *) \ - echo "PASS: $$tst"; \ - ;; \ - esac; \ - elif test $$? -ne 77; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ - ;; \ - *) \ - failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ - ;; \ - esac; \ - else \ - skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ - fi; \ - else \ - if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ - else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ - fi; \ - fi; \ - dashes="$$banner"; \ - skipped=""; \ - if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ - test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$skipped"; \ - fi; \ - report=""; \ - if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ - report="Please report to $(PACKAGE_BUGREPORT)"; \ - test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$report"; \ - fi; \ - dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - test -z "$$skipped" || echo "$$skipped"; \ - test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0; \ - else :; fi - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) - $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local -check: $(BUILT_SOURCES) - $(MAKE) $(AM_MAKEFLAGS) check-am -all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(MANS) $(HEADERS) \ - all-local -installdirs: - for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(man3dir)" "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)" "$(DESTDIR)$(rokenincludedir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: $(BUILT_SOURCES) - $(MAKE) $(AM_MAKEFLAGS) install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." - -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) -clean: clean-am - -clean-am: clean-checkPROGRAMS clean-generic clean-libLTLIBRARIES \ - clean-libtool clean-noinstLTLIBRARIES clean-noinstPROGRAMS \ - mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-dist_includeHEADERS install-man \ - install-nodist_includeHEADERS \ - install-nodist_rokenincludeHEADERS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-libLTLIBRARIES - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man3 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-dist_includeHEADERS uninstall-libLTLIBRARIES \ - uninstall-man uninstall-nodist_includeHEADERS \ - uninstall-nodist_rokenincludeHEADERS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man3 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \ - check-local clean clean-checkPROGRAMS clean-generic \ - clean-libLTLIBRARIES clean-libtool clean-noinstLTLIBRARIES \ - clean-noinstPROGRAMS ctags dist-hook distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am \ - install-data-hook install-dist_includeHEADERS install-dvi \ - install-dvi-am install-exec install-exec-am install-exec-hook \ - install-html install-html-am install-info install-info-am \ - install-libLTLIBRARIES install-man install-man3 \ - install-nodist_includeHEADERS \ - install-nodist_rokenincludeHEADERS install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-dist_includeHEADERS \ - uninstall-hook uninstall-libLTLIBRARIES uninstall-man \ - uninstall-man3 uninstall-nodist_includeHEADERS \ - uninstall-nodist_rokenincludeHEADERS - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -$(LTLIBOBJS) $(libroken_la_OBJECTS): roken.h $(XHEADERS) -.hin.h: - cp $< $@ - -roken.h: make-roken$(EXEEXT) - @./make-roken$(EXEEXT) > tmp.h ;\ - if [ -f roken.h ] && cmp -s tmp.h roken.h ; then rm -f tmp.h ; \ - else rm -f roken.h; mv tmp.h roken.h; fi - -make-roken.c: roken.h.in roken.awk - $(AWK) -f $(srcdir)/roken.awk $(srcdir)/roken.h.in > make-roken.c -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/lib/roken/acconfig.h b/crypto/heimdal/lib/roken/acconfig.h deleted file mode 100644 index 5fbe685ce386..000000000000 --- a/crypto/heimdal/lib/roken/acconfig.h +++ /dev/null @@ -1,36 +0,0 @@ -@BOTTOM@ - -#ifdef BROKEN_REALLOC -#define realloc(X, Y) isoc_realloc((X), (Y)) -#define isoc_realloc(X, Y) ((X) ? realloc((X), (Y)) : malloc(Y)) -#endif - -#ifdef VOID_RETSIGTYPE -#define SIGRETURN(x) return -#else -#define SIGRETURN(x) return (RETSIGTYPE)(x) -#endif - -#define RCSID(msg) \ -static /**/const char *const rcsid[] = { (const char *)rcsid, "\100(#)" msg } - -#undef PROTOTYPES - -/* Maximum values on all known systems */ -#define MaxHostNameLen (64+4) -#define MaxPathLen (1024+4) - -/* - * Define NDBM if you are using the 4.3 ndbm library (which is part of - * libc). If not defined, 4.2 dbm will be assumed. - */ -#if defined(HAVE_DBM_FIRSTKEY) -#define NDBM -#endif - -/* - * Defining this enables lots of useful (and used) extensions on - * glibc-based systems such as Linux - */ - -#define _GNU_SOURCE diff --git a/crypto/heimdal/lib/roken/acinclude.m4 b/crypto/heimdal/lib/roken/acinclude.m4 deleted file mode 100644 index 1d0197c5ce37..000000000000 --- a/crypto/heimdal/lib/roken/acinclude.m4 +++ /dev/null @@ -1,9 +0,0 @@ -dnl $Id$ -dnl -dnl Only put things that for some reason can't live in the `cf' -dnl directory in this file. -dnl - -dnl $xId: misc.m4,v 1.1 1997/12/14 15:59:04 joda Exp $ -dnl -define(upcase,`echo $1 | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`)dnl diff --git a/crypto/heimdal/lib/roken/base64-test.c b/crypto/heimdal/lib/roken/base64-test.c deleted file mode 100644 index 435e41b1832a..000000000000 --- a/crypto/heimdal/lib/roken/base64-test.c +++ /dev/null @@ -1,99 +0,0 @@ -/* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: base64-test.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include "roken.h" -#include - -int -main(int argc, char **argv) -{ - int numerr = 0; - int numtest = 1; - struct test { - void *data; - size_t len; - const char *result; - } *t, tests[] = { - { "", 0 , "" }, - { "1", 1, "MQ==" }, - { "22", 2, "MjI=" }, - { "333", 3, "MzMz" }, - { "4444", 4, "NDQ0NA==" }, - { "55555", 5, "NTU1NTU=" }, - { "abc:def", 7, "YWJjOmRlZg==" }, - { NULL } - }; - for(t = tests; t->data; t++) { - char *str; - int len; - len = base64_encode(t->data, t->len, &str); - if(strcmp(str, t->result) != 0) { - fprintf(stderr, "failed test %d: %s != %s\n", numtest, - str, t->result); - numerr++; - } - free(str); - str = strdup(t->result); - len = base64_decode(t->result, str); - if(len != t->len) { - fprintf(stderr, "failed test %d: len %lu != %lu\n", numtest, - (unsigned long)len, (unsigned long)t->len); - numerr++; - } else if(memcmp(str, t->data, t->len) != 0) { - fprintf(stderr, "failed test %d: data\n", numtest); - numerr++; - } - free(str); - numtest++; - } - - { - char str[32]; - if(base64_decode("M=M=", str) != -1) { - fprintf(stderr, "failed test %d: successful decode of `M=M='\n", - numtest++); - numerr++; - } - if(base64_decode("MQ===", str) != -1) { - fprintf(stderr, "failed test %d: successful decode of `MQ==='\n", - numtest++); - numerr++; - } - } - return numerr; -} diff --git a/crypto/heimdal/lib/roken/base64.c b/crypto/heimdal/lib/roken/base64.c deleted file mode 100644 index daf7fc567161..000000000000 --- a/crypto/heimdal/lib/roken/base64.c +++ /dev/null @@ -1,136 +0,0 @@ -/* - * Copyright (c) 1995-2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: base64.c 15506 2005-06-23 10:47:57Z lha $"); -#endif -#include -#include -#include "base64.h" - -static const char base64_chars[] = - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; - -static int -pos(char c) -{ - const char *p; - for (p = base64_chars; *p; p++) - if (*p == c) - return p - base64_chars; - return -1; -} - -int ROKEN_LIB_FUNCTION -base64_encode(const void *data, int size, char **str) -{ - char *s, *p; - int i; - int c; - const unsigned char *q; - - p = s = (char *) malloc(size * 4 / 3 + 4); - if (p == NULL) - return -1; - q = (const unsigned char *) data; - i = 0; - for (i = 0; i < size;) { - c = q[i++]; - c *= 256; - if (i < size) - c += q[i]; - i++; - c *= 256; - if (i < size) - c += q[i]; - i++; - p[0] = base64_chars[(c & 0x00fc0000) >> 18]; - p[1] = base64_chars[(c & 0x0003f000) >> 12]; - p[2] = base64_chars[(c & 0x00000fc0) >> 6]; - p[3] = base64_chars[(c & 0x0000003f) >> 0]; - if (i > size) - p[3] = '='; - if (i > size + 1) - p[2] = '='; - p += 4; - } - *p = 0; - *str = s; - return strlen(s); -} - -#define DECODE_ERROR 0xffffffff - -static unsigned int -token_decode(const char *token) -{ - int i; - unsigned int val = 0; - int marker = 0; - if (strlen(token) < 4) - return DECODE_ERROR; - for (i = 0; i < 4; i++) { - val *= 64; - if (token[i] == '=') - marker++; - else if (marker > 0) - return DECODE_ERROR; - else - val += pos(token[i]); - } - if (marker > 2) - return DECODE_ERROR; - return (marker << 24) | val; -} - -int ROKEN_LIB_FUNCTION -base64_decode(const char *str, void *data) -{ - const char *p; - unsigned char *q; - - q = data; - for (p = str; *p && (*p == '=' || strchr(base64_chars, *p)); p += 4) { - unsigned int val = token_decode(p); - unsigned int marker = (val >> 24) & 0xff; - if (val == DECODE_ERROR) - return -1; - *q++ = (val >> 16) & 0xff; - if (marker < 2) - *q++ = (val >> 8) & 0xff; - if (marker < 1) - *q++ = val & 0xff; - } - return q - (unsigned char *) data; -} diff --git a/crypto/heimdal/lib/roken/base64.h b/crypto/heimdal/lib/roken/base64.h deleted file mode 100644 index 09aadffe7c41..000000000000 --- a/crypto/heimdal/lib/roken/base64.h +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: base64.h 15535 2005-06-30 07:13:33Z lha $ */ - -#ifndef _BASE64_H_ -#define _BASE64_H_ - -#ifndef ROKEN_LIB_FUNCTION -#ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall -#else -#define ROKEN_LIB_FUNCTION -#endif -#endif - -int ROKEN_LIB_FUNCTION -base64_encode(const void *, int, char **); - -int ROKEN_LIB_FUNCTION -base64_decode(const char *, void *); - -#endif diff --git a/crypto/heimdal/lib/roken/bswap.c b/crypto/heimdal/lib/roken/bswap.c deleted file mode 100644 index e669eb2e4c0b..000000000000 --- a/crypto/heimdal/lib/roken/bswap.c +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (c) 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -RCSID("$Id: bswap.c 14773 2005-04-12 11:29:18Z lha $"); - -#ifndef HAVE_BSWAP32 - -unsigned int ROKEN_LIB_FUNCTION -bswap32 (unsigned int val) -{ - return (val & 0xff) << 24 | - (val & 0xff00) << 8 | - (val & 0xff0000) >> 8 | - (val & 0xff000000) >> 24; -} -#endif - -#ifndef HAVE_BSWAP16 - -unsigned short ROKEN_LIB_FUNCTION -bswap16 (unsigned short val) -{ - return (val & 0xff) << 8 | - (val & 0xff00) >> 8; -} -#endif diff --git a/crypto/heimdal/lib/roken/chown.c b/crypto/heimdal/lib/roken/chown.c deleted file mode 100644 index 5eb9c92c806d..000000000000 --- a/crypto/heimdal/lib/roken/chown.c +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: chown.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -int ROKEN_LIB_FUNCTION -chown(const char *path, uid_t owner, gid_t group) -{ - return 0; -} diff --git a/crypto/heimdal/lib/roken/closefrom.c b/crypto/heimdal/lib/roken/closefrom.c deleted file mode 100644 index f56e556a81d9..000000000000 --- a/crypto/heimdal/lib/roken/closefrom.c +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: closefrom.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif - -#include "roken.h" - -int ROKEN_LIB_FUNCTION -closefrom(int fd) -{ - int num = getdtablesize(); - - if (num < 0) - num = 1024; /* XXX */ - - for (; fd <= num; fd++) - close(fd); - - return 0; -} diff --git a/crypto/heimdal/lib/roken/concat.c b/crypto/heimdal/lib/roken/concat.c deleted file mode 100644 index 94e0fcc31103..000000000000 --- a/crypto/heimdal/lib/roken/concat.c +++ /dev/null @@ -1,112 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: concat.c 14773 2005-04-12 11:29:18Z lha $"); -#endif -#include "roken.h" - -int ROKEN_LIB_FUNCTION -roken_concat (char *s, size_t len, ...) -{ - int ret; - va_list args; - - va_start(args, len); - ret = roken_vconcat (s, len, args); - va_end(args); - return ret; -} - -int ROKEN_LIB_FUNCTION -roken_vconcat (char *s, size_t len, va_list args) -{ - const char *a; - - while ((a = va_arg(args, const char*))) { - size_t n = strlen (a); - - if (n >= len) - return -1; - memcpy (s, a, n); - s += n; - len -= n; - } - *s = '\0'; - return 0; -} - -size_t ROKEN_LIB_FUNCTION -roken_vmconcat (char **s, size_t max_len, va_list args) -{ - const char *a; - char *p, *q; - size_t len = 0; - *s = NULL; - p = malloc(1); - if(p == NULL) - return 0; - len = 1; - while ((a = va_arg(args, const char*))) { - size_t n = strlen (a); - - if(max_len && len + n > max_len){ - free(p); - return 0; - } - q = realloc(p, len + n); - if(q == NULL){ - free(p); - return 0; - } - p = q; - memcpy (p + len - 1, a, n); - len += n; - } - p[len - 1] = '\0'; - *s = p; - return len; -} - -size_t ROKEN_LIB_FUNCTION -roken_mconcat (char **s, size_t max_len, ...) -{ - int ret; - va_list args; - - va_start(args, max_len); - ret = roken_vmconcat (s, max_len, args); - va_end(args); - return ret; -} diff --git a/crypto/heimdal/lib/roken/copyhostent.c b/crypto/heimdal/lib/roken/copyhostent.c deleted file mode 100644 index 6410449ffbe6..000000000000 --- a/crypto/heimdal/lib/roken/copyhostent.c +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: copyhostent.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -/* - * return a malloced copy of `h' - */ - -struct hostent * ROKEN_LIB_FUNCTION -copyhostent (const struct hostent *h) -{ - struct hostent *res; - char **p; - int i, n; - - res = malloc (sizeof (*res)); - if (res == NULL) - return NULL; - res->h_name = NULL; - res->h_aliases = NULL; - res->h_addrtype = h->h_addrtype; - res->h_length = h->h_length; - res->h_addr_list = NULL; - res->h_name = strdup (h->h_name); - if (res->h_name == NULL) { - freehostent (res); - return NULL; - } - for (n = 0, p = h->h_aliases; *p != NULL; ++p) - ++n; - res->h_aliases = malloc ((n + 1) * sizeof(*res->h_aliases)); - if (res->h_aliases == NULL) { - freehostent (res); - return NULL; - } - for (i = 0; i < n + 1; ++i) - res->h_aliases[i] = NULL; - for (i = 0; i < n; ++i) { - res->h_aliases[i] = strdup (h->h_aliases[i]); - if (res->h_aliases[i] == NULL) { - freehostent (res); - return NULL; - } - } - - for (n = 0, p = h->h_addr_list; *p != NULL; ++p) - ++n; - res->h_addr_list = malloc ((n + 1) * sizeof(*res->h_addr_list)); - if (res->h_addr_list == NULL) { - freehostent (res); - return NULL; - } - for (i = 0; i < n + 1; ++i) { - res->h_addr_list[i] = NULL; - } - for (i = 0; i < n; ++i) { - res->h_addr_list[i] = malloc (h->h_length); - if (res->h_addr_list[i] == NULL) { - freehostent (res); - return NULL; - } - memcpy (res->h_addr_list[i], h->h_addr_list[i], h->h_length); - } - return res; -} - diff --git a/crypto/heimdal/lib/roken/daemon.c b/crypto/heimdal/lib/roken/daemon.c deleted file mode 100644 index 2bc2350054c8..000000000000 --- a/crypto/heimdal/lib/roken/daemon.c +++ /dev/null @@ -1,84 +0,0 @@ -/*- - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)daemon.c 8.1 (Berkeley) 6/4/93"; -#endif /* LIBC_SCCS and not lint */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -RCSID("$Id: daemon.c 14773 2005-04-12 11:29:18Z lha $"); - -#ifndef HAVE_DAEMON - -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_PATHS_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif - -#include "roken.h" - -int ROKEN_LIB_FUNCTION -daemon(int nochdir, int noclose) -{ - int fd; - - switch (fork()) { - case -1: - return (-1); - case 0: - break; - default: - _exit(0); - } - - if (setsid() == -1) - return (-1); - - if (!nochdir) - chdir("/"); - - if (!noclose && (fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) { - dup2(fd, STDIN_FILENO); - dup2(fd, STDOUT_FILENO); - dup2(fd, STDERR_FILENO); - if (fd > 2) - close (fd); - } - return (0); -} - -#endif /* HAVE_DAEMON */ diff --git a/crypto/heimdal/lib/roken/dumpdata.c b/crypto/heimdal/lib/roken/dumpdata.c deleted file mode 100644 index 4750cac1a5bb..000000000000 --- a/crypto/heimdal/lib/roken/dumpdata.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: dumpdata.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include - -#include "roken.h" - -/* - * Write datablob to a filename, don't care about errors. - */ - -void ROKEN_LIB_FUNCTION -rk_dumpdata (const char *filename, const void *buf, size_t size) -{ - int fd; - - fd = open(filename, O_WRONLY|O_TRUNC|O_CREAT, 0640); - if (fd < 0) - return; - net_write(fd, buf, size); - close(fd); -} diff --git a/crypto/heimdal/lib/roken/ecalloc.3 b/crypto/heimdal/lib/roken/ecalloc.3 deleted file mode 100644 index 194ad271cf9a..000000000000 --- a/crypto/heimdal/lib/roken/ecalloc.3 +++ /dev/null @@ -1,84 +0,0 @@ -.\" Copyright (c) 2001, 2003 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" $Id: ecalloc.3 12527 2003-08-15 12:28:14Z joda $ -.\" -.Dd August 14, 2003 -.Dt ECALLOC 3 -.Os HEIMDAL -.Sh NAME -.Nm ecalloc , -.Nm emalloc , -.Nm eread , -.Nm erealloc , -.Nm esetenv , -.Nm estrdup , -.Nm ewrite -.Nd exit-on-failure wrapper functions -.Sh LIBRARY -The roken library (libroken, -lroken) -.Sh SYNOPSIS -.Fd #include -.Ft "void *" -.Fn ecalloc "size_t number" "size_t size" -.Ft "void *" -.Fn emalloc "size_t sz" -.Ft ssize_t -.Fn eread "int fd" "void *buf" "size_t nbytes" -.Ft "void *" -.Fn erealloc "void *ptr" "size_t sz" -.Ft void -.Fn esetenv "const char *var" "const char *val" "int rewrite" -.Ft "char *" -.Fn estrdup "const char *str" -.Ft ssize_t -.Fn ewrite "int fd" "const void *buf" "size_t nbytes" -.Sh DESCRIPTION -These functions do the same as the ones without the -.Dq e -prefix, but if there is an error they will print a message with -.Xr errx 3 , -and exit. For -.Nm eread -and -.Nm ewrite -this is also true for partial data. -.Pp -This is useful in applications when there is no need for a more -advanced failure mode. -.Sh SEE ALSO -.Xr read 2 , -.Xr write 2 , -.Xr calloc 3 , -.Xr errx 3 , -.Xr malloc 3 , -.Xr realloc 3 , -.Xr setenv 3 , -.Xr strdup 3 diff --git a/crypto/heimdal/lib/roken/ecalloc.c b/crypto/heimdal/lib/roken/ecalloc.c deleted file mode 100644 index c5ef4a7b2450..000000000000 --- a/crypto/heimdal/lib/roken/ecalloc.c +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: ecalloc.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include -#include - -#include "roken.h" - -/* - * Like calloc but never fails. - */ - -void * ROKEN_LIB_FUNCTION -ecalloc (size_t number, size_t size) -{ - void *tmp = calloc (number, size); - - if (tmp == NULL && number * size != 0) - errx (1, "calloc %lu failed", (unsigned long)number * size); - return tmp; -} diff --git a/crypto/heimdal/lib/roken/emalloc.c b/crypto/heimdal/lib/roken/emalloc.c deleted file mode 100644 index a39fcc0d22bf..000000000000 --- a/crypto/heimdal/lib/roken/emalloc.c +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: emalloc.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include -#include - -#include "roken.h" - -/* - * Like malloc but never fails. - */ - -void * ROKEN_LIB_FUNCTION -emalloc (size_t sz) -{ - void *tmp = malloc (sz); - - if (tmp == NULL && sz != 0) - errx (1, "malloc %lu failed", (unsigned long)sz); - return tmp; -} diff --git a/crypto/heimdal/lib/roken/environment.c b/crypto/heimdal/lib/roken/environment.c deleted file mode 100644 index 3822e4c6ffe5..000000000000 --- a/crypto/heimdal/lib/roken/environment.c +++ /dev/null @@ -1,156 +0,0 @@ -/* - * Copyright (c) 2000, 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: environment.c 20866 2007-06-03 21:00:29Z lha $"); -#endif - -#include -#include -#include -#include "roken.h" - -/* find assignment in env list; len is length of variable including - * equal - */ - -static int -find_var(char **env, char *assignment, size_t len) -{ - int i; - for(i = 0; env != NULL && env[i] != NULL; i++) - if(strncmp(env[i], assignment, len) == 0) - return i; - return -1; -} - -/* - * return count of environment assignments from open file F in - * assigned and list of malloced strings in env, return 0 or errno - * number - */ - -static int -rk_read_env_file(FILE *F, char ***env, int *assigned) -{ - int idx = 0; - int i; - char **l; - char buf[BUFSIZ], *p, *r; - char **tmp; - int ret = 0; - - *assigned = 0; - - for(idx = 0; *env != NULL && (*env)[idx] != NULL; idx++); - l = *env; - - /* This is somewhat more relaxed on what it accepts then - * Wietses sysv_environ from K4 was... - */ - while (fgets(buf, BUFSIZ, F) != NULL) { - buf[strcspn(buf, "#\n")] = '\0'; - - for(p = buf; isspace((unsigned char)*p); p++); - if (*p == '\0') - continue; - - /* Here one should check that it's a 'valid' env string... */ - r = strchr(p, '='); - if (r == NULL) - continue; - - if((i = find_var(l, p, r - p + 1)) >= 0) { - char *val = strdup(p); - if(val == NULL) { - ret = ENOMEM; - break; - } - free(l[i]); - l[i] = val; - (*assigned)++; - continue; - } - - tmp = realloc(l, (idx+2) * sizeof (char *)); - if(tmp == NULL) { - ret = ENOMEM; - break; - } - - l = tmp; - l[idx] = strdup(p); - if(l[idx] == NULL) { - ret = ENOMEM; - break; - } - l[++idx] = NULL; - (*assigned)++; - } - if(ferror(F)) - ret = errno; - *env = l; - return ret; -} - -/* - * return count of environment assignments from file and - * list of malloced strings in `env' - */ - -int ROKEN_LIB_FUNCTION -read_environment(const char *file, char ***env) -{ - int assigned; - FILE *F; - - if ((F = fopen(file, "r")) == NULL) - return 0; - - rk_read_env_file(F, env, &assigned); - fclose(F); - return assigned; -} - -void ROKEN_LIB_FUNCTION -free_environment(char **env) -{ - int i; - if (env == NULL) - return; - for (i = 0; env[i]; i++) - free(env[i]); - free(env); -} diff --git a/crypto/heimdal/lib/roken/eread.c b/crypto/heimdal/lib/roken/eread.c deleted file mode 100644 index ec4eed412e10..000000000000 --- a/crypto/heimdal/lib/roken/eread.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: eread.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include -#include - -#include "roken.h" - -/* - * Like read but never fails (and never returns partial data). - */ - -ssize_t ROKEN_LIB_FUNCTION -eread (int fd, void *buf, size_t nbytes) -{ - ssize_t ret; - - ret = net_read (fd, buf, nbytes); - if (ret < 0) - err (1, "read"); - return ret; -} diff --git a/crypto/heimdal/lib/roken/erealloc.c b/crypto/heimdal/lib/roken/erealloc.c deleted file mode 100644 index c38236085cb1..000000000000 --- a/crypto/heimdal/lib/roken/erealloc.c +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: erealloc.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include -#include - -#include "roken.h" - -/* - * Like realloc but never fails. - */ - -void * ROKEN_LIB_FUNCTION -erealloc (void *ptr, size_t sz) -{ - void *tmp = realloc (ptr, sz); - - if (tmp == NULL && sz != 0) - errx (1, "realloc %lu failed", (unsigned long)sz); - return tmp; -} diff --git a/crypto/heimdal/lib/roken/err.c b/crypto/heimdal/lib/roken/err.c deleted file mode 100644 index dcb820bba6b5..000000000000 --- a/crypto/heimdal/lib/roken/err.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: err.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "err.h" - -void ROKEN_LIB_FUNCTION -err(int eval, const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - verr(eval, fmt, ap); - va_end(ap); -} diff --git a/crypto/heimdal/lib/roken/err.hin b/crypto/heimdal/lib/roken/err.hin deleted file mode 100644 index 2f1232d3e7f8..000000000000 --- a/crypto/heimdal/lib/roken/err.hin +++ /dev/null @@ -1,88 +0,0 @@ -/* - * Copyright (c) 1995 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: err.hin 14773 2005-04-12 11:29:18Z lha $ */ - -#ifndef __ERR_H__ -#define __ERR_H__ - -#include -#include -#include -#include -#include - -#if !defined(__GNUC__) && !defined(__attribute__) -#define __attribute__(x) -#endif - -#ifndef ROKEN_LIB_FUNCTION -#ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall -#else -#define ROKEN_LIB_FUNCTION -#endif -#endif - -void ROKEN_LIB_FUNCTION -verr(int eval, const char *fmt, va_list ap) - __attribute__ ((noreturn, format (printf, 2, 0))); - -void ROKEN_LIB_FUNCTION -err(int eval, const char *fmt, ...) - __attribute__ ((noreturn, format (printf, 2, 3))); - -void ROKEN_LIB_FUNCTION -verrx(int eval, const char *fmt, va_list ap) - __attribute__ ((noreturn, format (printf, 2, 0))); - -void ROKEN_LIB_FUNCTION -errx(int eval, const char *fmt, ...) - __attribute__ ((noreturn, format (printf, 2, 3))); -void ROKEN_LIB_FUNCTION -vwarn(const char *fmt, va_list ap) - __attribute__ ((format (printf, 1, 0))); - -void ROKEN_LIB_FUNCTION -warn(const char *fmt, ...) - __attribute__ ((format (printf, 1, 2))); - -void ROKEN_LIB_FUNCTION -vwarnx(const char *fmt, va_list ap) - __attribute__ ((format (printf, 1, 0))); - -void ROKEN_LIB_FUNCTION -warnx(const char *fmt, ...) - __attribute__ ((format (printf, 1, 2))); - -#endif /* __ERR_H__ */ diff --git a/crypto/heimdal/lib/roken/errx.c b/crypto/heimdal/lib/roken/errx.c deleted file mode 100644 index 1090ac79d029..000000000000 --- a/crypto/heimdal/lib/roken/errx.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: errx.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "err.h" - -void ROKEN_LIB_FUNCTION -errx(int eval, const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - verrx(eval, fmt, ap); - va_end(ap); -} diff --git a/crypto/heimdal/lib/roken/esetenv.c b/crypto/heimdal/lib/roken/esetenv.c deleted file mode 100644 index e92f04ab32f0..000000000000 --- a/crypto/heimdal/lib/roken/esetenv.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 2000, 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: esetenv.c 15502 2005-06-21 18:56:15Z lha $"); -#endif - -#include "roken.h" - -#include - -void ROKEN_LIB_FUNCTION -esetenv(const char *var, const char *val, int rewrite) -{ - if (setenv (rk_UNCONST(var), rk_UNCONST(val), rewrite)) - errx (1, "failed setting environment variable %s", var); -} diff --git a/crypto/heimdal/lib/roken/estrdup.c b/crypto/heimdal/lib/roken/estrdup.c deleted file mode 100644 index 262412bd35e8..000000000000 --- a/crypto/heimdal/lib/roken/estrdup.c +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: estrdup.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include -#include - -#include "roken.h" - -/* - * Like strdup but never fails. - */ - -char * ROKEN_LIB_FUNCTION -estrdup (const char *str) -{ - char *tmp = strdup (str); - - if (tmp == NULL) - errx (1, "strdup failed"); - return tmp; -} diff --git a/crypto/heimdal/lib/roken/ewrite.c b/crypto/heimdal/lib/roken/ewrite.c deleted file mode 100644 index a2323d6ffd9e..000000000000 --- a/crypto/heimdal/lib/roken/ewrite.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: ewrite.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include -#include - -#include "roken.h" - -/* - * Like write but never fails (and never returns partial data). - */ - -ssize_t ROKEN_LIB_FUNCTION -ewrite (int fd, const void *buf, size_t nbytes) -{ - ssize_t ret; - - ret = net_write (fd, buf, nbytes); - if (ret < 0) - err (1, "write"); - return ret; -} diff --git a/crypto/heimdal/lib/roken/fchown.c b/crypto/heimdal/lib/roken/fchown.c deleted file mode 100644 index 87a205179f2d..000000000000 --- a/crypto/heimdal/lib/roken/fchown.c +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: fchown.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -int ROKEN_LIB_FUNCTION -fchown(int fd, uid_t owner, gid_t group) -{ - return 0; -} diff --git a/crypto/heimdal/lib/roken/flock.c b/crypto/heimdal/lib/roken/flock.c deleted file mode 100644 index 911d5ff31ed3..000000000000 --- a/crypto/heimdal/lib/roken/flock.c +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#ifndef HAVE_FLOCK -RCSID("$Id: flock.c 14773 2005-04-12 11:29:18Z lha $"); - -#include "roken.h" - - -#define OP_MASK (LOCK_SH | LOCK_EX | LOCK_UN) - -int ROKEN_LIB_FUNCTION -flock(int fd, int operation) -{ -#if defined(HAVE_FCNTL) && defined(F_SETLK) - struct flock arg; - int code, cmd; - - arg.l_whence = SEEK_SET; - arg.l_start = 0; - arg.l_len = 0; /* means to EOF */ - - if (operation & LOCK_NB) - cmd = F_SETLK; - else - cmd = F_SETLKW; /* Blocking */ - - switch (operation & OP_MASK) { - case LOCK_UN: - arg.l_type = F_UNLCK; - code = fcntl(fd, F_SETLK, &arg); - break; - case LOCK_SH: - arg.l_type = F_RDLCK; - code = fcntl(fd, cmd, &arg); - break; - case LOCK_EX: - arg.l_type = F_WRLCK; - code = fcntl(fd, cmd, &arg); - break; - default: - errno = EINVAL; - code = -1; - break; - } - return code; -#else - return -1; -#endif -} - -#endif - diff --git a/crypto/heimdal/lib/roken/fnmatch.c b/crypto/heimdal/lib/roken/fnmatch.c deleted file mode 100644 index 126949a8e08d..000000000000 --- a/crypto/heimdal/lib/roken/fnmatch.c +++ /dev/null @@ -1,169 +0,0 @@ -/* $NetBSD: fnmatch.c,v 1.11 1995/02/27 03:43:06 cgd Exp $ */ - -/* - * Copyright (c) 1989, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Guido van Rossum. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if defined(LIBC_SCCS) && !defined(lint) -#if 0 -static char sccsid[] = "@(#)fnmatch.c 8.2 (Berkeley) 4/16/94"; -#else -static char rcsid[] = "$NetBSD: fnmatch.c,v 1.11 1995/02/27 03:43:06 cgd Exp $"; -#endif -#endif /* LIBC_SCCS and not lint */ - -/* - * Function fnmatch() as specified in POSIX 1003.2-1992, section B.6. - * Compares a filename or pathname to a pattern. - */ - -#include -#include - -#define EOS '\0' - -static const char *rangematch (const char *, int, int); - -int ROKEN_LIB_FUNCTION -rk_fnmatch(const char *pattern, const char *string, int flags) -{ - const char *stringstart; - char c, test; - - for (stringstart = string;;) - switch (c = *pattern++) { - case EOS: - return (*string == EOS ? 0 : FNM_NOMATCH); - case '?': - if (*string == EOS) - return (FNM_NOMATCH); - if (*string == '/' && (flags & FNM_PATHNAME)) - return (FNM_NOMATCH); - if (*string == '.' && (flags & FNM_PERIOD) && - (string == stringstart || - ((flags & FNM_PATHNAME) && *(string - 1) == '/'))) - return (FNM_NOMATCH); - ++string; - break; - case '*': - c = *pattern; - /* Collapse multiple stars. */ - while (c == '*') - c = *++pattern; - - if (*string == '.' && (flags & FNM_PERIOD) && - (string == stringstart || - ((flags & FNM_PATHNAME) && *(string - 1) == '/'))) - return (FNM_NOMATCH); - - /* Optimize for pattern with * at end or before /. */ - if (c == EOS) - if (flags & FNM_PATHNAME) - return (strchr(string, '/') == NULL ? - 0 : FNM_NOMATCH); - else - return (0); - else if (c == '/' && flags & FNM_PATHNAME) { - if ((string = strchr(string, '/')) == NULL) - return (FNM_NOMATCH); - break; - } - - /* General case, use recursion. */ - while ((test = *string) != EOS) { - if (!rk_fnmatch(pattern, string, flags & ~FNM_PERIOD)) - return (0); - if (test == '/' && flags & FNM_PATHNAME) - break; - ++string; - } - return (FNM_NOMATCH); - case '[': - if (*string == EOS) - return (FNM_NOMATCH); - if (*string == '/' && flags & FNM_PATHNAME) - return (FNM_NOMATCH); - if ((pattern = - rangematch(pattern, *string, flags)) == NULL) - return (FNM_NOMATCH); - ++string; - break; - case '\\': - if (!(flags & FNM_NOESCAPE)) { - if ((c = *pattern++) == EOS) { - c = '\\'; - --pattern; - } - } - /* FALLTHROUGH */ - default: - if (c != *string++) - return (FNM_NOMATCH); - break; - } - /* NOTREACHED */ -} - -static const char * -rangematch(const char *pattern, int test, int flags) -{ - int negate, ok; - char c, c2; - - /* - * A bracket expression starting with an unquoted circumflex - * character produces unspecified results (IEEE 1003.2-1992, - * 3.13.2). This implementation treats it like '!', for - * consistency with the regular expression syntax. - * J.T. Conklin (conklin@ngai.kaleida.com) - */ - if (negate = (*pattern == '!' || *pattern == '^')) - ++pattern; - - for (ok = 0; (c = *pattern++) != ']';) { - if (c == '\\' && !(flags & FNM_NOESCAPE)) - c = *pattern++; - if (c == EOS) - return (NULL); - if (*pattern == '-' - && (c2 = *(pattern+1)) != EOS && c2 != ']') { - pattern += 2; - if (c2 == '\\' && !(flags & FNM_NOESCAPE)) - c2 = *pattern++; - if (c2 == EOS) - return (NULL); - if (c <= test && test <= c2) - ok = 1; - } else if (c == test) - ok = 1; - } - return (ok == negate ? NULL : pattern); -} diff --git a/crypto/heimdal/lib/roken/fnmatch.hin b/crypto/heimdal/lib/roken/fnmatch.hin deleted file mode 100644 index d5d54a56225e..000000000000 --- a/crypto/heimdal/lib/roken/fnmatch.hin +++ /dev/null @@ -1,64 +0,0 @@ -/* $NetBSD: fnmatch.h,v 1.5 1994/10/26 00:55:53 cgd Exp $ */ - -/*- - * Copyright (c) 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)fnmatch.h 8.1 (Berkeley) 6/2/93 - */ - -#ifndef _FNMATCH_H_ -#define _FNMATCH_H_ - -#ifndef ROKEN_LIB_FUNCTION -#ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall -#else -#define ROKEN_LIB_FUNCTION -#endif -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -#define FNM_NOMATCH 1 /* Match failed. */ - -#define FNM_NOESCAPE 0x01 /* Disable backslash escaping. */ -#define FNM_PATHNAME 0x02 /* Slash must be matched by slash. */ -#define FNM_PERIOD 0x04 /* Period must be matched by period. */ - -int ROKEN_LIB_FUNCTION -rk_fnmatch (const char *, const char *, int); - -#define fnmatch(a,b,c) rk_fnmatch(a,b,c) - -#ifdef __cplusplus -} -#endif - -#endif /* !_FNMATCH_H_ */ diff --git a/crypto/heimdal/lib/roken/freeaddrinfo.c b/crypto/heimdal/lib/roken/freeaddrinfo.c deleted file mode 100644 index a61536ddf881..000000000000 --- a/crypto/heimdal/lib/roken/freeaddrinfo.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: freeaddrinfo.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -/* - * free the list of `struct addrinfo' starting at `ai' - */ - -void ROKEN_LIB_FUNCTION -freeaddrinfo(struct addrinfo *ai) -{ - struct addrinfo *tofree; - - while(ai != NULL) { - free (ai->ai_canonname); - free (ai->ai_addr); - tofree = ai; - ai = ai->ai_next; - free (tofree); - } -} diff --git a/crypto/heimdal/lib/roken/freehostent.c b/crypto/heimdal/lib/roken/freehostent.c deleted file mode 100644 index 54fc49532b20..000000000000 --- a/crypto/heimdal/lib/roken/freehostent.c +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: freehostent.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -/* - * free a malloced hostent - */ - -void ROKEN_LIB_FUNCTION -freehostent (struct hostent *h) -{ - char **p; - - free (h->h_name); - if (h->h_aliases != NULL) { - for (p = h->h_aliases; *p != NULL; ++p) - free (*p); - free (h->h_aliases); - } - if (h->h_addr_list != NULL) { - for (p = h->h_addr_list; *p != NULL; ++p) - free (*p); - free (h->h_addr_list); - } - free (h); -} diff --git a/crypto/heimdal/lib/roken/gai_strerror.c b/crypto/heimdal/lib/roken/gai_strerror.c deleted file mode 100644 index c86274358b66..000000000000 --- a/crypto/heimdal/lib/roken/gai_strerror.c +++ /dev/null @@ -1,77 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: gai_strerror.c 15837 2005-08-05 09:31:35Z lha $"); -#endif - -#include "roken.h" - -static struct gai_error { - int code; - const char *str; -} errors[] = { -{EAI_NOERROR, "no error"}, -#ifdef EAI_ADDRFAMILY -{EAI_ADDRFAMILY, "address family for nodename not supported"}, -#endif -{EAI_AGAIN, "temporary failure in name resolution"}, -{EAI_BADFLAGS, "invalid value for ai_flags"}, -{EAI_FAIL, "non-recoverable failure in name resolution"}, -{EAI_FAMILY, "ai_family not supported"}, -{EAI_MEMORY, "memory allocation failure"}, -#ifdef EAI_NODATA -{EAI_NODATA, "no address associated with nodename"}, -#endif -{EAI_NONAME, "nodename nor servname provided, or not known"}, -{EAI_SERVICE, "servname not supported for ai_socktype"}, -{EAI_SOCKTYPE, "ai_socktype not supported"}, -{EAI_SYSTEM, "system error returned in errno"}, -{0, NULL}, -}; - -/* - * - */ - -const char * ROKEN_LIB_FUNCTION -gai_strerror(int ecode) -{ - struct gai_error *g; - - for (g = errors; g->str != NULL; ++g) - if (g->code == ecode) - return g->str; - return "unknown error code in gai_strerror"; -} diff --git a/crypto/heimdal/lib/roken/get_default_username.c b/crypto/heimdal/lib/roken/get_default_username.c deleted file mode 100644 index 754b60d2a8b1..000000000000 --- a/crypto/heimdal/lib/roken/get_default_username.c +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: get_default_username.c 14773 2005-04-12 11:29:18Z lha $"); -#endif /* HAVE_CONFIG_H */ - -#include "roken.h" - -/* - * Try to return what should be considered the default username or - * NULL if we can't guess at all. - */ - -const char * ROKEN_LIB_FUNCTION -get_default_username (void) -{ - const char *user; - - user = getenv ("USER"); - if (user == NULL) - user = getenv ("LOGNAME"); - if (user == NULL) - user = getenv ("USERNAME"); - -#if defined(HAVE_GETLOGIN) && !defined(POSIX_GETLOGIN) - if (user == NULL) { - user = (const char *)getlogin (); - if (user != NULL) - return user; - } -#endif -#ifdef HAVE_PWD_H - { - uid_t uid = getuid (); - struct passwd *pwd; - - if (user != NULL) { - pwd = k_getpwnam (user); - if (pwd != NULL && pwd->pw_uid == uid) - return user; - } - pwd = k_getpwuid (uid); - if (pwd != NULL) - return pwd->pw_name; - } -#endif - return user; -} diff --git a/crypto/heimdal/lib/roken/get_window_size.c b/crypto/heimdal/lib/roken/get_window_size.c deleted file mode 100644 index 7fa91d652270..000000000000 --- a/crypto/heimdal/lib/roken/get_window_size.c +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: get_window_size.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif - -#if 0 /* Where were those needed? /confused */ -#ifdef HAVE_SYS_PROC_H -#include -#endif - -#ifdef HAVE_SYS_TTY_H -#include -#endif -#endif - -#ifdef HAVE_TERMIOS_H -#include -#endif - -#include "roken.h" - -int ROKEN_LIB_FUNCTION -get_window_size(int fd, struct winsize *wp) -{ - int ret = -1; - - memset(wp, 0, sizeof(*wp)); - -#if defined(TIOCGWINSZ) - ret = ioctl(fd, TIOCGWINSZ, wp); -#elif defined(TIOCGSIZE) - { - struct ttysize ts; - - ret = ioctl(fd, TIOCGSIZE, &ts); - if(ret == 0) { - wp->ws_row = ts.ts_lines; - wp->ws_col = ts.ts_cols; - } - } -#elif defined(HAVE__SCRSIZE) - { - int dst[2]; - - _scrsize(dst); - wp->ws_row = dst[1]; - wp->ws_col = dst[0]; - ret = 0; - } -#endif - if (ret != 0) { - char *s; - if((s = getenv("COLUMNS"))) - wp->ws_col = atoi(s); - if((s = getenv("LINES"))) - wp->ws_row = atoi(s); - if(wp->ws_col > 0 && wp->ws_row > 0) - ret = 0; - } - return ret; -} diff --git a/crypto/heimdal/lib/roken/getaddrinfo-test.c b/crypto/heimdal/lib/roken/getaddrinfo-test.c deleted file mode 100644 index 027e32a742c8..000000000000 --- a/crypto/heimdal/lib/roken/getaddrinfo-test.c +++ /dev/null @@ -1,144 +0,0 @@ -/* - * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: getaddrinfo-test.c 15930 2005-08-12 13:42:17Z lha $"); -#endif - -#include "roken.h" -#include "getarg.h" - -static int flags; -static int family; -static int socktype; - -static int version_flag; -static int help_flag; - -static struct getargs args[] = { - {"flags", 0, arg_integer, &flags, "flags", NULL}, - {"family", 0, arg_integer, &family, "family", NULL}, - {"socktype",0, arg_integer, &socktype, "socktype", NULL}, - {"version", 0, arg_flag, &version_flag, "print version",NULL}, - {"help", 0, arg_flag, &help_flag, NULL, NULL} -}; - -static void -usage(int ret) -{ - arg_printusage (args, - sizeof(args) / sizeof(args[0]), - NULL, - "[nodename servname...]"); - exit (ret); -} - -static void -doit (const char *nodename, const char *servname) -{ - struct addrinfo hints; - struct addrinfo *res, *r; - int ret; - - printf ("(%s,%s)... ", nodename ? nodename : "null", servname); - - memset (&hints, 0, sizeof(hints)); - hints.ai_flags = flags; - hints.ai_family = family; - hints.ai_socktype = socktype; - - ret = getaddrinfo (nodename, servname, &hints, &res); - if (ret) { - printf ("error: %s\n", gai_strerror(ret)); - return; - } - printf ("\n"); - - for (r = res; r != NULL; r = r->ai_next) { - char addrstr[256]; - - if (inet_ntop (r->ai_family, - socket_get_address (r->ai_addr), - addrstr, sizeof(addrstr)) == NULL) { - printf ("\tbad address?\n"); - continue; - } - printf ("\tfamily = %d, socktype = %d, protocol = %d, " - "address = \"%s\", port = %d", - r->ai_family, r->ai_socktype, r->ai_protocol, - addrstr, - ntohs(socket_get_port (r->ai_addr))); - if (r->ai_canonname) - printf (", canonname = \"%s\"", r->ai_canonname); - printf ("\n"); - } - freeaddrinfo (res); -} - -int -main(int argc, char **argv) -{ - int optidx = 0; - int i; - - setprogname (argv[0]); - - if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, - &optidx)) - usage (1); - - if (help_flag) - usage (0); - - if (version_flag) { - fprintf (stderr, "%s from %s-%s)\n", getprogname(), PACKAGE, VERSION); - return 0; - } - - argc -= optidx; - argv += optidx; - - if (argc % 2 != 0) - usage (1); - - for (i = 0; i < argc; i += 2) { - const char *nodename = argv[i]; - - if (strcmp (nodename, "null") == 0) - nodename = NULL; - - doit (nodename, argv[i+1]); - } - return 0; -} diff --git a/crypto/heimdal/lib/roken/getaddrinfo.c b/crypto/heimdal/lib/roken/getaddrinfo.c deleted file mode 100644 index f9ffcd865142..000000000000 --- a/crypto/heimdal/lib/roken/getaddrinfo.c +++ /dev/null @@ -1,417 +0,0 @@ -/* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: getaddrinfo.c 15417 2005-06-16 17:49:29Z lha $"); -#endif - -#include "roken.h" - -/* - * uses hints->ai_socktype and hints->ai_protocol - */ - -static int -get_port_protocol_socktype (const char *servname, - const struct addrinfo *hints, - int *port, - int *protocol, - int *socktype) -{ - struct servent *se; - const char *proto_str = NULL; - - *socktype = 0; - - if (hints != NULL && hints->ai_protocol != 0) { - struct protoent *protoent = getprotobynumber (hints->ai_protocol); - - if (protoent == NULL) - return EAI_SOCKTYPE; /* XXX */ - - proto_str = protoent->p_name; - *protocol = protoent->p_proto; - } - - if (hints != NULL) - *socktype = hints->ai_socktype; - - if (*socktype == SOCK_STREAM) { - se = getservbyname (servname, proto_str ? proto_str : "tcp"); - if (proto_str == NULL) - *protocol = IPPROTO_TCP; - } else if (*socktype == SOCK_DGRAM) { - se = getservbyname (servname, proto_str ? proto_str : "udp"); - if (proto_str == NULL) - *protocol = IPPROTO_UDP; - } else if (*socktype == 0) { - if (proto_str != NULL) { - se = getservbyname (servname, proto_str); - } else { - se = getservbyname (servname, "tcp"); - *protocol = IPPROTO_TCP; - *socktype = SOCK_STREAM; - if (se == NULL) { - se = getservbyname (servname, "udp"); - *protocol = IPPROTO_UDP; - *socktype = SOCK_DGRAM; - } - } - } else - return EAI_SOCKTYPE; - - if (se == NULL) { - char *endstr; - - *port = htons(strtol (servname, &endstr, 10)); - if (servname == endstr) - return EAI_NONAME; - } else { - *port = se->s_port; - } - return 0; -} - -static int -add_one (int port, int protocol, int socktype, - struct addrinfo ***ptr, - int (*func)(struct addrinfo *, void *data, int port), - void *data, - char *canonname) -{ - struct addrinfo *a; - int ret; - - a = malloc (sizeof (*a)); - if (a == NULL) - return EAI_MEMORY; - memset (a, 0, sizeof(*a)); - a->ai_flags = 0; - a->ai_next = NULL; - a->ai_protocol = protocol; - a->ai_socktype = socktype; - a->ai_canonname = canonname; - ret = (*func)(a, data, port); - if (ret) { - free (a); - return ret; - } - **ptr = a; - *ptr = &a->ai_next; - return 0; -} - -static int -const_v4 (struct addrinfo *a, void *data, int port) -{ - struct sockaddr_in *sin4; - struct in_addr *addr = (struct in_addr *)data; - - a->ai_family = PF_INET; - a->ai_addrlen = sizeof(*sin4); - a->ai_addr = malloc (sizeof(*sin4)); - if (a->ai_addr == NULL) - return EAI_MEMORY; - sin4 = (struct sockaddr_in *)a->ai_addr; - memset (sin4, 0, sizeof(*sin4)); - sin4->sin_family = AF_INET; - sin4->sin_port = port; - sin4->sin_addr = *addr; - return 0; -} - -#ifdef HAVE_IPV6 -static int -const_v6 (struct addrinfo *a, void *data, int port) -{ - struct sockaddr_in6 *sin6; - struct in6_addr *addr = (struct in6_addr *)data; - - a->ai_family = PF_INET6; - a->ai_addrlen = sizeof(*sin6); - a->ai_addr = malloc (sizeof(*sin6)); - if (a->ai_addr == NULL) - return EAI_MEMORY; - sin6 = (struct sockaddr_in6 *)a->ai_addr; - memset (sin6, 0, sizeof(*sin6)); - sin6->sin6_family = AF_INET6; - sin6->sin6_port = port; - sin6->sin6_addr = *addr; - return 0; -} -#endif - -/* this is mostly a hack for some versions of AIX that has a prototype - for in6addr_loopback but no actual symbol in libc */ -#if defined(HAVE_IPV6) && !defined(HAVE_IN6ADDR_LOOPBACK) && defined(IN6ADDR_LOOPBACK_INIT) -#define in6addr_loopback _roken_in6addr_loopback -struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; -#endif - -static int -get_null (const struct addrinfo *hints, - int port, int protocol, int socktype, - struct addrinfo **res) -{ - struct in_addr v4_addr; -#ifdef HAVE_IPV6 - struct in6_addr v6_addr; -#endif - struct addrinfo *first = NULL; - struct addrinfo **current = &first; - int family = PF_UNSPEC; - int ret; - - if (hints != NULL) - family = hints->ai_family; - - if (hints && hints->ai_flags & AI_PASSIVE) { - v4_addr.s_addr = INADDR_ANY; -#ifdef HAVE_IPV6 - v6_addr = in6addr_any; -#endif - } else { - v4_addr.s_addr = htonl(INADDR_LOOPBACK); -#ifdef HAVE_IPV6 - v6_addr = in6addr_loopback; -#endif - } - -#ifdef HAVE_IPV6 - if (family == PF_INET6 || family == PF_UNSPEC) { - ret = add_one (port, protocol, socktype, - ¤t, const_v6, &v6_addr, NULL); - } -#endif - if (family == PF_INET || family == PF_UNSPEC) { - ret = add_one (port, protocol, socktype, - ¤t, const_v4, &v4_addr, NULL); - } - *res = first; - return 0; -} - -static int -add_hostent (int port, int protocol, int socktype, - struct addrinfo ***current, - int (*func)(struct addrinfo *, void *data, int port), - struct hostent *he, int *flags) -{ - int ret; - char *canonname = NULL; - char **h; - - if (*flags & AI_CANONNAME) { - struct hostent *he2 = NULL; - const char *tmp_canon; - - tmp_canon = hostent_find_fqdn (he); - if (strchr (tmp_canon, '.') == NULL) { - int error; - - he2 = getipnodebyaddr (he->h_addr_list[0], he->h_length, - he->h_addrtype, &error); - if (he2 != NULL) { - const char *tmp = hostent_find_fqdn (he2); - - if (strchr (tmp, '.') != NULL) - tmp_canon = tmp; - } - } - - canonname = strdup (tmp_canon); - if (he2 != NULL) - freehostent (he2); - if (canonname == NULL) - return EAI_MEMORY; - } - - for (h = he->h_addr_list; *h != NULL; ++h) { - ret = add_one (port, protocol, socktype, - current, func, *h, canonname); - if (ret) - return ret; - if (*flags & AI_CANONNAME) { - *flags &= ~AI_CANONNAME; - canonname = NULL; - } - } - return 0; -} - -static int -get_number (const char *nodename, - const struct addrinfo *hints, - int port, int protocol, int socktype, - struct addrinfo **res) -{ - struct addrinfo *first = NULL; - struct addrinfo **current = &first; - int family = PF_UNSPEC; - int ret; - - if (hints != NULL) { - family = hints->ai_family; - } - -#ifdef HAVE_IPV6 - if (family == PF_INET6 || family == PF_UNSPEC) { - struct in6_addr v6_addr; - - if (inet_pton (PF_INET6, nodename, &v6_addr) == 1) { - ret = add_one (port, protocol, socktype, - ¤t, const_v6, &v6_addr, NULL); - *res = first; - return ret; - } - } -#endif - if (family == PF_INET || family == PF_UNSPEC) { - struct in_addr v4_addr; - - if (inet_pton (PF_INET, nodename, &v4_addr) == 1) { - ret = add_one (port, protocol, socktype, - ¤t, const_v4, &v4_addr, NULL); - *res = first; - return ret; - } - } - return EAI_NONAME; -} - -static int -get_nodes (const char *nodename, - const struct addrinfo *hints, - int port, int protocol, int socktype, - struct addrinfo **res) -{ - struct addrinfo *first = NULL; - struct addrinfo **current = &first; - int family = PF_UNSPEC; - int flags = 0; - int ret = EAI_NONAME; - int error; - - if (hints != NULL) { - family = hints->ai_family; - flags = hints->ai_flags; - } - -#ifdef HAVE_IPV6 - if (family == PF_INET6 || family == PF_UNSPEC) { - struct hostent *he; - - he = getipnodebyname (nodename, PF_INET6, 0, &error); - - if (he != NULL) { - ret = add_hostent (port, protocol, socktype, - ¤t, const_v6, he, &flags); - freehostent (he); - } - } -#endif - if (family == PF_INET || family == PF_UNSPEC) { - struct hostent *he; - - he = getipnodebyname (nodename, PF_INET, 0, &error); - - if (he != NULL) { - ret = add_hostent (port, protocol, socktype, - ¤t, const_v4, he, &flags); - freehostent (he); - } - } - *res = first; - return ret; -} - -/* - * hints: - * - * struct addrinfo { - * int ai_flags; - * int ai_family; - * int ai_socktype; - * int ai_protocol; - * ... - * }; - */ - -int ROKEN_LIB_FUNCTION -getaddrinfo(const char *nodename, - const char *servname, - const struct addrinfo *hints, - struct addrinfo **res) -{ - int ret; - int port = 0; - int protocol = 0; - int socktype = 0; - - *res = NULL; - - if (servname == NULL && nodename == NULL) - return EAI_NONAME; - - if (hints != NULL - && hints->ai_family != PF_UNSPEC - && hints->ai_family != PF_INET -#ifdef HAVE_IPV6 - && hints->ai_family != PF_INET6 -#endif - ) - return EAI_FAMILY; - - if (servname != NULL) { - ret = get_port_protocol_socktype (servname, hints, - &port, &protocol, &socktype); - if (ret) - return ret; - } - if (nodename != NULL) { - ret = get_number (nodename, hints, port, protocol, socktype, res); - if (ret) { - if(hints && hints->ai_flags & AI_NUMERICHOST) - ret = EAI_NONAME; - else - ret = get_nodes (nodename, hints, port, protocol, socktype, - res); - } - } else { - ret = get_null (hints, port, protocol, socktype, res); - } - if (ret) - freeaddrinfo (*res); - return ret; -} diff --git a/crypto/heimdal/lib/roken/getaddrinfo_hostspec.c b/crypto/heimdal/lib/roken/getaddrinfo_hostspec.c deleted file mode 100644 index 29eae31e4caa..000000000000 --- a/crypto/heimdal/lib/roken/getaddrinfo_hostspec.c +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Copyright (c) 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: getaddrinfo_hostspec.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -/* getaddrinfo via string specifying host and port */ - -int ROKEN_LIB_FUNCTION -roken_getaddrinfo_hostspec2(const char *hostspec, - int socktype, - int port, - struct addrinfo **ai) -{ - const char *p; - char portstr[NI_MAXSERV]; - char host[MAXHOSTNAMELEN]; - struct addrinfo hints; - int hostspec_len; - - struct hst { - const char *prefix; - int socktype; - int protocol; - int port; - } *hstp, hst[] = { - { "http://", SOCK_STREAM, IPPROTO_TCP, 80 }, - { "http/", SOCK_STREAM, IPPROTO_TCP, 80 }, - { "tcp/", SOCK_STREAM, IPPROTO_TCP }, - { "udp/", SOCK_DGRAM, IPPROTO_UDP }, - { NULL } - }; - - memset(&hints, 0, sizeof(hints)); - - hints.ai_socktype = socktype; - - for(hstp = hst; hstp->prefix; hstp++) { - if(strncmp(hostspec, hstp->prefix, strlen(hstp->prefix)) == 0) { - hints.ai_socktype = hstp->socktype; - hints.ai_protocol = hstp->protocol; - if(port == 0) - port = hstp->port; - hostspec += strlen(hstp->prefix); - break; - } - } - - p = strchr (hostspec, ':'); - if (p != NULL) { - char *end; - - port = strtol (p + 1, &end, 0); - hostspec_len = p - hostspec; - } else { - hostspec_len = strlen(hostspec); - } - snprintf (portstr, sizeof(portstr), "%u", port); - - snprintf (host, sizeof(host), "%.*s", hostspec_len, hostspec); - return getaddrinfo (host, portstr, &hints, ai); -} - -int ROKEN_LIB_FUNCTION -roken_getaddrinfo_hostspec(const char *hostspec, - int port, - struct addrinfo **ai) -{ - return roken_getaddrinfo_hostspec2(hostspec, 0, port, ai); -} diff --git a/crypto/heimdal/lib/roken/getarg.3 b/crypto/heimdal/lib/roken/getarg.3 deleted file mode 100644 index fd5ed3de0e82..000000000000 --- a/crypto/heimdal/lib/roken/getarg.3 +++ /dev/null @@ -1,341 +0,0 @@ -.\" Copyright (c) 1999 - 2002 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: getarg.3 13380 2004-02-17 12:04:59Z lha $ -.Dd September 24, 1999 -.Dt GETARG 3 -.Os ROKEN -.Sh NAME -.Nm getarg , -.Nm arg_printusage -.Nd collect command line options -.Sh SYNOPSIS -.In getarg.h -.Ft int -.Fn getarg "struct getargs *args" "size_t num_args" "int argc" "char **argv" "int *optind" -.Ft void -.Fn arg_printusage "struct getargs *args" "size_t num_args" "const char *progname" "const char *extra_string" -.Sh DESCRIPTION -.Fn getarg -collects any command line options given to a program in an easily used way. -.Fn arg_printusage -pretty-prints the available options, with a short help text. -.Pp -.Fa args -is the option specification to use, and it's an array of -.Fa struct getargs -elements. -.Fa num_args -is the size of -.Fa args -(in elements). -.Fa argc -and -.Fa argv -are the argument count and argument vector to extract option from. -.Fa optind -is a pointer to an integer where the index to the last processed -argument is stored, it must be initialised to the first index (minus -one) to process (normally 0) before the first call. -.Pp -.Fa arg_printusage -take the same -.Fa args -and -.Fa num_args -as getarg; -.Fa progname -is the name of the program (to be used in the help text), and -.Fa extra_string -is a string to print after the actual options to indicate more -arguments. The usefulness of this function is realised only be people -who has used programs that has help strings that doesn't match what -the code does. -.Pp -The -.Fa getargs -struct has the following elements. -.Bd -literal -struct getargs{ - const char *long_name; - char short_name; - enum { arg_integer, - arg_string, - arg_flag, - arg_negative_flag, - arg_strings, - arg_double, - arg_collect - } type; - void *value; - const char *help; - const char *arg_help; -}; -.Ed -.Pp -.Fa long_name -is the long name of the option, it can be -.Dv NULL , -if you don't want a long name. -.Fa short_name -is the characted to use as short option, it can be zero. If the option -has a value the -.Fa value -field gets filled in with that value interpreted as specified by the -.Fa type -field. -.Fa help -is a longer help string for the option as a whole, if it's -.Dv NULL -the help text for the option is omitted (but it's still displayed in -the synopsis). -.Fa arg_help -is a description of the argument, if -.Dv NULL -a default value will be used, depending on the type of the option: -.Pp -.Bl -hang -width arg_negative_flag -.It arg_integer -the argument is a signed integer, and -.Fa value -should point to an -.Fa int . -.It Fa arg_string -the argument is a string, and -.Fa value -should point to a -.Fa char* . -.It Fa arg_flag -the argument is a flag, and -.Fa value -should point to a -.Fa int . -It gets filled in with either zero or one, depending on how the option -is given, the normal case being one. Note that if the option isn't -given, the value isn't altered, so it should be initialised to some -useful default. -.It Fa arg_negative_flag -this is the same as -.Fa arg_flag -but it reverses the meaning of the flag (a given short option clears -the flag), and the synopsis of a long option is negated. -.It Fa arg_strings -the argument can be given multiple times, and the values are collected -in an array; -.Fa value -should be a pointer to a -.Fa struct getarg_strings -structure, which holds a length and a string pointer. -.It Fa arg_double -argument is a double precision floating point value, and -.Fa value -should point to a -.Fa double . -.It Fa arg_collect -allows more fine-grained control of the option parsing process. -.Fa value -should be a pointer to a -.Fa getarg_collect_info -structure: -.Bd -literal -typedef int (*getarg_collect_func)(int short_opt, - int argc, - char **argv, - int *optind, - int *optarg, - void *data); - -typedef struct getarg_collect_info { - getarg_collect_func func; - void *data; -} getarg_collect_info; -.Ed -.Pp -With the -.Fa func -member set to a function to call, and -.Fa data -to some application specific data. The parameters to the collect function are: -.Bl -inset -.It Fa short_flag -non-zero if this call is via a short option flag, zero otherwise -.It Fa argc , argv -the whole argument list -.It Fa optind -pointer to the index in argv where the flag is -.It Fa optarg -pointer to the index in argv[*optind] where the flag name starts -.It Fa data -application specific data -.El -.Pp -You can modify -.Fa *optind , -and -.Fa *optarg , -but to do this correct you (more or less) have to know about the inner -workings of getarg. -.Pp -You can skip parts of arguments by increasing -.Fa *optarg -(you could -implement the -.Fl z Ns Ar 3 -set of flags from -.Nm gzip -with this), or whole argument strings by increasing -.Fa *optind -(let's say you want a flag -.Fl c Ar x y z -to specify a coordinate); if you also have to set -.Fa *optarg -to a sane value. -.Pp -The collect function should return one of -.Dv ARG_ERR_NO_MATCH , ARG_ERR_BAD_ARG , ARG_ERR_NO_ARG, ENOMEM -on error, zero otherwise. -.Pp -For your convenience there is a function, -.Fn getarg_optarg , -that returns the traditional argument string, and you pass it all -arguments, sans data, that where given to the collection function. -.Pp -Don't use this more this unless you absolutely have to. -.El -.Pp -Option parsing is similar to what -.Xr getopt -uses. Short options without arguments can be compressed -.Pf ( Fl xyz -is the same as -.Fl x y z ) , -and short -options with arguments take these as either the rest of the -argv-string or as the next option -.Pf ( Fl o Ns Ar foo , -or -.Fl o Ar foo ) . -.Pp -Long option names are prefixed with -- (double dash), and the value -with a = (equal), -.Fl -foo= Ns Ar bar . -Long option flags can either be specified as they are -.Pf ( Fl -help ) , -or with an (boolean parsable) option -.Pf ( Fl -help= Ns Ar yes , -.Fl -help= Ns Ar true , -or similar), or they can also be negated -.Pf ( Fl -no-help -is the same as -.Fl -help= Ns no ) , -and if you're really confused you can do it multiple times -.Pf ( Fl -no-no-help= Ns Ar false , -or even -.Fl -no-no-help= Ns Ar maybe ) . -.Sh EXAMPLE -.Bd -literal -#include -#include -#include - -char *source = "Ouagadougou"; -char *destination; -int weight; -int include_catalog = 1; -int help_flag; - -struct getargs args[] = { - { "source", 's', arg_string, &source, - "source of shippment", "city" }, - { "destination", 'd', arg_string, &destination, - "destination of shippment", "city" }, - { "weight", 'w', arg_integer, &weight, - "weight of shippment", "tons" }, - { "catalog", 'c', arg_negative_flag, &include_catalog, - "include product catalog" }, - { "help", 'h', arg_flag, &help_flag } -}; - -int num_args = sizeof(args) / sizeof(args[0]); /* number of elements in args */ - -const char *progname = "ship++"; - -int -main(int argc, char **argv) -{ - int optind = 0; - if (getarg(args, num_args, argc, argv, &optind)) { - arg_printusage(args, num_args, progname, "stuff..."); - exit (1); - } - if (help_flag) { - arg_printusage(args, num_args, progname, "stuff..."); - exit (0); - } - if (destination == NULL) { - fprintf(stderr, "%s: must specify destination\en", progname); - exit(1); - } - if (strcmp(source, destination) == 0) { - fprintf(stderr, "%s: destination must be different from source\en"); - exit(1); - } - /* include more stuff here ... */ - exit(2); -} -.Ed -.Pp -The output help output from this program looks like this: -.Bd -literal -$ ship++ --help -Usage: ship++ [--source=city] [-s city] [--destination=city] [-d city] - [--weight=tons] [-w tons] [--no-catalog] [-c] [--help] [-h] stuff... --s city, --source=city source of shippment --d city, --destination=city destination of shippment --w tons, --weight=tons weight of shippment --c, --no-catalog include product catalog -.Ed -.Sh BUGS -It should be more flexible, so it would be possible to use other more -complicated option syntaxes, such as what -.Xr ps 1 , -and -.Xr tar 1 , -uses, or the AFS model where you can skip the flag names as long as -the options come in the correct order. -.Pp -Options with multiple arguments should be handled better. -.Pp -Should be integreated with SL. -.Pp -It's very confusing that the struct you pass in is called getargS. -.Sh SEE ALSO -.Xr getopt 3 diff --git a/crypto/heimdal/lib/roken/getarg.c b/crypto/heimdal/lib/roken/getarg.c deleted file mode 100644 index c732d2fd43a5..000000000000 --- a/crypto/heimdal/lib/roken/getarg.c +++ /dev/null @@ -1,595 +0,0 @@ -/* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: getarg.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include -#include -#include -#include "roken.h" -#include "getarg.h" - -#define ISFLAG(X) ((X).type == arg_flag || (X).type == arg_negative_flag) - -static size_t -print_arg (char *string, size_t len, int mdoc, int longp, struct getargs *arg) -{ - const char *s; - - *string = '\0'; - - if (ISFLAG(*arg) || (!longp && arg->type == arg_counter)) - return 0; - - if(mdoc){ - if(longp) - strlcat(string, "= Ns", len); - strlcat(string, " Ar ", len); - } else { - if (longp) - strlcat (string, "=", len); - else - strlcat (string, " ", len); - } - - if (arg->arg_help) - s = arg->arg_help; - else if (arg->type == arg_integer || arg->type == arg_counter) - s = "integer"; - else if (arg->type == arg_string) - s = "string"; - else if (arg->type == arg_strings) - s = "strings"; - else if (arg->type == arg_double) - s = "float"; - else - s = ""; - - strlcat(string, s, len); - return 1 + strlen(s); -} - -static void -mandoc_template(struct getargs *args, - size_t num_args, - const char *progname, - const char *extra_string) -{ - int i; - char timestr[64], cmd[64]; - char buf[128]; - const char *p; - time_t t; - - printf(".\\\" Things to fix:\n"); - printf(".\\\" * correct section, and operating system\n"); - printf(".\\\" * remove Op from mandatory flags\n"); - printf(".\\\" * use better macros for arguments (like .Pa for files)\n"); - printf(".\\\"\n"); - t = time(NULL); - strftime(timestr, sizeof(timestr), "%B %e, %Y", localtime(&t)); - printf(".Dd %s\n", timestr); - p = strrchr(progname, '/'); - if(p) p++; else p = progname; - strlcpy(cmd, p, sizeof(cmd)); - strupr(cmd); - - printf(".Dt %s SECTION\n", cmd); - printf(".Os OPERATING_SYSTEM\n"); - printf(".Sh NAME\n"); - printf(".Nm %s\n", p); - printf(".Nd\n"); - printf("in search of a description\n"); - printf(".Sh SYNOPSIS\n"); - printf(".Nm\n"); - for(i = 0; i < num_args; i++){ - /* we seem to hit a limit on number of arguments if doing - short and long flags with arguments -- split on two lines */ - if(ISFLAG(args[i]) || - args[i].short_name == 0 || args[i].long_name == NULL) { - printf(".Op "); - - if(args[i].short_name) { - print_arg(buf, sizeof(buf), 1, 0, args + i); - printf("Fl %c%s", args[i].short_name, buf); - if(args[i].long_name) - printf(" | "); - } - if(args[i].long_name) { - print_arg(buf, sizeof(buf), 1, 1, args + i); - printf("Fl -%s%s%s", - args[i].type == arg_negative_flag ? "no-" : "", - args[i].long_name, buf); - } - printf("\n"); - } else { - print_arg(buf, sizeof(buf), 1, 0, args + i); - printf(".Oo Fl %c%s \\*(Ba Xo\n", args[i].short_name, buf); - print_arg(buf, sizeof(buf), 1, 1, args + i); - printf(".Fl -%s%s\n.Xc\n.Oc\n", args[i].long_name, buf); - } - /* - if(args[i].type == arg_strings) - fprintf (stderr, "..."); - */ - } - if (extra_string && *extra_string) - printf (".Ar %s\n", extra_string); - printf(".Sh DESCRIPTION\n"); - printf("Supported options:\n"); - printf(".Bl -tag -width Ds\n"); - for(i = 0; i < num_args; i++){ - printf(".It Xo\n"); - if(args[i].short_name){ - printf(".Fl %c", args[i].short_name); - print_arg(buf, sizeof(buf), 1, 0, args + i); - printf("%s", buf); - if(args[i].long_name) - printf(" ,"); - printf("\n"); - } - if(args[i].long_name){ - printf(".Fl -%s%s", - args[i].type == arg_negative_flag ? "no-" : "", - args[i].long_name); - print_arg(buf, sizeof(buf), 1, 1, args + i); - printf("%s\n", buf); - } - printf(".Xc\n"); - if(args[i].help) - printf("%s\n", args[i].help); - /* - if(args[i].type == arg_strings) - fprintf (stderr, "..."); - */ - } - printf(".El\n"); - printf(".\\\".Sh ENVIRONMENT\n"); - printf(".\\\".Sh FILES\n"); - printf(".\\\".Sh EXAMPLES\n"); - printf(".\\\".Sh DIAGNOSTICS\n"); - printf(".\\\".Sh SEE ALSO\n"); - printf(".\\\".Sh STANDARDS\n"); - printf(".\\\".Sh HISTORY\n"); - printf(".\\\".Sh AUTHORS\n"); - printf(".\\\".Sh BUGS\n"); -} - -static int -check_column(FILE *f, int col, int len, int columns) -{ - if(col + len > columns) { - fprintf(f, "\n"); - col = fprintf(f, " "); - } - return col; -} - -void ROKEN_LIB_FUNCTION -arg_printusage (struct getargs *args, - size_t num_args, - const char *progname, - const char *extra_string) -{ - int i; - size_t max_len = 0; - char buf[128]; - int col = 0, columns; - struct winsize ws; - - if (progname == NULL) - progname = getprogname(); - - if(getenv("GETARGMANDOC")){ - mandoc_template(args, num_args, progname, extra_string); - return; - } - if(get_window_size(2, &ws) == 0) - columns = ws.ws_col; - else - columns = 80; - col = 0; - col += fprintf (stderr, "Usage: %s", progname); - buf[0] = '\0'; - for (i = 0; i < num_args; ++i) { - if(args[i].short_name && ISFLAG(args[i])) { - char s[2]; - if(buf[0] == '\0') - strlcpy(buf, "[-", sizeof(buf)); - s[0] = args[i].short_name; - s[1] = '\0'; - strlcat(buf, s, sizeof(buf)); - } - } - if(buf[0] != '\0') { - strlcat(buf, "]", sizeof(buf)); - col = check_column(stderr, col, strlen(buf) + 1, columns); - col += fprintf(stderr, " %s", buf); - } - - for (i = 0; i < num_args; ++i) { - size_t len = 0; - - if (args[i].long_name) { - buf[0] = '\0'; - strlcat(buf, "[--", sizeof(buf)); - len += 2; - if(args[i].type == arg_negative_flag) { - strlcat(buf, "no-", sizeof(buf)); - len += 3; - } - strlcat(buf, args[i].long_name, sizeof(buf)); - len += strlen(args[i].long_name); - len += print_arg(buf + strlen(buf), sizeof(buf) - strlen(buf), - 0, 1, &args[i]); - strlcat(buf, "]", sizeof(buf)); - if(args[i].type == arg_strings) - strlcat(buf, "...", sizeof(buf)); - col = check_column(stderr, col, strlen(buf) + 1, columns); - col += fprintf(stderr, " %s", buf); - } - if (args[i].short_name && !ISFLAG(args[i])) { - snprintf(buf, sizeof(buf), "[-%c", args[i].short_name); - len += 2; - len += print_arg(buf + strlen(buf), sizeof(buf) - strlen(buf), - 0, 0, &args[i]); - strlcat(buf, "]", sizeof(buf)); - if(args[i].type == arg_strings) - strlcat(buf, "...", sizeof(buf)); - col = check_column(stderr, col, strlen(buf) + 1, columns); - col += fprintf(stderr, " %s", buf); - } - if (args[i].long_name && args[i].short_name) - len += 2; /* ", " */ - max_len = max(max_len, len); - } - if (extra_string) { - col = check_column(stderr, col, strlen(extra_string) + 1, columns); - fprintf (stderr, " %s\n", extra_string); - } else - fprintf (stderr, "\n"); - for (i = 0; i < num_args; ++i) { - if (args[i].help) { - size_t count = 0; - - if (args[i].short_name) { - count += fprintf (stderr, "-%c", args[i].short_name); - print_arg (buf, sizeof(buf), 0, 0, &args[i]); - count += fprintf(stderr, "%s", buf); - } - if (args[i].short_name && args[i].long_name) - count += fprintf (stderr, ", "); - if (args[i].long_name) { - count += fprintf (stderr, "--"); - if (args[i].type == arg_negative_flag) - count += fprintf (stderr, "no-"); - count += fprintf (stderr, "%s", args[i].long_name); - print_arg (buf, sizeof(buf), 0, 1, &args[i]); - count += fprintf(stderr, "%s", buf); - } - while(count++ <= max_len) - putc (' ', stderr); - fprintf (stderr, "%s\n", args[i].help); - } - } -} - -static int -add_string(getarg_strings *s, char *value) -{ - char **strings; - - strings = realloc(s->strings, (s->num_strings + 1) * sizeof(*s->strings)); - if (strings == NULL) { - free(s->strings); - s->strings = NULL; - s->num_strings = 0; - return ENOMEM; - } - s->strings = strings; - s->strings[s->num_strings] = value; - s->num_strings++; - return 0; -} - -static int -arg_match_long(struct getargs *args, size_t num_args, - char *argv, int argc, char **rargv, int *goptind) -{ - int i; - char *goptarg = NULL; - int negate = 0; - int partial_match = 0; - struct getargs *partial = NULL; - struct getargs *current = NULL; - int argv_len; - char *p; - int p_len; - - argv_len = strlen(argv); - p = strchr (argv, '='); - if (p != NULL) - argv_len = p - argv; - - for (i = 0; i < num_args; ++i) { - if(args[i].long_name) { - int len = strlen(args[i].long_name); - p = argv; - p_len = argv_len; - negate = 0; - - for (;;) { - if (strncmp (args[i].long_name, p, p_len) == 0) { - if(p_len == len) - current = &args[i]; - else { - ++partial_match; - partial = &args[i]; - } - goptarg = p + p_len; - } else if (ISFLAG(args[i]) && strncmp (p, "no-", 3) == 0) { - negate = !negate; - p += 3; - p_len -= 3; - continue; - } - break; - } - if (current) - break; - } - } - if (current == NULL) { - if (partial_match == 1) - current = partial; - else - return ARG_ERR_NO_MATCH; - } - - if(*goptarg == '\0' - && !ISFLAG(*current) - && current->type != arg_collect - && current->type != arg_counter) - return ARG_ERR_NO_MATCH; - switch(current->type){ - case arg_integer: - { - int tmp; - if(sscanf(goptarg + 1, "%d", &tmp) != 1) - return ARG_ERR_BAD_ARG; - *(int*)current->value = tmp; - return 0; - } - case arg_string: - { - *(char**)current->value = goptarg + 1; - return 0; - } - case arg_strings: - { - return add_string((getarg_strings*)current->value, goptarg + 1); - } - case arg_flag: - case arg_negative_flag: - { - int *flag = current->value; - if(*goptarg == '\0' || - strcmp(goptarg + 1, "yes") == 0 || - strcmp(goptarg + 1, "true") == 0){ - *flag = !negate; - return 0; - } else if (*goptarg && strcmp(goptarg + 1, "maybe") == 0) { -#ifdef HAVE_RANDOM - *flag = random() & 1; -#else - *flag = rand() & 1; -#endif - } else { - *flag = negate; - return 0; - } - return ARG_ERR_BAD_ARG; - } - case arg_counter : - { - int val; - - if (*goptarg == '\0') - val = 1; - else if(sscanf(goptarg + 1, "%d", &val) != 1) - return ARG_ERR_BAD_ARG; - *(int *)current->value += val; - return 0; - } - case arg_double: - { - double tmp; - if(sscanf(goptarg + 1, "%lf", &tmp) != 1) - return ARG_ERR_BAD_ARG; - *(double*)current->value = tmp; - return 0; - } - case arg_collect:{ - struct getarg_collect_info *c = current->value; - int o = argv - rargv[*goptind]; - return (*c->func)(FALSE, argc, rargv, goptind, &o, c->data); - } - - default: - abort (); - } -} - -static int -arg_match_short (struct getargs *args, size_t num_args, - char *argv, int argc, char **rargv, int *goptind) -{ - int j, k; - - for(j = 1; j > 0 && j < strlen(rargv[*goptind]); j++) { - for(k = 0; k < num_args; k++) { - char *goptarg; - - if(args[k].short_name == 0) - continue; - if(argv[j] == args[k].short_name) { - if(args[k].type == arg_flag) { - *(int*)args[k].value = 1; - break; - } - if(args[k].type == arg_negative_flag) { - *(int*)args[k].value = 0; - break; - } - if(args[k].type == arg_counter) { - ++*(int *)args[k].value; - break; - } - if(args[k].type == arg_collect) { - struct getarg_collect_info *c = args[k].value; - - if((*c->func)(TRUE, argc, rargv, goptind, &j, c->data)) - return ARG_ERR_BAD_ARG; - break; - } - - if(argv[j + 1]) - goptarg = &argv[j + 1]; - else { - ++*goptind; - goptarg = rargv[*goptind]; - } - if(goptarg == NULL) { - --*goptind; - return ARG_ERR_NO_ARG; - } - if(args[k].type == arg_integer) { - int tmp; - if(sscanf(goptarg, "%d", &tmp) != 1) - return ARG_ERR_BAD_ARG; - *(int*)args[k].value = tmp; - return 0; - } else if(args[k].type == arg_string) { - *(char**)args[k].value = goptarg; - return 0; - } else if(args[k].type == arg_strings) { - return add_string((getarg_strings*)args[k].value, goptarg); - } else if(args[k].type == arg_double) { - double tmp; - if(sscanf(goptarg, "%lf", &tmp) != 1) - return ARG_ERR_BAD_ARG; - *(double*)args[k].value = tmp; - return 0; - } - return ARG_ERR_BAD_ARG; - } - } - if (k == num_args) - return ARG_ERR_NO_MATCH; - } - return 0; -} - -int ROKEN_LIB_FUNCTION -getarg(struct getargs *args, size_t num_args, - int argc, char **argv, int *goptind) -{ - int i; - int ret = 0; - -#if defined(HAVE_SRANDOMDEV) - srandomdev(); -#elif defined(HAVE_RANDOM) - srandom(time(NULL)); -#else - srand (time(NULL)); -#endif - (*goptind)++; - for(i = *goptind; i < argc; i++) { - if(argv[i][0] != '-') - break; - if(argv[i][1] == '-'){ - if(argv[i][2] == 0){ - i++; - break; - } - ret = arg_match_long (args, num_args, argv[i] + 2, - argc, argv, &i); - } else { - ret = arg_match_short (args, num_args, argv[i], - argc, argv, &i); - } - if(ret) - break; - } - *goptind = i; - return ret; -} - -void ROKEN_LIB_FUNCTION -free_getarg_strings (getarg_strings *s) -{ - free (s->strings); -} - -#if TEST -int foo_flag = 2; -int flag1 = 0; -int flag2 = 0; -int bar_int; -char *baz_string; - -struct getargs args[] = { - { NULL, '1', arg_flag, &flag1, "one", NULL }, - { NULL, '2', arg_flag, &flag2, "two", NULL }, - { "foo", 'f', arg_negative_flag, &foo_flag, "foo", NULL }, - { "bar", 'b', arg_integer, &bar_int, "bar", "seconds"}, - { "baz", 'x', arg_string, &baz_string, "baz", "name" }, -}; - -int main(int argc, char **argv) -{ - int goptind = 0; - while(getarg(args, 5, argc, argv, &goptind)) - printf("Bad arg: %s\n", argv[goptind]); - printf("flag1 = %d\n", flag1); - printf("flag2 = %d\n", flag2); - printf("foo_flag = %d\n", foo_flag); - printf("bar_int = %d\n", bar_int); - printf("baz_flag = %s\n", baz_string); - arg_printusage (args, 5, argv[0], "nothing here"); -} -#endif diff --git a/crypto/heimdal/lib/roken/getarg.h b/crypto/heimdal/lib/roken/getarg.h deleted file mode 100644 index 62d1b6687c36..000000000000 --- a/crypto/heimdal/lib/roken/getarg.h +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: getarg.h 14776 2005-04-13 05:52:27Z lha $ */ - -#ifndef __GETARG_H__ -#define __GETARG_H__ - -#include - -#ifndef ROKEN_LIB_FUNCTION -#ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall -#else -#define ROKEN_LIB_FUNCTION -#endif -#endif - -struct getargs{ - const char *long_name; - char short_name; - enum { arg_integer, - arg_string, - arg_flag, - arg_negative_flag, - arg_strings, - arg_double, - arg_collect, - arg_counter - } type; - void *value; - const char *help; - const char *arg_help; -}; - -enum { - ARG_ERR_NO_MATCH = 1, - ARG_ERR_BAD_ARG, - ARG_ERR_NO_ARG -}; - -typedef struct getarg_strings { - int num_strings; - char **strings; -} getarg_strings; - -typedef int (*getarg_collect_func)(int short_opt, - int argc, - char **argv, - int *goptind, - int *goptarg, - void *data); - -typedef struct getarg_collect_info { - getarg_collect_func func; - void *data; -} getarg_collect_info; - -int ROKEN_LIB_FUNCTION -getarg(struct getargs *args, size_t num_args, - int argc, char **argv, int *goptind); - -void ROKEN_LIB_FUNCTION -arg_printusage (struct getargs *args, - size_t num_args, - const char *progname, - const char *extra_string); - -void ROKEN_LIB_FUNCTION -free_getarg_strings (getarg_strings *); - -#endif /* __GETARG_H__ */ diff --git a/crypto/heimdal/lib/roken/getcap.c b/crypto/heimdal/lib/roken/getcap.c deleted file mode 100644 index a4e3a7de5d98..000000000000 --- a/crypto/heimdal/lib/roken/getcap.c +++ /dev/null @@ -1,1122 +0,0 @@ -/* $NetBSD: getcap.c,v 1.29 1999/03/29 09:27:29 abs Exp $ */ - -/*- - * Copyright (c) 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Casey Leedom of Lawrence Livermore National Laboratory. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" -RCSID("$Id: getcap.c 22071 2007-11-14 20:04:50Z lha $"); - -#include -#include -#if defined(HAVE_DB_185_H) -#include -#elif defined(HAVE_DB_H) -#include -#endif -#include -#include -#include -#include -#include -#include -#include - -#define BFRAG 1024 -#if 0 -#define BSIZE 1024 -#endif -#define ESC ('[' & 037) /* ASCII ESC */ -#define MAX_RECURSION 32 /* maximum getent recursion */ -#define SFRAG 100 /* cgetstr mallocs in SFRAG chunks */ - -#define RECOK (char)0 -#define TCERR (char)1 -#define SHADOW (char)2 - -static size_t topreclen; /* toprec length */ -static char *toprec; /* Additional record specified by cgetset() */ -static int gottoprec; /* Flag indicating retrieval of toprecord */ - -#if 0 /* - * Don't use db support unless it's build into libc but we don't - * check for that now, so just disable the code. - */ -#if defined(HAVE_DBOPEN) && defined(HAVE_DB_H) -#define USE_DB -#endif -#endif - -#ifdef USE_DB -static int cdbget (DB *, char **, const char *); -#endif -static int getent (char **, size_t *, char **, int, const char *, int, char *); -static int nfcmp (char *, char *); - - -int ROKEN_LIB_FUNCTION cgetset(const char *ent); -char *ROKEN_LIB_FUNCTION cgetcap(char *buf, const char *cap, int type); -int ROKEN_LIB_FUNCTION cgetent(char **buf, char **db_array, const char *name); -int ROKEN_LIB_FUNCTION cgetmatch(const char *buf, const char *name); -int ROKEN_LIB_FUNCTION cgetclose(void); -#if 0 -int cgetfirst(char **buf, char **db_array); -int cgetnext(char **bp, char **db_array); -#endif -int ROKEN_LIB_FUNCTION cgetstr(char *buf, const char *cap, char **str); -int ROKEN_LIB_FUNCTION cgetustr(char *buf, const char *cap, char **str); -int ROKEN_LIB_FUNCTION cgetnum(char *buf, const char *cap, long *num); -/* - * Cgetset() allows the addition of a user specified buffer to be added - * to the database array, in effect "pushing" the buffer on top of the - * virtual database. 0 is returned on success, -1 on failure. - */ -int ROKEN_LIB_FUNCTION -cgetset(const char *ent) -{ - const char *source, *check; - char *dest; - - if (ent == NULL) { - if (toprec) - free(toprec); - toprec = NULL; - topreclen = 0; - return (0); - } - topreclen = strlen(ent); - if ((toprec = malloc (topreclen + 1)) == NULL) { - errno = ENOMEM; - return (-1); - } - gottoprec = 0; - - source=ent; - dest=toprec; - while (*source) { /* Strip whitespace */ - *dest++ = *source++; /* Do not check first field */ - while (*source == ':') { - check=source+1; - while (*check && (isspace((unsigned char)*check) || - (*check=='\\' && isspace((unsigned char)check[1])))) - ++check; - if( *check == ':' ) - source=check; - else - break; - - } - } - *dest=0; - - return (0); -} - -/* - * Cgetcap searches the capability record buf for the capability cap with - * type `type'. A pointer to the value of cap is returned on success, NULL - * if the requested capability couldn't be found. - * - * Specifying a type of ':' means that nothing should follow cap (:cap:). - * In this case a pointer to the terminating ':' or NUL will be returned if - * cap is found. - * - * If (cap, '@') or (cap, terminator, '@') is found before (cap, terminator) - * return NULL. - */ -char * ROKEN_LIB_FUNCTION -cgetcap(char *buf, const char *cap, int type) -{ - char *bp; - const char *cp; - - bp = buf; - for (;;) { - /* - * Skip past the current capability field - it's either the - * name field if this is the first time through the loop, or - * the remainder of a field whose name failed to match cap. - */ - for (;;) - if (*bp == '\0') - return (NULL); - else - if (*bp++ == ':') - break; - - /* - * Try to match (cap, type) in buf. - */ - for (cp = cap; *cp == *bp && *bp != '\0'; cp++, bp++) - continue; - if (*cp != '\0') - continue; - if (*bp == '@') - return (NULL); - if (type == ':') { - if (*bp != '\0' && *bp != ':') - continue; - return(bp); - } - if (*bp != type) - continue; - bp++; - return (*bp == '@' ? NULL : bp); - } - /* NOTREACHED */ -} - -/* - * Cgetent extracts the capability record name from the NULL terminated file - * array db_array and returns a pointer to a malloc'd copy of it in buf. - * Buf must be retained through all subsequent calls to cgetcap, cgetnum, - * cgetflag, and cgetstr, but may then be free'd. 0 is returned on success, - * -1 if the requested record couldn't be found, -2 if a system error was - * encountered (couldn't open/read a file, etc.), and -3 if a potential - * reference loop is detected. - */ -int ROKEN_LIB_FUNCTION -cgetent(char **buf, char **db_array, const char *name) -{ - size_t dummy; - - return (getent(buf, &dummy, db_array, -1, name, 0, NULL)); -} - -/* - * Getent implements the functions of cgetent. If fd is non-negative, - * *db_array has already been opened and fd is the open file descriptor. We - * do this to save time and avoid using up file descriptors for tc= - * recursions. - * - * Getent returns the same success/failure codes as cgetent. On success, a - * pointer to a malloc'ed capability record with all tc= capabilities fully - * expanded and its length (not including trailing ASCII NUL) are left in - * *cap and *len. - * - * Basic algorithm: - * + Allocate memory incrementally as needed in chunks of size BFRAG - * for capability buffer. - * + Recurse for each tc=name and interpolate result. Stop when all - * names interpolated, a name can't be found, or depth exceeds - * MAX_RECURSION. - */ -static int -getent(char **cap, size_t *len, char **db_array, int fd, - const char *name, int depth, char *nfield) -{ - char *r_end, *rp = NULL, **db_p; /* pacify gcc */ - int myfd = 0, eof, foundit; - char *record; - int tc_not_resolved; - - /* - * Return with ``loop detected'' error if we've recursed more than - * MAX_RECURSION times. - */ - if (depth > MAX_RECURSION) - return (-3); - - /* - * Check if we have a top record from cgetset(). - */ - if (depth == 0 && toprec != NULL && cgetmatch(toprec, name) == 0) { - size_t len = topreclen + BFRAG; - if ((record = malloc (len)) == NULL) { - errno = ENOMEM; - return (-2); - } - (void)strlcpy(record, toprec, len); - db_p = db_array; - rp = record + topreclen + 1; - r_end = rp + BFRAG; - goto tc_exp; - } - /* - * Allocate first chunk of memory. - */ - if ((record = malloc(BFRAG)) == NULL) { - errno = ENOMEM; - return (-2); - } - r_end = record + BFRAG; - foundit = 0; - /* - * Loop through database array until finding the record. - */ - - for (db_p = db_array; *db_p != NULL; db_p++) { - eof = 0; - - /* - * Open database if not already open. - */ - - if (fd >= 0) { - (void)lseek(fd, (off_t)0, SEEK_SET); - } else { -#ifdef USE_DB - char pbuf[_POSIX_PATH_MAX]; - char *cbuf; - size_t clen; - int retval; - DB *capdbp; - - (void)snprintf(pbuf, sizeof(pbuf), "%s.db", *db_p); - if ((capdbp = dbopen(pbuf, O_RDONLY, 0, DB_HASH, 0)) - != NULL) { - free(record); - retval = cdbget(capdbp, &record, name); - if (retval < 0) { - /* no record available */ - (void)capdbp->close(capdbp); - return (retval); - } - /* save the data; close frees it */ - clen = strlen(record); - cbuf = malloc(clen + 1); - if (cbuf == NULL) - return (-2); - memmove(cbuf, record, clen + 1); - if (capdbp->close(capdbp) < 0) { - free(cbuf); - return (-2); - } - *len = clen; - *cap = cbuf; - return (retval); - } else -#endif - { - fd = open(*db_p, O_RDONLY, 0); - if (fd < 0) { - /* No error on unfound file. */ - continue; - } - myfd = 1; - } - } - /* - * Find the requested capability record ... - */ - { - char buf[BUFSIZ]; - char *b_end, *bp, *cp; - int c, slash; - - /* - * Loop invariants: - * There is always room for one more character in record. - * R_end always points just past end of record. - * Rp always points just past last character in record. - * B_end always points just past last character in buf. - * Bp always points at next character in buf. - * Cp remembers where the last colon was. - */ - b_end = buf; - bp = buf; - cp = 0; - slash = 0; - for (;;) { - - /* - * Read in a line implementing (\, newline) - * line continuation. - */ - rp = record; - for (;;) { - if (bp >= b_end) { - int n; - - n = read(fd, buf, sizeof(buf)); - if (n <= 0) { - if (myfd) - (void)close(fd); - if (n < 0) { - free(record); - return (-2); - } else { - fd = -1; - eof = 1; - break; - } - } - b_end = buf+n; - bp = buf; - } - - c = *bp++; - if (c == '\n') { - if (slash) { - slash = 0; - rp--; - continue; - } else - break; - } - if (slash) { - slash = 0; - cp = 0; - } - if (c == ':') { - /* - * If the field was `empty' (i.e. - * contained only white space), back up - * to the colon (eliminating the - * field). - */ - if (cp) - rp = cp; - else - cp = rp; - } else if (c == '\\') { - slash = 1; - } else if (c != ' ' && c != '\t') { - /* - * Forget where the colon was, as this - * is not an empty field. - */ - cp = 0; - } - *rp++ = c; - - /* - * Enforce loop invariant: if no room - * left in record buffer, try to get - * some more. - */ - if (rp >= r_end) { - u_int pos; - size_t newsize; - - pos = rp - record; - newsize = r_end - record + BFRAG; - record = realloc(record, newsize); - if (record == NULL) { - errno = ENOMEM; - if (myfd) - (void)close(fd); - return (-2); - } - r_end = record + newsize; - rp = record + pos; - } - } - /* Eliminate any white space after the last colon. */ - if (cp) - rp = cp + 1; - /* Loop invariant lets us do this. */ - *rp++ = '\0'; - - /* - * If encountered eof check next file. - */ - if (eof) - break; - - /* - * Toss blank lines and comments. - */ - if (*record == '\0' || *record == '#') - continue; - - /* - * See if this is the record we want ... - */ - if (cgetmatch(record, name) == 0) { - if (nfield == NULL || !nfcmp(nfield, record)) { - foundit = 1; - break; /* found it! */ - } - } - } - } - if (foundit) - break; - } - - if (!foundit) - return (-1); - - /* - * Got the capability record, but now we have to expand all tc=name - * references in it ... - */ - tc_exp: { - char *newicap, *s; - size_t ilen, newilen; - int diff, iret, tclen; - char *icap, *scan, *tc, *tcstart, *tcend; - - /* - * Loop invariants: - * There is room for one more character in record. - * R_end points just past end of record. - * Rp points just past last character in record. - * Scan points at remainder of record that needs to be - * scanned for tc=name constructs. - */ - scan = record; - tc_not_resolved = 0; - for (;;) { - if ((tc = cgetcap(scan, "tc", '=')) == NULL) - break; - - /* - * Find end of tc=name and stomp on the trailing `:' - * (if present) so we can use it to call ourselves. - */ - s = tc; - for (;;) - if (*s == '\0') - break; - else - if (*s++ == ':') { - *(s - 1) = '\0'; - break; - } - tcstart = tc - 3; - tclen = s - tcstart; - tcend = s; - - iret = getent(&icap, &ilen, db_p, fd, tc, depth+1, - NULL); - newicap = icap; /* Put into a register. */ - newilen = ilen; - if (iret != 0) { - /* an error */ - if (iret < -1) { - if (myfd) - (void)close(fd); - free(record); - return (iret); - } - if (iret == 1) - tc_not_resolved = 1; - /* couldn't resolve tc */ - if (iret == -1) { - *(s - 1) = ':'; - scan = s - 1; - tc_not_resolved = 1; - continue; - - } - } - /* not interested in name field of tc'ed record */ - s = newicap; - for (;;) - if (*s == '\0') - break; - else - if (*s++ == ':') - break; - newilen -= s - newicap; - newicap = s; - - /* make sure interpolated record is `:'-terminated */ - s += newilen; - if (*(s-1) != ':') { - *s = ':'; /* overwrite NUL with : */ - newilen++; - } - - /* - * Make sure there's enough room to insert the - * new record. - */ - diff = newilen - tclen; - if (diff >= r_end - rp) { - u_int pos, tcpos, tcposend; - size_t newsize; - - pos = rp - record; - newsize = r_end - record + diff + BFRAG; - tcpos = tcstart - record; - tcposend = tcend - record; - record = realloc(record, newsize); - if (record == NULL) { - errno = ENOMEM; - if (myfd) - (void)close(fd); - free(icap); - return (-2); - } - r_end = record + newsize; - rp = record + pos; - tcstart = record + tcpos; - tcend = record + tcposend; - } - - /* - * Insert tc'ed record into our record. - */ - s = tcstart + newilen; - memmove(s, tcend, (size_t)(rp - tcend)); - memmove(tcstart, newicap, newilen); - rp += diff; - free(icap); - - /* - * Start scan on `:' so next cgetcap works properly - * (cgetcap always skips first field). - */ - scan = s-1; - } - - } - /* - * Close file (if we opened it), give back any extra memory, and - * return capability, length and success. - */ - if (myfd) - (void)close(fd); - *len = rp - record - 1; /* don't count NUL */ - if (r_end > rp) - if ((record = - realloc(record, (size_t)(rp - record))) == NULL) { - errno = ENOMEM; - return (-2); - } - - *cap = record; - if (tc_not_resolved) - return (1); - return (0); -} - -#ifdef USE_DB -static int -cdbget(DB *capdbp, char **bp, const char *name) -{ - DBT key; - DBT data; - - /* LINTED key is not modified */ - key.data = (char *)name; - key.size = strlen(name); - - for (;;) { - /* Get the reference. */ - switch(capdbp->get(capdbp, &key, &data, 0)) { - case -1: - return (-2); - case 1: - return (-1); - } - - /* If not an index to another record, leave. */ - if (((char *)data.data)[0] != SHADOW) - break; - - key.data = (char *)data.data + 1; - key.size = data.size - 1; - } - - *bp = (char *)data.data + 1; - return (((char *)(data.data))[0] == TCERR ? 1 : 0); -} -#endif /* USE_DB */ - -/* - * Cgetmatch will return 0 if name is one of the names of the capability - * record buf, -1 if not. - */ -int -cgetmatch(const char *buf, const char *name) -{ - const char *np, *bp; - - /* - * Start search at beginning of record. - */ - bp = buf; - for (;;) { - /* - * Try to match a record name. - */ - np = name; - for (;;) - if (*np == '\0') { - if (*bp == '|' || *bp == ':' || *bp == '\0') - return (0); - else - break; - } else - if (*bp++ != *np++) - break; - - /* - * Match failed, skip to next name in record. - */ - bp--; /* a '|' or ':' may have stopped the match */ - for (;;) - if (*bp == '\0' || *bp == ':') - return (-1); /* match failed totally */ - else - if (*bp++ == '|') - break; /* found next name */ - } -} - -#if 0 -int -cgetfirst(char **buf, char **db_array) -{ - (void)cgetclose(); - return (cgetnext(buf, db_array)); -} -#endif - -static FILE *pfp; -static int slash; -static char **dbp; - -int ROKEN_LIB_FUNCTION -cgetclose(void) -{ - if (pfp != NULL) { - (void)fclose(pfp); - pfp = NULL; - } - dbp = NULL; - gottoprec = 0; - slash = 0; - return(0); -} - -#if 0 -/* - * Cgetnext() gets either the first or next entry in the logical database - * specified by db_array. It returns 0 upon completion of the database, 1 - * upon returning an entry with more remaining, and -1 if an error occurs. - */ -int -cgetnext(char **bp, char **db_array) -{ - size_t len; - int status, done; - char *cp, *line, *rp, *np, buf[BSIZE], nbuf[BSIZE]; - size_t dummy; - - if (dbp == NULL) - dbp = db_array; - - if (pfp == NULL && (pfp = fopen(*dbp, "r")) == NULL) { - (void)cgetclose(); - return (-1); - } - for(;;) { - if (toprec && !gottoprec) { - gottoprec = 1; - line = toprec; - } else { - line = fgetln(pfp, &len); - if (line == NULL && pfp) { - if (ferror(pfp)) { - (void)cgetclose(); - return (-1); - } else { - (void)fclose(pfp); - pfp = NULL; - if (*++dbp == NULL) { - (void)cgetclose(); - return (0); - } else if ((pfp = - fopen(*dbp, "r")) == NULL) { - (void)cgetclose(); - return (-1); - } else - continue; - } - } else - line[len - 1] = '\0'; - if (len == 1) { - slash = 0; - continue; - } - if (isspace((unsigned char)*line) || - *line == ':' || *line == '#' || slash) { - if (line[len - 2] == '\\') - slash = 1; - else - slash = 0; - continue; - } - if (line[len - 2] == '\\') - slash = 1; - else - slash = 0; - } - - - /* - * Line points to a name line. - */ - done = 0; - np = nbuf; - for (;;) { - for (cp = line; *cp != '\0'; cp++) { - if (*cp == ':') { - *np++ = ':'; - done = 1; - break; - } - if (*cp == '\\') - break; - *np++ = *cp; - } - if (done) { - *np = '\0'; - break; - } else { /* name field extends beyond the line */ - line = fgetln(pfp, &len); - if (line == NULL && pfp) { - if (ferror(pfp)) { - (void)cgetclose(); - return (-1); - } - (void)fclose(pfp); - pfp = NULL; - *np = '\0'; - break; - } else - line[len - 1] = '\0'; - } - } - rp = buf; - for(cp = nbuf; *cp != '\0'; cp++) - if (*cp == '|' || *cp == ':') - break; - else - *rp++ = *cp; - - *rp = '\0'; - /* - * XXX - * Last argument of getent here should be nbuf if we want true - * sequential access in the case of duplicates. - * With NULL, getent will return the first entry found - * rather than the duplicate entry record. This is a - * matter of semantics that should be resolved. - */ - status = getent(bp, &dummy, db_array, -1, buf, 0, NULL); - if (status == -2 || status == -3) - (void)cgetclose(); - - return (status + 1); - } - /* NOTREACHED */ -} -#endif - -/* - * Cgetstr retrieves the value of the string capability cap from the - * capability record pointed to by buf. A pointer to a decoded, NUL - * terminated, malloc'd copy of the string is returned in the char * - * pointed to by str. The length of the string not including the trailing - * NUL is returned on success, -1 if the requested string capability - * couldn't be found, -2 if a system error was encountered (storage - * allocation failure). - */ -int ROKEN_LIB_FUNCTION -cgetstr(char *buf, const char *cap, char **str) -{ - u_int m_room; - const char *bp; - char *mp; - int len; - char *mem; - - /* - * Find string capability cap - */ - bp = cgetcap(buf, cap, '='); - if (bp == NULL) - return (-1); - - /* - * Conversion / storage allocation loop ... Allocate memory in - * chunks SFRAG in size. - */ - if ((mem = malloc(SFRAG)) == NULL) { - errno = ENOMEM; - return (-2); /* couldn't even allocate the first fragment */ - } - m_room = SFRAG; - mp = mem; - - while (*bp != ':' && *bp != '\0') { - /* - * Loop invariants: - * There is always room for one more character in mem. - * Mp always points just past last character in mem. - * Bp always points at next character in buf. - */ - if (*bp == '^') { - bp++; - if (*bp == ':' || *bp == '\0') - break; /* drop unfinished escape */ - *mp++ = *bp++ & 037; - } else if (*bp == '\\') { - bp++; - if (*bp == ':' || *bp == '\0') - break; /* drop unfinished escape */ - if ('0' <= *bp && *bp <= '7') { - int n, i; - - n = 0; - i = 3; /* maximum of three octal digits */ - do { - n = n * 8 + (*bp++ - '0'); - } while (--i && '0' <= *bp && *bp <= '7'); - *mp++ = n; - } - else switch (*bp++) { - case 'b': case 'B': - *mp++ = '\b'; - break; - case 't': case 'T': - *mp++ = '\t'; - break; - case 'n': case 'N': - *mp++ = '\n'; - break; - case 'f': case 'F': - *mp++ = '\f'; - break; - case 'r': case 'R': - *mp++ = '\r'; - break; - case 'e': case 'E': - *mp++ = ESC; - break; - case 'c': case 'C': - *mp++ = ':'; - break; - default: - /* - * Catches '\', '^', and - * everything else. - */ - *mp++ = *(bp-1); - break; - } - } else - *mp++ = *bp++; - m_room--; - - /* - * Enforce loop invariant: if no room left in current - * buffer, try to get some more. - */ - if (m_room == 0) { - size_t size = mp - mem; - - if ((mem = realloc(mem, size + SFRAG)) == NULL) - return (-2); - m_room = SFRAG; - mp = mem + size; - } - } - *mp++ = '\0'; /* loop invariant let's us do this */ - m_room--; - len = mp - mem - 1; - - /* - * Give back any extra memory and return value and success. - */ - if (m_room != 0) - if ((mem = realloc(mem, (size_t)(mp - mem))) == NULL) - return (-2); - *str = mem; - return (len); -} - -/* - * Cgetustr retrieves the value of the string capability cap from the - * capability record pointed to by buf. The difference between cgetustr() - * and cgetstr() is that cgetustr does not decode escapes but rather treats - * all characters literally. A pointer to a NUL terminated malloc'd - * copy of the string is returned in the char pointed to by str. The - * length of the string not including the trailing NUL is returned on success, - * -1 if the requested string capability couldn't be found, -2 if a system - * error was encountered (storage allocation failure). - */ -int ROKEN_LIB_FUNCTION -cgetustr(char *buf, const char *cap, char **str) -{ - u_int m_room; - const char *bp; - char *mp; - int len; - char *mem; - - /* - * Find string capability cap - */ - if ((bp = cgetcap(buf, cap, '=')) == NULL) - return (-1); - - /* - * Conversion / storage allocation loop ... Allocate memory in - * chunks SFRAG in size. - */ - if ((mem = malloc(SFRAG)) == NULL) { - errno = ENOMEM; - return (-2); /* couldn't even allocate the first fragment */ - } - m_room = SFRAG; - mp = mem; - - while (*bp != ':' && *bp != '\0') { - /* - * Loop invariants: - * There is always room for one more character in mem. - * Mp always points just past last character in mem. - * Bp always points at next character in buf. - */ - *mp++ = *bp++; - m_room--; - - /* - * Enforce loop invariant: if no room left in current - * buffer, try to get some more. - */ - if (m_room == 0) { - size_t size = mp - mem; - - if ((mem = realloc(mem, size + SFRAG)) == NULL) - return (-2); - m_room = SFRAG; - mp = mem + size; - } - } - *mp++ = '\0'; /* loop invariant let's us do this */ - m_room--; - len = mp - mem - 1; - - /* - * Give back any extra memory and return value and success. - */ - if (m_room != 0) - if ((mem = realloc(mem, (size_t)(mp - mem))) == NULL) - return (-2); - *str = mem; - return (len); -} - -/* - * Cgetnum retrieves the value of the numeric capability cap from the - * capability record pointed to by buf. The numeric value is returned in - * the long pointed to by num. 0 is returned on success, -1 if the requested - * numeric capability couldn't be found. - */ -int ROKEN_LIB_FUNCTION -cgetnum(char *buf, const char *cap, long *num) -{ - long n; - int base, digit; - const char *bp; - - /* - * Find numeric capability cap - */ - bp = cgetcap(buf, cap, '#'); - if (bp == NULL) - return (-1); - - /* - * Look at value and determine numeric base: - * 0x... or 0X... hexadecimal, - * else 0... octal, - * else decimal. - */ - if (*bp == '0') { - bp++; - if (*bp == 'x' || *bp == 'X') { - bp++; - base = 16; - } else - base = 8; - } else - base = 10; - - /* - * Conversion loop ... - */ - n = 0; - for (;;) { - if ('0' <= *bp && *bp <= '9') - digit = *bp - '0'; - else if ('a' <= *bp && *bp <= 'f') - digit = 10 + *bp - 'a'; - else if ('A' <= *bp && *bp <= 'F') - digit = 10 + *bp - 'A'; - else - break; - - if (digit >= base) - break; - - n = n * base + digit; - bp++; - } - - /* - * Return value and success. - */ - *num = n; - return (0); -} - - -/* - * Compare name field of record. - */ -static int -nfcmp(char *nf, char *rec) -{ - char *cp, tmp; - int ret; - - for (cp = rec; *cp != ':'; cp++) - ; - - tmp = *(cp + 1); - *(cp + 1) = '\0'; - ret = strcmp(nf, rec); - *(cp + 1) = tmp; - - return (ret); -} diff --git a/crypto/heimdal/lib/roken/getcwd.c b/crypto/heimdal/lib/roken/getcwd.c deleted file mode 100644 index a32149c21294..000000000000 --- a/crypto/heimdal/lib/roken/getcwd.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: getcwd.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif - -#include "roken.h" - -char* ROKEN_LIB_FUNCTION -getcwd(char *path, size_t size) -{ - char xxx[MaxPathLen]; - char *ret; - ret = getwd(xxx); - if(ret) - strlcpy(path, xxx, size); - return ret; -} diff --git a/crypto/heimdal/lib/roken/getdtablesize.c b/crypto/heimdal/lib/roken/getdtablesize.c deleted file mode 100644 index a6ef38b2957f..000000000000 --- a/crypto/heimdal/lib/roken/getdtablesize.c +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright (c) 1995-2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: getdtablesize.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif - -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif - -#ifdef HAVE_SYS_SYSCTL_H -#include -#endif - -int ROKEN_LIB_FUNCTION -getdtablesize(void) -{ - int files = -1; -#if defined(HAVE_SYSCONF) && defined(_SC_OPEN_MAX) - files = sysconf(_SC_OPEN_MAX); -#else /* !defined(HAVE_SYSCONF) */ -#if defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE) - struct rlimit res; - if (getrlimit(RLIMIT_NOFILE, &res) == 0) - files = res.rlim_cur; -#else /* !definded(HAVE_GETRLIMIT) */ -#if defined(HAVE_SYSCTL) && defined(CTL_KERN) && defined(KERN_MAXFILES) - int mib[2]; - size_t len; - - mib[0] = CTL_KERN; - mib[1] = KERN_MAXFILES; - len = sizeof(files); - sysctl(&mib, 2, &files, sizeof(files), NULL, 0); -#endif /* defined(HAVE_SYSCTL) */ -#endif /* !definded(HAVE_GETRLIMIT) */ -#endif /* !defined(HAVE_SYSCONF) */ - -#ifdef OPEN_MAX - if (files < 0) - files = OPEN_MAX; -#endif - -#ifdef NOFILE - if (files < 0) - files = NOFILE; -#endif - - return files; -} diff --git a/crypto/heimdal/lib/roken/getegid.c b/crypto/heimdal/lib/roken/getegid.c deleted file mode 100644 index 57ea19857388..000000000000 --- a/crypto/heimdal/lib/roken/getegid.c +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -#ifndef HAVE_GETEGID - -RCSID("$Id: getegid.c 14773 2005-04-12 11:29:18Z lha $"); - -int ROKEN_LIB_FUNCTION -getegid(void) -{ - return getgid(); -} - -#endif diff --git a/crypto/heimdal/lib/roken/geteuid.c b/crypto/heimdal/lib/roken/geteuid.c deleted file mode 100644 index f2f771ede073..000000000000 --- a/crypto/heimdal/lib/roken/geteuid.c +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -#ifndef HAVE_GETEUID - -RCSID("$Id: geteuid.c 14773 2005-04-12 11:29:18Z lha $"); - -int ROKEN_LIB_FUNCTION -geteuid(void) -{ - return getuid(); -} - -#endif diff --git a/crypto/heimdal/lib/roken/getgid.c b/crypto/heimdal/lib/roken/getgid.c deleted file mode 100644 index fbe4f6d1d272..000000000000 --- a/crypto/heimdal/lib/roken/getgid.c +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -#ifndef HAVE_GETGID - -RCSID("$Id: getgid.c 14773 2005-04-12 11:29:18Z lha $"); - -int ROKEN_LIB_FUNCTION -getgid(void) -{ - return 17; -} - -#endif diff --git a/crypto/heimdal/lib/roken/gethostname.c b/crypto/heimdal/lib/roken/gethostname.c deleted file mode 100644 index f291ce2cb77c..000000000000 --- a/crypto/heimdal/lib/roken/gethostname.c +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -#ifndef HAVE_GETHOSTNAME - -#ifdef HAVE_SYS_UTSNAME_H -#include -#endif - -/* - * Return the local host's name in "name", up to "namelen" characters. - * "name" will be null-terminated if "namelen" is big enough. - * The return code is 0 on success, -1 on failure. (The calling - * interface is identical to gethostname(2).) - */ - -int ROKEN_LIB_FUNCTION -gethostname(char *name, int namelen) -{ -#if defined(HAVE_UNAME) - { - struct utsname utsname; - int ret; - - ret = uname (&utsname); - if (ret < 0) - return ret; - strlcpy (name, utsname.nodename, namelen); - return 0; - } -#else - strlcpy (name, "some.random.host", namelen); - return 0; -#endif -} - -#endif /* GETHOSTNAME */ diff --git a/crypto/heimdal/lib/roken/getifaddrs.c b/crypto/heimdal/lib/roken/getifaddrs.c deleted file mode 100644 index 485c0d622215..000000000000 --- a/crypto/heimdal/lib/roken/getifaddrs.c +++ /dev/null @@ -1,1250 +0,0 @@ -/* - * Copyright (c) 2000 - 2002, 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: getifaddrs.c 21745 2007-07-31 16:11:25Z lha $"); -#endif -#include "roken.h" - -#ifdef __osf__ -/* hate */ -struct rtentry; -struct mbuf; -#endif -#ifdef HAVE_NET_IF_H -#include -#endif - -#ifdef HAVE_SYS_SOCKIO_H -#include -#endif /* HAVE_SYS_SOCKIO_H */ - -#ifdef HAVE_NETINET_IN6_VAR_H -#include -#endif /* HAVE_NETINET_IN6_VAR_H */ - -#include - -#ifdef __hpux -#define lifconf if_laddrconf -#define lifc_len iflc_len -#define lifc_buf iflc_buf -#define lifc_req iflc_req - -#define lifreq if_laddrreq -#define lifr_addr iflr_addr -#define lifr_name iflr_name -#define lifr_dstaddr iflr_dstaddr -#define lifr_broadaddr iflr_broadaddr -#define lifr_flags iflr_flags -#define lifr_index iflr_index -#endif - -#ifdef AF_NETLINK - -/* - * The linux - AF_NETLINK version of getifaddrs - from Usagi. - * Linux does not return v6 addresses from SIOCGIFCONF. - */ - -/* $USAGI: ifaddrs.c,v 1.18 2002/03/06 01:50:46 yoshfuji Exp $ */ - -/************************************************************************** - * ifaddrs.c - * Copyright (C)2000 Hideaki YOSHIFUJI, All Rights Reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the author nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "config.h" - -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include /* the L2 protocols */ -#include -#include -#include -#include -#include - -#define __set_errno(e) (errno = (e)) -#define __close(fd) (close(fd)) -#undef ifa_broadaddr -#define ifa_broadaddr ifa_dstaddr -#define IFA_NETMASK - -/* ====================================================================== */ -struct nlmsg_list{ - struct nlmsg_list *nlm_next; - struct nlmsghdr *nlh; - int size; - time_t seq; -}; - -struct rtmaddr_ifamap { - void *address; - void *local; -#ifdef IFA_NETMASK - void *netmask; -#endif - void *broadcast; -#ifdef HAVE_IFADDRS_IFA_ANYCAST - void *anycast; -#endif - int address_len; - int local_len; -#ifdef IFA_NETMASK - int netmask_len; -#endif - int broadcast_len; -#ifdef HAVE_IFADDRS_IFA_ANYCAST - int anycast_len; -#endif -}; - -/* ====================================================================== */ -static size_t -ifa_sa_len(sa_family_t family, int len) -{ - size_t size; - switch(family){ - case AF_INET: - size = sizeof(struct sockaddr_in); - break; - case AF_INET6: - size = sizeof(struct sockaddr_in6); - break; - case AF_PACKET: - size = (size_t)(((struct sockaddr_ll *)NULL)->sll_addr) + len; - if (size < sizeof(struct sockaddr_ll)) - size = sizeof(struct sockaddr_ll); - break; - default: - size = (size_t)(((struct sockaddr *)NULL)->sa_data) + len; - if (size < sizeof(struct sockaddr)) - size = sizeof(struct sockaddr); - break; - } - return size; -} - -static void -ifa_make_sockaddr(sa_family_t family, - struct sockaddr *sa, - void *p, size_t len, - uint32_t scope, uint32_t scopeid) -{ - if (sa == NULL) return; - switch(family){ - case AF_INET: - memcpy(&((struct sockaddr_in*)sa)->sin_addr, (char *)p, len); - break; - case AF_INET6: - memcpy(&((struct sockaddr_in6*)sa)->sin6_addr, (char *)p, len); - if (IN6_IS_ADDR_LINKLOCAL(p) || - IN6_IS_ADDR_MC_LINKLOCAL(p)){ - ((struct sockaddr_in6*)sa)->sin6_scope_id = scopeid; - } - break; - case AF_PACKET: - memcpy(((struct sockaddr_ll*)sa)->sll_addr, (char *)p, len); - ((struct sockaddr_ll*)sa)->sll_halen = len; - break; - default: - memcpy(sa->sa_data, p, len); /*XXX*/ - break; - } - sa->sa_family = family; -#ifdef HAVE_SOCKADDR_SA_LEN - sa->sa_len = ifa_sa_len(family, len); -#endif -} - -#ifndef IFA_NETMASK -static struct sockaddr * -ifa_make_sockaddr_mask(sa_family_t family, - struct sockaddr *sa, - uint32_t prefixlen) -{ - int i; - char *p = NULL, c; - uint32_t max_prefixlen = 0; - - if (sa == NULL) return NULL; - switch(family){ - case AF_INET: - memset(&((struct sockaddr_in*)sa)->sin_addr, 0, sizeof(((struct sockaddr_in*)sa)->sin_addr)); - p = (char *)&((struct sockaddr_in*)sa)->sin_addr; - max_prefixlen = 32; - break; - case AF_INET6: - memset(&((struct sockaddr_in6*)sa)->sin6_addr, 0, sizeof(((struct sockaddr_in6*)sa)->sin6_addr)); - p = (char *)&((struct sockaddr_in6*)sa)->sin6_addr; -#if 0 /* XXX: fill scope-id? */ - if (IN6_IS_ADDR_LINKLOCAL(p) || - IN6_IS_ADDR_MC_LINKLOCAL(p)){ - ((struct sockaddr_in6*)sa)->sin6_scope_id = scopeid; - } -#endif - max_prefixlen = 128; - break; - default: - return NULL; - } - sa->sa_family = family; -#ifdef HAVE_SOCKADDR_SA_LEN - sa->sa_len = ifa_sa_len(family, len); -#endif - if (p){ - if (prefixlen > max_prefixlen) - prefixlen = max_prefixlen; - for (i=0; i<(prefixlen / 8); i++) - *p++ = 0xff; - c = 0xff; - c <<= (8 - (prefixlen % 8)); - *p = c; - } - return sa; -} -#endif - -/* ====================================================================== */ -static int -nl_sendreq(int sd, int request, int flags, int *seq) -{ - char reqbuf[NLMSG_ALIGN(sizeof(struct nlmsghdr)) + - NLMSG_ALIGN(sizeof(struct rtgenmsg))]; - struct sockaddr_nl nladdr; - struct nlmsghdr *req_hdr; - struct rtgenmsg *req_msg; - time_t t = time(NULL); - - if (seq) *seq = t; - memset(&reqbuf, 0, sizeof(reqbuf)); - req_hdr = (struct nlmsghdr *)reqbuf; - req_msg = (struct rtgenmsg *)NLMSG_DATA(req_hdr); - req_hdr->nlmsg_len = NLMSG_LENGTH(sizeof(*req_msg)); - req_hdr->nlmsg_type = request; - req_hdr->nlmsg_flags = flags | NLM_F_REQUEST; - req_hdr->nlmsg_pid = 0; - req_hdr->nlmsg_seq = t; - req_msg->rtgen_family = AF_UNSPEC; - memset(&nladdr, 0, sizeof(nladdr)); - nladdr.nl_family = AF_NETLINK; - return (sendto(sd, (void *)req_hdr, req_hdr->nlmsg_len, 0, - (struct sockaddr *)&nladdr, sizeof(nladdr))); -} - -static int -nl_recvmsg(int sd, int request, int seq, - void *buf, size_t buflen, - int *flags) -{ - struct msghdr msg; - struct iovec iov = { buf, buflen }; - struct sockaddr_nl nladdr; - int read_len; - - for (;;){ - msg.msg_name = (void *)&nladdr; - msg.msg_namelen = sizeof(nladdr); - msg.msg_iov = &iov; - msg.msg_iovlen = 1; - msg.msg_control = NULL; - msg.msg_controllen = 0; - msg.msg_flags = 0; - read_len = recvmsg(sd, &msg, 0); - if ((read_len < 0 && errno == EINTR) || (msg.msg_flags & MSG_TRUNC)) - continue; - if (flags) *flags = msg.msg_flags; - break; - } - return read_len; -} - -static int -nl_getmsg(int sd, int request, int seq, - struct nlmsghdr **nlhp, - int *done) -{ - struct nlmsghdr *nh; - size_t bufsize = 65536, lastbufsize = 0; - void *buff = NULL; - int result = 0, read_size; - int msg_flags; - pid_t pid = getpid(); - for (;;){ - void *newbuff = realloc(buff, bufsize); - if (newbuff == NULL || bufsize < lastbufsize) { - result = -1; - break; - } - buff = newbuff; - result = read_size = nl_recvmsg(sd, request, seq, buff, bufsize, &msg_flags); - if (read_size < 0 || (msg_flags & MSG_TRUNC)){ - lastbufsize = bufsize; - bufsize *= 2; - continue; - } - if (read_size == 0) break; - nh = (struct nlmsghdr *)buff; - for (nh = (struct nlmsghdr *)buff; - NLMSG_OK(nh, read_size); - nh = (struct nlmsghdr *)NLMSG_NEXT(nh, read_size)){ - if (nh->nlmsg_pid != pid || - nh->nlmsg_seq != seq) - continue; - if (nh->nlmsg_type == NLMSG_DONE){ - (*done)++; - break; /* ok */ - } - if (nh->nlmsg_type == NLMSG_ERROR){ - struct nlmsgerr *nlerr = (struct nlmsgerr *)NLMSG_DATA(nh); - result = -1; - if (nh->nlmsg_len < NLMSG_LENGTH(sizeof(struct nlmsgerr))) - __set_errno(EIO); - else - __set_errno(-nlerr->error); - break; - } - } - break; - } - if (result < 0) - if (buff){ - int saved_errno = errno; - free(buff); - __set_errno(saved_errno); - } - *nlhp = (struct nlmsghdr *)buff; - return result; -} - -static int -nl_getlist(int sd, int seq, - int request, - struct nlmsg_list **nlm_list, - struct nlmsg_list **nlm_end) -{ - struct nlmsghdr *nlh = NULL; - int status; - int done = 0; - int tries = 3; - - try_again: - status = nl_sendreq(sd, request, NLM_F_ROOT|NLM_F_MATCH, &seq); - if (status < 0) - return status; - if (seq == 0) - seq = (int)time(NULL); - while(!done){ - struct pollfd pfd; - - pfd.fd = sd; - pfd.events = POLLIN | POLLPRI; - pfd.revents = 0; - status = poll(&pfd, 1, 1000); - if (status < 0) - return status; - else if (status == 0) { - seq++; - if (tries-- > 0) - goto try_again; - return -1; - } - - status = nl_getmsg(sd, request, seq, &nlh, &done); - if (status < 0) - return status; - if (nlh){ - struct nlmsg_list *nlm_next = (struct nlmsg_list *)malloc(sizeof(struct nlmsg_list)); - if (nlm_next == NULL){ - int saved_errno = errno; - free(nlh); - __set_errno(saved_errno); - status = -1; - } else { - nlm_next->nlm_next = NULL; - nlm_next->nlh = (struct nlmsghdr *)nlh; - nlm_next->size = status; - nlm_next->seq = seq; - if (*nlm_list == NULL){ - *nlm_list = nlm_next; - *nlm_end = nlm_next; - } else { - (*nlm_end)->nlm_next = nlm_next; - *nlm_end = nlm_next; - } - } - } - } - return status >= 0 ? seq : status; -} - -/* ---------------------------------------------------------------------- */ -static void -free_nlmsglist(struct nlmsg_list *nlm0) -{ - struct nlmsg_list *nlm, *nlm_next; - int saved_errno; - if (!nlm0) - return; - saved_errno = errno; - for (nlm=nlm0; nlm; nlm=nlm_next){ - if (nlm->nlh) - free(nlm->nlh); - nlm_next=nlm->nlm_next; - free(nlm); - } - __set_errno(saved_errno); -} - -static void -free_data(void *data, void *ifdata) -{ - int saved_errno = errno; - if (data != NULL) free(data); - if (ifdata != NULL) free(ifdata); - __set_errno(saved_errno); -} - -/* ---------------------------------------------------------------------- */ -static void -nl_close(int sd) -{ - int saved_errno = errno; - if (sd >= 0) __close(sd); - __set_errno(saved_errno); -} - -/* ---------------------------------------------------------------------- */ -static int -nl_open(void) -{ - struct sockaddr_nl nladdr; - int sd; - - sd = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE); - if (sd < 0) return -1; - memset(&nladdr, 0, sizeof(nladdr)); - nladdr.nl_family = AF_NETLINK; - if (bind(sd, (struct sockaddr*)&nladdr, sizeof(nladdr)) < 0){ - nl_close(sd); - return -1; - } - return sd; -} - -/* ====================================================================== */ -int ROKEN_LIB_FUNCTION -rk_getifaddrs(struct ifaddrs **ifap) -{ - int sd; - struct nlmsg_list *nlmsg_list, *nlmsg_end, *nlm; - /* - - - - - - - - - - - - - - - */ - int icnt; - size_t dlen, xlen, nlen; - uint32_t max_ifindex = 0; - - pid_t pid = getpid(); - int seq; - int result; - int build ; /* 0 or 1 */ - -/* ---------------------------------- */ - /* initialize */ - icnt = dlen = xlen = nlen = 0; - nlmsg_list = nlmsg_end = NULL; - - if (ifap) - *ifap = NULL; - -/* ---------------------------------- */ - /* open socket and bind */ - sd = nl_open(); - if (sd < 0) - return -1; - -/* ---------------------------------- */ - /* gather info */ - if ((seq = nl_getlist(sd, 0, RTM_GETLINK, - &nlmsg_list, &nlmsg_end)) < 0){ - free_nlmsglist(nlmsg_list); - nl_close(sd); - return -1; - } - if ((seq = nl_getlist(sd, seq+1, RTM_GETADDR, - &nlmsg_list, &nlmsg_end)) < 0){ - free_nlmsglist(nlmsg_list); - nl_close(sd); - return -1; - } - -/* ---------------------------------- */ - /* Estimate size of result buffer and fill it */ - for (build=0; build<=1; build++){ - struct ifaddrs *ifl = NULL, *ifa = NULL; - struct nlmsghdr *nlh, *nlh0; - char *data = NULL, *xdata = NULL; - void *ifdata = NULL; - char *ifname = NULL, **iflist = NULL; - uint16_t *ifflist = NULL; - struct rtmaddr_ifamap ifamap; - - if (build){ - data = calloc(1, - NLMSG_ALIGN(sizeof(struct ifaddrs[icnt])) - + dlen + xlen + nlen); - ifa = (struct ifaddrs *)data; - ifdata = calloc(1, - NLMSG_ALIGN(sizeof(char *[max_ifindex+1])) - + NLMSG_ALIGN(sizeof(uint16_t [max_ifindex+1]))); - if (ifap != NULL) - *ifap = (ifdata != NULL) ? ifa : NULL; - else{ - free_data(data, ifdata); - result = 0; - break; - } - if (data == NULL || ifdata == NULL){ - free_data(data, ifdata); - result = -1; - break; - } - ifl = NULL; - data += NLMSG_ALIGN(sizeof(struct ifaddrs)) * icnt; - xdata = data + dlen; - ifname = xdata + xlen; - iflist = ifdata; - ifflist = (uint16_t *)(((char *)iflist) + NLMSG_ALIGN(sizeof(char *[max_ifindex+1]))); - } - - for (nlm=nlmsg_list; nlm; nlm=nlm->nlm_next){ - int nlmlen = nlm->size; - if (!(nlh0 = nlm->nlh)) - continue; - for (nlh = nlh0; - NLMSG_OK(nlh, nlmlen); - nlh=NLMSG_NEXT(nlh,nlmlen)){ - struct ifinfomsg *ifim = NULL; - struct ifaddrmsg *ifam = NULL; - struct rtattr *rta; - - size_t nlm_struct_size = 0; - sa_family_t nlm_family = 0; - uint32_t nlm_scope = 0, nlm_index = 0; - size_t sockaddr_size = 0; - uint32_t nlm_prefixlen = 0; - size_t rtasize; - - memset(&ifamap, 0, sizeof(ifamap)); - - /* check if the message is what we want */ - if (nlh->nlmsg_pid != pid || - nlh->nlmsg_seq != nlm->seq) - continue; - if (nlh->nlmsg_type == NLMSG_DONE){ - break; /* ok */ - } - switch (nlh->nlmsg_type){ - case RTM_NEWLINK: - ifim = (struct ifinfomsg *)NLMSG_DATA(nlh); - nlm_struct_size = sizeof(*ifim); - nlm_family = ifim->ifi_family; - nlm_scope = 0; - nlm_index = ifim->ifi_index; - nlm_prefixlen = 0; - if (build) - ifflist[nlm_index] = ifa->ifa_flags = ifim->ifi_flags; - break; - case RTM_NEWADDR: - ifam = (struct ifaddrmsg *)NLMSG_DATA(nlh); - nlm_struct_size = sizeof(*ifam); - nlm_family = ifam->ifa_family; - nlm_scope = ifam->ifa_scope; - nlm_index = ifam->ifa_index; - nlm_prefixlen = ifam->ifa_prefixlen; - if (build) - ifa->ifa_flags = ifflist[nlm_index]; - break; - default: - continue; - } - - if (!build){ - if (max_ifindex < nlm_index) - max_ifindex = nlm_index; - } else { - if (ifl != NULL) - ifl->ifa_next = ifa; - } - - rtasize = NLMSG_PAYLOAD(nlh, nlmlen) - NLMSG_ALIGN(nlm_struct_size); - for (rta = (struct rtattr *)(((char *)NLMSG_DATA(nlh)) + NLMSG_ALIGN(nlm_struct_size)); - RTA_OK(rta, rtasize); - rta = RTA_NEXT(rta, rtasize)){ - struct sockaddr **sap = NULL; - void *rtadata = RTA_DATA(rta); - size_t rtapayload = RTA_PAYLOAD(rta); - socklen_t sa_len; - - switch(nlh->nlmsg_type){ - case RTM_NEWLINK: - switch(rta->rta_type){ - case IFLA_ADDRESS: - case IFLA_BROADCAST: - if (build){ - sap = (rta->rta_type == IFLA_ADDRESS) ? &ifa->ifa_addr : &ifa->ifa_broadaddr; - *sap = (struct sockaddr *)data; - } - sa_len = ifa_sa_len(AF_PACKET, rtapayload); - if (rta->rta_type == IFLA_ADDRESS) - sockaddr_size = NLMSG_ALIGN(sa_len); - if (!build){ - dlen += NLMSG_ALIGN(sa_len); - } else { - memset(*sap, 0, sa_len); - ifa_make_sockaddr(AF_PACKET, *sap, rtadata,rtapayload, 0,0); - ((struct sockaddr_ll *)*sap)->sll_ifindex = nlm_index; - ((struct sockaddr_ll *)*sap)->sll_hatype = ifim->ifi_type; - data += NLMSG_ALIGN(sa_len); - } - break; - case IFLA_IFNAME:/* Name of Interface */ - if (!build) - nlen += NLMSG_ALIGN(rtapayload + 1); - else{ - ifa->ifa_name = ifname; - if (iflist[nlm_index] == NULL) - iflist[nlm_index] = ifa->ifa_name; - strncpy(ifa->ifa_name, rtadata, rtapayload); - ifa->ifa_name[rtapayload] = '\0'; - ifname += NLMSG_ALIGN(rtapayload + 1); - } - break; - case IFLA_STATS:/* Statistics of Interface */ - if (!build) - xlen += NLMSG_ALIGN(rtapayload); - else{ - ifa->ifa_data = xdata; - memcpy(ifa->ifa_data, rtadata, rtapayload); - xdata += NLMSG_ALIGN(rtapayload); - } - break; - case IFLA_UNSPEC: - break; - case IFLA_MTU: - break; - case IFLA_LINK: - break; - case IFLA_QDISC: - break; - default: - break; - } - break; - case RTM_NEWADDR: - if (nlm_family == AF_PACKET) break; - switch(rta->rta_type){ - case IFA_ADDRESS: - ifamap.address = rtadata; - ifamap.address_len = rtapayload; - break; - case IFA_LOCAL: - ifamap.local = rtadata; - ifamap.local_len = rtapayload; - break; - case IFA_BROADCAST: - ifamap.broadcast = rtadata; - ifamap.broadcast_len = rtapayload; - break; -#ifdef HAVE_IFADDRS_IFA_ANYCAST - case IFA_ANYCAST: - ifamap.anycast = rtadata; - ifamap.anycast_len = rtapayload; - break; -#endif - case IFA_LABEL: - if (!build) - nlen += NLMSG_ALIGN(rtapayload + 1); - else{ - ifa->ifa_name = ifname; - if (iflist[nlm_index] == NULL) - iflist[nlm_index] = ifname; - strncpy(ifa->ifa_name, rtadata, rtapayload); - ifa->ifa_name[rtapayload] = '\0'; - ifname += NLMSG_ALIGN(rtapayload + 1); - } - break; - case IFA_UNSPEC: - break; - case IFA_CACHEINFO: - break; - default: - break; - } - } - } - if (nlh->nlmsg_type == RTM_NEWADDR && - nlm_family != AF_PACKET) { - if (!ifamap.local) { - ifamap.local = ifamap.address; - ifamap.local_len = ifamap.address_len; - } - if (!ifamap.address) { - ifamap.address = ifamap.local; - ifamap.address_len = ifamap.local_len; - } - if (ifamap.address_len != ifamap.local_len || - (ifamap.address != NULL && - memcmp(ifamap.address, ifamap.local, ifamap.address_len))) { - /* p2p; address is peer and local is ours */ - ifamap.broadcast = ifamap.address; - ifamap.broadcast_len = ifamap.address_len; - ifamap.address = ifamap.local; - ifamap.address_len = ifamap.local_len; - } - if (ifamap.address) { -#ifndef IFA_NETMASK - sockaddr_size = NLMSG_ALIGN(ifa_sa_len(nlm_family,ifamap.address_len)); -#endif - if (!build) - dlen += NLMSG_ALIGN(ifa_sa_len(nlm_family,ifamap.address_len)); - else { - ifa->ifa_addr = (struct sockaddr *)data; - ifa_make_sockaddr(nlm_family, ifa->ifa_addr, ifamap.address, ifamap.address_len, - nlm_scope, nlm_index); - data += NLMSG_ALIGN(ifa_sa_len(nlm_family, ifamap.address_len)); - } - } -#ifdef IFA_NETMASK - if (ifamap.netmask) { - if (!build) - dlen += NLMSG_ALIGN(ifa_sa_len(nlm_family,ifamap.netmask_len)); - else { - ifa->ifa_netmask = (struct sockaddr *)data; - ifa_make_sockaddr(nlm_family, ifa->ifa_netmask, ifamap.netmask, ifamap.netmask_len, - nlm_scope, nlm_index); - data += NLMSG_ALIGN(ifa_sa_len(nlm_family, ifamap.netmask_len)); - } - } -#endif - if (ifamap.broadcast) { - if (!build) - dlen += NLMSG_ALIGN(ifa_sa_len(nlm_family,ifamap.broadcast_len)); - else { - ifa->ifa_broadaddr = (struct sockaddr *)data; - ifa_make_sockaddr(nlm_family, ifa->ifa_broadaddr, ifamap.broadcast, ifamap.broadcast_len, - nlm_scope, nlm_index); - data += NLMSG_ALIGN(ifa_sa_len(nlm_family, ifamap.broadcast_len)); - } - } -#ifdef HAVE_IFADDRS_IFA_ANYCAST - if (ifamap.anycast) { - if (!build) - dlen += NLMSG_ALIGN(ifa_sa_len(nlm_family,ifamap.anycast_len)); - else { - ifa->ifa_anycast = (struct sockaddr *)data; - ifa_make_sockaddr(nlm_family, ifa->ifa_anyaddr, ifamap.anycast, ifamap.anycast_len, - nlm_scope, nlm_index); - data += NLMSG_ALIGN(ifa_sa_len(nlm_family, ifamap.anycast_len)); - } - } -#endif - } - if (!build){ -#ifndef IFA_NETMASK - dlen += sockaddr_size; -#endif - icnt++; - } else { - if (ifa->ifa_name == NULL) - ifa->ifa_name = iflist[nlm_index]; -#ifndef IFA_NETMASK - if (ifa->ifa_addr && - ifa->ifa_addr->sa_family != AF_UNSPEC && - ifa->ifa_addr->sa_family != AF_PACKET){ - ifa->ifa_netmask = (struct sockaddr *)data; - ifa_make_sockaddr_mask(ifa->ifa_addr->sa_family, ifa->ifa_netmask, nlm_prefixlen); - } - data += sockaddr_size; -#endif - ifl = ifa++; - } - } - } - if (!build){ - if (icnt == 0 && (dlen + nlen + xlen == 0)){ - if (ifap != NULL) - *ifap = NULL; - break; /* cannot found any addresses */ - } - } - else - free_data(NULL, ifdata); - } - -/* ---------------------------------- */ - /* Finalize */ - free_nlmsglist(nlmsg_list); - nl_close(sd); - return 0; -} - -#else /* !AF_NETLINK */ - -/* - * The generic SIOCGIFCONF version. - */ - -static int -getifaddrs2(struct ifaddrs **ifap, - int af, int siocgifconf, int siocgifflags, - size_t ifreq_sz) -{ - int ret; - int fd; - size_t buf_size; - char *buf; - struct ifconf ifconf; - char *p; - size_t sz; - struct sockaddr sa_zero; - struct ifreq *ifr; - struct ifaddrs *start = NULL, **end = &start; - - buf = NULL; - - memset (&sa_zero, 0, sizeof(sa_zero)); - fd = socket(af, SOCK_DGRAM, 0); - if (fd < 0) - return -1; - - buf_size = 8192; - for (;;) { - buf = calloc(1, buf_size); - if (buf == NULL) { - ret = ENOMEM; - goto error_out; - } - ifconf.ifc_len = buf_size; - ifconf.ifc_buf = buf; - - /* - * Solaris returns EINVAL when the buffer is too small. - */ - if (ioctl (fd, siocgifconf, &ifconf) < 0 && errno != EINVAL) { - ret = errno; - goto error_out; - } - /* - * Can the difference between a full and a overfull buf - * be determined? - */ - - if (ifconf.ifc_len < buf_size) - break; - free (buf); - buf_size *= 2; - } - - for (p = ifconf.ifc_buf; - p < ifconf.ifc_buf + ifconf.ifc_len; - p += sz) { - struct ifreq ifreq; - struct sockaddr *sa; - size_t salen; - - ifr = (struct ifreq *)p; - sa = &ifr->ifr_addr; - - sz = ifreq_sz; - salen = sizeof(struct sockaddr); -#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN - salen = sa->sa_len; - sz = max(sz, sizeof(ifr->ifr_name) + sa->sa_len); -#endif -#ifdef SA_LEN - salen = SA_LEN(sa); - sz = max(sz, sizeof(ifr->ifr_name) + SA_LEN(sa)); -#endif - memset (&ifreq, 0, sizeof(ifreq)); - memcpy (ifreq.ifr_name, ifr->ifr_name, sizeof(ifr->ifr_name)); - - if (ioctl(fd, siocgifflags, &ifreq) < 0) { - ret = errno; - goto error_out; - } - - *end = malloc(sizeof(**end)); - if (*end == NULL) { - ret = ENOMEM; - goto error_out; - } - - (*end)->ifa_next = NULL; - (*end)->ifa_name = strdup(ifr->ifr_name); - if ((*end)->ifa_name == NULL) { - ret = ENOMEM; - goto error_out; - } - (*end)->ifa_flags = ifreq.ifr_flags; - (*end)->ifa_addr = malloc(salen); - if ((*end)->ifa_addr == NULL) { - ret = ENOMEM; - goto error_out; - } - memcpy((*end)->ifa_addr, sa, salen); - (*end)->ifa_netmask = NULL; - -#if 0 - /* fix these when we actually need them */ - if(ifreq.ifr_flags & IFF_BROADCAST) { - (*end)->ifa_broadaddr = malloc(sizeof(ifr->ifr_broadaddr)); - if ((*end)->ifa_broadaddr == NULL) { - ret = ENOMEM; - goto error_out; - } - memcpy((*end)->ifa_broadaddr, &ifr->ifr_broadaddr, - sizeof(ifr->ifr_broadaddr)); - } else if(ifreq.ifr_flags & IFF_POINTOPOINT) { - (*end)->ifa_dstaddr = malloc(sizeof(ifr->ifr_dstaddr)); - if ((*end)->ifa_dstaddr == NULL) { - ret = ENOMEM; - goto error_out; - } - memcpy((*end)->ifa_dstaddr, &ifr->ifr_dstaddr, - sizeof(ifr->ifr_dstaddr)); - } else - (*end)->ifa_dstaddr = NULL; -#else - (*end)->ifa_dstaddr = NULL; -#endif - - (*end)->ifa_data = NULL; - - end = &(*end)->ifa_next; - - } - *ifap = start; - close(fd); - free(buf); - return 0; - error_out: - rk_freeifaddrs(start); - close(fd); - free(buf); - errno = ret; - return -1; -} - -#if defined(HAVE_IPV6) && defined(SIOCGLIFCONF) && defined(SIOCGLIFFLAGS) -static int -getlifaddrs2(struct ifaddrs **ifap, - int af, int siocgifconf, int siocgifflags, - size_t ifreq_sz) -{ - int ret; - int fd; - size_t buf_size; - char *buf; - struct lifconf ifconf; - char *p; - size_t sz; - struct sockaddr sa_zero; - struct lifreq *ifr; - struct ifaddrs *start = NULL, **end = &start; - - buf = NULL; - - memset (&sa_zero, 0, sizeof(sa_zero)); - fd = socket(af, SOCK_DGRAM, 0); - if (fd < 0) - return -1; - - buf_size = 8192; - for (;;) { - buf = calloc(1, buf_size); - if (buf == NULL) { - ret = ENOMEM; - goto error_out; - } -#ifndef __hpux - ifconf.lifc_family = AF_UNSPEC; - ifconf.lifc_flags = 0; -#endif - ifconf.lifc_len = buf_size; - ifconf.lifc_buf = buf; - - /* - * Solaris returns EINVAL when the buffer is too small. - */ - if (ioctl (fd, siocgifconf, &ifconf) < 0 && errno != EINVAL) { - ret = errno; - goto error_out; - } - /* - * Can the difference between a full and a overfull buf - * be determined? - */ - - if (ifconf.lifc_len < buf_size) - break; - free (buf); - buf_size *= 2; - } - - for (p = ifconf.lifc_buf; - p < ifconf.lifc_buf + ifconf.lifc_len; - p += sz) { - struct lifreq ifreq; - struct sockaddr_storage *sa; - size_t salen; - - ifr = (struct lifreq *)p; - sa = &ifr->lifr_addr; - - sz = ifreq_sz; - salen = sizeof(struct sockaddr_storage); -#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN - salen = sa->sa_len; - sz = max(sz, sizeof(ifr->ifr_name) + sa->sa_len); -#endif -#ifdef SA_LEN - salen = SA_LEN(sa); - sz = max(sz, sizeof(ifr->ifr_name) + SA_LEN(sa)); -#endif - memset (&ifreq, 0, sizeof(ifreq)); - memcpy (ifreq.lifr_name, ifr->lifr_name, sizeof(ifr->lifr_name)); - - if (ioctl(fd, siocgifflags, &ifreq) < 0) { - ret = errno; - goto error_out; - } - - *end = malloc(sizeof(**end)); - if (*end == NULL) { - ret = ENOMEM; - goto error_out; - } - - (*end)->ifa_next = NULL; - (*end)->ifa_name = strdup(ifr->lifr_name); - if ((*end)->ifa_name == NULL) { - ret = ENOMEM; - goto error_out; - } - (*end)->ifa_flags = ifreq.lifr_flags; - (*end)->ifa_addr = malloc(salen); - if ((*end)->ifa_addr == NULL) { - ret = ENOMEM; - goto error_out; - } - memcpy((*end)->ifa_addr, sa, salen); - (*end)->ifa_netmask = NULL; - -#if 0 - /* fix these when we actually need them */ - if(ifreq.ifr_flags & IFF_BROADCAST) { - (*end)->ifa_broadaddr = malloc(sizeof(ifr->ifr_broadaddr)); - if ((*end)->ifa_broadaddr == NULL) { - ret = ENOMEM; - goto error_out; - } - memcpy((*end)->ifa_broadaddr, &ifr->ifr_broadaddr, - sizeof(ifr->ifr_broadaddr)); - } else if(ifreq.ifr_flags & IFF_POINTOPOINT) { - (*end)->ifa_dstaddr = malloc(sizeof(ifr->ifr_dstaddr)); - if ((*end)->ifa_dstaddr == NULL) { - ret = ENOMEM; - goto error_out; - } - memcpy((*end)->ifa_dstaddr, &ifr->ifr_dstaddr, - sizeof(ifr->ifr_dstaddr)); - } else - (*end)->ifa_dstaddr = NULL; -#else - (*end)->ifa_dstaddr = NULL; -#endif - - (*end)->ifa_data = NULL; - - end = &(*end)->ifa_next; - - } - *ifap = start; - close(fd); - free(buf); - return 0; - error_out: - rk_freeifaddrs(start); - close(fd); - free(buf); - errno = ret; - return -1; -} -#endif /* defined(HAVE_IPV6) && defined(SIOCGLIFCONF) && defined(SIOCGLIFFLAGS) */ - -int ROKEN_LIB_FUNCTION -rk_getifaddrs(struct ifaddrs **ifap) -{ - int ret = -1; - errno = ENXIO; -#if defined(AF_INET6) && defined(SIOCGIF6CONF) && defined(SIOCGIF6FLAGS) - if (ret) - ret = getifaddrs2 (ifap, AF_INET6, SIOCGIF6CONF, SIOCGIF6FLAGS, - sizeof(struct in6_ifreq)); -#endif -#if defined(HAVE_IPV6) && defined(SIOCGLIFCONF) && defined(SIOCGLIFFLAGS) - if (ret) - ret = getlifaddrs2 (ifap, AF_INET6, SIOCGLIFCONF, SIOCGLIFFLAGS, - sizeof(struct lifreq)); -#endif -#if defined(HAVE_IPV6) && defined(SIOCGIFCONF) - if (ret) - ret = getifaddrs2 (ifap, AF_INET6, SIOCGIFCONF, SIOCGIFFLAGS, - sizeof(struct ifreq)); -#endif -#if defined(AF_INET) && defined(SIOCGIFCONF) && defined(SIOCGIFFLAGS) - if (ret) - ret = getifaddrs2 (ifap, AF_INET, SIOCGIFCONF, SIOCGIFFLAGS, - sizeof(struct ifreq)); -#endif - return ret; -} - -#endif /* !AF_NETLINK */ - -void ROKEN_LIB_FUNCTION -rk_freeifaddrs(struct ifaddrs *ifp) -{ - struct ifaddrs *p, *q; - - for(p = ifp; p; ) { - free(p->ifa_name); - if(p->ifa_addr) - free(p->ifa_addr); - if(p->ifa_dstaddr) - free(p->ifa_dstaddr); - if(p->ifa_netmask) - free(p->ifa_netmask); - if(p->ifa_data) - free(p->ifa_data); - q = p; - p = p->ifa_next; - free(q); - } -} - -#ifdef TEST - -void -print_addr(const char *s, struct sockaddr *sa) -{ - int i; - printf(" %s=%d/", s, sa->sa_family); -#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN - for(i = 0; i < sa->sa_len - ((long)sa->sa_data - (long)&sa->sa_family); i++) - printf("%02x", ((unsigned char*)sa->sa_data)[i]); -#else - for(i = 0; i < sizeof(sa->sa_data); i++) - printf("%02x", ((unsigned char*)sa->sa_data)[i]); -#endif - printf("\n"); -} - -void -print_ifaddrs(struct ifaddrs *x) -{ - struct ifaddrs *p; - - for(p = x; p; p = p->ifa_next) { - printf("%s\n", p->ifa_name); - printf(" flags=%x\n", p->ifa_flags); - if(p->ifa_addr) - print_addr("addr", p->ifa_addr); - if(p->ifa_dstaddr) - print_addr("dstaddr", p->ifa_dstaddr); - if(p->ifa_netmask) - print_addr("netmask", p->ifa_netmask); - printf(" %p\n", p->ifa_data); - } -} - -int -main() -{ - struct ifaddrs *a = NULL, *b; - getifaddrs2(&a, AF_INET, SIOCGIFCONF, SIOCGIFFLAGS, sizeof(struct ifreq)); - print_ifaddrs(a); - printf("---\n"); - getifaddrs(&b); - print_ifaddrs(b); - return 0; -} -#endif diff --git a/crypto/heimdal/lib/roken/getipnodebyaddr.c b/crypto/heimdal/lib/roken/getipnodebyaddr.c deleted file mode 100644 index 56ae860aff15..000000000000 --- a/crypto/heimdal/lib/roken/getipnodebyaddr.c +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: getipnodebyaddr.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -/* - * lookup `src, len' (address family `af') in DNS and return a pointer - * to a malloced struct hostent or NULL. - */ - -struct hostent * ROKEN_LIB_FUNCTION -getipnodebyaddr (const void *src, size_t len, int af, int *error_num) -{ - struct hostent *tmp; - - tmp = gethostbyaddr (src, len, af); - if (tmp == NULL) { - switch (h_errno) { - case HOST_NOT_FOUND : - case TRY_AGAIN : - case NO_RECOVERY : - *error_num = h_errno; - break; - case NO_DATA : - *error_num = NO_ADDRESS; - break; - default : - *error_num = NO_RECOVERY; - break; - } - return NULL; - } - tmp = copyhostent (tmp); - if (tmp == NULL) { - *error_num = TRY_AGAIN; - return NULL; - } - return tmp; -} diff --git a/crypto/heimdal/lib/roken/getipnodebyname.c b/crypto/heimdal/lib/roken/getipnodebyname.c deleted file mode 100644 index 739b329e21a2..000000000000 --- a/crypto/heimdal/lib/roken/getipnodebyname.c +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: getipnodebyname.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -#ifndef HAVE_H_ERRNO -static int h_errno = NO_RECOVERY; -#endif - -/* - * lookup `name' (address family `af') in DNS and return a pointer - * to a malloced struct hostent or NULL. - */ - -struct hostent * ROKEN_LIB_FUNCTION -getipnodebyname (const char *name, int af, int flags, int *error_num) -{ - struct hostent *tmp; - -#ifdef HAVE_GETHOSTBYNAME2 - tmp = gethostbyname2 (name, af); -#else - if (af != AF_INET) { - *error_num = NO_ADDRESS; - return NULL; - } - tmp = gethostbyname (name); -#endif - if (tmp == NULL) { - switch (h_errno) { - case HOST_NOT_FOUND : - case TRY_AGAIN : - case NO_RECOVERY : - *error_num = h_errno; - break; - case NO_DATA : - *error_num = NO_ADDRESS; - break; - default : - *error_num = NO_RECOVERY; - break; - } - return NULL; - } - tmp = copyhostent (tmp); - if (tmp == NULL) { - *error_num = TRY_AGAIN; - return NULL; - } - return tmp; -} diff --git a/crypto/heimdal/lib/roken/getnameinfo.c b/crypto/heimdal/lib/roken/getnameinfo.c deleted file mode 100644 index 4f820f0a74a0..000000000000 --- a/crypto/heimdal/lib/roken/getnameinfo.c +++ /dev/null @@ -1,127 +0,0 @@ -/* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: getnameinfo.c 15412 2005-06-16 16:53:09Z lha $"); -#endif - -#include "roken.h" - -static int -doit (int af, - const void *addr, - size_t addrlen, - int port, - char *host, size_t hostlen, - char *serv, size_t servlen, - int flags) -{ - if (host != NULL) { - if (flags & NI_NUMERICHOST) { - if (inet_ntop (af, addr, host, hostlen) == NULL) - return EAI_SYSTEM; - } else { - struct hostent *he = gethostbyaddr (addr, - addrlen, - af); - if (he != NULL) { - strlcpy (host, hostent_find_fqdn(he), hostlen); - if (flags & NI_NOFQDN) { - char *dot = strchr (host, '.'); - if (dot != NULL) - *dot = '\0'; - } - } else if (flags & NI_NAMEREQD) { - return EAI_NONAME; - } else if (inet_ntop (af, addr, host, hostlen) == NULL) - return EAI_SYSTEM; - } - } - - if (serv != NULL) { - if (flags & NI_NUMERICSERV) { - snprintf (serv, servlen, "%u", ntohs(port)); - } else { - const char *proto = "tcp"; - struct servent *se; - - if (flags & NI_DGRAM) - proto = "udp"; - - se = getservbyport (port, proto); - if (se == NULL) { - snprintf (serv, servlen, "%u", ntohs(port)); - } else { - strlcpy (serv, se->s_name, servlen); - } - } - } - return 0; -} - -/* - * - */ - -int ROKEN_LIB_FUNCTION -getnameinfo(const struct sockaddr *sa, socklen_t salen, - char *host, size_t hostlen, - char *serv, size_t servlen, - int flags) -{ - switch (sa->sa_family) { -#ifdef HAVE_IPV6 - case AF_INET6 : { - const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa; - - return doit (AF_INET6, &sin6->sin6_addr, sizeof(sin6->sin6_addr), - sin6->sin6_port, - host, hostlen, - serv, servlen, - flags); - } -#endif - case AF_INET : { - const struct sockaddr_in *sin4 = (const struct sockaddr_in *)sa; - - return doit (AF_INET, &sin4->sin_addr, sizeof(sin4->sin_addr), - sin4->sin_port, - host, hostlen, - serv, servlen, - flags); - } - default : - return EAI_FAMILY; - } -} diff --git a/crypto/heimdal/lib/roken/getnameinfo_verified.c b/crypto/heimdal/lib/roken/getnameinfo_verified.c deleted file mode 100644 index 91f938a8b22a..000000000000 --- a/crypto/heimdal/lib/roken/getnameinfo_verified.c +++ /dev/null @@ -1,92 +0,0 @@ -/* - * Copyright (c) 1999 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: getnameinfo_verified.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -/* - * Try to obtain a verified name for the address in `sa, salen' (much - * similar to getnameinfo). - * Verified in this context means that forwards and backwards lookups - * in DNS are consistent. If that fails, return an error if the - * NI_NAMEREQD flag is set or return the numeric address as a string. - */ - -int ROKEN_LIB_FUNCTION -getnameinfo_verified(const struct sockaddr *sa, socklen_t salen, - char *host, size_t hostlen, - char *serv, size_t servlen, - int flags) -{ - int ret; - struct addrinfo *ai, *a; - char servbuf[NI_MAXSERV]; - struct addrinfo hints; - - if (host == NULL) - return EAI_NONAME; - - if (serv == NULL) { - serv = servbuf; - servlen = sizeof(servbuf); - } - - ret = getnameinfo (sa, salen, host, hostlen, serv, servlen, - flags | NI_NUMERICSERV); - if (ret) - goto fail; - - memset (&hints, 0, sizeof(hints)); - hints.ai_socktype = SOCK_STREAM; - ret = getaddrinfo (host, serv, &hints, &ai); - if (ret) - goto fail; - for (a = ai; a != NULL; a = a->ai_next) { - if (a->ai_addrlen == salen - && memcmp (a->ai_addr, sa, salen) == 0) { - freeaddrinfo (ai); - return 0; - } - } - freeaddrinfo (ai); - fail: - if (flags & NI_NAMEREQD) - return EAI_NONAME; - ret = getnameinfo (sa, salen, host, hostlen, serv, servlen, - flags | NI_NUMERICSERV | NI_NUMERICHOST); - return ret; -} diff --git a/crypto/heimdal/lib/roken/getopt.c b/crypto/heimdal/lib/roken/getopt.c deleted file mode 100644 index 12bf138d0263..000000000000 --- a/crypto/heimdal/lib/roken/getopt.c +++ /dev/null @@ -1,124 +0,0 @@ -/* - * Copyright (c) 1987, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)getopt.c 8.1 (Berkeley) 6/4/93"; -#endif /* LIBC_SCCS and not lint */ - -#ifndef __STDC__ -#define const -#endif -#include -#include -#include - -/* - * get option letter from argument vector - */ -int opterr = 1, /* if error message should be printed */ - optind = 1, /* index into parent argv vector */ - optopt, /* character checked for validity */ - optreset; /* reset getopt */ -char *optarg; /* argument associated with option */ - -#define BADCH (int)'?' -#define BADARG (int)':' -#define EMSG "" - -int ROKEN_LIB_FUNCTION -getopt(nargc, nargv, ostr) - int nargc; - char * const *nargv; - const char *ostr; -{ - static char *place = EMSG; /* option letter processing */ - char *oli; /* option letter list index */ - char *p; - - if (optreset || !*place) { /* update scanning pointer */ - optreset = 0; - if (optind >= nargc || *(place = nargv[optind]) != '-') { - place = EMSG; - return(-1); - } - if (place[1] && *++place == '-') { /* found "--" */ - ++optind; - place = EMSG; - return(-1); - } - } /* option letter okay? */ - if ((optopt = (int)*place++) == (int)':' || - !(oli = strchr(ostr, optopt))) { - /* - * if the user didn't specify '-' as an option, - * assume it means -1 (EOF). - */ - if (optopt == (int)'-') - return(-1); - if (!*place) - ++optind; - if (opterr && *ostr != ':') { - if (!(p = strrchr(*nargv, '/'))) - p = *nargv; - else - ++p; - fprintf(stderr, "%s: illegal option -- %c\n", - p, optopt); - } - return(BADCH); - } - if (*++oli != ':') { /* don't need argument */ - optarg = NULL; - if (!*place) - ++optind; - } - else { /* need an argument */ - if (*place) /* no white space */ - optarg = place; - else if (nargc <= ++optind) { /* no arg */ - place = EMSG; - if (!(p = strrchr(*nargv, '/'))) - p = *nargv; - else - ++p; - if (*ostr == ':') - return(BADARG); - if (opterr) - fprintf(stderr, - "%s: option requires an argument -- %c\n", - p, optopt); - return(BADCH); - } - else /* white space */ - optarg = nargv[optind]; - place = EMSG; - ++optind; - } - return(optopt); /* dump back option letter */ -} diff --git a/crypto/heimdal/lib/roken/getprogname.c b/crypto/heimdal/lib/roken/getprogname.c deleted file mode 100644 index 6d0bfeec9ba1..000000000000 --- a/crypto/heimdal/lib/roken/getprogname.c +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright (c) 1995-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: getprogname.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -#ifndef HAVE___PROGNAME -const char *__progname; -#endif - -#ifndef HAVE_GETPROGNAME -const char * ROKEN_LIB_FUNCTION -getprogname(void) -{ - return __progname; -} -#endif /* HAVE_GETPROGNAME */ diff --git a/crypto/heimdal/lib/roken/gettimeofday.c b/crypto/heimdal/lib/roken/gettimeofday.c deleted file mode 100644 index d8e4e750026a..000000000000 --- a/crypto/heimdal/lib/roken/gettimeofday.c +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" -#ifndef HAVE_GETTIMEOFDAY - -RCSID("$Id: gettimeofday.c 14773 2005-04-12 11:29:18Z lha $"); - -/* - * Simple gettimeofday that only returns seconds. - */ -int ROKEN_LIB_FUNCTION -gettimeofday (struct timeval *tp, void *ignore) -{ - time_t t; - - t = time(NULL); - tp->tv_sec = t; - tp->tv_usec = 0; - return 0; -} -#endif diff --git a/crypto/heimdal/lib/roken/getuid.c b/crypto/heimdal/lib/roken/getuid.c deleted file mode 100644 index f558ab6815dd..000000000000 --- a/crypto/heimdal/lib/roken/getuid.c +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -#ifndef HAVE_GETUID - -RCSID("$Id: getuid.c 14773 2005-04-12 11:29:18Z lha $"); - -int ROKEN_LIB_FUNCTION -getuid(void) -{ - return 17; -} - -#endif diff --git a/crypto/heimdal/lib/roken/getusershell.c b/crypto/heimdal/lib/roken/getusershell.c deleted file mode 100644 index 8def1ca10f8a..000000000000 --- a/crypto/heimdal/lib/roken/getusershell.c +++ /dev/null @@ -1,189 +0,0 @@ -/* - * Copyright (c) 1985, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -RCSID("$Id: getusershell.c 21005 2007-06-08 01:54:35Z lha $"); - -#ifndef HAVE_GETUSERSHELL - -#include -#include -#include -#include -#ifdef HAVE_PATHS_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif - -#ifdef HAVE_USERSEC_H -struct aud_rec; -#include -#endif -#ifdef HAVE_USERCONF_H -#include -#endif -#include "roken.h" - -#ifndef _PATH_SHELLS -#define _PATH_SHELLS "/etc/shells" -#endif - -#ifndef _PATH_BSHELL -#define _PATH_BSHELL "/bin/sh" -#endif - -#ifndef _PATH_CSHELL -#define _PATH_CSHELL "/bin/csh" -#endif - -/* - * Local shells should NOT be added here. They should be added in - * /etc/shells. - */ - -static char *okshells[] = { _PATH_BSHELL, _PATH_CSHELL, NULL }; -static char **curshell, **shells, *strings; -static char **initshells (void); - -/* - * Get a list of shells from _PATH_SHELLS, if it exists. - */ -char * ROKEN_LIB_FUNCTION -getusershell() -{ - char *ret; - - if (curshell == NULL) - curshell = initshells(); - ret = *curshell; - if (ret != NULL) - curshell++; - return (ret); -} - -void ROKEN_LIB_FUNCTION -endusershell() -{ - if (shells != NULL) - free(shells); - shells = NULL; - if (strings != NULL) - free(strings); - strings = NULL; - curshell = NULL; -} - -void ROKEN_LIB_FUNCTION -setusershell() -{ - curshell = initshells(); -} - -static char ** -initshells() -{ - char **sp, *cp; -#ifdef HAVE_GETCONFATTR - char *tmp; - int nsh; -#else - FILE *fp; -#endif - struct stat statb; - - free(shells); - shells = NULL; - free(strings); - strings = NULL; -#ifdef HAVE_GETCONFATTR - if(getconfattr(SC_SYS_LOGIN, SC_SHELLS, &tmp, SEC_LIST) != 0) - return okshells; - - for(cp = tmp, nsh = 0; *cp; cp += strlen(cp) + 1, nsh++); - - shells = calloc(nsh + 1, sizeof(*shells)); - if(shells == NULL) - return okshells; - - strings = malloc(cp - tmp); - if(strings == NULL) { - free(shells); - shells = NULL; - return okshells; - } - memcpy(strings, tmp, cp - tmp); - for(sp = shells, cp = strings; *cp; cp += strlen(cp) + 1, sp++) - *sp = cp; -#else - if ((fp = fopen(_PATH_SHELLS, "r")) == NULL) - return (okshells); - if (fstat(fileno(fp), &statb) == -1) { - fclose(fp); - return (okshells); - } - if ((strings = malloc((u_int)statb.st_size)) == NULL) { - fclose(fp); - return (okshells); - } - shells = calloc((unsigned)statb.st_size / 3, sizeof (char *)); - if (shells == NULL) { - fclose(fp); - free(strings); - strings = NULL; - return (okshells); - } - sp = shells; - cp = strings; - while (fgets(cp, MaxPathLen + 1, fp) != NULL) { - while (*cp != '#' && *cp != '/' && *cp != '\0') - cp++; - if (*cp == '#' || *cp == '\0') - continue; - *sp++ = cp; - while (!isspace((unsigned char)*cp) && *cp != '#' && *cp != '\0') - cp++; - *cp++ = '\0'; - } - fclose(fp); -#endif - *sp = NULL; - return (shells); -} -#endif /* HAVE_GETUSERSHELL */ diff --git a/crypto/heimdal/lib/roken/glob.c b/crypto/heimdal/lib/roken/glob.c deleted file mode 100644 index 803eda17d1e7..000000000000 --- a/crypto/heimdal/lib/roken/glob.c +++ /dev/null @@ -1,850 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Guido van Rossum. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * glob(3) -- a superset of the one defined in POSIX 1003.2. - * - * The [!...] convention to negate a range is supported (SysV, Posix, ksh). - * - * Optional extra services, controlled by flags not defined by POSIX: - * - * GLOB_QUOTE: - * Escaping convention: \ inhibits any special meaning the following - * character might have (except \ at end of string is retained). - * GLOB_MAGCHAR: - * Set in gl_flags if pattern contained a globbing character. - * GLOB_NOMAGIC: - * Same as GLOB_NOCHECK, but it will only append pattern if it did - * not contain any magic characters. [Used in csh style globbing] - * GLOB_ALTDIRFUNC: - * Use alternately specified directory access functions. - * GLOB_TILDE: - * expand ~user/foo to the /home/dir/of/user/foo - * GLOB_BRACE: - * expand {1,2}{a,b} to 1a 1b 2a 2b - * gl_matchc: - * Number of matches in the current invocation of glob. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#ifdef HAVE_SYS_PARAM_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif - -#include -#ifdef HAVE_DIRENT_H -#include -#endif -#include -#ifdef HAVE_PWD_H -#include -#endif -#include -#include -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_LIMITS_H -#include -#endif - -#include "glob.h" -#include "roken.h" - -#ifndef ARG_MAX -#define ARG_MAX _POSIX_ARG_MAX -#endif - -#define CHAR_DOLLAR '$' -#define CHAR_DOT '.' -#define CHAR_EOS '\0' -#define CHAR_LBRACKET '[' -#define CHAR_NOT '!' -#define CHAR_QUESTION '?' -#define CHAR_QUOTE '\\' -#define CHAR_RANGE '-' -#define CHAR_RBRACKET ']' -#define CHAR_SEP '/' -#define CHAR_STAR '*' -#define CHAR_TILDE '~' -#define CHAR_UNDERSCORE '_' -#define CHAR_LBRACE '{' -#define CHAR_RBRACE '}' -#define CHAR_SLASH '/' -#define CHAR_COMMA ',' - -#ifndef DEBUG - -#define M_QUOTE 0x8000 -#define M_PROTECT 0x4000 -#define M_MASK 0xffff -#define M_ASCII 0x00ff - -typedef u_short Char; - -#else - -#define M_QUOTE 0x80 -#define M_PROTECT 0x40 -#define M_MASK 0xff -#define M_ASCII 0x7f - -typedef char Char; - -#endif - - -#define CHAR(c) ((Char)((c)&M_ASCII)) -#define META(c) ((Char)((c)|M_QUOTE)) -#define M_ALL META('*') -#define M_END META(']') -#define M_NOT META('!') -#define M_ONE META('?') -#define M_RNG META('-') -#define M_SET META('[') -#define ismeta(c) (((c)&M_QUOTE) != 0) - - -static int compare (const void *, const void *); -static void g_Ctoc (const Char *, char *); -static int g_lstat (Char *, struct stat *, glob_t *); -static DIR *g_opendir (Char *, glob_t *); -static Char *g_strchr (const Char *, int); -#ifdef notdef -static Char *g_strcat (Char *, const Char *); -#endif -static int g_stat (Char *, struct stat *, glob_t *); -static int glob0 (const Char *, glob_t *); -static int glob1 (Char *, glob_t *, size_t *); -static int glob2 (Char *, Char *, Char *, glob_t *, size_t *); -static int glob3 (Char *, Char *, Char *, Char *, glob_t *, size_t *); -static int globextend (const Char *, glob_t *, size_t *); -static const Char * globtilde (const Char *, Char *, glob_t *); -static int globexp1 (const Char *, glob_t *); -static int globexp2 (const Char *, const Char *, glob_t *, int *); -static int match (Char *, Char *, Char *); -#ifdef DEBUG -static void qprintf (const char *, Char *); -#endif - -int ROKEN_LIB_FUNCTION -glob(const char *pattern, - int flags, - int (*errfunc)(const char *, int), - glob_t *pglob) -{ - const u_char *patnext; - int c; - Char *bufnext, *bufend, patbuf[MaxPathLen+1]; - - patnext = (const u_char *) pattern; - if (!(flags & GLOB_APPEND)) { - pglob->gl_pathc = 0; - pglob->gl_pathv = NULL; - if (!(flags & GLOB_DOOFFS)) - pglob->gl_offs = 0; - } - pglob->gl_flags = flags & ~GLOB_MAGCHAR; - pglob->gl_errfunc = errfunc; - pglob->gl_matchc = 0; - - bufnext = patbuf; - bufend = bufnext + MaxPathLen; - if (flags & GLOB_QUOTE) { - /* Protect the quoted characters. */ - while (bufnext < bufend && (c = *patnext++) != CHAR_EOS) - if (c == CHAR_QUOTE) { - if ((c = *patnext++) == CHAR_EOS) { - c = CHAR_QUOTE; - --patnext; - } - *bufnext++ = c | M_PROTECT; - } - else - *bufnext++ = c; - } - else - while (bufnext < bufend && (c = *patnext++) != CHAR_EOS) - *bufnext++ = c; - *bufnext = CHAR_EOS; - - if (flags & GLOB_BRACE) - return globexp1(patbuf, pglob); - else - return glob0(patbuf, pglob); -} - -/* - * Expand recursively a glob {} pattern. When there is no more expansion - * invoke the standard globbing routine to glob the rest of the magic - * characters - */ -static int globexp1(const Char *pattern, glob_t *pglob) -{ - const Char* ptr = pattern; - int rv; - - /* Protect a single {}, for find(1), like csh */ - if (pattern[0] == CHAR_LBRACE && pattern[1] == CHAR_RBRACE && pattern[2] == CHAR_EOS) - return glob0(pattern, pglob); - - while ((ptr = (const Char *) g_strchr(ptr, CHAR_LBRACE)) != NULL) - if (!globexp2(ptr, pattern, pglob, &rv)) - return rv; - - return glob0(pattern, pglob); -} - - -/* - * Recursive brace globbing helper. Tries to expand a single brace. - * If it succeeds then it invokes globexp1 with the new pattern. - * If it fails then it tries to glob the rest of the pattern and returns. - */ -static int globexp2(const Char *ptr, const Char *pattern, - glob_t *pglob, int *rv) -{ - int i; - Char *lm, *ls; - const Char *pe, *pm, *pl; - Char patbuf[MaxPathLen + 1]; - - /* copy part up to the brace */ - for (lm = patbuf, pm = pattern; pm != ptr; *lm++ = *pm++) - continue; - ls = lm; - - /* Find the balanced brace */ - for (i = 0, pe = ++ptr; *pe; pe++) - if (*pe == CHAR_LBRACKET) { - /* Ignore everything between [] */ - for (pm = pe++; *pe != CHAR_RBRACKET && *pe != CHAR_EOS; pe++) - continue; - if (*pe == CHAR_EOS) { - /* - * We could not find a matching CHAR_RBRACKET. - * Ignore and just look for CHAR_RBRACE - */ - pe = pm; - } - } - else if (*pe == CHAR_LBRACE) - i++; - else if (*pe == CHAR_RBRACE) { - if (i == 0) - break; - i--; - } - - /* Non matching braces; just glob the pattern */ - if (i != 0 || *pe == CHAR_EOS) { - *rv = glob0(patbuf, pglob); - return 0; - } - - for (i = 0, pl = pm = ptr; pm <= pe; pm++) - switch (*pm) { - case CHAR_LBRACKET: - /* Ignore everything between [] */ - for (pl = pm++; *pm != CHAR_RBRACKET && *pm != CHAR_EOS; pm++) - continue; - if (*pm == CHAR_EOS) { - /* - * We could not find a matching CHAR_RBRACKET. - * Ignore and just look for CHAR_RBRACE - */ - pm = pl; - } - break; - - case CHAR_LBRACE: - i++; - break; - - case CHAR_RBRACE: - if (i) { - i--; - break; - } - /* FALLTHROUGH */ - case CHAR_COMMA: - if (i && *pm == CHAR_COMMA) - break; - else { - /* Append the current string */ - for (lm = ls; (pl < pm); *lm++ = *pl++) - continue; - /* - * Append the rest of the pattern after the - * closing brace - */ - for (pl = pe + 1; (*lm++ = *pl++) != CHAR_EOS;) - continue; - - /* Expand the current pattern */ -#ifdef DEBUG - qprintf("globexp2:", patbuf); -#endif - *rv = globexp1(patbuf, pglob); - - /* move after the comma, to the next string */ - pl = pm + 1; - } - break; - - default: - break; - } - *rv = 0; - return 0; -} - - - -/* - * expand tilde from the passwd file. - */ -static const Char * -globtilde(const Char *pattern, Char *patbuf, glob_t *pglob) -{ - struct passwd *pwd; - char *h; - const Char *p; - Char *b; - - if (*pattern != CHAR_TILDE || !(pglob->gl_flags & GLOB_TILDE)) - return pattern; - - /* Copy up to the end of the string or / */ - for (p = pattern + 1, h = (char *) patbuf; *p && *p != CHAR_SLASH; - *h++ = *p++) - continue; - - *h = CHAR_EOS; - - if (((char *) patbuf)[0] == CHAR_EOS) { - /* - * handle a plain ~ or ~/ by expanding $HOME - * first and then trying the password file - */ - if ((h = getenv("HOME")) == NULL) { - if ((pwd = k_getpwuid(getuid())) == NULL) - return pattern; - else - h = pwd->pw_dir; - } - } - else { - /* - * Expand a ~user - */ - if ((pwd = k_getpwnam((char*) patbuf)) == NULL) - return pattern; - else - h = pwd->pw_dir; - } - - /* Copy the home directory */ - for (b = patbuf; *h; *b++ = *h++) - continue; - - /* Append the rest of the pattern */ - while ((*b++ = *p++) != CHAR_EOS) - continue; - - return patbuf; -} - - -/* - * The main glob() routine: compiles the pattern (optionally processing - * quotes), calls glob1() to do the real pattern matching, and finally - * sorts the list (unless unsorted operation is requested). Returns 0 - * if things went well, nonzero if errors occurred. It is not an error - * to find no matches. - */ -static int -glob0(const Char *pattern, glob_t *pglob) -{ - const Char *qpatnext; - int c, err, oldpathc; - Char *bufnext, patbuf[MaxPathLen+1]; - size_t limit = 0; - - qpatnext = globtilde(pattern, patbuf, pglob); - oldpathc = pglob->gl_pathc; - bufnext = patbuf; - - /* We don't need to check for buffer overflow any more. */ - while ((c = *qpatnext++) != CHAR_EOS) { - switch (c) { - case CHAR_LBRACKET: - c = *qpatnext; - if (c == CHAR_NOT) - ++qpatnext; - if (*qpatnext == CHAR_EOS || - g_strchr(qpatnext+1, CHAR_RBRACKET) == NULL) { - *bufnext++ = CHAR_LBRACKET; - if (c == CHAR_NOT) - --qpatnext; - break; - } - *bufnext++ = M_SET; - if (c == CHAR_NOT) - *bufnext++ = M_NOT; - c = *qpatnext++; - do { - *bufnext++ = CHAR(c); - if (*qpatnext == CHAR_RANGE && - (c = qpatnext[1]) != CHAR_RBRACKET) { - *bufnext++ = M_RNG; - *bufnext++ = CHAR(c); - qpatnext += 2; - } - } while ((c = *qpatnext++) != CHAR_RBRACKET); - pglob->gl_flags |= GLOB_MAGCHAR; - *bufnext++ = M_END; - break; - case CHAR_QUESTION: - pglob->gl_flags |= GLOB_MAGCHAR; - *bufnext++ = M_ONE; - break; - case CHAR_STAR: - pglob->gl_flags |= GLOB_MAGCHAR; - /* collapse adjacent stars to one, - * to avoid exponential behavior - */ - if (bufnext == patbuf || bufnext[-1] != M_ALL) - *bufnext++ = M_ALL; - break; - default: - *bufnext++ = CHAR(c); - break; - } - } - *bufnext = CHAR_EOS; -#ifdef DEBUG - qprintf("glob0:", patbuf); -#endif - - if ((err = glob1(patbuf, pglob, &limit)) != 0) - return(err); - - /* - * If there was no match we are going to append the pattern - * if GLOB_NOCHECK was specified or if GLOB_NOMAGIC was specified - * and the pattern did not contain any magic characters - * GLOB_NOMAGIC is there just for compatibility with csh. - */ - if (pglob->gl_pathc == oldpathc && - ((pglob->gl_flags & GLOB_NOCHECK) || - ((pglob->gl_flags & GLOB_NOMAGIC) && - !(pglob->gl_flags & GLOB_MAGCHAR)))) - return(globextend(pattern, pglob, &limit)); - else if (!(pglob->gl_flags & GLOB_NOSORT)) - qsort(pglob->gl_pathv + pglob->gl_offs + oldpathc, - pglob->gl_pathc - oldpathc, sizeof(char *), compare); - return(0); -} - -static int -compare(const void *p, const void *q) -{ - return(strcmp(*(char **)p, *(char **)q)); -} - -static int -glob1(Char *pattern, glob_t *pglob, size_t *limit) -{ - Char pathbuf[MaxPathLen+1]; - - /* A null pathname is invalid -- POSIX 1003.1 sect. 2.4. */ - if (*pattern == CHAR_EOS) - return(0); - return(glob2(pathbuf, pathbuf, pattern, pglob, limit)); -} - -/* - * The functions glob2 and glob3 are mutually recursive; there is one level - * of recursion for each segment in the pattern that contains one or more - * meta characters. - */ - -#ifndef S_ISLNK -#if defined(S_IFLNK) && defined(S_IFMT) -#define S_ISLNK(mode) (((mode) & S_IFMT) == S_IFLNK) -#else -#define S_ISLNK(mode) 0 -#endif -#endif - -static int -glob2(Char *pathbuf, Char *pathend, Char *pattern, glob_t *pglob, - size_t *limit) -{ - struct stat sb; - Char *p, *q; - int anymeta; - - /* - * Loop over pattern segments until end of pattern or until - * segment with meta character found. - */ - for (anymeta = 0;;) { - if (*pattern == CHAR_EOS) { /* End of pattern? */ - *pathend = CHAR_EOS; - if (g_lstat(pathbuf, &sb, pglob)) - return(0); - - if (((pglob->gl_flags & GLOB_MARK) && - pathend[-1] != CHAR_SEP) && (S_ISDIR(sb.st_mode) - || (S_ISLNK(sb.st_mode) && - (g_stat(pathbuf, &sb, pglob) == 0) && - S_ISDIR(sb.st_mode)))) { - *pathend++ = CHAR_SEP; - *pathend = CHAR_EOS; - } - ++pglob->gl_matchc; - return(globextend(pathbuf, pglob, limit)); - } - - /* Find end of next segment, copy tentatively to pathend. */ - q = pathend; - p = pattern; - while (*p != CHAR_EOS && *p != CHAR_SEP) { - if (ismeta(*p)) - anymeta = 1; - *q++ = *p++; - } - - if (!anymeta) { /* No expansion, do next segment. */ - pathend = q; - pattern = p; - while (*pattern == CHAR_SEP) - *pathend++ = *pattern++; - } else /* Need expansion, recurse. */ - return(glob3(pathbuf, pathend, pattern, p, pglob, - limit)); - } - /* NOTREACHED */ -} - -static int -glob3(Char *pathbuf, Char *pathend, Char *pattern, Char *restpattern, - glob_t *pglob, size_t *limit) -{ - struct dirent *dp; - DIR *dirp; - int err; - char buf[MaxPathLen]; - - /* - * The readdirfunc declaration can't be prototyped, because it is - * assigned, below, to two functions which are prototyped in glob.h - * and dirent.h as taking pointers to differently typed opaque - * structures. - */ - struct dirent *(*readdirfunc)(void *); - - *pathend = CHAR_EOS; - errno = 0; - - if ((dirp = g_opendir(pathbuf, pglob)) == NULL) { - /* TODO: don't call for ENOENT or ENOTDIR? */ - if (pglob->gl_errfunc) { - g_Ctoc(pathbuf, buf); - if (pglob->gl_errfunc(buf, errno) || - pglob->gl_flags & GLOB_ERR) - return (GLOB_ABEND); - } - return(0); - } - - err = 0; - - /* Search directory for matching names. */ - if (pglob->gl_flags & GLOB_ALTDIRFUNC) - readdirfunc = pglob->gl_readdir; - else - readdirfunc = (struct dirent *(*)(void *))readdir; - while ((dp = (*readdirfunc)(dirp))) { - u_char *sc; - Char *dc; - - /* Initial CHAR_DOT must be matched literally. */ - if (dp->d_name[0] == CHAR_DOT && *pattern != CHAR_DOT) - continue; - for (sc = (u_char *) dp->d_name, dc = pathend; - (*dc++ = *sc++) != CHAR_EOS;) - continue; - if (!match(pathend, pattern, restpattern)) { - *pathend = CHAR_EOS; - continue; - } - err = glob2(pathbuf, --dc, restpattern, pglob, limit); - if (err) - break; - } - - if (pglob->gl_flags & GLOB_ALTDIRFUNC) - (*pglob->gl_closedir)(dirp); - else - closedir(dirp); - return(err); -} - - -/* - * Extend the gl_pathv member of a glob_t structure to accomodate a new item, - * add the new item, and update gl_pathc. - * - * This assumes the BSD realloc, which only copies the block when its size - * crosses a power-of-two boundary; for v7 realloc, this would cause quadratic - * behavior. - * - * Return 0 if new item added, error code if memory couldn't be allocated. - * - * Invariant of the glob_t structure: - * Either gl_pathc is zero and gl_pathv is NULL; or gl_pathc > 0 and - * gl_pathv points to (gl_offs + gl_pathc + 1) items. - */ -static int -globextend(const Char *path, glob_t *pglob, size_t *limit) -{ - char **pathv; - int i; - size_t newsize, len; - char *copy; - const Char *p; - - newsize = sizeof(*pathv) * (2 + pglob->gl_pathc + pglob->gl_offs); - pathv = pglob->gl_pathv ? - realloc(pglob->gl_pathv, newsize) : - malloc(newsize); - if (pathv == NULL) - return(GLOB_NOSPACE); - - if (pglob->gl_pathv == NULL && pglob->gl_offs > 0) { - /* first time around -- clear initial gl_offs items */ - pathv += pglob->gl_offs; - for (i = pglob->gl_offs; --i >= 0; ) - *--pathv = NULL; - } - pglob->gl_pathv = pathv; - - for (p = path; *p++;) - continue; - len = (size_t)(p - path); - *limit += len; - if ((copy = malloc(len)) != NULL) { - g_Ctoc(path, copy); - pathv[pglob->gl_offs + pglob->gl_pathc++] = copy; - } - pathv[pglob->gl_offs + pglob->gl_pathc] = NULL; - - if ((pglob->gl_flags & GLOB_LIMIT) && (newsize + *limit) >= ARG_MAX) { - errno = 0; - return(GLOB_NOSPACE); - } - - return(copy == NULL ? GLOB_NOSPACE : 0); -} - - -/* - * pattern matching function for filenames. Each occurrence of the * - * pattern causes a recursion level. - */ -static int -match(Char *name, Char *pat, Char *patend) -{ - int ok, negate_range; - Char c, k; - - while (pat < patend) { - c = *pat++; - switch (c & M_MASK) { - case M_ALL: - if (pat == patend) - return(1); - do - if (match(name, pat, patend)) - return(1); - while (*name++ != CHAR_EOS); - return(0); - case M_ONE: - if (*name++ == CHAR_EOS) - return(0); - break; - case M_SET: - ok = 0; - if ((k = *name++) == CHAR_EOS) - return(0); - if ((negate_range = ((*pat & M_MASK) == M_NOT)) != CHAR_EOS) - ++pat; - while (((c = *pat++) & M_MASK) != M_END) - if ((*pat & M_MASK) == M_RNG) { - if (c <= k && k <= pat[1]) - ok = 1; - pat += 2; - } else if (c == k) - ok = 1; - if (ok == negate_range) - return(0); - break; - default: - if (*name++ != c) - return(0); - break; - } - } - return(*name == CHAR_EOS); -} - -/* Free allocated data belonging to a glob_t structure. */ -void ROKEN_LIB_FUNCTION -globfree(glob_t *pglob) -{ - int i; - char **pp; - - if (pglob->gl_pathv != NULL) { - pp = pglob->gl_pathv + pglob->gl_offs; - for (i = pglob->gl_pathc; i--; ++pp) - if (*pp) - free(*pp); - free(pglob->gl_pathv); - pglob->gl_pathv = NULL; - } -} - -static DIR * -g_opendir(Char *str, glob_t *pglob) -{ - char buf[MaxPathLen]; - - if (!*str) - strlcpy(buf, ".", sizeof(buf)); - else - g_Ctoc(str, buf); - - if (pglob->gl_flags & GLOB_ALTDIRFUNC) - return((*pglob->gl_opendir)(buf)); - - return(opendir(buf)); -} - -static int -g_lstat(Char *fn, struct stat *sb, glob_t *pglob) -{ - char buf[MaxPathLen]; - - g_Ctoc(fn, buf); - if (pglob->gl_flags & GLOB_ALTDIRFUNC) - return((*pglob->gl_lstat)(buf, sb)); - return(lstat(buf, sb)); -} - -static int -g_stat(Char *fn, struct stat *sb, glob_t *pglob) -{ - char buf[MaxPathLen]; - - g_Ctoc(fn, buf); - if (pglob->gl_flags & GLOB_ALTDIRFUNC) - return((*pglob->gl_stat)(buf, sb)); - return(stat(buf, sb)); -} - -static Char * -g_strchr(const Char *str, int ch) -{ - do { - if (*str == ch) - return (Char *)str; - } while (*str++); - return (NULL); -} - -#ifdef notdef -static Char * -g_strcat(Char *dst, const Char *src) -{ - Char *sdst = dst; - - while (*dst++) - continue; - --dst; - while((*dst++ = *src++) != CHAR_EOS) - continue; - - return (sdst); -} -#endif - -static void -g_Ctoc(const Char *str, char *buf) -{ - char *dc; - - for (dc = buf; (*dc++ = *str++) != CHAR_EOS;) - continue; -} - -#ifdef DEBUG -static void -qprintf(const Char *str, Char *s) -{ - Char *p; - - printf("%s:\n", str); - for (p = s; *p; p++) - printf("%c", CHAR(*p)); - printf("\n"); - for (p = s; *p; p++) - printf("%c", *p & M_PROTECT ? '"' : ' '); - printf("\n"); - for (p = s; *p; p++) - printf("%c", ismeta(*p) ? '_' : ' '); - printf("\n"); -} -#endif diff --git a/crypto/heimdal/lib/roken/glob.hin b/crypto/heimdal/lib/roken/glob.hin deleted file mode 100644 index ffb6081046fe..000000000000 --- a/crypto/heimdal/lib/roken/glob.hin +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Guido van Rossum. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)glob.h 8.1 (Berkeley) 6/2/93 - */ - -#ifndef _GLOB_H_ -#define _GLOB_H_ - -#ifndef ROKEN_LIB_FUNCTION -#ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall -#else -#define ROKEN_LIB_FUNCTION -#endif -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -#define glob_t rk_glob_t -#define glob rk_glob -#define globfree rk_globfree - -struct stat; -typedef struct { - int gl_pathc; /* Count of total paths so far. */ - int gl_matchc; /* Count of paths matching pattern. */ - int gl_offs; /* Reserved at beginning of gl_pathv. */ - int gl_flags; /* Copy of flags parameter to glob. */ - char **gl_pathv; /* List of paths matching pattern. */ - /* Copy of errfunc parameter to glob. */ - int (*gl_errfunc) (const char *, int); - - /* - * Alternate filesystem access methods for glob; replacement - * versions of closedir(3), readdir(3), opendir(3), stat(2) - * and lstat(2). - */ - void (*gl_closedir) (void *); - struct dirent *(*gl_readdir) (void *); - void *(*gl_opendir) (const char *); - int (*gl_lstat) (const char *, struct stat *); - int (*gl_stat) (const char *, struct stat *); -} glob_t; - -#define GLOB_APPEND 0x0001 /* Append to output from previous call. */ -#define GLOB_DOOFFS 0x0002 /* Use gl_offs. */ -#define GLOB_ERR 0x0004 /* Return on error. */ -#define GLOB_MARK 0x0008 /* Append / to matching directories. */ -#define GLOB_NOCHECK 0x0010 /* Return pattern itself if nothing matches. */ -#define GLOB_NOSORT 0x0020 /* Don't sort. */ - -#define GLOB_ALTDIRFUNC 0x0040 /* Use alternately specified directory funcs. */ -#define GLOB_BRACE 0x0080 /* Expand braces ala csh. */ -#define GLOB_MAGCHAR 0x0100 /* Pattern had globbing characters. */ -#define GLOB_NOMAGIC 0x0200 /* GLOB_NOCHECK without magic chars (csh). */ -#define GLOB_QUOTE 0x0400 /* Quote special chars with \. */ -#define GLOB_TILDE 0x0800 /* Expand tilde names from the passwd file. */ -#define GLOB_LIMIT 0x1000 /* Limit memory used by matches to ARG_MAX */ - -#define GLOB_NOSPACE (-1) /* Malloc call failed. */ -#define GLOB_ABEND (-2) /* Unignored error. */ - -int ROKEN_LIB_FUNCTION -glob (const char *, int, int (*)(const char *, int), glob_t *); - -void ROKEN_LIB_FUNCTION -globfree (glob_t *); - -#ifdef __cplusplus -} -#endif - -#endif /* !_GLOB_H_ */ diff --git a/crypto/heimdal/lib/roken/h_errno.c b/crypto/heimdal/lib/roken/h_errno.c deleted file mode 100644 index 11dcb08ac243..000000000000 --- a/crypto/heimdal/lib/roken/h_errno.c +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (c) 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: h_errno.c 10442 2001-08-08 03:47:23Z assar $"); -#endif - -#ifndef HAVE_H_ERRNO -int h_errno = -17; /* Some magic number */ -#endif diff --git a/crypto/heimdal/lib/roken/hex-test.c b/crypto/heimdal/lib/roken/hex-test.c deleted file mode 100644 index 72aea1ed7135..000000000000 --- a/crypto/heimdal/lib/roken/hex-test.c +++ /dev/null @@ -1,110 +0,0 @@ -/* - * Copyright (c) 1999 - 2001, 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include - -RCSID("$Id: hex-test.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include "roken.h" -#include - -int -main(int argc, char **argv) -{ - int numerr = 0; - int numtest = 1; - struct test { - void *data; - size_t len; - const char *result; - } *t, tests[] = { - { "", 0 , "" }, - { "a", 1, "61" }, - { "ab", 2, "6162" }, - { "abc", 3, "616263" }, - { "abcd", 4, "61626364" }, - { "abcde", 5, "6162636465" }, - { "abcdef", 6, "616263646566" }, - { "abcdefg", 7, "61626364656667" }, - { "=", 1, "3D" }, - { NULL } - }; - for(t = tests; t->data; t++) { - char *str; - int len; - len = hex_encode(t->data, t->len, &str); - if(strcmp(str, t->result) != 0) { - fprintf(stderr, "failed test %d: %s != %s\n", numtest, - str, t->result); - numerr++; - } - free(str); - str = strdup(t->result); - len = strlen(str); - len = hex_decode(t->result, str, len); - if(len != t->len) { - fprintf(stderr, "failed test %d: len %lu != %lu\n", numtest, - (unsigned long)len, (unsigned long)t->len); - numerr++; - } else if(memcmp(str, t->data, t->len) != 0) { - fprintf(stderr, "failed test %d: data\n", numtest); - numerr++; - } - free(str); - numtest++; - } - - { - unsigned char buf[2] = { 0, 0xff } ; - int len; - - len = hex_decode("A", buf, 1); - if (len != 1) { - fprintf(stderr, "len != 1"); - numerr++; - } - if (buf[0] != 10) { - fprintf(stderr, "buf != 10"); - numerr++; - } - if (buf[1] != 0xff) { - fprintf(stderr, "buf != 0xff"); - numerr++; - } - - } - - return numerr; -} diff --git a/crypto/heimdal/lib/roken/hex.c b/crypto/heimdal/lib/roken/hex.c deleted file mode 100644 index 89fb0e116ef0..000000000000 --- a/crypto/heimdal/lib/roken/hex.c +++ /dev/null @@ -1,103 +0,0 @@ -/* - * Copyright (c) 2004-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: hex.c 16504 2006-01-09 17:09:29Z lha $"); -#endif -#include "roken.h" -#include -#include "hex.h" - -const static char hexchar[] = "0123456789ABCDEF"; - -static int -pos(char c) -{ - const char *p; - c = toupper((unsigned char)c); - for (p = hexchar; *p; p++) - if (*p == c) - return p - hexchar; - return -1; -} - -ssize_t ROKEN_LIB_FUNCTION -hex_encode(const void *data, size_t size, char **str) -{ - const unsigned char *q = data; - size_t i; - char *p; - - /* check for overflow */ - if (size * 2 < size) - return -1; - - p = malloc(size * 2 + 1); - if (p == NULL) - return -1; - - for (i = 0; i < size; i++) { - p[i * 2] = hexchar[(*q >> 4) & 0xf]; - p[i * 2 + 1] = hexchar[*q & 0xf]; - q++; - } - p[i * 2] = '\0'; - *str = p; - - return i * 2; -} - -ssize_t ROKEN_LIB_FUNCTION -hex_decode(const char *str, void *data, size_t len) -{ - size_t l; - unsigned char *p = data; - size_t i; - - l = strlen(str); - - /* check for overflow, same as (l+1)/2 but overflow safe */ - if ((l/2) + (l&1) > len) - return -1; - - i = 0; - if (l & 1) { - p[0] = pos(str[0]); - str++; - p++; - } - for (i = 0; i < l / 2; i++) - p[i] = pos(str[i * 2]) << 4 | pos(str[(i * 2) + 1]); - return i + (l & 1); -} diff --git a/crypto/heimdal/lib/roken/hex.h b/crypto/heimdal/lib/roken/hex.h deleted file mode 100644 index 4c4b8508ed4d..000000000000 --- a/crypto/heimdal/lib/roken/hex.h +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: hex.h 14773 2005-04-12 11:29:18Z lha $ */ - -#ifndef _rk_HEX_H_ -#define _rk_HEX_H_ 1 - -#ifndef ROKEN_LIB_FUNCTION -#ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall -#else -#define ROKEN_LIB_FUNCTION -#endif -#endif - -#define hex_encode rk_hex_encode -#define hex_decode rk_hex_decode - -ssize_t ROKEN_LIB_FUNCTION - hex_encode(const void *, size_t, char **); -ssize_t ROKEN_LIB_FUNCTION - hex_decode(const char *, void *, size_t); - -#endif /* _rk_HEX_H_ */ diff --git a/crypto/heimdal/lib/roken/hostent_find_fqdn.c b/crypto/heimdal/lib/roken/hostent_find_fqdn.c deleted file mode 100644 index 299ed6d38b46..000000000000 --- a/crypto/heimdal/lib/roken/hostent_find_fqdn.c +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: hostent_find_fqdn.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -/* - * Try to find a fqdn (with `.') in he if possible, else return h_name - */ - -const char * ROKEN_LIB_FUNCTION -hostent_find_fqdn (const struct hostent *he) -{ - const char *ret = he->h_name; - const char **h; - - if (strchr (ret, '.') == NULL) - for (h = (const char **)he->h_aliases; *h != NULL; ++h) { - if (strchr (*h, '.') != NULL) { - ret = *h; - break; - } - } - return ret; -} diff --git a/crypto/heimdal/lib/roken/hstrerror.c b/crypto/heimdal/lib/roken/hstrerror.c deleted file mode 100644 index 32dab23f13d3..000000000000 --- a/crypto/heimdal/lib/roken/hstrerror.c +++ /dev/null @@ -1,81 +0,0 @@ -/* - * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: hstrerror.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#ifndef HAVE_HSTRERROR - -#if (defined(SunOS) && (SunOS >= 50)) -#define hstrerror broken_proto -#endif -#include "roken.h" -#if (defined(SunOS) && (SunOS >= 50)) -#undef hstrerror -#endif - -#if !(defined(HAVE_H_ERRLIST) && defined(HAVE_H_NERR)) -static const char *const h_errlist[] = { - "Resolver Error 0 (no error)", - "Unknown host", /* 1 HOST_NOT_FOUND */ - "Host name lookup failure", /* 2 TRY_AGAIN */ - "Unknown server error", /* 3 NO_RECOVERY */ - "No address associated with name", /* 4 NO_ADDRESS */ -}; - -static -const -int h_nerr = { sizeof h_errlist / sizeof h_errlist[0] }; -#else - -#if !HAVE_DECL_H_ERRLIST -extern const char *h_errlist[]; -extern int h_nerr; -#endif - -#endif - -const char * ROKEN_LIB_FUNCTION -hstrerror(int herr) -{ - if (0 <= herr && herr < h_nerr) - return h_errlist[herr]; - else if(herr == -17) - return "unknown error"; - else - return "Error number out of range (hstrerror)"; -} - -#endif diff --git a/crypto/heimdal/lib/roken/ifaddrs.hin b/crypto/heimdal/lib/roken/ifaddrs.hin deleted file mode 100644 index 0951c8cbc1b2..000000000000 --- a/crypto/heimdal/lib/roken/ifaddrs.hin +++ /dev/null @@ -1,77 +0,0 @@ -/* - * Copyright (c) 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: ifaddrs.hin 19309 2006-12-11 18:58:15Z lha $ */ - -#ifndef __ifaddrs_h__ -#define __ifaddrs_h__ - -#ifndef ROKEN_LIB_FUNCTION -#ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall -#else -#define ROKEN_LIB_FUNCTION -#endif -#endif - -/* - * the interface is defined in terms of the fields below, and this is - * sometimes #define'd, so there seems to be no simple way of solving - * this and this seemed the best. */ - -#undef ifa_dstaddr - -struct ifaddrs { - struct ifaddrs *ifa_next; - char *ifa_name; - unsigned int ifa_flags; - struct sockaddr *ifa_addr; - struct sockaddr *ifa_netmask; - struct sockaddr *ifa_dstaddr; - void *ifa_data; -}; - -#ifndef ifa_broadaddr -#define ifa_broadaddr ifa_dstaddr -#endif - -int ROKEN_LIB_FUNCTION -rk_getifaddrs(struct ifaddrs**); - -void ROKEN_LIB_FUNCTION -rk_freeifaddrs(struct ifaddrs*); - -#define getifaddrs(a) rk_getifaddrs(a) -#define freeifaddrs(a) rk_freeifaddrs(a) - -#endif /* __ifaddrs_h__ */ diff --git a/crypto/heimdal/lib/roken/inet_aton.c b/crypto/heimdal/lib/roken/inet_aton.c deleted file mode 100644 index 3010935045f2..000000000000 --- a/crypto/heimdal/lib/roken/inet_aton.c +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: inet_aton.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -/* Minimal implementation of inet_aton. - * Cannot distinguish between failure and a local broadcast address. */ - -int ROKEN_LIB_FUNCTION -inet_aton(const char *cp, struct in_addr *addr) -{ - addr->s_addr = inet_addr(cp); - return (addr->s_addr == INADDR_NONE) ? 0 : 1; -} diff --git a/crypto/heimdal/lib/roken/inet_ntop.c b/crypto/heimdal/lib/roken/inet_ntop.c deleted file mode 100644 index 7433c3725e28..000000000000 --- a/crypto/heimdal/lib/roken/inet_ntop.c +++ /dev/null @@ -1,133 +0,0 @@ -/* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: inet_ntop.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include "roken.h" - -/* - * - */ - -static const char * -inet_ntop_v4 (const void *src, char *dst, size_t size) -{ - const char digits[] = "0123456789"; - int i; - struct in_addr *addr = (struct in_addr *)src; - u_long a = ntohl(addr->s_addr); - const char *orig_dst = dst; - - if (size < INET_ADDRSTRLEN) { - errno = ENOSPC; - return NULL; - } - for (i = 0; i < 4; ++i) { - int n = (a >> (24 - i * 8)) & 0xFF; - int non_zerop = 0; - - if (non_zerop || n / 100 > 0) { - *dst++ = digits[n / 100]; - n %= 100; - non_zerop = 1; - } - if (non_zerop || n / 10 > 0) { - *dst++ = digits[n / 10]; - n %= 10; - non_zerop = 1; - } - *dst++ = digits[n]; - if (i != 3) - *dst++ = '.'; - } - *dst++ = '\0'; - return orig_dst; -} - -#ifdef HAVE_IPV6 -static const char * -inet_ntop_v6 (const void *src, char *dst, size_t size) -{ - const char xdigits[] = "0123456789abcdef"; - int i; - const struct in6_addr *addr = (struct in6_addr *)src; - const u_char *ptr = addr->s6_addr; - const char *orig_dst = dst; - - if (size < INET6_ADDRSTRLEN) { - errno = ENOSPC; - return NULL; - } - for (i = 0; i < 8; ++i) { - int non_zerop = 0; - - if (non_zerop || (ptr[0] >> 4)) { - *dst++ = xdigits[ptr[0] >> 4]; - non_zerop = 1; - } - if (non_zerop || (ptr[0] & 0x0F)) { - *dst++ = xdigits[ptr[0] & 0x0F]; - non_zerop = 1; - } - if (non_zerop || (ptr[1] >> 4)) { - *dst++ = xdigits[ptr[1] >> 4]; - non_zerop = 1; - } - *dst++ = xdigits[ptr[1] & 0x0F]; - if (i != 7) - *dst++ = ':'; - ptr += 2; - } - *dst++ = '\0'; - return orig_dst; -} -#endif /* HAVE_IPV6 */ - -const char * ROKEN_LIB_FUNCTION -inet_ntop(int af, const void *src, char *dst, size_t size) -{ - switch (af) { - case AF_INET : - return inet_ntop_v4 (src, dst, size); -#ifdef HAVE_IPV6 - case AF_INET6 : - return inet_ntop_v6 (src, dst, size); -#endif - default : - errno = EAFNOSUPPORT; - return NULL; - } -} diff --git a/crypto/heimdal/lib/roken/inet_pton.c b/crypto/heimdal/lib/roken/inet_pton.c deleted file mode 100644 index 390233a72d01..000000000000 --- a/crypto/heimdal/lib/roken/inet_pton.c +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: inet_pton.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include "roken.h" - -int ROKEN_LIB_FUNCTION -inet_pton(int af, const char *src, void *dst) -{ - if (af != AF_INET) { - errno = EAFNOSUPPORT; - return -1; - } - return inet_aton (src, dst); -} diff --git a/crypto/heimdal/lib/roken/initgroups.c b/crypto/heimdal/lib/roken/initgroups.c deleted file mode 100644 index f326e5f1fd2d..000000000000 --- a/crypto/heimdal/lib/roken/initgroups.c +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: initgroups.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -int ROKEN_LIB_FUNCTION -initgroups(const char *name, gid_t basegid) -{ - return 0; -} diff --git a/crypto/heimdal/lib/roken/innetgr.c b/crypto/heimdal/lib/roken/innetgr.c deleted file mode 100644 index 598bad21c2ac..000000000000 --- a/crypto/heimdal/lib/roken/innetgr.c +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -#ifndef HAVE_INNETGR - -RCSID("$Id: innetgr.c 14773 2005-04-12 11:29:18Z lha $"); - -int ROKEN_LIB_FUNCTION -innetgr(const char *netgroup, const char *machine, - const char *user, const char *domain) -{ - return 0; -} -#endif - diff --git a/crypto/heimdal/lib/roken/install-sh b/crypto/heimdal/lib/roken/install-sh deleted file mode 100755 index e9de23842dcd..000000000000 --- a/crypto/heimdal/lib/roken/install-sh +++ /dev/null @@ -1,251 +0,0 @@ -#!/bin/sh -# -# install - install a program, script, or datafile -# This comes from X11R5 (mit/util/scripts/install.sh). -# -# Copyright 1991 by the Massachusetts Institute of Technology -# -# Permission to use, copy, modify, distribute, and sell this software and its -# documentation for any purpose is hereby granted without fee, provided that -# the above copyright notice appear in all copies and that both that -# copyright notice and this permission notice appear in supporting -# documentation, and that the name of M.I.T. not be used in advertising or -# publicity pertaining to distribution of the software without specific, -# written prior permission. M.I.T. makes no representations about the -# suitability of this software for any purpose. It is provided "as is" -# without express or implied warranty. -# -# Calling this script install-sh is preferred over install.sh, to prevent -# `make' implicit rules from creating a file called install from it -# when there is no Makefile. -# -# This script is compatible with the BSD install script, but was written -# from scratch. It can only install one file at a time, a restriction -# shared with many OS's install programs. - - -# set DOITPROG to echo to test this script - -# Don't use :- since 4.3BSD and earlier shells don't like it. -doit="${DOITPROG-}" - - -# put in absolute paths if you don't have them in your path; or use env. vars. - -mvprog="${MVPROG-mv}" -cpprog="${CPPROG-cp}" -chmodprog="${CHMODPROG-chmod}" -chownprog="${CHOWNPROG-chown}" -chgrpprog="${CHGRPPROG-chgrp}" -stripprog="${STRIPPROG-strip}" -rmprog="${RMPROG-rm}" -mkdirprog="${MKDIRPROG-mkdir}" - -transformbasename="" -transform_arg="" -instcmd="$mvprog" -chmodcmd="$chmodprog 0755" -chowncmd="" -chgrpcmd="" -stripcmd="" -rmcmd="$rmprog -f" -mvcmd="$mvprog" -src="" -dst="" -dir_arg="" - -while [ x"$1" != x ]; do - case $1 in - -c) instcmd="$cpprog" - shift - continue;; - - -d) dir_arg=true - shift - continue;; - - -m) chmodcmd="$chmodprog $2" - shift - shift - continue;; - - -o) chowncmd="$chownprog $2" - shift - shift - continue;; - - -g) chgrpcmd="$chgrpprog $2" - shift - shift - continue;; - - -s) stripcmd="$stripprog" - shift - continue;; - - -t=*) transformarg=`echo $1 | sed 's/-t=//'` - shift - continue;; - - -b=*) transformbasename=`echo $1 | sed 's/-b=//'` - shift - continue;; - - *) if [ x"$src" = x ] - then - src=$1 - else - # this colon is to work around a 386BSD /bin/sh bug - : - dst=$1 - fi - shift - continue;; - esac -done - -if [ x"$src" = x ] -then - echo "install: no input file specified" - exit 1 -else - true -fi - -if [ x"$dir_arg" != x ]; then - dst=$src - src="" - - if [ -d $dst ]; then - instcmd=: - chmodcmd="" - else - instcmd=mkdir - fi -else - -# Waiting for this to be detected by the "$instcmd $src $dsttmp" command -# might cause directories to be created, which would be especially bad -# if $src (and thus $dsttmp) contains '*'. - - if [ -f $src -o -d $src ] - then - true - else - echo "install: $src does not exist" - exit 1 - fi - - if [ x"$dst" = x ] - then - echo "install: no destination specified" - exit 1 - else - true - fi - -# If destination is a directory, append the input filename; if your system -# does not like double slashes in filenames, you may need to add some logic - - if [ -d $dst ] - then - dst="$dst"/`basename $src` - else - true - fi -fi - -## this sed command emulates the dirname command -dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'` - -# Make sure that the destination directory exists. -# this part is taken from Noah Friedman's mkinstalldirs script - -# Skip lots of stat calls in the usual case. -if [ ! -d "$dstdir" ]; then -defaultIFS=' -' -IFS="${IFS-${defaultIFS}}" - -oIFS="${IFS}" -# Some sh's can't handle IFS=/ for some reason. -IFS='%' -set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'` -IFS="${oIFS}" - -pathcomp='' - -while [ $# -ne 0 ] ; do - pathcomp="${pathcomp}${1}" - shift - - if [ ! -d "${pathcomp}" ] ; - then - $mkdirprog "${pathcomp}" - else - true - fi - - pathcomp="${pathcomp}/" -done -fi - -if [ x"$dir_arg" != x ] -then - $doit $instcmd $dst && - - if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi && - if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi && - if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi && - if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi -else - -# If we're going to rename the final executable, determine the name now. - - if [ x"$transformarg" = x ] - then - dstfile=`basename $dst` - else - dstfile=`basename $dst $transformbasename | - sed $transformarg`$transformbasename - fi - -# don't allow the sed command to completely eliminate the filename - - if [ x"$dstfile" = x ] - then - dstfile=`basename $dst` - else - true - fi - -# Make a temp file name in the proper directory. - - dsttmp=$dstdir/#inst.$$# - -# Move or copy the file name to the temp name - - $doit $instcmd $src $dsttmp && - - trap "rm -f ${dsttmp}" 0 && - -# and set any options; do chmod last to preserve setuid bits - -# If any of these fail, we abort the whole thing. If we want to -# ignore errors from any of these, just make sure not to ignore -# errors from the above "$doit $instcmd $src $dsttmp" command. - - if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi && - if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi && - if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi && - if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi && - -# Now rename the file to the real destination. - - $doit $rmcmd -f $dstdir/$dstfile && - $doit $mvcmd $dsttmp $dstdir/$dstfile - -fi && - - -exit 0 diff --git a/crypto/heimdal/lib/roken/iruserok.c b/crypto/heimdal/lib/roken/iruserok.c deleted file mode 100644 index ca93e1cc5eb5..000000000000 --- a/crypto/heimdal/lib/roken/iruserok.c +++ /dev/null @@ -1,284 +0,0 @@ -/* - * Copyright (c) 1983, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: iruserok.c 17879 2006-08-08 21:50:40Z lha $"); -#endif - -#include -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif -#ifdef HAVE_RPCSVC_YPCLNT_H -#include -#endif - -#include "roken.h" - -int __check_rhosts_file = 1; -char *__rcmd_errstr = 0; - -/* - * Returns "true" if match, 0 if no match. - */ -static -int -__icheckhost(unsigned raddr, const char *lhost) -{ - struct hostent *hp; - u_long laddr; - char **pp; - - /* Try for raw ip address first. */ - if (isdigit((unsigned char)*lhost) - && (long)(laddr = inet_addr(lhost)) != -1) - return (raddr == laddr); - - /* Better be a hostname. */ - if ((hp = gethostbyname(lhost)) == NULL) - return (0); - - /* Spin through ip addresses. */ - for (pp = hp->h_addr_list; *pp; ++pp) - if (memcmp(&raddr, *pp, sizeof(u_long)) == 0) - return (1); - - /* No match. */ - return (0); -} - -/* - * Returns 0 if ok, -1 if not ok. - */ -static -int -__ivaliduser(FILE *hostf, unsigned raddr, const char *luser, - const char *ruser) -{ - char *user, *p; - int ch; - char buf[MaxHostNameLen + 128]; /* host + login */ - char hname[MaxHostNameLen]; - struct hostent *hp; - /* Presumed guilty until proven innocent. */ - int userok = 0, hostok = 0; -#ifdef HAVE_YP_GET_DEFAULT_DOMAIN - char *ypdomain; - - if (yp_get_default_domain(&ypdomain)) - ypdomain = NULL; -#else -#define ypdomain NULL -#endif - /* We need to get the damn hostname back for netgroup matching. */ - if ((hp = gethostbyaddr((char *)&raddr, - sizeof(u_long), - AF_INET)) == NULL) - return (-1); - strlcpy(hname, hp->h_name, sizeof(hname)); - - while (fgets(buf, sizeof(buf), hostf)) { - p = buf; - /* Skip lines that are too long. */ - if (strchr(p, '\n') == NULL) { - while ((ch = getc(hostf)) != '\n' && ch != EOF); - continue; - } - if (*p == '\n' || *p == '#') { - /* comment... */ - continue; - } - while (*p != '\n' && *p != ' ' && *p != '\t' && *p != '\0') { - if (isupper((unsigned char)*p)) - *p = tolower((unsigned char)*p); - p++; - } - if (*p == ' ' || *p == '\t') { - *p++ = '\0'; - while (*p == ' ' || *p == '\t') - p++; - user = p; - while (*p != '\n' && *p != ' ' && - *p != '\t' && *p != '\0') - p++; - } else - user = p; - *p = '\0'; - /* - * Do +/- and +@/-@ checking. This looks really nasty, - * but it matches SunOS's behavior so far as I can tell. - */ - switch(buf[0]) { - case '+': - if (!buf[1]) { /* '+' matches all hosts */ - hostok = 1; - break; - } - if (buf[1] == '@') /* match a host by netgroup */ - hostok = innetgr((char *)&buf[2], - (char *)&hname, NULL, ypdomain); - else /* match a host by addr */ - hostok = __icheckhost(raddr,(char *)&buf[1]); - break; - case '-': /* reject '-' hosts and all their users */ - if (buf[1] == '@') { - if (innetgr((char *)&buf[2], - (char *)&hname, NULL, ypdomain)) - return(-1); - } else { - if (__icheckhost(raddr,(char *)&buf[1])) - return(-1); - } - break; - default: /* if no '+' or '-', do a simple match */ - hostok = __icheckhost(raddr, buf); - break; - } - switch(*user) { - case '+': - if (!*(user+1)) { /* '+' matches all users */ - userok = 1; - break; - } - if (*(user+1) == '@') /* match a user by netgroup */ - userok = innetgr(user+2, NULL, (char *)ruser, - ypdomain); - else /* match a user by direct specification */ - userok = !(strcmp(ruser, user+1)); - break; - case '-': /* if we matched a hostname, */ - if (hostok) { /* check for user field rejections */ - if (!*(user+1)) - return(-1); - if (*(user+1) == '@') { - if (innetgr(user+2, NULL, - (char *)ruser, ypdomain)) - return(-1); - } else { - if (!strcmp(ruser, user+1)) - return(-1); - } - } - break; - default: /* no rejections: try to match the user */ - if (hostok) - userok = !(strcmp(ruser,*user ? user : luser)); - break; - } - if (hostok && userok) - return(0); - } - return (-1); -} - -/* - * New .rhosts strategy: We are passed an ip address. We spin through - * hosts.equiv and .rhosts looking for a match. When the .rhosts only - * has ip addresses, we don't have to trust a nameserver. When it - * contains hostnames, we spin through the list of addresses the nameserver - * gives us and look for a match. - * - * Returns 0 if ok, -1 if not ok. - */ -int ROKEN_LIB_FUNCTION -iruserok(unsigned raddr, int superuser, const char *ruser, const char *luser) -{ - char *cp; - struct stat sbuf; - struct passwd *pwd; - FILE *hostf; - uid_t uid; - int first; - char pbuf[MaxPathLen]; - - first = 1; - hostf = superuser ? NULL : fopen(_PATH_HEQUIV, "r"); -again: - if (hostf) { - if (__ivaliduser(hostf, raddr, luser, ruser) == 0) { - fclose(hostf); - return (0); - } - fclose(hostf); - } - if (first == 1 && (__check_rhosts_file || superuser)) { - first = 0; - if ((pwd = k_getpwnam((char*)luser)) == NULL) - return (-1); - snprintf (pbuf, sizeof(pbuf), "%s/.rhosts", pwd->pw_dir); - - /* - * Change effective uid while opening .rhosts. If root and - * reading an NFS mounted file system, can't read files that - * are protected read/write owner only. - */ - uid = geteuid(); - if (seteuid(pwd->pw_uid) < 0) - return (-1); - hostf = fopen(pbuf, "r"); - seteuid(uid); - - if (hostf == NULL) - return (-1); - /* - * If not a regular file, or is owned by someone other than - * user or root or if writeable by anyone but the owner, quit. - */ - cp = NULL; - if (lstat(pbuf, &sbuf) < 0) - cp = ".rhosts lstat failed"; - else if (!S_ISREG(sbuf.st_mode)) - cp = ".rhosts not regular file"; - else if (fstat(fileno(hostf), &sbuf) < 0) - cp = ".rhosts fstat failed"; - else if (sbuf.st_uid && sbuf.st_uid != pwd->pw_uid) - cp = "bad .rhosts owner"; - else if (sbuf.st_mode & (S_IWGRP|S_IWOTH)) - cp = ".rhosts writeable by other than owner"; - /* If there were any problems, quit. */ - if (cp) { - __rcmd_errstr = cp; - fclose(hostf); - return (-1); - } - goto again; - } - return (-1); -} diff --git a/crypto/heimdal/lib/roken/issuid.c b/crypto/heimdal/lib/roken/issuid.c deleted file mode 100644 index 46bde77b7854..000000000000 --- a/crypto/heimdal/lib/roken/issuid.c +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: issuid.c 15131 2005-05-13 07:42:03Z lha $"); -#endif - -#include "roken.h" - -int ROKEN_LIB_FUNCTION -issuid(void) -{ -#if defined(HAVE_ISSETUGID) - return issetugid(); -#else /* !HAVE_ISSETUGID */ - -#if defined(HAVE_GETUID) && defined(HAVE_GETEUID) - if(getuid() != geteuid()) - return 1; -#endif -#if defined(HAVE_GETGID) && defined(HAVE_GETEGID) - if(getgid() != getegid()) - return 2; -#endif - - return 0; -#endif /* HAVE_ISSETUGID */ -} diff --git a/crypto/heimdal/lib/roken/k_getpwnam.c b/crypto/heimdal/lib/roken/k_getpwnam.c deleted file mode 100644 index 81eba2869206..000000000000 --- a/crypto/heimdal/lib/roken/k_getpwnam.c +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: k_getpwnam.c 14773 2005-04-12 11:29:18Z lha $"); -#endif /* HAVE_CONFIG_H */ - -#include "roken.h" -#ifdef HAVE_SHADOW_H -#include -#endif - -struct passwd * ROKEN_LIB_FUNCTION -k_getpwnam (const char *user) -{ - struct passwd *p; - - p = getpwnam (user); -#if defined(HAVE_GETSPNAM) && defined(HAVE_STRUCT_SPWD) - if(p) - { - struct spwd *spwd; - - spwd = getspnam (user); - if (spwd) - p->pw_passwd = spwd->sp_pwdp; - endspent (); - } -#else - endpwent (); -#endif - return p; -} diff --git a/crypto/heimdal/lib/roken/k_getpwuid.c b/crypto/heimdal/lib/roken/k_getpwuid.c deleted file mode 100644 index 7fe03b98f8cf..000000000000 --- a/crypto/heimdal/lib/roken/k_getpwuid.c +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: k_getpwuid.c 14773 2005-04-12 11:29:18Z lha $"); -#endif /* HAVE_CONFIG_H */ - -#include "roken.h" -#ifdef HAVE_SHADOW_H -#include -#endif - -struct passwd * ROKEN_LIB_FUNCTION -k_getpwuid (uid_t uid) -{ - struct passwd *p; - - p = getpwuid (uid); -#if defined(HAVE_GETSPNAM) && defined(HAVE_STRUCT_SPWD) - if (p) - { - struct spwd *spwd; - - spwd = getspnam (p->pw_name); - if (spwd) - p->pw_passwd = spwd->sp_pwdp; - endspent (); - } -#else - endpwent (); -#endif - return p; -} diff --git a/crypto/heimdal/lib/roken/localtime_r.c b/crypto/heimdal/lib/roken/localtime_r.c deleted file mode 100644 index ad515c146566..000000000000 --- a/crypto/heimdal/lib/roken/localtime_r.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: localtime_r.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include -#include -#include "roken.h" - -#ifndef HAVE_LOCALTIME_R - -struct tm * ROKEN_LIB_FUNCTION -localtime_r(const time_t *timer, struct tm *result) -{ - struct tm *tm; - - tm = localtime((time_t *)timer); - if (tm == NULL) - return NULL; - *result = *tm; - return result; -} - -#endif diff --git a/crypto/heimdal/lib/roken/lstat.c b/crypto/heimdal/lib/roken/lstat.c deleted file mode 100644 index 9357e1234587..000000000000 --- a/crypto/heimdal/lib/roken/lstat.c +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: lstat.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -int ROKEN_LIB_FUNCTION -lstat(const char *path, struct stat *buf) -{ - return stat(path, buf); -} diff --git a/crypto/heimdal/lib/roken/memmove.c b/crypto/heimdal/lib/roken/memmove.c deleted file mode 100644 index 5f78ac293fdd..000000000000 --- a/crypto/heimdal/lib/roken/memmove.c +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: memmove.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -/* - * memmove for systems that doesn't have it - */ - -#ifdef HAVE_SYS_TYPES_H -#include -#endif - -void* ROKEN_LIB_FUNCTION -memmove(void *s1, const void *s2, size_t n) -{ - char *s=(char*)s2, *d=(char*)s1; - - if(d > s){ - s+=n-1; - d+=n-1; - while(n){ - *d--=*s--; - n--; - } - }else if(d < s) - while(n){ - *d++=*s++; - n--; - } - return s1; -} diff --git a/crypto/heimdal/lib/roken/mini_inetd.c b/crypto/heimdal/lib/roken/mini_inetd.c deleted file mode 100644 index 9eb114d74e7f..000000000000 --- a/crypto/heimdal/lib/roken/mini_inetd.c +++ /dev/null @@ -1,148 +0,0 @@ -/* - * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: mini_inetd.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include -#include "roken.h" - -/* - * accept a connection on `s' and pretend it's served by inetd. - */ - -static void -accept_it (int s) -{ - int s2; - - s2 = accept(s, NULL, NULL); - if(s2 < 0) - err (1, "accept"); - close(s); - dup2(s2, STDIN_FILENO); - dup2(s2, STDOUT_FILENO); - /* dup2(s2, STDERR_FILENO); */ - close(s2); -} - -/* - * Listen on a specified port, emulating inetd. - */ - -void ROKEN_LIB_FUNCTION -mini_inetd_addrinfo (struct addrinfo *ai) -{ - int ret; - struct addrinfo *a; - int n, nalloc, i; - int *fds; - fd_set orig_read_set, read_set; - int max_fd = -1; - - for (nalloc = 0, a = ai; a != NULL; a = a->ai_next) - ++nalloc; - - fds = malloc (nalloc * sizeof(*fds)); - if (fds == NULL) - errx (1, "mini_inetd: out of memory"); - - FD_ZERO(&orig_read_set); - - for (i = 0, a = ai; a != NULL; a = a->ai_next) { - fds[i] = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (fds[i] < 0) { - warn ("socket af = %d", a->ai_family); - continue; - } - socket_set_reuseaddr (fds[i], 1); - if (bind (fds[i], a->ai_addr, a->ai_addrlen) < 0) { - warn ("bind af = %d", a->ai_family); - close(fds[i]); - continue; - } - if (listen (fds[i], SOMAXCONN) < 0) { - warn ("listen af = %d", a->ai_family); - close(fds[i]); - continue; - } - if (fds[i] >= FD_SETSIZE) - errx (1, "fd too large"); - FD_SET(fds[i], &orig_read_set); - max_fd = max(max_fd, fds[i]); - ++i; - } - if (i == 0) - errx (1, "no sockets"); - n = i; - - do { - read_set = orig_read_set; - - ret = select (max_fd + 1, &read_set, NULL, NULL, NULL); - if (ret < 0 && errno != EINTR) - err (1, "select"); - } while (ret <= 0); - - for (i = 0; i < n; ++i) - if (FD_ISSET (fds[i], &read_set)) { - accept_it (fds[i]); - return; - } - abort (); -} - -void ROKEN_LIB_FUNCTION -mini_inetd (int port) -{ - int error; - struct addrinfo *ai, hints; - char portstr[NI_MAXSERV]; - - memset (&hints, 0, sizeof(hints)); - hints.ai_flags = AI_PASSIVE; - hints.ai_socktype = SOCK_STREAM; - hints.ai_family = PF_UNSPEC; - - snprintf (portstr, sizeof(portstr), "%d", ntohs(port)); - - error = getaddrinfo (NULL, portstr, &hints, &ai); - if (error) - errx (1, "getaddrinfo: %s", gai_strerror (error)); - - mini_inetd_addrinfo(ai); - - freeaddrinfo(ai); -} diff --git a/crypto/heimdal/lib/roken/missing b/crypto/heimdal/lib/roken/missing deleted file mode 100755 index 7789652e877f..000000000000 --- a/crypto/heimdal/lib/roken/missing +++ /dev/null @@ -1,190 +0,0 @@ -#! /bin/sh -# Common stub for a few missing GNU programs while installing. -# Copyright (C) 1996, 1997 Free Software Foundation, Inc. -# Franc,ois Pinard , 1996. - -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA -# 02111-1307, USA. - -if test $# -eq 0; then - echo 1>&2 "Try \`$0 --help' for more information" - exit 1 -fi - -case "$1" in - - -h|--h|--he|--hel|--help) - echo "\ -$0 [OPTION]... PROGRAM [ARGUMENT]... - -Handle \`PROGRAM [ARGUMENT]...' for when PROGRAM is missing, or return an -error status if there is no known handling for PROGRAM. - -Options: - -h, --help display this help and exit - -v, --version output version information and exit - -Supported PROGRAM values: - aclocal touch file \`aclocal.m4' - autoconf touch file \`configure' - autoheader touch file \`config.h.in' - automake touch all \`Makefile.in' files - bison create \`y.tab.[ch]', if possible, from existing .[ch] - flex create \`lex.yy.c', if possible, from existing .c - lex create \`lex.yy.c', if possible, from existing .c - makeinfo touch the output file - yacc create \`y.tab.[ch]', if possible, from existing .[ch]" - ;; - - -v|--v|--ve|--ver|--vers|--versi|--versio|--version) - echo "missing - GNU libit 0.0" - ;; - - -*) - echo 1>&2 "$0: Unknown \`$1' option" - echo 1>&2 "Try \`$0 --help' for more information" - exit 1 - ;; - - aclocal) - echo 1>&2 "\ -WARNING: \`$1' is missing on your system. You should only need it if - you modified \`acinclude.m4' or \`configure.in'. You might want - to install the \`Automake' and \`Perl' packages. Grab them from - any GNU archive site." - touch aclocal.m4 - ;; - - autoconf) - echo 1>&2 "\ -WARNING: \`$1' is missing on your system. You should only need it if - you modified \`configure.in'. You might want to install the - \`Autoconf' and \`GNU m4' packages. Grab them from any GNU - archive site." - touch configure - ;; - - autoheader) - echo 1>&2 "\ -WARNING: \`$1' is missing on your system. You should only need it if - you modified \`acconfig.h' or \`configure.in'. You might want - to install the \`Autoconf' and \`GNU m4' packages. Grab them - from any GNU archive site." - files=`sed -n 's/^[ ]*A[CM]_CONFIG_HEADER(\([^)]*\)).*/\1/p' configure.in` - test -z "$files" && files="config.h" - touch_files= - for f in $files; do - case "$f" in - *:*) touch_files="$touch_files "`echo "$f" | - sed -e 's/^[^:]*://' -e 's/:.*//'`;; - *) touch_files="$touch_files $f.in";; - esac - done - touch $touch_files - ;; - - automake) - echo 1>&2 "\ -WARNING: \`$1' is missing on your system. You should only need it if - you modified \`Makefile.am', \`acinclude.m4' or \`configure.in'. - You might want to install the \`Automake' and \`Perl' packages. - Grab them from any GNU archive site." - find . -type f -name Makefile.am -print | - sed 's/\.am$/.in/' | - while read f; do touch "$f"; done - ;; - - bison|yacc) - echo 1>&2 "\ -WARNING: \`$1' is missing on your system. You should only need it if - you modified a \`.y' file. You may need the \`Bison' package - in order for those modifications to take effect. You can get - \`Bison' from any GNU archive site." - rm -f y.tab.c y.tab.h - if [ $# -ne 1 ]; then - eval LASTARG="\${$#}" - case "$LASTARG" in - *.y) - SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'` - if [ -f "$SRCFILE" ]; then - cp "$SRCFILE" y.tab.c - fi - SRCFILE=`echo "$LASTARG" | sed 's/y$/h/'` - if [ -f "$SRCFILE" ]; then - cp "$SRCFILE" y.tab.h - fi - ;; - esac - fi - if [ ! -f y.tab.h ]; then - echo >y.tab.h - fi - if [ ! -f y.tab.c ]; then - echo 'main() { return 0; }' >y.tab.c - fi - ;; - - lex|flex) - echo 1>&2 "\ -WARNING: \`$1' is missing on your system. You should only need it if - you modified a \`.l' file. You may need the \`Flex' package - in order for those modifications to take effect. You can get - \`Flex' from any GNU archive site." - rm -f lex.yy.c - if [ $# -ne 1 ]; then - eval LASTARG="\${$#}" - case "$LASTARG" in - *.l) - SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'` - if [ -f "$SRCFILE" ]; then - cp "$SRCFILE" lex.yy.c - fi - ;; - esac - fi - if [ ! -f lex.yy.c ]; then - echo 'main() { return 0; }' >lex.yy.c - fi - ;; - - makeinfo) - echo 1>&2 "\ -WARNING: \`$1' is missing on your system. You should only need it if - you modified a \`.texi' or \`.texinfo' file, or any other file - indirectly affecting the aspect of the manual. The spurious - call might also be the consequence of using a buggy \`make' (AIX, - DU, IRIX). You might want to install the \`Texinfo' package or - the \`GNU make' package. Grab either from any GNU archive site." - file=`echo "$*" | sed -n 's/.*-o \([^ ]*\).*/\1/p'` - if test -z "$file"; then - file=`echo "$*" | sed 's/.* \([^ ]*\) *$/\1/'` - file=`sed -n '/^@setfilename/ { s/.* \([^ ]*\) *$/\1/; p; q; }' $file` - fi - touch $file - ;; - - *) - echo 1>&2 "\ -WARNING: \`$1' is needed, and you do not seem to have it handy on your - system. You might have modified some files without having the - proper tools for further handling them. Check the \`README' file, - it often tells you about the needed prerequirements for installing - this package. You may also peek at any GNU archive site, in case - some other package would contain this missing \`$1' program." - exit 1 - ;; -esac - -exit 0 diff --git a/crypto/heimdal/lib/roken/mkinstalldirs b/crypto/heimdal/lib/roken/mkinstalldirs deleted file mode 100755 index 6b3b5fc5d4d3..000000000000 --- a/crypto/heimdal/lib/roken/mkinstalldirs +++ /dev/null @@ -1,40 +0,0 @@ -#! /bin/sh -# mkinstalldirs --- make directory hierarchy -# Author: Noah Friedman -# Created: 1993-05-16 -# Public domain - -# $Id$ - -errstatus=0 - -for file -do - set fnord `echo ":$file" | sed -ne 's/^:\//#/;s/^://;s/\// /g;s/^#/\//;p'` - shift - - pathcomp= - for d - do - pathcomp="$pathcomp$d" - case "$pathcomp" in - -* ) pathcomp=./$pathcomp ;; - esac - - if test ! -d "$pathcomp"; then - echo "mkdir $pathcomp" - - mkdir "$pathcomp" || lasterr=$? - - if test ! -d "$pathcomp"; then - errstatus=$lasterr - fi - fi - - pathcomp="$pathcomp/" - done -done - -exit $errstatus - -# mkinstalldirs ends here diff --git a/crypto/heimdal/lib/roken/mkstemp.c b/crypto/heimdal/lib/roken/mkstemp.c deleted file mode 100644 index ccb2e700b895..000000000000 --- a/crypto/heimdal/lib/roken/mkstemp.c +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif -#include - -RCSID("$Id: mkstemp.c 14773 2005-04-12 11:29:18Z lha $"); - -#ifndef HAVE_MKSTEMP - -int ROKEN_LIB_FUNCTION -mkstemp(char *template) -{ - int start, i; - pid_t val; - val = getpid(); - start = strlen(template) - 1; - while(template[start] == 'X') { - template[start] = '0' + val % 10; - val /= 10; - start--; - } - - do{ - int fd; - fd = open(template, O_RDWR | O_CREAT | O_EXCL, 0600); - if(fd >= 0 || errno != EEXIST) - return fd; - i = start + 1; - do{ - if(template[i] == 0) - return -1; - template[i]++; - if(template[i] == '9' + 1) - template[i] = 'a'; - if(template[i] <= 'z') - break; - template[i] = 'a'; - i++; - }while(1); - }while(1); -} - -#endif diff --git a/crypto/heimdal/lib/roken/ndbm_wrap.c b/crypto/heimdal/lib/roken/ndbm_wrap.c deleted file mode 100644 index 8bc5d93e48fe..000000000000 --- a/crypto/heimdal/lib/roken/ndbm_wrap.c +++ /dev/null @@ -1,221 +0,0 @@ -/* - * Copyright (c) 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: ndbm_wrap.c 21634 2007-07-17 11:30:36Z lha $"); -#endif - -#include "ndbm_wrap.h" -#if defined(HAVE_DB4_DB_H) -#include -#elif defined(HAVE_DB3_DB_H) -#include -#else -#include -#endif - -#include -#include -#include -#include - -/* XXX undefine open so this works on Solaris with large file support */ -#undef open - -#define DBT2DATUM(DBT, DATUM) do { (DATUM)->dptr = (DBT)->data; (DATUM)->dsize = (DBT)->size; } while(0) -#define DATUM2DBT(DATUM, DBT) do { (DBT)->data = (DATUM)->dptr; (DBT)->size = (DATUM)->dsize; } while(0) -#define RETURN(X) return ((X) == 0) ? 0 : -1 - -#ifdef HAVE_DB3 -static DBC *cursor; -#endif - -#define D(X) ((DB*)(X)) - -void ROKEN_LIB_FUNCTION -dbm_close (DBM *db) -{ -#ifdef HAVE_DB3 - D(db)->close(D(db), 0); - cursor = NULL; -#else - D(db)->close(D(db)); -#endif -} - -int ROKEN_LIB_FUNCTION -dbm_delete (DBM *db, datum dkey) -{ - DBT key; - DATUM2DBT(&dkey, &key); -#ifdef HAVE_DB3 - RETURN(D(db)->del(D(db), NULL, &key, 0)); -#else - RETURN(D(db)->del(D(db), &key, 0)); -#endif -} - -datum -dbm_fetch (DBM *db, datum dkey) -{ - datum dvalue; - DBT key, value; - DATUM2DBT(&dkey, &key); - if(D(db)->get(D(db), -#ifdef HAVE_DB3 - NULL, -#endif - &key, &value, 0) != 0) { - dvalue.dptr = NULL; - dvalue.dsize = 0; - } - else - DBT2DATUM(&value, &dvalue); - - return dvalue; -} - -static datum -dbm_get (DB *db, int flags) -{ - DBT key, value; - datum datum; -#ifdef HAVE_DB3 - if(cursor == NULL) - db->cursor(db, NULL, &cursor, 0); - if(cursor->c_get(cursor, &key, &value, flags) != 0) { - datum.dptr = NULL; - datum.dsize = 0; - } else - DBT2DATUM(&value, &datum); -#else - db->seq(db, &key, &value, flags); -#endif - return datum; -} - -#ifndef DB_FIRST -#define DB_FIRST R_FIRST -#define DB_NEXT R_NEXT -#define DB_NOOVERWRITE R_NOOVERWRITE -#define DB_KEYEXIST 1 -#endif - -datum ROKEN_LIB_FUNCTION -dbm_firstkey (DBM *db) -{ - return dbm_get(D(db), DB_FIRST); -} - -datum ROKEN_LIB_FUNCTION -dbm_nextkey (DBM *db) -{ - return dbm_get(D(db), DB_NEXT); -} - -DBM* ROKEN_LIB_FUNCTION -dbm_open (const char *file, int flags, mode_t mode) -{ - DB *db; - int myflags = 0; - char *fn = malloc(strlen(file) + 4); - if(fn == NULL) - return NULL; - strcpy(fn, file); - strcat(fn, ".db"); -#ifdef HAVE_DB3 - if (flags & O_CREAT) - myflags |= DB_CREATE; - - if (flags & O_EXCL) - myflags |= DB_EXCL; - - if (flags & O_RDONLY) - myflags |= DB_RDONLY; - - if (flags & O_TRUNC) - myflags |= DB_TRUNCATE; - if(db_create(&db, NULL, 0) != 0) { - free(fn); - return NULL; - } - -#if (DB_VERSION_MAJOR > 3) && (DB_VERSION_MINOR > 0) - if(db->open(db, NULL, fn, NULL, DB_BTREE, myflags, mode) != 0) { -#else - if(db->open(db, fn, NULL, DB_BTREE, myflags, mode) != 0) { -#endif - free(fn); - db->close(db, 0); - return NULL; - } -#else - db = dbopen(fn, flags, mode, DB_BTREE, NULL); -#endif - free(fn); - return (DBM*)db; -} - -int ROKEN_LIB_FUNCTION -dbm_store (DBM *db, datum dkey, datum dvalue, int flags) -{ - int ret; - DBT key, value; - int myflags = 0; - if((flags & DBM_REPLACE) == 0) - myflags |= DB_NOOVERWRITE; - DATUM2DBT(&dkey, &key); - DATUM2DBT(&dvalue, &value); - ret = D(db)->put(D(db), -#ifdef HAVE_DB3 - NULL, -#endif -&key, &value, myflags); - if(ret == DB_KEYEXIST) - return 1; - RETURN(ret); -} - -int ROKEN_LIB_FUNCTION -dbm_error (DBM *db) -{ - return 0; -} - -int ROKEN_LIB_FUNCTION -dbm_clearerr (DBM *db) -{ - return 0; -} - diff --git a/crypto/heimdal/lib/roken/ndbm_wrap.h b/crypto/heimdal/lib/roken/ndbm_wrap.h deleted file mode 100644 index 414940249dba..000000000000 --- a/crypto/heimdal/lib/roken/ndbm_wrap.h +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Copyright (c) 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: ndbm_wrap.h 14773 2005-04-12 11:29:18Z lha $ */ - -#ifndef __ndbm_wrap_h__ -#define __ndbm_wrap_h__ - -#include -#include - -#ifndef ROKEN_LIB_FUNCTION -#ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall -#else -#define ROKEN_LIB_FUNCTION -#endif -#endif - -#ifndef dbm_rename -#define dbm_rename(X) __roken_ ## X -#endif - -#define dbm_open dbm_rename(dbm_open) -#define dbm_close dbm_rename(dbm_close) -#define dbm_delete dbm_rename(dbm_delete) -#define dbm_fetch dbm_rename(dbm_fetch) -#define dbm_get dbm_rename(dbm_get) -#define dbm_firstkey dbm_rename(dbm_firstkey) -#define dbm_nextkey dbm_rename(dbm_nextkey) -#define dbm_store dbm_rename(dbm_store) -#define dbm_error dbm_rename(dbm_error) -#define dbm_clearerr dbm_rename(dbm_clearerr) - -#define datum dbm_rename(datum) - -typedef struct { - void *dptr; - size_t dsize; -} datum; - -#define DBM_REPLACE 1 -typedef struct DBM DBM; - -#if 0 -typedef struct { - int dummy; -} DBM; -#endif - -int ROKEN_LIB_FUNCTION dbm_clearerr (DBM*); -void ROKEN_LIB_FUNCTION dbm_close (DBM*); -int ROKEN_LIB_FUNCTION dbm_delete (DBM*, datum); -int ROKEN_LIB_FUNCTION dbm_error (DBM*); -datum ROKEN_LIB_FUNCTION dbm_fetch (DBM*, datum); -datum ROKEN_LIB_FUNCTION dbm_firstkey (DBM*); -datum ROKEN_LIB_FUNCTION dbm_nextkey (DBM*); -DBM* ROKEN_LIB_FUNCTION dbm_open (const char*, int, mode_t); -int ROKEN_LIB_FUNCTION dbm_store (DBM*, datum, datum, int); - -#endif /* __ndbm_wrap_h__ */ diff --git a/crypto/heimdal/lib/roken/net_read.c b/crypto/heimdal/lib/roken/net_read.c deleted file mode 100644 index effc00112b7d..000000000000 --- a/crypto/heimdal/lib/roken/net_read.c +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: net_read.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include -#include -#include - -#include "roken.h" - -/* - * Like read but never return partial data. - */ - -ssize_t ROKEN_LIB_FUNCTION -net_read (int fd, void *buf, size_t nbytes) -{ - char *cbuf = (char *)buf; - ssize_t count; - size_t rem = nbytes; - - while (rem > 0) { -#ifdef WIN32 - count = recv (fd, cbuf, rem, 0); -#else - count = read (fd, cbuf, rem); -#endif - if (count < 0) { - if (errno == EINTR) - continue; - else - return count; - } else if (count == 0) { - return count; - } - cbuf += count; - rem -= count; - } - return nbytes; -} diff --git a/crypto/heimdal/lib/roken/net_write.c b/crypto/heimdal/lib/roken/net_write.c deleted file mode 100644 index a68317f61247..000000000000 --- a/crypto/heimdal/lib/roken/net_write.c +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: net_write.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include -#include -#include - -#include "roken.h" - -/* - * Like write but never return partial data. - */ - -ssize_t ROKEN_LIB_FUNCTION -net_write (int fd, const void *buf, size_t nbytes) -{ - const char *cbuf = (const char *)buf; - ssize_t count; - size_t rem = nbytes; - - while (rem > 0) { -#ifdef WIN32 - count = send (fd, cbuf, rem, 0); -#else - count = write (fd, cbuf, rem); -#endif - if (count < 0) { - if (errno == EINTR) - continue; - else - return count; - } - cbuf += count; - rem -= count; - } - return nbytes; -} diff --git a/crypto/heimdal/lib/roken/parse_bytes-test.c b/crypto/heimdal/lib/roken/parse_bytes-test.c deleted file mode 100644 index 5e55b307c163..000000000000 --- a/crypto/heimdal/lib/roken/parse_bytes-test.c +++ /dev/null @@ -1,92 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: parse_bytes-test.c 10655 2001-09-04 09:56:00Z assar $"); -#endif - -#include "roken.h" -#include "parse_bytes.h" - -static struct testcase { - int canonicalp; - int val; - const char *def_unit; - const char *str; -} tests[] = { - {0, 0, NULL, "0 bytes"}, - {1, 0, NULL, "0"}, - {0, 1, NULL, "1"}, - {1, 1, NULL, "1 byte"}, - {0, 0, "kilobyte", "0"}, - {0, 1024, "kilobyte", "1"}, - {1, 1024, "kilobyte", "1 kilobyte"}, - {1, 1024 * 1024, NULL, "1 megabyte"}, - {0, 1025, NULL, "1 kilobyte 1"}, - {1, 1025, NULL, "1 kilobyte 1 byte"}, -}; - -int -main(int argc, char **argv) -{ - int i; - int ret = 0; - - for (i = 0; i < sizeof(tests)/sizeof(tests[0]); ++i) { - char buf[256]; - int val = parse_bytes (tests[i].str, tests[i].def_unit); - int len; - - if (val != tests[i].val) { - printf ("parse_bytes (%s, %s) = %d != %d\n", - tests[i].str, - tests[i].def_unit ? tests[i].def_unit : "none", - val, tests[i].val); - ++ret; - } - if (tests[i].canonicalp) { - len = unparse_bytes (tests[i].val, buf, sizeof(buf)); - if (strcmp (tests[i].str, buf) != 0) { - printf ("unparse_bytes (%d) = \"%s\" != \"%s\"\n", - tests[i].val, buf, tests[i].str); - ++ret; - } - } - } - if (ret) { - printf ("%d errors\n", ret); - return 1; - } else - return 0; -} diff --git a/crypto/heimdal/lib/roken/parse_bytes.c b/crypto/heimdal/lib/roken/parse_bytes.c deleted file mode 100644 index 4ab02b41557c..000000000000 --- a/crypto/heimdal/lib/roken/parse_bytes.c +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: parse_bytes.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include -#include "parse_bytes.h" - -static struct units bytes_units[] = { - { "gigabyte", 1024 * 1024 * 1024 }, - { "gbyte", 1024 * 1024 * 1024 }, - { "GB", 1024 * 1024 * 1024 }, - { "megabyte", 1024 * 1024 }, - { "mbyte", 1024 * 1024 }, - { "MB", 1024 * 1024 }, - { "kilobyte", 1024 }, - { "KB", 1024 }, - { "byte", 1 }, - { NULL, 0 } -}; - -static struct units bytes_short_units[] = { - { "GB", 1024 * 1024 * 1024 }, - { "MB", 1024 * 1024 }, - { "KB", 1024 }, - { NULL, 0 } -}; - -int ROKEN_LIB_FUNCTION -parse_bytes (const char *s, const char *def_unit) -{ - return parse_units (s, bytes_units, def_unit); -} - -int ROKEN_LIB_FUNCTION -unparse_bytes (int t, char *s, size_t len) -{ - return unparse_units (t, bytes_units, s, len); -} - -int ROKEN_LIB_FUNCTION -unparse_bytes_short (int t, char *s, size_t len) -{ - return unparse_units_approx (t, bytes_short_units, s, len); -} diff --git a/crypto/heimdal/lib/roken/parse_bytes.h b/crypto/heimdal/lib/roken/parse_bytes.h deleted file mode 100644 index 1998f70736ad..000000000000 --- a/crypto/heimdal/lib/roken/parse_bytes.h +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: parse_bytes.h 14787 2005-04-13 13:19:07Z lha $ */ - -#ifndef __PARSE_BYTES_H__ -#define __PARSE_BYTES_H__ - -#ifndef ROKEN_LIB_FUNCTION -#ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall -#else -#define ROKEN_LIB_FUNCTION -#endif -#endif - -int ROKEN_LIB_FUNCTION -parse_bytes (const char *s, const char *def_unit); - -int ROKEN_LIB_FUNCTION -unparse_bytes (int t, char *s, size_t len); - -int ROKEN_LIB_FUNCTION -unparse_bytes_short (int t, char *s, size_t len); - -#endif /* __PARSE_BYTES_H__ */ diff --git a/crypto/heimdal/lib/roken/parse_reply-test.c b/crypto/heimdal/lib/roken/parse_reply-test.c deleted file mode 100644 index f6342efd7e35..000000000000 --- a/crypto/heimdal/lib/roken/parse_reply-test.c +++ /dev/null @@ -1,129 +0,0 @@ -/* - * Copyright (c) 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: parse_reply-test.c 15287 2005-05-29 21:21:12Z lha $"); -#endif - -#include -#ifdef HAVE_SYS_MMAN_H -#include -#endif -#include - -#include "roken.h" -#include "resolve.h" - -struct dns_reply* -parse_reply(const unsigned char *, size_t); - -enum { MAX_BUF = 36}; - -static struct testcase { - unsigned char buf[MAX_BUF]; - size_t buf_len; -} tests[] = { - {{0x12, 0x67, 0x84, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, - 0x03, 'f', 'o', 'o', 0x00, - 0x00, 0x10, 0x00, 0x01, - 0x03, 'f', 'o', 'o', 0x00, - 0x00, 0x10, 0x00, 0x01, - 0x00, 0x00, 0x12, 0x67, 0xff, 0xff}, 36} -}; - -#ifndef MAP_FAILED -#define MAP_FAILED (-1) -#endif - -static sig_atomic_t val = 0; - -static RETSIGTYPE -segv_handler(int sig) -{ - val = 1; -} - -int -main(int argc, char **argv) -{ -#ifndef HAVE_MMAP - return 77; /* signal to automake that this test - cannot be run */ -#else /* HAVE_MMAP */ - int ret; - int i; - struct sigaction sa; - - sigemptyset (&sa.sa_mask); - sa.sa_flags = 0; - sa.sa_handler = segv_handler; - sigaction (SIGSEGV, &sa, NULL); - - for (i = 0; val == 0 && i < sizeof(tests)/sizeof(tests[0]); ++i) { - const struct testcase *t = &tests[i]; - unsigned char *p1, *p2; - int flags; - int fd; - size_t pagesize = getpagesize(); - unsigned char *buf; - -#ifdef MAP_ANON - flags = MAP_ANON; - fd = -1; -#else - flags = 0; - fd = open ("/dev/zero", O_RDONLY); - if(fd < 0) - err (1, "open /dev/zero"); -#endif - flags |= MAP_PRIVATE; - - p1 = (unsigned char *)mmap(0, 2 * pagesize, PROT_READ | PROT_WRITE, - flags, fd, 0); - if (p1 == (unsigned char *)MAP_FAILED) - err (1, "mmap"); - p2 = p1 + pagesize; - ret = mprotect ((void *)p2, pagesize, 0); - if (ret < 0) - err (1, "mprotect"); - buf = p2 - t->buf_len; - memcpy (buf, t->buf, t->buf_len); - parse_reply (buf, t->buf_len); - ret = munmap ((void *)p1, 2 * pagesize); - if (ret < 0) - err (1, "munmap"); - } - return val; -#endif /* HAVE_MMAP */ -} diff --git a/crypto/heimdal/lib/roken/parse_time-test.c b/crypto/heimdal/lib/roken/parse_time-test.c deleted file mode 100644 index 0ce7063b381f..000000000000 --- a/crypto/heimdal/lib/roken/parse_time-test.c +++ /dev/null @@ -1,118 +0,0 @@ -/* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: parse_time-test.c 15028 2005-04-30 14:48:29Z lha $"); -#endif - -#include "roken.h" -#include "parse_time.h" -#include "test-mem.h" -#include "err.h" - -static struct testcase { - size_t size; - time_t val; - char *str; -} tests[] = { - { 8, 1, "1 second" }, - { 17, 61, "1 minute 1 second" }, - { 18, 62, "1 minute 2 seconds" }, - { 8, 60, "1 minute" }, - { 6, 3600, "1 hour" }, - { 15, 3601, "1 hour 1 second" }, - { 16, 3602, "1 hour 2 seconds" } -}; - -int -main(int argc, char **argv) -{ - size_t sz; - size_t buf_sz; - int i, j; - - for (i = 0; i < sizeof(tests)/sizeof(tests[0]); ++i) { - char *buf; - - sz = unparse_time(tests[i].val, NULL, 0); - if (sz != tests[i].size) - errx(1, "sz (%lu) != tests[%d].size (%lu)", - (unsigned long)sz, i, (unsigned long)tests[i].size); - - for (buf_sz = 0; buf_sz < tests[i].size + 2; buf_sz++) { - - buf = rk_test_mem_alloc(RK_TM_OVERRUN, "overrun", - NULL, buf_sz); - sz = unparse_time(tests[i].val, buf, buf_sz); - if (sz != tests[i].size) - errx(1, "sz (%lu) != tests[%d].size (%lu) with in size %lu", - (unsigned long)sz, i, - (unsigned long)tests[i].size, - (unsigned long)buf_sz); - if (buf_sz > 0 && memcmp(buf, tests[i].str, buf_sz - 1) != 0) - errx(1, "test %i wrong result %s vs %s", i, buf, tests[i].str); - if (buf_sz > 0 && buf[buf_sz - 1] != '\0') - errx(1, "test %i not zero terminated", i); - rk_test_mem_free("overrun"); - - buf = rk_test_mem_alloc(RK_TM_UNDERRUN, "underrun", - NULL, tests[i].size); - sz = unparse_time(tests[i].val, buf, buf_sz); - if (sz != tests[i].size) - errx(1, "sz (%lu) != tests[%d].size (%lu) with insize %lu", - (unsigned long)sz, i, - (unsigned long)tests[i].size, - (unsigned long)buf_sz); - if (buf_sz > 0 && strncmp(buf, tests[i].str, buf_sz - 1) != 0) - errx(1, "test %i wrong result %s vs %s", i, buf, tests[i].str); - if (buf_sz > 0 && buf[buf_sz - 1] != '\0') - errx(1, "test %i not zero terminated", i); - rk_test_mem_free("underrun"); - } - buf = rk_test_mem_alloc(RK_TM_OVERRUN, "overrun", - tests[i].str, tests[i].size + 1); - j = parse_time(buf, "s"); - if (j != tests[i].val) - errx(1, "parse_time failed for test %d", i); - rk_test_mem_free("overrun"); - - buf = rk_test_mem_alloc(RK_TM_UNDERRUN, "underrun", - tests[i].str, tests[i].size + 1); - j = parse_time(buf, "s"); - if (j != tests[i].val) - errx(1, "parse_time failed for test %d", i); - rk_test_mem_free("underrun"); - } - return 0; -} diff --git a/crypto/heimdal/lib/roken/parse_time.3 b/crypto/heimdal/lib/roken/parse_time.3 deleted file mode 100644 index f7a801b51f69..000000000000 --- a/crypto/heimdal/lib/roken/parse_time.3 +++ /dev/null @@ -1,173 +0,0 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" $Id: parse_time.3 14325 2004-10-30 22:34:28Z lha $ -.\" -.Dd October 31, 2004 -.Dt PARSE_TIME 3 -.Os HEIMDAL -.Sh NAME -.Nm parse_time , -.Nm print_time_table , -.Nm unparse_time , -.Nm unparse_time_approx , -.Nd parse and unparse time intervals -.Sh LIBRARY -The roken library (libroken, -lroken) -.Sh SYNOPSIS -.Fd #include -.Ft int -.Fn parse_time "const char *timespec" "const char *def_unit" -.Ft void -.Fn print_time_table "FILE *f" -.Ft size_t -.Fn unparse_time "int seconds" "char *buf" "size_t len" -.Ft size_t -.Fn unparse_time_approx "int seconds" "char *buf" "size_t len" -.Sh DESCRIPTION -The -.Fn parse_time -function converts a the period of time specified in -into a number of seconds. -The -.Fa timespec -can be any number of -.Aq number unit -pairs separated by comma and whitespace. The number can be -negative. Number without explicit units are taken as being -.Fa def_unit . -.Pp -The -.Fn unparse_time -and -.Fn unparse_time_approx -does the opposite of -.Fn parse_time , -that is they take a number of seconds and express that as human -readable string. -.Fa unparse_time -produces an exact time, while -.Fa unparse_time_approx -restricts the result to only include one units. -.Pp -.Fn print_time_table -prints a descriptive list of available units on the passed file -descriptor. -.Pp -The possible units include: -.Bl -tag -width "month" -compact -offset indent -.It Li second , s -.It Li minute , m -.It Li hour , h -.It day -.It week -seven days -.It month -30 days -.It year -365 days -.El -.Pp -Units names can be arbitrarily abbreviated (as long as they are -unique). -.Sh RETURN VALUES -.Fn parse_time -returns the number of seconds that represents the expression in -.Fa timespec -or -1 on error. -.Fn unparse_time -and -.Fn unparse_time_approx -return the number of characters written to -.Fa buf . -if the return value is greater than or equal to the -.Fa len -argument, the string was too short and some of the printed characters -were discarded. -.Sh EXAMPLES -.Bd -literal -#include -#include - -int -main(int argc, char **argv) -{ - int i; - int result; - char buf[128]; - print_time_table(stdout); - for (i = 1; i < argc; i++) { - result = parse_time(argv[i], "second"); - if(result == -1) { - fprintf(stderr, "%s: parse error\\n", argv[i]); - continue; - } - printf("--\\n"); - printf("parse_time = %d\\n", result); - unparse_time(result, buf, sizeof(buf)); - printf("unparse_time = %s\\n", buf); - unparse_time_approx(result, buf, sizeof(buf)); - printf("unparse_time_approx = %s\\n", buf); - } - return 0; -} -.Ed -.Bd -literal -$ ./a.out "1 minute 30 seconds" "90 s" "1 y -1 s" -1 year = 365 days -1 month = 30 days -1 week = 7 days -1 day = 24 hours -1 hour = 60 minutes -1 minute = 60 seconds -1 second --- -parse_time = 90 -unparse_time = 1 minute 30 seconds -unparse_time_approx = 1 minute --- -parse_time = 90 -unparse_time = 1 minute 30 seconds -unparse_time_approx = 1 minute --- -parse_time = 31535999 -unparse_time = 12 months 4 days 23 hours 59 minutes 59 seconds -unparse_time_approx = 12 months -.Ed -.Sh BUGS -Since -.Fn parse_time -returns -1 on error there is no way to parse "minus one second". -Currently "s" at the end of units is ignored. This is a hack for -English plural forms. If these functions are ever localised, this -scheme will have to change. -.\".Sh SEE ALSO -.\".Xr parse_bytes 3 -.\".Xr parse_units 3 diff --git a/crypto/heimdal/lib/roken/parse_time.c b/crypto/heimdal/lib/roken/parse_time.c deleted file mode 100644 index 1c39bde4e8a0..000000000000 --- a/crypto/heimdal/lib/roken/parse_time.c +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: parse_time.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include -#include "parse_time.h" - -static struct units time_units[] = { - {"year", 365 * 24 * 60 * 60}, - {"month", 30 * 24 * 60 * 60}, - {"week", 7 * 24 * 60 * 60}, - {"day", 24 * 60 * 60}, - {"hour", 60 * 60}, - {"h", 60 * 60}, - {"minute", 60}, - {"m", 60}, - {"second", 1}, - {"s", 1}, - {NULL, 0}, -}; - -int ROKEN_LIB_FUNCTION -parse_time (const char *s, const char *def_unit) -{ - return parse_units (s, time_units, def_unit); -} - -size_t ROKEN_LIB_FUNCTION -unparse_time (int t, char *s, size_t len) -{ - return unparse_units (t, time_units, s, len); -} - -size_t ROKEN_LIB_FUNCTION -unparse_time_approx (int t, char *s, size_t len) -{ - return unparse_units_approx (t, time_units, s, len); -} - -void ROKEN_LIB_FUNCTION -print_time_table (FILE *f) -{ - print_units_table (time_units, f); -} diff --git a/crypto/heimdal/lib/roken/parse_time.h b/crypto/heimdal/lib/roken/parse_time.h deleted file mode 100644 index 4dc2da08bcb2..000000000000 --- a/crypto/heimdal/lib/roken/parse_time.h +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: parse_time.h 14773 2005-04-12 11:29:18Z lha $ */ - -#ifndef __PARSE_TIME_H__ -#define __PARSE_TIME_H__ - -#ifndef ROKEN_LIB_FUNCTION -#ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall -#else -#define ROKEN_LIB_FUNCTION -#endif -#endif - -int -parse_time (const char *s, const char *def_unit); - -size_t -unparse_time (int t, char *s, size_t len); - -size_t -unparse_time_approx (int t, char *s, size_t len); - -void -print_time_table (FILE *f); - -#endif /* __PARSE_TIME_H__ */ diff --git a/crypto/heimdal/lib/roken/parse_units.c b/crypto/heimdal/lib/roken/parse_units.c deleted file mode 100644 index 1960beca0710..000000000000 --- a/crypto/heimdal/lib/roken/parse_units.c +++ /dev/null @@ -1,330 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: parse_units.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include -#include -#include -#include "roken.h" -#include "parse_units.h" - -/* - * Parse string in `s' according to `units' and return value. - * def_unit defines the default unit. - */ - -static int -parse_something (const char *s, const struct units *units, - const char *def_unit, - int (*func)(int res, int val, unsigned mult), - int init, - int accept_no_val_p) -{ - const char *p; - int res = init; - unsigned def_mult = 1; - - if (def_unit != NULL) { - const struct units *u; - - for (u = units; u->name; ++u) { - if (strcasecmp (u->name, def_unit) == 0) { - def_mult = u->mult; - break; - } - } - if (u->name == NULL) - return -1; - } - - p = s; - while (*p) { - double val; - char *next; - const struct units *u, *partial_unit; - size_t u_len; - unsigned partial; - int no_val_p = 0; - - while(isspace((unsigned char)*p) || *p == ',') - ++p; - - val = strtod (p, &next); /* strtol(p, &next, 0); */ - if (p == next) { - val = 0; - if(!accept_no_val_p) - return -1; - no_val_p = 1; - } - p = next; - while (isspace((unsigned char)*p)) - ++p; - if (*p == '\0') { - res = (*func)(res, val, def_mult); - if (res < 0) - return res; - break; - } else if (*p == '+') { - ++p; - val = 1; - } else if (*p == '-') { - ++p; - val = -1; - } - if (no_val_p && val == 0) - val = 1; - u_len = strcspn (p, ", \t"); - partial = 0; - partial_unit = NULL; - if (u_len > 1 && p[u_len - 1] == 's') - --u_len; - for (u = units; u->name; ++u) { - if (strncasecmp (p, u->name, u_len) == 0) { - if (u_len == strlen (u->name)) { - p += u_len; - res = (*func)(res, val, u->mult); - if (res < 0) - return res; - break; - } else { - ++partial; - partial_unit = u; - } - } - } - if (u->name == NULL) { - if (partial == 1) { - p += u_len; - res = (*func)(res, val, partial_unit->mult); - if (res < 0) - return res; - } else { - return -1; - } - } - if (*p == 's') - ++p; - } - return res; -} - -/* - * The string consists of a sequence of `n unit' - */ - -static int -acc_units(int res, int val, unsigned mult) -{ - return res + val * mult; -} - -int ROKEN_LIB_FUNCTION -parse_units (const char *s, const struct units *units, - const char *def_unit) -{ - return parse_something (s, units, def_unit, acc_units, 0, 0); -} - -/* - * The string consists of a sequence of `[+-]flag'. `orig' consists - * the original set of flags, those are then modified and returned as - * the function value. - */ - -static int -acc_flags(int res, int val, unsigned mult) -{ - if(val == 1) - return res | mult; - else if(val == -1) - return res & ~mult; - else if (val == 0) - return mult; - else - return -1; -} - -int ROKEN_LIB_FUNCTION -parse_flags (const char *s, const struct units *units, - int orig) -{ - return parse_something (s, units, NULL, acc_flags, orig, 1); -} - -/* - * Return a string representation according to `units' of `num' in `s' - * with maximum length `len'. The actual length is the function value. - */ - -static int -unparse_something (int num, const struct units *units, char *s, size_t len, - int (*print) (char *, size_t, int, const char *, int), - int (*update) (int, unsigned), - const char *zero_string) -{ - const struct units *u; - int ret = 0, tmp; - - if (num == 0) - return snprintf (s, len, "%s", zero_string); - - for (u = units; num > 0 && u->name; ++u) { - int divisor; - - divisor = num / u->mult; - if (divisor) { - num = (*update) (num, u->mult); - tmp = (*print) (s, len, divisor, u->name, num); - if (tmp < 0) - return tmp; - if (tmp > len) { - len = 0; - s = NULL; - } else { - len -= tmp; - s += tmp; - } - ret += tmp; - } - } - return ret; -} - -static int -print_unit (char *s, size_t len, int divisor, const char *name, int rem) -{ - return snprintf (s, len, "%u %s%s%s", - divisor, name, - divisor == 1 ? "" : "s", - rem > 0 ? " " : ""); -} - -static int -update_unit (int in, unsigned mult) -{ - return in % mult; -} - -static int -update_unit_approx (int in, unsigned mult) -{ - if (in / mult > 0) - return 0; - else - return update_unit (in, mult); -} - -int ROKEN_LIB_FUNCTION -unparse_units (int num, const struct units *units, char *s, size_t len) -{ - return unparse_something (num, units, s, len, - print_unit, - update_unit, - "0"); -} - -int ROKEN_LIB_FUNCTION -unparse_units_approx (int num, const struct units *units, char *s, size_t len) -{ - return unparse_something (num, units, s, len, - print_unit, - update_unit_approx, - "0"); -} - -void ROKEN_LIB_FUNCTION -print_units_table (const struct units *units, FILE *f) -{ - const struct units *u, *u2; - unsigned max_sz = 0; - - for (u = units; u->name; ++u) { - max_sz = max(max_sz, strlen(u->name)); - } - - for (u = units; u->name;) { - char buf[1024]; - const struct units *next; - - for (next = u + 1; next->name && next->mult == u->mult; ++next) - ; - - if (next->name) { - for (u2 = next; - u2->name && u->mult % u2->mult != 0; - ++u2) - ; - if (u2->name == NULL) - --u2; - unparse_units (u->mult, u2, buf, sizeof(buf)); - fprintf (f, "1 %*s = %s\n", max_sz, u->name, buf); - } else { - fprintf (f, "1 %s\n", u->name); - } - u = next; - } -} - -static int -print_flag (char *s, size_t len, int divisor, const char *name, int rem) -{ - return snprintf (s, len, "%s%s", name, rem > 0 ? ", " : ""); -} - -static int -update_flag (int in, unsigned mult) -{ - return in - mult; -} - -int ROKEN_LIB_FUNCTION -unparse_flags (int num, const struct units *units, char *s, size_t len) -{ - return unparse_something (num, units, s, len, - print_flag, - update_flag, - ""); -} - -void ROKEN_LIB_FUNCTION -print_flags_table (const struct units *units, FILE *f) -{ - const struct units *u; - - for(u = units; u->name; ++u) - fprintf(f, "%s%s", u->name, (u+1)->name ? ", " : "\n"); -} diff --git a/crypto/heimdal/lib/roken/parse_units.h b/crypto/heimdal/lib/roken/parse_units.h deleted file mode 100644 index a42154d4869f..000000000000 --- a/crypto/heimdal/lib/roken/parse_units.h +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: parse_units.h 14773 2005-04-12 11:29:18Z lha $ */ - -#ifndef __PARSE_UNITS_H__ -#define __PARSE_UNITS_H__ - -#include -#include - -#ifndef ROKEN_LIB_FUNCTION -#ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall -#else -#define ROKEN_LIB_FUNCTION -#endif -#endif - -struct units { - const char *name; - unsigned mult; -}; - -int ROKEN_LIB_FUNCTION -parse_units (const char *s, const struct units *units, - const char *def_unit); - -void ROKEN_LIB_FUNCTION -print_units_table (const struct units *units, FILE *f); - -int ROKEN_LIB_FUNCTION -parse_flags (const char *s, const struct units *units, - int orig); - -int ROKEN_LIB_FUNCTION -unparse_units (int num, const struct units *units, char *s, size_t len); - -int ROKEN_LIB_FUNCTION -unparse_units_approx (int num, const struct units *units, char *s, - size_t len); - -int ROKEN_LIB_FUNCTION -unparse_flags (int num, const struct units *units, char *s, size_t len); - -void ROKEN_LIB_FUNCTION -print_flags_table (const struct units *units, FILE *f); - -#endif /* __PARSE_UNITS_H__ */ diff --git a/crypto/heimdal/lib/roken/print_version.c b/crypto/heimdal/lib/roken/print_version.c deleted file mode 100644 index b5ce816eb604..000000000000 --- a/crypto/heimdal/lib/roken/print_version.c +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: print_version.c,v 1.8 2001/02/20 01:44:55 assar Exp $"); -#endif -#include "roken.h" - -#include "print_version.h" - -void -print_version(const char *progname) -{ - const char *arg[] = VERSIONLIST; - const int num_args = sizeof(arg) / sizeof(arg[0]); - char *msg; - size_t len = 0; - int i; - - if(progname == NULL) - progname = getprogname(); - - if(num_args == 0) - msg = "no version information"; - else { - for(i = 0; i < num_args; i++) { - if(i > 0) - len += 2; - len += strlen(arg[i]); - } - msg = malloc(len + 1); - if(msg == NULL) { - fprintf(stderr, "%s: out of memory\n", progname); - return; - } - msg[0] = '\0'; - for(i = 0; i < num_args; i++) { - if(i > 0) - strcat(msg, ", "); - strcat(msg, arg[i]); - } - } - fprintf(stderr, "%s (%s)\n", progname, msg); - fprintf(stderr, "Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan\n"); - if(num_args != 0) - free(msg); -} diff --git a/crypto/heimdal/lib/roken/putenv.c b/crypto/heimdal/lib/roken/putenv.c deleted file mode 100644 index 5e501dcc0f27..000000000000 --- a/crypto/heimdal/lib/roken/putenv.c +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: putenv.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include - -extern char **environ; - -/* - * putenv -- - * String points to a string of the form name=value. - * - * Makes the value of the environment variable name equal to - * value by altering an existing variable or creating a new one. - */ - -int ROKEN_LIB_FUNCTION -putenv(const char *string) -{ - int i; - const char *eq = (const char *)strchr(string, '='); - int len; - - if (eq == NULL) - return 1; - len = eq - string; - - if(environ == NULL) { - environ = malloc(sizeof(char*)); - if(environ == NULL) - return 1; - environ[0] = NULL; - } - - for(i = 0; environ[i] != NULL; i++) - if(strncmp(string, environ[i], len) == 0) { - environ[i] = string; - return 0; - } - environ = realloc(environ, sizeof(char*) * (i + 2)); - if(environ == NULL) - return 1; - environ[i] = string; - environ[i+1] = NULL; - return 0; -} diff --git a/crypto/heimdal/lib/roken/rcmd.c b/crypto/heimdal/lib/roken/rcmd.c deleted file mode 100644 index e732fe3c2a86..000000000000 --- a/crypto/heimdal/lib/roken/rcmd.c +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: rcmd.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" -#include - -int ROKEN_LIB_FUNCTION -rcmd(char **ahost, - unsigned short inport, - const char *locuser, - const char *remuser, - const char *cmd, - int *fd2p) -{ - fprintf(stderr, "Only kerberized services are implemented\n"); - return -1; -} diff --git a/crypto/heimdal/lib/roken/readv.c b/crypto/heimdal/lib/roken/readv.c deleted file mode 100644 index b49890ebd6ed..000000000000 --- a/crypto/heimdal/lib/roken/readv.c +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: readv.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -ssize_t ROKEN_LIB_FUNCTION -readv(int d, const struct iovec *iov, int iovcnt) -{ - ssize_t ret, nb; - size_t tot = 0; - int i; - char *buf, *p; - - for(i = 0; i < iovcnt; ++i) - tot += iov[i].iov_len; - buf = malloc(tot); - if (tot != 0 && buf == NULL) { - errno = ENOMEM; - return -1; - } - nb = ret = read (d, buf, tot); - p = buf; - while (nb > 0) { - ssize_t cnt = min(nb, iov->iov_len); - - memcpy (iov->iov_base, p, cnt); - p += cnt; - nb -= cnt; - } - free(buf); - return ret; -} diff --git a/crypto/heimdal/lib/roken/realloc.c b/crypto/heimdal/lib/roken/realloc.c deleted file mode 100644 index 33e898c34302..000000000000 --- a/crypto/heimdal/lib/roken/realloc.c +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#undef realloc -#endif -#include -#include "roken.h" - -RCSID("$Id"); - - -void * ROKEN_LIB_FUNCTION -rk_realloc(void *ptr, size_t size) -{ - if (ptr == NULL) - return malloc(size); - return realloc(ptr, size); -} diff --git a/crypto/heimdal/lib/roken/recvmsg.c b/crypto/heimdal/lib/roken/recvmsg.c deleted file mode 100644 index d92186c1b9f6..000000000000 --- a/crypto/heimdal/lib/roken/recvmsg.c +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: recvmsg.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -ssize_t ROKEN_LIB_FUNCTION -recvmsg(int s, struct msghdr *msg, int flags) -{ - ssize_t ret, nb; - size_t tot = 0; - int i; - char *buf, *p; - struct iovec *iov = msg->msg_iov; - - for(i = 0; i < msg->msg_iovlen; ++i) - tot += iov[i].iov_len; - buf = malloc(tot); - if (tot != 0 && buf == NULL) { - errno = ENOMEM; - return -1; - } - nb = ret = recvfrom (s, buf, tot, flags, msg->msg_name, &msg->msg_namelen); - p = buf; - while (nb > 0) { - ssize_t cnt = min(nb, iov->iov_len); - - memcpy (iov->iov_base, p, cnt); - p += cnt; - nb -= cnt; - ++iov; - } - free(buf); - return ret; -} diff --git a/crypto/heimdal/lib/roken/resolve-test.c b/crypto/heimdal/lib/roken/resolve-test.c deleted file mode 100644 index 106cfd71b3e7..000000000000 --- a/crypto/heimdal/lib/roken/resolve-test.c +++ /dev/null @@ -1,179 +0,0 @@ -/* - * Copyright (c) 1995 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" -#include "getarg.h" -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif -#include "resolve.h" - -RCSID("$Id: resolve-test.c 15415 2005-06-16 16:58:45Z lha $"); - -static int version_flag = 0; -static int help_flag = 0; - -static struct getargs args[] = { - {"version", 0, arg_flag, &version_flag, - "print version", NULL }, - {"help", 0, arg_flag, &help_flag, - NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, - sizeof(args)/sizeof(*args), - NULL, - "dns-record resource-record-type"); - exit (ret); -} - -int -main(int argc, char **argv) -{ - struct dns_reply *r; - struct resource_record *rr; - int optidx = 0; - - setprogname (argv[0]); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - printf("some version\n"); - exit(0); - } - - argc -= optidx; - argv += optidx; - - if (argc != 2) - usage(1); - - r = dns_lookup(argv[0], argv[1]); - if(r == NULL){ - printf("No reply.\n"); - return 1; - } - if(r->q.type == rk_ns_t_srv) - dns_srv_order(r); - - for(rr = r->head; rr;rr=rr->next){ - printf("%-30s %-5s %-6d ", rr->domain, dns_type_to_string(rr->type), rr->ttl); - switch(rr->type){ - case rk_ns_t_ns: - case rk_ns_t_cname: - case rk_ns_t_ptr: - printf("%s\n", (char*)rr->u.data); - break; - case rk_ns_t_a: - printf("%s\n", inet_ntoa(*rr->u.a)); - break; - case rk_ns_t_mx: - case rk_ns_t_afsdb:{ - printf("%d %s\n", rr->u.mx->preference, rr->u.mx->domain); - break; - } - case rk_ns_t_srv:{ - struct srv_record *srv = rr->u.srv; - printf("%d %d %d %s\n", srv->priority, srv->weight, - srv->port, srv->target); - break; - } - case rk_ns_t_txt: { - printf("%s\n", rr->u.txt); - break; - } - case rk_ns_t_sig : { - struct sig_record *sig = rr->u.sig; - const char *type_string = dns_type_to_string (sig->type); - - printf ("type %u (%s), algorithm %u, labels %u, orig_ttl %u, sig_expiration %u, sig_inception %u, key_tag %u, signer %s\n", - sig->type, type_string ? type_string : "", - sig->algorithm, sig->labels, sig->orig_ttl, - sig->sig_expiration, sig->sig_inception, sig->key_tag, - sig->signer); - break; - } - case rk_ns_t_key : { - struct key_record *key = rr->u.key; - - printf ("flags %u, protocol %u, algorithm %u\n", - key->flags, key->protocol, key->algorithm); - break; - } - case rk_ns_t_sshfp : { - struct sshfp_record *sshfp = rr->u.sshfp; - int i; - - printf ("alg %u type %u length %lu data ", sshfp->algorithm, - sshfp->type, (unsigned long)sshfp->sshfp_len); - for (i = 0; i < sshfp->sshfp_len; i++) - printf("%02X", sshfp->sshfp_data[i]); - printf("\n"); - - break; - } - case rk_ns_t_ds : { - struct ds_record *ds = rr->u.ds; - int i; - - printf ("key tag %u alg %u type %u length %u data ", - ds->key_tag, ds->algorithm, ds->digest_type, - ds->digest_len); - for (i = 0; i < ds->digest_len; i++) - printf("%02X", ds->digest_data[i]); - printf("\n"); - - break; - } - default: - printf("\n"); - break; - } - } - - return 0; -} diff --git a/crypto/heimdal/lib/roken/resolve.c b/crypto/heimdal/lib/roken/resolve.c deleted file mode 100644 index 8f8fec7657e4..000000000000 --- a/crypto/heimdal/lib/roken/resolve.c +++ /dev/null @@ -1,711 +0,0 @@ -/* - * Copyright (c) 1995 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif -#include "resolve.h" - -#include - -RCSID("$Id: resolve.c 19869 2007-01-12 16:03:14Z lha $"); - -#ifdef _AIX /* AIX have broken res_nsearch() in 5.1 (5.0 also ?) */ -#undef HAVE_RES_NSEARCH -#endif - -#define DECL(X) {#X, rk_ns_t_##X} - -static struct stot{ - const char *name; - int type; -}stot[] = { - DECL(a), - DECL(aaaa), - DECL(ns), - DECL(cname), - DECL(soa), - DECL(ptr), - DECL(mx), - DECL(txt), - DECL(afsdb), - DECL(sig), - DECL(key), - DECL(srv), - DECL(naptr), - DECL(sshfp), - DECL(ds), - {NULL, 0} -}; - -int _resolve_debug = 0; - -int ROKEN_LIB_FUNCTION -dns_string_to_type(const char *name) -{ - struct stot *p = stot; - for(p = stot; p->name; p++) - if(strcasecmp(name, p->name) == 0) - return p->type; - return -1; -} - -const char * ROKEN_LIB_FUNCTION -dns_type_to_string(int type) -{ - struct stot *p = stot; - for(p = stot; p->name; p++) - if(type == p->type) - return p->name; - return NULL; -} - -#if (defined(HAVE_RES_SEARCH) || defined(HAVE_RES_NSEARCH)) && defined(HAVE_DN_EXPAND) - -static void -dns_free_rr(struct resource_record *rr) -{ - if(rr->domain) - free(rr->domain); - if(rr->u.data) - free(rr->u.data); - free(rr); -} - -void ROKEN_LIB_FUNCTION -dns_free_data(struct dns_reply *r) -{ - struct resource_record *rr; - if(r->q.domain) - free(r->q.domain); - for(rr = r->head; rr;){ - struct resource_record *tmp = rr; - rr = rr->next; - dns_free_rr(tmp); - } - free (r); -} - -static int -parse_record(const unsigned char *data, const unsigned char *end_data, - const unsigned char **pp, struct resource_record **ret_rr) -{ - struct resource_record *rr; - int type, class, ttl, size; - int status; - char host[MAXDNAME]; - const unsigned char *p = *pp; - - *ret_rr = NULL; - - status = dn_expand(data, end_data, p, host, sizeof(host)); - if(status < 0) - return -1; - if (p + status + 10 > end_data) - return -1; - - p += status; - type = (p[0] << 8) | p[1]; - p += 2; - class = (p[0] << 8) | p[1]; - p += 2; - ttl = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; - p += 4; - size = (p[0] << 8) | p[1]; - p += 2; - - if (p + size > end_data) - return -1; - - rr = calloc(1, sizeof(*rr)); - if(rr == NULL) - return -1; - rr->domain = strdup(host); - if(rr->domain == NULL) { - dns_free_rr(rr); - return -1; - } - rr->type = type; - rr->class = class; - rr->ttl = ttl; - rr->size = size; - switch(type){ - case rk_ns_t_ns: - case rk_ns_t_cname: - case rk_ns_t_ptr: - status = dn_expand(data, end_data, p, host, sizeof(host)); - if(status < 0) { - dns_free_rr(rr); - return -1; - } - rr->u.txt = strdup(host); - if(rr->u.txt == NULL) { - dns_free_rr(rr); - return -1; - } - break; - case rk_ns_t_mx: - case rk_ns_t_afsdb:{ - size_t hostlen; - - status = dn_expand(data, end_data, p + 2, host, sizeof(host)); - if(status < 0){ - dns_free_rr(rr); - return -1; - } - if (status + 2 > size) { - dns_free_rr(rr); - return -1; - } - - hostlen = strlen(host); - rr->u.mx = (struct mx_record*)malloc(sizeof(struct mx_record) + - hostlen); - if(rr->u.mx == NULL) { - dns_free_rr(rr); - return -1; - } - rr->u.mx->preference = (p[0] << 8) | p[1]; - strlcpy(rr->u.mx->domain, host, hostlen + 1); - break; - } - case rk_ns_t_srv:{ - size_t hostlen; - status = dn_expand(data, end_data, p + 6, host, sizeof(host)); - if(status < 0){ - dns_free_rr(rr); - return -1; - } - if (status + 6 > size) { - dns_free_rr(rr); - return -1; - } - - hostlen = strlen(host); - rr->u.srv = - (struct srv_record*)malloc(sizeof(struct srv_record) + - hostlen); - if(rr->u.srv == NULL) { - dns_free_rr(rr); - return -1; - } - rr->u.srv->priority = (p[0] << 8) | p[1]; - rr->u.srv->weight = (p[2] << 8) | p[3]; - rr->u.srv->port = (p[4] << 8) | p[5]; - strlcpy(rr->u.srv->target, host, hostlen + 1); - break; - } - case rk_ns_t_txt:{ - if(size == 0 || size < *p + 1) { - dns_free_rr(rr); - return -1; - } - rr->u.txt = (char*)malloc(*p + 1); - if(rr->u.txt == NULL) { - dns_free_rr(rr); - return -1; - } - strncpy(rr->u.txt, (const char*)(p + 1), *p); - rr->u.txt[*p] = '\0'; - break; - } - case rk_ns_t_key : { - size_t key_len; - - if (size < 4) { - dns_free_rr(rr); - return -1; - } - - key_len = size - 4; - rr->u.key = malloc (sizeof(*rr->u.key) + key_len - 1); - if (rr->u.key == NULL) { - dns_free_rr(rr); - return -1; - } - - rr->u.key->flags = (p[0] << 8) | p[1]; - rr->u.key->protocol = p[2]; - rr->u.key->algorithm = p[3]; - rr->u.key->key_len = key_len; - memcpy (rr->u.key->key_data, p + 4, key_len); - break; - } - case rk_ns_t_sig : { - size_t sig_len, hostlen; - - if(size <= 18) { - dns_free_rr(rr); - return -1; - } - status = dn_expand (data, end_data, p + 18, host, sizeof(host)); - if (status < 0) { - dns_free_rr(rr); - return -1; - } - if (status + 18 > size) { - dns_free_rr(rr); - return -1; - } - - /* the signer name is placed after the sig_data, to make it - easy to free this structure; the size calculation below - includes the zero-termination if the structure itself. - don't you just love C? - */ - sig_len = size - 18 - status; - hostlen = strlen(host); - rr->u.sig = malloc(sizeof(*rr->u.sig) - + hostlen + sig_len); - if (rr->u.sig == NULL) { - dns_free_rr(rr); - return -1; - } - rr->u.sig->type = (p[0] << 8) | p[1]; - rr->u.sig->algorithm = p[2]; - rr->u.sig->labels = p[3]; - rr->u.sig->orig_ttl = (p[4] << 24) | (p[5] << 16) - | (p[6] << 8) | p[7]; - rr->u.sig->sig_expiration = (p[8] << 24) | (p[9] << 16) - | (p[10] << 8) | p[11]; - rr->u.sig->sig_inception = (p[12] << 24) | (p[13] << 16) - | (p[14] << 8) | p[15]; - rr->u.sig->key_tag = (p[16] << 8) | p[17]; - rr->u.sig->sig_len = sig_len; - memcpy (rr->u.sig->sig_data, p + 18 + status, sig_len); - rr->u.sig->signer = &rr->u.sig->sig_data[sig_len]; - strlcpy(rr->u.sig->signer, host, hostlen + 1); - break; - } - - case rk_ns_t_cert : { - size_t cert_len; - - if (size < 5) { - dns_free_rr(rr); - return -1; - } - - cert_len = size - 5; - rr->u.cert = malloc (sizeof(*rr->u.cert) + cert_len - 1); - if (rr->u.cert == NULL) { - dns_free_rr(rr); - return -1; - } - - rr->u.cert->type = (p[0] << 8) | p[1]; - rr->u.cert->tag = (p[2] << 8) | p[3]; - rr->u.cert->algorithm = p[4]; - rr->u.cert->cert_len = cert_len; - memcpy (rr->u.cert->cert_data, p + 5, cert_len); - break; - } - case rk_ns_t_sshfp : { - size_t sshfp_len; - - if (size < 2) { - dns_free_rr(rr); - return -1; - } - - sshfp_len = size - 2; - - rr->u.sshfp = malloc (sizeof(*rr->u.sshfp) + sshfp_len - 1); - if (rr->u.sshfp == NULL) { - dns_free_rr(rr); - return -1; - } - - rr->u.sshfp->algorithm = p[0]; - rr->u.sshfp->type = p[1]; - rr->u.sshfp->sshfp_len = sshfp_len; - memcpy (rr->u.sshfp->sshfp_data, p + 2, sshfp_len); - break; - } - case rk_ns_t_ds: { - size_t digest_len; - - if (size < 4) { - dns_free_rr(rr); - return -1; - } - - digest_len = size - 4; - - rr->u.ds = malloc (sizeof(*rr->u.ds) + digest_len - 1); - if (rr->u.ds == NULL) { - dns_free_rr(rr); - return -1; - } - - rr->u.ds->key_tag = (p[0] << 8) | p[1]; - rr->u.ds->algorithm = p[2]; - rr->u.ds->digest_type = p[3]; - rr->u.ds->digest_len = digest_len; - memcpy (rr->u.ds->digest_data, p + 4, digest_len); - break; - } - default: - rr->u.data = (unsigned char*)malloc(size); - if(size != 0 && rr->u.data == NULL) { - dns_free_rr(rr); - return -1; - } - if (size) - memcpy(rr->u.data, p, size); - } - *pp = p + size; - *ret_rr = rr; - - return 0; -} - -#ifndef TEST_RESOLVE -static -#endif -struct dns_reply* -parse_reply(const unsigned char *data, size_t len) -{ - const unsigned char *p; - int status; - int i; - char host[MAXDNAME]; - const unsigned char *end_data = data + len; - struct dns_reply *r; - struct resource_record **rr; - - r = calloc(1, sizeof(*r)); - if (r == NULL) - return NULL; - - p = data; - - r->h.id = (p[0] << 8) | p[1]; - r->h.flags = 0; - if (p[2] & 0x01) - r->h.flags |= rk_DNS_HEADER_RESPONSE_FLAG; - r->h.opcode = (p[2] >> 1) & 0xf; - if (p[2] & 0x20) - r->h.flags |= rk_DNS_HEADER_AUTHORITIVE_ANSWER; - if (p[2] & 0x40) - r->h.flags |= rk_DNS_HEADER_TRUNCATED_MESSAGE; - if (p[2] & 0x80) - r->h.flags |= rk_DNS_HEADER_RECURSION_DESIRED; - if (p[3] & 0x01) - r->h.flags |= rk_DNS_HEADER_RECURSION_AVAILABLE; - if (p[3] & 0x04) - r->h.flags |= rk_DNS_HEADER_AUTHORITIVE_ANSWER; - if (p[3] & 0x08) - r->h.flags |= rk_DNS_HEADER_CHECKING_DISABLED; - r->h.response_code = (p[3] >> 4) & 0xf; - r->h.qdcount = (p[4] << 8) | p[5]; - r->h.ancount = (p[6] << 8) | p[7]; - r->h.nscount = (p[8] << 8) | p[9]; - r->h.arcount = (p[10] << 8) | p[11]; - - p += 12; - - if(r->h.qdcount != 1) { - free(r); - return NULL; - } - status = dn_expand(data, end_data, p, host, sizeof(host)); - if(status < 0){ - dns_free_data(r); - return NULL; - } - r->q.domain = strdup(host); - if(r->q.domain == NULL) { - dns_free_data(r); - return NULL; - } - if (p + status + 4 > end_data) { - dns_free_data(r); - return NULL; - } - p += status; - r->q.type = (p[0] << 8 | p[1]); - p += 2; - r->q.class = (p[0] << 8 | p[1]); - p += 2; - - rr = &r->head; - for(i = 0; i < r->h.ancount; i++) { - if(parse_record(data, end_data, &p, rr) != 0) { - dns_free_data(r); - return NULL; - } - rr = &(*rr)->next; - } - for(i = 0; i < r->h.nscount; i++) { - if(parse_record(data, end_data, &p, rr) != 0) { - dns_free_data(r); - return NULL; - } - rr = &(*rr)->next; - } - for(i = 0; i < r->h.arcount; i++) { - if(parse_record(data, end_data, &p, rr) != 0) { - dns_free_data(r); - return NULL; - } - rr = &(*rr)->next; - } - *rr = NULL; - return r; -} - -#ifdef HAVE_RES_NSEARCH -#ifdef HAVE_RES_NDESTROY -#define rk_res_free(x) res_ndestroy(x) -#else -#define rk_res_free(x) res_nclose(x) -#endif -#endif - -static struct dns_reply * -dns_lookup_int(const char *domain, int rr_class, int rr_type) -{ - struct dns_reply *r; - unsigned char *reply = NULL; - int size; - int len; -#ifdef HAVE_RES_NSEARCH - struct __res_state state; - memset(&state, 0, sizeof(state)); - if(res_ninit(&state)) - return NULL; /* is this the best we can do? */ -#elif defined(HAVE__RES) - u_long old_options = 0; -#endif - - size = 0; - len = 1000; - do { - if (reply) { - free(reply); - reply = NULL; - } - if (size <= len) - size = len; - if (_resolve_debug) { -#ifdef HAVE_RES_NSEARCH - state.options |= RES_DEBUG; -#elif defined(HAVE__RES) - old_options = _res.options; - _res.options |= RES_DEBUG; -#endif - fprintf(stderr, "dns_lookup(%s, %d, %s), buffer size %d\n", domain, - rr_class, dns_type_to_string(rr_type), size); - } - reply = malloc(size); - if (reply == NULL) { -#ifdef HAVE_RES_NSEARCH - rk_res_free(&state); -#endif - return NULL; - } -#ifdef HAVE_RES_NSEARCH - len = res_nsearch(&state, domain, rr_class, rr_type, reply, size); -#else - len = res_search(domain, rr_class, rr_type, reply, size); -#endif - if (_resolve_debug) { -#if defined(HAVE__RES) && !defined(HAVE_RES_NSEARCH) - _res.options = old_options; -#endif - fprintf(stderr, "dns_lookup(%s, %d, %s) --> %d\n", - domain, rr_class, dns_type_to_string(rr_type), len); - } - if (len < 0) { -#ifdef HAVE_RES_NSEARCH - rk_res_free(&state); -#endif - free(reply); - return NULL; - } - } while (size < len && len < rk_DNS_MAX_PACKET_SIZE); -#ifdef HAVE_RES_NSEARCH - rk_res_free(&state); -#endif - - len = min(len, size); - r = parse_reply(reply, len); - free(reply); - return r; -} - -struct dns_reply * ROKEN_LIB_FUNCTION -dns_lookup(const char *domain, const char *type_name) -{ - int type; - - type = dns_string_to_type(type_name); - if(type == -1) { - if(_resolve_debug) - fprintf(stderr, "dns_lookup: unknown resource type: `%s'\n", - type_name); - return NULL; - } - return dns_lookup_int(domain, C_IN, type); -} - -static int -compare_srv(const void *a, const void *b) -{ - const struct resource_record *const* aa = a, *const* bb = b; - - if((*aa)->u.srv->priority == (*bb)->u.srv->priority) - return ((*aa)->u.srv->weight - (*bb)->u.srv->weight); - return ((*aa)->u.srv->priority - (*bb)->u.srv->priority); -} - -#ifndef HAVE_RANDOM -#define random() rand() -#endif - -/* try to rearrange the srv-records by the algorithm in RFC2782 */ -void ROKEN_LIB_FUNCTION -dns_srv_order(struct dns_reply *r) -{ - struct resource_record **srvs, **ss, **headp; - struct resource_record *rr; - int num_srv = 0; - -#if defined(HAVE_INITSTATE) && defined(HAVE_SETSTATE) - int state[256 / sizeof(int)]; - char *oldstate; -#endif - - for(rr = r->head; rr; rr = rr->next) - if(rr->type == rk_ns_t_srv) - num_srv++; - - if(num_srv == 0) - return; - - srvs = malloc(num_srv * sizeof(*srvs)); - if(srvs == NULL) - return; /* XXX not much to do here */ - - /* unlink all srv-records from the linked list and put them in - a vector */ - for(ss = srvs, headp = &r->head; *headp; ) - if((*headp)->type == rk_ns_t_srv) { - *ss = *headp; - *headp = (*headp)->next; - (*ss)->next = NULL; - ss++; - } else - headp = &(*headp)->next; - - /* sort them by priority and weight */ - qsort(srvs, num_srv, sizeof(*srvs), compare_srv); - -#if defined(HAVE_INITSTATE) && defined(HAVE_SETSTATE) - oldstate = initstate(time(NULL), (char*)state, sizeof(state)); -#endif - - headp = &r->head; - - for(ss = srvs; ss < srvs + num_srv; ) { - int sum, rnd, count; - struct resource_record **ee, **tt; - /* find the last record with the same priority and count the - sum of all weights */ - for(sum = 0, tt = ss; tt < srvs + num_srv; tt++) { - assert(*tt != NULL); - if((*tt)->u.srv->priority != (*ss)->u.srv->priority) - break; - sum += (*tt)->u.srv->weight; - } - ee = tt; - /* ss is now the first record of this priority and ee is the - first of the next */ - while(ss < ee) { - rnd = random() % (sum + 1); - for(count = 0, tt = ss; ; tt++) { - if(*tt == NULL) - continue; - count += (*tt)->u.srv->weight; - if(count >= rnd) - break; - } - - assert(tt < ee); - - /* insert the selected record at the tail (of the head) of - the list */ - (*tt)->next = *headp; - *headp = *tt; - headp = &(*tt)->next; - sum -= (*tt)->u.srv->weight; - *tt = NULL; - while(ss < ee && *ss == NULL) - ss++; - } - } - -#if defined(HAVE_INITSTATE) && defined(HAVE_SETSTATE) - setstate(oldstate); -#endif - free(srvs); - return; -} - -#else /* NOT defined(HAVE_RES_SEARCH) && defined(HAVE_DN_EXPAND) */ - -struct dns_reply * ROKEN_LIB_FUNCTION -dns_lookup(const char *domain, const char *type_name) -{ - return NULL; -} - -void ROKEN_LIB_FUNCTION -dns_free_data(struct dns_reply *r) -{ -} - -void ROKEN_LIB_FUNCTION -dns_srv_order(struct dns_reply *r) -{ -} - -#endif diff --git a/crypto/heimdal/lib/roken/resolve.h b/crypto/heimdal/lib/roken/resolve.h deleted file mode 100644 index fe83115b1ec2..000000000000 --- a/crypto/heimdal/lib/roken/resolve.h +++ /dev/null @@ -1,298 +0,0 @@ -/* - * Copyright (c) 1995 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: resolve.h 14773 2005-04-12 11:29:18Z lha $ */ - -#ifndef __RESOLVE_H__ -#define __RESOLVE_H__ - -#ifndef ROKEN_LIB_FUNCTION -#ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall -#else -#define ROKEN_LIB_FUNCTION -#endif -#endif - -typedef enum { - rk_ns_t_invalid = 0, /* Cookie. */ - rk_ns_t_a = 1, /* Host address. */ - rk_ns_t_ns = 2, /* Authoritative server. */ - rk_ns_t_md = 3, /* Mail destination. */ - rk_ns_t_mf = 4, /* Mail forwarder. */ - rk_ns_t_cname = 5, /* Canonical name. */ - rk_ns_t_soa = 6, /* Start of authority zone. */ - rk_ns_t_mb = 7, /* Mailbox domain name. */ - rk_ns_t_mg = 8, /* Mail group member. */ - rk_ns_t_mr = 9, /* Mail rename name. */ - rk_ns_t_null = 10, /* Null resource record. */ - rk_ns_t_wks = 11, /* Well known service. */ - rk_ns_t_ptr = 12, /* Domain name pointer. */ - rk_ns_t_hinfo = 13, /* Host information. */ - rk_ns_t_minfo = 14, /* Mailbox information. */ - rk_ns_t_mx = 15, /* Mail routing information. */ - rk_ns_t_txt = 16, /* Text strings. */ - rk_ns_t_rp = 17, /* Responsible person. */ - rk_ns_t_afsdb = 18, /* AFS cell database. */ - rk_ns_t_x25 = 19, /* X_25 calling address. */ - rk_ns_t_isdn = 20, /* ISDN calling address. */ - rk_ns_t_rt = 21, /* Router. */ - rk_ns_t_nsap = 22, /* NSAP address. */ - rk_ns_t_nsap_ptr = 23, /* Reverse NSAP lookup (deprecated). */ - rk_ns_t_sig = 24, /* Security signature. */ - rk_ns_t_key = 25, /* Security key. */ - rk_ns_t_px = 26, /* X.400 mail mapping. */ - rk_ns_t_gpos = 27, /* Geographical position (withdrawn). */ - rk_ns_t_aaaa = 28, /* Ip6 Address. */ - rk_ns_t_loc = 29, /* Location Information. */ - rk_ns_t_nxt = 30, /* Next domain (security). */ - rk_ns_t_eid = 31, /* Endpoint identifier. */ - rk_ns_t_nimloc = 32, /* Nimrod Locator. */ - rk_ns_t_srv = 33, /* Server Selection. */ - rk_ns_t_atma = 34, /* ATM Address */ - rk_ns_t_naptr = 35, /* Naming Authority PoinTeR */ - rk_ns_t_kx = 36, /* Key Exchange */ - rk_ns_t_cert = 37, /* Certification record */ - rk_ns_t_a6 = 38, /* IPv6 address (deprecates AAAA) */ - rk_ns_t_dname = 39, /* Non-terminal DNAME (for IPv6) */ - rk_ns_t_sink = 40, /* Kitchen sink (experimentatl) */ - rk_ns_t_opt = 41, /* EDNS0 option (meta-RR) */ - rk_ns_t_apl = 42, /* Address prefix list (RFC 3123) */ - rk_ns_t_ds = 43, /* Delegation Signer (RFC 3658) */ - rk_ns_t_sshfp = 44, /* SSH fingerprint */ - rk_ns_t_tkey = 249, /* Transaction key */ - rk_ns_t_tsig = 250, /* Transaction signature. */ - rk_ns_t_ixfr = 251, /* Incremental zone transfer. */ - rk_ns_t_axfr = 252, /* Transfer zone of authority. */ - rk_ns_t_mailb = 253, /* Transfer mailbox records. */ - rk_ns_t_maila = 254, /* Transfer mail agent records. */ - rk_ns_t_any = 255, /* Wildcard match. */ - rk_ns_t_zxfr = 256, /* BIND-specific, nonstandard. */ - rk_ns_t_max = 65536 -} rk_ns_type; - -/* We use these, but they are not always present in */ - -#ifndef C_IN -#define C_IN 1 -#endif - -#ifndef T_A -#define T_A 1 -#endif -#ifndef T_NS -#define T_NS 2 -#endif -#ifndef T_CNAME -#define T_CNAME 5 -#endif -#ifndef T_SOA -#define T_SOA 5 -#endif -#ifndef T_PTR -#define T_PTR 12 -#endif -#ifndef T_MX -#define T_MX 15 -#endif -#ifndef T_TXT -#define T_TXT 16 -#endif -#ifndef T_AFSDB -#define T_AFSDB 18 -#endif -#ifndef T_SIG -#define T_SIG 24 -#endif -#ifndef T_KEY -#define T_KEY 25 -#endif -#ifndef T_AAAA -#define T_AAAA 28 -#endif -#ifndef T_SRV -#define T_SRV 33 -#endif -#ifndef T_NAPTR -#define T_NAPTR 35 -#endif -#ifndef T_CERT -#define T_CERT 37 -#endif -#ifndef T_SSHFP -#define T_SSHFP 44 -#endif - -#ifndef MAXDNAME -#define MAXDNAME 1025 -#endif - -#define dns_query rk_dns_query -#define mx_record rk_mx_record -#define srv_record rk_srv_record -#define key_record rk_key_record -#define sig_record rk_sig_record -#define cert_record rk_cert_record -#define sshfp_record rk_sshfp_record -#define resource_record rk_resource_record -#define dns_reply rk_dns_reply - -#define dns_lookup rk_dns_lookup -#define dns_free_data rk_dns_free_data -#define dns_string_to_type rk_dns_string_to_type -#define dns_type_to_string rk_dns_type_to_string -#define dns_srv_order rk_dns_srv_order - -struct dns_query{ - char *domain; - unsigned type; - unsigned class; -}; - -struct mx_record{ - unsigned preference; - char domain[1]; -}; - -struct srv_record{ - unsigned priority; - unsigned weight; - unsigned port; - char target[1]; -}; - -struct key_record { - unsigned flags; - unsigned protocol; - unsigned algorithm; - size_t key_len; - u_char key_data[1]; -}; - -struct sig_record { - unsigned type; - unsigned algorithm; - unsigned labels; - unsigned orig_ttl; - unsigned sig_expiration; - unsigned sig_inception; - unsigned key_tag; - char *signer; - unsigned sig_len; - char sig_data[1]; /* also includes signer */ -}; - -struct cert_record { - unsigned type; - unsigned tag; - unsigned algorithm; - size_t cert_len; - u_char cert_data[1]; -}; - -struct sshfp_record { - unsigned algorithm; - unsigned type; - size_t sshfp_len; - u_char sshfp_data[1]; -}; - -struct ds_record { - unsigned key_tag; - unsigned algorithm; - unsigned digest_type; - unsigned digest_len; - u_char digest_data[1]; -}; - -struct resource_record{ - char *domain; - unsigned type; - unsigned class; - unsigned ttl; - unsigned size; - union { - void *data; - struct mx_record *mx; - struct mx_record *afsdb; /* mx and afsdb are identical */ - struct srv_record *srv; - struct in_addr *a; - char *txt; - struct key_record *key; - struct cert_record *cert; - struct sig_record *sig; - struct sshfp_record *sshfp; - struct ds_record *ds; - }u; - struct resource_record *next; -}; - -#define rk_DNS_MAX_PACKET_SIZE 0xffff - -struct dns_header { - unsigned id; - unsigned flags; -#define rk_DNS_HEADER_RESPONSE_FLAG 1 -#define rk_DNS_HEADER_AUTHORITIVE_ANSWER 2 -#define rk_DNS_HEADER_TRUNCATED_MESSAGE 4 -#define rk_DNS_HEADER_RECURSION_DESIRED 8 -#define rk_DNS_HEADER_RECURSION_AVAILABLE 16 -#define rk_DNS_HEADER_AUTHENTIC_DATA 32 -#define rk_DNS_HEADER_CHECKING_DISABLED 64 - unsigned opcode; - unsigned response_code; - unsigned qdcount; - unsigned ancount; - unsigned nscount; - unsigned arcount; -}; - -struct dns_reply{ - struct dns_header h; - struct dns_query q; - struct resource_record *head; -}; - - -struct dns_reply* ROKEN_LIB_FUNCTION - dns_lookup(const char *, const char *); -void ROKEN_LIB_FUNCTION - dns_free_data(struct dns_reply *); -int ROKEN_LIB_FUNCTION - dns_string_to_type(const char *name); -const char *ROKEN_LIB_FUNCTION - dns_type_to_string(int type); -void ROKEN_LIB_FUNCTION - dns_srv_order(struct dns_reply*); - -#endif /* __RESOLVE_H__ */ diff --git a/crypto/heimdal/lib/roken/resource.h b/crypto/heimdal/lib/roken/resource.h deleted file mode 100644 index 01cd01d76c8c..000000000000 --- a/crypto/heimdal/lib/roken/resource.h +++ /dev/null @@ -1,15 +0,0 @@ -//{{NO_DEPENDENCIES}} -// Microsoft Developer Studio generated include file. -// Used by roken.rc -// - -// Next default values for new objects -// -#ifdef APSTUDIO_INVOKED -#ifndef APSTUDIO_READONLY_SYMBOLS -#define _APS_NEXT_RESOURCE_VALUE 101 -#define _APS_NEXT_COMMAND_VALUE 40001 -#define _APS_NEXT_CONTROL_VALUE 1000 -#define _APS_NEXT_SYMED_VALUE 101 -#endif -#endif diff --git a/crypto/heimdal/lib/roken/roken-common.h b/crypto/heimdal/lib/roken/roken-common.h deleted file mode 100644 index b835e880a249..000000000000 --- a/crypto/heimdal/lib/roken/roken-common.h +++ /dev/null @@ -1,405 +0,0 @@ -/* - * Copyright (c) 1995 - 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: roken-common.h 20867 2007-06-03 21:00:45Z lha $ */ - -#ifndef __ROKEN_COMMON_H__ -#define __ROKEN_COMMON_H__ - -#ifndef ROKEN_LIB_FUNCTION -#ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall -#else -#define ROKEN_LIB_FUNCTION -#endif -#endif - -#ifdef __cplusplus -#define ROKEN_CPP_START extern "C" { -#define ROKEN_CPP_END } -#else -#define ROKEN_CPP_START -#define ROKEN_CPP_END -#endif - -#ifndef INADDR_NONE -#define INADDR_NONE 0xffffffff -#endif - -#ifndef INADDR_LOOPBACK -#define INADDR_LOOPBACK 0x7f000001 -#endif - -#ifndef SOMAXCONN -#define SOMAXCONN 5 -#endif - -#ifndef STDIN_FILENO -#define STDIN_FILENO 0 -#endif - -#ifndef STDOUT_FILENO -#define STDOUT_FILENO 1 -#endif - -#ifndef STDERR_FILENO -#define STDERR_FILENO 2 -#endif - -#ifndef max -#define max(a,b) (((a)>(b))?(a):(b)) -#endif - -#ifndef min -#define min(a,b) (((a)<(b))?(a):(b)) -#endif - -#ifndef TRUE -#define TRUE 1 -#endif - -#ifndef FALSE -#define FALSE 0 -#endif - -#ifndef LOG_DAEMON -#define openlog(id,option,facility) openlog((id),(option)) -#define LOG_DAEMON 0 -#endif -#ifndef LOG_ODELAY -#define LOG_ODELAY 0 -#endif -#ifndef LOG_NDELAY -#define LOG_NDELAY 0x08 -#endif -#ifndef LOG_CONS -#define LOG_CONS 0 -#endif -#ifndef LOG_AUTH -#define LOG_AUTH 0 -#endif -#ifndef LOG_AUTHPRIV -#define LOG_AUTHPRIV LOG_AUTH -#endif - -#ifndef F_OK -#define F_OK 0 -#endif - -#ifndef O_ACCMODE -#define O_ACCMODE 003 -#endif - -#ifndef _PATH_DEV -#define _PATH_DEV "/dev/" -#endif - -#ifndef _PATH_DEVNULL -#define _PATH_DEVNULL "/dev/null" -#endif - -#ifndef _PATH_HEQUIV -#define _PATH_HEQUIV "/etc/hosts.equiv" -#endif - -#ifndef _PATH_VARRUN -#define _PATH_VARRUN "/var/run/" -#endif - -#ifndef _PATH_BSHELL -#define _PATH_BSHELL "/bin/sh" -#endif - -#ifndef MAXPATHLEN -#define MAXPATHLEN (1024+4) -#endif - -#ifndef SIG_ERR -#define SIG_ERR ((RETSIGTYPE (*)(int))-1) -#endif - -/* - * error code for getipnodeby{name,addr} - */ - -#ifndef HOST_NOT_FOUND -#define HOST_NOT_FOUND 1 -#endif - -#ifndef TRY_AGAIN -#define TRY_AGAIN 2 -#endif - -#ifndef NO_RECOVERY -#define NO_RECOVERY 3 -#endif - -#ifndef NO_DATA -#define NO_DATA 4 -#endif - -#ifndef NO_ADDRESS -#define NO_ADDRESS NO_DATA -#endif - -/* - * error code for getaddrinfo - */ - -#ifndef EAI_NOERROR -#define EAI_NOERROR 0 /* no error */ -#endif - -#ifndef EAI_NONAME - -#define EAI_ADDRFAMILY 1 /* address family for nodename not supported */ -#define EAI_AGAIN 2 /* temporary failure in name resolution */ -#define EAI_BADFLAGS 3 /* invalid value for ai_flags */ -#define EAI_FAIL 4 /* non-recoverable failure in name resolution */ -#define EAI_FAMILY 5 /* ai_family not supported */ -#define EAI_MEMORY 6 /* memory allocation failure */ -#define EAI_NODATA 7 /* no address associated with nodename */ -#define EAI_NONAME 8 /* nodename nor servname provided, or not known */ -#define EAI_SERVICE 9 /* servname not supported for ai_socktype */ -#define EAI_SOCKTYPE 10 /* ai_socktype not supported */ -#define EAI_SYSTEM 11 /* system error returned in errno */ - -#endif /* EAI_NONAME */ - -/* flags for getaddrinfo() */ - -#ifndef AI_PASSIVE -#define AI_PASSIVE 0x01 -#define AI_CANONNAME 0x02 -#endif /* AI_PASSIVE */ - -#ifndef AI_NUMERICHOST -#define AI_NUMERICHOST 0x04 -#endif - -/* flags for getnameinfo() */ - -#ifndef NI_DGRAM -#define NI_DGRAM 0x01 -#define NI_NAMEREQD 0x02 -#define NI_NOFQDN 0x04 -#define NI_NUMERICHOST 0x08 -#define NI_NUMERICSERV 0x10 -#endif - -/* - * constants for getnameinfo - */ - -#ifndef NI_MAXHOST -#define NI_MAXHOST 1025 -#define NI_MAXSERV 32 -#endif - -/* - * constants for inet_ntop - */ - -#ifndef INET_ADDRSTRLEN -#define INET_ADDRSTRLEN 16 -#endif - -#ifndef INET6_ADDRSTRLEN -#define INET6_ADDRSTRLEN 46 -#endif - -/* - * for shutdown(2) - */ - -#ifndef SHUT_RD -#define SHUT_RD 0 -#endif - -#ifndef SHUT_WR -#define SHUT_WR 1 -#endif - -#ifndef SHUT_RDWR -#define SHUT_RDWR 2 -#endif - -#ifndef HAVE___ATTRIBUTE__ -#define __attribute__(x) -#endif - -ROKEN_CPP_START - -#ifndef IRIX4 /* fix for compiler bug */ -#ifdef RETSIGTYPE -typedef RETSIGTYPE (*SigAction)(int); -SigAction signal(int iSig, SigAction pAction); /* BSD compatible */ -#endif -#endif - -int ROKEN_LIB_FUNCTION -simple_execve(const char*, char*const[], char*const[]); - -int ROKEN_LIB_FUNCTION -simple_execve_timed(const char *, char *const[], - char *const [], time_t (*)(void *), - void *, time_t); -int ROKEN_LIB_FUNCTION -simple_execvp(const char*, char *const[]); - -int ROKEN_LIB_FUNCTION -simple_execvp_timed(const char *, char *const[], - time_t (*)(void *), void *, time_t); -int ROKEN_LIB_FUNCTION -simple_execlp(const char*, ...); - -int ROKEN_LIB_FUNCTION -simple_execle(const char*, ...); - -int ROKEN_LIB_FUNCTION -simple_execl(const char *file, ...); - -int ROKEN_LIB_FUNCTION -wait_for_process(pid_t); - -int ROKEN_LIB_FUNCTION -wait_for_process_timed(pid_t, time_t (*)(void *), - void *, time_t); -int ROKEN_LIB_FUNCTION -pipe_execv(FILE**, FILE**, FILE**, const char*, ...); - -void ROKEN_LIB_FUNCTION -print_version(const char *); - -ssize_t ROKEN_LIB_FUNCTION -eread (int fd, void *buf, size_t nbytes); - -ssize_t ROKEN_LIB_FUNCTION -ewrite (int fd, const void *buf, size_t nbytes); - -struct hostent; - -const char * ROKEN_LIB_FUNCTION -hostent_find_fqdn (const struct hostent *); - -void ROKEN_LIB_FUNCTION -esetenv(const char *, const char *, int); - -void ROKEN_LIB_FUNCTION -socket_set_address_and_port (struct sockaddr *, const void *, int); - -size_t ROKEN_LIB_FUNCTION -socket_addr_size (const struct sockaddr *); - -void ROKEN_LIB_FUNCTION -socket_set_any (struct sockaddr *, int); - -size_t ROKEN_LIB_FUNCTION -socket_sockaddr_size (const struct sockaddr *); - -void * ROKEN_LIB_FUNCTION -socket_get_address (struct sockaddr *); - -int ROKEN_LIB_FUNCTION -socket_get_port (const struct sockaddr *); - -void ROKEN_LIB_FUNCTION -socket_set_port (struct sockaddr *, int); - -void ROKEN_LIB_FUNCTION -socket_set_portrange (int, int, int); - -void ROKEN_LIB_FUNCTION -socket_set_debug (int); - -void ROKEN_LIB_FUNCTION -socket_set_tos (int, int); - -void ROKEN_LIB_FUNCTION -socket_set_reuseaddr (int, int); - -void ROKEN_LIB_FUNCTION -socket_set_ipv6only (int, int); - -char ** ROKEN_LIB_FUNCTION -vstrcollect(va_list *ap); - -char ** ROKEN_LIB_FUNCTION -strcollect(char *first, ...); - -void ROKEN_LIB_FUNCTION -timevalfix(struct timeval *t1); - -void ROKEN_LIB_FUNCTION -timevaladd(struct timeval *t1, const struct timeval *t2); - -void ROKEN_LIB_FUNCTION -timevalsub(struct timeval *t1, const struct timeval *t2); - -char *ROKEN_LIB_FUNCTION -pid_file_write (const char *progname); - -void ROKEN_LIB_FUNCTION -pid_file_delete (char **); - -int ROKEN_LIB_FUNCTION -read_environment(const char *file, char ***env); - -void ROKEN_LIB_FUNCTION -free_environment(char **); - -void ROKEN_LIB_FUNCTION -warnerr(int doerrno, const char *fmt, va_list ap) - __attribute__ ((format (printf, 2, 0))); - -void * ROKEN_LIB_FUNCTION -rk_realloc(void *, size_t); - -struct rk_strpool; - -char * ROKEN_LIB_FUNCTION -rk_strpoolcollect(struct rk_strpool *); - -struct rk_strpool * ROKEN_LIB_FUNCTION -rk_strpoolprintf(struct rk_strpool *, const char *, ...) - __attribute__ ((format (printf, 2, 3))); - -void ROKEN_LIB_FUNCTION -rk_strpoolfree(struct rk_strpool *); - -void ROKEN_LIB_FUNCTION -rk_dumpdata (const char *, const void *, size_t); - -ROKEN_CPP_END - -#endif /* __ROKEN_COMMON_H__ */ diff --git a/crypto/heimdal/lib/roken/roken.awk b/crypto/heimdal/lib/roken/roken.awk deleted file mode 100644 index e0c19d7823af..000000000000 --- a/crypto/heimdal/lib/roken/roken.awk +++ /dev/null @@ -1,40 +0,0 @@ -# $Id: roken.awk 15409 2005-06-16 16:29:58Z lha $ - -BEGIN { - print "#ifdef HAVE_CONFIG_H" - print "#include " - print "#endif" - print "#include " - print "" - print "int main(int argc, char **argv)" - print "{" - print "puts(\"/* This is an OS dependent, generated file */\");" - print "puts(\"\\n\");" - print "puts(\"#ifndef __ROKEN_H__\");" - print "puts(\"#define __ROKEN_H__\");" - print "puts(\"\");" -} - -$1 == "#ifdef" || $1 == "#ifndef" || $1 == "#if" || $1 == "#else" || $1 == "#elif" || $1 == "#endif" { - print $0; - next -} - -{ - s = "" - for(i = 1; i <= length; i++){ - x = substr($0, i, 1) - if(x == "\"" || x == "\\") - s = s "\\"; - s = s x; - } - print "puts(\"" s "\");" -} - -END { - print "puts(\"#define ROKEN_VERSION \" VERSION );" - print "puts(\"\");" - print "puts(\"#endif /* __ROKEN_H__ */\");" - print "return 0;" - print "}" -} diff --git a/crypto/heimdal/lib/roken/roken.h.in b/crypto/heimdal/lib/roken/roken.h.in deleted file mode 100644 index cf2ee9ed7bdb..000000000000 --- a/crypto/heimdal/lib/roken/roken.h.in +++ /dev/null @@ -1,706 +0,0 @@ -/* -*- C -*- */ -/* - * Copyright (c) 1995-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: roken.h.in 18612 2006-10-19 16:35:16Z lha $ */ - -#include -#include -#include -#ifdef HAVE_STDINT_H -#include -#endif -#include -#include - -#ifdef _AIX -struct ether_addr; -struct sockaddr_dl; -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif -#ifdef HAVE_INTTYPES_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_BIND_BITYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_SYS_UIO_H -#include -#endif -#ifdef HAVE_GRP_H -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif -#ifdef HAVE_SYSLOG_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_ERRNO_H -#include -#endif -#include -#ifdef HAVE_TERMIOS_H -#include -#endif -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 -#include -#endif -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#ifdef HAVE_STRINGS_H -#include -#endif - -#ifdef HAVE_PATHS_H -#include -#endif - -#ifndef HAVE_SSIZE_T -typedef int ssize_t; -#endif - -#include - -ROKEN_CPP_START - -#ifdef HAVE_UINTPTR_T -#define rk_UNCONST(x) ((void *)(uintptr_t)(const void *)(x)) -#else -#define rk_UNCONST(x) ((void *)(unsigned long)(const void *)(x)) -#endif - -#if !defined(HAVE_SETSID) && defined(HAVE__SETSID) -#define setsid _setsid -#endif - -#ifndef HAVE_PUTENV -int ROKEN_LIB_FUNCTION putenv(const char *); -#endif - -#if !defined(HAVE_SETENV) || defined(NEED_SETENV_PROTO) -int ROKEN_LIB_FUNCTION setenv(const char *, const char *, int); -#endif - -#if !defined(HAVE_UNSETENV) || defined(NEED_UNSETENV_PROTO) -void ROKEN_LIB_FUNCTION unsetenv(const char *); -#endif - -#if !defined(HAVE_GETUSERSHELL) || defined(NEED_GETUSERSHELL_PROTO) -char * ROKEN_LIB_FUNCTION getusershell(void); -void ROKEN_LIB_FUNCTION endusershell(void); -#endif - -#if !defined(HAVE_SNPRINTF) || defined(NEED_SNPRINTF_PROTO) -int ROKEN_LIB_FUNCTION snprintf (char *, size_t, const char *, ...) - __attribute__ ((format (printf, 3, 4))); -#endif - -#if !defined(HAVE_VSNPRINTF) || defined(NEED_VSNPRINTF_PROTO) -int ROKEN_LIB_FUNCTION - vsnprintf (char *, size_t, const char *, va_list) - __attribute__((format (printf, 3, 0))); -#endif - -#if !defined(HAVE_ASPRINTF) || defined(NEED_ASPRINTF_PROTO) -int ROKEN_LIB_FUNCTION - asprintf (char **, const char *, ...) - __attribute__ ((format (printf, 2, 3))); -#endif - -#if !defined(HAVE_VASPRINTF) || defined(NEED_VASPRINTF_PROTO) -int ROKEN_LIB_FUNCTION - vasprintf (char **, const char *, va_list) - __attribute__((format (printf, 2, 0))); -#endif - -#if !defined(HAVE_ASNPRINTF) || defined(NEED_ASNPRINTF_PROTO) -int ROKEN_LIB_FUNCTION - asnprintf (char **, size_t, const char *, ...) - __attribute__ ((format (printf, 3, 4))); -#endif - -#if !defined(HAVE_VASNPRINTF) || defined(NEED_VASNPRINTF_PROTO) -int ROKEN_LIB_FUNCTION - vasnprintf (char **, size_t, const char *, va_list) - __attribute__((format (printf, 3, 0))); -#endif - -#ifndef HAVE_STRDUP -char * ROKEN_LIB_FUNCTION strdup(const char *); -#endif - -#if !defined(HAVE_STRNDUP) || defined(NEED_STRNDUP_PROTO) -char * ROKEN_LIB_FUNCTION strndup(const char *, size_t); -#endif - -#ifndef HAVE_STRLWR -char * ROKEN_LIB_FUNCTION strlwr(char *); -#endif - -#ifndef HAVE_STRNLEN -size_t ROKEN_LIB_FUNCTION strnlen(const char*, size_t); -#endif - -#if !defined(HAVE_STRSEP) || defined(NEED_STRSEP_PROTO) -char * ROKEN_LIB_FUNCTION strsep(char**, const char*); -#endif - -#if !defined(HAVE_STRSEP_COPY) || defined(NEED_STRSEP_COPY_PROTO) -ssize_t ROKEN_LIB_FUNCTION strsep_copy(const char**, const char*, char*, size_t); -#endif - -#ifndef HAVE_STRCASECMP -int ROKEN_LIB_FUNCTION strcasecmp(const char *, const char *); -#endif - -#ifdef NEED_FCLOSE_PROTO -int ROKEN_LIB_FUNCTION fclose(FILE *); -#endif - -#ifdef NEED_STRTOK_R_PROTO -char * ROKEN_LIB_FUNCTION strtok_r(char *, const char *, char **); -#endif - -#ifndef HAVE_STRUPR -char * ROKEN_LIB_FUNCTION strupr(char *); -#endif - -#ifndef HAVE_STRLCPY -size_t ROKEN_LIB_FUNCTION strlcpy (char *, const char *, size_t); -#endif - -#ifndef HAVE_STRLCAT -size_t ROKEN_LIB_FUNCTION strlcat (char *, const char *, size_t); -#endif - -#ifndef HAVE_GETDTABLESIZE -int ROKEN_LIB_FUNCTION getdtablesize(void); -#endif - -#if !defined(HAVE_STRERROR) && !defined(strerror) -char * ROKEN_LIB_FUNCTION strerror(int); -#endif - -#if !defined(HAVE_HSTRERROR) || defined(NEED_HSTRERROR_PROTO) -/* This causes a fatal error under Psoriasis */ -#if !(defined(SunOS) && (SunOS >= 50)) -const char * ROKEN_LIB_FUNCTION hstrerror(int); -#endif -#endif - -#if !HAVE_DECL_H_ERRNO -extern int h_errno; -#endif - -#if !defined(HAVE_INET_ATON) || defined(NEED_INET_ATON_PROTO) -int ROKEN_LIB_FUNCTION inet_aton(const char *, struct in_addr *); -#endif - -#ifndef HAVE_INET_NTOP -const char * ROKEN_LIB_FUNCTION -inet_ntop(int af, const void *src, char *dst, size_t size); -#endif - -#ifndef HAVE_INET_PTON -int ROKEN_LIB_FUNCTION -inet_pton(int, const char *, void *); -#endif - -#if !defined(HAVE_GETCWD) -char* ROKEN_LIB_FUNCTION getcwd(char *, size_t); -#endif - -#ifdef HAVE_PWD_H -#include -struct passwd * ROKEN_LIB_FUNCTION k_getpwnam (const char *); -struct passwd * ROKEN_LIB_FUNCTION k_getpwuid (uid_t); -#endif - -const char * ROKEN_LIB_FUNCTION get_default_username (void); - -#ifndef HAVE_SETEUID -int ROKEN_LIB_FUNCTION seteuid(uid_t); -#endif - -#ifndef HAVE_SETEGID -int ROKEN_LIB_FUNCTION setegid(gid_t); -#endif - -#ifndef HAVE_LSTAT -int ROKEN_LIB_FUNCTION lstat(const char *, struct stat *); -#endif - -#if !defined(HAVE_MKSTEMP) || defined(NEED_MKSTEMP_PROTO) -int ROKEN_LIB_FUNCTION mkstemp(char *); -#endif - -#ifndef HAVE_CGETENT -int ROKEN_LIB_FUNCTION cgetent(char **, char **, const char *); -int ROKEN_LIB_FUNCTION cgetstr(char *, const char *, char **); -#endif - -#ifndef HAVE_INITGROUPS -int ROKEN_LIB_FUNCTION initgroups(const char *, gid_t); -#endif - -#ifndef HAVE_FCHOWN -int ROKEN_LIB_FUNCTION fchown(int, uid_t, gid_t); -#endif - -#if !defined(HAVE_DAEMON) || defined(NEED_DAEMON_PROTO) -int ROKEN_LIB_FUNCTION daemon(int, int); -#endif - -#ifndef HAVE_INNETGR -int ROKEN_LIB_FUNCTION innetgr(const char *, const char *, - const char *, const char *); -#endif - -#ifndef HAVE_CHOWN -int ROKEN_LIB_FUNCTION chown(const char *, uid_t, gid_t); -#endif - -#ifndef HAVE_RCMD -int ROKEN_LIB_FUNCTION - rcmd(char **, unsigned short, const char *, - const char *, const char *, int *); -#endif - -#if !defined(HAVE_INNETGR) || defined(NEED_INNETGR_PROTO) -int ROKEN_LIB_FUNCTION innetgr(const char*, const char*, - const char*, const char*); -#endif - -#ifndef HAVE_IRUSEROK -int ROKEN_LIB_FUNCTION iruserok(unsigned, int, - const char *, const char *); -#endif - -#if !defined(HAVE_GETHOSTNAME) || defined(NEED_GETHOSTNAME_PROTO) -int ROKEN_LIB_FUNCTION gethostname(char *, int); -#endif - -#ifndef HAVE_WRITEV -ssize_t ROKEN_LIB_FUNCTION -writev(int, const struct iovec *, int); -#endif - -#ifndef HAVE_READV -ssize_t ROKEN_LIB_FUNCTION -readv(int, const struct iovec *, int); -#endif - -#ifndef HAVE_MKSTEMP -int ROKEN_LIB_FUNCTION -mkstemp(char *); -#endif - -#ifndef HAVE_PIDFILE -void ROKEN_LIB_FUNCTION pidfile (const char*); -#endif - -#ifndef HAVE_BSWAP32 -unsigned int ROKEN_LIB_FUNCTION bswap32(unsigned int); -#endif - -#ifndef HAVE_BSWAP16 -unsigned short ROKEN_LIB_FUNCTION bswap16(unsigned short); -#endif - -#ifndef HAVE_FLOCK -#ifndef LOCK_SH -#define LOCK_SH 1 /* Shared lock */ -#endif -#ifndef LOCK_EX -#define LOCK_EX 2 /* Exclusive lock */ -#endif -#ifndef LOCK_NB -#define LOCK_NB 4 /* Don't block when locking */ -#endif -#ifndef LOCK_UN -#define LOCK_UN 8 /* Unlock */ -#endif - -int flock(int fd, int operation); -#endif /* HAVE_FLOCK */ - -time_t ROKEN_LIB_FUNCTION tm2time (struct tm, int); - -int ROKEN_LIB_FUNCTION unix_verify_user(char *, char *); - -int ROKEN_LIB_FUNCTION roken_concat (char *, size_t, ...); - -size_t ROKEN_LIB_FUNCTION roken_mconcat (char **, size_t, ...); - -int ROKEN_LIB_FUNCTION roken_vconcat (char *, size_t, va_list); - -size_t ROKEN_LIB_FUNCTION - roken_vmconcat (char **, size_t, va_list); - -ssize_t ROKEN_LIB_FUNCTION net_write (int, const void *, size_t); - -ssize_t ROKEN_LIB_FUNCTION net_read (int, void *, size_t); - -int ROKEN_LIB_FUNCTION issuid(void); - -#ifndef HAVE_STRUCT_WINSIZE -struct winsize { - unsigned short ws_row, ws_col; - unsigned short ws_xpixel, ws_ypixel; -}; -#endif - -int ROKEN_LIB_FUNCTION get_window_size(int fd, struct winsize *); - -#ifndef HAVE_VSYSLOG -void ROKEN_LIB_FUNCTION vsyslog(int, const char *, va_list); -#endif - -#if !HAVE_DECL_OPTARG -extern char *optarg; -#endif -#if !HAVE_DECL_OPTIND -extern int optind; -#endif -#if !HAVE_DECL_OPTERR -extern int opterr; -#endif - -#if !HAVE_DECL_ENVIRON -extern char **environ; -#endif - -#ifndef HAVE_GETIPNODEBYNAME -struct hostent * ROKEN_LIB_FUNCTION -getipnodebyname (const char *, int, int, int *); -#endif - -#ifndef HAVE_GETIPNODEBYADDR -struct hostent * ROKEN_LIB_FUNCTION -getipnodebyaddr (const void *, size_t, int, int *); -#endif - -#ifndef HAVE_FREEHOSTENT -void ROKEN_LIB_FUNCTION -freehostent (struct hostent *); -#endif - -#ifndef HAVE_COPYHOSTENT -struct hostent * ROKEN_LIB_FUNCTION -copyhostent (const struct hostent *); -#endif - -#ifndef HAVE_SOCKLEN_T -typedef int socklen_t; -#endif - -#ifndef HAVE_STRUCT_SOCKADDR_STORAGE - -#ifndef HAVE_SA_FAMILY_T -typedef unsigned short sa_family_t; -#endif - -#ifdef HAVE_IPV6 -#define _SS_MAXSIZE sizeof(struct sockaddr_in6) -#else -#define _SS_MAXSIZE sizeof(struct sockaddr_in) -#endif - -#define _SS_ALIGNSIZE sizeof(unsigned long) - -#if HAVE_STRUCT_SOCKADDR_SA_LEN - -typedef unsigned char roken_sa_family_t; - -#define _SS_PAD1SIZE ((2 * _SS_ALIGNSIZE - sizeof (roken_sa_family_t) - sizeof(unsigned char)) % _SS_ALIGNSIZE) -#define _SS_PAD2SIZE (_SS_MAXSIZE - (sizeof (roken_sa_family_t) + sizeof(unsigned char) + _SS_PAD1SIZE + _SS_ALIGNSIZE)) - -struct sockaddr_storage { - unsigned char ss_len; - roken_sa_family_t ss_family; - char __ss_pad1[_SS_PAD1SIZE]; - unsigned long __ss_align[_SS_PAD2SIZE / sizeof(unsigned long) + 1]; -}; - -#else /* !HAVE_STRUCT_SOCKADDR_SA_LEN */ - -typedef unsigned short roken_sa_family_t; - -#define _SS_PAD1SIZE ((2 * _SS_ALIGNSIZE - sizeof (roken_sa_family_t)) % _SS_ALIGNSIZE) -#define _SS_PAD2SIZE (_SS_MAXSIZE - (sizeof (roken_sa_family_t) + _SS_PAD1SIZE + _SS_ALIGNSIZE)) - -struct sockaddr_storage { - roken_sa_family_t ss_family; - char __ss_pad1[_SS_PAD1SIZE]; - unsigned long __ss_align[_SS_PAD2SIZE / sizeof(unsigned long) + 1]; -}; - -#endif /* HAVE_STRUCT_SOCKADDR_SA_LEN */ - -#endif /* HAVE_STRUCT_SOCKADDR_STORAGE */ - -#ifndef HAVE_STRUCT_ADDRINFO -struct addrinfo { - int ai_flags; - int ai_family; - int ai_socktype; - int ai_protocol; - size_t ai_addrlen; - char *ai_canonname; - struct sockaddr *ai_addr; - struct addrinfo *ai_next; -}; -#endif - -#ifndef HAVE_GETADDRINFO -int ROKEN_LIB_FUNCTION -getaddrinfo(const char *, - const char *, - const struct addrinfo *, - struct addrinfo **); -#endif - -#ifndef HAVE_GETNAMEINFO -int ROKEN_LIB_FUNCTION -getnameinfo(const struct sockaddr *, socklen_t, - char *, size_t, - char *, size_t, - int); -#endif - -#ifndef HAVE_FREEADDRINFO -void ROKEN_LIB_FUNCTION -freeaddrinfo(struct addrinfo *); -#endif - -#ifndef HAVE_GAI_STRERROR -const char * ROKEN_LIB_FUNCTION -gai_strerror(int); -#endif - -int ROKEN_LIB_FUNCTION -getnameinfo_verified(const struct sockaddr *, socklen_t, - char *, size_t, - char *, size_t, - int); - -int ROKEN_LIB_FUNCTION -roken_getaddrinfo_hostspec(const char *, int, struct addrinfo **); -int ROKEN_LIB_FUNCTION -roken_getaddrinfo_hostspec2(const char *, int, int, struct addrinfo **); - -#ifndef HAVE_STRFTIME -size_t ROKEN_LIB_FUNCTION -strftime (char *, size_t, const char *, const struct tm *); -#endif - -#ifndef HAVE_STRPTIME -char * ROKEN_LIB_FUNCTION -strptime (const char *, const char *, struct tm *); -#endif - -#ifndef HAVE_EMALLOC -void * ROKEN_LIB_FUNCTION emalloc (size_t); -#endif -#ifndef HAVE_ECALLOC -void * ROKEN_LIB_FUNCTION ecalloc(size_t, size_t); -#endif -#ifndef HAVE_EREALLOC -void * ROKEN_LIB_FUNCTION erealloc (void *, size_t); -#endif -#ifndef HAVE_ESTRDUP -char * ROKEN_LIB_FUNCTION estrdup (const char *); -#endif - -/* - * kludges and such - */ - -#if 1 -int ROKEN_LIB_FUNCTION -roken_gethostby_setup(const char*, const char*); -struct hostent* ROKEN_LIB_FUNCTION -roken_gethostbyname(const char*); -struct hostent* ROKEN_LIB_FUNCTION -roken_gethostbyaddr(const void*, size_t, int); -#else -#ifdef GETHOSTBYNAME_PROTO_COMPATIBLE -#define roken_gethostbyname(x) gethostbyname(x) -#else -#define roken_gethostbyname(x) gethostbyname((char *)x) -#endif - -#ifdef GETHOSTBYADDR_PROTO_COMPATIBLE -#define roken_gethostbyaddr(a, l, t) gethostbyaddr(a, l, t) -#else -#define roken_gethostbyaddr(a, l, t) gethostbyaddr((char *)a, l, t) -#endif -#endif - -#ifdef GETSERVBYNAME_PROTO_COMPATIBLE -#define roken_getservbyname(x,y) getservbyname(x,y) -#else -#define roken_getservbyname(x,y) getservbyname((char *)x, (char *)y) -#endif - -#ifdef OPENLOG_PROTO_COMPATIBLE -#define roken_openlog(a,b,c) openlog(a,b,c) -#else -#define roken_openlog(a,b,c) openlog((char *)a,b,c) -#endif - -#ifdef GETSOCKNAME_PROTO_COMPATIBLE -#define roken_getsockname(a,b,c) getsockname(a,b,c) -#else -#define roken_getsockname(a,b,c) getsockname(a, b, (void*)c) -#endif - -#ifndef HAVE_SETPROGNAME -void ROKEN_LIB_FUNCTION setprogname(const char *); -#endif - -#ifndef HAVE_GETPROGNAME -const char * ROKEN_LIB_FUNCTION getprogname(void); -#endif - -#if !defined(HAVE_SETPROGNAME) && !defined(HAVE_GETPROGNAME) && !HAVE_DECL___PROGNAME -extern const char *__progname; -#endif - -void ROKEN_LIB_FUNCTION mini_inetd_addrinfo (struct addrinfo*); -void ROKEN_LIB_FUNCTION mini_inetd (int); - -#ifndef HAVE_LOCALTIME_R -struct tm * ROKEN_LIB_FUNCTION -localtime_r(const time_t *, struct tm *); -#endif - -#if !defined(HAVE_STRSVIS) || defined(NEED_STRSVIS_PROTO) -int ROKEN_LIB_FUNCTION -strsvis(char *, const char *, int, const char *); -#endif - -#if !defined(HAVE_STRUNVIS) || defined(NEED_STRUNVIS_PROTO) -int ROKEN_LIB_FUNCTION -strunvis(char *, const char *); -#endif - -#if !defined(HAVE_STRVIS) || defined(NEED_STRVIS_PROTO) -int ROKEN_LIB_FUNCTION -strvis(char *, const char *, int); -#endif - -#if !defined(HAVE_STRVISX) || defined(NEED_STRVISX_PROTO) -int ROKEN_LIB_FUNCTION -strvisx(char *, const char *, size_t, int); -#endif - -#if !defined(HAVE_SVIS) || defined(NEED_SVIS_PROTO) -char * ROKEN_LIB_FUNCTION -svis(char *, int, int, int, const char *); -#endif - -#if !defined(HAVE_UNVIS) || defined(NEED_UNVIS_PROTO) -int ROKEN_LIB_FUNCTION -unvis(char *, int, int *, int); -#endif - -#if !defined(HAVE_VIS) || defined(NEED_VIS_PROTO) -char * ROKEN_LIB_FUNCTION -vis(char *, int, int, int); -#endif - -#if !defined(HAVE_CLOSEFROM) -int ROKEN_LIB_FUNCTION -closefrom(int); -#endif - -#if !defined(HAVE_TIMEGM) -#define timegm rk_timegm -time_t ROKEN_LIB_FUNCTION -rk_timegm(struct tm *tm); -#endif - -#ifdef SOCKET_WRAPPER_REPLACE -#include -#endif - -ROKEN_CPP_END diff --git a/crypto/heimdal/lib/roken/roken_gethostby.c b/crypto/heimdal/lib/roken/roken_gethostby.c deleted file mode 100644 index ff0af86ef4c1..000000000000 --- a/crypto/heimdal/lib/roken/roken_gethostby.c +++ /dev/null @@ -1,274 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: roken_gethostby.c 21157 2007-06-18 22:03:13Z lha $"); -#endif - -#include "roken.h" - -#undef roken_gethostbyname -#undef roken_gethostbyaddr - -static struct sockaddr_in dns_addr; -static char *dns_req; - -static int -make_address(const char *address, struct in_addr *ip) -{ - if(inet_aton(address, ip) == 0){ - /* try to resolve as hostname, it might work if the address we - are trying to lookup is local, for instance a web proxy */ - struct hostent *he = gethostbyname(address); - if(he) { - unsigned char *p = (unsigned char*)he->h_addr; - ip->s_addr = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; - } else { - return -1; - } - } - return 0; -} - -static int -setup_int(const char *proxy_host, short proxy_port, - const char *dns_host, short dns_port, - const char *dns_path) -{ - memset(&dns_addr, 0, sizeof(dns_addr)); - if(dns_req) - free(dns_req); - if(proxy_host) { - if(make_address(proxy_host, &dns_addr.sin_addr) != 0) - return -1; - dns_addr.sin_port = htons(proxy_port); - asprintf(&dns_req, "http://%s:%d%s", dns_host, dns_port, dns_path); - } else { - if(make_address(dns_host, &dns_addr.sin_addr) != 0) - return -1; - dns_addr.sin_port = htons(dns_port); - asprintf(&dns_req, "%s", dns_path); - } - dns_addr.sin_family = AF_INET; - return 0; -} - -static void -split_spec(const char *spec, char **host, int *port, char **path, int def_port) -{ - char *p; - *host = strdup(spec); - p = strchr(*host, ':'); - if(p) { - *p++ = '\0'; - if(sscanf(p, "%d", port) != 1) - *port = def_port; - } else - *port = def_port; - p = strchr(p ? p : *host, '/'); - if(p) { - if(path) - *path = strdup(p); - *p = '\0'; - }else - if(path) - *path = NULL; -} - - -int ROKEN_LIB_FUNCTION -roken_gethostby_setup(const char *proxy_spec, const char *dns_spec) -{ - char *proxy_host = NULL; - int proxy_port = 0; - char *dns_host, *dns_path; - int dns_port; - - int ret = -1; - - split_spec(dns_spec, &dns_host, &dns_port, &dns_path, 80); - if(dns_path == NULL) - goto out; - if(proxy_spec) - split_spec(proxy_spec, &proxy_host, &proxy_port, NULL, 80); - ret = setup_int(proxy_host, proxy_port, dns_host, dns_port, dns_path); -out: - free(proxy_host); - free(dns_host); - free(dns_path); - return ret; -} - - -/* Try to lookup a name or an ip-address using http as transport - mechanism. See the end of this file for an example program. */ -static struct hostent* -roken_gethostby(const char *hostname) -{ - int s; - struct sockaddr_in addr; - char *request; - char buf[1024]; - int offset = 0; - int n; - char *p, *foo; - - if(dns_addr.sin_family == 0) - return NULL; /* no configured host */ - addr = dns_addr; - asprintf(&request, "GET %s?%s HTTP/1.0\r\n\r\n", dns_req, hostname); - if(request == NULL) - return NULL; - s = socket(AF_INET, SOCK_STREAM, 0); - if(s < 0) { - free(request); - return NULL; - } - if(connect(s, (struct sockaddr*)&addr, sizeof(addr)) < 0) { - close(s); - free(request); - return NULL; - } - if(write(s, request, strlen(request)) != strlen(request)) { - close(s); - free(request); - return NULL; - } - free(request); - while(1) { - n = read(s, buf + offset, sizeof(buf) - offset); - if(n <= 0) - break; - offset += n; - } - buf[offset] = '\0'; - close(s); - p = strstr(buf, "\r\n\r\n"); /* find end of header */ - if(p) p += 4; - else return NULL; - foo = NULL; - p = strtok_r(p, " \t\r\n", &foo); - if(p == NULL) - return NULL; - { - /* make a hostent to return */ -#define MAX_ADDRS 16 - static struct hostent he; - static char addrs[4 * MAX_ADDRS]; - static char *addr_list[MAX_ADDRS + 1]; - int num_addrs = 0; - - he.h_name = p; - he.h_aliases = NULL; - he.h_addrtype = AF_INET; - he.h_length = 4; - - while((p = strtok_r(NULL, " \t\r\n", &foo)) && num_addrs < MAX_ADDRS) { - struct in_addr ip; - inet_aton(p, &ip); - ip.s_addr = ntohl(ip.s_addr); - addr_list[num_addrs] = &addrs[num_addrs * 4]; - addrs[num_addrs * 4 + 0] = (ip.s_addr >> 24) & 0xff; - addrs[num_addrs * 4 + 1] = (ip.s_addr >> 16) & 0xff; - addrs[num_addrs * 4 + 2] = (ip.s_addr >> 8) & 0xff; - addrs[num_addrs * 4 + 3] = (ip.s_addr >> 0) & 0xff; - addr_list[++num_addrs] = NULL; - } - he.h_addr_list = addr_list; - return &he; - } -} - -struct hostent* -roken_gethostbyname(const char *hostname) -{ - struct hostent *he; - he = gethostbyname(hostname); - if(he) - return he; - return roken_gethostby(hostname); -} - -struct hostent* ROKEN_LIB_FUNCTION -roken_gethostbyaddr(const void *addr, size_t len, int type) -{ - struct in_addr a; - const char *p; - struct hostent *he; - he = gethostbyaddr(addr, len, type); - if(he) - return he; - if(type != AF_INET || len != 4) - return NULL; - p = addr; - a.s_addr = htonl((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); - return roken_gethostby(inet_ntoa(a)); -} - -#if 0 - -/* this program can be used as a cgi `script' to lookup names and - ip-addresses */ - -#include -#include -#include -#include - -int -main(int argc, char **argv) -{ - char *query = getenv("QUERY_STRING"); - char host[MAXHOSTNAMELEN]; - int i; - struct hostent *he; - - printf("Content-type: text/plain\n\n"); - if(query == NULL) - exit(0); - he = gethostbyname(query); - strncpy(host, he->h_name, sizeof(host)); - host[sizeof(host) - 1] = '\0'; - he = gethostbyaddr(he->h_addr, he->h_length, AF_INET); - printf("%s\n", he->h_name); - for(i = 0; he->h_addr_list[i]; i++) { - struct in_addr ip; - unsigned char *p = (unsigned char*)he->h_addr_list[i]; - ip.s_addr = htonl((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); - printf("%s\n", inet_ntoa(ip)); - } - exit(0); -} - -#endif diff --git a/crypto/heimdal/lib/roken/rtbl.3 b/crypto/heimdal/lib/roken/rtbl.3 deleted file mode 100644 index ccdc73f77a31..000000000000 --- a/crypto/heimdal/lib/roken/rtbl.3 +++ /dev/null @@ -1,201 +0,0 @@ -.\" Copyright (c) 2004 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" $Id: rtbl.3 22088 2007-11-25 14:10:15Z lha $ -.\" -.Dd June 26, 2004 -.Dt RTBL 3 -.Os HEIMDAL -.Sh NAME -.Nm rtbl_create , -.Nm rtbl_destroy , -.Nm rtbl_set_flags , -.Nm rtbl_get_flags , -.Nm rtbl_set_prefix , -.Nm rtbl_set_separator , -.Nm rtbl_set_column_prefix , -.Nm rtbl_set_column_affix_by_id , -.Nm rtbl_add_column , -.Nm rtbl_add_column_by_id , -.Nm rtbl_add_column_entry , -.Nm rtbl_add_column_entry_by_id , -.Nm rtbl_new_row , -.Nm rtbl_format -.Nd format data in simple tables -.Sh LIBRARY -The roken library (libroken, -lroken) -.Sh SYNOPSIS -.In rtbl.h -.Ft int -.Fn rtbl_add_column "rtbl_t table" "const char *column_name" "unsigned int flags" -.Ft int -.Fn rtbl_add_column_by_id "rtbl_t table" "unsigned int column_id" "const char *column_header" "unsigned int flags" -.Ft int -.Fn rtbl_add_column_entry "rtbl_t table" "const char *column_name" "const char *cell_entry" -.Ft int -.Fn rtbl_add_column_entry_by_id "rtbl_t table" "unsigned int column_id" "const char *cell_entry" -.Ft rtbl_t -.Fn rtbl_create "void" -.Ft void -.Fn rtbl_destroy "rtbl_t table" -.Ft int -.Fn rtbl_new_row "rtbl_t table" -.Ft int -.Fn rtbl_set_column_affix_by_id "rtbl_t table" "unsigned int column_id "const char *prefix" "const char *suffix" -.Ft int -.Fn rtbl_set_column_prefix "rtbl_t table" "const char *column_name" "const char *prefix" -.Ft "unsigned int" -.Fn rtbl_get_flags "rtbl_t table" -.Ft void -.Fn rtbl_set_flags "rtbl_t table" "unsigned int flags" -.Ft int -.Fn rtbl_set_prefix "rtbl_t table" "const char *prefix" -.Ft int -.Fn rtbl_set_separator "rtbl_t table" "const char *separator" -.Ft int -.Fn rtbl_format "rtbl_t table "FILE *file" -.Sh DESCRIPTION -This set of functions assemble a simple table consisting of rows and -columns, allowing it to be printed with certain options. Typical use -would be output from tools such as -.Xr ls 1 -or -.Xr netstat 1 , -where you have a fixed number of columns, but don't know the column -widthds before hand. -.Pp -A table is created with -.Fn rtbl_create -and destroyed with -.Fn rtbl_destroy . -.Pp -Global flags on the table are set with -.Fa rtbl_set_flags -and retrieved with -.Fa rtbl_get_flags . -At present the only defined flag is -.Dv RTBL_HEADER_STYLE_NONE -which suppresses printing the header. -.Pp -Before adding data to the table, one or more columns need to be -created. This would normally be done with -.Fn rtbl_add_column_by_id , -.Fa column_id -is any number of your choice (it's used only to identify columns), -.Fa column_header -is the header to print at the top of the column, and -.Fa flags -are flags specific to this column. Currently the only defined flag is -.Dv RTBL_ALIGN_RIGHT , -aligning column entries to the right. Columns are printed in the order -they are added. -.Pp -There's also a way to add columns by column name with -.Fn rtbl_add_column , -but this is less flexible (you need unique header names), and is -considered deprecated. -.Pp -To add data to a column you use -.Fn rtbl_add_column_entry_by_id , -where the -.Fa column_id -is the same as when the column was added (adding data to a -non-existent column is undefined), and -.Fa cell_entry -is whatever string you wish to include in that cell. It should not -include newlines. -For columns added with -.Fn rtbl_add_column -you must use -.Fn rtbl_add_column_entry -instead. -.Pp -.Fn rtbl_new_row -fills all columns with blank entries until they all have the same -number of rows. -.Pp -Each column can have a separate prefix and suffix, set with -.Fa rtbl_set_column_affix_by_id ; -.Fa rtbl_set_column_prefix -allows setting the prefix only by column name. In addition to this, -columns may be separated by a string set with -.Fa rtbl_set_separator ( Ns -by default columns are not seprated by anything). -.Pp -The finished table is printed to -.Fa file -with -.Fa rtbl_format . -.Sh EXAMPLES -This program: -.Bd -literal -offset xxxx -#include -#include -int -main(int argc, char **argv) -{ - rtbl_t table; - table = rtbl_create(); - rtbl_set_separator(table, " "); - rtbl_add_column_by_id(table, 0, "Column A", 0); - rtbl_add_column_by_id(table, 1, "Column B", RTBL_ALIGN_RIGHT); - rtbl_add_column_by_id(table, 2, "Column C", 0); - rtbl_add_column_entry_by_id(table, 0, "A-1"); - rtbl_add_column_entry_by_id(table, 0, "A-2"); - rtbl_add_column_entry_by_id(table, 0, "A-3"); - rtbl_add_column_entry_by_id(table, 1, "B-1"); - rtbl_add_column_entry_by_id(table, 2, "C-1"); - rtbl_add_column_entry_by_id(table, 2, "C-2"); - rtbl_add_column_entry_by_id(table, 1, "B-2"); - rtbl_add_column_entry_by_id(table, 1, "B-3"); - rtbl_add_column_entry_by_id(table, 2, "C-3"); - rtbl_add_column_entry_by_id(table, 0, "A-4"); - rtbl_new_row(table); - rtbl_add_column_entry_by_id(table, 1, "B-4"); - rtbl_new_row(table); - rtbl_add_column_entry_by_id(table, 2, "C-4"); - rtbl_new_row(table); - rtbl_format(table, stdout); - rtbl_destroy(table); - return 0; -} -.Ed -.Pp -will output the following: -.Bd -literal -offset xxxx -Column A Column B Column C -A-1 B-1 C-1 -A-2 B-2 C-2 -A-3 B-3 C-3 -A-4 - B-4 - C-4 -.Ed -.\" .Sh SEE ALSO diff --git a/crypto/heimdal/lib/roken/rtbl.c b/crypto/heimdal/lib/roken/rtbl.c deleted file mode 100644 index dd4328f36208..000000000000 --- a/crypto/heimdal/lib/roken/rtbl.c +++ /dev/null @@ -1,489 +0,0 @@ -/* - * Copyright (c) 2000, 2002, 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID ("$Id: rtbl.c 17758 2006-06-30 13:41:40Z lha $"); -#endif -#include "roken.h" -#include "rtbl.h" - -struct column_entry { - char *data; -}; - -struct column_data { - char *header; - char *prefix; - int width; - unsigned flags; - size_t num_rows; - struct column_entry *rows; - unsigned int column_id; - char *suffix; -}; - -struct rtbl_data { - char *column_prefix; - size_t num_columns; - struct column_data **columns; - unsigned int flags; - char *column_separator; -}; - -rtbl_t ROKEN_LIB_FUNCTION -rtbl_create (void) -{ - return calloc (1, sizeof (struct rtbl_data)); -} - -void ROKEN_LIB_FUNCTION -rtbl_set_flags (rtbl_t table, unsigned int flags) -{ - table->flags = flags; -} - -unsigned int ROKEN_LIB_FUNCTION -rtbl_get_flags (rtbl_t table) -{ - return table->flags; -} - -static struct column_data * -rtbl_get_column_by_id (rtbl_t table, unsigned int id) -{ - int i; - for(i = 0; i < table->num_columns; i++) - if(table->columns[i]->column_id == id) - return table->columns[i]; - return NULL; -} - -static struct column_data * -rtbl_get_column (rtbl_t table, const char *column) -{ - int i; - for(i = 0; i < table->num_columns; i++) - if(strcmp(table->columns[i]->header, column) == 0) - return table->columns[i]; - return NULL; -} - -void ROKEN_LIB_FUNCTION -rtbl_destroy (rtbl_t table) -{ - int i, j; - - for (i = 0; i < table->num_columns; i++) { - struct column_data *c = table->columns[i]; - - for (j = 0; j < c->num_rows; j++) - free (c->rows[j].data); - free (c->rows); - free (c->header); - free (c->prefix); - free (c->suffix); - free (c); - } - free (table->column_prefix); - free (table->column_separator); - free (table->columns); - free (table); -} - -int ROKEN_LIB_FUNCTION -rtbl_add_column_by_id (rtbl_t table, unsigned int id, - const char *header, unsigned int flags) -{ - struct column_data *col, **tmp; - - tmp = realloc (table->columns, (table->num_columns + 1) * sizeof (*tmp)); - if (tmp == NULL) - return ENOMEM; - table->columns = tmp; - col = malloc (sizeof (*col)); - if (col == NULL) - return ENOMEM; - col->header = strdup (header); - if (col->header == NULL) { - free (col); - return ENOMEM; - } - col->prefix = NULL; - col->width = 0; - col->flags = flags; - col->num_rows = 0; - col->rows = NULL; - col->column_id = id; - col->suffix = NULL; - table->columns[table->num_columns++] = col; - return 0; -} - -int ROKEN_LIB_FUNCTION -rtbl_add_column (rtbl_t table, const char *header, unsigned int flags) -{ - return rtbl_add_column_by_id(table, 0, header, flags); -} - -int ROKEN_LIB_FUNCTION -rtbl_new_row(rtbl_t table) -{ - size_t max_rows = 0; - size_t c; - for (c = 0; c < table->num_columns; c++) - if(table->columns[c]->num_rows > max_rows) - max_rows = table->columns[c]->num_rows; - for (c = 0; c < table->num_columns; c++) { - struct column_entry *tmp; - - if(table->columns[c]->num_rows == max_rows) - continue; - tmp = realloc(table->columns[c]->rows, - max_rows * sizeof(table->columns[c]->rows)); - if(tmp == NULL) - return ENOMEM; - table->columns[c]->rows = tmp; - while(table->columns[c]->num_rows < max_rows) { - if((tmp[table->columns[c]->num_rows++].data = strdup("")) == NULL) - return ENOMEM; - } - } - return 0; -} - -static void -column_compute_width (rtbl_t table, struct column_data *column) -{ - int i; - - if(table->flags & RTBL_HEADER_STYLE_NONE) - column->width = 0; - else - column->width = strlen (column->header); - for (i = 0; i < column->num_rows; i++) - column->width = max (column->width, strlen (column->rows[i].data)); -} - -/* DEPRECATED */ -int ROKEN_LIB_FUNCTION -rtbl_set_prefix (rtbl_t table, const char *prefix) -{ - if (table->column_prefix) - free (table->column_prefix); - table->column_prefix = strdup (prefix); - if (table->column_prefix == NULL) - return ENOMEM; - return 0; -} - -int ROKEN_LIB_FUNCTION -rtbl_set_separator (rtbl_t table, const char *separator) -{ - if (table->column_separator) - free (table->column_separator); - table->column_separator = strdup (separator); - if (table->column_separator == NULL) - return ENOMEM; - return 0; -} - -int ROKEN_LIB_FUNCTION -rtbl_set_column_prefix (rtbl_t table, const char *column, - const char *prefix) -{ - struct column_data *c = rtbl_get_column (table, column); - - if (c == NULL) - return -1; - if (c->prefix) - free (c->prefix); - c->prefix = strdup (prefix); - if (c->prefix == NULL) - return ENOMEM; - return 0; -} - -int ROKEN_LIB_FUNCTION -rtbl_set_column_affix_by_id(rtbl_t table, unsigned int id, - const char *prefix, const char *suffix) -{ - struct column_data *c = rtbl_get_column_by_id (table, id); - - if (c == NULL) - return -1; - if (c->prefix) - free (c->prefix); - if(prefix == NULL) - c->prefix = NULL; - else { - c->prefix = strdup (prefix); - if (c->prefix == NULL) - return ENOMEM; - } - - if (c->suffix) - free (c->suffix); - if(suffix == NULL) - c->suffix = NULL; - else { - c->suffix = strdup (suffix); - if (c->suffix == NULL) - return ENOMEM; - } - return 0; -} - - -static const char * -get_column_prefix (rtbl_t table, struct column_data *c) -{ - if (c == NULL) - return ""; - if (c->prefix) - return c->prefix; - if (table->column_prefix) - return table->column_prefix; - return ""; -} - -static const char * -get_column_suffix (rtbl_t table, struct column_data *c) -{ - if (c && c->suffix) - return c->suffix; - return ""; -} - -static int -add_column_entry (struct column_data *c, const char *data) -{ - struct column_entry row, *tmp; - - row.data = strdup (data); - if (row.data == NULL) - return ENOMEM; - tmp = realloc (c->rows, (c->num_rows + 1) * sizeof (*tmp)); - if (tmp == NULL) { - free (row.data); - return ENOMEM; - } - c->rows = tmp; - c->rows[c->num_rows++] = row; - return 0; -} - -int ROKEN_LIB_FUNCTION -rtbl_add_column_entry_by_id (rtbl_t table, unsigned int id, const char *data) -{ - struct column_data *c = rtbl_get_column_by_id (table, id); - - if (c == NULL) - return -1; - - return add_column_entry(c, data); -} - -int ROKEN_LIB_FUNCTION -rtbl_add_column_entryv_by_id (rtbl_t table, unsigned int id, - const char *fmt, ...) -{ - va_list ap; - char *str; - int ret; - - va_start(ap, fmt); - ret = vasprintf(&str, fmt, ap); - va_end(ap); - if (ret == -1) - return -1; - ret = rtbl_add_column_entry_by_id(table, id, str); - free(str); - return ret; -} - -int ROKEN_LIB_FUNCTION -rtbl_add_column_entry (rtbl_t table, const char *column, const char *data) -{ - struct column_data *c = rtbl_get_column (table, column); - - if (c == NULL) - return -1; - - return add_column_entry(c, data); -} - -int ROKEN_LIB_FUNCTION -rtbl_add_column_entryv (rtbl_t table, const char *column, const char *fmt, ...) -{ - va_list ap; - char *str; - int ret; - - va_start(ap, fmt); - ret = vasprintf(&str, fmt, ap); - va_end(ap); - if (ret == -1) - return -1; - ret = rtbl_add_column_entry(table, column, str); - free(str); - return ret; -} - - -int ROKEN_LIB_FUNCTION -rtbl_format (rtbl_t table, FILE * f) -{ - int i, j; - - for (i = 0; i < table->num_columns; i++) - column_compute_width (table, table->columns[i]); - if((table->flags & RTBL_HEADER_STYLE_NONE) == 0) { - for (i = 0; i < table->num_columns; i++) { - struct column_data *c = table->columns[i]; - - if(table->column_separator != NULL && i > 0) - fprintf (f, "%s", table->column_separator); - fprintf (f, "%s", get_column_prefix (table, c)); - if(i == table->num_columns - 1 && c->suffix == NULL) - /* last column, so no need to pad with spaces */ - fprintf (f, "%-*s", 0, c->header); - else - fprintf (f, "%-*s", (int)c->width, c->header); - fprintf (f, "%s", get_column_suffix (table, c)); - } - fprintf (f, "\n"); - } - - for (j = 0;; j++) { - int flag = 0; - - /* are there any more rows left? */ - for (i = 0; flag == 0 && i < table->num_columns; ++i) { - struct column_data *c = table->columns[i]; - - if (c->num_rows > j) { - ++flag; - break; - } - } - if (flag == 0) - break; - - for (i = 0; i < table->num_columns; i++) { - int w; - struct column_data *c = table->columns[i]; - - if(table->column_separator != NULL && i > 0) - fprintf (f, "%s", table->column_separator); - - w = c->width; - - if ((c->flags & RTBL_ALIGN_RIGHT) == 0) { - if(i == table->num_columns - 1 && c->suffix == NULL) - /* last column, so no need to pad with spaces */ - w = 0; - else - w = -w; - } - fprintf (f, "%s", get_column_prefix (table, c)); - if (c->num_rows <= j) - fprintf (f, "%*s", w, ""); - else - fprintf (f, "%*s", w, c->rows[j].data); - fprintf (f, "%s", get_column_suffix (table, c)); - } - fprintf (f, "\n"); - } - return 0; -} - -#ifdef TEST -int -main (int argc, char **argv) -{ - rtbl_t table; - - table = rtbl_create (); - rtbl_add_column_by_id (table, 0, "Issued", 0); - rtbl_add_column_by_id (table, 1, "Expires", 0); - rtbl_add_column_by_id (table, 2, "Foo", RTBL_ALIGN_RIGHT); - rtbl_add_column_by_id (table, 3, "Principal", 0); - - rtbl_add_column_entry_by_id (table, 0, "Jul 7 21:19:29"); - rtbl_add_column_entry_by_id (table, 1, "Jul 8 07:19:29"); - rtbl_add_column_entry_by_id (table, 2, "73"); - rtbl_add_column_entry_by_id (table, 2, "0"); - rtbl_add_column_entry_by_id (table, 2, "-2000"); - rtbl_add_column_entry_by_id (table, 3, "krbtgt/NADA.KTH.SE@NADA.KTH.SE"); - - rtbl_add_column_entry_by_id (table, 0, "Jul 7 21:19:29"); - rtbl_add_column_entry_by_id (table, 1, "Jul 8 07:19:29"); - rtbl_add_column_entry_by_id (table, 3, "afs/pdc.kth.se@NADA.KTH.SE"); - - rtbl_add_column_entry_by_id (table, 0, "Jul 7 21:19:29"); - rtbl_add_column_entry_by_id (table, 1, "Jul 8 07:19:29"); - rtbl_add_column_entry_by_id (table, 3, "afs@NADA.KTH.SE"); - - rtbl_set_separator (table, " "); - - rtbl_format (table, stdout); - - rtbl_destroy (table); - - printf("\n"); - - table = rtbl_create (); - rtbl_add_column_by_id (table, 0, "Column A", 0); - rtbl_set_column_affix_by_id (table, 0, "<", ">"); - rtbl_add_column_by_id (table, 1, "Column B", 0); - rtbl_set_column_affix_by_id (table, 1, "[", "]"); - rtbl_add_column_by_id (table, 2, "Column C", 0); - rtbl_set_column_affix_by_id (table, 2, "(", ")"); - - rtbl_add_column_entry_by_id (table, 0, "1"); - rtbl_new_row(table); - rtbl_add_column_entry_by_id (table, 1, "2"); - rtbl_new_row(table); - rtbl_add_column_entry_by_id (table, 2, "3"); - rtbl_new_row(table); - - rtbl_set_separator (table, " "); - rtbl_format (table, stdout); - - rtbl_destroy (table); - - return 0; -} - -#endif diff --git a/crypto/heimdal/lib/roken/rtbl.h b/crypto/heimdal/lib/roken/rtbl.h deleted file mode 100644 index 9b168c7e7306..000000000000 --- a/crypto/heimdal/lib/roken/rtbl.h +++ /dev/null @@ -1,118 +0,0 @@ -/* - * Copyright (c) 2000,2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $Id: rtbl.h 17760 2006-06-30 13:42:39Z lha $ */ - -#ifndef __rtbl_h__ -#define __rtbl_h__ - -#ifndef ROKEN_LIB_FUNCTION -#ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall -#else -#define ROKEN_LIB_FUNCTION -#endif -#endif - -#if !defined(__GNUC__) && !defined(__attribute__) -#define __attribute__(x) -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -struct rtbl_data; -typedef struct rtbl_data *rtbl_t; - -#define RTBL_ALIGN_LEFT 0 -#define RTBL_ALIGN_RIGHT 1 - -/* flags */ -#define RTBL_HEADER_STYLE_NONE 1 - -int ROKEN_LIB_FUNCTION -rtbl_add_column (rtbl_t, const char*, unsigned int); - -int ROKEN_LIB_FUNCTION -rtbl_add_column_by_id (rtbl_t, unsigned int, const char*, unsigned int); - -int ROKEN_LIB_FUNCTION -rtbl_add_column_entryv_by_id (rtbl_t table, unsigned int id, - const char *fmt, ...) - __attribute__ ((format (printf, 3, 0))); - -int ROKEN_LIB_FUNCTION -rtbl_add_column_entry (rtbl_t, const char*, const char*); - -int ROKEN_LIB_FUNCTION -rtbl_add_column_entryv (rtbl_t, const char*, const char*, ...) - __attribute__ ((format (printf, 3, 0))); - -int ROKEN_LIB_FUNCTION -rtbl_add_column_entry_by_id (rtbl_t, unsigned int, const char*); - -rtbl_t ROKEN_LIB_FUNCTION -rtbl_create (void); - -void ROKEN_LIB_FUNCTION -rtbl_destroy (rtbl_t); - -int ROKEN_LIB_FUNCTION -rtbl_format (rtbl_t, FILE*); - -unsigned int ROKEN_LIB_FUNCTION -rtbl_get_flags (rtbl_t); - -int ROKEN_LIB_FUNCTION -rtbl_new_row (rtbl_t); - -int ROKEN_LIB_FUNCTION -rtbl_set_column_affix_by_id (rtbl_t, unsigned int, const char*, const char*); - -int ROKEN_LIB_FUNCTION -rtbl_set_column_prefix (rtbl_t, const char*, const char*); - -void ROKEN_LIB_FUNCTION -rtbl_set_flags (rtbl_t, unsigned int); - -int ROKEN_LIB_FUNCTION -rtbl_set_prefix (rtbl_t, const char*); - -int ROKEN_LIB_FUNCTION -rtbl_set_separator (rtbl_t, const char*); - -#ifdef __cplusplus -} -#endif - -#endif /* __rtbl_h__ */ diff --git a/crypto/heimdal/lib/roken/sendmsg.c b/crypto/heimdal/lib/roken/sendmsg.c deleted file mode 100644 index e7478bfe2d69..000000000000 --- a/crypto/heimdal/lib/roken/sendmsg.c +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: sendmsg.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -ssize_t ROKEN_LIB_FUNCTION -sendmsg(int s, const struct msghdr *msg, int flags) -{ - ssize_t ret; - size_t tot = 0; - int i; - char *buf, *p; - struct iovec *iov = msg->msg_iov; - - for(i = 0; i < msg->msg_iovlen; ++i) - tot += iov[i].iov_len; - buf = malloc(tot); - if (tot != 0 && buf == NULL) { - errno = ENOMEM; - return -1; - } - p = buf; - for (i = 0; i < msg->msg_iovlen; ++i) { - memcpy (p, iov[i].iov_base, iov[i].iov_len); - p += iov[i].iov_len; - } - ret = sendto (s, buf, tot, flags, msg->msg_name, msg->msg_namelen); - free (buf); - return ret; -} diff --git a/crypto/heimdal/lib/roken/setegid.c b/crypto/heimdal/lib/roken/setegid.c deleted file mode 100644 index 14d99eecb86a..000000000000 --- a/crypto/heimdal/lib/roken/setegid.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: setegid.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#ifdef HAVE_UNISTD_H -#include -#endif - -#include "roken.h" - -int ROKEN_LIB_FUNCTION -setegid(gid_t egid) -{ -#ifdef HAVE_SETREGID - return setregid(-1, egid); -#endif - -#ifdef HAVE_SETRESGID - return setresgid(-1, egid, -1); -#endif - - return -1; -} diff --git a/crypto/heimdal/lib/roken/setenv.c b/crypto/heimdal/lib/roken/setenv.c deleted file mode 100644 index 2bf09bec9d83..000000000000 --- a/crypto/heimdal/lib/roken/setenv.c +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: setenv.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -#include -#include - -/* - * This is the easy way out, use putenv to implement setenv. We might - * leak some memory but that is ok since we are usally about to exec - * anyway. - */ - -int ROKEN_LIB_FUNCTION -setenv(const char *var, const char *val, int rewrite) -{ - char *t; - - if (!rewrite && getenv(var) != 0) - return 0; - - asprintf (&t, "%s=%s", var, val); - if (t == NULL) - return -1; - - if (putenv(t) == 0) - return 0; - else - return -1; -} diff --git a/crypto/heimdal/lib/roken/seteuid.c b/crypto/heimdal/lib/roken/seteuid.c deleted file mode 100644 index 4f786bbf4715..000000000000 --- a/crypto/heimdal/lib/roken/seteuid.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: seteuid.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#ifdef HAVE_UNISTD_H -#include -#endif - -#include "roken.h" - -int ROKEN_LIB_FUNCTION -seteuid(uid_t euid) -{ -#ifdef HAVE_SETREUID - return setreuid(-1, euid); -#endif - -#ifdef HAVE_SETRESUID - return setresuid(-1, euid, -1); -#endif - - return -1; -} diff --git a/crypto/heimdal/lib/roken/setprogname.c b/crypto/heimdal/lib/roken/setprogname.c deleted file mode 100644 index b24c785b1bc6..000000000000 --- a/crypto/heimdal/lib/roken/setprogname.c +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (c) 1995-2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: setprogname.c 15955 2005-08-23 10:19:20Z lha $"); -#endif - -#include "roken.h" - -#ifndef HAVE___PROGNAME -extern const char *__progname; -#endif - -#ifndef HAVE_SETPROGNAME -void ROKEN_LIB_FUNCTION -setprogname(const char *argv0) -{ -#ifndef HAVE___PROGNAME - const char *p; - if(argv0 == NULL) - return; - p = strrchr(argv0, '/'); - if(p == NULL) - p = argv0; - else - p++; - __progname = p; -#endif -} -#endif /* HAVE_SETPROGNAME */ diff --git a/crypto/heimdal/lib/roken/signal.c b/crypto/heimdal/lib/roken/signal.c deleted file mode 100644 index e18439040f91..000000000000 --- a/crypto/heimdal/lib/roken/signal.c +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: signal.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include -#include "roken.h" - -/* - * We would like to always use this signal but there is a link error - * on NEXTSTEP - */ -#if !defined(NeXT) && !defined(__APPLE__) -/* - * Bugs: - * - * Do we need any extra hacks for SIGCLD and/or SIGCHLD? - */ - -SigAction ROKEN_LIB_FUNCTION -signal(int iSig, SigAction pAction) -{ - struct sigaction saNew, saOld; - - saNew.sa_handler = pAction; - sigemptyset(&saNew.sa_mask); - saNew.sa_flags = 0; - - if (iSig == SIGALRM) - { -#ifdef SA_INTERRUPT - saNew.sa_flags |= SA_INTERRUPT; -#endif - } - else - { -#ifdef SA_RESTART - saNew.sa_flags |= SA_RESTART; -#endif - } - - if (sigaction(iSig, &saNew, &saOld) < 0) - return(SIG_ERR); - - return(saOld.sa_handler); -} -#endif diff --git a/crypto/heimdal/lib/roken/simple_exec.c b/crypto/heimdal/lib/roken/simple_exec.c deleted file mode 100644 index 447b5bfd0270..000000000000 --- a/crypto/heimdal/lib/roken/simple_exec.c +++ /dev/null @@ -1,331 +0,0 @@ -/* - * Copyright (c) 1998 - 2001, 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: simple_exec.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_WAIT_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#include - -#include "roken.h" - -#define EX_NOEXEC 126 -#define EX_NOTFOUND 127 - -/* return values: - -1 on `unspecified' system errors - -2 on fork failures - -3 on waitpid errors - -4 exec timeout - 0- is return value from subprocess - 126 if the program couldn't be executed - 127 if the program couldn't be found - 128- is 128 + signal that killed subprocess - - possible values `func' can return: - ((time_t)-2) exit loop w/o killing child and return - `exec timeout'/-4 from simple_exec - ((time_t)-1) kill child with SIGTERM and wait for child to exit - 0 don't timeout again - n seconds to next timeout - */ - -static int sig_alarm; - -static RETSIGTYPE -sigtimeout(int sig) -{ - sig_alarm = 1; - SIGRETURN(0); -} - -int ROKEN_LIB_FUNCTION -wait_for_process_timed(pid_t pid, time_t (*func)(void *), - void *ptr, time_t timeout) -{ - RETSIGTYPE (*old_func)(int sig) = NULL; - unsigned int oldtime = 0; - int ret; - - sig_alarm = 0; - - if (func) { - old_func = signal(SIGALRM, sigtimeout); - oldtime = alarm(timeout); - } - - while(1) { - int status; - - while(waitpid(pid, &status, 0) < 0) { - if (errno != EINTR) { - ret = -3; - goto out; - } - if (func == NULL) - continue; - if (sig_alarm == 0) - continue; - timeout = (*func)(ptr); - if (timeout == (time_t)-1) { - kill(pid, SIGTERM); - continue; - } else if (timeout == (time_t)-2) { - ret = -4; - goto out; - } - alarm(timeout); - } - if(WIFSTOPPED(status)) - continue; - if(WIFEXITED(status)) { - ret = WEXITSTATUS(status); - break; - } - if(WIFSIGNALED(status)) { - ret = WTERMSIG(status) + 128; - break; - } - } - out: - if (func) { - signal(SIGALRM, old_func); - alarm(oldtime); - } - return ret; -} - -int ROKEN_LIB_FUNCTION -wait_for_process(pid_t pid) -{ - return wait_for_process_timed(pid, NULL, NULL, 0); -} - -int ROKEN_LIB_FUNCTION -pipe_execv(FILE **stdin_fd, FILE **stdout_fd, FILE **stderr_fd, - const char *file, ...) -{ - int in_fd[2], out_fd[2], err_fd[2]; - pid_t pid; - va_list ap; - char **argv; - - if(stdin_fd != NULL) - pipe(in_fd); - if(stdout_fd != NULL) - pipe(out_fd); - if(stderr_fd != NULL) - pipe(err_fd); - pid = fork(); - switch(pid) { - case 0: - va_start(ap, file); - argv = vstrcollect(&ap); - va_end(ap); - if(argv == NULL) - exit(-1); - - /* close pipes we're not interested in */ - if(stdin_fd != NULL) - close(in_fd[1]); - if(stdout_fd != NULL) - close(out_fd[0]); - if(stderr_fd != NULL) - close(err_fd[0]); - - /* pipe everything caller doesn't care about to /dev/null */ - if(stdin_fd == NULL) - in_fd[0] = open(_PATH_DEVNULL, O_RDONLY); - if(stdout_fd == NULL) - out_fd[1] = open(_PATH_DEVNULL, O_WRONLY); - if(stderr_fd == NULL) - err_fd[1] = open(_PATH_DEVNULL, O_WRONLY); - - /* move to proper descriptors */ - if(in_fd[0] != STDIN_FILENO) { - dup2(in_fd[0], STDIN_FILENO); - close(in_fd[0]); - } - if(out_fd[1] != STDOUT_FILENO) { - dup2(out_fd[1], STDOUT_FILENO); - close(out_fd[1]); - } - if(err_fd[1] != STDERR_FILENO) { - dup2(err_fd[1], STDERR_FILENO); - close(err_fd[1]); - } - - closefrom(3); - - execv(file, argv); - exit((errno == ENOENT) ? EX_NOTFOUND : EX_NOEXEC); - case -1: - if(stdin_fd != NULL) { - close(in_fd[0]); - close(in_fd[1]); - } - if(stdout_fd != NULL) { - close(out_fd[0]); - close(out_fd[1]); - } - if(stderr_fd != NULL) { - close(err_fd[0]); - close(err_fd[1]); - } - return -2; - default: - if(stdin_fd != NULL) { - close(in_fd[0]); - *stdin_fd = fdopen(in_fd[1], "w"); - } - if(stdout_fd != NULL) { - close(out_fd[1]); - *stdout_fd = fdopen(out_fd[0], "r"); - } - if(stderr_fd != NULL) { - close(err_fd[1]); - *stderr_fd = fdopen(err_fd[0], "r"); - } - } - return pid; -} - -int ROKEN_LIB_FUNCTION -simple_execvp_timed(const char *file, char *const args[], - time_t (*func)(void *), void *ptr, time_t timeout) -{ - pid_t pid = fork(); - switch(pid){ - case -1: - return -2; - case 0: - execvp(file, args); - exit((errno == ENOENT) ? EX_NOTFOUND : EX_NOEXEC); - default: - return wait_for_process_timed(pid, func, ptr, timeout); - } -} - -int ROKEN_LIB_FUNCTION -simple_execvp(const char *file, char *const args[]) -{ - return simple_execvp_timed(file, args, NULL, NULL, 0); -} - -/* gee, I'd like a execvpe */ -int ROKEN_LIB_FUNCTION -simple_execve_timed(const char *file, char *const args[], char *const envp[], - time_t (*func)(void *), void *ptr, time_t timeout) -{ - pid_t pid = fork(); - switch(pid){ - case -1: - return -2; - case 0: - execve(file, args, envp); - exit((errno == ENOENT) ? EX_NOTFOUND : EX_NOEXEC); - default: - return wait_for_process_timed(pid, func, ptr, timeout); - } -} - -int ROKEN_LIB_FUNCTION -simple_execve(const char *file, char *const args[], char *const envp[]) -{ - return simple_execve_timed(file, args, envp, NULL, NULL, 0); -} - -int ROKEN_LIB_FUNCTION -simple_execlp(const char *file, ...) -{ - va_list ap; - char **argv; - int ret; - - va_start(ap, file); - argv = vstrcollect(&ap); - va_end(ap); - if(argv == NULL) - return -1; - ret = simple_execvp(file, argv); - free(argv); - return ret; -} - -int ROKEN_LIB_FUNCTION -simple_execle(const char *file, ... /* ,char *const envp[] */) -{ - va_list ap; - char **argv; - char *const* envp; - int ret; - - va_start(ap, file); - argv = vstrcollect(&ap); - envp = va_arg(ap, char **); - va_end(ap); - if(argv == NULL) - return -1; - ret = simple_execve(file, argv, envp); - free(argv); - return ret; -} - -int ROKEN_LIB_FUNCTION -simple_execl(const char *file, ...) -{ - va_list ap; - char **argv; - int ret; - - va_start(ap, file); - argv = vstrcollect(&ap); - va_end(ap); - if(argv == NULL) - return -1; - ret = simple_execve(file, argv, environ); - free(argv); - return ret; -} diff --git a/crypto/heimdal/lib/roken/snprintf-test.c b/crypto/heimdal/lib/roken/snprintf-test.c deleted file mode 100644 index 047d54b63ffd..000000000000 --- a/crypto/heimdal/lib/roken/snprintf-test.c +++ /dev/null @@ -1,269 +0,0 @@ -/* - * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "snprintf-test.h" -#include "roken.h" -#include - -RCSID("$Id: snprintf-test.c 21627 2007-07-17 10:53:17Z lha $"); - -static int -try (const char *format, ...) -{ - int ret; - va_list ap; - char buf1[256], buf2[256]; - - va_start (ap, format); - ret = vsnprintf (buf1, sizeof(buf1), format, ap); - if (ret >= sizeof(buf1)) - errx (1, "increase buf and try again"); - va_end (ap); - va_start (ap, format); - vsprintf (buf2, format, ap); - ret = strcmp (buf1, buf2); - if (ret) - printf ("failed: format = \"%s\", \"%s\" != \"%s\"\n", - format, buf1, buf2); - va_end (ap); - return ret; -} - -static int -cmp_with_sprintf_int (void) -{ - int tot = 0; - int int_values[] = {INT_MIN, -17, -1, 0, 1, 17, 4711, 65535, INT_MAX}; - int i; - - for (i = 0; i < sizeof(int_values) / sizeof(int_values[0]); ++i) { - tot += try ("%d", int_values[i]); - tot += try ("%x", int_values[i]); - tot += try ("%X", int_values[i]); - tot += try ("%o", int_values[i]); - tot += try ("%#x", int_values[i]); - tot += try ("%#X", int_values[i]); - tot += try ("%#o", int_values[i]); - tot += try ("%10d", int_values[i]); - tot += try ("%10x", int_values[i]); - tot += try ("%10X", int_values[i]); - tot += try ("%10o", int_values[i]); - tot += try ("%#10x", int_values[i]); - tot += try ("%#10X", int_values[i]); - tot += try ("%#10o", int_values[i]); - tot += try ("%-10d", int_values[i]); - tot += try ("%-10x", int_values[i]); - tot += try ("%-10X", int_values[i]); - tot += try ("%-10o", int_values[i]); - tot += try ("%-#10x", int_values[i]); - tot += try ("%-#10X", int_values[i]); - tot += try ("%-#10o", int_values[i]); - } - return tot; -} - -static int -cmp_with_sprintf_long (void) -{ - int tot = 0; - long long_values[] = {LONG_MIN, -17, -1, 0, 1, 17, 4711, 65535, LONG_MAX}; - int i; - - for (i = 0; i < sizeof(long_values) / sizeof(long_values[0]); ++i) { - tot += try ("%ld", long_values[i]); - tot += try ("%lx", long_values[i]); - tot += try ("%lX", long_values[i]); - tot += try ("%lo", long_values[i]); - tot += try ("%#lx", long_values[i]); - tot += try ("%#lX", long_values[i]); - tot += try ("%#lo", long_values[i]); - tot += try ("%10ld", long_values[i]); - tot += try ("%10lx", long_values[i]); - tot += try ("%10lX", long_values[i]); - tot += try ("%10lo", long_values[i]); - tot += try ("%#10lx", long_values[i]); - tot += try ("%#10lX", long_values[i]); - tot += try ("%#10lo", long_values[i]); - tot += try ("%-10ld", long_values[i]); - tot += try ("%-10lx", long_values[i]); - tot += try ("%-10lX", long_values[i]); - tot += try ("%-10lo", long_values[i]); - tot += try ("%-#10lx", long_values[i]); - tot += try ("%-#10lX", long_values[i]); - tot += try ("%-#10lo", long_values[i]); - } - return tot; -} - -#ifdef HAVE_LONG_LONG - -/* XXX doesn't work as expected on lp64 platforms with sizeof(long - * long) == sizeof(long) */ - -static int -cmp_with_sprintf_long_long (void) -{ - int tot = 0; - long long long_long_values[] = { - ((long long)LONG_MIN) -1, LONG_MIN, -17, -1, - 0, - 1, 17, 4711, 65535, LONG_MAX, ((long long)LONG_MAX) + 1}; - int i; - - for (i = 0; i < sizeof(long_long_values) / sizeof(long_long_values[0]); ++i) { - tot += try ("%lld", long_long_values[i]); - tot += try ("%llx", long_long_values[i]); - tot += try ("%llX", long_long_values[i]); - tot += try ("%llo", long_long_values[i]); - tot += try ("%#llx", long_long_values[i]); - tot += try ("%#llX", long_long_values[i]); - tot += try ("%#llo", long_long_values[i]); - tot += try ("%10lld", long_long_values[i]); - tot += try ("%10llx", long_long_values[i]); - tot += try ("%10llX", long_long_values[i]); - tot += try ("%10llo", long_long_values[i]); - tot += try ("%#10llx", long_long_values[i]); - tot += try ("%#10llX", long_long_values[i]); - tot += try ("%#10llo", long_long_values[i]); - tot += try ("%-10lld", long_long_values[i]); - tot += try ("%-10llx", long_long_values[i]); - tot += try ("%-10llX", long_long_values[i]); - tot += try ("%-10llo", long_long_values[i]); - tot += try ("%-#10llx", long_long_values[i]); - tot += try ("%-#10llX", long_long_values[i]); - tot += try ("%-#10llo", long_long_values[i]); - } - return tot; -} - -#endif - -#if 0 -static int -cmp_with_sprintf_float (void) -{ - int tot = 0; - double double_values[] = {-99999, -999, -17.4, -4.3, -3.0, -1.5, -1, - 0, 0.1, 0.2342374852, 0.2340007, - 3.1415926, 14.7845, 34.24758, 9999, 9999999}; - int i; - - for (i = 0; i < sizeof(double_values) / sizeof(double_values[0]); ++i) { - tot += try ("%f", double_values[i]); - tot += try ("%10f", double_values[i]); - tot += try ("%.2f", double_values[i]); - tot += try ("%7.0f", double_values[i]); - tot += try ("%5.2f", double_values[i]); - tot += try ("%0f", double_values[i]); - tot += try ("%#f", double_values[i]); - tot += try ("%e", double_values[i]); - tot += try ("%10e", double_values[i]); - tot += try ("%.2e", double_values[i]); - tot += try ("%7.0e", double_values[i]); - tot += try ("%5.2e", double_values[i]); - tot += try ("%0e", double_values[i]); - tot += try ("%#e", double_values[i]); - tot += try ("%E", double_values[i]); - tot += try ("%10E", double_values[i]); - tot += try ("%.2E", double_values[i]); - tot += try ("%7.0E", double_values[i]); - tot += try ("%5.2E", double_values[i]); - tot += try ("%0E", double_values[i]); - tot += try ("%#E", double_values[i]); - tot += try ("%g", double_values[i]); - tot += try ("%10g", double_values[i]); - tot += try ("%.2g", double_values[i]); - tot += try ("%7.0g", double_values[i]); - tot += try ("%5.2g", double_values[i]); - tot += try ("%0g", double_values[i]); - tot += try ("%#g", double_values[i]); - tot += try ("%G", double_values[i]); - tot += try ("%10G", double_values[i]); - tot += try ("%.2G", double_values[i]); - tot += try ("%7.0G", double_values[i]); - tot += try ("%5.2G", double_values[i]); - tot += try ("%0G", double_values[i]); - tot += try ("%#G", double_values[i]); - } - return tot; -} -#endif - -static int -test_null (void) -{ - return snprintf (NULL, 0, "foo") != 3; -} - -static int -test_sizet (void) -{ - int tot = 0; - size_t sizet_values[] = { 0, 1, 2, 200, 4294967295u }; /* SIZE_MAX */ - char *result[] = { "0", "1", "2", "200", "4294967295" }; - int i; - - for (i = 0; i < sizeof(sizet_values) / sizeof(sizet_values[0]); ++i) { -#if 0 - tot += try("%zu", sizet_values[i]); - tot += try("%zx", sizet_values[i]); - tot += try("%zX", sizet_values[i]); -#else - char buf[256]; - snprintf(buf, sizeof(buf), "%zu", sizet_values[i]); - if (strcmp(buf, result[i]) != 0) { - printf("%s != %s", buf, result[i]); - tot++; - } -#endif - } - return tot; -} - - -int -main (int argc, char **argv) -{ - int ret = 0; - - ret += cmp_with_sprintf_int (); - ret += cmp_with_sprintf_long (); -#ifdef HAVE_LONG_LONG - ret += cmp_with_sprintf_long_long (); -#endif - ret += test_null (); - ret += test_sizet (); - return ret; -} diff --git a/crypto/heimdal/lib/roken/snprintf-test.h b/crypto/heimdal/lib/roken/snprintf-test.h deleted file mode 100644 index d672873679bc..000000000000 --- a/crypto/heimdal/lib/roken/snprintf-test.h +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -/* $Id: snprintf-test.h 10377 2001-07-19 18:39:14Z assar $ */ - -#ifndef __SNPRINTF_TEST_H__ -#define __SNPRINTF_TEST_H__ - -/* - * we cannot use the real names of the functions when testing, since - * they might have different prototypes as the system functions, hence - * these evil hacks - */ - -#define snprintf test_snprintf -#define asprintf test_asprintf -#define asnprintf test_asnprintf -#define vasprintf test_vasprintf -#define vasnprintf test_vasnprintf -#define vsnprintf test_vsnprintf - -#endif /* __SNPRINTF_TEST_H__ */ diff --git a/crypto/heimdal/lib/roken/snprintf.c b/crypto/heimdal/lib/roken/snprintf.c deleted file mode 100644 index 6b3352f96b89..000000000000 --- a/crypto/heimdal/lib/roken/snprintf.c +++ /dev/null @@ -1,702 +0,0 @@ -/* - * Copyright (c) 1995-2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: snprintf.c 21005 2007-06-08 01:54:35Z lha $"); -#endif -#if defined(TEST_SNPRINTF) -#include "snprintf-test.h" -#endif /* TEST_SNPRINTF */ -#include -#include -#include -#include -#include -#include "roken.h" -#include - -enum format_flags { - minus_flag = 1, - plus_flag = 2, - space_flag = 4, - alternate_flag = 8, - zero_flag = 16 -}; - -/* - * Common state - */ - -struct snprintf_state { - unsigned char *str; - unsigned char *s; - unsigned char *theend; - size_t sz; - size_t max_sz; - void (*append_char)(struct snprintf_state *, unsigned char); - /* XXX - methods */ -}; - -#if !defined(HAVE_VSNPRINTF) || defined(TEST_SNPRINTF) -static int -sn_reserve (struct snprintf_state *state, size_t n) -{ - return state->s + n > state->theend; -} - -static void -sn_append_char (struct snprintf_state *state, unsigned char c) -{ - if (!sn_reserve (state, 1)) - *state->s++ = c; -} -#endif - -static int -as_reserve (struct snprintf_state *state, size_t n) -{ - if (state->s + n > state->theend) { - int off = state->s - state->str; - unsigned char *tmp; - - if (state->max_sz && state->sz >= state->max_sz) - return 1; - - state->sz = max(state->sz * 2, state->sz + n); - if (state->max_sz) - state->sz = min(state->sz, state->max_sz); - tmp = realloc (state->str, state->sz); - if (tmp == NULL) - return 1; - state->str = tmp; - state->s = state->str + off; - state->theend = state->str + state->sz - 1; - } - return 0; -} - -static void -as_append_char (struct snprintf_state *state, unsigned char c) -{ - if(!as_reserve (state, 1)) - *state->s++ = c; -} - -/* longest integer types */ - -#ifdef HAVE_LONG_LONG -typedef unsigned long long u_longest; -typedef long long longest; -#else -typedef unsigned long u_longest; -typedef long longest; -#endif - - - -static int -pad(struct snprintf_state *state, int width, char c) -{ - int len = 0; - while(width-- > 0){ - (*state->append_char)(state, c); - ++len; - } - return len; -} - -/* return true if we should use alternatve hex form */ -static int -use_alternative (int flags, u_longest num, unsigned base) -{ - return (flags & alternate_flag) && base == 16 && num != 0; -} - -static int -append_number(struct snprintf_state *state, - u_longest num, unsigned base, const char *rep, - int width, int prec, int flags, int minusp) -{ - int len = 0; - u_longest n = num; - char nstr[64]; /* enough for <192 bit octal integers */ - int nstart, nlen; - char signchar; - - /* given precision, ignore zero flag */ - if(prec != -1) - flags &= ~zero_flag; - else - prec = 1; - - /* format number as string */ - nstart = sizeof(nstr); - nlen = 0; - nstr[--nstart] = '\0'; - do { - assert(nstart > 0); - nstr[--nstart] = rep[n % base]; - ++nlen; - n /= base; - } while(n); - - /* zero value with zero precision should produce no digits */ - if(prec == 0 && num == 0) { - nlen--; - nstart++; - } - - /* figure out what char to use for sign */ - if(minusp) - signchar = '-'; - else if((flags & plus_flag)) - signchar = '+'; - else if((flags & space_flag)) - signchar = ' '; - else - signchar = '\0'; - - if((flags & alternate_flag) && base == 8) { - /* if necessary, increase the precision to - make first digit a zero */ - - /* XXX C99 claims (regarding # and %o) that "if the value and - precision are both 0, a single 0 is printed", but there is - no such wording for %x. This would mean that %#.o would - output "0", but %#.x "". This does not make sense, and is - also not what other printf implementations are doing. */ - - if(prec <= nlen && nstr[nstart] != '0' && nstr[nstart] != '\0') - prec = nlen + 1; - } - - /* possible formats: - pad | sign | alt | zero | digits - sign | alt | zero | digits | pad minus_flag - sign | alt | zero | digits zero_flag */ - - /* if not right justifying or padding with zeros, we need to - compute the length of the rest of the string, and then pad with - spaces */ - if(!(flags & (minus_flag | zero_flag))) { - if(prec > nlen) - width -= prec; - else - width -= nlen; - - if(use_alternative(flags, num, base)) - width -= 2; - - if(signchar != '\0') - width--; - - /* pad to width */ - len += pad(state, width, ' '); - } - if(signchar != '\0') { - (*state->append_char)(state, signchar); - ++len; - } - if(use_alternative(flags, num, base)) { - (*state->append_char)(state, '0'); - (*state->append_char)(state, rep[10] + 23); /* XXX */ - len += 2; - } - if(flags & zero_flag) { - /* pad to width with zeros */ - if(prec - nlen > width - len - nlen) - len += pad(state, prec - nlen, '0'); - else - len += pad(state, width - len - nlen, '0'); - } else - /* pad to prec with zeros */ - len += pad(state, prec - nlen, '0'); - - while(nstr[nstart] != '\0') { - (*state->append_char)(state, nstr[nstart++]); - ++len; - } - - if(flags & minus_flag) - len += pad(state, width - len, ' '); - - return len; -} - -/* - * return length - */ - -static int -append_string (struct snprintf_state *state, - const unsigned char *arg, - int width, - int prec, - int flags) -{ - int len = 0; - - if(arg == NULL) - arg = (const unsigned char*)"(null)"; - - if(prec != -1) - width -= prec; - else - width -= strlen((const char *)arg); - if(!(flags & minus_flag)) - len += pad(state, width, ' '); - - if (prec != -1) { - while (*arg && prec--) { - (*state->append_char) (state, *arg++); - ++len; - } - } else { - while (*arg) { - (*state->append_char) (state, *arg++); - ++len; - } - } - if(flags & minus_flag) - len += pad(state, width, ' '); - return len; -} - -static int -append_char(struct snprintf_state *state, - unsigned char arg, - int width, - int flags) -{ - int len = 0; - - while(!(flags & minus_flag) && --width > 0) { - (*state->append_char) (state, ' ') ; - ++len; - } - (*state->append_char) (state, arg); - ++len; - while((flags & minus_flag) && --width > 0) { - (*state->append_char) (state, ' '); - ++len; - } - return 0; -} - -/* - * This can't be made into a function... - */ - -#ifdef HAVE_LONG_LONG - -#define PARSE_INT_FORMAT(res, arg, unsig) \ -if (long_long_flag) \ - res = (unsig long long)va_arg(arg, unsig long long); \ -else if (long_flag) \ - res = (unsig long)va_arg(arg, unsig long); \ -else if (size_t_flag) \ - res = (unsig long)va_arg(arg, size_t); \ -else if (short_flag) \ - res = (unsig short)va_arg(arg, unsig int); \ -else \ - res = (unsig int)va_arg(arg, unsig int) - -#else - -#define PARSE_INT_FORMAT(res, arg, unsig) \ -if (long_flag) \ - res = (unsig long)va_arg(arg, unsig long); \ -else if (size_t_flag) \ - res = (unsig long)va_arg(arg, size_t); \ -else if (short_flag) \ - res = (unsig short)va_arg(arg, unsig int); \ -else \ - res = (unsig int)va_arg(arg, unsig int) - -#endif - -/* - * zyxprintf - return length, as snprintf - */ - -static int -xyzprintf (struct snprintf_state *state, const char *char_format, va_list ap) -{ - const unsigned char *format = (const unsigned char *)char_format; - unsigned char c; - int len = 0; - - while((c = *format++)) { - if (c == '%') { - int flags = 0; - int width = 0; - int prec = -1; - int size_t_flag = 0; - int long_long_flag = 0; - int long_flag = 0; - int short_flag = 0; - - /* flags */ - while((c = *format++)){ - if(c == '-') - flags |= minus_flag; - else if(c == '+') - flags |= plus_flag; - else if(c == ' ') - flags |= space_flag; - else if(c == '#') - flags |= alternate_flag; - else if(c == '0') - flags |= zero_flag; - else if(c == '\'') - ; /* just ignore */ - else - break; - } - - if((flags & space_flag) && (flags & plus_flag)) - flags ^= space_flag; - - if((flags & minus_flag) && (flags & zero_flag)) - flags ^= zero_flag; - - /* width */ - if (isdigit(c)) - do { - width = width * 10 + c - '0'; - c = *format++; - } while(isdigit(c)); - else if(c == '*') { - width = va_arg(ap, int); - c = *format++; - } - - /* precision */ - if (c == '.') { - prec = 0; - c = *format++; - if (isdigit(c)) - do { - prec = prec * 10 + c - '0'; - c = *format++; - } while(isdigit(c)); - else if (c == '*') { - prec = va_arg(ap, int); - c = *format++; - } - } - - /* size */ - - if (c == 'h') { - short_flag = 1; - c = *format++; - } else if (c == 'z') { - size_t_flag = 1; - c = *format++; - } else if (c == 'l') { - long_flag = 1; - c = *format++; - if (c == 'l') { - long_long_flag = 1; - c = *format++; - } - } - - if(c != 'd' && c != 'i') - flags &= ~(plus_flag | space_flag); - - switch (c) { - case 'c' : - append_char(state, va_arg(ap, int), width, flags); - ++len; - break; - case 's' : - len += append_string(state, - va_arg(ap, unsigned char*), - width, - prec, - flags); - break; - case 'd' : - case 'i' : { - longest arg; - u_longest num; - int minusp = 0; - - PARSE_INT_FORMAT(arg, ap, signed); - - if (arg < 0) { - minusp = 1; - num = -arg; - } else - num = arg; - - len += append_number (state, num, 10, "0123456789", - width, prec, flags, minusp); - break; - } - case 'u' : { - u_longest arg; - - PARSE_INT_FORMAT(arg, ap, unsigned); - - len += append_number (state, arg, 10, "0123456789", - width, prec, flags, 0); - break; - } - case 'o' : { - u_longest arg; - - PARSE_INT_FORMAT(arg, ap, unsigned); - - len += append_number (state, arg, 010, "01234567", - width, prec, flags, 0); - break; - } - case 'x' : { - u_longest arg; - - PARSE_INT_FORMAT(arg, ap, unsigned); - - len += append_number (state, arg, 0x10, "0123456789abcdef", - width, prec, flags, 0); - break; - } - case 'X' :{ - u_longest arg; - - PARSE_INT_FORMAT(arg, ap, unsigned); - - len += append_number (state, arg, 0x10, "0123456789ABCDEF", - width, prec, flags, 0); - break; - } - case 'p' : { - unsigned long arg = (unsigned long)va_arg(ap, void*); - - len += append_number (state, arg, 0x10, "0123456789ABCDEF", - width, prec, flags, 0); - break; - } - case 'n' : { - int *arg = va_arg(ap, int*); - *arg = state->s - state->str; - break; - } - case '\0' : - --format; - /* FALLTHROUGH */ - case '%' : - (*state->append_char)(state, c); - ++len; - break; - default : - (*state->append_char)(state, '%'); - (*state->append_char)(state, c); - len += 2; - break; - } - } else { - (*state->append_char) (state, c); - ++len; - } - } - return len; -} - -#if !defined(HAVE_SNPRINTF) || defined(TEST_SNPRINTF) -int ROKEN_LIB_FUNCTION -snprintf (char *str, size_t sz, const char *format, ...) -{ - va_list args; - int ret; - - va_start(args, format); - ret = vsnprintf (str, sz, format, args); - va_end(args); - -#ifdef PARANOIA - { - int ret2; - char *tmp; - - tmp = malloc (sz); - if (tmp == NULL) - abort (); - - va_start(args, format); - ret2 = vsprintf (tmp, format, args); - va_end(args); - if (ret != ret2 || strcmp(str, tmp)) - abort (); - free (tmp); - } -#endif - - return ret; -} -#endif - -#if !defined(HAVE_ASPRINTF) || defined(TEST_SNPRINTF) -int ROKEN_LIB_FUNCTION -asprintf (char **ret, const char *format, ...) -{ - va_list args; - int val; - - va_start(args, format); - val = vasprintf (ret, format, args); - va_end(args); - -#ifdef PARANOIA - { - int ret2; - char *tmp; - tmp = malloc (val + 1); - if (tmp == NULL) - abort (); - - va_start(args, format); - ret2 = vsprintf (tmp, format, args); - va_end(args); - if (val != ret2 || strcmp(*ret, tmp)) - abort (); - free (tmp); - } -#endif - - return val; -} -#endif - -#if !defined(HAVE_ASNPRINTF) || defined(TEST_SNPRINTF) -int ROKEN_LIB_FUNCTION -asnprintf (char **ret, size_t max_sz, const char *format, ...) -{ - va_list args; - int val; - - va_start(args, format); - val = vasnprintf (ret, max_sz, format, args); - -#ifdef PARANOIA - { - int ret2; - char *tmp; - tmp = malloc (val + 1); - if (tmp == NULL) - abort (); - - ret2 = vsprintf (tmp, format, args); - if (val != ret2 || strcmp(*ret, tmp)) - abort (); - free (tmp); - } -#endif - - va_end(args); - return val; -} -#endif - -#if !defined(HAVE_VASPRINTF) || defined(TEST_SNPRINTF) -int ROKEN_LIB_FUNCTION -vasprintf (char **ret, const char *format, va_list args) -{ - return vasnprintf (ret, 0, format, args); -} -#endif - - -#if !defined(HAVE_VASNPRINTF) || defined(TEST_SNPRINTF) -int ROKEN_LIB_FUNCTION -vasnprintf (char **ret, size_t max_sz, const char *format, va_list args) -{ - int st; - struct snprintf_state state; - - state.max_sz = max_sz; - state.sz = 1; - state.str = malloc(state.sz); - if (state.str == NULL) { - *ret = NULL; - return -1; - } - state.s = state.str; - state.theend = state.s + state.sz - 1; - state.append_char = as_append_char; - - st = xyzprintf (&state, format, args); - if (st > state.sz) { - free (state.str); - *ret = NULL; - return -1; - } else { - char *tmp; - - *state.s = '\0'; - tmp = realloc (state.str, st+1); - if (tmp == NULL) { - free (state.str); - *ret = NULL; - return -1; - } - *ret = tmp; - return st; - } -} -#endif - -#if !defined(HAVE_VSNPRINTF) || defined(TEST_SNPRINTF) -int ROKEN_LIB_FUNCTION -vsnprintf (char *str, size_t sz, const char *format, va_list args) -{ - struct snprintf_state state; - int ret; - unsigned char *ustr = (unsigned char *)str; - - state.max_sz = 0; - state.sz = sz; - state.str = ustr; - state.s = ustr; - state.theend = ustr + sz - (sz > 0); - state.append_char = sn_append_char; - - ret = xyzprintf (&state, format, args); - if (state.s != NULL && sz != 0) - *state.s = '\0'; - return ret; -} -#endif diff --git a/crypto/heimdal/lib/roken/socket.c b/crypto/heimdal/lib/roken/socket.c deleted file mode 100644 index a82dd0186c92..000000000000 --- a/crypto/heimdal/lib/roken/socket.c +++ /dev/null @@ -1,302 +0,0 @@ -/* - * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: socket.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include "roken.h" -#include - -/* - * Set `sa' to the unitialized address of address family `af' - */ - -void ROKEN_LIB_FUNCTION -socket_set_any (struct sockaddr *sa, int af) -{ - switch (af) { - case AF_INET : { - struct sockaddr_in *sin4 = (struct sockaddr_in *)sa; - - memset (sin4, 0, sizeof(*sin4)); - sin4->sin_family = AF_INET; - sin4->sin_port = 0; - sin4->sin_addr.s_addr = INADDR_ANY; - break; - } -#ifdef HAVE_IPV6 - case AF_INET6 : { - struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; - - memset (sin6, 0, sizeof(*sin6)); - sin6->sin6_family = AF_INET6; - sin6->sin6_port = 0; - sin6->sin6_addr = in6addr_any; - break; - } -#endif - default : - errx (1, "unknown address family %d", sa->sa_family); - break; - } -} - -/* - * set `sa' to (`ptr', `port') - */ - -void ROKEN_LIB_FUNCTION -socket_set_address_and_port (struct sockaddr *sa, const void *ptr, int port) -{ - switch (sa->sa_family) { - case AF_INET : { - struct sockaddr_in *sin4 = (struct sockaddr_in *)sa; - - memset (sin4, 0, sizeof(*sin4)); - sin4->sin_family = AF_INET; - sin4->sin_port = port; - memcpy (&sin4->sin_addr, ptr, sizeof(struct in_addr)); - break; - } -#ifdef HAVE_IPV6 - case AF_INET6 : { - struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; - - memset (sin6, 0, sizeof(*sin6)); - sin6->sin6_family = AF_INET6; - sin6->sin6_port = port; - memcpy (&sin6->sin6_addr, ptr, sizeof(struct in6_addr)); - break; - } -#endif - default : - errx (1, "unknown address family %d", sa->sa_family); - break; - } -} - -/* - * Return the size of an address of the type in `sa' - */ - -size_t ROKEN_LIB_FUNCTION -socket_addr_size (const struct sockaddr *sa) -{ - switch (sa->sa_family) { - case AF_INET : - return sizeof(struct in_addr); -#ifdef HAVE_IPV6 - case AF_INET6 : - return sizeof(struct in6_addr); -#endif - default : - errx (1, "unknown address family %d", sa->sa_family); - break; - } -} - -/* - * Return the size of a `struct sockaddr' in `sa'. - */ - -size_t ROKEN_LIB_FUNCTION -socket_sockaddr_size (const struct sockaddr *sa) -{ - switch (sa->sa_family) { - case AF_INET : - return sizeof(struct sockaddr_in); -#ifdef HAVE_IPV6 - case AF_INET6 : - return sizeof(struct sockaddr_in6); -#endif - default : - errx (1, "unknown address family %d", sa->sa_family); - break; - } -} - -/* - * Return the binary address of `sa'. - */ - -void * ROKEN_LIB_FUNCTION -socket_get_address (struct sockaddr *sa) -{ - switch (sa->sa_family) { - case AF_INET : { - struct sockaddr_in *sin4 = (struct sockaddr_in *)sa; - return &sin4->sin_addr; - } -#ifdef HAVE_IPV6 - case AF_INET6 : { - struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; - return &sin6->sin6_addr; - } -#endif - default : - errx (1, "unknown address family %d", sa->sa_family); - break; - } -} - -/* - * Return the port number from `sa'. - */ - -int ROKEN_LIB_FUNCTION -socket_get_port (const struct sockaddr *sa) -{ - switch (sa->sa_family) { - case AF_INET : { - const struct sockaddr_in *sin4 = (const struct sockaddr_in *)sa; - return sin4->sin_port; - } -#ifdef HAVE_IPV6 - case AF_INET6 : { - const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa; - return sin6->sin6_port; - } -#endif - default : - errx (1, "unknown address family %d", sa->sa_family); - break; - } -} - -/* - * Set the port in `sa' to `port'. - */ - -void ROKEN_LIB_FUNCTION -socket_set_port (struct sockaddr *sa, int port) -{ - switch (sa->sa_family) { - case AF_INET : { - struct sockaddr_in *sin4 = (struct sockaddr_in *)sa; - sin4->sin_port = port; - break; - } -#ifdef HAVE_IPV6 - case AF_INET6 : { - struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; - sin6->sin6_port = port; - break; - } -#endif - default : - errx (1, "unknown address family %d", sa->sa_family); - break; - } -} - -/* - * Set the range of ports to use when binding with port = 0. - */ -void ROKEN_LIB_FUNCTION -socket_set_portrange (int sock, int restr, int af) -{ -#if defined(IP_PORTRANGE) - if (af == AF_INET) { - int on = restr ? IP_PORTRANGE_HIGH : IP_PORTRANGE_DEFAULT; - if (setsockopt (sock, IPPROTO_IP, IP_PORTRANGE, &on, - sizeof(on)) < 0) - warn ("setsockopt IP_PORTRANGE (ignored)"); - } -#endif -#if defined(IPV6_PORTRANGE) - if (af == AF_INET6) { - int on = restr ? IPV6_PORTRANGE_HIGH : - IPV6_PORTRANGE_DEFAULT; - if (setsockopt (sock, IPPROTO_IPV6, IPV6_PORTRANGE, &on, - sizeof(on)) < 0) - warn ("setsockopt IPV6_PORTRANGE (ignored)"); - } -#endif -} - -/* - * Enable debug on `sock'. - */ - -void ROKEN_LIB_FUNCTION -socket_set_debug (int sock) -{ -#if defined(SO_DEBUG) && defined(HAVE_SETSOCKOPT) - int on = 1; - - if (setsockopt (sock, SOL_SOCKET, SO_DEBUG, (void *) &on, sizeof (on)) < 0) - warn ("setsockopt SO_DEBUG (ignored)"); -#endif -} - -/* - * Set the type-of-service of `sock' to `tos'. - */ - -void ROKEN_LIB_FUNCTION -socket_set_tos (int sock, int tos) -{ -#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT) - if (setsockopt (sock, IPPROTO_IP, IP_TOS, (void *) &tos, sizeof (int)) < 0) - if (errno != EINVAL) - warn ("setsockopt TOS (ignored)"); -#endif -} - -/* - * set the reuse of addresses on `sock' to `val'. - */ - -void ROKEN_LIB_FUNCTION -socket_set_reuseaddr (int sock, int val) -{ -#if defined(SO_REUSEADDR) && defined(HAVE_SETSOCKOPT) - if(setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&val, - sizeof(val)) < 0) - err (1, "setsockopt SO_REUSEADDR"); -#endif -} - -/* - * Set the that the `sock' should bind to only IPv6 addresses. - */ - -void ROKEN_LIB_FUNCTION -socket_set_ipv6only (int sock, int val) -{ -#if defined(IPV6_V6ONLY) && defined(HAVE_SETSOCKOPT) - setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, (void *)&val, sizeof(val)); -#endif -} diff --git a/crypto/heimdal/lib/roken/socket_wrapper.c b/crypto/heimdal/lib/roken/socket_wrapper.c deleted file mode 100644 index 9e6bfdd09811..000000000000 --- a/crypto/heimdal/lib/roken/socket_wrapper.c +++ /dev/null @@ -1,1913 +0,0 @@ -/* - * Copyright (C) Jelmer Vernooij 2005 - * Copyright (C) Stefan Metzmacher 2006 - * - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the author nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - */ - -/* - Socket wrapper library. Passes all socket communication over - unix domain sockets if the environment variable SOCKET_WRAPPER_DIR - is set. -*/ - -#define SOCKET_WRAPPER_NOT_REPLACE - -#ifdef _SAMBA_BUILD_ - -#include "includes.h" -#include "system/network.h" -#include "system/filesys.h" - -#ifdef malloc -#undef malloc -#endif -#ifdef calloc -#undef calloc -#endif -#ifdef strdup -#undef strdup -#endif - -#else /* _SAMBA_BUILD_ */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#undef SOCKET_WRAPPER_REPLACE - -#include -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#include -#include -#include -#ifdef HAVE_SYS_FILIO_H -#include -#endif -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "roken.h" - -#include "socket_wrapper.h" - -#define HAVE_GETTIMEOFDAY_TZ 1 - -#define _PUBLIC_ - -#endif - -#define SWRAP_DLIST_ADD(list,item) do { \ - if (!(list)) { \ - (item)->prev = NULL; \ - (item)->next = NULL; \ - (list) = (item); \ - } else { \ - (item)->prev = NULL; \ - (item)->next = (list); \ - (list)->prev = (item); \ - (list) = (item); \ - } \ -} while (0) - -#define SWRAP_DLIST_REMOVE(list,item) do { \ - if ((list) == (item)) { \ - (list) = (item)->next; \ - if (list) { \ - (list)->prev = NULL; \ - } \ - } else { \ - if ((item)->prev) { \ - (item)->prev->next = (item)->next; \ - } \ - if ((item)->next) { \ - (item)->next->prev = (item)->prev; \ - } \ - } \ - (item)->prev = NULL; \ - (item)->next = NULL; \ -} while (0) - -/* LD_PRELOAD doesn't work yet, so REWRITE_CALLS is all we support - * for now */ -#define REWRITE_CALLS - -#ifdef REWRITE_CALLS -#define real_accept accept -#define real_connect connect -#define real_bind bind -#define real_listen listen -#define real_getpeername getpeername -#define real_getsockname getsockname -#define real_getsockopt getsockopt -#define real_setsockopt setsockopt -#define real_recvfrom recvfrom -#define real_sendto sendto -#define real_ioctl ioctl -#define real_recv recv -#define real_send send -#define real_socket socket -#define real_close close -#define real_dup dup -#define real_dup2 dup2 -#endif - -#ifdef HAVE_GETTIMEOFDAY_TZ -#define swrapGetTimeOfDay(tval) gettimeofday(tval,NULL) -#else -#define swrapGetTimeOfDay(tval) gettimeofday(tval) -#endif - -/* we need to use a very terse format here as IRIX 6.4 silently - truncates names to 16 chars, so if we use a longer name then we - can't tell which port a packet came from with recvfrom() - - with this format we have 8 chars left for the directory name -*/ -#define SOCKET_FORMAT "%c%02X%04X" -#define SOCKET_TYPE_CHAR_TCP 'T' -#define SOCKET_TYPE_CHAR_UDP 'U' -#define SOCKET_TYPE_CHAR_TCP_V6 'X' -#define SOCKET_TYPE_CHAR_UDP_V6 'Y' - -#define MAX_WRAPPED_INTERFACES 16 - -#define SW_IPV6_ADDRESS 1 - -static struct sockaddr *sockaddr_dup(const void *data, socklen_t len) -{ - struct sockaddr *ret = (struct sockaddr *)malloc(len); - memcpy(ret, data, len); - return ret; -} - -static void set_port(int family, int prt, struct sockaddr *addr) -{ - switch (family) { - case AF_INET: - ((struct sockaddr_in *)addr)->sin_port = htons(prt); - break; -#ifdef HAVE_IPV6 - case AF_INET6: - ((struct sockaddr_in6 *)addr)->sin6_port = htons(prt); - break; -#endif - } -} - -static int socket_length(int family) -{ - switch (family) { - case AF_INET: - return sizeof(struct sockaddr_in); -#ifdef HAVE_IPV6 - case AF_INET6: - return sizeof(struct sockaddr_in6); -#endif - } - return -1; -} - - - -struct socket_info -{ - int fd; - - int family; - int type; - int protocol; - int bound; - int bcast; - int is_server; - - char *path; - char *tmp_path; - - struct sockaddr *myname; - socklen_t myname_len; - - struct sockaddr *peername; - socklen_t peername_len; - - struct { - unsigned long pck_snd; - unsigned long pck_rcv; - } io; - - struct socket_info *prev, *next; -}; - -static struct socket_info *sockets; - - -static const char *socket_wrapper_dir(void) -{ - const char *s = getenv("SOCKET_WRAPPER_DIR"); - if (s == NULL) { - return NULL; - } - if (strncmp(s, "./", 2) == 0) { - s += 2; - } - return s; -} - -static unsigned int socket_wrapper_default_iface(void) -{ - const char *s = getenv("SOCKET_WRAPPER_DEFAULT_IFACE"); - if (s) { - unsigned int iface; - if (sscanf(s, "%u", &iface) == 1) { - if (iface >= 1 && iface <= MAX_WRAPPED_INTERFACES) { - return iface; - } - } - } - - return 1;/* 127.0.0.1 */ -} - -static int convert_un_in(const struct sockaddr_un *un, struct sockaddr *in, socklen_t *len) -{ - unsigned int iface; - unsigned int prt; - const char *p; - char type; - - p = strrchr(un->sun_path, '/'); - if (p) p++; else p = un->sun_path; - - if (sscanf(p, SOCKET_FORMAT, &type, &iface, &prt) != 3) { - errno = EINVAL; - return -1; - } - - if (iface == 0 || iface > MAX_WRAPPED_INTERFACES) { - errno = EINVAL; - return -1; - } - - if (prt > 0xFFFF) { - errno = EINVAL; - return -1; - } - - switch(type) { - case SOCKET_TYPE_CHAR_TCP: - case SOCKET_TYPE_CHAR_UDP: { - struct sockaddr_in *in2 = (struct sockaddr_in *)in; - - if ((*len) < sizeof(*in2)) { - errno = EINVAL; - return -1; - } - - memset(in2, 0, sizeof(*in2)); - in2->sin_family = AF_INET; - in2->sin_addr.s_addr = htonl((127<<24) | iface); - in2->sin_port = htons(prt); - - *len = sizeof(*in2); - break; - } -#ifdef HAVE_IPV6 - case SOCKET_TYPE_CHAR_TCP_V6: - case SOCKET_TYPE_CHAR_UDP_V6: { - struct sockaddr_in6 *in2 = (struct sockaddr_in6 *)in; - - if ((*len) < sizeof(*in2)) { - errno = EINVAL; - return -1; - } - - memset(in2, 0, sizeof(*in2)); - in2->sin6_family = AF_INET6; - in2->sin6_addr.s6_addr[0] = SW_IPV6_ADDRESS; - in2->sin6_port = htons(prt); - - *len = sizeof(*in2); - break; - } -#endif - default: - errno = EINVAL; - return -1; - } - - return 0; -} - -static int convert_in_un_remote(struct socket_info *si, const struct sockaddr *inaddr, struct sockaddr_un *un, - int *bcast) -{ - char type = '\0'; - unsigned int prt; - unsigned int iface; - int is_bcast = 0; - - if (bcast) *bcast = 0; - - switch (si->family) { - case AF_INET: { - const struct sockaddr_in *in = - (const struct sockaddr_in *)inaddr; - unsigned int addr = ntohl(in->sin_addr.s_addr); - char u_type = '\0'; - char b_type = '\0'; - char a_type = '\0'; - - switch (si->type) { - case SOCK_STREAM: - u_type = SOCKET_TYPE_CHAR_TCP; - break; - case SOCK_DGRAM: - u_type = SOCKET_TYPE_CHAR_UDP; - a_type = SOCKET_TYPE_CHAR_UDP; - b_type = SOCKET_TYPE_CHAR_UDP; - break; - } - - prt = ntohs(in->sin_port); - if (a_type && addr == 0xFFFFFFFF) { - /* 255.255.255.255 only udp */ - is_bcast = 2; - type = a_type; - iface = socket_wrapper_default_iface(); - } else if (b_type && addr == 0x7FFFFFFF) { - /* 127.255.255.255 only udp */ - is_bcast = 1; - type = b_type; - iface = socket_wrapper_default_iface(); - } else if ((addr & 0xFFFFFF00) == 0x7F000000) { - /* 127.0.0.X */ - is_bcast = 0; - type = u_type; - iface = (addr & 0x000000FF); - } else { - errno = ENETUNREACH; - return -1; - } - if (bcast) *bcast = is_bcast; - break; - } -#ifdef HAVE_IPV6 - case AF_INET6: { - const struct sockaddr_in6 *in = - (const struct sockaddr_in6 *)inaddr; - - switch (si->type) { - case SOCK_STREAM: - type = SOCKET_TYPE_CHAR_TCP_V6; - break; - case SOCK_DGRAM: - type = SOCKET_TYPE_CHAR_UDP_V6; - break; - } - - /* XXX no multicast/broadcast */ - - prt = ntohs(in->sin6_port); - iface = SW_IPV6_ADDRESS; - - break; - } -#endif - default: - errno = ENETUNREACH; - return -1; - } - - if (prt == 0) { - errno = EINVAL; - return -1; - } - - if (is_bcast) { - snprintf(un->sun_path, sizeof(un->sun_path), "%s/EINVAL", - socket_wrapper_dir()); - /* the caller need to do more processing */ - return 0; - } - - snprintf(un->sun_path, sizeof(un->sun_path), "%s/"SOCKET_FORMAT, - socket_wrapper_dir(), type, iface, prt); - - return 0; -} - -static int convert_in_un_alloc(struct socket_info *si, const struct sockaddr *inaddr, struct sockaddr_un *un, - int *bcast) -{ - char type = '\0'; - unsigned int prt; - unsigned int iface; - struct stat st; - int is_bcast = 0; - - if (bcast) *bcast = 0; - - switch (si->family) { - case AF_INET: { - const struct sockaddr_in *in = - (const struct sockaddr_in *)inaddr; - unsigned int addr = ntohl(in->sin_addr.s_addr); - char u_type = '\0'; - char d_type = '\0'; - char b_type = '\0'; - char a_type = '\0'; - - prt = ntohs(in->sin_port); - - switch (si->type) { - case SOCK_STREAM: - u_type = SOCKET_TYPE_CHAR_TCP; - d_type = SOCKET_TYPE_CHAR_TCP; - break; - case SOCK_DGRAM: - u_type = SOCKET_TYPE_CHAR_UDP; - d_type = SOCKET_TYPE_CHAR_UDP; - a_type = SOCKET_TYPE_CHAR_UDP; - b_type = SOCKET_TYPE_CHAR_UDP; - break; - } - - if (addr == 0) { - /* 0.0.0.0 */ - is_bcast = 0; - type = d_type; - iface = socket_wrapper_default_iface(); - } else if (a_type && addr == 0xFFFFFFFF) { - /* 255.255.255.255 only udp */ - is_bcast = 2; - type = a_type; - iface = socket_wrapper_default_iface(); - } else if (b_type && addr == 0x7FFFFFFF) { - /* 127.255.255.255 only udp */ - is_bcast = 1; - type = b_type; - iface = socket_wrapper_default_iface(); - } else if ((addr & 0xFFFFFF00) == 0x7F000000) { - /* 127.0.0.X */ - is_bcast = 0; - type = u_type; - iface = (addr & 0x000000FF); - } else { - errno = EADDRNOTAVAIL; - return -1; - } - break; - } -#ifdef HAVE_IPV6 - case AF_INET6: { - const struct sockaddr_in6 *in = - (const struct sockaddr_in6 *)inaddr; - - switch (si->type) { - case SOCK_STREAM: - type = SOCKET_TYPE_CHAR_TCP_V6; - break; - case SOCK_DGRAM: - type = SOCKET_TYPE_CHAR_UDP_V6; - break; - } - - /* XXX no multicast/broadcast */ - - prt = ntohs(in->sin6_port); - iface = SW_IPV6_ADDRESS; - - break; - } -#endif - default: - errno = ENETUNREACH; - return -1; - } - - - if (bcast) *bcast = is_bcast; - - if (prt == 0) { - /* handle auto-allocation of ephemeral ports */ - for (prt = 5001; prt < 10000; prt++) { - snprintf(un->sun_path, sizeof(un->sun_path), "%s/"SOCKET_FORMAT, - socket_wrapper_dir(), type, iface, prt); - if (stat(un->sun_path, &st) == 0) continue; - - set_port(si->family, prt, si->myname); - } - } - - snprintf(un->sun_path, sizeof(un->sun_path), "%s/"SOCKET_FORMAT, - socket_wrapper_dir(), type, iface, prt); - return 0; -} - -static struct socket_info *find_socket_info(int fd) -{ - struct socket_info *i; - for (i = sockets; i; i = i->next) { - if (i->fd == fd) - return i; - } - - return NULL; -} - -static int sockaddr_convert_to_un(struct socket_info *si, const struct sockaddr *in_addr, socklen_t in_len, - struct sockaddr_un *out_addr, int alloc_sock, int *bcast) -{ - if (!out_addr) - return 0; - - out_addr->sun_family = AF_UNIX; - - switch (in_addr->sa_family) { - case AF_INET: -#ifdef HAVE_IPV6 - case AF_INET6: -#endif - switch (si->type) { - case SOCK_STREAM: - case SOCK_DGRAM: - break; - default: - errno = ESOCKTNOSUPPORT; - return -1; - } - if (alloc_sock) { - return convert_in_un_alloc(si, in_addr, out_addr, bcast); - } else { - return convert_in_un_remote(si, in_addr, out_addr, bcast); - } - default: - break; - } - - errno = EAFNOSUPPORT; - return -1; -} - -static int sockaddr_convert_from_un(const struct socket_info *si, - const struct sockaddr_un *in_addr, - socklen_t un_addrlen, - int family, - struct sockaddr *out_addr, - socklen_t *out_addrlen) -{ - if (out_addr == NULL || out_addrlen == NULL) - return 0; - - if (un_addrlen == 0) { - *out_addrlen = 0; - return 0; - } - - switch (family) { - case AF_INET: -#ifdef HAVE_IPV6 - case AF_INET6: -#endif - switch (si->type) { - case SOCK_STREAM: - case SOCK_DGRAM: - break; - default: - errno = ESOCKTNOSUPPORT; - return -1; - } - return convert_un_in(in_addr, out_addr, out_addrlen); - default: - break; - } - - errno = EAFNOSUPPORT; - return -1; -} - -enum swrap_packet_type { - SWRAP_CONNECT_SEND, - SWRAP_CONNECT_UNREACH, - SWRAP_CONNECT_RECV, - SWRAP_CONNECT_ACK, - SWRAP_ACCEPT_SEND, - SWRAP_ACCEPT_RECV, - SWRAP_ACCEPT_ACK, - SWRAP_RECVFROM, - SWRAP_SENDTO, - SWRAP_SENDTO_UNREACH, - SWRAP_PENDING_RST, - SWRAP_RECV, - SWRAP_RECV_RST, - SWRAP_SEND, - SWRAP_SEND_RST, - SWRAP_CLOSE_SEND, - SWRAP_CLOSE_RECV, - SWRAP_CLOSE_ACK -}; - -struct swrap_file_hdr { - unsigned long magic; - unsigned short version_major; - unsigned short version_minor; - long timezone; - unsigned long sigfigs; - unsigned long frame_max_len; -#define SWRAP_FRAME_LENGTH_MAX 0xFFFF - unsigned long link_type; -}; -#define SWRAP_FILE_HDR_SIZE 24 - -struct swrap_packet { - struct { - unsigned long seconds; - unsigned long micro_seconds; - unsigned long recorded_length; - unsigned long full_length; - } frame; -#define SWRAP_PACKET__FRAME_SIZE 16 - - struct { - struct { - unsigned char ver_hdrlen; - unsigned char tos; - unsigned short packet_length; - unsigned short identification; - unsigned char flags; - unsigned char fragment; - unsigned char ttl; - unsigned char protocol; - unsigned short hdr_checksum; - unsigned long src_addr; - unsigned long dest_addr; - } hdr; -#define SWRAP_PACKET__IP_HDR_SIZE 20 - - union { - struct { - unsigned short source_port; - unsigned short dest_port; - unsigned long seq_num; - unsigned long ack_num; - unsigned char hdr_length; - unsigned char control; - unsigned short window; - unsigned short checksum; - unsigned short urg; - } tcp; -#define SWRAP_PACKET__IP_P_TCP_SIZE 20 - struct { - unsigned short source_port; - unsigned short dest_port; - unsigned short length; - unsigned short checksum; - } udp; -#define SWRAP_PACKET__IP_P_UDP_SIZE 8 - struct { - unsigned char type; - unsigned char code; - unsigned short checksum; - unsigned long unused; - } icmp; -#define SWRAP_PACKET__IP_P_ICMP_SIZE 8 - } p; - } ip; -}; -#define SWRAP_PACKET_SIZE 56 - -static const char *socket_wrapper_pcap_file(void) -{ - static int initialized = 0; - static const char *s = NULL; - static const struct swrap_file_hdr h; - static const struct swrap_packet p; - - if (initialized == 1) { - return s; - } - initialized = 1; - - /* - * TODO: don't use the structs use plain buffer offsets - * and PUSH_U8(), PUSH_U16() and PUSH_U32() - * - * for now make sure we disable PCAP support - * if the struct has alignment! - */ - if (sizeof(h) != SWRAP_FILE_HDR_SIZE) { - return NULL; - } - if (sizeof(p) != SWRAP_PACKET_SIZE) { - return NULL; - } - if (sizeof(p.frame) != SWRAP_PACKET__FRAME_SIZE) { - return NULL; - } - if (sizeof(p.ip.hdr) != SWRAP_PACKET__IP_HDR_SIZE) { - return NULL; - } - if (sizeof(p.ip.p.tcp) != SWRAP_PACKET__IP_P_TCP_SIZE) { - return NULL; - } - if (sizeof(p.ip.p.udp) != SWRAP_PACKET__IP_P_UDP_SIZE) { - return NULL; - } - if (sizeof(p.ip.p.icmp) != SWRAP_PACKET__IP_P_ICMP_SIZE) { - return NULL; - } - - s = getenv("SOCKET_WRAPPER_PCAP_FILE"); - if (s == NULL) { - return NULL; - } - if (strncmp(s, "./", 2) == 0) { - s += 2; - } - return s; -} - -static struct swrap_packet *swrap_packet_init(struct timeval *tval, - const struct sockaddr_in *src_addr, - const struct sockaddr_in *dest_addr, - int socket_type, - const unsigned char *payload, - size_t payload_len, - unsigned long tcp_seq, - unsigned long tcp_ack, - unsigned char tcp_ctl, - int unreachable, - size_t *_packet_len) -{ - struct swrap_packet *ret; - struct swrap_packet *packet; - size_t packet_len; - size_t alloc_len; - size_t nonwire_len = sizeof(packet->frame); - size_t wire_hdr_len = 0; - size_t wire_len = 0; - size_t icmp_hdr_len = 0; - size_t icmp_truncate_len = 0; - unsigned char protocol = 0, icmp_protocol = 0; - unsigned short src_port = src_addr->sin_port; - unsigned short dest_port = dest_addr->sin_port; - - switch (socket_type) { - case SOCK_STREAM: - protocol = 0x06; /* TCP */ - wire_hdr_len = sizeof(packet->ip.hdr) + sizeof(packet->ip.p.tcp); - wire_len = wire_hdr_len + payload_len; - break; - - case SOCK_DGRAM: - protocol = 0x11; /* UDP */ - wire_hdr_len = sizeof(packet->ip.hdr) + sizeof(packet->ip.p.udp); - wire_len = wire_hdr_len + payload_len; - break; - } - - if (unreachable) { - icmp_protocol = protocol; - protocol = 0x01; /* ICMP */ - if (wire_len > 64 ) { - icmp_truncate_len = wire_len - 64; - } - icmp_hdr_len = sizeof(packet->ip.hdr) + sizeof(packet->ip.p.icmp); - wire_hdr_len += icmp_hdr_len; - wire_len += icmp_hdr_len; - } - - packet_len = nonwire_len + wire_len; - alloc_len = packet_len; - if (alloc_len < sizeof(struct swrap_packet)) { - alloc_len = sizeof(struct swrap_packet); - } - ret = (struct swrap_packet *)malloc(alloc_len); - if (!ret) return NULL; - - packet = ret; - - packet->frame.seconds = tval->tv_sec; - packet->frame.micro_seconds = tval->tv_usec; - packet->frame.recorded_length = wire_len - icmp_truncate_len; - packet->frame.full_length = wire_len - icmp_truncate_len; - - packet->ip.hdr.ver_hdrlen = 0x45; /* version 4 and 5 * 32 bit words */ - packet->ip.hdr.tos = 0x00; - packet->ip.hdr.packet_length = htons(wire_len - icmp_truncate_len); - packet->ip.hdr.identification = htons(0xFFFF); - packet->ip.hdr.flags = 0x40; /* BIT 1 set - means don't fraqment */ - packet->ip.hdr.fragment = htons(0x0000); - packet->ip.hdr.ttl = 0xFF; - packet->ip.hdr.protocol = protocol; - packet->ip.hdr.hdr_checksum = htons(0x0000); - packet->ip.hdr.src_addr = src_addr->sin_addr.s_addr; - packet->ip.hdr.dest_addr = dest_addr->sin_addr.s_addr; - - if (unreachable) { - packet->ip.p.icmp.type = 0x03; /* destination unreachable */ - packet->ip.p.icmp.code = 0x01; /* host unreachable */ - packet->ip.p.icmp.checksum = htons(0x0000); - packet->ip.p.icmp.unused = htonl(0x00000000); - - /* set the ip header in the ICMP payload */ - packet = (struct swrap_packet *)(((unsigned char *)ret) + icmp_hdr_len); - packet->ip.hdr.ver_hdrlen = 0x45; /* version 4 and 5 * 32 bit words */ - packet->ip.hdr.tos = 0x00; - packet->ip.hdr.packet_length = htons(wire_len - icmp_hdr_len); - packet->ip.hdr.identification = htons(0xFFFF); - packet->ip.hdr.flags = 0x40; /* BIT 1 set - means don't fraqment */ - packet->ip.hdr.fragment = htons(0x0000); - packet->ip.hdr.ttl = 0xFF; - packet->ip.hdr.protocol = icmp_protocol; - packet->ip.hdr.hdr_checksum = htons(0x0000); - packet->ip.hdr.src_addr = dest_addr->sin_addr.s_addr; - packet->ip.hdr.dest_addr = src_addr->sin_addr.s_addr; - - src_port = dest_addr->sin_port; - dest_port = src_addr->sin_port; - } - - switch (socket_type) { - case SOCK_STREAM: - packet->ip.p.tcp.source_port = src_port; - packet->ip.p.tcp.dest_port = dest_port; - packet->ip.p.tcp.seq_num = htonl(tcp_seq); - packet->ip.p.tcp.ack_num = htonl(tcp_ack); - packet->ip.p.tcp.hdr_length = 0x50; /* 5 * 32 bit words */ - packet->ip.p.tcp.control = tcp_ctl; - packet->ip.p.tcp.window = htons(0x7FFF); - packet->ip.p.tcp.checksum = htons(0x0000); - packet->ip.p.tcp.urg = htons(0x0000); - - break; - - case SOCK_DGRAM: - packet->ip.p.udp.source_port = src_addr->sin_port; - packet->ip.p.udp.dest_port = dest_addr->sin_port; - packet->ip.p.udp.length = htons(8 + payload_len); - packet->ip.p.udp.checksum = htons(0x0000); - - break; - } - - if (payload && payload_len > 0) { - unsigned char *p = (unsigned char *)ret; - p += nonwire_len; - p += wire_hdr_len; - memcpy(p, payload, payload_len); - } - - *_packet_len = packet_len - icmp_truncate_len; - return ret; -} - -static int swrap_get_pcap_fd(const char *fname) -{ - static int fd = -1; - - if (fd != -1) return fd; - - fd = open(fname, O_WRONLY|O_CREAT|O_EXCL|O_APPEND, 0644); - if (fd != -1) { - struct swrap_file_hdr file_hdr; - file_hdr.magic = 0xA1B2C3D4; - file_hdr.version_major = 0x0002; - file_hdr.version_minor = 0x0004; - file_hdr.timezone = 0x00000000; - file_hdr.sigfigs = 0x00000000; - file_hdr.frame_max_len = SWRAP_FRAME_LENGTH_MAX; - file_hdr.link_type = 0x0065; /* 101 RAW IP */ - - write(fd, &file_hdr, sizeof(file_hdr)); - return fd; - } - - fd = open(fname, O_WRONLY|O_APPEND, 0644); - - return fd; -} - -static void swrap_dump_packet(struct socket_info *si, const struct sockaddr *addr, - enum swrap_packet_type type, - const void *buf, size_t len) -{ - const struct sockaddr_in *src_addr; - const struct sockaddr_in *dest_addr; - const char *file_name; - unsigned long tcp_seq = 0; - unsigned long tcp_ack = 0; - unsigned char tcp_ctl = 0; - int unreachable = 0; - struct timeval tv; - struct swrap_packet *packet; - size_t packet_len = 0; - int fd; - - file_name = socket_wrapper_pcap_file(); - if (!file_name) { - return; - } - - switch (si->family) { - case AF_INET: -#ifdef HAVE_IPV6 - case AF_INET6: -#endif - break; - default: - return; - } - - switch (type) { - case SWRAP_CONNECT_SEND: - if (si->type != SOCK_STREAM) return; - - src_addr = (const struct sockaddr_in *)si->myname; - dest_addr = (const struct sockaddr_in *)addr; - - tcp_seq = si->io.pck_snd; - tcp_ack = si->io.pck_rcv; - tcp_ctl = 0x02; /* SYN */ - - si->io.pck_snd += 1; - - break; - - case SWRAP_CONNECT_RECV: - if (si->type != SOCK_STREAM) return; - - dest_addr = (const struct sockaddr_in *)si->myname; - src_addr = (const struct sockaddr_in *)addr; - - tcp_seq = si->io.pck_rcv; - tcp_ack = si->io.pck_snd; - tcp_ctl = 0x12; /** SYN,ACK */ - - si->io.pck_rcv += 1; - - break; - - case SWRAP_CONNECT_UNREACH: - if (si->type != SOCK_STREAM) return; - - dest_addr = (const struct sockaddr_in *)si->myname; - src_addr = (const struct sockaddr_in *)addr; - - /* Unreachable: resend the data of SWRAP_CONNECT_SEND */ - tcp_seq = si->io.pck_snd - 1; - tcp_ack = si->io.pck_rcv; - tcp_ctl = 0x02; /* SYN */ - unreachable = 1; - - break; - - case SWRAP_CONNECT_ACK: - if (si->type != SOCK_STREAM) return; - - src_addr = (const struct sockaddr_in *)si->myname; - dest_addr = (const struct sockaddr_in *)addr; - - tcp_seq = si->io.pck_snd; - tcp_ack = si->io.pck_rcv; - tcp_ctl = 0x10; /* ACK */ - - break; - - case SWRAP_ACCEPT_SEND: - if (si->type != SOCK_STREAM) return; - - dest_addr = (const struct sockaddr_in *)si->myname; - src_addr = (const struct sockaddr_in *)addr; - - tcp_seq = si->io.pck_rcv; - tcp_ack = si->io.pck_snd; - tcp_ctl = 0x02; /* SYN */ - - si->io.pck_rcv += 1; - - break; - - case SWRAP_ACCEPT_RECV: - if (si->type != SOCK_STREAM) return; - - src_addr = (const struct sockaddr_in *)si->myname; - dest_addr = (const struct sockaddr_in *)addr; - - tcp_seq = si->io.pck_snd; - tcp_ack = si->io.pck_rcv; - tcp_ctl = 0x12; /* SYN,ACK */ - - si->io.pck_snd += 1; - - break; - - case SWRAP_ACCEPT_ACK: - if (si->type != SOCK_STREAM) return; - - dest_addr = (const struct sockaddr_in *)si->myname; - src_addr = (const struct sockaddr_in *)addr; - - tcp_seq = si->io.pck_rcv; - tcp_ack = si->io.pck_snd; - tcp_ctl = 0x10; /* ACK */ - - break; - - case SWRAP_SEND: - src_addr = (const struct sockaddr_in *)si->myname; - dest_addr = (const struct sockaddr_in *)si->peername; - - tcp_seq = si->io.pck_snd; - tcp_ack = si->io.pck_rcv; - tcp_ctl = 0x18; /* PSH,ACK */ - - si->io.pck_snd += len; - - break; - - case SWRAP_SEND_RST: - dest_addr = (const struct sockaddr_in *)si->myname; - src_addr = (const struct sockaddr_in *)si->peername; - - if (si->type == SOCK_DGRAM) { - swrap_dump_packet(si, si->peername, - SWRAP_SENDTO_UNREACH, - buf, len); - return; - } - - tcp_seq = si->io.pck_rcv; - tcp_ack = si->io.pck_snd; - tcp_ctl = 0x14; /** RST,ACK */ - - break; - - case SWRAP_PENDING_RST: - dest_addr = (const struct sockaddr_in *)si->myname; - src_addr = (const struct sockaddr_in *)si->peername; - - if (si->type == SOCK_DGRAM) { - return; - } - - tcp_seq = si->io.pck_rcv; - tcp_ack = si->io.pck_snd; - tcp_ctl = 0x14; /* RST,ACK */ - - break; - - case SWRAP_RECV: - dest_addr = (const struct sockaddr_in *)si->myname; - src_addr = (const struct sockaddr_in *)si->peername; - - tcp_seq = si->io.pck_rcv; - tcp_ack = si->io.pck_snd; - tcp_ctl = 0x18; /* PSH,ACK */ - - si->io.pck_rcv += len; - - break; - - case SWRAP_RECV_RST: - dest_addr = (const struct sockaddr_in *)si->myname; - src_addr = (const struct sockaddr_in *)si->peername; - - if (si->type == SOCK_DGRAM) { - return; - } - - tcp_seq = si->io.pck_rcv; - tcp_ack = si->io.pck_snd; - tcp_ctl = 0x14; /* RST,ACK */ - - break; - - case SWRAP_SENDTO: - src_addr = (const struct sockaddr_in *)si->myname; - dest_addr = (const struct sockaddr_in *)addr; - - si->io.pck_snd += len; - - break; - - case SWRAP_SENDTO_UNREACH: - dest_addr = (const struct sockaddr_in *)si->myname; - src_addr = (const struct sockaddr_in *)addr; - - unreachable = 1; - - break; - - case SWRAP_RECVFROM: - dest_addr = (const struct sockaddr_in *)si->myname; - src_addr = (const struct sockaddr_in *)addr; - - si->io.pck_rcv += len; - - break; - - case SWRAP_CLOSE_SEND: - if (si->type != SOCK_STREAM) return; - - src_addr = (const struct sockaddr_in *)si->myname; - dest_addr = (const struct sockaddr_in *)si->peername; - - tcp_seq = si->io.pck_snd; - tcp_ack = si->io.pck_rcv; - tcp_ctl = 0x11; /* FIN, ACK */ - - si->io.pck_snd += 1; - - break; - - case SWRAP_CLOSE_RECV: - if (si->type != SOCK_STREAM) return; - - dest_addr = (const struct sockaddr_in *)si->myname; - src_addr = (const struct sockaddr_in *)si->peername; - - tcp_seq = si->io.pck_rcv; - tcp_ack = si->io.pck_snd; - tcp_ctl = 0x11; /* FIN,ACK */ - - si->io.pck_rcv += 1; - - break; - - case SWRAP_CLOSE_ACK: - if (si->type != SOCK_STREAM) return; - - src_addr = (const struct sockaddr_in *)si->myname; - dest_addr = (const struct sockaddr_in *)si->peername; - - tcp_seq = si->io.pck_snd; - tcp_ack = si->io.pck_rcv; - tcp_ctl = 0x10; /* ACK */ - - break; - default: - return; - } - - swrapGetTimeOfDay(&tv); - - packet = swrap_packet_init(&tv, src_addr, dest_addr, si->type, - (const unsigned char *)buf, len, - tcp_seq, tcp_ack, tcp_ctl, unreachable, - &packet_len); - if (!packet) { - return; - } - - fd = swrap_get_pcap_fd(file_name); - if (fd != -1) { - write(fd, packet, packet_len); - } - - free(packet); -} - -_PUBLIC_ int swrap_socket(int family, int type, int protocol) -{ - struct socket_info *si; - int fd; - - if (!socket_wrapper_dir()) { - return real_socket(family, type, protocol); - } - - switch (family) { - case AF_INET: -#ifdef HAVE_IPV6 - case AF_INET6: -#endif - break; - case AF_UNIX: - return real_socket(family, type, protocol); - default: - errno = EAFNOSUPPORT; - return -1; - } - - switch (type) { - case SOCK_STREAM: - break; - case SOCK_DGRAM: - break; - default: - errno = EPROTONOSUPPORT; - return -1; - } - -#if 0 - switch (protocol) { - case 0: - break; - default: - errno = EPROTONOSUPPORT; - return -1; - } -#endif - - fd = real_socket(AF_UNIX, type, 0); - - if (fd == -1) return -1; - - si = (struct socket_info *)calloc(1, sizeof(struct socket_info)); - - si->family = family; - si->type = type; - si->protocol = protocol; - si->fd = fd; - - SWRAP_DLIST_ADD(sockets, si); - - return si->fd; -} - -_PUBLIC_ int swrap_accept(int s, struct sockaddr *addr, socklen_t *addrlen) -{ - struct socket_info *parent_si, *child_si; - int fd; - struct sockaddr_un un_addr; - socklen_t un_addrlen = sizeof(un_addr); - struct sockaddr_un un_my_addr; - socklen_t un_my_addrlen = sizeof(un_my_addr); - struct sockaddr *my_addr; - socklen_t my_addrlen, len; - int ret; - - parent_si = find_socket_info(s); - if (!parent_si) { - return real_accept(s, addr, addrlen); - } - - /* - * assume out sockaddr have the same size as the in parent - * socket family - */ - my_addrlen = socket_length(parent_si->family); - if (my_addrlen < 0) { - errno = EINVAL; - return -1; - } - - my_addr = malloc(my_addrlen); - if (my_addr == NULL) { - return -1; - } - - memset(&un_addr, 0, sizeof(un_addr)); - memset(&un_my_addr, 0, sizeof(un_my_addr)); - - ret = real_accept(s, (struct sockaddr *)&un_addr, &un_addrlen); - if (ret == -1) { - free(my_addr); - return ret; - } - - fd = ret; - - len = my_addrlen; - ret = sockaddr_convert_from_un(parent_si, &un_addr, un_addrlen, - parent_si->family, my_addr, &len); - if (ret == -1) { - free(my_addr); - close(fd); - return ret; - } - - child_si = (struct socket_info *)malloc(sizeof(struct socket_info)); - memset(child_si, 0, sizeof(*child_si)); - - child_si->fd = fd; - child_si->family = parent_si->family; - child_si->type = parent_si->type; - child_si->protocol = parent_si->protocol; - child_si->bound = 1; - child_si->is_server = 1; - - child_si->peername_len = len; - child_si->peername = sockaddr_dup(my_addr, len); - - if (addr != NULL && addrlen != NULL) { - *addrlen = len; - if (*addrlen >= len) - memcpy(addr, my_addr, len); - *addrlen = 0; - } - - ret = real_getsockname(fd, (struct sockaddr *)&un_my_addr, &un_my_addrlen); - if (ret == -1) { - free(child_si); - close(fd); - return ret; - } - - len = my_addrlen; - ret = sockaddr_convert_from_un(child_si, &un_my_addr, un_my_addrlen, - child_si->family, my_addr, &len); - if (ret == -1) { - free(child_si); - free(my_addr); - close(fd); - return ret; - } - - child_si->myname_len = len; - child_si->myname = sockaddr_dup(my_addr, len); - free(my_addr); - - SWRAP_DLIST_ADD(sockets, child_si); - - swrap_dump_packet(child_si, addr, SWRAP_ACCEPT_SEND, NULL, 0); - swrap_dump_packet(child_si, addr, SWRAP_ACCEPT_RECV, NULL, 0); - swrap_dump_packet(child_si, addr, SWRAP_ACCEPT_ACK, NULL, 0); - - return fd; -} - -static int autobind_start_init; -static int autobind_start; - -/* using sendto() or connect() on an unbound socket would give the - recipient no way to reply, as unlike UDP and TCP, a unix domain - socket can't auto-assign emphemeral port numbers, so we need to - assign it here */ -static int swrap_auto_bind(struct socket_info *si) -{ - struct sockaddr_un un_addr; - int i; - char type; - int ret; - int port; - struct stat st; - - if (autobind_start_init != 1) { - autobind_start_init = 1; - autobind_start = getpid(); - autobind_start %= 50000; - autobind_start += 10000; - } - - un_addr.sun_family = AF_UNIX; - - switch (si->family) { - case AF_INET: { - struct sockaddr_in in; - - switch (si->type) { - case SOCK_STREAM: - type = SOCKET_TYPE_CHAR_TCP; - break; - case SOCK_DGRAM: - type = SOCKET_TYPE_CHAR_UDP; - break; - default: - errno = ESOCKTNOSUPPORT; - return -1; - } - - memset(&in, 0, sizeof(in)); - in.sin_family = AF_INET; - in.sin_addr.s_addr = htonl(127<<24 | - socket_wrapper_default_iface()); - - si->myname_len = sizeof(in); - si->myname = sockaddr_dup(&in, si->myname_len); - break; - } -#ifdef HAVE_IPV6 - case AF_INET6: { - struct sockaddr_in6 in6; - - switch (si->type) { - case SOCK_STREAM: - type = SOCKET_TYPE_CHAR_TCP_V6; - break; - case SOCK_DGRAM: - type = SOCKET_TYPE_CHAR_UDP_V6; - break; - default: - errno = ESOCKTNOSUPPORT; - return -1; - } - - memset(&in6, 0, sizeof(in6)); - in6.sin6_family = AF_INET6; - in6.sin6_addr.s6_addr[0] = SW_IPV6_ADDRESS; - si->myname_len = sizeof(in6); - si->myname = sockaddr_dup(&in6, si->myname_len); - break; - } -#endif - default: - errno = ESOCKTNOSUPPORT; - return -1; - } - - if (autobind_start > 60000) { - autobind_start = 10000; - } - - for (i=0;i<1000;i++) { - port = autobind_start + i; - snprintf(un_addr.sun_path, sizeof(un_addr.sun_path), - "%s/"SOCKET_FORMAT, socket_wrapper_dir(), - type, socket_wrapper_default_iface(), port); - if (stat(un_addr.sun_path, &st) == 0) continue; - - ret = real_bind(si->fd, (struct sockaddr *)&un_addr, sizeof(un_addr)); - if (ret == -1) return ret; - - si->tmp_path = strdup(un_addr.sun_path); - si->bound = 1; - autobind_start = port + 1; - break; - } - if (i == 1000) { - errno = ENFILE; - return -1; - } - - set_port(si->family, port, si->myname); - - return 0; -} - - -_PUBLIC_ int swrap_connect(int s, const struct sockaddr *serv_addr, socklen_t addrlen) -{ - int ret; - struct sockaddr_un un_addr; - struct socket_info *si = find_socket_info(s); - - if (!si) { - return real_connect(s, serv_addr, addrlen); - } - - if (si->bound == 0) { - ret = swrap_auto_bind(si); - if (ret == -1) return -1; - } - - if (si->family != serv_addr->sa_family) { - errno = EINVAL; - return -1; - } - - ret = sockaddr_convert_to_un(si, (const struct sockaddr *)serv_addr, addrlen, &un_addr, 0, NULL); - if (ret == -1) return -1; - - swrap_dump_packet(si, serv_addr, SWRAP_CONNECT_SEND, NULL, 0); - - ret = real_connect(s, (struct sockaddr *)&un_addr, - sizeof(struct sockaddr_un)); - - /* to give better errors */ - if (ret == -1 && errno == ENOENT) { - errno = EHOSTUNREACH; - } - - if (ret == 0) { - si->peername_len = addrlen; - si->peername = sockaddr_dup(serv_addr, addrlen); - - swrap_dump_packet(si, serv_addr, SWRAP_CONNECT_RECV, NULL, 0); - swrap_dump_packet(si, serv_addr, SWRAP_CONNECT_ACK, NULL, 0); - } else { - swrap_dump_packet(si, serv_addr, SWRAP_CONNECT_UNREACH, NULL, 0); - } - - return ret; -} - -_PUBLIC_ int swrap_bind(int s, const struct sockaddr *myaddr, socklen_t addrlen) -{ - int ret; - struct sockaddr_un un_addr; - struct socket_info *si = find_socket_info(s); - - if (!si) { - return real_bind(s, myaddr, addrlen); - } - - si->myname_len = addrlen; - si->myname = sockaddr_dup(myaddr, addrlen); - - ret = sockaddr_convert_to_un(si, (const struct sockaddr *)myaddr, addrlen, &un_addr, 1, &si->bcast); - if (ret == -1) return -1; - - unlink(un_addr.sun_path); - - ret = real_bind(s, (struct sockaddr *)&un_addr, - sizeof(struct sockaddr_un)); - - if (ret == 0) { - si->bound = 1; - } - - return ret; -} - -_PUBLIC_ int swrap_listen(int s, int backlog) -{ - int ret; - struct socket_info *si = find_socket_info(s); - - if (!si) { - return real_listen(s, backlog); - } - - ret = real_listen(s, backlog); - - return ret; -} - -_PUBLIC_ int swrap_getpeername(int s, struct sockaddr *name, socklen_t *addrlen) -{ - struct socket_info *si = find_socket_info(s); - - if (!si) { - return real_getpeername(s, name, addrlen); - } - - if (!si->peername) - { - errno = ENOTCONN; - return -1; - } - - memcpy(name, si->peername, si->peername_len); - *addrlen = si->peername_len; - - return 0; -} - -_PUBLIC_ int swrap_getsockname(int s, struct sockaddr *name, socklen_t *addrlen) -{ - struct socket_info *si = find_socket_info(s); - - if (!si) { - return real_getsockname(s, name, addrlen); - } - - memcpy(name, si->myname, si->myname_len); - *addrlen = si->myname_len; - - return 0; -} - -_PUBLIC_ int swrap_getsockopt(int s, int level, int optname, void *optval, socklen_t *optlen) -{ - struct socket_info *si = find_socket_info(s); - - if (!si) { - return real_getsockopt(s, level, optname, optval, optlen); - } - - if (level == SOL_SOCKET) { - return real_getsockopt(s, level, optname, optval, optlen); - } - - errno = ENOPROTOOPT; - return -1; -} - -_PUBLIC_ int swrap_setsockopt(int s, int level, int optname, const void *optval, socklen_t optlen) -{ - struct socket_info *si = find_socket_info(s); - - if (!si) { - return real_setsockopt(s, level, optname, optval, optlen); - } - - if (level == SOL_SOCKET) { - return real_setsockopt(s, level, optname, optval, optlen); - } - - switch (si->family) { - case AF_INET: - return 0; - default: - errno = ENOPROTOOPT; - return -1; - } -} - -_PUBLIC_ ssize_t swrap_recvfrom(int s, void *buf, size_t len, int flags, struct sockaddr *from, socklen_t *fromlen) -{ - struct sockaddr_un un_addr; - socklen_t un_addrlen = sizeof(un_addr); - int ret; - struct socket_info *si = find_socket_info(s); - - if (!si) { - return real_recvfrom(s, buf, len, flags, from, fromlen); - } - - /* irix 6.4 forgets to null terminate the sun_path string :-( */ - memset(&un_addr, 0, sizeof(un_addr)); - ret = real_recvfrom(s, buf, len, flags, (struct sockaddr *)&un_addr, &un_addrlen); - if (ret == -1) - return ret; - - if (sockaddr_convert_from_un(si, &un_addr, un_addrlen, - si->family, from, fromlen) == -1) { - return -1; - } - - swrap_dump_packet(si, from, SWRAP_RECVFROM, buf, ret); - - return ret; -} - - -_PUBLIC_ ssize_t swrap_sendto(int s, const void *buf, size_t len, int flags, const struct sockaddr *to, socklen_t tolen) -{ - struct sockaddr_un un_addr; - int ret; - struct socket_info *si = find_socket_info(s); - int bcast = 0; - - if (!si) { - return real_sendto(s, buf, len, flags, to, tolen); - } - - switch (si->type) { - case SOCK_STREAM: - ret = real_send(s, buf, len, flags); - break; - case SOCK_DGRAM: - if (si->bound == 0) { - ret = swrap_auto_bind(si); - if (ret == -1) return -1; - } - - ret = sockaddr_convert_to_un(si, to, tolen, &un_addr, 0, &bcast); - if (ret == -1) return -1; - - if (bcast) { - struct stat st; - unsigned int iface; - unsigned int prt = ntohs(((const struct sockaddr_in *)to)->sin_port); - char type; - - type = SOCKET_TYPE_CHAR_UDP; - - for(iface=0; iface <= MAX_WRAPPED_INTERFACES; iface++) { - snprintf(un_addr.sun_path, sizeof(un_addr.sun_path), "%s/"SOCKET_FORMAT, - socket_wrapper_dir(), type, iface, prt); - if (stat(un_addr.sun_path, &st) != 0) continue; - - /* ignore the any errors in broadcast sends */ - real_sendto(s, buf, len, flags, (struct sockaddr *)&un_addr, sizeof(un_addr)); - } - - swrap_dump_packet(si, to, SWRAP_SENDTO, buf, len); - - return len; - } - - ret = real_sendto(s, buf, len, flags, (struct sockaddr *)&un_addr, sizeof(un_addr)); - break; - default: - ret = -1; - errno = EHOSTUNREACH; - break; - } - - /* to give better errors */ - if (ret == -1 && errno == ENOENT) { - errno = EHOSTUNREACH; - } - - if (ret == -1) { - swrap_dump_packet(si, to, SWRAP_SENDTO, buf, len); - swrap_dump_packet(si, to, SWRAP_SENDTO_UNREACH, buf, len); - } else { - swrap_dump_packet(si, to, SWRAP_SENDTO, buf, ret); - } - - return ret; -} - -_PUBLIC_ int swrap_ioctl(int s, int r, void *p) -{ - int ret; - struct socket_info *si = find_socket_info(s); - int value; - - if (!si) { - return real_ioctl(s, r, p); - } - - ret = real_ioctl(s, r, p); - - switch (r) { - case FIONREAD: - value = *((int *)p); - if (ret == -1 && errno != EAGAIN && errno != ENOBUFS) { - swrap_dump_packet(si, NULL, SWRAP_PENDING_RST, NULL, 0); - } else if (value == 0) { /* END OF FILE */ - swrap_dump_packet(si, NULL, SWRAP_PENDING_RST, NULL, 0); - } - break; - } - - return ret; -} - -_PUBLIC_ ssize_t swrap_recv(int s, void *buf, size_t len, int flags) -{ - int ret; - struct socket_info *si = find_socket_info(s); - - if (!si) { - return real_recv(s, buf, len, flags); - } - - ret = real_recv(s, buf, len, flags); - if (ret == -1 && errno != EAGAIN && errno != ENOBUFS) { - swrap_dump_packet(si, NULL, SWRAP_RECV_RST, NULL, 0); - } else if (ret == 0) { /* END OF FILE */ - swrap_dump_packet(si, NULL, SWRAP_RECV_RST, NULL, 0); - } else { - swrap_dump_packet(si, NULL, SWRAP_RECV, buf, ret); - } - - return ret; -} - - -_PUBLIC_ ssize_t swrap_send(int s, const void *buf, size_t len, int flags) -{ - int ret; - struct socket_info *si = find_socket_info(s); - - if (!si) { - return real_send(s, buf, len, flags); - } - - ret = real_send(s, buf, len, flags); - - if (ret == -1) { - swrap_dump_packet(si, NULL, SWRAP_SEND, buf, len); - swrap_dump_packet(si, NULL, SWRAP_SEND_RST, NULL, 0); - } else { - swrap_dump_packet(si, NULL, SWRAP_SEND, buf, ret); - } - - return ret; -} - -_PUBLIC_ int swrap_close(int fd) -{ - struct socket_info *si = find_socket_info(fd); - int ret; - - if (!si) { - return real_close(fd); - } - - SWRAP_DLIST_REMOVE(sockets, si); - - if (si->myname && si->peername) { - swrap_dump_packet(si, NULL, SWRAP_CLOSE_SEND, NULL, 0); - } - - ret = real_close(fd); - - if (si->myname && si->peername) { - swrap_dump_packet(si, NULL, SWRAP_CLOSE_RECV, NULL, 0); - swrap_dump_packet(si, NULL, SWRAP_CLOSE_ACK, NULL, 0); - } - - if (si->path) free(si->path); - if (si->myname) free(si->myname); - if (si->peername) free(si->peername); - if (si->tmp_path) { - unlink(si->tmp_path); - free(si->tmp_path); - } - free(si); - - return ret; -} - -static int -dup_internal(const struct socket_info *si_oldd, int fd) -{ - struct socket_info *si_newd; - - si_newd = (struct socket_info *)calloc(1, sizeof(struct socket_info)); - - si_newd->fd = fd; - - si_newd->family = si_oldd->family; - si_newd->type = si_oldd->type; - si_newd->protocol = si_oldd->protocol; - si_newd->bound = si_oldd->bound; - si_newd->bcast = si_oldd->bcast; - if (si_oldd->path) - si_newd->path = strdup(si_oldd->path); - if (si_oldd->tmp_path) - si_newd->tmp_path = strdup(si_oldd->tmp_path); - si_newd->myname = - sockaddr_dup(si_oldd->myname, si_oldd->myname_len); - si_newd->myname_len = si_oldd->myname_len; - si_newd->peername = - sockaddr_dup(si_oldd->peername, si_oldd->peername_len); - si_newd->peername_len = si_oldd->peername_len; - - si_newd->io = si_oldd->io; - - SWRAP_DLIST_ADD(sockets, si_newd); - - return fd; -} - - -_PUBLIC_ int swrap_dup(int oldd) -{ - struct socket_info *si; - int fd; - - si = find_socket_info(oldd); - if (si == NULL) - return real_dup(oldd); - - fd = real_dup(si->fd); - if (fd < 0) - return fd; - - return dup_internal(si, fd); -} - - -_PUBLIC_ int swrap_dup2(int oldd, int newd) -{ - struct socket_info *si_newd, *si_oldd; - int fd; - - if (newd == oldd) - return newd; - - si_oldd = find_socket_info(oldd); - si_newd = find_socket_info(newd); - - if (si_oldd == NULL && si_newd == NULL) - return real_dup2(oldd, newd); - - fd = real_dup2(si_oldd->fd, newd); - if (fd < 0) - return fd; - - /* close new socket first */ - if (si_newd) - swrap_close(newd); - - return dup_internal(si_oldd, fd); -} diff --git a/crypto/heimdal/lib/roken/socket_wrapper.h b/crypto/heimdal/lib/roken/socket_wrapper.h deleted file mode 100644 index 316b024326b1..000000000000 --- a/crypto/heimdal/lib/roken/socket_wrapper.h +++ /dev/null @@ -1,146 +0,0 @@ -/* - * Copyright (C) Jelmer Vernooij 2005 - * Copyright (C) Stefan Metzmacher 2006 - * - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the author nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - */ - -#ifndef __SOCKET_WRAPPER_H__ -#define __SOCKET_WRAPPER_H__ - -int swrap_socket(int family, int type, int protocol); -int swrap_accept(int s, struct sockaddr *addr, socklen_t *addrlen); -int swrap_connect(int s, const struct sockaddr *serv_addr, socklen_t addrlen); -int swrap_bind(int s, const struct sockaddr *myaddr, socklen_t addrlen); -int swrap_listen(int s, int backlog); -int swrap_getpeername(int s, struct sockaddr *name, socklen_t *addrlen); -int swrap_getsockname(int s, struct sockaddr *name, socklen_t *addrlen); -int swrap_getsockopt(int s, int level, int optname, void *optval, socklen_t *optlen); -int swrap_setsockopt(int s, int level, int optname, const void *optval, socklen_t optlen); -ssize_t swrap_recvfrom(int s, void *buf, size_t len, int flags, struct sockaddr *from, socklen_t *fromlen); -ssize_t swrap_sendto(int s, const void *buf, size_t len, int flags, const struct sockaddr *to, socklen_t tolen); -int swrap_ioctl(int s, int req, void *ptr); -ssize_t swrap_recv(int s, void *buf, size_t len, int flags); -ssize_t swrap_send(int s, const void *buf, size_t len, int flags); -int swrap_close(int); -int swrap_dup(int); -int swrap_dup2(int, int); - -#ifdef SOCKET_WRAPPER_REPLACE - -#ifdef accept -#undef accept -#endif -#define accept(s,addr,addrlen) swrap_accept(s,addr,addrlen) - -#ifdef connect -#undef connect -#endif -#define connect(s,serv_addr,addrlen) swrap_connect(s,serv_addr,addrlen) - -#ifdef bind -#undef bind -#endif -#define bind(s,myaddr,addrlen) swrap_bind(s,myaddr,addrlen) - -#ifdef listen -#undef listen -#endif -#define listen(s,blog) swrap_listen(s,blog) - -#ifdef getpeername -#undef getpeername -#endif -#define getpeername(s,name,addrlen) swrap_getpeername(s,name,addrlen) - -#ifdef getsockname -#undef getsockname -#endif -#define getsockname(s,name,addrlen) swrap_getsockname(s,name,addrlen) - -#ifdef getsockopt -#undef getsockopt -#endif -#define getsockopt(s,level,optname,optval,optlen) swrap_getsockopt(s,level,optname,optval,optlen) - -#ifdef setsockopt -#undef setsockopt -#endif -#define setsockopt(s,level,optname,optval,optlen) swrap_setsockopt(s,level,optname,optval,optlen) - -#ifdef recvfrom -#undef recvfrom -#endif -#define recvfrom(s,buf,len,flags,from,fromlen) swrap_recvfrom(s,buf,len,flags,from,fromlen) - -#ifdef sendto -#undef sendto -#endif -#define sendto(s,buf,len,flags,to,tolen) swrap_sendto(s,buf,len,flags,to,tolen) - -#ifdef ioctl -#undef ioctl -#endif -#define ioctl(s,req,ptr) swrap_ioctl(s,req,ptr) - -#ifdef recv -#undef recv -#endif -#define recv(s,buf,len,flags) swrap_recv(s,buf,len,flags) - -#ifdef send -#undef send -#endif -#define send(s,buf,len,flags) swrap_send(s,buf,len,flags) - -#ifdef socket -#undef socket -#endif -#define socket(domain,type,protocol) swrap_socket(domain,type,protocol) - -#ifdef close -#undef close -#endif -#define close(s) swrap_close(s) - -#ifdef dup -#undef dup -#endif -#define dup(oldd) swrap_dup(oldd) - -#ifdef dup2 -#undef dup2 -#endif -#define dup2(oldd, newd) swrap_dup2(oldd, newd) - -#endif - -#endif /* __SOCKET_WRAPPER_H__ */ diff --git a/crypto/heimdal/lib/roken/strcasecmp.c b/crypto/heimdal/lib/roken/strcasecmp.c deleted file mode 100644 index 4788d4fb5126..000000000000 --- a/crypto/heimdal/lib/roken/strcasecmp.c +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strcasecmp.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include -#include -#include -#include "roken.h" - -#ifndef HAVE_STRCASECMP - -int ROKEN_LIB_FUNCTION -strcasecmp(const char *s1, const char *s2) -{ - while(toupper((unsigned char)*s1) == toupper((unsigned char)*s2)) { - if(*s1 == '\0') - return 0; - s1++; - s2++; - } - return toupper((unsigned char)*s1) - toupper((unsigned char)*s2); -} - -#endif diff --git a/crypto/heimdal/lib/roken/strcollect.c b/crypto/heimdal/lib/roken/strcollect.c deleted file mode 100644 index f29189159e16..000000000000 --- a/crypto/heimdal/lib/roken/strcollect.c +++ /dev/null @@ -1,96 +0,0 @@ -/* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strcollect.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include -#include -#include -#include -#include "roken.h" - -enum { initial = 10, increment = 5 }; - -static char ** -sub (char **argv, int i, int argc, va_list *ap) -{ - do { - if(i == argc) { - /* realloc argv */ - char **tmp = realloc(argv, (argc + increment) * sizeof(*argv)); - if(tmp == NULL) { - free(argv); - errno = ENOMEM; - return NULL; - } - argv = tmp; - argc += increment; - } - argv[i++] = va_arg(*ap, char*); - } while(argv[i - 1] != NULL); - return argv; -} - -/* - * return a malloced vector of pointers to the strings in `ap' - * terminated by NULL. - */ - -char ** ROKEN_LIB_FUNCTION -vstrcollect(va_list *ap) -{ - return sub (NULL, 0, 0, ap); -} - -/* - * - */ - -char ** ROKEN_LIB_FUNCTION -strcollect(char *first, ...) -{ - va_list ap; - char **ret = malloc (initial * sizeof(char *)); - - if (ret == NULL) - return ret; - - ret[0] = first; - va_start(ap, first); - ret = sub (ret, 1, initial, &ap); - va_end(ap); - return ret; -} diff --git a/crypto/heimdal/lib/roken/strdup.c b/crypto/heimdal/lib/roken/strdup.c deleted file mode 100644 index a832120da259..000000000000 --- a/crypto/heimdal/lib/roken/strdup.c +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strdup.c 14773 2005-04-12 11:29:18Z lha $"); -#endif -#include -#include - -#ifndef HAVE_STRDUP -char * ROKEN_LIB_FUNCTION -strdup(const char *old) -{ - char *t = malloc(strlen(old)+1); - if (t != 0) - strcpy(t, old); - return t; -} -#endif diff --git a/crypto/heimdal/lib/roken/strerror.c b/crypto/heimdal/lib/roken/strerror.c deleted file mode 100644 index ca152f46b56c..000000000000 --- a/crypto/heimdal/lib/roken/strerror.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strerror.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include -#include -#include - -extern int sys_nerr; -extern char *sys_errlist[]; - -char* ROKEN_LIB_FUNCTION -strerror(int eno) -{ - static char emsg[1024]; - - if(eno < 0 || eno >= sys_nerr) - snprintf(emsg, sizeof(emsg), "Error %d occurred.", eno); - else - snprintf(emsg, sizeof(emsg), "%s", sys_errlist[eno]); - - return emsg; -} diff --git a/crypto/heimdal/lib/roken/strftime.c b/crypto/heimdal/lib/roken/strftime.c deleted file mode 100644 index b7176b60b7bd..000000000000 --- a/crypto/heimdal/lib/roken/strftime.c +++ /dev/null @@ -1,401 +0,0 @@ -/* - * Copyright (c) 1999 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#ifdef TEST_STRPFTIME -#include "strpftime-test.h" -#endif -#include "roken.h" - -RCSID("$Id: strftime.c 21896 2007-08-09 08:46:08Z lha $"); - -static const char *abb_weekdays[] = { - "Sun", - "Mon", - "Tue", - "Wed", - "Thu", - "Fri", - "Sat", -}; - -static const char *full_weekdays[] = { - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday", -}; - -static const char *abb_month[] = { - "Jan", - "Feb", - "Mar", - "Apr", - "May", - "Jun", - "Jul", - "Aug", - "Sep", - "Oct", - "Nov", - "Dec" -}; - -static const char *full_month[] = { - "January", - "February", - "Mars", - "April", - "May", - "June", - "July", - "August", - "September", - "October", - "November", - "December" -}; - -static const char *ampm[] = { - "AM", - "PM" -}; - -/* - * Convert hour in [0, 24] to [12 1 - 11 12 1 - 11 12] - */ - -static int -hour_24to12 (int hour) -{ - int ret = hour % 12; - - if (ret == 0) - ret = 12; - return ret; -} - -/* - * Return AM or PM for `hour' - */ - -static const char * -hour_to_ampm (int hour) -{ - return ampm[hour / 12]; -} - -/* - * Return the week number of `tm' (Sunday being the first day of the week) - * as [0, 53] - */ - -static int -week_number_sun (const struct tm *tm) -{ - return (tm->tm_yday + 7 - (tm->tm_yday % 7 - tm->tm_wday + 7) % 7) / 7; -} - -/* - * Return the week number of `tm' (Monday being the first day of the week) - * as [0, 53] - */ - -static int -week_number_mon (const struct tm *tm) -{ - int wday = (tm->tm_wday + 6) % 7; - - return (tm->tm_yday + 7 - (tm->tm_yday % 7 - wday + 7) % 7) / 7; -} - -/* - * Return the week number of `tm' (Monday being the first day of the - * week) as [01, 53]. Week number one is the one that has four or more - * days in that year. - */ - -static int -week_number_mon4 (const struct tm *tm) -{ - int wday = (tm->tm_wday + 6) % 7; - int w1day = (wday - tm->tm_yday % 7 + 7) % 7; - int ret; - - ret = (tm->tm_yday + w1day) / 7; - if (w1day >= 4) - --ret; - if (ret == -1) - ret = 53; - else - ++ret; - return ret; -} - -/* - * - */ - -size_t ROKEN_LIB_FUNCTION -strftime (char *buf, size_t maxsize, const char *format, - const struct tm *tm) -{ - size_t n = 0; - int ret; - - while (*format != '\0' && n < maxsize) { - if (*format == '%') { - ++format; - if(*format == 'E' || *format == 'O') - ++format; - switch (*format) { - case 'a' : - ret = snprintf (buf, maxsize - n, - "%s", abb_weekdays[tm->tm_wday]); - break; - case 'A' : - ret = snprintf (buf, maxsize - n, - "%s", full_weekdays[tm->tm_wday]); - break; - case 'h' : - case 'b' : - ret = snprintf (buf, maxsize - n, - "%s", abb_month[tm->tm_mon]); - break; - case 'B' : - ret = snprintf (buf, maxsize - n, - "%s", full_month[tm->tm_mon]); - break; - case 'c' : - ret = snprintf (buf, maxsize - n, - "%d:%02d:%02d %02d:%02d:%02d", - tm->tm_year, - tm->tm_mon + 1, - tm->tm_mday, - tm->tm_hour, - tm->tm_min, - tm->tm_sec); - break; - case 'C' : - ret = snprintf (buf, maxsize - n, - "%02d", (tm->tm_year + 1900) / 100); - break; - case 'd' : - ret = snprintf (buf, maxsize - n, - "%02d", tm->tm_mday); - break; - case 'D' : - ret = snprintf (buf, maxsize - n, - "%02d/%02d/%02d", - tm->tm_mon + 1, - tm->tm_mday, - (tm->tm_year + 1900) % 100); - break; - case 'e' : - ret = snprintf (buf, maxsize - n, - "%2d", tm->tm_mday); - break; - case 'F': - ret = snprintf (buf, maxsize - n, - "%04d-%02d-%02d", tm->tm_year + 1900, - tm->tm_mon + 1, tm->tm_mday); - break; - case 'g': - /* last two digits of week-based year */ - abort(); - case 'G': - /* week-based year */ - abort(); - case 'H' : - ret = snprintf (buf, maxsize - n, - "%02d", tm->tm_hour); - break; - case 'I' : - ret = snprintf (buf, maxsize - n, - "%02d", - hour_24to12 (tm->tm_hour)); - break; - case 'j' : - ret = snprintf (buf, maxsize - n, - "%03d", tm->tm_yday + 1); - break; - case 'k' : - ret = snprintf (buf, maxsize - n, - "%2d", tm->tm_hour); - break; - case 'l' : - ret = snprintf (buf, maxsize - n, - "%2d", - hour_24to12 (tm->tm_hour)); - break; - case 'm' : - ret = snprintf (buf, maxsize - n, - "%02d", tm->tm_mon + 1); - break; - case 'M' : - ret = snprintf (buf, maxsize - n, - "%02d", tm->tm_min); - break; - case 'n' : - ret = snprintf (buf, maxsize - n, "\n"); - break; - case 'p' : - ret = snprintf (buf, maxsize - n, "%s", - hour_to_ampm (tm->tm_hour)); - break; - case 'r' : - ret = snprintf (buf, maxsize - n, - "%02d:%02d:%02d %s", - hour_24to12 (tm->tm_hour), - tm->tm_min, - tm->tm_sec, - hour_to_ampm (tm->tm_hour)); - break; - case 'R' : - ret = snprintf (buf, maxsize - n, - "%02d:%02d", - tm->tm_hour, - tm->tm_min); - - case 's' : - ret = snprintf (buf, maxsize - n, - "%d", (int)mktime(rk_UNCONST(tm))); - break; - case 'S' : - ret = snprintf (buf, maxsize - n, - "%02d", tm->tm_sec); - break; - case 't' : - ret = snprintf (buf, maxsize - n, "\t"); - break; - case 'T' : - case 'X' : - ret = snprintf (buf, maxsize - n, - "%02d:%02d:%02d", - tm->tm_hour, - tm->tm_min, - tm->tm_sec); - break; - case 'u' : - ret = snprintf (buf, maxsize - n, - "%d", (tm->tm_wday == 0) ? 7 : tm->tm_wday); - break; - case 'U' : - ret = snprintf (buf, maxsize - n, - "%02d", week_number_sun (tm)); - break; - case 'V' : - ret = snprintf (buf, maxsize - n, - "%02d", week_number_mon4 (tm)); - break; - case 'w' : - ret = snprintf (buf, maxsize - n, - "%d", tm->tm_wday); - break; - case 'W' : - ret = snprintf (buf, maxsize - n, - "%02d", week_number_mon (tm)); - break; - case 'x' : - ret = snprintf (buf, maxsize - n, - "%d:%02d:%02d", - tm->tm_year, - tm->tm_mon + 1, - tm->tm_mday); - break; - case 'y' : - ret = snprintf (buf, maxsize - n, - "%02d", (tm->tm_year + 1900) % 100); - break; - case 'Y' : - ret = snprintf (buf, maxsize - n, - "%d", tm->tm_year + 1900); - break; - case 'z': - ret = snprintf (buf, maxsize - n, - "%ld", -#if defined(HAVE_STRUCT_TM_TM_GMTOFF) - (long)tm->tm_gmtoff -#elif defined(HAVE_TIMEZONE) -#ifdef HAVE_ALTZONE - tm->tm_isdst ? - (long)altzone : -#endif - (long)timezone -#else -#error Where in timezone chaos are you? -#endif - ); - break; - case 'Z' : - ret = snprintf (buf, maxsize - n, - "%s", - -#if defined(HAVE_STRUCT_TM_TM_ZONE) - tm->tm_zone -#elif defined(HAVE_TIMEZONE) - tzname[tm->tm_isdst] -#else -#error what? -#endif - ); - break; - case '\0' : - --format; - /* FALLTHROUGH */ - case '%' : - ret = snprintf (buf, maxsize - n, - "%%"); - break; - default : - ret = snprintf (buf, maxsize - n, - "%%%c", *format); - break; - } - if (ret < 0 || ret >= maxsize - n) - return 0; - n += ret; - buf += ret; - ++format; - } else { - *buf++ = *format++; - ++n; - } - } - *buf++ = '\0'; - return n; -} diff --git a/crypto/heimdal/lib/roken/strlcat.c b/crypto/heimdal/lib/roken/strlcat.c deleted file mode 100644 index 3f9c085210c8..000000000000 --- a/crypto/heimdal/lib/roken/strlcat.c +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 1995-2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -RCSID("$Id: strlcat.c 14773 2005-04-12 11:29:18Z lha $"); - -#ifndef HAVE_STRLCAT - -size_t ROKEN_LIB_FUNCTION -strlcat (char *dst, const char *src, size_t dst_sz) -{ - size_t len = strlen(dst); - - if (dst_sz < len) - /* the total size of dst is less than the string it contains; - this could be considered bad input, but we might as well - handle it */ - return len + strlen(src); - - return len + strlcpy (dst + len, src, dst_sz - len); -} -#endif diff --git a/crypto/heimdal/lib/roken/strlcpy.c b/crypto/heimdal/lib/roken/strlcpy.c deleted file mode 100644 index 6797317bf40b..000000000000 --- a/crypto/heimdal/lib/roken/strlcpy.c +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright (c) 1995-2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -RCSID("$Id: strlcpy.c 14773 2005-04-12 11:29:18Z lha $"); - -#ifndef HAVE_STRLCPY - -size_t ROKEN_LIB_FUNCTION -strlcpy (char *dst, const char *src, size_t dst_sz) -{ - size_t n; - - for (n = 0; n < dst_sz; n++) { - if ((*dst++ = *src++) == '\0') - break; - } - - if (n < dst_sz) - return n; - if (n > 0) - *(dst - 1) = '\0'; - return n + strlen (src); -} - -#endif diff --git a/crypto/heimdal/lib/roken/strlwr.c b/crypto/heimdal/lib/roken/strlwr.c deleted file mode 100644 index 9e5e9739fc1c..000000000000 --- a/crypto/heimdal/lib/roken/strlwr.c +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strlwr.c 21005 2007-06-08 01:54:35Z lha $"); -#endif -#include -#include - -#include "roken.h" - -#ifndef HAVE_STRLWR -char * ROKEN_LIB_FUNCTION -strlwr(char *str) -{ - char *s; - - for(s = str; *s; s++) - *s = tolower((unsigned char)*s); - return str; -} -#endif diff --git a/crypto/heimdal/lib/roken/strncasecmp.c b/crypto/heimdal/lib/roken/strncasecmp.c deleted file mode 100644 index e534393c7d56..000000000000 --- a/crypto/heimdal/lib/roken/strncasecmp.c +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strncasecmp.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include -#include -#include - -#ifndef HAVE_STRNCASECMP - -int ROKEN_LIB_FUNCTION -strncasecmp(const char *s1, const char *s2, size_t n) -{ - while(n > 0 - && toupper((unsigned char)*s1) == toupper((unsigned char)*s2)) - { - if(*s1 == '\0') - return 0; - s1++; - s2++; - n--; - } - if(n == 0) - return 0; - return toupper((unsigned char)*s1) - toupper((unsigned char)*s2); -} - -#endif diff --git a/crypto/heimdal/lib/roken/strndup.c b/crypto/heimdal/lib/roken/strndup.c deleted file mode 100644 index 1960fd28c2aa..000000000000 --- a/crypto/heimdal/lib/roken/strndup.c +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strndup.c 21005 2007-06-08 01:54:35Z lha $"); -#endif -#include -#include - -#include "roken.h" - -#ifndef HAVE_STRNDUP -char * ROKEN_LIB_FUNCTION -strndup(const char *old, size_t sz) -{ - size_t len = strnlen (old, sz); - char *t = malloc(len + 1); - - if (t != NULL) { - memcpy (t, old, len); - t[len] = '\0'; - } - return t; -} -#endif /* HAVE_STRNDUP */ diff --git a/crypto/heimdal/lib/roken/strnlen.c b/crypto/heimdal/lib/roken/strnlen.c deleted file mode 100644 index 3ba61a582318..000000000000 --- a/crypto/heimdal/lib/roken/strnlen.c +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strnlen.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -size_t ROKEN_LIB_FUNCTION -strnlen(const char *s, size_t len) -{ - size_t i; - - for(i = 0; i < len && s[i]; i++) - ; - return i; -} diff --git a/crypto/heimdal/lib/roken/strpftime-test.c b/crypto/heimdal/lib/roken/strpftime-test.c deleted file mode 100644 index a1c13f3dced2..000000000000 --- a/crypto/heimdal/lib/roken/strpftime-test.c +++ /dev/null @@ -1,299 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#ifdef TEST_STRPFTIME -#include "strpftime-test.h" -#endif -#include "roken.h" - -RCSID("$Id: strpftime-test.c 21897 2007-08-09 08:46:34Z lha $"); - -enum { MAXSIZE = 26 }; - -static struct testcase { - time_t t; - struct { - const char *format; - const char *result; - } vals[MAXSIZE]; -} tests[] = { - {0, - { - {"%A", "Thursday"}, - {"%a", "Thu"}, - {"%B", "January"}, - {"%b", "Jan"}, - {"%C", "19"}, - {"%d", "01"}, - {"%e", " 1"}, - {"%H", "00"}, - {"%I", "12"}, - {"%j", "001"}, - {"%k", " 0"}, - {"%l", "12"}, - {"%M", "00"}, - {"%m", "01"}, - {"%n", "\n"}, - {"%p", "AM"}, - {"%S", "00"}, - {"%t", "\t"}, - {"%w", "4"}, - {"%Y", "1970"}, - {"%y", "70"}, - {"%U", "00"}, - {"%W", "00"}, - {"%V", "01"}, - {"%%", "%"}, - {NULL, NULL}} - }, - {90000, - { - {"%A", "Friday"}, - {"%a", "Fri"}, - {"%B", "January"}, - {"%b", "Jan"}, - {"%C", "19"}, - {"%d", "02"}, - {"%e", " 2"}, - {"%H", "01"}, - {"%I", "01"}, - {"%j", "002"}, - {"%k", " 1"}, - {"%l", " 1"}, - {"%M", "00"}, - {"%m", "01"}, - {"%n", "\n"}, - {"%p", "AM"}, - {"%S", "00"}, - {"%t", "\t"}, - {"%w", "5"}, - {"%Y", "1970"}, - {"%y", "70"}, - {"%U", "00"}, - {"%W", "00"}, - {"%V", "01"}, - {"%%", "%"}, - {NULL, NULL} - } - }, - {216306, - { - {"%A", "Saturday"}, - {"%a", "Sat"}, - {"%B", "January"}, - {"%b", "Jan"}, - {"%C", "19"}, - {"%d", "03"}, - {"%e", " 3"}, - {"%H", "12"}, - {"%I", "12"}, - {"%j", "003"}, - {"%k", "12"}, - {"%l", "12"}, - {"%M", "05"}, - {"%m", "01"}, - {"%n", "\n"}, - {"%p", "PM"}, - {"%S", "06"}, - {"%t", "\t"}, - {"%w", "6"}, - {"%Y", "1970"}, - {"%y", "70"}, - {"%U", "00"}, - {"%W", "00"}, - {"%V", "01"}, - {"%%", "%"}, - {NULL, NULL} - } - }, - {259200, - { - {"%A", "Sunday"}, - {"%a", "Sun"}, - {"%B", "January"}, - {"%b", "Jan"}, - {"%C", "19"}, - {"%d", "04"}, - {"%e", " 4"}, - {"%H", "00"}, - {"%I", "12"}, - {"%j", "004"}, - {"%k", " 0"}, - {"%l", "12"}, - {"%M", "00"}, - {"%m", "01"}, - {"%n", "\n"}, - {"%p", "AM"}, - {"%S", "00"}, - {"%t", "\t"}, - {"%w", "0"}, - {"%Y", "1970"}, - {"%y", "70"}, - {"%U", "01"}, - {"%W", "00"}, - {"%V", "01"}, - {"%%", "%"}, - {NULL, NULL} - } - }, - {915148800, - { - {"%A", "Friday"}, - {"%a", "Fri"}, - {"%B", "January"}, - {"%b", "Jan"}, - {"%C", "19"}, - {"%d", "01"}, - {"%e", " 1"}, - {"%H", "00"}, - {"%I", "12"}, - {"%j", "001"}, - {"%k", " 0"}, - {"%l", "12"}, - {"%M", "00"}, - {"%m", "01"}, - {"%n", "\n"}, - {"%p", "AM"}, - {"%S", "00"}, - {"%t", "\t"}, - {"%w", "5"}, - {"%Y", "1999"}, - {"%y", "99"}, - {"%U", "00"}, - {"%W", "00"}, - {"%V", "53"}, - {"%%", "%"}, - {NULL, NULL}} - }, - {942161105, - { - - {"%A", "Tuesday"}, - {"%a", "Tue"}, - {"%B", "November"}, - {"%b", "Nov"}, - {"%C", "19"}, - {"%d", "09"}, - {"%e", " 9"}, - {"%H", "15"}, - {"%I", "03"}, - {"%j", "313"}, - {"%k", "15"}, - {"%l", " 3"}, - {"%M", "25"}, - {"%m", "11"}, - {"%n", "\n"}, - {"%p", "PM"}, - {"%S", "05"}, - {"%t", "\t"}, - {"%w", "2"}, - {"%Y", "1999"}, - {"%y", "99"}, - {"%U", "45"}, - {"%W", "45"}, - {"%V", "45"}, - {"%%", "%"}, - {NULL, NULL} - } - } -}; - -int -main(int argc, char **argv) -{ - int i, j; - int ret = 0; - - for (i = 0; i < sizeof(tests)/sizeof(tests[0]); ++i) { - struct tm *tm; - - tm = gmtime (&tests[i].t); - - for (j = 0; tests[i].vals[j].format != NULL; ++j) { - char buf[128]; - size_t len; - struct tm tm2; - char *ptr; - - len = strftime (buf, sizeof(buf), tests[i].vals[j].format, tm); - if (len != strlen (buf)) { - printf ("length of strftime(\"%s\") = %lu (\"%s\")\n", - tests[i].vals[j].format, (unsigned long)len, - buf); - ++ret; - continue; - } - if (strcmp (buf, tests[i].vals[j].result) != 0) { - printf ("result of strftime(\"%s\") = \"%s\" != \"%s\"\n", - tests[i].vals[j].format, buf, - tests[i].vals[j].result); - ++ret; - continue; - } - memset (&tm2, 0, sizeof(tm2)); - ptr = strptime (tests[i].vals[j].result, - tests[i].vals[j].format, - &tm2); - if (ptr == NULL || *ptr != '\0') { - printf ("bad return value from strptime(" - "\"%s\", \"%s\")\n", - tests[i].vals[j].result, - tests[i].vals[j].format); - ++ret; - } - strftime (buf, sizeof(buf), tests[i].vals[j].format, &tm2); - if (strcmp (buf, tests[i].vals[j].result) != 0) { - printf ("reverse of \"%s\" failed: \"%s\" vs \"%s\"\n", - tests[i].vals[j].format, - buf, tests[i].vals[j].result); - ++ret; - } - } - } - { - struct tm tm; - memset(&tm, 0, sizeof(tm)); - strptime ("200505", "%Y%m", &tm); - if (tm.tm_year != 105) - ++ret; - if (tm.tm_mon != 4) - ++ret; - } - if (ret) { - printf ("%d errors\n", ret); - return 1; - } else - return 0; -} diff --git a/crypto/heimdal/lib/roken/strpftime-test.h b/crypto/heimdal/lib/roken/strpftime-test.h deleted file mode 100644 index 546e5529539a..000000000000 --- a/crypto/heimdal/lib/roken/strpftime-test.h +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -/* $Id: snprintf-test.h 10377 2001-07-19 18:39:14Z assar $ */ - -#ifndef __STRFTIME_TEST_H__ -#define __STRFTIME_TEST_H__ - -/* - * we cannot use the real names of the functions when testing, since - * they might have different prototypes as the system functions, hence - * these evil hacks - */ - -#define strftime test_strftime -#define strptime test_strptime - -#endif /* __STRFTIME_TEST_H__ */ diff --git a/crypto/heimdal/lib/roken/strpool.c b/crypto/heimdal/lib/roken/strpool.c deleted file mode 100644 index 6ebe0ce6c4b8..000000000000 --- a/crypto/heimdal/lib/roken/strpool.c +++ /dev/null @@ -1,110 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strpool.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include -#include -#include "roken.h" - -struct rk_strpool { - char *str; - size_t len; -}; - -/* - * - */ - -void ROKEN_LIB_FUNCTION -rk_strpoolfree(struct rk_strpool *p) -{ - if (p->str) { - free(p->str); - p->str = NULL; - } - free(p); -} - -/* - * - */ - -struct rk_strpool * ROKEN_LIB_FUNCTION -rk_strpoolprintf(struct rk_strpool *p, const char *fmt, ...) -{ - va_list ap; - char *str, *str2; - int len; - - if (p == NULL) { - p = malloc(sizeof(*p)); - if (p == NULL) - return NULL; - p->str = NULL; - p->len = 0; - } - va_start(ap, fmt); - len = vasprintf(&str, fmt, ap); - va_end(ap); - if (str == NULL) { - rk_strpoolfree(p); - return NULL; - } - str2 = realloc(p->str, len + p->len + 1); - if (str2 == NULL) { - rk_strpoolfree(p); - return NULL; - } - p->str = str2; - memcpy(p->str + p->len, str, len + 1); - p->len += len; - free(str); - return p; -} - -/* - * - */ - -char * ROKEN_LIB_FUNCTION -rk_strpoolcollect(struct rk_strpool *p) -{ - char *str = p->str; - p->str = NULL; - free(p); - return str; -} diff --git a/crypto/heimdal/lib/roken/strptime.c b/crypto/heimdal/lib/roken/strptime.c deleted file mode 100644 index 9cd133357a56..000000000000 --- a/crypto/heimdal/lib/roken/strptime.c +++ /dev/null @@ -1,453 +0,0 @@ -/* - * Copyright (c) 1999, 2003, 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#ifdef TEST_STRPFTIME -#include "strpftime-test.h" -#endif -#include -#include "roken.h" - -RCSID("$Id: strptime.c 21895 2007-08-09 08:45:54Z lha $"); - -static const char *abb_weekdays[] = { - "Sun", - "Mon", - "Tue", - "Wed", - "Thu", - "Fri", - "Sat", - NULL -}; - -static const char *full_weekdays[] = { - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday", - NULL -}; - -static const char *abb_month[] = { - "Jan", - "Feb", - "Mar", - "Apr", - "May", - "Jun", - "Jul", - "Aug", - "Sep", - "Oct", - "Nov", - "Dec", - NULL -}; - -static const char *full_month[] = { - "January", - "February", - "March", - "April", - "May", - "June", - "July", - "August", - "September", - "October", - "November", - "December", - NULL, -}; - -static const char *ampm[] = { - "am", - "pm", - NULL -}; - -/* - * Try to match `*buf' to one of the strings in `strs'. Return the - * index of the matching string (or -1 if none). Also advance buf. - */ - -static int -match_string (const char **buf, const char **strs) -{ - int i = 0; - - for (i = 0; strs[i] != NULL; ++i) { - int len = strlen (strs[i]); - - if (strncasecmp (*buf, strs[i], len) == 0) { - *buf += len; - return i; - } - } - return -1; -} - -/* - * Try to match `*buf' to at the most `n' characters and return the - * resulting number in `num'. Returns 0 or an error. Also advance - * buf. - */ - -static int -parse_number (const char **buf, int n, int *num) -{ - char *s, *str; - int i; - - str = malloc(n + 1); - if (str == NULL) - return -1; - - /* skip whitespace */ - for (; **buf != '\0' && isspace((unsigned char)(**buf)); (*buf)++) - ; - - /* parse at least n characters */ - for (i = 0; **buf != '\0' && i < n && isdigit((unsigned char)(**buf)); i++, (*buf)++) - str[i] = **buf; - str[i] = '\0'; - - *num = strtol (str, &s, 10); - free(str); - if (s == str) - return -1; - - return 0; -} - -/* - * tm_year is relative this year - */ - -const int tm_year_base = 1900; - -/* - * Return TRUE iff `year' was a leap year. - */ - -static int -is_leap_year (int year) -{ - return (year % 4) == 0 && ((year % 100) != 0 || (year % 400) == 0); -} - -/* - * Return the weekday [0,6] (0 = Sunday) of the first day of `year' - */ - -static int -first_day (int year) -{ - int ret = 4; - - for (; year > 1970; --year) - ret = (ret + 365 + is_leap_year (year) ? 1 : 0) % 7; - return ret; -} - -/* - * Set `timeptr' given `wnum' (week number [0, 53]) - */ - -static void -set_week_number_sun (struct tm *timeptr, int wnum) -{ - int fday = first_day (timeptr->tm_year + tm_year_base); - - timeptr->tm_yday = wnum * 7 + timeptr->tm_wday - fday; - if (timeptr->tm_yday < 0) { - timeptr->tm_wday = fday; - timeptr->tm_yday = 0; - } -} - -/* - * Set `timeptr' given `wnum' (week number [0, 53]) - */ - -static void -set_week_number_mon (struct tm *timeptr, int wnum) -{ - int fday = (first_day (timeptr->tm_year + tm_year_base) + 6) % 7; - - timeptr->tm_yday = wnum * 7 + (timeptr->tm_wday + 6) % 7 - fday; - if (timeptr->tm_yday < 0) { - timeptr->tm_wday = (fday + 1) % 7; - timeptr->tm_yday = 0; - } -} - -/* - * Set `timeptr' given `wnum' (week number [0, 53]) - */ - -static void -set_week_number_mon4 (struct tm *timeptr, int wnum) -{ - int fday = (first_day (timeptr->tm_year + tm_year_base) + 6) % 7; - int offset = 0; - - if (fday < 4) - offset += 7; - - timeptr->tm_yday = offset + (wnum - 1) * 7 + timeptr->tm_wday - fday; - if (timeptr->tm_yday < 0) { - timeptr->tm_wday = fday; - timeptr->tm_yday = 0; - } -} - -/* - * - */ - -char * ROKEN_LIB_FUNCTION -strptime (const char *buf, const char *format, struct tm *timeptr) -{ - char c; - - for (; (c = *format) != '\0'; ++format) { - char *s; - int ret; - - if (isspace ((unsigned char)c)) { - while (isspace ((unsigned char)*buf)) - ++buf; - } else if (c == '%' && format[1] != '\0') { - c = *++format; - if (c == 'E' || c == 'O') - c = *++format; - switch (c) { - case 'A' : - ret = match_string (&buf, full_weekdays); - if (ret < 0) - return NULL; - timeptr->tm_wday = ret; - break; - case 'a' : - ret = match_string (&buf, abb_weekdays); - if (ret < 0) - return NULL; - timeptr->tm_wday = ret; - break; - case 'B' : - ret = match_string (&buf, full_month); - if (ret < 0) - return NULL; - timeptr->tm_mon = ret; - break; - case 'b' : - case 'h' : - ret = match_string (&buf, abb_month); - if (ret < 0) - return NULL; - timeptr->tm_mon = ret; - break; - case 'C' : - if (parse_number(&buf, 2, &ret)) - return NULL; - timeptr->tm_year = (ret * 100) - tm_year_base; - break; - case 'c' : - abort (); - case 'D' : /* %m/%d/%y */ - s = strptime (buf, "%m/%d/%y", timeptr); - if (s == NULL) - return NULL; - buf = s; - break; - case 'd' : - case 'e' : - if (parse_number(&buf, 2, &ret)) - return NULL; - timeptr->tm_mday = ret; - break; - case 'H' : - case 'k' : - if (parse_number(&buf, 2, &ret)) - return NULL; - timeptr->tm_hour = ret; - break; - case 'I' : - case 'l' : - if (parse_number(&buf, 2, &ret)) - return NULL; - if (ret == 12) - timeptr->tm_hour = 0; - else - timeptr->tm_hour = ret; - break; - case 'j' : - if (parse_number(&buf, 3, &ret)) - return NULL; - if (ret == 0) - return NULL; - timeptr->tm_yday = ret - 1; - break; - case 'm' : - if (parse_number(&buf, 2, &ret)) - return NULL; - if (ret == 0) - return NULL; - timeptr->tm_mon = ret - 1; - break; - case 'M' : - if (parse_number(&buf, 2, &ret)) - return NULL; - timeptr->tm_min = ret; - break; - case 'n' : - while (isspace ((unsigned char)*buf)) - buf++; - break; - case 'p' : - ret = match_string (&buf, ampm); - if (ret < 0) - return NULL; - if (timeptr->tm_hour == 0) { - if (ret == 1) - timeptr->tm_hour = 12; - } else - timeptr->tm_hour += 12; - break; - case 'r' : /* %I:%M:%S %p */ - s = strptime (buf, "%I:%M:%S %p", timeptr); - if (s == NULL) - return NULL; - buf = s; - break; - case 'R' : /* %H:%M */ - s = strptime (buf, "%H:%M", timeptr); - if (s == NULL) - return NULL; - buf = s; - break; - case 'S' : - if (parse_number(&buf, 2, &ret)) - return NULL; - timeptr->tm_sec = ret; - break; - case 't' : - while (isspace ((unsigned char)*buf)) - buf++; - break; - case 'T' : /* %H:%M:%S */ - case 'X' : - s = strptime (buf, "%H:%M:%S", timeptr); - if (s == NULL) - return NULL; - buf = s; - break; - case 'u' : - if (parse_number(&buf, 1, &ret)) - return NULL; - if (ret <= 0) - return NULL; - timeptr->tm_wday = ret - 1; - break; - case 'w' : - if (parse_number(&buf, 1, &ret)) - return NULL; - timeptr->tm_wday = ret; - break; - case 'U' : - if (parse_number(&buf, 2, &ret)) - return NULL; - set_week_number_sun (timeptr, ret); - break; - case 'V' : - if (parse_number(&buf, 2, &ret)) - return NULL; - set_week_number_mon4 (timeptr, ret); - break; - case 'W' : - if (parse_number(&buf, 2, &ret)) - return NULL; - set_week_number_mon (timeptr, ret); - break; - case 'x' : - s = strptime (buf, "%Y:%m:%d", timeptr); - if (s == NULL) - return NULL; - buf = s; - break; - case 'y' : - if (parse_number(&buf, 2, &ret)) - return NULL; - if (ret < 70) - timeptr->tm_year = 100 + ret; - else - timeptr->tm_year = ret; - break; - case 'Y' : - if (parse_number(&buf, 4, &ret)) - return NULL; - timeptr->tm_year = ret - tm_year_base; - break; - case 'Z' : - abort (); - case '\0' : - --format; - /* FALLTHROUGH */ - case '%' : - if (*buf == '%') - ++buf; - else - return NULL; - break; - default : - if (*buf == '%' || *++buf == c) - ++buf; - else - return NULL; - break; - } - } else { - if (*buf == c) - ++buf; - else - return NULL; - } - } - return rk_UNCONST(buf); -} diff --git a/crypto/heimdal/lib/roken/strsep.c b/crypto/heimdal/lib/roken/strsep.c deleted file mode 100644 index dd191c402298..000000000000 --- a/crypto/heimdal/lib/roken/strsep.c +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strsep.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include - -#include "roken.h" - -#ifndef HAVE_STRSEP - -char * ROKEN_LIB_FUNCTION -strsep(char **str, const char *delim) -{ - char *save = *str; - if(*str == NULL) - return NULL; - *str = *str + strcspn(*str, delim); - if(**str == 0) - *str = NULL; - else{ - **str = 0; - (*str)++; - } - return save; -} - -#endif diff --git a/crypto/heimdal/lib/roken/strsep_copy.c b/crypto/heimdal/lib/roken/strsep_copy.c deleted file mode 100644 index 4a0a8b05333a..000000000000 --- a/crypto/heimdal/lib/roken/strsep_copy.c +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 2000, 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strsep_copy.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include - -#include "roken.h" - -#ifndef HAVE_STRSEP_COPY - -/* strsep, but with const stringp, so return string in buf */ - -ssize_t ROKEN_LIB_FUNCTION -strsep_copy(const char **stringp, const char *delim, char *buf, size_t len) -{ - const char *save = *stringp; - size_t l; - if(save == NULL) - return -1; - *stringp = *stringp + strcspn(*stringp, delim); - l = min(len, *stringp - save); - if(len > 0) { - memcpy(buf, save, l); - buf[l] = '\0'; - } - - l = *stringp - save; - if(**stringp == '\0') - *stringp = NULL; - else - (*stringp)++; - return l; -} - -#endif diff --git a/crypto/heimdal/lib/roken/strtok_r.c b/crypto/heimdal/lib/roken/strtok_r.c deleted file mode 100644 index fb72f5dc7728..000000000000 --- a/crypto/heimdal/lib/roken/strtok_r.c +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strtok_r.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include - -#include "roken.h" - -#ifndef HAVE_STRTOK_R - -char * ROKEN_LIB_FUNCTION -strtok_r(char *s1, const char *s2, char **lasts) -{ - char *ret; - - if (s1 == NULL) - s1 = *lasts; - while(*s1 && strchr(s2, *s1)) - ++s1; - if(*s1 == '\0') - return NULL; - ret = s1; - while(*s1 && !strchr(s2, *s1)) - ++s1; - if(*s1) - *s1++ = '\0'; - *lasts = s1; - return ret; -} - -#endif /* HAVE_STRTOK_R */ diff --git a/crypto/heimdal/lib/roken/strupr.c b/crypto/heimdal/lib/roken/strupr.c deleted file mode 100644 index 2a5322677f5c..000000000000 --- a/crypto/heimdal/lib/roken/strupr.c +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strupr.c 21005 2007-06-08 01:54:35Z lha $"); -#endif -#include -#include - -#include "roken.h" - -#ifndef HAVE_STRUPR -char * ROKEN_LIB_FUNCTION -strupr(char *str) -{ - char *s; - - for(s = str; *s; s++) - *s = toupper((unsigned char)*s); - return str; -} -#endif diff --git a/crypto/heimdal/lib/roken/swab.c b/crypto/heimdal/lib/roken/swab.c deleted file mode 100644 index 20744ca02ff9..000000000000 --- a/crypto/heimdal/lib/roken/swab.c +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -#ifndef HAVE_SWAB - -RCSID("$Id: swab.c 14773 2005-04-12 11:29:18Z lha $"); - -void ROKEN_LIB_FUNCTION -swab (char *from, char *to, int nbytes) -{ - while(nbytes >= 2) { - *(to + 1) = *from; - *to = *(from + 1); - to += 2; - from += 2; - nbytes -= 2; - } -} -#endif diff --git a/crypto/heimdal/lib/roken/test-mem.c b/crypto/heimdal/lib/roken/test-mem.c deleted file mode 100644 index d955c1a489fc..000000000000 --- a/crypto/heimdal/lib/roken/test-mem.c +++ /dev/null @@ -1,199 +0,0 @@ -/* - * Copyright (c) 1999 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#ifdef HAVE_SYS_MMAN_H -#include -#endif -#include -#include -#include -#include "roken.h" - -#include "test-mem.h" - -RCSID("$Id: test-mem.c 21005 2007-06-08 01:54:35Z lha $"); - -/* #undef HAVE_MMAP */ - -struct { - void *start; - size_t size; - void *data_start; - size_t data_size; - enum rk_test_mem_type type; - int fd; -} map; - -struct sigaction sa, osa; - -char *testname; - -static RETSIGTYPE -segv_handler(int sig) -{ - int fd; - char msg[] = "SIGSEGV i current test: "; - - fd = open("/dev/stdout", O_WRONLY, 0600); - if (fd >= 0) { - write(fd, msg, sizeof(msg) - 1); - write(fd, testname, strlen(testname)); - write(fd, "\n", 1); - close(fd); - } - _exit(1); -} - -#define TESTREC() \ - if (testname) \ - errx(1, "test %s run recursively on %s", name, testname); \ - testname = strdup(name); \ - if (testname == NULL) \ - errx(1, "malloc"); - - -void * ROKEN_LIB_FUNCTION -rk_test_mem_alloc(enum rk_test_mem_type type, const char *name, - void *buf, size_t size) -{ -#ifndef HAVE_MMAP - unsigned char *p; - - TESTREC(); - - p = malloc(size + 2); - if (p == NULL) - errx(1, "malloc"); - map.type = type; - map.start = p; - map.size = size + 2; - p[0] = 0xff; - p[map.size] = 0xff; - map.data_start = p + 1; -#else - unsigned char *p; - int flags, ret, fd; - size_t pagesize = getpagesize(); - - TESTREC(); - - map.type = type; - -#ifdef MAP_ANON - flags = MAP_ANON; - fd = -1; -#else - flags = 0; - fd = open ("/dev/zero", O_RDONLY); - if(fd < 0) - err (1, "open /dev/zero"); -#endif - map.fd = fd; - flags |= MAP_PRIVATE; - - map.size = size + pagesize - (size % pagesize) + pagesize * 2; - - p = (unsigned char *)mmap(0, map.size, PROT_READ | PROT_WRITE, - flags, fd, 0); - if (p == (unsigned char *)MAP_FAILED) - err (1, "mmap"); - - map.start = p; - - ret = mprotect ((void *)p, pagesize, 0); - if (ret < 0) - err (1, "mprotect"); - - ret = mprotect (p + map.size - pagesize, pagesize, 0); - if (ret < 0) - err (1, "mprotect"); - - switch (type) { - case RK_TM_OVERRUN: - map.data_start = p + map.size - pagesize - size; - break; - case RK_TM_UNDERRUN: - map.data_start = p + pagesize; - break; - default: - abort(); - } -#endif - sigemptyset (&sa.sa_mask); - sa.sa_flags = 0; -#ifdef SA_RESETHAND - sa.sa_flags |= SA_RESETHAND; -#endif - sa.sa_handler = segv_handler; - sigaction (SIGSEGV, &sa, &osa); - - map.data_size = size; - if (buf) - memcpy(map.data_start, buf, size); - return map.data_start; -} - -void ROKEN_LIB_FUNCTION -rk_test_mem_free(const char *map_name) -{ -#ifndef HAVE_MMAP - unsigned char *p = map.start; - - if (testname == NULL) - errx(1, "test_mem_free call on no free"); - - if (p[0] != 0xff) - errx(1, "%s: %s underrun %x\n", testname, map_name, p[0]); - if (p[map.size] != 0xff) - errx(1, "%s: %s overrun %x\n", testname, map_name, p[map.size - 1]); - free(map.start); -#else - int ret; - - if (testname == NULL) - errx(1, "test_mem_free call on no free"); - - ret = munmap (map.start, map.size); - if (ret < 0) - err (1, "munmap"); - if (map.fd > 0) - close(map.fd); -#endif - free(testname); - testname = NULL; - - sigaction (SIGSEGV, &osa, NULL); -} diff --git a/crypto/heimdal/lib/roken/test-mem.h b/crypto/heimdal/lib/roken/test-mem.h deleted file mode 100644 index 896222f8d76f..000000000000 --- a/crypto/heimdal/lib/roken/test-mem.h +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (c) 1999 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -enum rk_test_mem_type { RK_TM_OVERRUN, RK_TM_UNDERRUN }; - -void * ROKEN_LIB_FUNCTION - rk_test_mem_alloc(enum rk_test_mem_type, const char *, void *, size_t); -void ROKEN_LIB_FUNCTION - rk_test_mem_free(const char *); diff --git a/crypto/heimdal/lib/roken/test-readenv.c b/crypto/heimdal/lib/roken/test-readenv.c deleted file mode 100644 index 2cbf8166716b..000000000000 --- a/crypto/heimdal/lib/roken/test-readenv.c +++ /dev/null @@ -1,118 +0,0 @@ -/* - * Copyright (c) 2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: test-readenv.c 20868 2007-06-03 21:02:04Z lha $"); -#endif - -#include "roken.h" -#include "test-mem.h" - -char *s1 = "VAR1=VAL1#comment\n\ -VAR2=VAL2 VAL2 #comment\n\ -#this another comment\n\ -\n\ -VAR3=FOO"; - -char *s2 = "VAR1=ENV2\n\ -"; - -static void -make_file(char *tmpl, size_t l) -{ - int fd; - strlcpy(tmpl, "env.XXXXXX", l); - fd = mkstemp(tmpl); - if(fd < 0) - err(1, "mkstemp"); - close(fd); -} - -static void -write_file(const char *fn, const char *s) -{ - FILE *f; - f = fopen(fn, "w"); - if(f == NULL) { - unlink(fn); - err(1, "fopen"); - } - if(fwrite(s, 1, strlen(s), f) != strlen(s)) - err(1, "short write"); - if(fclose(f) != 0) { - unlink(fn); - err(1, "fclose"); - } -} - -int -main(int argc, char **argv) -{ - char **env = NULL; - int count = 0; - char fn[MAXPATHLEN]; - int error = 0; - - make_file(fn, sizeof(fn)); - - write_file(fn, s1); - count = read_environment(fn, &env); - if(count != 3) { - warnx("test 1: variable count %d != 3", count); - error++; - } - - write_file(fn, s2); - count = read_environment(fn, &env); - if(count != 1) { - warnx("test 2: variable count %d != 1", count); - error++; - } - - unlink(fn); - count = read_environment(fn, &env); - if(count != 0) { - warnx("test 3: variable count %d != 0", count); - error++; - } - for(count = 0; env && env[count]; count++); - if(count != 3) { - warnx("total variable count %d != 3", count); - error++; - } - free_environment(env); - - - return error; -} diff --git a/crypto/heimdal/lib/roken/timegm.c b/crypto/heimdal/lib/roken/timegm.c deleted file mode 100644 index 41eb48716d12..000000000000 --- a/crypto/heimdal/lib/roken/timegm.c +++ /dev/null @@ -1,88 +0,0 @@ -/* - * Copyright (c) 1997, 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: timegm.c 18606 2006-10-19 16:19:10Z lha $"); -#endif - -#include "roken.h" - -static int -is_leap(unsigned y) -{ - y += 1900; - return (y % 4) == 0 && ((y % 100) != 0 || (y % 400) == 0); -} - -/* - * XXX This is a simplifed version of timegm, it needs to support out of - * bounds values. - */ - -time_t -rk_timegm (struct tm *tm) -{ - static const unsigned ndays[2][12] ={ - {31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}, - {31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}}; - time_t res = 0; - unsigned i; - - if (tm->tm_year < 0) - return -1; - if (tm->tm_mon < 0 || tm->tm_mon > 11) - return -1; - if (tm->tm_mday < 1 || tm->tm_mday > ndays[is_leap(tm->tm_year)][tm->tm_mon]) - return -1; - if (tm->tm_hour < 0 || tm->tm_hour > 23) - return -1; - if (tm->tm_min < 0 || tm->tm_min > 59) - return -1; - if (tm->tm_sec < 0 || tm->tm_sec > 59) - return -1; - - for (i = 70; i < tm->tm_year; ++i) - res += is_leap(i) ? 366 : 365; - - for (i = 0; i < tm->tm_mon; ++i) - res += ndays[is_leap(tm->tm_year)][i]; - res += tm->tm_mday - 1; - res *= 24; - res += tm->tm_hour; - res *= 60; - res += tm->tm_min; - res *= 60; - res += tm->tm_sec; - return res; -} diff --git a/crypto/heimdal/lib/roken/timeval.c b/crypto/heimdal/lib/roken/timeval.c deleted file mode 100644 index b72e2023f00b..000000000000 --- a/crypto/heimdal/lib/roken/timeval.c +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * Timeval stuff - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: timeval.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -/* - * Make `t1' consistent. - */ - -void ROKEN_LIB_FUNCTION -timevalfix(struct timeval *t1) -{ - if (t1->tv_usec < 0) { - t1->tv_sec--; - t1->tv_usec += 1000000; - } - if (t1->tv_usec >= 1000000) { - t1->tv_sec++; - t1->tv_usec -= 1000000; - } -} - -/* - * t1 += t2 - */ - -void ROKEN_LIB_FUNCTION -timevaladd(struct timeval *t1, const struct timeval *t2) -{ - t1->tv_sec += t2->tv_sec; - t1->tv_usec += t2->tv_usec; - timevalfix(t1); -} - -/* - * t1 -= t2 - */ - -void ROKEN_LIB_FUNCTION -timevalsub(struct timeval *t1, const struct timeval *t2) -{ - t1->tv_sec -= t2->tv_sec; - t1->tv_usec -= t2->tv_usec; - timevalfix(t1); -} diff --git a/crypto/heimdal/lib/roken/tm2time.c b/crypto/heimdal/lib/roken/tm2time.c deleted file mode 100644 index 7bcba8379ca4..000000000000 --- a/crypto/heimdal/lib/roken/tm2time.c +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: tm2time.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#include "roken.h" - -time_t ROKEN_LIB_FUNCTION -tm2time (struct tm tm, int local) -{ - time_t t; - - tm.tm_isdst = local ? -1 : 0; - - t = mktime (&tm); - - if (!local) - t += t - mktime (gmtime (&t)); - return t; -} diff --git a/crypto/heimdal/lib/roken/unsetenv.c b/crypto/heimdal/lib/roken/unsetenv.c deleted file mode 100644 index 54cf7b77dc90..000000000000 --- a/crypto/heimdal/lib/roken/unsetenv.c +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: unsetenv.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include -#include - -#include "roken.h" - -extern char **environ; - -/* - * unsetenv -- - */ -void ROKEN_LIB_FUNCTION -unsetenv(const char *name) -{ - int len; - const char *np; - char **p; - - if (name == 0 || environ == 0) - return; - - for (np = name; *np && *np != '='; np++) - /* nop */; - len = np - name; - - for (p = environ; *p != 0; p++) - if (strncmp(*p, name, len) == 0 && (*p)[len] == '=') - break; - - for (; *p != 0; p++) - *p = *(p + 1); -} - diff --git a/crypto/heimdal/lib/roken/unvis.c b/crypto/heimdal/lib/roken/unvis.c deleted file mode 100644 index 72d5f161b083..000000000000 --- a/crypto/heimdal/lib/roken/unvis.c +++ /dev/null @@ -1,286 +0,0 @@ -/* $NetBSD: unvis.c,v 1.19 2000/01/22 22:19:13 mycroft Exp $ */ - -/*- - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if 1 -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: unvis.c 21005 2007-06-08 01:54:35Z lha $"); -#endif -#include "roken.h" -#ifndef _DIAGASSERT -#define _DIAGASSERT(X) -#endif -#else -#include -#if defined(LIBC_SCCS) && !defined(lint) -#if 0 -static char sccsid[] = "@(#)unvis.c 8.1 (Berkeley) 6/4/93"; -#else -__RCSID("$NetBSD: unvis.c,v 1.19 2000/01/22 22:19:13 mycroft Exp $"); -#endif -#endif /* LIBC_SCCS and not lint */ - -#define __LIBC12_SOURCE__ - -#include "namespace.h" -#endif -#include - -#include -#include -#include -#include - -#if 0 -#ifdef __weak_alias -__weak_alias(strunvis,_strunvis) -__weak_alias(unvis,_unvis) -#endif - -__warn_references(unvis, - "warning: reference to compatibility unvis(); include for correct reference") -#endif - -/* - * decode driven by state machine - */ -#define S_GROUND 0 /* haven't seen escape char */ -#define S_START 1 /* start decoding special sequence */ -#define S_META 2 /* metachar started (M) */ -#define S_META1 3 /* metachar more, regular char (-) */ -#define S_CTRL 4 /* control char started (^) */ -#define S_OCTAL2 5 /* octal digit 2 */ -#define S_OCTAL3 6 /* octal digit 3 */ - -#define isoctal(c) (((u_char)(c)) >= '0' && ((u_char)(c)) <= '7') - -int ROKEN_LIB_FUNCTION - rk_strunvis (char *, const char *); -int ROKEN_LIB_FUNCTION - rk_unvis (char *, int, int *, int); - -/* - * unvis - decode characters previously encoded by vis - */ - -int ROKEN_LIB_FUNCTION -rk_unvis(char *cp, int c, int *astate, int flag) -{ - - _DIAGASSERT(cp != NULL); - _DIAGASSERT(astate != NULL); - - if (flag & UNVIS_END) { - if (*astate == S_OCTAL2 || *astate == S_OCTAL3) { - *astate = S_GROUND; - return (UNVIS_VALID); - } - return (*astate == S_GROUND ? UNVIS_NOCHAR : UNVIS_SYNBAD); - } - - switch (*astate) { - - case S_GROUND: - *cp = 0; - if (c == '\\') { - *astate = S_START; - return (0); - } - *cp = c; - return (UNVIS_VALID); - - case S_START: - switch(c) { - case '\\': - *cp = c; - *astate = S_GROUND; - return (UNVIS_VALID); - case '0': case '1': case '2': case '3': - case '4': case '5': case '6': case '7': - *cp = (c - '0'); - *astate = S_OCTAL2; - return (0); - case 'M': - *cp = (char)0200; - *astate = S_META; - return (0); - case '^': - *astate = S_CTRL; - return (0); - case 'n': - *cp = '\n'; - *astate = S_GROUND; - return (UNVIS_VALID); - case 'r': - *cp = '\r'; - *astate = S_GROUND; - return (UNVIS_VALID); - case 'b': - *cp = '\b'; - *astate = S_GROUND; - return (UNVIS_VALID); - case 'a': - *cp = '\007'; - *astate = S_GROUND; - return (UNVIS_VALID); - case 'v': - *cp = '\v'; - *astate = S_GROUND; - return (UNVIS_VALID); - case 't': - *cp = '\t'; - *astate = S_GROUND; - return (UNVIS_VALID); - case 'f': - *cp = '\f'; - *astate = S_GROUND; - return (UNVIS_VALID); - case 's': - *cp = ' '; - *astate = S_GROUND; - return (UNVIS_VALID); - case 'E': - *cp = '\033'; - *astate = S_GROUND; - return (UNVIS_VALID); - case '\n': - /* - * hidden newline - */ - *astate = S_GROUND; - return (UNVIS_NOCHAR); - case '$': - /* - * hidden marker - */ - *astate = S_GROUND; - return (UNVIS_NOCHAR); - } - *astate = S_GROUND; - return (UNVIS_SYNBAD); - - case S_META: - if (c == '-') - *astate = S_META1; - else if (c == '^') - *astate = S_CTRL; - else { - *astate = S_GROUND; - return (UNVIS_SYNBAD); - } - return (0); - - case S_META1: - *astate = S_GROUND; - *cp |= c; - return (UNVIS_VALID); - - case S_CTRL: - if (c == '?') - *cp |= 0177; - else - *cp |= c & 037; - *astate = S_GROUND; - return (UNVIS_VALID); - - case S_OCTAL2: /* second possible octal digit */ - if (isoctal(c)) { - /* - * yes - and maybe a third - */ - *cp = (*cp << 3) + (c - '0'); - *astate = S_OCTAL3; - return (0); - } - /* - * no - done with current sequence, push back passed char - */ - *astate = S_GROUND; - return (UNVIS_VALIDPUSH); - - case S_OCTAL3: /* third possible octal digit */ - *astate = S_GROUND; - if (isoctal(c)) { - *cp = (*cp << 3) + (c - '0'); - return (UNVIS_VALID); - } - /* - * we were done, push back passed char - */ - return (UNVIS_VALIDPUSH); - - default: - /* - * decoder in unknown state - (probably uninitialized) - */ - *astate = S_GROUND; - return (UNVIS_SYNBAD); - } -} - -/* - * strunvis - decode src into dst - * - * Number of chars decoded into dst is returned, -1 on error. - * Dst is null terminated. - */ - -int ROKEN_LIB_FUNCTION -rk_strunvis(char *dst, const char *src) -{ - char c; - char *start = dst; - int state = 0; - - _DIAGASSERT(src != NULL); - _DIAGASSERT(dst != NULL); - - while ((c = *src++) != '\0') { - again: - switch (rk_unvis(dst, (unsigned char)c, &state, 0)) { - case UNVIS_VALID: - dst++; - break; - case UNVIS_VALIDPUSH: - dst++; - goto again; - case 0: - case UNVIS_NOCHAR: - break; - default: - return (-1); - } - } - if (unvis(dst, (unsigned char)c, &state, UNVIS_END) == UNVIS_VALID) - dst++; - *dst = '\0'; - return (dst - start); -} diff --git a/crypto/heimdal/lib/roken/verify.c b/crypto/heimdal/lib/roken/verify.c deleted file mode 100644 index 54ad814e9827..000000000000 --- a/crypto/heimdal/lib/roken/verify.c +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: verify.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_CRYPT_H -#include -#endif -#include "roken.h" - -int ROKEN_LIB_FUNCTION -unix_verify_user(char *user, char *password) -{ - struct passwd *pw; - - pw = k_getpwnam(user); - if(pw == NULL) - return -1; - if(strlen(pw->pw_passwd) == 0 && strlen(password) == 0) - return 0; - if(strcmp(crypt(password, pw->pw_passwd), pw->pw_passwd) == 0) - return 0; - return -1; -} - diff --git a/crypto/heimdal/lib/roken/verr.c b/crypto/heimdal/lib/roken/verr.c deleted file mode 100644 index 3db3c1c37c09..000000000000 --- a/crypto/heimdal/lib/roken/verr.c +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: verr.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" -#include - -void ROKEN_LIB_FUNCTION -verr(int eval, const char *fmt, va_list ap) -{ - warnerr(1, fmt, ap); - exit(eval); -} diff --git a/crypto/heimdal/lib/roken/verrx.c b/crypto/heimdal/lib/roken/verrx.c deleted file mode 100644 index a3a59d02b130..000000000000 --- a/crypto/heimdal/lib/roken/verrx.c +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: verrx.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" -#include - -void ROKEN_LIB_FUNCTION -verrx(int eval, const char *fmt, va_list ap) -{ - warnerr(0, fmt, ap); - exit(eval); -} diff --git a/crypto/heimdal/lib/roken/vis.c b/crypto/heimdal/lib/roken/vis.c deleted file mode 100644 index 1114223a2974..000000000000 --- a/crypto/heimdal/lib/roken/vis.c +++ /dev/null @@ -1,335 +0,0 @@ -/* $NetBSD: vis.c,v 1.4 2003/08/07 09:15:32 agc Exp $ */ - -/*- - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/*- - * Copyright (c) 1999 The NetBSD Foundation, Inc. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -#if 1 -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: vis.c 21005 2007-06-08 01:54:35Z lha $"); -#endif -#include "roken.h" -#ifndef _DIAGASSERT -#define _DIAGASSERT(X) -#endif -#else -#include -#if !defined(lint) -__RCSID("$NetBSD: vis.c,v 1.4 2003/08/07 09:15:32 agc Exp $"); -#endif /* not lint */ -#endif - -#if 0 -#include "namespace.h" -#endif -#include - -#include -#include -#include -#include -#include -#include - -#if 0 -#ifdef __weak_alias -__weak_alias(strsvis,_strsvis) -__weak_alias(strsvisx,_strsvisx) -__weak_alias(strvis,_strvis) -__weak_alias(strvisx,_strvisx) -__weak_alias(svis,_svis) -__weak_alias(vis,_vis) -#endif -#endif - -#undef BELL -#if defined(__STDC__) -#define BELL '\a' -#else -#define BELL '\007' -#endif - -char ROKEN_LIB_FUNCTION - *rk_vis (char *, int, int, int); -char ROKEN_LIB_FUNCTION - *rk_svis (char *, int, int, int, const char *); -int ROKEN_LIB_FUNCTION - rk_strvis (char *, const char *, int); -int ROKEN_LIB_FUNCTION - rk_strsvis (char *, const char *, int, const char *); -int ROKEN_LIB_FUNCTION - rk_strvisx (char *, const char *, size_t, int); -int ROKEN_LIB_FUNCTION - rk_strsvisx (char *, const char *, size_t, int, const char *); - - -#define isoctal(c) (((u_char)(c)) >= '0' && ((u_char)(c)) <= '7') -#define iswhite(c) (c == ' ' || c == '\t' || c == '\n') -#define issafe(c) (c == '\b' || c == BELL || c == '\r') - -#define MAXEXTRAS 5 - - -#define MAKEEXTRALIST(flag, extra) \ -do { \ - char *pextra = extra; \ - if (flag & VIS_SP) *pextra++ = ' '; \ - if (flag & VIS_TAB) *pextra++ = '\t'; \ - if (flag & VIS_NL) *pextra++ = '\n'; \ - if ((flag & VIS_NOSLASH) == 0) *pextra++ = '\\'; \ - *pextra = '\0'; \ -} while (/*CONSTCOND*/0) - -/* - * This is SVIS, the central macro of vis. - * dst: Pointer to the destination buffer - * c: Character to encode - * flag: Flag word - * nextc: The character following 'c' - * extra: Pointer to the list of extra characters to be - * backslash-protected. - */ -#define SVIS(dst, c, flag, nextc, extra) \ -do { \ - int isextra, isc; \ - isextra = strchr(extra, c) != NULL; \ - if (!isextra && \ - isascii((unsigned char)c) && \ - (isgraph((unsigned char)c) || iswhite(c) || \ - ((flag & VIS_SAFE) && issafe(c)))) { \ - *dst++ = c; \ - break; \ - } \ - isc = 0; \ - if (flag & VIS_CSTYLE) { \ - switch (c) { \ - case '\n': \ - isc = 1; *dst++ = '\\'; *dst++ = 'n'; \ - break; \ - case '\r': \ - isc = 1; *dst++ = '\\'; *dst++ = 'r'; \ - break; \ - case '\b': \ - isc = 1; *dst++ = '\\'; *dst++ = 'b'; \ - break; \ - case BELL: \ - isc = 1; *dst++ = '\\'; *dst++ = 'a'; \ - break; \ - case '\v': \ - isc = 1; *dst++ = '\\'; *dst++ = 'v'; \ - break; \ - case '\t': \ - isc = 1; *dst++ = '\\'; *dst++ = 't'; \ - break; \ - case '\f': \ - isc = 1; *dst++ = '\\'; *dst++ = 'f'; \ - break; \ - case ' ': \ - isc = 1; *dst++ = '\\'; *dst++ = 's'; \ - break; \ - case '\0': \ - isc = 1; *dst++ = '\\'; *dst++ = '0'; \ - if (isoctal(nextc)) { \ - *dst++ = '0'; \ - *dst++ = '0'; \ - } \ - } \ - } \ - if (isc) break; \ - if (isextra || ((c & 0177) == ' ') || (flag & VIS_OCTAL)) { \ - *dst++ = '\\'; \ - *dst++ = (u_char)(((unsigned)(u_char)c >> 6) & 03) + '0'; \ - *dst++ = (u_char)(((unsigned)(u_char)c >> 3) & 07) + '0'; \ - *dst++ = (c & 07) + '0'; \ - } else { \ - if ((flag & VIS_NOSLASH) == 0) *dst++ = '\\'; \ - if (c & 0200) { \ - c &= 0177; *dst++ = 'M'; \ - } \ - if (iscntrl((unsigned char)c)) { \ - *dst++ = '^'; \ - if (c == 0177) \ - *dst++ = '?'; \ - else \ - *dst++ = c + '@'; \ - } else { \ - *dst++ = '-'; *dst++ = c; \ - } \ - } \ -} while (/*CONSTCOND*/0) - - -/* - * svis - visually encode characters, also encoding the characters - * pointed to by `extra' - */ - -char * ROKEN_LIB_FUNCTION -rk_svis(char *dst, int c, int flag, int nextc, const char *extra) -{ - _DIAGASSERT(dst != NULL); - _DIAGASSERT(extra != NULL); - - SVIS(dst, c, flag, nextc, extra); - *dst = '\0'; - return(dst); -} - - -/* - * strsvis, strsvisx - visually encode characters from src into dst - * - * Extra is a pointer to a \0-terminated list of characters to - * be encoded, too. These functions are useful e. g. to - * encode strings in such a way so that they are not interpreted - * by a shell. - * - * Dst must be 4 times the size of src to account for possible - * expansion. The length of dst, not including the trailing NULL, - * is returned. - * - * Strsvisx encodes exactly len bytes from src into dst. - * This is useful for encoding a block of data. - */ - -int ROKEN_LIB_FUNCTION -rk_strsvis(char *dst, const char *src, int flag, const char *extra) -{ - char c; - char *start; - - _DIAGASSERT(dst != NULL); - _DIAGASSERT(src != NULL); - _DIAGASSERT(extra != NULL); - - for (start = dst; (c = *src++) != '\0'; /* empty */) - SVIS(dst, c, flag, *src, extra); - *dst = '\0'; - return (dst - start); -} - - -int ROKEN_LIB_FUNCTION -rk_strsvisx(char *dst, const char *src, size_t len, int flag, const char *extra) -{ - char c; - char *start; - - _DIAGASSERT(dst != NULL); - _DIAGASSERT(src != NULL); - _DIAGASSERT(extra != NULL); - - for (start = dst; len > 0; len--) { - c = *src++; - SVIS(dst, c, flag, len ? *src : '\0', extra); - } - *dst = '\0'; - return (dst - start); -} - - -/* - * vis - visually encode characters - */ -char * ROKEN_LIB_FUNCTION -rk_vis(char *dst, int c, int flag, int nextc) -{ - char extra[MAXEXTRAS]; - - _DIAGASSERT(dst != NULL); - - MAKEEXTRALIST(flag, extra); - SVIS(dst, c, flag, nextc, extra); - *dst = '\0'; - return (dst); -} - - -/* - * strvis, strvisx - visually encode characters from src into dst - * - * Dst must be 4 times the size of src to account for possible - * expansion. The length of dst, not including the trailing NULL, - * is returned. - * - * Strvisx encodes exactly len bytes from src into dst. - * This is useful for encoding a block of data. - */ - -int ROKEN_LIB_FUNCTION -rk_strvis(char *dst, const char *src, int flag) -{ - char extra[MAXEXTRAS]; - - MAKEEXTRALIST(flag, extra); - return (rk_strsvis(dst, src, flag, extra)); -} - - -int ROKEN_LIB_FUNCTION -rk_strvisx(char *dst, const char *src, size_t len, int flag) -{ - char extra[MAXEXTRAS]; - - MAKEEXTRALIST(flag, extra); - return (rk_strsvisx(dst, src, len, flag, extra)); -} diff --git a/crypto/heimdal/lib/roken/vis.h b/crypto/heimdal/lib/roken/vis.h deleted file mode 100644 index 224870b00af1..000000000000 --- a/crypto/heimdal/lib/roken/vis.h +++ /dev/null @@ -1,115 +0,0 @@ -/* $NetBSD: vis.h,v 1.11 1999/11/25 16:55:50 wennmach Exp $ */ -/* $Id: vis.hin 19341 2006-12-15 11:53:09Z lha $ */ - -/*- - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)vis.h 8.1 (Berkeley) 6/2/93 - */ - -#ifndef _VIS_H_ -#define _VIS_H_ - -#ifndef ROKEN_LIB_FUNCTION -#ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall -#else -#define ROKEN_LIB_FUNCTION -#endif -#endif - -/* - * to select alternate encoding format - */ -#define VIS_OCTAL 0x01 /* use octal \ddd format */ -#define VIS_CSTYLE 0x02 /* use \[nrft0..] where appropiate */ - -/* - * to alter set of characters encoded (default is to encode all - * non-graphic except space, tab, and newline). - */ -#define VIS_SP 0x04 /* also encode space */ -#define VIS_TAB 0x08 /* also encode tab */ -#define VIS_NL 0x10 /* also encode newline */ -#define VIS_WHITE (VIS_SP | VIS_TAB | VIS_NL) -#define VIS_SAFE 0x20 /* only encode "unsafe" characters */ - -/* - * other - */ -#define VIS_NOSLASH 0x40 /* inhibit printing '\' */ - -/* - * unvis return codes - */ -#define UNVIS_VALID 1 /* character valid */ -#define UNVIS_VALIDPUSH 2 /* character valid, push back passed char */ -#define UNVIS_NOCHAR 3 /* valid sequence, no character produced */ -#define UNVIS_SYNBAD -1 /* unrecognized escape sequence */ -#define UNVIS_ERROR -2 /* decoder in unknown state (unrecoverable) */ - -/* - * unvis flags - */ -#define UNVIS_END 1 /* no more characters */ - -char ROKEN_LIB_FUNCTION - *rk_vis (char *, int, int, int); -char ROKEN_LIB_FUNCTION - *rk_svis (char *, int, int, int, const char *); -int ROKEN_LIB_FUNCTION - rk_strvis (char *, const char *, int); -int ROKEN_LIB_FUNCTION - rk_strsvis (char *, const char *, int, const char *); -int ROKEN_LIB_FUNCTION - rk_strvisx (char *, const char *, size_t, int); -int ROKEN_LIB_FUNCTION - rk_strsvisx (char *, const char *, size_t, int, const char *); -int ROKEN_LIB_FUNCTION - rk_strunvis (char *, const char *); -int ROKEN_LIB_FUNCTION - rk_unvis (char *, int, int *, int); - -#undef vis -#define vis(a,b,c,d) rk_vis(a,b,c,d) -#undef svis -#define svis(a,b,c,d,e) rk_svis(a,b,c,d,e) -#undef strvis -#define strvis(a,b,c) rk_strvis(a,b,c) -#undef strsvis -#define strsvis(a,b,c,d) rk_strsvis(a,b,c,d) -#undef strvisx -#define strvisx(a,b,c,d) rk_strvisx(a,b,c,d) -#undef strsvisx -#define strsvisx(a,b,c,d,e) rk_strsvisx(a,b,c,d,e) -#undef strunvis -#define strunvis(a,b) rk_strunvis(a,b) -#undef unvis -#define unvis(a,b,c,d) rk_unvis(a,b,c,d) - -#endif /* !_VIS_H_ */ diff --git a/crypto/heimdal/lib/roken/vis.hin b/crypto/heimdal/lib/roken/vis.hin deleted file mode 100644 index 224870b00af1..000000000000 --- a/crypto/heimdal/lib/roken/vis.hin +++ /dev/null @@ -1,115 +0,0 @@ -/* $NetBSD: vis.h,v 1.11 1999/11/25 16:55:50 wennmach Exp $ */ -/* $Id: vis.hin 19341 2006-12-15 11:53:09Z lha $ */ - -/*- - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)vis.h 8.1 (Berkeley) 6/2/93 - */ - -#ifndef _VIS_H_ -#define _VIS_H_ - -#ifndef ROKEN_LIB_FUNCTION -#ifdef _WIN32 -#define ROKEN_LIB_FUNCTION _stdcall -#else -#define ROKEN_LIB_FUNCTION -#endif -#endif - -/* - * to select alternate encoding format - */ -#define VIS_OCTAL 0x01 /* use octal \ddd format */ -#define VIS_CSTYLE 0x02 /* use \[nrft0..] where appropiate */ - -/* - * to alter set of characters encoded (default is to encode all - * non-graphic except space, tab, and newline). - */ -#define VIS_SP 0x04 /* also encode space */ -#define VIS_TAB 0x08 /* also encode tab */ -#define VIS_NL 0x10 /* also encode newline */ -#define VIS_WHITE (VIS_SP | VIS_TAB | VIS_NL) -#define VIS_SAFE 0x20 /* only encode "unsafe" characters */ - -/* - * other - */ -#define VIS_NOSLASH 0x40 /* inhibit printing '\' */ - -/* - * unvis return codes - */ -#define UNVIS_VALID 1 /* character valid */ -#define UNVIS_VALIDPUSH 2 /* character valid, push back passed char */ -#define UNVIS_NOCHAR 3 /* valid sequence, no character produced */ -#define UNVIS_SYNBAD -1 /* unrecognized escape sequence */ -#define UNVIS_ERROR -2 /* decoder in unknown state (unrecoverable) */ - -/* - * unvis flags - */ -#define UNVIS_END 1 /* no more characters */ - -char ROKEN_LIB_FUNCTION - *rk_vis (char *, int, int, int); -char ROKEN_LIB_FUNCTION - *rk_svis (char *, int, int, int, const char *); -int ROKEN_LIB_FUNCTION - rk_strvis (char *, const char *, int); -int ROKEN_LIB_FUNCTION - rk_strsvis (char *, const char *, int, const char *); -int ROKEN_LIB_FUNCTION - rk_strvisx (char *, const char *, size_t, int); -int ROKEN_LIB_FUNCTION - rk_strsvisx (char *, const char *, size_t, int, const char *); -int ROKEN_LIB_FUNCTION - rk_strunvis (char *, const char *); -int ROKEN_LIB_FUNCTION - rk_unvis (char *, int, int *, int); - -#undef vis -#define vis(a,b,c,d) rk_vis(a,b,c,d) -#undef svis -#define svis(a,b,c,d,e) rk_svis(a,b,c,d,e) -#undef strvis -#define strvis(a,b,c) rk_strvis(a,b,c) -#undef strsvis -#define strsvis(a,b,c,d) rk_strsvis(a,b,c,d) -#undef strvisx -#define strvisx(a,b,c,d) rk_strvisx(a,b,c,d) -#undef strsvisx -#define strsvisx(a,b,c,d,e) rk_strsvisx(a,b,c,d,e) -#undef strunvis -#define strunvis(a,b) rk_strunvis(a,b) -#undef unvis -#define unvis(a,b,c,d) rk_unvis(a,b,c,d) - -#endif /* !_VIS_H_ */ diff --git a/crypto/heimdal/lib/roken/vsyslog.c b/crypto/heimdal/lib/roken/vsyslog.c deleted file mode 100644 index 690eb7dc075a..000000000000 --- a/crypto/heimdal/lib/roken/vsyslog.c +++ /dev/null @@ -1,115 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: vsyslog.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#ifndef HAVE_VSYSLOG - -#include -#include -#include - -#include "roken.h" - -/* - * the theory behind this is that we might be trying to call vsyslog - * when there's no memory left, and we should try to be as useful as - * possible. And the format string should say something about what's - * failing. - */ - -static void -simple_vsyslog(int pri, const char *fmt, va_list ap) -{ - syslog (pri, "%s", fmt); -} - -/* - * do like syslog but with a `va_list' - */ - -void ROKEN_LIB_FUNCTION -vsyslog(int pri, const char *fmt, va_list ap) -{ - char *fmt2; - const char *p; - char *p2; - int saved_errno = errno; - int fmt_len = strlen (fmt); - int fmt2_len = fmt_len; - char *buf; - - fmt2 = malloc (fmt_len + 1); - if (fmt2 == NULL) { - simple_vsyslog (pri, fmt, ap); - return; - } - - for (p = fmt, p2 = fmt2; *p != '\0'; ++p) { - if (p[0] == '%' && p[1] == 'm') { - const char *e = strerror (saved_errno); - int e_len = strlen (e); - char *tmp; - int pos; - - pos = p2 - fmt2; - fmt2_len += e_len - 2; - tmp = realloc (fmt2, fmt2_len + 1); - if (tmp == NULL) { - free (fmt2); - simple_vsyslog (pri, fmt, ap); - return; - } - fmt2 = tmp; - p2 = fmt2 + pos; - memmove (p2, e, e_len); - p2 += e_len; - ++p; - } else - *p2++ = *p; - } - *p2 = '\0'; - - vasprintf (&buf, fmt2, ap); - free (fmt2); - if (buf == NULL) { - simple_vsyslog (pri, fmt, ap); - return; - } - syslog (pri, "%s", buf); - free (buf); -} -#endif diff --git a/crypto/heimdal/lib/roken/vwarn.c b/crypto/heimdal/lib/roken/vwarn.c deleted file mode 100644 index c25ca629ca22..000000000000 --- a/crypto/heimdal/lib/roken/vwarn.c +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: vwarn.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" -#include - -void ROKEN_LIB_FUNCTION -vwarn(const char *fmt, va_list ap) -{ - warnerr(1, fmt, ap); -} diff --git a/crypto/heimdal/lib/roken/vwarnx.c b/crypto/heimdal/lib/roken/vwarnx.c deleted file mode 100644 index e35c0deb09b8..000000000000 --- a/crypto/heimdal/lib/roken/vwarnx.c +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: vwarnx.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" -#include - -void ROKEN_LIB_FUNCTION -vwarnx(const char *fmt, va_list ap) -{ - warnerr(0, fmt, ap); -} - diff --git a/crypto/heimdal/lib/roken/warn.c b/crypto/heimdal/lib/roken/warn.c deleted file mode 100644 index 0924880e4cb6..000000000000 --- a/crypto/heimdal/lib/roken/warn.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: warn.c 7463 1999-12-02 16:58:55Z joda $"); -#endif - -#include "err.h" - -void -warn(const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - vwarn(fmt, ap); - va_end(ap); -} diff --git a/crypto/heimdal/lib/roken/warnerr.c b/crypto/heimdal/lib/roken/warnerr.c deleted file mode 100644 index 6dee466bc670..000000000000 --- a/crypto/heimdal/lib/roken/warnerr.c +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: warnerr.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" -#include "err.h" - -void ROKEN_LIB_FUNCTION -warnerr(int doerrno, const char *fmt, va_list ap) -{ - int sverrno = errno; - const char *progname = getprogname(); - - if(progname != NULL){ - fprintf(stderr, "%s", progname); - if(fmt != NULL || doerrno) - fprintf(stderr, ": "); - } - if (fmt != NULL){ - vfprintf(stderr, fmt, ap); - if(doerrno) - fprintf(stderr, ": "); - } - if(doerrno) - fprintf(stderr, "%s", strerror(sverrno)); - fprintf(stderr, "\n"); -} diff --git a/crypto/heimdal/lib/roken/warnx.c b/crypto/heimdal/lib/roken/warnx.c deleted file mode 100644 index 7e1de7acc1b6..000000000000 --- a/crypto/heimdal/lib/roken/warnx.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: warnx.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "err.h" - -void ROKEN_LIB_FUNCTION -warnx(const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - vwarnx(fmt, ap); - va_end(ap); -} diff --git a/crypto/heimdal/lib/roken/write_pid.c b/crypto/heimdal/lib/roken/write_pid.c deleted file mode 100644 index edadf5ceb33e..000000000000 --- a/crypto/heimdal/lib/roken/write_pid.c +++ /dev/null @@ -1,99 +0,0 @@ -/* - * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: write_pid.c 21005 2007-06-08 01:54:35Z lha $"); -#endif - -#include -#include -#include -#include "roken.h" - -#include "roken.h" - -char * ROKEN_LIB_FUNCTION -pid_file_write (const char *progname) -{ - FILE *fp; - char *ret; - - asprintf (&ret, "%s%s.pid", _PATH_VARRUN, progname); - if (ret == NULL) - return NULL; - fp = fopen (ret, "w"); - if (fp == NULL) { - free (ret); - return NULL; - } - fprintf (fp, "%u", (unsigned)getpid()); - fclose (fp); - return ret; -} - -void ROKEN_LIB_FUNCTION -pid_file_delete (char **filename) -{ - if (*filename != NULL) { - unlink (*filename); - free (*filename); - *filename = NULL; - } -} - -#ifndef HAVE_PIDFILE -static char *pidfile_path; - -static void -pidfile_cleanup(void) -{ - if(pidfile_path != NULL) - pid_file_delete(&pidfile_path); -} - -void -pidfile(const char *basename) -{ - if(pidfile_path != NULL) - return; - if(basename == NULL) - basename = getprogname(); - pidfile_path = pid_file_write(basename); -#if defined(HAVE_ATEXIT) - atexit(pidfile_cleanup); -#elif defined(HAVE_ON_EXIT) - on_exit(pidfile_cleanup); -#endif -} -#endif diff --git a/crypto/heimdal/lib/roken/writev.c b/crypto/heimdal/lib/roken/writev.c deleted file mode 100644 index 2500e6d28f0d..000000000000 --- a/crypto/heimdal/lib/roken/writev.c +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: writev.c 14773 2005-04-12 11:29:18Z lha $"); -#endif - -#include "roken.h" - -ssize_t ROKEN_LIB_FUNCTION -writev(int d, const struct iovec *iov, int iovcnt) -{ - ssize_t ret; - size_t tot = 0; - int i; - char *buf, *p; - - for(i = 0; i < iovcnt; ++i) - tot += iov[i].iov_len; - buf = malloc(tot); - if (tot != 0 && buf == NULL) { - errno = ENOMEM; - return -1; - } - p = buf; - for (i = 0; i < iovcnt; ++i) { - memcpy (p, iov[i].iov_base, iov[i].iov_len); - p += iov[i].iov_len; - } - ret = write (d, buf, tot); - free (buf); - return ret; -} diff --git a/crypto/heimdal/lib/roken/xdbm.h b/crypto/heimdal/lib/roken/xdbm.h deleted file mode 100644 index 618e074d1e66..000000000000 --- a/crypto/heimdal/lib/roken/xdbm.h +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 1995 - 2002 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: xdbm.h 10986 2002-05-17 16:02:22Z joda $ */ - -/* Generic *dbm include file */ - -#ifndef __XDBM_H__ -#define __XDBM_H__ - -#if HAVE_DB_NDBM -#define DB_DBM_HSEARCH 1 -#include -#elif HAVE_NDBM -#if defined(HAVE_GDBM_NDBM_H) -#include -#elif defined(HAVE_NDBM_H) -#include -#endif -#endif /* HAVE_NDBM */ - -#endif /* __XDBM_H__ */ diff --git a/crypto/heimdal/lib/sl/ChangeLog b/crypto/heimdal/lib/sl/ChangeLog deleted file mode 100644 index 3937232b063c..000000000000 --- a/crypto/heimdal/lib/sl/ChangeLog +++ /dev/null @@ -1,325 +0,0 @@ -2007-07-17 Love Hörnquist Åstrand - - * Makefile.am: roken_rename.h is a dist_ source k - - * Makefile.am: split source files in dist and nodist. - -2007-07-10 Love Hörnquist Åstrand - - * Makefile.am: New library version. - -2007-06-18 Love Hörnquist Åstrand - - * sl.c: make compile. - - * sl.c: Pass in pointer to strlen(). - - * sl.c (sl_make_argv): use memmove since we are dealing with - overlapping strings. - -2007-06-09 Love Hörnquist Åstrand - - * Makefile.am: don't clean yacc/lex files in CLEANFILES, - maintainers clean will do that for us. - -2007-06-01 Love Hörnquist Åstrand - - * slc-gram.y (main): also fclose yyin. - -2007-04-20 Love Hörnquist Åstrand - - * Makefile.am: Add dependency on slc-gram.h for slc-lex.c, breaks - in disttree with make -j - -2006-12-29 Love Hörnquist Åstrand - - * test_sl.c: Fix caseing for case-sensitive filesystems - -2006-12-27 Love Hörnquist Åstrand - - * test_sl.c: catch test that should fail but didn't - - * test_sl.c: Test more quoting variants. - - * sl_locl.h: Include . - - * test_sl.c: test sl_make_argv - - * sl.c (sl_make_argv): Add quoting support (both "" and \ style). - -2006-12-05 Love Hörnquist Åstrand - - * sl.c: Use strcspn to remove \n from fgets result. Prompted by - change by Ray Lai of OpenBSD via Björn Sandell. - -2006-10-19 Love Hörnquist Åstrand - - * Makefile.am (ES): add roken_rename.h - -2006-08-30 Love Hörnquist Åstrand - - * sl.c (sl_slc_help): remove return - -2006-08-28 Love Hörnquist Åstrand - - * sl.h: Add sl_slc_help. - - * sl.c: Add sl_slc_help. - -2005-07-27 Love Hörnquist Åstrand - - * slc-gram.y (gen_wrapper): use the generated version of name for - function, if no function is is used, also use the generated name - for the structure name. - -2005-06-16 Love Hörnquist Åstrand - - * slc-gram.y: fix a merge error - - * slc-gram.y: rename optind to optidx, rename variables to avoid - shadowing - - * make_cmds.c: rename optind to optidx, move variable define to - avoid shadowing - - * ss.c: rename index to idx - - * sl.c: use rk_UNCONST to un-constify - -2005-05-10 Dave Love - - * slc-lex.l: Include . - -2005-05-09 Love Hörnquist Åstrand - - * sl.c (sl_command_loop): new return code -2 for EOF - (sl_loop): treat all return value from sl_command_loop >= 0 as ok, and - continue. - -2005-04-29 Dave Love - - * Makefile.am (LDADD): Add libsl.la. - -2005-04-19 Love Hörnquist Åstrand - - * slc-gram.y: include since defines _GNU_SOURCE if - needed, avoid asprintf warning - -2005-01-21 Dave Love - - * slc-gram.y: include - -2005-01-09 Love Hörnquist Åstrand - - * slc-gram.y: cast argument to isalnum to unsigned char - -2004-09-22 Johan Danielsson - - * slc-gram.y: add support for "strings" and "negative-flag" types, - plus some usability tweaks and bug fixes - -2004-07-05 Johan Danielsson - - * slc-gram.y: add min_args/max_args checking - -2004-06-21 Love Hörnquist Åstrand - - * slc-gram.y: pull in and to avoid warnings - -2004-03-02 Love Hörnquist Åstrand - - * sl.h: make it possible to use libsl from c++ - From: Mattias Amnefelt - -2002-05-19 Johan Danielsson - - * Makefile.am: just link mk_cmds against libsl; avoids libtool - problem - -2001-07-09 Assar Westerlund - - * Makefile.am: add getprogname.c libss.la:add libcom_err.la noted - by Leif Johansson - -2001-05-17 Assar Westerlund - - * Makefile.am: bump versions to 1:2:1 and 1:4:1 - -2001-05-06 Assar Westerlund - - * roken_rename.h (strdup): add - -2001-03-06 Assar Westerlund - - * Makefile.am: re do the roken-renaming properly - -2001-02-13 Assar Westerlund - - * Makefile.am: add more functions to rename - -2001-01-26 Johan Danielsson - - * sl.h: proto - - * sl.c (sl_command_loop): try to handle user pressing C-c - -2000-12-11 Assar Westerlund - - * Makefile.am (libss_la_LDFLAGS): bump version to 1:2:1 - -2000-08-19 Assar Westerlund - - * Makefile.am: add dependencies for libss/libsl shared libraries - -2000-07-25 Johan Danielsson - - * Makefile.am: bump ss version to 1:1:1 - -2000-06-27 Assar Westerlund - - * parse.y (yyerror): static-ize - * make_cmds.h (error_message, yylex): add prototypes - * lex.l: fix prototypes and kill warnings - -2000-05-24 Assar Westerlund - - * ss.h (SS_ET_COMMAND_NOT_FOUND): add - * ss.c: check allocation and return some other error codes too - -2000-04-29 Assar Westerlund - - * Makefile.in: add LIB_tgetent. From Derrick J Brashear - - -2000-04-03 Assar Westerlund - - * Makefile.am: set version to 1:0:1 - -2000-03-07 Assar Westerlund - - * sl.h (SL_BADCOMMAND): define - (sl_apropos): add prototype - - * sl.c: mandoc-generation - (sl_apropos): stolen from arla - -2000-01-06 Assar Westerlund - - * Makefile.am: bump both versions to 0:1:0 - -1999-12-16 Assar Westerlund - - * parse.y (name2number): not used here. remove. - -Thu Apr 1 17:03:59 1999 Johan Danielsson - - * make_cmds.c: use getarg - -Tue Mar 23 14:36:21 1999 Johan Danielsson - - * Makefile.am: don't rename - -Sun Mar 21 14:13:29 1999 Johan Danielsson - - * Makefile.am: don't roken-rename - -Sat Mar 20 03:43:30 1999 Assar Westerlund - - * parse.y: replace return with YYACCEPT - -Fri Mar 19 14:53:20 1999 Johan Danielsson - - * Makefile.am: add libss; add version-info - -Thu Mar 18 15:07:06 1999 Johan Danielsson - - * Makefile.am: clean lex.c parse.c parse.h - - * Makefile.am: install ss.h - - * Makefile.am: include Makefile.am.common - -Thu Mar 11 15:01:01 1999 Johan Danielsson - - * parse.y: prototype for error_message - -Tue Feb 9 23:45:37 1999 Johan Danielsson - - * Makefile.in: add snprintf.o to make_cmds - -Sun Nov 22 10:46:23 1998 Assar Westerlund - - * sl.c (sl_command_loop): remove unused variable - - * ss.c (ss_error): remove unused variable - - * make_cmds.c: include err.h - (main): remove unused variable - - * Makefile.in (WFLAGS): set - -Sun Sep 27 01:28:21 1998 Assar Westerlund - - * make_cmds.c: clean-up and simplification - -Mon May 25 02:54:13 1998 Assar Westerlund - - * Makefile.in (clean): try to remove shared library debris - - * Makefile.in: make symlink magic work - -Sun Apr 19 10:00:26 1998 Assar Westerlund - - * Makefile.in: add symlink magic for linux - -Sun Apr 5 09:21:43 1998 Assar Westerlund - - * parse.y: define alloca to malloc in case we're using bison but - don't have alloca - -Sat Mar 28 11:39:00 1998 Assar Westerlund - - * sl.c (sl_loop): s/2/1 - -Sat Mar 21 00:46:51 1998 Johan Danielsson - - * sl.c (sl_loop): check that there is at least one argument before - calling sl_command - -Sun Mar 1 05:14:37 1998 Johan Danielsson - - * sl.c (sl_loop): Fix general broken-ness. - - * sl.c: Cleanup printing of help strings. - -Thu Feb 26 02:22:02 1998 Assar Westerlund - - * Makefile.am: @LEXLIB@ - -Sat Feb 21 15:18:21 1998 assar westerlund - - * Makefile.in: set YACC and LEX - -Mon Feb 16 16:08:25 1998 Johan Danielsson - - * Makefile.am: Some fixes for ss/mk_cmds. - -Sun Feb 15 05:12:11 1998 Johan Danielsson - - * Makefile.in: Install libsl under the `libss' name too. Install - mk_cmds, and ss.h. - - * make_cmds.c: A mk_cmds clone that creates SL structures. - - * ss.c: SS compatibility functions. - - * sl.c: Move command line split to function `sl_make_argv'. - -Tue Feb 3 16:45:44 1998 Johan Danielsson - - * sl.c: Add sl_command_loop, that is the loop body of sl_loop. - -Mon Oct 20 01:13:21 1997 Assar Westerlund - - * sl.c (sl_help): actually use the `help' field of `SL_cmd' - diff --git a/crypto/heimdal/lib/sl/Makefile.am b/crypto/heimdal/lib/sl/Makefile.am deleted file mode 100644 index 9c1b2dcebfab..000000000000 --- a/crypto/heimdal/lib/sl/Makefile.am +++ /dev/null @@ -1,63 +0,0 @@ -# $Id: Makefile.am 21625 2007-07-17 07:48:26Z lha $ - -include $(top_srcdir)/Makefile.am.common - -if do_roken_rename -ES = strtok_r.c snprintf.c strdup.c strupr.c getprogname.c -endif - -AM_CPPFLAGS += $(ROKEN_RENAME) - -YFLAGS = -d - -include_HEADERS = sl.h - -lib_LTLIBRARIES = libsl.la libss.la -libsl_la_LDFLAGS = -version-info 2:1:2 -libss_la_LDFLAGS = -version-info 1:6:1 - -libsl_la_LIBADD = @LIB_readline@ -libss_la_LIBADD = @LIB_readline@ @LIB_com_err@ - -dist_libsl_la_SOURCES = sl_locl.h sl.c roken_rename.h -nodist_libsl_la_SOURCES = $(ES) -dist_libss_la_SOURCES = $(dist_libsl_la_SOURCES) ss.c ss.h -nodist_libss_la_SOURCES = $(ES) - -TESTS = test_sl -check_PROGRAMS = $(TESTS) - -# install these? - -bin_PROGRAMS = mk_cmds -noinst_PROGRAMS = slc - -mk_cmds_SOURCES = make_cmds.c make_cmds.h parse.y lex.l -mk_cmds_LDADD = libsl.la $(LDADD) - -slc_SOURCES = slc-gram.y slc-lex.l slc.h - -ssincludedir = $(includedir)/ss -ssinclude_HEADERS = ss.h - -CLEANFILES = snprintf.c strtok_r.c strdup.c strupr.c getprogname.c - -$(mk_cmds_OBJECTS): parse.h parse.c - -LDADD = \ - libsl.la \ - $(LIB_roken) \ - $(LEXLIB) - -strtok_r.c: - $(LN_S) $(srcdir)/../roken/strtok_r.c . -snprintf.c: - $(LN_S) $(srcdir)/../roken/snprintf.c . -strdup.c: - $(LN_S) $(srcdir)/../roken/strdup.c . -strupr.c: - $(LN_S) $(srcdir)/../roken/strupr.c . -getprogname.c: - $(LN_S) $(srcdir)/../roken/getprogname.c . - -slc-lex.c: slc-gram.h diff --git a/crypto/heimdal/lib/sl/Makefile.in b/crypto/heimdal/lib/sl/Makefile.in deleted file mode 100644 index 0814375a7b9e..000000000000 --- a/crypto/heimdal/lib/sl/Makefile.in +++ /dev/null @@ -1,1064 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 21625 2007-07-17 07:48:26Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - - - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(include_HEADERS) $(srcdir)/Makefile.am \ - $(srcdir)/Makefile.in $(ssinclude_HEADERS) \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog lex.c parse.c \ - parse.h slc-gram.c slc-gram.h slc-lex.c -TESTS = test_sl$(EXEEXT) -check_PROGRAMS = $(am__EXEEXT_1) -bin_PROGRAMS = mk_cmds$(EXEEXT) -noinst_PROGRAMS = slc$(EXEEXT) -subdir = lib/sl -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" \ - "$(DESTDIR)$(includedir)" "$(DESTDIR)$(ssincludedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) -LTLIBRARIES = $(lib_LTLIBRARIES) -libsl_la_DEPENDENCIES = -dist_libsl_la_OBJECTS = sl.lo -@do_roken_rename_TRUE@am__objects_1 = strtok_r.lo snprintf.lo \ -@do_roken_rename_TRUE@ strdup.lo strupr.lo getprogname.lo -nodist_libsl_la_OBJECTS = $(am__objects_1) -libsl_la_OBJECTS = $(dist_libsl_la_OBJECTS) $(nodist_libsl_la_OBJECTS) -libsl_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(libsl_la_LDFLAGS) \ - $(LDFLAGS) -o $@ -libss_la_DEPENDENCIES = -am__objects_2 = sl.lo -dist_libss_la_OBJECTS = $(am__objects_2) ss.lo -nodist_libss_la_OBJECTS = $(am__objects_1) -libss_la_OBJECTS = $(dist_libss_la_OBJECTS) $(nodist_libss_la_OBJECTS) -libss_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(libss_la_LDFLAGS) \ - $(LDFLAGS) -o $@ -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) -am__EXEEXT_1 = test_sl$(EXEEXT) -PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS) -am_mk_cmds_OBJECTS = make_cmds.$(OBJEXT) parse.$(OBJEXT) lex.$(OBJEXT) -mk_cmds_OBJECTS = $(am_mk_cmds_OBJECTS) -am__DEPENDENCIES_1 = -am__DEPENDENCIES_2 = libsl.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -mk_cmds_DEPENDENCIES = libsl.la $(am__DEPENDENCIES_2) -am_slc_OBJECTS = slc-gram.$(OBJEXT) slc-lex.$(OBJEXT) -slc_OBJECTS = $(am_slc_OBJECTS) -slc_LDADD = $(LDADD) -slc_DEPENDENCIES = libsl.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -test_sl_SOURCES = test_sl.c -test_sl_OBJECTS = test_sl.$(OBJEXT) -test_sl_LDADD = $(LDADD) -test_sl_DEPENDENCIES = libsl.la $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -@MAINTAINER_MODE_FALSE@am__skiplex = test -f $@ || -LEXCOMPILE = $(LEX) $(LFLAGS) $(AM_LFLAGS) -LTLEXCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(LEX) $(LFLAGS) $(AM_LFLAGS) -YLWRAP = $(top_srcdir)/ylwrap -@MAINTAINER_MODE_FALSE@am__skipyacc = test -f $@ || -YACCCOMPILE = $(YACC) $(YFLAGS) $(AM_YFLAGS) -LTYACCCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(YACC) $(YFLAGS) $(AM_YFLAGS) -SOURCES = $(dist_libsl_la_SOURCES) $(nodist_libsl_la_SOURCES) \ - $(dist_libss_la_SOURCES) $(nodist_libss_la_SOURCES) \ - $(mk_cmds_SOURCES) $(slc_SOURCES) test_sl.c -DIST_SOURCES = $(dist_libsl_la_SOURCES) $(dist_libss_la_SOURCES) \ - $(mk_cmds_SOURCES) $(slc_SOURCES) test_sl.c -includeHEADERS_INSTALL = $(INSTALL_HEADER) -ssincludeHEADERS_INSTALL = $(INSTALL_HEADER) -HEADERS = $(include_HEADERS) $(ssinclude_HEADERS) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = -d -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) \ - $(ROKEN_RENAME) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -@do_roken_rename_TRUE@ES = strtok_r.c snprintf.c strdup.c strupr.c getprogname.c -include_HEADERS = sl.h -lib_LTLIBRARIES = libsl.la libss.la -libsl_la_LDFLAGS = -version-info 2:1:2 -libss_la_LDFLAGS = -version-info 1:6:1 -libsl_la_LIBADD = @LIB_readline@ -libss_la_LIBADD = @LIB_readline@ @LIB_com_err@ -dist_libsl_la_SOURCES = sl_locl.h sl.c roken_rename.h -nodist_libsl_la_SOURCES = $(ES) -dist_libss_la_SOURCES = $(dist_libsl_la_SOURCES) ss.c ss.h -nodist_libss_la_SOURCES = $(ES) -mk_cmds_SOURCES = make_cmds.c make_cmds.h parse.y lex.l -mk_cmds_LDADD = libsl.la $(LDADD) -slc_SOURCES = slc-gram.y slc-lex.l slc.h -ssincludedir = $(includedir)/ss -ssinclude_HEADERS = ss.h -CLEANFILES = snprintf.c strtok_r.c strdup.c strupr.c getprogname.c -LDADD = \ - libsl.la \ - $(LIB_roken) \ - $(LEXLIB) - -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .l .lo .o .obj .y -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/sl/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/sl/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-libLTLIBRARIES: $(lib_LTLIBRARIES) - @$(NORMAL_INSTALL) - test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ - else :; fi; \ - done - -uninstall-libLTLIBRARIES: - @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ - done - -clean-libLTLIBRARIES: - -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done -libsl.la: $(libsl_la_OBJECTS) $(libsl_la_DEPENDENCIES) - $(libsl_la_LINK) -rpath $(libdir) $(libsl_la_OBJECTS) $(libsl_la_LIBADD) $(LIBS) -libss.la: $(libss_la_OBJECTS) $(libss_la_DEPENDENCIES) - $(libss_la_LINK) -rpath $(libdir) $(libss_la_OBJECTS) $(libss_la_LIBADD) $(LIBS) -install-binPROGRAMS: $(bin_PROGRAMS) - @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done - -uninstall-binPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done - -clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done - -clean-checkPROGRAMS: - @list='$(check_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done - -clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -parse.h: parse.c - @if test ! -f $@; then \ - rm -f parse.c; \ - $(MAKE) $(AM_MAKEFLAGS) parse.c; \ - else :; fi -mk_cmds$(EXEEXT): $(mk_cmds_OBJECTS) $(mk_cmds_DEPENDENCIES) - @rm -f mk_cmds$(EXEEXT) - $(LINK) $(mk_cmds_OBJECTS) $(mk_cmds_LDADD) $(LIBS) -slc-gram.h: slc-gram.c - @if test ! -f $@; then \ - rm -f slc-gram.c; \ - $(MAKE) $(AM_MAKEFLAGS) slc-gram.c; \ - else :; fi -slc$(EXEEXT): $(slc_OBJECTS) $(slc_DEPENDENCIES) - @rm -f slc$(EXEEXT) - $(LINK) $(slc_OBJECTS) $(slc_LDADD) $(LIBS) -test_sl$(EXEEXT): $(test_sl_OBJECTS) $(test_sl_DEPENDENCIES) - @rm -f test_sl$(EXEEXT) - $(LINK) $(test_sl_OBJECTS) $(test_sl_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -.l.c: - $(am__skiplex) $(SHELL) $(YLWRAP) $< $(LEX_OUTPUT_ROOT).c $@ -- $(LEXCOMPILE) - -.y.c: - $(am__skipyacc) $(SHELL) $(YLWRAP) $< y.tab.c $@ y.tab.h $*.h y.output $*.output -- $(YACCCOMPILE) - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-includeHEADERS: $(include_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ - done - -uninstall-includeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done -install-ssincludeHEADERS: $(ssinclude_HEADERS) - @$(NORMAL_INSTALL) - test -z "$(ssincludedir)" || $(MKDIR_P) "$(DESTDIR)$(ssincludedir)" - @list='$(ssinclude_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(ssincludeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(ssincludedir)/$$f'"; \ - $(ssincludeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(ssincludedir)/$$f"; \ - done - -uninstall-ssincludeHEADERS: - @$(NORMAL_UNINSTALL) - @list='$(ssinclude_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(ssincludedir)/$$f'"; \ - rm -f "$(DESTDIR)$(ssincludedir)/$$f"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ - srcdir=$(srcdir); export srcdir; \ - list=' $(TESTS) '; \ - if test -n "$$list"; then \ - for tst in $$list; do \ - if test -f ./$$tst; then dir=./; \ - elif test -f $$tst; then dir=; \ - else dir="$(srcdir)/"; fi; \ - if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xpass=`expr $$xpass + 1`; \ - failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ - ;; \ - *) \ - echo "PASS: $$tst"; \ - ;; \ - esac; \ - elif test $$? -ne 77; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ - ;; \ - *) \ - failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ - ;; \ - esac; \ - else \ - skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ - fi; \ - else \ - if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ - else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ - fi; \ - fi; \ - dashes="$$banner"; \ - skipped=""; \ - if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ - test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$skipped"; \ - fi; \ - report=""; \ - if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ - report="Please report to $(PACKAGE_BUGREPORT)"; \ - test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$report"; \ - fi; \ - dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - test -z "$$skipped" || echo "$$skipped"; \ - test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0; \ - else :; fi - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) - $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local -check: check-am -all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local -install-binPROGRAMS: install-libLTLIBRARIES - -installdirs: - for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(includedir)" "$(DESTDIR)$(ssincludedir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." - -rm -f lex.c - -rm -f parse.c - -rm -f parse.h - -rm -f slc-gram.c - -rm -f slc-gram.h - -rm -f slc-lex.c -clean: clean-am - -clean-am: clean-binPROGRAMS clean-checkPROGRAMS clean-generic \ - clean-libLTLIBRARIES clean-libtool clean-noinstPROGRAMS \ - mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-includeHEADERS install-ssincludeHEADERS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-binPROGRAMS install-libLTLIBRARIES - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-binPROGRAMS uninstall-includeHEADERS \ - uninstall-libLTLIBRARIES uninstall-ssincludeHEADERS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \ - check-local clean clean-binPROGRAMS clean-checkPROGRAMS \ - clean-generic clean-libLTLIBRARIES clean-libtool \ - clean-noinstPROGRAMS ctags dist-hook distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-binPROGRAMS install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-includeHEADERS install-info \ - install-info-am install-libLTLIBRARIES install-man install-pdf \ - install-pdf-am install-ps install-ps-am \ - install-ssincludeHEADERS install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-binPROGRAMS \ - uninstall-hook uninstall-includeHEADERS \ - uninstall-libLTLIBRARIES uninstall-ssincludeHEADERS - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -$(mk_cmds_OBJECTS): parse.h parse.c - -strtok_r.c: - $(LN_S) $(srcdir)/../roken/strtok_r.c . -snprintf.c: - $(LN_S) $(srcdir)/../roken/snprintf.c . -strdup.c: - $(LN_S) $(srcdir)/../roken/strdup.c . -strupr.c: - $(LN_S) $(srcdir)/../roken/strupr.c . -getprogname.c: - $(LN_S) $(srcdir)/../roken/getprogname.c . - -slc-lex.c: slc-gram.h -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/lib/sl/lex.c b/crypto/heimdal/lib/sl/lex.c deleted file mode 100644 index 57e6a7c4de90..000000000000 --- a/crypto/heimdal/lib/sl/lex.c +++ /dev/null @@ -1,1880 +0,0 @@ - -#line 3 "lex.c" - -#define YY_INT_ALIGNED short int - -/* A lexical scanner generated by flex */ - -#define FLEX_SCANNER -#define YY_FLEX_MAJOR_VERSION 2 -#define YY_FLEX_MINOR_VERSION 5 -#define YY_FLEX_SUBMINOR_VERSION 33 -#if YY_FLEX_SUBMINOR_VERSION > 0 -#define FLEX_BETA -#endif - -/* First, we deal with platform-specific or compiler-specific issues. */ - -/* begin standard C headers. */ -#include -#include -#include -#include - -/* end standard C headers. */ - -/* flex integer type definitions */ - -#ifndef FLEXINT_H -#define FLEXINT_H - -/* C99 systems have . Non-C99 systems may or may not. */ - -#if __STDC_VERSION__ >= 199901L - -/* C99 says to define __STDC_LIMIT_MACROS before including stdint.h, - * if you want the limit (max/min) macros for int types. - */ -#ifndef __STDC_LIMIT_MACROS -#define __STDC_LIMIT_MACROS 1 -#endif - -#include -typedef int8_t flex_int8_t; -typedef uint8_t flex_uint8_t; -typedef int16_t flex_int16_t; -typedef uint16_t flex_uint16_t; -typedef int32_t flex_int32_t; -typedef uint32_t flex_uint32_t; -#else -typedef signed char flex_int8_t; -typedef short int flex_int16_t; -typedef int flex_int32_t; -typedef unsigned char flex_uint8_t; -typedef unsigned short int flex_uint16_t; -typedef unsigned int flex_uint32_t; -#endif /* ! C99 */ - -/* Limits of integral types. */ -#ifndef INT8_MIN -#define INT8_MIN (-128) -#endif -#ifndef INT16_MIN -#define INT16_MIN (-32767-1) -#endif -#ifndef INT32_MIN -#define INT32_MIN (-2147483647-1) -#endif -#ifndef INT8_MAX -#define INT8_MAX (127) -#endif -#ifndef INT16_MAX -#define INT16_MAX (32767) -#endif -#ifndef INT32_MAX -#define INT32_MAX (2147483647) -#endif -#ifndef UINT8_MAX -#define UINT8_MAX (255U) -#endif -#ifndef UINT16_MAX -#define UINT16_MAX (65535U) -#endif -#ifndef UINT32_MAX -#define UINT32_MAX (4294967295U) -#endif - -#endif /* ! FLEXINT_H */ - -#ifdef __cplusplus - -/* The "const" storage-class-modifier is valid. */ -#define YY_USE_CONST - -#else /* ! __cplusplus */ - -#if __STDC__ - -#define YY_USE_CONST - -#endif /* __STDC__ */ -#endif /* ! __cplusplus */ - -#ifdef YY_USE_CONST -#define yyconst const -#else -#define yyconst -#endif - -/* Returned upon end-of-file. */ -#define YY_NULL 0 - -/* Promotes a possibly negative, possibly signed char to an unsigned - * integer for use as an array index. If the signed char is negative, - * we want to instead treat it as an 8-bit unsigned char, hence the - * double cast. - */ -#define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c) - -/* Enter a start condition. This macro really ought to take a parameter, - * but we do it the disgusting crufty way forced on us by the ()-less - * definition of BEGIN. - */ -#define BEGIN (yy_start) = 1 + 2 * - -/* Translate the current start state into a value that can be later handed - * to BEGIN to return to the state. The YYSTATE alias is for lex - * compatibility. - */ -#define YY_START (((yy_start) - 1) / 2) -#define YYSTATE YY_START - -/* Action number for EOF rule of a given start state. */ -#define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1) - -/* Special action meaning "start processing a new file". */ -#define YY_NEW_FILE yyrestart(yyin ) - -#define YY_END_OF_BUFFER_CHAR 0 - -/* Size of default input buffer. */ -#ifndef YY_BUF_SIZE -#define YY_BUF_SIZE 16384 -#endif - -/* The state buf must be large enough to hold one state per character in the main buffer. - */ -#define YY_STATE_BUF_SIZE ((YY_BUF_SIZE + 2) * sizeof(yy_state_type)) - -#ifndef YY_TYPEDEF_YY_BUFFER_STATE -#define YY_TYPEDEF_YY_BUFFER_STATE -typedef struct yy_buffer_state *YY_BUFFER_STATE; -#endif - -extern int yyleng; - -extern FILE *yyin, *yyout; - -#define EOB_ACT_CONTINUE_SCAN 0 -#define EOB_ACT_END_OF_FILE 1 -#define EOB_ACT_LAST_MATCH 2 - - #define YY_LESS_LINENO(n) - -/* Return all but the first "n" matched characters back to the input stream. */ -#define yyless(n) \ - do \ - { \ - /* Undo effects of setting up yytext. */ \ - int yyless_macro_arg = (n); \ - YY_LESS_LINENO(yyless_macro_arg);\ - *yy_cp = (yy_hold_char); \ - YY_RESTORE_YY_MORE_OFFSET \ - (yy_c_buf_p) = yy_cp = yy_bp + yyless_macro_arg - YY_MORE_ADJ; \ - YY_DO_BEFORE_ACTION; /* set up yytext again */ \ - } \ - while ( 0 ) - -#define unput(c) yyunput( c, (yytext_ptr) ) - -/* The following is because we cannot portably get our hands on size_t - * (without autoconf's help, which isn't available because we want - * flex-generated scanners to compile on their own). - */ - -#ifndef YY_TYPEDEF_YY_SIZE_T -#define YY_TYPEDEF_YY_SIZE_T -typedef unsigned int yy_size_t; -#endif - -#ifndef YY_STRUCT_YY_BUFFER_STATE -#define YY_STRUCT_YY_BUFFER_STATE -struct yy_buffer_state - { - FILE *yy_input_file; - - char *yy_ch_buf; /* input buffer */ - char *yy_buf_pos; /* current position in input buffer */ - - /* Size of input buffer in bytes, not including room for EOB - * characters. - */ - yy_size_t yy_buf_size; - - /* Number of characters read into yy_ch_buf, not including EOB - * characters. - */ - int yy_n_chars; - - /* Whether we "own" the buffer - i.e., we know we created it, - * and can realloc() it to grow it, and should free() it to - * delete it. - */ - int yy_is_our_buffer; - - /* Whether this is an "interactive" input source; if so, and - * if we're using stdio for input, then we want to use getc() - * instead of fread(), to make sure we stop fetching input after - * each newline. - */ - int yy_is_interactive; - - /* Whether we're considered to be at the beginning of a line. - * If so, '^' rules will be active on the next match, otherwise - * not. - */ - int yy_at_bol; - - int yy_bs_lineno; /**< The line count. */ - int yy_bs_column; /**< The column count. */ - - /* Whether to try to fill the input buffer when we reach the - * end of it. - */ - int yy_fill_buffer; - - int yy_buffer_status; - -#define YY_BUFFER_NEW 0 -#define YY_BUFFER_NORMAL 1 - /* When an EOF's been seen but there's still some text to process - * then we mark the buffer as YY_EOF_PENDING, to indicate that we - * shouldn't try reading from the input source any more. We might - * still have a bunch of tokens to match, though, because of - * possible backing-up. - * - * When we actually see the EOF, we change the status to "new" - * (via yyrestart()), so that the user can continue scanning by - * just pointing yyin at a new input file. - */ -#define YY_BUFFER_EOF_PENDING 2 - - }; -#endif /* !YY_STRUCT_YY_BUFFER_STATE */ - -/* Stack of input buffers. */ -static size_t yy_buffer_stack_top = 0; /**< index of top of stack. */ -static size_t yy_buffer_stack_max = 0; /**< capacity of stack. */ -static YY_BUFFER_STATE * yy_buffer_stack = 0; /**< Stack as an array. */ - -/* We provide macros for accessing buffer states in case in the - * future we want to put the buffer states in a more general - * "scanner state". - * - * Returns the top of the stack, or NULL. - */ -#define YY_CURRENT_BUFFER ( (yy_buffer_stack) \ - ? (yy_buffer_stack)[(yy_buffer_stack_top)] \ - : NULL) - -/* Same as previous macro, but useful when we know that the buffer stack is not - * NULL or when we need an lvalue. For internal use only. - */ -#define YY_CURRENT_BUFFER_LVALUE (yy_buffer_stack)[(yy_buffer_stack_top)] - -/* yy_hold_char holds the character lost when yytext is formed. */ -static char yy_hold_char; -static int yy_n_chars; /* number of characters read into yy_ch_buf */ -int yyleng; - -/* Points to current character in buffer. */ -static char *yy_c_buf_p = (char *) 0; -static int yy_init = 0; /* whether we need to initialize */ -static int yy_start = 0; /* start state number */ - -/* Flag which is used to allow yywrap()'s to do buffer switches - * instead of setting up a fresh yyin. A bit of a hack ... - */ -static int yy_did_buffer_switch_on_eof; - -void yyrestart (FILE *input_file ); -void yy_switch_to_buffer (YY_BUFFER_STATE new_buffer ); -YY_BUFFER_STATE yy_create_buffer (FILE *file,int size ); -void yy_delete_buffer (YY_BUFFER_STATE b ); -void yy_flush_buffer (YY_BUFFER_STATE b ); -void yypush_buffer_state (YY_BUFFER_STATE new_buffer ); -void yypop_buffer_state (void ); - -static void yyensure_buffer_stack (void ); -static void yy_load_buffer_state (void ); -static void yy_init_buffer (YY_BUFFER_STATE b,FILE *file ); - -#define YY_FLUSH_BUFFER yy_flush_buffer(YY_CURRENT_BUFFER ) - -YY_BUFFER_STATE yy_scan_buffer (char *base,yy_size_t size ); -YY_BUFFER_STATE yy_scan_string (yyconst char *yy_str ); -YY_BUFFER_STATE yy_scan_bytes (yyconst char *bytes,int len ); - -void *yyalloc (yy_size_t ); -void *yyrealloc (void *,yy_size_t ); -void yyfree (void * ); - -#define yy_new_buffer yy_create_buffer - -#define yy_set_interactive(is_interactive) \ - { \ - if ( ! YY_CURRENT_BUFFER ){ \ - yyensure_buffer_stack (); \ - YY_CURRENT_BUFFER_LVALUE = \ - yy_create_buffer(yyin,YY_BUF_SIZE ); \ - } \ - YY_CURRENT_BUFFER_LVALUE->yy_is_interactive = is_interactive; \ - } - -#define yy_set_bol(at_bol) \ - { \ - if ( ! YY_CURRENT_BUFFER ){\ - yyensure_buffer_stack (); \ - YY_CURRENT_BUFFER_LVALUE = \ - yy_create_buffer(yyin,YY_BUF_SIZE ); \ - } \ - YY_CURRENT_BUFFER_LVALUE->yy_at_bol = at_bol; \ - } - -#define YY_AT_BOL() (YY_CURRENT_BUFFER_LVALUE->yy_at_bol) - -/* Begin user sect3 */ - -typedef unsigned char YY_CHAR; - -FILE *yyin = (FILE *) 0, *yyout = (FILE *) 0; - -typedef int yy_state_type; - -extern int yylineno; - -int yylineno = 1; - -extern char *yytext; -#define yytext_ptr yytext - -static yy_state_type yy_get_previous_state (void ); -static yy_state_type yy_try_NUL_trans (yy_state_type current_state ); -static int yy_get_next_buffer (void ); -static void yy_fatal_error (yyconst char msg[] ); - -/* Done after the current pattern has been matched and before the - * corresponding action - sets up yytext. - */ -#define YY_DO_BEFORE_ACTION \ - (yytext_ptr) = yy_bp; \ - yyleng = (size_t) (yy_cp - yy_bp); \ - (yy_hold_char) = *yy_cp; \ - *yy_cp = '\0'; \ - (yy_c_buf_p) = yy_cp; - -#define YY_NUM_RULES 12 -#define YY_END_OF_BUFFER 13 -/* This struct is not used in this scanner, - but its presence is necessary. */ -struct yy_trans_info - { - flex_int32_t yy_verify; - flex_int32_t yy_nxt; - }; -static yyconst flex_int16_t yy_accept[54] = - { 0, - 0, 0, 13, 11, 7, 8, 9, 6, 10, 10, - 10, 10, 10, 6, 10, 10, 10, 10, 10, 10, - 5, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 2, 10, 3, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 1, 4, 0 - } ; - -static yyconst flex_int32_t yy_ec[256] = - { 0, - 1, 1, 1, 1, 1, 1, 1, 1, 2, 3, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 2, 1, 4, 5, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 6, 6, 6, - 6, 6, 6, 6, 6, 6, 6, 1, 1, 1, - 1, 1, 1, 1, 6, 6, 6, 6, 6, 6, - 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, - 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, - 1, 1, 1, 1, 7, 1, 8, 9, 10, 11, - - 12, 6, 6, 6, 13, 6, 14, 15, 16, 17, - 18, 19, 20, 21, 22, 23, 24, 6, 25, 6, - 6, 6, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1 - } ; - -static yyconst flex_int32_t yy_meta[26] = - { 0, - 1, 1, 2, 1, 1, 3, 3, 3, 3, 3, - 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, - 3, 3, 3, 3, 3 - } ; - -static yyconst flex_int16_t yy_base[57] = - { 0, - 0, 24, 69, 70, 70, 70, 70, 0, 0, 50, - 50, 54, 48, 0, 0, 48, 52, 42, 0, 45, - 0, 36, 43, 41, 49, 44, 36, 35, 30, 24, - 29, 18, 31, 18, 28, 22, 31, 0, 21, 0, - 12, 21, 24, 14, 21, 0, 2, 4, 3, 0, - 0, 0, 70, 48, 51, 3 - } ; - -static yyconst flex_int16_t yy_def[57] = - { 0, - 54, 54, 53, 53, 53, 53, 53, 55, 56, 56, - 56, 56, 56, 55, 56, 56, 56, 56, 56, 56, - 56, 56, 56, 56, 56, 56, 56, 56, 56, 56, - 56, 56, 56, 56, 56, 56, 56, 56, 56, 56, - 56, 56, 56, 56, 56, 56, 56, 56, 56, 56, - 56, 56, 0, 53, 53, 53 - } ; - -static yyconst flex_int16_t yy_nxt[96] = - { 0, - 4, 5, 6, 7, 8, 15, 53, 53, 53, 10, - 52, 11, 23, 24, 51, 50, 49, 53, 53, 53, - 12, 53, 48, 13, 4, 5, 6, 7, 8, 47, - 46, 45, 44, 10, 43, 11, 42, 41, 40, 39, - 38, 37, 36, 35, 12, 34, 33, 13, 9, 9, - 9, 14, 32, 14, 31, 30, 29, 28, 27, 26, - 25, 22, 21, 20, 19, 18, 17, 16, 53, 3, - 53, 53, 53, 53, 53, 53, 53, 53, 53, 53, - 53, 53, 53, 53, 53, 53, 53, 53, 53, 53, - 53, 53, 53, 53, 53 - - } ; - -static yyconst flex_int16_t yy_chk[96] = - { 0, - 1, 1, 1, 1, 1, 56, 0, 0, 0, 1, - 50, 1, 19, 19, 49, 48, 47, 0, 0, 0, - 1, 0, 46, 1, 2, 2, 2, 2, 2, 45, - 44, 43, 42, 2, 41, 2, 39, 37, 36, 35, - 34, 33, 32, 31, 2, 30, 29, 2, 54, 54, - 54, 55, 28, 55, 27, 26, 25, 24, 23, 22, - 20, 18, 17, 16, 13, 12, 11, 10, 3, 53, - 53, 53, 53, 53, 53, 53, 53, 53, 53, 53, - 53, 53, 53, 53, 53, 53, 53, 53, 53, 53, - 53, 53, 53, 53, 53 - - } ; - -static yy_state_type yy_last_accepting_state; -static char *yy_last_accepting_cpos; - -extern int yy_flex_debug; -int yy_flex_debug = 0; - -/* The intent behind this definition is that it'll catch - * any uses of REJECT which flex missed. - */ -#define REJECT reject_used_but_not_detected -#define yymore() yymore_used_but_not_detected -#define YY_MORE_ADJ 0 -#define YY_RESTORE_YY_MORE_OFFSET -char *yytext; -#line 1 "lex.l" -#line 2 "lex.l" -/* - * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#undef ECHO - -#include "make_cmds.h" -#include "parse.h" - -RCSID("$Id: lex.l 10703 2001-09-16 23:10:10Z assar $"); - -static unsigned lineno = 1; -static int getstring(void); - -#define YY_NO_UNPUT - -#undef ECHO - -#line 538 "lex.c" - -#define INITIAL 0 - -#ifndef YY_NO_UNISTD_H -/* Special case for "unistd.h", since it is non-ANSI. We include it way - * down here because we want the user's section 1 to have been scanned first. - * The user has a chance to override it with an option. - */ -#include -#endif - -#ifndef YY_EXTRA_TYPE -#define YY_EXTRA_TYPE void * -#endif - -static int yy_init_globals (void ); - -/* Macros after this point can all be overridden by user definitions in - * section 1. - */ - -#ifndef YY_SKIP_YYWRAP -#ifdef __cplusplus -extern "C" int yywrap (void ); -#else -extern int yywrap (void ); -#endif -#endif - - static void yyunput (int c,char *buf_ptr ); - -#ifndef yytext_ptr -static void yy_flex_strncpy (char *,yyconst char *,int ); -#endif - -#ifdef YY_NEED_STRLEN -static int yy_flex_strlen (yyconst char * ); -#endif - -#ifndef YY_NO_INPUT - -#ifdef __cplusplus -static int yyinput (void ); -#else -static int input (void ); -#endif - -#endif - -/* Amount of stuff to slurp up with each read. */ -#ifndef YY_READ_BUF_SIZE -#define YY_READ_BUF_SIZE 8192 -#endif - -/* Copy whatever the last rule matched to the standard output. */ -#ifndef ECHO -/* This used to be an fputs(), but since the string might contain NUL's, - * we now use fwrite(). - */ -#define ECHO (void) fwrite( yytext, yyleng, 1, yyout ) -#endif - -/* Gets input and stuffs it into "buf". number of characters read, or YY_NULL, - * is returned in "result". - */ -#ifndef YY_INPUT -#define YY_INPUT(buf,result,max_size) \ - if ( YY_CURRENT_BUFFER_LVALUE->yy_is_interactive ) \ - { \ - int c = '*'; \ - size_t n; \ - for ( n = 0; n < max_size && \ - (c = getc( yyin )) != EOF && c != '\n'; ++n ) \ - buf[n] = (char) c; \ - if ( c == '\n' ) \ - buf[n++] = (char) c; \ - if ( c == EOF && ferror( yyin ) ) \ - YY_FATAL_ERROR( "input in flex scanner failed" ); \ - result = n; \ - } \ - else \ - { \ - errno=0; \ - while ( (result = fread(buf, 1, max_size, yyin))==0 && ferror(yyin)) \ - { \ - if( errno != EINTR) \ - { \ - YY_FATAL_ERROR( "input in flex scanner failed" ); \ - break; \ - } \ - errno=0; \ - clearerr(yyin); \ - } \ - }\ -\ - -#endif - -/* No semi-colon after return; correct usage is to write "yyterminate();" - - * we don't want an extra ';' after the "return" because that will cause - * some compilers to complain about unreachable statements. - */ -#ifndef yyterminate -#define yyterminate() return YY_NULL -#endif - -/* Number of entries by which start-condition stack grows. */ -#ifndef YY_START_STACK_INCR -#define YY_START_STACK_INCR 25 -#endif - -/* Report a fatal error. */ -#ifndef YY_FATAL_ERROR -#define YY_FATAL_ERROR(msg) yy_fatal_error( msg ) -#endif - -/* end tables serialization structures and prototypes */ - -/* Default declaration of generated scanner - a define so the user can - * easily add parameters. - */ -#ifndef YY_DECL -#define YY_DECL_IS_OURS 1 - -extern int yylex (void); - -#define YY_DECL int yylex (void) -#endif /* !YY_DECL */ - -/* Code executed at the beginning of each rule, after yytext and yyleng - * have been set up. - */ -#ifndef YY_USER_ACTION -#define YY_USER_ACTION -#endif - -/* Code executed at the end of each rule. */ -#ifndef YY_BREAK -#define YY_BREAK break; -#endif - -#define YY_RULE_SETUP \ - YY_USER_ACTION - -/** The main scanner function which does all the work. - */ -YY_DECL -{ - register yy_state_type yy_current_state; - register char *yy_cp, *yy_bp; - register int yy_act; - -#line 52 "lex.l" - -#line 693 "lex.c" - - if ( !(yy_init) ) - { - (yy_init) = 1; - -#ifdef YY_USER_INIT - YY_USER_INIT; -#endif - - if ( ! (yy_start) ) - (yy_start) = 1; /* first start state */ - - if ( ! yyin ) - yyin = stdin; - - if ( ! yyout ) - yyout = stdout; - - if ( ! YY_CURRENT_BUFFER ) { - yyensure_buffer_stack (); - YY_CURRENT_BUFFER_LVALUE = - yy_create_buffer(yyin,YY_BUF_SIZE ); - } - - yy_load_buffer_state( ); - } - - while ( 1 ) /* loops until end-of-file is reached */ - { - yy_cp = (yy_c_buf_p); - - /* Support of yytext. */ - *yy_cp = (yy_hold_char); - - /* yy_bp points to the position in yy_ch_buf of the start of - * the current run. - */ - yy_bp = yy_cp; - - yy_current_state = (yy_start); -yy_match: - do - { - register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)]; - if ( yy_accept[yy_current_state] ) - { - (yy_last_accepting_state) = yy_current_state; - (yy_last_accepting_cpos) = yy_cp; - } - while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) - { - yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 54 ) - yy_c = yy_meta[(unsigned int) yy_c]; - } - yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - ++yy_cp; - } - while ( yy_base[yy_current_state] != 70 ); - -yy_find_action: - yy_act = yy_accept[yy_current_state]; - if ( yy_act == 0 ) - { /* have to back up */ - yy_cp = (yy_last_accepting_cpos); - yy_current_state = (yy_last_accepting_state); - yy_act = yy_accept[yy_current_state]; - } - - YY_DO_BEFORE_ACTION; - -do_action: /* This label is used only to access EOF actions. */ - - switch ( yy_act ) - { /* beginning of action switch */ - case 0: /* must back up */ - /* undo the effects of YY_DO_BEFORE_ACTION */ - *yy_cp = (yy_hold_char); - yy_cp = (yy_last_accepting_cpos); - yy_current_state = (yy_last_accepting_state); - goto yy_find_action; - -case 1: -YY_RULE_SETUP -#line 53 "lex.l" -{ return TABLE; } - YY_BREAK -case 2: -YY_RULE_SETUP -#line 54 "lex.l" -{ return REQUEST; } - YY_BREAK -case 3: -YY_RULE_SETUP -#line 55 "lex.l" -{ return UNKNOWN; } - YY_BREAK -case 4: -YY_RULE_SETUP -#line 56 "lex.l" -{ return UNIMPLEMENTED; } - YY_BREAK -case 5: -YY_RULE_SETUP -#line 57 "lex.l" -{ return END; } - YY_BREAK -case 6: -YY_RULE_SETUP -#line 58 "lex.l" -; - YY_BREAK -case 7: -YY_RULE_SETUP -#line 59 "lex.l" -; - YY_BREAK -case 8: -/* rule 8 can match eol */ -YY_RULE_SETUP -#line 60 "lex.l" -{ lineno++; } - YY_BREAK -case 9: -YY_RULE_SETUP -#line 61 "lex.l" -{ return getstring(); } - YY_BREAK -case 10: -YY_RULE_SETUP -#line 62 "lex.l" -{ yylval.string = strdup(yytext); return STRING; } - YY_BREAK -case 11: -YY_RULE_SETUP -#line 63 "lex.l" -{ return *yytext; } - YY_BREAK -case 12: -YY_RULE_SETUP -#line 64 "lex.l" -ECHO; - YY_BREAK -#line 837 "lex.c" -case YY_STATE_EOF(INITIAL): - yyterminate(); - - case YY_END_OF_BUFFER: - { - /* Amount of text matched not including the EOB char. */ - int yy_amount_of_matched_text = (int) (yy_cp - (yytext_ptr)) - 1; - - /* Undo the effects of YY_DO_BEFORE_ACTION. */ - *yy_cp = (yy_hold_char); - YY_RESTORE_YY_MORE_OFFSET - - if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_NEW ) - { - /* We're scanning a new file or input source. It's - * possible that this happened because the user - * just pointed yyin at a new source and called - * yylex(). If so, then we have to assure - * consistency between YY_CURRENT_BUFFER and our - * globals. Here is the right place to do so, because - * this is the first action (other than possibly a - * back-up) that will match for the new input source. - */ - (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_n_chars; - YY_CURRENT_BUFFER_LVALUE->yy_input_file = yyin; - YY_CURRENT_BUFFER_LVALUE->yy_buffer_status = YY_BUFFER_NORMAL; - } - - /* Note that here we test for yy_c_buf_p "<=" to the position - * of the first EOB in the buffer, since yy_c_buf_p will - * already have been incremented past the NUL character - * (since all states make transitions on EOB to the - * end-of-buffer state). Contrast this with the test - * in input(). - */ - if ( (yy_c_buf_p) <= &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] ) - { /* This was really a NUL. */ - yy_state_type yy_next_state; - - (yy_c_buf_p) = (yytext_ptr) + yy_amount_of_matched_text; - - yy_current_state = yy_get_previous_state( ); - - /* Okay, we're now positioned to make the NUL - * transition. We couldn't have - * yy_get_previous_state() go ahead and do it - * for us because it doesn't know how to deal - * with the possibility of jamming (and we don't - * want to build jamming into it because then it - * will run more slowly). - */ - - yy_next_state = yy_try_NUL_trans( yy_current_state ); - - yy_bp = (yytext_ptr) + YY_MORE_ADJ; - - if ( yy_next_state ) - { - /* Consume the NUL. */ - yy_cp = ++(yy_c_buf_p); - yy_current_state = yy_next_state; - goto yy_match; - } - - else - { - yy_cp = (yy_c_buf_p); - goto yy_find_action; - } - } - - else switch ( yy_get_next_buffer( ) ) - { - case EOB_ACT_END_OF_FILE: - { - (yy_did_buffer_switch_on_eof) = 0; - - if ( yywrap( ) ) - { - /* Note: because we've taken care in - * yy_get_next_buffer() to have set up - * yytext, we can now set up - * yy_c_buf_p so that if some total - * hoser (like flex itself) wants to - * call the scanner after we return the - * YY_NULL, it'll still work - another - * YY_NULL will get returned. - */ - (yy_c_buf_p) = (yytext_ptr) + YY_MORE_ADJ; - - yy_act = YY_STATE_EOF(YY_START); - goto do_action; - } - - else - { - if ( ! (yy_did_buffer_switch_on_eof) ) - YY_NEW_FILE; - } - break; - } - - case EOB_ACT_CONTINUE_SCAN: - (yy_c_buf_p) = - (yytext_ptr) + yy_amount_of_matched_text; - - yy_current_state = yy_get_previous_state( ); - - yy_cp = (yy_c_buf_p); - yy_bp = (yytext_ptr) + YY_MORE_ADJ; - goto yy_match; - - case EOB_ACT_LAST_MATCH: - (yy_c_buf_p) = - &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)]; - - yy_current_state = yy_get_previous_state( ); - - yy_cp = (yy_c_buf_p); - yy_bp = (yytext_ptr) + YY_MORE_ADJ; - goto yy_find_action; - } - break; - } - - default: - YY_FATAL_ERROR( - "fatal flex scanner internal error--no action found" ); - } /* end of action switch */ - } /* end of scanning one token */ -} /* end of yylex */ - -/* yy_get_next_buffer - try to read in a new buffer - * - * Returns a code representing an action: - * EOB_ACT_LAST_MATCH - - * EOB_ACT_CONTINUE_SCAN - continue scanning from current position - * EOB_ACT_END_OF_FILE - end of file - */ -static int yy_get_next_buffer (void) -{ - register char *dest = YY_CURRENT_BUFFER_LVALUE->yy_ch_buf; - register char *source = (yytext_ptr); - register int number_to_move, i; - int ret_val; - - if ( (yy_c_buf_p) > &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] ) - YY_FATAL_ERROR( - "fatal flex scanner internal error--end of buffer missed" ); - - if ( YY_CURRENT_BUFFER_LVALUE->yy_fill_buffer == 0 ) - { /* Don't try to fill the buffer, so this is an EOF. */ - if ( (yy_c_buf_p) - (yytext_ptr) - YY_MORE_ADJ == 1 ) - { - /* We matched a single character, the EOB, so - * treat this as a final EOF. - */ - return EOB_ACT_END_OF_FILE; - } - - else - { - /* We matched some text prior to the EOB, first - * process it. - */ - return EOB_ACT_LAST_MATCH; - } - } - - /* Try to read more data. */ - - /* First move last chars to start of buffer. */ - number_to_move = (int) ((yy_c_buf_p) - (yytext_ptr)) - 1; - - for ( i = 0; i < number_to_move; ++i ) - *(dest++) = *(source++); - - if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_EOF_PENDING ) - /* don't do the read, it's not guaranteed to return an EOF, - * just force an EOF - */ - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars) = 0; - - else - { - int num_to_read = - YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1; - - while ( num_to_read <= 0 ) - { /* Not enough room in the buffer - grow it. */ - - /* just a shorter name for the current buffer */ - YY_BUFFER_STATE b = YY_CURRENT_BUFFER; - - int yy_c_buf_p_offset = - (int) ((yy_c_buf_p) - b->yy_ch_buf); - - if ( b->yy_is_our_buffer ) - { - int new_size = b->yy_buf_size * 2; - - if ( new_size <= 0 ) - b->yy_buf_size += b->yy_buf_size / 8; - else - b->yy_buf_size *= 2; - - b->yy_ch_buf = (char *) - /* Include room in for 2 EOB chars. */ - yyrealloc((void *) b->yy_ch_buf,b->yy_buf_size + 2 ); - } - else - /* Can't grow it, we don't own it. */ - b->yy_ch_buf = 0; - - if ( ! b->yy_ch_buf ) - YY_FATAL_ERROR( - "fatal error - scanner input buffer overflow" ); - - (yy_c_buf_p) = &b->yy_ch_buf[yy_c_buf_p_offset]; - - num_to_read = YY_CURRENT_BUFFER_LVALUE->yy_buf_size - - number_to_move - 1; - - } - - if ( num_to_read > YY_READ_BUF_SIZE ) - num_to_read = YY_READ_BUF_SIZE; - - /* Read in more data. */ - YY_INPUT( (&YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move]), - (yy_n_chars), num_to_read ); - - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars); - } - - if ( (yy_n_chars) == 0 ) - { - if ( number_to_move == YY_MORE_ADJ ) - { - ret_val = EOB_ACT_END_OF_FILE; - yyrestart(yyin ); - } - - else - { - ret_val = EOB_ACT_LAST_MATCH; - YY_CURRENT_BUFFER_LVALUE->yy_buffer_status = - YY_BUFFER_EOF_PENDING; - } - } - - else - ret_val = EOB_ACT_CONTINUE_SCAN; - - (yy_n_chars) += number_to_move; - YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] = YY_END_OF_BUFFER_CHAR; - YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] = YY_END_OF_BUFFER_CHAR; - - (yytext_ptr) = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[0]; - - return ret_val; -} - -/* yy_get_previous_state - get the state just before the EOB char was reached */ - - static yy_state_type yy_get_previous_state (void) -{ - register yy_state_type yy_current_state; - register char *yy_cp; - - yy_current_state = (yy_start); - - for ( yy_cp = (yytext_ptr) + YY_MORE_ADJ; yy_cp < (yy_c_buf_p); ++yy_cp ) - { - register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1); - if ( yy_accept[yy_current_state] ) - { - (yy_last_accepting_state) = yy_current_state; - (yy_last_accepting_cpos) = yy_cp; - } - while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) - { - yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 54 ) - yy_c = yy_meta[(unsigned int) yy_c]; - } - yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - } - - return yy_current_state; -} - -/* yy_try_NUL_trans - try to make a transition on the NUL character - * - * synopsis - * next_state = yy_try_NUL_trans( current_state ); - */ - static yy_state_type yy_try_NUL_trans (yy_state_type yy_current_state ) -{ - register int yy_is_jam; - register char *yy_cp = (yy_c_buf_p); - - register YY_CHAR yy_c = 1; - if ( yy_accept[yy_current_state] ) - { - (yy_last_accepting_state) = yy_current_state; - (yy_last_accepting_cpos) = yy_cp; - } - while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) - { - yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 54 ) - yy_c = yy_meta[(unsigned int) yy_c]; - } - yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - yy_is_jam = (yy_current_state == 53); - - return yy_is_jam ? 0 : yy_current_state; -} - - static void yyunput (int c, register char * yy_bp ) -{ - register char *yy_cp; - - yy_cp = (yy_c_buf_p); - - /* undo effects of setting up yytext */ - *yy_cp = (yy_hold_char); - - if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 ) - { /* need to shift things up to make room */ - /* +2 for EOB chars. */ - register int number_to_move = (yy_n_chars) + 2; - register char *dest = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[ - YY_CURRENT_BUFFER_LVALUE->yy_buf_size + 2]; - register char *source = - &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move]; - - while ( source > YY_CURRENT_BUFFER_LVALUE->yy_ch_buf ) - *--dest = *--source; - - yy_cp += (int) (dest - source); - yy_bp += (int) (dest - source); - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = - (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_buf_size; - - if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 ) - YY_FATAL_ERROR( "flex scanner push-back overflow" ); - } - - *--yy_cp = (char) c; - - (yytext_ptr) = yy_bp; - (yy_hold_char) = *yy_cp; - (yy_c_buf_p) = yy_cp; -} - -#ifndef YY_NO_INPUT -#ifdef __cplusplus - static int yyinput (void) -#else - static int input (void) -#endif - -{ - int c; - - *(yy_c_buf_p) = (yy_hold_char); - - if ( *(yy_c_buf_p) == YY_END_OF_BUFFER_CHAR ) - { - /* yy_c_buf_p now points to the character we want to return. - * If this occurs *before* the EOB characters, then it's a - * valid NUL; if not, then we've hit the end of the buffer. - */ - if ( (yy_c_buf_p) < &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] ) - /* This was really a NUL. */ - *(yy_c_buf_p) = '\0'; - - else - { /* need more input */ - int offset = (yy_c_buf_p) - (yytext_ptr); - ++(yy_c_buf_p); - - switch ( yy_get_next_buffer( ) ) - { - case EOB_ACT_LAST_MATCH: - /* This happens because yy_g_n_b() - * sees that we've accumulated a - * token and flags that we need to - * try matching the token before - * proceeding. But for input(), - * there's no matching to consider. - * So convert the EOB_ACT_LAST_MATCH - * to EOB_ACT_END_OF_FILE. - */ - - /* Reset buffer status. */ - yyrestart(yyin ); - - /*FALLTHROUGH*/ - - case EOB_ACT_END_OF_FILE: - { - if ( yywrap( ) ) - return 0; - - if ( ! (yy_did_buffer_switch_on_eof) ) - YY_NEW_FILE; -#ifdef __cplusplus - return yyinput(); -#else - return input(); -#endif - } - - case EOB_ACT_CONTINUE_SCAN: - (yy_c_buf_p) = (yytext_ptr) + offset; - break; - } - } - } - - c = *(unsigned char *) (yy_c_buf_p); /* cast for 8-bit char's */ - *(yy_c_buf_p) = '\0'; /* preserve yytext */ - (yy_hold_char) = *++(yy_c_buf_p); - - return c; -} -#endif /* ifndef YY_NO_INPUT */ - -/** Immediately switch to a different input stream. - * @param input_file A readable stream. - * - * @note This function does not reset the start condition to @c INITIAL . - */ - void yyrestart (FILE * input_file ) -{ - - if ( ! YY_CURRENT_BUFFER ){ - yyensure_buffer_stack (); - YY_CURRENT_BUFFER_LVALUE = - yy_create_buffer(yyin,YY_BUF_SIZE ); - } - - yy_init_buffer(YY_CURRENT_BUFFER,input_file ); - yy_load_buffer_state( ); -} - -/** Switch to a different input buffer. - * @param new_buffer The new input buffer. - * - */ - void yy_switch_to_buffer (YY_BUFFER_STATE new_buffer ) -{ - - /* TODO. We should be able to replace this entire function body - * with - * yypop_buffer_state(); - * yypush_buffer_state(new_buffer); - */ - yyensure_buffer_stack (); - if ( YY_CURRENT_BUFFER == new_buffer ) - return; - - if ( YY_CURRENT_BUFFER ) - { - /* Flush out information for old buffer. */ - *(yy_c_buf_p) = (yy_hold_char); - YY_CURRENT_BUFFER_LVALUE->yy_buf_pos = (yy_c_buf_p); - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars); - } - - YY_CURRENT_BUFFER_LVALUE = new_buffer; - yy_load_buffer_state( ); - - /* We don't actually know whether we did this switch during - * EOF (yywrap()) processing, but the only time this flag - * is looked at is after yywrap() is called, so it's safe - * to go ahead and always set it. - */ - (yy_did_buffer_switch_on_eof) = 1; -} - -static void yy_load_buffer_state (void) -{ - (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_n_chars; - (yytext_ptr) = (yy_c_buf_p) = YY_CURRENT_BUFFER_LVALUE->yy_buf_pos; - yyin = YY_CURRENT_BUFFER_LVALUE->yy_input_file; - (yy_hold_char) = *(yy_c_buf_p); -} - -/** Allocate and initialize an input buffer state. - * @param file A readable stream. - * @param size The character buffer size in bytes. When in doubt, use @c YY_BUF_SIZE. - * - * @return the allocated buffer state. - */ - YY_BUFFER_STATE yy_create_buffer (FILE * file, int size ) -{ - YY_BUFFER_STATE b; - - b = (YY_BUFFER_STATE) yyalloc(sizeof( struct yy_buffer_state ) ); - if ( ! b ) - YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); - - b->yy_buf_size = size; - - /* yy_ch_buf has to be 2 characters longer than the size given because - * we need to put in 2 end-of-buffer characters. - */ - b->yy_ch_buf = (char *) yyalloc(b->yy_buf_size + 2 ); - if ( ! b->yy_ch_buf ) - YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); - - b->yy_is_our_buffer = 1; - - yy_init_buffer(b,file ); - - return b; -} - -/** Destroy the buffer. - * @param b a buffer created with yy_create_buffer() - * - */ - void yy_delete_buffer (YY_BUFFER_STATE b ) -{ - - if ( ! b ) - return; - - if ( b == YY_CURRENT_BUFFER ) /* Not sure if we should pop here. */ - YY_CURRENT_BUFFER_LVALUE = (YY_BUFFER_STATE) 0; - - if ( b->yy_is_our_buffer ) - yyfree((void *) b->yy_ch_buf ); - - yyfree((void *) b ); -} - -#ifndef __cplusplus -extern int isatty (int ); -#endif /* __cplusplus */ - -/* Initializes or reinitializes a buffer. - * This function is sometimes called more than once on the same buffer, - * such as during a yyrestart() or at EOF. - */ - static void yy_init_buffer (YY_BUFFER_STATE b, FILE * file ) - -{ - int oerrno = errno; - - yy_flush_buffer(b ); - - b->yy_input_file = file; - b->yy_fill_buffer = 1; - - /* If b is the current buffer, then yy_init_buffer was _probably_ - * called from yyrestart() or through yy_get_next_buffer. - * In that case, we don't want to reset the lineno or column. - */ - if (b != YY_CURRENT_BUFFER){ - b->yy_bs_lineno = 1; - b->yy_bs_column = 0; - } - - b->yy_is_interactive = file ? (isatty( fileno(file) ) > 0) : 0; - - errno = oerrno; -} - -/** Discard all buffered characters. On the next scan, YY_INPUT will be called. - * @param b the buffer state to be flushed, usually @c YY_CURRENT_BUFFER. - * - */ - void yy_flush_buffer (YY_BUFFER_STATE b ) -{ - if ( ! b ) - return; - - b->yy_n_chars = 0; - - /* We always need two end-of-buffer characters. The first causes - * a transition to the end-of-buffer state. The second causes - * a jam in that state. - */ - b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR; - b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR; - - b->yy_buf_pos = &b->yy_ch_buf[0]; - - b->yy_at_bol = 1; - b->yy_buffer_status = YY_BUFFER_NEW; - - if ( b == YY_CURRENT_BUFFER ) - yy_load_buffer_state( ); -} - -/** Pushes the new state onto the stack. The new state becomes - * the current state. This function will allocate the stack - * if necessary. - * @param new_buffer The new state. - * - */ -void yypush_buffer_state (YY_BUFFER_STATE new_buffer ) -{ - if (new_buffer == NULL) - return; - - yyensure_buffer_stack(); - - /* This block is copied from yy_switch_to_buffer. */ - if ( YY_CURRENT_BUFFER ) - { - /* Flush out information for old buffer. */ - *(yy_c_buf_p) = (yy_hold_char); - YY_CURRENT_BUFFER_LVALUE->yy_buf_pos = (yy_c_buf_p); - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars); - } - - /* Only push if top exists. Otherwise, replace top. */ - if (YY_CURRENT_BUFFER) - (yy_buffer_stack_top)++; - YY_CURRENT_BUFFER_LVALUE = new_buffer; - - /* copied from yy_switch_to_buffer. */ - yy_load_buffer_state( ); - (yy_did_buffer_switch_on_eof) = 1; -} - -/** Removes and deletes the top of the stack, if present. - * The next element becomes the new top. - * - */ -void yypop_buffer_state (void) -{ - if (!YY_CURRENT_BUFFER) - return; - - yy_delete_buffer(YY_CURRENT_BUFFER ); - YY_CURRENT_BUFFER_LVALUE = NULL; - if ((yy_buffer_stack_top) > 0) - --(yy_buffer_stack_top); - - if (YY_CURRENT_BUFFER) { - yy_load_buffer_state( ); - (yy_did_buffer_switch_on_eof) = 1; - } -} - -/* Allocates the stack if it does not exist. - * Guarantees space for at least one push. - */ -static void yyensure_buffer_stack (void) -{ - int num_to_alloc; - - if (!(yy_buffer_stack)) { - - /* First allocation is just for 2 elements, since we don't know if this - * scanner will even need a stack. We use 2 instead of 1 to avoid an - * immediate realloc on the next call. - */ - num_to_alloc = 1; - (yy_buffer_stack) = (struct yy_buffer_state**)yyalloc - (num_to_alloc * sizeof(struct yy_buffer_state*) - ); - - memset((yy_buffer_stack), 0, num_to_alloc * sizeof(struct yy_buffer_state*)); - - (yy_buffer_stack_max) = num_to_alloc; - (yy_buffer_stack_top) = 0; - return; - } - - if ((yy_buffer_stack_top) >= ((yy_buffer_stack_max)) - 1){ - - /* Increase the buffer to prepare for a possible push. */ - int grow_size = 8 /* arbitrary grow size */; - - num_to_alloc = (yy_buffer_stack_max) + grow_size; - (yy_buffer_stack) = (struct yy_buffer_state**)yyrealloc - ((yy_buffer_stack), - num_to_alloc * sizeof(struct yy_buffer_state*) - ); - - /* zero only the new slots.*/ - memset((yy_buffer_stack) + (yy_buffer_stack_max), 0, grow_size * sizeof(struct yy_buffer_state*)); - (yy_buffer_stack_max) = num_to_alloc; - } -} - -/** Setup the input buffer state to scan directly from a user-specified character buffer. - * @param base the character buffer - * @param size the size in bytes of the character buffer - * - * @return the newly allocated buffer state object. - */ -YY_BUFFER_STATE yy_scan_buffer (char * base, yy_size_t size ) -{ - YY_BUFFER_STATE b; - - if ( size < 2 || - base[size-2] != YY_END_OF_BUFFER_CHAR || - base[size-1] != YY_END_OF_BUFFER_CHAR ) - /* They forgot to leave room for the EOB's. */ - return 0; - - b = (YY_BUFFER_STATE) yyalloc(sizeof( struct yy_buffer_state ) ); - if ( ! b ) - YY_FATAL_ERROR( "out of dynamic memory in yy_scan_buffer()" ); - - b->yy_buf_size = size - 2; /* "- 2" to take care of EOB's */ - b->yy_buf_pos = b->yy_ch_buf = base; - b->yy_is_our_buffer = 0; - b->yy_input_file = 0; - b->yy_n_chars = b->yy_buf_size; - b->yy_is_interactive = 0; - b->yy_at_bol = 1; - b->yy_fill_buffer = 0; - b->yy_buffer_status = YY_BUFFER_NEW; - - yy_switch_to_buffer(b ); - - return b; -} - -/** Setup the input buffer state to scan a string. The next call to yylex() will - * scan from a @e copy of @a str. - * @param str a NUL-terminated string to scan - * - * @return the newly allocated buffer state object. - * @note If you want to scan bytes that may contain NUL values, then use - * yy_scan_bytes() instead. - */ -YY_BUFFER_STATE yy_scan_string (yyconst char * yystr ) -{ - - return yy_scan_bytes(yystr,strlen(yystr) ); -} - -/** Setup the input buffer state to scan the given bytes. The next call to yylex() will - * scan from a @e copy of @a bytes. - * @param bytes the byte buffer to scan - * @param len the number of bytes in the buffer pointed to by @a bytes. - * - * @return the newly allocated buffer state object. - */ -YY_BUFFER_STATE yy_scan_bytes (yyconst char * yybytes, int _yybytes_len ) -{ - YY_BUFFER_STATE b; - char *buf; - yy_size_t n; - int i; - - /* Get memory for full buffer, including space for trailing EOB's. */ - n = _yybytes_len + 2; - buf = (char *) yyalloc(n ); - if ( ! buf ) - YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" ); - - for ( i = 0; i < _yybytes_len; ++i ) - buf[i] = yybytes[i]; - - buf[_yybytes_len] = buf[_yybytes_len+1] = YY_END_OF_BUFFER_CHAR; - - b = yy_scan_buffer(buf,n ); - if ( ! b ) - YY_FATAL_ERROR( "bad buffer in yy_scan_bytes()" ); - - /* It's okay to grow etc. this buffer, and we should throw it - * away when we're done. - */ - b->yy_is_our_buffer = 1; - - return b; -} - -#ifndef YY_EXIT_FAILURE -#define YY_EXIT_FAILURE 2 -#endif - -static void yy_fatal_error (yyconst char* msg ) -{ - (void) fprintf( stderr, "%s\n", msg ); - exit( YY_EXIT_FAILURE ); -} - -/* Redefine yyless() so it works in section 3 code. */ - -#undef yyless -#define yyless(n) \ - do \ - { \ - /* Undo effects of setting up yytext. */ \ - int yyless_macro_arg = (n); \ - YY_LESS_LINENO(yyless_macro_arg);\ - yytext[yyleng] = (yy_hold_char); \ - (yy_c_buf_p) = yytext + yyless_macro_arg; \ - (yy_hold_char) = *(yy_c_buf_p); \ - *(yy_c_buf_p) = '\0'; \ - yyleng = yyless_macro_arg; \ - } \ - while ( 0 ) - -/* Accessor methods (get/set functions) to struct members. */ - -/** Get the current line number. - * - */ -int yyget_lineno (void) -{ - - return yylineno; -} - -/** Get the input stream. - * - */ -FILE *yyget_in (void) -{ - return yyin; -} - -/** Get the output stream. - * - */ -FILE *yyget_out (void) -{ - return yyout; -} - -/** Get the length of the current token. - * - */ -int yyget_leng (void) -{ - return yyleng; -} - -/** Get the current token. - * - */ - -char *yyget_text (void) -{ - return yytext; -} - -/** Set the current line number. - * @param line_number - * - */ -void yyset_lineno (int line_number ) -{ - - yylineno = line_number; -} - -/** Set the input stream. This does not discard the current - * input buffer. - * @param in_str A readable stream. - * - * @see yy_switch_to_buffer - */ -void yyset_in (FILE * in_str ) -{ - yyin = in_str ; -} - -void yyset_out (FILE * out_str ) -{ - yyout = out_str ; -} - -int yyget_debug (void) -{ - return yy_flex_debug; -} - -void yyset_debug (int bdebug ) -{ - yy_flex_debug = bdebug ; -} - -static int yy_init_globals (void) -{ - /* Initialization is the same as for the non-reentrant scanner. - * This function is called from yylex_destroy(), so don't allocate here. - */ - - (yy_buffer_stack) = 0; - (yy_buffer_stack_top) = 0; - (yy_buffer_stack_max) = 0; - (yy_c_buf_p) = (char *) 0; - (yy_init) = 0; - (yy_start) = 0; - -/* Defined in main.c */ -#ifdef YY_STDINIT - yyin = stdin; - yyout = stdout; -#else - yyin = (FILE *) 0; - yyout = (FILE *) 0; -#endif - - /* For future reference: Set errno on error, since we are called by - * yylex_init() - */ - return 0; -} - -/* yylex_destroy is for both reentrant and non-reentrant scanners. */ -int yylex_destroy (void) -{ - - /* Pop the buffer stack, destroying each element. */ - while(YY_CURRENT_BUFFER){ - yy_delete_buffer(YY_CURRENT_BUFFER ); - YY_CURRENT_BUFFER_LVALUE = NULL; - yypop_buffer_state(); - } - - /* Destroy the stack itself. */ - yyfree((yy_buffer_stack) ); - (yy_buffer_stack) = NULL; - - /* Reset the globals. This is important in a non-reentrant scanner so the next time - * yylex() is called, initialization will occur. */ - yy_init_globals( ); - - return 0; -} - -/* - * Internal utility routines. - */ - -#ifndef yytext_ptr -static void yy_flex_strncpy (char* s1, yyconst char * s2, int n ) -{ - register int i; - for ( i = 0; i < n; ++i ) - s1[i] = s2[i]; -} -#endif - -#ifdef YY_NEED_STRLEN -static int yy_flex_strlen (yyconst char * s ) -{ - register int n; - for ( n = 0; s[n]; ++n ) - ; - - return n; -} -#endif - -void *yyalloc (yy_size_t size ) -{ - return (void *) malloc( size ); -} - -void *yyrealloc (void * ptr, yy_size_t size ) -{ - /* The cast to (char *) in the following accommodates both - * implementations that use char* generic pointers, and those - * that use void* generic pointers. It works with the latter - * because both ANSI C and C++ allow castless assignment from - * any pointer type to void*, and deal with argument conversions - * as though doing an assignment. - */ - return (void *) realloc( (char *) ptr, size ); -} - -void yyfree (void * ptr ) -{ - free( (char *) ptr ); /* see yyrealloc() for (char *) cast */ -} - -#define YYTABLES_NAME "yytables" - -#line 64 "lex.l" - - - -#ifndef yywrap /* XXX */ -int -yywrap () -{ - return 1; -} -#endif - -static int -getstring(void) -{ - char x[128]; - int i = 0; - int c; - int backslash = 0; - while((c = input()) != EOF){ - if(backslash) { - if(c == 'n') - c = '\n'; - else if(c == 't') - c = '\t'; - x[i++] = c; - backslash = 0; - continue; - } - if(c == '\n'){ - error_message("unterminated string"); - lineno++; - break; - } - if(c == '\\'){ - backslash++; - continue; - } - if(c == '\"') - break; - x[i++] = c; - } - x[i] = '\0'; - yylval.string = strdup(x); - return STRING; -} - -void -error_message (const char *format, ...) -{ - va_list args; - - va_start (args, format); - fprintf (stderr, "%s:%d: ", filename, lineno); - vfprintf (stderr, format, args); - va_end (args); - numerror++; -} - diff --git a/crypto/heimdal/lib/sl/lex.l b/crypto/heimdal/lib/sl/lex.l deleted file mode 100644 index b4f8a2cdbcf4..000000000000 --- a/crypto/heimdal/lib/sl/lex.l +++ /dev/null @@ -1,119 +0,0 @@ -%{ -/* - * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#undef ECHO - -#include "make_cmds.h" -#include "parse.h" - -RCSID("$Id: lex.l 10703 2001-09-16 23:10:10Z assar $"); - -static unsigned lineno = 1; -static int getstring(void); - -#define YY_NO_UNPUT - -#undef ECHO - -%} - - -%% -command_table { return TABLE; } -request { return REQUEST; } -unknown { return UNKNOWN; } -unimplemented { return UNIMPLEMENTED; } -end { return END; } -#[^\n]* ; -[ \t] ; -\n { lineno++; } -\" { return getstring(); } -[a-zA-Z0-9_]+ { yylval.string = strdup(yytext); return STRING; } -. { return *yytext; } -%% - -#ifndef yywrap /* XXX */ -int -yywrap () -{ - return 1; -} -#endif - -static int -getstring(void) -{ - char x[128]; - int i = 0; - int c; - int backslash = 0; - while((c = input()) != EOF){ - if(backslash) { - if(c == 'n') - c = '\n'; - else if(c == 't') - c = '\t'; - x[i++] = c; - backslash = 0; - continue; - } - if(c == '\n'){ - error_message("unterminated string"); - lineno++; - break; - } - if(c == '\\'){ - backslash++; - continue; - } - if(c == '\"') - break; - x[i++] = c; - } - x[i] = '\0'; - yylval.string = strdup(x); - return STRING; -} - -void -error_message (const char *format, ...) -{ - va_list args; - - va_start (args, format); - fprintf (stderr, "%s:%d: ", filename, lineno); - vfprintf (stderr, format, args); - va_end (args); - numerror++; -} diff --git a/crypto/heimdal/lib/sl/make_cmds.c b/crypto/heimdal/lib/sl/make_cmds.c deleted file mode 100644 index c39be2136c97..000000000000 --- a/crypto/heimdal/lib/sl/make_cmds.c +++ /dev/null @@ -1,239 +0,0 @@ -/* - * Copyright (c) 1998-1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "make_cmds.h" -#include - -RCSID("$Id: make_cmds.c 15430 2005-06-16 19:25:45Z lha $"); - -#include -#include -#include "parse.h" - -int numerror; -extern FILE *yyin; -FILE *c_file; - -extern void yyparse(void); - -#ifdef YYDEBUG -extern int yydebug = 1; -#endif - -char *filename; -char *table_name; - -static struct command_list *commands; - -void -add_command(char *function, - char *help, - struct string_list *aliases, - unsigned flags) -{ - struct command_list *cl = malloc(sizeof(*cl)); - - if (cl == NULL) - err (1, "malloc"); - cl->function = function; - cl->help = help; - cl->aliases = aliases; - cl->flags = flags; - cl->next = NULL; - if(commands) { - *commands->tail = cl; - commands->tail = &cl->next; - return; - } - cl->tail = &cl->next; - commands = cl; -} - -static char * -quote(const char *str) -{ - char buf[1024]; /* XXX */ - const char *p; - char *q; - q = buf; - - *q++ = '\"'; - for(p = str; *p != '\0'; p++) { - if(*p == '\n') { - *q++ = '\\'; - *q++ = 'n'; - continue; - } - if(*p == '\t') { - *q++ = '\\'; - *q++ = 't'; - continue; - } - if(*p == '\"' || *p == '\\') - *q++ = '\\'; - *q++ = *p; - } - *q++ = '\"'; - *q++ = '\0'; - return strdup(buf); -} - -static void -generate_commands(void) -{ - char *base; - char *cfn; - char *p, *q; - - p = strrchr(table_name, '/'); - if(p == NULL) - p = table_name; - else - p++; - - base = strdup (p); - if (base == NULL) - err (1, "strdup"); - - p = strrchr(base, '.'); - if(p) - *p = '\0'; - - asprintf(&cfn, "%s.c", base); - if (cfn == NULL) - err (1, "asprintf"); - - c_file = fopen(cfn, "w"); - if (c_file == NULL) - err (1, "cannot fopen %s", cfn); - - fprintf(c_file, "/* Generated from %s */\n", filename); - fprintf(c_file, "\n"); - fprintf(c_file, "#include \n"); - fprintf(c_file, "#include \n"); - fprintf(c_file, "\n"); - - { - struct command_list *cl, *xl; - - for(cl = commands; cl; cl = cl->next) { - for(xl = commands; xl != cl; xl = xl->next) - if(strcmp(cl->function, xl->function) == 0) - break; - if(xl != cl) - continue; - /* XXX hack for ss_quit */ - if(strcmp(cl->function, "ss_quit") == 0) { - fprintf(c_file, "int %s (int, char**);\n", cl->function); - fprintf(c_file, "#define _ss_quit_wrap ss_quit\n\n"); - continue; - } - fprintf(c_file, "void %s (int, char**);\n", cl->function); - fprintf(c_file, "static int _%s_wrap (int argc, char **argv)\n", - cl->function); - fprintf(c_file, "{\n"); - fprintf(c_file, " %s (argc, argv);\n", cl->function); - fprintf(c_file, " return 0;\n"); - fprintf(c_file, "}\n\n"); - } - - fprintf(c_file, "SL_cmd %s[] = {\n", table_name); - for(cl = commands; cl; cl = cl->next) { - struct string_list *sl; - sl = cl->aliases; - p = quote(sl->string); - q = quote(cl->help); - fprintf(c_file, " { %s, _%s_wrap, %s },\n", p, cl->function, q); - free(p); - free(q); - - for(sl = sl->next; sl; sl = sl->next) { - p = quote(sl->string); - fprintf(c_file, " { %s },\n", p); - free(p); - } - } - fprintf(c_file, " { NULL },\n"); - fprintf(c_file, "};\n"); - fprintf(c_file, "\n"); - } - fclose(c_file); - free(base); - free(cfn); -} - -int version_flag; -int help_flag; -struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; -int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage(int code) -{ - arg_printusage(args, num_args, NULL, "command-table"); - exit(code); -} - -int -main(int argc, char **argv) -{ - int optidx = 0; - - setprogname(argv[0]); - if(getarg(args, num_args, argc, argv, &optidx)) - usage(1); - if(help_flag) - usage(0); - if(version_flag) { - print_version(NULL); - exit(0); - } - - if(argc == optidx) - usage(1); - filename = argv[optidx]; - yyin = fopen(filename, "r"); - if(yyin == NULL) - err(1, "%s", filename); - - yyparse(); - - generate_commands(); - - if(numerror) - return 1; - return 0; -} diff --git a/crypto/heimdal/lib/sl/make_cmds.h b/crypto/heimdal/lib/sl/make_cmds.h deleted file mode 100644 index 818e5e85940d..000000000000 --- a/crypto/heimdal/lib/sl/make_cmds.h +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: make_cmds.h 8467 2000-06-27 02:36:56Z assar $ */ - -#ifndef __MAKE_CMDS_H__ -#define __MAKE_CMDS_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include - -#include - -extern char *filename; -extern char *table_name; -extern int numerror; - -struct command_list { - char *function; - char *help; - struct string_list *aliases; - unsigned flags; - struct command_list *next; - struct command_list **tail; -}; - -struct string_list { - char *string; - struct string_list *next; - struct string_list **tail; -}; - -void add_command(char*, char*, struct string_list*, unsigned); - -void error_message(const char *, ...) - __attribute__ ((format (printf, 1,2))); - -int yylex (void); - -#endif /* __MAKE_CMDS_H__ */ diff --git a/crypto/heimdal/lib/sl/parse.c b/crypto/heimdal/lib/sl/parse.c deleted file mode 100644 index f79318dc3862..000000000000 --- a/crypto/heimdal/lib/sl/parse.c +++ /dev/null @@ -1,1724 +0,0 @@ -/* A Bison parser, made by GNU Bison 2.3. */ - -/* Skeleton implementation for Bison's Yacc-like parsers in C - - Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 - Free Software Foundation, Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2, or (at your option) - any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, - Boston, MA 02110-1301, USA. */ - -/* As a special exception, you may create a larger work that contains - part or all of the Bison parser skeleton and distribute that work - under terms of your choice, so long as that work isn't itself a - parser generator using the skeleton or a modified version thereof - as a parser skeleton. Alternatively, if you modify or redistribute - the parser skeleton itself, you may (at your option) remove this - special exception, which will cause the skeleton and the resulting - Bison output files to be licensed under the GNU General Public - License without this special exception. - - This special exception was added by the Free Software Foundation in - version 2.2 of Bison. */ - -/* C LALR(1) parser skeleton written by Richard Stallman, by - simplifying the original so-called "semantic" parser. */ - -/* All symbols defined below should begin with yy or YY, to avoid - infringing on user name space. This should be done even for local - variables, as they might otherwise be expanded by user macros. - There are some unavoidable exceptions within include files to - define necessary library symbols; they are noted "INFRINGES ON - USER NAME SPACE" below. */ - -/* Identify Bison output. */ -#define YYBISON 1 - -/* Bison version. */ -#define YYBISON_VERSION "2.3" - -/* Skeleton name. */ -#define YYSKELETON_NAME "yacc.c" - -/* Pure parsers. */ -#define YYPURE 0 - -/* Using locations. */ -#define YYLSP_NEEDED 0 - - - -/* Tokens. */ -#ifndef YYTOKENTYPE -# define YYTOKENTYPE - /* Put the tokens into the symbol table, so that GDB and other debuggers - know about them. */ - enum yytokentype { - TABLE = 258, - REQUEST = 259, - UNKNOWN = 260, - UNIMPLEMENTED = 261, - END = 262, - STRING = 263 - }; -#endif -/* Tokens. */ -#define TABLE 258 -#define REQUEST 259 -#define UNKNOWN 260 -#define UNIMPLEMENTED 261 -#define END 262 -#define STRING 263 - - - - -/* Copy the first part of user declarations. */ -#line 1 "parse.y" - -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "make_cmds.h" -RCSID("$Id: parse.y 21745 2007-07-31 16:11:25Z lha $"); - -static void yyerror (char *s); - -struct string_list* append_string(struct string_list*, char*); -void free_string_list(struct string_list *list); -unsigned string_to_flag(const char *); - -/* This is for bison */ - -#if !defined(alloca) && !defined(HAVE_ALLOCA) -#define alloca(x) malloc(x) -#endif - - - -/* Enabling traces. */ -#ifndef YYDEBUG -# define YYDEBUG 0 -#endif - -/* Enabling verbose error messages. */ -#ifdef YYERROR_VERBOSE -# undef YYERROR_VERBOSE -# define YYERROR_VERBOSE 1 -#else -# define YYERROR_VERBOSE 0 -#endif - -/* Enabling the token table. */ -#ifndef YYTOKEN_TABLE -# define YYTOKEN_TABLE 0 -#endif - -#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED -typedef union YYSTYPE -#line 52 "parse.y" -{ - char *string; - unsigned number; - struct string_list *list; -} -/* Line 193 of yacc.c. */ -#line 169 "parse.c" - YYSTYPE; -# define yystype YYSTYPE /* obsolescent; will be withdrawn */ -# define YYSTYPE_IS_DECLARED 1 -# define YYSTYPE_IS_TRIVIAL 1 -#endif - - - -/* Copy the second part of user declarations. */ - - -/* Line 216 of yacc.c. */ -#line 182 "parse.c" - -#ifdef short -# undef short -#endif - -#ifdef YYTYPE_UINT8 -typedef YYTYPE_UINT8 yytype_uint8; -#else -typedef unsigned char yytype_uint8; -#endif - -#ifdef YYTYPE_INT8 -typedef YYTYPE_INT8 yytype_int8; -#elif (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -typedef signed char yytype_int8; -#else -typedef short int yytype_int8; -#endif - -#ifdef YYTYPE_UINT16 -typedef YYTYPE_UINT16 yytype_uint16; -#else -typedef unsigned short int yytype_uint16; -#endif - -#ifdef YYTYPE_INT16 -typedef YYTYPE_INT16 yytype_int16; -#else -typedef short int yytype_int16; -#endif - -#ifndef YYSIZE_T -# ifdef __SIZE_TYPE__ -# define YYSIZE_T __SIZE_TYPE__ -# elif defined size_t -# define YYSIZE_T size_t -# elif ! defined YYSIZE_T && (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -# include /* INFRINGES ON USER NAME SPACE */ -# define YYSIZE_T size_t -# else -# define YYSIZE_T unsigned int -# endif -#endif - -#define YYSIZE_MAXIMUM ((YYSIZE_T) -1) - -#ifndef YY_ -# if defined YYENABLE_NLS && YYENABLE_NLS -# if ENABLE_NLS -# include /* INFRINGES ON USER NAME SPACE */ -# define YY_(msgid) dgettext ("bison-runtime", msgid) -# endif -# endif -# ifndef YY_ -# define YY_(msgid) msgid -# endif -#endif - -/* Suppress unused-variable warnings by "using" E. */ -#if ! defined lint || defined __GNUC__ -# define YYUSE(e) ((void) (e)) -#else -# define YYUSE(e) /* empty */ -#endif - -/* Identity function, used to suppress warnings about constant conditions. */ -#ifndef lint -# define YYID(n) (n) -#else -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static int -YYID (int i) -#else -static int -YYID (i) - int i; -#endif -{ - return i; -} -#endif - -#if ! defined yyoverflow || YYERROR_VERBOSE - -/* The parser invokes alloca or malloc; define the necessary symbols. */ - -# ifdef YYSTACK_USE_ALLOCA -# if YYSTACK_USE_ALLOCA -# ifdef __GNUC__ -# define YYSTACK_ALLOC __builtin_alloca -# elif defined __BUILTIN_VA_ARG_INCR -# include /* INFRINGES ON USER NAME SPACE */ -# elif defined _AIX -# define YYSTACK_ALLOC __alloca -# elif defined _MSC_VER -# include /* INFRINGES ON USER NAME SPACE */ -# define alloca _alloca -# else -# define YYSTACK_ALLOC alloca -# if ! defined _ALLOCA_H && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -# include /* INFRINGES ON USER NAME SPACE */ -# ifndef _STDLIB_H -# define _STDLIB_H 1 -# endif -# endif -# endif -# endif -# endif - -# ifdef YYSTACK_ALLOC - /* Pacify GCC's `empty if-body' warning. */ -# define YYSTACK_FREE(Ptr) do { /* empty */; } while (YYID (0)) -# ifndef YYSTACK_ALLOC_MAXIMUM - /* The OS might guarantee only one guard page at the bottom of the stack, - and a page size can be as small as 4096 bytes. So we cannot safely - invoke alloca (N) if N exceeds 4096. Use a slightly smaller number - to allow for a few compiler-allocated temporary stack slots. */ -# define YYSTACK_ALLOC_MAXIMUM 4032 /* reasonable circa 2006 */ -# endif -# else -# define YYSTACK_ALLOC YYMALLOC -# define YYSTACK_FREE YYFREE -# ifndef YYSTACK_ALLOC_MAXIMUM -# define YYSTACK_ALLOC_MAXIMUM YYSIZE_MAXIMUM -# endif -# if (defined __cplusplus && ! defined _STDLIB_H \ - && ! ((defined YYMALLOC || defined malloc) \ - && (defined YYFREE || defined free))) -# include /* INFRINGES ON USER NAME SPACE */ -# ifndef _STDLIB_H -# define _STDLIB_H 1 -# endif -# endif -# ifndef YYMALLOC -# define YYMALLOC malloc -# if ! defined malloc && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -void *malloc (YYSIZE_T); /* INFRINGES ON USER NAME SPACE */ -# endif -# endif -# ifndef YYFREE -# define YYFREE free -# if ! defined free && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -void free (void *); /* INFRINGES ON USER NAME SPACE */ -# endif -# endif -# endif -#endif /* ! defined yyoverflow || YYERROR_VERBOSE */ - - -#if (! defined yyoverflow \ - && (! defined __cplusplus \ - || (defined YYSTYPE_IS_TRIVIAL && YYSTYPE_IS_TRIVIAL))) - -/* A type that is properly aligned for any stack member. */ -union yyalloc -{ - yytype_int16 yyss; - YYSTYPE yyvs; - }; - -/* The size of the maximum gap between one aligned stack and the next. */ -# define YYSTACK_GAP_MAXIMUM (sizeof (union yyalloc) - 1) - -/* The size of an array large to enough to hold all stacks, each with - N elements. */ -# define YYSTACK_BYTES(N) \ - ((N) * (sizeof (yytype_int16) + sizeof (YYSTYPE)) \ - + YYSTACK_GAP_MAXIMUM) - -/* Copy COUNT objects from FROM to TO. The source and destination do - not overlap. */ -# ifndef YYCOPY -# if defined __GNUC__ && 1 < __GNUC__ -# define YYCOPY(To, From, Count) \ - __builtin_memcpy (To, From, (Count) * sizeof (*(From))) -# else -# define YYCOPY(To, From, Count) \ - do \ - { \ - YYSIZE_T yyi; \ - for (yyi = 0; yyi < (Count); yyi++) \ - (To)[yyi] = (From)[yyi]; \ - } \ - while (YYID (0)) -# endif -# endif - -/* Relocate STACK from its old location to the new one. The - local variables YYSIZE and YYSTACKSIZE give the old and new number of - elements in the stack, and YYPTR gives the new location of the - stack. Advance YYPTR to a properly aligned location for the next - stack. */ -# define YYSTACK_RELOCATE(Stack) \ - do \ - { \ - YYSIZE_T yynewbytes; \ - YYCOPY (&yyptr->Stack, Stack, yysize); \ - Stack = &yyptr->Stack; \ - yynewbytes = yystacksize * sizeof (*Stack) + YYSTACK_GAP_MAXIMUM; \ - yyptr += yynewbytes / sizeof (*yyptr); \ - } \ - while (YYID (0)) - -#endif - -/* YYFINAL -- State number of the termination state. */ -#define YYFINAL 15 -/* YYLAST -- Last index in YYTABLE. */ -#define YYLAST 37 - -/* YYNTOKENS -- Number of terminals. */ -#define YYNTOKENS 13 -/* YYNNTS -- Number of nonterminals. */ -#define YYNNTS 7 -/* YYNRULES -- Number of rules. */ -#define YYNRULES 16 -/* YYNRULES -- Number of states. */ -#define YYNSTATES 40 - -/* YYTRANSLATE(YYLEX) -- Bison symbol number corresponding to YYLEX. */ -#define YYUNDEFTOK 2 -#define YYMAXUTOK 263 - -#define YYTRANSLATE(YYX) \ - ((unsigned int) (YYX) <= YYMAXUTOK ? yytranslate[YYX] : YYUNDEFTOK) - -/* YYTRANSLATE[YYLEX] -- Bison symbol number corresponding to YYLEX. */ -static const yytype_uint8 yytranslate[] = -{ - 0, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 11, 12, 2, 2, 10, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 9, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 1, 2, 3, 4, - 5, 6, 7, 8 -}; - -#if YYDEBUG -/* YYPRHS[YYN] -- Index of the first RHS symbol of rule number YYN in - YYRHS. */ -static const yytype_uint8 yyprhs[] = -{ - 0, 0, 3, 4, 6, 8, 11, 15, 27, 35, - 43, 47, 50, 52, 56, 58, 62 -}; - -/* YYRHS -- A `-1'-separated list of the rules' RHS. */ -static const yytype_int8 yyrhs[] = -{ - 14, 0, -1, -1, 15, -1, 16, -1, 15, 16, - -1, 3, 8, 9, -1, 4, 8, 10, 8, 10, - 17, 10, 11, 18, 12, 9, -1, 4, 8, 10, - 8, 10, 17, 9, -1, 6, 8, 10, 8, 10, - 17, 9, -1, 5, 17, 9, -1, 7, 9, -1, - 8, -1, 17, 10, 8, -1, 19, -1, 18, 10, - 19, -1, 8, -1 -}; - -/* YYRLINE[YYN] -- source line where rule number YYN was defined. */ -static const yytype_uint8 yyrline[] = -{ - 0, 65, 65, 66, 69, 70, 73, 77, 81, 85, - 91, 95, 101, 105, 111, 115, 120 -}; -#endif - -#if YYDEBUG || YYERROR_VERBOSE || YYTOKEN_TABLE -/* YYTNAME[SYMBOL-NUM] -- String name of the symbol SYMBOL-NUM. - First, the terminals, then, starting at YYNTOKENS, nonterminals. */ -static const char *const yytname[] = -{ - "$end", "error", "$undefined", "TABLE", "REQUEST", "UNKNOWN", - "UNIMPLEMENTED", "END", "STRING", "';'", "','", "'('", "')'", "$accept", - "file", "statements", "statement", "aliases", "flags", "flag", 0 -}; -#endif - -# ifdef YYPRINT -/* YYTOKNUM[YYLEX-NUM] -- Internal token number corresponding to - token YYLEX-NUM. */ -static const yytype_uint16 yytoknum[] = -{ - 0, 256, 257, 258, 259, 260, 261, 262, 263, 59, - 44, 40, 41 -}; -# endif - -/* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */ -static const yytype_uint8 yyr1[] = -{ - 0, 13, 14, 14, 15, 15, 16, 16, 16, 16, - 16, 16, 17, 17, 18, 18, 19 -}; - -/* YYR2[YYN] -- Number of symbols composing right hand side of rule YYN. */ -static const yytype_uint8 yyr2[] = -{ - 0, 2, 0, 1, 1, 2, 3, 11, 7, 7, - 3, 2, 1, 3, 1, 3, 1 -}; - -/* YYDEFACT[STATE-NAME] -- Default rule to reduce with in state - STATE-NUM when YYTABLE doesn't specify something else to do. Zero - means the default is an error. */ -static const yytype_uint8 yydefact[] = -{ - 2, 0, 0, 0, 0, 0, 0, 3, 4, 0, - 0, 12, 0, 0, 11, 1, 5, 6, 0, 10, - 0, 0, 0, 13, 0, 0, 0, 0, 0, 8, - 0, 9, 0, 16, 0, 14, 0, 0, 15, 7 -}; - -/* YYDEFGOTO[NTERM-NUM]. */ -static const yytype_int8 yydefgoto[] = -{ - -1, 6, 7, 8, 12, 34, 35 -}; - -/* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing - STATE-NUM. */ -#define YYPACT_NINF -10 -static const yytype_int8 yypact[] = -{ - -3, 0, 10, 11, 12, 13, 21, -3, -10, 14, - 15, -10, 1, 16, -10, -10, -10, -10, 19, -10, - 20, 22, 23, -10, 24, 11, 11, 3, 5, -10, - -2, -10, 27, -10, -5, -10, 27, 28, -10, -10 -}; - -/* YYPGOTO[NTERM-NUM]. */ -static const yytype_int8 yypgoto[] = -{ - -10, -10, -10, 17, -9, -10, -7 -}; - -/* YYTABLE[YYPACT[STATE-NUM]]. What to do in state STATE-NUM. If - positive, shift that token. If negative, reduce the rule which - number is the opposite. If zero, do what YYDEFACT says. - If YYTABLE_NINF, syntax error. */ -#define YYTABLE_NINF -1 -static const yytype_uint8 yytable[] = -{ - 1, 2, 3, 4, 5, 36, 23, 37, 9, 32, - 19, 20, 29, 30, 31, 20, 27, 28, 10, 11, - 13, 15, 14, 17, 16, 18, 21, 22, 23, 38, - 24, 0, 0, 25, 26, 33, 0, 39 -}; - -static const yytype_int8 yycheck[] = -{ - 3, 4, 5, 6, 7, 10, 8, 12, 8, 11, - 9, 10, 9, 10, 9, 10, 25, 26, 8, 8, - 8, 0, 9, 9, 7, 10, 10, 8, 8, 36, - 8, -1, -1, 10, 10, 8, -1, 9 -}; - -/* YYSTOS[STATE-NUM] -- The (internal number of the) accessing - symbol of state STATE-NUM. */ -static const yytype_uint8 yystos[] = -{ - 0, 3, 4, 5, 6, 7, 14, 15, 16, 8, - 8, 8, 17, 8, 9, 0, 16, 9, 10, 9, - 10, 10, 8, 8, 8, 10, 10, 17, 17, 9, - 10, 9, 11, 8, 18, 19, 10, 12, 19, 9 -}; - -#define yyerrok (yyerrstatus = 0) -#define yyclearin (yychar = YYEMPTY) -#define YYEMPTY (-2) -#define YYEOF 0 - -#define YYACCEPT goto yyacceptlab -#define YYABORT goto yyabortlab -#define YYERROR goto yyerrorlab - - -/* Like YYERROR except do call yyerror. This remains here temporarily - to ease the transition to the new meaning of YYERROR, for GCC. - Once GCC version 2 has supplanted version 1, this can go. */ - -#define YYFAIL goto yyerrlab - -#define YYRECOVERING() (!!yyerrstatus) - -#define YYBACKUP(Token, Value) \ -do \ - if (yychar == YYEMPTY && yylen == 1) \ - { \ - yychar = (Token); \ - yylval = (Value); \ - yytoken = YYTRANSLATE (yychar); \ - YYPOPSTACK (1); \ - goto yybackup; \ - } \ - else \ - { \ - yyerror (YY_("syntax error: cannot back up")); \ - YYERROR; \ - } \ -while (YYID (0)) - - -#define YYTERROR 1 -#define YYERRCODE 256 - - -/* YYLLOC_DEFAULT -- Set CURRENT to span from RHS[1] to RHS[N]. - If N is 0, then set CURRENT to the empty location which ends - the previous symbol: RHS[0] (always defined). */ - -#define YYRHSLOC(Rhs, K) ((Rhs)[K]) -#ifndef YYLLOC_DEFAULT -# define YYLLOC_DEFAULT(Current, Rhs, N) \ - do \ - if (YYID (N)) \ - { \ - (Current).first_line = YYRHSLOC (Rhs, 1).first_line; \ - (Current).first_column = YYRHSLOC (Rhs, 1).first_column; \ - (Current).last_line = YYRHSLOC (Rhs, N).last_line; \ - (Current).last_column = YYRHSLOC (Rhs, N).last_column; \ - } \ - else \ - { \ - (Current).first_line = (Current).last_line = \ - YYRHSLOC (Rhs, 0).last_line; \ - (Current).first_column = (Current).last_column = \ - YYRHSLOC (Rhs, 0).last_column; \ - } \ - while (YYID (0)) -#endif - - -/* YY_LOCATION_PRINT -- Print the location on the stream. - This macro was not mandated originally: define only if we know - we won't break user code: when these are the locations we know. */ - -#ifndef YY_LOCATION_PRINT -# if defined YYLTYPE_IS_TRIVIAL && YYLTYPE_IS_TRIVIAL -# define YY_LOCATION_PRINT(File, Loc) \ - fprintf (File, "%d.%d-%d.%d", \ - (Loc).first_line, (Loc).first_column, \ - (Loc).last_line, (Loc).last_column) -# else -# define YY_LOCATION_PRINT(File, Loc) ((void) 0) -# endif -#endif - - -/* YYLEX -- calling `yylex' with the right arguments. */ - -#ifdef YYLEX_PARAM -# define YYLEX yylex (YYLEX_PARAM) -#else -# define YYLEX yylex () -#endif - -/* Enable debugging if requested. */ -#if YYDEBUG - -# ifndef YYFPRINTF -# include /* INFRINGES ON USER NAME SPACE */ -# define YYFPRINTF fprintf -# endif - -# define YYDPRINTF(Args) \ -do { \ - if (yydebug) \ - YYFPRINTF Args; \ -} while (YYID (0)) - -# define YY_SYMBOL_PRINT(Title, Type, Value, Location) \ -do { \ - if (yydebug) \ - { \ - YYFPRINTF (stderr, "%s ", Title); \ - yy_symbol_print (stderr, \ - Type, Value); \ - YYFPRINTF (stderr, "\n"); \ - } \ -} while (YYID (0)) - - -/*--------------------------------. -| Print this symbol on YYOUTPUT. | -`--------------------------------*/ - -/*ARGSUSED*/ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yy_symbol_value_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep) -#else -static void -yy_symbol_value_print (yyoutput, yytype, yyvaluep) - FILE *yyoutput; - int yytype; - YYSTYPE const * const yyvaluep; -#endif -{ - if (!yyvaluep) - return; -# ifdef YYPRINT - if (yytype < YYNTOKENS) - YYPRINT (yyoutput, yytoknum[yytype], *yyvaluep); -# else - YYUSE (yyoutput); -# endif - switch (yytype) - { - default: - break; - } -} - - -/*--------------------------------. -| Print this symbol on YYOUTPUT. | -`--------------------------------*/ - -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yy_symbol_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep) -#else -static void -yy_symbol_print (yyoutput, yytype, yyvaluep) - FILE *yyoutput; - int yytype; - YYSTYPE const * const yyvaluep; -#endif -{ - if (yytype < YYNTOKENS) - YYFPRINTF (yyoutput, "token %s (", yytname[yytype]); - else - YYFPRINTF (yyoutput, "nterm %s (", yytname[yytype]); - - yy_symbol_value_print (yyoutput, yytype, yyvaluep); - YYFPRINTF (yyoutput, ")"); -} - -/*------------------------------------------------------------------. -| yy_stack_print -- Print the state stack from its BOTTOM up to its | -| TOP (included). | -`------------------------------------------------------------------*/ - -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yy_stack_print (yytype_int16 *bottom, yytype_int16 *top) -#else -static void -yy_stack_print (bottom, top) - yytype_int16 *bottom; - yytype_int16 *top; -#endif -{ - YYFPRINTF (stderr, "Stack now"); - for (; bottom <= top; ++bottom) - YYFPRINTF (stderr, " %d", *bottom); - YYFPRINTF (stderr, "\n"); -} - -# define YY_STACK_PRINT(Bottom, Top) \ -do { \ - if (yydebug) \ - yy_stack_print ((Bottom), (Top)); \ -} while (YYID (0)) - - -/*------------------------------------------------. -| Report that the YYRULE is going to be reduced. | -`------------------------------------------------*/ - -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yy_reduce_print (YYSTYPE *yyvsp, int yyrule) -#else -static void -yy_reduce_print (yyvsp, yyrule) - YYSTYPE *yyvsp; - int yyrule; -#endif -{ - int yynrhs = yyr2[yyrule]; - int yyi; - unsigned long int yylno = yyrline[yyrule]; - YYFPRINTF (stderr, "Reducing stack by rule %d (line %lu):\n", - yyrule - 1, yylno); - /* The symbols being reduced. */ - for (yyi = 0; yyi < yynrhs; yyi++) - { - fprintf (stderr, " $%d = ", yyi + 1); - yy_symbol_print (stderr, yyrhs[yyprhs[yyrule] + yyi], - &(yyvsp[(yyi + 1) - (yynrhs)]) - ); - fprintf (stderr, "\n"); - } -} - -# define YY_REDUCE_PRINT(Rule) \ -do { \ - if (yydebug) \ - yy_reduce_print (yyvsp, Rule); \ -} while (YYID (0)) - -/* Nonzero means print parse trace. It is left uninitialized so that - multiple parsers can coexist. */ -int yydebug; -#else /* !YYDEBUG */ -# define YYDPRINTF(Args) -# define YY_SYMBOL_PRINT(Title, Type, Value, Location) -# define YY_STACK_PRINT(Bottom, Top) -# define YY_REDUCE_PRINT(Rule) -#endif /* !YYDEBUG */ - - -/* YYINITDEPTH -- initial size of the parser's stacks. */ -#ifndef YYINITDEPTH -# define YYINITDEPTH 200 -#endif - -/* YYMAXDEPTH -- maximum size the stacks can grow to (effective only - if the built-in stack extension method is used). - - Do not make this value too large; the results are undefined if - YYSTACK_ALLOC_MAXIMUM < YYSTACK_BYTES (YYMAXDEPTH) - evaluated with infinite-precision integer arithmetic. */ - -#ifndef YYMAXDEPTH -# define YYMAXDEPTH 10000 -#endif - - - -#if YYERROR_VERBOSE - -# ifndef yystrlen -# if defined __GLIBC__ && defined _STRING_H -# define yystrlen strlen -# else -/* Return the length of YYSTR. */ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static YYSIZE_T -yystrlen (const char *yystr) -#else -static YYSIZE_T -yystrlen (yystr) - const char *yystr; -#endif -{ - YYSIZE_T yylen; - for (yylen = 0; yystr[yylen]; yylen++) - continue; - return yylen; -} -# endif -# endif - -# ifndef yystpcpy -# if defined __GLIBC__ && defined _STRING_H && defined _GNU_SOURCE -# define yystpcpy stpcpy -# else -/* Copy YYSRC to YYDEST, returning the address of the terminating '\0' in - YYDEST. */ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static char * -yystpcpy (char *yydest, const char *yysrc) -#else -static char * -yystpcpy (yydest, yysrc) - char *yydest; - const char *yysrc; -#endif -{ - char *yyd = yydest; - const char *yys = yysrc; - - while ((*yyd++ = *yys++) != '\0') - continue; - - return yyd - 1; -} -# endif -# endif - -# ifndef yytnamerr -/* Copy to YYRES the contents of YYSTR after stripping away unnecessary - quotes and backslashes, so that it's suitable for yyerror. The - heuristic is that double-quoting is unnecessary unless the string - contains an apostrophe, a comma, or backslash (other than - backslash-backslash). YYSTR is taken from yytname. If YYRES is - null, do not copy; instead, return the length of what the result - would have been. */ -static YYSIZE_T -yytnamerr (char *yyres, const char *yystr) -{ - if (*yystr == '"') - { - YYSIZE_T yyn = 0; - char const *yyp = yystr; - - for (;;) - switch (*++yyp) - { - case '\'': - case ',': - goto do_not_strip_quotes; - - case '\\': - if (*++yyp != '\\') - goto do_not_strip_quotes; - /* Fall through. */ - default: - if (yyres) - yyres[yyn] = *yyp; - yyn++; - break; - - case '"': - if (yyres) - yyres[yyn] = '\0'; - return yyn; - } - do_not_strip_quotes: ; - } - - if (! yyres) - return yystrlen (yystr); - - return yystpcpy (yyres, yystr) - yyres; -} -# endif - -/* Copy into YYRESULT an error message about the unexpected token - YYCHAR while in state YYSTATE. Return the number of bytes copied, - including the terminating null byte. If YYRESULT is null, do not - copy anything; just return the number of bytes that would be - copied. As a special case, return 0 if an ordinary "syntax error" - message will do. Return YYSIZE_MAXIMUM if overflow occurs during - size calculation. */ -static YYSIZE_T -yysyntax_error (char *yyresult, int yystate, int yychar) -{ - int yyn = yypact[yystate]; - - if (! (YYPACT_NINF < yyn && yyn <= YYLAST)) - return 0; - else - { - int yytype = YYTRANSLATE (yychar); - YYSIZE_T yysize0 = yytnamerr (0, yytname[yytype]); - YYSIZE_T yysize = yysize0; - YYSIZE_T yysize1; - int yysize_overflow = 0; - enum { YYERROR_VERBOSE_ARGS_MAXIMUM = 5 }; - char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM]; - int yyx; - -# if 0 - /* This is so xgettext sees the translatable formats that are - constructed on the fly. */ - YY_("syntax error, unexpected %s"); - YY_("syntax error, unexpected %s, expecting %s"); - YY_("syntax error, unexpected %s, expecting %s or %s"); - YY_("syntax error, unexpected %s, expecting %s or %s or %s"); - YY_("syntax error, unexpected %s, expecting %s or %s or %s or %s"); -# endif - char *yyfmt; - char const *yyf; - static char const yyunexpected[] = "syntax error, unexpected %s"; - static char const yyexpecting[] = ", expecting %s"; - static char const yyor[] = " or %s"; - char yyformat[sizeof yyunexpected - + sizeof yyexpecting - 1 - + ((YYERROR_VERBOSE_ARGS_MAXIMUM - 2) - * (sizeof yyor - 1))]; - char const *yyprefix = yyexpecting; - - /* Start YYX at -YYN if negative to avoid negative indexes in - YYCHECK. */ - int yyxbegin = yyn < 0 ? -yyn : 0; - - /* Stay within bounds of both yycheck and yytname. */ - int yychecklim = YYLAST - yyn + 1; - int yyxend = yychecklim < YYNTOKENS ? yychecklim : YYNTOKENS; - int yycount = 1; - - yyarg[0] = yytname[yytype]; - yyfmt = yystpcpy (yyformat, yyunexpected); - - for (yyx = yyxbegin; yyx < yyxend; ++yyx) - if (yycheck[yyx + yyn] == yyx && yyx != YYTERROR) - { - if (yycount == YYERROR_VERBOSE_ARGS_MAXIMUM) - { - yycount = 1; - yysize = yysize0; - yyformat[sizeof yyunexpected - 1] = '\0'; - break; - } - yyarg[yycount++] = yytname[yyx]; - yysize1 = yysize + yytnamerr (0, yytname[yyx]); - yysize_overflow |= (yysize1 < yysize); - yysize = yysize1; - yyfmt = yystpcpy (yyfmt, yyprefix); - yyprefix = yyor; - } - - yyf = YY_(yyformat); - yysize1 = yysize + yystrlen (yyf); - yysize_overflow |= (yysize1 < yysize); - yysize = yysize1; - - if (yysize_overflow) - return YYSIZE_MAXIMUM; - - if (yyresult) - { - /* Avoid sprintf, as that infringes on the user's name space. - Don't have undefined behavior even if the translation - produced a string with the wrong number of "%s"s. */ - char *yyp = yyresult; - int yyi = 0; - while ((*yyp = *yyf) != '\0') - { - if (*yyp == '%' && yyf[1] == 's' && yyi < yycount) - { - yyp += yytnamerr (yyp, yyarg[yyi++]); - yyf += 2; - } - else - { - yyp++; - yyf++; - } - } - } - return yysize; - } -} -#endif /* YYERROR_VERBOSE */ - - -/*-----------------------------------------------. -| Release the memory associated to this symbol. | -`-----------------------------------------------*/ - -/*ARGSUSED*/ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yydestruct (const char *yymsg, int yytype, YYSTYPE *yyvaluep) -#else -static void -yydestruct (yymsg, yytype, yyvaluep) - const char *yymsg; - int yytype; - YYSTYPE *yyvaluep; -#endif -{ - YYUSE (yyvaluep); - - if (!yymsg) - yymsg = "Deleting"; - YY_SYMBOL_PRINT (yymsg, yytype, yyvaluep, yylocationp); - - switch (yytype) - { - - default: - break; - } -} - - -/* Prevent warnings from -Wmissing-prototypes. */ - -#ifdef YYPARSE_PARAM -#if defined __STDC__ || defined __cplusplus -int yyparse (void *YYPARSE_PARAM); -#else -int yyparse (); -#endif -#else /* ! YYPARSE_PARAM */ -#if defined __STDC__ || defined __cplusplus -int yyparse (void); -#else -int yyparse (); -#endif -#endif /* ! YYPARSE_PARAM */ - - - -/* The look-ahead symbol. */ -int yychar; - -/* The semantic value of the look-ahead symbol. */ -YYSTYPE yylval; - -/* Number of syntax errors so far. */ -int yynerrs; - - - -/*----------. -| yyparse. | -`----------*/ - -#ifdef YYPARSE_PARAM -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -int -yyparse (void *YYPARSE_PARAM) -#else -int -yyparse (YYPARSE_PARAM) - void *YYPARSE_PARAM; -#endif -#else /* ! YYPARSE_PARAM */ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -int -yyparse (void) -#else -int -yyparse () - -#endif -#endif -{ - - int yystate; - int yyn; - int yyresult; - /* Number of tokens to shift before error messages enabled. */ - int yyerrstatus; - /* Look-ahead token as an internal (translated) token number. */ - int yytoken = 0; -#if YYERROR_VERBOSE - /* Buffer for error messages, and its allocated size. */ - char yymsgbuf[128]; - char *yymsg = yymsgbuf; - YYSIZE_T yymsg_alloc = sizeof yymsgbuf; -#endif - - /* Three stacks and their tools: - `yyss': related to states, - `yyvs': related to semantic values, - `yyls': related to locations. - - Refer to the stacks thru separate pointers, to allow yyoverflow - to reallocate them elsewhere. */ - - /* The state stack. */ - yytype_int16 yyssa[YYINITDEPTH]; - yytype_int16 *yyss = yyssa; - yytype_int16 *yyssp; - - /* The semantic value stack. */ - YYSTYPE yyvsa[YYINITDEPTH]; - YYSTYPE *yyvs = yyvsa; - YYSTYPE *yyvsp; - - - -#define YYPOPSTACK(N) (yyvsp -= (N), yyssp -= (N)) - - YYSIZE_T yystacksize = YYINITDEPTH; - - /* The variables used to return semantic value and location from the - action routines. */ - YYSTYPE yyval; - - - /* The number of symbols on the RHS of the reduced rule. - Keep to zero when no symbol should be popped. */ - int yylen = 0; - - YYDPRINTF ((stderr, "Starting parse\n")); - - yystate = 0; - yyerrstatus = 0; - yynerrs = 0; - yychar = YYEMPTY; /* Cause a token to be read. */ - - /* Initialize stack pointers. - Waste one element of value and location stack - so that they stay on the same level as the state stack. - The wasted elements are never initialized. */ - - yyssp = yyss; - yyvsp = yyvs; - - goto yysetstate; - -/*------------------------------------------------------------. -| yynewstate -- Push a new state, which is found in yystate. | -`------------------------------------------------------------*/ - yynewstate: - /* In all cases, when you get here, the value and location stacks - have just been pushed. So pushing a state here evens the stacks. */ - yyssp++; - - yysetstate: - *yyssp = yystate; - - if (yyss + yystacksize - 1 <= yyssp) - { - /* Get the current used size of the three stacks, in elements. */ - YYSIZE_T yysize = yyssp - yyss + 1; - -#ifdef yyoverflow - { - /* Give user a chance to reallocate the stack. Use copies of - these so that the &'s don't force the real ones into - memory. */ - YYSTYPE *yyvs1 = yyvs; - yytype_int16 *yyss1 = yyss; - - - /* Each stack pointer address is followed by the size of the - data in use in that stack, in bytes. This used to be a - conditional around just the two extra args, but that might - be undefined if yyoverflow is a macro. */ - yyoverflow (YY_("memory exhausted"), - &yyss1, yysize * sizeof (*yyssp), - &yyvs1, yysize * sizeof (*yyvsp), - - &yystacksize); - - yyss = yyss1; - yyvs = yyvs1; - } -#else /* no yyoverflow */ -# ifndef YYSTACK_RELOCATE - goto yyexhaustedlab; -# else - /* Extend the stack our own way. */ - if (YYMAXDEPTH <= yystacksize) - goto yyexhaustedlab; - yystacksize *= 2; - if (YYMAXDEPTH < yystacksize) - yystacksize = YYMAXDEPTH; - - { - yytype_int16 *yyss1 = yyss; - union yyalloc *yyptr = - (union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize)); - if (! yyptr) - goto yyexhaustedlab; - YYSTACK_RELOCATE (yyss); - YYSTACK_RELOCATE (yyvs); - -# undef YYSTACK_RELOCATE - if (yyss1 != yyssa) - YYSTACK_FREE (yyss1); - } -# endif -#endif /* no yyoverflow */ - - yyssp = yyss + yysize - 1; - yyvsp = yyvs + yysize - 1; - - - YYDPRINTF ((stderr, "Stack size increased to %lu\n", - (unsigned long int) yystacksize)); - - if (yyss + yystacksize - 1 <= yyssp) - YYABORT; - } - - YYDPRINTF ((stderr, "Entering state %d\n", yystate)); - - goto yybackup; - -/*-----------. -| yybackup. | -`-----------*/ -yybackup: - - /* Do appropriate processing given the current state. Read a - look-ahead token if we need one and don't already have one. */ - - /* First try to decide what to do without reference to look-ahead token. */ - yyn = yypact[yystate]; - if (yyn == YYPACT_NINF) - goto yydefault; - - /* Not known => get a look-ahead token if don't already have one. */ - - /* YYCHAR is either YYEMPTY or YYEOF or a valid look-ahead symbol. */ - if (yychar == YYEMPTY) - { - YYDPRINTF ((stderr, "Reading a token: ")); - yychar = YYLEX; - } - - if (yychar <= YYEOF) - { - yychar = yytoken = YYEOF; - YYDPRINTF ((stderr, "Now at end of input.\n")); - } - else - { - yytoken = YYTRANSLATE (yychar); - YY_SYMBOL_PRINT ("Next token is", yytoken, &yylval, &yylloc); - } - - /* If the proper action on seeing token YYTOKEN is to reduce or to - detect an error, take that action. */ - yyn += yytoken; - if (yyn < 0 || YYLAST < yyn || yycheck[yyn] != yytoken) - goto yydefault; - yyn = yytable[yyn]; - if (yyn <= 0) - { - if (yyn == 0 || yyn == YYTABLE_NINF) - goto yyerrlab; - yyn = -yyn; - goto yyreduce; - } - - if (yyn == YYFINAL) - YYACCEPT; - - /* Count tokens shifted since error; after three, turn off error - status. */ - if (yyerrstatus) - yyerrstatus--; - - /* Shift the look-ahead token. */ - YY_SYMBOL_PRINT ("Shifting", yytoken, &yylval, &yylloc); - - /* Discard the shifted token unless it is eof. */ - if (yychar != YYEOF) - yychar = YYEMPTY; - - yystate = yyn; - *++yyvsp = yylval; - - goto yynewstate; - - -/*-----------------------------------------------------------. -| yydefault -- do the default action for the current state. | -`-----------------------------------------------------------*/ -yydefault: - yyn = yydefact[yystate]; - if (yyn == 0) - goto yyerrlab; - goto yyreduce; - - -/*-----------------------------. -| yyreduce -- Do a reduction. | -`-----------------------------*/ -yyreduce: - /* yyn is the number of a rule to reduce with. */ - yylen = yyr2[yyn]; - - /* If YYLEN is nonzero, implement the default value of the action: - `$$ = $1'. - - Otherwise, the following line sets YYVAL to garbage. - This behavior is undocumented and Bison - users should not rely upon it. Assigning to YYVAL - unconditionally makes the parser a bit smaller, and it avoids a - GCC warning that YYVAL may be used uninitialized. */ - yyval = yyvsp[1-yylen]; - - - YY_REDUCE_PRINT (yyn); - switch (yyn) - { - case 6: -#line 74 "parse.y" - { - table_name = (yyvsp[(2) - (3)].string); - } - break; - - case 7: -#line 78 "parse.y" - { - add_command((yyvsp[(2) - (11)].string), (yyvsp[(4) - (11)].string), (yyvsp[(6) - (11)].list), (yyvsp[(9) - (11)].number)); - } - break; - - case 8: -#line 82 "parse.y" - { - add_command((yyvsp[(2) - (7)].string), (yyvsp[(4) - (7)].string), (yyvsp[(6) - (7)].list), 0); - } - break; - - case 9: -#line 86 "parse.y" - { - free((yyvsp[(2) - (7)].string)); - free((yyvsp[(4) - (7)].string)); - free_string_list((yyvsp[(6) - (7)].list)); - } - break; - - case 10: -#line 92 "parse.y" - { - free_string_list((yyvsp[(2) - (3)].list)); - } - break; - - case 11: -#line 96 "parse.y" - { - YYACCEPT; - } - break; - - case 12: -#line 102 "parse.y" - { - (yyval.list) = append_string(NULL, (yyvsp[(1) - (1)].string)); - } - break; - - case 13: -#line 106 "parse.y" - { - (yyval.list) = append_string((yyvsp[(1) - (3)].list), (yyvsp[(3) - (3)].string)); - } - break; - - case 14: -#line 112 "parse.y" - { - (yyval.number) = (yyvsp[(1) - (1)].number); - } - break; - - case 15: -#line 116 "parse.y" - { - (yyval.number) = (yyvsp[(1) - (3)].number) | (yyvsp[(3) - (3)].number); - } - break; - - case 16: -#line 121 "parse.y" - { - (yyval.number) = string_to_flag((yyvsp[(1) - (1)].string)); - free((yyvsp[(1) - (1)].string)); - } - break; - - -/* Line 1267 of yacc.c. */ -#line 1469 "parse.c" - default: break; - } - YY_SYMBOL_PRINT ("-> $$ =", yyr1[yyn], &yyval, &yyloc); - - YYPOPSTACK (yylen); - yylen = 0; - YY_STACK_PRINT (yyss, yyssp); - - *++yyvsp = yyval; - - - /* Now `shift' the result of the reduction. Determine what state - that goes to, based on the state we popped back to and the rule - number reduced by. */ - - yyn = yyr1[yyn]; - - yystate = yypgoto[yyn - YYNTOKENS] + *yyssp; - if (0 <= yystate && yystate <= YYLAST && yycheck[yystate] == *yyssp) - yystate = yytable[yystate]; - else - yystate = yydefgoto[yyn - YYNTOKENS]; - - goto yynewstate; - - -/*------------------------------------. -| yyerrlab -- here on detecting error | -`------------------------------------*/ -yyerrlab: - /* If not already recovering from an error, report this error. */ - if (!yyerrstatus) - { - ++yynerrs; -#if ! YYERROR_VERBOSE - yyerror (YY_("syntax error")); -#else - { - YYSIZE_T yysize = yysyntax_error (0, yystate, yychar); - if (yymsg_alloc < yysize && yymsg_alloc < YYSTACK_ALLOC_MAXIMUM) - { - YYSIZE_T yyalloc = 2 * yysize; - if (! (yysize <= yyalloc && yyalloc <= YYSTACK_ALLOC_MAXIMUM)) - yyalloc = YYSTACK_ALLOC_MAXIMUM; - if (yymsg != yymsgbuf) - YYSTACK_FREE (yymsg); - yymsg = (char *) YYSTACK_ALLOC (yyalloc); - if (yymsg) - yymsg_alloc = yyalloc; - else - { - yymsg = yymsgbuf; - yymsg_alloc = sizeof yymsgbuf; - } - } - - if (0 < yysize && yysize <= yymsg_alloc) - { - (void) yysyntax_error (yymsg, yystate, yychar); - yyerror (yymsg); - } - else - { - yyerror (YY_("syntax error")); - if (yysize != 0) - goto yyexhaustedlab; - } - } -#endif - } - - - - if (yyerrstatus == 3) - { - /* If just tried and failed to reuse look-ahead token after an - error, discard it. */ - - if (yychar <= YYEOF) - { - /* Return failure if at end of input. */ - if (yychar == YYEOF) - YYABORT; - } - else - { - yydestruct ("Error: discarding", - yytoken, &yylval); - yychar = YYEMPTY; - } - } - - /* Else will try to reuse look-ahead token after shifting the error - token. */ - goto yyerrlab1; - - -/*---------------------------------------------------. -| yyerrorlab -- error raised explicitly by YYERROR. | -`---------------------------------------------------*/ -yyerrorlab: - - /* Pacify compilers like GCC when the user code never invokes - YYERROR and the label yyerrorlab therefore never appears in user - code. */ - if (/*CONSTCOND*/ 0) - goto yyerrorlab; - - /* Do not reclaim the symbols of the rule which action triggered - this YYERROR. */ - YYPOPSTACK (yylen); - yylen = 0; - YY_STACK_PRINT (yyss, yyssp); - yystate = *yyssp; - goto yyerrlab1; - - -/*-------------------------------------------------------------. -| yyerrlab1 -- common code for both syntax error and YYERROR. | -`-------------------------------------------------------------*/ -yyerrlab1: - yyerrstatus = 3; /* Each real token shifted decrements this. */ - - for (;;) - { - yyn = yypact[yystate]; - if (yyn != YYPACT_NINF) - { - yyn += YYTERROR; - if (0 <= yyn && yyn <= YYLAST && yycheck[yyn] == YYTERROR) - { - yyn = yytable[yyn]; - if (0 < yyn) - break; - } - } - - /* Pop the current state because it cannot handle the error token. */ - if (yyssp == yyss) - YYABORT; - - - yydestruct ("Error: popping", - yystos[yystate], yyvsp); - YYPOPSTACK (1); - yystate = *yyssp; - YY_STACK_PRINT (yyss, yyssp); - } - - if (yyn == YYFINAL) - YYACCEPT; - - *++yyvsp = yylval; - - - /* Shift the error token. */ - YY_SYMBOL_PRINT ("Shifting", yystos[yyn], yyvsp, yylsp); - - yystate = yyn; - goto yynewstate; - - -/*-------------------------------------. -| yyacceptlab -- YYACCEPT comes here. | -`-------------------------------------*/ -yyacceptlab: - yyresult = 0; - goto yyreturn; - -/*-----------------------------------. -| yyabortlab -- YYABORT comes here. | -`-----------------------------------*/ -yyabortlab: - yyresult = 1; - goto yyreturn; - -#ifndef yyoverflow -/*-------------------------------------------------. -| yyexhaustedlab -- memory exhaustion comes here. | -`-------------------------------------------------*/ -yyexhaustedlab: - yyerror (YY_("memory exhausted")); - yyresult = 2; - /* Fall through. */ -#endif - -yyreturn: - if (yychar != YYEOF && yychar != YYEMPTY) - yydestruct ("Cleanup: discarding lookahead", - yytoken, &yylval); - /* Do not reclaim the symbols of the rule which action triggered - this YYABORT or YYACCEPT. */ - YYPOPSTACK (yylen); - YY_STACK_PRINT (yyss, yyssp); - while (yyssp != yyss) - { - yydestruct ("Cleanup: popping", - yystos[*yyssp], yyvsp); - YYPOPSTACK (1); - } -#ifndef yyoverflow - if (yyss != yyssa) - YYSTACK_FREE (yyss); -#endif -#if YYERROR_VERBOSE - if (yymsg != yymsgbuf) - YYSTACK_FREE (yymsg); -#endif - /* Make sure YYID is used. */ - return YYID (yyresult); -} - - -#line 129 "parse.y" - - -static void -yyerror (char *s) -{ - error_message ("%s\n", s); -} - -struct string_list* -append_string(struct string_list *list, char *str) -{ - struct string_list *sl = malloc(sizeof(*sl)); - if (sl == NULL) - return sl; - sl->string = str; - sl->next = NULL; - if(list) { - *list->tail = sl; - list->tail = &sl->next; - return list; - } - sl->tail = &sl->next; - return sl; -} - -void -free_string_list(struct string_list *list) -{ - while(list) { - struct string_list *sl = list->next; - free(list->string); - free(list); - list = sl; - } -} - -unsigned -string_to_flag(const char *string) -{ - return 0; -} - diff --git a/crypto/heimdal/lib/sl/parse.h b/crypto/heimdal/lib/sl/parse.h deleted file mode 100644 index f7fef6dbefd2..000000000000 --- a/crypto/heimdal/lib/sl/parse.h +++ /dev/null @@ -1,78 +0,0 @@ -/* A Bison parser, made by GNU Bison 2.3. */ - -/* Skeleton interface for Bison's Yacc-like parsers in C - - Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 - Free Software Foundation, Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2, or (at your option) - any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, - Boston, MA 02110-1301, USA. */ - -/* As a special exception, you may create a larger work that contains - part or all of the Bison parser skeleton and distribute that work - under terms of your choice, so long as that work isn't itself a - parser generator using the skeleton or a modified version thereof - as a parser skeleton. Alternatively, if you modify or redistribute - the parser skeleton itself, you may (at your option) remove this - special exception, which will cause the skeleton and the resulting - Bison output files to be licensed under the GNU General Public - License without this special exception. - - This special exception was added by the Free Software Foundation in - version 2.2 of Bison. */ - -/* Tokens. */ -#ifndef YYTOKENTYPE -# define YYTOKENTYPE - /* Put the tokens into the symbol table, so that GDB and other debuggers - know about them. */ - enum yytokentype { - TABLE = 258, - REQUEST = 259, - UNKNOWN = 260, - UNIMPLEMENTED = 261, - END = 262, - STRING = 263 - }; -#endif -/* Tokens. */ -#define TABLE 258 -#define REQUEST 259 -#define UNKNOWN 260 -#define UNIMPLEMENTED 261 -#define END 262 -#define STRING 263 - - - - -#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED -typedef union YYSTYPE -#line 52 "parse.y" -{ - char *string; - unsigned number; - struct string_list *list; -} -/* Line 1529 of yacc.c. */ -#line 71 "parse.h" - YYSTYPE; -# define yystype YYSTYPE /* obsolescent; will be withdrawn */ -# define YYSTYPE_IS_DECLARED 1 -# define YYSTYPE_IS_TRIVIAL 1 -#endif - -extern YYSTYPE yylval; - diff --git a/crypto/heimdal/lib/sl/parse.y b/crypto/heimdal/lib/sl/parse.y deleted file mode 100644 index b08c19306db1..000000000000 --- a/crypto/heimdal/lib/sl/parse.y +++ /dev/null @@ -1,169 +0,0 @@ -%{ -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "make_cmds.h" -RCSID("$Id: parse.y 21745 2007-07-31 16:11:25Z lha $"); - -static void yyerror (char *s); - -struct string_list* append_string(struct string_list*, char*); -void free_string_list(struct string_list *list); -unsigned string_to_flag(const char *); - -/* This is for bison */ - -#if !defined(alloca) && !defined(HAVE_ALLOCA) -#define alloca(x) malloc(x) -#endif - -%} - -%union { - char *string; - unsigned number; - struct string_list *list; -} - -%token TABLE REQUEST UNKNOWN UNIMPLEMENTED END -%token STRING -%type flag flags -%type aliases - -%% - -file : /* */ - | statements - ; - -statements : statement - | statements statement - ; - -statement : TABLE STRING ';' - { - table_name = $2; - } - | REQUEST STRING ',' STRING ',' aliases ',' '(' flags ')' ';' - { - add_command($2, $4, $6, $9); - } - | REQUEST STRING ',' STRING ',' aliases ';' - { - add_command($2, $4, $6, 0); - } - | UNIMPLEMENTED STRING ',' STRING ',' aliases ';' - { - free($2); - free($4); - free_string_list($6); - } - | UNKNOWN aliases ';' - { - free_string_list($2); - } - | END ';' - { - YYACCEPT; - } - ; - -aliases : STRING - { - $$ = append_string(NULL, $1); - } - | aliases ',' STRING - { - $$ = append_string($1, $3); - } - ; - -flags : flag - { - $$ = $1; - } - | flags ',' flag - { - $$ = $1 | $3; - } - ; -flag : STRING - { - $$ = string_to_flag($1); - free($1); - } - ; - - - -%% - -static void -yyerror (char *s) -{ - error_message ("%s\n", s); -} - -struct string_list* -append_string(struct string_list *list, char *str) -{ - struct string_list *sl = malloc(sizeof(*sl)); - if (sl == NULL) - return sl; - sl->string = str; - sl->next = NULL; - if(list) { - *list->tail = sl; - list->tail = &sl->next; - return list; - } - sl->tail = &sl->next; - return sl; -} - -void -free_string_list(struct string_list *list) -{ - while(list) { - struct string_list *sl = list->next; - free(list->string); - free(list); - list = sl; - } -} - -unsigned -string_to_flag(const char *string) -{ - return 0; -} diff --git a/crypto/heimdal/lib/sl/roken_rename.h b/crypto/heimdal/lib/sl/roken_rename.h deleted file mode 100644 index 88ec0f82f0e0..000000000000 --- a/crypto/heimdal/lib/sl/roken_rename.h +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: roken_rename.h 9842 2001-05-06 21:47:54Z assar $ */ - -#ifndef __roken_rename_h__ -#define __roken_rename_h__ - -#ifndef HAVE_STRTOK_R -#define strtok_r _sl_strtok_r -#endif -#ifndef HAVE_SNPRINTF -#define snprintf _sl_snprintf -#endif -#ifndef HAVE_ASPRINTF -#define asprintf _sl_asprintf -#endif -#ifndef HAVE_ASNPRINTF -#define asnprintf _sl_asnprintf -#endif -#ifndef HAVE_VASPRINTF -#define vasprintf _sl_vasprintf -#endif -#ifndef HAVE_VASNPRINTF -#define vasnprintf _sl_vasnprintf -#endif -#ifndef HAVE_VSNPRINTF -#define vsnprintf _sl_vsnprintf -#endif -#ifndef HAVE_STRUPR -#define strupr _sl_strupr -#endif -#ifndef HAVE_STRDUP -#define strdup _sl_strdup -#endif - -#endif /* __roken_rename_h__ */ diff --git a/crypto/heimdal/lib/sl/sl.c b/crypto/heimdal/lib/sl/sl.c deleted file mode 100644 index 8f604e89b84b..000000000000 --- a/crypto/heimdal/lib/sl/sl.c +++ /dev/null @@ -1,396 +0,0 @@ -/* - * Copyright (c) 1995 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: sl.c 21160 2007-06-18 22:58:21Z lha $"); -#endif - -#include "sl_locl.h" -#include - -static void -mandoc_template(SL_cmd *cmds, - const char *extra_string) -{ - SL_cmd *c, *prev; - char timestr[64], cmd[64]; - const char *p; - time_t t; - - printf(".\\\" Things to fix:\n"); - printf(".\\\" * correct section, and operating system\n"); - printf(".\\\" * remove Op from mandatory flags\n"); - printf(".\\\" * use better macros for arguments (like .Pa for files)\n"); - printf(".\\\"\n"); - t = time(NULL); - strftime(timestr, sizeof(timestr), "%b %d, %Y", localtime(&t)); - printf(".Dd %s\n", timestr); - p = strrchr(getprogname(), '/'); - if(p) p++; else p = getprogname(); - strncpy(cmd, p, sizeof(cmd)); - cmd[sizeof(cmd)-1] = '\0'; - strupr(cmd); - - printf(".Dt %s SECTION\n", cmd); - printf(".Os OPERATING_SYSTEM\n"); - printf(".Sh NAME\n"); - printf(".Nm %s\n", p); - printf(".Nd\n"); - printf("in search of a description\n"); - printf(".Sh SYNOPSIS\n"); - printf(".Nm\n"); - for(c = cmds; c->name; ++c) { -/* if (c->func == NULL) - continue; */ - printf(".Op Fl %s", c->name); - printf("\n"); - - } - if (extra_string && *extra_string) - printf (".Ar %s\n", extra_string); - printf(".Sh DESCRIPTION\n"); - printf("Supported options:\n"); - printf(".Bl -tag -width Ds\n"); - prev = NULL; - for(c = cmds; c->name; ++c) { - if (c->func) { - if (prev) - printf ("\n%s\n", prev->usage); - - printf (".It Fl %s", c->name); - prev = c; - } else - printf (", %s\n", c->name); - } - if (prev) - printf ("\n%s\n", prev->usage); - - printf(".El\n"); - printf(".\\\".Sh ENVIRONMENT\n"); - printf(".\\\".Sh FILES\n"); - printf(".\\\".Sh EXAMPLES\n"); - printf(".\\\".Sh DIAGNOSTICS\n"); - printf(".\\\".Sh SEE ALSO\n"); - printf(".\\\".Sh STANDARDS\n"); - printf(".\\\".Sh HISTORY\n"); - printf(".\\\".Sh AUTHORS\n"); - printf(".\\\".Sh BUGS\n"); -} - -SL_cmd * -sl_match (SL_cmd *cmds, char *cmd, int exactp) -{ - SL_cmd *c, *current = NULL, *partial_cmd = NULL; - int partial_match = 0; - - for (c = cmds; c->name; ++c) { - if (c->func) - current = c; - if (strcmp (cmd, c->name) == 0) - return current; - else if (strncmp (cmd, c->name, strlen(cmd)) == 0 && - partial_cmd != current) { - ++partial_match; - partial_cmd = current; - } - } - if (partial_match == 1 && !exactp) - return partial_cmd; - else - return NULL; -} - -void -sl_help (SL_cmd *cmds, int argc, char **argv) -{ - SL_cmd *c, *prev_c; - - if (getenv("SLMANDOC")) { - mandoc_template(cmds, NULL); - return; - } - - if (argc == 1) { - prev_c = NULL; - for (c = cmds; c->name; ++c) { - if (c->func) { - if(prev_c) - printf ("\n\t%s%s", prev_c->usage ? prev_c->usage : "", - prev_c->usage ? "\n" : ""); - prev_c = c; - printf ("%s", c->name); - } else - printf (", %s", c->name); - } - if(prev_c) - printf ("\n\t%s%s", prev_c->usage ? prev_c->usage : "", - prev_c->usage ? "\n" : ""); - } else { - c = sl_match (cmds, argv[1], 0); - if (c == NULL) - printf ("No such command: %s. " - "Try \"help\" for a list of all commands\n", - argv[1]); - else { - printf ("%s\t%s\n", c->name, c->usage); - if(c->help && *c->help) - printf ("%s\n", c->help); - if((++c)->name && c->func == NULL) { - printf ("Synonyms:"); - while (c->name && c->func == NULL) - printf ("\t%s", (c++)->name); - printf ("\n"); - } - } - } -} - -#ifdef HAVE_READLINE - -char *readline(char *prompt); -void add_history(char *p); - -#else - -static char * -readline(char *prompt) -{ - char buf[BUFSIZ]; - printf ("%s", prompt); - fflush (stdout); - if(fgets(buf, sizeof(buf), stdin) == NULL) - return NULL; - buf[strcspn(buf, "\r\n")] = '\0'; - return strdup(buf); -} - -static void -add_history(char *p) -{ -} - -#endif - -int -sl_command(SL_cmd *cmds, int argc, char **argv) -{ - SL_cmd *c; - c = sl_match (cmds, argv[0], 0); - if (c == NULL) - return -1; - return (*c->func)(argc, argv); -} - -struct sl_data { - int max_count; - char **ptr; -}; - -int -sl_make_argv(char *line, int *ret_argc, char ***ret_argv) -{ - char *p, *begining; - int argc, nargv; - char **argv; - int quote = 0; - - nargv = 10; - argv = malloc(nargv * sizeof(*argv)); - if(argv == NULL) - return ENOMEM; - argc = 0; - - p = line; - - while(isspace((unsigned char)*p)) - p++; - begining = p; - - while (1) { - if (*p == '\0') { - ; - } else if (*p == '"') { - quote = !quote; - memmove(&p[0], &p[1], strlen(&p[1]) + 1); - continue; - } else if (*p == '\\') { - if (p[1] == '\0') - goto failed; - memmove(&p[0], &p[1], strlen(&p[1]) + 1); - p += 2; - continue; - } else if (quote || !isspace((unsigned char)*p)) { - p++; - continue; - } else - *p++ = '\0'; - if (quote) - goto failed; - if(argc == nargv - 1) { - char **tmp; - nargv *= 2; - tmp = realloc (argv, nargv * sizeof(*argv)); - if (tmp == NULL) { - free(argv); - return ENOMEM; - } - argv = tmp; - } - argv[argc++] = begining; - while(isspace((unsigned char)*p)) - p++; - if (*p == '\0') - break; - begining = p; - } - argv[argc] = NULL; - *ret_argc = argc; - *ret_argv = argv; - return 0; -failed: - free(argv); - return ERANGE; -} - -static jmp_buf sl_jmp; - -static void sl_sigint(int sig) -{ - longjmp(sl_jmp, 1); -} - -static char *sl_readline(const char *prompt) -{ - char *s; - void (*old)(int); - old = signal(SIGINT, sl_sigint); - if(setjmp(sl_jmp)) - printf("\n"); - s = readline(rk_UNCONST(prompt)); - signal(SIGINT, old); - return s; -} - -/* return values: - * 0 on success, - * -1 on fatal error, - * -2 if EOF, or - * return value of command */ -int -sl_command_loop(SL_cmd *cmds, const char *prompt, void **data) -{ - int ret = 0; - char *buf; - int argc; - char **argv; - - ret = 0; - buf = sl_readline(prompt); - if(buf == NULL) - return -2; - - if(*buf) - add_history(buf); - ret = sl_make_argv(buf, &argc, &argv); - if(ret) { - fprintf(stderr, "sl_loop: out of memory\n"); - free(buf); - return -1; - } - if (argc >= 1) { - ret = sl_command(cmds, argc, argv); - if(ret == -1) { - printf ("Unrecognized command: %s\n", argv[0]); - ret = 0; - } - } - free(buf); - free(argv); - return ret; -} - -int -sl_loop(SL_cmd *cmds, const char *prompt) -{ - void *data = NULL; - int ret; - while((ret = sl_command_loop(cmds, prompt, &data)) >= 0) - ; - return ret; -} - -void -sl_apropos (SL_cmd *cmd, const char *topic) -{ - for (; cmd->name != NULL; ++cmd) - if (cmd->usage != NULL && strstr(cmd->usage, topic) != NULL) - printf ("%-20s%s\n", cmd->name, cmd->usage); -} - -/* - * Help to be used with slc. - */ - -void -sl_slc_help (SL_cmd *cmds, int argc, char **argv) -{ - if(argc == 0) { - sl_help(cmds, 1, argv - 1 /* XXX */); - } else { - SL_cmd *c = sl_match (cmds, argv[0], 0); - if(c == NULL) { - fprintf (stderr, "No such command: %s. " - "Try \"help\" for a list of commands\n", - argv[0]); - } else { - if(c->func) { - char *fake[] = { NULL, "--help", NULL }; - fake[0] = argv[0]; - (*c->func)(2, fake); - fprintf(stderr, "\n"); - } - if(c->help && *c->help) - fprintf (stderr, "%s\n", c->help); - if((++c)->name && c->func == NULL) { - int f = 0; - fprintf (stderr, "Synonyms:"); - while (c->name && c->func == NULL) { - fprintf (stderr, "%s%s", f ? ", " : " ", (c++)->name); - f = 1; - } - fprintf (stderr, "\n"); - } - } - } -} diff --git a/crypto/heimdal/lib/sl/sl.h b/crypto/heimdal/lib/sl/sl.h deleted file mode 100644 index 8798ee8628e4..000000000000 --- a/crypto/heimdal/lib/sl/sl.h +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 1995 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: sl.h 17948 2006-08-28 14:16:43Z lha $ */ - -#ifndef _SL_H -#define _SL_H - -#define SL_BADCOMMAND -1 - -typedef int (*cmd_func)(int, char **); - -struct sl_cmd { - char *name; - cmd_func func; - char *usage; - char *help; -}; - -typedef struct sl_cmd SL_cmd; - -#ifdef __cplusplus -extern "C" { -#endif - -void sl_help (SL_cmd *, int argc, char **argv); -int sl_loop (SL_cmd *, const char *prompt); -int sl_command_loop (SL_cmd *cmds, const char *prompt, void **data); -int sl_command (SL_cmd *cmds, int argc, char **argv); -int sl_make_argv(char*, int*, char***); -void sl_apropos (SL_cmd *cmd, const char *topic); -SL_cmd *sl_match (SL_cmd *cmds, char *cmd, int exactp); -void sl_slc_help (SL_cmd *cmds, int argc, char **argv); - -#ifdef __cplusplus -} -#endif - -#endif /* _SL_H */ diff --git a/crypto/heimdal/lib/sl/sl_locl.h b/crypto/heimdal/lib/sl/sl_locl.h deleted file mode 100644 index a7bc843dc966..000000000000 --- a/crypto/heimdal/lib/sl/sl_locl.h +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: sl_locl.h 19517 2006-12-27 20:27:00Z lha $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include -#include - -#include - -#include diff --git a/crypto/heimdal/lib/sl/slc-gram.c b/crypto/heimdal/lib/sl/slc-gram.c deleted file mode 100644 index 1ab243bd2795..000000000000 --- a/crypto/heimdal/lib/sl/slc-gram.c +++ /dev/null @@ -1,2275 +0,0 @@ -/* A Bison parser, made by GNU Bison 2.3. */ - -/* Skeleton implementation for Bison's Yacc-like parsers in C - - Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 - Free Software Foundation, Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2, or (at your option) - any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, - Boston, MA 02110-1301, USA. */ - -/* As a special exception, you may create a larger work that contains - part or all of the Bison parser skeleton and distribute that work - under terms of your choice, so long as that work isn't itself a - parser generator using the skeleton or a modified version thereof - as a parser skeleton. Alternatively, if you modify or redistribute - the parser skeleton itself, you may (at your option) remove this - special exception, which will cause the skeleton and the resulting - Bison output files to be licensed under the GNU General Public - License without this special exception. - - This special exception was added by the Free Software Foundation in - version 2.2 of Bison. */ - -/* C LALR(1) parser skeleton written by Richard Stallman, by - simplifying the original so-called "semantic" parser. */ - -/* All symbols defined below should begin with yy or YY, to avoid - infringing on user name space. This should be done even for local - variables, as they might otherwise be expanded by user macros. - There are some unavoidable exceptions within include files to - define necessary library symbols; they are noted "INFRINGES ON - USER NAME SPACE" below. */ - -/* Identify Bison output. */ -#define YYBISON 1 - -/* Bison version. */ -#define YYBISON_VERSION "2.3" - -/* Skeleton name. */ -#define YYSKELETON_NAME "yacc.c" - -/* Pure parsers. */ -#define YYPURE 0 - -/* Using locations. */ -#define YYLSP_NEEDED 0 - - - -/* Tokens. */ -#ifndef YYTOKENTYPE -# define YYTOKENTYPE - /* Put the tokens into the symbol table, so that GDB and other debuggers - know about them. */ - enum yytokentype { - LITERAL = 258, - STRING = 259 - }; -#endif -/* Tokens. */ -#define LITERAL 258 -#define STRING 259 - - - - -/* Copy the first part of user declarations. */ -#line 1 "slc-gram.y" - -/* - * Copyright (c) 2004-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: slc-gram.y 20767 2007-06-01 11:24:52Z lha $"); -#endif - -#include -#include -#include -#include -#include -#include -#include -#include - -#include "slc.h" -extern FILE *yyin; -extern struct assignment *assignment; - - -/* Enabling traces. */ -#ifndef YYDEBUG -# define YYDEBUG 0 -#endif - -/* Enabling verbose error messages. */ -#ifdef YYERROR_VERBOSE -# undef YYERROR_VERBOSE -# define YYERROR_VERBOSE 1 -#else -# define YYERROR_VERBOSE 0 -#endif - -/* Enabling the token table. */ -#ifndef YYTOKEN_TABLE -# define YYTOKEN_TABLE 0 -#endif - -#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED -typedef union YYSTYPE -#line 54 "slc-gram.y" -{ - char *string; - struct assignment *assignment; -} -/* Line 193 of yacc.c. */ -#line 162 "slc-gram.c" - YYSTYPE; -# define yystype YYSTYPE /* obsolescent; will be withdrawn */ -# define YYSTYPE_IS_DECLARED 1 -# define YYSTYPE_IS_TRIVIAL 1 -#endif - - - -/* Copy the second part of user declarations. */ - - -/* Line 216 of yacc.c. */ -#line 175 "slc-gram.c" - -#ifdef short -# undef short -#endif - -#ifdef YYTYPE_UINT8 -typedef YYTYPE_UINT8 yytype_uint8; -#else -typedef unsigned char yytype_uint8; -#endif - -#ifdef YYTYPE_INT8 -typedef YYTYPE_INT8 yytype_int8; -#elif (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -typedef signed char yytype_int8; -#else -typedef short int yytype_int8; -#endif - -#ifdef YYTYPE_UINT16 -typedef YYTYPE_UINT16 yytype_uint16; -#else -typedef unsigned short int yytype_uint16; -#endif - -#ifdef YYTYPE_INT16 -typedef YYTYPE_INT16 yytype_int16; -#else -typedef short int yytype_int16; -#endif - -#ifndef YYSIZE_T -# ifdef __SIZE_TYPE__ -# define YYSIZE_T __SIZE_TYPE__ -# elif defined size_t -# define YYSIZE_T size_t -# elif ! defined YYSIZE_T && (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -# include /* INFRINGES ON USER NAME SPACE */ -# define YYSIZE_T size_t -# else -# define YYSIZE_T unsigned int -# endif -#endif - -#define YYSIZE_MAXIMUM ((YYSIZE_T) -1) - -#ifndef YY_ -# if defined YYENABLE_NLS && YYENABLE_NLS -# if ENABLE_NLS -# include /* INFRINGES ON USER NAME SPACE */ -# define YY_(msgid) dgettext ("bison-runtime", msgid) -# endif -# endif -# ifndef YY_ -# define YY_(msgid) msgid -# endif -#endif - -/* Suppress unused-variable warnings by "using" E. */ -#if ! defined lint || defined __GNUC__ -# define YYUSE(e) ((void) (e)) -#else -# define YYUSE(e) /* empty */ -#endif - -/* Identity function, used to suppress warnings about constant conditions. */ -#ifndef lint -# define YYID(n) (n) -#else -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static int -YYID (int i) -#else -static int -YYID (i) - int i; -#endif -{ - return i; -} -#endif - -#if ! defined yyoverflow || YYERROR_VERBOSE - -/* The parser invokes alloca or malloc; define the necessary symbols. */ - -# ifdef YYSTACK_USE_ALLOCA -# if YYSTACK_USE_ALLOCA -# ifdef __GNUC__ -# define YYSTACK_ALLOC __builtin_alloca -# elif defined __BUILTIN_VA_ARG_INCR -# include /* INFRINGES ON USER NAME SPACE */ -# elif defined _AIX -# define YYSTACK_ALLOC __alloca -# elif defined _MSC_VER -# include /* INFRINGES ON USER NAME SPACE */ -# define alloca _alloca -# else -# define YYSTACK_ALLOC alloca -# if ! defined _ALLOCA_H && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -# include /* INFRINGES ON USER NAME SPACE */ -# ifndef _STDLIB_H -# define _STDLIB_H 1 -# endif -# endif -# endif -# endif -# endif - -# ifdef YYSTACK_ALLOC - /* Pacify GCC's `empty if-body' warning. */ -# define YYSTACK_FREE(Ptr) do { /* empty */; } while (YYID (0)) -# ifndef YYSTACK_ALLOC_MAXIMUM - /* The OS might guarantee only one guard page at the bottom of the stack, - and a page size can be as small as 4096 bytes. So we cannot safely - invoke alloca (N) if N exceeds 4096. Use a slightly smaller number - to allow for a few compiler-allocated temporary stack slots. */ -# define YYSTACK_ALLOC_MAXIMUM 4032 /* reasonable circa 2006 */ -# endif -# else -# define YYSTACK_ALLOC YYMALLOC -# define YYSTACK_FREE YYFREE -# ifndef YYSTACK_ALLOC_MAXIMUM -# define YYSTACK_ALLOC_MAXIMUM YYSIZE_MAXIMUM -# endif -# if (defined __cplusplus && ! defined _STDLIB_H \ - && ! ((defined YYMALLOC || defined malloc) \ - && (defined YYFREE || defined free))) -# include /* INFRINGES ON USER NAME SPACE */ -# ifndef _STDLIB_H -# define _STDLIB_H 1 -# endif -# endif -# ifndef YYMALLOC -# define YYMALLOC malloc -# if ! defined malloc && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -void *malloc (YYSIZE_T); /* INFRINGES ON USER NAME SPACE */ -# endif -# endif -# ifndef YYFREE -# define YYFREE free -# if ! defined free && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -void free (void *); /* INFRINGES ON USER NAME SPACE */ -# endif -# endif -# endif -#endif /* ! defined yyoverflow || YYERROR_VERBOSE */ - - -#if (! defined yyoverflow \ - && (! defined __cplusplus \ - || (defined YYSTYPE_IS_TRIVIAL && YYSTYPE_IS_TRIVIAL))) - -/* A type that is properly aligned for any stack member. */ -union yyalloc -{ - yytype_int16 yyss; - YYSTYPE yyvs; - }; - -/* The size of the maximum gap between one aligned stack and the next. */ -# define YYSTACK_GAP_MAXIMUM (sizeof (union yyalloc) - 1) - -/* The size of an array large to enough to hold all stacks, each with - N elements. */ -# define YYSTACK_BYTES(N) \ - ((N) * (sizeof (yytype_int16) + sizeof (YYSTYPE)) \ - + YYSTACK_GAP_MAXIMUM) - -/* Copy COUNT objects from FROM to TO. The source and destination do - not overlap. */ -# ifndef YYCOPY -# if defined __GNUC__ && 1 < __GNUC__ -# define YYCOPY(To, From, Count) \ - __builtin_memcpy (To, From, (Count) * sizeof (*(From))) -# else -# define YYCOPY(To, From, Count) \ - do \ - { \ - YYSIZE_T yyi; \ - for (yyi = 0; yyi < (Count); yyi++) \ - (To)[yyi] = (From)[yyi]; \ - } \ - while (YYID (0)) -# endif -# endif - -/* Relocate STACK from its old location to the new one. The - local variables YYSIZE and YYSTACKSIZE give the old and new number of - elements in the stack, and YYPTR gives the new location of the - stack. Advance YYPTR to a properly aligned location for the next - stack. */ -# define YYSTACK_RELOCATE(Stack) \ - do \ - { \ - YYSIZE_T yynewbytes; \ - YYCOPY (&yyptr->Stack, Stack, yysize); \ - Stack = &yyptr->Stack; \ - yynewbytes = yystacksize * sizeof (*Stack) + YYSTACK_GAP_MAXIMUM; \ - yyptr += yynewbytes / sizeof (*yyptr); \ - } \ - while (YYID (0)) - -#endif - -/* YYFINAL -- State number of the termination state. */ -#define YYFINAL 6 -/* YYLAST -- Last index in YYTABLE. */ -#define YYLAST 7 - -/* YYNTOKENS -- Number of terminals. */ -#define YYNTOKENS 8 -/* YYNNTS -- Number of nonterminals. */ -#define YYNNTS 4 -/* YYNRULES -- Number of rules. */ -#define YYNRULES 6 -/* YYNRULES -- Number of states. */ -#define YYNSTATES 12 - -/* YYTRANSLATE(YYLEX) -- Bison symbol number corresponding to YYLEX. */ -#define YYUNDEFTOK 2 -#define YYMAXUTOK 259 - -#define YYTRANSLATE(YYX) \ - ((unsigned int) (YYX) <= YYMAXUTOK ? yytranslate[YYX] : YYUNDEFTOK) - -/* YYTRANSLATE[YYLEX] -- Bison symbol number corresponding to YYLEX. */ -static const yytype_uint8 yytranslate[] = -{ - 0, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 5, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 6, 2, 7, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 1, 2, 3, 4 -}; - -#if YYDEBUG -/* YYPRHS[YYN] -- Index of the first RHS symbol of rule number YYN in - YYRHS. */ -static const yytype_uint8 yyprhs[] = -{ - 0, 0, 3, 5, 8, 10, 14 -}; - -/* YYRHS -- A `-1'-separated list of the rules' RHS. */ -static const yytype_int8 yyrhs[] = -{ - 9, 0, -1, 10, -1, 11, 10, -1, 11, -1, - 3, 5, 4, -1, 3, 5, 6, 10, 7, -1 -}; - -/* YYRLINE[YYN] -- source line where rule number YYN was defined. */ -static const yytype_uint8 yyrline[] = -{ - 0, 67, 67, 73, 78, 81, 90 -}; -#endif - -#if YYDEBUG || YYERROR_VERBOSE || YYTOKEN_TABLE -/* YYTNAME[SYMBOL-NUM] -- String name of the symbol SYMBOL-NUM. - First, the terminals, then, starting at YYNTOKENS, nonterminals. */ -static const char *const yytname[] = -{ - "$end", "error", "$undefined", "LITERAL", "STRING", "'='", "'{'", "'}'", - "$accept", "start", "assignments", "assignment", 0 -}; -#endif - -# ifdef YYPRINT -/* YYTOKNUM[YYLEX-NUM] -- Internal token number corresponding to - token YYLEX-NUM. */ -static const yytype_uint16 yytoknum[] = -{ - 0, 256, 257, 258, 259, 61, 123, 125 -}; -# endif - -/* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */ -static const yytype_uint8 yyr1[] = -{ - 0, 8, 9, 10, 10, 11, 11 -}; - -/* YYR2[YYN] -- Number of symbols composing right hand side of rule YYN. */ -static const yytype_uint8 yyr2[] = -{ - 0, 2, 1, 2, 1, 3, 5 -}; - -/* YYDEFACT[STATE-NAME] -- Default rule to reduce with in state - STATE-NUM when YYTABLE doesn't specify something else to do. Zero - means the default is an error. */ -static const yytype_uint8 yydefact[] = -{ - 0, 0, 0, 2, 4, 0, 1, 3, 5, 0, - 0, 6 -}; - -/* YYDEFGOTO[NTERM-NUM]. */ -static const yytype_int8 yydefgoto[] = -{ - -1, 2, 3, 4 -}; - -/* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing - STATE-NUM. */ -#define YYPACT_NINF -5 -static const yytype_int8 yypact[] = -{ - -1, 1, 4, -5, -1, -3, -5, -5, -5, -1, - 0, -5 -}; - -/* YYPGOTO[NTERM-NUM]. */ -static const yytype_int8 yypgoto[] = -{ - -5, -5, -4, -5 -}; - -/* YYTABLE[YYPACT[STATE-NUM]]. What to do in state STATE-NUM. If - positive, shift that token. If negative, reduce the rule which - number is the opposite. If zero, do what YYDEFACT says. - If YYTABLE_NINF, syntax error. */ -#define YYTABLE_NINF -1 -static const yytype_uint8 yytable[] = -{ - 7, 8, 1, 9, 6, 10, 5, 11 -}; - -static const yytype_uint8 yycheck[] = -{ - 4, 4, 3, 6, 0, 9, 5, 7 -}; - -/* YYSTOS[STATE-NUM] -- The (internal number of the) accessing - symbol of state STATE-NUM. */ -static const yytype_uint8 yystos[] = -{ - 0, 3, 9, 10, 11, 5, 0, 10, 4, 6, - 10, 7 -}; - -#define yyerrok (yyerrstatus = 0) -#define yyclearin (yychar = YYEMPTY) -#define YYEMPTY (-2) -#define YYEOF 0 - -#define YYACCEPT goto yyacceptlab -#define YYABORT goto yyabortlab -#define YYERROR goto yyerrorlab - - -/* Like YYERROR except do call yyerror. This remains here temporarily - to ease the transition to the new meaning of YYERROR, for GCC. - Once GCC version 2 has supplanted version 1, this can go. */ - -#define YYFAIL goto yyerrlab - -#define YYRECOVERING() (!!yyerrstatus) - -#define YYBACKUP(Token, Value) \ -do \ - if (yychar == YYEMPTY && yylen == 1) \ - { \ - yychar = (Token); \ - yylval = (Value); \ - yytoken = YYTRANSLATE (yychar); \ - YYPOPSTACK (1); \ - goto yybackup; \ - } \ - else \ - { \ - yyerror (YY_("syntax error: cannot back up")); \ - YYERROR; \ - } \ -while (YYID (0)) - - -#define YYTERROR 1 -#define YYERRCODE 256 - - -/* YYLLOC_DEFAULT -- Set CURRENT to span from RHS[1] to RHS[N]. - If N is 0, then set CURRENT to the empty location which ends - the previous symbol: RHS[0] (always defined). */ - -#define YYRHSLOC(Rhs, K) ((Rhs)[K]) -#ifndef YYLLOC_DEFAULT -# define YYLLOC_DEFAULT(Current, Rhs, N) \ - do \ - if (YYID (N)) \ - { \ - (Current).first_line = YYRHSLOC (Rhs, 1).first_line; \ - (Current).first_column = YYRHSLOC (Rhs, 1).first_column; \ - (Current).last_line = YYRHSLOC (Rhs, N).last_line; \ - (Current).last_column = YYRHSLOC (Rhs, N).last_column; \ - } \ - else \ - { \ - (Current).first_line = (Current).last_line = \ - YYRHSLOC (Rhs, 0).last_line; \ - (Current).first_column = (Current).last_column = \ - YYRHSLOC (Rhs, 0).last_column; \ - } \ - while (YYID (0)) -#endif - - -/* YY_LOCATION_PRINT -- Print the location on the stream. - This macro was not mandated originally: define only if we know - we won't break user code: when these are the locations we know. */ - -#ifndef YY_LOCATION_PRINT -# if defined YYLTYPE_IS_TRIVIAL && YYLTYPE_IS_TRIVIAL -# define YY_LOCATION_PRINT(File, Loc) \ - fprintf (File, "%d.%d-%d.%d", \ - (Loc).first_line, (Loc).first_column, \ - (Loc).last_line, (Loc).last_column) -# else -# define YY_LOCATION_PRINT(File, Loc) ((void) 0) -# endif -#endif - - -/* YYLEX -- calling `yylex' with the right arguments. */ - -#ifdef YYLEX_PARAM -# define YYLEX yylex (YYLEX_PARAM) -#else -# define YYLEX yylex () -#endif - -/* Enable debugging if requested. */ -#if YYDEBUG - -# ifndef YYFPRINTF -# include /* INFRINGES ON USER NAME SPACE */ -# define YYFPRINTF fprintf -# endif - -# define YYDPRINTF(Args) \ -do { \ - if (yydebug) \ - YYFPRINTF Args; \ -} while (YYID (0)) - -# define YY_SYMBOL_PRINT(Title, Type, Value, Location) \ -do { \ - if (yydebug) \ - { \ - YYFPRINTF (stderr, "%s ", Title); \ - yy_symbol_print (stderr, \ - Type, Value); \ - YYFPRINTF (stderr, "\n"); \ - } \ -} while (YYID (0)) - - -/*--------------------------------. -| Print this symbol on YYOUTPUT. | -`--------------------------------*/ - -/*ARGSUSED*/ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yy_symbol_value_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep) -#else -static void -yy_symbol_value_print (yyoutput, yytype, yyvaluep) - FILE *yyoutput; - int yytype; - YYSTYPE const * const yyvaluep; -#endif -{ - if (!yyvaluep) - return; -# ifdef YYPRINT - if (yytype < YYNTOKENS) - YYPRINT (yyoutput, yytoknum[yytype], *yyvaluep); -# else - YYUSE (yyoutput); -# endif - switch (yytype) - { - default: - break; - } -} - - -/*--------------------------------. -| Print this symbol on YYOUTPUT. | -`--------------------------------*/ - -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yy_symbol_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep) -#else -static void -yy_symbol_print (yyoutput, yytype, yyvaluep) - FILE *yyoutput; - int yytype; - YYSTYPE const * const yyvaluep; -#endif -{ - if (yytype < YYNTOKENS) - YYFPRINTF (yyoutput, "token %s (", yytname[yytype]); - else - YYFPRINTF (yyoutput, "nterm %s (", yytname[yytype]); - - yy_symbol_value_print (yyoutput, yytype, yyvaluep); - YYFPRINTF (yyoutput, ")"); -} - -/*------------------------------------------------------------------. -| yy_stack_print -- Print the state stack from its BOTTOM up to its | -| TOP (included). | -`------------------------------------------------------------------*/ - -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yy_stack_print (yytype_int16 *bottom, yytype_int16 *top) -#else -static void -yy_stack_print (bottom, top) - yytype_int16 *bottom; - yytype_int16 *top; -#endif -{ - YYFPRINTF (stderr, "Stack now"); - for (; bottom <= top; ++bottom) - YYFPRINTF (stderr, " %d", *bottom); - YYFPRINTF (stderr, "\n"); -} - -# define YY_STACK_PRINT(Bottom, Top) \ -do { \ - if (yydebug) \ - yy_stack_print ((Bottom), (Top)); \ -} while (YYID (0)) - - -/*------------------------------------------------. -| Report that the YYRULE is going to be reduced. | -`------------------------------------------------*/ - -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yy_reduce_print (YYSTYPE *yyvsp, int yyrule) -#else -static void -yy_reduce_print (yyvsp, yyrule) - YYSTYPE *yyvsp; - int yyrule; -#endif -{ - int yynrhs = yyr2[yyrule]; - int yyi; - unsigned long int yylno = yyrline[yyrule]; - YYFPRINTF (stderr, "Reducing stack by rule %d (line %lu):\n", - yyrule - 1, yylno); - /* The symbols being reduced. */ - for (yyi = 0; yyi < yynrhs; yyi++) - { - fprintf (stderr, " $%d = ", yyi + 1); - yy_symbol_print (stderr, yyrhs[yyprhs[yyrule] + yyi], - &(yyvsp[(yyi + 1) - (yynrhs)]) - ); - fprintf (stderr, "\n"); - } -} - -# define YY_REDUCE_PRINT(Rule) \ -do { \ - if (yydebug) \ - yy_reduce_print (yyvsp, Rule); \ -} while (YYID (0)) - -/* Nonzero means print parse trace. It is left uninitialized so that - multiple parsers can coexist. */ -int yydebug; -#else /* !YYDEBUG */ -# define YYDPRINTF(Args) -# define YY_SYMBOL_PRINT(Title, Type, Value, Location) -# define YY_STACK_PRINT(Bottom, Top) -# define YY_REDUCE_PRINT(Rule) -#endif /* !YYDEBUG */ - - -/* YYINITDEPTH -- initial size of the parser's stacks. */ -#ifndef YYINITDEPTH -# define YYINITDEPTH 200 -#endif - -/* YYMAXDEPTH -- maximum size the stacks can grow to (effective only - if the built-in stack extension method is used). - - Do not make this value too large; the results are undefined if - YYSTACK_ALLOC_MAXIMUM < YYSTACK_BYTES (YYMAXDEPTH) - evaluated with infinite-precision integer arithmetic. */ - -#ifndef YYMAXDEPTH -# define YYMAXDEPTH 10000 -#endif - - - -#if YYERROR_VERBOSE - -# ifndef yystrlen -# if defined __GLIBC__ && defined _STRING_H -# define yystrlen strlen -# else -/* Return the length of YYSTR. */ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static YYSIZE_T -yystrlen (const char *yystr) -#else -static YYSIZE_T -yystrlen (yystr) - const char *yystr; -#endif -{ - YYSIZE_T yylen; - for (yylen = 0; yystr[yylen]; yylen++) - continue; - return yylen; -} -# endif -# endif - -# ifndef yystpcpy -# if defined __GLIBC__ && defined _STRING_H && defined _GNU_SOURCE -# define yystpcpy stpcpy -# else -/* Copy YYSRC to YYDEST, returning the address of the terminating '\0' in - YYDEST. */ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static char * -yystpcpy (char *yydest, const char *yysrc) -#else -static char * -yystpcpy (yydest, yysrc) - char *yydest; - const char *yysrc; -#endif -{ - char *yyd = yydest; - const char *yys = yysrc; - - while ((*yyd++ = *yys++) != '\0') - continue; - - return yyd - 1; -} -# endif -# endif - -# ifndef yytnamerr -/* Copy to YYRES the contents of YYSTR after stripping away unnecessary - quotes and backslashes, so that it's suitable for yyerror. The - heuristic is that double-quoting is unnecessary unless the string - contains an apostrophe, a comma, or backslash (other than - backslash-backslash). YYSTR is taken from yytname. If YYRES is - null, do not copy; instead, return the length of what the result - would have been. */ -static YYSIZE_T -yytnamerr (char *yyres, const char *yystr) -{ - if (*yystr == '"') - { - YYSIZE_T yyn = 0; - char const *yyp = yystr; - - for (;;) - switch (*++yyp) - { - case '\'': - case ',': - goto do_not_strip_quotes; - - case '\\': - if (*++yyp != '\\') - goto do_not_strip_quotes; - /* Fall through. */ - default: - if (yyres) - yyres[yyn] = *yyp; - yyn++; - break; - - case '"': - if (yyres) - yyres[yyn] = '\0'; - return yyn; - } - do_not_strip_quotes: ; - } - - if (! yyres) - return yystrlen (yystr); - - return yystpcpy (yyres, yystr) - yyres; -} -# endif - -/* Copy into YYRESULT an error message about the unexpected token - YYCHAR while in state YYSTATE. Return the number of bytes copied, - including the terminating null byte. If YYRESULT is null, do not - copy anything; just return the number of bytes that would be - copied. As a special case, return 0 if an ordinary "syntax error" - message will do. Return YYSIZE_MAXIMUM if overflow occurs during - size calculation. */ -static YYSIZE_T -yysyntax_error (char *yyresult, int yystate, int yychar) -{ - int yyn = yypact[yystate]; - - if (! (YYPACT_NINF < yyn && yyn <= YYLAST)) - return 0; - else - { - int yytype = YYTRANSLATE (yychar); - YYSIZE_T yysize0 = yytnamerr (0, yytname[yytype]); - YYSIZE_T yysize = yysize0; - YYSIZE_T yysize1; - int yysize_overflow = 0; - enum { YYERROR_VERBOSE_ARGS_MAXIMUM = 5 }; - char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM]; - int yyx; - -# if 0 - /* This is so xgettext sees the translatable formats that are - constructed on the fly. */ - YY_("syntax error, unexpected %s"); - YY_("syntax error, unexpected %s, expecting %s"); - YY_("syntax error, unexpected %s, expecting %s or %s"); - YY_("syntax error, unexpected %s, expecting %s or %s or %s"); - YY_("syntax error, unexpected %s, expecting %s or %s or %s or %s"); -# endif - char *yyfmt; - char const *yyf; - static char const yyunexpected[] = "syntax error, unexpected %s"; - static char const yyexpecting[] = ", expecting %s"; - static char const yyor[] = " or %s"; - char yyformat[sizeof yyunexpected - + sizeof yyexpecting - 1 - + ((YYERROR_VERBOSE_ARGS_MAXIMUM - 2) - * (sizeof yyor - 1))]; - char const *yyprefix = yyexpecting; - - /* Start YYX at -YYN if negative to avoid negative indexes in - YYCHECK. */ - int yyxbegin = yyn < 0 ? -yyn : 0; - - /* Stay within bounds of both yycheck and yytname. */ - int yychecklim = YYLAST - yyn + 1; - int yyxend = yychecklim < YYNTOKENS ? yychecklim : YYNTOKENS; - int yycount = 1; - - yyarg[0] = yytname[yytype]; - yyfmt = yystpcpy (yyformat, yyunexpected); - - for (yyx = yyxbegin; yyx < yyxend; ++yyx) - if (yycheck[yyx + yyn] == yyx && yyx != YYTERROR) - { - if (yycount == YYERROR_VERBOSE_ARGS_MAXIMUM) - { - yycount = 1; - yysize = yysize0; - yyformat[sizeof yyunexpected - 1] = '\0'; - break; - } - yyarg[yycount++] = yytname[yyx]; - yysize1 = yysize + yytnamerr (0, yytname[yyx]); - yysize_overflow |= (yysize1 < yysize); - yysize = yysize1; - yyfmt = yystpcpy (yyfmt, yyprefix); - yyprefix = yyor; - } - - yyf = YY_(yyformat); - yysize1 = yysize + yystrlen (yyf); - yysize_overflow |= (yysize1 < yysize); - yysize = yysize1; - - if (yysize_overflow) - return YYSIZE_MAXIMUM; - - if (yyresult) - { - /* Avoid sprintf, as that infringes on the user's name space. - Don't have undefined behavior even if the translation - produced a string with the wrong number of "%s"s. */ - char *yyp = yyresult; - int yyi = 0; - while ((*yyp = *yyf) != '\0') - { - if (*yyp == '%' && yyf[1] == 's' && yyi < yycount) - { - yyp += yytnamerr (yyp, yyarg[yyi++]); - yyf += 2; - } - else - { - yyp++; - yyf++; - } - } - } - return yysize; - } -} -#endif /* YYERROR_VERBOSE */ - - -/*-----------------------------------------------. -| Release the memory associated to this symbol. | -`-----------------------------------------------*/ - -/*ARGSUSED*/ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -static void -yydestruct (const char *yymsg, int yytype, YYSTYPE *yyvaluep) -#else -static void -yydestruct (yymsg, yytype, yyvaluep) - const char *yymsg; - int yytype; - YYSTYPE *yyvaluep; -#endif -{ - YYUSE (yyvaluep); - - if (!yymsg) - yymsg = "Deleting"; - YY_SYMBOL_PRINT (yymsg, yytype, yyvaluep, yylocationp); - - switch (yytype) - { - - default: - break; - } -} - - -/* Prevent warnings from -Wmissing-prototypes. */ - -#ifdef YYPARSE_PARAM -#if defined __STDC__ || defined __cplusplus -int yyparse (void *YYPARSE_PARAM); -#else -int yyparse (); -#endif -#else /* ! YYPARSE_PARAM */ -#if defined __STDC__ || defined __cplusplus -int yyparse (void); -#else -int yyparse (); -#endif -#endif /* ! YYPARSE_PARAM */ - - - -/* The look-ahead symbol. */ -int yychar; - -/* The semantic value of the look-ahead symbol. */ -YYSTYPE yylval; - -/* Number of syntax errors so far. */ -int yynerrs; - - - -/*----------. -| yyparse. | -`----------*/ - -#ifdef YYPARSE_PARAM -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -int -yyparse (void *YYPARSE_PARAM) -#else -int -yyparse (YYPARSE_PARAM) - void *YYPARSE_PARAM; -#endif -#else /* ! YYPARSE_PARAM */ -#if (defined __STDC__ || defined __C99__FUNC__ \ - || defined __cplusplus || defined _MSC_VER) -int -yyparse (void) -#else -int -yyparse () - -#endif -#endif -{ - - int yystate; - int yyn; - int yyresult; - /* Number of tokens to shift before error messages enabled. */ - int yyerrstatus; - /* Look-ahead token as an internal (translated) token number. */ - int yytoken = 0; -#if YYERROR_VERBOSE - /* Buffer for error messages, and its allocated size. */ - char yymsgbuf[128]; - char *yymsg = yymsgbuf; - YYSIZE_T yymsg_alloc = sizeof yymsgbuf; -#endif - - /* Three stacks and their tools: - `yyss': related to states, - `yyvs': related to semantic values, - `yyls': related to locations. - - Refer to the stacks thru separate pointers, to allow yyoverflow - to reallocate them elsewhere. */ - - /* The state stack. */ - yytype_int16 yyssa[YYINITDEPTH]; - yytype_int16 *yyss = yyssa; - yytype_int16 *yyssp; - - /* The semantic value stack. */ - YYSTYPE yyvsa[YYINITDEPTH]; - YYSTYPE *yyvs = yyvsa; - YYSTYPE *yyvsp; - - - -#define YYPOPSTACK(N) (yyvsp -= (N), yyssp -= (N)) - - YYSIZE_T yystacksize = YYINITDEPTH; - - /* The variables used to return semantic value and location from the - action routines. */ - YYSTYPE yyval; - - - /* The number of symbols on the RHS of the reduced rule. - Keep to zero when no symbol should be popped. */ - int yylen = 0; - - YYDPRINTF ((stderr, "Starting parse\n")); - - yystate = 0; - yyerrstatus = 0; - yynerrs = 0; - yychar = YYEMPTY; /* Cause a token to be read. */ - - /* Initialize stack pointers. - Waste one element of value and location stack - so that they stay on the same level as the state stack. - The wasted elements are never initialized. */ - - yyssp = yyss; - yyvsp = yyvs; - - goto yysetstate; - -/*------------------------------------------------------------. -| yynewstate -- Push a new state, which is found in yystate. | -`------------------------------------------------------------*/ - yynewstate: - /* In all cases, when you get here, the value and location stacks - have just been pushed. So pushing a state here evens the stacks. */ - yyssp++; - - yysetstate: - *yyssp = yystate; - - if (yyss + yystacksize - 1 <= yyssp) - { - /* Get the current used size of the three stacks, in elements. */ - YYSIZE_T yysize = yyssp - yyss + 1; - -#ifdef yyoverflow - { - /* Give user a chance to reallocate the stack. Use copies of - these so that the &'s don't force the real ones into - memory. */ - YYSTYPE *yyvs1 = yyvs; - yytype_int16 *yyss1 = yyss; - - - /* Each stack pointer address is followed by the size of the - data in use in that stack, in bytes. This used to be a - conditional around just the two extra args, but that might - be undefined if yyoverflow is a macro. */ - yyoverflow (YY_("memory exhausted"), - &yyss1, yysize * sizeof (*yyssp), - &yyvs1, yysize * sizeof (*yyvsp), - - &yystacksize); - - yyss = yyss1; - yyvs = yyvs1; - } -#else /* no yyoverflow */ -# ifndef YYSTACK_RELOCATE - goto yyexhaustedlab; -# else - /* Extend the stack our own way. */ - if (YYMAXDEPTH <= yystacksize) - goto yyexhaustedlab; - yystacksize *= 2; - if (YYMAXDEPTH < yystacksize) - yystacksize = YYMAXDEPTH; - - { - yytype_int16 *yyss1 = yyss; - union yyalloc *yyptr = - (union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize)); - if (! yyptr) - goto yyexhaustedlab; - YYSTACK_RELOCATE (yyss); - YYSTACK_RELOCATE (yyvs); - -# undef YYSTACK_RELOCATE - if (yyss1 != yyssa) - YYSTACK_FREE (yyss1); - } -# endif -#endif /* no yyoverflow */ - - yyssp = yyss + yysize - 1; - yyvsp = yyvs + yysize - 1; - - - YYDPRINTF ((stderr, "Stack size increased to %lu\n", - (unsigned long int) yystacksize)); - - if (yyss + yystacksize - 1 <= yyssp) - YYABORT; - } - - YYDPRINTF ((stderr, "Entering state %d\n", yystate)); - - goto yybackup; - -/*-----------. -| yybackup. | -`-----------*/ -yybackup: - - /* Do appropriate processing given the current state. Read a - look-ahead token if we need one and don't already have one. */ - - /* First try to decide what to do without reference to look-ahead token. */ - yyn = yypact[yystate]; - if (yyn == YYPACT_NINF) - goto yydefault; - - /* Not known => get a look-ahead token if don't already have one. */ - - /* YYCHAR is either YYEMPTY or YYEOF or a valid look-ahead symbol. */ - if (yychar == YYEMPTY) - { - YYDPRINTF ((stderr, "Reading a token: ")); - yychar = YYLEX; - } - - if (yychar <= YYEOF) - { - yychar = yytoken = YYEOF; - YYDPRINTF ((stderr, "Now at end of input.\n")); - } - else - { - yytoken = YYTRANSLATE (yychar); - YY_SYMBOL_PRINT ("Next token is", yytoken, &yylval, &yylloc); - } - - /* If the proper action on seeing token YYTOKEN is to reduce or to - detect an error, take that action. */ - yyn += yytoken; - if (yyn < 0 || YYLAST < yyn || yycheck[yyn] != yytoken) - goto yydefault; - yyn = yytable[yyn]; - if (yyn <= 0) - { - if (yyn == 0 || yyn == YYTABLE_NINF) - goto yyerrlab; - yyn = -yyn; - goto yyreduce; - } - - if (yyn == YYFINAL) - YYACCEPT; - - /* Count tokens shifted since error; after three, turn off error - status. */ - if (yyerrstatus) - yyerrstatus--; - - /* Shift the look-ahead token. */ - YY_SYMBOL_PRINT ("Shifting", yytoken, &yylval, &yylloc); - - /* Discard the shifted token unless it is eof. */ - if (yychar != YYEOF) - yychar = YYEMPTY; - - yystate = yyn; - *++yyvsp = yylval; - - goto yynewstate; - - -/*-----------------------------------------------------------. -| yydefault -- do the default action for the current state. | -`-----------------------------------------------------------*/ -yydefault: - yyn = yydefact[yystate]; - if (yyn == 0) - goto yyerrlab; - goto yyreduce; - - -/*-----------------------------. -| yyreduce -- Do a reduction. | -`-----------------------------*/ -yyreduce: - /* yyn is the number of a rule to reduce with. */ - yylen = yyr2[yyn]; - - /* If YYLEN is nonzero, implement the default value of the action: - `$$ = $1'. - - Otherwise, the following line sets YYVAL to garbage. - This behavior is undocumented and Bison - users should not rely upon it. Assigning to YYVAL - unconditionally makes the parser a bit smaller, and it avoids a - GCC warning that YYVAL may be used uninitialized. */ - yyval = yyvsp[1-yylen]; - - - YY_REDUCE_PRINT (yyn); - switch (yyn) - { - case 2: -#line 68 "slc-gram.y" - { - assignment = (yyvsp[(1) - (1)].assignment); - } - break; - - case 3: -#line 74 "slc-gram.y" - { - (yyvsp[(1) - (2)].assignment)->next = (yyvsp[(2) - (2)].assignment); - (yyval.assignment) = (yyvsp[(1) - (2)].assignment); - } - break; - - case 5: -#line 82 "slc-gram.y" - { - (yyval.assignment) = malloc(sizeof(*(yyval.assignment))); - (yyval.assignment)->name = (yyvsp[(1) - (3)].string); - (yyval.assignment)->type = a_value; - (yyval.assignment)->lineno = lineno; - (yyval.assignment)->u.value = (yyvsp[(3) - (3)].string); - (yyval.assignment)->next = NULL; - } - break; - - case 6: -#line 91 "slc-gram.y" - { - (yyval.assignment) = malloc(sizeof(*(yyval.assignment))); - (yyval.assignment)->name = (yyvsp[(1) - (5)].string); - (yyval.assignment)->type = a_assignment; - (yyval.assignment)->lineno = lineno; - (yyval.assignment)->u.assignment = (yyvsp[(4) - (5)].assignment); - (yyval.assignment)->next = NULL; - } - break; - - -/* Line 1267 of yacc.c. */ -#line 1397 "slc-gram.c" - default: break; - } - YY_SYMBOL_PRINT ("-> $$ =", yyr1[yyn], &yyval, &yyloc); - - YYPOPSTACK (yylen); - yylen = 0; - YY_STACK_PRINT (yyss, yyssp); - - *++yyvsp = yyval; - - - /* Now `shift' the result of the reduction. Determine what state - that goes to, based on the state we popped back to and the rule - number reduced by. */ - - yyn = yyr1[yyn]; - - yystate = yypgoto[yyn - YYNTOKENS] + *yyssp; - if (0 <= yystate && yystate <= YYLAST && yycheck[yystate] == *yyssp) - yystate = yytable[yystate]; - else - yystate = yydefgoto[yyn - YYNTOKENS]; - - goto yynewstate; - - -/*------------------------------------. -| yyerrlab -- here on detecting error | -`------------------------------------*/ -yyerrlab: - /* If not already recovering from an error, report this error. */ - if (!yyerrstatus) - { - ++yynerrs; -#if ! YYERROR_VERBOSE - yyerror (YY_("syntax error")); -#else - { - YYSIZE_T yysize = yysyntax_error (0, yystate, yychar); - if (yymsg_alloc < yysize && yymsg_alloc < YYSTACK_ALLOC_MAXIMUM) - { - YYSIZE_T yyalloc = 2 * yysize; - if (! (yysize <= yyalloc && yyalloc <= YYSTACK_ALLOC_MAXIMUM)) - yyalloc = YYSTACK_ALLOC_MAXIMUM; - if (yymsg != yymsgbuf) - YYSTACK_FREE (yymsg); - yymsg = (char *) YYSTACK_ALLOC (yyalloc); - if (yymsg) - yymsg_alloc = yyalloc; - else - { - yymsg = yymsgbuf; - yymsg_alloc = sizeof yymsgbuf; - } - } - - if (0 < yysize && yysize <= yymsg_alloc) - { - (void) yysyntax_error (yymsg, yystate, yychar); - yyerror (yymsg); - } - else - { - yyerror (YY_("syntax error")); - if (yysize != 0) - goto yyexhaustedlab; - } - } -#endif - } - - - - if (yyerrstatus == 3) - { - /* If just tried and failed to reuse look-ahead token after an - error, discard it. */ - - if (yychar <= YYEOF) - { - /* Return failure if at end of input. */ - if (yychar == YYEOF) - YYABORT; - } - else - { - yydestruct ("Error: discarding", - yytoken, &yylval); - yychar = YYEMPTY; - } - } - - /* Else will try to reuse look-ahead token after shifting the error - token. */ - goto yyerrlab1; - - -/*---------------------------------------------------. -| yyerrorlab -- error raised explicitly by YYERROR. | -`---------------------------------------------------*/ -yyerrorlab: - - /* Pacify compilers like GCC when the user code never invokes - YYERROR and the label yyerrorlab therefore never appears in user - code. */ - if (/*CONSTCOND*/ 0) - goto yyerrorlab; - - /* Do not reclaim the symbols of the rule which action triggered - this YYERROR. */ - YYPOPSTACK (yylen); - yylen = 0; - YY_STACK_PRINT (yyss, yyssp); - yystate = *yyssp; - goto yyerrlab1; - - -/*-------------------------------------------------------------. -| yyerrlab1 -- common code for both syntax error and YYERROR. | -`-------------------------------------------------------------*/ -yyerrlab1: - yyerrstatus = 3; /* Each real token shifted decrements this. */ - - for (;;) - { - yyn = yypact[yystate]; - if (yyn != YYPACT_NINF) - { - yyn += YYTERROR; - if (0 <= yyn && yyn <= YYLAST && yycheck[yyn] == YYTERROR) - { - yyn = yytable[yyn]; - if (0 < yyn) - break; - } - } - - /* Pop the current state because it cannot handle the error token. */ - if (yyssp == yyss) - YYABORT; - - - yydestruct ("Error: popping", - yystos[yystate], yyvsp); - YYPOPSTACK (1); - yystate = *yyssp; - YY_STACK_PRINT (yyss, yyssp); - } - - if (yyn == YYFINAL) - YYACCEPT; - - *++yyvsp = yylval; - - - /* Shift the error token. */ - YY_SYMBOL_PRINT ("Shifting", yystos[yyn], yyvsp, yylsp); - - yystate = yyn; - goto yynewstate; - - -/*-------------------------------------. -| yyacceptlab -- YYACCEPT comes here. | -`-------------------------------------*/ -yyacceptlab: - yyresult = 0; - goto yyreturn; - -/*-----------------------------------. -| yyabortlab -- YYABORT comes here. | -`-----------------------------------*/ -yyabortlab: - yyresult = 1; - goto yyreturn; - -#ifndef yyoverflow -/*-------------------------------------------------. -| yyexhaustedlab -- memory exhaustion comes here. | -`-------------------------------------------------*/ -yyexhaustedlab: - yyerror (YY_("memory exhausted")); - yyresult = 2; - /* Fall through. */ -#endif - -yyreturn: - if (yychar != YYEOF && yychar != YYEMPTY) - yydestruct ("Cleanup: discarding lookahead", - yytoken, &yylval); - /* Do not reclaim the symbols of the rule which action triggered - this YYABORT or YYACCEPT. */ - YYPOPSTACK (yylen); - YY_STACK_PRINT (yyss, yyssp); - while (yyssp != yyss) - { - yydestruct ("Cleanup: popping", - yystos[*yyssp], yyvsp); - YYPOPSTACK (1); - } -#ifndef yyoverflow - if (yyss != yyssa) - YYSTACK_FREE (yyss); -#endif -#if YYERROR_VERBOSE - if (yymsg != yymsgbuf) - YYSTACK_FREE (yymsg); -#endif - /* Make sure YYID is used. */ - return YYID (yyresult); -} - - -#line 101 "slc-gram.y" - -char *filename; -FILE *cfile, *hfile; -int error_flag; -struct assignment *assignment; - - -static void -ex(struct assignment *a, const char *fmt, ...) -{ - va_list ap; - fprintf(stderr, "%s:%d: ", a->name, a->lineno); - va_start(ap, fmt); - vfprintf(stderr, fmt, ap); - va_end(ap); - fprintf(stderr, "\n"); -} - - - -static int -check_option(struct assignment *as) -{ - struct assignment *a; - int seen_long = 0; - int seen_short = 0; - int seen_type = 0; - int seen_argument = 0; - int seen_help = 0; - int seen_default = 0; - int ret = 0; - - for(a = as; a != NULL; a = a->next) { - if(strcmp(a->name, "long") == 0) - seen_long++; - else if(strcmp(a->name, "short") == 0) - seen_short++; - else if(strcmp(a->name, "type") == 0) - seen_type++; - else if(strcmp(a->name, "argument") == 0) - seen_argument++; - else if(strcmp(a->name, "help") == 0) - seen_help++; - else if(strcmp(a->name, "default") == 0) - seen_default++; - else { - ex(a, "unknown name"); - ret++; - } - } - if(seen_long == 0 && seen_short == 0) { - ex(as, "neither long nor short option"); - ret++; - } - if(seen_long > 1) { - ex(as, "multiple long options"); - ret++; - } - if(seen_short > 1) { - ex(as, "multiple short options"); - ret++; - } - if(seen_type > 1) { - ex(as, "multiple types"); - ret++; - } - if(seen_argument > 1) { - ex(as, "multiple arguments"); - ret++; - } - if(seen_help > 1) { - ex(as, "multiple help strings"); - ret++; - } - if(seen_default > 1) { - ex(as, "multiple default values"); - ret++; - } - return ret; -} - -static int -check_command(struct assignment *as) -{ - struct assignment *a; - int seen_name = 0; - int seen_function = 0; - int seen_help = 0; - int seen_argument = 0; - int seen_minargs = 0; - int seen_maxargs = 0; - int ret = 0; - for(a = as; a != NULL; a = a->next) { - if(strcmp(a->name, "name") == 0) - seen_name++; - else if(strcmp(a->name, "function") == 0) { - seen_function++; - } else if(strcmp(a->name, "option") == 0) - ret += check_option(a->u.assignment); - else if(strcmp(a->name, "help") == 0) { - seen_help++; - } else if(strcmp(a->name, "argument") == 0) { - seen_argument++; - } else if(strcmp(a->name, "min_args") == 0) { - seen_minargs++; - } else if(strcmp(a->name, "max_args") == 0) { - seen_maxargs++; - } else { - ex(a, "unknown name"); - ret++; - } - } - if(seen_name == 0) { - ex(as, "no command name"); - ret++; - } - if(seen_function > 1) { - ex(as, "multiple function names"); - ret++; - } - if(seen_help > 1) { - ex(as, "multiple help strings"); - ret++; - } - if(seen_argument > 1) { - ex(as, "multiple argument strings"); - ret++; - } - if(seen_minargs > 1) { - ex(as, "multiple min_args strings"); - ret++; - } - if(seen_maxargs > 1) { - ex(as, "multiple max_args strings"); - ret++; - } - - return ret; -} - -static int -check(struct assignment *as) -{ - struct assignment *a; - int ret = 0; - for(a = as; a != NULL; a = a->next) { - if(strcmp(a->name, "command")) { - fprintf(stderr, "unknown type %s line %d\n", a->name, a->lineno); - ret++; - continue; - } - if(a->type != a_assignment) { - fprintf(stderr, "bad command definition %s line %d\n", a->name, a->lineno); - ret++; - continue; - } - ret += check_command(a->u.assignment); - } - return ret; -} - -static struct assignment * -find_next(struct assignment *as, const char *name) -{ - for(as = as->next; as != NULL; as = as->next) { - if(strcmp(as->name, name) == 0) - return as; - } - return NULL; -} - -static struct assignment * -find(struct assignment *as, const char *name) -{ - for(; as != NULL; as = as->next) { - if(strcmp(as->name, name) == 0) - return as; - } - return NULL; -} - -static void -space(FILE *f, int level) -{ - fprintf(f, "%*.*s", level * 4, level * 4, " "); -} - -static void -cprint(int level, const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - space(cfile, level); - vfprintf(cfile, fmt, ap); - va_end(ap); -} - -static void -hprint(int level, const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - space(hfile, level); - vfprintf(hfile, fmt, ap); - va_end(ap); -} - -static void gen_name(char *str); - -static void -gen_command(struct assignment *as) -{ - struct assignment *a, *b; - char *f; - a = find(as, "name"); - f = strdup(a->u.value); - gen_name(f); - cprint(1, " { "); - fprintf(cfile, "\"%s\", ", a->u.value); - fprintf(cfile, "%s_wrap, ", f); - b = find(as, "argument"); - if(b) - fprintf(cfile, "\"%s %s\", ", a->u.value, b->u.value); - else - fprintf(cfile, "\"%s\", ", a->u.value); - b = find(as, "help"); - if(b) - fprintf(cfile, "\"%s\"", b->u.value); - else - fprintf(cfile, "NULL"); - fprintf(cfile, " },\n"); - for(a = a->next; a != NULL; a = a->next) - if(strcmp(a->name, "name") == 0) - cprint(1, " { \"%s\" },\n", a->u.value); - cprint(0, "\n"); -} - -static void -gen_name(char *str) -{ - char *p; - for(p = str; *p != '\0'; p++) - if(!isalnum((unsigned char)*p)) - *p = '_'; -} - -static char * -make_name(struct assignment *as) -{ - struct assignment *lopt; - struct assignment *type; - char *s; - - lopt = find(as, "long"); - if(lopt == NULL) - lopt = find(as, "name"); - if(lopt == NULL) - return NULL; - - type = find(as, "type"); - if(strcmp(type->u.value, "-flag") == 0) - asprintf(&s, "%s_flag", lopt->u.value); - else - asprintf(&s, "%s_%s", lopt->u.value, type->u.value); - gen_name(s); - return s; -} - - -static void defval_int(const char *name, struct assignment *defval) -{ - if(defval != NULL) - cprint(1, "opt.%s = %s;\n", name, defval->u.value); - else - cprint(1, "opt.%s = 0;\n", name); -} -static void defval_string(const char *name, struct assignment *defval) -{ - if(defval != NULL) - cprint(1, "opt.%s = \"%s\";\n", name, defval->u.value); - else - cprint(1, "opt.%s = NULL;\n", name); -} -static void defval_strings(const char *name, struct assignment *defval) -{ - cprint(1, "opt.%s.num_strings = 0;\n", name); - cprint(1, "opt.%s.strings = NULL;\n", name); -} - -static void free_strings(const char *name) -{ - cprint(1, "free_getarg_strings (&opt.%s);\n", name); -} - -struct type_handler { - const char *typename; - const char *c_type; - const char *getarg_type; - void (*defval)(const char*, struct assignment*); - void (*free)(const char*); -} type_handlers[] = { - { "integer", - "int", - "arg_integer", - defval_int, - NULL - }, - { "string", - "char*", - "arg_string", - defval_string, - NULL - }, - { "strings", - "struct getarg_strings", - "arg_strings", - defval_strings, - free_strings - }, - { "flag", - "int", - "arg_flag", - defval_int, - NULL - }, - { "-flag", - "int", - "arg_negative_flag", - defval_int, - NULL - }, - { NULL } -}; - -static struct type_handler *find_handler(struct assignment *type) -{ - struct type_handler *th; - for(th = type_handlers; th->typename != NULL; th++) - if(strcmp(type->u.value, th->typename) == 0) - return th; - ex(type, "unknown type \"%s\"", type->u.value); - exit(1); -} - -static void -gen_options(struct assignment *opt1, const char *name) -{ - struct assignment *tmp; - - hprint(0, "struct %s_options {\n", name); - - for(tmp = opt1; - tmp != NULL; - tmp = find_next(tmp, "option")) { - struct assignment *type; - struct type_handler *th; - char *s; - - s = make_name(tmp->u.assignment); - type = find(tmp->u.assignment, "type"); - th = find_handler(type); - hprint(1, "%s %s;\n", th->c_type, s); - free(s); - } - hprint(0, "};\n"); -} - -static void -gen_wrapper(struct assignment *as) -{ - struct assignment *name; - struct assignment *arg; - struct assignment *opt1; - struct assignment *function; - struct assignment *tmp; - char *n, *f; - int nargs = 0; - - name = find(as, "name"); - n = strdup(name->u.value); - gen_name(n); - arg = find(as, "argument"); - opt1 = find(as, "option"); - function = find(as, "function"); - if(function) - f = function->u.value; - else - f = n; - - - if(opt1 != NULL) { - gen_options(opt1, n); - hprint(0, "int %s(struct %s_options*, int, char **);\n", f, n); - } else { - hprint(0, "int %s(void*, int, char **);\n", f); - } - - fprintf(cfile, "static int\n"); - fprintf(cfile, "%s_wrap(int argc, char **argv)\n", n); - fprintf(cfile, "{\n"); - if(opt1 != NULL) - cprint(1, "struct %s_options opt;\n", n); - cprint(1, "int ret;\n"); - cprint(1, "int optidx = 0;\n"); - cprint(1, "struct getargs args[] = {\n"); - for(tmp = find(as, "option"); - tmp != NULL; - tmp = find_next(tmp, "option")) { - struct assignment *type = find(tmp->u.assignment, "type"); - struct assignment *lopt = find(tmp->u.assignment, "long"); - struct assignment *sopt = find(tmp->u.assignment, "short"); - struct assignment *aarg = find(tmp->u.assignment, "argument"); - struct assignment *help = find(tmp->u.assignment, "help"); - - struct type_handler *th; - - cprint(2, "{ "); - if(lopt) - fprintf(cfile, "\"%s\", ", lopt->u.value); - else - fprintf(cfile, "NULL, "); - if(sopt) - fprintf(cfile, "'%c', ", *sopt->u.value); - else - fprintf(cfile, "0, "); - th = find_handler(type); - fprintf(cfile, "%s, ", th->getarg_type); - fprintf(cfile, "NULL, "); - if(help) - fprintf(cfile, "\"%s\", ", help->u.value); - else - fprintf(cfile, "NULL, "); - if(aarg) - fprintf(cfile, "\"%s\"", aarg->u.value); - else - fprintf(cfile, "NULL"); - fprintf(cfile, " },\n"); - } - cprint(2, "{ \"help\", 'h', arg_flag, NULL, NULL, NULL }\n"); - cprint(1, "};\n"); - cprint(1, "int help_flag = 0;\n"); - - for(tmp = find(as, "option"); - tmp != NULL; - tmp = find_next(tmp, "option")) { - char *s; - struct assignment *type = find(tmp->u.assignment, "type"); - - struct assignment *defval = find(tmp->u.assignment, "default"); - - struct type_handler *th; - - s = make_name(tmp->u.assignment); - th = find_handler(type); - (*th->defval)(s, defval); - free(s); - } - - for(tmp = find(as, "option"); - tmp != NULL; - tmp = find_next(tmp, "option")) { - char *s; - s = make_name(tmp->u.assignment); - cprint(1, "args[%d].value = &opt.%s;\n", nargs++, s); - free(s); - } - cprint(1, "args[%d].value = &help_flag;\n", nargs++); - cprint(1, "if(getarg(args, %d, argc, argv, &optidx))\n", nargs); - cprint(2, "goto usage;\n"); - - { - int min_args = -1; - int max_args = -1; - char *end; - if(arg == NULL) { - max_args = 0; - } else { - if((tmp = find(as, "min_args")) != NULL) { - min_args = strtol(tmp->u.value, &end, 0); - if(*end != '\0') { - ex(tmp, "min_args is not numeric"); - exit(1); - } - if(min_args < 0) { - ex(tmp, "min_args must be non-negative"); - exit(1); - } - } - if((tmp = find(as, "max_args")) != NULL) { - max_args = strtol(tmp->u.value, &end, 0); - if(*end != '\0') { - ex(tmp, "max_args is not numeric"); - exit(1); - } - if(max_args < 0) { - ex(tmp, "max_args must be non-negative"); - exit(1); - } - } - } - if(min_args != -1 || max_args != -1) { - if(min_args == max_args) { - cprint(1, "if(argc - optidx != %d) {\n", - min_args); - cprint(2, "fprintf(stderr, \"Need exactly %u parameters (%%u given).\\n\\n\", argc - optidx);\n", min_args); - cprint(2, "goto usage;\n"); - cprint(1, "}\n"); - } else { - if(max_args != -1) { - cprint(1, "if(argc - optidx > %d) {\n", max_args); - cprint(2, "fprintf(stderr, \"Arguments given (%%u) are more than expected (%u).\\n\\n\", argc - optidx);\n", max_args); - cprint(2, "goto usage;\n"); - cprint(1, "}\n"); - } - if(min_args != -1) { - cprint(1, "if(argc - optidx < %d) {\n", min_args); - cprint(2, "fprintf(stderr, \"Arguments given (%%u) are less than expected (%u).\\n\\n\", argc - optidx);\n", min_args); - cprint(2, "goto usage;\n"); - cprint(1, "}\n"); - } - } - } - } - - cprint(1, "if(help_flag)\n"); - cprint(2, "goto usage;\n"); - - cprint(1, "ret = %s(%s, argc - optidx, argv + optidx);\n", - f, opt1 ? "&opt": "NULL"); - - /* free allocated data */ - for(tmp = find(as, "option"); - tmp != NULL; - tmp = find_next(tmp, "option")) { - char *s; - struct assignment *type = find(tmp->u.assignment, "type"); - struct type_handler *th; - th = find_handler(type); - if(th->free == NULL) - continue; - s = make_name(tmp->u.assignment); - (*th->free)(s); - free(s); - } - cprint(1, "return ret;\n"); - - cprint(0, "usage:\n"); - cprint(1, "arg_printusage (args, %d, \"%s\", \"%s\");\n", nargs, - name->u.value, arg ? arg->u.value : ""); - /* free allocated data */ - for(tmp = find(as, "option"); - tmp != NULL; - tmp = find_next(tmp, "option")) { - char *s; - struct assignment *type = find(tmp->u.assignment, "type"); - struct type_handler *th; - th = find_handler(type); - if(th->free == NULL) - continue; - s = make_name(tmp->u.assignment); - (*th->free)(s); - free(s); - } - cprint(1, "return 0;\n"); - cprint(0, "}\n"); - cprint(0, "\n"); -} - -char cname[PATH_MAX]; -char hname[PATH_MAX]; - -static void -gen(struct assignment *as) -{ - struct assignment *a; - cprint(0, "#include \n"); - cprint(0, "#include \n"); - cprint(0, "#include \n"); - cprint(0, "#include \"%s\"\n\n", hname); - - hprint(0, "#include \n"); - hprint(0, "#include \n"); - hprint(0, "\n"); - - - for(a = as; a != NULL; a = a->next) - gen_wrapper(a->u.assignment); - - cprint(0, "SL_cmd commands[] = {\n"); - for(a = as; a != NULL; a = a->next) - gen_command(a->u.assignment); - cprint(1, "{ NULL }\n"); - cprint(0, "};\n"); - - hprint(0, "extern SL_cmd commands[];\n"); -} - -int version_flag; -int help_flag; -struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; -int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage(int code) -{ - arg_printusage(args, num_args, NULL, "command-table"); - exit(code); -} - -int -main(int argc, char **argv) -{ - char *p; - - int optidx = 0; - - setprogname(argv[0]); - if(getarg(args, num_args, argc, argv, &optidx)) - usage(1); - if(help_flag) - usage(0); - if(version_flag) { - print_version(NULL); - exit(0); - } - - if(argc == optidx) - usage(1); - - filename = argv[optidx]; - yyin = fopen(filename, "r"); - if(yyin == NULL) - err(1, "%s", filename); - p = strrchr(filename, '/'); - if(p) - strlcpy(cname, p + 1, sizeof(cname)); - else - strlcpy(cname, filename, sizeof(cname)); - p = strrchr(cname, '.'); - if(p) - *p = '\0'; - strlcpy(hname, cname, sizeof(hname)); - strlcat(cname, ".c", sizeof(cname)); - strlcat(hname, ".h", sizeof(hname)); - yyparse(); - if(error_flag) - exit(1); - if(check(assignment) == 0) { - cfile = fopen(cname, "w"); - if(cfile == NULL) - err(1, "%s", cname); - hfile = fopen(hname, "w"); - if(hfile == NULL) - err(1, "%s", hname); - gen(assignment); - fclose(cfile); - fclose(hfile); - } - fclose(yyin); - return 0; -} - diff --git a/crypto/heimdal/lib/sl/slc-gram.h b/crypto/heimdal/lib/sl/slc-gram.h deleted file mode 100644 index 1d50c2a66984..000000000000 --- a/crypto/heimdal/lib/sl/slc-gram.h +++ /dev/null @@ -1,69 +0,0 @@ -/* A Bison parser, made by GNU Bison 2.3. */ - -/* Skeleton interface for Bison's Yacc-like parsers in C - - Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 - Free Software Foundation, Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2, or (at your option) - any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, - Boston, MA 02110-1301, USA. */ - -/* As a special exception, you may create a larger work that contains - part or all of the Bison parser skeleton and distribute that work - under terms of your choice, so long as that work isn't itself a - parser generator using the skeleton or a modified version thereof - as a parser skeleton. Alternatively, if you modify or redistribute - the parser skeleton itself, you may (at your option) remove this - special exception, which will cause the skeleton and the resulting - Bison output files to be licensed under the GNU General Public - License without this special exception. - - This special exception was added by the Free Software Foundation in - version 2.2 of Bison. */ - -/* Tokens. */ -#ifndef YYTOKENTYPE -# define YYTOKENTYPE - /* Put the tokens into the symbol table, so that GDB and other debuggers - know about them. */ - enum yytokentype { - LITERAL = 258, - STRING = 259 - }; -#endif -/* Tokens. */ -#define LITERAL 258 -#define STRING 259 - - - - -#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED -typedef union YYSTYPE -#line 54 "slc-gram.y" -{ - char *string; - struct assignment *assignment; -} -/* Line 1529 of yacc.c. */ -#line 62 "slc-gram.h" - YYSTYPE; -# define yystype YYSTYPE /* obsolescent; will be withdrawn */ -# define YYSTYPE_IS_DECLARED 1 -# define YYSTYPE_IS_TRIVIAL 1 -#endif - -extern YYSTYPE yylval; - diff --git a/crypto/heimdal/lib/sl/slc-gram.y b/crypto/heimdal/lib/sl/slc-gram.y deleted file mode 100644 index 7d9fadcb55bd..000000000000 --- a/crypto/heimdal/lib/sl/slc-gram.y +++ /dev/null @@ -1,764 +0,0 @@ -%{ -/* - * Copyright (c) 2004-2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: slc-gram.y 20767 2007-06-01 11:24:52Z lha $"); -#endif - -#include -#include -#include -#include -#include -#include -#include -#include - -#include "slc.h" -extern FILE *yyin; -extern struct assignment *assignment; -%} - -%union { - char *string; - struct assignment *assignment; -} - -%token LITERAL -%token STRING -%type assignment assignments - -%start start - -%% - -start : assignments - { - assignment = $1; - } - ; - -assignments : assignment assignments - { - $1->next = $2; - $$ = $1; - } - | assignment - ; - -assignment : LITERAL '=' STRING - { - $$ = malloc(sizeof(*$$)); - $$->name = $1; - $$->type = a_value; - $$->lineno = lineno; - $$->u.value = $3; - $$->next = NULL; - } - | LITERAL '=' '{' assignments '}' - { - $$ = malloc(sizeof(*$$)); - $$->name = $1; - $$->type = a_assignment; - $$->lineno = lineno; - $$->u.assignment = $4; - $$->next = NULL; - } - ; - -%% -char *filename; -FILE *cfile, *hfile; -int error_flag; -struct assignment *assignment; - - -static void -ex(struct assignment *a, const char *fmt, ...) -{ - va_list ap; - fprintf(stderr, "%s:%d: ", a->name, a->lineno); - va_start(ap, fmt); - vfprintf(stderr, fmt, ap); - va_end(ap); - fprintf(stderr, "\n"); -} - - - -static int -check_option(struct assignment *as) -{ - struct assignment *a; - int seen_long = 0; - int seen_short = 0; - int seen_type = 0; - int seen_argument = 0; - int seen_help = 0; - int seen_default = 0; - int ret = 0; - - for(a = as; a != NULL; a = a->next) { - if(strcmp(a->name, "long") == 0) - seen_long++; - else if(strcmp(a->name, "short") == 0) - seen_short++; - else if(strcmp(a->name, "type") == 0) - seen_type++; - else if(strcmp(a->name, "argument") == 0) - seen_argument++; - else if(strcmp(a->name, "help") == 0) - seen_help++; - else if(strcmp(a->name, "default") == 0) - seen_default++; - else { - ex(a, "unknown name"); - ret++; - } - } - if(seen_long == 0 && seen_short == 0) { - ex(as, "neither long nor short option"); - ret++; - } - if(seen_long > 1) { - ex(as, "multiple long options"); - ret++; - } - if(seen_short > 1) { - ex(as, "multiple short options"); - ret++; - } - if(seen_type > 1) { - ex(as, "multiple types"); - ret++; - } - if(seen_argument > 1) { - ex(as, "multiple arguments"); - ret++; - } - if(seen_help > 1) { - ex(as, "multiple help strings"); - ret++; - } - if(seen_default > 1) { - ex(as, "multiple default values"); - ret++; - } - return ret; -} - -static int -check_command(struct assignment *as) -{ - struct assignment *a; - int seen_name = 0; - int seen_function = 0; - int seen_help = 0; - int seen_argument = 0; - int seen_minargs = 0; - int seen_maxargs = 0; - int ret = 0; - for(a = as; a != NULL; a = a->next) { - if(strcmp(a->name, "name") == 0) - seen_name++; - else if(strcmp(a->name, "function") == 0) { - seen_function++; - } else if(strcmp(a->name, "option") == 0) - ret += check_option(a->u.assignment); - else if(strcmp(a->name, "help") == 0) { - seen_help++; - } else if(strcmp(a->name, "argument") == 0) { - seen_argument++; - } else if(strcmp(a->name, "min_args") == 0) { - seen_minargs++; - } else if(strcmp(a->name, "max_args") == 0) { - seen_maxargs++; - } else { - ex(a, "unknown name"); - ret++; - } - } - if(seen_name == 0) { - ex(as, "no command name"); - ret++; - } - if(seen_function > 1) { - ex(as, "multiple function names"); - ret++; - } - if(seen_help > 1) { - ex(as, "multiple help strings"); - ret++; - } - if(seen_argument > 1) { - ex(as, "multiple argument strings"); - ret++; - } - if(seen_minargs > 1) { - ex(as, "multiple min_args strings"); - ret++; - } - if(seen_maxargs > 1) { - ex(as, "multiple max_args strings"); - ret++; - } - - return ret; -} - -static int -check(struct assignment *as) -{ - struct assignment *a; - int ret = 0; - for(a = as; a != NULL; a = a->next) { - if(strcmp(a->name, "command")) { - fprintf(stderr, "unknown type %s line %d\n", a->name, a->lineno); - ret++; - continue; - } - if(a->type != a_assignment) { - fprintf(stderr, "bad command definition %s line %d\n", a->name, a->lineno); - ret++; - continue; - } - ret += check_command(a->u.assignment); - } - return ret; -} - -static struct assignment * -find_next(struct assignment *as, const char *name) -{ - for(as = as->next; as != NULL; as = as->next) { - if(strcmp(as->name, name) == 0) - return as; - } - return NULL; -} - -static struct assignment * -find(struct assignment *as, const char *name) -{ - for(; as != NULL; as = as->next) { - if(strcmp(as->name, name) == 0) - return as; - } - return NULL; -} - -static void -space(FILE *f, int level) -{ - fprintf(f, "%*.*s", level * 4, level * 4, " "); -} - -static void -cprint(int level, const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - space(cfile, level); - vfprintf(cfile, fmt, ap); - va_end(ap); -} - -static void -hprint(int level, const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - space(hfile, level); - vfprintf(hfile, fmt, ap); - va_end(ap); -} - -static void gen_name(char *str); - -static void -gen_command(struct assignment *as) -{ - struct assignment *a, *b; - char *f; - a = find(as, "name"); - f = strdup(a->u.value); - gen_name(f); - cprint(1, " { "); - fprintf(cfile, "\"%s\", ", a->u.value); - fprintf(cfile, "%s_wrap, ", f); - b = find(as, "argument"); - if(b) - fprintf(cfile, "\"%s %s\", ", a->u.value, b->u.value); - else - fprintf(cfile, "\"%s\", ", a->u.value); - b = find(as, "help"); - if(b) - fprintf(cfile, "\"%s\"", b->u.value); - else - fprintf(cfile, "NULL"); - fprintf(cfile, " },\n"); - for(a = a->next; a != NULL; a = a->next) - if(strcmp(a->name, "name") == 0) - cprint(1, " { \"%s\" },\n", a->u.value); - cprint(0, "\n"); -} - -static void -gen_name(char *str) -{ - char *p; - for(p = str; *p != '\0'; p++) - if(!isalnum((unsigned char)*p)) - *p = '_'; -} - -static char * -make_name(struct assignment *as) -{ - struct assignment *lopt; - struct assignment *type; - char *s; - - lopt = find(as, "long"); - if(lopt == NULL) - lopt = find(as, "name"); - if(lopt == NULL) - return NULL; - - type = find(as, "type"); - if(strcmp(type->u.value, "-flag") == 0) - asprintf(&s, "%s_flag", lopt->u.value); - else - asprintf(&s, "%s_%s", lopt->u.value, type->u.value); - gen_name(s); - return s; -} - - -static void defval_int(const char *name, struct assignment *defval) -{ - if(defval != NULL) - cprint(1, "opt.%s = %s;\n", name, defval->u.value); - else - cprint(1, "opt.%s = 0;\n", name); -} -static void defval_string(const char *name, struct assignment *defval) -{ - if(defval != NULL) - cprint(1, "opt.%s = \"%s\";\n", name, defval->u.value); - else - cprint(1, "opt.%s = NULL;\n", name); -} -static void defval_strings(const char *name, struct assignment *defval) -{ - cprint(1, "opt.%s.num_strings = 0;\n", name); - cprint(1, "opt.%s.strings = NULL;\n", name); -} - -static void free_strings(const char *name) -{ - cprint(1, "free_getarg_strings (&opt.%s);\n", name); -} - -struct type_handler { - const char *typename; - const char *c_type; - const char *getarg_type; - void (*defval)(const char*, struct assignment*); - void (*free)(const char*); -} type_handlers[] = { - { "integer", - "int", - "arg_integer", - defval_int, - NULL - }, - { "string", - "char*", - "arg_string", - defval_string, - NULL - }, - { "strings", - "struct getarg_strings", - "arg_strings", - defval_strings, - free_strings - }, - { "flag", - "int", - "arg_flag", - defval_int, - NULL - }, - { "-flag", - "int", - "arg_negative_flag", - defval_int, - NULL - }, - { NULL } -}; - -static struct type_handler *find_handler(struct assignment *type) -{ - struct type_handler *th; - for(th = type_handlers; th->typename != NULL; th++) - if(strcmp(type->u.value, th->typename) == 0) - return th; - ex(type, "unknown type \"%s\"", type->u.value); - exit(1); -} - -static void -gen_options(struct assignment *opt1, const char *name) -{ - struct assignment *tmp; - - hprint(0, "struct %s_options {\n", name); - - for(tmp = opt1; - tmp != NULL; - tmp = find_next(tmp, "option")) { - struct assignment *type; - struct type_handler *th; - char *s; - - s = make_name(tmp->u.assignment); - type = find(tmp->u.assignment, "type"); - th = find_handler(type); - hprint(1, "%s %s;\n", th->c_type, s); - free(s); - } - hprint(0, "};\n"); -} - -static void -gen_wrapper(struct assignment *as) -{ - struct assignment *name; - struct assignment *arg; - struct assignment *opt1; - struct assignment *function; - struct assignment *tmp; - char *n, *f; - int nargs = 0; - - name = find(as, "name"); - n = strdup(name->u.value); - gen_name(n); - arg = find(as, "argument"); - opt1 = find(as, "option"); - function = find(as, "function"); - if(function) - f = function->u.value; - else - f = n; - - - if(opt1 != NULL) { - gen_options(opt1, n); - hprint(0, "int %s(struct %s_options*, int, char **);\n", f, n); - } else { - hprint(0, "int %s(void*, int, char **);\n", f); - } - - fprintf(cfile, "static int\n"); - fprintf(cfile, "%s_wrap(int argc, char **argv)\n", n); - fprintf(cfile, "{\n"); - if(opt1 != NULL) - cprint(1, "struct %s_options opt;\n", n); - cprint(1, "int ret;\n"); - cprint(1, "int optidx = 0;\n"); - cprint(1, "struct getargs args[] = {\n"); - for(tmp = find(as, "option"); - tmp != NULL; - tmp = find_next(tmp, "option")) { - struct assignment *type = find(tmp->u.assignment, "type"); - struct assignment *lopt = find(tmp->u.assignment, "long"); - struct assignment *sopt = find(tmp->u.assignment, "short"); - struct assignment *aarg = find(tmp->u.assignment, "argument"); - struct assignment *help = find(tmp->u.assignment, "help"); - - struct type_handler *th; - - cprint(2, "{ "); - if(lopt) - fprintf(cfile, "\"%s\", ", lopt->u.value); - else - fprintf(cfile, "NULL, "); - if(sopt) - fprintf(cfile, "'%c', ", *sopt->u.value); - else - fprintf(cfile, "0, "); - th = find_handler(type); - fprintf(cfile, "%s, ", th->getarg_type); - fprintf(cfile, "NULL, "); - if(help) - fprintf(cfile, "\"%s\", ", help->u.value); - else - fprintf(cfile, "NULL, "); - if(aarg) - fprintf(cfile, "\"%s\"", aarg->u.value); - else - fprintf(cfile, "NULL"); - fprintf(cfile, " },\n"); - } - cprint(2, "{ \"help\", 'h', arg_flag, NULL, NULL, NULL }\n"); - cprint(1, "};\n"); - cprint(1, "int help_flag = 0;\n"); - - for(tmp = find(as, "option"); - tmp != NULL; - tmp = find_next(tmp, "option")) { - char *s; - struct assignment *type = find(tmp->u.assignment, "type"); - - struct assignment *defval = find(tmp->u.assignment, "default"); - - struct type_handler *th; - - s = make_name(tmp->u.assignment); - th = find_handler(type); - (*th->defval)(s, defval); - free(s); - } - - for(tmp = find(as, "option"); - tmp != NULL; - tmp = find_next(tmp, "option")) { - char *s; - s = make_name(tmp->u.assignment); - cprint(1, "args[%d].value = &opt.%s;\n", nargs++, s); - free(s); - } - cprint(1, "args[%d].value = &help_flag;\n", nargs++); - cprint(1, "if(getarg(args, %d, argc, argv, &optidx))\n", nargs); - cprint(2, "goto usage;\n"); - - { - int min_args = -1; - int max_args = -1; - char *end; - if(arg == NULL) { - max_args = 0; - } else { - if((tmp = find(as, "min_args")) != NULL) { - min_args = strtol(tmp->u.value, &end, 0); - if(*end != '\0') { - ex(tmp, "min_args is not numeric"); - exit(1); - } - if(min_args < 0) { - ex(tmp, "min_args must be non-negative"); - exit(1); - } - } - if((tmp = find(as, "max_args")) != NULL) { - max_args = strtol(tmp->u.value, &end, 0); - if(*end != '\0') { - ex(tmp, "max_args is not numeric"); - exit(1); - } - if(max_args < 0) { - ex(tmp, "max_args must be non-negative"); - exit(1); - } - } - } - if(min_args != -1 || max_args != -1) { - if(min_args == max_args) { - cprint(1, "if(argc - optidx != %d) {\n", - min_args); - cprint(2, "fprintf(stderr, \"Need exactly %u parameters (%%u given).\\n\\n\", argc - optidx);\n", min_args); - cprint(2, "goto usage;\n"); - cprint(1, "}\n"); - } else { - if(max_args != -1) { - cprint(1, "if(argc - optidx > %d) {\n", max_args); - cprint(2, "fprintf(stderr, \"Arguments given (%%u) are more than expected (%u).\\n\\n\", argc - optidx);\n", max_args); - cprint(2, "goto usage;\n"); - cprint(1, "}\n"); - } - if(min_args != -1) { - cprint(1, "if(argc - optidx < %d) {\n", min_args); - cprint(2, "fprintf(stderr, \"Arguments given (%%u) are less than expected (%u).\\n\\n\", argc - optidx);\n", min_args); - cprint(2, "goto usage;\n"); - cprint(1, "}\n"); - } - } - } - } - - cprint(1, "if(help_flag)\n"); - cprint(2, "goto usage;\n"); - - cprint(1, "ret = %s(%s, argc - optidx, argv + optidx);\n", - f, opt1 ? "&opt": "NULL"); - - /* free allocated data */ - for(tmp = find(as, "option"); - tmp != NULL; - tmp = find_next(tmp, "option")) { - char *s; - struct assignment *type = find(tmp->u.assignment, "type"); - struct type_handler *th; - th = find_handler(type); - if(th->free == NULL) - continue; - s = make_name(tmp->u.assignment); - (*th->free)(s); - free(s); - } - cprint(1, "return ret;\n"); - - cprint(0, "usage:\n"); - cprint(1, "arg_printusage (args, %d, \"%s\", \"%s\");\n", nargs, - name->u.value, arg ? arg->u.value : ""); - /* free allocated data */ - for(tmp = find(as, "option"); - tmp != NULL; - tmp = find_next(tmp, "option")) { - char *s; - struct assignment *type = find(tmp->u.assignment, "type"); - struct type_handler *th; - th = find_handler(type); - if(th->free == NULL) - continue; - s = make_name(tmp->u.assignment); - (*th->free)(s); - free(s); - } - cprint(1, "return 0;\n"); - cprint(0, "}\n"); - cprint(0, "\n"); -} - -char cname[PATH_MAX]; -char hname[PATH_MAX]; - -static void -gen(struct assignment *as) -{ - struct assignment *a; - cprint(0, "#include \n"); - cprint(0, "#include \n"); - cprint(0, "#include \n"); - cprint(0, "#include \"%s\"\n\n", hname); - - hprint(0, "#include \n"); - hprint(0, "#include \n"); - hprint(0, "\n"); - - - for(a = as; a != NULL; a = a->next) - gen_wrapper(a->u.assignment); - - cprint(0, "SL_cmd commands[] = {\n"); - for(a = as; a != NULL; a = a->next) - gen_command(a->u.assignment); - cprint(1, "{ NULL }\n"); - cprint(0, "};\n"); - - hprint(0, "extern SL_cmd commands[];\n"); -} - -int version_flag; -int help_flag; -struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; -int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage(int code) -{ - arg_printusage(args, num_args, NULL, "command-table"); - exit(code); -} - -int -main(int argc, char **argv) -{ - char *p; - - int optidx = 0; - - setprogname(argv[0]); - if(getarg(args, num_args, argc, argv, &optidx)) - usage(1); - if(help_flag) - usage(0); - if(version_flag) { - print_version(NULL); - exit(0); - } - - if(argc == optidx) - usage(1); - - filename = argv[optidx]; - yyin = fopen(filename, "r"); - if(yyin == NULL) - err(1, "%s", filename); - p = strrchr(filename, '/'); - if(p) - strlcpy(cname, p + 1, sizeof(cname)); - else - strlcpy(cname, filename, sizeof(cname)); - p = strrchr(cname, '.'); - if(p) - *p = '\0'; - strlcpy(hname, cname, sizeof(hname)); - strlcat(cname, ".c", sizeof(cname)); - strlcat(hname, ".h", sizeof(hname)); - yyparse(); - if(error_flag) - exit(1); - if(check(assignment) == 0) { - cfile = fopen(cname, "w"); - if(cfile == NULL) - err(1, "%s", cname); - hfile = fopen(hname, "w"); - if(hfile == NULL) - err(1, "%s", hname); - gen(assignment); - fclose(cfile); - fclose(hfile); - } - fclose(yyin); - return 0; -} diff --git a/crypto/heimdal/lib/sl/slc-lex.c b/crypto/heimdal/lib/sl/slc-lex.c deleted file mode 100644 index d89b39c1f03b..000000000000 --- a/crypto/heimdal/lib/sl/slc-lex.c +++ /dev/null @@ -1,1877 +0,0 @@ - -#line 3 "slc-lex.c" - -#define YY_INT_ALIGNED short int - -/* A lexical scanner generated by flex */ - -#define FLEX_SCANNER -#define YY_FLEX_MAJOR_VERSION 2 -#define YY_FLEX_MINOR_VERSION 5 -#define YY_FLEX_SUBMINOR_VERSION 33 -#if YY_FLEX_SUBMINOR_VERSION > 0 -#define FLEX_BETA -#endif - -/* First, we deal with platform-specific or compiler-specific issues. */ - -/* begin standard C headers. */ -#include -#include -#include -#include - -/* end standard C headers. */ - -/* flex integer type definitions */ - -#ifndef FLEXINT_H -#define FLEXINT_H - -/* C99 systems have . Non-C99 systems may or may not. */ - -#if __STDC_VERSION__ >= 199901L - -/* C99 says to define __STDC_LIMIT_MACROS before including stdint.h, - * if you want the limit (max/min) macros for int types. - */ -#ifndef __STDC_LIMIT_MACROS -#define __STDC_LIMIT_MACROS 1 -#endif - -#include -typedef int8_t flex_int8_t; -typedef uint8_t flex_uint8_t; -typedef int16_t flex_int16_t; -typedef uint16_t flex_uint16_t; -typedef int32_t flex_int32_t; -typedef uint32_t flex_uint32_t; -#else -typedef signed char flex_int8_t; -typedef short int flex_int16_t; -typedef int flex_int32_t; -typedef unsigned char flex_uint8_t; -typedef unsigned short int flex_uint16_t; -typedef unsigned int flex_uint32_t; -#endif /* ! C99 */ - -/* Limits of integral types. */ -#ifndef INT8_MIN -#define INT8_MIN (-128) -#endif -#ifndef INT16_MIN -#define INT16_MIN (-32767-1) -#endif -#ifndef INT32_MIN -#define INT32_MIN (-2147483647-1) -#endif -#ifndef INT8_MAX -#define INT8_MAX (127) -#endif -#ifndef INT16_MAX -#define INT16_MAX (32767) -#endif -#ifndef INT32_MAX -#define INT32_MAX (2147483647) -#endif -#ifndef UINT8_MAX -#define UINT8_MAX (255U) -#endif -#ifndef UINT16_MAX -#define UINT16_MAX (65535U) -#endif -#ifndef UINT32_MAX -#define UINT32_MAX (4294967295U) -#endif - -#endif /* ! FLEXINT_H */ - -#ifdef __cplusplus - -/* The "const" storage-class-modifier is valid. */ -#define YY_USE_CONST - -#else /* ! __cplusplus */ - -#if __STDC__ - -#define YY_USE_CONST - -#endif /* __STDC__ */ -#endif /* ! __cplusplus */ - -#ifdef YY_USE_CONST -#define yyconst const -#else -#define yyconst -#endif - -/* Returned upon end-of-file. */ -#define YY_NULL 0 - -/* Promotes a possibly negative, possibly signed char to an unsigned - * integer for use as an array index. If the signed char is negative, - * we want to instead treat it as an 8-bit unsigned char, hence the - * double cast. - */ -#define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c) - -/* Enter a start condition. This macro really ought to take a parameter, - * but we do it the disgusting crufty way forced on us by the ()-less - * definition of BEGIN. - */ -#define BEGIN (yy_start) = 1 + 2 * - -/* Translate the current start state into a value that can be later handed - * to BEGIN to return to the state. The YYSTATE alias is for lex - * compatibility. - */ -#define YY_START (((yy_start) - 1) / 2) -#define YYSTATE YY_START - -/* Action number for EOF rule of a given start state. */ -#define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1) - -/* Special action meaning "start processing a new file". */ -#define YY_NEW_FILE yyrestart(yyin ) - -#define YY_END_OF_BUFFER_CHAR 0 - -/* Size of default input buffer. */ -#ifndef YY_BUF_SIZE -#define YY_BUF_SIZE 16384 -#endif - -/* The state buf must be large enough to hold one state per character in the main buffer. - */ -#define YY_STATE_BUF_SIZE ((YY_BUF_SIZE + 2) * sizeof(yy_state_type)) - -#ifndef YY_TYPEDEF_YY_BUFFER_STATE -#define YY_TYPEDEF_YY_BUFFER_STATE -typedef struct yy_buffer_state *YY_BUFFER_STATE; -#endif - -extern int yyleng; - -extern FILE *yyin, *yyout; - -#define EOB_ACT_CONTINUE_SCAN 0 -#define EOB_ACT_END_OF_FILE 1 -#define EOB_ACT_LAST_MATCH 2 - - #define YY_LESS_LINENO(n) - -/* Return all but the first "n" matched characters back to the input stream. */ -#define yyless(n) \ - do \ - { \ - /* Undo effects of setting up yytext. */ \ - int yyless_macro_arg = (n); \ - YY_LESS_LINENO(yyless_macro_arg);\ - *yy_cp = (yy_hold_char); \ - YY_RESTORE_YY_MORE_OFFSET \ - (yy_c_buf_p) = yy_cp = yy_bp + yyless_macro_arg - YY_MORE_ADJ; \ - YY_DO_BEFORE_ACTION; /* set up yytext again */ \ - } \ - while ( 0 ) - -#define unput(c) yyunput( c, (yytext_ptr) ) - -/* The following is because we cannot portably get our hands on size_t - * (without autoconf's help, which isn't available because we want - * flex-generated scanners to compile on their own). - */ - -#ifndef YY_TYPEDEF_YY_SIZE_T -#define YY_TYPEDEF_YY_SIZE_T -typedef unsigned int yy_size_t; -#endif - -#ifndef YY_STRUCT_YY_BUFFER_STATE -#define YY_STRUCT_YY_BUFFER_STATE -struct yy_buffer_state - { - FILE *yy_input_file; - - char *yy_ch_buf; /* input buffer */ - char *yy_buf_pos; /* current position in input buffer */ - - /* Size of input buffer in bytes, not including room for EOB - * characters. - */ - yy_size_t yy_buf_size; - - /* Number of characters read into yy_ch_buf, not including EOB - * characters. - */ - int yy_n_chars; - - /* Whether we "own" the buffer - i.e., we know we created it, - * and can realloc() it to grow it, and should free() it to - * delete it. - */ - int yy_is_our_buffer; - - /* Whether this is an "interactive" input source; if so, and - * if we're using stdio for input, then we want to use getc() - * instead of fread(), to make sure we stop fetching input after - * each newline. - */ - int yy_is_interactive; - - /* Whether we're considered to be at the beginning of a line. - * If so, '^' rules will be active on the next match, otherwise - * not. - */ - int yy_at_bol; - - int yy_bs_lineno; /**< The line count. */ - int yy_bs_column; /**< The column count. */ - - /* Whether to try to fill the input buffer when we reach the - * end of it. - */ - int yy_fill_buffer; - - int yy_buffer_status; - -#define YY_BUFFER_NEW 0 -#define YY_BUFFER_NORMAL 1 - /* When an EOF's been seen but there's still some text to process - * then we mark the buffer as YY_EOF_PENDING, to indicate that we - * shouldn't try reading from the input source any more. We might - * still have a bunch of tokens to match, though, because of - * possible backing-up. - * - * When we actually see the EOF, we change the status to "new" - * (via yyrestart()), so that the user can continue scanning by - * just pointing yyin at a new input file. - */ -#define YY_BUFFER_EOF_PENDING 2 - - }; -#endif /* !YY_STRUCT_YY_BUFFER_STATE */ - -/* Stack of input buffers. */ -static size_t yy_buffer_stack_top = 0; /**< index of top of stack. */ -static size_t yy_buffer_stack_max = 0; /**< capacity of stack. */ -static YY_BUFFER_STATE * yy_buffer_stack = 0; /**< Stack as an array. */ - -/* We provide macros for accessing buffer states in case in the - * future we want to put the buffer states in a more general - * "scanner state". - * - * Returns the top of the stack, or NULL. - */ -#define YY_CURRENT_BUFFER ( (yy_buffer_stack) \ - ? (yy_buffer_stack)[(yy_buffer_stack_top)] \ - : NULL) - -/* Same as previous macro, but useful when we know that the buffer stack is not - * NULL or when we need an lvalue. For internal use only. - */ -#define YY_CURRENT_BUFFER_LVALUE (yy_buffer_stack)[(yy_buffer_stack_top)] - -/* yy_hold_char holds the character lost when yytext is formed. */ -static char yy_hold_char; -static int yy_n_chars; /* number of characters read into yy_ch_buf */ -int yyleng; - -/* Points to current character in buffer. */ -static char *yy_c_buf_p = (char *) 0; -static int yy_init = 0; /* whether we need to initialize */ -static int yy_start = 0; /* start state number */ - -/* Flag which is used to allow yywrap()'s to do buffer switches - * instead of setting up a fresh yyin. A bit of a hack ... - */ -static int yy_did_buffer_switch_on_eof; - -void yyrestart (FILE *input_file ); -void yy_switch_to_buffer (YY_BUFFER_STATE new_buffer ); -YY_BUFFER_STATE yy_create_buffer (FILE *file,int size ); -void yy_delete_buffer (YY_BUFFER_STATE b ); -void yy_flush_buffer (YY_BUFFER_STATE b ); -void yypush_buffer_state (YY_BUFFER_STATE new_buffer ); -void yypop_buffer_state (void ); - -static void yyensure_buffer_stack (void ); -static void yy_load_buffer_state (void ); -static void yy_init_buffer (YY_BUFFER_STATE b,FILE *file ); - -#define YY_FLUSH_BUFFER yy_flush_buffer(YY_CURRENT_BUFFER ) - -YY_BUFFER_STATE yy_scan_buffer (char *base,yy_size_t size ); -YY_BUFFER_STATE yy_scan_string (yyconst char *yy_str ); -YY_BUFFER_STATE yy_scan_bytes (yyconst char *bytes,int len ); - -void *yyalloc (yy_size_t ); -void *yyrealloc (void *,yy_size_t ); -void yyfree (void * ); - -#define yy_new_buffer yy_create_buffer - -#define yy_set_interactive(is_interactive) \ - { \ - if ( ! YY_CURRENT_BUFFER ){ \ - yyensure_buffer_stack (); \ - YY_CURRENT_BUFFER_LVALUE = \ - yy_create_buffer(yyin,YY_BUF_SIZE ); \ - } \ - YY_CURRENT_BUFFER_LVALUE->yy_is_interactive = is_interactive; \ - } - -#define yy_set_bol(at_bol) \ - { \ - if ( ! YY_CURRENT_BUFFER ){\ - yyensure_buffer_stack (); \ - YY_CURRENT_BUFFER_LVALUE = \ - yy_create_buffer(yyin,YY_BUF_SIZE ); \ - } \ - YY_CURRENT_BUFFER_LVALUE->yy_at_bol = at_bol; \ - } - -#define YY_AT_BOL() (YY_CURRENT_BUFFER_LVALUE->yy_at_bol) - -/* Begin user sect3 */ - -typedef unsigned char YY_CHAR; - -FILE *yyin = (FILE *) 0, *yyout = (FILE *) 0; - -typedef int yy_state_type; - -extern int yylineno; - -int yylineno = 1; - -extern char *yytext; -#define yytext_ptr yytext - -static yy_state_type yy_get_previous_state (void ); -static yy_state_type yy_try_NUL_trans (yy_state_type current_state ); -static int yy_get_next_buffer (void ); -static void yy_fatal_error (yyconst char msg[] ); - -/* Done after the current pattern has been matched and before the - * corresponding action - sets up yytext. - */ -#define YY_DO_BEFORE_ACTION \ - (yytext_ptr) = yy_bp; \ - yyleng = (size_t) (yy_cp - yy_bp); \ - (yy_hold_char) = *yy_cp; \ - *yy_cp = '\0'; \ - (yy_c_buf_p) = yy_cp; - -#define YY_NUM_RULES 7 -#define YY_END_OF_BUFFER 8 -/* This struct is not used in this scanner, - but its presence is necessary. */ -struct yy_trans_info - { - flex_int32_t yy_verify; - flex_int32_t yy_nxt; - }; -static yyconst flex_int16_t yy_accept[14] = - { 0, - 0, 0, 8, 7, 6, 3, 2, 7, 5, 1, - 4, 1, 0 - } ; - -static yyconst flex_int32_t yy_ec[256] = - { 0, - 1, 1, 1, 1, 1, 1, 1, 1, 2, 3, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 2, 1, 4, 1, 1, 1, 1, 1, 1, - 1, 5, 1, 1, 6, 1, 7, 6, 6, 6, - 6, 6, 6, 6, 6, 6, 6, 1, 1, 1, - 8, 1, 1, 1, 9, 9, 9, 9, 9, 9, - 9, 9, 9, 9, 9, 9, 9, 9, 9, 9, - 9, 9, 9, 9, 9, 9, 9, 9, 9, 9, - 1, 1, 1, 1, 6, 1, 9, 9, 9, 9, - - 9, 9, 9, 9, 9, 9, 9, 9, 9, 9, - 9, 9, 9, 9, 9, 9, 9, 9, 9, 9, - 9, 9, 8, 1, 8, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1 - } ; - -static yyconst flex_int32_t yy_meta[10] = - { 0, - 1, 1, 1, 1, 1, 2, 1, 1, 2 - } ; - -static yyconst flex_int16_t yy_base[15] = - { 0, - 0, 0, 12, 13, 13, 13, 13, 6, 13, 0, - 13, 0, 13, 8 - } ; - -static yyconst flex_int16_t yy_def[15] = - { 0, - 13, 1, 13, 13, 13, 13, 13, 13, 13, 14, - 13, 14, 0, 13 - } ; - -static yyconst flex_int16_t yy_nxt[23] = - { 0, - 4, 5, 6, 7, 4, 4, 8, 9, 10, 12, - 11, 13, 3, 13, 13, 13, 13, 13, 13, 13, - 13, 13 - } ; - -static yyconst flex_int16_t yy_chk[23] = - { 0, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 14, - 8, 3, 13, 13, 13, 13, 13, 13, 13, 13, - 13, 13 - } ; - -static yy_state_type yy_last_accepting_state; -static char *yy_last_accepting_cpos; - -extern int yy_flex_debug; -int yy_flex_debug = 0; - -/* The intent behind this definition is that it'll catch - * any uses of REJECT which flex missed. - */ -#define REJECT reject_used_but_not_detected -#define yymore() yymore_used_but_not_detected -#define YY_MORE_ADJ 0 -#define YY_RESTORE_YY_MORE_OFFSET -char *yytext; -#line 1 "slc-lex.l" -#line 2 "slc-lex.l" -/* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: slc-lex.l 15118 2005-05-10 22:19:01Z lha $ */ - -#undef ECHO - -#include -#include -#include -#include -#include "slc.h" -#include "slc-gram.h" -unsigned lineno = 1; - -static void handle_comment(void); -static char * handle_string(void); - -#define YY_NO_UNPUT - -#undef ECHO - -#line 513 "slc-lex.c" - -#define INITIAL 0 - -#ifndef YY_NO_UNISTD_H -/* Special case for "unistd.h", since it is non-ANSI. We include it way - * down here because we want the user's section 1 to have been scanned first. - * The user has a chance to override it with an option. - */ -#include -#endif - -#ifndef YY_EXTRA_TYPE -#define YY_EXTRA_TYPE void * -#endif - -static int yy_init_globals (void ); - -/* Macros after this point can all be overridden by user definitions in - * section 1. - */ - -#ifndef YY_SKIP_YYWRAP -#ifdef __cplusplus -extern "C" int yywrap (void ); -#else -extern int yywrap (void ); -#endif -#endif - - static void yyunput (int c,char *buf_ptr ); - -#ifndef yytext_ptr -static void yy_flex_strncpy (char *,yyconst char *,int ); -#endif - -#ifdef YY_NEED_STRLEN -static int yy_flex_strlen (yyconst char * ); -#endif - -#ifndef YY_NO_INPUT - -#ifdef __cplusplus -static int yyinput (void ); -#else -static int input (void ); -#endif - -#endif - -/* Amount of stuff to slurp up with each read. */ -#ifndef YY_READ_BUF_SIZE -#define YY_READ_BUF_SIZE 8192 -#endif - -/* Copy whatever the last rule matched to the standard output. */ -#ifndef ECHO -/* This used to be an fputs(), but since the string might contain NUL's, - * we now use fwrite(). - */ -#define ECHO (void) fwrite( yytext, yyleng, 1, yyout ) -#endif - -/* Gets input and stuffs it into "buf". number of characters read, or YY_NULL, - * is returned in "result". - */ -#ifndef YY_INPUT -#define YY_INPUT(buf,result,max_size) \ - if ( YY_CURRENT_BUFFER_LVALUE->yy_is_interactive ) \ - { \ - int c = '*'; \ - size_t n; \ - for ( n = 0; n < max_size && \ - (c = getc( yyin )) != EOF && c != '\n'; ++n ) \ - buf[n] = (char) c; \ - if ( c == '\n' ) \ - buf[n++] = (char) c; \ - if ( c == EOF && ferror( yyin ) ) \ - YY_FATAL_ERROR( "input in flex scanner failed" ); \ - result = n; \ - } \ - else \ - { \ - errno=0; \ - while ( (result = fread(buf, 1, max_size, yyin))==0 && ferror(yyin)) \ - { \ - if( errno != EINTR) \ - { \ - YY_FATAL_ERROR( "input in flex scanner failed" ); \ - break; \ - } \ - errno=0; \ - clearerr(yyin); \ - } \ - }\ -\ - -#endif - -/* No semi-colon after return; correct usage is to write "yyterminate();" - - * we don't want an extra ';' after the "return" because that will cause - * some compilers to complain about unreachable statements. - */ -#ifndef yyterminate -#define yyterminate() return YY_NULL -#endif - -/* Number of entries by which start-condition stack grows. */ -#ifndef YY_START_STACK_INCR -#define YY_START_STACK_INCR 25 -#endif - -/* Report a fatal error. */ -#ifndef YY_FATAL_ERROR -#define YY_FATAL_ERROR(msg) yy_fatal_error( msg ) -#endif - -/* end tables serialization structures and prototypes */ - -/* Default declaration of generated scanner - a define so the user can - * easily add parameters. - */ -#ifndef YY_DECL -#define YY_DECL_IS_OURS 1 - -extern int yylex (void); - -#define YY_DECL int yylex (void) -#endif /* !YY_DECL */ - -/* Code executed at the beginning of each rule, after yytext and yyleng - * have been set up. - */ -#ifndef YY_USER_ACTION -#define YY_USER_ACTION -#endif - -/* Code executed at the end of each rule. */ -#ifndef YY_BREAK -#define YY_BREAK break; -#endif - -#define YY_RULE_SETUP \ - YY_USER_ACTION - -/** The main scanner function which does all the work. - */ -YY_DECL -{ - register yy_state_type yy_current_state; - register char *yy_cp, *yy_bp; - register int yy_act; - -#line 55 "slc-lex.l" - -#line 668 "slc-lex.c" - - if ( !(yy_init) ) - { - (yy_init) = 1; - -#ifdef YY_USER_INIT - YY_USER_INIT; -#endif - - if ( ! (yy_start) ) - (yy_start) = 1; /* first start state */ - - if ( ! yyin ) - yyin = stdin; - - if ( ! yyout ) - yyout = stdout; - - if ( ! YY_CURRENT_BUFFER ) { - yyensure_buffer_stack (); - YY_CURRENT_BUFFER_LVALUE = - yy_create_buffer(yyin,YY_BUF_SIZE ); - } - - yy_load_buffer_state( ); - } - - while ( 1 ) /* loops until end-of-file is reached */ - { - yy_cp = (yy_c_buf_p); - - /* Support of yytext. */ - *yy_cp = (yy_hold_char); - - /* yy_bp points to the position in yy_ch_buf of the start of - * the current run. - */ - yy_bp = yy_cp; - - yy_current_state = (yy_start); -yy_match: - do - { - register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)]; - if ( yy_accept[yy_current_state] ) - { - (yy_last_accepting_state) = yy_current_state; - (yy_last_accepting_cpos) = yy_cp; - } - while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) - { - yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 14 ) - yy_c = yy_meta[(unsigned int) yy_c]; - } - yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - ++yy_cp; - } - while ( yy_base[yy_current_state] != 13 ); - -yy_find_action: - yy_act = yy_accept[yy_current_state]; - if ( yy_act == 0 ) - { /* have to back up */ - yy_cp = (yy_last_accepting_cpos); - yy_current_state = (yy_last_accepting_state); - yy_act = yy_accept[yy_current_state]; - } - - YY_DO_BEFORE_ACTION; - -do_action: /* This label is used only to access EOF actions. */ - - switch ( yy_act ) - { /* beginning of action switch */ - case 0: /* must back up */ - /* undo the effects of YY_DO_BEFORE_ACTION */ - *yy_cp = (yy_hold_char); - yy_cp = (yy_last_accepting_cpos); - yy_current_state = (yy_last_accepting_state); - goto yy_find_action; - -case 1: -YY_RULE_SETUP -#line 56 "slc-lex.l" -{ - yylval.string = strdup ((const char *)yytext); - return LITERAL; - } - YY_BREAK -case 2: -YY_RULE_SETUP -#line 60 "slc-lex.l" -{ yylval.string = handle_string(); return STRING; } - YY_BREAK -case 3: -/* rule 3 can match eol */ -YY_RULE_SETUP -#line 61 "slc-lex.l" -{ ++lineno; } - YY_BREAK -case 4: -YY_RULE_SETUP -#line 62 "slc-lex.l" -{ handle_comment(); } - YY_BREAK -case 5: -YY_RULE_SETUP -#line 63 "slc-lex.l" -{ return *yytext; } - YY_BREAK -case 6: -YY_RULE_SETUP -#line 64 "slc-lex.l" -; - YY_BREAK -case 7: -YY_RULE_SETUP -#line 65 "slc-lex.l" -ECHO; - YY_BREAK -#line 790 "slc-lex.c" -case YY_STATE_EOF(INITIAL): - yyterminate(); - - case YY_END_OF_BUFFER: - { - /* Amount of text matched not including the EOB char. */ - int yy_amount_of_matched_text = (int) (yy_cp - (yytext_ptr)) - 1; - - /* Undo the effects of YY_DO_BEFORE_ACTION. */ - *yy_cp = (yy_hold_char); - YY_RESTORE_YY_MORE_OFFSET - - if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_NEW ) - { - /* We're scanning a new file or input source. It's - * possible that this happened because the user - * just pointed yyin at a new source and called - * yylex(). If so, then we have to assure - * consistency between YY_CURRENT_BUFFER and our - * globals. Here is the right place to do so, because - * this is the first action (other than possibly a - * back-up) that will match for the new input source. - */ - (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_n_chars; - YY_CURRENT_BUFFER_LVALUE->yy_input_file = yyin; - YY_CURRENT_BUFFER_LVALUE->yy_buffer_status = YY_BUFFER_NORMAL; - } - - /* Note that here we test for yy_c_buf_p "<=" to the position - * of the first EOB in the buffer, since yy_c_buf_p will - * already have been incremented past the NUL character - * (since all states make transitions on EOB to the - * end-of-buffer state). Contrast this with the test - * in input(). - */ - if ( (yy_c_buf_p) <= &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] ) - { /* This was really a NUL. */ - yy_state_type yy_next_state; - - (yy_c_buf_p) = (yytext_ptr) + yy_amount_of_matched_text; - - yy_current_state = yy_get_previous_state( ); - - /* Okay, we're now positioned to make the NUL - * transition. We couldn't have - * yy_get_previous_state() go ahead and do it - * for us because it doesn't know how to deal - * with the possibility of jamming (and we don't - * want to build jamming into it because then it - * will run more slowly). - */ - - yy_next_state = yy_try_NUL_trans( yy_current_state ); - - yy_bp = (yytext_ptr) + YY_MORE_ADJ; - - if ( yy_next_state ) - { - /* Consume the NUL. */ - yy_cp = ++(yy_c_buf_p); - yy_current_state = yy_next_state; - goto yy_match; - } - - else - { - yy_cp = (yy_c_buf_p); - goto yy_find_action; - } - } - - else switch ( yy_get_next_buffer( ) ) - { - case EOB_ACT_END_OF_FILE: - { - (yy_did_buffer_switch_on_eof) = 0; - - if ( yywrap( ) ) - { - /* Note: because we've taken care in - * yy_get_next_buffer() to have set up - * yytext, we can now set up - * yy_c_buf_p so that if some total - * hoser (like flex itself) wants to - * call the scanner after we return the - * YY_NULL, it'll still work - another - * YY_NULL will get returned. - */ - (yy_c_buf_p) = (yytext_ptr) + YY_MORE_ADJ; - - yy_act = YY_STATE_EOF(YY_START); - goto do_action; - } - - else - { - if ( ! (yy_did_buffer_switch_on_eof) ) - YY_NEW_FILE; - } - break; - } - - case EOB_ACT_CONTINUE_SCAN: - (yy_c_buf_p) = - (yytext_ptr) + yy_amount_of_matched_text; - - yy_current_state = yy_get_previous_state( ); - - yy_cp = (yy_c_buf_p); - yy_bp = (yytext_ptr) + YY_MORE_ADJ; - goto yy_match; - - case EOB_ACT_LAST_MATCH: - (yy_c_buf_p) = - &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)]; - - yy_current_state = yy_get_previous_state( ); - - yy_cp = (yy_c_buf_p); - yy_bp = (yytext_ptr) + YY_MORE_ADJ; - goto yy_find_action; - } - break; - } - - default: - YY_FATAL_ERROR( - "fatal flex scanner internal error--no action found" ); - } /* end of action switch */ - } /* end of scanning one token */ -} /* end of yylex */ - -/* yy_get_next_buffer - try to read in a new buffer - * - * Returns a code representing an action: - * EOB_ACT_LAST_MATCH - - * EOB_ACT_CONTINUE_SCAN - continue scanning from current position - * EOB_ACT_END_OF_FILE - end of file - */ -static int yy_get_next_buffer (void) -{ - register char *dest = YY_CURRENT_BUFFER_LVALUE->yy_ch_buf; - register char *source = (yytext_ptr); - register int number_to_move, i; - int ret_val; - - if ( (yy_c_buf_p) > &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] ) - YY_FATAL_ERROR( - "fatal flex scanner internal error--end of buffer missed" ); - - if ( YY_CURRENT_BUFFER_LVALUE->yy_fill_buffer == 0 ) - { /* Don't try to fill the buffer, so this is an EOF. */ - if ( (yy_c_buf_p) - (yytext_ptr) - YY_MORE_ADJ == 1 ) - { - /* We matched a single character, the EOB, so - * treat this as a final EOF. - */ - return EOB_ACT_END_OF_FILE; - } - - else - { - /* We matched some text prior to the EOB, first - * process it. - */ - return EOB_ACT_LAST_MATCH; - } - } - - /* Try to read more data. */ - - /* First move last chars to start of buffer. */ - number_to_move = (int) ((yy_c_buf_p) - (yytext_ptr)) - 1; - - for ( i = 0; i < number_to_move; ++i ) - *(dest++) = *(source++); - - if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_EOF_PENDING ) - /* don't do the read, it's not guaranteed to return an EOF, - * just force an EOF - */ - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars) = 0; - - else - { - int num_to_read = - YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1; - - while ( num_to_read <= 0 ) - { /* Not enough room in the buffer - grow it. */ - - /* just a shorter name for the current buffer */ - YY_BUFFER_STATE b = YY_CURRENT_BUFFER; - - int yy_c_buf_p_offset = - (int) ((yy_c_buf_p) - b->yy_ch_buf); - - if ( b->yy_is_our_buffer ) - { - int new_size = b->yy_buf_size * 2; - - if ( new_size <= 0 ) - b->yy_buf_size += b->yy_buf_size / 8; - else - b->yy_buf_size *= 2; - - b->yy_ch_buf = (char *) - /* Include room in for 2 EOB chars. */ - yyrealloc((void *) b->yy_ch_buf,b->yy_buf_size + 2 ); - } - else - /* Can't grow it, we don't own it. */ - b->yy_ch_buf = 0; - - if ( ! b->yy_ch_buf ) - YY_FATAL_ERROR( - "fatal error - scanner input buffer overflow" ); - - (yy_c_buf_p) = &b->yy_ch_buf[yy_c_buf_p_offset]; - - num_to_read = YY_CURRENT_BUFFER_LVALUE->yy_buf_size - - number_to_move - 1; - - } - - if ( num_to_read > YY_READ_BUF_SIZE ) - num_to_read = YY_READ_BUF_SIZE; - - /* Read in more data. */ - YY_INPUT( (&YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move]), - (yy_n_chars), num_to_read ); - - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars); - } - - if ( (yy_n_chars) == 0 ) - { - if ( number_to_move == YY_MORE_ADJ ) - { - ret_val = EOB_ACT_END_OF_FILE; - yyrestart(yyin ); - } - - else - { - ret_val = EOB_ACT_LAST_MATCH; - YY_CURRENT_BUFFER_LVALUE->yy_buffer_status = - YY_BUFFER_EOF_PENDING; - } - } - - else - ret_val = EOB_ACT_CONTINUE_SCAN; - - (yy_n_chars) += number_to_move; - YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] = YY_END_OF_BUFFER_CHAR; - YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] = YY_END_OF_BUFFER_CHAR; - - (yytext_ptr) = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[0]; - - return ret_val; -} - -/* yy_get_previous_state - get the state just before the EOB char was reached */ - - static yy_state_type yy_get_previous_state (void) -{ - register yy_state_type yy_current_state; - register char *yy_cp; - - yy_current_state = (yy_start); - - for ( yy_cp = (yytext_ptr) + YY_MORE_ADJ; yy_cp < (yy_c_buf_p); ++yy_cp ) - { - register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1); - if ( yy_accept[yy_current_state] ) - { - (yy_last_accepting_state) = yy_current_state; - (yy_last_accepting_cpos) = yy_cp; - } - while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) - { - yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 14 ) - yy_c = yy_meta[(unsigned int) yy_c]; - } - yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - } - - return yy_current_state; -} - -/* yy_try_NUL_trans - try to make a transition on the NUL character - * - * synopsis - * next_state = yy_try_NUL_trans( current_state ); - */ - static yy_state_type yy_try_NUL_trans (yy_state_type yy_current_state ) -{ - register int yy_is_jam; - register char *yy_cp = (yy_c_buf_p); - - register YY_CHAR yy_c = 1; - if ( yy_accept[yy_current_state] ) - { - (yy_last_accepting_state) = yy_current_state; - (yy_last_accepting_cpos) = yy_cp; - } - while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) - { - yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 14 ) - yy_c = yy_meta[(unsigned int) yy_c]; - } - yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - yy_is_jam = (yy_current_state == 13); - - return yy_is_jam ? 0 : yy_current_state; -} - - static void yyunput (int c, register char * yy_bp ) -{ - register char *yy_cp; - - yy_cp = (yy_c_buf_p); - - /* undo effects of setting up yytext */ - *yy_cp = (yy_hold_char); - - if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 ) - { /* need to shift things up to make room */ - /* +2 for EOB chars. */ - register int number_to_move = (yy_n_chars) + 2; - register char *dest = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[ - YY_CURRENT_BUFFER_LVALUE->yy_buf_size + 2]; - register char *source = - &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move]; - - while ( source > YY_CURRENT_BUFFER_LVALUE->yy_ch_buf ) - *--dest = *--source; - - yy_cp += (int) (dest - source); - yy_bp += (int) (dest - source); - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = - (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_buf_size; - - if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 ) - YY_FATAL_ERROR( "flex scanner push-back overflow" ); - } - - *--yy_cp = (char) c; - - (yytext_ptr) = yy_bp; - (yy_hold_char) = *yy_cp; - (yy_c_buf_p) = yy_cp; -} - -#ifndef YY_NO_INPUT -#ifdef __cplusplus - static int yyinput (void) -#else - static int input (void) -#endif - -{ - int c; - - *(yy_c_buf_p) = (yy_hold_char); - - if ( *(yy_c_buf_p) == YY_END_OF_BUFFER_CHAR ) - { - /* yy_c_buf_p now points to the character we want to return. - * If this occurs *before* the EOB characters, then it's a - * valid NUL; if not, then we've hit the end of the buffer. - */ - if ( (yy_c_buf_p) < &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] ) - /* This was really a NUL. */ - *(yy_c_buf_p) = '\0'; - - else - { /* need more input */ - int offset = (yy_c_buf_p) - (yytext_ptr); - ++(yy_c_buf_p); - - switch ( yy_get_next_buffer( ) ) - { - case EOB_ACT_LAST_MATCH: - /* This happens because yy_g_n_b() - * sees that we've accumulated a - * token and flags that we need to - * try matching the token before - * proceeding. But for input(), - * there's no matching to consider. - * So convert the EOB_ACT_LAST_MATCH - * to EOB_ACT_END_OF_FILE. - */ - - /* Reset buffer status. */ - yyrestart(yyin ); - - /*FALLTHROUGH*/ - - case EOB_ACT_END_OF_FILE: - { - if ( yywrap( ) ) - return 0; - - if ( ! (yy_did_buffer_switch_on_eof) ) - YY_NEW_FILE; -#ifdef __cplusplus - return yyinput(); -#else - return input(); -#endif - } - - case EOB_ACT_CONTINUE_SCAN: - (yy_c_buf_p) = (yytext_ptr) + offset; - break; - } - } - } - - c = *(unsigned char *) (yy_c_buf_p); /* cast for 8-bit char's */ - *(yy_c_buf_p) = '\0'; /* preserve yytext */ - (yy_hold_char) = *++(yy_c_buf_p); - - return c; -} -#endif /* ifndef YY_NO_INPUT */ - -/** Immediately switch to a different input stream. - * @param input_file A readable stream. - * - * @note This function does not reset the start condition to @c INITIAL . - */ - void yyrestart (FILE * input_file ) -{ - - if ( ! YY_CURRENT_BUFFER ){ - yyensure_buffer_stack (); - YY_CURRENT_BUFFER_LVALUE = - yy_create_buffer(yyin,YY_BUF_SIZE ); - } - - yy_init_buffer(YY_CURRENT_BUFFER,input_file ); - yy_load_buffer_state( ); -} - -/** Switch to a different input buffer. - * @param new_buffer The new input buffer. - * - */ - void yy_switch_to_buffer (YY_BUFFER_STATE new_buffer ) -{ - - /* TODO. We should be able to replace this entire function body - * with - * yypop_buffer_state(); - * yypush_buffer_state(new_buffer); - */ - yyensure_buffer_stack (); - if ( YY_CURRENT_BUFFER == new_buffer ) - return; - - if ( YY_CURRENT_BUFFER ) - { - /* Flush out information for old buffer. */ - *(yy_c_buf_p) = (yy_hold_char); - YY_CURRENT_BUFFER_LVALUE->yy_buf_pos = (yy_c_buf_p); - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars); - } - - YY_CURRENT_BUFFER_LVALUE = new_buffer; - yy_load_buffer_state( ); - - /* We don't actually know whether we did this switch during - * EOF (yywrap()) processing, but the only time this flag - * is looked at is after yywrap() is called, so it's safe - * to go ahead and always set it. - */ - (yy_did_buffer_switch_on_eof) = 1; -} - -static void yy_load_buffer_state (void) -{ - (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_n_chars; - (yytext_ptr) = (yy_c_buf_p) = YY_CURRENT_BUFFER_LVALUE->yy_buf_pos; - yyin = YY_CURRENT_BUFFER_LVALUE->yy_input_file; - (yy_hold_char) = *(yy_c_buf_p); -} - -/** Allocate and initialize an input buffer state. - * @param file A readable stream. - * @param size The character buffer size in bytes. When in doubt, use @c YY_BUF_SIZE. - * - * @return the allocated buffer state. - */ - YY_BUFFER_STATE yy_create_buffer (FILE * file, int size ) -{ - YY_BUFFER_STATE b; - - b = (YY_BUFFER_STATE) yyalloc(sizeof( struct yy_buffer_state ) ); - if ( ! b ) - YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); - - b->yy_buf_size = size; - - /* yy_ch_buf has to be 2 characters longer than the size given because - * we need to put in 2 end-of-buffer characters. - */ - b->yy_ch_buf = (char *) yyalloc(b->yy_buf_size + 2 ); - if ( ! b->yy_ch_buf ) - YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); - - b->yy_is_our_buffer = 1; - - yy_init_buffer(b,file ); - - return b; -} - -/** Destroy the buffer. - * @param b a buffer created with yy_create_buffer() - * - */ - void yy_delete_buffer (YY_BUFFER_STATE b ) -{ - - if ( ! b ) - return; - - if ( b == YY_CURRENT_BUFFER ) /* Not sure if we should pop here. */ - YY_CURRENT_BUFFER_LVALUE = (YY_BUFFER_STATE) 0; - - if ( b->yy_is_our_buffer ) - yyfree((void *) b->yy_ch_buf ); - - yyfree((void *) b ); -} - -#ifndef __cplusplus -extern int isatty (int ); -#endif /* __cplusplus */ - -/* Initializes or reinitializes a buffer. - * This function is sometimes called more than once on the same buffer, - * such as during a yyrestart() or at EOF. - */ - static void yy_init_buffer (YY_BUFFER_STATE b, FILE * file ) - -{ - int oerrno = errno; - - yy_flush_buffer(b ); - - b->yy_input_file = file; - b->yy_fill_buffer = 1; - - /* If b is the current buffer, then yy_init_buffer was _probably_ - * called from yyrestart() or through yy_get_next_buffer. - * In that case, we don't want to reset the lineno or column. - */ - if (b != YY_CURRENT_BUFFER){ - b->yy_bs_lineno = 1; - b->yy_bs_column = 0; - } - - b->yy_is_interactive = file ? (isatty( fileno(file) ) > 0) : 0; - - errno = oerrno; -} - -/** Discard all buffered characters. On the next scan, YY_INPUT will be called. - * @param b the buffer state to be flushed, usually @c YY_CURRENT_BUFFER. - * - */ - void yy_flush_buffer (YY_BUFFER_STATE b ) -{ - if ( ! b ) - return; - - b->yy_n_chars = 0; - - /* We always need two end-of-buffer characters. The first causes - * a transition to the end-of-buffer state. The second causes - * a jam in that state. - */ - b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR; - b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR; - - b->yy_buf_pos = &b->yy_ch_buf[0]; - - b->yy_at_bol = 1; - b->yy_buffer_status = YY_BUFFER_NEW; - - if ( b == YY_CURRENT_BUFFER ) - yy_load_buffer_state( ); -} - -/** Pushes the new state onto the stack. The new state becomes - * the current state. This function will allocate the stack - * if necessary. - * @param new_buffer The new state. - * - */ -void yypush_buffer_state (YY_BUFFER_STATE new_buffer ) -{ - if (new_buffer == NULL) - return; - - yyensure_buffer_stack(); - - /* This block is copied from yy_switch_to_buffer. */ - if ( YY_CURRENT_BUFFER ) - { - /* Flush out information for old buffer. */ - *(yy_c_buf_p) = (yy_hold_char); - YY_CURRENT_BUFFER_LVALUE->yy_buf_pos = (yy_c_buf_p); - YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars); - } - - /* Only push if top exists. Otherwise, replace top. */ - if (YY_CURRENT_BUFFER) - (yy_buffer_stack_top)++; - YY_CURRENT_BUFFER_LVALUE = new_buffer; - - /* copied from yy_switch_to_buffer. */ - yy_load_buffer_state( ); - (yy_did_buffer_switch_on_eof) = 1; -} - -/** Removes and deletes the top of the stack, if present. - * The next element becomes the new top. - * - */ -void yypop_buffer_state (void) -{ - if (!YY_CURRENT_BUFFER) - return; - - yy_delete_buffer(YY_CURRENT_BUFFER ); - YY_CURRENT_BUFFER_LVALUE = NULL; - if ((yy_buffer_stack_top) > 0) - --(yy_buffer_stack_top); - - if (YY_CURRENT_BUFFER) { - yy_load_buffer_state( ); - (yy_did_buffer_switch_on_eof) = 1; - } -} - -/* Allocates the stack if it does not exist. - * Guarantees space for at least one push. - */ -static void yyensure_buffer_stack (void) -{ - int num_to_alloc; - - if (!(yy_buffer_stack)) { - - /* First allocation is just for 2 elements, since we don't know if this - * scanner will even need a stack. We use 2 instead of 1 to avoid an - * immediate realloc on the next call. - */ - num_to_alloc = 1; - (yy_buffer_stack) = (struct yy_buffer_state**)yyalloc - (num_to_alloc * sizeof(struct yy_buffer_state*) - ); - - memset((yy_buffer_stack), 0, num_to_alloc * sizeof(struct yy_buffer_state*)); - - (yy_buffer_stack_max) = num_to_alloc; - (yy_buffer_stack_top) = 0; - return; - } - - if ((yy_buffer_stack_top) >= ((yy_buffer_stack_max)) - 1){ - - /* Increase the buffer to prepare for a possible push. */ - int grow_size = 8 /* arbitrary grow size */; - - num_to_alloc = (yy_buffer_stack_max) + grow_size; - (yy_buffer_stack) = (struct yy_buffer_state**)yyrealloc - ((yy_buffer_stack), - num_to_alloc * sizeof(struct yy_buffer_state*) - ); - - /* zero only the new slots.*/ - memset((yy_buffer_stack) + (yy_buffer_stack_max), 0, grow_size * sizeof(struct yy_buffer_state*)); - (yy_buffer_stack_max) = num_to_alloc; - } -} - -/** Setup the input buffer state to scan directly from a user-specified character buffer. - * @param base the character buffer - * @param size the size in bytes of the character buffer - * - * @return the newly allocated buffer state object. - */ -YY_BUFFER_STATE yy_scan_buffer (char * base, yy_size_t size ) -{ - YY_BUFFER_STATE b; - - if ( size < 2 || - base[size-2] != YY_END_OF_BUFFER_CHAR || - base[size-1] != YY_END_OF_BUFFER_CHAR ) - /* They forgot to leave room for the EOB's. */ - return 0; - - b = (YY_BUFFER_STATE) yyalloc(sizeof( struct yy_buffer_state ) ); - if ( ! b ) - YY_FATAL_ERROR( "out of dynamic memory in yy_scan_buffer()" ); - - b->yy_buf_size = size - 2; /* "- 2" to take care of EOB's */ - b->yy_buf_pos = b->yy_ch_buf = base; - b->yy_is_our_buffer = 0; - b->yy_input_file = 0; - b->yy_n_chars = b->yy_buf_size; - b->yy_is_interactive = 0; - b->yy_at_bol = 1; - b->yy_fill_buffer = 0; - b->yy_buffer_status = YY_BUFFER_NEW; - - yy_switch_to_buffer(b ); - - return b; -} - -/** Setup the input buffer state to scan a string. The next call to yylex() will - * scan from a @e copy of @a str. - * @param str a NUL-terminated string to scan - * - * @return the newly allocated buffer state object. - * @note If you want to scan bytes that may contain NUL values, then use - * yy_scan_bytes() instead. - */ -YY_BUFFER_STATE yy_scan_string (yyconst char * yystr ) -{ - - return yy_scan_bytes(yystr,strlen(yystr) ); -} - -/** Setup the input buffer state to scan the given bytes. The next call to yylex() will - * scan from a @e copy of @a bytes. - * @param bytes the byte buffer to scan - * @param len the number of bytes in the buffer pointed to by @a bytes. - * - * @return the newly allocated buffer state object. - */ -YY_BUFFER_STATE yy_scan_bytes (yyconst char * yybytes, int _yybytes_len ) -{ - YY_BUFFER_STATE b; - char *buf; - yy_size_t n; - int i; - - /* Get memory for full buffer, including space for trailing EOB's. */ - n = _yybytes_len + 2; - buf = (char *) yyalloc(n ); - if ( ! buf ) - YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" ); - - for ( i = 0; i < _yybytes_len; ++i ) - buf[i] = yybytes[i]; - - buf[_yybytes_len] = buf[_yybytes_len+1] = YY_END_OF_BUFFER_CHAR; - - b = yy_scan_buffer(buf,n ); - if ( ! b ) - YY_FATAL_ERROR( "bad buffer in yy_scan_bytes()" ); - - /* It's okay to grow etc. this buffer, and we should throw it - * away when we're done. - */ - b->yy_is_our_buffer = 1; - - return b; -} - -#ifndef YY_EXIT_FAILURE -#define YY_EXIT_FAILURE 2 -#endif - -static void yy_fatal_error (yyconst char* msg ) -{ - (void) fprintf( stderr, "%s\n", msg ); - exit( YY_EXIT_FAILURE ); -} - -/* Redefine yyless() so it works in section 3 code. */ - -#undef yyless -#define yyless(n) \ - do \ - { \ - /* Undo effects of setting up yytext. */ \ - int yyless_macro_arg = (n); \ - YY_LESS_LINENO(yyless_macro_arg);\ - yytext[yyleng] = (yy_hold_char); \ - (yy_c_buf_p) = yytext + yyless_macro_arg; \ - (yy_hold_char) = *(yy_c_buf_p); \ - *(yy_c_buf_p) = '\0'; \ - yyleng = yyless_macro_arg; \ - } \ - while ( 0 ) - -/* Accessor methods (get/set functions) to struct members. */ - -/** Get the current line number. - * - */ -int yyget_lineno (void) -{ - - return yylineno; -} - -/** Get the input stream. - * - */ -FILE *yyget_in (void) -{ - return yyin; -} - -/** Get the output stream. - * - */ -FILE *yyget_out (void) -{ - return yyout; -} - -/** Get the length of the current token. - * - */ -int yyget_leng (void) -{ - return yyleng; -} - -/** Get the current token. - * - */ - -char *yyget_text (void) -{ - return yytext; -} - -/** Set the current line number. - * @param line_number - * - */ -void yyset_lineno (int line_number ) -{ - - yylineno = line_number; -} - -/** Set the input stream. This does not discard the current - * input buffer. - * @param in_str A readable stream. - * - * @see yy_switch_to_buffer - */ -void yyset_in (FILE * in_str ) -{ - yyin = in_str ; -} - -void yyset_out (FILE * out_str ) -{ - yyout = out_str ; -} - -int yyget_debug (void) -{ - return yy_flex_debug; -} - -void yyset_debug (int bdebug ) -{ - yy_flex_debug = bdebug ; -} - -static int yy_init_globals (void) -{ - /* Initialization is the same as for the non-reentrant scanner. - * This function is called from yylex_destroy(), so don't allocate here. - */ - - (yy_buffer_stack) = 0; - (yy_buffer_stack_top) = 0; - (yy_buffer_stack_max) = 0; - (yy_c_buf_p) = (char *) 0; - (yy_init) = 0; - (yy_start) = 0; - -/* Defined in main.c */ -#ifdef YY_STDINIT - yyin = stdin; - yyout = stdout; -#else - yyin = (FILE *) 0; - yyout = (FILE *) 0; -#endif - - /* For future reference: Set errno on error, since we are called by - * yylex_init() - */ - return 0; -} - -/* yylex_destroy is for both reentrant and non-reentrant scanners. */ -int yylex_destroy (void) -{ - - /* Pop the buffer stack, destroying each element. */ - while(YY_CURRENT_BUFFER){ - yy_delete_buffer(YY_CURRENT_BUFFER ); - YY_CURRENT_BUFFER_LVALUE = NULL; - yypop_buffer_state(); - } - - /* Destroy the stack itself. */ - yyfree((yy_buffer_stack) ); - (yy_buffer_stack) = NULL; - - /* Reset the globals. This is important in a non-reentrant scanner so the next time - * yylex() is called, initialization will occur. */ - yy_init_globals( ); - - return 0; -} - -/* - * Internal utility routines. - */ - -#ifndef yytext_ptr -static void yy_flex_strncpy (char* s1, yyconst char * s2, int n ) -{ - register int i; - for ( i = 0; i < n; ++i ) - s1[i] = s2[i]; -} -#endif - -#ifdef YY_NEED_STRLEN -static int yy_flex_strlen (yyconst char * s ) -{ - register int n; - for ( n = 0; s[n]; ++n ) - ; - - return n; -} -#endif - -void *yyalloc (yy_size_t size ) -{ - return (void *) malloc( size ); -} - -void *yyrealloc (void * ptr, yy_size_t size ) -{ - /* The cast to (char *) in the following accommodates both - * implementations that use char* generic pointers, and those - * that use void* generic pointers. It works with the latter - * because both ANSI C and C++ allow castless assignment from - * any pointer type to void*, and deal with argument conversions - * as though doing an assignment. - */ - return (void *) realloc( (char *) ptr, size ); -} - -void yyfree (void * ptr ) -{ - free( (char *) ptr ); /* see yyrealloc() for (char *) cast */ -} - -#define YYTABLES_NAME "yytables" - -#line 65 "slc-lex.l" - - - -void -error_message (const char *format, ...) -{ - va_list args; - - va_start (args, format); - fprintf (stderr, "%s:%d: ", filename, lineno); - vfprintf (stderr, format, args); - va_end (args); - error_flag++; -} - -void -yyerror (char *s) -{ - error_message("%s\n", s); -} - -static void -handle_comment(void) -{ - int c; - int start_lineno = lineno; - int level = 1; - int seen_star = 0; - int seen_slash = 0; - while((c = input()) != EOF) { - if(c == '/') { - if(seen_star) { - if(--level == 0) - return; - seen_star = 0; - continue; - } - seen_slash = 1; - continue; - } - if(seen_star && c == '/') { - if(--level == 0) - return; - seen_star = 0; - continue; - } - if(c == '*') { - if(seen_slash) { - level++; - seen_star = seen_slash = 0; - continue; - } - seen_star = 1; - continue; - } - seen_star = seen_slash = 0; - if(c == '\n') { - lineno++; - continue; - } - } - if(c == EOF) - error_message("unterminated comment, possibly started on line %d\n", start_lineno); -} - -static char * -handle_string(void) -{ - char x[1024]; - int i = 0; - int c; - int quote = 0; - while((c = input()) != EOF){ - if(quote) { - x[i++] = '\\'; - x[i++] = c; - quote = 0; - continue; - } - if(c == '\n'){ - error_message("unterminated string"); - lineno++; - break; - } - if(c == '\\'){ - quote++; - continue; - } - if(c == '\"') - break; - x[i++] = c; - } - x[i] = '\0'; - return strdup(x); -} - -int -yywrap () -{ - return 1; -} - diff --git a/crypto/heimdal/lib/sl/slc-lex.l b/crypto/heimdal/lib/sl/slc-lex.l deleted file mode 100644 index b810b12737b0..000000000000 --- a/crypto/heimdal/lib/sl/slc-lex.l +++ /dev/null @@ -1,164 +0,0 @@ -%{ -/* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: slc-lex.l 15118 2005-05-10 22:19:01Z lha $ */ - -#undef ECHO - -#include -#include -#include -#include -#include "slc.h" -#include "slc-gram.h" -unsigned lineno = 1; - -static void handle_comment(void); -static char * handle_string(void); - -#define YY_NO_UNPUT - -#undef ECHO - -%} -%% -[A-Za-z][-A-Za-z0-9_]* { - yylval.string = strdup ((const char *)yytext); - return LITERAL; - } -"\"" { yylval.string = handle_string(); return STRING; } -\n { ++lineno; } -\/\* { handle_comment(); } -[={}] { return *yytext; } -[ \t] ; -%% - -void -error_message (const char *format, ...) -{ - va_list args; - - va_start (args, format); - fprintf (stderr, "%s:%d: ", filename, lineno); - vfprintf (stderr, format, args); - va_end (args); - error_flag++; -} - -void -yyerror (char *s) -{ - error_message("%s\n", s); -} - -static void -handle_comment(void) -{ - int c; - int start_lineno = lineno; - int level = 1; - int seen_star = 0; - int seen_slash = 0; - while((c = input()) != EOF) { - if(c == '/') { - if(seen_star) { - if(--level == 0) - return; - seen_star = 0; - continue; - } - seen_slash = 1; - continue; - } - if(seen_star && c == '/') { - if(--level == 0) - return; - seen_star = 0; - continue; - } - if(c == '*') { - if(seen_slash) { - level++; - seen_star = seen_slash = 0; - continue; - } - seen_star = 1; - continue; - } - seen_star = seen_slash = 0; - if(c == '\n') { - lineno++; - continue; - } - } - if(c == EOF) - error_message("unterminated comment, possibly started on line %d\n", start_lineno); -} - -static char * -handle_string(void) -{ - char x[1024]; - int i = 0; - int c; - int quote = 0; - while((c = input()) != EOF){ - if(quote) { - x[i++] = '\\'; - x[i++] = c; - quote = 0; - continue; - } - if(c == '\n'){ - error_message("unterminated string"); - lineno++; - break; - } - if(c == '\\'){ - quote++; - continue; - } - if(c == '\"') - break; - x[i++] = c; - } - x[i] = '\0'; - return strdup(x); -} - -int -yywrap () -{ - return 1; -} diff --git a/crypto/heimdal/lib/sl/slc.h b/crypto/heimdal/lib/sl/slc.h deleted file mode 100644 index 2b05813e4b08..000000000000 --- a/crypto/heimdal/lib/sl/slc.h +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: slc.h 13969 2004-06-21 19:10:59Z joda $ */ -#include -#include -#include - -struct assignment { - char *name; - enum { a_value, a_assignment } type; - union { - char *value; - struct assignment *assignment; - } u; - unsigned int lineno; - struct assignment *next; -}; - -extern char *filename; -extern int error_flag; -void error_message (const char *format, ...); -int yylex(void); -void yyerror (char *s); -extern unsigned lineno; diff --git a/crypto/heimdal/lib/sl/ss.c b/crypto/heimdal/lib/sl/ss.c deleted file mode 100644 index f2f3cbc0a2a3..000000000000 --- a/crypto/heimdal/lib/sl/ss.c +++ /dev/null @@ -1,162 +0,0 @@ -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "sl_locl.h" -#include -#include "ss.h" - -RCSID("$Id: ss.c 15429 2005-06-16 19:24:11Z lha $"); - -struct ss_subst { - char *name; - char *version; - char *info; - ss_request_table *table; -}; - -static struct ss_subst subsystems[2]; -static int num_subsystems; - -int -ss_create_invocation(const char *subsystem, - const char *version, - const char *info, - ss_request_table *table, - int *code) -{ - struct ss_subst *ss; - - if(num_subsystems >= sizeof(subsystems) / sizeof(subsystems[0])) { - *code = 17; - return 0; - } - ss = &subsystems[num_subsystems]; - ss->name = ss->version = ss->info = NULL; - if (subsystem != NULL) { - ss->name = strdup (subsystem); - if (ss->name == NULL) { - *code = ENOMEM; - return 0; - } - } - if (version != NULL) { - ss->version = strdup (version); - if (ss->version == NULL) { - *code = ENOMEM; - return 0; - } - } - if (info != NULL) { - ss->info = strdup (info); - if (ss->info == NULL) { - *code = ENOMEM; - return 0; - } - } - ss->table = table; - *code = 0; - return num_subsystems++; -} - -void -ss_error (int idx, long code, const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - com_err_va (subsystems[idx].name, code, fmt, ap); - va_end(ap); -} - -void -ss_perror (int idx, long code, const char *msg) -{ - ss_error(idx, code, "%s", msg); -} - -int -ss_execute_command(int idx, char **argv) -{ - int argc = 0; - int ret; - - while(argv[argc++]); - ret = sl_command(subsystems[idx].table, argc, argv); - if (ret == SL_BADCOMMAND) - return SS_ET_COMMAND_NOT_FOUND; - return 0; -} - -int -ss_execute_line (int idx, const char *line) -{ - char *buf = strdup(line); - int argc; - char **argv; - int ret; - - if (buf == NULL) - return ENOMEM; - sl_make_argv(buf, &argc, &argv); - ret = sl_command(subsystems[idx].table, argc, argv); - free(buf); - if (ret == SL_BADCOMMAND) - return SS_ET_COMMAND_NOT_FOUND; - return 0; -} - -int -ss_listen (int idx) -{ - char *prompt = malloc(strlen(subsystems[idx].name) + 3); - if (prompt == NULL) - return ENOMEM; - - strcpy(prompt, subsystems[idx].name); - strcat(prompt, ": "); - sl_loop(subsystems[idx].table, prompt); - free(prompt); - return 0; -} - -int -ss_list_requests(int argc, char **argv /* , int idx, void *info */) -{ - sl_help(subsystems[0 /* idx */].table, argc, argv); - return 0; -} - -int -ss_quit(int argc, char **argv) -{ - return 1; -} diff --git a/crypto/heimdal/lib/sl/ss.h b/crypto/heimdal/lib/sl/ss.h deleted file mode 100644 index 15e1f88cb645..000000000000 --- a/crypto/heimdal/lib/sl/ss.h +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $Id: ss.h 8294 2000-05-25 00:15:21Z assar $ */ - -/* SS compatibility for SL */ - -#ifndef __ss_h__ -#define __ss_h__ - -#include - -typedef SL_cmd ss_request_table; - -int ss_create_invocation (const char *, const char *, const char*, - ss_request_table*, int*); - -void ss_error (int, long, const char*, ...); -int ss_execute_command (int, char**); -int ss_execute_line (int, const char*); -int ss_list_requests (int argc, char**); -int ss_listen (int); -void ss_perror (int, long, const char*); -int ss_quit (int argc, char**); - -#define SS_ET_COMMAND_NOT_FOUND (-1) - -#endif /* __ss_h__ */ diff --git a/crypto/heimdal/lib/sl/test_sl.c b/crypto/heimdal/lib/sl/test_sl.c deleted file mode 100644 index 06105591f4f3..000000000000 --- a/crypto/heimdal/lib/sl/test_sl.c +++ /dev/null @@ -1,97 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "sl_locl.h" - -RCSID("$Id: test_sl.c 19555 2006-12-28 23:40:17Z lha $"); - -struct { - int ok; - const char *line; - int argc; - const char *argv[4]; -} lines[] = { - { 1, "", 1, { "" } }, - { 1, "foo", 1, { "foo" } }, - { 1, "foo bar", 2, { "foo", "bar" }}, - { 1, "foo bar baz", 3, { "foo", "bar", "baz" }}, - { 1, "foobar baz", 2, { "foobar", "baz" }}, - { 1, " foo", 1, { "foo" } }, - { 1, "foo ", 1, { "foo" } }, - { 1, " foo ", 1, { "foo" } }, - { 1, " foo bar", 2, { "foo", "bar" } }, - { 1, "foo\\ bar", 1, { "foo bar" } }, - { 1, "\"foo bar\"", 1, { "foo bar" } }, - { 1, "\"foo\\ bar\"", 1, { "foo bar" } }, - { 1, "\"foo\\\" bar\"", 1, { "foo\" bar" } }, - { 1, "\"\"f\"\"oo\"\"", 1, { "foo" } }, - { 1, "\"foobar\"baz", 1, { "foobarbaz" }}, - { 1, "foo\tbar baz", 3, { "foo", "bar", "baz" }}, - { 1, "\"foo bar\" baz", 2, { "foo bar", "baz" }}, - { 1, "\"foo bar baz\"", 1, { "foo bar baz" }}, - { 1, "\\\"foo bar baz", 3, { "\"foo", "bar", "baz" }}, - { 1, "\\ foo bar baz", 3, { " foo", "bar", "baz" }}, - { 0, "\\", 0, { "" }}, - { 0, "\"", 0, { "" }} -}; - -int -main(int argc, char **argv) -{ - int ret, i; - - for (i = 0; i < sizeof(lines)/sizeof(lines[0]); i++) { - int j, rargc = 0; - char **rargv = NULL; - char *buf = strdup(lines[i].line); - - ret = sl_make_argv(buf, &rargc, &rargv); - if (ret) { - if (!lines[i].ok) - goto next; - errx(1, "sl_make_argv test %d failed", i); - } else if (!lines[i].ok) - errx(1, "sl_make_argv passed test %d when it shouldn't", i); - if (rargc != lines[i].argc) - errx(1, "result argc (%d) != should be argc (%d) for test %d", - rargc, lines[i].argc, i); - for (j = 0; j < rargc; j++) - if (strcmp(rargv[j], lines[i].argv[j]) != 0) - errx(1, "result argv (%s) != should be argv (%s) for test %d", - rargv[j], lines[i].argv[j], i); - next: - free(buf); - free(rargv); - } - - return 0; -} diff --git a/crypto/heimdal/lib/vers/ChangeLog b/crypto/heimdal/lib/vers/ChangeLog deleted file mode 100644 index 620823253a2d..000000000000 --- a/crypto/heimdal/lib/vers/ChangeLog +++ /dev/null @@ -1,74 +0,0 @@ -2007-10-16 Love Hörnquist Åstrand - - * Makefile.am: don't run local checks. - -2006-12-29 Love Hörnquist Åstrand - - * print_version.c: Update (c). - -2006-10-21 Love Hörnquist Åstrand - - * make-print-version.c: include - -2006-10-20 Love Hörnquist Åstrand - - * make-print-version.c: Avoid creating a file called --version. - -2006-10-19 Love Hörnquist Åstrand - - * Makefile.am: fix spelling of build_HEADERZ - -2006-10-07 Love Hörnquist Åstrand - - * Makefile.am: Add build_HEADERZ to EXTRA_DIST - -2005-01-01 Love Hörnquist Åstrand - - * print_version.c: Happy New Year - -2004-01-05 Love Hörnquist Åstrand - - * print_version.c: add year 2004 - -2003-01-02 Johan Danielsson - - * print_version.c: considerable clean up - - * make-print-version.c: make VERSIONLIST a string instead of an - array of strings - -2002-08-28 Assar Westerlund - - * Makefile.am (make_print_version_LDADD): do not hardcode -ldes, - use $(LIB_des) - -2002-08-19 Johan Danielsson - - * print_version.c: add bug-report message - -2002-05-20 Johan Danielsson - - * print_version.c: update year - -2001-08-24 Assar Westerlund - - * Makefile.am (make_print_version_LDADD): use = instead of += (be - nice to current automake) - -2001-04-21 Johan Danielsson - - * print_version.c: 2001 - -2001-01-31 Assar Westerlund - - * Makefile.am: remove -static turning this into a convenience - library - -2000-11-15 Assar Westerlund - - * Makefile.am: make the library static and don't install it - -2000-07-08 Assar Westerlund - - * make-print-version.c (heimdal_version, krb4_version): const-ize, - based on thorpej@netbsd.org's change to NetBSD diff --git a/crypto/heimdal/lib/vers/Makefile.am b/crypto/heimdal/lib/vers/Makefile.am deleted file mode 100644 index a3b6da6cdfe3..000000000000 --- a/crypto/heimdal/lib/vers/Makefile.am +++ /dev/null @@ -1,32 +0,0 @@ -# $Id: Makefile.am 21959 2007-10-16 13:25:59Z lha $ - -include $(top_srcdir)/Makefile.am.common - -CLEANFILES = print_version.h - -noinst_LTLIBRARIES = libvers.la - -build_HEADERZ = vers.h - -CHECK_LOCAL = no-check-local - -noinst_PROGRAMS = make-print-version - -if KRB4 -if KRB5 -## need to link with des here; otherwise, if krb4 is shared the link -## will fail with unresolved references -make_print_version_LDADD = $(LIB_krb4) $(LIB_hcrypto) -endif -endif - -libvers_la_SOURCES = print_version.c - -print_version.lo: print_version.h - -print_version.h: make-print-version$(EXEEXT) - ./make-print-version$(EXEEXT) print_version.h - -make-print-version.o: $(top_builddir)/include/version.h - -EXTRA_DIST = $(build_HEADERZ) diff --git a/crypto/heimdal/lib/vers/Makefile.in b/crypto/heimdal/lib/vers/Makefile.in deleted file mode 100644 index 4dbc9e05d3f9..000000000000 --- a/crypto/heimdal/lib/vers/Makefile.in +++ /dev/null @@ -1,781 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 21959 2007-10-16 13:25:59Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog -noinst_PROGRAMS = make-print-version$(EXEEXT) -subdir = lib/vers -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -LTLIBRARIES = $(noinst_LTLIBRARIES) -libvers_la_LIBADD = -am_libvers_la_OBJECTS = print_version.lo -libvers_la_OBJECTS = $(am_libvers_la_OBJECTS) -PROGRAMS = $(noinst_PROGRAMS) -make_print_version_SOURCES = make-print-version.c -make_print_version_OBJECTS = make-print-version.$(OBJEXT) -am__DEPENDENCIES_1 = -@KRB4_TRUE@@KRB5_TRUE@make_print_version_DEPENDENCIES = \ -@KRB4_TRUE@@KRB5_TRUE@ $(am__DEPENDENCIES_1) \ -@KRB4_TRUE@@KRB5_TRUE@ $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(libvers_la_SOURCES) make-print-version.c -DIST_SOURCES = $(libvers_la_SOURCES) make-print-version.c -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -CLEANFILES = print_version.h -noinst_LTLIBRARIES = libvers.la -build_HEADERZ = vers.h -CHECK_LOCAL = no-check-local -@KRB4_TRUE@@KRB5_TRUE@make_print_version_LDADD = $(LIB_krb4) $(LIB_hcrypto) -libvers_la_SOURCES = print_version.c -EXTRA_DIST = $(build_HEADERZ) -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps lib/vers/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps lib/vers/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -clean-noinstLTLIBRARIES: - -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) - @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done -libvers.la: $(libvers_la_OBJECTS) $(libvers_la_DEPENDENCIES) - $(LINK) $(libvers_la_OBJECTS) $(libvers_la_LIBADD) $(LIBS) - -clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -make-print-version$(EXEEXT): $(make_print_version_OBJECTS) $(make_print_version_DEPENDENCIES) - @rm -f make-print-version$(EXEEXT) - $(LINK) $(make_print_version_OBJECTS) $(make_print_version_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) all-local -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ - clean-noinstPROGRAMS mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-am check-local \ - clean clean-generic clean-libtool clean-noinstLTLIBRARIES \ - clean-noinstPROGRAMS ctags dist-hook distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am \ - install-data-hook install-dvi install-dvi-am install-exec \ - install-exec-am install-exec-hook install-html install-html-am \ - install-info install-info-am install-man install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -print_version.lo: print_version.h - -print_version.h: make-print-version$(EXEEXT) - ./make-print-version$(EXEEXT) print_version.h - -make-print-version.o: $(top_builddir)/include/version.h -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/lib/vers/make-print-version.c b/crypto/heimdal/lib/vers/make-print-version.c deleted file mode 100644 index 6601b040f070..000000000000 --- a/crypto/heimdal/lib/vers/make-print-version.c +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Copyright (c) 1998 - 2003 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: make-print-version.c 18765 2006-10-21 17:37:32Z lha $"); -#endif - -#include -#include - -#ifdef KRB5 -extern const char *heimdal_version; -#endif -#ifdef KRB4 -extern const char *krb4_version; -#endif -#include - -int -main(int argc, char **argv) -{ - FILE *f; - if(argc != 2) - return 1; - if (strcmp(argv[1], "--version") == 0) { - printf("some version"); - return 0; - } - f = fopen(argv[1], "w"); - if(f == NULL) - return 1; - fprintf(f, "#define VERSIONLIST \""); -#ifdef KRB5 - fprintf(f, "%s", heimdal_version); -#endif -#ifdef KRB4 -#ifdef KRB5 - fprintf(f, ", "); -#endif - fprintf(f, "%s", krb4_version); -#endif - fprintf(f, "\"\n"); - fclose(f); - return 0; -} diff --git a/crypto/heimdal/lib/vers/print_version.c b/crypto/heimdal/lib/vers/print_version.c deleted file mode 100644 index 325f3fa046ff..000000000000 --- a/crypto/heimdal/lib/vers/print_version.c +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 1998 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: print_version.c 22428 2008-01-13 09:58:05Z lha $"); -#endif -#include "roken.h" - -#include "print_version.h" - -void -print_version(const char *progname) -{ - const char *package_list = VERSIONLIST; - - if(progname == NULL) - progname = getprogname(); - - if(*package_list == '\0') - package_list = "no version information"; - fprintf(stderr, "%s (%s)\n", progname, package_list); - fprintf(stderr, "Copyright 1995-2008 Kungliga Tekniska Högskolan\n"); - fprintf(stderr, "Send bug-reports to %s\n", PACKAGE_BUGREPORT); -} diff --git a/crypto/heimdal/lib/vers/vers.h b/crypto/heimdal/lib/vers/vers.h deleted file mode 100644 index c079103124e2..000000000000 --- a/crypto/heimdal/lib/vers/vers.h +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: vers.h 8513 2000-07-01 19:47:36Z assar $ */ - -#ifndef __VERS_H__ -#define __VERS_H__ - -void print_version(const char *); - -#endif /* __VERS_H__ */ diff --git a/crypto/heimdal/ltconfig b/crypto/heimdal/ltconfig deleted file mode 100755 index 91907462a058..000000000000 --- a/crypto/heimdal/ltconfig +++ /dev/null @@ -1,2797 +0,0 @@ -#! /bin/sh - -# ltconfig - Create a system-specific libtool. -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001 -# Free Software Foundation, Inc. -# Originally by Gordon Matzigkeit , 1996 -# -# This file is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - -# A lot of this script is taken from autoconf-2.10. - -# Check that we are running under the correct shell. -SHELL=${CONFIG_SHELL-/bin/sh} -echo=echo -if test "X$1" = X--no-reexec; then - # Discard the --no-reexec flag, and continue. - shift -elif test "X$1" = X--fallback-echo; then - # Avoid inline document here, it may be left over - : -elif test "X`($echo '\t') 2>/dev/null`" = 'X\t'; then - # Yippee, $echo works! - : -else - # Restart under the correct shell. - exec "$SHELL" "$0" --no-reexec ${1+"$@"} -fi - -if test "X$1" = X--fallback-echo; then - # used as fallback echo - shift - cat </dev/null`} - case X$UNAME in - *-DOS) PATH_SEPARATOR=';' ;; - *) PATH_SEPARATOR=':' ;; - esac -fi - -# The HP-UX ksh and POSIX shell print the target directory to stdout -# if CDPATH is set. -if test "X${CDPATH+set}" = Xset; then CDPATH=:; export CDPATH; fi - -if test "X${echo_test_string+set}" != Xset; then - # find a string as large as possible, as long as the shell can cope with it - for cmd in 'sed 50q "$0"' 'sed 20q "$0"' 'sed 10q "$0"' 'sed 2q "$0"' 'echo test'; do - # expected sizes: less than 2Kb, 1Kb, 512 bytes, 16 bytes, ... - if (echo_test_string="`eval $cmd`") 2>/dev/null && - echo_test_string="`eval $cmd`" && - (test "X$echo_test_string" = "X$echo_test_string") 2>/dev/null; then - break - fi - done -fi - -if test "X`($echo '\t') 2>/dev/null`" = 'X\t' && - echo_testing_string=`($echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - : -else - # The Solaris, AIX, and Digital Unix default echo programs unquote - # backslashes. This makes it impossible to quote backslashes using - # echo "$something" | sed 's/\\/\\\\/g' - # - # So, first we look for a working echo in the user's PATH. - - IFS="${IFS= }"; save_ifs="$IFS"; IFS="${IFS}${PATH_SEPARATOR}" - for dir in $PATH /usr/ucb; do - if (test -f $dir/echo || test -f $dir/echo$ac_exeext) && - test "X`($dir/echo '\t') 2>/dev/null`" = 'X\t' && - echo_testing_string=`($dir/echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - echo="$dir/echo" - break - fi - done - IFS="$save_ifs" - - if test "X$echo" = Xecho; then - # We didn't find a better echo, so look for alternatives. - if test "X`(print -r '\t') 2>/dev/null`" = 'X\t' && - echo_testing_string=`(print -r "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - # This shell has a builtin print -r that does the trick. - echo='print -r' - elif (test -f /bin/ksh || test -f /bin/ksh$ac_exeext) && - test "X$CONFIG_SHELL" != X/bin/ksh; then - # If we have ksh, try running ltconfig again with it. - ORIGINAL_CONFIG_SHELL="${CONFIG_SHELL-/bin/sh}" - export ORIGINAL_CONFIG_SHELL - CONFIG_SHELL=/bin/ksh - export CONFIG_SHELL - exec "$CONFIG_SHELL" "$0" --no-reexec ${1+"$@"} - else - # Try using printf. - echo='printf %s\n' - if test "X`($echo '\t') 2>/dev/null`" = 'X\t' && - echo_testing_string=`($echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - # Cool, printf works - : - elif echo_testing_string=`("$ORIGINAL_CONFIG_SHELL" "$0" --fallback-echo '\t') 2>/dev/null` && - test "X$echo_testing_string" = 'X\t' && - echo_testing_string=`("$ORIGINAL_CONFIG_SHELL" "$0" --fallback-echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - CONFIG_SHELL="$ORIGINAL_CONFIG_SHELL" - export CONFIG_SHELL - SHELL="$CONFIG_SHELL" - export SHELL - echo="$CONFIG_SHELL $0 --fallback-echo" - elif echo_testing_string=`("$CONFIG_SHELL" "$0" --fallback-echo '\t') 2>/dev/null` && - test "X$echo_testing_string" = 'X\t' && - echo_testing_string=`("$CONFIG_SHELL" "$0" --fallback-echo "$echo_test_string") 2>/dev/null` && - test "X$echo_testing_string" = "X$echo_test_string"; then - echo="$CONFIG_SHELL $0 --fallback-echo" - else - # maybe with a smaller string... - prev=: - - for cmd in 'echo test' 'sed 2q "$0"' 'sed 10q "$0"' 'sed 20q "$0"' 'sed 50q "$0"'; do - if (test "X$echo_test_string" = "X`eval $cmd`") 2>/dev/null; then - break - fi - prev="$cmd" - done - - if test "$prev" != 'sed 50q "$0"'; then - echo_test_string=`eval $prev` - - export echo_test_string - exec "${ORIGINAL_CONFIG_SHELL-${CONFIG_SHELL-/bin/sh}}" "$0" ${1+"$@"} - else - # Oops. We lost completely, so just stick with echo. - echo=echo - fi - fi - fi - fi -fi - -# Sed substitution that helps us do robust quoting. It backslashifies -# metacharacters that are still active within double-quoted strings. -Xsed='sed -e s/^X//' -sed_quote_subst='s/\([\\"\\`$\\\\]\)/\\\1/g' - -# Same as above, but do not quote variable references. -double_quote_subst='s/\([\\"\\`\\\\]\)/\\\1/g' - -# Sed substitution to delay expansion of an escaped shell variable in a -# double_quote_subst'ed string. -delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g' - -# The name of this program. -progname=`$echo "X$0" | $Xsed -e 's%^.*/%%'` - -# Constants: -PROGRAM=ltconfig -PACKAGE=libtool -VERSION=1.4a -TIMESTAMP=" (1.641.2.255 2001/05/22 10:39:30)" -ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5' -ac_link='${CC-cc} -o conftest $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' -rm="rm -f" - -help="Try \`$progname --help' for more information." - -# Global variables: -default_ofile=libtool -can_build_shared=yes -enable_shared=yes -# All known linkers require a `.a' archive for static linking (except M$VC, -# which needs '.lib'). -enable_static=yes -enable_fast_install=yes -enable_dlopen=unknown -enable_win32_dll=no -pic_mode=default -ltmain= -silent= -srcdir= -ac_config_guess= -ac_config_sub= -host= -build=NONE -nonopt=NONE -ofile="$default_ofile" -verify_host=yes -tagname= -with_gcc=no -with_gnu_ld=no -need_locks=yes -ac_ext=c -libext=a -cache_file= -max_cmd_len= - -## Dependencies to place before and after the object being linked: -predep_objects= -postdep_objects= -predeps= -postdeps= -compiler_lib_search_path= - -## Link characteristics: -allow_undefined_flag= -no_undefined_flag= -need_lib_prefix=unknown -need_version=unknown -# when you set need_version to no, make sure it does not cause -set_version -# flags to be left without arguments -archive_cmds= -archive_expsym_cmds= -old_archive_from_new_cmds= -old_archive_from_expsyms_cmds= -striplib= -old_striplib= -export_dynamic_flag_spec= -whole_archive_flag_spec= -thread_safe_flag_spec= -hardcode_into_libs=no -hardcode_libdir_flag_spec= -hardcode_libdir_separator= -hardcode_direct=no -hardcode_minus_L=no -hardcode_shlibpath_var=unsupported -runpath_var= -link_all_deplibs=unknown -always_export_symbols=no -export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | sed '\''s/.* //'\'' | sort | uniq > $export_symbols' -# include_expsyms should be a list of space-separated symbols to be *always* -# included in the symbol list -include_expsyms= -# exclude_expsyms can be an egrep regular expression of symbols to exclude -# it will be wrapped by ` (' and `)$', so one must not match beginning or -# end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc', -# as well as any symbol that contains `d'. -exclude_expsyms="_GLOBAL_OFFSET_TABLE_" -# Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out -# platforms (ab)use it in PIC code, but their linkers get confused if -# the symbol is explicitly referenced. Since portable code cannot -# rely on this symbol name, it's probably fine to never include it in -# preloaded symbol tables. -extract_expsyms_cmds= - -## Tools: -old_AR="$AR" -old_AR_FLAGS="$AR_FLAGS" -old_CC="$CC" -old_CFLAGS="$CFLAGS" -old_CPPFLAGS="$CPPFLAGS" -old_LDFLAGS="$LDFLAGS" -old_LIBS="$LIBS" -old_MAGIC_CMD="$MAGIC_CMD" -old_LD="$LD" -old_LN_S="$LN_S" -old_LTCC="$LTCC" -old_NM="$NM" -old_RANLIB="$RANLIB" -old_STRIP="$STRIP" -old_AS="$AS" -old_DLLTOOL="$DLLTOOL" -old_OBJDUMP="$OBJDUMP" -old_OBJEXT="$OBJEXT" -old_EXEEXT="$EXEEXT" -old_reload_flag="$reload_flag" -old_deplibs_check_method="$deplibs_check_method" -old_file_magic_cmd="$file_magic_cmd" - -# Parse the command line options. -args= -prev= -for option -do - case $option in - -*=*) optarg=`echo "$option" | sed 's/[-_a-zA-Z0-9]*=//'` ;; - *) optarg= ;; - esac - - # If the previous option needs an argument, assign it. - if test -n "$prev"; then - eval "$prev=\$option" - prev= - continue - fi - - case $option in - --help) cat <&2 - echo "$help" 1>&2 - exit 1 - ;; - - *) - if test -z "$ltmain"; then - ltmain="$option" - elif test -z "$host"; then -# This generates an unnecessary warning for sparc-sun-solaris4.1.3_U1 -# if test -n "`echo $option| sed 's/[-a-z0-9.]//g'`"; then -# echo "$progname: warning \`$option' is not a valid host type" 1>&2 -# fi - host="$option" - else - echo "$progname: too many arguments" 1>&2 - echo "$help" 1>&2 - exit 1 - fi ;; - esac -done - -if test -z "$ltmain"; then - echo "$progname: you must specify a LTMAIN file" 1>&2 - echo "$help" 1>&2 - exit 1 -fi - -if test ! -f "$ltmain"; then - echo "$progname: \`$ltmain' does not exist" 1>&2 - echo "$help" 1>&2 - exit 1 -fi - -if test -n "$tagname"; then - # Check whether tagname contains only valid characters - case `$echo "X$tagname" | $Xsed -e 's/[-_ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890,/]//g'` in - "") ;; - *) - echo "$progname: invalid tag name: $tagname" 1>&2 - exit 1 - ;; - esac - - if grep "^### BEGIN LIBTOOL TAG CONFIG: $tagname$" < "$ofile" > /dev/null; then - echo "$progname: tag name $tagname already exists" 1>&2 - exit 1 - fi - - if test ! -f "$ofile"; then - echo "$progname: warning: output file \`$ofile' does not exist" 1>&2 - fi - - if test -z "$LTCC"; then - eval "`$SHELL $ofile --config | grep '^LTCC='`" - if test -z "$LTCC"; then - echo "$progname: warning: output file \`$ofile' does not look like a libtool script" 1>&2 - else - echo "$progname: warning: using \`LTCC=$LTCC', extracted from \`$ofile'" 1>&2 - fi - fi -fi - -# Quote any args containing shell metacharacters. -ltconfig_args= -for arg -do - case $arg in - *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?]*) - ltconfig_args="$ltconfig_args '$arg'" ;; - *) ltconfig_args="$ltconfig_args $arg" ;; - esac -done - -# A relevant subset of AC_INIT. - -# File descriptor usage: -# 0 standard input -# 1 file creation -# 2 errors and warnings -# 3 some systems may open it to /dev/tty -# 4 used on the Kubota Titan -# 5 compiler messages saved in config.log -# 6 checking for... messages and results -if test "$silent" = yes; then - exec 6>/dev/null -else - exec 6>&1 -fi -exec 5>>./config.log - -# NLS nuisances. -# Only set LANG and LC_ALL to C if already set. -# These must not be set unconditionally because not all systems understand -# e.g. LANG=C (notably SCO). -if test "X${LC_ALL+set}" = Xset; then LC_ALL=C; export LC_ALL; fi -if test "X${LANG+set}" = Xset; then LANG=C; export LANG; fi - -if test -n "$cache_file" && test -r "$cache_file" && test -f "$cache_file"; then - echo "loading cache $cache_file within ltconfig" - . $cache_file -fi - -if (echo "testing\c"; echo 1,2,3) | grep c >/dev/null; then - # Stardent Vistra SVR4 grep lacks -e, says ghazi@caip.rutgers.edu. - if (echo -n testing; echo 1,2,3) | sed s/-n/xn/ | grep xn >/dev/null; then - ac_n= ac_c=' -' ac_t=' ' - else - ac_n=-n ac_c= ac_t= - fi -else - ac_n= ac_c='\c' ac_t= -fi - -if test -z "$srcdir"; then - # Assume the source directory is the same one as the path to LTMAIN. - srcdir=`$echo "X$ltmain" | $Xsed -e 's%/[^/]*$%%'` - test "$srcdir" = "$ltmain" && srcdir=. -fi - -trap "$rm conftest*; exit 1" 1 2 15 -if test "$verify_host" = yes; then - # Check for config.guess and config.sub. - ac_aux_dir= - for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do - if test -f $ac_dir/config.guess; then - ac_aux_dir=$ac_dir - break - fi - done - if test -z "$ac_aux_dir"; then - echo "$progname: cannot find config.guess in $srcdir $srcdir/.. $srcdir/../.." 1>&2 - echo "$help" 1>&2 - exit 1 - fi - ac_config_guess=$ac_aux_dir/config.guess - ac_config_sub=$ac_aux_dir/config.sub - - # Make sure we can run config.sub. - if $SHELL $ac_config_sub sun4 >/dev/null 2>&1; then : - else - echo "$progname: cannot run $ac_config_sub" 1>&2 - echo "$help" 1>&2 - exit 1 - fi - - echo $ac_n "checking host system type""... $ac_c" 1>&6 - - host_alias=$host - case $host_alias in - "") - # Force config.guess to use the C compiler. - # CC_FOR_BUILD overrides the CC variable in config.guess but I had - # problems with it so do it this way for now. - CC="$LTCC" - - if host_alias=`$SHELL $ac_config_guess`; then : - else - echo "$progname: cannot guess host type; you must specify one" 1>&2 - echo "$help" 1>&2 - exit 1 - fi - - # Restore the C compiler. - CC="$old_CC" - ;; - esac - host=`$SHELL $ac_config_sub $host_alias` - echo "$ac_t$host" 1>&6 - - # Make sure the host verified. - test -z "$host" && exit 1 - - # Check for the build system type - echo $ac_n "checking build system type... $ac_c" 1>&6 - - build_alias=$build - case $build_alias in - NONE) - case $nonopt in - NONE) build_alias=$host_alias ;; - *) build_alias=$nonopt ;; - esac ;; - esac - - build=`$SHELL $ac_config_sub $build_alias` - build_cpu=`echo $build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'` - build_vendor=`echo $build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'` - build_os=`echo $build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'` - echo "$ac_t""$build" 1>&6 - -elif test -z "$host"; then - echo "$progname: you must specify a host type if you use \`--no-verify'" 1>&2 - echo "$help" 1>&2 - exit 1 -else - host_alias=$host - build_alias=$host_alias - build=$host -fi - -if test x"$host" != x"$build"; then - ac_tool_prefix=${host_alias}- -else - ac_tool_prefix= -fi - -host_cpu=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'` -host_vendor=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'` -host_os=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'` - -# Transform linux* to *-*-linux-gnu*, to support old configure scripts. -case $host_os in -linux-gnu*) ;; -linux*) host=`echo $host | sed 's/^\(.*-.*-linux\)\(.*\)$/\1-gnu\2/'` -esac - -case $host_os in -aix3*) - # AIX sometimes has problems with the GCC collect2 program. For some - # reason, if we set the COLLECT_NAMES environment variable, the problems - # vanish in a puff of smoke. - if test "X${COLLECT_NAMES+set}" != Xset; then - COLLECT_NAMES= - export COLLECT_NAMES - fi - ;; -esac - -# Determine commands to create old-style static archives. -old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs$old_deplibs' -old_postinstall_cmds='chmod 644 $oldlib' -old_postuninstall_cmds= - -if test -n "$RANLIB"; then - old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib" - old_postinstall_cmds="\$RANLIB \$oldlib~$old_postinstall_cmds" -fi - -# Source the script associated with the $tagname tag configuration. -if test -n "$tagname"; then - . $ltmain -else - # FIXME: We should use a variable here - # Configure for a C compiler - . $srcdir/ltcf-c.sh -fi - -# Set sane defaults for various variables -test -z "$AR" && AR=ar -test -z "$AR_FLAGS" && AR_FLAGS=cru -test -z "$AS" && AS=as -test -z "$CC" && CC=cc -test -z "$DLLTOOL" && DLLTOOL=dlltool -test -z "$MAGIC_CMD" && MAGIC_CMD=file -test -z "$LD" && LD=ld -test -z "$LN_S" && LN_S="ln -s" -test -z "$NM" && NM=nm -test -z "$OBJDUMP" && OBJDUMP=objdump -test -z "$RANLIB" && RANLIB=: -test -z "$STRIP" && STRIP=: -test -z "$objext" && objext=o - -echo $ac_n "checking for objdir... $ac_c" 1>&6 -rm -f .libs 2>/dev/null -mkdir .libs 2>/dev/null -if test -d .libs; then - objdir=.libs -else - # MS-DOS does not allow filenames that begin with a dot. - objdir=_libs -fi -rmdir .libs 2>/dev/null -echo "$ac_t$objdir" 1>&6 - -# If no C compiler was specified, use CC. -LTCC=${LTCC-"$CC"} - -# Allow CC to be a program name with arguments. -set dummy $CC -compiler="$2" - -# We assume here that the value for ac_cv_prog_cc_pic will not be cached -# in isolation, and that seeing it set (from the cache) indicates that -# the associated values are set (in the cache) correctly too. -echo $ac_n "checking for $compiler option to produce PIC... $ac_c" 1>&6 -echo "$progname:678:checking for $compiler option to produce PIC" 1>&5 - -if test -z "$ac_cv_prog_cc_pic"; then - echo "$ac_t"none 1>&6 -else - echo "$ac_t""$ac_cv_prog_cc_pic" 1>&6 - - # Check to make sure the pic_flag actually works. - echo $ac_n "checking if $compiler PIC flag $ac_cv_prog_cc_pic works... $ac_c" 1>&6 - echo "$progname:687:checking that $compiler PIC flag $ac_cv_prog_cc_pic works." 1>&5 - if test "X${ac_cv_prog_cc_pic_works+set}" = Xset && \ - test "X${ac_cv_prog_cc_pic_works}" != X; then - echo $ac_n "(cached) $ac_c" 1>&6 - else - ac_cv_prog_cc_pic_works=yes - $rm conftest* - echo $lt_simple_compile_test_code > conftest.$ac_ext - save_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $ac_cv_prog_cc_pic -DPIC" - if { (eval echo $progname:697: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>conftest.err; } && test -s conftest.$objext; then - # Append any warnings to the config.log. - cat conftest.err 1>&5 - - case $host_os in - hpux9* | hpux10* | hpux11*) - # On HP-UX, both CC and GCC only warn that PIC is supported... then - # they create non-PIC objects. So, if there were any warnings, we - # assume that PIC is not supported. - if test -s conftest.err; then - ac_cv_prog_cc_pic_works=no - ac_cv_prog_cc_can_build_shared=no - ac_cv_prog_cc_pic= - else - ac_cv_prog_cc_pic_works=yes - ac_cv_prog_cc_pic=" $ac_cv_prog_cc_pic" - fi - ;; - *) - ac_cv_prog_cc_pic_works=yes - ac_cv_prog_cc_pic=" $ac_cv_prog_cc_pic" - ;; - esac - else - # Append any errors to the config.log. - cat conftest.err 1>&5 - ac_cv_prog_cc_pic_works=no - ac_cv_prog_cc_can_build_shared=no - ac_cv_prog_cc_pic= - fi - CFLAGS="$save_CFLAGS" - $rm conftest* - fi - # Belt *and* braces to stop my trousers falling down: - if test "X$ac_cv_prog_cc_pic_works" = Xno; then - ac_cv_prog_cc_pic= - ac_cv_prog_cc_can_build_shared=no - fi - echo "$ac_t""$ac_cv_prog_cc_pic_works" 1>&6 -fi - -# Check for any special shared library compilation flags. -if test -n "$ac_cv_prog_cc_shlib"; then - echo "$progname: warning: \`$CC' requires \`$ac_cv_prog_cc_shlib' to build shared libraries" 1>&2 - if echo "$old_CC $old_CFLAGS " | egrep -e "[ ]$ac_cv_prog_cc_shlib[ ]" >/dev/null; then : - else - echo "$progname: add \`$ac_cv_prog_cc_shlib' to the CC or CFLAGS env variable and reconfigure" 1>&2 - ac_cv_prog_cc_can_build_shared=no - fi -fi - -echo $ac_n "checking if $compiler static flag $ac_cv_prog_cc_static works... $ac_c" 1>&6 -echo "$progname:749: checking if $compiler static flag $ac_cv_prog_cc_static works" >&5 -if test "X${ac_cv_prog_cc_static_works+set}" = Xset && \ - test "X${ac_cv_prog_cc_static_works}" != X; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - $rm conftest* - echo $lt_simple_link_test_code > conftest.$ac_ext - save_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS $ac_cv_prog_cc_static" - if { (eval echo $progname:758: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then - ac_cv_prog_cc_static_works=yes - else - ac_cv_prog_cc_static_works=no - ac_cv_prog_cc_static= - fi - LDFLAGS="$save_LDFLAGS" - $rm conftest* -fi -# Belt *and* braces to stop my trousers falling down: -if test "X$ac_cv_prog_cc_static_works" = Xno; then - ac_cv_prog_cc_static= -fi -echo "$ac_t""$ac_cv_prog_cc_static_works" 1>&6 -pic_flag="$ac_cv_prog_cc_pic" -special_shlib_compile_flags="$ac_cv_prog_cc_shlib" -wl="$ac_cv_prog_cc_wl" -link_static_flag="$ac_cv_prog_cc_static" -no_builtin_flag="$ac_cv_prog_cc_no_builtin" -can_build_shared="$ac_cv_prog_cc_can_build_shared" - -# find the maximum length of command line arguments -echo "$progname:780: finding the maximum length of command line arguments" 1>&5 -echo $ac_n "finding the maximum length of command line arguments... $ac_c" 1>&6 -if test "${lt_cv_sys_max_cmd_len+set}" = set; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - i=0 - testring="ABCD" - # If test is not a shell built-in, we'll probably end up computing a - # maximum length that is only half of the actual maximum length, but - # we can't tell. - while test "X"`$CONFIG_SHELL $0 --fallback-echo "X$testring" 2>/dev/null` \ - = "XX$testring" && - new_result=`expr "X$testring" : ".*" 2>&1` && - lt_cv_sys_max_cmd_len=$new_result && - test $i != 18 # 1 MB should be enough - do - i=`expr $i + 1` - testring=$testring$testring - done - testring= - # add a significant safety factor because C++ compilers can tack on massive amounts - # of additional arguments before passing them to the linker. 1/4 should be good. - len=`expr $lt_cv_sys_max_cmd_len \/ 4` - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len - $len` -fi -echo "$progname:@lineno@: result: $lt_cv_sys_max_cmd_len" 1>&5 -echo "${ac_t}$lt_cv_sys_max_cmd_len" 1>&6 - -if test -n $lt_cv_sys_max_cmd_len ; then - max_cmd_len=$lt_cv_sys_max_cmd_len -else - max_cmd_len=none -fi - -# Check to see if options -o and -c are simultaneously supported by compiler -echo $ac_n "checking if $compiler supports -c -o file.$objext... $ac_c" 1>&6 -if test "${lt_cv_compiler_c_o+set}" = set; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - $rm -r conftest 2>/dev/null - mkdir conftest - cd conftest - $rm conftest* - echo $lt_simple_compile_test_code > conftest.$ac_ext - mkdir out - # According to Tom Tromey, Ian Lance Taylor reported there are C compilers - # that will create temporary files in the current directory regardless of - # the output directory. Thus, making CWD read-only will cause this test - # to fail, enabling locking or at least warning the user not to do parallel - # builds. - chmod -w . - save_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -o out/conftest2.$objext" - echo "$progname:833: checking if $compiler supports -c -o file.$objext" >&5 - if { (eval echo $progname:834: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>out/conftest.err; } && test -s out/conftest2.$objext; then - - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings - if test -s out/conftest.err; then - lt_cv_compiler_c_o=no - else - lt_cv_compiler_c_o=yes - fi - else - # Append any errors to the config.log. - cat out/conftest.err 1>&5 - lt_cv_compiler_c_o=no - fi - CFLAGS="$save_CFLAGS" - chmod u+w . - $rm conftest* out/* - rmdir out - cd .. - rmdir conftest - $rm -r conftest 2>/dev/null -fi -compiler_c_o=$lt_cv_compiler_c_o -echo "${ac_t}$compiler_c_o" 1>&6 - -# Check to see if we can do hard links to lock some files if needed -hard_links="nottested" -if test "$compiler_c_o" = no && test "$need_locks" != no; then - # do not overwrite the value of need_locks provided by the user - echo $ac_n "checking if we can lock with hard links... $ac_c" 1>&6 - hard_links=yes - $rm conftest* - ln conftest.a conftest.b 2>/dev/null && hard_links=no - touch conftest.a - ln conftest.a conftest.b 2>&5 || hard_links=no - ln conftest.a conftest.b 2>/dev/null && hard_links=no - echo "$ac_t$hard_links" 1>&6 - $rm conftest* - if test "$hard_links" = no; then - echo "*** WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2 - need_locks=warn - fi -else - need_locks=no -fi - -if test "$with_gcc" = yes; then - # Check to see if options -fno-rtti -fno-exceptions are supported by compiler - echo $ac_n "checking if $compiler supports -fno-rtti -fno-exceptions ... $ac_c" 1>&6 - $rm conftest* - echo $lt_simple_compile_test_code > conftest.$ac_ext - save_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -fno-rtti -fno-exceptions -c conftest.$ac_ext" - echo "$progname:887: checking if $compiler supports -fno-rtti -fno-exceptions" >&5 - if { (eval echo $progname:888: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>conftest.err; } && test -s conftest.$objext; then - - # The compiler can only warn and ignore the option if not recognized - # So say no if there are warnings - if test -s conftest.err; then - echo "$ac_t"no 1>&6 - compiler_rtti_exceptions=no - else - echo "$ac_t"yes 1>&6 - compiler_rtti_exceptions=yes - fi - else - # Append any errors to the config.log. - cat conftest.err 1>&5 - compiler_rtti_exceptions=no - echo "$ac_t"no 1>&6 - fi - CFLAGS="$save_CFLAGS" - $rm conftest* - - if test "$compiler_rtti_exceptions" = "yes"; then - no_builtin_flag=' -fno-builtin -fno-rtti -fno-exceptions' - else - no_builtin_flag=' -fno-builtin' - fi - -fi - -# See if the linker supports building shared libraries. -echo $ac_n "checking whether the linker ($LD) supports shared libraries... $ac_c" 1>&6 - -echo "$ac_t$ld_shlibs" 1>&6 -test "$ld_shlibs" = no && can_build_shared=no - -# Check hardcoding attributes. -echo $ac_n "checking how to hardcode library paths into programs... $ac_c" 1>&6 -hardcode_action= -if test -n "$hardcode_libdir_flag_spec" || \ - test -n "$runpath_var"; then - - # We can hardcode non-existant directories. - if test "$hardcode_direct" != no && - # If the only mechanism to avoid hardcoding is shlibpath_var, we - # have to relink, otherwise we might link with an installed library - # when we should be linking with a yet-to-be-installed one - ## test "$hardcode_shlibpath_var" != no && - test "$hardcode_minus_L" != no; then - # Linking always hardcodes the temporary library directory. - hardcode_action=relink - else - # We can link without hardcoding, and we can hardcode nonexisting dirs. - hardcode_action=immediate - fi -else - # We cannot hardcode anything, or else we can only hardcode existing - # directories. - hardcode_action=unsupported -fi -echo "$ac_t$hardcode_action" 1>&6 - -echo $ac_n "checking whether stripping libraries is possible... $ac_c" 1>&6 -if test -n "$STRIP" && $STRIP -V 2>&1 | grep "GNU strip" >/dev/null; then - test -z "$old_striplib" && old_striplib="$STRIP --strip-debug" - test -z "$striplib" && striplib="$STRIP --strip-unneeded" - echo "${ac_t}yes" 1>&6 -else - echo "${ac_t}no" 1>&6 -fi - -case $reload_flag in -"" | " "*) ;; -*) reload_flag=" $reload_flag" ;; -esac -reload_cmds='$LD$reload_flag -o $output$reload_objs' -test -z "$deplibs_check_method" && deplibs_check_method=unknown - -# PORTME Fill in your ld.so characteristics -library_names_spec= -libname_spec='lib$name' -soname_spec= -postinstall_cmds= -postuninstall_cmds= -finish_cmds= -finish_eval= -shlibpath_var= -shlibpath_overrides_runpath=unknown -version_type=none -dynamic_linker="$host_os ld.so" -sys_lib_dlsearch_path_spec="/lib /usr/lib" -sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib" - -echo $ac_n "checking dynamic linker characteristics... $ac_c" 1>&6 -case $host_os in -aix3*) - version_type=linux - library_names_spec='${libname}${release}.so$versuffix $libname.a' - shlibpath_var=LIBPATH - - # AIX 3 has no versioning support, so we append a major version to the name. - soname_spec='${libname}${release}.so$major' - ;; - -aix4* | aix5*) - if test "$host_cpu" = ia64; then - # AIX 5 supports IA64 - library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major $libname.so' - shlibpath_var=LD_LIBRARY_PATH - else - # AIX (on Power*) has no versioning support, so currently we can not hardcode correct - # soname into executable. Probably we can add versioning support to - # collect2, so additional links can be useful in future. - # We preserve .a as extension for shared libraries though AIX4.2 - # and later linker supports .so - if test "$aix_use_runtimelinking" = yes; then - # If using run time linking (on AIX 4.2 or later) use lib.so instead of - # lib.a to let people know that these are not typical AIX shared libraries. - library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major $libname.so' - else - # We preserve .a as extension for shared libraries though AIX4.2 - # and later when we are not doing run time linking. - library_names_spec='${libname}${release}.a $libname.a' - soname_spec='${libname}${release}.so$major.o' - fi - # If we're using GNU nm, then we don't want the "-C" option. - # -C means demangle to AIX nm, but means don't demangle with GNU nm - if $NM -V 2>&1 | egrep '(GNU)' > /dev/null; then - export_symbols_cmds='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols' - else - export_symbols_cmds='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$2 == "T") || (\$2 == "D") || (\$2 == "B")) && (substr(\$3,1,1) != ".")) { print \$3 } }'\'' | sort -u > $export_symbols' - fi - shlibpath_var=LIBPATH - deplibs_check_method=pass_all - case $host_os in - aix4 | aix4.[01] | aix4.[01].*) - if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)' - echo ' yes ' - echo '#endif'; } | ${CC} -E - | grep yes > /dev/null; then - : - else - # With GCC up to 2.95.x, collect2 would create an import file - # for dependence libraries. The import file would start with - # the line `#! .'. This would cause the generated library to - # depend on `.', always an invalid library. This was fixed in - # development snapshots of GCC prior to 3.0. - can_build_shared=no - fi - ;; - esac - fi - ;; - -amigaos*) - library_names_spec='$libname.ixlibrary $libname.a' - # Create ${libname}_ixlibrary.a entries in /sys/libs. - finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$echo "X$lib" | $Xsed -e '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $rm /sys/libs/${libname}_ixlibrary.a; $show "(cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a)"; (cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a) || exit 1; done' - ;; - -beos*) - library_names_spec='${libname}.so' - dynamic_linker="$host_os ld.so" - shlibpath_var=LIBRARY_PATH - lt_cv_dlopen="load_add_on" - lt_cv_dlopen_libs= - lt_cv_dlopen_self=yes - ;; - -bsdi4*) - version_type=linux - need_version=no - library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major $libname.so' - soname_spec='${libname}${release}.so$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib" - sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib" - export_dynamic_flag_spec=-rdynamic - # the default ld.so.conf also contains /usr/contrib/lib and - # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow - # libtool to hard-code these into programs - ;; - -cygwin* | mingw* | pw32*) - version_type=windows - need_version=no - need_lib_prefix=no - case $with_gcc,$host_os in - yes,cygwin*) - library_names_spec='$libname.dll.a' - soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | [sed -e 's/[.]/-/g']`${versuffix}.dll' - postinstall_cmds='dlpath=`bash 2>&1 -c '\''. $dir/${file}i; echo \$dlname'\''`~ - dldir=$destdir/`dirname \$dlpath`~ - test -d \$dldir || mkdir -p \$dldir~ - $install_prog .libs/$dlname \$dldir/$dlname' - postuninstall_cmds='dldll=`bash 2>&1 -c '\''. $file; echo \$dlname'\''`~ - dlpath=$dir/\$dldll; $rm \$dlpath' - ;; - yes,mingw*) - library_names_spec='${libname}`echo ${release} | sed -e 's/[.]/-/g'`${versuffix}.dll' - sys_lib_search_path_spec=`$CC -print-search-dirs | grep "^libraries:" | sed -e "s/^libraries://" -e "s/;/ /g"` - ;; - yes,pw32*) - library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | sed -e 's/[.]/-/g'`${versuffix}.dll' -;; - *) - library_names_spec='${libname}`echo ${release} | sed -e 's/[.]/-/g'`${versuffix}.dll $libname.lib' - ;; - esac - dynamic_linker='Win32 ld.exe' - # FIXME: first we should search . and the directory the executable is in - shlibpath_var=PATH - lt_cv_dlopen="LoadLibrary" - lt_cv_dlopen_libs= - ;; - -darwin* | rhapsody*) - dynamic_linker="$host_os dyld" - version_type=darwin - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${versuffix}.`test .$module = .yes && echo so || echo dylib` ${libname}${release}${major}.`test .$module = .yes && echo so || echo dylib` ${libname}.`test .$module = .yes && echo so || echo dylib`' - soname_spec='${libname}${release}${major}.`test .$module = .yes && echo so || echo dylib`' - shlibpath_overrides_runpath=yes - shlibpath_var=DYLD_LIBRARY_PATH - ;; - -freebsd1*) - dynamic_linker=no - ;; - -freebsd*) - objformat=`test -x /usr/bin/objformat && /usr/bin/objformat || echo aout` - version_type=sunos - case $objformat in - elf*) - library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major $libname.so' - soname_spec='${libname}${release}.so$major' - need_version=no - need_lc=no - need_lib_prefix=no - ;; - *) - library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major $libname.so' - need_version=yes - ;; - esac - shlibpath_var=LD_LIBRARY_PATH - case $host_os in - freebsd2*) - shlibpath_overrides_runpath=yes - ;; - *) - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - esac - ;; - -gnu*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so${major} ${libname}.so' - soname_spec='${libname}${release}.so$major' - shlibpath_var=LD_LIBRARY_PATH - hardcode_into_libs=yes - ;; - -hpux9* | hpux10* | hpux11*) - # Give a soname corresponding to the major version so that dld.sl refuses to - # link against other versions. - dynamic_linker="$host_os dld.sl" - version_type=sunos - need_lib_prefix=no - need_version=no - shlibpath_var=SHLIB_PATH - shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH - library_names_spec='${libname}${release}.sl$versuffix ${libname}${release}.sl$major $libname.sl' - soname_spec='${libname}${release}.sl$major' - # HP-UX runs *really* slowly unless shared libraries are mode 555. - postinstall_cmds='chmod 555 $lib' - ;; - -irix5* | irix6*) - version_type=sunos - need_lib_prefix=no - need_version=no - soname_spec='${libname}${release}.so$major' - library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major ${libname}${release}.so $libname.so' - case $host_os in - irix5*) - libsuff= shlibsuff= - ;; - *) - case $LD in # libtool.m4 will add one of these switches to LD - *-32|*"-32 ") libsuff= shlibsuff= libmagic=32-bit;; - *-n32|*"-n32 ") libsuff=32 shlibsuff=N32 libmagic=N32;; - *-64|*"-64 ") libsuff=64 shlibsuff=64 libmagic=64-bit;; - *) libsuff= shlibsuff= libmagic=never-match;; - esac - ;; - esac - shlibpath_var=LD_LIBRARY${shlibsuff}_PATH - shlibpath_overrides_runpath=no - sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}" - sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}" - ;; - -# No shared lib support for Linux oldld, aout, or coff. -linux-gnuoldld* | linux-gnuaout* | linux-gnucoff*) - dynamic_linker=no - ;; - -# This must be Linux ELF. -linux-gnu*) - version_type=sunos - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major $libname.so' - soname_spec='${libname}${release}.so$major' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - # This implies no fast_install, which is unacceptable. - # Some rework will be needed to allow for fast_install - # before this can be enabled. - hardcode_into_libs=yes - - # We used to test for /lib/ld.so.1 and disable shared libraries on - # powerpc, because MkLinux only supported shared libraries with the - # GNU dynamic linker. Since this was broken with cross compilers, - # most powerpc-linux boxes support dynamic linking these days and - # people can always --disable-shared, the test was removed, and we - # assume the GNU/Linux dynamic linker is in use. - dynamic_linker='GNU/Linux ld.so' - ;; - -netbsd*) - need_lib_prefix=no - need_version=no - version_type=sunos - if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then - library_names_spec='${libname}${release}.so$versuffix ${libname}.so$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - dynamic_linker='NetBSD (a.out) ld.so' - else - library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major ${libname}${release}.so ${libname}.so' - soname_spec='${libname}${release}.so$major' - dynamic_linker='NetBSD ld.elf_so' - fi - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - sys_lib_dlsearch_path_spec="/usr/lib" - sys_lib_search_path_spec="/usr/lib" - ;; - -newsos6) - version_type=linux - library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major $libname.so' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - ;; - -openbsd*) - version_type=sunos - if test "$with_gnu_ld" = yes; then - need_lib_prefix=no - need_version=no - fi - library_names_spec='${libname}${release}.so$versuffix ${libname}.so$versuffix' - finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' - shlibpath_var=LD_LIBRARY_PATH - ;; - -os2*) - libname_spec='$name' - need_lib_prefix=no - library_names_spec='$libname.dll $libname.a' - dynamic_linker='OS/2 ld.exe' - shlibpath_var=LIBPATH - ;; - -osf3* | osf4* | osf5*) - version_type=osf - need_version=no - soname_spec='${libname}${release}.so' - library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so $libname.so' - shlibpath_var=LD_LIBRARY_PATH - sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib" - sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec" - ;; - -sco3.2v5*) - version_type=osf - soname_spec='${libname}${release}.so$major' - library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major $libname.so' - shlibpath_var=LD_LIBRARY_PATH - ;; - -solaris*) - version_type=sunos - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major $libname.so' - soname_spec='${libname}${release}.so$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - hardcode_into_libs=yes - # ldd complains unless libraries are executable - postinstall_cmds='chmod +x $lib' - ;; - -sunos4*) - version_type=sunos - library_names_spec='${libname}${release}.so$versuffix ${libname}.so$versuffix' - finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=yes - if test "$with_gnu_ld" = yes; then - need_lib_prefix=no - fi - need_version=yes - ;; - -sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*) - version_type=linux - library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major $libname.so' - soname_spec='${libname}${release}.so$major' - shlibpath_var=LD_LIBRARY_PATH - case $host_vendor in - motorola) - need_lib_prefix=no - need_version=no - shlibpath_overrides_runpath=no - sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib' - ;; - esac - ;; - -uts4*) - version_type=linux - library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major $libname.so' - soname_spec='${libname}${release}.so$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -dgux*) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major $libname.so' - soname_spec='${libname}${release}.so$major' - shlibpath_var=LD_LIBRARY_PATH - ;; - -sysv4*MP*) - if test -d /usr/nec ;then - version_type=linux - library_names_spec='$libname.so.$versuffix $libname.so.$major $libname.so' - soname_spec='$libname.so.$major' - shlibpath_var=LD_LIBRARY_PATH - fi - ;; - -*) - dynamic_linker=no - ;; -esac -echo "$ac_t$dynamic_linker" 1>&6 -test "$dynamic_linker" = no && can_build_shared=no - -# Check for command to grab the raw symbol name followed by C symbol from nm. -echo $ac_n "checking command to parse $NM output... $ac_c" 1>&6 - -# These are sane defaults that work on at least a few old systems. -# [They come from Ultrix. What could be older than Ultrix?!! ;)] - -# Character class describing NM global symbol codes. -symcode='[BCDEGRST]' - -# Regexp to match symbols that can be accessed directly from C. -sympat='\([_A-Za-z][_A-Za-z0-9]*\)' - -# Transform the above into a raw symbol and a C symbol. -symxfrm='\1 \2\3 \3' - -# Transform an extracted symbol line into a proper C declaration -global_symbol_to_cdecl="sed -n -e 's/^. .* \(.*\)$/extern char \1;/p'" - -# Define system-specific variables. -case $host_os in -aix*) - symcode='[BCDT]' - ;; -cygwin* | mingw* | pw32*) - symcode='[ABCDGISTW]' - ;; -hpux*) # Its linker distinguishes data from code symbols - global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern char \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" - ;; -irix*) - symcode='[BCDEGRST]' - ;; -solaris* | sysv5*) - symcode='[BDT]' - ;; -sysv4) - symcode='[DFNSTU]' - ;; -esac - -# Handle CRLF in mingw tool chain -opt_cr= -case $host_os in -mingw*) - opt_cr=`echo 'x\{0,1\}' | tr x '\015'` # option cr in regexp - ;; -esac - -# If we're using GNU nm, then use its standard symbol codes. -if $NM -V 2>&1 | egrep '(GNU|with BFD)' > /dev/null; then - symcode='[ABCDGISTW]' -fi - -# Try without a prefix undercore, then with it. -for ac_symprfx in "" "_"; do - - # Write the raw and C identifiers. - global_symbol_pipe="sed -n -e 's/^.*[ ]\($symcode$symcode*\)[ ][ ]*\($ac_symprfx\)$sympat$opt_cr$/$symxfrm/p'" - - # Check to see that the pipe works correctly. - pipe_works=no - $rm conftest* - cat > conftest.$ac_ext <&5 - if { (eval echo $progname:1434: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; } && test -s conftest.$objext; then - # Now try to grab the symbols. - nlist=conftest.nm - if { echo "$progname:1437: eval \"$NM conftest.$objext | $global_symbol_pipe > $nlist\"" >&5; eval "$NM conftest.$objext | $global_symbol_pipe > $nlist 2>&5"; } && test -s "$nlist"; then - - # Try sorting and uniquifying the output. - if sort "$nlist" | uniq > "$nlist"T; then - mv -f "$nlist"T "$nlist" - else - rm -f "$nlist"T - fi - - # Make sure that we snagged all the symbols we need. - if egrep ' nm_test_var$' "$nlist" >/dev/null; then - if egrep ' nm_test_func$' "$nlist" >/dev/null; then - cat < conftest.$ac_ext -#ifdef __cplusplus -extern "C" { -#endif - -EOF - # Now generate the symbol file. - eval "$global_symbol_to_cdecl"' < "$nlist" >> conftest.$ac_ext' - - cat <> conftest.$ac_ext -#if defined (__STDC__) && __STDC__ -# define lt_ptr_t void * -#else -# define lt_ptr_t char * -# define const -#endif - -/* The mapping between symbol names and symbols. */ -const struct { - const char *name; - lt_ptr_t address; -} -lt_preloaded_symbols[] = -{ -EOF - sed "s/^$symcode$symcode* \(.*\) \(.*\)$/ {\"\2\", (lt_ptr_t) \&\2},/" < "$nlist" >> conftest.$ac_ext - cat <<\EOF >> conftest.$ac_ext - {0, (lt_ptr_t) 0} -}; - -#ifdef __cplusplus -} -#endif -EOF - # Now try linking the two files. - mv conftest.$objext conftstm.$objext - save_LIBS="$LIBS" - save_CFLAGS="$CFLAGS" - LIBS="conftstm.$objext" - CFLAGS="$CFLAGS$no_builtin_flag" - if { (eval echo $progname:1489: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then - pipe_works=yes - else - echo "$progname: failed program was:" >&5 - cat conftest.$ac_ext >&5 - fi - LIBS="$save_LIBS" - else - echo "cannot find nm_test_func in $nlist" >&5 - fi - else - echo "cannot find nm_test_var in $nlist" >&5 - fi - else - echo "cannot run $global_symbol_pipe" >&5 - fi - else - echo "$progname: failed program was:" >&5 - cat conftest.$ac_ext >&5 - fi - $rm conftest* conftst* - - # Do not use the global_symbol_pipe unless it works. - if test "$pipe_works" = yes; then - break - else - global_symbol_pipe= - fi -done -if test "$pipe_works" = yes; then - echo "${ac_t}ok" 1>&6 -else - echo "${ac_t}failed" 1>&6 -fi - -if test -z "$global_symbol_pipe"; then - global_symbol_to_cdecl= -fi - -# Report the final consequences. -echo "checking if libtool supports shared libraries... $can_build_shared" 1>&6 - -# Only try to build win32 dlls if AC_LIBTOOL_WIN32_DLL was used in -# configure.in, otherwise build static only libraries. -case $host_os in -cygwin* | mingw* | pw32* | os2*) - if test x$can_build_shared = xyes; then - test x$enable_win32_dll = xno && can_build_shared=no - echo "checking if package supports dlls... $can_build_shared" 1>&6 - fi -;; -esac - -echo $ac_n "checking whether to build shared libraries... $ac_c" 1>&6 -test "$can_build_shared" = "no" && enable_shared=no - -# On AIX, shared libraries and static libraries use the same namespace, and -# are all built from PIC. -case $host_os in -aix3*) - test "$enable_shared" = yes && enable_static=no - if test -n "$RANLIB"; then - archive_cmds="$archive_cmds~\$RANLIB \$lib" - postinstall_cmds='$RANLIB $lib' - fi - ;; - -aix4*) - test "$enable_shared" = yes && enable_static=no - ;; -esac - -echo "$ac_t$enable_shared" 1>&6 - -# Make sure either enable_shared or enable_static is yes. -test "$enable_shared" = yes || enable_static=yes - -echo "checking whether to build static libraries... $enable_static" 1>&6 - -if test "$hardcode_action" = relink; then - # Fast installation is not supported - enable_fast_install=no -elif test "$shlibpath_overrides_runpath" = yes || - test "$enable_shared" = no; then - # Fast installation is not necessary - enable_fast_install=needless -fi - -variables_saved_for_relink="PATH $shlibpath_var $runpath_var" -if test "$with_gcc" = yes; then - variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" -fi - -# Check whether we must set pic_mode to default -test -z "$pic_flag" && pic_mode=default - -if test "x$enable_dlopen" != xyes; then - enable_dlopen=unknown - enable_dlopen_self=unknown - enable_dlopen_self_static=unknown -else -if test "X${lt_cv_dlopen+set}" != Xset; then - lt_cv_dlopen=no lt_cv_dlopen_libs= -echo $ac_n "checking for dlopen in -ldl""... $ac_c" 1>&6 -echo "$progname:1593: checking for dlopen in -ldl" >&5 -if test "X${ac_cv_lib_dl_dlopen+set}" = Xset; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-ldl $LIBS" -cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - ac_cv_lib_dl_dlopen=yes -else - echo "$progname: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_lib_dl_dlopen=no -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if test "X$ac_cv_lib_dl_dlopen" = Xyes; then - echo "$ac_t""yes" 1>&6 - lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl" -else - echo "$ac_t""no" 1>&6 -echo $ac_n "checking for dlopen""... $ac_c" 1>&6 -echo "$progname:1632: checking for dlopen" >&5 -if test "X${ac_cv_func_dlopen+set}" = Xset; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dlopen(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_dlopen) || defined (__stub___dlopen) -choke me -#else -dlopen(); -#endif - -; return 0; } -EOF -if { (eval echo $progname:1662: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - ac_cv_func_dlopen=yes -else - echo "$progname: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_func_dlopen=no -fi -rm -f conftest* -fi -if test "X$ac_cv_func_dlopen" = Xyes; then - echo "$ac_t""yes" 1>&6 - lt_cv_dlopen="dlopen" -else - echo "$ac_t""no" 1>&6 -echo $ac_n "checking for dlopen in -lsvld""... $ac_c" 1>&6 -echo "$progname:1679: checking for dlopen in -lsvld" >&5 -if test "X${ac_cv_lib_svld_dlopen+set}" = Xset; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-lsvld $LIBS" -cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - ac_cv_lib_svld_dlopen=yes -else - echo "$progname: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_lib_svld_dlopen=no -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if test "X$ac_cv_lib_svld_dlopen" = Xyes; then - echo "$ac_t""yes" 1>&6 - lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld" -else - echo "$ac_t""no" 1>&6 -echo $ac_n "checking for dld_link in -ldld""... $ac_c" 1>&6 -echo "$progname:1718: checking for dld_link in -ldld" >&5 -if test "X${ac_cv_lib_dld_dld_link+set}" = Xset; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-ldld $LIBS" -cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - ac_cv_lib_dld_dld_link=yes -else - echo "$progname: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_lib_dld_dld_link=no -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if test "X$ac_cv_lib_dld_dld_link" = Xyes; then - echo "$ac_t""yes" 1>&6 - lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-ldld" -else - echo "$ac_t""no" 1>&6 -echo $ac_n "checking for shl_load""... $ac_c" 1>&6 -echo "$progname:1757: checking for shl_load" >&5 -if test "X${ac_cv_func_shl_load+set}" = Xset; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char shl_load(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_shl_load) || defined (__stub___shl_load) -choke me -#else -shl_load(); -#endif - -; return 0; } -EOF -if { (eval echo $progname:1787: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - ac_cv_func_shl_load=yes -else - echo "$progname: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_func_shl_load=no -fi -rm -f conftest* -fi - -if test "X$ac_cv_func_shl_load" = Xyes; then - echo "$ac_t""yes" 1>&6 - lt_cv_dlopen="shl_load" -else - echo "$ac_t""no" 1>&6 -echo $ac_n "checking for shl_load in -ldld""... $ac_c" 1>&6 -echo "$progname:1805: checking for shl_load in -ldld" >&5 -if test "X${ac_cv_lib_dld_shl_load+set}" = Xset; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-ldld $LIBS" -cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - ac_cv_lib_dld_shl_load=yes -else - echo "$progname: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_lib_dld_shl_load=no -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if test "X$ac_cv_lib_dld_shl_load" = Xyes; then - echo "$ac_t""yes" 1>&6 - lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-ldld" -else - echo "$ac_t""no" 1>&6 -fi - - -fi - - -fi - - -fi - - -fi - -fi - -fi - - if test "x$lt_cv_dlopen" != xno; then - enable_dlopen=yes - else - enable_dlopen=no - fi - - case $lt_cv_dlopen in - dlopen) -for ac_hdr in dlfcn.h; do -ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` -echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "$progname:1873: checking for $ac_hdr" >&5 -if eval "test \"`echo 'X$''{'ac_cv_header_$ac_safe'+set}'`\" = Xset"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -int fnord = 0; -int main () { return(0); } -EOF -ac_try="$ac_compile >/dev/null 2>conftest.out" -{ (eval echo $progname:1884: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - rm -rf conftest* - eval "ac_cv_header_$ac_safe=yes" -else - echo "$ac_err" >&5 - echo "$progname: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_header_$ac_safe=no" -fi -rm -f conftest* -fi -if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then - echo "$ac_t""yes" 1>&6 -else - echo "$ac_t""no" 1>&6 -fi -done - - if test "x$ac_cv_header_dlfcn_h" = xyes; then - CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H" - fi - eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\" - LIBS="$lt_cv_dlopen_libs $LIBS" - - echo $ac_n "checking whether a program can dlopen itself""... $ac_c" 1>&6 -echo "$progname:1912: checking whether a program can dlopen itself" >&5 -if test "X${lt_cv_dlopen_self+set}" = Xset; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test "$cross_compiling" = yes; then - lt_cv_dlopen_self=cross - else - cat > conftest.$ac_ext < -#endif - -#include - -#ifdef RTLD_GLOBAL -# define LTDL_GLOBAL RTLD_GLOBAL -#else -# ifdef DL_GLOBAL -# define LTDL_GLOBAL DL_GLOBAL -# else -# define LTDL_GLOBAL 0 -# endif -#endif - -/* We may have to define LTDL_LAZY_OR_NOW in the command line if we - find out it does not work in some platform. */ -#ifndef LTDL_LAZY_OR_NOW -# ifdef RTLD_LAZY -# define LTDL_LAZY_OR_NOW RTLD_LAZY -# else -# ifdef DL_LAZY -# define LTDL_LAZY_OR_NOW DL_LAZY -# else -# ifdef RTLD_NOW -# define LTDL_LAZY_OR_NOW RTLD_NOW -# else -# ifdef DL_NOW -# define LTDL_LAZY_OR_NOW DL_NOW -# else -# define LTDL_LAZY_OR_NOW 0 -# endif -# endif -# endif -# endif -#endif - -void fnord() { int i=42; } -int main() { - void *self, *ptr1, *ptr2; self=dlopen(0,LTDL_GLOBAL|LTDL_LAZY_OR_NOW); - if(self) { ptr1=dlsym(self,"fnord"); ptr2=dlsym(self,"_fnord"); - if(ptr1 || ptr2) { dlclose(self); exit(0); } } exit(1); } - -EOF -if { (eval echo $progname:1967: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null -then - lt_cv_dlopen_self=yes -else - echo "$progname: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -fr conftest* - lt_cv_dlopen_self=no -fi -rm -fr conftest* -fi - -fi - -echo "$ac_t""$lt_cv_dlopen_self" 1>&6 - - if test "$lt_cv_dlopen_self" = yes; then - LDFLAGS="$LDFLAGS $link_static_flag" - echo $ac_n "checking whether a statically linked program can dlopen itself""... $ac_c" 1>&6 -echo "$progname:1986: checking whether a statically linked program can dlopen itself" >&5 -if test "X${lt_cv_dlopen_self_static+set}" = Xset; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test "$cross_compiling" = yes; then - lt_cv_dlopen_self_static=cross - else - cat > conftest.$ac_ext < -#endif - -#include - -#ifdef RTLD_GLOBAL -# define LTDL_GLOBAL RTLD_GLOBAL -#else -# ifdef DL_GLOBAL -# define LTDL_GLOBAL DL_GLOBAL -# else -# define LTDL_GLOBAL 0 -# endif -#endif - -/* We may have to define LTDL_LAZY_OR_NOW in the command line if we - find out it does not work in some platform. */ -#ifndef LTDL_LAZY_OR_NOW -# ifdef RTLD_LAZY -# define LTDL_LAZY_OR_NOW RTLD_LAZY -# else -# ifdef DL_LAZY -# define LTDL_LAZY_OR_NOW DL_LAZY -# else -# ifdef RTLD_NOW -# define LTDL_LAZY_OR_NOW RTLD_NOW -# else -# ifdef DL_NOW -# define LTDL_LAZY_OR_NOW DL_NOW -# else -# define LTDL_LAZY_OR_NOW 0 -# endif -# endif -# endif -# endif -#endif - -void fnord() { int i=42; } -int main() { - void *self, *ptr1, *ptr2; self=dlopen(0,LTDL_GLOBAL|LTDL_LAZY_OR_NOW); - if(self) { ptr1=dlsym(self,"fnord"); ptr2=dlsym(self,"_fnord"); - if(ptr1 || ptr2) { dlclose(self); exit(0); } } exit(1); } - -EOF -if { (eval echo $progname:2041: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null -then - lt_cv_dlopen_self_static=yes -else - echo "$progname: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -fr conftest* - lt_cv_dlopen_self_static=no -fi -rm -fr conftest* -fi - -fi - -echo "$ac_t""$lt_cv_dlopen_self_static" 1>&6 -fi - ;; - esac - - case $lt_cv_dlopen_self in - yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;; - *) enable_dlopen_self=unknown ;; - esac - - case $lt_cv_dlopen_self_static in - yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;; - *) enable_dlopen_self_static=unknown ;; - esac -fi - -# Copy echo and quote the copy, instead of the original, because it is -# used later. -ltecho="$echo" -if test "X$ltecho" = "X$CONFIG_SHELL $0 --fallback-echo"; then - ltecho="$CONFIG_SHELL \$0 --fallback-echo" -fi -LTSHELL="$SHELL" - -LTCONFIG_VERSION="$VERSION" - -# Only quote variables if we're using ltmain.sh. -case $ltmain in -*.sh) - # Now quote all the things that may contain metacharacters. - for var in ltecho old_AR old_AR_FLAGS old_CC old_LTCC old_CFLAGS old_CPPFLAGS \ - old_MAGIC_CMD old_LD old_LDFLAGS old_LIBS \ - old_LN_S old_NM old_RANLIB old_STRIP \ - old_AS old_DLLTOOL old_OBJDUMP \ - old_OBJEXT old_EXEEXT old_reload_flag \ - old_deplibs_check_method old_file_magic_cmd \ - AR AR_FLAGS CC LTCC LD LN_S NM LTSHELL LTCONFIG_VERSION \ - reload_flag reload_cmds wl \ - pic_flag link_static_flag no_builtin_flag export_dynamic_flag_spec \ - thread_safe_flag_spec whole_archive_flag_spec libname_spec \ - library_names_spec soname_spec \ - RANLIB old_archive_cmds old_archive_from_new_cmds old_postinstall_cmds \ - old_postuninstall_cmds archive_cmds archive_expsym_cmds postinstall_cmds \ - postuninstall_cmds extract_expsyms_cmds old_archive_from_expsyms_cmds \ - predep_objects postdep_objects predeps postdeps compiler_lib_search_path \ - old_striplib striplib file_magic_cmd export_symbols_cmds \ - deplibs_check_method allow_undefined_flag no_undefined_flag \ - finish_cmds finish_eval global_symbol_pipe global_symbol_to_cdecl \ - hardcode_libdir_flag_spec hardcode_libdir_separator \ - sys_lib_search_path_spec sys_lib_dlsearch_path_spec \ - compiler_c_o need_locks exclude_expsyms include_expsyms; do - - case $var in - reload_cmds | old_archive_cmds | old_archive_from_new_cmds | \ - old_postinstall_cmds | old_postuninstall_cmds | \ - export_symbols_cmds | archive_cmds | archive_expsym_cmds | \ - extract_expsyms_cmds | old_archive_from_expsyms_cmds | \ - postinstall_cmds | postuninstall_cmds | \ - finish_cmds | sys_lib_search_path_spec | sys_lib_dlsearch_path_spec) - # Double-quote double-evaled strings. - eval "$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$double_quote_subst\" -e \"\$sed_quote_subst\" -e \"\$delay_variable_subst\"\`\\\"" ### testsuite: skip nested quoting test - ;; - *) - eval "$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$sed_quote_subst\"\`\\\"" ### testsuite: skip nested quoting test - ;; - esac - done - - case $ltecho in - *'\$0 --fallback-echo"') - ltecho=`$echo "X$ltecho" | $Xsed -e 's/\\\\\\\$0 --fallback-echo"$/$0 --fallback-echo"/'` - ;; - esac - - if test -z "$tagname"; then - trap "$rm \"$ofile\"; exit 1" 1 2 15 - echo "creating $ofile" - $rm "$ofile" - cat < "$ofile" -#! $SHELL - -# `$echo "$ofile" | sed 's%^.*/%%'` - Provide generalized library-building support services. -# Generated automatically by $PROGRAM (GNU $PACKAGE $VERSION$TIMESTAMP) -# NOTE: Changes made to this file will be lost: look at ltconfig or ltmain.sh. -# -# Copyright (C) 1996-2000 Free Software Foundation, Inc. -# Originally by Gordon Matzigkeit , 1996 -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - -# Sed that helps us avoid accidentally triggering echo(1) options like -n. -Xsed="sed -e s/^X//" - -# The HP-UX ksh and POSIX shell print the target directory to stdout -# if CDPATH is set. -if test "X\${CDPATH+set}" = Xset; then CDPATH=:; export CDPATH; fi - -# The names of the tagged configurations supported by this script. -available_tags= - -### BEGIN LIBTOOL CONFIG -EOF - else - echo "appending configuration tag \"$tagname\" to $ofile" - echo "### BEGIN LIBTOOL TAG CONFIG: $tagname" >> "$ofile" - fi - cfgfile="$ofile" - ;; - -*) - # Double-quote the variables that need it (for aesthetics). - for var in old_AR old_AR_FLAGS old_CC old_LTCC old_CFLAGS old_CPPFLAGS \ - old_MAGIC_CMD old_LD old_LDFLAGS old_LIBS \ - old_LN_S old_NM old_RANLIB old_STRIP \ - old_AS old_DLLTOOL old_OBJDUMP \ - old_OBJEXT old_EXEEXT old_reload_flag \ - old_deplibs_check_method old_file_magic_cmd; do - eval "$var=\\\"\$var\\\"" - done - - # Just create a config file. - cfgfile="$ofile.cfg" - if test -z "$tagname"; then - trap "$rm \"$cfgfile\"; exit 1" 1 2 15 - echo "creating $cfgfile" - $rm "$cfgfile" - cat < "$cfgfile" -# `$echo "$cfgfile" | sed 's%^.*/%%'` - Libtool configuration file. -# Generated automatically by $PROGRAM (GNU $PACKAGE $VERSION$TIMESTAMP) - -### BEGIN LIBTOOL CONFIG -EOF - else - echo "appending to $cfgfile" - echo "### BEGIN LIBTOOL TAG CONFIG: $tagname" >> "$ofile" - fi - ;; -esac - -cat <> "$cfgfile" -# Libtool was configured as follows, on host `(hostname || uname -n) 2>/dev/null | sed 1q`: -# -# AR=$old_AR AR_FLAGS=$old_AR_FLAGS LTCC=$old_LTCC CC=$old_CC \\ -# CFLAGS=$old_CFLAGS CPPFLAGS=$old_CPPFLAGS \\ -# MAGIC_CMD=$old_MAGIC_CMD LD=$old_LD LDFLAGS=$old_LDFLAGS LIBS=$old_LIBS \\ -# LN_S=$old_LN_S NM=$old_NM RANLIB=$old_RANLIB STRIP=$old_STRIP \\ -# AS=$old_AS DLLTOOL=$old_DLLTOOL OBJDUMP=$old_OBJDUMP \\ -# objext=$old_OBJEXT exeext=$old_EXEEXT reload_flag=$old_reload_flag \\ -# deplibs_check_method=$old_deplibs_check_method \\ -# file_magic_cmd=$old_file_magic_cmd \\ -# $0$ltconfig_args -# -# Compiler and other test output produced by $progname, useful for -# debugging $progname, is in ./config.log if it exists. - -# The version of $progname that generated this script. -LTCONFIG_VERSION=$LTCONFIG_VERSION - -# Shell to use when invoking shell scripts. -SHELL=$LTSHELL - -# Whether or not to build shared libraries. -build_libtool_libs=$enable_shared - -# Whether or not to add -lc for building shared libraries. -build_libtool_need_lc=$need_lc - -# Whether or not to build static libraries. -build_old_libs=$enable_static - -# Whether or not to optimize for fast installation. -fast_install=$enable_fast_install - -# The host system. -host_alias=$host_alias -host=$host - -# An echo program that does not interpret backslashes. -echo=$ltecho - -# The archiver. -AR=$AR -AR_FLAGS=$AR_FLAGS - -# A C compiler. -LTCC=$LTCC - -# A language-specific compiler. -CC=$CC - -# Is the compiler the GNU C compiler? -with_gcc=$with_gcc - -# The linker used to build libraries. -LD=$LD - -# Whether we need hard or soft links. -LN_S=$LN_S - -# A BSD-compatible nm program. -NM=$NM - -# A symbol stripping program -STRIP=$STRIP - -# Used to examine libraries when file_magic_cmd begins "file" -MAGIC_CMD=$MAGIC_CMD - -# Used on cygwin: DLL creation program. -DLLTOOL="$DLLTOOL" - -# Used on cygwin: object dumper. -OBJDUMP="$OBJDUMP" - -# Used on cygwin: assembler. -AS="$AS" - -# The name of the directory that contains temporary libtool files. -objdir=$objdir - -# How to create reloadable object files. -reload_flag=$reload_flag -reload_cmds=$reload_cmds - -# How to pass a linker flag through the compiler. -wl=$wl - -# Object file suffix (normally "o"). -objext="$objext" - -# Old archive suffix (normally "a"). -libext="$libext" - -# Executable file suffix (normally ""). -exeext="$exeext" - -# Additional compiler flags for building library objects. -pic_flag=$pic_flag -pic_mode=$pic_mode - -# What is the maximum length of a command? -max_cmd_len=$max_cmd_len - -# Does compiler simultaneously support -c and -o options? -compiler_c_o=$compiler_c_o - -# Must we lock files when doing compilation ? -need_locks=$need_locks - -# Do we need the lib prefix for modules? -need_lib_prefix=$need_lib_prefix - -# Do we need a version for libraries? -need_version=$need_version - -# Whether dlopen is supported. -dlopen_support=$enable_dlopen - -# Whether dlopen of programs is supported. -dlopen_self=$enable_dlopen_self - -# Whether dlopen of statically linked programs is supported. -dlopen_self_static=$enable_dlopen_self_static - -# Compiler flag to prevent dynamic linking. -link_static_flag=$link_static_flag - -# Compiler flag to turn off builtin functions. -no_builtin_flag=$no_builtin_flag - -# Compiler flag to allow reflexive dlopens. -export_dynamic_flag_spec=$export_dynamic_flag_spec - -# Compiler flag to generate shared objects directly from archives. -whole_archive_flag_spec=$whole_archive_flag_spec - -# Compiler flag to generate thread-safe objects. -thread_safe_flag_spec=$thread_safe_flag_spec - -# Library versioning type. -version_type=$version_type - -# Format of library name prefix. -libname_spec=$libname_spec - -# List of archive names. First name is the real one, the rest are links. -# The last name is the one that the linker finds with -lNAME. -library_names_spec=$library_names_spec - -# The coded name of the library, if different from the real name. -soname_spec=$soname_spec - -# Commands used to build and install an old-style archive. -RANLIB=$RANLIB -old_archive_cmds=$old_archive_cmds -old_postinstall_cmds=$old_postinstall_cmds -old_postuninstall_cmds=$old_postuninstall_cmds - -# Create an old-style archive from a shared archive. -old_archive_from_new_cmds=$old_archive_from_new_cmds - -# Create a temporary old-style archive to link instead of a shared archive. -old_archive_from_expsyms_cmds=$old_archive_from_expsyms_cmds - -# Commands used to build and install a shared archive. -archive_cmds=$archive_cmds -archive_expsym_cmds=$archive_expsym_cmds -postinstall_cmds=$postinstall_cmds -postuninstall_cmds=$postuninstall_cmds - -# Commands to strip libraries. -old_striplib=$old_striplib -striplib=$striplib - -# Dependencies to place before the objects being linked to create a -# shared library. -predep_objects=$predep_objects - -# Dependencies to place after the objects being linked to create a -# shared library. -postdep_objects=$postdep_objects - -# Dependencies to place before the objects being linked to create a -# shared library. -predeps=$predeps - -# Dependencies to place after the objects being linked to create a -# shared library. -postdeps=$postdeps - -# The library search path used internally by the compiler when linking -# a shared library. -compiler_lib_search_path=$compiler_lib_search_path - -# Method to check whether dependent libraries are shared objects. -deplibs_check_method=$deplibs_check_method - -# Command to use when deplibs_check_method == file_magic. -file_magic_cmd=$file_magic_cmd - -# Flag that allows shared libraries with undefined symbols to be built. -allow_undefined_flag=$allow_undefined_flag - -# Flag that forces no undefined symbols. -no_undefined_flag=$no_undefined_flag - -# Commands used to finish a libtool library installation in a directory. -finish_cmds=$finish_cmds - -# Same as above, but a single script fragment to be evaled but not shown. -finish_eval=$finish_eval - -# Take the output of nm and produce a listing of raw symbols and C names. -global_symbol_pipe=$global_symbol_pipe - -# Transform the output of nm in a proper C declaration -global_symbol_to_cdecl=$global_symbol_to_cdecl - -# This is the shared library runtime path variable. -runpath_var=$runpath_var - -# This is the shared library path variable. -shlibpath_var=$shlibpath_var - -# Is shlibpath searched before the hard-coded library search path? -shlibpath_overrides_runpath=$shlibpath_overrides_runpath - -# How to hardcode a shared library path into an executable. -hardcode_action=$hardcode_action - -# Whether we should hardcode library paths into libraries. -hardcode_into_libs=$hardcode_into_libs - -# Flag to hardcode \$libdir into a binary during linking. -# This must work even if \$libdir does not exist. -hardcode_libdir_flag_spec=$hardcode_libdir_flag_spec - -# Whether we need a single -rpath flag with a separated argument. -hardcode_libdir_separator=$hardcode_libdir_separator - -# Set to yes if using DIR/libNAME.so during linking hardcodes DIR into the -# resulting binary. -hardcode_direct=$hardcode_direct - -# Set to yes if using the -LDIR flag during linking hardcodes DIR into the -# resulting binary. -hardcode_minus_L=$hardcode_minus_L - -# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into -# the resulting binary. -hardcode_shlibpath_var=$hardcode_shlibpath_var - -# Variables whose values should be saved in libtool wrapper scripts and -# restored at relink time. -variables_saved_for_relink="$variables_saved_for_relink" - -# Whether libtool must link a program against all its dependency libraries. -link_all_deplibs=$link_all_deplibs - -# Compile-time system search path for libraries -sys_lib_search_path_spec=$sys_lib_search_path_spec - -# Run-time system search path for libraries -sys_lib_dlsearch_path_spec=$sys_lib_dlsearch_path_spec - -# Fix the shell variable \$srcfile for the compiler. -fix_srcfile_path="$fix_srcfile_path" - -# Set to yes if exported symbols are required. -always_export_symbols=$always_export_symbols - -# The commands to list exported symbols. -export_symbols_cmds=$export_symbols_cmds - -# The commands to extract the exported symbol list from a shared archive. -extract_expsyms_cmds=$extract_expsyms_cmds - -# Symbols that should not be listed in the preloaded symbols. -exclude_expsyms=$exclude_expsyms - -# Symbols that must always be exported. -include_expsyms=$include_expsyms - -EOF - -if test -z "$tagname"; then - echo '### END LIBTOOL CONFIG' >> "$ofile" -else - echo "### END LIBTOOL TAG CONFIG: $tagname" >> "$ofile" -fi - -case $ltmain in -*.sh) - echo >> "$ofile" - if test -z "$tagname"; then - case $host_os in - aix3*) - cat <<\EOF >> "$ofile" - -# AIX sometimes has problems with the GCC collect2 program. For some -# reason, if we set the COLLECT_NAMES environment variable, the problems -# vanish in a puff of smoke. -if test "X${COLLECT_NAMES+set}" != Xset; then - COLLECT_NAMES= - export COLLECT_NAMES -fi -EOF - ;; - esac - case $host in - *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2*) - cat <<'EOF' >> "$ofile" - # This is a source program that is used to create dlls on Windows - # Don't remove nor modify the starting and closing comments -# /* ltdll.c starts here */ -# #define WIN32_LEAN_AND_MEAN -# #include -# #undef WIN32_LEAN_AND_MEAN -# #include -# -# #ifndef __CYGWIN__ -# # ifdef __CYGWIN32__ -# # define __CYGWIN__ __CYGWIN32__ -# # endif -# #endif -# -# #ifdef __cplusplus -# extern "C" { -# #endif -# BOOL APIENTRY DllMain (HINSTANCE hInst, DWORD reason, LPVOID reserved); -# #ifdef __cplusplus -# } -# #endif -# -# #ifdef __CYGWIN__ -# #include -# DECLARE_CYGWIN_DLL( DllMain ); -# #endif -# HINSTANCE __hDllInstance_base; -# -# BOOL APIENTRY -# DllMain (HINSTANCE hInst, DWORD reason, LPVOID reserved) -# { -# __hDllInstance_base = hInst; -# return TRUE; -# } -# /* ltdll.c ends here */ - # This is a source program that is used to create import libraries - # on Windows for dlls which lack them. Don't remove nor modify the - # starting and closing comments -# /* impgen.c starts here */ -# /* Copyright (C) 1999-2000 Free Software Foundation, Inc. -# -# This file is part of GNU libtool. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -# */ -# -# #include /* for printf() */ -# #include /* for open(), lseek(), read() */ -# #include /* for O_RDONLY, O_BINARY */ -# #include /* for strdup() */ -# -# /* O_BINARY isn't required (or even defined sometimes) under Unix */ -# #ifndef O_BINARY -# #define O_BINARY 0 -# #endif -# -# static unsigned int -# pe_get16 (fd, offset) -# int fd; -# int offset; -# { -# unsigned char b[2]; -# lseek (fd, offset, SEEK_SET); -# read (fd, b, 2); -# return b[0] + (b[1]<<8); -# } -# -# static unsigned int -# pe_get32 (fd, offset) -# int fd; -# int offset; -# { -# unsigned char b[4]; -# lseek (fd, offset, SEEK_SET); -# read (fd, b, 4); -# return b[0] + (b[1]<<8) + (b[2]<<16) + (b[3]<<24); -# } -# -# static unsigned int -# pe_as32 (ptr) -# void *ptr; -# { -# unsigned char *b = ptr; -# return b[0] + (b[1]<<8) + (b[2]<<16) + (b[3]<<24); -# } -# -# int -# main (argc, argv) -# int argc; -# char *argv[]; -# { -# int dll; -# unsigned long pe_header_offset, opthdr_ofs, num_entries, i; -# unsigned long export_rva, export_size, nsections, secptr, expptr; -# unsigned long name_rvas, nexp; -# unsigned char *expdata, *erva; -# char *filename, *dll_name; -# -# filename = argv[1]; -# -# dll = open(filename, O_RDONLY|O_BINARY); -# if (dll < 1) -# return 1; -# -# dll_name = filename; -# -# for (i=0; filename[i]; i++) -# if (filename[i] == '/' || filename[i] == '\\' || filename[i] == ':') -# dll_name = filename + i +1; -# -# pe_header_offset = pe_get32 (dll, 0x3c); -# opthdr_ofs = pe_header_offset + 4 + 20; -# num_entries = pe_get32 (dll, opthdr_ofs + 92); -# -# if (num_entries < 1) /* no exports */ -# return 1; -# -# export_rva = pe_get32 (dll, opthdr_ofs + 96); -# export_size = pe_get32 (dll, opthdr_ofs + 100); -# nsections = pe_get16 (dll, pe_header_offset + 4 +2); -# secptr = (pe_header_offset + 4 + 20 + -# pe_get16 (dll, pe_header_offset + 4 + 16)); -# -# expptr = 0; -# for (i = 0; i < nsections; i++) -# { -# char sname[8]; -# unsigned long secptr1 = secptr + 40 * i; -# unsigned long vaddr = pe_get32 (dll, secptr1 + 12); -# unsigned long vsize = pe_get32 (dll, secptr1 + 16); -# unsigned long fptr = pe_get32 (dll, secptr1 + 20); -# lseek(dll, secptr1, SEEK_SET); -# read(dll, sname, 8); -# if (vaddr <= export_rva && vaddr+vsize > export_rva) -# { -# expptr = fptr + (export_rva - vaddr); -# if (export_rva + export_size > vaddr + vsize) -# export_size = vsize - (export_rva - vaddr); -# break; -# } -# } -# -# expdata = (unsigned char*)malloc(export_size); -# lseek (dll, expptr, SEEK_SET); -# read (dll, expdata, export_size); -# erva = expdata - export_rva; -# -# nexp = pe_as32 (expdata+24); -# name_rvas = pe_as32 (expdata+32); -# -# printf ("EXPORTS\n"); -# for (i = 0; i> "$ofile" || (rm -f "$ofile"; exit 1) - # We use sed instead of cat because bash on DJGPP gets confused if - # if finds mixed CR/LF and LF-only lines. Since sed operates in - # text mode, it properly converts lines to CR/LF. This bash problem - # is reportedly fixed, but why not run on old versions too? - - chmod +x "$ofile" - fi - ;; - -*) - # Compile the libtool program. - echo "FIXME: would compile $ltmain" - ;; -esac - -# Update the list of available tags. -if test -n "$tagname"; then - - # Extract list of available tagged configurations in $ofile. - # Note that this assumes the entire list is on one line. - available_tags=`grep "^available_tags=" $ofile | sed -e 's/available_tags=\(.*$\)/\1/' -e 's/\"//g'` - - # Append the new tag name to the list of available tags. - available_tags="$available_tags $tagname" - - # Now substitute the updated of available tags. - if eval "sed -e 's/^available_tags=.*\$/available_tags=\"$available_tags\"/' ${ofile} > ${ofile}.new"; then - mv ${ofile}.new ${ofile} - chmod +x "$ofile" - else - rm -f ${ofile}.new - echo "$progname: unable to update list of available tagged configurations." - exit 1 - fi -fi - -# Don't cache tagged configuration! -test -n "$cache_file" && test -z "$tagname" || exit 0 - -# AC_CACHE_SAVE -trap '' 1 2 15 -cat > confcache <<\EOF -# This file is a shell script that caches the results of configure -# tests run on this system so they can be shared between configure -# scripts and configure runs. It is not useful on other systems. -# If it contains results you don't want to keep, you may remove or edit it. -# -# By default, configure uses ./config.cache as the cache file, -# creating it if it does not exist already. You can give configure -# the --cache-file=FILE option to use a different cache file; that is -# what configure does when it calls configure scripts in -# subdirectories, so they share the cache. -# Giving --cache-file=/dev/null disables caching, for debugging configure. -# config.status only pays attention to the cache file if you give it the -# --recheck option to rerun configure. -# -EOF -# The following way of writing the cache mishandles newlines in values, -# but we know of no workaround that is simple, portable, and efficient. -# So, don't put newlines in cache variables' values. -# Ultrix sh set writes to stderr and can't be redirected directly, -# and sets the high bit in the cache file unless we assign to the vars. -(set) 2>&1 | - case `(ac_space=' '; set | grep ac_space) 2>&1` in - *ac_space=\ *) - # `set' does not quote correctly, so add quotes (double-quote substitution - # turns \\\\ into \\, and sed turns \\ into \). - sed -n \ - -e "s/'/'\\\\''/g" \ - -e "s/^\\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\\)=\\(.*\\)/\\1=\${\\1='\\2'}/p" - ;; - *) - # `set' quotes correctly as required by POSIX, so do not add quotes. - sed -n -e 's/^\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\)=\(.*\)/\1=${\1=\2}/p' - ;; - esac >> confcache -if cmp -s $cache_file confcache; then - : -else - if test -w $cache_file; then - echo "updating cache $cache_file" - cat confcache > $cache_file - else - echo "not updating unwritable cache $cache_file" - fi -fi -rm -f confcache - -exit 0 - -# Local Variables: -# mode:shell-script -# sh-indentation:2 -# End: diff --git a/crypto/heimdal/ltmain.sh b/crypto/heimdal/ltmain.sh deleted file mode 100644 index 06823e057a57..000000000000 --- a/crypto/heimdal/ltmain.sh +++ /dev/null @@ -1,6863 +0,0 @@ -# ltmain.sh - Provide generalized library-building support services. -# NOTE: Changing this file will not affect anything until you rerun configure. -# -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005 -# Free Software Foundation, Inc. -# Originally by Gordon Matzigkeit , 1996 -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - -basename="s,^.*/,,g" - -# Work around backward compatibility issue on IRIX 6.5. On IRIX 6.4+, sh -# is ksh but when the shell is invoked as "sh" and the current value of -# the _XPG environment variable is not equal to 1 (one), the special -# positional parameter $0, within a function call, is the name of the -# function. -progpath="$0" - -# The name of this program: -progname=`echo "$progpath" | $SED $basename` -modename="$progname" - -# Global variables: -EXIT_SUCCESS=0 -EXIT_FAILURE=1 - -PROGRAM=ltmain.sh -PACKAGE=libtool -VERSION=1.5.22 -TIMESTAMP=" (1.1220.2.365 2005/12/18 22:14:06)" - -# See if we are running on zsh, and set the options which allow our -# commands through without removal of \ escapes. -if test -n "${ZSH_VERSION+set}" ; then - setopt NO_GLOB_SUBST -fi - -# Check that we have a working $echo. -if test "X$1" = X--no-reexec; then - # Discard the --no-reexec flag, and continue. - shift -elif test "X$1" = X--fallback-echo; then - # Avoid inline document here, it may be left over - : -elif test "X`($echo '\t') 2>/dev/null`" = 'X\t'; then - # Yippee, $echo works! - : -else - # Restart under the correct shell, and then maybe $echo will work. - exec $SHELL "$progpath" --no-reexec ${1+"$@"} -fi - -if test "X$1" = X--fallback-echo; then - # used as fallback echo - shift - cat <&2 - $echo "Fatal configuration error. See the $PACKAGE docs for more information." 1>&2 - exit $EXIT_FAILURE -fi - -# Global variables. -mode=$default_mode -nonopt= -prev= -prevopt= -run= -show="$echo" -show_help= -execute_dlfiles= -duplicate_deps=no -preserve_args= -lo2o="s/\\.lo\$/.${objext}/" -o2lo="s/\\.${objext}\$/.lo/" - -##################################### -# Shell function definitions: -# This seems to be the best place for them - -# func_mktempdir [string] -# Make a temporary directory that won't clash with other running -# libtool processes, and avoids race conditions if possible. If -# given, STRING is the basename for that directory. -func_mktempdir () -{ - my_template="${TMPDIR-/tmp}/${1-$progname}" - - if test "$run" = ":"; then - # Return a directory name, but don't create it in dry-run mode - my_tmpdir="${my_template}-$$" - else - - # If mktemp works, use that first and foremost - my_tmpdir=`mktemp -d "${my_template}-XXXXXXXX" 2>/dev/null` - - if test ! -d "$my_tmpdir"; then - # Failing that, at least try and use $RANDOM to avoid a race - my_tmpdir="${my_template}-${RANDOM-0}$$" - - save_mktempdir_umask=`umask` - umask 0077 - $mkdir "$my_tmpdir" - umask $save_mktempdir_umask - fi - - # If we're not in dry-run mode, bomb out on failure - test -d "$my_tmpdir" || { - $echo "cannot create temporary directory \`$my_tmpdir'" 1>&2 - exit $EXIT_FAILURE - } - fi - - $echo "X$my_tmpdir" | $Xsed -} - - -# func_win32_libid arg -# return the library type of file 'arg' -# -# Need a lot of goo to handle *both* DLLs and import libs -# Has to be a shell function in order to 'eat' the argument -# that is supplied when $file_magic_command is called. -func_win32_libid () -{ - win32_libid_type="unknown" - win32_fileres=`file -L $1 2>/dev/null` - case $win32_fileres in - *ar\ archive\ import\ library*) # definitely import - win32_libid_type="x86 archive import" - ;; - *ar\ archive*) # could be an import, or static - if eval $OBJDUMP -f $1 | $SED -e '10q' 2>/dev/null | \ - $EGREP -e 'file format pe-i386(.*architecture: i386)?' >/dev/null ; then - win32_nmres=`eval $NM -f posix -A $1 | \ - $SED -n -e '1,100{/ I /{s,.*,import,;p;q;};}'` - case $win32_nmres in - import*) win32_libid_type="x86 archive import";; - *) win32_libid_type="x86 archive static";; - esac - fi - ;; - *DLL*) - win32_libid_type="x86 DLL" - ;; - *executable*) # but shell scripts are "executable" too... - case $win32_fileres in - *MS\ Windows\ PE\ Intel*) - win32_libid_type="x86 DLL" - ;; - esac - ;; - esac - $echo $win32_libid_type -} - - -# func_infer_tag arg -# Infer tagged configuration to use if any are available and -# if one wasn't chosen via the "--tag" command line option. -# Only attempt this if the compiler in the base compile -# command doesn't match the default compiler. -# arg is usually of the form 'gcc ...' -func_infer_tag () -{ - if test -n "$available_tags" && test -z "$tagname"; then - CC_quoted= - for arg in $CC; do - case $arg in - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - arg="\"$arg\"" - ;; - esac - CC_quoted="$CC_quoted $arg" - done - case $@ in - # Blanks in the command may have been stripped by the calling shell, - # but not from the CC environment variable when configure was run. - " $CC "* | "$CC "* | " `$echo $CC` "* | "`$echo $CC` "* | " $CC_quoted"* | "$CC_quoted "* | " `$echo $CC_quoted` "* | "`$echo $CC_quoted` "*) ;; - # Blanks at the start of $base_compile will cause this to fail - # if we don't check for them as well. - *) - for z in $available_tags; do - if grep "^# ### BEGIN LIBTOOL TAG CONFIG: $z$" < "$progpath" > /dev/null; then - # Evaluate the configuration. - eval "`${SED} -n -e '/^# ### BEGIN LIBTOOL TAG CONFIG: '$z'$/,/^# ### END LIBTOOL TAG CONFIG: '$z'$/p' < $progpath`" - CC_quoted= - for arg in $CC; do - # Double-quote args containing other shell metacharacters. - case $arg in - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - arg="\"$arg\"" - ;; - esac - CC_quoted="$CC_quoted $arg" - done - case "$@ " in - " $CC "* | "$CC "* | " `$echo $CC` "* | "`$echo $CC` "* | " $CC_quoted"* | "$CC_quoted "* | " `$echo $CC_quoted` "* | "`$echo $CC_quoted` "*) - # The compiler in the base compile command matches - # the one in the tagged configuration. - # Assume this is the tagged configuration we want. - tagname=$z - break - ;; - esac - fi - done - # If $tagname still isn't set, then no tagged configuration - # was found and let the user know that the "--tag" command - # line option must be used. - if test -z "$tagname"; then - $echo "$modename: unable to infer tagged configuration" - $echo "$modename: specify a tag with \`--tag'" 1>&2 - exit $EXIT_FAILURE -# else -# $echo "$modename: using $tagname tagged configuration" - fi - ;; - esac - fi -} - - -# func_extract_an_archive dir oldlib -func_extract_an_archive () -{ - f_ex_an_ar_dir="$1"; shift - f_ex_an_ar_oldlib="$1" - - $show "(cd $f_ex_an_ar_dir && $AR x $f_ex_an_ar_oldlib)" - $run eval "(cd \$f_ex_an_ar_dir && $AR x \$f_ex_an_ar_oldlib)" || exit $? - if ($AR t "$f_ex_an_ar_oldlib" | sort | sort -uc >/dev/null 2>&1); then - : - else - $echo "$modename: ERROR: object name conflicts: $f_ex_an_ar_dir/$f_ex_an_ar_oldlib" 1>&2 - exit $EXIT_FAILURE - fi -} - -# func_extract_archives gentop oldlib ... -func_extract_archives () -{ - my_gentop="$1"; shift - my_oldlibs=${1+"$@"} - my_oldobjs="" - my_xlib="" - my_xabs="" - my_xdir="" - my_status="" - - $show "${rm}r $my_gentop" - $run ${rm}r "$my_gentop" - $show "$mkdir $my_gentop" - $run $mkdir "$my_gentop" - my_status=$? - if test "$my_status" -ne 0 && test ! -d "$my_gentop"; then - exit $my_status - fi - - for my_xlib in $my_oldlibs; do - # Extract the objects. - case $my_xlib in - [\\/]* | [A-Za-z]:[\\/]*) my_xabs="$my_xlib" ;; - *) my_xabs=`pwd`"/$my_xlib" ;; - esac - my_xlib=`$echo "X$my_xlib" | $Xsed -e 's%^.*/%%'` - my_xdir="$my_gentop/$my_xlib" - - $show "${rm}r $my_xdir" - $run ${rm}r "$my_xdir" - $show "$mkdir $my_xdir" - $run $mkdir "$my_xdir" - exit_status=$? - if test "$exit_status" -ne 0 && test ! -d "$my_xdir"; then - exit $exit_status - fi - case $host in - *-darwin*) - $show "Extracting $my_xabs" - # Do not bother doing anything if just a dry run - if test -z "$run"; then - darwin_orig_dir=`pwd` - cd $my_xdir || exit $? - darwin_archive=$my_xabs - darwin_curdir=`pwd` - darwin_base_archive=`$echo "X$darwin_archive" | $Xsed -e 's%^.*/%%'` - darwin_arches=`lipo -info "$darwin_archive" 2>/dev/null | $EGREP Architectures 2>/dev/null` - if test -n "$darwin_arches"; then - darwin_arches=`echo "$darwin_arches" | $SED -e 's/.*are://'` - darwin_arch= - $show "$darwin_base_archive has multiple architectures $darwin_arches" - for darwin_arch in $darwin_arches ; do - mkdir -p "unfat-$$/${darwin_base_archive}-${darwin_arch}" - lipo -thin $darwin_arch -output "unfat-$$/${darwin_base_archive}-${darwin_arch}/${darwin_base_archive}" "${darwin_archive}" - cd "unfat-$$/${darwin_base_archive}-${darwin_arch}" - func_extract_an_archive "`pwd`" "${darwin_base_archive}" - cd "$darwin_curdir" - $rm "unfat-$$/${darwin_base_archive}-${darwin_arch}/${darwin_base_archive}" - done # $darwin_arches - ## Okay now we have a bunch of thin objects, gotta fatten them up :) - darwin_filelist=`find unfat-$$ -type f -name \*.o -print -o -name \*.lo -print| xargs basename | sort -u | $NL2SP` - darwin_file= - darwin_files= - for darwin_file in $darwin_filelist; do - darwin_files=`find unfat-$$ -name $darwin_file -print | $NL2SP` - lipo -create -output "$darwin_file" $darwin_files - done # $darwin_filelist - ${rm}r unfat-$$ - cd "$darwin_orig_dir" - else - cd "$darwin_orig_dir" - func_extract_an_archive "$my_xdir" "$my_xabs" - fi # $darwin_arches - fi # $run - ;; - *) - func_extract_an_archive "$my_xdir" "$my_xabs" - ;; - esac - my_oldobjs="$my_oldobjs "`find $my_xdir -name \*.$objext -print -o -name \*.lo -print | $NL2SP` - done - func_extract_archives_result="$my_oldobjs" -} -# End of Shell function definitions -##################################### - -# Darwin sucks -eval std_shrext=\"$shrext_cmds\" - -disable_libs=no - -# Parse our command line options once, thoroughly. -while test "$#" -gt 0 -do - arg="$1" - shift - - case $arg in - -*=*) optarg=`$echo "X$arg" | $Xsed -e 's/[-_a-zA-Z0-9]*=//'` ;; - *) optarg= ;; - esac - - # If the previous option needs an argument, assign it. - if test -n "$prev"; then - case $prev in - execute_dlfiles) - execute_dlfiles="$execute_dlfiles $arg" - ;; - tag) - tagname="$arg" - preserve_args="${preserve_args}=$arg" - - # Check whether tagname contains only valid characters - case $tagname in - *[!-_A-Za-z0-9,/]*) - $echo "$progname: invalid tag name: $tagname" 1>&2 - exit $EXIT_FAILURE - ;; - esac - - case $tagname in - CC) - # Don't test for the "default" C tag, as we know, it's there, but - # not specially marked. - ;; - *) - if grep "^# ### BEGIN LIBTOOL TAG CONFIG: $tagname$" < "$progpath" > /dev/null; then - taglist="$taglist $tagname" - # Evaluate the configuration. - eval "`${SED} -n -e '/^# ### BEGIN LIBTOOL TAG CONFIG: '$tagname'$/,/^# ### END LIBTOOL TAG CONFIG: '$tagname'$/p' < $progpath`" - else - $echo "$progname: ignoring unknown tag $tagname" 1>&2 - fi - ;; - esac - ;; - *) - eval "$prev=\$arg" - ;; - esac - - prev= - prevopt= - continue - fi - - # Have we seen a non-optional argument yet? - case $arg in - --help) - show_help=yes - ;; - - --version) - $echo "$PROGRAM (GNU $PACKAGE) $VERSION$TIMESTAMP" - $echo - $echo "Copyright (C) 2005 Free Software Foundation, Inc." - $echo "This is free software; see the source for copying conditions. There is NO" - $echo "warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." - exit $? - ;; - - --config) - ${SED} -e '1,/^# ### BEGIN LIBTOOL CONFIG/d' -e '/^# ### END LIBTOOL CONFIG/,$d' $progpath - # Now print the configurations for the tags. - for tagname in $taglist; do - ${SED} -n -e "/^# ### BEGIN LIBTOOL TAG CONFIG: $tagname$/,/^# ### END LIBTOOL TAG CONFIG: $tagname$/p" < "$progpath" - done - exit $? - ;; - - --debug) - $echo "$progname: enabling shell trace mode" - set -x - preserve_args="$preserve_args $arg" - ;; - - --dry-run | -n) - run=: - ;; - - --features) - $echo "host: $host" - if test "$build_libtool_libs" = yes; then - $echo "enable shared libraries" - else - $echo "disable shared libraries" - fi - if test "$build_old_libs" = yes; then - $echo "enable static libraries" - else - $echo "disable static libraries" - fi - exit $? - ;; - - --finish) mode="finish" ;; - - --mode) prevopt="--mode" prev=mode ;; - --mode=*) mode="$optarg" ;; - - --preserve-dup-deps) duplicate_deps="yes" ;; - - --quiet | --silent) - show=: - preserve_args="$preserve_args $arg" - ;; - - --tag) - prevopt="--tag" - prev=tag - preserve_args="$preserve_args --tag" - ;; - --tag=*) - set tag "$optarg" ${1+"$@"} - shift - prev=tag - preserve_args="$preserve_args --tag" - ;; - - -dlopen) - prevopt="-dlopen" - prev=execute_dlfiles - ;; - - -*) - $echo "$modename: unrecognized option \`$arg'" 1>&2 - $echo "$help" 1>&2 - exit $EXIT_FAILURE - ;; - - *) - nonopt="$arg" - break - ;; - esac -done - -if test -n "$prevopt"; then - $echo "$modename: option \`$prevopt' requires an argument" 1>&2 - $echo "$help" 1>&2 - exit $EXIT_FAILURE -fi - -case $disable_libs in -no) - ;; -shared) - build_libtool_libs=no - build_old_libs=yes - ;; -static) - build_old_libs=`case $build_libtool_libs in yes) echo no;; *) echo yes;; esac` - ;; -esac - -# If this variable is set in any of the actions, the command in it -# will be execed at the end. This prevents here-documents from being -# left over by shells. -exec_cmd= - -if test -z "$show_help"; then - - # Infer the operation mode. - if test -z "$mode"; then - $echo "*** Warning: inferring the mode of operation is deprecated." 1>&2 - $echo "*** Future versions of Libtool will require --mode=MODE be specified." 1>&2 - case $nonopt in - *cc | cc* | *++ | gcc* | *-gcc* | g++* | xlc*) - mode=link - for arg - do - case $arg in - -c) - mode=compile - break - ;; - esac - done - ;; - *db | *dbx | *strace | *truss) - mode=execute - ;; - *install*|cp|mv) - mode=install - ;; - *rm) - mode=uninstall - ;; - *) - # If we have no mode, but dlfiles were specified, then do execute mode. - test -n "$execute_dlfiles" && mode=execute - - # Just use the default operation mode. - if test -z "$mode"; then - if test -n "$nonopt"; then - $echo "$modename: warning: cannot infer operation mode from \`$nonopt'" 1>&2 - else - $echo "$modename: warning: cannot infer operation mode without MODE-ARGS" 1>&2 - fi - fi - ;; - esac - fi - - # Only execute mode is allowed to have -dlopen flags. - if test -n "$execute_dlfiles" && test "$mode" != execute; then - $echo "$modename: unrecognized option \`-dlopen'" 1>&2 - $echo "$help" 1>&2 - exit $EXIT_FAILURE - fi - - # Change the help message to a mode-specific one. - generic_help="$help" - help="Try \`$modename --help --mode=$mode' for more information." - - # These modes are in order of execution frequency so that they run quickly. - case $mode in - # libtool compile mode - compile) - modename="$modename: compile" - # Get the compilation command and the source file. - base_compile= - srcfile="$nonopt" # always keep a non-empty value in "srcfile" - suppress_opt=yes - suppress_output= - arg_mode=normal - libobj= - later= - - for arg - do - case $arg_mode in - arg ) - # do not "continue". Instead, add this to base_compile - lastarg="$arg" - arg_mode=normal - ;; - - target ) - libobj="$arg" - arg_mode=normal - continue - ;; - - normal ) - # Accept any command-line options. - case $arg in - -o) - if test -n "$libobj" ; then - $echo "$modename: you cannot specify \`-o' more than once" 1>&2 - exit $EXIT_FAILURE - fi - arg_mode=target - continue - ;; - - -static | -prefer-pic | -prefer-non-pic) - later="$later $arg" - continue - ;; - - -no-suppress) - suppress_opt=no - continue - ;; - - -Xcompiler) - arg_mode=arg # the next one goes into the "base_compile" arg list - continue # The current "srcfile" will either be retained or - ;; # replaced later. I would guess that would be a bug. - - -Wc,*) - args=`$echo "X$arg" | $Xsed -e "s/^-Wc,//"` - lastarg= - save_ifs="$IFS"; IFS=',' - for arg in $args; do - IFS="$save_ifs" - - # Double-quote args containing other shell metacharacters. - # Many Bourne shells cannot handle close brackets correctly - # in scan sets, so we specify it separately. - case $arg in - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - arg="\"$arg\"" - ;; - esac - lastarg="$lastarg $arg" - done - IFS="$save_ifs" - lastarg=`$echo "X$lastarg" | $Xsed -e "s/^ //"` - - # Add the arguments to base_compile. - base_compile="$base_compile $lastarg" - continue - ;; - - * ) - # Accept the current argument as the source file. - # The previous "srcfile" becomes the current argument. - # - lastarg="$srcfile" - srcfile="$arg" - ;; - esac # case $arg - ;; - esac # case $arg_mode - - # Aesthetically quote the previous argument. - lastarg=`$echo "X$lastarg" | $Xsed -e "$sed_quote_subst"` - - case $lastarg in - # Double-quote args containing other shell metacharacters. - # Many Bourne shells cannot handle close brackets correctly - # in scan sets, and some SunOS ksh mistreat backslash-escaping - # in scan sets (worked around with variable expansion), - # and furthermore cannot handle '|' '&' '(' ')' in scan sets - # at all, so we specify them separately. - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - lastarg="\"$lastarg\"" - ;; - esac - - base_compile="$base_compile $lastarg" - done # for arg - - case $arg_mode in - arg) - $echo "$modename: you must specify an argument for -Xcompile" - exit $EXIT_FAILURE - ;; - target) - $echo "$modename: you must specify a target with \`-o'" 1>&2 - exit $EXIT_FAILURE - ;; - *) - # Get the name of the library object. - [ -z "$libobj" ] && libobj=`$echo "X$srcfile" | $Xsed -e 's%^.*/%%'` - ;; - esac - - # Recognize several different file suffixes. - # If the user specifies -o file.o, it is replaced with file.lo - xform='[cCFSifmso]' - case $libobj in - *.ada) xform=ada ;; - *.adb) xform=adb ;; - *.ads) xform=ads ;; - *.asm) xform=asm ;; - *.c++) xform=c++ ;; - *.cc) xform=cc ;; - *.ii) xform=ii ;; - *.class) xform=class ;; - *.cpp) xform=cpp ;; - *.cxx) xform=cxx ;; - *.f90) xform=f90 ;; - *.for) xform=for ;; - *.java) xform=java ;; - esac - - libobj=`$echo "X$libobj" | $Xsed -e "s/\.$xform$/.lo/"` - - case $libobj in - *.lo) obj=`$echo "X$libobj" | $Xsed -e "$lo2o"` ;; - *) - $echo "$modename: cannot determine name of library object from \`$libobj'" 1>&2 - exit $EXIT_FAILURE - ;; - esac - - func_infer_tag $base_compile - - for arg in $later; do - case $arg in - -static) - build_old_libs=yes - continue - ;; - - -prefer-pic) - pic_mode=yes - continue - ;; - - -prefer-non-pic) - pic_mode=no - continue - ;; - esac - done - - qlibobj=`$echo "X$libobj" | $Xsed -e "$sed_quote_subst"` - case $qlibobj in - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - qlibobj="\"$qlibobj\"" ;; - esac - test "X$libobj" != "X$qlibobj" \ - && $echo "X$libobj" | grep '[]~#^*{};<>?"'"'"' &()|`$[]' \ - && $echo "$modename: libobj name \`$libobj' may not contain shell special characters." - objname=`$echo "X$obj" | $Xsed -e 's%^.*/%%'` - xdir=`$echo "X$obj" | $Xsed -e 's%/[^/]*$%%'` - if test "X$xdir" = "X$obj"; then - xdir= - else - xdir=$xdir/ - fi - lobj=${xdir}$objdir/$objname - - if test -z "$base_compile"; then - $echo "$modename: you must specify a compilation command" 1>&2 - $echo "$help" 1>&2 - exit $EXIT_FAILURE - fi - - # Delete any leftover library objects. - if test "$build_old_libs" = yes; then - removelist="$obj $lobj $libobj ${libobj}T" - else - removelist="$lobj $libobj ${libobj}T" - fi - - $run $rm $removelist - trap "$run $rm $removelist; exit $EXIT_FAILURE" 1 2 15 - - # On Cygwin there's no "real" PIC flag so we must build both object types - case $host_os in - cygwin* | mingw* | pw32* | os2*) - pic_mode=default - ;; - esac - if test "$pic_mode" = no && test "$deplibs_check_method" != pass_all; then - # non-PIC code in shared libraries is not supported - pic_mode=default - fi - - # Calculate the filename of the output object if compiler does - # not support -o with -c - if test "$compiler_c_o" = no; then - output_obj=`$echo "X$srcfile" | $Xsed -e 's%^.*/%%' -e 's%\.[^.]*$%%'`.${objext} - lockfile="$output_obj.lock" - removelist="$removelist $output_obj $lockfile" - trap "$run $rm $removelist; exit $EXIT_FAILURE" 1 2 15 - else - output_obj= - need_locks=no - lockfile= - fi - - # Lock this critical section if it is needed - # We use this script file to make the link, it avoids creating a new file - if test "$need_locks" = yes; then - until $run ln "$progpath" "$lockfile" 2>/dev/null; do - $show "Waiting for $lockfile to be removed" - sleep 2 - done - elif test "$need_locks" = warn; then - if test -f "$lockfile"; then - $echo "\ -*** ERROR, $lockfile exists and contains: -`cat $lockfile 2>/dev/null` - -This indicates that another process is trying to use the same -temporary object file, and libtool could not work around it because -your compiler does not support \`-c' and \`-o' together. If you -repeat this compilation, it may succeed, by chance, but you had better -avoid parallel builds (make -j) in this platform, or get a better -compiler." - - $run $rm $removelist - exit $EXIT_FAILURE - fi - $echo "$srcfile" > "$lockfile" - fi - - if test -n "$fix_srcfile_path"; then - eval srcfile=\"$fix_srcfile_path\" - fi - qsrcfile=`$echo "X$srcfile" | $Xsed -e "$sed_quote_subst"` - case $qsrcfile in - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - qsrcfile="\"$qsrcfile\"" ;; - esac - - $run $rm "$libobj" "${libobj}T" - - # Create a libtool object file (analogous to a ".la" file), - # but don't create it if we're doing a dry run. - test -z "$run" && cat > ${libobj}T </dev/null`" != "X$srcfile"; then - $echo "\ -*** ERROR, $lockfile contains: -`cat $lockfile 2>/dev/null` - -but it should contain: -$srcfile - -This indicates that another process is trying to use the same -temporary object file, and libtool could not work around it because -your compiler does not support \`-c' and \`-o' together. If you -repeat this compilation, it may succeed, by chance, but you had better -avoid parallel builds (make -j) in this platform, or get a better -compiler." - - $run $rm $removelist - exit $EXIT_FAILURE - fi - - # Just move the object if needed, then go on to compile the next one - if test -n "$output_obj" && test "X$output_obj" != "X$lobj"; then - $show "$mv $output_obj $lobj" - if $run $mv $output_obj $lobj; then : - else - error=$? - $run $rm $removelist - exit $error - fi - fi - - # Append the name of the PIC object to the libtool object file. - test -z "$run" && cat >> ${libobj}T <> ${libobj}T </dev/null`" != "X$srcfile"; then - $echo "\ -*** ERROR, $lockfile contains: -`cat $lockfile 2>/dev/null` - -but it should contain: -$srcfile - -This indicates that another process is trying to use the same -temporary object file, and libtool could not work around it because -your compiler does not support \`-c' and \`-o' together. If you -repeat this compilation, it may succeed, by chance, but you had better -avoid parallel builds (make -j) in this platform, or get a better -compiler." - - $run $rm $removelist - exit $EXIT_FAILURE - fi - - # Just move the object if needed - if test -n "$output_obj" && test "X$output_obj" != "X$obj"; then - $show "$mv $output_obj $obj" - if $run $mv $output_obj $obj; then : - else - error=$? - $run $rm $removelist - exit $error - fi - fi - - # Append the name of the non-PIC object the libtool object file. - # Only append if the libtool object file exists. - test -z "$run" && cat >> ${libobj}T <> ${libobj}T <&2 - fi - if test -n "$link_static_flag"; then - dlopen_self=$dlopen_self_static - fi - prefer_static_libs=yes - else - if test -z "$pic_flag" && test -n "$link_static_flag"; then - dlopen_self=$dlopen_self_static - fi - prefer_static_libs=built - fi - build_libtool_libs=no - build_old_libs=yes - break - ;; - esac - done - - # See if our shared archives depend on static archives. - test -n "$old_archive_from_new_cmds" && build_old_libs=yes - - # Go through the arguments, transforming them on the way. - while test "$#" -gt 0; do - arg="$1" - shift - case $arg in - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - qarg=\"`$echo "X$arg" | $Xsed -e "$sed_quote_subst"`\" ### testsuite: skip nested quoting test - ;; - *) qarg=$arg ;; - esac - libtool_args="$libtool_args $qarg" - - # If the previous option needs an argument, assign it. - if test -n "$prev"; then - case $prev in - output) - compile_command="$compile_command @OUTPUT@" - finalize_command="$finalize_command @OUTPUT@" - ;; - esac - - case $prev in - dlfiles|dlprefiles) - if test "$preload" = no; then - # Add the symbol object into the linking commands. - compile_command="$compile_command @SYMFILE@" - finalize_command="$finalize_command @SYMFILE@" - preload=yes - fi - case $arg in - *.la | *.lo) ;; # We handle these cases below. - force) - if test "$dlself" = no; then - dlself=needless - export_dynamic=yes - fi - prev= - continue - ;; - self) - if test "$prev" = dlprefiles; then - dlself=yes - elif test "$prev" = dlfiles && test "$dlopen_self" != yes; then - dlself=yes - else - dlself=needless - export_dynamic=yes - fi - prev= - continue - ;; - *) - if test "$prev" = dlfiles; then - dlfiles="$dlfiles $arg" - else - dlprefiles="$dlprefiles $arg" - fi - prev= - continue - ;; - esac - ;; - expsyms) - export_symbols="$arg" - if test ! -f "$arg"; then - $echo "$modename: symbol file \`$arg' does not exist" - exit $EXIT_FAILURE - fi - prev= - continue - ;; - expsyms_regex) - export_symbols_regex="$arg" - prev= - continue - ;; - inst_prefix) - inst_prefix_dir="$arg" - prev= - continue - ;; - precious_regex) - precious_files_regex="$arg" - prev= - continue - ;; - release) - release="-$arg" - prev= - continue - ;; - objectlist) - if test -f "$arg"; then - save_arg=$arg - moreargs= - for fil in `cat $save_arg` - do -# moreargs="$moreargs $fil" - arg=$fil - # A libtool-controlled object. - - # Check to see that this really is a libtool object. - if (${SED} -e '2q' $arg | grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then - pic_object= - non_pic_object= - - # Read the .lo file - # If there is no directory component, then add one. - case $arg in - */* | *\\*) . $arg ;; - *) . ./$arg ;; - esac - - if test -z "$pic_object" || \ - test -z "$non_pic_object" || - test "$pic_object" = none && \ - test "$non_pic_object" = none; then - $echo "$modename: cannot find name of object for \`$arg'" 1>&2 - exit $EXIT_FAILURE - fi - - # Extract subdirectory from the argument. - xdir=`$echo "X$arg" | $Xsed -e 's%/[^/]*$%%'` - if test "X$xdir" = "X$arg"; then - xdir= - else - xdir="$xdir/" - fi - - if test "$pic_object" != none; then - # Prepend the subdirectory the object is found in. - pic_object="$xdir$pic_object" - - if test "$prev" = dlfiles; then - if test "$build_libtool_libs" = yes && test "$dlopen_support" = yes; then - dlfiles="$dlfiles $pic_object" - prev= - continue - else - # If libtool objects are unsupported, then we need to preload. - prev=dlprefiles - fi - fi - - # CHECK ME: I think I busted this. -Ossama - if test "$prev" = dlprefiles; then - # Preload the old-style object. - dlprefiles="$dlprefiles $pic_object" - prev= - fi - - # A PIC object. - libobjs="$libobjs $pic_object" - arg="$pic_object" - fi - - # Non-PIC object. - if test "$non_pic_object" != none; then - # Prepend the subdirectory the object is found in. - non_pic_object="$xdir$non_pic_object" - - # A standard non-PIC object - non_pic_objects="$non_pic_objects $non_pic_object" - if test -z "$pic_object" || test "$pic_object" = none ; then - arg="$non_pic_object" - fi - else - # If the PIC object exists, use it instead. - # $xdir was prepended to $pic_object above. - non_pic_object="$pic_object" - non_pic_objects="$non_pic_objects $non_pic_object" - fi - else - # Only an error if not doing a dry-run. - if test -z "$run"; then - $echo "$modename: \`$arg' is not a valid libtool object" 1>&2 - exit $EXIT_FAILURE - else - # Dry-run case. - - # Extract subdirectory from the argument. - xdir=`$echo "X$arg" | $Xsed -e 's%/[^/]*$%%'` - if test "X$xdir" = "X$arg"; then - xdir= - else - xdir="$xdir/" - fi - - pic_object=`$echo "X${xdir}${objdir}/${arg}" | $Xsed -e "$lo2o"` - non_pic_object=`$echo "X${xdir}${arg}" | $Xsed -e "$lo2o"` - libobjs="$libobjs $pic_object" - non_pic_objects="$non_pic_objects $non_pic_object" - fi - fi - done - else - $echo "$modename: link input file \`$save_arg' does not exist" - exit $EXIT_FAILURE - fi - arg=$save_arg - prev= - continue - ;; - rpath | xrpath) - # We need an absolute path. - case $arg in - [\\/]* | [A-Za-z]:[\\/]*) ;; - *) - $echo "$modename: only absolute run-paths are allowed" 1>&2 - exit $EXIT_FAILURE - ;; - esac - if test "$prev" = rpath; then - case "$rpath " in - *" $arg "*) ;; - *) rpath="$rpath $arg" ;; - esac - else - case "$xrpath " in - *" $arg "*) ;; - *) xrpath="$xrpath $arg" ;; - esac - fi - prev= - continue - ;; - xcompiler) - compiler_flags="$compiler_flags $qarg" - prev= - compile_command="$compile_command $qarg" - finalize_command="$finalize_command $qarg" - continue - ;; - xlinker) - linker_flags="$linker_flags $qarg" - compiler_flags="$compiler_flags $wl$qarg" - prev= - compile_command="$compile_command $wl$qarg" - finalize_command="$finalize_command $wl$qarg" - continue - ;; - xcclinker) - linker_flags="$linker_flags $qarg" - compiler_flags="$compiler_flags $qarg" - prev= - compile_command="$compile_command $qarg" - finalize_command="$finalize_command $qarg" - continue - ;; - shrext) - shrext_cmds="$arg" - prev= - continue - ;; - darwin_framework|darwin_framework_skip) - test "$prev" = "darwin_framework" && compiler_flags="$compiler_flags $arg" - compile_command="$compile_command $arg" - finalize_command="$finalize_command $arg" - prev= - continue - ;; - *) - eval "$prev=\"\$arg\"" - prev= - continue - ;; - esac - fi # test -n "$prev" - - prevarg="$arg" - - case $arg in - -all-static) - if test -n "$link_static_flag"; then - compile_command="$compile_command $link_static_flag" - finalize_command="$finalize_command $link_static_flag" - fi - continue - ;; - - -allow-undefined) - # FIXME: remove this flag sometime in the future. - $echo "$modename: \`-allow-undefined' is deprecated because it is the default" 1>&2 - continue - ;; - - -avoid-version) - avoid_version=yes - continue - ;; - - -dlopen) - prev=dlfiles - continue - ;; - - -dlpreopen) - prev=dlprefiles - continue - ;; - - -export-dynamic) - export_dynamic=yes - continue - ;; - - -export-symbols | -export-symbols-regex) - if test -n "$export_symbols" || test -n "$export_symbols_regex"; then - $echo "$modename: more than one -exported-symbols argument is not allowed" - exit $EXIT_FAILURE - fi - if test "X$arg" = "X-export-symbols"; then - prev=expsyms - else - prev=expsyms_regex - fi - continue - ;; - - -framework|-arch|-isysroot) - case " $CC " in - *" ${arg} ${1} "* | *" ${arg} ${1} "*) - prev=darwin_framework_skip ;; - *) compiler_flags="$compiler_flags $arg" - prev=darwin_framework ;; - esac - compile_command="$compile_command $arg" - finalize_command="$finalize_command $arg" - continue - ;; - - -inst-prefix-dir) - prev=inst_prefix - continue - ;; - - # The native IRIX linker understands -LANG:*, -LIST:* and -LNO:* - # so, if we see these flags be careful not to treat them like -L - -L[A-Z][A-Z]*:*) - case $with_gcc/$host in - no/*-*-irix* | /*-*-irix*) - compile_command="$compile_command $arg" - finalize_command="$finalize_command $arg" - ;; - esac - continue - ;; - - -L*) - dir=`$echo "X$arg" | $Xsed -e 's/^-L//'` - # We need an absolute path. - case $dir in - [\\/]* | [A-Za-z]:[\\/]*) ;; - *) - absdir=`cd "$dir" && pwd` - if test -z "$absdir"; then - $echo "$modename: cannot determine absolute directory name of \`$dir'" 1>&2 - absdir="$dir" - notinst_path="$notinst_path $dir" - fi - dir="$absdir" - ;; - esac - case "$deplibs " in - *" -L$dir "*) ;; - *) - deplibs="$deplibs -L$dir" - lib_search_path="$lib_search_path $dir" - ;; - esac - case $host in - *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2*) - testbindir=`$echo "X$dir" | $Xsed -e 's*/lib$*/bin*'` - case :$dllsearchpath: in - *":$dir:"*) ;; - *) dllsearchpath="$dllsearchpath:$dir";; - esac - case :$dllsearchpath: in - *":$testbindir:"*) ;; - *) dllsearchpath="$dllsearchpath:$testbindir";; - esac - ;; - esac - continue - ;; - - -l*) - if test "X$arg" = "X-lc" || test "X$arg" = "X-lm"; then - case $host in - *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-beos*) - # These systems don't actually have a C or math library (as such) - continue - ;; - *-*-os2*) - # These systems don't actually have a C library (as such) - test "X$arg" = "X-lc" && continue - ;; - *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*) - # Do not include libc due to us having libc/libc_r. - test "X$arg" = "X-lc" && continue - ;; - *-*-rhapsody* | *-*-darwin1.[012]) - # Rhapsody C and math libraries are in the System framework - deplibs="$deplibs -framework System" - continue - ;; - *-*-sco3.2v5* | *-*-sco5v6*) - # Causes problems with __ctype - test "X$arg" = "X-lc" && continue - ;; - *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*) - # Compiler inserts libc in the correct place for threads to work - test "X$arg" = "X-lc" && continue - ;; - esac - elif test "X$arg" = "X-lc_r"; then - case $host in - *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*) - # Do not include libc_r directly, use -pthread flag. - continue - ;; - esac - fi - deplibs="$deplibs $arg" - continue - ;; - - # Tru64 UNIX uses -model [arg] to determine the layout of C++ - # classes, name mangling, and exception handling. - -model) - compile_command="$compile_command $arg" - compiler_flags="$compiler_flags $arg" - finalize_command="$finalize_command $arg" - prev=xcompiler - continue - ;; - - -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe) - compiler_flags="$compiler_flags $arg" - compile_command="$compile_command $arg" - finalize_command="$finalize_command $arg" - continue - ;; - - -module) - module=yes - continue - ;; - - # -64, -mips[0-9] enable 64-bit mode on the SGI compiler - # -r[0-9][0-9]* specifies the processor on the SGI compiler - # -xarch=*, -xtarget=* enable 64-bit mode on the Sun compiler - # +DA*, +DD* enable 64-bit mode on the HP compiler - # -q* pass through compiler args for the IBM compiler - # -m* pass through architecture-specific compiler args for GCC - # -m*, -t[45]*, -txscale* pass through architecture-specific - # compiler args for GCC - # -pg pass through profiling flag for GCC - # @file GCC response files - -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*|-pg| \ - -t[45]*|-txscale*|@*) - - # Unknown arguments in both finalize_command and compile_command need - # to be aesthetically quoted because they are evaled later. - arg=`$echo "X$arg" | $Xsed -e "$sed_quote_subst"` - case $arg in - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - arg="\"$arg\"" - ;; - esac - compile_command="$compile_command $arg" - finalize_command="$finalize_command $arg" - compiler_flags="$compiler_flags $arg" - continue - ;; - - -shrext) - prev=shrext - continue - ;; - - -no-fast-install) - fast_install=no - continue - ;; - - -no-install) - case $host in - *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2*) - # The PATH hackery in wrapper scripts is required on Windows - # in order for the loader to find any dlls it needs. - $echo "$modename: warning: \`-no-install' is ignored for $host" 1>&2 - $echo "$modename: warning: assuming \`-no-fast-install' instead" 1>&2 - fast_install=no - ;; - *) no_install=yes ;; - esac - continue - ;; - - -no-undefined) - allow_undefined=no - continue - ;; - - -objectlist) - prev=objectlist - continue - ;; - - -o) prev=output ;; - - -precious-files-regex) - prev=precious_regex - continue - ;; - - -release) - prev=release - continue - ;; - - -rpath) - prev=rpath - continue - ;; - - -R) - prev=xrpath - continue - ;; - - -R*) - dir=`$echo "X$arg" | $Xsed -e 's/^-R//'` - # We need an absolute path. - case $dir in - [\\/]* | [A-Za-z]:[\\/]*) ;; - *) - $echo "$modename: only absolute run-paths are allowed" 1>&2 - exit $EXIT_FAILURE - ;; - esac - case "$xrpath " in - *" $dir "*) ;; - *) xrpath="$xrpath $dir" ;; - esac - continue - ;; - - -static) - # The effects of -static are defined in a previous loop. - # We used to do the same as -all-static on platforms that - # didn't have a PIC flag, but the assumption that the effects - # would be equivalent was wrong. It would break on at least - # Digital Unix and AIX. - continue - ;; - - -thread-safe) - thread_safe=yes - continue - ;; - - -version-info) - prev=vinfo - continue - ;; - -version-number) - prev=vinfo - vinfo_number=yes - continue - ;; - - -Wc,*) - args=`$echo "X$arg" | $Xsed -e "$sed_quote_subst" -e 's/^-Wc,//'` - arg= - save_ifs="$IFS"; IFS=',' - for flag in $args; do - IFS="$save_ifs" - case $flag in - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - flag="\"$flag\"" - ;; - esac - arg="$arg $wl$flag" - compiler_flags="$compiler_flags $flag" - done - IFS="$save_ifs" - arg=`$echo "X$arg" | $Xsed -e "s/^ //"` - ;; - - -Wl,*) - args=`$echo "X$arg" | $Xsed -e "$sed_quote_subst" -e 's/^-Wl,//'` - arg= - save_ifs="$IFS"; IFS=',' - for flag in $args; do - IFS="$save_ifs" - case $flag in - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - flag="\"$flag\"" - ;; - esac - arg="$arg $wl$flag" - compiler_flags="$compiler_flags $wl$flag" - linker_flags="$linker_flags $flag" - done - IFS="$save_ifs" - arg=`$echo "X$arg" | $Xsed -e "s/^ //"` - ;; - - -Xcompiler) - prev=xcompiler - continue - ;; - - -Xlinker) - prev=xlinker - continue - ;; - - -XCClinker) - prev=xcclinker - continue - ;; - - # Some other compiler flag. - -* | +*) - # Unknown arguments in both finalize_command and compile_command need - # to be aesthetically quoted because they are evaled later. - arg=`$echo "X$arg" | $Xsed -e "$sed_quote_subst"` - case $arg in - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - arg="\"$arg\"" - ;; - esac - ;; - - *.$objext) - # A standard object. - objs="$objs $arg" - ;; - - *.lo) - # A libtool-controlled object. - - # Check to see that this really is a libtool object. - if (${SED} -e '2q' $arg | grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then - pic_object= - non_pic_object= - - # Read the .lo file - # If there is no directory component, then add one. - case $arg in - */* | *\\*) . $arg ;; - *) . ./$arg ;; - esac - - if test -z "$pic_object" || \ - test -z "$non_pic_object" || - test "$pic_object" = none && \ - test "$non_pic_object" = none; then - $echo "$modename: cannot find name of object for \`$arg'" 1>&2 - exit $EXIT_FAILURE - fi - - # Extract subdirectory from the argument. - xdir=`$echo "X$arg" | $Xsed -e 's%/[^/]*$%%'` - if test "X$xdir" = "X$arg"; then - xdir= - else - xdir="$xdir/" - fi - - if test "$pic_object" != none; then - # Prepend the subdirectory the object is found in. - pic_object="$xdir$pic_object" - - if test "$prev" = dlfiles; then - if test "$build_libtool_libs" = yes && test "$dlopen_support" = yes; then - dlfiles="$dlfiles $pic_object" - prev= - continue - else - # If libtool objects are unsupported, then we need to preload. - prev=dlprefiles - fi - fi - - # CHECK ME: I think I busted this. -Ossama - if test "$prev" = dlprefiles; then - # Preload the old-style object. - dlprefiles="$dlprefiles $pic_object" - prev= - fi - - # A PIC object. - libobjs="$libobjs $pic_object" - arg="$pic_object" - fi - - # Non-PIC object. - if test "$non_pic_object" != none; then - # Prepend the subdirectory the object is found in. - non_pic_object="$xdir$non_pic_object" - - # A standard non-PIC object - non_pic_objects="$non_pic_objects $non_pic_object" - if test -z "$pic_object" || test "$pic_object" = none ; then - arg="$non_pic_object" - fi - else - # If the PIC object exists, use it instead. - # $xdir was prepended to $pic_object above. - non_pic_object="$pic_object" - non_pic_objects="$non_pic_objects $non_pic_object" - fi - else - # Only an error if not doing a dry-run. - if test -z "$run"; then - $echo "$modename: \`$arg' is not a valid libtool object" 1>&2 - exit $EXIT_FAILURE - else - # Dry-run case. - - # Extract subdirectory from the argument. - xdir=`$echo "X$arg" | $Xsed -e 's%/[^/]*$%%'` - if test "X$xdir" = "X$arg"; then - xdir= - else - xdir="$xdir/" - fi - - pic_object=`$echo "X${xdir}${objdir}/${arg}" | $Xsed -e "$lo2o"` - non_pic_object=`$echo "X${xdir}${arg}" | $Xsed -e "$lo2o"` - libobjs="$libobjs $pic_object" - non_pic_objects="$non_pic_objects $non_pic_object" - fi - fi - ;; - - *.$libext) - # An archive. - deplibs="$deplibs $arg" - old_deplibs="$old_deplibs $arg" - continue - ;; - - *.la) - # A libtool-controlled library. - - if test "$prev" = dlfiles; then - # This library was specified with -dlopen. - dlfiles="$dlfiles $arg" - prev= - elif test "$prev" = dlprefiles; then - # The library was specified with -dlpreopen. - dlprefiles="$dlprefiles $arg" - prev= - else - deplibs="$deplibs $arg" - fi - continue - ;; - - # Some other compiler argument. - *) - # Unknown arguments in both finalize_command and compile_command need - # to be aesthetically quoted because they are evaled later. - arg=`$echo "X$arg" | $Xsed -e "$sed_quote_subst"` - case $arg in - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - arg="\"$arg\"" - ;; - esac - ;; - esac # arg - - # Now actually substitute the argument into the commands. - if test -n "$arg"; then - compile_command="$compile_command $arg" - finalize_command="$finalize_command $arg" - fi - done # argument parsing loop - - if test -n "$prev"; then - $echo "$modename: the \`$prevarg' option requires an argument" 1>&2 - $echo "$help" 1>&2 - exit $EXIT_FAILURE - fi - - if test "$export_dynamic" = yes && test -n "$export_dynamic_flag_spec"; then - eval arg=\"$export_dynamic_flag_spec\" - compile_command="$compile_command $arg" - finalize_command="$finalize_command $arg" - fi - - oldlibs= - # calculate the name of the file, without its directory - outputname=`$echo "X$output" | $Xsed -e 's%^.*/%%'` - libobjs_save="$libobjs" - - if test -n "$shlibpath_var"; then - # get the directories listed in $shlibpath_var - eval shlib_search_path=\`\$echo \"X\${$shlibpath_var}\" \| \$Xsed -e \'s/:/ /g\'\` - else - shlib_search_path= - fi - eval sys_lib_search_path=\"$sys_lib_search_path_spec\" - eval sys_lib_dlsearch_path=\"$sys_lib_dlsearch_path_spec\" - - output_objdir=`$echo "X$output" | $Xsed -e 's%/[^/]*$%%'` - if test "X$output_objdir" = "X$output"; then - output_objdir="$objdir" - else - output_objdir="$output_objdir/$objdir" - fi - # Create the object directory. - if test ! -d "$output_objdir"; then - $show "$mkdir $output_objdir" - $run $mkdir $output_objdir - exit_status=$? - if test "$exit_status" -ne 0 && test ! -d "$output_objdir"; then - exit $exit_status - fi - fi - - # Determine the type of output - case $output in - "") - $echo "$modename: you must specify an output file" 1>&2 - $echo "$help" 1>&2 - exit $EXIT_FAILURE - ;; - *.$libext) linkmode=oldlib ;; - *.lo | *.$objext) linkmode=obj ;; - *.la) linkmode=lib ;; - *) linkmode=prog ;; # Anything else should be a program. - esac - - case $host in - *cygwin* | *mingw* | *pw32*) - # don't eliminate duplications in $postdeps and $predeps - duplicate_compiler_generated_deps=yes - ;; - *) - duplicate_compiler_generated_deps=$duplicate_deps - ;; - esac - specialdeplibs= - - libs= - # Find all interdependent deplibs by searching for libraries - # that are linked more than once (e.g. -la -lb -la) - for deplib in $deplibs; do - if test "X$duplicate_deps" = "Xyes" ; then - case "$libs " in - *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;; - esac - fi - libs="$libs $deplib" - done - - if test "$linkmode" = lib; then - libs="$predeps $libs $compiler_lib_search_path $postdeps" - - # Compute libraries that are listed more than once in $predeps - # $postdeps and mark them as special (i.e., whose duplicates are - # not to be eliminated). - pre_post_deps= - if test "X$duplicate_compiler_generated_deps" = "Xyes" ; then - for pre_post_dep in $predeps $postdeps; do - case "$pre_post_deps " in - *" $pre_post_dep "*) specialdeplibs="$specialdeplibs $pre_post_deps" ;; - esac - pre_post_deps="$pre_post_deps $pre_post_dep" - done - fi - pre_post_deps= - fi - - deplibs= - newdependency_libs= - newlib_search_path= - need_relink=no # whether we're linking any uninstalled libtool libraries - notinst_deplibs= # not-installed libtool libraries - case $linkmode in - lib) - passes="conv link" - for file in $dlfiles $dlprefiles; do - case $file in - *.la) ;; - *) - $echo "$modename: libraries can \`-dlopen' only libtool libraries: $file" 1>&2 - exit $EXIT_FAILURE - ;; - esac - done - ;; - prog) - compile_deplibs= - finalize_deplibs= - alldeplibs=no - newdlfiles= - newdlprefiles= - passes="conv scan dlopen dlpreopen link" - ;; - *) passes="conv" - ;; - esac - for pass in $passes; do - if test "$linkmode,$pass" = "lib,link" || - test "$linkmode,$pass" = "prog,scan"; then - libs="$deplibs" - deplibs= - fi - if test "$linkmode" = prog; then - case $pass in - dlopen) libs="$dlfiles" ;; - dlpreopen) libs="$dlprefiles" ;; - link) libs="$deplibs %DEPLIBS% $dependency_libs" ;; - esac - fi - if test "$pass" = dlopen; then - # Collect dlpreopened libraries - save_deplibs="$deplibs" - deplibs= - fi - for deplib in $libs; do - lib= - found=no - case $deplib in - -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe) - if test "$linkmode,$pass" = "prog,link"; then - compile_deplibs="$deplib $compile_deplibs" - finalize_deplibs="$deplib $finalize_deplibs" - else - compiler_flags="$compiler_flags $deplib" - fi - continue - ;; - -l*) - if test "$linkmode" != lib && test "$linkmode" != prog; then - $echo "$modename: warning: \`-l' is ignored for archives/objects" 1>&2 - continue - fi - name=`$echo "X$deplib" | $Xsed -e 's/^-l//'` - for searchdir in $newlib_search_path $lib_search_path $sys_lib_search_path $shlib_search_path; do - for search_ext in .la $std_shrext .so .a; do - # Search the libtool library - lib="$searchdir/lib${name}${search_ext}" - if test -f "$lib"; then - if test "$search_ext" = ".la"; then - found=yes - else - found=no - fi - break 2 - fi - done - done - if test "$found" != yes; then - # deplib doesn't seem to be a libtool library - if test "$linkmode,$pass" = "prog,link"; then - compile_deplibs="$deplib $compile_deplibs" - finalize_deplibs="$deplib $finalize_deplibs" - else - deplibs="$deplib $deplibs" - test "$linkmode" = lib && newdependency_libs="$deplib $newdependency_libs" - fi - continue - else # deplib is a libtool library - # If $allow_libtool_libs_with_static_runtimes && $deplib is a stdlib, - # We need to do some special things here, and not later. - if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then - case " $predeps $postdeps " in - *" $deplib "*) - if (${SED} -e '2q' $lib | - grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then - library_names= - old_library= - case $lib in - */* | *\\*) . $lib ;; - *) . ./$lib ;; - esac - for l in $old_library $library_names; do - ll="$l" - done - if test "X$ll" = "X$old_library" ; then # only static version available - found=no - ladir=`$echo "X$lib" | $Xsed -e 's%/[^/]*$%%'` - test "X$ladir" = "X$lib" && ladir="." - lib=$ladir/$old_library - if test "$linkmode,$pass" = "prog,link"; then - compile_deplibs="$deplib $compile_deplibs" - finalize_deplibs="$deplib $finalize_deplibs" - else - deplibs="$deplib $deplibs" - test "$linkmode" = lib && newdependency_libs="$deplib $newdependency_libs" - fi - continue - fi - fi - ;; - *) ;; - esac - fi - fi - ;; # -l - -L*) - case $linkmode in - lib) - deplibs="$deplib $deplibs" - test "$pass" = conv && continue - newdependency_libs="$deplib $newdependency_libs" - newlib_search_path="$newlib_search_path "`$echo "X$deplib" | $Xsed -e 's/^-L//'` - ;; - prog) - if test "$pass" = conv; then - deplibs="$deplib $deplibs" - continue - fi - if test "$pass" = scan; then - deplibs="$deplib $deplibs" - else - compile_deplibs="$deplib $compile_deplibs" - finalize_deplibs="$deplib $finalize_deplibs" - fi - newlib_search_path="$newlib_search_path "`$echo "X$deplib" | $Xsed -e 's/^-L//'` - ;; - *) - $echo "$modename: warning: \`-L' is ignored for archives/objects" 1>&2 - ;; - esac # linkmode - continue - ;; # -L - -R*) - if test "$pass" = link; then - dir=`$echo "X$deplib" | $Xsed -e 's/^-R//'` - # Make sure the xrpath contains only unique directories. - case "$xrpath " in - *" $dir "*) ;; - *) xrpath="$xrpath $dir" ;; - esac - fi - deplibs="$deplib $deplibs" - continue - ;; - *.la) lib="$deplib" ;; - *.$libext) - if test "$pass" = conv; then - deplibs="$deplib $deplibs" - continue - fi - case $linkmode in - lib) - valid_a_lib=no - case $deplibs_check_method in - match_pattern*) - set dummy $deplibs_check_method - match_pattern_regex=`expr "$deplibs_check_method" : "$2 \(.*\)"` - if eval $echo \"$deplib\" 2>/dev/null \ - | $SED 10q \ - | $EGREP "$match_pattern_regex" > /dev/null; then - valid_a_lib=yes - fi - ;; - pass_all) - valid_a_lib=yes - ;; - esac - if test "$valid_a_lib" != yes; then - $echo - $echo "*** Warning: Trying to link with static lib archive $deplib." - $echo "*** I have the capability to make that library automatically link in when" - $echo "*** you link to this library. But I can only do this if you have a" - $echo "*** shared version of the library, which you do not appear to have" - $echo "*** because the file extensions .$libext of this argument makes me believe" - $echo "*** that it is just a static archive that I should not used here." - else - $echo - $echo "*** Warning: Linking the shared library $output against the" - $echo "*** static library $deplib is not portable!" - deplibs="$deplib $deplibs" - fi - continue - ;; - prog) - if test "$pass" != link; then - deplibs="$deplib $deplibs" - else - compile_deplibs="$deplib $compile_deplibs" - finalize_deplibs="$deplib $finalize_deplibs" - fi - continue - ;; - esac # linkmode - ;; # *.$libext - *.lo | *.$objext) - if test "$pass" = conv; then - deplibs="$deplib $deplibs" - elif test "$linkmode" = prog; then - if test "$pass" = dlpreopen || test "$dlopen_support" != yes || test "$build_libtool_libs" = no; then - # If there is no dlopen support or we're linking statically, - # we need to preload. - newdlprefiles="$newdlprefiles $deplib" - compile_deplibs="$deplib $compile_deplibs" - finalize_deplibs="$deplib $finalize_deplibs" - else - newdlfiles="$newdlfiles $deplib" - fi - fi - continue - ;; - %DEPLIBS%) - alldeplibs=yes - continue - ;; - esac # case $deplib - if test "$found" = yes || test -f "$lib"; then : - else - $echo "$modename: cannot find the library \`$lib' or unhandled argument \`$deplib'" 1>&2 - exit $EXIT_FAILURE - fi - - # Check to see that this really is a libtool archive. - if (${SED} -e '2q' $lib | grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then : - else - $echo "$modename: \`$lib' is not a valid libtool archive" 1>&2 - exit $EXIT_FAILURE - fi - - ladir=`$echo "X$lib" | $Xsed -e 's%/[^/]*$%%'` - test "X$ladir" = "X$lib" && ladir="." - - dlname= - dlopen= - dlpreopen= - libdir= - library_names= - old_library= - # If the library was installed with an old release of libtool, - # it will not redefine variables installed, or shouldnotlink - installed=yes - shouldnotlink=no - avoidtemprpath= - - - # Read the .la file - case $lib in - */* | *\\*) . $lib ;; - *) . ./$lib ;; - esac - - if test "$linkmode,$pass" = "lib,link" || - test "$linkmode,$pass" = "prog,scan" || - { test "$linkmode" != prog && test "$linkmode" != lib; }; then - test -n "$dlopen" && dlfiles="$dlfiles $dlopen" - test -n "$dlpreopen" && dlprefiles="$dlprefiles $dlpreopen" - fi - - if test "$pass" = conv; then - # Only check for convenience libraries - deplibs="$lib $deplibs" - if test -z "$libdir"; then - if test -z "$old_library"; then - $echo "$modename: cannot find name of link library for \`$lib'" 1>&2 - exit $EXIT_FAILURE - fi - # It is a libtool convenience library, so add in its objects. - convenience="$convenience $ladir/$objdir/$old_library" - old_convenience="$old_convenience $ladir/$objdir/$old_library" - tmp_libs= - for deplib in $dependency_libs; do - deplibs="$deplib $deplibs" - if test "X$duplicate_deps" = "Xyes" ; then - case "$tmp_libs " in - *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;; - esac - fi - tmp_libs="$tmp_libs $deplib" - done - elif test "$linkmode" != prog && test "$linkmode" != lib; then - $echo "$modename: \`$lib' is not a convenience library" 1>&2 - exit $EXIT_FAILURE - fi - continue - fi # $pass = conv - - - # Get the name of the library we link against. - linklib= - for l in $old_library $library_names; do - linklib="$l" - done - if test -z "$linklib"; then - $echo "$modename: cannot find name of link library for \`$lib'" 1>&2 - exit $EXIT_FAILURE - fi - - # This library was specified with -dlopen. - if test "$pass" = dlopen; then - if test -z "$libdir"; then - $echo "$modename: cannot -dlopen a convenience library: \`$lib'" 1>&2 - exit $EXIT_FAILURE - fi - if test -z "$dlname" || - test "$dlopen_support" != yes || - test "$build_libtool_libs" = no; then - # If there is no dlname, no dlopen support or we're linking - # statically, we need to preload. We also need to preload any - # dependent libraries so libltdl's deplib preloader doesn't - # bomb out in the load deplibs phase. - dlprefiles="$dlprefiles $lib $dependency_libs" - else - newdlfiles="$newdlfiles $lib" - fi - continue - fi # $pass = dlopen - - # We need an absolute path. - case $ladir in - [\\/]* | [A-Za-z]:[\\/]*) abs_ladir="$ladir" ;; - *) - abs_ladir=`cd "$ladir" && pwd` - if test -z "$abs_ladir"; then - $echo "$modename: warning: cannot determine absolute directory name of \`$ladir'" 1>&2 - $echo "$modename: passing it literally to the linker, although it might fail" 1>&2 - abs_ladir="$ladir" - fi - ;; - esac - laname=`$echo "X$lib" | $Xsed -e 's%^.*/%%'` - - # Find the relevant object directory and library name. - if test "X$installed" = Xyes; then - if test ! -f "$libdir/$linklib" && test -f "$abs_ladir/$linklib"; then - $echo "$modename: warning: library \`$lib' was moved." 1>&2 - dir="$ladir" - absdir="$abs_ladir" - libdir="$abs_ladir" - else - dir="$libdir" - absdir="$libdir" - fi - test "X$hardcode_automatic" = Xyes && avoidtemprpath=yes - else - if test ! -f "$ladir/$objdir/$linklib" && test -f "$abs_ladir/$linklib"; then - dir="$ladir" - absdir="$abs_ladir" - # Remove this search path later - notinst_path="$notinst_path $abs_ladir" - else - dir="$ladir/$objdir" - absdir="$abs_ladir/$objdir" - # Remove this search path later - notinst_path="$notinst_path $abs_ladir" - fi - fi # $installed = yes - name=`$echo "X$laname" | $Xsed -e 's/\.la$//' -e 's/^lib//'` - - # This library was specified with -dlpreopen. - if test "$pass" = dlpreopen; then - if test -z "$libdir"; then - $echo "$modename: cannot -dlpreopen a convenience library: \`$lib'" 1>&2 - exit $EXIT_FAILURE - fi - # Prefer using a static library (so that no silly _DYNAMIC symbols - # are required to link). - if test -n "$old_library"; then - newdlprefiles="$newdlprefiles $dir/$old_library" - # Otherwise, use the dlname, so that lt_dlopen finds it. - elif test -n "$dlname"; then - newdlprefiles="$newdlprefiles $dir/$dlname" - else - newdlprefiles="$newdlprefiles $dir/$linklib" - fi - fi # $pass = dlpreopen - - if test -z "$libdir"; then - # Link the convenience library - if test "$linkmode" = lib; then - deplibs="$dir/$old_library $deplibs" - elif test "$linkmode,$pass" = "prog,link"; then - compile_deplibs="$dir/$old_library $compile_deplibs" - finalize_deplibs="$dir/$old_library $finalize_deplibs" - else - deplibs="$lib $deplibs" # used for prog,scan pass - fi - continue - fi - - - if test "$linkmode" = prog && test "$pass" != link; then - newlib_search_path="$newlib_search_path $ladir" - deplibs="$lib $deplibs" - - linkalldeplibs=no - if test "$link_all_deplibs" != no || test -z "$library_names" || - test "$build_libtool_libs" = no; then - linkalldeplibs=yes - fi - - tmp_libs= - for deplib in $dependency_libs; do - case $deplib in - -L*) newlib_search_path="$newlib_search_path "`$echo "X$deplib" | $Xsed -e 's/^-L//'`;; ### testsuite: skip nested quoting test - esac - # Need to link against all dependency_libs? - if test "$linkalldeplibs" = yes; then - deplibs="$deplib $deplibs" - else - # Need to hardcode shared library paths - # or/and link against static libraries - newdependency_libs="$deplib $newdependency_libs" - fi - if test "X$duplicate_deps" = "Xyes" ; then - case "$tmp_libs " in - *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;; - esac - fi - tmp_libs="$tmp_libs $deplib" - done # for deplib - continue - fi # $linkmode = prog... - - if test "$linkmode,$pass" = "prog,link"; then - if test -n "$library_names" && - { test "$prefer_static_libs" = no || test -z "$old_library"; }; then - # We need to hardcode the library path - if test -n "$shlibpath_var" && test -z "$avoidtemprpath" ; then - # Make sure the rpath contains only unique directories. - case "$temp_rpath " in - *" $dir "*) ;; - *" $absdir "*) ;; - *) temp_rpath="$temp_rpath $absdir" ;; - esac - fi - - # Hardcode the library path. - # Skip directories that are in the system default run-time - # search path. - case " $sys_lib_dlsearch_path " in - *" $absdir "*) ;; - *) - case "$compile_rpath " in - *" $absdir "*) ;; - *) compile_rpath="$compile_rpath $absdir" - esac - ;; - esac - case " $sys_lib_dlsearch_path " in - *" $libdir "*) ;; - *) - case "$finalize_rpath " in - *" $libdir "*) ;; - *) finalize_rpath="$finalize_rpath $libdir" - esac - ;; - esac - fi # $linkmode,$pass = prog,link... - - if test "$alldeplibs" = yes && - { test "$deplibs_check_method" = pass_all || - { test "$build_libtool_libs" = yes && - test -n "$library_names"; }; }; then - # We only need to search for static libraries - continue - fi - fi - - link_static=no # Whether the deplib will be linked statically - use_static_libs=$prefer_static_libs - if test "$use_static_libs" = built && test "$installed" = yes ; then - use_static_libs=no - fi - if test -n "$library_names" && - { test "$use_static_libs" = no || test -z "$old_library"; }; then - if test "$installed" = no; then - notinst_deplibs="$notinst_deplibs $lib" - need_relink=yes - fi - # This is a shared library - - # Warn about portability, can't link against -module's on - # some systems (darwin) - if test "$shouldnotlink" = yes && test "$pass" = link ; then - $echo - if test "$linkmode" = prog; then - $echo "*** Warning: Linking the executable $output against the loadable module" - else - $echo "*** Warning: Linking the shared library $output against the loadable module" - fi - $echo "*** $linklib is not portable!" - fi - if test "$linkmode" = lib && - test "$hardcode_into_libs" = yes; then - # Hardcode the library path. - # Skip directories that are in the system default run-time - # search path. - case " $sys_lib_dlsearch_path " in - *" $absdir "*) ;; - *) - case "$compile_rpath " in - *" $absdir "*) ;; - *) compile_rpath="$compile_rpath $absdir" - esac - ;; - esac - case " $sys_lib_dlsearch_path " in - *" $libdir "*) ;; - *) - case "$finalize_rpath " in - *" $libdir "*) ;; - *) finalize_rpath="$finalize_rpath $libdir" - esac - ;; - esac - fi - - if test -n "$old_archive_from_expsyms_cmds"; then - # figure out the soname - set dummy $library_names - realname="$2" - shift; shift - libname=`eval \\$echo \"$libname_spec\"` - # use dlname if we got it. it's perfectly good, no? - if test -n "$dlname"; then - soname="$dlname" - elif test -n "$soname_spec"; then - # bleh windows - case $host in - *cygwin* | mingw*) - major=`expr $current - $age` - versuffix="-$major" - ;; - esac - eval soname=\"$soname_spec\" - else - soname="$realname" - fi - - # Make a new name for the extract_expsyms_cmds to use - soroot="$soname" - soname=`$echo $soroot | ${SED} -e 's/^.*\///'` - newlib="libimp-`$echo $soname | ${SED} 's/^lib//;s/\.dll$//'`.a" - - # If the library has no export list, then create one now - if test -f "$output_objdir/$soname-def"; then : - else - $show "extracting exported symbol list from \`$soname'" - save_ifs="$IFS"; IFS='~' - cmds=$extract_expsyms_cmds - for cmd in $cmds; do - IFS="$save_ifs" - eval cmd=\"$cmd\" - $show "$cmd" - $run eval "$cmd" || exit $? - done - IFS="$save_ifs" - fi - - # Create $newlib - if test -f "$output_objdir/$newlib"; then :; else - $show "generating import library for \`$soname'" - save_ifs="$IFS"; IFS='~' - cmds=$old_archive_from_expsyms_cmds - for cmd in $cmds; do - IFS="$save_ifs" - eval cmd=\"$cmd\" - $show "$cmd" - $run eval "$cmd" || exit $? - done - IFS="$save_ifs" - fi - # make sure the library variables are pointing to the new library - dir=$output_objdir - linklib=$newlib - fi # test -n "$old_archive_from_expsyms_cmds" - - if test "$linkmode" = prog || test "$mode" != relink; then - add_shlibpath= - add_dir= - add= - lib_linked=yes - case $hardcode_action in - immediate | unsupported) - if test "$hardcode_direct" = no; then - add="$dir/$linklib" - case $host in - *-*-sco3.2v5.0.[024]*) add_dir="-L$dir" ;; - *-*-sysv4*uw2*) add_dir="-L$dir" ;; - *-*-sysv5OpenUNIX* | *-*-sysv5UnixWare7.[01].[10]* | \ - *-*-unixware7*) add_dir="-L$dir" ;; - *-*-darwin* ) - # if the lib is a module then we can not link against - # it, someone is ignoring the new warnings I added - if /usr/bin/file -L $add 2> /dev/null | - $EGREP ": [^:]* bundle" >/dev/null ; then - $echo "** Warning, lib $linklib is a module, not a shared library" - if test -z "$old_library" ; then - $echo - $echo "** And there doesn't seem to be a static archive available" - $echo "** The link will probably fail, sorry" - else - add="$dir/$old_library" - fi - fi - esac - elif test "$hardcode_minus_L" = no; then - case $host in - *-*-sunos*) add_shlibpath="$dir" ;; - esac - add_dir="-L$dir" - add="-l$name" - elif test "$hardcode_shlibpath_var" = no; then - add_shlibpath="$dir" - add="-l$name" - else - lib_linked=no - fi - ;; - relink) - if test "$hardcode_direct" = yes; then - add="$dir/$linklib" - elif test "$hardcode_minus_L" = yes; then - add_dir="-L$dir" - # Try looking first in the location we're being installed to. - if test -n "$inst_prefix_dir"; then - case $libdir in - [\\/]*) - add_dir="$add_dir -L$inst_prefix_dir$libdir" - ;; - esac - fi - add="-l$name" - elif test "$hardcode_shlibpath_var" = yes; then - add_shlibpath="$dir" - add="-l$name" - else - lib_linked=no - fi - ;; - *) lib_linked=no ;; - esac - - if test "$lib_linked" != yes; then - $echo "$modename: configuration error: unsupported hardcode properties" - exit $EXIT_FAILURE - fi - - if test -n "$add_shlibpath"; then - case :$compile_shlibpath: in - *":$add_shlibpath:"*) ;; - *) compile_shlibpath="$compile_shlibpath$add_shlibpath:" ;; - esac - fi - if test "$linkmode" = prog; then - test -n "$add_dir" && compile_deplibs="$add_dir $compile_deplibs" - test -n "$add" && compile_deplibs="$add $compile_deplibs" - else - test -n "$add_dir" && deplibs="$add_dir $deplibs" - test -n "$add" && deplibs="$add $deplibs" - if test "$hardcode_direct" != yes && \ - test "$hardcode_minus_L" != yes && \ - test "$hardcode_shlibpath_var" = yes; then - case :$finalize_shlibpath: in - *":$libdir:"*) ;; - *) finalize_shlibpath="$finalize_shlibpath$libdir:" ;; - esac - fi - fi - fi - - if test "$linkmode" = prog || test "$mode" = relink; then - add_shlibpath= - add_dir= - add= - # Finalize command for both is simple: just hardcode it. - if test "$hardcode_direct" = yes; then - add="$libdir/$linklib" - elif test "$hardcode_minus_L" = yes; then - add_dir="-L$libdir" - add="-l$name" - elif test "$hardcode_shlibpath_var" = yes; then - case :$finalize_shlibpath: in - *":$libdir:"*) ;; - *) finalize_shlibpath="$finalize_shlibpath$libdir:" ;; - esac - add="-l$name" - elif test "$hardcode_automatic" = yes; then - if test -n "$inst_prefix_dir" && - test -f "$inst_prefix_dir$libdir/$linklib" ; then - add="$inst_prefix_dir$libdir/$linklib" - else - add="$libdir/$linklib" - fi - else - # We cannot seem to hardcode it, guess we'll fake it. - add_dir="-L$libdir" - # Try looking first in the location we're being installed to. - if test -n "$inst_prefix_dir"; then - case $libdir in - [\\/]*) - add_dir="$add_dir -L$inst_prefix_dir$libdir" - ;; - esac - fi - add="-l$name" - fi - - if test "$linkmode" = prog; then - test -n "$add_dir" && finalize_deplibs="$add_dir $finalize_deplibs" - test -n "$add" && finalize_deplibs="$add $finalize_deplibs" - else - test -n "$add_dir" && deplibs="$add_dir $deplibs" - test -n "$add" && deplibs="$add $deplibs" - fi - fi - elif test "$linkmode" = prog; then - # Here we assume that one of hardcode_direct or hardcode_minus_L - # is not unsupported. This is valid on all known static and - # shared platforms. - if test "$hardcode_direct" != unsupported; then - test -n "$old_library" && linklib="$old_library" - compile_deplibs="$dir/$linklib $compile_deplibs" - finalize_deplibs="$dir/$linklib $finalize_deplibs" - else - compile_deplibs="-l$name -L$dir $compile_deplibs" - finalize_deplibs="-l$name -L$dir $finalize_deplibs" - fi - elif test "$build_libtool_libs" = yes; then - # Not a shared library - if test "$deplibs_check_method" != pass_all; then - # We're trying link a shared library against a static one - # but the system doesn't support it. - - # Just print a warning and add the library to dependency_libs so - # that the program can be linked against the static library. - $echo - $echo "*** Warning: This system can not link to static lib archive $lib." - $echo "*** I have the capability to make that library automatically link in when" - $echo "*** you link to this library. But I can only do this if you have a" - $echo "*** shared version of the library, which you do not appear to have." - if test "$module" = yes; then - $echo "*** But as you try to build a module library, libtool will still create " - $echo "*** a static module, that should work as long as the dlopening application" - $echo "*** is linked with the -dlopen flag to resolve symbols at runtime." - if test -z "$global_symbol_pipe"; then - $echo - $echo "*** However, this would only work if libtool was able to extract symbol" - $echo "*** lists from a program, using \`nm' or equivalent, but libtool could" - $echo "*** not find such a program. So, this module is probably useless." - $echo "*** \`nm' from GNU binutils and a full rebuild may help." - fi - if test "$build_old_libs" = no; then - build_libtool_libs=module - build_old_libs=yes - else - build_libtool_libs=no - fi - fi - else - deplibs="$dir/$old_library $deplibs" - link_static=yes - fi - fi # link shared/static library? - - if test "$linkmode" = lib; then - if test -n "$dependency_libs" && - { test "$hardcode_into_libs" != yes || - test "$build_old_libs" = yes || - test "$link_static" = yes; }; then - # Extract -R from dependency_libs - temp_deplibs= - for libdir in $dependency_libs; do - case $libdir in - -R*) temp_xrpath=`$echo "X$libdir" | $Xsed -e 's/^-R//'` - case " $xrpath " in - *" $temp_xrpath "*) ;; - *) xrpath="$xrpath $temp_xrpath";; - esac;; - *) temp_deplibs="$temp_deplibs $libdir";; - esac - done - dependency_libs="$temp_deplibs" - fi - - newlib_search_path="$newlib_search_path $absdir" - # Link against this library - test "$link_static" = no && newdependency_libs="$abs_ladir/$laname $newdependency_libs" - # ... and its dependency_libs - tmp_libs= - for deplib in $dependency_libs; do - newdependency_libs="$deplib $newdependency_libs" - if test "X$duplicate_deps" = "Xyes" ; then - case "$tmp_libs " in - *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;; - esac - fi - tmp_libs="$tmp_libs $deplib" - done - - if test "$link_all_deplibs" != no; then - # Add the search paths of all dependency libraries - for deplib in $dependency_libs; do - case $deplib in - -L*) path="$deplib" ;; - *.la) - dir=`$echo "X$deplib" | $Xsed -e 's%/[^/]*$%%'` - test "X$dir" = "X$deplib" && dir="." - # We need an absolute path. - case $dir in - [\\/]* | [A-Za-z]:[\\/]*) absdir="$dir" ;; - *) - absdir=`cd "$dir" && pwd` - if test -z "$absdir"; then - $echo "$modename: warning: cannot determine absolute directory name of \`$dir'" 1>&2 - absdir="$dir" - fi - ;; - esac - if grep "^installed=no" $deplib > /dev/null; then - path="$absdir/$objdir" - else - eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $deplib` - if test -z "$libdir"; then - $echo "$modename: \`$deplib' is not a valid libtool archive" 1>&2 - exit $EXIT_FAILURE - fi - if test "$absdir" != "$libdir"; then - $echo "$modename: warning: \`$deplib' seems to be moved" 1>&2 - fi - path="$absdir" - fi - depdepl= - case $host in - *-*-darwin*) - # we do not want to link against static libs, - # but need to link against shared - eval deplibrary_names=`${SED} -n -e 's/^library_names=\(.*\)$/\1/p' $deplib` - if test -n "$deplibrary_names" ; then - for tmp in $deplibrary_names ; do - depdepl=$tmp - done - if test -f "$path/$depdepl" ; then - depdepl="$path/$depdepl" - fi - # do not add paths which are already there - case " $newlib_search_path " in - *" $path "*) ;; - *) newlib_search_path="$newlib_search_path $path";; - esac - fi - path="" - ;; - *) - path="-L$path" - ;; - esac - ;; - -l*) - case $host in - *-*-darwin*) - # Again, we only want to link against shared libraries - eval tmp_libs=`$echo "X$deplib" | $Xsed -e "s,^\-l,,"` - for tmp in $newlib_search_path ; do - if test -f "$tmp/lib$tmp_libs.dylib" ; then - eval depdepl="$tmp/lib$tmp_libs.dylib" - break - fi - done - path="" - ;; - *) continue ;; - esac - ;; - *) continue ;; - esac - case " $deplibs " in - *" $path "*) ;; - *) deplibs="$path $deplibs" ;; - esac - case " $deplibs " in - *" $depdepl "*) ;; - *) deplibs="$depdepl $deplibs" ;; - esac - done - fi # link_all_deplibs != no - fi # linkmode = lib - done # for deplib in $libs - dependency_libs="$newdependency_libs" - if test "$pass" = dlpreopen; then - # Link the dlpreopened libraries before other libraries - for deplib in $save_deplibs; do - deplibs="$deplib $deplibs" - done - fi - if test "$pass" != dlopen; then - if test "$pass" != conv; then - # Make sure lib_search_path contains only unique directories. - lib_search_path= - for dir in $newlib_search_path; do - case "$lib_search_path " in - *" $dir "*) ;; - *) lib_search_path="$lib_search_path $dir" ;; - esac - done - newlib_search_path= - fi - - if test "$linkmode,$pass" != "prog,link"; then - vars="deplibs" - else - vars="compile_deplibs finalize_deplibs" - fi - for var in $vars dependency_libs; do - # Add libraries to $var in reverse order - eval tmp_libs=\"\$$var\" - new_libs= - for deplib in $tmp_libs; do - # FIXME: Pedantically, this is the right thing to do, so - # that some nasty dependency loop isn't accidentally - # broken: - #new_libs="$deplib $new_libs" - # Pragmatically, this seems to cause very few problems in - # practice: - case $deplib in - -L*) new_libs="$deplib $new_libs" ;; - -R*) ;; - *) - # And here is the reason: when a library appears more - # than once as an explicit dependence of a library, or - # is implicitly linked in more than once by the - # compiler, it is considered special, and multiple - # occurrences thereof are not removed. Compare this - # with having the same library being listed as a - # dependency of multiple other libraries: in this case, - # we know (pedantically, we assume) the library does not - # need to be listed more than once, so we keep only the - # last copy. This is not always right, but it is rare - # enough that we require users that really mean to play - # such unportable linking tricks to link the library - # using -Wl,-lname, so that libtool does not consider it - # for duplicate removal. - case " $specialdeplibs " in - *" $deplib "*) new_libs="$deplib $new_libs" ;; - *) - case " $new_libs " in - *" $deplib "*) ;; - *) new_libs="$deplib $new_libs" ;; - esac - ;; - esac - ;; - esac - done - tmp_libs= - for deplib in $new_libs; do - case $deplib in - -L*) - case " $tmp_libs " in - *" $deplib "*) ;; - *) tmp_libs="$tmp_libs $deplib" ;; - esac - ;; - *) tmp_libs="$tmp_libs $deplib" ;; - esac - done - eval $var=\"$tmp_libs\" - done # for var - fi - # Last step: remove runtime libs from dependency_libs - # (they stay in deplibs) - tmp_libs= - for i in $dependency_libs ; do - case " $predeps $postdeps $compiler_lib_search_path " in - *" $i "*) - i="" - ;; - esac - if test -n "$i" ; then - tmp_libs="$tmp_libs $i" - fi - done - dependency_libs=$tmp_libs - done # for pass - if test "$linkmode" = prog; then - dlfiles="$newdlfiles" - dlprefiles="$newdlprefiles" - fi - - case $linkmode in - oldlib) - if test -n "$deplibs"; then - $echo "$modename: warning: \`-l' and \`-L' are ignored for archives" 1>&2 - fi - - if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then - $echo "$modename: warning: \`-dlopen' is ignored for archives" 1>&2 - fi - - if test -n "$rpath"; then - $echo "$modename: warning: \`-rpath' is ignored for archives" 1>&2 - fi - - if test -n "$xrpath"; then - $echo "$modename: warning: \`-R' is ignored for archives" 1>&2 - fi - - if test -n "$vinfo"; then - $echo "$modename: warning: \`-version-info/-version-number' is ignored for archives" 1>&2 - fi - - if test -n "$release"; then - $echo "$modename: warning: \`-release' is ignored for archives" 1>&2 - fi - - if test -n "$export_symbols" || test -n "$export_symbols_regex"; then - $echo "$modename: warning: \`-export-symbols' is ignored for archives" 1>&2 - fi - - # Now set the variables for building old libraries. - build_libtool_libs=no - oldlibs="$output" - objs="$objs$old_deplibs" - ;; - - lib) - # Make sure we only generate libraries of the form `libNAME.la'. - case $outputname in - lib*) - name=`$echo "X$outputname" | $Xsed -e 's/\.la$//' -e 's/^lib//'` - eval shared_ext=\"$shrext_cmds\" - eval libname=\"$libname_spec\" - ;; - *) - if test "$module" = no; then - $echo "$modename: libtool library \`$output' must begin with \`lib'" 1>&2 - $echo "$help" 1>&2 - exit $EXIT_FAILURE - fi - if test "$need_lib_prefix" != no; then - # Add the "lib" prefix for modules if required - name=`$echo "X$outputname" | $Xsed -e 's/\.la$//'` - eval shared_ext=\"$shrext_cmds\" - eval libname=\"$libname_spec\" - else - libname=`$echo "X$outputname" | $Xsed -e 's/\.la$//'` - fi - ;; - esac - - if test -n "$objs"; then - if test "$deplibs_check_method" != pass_all; then - $echo "$modename: cannot build libtool library \`$output' from non-libtool objects on this host:$objs" 2>&1 - exit $EXIT_FAILURE - else - $echo - $echo "*** Warning: Linking the shared library $output against the non-libtool" - $echo "*** objects $objs is not portable!" - libobjs="$libobjs $objs" - fi - fi - - if test "$dlself" != no; then - $echo "$modename: warning: \`-dlopen self' is ignored for libtool libraries" 1>&2 - fi - - set dummy $rpath - if test "$#" -gt 2; then - $echo "$modename: warning: ignoring multiple \`-rpath's for a libtool library" 1>&2 - fi - install_libdir="$2" - - oldlibs= - if test -z "$rpath"; then - if test "$build_libtool_libs" = yes; then - # Building a libtool convenience library. - # Some compilers have problems with a `.al' extension so - # convenience libraries should have the same extension an - # archive normally would. - oldlibs="$output_objdir/$libname.$libext $oldlibs" - build_libtool_libs=convenience - build_old_libs=yes - fi - - if test -n "$vinfo"; then - $echo "$modename: warning: \`-version-info/-version-number' is ignored for convenience libraries" 1>&2 - fi - - if test -n "$release"; then - $echo "$modename: warning: \`-release' is ignored for convenience libraries" 1>&2 - fi - else - - # Parse the version information argument. - save_ifs="$IFS"; IFS=':' - set dummy $vinfo 0 0 0 - IFS="$save_ifs" - - if test -n "$8"; then - $echo "$modename: too many parameters to \`-version-info'" 1>&2 - $echo "$help" 1>&2 - exit $EXIT_FAILURE - fi - - # convert absolute version numbers to libtool ages - # this retains compatibility with .la files and attempts - # to make the code below a bit more comprehensible - - case $vinfo_number in - yes) - number_major="$2" - number_minor="$3" - number_revision="$4" - # - # There are really only two kinds -- those that - # use the current revision as the major version - # and those that subtract age and use age as - # a minor version. But, then there is irix - # which has an extra 1 added just for fun - # - case $version_type in - darwin|linux|osf|windows) - current=`expr $number_major + $number_minor` - age="$number_minor" - revision="$number_revision" - ;; - freebsd-aout|freebsd-elf|sunos) - current="$number_major" - revision="$number_minor" - age="0" - ;; - irix|nonstopux) - current=`expr $number_major + $number_minor - 1` - age="$number_minor" - revision="$number_minor" - ;; - esac - ;; - no) - current="$2" - revision="$3" - age="$4" - ;; - esac - - # Check that each of the things are valid numbers. - case $current in - 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;; - *) - $echo "$modename: CURRENT \`$current' must be a nonnegative integer" 1>&2 - $echo "$modename: \`$vinfo' is not valid version information" 1>&2 - exit $EXIT_FAILURE - ;; - esac - - case $revision in - 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;; - *) - $echo "$modename: REVISION \`$revision' must be a nonnegative integer" 1>&2 - $echo "$modename: \`$vinfo' is not valid version information" 1>&2 - exit $EXIT_FAILURE - ;; - esac - - case $age in - 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;; - *) - $echo "$modename: AGE \`$age' must be a nonnegative integer" 1>&2 - $echo "$modename: \`$vinfo' is not valid version information" 1>&2 - exit $EXIT_FAILURE - ;; - esac - - if test "$age" -gt "$current"; then - $echo "$modename: AGE \`$age' is greater than the current interface number \`$current'" 1>&2 - $echo "$modename: \`$vinfo' is not valid version information" 1>&2 - exit $EXIT_FAILURE - fi - - # Calculate the version variables. - major= - versuffix= - verstring= - case $version_type in - none) ;; - - darwin) - # Like Linux, but with the current version available in - # verstring for coding it into the library header - major=.`expr $current - $age` - versuffix="$major.$age.$revision" - # Darwin ld doesn't like 0 for these options... - minor_current=`expr $current + 1` - verstring="${wl}-compatibility_version ${wl}$minor_current ${wl}-current_version ${wl}$minor_current.$revision" - ;; - - freebsd-aout) - major=".$current" - versuffix=".$current.$revision"; - ;; - - freebsd-elf) - major=".$current" - versuffix=".$current"; - ;; - - irix | nonstopux) - major=`expr $current - $age + 1` - - case $version_type in - nonstopux) verstring_prefix=nonstopux ;; - *) verstring_prefix=sgi ;; - esac - verstring="$verstring_prefix$major.$revision" - - # Add in all the interfaces that we are compatible with. - loop=$revision - while test "$loop" -ne 0; do - iface=`expr $revision - $loop` - loop=`expr $loop - 1` - verstring="$verstring_prefix$major.$iface:$verstring" - done - - # Before this point, $major must not contain `.'. - major=.$major - versuffix="$major.$revision" - ;; - - linux) - major=.`expr $current - $age` - versuffix="$major.$age.$revision" - ;; - - osf) - major=.`expr $current - $age` - versuffix=".$current.$age.$revision" - verstring="$current.$age.$revision" - - # Add in all the interfaces that we are compatible with. - loop=$age - while test "$loop" -ne 0; do - iface=`expr $current - $loop` - loop=`expr $loop - 1` - verstring="$verstring:${iface}.0" - done - - # Make executables depend on our current version. - verstring="$verstring:${current}.0" - ;; - - sunos) - major=".$current" - versuffix=".$current.$revision" - ;; - - windows) - # Use '-' rather than '.', since we only want one - # extension on DOS 8.3 filesystems. - major=`expr $current - $age` - versuffix="-$major" - ;; - - *) - $echo "$modename: unknown library version type \`$version_type'" 1>&2 - $echo "Fatal configuration error. See the $PACKAGE docs for more information." 1>&2 - exit $EXIT_FAILURE - ;; - esac - - # Clear the version info if we defaulted, and they specified a release. - if test -z "$vinfo" && test -n "$release"; then - major= - case $version_type in - darwin) - # we can't check for "0.0" in archive_cmds due to quoting - # problems, so we reset it completely - verstring= - ;; - *) - verstring="0.0" - ;; - esac - if test "$need_version" = no; then - versuffix= - else - versuffix=".0.0" - fi - fi - - # Remove version info from name if versioning should be avoided - if test "$avoid_version" = yes && test "$need_version" = no; then - major= - versuffix= - verstring="" - fi - - # Check to see if the archive will have undefined symbols. - if test "$allow_undefined" = yes; then - if test "$allow_undefined_flag" = unsupported; then - $echo "$modename: warning: undefined symbols not allowed in $host shared libraries" 1>&2 - build_libtool_libs=no - build_old_libs=yes - fi - else - # Don't allow undefined symbols. - allow_undefined_flag="$no_undefined_flag" - fi - fi - - if test "$mode" != relink; then - # Remove our outputs, but don't remove object files since they - # may have been created when compiling PIC objects. - removelist= - tempremovelist=`$echo "$output_objdir/*"` - for p in $tempremovelist; do - case $p in - *.$objext) - ;; - $output_objdir/$outputname | $output_objdir/$libname.* | $output_objdir/${libname}${release}.*) - if test "X$precious_files_regex" != "X"; then - if echo $p | $EGREP -e "$precious_files_regex" >/dev/null 2>&1 - then - continue - fi - fi - removelist="$removelist $p" - ;; - *) ;; - esac - done - if test -n "$removelist"; then - $show "${rm}r $removelist" - $run ${rm}r $removelist - fi - fi - - # Now set the variables for building old libraries. - if test "$build_old_libs" = yes && test "$build_libtool_libs" != convenience ; then - oldlibs="$oldlibs $output_objdir/$libname.$libext" - - # Transform .lo files to .o files. - oldobjs="$objs "`$echo "X$libobjs" | $SP2NL | $Xsed -e '/\.'${libext}'$/d' -e "$lo2o" | $NL2SP` - fi - - # Eliminate all temporary directories. - for path in $notinst_path; do - lib_search_path=`$echo "$lib_search_path " | ${SED} -e "s% $path % %g"` - deplibs=`$echo "$deplibs " | ${SED} -e "s% -L$path % %g"` - dependency_libs=`$echo "$dependency_libs " | ${SED} -e "s% -L$path % %g"` - done - - if test -n "$xrpath"; then - # If the user specified any rpath flags, then add them. - temp_xrpath= - for libdir in $xrpath; do - temp_xrpath="$temp_xrpath -R$libdir" - case "$finalize_rpath " in - *" $libdir "*) ;; - *) finalize_rpath="$finalize_rpath $libdir" ;; - esac - done - if test "$hardcode_into_libs" != yes || test "$build_old_libs" = yes; then - dependency_libs="$temp_xrpath $dependency_libs" - fi - fi - - # Make sure dlfiles contains only unique files that won't be dlpreopened - old_dlfiles="$dlfiles" - dlfiles= - for lib in $old_dlfiles; do - case " $dlprefiles $dlfiles " in - *" $lib "*) ;; - *) dlfiles="$dlfiles $lib" ;; - esac - done - - # Make sure dlprefiles contains only unique files - old_dlprefiles="$dlprefiles" - dlprefiles= - for lib in $old_dlprefiles; do - case "$dlprefiles " in - *" $lib "*) ;; - *) dlprefiles="$dlprefiles $lib" ;; - esac - done - - if test "$build_libtool_libs" = yes; then - if test -n "$rpath"; then - case $host in - *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-beos*) - # these systems don't actually have a c library (as such)! - ;; - *-*-rhapsody* | *-*-darwin1.[012]) - # Rhapsody C library is in the System framework - deplibs="$deplibs -framework System" - ;; - *-*-netbsd*) - # Don't link with libc until the a.out ld.so is fixed. - ;; - *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*) - # Do not include libc due to us having libc/libc_r. - ;; - *-*-sco3.2v5* | *-*-sco5v6*) - # Causes problems with __ctype - ;; - *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*) - # Compiler inserts libc in the correct place for threads to work - ;; - *) - # Add libc to deplibs on all other systems if necessary. - if test "$build_libtool_need_lc" = "yes"; then - deplibs="$deplibs -lc" - fi - ;; - esac - fi - - # Transform deplibs into only deplibs that can be linked in shared. - name_save=$name - libname_save=$libname - release_save=$release - versuffix_save=$versuffix - major_save=$major - # I'm not sure if I'm treating the release correctly. I think - # release should show up in the -l (ie -lgmp5) so we don't want to - # add it in twice. Is that correct? - release="" - versuffix="" - major="" - newdeplibs= - droppeddeps=no - case $deplibs_check_method in - pass_all) - # Don't check for shared/static. Everything works. - # This might be a little naive. We might want to check - # whether the library exists or not. But this is on - # osf3 & osf4 and I'm not really sure... Just - # implementing what was already the behavior. - newdeplibs=$deplibs - ;; - test_compile) - # This code stresses the "libraries are programs" paradigm to its - # limits. Maybe even breaks it. We compile a program, linking it - # against the deplibs as a proxy for the library. Then we can check - # whether they linked in statically or dynamically with ldd. - $rm conftest.c - cat > conftest.c </dev/null` - for potent_lib in $potential_libs; do - # Follow soft links. - if ls -lLd "$potent_lib" 2>/dev/null \ - | grep " -> " >/dev/null; then - continue - fi - # The statement above tries to avoid entering an - # endless loop below, in case of cyclic links. - # We might still enter an endless loop, since a link - # loop can be closed while we follow links, - # but so what? - potlib="$potent_lib" - while test -h "$potlib" 2>/dev/null; do - potliblink=`ls -ld $potlib | ${SED} 's/.* -> //'` - case $potliblink in - [\\/]* | [A-Za-z]:[\\/]*) potlib="$potliblink";; - *) potlib=`$echo "X$potlib" | $Xsed -e 's,[^/]*$,,'`"$potliblink";; - esac - done - if eval $file_magic_cmd \"\$potlib\" 2>/dev/null \ - | ${SED} 10q \ - | $EGREP "$file_magic_regex" > /dev/null; then - newdeplibs="$newdeplibs $a_deplib" - a_deplib="" - break 2 - fi - done - done - fi - if test -n "$a_deplib" ; then - droppeddeps=yes - $echo - $echo "*** Warning: linker path does not have real file for library $a_deplib." - $echo "*** I have the capability to make that library automatically link in when" - $echo "*** you link to this library. But I can only do this if you have a" - $echo "*** shared version of the library, which you do not appear to have" - $echo "*** because I did check the linker path looking for a file starting" - if test -z "$potlib" ; then - $echo "*** with $libname but no candidates were found. (...for file magic test)" - else - $echo "*** with $libname and none of the candidates passed a file format test" - $echo "*** using a file magic. Last file checked: $potlib" - fi - fi - else - # Add a -L argument. - newdeplibs="$newdeplibs $a_deplib" - fi - done # Gone through all deplibs. - ;; - match_pattern*) - set dummy $deplibs_check_method - match_pattern_regex=`expr "$deplibs_check_method" : "$2 \(.*\)"` - for a_deplib in $deplibs; do - name=`expr $a_deplib : '-l\(.*\)'` - # If $name is empty we are operating on a -L argument. - if test -n "$name" && test "$name" != "0"; then - if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then - case " $predeps $postdeps " in - *" $a_deplib "*) - newdeplibs="$newdeplibs $a_deplib" - a_deplib="" - ;; - esac - fi - if test -n "$a_deplib" ; then - libname=`eval \\$echo \"$libname_spec\"` - for i in $lib_search_path $sys_lib_search_path $shlib_search_path; do - potential_libs=`ls $i/$libname[.-]* 2>/dev/null` - for potent_lib in $potential_libs; do - potlib="$potent_lib" # see symlink-check above in file_magic test - if eval $echo \"$potent_lib\" 2>/dev/null \ - | ${SED} 10q \ - | $EGREP "$match_pattern_regex" > /dev/null; then - newdeplibs="$newdeplibs $a_deplib" - a_deplib="" - break 2 - fi - done - done - fi - if test -n "$a_deplib" ; then - droppeddeps=yes - $echo - $echo "*** Warning: linker path does not have real file for library $a_deplib." - $echo "*** I have the capability to make that library automatically link in when" - $echo "*** you link to this library. But I can only do this if you have a" - $echo "*** shared version of the library, which you do not appear to have" - $echo "*** because I did check the linker path looking for a file starting" - if test -z "$potlib" ; then - $echo "*** with $libname but no candidates were found. (...for regex pattern test)" - else - $echo "*** with $libname and none of the candidates passed a file format test" - $echo "*** using a regex pattern. Last file checked: $potlib" - fi - fi - else - # Add a -L argument. - newdeplibs="$newdeplibs $a_deplib" - fi - done # Gone through all deplibs. - ;; - none | unknown | *) - newdeplibs="" - tmp_deplibs=`$echo "X $deplibs" | $Xsed -e 's/ -lc$//' \ - -e 's/ -[LR][^ ]*//g'` - if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then - for i in $predeps $postdeps ; do - # can't use Xsed below, because $i might contain '/' - tmp_deplibs=`$echo "X $tmp_deplibs" | ${SED} -e "1s,^X,," -e "s,$i,,"` - done - fi - if $echo "X $tmp_deplibs" | $Xsed -e 's/[ ]//g' \ - | grep . >/dev/null; then - $echo - if test "X$deplibs_check_method" = "Xnone"; then - $echo "*** Warning: inter-library dependencies are not supported in this platform." - else - $echo "*** Warning: inter-library dependencies are not known to be supported." - fi - $echo "*** All declared inter-library dependencies are being dropped." - droppeddeps=yes - fi - ;; - esac - versuffix=$versuffix_save - major=$major_save - release=$release_save - libname=$libname_save - name=$name_save - - case $host in - *-*-rhapsody* | *-*-darwin1.[012]) - # On Rhapsody replace the C library is the System framework - newdeplibs=`$echo "X $newdeplibs" | $Xsed -e 's/ -lc / -framework System /'` - ;; - esac - - if test "$droppeddeps" = yes; then - if test "$module" = yes; then - $echo - $echo "*** Warning: libtool could not satisfy all declared inter-library" - $echo "*** dependencies of module $libname. Therefore, libtool will create" - $echo "*** a static module, that should work as long as the dlopening" - $echo "*** application is linked with the -dlopen flag." - if test -z "$global_symbol_pipe"; then - $echo - $echo "*** However, this would only work if libtool was able to extract symbol" - $echo "*** lists from a program, using \`nm' or equivalent, but libtool could" - $echo "*** not find such a program. So, this module is probably useless." - $echo "*** \`nm' from GNU binutils and a full rebuild may help." - fi - if test "$build_old_libs" = no; then - oldlibs="$output_objdir/$libname.$libext" - build_libtool_libs=module - build_old_libs=yes - else - build_libtool_libs=no - fi - else - $echo "*** The inter-library dependencies that have been dropped here will be" - $echo "*** automatically added whenever a program is linked with this library" - $echo "*** or is declared to -dlopen it." - - if test "$allow_undefined" = no; then - $echo - $echo "*** Since this library must not contain undefined symbols," - $echo "*** because either the platform does not support them or" - $echo "*** it was explicitly requested with -no-undefined," - $echo "*** libtool will only create a static version of it." - if test "$build_old_libs" = no; then - oldlibs="$output_objdir/$libname.$libext" - build_libtool_libs=module - build_old_libs=yes - else - build_libtool_libs=no - fi - fi - fi - fi - # Done checking deplibs! - deplibs=$newdeplibs - fi - - - # move library search paths that coincide with paths to not yet - # installed libraries to the beginning of the library search list - new_libs= - for path in $notinst_path; do - case " $new_libs " in - *" -L$path/$objdir "*) ;; - *) - case " $deplibs " in - *" -L$path/$objdir "*) - new_libs="$new_libs -L$path/$objdir" ;; - esac - ;; - esac - done - for deplib in $deplibs; do - case $deplib in - -L*) - case " $new_libs " in - *" $deplib "*) ;; - *) new_libs="$new_libs $deplib" ;; - esac - ;; - *) new_libs="$new_libs $deplib" ;; - esac - done - deplibs="$new_libs" - - - # All the library-specific variables (install_libdir is set above). - library_names= - old_library= - dlname= - - # Test again, we may have decided not to build it any more - if test "$build_libtool_libs" = yes; then - if test "$hardcode_into_libs" = yes; then - # Hardcode the library paths - hardcode_libdirs= - dep_rpath= - rpath="$finalize_rpath" - test "$mode" != relink && rpath="$compile_rpath$rpath" - for libdir in $rpath; do - if test -n "$hardcode_libdir_flag_spec"; then - if test -n "$hardcode_libdir_separator"; then - if test -z "$hardcode_libdirs"; then - hardcode_libdirs="$libdir" - else - # Just accumulate the unique libdirs. - case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in - *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*) - ;; - *) - hardcode_libdirs="$hardcode_libdirs$hardcode_libdir_separator$libdir" - ;; - esac - fi - else - eval flag=\"$hardcode_libdir_flag_spec\" - dep_rpath="$dep_rpath $flag" - fi - elif test -n "$runpath_var"; then - case "$perm_rpath " in - *" $libdir "*) ;; - *) perm_rpath="$perm_rpath $libdir" ;; - esac - fi - done - # Substitute the hardcoded libdirs into the rpath. - if test -n "$hardcode_libdir_separator" && - test -n "$hardcode_libdirs"; then - libdir="$hardcode_libdirs" - if test -n "$hardcode_libdir_flag_spec_ld"; then - eval dep_rpath=\"$hardcode_libdir_flag_spec_ld\" - else - eval dep_rpath=\"$hardcode_libdir_flag_spec\" - fi - fi - if test -n "$runpath_var" && test -n "$perm_rpath"; then - # We should set the runpath_var. - rpath= - for dir in $perm_rpath; do - rpath="$rpath$dir:" - done - eval "$runpath_var='$rpath\$$runpath_var'; export $runpath_var" - fi - test -n "$dep_rpath" && deplibs="$dep_rpath $deplibs" - fi - - shlibpath="$finalize_shlibpath" - test "$mode" != relink && shlibpath="$compile_shlibpath$shlibpath" - if test -n "$shlibpath"; then - eval "$shlibpath_var='$shlibpath\$$shlibpath_var'; export $shlibpath_var" - fi - - # Get the real and link names of the library. - eval shared_ext=\"$shrext_cmds\" - eval library_names=\"$library_names_spec\" - set dummy $library_names - realname="$2" - shift; shift - - if test -n "$soname_spec"; then - eval soname=\"$soname_spec\" - else - soname="$realname" - fi - if test -z "$dlname"; then - dlname=$soname - fi - - lib="$output_objdir/$realname" - linknames= - for link - do - linknames="$linknames $link" - done - - # Use standard objects if they are pic - test -z "$pic_flag" && libobjs=`$echo "X$libobjs" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP` - - # Prepare the list of exported symbols - if test -z "$export_symbols"; then - if test "$always_export_symbols" = yes || test -n "$export_symbols_regex"; then - $show "generating symbol list for \`$libname.la'" - export_symbols="$output_objdir/$libname.exp" - $run $rm $export_symbols - cmds=$export_symbols_cmds - save_ifs="$IFS"; IFS='~' - for cmd in $cmds; do - IFS="$save_ifs" - eval cmd=\"$cmd\" - if len=`expr "X$cmd" : ".*"` && - test "$len" -le "$max_cmd_len" || test "$max_cmd_len" -le -1; then - $show "$cmd" - $run eval "$cmd" || exit $? - skipped_export=false - else - # The command line is too long to execute in one step. - $show "using reloadable object file for export list..." - skipped_export=: - # Break out early, otherwise skipped_export may be - # set to false by a later but shorter cmd. - break - fi - done - IFS="$save_ifs" - if test -n "$export_symbols_regex"; then - $show "$EGREP -e \"$export_symbols_regex\" \"$export_symbols\" > \"${export_symbols}T\"" - $run eval '$EGREP -e "$export_symbols_regex" "$export_symbols" > "${export_symbols}T"' - $show "$mv \"${export_symbols}T\" \"$export_symbols\"" - $run eval '$mv "${export_symbols}T" "$export_symbols"' - fi - fi - fi - - if test -n "$export_symbols" && test -n "$include_expsyms"; then - $run eval '$echo "X$include_expsyms" | $SP2NL >> "$export_symbols"' - fi - - tmp_deplibs= - for test_deplib in $deplibs; do - case " $convenience " in - *" $test_deplib "*) ;; - *) - tmp_deplibs="$tmp_deplibs $test_deplib" - ;; - esac - done - deplibs="$tmp_deplibs" - - if test -n "$convenience"; then - if test -n "$whole_archive_flag_spec"; then - save_libobjs=$libobjs - eval libobjs=\"\$libobjs $whole_archive_flag_spec\" - else - gentop="$output_objdir/${outputname}x" - generated="$generated $gentop" - - func_extract_archives $gentop $convenience - libobjs="$libobjs $func_extract_archives_result" - fi - fi - - if test "$thread_safe" = yes && test -n "$thread_safe_flag_spec"; then - eval flag=\"$thread_safe_flag_spec\" - linker_flags="$linker_flags $flag" - fi - - # Make a backup of the uninstalled library when relinking - if test "$mode" = relink; then - $run eval '(cd $output_objdir && $rm ${realname}U && $mv $realname ${realname}U)' || exit $? - fi - - # Do each of the archive commands. - if test "$module" = yes && test -n "$module_cmds" ; then - if test -n "$export_symbols" && test -n "$module_expsym_cmds"; then - eval test_cmds=\"$module_expsym_cmds\" - cmds=$module_expsym_cmds - else - eval test_cmds=\"$module_cmds\" - cmds=$module_cmds - fi - else - if test -n "$export_symbols" && test -n "$archive_expsym_cmds"; then - eval test_cmds=\"$archive_expsym_cmds\" - cmds=$archive_expsym_cmds - else - eval test_cmds=\"$archive_cmds\" - cmds=$archive_cmds - fi - fi - - if test "X$skipped_export" != "X:" && - len=`expr "X$test_cmds" : ".*" 2>/dev/null` && - test "$len" -le "$max_cmd_len" || test "$max_cmd_len" -le -1; then - : - else - # The command line is too long to link in one step, link piecewise. - $echo "creating reloadable object files..." - - # Save the value of $output and $libobjs because we want to - # use them later. If we have whole_archive_flag_spec, we - # want to use save_libobjs as it was before - # whole_archive_flag_spec was expanded, because we can't - # assume the linker understands whole_archive_flag_spec. - # This may have to be revisited, in case too many - # convenience libraries get linked in and end up exceeding - # the spec. - if test -z "$convenience" || test -z "$whole_archive_flag_spec"; then - save_libobjs=$libobjs - fi - save_output=$output - output_la=`$echo "X$output" | $Xsed -e "$basename"` - - # Clear the reloadable object creation command queue and - # initialize k to one. - test_cmds= - concat_cmds= - objlist= - delfiles= - last_robj= - k=1 - output=$output_objdir/$output_la-${k}.$objext - # Loop over the list of objects to be linked. - for obj in $save_libobjs - do - eval test_cmds=\"$reload_cmds $objlist $last_robj\" - if test "X$objlist" = X || - { len=`expr "X$test_cmds" : ".*" 2>/dev/null` && - test "$len" -le "$max_cmd_len"; }; then - objlist="$objlist $obj" - else - # The command $test_cmds is almost too long, add a - # command to the queue. - if test "$k" -eq 1 ; then - # The first file doesn't have a previous command to add. - eval concat_cmds=\"$reload_cmds $objlist $last_robj\" - else - # All subsequent reloadable object files will link in - # the last one created. - eval concat_cmds=\"\$concat_cmds~$reload_cmds $objlist $last_robj\" - fi - last_robj=$output_objdir/$output_la-${k}.$objext - k=`expr $k + 1` - output=$output_objdir/$output_la-${k}.$objext - objlist=$obj - len=1 - fi - done - # Handle the remaining objects by creating one last - # reloadable object file. All subsequent reloadable object - # files will link in the last one created. - test -z "$concat_cmds" || concat_cmds=$concat_cmds~ - eval concat_cmds=\"\${concat_cmds}$reload_cmds $objlist $last_robj\" - - if ${skipped_export-false}; then - $show "generating symbol list for \`$libname.la'" - export_symbols="$output_objdir/$libname.exp" - $run $rm $export_symbols - libobjs=$output - # Append the command to create the export file. - eval concat_cmds=\"\$concat_cmds~$export_symbols_cmds\" - fi - - # Set up a command to remove the reloadable object files - # after they are used. - i=0 - while test "$i" -lt "$k" - do - i=`expr $i + 1` - delfiles="$delfiles $output_objdir/$output_la-${i}.$objext" - done - - $echo "creating a temporary reloadable object file: $output" - - # Loop through the commands generated above and execute them. - save_ifs="$IFS"; IFS='~' - for cmd in $concat_cmds; do - IFS="$save_ifs" - $show "$cmd" - $run eval "$cmd" || exit $? - done - IFS="$save_ifs" - - libobjs=$output - # Restore the value of output. - output=$save_output - - if test -n "$convenience" && test -n "$whole_archive_flag_spec"; then - eval libobjs=\"\$libobjs $whole_archive_flag_spec\" - fi - # Expand the library linking commands again to reset the - # value of $libobjs for piecewise linking. - - # Do each of the archive commands. - if test "$module" = yes && test -n "$module_cmds" ; then - if test -n "$export_symbols" && test -n "$module_expsym_cmds"; then - cmds=$module_expsym_cmds - else - cmds=$module_cmds - fi - else - if test -n "$export_symbols" && test -n "$archive_expsym_cmds"; then - cmds=$archive_expsym_cmds - else - cmds=$archive_cmds - fi - fi - - # Append the command to remove the reloadable object files - # to the just-reset $cmds. - eval cmds=\"\$cmds~\$rm $delfiles\" - fi - save_ifs="$IFS"; IFS='~' - for cmd in $cmds; do - IFS="$save_ifs" - eval cmd=\"$cmd\" - $show "$cmd" - $run eval "$cmd" || { - lt_exit=$? - - # Restore the uninstalled library and exit - if test "$mode" = relink; then - $run eval '(cd $output_objdir && $rm ${realname}T && $mv ${realname}U $realname)' - fi - - exit $lt_exit - } - done - IFS="$save_ifs" - - # Restore the uninstalled library and exit - if test "$mode" = relink; then - $run eval '(cd $output_objdir && $rm ${realname}T && $mv $realname ${realname}T && $mv "$realname"U $realname)' || exit $? - - if test -n "$convenience"; then - if test -z "$whole_archive_flag_spec"; then - $show "${rm}r $gentop" - $run ${rm}r "$gentop" - fi - fi - - exit $EXIT_SUCCESS - fi - - # Create links to the real library. - for linkname in $linknames; do - if test "$realname" != "$linkname"; then - $show "(cd $output_objdir && $rm $linkname && $LN_S $realname $linkname)" - $run eval '(cd $output_objdir && $rm $linkname && $LN_S $realname $linkname)' || exit $? - fi - done - - # If -module or -export-dynamic was specified, set the dlname. - if test "$module" = yes || test "$export_dynamic" = yes; then - # On all known operating systems, these are identical. - dlname="$soname" - fi - fi - ;; - - obj) - if test -n "$deplibs"; then - $echo "$modename: warning: \`-l' and \`-L' are ignored for objects" 1>&2 - fi - - if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then - $echo "$modename: warning: \`-dlopen' is ignored for objects" 1>&2 - fi - - if test -n "$rpath"; then - $echo "$modename: warning: \`-rpath' is ignored for objects" 1>&2 - fi - - if test -n "$xrpath"; then - $echo "$modename: warning: \`-R' is ignored for objects" 1>&2 - fi - - if test -n "$vinfo"; then - $echo "$modename: warning: \`-version-info' is ignored for objects" 1>&2 - fi - - if test -n "$release"; then - $echo "$modename: warning: \`-release' is ignored for objects" 1>&2 - fi - - case $output in - *.lo) - if test -n "$objs$old_deplibs"; then - $echo "$modename: cannot build library object \`$output' from non-libtool objects" 1>&2 - exit $EXIT_FAILURE - fi - libobj="$output" - obj=`$echo "X$output" | $Xsed -e "$lo2o"` - ;; - *) - libobj= - obj="$output" - ;; - esac - - # Delete the old objects. - $run $rm $obj $libobj - - # Objects from convenience libraries. This assumes - # single-version convenience libraries. Whenever we create - # different ones for PIC/non-PIC, this we'll have to duplicate - # the extraction. - reload_conv_objs= - gentop= - # reload_cmds runs $LD directly, so let us get rid of - # -Wl from whole_archive_flag_spec - wl= - - if test -n "$convenience"; then - if test -n "$whole_archive_flag_spec"; then - eval reload_conv_objs=\"\$reload_objs $whole_archive_flag_spec\" - else - gentop="$output_objdir/${obj}x" - generated="$generated $gentop" - - func_extract_archives $gentop $convenience - reload_conv_objs="$reload_objs $func_extract_archives_result" - fi - fi - - # Create the old-style object. - reload_objs="$objs$old_deplibs "`$echo "X$libobjs" | $SP2NL | $Xsed -e '/\.'${libext}$'/d' -e '/\.lib$/d' -e "$lo2o" | $NL2SP`" $reload_conv_objs" ### testsuite: skip nested quoting test - - output="$obj" - cmds=$reload_cmds - save_ifs="$IFS"; IFS='~' - for cmd in $cmds; do - IFS="$save_ifs" - eval cmd=\"$cmd\" - $show "$cmd" - $run eval "$cmd" || exit $? - done - IFS="$save_ifs" - - # Exit if we aren't doing a library object file. - if test -z "$libobj"; then - if test -n "$gentop"; then - $show "${rm}r $gentop" - $run ${rm}r $gentop - fi - - exit $EXIT_SUCCESS - fi - - if test "$build_libtool_libs" != yes; then - if test -n "$gentop"; then - $show "${rm}r $gentop" - $run ${rm}r $gentop - fi - - # Create an invalid libtool object if no PIC, so that we don't - # accidentally link it into a program. - # $show "echo timestamp > $libobj" - # $run eval "echo timestamp > $libobj" || exit $? - exit $EXIT_SUCCESS - fi - - if test -n "$pic_flag" || test "$pic_mode" != default; then - # Only do commands if we really have different PIC objects. - reload_objs="$libobjs $reload_conv_objs" - output="$libobj" - cmds=$reload_cmds - save_ifs="$IFS"; IFS='~' - for cmd in $cmds; do - IFS="$save_ifs" - eval cmd=\"$cmd\" - $show "$cmd" - $run eval "$cmd" || exit $? - done - IFS="$save_ifs" - fi - - if test -n "$gentop"; then - $show "${rm}r $gentop" - $run ${rm}r $gentop - fi - - exit $EXIT_SUCCESS - ;; - - prog) - case $host in - *cygwin*) output=`$echo $output | ${SED} -e 's,.exe$,,;s,$,.exe,'` ;; - esac - if test -n "$vinfo"; then - $echo "$modename: warning: \`-version-info' is ignored for programs" 1>&2 - fi - - if test -n "$release"; then - $echo "$modename: warning: \`-release' is ignored for programs" 1>&2 - fi - - if test "$preload" = yes; then - if test "$dlopen_support" = unknown && test "$dlopen_self" = unknown && - test "$dlopen_self_static" = unknown; then - $echo "$modename: warning: \`AC_LIBTOOL_DLOPEN' not used. Assuming no dlopen support." - fi - fi - - case $host in - *-*-rhapsody* | *-*-darwin1.[012]) - # On Rhapsody replace the C library is the System framework - compile_deplibs=`$echo "X $compile_deplibs" | $Xsed -e 's/ -lc / -framework System /'` - finalize_deplibs=`$echo "X $finalize_deplibs" | $Xsed -e 's/ -lc / -framework System /'` - ;; - esac - - case $host in - *darwin*) - # Don't allow lazy linking, it breaks C++ global constructors - if test "$tagname" = CXX ; then - compile_command="$compile_command ${wl}-bind_at_load" - finalize_command="$finalize_command ${wl}-bind_at_load" - fi - ;; - esac - - - # move library search paths that coincide with paths to not yet - # installed libraries to the beginning of the library search list - new_libs= - for path in $notinst_path; do - case " $new_libs " in - *" -L$path/$objdir "*) ;; - *) - case " $compile_deplibs " in - *" -L$path/$objdir "*) - new_libs="$new_libs -L$path/$objdir" ;; - esac - ;; - esac - done - for deplib in $compile_deplibs; do - case $deplib in - -L*) - case " $new_libs " in - *" $deplib "*) ;; - *) new_libs="$new_libs $deplib" ;; - esac - ;; - *) new_libs="$new_libs $deplib" ;; - esac - done - compile_deplibs="$new_libs" - - - compile_command="$compile_command $compile_deplibs" - finalize_command="$finalize_command $finalize_deplibs" - - if test -n "$rpath$xrpath"; then - # If the user specified any rpath flags, then add them. - for libdir in $rpath $xrpath; do - # This is the magic to use -rpath. - case "$finalize_rpath " in - *" $libdir "*) ;; - *) finalize_rpath="$finalize_rpath $libdir" ;; - esac - done - fi - - # Now hardcode the library paths - rpath= - hardcode_libdirs= - for libdir in $compile_rpath $finalize_rpath; do - if test -n "$hardcode_libdir_flag_spec"; then - if test -n "$hardcode_libdir_separator"; then - if test -z "$hardcode_libdirs"; then - hardcode_libdirs="$libdir" - else - # Just accumulate the unique libdirs. - case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in - *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*) - ;; - *) - hardcode_libdirs="$hardcode_libdirs$hardcode_libdir_separator$libdir" - ;; - esac - fi - else - eval flag=\"$hardcode_libdir_flag_spec\" - rpath="$rpath $flag" - fi - elif test -n "$runpath_var"; then - case "$perm_rpath " in - *" $libdir "*) ;; - *) perm_rpath="$perm_rpath $libdir" ;; - esac - fi - case $host in - *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2*) - testbindir=`$echo "X$libdir" | $Xsed -e 's*/lib$*/bin*'` - case :$dllsearchpath: in - *":$libdir:"*) ;; - *) dllsearchpath="$dllsearchpath:$libdir";; - esac - case :$dllsearchpath: in - *":$testbindir:"*) ;; - *) dllsearchpath="$dllsearchpath:$testbindir";; - esac - ;; - esac - done - # Substitute the hardcoded libdirs into the rpath. - if test -n "$hardcode_libdir_separator" && - test -n "$hardcode_libdirs"; then - libdir="$hardcode_libdirs" - eval rpath=\" $hardcode_libdir_flag_spec\" - fi - compile_rpath="$rpath" - - rpath= - hardcode_libdirs= - for libdir in $finalize_rpath; do - if test -n "$hardcode_libdir_flag_spec"; then - if test -n "$hardcode_libdir_separator"; then - if test -z "$hardcode_libdirs"; then - hardcode_libdirs="$libdir" - else - # Just accumulate the unique libdirs. - case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in - *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*) - ;; - *) - hardcode_libdirs="$hardcode_libdirs$hardcode_libdir_separator$libdir" - ;; - esac - fi - else - eval flag=\"$hardcode_libdir_flag_spec\" - rpath="$rpath $flag" - fi - elif test -n "$runpath_var"; then - case "$finalize_perm_rpath " in - *" $libdir "*) ;; - *) finalize_perm_rpath="$finalize_perm_rpath $libdir" ;; - esac - fi - done - # Substitute the hardcoded libdirs into the rpath. - if test -n "$hardcode_libdir_separator" && - test -n "$hardcode_libdirs"; then - libdir="$hardcode_libdirs" - eval rpath=\" $hardcode_libdir_flag_spec\" - fi - finalize_rpath="$rpath" - - if test -n "$libobjs" && test "$build_old_libs" = yes; then - # Transform all the library objects into standard objects. - compile_command=`$echo "X$compile_command" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP` - finalize_command=`$echo "X$finalize_command" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP` - fi - - dlsyms= - if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then - if test -n "$NM" && test -n "$global_symbol_pipe"; then - dlsyms="${outputname}S.c" - else - $echo "$modename: not configured to extract global symbols from dlpreopened files" 1>&2 - fi - fi - - if test -n "$dlsyms"; then - case $dlsyms in - "") ;; - *.c) - # Discover the nlist of each of the dlfiles. - nlist="$output_objdir/${outputname}.nm" - - $show "$rm $nlist ${nlist}S ${nlist}T" - $run $rm "$nlist" "${nlist}S" "${nlist}T" - - # Parse the name list into a source file. - $show "creating $output_objdir/$dlsyms" - - test -z "$run" && $echo > "$output_objdir/$dlsyms" "\ -/* $dlsyms - symbol resolution table for \`$outputname' dlsym emulation. */ -/* Generated by $PROGRAM - GNU $PACKAGE $VERSION$TIMESTAMP */ - -#ifdef __cplusplus -extern \"C\" { -#endif - -/* Prevent the only kind of declaration conflicts we can make. */ -#define lt_preloaded_symbols some_other_symbol - -/* External symbol declarations for the compiler. */\ -" - - if test "$dlself" = yes; then - $show "generating symbol list for \`$output'" - - test -z "$run" && $echo ': @PROGRAM@ ' > "$nlist" - - # Add our own program objects to the symbol list. - progfiles=`$echo "X$objs$old_deplibs" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP` - for arg in $progfiles; do - $show "extracting global C symbols from \`$arg'" - $run eval "$NM $arg | $global_symbol_pipe >> '$nlist'" - done - - if test -n "$exclude_expsyms"; then - $run eval '$EGREP -v " ($exclude_expsyms)$" "$nlist" > "$nlist"T' - $run eval '$mv "$nlist"T "$nlist"' - fi - - if test -n "$export_symbols_regex"; then - $run eval '$EGREP -e "$export_symbols_regex" "$nlist" > "$nlist"T' - $run eval '$mv "$nlist"T "$nlist"' - fi - - # Prepare the list of exported symbols - if test -z "$export_symbols"; then - export_symbols="$output_objdir/$outputname.exp" - $run $rm $export_symbols - $run eval "${SED} -n -e '/^: @PROGRAM@ $/d' -e 's/^.* \(.*\)$/\1/p' "'< "$nlist" > "$export_symbols"' - case $host in - *cygwin* | *mingw* ) - $run eval "echo EXPORTS "'> "$output_objdir/$outputname.def"' - $run eval 'cat "$export_symbols" >> "$output_objdir/$outputname.def"' - ;; - esac - else - $run eval "${SED} -e 's/\([].[*^$]\)/\\\\\1/g' -e 's/^/ /' -e 's/$/$/'"' < "$export_symbols" > "$output_objdir/$outputname.exp"' - $run eval 'grep -f "$output_objdir/$outputname.exp" < "$nlist" > "$nlist"T' - $run eval 'mv "$nlist"T "$nlist"' - case $host in - *cygwin* | *mingw* ) - $run eval "echo EXPORTS "'> "$output_objdir/$outputname.def"' - $run eval 'cat "$nlist" >> "$output_objdir/$outputname.def"' - ;; - esac - fi - fi - - for arg in $dlprefiles; do - $show "extracting global C symbols from \`$arg'" - name=`$echo "$arg" | ${SED} -e 's%^.*/%%'` - $run eval '$echo ": $name " >> "$nlist"' - $run eval "$NM $arg | $global_symbol_pipe >> '$nlist'" - done - - if test -z "$run"; then - # Make sure we have at least an empty file. - test -f "$nlist" || : > "$nlist" - - if test -n "$exclude_expsyms"; then - $EGREP -v " ($exclude_expsyms)$" "$nlist" > "$nlist"T - $mv "$nlist"T "$nlist" - fi - - # Try sorting and uniquifying the output. - if grep -v "^: " < "$nlist" | - if sort -k 3 /dev/null 2>&1; then - sort -k 3 - else - sort +2 - fi | - uniq > "$nlist"S; then - : - else - grep -v "^: " < "$nlist" > "$nlist"S - fi - - if test -f "$nlist"S; then - eval "$global_symbol_to_cdecl"' < "$nlist"S >> "$output_objdir/$dlsyms"' - else - $echo '/* NONE */' >> "$output_objdir/$dlsyms" - fi - - $echo >> "$output_objdir/$dlsyms" "\ - -#undef lt_preloaded_symbols - -#if defined (__STDC__) && __STDC__ -# define lt_ptr void * -#else -# define lt_ptr char * -# define const -#endif - -/* The mapping between symbol names and symbols. */ -" - - case $host in - *cygwin* | *mingw* ) - $echo >> "$output_objdir/$dlsyms" "\ -/* DATA imports from DLLs on WIN32 can't be const, because - runtime relocations are performed -- see ld's documentation - on pseudo-relocs */ -struct { -" - ;; - * ) - $echo >> "$output_objdir/$dlsyms" "\ -const struct { -" - ;; - esac - - - $echo >> "$output_objdir/$dlsyms" "\ - const char *name; - lt_ptr address; -} -lt_preloaded_symbols[] = -{\ -" - - eval "$global_symbol_to_c_name_address" < "$nlist" >> "$output_objdir/$dlsyms" - - $echo >> "$output_objdir/$dlsyms" "\ - {0, (lt_ptr) 0} -}; - -/* This works around a problem in FreeBSD linker */ -#ifdef FREEBSD_WORKAROUND -static const void *lt_preloaded_setup() { - return lt_preloaded_symbols; -} -#endif - -#ifdef __cplusplus -} -#endif\ -" - fi - - pic_flag_for_symtable= - case $host in - # compiling the symbol table file with pic_flag works around - # a FreeBSD bug that causes programs to crash when -lm is - # linked before any other PIC object. But we must not use - # pic_flag when linking with -static. The problem exists in - # FreeBSD 2.2.6 and is fixed in FreeBSD 3.1. - *-*-freebsd2*|*-*-freebsd3.0*|*-*-freebsdelf3.0*) - case "$compile_command " in - *" -static "*) ;; - *) pic_flag_for_symtable=" $pic_flag -DFREEBSD_WORKAROUND";; - esac;; - *-*-hpux*) - case "$compile_command " in - *" -static "*) ;; - *) pic_flag_for_symtable=" $pic_flag";; - esac - esac - - # Now compile the dynamic symbol file. - $show "(cd $output_objdir && $LTCC $LTCFLAGS -c$no_builtin_flag$pic_flag_for_symtable \"$dlsyms\")" - $run eval '(cd $output_objdir && $LTCC $LTCFLAGS -c$no_builtin_flag$pic_flag_for_symtable "$dlsyms")' || exit $? - - # Clean up the generated files. - $show "$rm $output_objdir/$dlsyms $nlist ${nlist}S ${nlist}T" - $run $rm "$output_objdir/$dlsyms" "$nlist" "${nlist}S" "${nlist}T" - - # Transform the symbol file into the correct name. - case $host in - *cygwin* | *mingw* ) - if test -f "$output_objdir/${outputname}.def" ; then - compile_command=`$echo "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}.def $output_objdir/${outputname}S.${objext}%"` - finalize_command=`$echo "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}.def $output_objdir/${outputname}S.${objext}%"` - else - compile_command=`$echo "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"` - finalize_command=`$echo "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"` - fi - ;; - * ) - compile_command=`$echo "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"` - finalize_command=`$echo "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"` - ;; - esac - ;; - *) - $echo "$modename: unknown suffix for \`$dlsyms'" 1>&2 - exit $EXIT_FAILURE - ;; - esac - else - # We keep going just in case the user didn't refer to - # lt_preloaded_symbols. The linker will fail if global_symbol_pipe - # really was required. - - # Nullify the symbol file. - compile_command=`$echo "X$compile_command" | $Xsed -e "s% @SYMFILE@%%"` - finalize_command=`$echo "X$finalize_command" | $Xsed -e "s% @SYMFILE@%%"` - fi - - if test "$need_relink" = no || test "$build_libtool_libs" != yes; then - # Replace the output file specification. - compile_command=`$echo "X$compile_command" | $Xsed -e 's%@OUTPUT@%'"$output"'%g'` - link_command="$compile_command$compile_rpath" - - # We have no uninstalled library dependencies, so finalize right now. - $show "$link_command" - $run eval "$link_command" - exit_status=$? - - # Delete the generated files. - if test -n "$dlsyms"; then - $show "$rm $output_objdir/${outputname}S.${objext}" - $run $rm "$output_objdir/${outputname}S.${objext}" - fi - - exit $exit_status - fi - - if test -n "$shlibpath_var"; then - # We should set the shlibpath_var - rpath= - for dir in $temp_rpath; do - case $dir in - [\\/]* | [A-Za-z]:[\\/]*) - # Absolute path. - rpath="$rpath$dir:" - ;; - *) - # Relative path: add a thisdir entry. - rpath="$rpath\$thisdir/$dir:" - ;; - esac - done - temp_rpath="$rpath" - fi - - if test -n "$compile_shlibpath$finalize_shlibpath"; then - compile_command="$shlibpath_var=\"$compile_shlibpath$finalize_shlibpath\$$shlibpath_var\" $compile_command" - fi - if test -n "$finalize_shlibpath"; then - finalize_command="$shlibpath_var=\"$finalize_shlibpath\$$shlibpath_var\" $finalize_command" - fi - - compile_var= - finalize_var= - if test -n "$runpath_var"; then - if test -n "$perm_rpath"; then - # We should set the runpath_var. - rpath= - for dir in $perm_rpath; do - rpath="$rpath$dir:" - done - compile_var="$runpath_var=\"$rpath\$$runpath_var\" " - fi - if test -n "$finalize_perm_rpath"; then - # We should set the runpath_var. - rpath= - for dir in $finalize_perm_rpath; do - rpath="$rpath$dir:" - done - finalize_var="$runpath_var=\"$rpath\$$runpath_var\" " - fi - fi - - if test "$no_install" = yes; then - # We don't need to create a wrapper script. - link_command="$compile_var$compile_command$compile_rpath" - # Replace the output file specification. - link_command=`$echo "X$link_command" | $Xsed -e 's%@OUTPUT@%'"$output"'%g'` - # Delete the old output file. - $run $rm $output - # Link the executable and exit - $show "$link_command" - $run eval "$link_command" || exit $? - exit $EXIT_SUCCESS - fi - - if test "$hardcode_action" = relink; then - # Fast installation is not supported - link_command="$compile_var$compile_command$compile_rpath" - relink_command="$finalize_var$finalize_command$finalize_rpath" - - $echo "$modename: warning: this platform does not like uninstalled shared libraries" 1>&2 - $echo "$modename: \`$output' will be relinked during installation" 1>&2 - else - if test "$fast_install" != no; then - link_command="$finalize_var$compile_command$finalize_rpath" - if test "$fast_install" = yes; then - relink_command=`$echo "X$compile_var$compile_command$compile_rpath" | $Xsed -e 's%@OUTPUT@%\$progdir/\$file%g'` - else - # fast_install is set to needless - relink_command= - fi - else - link_command="$compile_var$compile_command$compile_rpath" - relink_command="$finalize_var$finalize_command$finalize_rpath" - fi - fi - - # Replace the output file specification. - link_command=`$echo "X$link_command" | $Xsed -e 's%@OUTPUT@%'"$output_objdir/$outputname"'%g'` - - # Delete the old output files. - $run $rm $output $output_objdir/$outputname $output_objdir/lt-$outputname - - $show "$link_command" - $run eval "$link_command" || exit $? - - # Now create the wrapper script. - $show "creating $output" - - # Quote the relink command for shipping. - if test -n "$relink_command"; then - # Preserve any variables that may affect compiler behavior - for var in $variables_saved_for_relink; do - if eval test -z \"\${$var+set}\"; then - relink_command="{ test -z \"\${$var+set}\" || unset $var || { $var=; export $var; }; }; $relink_command" - elif eval var_value=\$$var; test -z "$var_value"; then - relink_command="$var=; export $var; $relink_command" - else - var_value=`$echo "X$var_value" | $Xsed -e "$sed_quote_subst"` - relink_command="$var=\"$var_value\"; export $var; $relink_command" - fi - done - relink_command="(cd `pwd`; $relink_command)" - relink_command=`$echo "X$relink_command" | $Xsed -e "$sed_quote_subst"` - fi - - # Quote $echo for shipping. - if test "X$echo" = "X$SHELL $progpath --fallback-echo"; then - case $progpath in - [\\/]* | [A-Za-z]:[\\/]*) qecho="$SHELL $progpath --fallback-echo";; - *) qecho="$SHELL `pwd`/$progpath --fallback-echo";; - esac - qecho=`$echo "X$qecho" | $Xsed -e "$sed_quote_subst"` - else - qecho=`$echo "X$echo" | $Xsed -e "$sed_quote_subst"` - fi - - # Only actually do things if our run command is non-null. - if test -z "$run"; then - # win32 will think the script is a binary if it has - # a .exe suffix, so we strip it off here. - case $output in - *.exe) output=`$echo $output|${SED} 's,.exe$,,'` ;; - esac - # test for cygwin because mv fails w/o .exe extensions - case $host in - *cygwin*) - exeext=.exe - outputname=`$echo $outputname|${SED} 's,.exe$,,'` ;; - *) exeext= ;; - esac - case $host in - *cygwin* | *mingw* ) - output_name=`basename $output` - output_path=`dirname $output` - cwrappersource="$output_path/$objdir/lt-$output_name.c" - cwrapper="$output_path/$output_name.exe" - $rm $cwrappersource $cwrapper - trap "$rm $cwrappersource $cwrapper; exit $EXIT_FAILURE" 1 2 15 - - cat > $cwrappersource <> $cwrappersource<<"EOF" -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#if defined(PATH_MAX) -# define LT_PATHMAX PATH_MAX -#elif defined(MAXPATHLEN) -# define LT_PATHMAX MAXPATHLEN -#else -# define LT_PATHMAX 1024 -#endif - -#ifndef DIR_SEPARATOR -# define DIR_SEPARATOR '/' -# define PATH_SEPARATOR ':' -#endif - -#if defined (_WIN32) || defined (__MSDOS__) || defined (__DJGPP__) || \ - defined (__OS2__) -# define HAVE_DOS_BASED_FILE_SYSTEM -# ifndef DIR_SEPARATOR_2 -# define DIR_SEPARATOR_2 '\\' -# endif -# ifndef PATH_SEPARATOR_2 -# define PATH_SEPARATOR_2 ';' -# endif -#endif - -#ifndef DIR_SEPARATOR_2 -# define IS_DIR_SEPARATOR(ch) ((ch) == DIR_SEPARATOR) -#else /* DIR_SEPARATOR_2 */ -# define IS_DIR_SEPARATOR(ch) \ - (((ch) == DIR_SEPARATOR) || ((ch) == DIR_SEPARATOR_2)) -#endif /* DIR_SEPARATOR_2 */ - -#ifndef PATH_SEPARATOR_2 -# define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR) -#else /* PATH_SEPARATOR_2 */ -# define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR_2) -#endif /* PATH_SEPARATOR_2 */ - -#define XMALLOC(type, num) ((type *) xmalloc ((num) * sizeof(type))) -#define XFREE(stale) do { \ - if (stale) { free ((void *) stale); stale = 0; } \ -} while (0) - -/* -DDEBUG is fairly common in CFLAGS. */ -#undef DEBUG -#if defined DEBUGWRAPPER -# define DEBUG(format, ...) fprintf(stderr, format, __VA_ARGS__) -#else -# define DEBUG(format, ...) -#endif - -const char *program_name = NULL; - -void * xmalloc (size_t num); -char * xstrdup (const char *string); -const char * base_name (const char *name); -char * find_executable(const char *wrapper); -int check_executable(const char *path); -char * strendzap(char *str, const char *pat); -void lt_fatal (const char *message, ...); - -int -main (int argc, char *argv[]) -{ - char **newargz; - int i; - - program_name = (char *) xstrdup (base_name (argv[0])); - DEBUG("(main) argv[0] : %s\n",argv[0]); - DEBUG("(main) program_name : %s\n",program_name); - newargz = XMALLOC(char *, argc+2); -EOF - - cat >> $cwrappersource <> $cwrappersource <<"EOF" - newargz[1] = find_executable(argv[0]); - if (newargz[1] == NULL) - lt_fatal("Couldn't find %s", argv[0]); - DEBUG("(main) found exe at : %s\n",newargz[1]); - /* we know the script has the same name, without the .exe */ - /* so make sure newargz[1] doesn't end in .exe */ - strendzap(newargz[1],".exe"); - for (i = 1; i < argc; i++) - newargz[i+1] = xstrdup(argv[i]); - newargz[argc+1] = NULL; - - for (i=0; i> $cwrappersource <> $cwrappersource <> $cwrappersource <<"EOF" - return 127; -} - -void * -xmalloc (size_t num) -{ - void * p = (void *) malloc (num); - if (!p) - lt_fatal ("Memory exhausted"); - - return p; -} - -char * -xstrdup (const char *string) -{ - return string ? strcpy ((char *) xmalloc (strlen (string) + 1), string) : NULL -; -} - -const char * -base_name (const char *name) -{ - const char *base; - -#if defined (HAVE_DOS_BASED_FILE_SYSTEM) - /* Skip over the disk name in MSDOS pathnames. */ - if (isalpha ((unsigned char)name[0]) && name[1] == ':') - name += 2; -#endif - - for (base = name; *name; name++) - if (IS_DIR_SEPARATOR (*name)) - base = name + 1; - return base; -} - -int -check_executable(const char * path) -{ - struct stat st; - - DEBUG("(check_executable) : %s\n", path ? (*path ? path : "EMPTY!") : "NULL!"); - if ((!path) || (!*path)) - return 0; - - if ((stat (path, &st) >= 0) && - ( - /* MinGW & native WIN32 do not support S_IXOTH or S_IXGRP */ -#if defined (S_IXOTH) - ((st.st_mode & S_IXOTH) == S_IXOTH) || -#endif -#if defined (S_IXGRP) - ((st.st_mode & S_IXGRP) == S_IXGRP) || -#endif - ((st.st_mode & S_IXUSR) == S_IXUSR)) - ) - return 1; - else - return 0; -} - -/* Searches for the full path of the wrapper. Returns - newly allocated full path name if found, NULL otherwise */ -char * -find_executable (const char* wrapper) -{ - int has_slash = 0; - const char* p; - const char* p_next; - /* static buffer for getcwd */ - char tmp[LT_PATHMAX + 1]; - int tmp_len; - char* concat_name; - - DEBUG("(find_executable) : %s\n", wrapper ? (*wrapper ? wrapper : "EMPTY!") : "NULL!"); - - if ((wrapper == NULL) || (*wrapper == '\0')) - return NULL; - - /* Absolute path? */ -#if defined (HAVE_DOS_BASED_FILE_SYSTEM) - if (isalpha ((unsigned char)wrapper[0]) && wrapper[1] == ':') - { - concat_name = xstrdup (wrapper); - if (check_executable(concat_name)) - return concat_name; - XFREE(concat_name); - } - else - { -#endif - if (IS_DIR_SEPARATOR (wrapper[0])) - { - concat_name = xstrdup (wrapper); - if (check_executable(concat_name)) - return concat_name; - XFREE(concat_name); - } -#if defined (HAVE_DOS_BASED_FILE_SYSTEM) - } -#endif - - for (p = wrapper; *p; p++) - if (*p == '/') - { - has_slash = 1; - break; - } - if (!has_slash) - { - /* no slashes; search PATH */ - const char* path = getenv ("PATH"); - if (path != NULL) - { - for (p = path; *p; p = p_next) - { - const char* q; - size_t p_len; - for (q = p; *q; q++) - if (IS_PATH_SEPARATOR(*q)) - break; - p_len = q - p; - p_next = (*q == '\0' ? q : q + 1); - if (p_len == 0) - { - /* empty path: current directory */ - if (getcwd (tmp, LT_PATHMAX) == NULL) - lt_fatal ("getcwd failed"); - tmp_len = strlen(tmp); - concat_name = XMALLOC(char, tmp_len + 1 + strlen(wrapper) + 1); - memcpy (concat_name, tmp, tmp_len); - concat_name[tmp_len] = '/'; - strcpy (concat_name + tmp_len + 1, wrapper); - } - else - { - concat_name = XMALLOC(char, p_len + 1 + strlen(wrapper) + 1); - memcpy (concat_name, p, p_len); - concat_name[p_len] = '/'; - strcpy (concat_name + p_len + 1, wrapper); - } - if (check_executable(concat_name)) - return concat_name; - XFREE(concat_name); - } - } - /* not found in PATH; assume curdir */ - } - /* Relative path | not found in path: prepend cwd */ - if (getcwd (tmp, LT_PATHMAX) == NULL) - lt_fatal ("getcwd failed"); - tmp_len = strlen(tmp); - concat_name = XMALLOC(char, tmp_len + 1 + strlen(wrapper) + 1); - memcpy (concat_name, tmp, tmp_len); - concat_name[tmp_len] = '/'; - strcpy (concat_name + tmp_len + 1, wrapper); - - if (check_executable(concat_name)) - return concat_name; - XFREE(concat_name); - return NULL; -} - -char * -strendzap(char *str, const char *pat) -{ - size_t len, patlen; - - assert(str != NULL); - assert(pat != NULL); - - len = strlen(str); - patlen = strlen(pat); - - if (patlen <= len) - { - str += len - patlen; - if (strcmp(str, pat) == 0) - *str = '\0'; - } - return str; -} - -static void -lt_error_core (int exit_status, const char * mode, - const char * message, va_list ap) -{ - fprintf (stderr, "%s: %s: ", program_name, mode); - vfprintf (stderr, message, ap); - fprintf (stderr, ".\n"); - - if (exit_status >= 0) - exit (exit_status); -} - -void -lt_fatal (const char *message, ...) -{ - va_list ap; - va_start (ap, message); - lt_error_core (EXIT_FAILURE, "FATAL", message, ap); - va_end (ap); -} -EOF - # we should really use a build-platform specific compiler - # here, but OTOH, the wrappers (shell script and this C one) - # are only useful if you want to execute the "real" binary. - # Since the "real" binary is built for $host, then this - # wrapper might as well be built for $host, too. - $run $LTCC $LTCFLAGS -s -o $cwrapper $cwrappersource - ;; - esac - $rm $output - trap "$rm $output; exit $EXIT_FAILURE" 1 2 15 - - $echo > $output "\ -#! $SHELL - -# $output - temporary wrapper script for $objdir/$outputname -# Generated by $PROGRAM - GNU $PACKAGE $VERSION$TIMESTAMP -# -# The $output program cannot be directly executed until all the libtool -# libraries that it depends on are installed. -# -# This wrapper script should never be moved out of the build directory. -# If it is, it will not operate correctly. - -# Sed substitution that helps us do robust quoting. It backslashifies -# metacharacters that are still active within double-quoted strings. -Xsed='${SED} -e 1s/^X//' -sed_quote_subst='$sed_quote_subst' - -# The HP-UX ksh and POSIX shell print the target directory to stdout -# if CDPATH is set. -(unset CDPATH) >/dev/null 2>&1 && unset CDPATH - -relink_command=\"$relink_command\" - -# This environment variable determines our operation mode. -if test \"\$libtool_install_magic\" = \"$magic\"; then - # install mode needs the following variable: - notinst_deplibs='$notinst_deplibs' -else - # When we are sourced in execute mode, \$file and \$echo are already set. - if test \"\$libtool_execute_magic\" != \"$magic\"; then - echo=\"$qecho\" - file=\"\$0\" - # Make sure echo works. - if test \"X\$1\" = X--no-reexec; then - # Discard the --no-reexec flag, and continue. - shift - elif test \"X\`(\$echo '\t') 2>/dev/null\`\" = 'X\t'; then - # Yippee, \$echo works! - : - else - # Restart under the correct shell, and then maybe \$echo will work. - exec $SHELL \"\$0\" --no-reexec \${1+\"\$@\"} - fi - fi\ -" - $echo >> $output "\ - - # Find the directory that this script lives in. - thisdir=\`\$echo \"X\$file\" | \$Xsed -e 's%/[^/]*$%%'\` - test \"x\$thisdir\" = \"x\$file\" && thisdir=. - - # Follow symbolic links until we get to the real thisdir. - file=\`ls -ld \"\$file\" | ${SED} -n 's/.*-> //p'\` - while test -n \"\$file\"; do - destdir=\`\$echo \"X\$file\" | \$Xsed -e 's%/[^/]*\$%%'\` - - # If there was a directory component, then change thisdir. - if test \"x\$destdir\" != \"x\$file\"; then - case \"\$destdir\" in - [\\\\/]* | [A-Za-z]:[\\\\/]*) thisdir=\"\$destdir\" ;; - *) thisdir=\"\$thisdir/\$destdir\" ;; - esac - fi - - file=\`\$echo \"X\$file\" | \$Xsed -e 's%^.*/%%'\` - file=\`ls -ld \"\$thisdir/\$file\" | ${SED} -n 's/.*-> //p'\` - done - - # Try to get the absolute directory name. - absdir=\`cd \"\$thisdir\" && pwd\` - test -n \"\$absdir\" && thisdir=\"\$absdir\" -" - - if test "$fast_install" = yes; then - $echo >> $output "\ - program=lt-'$outputname'$exeext - progdir=\"\$thisdir/$objdir\" - - if test ! -f \"\$progdir/\$program\" || \\ - { file=\`ls -1dt \"\$progdir/\$program\" \"\$progdir/../\$program\" 2>/dev/null | ${SED} 1q\`; \\ - test \"X\$file\" != \"X\$progdir/\$program\"; }; then - - file=\"\$\$-\$program\" - - if test ! -d \"\$progdir\"; then - $mkdir \"\$progdir\" - else - $rm \"\$progdir/\$file\" - fi" - - $echo >> $output "\ - - # relink executable if necessary - if test -n \"\$relink_command\"; then - if relink_command_output=\`eval \$relink_command 2>&1\`; then : - else - $echo \"\$relink_command_output\" >&2 - $rm \"\$progdir/\$file\" - exit $EXIT_FAILURE - fi - fi - - $mv \"\$progdir/\$file\" \"\$progdir/\$program\" 2>/dev/null || - { $rm \"\$progdir/\$program\"; - $mv \"\$progdir/\$file\" \"\$progdir/\$program\"; } - $rm \"\$progdir/\$file\" - fi" - else - $echo >> $output "\ - program='$outputname' - progdir=\"\$thisdir/$objdir\" -" - fi - - $echo >> $output "\ - - if test -f \"\$progdir/\$program\"; then" - - # Export our shlibpath_var if we have one. - if test "$shlibpath_overrides_runpath" = yes && test -n "$shlibpath_var" && test -n "$temp_rpath"; then - $echo >> $output "\ - # Add our own library path to $shlibpath_var - $shlibpath_var=\"$temp_rpath\$$shlibpath_var\" - - # Some systems cannot cope with colon-terminated $shlibpath_var - # The second colon is a workaround for a bug in BeOS R4 sed - $shlibpath_var=\`\$echo \"X\$$shlibpath_var\" | \$Xsed -e 's/::*\$//'\` - - export $shlibpath_var -" - fi - - # fixup the dll searchpath if we need to. - if test -n "$dllsearchpath"; then - $echo >> $output "\ - # Add the dll search path components to the executable PATH - PATH=$dllsearchpath:\$PATH -" - fi - - $echo >> $output "\ - if test \"\$libtool_execute_magic\" != \"$magic\"; then - # Run the actual program with our arguments. -" - case $host in - # Backslashes separate directories on plain windows - *-*-mingw | *-*-os2*) - $echo >> $output "\ - exec \"\$progdir\\\\\$program\" \${1+\"\$@\"} -" - ;; - - *) - $echo >> $output "\ - exec \"\$progdir/\$program\" \${1+\"\$@\"} -" - ;; - esac - $echo >> $output "\ - \$echo \"\$0: cannot exec \$program \${1+\"\$@\"}\" - exit $EXIT_FAILURE - fi - else - # The program doesn't exist. - \$echo \"\$0: error: \\\`\$progdir/\$program' does not exist\" 1>&2 - \$echo \"This script is just a wrapper for \$program.\" 1>&2 - $echo \"See the $PACKAGE documentation for more information.\" 1>&2 - exit $EXIT_FAILURE - fi -fi\ -" - chmod +x $output - fi - exit $EXIT_SUCCESS - ;; - esac - - # See if we need to build an old-fashioned archive. - for oldlib in $oldlibs; do - - if test "$build_libtool_libs" = convenience; then - oldobjs="$libobjs_save" - addlibs="$convenience" - build_libtool_libs=no - else - if test "$build_libtool_libs" = module; then - oldobjs="$libobjs_save" - build_libtool_libs=no - else - oldobjs="$old_deplibs $non_pic_objects" - fi - addlibs="$old_convenience" - fi - - if test -n "$addlibs"; then - gentop="$output_objdir/${outputname}x" - generated="$generated $gentop" - - func_extract_archives $gentop $addlibs - oldobjs="$oldobjs $func_extract_archives_result" - fi - - # Do each command in the archive commands. - if test -n "$old_archive_from_new_cmds" && test "$build_libtool_libs" = yes; then - cmds=$old_archive_from_new_cmds - else - # POSIX demands no paths to be encoded in archives. We have - # to avoid creating archives with duplicate basenames if we - # might have to extract them afterwards, e.g., when creating a - # static archive out of a convenience library, or when linking - # the entirety of a libtool archive into another (currently - # not supported by libtool). - if (for obj in $oldobjs - do - $echo "X$obj" | $Xsed -e 's%^.*/%%' - done | sort | sort -uc >/dev/null 2>&1); then - : - else - $echo "copying selected object files to avoid basename conflicts..." - - if test -z "$gentop"; then - gentop="$output_objdir/${outputname}x" - generated="$generated $gentop" - - $show "${rm}r $gentop" - $run ${rm}r "$gentop" - $show "$mkdir $gentop" - $run $mkdir "$gentop" - exit_status=$? - if test "$exit_status" -ne 0 && test ! -d "$gentop"; then - exit $exit_status - fi - fi - - save_oldobjs=$oldobjs - oldobjs= - counter=1 - for obj in $save_oldobjs - do - objbase=`$echo "X$obj" | $Xsed -e 's%^.*/%%'` - case " $oldobjs " in - " ") oldobjs=$obj ;; - *[\ /]"$objbase "*) - while :; do - # Make sure we don't pick an alternate name that also - # overlaps. - newobj=lt$counter-$objbase - counter=`expr $counter + 1` - case " $oldobjs " in - *[\ /]"$newobj "*) ;; - *) if test ! -f "$gentop/$newobj"; then break; fi ;; - esac - done - $show "ln $obj $gentop/$newobj || cp $obj $gentop/$newobj" - $run ln "$obj" "$gentop/$newobj" || - $run cp "$obj" "$gentop/$newobj" - oldobjs="$oldobjs $gentop/$newobj" - ;; - *) oldobjs="$oldobjs $obj" ;; - esac - done - fi - - eval cmds=\"$old_archive_cmds\" - - if len=`expr "X$cmds" : ".*"` && - test "$len" -le "$max_cmd_len" || test "$max_cmd_len" -le -1; then - cmds=$old_archive_cmds - else - # the command line is too long to link in one step, link in parts - $echo "using piecewise archive linking..." - save_RANLIB=$RANLIB - RANLIB=: - objlist= - concat_cmds= - save_oldobjs=$oldobjs - - # Is there a better way of finding the last object in the list? - for obj in $save_oldobjs - do - last_oldobj=$obj - done - for obj in $save_oldobjs - do - oldobjs="$objlist $obj" - objlist="$objlist $obj" - eval test_cmds=\"$old_archive_cmds\" - if len=`expr "X$test_cmds" : ".*" 2>/dev/null` && - test "$len" -le "$max_cmd_len"; then - : - else - # the above command should be used before it gets too long - oldobjs=$objlist - if test "$obj" = "$last_oldobj" ; then - RANLIB=$save_RANLIB - fi - test -z "$concat_cmds" || concat_cmds=$concat_cmds~ - eval concat_cmds=\"\${concat_cmds}$old_archive_cmds\" - objlist= - fi - done - RANLIB=$save_RANLIB - oldobjs=$objlist - if test "X$oldobjs" = "X" ; then - eval cmds=\"\$concat_cmds\" - else - eval cmds=\"\$concat_cmds~\$old_archive_cmds\" - fi - fi - fi - save_ifs="$IFS"; IFS='~' - for cmd in $cmds; do - eval cmd=\"$cmd\" - IFS="$save_ifs" - $show "$cmd" - $run eval "$cmd" || exit $? - done - IFS="$save_ifs" - done - - if test -n "$generated"; then - $show "${rm}r$generated" - $run ${rm}r$generated - fi - - # Now create the libtool archive. - case $output in - *.la) - old_library= - test "$build_old_libs" = yes && old_library="$libname.$libext" - $show "creating $output" - - # Preserve any variables that may affect compiler behavior - for var in $variables_saved_for_relink; do - if eval test -z \"\${$var+set}\"; then - relink_command="{ test -z \"\${$var+set}\" || unset $var || { $var=; export $var; }; }; $relink_command" - elif eval var_value=\$$var; test -z "$var_value"; then - relink_command="$var=; export $var; $relink_command" - else - var_value=`$echo "X$var_value" | $Xsed -e "$sed_quote_subst"` - relink_command="$var=\"$var_value\"; export $var; $relink_command" - fi - done - # Quote the link command for shipping. - relink_command="(cd `pwd`; $SHELL $progpath $preserve_args --mode=relink $libtool_args @inst_prefix_dir@)" - relink_command=`$echo "X$relink_command" | $Xsed -e "$sed_quote_subst"` - if test "$hardcode_automatic" = yes ; then - relink_command= - fi - - - # Only create the output if not a dry run. - if test -z "$run"; then - for installed in no yes; do - if test "$installed" = yes; then - if test -z "$install_libdir"; then - break - fi - output="$output_objdir/$outputname"i - # Replace all uninstalled libtool libraries with the installed ones - newdependency_libs= - for deplib in $dependency_libs; do - case $deplib in - *.la) - name=`$echo "X$deplib" | $Xsed -e 's%^.*/%%'` - eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $deplib` - if test -z "$libdir"; then - $echo "$modename: \`$deplib' is not a valid libtool archive" 1>&2 - exit $EXIT_FAILURE - fi - newdependency_libs="$newdependency_libs $libdir/$name" - ;; - *) newdependency_libs="$newdependency_libs $deplib" ;; - esac - done - dependency_libs="$newdependency_libs" - newdlfiles= - for lib in $dlfiles; do - name=`$echo "X$lib" | $Xsed -e 's%^.*/%%'` - eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib` - if test -z "$libdir"; then - $echo "$modename: \`$lib' is not a valid libtool archive" 1>&2 - exit $EXIT_FAILURE - fi - newdlfiles="$newdlfiles $libdir/$name" - done - dlfiles="$newdlfiles" - newdlprefiles= - for lib in $dlprefiles; do - name=`$echo "X$lib" | $Xsed -e 's%^.*/%%'` - eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib` - if test -z "$libdir"; then - $echo "$modename: \`$lib' is not a valid libtool archive" 1>&2 - exit $EXIT_FAILURE - fi - newdlprefiles="$newdlprefiles $libdir/$name" - done - dlprefiles="$newdlprefiles" - else - newdlfiles= - for lib in $dlfiles; do - case $lib in - [\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;; - *) abs=`pwd`"/$lib" ;; - esac - newdlfiles="$newdlfiles $abs" - done - dlfiles="$newdlfiles" - newdlprefiles= - for lib in $dlprefiles; do - case $lib in - [\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;; - *) abs=`pwd`"/$lib" ;; - esac - newdlprefiles="$newdlprefiles $abs" - done - dlprefiles="$newdlprefiles" - fi - $rm $output - # place dlname in correct position for cygwin - tdlname=$dlname - case $host,$output,$installed,$module,$dlname in - *cygwin*,*lai,yes,no,*.dll | *mingw*,*lai,yes,no,*.dll) tdlname=../bin/$dlname ;; - esac - $echo > $output "\ -# $outputname - a libtool library file -# Generated by $PROGRAM - GNU $PACKAGE $VERSION$TIMESTAMP -# -# Please DO NOT delete this file! -# It is necessary for linking the library. - -# The name that we can dlopen(3). -dlname='$tdlname' - -# Names of this library. -library_names='$library_names' - -# The name of the static archive. -old_library='$old_library' - -# Libraries that this one depends upon. -dependency_libs='$dependency_libs' - -# Version information for $libname. -current=$current -age=$age -revision=$revision - -# Is this an already installed library? -installed=$installed - -# Should we warn about portability when linking against -modules? -shouldnotlink=$module - -# Files to dlopen/dlpreopen -dlopen='$dlfiles' -dlpreopen='$dlprefiles' - -# Directory that this library needs to be installed in: -libdir='$install_libdir'" - if test "$installed" = no && test "$need_relink" = yes; then - $echo >> $output "\ -relink_command=\"$relink_command\"" - fi - done - fi - - # Do a symbolic link so that the libtool archive can be found in - # LD_LIBRARY_PATH before the program is installed. - $show "(cd $output_objdir && $rm $outputname && $LN_S ../$outputname $outputname)" - $run eval '(cd $output_objdir && $rm $outputname && $LN_S ../$outputname $outputname)' || exit $? - ;; - esac - exit $EXIT_SUCCESS - ;; - - # libtool install mode - install) - modename="$modename: install" - - # There may be an optional sh(1) argument at the beginning of - # install_prog (especially on Windows NT). - if test "$nonopt" = "$SHELL" || test "$nonopt" = /bin/sh || - # Allow the use of GNU shtool's install command. - $echo "X$nonopt" | grep shtool > /dev/null; then - # Aesthetically quote it. - arg=`$echo "X$nonopt" | $Xsed -e "$sed_quote_subst"` - case $arg in - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - arg="\"$arg\"" - ;; - esac - install_prog="$arg " - arg="$1" - shift - else - install_prog= - arg=$nonopt - fi - - # The real first argument should be the name of the installation program. - # Aesthetically quote it. - arg=`$echo "X$arg" | $Xsed -e "$sed_quote_subst"` - case $arg in - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - arg="\"$arg\"" - ;; - esac - install_prog="$install_prog$arg" - - # We need to accept at least all the BSD install flags. - dest= - files= - opts= - prev= - install_type= - isdir=no - stripme= - for arg - do - if test -n "$dest"; then - files="$files $dest" - dest=$arg - continue - fi - - case $arg in - -d) isdir=yes ;; - -f) - case " $install_prog " in - *[\\\ /]cp\ *) ;; - *) prev=$arg ;; - esac - ;; - -g | -m | -o) prev=$arg ;; - -s) - stripme=" -s" - continue - ;; - -*) - ;; - *) - # If the previous option needed an argument, then skip it. - if test -n "$prev"; then - prev= - else - dest=$arg - continue - fi - ;; - esac - - # Aesthetically quote the argument. - arg=`$echo "X$arg" | $Xsed -e "$sed_quote_subst"` - case $arg in - *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") - arg="\"$arg\"" - ;; - esac - install_prog="$install_prog $arg" - done - - if test -z "$install_prog"; then - $echo "$modename: you must specify an install program" 1>&2 - $echo "$help" 1>&2 - exit $EXIT_FAILURE - fi - - if test -n "$prev"; then - $echo "$modename: the \`$prev' option requires an argument" 1>&2 - $echo "$help" 1>&2 - exit $EXIT_FAILURE - fi - - if test -z "$files"; then - if test -z "$dest"; then - $echo "$modename: no file or destination specified" 1>&2 - else - $echo "$modename: you must specify a destination" 1>&2 - fi - $echo "$help" 1>&2 - exit $EXIT_FAILURE - fi - - # Strip any trailing slash from the destination. - dest=`$echo "X$dest" | $Xsed -e 's%/$%%'` - - # Check to see that the destination is a directory. - test -d "$dest" && isdir=yes - if test "$isdir" = yes; then - destdir="$dest" - destname= - else - destdir=`$echo "X$dest" | $Xsed -e 's%/[^/]*$%%'` - test "X$destdir" = "X$dest" && destdir=. - destname=`$echo "X$dest" | $Xsed -e 's%^.*/%%'` - - # Not a directory, so check to see that there is only one file specified. - set dummy $files - if test "$#" -gt 2; then - $echo "$modename: \`$dest' is not a directory" 1>&2 - $echo "$help" 1>&2 - exit $EXIT_FAILURE - fi - fi - case $destdir in - [\\/]* | [A-Za-z]:[\\/]*) ;; - *) - for file in $files; do - case $file in - *.lo) ;; - *) - $echo "$modename: \`$destdir' must be an absolute directory name" 1>&2 - $echo "$help" 1>&2 - exit $EXIT_FAILURE - ;; - esac - done - ;; - esac - - # This variable tells wrapper scripts just to set variables rather - # than running their programs. - libtool_install_magic="$magic" - - staticlibs= - future_libdirs= - current_libdirs= - for file in $files; do - - # Do each installation. - case $file in - *.$libext) - # Do the static libraries later. - staticlibs="$staticlibs $file" - ;; - - *.la) - # Check to see that this really is a libtool archive. - if (${SED} -e '2q' $file | grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then : - else - $echo "$modename: \`$file' is not a valid libtool archive" 1>&2 - $echo "$help" 1>&2 - exit $EXIT_FAILURE - fi - - library_names= - old_library= - relink_command= - # If there is no directory component, then add one. - case $file in - */* | *\\*) . $file ;; - *) . ./$file ;; - esac - - # Add the libdir to current_libdirs if it is the destination. - if test "X$destdir" = "X$libdir"; then - case "$current_libdirs " in - *" $libdir "*) ;; - *) current_libdirs="$current_libdirs $libdir" ;; - esac - else - # Note the libdir as a future libdir. - case "$future_libdirs " in - *" $libdir "*) ;; - *) future_libdirs="$future_libdirs $libdir" ;; - esac - fi - - dir=`$echo "X$file" | $Xsed -e 's%/[^/]*$%%'`/ - test "X$dir" = "X$file/" && dir= - dir="$dir$objdir" - - if test -n "$relink_command"; then - # Determine the prefix the user has applied to our future dir. - inst_prefix_dir=`$echo "$destdir" | $SED "s%$libdir\$%%"` - - # Don't allow the user to place us outside of our expected - # location b/c this prevents finding dependent libraries that - # are installed to the same prefix. - # At present, this check doesn't affect windows .dll's that - # are installed into $libdir/../bin (currently, that works fine) - # but it's something to keep an eye on. - if test "$inst_prefix_dir" = "$destdir"; then - $echo "$modename: error: cannot install \`$file' to a directory not ending in $libdir" 1>&2 - exit $EXIT_FAILURE - fi - - if test -n "$inst_prefix_dir"; then - # Stick the inst_prefix_dir data into the link command. - relink_command=`$echo "$relink_command" | $SED "s%@inst_prefix_dir@%-inst-prefix-dir $inst_prefix_dir%"` - else - relink_command=`$echo "$relink_command" | $SED "s%@inst_prefix_dir@%%"` - fi - - $echo "$modename: warning: relinking \`$file'" 1>&2 - $show "$relink_command" - if $run eval "$relink_command"; then : - else - $echo "$modename: error: relink \`$file' with the above command before installing it" 1>&2 - exit $EXIT_FAILURE - fi - fi - - # See the names of the shared library. - set dummy $library_names - if test -n "$2"; then - realname="$2" - shift - shift - - srcname="$realname" - test -n "$relink_command" && srcname="$realname"T - - # Install the shared library and build the symlinks. - $show "$install_prog $dir/$srcname $destdir/$realname" - $run eval "$install_prog $dir/$srcname $destdir/$realname" || exit $? - if test -n "$stripme" && test -n "$striplib"; then - $show "$striplib $destdir/$realname" - $run eval "$striplib $destdir/$realname" || exit $? - fi - - if test "$#" -gt 0; then - # Delete the old symlinks, and create new ones. - # Try `ln -sf' first, because the `ln' binary might depend on - # the symlink we replace! Solaris /bin/ln does not understand -f, - # so we also need to try rm && ln -s. - for linkname - do - if test "$linkname" != "$realname"; then - $show "(cd $destdir && { $LN_S -f $realname $linkname || { $rm $linkname && $LN_S $realname $linkname; }; })" - $run eval "(cd $destdir && { $LN_S -f $realname $linkname || { $rm $linkname && $LN_S $realname $linkname; }; })" - fi - done - fi - - # Do each command in the postinstall commands. - lib="$destdir/$realname" - cmds=$postinstall_cmds - save_ifs="$IFS"; IFS='~' - for cmd in $cmds; do - IFS="$save_ifs" - eval cmd=\"$cmd\" - $show "$cmd" - $run eval "$cmd" || { - lt_exit=$? - - # Restore the uninstalled library and exit - if test "$mode" = relink; then - $run eval '(cd $output_objdir && $rm ${realname}T && $mv ${realname}U $realname)' - fi - - exit $lt_exit - } - done - IFS="$save_ifs" - fi - - # Install the pseudo-library for information purposes. - name=`$echo "X$file" | $Xsed -e 's%^.*/%%'` - instname="$dir/$name"i - $show "$install_prog $instname $destdir/$name" - $run eval "$install_prog $instname $destdir/$name" || exit $? - - # Maybe install the static library, too. - test -n "$old_library" && staticlibs="$staticlibs $dir/$old_library" - ;; - - *.lo) - # Install (i.e. copy) a libtool object. - - # Figure out destination file name, if it wasn't already specified. - if test -n "$destname"; then - destfile="$destdir/$destname" - else - destfile=`$echo "X$file" | $Xsed -e 's%^.*/%%'` - destfile="$destdir/$destfile" - fi - - # Deduce the name of the destination old-style object file. - case $destfile in - *.lo) - staticdest=`$echo "X$destfile" | $Xsed -e "$lo2o"` - ;; - *.$objext) - staticdest="$destfile" - destfile= - ;; - *) - $echo "$modename: cannot copy a libtool object to \`$destfile'" 1>&2 - $echo "$help" 1>&2 - exit $EXIT_FAILURE - ;; - esac - - # Install the libtool object if requested. - if test -n "$destfile"; then - $show "$install_prog $file $destfile" - $run eval "$install_prog $file $destfile" || exit $? - fi - - # Install the old object if enabled. - if test "$build_old_libs" = yes; then - # Deduce the name of the old-style object file. - staticobj=`$echo "X$file" | $Xsed -e "$lo2o"` - - $show "$install_prog $staticobj $staticdest" - $run eval "$install_prog \$staticobj \$staticdest" || exit $? - fi - exit $EXIT_SUCCESS - ;; - - *) - # Figure out destination file name, if it wasn't already specified. - if test -n "$destname"; then - destfile="$destdir/$destname" - else - destfile=`$echo "X$file" | $Xsed -e 's%^.*/%%'` - destfile="$destdir/$destfile" - fi - - # If the file is missing, and there is a .exe on the end, strip it - # because it is most likely a libtool script we actually want to - # install - stripped_ext="" - case $file in - *.exe) - if test ! -f "$file"; then - file=`$echo $file|${SED} 's,.exe$,,'` - stripped_ext=".exe" - fi - ;; - esac - - # Do a test to see if this is really a libtool program. - case $host in - *cygwin*|*mingw*) - wrapper=`$echo $file | ${SED} -e 's,.exe$,,'` - ;; - *) - wrapper=$file - ;; - esac - if (${SED} -e '4q' $wrapper | grep "^# Generated by .*$PACKAGE")>/dev/null 2>&1; then - notinst_deplibs= - relink_command= - - # Note that it is not necessary on cygwin/mingw to append a dot to - # foo even if both foo and FILE.exe exist: automatic-append-.exe - # behavior happens only for exec(3), not for open(2)! Also, sourcing - # `FILE.' does not work on cygwin managed mounts. - # - # If there is no directory component, then add one. - case $wrapper in - */* | *\\*) . ${wrapper} ;; - *) . ./${wrapper} ;; - esac - - # Check the variables that should have been set. - if test -z "$notinst_deplibs"; then - $echo "$modename: invalid libtool wrapper script \`$wrapper'" 1>&2 - exit $EXIT_FAILURE - fi - - finalize=yes - for lib in $notinst_deplibs; do - # Check to see that each library is installed. - libdir= - if test -f "$lib"; then - # If there is no directory component, then add one. - case $lib in - */* | *\\*) . $lib ;; - *) . ./$lib ;; - esac - fi - libfile="$libdir/"`$echo "X$lib" | $Xsed -e 's%^.*/%%g'` ### testsuite: skip nested quoting test - if test -n "$libdir" && test ! -f "$libfile"; then - $echo "$modename: warning: \`$lib' has not been installed in \`$libdir'" 1>&2 - finalize=no - fi - done - - relink_command= - # Note that it is not necessary on cygwin/mingw to append a dot to - # foo even if both foo and FILE.exe exist: automatic-append-.exe - # behavior happens only for exec(3), not for open(2)! Also, sourcing - # `FILE.' does not work on cygwin managed mounts. - # - # If there is no directory component, then add one. - case $wrapper in - */* | *\\*) . ${wrapper} ;; - *) . ./${wrapper} ;; - esac - - outputname= - if test "$fast_install" = no && test -n "$relink_command"; then - if test "$finalize" = yes && test -z "$run"; then - tmpdir=`func_mktempdir` - file=`$echo "X$file$stripped_ext" | $Xsed -e 's%^.*/%%'` - outputname="$tmpdir/$file" - # Replace the output file specification. - relink_command=`$echo "X$relink_command" | $Xsed -e 's%@OUTPUT@%'"$outputname"'%g'` - - $show "$relink_command" - if $run eval "$relink_command"; then : - else - $echo "$modename: error: relink \`$file' with the above command before installing it" 1>&2 - ${rm}r "$tmpdir" - continue - fi - file="$outputname" - else - $echo "$modename: warning: cannot relink \`$file'" 1>&2 - fi - else - # Install the binary that we compiled earlier. - file=`$echo "X$file$stripped_ext" | $Xsed -e "s%\([^/]*\)$%$objdir/\1%"` - fi - fi - - # remove .exe since cygwin /usr/bin/install will append another - # one anyway - case $install_prog,$host in - */usr/bin/install*,*cygwin*) - case $file:$destfile in - *.exe:*.exe) - # this is ok - ;; - *.exe:*) - destfile=$destfile.exe - ;; - *:*.exe) - destfile=`$echo $destfile | ${SED} -e 's,.exe$,,'` - ;; - esac - ;; - esac - $show "$install_prog$stripme $file $destfile" - $run eval "$install_prog\$stripme \$file \$destfile" || exit $? - test -n "$outputname" && ${rm}r "$tmpdir" - ;; - esac - done - - for file in $staticlibs; do - name=`$echo "X$file" | $Xsed -e 's%^.*/%%'` - - # Set up the ranlib parameters. - oldlib="$destdir/$name" - - $show "$install_prog $file $oldlib" - $run eval "$install_prog \$file \$oldlib" || exit $? - - if test -n "$stripme" && test -n "$old_striplib"; then - $show "$old_striplib $oldlib" - $run eval "$old_striplib $oldlib" || exit $? - fi - - # Do each command in the postinstall commands. - cmds=$old_postinstall_cmds - save_ifs="$IFS"; IFS='~' - for cmd in $cmds; do - IFS="$save_ifs" - eval cmd=\"$cmd\" - $show "$cmd" - $run eval "$cmd" || exit $? - done - IFS="$save_ifs" - done - - if test -n "$future_libdirs"; then - $echo "$modename: warning: remember to run \`$progname --finish$future_libdirs'" 1>&2 - fi - - if test -n "$current_libdirs"; then - # Maybe just do a dry run. - test -n "$run" && current_libdirs=" -n$current_libdirs" - exec_cmd='$SHELL $progpath $preserve_args --finish$current_libdirs' - else - exit $EXIT_SUCCESS - fi - ;; - - # libtool finish mode - finish) - modename="$modename: finish" - libdirs="$nonopt" - admincmds= - - if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then - for dir - do - libdirs="$libdirs $dir" - done - - for libdir in $libdirs; do - if test -n "$finish_cmds"; then - # Do each command in the finish commands. - cmds=$finish_cmds - save_ifs="$IFS"; IFS='~' - for cmd in $cmds; do - IFS="$save_ifs" - eval cmd=\"$cmd\" - $show "$cmd" - $run eval "$cmd" || admincmds="$admincmds - $cmd" - done - IFS="$save_ifs" - fi - if test -n "$finish_eval"; then - # Do the single finish_eval. - eval cmds=\"$finish_eval\" - $run eval "$cmds" || admincmds="$admincmds - $cmds" - fi - done - fi - - # Exit here if they wanted silent mode. - test "$show" = : && exit $EXIT_SUCCESS - - $echo "X----------------------------------------------------------------------" | $Xsed - $echo "Libraries have been installed in:" - for libdir in $libdirs; do - $echo " $libdir" - done - $echo - $echo "If you ever happen to want to link against installed libraries" - $echo "in a given directory, LIBDIR, you must either use libtool, and" - $echo "specify the full pathname of the library, or use the \`-LLIBDIR'" - $echo "flag during linking and do at least one of the following:" - if test -n "$shlibpath_var"; then - $echo " - add LIBDIR to the \`$shlibpath_var' environment variable" - $echo " during execution" - fi - if test -n "$runpath_var"; then - $echo " - add LIBDIR to the \`$runpath_var' environment variable" - $echo " during linking" - fi - if test -n "$hardcode_libdir_flag_spec"; then - libdir=LIBDIR - eval flag=\"$hardcode_libdir_flag_spec\" - - $echo " - use the \`$flag' linker flag" - fi - if test -n "$admincmds"; then - $echo " - have your system administrator run these commands:$admincmds" - fi - if test -f /etc/ld.so.conf; then - $echo " - have your system administrator add LIBDIR to \`/etc/ld.so.conf'" - fi - $echo - $echo "See any operating system documentation about shared libraries for" - $echo "more information, such as the ld(1) and ld.so(8) manual pages." - $echo "X----------------------------------------------------------------------" | $Xsed - exit $EXIT_SUCCESS - ;; - - # libtool execute mode - execute) - modename="$modename: execute" - - # The first argument is the command name. - cmd="$nonopt" - if test -z "$cmd"; then - $echo "$modename: you must specify a COMMAND" 1>&2 - $echo "$help" - exit $EXIT_FAILURE - fi - - # Handle -dlopen flags immediately. - for file in $execute_dlfiles; do - if test ! -f "$file"; then - $echo "$modename: \`$file' is not a file" 1>&2 - $echo "$help" 1>&2 - exit $EXIT_FAILURE - fi - - dir= - case $file in - *.la) - # Check to see that this really is a libtool archive. - if (${SED} -e '2q' $file | grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then : - else - $echo "$modename: \`$lib' is not a valid libtool archive" 1>&2 - $echo "$help" 1>&2 - exit $EXIT_FAILURE - fi - - # Read the libtool library. - dlname= - library_names= - - # If there is no directory component, then add one. - case $file in - */* | *\\*) . $file ;; - *) . ./$file ;; - esac - - # Skip this library if it cannot be dlopened. - if test -z "$dlname"; then - # Warn if it was a shared library. - test -n "$library_names" && $echo "$modename: warning: \`$file' was not linked with \`-export-dynamic'" - continue - fi - - dir=`$echo "X$file" | $Xsed -e 's%/[^/]*$%%'` - test "X$dir" = "X$file" && dir=. - - if test -f "$dir/$objdir/$dlname"; then - dir="$dir/$objdir" - else - $echo "$modename: cannot find \`$dlname' in \`$dir' or \`$dir/$objdir'" 1>&2 - exit $EXIT_FAILURE - fi - ;; - - *.lo) - # Just add the directory containing the .lo file. - dir=`$echo "X$file" | $Xsed -e 's%/[^/]*$%%'` - test "X$dir" = "X$file" && dir=. - ;; - - *) - $echo "$modename: warning \`-dlopen' is ignored for non-libtool libraries and objects" 1>&2 - continue - ;; - esac - - # Get the absolute pathname. - absdir=`cd "$dir" && pwd` - test -n "$absdir" && dir="$absdir" - - # Now add the directory to shlibpath_var. - if eval "test -z \"\$$shlibpath_var\""; then - eval "$shlibpath_var=\"\$dir\"" - else - eval "$shlibpath_var=\"\$dir:\$$shlibpath_var\"" - fi - done - - # This variable tells wrapper scripts just to set shlibpath_var - # rather than running their programs. - libtool_execute_magic="$magic" - - # Check if any of the arguments is a wrapper script. - args= - for file - do - case $file in - -*) ;; - *) - # Do a test to see if this is really a libtool program. - if (${SED} -e '4q' $file | grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then - # If there is no directory component, then add one. - case $file in - */* | *\\*) . $file ;; - *) . ./$file ;; - esac - - # Transform arg to wrapped name. - file="$progdir/$program" - fi - ;; - esac - # Quote arguments (to preserve shell metacharacters). - file=`$echo "X$file" | $Xsed -e "$sed_quote_subst"` - args="$args \"$file\"" - done - - if test -z "$run"; then - if test -n "$shlibpath_var"; then - # Export the shlibpath_var. - eval "export $shlibpath_var" - fi - - # Restore saved environment variables - if test "${save_LC_ALL+set}" = set; then - LC_ALL="$save_LC_ALL"; export LC_ALL - fi - if test "${save_LANG+set}" = set; then - LANG="$save_LANG"; export LANG - fi - - # Now prepare to actually exec the command. - exec_cmd="\$cmd$args" - else - # Display what would be done. - if test -n "$shlibpath_var"; then - eval "\$echo \"\$shlibpath_var=\$$shlibpath_var\"" - $echo "export $shlibpath_var" - fi - $echo "$cmd$args" - exit $EXIT_SUCCESS - fi - ;; - - # libtool clean and uninstall mode - clean | uninstall) - modename="$modename: $mode" - rm="$nonopt" - files= - rmforce= - exit_status=0 - - # This variable tells wrapper scripts just to set variables rather - # than running their programs. - libtool_install_magic="$magic" - - for arg - do - case $arg in - -f) rm="$rm $arg"; rmforce=yes ;; - -*) rm="$rm $arg" ;; - *) files="$files $arg" ;; - esac - done - - if test -z "$rm"; then - $echo "$modename: you must specify an RM program" 1>&2 - $echo "$help" 1>&2 - exit $EXIT_FAILURE - fi - - rmdirs= - - origobjdir="$objdir" - for file in $files; do - dir=`$echo "X$file" | $Xsed -e 's%/[^/]*$%%'` - if test "X$dir" = "X$file"; then - dir=. - objdir="$origobjdir" - else - objdir="$dir/$origobjdir" - fi - name=`$echo "X$file" | $Xsed -e 's%^.*/%%'` - test "$mode" = uninstall && objdir="$dir" - - # Remember objdir for removal later, being careful to avoid duplicates - if test "$mode" = clean; then - case " $rmdirs " in - *" $objdir "*) ;; - *) rmdirs="$rmdirs $objdir" ;; - esac - fi - - # Don't error if the file doesn't exist and rm -f was used. - if (test -L "$file") >/dev/null 2>&1 \ - || (test -h "$file") >/dev/null 2>&1 \ - || test -f "$file"; then - : - elif test -d "$file"; then - exit_status=1 - continue - elif test "$rmforce" = yes; then - continue - fi - - rmfiles="$file" - - case $name in - *.la) - # Possibly a libtool archive, so verify it. - if (${SED} -e '2q' $file | grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then - . $dir/$name - - # Delete the libtool libraries and symlinks. - for n in $library_names; do - rmfiles="$rmfiles $objdir/$n" - done - test -n "$old_library" && rmfiles="$rmfiles $objdir/$old_library" - - case "$mode" in - clean) - case " $library_names " in - # " " in the beginning catches empty $dlname - *" $dlname "*) ;; - *) rmfiles="$rmfiles $objdir/$dlname" ;; - esac - test -n "$libdir" && rmfiles="$rmfiles $objdir/$name $objdir/${name}i" - ;; - uninstall) - if test -n "$library_names"; then - # Do each command in the postuninstall commands. - cmds=$postuninstall_cmds - save_ifs="$IFS"; IFS='~' - for cmd in $cmds; do - IFS="$save_ifs" - eval cmd=\"$cmd\" - $show "$cmd" - $run eval "$cmd" - if test "$?" -ne 0 && test "$rmforce" != yes; then - exit_status=1 - fi - done - IFS="$save_ifs" - fi - - if test -n "$old_library"; then - # Do each command in the old_postuninstall commands. - cmds=$old_postuninstall_cmds - save_ifs="$IFS"; IFS='~' - for cmd in $cmds; do - IFS="$save_ifs" - eval cmd=\"$cmd\" - $show "$cmd" - $run eval "$cmd" - if test "$?" -ne 0 && test "$rmforce" != yes; then - exit_status=1 - fi - done - IFS="$save_ifs" - fi - # FIXME: should reinstall the best remaining shared library. - ;; - esac - fi - ;; - - *.lo) - # Possibly a libtool object, so verify it. - if (${SED} -e '2q' $file | grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then - - # Read the .lo file - . $dir/$name - - # Add PIC object to the list of files to remove. - if test -n "$pic_object" \ - && test "$pic_object" != none; then - rmfiles="$rmfiles $dir/$pic_object" - fi - - # Add non-PIC object to the list of files to remove. - if test -n "$non_pic_object" \ - && test "$non_pic_object" != none; then - rmfiles="$rmfiles $dir/$non_pic_object" - fi - fi - ;; - - *) - if test "$mode" = clean ; then - noexename=$name - case $file in - *.exe) - file=`$echo $file|${SED} 's,.exe$,,'` - noexename=`$echo $name|${SED} 's,.exe$,,'` - # $file with .exe has already been added to rmfiles, - # add $file without .exe - rmfiles="$rmfiles $file" - ;; - esac - # Do a test to see if this is a libtool program. - if (${SED} -e '4q' $file | grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then - relink_command= - . $dir/$noexename - - # note $name still contains .exe if it was in $file originally - # as does the version of $file that was added into $rmfiles - rmfiles="$rmfiles $objdir/$name $objdir/${name}S.${objext}" - if test "$fast_install" = yes && test -n "$relink_command"; then - rmfiles="$rmfiles $objdir/lt-$name" - fi - if test "X$noexename" != "X$name" ; then - rmfiles="$rmfiles $objdir/lt-${noexename}.c" - fi - fi - fi - ;; - esac - $show "$rm $rmfiles" - $run $rm $rmfiles || exit_status=1 - done - objdir="$origobjdir" - - # Try to remove the ${objdir}s in the directories where we deleted files - for dir in $rmdirs; do - if test -d "$dir"; then - $show "rmdir $dir" - $run rmdir $dir >/dev/null 2>&1 - fi - done - - exit $exit_status - ;; - - "") - $echo "$modename: you must specify a MODE" 1>&2 - $echo "$generic_help" 1>&2 - exit $EXIT_FAILURE - ;; - esac - - if test -z "$exec_cmd"; then - $echo "$modename: invalid operation mode \`$mode'" 1>&2 - $echo "$generic_help" 1>&2 - exit $EXIT_FAILURE - fi -fi # test -z "$show_help" - -if test -n "$exec_cmd"; then - eval exec $exec_cmd - exit $EXIT_FAILURE -fi - -# We need to display help for each of the modes. -case $mode in -"") $echo \ -"Usage: $modename [OPTION]... [MODE-ARG]... - -Provide generalized library-building support services. - - --config show all configuration variables - --debug enable verbose shell tracing --n, --dry-run display commands without modifying any files - --features display basic configuration information and exit - --finish same as \`--mode=finish' - --help display this help message and exit - --mode=MODE use operation mode MODE [default=inferred from MODE-ARGS] - --quiet same as \`--silent' - --silent don't print informational messages - --tag=TAG use configuration variables from tag TAG - --version print version information - -MODE must be one of the following: - - clean remove files from the build directory - compile compile a source file into a libtool object - execute automatically set library path, then run a program - finish complete the installation of libtool libraries - install install libraries or executables - link create a library or an executable - uninstall remove libraries from an installed directory - -MODE-ARGS vary depending on the MODE. Try \`$modename --help --mode=MODE' for -a more detailed description of MODE. - -Report bugs to ." - exit $EXIT_SUCCESS - ;; - -clean) - $echo \ -"Usage: $modename [OPTION]... --mode=clean RM [RM-OPTION]... FILE... - -Remove files from the build directory. - -RM is the name of the program to use to delete files associated with each FILE -(typically \`/bin/rm'). RM-OPTIONS are options (such as \`-f') to be passed -to RM. - -If FILE is a libtool library, object or program, all the files associated -with it are deleted. Otherwise, only FILE itself is deleted using RM." - ;; - -compile) - $echo \ -"Usage: $modename [OPTION]... --mode=compile COMPILE-COMMAND... SOURCEFILE - -Compile a source file into a libtool library object. - -This mode accepts the following additional options: - - -o OUTPUT-FILE set the output file name to OUTPUT-FILE - -prefer-pic try to building PIC objects only - -prefer-non-pic try to building non-PIC objects only - -static always build a \`.o' file suitable for static linking - -COMPILE-COMMAND is a command to be used in creating a \`standard' object file -from the given SOURCEFILE. - -The output file name is determined by removing the directory component from -SOURCEFILE, then substituting the C source code suffix \`.c' with the -library object suffix, \`.lo'." - ;; - -execute) - $echo \ -"Usage: $modename [OPTION]... --mode=execute COMMAND [ARGS]... - -Automatically set library path, then run a program. - -This mode accepts the following additional options: - - -dlopen FILE add the directory containing FILE to the library path - -This mode sets the library path environment variable according to \`-dlopen' -flags. - -If any of the ARGS are libtool executable wrappers, then they are translated -into their corresponding uninstalled binary, and any of their required library -directories are added to the library path. - -Then, COMMAND is executed, with ARGS as arguments." - ;; - -finish) - $echo \ -"Usage: $modename [OPTION]... --mode=finish [LIBDIR]... - -Complete the installation of libtool libraries. - -Each LIBDIR is a directory that contains libtool libraries. - -The commands that this mode executes may require superuser privileges. Use -the \`--dry-run' option if you just want to see what would be executed." - ;; - -install) - $echo \ -"Usage: $modename [OPTION]... --mode=install INSTALL-COMMAND... - -Install executables or libraries. - -INSTALL-COMMAND is the installation command. The first component should be -either the \`install' or \`cp' program. - -The rest of the components are interpreted as arguments to that command (only -BSD-compatible install options are recognized)." - ;; - -link) - $echo \ -"Usage: $modename [OPTION]... --mode=link LINK-COMMAND... - -Link object files or libraries together to form another library, or to -create an executable program. - -LINK-COMMAND is a command using the C compiler that you would use to create -a program from several object files. - -The following components of LINK-COMMAND are treated specially: - - -all-static do not do any dynamic linking at all - -avoid-version do not add a version suffix if possible - -dlopen FILE \`-dlpreopen' FILE if it cannot be dlopened at runtime - -dlpreopen FILE link in FILE and add its symbols to lt_preloaded_symbols - -export-dynamic allow symbols from OUTPUT-FILE to be resolved with dlsym(3) - -export-symbols SYMFILE - try to export only the symbols listed in SYMFILE - -export-symbols-regex REGEX - try to export only the symbols matching REGEX - -LLIBDIR search LIBDIR for required installed libraries - -lNAME OUTPUT-FILE requires the installed library libNAME - -module build a library that can dlopened - -no-fast-install disable the fast-install mode - -no-install link a not-installable executable - -no-undefined declare that a library does not refer to external symbols - -o OUTPUT-FILE create OUTPUT-FILE from the specified objects - -objectlist FILE Use a list of object files found in FILE to specify objects - -precious-files-regex REGEX - don't remove output files matching REGEX - -release RELEASE specify package release information - -rpath LIBDIR the created library will eventually be installed in LIBDIR - -R[ ]LIBDIR add LIBDIR to the runtime path of programs and libraries - -static do not do any dynamic linking of libtool libraries - -version-info CURRENT[:REVISION[:AGE]] - specify library version info [each variable defaults to 0] - -All other options (arguments beginning with \`-') are ignored. - -Every other argument is treated as a filename. Files ending in \`.la' are -treated as uninstalled libtool libraries, other files are standard or library -object files. - -If the OUTPUT-FILE ends in \`.la', then a libtool library is created, -only library objects (\`.lo' files) may be specified, and \`-rpath' is -required, except when creating a convenience library. - -If OUTPUT-FILE ends in \`.a' or \`.lib', then a standard library is created -using \`ar' and \`ranlib', or on Windows using \`lib'. - -If OUTPUT-FILE ends in \`.lo' or \`.${objext}', then a reloadable object file -is created, otherwise an executable program is created." - ;; - -uninstall) - $echo \ -"Usage: $modename [OPTION]... --mode=uninstall RM [RM-OPTION]... FILE... - -Remove libraries from an installation directory. - -RM is the name of the program to use to delete files associated with each FILE -(typically \`/bin/rm'). RM-OPTIONS are options (such as \`-f') to be passed -to RM. - -If FILE is a libtool library, all the files associated with it are deleted. -Otherwise, only FILE itself is deleted using RM." - ;; - -*) - $echo "$modename: invalid operation mode \`$mode'" 1>&2 - $echo "$help" 1>&2 - exit $EXIT_FAILURE - ;; -esac - -$echo -$echo "Try \`$modename --help' for more information about other modes." - -exit $? - -# The TAGs below are defined such that we never get into a situation -# in which we disable both kinds of libraries. Given conflicting -# choices, we go for a static library, that is the most portable, -# since we can't tell whether shared libraries were disabled because -# the user asked for that or because the platform doesn't support -# them. This is particularly important on AIX, because we don't -# support having both static and shared libraries enabled at the same -# time on that platform, so we default to a shared-only configuration. -# If a disable-shared tag is given, we'll fallback to a static-only -# configuration. But we'll never go from static-only to shared-only. - -# ### BEGIN LIBTOOL TAG CONFIG: disable-shared -disable_libs=shared -# ### END LIBTOOL TAG CONFIG: disable-shared - -# ### BEGIN LIBTOOL TAG CONFIG: disable-static -disable_libs=static -# ### END LIBTOOL TAG CONFIG: disable-static - -# Local Variables: -# mode:shell-script -# sh-indentation:2 -# End: diff --git a/crypto/heimdal/missing b/crypto/heimdal/missing deleted file mode 100644 index 1c8ff7049d8f..000000000000 --- a/crypto/heimdal/missing +++ /dev/null @@ -1,367 +0,0 @@ -#! /bin/sh -# Common stub for a few missing GNU programs while installing. - -scriptversion=2006-05-10.23 - -# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006 -# Free Software Foundation, Inc. -# Originally by Fran,cois Pinard , 1996. - -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -# 02110-1301, USA. - -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - -if test $# -eq 0; then - echo 1>&2 "Try \`$0 --help' for more information" - exit 1 -fi - -run=: -sed_output='s/.* --output[ =]\([^ ]*\).*/\1/p' -sed_minuso='s/.* -o \([^ ]*\).*/\1/p' - -# In the cases where this matters, `missing' is being run in the -# srcdir already. -if test -f configure.ac; then - configure_ac=configure.ac -else - configure_ac=configure.in -fi - -msg="missing on your system" - -case $1 in ---run) - # Try to run requested program, and just exit if it succeeds. - run= - shift - "$@" && exit 0 - # Exit code 63 means version mismatch. This often happens - # when the user try to use an ancient version of a tool on - # a file that requires a minimum version. In this case we - # we should proceed has if the program had been absent, or - # if --run hadn't been passed. - if test $? = 63; then - run=: - msg="probably too old" - fi - ;; - - -h|--h|--he|--hel|--help) - echo "\ -$0 [OPTION]... PROGRAM [ARGUMENT]... - -Handle \`PROGRAM [ARGUMENT]...' for when PROGRAM is missing, or return an -error status if there is no known handling for PROGRAM. - -Options: - -h, --help display this help and exit - -v, --version output version information and exit - --run try to run the given command, and emulate it if it fails - -Supported PROGRAM values: - aclocal touch file \`aclocal.m4' - autoconf touch file \`configure' - autoheader touch file \`config.h.in' - autom4te touch the output file, or create a stub one - automake touch all \`Makefile.in' files - bison create \`y.tab.[ch]', if possible, from existing .[ch] - flex create \`lex.yy.c', if possible, from existing .c - help2man touch the output file - lex create \`lex.yy.c', if possible, from existing .c - makeinfo touch the output file - tar try tar, gnutar, gtar, then tar without non-portable flags - yacc create \`y.tab.[ch]', if possible, from existing .[ch] - -Send bug reports to ." - exit $? - ;; - - -v|--v|--ve|--ver|--vers|--versi|--versio|--version) - echo "missing $scriptversion (GNU Automake)" - exit $? - ;; - - -*) - echo 1>&2 "$0: Unknown \`$1' option" - echo 1>&2 "Try \`$0 --help' for more information" - exit 1 - ;; - -esac - -# Now exit if we have it, but it failed. Also exit now if we -# don't have it and --version was passed (most likely to detect -# the program). -case $1 in - lex|yacc) - # Not GNU programs, they don't have --version. - ;; - - tar) - if test -n "$run"; then - echo 1>&2 "ERROR: \`tar' requires --run" - exit 1 - elif test "x$2" = "x--version" || test "x$2" = "x--help"; then - exit 1 - fi - ;; - - *) - if test -z "$run" && ($1 --version) > /dev/null 2>&1; then - # We have it, but it failed. - exit 1 - elif test "x$2" = "x--version" || test "x$2" = "x--help"; then - # Could not run --version or --help. This is probably someone - # running `$TOOL --version' or `$TOOL --help' to check whether - # $TOOL exists and not knowing $TOOL uses missing. - exit 1 - fi - ;; -esac - -# If it does not exist, or fails to run (possibly an outdated version), -# try to emulate it. -case $1 in - aclocal*) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`acinclude.m4' or \`${configure_ac}'. You might want - to install the \`Automake' and \`Perl' packages. Grab them from - any GNU archive site." - touch aclocal.m4 - ;; - - autoconf) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`${configure_ac}'. You might want to install the - \`Autoconf' and \`GNU m4' packages. Grab them from any GNU - archive site." - touch configure - ;; - - autoheader) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`acconfig.h' or \`${configure_ac}'. You might want - to install the \`Autoconf' and \`GNU m4' packages. Grab them - from any GNU archive site." - files=`sed -n 's/^[ ]*A[CM]_CONFIG_HEADER(\([^)]*\)).*/\1/p' ${configure_ac}` - test -z "$files" && files="config.h" - touch_files= - for f in $files; do - case $f in - *:*) touch_files="$touch_files "`echo "$f" | - sed -e 's/^[^:]*://' -e 's/:.*//'`;; - *) touch_files="$touch_files $f.in";; - esac - done - touch $touch_files - ;; - - automake*) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`Makefile.am', \`acinclude.m4' or \`${configure_ac}'. - You might want to install the \`Automake' and \`Perl' packages. - Grab them from any GNU archive site." - find . -type f -name Makefile.am -print | - sed 's/\.am$/.in/' | - while read f; do touch "$f"; done - ;; - - autom4te) - echo 1>&2 "\ -WARNING: \`$1' is needed, but is $msg. - You might have modified some files without having the - proper tools for further handling them. - You can get \`$1' as part of \`Autoconf' from any GNU - archive site." - - file=`echo "$*" | sed -n "$sed_output"` - test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"` - if test -f "$file"; then - touch $file - else - test -z "$file" || exec >$file - echo "#! /bin/sh" - echo "# Created by GNU Automake missing as a replacement of" - echo "# $ $@" - echo "exit 0" - chmod +x $file - exit 1 - fi - ;; - - bison|yacc) - echo 1>&2 "\ -WARNING: \`$1' $msg. You should only need it if - you modified a \`.y' file. You may need the \`Bison' package - in order for those modifications to take effect. You can get - \`Bison' from any GNU archive site." - rm -f y.tab.c y.tab.h - if test $# -ne 1; then - eval LASTARG="\${$#}" - case $LASTARG in - *.y) - SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'` - if test -f "$SRCFILE"; then - cp "$SRCFILE" y.tab.c - fi - SRCFILE=`echo "$LASTARG" | sed 's/y$/h/'` - if test -f "$SRCFILE"; then - cp "$SRCFILE" y.tab.h - fi - ;; - esac - fi - if test ! -f y.tab.h; then - echo >y.tab.h - fi - if test ! -f y.tab.c; then - echo 'main() { return 0; }' >y.tab.c - fi - ;; - - lex|flex) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified a \`.l' file. You may need the \`Flex' package - in order for those modifications to take effect. You can get - \`Flex' from any GNU archive site." - rm -f lex.yy.c - if test $# -ne 1; then - eval LASTARG="\${$#}" - case $LASTARG in - *.l) - SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'` - if test -f "$SRCFILE"; then - cp "$SRCFILE" lex.yy.c - fi - ;; - esac - fi - if test ! -f lex.yy.c; then - echo 'main() { return 0; }' >lex.yy.c - fi - ;; - - help2man) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified a dependency of a manual page. You may need the - \`Help2man' package in order for those modifications to take - effect. You can get \`Help2man' from any GNU archive site." - - file=`echo "$*" | sed -n "$sed_output"` - test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"` - if test -f "$file"; then - touch $file - else - test -z "$file" || exec >$file - echo ".ab help2man is required to generate this page" - exit 1 - fi - ;; - - makeinfo) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified a \`.texi' or \`.texinfo' file, or any other file - indirectly affecting the aspect of the manual. The spurious - call might also be the consequence of using a buggy \`make' (AIX, - DU, IRIX). You might want to install the \`Texinfo' package or - the \`GNU make' package. Grab either from any GNU archive site." - # The file to touch is that specified with -o ... - file=`echo "$*" | sed -n "$sed_output"` - test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"` - if test -z "$file"; then - # ... or it is the one specified with @setfilename ... - infile=`echo "$*" | sed 's/.* \([^ ]*\) *$/\1/'` - file=`sed -n ' - /^@setfilename/{ - s/.* \([^ ]*\) *$/\1/ - p - q - }' $infile` - # ... or it is derived from the source name (dir/f.texi becomes f.info) - test -z "$file" && file=`echo "$infile" | sed 's,.*/,,;s,.[^.]*$,,'`.info - fi - # If the file does not exist, the user really needs makeinfo; - # let's fail without touching anything. - test -f $file || exit 1 - touch $file - ;; - - tar) - shift - - # We have already tried tar in the generic part. - # Look for gnutar/gtar before invocation to avoid ugly error - # messages. - if (gnutar --version > /dev/null 2>&1); then - gnutar "$@" && exit 0 - fi - if (gtar --version > /dev/null 2>&1); then - gtar "$@" && exit 0 - fi - firstarg="$1" - if shift; then - case $firstarg in - *o*) - firstarg=`echo "$firstarg" | sed s/o//` - tar "$firstarg" "$@" && exit 0 - ;; - esac - case $firstarg in - *h*) - firstarg=`echo "$firstarg" | sed s/h//` - tar "$firstarg" "$@" && exit 0 - ;; - esac - fi - - echo 1>&2 "\ -WARNING: I can't seem to be able to run \`tar' with the given arguments. - You may want to install GNU tar or Free paxutils, or check the - command line arguments." - exit 1 - ;; - - *) - echo 1>&2 "\ -WARNING: \`$1' is needed, and is $msg. - You might have modified some files without having the - proper tools for further handling them. Check the \`README' file, - it often tells you about the needed prerequisites for installing - this package. You may also peek at any GNU archive site, in case - some other package would contain this missing \`$1' program." - exit 1 - ;; -esac - -exit 0 - -# Local variables: -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "scriptversion=" -# time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-end: "$" -# End: diff --git a/crypto/heimdal/mkinstalldirs b/crypto/heimdal/mkinstalldirs deleted file mode 100755 index 6fbe5e117629..000000000000 --- a/crypto/heimdal/mkinstalldirs +++ /dev/null @@ -1,150 +0,0 @@ -#! /bin/sh -# mkinstalldirs --- make directory hierarchy - -scriptversion=2004-02-15.20 - -# Original author: Noah Friedman -# Created: 1993-05-16 -# Public domain. -# -# This file is maintained in Automake, please report -# bugs to or send patches to -# . - -errstatus=0 -dirmode="" - -usage="\ -Usage: mkinstalldirs [-h] [--help] [--version] [-m MODE] DIR ... - -Create each directory DIR (with mode MODE, if specified), including all -leading file name components. - -Report bugs to ." - -# process command line arguments -while test $# -gt 0 ; do - case $1 in - -h | --help | --h*) # -h for help - echo "$usage" - exit 0 - ;; - -m) # -m PERM arg - shift - test $# -eq 0 && { echo "$usage" 1>&2; exit 1; } - dirmode=$1 - shift - ;; - --version) - echo "$0 $scriptversion" - exit 0 - ;; - --) # stop option processing - shift - break - ;; - -*) # unknown option - echo "$usage" 1>&2 - exit 1 - ;; - *) # first non-opt arg - break - ;; - esac -done - -for file -do - if test -d "$file"; then - shift - else - break - fi -done - -case $# in - 0) exit 0 ;; -esac - -# Solaris 8's mkdir -p isn't thread-safe. If you mkdir -p a/b and -# mkdir -p a/c at the same time, both will detect that a is missing, -# one will create a, then the other will try to create a and die with -# a "File exists" error. This is a problem when calling mkinstalldirs -# from a parallel make. We use --version in the probe to restrict -# ourselves to GNU mkdir, which is thread-safe. -case $dirmode in - '') - if mkdir -p --version . >/dev/null 2>&1 && test ! -d ./--version; then - echo "mkdir -p -- $*" - exec mkdir -p -- "$@" - else - # On NextStep and OpenStep, the `mkdir' command does not - # recognize any option. It will interpret all options as - # directories to create, and then abort because `.' already - # exists. - test -d ./-p && rmdir ./-p - test -d ./--version && rmdir ./--version - fi - ;; - *) - if mkdir -m "$dirmode" -p --version . >/dev/null 2>&1 && - test ! -d ./--version; then - echo "mkdir -m $dirmode -p -- $*" - exec mkdir -m "$dirmode" -p -- "$@" - else - # Clean up after NextStep and OpenStep mkdir. - for d in ./-m ./-p ./--version "./$dirmode"; - do - test -d $d && rmdir $d - done - fi - ;; -esac - -for file -do - set fnord `echo ":$file" | sed -ne 's/^:\//#/;s/^://;s/\// /g;s/^#/\//;p'` - shift - - pathcomp= - for d - do - pathcomp="$pathcomp$d" - case $pathcomp in - -*) pathcomp=./$pathcomp ;; - esac - - if test ! -d "$pathcomp"; then - echo "mkdir $pathcomp" - - mkdir "$pathcomp" || lasterr=$? - - if test ! -d "$pathcomp"; then - errstatus=$lasterr - else - if test ! -z "$dirmode"; then - echo "chmod $dirmode $pathcomp" - lasterr="" - chmod "$dirmode" "$pathcomp" || lasterr=$? - - if test ! -z "$lasterr"; then - errstatus=$lasterr - fi - fi - fi - fi - - pathcomp="$pathcomp/" - done -done - -exit $errstatus - -# Local Variables: -# mode: shell-script -# sh-indentation: 2 -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "scriptversion=" -# time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-end: "$" -# End: diff --git a/crypto/heimdal/packages/ChangeLog b/crypto/heimdal/packages/ChangeLog deleted file mode 100644 index 50f257568480..000000000000 --- a/crypto/heimdal/packages/ChangeLog +++ /dev/null @@ -1,26 +0,0 @@ -2007-12-04 Love Hörnquist Åstrand - - * mac/Makefile.am: Rename Info.plist.in Info.plist. - - * mac/mac.sh: Adapt to macos 10.5 packagemaker - - * mac/Info.plist{,.in}: Rename, content static now - - * mac/Info.plist.in: set version number via makepackage - -2007-12-03 Love Hörnquist Åstrand - - * mac/mac.sh: Packagemaker switch location. - -2007-10-23 Love Hörnquist Åstrand - - * Makefile.am: SUBDIRS += debian - - * debian: EXTRA_DIST - -2006-11-15 Love Hörnquist Åstrand - - * mac/mac.sh: clean after ourself. - - * mac/mac.sh: how to build a mac package - diff --git a/crypto/heimdal/packages/Makefile.am b/crypto/heimdal/packages/Makefile.am deleted file mode 100644 index dbad7b17894a..000000000000 --- a/crypto/heimdal/packages/Makefile.am +++ /dev/null @@ -1,6 +0,0 @@ -# $Id: Makefile.am 22003 2007-10-23 08:41:16Z lha $ - -include $(top_srcdir)/Makefile.am.common - -SUBDIRS= mac debian - diff --git a/crypto/heimdal/packages/Makefile.in b/crypto/heimdal/packages/Makefile.in deleted file mode 100644 index a65d1fa2b921..000000000000 --- a/crypto/heimdal/packages/Makefile.in +++ /dev/null @@ -1,815 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22003 2007-10-23 08:41:16Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog -subdir = packages -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ - html-recursive info-recursive install-data-recursive \ - install-dvi-recursive install-exec-recursive \ - install-html-recursive install-info-recursive \ - install-pdf-recursive install-ps-recursive install-recursive \ - installcheck-recursive installdirs-recursive pdf-recursive \ - ps-recursive uninstall-recursive -RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ - distclean-recursive maintainer-clean-recursive -ETAGS = etags -CTAGS = ctags -DIST_SUBDIRS = $(SUBDIRS) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -SUBDIRS = mac debian -all: all-recursive - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps packages/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps packages/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -# This directory's subdirectories are mostly independent; you can cd -# into them and run `make' without going through this Makefile. -# To change the values of `make' variables: instead of editing Makefiles, -# (1) if the variable is set in `config.status', edit `config.status' -# (which will cause the Makefiles to be regenerated when you run `make'); -# (2) otherwise, pass the desired values on the `make' command line. -$(RECURSIVE_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - target=`echo $@ | sed s/-recursive//`; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - dot_seen=yes; \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done; \ - if test "$$dot_seen" = "no"; then \ - $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ - fi; test -z "$$fail" - -$(RECURSIVE_CLEAN_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - case "$@" in \ - distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ - *) list='$(SUBDIRS)' ;; \ - esac; \ - rev=''; for subdir in $$list; do \ - if test "$$subdir" = "."; then :; else \ - rev="$$subdir $$rev"; \ - fi; \ - done; \ - rev="$$rev ."; \ - target=`echo $@ | sed s/-recursive//`; \ - for subdir in $$rev; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done && test -z "$$fail" -tags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ - done -ctags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ - include_option=--etags-include; \ - empty_fix=.; \ - else \ - include_option=--include; \ - empty_fix=; \ - fi; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test ! -f $$subdir/TAGS || \ - tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ - fi; \ - done; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test -d "$(distdir)/$$subdir" \ - || $(MKDIR_P) "$(distdir)/$$subdir" \ - || exit 1; \ - distdir=`$(am__cd) $(distdir) && pwd`; \ - top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ - (cd $$subdir && \ - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$$top_distdir" \ - distdir="$$distdir/$$subdir" \ - am__remove_distdir=: \ - am__skip_length_check=: \ - distdir) \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-recursive -all-am: Makefile all-local -installdirs: installdirs-recursive -installdirs-am: -install: install-recursive -install-exec: install-exec-recursive -install-data: install-data-recursive -uninstall: uninstall-recursive - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-recursive -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-recursive - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-recursive - -rm -f Makefile -distclean-am: clean-am distclean-generic distclean-tags - -dvi: dvi-recursive - -dvi-am: - -html: html-recursive - -info: info-recursive - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-recursive - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-recursive - -install-info: install-info-recursive - -install-man: - -install-pdf: install-pdf-recursive - -install-ps: install-ps-recursive - -installcheck-am: - -maintainer-clean: maintainer-clean-recursive - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-recursive - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-recursive - -pdf-am: - -ps: ps-recursive - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ - install-data-am install-exec-am install-strip uninstall-am - -.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ - all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool ctags ctags-recursive dist-hook \ - distclean distclean-generic distclean-libtool distclean-tags \ - distdir dvi dvi-am html html-am info info-am install \ - install-am install-data install-data-am install-data-hook \ - install-dvi install-dvi-am install-exec install-exec-am \ - install-exec-hook install-html install-html-am install-info \ - install-info-am install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs installdirs-am maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags tags-recursive \ - uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/packages/debian/Makefile.am b/crypto/heimdal/packages/debian/Makefile.am deleted file mode 100644 index a73dc807ca22..000000000000 --- a/crypto/heimdal/packages/debian/Makefile.am +++ /dev/null @@ -1,91 +0,0 @@ -# $Id$ - -include $(top_srcdir)/Makefile.am.common - -EXTRA_DIST = \ - README \ - README.Debian \ - changelog \ - compat \ - control \ - copyright \ - extras/default \ - extras/kadmind.acl \ - extras/kdc.conf \ - heimdal-clients-x.install \ - heimdal-clients.install \ - heimdal-clients.postinst \ - heimdal-clients.prerm \ - heimdal-dev.install \ - heimdal-docs.install \ - heimdal-kcm.init \ - heimdal-kcm.install \ - heimdal-kdc.dirs \ - heimdal-kdc.examples \ - heimdal-kdc.init \ - heimdal-kdc.install \ - heimdal-kdc.logrotate \ - heimdal-kdc.postinst \ - heimdal-kdc.postrm \ - heimdal-kdc.templates \ - heimdal-servers-x.dirs \ - heimdal-servers-x.install \ - heimdal-servers-x.postinst \ - heimdal-servers-x.postrm \ - heimdal-servers-x.prerm \ - heimdal-servers.dirs \ - heimdal-servers.install \ - heimdal-servers.postinst \ - heimdal-servers.postrm \ - heimdal-servers.prerm \ - libasn1-8-heimdal.install \ - libasn1-8-heimdal.postinst.debhelper \ - libasn1-8-heimdal.postrm.debhelper \ - libasn1-8-heimdal.substvars \ - libgssapi2-heimdal.install \ - libgssapi2-heimdal.postinst.debhelper \ - libgssapi2-heimdal.postrm.debhelper \ - libgssapi2-heimdal.substvars \ - libhdb9-heimdal.install \ - libhdb9-heimdal.postinst.debhelper \ - libhdb9-heimdal.postrm.debhelper \ - libhdb9-heimdal.substvars \ - libkadm5clnt7-heimdal.install \ - libkadm5clnt7-heimdal.postinst.debhelper \ - libkadm5clnt7-heimdal.postrm.debhelper \ - libkadm5clnt7-heimdal.substvars \ - libkadm5srv7-heimdal.install \ - libkadm5srv8-heimdal.install \ - libkafs0-heimdal.install \ - libkrb5-22-heimdal.install \ - libkrb5-22-heimdal.postinst.debhelper \ - libkrb5-22-heimdal.postrm.debhelper \ - libkrb5-22-heimdal.substvars \ - libotp0-heimdal.install \ - libroken18-heimdal.install \ - libroken18-heimdal.postinst.debhelper \ - libroken18-heimdal.postrm.debhelper \ - libroken18-heimdal.substvars \ - libsl0-heimdal.install \ - patches/021_debian \ - patches/022_ftp-roken-glob \ - patches/022_openafs \ - patches/025_pthreads \ - patches/026_posix_max \ - po/POTFILES.in \ - po/cs.po \ - po/da.po \ - po/de.po \ - po/es.po \ - po/fr.po \ - po/gl.po \ - po/ja.po \ - po/nl.po \ - po/pt.po \ - po/pt_BR.po \ - po/ru.po \ - po/sv.po \ - po/templates.pot \ - po/vi.po \ - rules \ - scripts/convert_source diff --git a/crypto/heimdal/packages/debian/Makefile.in b/crypto/heimdal/packages/debian/Makefile.in deleted file mode 100644 index 8be56b0c88b4..000000000000 --- a/crypto/heimdal/packages/debian/Makefile.in +++ /dev/null @@ -1,745 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id$ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = packages/debian -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -EXTRA_DIST = \ - README \ - README.Debian \ - changelog \ - compat \ - control \ - copyright \ - extras/default \ - extras/kadmind.acl \ - extras/kdc.conf \ - heimdal-clients-x.install \ - heimdal-clients.install \ - heimdal-clients.postinst \ - heimdal-clients.prerm \ - heimdal-dev.install \ - heimdal-docs.install \ - heimdal-kcm.init \ - heimdal-kcm.install \ - heimdal-kdc.dirs \ - heimdal-kdc.examples \ - heimdal-kdc.init \ - heimdal-kdc.install \ - heimdal-kdc.logrotate \ - heimdal-kdc.postinst \ - heimdal-kdc.postrm \ - heimdal-kdc.templates \ - heimdal-servers-x.dirs \ - heimdal-servers-x.install \ - heimdal-servers-x.postinst \ - heimdal-servers-x.postrm \ - heimdal-servers-x.prerm \ - heimdal-servers.dirs \ - heimdal-servers.install \ - heimdal-servers.postinst \ - heimdal-servers.postrm \ - heimdal-servers.prerm \ - libasn1-8-heimdal.install \ - libasn1-8-heimdal.postinst.debhelper \ - libasn1-8-heimdal.postrm.debhelper \ - libasn1-8-heimdal.substvars \ - libgssapi2-heimdal.install \ - libgssapi2-heimdal.postinst.debhelper \ - libgssapi2-heimdal.postrm.debhelper \ - libgssapi2-heimdal.substvars \ - libhdb9-heimdal.install \ - libhdb9-heimdal.postinst.debhelper \ - libhdb9-heimdal.postrm.debhelper \ - libhdb9-heimdal.substvars \ - libkadm5clnt7-heimdal.install \ - libkadm5clnt7-heimdal.postinst.debhelper \ - libkadm5clnt7-heimdal.postrm.debhelper \ - libkadm5clnt7-heimdal.substvars \ - libkadm5srv7-heimdal.install \ - libkadm5srv8-heimdal.install \ - libkafs0-heimdal.install \ - libkrb5-22-heimdal.install \ - libkrb5-22-heimdal.postinst.debhelper \ - libkrb5-22-heimdal.postrm.debhelper \ - libkrb5-22-heimdal.substvars \ - libotp0-heimdal.install \ - libroken18-heimdal.install \ - libroken18-heimdal.postinst.debhelper \ - libroken18-heimdal.postrm.debhelper \ - libroken18-heimdal.substvars \ - libsl0-heimdal.install \ - patches/021_debian \ - patches/022_ftp-roken-glob \ - patches/022_openafs \ - patches/025_pthreads \ - patches/026_posix_max \ - po/POTFILES.in \ - po/cs.po \ - po/da.po \ - po/de.po \ - po/es.po \ - po/fr.po \ - po/gl.po \ - po/ja.po \ - po/nl.po \ - po/pt.po \ - po/pt_BR.po \ - po/ru.po \ - po/sv.po \ - po/templates.pot \ - po/vi.po \ - rules \ - scripts/convert_source - -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps packages/debian/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps packages/debian/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -tags: TAGS -TAGS: - -ctags: CTAGS -CTAGS: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile all-local -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool dist-hook distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/packages/debian/README b/crypto/heimdal/packages/debian/README deleted file mode 100644 index 1a59f00cd24a..000000000000 --- a/crypto/heimdal/packages/debian/README +++ /dev/null @@ -1,15 +0,0 @@ - -d=ubuntu/gutsy - -mkdir foo -cd foo -svn co .... heimdal-src -cd heimdal-src -ln -s packages/debian -test -f configure || autoreconf -f -i -fakeroot debian/rules binary -cd .. -cp *.deb /afs/pdc.kth.se/public/ftp/pub/heimdal/binaries/$dist -cd /afs/pdc.kth.se/public/ftp/pub/heimdal/binaries/$dist -dpkg-scanpackages . /dev/null 2> /dev/null | gzip -9 > Packages.gz - diff --git a/crypto/heimdal/packages/debian/README.Debian b/crypto/heimdal/packages/debian/README.Debian deleted file mode 100644 index 41a73cc9a7c8..000000000000 --- a/crypto/heimdal/packages/debian/README.Debian +++ /dev/null @@ -1,120 +0,0 @@ -Note on ksu ------------ -This program is not installed setuid root be default. If you want to -install it setuid root, then you can override the package permissions -with: - -dpkg-statoverride --update --add root root 4755 /usr/bin/ksu - -Note on ipropd and/or hpropd ----------------------------- -The following entries may be required in you /etc/services -file (see bug #139845): - -krb_prop 754/tcp # Kerberos slave propagation -iprop 2121/tcp # incremental propagation - -Note on kerberos.8 man page ---------------------------- -This man page is not currently included due to conflict with kerberos4kth-kdc -package. For more information on Kerberos, see: -http://www.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html - -Installing heimdal for Debian ------------------------------ -(Note: if you do not have a krb4 KDC, you may need to include -"krb4_get_tickets = no" in the [libdefaults] section of -kdc.conf; otherwise kinit will complain with an error). - -Things you will have to do manually (see info documentation for -details): - -On KDC: -1. Add adminstrator keys using kadmin. - -For example: -# kadmin -l -kadmin> add bam/admin -Max ticket life [unlimited]: -Max renewable life [unlimited]: -Principal expiration time [never]: -Password expiration time [never]: -Attributes []: -bam/admin@CHOCBIT.ORG.AU's Password: -Verifying password - bam/admin@CHOCBIT.ORG.AU's Password: - -2. Add kadmin/admin key to KDC: - -For example: -# kadmin -l -kadmin> add -r kadmin/admin@CHOCBIT.ORG.AU -Max ticket life [unlimited]: -Max renewable life [unlimited]: -Principal expiration time [never]: -Password expiration time [never]: -Attributes []: - -(note: this key doesn't need to be extracted). - -3. Enable remote admistration by creating /etc/heimdal-kdc/kadmind.acl - -For example: -echo 'bam/admin@CHOCBIT.ORG.AU all' > /etc/heimdal-kdc/kadmind.acl - -4. Test. - -For example: -# kadmin -p bam/admin -bam/admin@CHOCBIT.ORG.AU's Password: -kadmin> list * -[should list all keys] - -5. Add user keys - -For example: -# kadmin -p bam/admin -bam/admin@CHOCBIT.ORG.AU's Password: -kadmin> add bam - - -On other computers: -1. If you installed heimdal-clients-x or heimdal-servers-x, -then you will need to add the following entry to /etc/services -kx 2111/tcp # X over kerberos -(check to make sure this doesn't already exist). -2. edit /etc/krb5.conf -3. setup secret keys each computer, using kadmin and/or ktutil. - -For example, on remote computer dewey.chocbit.org.au: -bam/admin@CHOCBIT.ORG.AU's Password: -kadmin> add -r host/dewey.chocbit.org.au -[...] -kadmin> ext host/dewey.chocbit.org.au -kadmin> add -r ftp/dewey.chocbit.org.au -[...] -kadmin> ext ftp/dewey.chocbit.org.au - -The ext command extracts keys to /etc/krb5.keytab, where -they can be inspected with the "ktutil list" command at the -shell prompt. - -Tell me if any files conflict with any other package - do not -try to force the package to install, otherwise things may break... -In general, this package conflicts with kerberos4kth and -probably MIT Kerberos (not packaged as of potato). Local -installations under /usr/local should be OK. - -Changes from upstream source: -1. popper checks for $HOME/Maildir, $HOME/Mailbox and /var/spool/mail/ -in that order. -2. /var/lib/heimdal-kdc used instead of /var/heimdal -3. /usr/bin/login moved to /usr/lib/heimdal-servers -4. /usr/lib/heimdal-servers used instead of /usr/libexec -5. telnet and ftp have been renamed to ktelnet and kftp, and -use the update-alternatives mechanism. In the future, this -should allow heimdal-clients to exist at the same time -as telnet-ssl. -6. kdc config files kdc.conf and kadmind.acl stored in -/etc/heimdal-kdc instead of /usr/lib/heimdal-servers. - - -- Brian May , Wed, 8 Dec 1999 11:54:13 +1100 diff --git a/crypto/heimdal/packages/debian/changelog b/crypto/heimdal/packages/debian/changelog deleted file mode 100644 index b6ae93ccbef2..000000000000 --- a/crypto/heimdal/packages/debian/changelog +++ /dev/null @@ -1,1168 +0,0 @@ -heimdal (1.0.2RC5.dfsg.1) gutsy; urgency=low - - * New version - - -- Love Hörnquist Åstrand Mon, 4 Dec 2007 17:54:28 -0200 - -heimdal (1.0.2RC2.dfsg.1) gutsy; urgency=low - - * New version - - * Add new libs - - -- Love Hörnquist Åstrand Fri, 19 Oct 2007 17:54:28 -0200 - -heimdal (0.7.2.dfsg.1-10ubuntu2) gutsy; urgency=low - - * debian/control: - - Actually added openbsd-inetd | inet-superserver to heimdal-servers' - dependencies (LP: #123782). - - DebainMaintainerField foo - - -- Rick Clark Tue, 03 Jul 2007 19:58:47 -0400 - -heimdal (0.7.2.dfsg.1-10ubuntu1) feisty; urgency=low - - * Merge from debian unstable, remaining changes: - - Add update-inetd to heimdal-servers and heimdal-kdc's dependencies - - Add openbsd-inetd | inet-superserver to heimdal-servers dependencies - - -- Lionel Porcheron Fri, 09 Feb 2007 14:17:33 +0100 - -heimdal (0.7.2.dfsg.1-10) unstable; urgency=low - - * Add Portuguese debconf translation (closes: #408186). - * Properly quote values in heimdal-kdc's postinst (closes: #408908). - * Fixes broken conflicts in libsl0-heimdal (closes: #406651). - - -- Brian May Thu, 8 Feb 2007 15:27:28 +1100 - -heimdal (0.7.2.dfsg.1-9ubuntu1) feisty; urgency=low - - * Merge from Debian unstable, remaining changes: - - Add update-inetd to heimdal-servers and heimdal-kdc's dependencies - - Add openbsd-inetd | inet-superserver to heimdal-servers dependencies - - -- Lionel Porcheron Sun, 14 Jan 2007 21:48:33 +0100 - -heimdal (0.7.2.dfsg.1-9) unstable; urgency=low - - * Include Spanish po-debconf translation (closes: #403481). - - -- Brian May Thu, 11 Jan 2007 09:09:26 +1100 - -heimdal (0.7.2.dfsg.1-8ubuntu1) feisty; urgency=low - - * debian/control: Add update-inetd to heimdal-servers's dependencies - (Closes Ubuntu: #76104). - * debian/control: Add openbsd-inetd | inet-superserver dependencies - as heimdal-servers needs an inet server to work - - -- Lionel Porcheron Sun, 17 Dec 2006 11:28:51 +0100 - -heimdal (0.7.2.dfsg.1-8) unstable; urgency=high - - * Swap -n with -z in test, otherwise servers won't get added on initial - installation. This was due to broken fix for #401258. - - -- Brian May Wed, 13 Dec 2006 14:45:52 +1100 - -heimdal (0.7.2.dfsg.1-7) unstable; urgency=high - - * Don't change services on upgrades, only on fresh installation, purge, and - upgrade from old versions. Closes: #401258. - - -- Brian May Tue, 12 Dec 2006 14:45:22 +1100 - -heimdal (0.7.2.dfsg.1-6) unstable; urgency=low - - * Update maintainer E-Mail address. - - -- Brian May Mon, 20 Nov 2006 12:02:02 +1100 - -heimdal (0.7.2.dfsg.1-5) unstable; urgency=low - - * Rebuild against latest openldap (closes: #385809). - * Add SLAVE_PARAMS to KDC /etc/default/heimdal-kdc file (closes: #392933). - * Fix klist man page (closes: #389848). - - -- Brian May Mon, 16 Oct 2006 15:15:32 +1000 - -heimdal (0.7.2.dfsg.1-4) unstable; urgency=low - - * Include KCM (closes: #379245). - * Move heimdal-docs to Section: doc. - - -- Brian May Tue, 22 Aug 2006 12:19:57 +1000 - -heimdal (0.7.2.dfsg.1-3) unstable; urgency=low - - * Remove bashism in debian/rules. Closes: #376082. - * Build depends on texinfo, required for makeinfo. Closes: #376224. - - -- Brian May Sun, 2 Jul 2006 10:49:35 +1000 - -heimdal (0.7.2.dfsg.1-2) unstable; urgency=low - - * Search for all references to HDB_DB_DIR "/kdc.conf" and replace with - "/etc/heimdal-kdc/kdc.conf". Closes: #365883, #365890. - - -- Brian May Sun, 14 May 2006 10:42:24 +1000 - -heimdal (0.7.2.dfsg.1-1) unstable; urgency=low - - * Remove non-free documentation. Closes: #364860. - * Add Galician debconf templates. Closes: #362091. - * Update standards version to 3.7.2. - - -- Brian May Sat, 13 May 2006 16:02:41 +1000 - -heimdal (0.7.2-4) unstable; urgency=low - - * Fix file deletion in postrm. Closes: #361411. - - -- Brian May Mon, 10 Apr 2006 12:45:34 +1000 - -heimdal (0.7.2-3) unstable; urgency=low - - * Move heimdal-kdc config files, kdc.conf, kadmind.acl and .configured, from - /var/lib/heimdal-kdc to /etc/heimdal-kdc. Closes: #351960. - - -- Brian May Fri, 7 Apr 2006 10:13:55 +1000 - -heimdal (0.7.2-2) unstable; urgency=low - - * Install krcp.1 manpage. - * Move xnlock.1 man page to correct man page section 1. - * heimdal-dev: add depends on comerr-dev. Closes: #357115. - - -- Brian May Thu, 16 Mar 2006 19:15:32 +1100 - -heimdal (0.7.2-1) unstable; urgency=low - - * New upstream version. Includes security fixes. Changes from upstream: - - * Fix security problem in rshd that enable an attacker to overwrite - and change ownership of any file that root could write - (CVE-2006-0582). - - * Fix a DOS in telnetd. The attacker could force the server to crash - in a NULL de-reference before the user logged in, resulting in inetd - turning telnetd off because it forked too fast (CVE-2006-0677). - - * Make gss_acquire_cred(GSS_C_ACCEPT) check that the requested name - exists in the keytab before returning success. This allows servers - to check if its even possible to use GSSAPI. - - * Fix receiving end of token delegation for GSS-API. It still wrongly - uses subkey for sending for compatibility reasons, this will change - in 0.8. - - * telnetd, login and rshd are now more verbose in logging failed and - successful logins. - - * Bug fixes. - - * Ditch dbs build system in preference for quilt and cdbs. - - * Don't install /usr/include/ss. It's not included by any other header - in heimdal-dev and is provided by ss-dev. Closes: #349213. - - * Also remove /usr/bin/mk_cmds which is also provided by ss-dev. - - * Supply /etc/ldap/schema/hdb.schema. Closes: #355287. - - * Move iprop man pages from heimdal-clients package into - heimdal-kdc package. Closes: #347555. - - * Change default program for krsh from rlogin to ktelnet if no parameters - given. Closes: #355080. - - -- Brian May Thu, 9 Mar 2006 18:24:51 +1100 - -heimdal (0.7.1-3) unstable; urgency=high - - * Brian May : - * Delete patches for old Heimdal versions. - * Update Swedish debconf translation (closes: #347605). - * Michael Banck : - * Changes for GNU HURD: 026_posix_max (closes: #113317), - 026_no_afs (closes: #324342). - * Steve Langasek : - * 025_pthreads - * High-urgency upload for RC bugfix. - * Use -pthread -lpthread when linking shared libs, not just -pthread, - needed for proper linking of libgssapi on mips/mipsel. Closes: #346346. - * Build-depend on libx11-dev, libxau-dev, libxt-dev, x-dev instead of the - obsolete xlibs-dev. Closes: #346680. - - -- Brian May Fri, 13 Jan 2006 19:04:05 +1100 - -heimdal (0.7.1-2) unstable; urgency=low - - * Apply 022_ftp-roken-glob again. - * Upload for unstable. - - -- Brian May Thu, 22 Dec 2005 11:24:21 +1100 - -heimdal (0.7.1-1) experimental; urgency=low - - * New upstream version. - * Remove krb4 support (closes: #315059, #334632). - * Conflict with krb4. - - -- Brian May Mon, 24 Oct 2005 08:08:39 +1000 - -heimdal (0.6.3-13) unstable; urgency=low - - * Add alternative depends of debconf-2.0 in heimdal-kdc. Closes - . - * Update sv translations (closes: #330318). - - -- Brian May Sun, 2 Oct 2005 12:36:49 +1000 - -heimdal (0.6.3-12) unstable; urgency=low - - * Rebuild to fix broken *.la files (closes: #316980). - * Modify rxtelnet and rxterm to use ktelnet and krsh (closes: #274063). - * Add Vietnamese debconf translation (closes: #314197). - * Add Czech debconf translation (closes: #314749). - * Move string2key into heimdal-clients (closes: #314365). - * Fix LDAP searches (closes: #318409). - - -- Brian May Thu, 25 Aug 2005 11:39:59 +1000 - -heimdal (0.6.3-11) unstable; urgency=low - - * Apply patch to fix "Remotely exploitable buffer overflow in - getterminaltype function", reported in Secunia advisory SA15718 at - http://secunia.com/advisories/15718/. Closes: #315065. - - -- Brian May Sun, 3 Jul 2005 13:54:19 +1000 - -heimdal (0.6.3-10) unstable; urgency=low - - * LDAP support (closes: #95246). - * Fix buffer overflow security bug in telnet client, CAN-2005-0469, - closes: #305574. - - -- Brian May Mon, 25 Apr 2005 14:48:03 +1000 - -heimdal (0.6.3-9) unstable; urgency=low - - * Add Japanese debconf translation (closes: #302485) - * Updated replaces for heimdal-clients (closes: #303751). - * Support update-alternatives with rcp man page (closes: #303753). - - -- Brian May Sun, 10 Apr 2005 12:47:40 +1000 - -heimdal (0.6.3-8) unstable; urgency=low - - * Apply patch to build on amd64 (closes: #300811). - * Move verify_krb5_conf man page to heimdal-clients (closes: #299905). - * Include danish debconf translations (closes: #296987). - * Add missing (versioned) comerr-dev to build depends (closes: #293270). - - -- Brian May Thu, 24 Mar 2005 10:34:46 +1100 - -heimdal (0.6.3-7) unstable; urgency=low - - * Remove setconfig from built package, the new kdc.conf config broke this - script, and the config it changed wasn't used by Heimdal anyway. - Closes: #289295. - * Add patch from upstream to stop KDC crashing with SIGPIPE error. - Closes: #284498. - - -- Brian May Fri, 14 Jan 2005 15:59:20 +1100 - -heimdal (0.6.3-6) unstable; urgency=low - - * Make conflict between heimdal-kdc and krb5-admin-server explicit, see - #274763 for details. - * Supply better example kdc.conf (closes: #210575). I deliberately omitted - the database setting as upstream say it isn't currently usable and will - change soon. Improvements welcome. - * Fix hardcoded paths to work with openafs (closes: #286249). - - -- Brian May Mon, 20 Dec 2004 10:39:43 +1100 - -heimdal (0.6.3-5) unstable; urgency=low - - * Add new German debconf translations (closes: #284375). - * Set Project-Id-Version, PO-Revision-Date, Last-Translator fields to - Swedish and Russian translations from information in BTS. - * Remove kerberos.8.gz man page. This hack is to remove the conflict with - kerberos4kth which also contains the same file. It doesn't appear worth - keeping. See bug #274763 for details on conflict. - * Add note concerning above item in README.Debian. - * Make conflict between heimdal-kdc and krb5-kdc explicit, see #274763 - for details. - - -- Brian May Sun, 12 Dec 2004 15:41:05 +1100 - -heimdal (0.6.3-4) unstable; urgency=low - - * Adding the attached Brazilian Portuguese templates (closes: #278730). - * Fix typo in prerm script (closes: #280354). - - -- Brian May Tue, 9 Nov 2004 14:09:01 +1100 - -heimdal (0.6.3-3) unstable; urgency=low - - * Move kerberos.8.gz from heimdal-servers into heimdal-docs package. - * Move kadmind.8.gz from heimdal-servers into heimdal-kdc package. - * Conflict with pop3-server instead of qpopper (closes: #274774). - - -- Brian May Mon, 18 Oct 2004 17:12:05 +1000 - -heimdal (0.6.3-2) unstable; urgency=low - - * Stop all daemons as long as PID file exists, regardless if deamon is - enabled or not (closes: #266575). - * Add Dutch po-debconf translations (closes: #263597). - * Add some cleanups recommended in #95246 to debian/rules. - * Remove debian/*.ex files. - * Remove debian/control.* files. - * Remove debian/ex.doc-base.package. - * Remove obsolete libtool hack. - * Remove calls to obsolete dh_suidregister program. - - -- Brian May Sat, 25 Sep 2004 14:59:21 +1000 - -heimdal (0.6.3-1) unstable; urgency=low - - * New upstream version. - - -- Brian May Tue, 14 Sep 2004 08:28:11 +1000 - -heimdal (0.6.2-0.6.3rc3-1) unstable; urgency=low - - * New upstream version. - * Fixes security bugs in FTP server. - - -- Brian May Mon, 13 Sep 2004 16:00:23 +1000 - -heimdal (0.6.2-6) unstable; urgency=low - - * Update replaces header for heimdal-clients, to allow for push.8.gz - moving from heimdal-servers to heimdal-clients (closes: #264979). - - -- Brian May Thu, 12 Aug 2004 09:02:48 +1000 - -heimdal (0.6.2-5) unstable; urgency=low - - * Cave in to pressure and remove libdb4.2-dev from depends in - heimdal-dev. See bug #253894 for reasons, both for and against. - - -- Brian May Mon, 2 Aug 2004 17:46:29 +1000 - -heimdal (0.6.2-4) unstable; urgency=low - - * Add patch 000_afslog to make afslog work (closes: #261065). - - -- Brian May Sat, 31 Jul 2004 14:56:32 +1000 - -heimdal (0.6.2-3) unstable; urgency=low - - * Use default realm configured by krb5-config for KDC (closes: - #251725). - * Move push.8 man page from heimdal-servers to heimdal-clients - (push binary is already in heimdal-clients). - - -- Brian May Mon, 31 May 2004 08:30:54 +1000 - -heimdal (0.6.2-2) unstable; urgency=low - - * Make build depends on libssl-dev versioned (closes: #249595). - * libdb4.2 support (closes: #223055). - - -- Brian May Sun, 23 May 2004 10:10:04 +1000 - -heimdal (0.6.2-1) unstable; urgency=low - - * New upstream version. - * Fixes possible buffer overflow bug in the krb4 code in kadmin - (CAN-2004-0472). - * Disables krb4 support by default in kadmin. - * Next upstream version will remove krb4 support in kadmin. - - -- Brian May Tue, 11 May 2004 09:57:12 +1000 - -heimdal (0.6.1-1) unstable; urgency=low - - * New upstream version: - * Fix cross realm trust vulnerability (closes: #241524). - - * The following patches removed as they appear to be in upstream: - * patches/001_sasl_external. - * patches/010_gcc33. - * patches/016_nessus_dos. - * patches/023_db4 - - * Simplify patches/032_libtool_version_script, remove hunks that only - change line numbers (these created rejects). - - -- Brian May Sun, 4 Apr 2004 10:14:22 +1000 - -heimdal (0.6-8) unstable; urgency=low - - * Change /etc/defaults/heimdal-kdc to /etc/default/heimdal-kdc in - heimdal-kdc init.d script (closes: #236289). - * Add french debconf templates (closes: #236891). - - -- Brian May Thu, 11 Mar 2004 13:07:59 +1100 - -heimdal (0.6-7) unstable; urgency=low - - * Use new gettext based debconf (closes: #235170). - - -- Brian May Sat, 28 Feb 2004 13:15:41 +1100 - -heimdal (0.6-6) unstable; urgency=low - - * Move /etc/defaults/heimdal-kdc to /etc/default/heimdal-kdc (closes: - #233824) - - -- Brian May Wed, 25 Feb 2004 11:09:29 +1100 - -heimdal (0.6-5) unstable; urgency=low - - * Add sample kadmind.acl on initial installation (closes: #215649) - * Split KDC init.d script into /etc/default/heimdal-kdc (closes: #213534). - * Add openldap patch from upstream 001_sasl_external (LDAP is not - enabled in build though). - - -- Brian May Wed, 31 Dec 2003 12:41:38 +1100 - -heimdal (0.6-4) unstable; urgency=low - - * The "Lets fix all these bugs release" (and see what breaks!). - * Set standards version to 3.6.1. - * Upgrade to DH_COMPAT version 4. - * Fix minor errors reported by linda, including: - * Remove call to dh_suidregister. - * Add versioned dependancy on debhelper (closes: #216290). - * Add versioned depends on debconf, - * When START_KDC is set, the init.d script should stop kdc; when - START_KPASSWDD is set, the init.d script should stop kpasswdd; not the - other way around. Closes #214447. - * Fix info pages by installing all files, closes #214248. - * Add libtool patch to version symbols, thanks Steve Langasek - . Closes: #205592. - * Attempt to link against libdb4.1 instead of libdb3 failed, as automake - wouldn't stop complaining about lib/roken/Makefile.am (not touched by - this patch). Added debian/patch/db4 all the same. - - -- Brian May Sat, 13 Dec 2003 11:17:42 +1100 - -heimdal (0.6-3) unstable; urgency=low - - * Remove heimdal-libs package, I am not sure why I kept it, it isn't really - required for upgrades. This solves the (non-)issue with the description - (closes: #209552). - - * Fix nessus DOS attack (closes: #197161). - - * Since 0.6-2.2 no longer links with libreadline (closes: #198511). - - -- Brian May Sun, 28 Sep 2003 11:06:57 +1000 - -heimdal (0.6-2.3) unstable; urgency=low - - * NMU with Blessings from Brian May - - -- Mikael Andersson Tue, 16 Sep 2003 07:14:03 +0200 - -heimdal (0.6-2.2) unstable; urgency=low - - * Compile against libedit instead of libreadline4. - Added patch 015_editline - Recreated 030_autotools (Need $TMP to be set, and add libtoolize) - Changed builddependency from libreadline4-dev to libedit-dev - Change configure --with-readline in rules - - -- Mikael Andersson Mon, 15 Sep 2003 12:31:46 +0200 - -heimdal (0.6-2.1) unstable; urgency=low - - * Use com_err from comerr-dev. - - * Removed comerr-dev, ss-dev from Conflicts of heimdal-dev - - -- Mikael Andersson Mon, 15 Sep 2003 11:36:49 +0200 - -heimdal (0.6-2) unstable; urgency=low - - * Remove login man page, it conflicts with the login package. - - -- Brian May Sat, 6 Sep 2003 12:40:01 +1000 - -heimdal (0.6-1) unstable; urgency=low - - * New upstream version. - * Built for woody. - - -- Brian May Thu, 28 Aug 2003 15:50:17 +1000 - -heimdal (0.5.2-5) unstable; urgency=low - - * Update conflicts for heimdal-clients not to conflict with ftp, as it - uses update-alternatives since version 0.16-1 (closes: #202701). - - -- Brian May Wed, 6 Aug 2003 12:15:05 +1000 - -heimdal (0.5.2-4) unstable; urgency=low - - * Move conflicts libdb3-dev to depends libdb3-dev, really-closes - #196157. - - -- Brian May Sun, 29 Jun 2003 09:32:20 +1000 - -heimdal (0.5.2-3) unstable; urgency=low - - * Fix FTBFS error with GCC-3.3 by adding debian/patches/010_gcc33 - (closes: #196406). - * heimdal-dev depends on libdb3-dev, closes: #196157. - - -- Brian May Sat, 28 Jun 2003 15:47:53 +1000 - -heimdal (0.5.2-2) unstable; urgency=low - - * Make heimdal-kdc daemons configurable. Also fix type in - etc/init.d/heimdal-kdc (closes: #186353). - * Upstream said kftp -n option was fixed in 0.5.2-1 (closes: #181697). - - -- Brian May Thu, 27 Mar 2003 12:26:09 +1100 - -heimdal (0.5.2-1) unstable; urgency=high - - * New upstream version; Fixes krb4 security bug (closes: #185164). - * Remove versioned symbols patch, this more important. - * Remove debian/patches/016_openssl, hopefully it is no longer required. - * Remove debian/patches/018_sasize, hopefully it is no longer required. - - -- Brian May Tue, 18 Mar 2003 10:57:31 +1100 - -heimdal (0.5.1-7) unstable; urgency=low - - * Use versioned symbols for all libraries. - - -- Brian May Mon, 17 Mar 2003 12:50:38 +1100 - -heimdal (0.5.1-6) unstable; urgency=low - - * Fix credential delegation bug (018_gssapi_forward). - * Rename 023_sasize patch to 018_sasize, 02* is for Debian specific - changes, not bugs fixes of upstream code, that is for 01*. - - -- Brian May Fri, 7 Mar 2003 18:47:29 +1100 - -heimdal (0.5.1-5) unstable; urgency=low - - * Fix error with sa_size not getting initialized properly. See - debian/patches/023_sasize. - - -- Brian May Tue, 4 Mar 2003 19:06:01 +1100 - -heimdal (0.5.1-4) unstable; urgency=low - - * Rebuild for sid. - * 016_openssl patch to work with openssl 0.9.7. - * Now builds on sid (closes: #178775). - * New build will have correct dependancy on libroken (closes: #177250). - - -- Brian May Thu, 30 Jan 2003 11:35:44 +1100 - -heimdal (0.5.1-3) unstable; urgency=low - - * 015_getifaddrs patch fixes segmentation fault. - * Remove *.rej file from 014_cache patch. - - -- Brian May Thu, 16 Jan 2003 13:30:07 +1100 - -heimdal (0.5.1-2) unstable; urgency=low - - * Move dependancy on krb5-config to heimdal-servers and heimdal- - clients (closes: #171868). - * Add build depends on libhesiod-dev, it is only small, and - all versions of Heimdal need to be built the same. - * These changes were in 0.4e-23, but missed in 0.5.1-1. - - -- Brian May Thu, 9 Jan 2003 16:29:39 +1100 - -heimdal (0.5.1-1) unstable; urgency=low - - * New upstream version. - * Build-depends on kerberos4kth-dev 1.2.1, it includes a new version - of libroken. - * New major version of libasn1-6-heimdal (was libasn1-5-heimdal). - - -- Brian May Thu, 9 Jan 2003 14:34:54 +1100 - -heimdal (0.5-1) unstable; urgency=low - - * New upstream version. - - -- Brian May Sun, 29 Sep 2002 10:06:28 +1000 - -heimdal (0.4e-20) unstable; urgency=low - - * Add missing depends of kerberos4kth-dev to heimdal-dev (closes: - 160669). - * Add description of changes required to /etc/services to get hprop - and/or iprop to work (closes: 139845). - * Add sample inetd entry for hprop and sample code in init.d script - for iprop (closes: #139851). - - -- Brian May Fri, 13 Sep 2002 13:34:04 +1000 - -heimdal (0.4e-19) unstable; urgency=low - - * Apply patch to fix time sync problem (closes: #155816). - - -- Brian May Tue, 20 Aug 2002 13:04:51 +1000 - -heimdal (0.4e-18) unstable; urgency=low - - * Apply patches from Mikael Andersson to fix FTP bug, closes: 150967. - - -- Brian May Thu, 15 Aug 2002 10:05:46 +1000 - -heimdal (0.4e-17) unstable; urgency=low - - * Use Maintainer Mode for automake. - * Include krb5.conf.5heimdal man page (closes: #150293). - - -- Brian May Tue, 6 Aug 2002 10:30:07 +1000 - -heimdal (0.4e-16) unstable; urgency=low - - * Fix heap overflow bug in ftp client that allows remote code - execution by malicious ftp server. - * Don't delete libkafs.so - - -- Brian May Thu, 30 May 2002 09:33:21 +1000 - -heimdal (0.4e-15) unstable; urgency=low - - * Attempt to use libraries from kerberos4kth. - - -- Brian May Mon, 22 Apr 2002 18:03:13 +1000 - -heimdal (0.4e-14) unstable; urgency=low - - * Attempt to recompile with krb4 support. Closes: #143273. - For some reason this was marked as grave, even though the - rest of Heimdal functioned OK. - * Reopens bug: cyclic dependancies exist between Heimdal and - Kerberos4kth. This really needs to get fixed. - * Attempt to fix this in debian/patches-0.4e-trial (still needs - further work), but this failed as autoconf in Debian doesn't like - autoconf files used in Heimdal. - - -- Brian May Sat, 20 Apr 2002 15:12:57 +1000 - -heimdal (0.4e-13) unstable; urgency=low - - * Move push to heimdal-clients (closes: #142331). - * The 'but I am sure I removed the build depends for kerberos4kth' - release. Closes: #142491 - * Also get rid of libkafs0, as including an empty libkafs0 could be - confusing. closes: #142411 - - -- Brian May Fri, 12 Apr 2002 18:44:34 +1000 - -heimdal (0.4e-12) unstable; urgency=low - - * Remove krb4 support, and remove build depends loop. - - -- Brian May Wed, 10 Apr 2002 08:29:52 +1000 - -heimdal (0.4e-11) unstable; urgency=low - - * Move to main. - * Attempt to get priorities correct. - - -- Brian May Wed, 3 Apr 2002 09:12:15 +1000 - -heimdal (0.4e-10) unstable; urgency=low - - * Change build depends from libssl096-dev to libssl-dev, closes: - #140690. - * Some dependancies are still in non-us, so this can't go in - main yet. Examples: krb5-config and kerberos4kth. - - -- Brian May Mon, 1 Apr 2002 10:39:31 +1000 - -heimdal (0.4e-9) unstable; urgency=low - - * Use /bin/login instead of /usr/sbin/login (which doesn't exist), - closes #139250. /bin/login is better then the login provided with - Heimdal, as it provides support for PAM. - - -- Brian May Thu, 21 Mar 2002 16:19:28 +1100 - -heimdal (0.4e-8) unstable; urgency=low - - * heimdal-servers: add conflicts qpopper (closes: #137208). - * Add russian debconf template (closes: #137657). I hope the character - encoding comes up Ok... - * Added note in README.Debian on making ksu setuid root (closes: #84468). - - -- Brian May Thu, 14 Mar 2002 11:35:15 +1100 - -heimdal (0.4e-7) unstable; urgency=low - - * Move krb5-config man page to heimdal-dev (closes: #135957). - * Fix extended descriptions (closes #135525, #135515). - * Move ktutil man page to heimdal-clients (closes: #136449). - - -- Brian May Mon, 4 Mar 2002 14:19:53 +1100 - -heimdal (0.4e-6) unstable; urgency=low - - * Versioned conflicts against openafs (closes: #127817,#128105). - - -- Brian May Tue, 8 Jan 2002 11:19:12 +1100 - -heimdal (0.4e-5) unstable; urgency=low - - * Change conflicts keerberos4kth-clients, as it has changed from - kerberos4kth-user (closes: #124020). heimdal-clients is supposed to - have Kerberos4kth support, hence there should be no need to have - both installed as the same time. - * Build problem on hppa was previously fixed (closes: #101064). - * Fix BSD license (closes: #123822). - - -- Brian May Fri, 21 Dec 2001 11:46:23 +1100 - -heimdal (0.4e-4) unstable; urgency=low - - * Move login back to /usr/sbin/login. - * Use update-alternatives for pagsh. - * Apply patch to stop kstash from segfaulting (closes: #120502). - - -- Brian May Tue, 4 Dec 2001 20:30:38 +1100 - -heimdal (0.4e-3) unstable; urgency=low - - * Move files to correct packages (closes: #121131) - - -- Brian May Mon, 26 Nov 2001 09:22:36 +1100 - -heimdal (0.4e-2) unstable; urgency=low - - * Kerberos 4 support (closes: #65387). - * Build libsl packages (closes: #120496). - - -- Brian May Wed, 14 Nov 2001 17:49:40 +1100 - -heimdal (0.4e-1) unstable; urgency=low - - * New upstream version. - - -- Brian May Mon, 10 Sep 2001 09:40:06 +1000 - -heimdal (0.4c-2) unstable; urgency=low - - * Include devfs fix, telnetd now supports /dev/pts filesystem. - - -- Brian May Mon, 6 Aug 2001 14:20:50 +1000 - -heimdal (0.4c-1) unstable; urgency=low - - * New upstream version. - - -- Brian May Sun, 29 Jul 2001 14:33:17 +1000 - -heimdal (0.3f-1) unstable; urgency=low - - * New upstream version. - * Move krb5.conf.5.gz man page from libkrb5 package to heimdal-doc, - in order to allow different versions of libkrb5 to be installed - at same time. What was I thinking? - * Previous compilation was based on old libraries. Lets try again... - - -- Brian May Thu, 28 Jun 2001 09:05:09 +1000 - -heimdal (0.3e-6) unstable; urgency=low - - * heimdal-dev no longer conflicts with kerberos4kth-dev. - * build conflicts with heimdal-dev, due to libtool hack. - * remove build dependancy on kerberos4kth-dev, as it is not - yet used. - * remove kafs.h and kafs.3.gz is these conflict with files from - kerberos4kth. - - -- Brian May Tue, 12 Jun 2001 09:41:34 +1000 - -heimdal (0.3e-5) unstable; urgency=low - - * Fix library dependancy problem on libdb. - * Use libtool 1.4. Other packages should link -lkrb5 or -lgssapi, - and none of the other libraries (unless really required). - * Split libraries apart. - * Remove libsl, as it doesn't seem to be used anymore. - * Remove conflicts with kerberos4kth libraries (closes: #58090). - * Attempt build with kerberos4kth libraries (not-closed: #65387); - attempt failed (compile error); waiting till I get more time to fix - this or for somebody to fix it for me ;-). - * Uses updated config.sub and config.guess files from libtool 1.4 - (as far as I can tell). Closes: #98153. - * add 31_autotools patch to work around install libtool bug. - - -- Brian May Tue, 22 May 2001 11:14:25 +1000 - -heimdal (0.3e-4) unstable; urgency=low - - * Fix more silly postinst bugs. Disable anonymous ftp logins - by default. - - -- Brian May Thu, 22 Feb 2001 09:38:40 +1100 - -heimdal (0.3e-3) unstable; urgency=low - - * Use update-alternatives for rcp (closes: #86702) - * Remove update-alternatives for rsh when package is removed. - * Add upstream patch to select versions for replay_log. - - -- Brian May Wed, 21 Feb 2001 09:04:58 +1100 - -heimdal (0.3e-2) unstable; urgency=low - - * Disable anonymous ftp logins by default. This can be changed by - using the -a option to ftpd in /etc/inetd.conf. - * Add upstream patch to fix weak key detection. - - -- Brian May Sat, 17 Feb 2001 13:52:35 +1100 - -heimdal (0.3e-1) unstable; urgency=low - - * New upstream version 0.3e. Warning: This fixes a potential security - problem (buffer overrun) in ftpd. - - -- Brian May Tue, 6 Feb 2001 12:59:14 +1100 - -heimdal (0.3d-8) unstable; urgency=low - - * Change section to non-US. - * Add german translation to heimdal-lib.templates file (closes: #83754). - * Add german translation to heimdal-kdc.templates file (closes: #83864). - * Add Depends: libssl096 to heimdal-dev, so packages that use - heimdal-dev no longer need to include this in build-depends: - (unless they really do guse libssl). - * disable openldap support by default (I may enable it latter) - (closes: #83993). - * add patch for openldap. - * don't build binary-all for binary-dep target (closes: #84171). - - -- Brian May Wed, 31 Jan 2001 09:26:39 +1100 - -heimdal (0.3d-7) unstable; urgency=low - - * Replace missing prerm script for heimdal-kdc, as kadmind wasn't being - disabled (in /etc/inetd.conf) on --remove (closes: #83526). - * Fix type in postrm script for heimdal-servers, as inetd entry for ftp - wasn't getting removed on -purge. - * Fix type in postrm script for heimdal-servers-x, as inetd entry for kx - wasn't getting removed on -purge. - * Add swedish translation to heimdal-lib.templates file. - Also add same translation to question in heimdal-kdc.templates, as the - question is exactly the same (closes: #83535). - - -- Brian May Fri, 26 Jan 2001 10:27:13 +1100 - -heimdal (0.3d-6) unstable; urgency=low - - * Use rsh-server and telnet-sever virtual packages (see bug #77404). - - -- Brian May Thu, 18 Jan 2001 18:20:54 +1100 - -heimdal (0.3d-5) unstable; urgency=low - - * Fix ftp bug with ports > 32767 (closes: #81663). - * Move krb5-config to heimdal-dev. - - -- Brian May Fri, 12 Jan 2001 09:02:03 +1100 - -heimdal (0.3d-4) unstable; urgency=low - - * Better, non-hacked fix for krb5-config. Patch from - GOMBAS Gabor . - - -- Brian May Tue, 9 Jan 2001 10:13:28 +1100 - -heimdal (0.3d-3) unstable; urgency=low - - * Compile using libssl026 instead of libdes. Patch from - GOMBAS Gabor . - - -- Brian May Sat, 6 Jan 2001 10:30:03 +1100 - -heimdal (0.3d-2) unstable; urgency=low - - * Add libdb2-dev to build-depends (closes: #80442). - - -- Brian May Tue, 26 Dec 2000 10:59:44 +1100 - -heimdal (0.3d-1) unstable; urgency=low - - * New upstream version. - - -- Brian May Tue, 12 Dec 2000 16:20:34 +1100 - -heimdal (0.3c-6) unstable; urgency=low - - * Rename xnlock.man to xnlock.1, closes: #78117 - * Move xnlock.1 to heimdal-clients-x. - - -- Brian May Tue, 28 Nov 2000 09:55:12 +1100 - -heimdal (0.3c-5) unstable; urgency=low - - * New structure for source. Now there is a different patch for each - change from upstream (closes: 77000). - * Move TODO and NEWS documentation to heimdal-docs, where it should always - have been - * Apply patch from - http://ns1.logidee.com/~joko/heimdal/src/heimdal_cache.patch, - which should allow PAM module to work. - - -- Brian May Sat, 18 Nov 2000 13:04:39 +1100 - -heimdal (0.3c-4) unstable; urgency=low - - * applied patch to fix ftpd problem (closes: #64746). - - -- Brian May Wed, 8 Nov 2000 17:26:16 +1100 - -heimdal (0.3c-3) unstable; urgency=low - - * Try to strip binaries again, by making libeditline libtool - controlled. - - -- Brian May Mon, 9 Oct 2000 09:20:27 +1100 - -heimdal (0.3c-2) unstable; urgency=low - - * applied patch to disable line editing in ftp (closes: #69301). - - -- Brian May Thu, 5 Oct 2000 09:15:44 +1100 - -heimdal (0.3c-1) unstable; urgency=low - - * New upstream version. - * applied patch to fix missing newline problem in ftp (closes: #64289). - * dh_strip commented out, as it crashed the build process. - A bug (#73637) has been opened on this issue. - - -- Brian May Mon, 2 Oct 2000 10:07:53 +1100 - -heimdal (0.3b-2) unstable; urgency=low - - * Add debhelper, xlib6g-dev to build dependancies (closes: #70718). - - * Change documentation to indicate that kadmind uses kadmind.acl, - not kadm5.acl, as previously specified. Add warning in default - kdc.conf file that it needs checking, as it may not be - correct. Everything should work OK though with default values. - closes: #69139. - - -- Brian May Sat, 2 Sep 2000 15:46:53 +1100 - -heimdal (0.3b-1) unstable; urgency=low - - * New upstream version. - - * Shouldn't conflict with telnet anymore, as both use - update-alternatives (not tested yet). - - * Provides telnet-client instead of telnet, as telnet-client is now - the accepted virtual package (see closed bug #58759). - - -- Brian May Wed, 30 Aug 2000 10:58:07 +1100 - -heimdal (0.3a-2) unstable; urgency=low - - * Remove /usr/include/glob.h from heimdal-dev (closes: #68649). This - file conflicts with libc6-dev. - - * For some reason heimdal doesn't detect /usr/include/glob.h, why? - - -- Brian May Sun, 6 Aug 2000 18:07:52 +1000 - -heimdal (0.3a-1) unstable; urgency=low - - * New upstream version. - - * -rpath hack no longer required. - - * fix bug in postinst script (closes: #67509). - - * No longer conflicts with rsh-client (<< 0.16.1-1), as rsh-client - now uses update-alternatives (closes: #58102). - - * Uses new libtool version 1.3c (closes: 59037). - - -- Brian May Mon, 31 Jul 2000 13:21:21 +1000 - -heimdal (0.2t-1) unstable; urgency=low - - * New upstream version. - - -- Brian May Fri, 19 May 2000 15:24:31 +1000 - -heimdal (0.2r-2) unstable; urgency=low - - * Add Build-Depends and Build-Conflicts line. It is possible - that the Build-Conflicts might be excessive (some libraries - can be turned of with command line options to Configure), - however, I think this is safest for now. - - -- Brian May Sun, 16 Apr 2000 10:29:33 +1000 - -heimdal (0.2r-1) unstable; urgency=low - - * New upstream version. - * Fix yet another silly typo in postinst script. - * Added hack to use defaults inside kadmin init without crashing. - - -- Brian May Wed, 5 Apr 2000 14:36:55 +1000 - -heimdal (0.2q-3) unstable; urgency=low - - * fix silly typo in postinst script (closes: #61482). - - -- Brian May Sat, 1 Apr 2000 12:33:34 +1000 - -heimdal (0.2q-2) unstable; urgency=low - - * Password to kstash now handled by debconf. - - -- Brian May Sun, 12 Mar 2000 12:16:25 +1100 - -heimdal (0.2q-1) unstable; urgency=low - - * New upstream version. - * Looking through the upstream Changelog, I cannot see any changes - that might break functionality that wasn't already broken. - * Fix problem with debconf script (closes: #58011). - * Change ftp dependancy to ftp-server (closes: #58118). - * Replaced power-pc fix with patch from upstream. - * Fixed shlibs dependancy information - all executables will now - depend on *this* upstream version of heimdal-lib. This is currently - a hacked solution to allow clean (future) upgrades. - * Moved README.Debian to heimdal-docs. - * Include doc/standardisation in heimdal-docs, contains information - not found elsewhere. - * Use update-alternatives for rsh. - * Hack debian/rules not to run configure. - * ftp/ftpd no longer seems to work, fixes welcome. - * This should really go to frozen, but because of above problem - will go into unstable only. - - -- Brian May Fri, 25 Feb 2000 15:46:16 +1100 - -heimdal (0.2l-7) frozen unstable; urgency=low - - * Copied copyright file from doc/heimdal.texi - * heimdal-servers no longer conflicts with rsh-server (closes: #57545). - * heimdal-lib conflicts with kerberos4kth (closes: #57587, #57602, #57654). - * this conflicts business is never ending... - * fixed minor bugs in README.Debian, eg there is no need to - extract the kadmin/admin key to /etc/krb5.keytab. - * fixed compilation problem on power-pc (closes: #57919). - - -- Brian May Sun, 13 Feb 2000 19:46:37 +1100 - -heimdal (0.2l-6) frozen unstable; urgency=low - - * Move /usr/bin/compile_et into heimdal-dev. - * heimdal-clients conflicts with otp. - * heimdal-dev conflicts with ss-dev and comerr-dev (closes: #56281). - * minor changes to sample kdc.conf file. eg stash file created - by postinst script wasn't used by kdc... - - -- Brian May Sat, 29 Jan 2000 09:58:00 +1100 - -heimdal (0.2l-5) frozen unstable; urgency=low - - * Heimdal-servers: reenable telnet properly after upgrade - (closes: #55733). - * Change section to non-US/main (closes: #55546). - * These changes wont break anything that wasn't already broken ;-). - - -- Brian May Thu, 20 Jan 2000 16:13:21 +1100 - -heimdal (0.2l-4) frozen unstable; urgency=low - - * heimdal-kdc nows starts password server, so users can change - passwords. - * heimdal-kdc now inserts entry for kadmind into /etc/inetd.conf. - kadmind is essential for normal kerberos administration. - * Fix /etc/init.d/heimdal-kdc restart so it works. - * No code has been changed/added/removed apart from postinst, - prerm, postrm and init scripts for the above changes. - * Got rid of stupid looking syntax for log file in sample kdc.conf. - * Minor changes (including addition of examples) into README.Debian. - * Known problem: debconf doesn't replace default value for - some reason on initial installation. I can't see whats wrong... - This is annoying, but not a critical problem. - - -- Brian May Mon, 17 Jan 2000 19:07:06 +1100 - -heimdal (0.2l-3) unstable; urgency=low - - * Conflicts with kerberos4kth packages. closes: #54783. - * Move kstash and man page to heimdal-kdc. - * Move kxd man page to heimdal-servers-x. - * Move kadmind page to heimdal-kdc. - * Move kpasswdd and man page to heimdal-kdc. - * Fix permissions of /var/lib/heimdal-kdc. - - -- Brian May Fri, 14 Jan 2000 19:18:51 +1100 - -heimdal (0.2l-2) unstable; urgency=low - - * Move man pages into proper packages. - * heimdal-servers now conflicts and provides ftpd. - (closes: #54818). - * Problems believed to already be fixed. closes: #54792. - * heimdal-lib postrm: add -f parameter to rm so that it will not - fail if the file doesn't exist. closes: #54847. - * Rename telnet and ftp to ktelnet and kftp respectively. - * Use update-alternatives for ftp and telnet. - (note rxtelnet still uses telnet, not ktelnet). - - -- Brian May Thu, 13 Jan 2000 10:47:14 +1100 - -heimdal (0.2l-1) unstable; urgency=low - - * New upstream source. - * heimdal-clients now provides ftp, telnet, and rsh-client - (closes: #54497). - * heimdal-servers now provides telnetd and rsh-server. - - -- Brian May Sun, 9 Jan 2000 10:00:02 +1100 - -heimdal (0.2j-1) unstable; urgency=low - - * New upstream source. - * Improved debconf support, using setconfig helper program. - * setconfig may not parse all valid configuration files correctly. - Patches welcome! - * Moved /usr/bin/login to /usr/lib/heimdal-servers/login, as I - suspect this will help porting to the Hurd, if/when anyone tries. - * kdc now supports (and requires) logrotate. - * kdc tested and now works with minimal configuration. - * heimdal-kdc does not support dpkg-reconfigure (not sure how to - reconfigure without deleting existing setup first). - - -- Brian May Wed, 5 Jan 2000 02:31:00 +0000 - -heimdal (0.2i-1) unstable; urgency=low - - * Initial Release. - - -- Brian May Wed, 8 Dec 1999 11:54:13 +1100 - diff --git a/crypto/heimdal/packages/debian/compat b/crypto/heimdal/packages/debian/compat deleted file mode 100644 index b8626c4cff28..000000000000 --- a/crypto/heimdal/packages/debian/compat +++ /dev/null @@ -1 +0,0 @@ -4 diff --git a/crypto/heimdal/packages/debian/control b/crypto/heimdal/packages/debian/control deleted file mode 100644 index b276bd8959f5..000000000000 --- a/crypto/heimdal/packages/debian/control +++ /dev/null @@ -1,276 +0,0 @@ -Source: heimdal -Section: net -Priority: optional -Maintainer: Love Hornquist Astrand -Standards-Version: 3.7.2 -Build-Depends: libncurses5-dev, bison, flex, debhelper (>= 4.1.16), libx11-dev, libxau-dev, libxt-dev, libedit-dev, libdb4.4-dev, libssl-dev (>= 0.9.8), cdbs, quilt, comerr-dev (>= 1.35-1), libldap2-dev, texinfo -Build-Conflicts: heimdal-dev - -Package: heimdal-docs -Section: doc -Priority: extra -Architecture: all -Depends: -Replaces: heimdal-lib (<< 0.3c-5), libkrb5-15-heimdal, heimdal-servers (<< 0.6.3-3) -Conflicts: heimdal-lib (<< 0.3c-5) -Suggests: heimdal-clients, heimdal-clients-x, heimdal-servers, heimdal-servers-x -Description: Documentation for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This package includes documentation (in info format) on how to - use Heimdal, and relevant standards for Kerberos. - -Package: heimdal-kdc -Priority: extra -Architecture: any -Conflicts: kerberos4kth-kdc, heimdal-clients (<< 0.4e-3), heimdal-servers (<< 0.6.3-3), krb5-kdc, krb5-admin-server -Depends: ${shlibs:Depends}, heimdal-clients, logrotate, debconf (>= 0.5.00) | debconf-2.0, krb5-config, netbase, openbsd-inetd | inet-superserver, update-inetd -Replaces: heimdal-clients (<< 0.7.2-1), heimdal-servers (<< 0.4e-3) -Suggests: heimdal-docs -Description: KDC for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This package includes the KDC (key distribution centre) server, - which is designed to run on a secure computer and keeps track - of users passwords. This is done using the Kerberos protocol in - such a way that the server computers do not need to know user's - passwords. - -Package: heimdal-dev -Section: devel -Priority: extra -Architecture: any -Conflicts: heimdal-clients (<< 0.4e-7), kerberos4kth-dev -Depends: libasn1-8-heimdal (= ${Source-Version}), libkrb5-22-heimdal (= ${Source-Version}), libhdb9-heimdal (= ${Source-Version}), libkadm5srv8-heimdal (= ${Source-Version}), libkadm5clnt7-heimdal (= ${Source-Version}), libgssapi2-heimdal (= ${Source-Version}), libkafs0-heimdal (= ${Source-Version}), libheimntlm-0-heimdal (= ${Source-Version}), libhx509-1-heimdal (= ${Source-Version}), comerr-dev -Replaces: heimdal-clients (<< 0.4e-7) -Suggests: heimdal-docs -Description: Development files for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This is the development package, required for developing - programs for Heimdal. - -Package: heimdal-clients-x -Priority: extra -Architecture: any -Depends: ${shlibs:Depends}, netbase, heimdal-clients -Replaces: heimdal-clients (<< 0.2l-2) -Conflicts: heimdal-clients (<< 0.2l-2), kerberos4kth-x11 -Suggests: heimdal-docs -Description: X11 files for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This package includes kerberos client programs for forwarding the X - connection securely to a remote computer. - -Package: heimdal-clients -Priority: extra -Architecture: any -Depends: ${shlibs:Depends}, krb5-config -Conflicts: telnet (<< 0.17-1), ftp (<< 0.16-1), rsh-client (<< 0.16.1-1), netstd, telnet-ssl (<< 0.14.9-2), ssltelnet, kerberos4kth-user, kerberos4kth-clients, otp, heimdal-servers (<< 0.4e-7), openafs-client (<< 1.2.2-3) -Provides: telnet-client, ftp, rsh-client -Suggests: heimdal-docs, heimdal-kcm -Replaces: heimdal-servers (<< 0.6.3-12) -Description: Clients for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This package includes client programs like telnet and ftp that have been - compiled with Kerberos support. - -Package: heimdal-kcm -Priority: extra -Architecture: any -Depends: ${shlibs:Depends} -Description: KCM for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This package includes the KCM daemon. - The kcm daemon can hold the credentials for all users in the system. - Access control is done with Unix-like permissions. The daemon checks the - access on all operations based on the uid and gid of the user. The - tickets are renewed as long as is permitted by the KDC's policy. - -Package: heimdal-servers-x -Priority: extra -Architecture: any -Conflicts: kerberos4kth-x11, heimdal-servers (<< 0.2l-3) -Depends: ${shlibs:Depends}, netbase, heimdal-servers -Suggests: heimdal-docs -Replaces: heimdal-servers (<< 0.2l-3) -Description: X11 files for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This package includes kerberos server programs for forwarding the X - connection securely from a remote computer. - -Package: heimdal-servers -Priority: extra -Architecture: any -Depends: ${shlibs:Depends}, netbase, krb5-config, update-inetd, openbsd-inetd | inet-superserver -Conflicts: telnetd, wu-ftpd-academ (<< 2.5.0), netstd, heimdal-clients (<< 0.2l-2), telnetd-ssl, kerberos4kth-services, ftp-server, rsh-server, telnet-server, pop3-server -Provides: ftp-server, rsh-server, telnet-server -Suggests: heimdal-docs -Replaces: heimdal-clients (<< 0.2l-2) -Description: Servers for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This package includes servers like telnetd and ftpd that have been - compiled with Heimdal support. - -Package: libasn1-8-heimdal -Section: libs -Architecture: any -Depends: ${shlibs:Depends} -Replaces: heimdal-lib (<< 0.3e-5) -Conflicts: heimdal-libs (<< 0.3e-5) -Description: Libraries for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This package contains the asn1 parser required for Heimdal. - -Package: libkrb5-22-heimdal -Section: libs -Architecture: any -Depends: ${shlibs:Depends} -Replaces: heimdal-lib (<< 0.3e-5) -Conflicts: heimdal-libs (<< 0.3e-5) -Description: Libraries for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This package contains the kerberos 5 library. - -Package: libheimntlm-0-heimdal -Section: libs -Architecture: any -Depends: ${shlibs:Depends} -Description: Libraries for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This package contains the NTLM library. - -Package: libhx509-1-heimdal -Section: libs -Architecture: any -Depends: ${shlibs:Depends} -Description: Libraries for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This package contains the hx509 library, and X.509 library. - -Package: libhcrypto-4-heimdal -Section: libs -Architecture: any -Depends: ${shlibs:Depends} -Description: Libraries for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This package contains the hcrypto library. - -Package: libhdb9-heimdal -Section: libs -Architecture: any -Depends: ${shlibs:Depends} -Replaces: heimdal-lib (<< 0.3e-5) -Conflicts: heimdal-libs (<< 0.3e-5) -Description: Libraries for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This package contains the library for storing the KDC database. - -Package: libkadm5srv8-heimdal -Section: libs -Architecture: any -Depends: ${shlibs:Depends} -Replaces: heimdal-lib (<< 0.3e-5) -Conflicts: heimdal-libs (<< 0.3e-5) -Description: Libraries for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This package contains the server library for kadmin. - -Package: libkadm5clnt7-heimdal -Section: libs -Architecture: any -Depends: ${shlibs:Depends} -Replaces: heimdal-lib (<< 0.3e-5) -Conflicts: heimdal-libs (<< 0.3e-5) -Description: Libraries for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This package contains the client library for kadmin. - -Package: libgssapi2-heimdal -Section: libs -Architecture: any -Depends: ${shlibs:Depends} -Replaces: heimdal-lib (<< 0.3e-5) -Conflicts: heimdal-libs (<< 0.3e-5) -Description: Libraries for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This package contains the library for GSSAPI support. - -Package: libkafs0-heimdal -Section: libs -Priority: extra -Architecture: any -Depends: ${shlibs:Depends} -Description: Libraries for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This package contains the library for KAFS support. - -Package: libroken18-heimdal -Section: libs -Priority: extra -Architecture: any -Conflicts: libroken16-kerberos4kth -Depends: ${shlibs:Depends} -Description: Libraries for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This package contains the library for roken support. - -Package: libotp0-heimdal -Section: libs -Priority: extra -Architecture: any -Conflicts: libotp0-kerberos4kth -Depends: ${shlibs:Depends} -Description: Libraries for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This package contains the library for OTP support. - -Package: libsl0-heimdal -Section: libs -Priority: extra -Architecture: any -Conflicts: libsl0-kerberos4kth -Depends: ${shlibs:Depends} -Description: Libraries for Heimdal Kerberos - Heimdal is a free implementation of Kerberos 5, that aims to be - compatible with MIT Kerberos. - . - This package contains the library for SL support. - diff --git a/crypto/heimdal/packages/debian/copyright b/crypto/heimdal/packages/debian/copyright deleted file mode 100644 index b6b297dea6c6..000000000000 --- a/crypto/heimdal/packages/debian/copyright +++ /dev/null @@ -1,195 +0,0 @@ -This package was debianized by Brian May on -Wed, 8 Dec 1999 11:54:13 +1100. - -It was downloaded from http://www.pdc.kth.se/heimdal/ - -Upstream Authors: heimdal-bugs@h5l.se -(see above URL for mailing list info). - -Copyrights: - -As found in doc/heimdal.texi. - - -Copyright (c) 1997-2007 Kungliga Tekniska Högskolan -(Royal Institute of Technology, Stockholm, Sweden). -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -3. Neither the name of the Institute nor the names of its contributors - may be used to endorse or promote products derived from this software - without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - - - -Copyright (C) 1990 by the Massachusetts Institute of Technology - -Export of this software from the United States of America may -require a specific license from the United States Government. -It is the responsibility of any person or organization contemplating -export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - - -Copyright (c) 1988, 1990, 1993 - The Regents of the University of California. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -3. Neither the name of the University nor the names of its contributors - may be used to endorse or promote products derived from this software - without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - - - -Copyright 1992 Simmule Turner and Rich Salz. All rights reserved. - -This software is not subject to any license of the American Telephone -and Telegraph Company or of the Regents of the University of California. - -Permission is granted to anyone to use this software for any purpose on -any computer system, and to alter it and redistribute it freely, subject -to the following restrictions: - -1. The authors are not responsible for the consequences of use of this - software, no matter how awful, even if they arise from flaws in it. - -2. The origin of this software must not be misrepresented, either by - explicit claim or by omission. Since few users ever read sources, - credits must appear in the documentation. - -3. Altered versions must be plainly marked as such, and must not be - misrepresented as being the original software. Since few users - ever read sources, credits must appear in the documentation. - -4. This notice may not be removed or altered. - - - -IMath is Copyright 2002-2005 Michael J. Fromberger -You may use it subject to the following Licensing Terms: - -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - - - -Copyright (c) 2005 Doug Rabson -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - - - -Copyright (c) 2005 Marko Kreen -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. diff --git a/crypto/heimdal/packages/debian/extras/default b/crypto/heimdal/packages/debian/extras/default deleted file mode 100644 index d2d6b1e7370f..000000000000 --- a/crypto/heimdal/packages/debian/extras/default +++ /dev/null @@ -1,17 +0,0 @@ -# Do we start the KDC? -KDC_ENABLED=yes -KDC_PARAMS="" - -# the kpasswdd? -KPASSWDD_ENABLED=yes -KPASSWDD_PARAMS="" - -# kprop master? -MASTER_ENABLED=no - -# How about the kprop slave? -SLAVE_ENABLED=no - -# Add at least your master server name here when using iprop-replication -# otherwise it would fail silently. -SLAVE_PARAMS="" diff --git a/crypto/heimdal/packages/debian/extras/kadmind.acl b/crypto/heimdal/packages/debian/extras/kadmind.acl deleted file mode 100644 index e5da87fb59d7..000000000000 --- a/crypto/heimdal/packages/debian/extras/kadmind.acl +++ /dev/null @@ -1 +0,0 @@ -#principal [priv1,priv2,...] [glob-pattern] diff --git a/crypto/heimdal/packages/debian/extras/kdc.conf b/crypto/heimdal/packages/debian/extras/kdc.conf deleted file mode 100644 index 859133f2cb39..000000000000 --- a/crypto/heimdal/packages/debian/extras/kdc.conf +++ /dev/null @@ -1,91 +0,0 @@ -[kdc] -# See allowed values in krb5_openlog(3) man page. -logging = FILE:/var/log/heimdal-kdc.log - -# detach = boolean - -# Gives an upper limit on the size of the requests that the kdc is -# willing to handle. -# max-request = integer - -# Turn off the requirement for pre-autentication in the initial AS- -# REQ for all principals. The use of pre-authentication makes it -# more difficult to do offline password attacks. You might want to -# turn it off if you have clients that don't support pre-authenti- -# cation. Since the version 4 protocol doesn't support any pre- -# authentication, serving version 4 clients is just about the same -# as not requiring pre-athentication. The default is to require -# pre-authentication. Adding the require-preauth per principal is -# a more flexible way of handling this. -# require-preauth = boolean - -# Specifies the set of ports the KDC should listen on. It is given -# as a white-space separated list of services or port numbers. -# ports = 88,750 - -# The list of addresses to listen for requests on. By default, the -# kdc will listen on all the locally configured addresses. If only -# a subset is desired, or the automatic detection fails, this -# option might be used. -# addresses = list of ip addresses - -# respond to Kerberos 4 requests -# enable-kerberos4 = false - -# respond to Kerberos 4 requests from foreign realms. This is a -# known security hole and should not be enabled unless you under- -# stand the consequences and are willing to live with them. -# enable-kerberos4-cross-realm = false - -# respond to 524 requests -# enable-524 = value of enable-kerberos4 - -# Makes the kdc listen on port 80 and handle requests encapsulated -# in HTTP. -# enable-http = boolean - -# What realm this server should act as when dealing with version 4 -# requests. The database can contain any number of realms, but -# since the version 4 protocol doesn't contain a realm for the -# server, it must be explicitly specified. The default is whatever -# is returned by krb_get_lrealm(). This option is only availabe if -# the KDC has been compiled with version 4 support. -# v4-realm = string - -# Enable kaserver emulation (in case it's compiled in). -# enable-kaserver = false - -# Check the addresses in the ticket when processing TGS requests. -# check-ticket-addresses = true - -# Permit tickets with no addresses. This option is only -# relevent when check-ticket-addresses is TRUE. -# allow-null-ticket-addresses = true - -# Permit anonymous tickets with no addresses. -# allow-anonymous = boolean - -# Always verify the transited policy, ignoring the -# disable-transited-check flag if set in the KDC client request. -# transited-policy = {always-check,allow-per-principal,always-honour-request} - -# Encode AS-Rep as TGS-Rep to be bug-compatible with old DCE -# code. The Heimdal clients allow both. -# encode_as_rep_as_tgs_rep = boolean - -# How long before password/principal expiration the KDC should -# start sending out warning messages. -# kdc_warn_pwexpire = time - -# Specifies the set of ports the KDC should listen on. It is given -# as a white-space separated list of services or port numbers. -# kdc_ports = 88,750 - -# [password_quality] -# check_library = LIBRARY -# check_function = FUNCTION -# min_length = value - -# [kadmin] -# default_keys = list of strings -# use_v4_salt = boolean diff --git a/crypto/heimdal/packages/debian/heimdal-clients-x.install b/crypto/heimdal/packages/debian/heimdal-clients-x.install deleted file mode 100644 index 4a441281d950..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-clients-x.install +++ /dev/null @@ -1,10 +0,0 @@ -usr/bin/kx -usr/bin/rxterm -usr/bin/rxtelnet -usr/bin/tenletxr -usr/bin/xnlock -usr/share/man/man1/kx.1 -usr/share/man/man1/rxterm.1 -usr/share/man/man1/rxtelnet.1 -usr/share/man/man1/tenletxr.1 -usr/share/man/man1/xnlock.1 diff --git a/crypto/heimdal/packages/debian/heimdal-clients.install b/crypto/heimdal/packages/debian/heimdal-clients.install deleted file mode 100644 index 391197ca0296..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-clients.install +++ /dev/null @@ -1,43 +0,0 @@ -usr/bin/afslog -usr/bin/rsh -usr/bin/kauth -usr/bin/kdestroy -usr/bin/kf -usr/bin/kgetcred -usr/bin/kinit -usr/bin/klist -usr/bin/kpasswd -usr/bin/otp -usr/bin/otpprint -usr/bin/su -usr/bin/pfrom -usr/bin/rcp -usr/bin/string2key -usr/bin/ftp -usr/bin/verify_krb5_conf -usr/bin/telnet -usr/bin/pagsh -usr/sbin/kadmin -usr/sbin/ktutil -usr/sbin/push -usr/share/man/man1/kauth.1 -usr/share/man/man1/kdestroy.1 -usr/share/man/man1/kf.1 -usr/share/man/man1/kinit.1 -usr/share/man/man1/klist.1 -usr/share/man/man1/kpasswd.1 -usr/share/man/man1/otp.1 -usr/share/man/man1/otpprint.1 -usr/share/man/man1/su.1 -usr/share/man/man1/pfrom.1 -usr/share/man/man1/ftp.1 -usr/share/man/man1/telnet.1 -usr/share/man/man1/afslog.1 -usr/share/man/man1/rsh.1 -usr/share/man/man1/kgetcred.1 -usr/share/man/man1/pagsh.1 -usr/share/man/man8/kadmin.8 -usr/share/man/man8/ktutil.8 -usr/share/man/man8/push.8 -usr/share/man/man8/verify_krb5_conf.8 -usr/share/man/man8/string2key.8 diff --git a/crypto/heimdal/packages/debian/heimdal-clients.postinst b/crypto/heimdal/packages/debian/heimdal-clients.postinst deleted file mode 100644 index db283d7f48fd..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-clients.postinst +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/sh -e - -for i in ftp telnet rsh rcp pagsh -do - update-alternatives --install /usr/bin/$i $i /usr/bin/k$i 23 \ - --slave /usr/share/man/man1/$i.1.gz $i.1.gz /usr/share/man/man1/k$i.1.gz -done - -#DEBHELPER# - diff --git a/crypto/heimdal/packages/debian/heimdal-clients.prerm b/crypto/heimdal/packages/debian/heimdal-clients.prerm deleted file mode 100644 index 46957302a3ab..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-clients.prerm +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/sh -e - -if [ "$1" != "upgrade" ] -then - for i in ftp telnet rsh rcp pagsh - do - update-alternatives --remove $i /usr/bin/k$i - done -fi - -#DEBHELPER# - - diff --git a/crypto/heimdal/packages/debian/heimdal-dev.install b/crypto/heimdal/packages/debian/heimdal-dev.install deleted file mode 100644 index 816fb9fac03b..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-dev.install +++ /dev/null @@ -1,8 +0,0 @@ -usr/bin/krb5-config -usr/bin/mk_cmds -usr/lib/*.a -usr/lib/*.la -usr/lib/*.so -usr/include -usr/share/man/man1/krb5-config.1 -usr/share/man/man3 diff --git a/crypto/heimdal/packages/debian/heimdal-docs.install b/crypto/heimdal/packages/debian/heimdal-docs.install deleted file mode 100644 index 3a18bf34f6aa..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-docs.install +++ /dev/null @@ -1,2 +0,0 @@ -usr/share/man/man5/krb5.conf.5 -usr/share/info diff --git a/crypto/heimdal/packages/debian/heimdal-kcm.init b/crypto/heimdal/packages/debian/heimdal-kcm.init deleted file mode 100644 index b0b7baf0bf4c..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-kcm.init +++ /dev/null @@ -1,69 +0,0 @@ -#! /bin/sh -# -# skeleton example file to build /etc/init.d/ scripts. -# This file should be used to construct scripts for /etc/init.d. -# -# Written by Miquel van Smoorenburg . -# Modified for Debian GNU/Linux -# by Ian Murdock . -# -# Version: @(#)skeleton 1.8 03-Mar-1998 miquels@cistron.nl -# -# This file was automatically customized by dh-make on Wed, 8 Dec 1999 11:54:13 +1100 - -PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin -KCM_DAEMON="/usr/sbin/kcm" -KCM_NAME="kcm" -KCM_DESC="Heimdal KCM" -KCM_PARAMS="--detach" - -test -f $KCM_DAEMON || exit 0 - -set -e - -case "$1" in - start) - echo -n "Starting $KCM_DESC: " - start-stop-daemon --start --quiet \ - --pidfile /var/run/$KCM_NAME.pid \ - --exec $KCM_DAEMON -- $KCM_PARAMS - echo "$KCM_NAME." - ;; - stop) - echo -n "Stopping $KCM_DESC: " - start-stop-daemon --stop --oknodo --quiet \ - --pidfile /var/run/$KCM_NAME.pid \ - --exec $KCM_DAEMON -- $KCM_PARAMS - echo "$KCM_NAME." - ;; - #reload) - # - # If the daemon can reload its config files on the fly - # for example by sending it SIGHUP, do it here. - # - # If the daemon responds to changes in its config file - # directly anyway, make this a do-nothing entry. - # - # echo "Reloading $DESC configuration files." - # start-stop-daemon --stop --signal 1 --quiet --pidfile \ - # /var/run/$NAME.pid --exec $DAEMON - #;; - restart|force-reload) - # - # If the "reload" option is implemented, move the "force-reload" - # option to the "reload" entry above. If not, "force-reload" is - # just the same as "restart". - # - /etc/init.d/heimdal-kcm stop - sleep 1 - /etc/init.d/heimdal-kcm start - ;; - *) - N=/etc/init.d/$NAME - # echo "Usage: $N {start|stop|restart|reload|force-reload}" >&2 - echo "Usage: $N {start|stop|restart|force-reload}" >&2 - exit 1 - ;; -esac - -exit 0 diff --git a/crypto/heimdal/packages/debian/heimdal-kcm.install b/crypto/heimdal/packages/debian/heimdal-kcm.install deleted file mode 100644 index 5a04cc258605..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-kcm.install +++ /dev/null @@ -1,2 +0,0 @@ -usr/sbin/kcm -usr/share/man/man8/kcm.8 diff --git a/crypto/heimdal/packages/debian/heimdal-kdc.dirs b/crypto/heimdal/packages/debian/heimdal-kdc.dirs deleted file mode 100644 index 7646c4242d38..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-kdc.dirs +++ /dev/null @@ -1,5 +0,0 @@ -etc/default -etc/heimdal-kdc -etc/ldap/schema -usr/lib/heimdal-servers -var/lib/heimdal-kdc diff --git a/crypto/heimdal/packages/debian/heimdal-kdc.examples b/crypto/heimdal/packages/debian/heimdal-kdc.examples deleted file mode 100644 index 2e6a436d5501..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-kdc.examples +++ /dev/null @@ -1,2 +0,0 @@ -debian/extras/kdc.conf -debian/extras/kadmind.acl diff --git a/crypto/heimdal/packages/debian/heimdal-kdc.init b/crypto/heimdal/packages/debian/heimdal-kdc.init deleted file mode 100644 index 68be9de488c4..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-kdc.init +++ /dev/null @@ -1,124 +0,0 @@ -#! /bin/sh -# -# skeleton example file to build /etc/init.d/ scripts. -# This file should be used to construct scripts for /etc/init.d. -# -# Written by Miquel van Smoorenburg . -# Modified for Debian GNU/Linux -# by Ian Murdock . -# -# Version: @(#)skeleton 1.8 03-Mar-1998 miquels@cistron.nl -# -# This file was automatically customized by dh-make on Wed, 8 Dec 1999 11:54:13 +1100 - -PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin -KDC_DAEMON=/usr/lib/heimdal-servers/kdc -KDC_NAME=heimdal-kdc -KDC_DESC="Heimdal KDC" -KPASSWDD_DAEMON=/usr/lib/heimdal-servers/kpasswdd -KPASSWDD_NAME=kpasswdd -KPASSWDD_DESC="Heimdal password server" - -. /etc/default/heimdal-kdc - -test -f $KDC_DAEMON || exit 0 -test -f $KPASSWDD_DAEMON || exit 0 - -set -e - -case "$1" in - start) - if [ "$KDC_ENABLED" = "yes" ]; - then - echo -n "Starting $KDC_DESC: " - start-stop-daemon --start --quiet --background \ - --make-pidfile --pidfile /var/run/$KDC_NAME.pid \ - --exec $KDC_DAEMON -- $KDC_PARAMS - echo "$KDC_NAME." - fi - if [ "$KPASSWDD_ENABLED" = "yes" ]; - then - echo -n "Starting $KPASSWDD_DESC: " - start-stop-daemon --start --quiet --background \ - --make-pidfile --pidfile /var/run/$KPASSWDD_NAME.pid \ - --exec $KPASSWDD_DAEMON -- $KPASSWDD_PARAMS - echo "$KPASSWDD_NAME." - fi - if [ "$MASTER_ENABLED" = "yes" ]; - then - echo -n "Starting incremental propagation master: " - start-stop-daemon --start --quiet --background \ - --make-pidfile --pidfile /var/run/ipropd-master.pid \ - --exec /usr/sbin/ipropd-master -- $MASTER_PARAMS - echo "ipropd-master." - fi - if [ "$SLAVE_ENABLED" = "yes" ]; - then - echo -n "Starting incremental propagation slave: " - start-stop-daemon --start --quiet --background \ - --make-pidfile --pidfile /var/run/ipropd-slave.pid \ - --exec /usr/sbin/ipropd-slave -- $SLAVE_PARAMS - echo "ipropd-slave." - fi - ;; - stop) - if [ -f /var/run/$KPASSWDD_NAME.pid ] - then - echo -n "Stopping $KPASSWDD_DESC: " - start-stop-daemon --stop --oknodo --quiet --pidfile /var/run/$KPASSWDD_NAME.pid \ - --exec $KPASSWDD_DAEMON -- $KPASSWDD_PARAMS - echo "$KPASSWDD_NAME." - fi - if [ -f /var/run/$KDC_NAME.pid ] - then - echo -n "Stopping $KDC_DESC: " - start-stop-daemon --stop --oknodo --quiet --pidfile /var/run/$KDC_NAME.pid \ - --exec $KDC_DAEMON -- $KDC_PARAMS - echo "$KDC_NAME." - fi - if [ -f /var/run/ipropd-master.pid ] - then - echo -n "Stopping incremental propagation master: " - start-stop-daemon --stop --oknodo --quiet --pidfile /var/run/ipropd-master.pid \ - --exec /usr/sbin/ipropd-master -- $MASTER_PARAMS - echo "ipropd-master." - fi - if [ -f /var/run/ipropd-slave.pid ] - then - echo -n "Stopping incremental propagation slave: " - start-stop-daemon --stop --oknodo --quiet --pidfile /var/run/ipropd-slave.pid \ - --exec /usr/sbin/ipropd-slave -- $SLAVE_PARAMS - echo "/usr/sbin/ipropd-slave." - fi - ;; - #reload) - # - # If the daemon can reload its config files on the fly - # for example by sending it SIGHUP, do it here. - # - # If the daemon responds to changes in its config file - # directly anyway, make this a do-nothing entry. - # - # echo "Reloading $DESC configuration files." - # start-stop-daemon --stop --signal 1 --quiet --pidfile \ - # /var/run/$NAME.pid --exec $DAEMON - #;; - restart|force-reload) - # - # If the "reload" option is implemented, move the "force-reload" - # option to the "reload" entry above. If not, "force-reload" is - # just the same as "restart". - # - /etc/init.d/heimdal-kdc stop - sleep 1 - /etc/init.d/heimdal-kdc start - ;; - *) - N=/etc/init.d/$NAME - # echo "Usage: $N {start|stop|restart|reload|force-reload}" >&2 - echo "Usage: $N {start|stop|restart|force-reload}" >&2 - exit 1 - ;; -esac - -exit 0 diff --git a/crypto/heimdal/packages/debian/heimdal-kdc.install b/crypto/heimdal/packages/debian/heimdal-kdc.install deleted file mode 100644 index 2731b51f53c5..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-kdc.install +++ /dev/null @@ -1,20 +0,0 @@ -usr/sbin/iprop-log -usr/sbin/hprop -usr/sbin/hpropd -usr/sbin/ipropd-master -usr/sbin/ipropd-slave -usr/sbin/kdc -usr/sbin/kadmind -usr/sbin/kpasswdd -usr/share/man/man8/iprop.8 -usr/share/man/man8/iprop-log.8 -usr/share/man/man8/ipropd-master.8 -usr/share/man/man8/ipropd-slave.8 -usr/share/man/man8/kdc.8 -usr/share/man/man8/kadmind.8 -usr/share/man/man8/kstash.8 -usr/share/man/man8/kpasswdd.8 -usr/share/man/man8/hprop.8 -usr/share/man/man8/hpropd.8 -usr/lib/libkdc.so.2.* -usr/lib/libkdc.so.2 diff --git a/crypto/heimdal/packages/debian/heimdal-kdc.logrotate b/crypto/heimdal/packages/debian/heimdal-kdc.logrotate deleted file mode 100644 index c5fad41b9b0b..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-kdc.logrotate +++ /dev/null @@ -1,5 +0,0 @@ -/var/log/heimdal-kdc.log { - rotate 5 - weekly - compress -} diff --git a/crypto/heimdal/packages/debian/heimdal-kdc.postinst b/crypto/heimdal/packages/debian/heimdal-kdc.postinst deleted file mode 100644 index 72e7af5b6fb9..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-kdc.postinst +++ /dev/null @@ -1,98 +0,0 @@ -#!/bin/sh -e - -. /usr/share/debconf/confmodule - -if [ ! -f /var/log/heimdal-kdc.log ] -then - touch /var/log/heimdal-kdc.log - chmod 600 /var/log/heimdal-kdc.log -fi - -add_servers() { -kadmin_entry="kerberos-adm stream tcp nowait root /usr/sbin/tcpd /usr/lib/heimdal-servers/kadmind" -hprop_entry="#krb_prop stream tcp nowait root /usr/sbin/tcpd /usr/sbin/hpropd" - - update-inetd --group KRB5 --add "$kadmin_entry" - update-inetd --group KRB5 --add "$hprop_entry" -} - -enable_servers() { - update-inetd --pattern '[ \t]/usr/lib/heimdal-servers/kadmind' --enable kerberos-adm -} - -# if not configured, try moving existing configuration -if [ ! -f /etc/heimdal-kdc/.configured ] && - [ -f /var/lib/heimdal-kdc/.configured ] -then - for i in kdc.conf kadmind.acl - do - if [ -f /var/lib/heimdal-kdc/$i ] - then - mv /var/lib/heimdal-kdc/$i /etc/heimdal-kdc/$i - fi - done - mv /var/lib/heimdal-kdc/.configured /etc/heimdal-kdc/.configured -fi - -# if already configured - dont reconfigure -if [ ! -f /etc/heimdal-kdc/.configured ] -then - # get default realm - # should use krb5-config setting??? - if db_get krb5-config/default_realm && [ "x$RET" != "x" ] - then - default_realm="$RET" - else - default_realm="`hostname -d | tr a-z A-Z`" - fi - db_fget heimdal/realm seen - if [ "$RET" != "true" ]; then - db_set heimdal/realm "$default_realm" - fi - db_subst heimdal/realm default_realm "$default_realm" - db_input medium heimdal/realm || true - db_go - db_get heimdal/realm; REALM="$RET" - - # get password - db_input medium heimdal-kdc/password || true - db_go - db_get heimdal-kdc/password; PASSWORD="$RET" - db_set heimdal-kdc/password "" - - DST=/etc/heimdal-kdc/kdc.conf - cp -a /usr/share/doc/heimdal-kdc/examples/kdc.conf "$DST" -# /usr/lib/heimdal-kdc/setconfig --file "$DST" --section realms::REALM.ORG "=$REALM" - - DST=/etc/heimdal-kdc/kadmind.acl - cp -a /usr/share/doc/heimdal-kdc/examples/kadmind.acl "$DST" - - kstash --master-key-fd=0 < /dev/null - - touch /etc/heimdal-kdc/.configured -fi - -case "$1" in -abort-upgrade | abort-deconfigure | abort-remove) - ;; -configure) - if [ -z "$2" ] - then - add_servers - elif dpkg --compare-versions "$2" le "0.7.2.dfsg.1-6" - then - enable_servers - fi - ;; -*) - printf "$0: incorrect arguments: $*\n" >&2 - exit 1 - ;; -esac - - -#DEBHELPER# diff --git a/crypto/heimdal/packages/debian/heimdal-kdc.postrm b/crypto/heimdal/packages/debian/heimdal-kdc.postrm deleted file mode 100644 index 640fde5f219e..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-kdc.postrm +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/sh -e - -remove_servers() { - update-inetd --remove 'kerberos-adm[ \t].*[ \t]/usr/lib/heimdal-servers/kadmind' - update-inetd --remove 'krb_prop[ \t].*[ \t]/usr/sbin/hpropd' -} - -case "$1" in -abort-install | remove | abort-upgrade | upgrade | failed-upgrade | disappear) - ;; -purge) - # If netbase is not installed, then we don't need to do the remove. - if command -v update-inetd >/dev/null 2>&1; then - remove_servers - fi - ;; -*) - echo "$0: incorrect arguments: $*" >&2 - exit 1 - ;; -esac - -if [ "$1" = "purge" ] -then - rm -f /var/log/heimdal-kdc.log* - rm -rf /var/lib/heimdal-kdc - rm -f /etc/heimdal-kdc/.configured - rm -f /etc/heimdal-kdc/kdc.conf - rm -f /etc/heimdal-kdc/kadmind.acl -fi - -#DEBHELPER# diff --git a/crypto/heimdal/packages/debian/heimdal-kdc.templates b/crypto/heimdal/packages/debian/heimdal-kdc.templates deleted file mode 100644 index 5882f3c7d317..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-kdc.templates +++ /dev/null @@ -1,12 +0,0 @@ -Template: heimdal/realm -Type: string -_Description: Local realm name: - Heimdal requires the name of your local realm. This is typically your - domain name in uppercase. eg if your hostname is host.org.com, then your - realm will become ORG.COM. The default for your host is ${default_realm}. - -Template: heimdal-kdc/password -Type: password -_Description: Password for KDC: - Heimdal can encrypt the KDC data with a password. A hashed representation - will be stored in /var/lib/heimdal-kdc/m-key. diff --git a/crypto/heimdal/packages/debian/heimdal-servers-x.dirs b/crypto/heimdal/packages/debian/heimdal-servers-x.dirs deleted file mode 100644 index 6209a9dfea78..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-servers-x.dirs +++ /dev/null @@ -1 +0,0 @@ -usr/lib/heimdal-servers diff --git a/crypto/heimdal/packages/debian/heimdal-servers-x.install b/crypto/heimdal/packages/debian/heimdal-servers-x.install deleted file mode 100644 index 250b28b3c2af..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-servers-x.install +++ /dev/null @@ -1,2 +0,0 @@ -usr/sbin/kxd -usr/share/man/man8/kxd.8 diff --git a/crypto/heimdal/packages/debian/heimdal-servers-x.postinst b/crypto/heimdal/packages/debian/heimdal-servers-x.postinst deleted file mode 100644 index bb0ea22fd1a0..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-servers-x.postinst +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/sh -e - -add_servers() { - kx_entry="kx stream tcp nowait root /usr/sbin/tcpd /usr/lib/heimdal-servers/kxd" - update-inetd --group KRB5 --add "$kx_entry" -} - -enable_servers() { - update-inetd --pattern '[ \t]/usr/lib/heimdal-servers/kx' --enable kx -} - -remove_servers() { - update-inetd --remove 'kx[ \t].*[ \t]/usr/lib/heimdal-servers/kxd' -} - -case "$1" in -abort-upgrade | abort-deconfigure | abort-remove) - enable_servers - ;; -configure) - if [ -n "$2" ] && dpkg --compare-versions "$2" ge 0.2h-1; then - enable_servers - else - remove_servers - add_servers - fi - ;; -*) - printf "$0: incorrect arguments: $*\n" >&2 - exit 1 - ;; -esac - -#DEBHELPER# diff --git a/crypto/heimdal/packages/debian/heimdal-servers-x.postrm b/crypto/heimdal/packages/debian/heimdal-servers-x.postrm deleted file mode 100644 index 4bfc21456478..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-servers-x.postrm +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/sh -e -# $Id: heimdal-servers-x.postrm,v 1.2 1999/12/26 00:00:46 bam Exp $ - -remove_servers() { - update-inetd --remove 'kx[ \t].*[ \t]/usr/lib/heimdal-servers/kxd' -} - -case "$1" in -abort-install | remove | abort-upgrade | upgrade | failed-upgrade | disappear) - ;; -purge) - # If netbase is not installed, then we don't need to do the remove. - if command -v update-inetd >/dev/null 2>&1; then - remove_servers - fi - ;; -*) - echo "$0: incorrect arguments: $*" >&2 - exit 1 - ;; -esac - -#DEBHELPER# diff --git a/crypto/heimdal/packages/debian/heimdal-servers-x.prerm b/crypto/heimdal/packages/debian/heimdal-servers-x.prerm deleted file mode 100644 index 646eb898cc19..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-servers-x.prerm +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh -e - -disable_servers() { - update-inetd --pattern '[ \t]/usr/lib/heimdal-servers/kx' --disable kx -} - -if command -v update-inetd >/dev/null 2>&1; then - disable_servers -fi - -#DEBHELPER# diff --git a/crypto/heimdal/packages/debian/heimdal-servers.dirs b/crypto/heimdal/packages/debian/heimdal-servers.dirs deleted file mode 100644 index 6209a9dfea78..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-servers.dirs +++ /dev/null @@ -1 +0,0 @@ -usr/lib/heimdal-servers diff --git a/crypto/heimdal/packages/debian/heimdal-servers.install b/crypto/heimdal/packages/debian/heimdal-servers.install deleted file mode 100644 index f4c7b8e3ce9b..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-servers.install +++ /dev/null @@ -1,12 +0,0 @@ -usr/sbin/kfd -usr/sbin/ftpd -usr/sbin/rshd -usr/sbin/telnetd -usr/sbin/popper -usr/bin/login -usr/share/man/man5/ftpusers.5 -usr/share/man/man8/ftpd.8 -usr/share/man/man8/popper.8 -usr/share/man/man8/telnetd.8 -usr/share/man/man8/kfd.8 -usr/share/man/man8/rshd.8 diff --git a/crypto/heimdal/packages/debian/heimdal-servers.postinst b/crypto/heimdal/packages/debian/heimdal-servers.postinst deleted file mode 100644 index a1d936081ead..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-servers.postinst +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/sh -e - -add_servers() { -kshell_entry="kshell stream tcp nowait root /usr/sbin/tcpd /usr/lib/heimdal-servers/rshd -k" - ftp_entry="ftp stream tcp nowait root /usr/sbin/tcpd /usr/lib/heimdal-servers/ftpd -a plain" -telnet_entry="telnet stream tcp nowait root /usr/sbin/tcpd /usr/lib/heimdal-servers/telnetd -a none" - pop3_entry="pop-3 stream tcp nowait root /usr/sbin/tcpd /usr/lib/heimdal-servers/popper" - - update-inetd --group KRB5 --add "$kshell_entry" - update-inetd --group KRB5 --add "$ftp_entry" - update-inetd --group KRB5 --add "$telnet_entry" - update-inetd --group KRB5 --add "$pop3_entry" -} - -enable_servers() { - update-inetd --pattern '[ \t]/usr/lib/heimdal-servers/rshd' --enable kshell - update-inetd --pattern '[ \t]/usr/lib/heimdal-servers/ftpd' --enable ftp - update-inetd --pattern '[ \t]/usr/lib/heimdal-servers/telnetd' --enable telnet - update-inetd --pattern '[ \t]/usr/lib/heimdal-servers/popper' --enable pop-3 -} - -remove_servers() { - update-inetd --remove 'kshell[ \t].*[ \t]/usr/lib/heimdal-servers/rshd' - update-inetd --remove 'ftp[ \t].*[ \t]/usr/lib/heimdal-servers/ftpd' - update-inetd --remove 'telnet[ \t].*[ \t]/usr/lib/heimdal-servers/telnetd' - update-inetd --remove 'pop-3[ \t].*[ \t]/usr/lib/heimdal-servers/popper' -} - -case "$1" in -abort-upgrade | abort-deconfigure | abort-remove) - enable_servers - ;; -configure) - if [ -n "$2" ] && dpkg --compare-versions "$2" ge 0.3e-4; then - enable_servers - else - remove_servers - add_servers - fi - ;; -*) - printf "$0: incorrect arguments: $*\n" >&2 - exit 1 - ;; -esac - -#DEBHELPER# diff --git a/crypto/heimdal/packages/debian/heimdal-servers.postrm b/crypto/heimdal/packages/debian/heimdal-servers.postrm deleted file mode 100644 index c8aa0f428e0e..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-servers.postrm +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/sh -e -# $Id: heimdal-servers.postrm,v 1.4 1999/12/26 01:51:03 bam Exp $ - -remove_servers() { - update-inetd --remove 'kshell[ \t].*[ \t]/usr/lib/heimdal-servers/rshd' - update-inetd --remove 'ftp[ \t].*[ \t]/usr/lib/heimdal-servers/ftpd' - update-inetd --remove 'telnet[ \t].*[ \t]/usr/lib/heimdal-servers/telnetd' - update-inetd --remove 'pop-3[ \t].*[ \t]/usr/lib/heimdal-servers/popper' -} - -case "$1" in -abort-install | remove | abort-upgrade | upgrade | failed-upgrade | disappear) - ;; -purge) - # If netbase is not installed, then we don't need to do the remove. - if command -v update-inetd >/dev/null 2>&1; then - remove_servers - fi - ;; -*) - echo "$0: incorrect arguments: $*" >&2 - exit 1 - ;; -esac - -#DEBHELPER# diff --git a/crypto/heimdal/packages/debian/heimdal-servers.prerm b/crypto/heimdal/packages/debian/heimdal-servers.prerm deleted file mode 100644 index d9789942a9b8..000000000000 --- a/crypto/heimdal/packages/debian/heimdal-servers.prerm +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh -e - -disable_servers() { - update-inetd --pattern '[ \t]/usr/lib/heimdal-servers/rshd' --disable kshell - update-inetd --pattern '[ \t]/usr/lib/heimdal-servers/ftpd' --disable ftp - update-inetd --pattern '[ \t]/usr/lib/heimdal-servers/telnetd' --disable telnet - update-inetd --pattern '[ \t]/usr/lib/heimdal-servers/popper' --disable pop-3 -} - -if command -v update-inetd >/dev/null 2>&1; then - disable_servers -fi - -#DEBHELPER# diff --git a/crypto/heimdal/packages/debian/libasn1-8-heimdal.install b/crypto/heimdal/packages/debian/libasn1-8-heimdal.install deleted file mode 100644 index a4c26aa3474a..000000000000 --- a/crypto/heimdal/packages/debian/libasn1-8-heimdal.install +++ /dev/null @@ -1,2 +0,0 @@ -usr/lib/libasn1.so.8.* -usr/lib/libasn1.so.8 diff --git a/crypto/heimdal/packages/debian/libasn1-8-heimdal.postinst.debhelper b/crypto/heimdal/packages/debian/libasn1-8-heimdal.postinst.debhelper deleted file mode 100644 index 3d89d3ef6295..000000000000 --- a/crypto/heimdal/packages/debian/libasn1-8-heimdal.postinst.debhelper +++ /dev/null @@ -1,5 +0,0 @@ -# Automatically added by dh_makeshlibs -if [ "$1" = "configure" ]; then - ldconfig -fi -# End automatically added section diff --git a/crypto/heimdal/packages/debian/libasn1-8-heimdal.postrm.debhelper b/crypto/heimdal/packages/debian/libasn1-8-heimdal.postrm.debhelper deleted file mode 100644 index 7f44047270f1..000000000000 --- a/crypto/heimdal/packages/debian/libasn1-8-heimdal.postrm.debhelper +++ /dev/null @@ -1,5 +0,0 @@ -# Automatically added by dh_makeshlibs -if [ "$1" = "remove" ]; then - ldconfig -fi -# End automatically added section diff --git a/crypto/heimdal/packages/debian/libasn1-8-heimdal.substvars b/crypto/heimdal/packages/debian/libasn1-8-heimdal.substvars deleted file mode 100644 index 6ea524c8db9d..000000000000 --- a/crypto/heimdal/packages/debian/libasn1-8-heimdal.substvars +++ /dev/null @@ -1 +0,0 @@ -shlibs:Depends=libc6 (>= 2.6-1), libcomerr2 (>= 1.33-3), libroken16-heimdal diff --git a/crypto/heimdal/packages/debian/libgssapi2-heimdal.install b/crypto/heimdal/packages/debian/libgssapi2-heimdal.install deleted file mode 100644 index 07155297ab10..000000000000 --- a/crypto/heimdal/packages/debian/libgssapi2-heimdal.install +++ /dev/null @@ -1,2 +0,0 @@ -usr/lib/libgssapi.so.2.* -usr/lib/libgssapi.so.2 diff --git a/crypto/heimdal/packages/debian/libgssapi2-heimdal.postinst.debhelper b/crypto/heimdal/packages/debian/libgssapi2-heimdal.postinst.debhelper deleted file mode 100644 index 3d89d3ef6295..000000000000 --- a/crypto/heimdal/packages/debian/libgssapi2-heimdal.postinst.debhelper +++ /dev/null @@ -1,5 +0,0 @@ -# Automatically added by dh_makeshlibs -if [ "$1" = "configure" ]; then - ldconfig -fi -# End automatically added section diff --git a/crypto/heimdal/packages/debian/libgssapi2-heimdal.postrm.debhelper b/crypto/heimdal/packages/debian/libgssapi2-heimdal.postrm.debhelper deleted file mode 100644 index 7f44047270f1..000000000000 --- a/crypto/heimdal/packages/debian/libgssapi2-heimdal.postrm.debhelper +++ /dev/null @@ -1,5 +0,0 @@ -# Automatically added by dh_makeshlibs -if [ "$1" = "remove" ]; then - ldconfig -fi -# End automatically added section diff --git a/crypto/heimdal/packages/debian/libgssapi2-heimdal.substvars b/crypto/heimdal/packages/debian/libgssapi2-heimdal.substvars deleted file mode 100644 index 3b7204b27094..000000000000 --- a/crypto/heimdal/packages/debian/libgssapi2-heimdal.substvars +++ /dev/null @@ -1 +0,0 @@ -shlibs:Depends=libasn1-6-heimdal, libc6 (>= 2.6-1), libcomerr2 (>= 1.33-3), libkrb5-17-heimdal, libroken16-heimdal diff --git a/crypto/heimdal/packages/debian/libhdb9-heimdal.install b/crypto/heimdal/packages/debian/libhdb9-heimdal.install deleted file mode 100644 index ff251bd500c7..000000000000 --- a/crypto/heimdal/packages/debian/libhdb9-heimdal.install +++ /dev/null @@ -1,3 +0,0 @@ -usr/lib/libhdb.so.9.* -usr/lib/libhdb.so.9 - diff --git a/crypto/heimdal/packages/debian/libhdb9-heimdal.postinst.debhelper b/crypto/heimdal/packages/debian/libhdb9-heimdal.postinst.debhelper deleted file mode 100644 index 3d89d3ef6295..000000000000 --- a/crypto/heimdal/packages/debian/libhdb9-heimdal.postinst.debhelper +++ /dev/null @@ -1,5 +0,0 @@ -# Automatically added by dh_makeshlibs -if [ "$1" = "configure" ]; then - ldconfig -fi -# End automatically added section diff --git a/crypto/heimdal/packages/debian/libhdb9-heimdal.postrm.debhelper b/crypto/heimdal/packages/debian/libhdb9-heimdal.postrm.debhelper deleted file mode 100644 index 7f44047270f1..000000000000 --- a/crypto/heimdal/packages/debian/libhdb9-heimdal.postrm.debhelper +++ /dev/null @@ -1,5 +0,0 @@ -# Automatically added by dh_makeshlibs -if [ "$1" = "remove" ]; then - ldconfig -fi -# End automatically added section diff --git a/crypto/heimdal/packages/debian/libhdb9-heimdal.substvars b/crypto/heimdal/packages/debian/libhdb9-heimdal.substvars deleted file mode 100644 index e9392d148515..000000000000 --- a/crypto/heimdal/packages/debian/libhdb9-heimdal.substvars +++ /dev/null @@ -1 +0,0 @@ -shlibs:Depends=libasn1-6-heimdal, libc6 (>= 2.6-1), libcomerr2 (>= 1.33-3), libdb4.4, libkrb5-17-heimdal, libroken16-heimdal diff --git a/crypto/heimdal/packages/debian/libkadm5clnt7-heimdal.install b/crypto/heimdal/packages/debian/libkadm5clnt7-heimdal.install deleted file mode 100644 index 6643c811bcb6..000000000000 --- a/crypto/heimdal/packages/debian/libkadm5clnt7-heimdal.install +++ /dev/null @@ -1,3 +0,0 @@ -usr/lib/libkadm5clnt.so.7.* -usr/lib/libkadm5clnt.so.7 - diff --git a/crypto/heimdal/packages/debian/libkadm5clnt7-heimdal.postinst.debhelper b/crypto/heimdal/packages/debian/libkadm5clnt7-heimdal.postinst.debhelper deleted file mode 100644 index 3d89d3ef6295..000000000000 --- a/crypto/heimdal/packages/debian/libkadm5clnt7-heimdal.postinst.debhelper +++ /dev/null @@ -1,5 +0,0 @@ -# Automatically added by dh_makeshlibs -if [ "$1" = "configure" ]; then - ldconfig -fi -# End automatically added section diff --git a/crypto/heimdal/packages/debian/libkadm5clnt7-heimdal.postrm.debhelper b/crypto/heimdal/packages/debian/libkadm5clnt7-heimdal.postrm.debhelper deleted file mode 100644 index 7f44047270f1..000000000000 --- a/crypto/heimdal/packages/debian/libkadm5clnt7-heimdal.postrm.debhelper +++ /dev/null @@ -1,5 +0,0 @@ -# Automatically added by dh_makeshlibs -if [ "$1" = "remove" ]; then - ldconfig -fi -# End automatically added section diff --git a/crypto/heimdal/packages/debian/libkadm5clnt7-heimdal.substvars b/crypto/heimdal/packages/debian/libkadm5clnt7-heimdal.substvars deleted file mode 100644 index b807683f46c9..000000000000 --- a/crypto/heimdal/packages/debian/libkadm5clnt7-heimdal.substvars +++ /dev/null @@ -1 +0,0 @@ -shlibs:Depends=libc6 (>= 2.6-1), libcomerr2 (>= 1.33-3), libkrb5-17-heimdal, libroken16-heimdal diff --git a/crypto/heimdal/packages/debian/libkadm5srv7-heimdal.install b/crypto/heimdal/packages/debian/libkadm5srv7-heimdal.install deleted file mode 100644 index 9611b0922512..000000000000 --- a/crypto/heimdal/packages/debian/libkadm5srv7-heimdal.install +++ /dev/null @@ -1,2 +0,0 @@ -usr/lib/libkadm5srv.so.* - diff --git a/crypto/heimdal/packages/debian/libkadm5srv8-heimdal.install b/crypto/heimdal/packages/debian/libkadm5srv8-heimdal.install deleted file mode 100644 index 5e7ad5294610..000000000000 --- a/crypto/heimdal/packages/debian/libkadm5srv8-heimdal.install +++ /dev/null @@ -1,3 +0,0 @@ -usr/lib/libkadm5srv.so.8.* -usr/lib/libkadm5srv.so.8 - diff --git a/crypto/heimdal/packages/debian/libkafs0-heimdal.install b/crypto/heimdal/packages/debian/libkafs0-heimdal.install deleted file mode 100644 index 0a2c47960349..000000000000 --- a/crypto/heimdal/packages/debian/libkafs0-heimdal.install +++ /dev/null @@ -1,2 +0,0 @@ -usr/lib/libkafs.so.0.* -usr/lib/libkafs.so.0 diff --git a/crypto/heimdal/packages/debian/libkrb5-22-heimdal.install b/crypto/heimdal/packages/debian/libkrb5-22-heimdal.install deleted file mode 100644 index 72ae23c289cc..000000000000 --- a/crypto/heimdal/packages/debian/libkrb5-22-heimdal.install +++ /dev/null @@ -1,3 +0,0 @@ -usr/lib/libkrb5.so.22.* -usr/lib/libkrb5.so.22 - diff --git a/crypto/heimdal/packages/debian/libkrb5-22-heimdal.postinst.debhelper b/crypto/heimdal/packages/debian/libkrb5-22-heimdal.postinst.debhelper deleted file mode 100644 index 3d89d3ef6295..000000000000 --- a/crypto/heimdal/packages/debian/libkrb5-22-heimdal.postinst.debhelper +++ /dev/null @@ -1,5 +0,0 @@ -# Automatically added by dh_makeshlibs -if [ "$1" = "configure" ]; then - ldconfig -fi -# End automatically added section diff --git a/crypto/heimdal/packages/debian/libkrb5-22-heimdal.postrm.debhelper b/crypto/heimdal/packages/debian/libkrb5-22-heimdal.postrm.debhelper deleted file mode 100644 index 7f44047270f1..000000000000 --- a/crypto/heimdal/packages/debian/libkrb5-22-heimdal.postrm.debhelper +++ /dev/null @@ -1,5 +0,0 @@ -# Automatically added by dh_makeshlibs -if [ "$1" = "remove" ]; then - ldconfig -fi -# End automatically added section diff --git a/crypto/heimdal/packages/debian/libkrb5-22-heimdal.substvars b/crypto/heimdal/packages/debian/libkrb5-22-heimdal.substvars deleted file mode 100644 index 00d22818cc61..000000000000 --- a/crypto/heimdal/packages/debian/libkrb5-22-heimdal.substvars +++ /dev/null @@ -1 +0,0 @@ -shlibs:Depends=libasn1-6-heimdal, libc6 (>= 2.6-1), libcomerr2 (>= 1.33-3), libroken16-heimdal diff --git a/crypto/heimdal/packages/debian/libotp0-heimdal.install b/crypto/heimdal/packages/debian/libotp0-heimdal.install deleted file mode 100644 index 4953c19d9357..000000000000 --- a/crypto/heimdal/packages/debian/libotp0-heimdal.install +++ /dev/null @@ -1 +0,0 @@ -usr/lib/libotp.so.* diff --git a/crypto/heimdal/packages/debian/libroken18-heimdal.install b/crypto/heimdal/packages/debian/libroken18-heimdal.install deleted file mode 100644 index c544e71f338c..000000000000 --- a/crypto/heimdal/packages/debian/libroken18-heimdal.install +++ /dev/null @@ -1,2 +0,0 @@ -usr/lib/libroken.so.18.* -usr/lib/libroken.so.18 diff --git a/crypto/heimdal/packages/debian/libroken18-heimdal.postinst.debhelper b/crypto/heimdal/packages/debian/libroken18-heimdal.postinst.debhelper deleted file mode 100644 index 3d89d3ef6295..000000000000 --- a/crypto/heimdal/packages/debian/libroken18-heimdal.postinst.debhelper +++ /dev/null @@ -1,5 +0,0 @@ -# Automatically added by dh_makeshlibs -if [ "$1" = "configure" ]; then - ldconfig -fi -# End automatically added section diff --git a/crypto/heimdal/packages/debian/libroken18-heimdal.postrm.debhelper b/crypto/heimdal/packages/debian/libroken18-heimdal.postrm.debhelper deleted file mode 100644 index 7f44047270f1..000000000000 --- a/crypto/heimdal/packages/debian/libroken18-heimdal.postrm.debhelper +++ /dev/null @@ -1,5 +0,0 @@ -# Automatically added by dh_makeshlibs -if [ "$1" = "remove" ]; then - ldconfig -fi -# End automatically added section diff --git a/crypto/heimdal/packages/debian/libroken18-heimdal.substvars b/crypto/heimdal/packages/debian/libroken18-heimdal.substvars deleted file mode 100644 index 17c2baad4249..000000000000 --- a/crypto/heimdal/packages/debian/libroken18-heimdal.substvars +++ /dev/null @@ -1 +0,0 @@ -shlibs:Depends=libc6 (>= 2.6-1) diff --git a/crypto/heimdal/packages/debian/libsl0-heimdal.install b/crypto/heimdal/packages/debian/libsl0-heimdal.install deleted file mode 100644 index ae611425a02a..000000000000 --- a/crypto/heimdal/packages/debian/libsl0-heimdal.install +++ /dev/null @@ -1,2 +0,0 @@ -usr/lib/libsl.so.0.* -usr/lib/libsl.so.0 diff --git a/crypto/heimdal/packages/debian/patches/021_debian b/crypto/heimdal/packages/debian/patches/021_debian deleted file mode 100644 index 52d199009bb8..000000000000 --- a/crypto/heimdal/packages/debian/patches/021_debian +++ /dev/null @@ -1,204 +0,0 @@ -Index: heimdal-0.7.2.dfsg.1/lib/hdb/hdb.h -=================================================================== ---- heimdal-0.7.2.dfsg.1.orig/lib/hdb/hdb.h 2006-05-13 16:42:53.000000000 +1000 -+++ heimdal-0.7.2.dfsg.1/lib/hdb/hdb.h 2006-05-13 16:42:58.000000000 +1000 -@@ -86,7 +86,7 @@ - krb5_error_code (*create)(krb5_context, HDB **, const char *filename); - }; - --#define HDB_DB_DIR "/var/heimdal" -+#define HDB_DB_DIR "/var/lib/heimdal-kdc" - #define HDB_DEFAULT_DB HDB_DB_DIR "/heimdal" - #define HDB_DB_FORMAT_ENTRY "hdb/db-format" - -Index: heimdal-0.7.2.dfsg.1/appl/telnet/telnetd/telnetd.h -=================================================================== ---- heimdal-0.7.2.dfsg.1.orig/appl/telnet/telnetd/telnetd.h 2006-05-13 16:42:53.000000000 +1000 -+++ heimdal-0.7.2.dfsg.1/appl/telnet/telnetd/telnetd.h 2006-05-13 16:42:58.000000000 +1000 -@@ -192,7 +192,7 @@ - #endif - - #undef _PATH_LOGIN --#define _PATH_LOGIN BINDIR "/login" -+#define _PATH_LOGIN "/bin/login" - - /* fallbacks */ - -Index: heimdal-0.7.2.dfsg.1/kdc/kdc.8 -=================================================================== ---- heimdal-0.7.2.dfsg.1.orig/kdc/kdc.8 2006-05-13 16:42:53.000000000 +1000 -+++ heimdal-0.7.2.dfsg.1/kdc/kdc.8 2006-05-13 16:42:58.000000000 +1000 -@@ -77,7 +77,7 @@ - .Fl -config-file= Ns Ar file - .Xc - Specifies the location of the config file, the default is --.Pa /var/heimdal/kdc.conf . -+.Pa /etc/heimdal-kdc/kdc.conf . - This is the only value that can't be specified in the config file. - .It Xo - .Fl p , -Index: heimdal-0.7.2.dfsg.1/doc/setup.texi -=================================================================== ---- heimdal-0.7.2.dfsg.1.orig/doc/setup.texi 2006-05-13 16:42:53.000000000 +1000 -+++ heimdal-0.7.2.dfsg.1/doc/setup.texi 2006-05-13 16:42:58.000000000 +1000 -@@ -335,7 +335,7 @@ - as @samp{749/tcp}. - - Access to the administration server is controlled by an ACL file, (default --@file{/var/heimdal/kadmind.acl}.) The lines in the access file, have the -+@file{/etc/heimdal-kdc/kadmind.acl}.) The lines in the access file, have the - following syntax: - @smallexample - principal [priv1,priv2,...] [glob-pattern] -Index: heimdal-0.7.2.dfsg.1/kdc/kdc_locl.h -=================================================================== ---- heimdal-0.7.2.dfsg.1.orig/kdc/kdc_locl.h 2006-05-13 16:42:53.000000000 +1000 -+++ heimdal-0.7.2.dfsg.1/kdc/kdc_locl.h 2006-05-13 16:42:58.000000000 +1000 -@@ -74,7 +74,7 @@ - extern int enable_pkinit_princ_in_cert; - #endif - --#define _PATH_KDC_CONF HDB_DB_DIR "/kdc.conf" -+#define _PATH_KDC_CONF "/etc/heimdal-kdc/kdc.conf" - #define DEFAULT_LOG_DEST "0-1/FILE:" HDB_DB_DIR "/kdc.log" - - extern struct timeval now; -Index: heimdal-0.7.2.dfsg.1/lib/kadm5/context_s.c -=================================================================== ---- heimdal-0.7.2.dfsg.1.orig/lib/kadm5/context_s.c 2006-05-13 16:42:53.000000000 +1000 -+++ heimdal-0.7.2.dfsg.1/lib/kadm5/context_s.c 2006-05-13 16:42:58.000000000 +1000 -@@ -158,7 +158,7 @@ - set_config(ctx, default_binding); - else { - ctx->config.dbname = strdup(HDB_DEFAULT_DB); -- ctx->config.acl_file = strdup(HDB_DB_DIR "/kadmind.acl"); -+ ctx->config.acl_file = strdup("/etc/heimdal-kdc/kadmind.acl"); - ctx->config.stash_file = strdup(HDB_DB_DIR "/m-key"); - ctx->log_context.log_file = strdup(HDB_DB_DIR "/log"); - memset(&ctx->log_context.socket_name, 0, -Index: heimdal-0.7.2.dfsg.1/kadmin/kadmind.8 -=================================================================== ---- heimdal-0.7.2.dfsg.1.orig/kadmin/kadmind.8 2006-05-13 16:42:53.000000000 +1000 -+++ heimdal-0.7.2.dfsg.1/kadmin/kadmind.8 2006-05-13 16:42:58.000000000 +1000 -@@ -85,7 +85,7 @@ - Principals are always allowed to change their own password and list - their own principal. Apart from that, doing any operation requires - permission explicitly added in the ACL file --.Pa /var/heimdal/kadmind.acl . -+.Pa /etc/heimdal-kdc/kadmind.acl . - The format of this file is: - .Bd -ragged - .Va principal -@@ -155,7 +155,7 @@ - .El - .\".Sh ENVIRONMENT - .Sh FILES --.Pa /var/heimdal/kadmind.acl -+.Pa /etc/heimdal-kdc/kadmind.acl - .Sh EXAMPLES - This will cause - .Nm -Index: heimdal-0.7.2.dfsg.1/lib/kadm5/truncate_log.c -=================================================================== ---- heimdal-0.7.2.dfsg.1.orig/lib/kadm5/truncate_log.c 2003-11-19 10:19:26.000000000 +1100 -+++ heimdal-0.7.2.dfsg.1/lib/kadm5/truncate_log.c 2006-05-14 10:33:39.054471619 +1000 -@@ -69,7 +69,7 @@ - } - - if (config_file == NULL) -- config_file = HDB_DB_DIR "/kdc.conf"; -+ config_file = "/etc/heimdal-kdc/kdc.conf"; - - ret = krb5_prepend_config_files_default(config_file, &files); - if (ret) -Index: heimdal-0.7.2.dfsg.1/lib/kadm5/dump_log.c -=================================================================== ---- heimdal-0.7.2.dfsg.1.orig/lib/kadm5/dump_log.c 2005-04-26 04:17:51.000000000 +1000 -+++ heimdal-0.7.2.dfsg.1/lib/kadm5/dump_log.c 2006-05-14 10:33:13.743359875 +1000 -@@ -246,7 +246,7 @@ - } - - if (config_file == NULL) -- config_file = HDB_DB_DIR "/kdc.conf"; -+ config_file = "/etc/heimdal-kdc/kdc.conf"; - - ret = krb5_prepend_config_files_default(config_file, &files); - if (ret) -Index: heimdal-0.7.2.dfsg.1/kadmin/kadmind.c -=================================================================== ---- heimdal-0.7.2.dfsg.1.orig/kadmin/kadmind.c 2005-04-15 21:16:32.000000000 +1000 -+++ heimdal-0.7.2.dfsg.1/kadmin/kadmind.c 2006-05-14 10:27:22.837834789 +1000 -@@ -117,7 +117,7 @@ - argv += optind; - - if (config_file == NULL) -- config_file = HDB_DB_DIR "/kdc.conf"; -+ config_file = "/etc/heimdal-kdc/kdc.conf"; - - ret = krb5_prepend_config_files_default(config_file, &files); - if (ret) -Index: heimdal-0.7.2.dfsg.1/kadmin/kadmin.c -=================================================================== ---- heimdal-0.7.2.dfsg.1.orig/kadmin/kadmin.c 2005-05-10 01:35:22.000000000 +1000 -+++ heimdal-0.7.2.dfsg.1/kadmin/kadmin.c 2006-05-14 10:27:03.969138000 +1000 -@@ -194,7 +194,7 @@ - argv += optind; - - if (config_file == NULL) -- config_file = HDB_DB_DIR "/kdc.conf"; -+ config_file = "/etc/heimdal-kdc/kdc.conf"; - - ret = krb5_prepend_config_files_default(config_file, &files); - if (ret) -Index: heimdal-0.7.2.dfsg.1/lib/kadm5/replay_log.c -=================================================================== ---- heimdal-0.7.2.dfsg.1.orig/lib/kadm5/replay_log.c 2003-11-19 10:19:22.000000000 +1100 -+++ heimdal-0.7.2.dfsg.1/lib/kadm5/replay_log.c 2006-05-14 10:33:28.976621605 +1000 -@@ -99,7 +99,7 @@ - } - - if (config_file == NULL) -- config_file = HDB_DB_DIR "/kdc.conf"; -+ config_file = "/etc/heimdal-kdc/kdc.conf"; - - ret = krb5_prepend_config_files_default(config_file, &files); - if (ret) -Index: heimdal-0.7.2.dfsg.1/lib/kadm5/ipropd_slave.c -=================================================================== ---- heimdal-0.7.2.dfsg.1.orig/lib/kadm5/ipropd_slave.c 2005-05-24 03:39:35.000000000 +1000 -+++ heimdal-0.7.2.dfsg.1/lib/kadm5/ipropd_slave.c 2006-05-14 10:31:34.812853916 +1000 -@@ -418,7 +418,7 @@ - } - - if (config_file == NULL) -- config_file = HDB_DB_DIR "/kdc.conf"; -+ config_file = "/etc/heimdal-kdc/kdc.conf"; - - ret = krb5_prepend_config_files_default(config_file, &files); - if (ret) -Index: heimdal-0.7.2.dfsg.1/lib/kadm5/ipropd_master.c -=================================================================== ---- heimdal-0.7.2.dfsg.1.orig/lib/kadm5/ipropd_master.c 2005-05-24 03:38:46.000000000 +1000 -+++ heimdal-0.7.2.dfsg.1/lib/kadm5/ipropd_master.c 2006-05-14 10:31:17.286905672 +1000 -@@ -654,7 +654,7 @@ - } - - if (config_file == NULL) -- config_file = HDB_DB_DIR "/kdc.conf"; -+ config_file = "/etc/heimdal-kdc/kdc.conf"; - - ret = krb5_prepend_config_files_default(config_file, &files); - if (ret) -Index: heimdal-0.7.2.dfsg.1/kpasswd/kpasswdd.c -=================================================================== ---- heimdal-0.7.2.dfsg.1.orig/kpasswd/kpasswdd.c 2005-04-22 21:03:11.000000000 +1000 -+++ heimdal-0.7.2.dfsg.1/kpasswd/kpasswdd.c 2006-05-14 10:27:49.778564590 +1000 -@@ -749,7 +749,7 @@ - } - - if (config_file == NULL) -- config_file = HDB_DB_DIR "/kdc.conf"; -+ config_file = "/etc/heimdal-kdc/kdc.conf"; - - ret = krb5_prepend_config_files_default(config_file, &files); - if (ret) diff --git a/crypto/heimdal/packages/debian/patches/022_ftp-roken-glob b/crypto/heimdal/packages/debian/patches/022_ftp-roken-glob deleted file mode 100644 index bd974dae0ea8..000000000000 --- a/crypto/heimdal/packages/debian/patches/022_ftp-roken-glob +++ /dev/null @@ -1,270 +0,0 @@ -Index: heimdal-0.7.2/appl/ftp/ftp/cmds.c -=================================================================== ---- heimdal-0.7.2.orig/appl/ftp/ftp/cmds.c 2005-04-18 17:45:12.000000000 +1000 -+++ heimdal-0.7.2/appl/ftp/ftp/cmds.c 2006-03-09 12:50:02.997025112 +1100 -@@ -536,9 +536,17 @@ - - memset(&gl, 0, sizeof(gl)); - flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE; -+#ifdef HAVE_GLOB - if (glob(argv[i], flags, NULL, &gl) || gl.gl_pathc == 0) { -+#else -+ if (roken_glob(argv[i], flags, NULL, &gl) || gl.gl_pathc == 0) { -+#endif - warnx("%s: not found", argv[i]); -+#ifdef HAVE_GLOB - globfree(&gl); -+#else -+ roken_globfree(&gl); -+#endif - continue; - } - for (cpp = gl.gl_pathv; cpp && *cpp != NULL; cpp++) { -@@ -559,7 +567,11 @@ - } - } - } -+#ifdef HAVE_GLOB - globfree(&gl); -+#else -+ roken_globfree(&gl); -+#endif - } - signal(SIGINT, oldintr); - mflag = 0; -@@ -1568,14 +1580,27 @@ - - flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE; - memset(&gl, 0, sizeof(gl)); -+#ifdef HAVE_GLOB - if (glob(*cpp, flags, NULL, &gl) || -+#else -+ if (roken_glob(*cpp, flags, NULL, &gl) || -+#endif - gl.gl_pathc == 0) { - warnx("%s: not found", *cpp); -+#ifdef HAVE_GLOB - globfree(&gl); -+#else -+ roken_globfree(&gl); -+#endif - return (0); - } - *cpp = strdup(gl.gl_pathv[0]); /* XXX - wasted memory */ -+#ifdef HAVE_GLOB - globfree(&gl); -+#else -+ roken_globfree(&gl); -+#endif -+ - return (1); - } - -Index: heimdal-0.7.2/appl/ftp/ftp/ftp_locl.h -=================================================================== ---- heimdal-0.7.2.orig/appl/ftp/ftp/ftp_locl.h 2002-09-11 06:03:46.000000000 +1000 -+++ heimdal-0.7.2/appl/ftp/ftp/ftp_locl.h 2006-03-09 12:50:02.998024960 +1100 -@@ -101,7 +101,11 @@ - - #include - #include -+#ifdef HAVE_GLOB - #include -+#else -+#include -+#endif - #ifdef HAVE_NETDB_H - #include - #endif -Index: heimdal-0.7.2/appl/ftp/ftpd/ftpcmd.y -=================================================================== ---- heimdal-0.7.2.orig/appl/ftp/ftpd/ftpcmd.y 2004-08-20 23:31:19.000000000 +1000 -+++ heimdal-0.7.2/appl/ftp/ftpd/ftpcmd.y 2006-03-09 12:50:03.000024656 +1100 -@@ -826,14 +826,22 @@ - GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE; - - memset(&gl, 0, sizeof(gl)); -+#ifdef HAVE_GLOB - if (glob($1, flags, NULL, &gl) || -+#else -+ if (roken_glob($1, flags, NULL, &gl) || -+#endif - gl.gl_pathc == 0) { - reply(550, "not found"); - $$ = NULL; - } else { - $$ = strdup(gl.gl_pathv[0]); - } -+#ifdef HAVE_GLOB - globfree(&gl); -+#else -+ roken_globfree(&gl); -+#endif - free($1); - } else - $$ = $1; -Index: heimdal-0.7.2/appl/ftp/ftpd/ftpd.c -=================================================================== ---- heimdal-0.7.2.orig/appl/ftp/ftpd/ftpd.c 2005-06-02 20:41:28.000000000 +1000 -+++ heimdal-0.7.2/appl/ftp/ftpd/ftpd.c 2006-03-09 12:50:03.003024200 +1100 -@@ -2234,7 +2234,11 @@ - - memset(&gl, 0, sizeof(gl)); - freeglob = 1; -+#ifdef HAVE_GLOB - if (glob(whichf, flags, 0, &gl)) { -+#else -+ if (roken_glob(whichf, flags, 0, &gl)) { -+#endif - reply(550, "not found"); - goto out; - } else if (gl.gl_pathc == 0) { -@@ -2341,7 +2345,11 @@ - pdata = -1; - if (freeglob) { - freeglob = 0; -+#ifdef HAVE_GLOB - globfree(&gl); -+#else -+ roken_globfree(&gl); -+#endif - } - } - -Index: heimdal-0.7.2/appl/ftp/ftpd/ftpd_locl.h -=================================================================== ---- heimdal-0.7.2.orig/appl/ftp/ftpd/ftpd_locl.h 2005-04-25 05:58:14.000000000 +1000 -+++ heimdal-0.7.2/appl/ftp/ftpd/ftpd_locl.h 2006-03-09 12:50:03.004024048 +1100 -@@ -106,7 +106,11 @@ - #ifdef HAVE_FCNTL_H - #include - #endif -+#ifdef HAVE_GLOB - #include -+#else -+#include -+#endif - #include - #ifdef HAVE_PWD_H - #include -Index: heimdal-0.7.2/appl/ftp/ftpd/popen.c -=================================================================== ---- heimdal-0.7.2.orig/appl/ftp/ftpd/popen.c 2002-04-02 21:57:39.000000000 +1000 -+++ heimdal-0.7.2/appl/ftp/ftpd/popen.c 2006-03-09 12:50:03.013022680 +1100 -@@ -55,7 +55,11 @@ - #include - - #include -+#ifdef HAVE_GLOB - #include -+#else -+#include -+#endif - #include - #include - #include -@@ -149,7 +153,11 @@ - - memset(&gl, 0, sizeof(gl)); - if (no_glob || -+#ifdef HAVE_GLOB - glob(argv[argc], flags, NULL, &gl) || -+#else -+ roken_glob(argv[argc], flags, NULL, &gl) || -+#endif - gl.gl_pathc == 0) - gargv[gargc++] = strdup(argv[argc]); - else -@@ -157,7 +165,11 @@ - *pop && gargc < MAXGLOBS - 1; - pop++) - gargv[gargc++] = strdup(*pop); -+#ifdef HAVE_GLOB - globfree(&gl); -+#else -+ roken_globfree(&gl); -+#endif - } - gargv[gargc] = NULL; - -Index: heimdal-0.7.2/lib/roken/glob.c -=================================================================== ---- heimdal-0.7.2.orig/lib/roken/glob.c 2005-04-12 21:28:50.000000000 +1000 -+++ heimdal-0.7.2/lib/roken/glob.c 2006-03-09 12:50:03.015022376 +1100 -@@ -87,7 +87,7 @@ - #include - #endif - --#include "glob.h" -+#include "roken-glob.h" - #include "roken.h" - - #ifndef ARG_MAX -@@ -167,7 +167,7 @@ - #endif - - int ROKEN_LIB_FUNCTION --glob(const char *pattern, -+roken_glob(const char *pattern, - int flags, - int (*errfunc)(const char *, int), - glob_t *pglob) -@@ -742,7 +742,7 @@ - - /* Free allocated data belonging to a glob_t structure. */ - void ROKEN_LIB_FUNCTION --globfree(glob_t *pglob) -+roken_globfree(glob_t *pglob) - { - int i; - char **pp; -Index: heimdal-0.7.2/lib/roken/glob.hin -=================================================================== ---- heimdal-0.7.2.orig/lib/roken/glob.hin 2005-04-13 23:17:56.000000000 +1000 -+++ heimdal-0.7.2/lib/roken/glob.hin 2006-03-09 12:50:03.016022224 +1100 -@@ -32,8 +32,8 @@ - * @(#)glob.h 8.1 (Berkeley) 6/2/93 - */ - --#ifndef _GLOB_H_ --#define _GLOB_H_ -+#ifndef _ROKEN_GLOB_H_ -+#define _ROKEN_GLOB_H_ - - #ifndef ROKEN_LIB_FUNCTION - #ifdef _WIN32 -@@ -88,9 +88,9 @@ - #define GLOB_ABEND (-2) /* Unignored error. */ - - int ROKEN_LIB_FUNCTION --glob (const char *, int, int (*)(const char *, int), glob_t *); -+roken_glob (const char *, int, int (*)(const char *, int), glob_t *); - - void ROKEN_LIB_FUNCTION --globfree (glob_t *); -+roken_globfree (glob_t *); - --#endif /* !_GLOB_H_ */ -+#endif /* !_ROKEN_GLOB_H_ */ -Index: heimdal-0.7.2/lib/roken/Makefile.am -=================================================================== ---- heimdal-0.7.2.orig/lib/roken/Makefile.am 2005-05-24 21:39:01.000000000 +1000 -+++ heimdal-0.7.2/lib/roken/Makefile.am 2006-03-09 12:50:03.016022224 +1100 -@@ -129,7 +129,7 @@ - if have_glob_h - glob_h = - else --glob_h = glob.h -+glob_h = roken-glob.h - endif - - if have_ifaddrs_h -@@ -170,6 +170,8 @@ - SUFFIXES += .hin - .hin.h: - cp $< $@ -+roken-glob.h: -+ cp glob.hin roken-glob.h - - roken.h: make-roken$(EXEEXT) - @./make-roken$(EXEEXT) > tmp.h ;\ diff --git a/crypto/heimdal/packages/debian/patches/022_openafs b/crypto/heimdal/packages/debian/patches/022_openafs deleted file mode 100644 index 64899fdc035e..000000000000 --- a/crypto/heimdal/packages/debian/patches/022_openafs +++ /dev/null @@ -1,15 +0,0 @@ -Index: heimdal-0.7.2/lib/krb5/keytab_keyfile.c -=================================================================== ---- heimdal-0.7.2.orig/lib/krb5/keytab_keyfile.c 2005-01-09 09:57:18.000000000 +1100 -+++ heimdal-0.7.2/lib/krb5/keytab_keyfile.c 2006-03-09 12:50:07.121398112 +1100 -@@ -48,8 +48,8 @@ - * - */ - --#define AFS_SERVERTHISCELL "/usr/afs/etc/ThisCell" --#define AFS_SERVERMAGICKRBCONF "/usr/afs/etc/krb.conf" -+#define AFS_SERVERTHISCELL "/etc/openafs/ThisCell" -+#define AFS_SERVERMAGICKRBCONF "/etc/openafs/etc/krb.conf" - - struct akf_data { - int num_entries; diff --git a/crypto/heimdal/packages/debian/patches/025_pthreads b/crypto/heimdal/packages/debian/patches/025_pthreads deleted file mode 100644 index 980a8ad94b31..000000000000 --- a/crypto/heimdal/packages/debian/patches/025_pthreads +++ /dev/null @@ -1,13 +0,0 @@ -Index: heimdal-0.7.2/cf/pthreads.m4 -=================================================================== ---- heimdal-0.7.2.orig/cf/pthreads.m4 2006-03-09 12:55:11.651102560 +1100 -+++ heimdal-0.7.2/cf/pthreads.m4 2006-03-09 12:59:12.806441376 +1100 -@@ -32,7 +32,7 @@ - 2.*) - native_pthread_support=yes - PTHREADS_CFLAGS=-pthread -- PTHREADS_LIBS=-pthread -+ PTHREADS_LIBS="-pthread -lpthread" - ;; - esac - ;; diff --git a/crypto/heimdal/packages/debian/patches/026_posix_max b/crypto/heimdal/packages/debian/patches/026_posix_max deleted file mode 100644 index bf26032023a4..000000000000 --- a/crypto/heimdal/packages/debian/patches/026_posix_max +++ /dev/null @@ -1,293 +0,0 @@ -Index: heimdal-0.7.2/appl/kf/kf_locl.h -=================================================================== ---- heimdal-0.7.2.orig/appl/kf/kf_locl.h 2002-09-05 06:29:04.000000000 +1000 -+++ heimdal-0.7.2/appl/kf/kf_locl.h 2006-03-09 12:59:30.120809192 +1100 -@@ -79,3 +79,7 @@ - #define KF_PORT_NAME "kf" - #define KF_PORT_NUM 2110 - #define KF_VERSION_1 "KFWDV0.1" -+ -+#ifndef MAXPATHLEN -+#define MAXPATHLEN 4096 -+#endif -Index: heimdal-0.7.2/appl/kf/kfd.c -=================================================================== ---- heimdal-0.7.2.orig/appl/kf/kfd.c 2005-05-27 23:43:24.000000000 +1000 -+++ heimdal-0.7.2/appl/kf/kfd.c 2006-03-09 12:59:30.121809040 +1100 -@@ -128,7 +128,7 @@ - krb5_ticket *ticket; - char *name; - char ret_string[10]; -- char hostname[MAXHOSTNAMELEN]; -+ char hostname[MaxHostNameLen]; - krb5_data data; - krb5_data remotename; - krb5_data tk_file; -Index: heimdal-0.7.2/appl/kx/kx.h -=================================================================== ---- heimdal-0.7.2.orig/appl/kx/kx.h 2003-04-17 02:45:43.000000000 +1000 -+++ heimdal-0.7.2/appl/kx/kx.h 2006-03-09 12:59:30.122808888 +1100 -@@ -107,6 +107,10 @@ - #include - #endif - -+#ifndef MAXPATHLEN -+#define MAXPATHLEN 4096 -+#endif -+ - /* defined by aix's sys/stream.h and again by arpa/nameser.h */ - - #undef NOERROR -Index: heimdal-0.7.2/appl/login/login_access.c -=================================================================== ---- heimdal-0.7.2.orig/appl/login/login_access.c 2001-06-05 00:09:45.000000000 +1000 -+++ heimdal-0.7.2/appl/login/login_access.c 2006-03-09 12:59:30.123808736 +1100 -@@ -163,11 +163,11 @@ - - static char *myhostname(void) - { -- static char name[MAXHOSTNAMELEN + 1] = ""; -+ static char name[MaxHostNameLen + 1] = ""; - - if (name[0] == 0) { - gethostname(name, sizeof(name)); -- name[MAXHOSTNAMELEN] = 0; -+ name[MaxHostNameLen] = 0; - } - return (name); - } -Index: heimdal-0.7.2/appl/login/login_locl.h -=================================================================== ---- heimdal-0.7.2.orig/appl/login/login_locl.h 2005-04-23 01:38:54.000000000 +1000 -+++ heimdal-0.7.2/appl/login/login_locl.h 2006-03-09 12:59:30.124808584 +1100 -@@ -150,6 +150,10 @@ - #endif - - -+#ifndef MAXPATHLEN -+#define MAXPATHLEN 4096 -+#endif -+ - struct spwd; - - extern char **env; -Index: heimdal-0.7.2/appl/popper/popper.h -=================================================================== ---- heimdal-0.7.2.orig/appl/popper/popper.h 2004-07-14 19:10:30.000000000 +1000 -+++ heimdal-0.7.2/appl/popper/popper.h 2006-03-09 12:59:30.125808432 +1100 -@@ -154,6 +154,10 @@ - #define POP_MAILDIR "/usr/spool/mail" - #endif - -+#ifndef MAXPATHLEN -+#define MAXPATHLEN 4096 -+#endif -+ - #define POP_DROP POP_MAILDIR "/.%s.pop" - /* POP_TMPSIZE needs to be big enough to hold the string - * defined by POP_TMPDROP. POP_DROP and POP_TMPDROP -Index: heimdal-0.7.2/appl/rcp/rcp_locl.h -=================================================================== ---- heimdal-0.7.2.orig/appl/rcp/rcp_locl.h 2005-05-30 04:24:43.000000000 +1000 -+++ heimdal-0.7.2/appl/rcp/rcp_locl.h 2006-03-09 12:59:30.125808432 +1100 -@@ -65,3 +65,7 @@ - #endif - #undef _PATH_RSH - #define _PATH_RSH BINDIR "/rsh" -+ -+#ifndef MAXPATHLEN -+#define MAXPATHLEN 4096 -+#endif -Index: heimdal-0.7.2/appl/rsh/rsh_locl.h -=================================================================== ---- heimdal-0.7.2.orig/appl/rsh/rsh_locl.h 2005-12-29 05:00:05.000000000 +1100 -+++ heimdal-0.7.2/appl/rsh/rsh_locl.h 2006-03-09 12:59:30.126808280 +1100 -@@ -172,3 +172,7 @@ - #define do_write(F, B, L, I) write((F), (B), (L)) - #define do_read(F, B, L, I) read((F), (B), (L)) - #endif -+ -+#ifndef MAXPATHLEN -+#define MAXPATHLEN 4096 -+#endif -Index: heimdal-0.7.2/appl/test/tcp_server.c -=================================================================== ---- heimdal-0.7.2.orig/appl/test/tcp_server.c 1999-12-16 21:31:08.000000000 +1100 -+++ heimdal-0.7.2/appl/test/tcp_server.c 2006-03-09 12:59:30.127808128 +1100 -@@ -44,7 +44,7 @@ - krb5_principal server; - krb5_ticket *ticket; - char *name; -- char hostname[MAXHOSTNAMELEN]; -+ char hostname[MaxHostNameLen]; - krb5_data packet; - krb5_data data; - u_int32_t len, net_len; -Index: heimdal-0.7.2/lib/gssapi/gssapi_locl.h -=================================================================== ---- heimdal-0.7.2.orig/lib/gssapi/gssapi_locl.h 2005-05-31 06:53:46.000000000 +1000 -+++ heimdal-0.7.2/lib/gssapi/gssapi_locl.h 2006-03-09 12:59:30.128807976 +1100 -@@ -84,6 +84,10 @@ - * - */ - -+#ifndef MAXPATHLEN -+#define MAXPATHLEN 4096 -+#endif -+ - extern krb5_context gssapi_krb5_context; - - extern krb5_keytab gssapi_krb5_keytab; -Index: heimdal-0.7.2/lib/gssapi/import_name.c -=================================================================== ---- heimdal-0.7.2.orig/lib/gssapi/import_name.c 2003-03-17 04:33:31.000000000 +1100 -+++ heimdal-0.7.2/lib/gssapi/import_name.c 2006-03-09 12:59:30.129807824 +1100 -@@ -90,7 +90,7 @@ - char *tmp; - char *p; - char *host; -- char local_hostname[MAXHOSTNAMELEN]; -+ char local_hostname[MaxHostNameLen]; - - *output_name = NULL; - -Index: heimdal-0.7.2/lib/kdfs/k5dfspag.c -=================================================================== ---- heimdal-0.7.2.orig/lib/kdfs/k5dfspag.c 2002-08-13 01:11:58.000000000 +1000 -+++ heimdal-0.7.2/lib/kdfs/k5dfspag.c 2006-03-09 12:59:30.130807672 +1100 -@@ -78,6 +78,9 @@ - #define WAIT_USES_INT - typedef krb5_sigtype sigtype; - -+#ifndef MAXPATHLEN -+#define MAXPATHLEN 4096 -+#endif - - /* - * Need some syscall numbers based on different systems. -Index: heimdal-0.7.2/lib/krb5/get_addrs.c -=================================================================== ---- heimdal-0.7.2.orig/lib/krb5/get_addrs.c 2004-05-26 07:26:05.000000000 +1000 -+++ heimdal-0.7.2/lib/krb5/get_addrs.c 2006-03-09 12:59:30.139806304 +1100 -@@ -49,7 +49,7 @@ - gethostname_fallback (krb5_context context, krb5_addresses *res) - { - krb5_error_code ret; -- char hostname[MAXHOSTNAMELEN]; -+ char hostname[MaxHostNameLen]; - struct hostent *hostent; - - if (gethostname (hostname, sizeof(hostname))) { -Index: heimdal-0.7.2/lib/krb5/get_host_realm.c -=================================================================== ---- heimdal-0.7.2.orig/lib/krb5/get_host_realm.c 2005-04-20 04:52:51.000000000 +1000 -+++ heimdal-0.7.2/lib/krb5/get_host_realm.c 2006-03-09 12:59:30.140806152 +1100 -@@ -95,7 +95,7 @@ - krb5_realm **realms) - { - static char *default_labels[] = { "_kerberos", NULL }; -- char dom[MAXHOSTNAMELEN]; -+ char dom[MaxHostNameLen]; - struct dns_reply *r; - char **labels; - int i, ret; -@@ -208,7 +208,7 @@ - const char *host, - krb5_realm **realms) - { -- char hostname[MAXHOSTNAMELEN]; -+ char hostname[MaxHostNameLen]; - - if (host == NULL) { - if (gethostname (hostname, sizeof(hostname))) -Index: heimdal-0.7.2/lib/krb5/krbhst-test.c -=================================================================== ---- heimdal-0.7.2.orig/lib/krb5/krbhst-test.c 2002-08-23 13:43:18.000000000 +1000 -+++ heimdal-0.7.2/lib/krb5/krbhst-test.c 2006-03-09 12:59:30.140806152 +1100 -@@ -87,7 +87,7 @@ - krb5_init_context (&context); - for(i = 0; i < argc; i++) { - krb5_krbhst_handle handle; -- char host[MAXHOSTNAMELEN]; -+ char host[MaxHostNameLen]; - - for (j = 0; j < sizeof(types)/sizeof(*types); ++j) { - printf ("%s for %s:\n", type_str[j], argv[i]); -Index: heimdal-0.7.2/lib/krb5/krbhst.c -=================================================================== ---- heimdal-0.7.2.orig/lib/krb5/krbhst.c 2005-05-20 19:09:42.000000000 +1000 -+++ heimdal-0.7.2/lib/krb5/krbhst.c 2006-03-09 12:59:30.142805848 +1100 -@@ -763,7 +763,7 @@ - krb5_error_code ret; - int nhost = 0; - krb5_krbhst_handle handle; -- char host[MAXHOSTNAMELEN]; -+ char host[MaxHostNameLen]; - krb5_krbhst_info *hostinfo; - - ret = krb5_krbhst_init(context, realm, type, &handle); -Index: heimdal-0.7.2/lib/krb5/principal.c -=================================================================== ---- heimdal-0.7.2.orig/lib/krb5/principal.c 2004-12-29 12:54:54.000000000 +1100 -+++ heimdal-0.7.2/lib/krb5/principal.c 2006-03-09 12:59:30.150804632 +1100 -@@ -706,8 +706,8 @@ - const char *p; - krb5_error_code ret; - krb5_principal pr; -- char host[MAXHOSTNAMELEN]; -- char local_hostname[MAXHOSTNAMELEN]; -+ char host[MaxHostNameLen]; -+ char local_hostname[MaxHostNameLen]; - - /* do the following: if the name is found in the - `v4_name_convert:host' part, is is assumed to be a `host' type -@@ -1059,7 +1059,7 @@ - krb5_principal *ret_princ) - { - krb5_error_code ret; -- char localhost[MAXHOSTNAMELEN]; -+ char localhost[MaxHostNameLen]; - char **realms, *host = NULL; - - if(type != KRB5_NT_SRV_HST && type != KRB5_NT_UNKNOWN) { -Index: heimdal-0.7.2/lib/krb5/verify_init.c -=================================================================== ---- heimdal-0.7.2.orig/lib/krb5/verify_init.c 2004-05-26 07:45:47.000000000 +1000 -+++ heimdal-0.7.2/lib/krb5/verify_init.c 2006-03-09 12:59:30.151804480 +1100 -@@ -90,7 +90,7 @@ - memset (&entry, 0, sizeof(entry)); - - if (ap_req_server == NULL) { -- char local_hostname[MAXHOSTNAMELEN]; -+ char local_hostname[MaxHostNameLen]; - - if (gethostname (local_hostname, sizeof(local_hostname)) < 0) { - ret = errno; -Index: heimdal-0.7.2/lib/roken/getaddrinfo_hostspec.c -=================================================================== ---- heimdal-0.7.2.orig/lib/roken/getaddrinfo_hostspec.c 2005-04-12 21:28:43.000000000 +1000 -+++ heimdal-0.7.2/lib/roken/getaddrinfo_hostspec.c 2006-03-09 12:59:30.152804328 +1100 -@@ -48,7 +48,7 @@ - { - const char *p; - char portstr[NI_MAXSERV]; -- char host[MAXHOSTNAMELEN]; -+ char host[MaxHostNameLen]; - struct addrinfo hints; - int hostspec_len; - -Index: heimdal-0.7.2/lib/sl/slc-gram.y -=================================================================== ---- heimdal-0.7.2.orig/lib/sl/slc-gram.y 2005-04-19 20:28:28.000000000 +1000 -+++ heimdal-0.7.2/lib/sl/slc-gram.y 2006-03-09 12:59:30.153804176 +1100 -@@ -46,6 +46,10 @@ - #include - #include - -+#ifndef PATH_MAX -+#define PATH_MAX 4096 -+#endif -+ - #include "slc.h" - extern FILE *yyin; - extern struct assignment *a; diff --git a/crypto/heimdal/packages/debian/po/POTFILES.in b/crypto/heimdal/packages/debian/po/POTFILES.in deleted file mode 100644 index 1fea3242b919..000000000000 --- a/crypto/heimdal/packages/debian/po/POTFILES.in +++ /dev/null @@ -1 +0,0 @@ -[type: gettext/rfc822deb] heimdal-kdc.templates diff --git a/crypto/heimdal/packages/debian/po/templates.pot b/crypto/heimdal/packages/debian/po/templates.pot deleted file mode 100644 index 41d0f311af1e..000000000000 --- a/crypto/heimdal/packages/debian/po/templates.pot +++ /dev/null @@ -1,54 +0,0 @@ -# -# Translators, if you are not familiar with the PO format, gettext -# documentation is worth reading, especially sections dedicated to -# this format, e.g. by running: -# info -n '(gettext)PO Files' -# info -n '(gettext)Header Entry' -# -# Some information specific to po-debconf are available at -# /usr/share/doc/po-debconf/README-trans -# or http://www.debian.org/intl/l10n/po-debconf/README-trans -# -# Developers do not need to manually edit POT or PO files. -# -#, fuzzy -msgid "" -msgstr "" -"Project-Id-Version: PACKAGE VERSION\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2004-02-27 10:15-0800\n" -"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" -"Last-Translator: FULL NAME \n" -"Language-Team: LANGUAGE \n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=CHARSET\n" -"Content-Transfer-Encoding: 8bit\n" - -#. Type: string -#. Description -#: ../heimdal-kdc.templates:3 -msgid "Local realm name:" -msgstr "" - -#. Type: string -#. Description -#: ../heimdal-kdc.templates:3 -msgid "" -"Heimdal requires the name of your local realm. This is typically your domain " -"name in uppercase. eg if your hostname is host.org.com, then your realm will " -"become ORG.COM. The default for your host is ${default_realm}." -msgstr "" - -#. Type: password -#. Description -#: ../heimdal-kdc.templates:10 -msgid "Password for KDC:" -msgstr "" - -#. Type: password -#. Description -#: ../heimdal-kdc.templates:10 -msgid "" -"Heimdal can encrypt the KDC data with a password. A hashed representation " -"will be stored in /var/lib/heimdal-kdc/m-key." -msgstr "" diff --git a/crypto/heimdal/packages/debian/rules b/crypto/heimdal/packages/debian/rules deleted file mode 100755 index 8894667b9394..000000000000 --- a/crypto/heimdal/packages/debian/rules +++ /dev/null @@ -1,62 +0,0 @@ -#!/usr/bin/make -f - -include /usr/share/cdbs/1/rules/debhelper.mk -include /usr/share/cdbs/1/class/autotools.mk -include /usr/share/cdbs/1/rules/patchsys-quilt.mk - -DEB_INSTALL_DOCS_ALL = -DEB_INSTALL_DOCS_heimdal-docs = $(filter-out $(DEB_INSTALL_CHANGELOGS_ALL),$(shell for f in README NEWS TODO BUGS AUTHORS THANKS; do if test -s $(DEB_SRCDIR)/$$f; then echo $(DEB_SRCDIR)/$$f; fi; done)) \ - NEWS TODO - - -DEB_DH_INSTALL_SOURCEDIR = debian/tmp - -DEB_CONFIGURE_LIBEXECDIR ="\$${prefix}/sbin" - -DEB_CONFIGURE_EXTRA_FLAGS := \ - --enable-shared \ - --enable-otp \ - --with-kaserver \ - --with-openssl \ - --with-openldap \ - --with-readline-include=/usr/include/editline \ - --enable-kcm - -# /var/lib/heimdal-kdc is 700 -DEB_FIXPERMS_EXCLUDE = heimdal-kdc - -binary-post-install/heimdal-servers:: - mv debian/heimdal-servers/usr/sbin/kfd debian/heimdal-servers/usr/lib/heimdal-servers - mv debian/heimdal-servers/usr/sbin/ftpd debian/heimdal-servers/usr/lib/heimdal-servers - mv debian/heimdal-servers/usr/sbin/rshd debian/heimdal-servers/usr/lib/heimdal-servers - mv debian/heimdal-servers/usr/sbin/telnetd debian/heimdal-servers/usr/lib/heimdal-servers - mv debian/heimdal-servers/usr/sbin/popper debian/heimdal-servers/usr/lib/heimdal-servers - mv debian/heimdal-servers/usr/bin/login debian/heimdal-servers/usr/lib/heimdal-servers - -binary-post-install/heimdal-servers-x:: - mv debian/heimdal-servers-x/usr/sbin/kxd debian/heimdal-servers-x/usr/lib/heimdal-servers - -binary-post-install/heimdal-kdc:: - mv debian/heimdal-kdc/usr/sbin/kdc debian/heimdal-kdc/usr/lib/heimdal-servers - mv debian/heimdal-kdc/usr/sbin/kadmind debian/heimdal-kdc/usr/lib/heimdal-servers - mv debian/heimdal-kdc/usr/sbin/kpasswdd debian/heimdal-kdc/usr/lib/heimdal-servers - install -m644 debian/extras/default debian/heimdal-kdc/etc/default/heimdal-kdc - install -m644 lib/hdb/hdb.schema debian/heimdal-kdc/etc/ldap/schema/hdb.schema - dh_fixperms -pheimdal-kdc - chmod 700 debian/heimdal-kdc/var/lib/heimdal-kdc - -binary-post-install/heimdal-clients:: - mv debian/heimdal-clients/usr/bin/telnet debian/heimdal-clients/usr/bin/ktelnet - mv debian/heimdal-clients/usr/bin/ftp debian/heimdal-clients/usr/bin/kftp - mv debian/heimdal-clients/usr/share/man/man1/telnet.1 debian/heimdal-clients/usr/share/man/man1/ktelnet.1 - mv debian/heimdal-clients/usr/share/man/man1/ftp.1 debian/heimdal-clients/usr/share/man/man1/kftp.1 - mv debian/heimdal-clients/usr/bin/rsh debian/heimdal-clients/usr/bin/krsh - mv debian/heimdal-clients/usr/bin/rcp debian/heimdal-clients/usr/bin/krcp - mv debian/heimdal-clients/usr/bin/pagsh debian/heimdal-clients/usr/bin/kpagsh - mv debian/heimdal-clients/usr/bin/su debian/heimdal-clients/usr/bin/ksu - mv debian/heimdal-clients/usr/share/man/man1/rsh.1 debian/heimdal-clients/usr/share/man/man1/krsh.1 - mv debian/heimdal-clients/usr/share/man/man1/pagsh.1 debian/heimdal-clients/usr/share/man/man1/kpagsh.1 - mv debian/heimdal-clients/usr/share/man/man1/su.1 debian/heimdal-clients/usr/share/man/man1/ksu.1 - -binary-post-install/heimdal-docs:: - mv debian/heimdal-docs/usr/share/man/man5/krb5.conf.5 debian/heimdal-docs/usr/share/man/man5/krb5.conf.5heimdal diff --git a/crypto/heimdal/packages/debian/scripts/convert_source b/crypto/heimdal/packages/debian/scripts/convert_source deleted file mode 100644 index 3d9d4f7727e9..000000000000 --- a/crypto/heimdal/packages/debian/scripts/convert_source +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/sh -ex - -SRC="$1" -VERSION="$2" -DST="heimdal_$VERSION.dfsg.1.orig.tar.gz" -SRC_DIR="heimdal-$VERSION" - -MYTMP="" -trap 'if [ -n "$MYTMP" ]; then rm -rf $MYTMP; fi' EXIT -MYTMP=`mktemp -td heimdal.XXXXXX` || exit 1 - -tar -xzf $SRC -C $MYTMP -ls -l $MYTMP/$SRC_DIR - -rm -r $MYTMP/$SRC_DIR/doc/standardisation - -tar -czf $DST -C $MYTMP $SRC_DIR diff --git a/crypto/heimdal/packages/mac/Info.plist b/crypto/heimdal/packages/mac/Info.plist deleted file mode 100644 index c1d17055747d..000000000000 --- a/crypto/heimdal/packages/mac/Info.plist +++ /dev/null @@ -1,36 +0,0 @@ - - - - - CFBundleGetInfoString - Heimdal @VERSION@ - CFBundleName - Heimdal - CFBundleIdentifier - org.h5l.heimdal.pkg - CFBundleShortVersionString - 1.0 - IFPkgFlagAllowBackRev - - IFPkgFlagAuthorizationAction - RootAuthorization - IFPkgFlagDefaultLocation - / - IFPkgFlagFollowLinks - - IFPkgFlagIsRequired - - IFPkgFlagOverwritePermissions - - IFPkgFlagRelocatable - - IFPkgFlagRestartAction - NoRestart - IFPkgFlagRootVolumeOnly - - IFPkgFlagUpdateInstalledLanguages - - IFPkgFormatVersion - 0.10000000149011612 - - diff --git a/crypto/heimdal/packages/mac/Makefile.am b/crypto/heimdal/packages/mac/Makefile.am deleted file mode 100644 index da258c1c39e6..000000000000 --- a/crypto/heimdal/packages/mac/Makefile.am +++ /dev/null @@ -1,9 +0,0 @@ -# $Id: Makefile.am 22180 2007-12-05 02:49:01Z lha $ - -include $(top_srcdir)/Makefile.am.common - -EXTRA_DIST = \ - Info.plist \ - mac.sh \ - Resources/Description.plist \ - Resources/English.lproj/Welcome.rtf diff --git a/crypto/heimdal/packages/mac/Makefile.in b/crypto/heimdal/packages/mac/Makefile.in deleted file mode 100644 index 4b217f093d4e..000000000000 --- a/crypto/heimdal/packages/mac/Makefile.in +++ /dev/null @@ -1,663 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22180 2007-12-05 02:49:01Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = packages/mac -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -EXTRA_DIST = \ - Info.plist \ - mac.sh \ - Resources/Description.plist \ - Resources/English.lproj/Welcome.rtf - -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps packages/mac/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps packages/mac/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -tags: TAGS -TAGS: - -ctags: CTAGS -CTAGS: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile all-local -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool dist-hook distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/packages/mac/Resources/Description.plist b/crypto/heimdal/packages/mac/Resources/Description.plist deleted file mode 100644 index 15cd63a4f6ba..000000000000 --- a/crypto/heimdal/packages/mac/Resources/Description.plist +++ /dev/null @@ -1,10 +0,0 @@ - - - - - IFPkgDescriptionDescription - - IFPkgDescriptionTitle - Heimdal - - diff --git a/crypto/heimdal/packages/mac/Resources/English.lproj/Welcome.rtf b/crypto/heimdal/packages/mac/Resources/English.lproj/Welcome.rtf deleted file mode 100644 index 884487209e6b..000000000000 --- a/crypto/heimdal/packages/mac/Resources/English.lproj/Welcome.rtf +++ /dev/null @@ -1,8 +0,0 @@ -{\rtf1\mac\ansicpg10000\cocoartf100 -{\fonttbl\f0\fswiss\fcharset77 Helvetica;} -{\colortbl;\red255\green255\blue255;} -\margl1440\margr1440\vieww9000\viewh9000\viewkind0 -\pard\tx1440\tx2880\tx4320\tx5760\tx7200\ql\qnatural - -\f0\fs28 \cf0 Welcome to the Heimdal Installation Program.\ -} \ No newline at end of file diff --git a/crypto/heimdal/packages/mac/mac.sh b/crypto/heimdal/packages/mac/mac.sh deleted file mode 100644 index 8dcde86fa175..000000000000 --- a/crypto/heimdal/packages/mac/mac.sh +++ /dev/null @@ -1,52 +0,0 @@ -#!/bin/sh -# $Id: mac.sh 22177 2007-12-05 01:43:30Z lha $ - -dbase=`dirname $0` -base=`cd $dbase && pwd` -config=${base}/../../configure - -destdir=`pwd`/destdir -builddir=`pwd`/builddir -imgdir=`pwd`/imgdir - -rm -rf ${destdir} ${builddir} ${imgdir} || exit 1 -mkdir ${destdir} || exit 1 -mkdir ${builddir} || exit 1 -mkdir ${imgdir} || exit 1 - -cd ${builddir} || exit 1 - -version=`sh ${config} --help 2>/dev/null | head -1 | sed 's/.*Heimdal \([^ ]*\).*/\1/'` - -echo "Building Mac universal binary package for Heimdal ${version}" -echo "Configure" -env \ - CFLAGS="-arch i386 -arch ppc" \ - LDFLAGS="-arch i386 -arch ppc" \ - ${config} > log || exit 1 -echo "Build" -make all > /dev/null || exit 1 -echo "Run regression suite" -make check > /dev/null || exit 1 -echo "Install" -make install DESTDIR=${destdir} > /dev/null || exit 1 - -echo "Build package" -/Developer/usr/bin/packagemaker \ - --version "${version}" \ - --root ${destdir} \ - --info ${base}/Info.plist \ - --out ${imgdir}/Heimdal.pkg \ - --resources ${base}/Resources \ - --domain system || exit 1 - -cd .. -echo "Build disk image" -rm "heimdal-${version}.dmg" -/usr/bin/hdiutil create -volname "Heimdal-${version}" -srcfolder ${imgdir} "heimdal-${version}.dmg" || exit 1 - -echo "Clean" -rm -rf ${destdir} ${builddir} ${imgdir} || exit 1 - -echo "Done!" -exit 0 diff --git a/crypto/heimdal/tests/ChangeLog b/crypto/heimdal/tests/ChangeLog deleted file mode 100644 index 6fa41aca666f..000000000000 --- a/crypto/heimdal/tests/ChangeLog +++ /dev/null @@ -1,742 +0,0 @@ -2008-01-14 Love Hörnquist Åstrand - - * kdc: Test the PKCS11 provider built-in to libhx509. - -2007-12-14 Love Hörnquist Åstrand - - * ldap/init.ldif: Add space to make valid ldiff file, from Buchan - Milne - - * ldap/slapd-init.in: Another place where schemas are installed, - from Buchan Milne. - -2007-12-05 Love Hörnquist Åstrand - - * kdc/check-kadmin.in: Check that admin-less principal works. - -2007-12-04 Love Hörnquist Åstrand - - * gss/check-ntlm.in: test kdigest digest-probe command. - -2007-12-03 Love Hörnquist Åstrand - - * gss/check-basic.in: Test GSS_C_NO_NAME too. - -2007-10-24 Love Hörnquist Åstrand - - * kdc/check-kdc.in: Try multiple enctypes. - -2007-08-17 Love Hörnquist Åstrand - - * java/Makefile.am: EXTRA_DIST += jaas.conf - -2007-08-13 Love Hörnquist Åstrand - - * java/Makefile.am: Add java source code. - -2007-08-09 Love Hörnquist Åstrand - - * kdc/check-iprop.in: Don't run this test in AFS since AFS is - missing unix sockets. - - * kdc/wait-kdc.sh: Catch bind ../../tests/kdc/signal: Operation - not permitted - -2007-08-08 Love Hörnquist Åstrand - - * kdc/check-iprop.in: use wait-kdc.sh for all diffrent places we - start ipropd-{master,slave}. - - * all-tests: empty messages.log - - * kdc/check-iprop.in: Use wait-kdc.sh to wait for - ipropd-{master,slave}. - - * kdc/wait-kdc.sh: look futher back in the logfile. - - * kdc/wait-kdc.sh: Make wait-kdc.sh able to wait on other things. - - * kdc/check-iprop.in: Checking master going backward, create - iprop-stats. - -2007-08-07 Love Hörnquist Åstrand - - * java/have-java.sh: GNU GCC Java doesn't support Kerberos - -2007-08-01 Love Hörnquist Åstrand - - * kdc/check-iprop.in: wait longer for iprop, dump messages.log on - failure. - - * kdc/Makefile.am: Clean after iprop tests. - - * kdc/check-iprop.in: more iprop tests. - -2007-07-31 Love Hörnquist Åstrand - - * kdc/Makefile.am: Add check-iprop and related files. - - * kdc/krb5.conf.in: Add stuff for iprop. - - * kdc/check-iprop.in: Test for iprop. - - * kdc/iprop-acl: ACL file for iprop. - -2007-07-28 Love Hörnquist Åstrand - - * kdc/donotexists.txt: missing file. - -2007-07-26 Love Hörnquist Åstrand - - * kdc/Makefile.am: EXTRA_DIST += donotexists.txt - -2007-07-22 Love Hörnquist Åstrand - - * kdc/check-kdc.in: Test renewing. - -2007-07-21 Love Hörnquist Åstrand - - * kdc/Makefile.am: Test for simple salt types. - - * kdc/krb5.conf.keys.in: Configuration file for testing keys. - - * kdc/check-keys.in: Test some simple salt types. - -2007-07-17 Love Hörnquist Åstrand - - * java/Makefile.am: EXTRA_DIST += have_java.sh - - * java/check-kinit.in: Make failing to compile a java program a - no-fatal error. - - * java/check-kinit.in: Disable test if we use socket wrapper. - -2007-07-16 Love Hörnquist Åstrand - - * kdc/check-kadmin.in: Give more hints of what went wrong. - -2007-07-14 Love Hörnquist Åstrand - - * kdc/Makefile.am: add check-kadmin.in - -2007-07-12 Love Hörnquist Åstrand - - * ldap/slapd.conf: add samba.schema. - - * ldap/slapd-init.in: Add samba schema. - - * ldap/init.ldif: Samba entry to do testing with. - -2007-07-11 Love Hörnquist Åstrand - - * java/check-kinit.in: Only print when there is an error. - - * java/krb5.conf.in: Move the AES enctypes first. - -2007-07-10 Love Hörnquist Åstrand - - * kdc/check-kadmin.in: Send kill outout to /dev/null. - - * kdc/krb5.conf.in: Add bits needed for kadmind server test. - - * kdc/Makefile.am: Add check-kadmin. - - * kdc/check-kadmin.in: Simple test for server based kadmin. - - * kdc/heimdal.acl: ACL file for check-admin test. - -2007-07-05 Love Hörnquist Åstrand - - * Makefile.am: Add java. - - * java: simple java kinit test - -2007-06-26 Love Hörnquist Åstrand - - * ldap/check-ldap.in: Add one more principal and list the - database. - - * kdc/check-pkinit.in: Fix hxtool issue-certificate --req. - - * kdc/check-referral.in: Spelling. - -2007-06-22 Love Hörnquist Åstrand - - * gss/check-context.in: disable dns canon on test, break on some - buildfarm hosts. - -2007-06-19 Love Hörnquist Åstrand - - * can/test_can.in: readline seems strange, try diffrent way to - setup the database. - -2007-06-18 Love Hörnquist Åstrand - - * can/test_can.in: spoon feed kadmin diffrently - -2007-06-11 Love Hörnquist Åstrand - - * kdc/check-kdc.in: Also test rename user to anther realm. - - * kdc/check-kdc.in: Test renaming a user. - - * can/test_can.in: Tell use what the messages.log told us. - - * kdc/check-referral.in: Add some more as-req canon tests, add - disable tgs-req tests. - -2007-06-09 Love Hörnquist Åstrand - - * can/check-can.in: Check is there is a working db backend here. - -2007-06-08 Love Hörnquist Åstrand - - * can/Makefile.am: Clean up more cruft. - -2007-06-07 Love Hörnquist Åstrand - - * can/Makefile.am: More files we want in the dist. - - * can/test_can.in: Simplify error reporting. - - * can/test_can.in: Catch error from kadmin. - - * can/mit-pkinit-20070607.*: mit pkinit-9 request - - * can/check-can.in: Add mit-pkinit test. - - * can/Makefile.am: Create specific configurtion files for some - tests. - - * can/test_can.in: Pick up the right generated - krb5.conf (spelling). - - * can: Add Apple Tiger 10.4/MIT Kerberos 1.4 - - * can/test_can.in: Don't need to start a kdc for this test. - - * can: pre-canned requests from older versions and other implementations - - * Makefile.am: SUBDIRS += can - -2007-06-04 Love Hörnquist Åstrand - - * kdc/check-uu.in: Use stdout from uu_server. - -2007-05-31 Love Hörnquist Åstrand - - * kdc/check-pkinit.in: Try pkinit in w2k mode, also add tests for - MS SAN. - - * kdc/Makefile.am: generate a krb5-pkinit-win.conf - - * kdc/krb5-pkinit.conf.in: W2K tests. - -2007-05-30 Love Hörnquist Åstrand - - * kdc/Makefile.am: remove more files - -2007-05-10 Love Hörnquist Åstrand - - * kdc/check-pkinit.in: try principal subject in DB - -2007-05-08 Love Hörnquist Åstrand - - * gss/check-basic.in: test using test_kcred - - * gss/check-ntlm.in: One more test. - - * ldap/check-ldap.in: check in /usr/lib/openldap too for slapd and - slapadd - -2007-05-07 Love Hörnquist Åstrand - - * db/add-modify-delete.in: Remove comment. - - * db/add-modify-delete.in: try replay - - * db/Makefile.am: clean more files. - - * db/add-modify-delete.in: try iprop-log commands. - -2007-04-27 Love Hörnquist Åstrand - - * db/krb5.conf.in: Add longer example. - -2007-04-23 Love Hörnquist Åstrand - - * db: basic tests for dbinfo - -2007-04-22 Love Hörnquist Åstrand - - * gss/Makefile.am: Add check-ntlm. - - * gss/check-ntlm.in: test ntlm client credentials code. - -2007-04-21 Love Hörnquist Åstrand - - * db/loaddump-db.in: make kstash quiet - -2007-04-18 Love Hörnquist Åstrand - - * gss/check-basic.in: more gss_acquire_cred tests - -2007-04-17 Love Hörnquist Åstrand - - * gss/Makefile.am: add check-basic - - * gss/check-basic.in: basic tests that might require a KDC. - -2007-04-16 Love Hörnquist Åstrand - - * kdc/Makefile.am: CLEANFILES += sdigest-init - -2007-04-11 Love Hörnquist Åstrand - - * ldap/slapd-init.in: Add Id tag - -2007-02-22 Love Hörnquist Åstrand - - * kdc/check-kdc.in: test new kadmin add_enctype functionallity - -2007-02-17 Love Hörnquist Åstrand - - * Makefile.am: add ldap - - * kdc/check-referral.in: add check-referral - - * kdc/Makefile.am: add check-referral - -2007-02-15 Love Hörnquist Åstrand - - * tests/ldap: simple ldap test, inspried by samba ldb ldap test - -2007-02-03 Love Hörnquist Åstrand - - * kdc/check-digest.in: Test ms-chap-v2 (client response, server - response, session key) - -2007-02-02 Love Hörnquist Åstrand - - * kdc/krb5.conf.in: allow ms-chap-v2 - -2007-02-01 Love Hörnquist Åstrand - - * kdc/check-digest.in: Negative check too. - -2007-01-18 Love Hörnquist Åstrand - - * kdc/check-uu.in: save log, wait longer - -2007-01-15 Love Hörnquist Åstrand - - * kdc/check-pkinit.in: tell me about certifiate that we have - generated - -2007-01-11 Love Hörnquist Åstrand - - * no random, no RSA/DH tests - - * plugin/Makefile.am: remove files created by tests - - * gss/Makefile.am: remove files created by tests - - * gss/Makefile.am: add ntlm-user-file.txt - -2007-01-10 Love Hörnquist Åstrand - - * kdc/ap-req.c: --verify-pac no means verify existance of PAC in - ticket, the signature checking is done by the kerberos library. - - * kdc/check-digest.in: display messages.log and help that that - tells us what went wrong. - - * plugin/windc.c: Update to validate function signature change. - - * Makefile.am: Only traverse into plugin if there is shared - library support. - -2007-01-09 Love Hörnquist Åstrand - - * kdc/check-pkinit.in: Prefix key with FILE: - -2007-01-04 Love Hörnquist Åstrand - - * plugin/Makefile.am: EXTRA_DIST += krb5.conf.in - - * plugin/check-pac.in: test explicit requested pac and explicit - negative requested pac. - - * kdc/ap-req.c: Make it possible to turn off PAC check, its - default on. - - * plugin/windc.c: Add client_access. - - * plugin/check-pac.in: Verify PAC on server end too. - - * kdc/ap-req.c: Add verification of PAC. - - * kdc/Makefile.am: Add test for pkinit with locally generated - certs. - - * kdc/check-pkinit.in: Generate a ca, kdc cert and client cert and - try to use them - - * kdc/pki-mapping: add other foo@TEST - - * kdc/krb5-pkinit.conf.in: pkinit specific krb5.conf - -2007-01-03 Love Hörnquist Åstrand - - * plugin/check-pac.in: test tgs-req - - * plugin/windc.c: log that the function is called. - - * kdc/check-digest.in: Test security layer in ntlm. - - * plugin: test WinDC PAC functionallity - - * Makefile.am: Include plugin in tests - -2006-12-28 Love Hörnquist Åstrand - - * kdc/ntlm-user-file.txt: Correct DOMAIN name - -2006-12-26 Love Hörnquist Åstrand - - * kdc/krb5.conf.in: Add digests acls (all) - -2006-12-19 Love Hörnquist Åstrand - - * gss/check-spnego.in: test wrapunwrap - - * gss/check-spnego.in: Test get and verify MIC. - - * gss/check-context.in: don't need to set GSSAPI_SPNEGO_NAME any - longer - -2006-12-18 Love Hörnquist Åstrand - - * gss/check-context.in: Define GSSAPI_SPNEGO_NAME and re-add - spnego - - * gss/check-context.in: add trap, remove allow-digest, pretty - print. - - * gss/check-gssmask.in: catch EXIT traps - - * gss/check-spnego.in: test more combination of spnego contexts - - * gss/Makefile.am: add check-spnego - - * gss/check-spnego.in: check spnego combinations. - -2006-12-16 Love Hörnquist Åstrand - - * kdc/check-digest.in: test more combinations of names - -2006-12-15 Love Hörnquist Åstrand - - * kdc/ntlm-user-file.txt: ntlm username and password file - - * kdc/check-digest.in: Check that ntlm works. - -2006-12-12 Love Hörnquist Åstrand - - * kdc/check-digest.in: prefix digest commands with digest- - -2006-11-29 Love Hörnquist Åstrand - - * kdc/check-kdc.in: Don't (afs) unlog using kdestroy - -2006-11-25 Love Hörnquist Åstrand - - * kdc/Makefile.am: Add LIB_roken and (implictly by that libvers - for print_version) to LDADD - -2006-11-23 Love Hörnquist Åstrand - - * kdc/check-kdc.in: check that the getarg -- option works for - delete and add. - - * kdc/check-kdc.in: Test proxy cert. - -2006-11-19 Love Hörnquist Åstrand - - * kdc/krb5.conf.in: revert the enable-pkinit change, and make it - consistant with all other other enable- options - -2006-11-15 Love Hörnquist Åstrand - - * gss/check-context.in: Add dce-style context building test. - - * gss/check-context.in: test more combination of context building - -2006-11-13 Love Hörnquist Åstrand - - * Use TEST{,2}.H5L.SE for testing - -2006-11-08 Love Hörnquist Åstrand - - * kdc/Makefile.am: Use EGREP. - - * kdc/check-kdc.in: Use EGREP. - -2006-10-23 Love Hörnquist Åstrand - - * kdc/check-kdc.in: run eval on the testfailed variable so we run - all commands - -2006-10-22 Love Hörnquist Åstrand - - * db/Makefile.am: make have-db being built in the "make all" - target. - - * kdc/check-kdc.in: tell more what the kdc though about the - failure. - -2006-10-21 Love Hörnquist Åstrand - - * db/add-modify-delete.in: Use EGREP. - - * db/Makefile.am: add EGREP to do_subst - -2006-10-20 Love Hörnquist Åstrand - - * gss/Makefile.am: Clean temporary files - - * db/Makefile.am: clean have-db - - * kdc/Makefile.am: Add pki-mapping to dist file. - - * kdc/Makefile.am: more files - - * db/Makefile.am: more files - -2006-10-19 Love Hörnquist Åstrand - - * gss/check-context.in: give path to have-db - - * gss/check-gssmask.in: give path to have-db - - * kdc/check-kdc.in: give path to have-db - - * kdc/check-digest.in: give path to have-db - - * gss/check-gssmask.in: If there is no useful db support compile - in, disable test - - * gss/check-context.in: Add commeted out digest check. - - * kdc/check-digest.in: If there is no useful db support compile - in, disable test - - * kdc/check-kdc.in: If there is no useful db support compile in, - disable test - - * db/loaddump-db.in: If there is no useful db support compile in, - disable test - - * db/have-db.in: Check if the kdc have any useful builtin - database. - - * kdc/check-kdc.in: Fix awk statement, put RE on the right side. - -2006-10-17 Love Hörnquist Åstrand - - * gss/check-gssmask.in: remove dup exit - - * gss/check-context.in: More name tests. - - * gss/check-context.in: test with and without dns-canon - -2006-10-14 Love Hörnquist Åstrand - - * kdc/check-kdc.in: Be more explit about what test failed. - -2006-10-13 Love Hörnquist Åstrand - - * gss/check-context.in: et KRB5CCNAME in global enviorment - -2006-10-12 Love Hörnquist Åstrand - - * gss/Makefile.am: Check if the gss context tester test_context - works ok. - - * gss/check-context.in: Check if the gss context tester - test_context works ok. - -2006-10-10 Love Hörnquist Åstrand - - * gss/check-gssmask.in: use wait-kdc.sh script - - * kdc/check-kdc.in: use wait-kdc.sh script - - * kdc/check-digest.in: use wait-kdc.sh script - - * Heimdal uses TESTS_ENVIRONMENT before every binary being tested - directly from the Makefile. This now uses the same for the - scripts, so we can run them under valgrind. From Andrew Bartlet - -2006-10-07 Love Hörnquist Åstrand - - * gss/Makefile.am: splits script tests and binary tests - - * db/Makefile.am: Add tests script depenencies - - * kdc/Makefile.am: Split script tests and binary tests - -2006-10-04 Love Hörnquist Åstrand - - * kdc/check-kdc.in: Test pkinit encKey case. - -2006-09-22 Love Hörnquist Åstrand - - * gss/check-gssmask.in: Catch failures from gssmaestro. - -2006-09-20 Love Hörnquist Åstrand - - * gss/check-gssmask.in: Add a third client - -2006-09-19 Love Hörnquist Åstrand - - * gss/check-gssmask.in: test for gssmask + gssmaestro. - - * gss/krb5.conf.in: Add krb5.conf for krb5.conf - -2006-09-18 Love Hörnquist Åstrand - - * gss/check-gss.in: Add (c) - - * kdc/check-kdc.in: Test constrained delegation impersonation. - -2006-09-16 Love Hörnquist Åstrand - - * kdc/check-kdc.in: Change the password on krbtgt a couple of - times to have a non boring kvno. - -2006-08-24 Love Hörnquist Åstrand - - * kdc/check-digest.in: Use the server as the server and set - diffrent password for the user and service. - - * kdc/check-digest.in: Set allow digest flag on the server. - - * kdc/Makefile.am: Build and run check-digest test. - - * kdc/check-digest.in: Remove channel bindings from CHAP tests, - there is no such thing for CHAP. - - * kdc/check-kdc.in: Test aes only krbtgt and des3 only service. - -2006-08-21 Love Hörnquist Åstrand - - * kdc/check-kdc.in: Remove empty lines for picky awks - -2006-07-06 Love Hörnquist Åstrand - - * kdc/check-kdc.in: Check for cross realm case where remove user - doesn't exists in the database, this is ok assuming the cross - realm isn't local. In the general case this isn't true. - -2006-06-22 Love Hörnquist Åstrand - - * kdc/check-kdc.in: run kadmin check - -2006-06-07 Love Hörnquist Åstrand - - * kdc/check-kdc.in: test that delegated cred works too - - * kdc/check-kdc.in: Test delegation - -2006-06-06 Love Hörnquist Åstrand - - * kdc/check-kdc.in: Add impersonation tests. - -2006-06-01 Love Hörnquist Åstrand - - * kdc/check-kdc.in: Less verbose, spelling. - - * kdc/check-kdc.in: test cross realm and deleted user - -2006-05-12 Love Hörnquist Åstrand - - * kdc/check-kdc.in: Check password protected pk-init keyfile. - -2006-04-30 Love Hörnquist Åstrand - - * kdc/check-kdc.in: Don't try pkinit if there is no rsa - -2006-04-29 Love Hörnquist Åstrand - - * kdc/pki-mapping: change pki-mapping - - * kdc/Makefile.am: clean the server.keytab - - * kdc/check-kdc.in: Add test for pk-init - - * kdc/krb5.conf.in: Add pkinit glue - -2006-04-28 Love Hörnquist Åstrand - - * kdc/pki-mapping: Add pk-init mapping file - -2006-04-27 Love Hörnquist Åstrand - - * kdc/check-kdc.in: Sprinkle more ap-req now that the credential - is removed from the cache using kdestroy --credential= - - * kdc/ap-req.c: check that AP_OPTS_MUTUAL_REQUIRED matches, check - seqnumber - - * kdc/Makefile.am: Build as-req. - - * kdc/check-kdc.in: Sprinkel some as-req - - * kdc/ap-req.c: simple test program checking that as ap-req/as-rep - exchange works - -2006-04-25 Love Hörnquist Åstrand - - * {,kdc/,db/}.cvsignore: ignore Makefile.in - - * kdc/check-kdc.in: Try to detect another KDC running. - - * kdc/check-kdc.in: more tests regarding doing AS-REQ and TGS-REQ - - * kdc/krb5.conf.in: krb5.conf template - - * kdc/check-kdc.in: check that the keytab have the right kvno - - * db/add-modify-delete.in: create a server too - - * kdc/check-kdc.in: check kdc too - - * db/Makefile.am: Add add-modify-delete - - * db/add-modify-delete.in: basic kadmin tests - - * Makefile.am: SUBDIRS += kdc - - * kdc/check-kdc.in: Test framework for getting and checking - tickets, start kdc on localhost:8888. - - * kdc/Makefile.am: Test framework for getting and checking - tickets. - - * db/krb5.conf.in: log all message to local file - - * db/Makefile.am: clean messages file - -2006-01-17 Love Hörnquist Åstrand - - * db/krb5.conf.in: Set [libdefaults] default_realm = EXAMPLE.ORG. - -2005-11-30 Love Hörnquist Åstrand - - * db/loaddump-db.in: Specifify explicitly that the database is in - the current directory. - -2005-08-11 Love Hörnquist Åstrand - - * test loading and dumping of the database diff --git a/crypto/heimdal/tests/Makefile.am b/crypto/heimdal/tests/Makefile.am deleted file mode 100644 index 10035f0603c2..000000000000 --- a/crypto/heimdal/tests/Makefile.am +++ /dev/null @@ -1,11 +0,0 @@ -# $Id: Makefile.am 21418 2007-07-05 13:55:37Z lha $ - -include $(top_srcdir)/Makefile.am.common - -SUBDIRS = db kdc gss ldap can java - -if ENABLE_SHARED -if HAVE_DLOPEN -SUBDIRS += plugin -endif -endif diff --git a/crypto/heimdal/tests/Makefile.in b/crypto/heimdal/tests/Makefile.in deleted file mode 100644 index 68e5ed50e213..000000000000 --- a/crypto/heimdal/tests/Makefile.in +++ /dev/null @@ -1,816 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 21418 2007-07-05 13:55:37Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common ChangeLog -@ENABLE_SHARED_TRUE@@HAVE_DLOPEN_TRUE@am__append_1 = plugin -subdir = tests -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ - html-recursive info-recursive install-data-recursive \ - install-dvi-recursive install-exec-recursive \ - install-html-recursive install-info-recursive \ - install-pdf-recursive install-ps-recursive install-recursive \ - installcheck-recursive installdirs-recursive pdf-recursive \ - ps-recursive uninstall-recursive -RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ - distclean-recursive maintainer-clean-recursive -ETAGS = etags -CTAGS = ctags -DIST_SUBDIRS = db kdc gss ldap can java plugin -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -SUBDIRS = db kdc gss ldap can java $(am__append_1) -all: all-recursive - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps tests/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps tests/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -# This directory's subdirectories are mostly independent; you can cd -# into them and run `make' without going through this Makefile. -# To change the values of `make' variables: instead of editing Makefiles, -# (1) if the variable is set in `config.status', edit `config.status' -# (which will cause the Makefiles to be regenerated when you run `make'); -# (2) otherwise, pass the desired values on the `make' command line. -$(RECURSIVE_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - target=`echo $@ | sed s/-recursive//`; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - dot_seen=yes; \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done; \ - if test "$$dot_seen" = "no"; then \ - $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ - fi; test -z "$$fail" - -$(RECURSIVE_CLEAN_TARGETS): - @failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - case "$@" in \ - distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ - *) list='$(SUBDIRS)' ;; \ - esac; \ - rev=''; for subdir in $$list; do \ - if test "$$subdir" = "."; then :; else \ - rev="$$subdir $$rev"; \ - fi; \ - done; \ - rev="$$rev ."; \ - target=`echo $@ | sed s/-recursive//`; \ - for subdir in $$rev; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done && test -z "$$fail" -tags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ - done -ctags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ - include_option=--etags-include; \ - empty_fix=.; \ - else \ - include_option=--include; \ - empty_fix=; \ - fi; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test ! -f $$subdir/TAGS || \ - tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \ - fi; \ - done; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" = .; then :; else \ - test -d "$(distdir)/$$subdir" \ - || $(MKDIR_P) "$(distdir)/$$subdir" \ - || exit 1; \ - distdir=`$(am__cd) $(distdir) && pwd`; \ - top_distdir=`$(am__cd) $(top_distdir) && pwd`; \ - (cd $$subdir && \ - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$$top_distdir" \ - distdir="$$distdir/$$subdir" \ - am__remove_distdir=: \ - am__skip_length_check=: \ - distdir) \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-recursive -all-am: Makefile all-local -installdirs: installdirs-recursive -installdirs-am: -install: install-recursive -install-exec: install-exec-recursive -install-data: install-data-recursive -uninstall: uninstall-recursive - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-recursive -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-recursive - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-recursive - -rm -f Makefile -distclean-am: clean-am distclean-generic distclean-tags - -dvi: dvi-recursive - -dvi-am: - -html: html-recursive - -info: info-recursive - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-recursive - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-recursive - -install-info: install-info-recursive - -install-man: - -install-pdf: install-pdf-recursive - -install-ps: install-ps-recursive - -installcheck-am: - -maintainer-clean: maintainer-clean-recursive - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-recursive - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-recursive - -pdf-am: - -ps: ps-recursive - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \ - install-data-am install-exec-am install-strip uninstall-am - -.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ - all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool ctags ctags-recursive dist-hook \ - distclean distclean-generic distclean-libtool distclean-tags \ - distdir dvi dvi-am html html-am info info-am install \ - install-am install-data install-data-am install-data-hook \ - install-dvi install-dvi-am install-exec install-exec-am \ - install-exec-hook install-html install-html-am install-info \ - install-info-am install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs installdirs-am maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags tags-recursive \ - uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/tests/can/Makefile.am b/crypto/heimdal/tests/can/Makefile.am deleted file mode 100644 index 124074f07411..000000000000 --- a/crypto/heimdal/tests/can/Makefile.am +++ /dev/null @@ -1,56 +0,0 @@ -# $Id: Makefile.am 21017 2007-06-08 05:36:30Z lha $ - -include $(top_srcdir)/Makefile.am.common - -noinst_DATA = krb5.conf mit-pkinit-20070607.cf - -check_SCRIPTS = $(SCRIPT_TESTS) test_can - -SCRIPT_TESTS = check-can -TESTS = $(SCRIPT_TESTS) - -port = 49188 - -do_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ - -e 's,[@]port[@],$(port),g' \ - -e 's,[@]objdir[@],$(top_builddir)/tests/can,g' \ - -e 's,[@]EGREP[@],$(EGREP),g' - -test_can: test_can.in Makefile - $(do_subst) < $(srcdir)/test_can.in > test_can.tmp - chmod +x test_can.tmp - mv test_can.tmp test_can - -check-can: check-can.in Makefile - $(do_subst) < $(srcdir)/check-can.in > check-can.tmp - chmod +x check-can.tmp - mv check-can.tmp check-can - -krb5.conf: krb5.conf.in Makefile - $(do_subst) < $(srcdir)/krb5.conf.in > krb5.conf.tmp - mv krb5.conf.tmp krb5.conf - -SUFFIXES += .xf .cf - -.xf.cf: - $(do_subst) < $< > $@.tmp - mv $@.tmp $@ - -CLEANFILES= $(TESTS) *.tmp *.cf \ - current-db* \ - krb5.conf \ - messages.log \ - test_can - -EXTRA_DIST = \ - apple-10.4.kadm \ - apple-10.4.req \ - check-can.in \ - heim-0.8.kadm \ - heim-0.8.req \ - krb5.conf.in \ - mit-pkinit-20070607.ca.crt \ - mit-pkinit-20070607.kadm \ - mit-pkinit-20070607.req \ - mit-pkinit-20070607.xf \ - test_can.in diff --git a/crypto/heimdal/tests/can/Makefile.in b/crypto/heimdal/tests/can/Makefile.in deleted file mode 100644 index 39cd641ab05d..000000000000 --- a/crypto/heimdal/tests/can/Makefile.in +++ /dev/null @@ -1,781 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 21017 2007-06-08 05:36:30Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = tests/can -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -DATA = $(noinst_DATA) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .xf .cf -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -noinst_DATA = krb5.conf mit-pkinit-20070607.cf -check_SCRIPTS = $(SCRIPT_TESTS) test_can -SCRIPT_TESTS = check-can -TESTS = $(SCRIPT_TESTS) -port = 49188 -do_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ - -e 's,[@]port[@],$(port),g' \ - -e 's,[@]objdir[@],$(top_builddir)/tests/can,g' \ - -e 's,[@]EGREP[@],$(EGREP),g' - -CLEANFILES = $(TESTS) *.tmp *.cf \ - current-db* \ - krb5.conf \ - messages.log \ - test_can - -EXTRA_DIST = \ - apple-10.4.kadm \ - apple-10.4.req \ - check-can.in \ - heim-0.8.kadm \ - heim-0.8.req \ - krb5.conf.in \ - mit-pkinit-20070607.ca.crt \ - mit-pkinit-20070607.kadm \ - mit-pkinit-20070607.req \ - mit-pkinit-20070607.xf \ - test_can.in - -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .xf .cf .c -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps tests/can/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps tests/can/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -tags: TAGS -TAGS: - -ctags: CTAGS -CTAGS: - - -check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ - srcdir=$(srcdir); export srcdir; \ - list=' $(TESTS) '; \ - if test -n "$$list"; then \ - for tst in $$list; do \ - if test -f ./$$tst; then dir=./; \ - elif test -f $$tst; then dir=; \ - else dir="$(srcdir)/"; fi; \ - if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xpass=`expr $$xpass + 1`; \ - failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ - ;; \ - *) \ - echo "PASS: $$tst"; \ - ;; \ - esac; \ - elif test $$? -ne 77; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ - ;; \ - *) \ - failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ - ;; \ - esac; \ - else \ - skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ - fi; \ - else \ - if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ - else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ - fi; \ - fi; \ - dashes="$$banner"; \ - skipped=""; \ - if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ - test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$skipped"; \ - fi; \ - report=""; \ - if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ - report="Please report to $(PACKAGE_BUGREPORT)"; \ - test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$report"; \ - fi; \ - dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - test -z "$$skipped" || echo "$$skipped"; \ - test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0; \ - else :; fi - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) $(check_SCRIPTS) - $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local -check: check-am -all-am: Makefile $(DATA) all-local -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: all all-am all-local check check-TESTS check-am check-local \ - clean clean-generic clean-libtool dist-hook distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -test_can: test_can.in Makefile - $(do_subst) < $(srcdir)/test_can.in > test_can.tmp - chmod +x test_can.tmp - mv test_can.tmp test_can - -check-can: check-can.in Makefile - $(do_subst) < $(srcdir)/check-can.in > check-can.tmp - chmod +x check-can.tmp - mv check-can.tmp check-can - -krb5.conf: krb5.conf.in Makefile - $(do_subst) < $(srcdir)/krb5.conf.in > krb5.conf.tmp - mv krb5.conf.tmp krb5.conf - -.xf.cf: - $(do_subst) < $< > $@.tmp - mv $@.tmp $@ -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/tests/can/apple-10.4.kadm b/crypto/heimdal/tests/can/apple-10.4.kadm deleted file mode 100644 index a10904b04146..000000000000 --- a/crypto/heimdal/tests/can/apple-10.4.kadm +++ /dev/null @@ -1,4 +0,0 @@ -init --realm-max-ticket-life=1day --realm-max-renewable-life=1month TEST.H5L.SE -cpw -p kaka krbtgt/TEST.H5L.SE@TEST.H5L.SE -add -p foo --use-defaults foo@TEST.H5L.SE -add -p foo --use-defaults bar@TEST.H5L.SE diff --git a/crypto/heimdal/tests/can/apple-10.4.req b/crypto/heimdal/tests/can/apple-10.4.req deleted file mode 100644 index 7acc80b369d1..000000000000 Binary files a/crypto/heimdal/tests/can/apple-10.4.req and /dev/null differ diff --git a/crypto/heimdal/tests/can/check-can.in b/crypto/heimdal/tests/can/check-can.in deleted file mode 100644 index e5f3d71c7193..000000000000 --- a/crypto/heimdal/tests/can/check-can.in +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: check-can.in 21033 2007-06-09 14:49:35Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" - -# If there is no useful db support compile in, disable test -../db/have-db || exit 77 - -./test_can TEST.H5L.SE heim-0.8 || exit 1 -./test_can TEST.H5L.SE apple-10.4 || exit 1 -./test_can HEIMDAL.CITI.UMICH.EDU mit-pkinit-20070607 || exit 1 - -exit 0 diff --git a/crypto/heimdal/tests/can/heim-0.8.kadm b/crypto/heimdal/tests/can/heim-0.8.kadm deleted file mode 100644 index a10904b04146..000000000000 --- a/crypto/heimdal/tests/can/heim-0.8.kadm +++ /dev/null @@ -1,4 +0,0 @@ -init --realm-max-ticket-life=1day --realm-max-renewable-life=1month TEST.H5L.SE -cpw -p kaka krbtgt/TEST.H5L.SE@TEST.H5L.SE -add -p foo --use-defaults foo@TEST.H5L.SE -add -p foo --use-defaults bar@TEST.H5L.SE diff --git a/crypto/heimdal/tests/can/heim-0.8.req b/crypto/heimdal/tests/can/heim-0.8.req deleted file mode 100644 index 43b3a68350bc..000000000000 Binary files a/crypto/heimdal/tests/can/heim-0.8.req and /dev/null differ diff --git a/crypto/heimdal/tests/can/krb5.conf.in b/crypto/heimdal/tests/can/krb5.conf.in deleted file mode 100644 index e8aa7e7e138a..000000000000 --- a/crypto/heimdal/tests/can/krb5.conf.in +++ /dev/null @@ -1,24 +0,0 @@ -# $Id: krb5.conf.in 20965 2007-06-07 06:03:29Z lha $ - -[libdefaults] - default_realm = TEST.H5L.SE - no-addresses = TRUE - -[appdefaults] - pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt - -[realms] - TEST.H5L.SE = { - kdc = localhost:@port@ - } - -[kdc] - database = { - dbname = @objdir@/current-db - realm = TEST.H5L.SE - mkey_file = @objdir@/mkey.file - } - -[logging] - kdc = 0-/FILE:@objdir@/messages.log - default = 0-/FILE:@objdir@/messages.log diff --git a/crypto/heimdal/tests/can/mit-pkinit-20070607.ca.crt b/crypto/heimdal/tests/can/mit-pkinit-20070607.ca.crt deleted file mode 100644 index 5874788d7fa6..000000000000 --- a/crypto/heimdal/tests/can/mit-pkinit-20070607.ca.crt +++ /dev/null @@ -1,23 +0,0 @@ ------BEGIN CERTIFICATE----- -MIID4zCCAsugAwIBAgICNOswDQYJKoZIhvcNAQEFBQAwczELMAkGA1UEBhMCVVMx -ETAPBgNVBAgTCE1pY2hpZ2FuMRIwEAYDVQQHEwlBbm4gQXJib3IxHzAdBgNVBAoT -FlVuaXZlcnNpdHkgb2YgTWljaGlnYW4xHDAaBgNVBAMTE0NJVEkgUHJvZHVjdGlv -biBLQ0EwHhcNMDYxMDEzMTYxNTIyWhcNMTYxMDEyMTYxNTIyWjBzMQswCQYDVQQG -EwJVUzERMA8GA1UECBMITWljaGlnYW4xEjAQBgNVBAcTCUFubiBBcmJvcjEfMB0G -A1UEChMWVW5pdmVyc2l0eSBvZiBNaWNoaWdhbjEcMBoGA1UEAxMTQ0lUSSBQcm9k -dWN0aW9uIEtDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM85fWVD -rneI9CM9NvpSw1PO571/8RhBiY1p0hMFi9ppD4Xaztswz0nrCEpuAhtXUxF+H6CS -aAXFLiY/SQhj3JGpVw3yPE2CeGtmcMjDDxOW5Raw0XwbK/BdgYFg/AU5FH7RtOV7 -pnhBlk5oJt0VJyJs+NNw4+V2IqODRvX88AR6dDAd8TpbZJEdgoGU+LHaC6cha6WU -p6nmjVx0TLUvIa16NFZGs44bNIIt7cI6zil/dM76881APTbYcB8hGqQJiphqX6ff -HI3uiHclK2rOZufRqhn0NJNWDCrK55PXQX67UmKBLqAsoFSJDPD+cBIUXtVeFLGs -uJYK8F9FaN3r9XsCAwEAAaOBgDB+MA8GA1UdEwQIMAYBAf8CAQAwEQYJYIZIAYb4 -QgEBBAQDAgAHMAsGA1UdDwQEAwIBhjAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBH -ZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFGXMLAou01gvxxcJc+Tvat/T -QHwwMA0GCSqGSIb3DQEBBQUAA4IBAQC99gg/E230FPGmDaP4YecmtSSGOnD+jJ+A -sPcJKaeS3dOGDTngKCzzQZ4nl7LYRSj5DWZTTrlrKfbc6GiUE0n/K/+GBvL/kjOV -qZsyGNfepscVe6mPz43NoNztf/1j+0QQcioHHHtAq/YFPBp1VdYsOsB+IE+g8RVi -EDjsvmR/++s9zX5fGuVvN7RNwLFrxfqcPFZCUG8pkIHbBPRhRV/aOKHGMcThNrtC -9cZ8xaDwhP0fdSUVESGFj+MMQCAp8YZvypJuHTYX7Ng4OMdCOPPg4Kk1ycOGAcYe -o/m7ICx1md6Va9zEfwqmrXVxGaT0I23lI9H9sv+ugvZ3v5iedhO/ ------END CERTIFICATE----- diff --git a/crypto/heimdal/tests/can/mit-pkinit-20070607.kadm b/crypto/heimdal/tests/can/mit-pkinit-20070607.kadm deleted file mode 100644 index 6a23c67a928c..000000000000 --- a/crypto/heimdal/tests/can/mit-pkinit-20070607.kadm +++ /dev/null @@ -1,3 +0,0 @@ -init --realm-max-ticket-life=1day --realm-max-renewable-life=1month HEIMDAL.CITI.UMICH.EDU -cpw -p kaka krbtgt/HEIMDAL.CITI.UMICH.EDU@HEIMDAL.CITI.UMICH.EDU -add -p foo --use-defaults aglo@HEIMDAL.CITI.UMICH.EDU diff --git a/crypto/heimdal/tests/can/mit-pkinit-20070607.req b/crypto/heimdal/tests/can/mit-pkinit-20070607.req deleted file mode 100644 index 652bbcfff629..000000000000 Binary files a/crypto/heimdal/tests/can/mit-pkinit-20070607.req and /dev/null differ diff --git a/crypto/heimdal/tests/can/mit-pkinit-20070607.xf b/crypto/heimdal/tests/can/mit-pkinit-20070607.xf deleted file mode 100644 index bcb74083d5f0..000000000000 --- a/crypto/heimdal/tests/can/mit-pkinit-20070607.xf +++ /dev/null @@ -1,28 +0,0 @@ -# $Id: mit-pkinit-20070607.xf 20992 2007-06-07 21:46:13Z lha $ - -[libdefaults] - default_realm = HEIMDAL.CITI.UMICH.EDU - no-addresses = TRUE - -[appdefaults] - pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt - -[realms] - TEST.H5L.SE = { - kdc = localhost:@port@ - } - -[kdc] - enable-pkinit = yes - pkinit_identity = FILE:@srcdir@/../../lib/hx509/data/kdc.crt,@srcdir@/../../lib/hx509/data/kdc.key - pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt,@srcdir@/mit-pkinit-20070607.ca.crt - - database = { - dbname = @objdir@/current-db - realm = HEIMDAL.CITI.UMICH.EDU - mkey_file = @objdir@/mkey.file - } - -[logging] - kdc = 0-/FILE:@objdir@/messages.log - default = 0-/FILE:@objdir@/messages.log diff --git a/crypto/heimdal/tests/can/test_can.in b/crypto/heimdal/tests/can/test_can.in deleted file mode 100644 index a59215734089..000000000000 --- a/crypto/heimdal/tests/can/test_can.in +++ /dev/null @@ -1,79 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: test_can.in 21164 2007-06-19 00:04:43Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" -EGREP="@EGREP@" - -R=$1 -tst=$2 - -if [ ! -f ${srcdir}/${tst}.req ] ; then - echo "${tst}.req missing" -fi -if [ ! -f ${srcdir}/${tst}.kadm ] ; then - echo "${tst}.kadm missing" -fi - -port=@port@ - -kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -l -r $R" -replay="${TESTS_ENVIRONMENT} ../../kdc/kdc-replay" - -if [ -f ${objdir}/${tst}.cf ]; then - KRB5_CONFIG="${objdir}/${tst}.cf" -else - KRB5_CONFIG="${objdir}/krb5.conf" -fi -export KRB5_CONFIG - -rm -f ${keytabfile} -rm -f current-db* -rm -f out-* -rm -f mkey.file* - -echo "Load database for ${tst}" -while read x ; do - ${kadmin} $x || exit 1 -done < ${srcdir}/${tst}.kadm || exit 1 - -echo "Doing database check" -${kadmin} check ${R} || exit 1 - -> messages.log -${replay} ${srcdir}/${tst}.req || { cat messages.log ; exit 1; } - -exit 0 diff --git a/crypto/heimdal/tests/db/Makefile.am b/crypto/heimdal/tests/db/Makefile.am deleted file mode 100644 index 8e519d348348..000000000000 --- a/crypto/heimdal/tests/db/Makefile.am +++ /dev/null @@ -1,66 +0,0 @@ -# $Id: Makefile.am 20599 2007-05-08 02:48:22Z lha $ - -include $(top_srcdir)/Makefile.am.common - -noinst_DATA = krb5.conf - -noinst_SCRIPTS = have-db - -check_SCRIPTS = loaddump-db add-modify-delete check-dbinfo - -TESTS = $(check_SCRIPTS) - -do_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ - -e 's,[@]objdir[@],$(top_builddir)/tests/db,g' \ - -e 's,[@]EGREP[@],$(EGREP),g' - -loaddump-db: loaddump-db.in Makefile - $(do_subst) < $(srcdir)/loaddump-db.in > loaddump-db.tmp - chmod +x loaddump-db.tmp - mv loaddump-db.tmp loaddump-db - -add-modify-delete: add-modify-delete.in Makefile - $(do_subst) < $(srcdir)/add-modify-delete.in > add-modify-delete.tmp - chmod +x add-modify-delete.tmp - mv add-modify-delete.tmp add-modify-delete - -check-dbinfo: check-dbinfo.in Makefile - $(do_subst) < $(srcdir)/check-dbinfo.in > check-dbinfo.tmp - chmod +x check-dbinfo.tmp - mv check-dbinfo.tmp check-dbinfo - -have-db: have-db.in Makefile - $(do_subst) < $(srcdir)/have-db.in > have-db.tmp - chmod +x have-db.tmp - mv have-db.tmp have-db - -krb5.conf: krb5.conf.in Makefile - $(do_subst) < $(srcdir)/krb5.conf.in > krb5.conf.tmp - mv krb5.conf.tmp krb5.conf - - -CLEANFILES= \ - $(TESTS) \ - have-db \ - db-dump* \ - dbinfo.out \ - current-db* \ - out-text-dump* \ - out-current-* \ - mkey.file* \ - krb5.conf krb5.conf.tmp \ - tempfile \ - log.current-db* \ - messages.log - -EXTRA_DIST = \ - check-dbinfo.in \ - loaddump-db.in \ - add-modify-delete.in \ - have-db.in \ - krb5.conf.in \ - text-dump-0.7 \ - text-dump-known-ext \ - text-dump-no-ext \ - text-dump-unknown-ext - diff --git a/crypto/heimdal/tests/db/Makefile.in b/crypto/heimdal/tests/db/Makefile.in deleted file mode 100644 index 8616bab7b1cd..000000000000 --- a/crypto/heimdal/tests/db/Makefile.in +++ /dev/null @@ -1,793 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 20599 2007-05-08 02:48:22Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = tests/db -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -SCRIPTS = $(noinst_SCRIPTS) -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -DATA = $(noinst_DATA) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -noinst_DATA = krb5.conf -noinst_SCRIPTS = have-db -check_SCRIPTS = loaddump-db add-modify-delete check-dbinfo -TESTS = $(check_SCRIPTS) -do_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ - -e 's,[@]objdir[@],$(top_builddir)/tests/db,g' \ - -e 's,[@]EGREP[@],$(EGREP),g' - -CLEANFILES = \ - $(TESTS) \ - have-db \ - db-dump* \ - dbinfo.out \ - current-db* \ - out-text-dump* \ - out-current-* \ - mkey.file* \ - krb5.conf krb5.conf.tmp \ - tempfile \ - log.current-db* \ - messages.log - -EXTRA_DIST = \ - check-dbinfo.in \ - loaddump-db.in \ - add-modify-delete.in \ - have-db.in \ - krb5.conf.in \ - text-dump-0.7 \ - text-dump-known-ext \ - text-dump-no-ext \ - text-dump-unknown-ext - -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps tests/db/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps tests/db/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -tags: TAGS -TAGS: - -ctags: CTAGS -CTAGS: - - -check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ - srcdir=$(srcdir); export srcdir; \ - list=' $(TESTS) '; \ - if test -n "$$list"; then \ - for tst in $$list; do \ - if test -f ./$$tst; then dir=./; \ - elif test -f $$tst; then dir=; \ - else dir="$(srcdir)/"; fi; \ - if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xpass=`expr $$xpass + 1`; \ - failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ - ;; \ - *) \ - echo "PASS: $$tst"; \ - ;; \ - esac; \ - elif test $$? -ne 77; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ - ;; \ - *) \ - failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ - ;; \ - esac; \ - else \ - skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ - fi; \ - else \ - if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ - else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ - fi; \ - fi; \ - dashes="$$banner"; \ - skipped=""; \ - if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ - test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$skipped"; \ - fi; \ - report=""; \ - if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ - report="Please report to $(PACKAGE_BUGREPORT)"; \ - test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$report"; \ - fi; \ - dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - test -z "$$skipped" || echo "$$skipped"; \ - test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0; \ - else :; fi - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) $(check_SCRIPTS) - $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local -check: check-am -all-am: Makefile $(SCRIPTS) $(DATA) all-local -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: all all-am all-local check check-TESTS check-am check-local \ - clean clean-generic clean-libtool dist-hook distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -loaddump-db: loaddump-db.in Makefile - $(do_subst) < $(srcdir)/loaddump-db.in > loaddump-db.tmp - chmod +x loaddump-db.tmp - mv loaddump-db.tmp loaddump-db - -add-modify-delete: add-modify-delete.in Makefile - $(do_subst) < $(srcdir)/add-modify-delete.in > add-modify-delete.tmp - chmod +x add-modify-delete.tmp - mv add-modify-delete.tmp add-modify-delete - -check-dbinfo: check-dbinfo.in Makefile - $(do_subst) < $(srcdir)/check-dbinfo.in > check-dbinfo.tmp - chmod +x check-dbinfo.tmp - mv check-dbinfo.tmp check-dbinfo - -have-db: have-db.in Makefile - $(do_subst) < $(srcdir)/have-db.in > have-db.tmp - chmod +x have-db.tmp - mv have-db.tmp have-db - -krb5.conf: krb5.conf.in Makefile - $(do_subst) < $(srcdir)/krb5.conf.in > krb5.conf.tmp - mv krb5.conf.tmp krb5.conf -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/tests/db/add-modify-delete.in b/crypto/heimdal/tests/db/add-modify-delete.in deleted file mode 100644 index b05a698149e0..000000000000 --- a/crypto/heimdal/tests/db/add-modify-delete.in +++ /dev/null @@ -1,137 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: add-modify-delete.in 20606 2007-05-08 06:28:09Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" -EGREP="@EGREP@" - -# If there is no useful db support compile in, disable test -./have-db || exit 77 - -R=EXAMPLE.ORG - -kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -l -r $R" -iproplog="${TESTS_ENVIRONMENT} ../../lib/kadm5/iprop-log" - -KRB5_CONFIG="${objdir}/krb5.conf" -export KRB5_CONFIG - -rm -f current-db* -rm -f log.current-db* -rm -f out-* -rm -f mkey.file* - -echo init database -${kadmin} \ - init \ - --realm-max-ticket-life=1day \ - --realm-max-renewable-life=1month \ - EXAMPLE.ORG || exit 1 - -echo test add -${kadmin} add -r --use-defaults foo || exit 1 -${kadmin} list '*' > /dev/null || exit 1 -${kadmin} list '*' | ${EGREP} '^foo$' > /dev/null || exit 1 - -echo "test add (double)" -${kadmin} add -r --use-defaults foo 2>/dev/null && exit 1 - -echo test rename -${kadmin} rename foo bar -${kadmin} list '*' | ${EGREP} '^foo$' > /dev/null && exit 1 -${kadmin} list '*' | ${EGREP} '^bar$' > /dev/null || exit 1 - -echo test delete -${kadmin} delete bar || exit 1 -${kadmin} list '*' | ${EGREP} '^bar$' > /dev/null && exit 1 - -echo "test delete (double)" -${kadmin} delete bar 2> /dev/null && exit 1 - -echo "creating sample user" -${kadmin} add -r --use-defaults foo || exit 1 -${kadmin} get foo > tempfile || exit 1 -echo checking principal -${EGREP} " *Principal: foo@EXAMPLE.ORG$" tempfile > /dev/null || exit 1 -echo checking kvno -${EGREP} " *Kvno: 1$" tempfile > /dev/null || exit 1 -echo checking failed login count -${EGREP} " *Failed login count: 0$" tempfile > /dev/null || exit 1 -echo checking modifier -${EGREP} " *Modifier: kadmin/admin@EXAMPLE.ORG$" tempfile > /dev/null || exit 1 -echo checking attributes -${EGREP} " *Attributes: $" tempfile > /dev/null || exit 1 -echo checking renew time -${EGREP} " *Max renewable life: 1 week$" tempfile > /dev/null || exit 1 - -echo modifing renewable-life -${kadmin} modify --max-renewable-life=2months foo -echo checking renew time -${kadmin} get foo > tempfile || exit 1 -${EGREP} " *Max renewable life: 2 months$" tempfile > /dev/null || exit 1 - -echo "creating sample server" -${kadmin} add -r --use-defaults host/datan.example.org || exit 1 -${kadmin} get host/datan.example.org > tempfile || exit 1 -echo checking principal -${EGREP} " *Principal: host/datan.example.org@EXAMPLE.ORG$" tempfile > /dev/null || exit 1 -echo checking kvno -${EGREP} " *Kvno: 1$" tempfile > /dev/null || exit 1 - -echo "iprop-log dump" -${iproplog} dump > /dev/null || exit 1 -echo "iprop-log last-version" -${iproplog} last-version > /dev/null || exit 1 - -echo "check iprop replay" - -${kadmin} dump out-current-db || exit 1 -sort out-current-db > out-current-db-sort - -rm -f current-db* - -echo "replaying" -${iproplog} replay > /dev/null || exit 1 - -${kadmin} dump out-current-db2 || exit 1 -sort out-current-db2 > out-current-db2-sort - -# XXX database should really be the same afterward... :( -# cmp out-current-db-sort out-current-db2-sort || exit 1 - - - -exit 0 diff --git a/crypto/heimdal/tests/db/check-dbinfo.in b/crypto/heimdal/tests/db/check-dbinfo.in deleted file mode 100644 index 718806045d24..000000000000 --- a/crypto/heimdal/tests/db/check-dbinfo.in +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: check-dbinfo.in 20537 2007-04-23 08:00:04Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" - -KRB5_CONFIG="${objdir}/krb5.conf" -export KRB5_CONFIG - -../../lib/hdb/test_dbinfo > dbinfo.out || exit 1 - -exit 0 diff --git a/crypto/heimdal/tests/db/have-db.in b/crypto/heimdal/tests/db/have-db.in deleted file mode 100644 index a6c373d92af6..000000000000 --- a/crypto/heimdal/tests/db/have-db.in +++ /dev/null @@ -1,60 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: have-db.in 18579 2006-10-19 06:51:48Z lha $ -# - -srcdir="@srcdir@" -base=`dirname "$0"` - -kdc="${base}/../../kdc/kdc" - -list=`${kdc} --builtin-hdb | sed 's/^builtin hdb backends: //'` -oldIFS="$IFS" -IPS=, -set - ${list} -IFS="$oldIFS" - -while [ $# != 0 ] ; do - case $1 in - db:*) exit 0 ;; - ndbm:*) exit 0 ;; - gdbm:*) exit 0 ;; - db4:*) exit 0 ;; - db3:*) exit 0 ;; - ldb:*) exit 0 ;; - esac - shift -done - -exit 1 \ No newline at end of file diff --git a/crypto/heimdal/tests/db/krb5.conf.in b/crypto/heimdal/tests/db/krb5.conf.in deleted file mode 100644 index 446db316cf3e..000000000000 --- a/crypto/heimdal/tests/db/krb5.conf.in +++ /dev/null @@ -1,28 +0,0 @@ -[libdefaults] - default_realm = EXAMPLE.ORG - -[realms] - EXAMPLE.ORG = { - kdc = localhost - } - -[kdc] - database = { - label = { - realm = LABEL.TEST.H5L.SE - dbname = @objdir@/label-db - mkey_file = @objdir@/mkey.file - } - label2 = { - dbname = @objdir@/lable2-db - realm = LABEL2.TEST.H5L.SE - mkey_file = @objdir@/mkey2.file - } - dbname = @objdir@/current-db - realm = EXAMPLE.ORG - mkey_file = @objdir@/mkey.file - log_file = @objdir@/log.current-db.log - } - -[logging] - default = 0-/FILE:@objdir@/messages.log diff --git a/crypto/heimdal/tests/db/loaddump-db.in b/crypto/heimdal/tests/db/loaddump-db.in deleted file mode 100644 index 1116e956b9ea..000000000000 --- a/crypto/heimdal/tests/db/loaddump-db.in +++ /dev/null @@ -1,132 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2005 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: loaddump-db.in 20500 2007-04-21 21:48:17Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" - -# If there is no useful db support compile in, disable test -./have-db || exit 77 - -R=EXAMPLE.ORG - -kadmin="../../kadmin/kadmin -l -r $R" -kstash="../../kdc/kstash" -hprop="../../kdc/hprop" -hpropd="../../kdc/hpropd" - -propdb="${hprop} --database=./current-db -n" -propddb="${hpropd} --database=./current-db -n" - - -KRB5_CONFIG="${objdir}/krb5.conf" -export KRB5_CONFIG - -rm -f current-db* -rm -f out-* -rm -f mkey.file* - -${kadmin} \ - init \ - --realm-max-ticket-life=1day \ - --realm-max-renewable-life=1month \ - EXAMPLE.ORG || exit 1 - -# check that we can dump and load ourself -${kadmin} dump out-current-db || exit 1 -sort out-current-db > out-current-db-sort -${kadmin} load out-current-db || exit 1 -${kadmin} dump out-current-db2 || exit 1 -sort out-current-db2 > out-current-db2-sort -cmp out-current-db-sort out-current-db2-sort || exit 1 - -rm -f current-db* - -# check with no extentions -${kadmin} load ${srcdir}/text-dump-0.7 || exit 1 -${propdb} > db-dump.tmp|| exit 1 -rm -f current-db* -${propddb} < db-dump.tmp || exit 1 -${kadmin} dump | sort | sed 's/[0-9]* -$//' > out-text-dump-0.7 || exit 1 -sort < ${srcdir}/text-dump-0.7 | \ - sed 's/[0-9]*$//' > out-text-dump-0.7-orig || exit 1 -cmp out-text-dump-0.7-orig out-text-dump-0.7 || exit 1 - -# check with no extentions -${kadmin} load ${srcdir}/text-dump-no-ext || exit 1 -${propdb} > db-dump.tmp || exit 1 -${propddb} < db-dump.tmp || exit 1 -${kadmin} dump | sort | \ - awk '{$11=""; print;}' > out-text-dump-no-ext || exit 1 -sort < ${srcdir}/text-dump-no-ext | \ - awk '{$11=""; print;}' > out-text-dump-no-ext-orig || exit 1 -cmp out-text-dump-no-ext-orig out-text-dump-no-ext || exit 1 - -# check with known extentions -${kadmin} load ${srcdir}/text-dump-known-ext || exit 1 -${propdb} > db-dump.tmp || exit 1 -${propddb} < db-dump.tmp || exit 1 -${kadmin} dump | sort | \ - awk '{$11=""; print;}' > out-text-dump-known-ext || exit 1 -sort < ${srcdir}/text-dump-known-ext | \ - awk '{$11=""; print;}' > out-text-dump-known-ext-orig || exit 1 -cmp out-text-dump-known-ext-orig out-text-dump-known-ext || exit 1 - -# check with unknown extentions -${kadmin} load ${srcdir}/text-dump-unknown-ext || exit 1 -${propdb} > db-dump.tmp || exit 1 -${propddb} < db-dump.tmp || exit 1 -${kadmin} dump | sort | \ - awk '{$11=""; print;}' > out-text-dump-unknown-ext || exit 1 -sort < ${srcdir}/text-dump-unknown-ext | \ - awk '{$11=""; print;}' > out-text-dump-unknown-ext-orig || exit 1 -cmp out-text-dump-unknown-ext-orig out-text-dump-unknown-ext || exit 1 - -${kstash} -e aes256-cts-hmac-sha1-96 --random-key -k ./mkey.file >/dev/null 2>/dev/null || exit 1 - -# remove masterkey -${kadmin} load ${srcdir}/text-dump-0.7 || exit 1 -${propdb} > db-dump.tmp|| exit 1 -${propddb} < db-dump.tmp || exit 1 -${propdb} -m mkey.file -D > db-dump.tmp || exit 1 -mv mkey.file mkey.file.no || exit 1 -${propddb} < db-dump.tmp || exit 1 -${kadmin} dump | sort | \ - awk '{$11=""; print;}' > out-text-dump-0.7 || exit 1 -sort < ${srcdir}/text-dump-unknown-ext | \ - awk '{$11=""; print;}' > out-text-dump-0.7-orig || exit 1 -cmp out-text-dump-0.7 out-text-dump-0.7-orig || exit 1 - -exit 0 diff --git a/crypto/heimdal/tests/db/text-dump-0.7 b/crypto/heimdal/tests/db/text-dump-0.7 deleted file mode 100644 index 4aff11dde71c..000000000000 --- a/crypto/heimdal/tests/db/text-dump-0.7 +++ /dev/null @@ -1,7 +0,0 @@ -changepw/kerberos@EXAMPLE.ORG 1::3:2376E6A4C1D5456D:-::2:2376E6A4C1D5456D:-::1:2376E6A4C1D5456D:-::18:39C3D293A6B0CEE734C7874764A8B5449F348AC00A6EA94F7451D07BE31EF239:-::16:108373F74F105875DCCE866B160886C7BC6780E526D0DAEA:-::23:D279B73431AA349F63594EA800397195:- 20050728203748:kadmin/admin@EXAMPLE.ORG 20050728203748:kadmin/admin@EXAMPLE.ORG - - - 3600 3600 639 20050728203748:743456:2 -default@EXAMPLE.ORG 0::3:3B2A671585E93D6B:3/"EXAMPLE.ORGdefault"::2:3B2A671585E93D6B:3/"EXAMPLE.ORGdefault"::1:3B2A671585E93D6B:3/"EXAMPLE.ORGdefault"::18:AF401411D3F29C204611A9BA1EF54AEDEC43A01B0123C57B994B2EE104E7F127:3/"EXAMPLE.ORGdefault"::16:02401CAD7A92760E464025760BCD3BE5DF616DD5A798C719:3/"EXAMPLE.ORGdefault"::23:31D6CFE0D16AE931B73C59D7E0C089C0:3/"EXAMPLE.ORGdefault" 20050728203748:kadmin/admin@EXAMPLE.ORG - - - - 86400 604800 254 20050728203748:863727:0 -kadmin/admin@EXAMPLE.ORG 1::3:2FCD23DCC2C726CE:-::2:2FCD23DCC2C726CE:-::1:2FCD23DCC2C726CE:-::18:1675F5E5BAD61428DE51F7C8EDCD53F23426D90F4F0BB4F9C73514D317E0482A:-::16:C79D6B0879B6ABADCE4A9B436B5B4A4F792679CDBC7F5D10:-::23:265C712FED225A85567BAF8CD9A4C4ED:- 20050728203748:kadmin/admin@EXAMPLE.ORG 20050728203748:kadmin/admin@EXAMPLE.ORG - - - 3600 3600 382 20050728203748:682995:2 -kadmin/changepw@EXAMPLE.ORG 1::3:57A132CB9D7F4F37:-::2:57A132CB9D7F4F37:-::1:57A132CB9D7F4F37:-::18:B8252C9E3EC99969053631C238BBF88A0AAA082A8F1C4ED8D1729170C79519B8:-::16:10CE89987A1FD0986E6D836DB3F473E04C648C34F17CBCE3:-::23:A6D2BCA6F54B1C1AA5E875F116EEDE82:- 20050728203748:kadmin/admin@EXAMPLE.ORG 20050728203748:kadmin/admin@EXAMPLE.ORG - - - 300 300 867 20050728203748:623022:2 -kadmin/hprop@EXAMPLE.ORG 1::3:76DC5751EFE52931:-::2:76DC5751EFE52931:-::1:76DC5751EFE52931:-::18:9B4D02F7D74790AB929E607BE5940CFF66801C237840EE968FDEFD7ED1387350:-::16:4CD575703D197F2991D5233704BAE379DF4FFBE616256762:-::23:E3D49F7E3462823492F33FAD8F0A754F:- 20050728203748:kadmin/admin@EXAMPLE.ORG 20050728203748:kadmin/admin@EXAMPLE.ORG - - - 3600 3600 383 20050728203748:803541:2 -krbtgt/EXAMPLE.ORG@EXAMPLE.ORG 1::3:C219830E0E73DCEC:-::2:C219830E0E73DCEC:-::1:C219830E0E73DCEC:-::18:56CD702EE58B6EF4CAF758DA0BA1B92B21EFC1D2E9FCC0785009BC391F8571B8:-::16:29E9A2F45B2561D5B592C1070708B94A894AE046D091CE7C:-::23:30A2FB86CDC17B4EC625DC66C47AAF37:- 20050728203748:kadmin/admin@EXAMPLE.ORG 20050728203748:kadmin/admin@EXAMPLE.ORG - - - 86400 2592000 126 20050728203748:560639:2 -lha@EXAMPLE.ORG 1::3:80AB08A261D6A82F:3/"EXAMPLE.ORGlha"::2:80AB08A261D6A82F:3/"EXAMPLE.ORGlha"::1:80AB08A261D6A82F:3/"EXAMPLE.ORGlha"::18:96653BEA5A46E5DF97D535C6C49F007E02F0E56B21F498C14F8C014871FE9889:3/"EXAMPLE.ORGlha"::16:7545202640A81304AE987F231FCB1F625D02CE7FF8A4ABEA:3/"EXAMPLE.ORGlha"::23:AC8E657F83DF82BEEA5D43BDAF7800CC:3/"EXAMPLE.ORGlha" 20050728203752:kadmin/admin@EXAMPLE.ORG 20050728203758:kadmin/admin@EXAMPLE.ORG - - - 86400 604800 126 20050728203752:988968:1 diff --git a/crypto/heimdal/tests/db/text-dump-known-ext b/crypto/heimdal/tests/db/text-dump-known-ext deleted file mode 100644 index 8c3649c643bb..000000000000 --- a/crypto/heimdal/tests/db/text-dump-known-ext +++ /dev/null @@ -1,7 +0,0 @@ -changepw/kerberos@EXAMPLE.ORG 1::3:2376E6A4C1D5456D:-::2:2376E6A4C1D5456D:-::1:2376E6A4C1D5456D:-::18:39C3D293A6B0CEE734C7874764A8B5449F348AC00A6EA94F7451D07BE31EF239:-::16:108373F74F105875DCCE866B160886C7BC6780E526D0DAEA:-::23:D279B73431AA349F63594EA800397195:- 20050728203748:kadmin/admin@EXAMPLE.ORG 20050728203748:kadmin/admin@EXAMPLE.ORG - - - 3600 3600 639 20050728203748:743456:2 - -default@EXAMPLE.ORG 0::3:3B2A671585E93D6B:3/"EXAMPLE.ORGdefault"::2:3B2A671585E93D6B:3/"EXAMPLE.ORGdefault"::1:3B2A671585E93D6B:3/"EXAMPLE.ORGdefault"::18:AF401411D3F29C204611A9BA1EF54AEDEC43A01B0123C57B994B2EE104E7F127:3/"EXAMPLE.ORGdefault"::16:02401CAD7A92760E464025760BCD3BE5DF616DD5A798C719:3/"EXAMPLE.ORGdefault"::23:31D6CFE0D16AE931B73C59D7E0C089C0:3/"EXAMPLE.ORGdefault" 20050728203748:kadmin/admin@EXAMPLE.ORG - - - - 86400 604800 254 20050728203748:863727:0 - -kadmin/admin@EXAMPLE.ORG 1::3:2FCD23DCC2C726CE:-::2:2FCD23DCC2C726CE:-::1:2FCD23DCC2C726CE:-::18:1675F5E5BAD61428DE51F7C8EDCD53F23426D90F4F0BB4F9C73514D317E0482A:-::16:C79D6B0879B6ABADCE4A9B436B5B4A4F792679CDBC7F5D10:-::23:265C712FED225A85567BAF8CD9A4C4ED:- 20050728203748:kadmin/admin@EXAMPLE.ORG 20050728203748:kadmin/admin@EXAMPLE.ORG - - - 3600 3600 382 20050728203748:682995:2 - -kadmin/changepw@EXAMPLE.ORG 1::3:57A132CB9D7F4F37:-::2:57A132CB9D7F4F37:-::1:57A132CB9D7F4F37:-::18:B8252C9E3EC99969053631C238BBF88A0AAA082A8F1C4ED8D1729170C79519B8:-::16:10CE89987A1FD0986E6D836DB3F473E04C648C34F17CBCE3:-::23:A6D2BCA6F54B1C1AA5E875F116EEDE82:- 20050728203748:kadmin/admin@EXAMPLE.ORG 20050728203748:kadmin/admin@EXAMPLE.ORG - - - 300 300 867 20050728203748:623022:2 - -kadmin/hprop@EXAMPLE.ORG 1::3:76DC5751EFE52931:-::2:76DC5751EFE52931:-::1:76DC5751EFE52931:-::18:9B4D02F7D74790AB929E607BE5940CFF66801C237840EE968FDEFD7ED1387350:-::16:4CD575703D197F2991D5233704BAE379DF4FFBE616256762:-::23:E3D49F7E3462823492F33FAD8F0A754F:- 20050728203748:kadmin/admin@EXAMPLE.ORG 20050728203748:kadmin/admin@EXAMPLE.ORG - - - 3600 3600 383 20050728203748:803541:2 - -krbtgt/EXAMPLE.ORG@EXAMPLE.ORG 1::3:C219830E0E73DCEC:-::2:C219830E0E73DCEC:-::1:C219830E0E73DCEC:-::18:56CD702EE58B6EF4CAF758DA0BA1B92B21EFC1D2E9FCC0785009BC391F8571B8:-::16:29E9A2F45B2561D5B592C1070708B94A894AE046D091CE7C:-::23:30A2FB86CDC17B4EC625DC66C47AAF37:- 20050728203748:kadmin/admin@EXAMPLE.ORG 20050728203748:kadmin/admin@EXAMPLE.ORG - - - 86400 2592000 126 20050728203748:560639:2 - -lha@EXAMPLE.ORG 1::3:80AB08A261D6A82F:3/"EXAMPLE.ORGlha"::2:80AB08A261D6A82F:3/"EXAMPLE.ORGlha"::1:80AB08A261D6A82F:3/"EXAMPLE.ORGlha"::18:96653BEA5A46E5DF97D535C6C49F007E02F0E56B21F498C14F8C014871FE9889:3/"EXAMPLE.ORGlha"::16:7545202640A81304AE987F231FCB1F625D02CE7FF8A4ABEA:3/"EXAMPLE.ORGlha"::23:AC8E657F83DF82BEEA5D43BDAF7800CC:3/"EXAMPLE.ORGlha" 20050728203752:kadmin/admin@EXAMPLE.ORG 20050728203758:kadmin/admin@EXAMPLE.ORG - - - 86400 604800 126 20050728203752:988968:1 - diff --git a/crypto/heimdal/tests/db/text-dump-no-ext b/crypto/heimdal/tests/db/text-dump-no-ext deleted file mode 100644 index 8c3649c643bb..000000000000 --- a/crypto/heimdal/tests/db/text-dump-no-ext +++ /dev/null @@ -1,7 +0,0 @@ -changepw/kerberos@EXAMPLE.ORG 1::3:2376E6A4C1D5456D:-::2:2376E6A4C1D5456D:-::1:2376E6A4C1D5456D:-::18:39C3D293A6B0CEE734C7874764A8B5449F348AC00A6EA94F7451D07BE31EF239:-::16:108373F74F105875DCCE866B160886C7BC6780E526D0DAEA:-::23:D279B73431AA349F63594EA800397195:- 20050728203748:kadmin/admin@EXAMPLE.ORG 20050728203748:kadmin/admin@EXAMPLE.ORG - - - 3600 3600 639 20050728203748:743456:2 - -default@EXAMPLE.ORG 0::3:3B2A671585E93D6B:3/"EXAMPLE.ORGdefault"::2:3B2A671585E93D6B:3/"EXAMPLE.ORGdefault"::1:3B2A671585E93D6B:3/"EXAMPLE.ORGdefault"::18:AF401411D3F29C204611A9BA1EF54AEDEC43A01B0123C57B994B2EE104E7F127:3/"EXAMPLE.ORGdefault"::16:02401CAD7A92760E464025760BCD3BE5DF616DD5A798C719:3/"EXAMPLE.ORGdefault"::23:31D6CFE0D16AE931B73C59D7E0C089C0:3/"EXAMPLE.ORGdefault" 20050728203748:kadmin/admin@EXAMPLE.ORG - - - - 86400 604800 254 20050728203748:863727:0 - -kadmin/admin@EXAMPLE.ORG 1::3:2FCD23DCC2C726CE:-::2:2FCD23DCC2C726CE:-::1:2FCD23DCC2C726CE:-::18:1675F5E5BAD61428DE51F7C8EDCD53F23426D90F4F0BB4F9C73514D317E0482A:-::16:C79D6B0879B6ABADCE4A9B436B5B4A4F792679CDBC7F5D10:-::23:265C712FED225A85567BAF8CD9A4C4ED:- 20050728203748:kadmin/admin@EXAMPLE.ORG 20050728203748:kadmin/admin@EXAMPLE.ORG - - - 3600 3600 382 20050728203748:682995:2 - -kadmin/changepw@EXAMPLE.ORG 1::3:57A132CB9D7F4F37:-::2:57A132CB9D7F4F37:-::1:57A132CB9D7F4F37:-::18:B8252C9E3EC99969053631C238BBF88A0AAA082A8F1C4ED8D1729170C79519B8:-::16:10CE89987A1FD0986E6D836DB3F473E04C648C34F17CBCE3:-::23:A6D2BCA6F54B1C1AA5E875F116EEDE82:- 20050728203748:kadmin/admin@EXAMPLE.ORG 20050728203748:kadmin/admin@EXAMPLE.ORG - - - 300 300 867 20050728203748:623022:2 - -kadmin/hprop@EXAMPLE.ORG 1::3:76DC5751EFE52931:-::2:76DC5751EFE52931:-::1:76DC5751EFE52931:-::18:9B4D02F7D74790AB929E607BE5940CFF66801C237840EE968FDEFD7ED1387350:-::16:4CD575703D197F2991D5233704BAE379DF4FFBE616256762:-::23:E3D49F7E3462823492F33FAD8F0A754F:- 20050728203748:kadmin/admin@EXAMPLE.ORG 20050728203748:kadmin/admin@EXAMPLE.ORG - - - 3600 3600 383 20050728203748:803541:2 - -krbtgt/EXAMPLE.ORG@EXAMPLE.ORG 1::3:C219830E0E73DCEC:-::2:C219830E0E73DCEC:-::1:C219830E0E73DCEC:-::18:56CD702EE58B6EF4CAF758DA0BA1B92B21EFC1D2E9FCC0785009BC391F8571B8:-::16:29E9A2F45B2561D5B592C1070708B94A894AE046D091CE7C:-::23:30A2FB86CDC17B4EC625DC66C47AAF37:- 20050728203748:kadmin/admin@EXAMPLE.ORG 20050728203748:kadmin/admin@EXAMPLE.ORG - - - 86400 2592000 126 20050728203748:560639:2 - -lha@EXAMPLE.ORG 1::3:80AB08A261D6A82F:3/"EXAMPLE.ORGlha"::2:80AB08A261D6A82F:3/"EXAMPLE.ORGlha"::1:80AB08A261D6A82F:3/"EXAMPLE.ORGlha"::18:96653BEA5A46E5DF97D535C6C49F007E02F0E56B21F498C14F8C014871FE9889:3/"EXAMPLE.ORGlha"::16:7545202640A81304AE987F231FCB1F625D02CE7FF8A4ABEA:3/"EXAMPLE.ORGlha"::23:AC8E657F83DF82BEEA5D43BDAF7800CC:3/"EXAMPLE.ORGlha" 20050728203752:kadmin/admin@EXAMPLE.ORG 20050728203758:kadmin/admin@EXAMPLE.ORG - - - 86400 604800 126 20050728203752:988968:1 - diff --git a/crypto/heimdal/tests/db/text-dump-unknown-ext b/crypto/heimdal/tests/db/text-dump-unknown-ext deleted file mode 100644 index 8c3649c643bb..000000000000 --- a/crypto/heimdal/tests/db/text-dump-unknown-ext +++ /dev/null @@ -1,7 +0,0 @@ -changepw/kerberos@EXAMPLE.ORG 1::3:2376E6A4C1D5456D:-::2:2376E6A4C1D5456D:-::1:2376E6A4C1D5456D:-::18:39C3D293A6B0CEE734C7874764A8B5449F348AC00A6EA94F7451D07BE31EF239:-::16:108373F74F105875DCCE866B160886C7BC6780E526D0DAEA:-::23:D279B73431AA349F63594EA800397195:- 20050728203748:kadmin/admin@EXAMPLE.ORG 20050728203748:kadmin/admin@EXAMPLE.ORG - - - 3600 3600 639 20050728203748:743456:2 - -default@EXAMPLE.ORG 0::3:3B2A671585E93D6B:3/"EXAMPLE.ORGdefault"::2:3B2A671585E93D6B:3/"EXAMPLE.ORGdefault"::1:3B2A671585E93D6B:3/"EXAMPLE.ORGdefault"::18:AF401411D3F29C204611A9BA1EF54AEDEC43A01B0123C57B994B2EE104E7F127:3/"EXAMPLE.ORGdefault"::16:02401CAD7A92760E464025760BCD3BE5DF616DD5A798C719:3/"EXAMPLE.ORGdefault"::23:31D6CFE0D16AE931B73C59D7E0C089C0:3/"EXAMPLE.ORGdefault" 20050728203748:kadmin/admin@EXAMPLE.ORG - - - - 86400 604800 254 20050728203748:863727:0 - -kadmin/admin@EXAMPLE.ORG 1::3:2FCD23DCC2C726CE:-::2:2FCD23DCC2C726CE:-::1:2FCD23DCC2C726CE:-::18:1675F5E5BAD61428DE51F7C8EDCD53F23426D90F4F0BB4F9C73514D317E0482A:-::16:C79D6B0879B6ABADCE4A9B436B5B4A4F792679CDBC7F5D10:-::23:265C712FED225A85567BAF8CD9A4C4ED:- 20050728203748:kadmin/admin@EXAMPLE.ORG 20050728203748:kadmin/admin@EXAMPLE.ORG - - - 3600 3600 382 20050728203748:682995:2 - -kadmin/changepw@EXAMPLE.ORG 1::3:57A132CB9D7F4F37:-::2:57A132CB9D7F4F37:-::1:57A132CB9D7F4F37:-::18:B8252C9E3EC99969053631C238BBF88A0AAA082A8F1C4ED8D1729170C79519B8:-::16:10CE89987A1FD0986E6D836DB3F473E04C648C34F17CBCE3:-::23:A6D2BCA6F54B1C1AA5E875F116EEDE82:- 20050728203748:kadmin/admin@EXAMPLE.ORG 20050728203748:kadmin/admin@EXAMPLE.ORG - - - 300 300 867 20050728203748:623022:2 - -kadmin/hprop@EXAMPLE.ORG 1::3:76DC5751EFE52931:-::2:76DC5751EFE52931:-::1:76DC5751EFE52931:-::18:9B4D02F7D74790AB929E607BE5940CFF66801C237840EE968FDEFD7ED1387350:-::16:4CD575703D197F2991D5233704BAE379DF4FFBE616256762:-::23:E3D49F7E3462823492F33FAD8F0A754F:- 20050728203748:kadmin/admin@EXAMPLE.ORG 20050728203748:kadmin/admin@EXAMPLE.ORG - - - 3600 3600 383 20050728203748:803541:2 - -krbtgt/EXAMPLE.ORG@EXAMPLE.ORG 1::3:C219830E0E73DCEC:-::2:C219830E0E73DCEC:-::1:C219830E0E73DCEC:-::18:56CD702EE58B6EF4CAF758DA0BA1B92B21EFC1D2E9FCC0785009BC391F8571B8:-::16:29E9A2F45B2561D5B592C1070708B94A894AE046D091CE7C:-::23:30A2FB86CDC17B4EC625DC66C47AAF37:- 20050728203748:kadmin/admin@EXAMPLE.ORG 20050728203748:kadmin/admin@EXAMPLE.ORG - - - 86400 2592000 126 20050728203748:560639:2 - -lha@EXAMPLE.ORG 1::3:80AB08A261D6A82F:3/"EXAMPLE.ORGlha"::2:80AB08A261D6A82F:3/"EXAMPLE.ORGlha"::1:80AB08A261D6A82F:3/"EXAMPLE.ORGlha"::18:96653BEA5A46E5DF97D535C6C49F007E02F0E56B21F498C14F8C014871FE9889:3/"EXAMPLE.ORGlha"::16:7545202640A81304AE987F231FCB1F625D02CE7FF8A4ABEA:3/"EXAMPLE.ORGlha"::23:AC8E657F83DF82BEEA5D43BDAF7800CC:3/"EXAMPLE.ORGlha" 20050728203752:kadmin/admin@EXAMPLE.ORG 20050728203758:kadmin/admin@EXAMPLE.ORG - - - 86400 604800 126 20050728203752:988968:1 - diff --git a/crypto/heimdal/tests/gss/Makefile.am b/crypto/heimdal/tests/gss/Makefile.am deleted file mode 100644 index 5a752d0b5a74..000000000000 --- a/crypto/heimdal/tests/gss/Makefile.am +++ /dev/null @@ -1,78 +0,0 @@ -# $Id: Makefile.am 20513 2007-04-22 10:23:27Z lha $ - -include $(top_srcdir)/Makefile.am.common - -noinst_DATA = krb5.conf - -SCRIPT_TESTS = check-gss check-gssmask check-context check-spnego check-ntlm - -TESTS = $(SCRIPT_TESTS) - -check_SCRIPTS = $(SCRIPT_TESTS) - -port = 49188 - -do_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ - -e 's,[@]port[@],$(port),g' \ - -e 's,[@]objdir[@],$(top_builddir)/tests/gss,g' - -check-gss: check-gss.in Makefile - $(do_subst) < $(srcdir)/check-gss.in > check-gss.tmp - chmod +x check-gss.tmp - mv check-gss.tmp check-gss - -check-gssmask: check-gssmask.in Makefile - $(do_subst) < $(srcdir)/check-gssmask.in > check-gssmask.tmp - chmod +x check-gssmask.tmp - mv check-gssmask.tmp check-gssmask - -check-context: check-context.in Makefile - $(do_subst) < $(srcdir)/check-context.in > check-context.tmp - chmod +x check-context.tmp - mv check-context.tmp check-context - -check-spnego: check-spnego.in Makefile - $(do_subst) < $(srcdir)/check-spnego.in > check-spnego.tmp - chmod +x check-spnego.tmp - mv check-spnego.tmp check-spnego - -check-basic: check-basic.in Makefile - $(do_subst) < $(srcdir)/check-basic.in > check-basic.tmp - chmod +x check-basic.tmp - mv check-basic.tmp check-basic - -check-ntlm: check-ntlm.in Makefile - $(do_subst) < $(srcdir)/check-ntlm.in > check-ntlm.tmp - chmod +x check-ntlm.tmp - mv check-ntlm.tmp check-ntlm - -krb5.conf: krb5.conf.in Makefile - $(do_subst) < $(srcdir)/krb5.conf.in > krb5.conf.tmp - mv krb5.conf.tmp krb5.conf - -CLEANFILES= \ - $(TESTS) \ - foopassword \ - barpassword \ - krb5ccfile \ - krb5ccfile-ds \ - server.keytab \ - krb5.conf \ - current-db* \ - *.log \ - check-basic.tmp \ - check-gss.tmp \ - check-gssmask.tmp \ - check-spnego.tmp \ - check-ntlm.tmp \ - check-context.tmp - -EXTRA_DIST = \ - check-basic.in \ - check-gss.in \ - check-gssmask.in \ - check-spnego.in \ - check-ntlm.in \ - check-context.in \ - ntlm-user-file.txt \ - krb5.conf.in diff --git a/crypto/heimdal/tests/gss/Makefile.in b/crypto/heimdal/tests/gss/Makefile.in deleted file mode 100644 index bffae6cd1770..000000000000 --- a/crypto/heimdal/tests/gss/Makefile.in +++ /dev/null @@ -1,804 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 20513 2007-04-22 10:23:27Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = tests/gss -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -DATA = $(noinst_DATA) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -noinst_DATA = krb5.conf -SCRIPT_TESTS = check-gss check-gssmask check-context check-spnego check-ntlm -TESTS = $(SCRIPT_TESTS) -check_SCRIPTS = $(SCRIPT_TESTS) -port = 49188 -do_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ - -e 's,[@]port[@],$(port),g' \ - -e 's,[@]objdir[@],$(top_builddir)/tests/gss,g' - -CLEANFILES = \ - $(TESTS) \ - foopassword \ - barpassword \ - krb5ccfile \ - krb5ccfile-ds \ - server.keytab \ - krb5.conf \ - current-db* \ - *.log \ - check-basic.tmp \ - check-gss.tmp \ - check-gssmask.tmp \ - check-spnego.tmp \ - check-ntlm.tmp \ - check-context.tmp - -EXTRA_DIST = \ - check-basic.in \ - check-gss.in \ - check-gssmask.in \ - check-spnego.in \ - check-ntlm.in \ - check-context.in \ - ntlm-user-file.txt \ - krb5.conf.in - -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps tests/gss/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps tests/gss/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -tags: TAGS -TAGS: - -ctags: CTAGS -CTAGS: - - -check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ - srcdir=$(srcdir); export srcdir; \ - list=' $(TESTS) '; \ - if test -n "$$list"; then \ - for tst in $$list; do \ - if test -f ./$$tst; then dir=./; \ - elif test -f $$tst; then dir=; \ - else dir="$(srcdir)/"; fi; \ - if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xpass=`expr $$xpass + 1`; \ - failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ - ;; \ - *) \ - echo "PASS: $$tst"; \ - ;; \ - esac; \ - elif test $$? -ne 77; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ - ;; \ - *) \ - failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ - ;; \ - esac; \ - else \ - skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ - fi; \ - else \ - if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ - else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ - fi; \ - fi; \ - dashes="$$banner"; \ - skipped=""; \ - if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ - test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$skipped"; \ - fi; \ - report=""; \ - if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ - report="Please report to $(PACKAGE_BUGREPORT)"; \ - test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$report"; \ - fi; \ - dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - test -z "$$skipped" || echo "$$skipped"; \ - test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0; \ - else :; fi - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) $(check_SCRIPTS) - $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local -check: check-am -all-am: Makefile $(DATA) all-local -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: all all-am all-local check check-TESTS check-am check-local \ - clean clean-generic clean-libtool dist-hook distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -check-gss: check-gss.in Makefile - $(do_subst) < $(srcdir)/check-gss.in > check-gss.tmp - chmod +x check-gss.tmp - mv check-gss.tmp check-gss - -check-gssmask: check-gssmask.in Makefile - $(do_subst) < $(srcdir)/check-gssmask.in > check-gssmask.tmp - chmod +x check-gssmask.tmp - mv check-gssmask.tmp check-gssmask - -check-context: check-context.in Makefile - $(do_subst) < $(srcdir)/check-context.in > check-context.tmp - chmod +x check-context.tmp - mv check-context.tmp check-context - -check-spnego: check-spnego.in Makefile - $(do_subst) < $(srcdir)/check-spnego.in > check-spnego.tmp - chmod +x check-spnego.tmp - mv check-spnego.tmp check-spnego - -check-basic: check-basic.in Makefile - $(do_subst) < $(srcdir)/check-basic.in > check-basic.tmp - chmod +x check-basic.tmp - mv check-basic.tmp check-basic - -check-ntlm: check-ntlm.in Makefile - $(do_subst) < $(srcdir)/check-ntlm.in > check-ntlm.tmp - chmod +x check-ntlm.tmp - mv check-ntlm.tmp check-ntlm - -krb5.conf: krb5.conf.in Makefile - $(do_subst) < $(srcdir)/krb5.conf.in > krb5.conf.tmp - mv krb5.conf.tmp krb5.conf -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/tests/gss/check-basic.in b/crypto/heimdal/tests/gss/check-basic.in deleted file mode 100644 index b6b95f60cde1..000000000000 --- a/crypto/heimdal/tests/gss/check-basic.in +++ /dev/null @@ -1,156 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id$ -# - -srcdir="@srcdir@" -objdir="@objdir@" - -# If there is no useful db support compile in, disable test -../db/have-db || exit 77 - -R=TEST.H5L.SE - -port=@port@ - -keytabfile=${objdir}/server.keytab -keytab="FILE:${keytabfile}" -nokeytab="FILE:no-such-keytab" -cache="FILE:krb5ccfile" -nocache="FILE:no-such-cache" - -kinit="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cache --no-afslog" -kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -l -r $R" -kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=localhost -P $port" - -acquire_cred="${TESTS_ENVIRONMENT} ../../lib/gssapi/test_acquire_cred" -test_kcred="${TESTS_ENVIRONMENT} ../../lib/gssapi/test_kcred" - -KRB5_CONFIG="${objdir}/krb5.conf" -export KRB5_CONFIG - -KRB5_KTNAME="${keytab}" -export KRB5_KTNAME -KRB5CCNAME="${cache}" -export KRB5CCNAME - -rm -f ${keytabfile} -rm -f current-db* -rm -f out-* -rm -f mkey.file* - -> messages.log - -echo Creating database -${kadmin} \ - init \ - --realm-max-ticket-life=1day \ - --realm-max-renewable-life=1month \ - ${R} || exit 1 - -echo upw > ${objdir}/foopassword - -${kadmin} add -p upw --use-defaults user@${R} || exit 1 -${kadmin} add -p upw --use-defaults another@${R} || exit 1 -${kadmin} add -p p1 --use-defaults host/host.test.h5l.se@${R} || exit 1 -${kadmin} ext -k ${keytab} host/host.test.h5l.se@${R} || exit 1 - -echo "Doing database check" -${kadmin} check ${R} || exit 1 - -echo Starting kdc -${kdc} & -kdcpid=$! - -sh ${srcdir}/../kdc/wait-kdc.sh -if [ "$?" != 0 ] ; then - kill ${kdcpid} - exit 1 -fi - -trap "kill ${kdcpid}; echo signal killing kdc; exit 1;" EXIT - -exitcode=0 - -echo "initial ticket" -${kinit} --password-file=${objdir}/foopassword user@${R} || exitcode=1 - -echo "keytab" -${acquire_cred} \ - --acquire-type=accept \ - --acquire-name=host@host.test.h5l.se || exit 1 -echo "keytab w/o name" -${acquire_cred} \ - --acquire-type=accept || exit 1 -echo "keytab w/ wrong name" -${acquire_cred} \ - --acquire-type=accept \ - --acquire-name=host@host2.test.h5l.se 2>/dev/null && exit 1 -echo "init using keytab" -${acquire_cred} \ - --acquire-type=initiate \ - --acquire-name=host@host.test.h5l.se || exit 1 -echo "init using existing cc" -${acquire_cred} \ - --name-type=user-name \ - --acquire-type=initiate \ - --acquire-name=user || exit 1 - -KRB5CCNAME=${nocache} - -echo "fail init using existing cc" -${acquire_cred} \ - --name-type=user-name \ - --acquire-type=initiate \ - --acquire-name=user 2>/dev/null && exit 1 - -echo "use gss_krb5_ccache_name" -${acquire_cred} \ - --name-type=user-name \ - --ccache=${cache} \ - --acquire-type=initiate \ - --acquire-name=user >/dev/null || exit 1 - -KRB5CCNAME=${cache} -KRB5_KTNAME=${nokeytab} - -echo "kcred" -${test_kcred} || exit 1 - -trap "" EXIT - -echo "killing kdc (${kdcpid})" -kill ${kdcpid} 2> /dev/null - -exit $exitcode diff --git a/crypto/heimdal/tests/gss/check-context.in b/crypto/heimdal/tests/gss/check-context.in deleted file mode 100644 index 1a25a248a959..000000000000 --- a/crypto/heimdal/tests/gss/check-context.in +++ /dev/null @@ -1,188 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: check-context.in 22425 2008-01-13 09:46:01Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" - -# If there is no useful db support compile in, disable test -../db/have-db || exit 77 - -R=TEST.H5L.SE - -port=@port@ - -keytabfile=${objdir}/server.keytab -keytab="FILE:${keytabfile}" -cache="FILE:krb5ccfile" - -kinit="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cache --no-afslog" -kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -l -r $R" -kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=localhost -P $port" - -context="${TESTS_ENVIRONMENT} ../../lib/gssapi/test_context" - -KRB5_CONFIG="${objdir}/krb5.conf" -export KRB5_CONFIG - -KRB5CCNAME=${cache} -export KRB5CCNAME - -rm -f ${keytabfile} -rm -f current-db* -rm -f out-* -rm -f mkey.file* - -> messages.log - -echo Creating database -${kadmin} \ - init \ - --realm-max-ticket-life=1day \ - --realm-max-renewable-life=1month \ - ${R} || exit 1 - -# add both lucid and lucid.test.h5l.se to simulate aliases -${kadmin} add -p p1 --use-defaults host/lucid.test.h5l.se@${R} || exit 1 -${kadmin} ext -k ${keytab} host/lucid.test.h5l.se@${R} || exit 1 -${kadmin} add -p p1 --use-defaults host/lucid@${R} || exit 1 -${kadmin} ext -k ${keytab} host/lucid@${R} || exit 1 -${kadmin} add -p kaka --use-defaults digest/${R}@${R} || exit 1 - -${kadmin} add -p u1 --use-defaults user1@${R} || exit 1 - -echo "Doing database check" -${kadmin} check ${R} || exit 1 - -echo u1 > ${objdir}/foopassword - -echo Starting kdc -${kdc} & -kdcpid=$! - -sh ${srcdir}/../kdc/wait-kdc.sh -if [ "$?" != 0 ] ; then - kill ${kdcpid} - exit 1 -fi - -trap "kill ${kdcpid}; echo signal killing kdc; exit 1;" EXIT - -exitcode=0 - -echo "Getting client initial tickets" -${kinit} --password-file=${objdir}/foopassword user1@${R} || exitcode=1 - -echo "======test naming combinations" -echo "plain" -${context} --name-type=hostbased-service host@lucid.test.h5l.se || \ - { exitcode=1 ; echo test failed; } -echo "plain (krb5)" -${context} --name-type=krb5-principal-name host/lucid.test.h5l.se@${R} || \ - { exitcode=1 ; echo test failed; } -echo "plain (krb5 realmless)" -${context} --name-type=krb5-principal-name host/lucid.test.h5l.se || \ - { exitcode=1 ; echo test failed; } -echo "dns canon on (long name) OFF, need dns_wrapper" -#${context} --dns-canon host@lucid.test.h5l.se || \ -# { exitcode=1 ; echo test failed; } -echo "dns canon off (long name)" -${context} --no-dns-canon host@lucid.test.h5l.se || \ - { exitcode=1 ; echo test failed; } -echo "dns canon off (short name)" -${context} --no-dns-canon host@lucid || \ - { exitcode=1 ; echo test failed; } -echo "dns canon off (short name, krb5)" -${context} --no-dns-canon --name-type=krb5-principal-name host/lucid@${R} || \ - { exitcode=1 ; echo test failed; } -echo "dns canon off (short name, krb5)" -${context} --no-dns-canon --name-type=krb5-principal-name host/lucid || \ - { exitcode=1 ; echo test failed; } - -echo "======test context building" -for mech in krb5 spnego ; do - echo "${mech} no-mutual" - ${context} --mech-type=${mech} \ - --name-type=hostbased-service host@lucid.test.h5l.se || \ - { exitcode=1 ; echo test failed; } - - echo "${mech} mutual" - ${context} --mech-type=${mech} \ - --mutual \ - --name-type=hostbased-service host@lucid.test.h5l.se || \ - { exitcode=1 ; echo test failed; } - - echo "${mech} delegate" - ${context} --mech-type=${mech} \ - --delegate \ - --name-type=hostbased-service host@lucid.test.h5l.se || \ - { exitcode=1 ; echo test failed; } - - echo "${mech} mutual delegate" - ${context} --mech-type=${mech} \ - --mutual --delegate \ - --name-type=hostbased-service host@lucid.test.h5l.se || \ - { exitcode=1 ; echo test failed; } -done - -#add spnego ! -echo "======dce-style" -for mech in krb5 ; do - - echo "${mech}: dce-style" - ${context} \ - --mech-type=${mech} \ - --mutual \ - --dce-style \ - --name-type=hostbased-service host@lucid.test.h5l.se || \ - { exitcode=1 ; echo test failed; } - -done - -#echo "sasl-digest-md5" -#${context} --mech-type=sasl-digest-md5 \ -# --name-type=hostbased-service \ -# host@lucid.test.h5l.se || \ -# { exitcode=1 ; echo test failed; } - - -trap "" EXIT - -echo "killing kdc (${kdcpid})" -kill ${kdcpid} 2> /dev/null - -exit $exitcode - - diff --git a/crypto/heimdal/tests/gss/check-gss.in b/crypto/heimdal/tests/gss/check-gss.in deleted file mode 100644 index e023c2b26542..000000000000 --- a/crypto/heimdal/tests/gss/check-gss.in +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: check-gss.in 18389 2006-10-10 09:30:20Z lha $ -# - -objdir="@objdir@" -gssdir="${objdir}/../../lib/gssapi" - -${TESTS_ENVIRONMENT} ${gssdir}/gss help > /dev/null || exit 1 -${TESTS_ENVIRONMENT} ${gssdir}/gss supported-mechanisms > /dev/null || exit 1 - -exit 0 - - diff --git a/crypto/heimdal/tests/gss/check-gssmask.in b/crypto/heimdal/tests/gss/check-gssmask.in deleted file mode 100644 index 8b72af4f46a9..000000000000 --- a/crypto/heimdal/tests/gss/check-gssmask.in +++ /dev/null @@ -1,133 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: check-gssmask.in 21845 2007-08-08 06:54:48Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" - -# If there is no useful db support compile in, disable test -../db/have-db || exit 77 - -R=TEST.H5L.SE - -port=@port@ - -kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -l -r $R" -kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=localhost -P $port" -keytabfile=${objdir}/server.keytab -keytab="FILE:${keytabfile}" - -gssmask="${TESTS_ENVIRONMENT} ../../appl/gssmask/gssmask" -gssmaskn1="${gssmask} -p 8889 --spn=host/n1.test.h5l.se@${R} --logfile=n1.log" -gssmaskn2="${gssmask} -p 8890 --spn=host/n2.test.h5l.se@${R} --logfile=n2.log" -gssmaskn3="${gssmask} -p 8891 --spn=host/n3.test.h5l.se@${R} --logfile=n3.log" -gssmaestro="../../appl/gssmask/gssmaestro" - -KRB5_CONFIG="${objdir}/krb5.conf" -export KRB5_CONFIG - -rm -f ${keytabfile} -rm -f current-db* -rm -f out-* -rm -f mkey.file* - -> messages.log - -echo Creating database -${kadmin} \ - init \ - --realm-max-ticket-life=1day \ - --realm-max-renewable-life=1month \ - ${R} || exit 1 - -${kadmin} add -p p1 --use-defaults host/n1.test.h5l.se@${R} || exit 1 -${kadmin} add -p p2 --use-defaults host/n2.test.h5l.se@${R} || exit 1 -${kadmin} add -p p3 --use-defaults host/n3.test.h5l.se@${R} || exit 1 -${kadmin} ext -k ${keytab} host/n1.test.h5l.se@${R} || exit 1 -${kadmin} ext -k ${keytab} host/n2.test.h5l.se@${R} || exit 1 -${kadmin} ext -k ${keytab} host/n3.test.h5l.se@${R} || exit 1 - -${kadmin} add -p u1 --use-defaults user1@${R} || exit 1 - -echo "Doing database check" -${kadmin} check ${R} || exit 1 - -echo Starting kdc -${kdc} & -kdcpid=$! - -sh ${srcdir}/../kdc/wait-kdc.sh -if [ "$?" != 0 ] ; then - kill ${kdcpid} - exit 1 -fi - -trap "kill ${kdcpid}; echo signal killing kdc; exit 1;" EXIT - -exitcode=0 - -echo "Starting client 1" -${gssmaskn1} --moniker=n1 & -n1pid=$! -#echo $n1pid -#xterm -display :0 -e g ${gssmaskn1} & -#read x - -echo "Starting client 2" -${gssmaskn2} --moniker=n2 & -n2pid=$! - -echo "Starting client 3" -${gssmaskn3} --moniker=n3 & -n3pid=$! - -trap "kill ${kdcpid} ${n1pid} ${n2pid} ${n3pid} 2> /dev/null; echo signal killing kdc and maskar; exit 1;" EXIT - -sleep 10 - -${gssmaestro} \ - --slaves=localhost:8889 \ - --slaves=localhost:8890 \ - --slaves=localhost:8891 \ - --principals=user1@${R}:u1 || exitcode=1 - -trap "" EXIT - -echo "killing kdc and clients (${kdcpid}, ${n1pid}, ${n2pid}, ${n3pid})" -kill ${kdcpid} ${n1pid} ${n2pid} ${n3pid} 2> /dev/null - -exit $exitcode - - diff --git a/crypto/heimdal/tests/gss/check-ntlm.in b/crypto/heimdal/tests/gss/check-ntlm.in deleted file mode 100644 index a724d2dcbea2..000000000000 --- a/crypto/heimdal/tests/gss/check-ntlm.in +++ /dev/null @@ -1,170 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: check-ntlm.in 22160 2007-12-04 20:05:17Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" - -# If there is no useful db support compile in, disable test -../db/have-db || exit 77 - -R=TEST.H5L.SE - -port=@port@ - -keytabfile=${objdir}/server.keytab -keytab="FILE:${keytabfile}" -cache="FILE:krb5ccfile" -cacheds="FILE:krb5ccfile-ds" - -kinit="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cache --no-afslog" -kinitds="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cacheds --no-afslog" -kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -l -r $R" -kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=localhost -P $port" -kdigest="${TESTS_ENVIRONMENT} ../../kuser/kdigest" - -context="${TESTS_ENVIRONMENT} ../../lib/gssapi/test_context" - -KRB5_CONFIG="${objdir}/krb5.conf" -export KRB5_CONFIG - -KRB5_KTNAME="${keytab}" -export KRB5_KTNAME -KRB5CCNAME="${cache}" -export KRB5CCNAME -NTLM_ACCEPTOR_CCACHE="${cacheds}" -export NTLM_ACCEPTOR_CCACHE -NTLM_USER_FILE="${srcdir}/ntlm-user-file.txt" -export NTLM_USER_FILE - -GSSAPI_SPNEGO_NAME=host@host.test.h5l.se -export GSSAPI_SPNEGO_NAME - -rm -f ${keytabfile} -rm -f current-db* -rm -f out-* -rm -f mkey.file* - -> messages.log - -echo Creating database -${kadmin} \ - init \ - --realm-max-ticket-life=1day \ - --realm-max-renewable-life=1month \ - ${R} || exit 1 - -${kadmin} add -p p1 --use-defaults host/host.test.h5l.se@${R} || exit 1 -${kadmin} ext -k ${keytab} host/host.test.h5l.se@${R} || exit 1 - -${kadmin} add -p kaka --use-defaults digest/${R}@${R} || exit 1 - -${kadmin} add -p ds --use-defaults digestserver@${R} || exit 1 -${kadmin} modify --attributes=+allow-digest digestserver@${R} || exit 1 - -${kadmin} add -p u1 --use-defaults user1@${R} || exit 1 - -echo "Doing database check" -${kadmin} check ${R} || exit 1 - -echo u1 > ${objdir}/foopassword -echo ds > ${objdir}/barpassword - -echo Starting kdc -${kdc} & -kdcpid=$! - -sh ${srcdir}/../kdc/wait-kdc.sh -if [ "$?" != 0 ] ; then - kill ${kdcpid} - exit 1 -fi - -trap "kill ${kdcpid}; echo signal killing kdc; exit 1;" EXIT - -exitcode=0 - -echo "Getting client initial tickets" -${kinit} --password-file=${objdir}/foopassword user1@${R} || exitcode=1 -echo "Getting digestserver initial tickets" -${kinitds} --password-file=${objdir}/barpassword digestserver@${R} || exitcode=1 - -echo "======probe" -KRB5CCNAME="$cacheds" - - ${kdigest} digest-probe --realm=${R} > /dev/null || \ - { exitcode=1; echo "test failed"; } - -echo "======context building ntlm" - -NTLM_USER_FILE="${srcdir}/ntlm-user-file.txt-no" -KRB5CCNAME="$cache" - -echo "no NTLM initiator creds" -${context} --mech-type=ntlm \ - --mutual \ - --name-type=hostbased-service \ - --ret-mech-type=ntlm \ - host@host.test.h5l.se 2> /dev/null && \ - { exitcode=1 ; echo "test failed"; } - -echo "Getting client initial tickets (with ntlm creds)" -${kinit} --password-file=${objdir}/foopassword --ntlm-domain=TEST user1@${R} || exitcode=1 - -echo "NTLM initiator krb5 creds" -${context} --mech-type=ntlm \ - --mutual \ - --name-type=hostbased-service \ - --ret-mech-type=ntlm \ - host@host.test.h5l.se || \ - { exitcode=1 ; echo "test failed"; } - -echo "NTLM initiator krb5 creds (getverifymic, wrapunwrap)" -${context} --mech-type=ntlm \ - --mutual \ - --name-type=hostbased-service \ - --ret-mech-type=ntlm \ - --getverifymic --wrapunwrap \ - host@host.test.h5l.se || \ - { exitcode=1 ; echo "test failed"; } - -trap "" EXIT - -echo "killing kdc (${kdcpid})" -kill ${kdcpid} 2> /dev/null - -exit $exitcode - - diff --git a/crypto/heimdal/tests/gss/check-spnego.in b/crypto/heimdal/tests/gss/check-spnego.in deleted file mode 100644 index c95ac6f78a4d..000000000000 --- a/crypto/heimdal/tests/gss/check-spnego.in +++ /dev/null @@ -1,209 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: check-spnego.in 21847 2007-08-08 06:55:32Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" - -# If there is no useful db support compile in, disable test -../db/have-db || exit 77 - -R=TEST.H5L.SE - -port=@port@ - -keytabfile=${objdir}/server.keytab -keytab="FILE:${keytabfile}" -cache="FILE:krb5ccfile" -cacheds="FILE:krb5ccfile-ds" - -kinit="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cache --no-afslog" -kinitds="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cacheds --no-afslog" -kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -l -r $R" -kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=localhost -P $port" - -context="${TESTS_ENVIRONMENT} ../../lib/gssapi/test_context" - -KRB5_CONFIG="${objdir}/krb5.conf" -export KRB5_CONFIG - -KRB5_KTNAME="${keytab}" -export KRB5_KTNAME -KRB5CCNAME="${cache}" -export KRB5CCNAME -NTLM_ACCEPTOR_CCACHE="${cacheds}" -export NTLM_ACCEPTOR_CCACHE -NTLM_USER_FILE="${srcdir}/ntlm-user-file.txt" -export NTLM_USER_FILE - -GSSAPI_SPNEGO_NAME=host@host.test.h5l.se -export GSSAPI_SPNEGO_NAME - -rm -f ${keytabfile} -rm -f current-db* -rm -f out-* -rm -f mkey.file* - -> messages.log - -echo Creating database -${kadmin} \ - init \ - --realm-max-ticket-life=1day \ - --realm-max-renewable-life=1month \ - ${R} || exit 1 - -${kadmin} add -p p1 --use-defaults host/host.test.h5l.se@${R} || exit 1 -${kadmin} ext -k ${keytab} host/host.test.h5l.se@${R} || exit 1 - -${kadmin} add -p kaka --use-defaults digest/${R}@${R} || exit 1 - -${kadmin} add -p ds --use-defaults digestserver@${R} || exit 1 -${kadmin} modify --attributes=+allow-digest digestserver@${R} || exit 1 - -${kadmin} add -p u1 --use-defaults user1@${R} || exit 1 - -echo "Doing database check" -${kadmin} check ${R} || exit 1 - -echo u1 > ${objdir}/foopassword -echo ds > ${objdir}/barpassword - -echo Starting kdc -${kdc} & -kdcpid=$! - -sh ${srcdir}/../kdc/wait-kdc.sh -if [ "$?" != 0 ] ; then - kill ${kdcpid} - exit 1 -fi - -trap "kill ${kdcpid}; echo signal killing kdc; exit 1;" EXIT - -exitcode=0 - -echo "Getting client initial tickets" -${kinit} --password-file=${objdir}/foopassword user1@${R} || exitcode=1 -echo "Getting digestserver initial tickets" -${kinitds} --password-file=${objdir}/barpassword digestserver@${R} || exitcode=1 - -echo "======context building for each mech" - -for mech in ntlm krb5 ; do - echo "${mech}" - ${context} --mech-type=${mech} --ret-mech-type=${mech} \ - --name-type=hostbased-service host@host.test.h5l.se || \ - { exitcode=1 ; echo test failed; } -done - -echo "spnego" -${context} \ - --mech-type=spnego \ - --ret-mech-type=krb5 \ - --name-type=hostbased-service \ - host@host.test.h5l.se || \ - { exitcode=1 ; echo test failed; } - -echo "test failure cases" -${context} --mech-type=ntlm --ret-mech-type=krb5 \ - --name-type=hostbased-service host@host.test.h5l.se 2> /dev/null && \ - { exitcode=1 ; echo test failed; } - -${context} --mech-type=krb5 --ret-mech-type=ntlm \ - --name-type=hostbased-service host@host.test.h5l.se 2> /dev/null && \ - { exitcode=1 ; echo test failed; } - -echo "======spnego variants context building" - -for arg in \ - "" \ - "--mutual" \ - "--delegate" \ - "--mutual --delegate" \ - "--getverifymic --wrapunwrap" \ - "--mutual --getverifymic --wrapunwrap" \ - ; do - - echo "no NTLM acceptor cred ${arg}" - NTLM_ACCEPTOR_CCACHE="${cacheds}-no" - ${context} --mech-type=spnego \ - $arg \ - --name-type=hostbased-service \ - --ret-mech-type=krb5 \ - host@host.test.h5l.se || \ - { exitcode=1 ; echo test failed; } - NTLM_ACCEPTOR_CCACHE="${cacheds}" - - echo "no NTLM initiator cred ${arg}" - NTLM_USER_FILE="${srcdir}/ntlm-user-file.txt-no" - ${context} --mech-type=spnego \ - $arg \ - --name-type=hostbased-service \ - --ret-mech-type=krb5 \ - host@host.test.h5l.se || \ - { exitcode=1 ; echo test failed; } - NTLM_USER_FILE="${srcdir}/ntlm-user-file.txt" - - echo "no krb5 acceptor cred ${arg}" - KRB5_KTNAME="${keytab}-no" - ${context} --mech-type=spnego \ - $arg \ - --name-type=hostbased-service \ - --ret-mech-type=ntlm \ - host@host.test.h5l.se || \ - { exitcode=1 ; echo test failed; } - KRB5_KTNAME="${keytab}" - - echo "no krb5 initiator cred ${arg}" - KRB5CCNAME="${cache}-no" - ${context} --mech-type=spnego \ - $arg \ - --name-type=hostbased-service \ - --ret-mech-type=ntlm \ - host@host.test.h5l.se || \ - { exitcode=1 ; echo test failed; } - KRB5CCNAME="${cache}" - -done - -trap "" EXIT - -echo "killing kdc (${kdcpid})" -kill ${kdcpid} 2> /dev/null - -exit $exitcode - - diff --git a/crypto/heimdal/tests/gss/krb5.conf.in b/crypto/heimdal/tests/gss/krb5.conf.in deleted file mode 100644 index 797fcdd8f42f..000000000000 --- a/crypto/heimdal/tests/gss/krb5.conf.in +++ /dev/null @@ -1,33 +0,0 @@ -# $Id: krb5.conf.in 20202 2007-02-08 00:59:47Z lha $ - -[libdefaults] - default_realm = TEST.H5L.SE - no-addresses = TRUE - default_keytab_name = @objdir@/server.keytab - dns_canonicalize_hostname = false - dns_lookup_realm = false - -[realms] - TEST.H5L.SE = { - kdc = localhost:@port@ - } - -[domain_realms] - .test.h5l.se = TEST.H5L.SE - -[kdc] - enable-digest = true - digests_allowed = ntlm-v2,ntlm-v1-session,ntlm-v1 - - database = { - dbname = @objdir@/current-db - realm = TEST.H5L.SE - mkey_file = @objdir@/mkey.file - } - -[logging] - kdc = 0-/FILE:@objdir@/messages.log - default = 0-/FILE:@objdir@/messages.log - -[kadmin] - save-password = true diff --git a/crypto/heimdal/tests/gss/ntlm-user-file.txt b/crypto/heimdal/tests/gss/ntlm-user-file.txt deleted file mode 100644 index 853ba9b558c1..000000000000 --- a/crypto/heimdal/tests/gss/ntlm-user-file.txt +++ /dev/null @@ -1,2 +0,0 @@ -# $Id: ntlm-user-file.txt 19406 2006-12-18 13:12:44Z lha $ -TEST:user1:u1 diff --git a/crypto/heimdal/tests/java/KerberosInit.java b/crypto/heimdal/tests/java/KerberosInit.java deleted file mode 100644 index 34714d9c218b..000000000000 --- a/crypto/heimdal/tests/java/KerberosInit.java +++ /dev/null @@ -1,95 +0,0 @@ -/* - * - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $Id$ - */ - -import javax.security.auth.login.*; -import javax.security.auth.callback.*; - -public class KerberosInit { - - private class TestCallBackHandler implements CallbackHandler { - - public void handle(Callback[] callbacks) - throws UnsupportedCallbackException { - for (int i = 0; i < callbacks.length; i++) { - if (callbacks[i] instanceof TextOutputCallback) { - TextOutputCallback toc = (TextOutputCallback)callbacks[i]; - System.out.println(toc.getMessage()); - } else if (callbacks[i] instanceof NameCallback) { - NameCallback nc = (NameCallback)callbacks[i]; - nc.setName("lha"); - } else if (callbacks[i] instanceof PasswordCallback) { - PasswordCallback pc = (PasswordCallback)callbacks[i]; - pc.setPassword("foo".toCharArray()); - } else { - throw new - UnsupportedCallbackException(callbacks[i], - "Unrecognized Callback"); - } - } - } - } - private TestCallBackHandler getHandler() { - return new TestCallBackHandler(); - } - - public static void main(String[] args) { - - LoginContext lc = null; - try { - lc = new LoginContext("kinit", new KerberosInit().getHandler()); - } catch (LoginException e) { - System.err.println("Cannot create LoginContext. " + e.getMessage()); - e.printStackTrace(); - System.exit(1); - } catch (SecurityException e) { - System.err.println("Cannot create LoginContext. " + e.getMessage()); - e.printStackTrace(); - System.exit(1); - } - - try { - lc.login(); - } catch (LoginException e) { - System.err.println("Authentication failed:" + e.getMessage()); - e.printStackTrace(); - System.exit(1); - } - - System.out.println("lc.login ok"); - System.exit(0); - } -} - diff --git a/crypto/heimdal/tests/java/Makefile.am b/crypto/heimdal/tests/java/Makefile.am deleted file mode 100644 index 7785ca1aa273..000000000000 --- a/crypto/heimdal/tests/java/Makefile.am +++ /dev/null @@ -1,44 +0,0 @@ -# $Id: Makefile.am 20739 2007-05-31 16:53:21Z lha $ - -include $(top_srcdir)/Makefile.am.common - -noinst_DATA = krb5.conf - -check_SCRIPTS = $(SCRIPT_TESTS) - -SCRIPT_TESTS = check-kinit - -TESTS = $(SCRIPT_TESTS) - -port = 49188 - -do_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ - -e 's,[@]port[@],$(port),g' \ - -e 's,[@]objdir[@],$(top_builddir)/tests/java,g' - -LDADD = ../../lib/krb5/libkrb5.la $(LIB_roken) - -check-kinit: check-kinit.in Makefile - $(do_subst) < $(srcdir)/check-kinit.in > check-kinit.tmp - chmod +x check-kinit.tmp - mv check-kinit.tmp check-kinit - -krb5.conf: krb5.conf.in Makefile - $(do_subst) < $(srcdir)/krb5.conf.in > krb5.conf.tmp - mv krb5.conf.tmp krb5.conf - -CLEANFILES= \ - $(TESTS) \ - *.tmp \ - *.class \ - current-db* \ - krb5.conf \ - messages.log - - -EXTRA_DIST = \ - KerberosInit.java \ - jaas.conf \ - check-kinit.in \ - have-java.sh \ - krb5.conf.in diff --git a/crypto/heimdal/tests/java/Makefile.in b/crypto/heimdal/tests/java/Makefile.in deleted file mode 100644 index 9161e3977ba3..000000000000 --- a/crypto/heimdal/tests/java/Makefile.in +++ /dev/null @@ -1,768 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 20739 2007-05-31 16:53:21Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = tests/java -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -DATA = $(noinst_DATA) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -noinst_DATA = krb5.conf -check_SCRIPTS = $(SCRIPT_TESTS) -SCRIPT_TESTS = check-kinit -TESTS = $(SCRIPT_TESTS) -port = 49188 -do_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ - -e 's,[@]port[@],$(port),g' \ - -e 's,[@]objdir[@],$(top_builddir)/tests/java,g' - -LDADD = ../../lib/krb5/libkrb5.la $(LIB_roken) -CLEANFILES = \ - $(TESTS) \ - *.tmp \ - *.class \ - current-db* \ - krb5.conf \ - messages.log - -EXTRA_DIST = \ - KerberosInit.java \ - jaas.conf \ - check-kinit.in \ - have-java.sh \ - krb5.conf.in - -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps tests/java/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps tests/java/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -tags: TAGS -TAGS: - -ctags: CTAGS -CTAGS: - - -check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ - srcdir=$(srcdir); export srcdir; \ - list=' $(TESTS) '; \ - if test -n "$$list"; then \ - for tst in $$list; do \ - if test -f ./$$tst; then dir=./; \ - elif test -f $$tst; then dir=; \ - else dir="$(srcdir)/"; fi; \ - if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xpass=`expr $$xpass + 1`; \ - failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ - ;; \ - *) \ - echo "PASS: $$tst"; \ - ;; \ - esac; \ - elif test $$? -ne 77; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ - ;; \ - *) \ - failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ - ;; \ - esac; \ - else \ - skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ - fi; \ - else \ - if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ - else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ - fi; \ - fi; \ - dashes="$$banner"; \ - skipped=""; \ - if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ - test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$skipped"; \ - fi; \ - report=""; \ - if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ - report="Please report to $(PACKAGE_BUGREPORT)"; \ - test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$report"; \ - fi; \ - dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - test -z "$$skipped" || echo "$$skipped"; \ - test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0; \ - else :; fi - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) $(check_SCRIPTS) - $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local -check: check-am -all-am: Makefile $(DATA) all-local -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: all all-am all-local check check-TESTS check-am check-local \ - clean clean-generic clean-libtool dist-hook distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -check-kinit: check-kinit.in Makefile - $(do_subst) < $(srcdir)/check-kinit.in > check-kinit.tmp - chmod +x check-kinit.tmp - mv check-kinit.tmp check-kinit - -krb5.conf: krb5.conf.in Makefile - $(do_subst) < $(srcdir)/krb5.conf.in > krb5.conf.tmp - mv krb5.conf.tmp krb5.conf -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/tests/java/check-kinit.in b/crypto/heimdal/tests/java/check-kinit.in deleted file mode 100644 index 1ef59f74bfa1..000000000000 --- a/crypto/heimdal/tests/java/check-kinit.in +++ /dev/null @@ -1,101 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id$ -# - -srcdir="@srcdir@" -objdir="@objdir@" -port="@port@" - -# Disable test if: no data, no java, or socket wrapper -../db/have-db || exit 77 -sh ${srcdir}/have-java.sh || exit 77 -[ X"$SOCKET_WRAPPER_DIR" != X ] && exit 77 - -R=TEST.H5L.SE - -kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -l -r $R" -kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=127.0.0.1 -P $port" - -KRB5_CONFIG="${objdir}/krb5.conf" -export KRB5_CONFIG - -rm -f ${keytabfile} messages.log -rm -f current-db* -rm -f out-* -rm -f mkey.file* - -echo "Compile" -javac -d "${objdir}" "${srcdir}/KerberosInit.java" || \ - { echo "Failed to compile java program: $?" ; exit 77; } - -> messages.log - -echo Creating database -${kadmin} \ - init \ - --realm-max-ticket-life=1day \ - --realm-max-renewable-life=1month \ - ${R} || exit 1 - -${kadmin} add -p foo --use-defaults lha@${R} || exit 1 -${kadmin} modify --attributes=+requires-pre-auth lha@${R} || exit 1 - -echo Starting kdc -${kdc} & -kdcpid=$! - -sh ${srcdir}/../kdc/wait-kdc.sh -if [ "$?" != 0 ] ; then - kill ${kdcpid} - exit 1 -fi - -trap "kill ${kdcpid}; echo signal killing kdc; exit 1;" EXIT - -echo "Run init" -java \ - -Dsun.security.krb5.debug=true \ - -Djava.security.krb5.conf="${objdir}"/krb5.conf \ - -Djava.security.auth.login.config="${srcdir}/jaas.conf" \ - KerberosInit > output.tmp 2>&1 || { cat output.tmp ; exit 1; } - -echo "Done" - -echo "killing kdc (${kdcpid})" -kill $kdcpid || exit 1 - -trap "" EXIT - -exit 0 diff --git a/crypto/heimdal/tests/java/have-java.sh b/crypto/heimdal/tests/java/have-java.sh deleted file mode 100644 index da84b039dac6..000000000000 --- a/crypto/heimdal/tests/java/have-java.sh +++ /dev/null @@ -1,58 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id$ -# - -echo "Checking for java and javac" - -oldifs=$IFS -IFS=: -set -- $PATH -IFS=$oldifs -for i in $*; do - test -n "$i" || i="." - test -x $i/java && j=f - test -x $i/javac && k=c -done - -test "$j$k" = fc || exit 1 - -# GNU GCC Java doesn't support Kerberos -if java -version 2>&1 | grep 'gij' > /dev/null ; then - exit 1 -fi - -echo "ok" - -exit 0 diff --git a/crypto/heimdal/tests/java/jaas.conf b/crypto/heimdal/tests/java/jaas.conf deleted file mode 100644 index a61fb4903b03..000000000000 --- a/crypto/heimdal/tests/java/jaas.conf +++ /dev/null @@ -1,5 +0,0 @@ -/* $Id$ */ - -kinit { - com.sun.security.auth.module.Krb5LoginModule required; -}; diff --git a/crypto/heimdal/tests/java/krb5.conf.in b/crypto/heimdal/tests/java/krb5.conf.in deleted file mode 100644 index d301fa47e886..000000000000 --- a/crypto/heimdal/tests/java/krb5.conf.in +++ /dev/null @@ -1,30 +0,0 @@ -# $Id$ - -[libdefaults] - default_realm = TEST.H5L.SE - - -[realms] - TEST.H5L.SE = { - kdc = localhost:@port@ - } - -[kdc] - database = { - dbname = @objdir@/current-db - realm = TEST.H5L.SE - mkey_file = @objdir@/mkey.file - } - -[logging] - kdc = 0-/FILE:@objdir@/messages.log - default = 0-/FILE:@objdir@/messages.log - -# Have both default and non default salting for single DES encryptes, -# this to check if the kdc return default salting. -[kadmin] - default_keys = aes256-cts-hmac-sha1-96:pw-salt - default_keys = aes128-cts-hmac-sha1-96:pw-salt - default_keys = des3-cbc-sha1:pw-salt - default_keys = des:pw-salt - default_keys = des:pw-salt: diff --git a/crypto/heimdal/tests/kdc/Makefile.am b/crypto/heimdal/tests/kdc/Makefile.am deleted file mode 100644 index b22386ae8610..000000000000 --- a/crypto/heimdal/tests/kdc/Makefile.am +++ /dev/null @@ -1,159 +0,0 @@ -# $Id: Makefile.am 22447 2008-01-15 06:05:17Z lha $ - -include $(top_srcdir)/Makefile.am.common - -noinst_DATA = \ - krb5.conf \ - krb5-pkinit.conf \ - krb5-pkinit-win.conf \ - krb5-slave.conf - -check_PROGRAMS = ap-req -check_SCRIPTS = $(SCRIPT_TESTS) - -SCRIPT_TESTS = \ - check-digest \ - check-kadmin \ - check-kdc \ - check-keys \ - check-pkinit \ - check-iprop \ - check-referral \ - check-uu - -TESTS = $(SCRIPT_TESTS) - -port = 49188 -admport = 49189 - -if HAVE_DLOPEN -do_dlopen = -e 's,[@]DLOPEN[@],true,g' -else -do_dlopen = -e 's,[@]DLOPEN[@],false,g' -endif - -do_subst = sed $(do_dlopen) \ - -e 's,[@]srcdir[@],$(srcdir),g' \ - -e 's,[@]port[@],$(port),g' \ - -e 's,[@]admport[@],$(admport),g' \ - -e 's,[@]objdir[@],$(top_builddir)/tests/kdc,g' \ - -e 's,[@]EGREP[@],$(EGREP),g' - -LDADD = ../../lib/krb5/libkrb5.la $(LIB_roken) - -check-kdc: check-kdc.in Makefile - $(do_subst) < $(srcdir)/check-kdc.in > check-kdc.tmp - chmod +x check-kdc.tmp - mv check-kdc.tmp check-kdc - -check-keys: check-keys.in Makefile - $(do_subst) < $(srcdir)/check-keys.in > check-keys.tmp - chmod +x check-keys.tmp - mv check-keys.tmp check-keys - -check-kadmin: check-kadmin.in Makefile - $(do_subst) < $(srcdir)/check-kadmin.in > check-kadmin.tmp - chmod +x check-kadmin.tmp - mv check-kadmin.tmp check-kadmin - -check-uu: check-uu.in Makefile - $(do_subst) < $(srcdir)/check-uu.in > check-uu.tmp - chmod +x check-uu.tmp - mv check-uu.tmp check-uu - -check-pkinit: check-pkinit.in Makefile krb5-pkinit.conf - $(do_subst) < $(srcdir)/check-pkinit.in > check-pkinit.tmp - chmod +x check-pkinit.tmp - mv check-pkinit.tmp check-pkinit - -check-iprop: check-iprop.in Makefile krb5.conf krb5-slave.conf - $(do_subst) < $(srcdir)/check-iprop.in > check-iprop.tmp - chmod +x check-iprop.tmp - mv check-iprop.tmp check-iprop - -check-digest: check-digest.in Makefile - $(do_subst) < $(srcdir)/check-digest.in > check-digest.tmp - chmod +x check-digest.tmp - mv check-digest.tmp check-digest - -check-referral: check-referral.in Makefile - $(do_subst) < $(srcdir)/check-referral.in > check-referral.tmp - chmod +x check-referral.tmp - mv check-referral.tmp check-referral - -krb5.conf: krb5.conf.in Makefile - $(do_subst) \ - -e 's,[@]kdc[@],,g' < $(srcdir)/krb5.conf.in > krb5.conf.tmp - mv krb5.conf.tmp krb5.conf - -krb5-slave.conf: krb5.conf.in Makefile - $(do_subst) \ - -e 's,[@]kdc[@],.slave,g' < $(srcdir)/krb5.conf.in > krb5-slave.conf.tmp - mv krb5-slave.conf.tmp krb5-slave.conf - -krb5-pkinit.conf: krb5-pkinit.conf.in Makefile - $(do_subst) -e 's,[@]w2k[@],no,g' < $(srcdir)/krb5-pkinit.conf.in > krb5-pkinit.conf.tmp - mv krb5-pkinit.conf.tmp krb5-pkinit.conf - -krb5-pkinit-win.conf: krb5-pkinit.conf.in Makefile - $(do_subst) -e 's,[@]w2k[@],yes,g' < $(srcdir)/krb5-pkinit.conf.in > krb5-pkinit-win.conf.tmp - mv krb5-pkinit-win.conf.tmp krb5-pkinit-win.conf - -CLEANFILES= \ - $(TESTS) \ - iprop-stats \ - barpassword \ - cache.krb5 \ - cdigest-reply \ - *.tmp \ - client-cache \ - current-db* \ - current*.log \ - iprop.keytab \ - digest-reply \ - foopassword \ - krb5.conf \ - krb5-slave.conf \ - krb5-pkinit.conf \ - krb5-pkinit-win.conf \ - krb5.conf.keys \ - signal \ - messages.log \ - o2cache.krb5 \ - o2digest-reply \ - ocache.krb5 \ - s2digest-reply \ - sdigest-init \ - sdigest-reply \ - server.keytab \ - req-pkinit.der \ - req-pkinit2.der \ - req-kdc.der \ - pkinit.crt \ - pkinit2.crt \ - pkinit3.crt \ - kdc.crt \ - ca.crt \ - uuserver.log \ - tempfile \ - test-rc-file.rc - -EXTRA_DIST = \ - check-kadmin.in \ - check-kdc.in \ - check-keys.in \ - check-referral.in \ - check-uu.in \ - check-pkinit.in \ - check-iprop.in \ - check-digest.in \ - heimdal.acl \ - krb5.conf.in \ - krb5.conf.keys.in \ - krb5-pkinit.conf.in \ - iprop-acl \ - wait-kdc.sh \ - pki-mapping \ - ntlm-user-file.txt \ - uuserver.txt \ - donotexists.txt diff --git a/crypto/heimdal/tests/kdc/Makefile.in b/crypto/heimdal/tests/kdc/Makefile.in deleted file mode 100644 index cf6f6d8489cc..000000000000 --- a/crypto/heimdal/tests/kdc/Makefile.in +++ /dev/null @@ -1,971 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22447 2008-01-15 06:05:17Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -check_PROGRAMS = ap-req$(EXEEXT) -subdir = tests/kdc -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -ap_req_SOURCES = ap-req.c -ap_req_OBJECTS = ap-req.$(OBJEXT) -ap_req_LDADD = $(LDADD) -am__DEPENDENCIES_1 = -ap_req_DEPENDENCIES = ../../lib/krb5/libkrb5.la $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = ap-req.c -DIST_SOURCES = ap-req.c -DATA = $(noinst_DATA) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -noinst_DATA = \ - krb5.conf \ - krb5-pkinit.conf \ - krb5-pkinit-win.conf \ - krb5-slave.conf - -check_SCRIPTS = $(SCRIPT_TESTS) -SCRIPT_TESTS = \ - check-digest \ - check-kadmin \ - check-kdc \ - check-keys \ - check-pkinit \ - check-iprop \ - check-referral \ - check-uu - -TESTS = $(SCRIPT_TESTS) -port = 49188 -admport = 49189 -@HAVE_DLOPEN_FALSE@do_dlopen = -e 's,[@]DLOPEN[@],false,g' -@HAVE_DLOPEN_TRUE@do_dlopen = -e 's,[@]DLOPEN[@],true,g' -do_subst = sed $(do_dlopen) \ - -e 's,[@]srcdir[@],$(srcdir),g' \ - -e 's,[@]port[@],$(port),g' \ - -e 's,[@]admport[@],$(admport),g' \ - -e 's,[@]objdir[@],$(top_builddir)/tests/kdc,g' \ - -e 's,[@]EGREP[@],$(EGREP),g' - -LDADD = ../../lib/krb5/libkrb5.la $(LIB_roken) -CLEANFILES = \ - $(TESTS) \ - iprop-stats \ - barpassword \ - cache.krb5 \ - cdigest-reply \ - *.tmp \ - client-cache \ - current-db* \ - current*.log \ - iprop.keytab \ - digest-reply \ - foopassword \ - krb5.conf \ - krb5-slave.conf \ - krb5-pkinit.conf \ - krb5-pkinit-win.conf \ - krb5.conf.keys \ - signal \ - messages.log \ - o2cache.krb5 \ - o2digest-reply \ - ocache.krb5 \ - s2digest-reply \ - sdigest-init \ - sdigest-reply \ - server.keytab \ - req-pkinit.der \ - req-pkinit2.der \ - req-kdc.der \ - pkinit.crt \ - pkinit2.crt \ - pkinit3.crt \ - kdc.crt \ - ca.crt \ - uuserver.log \ - tempfile \ - test-rc-file.rc - -EXTRA_DIST = \ - check-kadmin.in \ - check-kdc.in \ - check-keys.in \ - check-referral.in \ - check-uu.in \ - check-pkinit.in \ - check-iprop.in \ - check-digest.in \ - heimdal.acl \ - krb5.conf.in \ - krb5.conf.keys.in \ - krb5-pkinit.conf.in \ - iprop-acl \ - wait-kdc.sh \ - pki-mapping \ - ntlm-user-file.txt \ - uuserver.txt \ - donotexists.txt - -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps tests/kdc/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps tests/kdc/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -clean-checkPROGRAMS: - @list='$(check_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done -ap-req$(EXEEXT): $(ap_req_OBJECTS) $(ap_req_DEPENDENCIES) - @rm -f ap-req$(EXEEXT) - $(LINK) $(ap_req_OBJECTS) $(ap_req_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ - srcdir=$(srcdir); export srcdir; \ - list=' $(TESTS) '; \ - if test -n "$$list"; then \ - for tst in $$list; do \ - if test -f ./$$tst; then dir=./; \ - elif test -f $$tst; then dir=; \ - else dir="$(srcdir)/"; fi; \ - if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xpass=`expr $$xpass + 1`; \ - failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ - ;; \ - *) \ - echo "PASS: $$tst"; \ - ;; \ - esac; \ - elif test $$? -ne 77; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ - ;; \ - *) \ - failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ - ;; \ - esac; \ - else \ - skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ - fi; \ - else \ - if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ - else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ - fi; \ - fi; \ - dashes="$$banner"; \ - skipped=""; \ - if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ - test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$skipped"; \ - fi; \ - report=""; \ - if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ - report="Please report to $(PACKAGE_BUGREPORT)"; \ - test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$report"; \ - fi; \ - dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - test -z "$$skipped" || echo "$$skipped"; \ - test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0; \ - else :; fi - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) $(check_SCRIPTS) - $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local -check: check-am -all-am: Makefile $(DATA) all-local -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-checkPROGRAMS clean-generic clean-libtool \ - mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \ - check-local clean clean-checkPROGRAMS clean-generic \ - clean-libtool ctags dist-hook distclean distclean-compile \ - distclean-generic distclean-libtool distclean-tags distdir dvi \ - dvi-am html html-am info info-am install install-am \ - install-data install-data-am install-data-hook install-dvi \ - install-dvi-am install-exec install-exec-am install-exec-hook \ - install-html install-html-am install-info install-info-am \ - install-man install-pdf install-pdf-am install-ps \ - install-ps-am install-strip installcheck installcheck-am \ - installdirs maintainer-clean maintainer-clean-generic \ - mostlyclean mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \ - uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -check-kdc: check-kdc.in Makefile - $(do_subst) < $(srcdir)/check-kdc.in > check-kdc.tmp - chmod +x check-kdc.tmp - mv check-kdc.tmp check-kdc - -check-keys: check-keys.in Makefile - $(do_subst) < $(srcdir)/check-keys.in > check-keys.tmp - chmod +x check-keys.tmp - mv check-keys.tmp check-keys - -check-kadmin: check-kadmin.in Makefile - $(do_subst) < $(srcdir)/check-kadmin.in > check-kadmin.tmp - chmod +x check-kadmin.tmp - mv check-kadmin.tmp check-kadmin - -check-uu: check-uu.in Makefile - $(do_subst) < $(srcdir)/check-uu.in > check-uu.tmp - chmod +x check-uu.tmp - mv check-uu.tmp check-uu - -check-pkinit: check-pkinit.in Makefile krb5-pkinit.conf - $(do_subst) < $(srcdir)/check-pkinit.in > check-pkinit.tmp - chmod +x check-pkinit.tmp - mv check-pkinit.tmp check-pkinit - -check-iprop: check-iprop.in Makefile krb5.conf krb5-slave.conf - $(do_subst) < $(srcdir)/check-iprop.in > check-iprop.tmp - chmod +x check-iprop.tmp - mv check-iprop.tmp check-iprop - -check-digest: check-digest.in Makefile - $(do_subst) < $(srcdir)/check-digest.in > check-digest.tmp - chmod +x check-digest.tmp - mv check-digest.tmp check-digest - -check-referral: check-referral.in Makefile - $(do_subst) < $(srcdir)/check-referral.in > check-referral.tmp - chmod +x check-referral.tmp - mv check-referral.tmp check-referral - -krb5.conf: krb5.conf.in Makefile - $(do_subst) \ - -e 's,[@]kdc[@],,g' < $(srcdir)/krb5.conf.in > krb5.conf.tmp - mv krb5.conf.tmp krb5.conf - -krb5-slave.conf: krb5.conf.in Makefile - $(do_subst) \ - -e 's,[@]kdc[@],.slave,g' < $(srcdir)/krb5.conf.in > krb5-slave.conf.tmp - mv krb5-slave.conf.tmp krb5-slave.conf - -krb5-pkinit.conf: krb5-pkinit.conf.in Makefile - $(do_subst) -e 's,[@]w2k[@],no,g' < $(srcdir)/krb5-pkinit.conf.in > krb5-pkinit.conf.tmp - mv krb5-pkinit.conf.tmp krb5-pkinit.conf - -krb5-pkinit-win.conf: krb5-pkinit.conf.in Makefile - $(do_subst) -e 's,[@]w2k[@],yes,g' < $(srcdir)/krb5-pkinit.conf.in > krb5-pkinit-win.conf.tmp - mv krb5-pkinit-win.conf.tmp krb5-pkinit-win.conf -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/tests/kdc/ap-req.c b/crypto/heimdal/tests/kdc/ap-req.c deleted file mode 100644 index 24cc6111c7dc..000000000000 --- a/crypto/heimdal/tests/kdc/ap-req.c +++ /dev/null @@ -1,221 +0,0 @@ -/* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: ap-req.c 19807 2007-01-10 19:35:45Z lha $"); -#endif - -#include -#include -#include -#include -#include -#include - -static int verify_pac = 0; -static int version_flag = 0; -static int help_flag = 0; - -static struct getargs args[] = { - {"verify-pac",0, arg_flag, &verify_pac, - "verify the PAC", NULL }, - {"version", 0, arg_flag, &version_flag, - "print version", NULL }, - {"help", 0, arg_flag, &help_flag, - NULL, NULL } -}; - -static void -usage (int ret) -{ - arg_printusage (args, sizeof(args)/sizeof(*args), NULL, "..."); - exit (ret); -} - - -static void -test_ap(krb5_context context, - krb5_principal sprincipal, - krb5_keytab keytab, - krb5_ccache ccache, - const krb5_flags client_flags) -{ - krb5_error_code ret; - krb5_auth_context client_ac = NULL, server_ac = NULL; - krb5_data data; - krb5_flags server_flags; - krb5_ticket *ticket = NULL; - int32_t server_seq, client_seq; - - ret = krb5_mk_req_exact(context, - &client_ac, - client_flags, - sprincipal, - NULL, - ccache, - &data); - if (ret) - krb5_err(context, 1, ret, "krb5_mk_req_exact"); - - ret = krb5_rd_req(context, - &server_ac, - &data, - sprincipal, - keytab, - &server_flags, - &ticket); - if (ret) - krb5_err(context, 1, ret, "krb5_rd_req"); - - - if (server_flags & AP_OPTS_MUTUAL_REQUIRED) { - krb5_ap_rep_enc_part *repl; - - krb5_data_free(&data); - - if ((client_flags & AP_OPTS_MUTUAL_REQUIRED) == 0) - krb5_errx(context, 1, "client flag missing mutual req"); - - ret = krb5_mk_rep (context, server_ac, &data); - if (ret) - krb5_err(context, 1, ret, "krb5_mk_rep"); - - ret = krb5_rd_rep (context, - client_ac, - &data, - &repl); - if (ret) - krb5_err(context, 1, ret, "krb5_rd_rep"); - - krb5_free_ap_rep_enc_part (context, repl); - } else { - if (client_flags & AP_OPTS_MUTUAL_REQUIRED) - krb5_errx(context, 1, "server flag missing mutual req"); - } - - krb5_auth_getremoteseqnumber(context, server_ac, &server_seq); - krb5_auth_getremoteseqnumber(context, client_ac, &client_seq); - if (server_seq != client_seq) - krb5_errx(context, 1, "seq num differ"); - - krb5_auth_con_getlocalseqnumber(context, server_ac, &server_seq); - krb5_auth_con_getlocalseqnumber(context, client_ac, &client_seq); - if (server_seq != client_seq) - krb5_errx(context, 1, "seq num differ"); - - krb5_data_free(&data); - krb5_auth_con_free(context, client_ac); - krb5_auth_con_free(context, server_ac); - - if (verify_pac) { - krb5_pac pac; - - ret = krb5_ticket_get_authorization_data_type(context, - ticket, - KRB5_AUTHDATA_WIN2K_PAC, - &data); - if (ret) - krb5_err(context, 1, ret, "get pac"); - - ret = krb5_pac_parse(context, data.data, data.length, &pac); - if (ret) - krb5_err(context, 1, ret, "pac parse"); - - krb5_pac_free(context, pac); - } - - krb5_free_ticket(context, ticket); -} - - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - int optidx = 0; - const char *principal, *keytab, *ccache; - krb5_ccache id; - krb5_keytab kt; - krb5_principal sprincipal; - - setprogname(argv[0]); - - if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) - usage(1); - - if (help_flag) - usage (0); - - if(version_flag){ - print_version(NULL); - exit(0); - } - - argc -= optidx; - argv += optidx; - - if (argc < 3) - usage(1); - - principal = argv[0]; - keytab = argv[1]; - ccache = argv[2]; - - ret = krb5_init_context(&context); - if (ret) - errx (1, "krb5_init_context failed: %d", ret); - - ret = krb5_cc_resolve(context, ccache, &id); - if (ret) - krb5_err(context, 1, ret, "krb5_cc_resolve"); - - ret = krb5_parse_name(context, principal, &sprincipal); - if (ret) - krb5_err(context, 1, ret, "krb5_parse_name"); - - ret = krb5_kt_resolve(context, keytab, &kt); - if (ret) - krb5_err(context, 1, ret, "krb5_kt_resolve"); - - test_ap(context, sprincipal, kt, id, 0); - test_ap(context, sprincipal, kt, id, AP_OPTS_MUTUAL_REQUIRED); - - krb5_cc_close(context, id); - krb5_kt_close(context, kt); - krb5_free_principal(context, sprincipal); - - krb5_free_context(context); - - return ret; -} diff --git a/crypto/heimdal/tests/kdc/check-digest.in b/crypto/heimdal/tests/kdc/check-digest.in deleted file mode 100644 index cb6c19f8dcb7..000000000000 --- a/crypto/heimdal/tests/kdc/check-digest.in +++ /dev/null @@ -1,295 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: check-digest.in 21849 2007-08-08 06:56:41Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" - -# If there is no useful db support compile in, disable test -../db/have-db || exit 77 - -R=TEST.H5L.SE - -port=@port@ - -kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -l -r $R" -kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=localhost -P $port" - -server=host/datan.test.h5l.se -cache="FILE:${objdir}/cache.krb5" -ocache="FILE:${objdir}/ocache.krb5" -keytabfile=${objdir}/server.keytab -keytab="FILE:${keytabfile}" - -kinit="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cache --no-afslog" -klist="${TESTS_ENVIRONMENT} ../../kuser/klist -c $cache" -kdigest="${TESTS_ENVIRONMENT} ../../kuser/kdigest --ccache=$cache" -test_ntlm="${TESTS_ENVIRONMENT} ../../lib/gssapi/test_ntlm" -context="${TESTS_ENVIRONMENT} ../../lib/gssapi/test_context" - -username=foo -userpassword=digestpassword - -password=foobarbaz - -KRB5_CONFIG="${objdir}/krb5.conf" -export KRB5_CONFIG - -rm -f ${keytabfile} -rm -f current-db* -rm -f out-* -rm -f mkey.file* - -> messages.log - -echo Creating database -${kadmin} \ - init \ - --realm-max-ticket-life=1day \ - --realm-max-renewable-life=1month \ - ${R} || exit 1 - -${kadmin} add -p $userpassword --use-defaults ${username}@${R} || exit 1 -${kadmin} add -p $password --use-defaults ${server}@${R} || exit 1 -${kadmin} add -p kaka --use-defaults digest/${R}@${R} || exit 1 -${kadmin} modify --attributes=+allow-digest ${server}@${R} || exit 1 -${kadmin} ext -k ${keytab} ${server}@${R} || exit 1 - -echo "Doing database check" -${kadmin} check ${R} || exit 1 - -echo $password > ${objdir}/foopassword - -echo Starting kdc -${kdc} & -kdcpid=$! - -sh ${srcdir}/wait-kdc.sh -if [ "$?" != 0 ] ; then - kill ${kdcpid} - exit 1 -fi - -trap "kill ${kdcpid}; echo signal killing kdc; cat messages.log; exit 1;" EXIT - -exitcode=0 - -echo "Getting digest server tickets" -${kinit} --password-file=${objdir}/foopassword ${server}@$R || exitcode=1 -${kdigest} digest-server-init \ - --kerberos-realm=${R} \ - --type=CHAP > /dev/null || exitcode=1 - -echo "Trying NTLM" - -NTLM_ACCEPTOR_CCACHE="$cache" -export NTLM_ACCEPTOR_CCACHE - -echo "Trying server-init" -echo ${kdigest} ntlm-server-init \ - --kerberos-realm=${R} \ - > sdigest-init || exitcode=1 - -echo "test_ntlm" -${test_ntlm} || { echo "test_ntlm failed"; exit 1; } - -NTLM_USER_FILE="${srcdir}/ntlm-user-file.txt" -export NTLM_USER_FILE - -echo "test_context --mech-type=ntlm" -${context} --mech-type=ntlm \ - --name-type=hostbased-service datan@TEST || \ - { echo "test_context 1 failed"; exit 1; } - -${context} --mech-type=ntlm \ - --name-type=hostbased-service datan@host.TEST || \ - { echo "test_context 2 failed"; exit 1; } - -${context} --mech-type=ntlm \ - --name-type=hostbased-service datan@host.test.domain2 || \ - { echo "test_context 3 failed"; exit 1; } - -${context} --mech-type=ntlm \ - --name-type=hostbased-service datan@host.foo 2>/dev/null && \ - { echo "test_context 4 failed"; exit 1; } - -echo "Trying SL in NTLM" - - -for type in \ - "" \ - "--getverifymic" \ - "--wrapunwrap" \ - "--getverifymic --wrapunwrap" \ - ; do - - echo "Trying NTLM type: ${type}" - ${context} --mech-type=ntlm ${type} \ - --name-type=hostbased-service datan@TEST || \ - { echo "test_context 1 failed"; exit 1; } - -done - - -echo "Trying CHAP" - -${kdigest} digest-server-init \ - --kerberos-realm=${R} \ - --type=CHAP \ - > sdigest-reply || exitcode=1 - -snonce=`grep server-nonce= sdigest-reply | cut -f2- -d=` -identifier=`grep identifier= sdigest-reply | cut -f2- -d=` -opaque=`grep opaque= sdigest-reply | cut -f2- -d=` - -${kdigest} digest-client-request \ - --type=CHAP \ - --username="$username" \ - --password="$userpassword" \ - --opaque="$opaque" \ - --server-identifier="$identifier" \ - --server-nonce="$snonce" \ - > cdigest-reply || exitcode=1 - -cresponseData=`grep responseData= cdigest-reply | cut -f2- -d=` - -#echo user: $username -#echo server-nonce: $snonce -#echo opaqeue: $opaque -#echo identifier: $identifier - -${kdigest} digest-server-request \ - --kerberos-realm=${R} \ - --type=CHAP \ - --username="$username" \ - --opaque="$opaque" \ - --client-response="$cresponseData" \ - --server-identifier="$identifier" \ - --server-nonce="$snonce" \ - > s2digest-reply || exitcode=1 - -status=`grep status= s2digest-reply | cut -f2- -d=` - -if test "X$status" = "Xok" ; then - echo "CHAP response ok" -else - echo "CHAP response failed" - exitcode=1 -fi - -cresponseData=`echo $cresponseData | sed 's/..../DEADBEEF/'` - -${kdigest} digest-server-request \ - --kerberos-realm=${R} \ - --type=CHAP \ - --username="$username" \ - --opaque="$opaque" \ - --client-response="$cresponseData" \ - --server-identifier="$identifier" \ - --server-nonce="$snonce" \ - > s2digest-reply || exitcode=1 - -status=`grep status= s2digest-reply | cut -f2- -d=` - -if test "X$status" = "Xfailed" ; then - echo "CHAP response fail as it should" -else - echo "CHAP response succeeded errorously" - exitcode=1 -fi - -echo "Trying MS-CHAP-V2" - -${kdigest} digest-server-init \ - --kerberos-realm=${R} \ - --type=MS-CHAP-V2 \ - > sdigest-reply || exitcode=1 - -snonce=`grep server-nonce= sdigest-reply | cut -f2- -d=` -opaque=`grep opaque= sdigest-reply | cut -f2- -d=` -cnonce="21402324255E262A28295F2B3A337C7E" - -echo "MS-CHAP-V2 client request" -${kdigest} digest-client-request \ - --type=MS-CHAP-V2 \ - --username="$username" \ - --password="$userpassword" \ - --opaque="$opaque" \ - --client-nonce="$cnonce" \ - --server-nonce="$snonce" \ - > cdigest-reply || exitcode=1 - -cresponseData=`grep responseData= cdigest-reply | cut -f2- -d=` -cRsp=`grep AuthenticatorResponse= cdigest-reply | cut -f2- -d=` -ckey=`grep session-key= cdigest-reply | cut -f2- -d=` - -${kdigest} digest-server-request \ - --kerberos-realm=${R} \ - --type=MS-CHAP-V2 \ - --username="$username" \ - --opaque="$opaque" \ - --client-response="$cresponseData" \ - --client-nonce="$cnonce" \ - --server-nonce="$snonce" \ - > s2digest-reply || exitcode=1 - -status=`grep status= s2digest-reply | cut -f2- -d=` -sRsp=`grep rsp= s2digest-reply | cut -f2- -d=` -skey=`grep session-key= s2digest-reply | cut -f2- -d=` - -if test "X$sRsp" != "X$cRsp" ; then - echo "rsp wrong $sRsp != $cRsp" - exitcode=1 -fi - -if test "X$skey" != "X$ckey" ; then - echo "rsp wrong" - exitcode=1 -fi - -if test "X$status" = "Xok" ; then - echo "MS-CHAP-V2 response ok" -else - echo "MS-CHAP-V2 response failed" - exitcode=1 -fi - -trap "" EXIT - -echo "killing kdc (${kdcpid})" -kill $kdcpid || exit 1 - -exit $exitcode - diff --git a/crypto/heimdal/tests/kdc/check-iprop.in b/crypto/heimdal/tests/kdc/check-iprop.in deleted file mode 100644 index 448824653613..000000000000 --- a/crypto/heimdal/tests/kdc/check-iprop.in +++ /dev/null @@ -1,248 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id$ -# - -srcdir="@srcdir@" -objdir="@objdir@" -EGREP="@EGREP@" - -# If there is no useful db support compile in, disable test -../db/have-db || exit 77 - -# Dont run this test in AFS, since it lacks support for AF_UNIX -expr "X`/bin/pwd || pwd`" : "X/afs/.*" > /dev/null 2>/dev/null && exit 77 - -R=TEST.H5L.SE - -port=@port@ - -cache="FILE:${objdir}/cache.krb5" -keytabfile=${objdir}/iprop.keytab -keytab="FILE:${keytabfile}" - -kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=localhost -P $port" -kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -r $R" -ipropdslave="${TESTS_ENVIRONMENT} ../../lib/kadm5/ipropd-slave" -ipropdmaster="${TESTS_ENVIRONMENT} ../../lib/kadm5/ipropd-master" -iproplog="${TESTS_ENVIRONMENT} ../../lib/kadm5/iprop-log" - -kinit="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cache --no-afslog" - -KRB5_CONFIG="${objdir}/krb5.conf" -export KRB5_CONFIG - -rm -f ${keytabfile} -rm -f current-db* -rm -f current*.log -rm -f out-* -rm -f mkey.file* -rm -f messages.log - -> messages.log - -echo Creating database -${kadmin} -l \ - init \ - --realm-max-ticket-life=1day \ - --realm-max-renewable-life=1month \ - ${R} || exit 1 - -${kadmin} -l add -p foo --use-defaults user@${R} || exit 1 - -${kadmin} -l add --random-key --use-defaults iprop/localhost@${R} || exit 1 -${kadmin} -l ext -k ${keytab} iprop/localhost@${R} || exit 1 -${kadmin} -l add --random-key --use-defaults iprop/slave@${R} || exit 1 -${kadmin} -l ext -k ${keytab} iprop/slave@${R} || exit 1 - -echo foo > ${objdir}/foopassword - -# -- foo -ipds= -ipdm= -kdcpid= - -> iprop-stats -trap "echo 'killing ipropd s + m + kdc'; kill \${ipdm} \${ipds} \${kdcpid} >/dev/null 2>/dev/null; tail messages.log ; tail iprop-stats; exit 1;" EXIT - -echo Starting kdc -${kdc} & -kdcpid=$! - -sh ${srcdir}/wait-kdc.sh || exit 1 - -echo "starting master" -${ipropdmaster} --hostname=localhost -k ${keytab} \ - --database=${objdir}/current-db & -ipdm=$! -sh ${srcdir}/wait-kdc.sh ipropd-master || exit 1 - -echo "starting slave" -KRB5_CONFIG="${objdir}/krb5-slave.conf" \ -${ipropdslave} --hostname=slave -k ${keytab} localhost & -ipds=$! -sh ${srcdir}/wait-kdc.sh ipropd-slave || exit 1 - -echo "checking slave is up" -${EGREP} 'iprop/slave@TEST.H5L.SE.*Up' iprop-stats >/dev/null || exit 1 - -# ----------------- checking: pushing lives changes - -echo "Add host" -${kadmin} -l add --random-key --use-defaults host/foo@${R} || exit 1 -sleep 2 -KRB5_CONFIG="${objdir}/krb5-slave.conf" \ -${kadmin} -l get host/foo@${R} > /dev/null || exit 1 - -echo "Rename host" -${kadmin} -l rename host/foo@${R} host/bar@${R} || exit 1 -sleep 2 -KRB5_CONFIG="${objdir}/krb5-slave.conf" \ -${kadmin} -l get host/foo@${R} > /dev/null 2>/dev/null && exit 1 -KRB5_CONFIG="${objdir}/krb5-slave.conf" \ -${kadmin} -l get host/bar@${R} > /dev/null || exit 1 - -echo "Delete host" -${kadmin} -l delete host/bar@${R} || exit 1 -sleep 2 -KRB5_CONFIG="${objdir}/krb5-slave.conf" \ -${kadmin} -l get host/bar@${R} > /dev/null 2>/dev/null && exit 1 - -echo "kill slave" -> iprop-stats -kill ${ipds} -sleep 2 - -${EGREP} 'iprop/slave@TEST.H5L.SE.*Down' iprop-stats >/dev/null || exit 1 - -# ----------------- checking: slave is missing changes while down - -echo "doing changes while slave is down" -${kadmin} -l cpw --random-password user@${R} > /dev/null || exit 1 -${kadmin} -l cpw --random-password user@${R} > /dev/null || exit 1 - -echo "Makeing a copy of the master log file" -cp ${objdir}/current.log ${objdir}/current.log.tmp - -# ----------------- checking: checking that master and slaves resyncs - -echo "starting slave again" -> iprop-stats -> messages.log -KRB5_CONFIG="${objdir}/krb5-slave.conf" \ -${ipropdslave} --hostname=slave -k ${keytab} localhost & -ipds=$! -sh ${srcdir}/wait-kdc.sh ipropd-slave || exit 1 - -echo "checking slave is up again" -${EGREP} 'iprop/slave@TEST.H5L.SE.*Up' iprop-stats >/dev/null || exit 1 -echo "checking for replay problems" -${EGREP} 'Entry already exists in database' messages.log && exit 1 - -echo "kill slave and remove log and database" -kill ${ipds} -sleep 2 - -rm current.slave.log current-db.slave* || exit 1 -> iprop-stats -> messages.log -KRB5_CONFIG="${objdir}/krb5-slave.conf" \ -${ipropdslave} --hostname=slave -k ${keytab} localhost & -ipds=$! -sh ${srcdir}/wait-kdc.sh ipropd-slave || exit 1 - -echo "checking slave is up again" -${EGREP} 'iprop/slave@TEST.H5L.SE.*Up' iprop-stats >/dev/null || exit 1 -echo "checking for replay problems" -${EGREP} 'Entry already exists in database' messages.log && exit 1 - -# ----------------- checking: checking live truncation of master log - -${kadmin} -l cpw --random-password user@${R} > /dev/null || exit 1 -sleep 2 - -echo "live truncate on master log" -${iproplog} truncate || exit 1 -sleep 2 - -echo "Killing master and slave" -kill ${ipdm} ${ipds} >/dev/null 2>/dev/null - -sleep 2 -${EGREP} "^master down at " iprop-stats > /dev/null || exit 1 - -echo "compare versions on master and slave logs" -KRB5_CONFIG=${objdir}/krb5-slave.conf \ -${iproplog} last-version > slave-last.tmp -${iproplog} last-version > master-last.tmp -cmp master-last.tmp slave-last.tmp || exit 1 - -# ----------------- checking: master going backward -> iprop-stats -> messages.log - -echo "Going back to old version of the master log file" -cp ${objdir}/current.log.tmp ${objdir}/current.log - -echo "starting master" -${ipropdmaster} --hostname=localhost -k ${keytab} \ - --database=${objdir}/current-db & -ipdm=$! -sh ${srcdir}/wait-kdc.sh ipropd-master || exit 1 - -echo "starting slave" -KRB5_CONFIG="${objdir}/krb5-slave.conf" \ -${ipropdslave} --hostname=slave -k ${keytab} localhost & -ipds=$! -sh ${srcdir}/wait-kdc.sh ipropd-slave || exit 1 - -echo "checking slave is up again" -${EGREP} 'iprop/slave@TEST.H5L.SE.*Up' iprop-stats >/dev/null || exit 1 -echo "checking for replay problems" -${EGREP} 'Entry already exists in database' messages.log && exit 1 - -echo "pushing one change" -${kadmin} -l cpw --random-password user@${R} > /dev/null || exit 1 -sleep 2 - -trap "" EXIT -kill ${ipdm} ${ipds} ${kdcpid} - -echo "compare versions on master and slave logs" -KRB5_CONFIG=${objdir}/krb5-slave.conf \ -${iproplog} last-version > slave-last.tmp -${iproplog} last-version > master-last.tmp -cmp master-last.tmp slave-last.tmp || exit 1 - -exit $ec diff --git a/crypto/heimdal/tests/kdc/check-kadmin.in b/crypto/heimdal/tests/kdc/check-kadmin.in deleted file mode 100644 index 7888e81ed963..000000000000 --- a/crypto/heimdal/tests/kdc/check-kadmin.in +++ /dev/null @@ -1,151 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id$ -# - -srcdir="@srcdir@" -objdir="@objdir@" -EGREP="@EGREP@" - -# If there is no useful db support compile in, disable test -../db/have-db || exit 77 - -R=TEST.H5L.SE -R2=TEST2.H5L.SE - -port=@port@ -admport=@admport@ - -cache="FILE:${objdir}/cache.krb5" - -kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -r $R" -kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=localhost -P $port" -kadmind="${TESTS_ENVIRONMENT} ../../kadmin/kadmind -p $admport" - -server=host/datan.test.h5l.se - -kinit="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cache --no-afslog" -kgetcred="${TESTS_ENVIRONMENT} ../../kuser/kgetcred -c $cache" -kdestroy="${TESTS_ENVIRONMENT} ../../kuser/kdestroy -c $cache --no-unlog" - -KRB5_CONFIG="${objdir}/krb5.conf" -export KRB5_CONFIG - -rm -f ${keytabfile} -rm -f current-db* -rm -f out-* -rm -f mkey.file* -rm -f messages.log - -> messages.log - -echo Creating database -${kadmin} -l \ - init \ - --realm-max-ticket-life=1day \ - --realm-max-renewable-life=1month \ - ${R} || exit 1 - -${kadmin} -l add -p foo --use-defaults foo/admin@${R} || exit 1 -${kadmin} -l add -p foo --use-defaults bar@${R} || exit 1 - -echo foo > ${objdir}/foopassword - -echo Starting kdc -${kdc} & -kdcpid=$! - -sh ${srcdir}/wait-kdc.sh -if [ "$?" != 0 ] ; then - kill ${kdcpid} - kill ${kadmpid} - exit 1 -fi - -trap "kill ${kdcpid} ${kadmpid}" EXIT - -#---------------------------------- -${kadmind} -d & -kadmpid=$! -sleep 1 - -echo "kinit (no admin)" -${kinit} --password-file=${objdir}/foopassword \ - -S kadmin/admin@${R} bar@${R} || exit 1 -echo "kadmin" -env KRB5CCNAME=${cache} \ -${kadmin} -p bar@${R} add -p foo --use-defaults kaka2@${R} || - { echo "kadmin failed $?"; cat messages.log ; exit 1; } - -${kadmin} -l get kaka2@${R} > /dev/null || - { echo "kadmin failed $?"; cat messages.log ; exit 1; } - -#---------------------------------- -${kadmind} -d & -kadmpid=$! -sleep 1 - -echo "kinit (admin)" -${kinit} --password-file=${objdir}/foopassword \ - -S kadmin/admin@${R} foo/admin@${R} || exit 1 - -echo "kadmin" -env KRB5CCNAME=${cache} \ -${kadmin} -p foo/admin@${R} add -p foo --use-defaults kaka@${R} || - { echo "kadmin failed $?"; cat messages.log ; exit 1; } - -#---------------------------------- -${kadmind} -d & -kadmpid=$! -sleep 1 - -echo "kadmin get doesnotexists" -env KRB5CCNAME=${cache} \ -${kadmin} -p foo/admin@${R} get -s doesnotexists@${R} \ - > /dev/null 2>kadmin.tmp && \ - { echo "kadmin passed"; cat messages.log ; exit 1; } - -# evil hack to support libtool -sed 's/lt-kadmin:/kadmin:/' < kadmin.tmp > kadmin2.tmp -mv kadmin2.tmp kadmin.tmp - -cmp kadmin.tmp ${srcdir}/donotexists.txt || \ - { echo "wrong response"; exit 1;} - -echo "killing kdc (${kdcpid} ${kadmpid})" -kill ${kdcpid} ${kadmpid} > /dev/null 2>/dev/null - -trap "" EXIT - -exit $ec diff --git a/crypto/heimdal/tests/kdc/check-kdc.in b/crypto/heimdal/tests/kdc/check-kdc.in deleted file mode 100644 index 3a43172471d1..000000000000 --- a/crypto/heimdal/tests/kdc/check-kdc.in +++ /dev/null @@ -1,413 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: check-kdc.in 22019 2007-10-24 20:47:59Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" -EGREP="@EGREP@" - -testfailed="echo test failed; cat messages.log; exit 1" - -# If there is no useful db support compile in, disable test -../db/have-db || exit 77 - -R=TEST.H5L.SE -R2=TEST2.H5L.SE - -port=@port@ - -kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -l -r $R" -kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=localhost -P $port" - -server=host/datan.test.h5l.se -server2=host/computer.example.com -cache="FILE:${objdir}/cache.krb5" -ocache="FILE:${objdir}/ocache.krb5" -o2cache="FILE:${objdir}/o2cache.krb5" -icache="FILE:${objdir}/icache.krb5" -keytabfile=${objdir}/server.keytab -keytab="FILE:${keytabfile}" -ps="proxy-service@${R}" -aesenctype="aes256-cts-hmac-sha1-96" - -kinit="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cache --no-afslog" -klist="${TESTS_ENVIRONMENT} ../../kuser/klist -c $cache" -kgetcred="${TESTS_ENVIRONMENT} ../../kuser/kgetcred -c $cache" -kgetcred_imp="${TESTS_ENVIRONMENT} ../../kuser/kgetcred -c $cache --out-cache=${ocache}" -kdestroy="${TESTS_ENVIRONMENT} ../../kuser/kdestroy -c $cache --no-unlog" -ktutil="${TESTS_ENVIRONMENT} ../../admin/ktutil" -hxtool="${TESTS_ENVIRONMENT} ../../lib/hx509/hxtool" -kimpersonate="${TESTS_ENVIRONMENT} ../../kuser/kimpersonate -k ${keytab} --ccache=${ocache}" -test_renew="${TESTS_ENVIRONMENT} ../../lib/krb5/test_renew" - -KRB5_CONFIG="${objdir}/krb5.conf" -export KRB5_CONFIG - -rm -f ${keytabfile} -rm -f current-db* -rm -f out-* -rm -f mkey.file* - -> messages.log - -echo Creating database -${kadmin} \ - init \ - --realm-max-ticket-life=1day \ - --realm-max-renewable-life=1month \ - ${R} || exit 1 - -${kadmin} \ - init \ - --realm-max-ticket-life=1day \ - --realm-max-renewable-life=1month \ - ${R2} || exit 1 - -${kadmin} cpw -r krbtgt/${R}@${R} || exit 1 -${kadmin} cpw -r krbtgt/${R}@${R} || exit 1 -${kadmin} cpw -r krbtgt/${R}@${R} || exit 1 -${kadmin} cpw -r krbtgt/${R}@${R} || exit 1 - -${kadmin} add -p foo --use-defaults foo@${R} || exit 1 -${kadmin} add -p bar --use-defaults bar@${R} || exit 1 -${kadmin} add -p foo --use-defaults remove@${R} || exit 1 -${kadmin} add -p kaka --use-defaults ${server}@${R} || exit 1 -${kadmin} add -p kaka --use-defaults ${server}-des3@${R} || exit 1 -${kadmin} add -p foo --use-defaults ${ps} || exit 1 -${kadmin} modify --attributes=+trusted-for-delegation ${ps} || exit 1 -${kadmin} modify --constrained-delegation=${server} ${ps} || exit 1 -${kadmin} ext -k ${keytab} ${server}@${R} || exit 1 -${kadmin} ext -k ${keytab} ${ps} || exit 1 - -${kadmin} add -p kaka --use-defaults ${server2}@${R2} || exit 1 -${kadmin} ext -k ${keytab} ${server2}@${R2} || exit 1 -${kadmin} add -p foo --use-defaults remove2@${R2} || exit 1 - -${kadmin} add -p cross1 --use-defaults krbtgt/${R2}@${R} || exit 1 -${kadmin} add -p cross2 --use-defaults krbtgt/${R}@${R2} || exit 1 - -${kadmin} add -p foo --use-defaults -- -p || exit 1 -${kadmin} delete -- -p || exit 1 - -echo "Doing database check" -${kadmin} check ${R} || exit 1 -${kadmin} check ${R2} || exit 1 - -echo "Extracting enctypes" -${ktutil} -k ${keytab} list > tempfile || exit 1 -${EGREP} -v '^FILE:' tempfile | ${EGREP} -v '^Vno' | ${EGREP} -v '^$' | \ - awk '$1 !~ /1/ { exit 1 }' || exit 1 - -${kadmin} get foo@${R} > tempfile || exit 1 -enctypes=`grep Keytypes: tempfile | sed 's/(pw-salt)//g' | sed 's/,//g' | sed 's/Keytypes://'` - -enctype_sans_aes=`echo $enctypes | sed 's/aes[^ ]*//g'` -enctype_sans_des3=`echo $enctypes | sed 's/des3-cbc-sha1//g'` - -echo foo > ${objdir}/foopassword - -echo Starting kdc -${kdc} & -kdcpid=$! - -sh ${srcdir}/wait-kdc.sh -if [ "$?" != 0 ] ; then - kill ${kdcpid} - exit 1 -fi - -trap "kill ${kdcpid}; echo signal killing kdc; exit 1;" EXIT - -ec=0 - -echo "Getting client initial tickets"; > messages.log -${kinit} --password-file=${objdir}/foopassword foo@$R || \ - { ec=1 ; eval "${testfailed}"; } -echo "Getting tickets"; > messages.log -${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } -echo "Listing tickets"; > messages.log -${klist} > /dev/null || { ec=1 ; eval "${testfailed}"; } -./ap-req ${server}@${R} ${keytab} ${cache} || \ - { ec=1 ; eval "${testfailed}"; } -${kdestroy} - -echo "Specific enctype"; > messages.log -${kinit} --password-file=${objdir}/foopassword \ - -e ${aesenctype} -e ${aesenctype} \ - foo@$R || \ - { ec=1 ; eval "${testfailed}"; } - -for a in $enctypes; do - echo "Getting client initial tickets ($a)"; > messages.log - ${kinit} --enctype=$a --password-file=${objdir}/foopassword foo@$R || { ec=1 ; eval "${testfailed}"; } - echo "Getting tickets"; > messages.log - ${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } - ./ap-req ${server}@${R} ${keytab} ${cache} || { ec=1 ; eval "${testfailed}"; } - ${kdestroy} -done - - -echo "Getting client initial tickets"; > messages.log -${kinit} --password-file=${objdir}/foopassword foo@$R || \ - { ec=1 ; eval "${testfailed}"; } -for a in $enctypes; do - echo "Getting tickets ($a)"; > messages.log - ${kgetcred} -e $a ${server}@${R} || { ec=1 ; eval "${testfailed}"; } - ./ap-req ${server}@${R} ${keytab} ${cache} || \ - { ec=1 ; eval "${testfailed}"; } - ${kdestroy} --credential=${server}@${R} -done -${kdestroy} - -echo "Getting client initial tickets for cross realm case"; > messages.log -${kinit} --password-file=${objdir}/foopassword foo@$R || { ec=1 ; eval "${testfailed}"; } -for a in $enctypes; do - echo "Getting cross realm tickets ($a)"; > messages.log - ${kgetcred} -e $a ${server2}@${R2} || { ec=1 ; eval "${testfailed}"; } - ./ap-req ${server2}@${R2} ${keytab} ${cache} || \ - { ec=1 ; eval "${testfailed}"; } - ${kdestroy} --credential=${server2}@${R2} -done -${kdestroy} - -echo "try all permutations"; > messages.log -for a in $enctypes; do - echo "Getting client initial tickets ($a)"; > messages.log - ${kinit} --enctype=$a --password-file=${objdir}/foopassword foo@$R || \ - { ec=1 ; eval "${testfailed}"; } - for b in $enctypes; do - echo "Getting tickets ($a -> $b)"; > messages.log - ${kgetcred} -e $b ${server}@${R} || \ - { ec=1 ; eval "${testfailed}"; } - ./ap-req ${server}@${R} ${keytab} ${cache} || \ - { ec=1 ; eval "${testfailed}"; } - ${kdestroy} --credential=${server}@${R} - done - ${kdestroy} -done - -echo "Getting server initial tickets"; > messages.log -${kinit} --keytab=${keytab} ${server}@$R || { ec=1 ; eval "${testfailed}"; } -echo "Listing tickets"; > messages.log -${klist} | grep "Principal: ${server}" > /dev/null || \ - { ec=1 ; eval "${testfailed}"; } -${kdestroy} - -echo "initial tickets for deleted user test case"; > messages.log -${kinit} --password-file=${objdir}/foopassword remove@$R || \ - { ec=1 ; eval "${testfailed}"; } -${kadmin} delete remove@${R} || { ec=1 ; eval "${testfailed}"; } -echo "try getting ticket with deleted user"; > messages.log -${kgetcred} ${server}@${R} 2> /dev/null && { ec=1 ; eval "${testfailed}"; } -${kdestroy} - -echo "cross realm case (removed user)"; > messages.log -${kinit} --password-file=${objdir}/foopassword remove2@$R2 || \ - { ec=1 ; eval "${testfailed}"; } -${kgetcred} krbtgt/${R}@${R2} 2> /dev/null || \ - { ec=1 ; eval "${testfailed}"; } -${kadmin} delete remove2@${R2} || exit 1 -${kgetcred} ${server}@${R} 2> /dev/null || \ - { ec=1 ; eval "${testfailed}"; } -${kdestroy} - -echo "rename user"; > messages.log -${kadmin} add -p foo --use-defaults rename@${R} || exit 1 -${kinit} --password-file=${objdir}/foopassword rename@${R} || \ - { ec=1 ; eval "${testfailed}"; } -${kadmin} rename rename@${R} rename2@${R} || exit 1 -${kinit} --password-file=${objdir}/foopassword rename2@${R} || \ - { ec=1 ; eval "${testfailed}"; } -${kdestroy} -${kadmin} delete rename2@${R} || exit 1 - -echo "rename user to another realm"; > messages.log -${kadmin} add -p foo --use-defaults rename@${R} || exit 1 -${kinit} --password-file=${objdir}/foopassword rename@${R} || \ - { ec=1 ; eval "${testfailed}"; } -${kadmin} rename rename@${R} rename@${R2} || exit 1 -${kinit} --password-file=${objdir}/foopassword rename@${R2} || \ - { ec=1 ; eval "${testfailed}"; } -${kdestroy} -${kadmin} delete rename@${R2} || exit 1 - -echo deleting all but aes enctypes on krbtgt -${kadmin} del_enctype krbtgt/${R}@${R} ${enctype_sans_aes} || exit 1 - -echo deleting all but des enctypes on server-des3 -${kadmin} del_enctype ${server}-des3@${R} ${enctype_sans_des3} || exit 1 -${kadmin} ext -k ${keytab} ${server}-des3@${R} || exit 1 - -echo "try all permutations (only aes)"; > messages.log -for a in $enctypes; do - echo "Getting client initial tickets ($a)"; > messages.log - ${kinit} --enctype=$a --password-file=${objdir}/foopassword foo@${R} ||\ - { ec=1 ; eval "${testfailed}"; } - for b in $enctypes; do - echo "Getting tickets ($a -> $b)"; > messages.log - ${kgetcred} -e $b ${server}@${R} || \ - { ec=1 ; eval "${testfailed}"; } - ./ap-req ${server}@${R} ${keytab} ${cache} || \ - { ec=1 ; eval "${testfailed}"; } - - echo "Getting tickets ($a -> $b) (server des3 only)"; > messages.log - ${kgetcred} ${server}-des3@${R} || \ - { ec=1 ; eval "${testfailed}"; } - ./ap-req ${server}-des3@${R} ${keytab} ${cache} || \ - { ec=1 ; eval "${testfailed}"; } - - ${kdestroy} --credential=${server}@${R} - ${kdestroy} --credential=${server}-des3@${R} - done - ${kdestroy} -done - -echo deleting all enctypes on krbtgt -${kadmin} del_enctype krbtgt/${R}@${R} aes256-cts-hmac-sha1-96 || \ - { ec=1 ; eval "${testfailed}"; } -echo "try initial ticket w/o and keys on krbtgt" -${kinit} --password-file=${objdir}/foopassword foo@${R} 2>/dev/null && \ - { ec=1 ; eval "${testfailed}"; } -echo "adding random aes key" -${kadmin} add_enctype -r krbtgt/${R}@${R} aes256-cts-hmac-sha1-96 || \ - { ec=1 ; eval "${testfailed}"; } -echo "try initial ticket with random aes key on krbtgt" -${kinit} --password-file=${objdir}/foopassword foo@${R} || \ - { ec=1 ; eval "${testfailed}"; } - -rsa=yes -pkinit=no -if ${hxtool} info | grep 'rsa: hx509 null RSA' > /dev/null ; then - rsa=no -fi -if ${hxtool} info | grep 'rand: not available' > /dev/null ; then - rsa=no -fi -if ${kinit} --help 2>&1 | grep "CA certificates" > /dev/null; then - pkinit=yes -fi - -# If we support pkinit and have RSA, lets try that -if test "$pkinit" = yes -a "$rsa" = yes ; then - - for type in "" "--pk-use-enckey"; do - echo "Trying pk-init (principal in certificate) $type"; > messages.log - base="${srcdir}/../../lib/hx509/data" - ${kinit} $type -C FILE:${base}/pkinit.crt,${base}/pkinit.key bar@${R} || \ - { ec=1 ; eval "${testfailed}"; } - ${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } - ${kdestroy} - - echo "Trying pk-init (principal in pki-mapping) $type"; > messages.log - ${kinit} $type -C FILE:${base}/pkinit.crt,${base}/pkinit.key foo@${R} || \ - { ec=1 ; eval "${testfailed}"; } - ${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } - ${kdestroy} - - echo "Trying pk-init (password protected key) $type"; > messages.log - ${kinit} $type -C FILE:${base}/pkinit.crt,${base}/pkinit-pw.key --password-file=${objdir}/foopassword foo@${R} || \ - { ec=1 ; eval "${testfailed}"; } - ${kgetcred} ${server}@${R} || \ - { ec=1 ; eval "${testfailed}"; } - ${kdestroy} - - echo "Trying pk-init (proxy cert) $type"; > messages.log - base="${srcdir}/../../lib/hx509/data" - ${kinit} $type -C FILE:${base}/pkinit-proxy-chain.crt,${base}/pkinit-proxy.key foo@${R} || \ - { ec=1 ; eval "${testfailed}"; } - ${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } - ${kdestroy} - - done -else - echo "no pkinit (pkinit: $pkinit, rsa: $rsa)"; > messages.log -fi - -echo "tickets for impersonate test case"; > messages.log -${kinit} --forwardable --password-file=${objdir}/foopassword ${ps} || \ - { ec=1 ; eval "${testfailed}"; } -${kgetcred_imp} --impersonate=bar@${R} ${ps} || \ - { ec=1 ; eval "${testfailed}"; } -./ap-req ${ps} ${keytab} ${ocache} || \ - { ec=1 ; eval "${testfailed}"; } -${kgetcred_imp} --impersonate=bar@${R} foo@${R} 2>/dev/null && \ - { ec=1 ; eval "${testfailed}"; } -echo test constrained delegation -${kgetcred_imp} --forward --impersonate=bar@${R} ${ps} || \ - { ec=1 ; eval "${testfailed}"; } -${kgetcred} --out-cache=${o2cache} --delegation-credential-cache=${ocache} ${server}@${R} || \ - { ec=1 ; eval "${testfailed}"; } -./ap-req ${server}@${R} ${keytab} ${o2cache} || \ - { ec=1 ; eval "${testfailed}"; } -${kgetcred} --out-cache=${o2cache} --delegation-credential-cache=${ocache} bar@${R} 2>/dev/null && \ - { ec=1 ; eval "${testfailed}"; } - -echo "test constrained delegation impersonation (non forward)"; > messages.log -rm -f ocache.krb5 -${kimpersonate} -s ${ps} -c bar@${R} -t ${aesenctype} || \ - { ec=1 ; eval "${testfailed}"; } -${kgetcred} --out-cache=${o2cache} --delegation-credential-cache=${ocache} ${server}@${R} > /dev/null 2>/dev/null && \ - { ec=1 ; eval "${testfailed}"; } - -echo "test constrained delegation impersonation (missing KRB5SignedPath)"; > messages.log -rm -f ocache.krb5 -${kimpersonate} -s ${ps} -c bar@${R} -t ${aesenctype} -f forwardable || \ - { ec=1 ; eval "${testfailed}"; } -${kgetcred} --out-cache=${o2cache} --delegation-credential-cache=${ocache} ${server}@${R} > /dev/null 2>/dev/null && \ - { ec=1 ; eval "${testfailed}"; } - -${kdestroy} - -echo "check renewing" > messages.log -${kinit} --renewable --password-file=${objdir}/foopassword foo@$R || \ - { ec=1 ; eval "${testfailed}"; } -echo "kinit -R" -${kinit} -R || \ - { ec=1 ; eval "${testfailed}"; } -echo "check renewing MIT interface" > messages.log -${kinit} --renewable --password-file=${objdir}/foopassword foo@$R || \ - { ec=1 ; eval "${testfailed}"; } -echo "test_renew" -env KRB5CCNAME=${cache} ${test_renew} || \ - { ec=1 ; eval "${testfailed}"; } -${kdestroy} - - -echo "killing kdc (${kdcpid})" -kill $kdcpid || exit 1 - -trap "" EXIT - -exit $ec diff --git a/crypto/heimdal/tests/kdc/check-keys.in b/crypto/heimdal/tests/kdc/check-keys.in deleted file mode 100644 index 596c9ca5c888..000000000000 --- a/crypto/heimdal/tests/kdc/check-keys.in +++ /dev/null @@ -1,101 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id$ -# - -srcdir="@srcdir@" -objdir="@objdir@" -EGREP="@EGREP@" - -# If there is no useful db support compile in, disable test -../db/have-db || exit 77 - -R=TEST.H5L.SE -principal=host/datan.test.h5l.se@${R} - -kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -r $R -l" - -CIN=${srcdir}/krb5.conf.keys.in -COUT=${objdir}/krb5.conf.keys - -sedvars="-e s,[@]srcdir[@],${srcdir},g -e s,[@]objdir[@],${objdir},g" - -KRB5_CONFIG="${COUT}" -export KRB5_CONFIG - -rm -f ${COUT} -rm -f current-db* -rm -f out-* -rm -f mkey.file* -rm -f messages.log - -sed -e 's/@keys@/v5/' \ - ${sedvars} < ${CIN} > ${COUT} - -echo Creating database -${kadmin} \ - init \ - --realm-max-ticket-life=1day \ - --realm-max-renewable-life=1month \ - ${R} || exit 1 - -${kadmin} add -p foo --use-defaults ${principal} || exit 1 - -${kadmin} cpw -p foo ${principal} || exit 1 - -sed -e 's/@keys@/v4/' \ - ${sedvars} < ${CIN} > ${COUT} -${kadmin} cpw -p foo ${principal} || exit 1 - -sed -e 's/@keys@/v4 v5/' \ - ${sedvars} < ${CIN} > ${COUT} -${kadmin} cpw -p foo ${principal} || exit 1 - -sed -e 's/@keys@/v5 v4/' \ - ${sedvars} < ${CIN} > ${COUT} -${kadmin} cpw -p foo ${principal} || exit 1 - -sed -e 's/@keys@/des:pw-salt:/' \ - ${sedvars} < ${CIN} > ${COUT} -${kadmin} cpw -p foo ${principal} || exit 1 - -sed -e 's/@keys@/des-cbc-crc:afs3-salt:test.h5l.se/' \ - ${sedvars} < ${CIN} > ${COUT} -${kadmin} cpw -p foo ${principal} || exit 1 - -sed -e 's/@keys@/des:afs3-salt:test.h5l.se/' \ - ${sedvars} < ${CIN} > ${COUT} -${kadmin} cpw -p foo ${principal} || exit 1 - -exit 0 diff --git a/crypto/heimdal/tests/kdc/check-pkinit.in b/crypto/heimdal/tests/kdc/check-pkinit.in deleted file mode 100644 index 3ae5a74caeaf..000000000000 --- a/crypto/heimdal/tests/kdc/check-pkinit.in +++ /dev/null @@ -1,273 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: check-pkinit.in 22474 2008-01-17 11:16:25Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" -EGREP="@EGREP@" - -testfailed="echo test failed; cat messages.log; exit 1" - -# If there is no useful db support compile in, disable test -../db/have-db || exit 77 - -R=TEST.H5L.SE - -port=@port@ - -kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -l -r $R" -kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=localhost -P $port" - -server=host/datan.test.h5l.se -cache="FILE:${objdir}/cache.krb5" -keyfile="${srcdir}/../../lib/hx509/data/key.der" -keyfile2="${srcdir}/../../lib/hx509/data/key2.der" - -kinit="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cache --no-afslog" -kgetcred="${TESTS_ENVIRONMENT} ../../kuser/kgetcred -c $cache" -kdestroy="${TESTS_ENVIRONMENT} ../../kuser/kdestroy -c $cache --no-unlog" -hxtool="${TESTS_ENVIRONMENT} ../../lib/hx509/hxtool" - -KRB5_CONFIG="${objdir}/krb5-pkinit.conf" -export KRB5_CONFIG - -rsa=yes -pkinit=no -if ${hxtool} info | grep 'rsa: hx509 null RSA' > /dev/null ; then - rsa=no -fi -if ${hxtool} info | grep 'rand: not available' > /dev/null ; then - rsa=no -fi - -if ${kinit} --help 2>&1 | grep "CA certificates" > /dev/null; then - pkinit=yes -fi - -# If we doesn't support pkinit and have RSA, give up -if test "$pkinit" != yes -o "$rsa" != yes ; then - exit 77 -fi - - -rm -f current-db* -rm -f out-* -rm -f mkey.file* - -> messages.log - -echo Creating database -${kadmin} \ - init \ - --realm-max-ticket-life=1day \ - --realm-max-renewable-life=1month \ - ${R} || exit 1 - -${kadmin} add -p foo --use-defaults foo@${R} || exit 1 -${kadmin} add -p bar --use-defaults bar@${R} || exit 1 -${kadmin} add -p baz --use-defaults baz@${R} || exit 1 -${kadmin} modify --pkinit-acl="CN=baz,DC=test,DC=h5l,DC=se" baz@${R} || exit 1 - -${kadmin} add -p kaka --use-defaults ${server}@${R} || exit 1 - -echo "Doing database check" -${kadmin} check ${R} || exit 1 - -echo "Setting up certificates" -${hxtool} request-create \ - --subject="CN=kdc,DC=test,DC=h5l,DC=se" \ - --key=FILE:${keyfile2} \ - req-kdc.der || exit 1 -${hxtool} request-create \ - --subject="CN=bar,DC=test,DC=h5l,DC=se" \ - --key=FILE:${keyfile2} \ - req-pkinit.der || exit 1 -${hxtool} request-create \ - --subject="CN=baz,DC=test,DC=h5l,DC=se" \ - --key=FILE:${keyfile2} \ - req-pkinit2.der || exit 1 - -echo "issue self-signed ca cert" -${hxtool} issue-certificate \ - --self-signed \ - --issue-ca \ - --ca-private-key=FILE:${keyfile} \ - --subject="CN=CA,DC=test,DC=h5l,DC=se" \ - --certificate="FILE:ca.crt" || exit 1 - -echo "issue kdc certificate" -${hxtool} issue-certificate \ - --ca-certificate=FILE:$objdir/ca.crt,${keyfile} \ - --type="pkinit-kdc" \ - --pk-init-principal="krbtgt/TEST.H5L.SE@TEST.H5L.SE" \ - --req="PKCS10:req-kdc.der" \ - --certificate="FILE:kdc.crt" || exit 1 - -echo "issue user certificate (pkinit san)" -${hxtool} issue-certificate \ - --ca-certificate=FILE:$objdir/ca.crt,${keyfile} \ - --type="pkinit-client" \ - --pk-init-principal="bar@TEST.H5L.SE" \ - --req="PKCS10:req-pkinit.der" \ - --certificate="FILE:pkinit.crt" || exit 1 - -echo "issue user 2 certificate (no san)" -${hxtool} issue-certificate \ - --ca-certificate=FILE:$objdir/ca.crt,${keyfile} \ - --type="pkinit-client" \ - --req="PKCS10:req-pkinit2.der" \ - --certificate="FILE:pkinit2.crt" || exit 1 - -echo "issue user 3 certificate (ms san)" -${hxtool} issue-certificate \ - --ca-certificate=FILE:$objdir/ca.crt,${keyfile} \ - --type="pkinit-client" \ - --ms-upn="bar@test.h5l.se" \ - --req="PKCS10:req-pkinit2.der" \ - --certificate="FILE:pkinit3.crt" || exit 1 - - -echo foo > ${objdir}/foopassword - -echo Starting kdc -${kdc} & -kdcpid=$! - -sh ${srcdir}/wait-kdc.sh -if [ "$?" != 0 ] ; then - kill ${kdcpid} - exit 1 -fi - -trap "kill ${kdcpid}; echo signal killing kdc; cat ca.crt kdc.crt pkinit.crt ;exit 1;" EXIT - -ec=0 - -echo "Trying pk-init (principal in cert)"; > messages.log -base="${objdir}" -${kinit} -C FILE:${base}/pkinit.crt,${keyfile2} bar@${R} || \ - { ec=1 ; eval "${testfailed}"; } -${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } -${kdestroy} - -echo "Trying pk-init (principal in pki-mapping file) "; > messages.log -${kinit} -C FILE:${base}/pkinit.crt,${keyfile2} foo@${R} || \ - { ec=1 ; eval "${testfailed}"; } -${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } -${kdestroy} - -echo "Trying pk-init (principal subject in DB)"; > messages.log -${kinit} -C FILE:${base}/pkinit2.crt,${keyfile2} baz@${R} || \ - { ec=1 ; eval "${testfailed}"; } -${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } -${kdestroy} - -echo "Trying pk-init (ms upn)"; > messages.log -${kinit} -C FILE:${base}/pkinit3.crt,${keyfile2} bar@${R} || \ - { ec=1 ; eval "${testfailed}"; } -${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } -${kdestroy} - -KRB5_CONFIG="${objdir}/krb5-pkinit-win.conf" -export KRB5_CONFIG - -echo "Duplicated tests, now in windows 2000 mode" - -echo "Trying pk-init (principal in cert)"; > messages.log -base="${objdir}" -${kinit} -C FILE:${base}/pkinit.crt,${keyfile2} bar@${R} || \ - { ec=1 ; eval "${testfailed}"; } -${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } -${kdestroy} - -echo "Trying pk-init (principal in pki-mapping file) "; > messages.log -${kinit} -C FILE:${base}/pkinit.crt,${keyfile2} foo@${R} || \ - { ec=1 ; eval "${testfailed}"; } -${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } -${kdestroy} - -echo "Trying pk-init (principal subject in DB)"; > messages.log -${kinit} -C FILE:${base}/pkinit2.crt,${keyfile2} baz@${R} || \ - { ec=1 ; eval "${testfailed}"; } -${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } -${kdestroy} - -echo "Trying pk-init (ms upn)"; > messages.log -${kinit} -C FILE:${base}/pkinit3.crt,${keyfile2} bar@${R} || \ - { ec=1 ; eval "${testfailed}"; } -${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } -${kdestroy} - - -KRB5_CONFIG="${objdir}/krb5-pkinit.conf" -export KRB5_CONFIG - -echo "Trying PKCS11 support" - -cat > test-rc-file.rc < messages.log - ${kinit} -C PKCS11:${file} foo@${R} || \ - { ec=1 ; eval "${testfailed}"; } - ${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } - ${kdestroy} - -fi - - -echo "killing kdc (${kdcpid})" -kill $kdcpid || exit 1 - -trap "" EXIT - -exit $ec diff --git a/crypto/heimdal/tests/kdc/check-referral.in b/crypto/heimdal/tests/kdc/check-referral.in deleted file mode 100644 index fa8be43e8ef6..000000000000 --- a/crypto/heimdal/tests/kdc/check-referral.in +++ /dev/null @@ -1,200 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: check-referral.in 21854 2007-08-08 06:58:49Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" -EGREP="@EGREP@" - -testfailed="echo test failed; cat messages.log; exit 1" - -# If there is no useful db support compile in, disable test -../db/have-db || exit 77 - -R=TEST.H5L.SE -R2=SUB.TEST.H5L.SE - -service=ldap/host.sub.test.h5l.se - -port=@port@ - -kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -l -r $R" -kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=localhost -P $port" - -cache="FILE:${objdir}/cache.krb5" - -kinit="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cache --no-afslog" -klist="${TESTS_ENVIRONMENT} ../../kuser/klist -c $cache" -kgetcred="${TESTS_ENVIRONMENT} ../../kuser/kgetcred -c $cache" -kdestroy="${TESTS_ENVIRONMENT} ../../kuser/kdestroy -c $cache --no-unlog" - - -KRB5_CONFIG="${objdir}/krb5.conf" -export KRB5_CONFIG - -rm -f ${keytabfile} -rm -f current-db* -rm -f out-* -rm -f mkey.file* - -> messages.log - -echo Creating database -${kadmin} \ - init \ - --realm-max-ticket-life=1day \ - --realm-max-renewable-life=1month \ - ${R} || exit 1 - -${kadmin} \ - init \ - --realm-max-ticket-life=1day \ - --realm-max-renewable-life=1month \ - ${R2} || exit 1 - -${kadmin} add -p foo --use-defaults foo@${R} || exit 1 -${kadmin} modify --alias=alias1 --alias=alias2 foo@${R} || exit 1 - -${kadmin} add -p foo --use-defaults ${service}@${R2} || exit 1 - -${kadmin} add -p cross1 --use-defaults krbtgt/${R2}@${R} || exit 1 -${kadmin} add -p cross2 --use-defaults krbtgt/${R}@${R2} || exit 1 - -echo "Doing database check" -${kadmin} check ${R} || exit 1 -${kadmin} check ${R2} || exit 1 - -echo foo > ${objdir}/foopassword - -echo Starting kdc -${kdc} & -kdcpid=$! - -sh ${srcdir}/wait-kdc.sh -if [ "$?" != 0 ] ; then - kill ${kdcpid} - exit 1 -fi - -trap "kill ${kdcpid}; echo signal killing kdc; exit 1;" EXIT - -ec=0 - -echo "Test AS-REQ" - -echo "Getting client (no canon)"; > messages.log -${kinit} --password-file=${objdir}/foopassword foo@${R} || \ - { ec=1 ; eval "${testfailed}"; } -echo "checking that we got back right principal" -${klist} | grep "Principal: foo@${R}" > /dev/null || \ - { ec=1 ; eval "${testfailed}"; } -${kdestroy} - -echo "Getting client client tickets (default realm, enterprisename)"; > messages.log -${kinit} --canonicalize \ - --password-file=${objdir}/foopassword foo@${R} || \ - { ec=1 ; eval "${testfailed}"; } -echo "checking that we got back right principal" -${klist} | grep "Principal: foo@${R}" > /dev/null || \ - { ec=1 ; eval "${testfailed}"; } -${kdestroy} - -echo "Getting client alias1 tickets"; > messages.log -${kinit} --canonicalize \ - --password-file=${objdir}/foopassword foo@${R} || \ - { ec=1 ; eval "${testfailed}"; } -echo "checking that we got back right principal" -${klist} | grep "Principal: foo@${R}" > /dev/null || \ - { ec=1 ; eval "${testfailed}"; } -${kdestroy} - - -echo "Getting client alias2 tickets"; > messages.log -${kinit} --canonicalize \ - --password-file=${objdir}/foopassword alias2@${R}@${R} || \ - { ec=1 ; eval "${testfailed}"; } -echo "checking that we got back right principal" -${klist} | grep "Principal: foo@${R}" > /dev/null || \ - { ec=1 ; eval "${testfailed}"; } -${kdestroy} - -echo "Getting client alias1 tickets (non canon case)"; > messages.log -${kinit} --password-file=${objdir}/foopassword \ - alias1@${R}@${R} > /dev/null 2>/dev/null && \ - { ec=1 ; eval "${testfailed}"; } - -echo "Getting client alias2 tickets (removed)"; > messages.log -${kadmin} modify --alias=alias1 foo@${R} || { ec=1 ; eval "${testfailed}"; } -${kinit} --canonicalize \ - --password-file=${objdir}/foopassword \ - alias2@${R}@${R} > /dev/null 2>/dev/null && \ - { ec=1 ; eval "${testfailed}"; } - -echo "Remove alias" -${kadmin} modify --alias= foo@${R} || { ec=1 ; eval "${testfailed}"; } - -echo "Test TGS-REQ" - -#echo "Getting client for ${service}@${R} (kdc referral)" -#> messages.log -#${kinit} --password-file=${objdir}/foopassword foo@${R} || \ -# { ec=1 ; eval "${testfailed}"; } -#${kgetcred} --server ${service}@${R} || -# { ec=1 ; eval "${testfailed}"; } -#${klist} -#echo "checking that we got back right principal" -#${klist} | grep "${service}@${R2}" > /dev/null || \ -# { ec=1 ; eval "${testfailed}"; } -#${kdestroy} -# -#echo "Getting client for ${service}@${R2} (client side guessing)" -#> messages.log -#${kinit} --password-file=${objdir}/foopassword foo@${R} || \ -# { ec=1 ; eval "${testfailed}"; } -#${kgetcred} --server ${service}@${R2} || -# { ec=1 ; eval "${testfailed}"; } -#${klist} -#echo "checking that we got back right principal" -#${klist} | grep "${service}@${R2}" > /dev/null || \ -# { ec=1 ; eval "${testfailed}"; } -#${kdestroy} - - -echo "killing kdc (${kdcpid})" -kill $kdcpid || exit 1 - -trap "" EXIT - -exit $ec diff --git a/crypto/heimdal/tests/kdc/check-uu.in b/crypto/heimdal/tests/kdc/check-uu.in deleted file mode 100644 index c9aeb7b9de5c..000000000000 --- a/crypto/heimdal/tests/kdc/check-uu.in +++ /dev/null @@ -1,138 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: check-uu.in 21855 2007-08-08 06:59:09Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" -EGREP="@EGREP@" - -testfailed="echo test failed; cat messages.log; exit 1" - -# If there is no useful db support compile in, disable test -../db/have-db || exit 77 - -R=TEST.H5L.SE - -uuspid= - -port=@port@ - -kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -l -r $R" -kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=localhost -P $port" - -cache1="FILE:${objdir}/cache1.krb5" -cache2="FILE:${objdir}/cache2.krb5" - -kinit1="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cache1 --no-afslog" -kinit2="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cache2 --no-afslog" -kdestroy1="${TESTS_ENVIRONMENT} ../../kuser/kdestroy -c $cache1 --no-unlog" -kdestroy2="${TESTS_ENVIRONMENT} ../../kuser/kdestroy -c $cache2 --no-unlog" -uu_server="${TESTS_ENVIRONMENT} ../../appl/test/uu_server" -uu_client="${TESTS_ENVIRONMENT} ../../appl/test/uu_client" - - -KRB5_CONFIG="${objdir}/krb5.conf" -export KRB5_CONFIG - -rm -f current-db* -rm -f out-* -rm -f mkey.file* - -> messages.log - -echo Creating database -${kadmin} \ - init \ - --realm-max-ticket-life=1day \ - --realm-max-renewable-life=1month \ - ${R} || exit 1 - -${kadmin} add -p foo --use-defaults user1@${R} || exit 1 -${kadmin} add -p foo --use-defaults user2@${R} || exit 1 - -echo "Doing database check" -${kadmin} check ${R} || exit 1 - -echo foo > ${objdir}/foopassword - -echo Starting kdc -${kdc} & -kdcpid=$! - -sh ${srcdir}/wait-kdc.sh -if [ "$?" != 0 ] ; then - kill ${kdcpid} - exit 1 -fi - -trap "kill ${kdcpid} ${uuspid}; echo signal killing kdc; exit 1;" EXIT - -ec=0 - -echo "Getting client initial tickets user1"; > messages.log -${kinit1} --password-file=${objdir}/foopassword user1@$R || \ - { ec=1 ; eval "${testfailed}"; } - -echo "Getting client initial tickets user2"; > messages.log -${kinit2} --password-file=${objdir}/foopassword user2@$R || \ - { ec=1 ; eval "${testfailed}"; } - - -echo "starting uu server (using user1)" -KRB5CCNAME=$cache1 ${uu_server} > uuserver.log & -uuspid=$! -sleep 5 - -echo "trying to contact server with client (using user2)" -KRB5CCNAME=$cache2 ${uu_client} localhost > messages.log 2>&1 || \ - { ec=1; eval "${testfailed}"; } - -sleep 5 - -echo "checking if server got the right message" -cmp uuserver.log ${srcdir}/uuserver.txt || \ - { ec=1; eval "${testfailed}"; } - -uuspid="" - -${kdestroy1} -${kdestroy2} - -echo "killing kdc uu_server (${kdcpid} ${uuspid})" -kill $kdcpid $uuspid || exit 1 - -trap "" EXIT - -exit $ec diff --git a/crypto/heimdal/tests/kdc/donotexists.txt b/crypto/heimdal/tests/kdc/donotexists.txt deleted file mode 100644 index 529439725653..000000000000 --- a/crypto/heimdal/tests/kdc/donotexists.txt +++ /dev/null @@ -1 +0,0 @@ -kadmin: get doesnotexists@TEST.H5L.SE: Principal does not exist diff --git a/crypto/heimdal/tests/kdc/heimdal.acl b/crypto/heimdal/tests/kdc/heimdal.acl deleted file mode 100644 index c4bd35abf9a7..000000000000 --- a/crypto/heimdal/tests/kdc/heimdal.acl +++ /dev/null @@ -1,3 +0,0 @@ -# $Id$ -foo/admin@TEST.H5L.SE all -bar@TEST.H5L.SE all diff --git a/crypto/heimdal/tests/kdc/iprop-acl b/crypto/heimdal/tests/kdc/iprop-acl deleted file mode 100644 index d43f882d1d59..000000000000 --- a/crypto/heimdal/tests/kdc/iprop-acl +++ /dev/null @@ -1 +0,0 @@ -iprop/slave@TEST.H5L.SE diff --git a/crypto/heimdal/tests/kdc/krb5-pkinit.conf.in b/crypto/heimdal/tests/kdc/krb5-pkinit.conf.in deleted file mode 100644 index c7144268c7c9..000000000000 --- a/crypto/heimdal/tests/kdc/krb5-pkinit.conf.in +++ /dev/null @@ -1,33 +0,0 @@ -# $Id: krb5-pkinit.conf.in 20738 2007-05-31 16:52:40Z lha $ - -[libdefaults] - default_realm = TEST.H5L.SE - no-addresses = TRUE - -[appdefaults] - pkinit_anchors = FILE:@objdir@/ca.crt - -[realms] - TEST.H5L.SE = { - kdc = localhost:@port@ - pkinit_win2k = @w2k@ - } - -[kdc] - enable-pkinit = true - pkinit_identity = FILE:@objdir@/kdc.crt,@srcdir@/../../lib/hx509/data/key2.der - pkinit_anchors = FILE:@objdir@/ca.crt - pkinit_mappings_file = @srcdir@/pki-mapping - - database = { - dbname = @objdir@/current-db - realm = TEST.H5L.SE - mkey_file = @objdir@/mkey.file - } - -[logging] - kdc = 0-/FILE:@objdir@/messages.log - default = 0-/FILE:@objdir@/messages.log - -[kadmin] - save-password = true diff --git a/crypto/heimdal/tests/kdc/krb5.conf.in b/crypto/heimdal/tests/kdc/krb5.conf.in deleted file mode 100644 index eeb5650f0d19..000000000000 --- a/crypto/heimdal/tests/kdc/krb5.conf.in +++ /dev/null @@ -1,56 +0,0 @@ -# $Id: krb5.conf.in 21754 2007-07-31 21:13:56Z lha $ - -[libdefaults] - default_realm = TEST.H5L.SE - no-addresses = TRUE - -[appdefaults] - pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt - -[realms] - TEST.H5L.SE = { - kdc = localhost:@port@ - admin_server = localhost:@admport@ - } - SUB.TEST.H5L.SE = { - kdc = localhost:@port@ - } - TEST2.H5L.SE = { - kdc = localhost:@port@ - } - -[domain_realms] - .sub.test.h5l.se = SUB.TEST.H5L.SE - localhost = TEST.H5L.SE - - -[kdc] - enable-digest = true - digests_allowed = chap-md5,digest-md5,ntlm-v1,ntlm-v1-session,ntlm-v2,ms-chap-v2 - - enable-pkinit = true - pkinit_identity = FILE:@srcdir@/../../lib/hx509/data/kdc.crt,@srcdir@/../../lib/hx509/data/kdc.key - pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt - pkinit_pool = FILE:@srcdir@/../../lib/hx509/data/sub-ca.crt -# pkinit_revoke = CRL:@srcdir@/../../lib/hx509/data/crl1.crl - pkinit_mappings_file = @srcdir@/pki-mapping - pkinit_allow_proxy_certificate = true - - database = { - dbname = @objdir@/current-db@kdc@ - realm = TEST.H5L.SE - mkey_file = @objdir@/mkey.file - acl_file = @srcdir@/heimdal.acl - log_file = @objdir@/current@kdc@.log - } - - signal_socket = @objdir@/signal - iprop-stats = @objdir@/iprop-stats - iprop-acl = @srcdir@/iprop-acl - -[logging] - kdc = 0-/FILE:@objdir@/messages.log - default = 0-/FILE:@objdir@/messages.log - -[kadmin] - save-password = true diff --git a/crypto/heimdal/tests/kdc/krb5.conf.keys.in b/crypto/heimdal/tests/kdc/krb5.conf.keys.in deleted file mode 100644 index f02ecc74b55b..000000000000 --- a/crypto/heimdal/tests/kdc/krb5.conf.keys.in +++ /dev/null @@ -1,13 +0,0 @@ -# $Id$ - -[kdc] - database = { - dbname = @objdir@/current-db - realm = TEST.H5L.SE - mkey_file = @objdir@/mkey.file - acl_file = @srcdir@/heimdal.acl - } - - -[kadmin] - default_keys = @keys@ diff --git a/crypto/heimdal/tests/kdc/ntlm-user-file.txt b/crypto/heimdal/tests/kdc/ntlm-user-file.txt deleted file mode 100644 index abf33e6e7d02..000000000000 --- a/crypto/heimdal/tests/kdc/ntlm-user-file.txt +++ /dev/null @@ -1,2 +0,0 @@ -# $Id: ntlm-user-file.txt 19523 2006-12-28 10:20:00Z lha $ -TEST:foo:digestpassword diff --git a/crypto/heimdal/tests/kdc/pki-mapping b/crypto/heimdal/tests/kdc/pki-mapping deleted file mode 100644 index af8099cd452f..000000000000 --- a/crypto/heimdal/tests/kdc/pki-mapping +++ /dev/null @@ -1,3 +0,0 @@ -# $Id: pki-mapping 19661 2007-01-04 01:58:01Z lha $ -foo@TEST.H5L.SE:CN=pkinit,C=SE -foo@TEST.H5L.SE:CN=bar,DC=test,DC=h5l,DC=se diff --git a/crypto/heimdal/tests/kdc/uuserver.txt b/crypto/heimdal/tests/kdc/uuserver.txt deleted file mode 100644 index 2c191bf3b750..000000000000 --- a/crypto/heimdal/tests/kdc/uuserver.txt +++ /dev/null @@ -1,4 +0,0 @@ -User is `user2@TEST.H5L.SE' -Server is `user1@TEST.H5L.SE' -safe packet: hej -priv packet: hemligt diff --git a/crypto/heimdal/tests/kdc/wait-kdc.sh b/crypto/heimdal/tests/kdc/wait-kdc.sh deleted file mode 100644 index 814b4b5e52b6..000000000000 --- a/crypto/heimdal/tests/kdc/wait-kdc.sh +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: wait-kdc.sh 21881 2007-08-09 07:14:08Z lha $ -# - -name=${1:-KDC} -log=${2:-messages.log} - -t=0 -waitsec=20 - -echo "Waiting for ${name} to start, looking logfile ${log}" - -while true ; do - t=`expr ${t} + 2` - sleep 2 - echo "Have waited $t seconds" - if tail -30 ${log} | grep "${name} started" > /dev/null; then - break - fi - if tail -30 ${log} | grep "No sockets" ; then - echo "The ${name} failed to bind to any sockets, another ${name} running ?" - exit 1 - fi - if tail -30 ${log} | grep "bind" | grep "Operation not permitted" ; then - echo "The ${name} failed to bind to any sockets, another ${name} running ?" - exit 1 - fi - if [ "$t" -gt $waitsec ]; then - echo "Waited for $waitsec for the ${name} to start, and it didnt happen" - exit 2 - fi -done - -exit 0 \ No newline at end of file diff --git a/crypto/heimdal/tests/ldap/Makefile.am b/crypto/heimdal/tests/ldap/Makefile.am deleted file mode 100644 index e6ea42a85c67..000000000000 --- a/crypto/heimdal/tests/ldap/Makefile.am +++ /dev/null @@ -1,52 +0,0 @@ -# $Id: Makefile.am 22412 2008-01-12 05:57:22Z lha $ - -include $(top_srcdir)/Makefile.am.common - -noinst_DATA = krb5.conf - -check_SCRIPTS = $(TESTS) slapd-init - -TESTS = check-ldap - -port = 49188 - -do_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ - -e 's,[@]port[@],$(port),g' \ - -e 's,[@]objdir[@],$(top_builddir)/tests/ldap,g' \ - -e 's,[@]EGREP[@],$(EGREP),g' - -check-ldap: check-ldap.in Makefile - $(do_subst) < $(srcdir)/check-ldap.in > check-ldap.tmp - chmod +x check-ldap.tmp - mv check-ldap.tmp check-ldap - -slapd-init: slapd-init.in Makefile - $(do_subst) < $(srcdir)/slapd-init.in > slapd-init.tmp - chmod +x slapd-init.tmp - mv slapd-init.tmp slapd-init - -krb5.conf: krb5.conf.in Makefile - $(do_subst) < $(srcdir)/krb5.conf.in > krb5.conf.tmp - mv krb5.conf.tmp krb5.conf - -CLEANFILES= \ - $(TESTS) \ - check-ldap.tmp \ - slapd-init.tmp \ - current-db* \ - krb5.conf krb5.conf.tmp \ - modules.conf \ - cache.krb5 \ - slapd-init \ - foopassword \ - messages.log \ - slapd.pid - -EXTRA_DIST = \ - samba.schema \ - slapd.conf \ - slapd-stop \ - check-ldap.in \ - init.ldif \ - krb5.conf.in \ - slapd-init.in diff --git a/crypto/heimdal/tests/ldap/Makefile.in b/crypto/heimdal/tests/ldap/Makefile.in deleted file mode 100644 index 5cd2ce4838ea..000000000000 --- a/crypto/heimdal/tests/ldap/Makefile.in +++ /dev/null @@ -1,779 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22412 2008-01-12 05:57:22Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = tests/ldap -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -DATA = $(noinst_DATA) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -noinst_DATA = krb5.conf -check_SCRIPTS = $(TESTS) slapd-init -TESTS = check-ldap -port = 49188 -do_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ - -e 's,[@]port[@],$(port),g' \ - -e 's,[@]objdir[@],$(top_builddir)/tests/ldap,g' \ - -e 's,[@]EGREP[@],$(EGREP),g' - -CLEANFILES = \ - $(TESTS) \ - check-ldap.tmp \ - slapd-init.tmp \ - current-db* \ - krb5.conf krb5.conf.tmp \ - modules.conf \ - cache.krb5 \ - slapd-init \ - foopassword \ - messages.log \ - slapd.pid - -EXTRA_DIST = \ - samba.schema \ - slapd.conf \ - slapd-stop \ - check-ldap.in \ - init.ldif \ - krb5.conf.in \ - slapd-init.in - -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps tests/ldap/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps tests/ldap/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -tags: TAGS -TAGS: - -ctags: CTAGS -CTAGS: - - -check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ - srcdir=$(srcdir); export srcdir; \ - list=' $(TESTS) '; \ - if test -n "$$list"; then \ - for tst in $$list; do \ - if test -f ./$$tst; then dir=./; \ - elif test -f $$tst; then dir=; \ - else dir="$(srcdir)/"; fi; \ - if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xpass=`expr $$xpass + 1`; \ - failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ - ;; \ - *) \ - echo "PASS: $$tst"; \ - ;; \ - esac; \ - elif test $$? -ne 77; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ - ;; \ - *) \ - failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ - ;; \ - esac; \ - else \ - skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ - fi; \ - else \ - if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ - else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ - fi; \ - fi; \ - dashes="$$banner"; \ - skipped=""; \ - if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ - test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$skipped"; \ - fi; \ - report=""; \ - if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ - report="Please report to $(PACKAGE_BUGREPORT)"; \ - test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$report"; \ - fi; \ - dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - test -z "$$skipped" || echo "$$skipped"; \ - test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0; \ - else :; fi - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) $(check_SCRIPTS) - $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local -check: check-am -all-am: Makefile $(DATA) all-local -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: all all-am all-local check check-TESTS check-am check-local \ - clean clean-generic clean-libtool dist-hook distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-data-hook install-dvi install-dvi-am \ - install-exec install-exec-am install-exec-hook install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - uninstall uninstall-am uninstall-hook - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -check-ldap: check-ldap.in Makefile - $(do_subst) < $(srcdir)/check-ldap.in > check-ldap.tmp - chmod +x check-ldap.tmp - mv check-ldap.tmp check-ldap - -slapd-init: slapd-init.in Makefile - $(do_subst) < $(srcdir)/slapd-init.in > slapd-init.tmp - chmod +x slapd-init.tmp - mv slapd-init.tmp slapd-init - -krb5.conf: krb5.conf.in Makefile - $(do_subst) < $(srcdir)/krb5.conf.in > krb5.conf.tmp - mv krb5.conf.tmp krb5.conf -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/tests/ldap/check-ldap.in b/crypto/heimdal/tests/ldap/check-ldap.in deleted file mode 100644 index c4c731d07950..000000000000 --- a/crypto/heimdal/tests/ldap/check-ldap.in +++ /dev/null @@ -1,143 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: check-ldap.in 21856 2007-08-08 06:59:23Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" -EGREP="@EGREP@" - -R=TEST.H5L.SE - -port=@port@ - -cache="FILE:${objdir}/cache.krb5" - -kinit="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cache --no-afslog" -kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -l -r $R" -kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=localhost -P $port" - -testfailed="echo test failed; exit 1" - -# If there is no ldap support compile in, disable test -if ${kdc} --builtin-hdb | grep ldap > /dev/null ; then - : -else - echo "no ldap support" - exit 77 -fi - -#search for all ldap tools - -PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/libexec:/usr/lib/openldap:$PATH -export PATH - -oldifs=$IFS -IFS=: -set -- $PATH -IFS=$oldifs -for j in slapd slapadd; do - for i in $*; do - test -n "$i" || i="." - if test -x $i/$j; then - continue 2 - fi - done - echo "$j missing, not running test" - exit 77 -done - -sh ${objdir}/slapd-init || exit 1 - -trap "sh ${srcdir}/slapd-stop ; exit 1;" EXIT - -KRB5_CONFIG="${objdir}/krb5.conf" -export KRB5_CONFIG - -rm -f current-db* - -> messages.log - -echo Creating database -${kadmin} \ - init \ - --realm-max-ticket-life=1day \ - --realm-max-renewable-life=1month \ - ${R} || exit 1 - -${kadmin} add -p foo --use-defaults foo@${R} || exit 1 -${kadmin} add -p foo --use-defaults bar@${R} || exit 1 - -${kadmin} cpw --random-password bar@${R} > /dev/null || exit 1 -${kadmin} cpw --random-password bar@${R} > /dev/null || exit 1 -${kadmin} cpw --random-password bar@${R} > /dev/null || exit 1 - -${kadmin} cpw --random-password suser@${R} > /dev/null|| exit 1 -${kadmin} cpw --password=foo suser@${R} || exit 1 - -${kadmin} list '*' > /dev/null || exit 1 - -echo foo > ${objdir}/foopassword - -echo Starting kdc -${kdc} & -kdcpid=$! - -sh ${srcdir}/../kdc/wait-kdc.sh -if [ "$?" != 0 ] ; then - kill ${kdcpid} - sh ${srcdir}/slapd-stop - exit 1 -fi - -trap "kill ${kdcpid}; echo signal killing kdc; sh ${srcdir}/slapd-stop ; exit 1;" EXIT - -ec=0 - -echo "Getting client initial tickets"; -${kinit} --password-file=${objdir}/foopassword foo@$R || \ - { ec=1 ; eval "${testfailed}"; } - - -echo "killing kdc (${kdcpid})" -kill $kdcpid || exit 1 - -trap "" EXIT - -# kill of old slapd -sh ${srcdir}/slapd-stop - -rm -rf db schema - -exit $ec diff --git a/crypto/heimdal/tests/ldap/init.ldif b/crypto/heimdal/tests/ldap/init.ldif deleted file mode 100644 index 9cf39b126aec..000000000000 --- a/crypto/heimdal/tests/ldap/init.ldif +++ /dev/null @@ -1,44 +0,0 @@ -dn: o=TEST,dc=H5L,dc=SE -objectclass: organization -o: Test - -dn: ou=kerberosPrincipals,o=TEST,dc=H5L,dc=SE -objectclass: organizationalUnit -ou: kerberosPrincipals - -dn: uid=suser,ou=kerberosPrincipals,o=TEST,dc=H5L,dc=SE -cn: root -sn: root -objectClass: inetOrgPerson -objectClass: posixAccount -objectClass: organizationalPerson -objectClass: person -objectClass: top -gidNumber: 0 -uid: suser -uidNumber: 0 -homeDirectory: /root -loginShell: /bin/bash -gecos: Netbios root user -structuralObjectClass: inetOrgPerson -creatorsName: cn=root,dc=test,dc=h5l,dc=se -userPassword:: AAAAAA -objectClass: krb5KDCEntry -krb5KeyVersionNumber: 2 -krb5PrincipalName: suser@TEST.H5L.SE -objectClass: sambaSamAccount -sambaHomePath: \\admin1\suser -sambaPwdCanChange: 1159699688 -sambaPwdLastSet: 1159699688 -sambaPrimaryGroupSID: S-1-5-21-3017333096-1338036268-1966094567-512 -sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000 - 00000000 -sambaLMPassword: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -sambaNTPassword: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -sambaLogonTime: 0 -sambaLogoffTime: 2147483647 -sambaKickoffTime: 2147483647 -sambaPwdMustChange: 2147483647 -sambaHomeDrive: H: -sambaAcctFlags: [U ] -sambaSID: S-1-5-21-3017333096-1338036268-1966094567-1000 diff --git a/crypto/heimdal/tests/ldap/krb5.conf.in b/crypto/heimdal/tests/ldap/krb5.conf.in deleted file mode 100644 index 8ea9da5bbc8e..000000000000 --- a/crypto/heimdal/tests/ldap/krb5.conf.in +++ /dev/null @@ -1,21 +0,0 @@ -# $Id: krb5.conf.in 20220 2007-02-15 00:11:18Z lha $ - -[libdefaults] - default_realm = TEST.H5L.SE - no-addresses = TRUE - -[realms] - TEST.H5L.SE = { - kdc = localhost:@port@ - } - -[kdc] - database = { - dbname = ldapi://ldap-socket:OU=KerberosPrincipals,o=test,DC=h5l,DC=se - realm = TEST.H5L.SE - mkey_file = @objdir@/mkey.file - } - -[logging] - kdc = 0-/FILE:@objdir@/messages.log - default = 0-/FILE:@objdir@/messages.log diff --git a/crypto/heimdal/tests/ldap/samba.schema b/crypto/heimdal/tests/ldap/samba.schema deleted file mode 100644 index 549a70886236..000000000000 --- a/crypto/heimdal/tests/ldap/samba.schema +++ /dev/null @@ -1,554 +0,0 @@ -## -## schema file for OpenLDAP 2.x -## Schema for storing Samba user accounts and group maps in LDAP -## OIDs are owned by the Samba Team -## -## Prerequisite schemas - uid (cosine.schema) -## - displayName (inetorgperson.schema) -## - gidNumber (nis.schema) -## -## 1.3.6.1.4.1.7165.2.1.x - attributetypes -## 1.3.6.1.4.1.7165.2.2.x - objectclasses -## -## Printer support -## 1.3.6.1.4.1.7165.2.3.1.x - attributetypes -## 1.3.6.1.4.1.7165.2.3.2.x - objectclasses -## -## Samba4 -## 1.3.6.1.4.1.7165.4.1.x - attributetypes -## 1.3.6.1.4.1.7165.4.2.x - objectclasses -## 1.3.6.1.4.1.7165.4.3.x - LDB/LDAP Controls -## 1.3.6.1.4.1.7165.4.4.x - LDB/LDAP Extended Operations -## 1.3.6.1.4.1.7165.4.255.x - mapped OIDs due to conflicts between AD and standards-track -## -## ----- READ THIS WHEN ADDING A NEW ATTRIBUTE OR OBJECT CLASS ------ -## -## Run the 'get_next_oid' bash script in this directory to find the -## next available OID for attribute type and object classes. -## -## $ ./get_next_oid -## attributetype ( 1.3.6.1.4.1.7165.2.1.XX NAME .... -## objectclass ( 1.3.6.1.4.1.7165.2.2.XX NAME .... -## -## Also ensure that new entries adhere to the declaration style -## used throughout this file -## -## ( 1.3.6.1.4.1.7165.2.XX.XX NAME .... -## ^ ^ ^ -## -## The spaces are required for the get_next_oid script (and for -## readability). -## -## ------------------------------------------------------------------ - -# objectIdentifier SambaRoot 1.3.6.1.4.1.7165 -# objectIdentifier Samba3 SambaRoot:2 -# objectIdentifier Samba3Attrib Samba3:1 -# objectIdentifier Samba3ObjectClass Samba3:2 -# objectIdentifier Samba4 SambaRoot:4 - -######################################################################## -## HISTORICAL ## -######################################################################## - -## -## Password hashes -## -#attributetype ( 1.3.6.1.4.1.7165.2.1.1 NAME 'lmPassword' -# DESC 'LanManager Passwd' -# EQUALITY caseIgnoreIA5Match -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.2 NAME 'ntPassword' -# DESC 'NT Passwd' -# EQUALITY caseIgnoreIA5Match -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) - -## -## Account flags in string format ([UWDX ]) -## -#attributetype ( 1.3.6.1.4.1.7165.2.1.4 NAME 'acctFlags' -# DESC 'Account Flags' -# EQUALITY caseIgnoreIA5Match -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE ) - -## -## Password timestamps & policies -## -#attributetype ( 1.3.6.1.4.1.7165.2.1.3 NAME 'pwdLastSet' -# DESC 'NT pwdLastSet' -# EQUALITY integerMatch -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.5 NAME 'logonTime' -# DESC 'NT logonTime' -# EQUALITY integerMatch -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.6 NAME 'logoffTime' -# DESC 'NT logoffTime' -# EQUALITY integerMatch -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.7 NAME 'kickoffTime' -# DESC 'NT kickoffTime' -# EQUALITY integerMatch -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.8 NAME 'pwdCanChange' -# DESC 'NT pwdCanChange' -# EQUALITY integerMatch -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.9 NAME 'pwdMustChange' -# DESC 'NT pwdMustChange' -# EQUALITY integerMatch -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -## -## string settings -## -#attributetype ( 1.3.6.1.4.1.7165.2.1.10 NAME 'homeDrive' -# DESC 'NT homeDrive' -# EQUALITY caseIgnoreIA5Match -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.11 NAME 'scriptPath' -# DESC 'NT scriptPath' -# EQUALITY caseIgnoreIA5Match -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.12 NAME 'profilePath' -# DESC 'NT profilePath' -# EQUALITY caseIgnoreIA5Match -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.13 NAME 'userWorkstations' -# DESC 'userWorkstations' -# EQUALITY caseIgnoreIA5Match -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.17 NAME 'smbHome' -# DESC 'smbHome' -# EQUALITY caseIgnoreIA5Match -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.18 NAME 'domain' -# DESC 'Windows NT domain to which the user belongs' -# EQUALITY caseIgnoreIA5Match -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} ) - -## -## user and group RID -## -#attributetype ( 1.3.6.1.4.1.7165.2.1.14 NAME 'rid' -# DESC 'NT rid' -# EQUALITY integerMatch -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -#attributetype ( 1.3.6.1.4.1.7165.2.1.15 NAME 'primaryGroupID' -# DESC 'NT Group RID' -# EQUALITY integerMatch -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -## -## The smbPasswordEntry objectclass has been depreciated in favor of the -## sambaAccount objectclass -## -#objectclass ( 1.3.6.1.4.1.7165.2.2.1 NAME 'smbPasswordEntry' SUP top AUXILIARY -# DESC 'Samba smbpasswd entry' -# MUST ( uid $ uidNumber ) -# MAY ( lmPassword $ ntPassword $ pwdLastSet $ acctFlags )) - -#objectclass ( 1.3.6.1.4.1.7165.2.2.2 NAME 'sambaAccount' SUP top STRUCTURAL -# DESC 'Samba Account' -# MUST ( uid $ rid ) -# MAY ( cn $ lmPassword $ ntPassword $ pwdLastSet $ logonTime $ -# logoffTime $ kickoffTime $ pwdCanChange $ pwdMustChange $ acctFlags $ -# displayName $ smbHome $ homeDrive $ scriptPath $ profilePath $ -# description $ userWorkstations $ primaryGroupID $ domain )) - -#objectclass ( 1.3.6.1.4.1.7165.2.2.3 NAME 'sambaAccount' SUP top AUXILIARY -# DESC 'Samba Auxiliary Account' -# MUST ( uid $ rid ) -# MAY ( cn $ lmPassword $ ntPassword $ pwdLastSet $ logonTime $ -# logoffTime $ kickoffTime $ pwdCanChange $ pwdMustChange $ acctFlags $ -# displayName $ smbHome $ homeDrive $ scriptPath $ profilePath $ -# description $ userWorkstations $ primaryGroupID $ domain )) - -######################################################################## -## END OF HISTORICAL ## -######################################################################## - -####################################################################### -## Attributes used by Samba 3.0 schema ## -####################################################################### - -## -## Password hashes -## -attributetype ( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' - DESC 'LanManager Password' - EQUALITY caseIgnoreIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' - DESC 'MD4 hash of the unicode password' - EQUALITY caseIgnoreIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE ) - -## -## Account flags in string format ([UWDX ]) -## -attributetype ( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags' - DESC 'Account Flags' - EQUALITY caseIgnoreIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE ) - -## -## Password timestamps & policies -## -attributetype ( 1.3.6.1.4.1.7165.2.1.27 NAME 'sambaPwdLastSet' - DESC 'Timestamp of the last password update' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.28 NAME 'sambaPwdCanChange' - DESC 'Timestamp of when the user is allowed to update the password' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.29 NAME 'sambaPwdMustChange' - DESC 'Timestamp of when the password will expire' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.30 NAME 'sambaLogonTime' - DESC 'Timestamp of last logon' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.31 NAME 'sambaLogoffTime' - DESC 'Timestamp of last logoff' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.32 NAME 'sambaKickoffTime' - DESC 'Timestamp of when the user will be logged off automatically' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.48 NAME 'sambaBadPasswordCount' - DESC 'Bad password attempt count' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.49 NAME 'sambaBadPasswordTime' - DESC 'Time of the last bad password attempt' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.55 NAME 'sambaLogonHours' - DESC 'Logon Hours' - EQUALITY caseIgnoreIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{42} SINGLE-VALUE ) - -## -## string settings -## -attributetype ( 1.3.6.1.4.1.7165.2.1.33 NAME 'sambaHomeDrive' - DESC 'Driver letter of home directory mapping' - EQUALITY caseIgnoreIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{4} SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.34 NAME 'sambaLogonScript' - DESC 'Logon script path' - EQUALITY caseIgnoreMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.35 NAME 'sambaProfilePath' - DESC 'Roaming profile path' - EQUALITY caseIgnoreMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.36 NAME 'sambaUserWorkstations' - DESC 'List of user workstations the user is allowed to logon to' - EQUALITY caseIgnoreMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{255} SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.37 NAME 'sambaHomePath' - DESC 'Home directory UNC path' - EQUALITY caseIgnoreMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.38 NAME 'sambaDomainName' - DESC 'Windows NT domain to which the user belongs' - EQUALITY caseIgnoreMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.47 NAME 'sambaMungedDial' - DESC 'Base64 encoded user parameter string' - EQUALITY caseExactMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.54 NAME 'sambaPasswordHistory' - DESC 'Concatenated MD5 hashes of the salted NT passwords used on this account' - EQUALITY caseIgnoreIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} ) - -## -## SID, of any type -## - -attributetype ( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID' - DESC 'Security ID' - EQUALITY caseIgnoreIA5Match - SUBSTR caseExactIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE ) - -## -## Primary group SID, compatible with ntSid -## - -attributetype ( 1.3.6.1.4.1.7165.2.1.23 NAME 'sambaPrimaryGroupSID' - DESC 'Primary Group Security ID' - EQUALITY caseIgnoreIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.51 NAME 'sambaSIDList' - DESC 'Security ID List' - EQUALITY caseIgnoreIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} ) - -## -## group mapping attributes -## -attributetype ( 1.3.6.1.4.1.7165.2.1.19 NAME 'sambaGroupType' - DESC 'NT Group Type' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -## -## Store info on the domain -## - -attributetype ( 1.3.6.1.4.1.7165.2.1.21 NAME 'sambaNextUserRid' - DESC 'Next NT rid to give our for users' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.22 NAME 'sambaNextGroupRid' - DESC 'Next NT rid to give out for groups' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid' - DESC 'Next NT rid to give out for anything' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBase' - DESC 'Base at which the samba RID generation algorithm should operate' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.41 NAME 'sambaShareName' - DESC 'Share Name' - EQUALITY caseIgnoreMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.42 NAME 'sambaOptionName' - DESC 'Option Name' - EQUALITY caseIgnoreMatch - SUBSTR caseIgnoreSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.43 NAME 'sambaBoolOption' - DESC 'A boolean option' - EQUALITY booleanMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.44 NAME 'sambaIntegerOption' - DESC 'An integer option' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.45 NAME 'sambaStringOption' - DESC 'A string option' - EQUALITY caseExactIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.46 NAME 'sambaStringListOption' - DESC 'A string list option' - EQUALITY caseIgnoreMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) - - -##attributetype ( 1.3.6.1.4.1.7165.2.1.50 NAME 'sambaPrivName' -## SUP name ) - -##attributetype ( 1.3.6.1.4.1.7165.2.1.52 NAME 'sambaPrivilegeList' -## DESC 'Privileges List' -## EQUALITY caseIgnoreIA5Match -## SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} ) - -attributetype ( 1.3.6.1.4.1.7165.2.1.53 NAME 'sambaTrustFlags' - DESC 'Trust Password Flags' - EQUALITY caseIgnoreIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) - -# "min password length" -attributetype ( 1.3.6.1.4.1.7165.2.1.58 NAME 'sambaMinPwdLength' - DESC 'Minimal password length (default: 5)' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -# "password history" -attributetype ( 1.3.6.1.4.1.7165.2.1.59 NAME 'sambaPwdHistoryLength' - DESC 'Length of Password History Entries (default: 0 => off)' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -# "user must logon to change password" -attributetype ( 1.3.6.1.4.1.7165.2.1.60 NAME 'sambaLogonToChgPwd' - DESC 'Force Users to logon for password change (default: 0 => off, 2 => on)' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -# "maximum password age" -attributetype ( 1.3.6.1.4.1.7165.2.1.61 NAME 'sambaMaxPwdAge' - DESC 'Maximum password age, in seconds (default: -1 => never expire passwords)' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -# "minimum password age" -attributetype ( 1.3.6.1.4.1.7165.2.1.62 NAME 'sambaMinPwdAge' - DESC 'Minimum password age, in seconds (default: 0 => allow immediate password change)' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -# "lockout duration" -attributetype ( 1.3.6.1.4.1.7165.2.1.63 NAME 'sambaLockoutDuration' - DESC 'Lockout duration in minutes (default: 30, -1 => forever)' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -# "reset count minutes" -attributetype ( 1.3.6.1.4.1.7165.2.1.64 NAME 'sambaLockoutObservationWindow' - DESC 'Reset time after lockout in minutes (default: 30)' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -# "bad lockout attempt" -attributetype ( 1.3.6.1.4.1.7165.2.1.65 NAME 'sambaLockoutThreshold' - DESC 'Lockout users after bad logon attempts (default: 0 => off)' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -# "disconnect time" -attributetype ( 1.3.6.1.4.1.7165.2.1.66 NAME 'sambaForceLogoff' - DESC 'Disconnect Users outside logon hours (default: -1 => off, 0 => on)' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - -# "refuse machine password change" -attributetype ( 1.3.6.1.4.1.7165.2.1.67 NAME 'sambaRefuseMachinePwdChange' - DESC 'Allow Machine Password changes (default: 0 => off)' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) - - - - -####################################################################### -## objectClasses used by Samba 3.0 schema ## -####################################################################### - -## The X.500 data model (and therefore LDAPv3) says that each entry can -## only have one structural objectclass. OpenLDAP 2.0 does not enforce -## this currently but will in v2.1 - -## -## added new objectclass (and OID) for 3.0 to help us deal with backwards -## compatibility with 2.2 installations (e.g. ldapsam_compat) --jerry -## -objectclass ( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' SUP top AUXILIARY - DESC 'Samba 3.0 Auxilary SAM Account' - MUST ( uid $ sambaSID ) - MAY ( cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $ - sambaLogonTime $ sambaLogoffTime $ sambaKickoffTime $ - sambaPwdCanChange $ sambaPwdMustChange $ sambaAcctFlags $ - displayName $ sambaHomePath $ sambaHomeDrive $ sambaLogonScript $ - sambaProfilePath $ description $ sambaUserWorkstations $ - sambaPrimaryGroupSID $ sambaDomainName $ sambaMungedDial $ - sambaBadPasswordCount $ sambaBadPasswordTime $ - sambaPasswordHistory $ sambaLogonHours)) - -## -## Group mapping info -## -objectclass ( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' SUP top AUXILIARY - DESC 'Samba Group Mapping' - MUST ( gidNumber $ sambaSID $ sambaGroupType ) - MAY ( displayName $ description $ sambaSIDList )) - -## -## Trust password for trust relationships (any kind) -## -objectclass ( 1.3.6.1.4.1.7165.2.2.14 NAME 'sambaTrustPassword' SUP top STRUCTURAL - DESC 'Samba Trust Password' - MUST ( sambaDomainName $ sambaNTPassword $ sambaTrustFlags ) - MAY ( sambaSID $ sambaPwdLastSet )) - -## -## Whole-of-domain info -## -objectclass ( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL - DESC 'Samba Domain Information' - MUST ( sambaDomainName $ - sambaSID ) - MAY ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ - sambaAlgorithmicRidBase $ - sambaMinPwdLength $ sambaPwdHistoryLength $ sambaLogonToChgPwd $ - sambaMaxPwdAge $ sambaMinPwdAge $ - sambaLockoutDuration $ sambaLockoutObservationWindow $ sambaLockoutThreshold $ - sambaForceLogoff $ sambaRefuseMachinePwdChange )) - -## -## used for idmap_ldap module -## -objectclass ( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool' SUP top AUXILIARY - DESC 'Pool for allocating UNIX uids/gids' - MUST ( uidNumber $ gidNumber ) ) - - -objectclass ( 1.3.6.1.4.1.7165.2.2.8 NAME 'sambaIdmapEntry' SUP top AUXILIARY - DESC 'Mapping from a SID to an ID' - MUST ( sambaSID ) - MAY ( uidNumber $ gidNumber ) ) - -objectclass ( 1.3.6.1.4.1.7165.2.2.9 NAME 'sambaSidEntry' SUP top STRUCTURAL - DESC 'Structural Class for a SID' - MUST ( sambaSID ) ) - -objectclass ( 1.3.6.1.4.1.7165.2.2.10 NAME 'sambaConfig' SUP top AUXILIARY - DESC 'Samba Configuration Section' - MAY ( description ) ) - -objectclass ( 1.3.6.1.4.1.7165.2.2.11 NAME 'sambaShare' SUP top STRUCTURAL - DESC 'Samba Share Section' - MUST ( sambaShareName ) - MAY ( description ) ) - -objectclass ( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption' SUP top STRUCTURAL - DESC 'Samba Configuration Option' - MUST ( sambaOptionName ) - MAY ( sambaBoolOption $ sambaIntegerOption $ sambaStringOption $ - sambaStringListoption $ description ) ) - - -## retired during privilege rewrite -##objectclass ( 1.3.6.1.4.1.7165.2.2.13 NAME 'sambaPrivilege' SUP top AUXILIARY -## DESC 'Samba Privilege' -## MUST ( sambaSID ) -## MAY ( sambaPrivilegeList ) ) diff --git a/crypto/heimdal/tests/ldap/slapd-init.in b/crypto/heimdal/tests/ldap/slapd-init.in deleted file mode 100644 index e4118085f2cf..000000000000 --- a/crypto/heimdal/tests/ldap/slapd-init.in +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/sh -# $Id: slapd-init.in 22295 2007-12-14 05:59:04Z lha $ - -srcdir=@srcdir@ - -rm -rf db schema -mkdir db - -# kill of old slapd if running -sh ${srcdir}/slapd-stop > /dev/null - -SCHEMA_NEEDED="hdb core nis cosine inetorgperson openldap samba" - -SCHEMA_PATHS="${srcdir}/../../lib/hdb ${srcdir} /etc/ldap/schema /etc/openldap/schema /private/etc/openldap/schema /usr/share/openldap/schema" - -test -d schema || mkdir schema - -# setup needed schema files -for f in $SCHEMA_NEEDED; do - if [ ! -r schema/$f.schema ]; then - for d in $SCHEMA_PATHS ; do - if [ -r $d/$f.schema ] ; then - cp $d/$f.schema schema/$f.schema - continue 2 - fi - done - echo "SKIPPING TESTS: you need the following schema file: $f.schema" - exit 1 - fi -done - -touch modules.conf || exit 1 - -slapadd -d 0 -f ${srcdir}/slapd.conf < ${srcdir}/init.ldif || exit 0 - -echo "starting slapd" -slapd -d0 -f ${srcdir}/slapd.conf -h ldapi://.%2Fldap-socket & - -sleep 4 diff --git a/crypto/heimdal/tests/ldap/slapd-stop b/crypto/heimdal/tests/ldap/slapd-stop deleted file mode 100644 index 7c37c7310878..000000000000 --- a/crypto/heimdal/tests/ldap/slapd-stop +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/sh -# $Id: slapd-stop 20220 2007-02-15 00:11:18Z lha $ - -echo stoping slapd - -# kill of old slapd -if [ -f slapd.pid ]; then - kill `cat slapd.pid` - sleep 5 -fi -if [ -f slapd.pid ]; then - kill -9 `cat slapd.pid` - rm -f slapd.pid - sleep 5 -fi - -exit 0 - diff --git a/crypto/heimdal/tests/ldap/slapd.conf b/crypto/heimdal/tests/ldap/slapd.conf deleted file mode 100644 index 077727e21b29..000000000000 --- a/crypto/heimdal/tests/ldap/slapd.conf +++ /dev/null @@ -1,28 +0,0 @@ -loglevel 0 - -include schema/core.schema -include schema/cosine.schema -include schema/inetorgperson.schema -include schema/openldap.schema -include schema/nis.schema -include schema/hdb.schema -include schema/samba.schema - - -pidfile slapd.pid -argsfile slapd.args - -access to * by * write - -allow update_anon bind_anon_dn - -include modules.conf - -defaultsearchbase "ou=TEST,dc=H5L,dc=SE" - -backend bdb -database bdb -suffix "o=TEST,dc=H5L,dc=SE" -directory db -index objectClass eq -index uid eq diff --git a/crypto/heimdal/tests/plugin/Makefile.am b/crypto/heimdal/tests/plugin/Makefile.am deleted file mode 100644 index 46ccdc5c0293..000000000000 --- a/crypto/heimdal/tests/plugin/Makefile.am +++ /dev/null @@ -1,43 +0,0 @@ -# $Id: Makefile.am 20202 2007-02-08 00:59:47Z lha $ - -include $(top_srcdir)/Makefile.am.common - -noinst_DATA = krb5.conf - -SCRIPT_TESTS = check-pac -TESTS = $(SCRIPT_TESTS) - -port = 49188 - -do_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ - -e 's,[@]port[@],$(port),g' \ - -e 's,[@]objdir[@],$(top_builddir)/tests/plugin,g' \ - -e 's,[@]EGREP[@],$(EGREP),g' - -LDADD = ../../lib/krb5/libkrb5.la $(LIB_roken) - -check-pac: check-pac.in Makefile - $(do_subst) < $(srcdir)/check-pac.in > check-pac.tmp - chmod +x check-pac.tmp - mv check-pac.tmp check-pac - -krb5.conf: krb5.conf.in Makefile - $(do_subst) < $(srcdir)/krb5.conf.in > krb5.conf.tmp - mv krb5.conf.tmp krb5.conf - -lib_LTLIBRARIES = windc.la - -windc_la_SOURCES = windc.c -windc_la_LDFLAGS = -module - -CLEANFILES= \ - $(TESTS) \ - server.keytab \ - current-db* \ - foopassword \ - krb5.conf krb5.conf.tmp \ - messages.log - -EXTRA_DIST = \ - check-pac.in \ - krb5.conf.in diff --git a/crypto/heimdal/tests/plugin/Makefile.in b/crypto/heimdal/tests/plugin/Makefile.in deleted file mode 100644 index 3e06d8015257..000000000000 --- a/crypto/heimdal/tests/plugin/Makefile.in +++ /dev/null @@ -1,890 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 20202 2007-02-08 00:59:47Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = tests/plugin -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(libdir)" -libLTLIBRARIES_INSTALL = $(INSTALL) -LTLIBRARIES = $(lib_LTLIBRARIES) -windc_la_LIBADD = -am_windc_la_OBJECTS = windc.lo -windc_la_OBJECTS = $(am_windc_la_OBJECTS) -windc_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(windc_la_LDFLAGS) \ - $(LDFLAGS) -o $@ -DEFAULT_INCLUDES = -I. -I$(top_builddir)/include@am__isrc@ -depcomp = -am__depfiles_maybe = -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = $(windc_la_SOURCES) -DIST_SOURCES = $(windc_la_SOURCES) -DATA = $(noinst_DATA) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -noinst_DATA = krb5.conf -SCRIPT_TESTS = check-pac -TESTS = $(SCRIPT_TESTS) -port = 49188 -do_subst = sed -e 's,[@]srcdir[@],$(srcdir),g' \ - -e 's,[@]port[@],$(port),g' \ - -e 's,[@]objdir[@],$(top_builddir)/tests/plugin,g' \ - -e 's,[@]EGREP[@],$(EGREP),g' - -LDADD = ../../lib/krb5/libkrb5.la $(LIB_roken) -lib_LTLIBRARIES = windc.la -windc_la_SOURCES = windc.c -windc_la_LDFLAGS = -module -CLEANFILES = \ - $(TESTS) \ - server.keytab \ - current-db* \ - foopassword \ - krb5.conf krb5.conf.tmp \ - messages.log - -EXTRA_DIST = \ - check-pac.in \ - krb5.conf.in - -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps tests/plugin/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps tests/plugin/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-libLTLIBRARIES: $(lib_LTLIBRARIES) - @$(NORMAL_INSTALL) - test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ - else :; fi; \ - done - -uninstall-libLTLIBRARIES: - @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ - done - -clean-libLTLIBRARIES: - -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done -windc.la: $(windc_la_OBJECTS) $(windc_la_DEPENDENCIES) - $(windc_la_LINK) -rpath $(libdir) $(windc_la_OBJECTS) $(windc_la_LIBADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -.c.o: - $(COMPILE) -c $< - -.c.obj: - $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: - $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ - srcdir=$(srcdir); export srcdir; \ - list=' $(TESTS) '; \ - if test -n "$$list"; then \ - for tst in $$list; do \ - if test -f ./$$tst; then dir=./; \ - elif test -f $$tst; then dir=; \ - else dir="$(srcdir)/"; fi; \ - if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xpass=`expr $$xpass + 1`; \ - failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ - ;; \ - *) \ - echo "PASS: $$tst"; \ - ;; \ - esac; \ - elif test $$? -ne 77; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ - ;; \ - *) \ - failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ - ;; \ - esac; \ - else \ - skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ - fi; \ - else \ - if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ - else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ - fi; \ - fi; \ - dashes="$$banner"; \ - skipped=""; \ - if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ - test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$skipped"; \ - fi; \ - report=""; \ - if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ - report="Please report to $(PACKAGE_BUGREPORT)"; \ - test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$report"; \ - fi; \ - dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - test -z "$$skipped" || echo "$$skipped"; \ - test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0; \ - else :; fi - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local -check: check-am -all-am: Makefile $(LTLIBRARIES) $(DATA) all-local -installdirs: - for dir in "$(DESTDIR)$(libdir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \ - mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-libLTLIBRARIES - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-libLTLIBRARIES - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \ - check-local clean clean-generic clean-libLTLIBRARIES \ - clean-libtool ctags dist-hook distclean distclean-compile \ - distclean-generic distclean-libtool distclean-tags distdir dvi \ - dvi-am html html-am info info-am install install-am \ - install-data install-data-am install-data-hook install-dvi \ - install-dvi-am install-exec install-exec-am install-exec-hook \ - install-html install-html-am install-info install-info-am \ - install-libLTLIBRARIES install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-hook \ - uninstall-libLTLIBRARIES - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -check-pac: check-pac.in Makefile - $(do_subst) < $(srcdir)/check-pac.in > check-pac.tmp - chmod +x check-pac.tmp - mv check-pac.tmp check-pac - -krb5.conf: krb5.conf.in Makefile - $(do_subst) < $(srcdir)/krb5.conf.in > krb5.conf.tmp - mv krb5.conf.tmp krb5.conf -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/tests/plugin/check-pac.in b/crypto/heimdal/tests/plugin/check-pac.in deleted file mode 100644 index 290274d2f51f..000000000000 --- a/crypto/heimdal/tests/plugin/check-pac.in +++ /dev/null @@ -1,147 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $Id: check-pac.in 21857 2007-08-08 06:59:36Z lha $ -# - -srcdir="@srcdir@" -objdir="@objdir@" -EGREP="@EGREP@" - -testfailed="echo test failed; cat messages.log; exit 1" - -# If there is no useful db support compile in, disable test -../db/have-db || exit 77 - -R=TEST.H5L.SE - -port=@port@ - -kadmin="${TESTS_ENVIRONMENT} ../../kadmin/kadmin -l -r ${R}" -kdc="${TESTS_ENVIRONMENT} ../../kdc/kdc --addresses=localhost -P $port" - -server=host/datan.test.h5l.se -cache="FILE:${objdir}/cache.krb5" -keytabfile=${objdir}/server.keytab -keytab="FILE:${keytabfile}" - -kinit="${TESTS_ENVIRONMENT} ../../kuser/kinit -c $cache --no-afslog" -klist="${TESTS_ENVIRONMENT} ../../kuser/klist -c $cache" -kgetcred="${TESTS_ENVIRONMENT} ../../kuser/kgetcred -c $cache" -kdestroy="${TESTS_ENVIRONMENT} ../../kuser/kdestroy -c $cache --no-unlog" - -KRB5_CONFIG="${objdir}/krb5.conf" -export KRB5_CONFIG - -rm -f ${keytabfile} -rm -f current-db* -rm -f out-* -rm -f mkey.file* - -> messages.log - -echo Creating database -${kadmin} \ - init \ - --realm-max-ticket-life=1day \ - --realm-max-renewable-life=1month \ - ${R} || exit 1 - -${kadmin} add -p foo --use-defaults foo@${R} || exit 1 -${kadmin} add -p bar --use-defaults ${server}@${R} || exit 1 -${kadmin} ext -k ${keytab} ${server}@${R} || exit 1 - -echo "Doing database check" -${kadmin} check ${R} || exit 1 -${kadmin} check ${R2} || exit 1 - -echo foo > ${objdir}/foopassword - -echo "Empty log" -> messages.log - -echo Starting kdc -${kdc} & -kdcpid=$! - -sh ${srcdir}/../kdc/wait-kdc.sh -if [ "$?" != 0 ] ; then - kill ${kdcpid} - exit 1 -fi - -trap "kill ${kdcpid}; echo signal killing kdc; exit 1;" EXIT - -ec=0 - -echo "Check that WINDC module was loaded " -grep "windc init" messages.log >/dev/null || \ - { ec=1 ; eval "${testfailed}"; } - -echo "Getting client initial tickets"; > messages.log -${kinit} --password-file=${objdir}/foopassword foo@${R} || \ - { ec=1 ; eval "${testfailed}"; } -echo "Getting tickets" ; > messages.log -${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } -echo "Verify PAC on server"; > messages.log -../kdc/ap-req --verify-pac ${server}@${R} ${keytab} ${cache} || \ - { ec=1 ; eval "${testfailed}"; } -${kdestroy} - -echo "Getting client initial tickets (pag)"; > messages.log -${kinit} --request-pac --password-file=${objdir}/foopassword foo@${R} || \ - { ec=1 ; eval "${testfailed}"; } -echo "Getting tickets" ; > messages.log -${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } -echo "Verify PAC on server (pag)"; > messages.log -../kdc/ap-req --verify-pac ${server}@${R} ${keytab} ${cache} || \ - { ec=1 ; eval "${testfailed}"; } -${kdestroy} - -echo "Getting client initial tickets (no pag)"; > messages.log -${kinit} --no-request-pac --password-file=${objdir}/foopassword foo@${R} || \ - { ec=1 ; eval "${testfailed}"; } -echo "Getting tickets" ; > messages.log -${kgetcred} ${server}@${R} || { ec=1 ; eval "${testfailed}"; } -echo "Verify PAC on server (no pag)"; > messages.log -../kdc/ap-req --verify-pac ${server}@${R} ${keytab} ${cache} 2> /dev/null && \ - { ec=1 ; eval "${testfailed}"; } -${kdestroy} - - -echo "killing kdc (${kdcpid})" -kill $kdcpid || exit 1 - -trap "" EXIT - -exit $ec diff --git a/crypto/heimdal/tests/plugin/krb5.conf.in b/crypto/heimdal/tests/plugin/krb5.conf.in deleted file mode 100644 index fad9e740f4be..000000000000 --- a/crypto/heimdal/tests/plugin/krb5.conf.in +++ /dev/null @@ -1,29 +0,0 @@ -# $Id: krb5.conf.in 20202 2007-02-08 00:59:47Z lha $ - -[libdefaults] - default_realm = TEST.H5L.SE - no-addresses = TRUE - - plugin_dir = @objdir@ @objdir@/.libs - -[appdefaults] - pkinit_anchors = FILE:@srcdir@/../../lib/hx509/data/ca.crt - -[realms] - TEST.H5L.SE = { - kdc = localhost:@port@ - } - -[kdc] - database = { - dbname = @objdir@/current-db - realm = TEST.H5L.SE - mkey_file = @objdir@/mkey.file - } - -[logging] - kdc = 0-/FILE:@objdir@/messages.log - default = 0-/FILE:@objdir@/messages.log - -[kadmin] -# default_keys = arcfour-hmac-md5:pw-salt diff --git a/crypto/heimdal/tests/plugin/windc.c b/crypto/heimdal/tests/plugin/windc.c deleted file mode 100644 index 7c78847f797d..000000000000 --- a/crypto/heimdal/tests/plugin/windc.c +++ /dev/null @@ -1,77 +0,0 @@ -#include -#include -#include - -static krb5_error_code -windc_init(krb5_context context, void **ctx) -{ - krb5_warnx(context, "windc init"); - *ctx = NULL; - return 0; -} - -static void -windc_fini(void *ctx) -{ -} - -static krb5_error_code -pac_generate(void *ctx, krb5_context context, - struct hdb_entry_ex *client, krb5_pac *pac) -{ - krb5_error_code ret; - krb5_data data; - - krb5_warnx(context, "pac generate"); - - data.data = "\x00\x01"; - data.length = 2; - - ret = krb5_pac_init(context, pac); - if (ret) - return ret; - - ret = krb5_pac_add_buffer(context, *pac, 1, &data); - if (ret) - return ret; - - return 0; -} - -static krb5_error_code -pac_verify(void *ctx, krb5_context context, - const krb5_principal client_principal, - struct hdb_entry_ex *client, - struct hdb_entry_ex *server, - krb5_pac *pac) -{ - krb5_error_code ret; - krb5_data data; - - krb5_warnx(context, "pac_verify"); - - ret = krb5_pac_get_buffer(context, *pac, 1, &data); - if (ret) - return ret; - - krb5_data_free(&data); - - return 0; -} - -static krb5_error_code -client_access(void *ctx, krb5_context context, - struct hdb_entry_ex *client, KDC_REQ *req) -{ - krb5_warnx(context, "client_access"); - return 0; -} - -krb5plugin_windc_ftable windc = { - KRB5_WINDC_PLUGING_MINOR, - windc_init, - windc_fini, - pac_generate, - pac_verify, - client_access -}; diff --git a/crypto/heimdal/tools/Makefile.am b/crypto/heimdal/tools/Makefile.am deleted file mode 100644 index db60f48b4394..000000000000 --- a/crypto/heimdal/tools/Makefile.am +++ /dev/null @@ -1,53 +0,0 @@ -# $Id: Makefile.am 22413 2008-01-12 05:58:14Z lha $ - -include $(top_srcdir)/Makefile.am.common - -bin_SCRIPTS = krb5-config - -pkgconfigdir = $(libdir)/pkgconfig - -pkgconfig_DATA = heimdal-gssapi.pc - -man_MANS = krb5-config.1 - -if PKINIT -LIB_pkinit = -lhx509 -endif - -subst = sed -e "s!@PACKAGE\@!$(PACKAGE)!g" \ - -e "s!@VERSION\@!$(VERSION)!g" \ - -e "s!@prefix\@!$(prefix)!g" \ - -e "s!@exec_prefix\@!$(exec_prefix)!g" \ - -e "s!@libdir\@!$(libdir)!g" \ - -e "s!@includedir\@!$(includedir)!g" \ - -e "s!@LIB_crypt\@!$(LIB_crypt)!g" \ - -e "s!@LIB_dbopen\@!$(LIB_dbopen)!g" \ - -e "s!@INCLUDE_hcrypto\@!$(INCLUDE_hcrypto)!g" \ - -e "s!@LIB_hcrypto_appl\@!$(LIB_hcrypto_appl)!g" \ - -e "s!@LIB_dlopen\@!$(LIB_dlopen)!g" \ - -e "s!@LIB_door_create\@!$(LIB_door_create)!g" \ - -e "s!@LIB_pkinit\@!$(LIB_pkinit)!g" \ - -e "s!@LIBS\@!$(LIBS)!g" - -krb5-config: krb5-config.in - $(subst) $(srcdir)/krb5-config.in > $@.new - mv $@.new $@ - chmod +x $@ - -heimdal-gssapi.pc: heimdal-gssapi.pc.in - $(subst) $(srcdir)/heimdal-gssapi.pc.in > $@.new - mv $@.new $@ - -EXTRA_DIST = \ - $(man_MANS) \ - heimdal-build.sh \ - krb5-config.in \ - heimdal-gssapi.pc.in \ - kdc-log-analyze.pl - -CLEANFILES = \ - krb5-config \ - krb5-config.new \ - heimdal-gssapi.pc \ - heimdal-gssapi.pc.new - diff --git a/crypto/heimdal/tools/Makefile.in b/crypto/heimdal/tools/Makefile.in deleted file mode 100644 index 7fee3430484a..000000000000 --- a/crypto/heimdal/tools/Makefile.in +++ /dev/null @@ -1,805 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# $Id: Makefile.am 22413 2008-01-12 05:58:14Z lha $ - -# $Id: Makefile.am.common 10998 2002-05-19 18:35:37Z joda $ - -# $Id: Makefile.am.common 22488 2008-01-21 11:47:22Z lha $ - - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(top_srcdir)/Makefile.am.common \ - $(top_srcdir)/cf/Makefile.am.common -subdir = tools -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \ - $(top_srcdir)/cf/auth-modules.m4 $(top_srcdir)/cf/autobuild.m4 \ - $(top_srcdir)/cf/broken-getaddrinfo.m4 \ - $(top_srcdir)/cf/broken-glob.m4 \ - $(top_srcdir)/cf/broken-realloc.m4 \ - $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \ - $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \ - $(top_srcdir)/cf/capabilities.m4 \ - $(top_srcdir)/cf/check-compile-et.m4 \ - $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \ - $(top_srcdir)/cf/check-man.m4 \ - $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \ - $(top_srcdir)/cf/check-type-extra.m4 \ - $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \ - $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \ - $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \ - $(top_srcdir)/cf/dlopen.m4 \ - $(top_srcdir)/cf/find-func-no-libs.m4 \ - $(top_srcdir)/cf/find-func-no-libs2.m4 \ - $(top_srcdir)/cf/find-func.m4 \ - $(top_srcdir)/cf/find-if-not-broken.m4 \ - $(top_srcdir)/cf/framework-security.m4 \ - $(top_srcdir)/cf/have-struct-field.m4 \ - $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \ - $(top_srcdir)/cf/krb-bigendian.m4 \ - $(top_srcdir)/cf/krb-func-getlogin.m4 \ - $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \ - $(top_srcdir)/cf/krb-readline.m4 \ - $(top_srcdir)/cf/krb-struct-spwd.m4 \ - $(top_srcdir)/cf/krb-struct-winsize.m4 \ - $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/mips-abi.m4 \ - $(top_srcdir)/cf/misc.m4 $(top_srcdir)/cf/need-proto.m4 \ - $(top_srcdir)/cf/osfc2.m4 $(top_srcdir)/cf/otp.m4 \ - $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \ - $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \ - $(top_srcdir)/cf/roken-frag.m4 \ - $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \ - $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \ - $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \ - $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/include/config.h -CONFIG_CLEAN_FILES = -am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" \ - "$(DESTDIR)$(pkgconfigdir)" -binSCRIPT_INSTALL = $(INSTALL_SCRIPT) -SCRIPTS = $(bin_SCRIPTS) -depcomp = -am__depfiles_maybe = -SOURCES = -DIST_SOURCES = -man1dir = $(mandir)/man1 -MANS = $(man_MANS) -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -pkgconfigDATA_INSTALL = $(INSTALL_DATA) -DATA = $(pkgconfig_DATA) -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -CFLAGS = @CFLAGS@ -COMPILE_ET = @COMPILE_ET@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DBLIB = @DBLIB@ -DEFS = @DEFS@ -DIR_com_err = @DIR_com_err@ -DIR_hcrypto = @DIR_hcrypto@ -DIR_hdbdir = @DIR_hdbdir@ -DIR_roken = @DIR_roken@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -GREP = @GREP@ -GROFF = @GROFF@ -INCLUDES_roken = @INCLUDES_roken@ -INCLUDE_hcrypto = @INCLUDE_hcrypto@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -INCLUDE_krb4 = @INCLUDE_krb4@ -INCLUDE_openldap = @INCLUDE_openldap@ -INCLUDE_readline = @INCLUDE_readline@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDFLAGS = @LDFLAGS@ -LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBADD_roken = @LIBADD_roken@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LIBTOOL = @LIBTOOL@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_NDBM = @LIB_NDBM@ -LIB_XauFileName = @LIB_XauFileName@ -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_XauWriteAuth = @LIB_XauWriteAuth@ -LIB_bswap16 = @LIB_bswap16@ -LIB_bswap32 = @LIB_bswap32@ -LIB_com_err = @LIB_com_err@ -LIB_com_err_a = @LIB_com_err_a@ -LIB_com_err_so = @LIB_com_err_so@ -LIB_crypt = @LIB_crypt@ -LIB_db_create = @LIB_db_create@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_door_create = @LIB_door_create@ -LIB_el_init = @LIB_el_init@ -LIB_freeaddrinfo = @LIB_freeaddrinfo@ -LIB_gai_strerror = @LIB_gai_strerror@ -LIB_getaddrinfo = @LIB_getaddrinfo@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_gethostbyname2 = @LIB_gethostbyname2@ -LIB_getnameinfo = @LIB_getnameinfo@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_hcrypto = @LIB_hcrypto@ -LIB_hcrypto_a = @LIB_hcrypto_a@ -LIB_hcrypto_appl = @LIB_hcrypto_appl@ -LIB_hcrypto_so = @LIB_hcrypto_so@ -LIB_hesiod = @LIB_hesiod@ -LIB_hstrerror = @LIB_hstrerror@ -LIB_kdb = @LIB_kdb@ -LIB_krb4 = @LIB_krb4@ -LIB_loadquery = @LIB_loadquery@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_openldap = @LIB_openldap@ -LIB_openpty = @LIB_openpty@ -LIB_otp = @LIB_otp@ -LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ -LIB_res_ndestroy = @LIB_res_ndestroy@ -LIB_res_nsearch = @LIB_res_nsearch@ -LIB_res_search = @LIB_res_search@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PTHREADS_CFLAGS = @PTHREADS_CFLAGS@ -PTHREADS_LIBS = @PTHREADS_LIBS@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -VERSIONING = @VERSIONING@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -XMKMF = @XMKMF@ -X_CFLAGS = @X_CFLAGS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_LIBS = @X_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__leading_dot = @am__leading_dot@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dpagaix_cflags = @dpagaix_cflags@ -dpagaix_ldadd = @dpagaix_ldadd@ -dpagaix_ldflags = @dpagaix_ldflags@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -SUFFIXES = .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 -AM_CPPFLAGS = -I$(top_builddir)/include $(INCLUDES_roken) -@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME -AM_CFLAGS = $(WFLAGS) -CP = cp -buildinclude = $(top_builddir)/include -LIB_getattr = @LIB_getattr@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_setpcred = @LIB_setpcred@ -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -NROFF_MAN = groff -mandoc -Tascii -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ -@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la - -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -@KRB5_TRUE@LIB_tsasl = $(top_builddir)/lib/tsasl/libtsasl.la -@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la -bin_SCRIPTS = krb5-config -pkgconfigdir = $(libdir)/pkgconfig -pkgconfig_DATA = heimdal-gssapi.pc -man_MANS = krb5-config.1 -@PKINIT_TRUE@LIB_pkinit = -lhx509 -subst = sed -e "s!@PACKAGE\@!$(PACKAGE)!g" \ - -e "s!@VERSION\@!$(VERSION)!g" \ - -e "s!@prefix\@!$(prefix)!g" \ - -e "s!@exec_prefix\@!$(exec_prefix)!g" \ - -e "s!@libdir\@!$(libdir)!g" \ - -e "s!@includedir\@!$(includedir)!g" \ - -e "s!@LIB_crypt\@!$(LIB_crypt)!g" \ - -e "s!@LIB_dbopen\@!$(LIB_dbopen)!g" \ - -e "s!@INCLUDE_hcrypto\@!$(INCLUDE_hcrypto)!g" \ - -e "s!@LIB_hcrypto_appl\@!$(LIB_hcrypto_appl)!g" \ - -e "s!@LIB_dlopen\@!$(LIB_dlopen)!g" \ - -e "s!@LIB_door_create\@!$(LIB_door_create)!g" \ - -e "s!@LIB_pkinit\@!$(LIB_pkinit)!g" \ - -e "s!@LIBS\@!$(LIBS)!g" - -EXTRA_DIST = \ - $(man_MANS) \ - heimdal-build.sh \ - krb5-config.in \ - heimdal-gssapi.pc.in \ - kdc-log-analyze.pl - -CLEANFILES = \ - krb5-config \ - krb5-config.new \ - heimdal-gssapi.pc \ - heimdal-gssapi.pc.new - -all: all-am - -.SUFFIXES: -.SUFFIXES: .et .h .x .z .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign --ignore-deps tools/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign --ignore-deps tools/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-binSCRIPTS: $(bin_SCRIPTS) - @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_SCRIPTS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - if test -f $$d$$p; then \ - f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \ - echo " $(binSCRIPT_INSTALL) '$$d$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(binSCRIPT_INSTALL) "$$d$$p" "$(DESTDIR)$(bindir)/$$f"; \ - else :; fi; \ - done - -uninstall-binSCRIPTS: - @$(NORMAL_UNINSTALL) - @list='$(bin_SCRIPTS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man1: $(man1_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)" - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \ - done -uninstall-man1: - @$(NORMAL_UNINSTALL) - @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.1*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 1*) ;; \ - *) ext='1' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man1dir)/$$inst"; \ - done -install-pkgconfigDATA: $(pkgconfig_DATA) - @$(NORMAL_INSTALL) - test -z "$(pkgconfigdir)" || $(MKDIR_P) "$(DESTDIR)$(pkgconfigdir)" - @list='$(pkgconfig_DATA)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(pkgconfigDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(pkgconfigdir)/$$f'"; \ - $(pkgconfigDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(pkgconfigdir)/$$f"; \ - done - -uninstall-pkgconfigDATA: - @$(NORMAL_UNINSTALL) - @list='$(pkgconfig_DATA)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(pkgconfigdir)/$$f'"; \ - rm -f "$(DESTDIR)$(pkgconfigdir)/$$f"; \ - done -tags: TAGS -TAGS: - -ctags: CTAGS -CTAGS: - - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) \ - top_distdir="$(top_distdir)" distdir="$(distdir)" \ - dist-hook -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -all-am: Makefile $(SCRIPTS) $(MANS) $(DATA) all-local -installdirs: - for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(pkgconfigdir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool mostlyclean-am - -distclean: distclean-am - -rm -f Makefile -distclean-am: clean-am distclean-generic - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man install-pkgconfigDATA - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-data-hook - -install-dvi: install-dvi-am - -install-exec-am: install-binSCRIPTS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man1 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-generic mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-binSCRIPTS uninstall-man \ - uninstall-pkgconfigDATA - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-hook - -uninstall-man: uninstall-man1 - -.MAKE: install-am install-data-am install-exec-am install-strip \ - uninstall-am - -.PHONY: all all-am all-local check check-am check-local clean \ - clean-generic clean-libtool dist-hook distclean \ - distclean-generic distclean-libtool distdir dvi dvi-am html \ - html-am info info-am install install-am install-binSCRIPTS \ - install-data install-data-am install-data-hook install-dvi \ - install-dvi-am install-exec install-exec-am install-exec-hook \ - install-html install-html-am install-info install-info-am \ - install-man install-man1 install-pdf install-pdf-am \ - install-pkgconfigDATA install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-generic \ - mostlyclean-libtool pdf pdf-am ps ps-am uninstall uninstall-am \ - uninstall-binSCRIPTS uninstall-hook uninstall-man \ - uninstall-man1 uninstall-pkgconfigDATA - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - echo "*"; \ - echo "* Failed to install $$x setuid root"; \ - echo "*"; \ - fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS) - @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done ; \ - foo='$(nobase_include_HEADERS)'; \ - for f in $$foo; do \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - $(mkdir_p) $(buildinclude)/`dirname $$f` ; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " $(CP) $$file $(buildinclude)/$$f"; \ - $(CP) $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -check-local:: - @if test '$(CHECK_LOCAL)' = "no-check-local"; then \ - foo=''; elif test '$(CHECK_LOCAL)'; then \ - foo='$(CHECK_LOCAL)'; else \ - foo='$(PROGRAMS)'; fi; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 || exit 1; \ - fi - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -uninstall-cat-mans: - $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) - -install-data-hook: install-cat-mans -uninstall-hook: uninstall-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -# -# Useful target for debugging -# - -check-valgrind: - tobjdir=`cd $(top_builddir) && pwd` ; \ - tsrcdir=`cd $(top_srcdir) && pwd` ; \ - env TESTS_ENVIRONMENT="$${tobjdir}/libtool --mode execute valgrind --leak-check=full --trace-children=yes --quiet -q --num-callers=30 --suppressions=$${tsrcdir}/cf/valgrind-suppressions" make check - -# -# Target to please samba build farm, builds distfiles in-tree. -# Will break when automake changes... -# - -distdir-in-tree: $(DISTFILES) $(INFO_DEPS) - list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ - if test "$$subdir" != .; then \ - (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \ - fi ; \ - done - -krb5-config: krb5-config.in - $(subst) $(srcdir)/krb5-config.in > $@.new - mv $@.new $@ - chmod +x $@ - -heimdal-gssapi.pc: heimdal-gssapi.pc.in - $(subst) $(srcdir)/heimdal-gssapi.pc.in > $@.new - mv $@.new $@ -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/tools/build.sh b/crypto/heimdal/tools/build.sh deleted file mode 100755 index fad860836dbb..000000000000 --- a/crypto/heimdal/tools/build.sh +++ /dev/null @@ -1,212 +0,0 @@ -#!/bin/sh -# -# Build many combinations of kth-krb/heimdal/openssl -# -# $Id: build.sh,v 1.8 2003/04/17 12:55:02 lha Exp $ - -opt_n= #: -make_f= #-j - -heimdal_versions="0.5.2 0.6pre4" -krb4_versions="1.2.2" -openssl_versions="0.9.6i 0.9.7a 0.9.7b" - -make_check_version=".*heimdal-0.6.*" - -# 0.5 dont eat 0.9.7 -dont_build="openssl-0.9.7.*heimdal-0.5.*" -# 1.2 dont eat 0.9.7 -dont_build="openssl-0.9.7.*krb4-1.2.* ${dont_build}" -#yacc problems -dont_build="openssl-0.9.6.*heimdal-0.5.*osf4.* ${dont_build}" -#local openssl 09.7 and broken kuser/Makefile.am -dont_build="openssl-0.9.6.*heimdal-0.5.*freebsd4.8.* ${dont_build}" -failed= - -# Allow override -for a in $HOME . /etc ; do - [ -f $a/.heimdal-build ] && . $a/.heimdal-build -done - -targetdir=${targetdir:-/scratch/heimdal-test} -logfile="${targetdir}/buildlog" - -distdirs="${distdirs} /afs/su.se/home/l/h/lha/Public/openssl" -distdirs="${distdirs} /afs/pdc.kth.se/public/ftp/pub/heimdal/src" -distdirs="${distdirs} /afs/pdc.kth.se/public/ftp/pub/heimdal/src/snapshots" -distdirs="${distdirs} /afs/pdc.kth.se/public/ftp/pub/krb/src" - - -logprint () { - d=`date '+%Y-%m-%d %H:%M:%S'` - echo "${d}: $*" - echo "${d}: --- $*" >> ${logfile} -} - -logerror () { - echo "$*" - exit 1 -} - -find_unzip_prog () { - unzip_prog= - oldIFS="$IFS" - IFS=: - set -- $PATH - IFS="$oldIFS" - for a in $* ; do - if [ -x $a/gzip ] ; then - unzip_prog="$a/gzip -dc" - break - elif [ -x $a/gunzip ] ; then - unzip_prog="$a/gunzip -c" - break - fi - done - [ "$unzip_prog" = "" ] && logerror failed to find unzip program -} - -find_canon_name () { - canon_name= - for a in ${distdirs} ; do - if [ -f $a/config.guess ] ; then - canon_name=`$a/config.guess` - fi - if [ "${canon_name}" != "" ] ; then - break - fi - done - [ "${canon_name}" = "" ] && logerror "cant find config.guess" -} - -do_check_p () { - eval check_var=\$"$1" - for a in ${check_var} ; do - expr "$2${canon_name}" : "${a}" > /dev/null 2>&1 && return 1 - done - return 0 -} - -unpack_tar () { - for a in ${distdirs} ; do - if [ -f $a/$1 ] ; then - ${opt_n} ${unzip_prog} ${a}/$1 | ${opt_n} tar xf - - return 0 - fi - done - logerror "did not find $1" -} - -build () { - real_ver=$1 - prog=$2 - ver=$3 - confprog=$4 - checks=$5 - pv=${prog}-${ver} - mkdir tmp || logerror "failed to build tmpdir" - cd tmp || logerror "failed to change dir to tmpdir" - do_check_p dont_build ${real_ver} || \ - { cd .. ; rmdir tmp ; logprint "not building $1" && return 0 ; } - cd .. || logerror "failed to change back from tmpdir" - rmdir tmp || logerror "failed to remove tmpdir" - logprint "preparing for ${pv}" - ${opt_n} rm -rf ${targetdir}/${prog}-${ver} - ${opt_n} rm -rf ${prog}-${ver} - unpack_tar ${pv}.tar.gz - ${opt_n} cd ${pv} || logerror directory ${pv} not there - logprint "configure ${prog} ${ver} (${confprog})" - ${opt_n} ./${confprog} \ - --prefix=${targetdir}/${pv} >> ${logfile} 2>&1 || \ - { logprint failed to configure ${pv} ; return 1 ; } - logprint "make ${prog} ${ver}" - ${opt_n} make ${make_f} >> ${logfile} 2>&1 || \ - { logprint failed to make ${pv} ; return 1 ; } - ${opt_n} make install >> ${logfile} 2>&1 || \ - { logprint failed to install ${pv} ; return 1 ; } - do_check_p make_check_version ${real_ver} || \ - { ${opt_n} make check >> ${logfile} 2>&1 || return 1 ; } - ${opt_n} cd .. - [ "${checks}" != "" ] && ${opt_n} ${checks} >> ${logfile} 2>&1 - return 0 -} - -find_canon_name - -logprint using host `hostname` -logprint `uname -a` -logprint canonical name ${canon_name} - -logprint clearing logfile -> ${logfile} - -find_unzip_prog - -logprint using target dir ${targetdir} -mkdir -p ${targetdir}/src -cd ${targetdir}/src || exit 1 -rm -rf heimdal* openssl* krb4* - -logprint === building openssl versions -for vo in ${openssl_versions} ; do - build openssl-${vo} openssl $vo config -done - -wssl="--with-openssl=${targetdir}/openssl" -wssli="--with-openssl-include=${targetdir}/openssl" #this is a hack for broken heimdal 0.5.x autoconf test -wossl="--without-openssl" -wk4c="--with-krb4-config=${targetdir}/krb4" -bk4c="/bin/krb4-config" -wok4="--without-krb4" - -logprint === building heimdal w/o krb4 versions -for vo in ${openssl_versions} ; do - for vh in ${heimdal_versions} ; do - v="openssl-${vo}-heimdal-${vh}" - build "${v}" \ - heimdal ${vh} \ - "configure ${wok4} ${wssl}-${vo} ${wssli}-${vo}/include" \ - "${targetdir}/heimdal-${vh}/bin/krb5-config --libs | grep lcrypto" \ || \ - { failed="${failed} ${v}" ; logprint ${v} failed ; } - done -done - -logprint === building krb4 -for vo in ${openssl_versions} ; do - for vk in ${krb4_versions} ; do - v="openssl-${vo}-krb4-${vk}" - build "${v}" \ - krb4 ${vk} \ - "configure ${wssl}-${vo}" \ - "${targetdir}/krb4-${vk}/bin/krb4-config --libs | grep lcrypto"|| \ - { failed="${failed} ${v}" ; logprint ${v} failed ; } - done -done - -logprint === building heimdal with krb4 versions -for vo in ${openssl_versions} ; do - for vk in ${krb4_versions} ; do - for vh in ${heimdal_versions} ; do - v="openssl-${vo}-krb4-${vk}-heimdal-${vh}" - build "${v}" \ - heimdal ${vh} \ - "configure ${wk4c}-${vk}${bk4c} ${wssl}-${vo} ${wssli}-${vo}/include" \ - "${targetdir}/heimdal-${vh}/bin/krb5-config --libs | grep lcrypto && ${targetdir}/heimdal-${vh}/bin/krb5-config --libs | grep krb4" \ - || \ - { failed="${failed} ${v}" ; logprint ${v} failed ; } - done - done -done - -logprint === building heimdal without krb4 and openssl versions -for vh in ${heimdal_versions} ; do - v="des-heimdal-${vh}" - build "${v}" \ - heimdal ${vh} \ - "configure ${wok4} ${wossl}" || \ - { failed="${failed} ${v}" ; logprint ${v} failed ; } -done - -logprint all done -[ "${failed}" != "" ] && logprint "failed: ${failed}" -exit 0 diff --git a/crypto/heimdal/tools/heimdal-build.sh b/crypto/heimdal/tools/heimdal-build.sh deleted file mode 100644 index 4e8a7eaa9e44..000000000000 --- a/crypto/heimdal/tools/heimdal-build.sh +++ /dev/null @@ -1,295 +0,0 @@ -#!/bin/sh -# Fetches, builds and store the result of a heimdal build -# Version: $Id: heimdal-build.sh 21653 2007-07-18 20:15:59Z lha $ - -fetchmethod=wget #options are: wget, curl, ftp, afs -resultdir= -email=heimdal-build-log@it.su.se -baseurl=ftp://ftp.pdc.kth.se/pub/heimdal/src -afsdir=/afs/pdc.kth.se/public/ftp/pub/heimdal/src -keeptree=no -passhrase= -builddir= -noemail= -cputimelimit=3600 -confflags= - -# Add some bonus paths, to find sendmail and other tools -# on interesting platforms. -PATH="${PATH}:/usr/sbin:/usr/bin:/usr/libexec:/usr/lib" -PATH="${PATH}:/usr/local/bin:/usr/local/sbin" - -# no more user configurabled part below (hopefully) - -usage="[--current] [--svn SourceRepository] [--cvs-flags] [--result-directory dir] [--fetch-method wget|ftp|curl|cvs|fetch|afs] --keep-tree] [--autotools] [--passhrase string] [--no-email] [--build-dir dir] [--cputime] [--distcheck] [--test-environment env] [--configure-flags flags]" - -date=`date +%Y%m%d` -if [ "$?" != 0 ]; then - echo "have no sane date, punting" - exit 1 -fi - -hostname=`hostname` -if [ "$?" != 0 ]; then - echo "have no sane hostname, punting" - exit 1 -fi - -version=`grep "^# Version: " "$0" | cut -f2- -d:` -if [ "X${version}" = X ]; then - echo "Can not figure out what version I am" - exit 1 -fi - -dir= -hversion= -cvsroot= -cvsflags= -cvsbranch= -branch= -autotools=no -distcheck=no - -while true -do - case $1 in - --autotools) - autotools=yes - shift - ;; - --build-dir) - builddir="$2" - shift 2 - ;; - --current) - dir="snapshots/" - hversion="heimdal-${date}" - shift - ;; - --release) - hversion="heimdal-$2" - shift 2 - ;; - --cputime) - cputimelimit="$2" - shift 2 - ;; - --ccache-dir) - ccachedir="$2" - shift 2 - ;; - --svn) - hversion="heimdal-svn-${date}" - svnroot=$2 - fetchmethod=svn - shift 2 - ;; - --distcheck) - distcheck=yes - shift - ;; - --result-directory) - resultdir="$2" - if [ ! -d "$resultdir" ]; then - echo "$resultdir doesn't exists" - exit 1 - fi - resultdir="`pwd`/${resultdir}" - shift 2 - ;; - --fetch-method) - fetchmethod="$2" - shift 2 - ;; - --keep-tree) - keeptree=yes - shift - ;; - --passphrase) - passhrase="$2" - shift 2 - ;; - --prepend-path) - prependpath="$2" - shift 2 - ;; - --test-environment) - testenvironment="$2" - shift 2 - ;; - --no-email) - noemail="yes" - shift - ;; - --configure-flags) - confflags="${confflags} $2" - shift 2 - ;; - --version) - echo "Version: $version" - exit 0 - ;; - -*) - echo "unknown option: $1" - break - ;; - *) - break - ;; - esac -done -if test $# -gt 0; then - echo $usage - exit 1 -fi - -if [ "X${hversion}" = X ]; then - echo "no version given" - exit 0 -fi - -hfile="${hversion}.tar.gz" -url="${baseurl}/${dir}${hfile}" -afsfile="${afsdir}/${dir}${hfile}" -unpack=yes - -# extra paths for the user -if [ "X${prependpath}" != X ]; then - PATH="${prependpath}:${PATH}" -fi - -# Limit cpu seconds this all can take -ulimit -t "$cputimelimit" > /dev/null 2>&1 - -if [ "X${builddir}" != X ]; then - echo "Changing build dir to ${builddir}" - cd "${builddir}" -fi - -echo "Removing old source" -rm -rf ${hversion} - -echo "Fetching ${hversion} using $fetchmethod" -case "$fetchmethod" in -wget|ftp|fetch) - ${fetchmethod} $url > /dev/null - res=$? - ;; -curl) - ${fetchmethod} -o ${hfile} ${url} > /dev/null - res=$? - ;; -afs) - cp ${afsfile} ${hfile} - res=$? - ;; -svn) - svn co $svnroot ${hversion} - res=$? - unpack=no - autotools=yes - ;; -*) - echo "unknown fetch method" - ;; -esac - -if [ "X$res" != X0 ]; then - echo "Failed to download the tar-ball" - exit 1 -fi - -if [ X"$unpack" = Xyes ]; then - echo Unpacking source - (gzip -dc ${hfile} | tar xf -) || exit 1 -fi - -if [ X"$autotools" = Xyes ]; then - echo "Autotooling" - (cd ${hversion} && sh ./autogen.sh) || exit 1 -fi - -if [ X"$ccachedir" != X ]; then - CCACHE_DIR="${ccachedir}" - export CCACHE_DIR -fi - -cd ${hversion} || exit 1 - -makecheckenv= -if [ X"${testenvironment}" != X ] ; then - makecheckenv="${makecheckenv} TESTS_ENVIRONMENT=\"${testenvironment}\"" -fi - -mkdir socket_wrapper_dir -SOCKET_WRAPPER_DIR=`pwd`/socket_wrapper_dir -export SOCKET_WRAPPER_DIR - -echo "Configuring and building ($hversion)" -echo "./configure --enable-socket-wrapper ${confflags}" > ab.txt -./configure --enable-socket-wrapper ${confflags} >> ab.txt 2>&1 -if [ $? != 0 ] ; then - echo Configure failed - status=${status:-configure} -fi -echo make all >> ab.txt -make all >> ab.txt 2>&1 -if [ $? != 0 ] ; then - echo Make all failed - status=${status:-make all} -fi -echo make check >> ab.txt -eval env $makecheckenv make check >> ab.txt 2>&1 -if [ $? != 0 ] ; then - echo Make check failed - status=${status:-make check} -fi - -if [ "$distcheck" = yes ] ; then - echo make distcheck >> ab.txt - if [ $? != 0 ] ; then - echo Make check failed - status=${status:-make distcheck} - fi -fi - -status=${status:-ok} - -echo "done: ${status}" - -if [ "X${resultdir}" != X ] ; then - cp ab.txt "${resultdir}/ab-${hversion}-${hostname}-${date}.txt" -fi - -if [ "X${noemail}" = X ] ; then - cat > email-header < -Subject: heimdal-build-log SPAM COOKIE -X-heimdal-build: kaka-till-love - -Script-version: ${version} -Heimdal-version: ${hversion} -Machine: `uname -a` -Status: $status -EOF - - if [ "X$passhrase" != X ] ; then - cat >> email-header <> email-header <, this program wouldn't exists -# without his help. -# - -use strict; -use Sys::Hostname; - -my $notlocal = 'not SU'; -my @local_realms = ( "SU.SE" ); -my @local_networks_re = - ( - "130\.237", - "193\.11\.3[0-9]\.", - "130.242.128", - "2001:6b0:5:" - ); - -my $as_req = 0; -my %as_req_addr; -my %as_req_addr_nonlocal; -my %as_req_client; -my %as_req_server; -my %addr_uses_des; -my %princ_uses_des; -my $five24_req = 0; -my %five24_req_addr; -my %five24_req_addr_nonlocal; -my %five24_req_server; -my %five24_req_client; -my $as_req_successful = 0; -my $as_req_error = 0; -my $no_such_princ = 0; -my %no_such_princ_princ; -my %no_such_princ_addr; -my %no_such_princ_addr_nonlocal; -my $as_req_etype_odd = 0; -my %bw_addr; -my $pa_alt_princ_request = 0; -my $pa_alt_princ_verify = 0; -my $tgs_req = 0; -my %tgs_req_addr; -my %tgs_req_addr_nonlocal; -my %tgs_req_client; -my %tgs_req_server; -my $tgs_xrealm_out = 0; -my %tgs_xrealm_out_realm; -my %tgs_xrealm_out_princ; -my $tgs_xrealm_in = 0; -my %tgs_xrealm_in_realm; -my %tgs_xrealm_in_princ; -my %enctype_session; -my %enctype_ticket; -my $restarts = 0; -my $forward_non_forward = 0; -my $v4_req = 0; -my %v4_req_addr; -my %v4_req_addr_nonlocal; -my $v4_cross = 0; -my %v4_cross_realm; -my $v5_cross = 0; -my %v5_cross_realm; -my $referrals = 0; -my %referral_princ; -my %referral_realm; -my %strange_tcp_data; -my $http_malformed = 0; -my %http_malformed_addr; -my $http_non_kdc = 0; -my %http_non_kdc_addr; -my $tcp_conn_timeout = 0; -my %tcp_conn_timeout_addr; -my $failed_processing = 0; -my %failed_processing_addr; -my $connection_closed = 0; -my %connection_closed_addr; -my $pa_failed = 0; -my %pa_failed_princ; -my %pa_failed_addr; -my %ip; - -$ip{'4'} = $ip{'6'} = 0; - -while (<>) { - process_line($_); -} - -print "Kerberos KDC Log Report for ", - hostname, " on ", scalar localtime, "\n\n"; - -print "General Statistics\n\n"; - -print "\tNumber of IPv4 requests: $ip{'4'}\n"; -print "\tNumber of IPv6 requests: $ip{'6'}\n\n"; - -print "\tNumber of restarts: $restarts\n"; -print "\tNumber of V4 requests: $v4_req\n"; -if ($v4_req > 0) { - print "\tTop ten IP addresses performing V4 requests:\n"; - topten(\%v4_req_addr); -} -if (int(keys %v4_req_addr_nonlocal) > 0) { - print "\tTop ten $notlocal IP addresses performing V4 requests:\n"; - topten(\%v4_req_addr_nonlocal); - -} -print "\n"; - -print "\tNumber of V4 cross realms (krb4 and 524) requests: $v4_cross\n"; -if ($v4_cross > 0) { - print "\tTop ten realms performing V4 cross requests:\n"; - topten(\%v4_cross_realm); -} -print "\n"; - -print "\tNumber of V45 cross realms requests: $v5_cross\n"; -if ($v5_cross > 0) { - print "\tTop ten realms performing V4 cross requests:\n"; - topten(\%v5_cross_realm); -} -print "\n"; - -print "\tNumber of failed lookups: $no_such_princ\n"; -if ($no_such_princ > 0) { - print "\tTop ten IP addresses failing to find principal:\n"; - topten(\%no_such_princ_addr); - print "\tTop ten $notlocal IP addresses failing find principal:\n"; - topten(\%no_such_princ_addr_nonlocal); - print "\tTop ten failed to find principals\n"; - topten(\%no_such_princ_princ); -} -print "\n"; - -print "\tBandwidth pigs:\n"; -topten(\%bw_addr); -print "\n"; - -print "\tStrange TCP data clients: ", int(keys %strange_tcp_data),"\n"; -topten(\%strange_tcp_data); -print "\n"; - -print "\tTimeout waiting on TCP requests: ", $tcp_conn_timeout,"\n"; -if ($tcp_conn_timeout > 0) { - print "\tTop ten TCP timeout request clients\n"; - topten(\%tcp_conn_timeout_addr); -} -print "\n"; - -print "\tFailed processing requests: ", $failed_processing,"\n"; -if ($failed_processing > 0) { - print "\tTop ten failed processing request clients\n"; - topten(\%failed_processing_addr); -} -print "\n"; - -print "\tConnection closed requests: ", $connection_closed,"\n"; -if ($connection_closed > 0) { - print "\tTop ten connection closed request clients\n"; - topten(\%connection_closed_addr); -} -print "\n"; - -print "\tMalformed HTTP requests: ", $http_malformed,"\n"; -if ($http_malformed > 0) { - print "\tTop ten malformed HTTP request clients\n"; - topten(\%http_malformed_addr); -} -print "\n"; - -print "\tHTTP non kdc requests: ", $http_non_kdc,"\n"; -if ($http_non_kdc > 0) { - print "\tTop ten HTTP non KDC request clients\n"; - topten(\%http_non_kdc_addr); -} -print "\n"; - -print "Report on AS_REQ requests\n\n"; -print "Overall AS_REQ statistics\n\n"; - -print "\tTotal number: $as_req\n"; - -print "\nAS_REQ client/server statistics\n\n"; - -print "\tDistinct IP Addresses performing requests: ", - int(keys %as_req_addr),"\n"; -print "\tOverall top ten IP addresses\n"; -topten(\%as_req_addr); - -print "\tDistinct non-local ($notlocal) IP Addresses performing requests: ", - int(keys %as_req_addr_nonlocal), "\n"; -print "\tTop ten non-local ($notlocal) IP address:\n"; -topten(\%as_req_addr_nonlocal); - -print "\n\tPreauth failed for for: ", $pa_failed, " requests\n"; -if ($pa_failed) { - print "\tPreauth failed top ten IP addresses:\n"; - topten(\%pa_failed_addr); - print "\tPreauth failed top ten principals:\n"; - topten(\%pa_failed_princ); -} - -print "\n\tDistinct clients performing requests: ", - int(keys %as_req_client), "\n"; -print "\tTop ten clients:\n"; -topten(\%as_req_client); - -print "\tDistinct services requested: ", int(keys %as_req_server), "\n"; -print "\tTop ten requested services:\n"; -topten(\%as_req_server); - -print "\n\n\nReport on TGS_REQ requests:\n\n"; -print "Overall TGS_REQ statistics\n\n"; -print "\tTotal number: $tgs_req\n"; - -print "\nTGS_REQ client/server statistics\n\n"; -print "\tDistinct IP addresses performing requests: ", - int(keys %tgs_req_addr), "\n"; -print "\tOverall top ten IP addresses\n"; -topten(\%tgs_req_addr); - -print "\tDistinct non-local ($notlocal) IP Addresses performing requests: ", - int(keys %tgs_req_addr_nonlocal), "\n"; -print "\tTop ten non-local ($notlocal) IP address:\n"; -topten(\%tgs_req_addr_nonlocal); - -print "\tDistinct clients performing requests: ", - int(keys %tgs_req_client), "\n"; -print "\tTop ten clients:\n"; -topten(\%tgs_req_client); - -print "\tDistinct services requested: ", int(keys %tgs_req_server), "\n"; -print "\tTop ten requested services:\n"; -topten(\%tgs_req_server); - -print "\n\n\nReport on 524_REQ requests:\n\n"; - -print "\t524_REQ client/server statistics\n\n"; - -print "\tDistinct IP Addresses performing requests: ", - int(keys %five24_req_addr),"\n"; -print "\tOverall top ten IP addresses\n"; -topten(\%five24_req_addr); - -print "\tDistinct non-local ($notlocal) IP Addresses performing requests: ", - int(keys %five24_req_addr_nonlocal), "\n"; -print "\tTop ten non-local ($notlocal) IP address:\n"; -topten(\%five24_req_addr_nonlocal); - -print "\tDistinct clients performing requests: ", int(keys %five24_req_client), "\n"; -print "\tTop ten clients:\n"; -topten(\%five24_req_client); - -print "\tDistinct services requested: ", int(keys %five24_req_server), "\n"; -print "\tTop ten requested services:\n"; -topten(\%five24_req_server); -print "\n"; - -print "Cross realm statistics\n\n"; - -print "\tNumber of cross-realm tgs out: $tgs_xrealm_out\n"; -if ($tgs_xrealm_out > 0) { - print "\tTop ten realms used for out cross-realm:\n"; - topten(\%tgs_xrealm_out_realm); - print "\tTop ten principals use out cross-realm:\n"; - topten(\%tgs_xrealm_out_princ); -} -print "\tNumber of cross-realm tgs in: $tgs_xrealm_in\n"; -if ($tgs_xrealm_in > 0) { - print "\tTop ten realms used for in cross-realm:\n"; - topten(\%tgs_xrealm_in_realm); - print "\tTop ten principals use in cross-realm:\n"; - topten(\%tgs_xrealm_in_princ); -} - -print "\n\nReport on referral:\n\n"; - -print "\tNumber of referrals: $referrals\n"; -if ($referrals > 0) { - print "\tTop ten referral-ed principals:\n"; - topten(\%referral_princ); - print "\tTop ten to realm referrals:\n"; - topten(\%referral_realm); -} - -print "\n\nEnctype Statistics:\n\n"; -print "\tTop ten session enctypes:\n"; -topten(\%enctype_session); -print "\tTop ten ticket enctypes:\n"; -topten(\%enctype_ticket); - -print "\tDistinct IP addresses using DES: ", int(keys %addr_uses_des), "\n"; -print "\tTop IP addresses using DES:\n"; -topten(\%addr_uses_des); -print "\tDistinct principals using DES: ", int(keys %princ_uses_des), "\n"; -print "\tTop ten principals using DES:\n"; -topten(\%princ_uses_des); - -print "\n"; - -printf("Requests to forward non-forwardable ticket: $forward_non_forward\n"); - - -exit 0; - -my $last_addr = ""; -my $last_principal = ""; - -sub process_line { - local($_) = @_; - # - # Eat these lines that are output as a result of startup (but - # log the number of restarts) - # - if (/AS-REQ \(krb4\) (.*) from IPv([46]):([0-9\.:a-fA-F]+) for krbtgt.*$/){ - $v4_req++; - $v4_req_addr{$3}++; - $v4_req_addr_nonlocal{$3}++ if (!islocaladdr($3)); - $last_addr = $3; - $last_principal = $1; - $ip{$2}++; - } elsif (/AS-REQ (.*) from IPv([46]):([0-9\.:a-fA-F]+) for (.*)$/) { - $as_req++; - $as_req_client{$1}++; - $as_req_server{$4}++; - $as_req_addr{$3}++; - $as_req_addr_nonlocal{$3}++ if (!islocaladdr($3)); - $last_addr = $3; - $last_principal = $1; - $ip{$2}++; - } elsif (/TGS-REQ \(krb4\)/) { - #Nothing - } elsif (/TGS-REQ (.+) from IPv([46]):([0-9\.:a-fA-F]+) for (.*?)( \[.*\]){0,1}$/) { - $tgs_req++; - $tgs_req_client{$1}++; - $tgs_req_server{$4}++; - $tgs_req_addr{$3}++; - $tgs_req_addr_nonlocal{$3}++ if (!islocaladdr($3)); - $last_addr = $3; - $last_principal = $1; - $ip{$2}++; - - my $source = $1; - my $dest = $4; - - if (!islocalrealm($source)) { - $tgs_xrealm_in++; - $tgs_xrealm_in_princ{$source}++; - if ($source =~ /[^@]+@([^@]+)/ ) { - $tgs_xrealm_in_realm{$1}++; - } - } - if ($dest =~ /krbtgt\/([^@]+)@[^@]+/) { - if (!islocalrealm($1)) { - $tgs_xrealm_out++; - $tgs_xrealm_out_realm{$1}++; - $tgs_xrealm_out_princ{$source}++; - } - } - } elsif (/524-REQ (.*) from IPv([46]):([0-9\.:a-fA-F]+) for (.*)$/) { - $five24_req++; - $five24_req_client{$1}++; - $five24_req_server{$4}++; - $five24_req_addr{$3}++; - $five24_req_addr_nonlocal{$3}++ if (!islocaladdr($3)); - $last_addr = $3; - $last_principal = $1; - $ip{$2}++; - } elsif (/TCP data of strange type from IPv[46]:([0-9\.:a-fA-F]+)/) { - $strange_tcp_data{$1}++; - } elsif (/Lookup (.*) failed: No such entry in the database/) { - $no_such_princ++; - $no_such_princ_addr{$last_addr}++; - $no_such_princ_addr_nonlocal{$last_addr}++ if (!islocaladdr($last_addr)); - $no_such_princ_princ{$1}++; - } elsif (/Lookup .* succeeded$/) { - # Nothing - } elsif (/Malformed HTTP request from IPv[46]:([0-9\.:a-fA-F]+)$/) { - $http_malformed++; - $http_malformed_addr{$1}++; - } elsif (/TCP-connection from IPv[46]:([0-9\.:a-fA-F]+) expired after [0-9]+ bytes/) { - $tcp_conn_timeout++; - $tcp_conn_timeout_addr{$1}++; - } elsif (/Failed processing [0-9]+ byte request from IPv[46]:([0-9\.:a-fA-F]+)/) { - $failed_processing++; - $failed_processing_addr{$1}++; - } elsif (/connection closed before end of data after [0-9]+ bytes from IPv[46]:([0-9\.:a-fA-F]+)/) { - $connection_closed++; - $connection_closed_addr{$1}++; - } elsif (/HTTP request from IPv[46]:([0-9\.:a-fA-F]+) is non KDC request/) { - $http_non_kdc++; - $http_non_kdc_addr{$1}++; - } elsif (/returning a referral to realm (.*) for server (.*) that was not found/) { - $referrals++; - $referral_princ{$2}++; - $referral_realm{$1}++; - } elsif (/krb4 Cross-realm (.*) -> (.*) disabled/) { - $v4_cross++; - $v4_cross_realm{$1."->".$2}++; - } elsif (/524 cross-realm (.*) -> (.*) disabled/) { - $v4_cross++; - $v4_cross_realm{$1."->".$2}++; - } elsif (/cross-realm (.*) -> (.*): no transit through realm (.*)/) { - } elsif (/cross-realm (.*) -> (.*) via \[([^\]]+)\]/) { - $v5_cross++; - $v5_cross_realm{$1."->".$2}++; - } elsif (/cross-realm (.*) -> (.*)/) { - $v5_cross++; - $v5_cross_realm{$1."->".$2}++; - } elsif (/sending ([0-9]+) bytes to IPv[46]:([0-9\.:a-fA-F]+)/) { - $bw_addr{$2} += $1; - } elsif (/Using ([-a-z0-9]+)\/([-a-z0-9]+)/) { - $enctype_ticket{$1}++; - $enctype_session{$2}++; - - my $ticket = $1; - my $session = $2; - - if ($ticket =~ /des-cbc-(crc|md4|md5)/) { - $addr_uses_des{$last_addr}++; - $princ_uses_des{$last_principal}++; - } - - } elsif (/Failed to decrypt PA-DATA -- (.+)$/) { - $pa_failed++; - $pa_failed_princ{$last_principal}++; - $pa_failed_addr{$last_addr}++; - - } elsif (/Request to forward non-forwardable ticket/) { - $forward_non_forward++; - } elsif (/HTTP request:/) { - } elsif (/krb_rd_req: Incorrect network address/) { - } elsif (/krb_rd_req: Ticket expired \(krb_rd_req\)/) { - } elsif (/Ticket expired \(.*\)/) { - } elsif (/krb_rd_req: Can't decode authenticator \(krb_rd_req\)/) { - } elsif (/Request from wrong address/) { - # XXX - } elsif (/UNKNOWN --/) { - # XXX - } elsif (/Too large time skew -- (.*)$/) { - # XXX - } elsif (/No PA-ENC-TIMESTAMP --/) { - # XXX - } elsif (/Looking for pa-data --/) { - # XXX - } elsif (/Pre-authentication succeded -- (.+)$/) { - # XXX - } elsif (/Bad request for ([,a-zA-Z0-9]+) ticket/) { - # XXX - } elsif (/Failed to verify AP-REQ: Ticket expired/) { - # XXX - } elsif (/Client not found in database:/) { - # XXX - } elsif (/Server not found in database \(krb4\)/) { - } elsif (/Server not found in database:/) { - # XXX - } elsif (/newsyslog.*logfile turned over/) { - # Nothing - } elsif (/Requested flags:/) { - # Nothing - } elsif (/shutting down/) { - # Nothing - } elsif (/listening on IP/) { - # Nothing - } elsif (/commencing operation/) { - $restarts++; - } - # - # Log it if we didn't parse the line - # - else { - print "Unknown log file line: $_"; - } -} - -sub topten { - my ($list) = @_; - my @keys; - - my $key; - - @keys = (sort {$$list{$b} <=> $$list{$a}} (keys %{$list})); - splice @keys, 10; - - foreach $key (@keys) { - print "\t\t$key - $$list{$key}\n"; - } -} - -sub islocaladdr (\$) { - my ($addr) = @_; - my $net; - - foreach $net (@local_networks_re) { - return 1 if ($addr =~ /$net/); - } - return 0; -} - -sub islocalrealm (\$) { - my ($princ) = @_; - my $realm; - - foreach $realm (@local_realms) { - return 1 if ($princ eq $realm); - return 1 if ($princ =~ /[^@]+\@${realm}/); - } - return 0; -} diff --git a/crypto/heimdal/tools/krb5-config.1 b/crypto/heimdal/tools/krb5-config.1 deleted file mode 100644 index 4ed1cd8c44de..000000000000 --- a/crypto/heimdal/tools/krb5-config.1 +++ /dev/null @@ -1,90 +0,0 @@ -.\" Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: krb5-config.1 11648 2003-02-16 21:10:32Z lha $ -.\" -.Dd November 30, 2000 -.Dt KRB5-CONFIG 1 -.Os HEIMDAL -.Sh NAME -.Nm krb5-config -.Nd "give information on how to link code against Heimdal libraries" -.Sh SYNOPSIS -.Nm -.Op Fl -prefix Ns Op = Ns Ar dir -.Op Fl -exec-prefix Ns Op = Ns Ar dir -.Op Fl -libs -.Op Fl -cflags -.Op Ar libraries -.Sh DESCRIPTION -.Nm -tells the application programmer what special flags to use to compile -and link programs against the libraries installed by Heimdal. -.Pp -Options supported: -.Bl -tag -width Ds -.It Fl -prefix Ns Op = Ns Ar dir -Print the prefix if no -.Ar dir -is specified, otherwise set prefix to -.Ar dir . -.It Fl -exec-prefix Ns Op = Ns Ar dir -Print the exec-prefix if no -.Ar dir -is specified, otherwise set exec-prefix to -.Ar dir . -.It Fl -libs -Output the set of libraries that should be linked against. -.It Fl -cflags -Output the set of flags to give to the C compiler when using the -Heimdal libraries. -.El -.Pp -By default -.Nm -will output the set of flags and libraries to be used by a normal -program using the krb5 API. The user can also supply a library to be -used, the supported ones are: -.Bl -tag -width Ds -.It krb5 -(the default) -.It gssapi -use the krb5 gssapi mechanism -.It kadm-client -use the client-side kadmin libraries -.It kadm-server -use the server-side kadmin libraries -.El -.Sh SEE ALSO -.Xr cc 1 -.Sh HISTORY -.Nm -appeared in Heimdal 0.3d. diff --git a/crypto/heimdal/tools/krb5-config.in b/crypto/heimdal/tools/krb5-config.in deleted file mode 100755 index 35da594ce7fa..000000000000 --- a/crypto/heimdal/tools/krb5-config.in +++ /dev/null @@ -1,118 +0,0 @@ -#!/bin/sh -# $Id: krb5-config.in 20528 2007-04-22 13:22:16Z lha $ - -do_libs=no -do_cflags=no -do_usage=no -print_prefix=no -print_exec_prefix=no -library=krb5 - -if test $# -eq 0; then - do_usage=yes - usage_exit=1 -fi - -for i in $*; do - case $i in - --help) - do_usage=yes - usage_exit=0 - ;; - --version) - echo "@PACKAGE@ @VERSION@" - echo '$Id: krb5-config.in 20528 2007-04-22 13:22:16Z lha $' - exit 0 - ;; - --prefix=*) - prefix=`echo $i | sed 's/^--prefix=//'` - ;; - --prefix) - print_prefix=yes - ;; - --exec-prefix=*) - exec_prefix=`echo $i | sed 's/^--exec-prefix=//'` - ;; - --exec-prefix) - print_exec_prefix=yes - ;; - --libs) - do_libs=yes - ;; - --cflags) - do_cflags=yes - ;; - krb5) - library=krb5 - ;; - gssapi) - library=gssapi - ;; - kadm-client) - library=kadm-client - ;; - kadm-server) - library=kadm-server - ;; - kafs) - library=kafs - ;; - *) - echo "unknown option: $i" - exit 1 - ;; - esac -done - -if test "$do_usage" = "yes"; then - echo "usage: $0 [options] [libraries]" - echo "options: [--prefix[=dir]] [--exec-prefix[=dir]] [--libs] [--cflags]" - echo "libraries: krb5 gssapi kadm-client kadm-server kafs" - exit $usage_exit -fi - -if test "$prefix" = ""; then - prefix=@prefix@ -fi -if test "$exec_prefix" = ""; then - exec_prefix=@exec_prefix@ -fi - -libdir=@libdir@ -includedir=@includedir@ - -if test "$print_prefix" = "yes"; then - echo $prefix -fi - -if test "$print_exec_prefix" = "yes"; then - echo $exec_prefix -fi - -if test "$do_libs" = "yes"; then - lib_flags="-L${libdir}" - case $library in - gssapi) - lib_flags="$lib_flags -lgssapi -lheimntlm" - ;; - kadm-client) - lib_flags="$lib_flags -lkadm5clnt" - ;; - kadm-server) - lib_flags="$lib_flags -lkadm5srv @LIB_dbopen@" - ;; - kafs) - lib_flags="$lib_flags -lkafs" - ;; - esac - lib_flags="$lib_flags -lkrb5 @LIB_pkinit@ -lcom_err" - lib_flags="$lib_flags @LIB_hcrypto_appl@ -lasn1 -lroken" - lib_flags="$lib_flags @LIB_crypt@ @LIB_dlopen@" - lib_flags="$lib_flags @LIB_door_create@ @LIBS@" - echo $lib_flags -fi -if test "$do_cflags" = "yes"; then - echo "-I${includedir} @INCLUDE_hcrypto@" -fi - -exit 0 -- cgit v1.2.3